Jump to content

Artificial AMD driver block on Windows 8.0


greenhillmaniac

Recommended Posts

Starting in 2016 AMD drivers stopped working on Windows 8.0, giving a BSOD with the following message: KERNEL_SECURITY_CHECK_FAILURE.

This seems to be an artificial block imposed by AMD, because the drivers work just fine in Windows 7 and Windows 8.1 and the BSOD occurs when the driver has already adjusted to the screen resolution of my monitor (switching from the default 1024x720). It's a shame really, because previous driver versions worked great, with the Radeon Control Panel, Vulkan and video acceleration all working fine with WDDM 1.2!

My question to anyone with enough knowledge on this subject: is there a way to remove this artificial block? Any tools you might recomend for me to trace this issue and possibly fix it?

Also, please don't come with the useless response of "Just use the older version" because that's not the point. The point is to extend the longevity of NT 6.2, seeing new driver versions support new GPUs (for example, the recently released RX Vega is not compatible with Windows 8.0 because of this driver block).

Edited by greenhillmaniac
Link to comment
Share on other sites


At what point does this bugcheck happen?

Try installing with Driver Signature Enforcement disabled.

https://docs.microsoft.com/en-us/windows-hardware/drivers/install/installing-an-unsigned-driver-during-development-and-test

There are always revisions required for an OS to read newer digital certificates. For example when servicing images, some digital certificates are not usable on Windows 7 or Server 2008 R2 OS, and can only be used in servicing from a Windows 8.1/2012 R2 client. Microsoft realised the issue with this and they had updated the DISM tool to allow servicing of modern drivers with legacy OS by doing the work but showing a message. However, in the time before this, it was revealed that something had changed in the digital signatures of files that it was not possible to use them on the older OS, as MS had no plans to update those OS with the support for them.

Link to comment
Share on other sites

1 hour ago, Tripredacus said:

At what point does this bugcheck happen?

Try installing with Driver Signature Enforcement disabled.

https://docs.microsoft.com/en-us/windows-hardware/drivers/install/installing-an-unsigned-driver-during-development-and-test

Doesn't work. Booted with Driver Signature Enforcement disabled and the same BSOD happened. Even edited the INF file to see if it did anything.

1 hour ago, Tripredacus said:

There are always revisions required for an OS to read newer digital certificates. For example when servicing images, some digital certificates are not usable on Windows 7 or Server 2008 R2 OS, and can only be used in servicing from a Windows 8.1/2012 R2 client. Microsoft realised the issue with this and they had updated the DISM tool to allow servicing of modern drivers with legacy OS by doing the work but showing a message. However, in the time before this, it was revealed that something had changed in the digital signatures of files that it was not possible to use them on the older OS, as MS had no plans to update those OS with the support for them.

I don't think this is an issue, because the driver was designed for Windows 7.

Link to comment
Share on other sites

For anyone willing, I have a MiniDump file of the BSOD. I was trying to analyze it, and it says the error was with dxgkrnl.sys? Seems weird, considering it's a system file...

MiniDump contents:


Microsoft (R) Windows Debugger Version 10.0.17016.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\John\Downloads\110617-37484-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*
Executable search path is: 
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9200.16384.amd64fre.win8_rtm.120725-1247
Machine Name:
Kernel base = 0xfffff801`fe206000 PsLoadedModuleList = 0xfffff801`fe4d0a60
Debug session time: Mon Nov  6 16:31:18.127 2017 (UTC + 0:00)
System Uptime: 0 days 0:04:21.807
Loading Kernel Symbols
...............................................................
................................................................
..........
Loading User Symbols
Loading unloaded module list
..............
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 139, {3, fffff88004ef9dd0, fffff88004ef9d28, 0}

Probably caused by : dxgkrnl.sys ( dxgkrnl!DXGCONTEXT::SubmitPresentHistoryToken+1ef )

Followup:     MachineOwner
---------

nt!KeBugCheckEx:
fffff801`fe281040 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffff880`04ef9ab0=0000000000000139

 

110617-37484-01.dmp

Link to comment
Share on other sites

First thing I can think of, regarding this:

The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

and from your post:

SubmitPresentHistoryToken

is this CVE MS16-062:

https://technet.microsoft.com/en-us/library/security/ms16-062.aspx

But I see there is no fix in 8.0 for this, only 8.1. You can try it:

https://www.microsoft.com/en-us/download/details.aspx?id=52235

Link to comment
Share on other sites

57 minutes ago, Tripredacus said:

is this CVE MS16-062:

https://technet.microsoft.com/en-us/library/security/ms16-062.aspx

But I see there is no fix in 8.0 for this, only 8.1. You can try it:

https://www.microsoft.com/en-us/download/details.aspx?id=52235

Welp, there's a Server 2012 version, which means there is a version for Windows 8.0 :D

I'll try it and report back.

Link to comment
Share on other sites

The update looks to only have changed win32k.sys. DirectX is causing this crash which may mean that Microsoft only "fixed" this issue by preventing any payload from being executed, rather than preventing the overrun in the first place.

