Early Launch Antimalware Testing Prerequisites
This section describes the tasks that you must complete before you test your Early Launch Anti-Malware (ELAM) driver by using the Windows Hardware Certification Kit (Windows HCK):
Review the hardware requirements.
Review the software requirements.
Configure the test computers.
The ELAM software feature provides a Microsoft-supported mechanism for antimalware software to start before all other third-party components. The system first initializes antimalware drivers and allows these drivers to control the initialization of boot drivers, so that the system does not initialize unknown boot drivers. After the boot process has initialized the boot drivers and access to persistent storage is available efficiently, existing antimalware software may continue to block malware from executing.
For more information, see Firmware and Boot Environment.
Hardware requirements
The following hardware is required for testing:
- Two test computers. These test computers must meet the Windows HCK prerequisites and must be included in the same computer pool. For more information, see Windows HCK Prerequisites.
Note
To certify your product for use on servers, the test computer must support four processors and a minimum of 1 GB of RAM. These system capabilities are required to test the Rebalance, D3 State, and Multiple Processor Group functionality of the device and driver. You do not need a computer that actually has more than 64 processors to test your device. Additionally, the server system(s) being used for device or driver testing must have Server Core installed prior to testing. For more information see Windows Server Installation Options.
If you use a pool of test computers to test your product, at least one computer in the pool must contain four processors and a minimum of 1 GB of RAM. Additionally, that computer must contain the product that you want to test. As long as the driver is the same on all the computers in the pool, the system creates a schedule to run against all test computers.
For tests that do not include a driver to test, such as hard disk drive tests, the Windows HCK scheduler constrains the tests that validate the device’s and driver’s Rebalance, D3 State and Multiple Processor Groups functionality to run on the default test computer. You must manually configure this computer to have multiple processor groups. The default computer is the first test computer in the list. Test personnel must make sure that the first test computer in the list meets the minimum hardware requirements.
Note
Except for para-virtualization drivers (as defined by Logo Program Requirement Policy-0020), you may not use any form of virtualization when you test physical devices and their associated drivers for server certification or signature. All virtualization products do not support the underlying functionality that is required to pass the tests that relate to multiple processor groups, device power management, device PCI functionality, and other tests.
Software requirements
The following software is required for testing:
The driver that you are testing.
Warning
Make sure that you install the product on the test computer before you install the Windows HCK Client.
The latest Windows HCK filters or updates.
Test computer Configuration
If you are testing unsigned kernel mode drivers, choose one of the following options:
Attach a kernel debugger. In this case, the system does not verify or enforce driver signatures. Therefore, any driver can load even if the driver does not have a verified certificate or the driver is unsigned.
Create a self-signed certificate by using the makecert.exe file. The certificate must contain the 1.3.6.1.5.5.7.3.3 (codesigning) and 1.3.6.1.4.1.311.61.4.1 (early-launch) EKUs. Afterwards, disable secure boot (if enabled) or enable Secure Boot debugging, and put your computer in test mode by using the bcdedit /set testsigning on command. Test mode means that the system validates the signature and verifies EKUs, but the system does not verify the certificate chain.
Make sure that the test computer is in the ready state before you begin your testing. If a test requires parameters to be set before it is run, a dialog box will be displayed for that test. Review the specific test topic for more information.
Some Windows HCK tests require user intervention. When running tests for a submission, it is a best practice to run the automated tests in a block separately from manual tests. This prevents a manual test from interrupting completion of an automated test.