[wix-users] conditional install of device driver using WIX and DIFXAPP because of new/stricter signing requirements in W10

Tom Brezinski tom.brezinski at ViaviSolutions.com
Thu Jul 13 05:18:25 PDT 2017


Personally I would make the two drivers individual features and condition the install of the features but that's just me.
 
What is your custom action doing?  I suspect you do not need it.  Try using the following to set a property if Win10 instead:

<Property Id="WIN10FOUND">
  <DirectorySearch Id="searchSystemWin10" Path="[SystemFolder]" Depth="0">
    <FileSearch Id="searchFileWin10" Name="advapi32.dll" MinVersion="6.3.10000.0"/>
  </DirectorySearch>
</Property>


-----Original Message-----
From: wix-users [mailto:wix-users-bounces at lists.wixtoolset.org] On Behalf Of Anthony LaMark
Sent: Wednesday, July 12, 2017 6:36 PM
To: 'WiX Toolset Users Mailing List' <wix-users at lists.wixtoolset.org>
Subject: [wix-users] conditional install of device driver using WIX and DIFXAPP because of new/stricter signing requirements in W10

Hi,

 

Because MS is now forcing device drivers to be signed by MS on W10 and Server 2016, 

I am modifying our WIX install to conditionally install our device driver.

To accomplish this, we have our device driver signed twice.

One for older Windows (we do the signing ourselves with a SHA1 code signing
certificate) and then one signed by MS (using the Hardware Developer Portal
- attestation signed...for now).

So, on our build machine, there are 2 directories each with the same driver files (x.sys, x.inf, x.cat) but with different signing (one from us, one from MS).

 

In our WIX install, we make two components (both with the same GUID attribute but with different ID attribute), each with a <Condition> child element.

The <Condition>s are mutually exclusive:

DriverCondition <> "1" and DriverCondition = "1"

 

The variable DriverCondition is set in a CustomAction that gets called at the beginning

of the InstallExecuteSequence.

 

Here are the relevant WIX XML snippets:

..

          <Component Id='productDriver'
Guid='{E708D6C5-32DC-4435-B9F0-49D5A48B48F2}'>

              <Condition>

                <![CDATA[DriverCondition <> "1"]]>

              </Condition>

            <File Id='xSYS' Name='x.sys' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryName)\x.sys'
KeyPath='yes' />

            <File Id='xINF' Name='x.inf' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryName)\x.inf'
Hidden='yes' />

            <File Id='xCAT' Name='x.cat' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryName)\x.cat'
Hidden='yes' />

            <difx:Driver AddRemovePrograms='no' DeleteFiles='yes'
ForceInstall='yes' Legacy='yes' PlugAndPlayPrompt='no' Sequence='1'/>

          </Component>      

            <Component Id='productDriverMicrosoftSigned'
Guid='{E708D6C5-32DC-4435-B9F0-49D5A48B48F2}'>

              <Condition>

                <![CDATA[DriverCondition = "1"]]>

              </Condition>

              <File Id='xSYSMicrosoftSigned' Name='x.sys' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryNameMicrosoftEVDriv
erSigning)\x.sys' KeyPath='yes' />

              <File Id='xINFMicrosoftSigned' Name='x.inf' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryNameMicrosoftEVDriv
erSigning)\x.inf' Hidden='yes' />

              <File Id='xCATMicrosoftSigned' Name='x.cat' DiskId='1'
Source='\Projects\product\driver\$(var.DriverSubdirectoryNameMicrosoftEVDriv
erSigning)\x.cat' Hidden='yes' />

              <difx:Driver AddRemovePrograms='no' DeleteFiles='yes'
ForceInstall='yes' Legacy='yes' PlugAndPlayPrompt='no' Sequence='1'/>

            </Component>

...

    <Feature Id="ProductFeatureBinaries"  Title="productBinaries" Level="1">

      <ComponentRef Id='productDriver' />

      <ComponentRef Id='productDriverMicrosoftSigned' />

...

    </Feature>

 

...

    <InstallExecuteSequence>

      <!-- INSTALL and UPGRADES -->

      <Custom Action='CustomActionSetDriverCondition'
Before='CreateFolders'>

        <![CDATA[(REMOVE="")]]>

      </Custom>

...

