WiX-Setup-Routine: Howto check on uninstall if NDISRD is in use by an app?

Home Forums Discussions Support Portal WiX-Setup-Routine: Howto check on uninstall if NDISRD is in use by an app?

This topic contains 4 replies, has 2 voices, and was last updated by  Vadim Smirnov 1 month, 3 weeks ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #11038

    demoddie
    Participant

    I’ve created separate Wix 3.x setup (SetupWinPkFilter.msi) for install/uninstall NDISRD LWF on Win7 / Win10 with custom actions due to your help’s entry ‘installation of winpkfilter 3.0’. This works fine.
    The NDISRD LWF driver is used by a NAT routing service. Problem is now that an uninstall of SetupWinPkFilter.msi is also succesfully performed without an error when the NAT routing service is still running, i.e. the NDISRD LWF driver is ‘removed under the NAT router’s back’. The NAT router service is non functional. Is there a simple measure to check at SetupWinPkFilter-UNINSTALL action if NDISRD LWF driver is in use by any user application or service? Some experiments with Sysinternals tools HANDLE, PROCEXPLORER or WinObj did not give me useful infos.

    #11039

    Vadim Smirnov
    Moderator

    Hmm, interesting question and I’m afraid I don’t have a quick answer. Inspecting all active processes for the open driver handle does not look a good idea. However, I think such functionality could be added to the driver itself, an example store the driver opened handles counter in the registry.

    Still, I’m not sure that this type of functionality is really needed though, normally you should tie your NAT application with custom driver build. In this situation your NAT application always knows if it uses the driver or not while no other application are aware about the custom driver build therefore can’t use the driver.

    #11041

    demoddie
    Participant

    For the first release I want to avoid the custom driver build due to costs for the code signing certificate. My actual solution: I use a named semaphore in Global-Namespace in CNdisApi class. If the semaphore does not exist it is created in CNdisApi constructor with high initial count, otherwise it is opened. The semaphore counter is decremented whenever the driver has been successfully loaded by CreateFile and is incremented when the driver handle is closed in CNdisApi destructor. So I can check with a custom action in setup before uninstall if the named semaphore does exist or not. So I can inhibt uninstall of ndisrd.sys when in use by my NAT service. The challenge was creating the security attribute of the semaphore for the different users (service account, admin etc.) and use of Global-Namespace.
    For series production it makes sense to use a custom driver build of WinPkFilter driver but I like the possibility to use different setups for the NAT service app and the NDIS filter driver for service purposes.

    #11042

    Vadim Smirnov
    Moderator

    Well, yes, this is an option. However, it won’t protect if any other applications using standard winpkfilter build are running.

    By the way we can sign your custom build with our code-signing certificate. Some of the customers prefer this option not only because of certificate costs but mostly because a relatively complex driver signing process.

    #11044

    Vadim Smirnov
    Moderator

    P.S. I was a little bit confused about your claim regarding code signing certificates costs, but yes, if you tried to order directly from the main page then it is a kind of expensive. However, if you try this link then you might be pleasantly surprised. 🙂

    • This reply was modified 1 month, 3 weeks ago by  Vadim Smirnov.
Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.