Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   The Prepared environment for kernel programming (https://forum.exetools.com/showthread.php?t=18813)

nimaarek 06-17-2018 01:07
The Prepared environment for kernel programming
 
Hello,
Is there a custom Windows operating system for kernel programming?
For example, the WDK package and the Visual Studio version related to it are installed And other settings for kernel programming and debugging It has been done
Like This (Windows 10 Pro [1607] (x86/x64) Reverser Edition ISOs) :
Code:
www.kernelmode.info/forum/viewtopic.php?f=22&t=4922&p=31664

Evilcry 06-18-2018 14:58
Enterprise grade Device Driver development is done with Standard OS images, debugging performed by running the driver in VirtualMachine (Kernel Development is rich of BSODs or worse scenarios with storage drivers that destroy Filesystem) and attaching in remote debug session with Windbg.

To setup the environment, you can use the following link:
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/attaching-to-a-virtual-machine--kernel-mode-

Best Regards,
Evilcry

TechLord 06-19-2018 04:31
Quote:
Originally Posted by nimaarek (Post 113660)
Hello,
Is there a custom Windows operating system for kernel programming?
For example, the WDK package and the Visual Studio version related to it are installed And other settings for kernel programming and debugging It has been done
Like This (Windows 10 Pro [1607] (x86/x64) Reverser Edition ISOs) :
Code:
www.kernelmode.info/forum/viewtopic.php?f=22&t=xxxx&p=xxxxx
Seriously, man ? You are actually linking to content in the RECYCLE BIN/TRASH of another forum ? :D :D :D

Isn't it going a bit too far ? I've got my content deleted there, and now you link it in the Recycle Bin ... :eek:

RiRye 06-28-2018 04:33
Perhaps maybe a trimmed version of a checked windows build?

hxxps://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/checked-build-of-windows

TechLord 06-28-2018 06:01
Quote:
Originally Posted by Evilcry (Post 113682)
Enterprise grade Device Driver development is done with Standard OS images, debugging performed by running the driver in VirtualMachine ...
I would beg to differ with EvilCry on this. The development and testing is BEST done on specialized build systems that have the LEAST bit of interferring services and software running on them.

For the development of complex (especially kernel-level) drivers, we use specialized trimmed builds of windows that are VERY lean.

The logic being, that when we want to develop drivers and ensure that the driver(s) themselves are running and performing their functions without issues, it is a LOT easier to debug them when very few services are running in parallel on that system.

Otherwise it becomes very tedious to debug at every stage and see as to whether the driver itself is faulty or whether compatibility with the running services is the issue.

Also, the debugging itself is VERY fast with a system running a minimal set of services on it.It of course goes without saying that for kernel level debugging we require two machines (virtual or real).

It is only when we have determined that the driver itself is functioning as expected, that we switch to debugging and testing on "real" systems that mimic the Retail Builds as closely as possible.

Regards

chants 06-28-2018 13:31
I am sure if you have good connections with MSFT, you can get something like the Shared Source Initiative
Quote:
https://www.microsoft.com/en-us/sharedsource/
which would allow such customizations to be made in detail for driver debugging.

Otherwise Microsoft seems to encourage using the Checked Windows builds as per RiRye above.

The question is in practice, what are the major companies out there doing?


All times are GMT +8. The time now is 13:46.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX