-
Notifications
You must be signed in to change notification settings - Fork 149
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 34085b4
Showing
25 changed files
with
2,510 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| .vs/ | ||
| bin/ | ||
| obj/ | ||
| asset/pki-architecture.xml | ||
|
|
139 changes: 139 additions & 0 deletions
139
CustomKernelSignersPersistent/CustomKernelSignersPersistent.vcxproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,139 @@ | ||
| <?xml version="1.0" encoding="utf-8"?> | ||
| <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
| <ItemGroup Label="ProjectConfigurations"> | ||
| <ProjectConfiguration Include="Debug|Win32"> | ||
| <Configuration>Debug</Configuration> | ||
| <Platform>Win32</Platform> | ||
| </ProjectConfiguration> | ||
| <ProjectConfiguration Include="Release|Win32"> | ||
| <Configuration>Release</Configuration> | ||
| <Platform>Win32</Platform> | ||
| </ProjectConfiguration> | ||
| <ProjectConfiguration Include="Debug|x64"> | ||
| <Configuration>Debug</Configuration> | ||
| <Platform>x64</Platform> | ||
| </ProjectConfiguration> | ||
| <ProjectConfiguration Include="Release|x64"> | ||
| <Configuration>Release</Configuration> | ||
| <Platform>x64</Platform> | ||
| </ProjectConfiguration> | ||
| </ItemGroup> | ||
| <PropertyGroup Label="Globals"> | ||
| <ProjectGuid>{912F26A3-E2FA-4503-AF55-1980A05845E1}</ProjectGuid> | ||
| <TemplateGuid>{dd38f7fc-d7bd-488b-9242-7d8754cde80d}</TemplateGuid> | ||
| <TargetFrameworkVersion>v4.5</TargetFrameworkVersion> | ||
| <MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion> | ||
| <Configuration>Debug</Configuration> | ||
| <Platform Condition="'$(Platform)' == ''">Win32</Platform> | ||
| <RootNamespace>CustomKernelSignersPersistent</RootNamespace> | ||
| <WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion> | ||
| </PropertyGroup> | ||
| <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> | ||
| <TargetVersion>Windows10</TargetVersion> | ||
| <UseDebugLibraries>true</UseDebugLibraries> | ||
| <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> | ||
| <ConfigurationType>Driver</ConfigurationType> | ||
| <DriverType>WDM</DriverType> | ||
| <DriverTargetPlatform>Desktop</DriverTargetPlatform> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> | ||
| <TargetVersion>Windows10</TargetVersion> | ||
| <UseDebugLibraries>false</UseDebugLibraries> | ||
| <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> | ||
| <ConfigurationType>Driver</ConfigurationType> | ||
| <DriverType>WDM</DriverType> | ||
| <DriverTargetPlatform>Desktop</DriverTargetPlatform> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> | ||
| <TargetVersion>Windows10</TargetVersion> | ||
| <UseDebugLibraries>true</UseDebugLibraries> | ||
| <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> | ||
| <ConfigurationType>Driver</ConfigurationType> | ||
| <DriverType>WDM</DriverType> | ||
| <DriverTargetPlatform>Desktop</DriverTargetPlatform> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> | ||
| <TargetVersion>Windows10</TargetVersion> | ||
| <UseDebugLibraries>false</UseDebugLibraries> | ||
| <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> | ||
| <ConfigurationType>Driver</ConfigurationType> | ||
| <DriverType>WDM</DriverType> | ||
| <DriverTargetPlatform>Desktop</DriverTargetPlatform> | ||
| </PropertyGroup> | ||
| <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> | ||
| <ImportGroup Label="ExtensionSettings"> | ||
