How to run KMDF driver?

Question

I have set up my system for local kernel debugging as I'm only going to write a simple driver with two functions. I have just constructed a simple "hello world" type driver to see if I can get my driver running, currently I have disabled driver signature verification and enabled kernel debugging mode using:

bcdedit /debug on

I have also test signed my driver using the certificate from the windows test store ? or whatever it was called in VS2015 :)

Now, my problem is that I install my driver by right clicking the .inf file after building, but I see no output from either of my debug prints in my driver(code below) so this leads me to believe that my driver is not running at all ? or what ?

I changed the value of Component Filter Mask on the machine the driver has been installed on to debug.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter = 0xFFFFFFFF

So, I'm clueless to as of what is causing my driver not to run/output anything.

Driver code:

#include <ntddk.h>
#include <wdf.h>
DRIVER_INITIALIZE DriverEntry;
EVT_WDF_DRIVER_DEVICE_ADD KmdfHelloWorldEvtDeviceAdd;

void WinPrint(const char *message) {
    KdPrintEx((DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, message));
}

NTSTATUS DriverEntry(_In_ PDRIVER_OBJECT  DriverObject, _In_ PUNICODE_STRING RegistryPath)
{
    NTSTATUS status;
    WDF_DRIVER_CONFIG config;

    WinPrint("KmdfHelloWorld: DriverEntry\n");
    KdPrintEx((DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "DriverEntry called!"));
    KdPrintEx((DPFLTR_IHVDRIVER_ID, 0xFFFFFFFF, "DriverEntry called!"));
    WinPrint("DriverEntry called!");

    WDF_DRIVER_CONFIG_INIT(&config, KmdfHelloWorldEvtDeviceAdd);
    status = WdfDriverCreate(DriverObject, RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, &config, WDF_NO_HANDLE);

    return status;
}

NTSTATUS KmdfHelloWorldEvtDeviceAdd(_In_ WDFDRIVER Driver, _Inout_ PWDFDEVICE_INIT DeviceInit)
{
    NTSTATUS status;
    WDFDEVICE hDevice;
    UNREFERENCED_PARAMETER(Driver);

    WinPrint("KmdfHelloWorld: KmdfHelloWorldEvtDeviceAdd\n");
    WinPrint("Unloading driver!");

    status = WdfDeviceCreate(&DeviceInit, WDF_NO_OBJECT_ATTRIBUTES, &hDevice);
    return status;
}

I tried creating and running a service from the driver, i used the following commands in a elevated command prompt but i am facing some issues and i don't think this is the proper way to run a kernel driver(i do not know how to run one :S).

sc create poschamonitorv2 binPath="C:\x64\debug\poschamonitorv2.sys" DisplayName= "Poscha Monitor"

sc start poschamonitorv2

but this only resulted in the following error

ERROR_CHILD_NOT_COMPLETE
129 (0x81)
The %1 application cannot be run in Win32 mode.

so i still have not figured this out :/ ohh and below is the .INF file, its just autogenerated from VS with minor changes by me.

;
; PoschaMonitorV2.inf
;

[Version]
Signature="$WINDOWS NT$"
Class=Sample ; TODO: edit Class
ClassGuid={78A1C341-4539-11d3-B88D-00C04FAD5171} ; TODO: edit ClassGuid
Provider=%ManufacturerName%
CatalogFile=PoschaMonitorV2.cat
DriverVer= ; TODO: set DriverVer in stampinf property pages

[DestinationDirs]
DefaultDestDir = 12

; ================= Class section =====================

[ClassInstall32]
Addreg=SampleClassReg

[SampleClassReg]
HKR,,,0,%ClassName%
HKR,,Icon,,-5

[SourceDisksNames]
1 = %DiskName%,,,""

[SourceDisksFiles]
PoschaMonitorV2.sys  = 1,,

;*****************************************
; Install Section
;*****************************************

[Manufacturer]
%ManufacturerName%=Standard,NT$ARCH$

[Standard.NT$ARCH$]
%PoschaMonitorV2.DeviceDesc%=PoschaMonitorV2_Device, Root\PoschaMonitorV2 ; TODO: edit hw-id

[PoschaMonitorV2_Device.NT]
CopyFiles=Drivers_Dir

[Drivers_Dir]
PoschaMonitorV2.sys

;-------------- Service installation
[PoschaMonitorV2_Device.NT.Services]
AddService = PoschaMonitorV2,%SPSVCINST_ASSOCSERVICE%, PoschaMonitorV2_Service_Inst

; -------------- PoschaMonitorV2 driver install sections
[PoschaMonitorV2_Service_Inst]
DisplayName    = %PoschaMonitorV2.SVCDESC%
ServiceType    = 1               ; SERVICE_KERNEL_DRIVER
StartType      = 3               ; SERVICE_AUTO_START
ErrorControl   = 1               ; SERVICE_ERROR_NORMAL
ServiceBinary  = %12%\PoschaMonitorV2.sys

;
;--- PoschaMonitorV2_Device Coinstaller installation ------
;

[DestinationDirs]
PoschaMonitorV2_Device_CoInstaller_CopyFiles = 11

[PoschaMonitorV2_Device.NT.CoInstallers]
AddReg=PoschaMonitorV2_Device_CoInstaller_AddReg
CopyFiles=PoschaMonitorV2_Device_CoInstaller_CopyFiles

[PoschaMonitorV2_Device_CoInstaller_AddReg]
HKR,,CoInstallers32,0x00010000, "WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll,WdfCoInstaller"

[PoschaMonitorV2_Device_CoInstaller_CopyFiles]
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll

[SourceDisksFiles]
WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll=1 ; make sure the number matches with SourceDisksNames

[PoschaMonitorV2_Device.NT.Wdf]
KmdfService =  PoschaMonitorV2, PoschaMonitorV2_wdfsect
[PoschaMonitorV2_wdfsect]
KmdfLibraryVersion = $KMDFVERSION$

[Strings]
SPSVCINST_ASSOCSERVICE= 0x00000002
ManufacturerName="<Your manufacturer name>" ;TODO: Replace with your manufacturer name
ClassName="Samples" ; TODO: edit ClassName
DiskName = "PoschaMonitorV2 Installation Disk"
PoschaMonitorV2.DeviceDesc = "PoschaMonitorV2 Device"
PoschaMonitorV2.SVCDESC = "PoschaMonitorV2 Service"

Answer 1

After hours of messing around with this i was finally able to fix this issue, the problem was that i had not set a value for "KMDF Version Minor" and "KMDF Version Major" in my project settings. you can read more about it here:

https://msdn.microsoft.com/en-us/library/windows/hardware/hh825931(v=vs.85).aspx

Hope that someone else will find this helpfull someday :)