The MmIsDriverVerifyingByAddress routine checks whether the kernel-mode driver that is identified by the specified image address is being verified or calls a driver that is being verified by Driver Verifier.
- AddressWithinSection [in]
A pointer to the virtual address within the driver image. MmIsDriverVerifyingByAddress uses this address to determine which driver to check.
MmIsDriverVerifyingByAddress returns TRUE if the specified driver either is in the driver verification list or imports calls to entry points in a driver that is in the driver verification list. Otherwise, this routine returns FALSE.
A kernel-mode driver can call this routine to determine whether it or another driver is being monitored by Driver Verifier. Driver Verifier monitors kernel-mode drivers to detect illegal function calls or actions that might corrupt the system. To select drivers to be verified, you can use the Verifier Command Line or Driver Verifier Manager. For more information about adding drivers to the driver verification list, see Selecting Drivers to be Verified.
Another related routine, MmIsDriverSuspectForVerifier, indicates whether a driver represented by a driver object is in the list of drivers that are selected to be verified.
For example, if driver A has an import table through which it calls one or more entry points in driver B, and driver B is in the driver verification list, then
MmIsDriverVerifyingByAddress(Aobj) returns TRUE and
MmIsDriverSuspectForVerifier(Badr) returns TRUE, where
Aobj is a pointer to the driver object for A and
Badr is an address in driver B. If driver A is not in the driver verification list,
MmIsDriverSuspectForVerifier(Aobj) returns FALSE. Even if driver B does not call entry points in any drivers that are in the driver verification list,
MmIsDriverVerifyingByAddress(Badr) returns TRUE because driver B is in the driver verification list. If a driver C is not in the driver verification list and does not call entry points in any drivers that are in the driver verification list,
MmIsDriverSuspectForVerifier(Cobj) both return FALSE.
|Available starting with Windows Vista.|