Re: whether a driver is running in user- or kernel- mode

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"Ben Voigt [C++ MVP]" <rbv@xxxxxxxxxxxxx> wrote in message news:OWPERn#yIHA.4492@xxxxxxxxxxxxxxxxxxxxxxx
Pavel A. wrote:
The MSDN link http://msdn.microsoft.com/en-us/library/ms801104.aspx
says that a kernel mode DLL is linked with win32k.lib and a usermode
one - with gdi32.lib.

I guess you probably meant kernel32.lib for user-mode applications and libraries. You can definitely have user-mode libraries without GDI.


Correct, but the build instructions at the above link, say that usermode DLLs of this kind should link with gdi32.

--PA



So this should be visible somewhere in dependencies.

Regards,
--PA



"ssylee" <ssylee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:98496B45-ABE6-4A74-94E7-7B22507C712D@xxxxxxxxxxxxxxxx
Pavel,

I've viewed the DLL with Dependency Walker, but I can't find anything
relevant to user-mode or kernel-mode DLLs or libraries that it's
being linked
to. Which other property I should specifiically look for? Thanks.

"Pavel A." wrote:

Just inspect your DLL with a dependency viewer.
If it is linked to the user mode stuff (as described in the msdn
link in your question),
it does run in usermode.

Regards,
--PA


"ssylee" <ssylee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:17CCD79B-E993-4D2D-8BF6-AC26B4FF5F0F@xxxxxxxxxxxxxxxx
Which particular output should I be looking at to tell whether
it's in user-
or kernel-mode? I'm having trouble regarding this area. Would that
be observing the behaviour on DrvQueryInfo callbacks?

"J" wrote:

On Jun 9, 10:36 pm, ssylee <ssy...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
I have taken my efforts to ensure that the driver that I'm
looking at
is
running in user-mode as shown
inhttp://msdn.microsoft.com/en-us/library/ms801104.aspx. However,
I'm
still
puzzled from its behaviour of whether it is indeed running in
user-mode. Is
there any specific way (perhaps with a debugger) to tell whether
it's
running
in user-mode or kernel-mode?


You can use WinDbg in verbose mode.


.

Relevant Pages

  • Re: whether a driver is running in user- or kernel- mode
    ... You can definitely have user-mode libraries without GDI. ... I've viewed the DLL with Dependency Walker, ... relevant to user-mode or kernel-mode DLLs or libraries that it's ... it does run in usermode. ...
    (microsoft.public.development.device.drivers)
  • Unterschied DDL-SYS
    ... Ich habe den Verdacht das es sich vielleicht um Kernel-Mode (SYS) und User-Mode (DLL) handeln koennte, aber das ist nur ein Verdacht. ...
    (microsoft.public.de.german.windowsxp.sonstiges)
  • Hardwaredriver DLL - SYS
    ... Ich habe den Verdacht das es sich vielleicht um Kernel-Mode (SYS) und User-Mode (DLL) handeln koennte, aber das ist nur ein Verdacht. ...
    (microsoft.public.de.german.windowsxp.hardware)
  • Re: arithmetic functions for linux driver
    ... > I am new to linux world and this mailing list. ... The kernel does not save and restore FPU registers across ... probably break some user-mode code that is using the FPU. ... Most Windows drivers are not drivers at all, but Libraries! ...
    (Linux-Kernel)
  • Re: whether a driver is running in user- or kernel- mode
    ... The MSDN link http://msdn.microsoft.com/en-us/library/ms801104.aspx ... says that a kernel mode DLL is linked with win32k.lib and a usermode one - with gdi32.lib. ... relevant to user-mode or kernel-mode DLLs or libraries that it's being linked ...
    (microsoft.public.development.device.drivers)