BOOLEAN QueryNetworkDeviceInterfaceDescription(
_In_ PWSTR DeviceInterface,
_Out_ DEVINST *DeviceInstanceHandle,
_Out_ PPH_STRING *DeviceDescription
)
{
CONFIGRET result;
ULONG bufferSize;
PPH_STRING deviceDescription;
DEVPROPTYPE devicePropertyType;
DEVINST deviceInstanceHandle;
ULONG deviceInstanceIdLength = MAX_DEVICE_ID_LEN;
WCHAR deviceInstanceId[MAX_DEVICE_ID_LEN + 1] = L"";
if (CM_Get_Device_Interface_Property(
DeviceInterface,
&DEVPKEY_Device_InstanceId,
&devicePropertyType,
(PBYTE)deviceInstanceId,
&deviceInstanceIdLength,
0
) != CR_SUCCESS)
{
return FALSE;
}
if (CM_Locate_DevNode(
&deviceInstanceHandle,
deviceInstanceId,
CM_LOCATE_DEVNODE_PHANTOM
) != CR_SUCCESS)
{
return FALSE;
}
bufferSize = 0x40;
deviceDescription = PhCreateStringEx(NULL, bufferSize);
// DEVPKEY_Device_DeviceDesc doesn't give us the full adapter name.
// DEVPKEY_Device_FriendlyName does give us the full adapter name but is only
// supported on Windows 8 and above.
// We use our NetworkAdapterQueryName function to query the full adapter name
// from the NDIS driver directly, if that fails then we use one of the above properties.
if ((result = CM_Get_DevNode_Property(
deviceInstanceHandle,
WindowsVersion >= WINDOWS_8 ? &DEVPKEY_Device_FriendlyName : &DEVPKEY_Device_DeviceDesc,
&devicePropertyType,
(PBYTE)deviceDescription->Buffer,
&bufferSize,
0
)) != CR_SUCCESS)
{
PhDereferenceObject(deviceDescription);
deviceDescription = PhCreateStringEx(NULL, bufferSize);
result = CM_Get_DevNode_Property(
deviceInstanceHandle,
WindowsVersion >= WINDOWS_8 ? &DEVPKEY_Device_FriendlyName : &DEVPKEY_Device_DeviceDesc,
&devicePropertyType,
(PBYTE)deviceDescription->Buffer,
&bufferSize,
0
);
}
if (result != CR_SUCCESS)
{
PhDereferenceObject(deviceDescription);
return FALSE;
}
PhTrimToNullTerminatorString(deviceDescription);
*DeviceInstanceHandle = deviceInstanceHandle;
*DeviceDescription = deviceDescription;
return TRUE;
}
BOOLEAN NvGpuDriverIsWHQL(VOID)
{
BOOLEAN nvGpuDriverIsWHQL = FALSE;
HANDLE keyHandle = NULL;
HANDLE keyServiceHandle = NULL;
PWSTR deviceInterfaceList = NULL;
ULONG deviceInterfaceListLength = 0;
PWSTR deviceInterface;
PPH_STRING keyPath = NULL;
PPH_STRING matchingDeviceIdString;
PPH_STRING keyServicePath;
NvAPI_LongString nvNameAnsiString = "";
if (!NvAPI_GetDisplayDriverRegistryPath)
goto CleanupExit;
if (NvAPI_GetDisplayDriverRegistryPath(NvGpuDisplayHandleList->Items[0], nvNameAnsiString) != NVAPI_OK)
goto CleanupExit;
keyPath = PhConvertMultiByteToUtf16(nvNameAnsiString);
if (!NT_SUCCESS(PhOpenKey(
&keyHandle,
KEY_READ,
PH_KEY_LOCAL_MACHINE,
&keyPath->sr,
0
)))
{
goto CleanupExit;
}
matchingDeviceIdString = PhQueryRegistryString(keyHandle, L"MatchingDeviceId");
//keySettingsPath = PhConcatStrings2(keyPath->Buffer, L"\\VolatileSettings");
//if (NT_SUCCESS(PhOpenKey(
// &keySettingsHandle,
// KEY_READ,
// PH_KEY_LOCAL_MACHINE,
