- This topic has 4 replies, 2 voices, and was last updated 20 years ago by
.
-
Posts
-
It’s not clear to me how to use this IOCTL from a kernel mode driver. I need be notified when a new packet is on the queue, and this IOCTL seems to solve this problem, but it needs a Win32 event handle. How do I use it in kernel mode? Moreover, I can’t understand this part: “For windows 9x/ME you should translate Ring3 event handle to Ring0 one”. I’m not using win9x/ME, but I can’t understand how to “obtain a ring0 handle”.
Thank you for any help.Please refer CNdisApi::SetPacketEvent regarding translating Win32 event to Ring0 event under Windows 9x/ME.
For Windows NT/2000/XP/2003 you can create Win32 event in kernel with ZwCreateEvent and pass it to driver. In order to wait on this event you should first get event object with ObReferenceObjectByHandle call.
Hope it helps…
@SerpentFly wrote:
In order to wait on this event you should first get event object with ObReferenceObjectByHandle call.
You pointed the hard part. How to wait for an event in a driver model (i.e. with dispatch routines).
How to wait for an event in a driver model (i.e. with dispatch routines).
I’m not sure that I understand your question. In kernel mode you can wait on the event object using KeWaitForSingleObject. It should be called on the passive level IRQL only but you can create the dedicated system thread for this…
- You must be logged in to reply to this topic.