I have found that your dxgkrnl.sys should be version 6.2.9200.21831 (For Server 2012) or newer. There is no detection details or information relating specifically to Windows 8.0. See what yours is. Perhaps another update is still needed.

But I wouldn't jump to the conclusion that there is something blocking and it is caused by AMD. They wouldn't go through the trouble of creating a driver/installer that crashes the OS when they could just read from the registry to determine what the OS is and present a messagebox instead. Instead, what I suspect is the issue is that these drivers are created using a newer method that is available in the other OSes but not 8.0 because 8.0 was not updated to support it. Or that the AMD driver would install a pre-requisite (say if you were to install this on a newly installed/unpatched Windows 7) if it found some piece was needed, but is not executed because your OS (Windows 8.0) is not seen as being supported. Or perhaps it is, but the files it tried to install do not actually install because of the version difference and then not show an error.

I need to ask, IDK if I did before. When exactly do you get this message? Is it during installation, after installation before reboot, or on reboot?

If this driver is something you downloaded from online, provide a link to it (on an AMD or ODM website) so that I can see what it looks like. Also see if there is any log files that the AMD installer made on your system.

Link to comment
Share on other sites

4 hours ago, Tripredacus said:

I need to ask, IDK if I did before. When exactly do you get this message? Is it during installation, after installation before reboot, or on reboot?

If this driver is something you downloaded from online, provide a link to it (on an AMD or ODM website) so that I can see what it looks like. Also see if there is any log files that the AMD installer made on your system.

Yeah, I should've probably been more explicit on this...

I'm trying to install the AMD Radeon Crimson 17.9.3 (the latest WHQL drivers available) and I'm trying to install them through the Device Manager, linking directly to the INF fille.

The BSOD happens after the driver files have copied, when the screen is shifting resolutions (and you even hear the W8 sounds of hardware being unplugged and plugged, indicating the GPU is being installed). After that the BSOD appears on my desktop resolution of 1920x1080. I don't even get to see the desktop on its full resolution. As soon as the screen is changing resolutions the BSOD happens.

Here's the link to the driver. I extracted the files from the .exe with 7-Zip and used the INF in \Packages\Drivers\Display\W76A_INF\C7318501.inf

https://www2.ati.com/drivers/beta/whql-radeon-software-crimson-relive-17.9.3-win7-64bit-oct2.exe

3 hours ago, JodyT said:

I haven't read everything, but does the 2012 version install?

Yeah. It was part of the May 2016 Patch Tuesday, which you installed just fine back then :)

Link to comment
Share on other sites

Maybe it was a temp link... Here's the driver's article page (I'm using the W7 x64 version, BTW): http://support.amd.com/en-us/kb-articles/Pages/Radeon-Software-Crimson-ReLive-Edition-17.9.3-Release-Notes.aspx

I have a R9 380 4Gb version with the following driver ID: PCI\VEN_1002&DEV_6939

Edited by greenhillmaniac
Link to comment
Share on other sites

4 hours ago, Tripredacus said:

Do you know of a known working version number? You say that in 2017 they stopped working but before they did. What is a known working one?

The last branch of drivers to work with Windows 8 was the 16.30, which means the Radeon 16.7.3 work great (tested it just now. The drivers install through device manager just fine. No need to disable driver signature enforcement).

Link: http://www.guru3d.com/files-details/amd-radeon-software-crimson-16-7-3-whql-driver-download.html

Link to comment
Share on other sites

There are only 2 main changes in the INF for ati2mtag_Tonga, which is the ID tag that the HardwareID you posted belongs to.

Using this reference:
C7318501.inf (22.19.677.257)
coinst_17.30.dll

HKR,, DALNonStandardModesBCD1, %REG_BINARY%,08,00,04,80,00,00,00,60,10,24,06,00,00,00,00,60,12,80,07,68,00,00,00,60,14,00,10,50,00,00,00,60,13,66,07,68,00,00,00,60,13,66,07,68,00,00,00,75,13,66,07,68,00,00,00,85,13,60,07,68,00,00,00,60
HKR,, DALNonStandardModesBCD2, %REG_BINARY%,13,60,07,68,00,00,00,75,13,60,07,68,00,00,00,85

C7305077.inf (16.300.2311.0000)
coinst_16.30.dll

HKR,, DALNonStandardModesBCD1, %REG_BINARY%,13,60,07,68,00,00,00,60,13,60,07,68,00,00,00,75,13,60,07,68,00,00,00,85,13,66,07,68,00,00,00,60,13,66,07,68,00,00,00,75,13,66,07,68,00,00,00,85,08,00,04,80,00,00,00,60,10,24,06,00,00,00,00,60
HKR,, DALNonStandardModesBCD2, %REG_BINARY%,12,80,07,68,00,00,00,60,14,00,10,50,00,00,00,60

The other difference between the two INF is that each use a different CoInstaller file, which I put above. You can find where the INF installs these files in the [Coinstaller_Copyfiles] section.

I read that these registry settings contain resolution and refresh rate and whatever else, but I do not know how to decode them. I suppose you could try to change those 3 lines (from the old to new) that are different and see... but any changing of the INF will break the digital signature and may be a worse headache.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...