Did you specify /integritycheck in your linker options?
-scott
--
Scott Noone
Consulting Associate
OSR Open Systems Resources, Inc.
http://www.osronline.com
"Emmanuel Thioux" <> wrote in message
news:5e11da93-aa60-4095-8ab1-...
> Hi,
>
> I wanted to investigate that particular API because I'm in the process
> of re-designing some driver that we use internally. Our driver uses a
> lot of SSDT hooking and other things like that so, I want to make this
> go away and use proper Windows Kernel methods.
>
> Anyway, I wrote a little bit of code to register some callbacks via
> the ObRegisterCallbacks(...) API and it invariably returned a
> 0xC0000022 (ACCESS_DENIED), which according to the MSDN documentation
> means that the call was not made from a signed kernel module.
>
> Fair enough I suppose so I ended up creating a certificate with store
> and .cat file (created with inf2cat). I signed the .cat file as well
> as the .sys file and I installed the certificate in the root as well
> as the trusted providers branch.
> Installed the driver via the .INF that I have (it's a mini filter so
> no need for Devcon). Tested on Windows 7 32bit and I still got the
> same error code. So, I recompiled my stuff for 64bit, resigned the
> stuff and installed on a 64bit Windows 7. The install went fine (I
> have the driver signing verification turned on) so I know that the
> driver is recognized as being signed.
>
> Tested that as well and the API still returned the same error. I'm
> running out of ideas here. Did anyone ever tried that particular API
> and if yes, was it successful or did it fail for the same reason?
>
> TIA.
Linear Mode
