Can an IOCTL be sent to a driver before it finished its DriverEntry?

28 Aug, 21

Hello, I create a device object in my driverEntry routine and wait. Can an ICOTL be sent successfully to my dispatch function before my DriverEntry is returned?


28 Aug, 21

No. Not until the DO_DEVICE_INITIALIZING bit is cleared in the Device Object flags field. Additionally you should not wait in your DriverEntry routine - if you need to do processing then you should create a worker thread.

NTSTATUS PsCreateSystemThread(
  PHANDLE            ThreadHandle,
  ULONG              DesiredAccess,
  POBJECT_ATTRIBUTES ObjectAttributes,
  HANDLE             ProcessHandle,
  PCLIENT_ID         ClientId,
  PKSTART_ROUTINE    StartRoutine,
  PVOID              StartContext


16 Sep, 21

For the curious, you can clear that bit (devObject->Flags & DO_DEVICE_INITIALIZING) manually from DriverEntry.

This is useful if you inject a driver.