// &keySettingsPath->sr,
// 0
// )))
//{
// GUID settingsKey = GUID_DEVINTERFACE_DISPLAY_ADAPTER;
// PPH_STRING guidString = PhFormatGuid(&settingsKey);
//
// ULONG dwType = REG_BINARY;
// LONG length = DOS_MAX_PATH_LENGTH;
//
// if (RegQueryValueEx(
// keySettingsHandle,
// guidString->Buffer,
// 0,
// &dwType,
// (PBYTE)displayInstancePath,
// &length
// ) != ERROR_SUCCESS)
// {
// //__leave;
// }
//
// NtClose(keySettingsHandle);
// PhDereferenceObject(guidString);
//}
if (CM_Get_Device_Interface_List_Size(
&deviceInterfaceListLength,
(PGUID)&GUID_DEVINTERFACE_DISPLAY_ADAPTER,
NULL,
CM_GET_DEVICE_INTERFACE_LIST_PRESENT
) != CR_SUCCESS)
{
return FALSE;
}
deviceInterfaceList = PhAllocate(deviceInterfaceListLength * sizeof(WCHAR));
memset(deviceInterfaceList, 0, deviceInterfaceListLength * sizeof(WCHAR));
if (CM_Get_Device_Interface_List(
(PGUID)&GUID_DEVINTERFACE_DISPLAY_ADAPTER,
NULL,
deviceInterfaceList,
deviceInterfaceListLength,
CM_GET_DEVICE_INTERFACE_LIST_PRESENT
) != CR_SUCCESS)
{
PhFree(deviceInterfaceList);
return FALSE;
}
for (deviceInterface = deviceInterfaceList; *deviceInterface; deviceInterface += PhCountStringZ(deviceInterface) + 1)
{
CONFIGRET result;
PPH_STRING string;
ULONG bufferSize;
DEVPROPTYPE devicePropertyType;
DEVINST deviceInstanceHandle;
ULONG deviceInstanceIdLength = MAX_DEVICE_ID_LEN;
WCHAR deviceInstanceId[MAX_DEVICE_ID_LEN];
if (CM_Get_Device_Interface_Property(
deviceInterface,
&DEVPKEY_Device_InstanceId,
&devicePropertyType,
(PBYTE)deviceInstanceId,
&deviceInstanceIdLength,
0
) != CR_SUCCESS)
{
continue;
}
if (CM_Locate_DevNode(&deviceInstanceHandle, deviceInstanceId, CM_LOCATE_DEVNODE_NORMAL)!= CR_SUCCESS)
continue;
bufferSize = 0x40;
string = PhCreateStringEx(NULL, bufferSize);
if ((result = CM_Get_DevNode_Property(
deviceInstanceHandle,
&DEVPKEY_Device_MatchingDeviceId,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
)) != CR_SUCCESS)
{
PhDereferenceObject(string);
string = PhCreateStringEx(NULL, bufferSize);
result = CM_Get_DevNode_Property(
deviceInstanceHandle,
&DEVPKEY_Device_MatchingDeviceId,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
);
}
if (result != CR_SUCCESS)
{
PhDereferenceObject(string);
continue;
}
PhTrimToNullTerminatorString(string);
if (!PhEqualString(string, matchingDeviceIdString, TRUE))
{
PhDereferenceObject(string);
continue;
}
bufferSize = 0x40;
PhDereferenceObject(string);
string = PhCreateStringEx(NULL, bufferSize);
if ((result = CM_Get_DevNode_Property(
deviceInstanceHandle,
&DEVPKEY_Device_Service,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
)) != CR_SUCCESS)
{
PhDereferenceObject(string);
string = PhCreateStringEx(NULL, bufferSize);
result = CM_Get_DevNode_Property(
deviceInstanceHandle,
&DEVPKEY_Device_Service,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
);
}
if (result != CR_SUCCESS)
{
