Re: Unexpected Error With CE.BIB file
- From: "Dean Ramsier" <ramsiernospam@xxxxxxxxxx>
- Date: Wed, 5 Dec 2007 11:48:26 -0500
Anyone can easily create a bad driver and load it into kernel space and
trash your system. The only way to prevent this is to lock the system down
so only code that is signed can run. Note that in this case I'm not talking
about the K flag, that only applies to developers building images. Anyone
with that kind of access can do anything they want. But there are other
ways to get code to run in kernel mode, and you can only stop that by
preventing untrusted code from running at all.
User/Kernel protection still works the way it always has. Anything running
in user mode can't access kernel mode space, nor other user mode space.
Anything running in kernel mode can access both user and kernel space. This
has nothing to do with blocking untrusted code from running on your device,
that is a separate topic that is handled separately and is optional.
--
Dean Ramsier - eMVP
BSQUARE Corporation
"Ram" <Ram@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EF7B6CF2-E285-4877-80ED-D032CE0DA4B8@xxxxxxxxxxxxxxxx
Hi,
I understood the concept. Many thanks for the reply. Here I had one doubt.
If an user is able to created an dll which can be loaded kernel mode (with
setting the K flag), then it will be able to access all the kernel space
dlls...right? So the mischevous users can corrupt the kernel by writing
stupid programs. Am i right? Can you please clarify my doubt?
My conclusion about kernel space and user space is:
Any user mode dll/application can be loaded/executed in kernel space with
setting the k flag. Am I right? Please correct me if I go wrong. So it
will
be able to correct the kernel functionality. If not please explain me how
the
security is achieved in WINCE by introducing the concept USER MODE and
KERNEL
MODE.
Regards,
Ram
Regards,
Ram
"Dean Ramsier" wrote:
Correct. User mode applications can't run in kernel mode, *and* they
can't
load dlls that are running in kernel mode.
In your case, you're trying to load hidparse.dll into your user mode
application, but hidparse is included in the image with the K flag set.
That causes it to have been fixed up with kernel mode addresses, and no
user
application can load it.
Your options are to
1) Move the component that loads hidparse into kernel space, and present
a
driver interface that your app can access
2) Change the settings for hidparse to load into both user and kernel
mode
by using the Q flag instead of the K flag in the bib file. This will
solve
the kernel space problem, but could cause problems if hidparse can't run
two
copies simultaneously.
I'd say the first is your best choice, you'll be using hidparse the way
it
was intended.
--
Dean Ramsier - eMVP
BSQUARE Corporation
"Ram" <Ram@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:887C159E-8858-4C30-8F60-05E446200AB6@xxxxxxxxxxxxxxxx
Hi Bruce,
Million Thanks for the fast reply.
So you mean to say that user mode applications cannot run in kernel
mode?
Is
it so? Can you please explain it in detail if you have time?
Regards,
Ram
"Bruce Eitman [eMVP]" wrote:
According to that output, it looks like you set the k flag on
something
that
you are using from a user mode application. That won't work.
--
Bruce Eitman (eMVP)
Senior Engineer
beitman AT applieddata DOT net
Applied Data Systems
www.applieddata.net
An ISO 9001:2000 Registered Company
Microsoft WEP Gold-level Member
"Ram" <Ram@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C2461AB6-7093-4C83-A581-CB5CF48EDCCB@xxxxxxxxxxxxxxxx
We made sample subproject using WINCE600 to directly call the
HIDPARSER
library functions for our test. But we got the below decribed error
when
we
called the HIDPARSER function. Please help.
Detailed Description of the problem we are facing:
We created a sample project using WINCE Platform Builder. We
included
the
keyboard tux to that subproject. Briefly, we created a sample
subproject
which will act as keyboard tux. We updated that tux adding a simple
test
procedure function. We called an HIDPARSER function say,
HidP_GetCaps
()
from
that test procedure function. We were able to build that project
successfully, without any compilation errors. However when we tried
to
run
this sample project (using the command line parameter s tux -o -d
subprojectname.dll) we faced the below shown linking error.
4294956334 PID:3fb0006 TID:3ec0012 DoImport Failed! Unable to import
from
Library 'HIDPARSE.dll'
4294956451 PID:400002 TID:3ec0012 RELFSD: Aborting CreateFile of
HIDPARSE.dll since module was found in rom
PB Debugger Unloaded symbols for
'D:\WINCE600\OSDESIGNS\CEPC_MOUSE_TUX\CEPC_MOUSE_TUX\RELDIR\CEPC_X86_DEBUG\MOUSE_TUX.DLL'
4294956451 PID:400002 TID:3ec0012 !!!ERROR! Trying to load DLL
'HIDPARSE.dll' fixed-up to kernel address into user app.
4294956451 PID:400002 TID:3ec0012 !!!ERROR! CANNOT SPECIFY 'K' FLAG
BIB
FILE.
Below is sample code we used to call the HIDPARSER function.
void HIDP_FunctionTests(void)
{
PHIDP_PREPARSED_DATA Temp1;
PHIDP_CAPS Temp2;
HidP_GetCaps (Temp1,Temp2); // This is the HIDPARSER
function
which is called from the subproject.
}
Please help us on this scenario.
We know that the bib file has to be updated with some K flags etc
but
that
is also of no use.
.
- Follow-Ups:
- Re: Unexpected Error With CE.BIB file
- From: Ram
- Re: Unexpected Error With CE.BIB file
- From: Ram
- Re: Unexpected Error With CE.BIB file
- References:
- Unexpected Error With CE.BIB file
- From: Ram
- Re: Unexpected Error With CE.BIB file
- From: Bruce Eitman [eMVP]
- Re: Unexpected Error With CE.BIB file
- From: Ram
- Re: Unexpected Error With CE.BIB file
- From: Dean Ramsier
- Re: Unexpected Error With CE.BIB file
- From: Ram
- Unexpected Error With CE.BIB file
- Prev by Date: Re: About WinCE startup question
- Next by Date: Re: NK.BIN size and Ram Usage.
- Previous by thread: Re: Unexpected Error With CE.BIB file
- Next by thread: Re: Unexpected Error With CE.BIB file
- Index(es):
Relevant Pages
|
