The Windows Driver Kit (WDK) 10

 

 

 

Viewing Driver Output

 

For debugging purposes it is common for drivers to use the DbgPrint() API to emit debug messages. The syntax is given below.

 

ULONG DbgPrint(const char *fmt, ...);

 

DbgPrint() is very similar to the regular printf() routine, the difference being that it can only be called from kernel mode. The debug messages, instead of displaying on the screen, are sent to the kernel debugger (usually WinDbg), assuming that one is attached.

 

 

Unloading a Driver

 

Stopping (and unloading) a driver is as simple as starting it using the net command:

 

net stop hello

 

However the driver we have built at this point will never unload, because we have omitted a tiny detail. The one thing we left out was the DriverUnload() routine, which the service-control-manager calls when a driver is about to unload. This unload routine must be specified during DriverEntry() if our driver is to be unloadable, and a pointer to the routine stored in the DriverObject:

 

#include <ntddk.h>

 

void DriverUnload(PDRIVER_OBJECT pDriverObject)

{

      DbgPrint(Driver unloading...\n);

}

 

NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)

{

    DbgPrint(Hello, World! Driver loaded!\n);

    DriverObject->DriverUnload = DriverUnload;

 

    return STATUS_SUCCESS;

}

 

Modify your basic driver source code by adding the above code.

 

WDK registering and installing Windows device driver: Adding more codes to the device driver source code

 

You will have to rebuild the driver.

 

WDK registering and installing Windows device driver: rebuilding the source code

 

To clean-up all the 'mess' done, reboot your computer. In our case to simplify the steps to view the verbose output of the driver based on using the DbgPrint(), we use DebugView tool. DebugView tool can be downloaded from Microsoft TechNet. Run this tool and enable the Capture settings as shown below.

 

WDK registering and installing Windows device driver: The DebugView tool, setting the Capture options

 

Next, run the osrloader as done previously. Register and start the Hello driver.

 

WDK registering and installing Windows device driver: Re-running the osrloader tool - register and start the Windows device driver/service

 

 

Notice the DebugView messages.

 

WDK registering and installing Windows device driver: DebugView in action

 

Then, you also are able to use net start and net stop as often as you like to start and stop the driver.

 

WDK registering and installing Windows device driver: Using the Windows NET command in controlling the Windows driver/service

 

 

 

< Windows Driver Kit (WDK) 9 | Windows Driver Kit (WDK) Programming | Win32 Programming | Windows Driver Kit (WDK) 11 >