already running issue

[anotherfinemess84]

have you noticed in some instances it states the intel driver is already running and bails, can you apply a fix for this because it means whatever intel driver is running needs to be unloaded for kdmapper to then work.

also it would be good to have a check in place that kdmapper will only work once to avoid it potentially mapping a driver multiple times.

have you thought of adding cleaning into this kdmapper?

[TheCruZ]

Hi @anotherfinemess84,

When you say that some times the intel driver is already running in the system, is because a previous mapping crash?
The second thing can be easily fixed with a simple mutex, isn't a thing that is so important for everyone and you can try to add it in your own version
About cleaning, the kdmapper already clear the driver name before unload to prevent add it to the MmUnloadedDrivers, and for the PiDDbCacheTable you should do it inside your driver when the vulnerable driver gets unloaded, you can see an example here: https://github.com/TheCruZ/CRZKD/blob/9d500885f3a95ab7c093ba675e95dcd5ec528f29/CRZKD/util.cpp#L194

[anotherfinemess84]

not because of a mapping crash, because of a legitimate intel driver already being loaded. it happens rarely but does happen.

thanks re the rest.

[TheCruZ]

not because of a mapping crash, because of a legitimate intel driver already being loaded. it happens rarely but does happen.

thanks re the rest.

I again think that is a feature that no all people needs, the only thing that I check is here https://github.com/TheCruZ/kdmapper-1803-20H2/blob/cf9e3e65a0c649235bc5f2702ad053b2bd516ad8/kdmapper/service.cpp#L24 to let know the user that there are already a service with the same file name as the intel one, and if you want you can stop that service in that line of code