Re: Is my idea can be implement?
- From: "David Craig" <drivers@xxxxxxxxxx>
- Date: Sun, 3 Aug 2008 20:22:26 -0700
There are several phases in booting from a hard drive:
1. First the BIOS will use INT 13h, usually the 0x4n variants with current BIOS to load the MBR into 0000:7C00h. It is then executed.
2. The MBR code will load the partition boot record (PBR) from the active partition and it will be executed at the same address.
3. The PBR code will load the initial OS code and what this is named varies depending upon the OS being loaded.
4. Windows will load all boot start drivers into memory. Hint: this is IMPORTANT!!!
5. Each boot start driver will have its DriverEntry() invoked. Maybe the add device routine will be invoked followed by a start IRP.
6. After all those boot start drivers are up and running the OS will stop using the INT 13h BIOS software interrupts.
In step 5 you need to query the BIOS code (your extension if you have one or code loaded by the MBR if you use that method). The information passed into your boot start driver will be needed to do the encryption from then on. You might consider looking at Seagate's FDE drives that have encryption in the drive's firmware. That does require the BIOS be written to support those drives since no hard drive is accessable until password credentials, used to obtain access to the encryption key, are provided, validated, and presented to the drive.
When doing this type of code regardless of whether it is on-drive, or a PCI device you will find VMWare useful. Also an ICE will be needed or a lot of patience and knowledge about how storage is used in PCs.
"Robin" <digitalhuman@xxxxxxxxxxx> wrote in message news:O$n2Nid9IHA.5668@xxxxxxxxxxxxxxxxxxxxxxx
Hi all,
I want encrypt whole disk by PCI crypto-card, it's not a partition encryption but WHOLE DISK, so the system partition of OS will be encrypted.
To implement this idea, I will:
(1)Drive my PCI crypto-card before the system booting(so called pre-os driver);
(2)Hook my int13 filter to BIOS, which will do the decryption use my PCI crytpo-card;
(3)Implement a PCI driver for NT, which will drive my PCI crypto-card after the system starting up;
(4)Implement a disk filter driver for NT, whill will implement the read and write of disk sectors in secure mode(encryption and decryption);
My problem is: When the system starting up, the driver of disk and PCI crypto-card will be loaded,
(1) If the PCI crypto-card driver will be loaded first, can INT13 filter call the PCI pre-os 'driver' after it is loaded? If not, the gaps is system can't read encrypted sectors any more!
(2) If the disk filter driver will be loaded first, the INT13 filter will be pasted, any read and write of the disk sectors will be processed by the driver, but at this time, the PCI driver not loaded, can I call the "pre-os driver funtion" to do crypto?
Is there any suggestion ?
Thanks and best regards
Robin 04/08
- Follow-Ups:
- Re: Is my idea can be implement?
- From: Robin
- Re: Is my idea can be implement?
- Prev by Date: Re: Microsoft Patent for usermode driver?
- Next by Date: Re: how to accessed paged memory at DISPATCH_LEVEL
- Previous by thread: Re: Get Device information according to GUID
- Next by thread: Re: Is my idea can be implement?
- Index(es):
Relevant Pages
|
Loading