 

When we build the WIX install project, we get a warning message: 

warning LGHT1076: ICE30: The target file 'x.sys' might be installed in '[ProgramFiles64Folder]\product\' by two different conditionalized components on an SFN system: 'productDriver' and 'productDriverMicrosoftSigned'. If the conditions are not mutually exclusive, this will break the component reference counting system.

 

At install, we get the following relevant messages in the install log:

MSI (s) (FC!84) [13:49:21:062]: PROPERTY CHANGE: Adding DriverCondition property. Its value is '1'.

 

DIFXAPP: ENTER: ProcessDriverPackages()

DIFXAPP: INFO: 'Component' is 'productDriver'

DIFXAPP: INFO: Component state 0x2 -> 0x3

DIFXAPP: INFO: 'ComponentId' is {E708D6C5-32DC-4435-B9F0-49D5A48B48F2}

DIFXAPP: INFO: 'Flags' is 31

DIFXAPP: INFO: component path is C:\Program Files\product\

DIFXAPP: INFO: user SID of user performing the install is 'S-1-5-21-...'.

DIFXAPP: INFO: creating
HKEY_USERS\S-1-5-21-...\Software\Microsoft\Windows\CurrentVersion\DIFxApp\Co
mponents\{E708D6C5-32DC-4435-B9F0-49D5A48B48F2} (User's SID: 'S-1-5-21-...') ...

DIFXAPP: INFO: 'Component' is 'productDriverMicrosoftSigned'

DIFXAPP: INFO: Component state 0x2 -> 0xFFFFFFFF

DIFXAPP: INFO: 'ComponentId' is {E708D6C5-32DC-4435-B9F0-49D5A48B48F2}

DIFXAPP: INFO: 'Flags' is 31

DIFXAPP: INFO: component path is 

DIFXAPP: INFO: This is a no-op custom action for component productDriverMicrosoftSigned. The NoOp_{E708D6C5-32DC-4435-B9F0-49D5A48B48F2} property has been set to TRUE.

DIFXAPP: RETURN: ProcessDriverPackages() 0 (0x0)

DIFXAPP: ENTER: InstallDriverPackages()

DIFXAPP: INFO: 'CustomActionData' property 'DIFxApp Version' is '2.1'.

DIFXAPP: INFO: 'CustomActionData' property 'UI Level' is '5'.

DIFXAPP: INFO: 'CustomActionData' property 'componentId' is '{E708D6C5-32DC-4435-B9F0-49D5A48B48F2}'.

DIFXAPP: INFO: 'CustomActionData' property 'componentPath' is 'C:\Program Files\product\'.

DIFXAPP: INFO: 'CustomActionData' property 'flags' is 0x1F.

DIFXAPP: INFO: 'CustomActionData' property 'installState' is '2'.

DIFXAPP: INFO: 'CustomActionData' property 'ProductName' is 'product'.

DIFXAPP: INFO: 'CustomActionData' property 'ManufacturerName' is 'CompanyName'.

DIFXAPP: INFO: user SID of user performing the install is 'S-1-5-21-...'.

DIFXAPP: INFO: opening
HKEY_USERS\S-1-5-21-...\Software\Microsoft\Windows\CurrentVersion\DIFxApp\Co
mponents\{E708D6C5-32DC-4435-B9F0-49D5A48B48F2} (User's SID: 'S-1-5-21-...') ...

DIFXAPP: INFO:   ENTER:  DriverPackageInstallW

DIFXAPP: INFO:   Copied 'x.inf' to driver store...

DIFXAPP: INFO:   Copied 'x.cat' to driver store...

DIFXAPP: INFO:   Commiting queue...

DIFXAPP: INFO:   Copied file: 'C:\Program Files\product\x.sys' ->
'C:\WINDOWS\system32\DRVSTORE\x_BBCE708F79152E888F70B6A14291A0ED2F596DE4\x.s
ys'.

DIFXAPP: INFO:   Installing INF file
"C:\WINDOWS\system32\DRVSTORE\x_BBCE708F79152E888F70B6A14291A0ED2F596DE4\x.i
nf" of Type 4.