| </ImportGroup> | ||
| <ImportGroup Label="PropertySheets"> | ||
| <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> | ||
| </ImportGroup> | ||
| <PropertyGroup Label="UserMacros" /> | ||
| <PropertyGroup /> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> | ||
| <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor> | ||
| <TargetName>ckspdrv</TargetName> | ||
| <OutDir>$(SolutionDir)bin\$(Platform)-$(ConfigurationName)\</OutDir> | ||
| <IntDir>$(SolutionDir)obj\$(Platform)-$(ConfigurationName)\$(ProjectName)\</IntDir> | ||
| <TimeStampServer /> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> | ||
| <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor> | ||
| <TargetName>ckspdrv</TargetName> | ||
| <OutDir>$(SolutionDir)bin\$(Platform)-$(ConfigurationName)\</OutDir> | ||
| <IntDir>$(SolutionDir)obj\$(Platform)-$(ConfigurationName)\$(ProjectName)\</IntDir> | ||
| <TimeStampServer /> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> | ||
| <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor> | ||
| <TimeStampServer /> | ||
| <TargetName>ckspdrv</TargetName> | ||
| <OutDir>$(SolutionDir)bin\$(Platform)-$(ConfigurationName)\</OutDir> | ||
| <IntDir>$(SolutionDir)obj\$(Platform)-$(ConfigurationName)\$(ProjectName)\</IntDir> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> | ||
| <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor> | ||
| <TimeStampServer /> | ||
| <TargetName>ckspdrv</TargetName> | ||
| <OutDir>$(SolutionDir)bin\$(Platform)-$(ConfigurationName)\</OutDir> | ||
| <IntDir>$(SolutionDir)obj\$(Platform)-$(ConfigurationName)\$(ProjectName)\</IntDir> | ||
| </PropertyGroup> | ||
| <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> | ||
| <DriverSign> | ||
| <FileDigestAlgorithm> | ||
| </FileDigestAlgorithm> | ||
| </DriverSign> | ||
| </ItemDefinitionGroup> | ||
| <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> | ||
| <DriverSign> | ||
| <FileDigestAlgorithm> | ||
| </FileDigestAlgorithm> | ||
| </DriverSign> | ||
| </ItemDefinitionGroup> | ||
| <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> | ||
| <DriverSign> | ||
| <FileDigestAlgorithm> | ||
| </FileDigestAlgorithm> | ||
| </DriverSign> | ||
| </ItemDefinitionGroup> | ||
| <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> | ||
| <DriverSign> | ||
| <FileDigestAlgorithm> | ||
| </FileDigestAlgorithm> | ||
| </DriverSign> | ||
| </ItemDefinitionGroup> | ||
| <ItemGroup> | ||
| <FilesToPackage Include="$(TargetPath)" /> | ||
| </ItemGroup> | ||
| <ItemGroup> | ||
| <ClInclude Include="cksp_defs.h" /> | ||
| </ItemGroup> | ||
| <ItemGroup> | ||
| <ClCompile Include="cksp_entry.c" /> | ||
| <ClCompile Include="cksp_irp_null.c" /> | ||
| <ClCompile Include="cksp_main.c" /> | ||
| <ClCompile Include="cksp_unload.c" /> | ||
| </ItemGroup> | ||
| <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> | ||
| <ImportGroup Label="ExtensionTargets"> | ||
| </ImportGroup> | ||
| </Project> |
40 changes: 40 additions & 0 deletions
40
CustomKernelSignersPersistent/CustomKernelSignersPersistent.vcxproj.filters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| <?xml version="1.0" encoding="utf-8"?> | ||
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
| <ItemGroup> | ||
| <Filter Include="Source Files"> | ||
| <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier> | ||
| <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions> | ||
| </Filter> | ||
| <Filter Include="Header Files"> | ||
