Ivan Leo Puoti ivanleo@gmail.com writes:
23:41 < peter_pan> in the third case, I will have to find a way to keep the service process alive (in a stopped state) after DriverEntry returns, and use wineserver and ptrace to call the callbacks from the user processes. this will imply inter process communication and inter process synchronization. or maybe I could just use IPC and keep the kernel space process waiting on a pipe or something. this wouldn't work for a kernel service which doesn't return from DriverEntry immediately, but I don't know if those exist.
That's the way to go, yes. You clearly don't want to start loading services inside the wineserver address space. Also you don't want to use ptrace, some sort of standard IPC mechanism should be fine.