mirror of https://github.com/safing/portmaster synced 2025-04-12 15:09:09 +00:00

History

Daniel 35ac64bd82 [windows_kext] Bump version		2024-07-02 15:06:18 +02:00
..
c_helper	Add rust kext to the mono repo	2024-04-29 17:04:08 +03:00
driver	[windows_kext] Remove warning to reduce confusion.	2024-07-01 10:28:39 +03:00
kextinterface	[windows_kext] Bump version	2024-07-02 15:06:18 +02:00
protocol	[windows_kext] Fix minor problems	2024-07-01 15:06:54 +03:00
release	[windows_kext] Add metadata to sys file	2024-05-28 10:43:43 +03:00
wdk	[windows_kext] Fix some clippy warnings	2024-06-28 16:12:07 +03:00
.gitignore	Add rust kext to the mono repo	2024-04-29 17:04:08 +03:00
Cargo.lock	Add rust kext to the mono repo	2024-04-29 17:04:08 +03:00
PacketFlow.md	[windows_kext] Update docs and few minor fixes	2024-06-05 15:22:45 +03:00
PortmasterKext64.inf	Add rust kext to the mono repo	2024-04-29 17:04:08 +03:00
README.md	Add rust kext to the mono repo	2024-04-29 17:04:08 +03:00
test_protocol.sh	[windows_kext] keep generated test data	2024-05-16 17:29:24 +03:00

README.md

Portmaster Windows kext

Implementation of Safing's Portmaster Windows kernel extension in Rust.

Documentation

Driver -> entry point.
WDK -> Windows Driver Kit interface.
Packet Path -> Detiled documentation of what happens to a packet when it enters the kernel extension.
Release -> Guide how to do a release build

Building

The Windows Portmaster Kernel Extension is currently only developed and tested for the amd64 (64-bit) architecture.

Prerequesites:

Visual Studio 2022
- Install C++ and Windows 11 SDK (22H2) components
- Add link.exe and signtool in the PATH
Rust
- https://www.rust-lang.org/tools/install
Cargo make(optional)
- https://github.com/sagiegurari/cargo-make

Setup Test Signing:

In order to test the driver on your machine, you will have to test sign it (starting with Windows 10).

Create a new certificate for test signing:

:: Open a *x64 Free Build Environment* console as Administrator.

:: Run the MakeCert.exe tool to create a test certificate:
MakeCert -r -pe -ss PrivateCertStore -n "CN=DriverCertificate" DriverCertificate.cer

:: Install the test certificate with CertMgr.exe:
CertMgr /add DriverCertificate.cer /s /r localMachine root

Enable Test Signing on the dev machine:

:: Before you can load test-signed drivers, you must enable Windows test mode. To do this, run this command:
Bcdedit.exe -set TESTSIGNING ON
:: Then, restart Windows. For more information, see The TESTSIGNING Boot Configuration Option.

Build driver:

cd driver
cargo build

Build also works on linux

Link and sign: On a windows machine copy driver.lib form the project target directory (driver/target/x86_64-pc-windows-msvc/debug/driver.lib) in the same folder as link.bat. Run link.bat.

driver.sys should appear in the folder. Load and use the driver.

Test

Install go
- https://go.dev/dl/

cd kext_tester
go run .

make sure the hardcoded path in main.go is pointing to the correct .sys file