How to solve LNK2019 unresolved external symbol DriverEntry referenced in function GsDriverEntry?

Question

While I was compiling this project https://github.com/namazso/hdd_serial_spoofer

I got the error message above ,how can I solve this ? I'm using vs 2017 and wdk 10 .

(Must compile in release ,debug mode is not supported .There is no DriverEntry function in this project ,the EntryPoint(void* ntoskrn, void* image, void* alloc) function in hwid.cpp is the real entry point .)

I did a lot of research but still failed to get it work .I'm a noob in kernel mode driver development .

Answer 1

The project uses (an apparently ignored) option

<EntryPointSymbol> to define EntryPoint as the entry.

This is documented here, but current documentation appears to mean this is really only for .exe and .dll projects.

The form of the mesage called from the Windows driver system

NTSTATUS DriverInitialize(
  _DRIVER_OBJECT *DriverObject,
  PUNICODE_STRING RegistryPath
)

Is incompatible with the EntryPoint in the project

EntryPoint(void* ntoskrn, void* image, void* alloc)

This is not so bad, as none of the parameters which are called for EntryPoint are used.

So the simplest implementation would be

extern "C"
{
    DRIVER_INITIALIZE DriverEntry;
    _Use_decl_annotations_
        NTSTATUS
        DriverEntry(
            struct _DRIVER_OBJECT  *DriverObject,
            PUNICODE_STRING  RegistryPath
        )
    {
        EntryPoint(NULL, NULL, NULL);
        return STATUS_SUCCESS;
    }
}

Kernel development is not for the faint hearted, and running invalid kernel code on your computer could make it difficult to boot, or in extream cases damage the computer. I did not review any of the code in the project for correctness.

Please run the code in a virtual machine (vmware, virtualbox, hyper-v) to limit the damage it could do