| <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier> | ||
| <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions> | ||
| </Filter> | ||
| <Filter Include="Resource Files"> | ||
| <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier> | ||
| <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions> | ||
| </Filter> | ||
| <Filter Include="Driver Files"> | ||
| <UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier> | ||
| <Extensions>inf;inv;inx;mof;mc;</Extensions> | ||
| </Filter> | ||
| </ItemGroup> | ||
| <ItemGroup> | ||
| <ClInclude Include="cksp_defs.h"> | ||
| <Filter>Header Files</Filter> | ||
| </ClInclude> | ||
| </ItemGroup> | ||
| <ItemGroup> | ||
| <ClCompile Include="cksp_entry.c"> | ||
| <Filter>Source Files</Filter> | ||
| </ClCompile> | ||
| <ClCompile Include="cksp_irp_null.c"> | ||
| <Filter>Source Files</Filter> | ||
| </ClCompile> | ||
| <ClCompile Include="cksp_unload.c"> | ||
| <Filter>Source Files</Filter> | ||
| </ClCompile> | ||
| <ClCompile Include="cksp_main.c"> | ||
| <Filter>Source Files</Filter> | ||
| </ClCompile> | ||
| </ItemGroup> | ||
| </Project> |
34 changes: 34 additions & 0 deletions
34
CustomKernelSignersPersistent/CustomKernelSignersPersistent.vcxproj.user
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| <?xml version="1.0" encoding="utf-8"?> | ||
| <Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
| <PropertyGroup> | ||
| <ShowAllFiles>true</ShowAllFiles> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> | ||
| <SignMode>Off</SignMode> | ||
| <CrossCertificateFile> | ||
| </CrossCertificateFile> | ||
| <ProductionCertificate> | ||
| </ProductionCertificate> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> | ||
| <SignMode>Off</SignMode> | ||
| <CrossCertificateFile> | ||
| </CrossCertificateFile> | ||
| <ProductionCertificate> | ||
| </ProductionCertificate> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> | ||
| <SignMode>Off</SignMode> | ||
| <CrossCertificateFile> | ||
| </CrossCertificateFile> | ||
| <ProductionCertificate> | ||
| </ProductionCertificate> | ||
| </PropertyGroup> | ||
| <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> | ||
| <SignMode>Off</SignMode> | ||
| <CrossCertificateFile> | ||
| </CrossCertificateFile> | ||
| <ProductionCertificate> | ||
| </ProductionCertificate> | ||
| </PropertyGroup> | ||
| </Project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| #pragma once | ||
| #include <ntifs.h> | ||
|
|
||
| NTSTATUS NTAPI ZwQueryLicenseValue( | ||
| _In_ PUNICODE_STRING ValueName, | ||
| _Out_opt_ PULONG Type, | ||
| _Out_writes_bytes_to_opt_(DataSize, *ResultDataSize) PVOID Data, | ||
| _In_ ULONG DataSize, | ||
| _Out_ PULONG ResultDataSize | ||
| ); | ||
|
|
||
| NTSTATUS NTAPI ExUpdateLicenseData( | ||
| _In_ ULONG cbBytes, | ||
| _In_reads_bytes_(cbBytes) PVOID lpBytes | ||
| ); | ||
|
|
||
| typedef enum _CKSP_WORKER_ACTION { | ||
| CkspWorkerActionNone = 0, | ||
| CkspWorkerActionStop = 1 | ||
| } CKSP_WORKER_ACTION; | ||
|
|
||
| typedef struct _CKSP_WORKER_CONTEXT { | ||
| UNICODE_STRING LaunchDriverServiceName; | ||
| HANDLE ProductOptionsKeyChangeEventHandle; | ||
| PKEVENT ProductOptionsKeyChangeEventObject; | ||
| HANDLE ProductOptionsKey; | ||
| PKEY_VALUE_PARTIAL_INFORMATION ProductPolicyValueInfo; | ||
| ULONG ProductPolicyValueInfoSize; | ||
| CKSP_WORKER_ACTION Action; | ||
| } CKSP_WORKER_CONTEXT, *PCKSP_WORKER_CONTEXT; | ||
|
|
||
