Just recently I thought I’d work on a project I had shelved a few years back. It’s a by-product of the recent Classios work I’ve done. Since I used Delphi (D2006) to build the classios kernel, it seemed logical to see if I could build a windows device driver directly with delphi without the use of C/C++ stubs. It turns out that you can!!
It basically relies on skeleton system.dcu’s etc where the win32 api has been factored out. That combined with some important glue code to make sure that the DeviceMain() function in C is emulated correctly results in a workable .SYS executable. Once that is done, the only thing remaining is to prepare the .SYS file by modifying the win32 PE header slightly so that windows will recognize it as a device driver.
This is a rather powerful way to do kernel mode programming in windows. I’ve been able to build a couple of device drivers so far. The first was a proof of concept. I was able to get the driver to run at ring 0, and then dump the page tables and GDT/IDT. The next useful driver I made was one to directly access the LAN driver. This was able to port some of the code I did for Trumpet Winsock directly to delphi and now have roughly the same functionality as Winpcap.
Delphi now rules the ring 0 world of windows!!
P!
The Musings of Peter Tattam 