DIFXAPP: INFO:   Installing File System Driver
'C:\WINDOWS\system32\DRVSTORE\x_BBCE708F79152E888F70B6A14291A0ED2F596DE4\x.i
nf'

DIFXAPP: INFO:   Service 'x' was started

DIFXAPP: SUCCESS:Installation completed with code 0x0.

DIFXAPP: INFO:   RETURN: DriverPackageInstallW  (0x0)

DIFXAPP: INFO:   ENTER:  DriverPackageGetPathW

DIFXAPP: SUCCESS:Found driver store entry.

DIFXAPP: INFO:   RETURN: DriverPackageGetPathW  (0x7A)

DIFXAPP: INFO:   ENTER:  DriverPackageGetPathW

DIFXAPP: SUCCESS:Found driver store entry.

DIFXAPP: INFO:   RETURN: DriverPackageGetPathW  (0x0)

DIFXAPP: INFO: driver store entry for 'C:\Program Files\product\x.inf' is 'C:\WINDOWS\system32\DRVSTORE\x_BBCE708F79152E888F70B6A14291A0ED2F596DE4\x.i
nf'.

DIFXAPP: INFO: The component Id '{E708D6C5-32DC-4435-B9F0-49D5A48B48F2}' is now set to point to driver store:
'C:\WINDOWS\system32\DRVSTORE\x_BBCE708F79152E888F70B6A14291A0ED2F596DE4\x.i
nf'

DIFXAPP: INFO: A reboot is not needed to install the component '{E708D6C5-32DC-4435-B9F0-49D5A48B48F2}'.

DIFXAPP: RETURN: InstallDriverPackages() 0 (0x0)

DIFXAPP: ENTER: CleanupOnSuccess()

DIFXAPP: INFO: 'Component' is 'productDriver'

DIFXAPP: INFO: 'ComponentId' is {E708D6C5-32DC-4435-B9F0-49D5A48B48F2}

DIFXAPP: INFO: This is a no-op for component productDriver. The NoOp_{E708D6C5-32DC-4435-B9F0-49D5A48B48F2} property has been set to TRUE.

DIFXAPP: INFO: Skipping cleanup for component productDriver, since it is a no-op.

DIFXAPP: INFO: 'Component' is 'productDriverMicrosoftSigned'

DIFXAPP: INFO: 'ComponentId' is {E708D6C5-32DC-4435-B9F0-49D5A48B48F2}

DIFXAPP: INFO: user SID of user performing the install is 'S-1-5-21-...'.

DIFXAPP: INFO: opening
HKEY_USERS\S-1-5-21-...\Software\Microsoft\Windows\CurrentVersion\DIFxApp\Co
mponents\{E708D6C5-32DC-4435-B9F0-49D5A48B48F2} (User's SID: 'S-1-5-21-...') ...

DIFXAPP: RETURN: CleanupOnSuccess() 0 (0x0)

 

When we run the installer on a W10 machine, we see that DriverCondition gets set to 1.

However, the x.sys, x.inf, x.cat that gets installed is not the MS signed driver files (but is the driver files we signed ourselves).

 

So, if you are still reading :-), my questions are:

1.	How can I troubleshoot the <Condition> element in the <Component>s?


I am questioning if they are working so I need to somehow validate variable DriverCondition is properly getting analyzed when the Component is getting processed.

2.	If the variable DriverCondition is getting processed correctly, then
I am completely stumped about why DIFXAPP is not looking at it when it processes the Component element.  

I have a sinking feeling that DIFXAPP logic does not look for the Condition element on the Component element and therefore, I have to come up with a different approach.  

 

I thought of variablizing the File elements Source attribute.

I would do this in the CustomAction that is determining/setting the DriverCondition variable.

However, when I search the web for this type of logic, I am coming up empty.

Not to say it cannot be done but if someone has not already attempted it, I worry if it is possible.

Any help here would be greatly appreciated.

Thanks in advance.

 

Anthony LaMark

squadra technologies

http://www.squadratechnologies.com <http://www.squadratechnologies.com/> 

562.221.3079

 


____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/



More information about the wix-users mailing list