Re: Help - Is it okay to put .obj files in Sources file?
- From: "Alexander Grigoriev" <alegr@xxxxxxxxxxxxx>
- Date: Mon, 1 Jan 2007 10:49:18 -0800
All those kernel-mode malware monitors, are like trying to monitor a tire
against puncture, while a car owner is tossing nails in front of the car.
The recipy is simple: don't let folks work as administrators. The MOST
useful security utility would be the one that tells the user: "You're
working as an administrator, please change your account to "Limited User".
"hypervista@xxxxxxxxxxxxxxxxx"
<hypervistanewsgroupsnospam@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE2D33FA-9938-4F47-ABF9-2ED3E75612B0@xxxxxxxxxxxxxxxx
Thanks Pavel. I assure you I'm not writing malware. In fact, I'm
building a
hypervisor based anti-malware, ant-reverse engineering utility.
(www.hypervista-tech.com).
Regards,
Hypervista
"Pavel A." wrote:
These are ml.exe for x86, ml64 for amd64 and the 3rd is for Itanium.
What you're doing seems suspicious (virtual mode based malware?), I'm not
sure why to help you.
Regards,
--PA
"hypervista@xxxxxxxxxxxxxxxxx" wrote:
If you don't know the answer just say so.
I ask because I'm curious and couldn't find reference to any other
assemblers in any of the DDKs I have. I was somewhat surprised by your
mention of three assemblers included and thought you knew which three
without
having to look it up. Thanks anyway. It's not important. MASM is the
syntax I'll use in any case. If Microsoft supports two others, I'd
like to
know which two. That's all. I'll do more research.
"David J. Craig" wrote:
Why bother to ask? If you have the WDK they are easy to find. If
you don't
have the WDK, why ask questions?
"hypervista@xxxxxxxxxxxxxxxxx"
<hypervistanewsgroupsnospam@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:1946EE73-4D53-4C54-9C43-49367694D069@xxxxxxxxxxxxxxxx
Rgr that! Thanks for the sound advice. Guess I should brush up on
MASM
syntax. I'm assuming one of the three assemblers included with the
WDK is
MASM. What are the other two?
Thanks again David
"David J. Craig" wrote:
Give up on non-supported tools. All three assemblers come with
the WDK.
It
should just work if you have to use assembly. The driver tools
are
created
to do two primary things: 1) Allow us to create drivers that will
work
because the compiler group repeatedly released updates or major
releases
that would not allow drivers to be built. With the bad press
Microsoft
had
been receiving on the unstability of Windows, the driver group
finally
got
enough influence to get a version of the compiler they could
release with
the DDK/WDK that they knew would work. This is the second most
inportant
reason. 2) Provide an environment where the core OS team, driver
teams,
and other OS groups could compile code that could be built in a
common
place
with a known configuration. I presume they had some of this by
keeping
the
compiler groups away from that environment's configuration before
but it
became easier since it could easily be distributed to all
developers as
well
as the build 'farm'.
"hypervista@xxxxxxxxxxxxxxxxx"
<hypervistanewsgroupsnospam@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:84D36F07-F84A-416F-A995-270B22AC8F1A@xxxxxxxxxxxxxxxx
Thanks for the input David. I'm interested in pursuing your
suggestion
to
just include the asm files. To do so, what consideration do I
need to
make
in the build process to make certain the .asm files get compiled
properly?
I
use fasm (www.flatassembler.net) as my assembler. Do I have to
use/modify
any of the build macros, change the sources file, etc.? Thanks
for the
assistance.
"David J. Craig" wrote:
You can link with a library. Why not just include the asm
files? Why
try
to do it the hard way with unsupported tools?
"hypervista@xxxxxxxxxxxxxxxxx"
<hypervistanewsgroupsnospam@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:F3B153F9-AC3D-424E-B681-4FA04B08EF69@xxxxxxxxxxxxxxxx
I've written several asm routines I'd like to use in my
device
driver.
On
the advice/guidance of Don Burn, I'm creating primatives of
just the
asm
code
I need and wraping them in c code in my driver as opposed
doing
inline
assembly.
One of my favorite assemblers (fasm) can produce MS COFF
(.obj)
files.
I've
searched extensively on the DDK build tool sources file and
can't
find
a
reference to which types of files are supported in the
sources file.
I've
seen .c files (of course) and .asm, and .s files listed, but
no
mention
of
.obj files being permitted.
Can I include .obj files in the DDK build sources file?
Thank you in advance for the assistance.
.
- Prev by Date: Re: overlapped IO problem
- Next by Date: Re: Generate NT Events
- Previous by thread: Re: overlapped IO problem
- Next by thread: Re: Generate NT Events
- Index(es):
Relevant Pages
|
