KunYi · November 26, 2019 12:02
diff --git a/read SMBIOS data from kermel.txt b/read SMBIOS data from kermel.txt
 copy from http://www.databaseforum.info/15/18/760a1fec0efb9bc0.html

 Drivers >> Attn: Eliyas Yakub [MSFT] Re: SMBIOS info from kernel mode

 Eliyas,

 Thanks for your previous post on the subject. I was able
 to successfully read the Raw SMBIOS data with minor
 modifications. This data matches the data returned by
 wbemtest for RawSMBiosTable instance as seen in the MOF
 editor for the instance.

 However, I have run into difficulties on two fronts and I
 hope you can give me some pointers.

 1) The data is embedded in the WNODE_ALL_DATA structure.
 However, the data offset returned
 (PWNODE_ALL_DATA) dataBuffer->DataBlockOffset does not
 seem to match the real data offset when compared to the
 wbemdata. Any pointers on how to interpret the
 WNODE_ALL_DATA correctly.

 2) Also, I am trying to interpret the data returned to
 extract manufacturer/model information. However, the raw
 data does not seem to have the signatures I need to
 find "_SM_", "_DMI_" and the like. Is this data structure
 exactly identical to that stored in the SMBIOS according
 to the standard or does WMI restructres the way it is
 stored. Do you have any pointers on how to interpret the
 data in either case.

 Would appreciate a reply from you or anyone else who has
 any ideas.

 Thanks
 Dibyendu Nandy


 ------Original Posting follows------

 Subject: Re: SMBIOS info from kernel mode
 From: "Eliyas Yakub [MSFT]"

 AM




 You can use IoWMI APIs to get SMBIOS info in kernel-mode.
 It's not very
 hard. Here is a small code snippet that shows how to get a
 WMI data block in
 kernel-mode. It is much easier than mucking with COM in
 usermode.



 NTSTATUS status;
 GUID smbiosGUID = SMBIOS_DATA_GUID; //
 defined in wmiguid.h
 PVOID wmiObject = NULL;
 PWNODE_ALL_DATA dataBuffer;

 //
 // Get a WMI block handle to the SMBIOS_DATA_GUID
 //
 status = IoWMIOpenBlock( (GUID *) &smbiosGUID,
 WMIGUID_QUERY,
 &wmiObject );
 if (!NT_SUCCESS(status)) {

 return status;

 }

 //
 // Determine how much space is required for the data
 //
 status = IoWMIQueryAllData( wmiObject, &bufferSize,
 NULL );
 if (status != STATUS_BUFFER_TOO_SMALL) {

 ObDereferenceObject( wmiObject );
 return status;

 }

 //
 // Allocate the necessary storage. This space must
 come out of NP-pool
 //
 dataBuffer = ExAllocatePoolWithTag(
 NonPagedPool,
 bufferSize,
 TAG_SMBIOS
 );
 if (dataBuffer == NULL) {

 ObDereferenceObject( wmiObject );
 return STATUS_INSUFFICIENT_RESOURCES;

 }

 -- 
 -Eliyas
 This posting is provided "AS IS" with no warranties, and
 confers no rights.
 http://www.hide-link.com/
	copy from http://www.databaseforum.info/15/18/760a1fec0efb9bc0.html

	Drivers >> Attn: Eliyas Yakub [MSFT] Re: SMBIOS info from kernel mode

	Eliyas,

	Thanks for your previous post on the subject. I was able
	to successfully read the Raw SMBIOS data with minor
	modifications. This data matches the data returned by
	wbemtest for RawSMBiosTable instance as seen in the MOF
	editor for the instance.

	However, I have run into difficulties on two fronts and I
	hope you can give me some pointers.

	1) The data is embedded in the WNODE_ALL_DATA structure.
	However, the data offset returned
	(PWNODE_ALL_DATA) dataBuffer->DataBlockOffset does not
	seem to match the real data offset when compared to the
	wbemdata. Any pointers on how to interpret the
	WNODE_ALL_DATA correctly.

	2) Also, I am trying to interpret the data returned to
	extract manufacturer/model information. However, the raw
	data does not seem to have the signatures I need to
	find "_SM_", "_DMI_" and the like. Is this data structure
	exactly identical to that stored in the SMBIOS according
	to the standard or does WMI restructres the way it is
	stored. Do you have any pointers on how to interpret the
	data in either case.

	Would appreciate a reply from you or anyone else who has
	any ideas.

	Thanks
	Dibyendu Nandy


	------Original Posting follows------

	Subject: Re: SMBIOS info from kernel mode
	From: "Eliyas Yakub [MSFT]"

	AM




	You can use IoWMI APIs to get SMBIOS info in kernel-mode.
	It's not very
	hard. Here is a small code snippet that shows how to get a
	WMI data block in
	kernel-mode. It is much easier than mucking with COM in
	usermode.



	NTSTATUS status;
	GUID smbiosGUID = SMBIOS_DATA_GUID; //
	defined in wmiguid.h
	PVOID wmiObject = NULL;
	PWNODE_ALL_DATA dataBuffer;

	//
	// Get a WMI block handle to the SMBIOS_DATA_GUID
	//
	status = IoWMIOpenBlock( (GUID *) &smbiosGUID,
	WMIGUID_QUERY,
	&wmiObject );
	if (!NT_SUCCESS(status)) {

	return status;

	}

	//
	// Determine how much space is required for the data
	//
	status = IoWMIQueryAllData( wmiObject, &bufferSize,
	NULL );
	if (status != STATUS_BUFFER_TOO_SMALL) {

	ObDereferenceObject( wmiObject );
	return status;

	}

	//
	// Allocate the necessary storage. This space must
	come out of NP-pool
	//
	dataBuffer = ExAllocatePoolWithTag(
	NonPagedPool,
	bufferSize,
	TAG_SMBIOS
	);
	if (dataBuffer == NULL) {

	ObDereferenceObject( wmiObject );
	return STATUS_INSUFFICIENT_RESOURCES;

	}

	--
	-Eliyas
	This posting is provided "AS IS" with no warranties, and
	confers no rights.
	http://www.hide-link.com/