PhDereferenceObject(string);
continue;
}
keyServicePath = PhConcatStrings2(L"System\\CurrentControlSet\\Services\\", string->Buffer);
if (NT_SUCCESS(PhOpenKey(
&keyServiceHandle,
KEY_READ,
PH_KEY_LOCAL_MACHINE,
&keyServicePath->sr,
0
)))
{
PPH_STRING driverNtPathString;
PPH_STRING driverDosPathString = NULL;
if (driverNtPathString = PhQueryRegistryString(keyServiceHandle, L"ImagePath"))
{
driverDosPathString = PhGetFileName(driverNtPathString);
PhDereferenceObject(driverNtPathString);
}
if (driverDosPathString)
{
PPH_STRING fileSignerName = NULL;
//PH_MAPPED_IMAGE fileMappedImage;
//
//if (NT_SUCCESS(PhLoadMappedImage(driverDosPathString->Buffer, NULL, TRUE, &fileMappedImage)))
//{
// LARGE_INTEGER time;
// SYSTEMTIME systemTime;
// PPH_STRING string;
//
// RtlSecondsSince1970ToTime(fileMappedImage.NtHeaders->FileHeader.TimeDateStamp, &time);
// PhLargeIntegerToLocalSystemTime(&systemTime, &time);
//
// string = PhFormatDateTime(&systemTime);
// //SetDlgItemText(hwndDlg, IDC_TIMESTAMP, string->Buffer);
// PhDereferenceObject(string);
//
// PhUnloadMappedImage(&fileMappedImage);
//}
if (PhVerifyFile(driverDosPathString->Buffer, &fileSignerName) == VrTrusted)
{
//if (PhEqualString2(fileSignerName, L"Microsoft Windows Hardware Compatibility Publisher", TRUE))
nvGpuDriverIsWHQL = TRUE;
}
if (fileSignerName)
PhDereferenceObject(fileSignerName);
PhDereferenceObject(driverDosPathString);
}
NtClose(keyServiceHandle);
}
}
CleanupExit:
if (keyHandle)
{
NtClose(keyHandle);
}
if (deviceInterfaceList)
{
PhFree(deviceInterfaceList);
}
if (keyPath)
{
PhDereferenceObject(keyPath);
}
return nvGpuDriverIsWHQL;
}
PPH_STRING EtpQueryDeviceDescription(
_In_ PWSTR DeviceInterface
)
{
CONFIGRET result;
PPH_STRING string;
ULONG bufferSize;
DEVPROPTYPE devicePropertyType;
DEVINST deviceInstanceHandle;
ULONG deviceInstanceIdLength = MAX_DEVICE_ID_LEN;
WCHAR deviceInstanceId[MAX_DEVICE_ID_LEN];
if (CM_Get_Device_Interface_Property(
DeviceInterface,
&DEVPKEY_Device_InstanceId,
&devicePropertyType,
(PBYTE)deviceInstanceId,
&deviceInstanceIdLength,
0
) != CR_SUCCESS)
{
return NULL;
}
if (CM_Locate_DevNode(
&deviceInstanceHandle,
deviceInstanceId,
CM_LOCATE_DEVNODE_NORMAL
) != CR_SUCCESS)
{
return NULL;
}
bufferSize = 0x40;
string = PhCreateStringEx(NULL, bufferSize);
if ((result = CM_Get_DevNode_Property( // CM_Get_DevNode_Registry_Property with CM_DRP_DEVICEDESC??
deviceInstanceHandle,
&DEVPKEY_Device_DeviceDesc,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
)) != CR_SUCCESS)
{
PhDereferenceObject(string);
string = PhCreateStringEx(NULL, bufferSize);
result = CM_Get_DevNode_Property(
deviceInstanceHandle,
&DEVPKEY_Device_DeviceDesc,
&devicePropertyType,
(PBYTE)string->Buffer,
&bufferSize,
0
);
}
if (result != CR_SUCCESS)
{
PhDereferenceObject(string);
return NULL;
}
PhTrimToNullTerminatorString(string);
return string;
}
