[NTOSKRNL] Set the DRVO_BUILTIN_DRIVER DriverObject flag when a built-in driver is created using IoCreateDriver().

2024-12-28 10:04:49 +00:00 · 2018-04-03 02:14:48 +02:00 · 2018-04-03 02:14:48 +02:00 · 45012aa486
commit 45012aa486
parent 635775d249
2 changed files with 14 additions and 5 deletions
--- a/ntoskrnl/include/internal/io.h
+++ b/ntoskrnl/include/internal/io.h
@ -1091,9 +1091,9 @@ NTSTATUS
 NTAPI
 IopCreateDriver(IN PUNICODE_STRING DriverName OPTIONAL,
                IN PDRIVER_INITIALIZE InitializationFunction,
-                IN PUNICODE_STRING RegistryPath,
+                IN PUNICODE_STRING RegistryPath OPTIONAL,
                IN PCUNICODE_STRING ServiceName,
-                PLDR_DATA_TABLE_ENTRY ModuleObject,
+                IN PLDR_DATA_TABLE_ENTRY ModuleObject OPTIONAL,
                OUT PDRIVER_OBJECT *pDriverObject);

 VOID
--- a/ntoskrnl/io/iomgr/driver.c
+++ b/ntoskrnl/io/iomgr/driver.c
@ -1419,9 +1419,9 @@ NTSTATUS
 NTAPI
 IopCreateDriver(IN PUNICODE_STRING DriverName OPTIONAL,
                IN PDRIVER_INITIALIZE InitializationFunction,
-                IN PUNICODE_STRING RegistryPath,
+                IN PUNICODE_STRING RegistryPath OPTIONAL,
                IN PCUNICODE_STRING ServiceName,
-                PLDR_DATA_TABLE_ENTRY ModuleObject,
+                IN PLDR_DATA_TABLE_ENTRY ModuleObject OPTIONAL,
                OUT PDRIVER_OBJECT *pDriverObject)
 {
    WCHAR NameBuffer[100];
@ -1479,7 +1479,16 @@ try_again:
    RtlZeroMemory(DriverObject, ObjectSize);
    DriverObject->Type = IO_TYPE_DRIVER;
    DriverObject->Size = sizeof(DRIVER_OBJECT);
-    DriverObject->Flags = DRVO_LEGACY_DRIVER;
+
+    /*
+     * Check whether RegistryPath and ModuleObject are both NULL because
+     * IoCreateDriver() was called to initialize a built-in driver.
+     */
+    if ((RegistryPath != NULL) || (ModuleObject != NULL))
+        DriverObject->Flags = DRVO_LEGACY_DRIVER;
+    else
+        DriverObject->Flags = DRVO_BUILTIN_DRIVER;
+
    DriverObject->DriverExtension = (PDRIVER_EXTENSION)(DriverObject + 1);
    DriverObject->DriverExtension->DriverObject = DriverObject;
    DriverObject->DriverInit = InitializationFunction;