Hi Folks,

I am writing an Upper Filter Keyboard Driver and am basing most of my
code logic
on the DDK samples (Toaster\Filter and kbfiltr driver example).

My envisaged solution is to block (consume all IRP requests) all
keyboard Scancodes/keystrokes
when the Screensaver is running and when its not running handle the
keystrokes as normal.

I have made a User Mode app that gets events about the Screensaver
status and sends my predefined
IOCTL's messages to the Filter driver to notify it of its status (this
works fine!!!).

First of all let me point out that I first started to get a working
solution using the Ctrl2cap example on system internals, but soon found
out that I could not talk to the Filter Driver because I needed an
Extra Device Object (EDO) to get this working. So I was pointed to look
at the Toaster\Filter example on how to do this.

Then I looked at the kbfiltr example of hooking onto the keyboard and
proceeded to amalgamate the two working examples. I realised I needed
the KbFilter_ServiceCallback to handle the keyboard requests so I could
consume the keystrokes.

Below is the my code in DriverEntry code that sets up the IRP
management

for (ulIndex = 0, dispatch = DriverObject->MajorFunction;
ulIndex <= IRP_MJ_MAXIMUM_FUNCTION;
ulIndex++, dispatch++) {

*dispatch = FilterPass;
}

DriverObject->MajorFunction [IRP_MJ_CREATE] =
DriverObject->MajorFunction [IRP_MJ_CLOSE] =
KbFilter_CreateClose; //kbfiltr code
DriverObject->MajorFunction[IRP_MJ_PNP] = FilterDispatchPnp;
//Toaster\Filter code
DriverObject->MajorFunction[IRP_MJ_POWER] =
FilterDispatchPower; //Toaster\Filter code
DriverObject->MajorFunction [IRP_MJ_INTERNAL_DEVICE_CONTROL] =
KbFilter_InternIoCtl; //kbfiltr code

DriverObject->DriverExtension->AddDevice = FilterAddDevice;
//tailored kbfiltr code
DriverObject->DriverUnload = FilterUnload;
//kbfiltr code
//handle our IOCTL requests
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = FilterDispatchIo;
// tailored kbfiltr code

The KbFilter_InternIoCtl function to handle
IRP_MJ_INTERNAL_DEVICE_CONTROL requests was taken from DDK [kbfiltr]
without altercation along with any other functions that it needed to
talk to. The code complies and runs but I tried to consume the
keystrokes in the KbFilter_ServiceCallback function and this didn't
work.

I have placed debug code into the KbFilter_ServiceCallback function and
these statements never get printed thus meaning this function is not
getting called and the keyboard hook is failing somehow but I cant see
this happening because this all happens at boot time. Or some the
plausible problem is occurring in the driver :-)

this should receive an IOCTL_INTERNAL_KEYBOARD_CONNECT thus hooking the
KbFilter_ServiceCallback to each keystroke?

Can anyone please help me with my coding logic or figure out where I am
going wrong?
If anyone wants to go that little bit further I can mail you over my
code to have a look at,
just drop me a mail and will send it over?

I have also been following "Programming The Microsoft Windows Driver
Model Second Edition" Chapter 16 code snippets and theory behind what I
am attempting to do but cant get it to work (

:-)

Thanks in advance for the help,
Cheers,
Con

P.S.
I am running this on an XP machine using the Windows 2003 DDK (XP Free
Build)

Uzytkownik "conjonh" <con.brady@gmail.com> napisal w wiadomosci
news:1129976603.146626.140580@g44g2000cwa.googlegr oups.com...
Good =)

U need to kill keyboard packets here:

Don't touch this function:

I understand, u set some kind of flag through IOCTL's message,
so now all u have to do is (inside IRP_MJ_DEVICE_CONTROL):

if (FALSE == YOUR_FLAG) {

(*(PSERVICE_CALLBACK_ROUTINE) devExt->UpperConnectData.ClassService)(
devExt->UpperConnectData.ClassDeviceObject,
InputDataStart,
InputDataEnd,
InputDataConsumed);

} else {

// drop every packet
*InputDataConsumed = InputDataEnd - InputDataStart;

}

HTH

Hi Tomasz ,

Thanks for the help.
I understand your logic but I was wondering how I get a hold of the
buffered keyboard data to call PSERVICE_CALLBACK_ROUTINE inside the
FilterDispatchIo - to handle the IRP_MJ_DEVICE_CONTROL

(*(PSERVICE_CALLBACK_ROUTINE)
deviceExtension->UpperConnectData.ClassService)
(
deviceExtension->UpperConnectData.ClassDeviceObject,
InputDataStart, ???
InputDataEnd, ???
InputDataConsumed); ???

Considering this functions signature is:

NTSTATUS
FilterDispatchIo(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)

Thanks for the help,
Cheers,
Con

Uzytkownik "conjonh" <con.brady@gmail.com> napisal w wiadomosci
news:1130149967.798739.179280@f14g2000cwb.googlegr oups.com...
You don't have to (if I got you right). IRP_MJ_DEVICE_CONTROL is where
you notify your driver to start blocking keyboard packets. So you olny need
to
set some boolean flag there.

Then you can use this flag inside "service callback" rouitne to drop key
data.

HTH.

Hi Tomasz ,

Thanks for the help..
I finally got it working!!! :-)
The problem was in the "connect method" to the keyboard; it was
failing and thus the keyboard hook never took place.
I eventually found it, when I was installing the driver I added a
registry value and added my filter driver after the kbclass driver thus
meaning my driver wasn't getting loaded at the right time.
I changed them around and everything was sweet.

One of them annoying small things because I had coded the driver
exactly the way it said in the docs :-)
Thanks for all the help,
Cheers,
Con