Re: Trusted environment in CE 6.0
- From: "MV" <m.varela@xxxxxxxxxxxx>
- Date: 19 Dec 2006 08:36:49 -0800
Going deeper to the understanding of the certification or trusted
environment in CE 6.0, I'm not able to understand how the Certificate
Module (certmod) relates to the OEMCertifyModule functions. What it
looks is that the certmod module fully replaces (and enhances) the
OEMCertifyModule functionality. Would you please confirm?
Next question is to confirm if the "privileged APIs": AllocPhysMem,
CeSetThreadPriority, CheckPassword,..VirtualCopy,..; may only be called
from kernel mode context or it is possible to call from certified
applications.
Cheers,
MV
Ross Jordan [MSFT] ha escrito:
You are right that the documentation is confusing. I will contact the
documentation team to update it. Thanks for reporting this to us.
-Ross
"MV" <m.varela@xxxxxxxxxxxx> wrote in message
news:1166081909.467645.254770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi Ross,
The list of privileged API's is described in the CE 6.0 help in the
following link:
http://msdn2.microsoft.com/en-us/library/aa919335.aspx
As this list is the same as the trusted API's in CE 5.0 and it is also
documented under the Trusted Environment Creation chapter, it becomes
quite misleading. Besides, the documentation uses the term "Privileged
applications" that adds more confusion to this.
Thanks,
MV
Ross Jordan [MSFT] ha escrito:
In CE 6.0, there is no real concept of privileged or unprivileged
apps/threads. There is however the concept of usermode and kernelmode
which
has some similarities to unprivileged/privileged. Certain APIs
(VirtualCopy,
for example) may only be called from kernelmode context. For some other
apis, there may be differences in behaviour when called from usermode vs.
called from kernelmode.
In CE 6.0, the operating system can be locked down by building the image
with SYSGEN_CERTMOD. This adds infrastructure to the loader to validated
binaries (dlls, exes etc.) at load time as trusted or not trusted based
on a
certain evidence (i.e. if the binary is in ROM or digitally signed).
Trusted
binaries can be loaded otherwise load fails. Once a module is running,
there
are few restrictions on what it can do.
If the OS is built without the certmod infrastructure, the any binaries
can
be loaded.
I am not sure exactly what documentation you are referring to, but it is
probably a list of kernelmode-only apis.
Cheers,
Ross
"MV" <m.varela@xxxxxxxxxxxx> wrote in message
news:1166026316.845500.170400@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In CE 6.0 the OEM_CERTIFY_RUN is not longer supported, so the OS either
loads the module or not. However, in the documentation there is still a
list of privileged (formerly called trusted) APIs. In CE 5.0 these APIs
were not accessible to applications with the OEM_CERTIFY_RUN.
Therefore, what is the difference in CE 6.0 between a privileged and a
non-privileged application? (Not privileged applications
(OEM_CERTIFY_FALSE) are not allowed to run so why to worry about
privileged API's?)
Thanks,
MV
.
- Follow-Ups:
- Re: Trusted environment in CE 6.0
- From: Ross Jordan [MSFT]
- Re: Trusted environment in CE 6.0
- From: Steve Maillet \(eMVP\)
- Re: Trusted environment in CE 6.0
- References:
- Trusted environment in CE 6.0
- From: MV
- Re: Trusted environment in CE 6.0
- From: Ross Jordan [MSFT]
- Re: Trusted environment in CE 6.0
- From: MV
- Re: Trusted environment in CE 6.0
- From: Ross Jordan [MSFT]
- Trusted environment in CE 6.0
- Prev by Date: Generation of password hash
- Next by Date: Re: Closing event handle
- Previous by thread: Re: Trusted environment in CE 6.0
- Next by thread: Re: Trusted environment in CE 6.0
- Index(es):
Relevant Pages
|