| extern PCKSP_WORKER_CONTEXT g_CkspWorkerContext; | ||
| extern HANDLE g_CkspWorkerThreadHandle; | ||
| extern PVOID g_CkspWorkerThreadObject; | ||
|
|
||
| NTSTATUS NTAPI DriverEntry( | ||
| _In_ PDRIVER_OBJECT DriverObject, | ||
| _In_ PUNICODE_STRING RegistryPath | ||
| ); | ||
|
|
||
| VOID NTAPI DriverUnload( | ||
| _In_ PDRIVER_OBJECT DriverObject | ||
| ); | ||
|
|
||
| NTSTATUS NTAPI IrpNullHandler( | ||
| _In_ PDEVICE_OBJECT DeviceObject, | ||
| _In_ PIRP Irp | ||
| ); | ||
|
|
||
| // | ||
| // CKSP routines | ||
| // | ||
|
|
||
| NTSTATUS CkspInitContext( | ||
| _In_ PCKSP_WORKER_CONTEXT Context, | ||
| _In_ PDRIVER_OBJECT DriverObject, | ||
| _In_ PUNICODE_STRING RegistryPath | ||
| ); | ||
|
|
||
| VOID CkspClearContext( | ||
| _In_ PCKSP_WORKER_CONTEXT Context | ||
| ); | ||
|
|
||
| VOID NTAPI CkspWorker( | ||
| _In_ PVOID StartContext | ||
| ); | ||
|
|
||
| VOID CkspDeferUnloadAsPossible( | ||
| _In_ PCKSP_WORKER_CONTEXT Context | ||
| ); | ||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| #include "cksp_defs.h" | ||
|
|
||
| PCKSP_WORKER_CONTEXT g_CkspWorkerContext; | ||
| HANDLE g_CkspWorkerThreadHandle; | ||
| PVOID g_CkspWorkerThreadObject; | ||
|
|
||
| NTSTATUS NTAPI DriverEntry(_In_ PDRIVER_OBJECT DriverObject, _In_ PUNICODE_STRING RegistryPath) { | ||
| NTSTATUS Status; | ||
| OBJECT_ATTRIBUTES ThreadAttribute; | ||
|
|
||
| // | ||
| // We don't handle any IRQs | ||
| // | ||
| for (int i = 0; i < IRP_MJ_MAXIMUM_FUNCTION; ++i) | ||
| DriverObject->MajorFunction[i] = IrpNullHandler; | ||
|
|
||
| DriverObject->DriverUnload = DriverUnload; | ||
|
|
||
| // | ||
| // Allocate CKSP context | ||
| // | ||
| g_CkspWorkerContext = (PCKSP_WORKER_CONTEXT)ExAllocatePoolWithTag(NonPagedPool, sizeof(CKSP_WORKER_CONTEXT), 'cksp'); | ||
| if (g_CkspWorkerContext == NULL) { | ||
| Status = STATUS_NO_MEMORY; | ||
| goto ON_DriverEntry_ERROR; | ||
| } | ||
|
|
||
| // | ||
| // Initialize CKSP context | ||
| // | ||
| Status = CkspInitContext(g_CkspWorkerContext, DriverObject, RegistryPath); | ||
| if (!NT_SUCCESS(Status)) | ||
| goto ON_DriverEntry_ERROR; | ||
|
|
||
| // | ||
| // Launch CkspWorker thread | ||
| // | ||
| InitializeObjectAttributes(&ThreadAttribute, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); | ||
| Status = PsCreateSystemThread(&g_CkspWorkerThreadHandle, | ||
| THREAD_ALL_ACCESS, | ||
| &ThreadAttribute, | ||
| NULL, | ||
| NULL, | ||
| CkspWorker, | ||
| g_CkspWorkerContext); | ||
| if (!NT_SUCCESS(Status)) { | ||
| goto ON_DriverEntry_ERROR; | ||
| } else { | ||
| // | ||
| // never fail here | ||
| // | ||
| ObReferenceObjectByHandle(g_CkspWorkerThreadHandle, | ||
| THREAD_ALL_ACCESS, | ||
| *PsThreadType, | ||
| KernelMode, | ||
| &g_CkspWorkerThreadObject, | ||
| NULL); | ||
| } | ||
|
|
||
| return Status; | ||
|
|
||
| ON_DriverEntry_ERROR: | ||
| if (g_CkspWorkerContext) { | ||
| CkspClearContext(g_CkspWorkerContext); | ||
| ExFreePoolWithTag(g_CkspWorkerContext, 'cksp'); | ||
| g_CkspWorkerContext = NULL; | ||
| } | ||
| return Status; | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| #include "cksp_defs.h" | ||
|
|
||
| NTSTATUS NTAPI IrpNullHandler(_In_ PDEVICE_OBJECT DeviceObject, _In_ PIRP Irp) { | ||
| UNREFERENCED_PARAMETER(DeviceObject); | ||
|
|
||
| Irp->IoStatus.Information = 0; | ||
| Irp->IoStatus.Status = STATUS_NOT_SUPPORTED; | ||
|
|
||
| IoCompleteRequest(Irp, IO_NO_INCREMENT); | ||
| return STATUS_NOT_SUPPORTED; | ||
| } | ||
|
|
Oops, something went wrong.