Named Pipe Kernel Security
This automated test verifies that only kernel-mode requestors can invoke SCTL_PIPE_INTERNAL_TRANSCEIVE, because this command can read kernel memory.
Test details
Associated requirements |
Filter.Driver.AntiVirus.MiniFilter Filter.Driver.AntiVirus.NamedPipeAndMailSlots Filter.Driver.FileSystem.MiniFilter Filter.Driver.FileSystem.NamedPipeAndMailSlots |
Platforms |
Windows 8 (x64) Windows 8 (x86) Windows Server 2012 (x64) Windows 8.1 x64 Windows 8.1 x86 Windows Server 2012 R2 |
Expected run time |
~30 minutes |
Categories |
Certification Functional |
Type |
Automated |
Running the test
Before you run the test, complete the test setup as described in the test requirements: File System Testing Prerequisites.
To run this test, follow these steps:
Copy the test binaries that are listed in the File List section locally.
Run the following command: npfsregr.exe
The expected Pass count is 1. Inspect the log file for the presence of +SEV error tags. If you do not find any instances of this tag, the test has passed.
Troubleshooting
For troubleshooting information, see Troubleshooting File System Testing.
This test returns Pass or Fail. To review test details, review the test log from Windows Hardware Certification Kit (Windows HCK) Studio.
More information
Command syntax
This test does not accept command-line parameters.
File list
| File | Location |
|---|---|
Npfsregr.exe |
[WTT\TestBinRoot]\NTTEST\BASETEST\kernel\misc\npfsregr.exe |
Ntlog.dll |
[WTT\OsBinRoot]\ddk_flat\DTM\tests\ntlog\ntlog.dll |
Ntlogger.ini |
[WTT\OsBinRoot]\ddk_flat\DTM\tests\ntlog\ntlogger.ini |