📄 readreg.c
字号:
// Registry access routine
/*****************************************************************************
* Change Log
* Date | Change
*-----------+-----------------------------------------------------------------
06-01-97 create log
*****************************************************************************/
/*****************************************************************************
* To DO
*-----------------------------------------------------------------------------
*****************************************************************************/
#define BYTE UCHAR
/*++
Module Name:
ReadReg.c
Abstract:
Author:
Edward Dekker
Environment:
kernel mode only
Notes:
--*/
#include "ntddk.h"
#include "HdwSim.h"
#include "HdwSimIoctl.h"
#include "readReg.h"
//#include "MapMemory.h"
#define DBG_MSG_HDR "HdwSim (readReg)"
NTSTATUS readRegistry(
IN PDRIVER_OBJECT DriverObject, // Driver object
IN PUNICODE_STRING path, // base path to keys
OUT PULONG debugMask, // 32-bit binary debug mask
OUT PULONG eventLog, // Boolean: do we log events?
OUT PULONG shouldBreak, // Boolean: break in DriverEntry?
OUT PULONG interrupt_Line
)
{
//
// We use this to query into the registry as to get initializationa and
// debug information for our driver
//
RTL_QUERY_REGISTRY_TABLE paramTable[7]; // Parameter table
ULONG zero = 0; // default value 0
ULONG one = 1; // default value 1
ULONG sixteenK = 16 * 1024; // default value for 16K
ULONG notConfigurable = 0;
ULONG model30 = 0;
NTSTATUS status = STATUS_UNSUCCESSFUL; // assume failure
// We set these values to their defaults in case there are any failures
KdPrint(("%s: Path = %S\n", DBG_MSG_HDR, path->Buffer));
// We set these values to their defaults in case there are any failures
*debugMask = 0;
*shouldBreak = 0;
RtlZeroMemory(¶mTable[0], sizeof(paramTable)); // mandatory
paramTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
paramTable[0].Name = REG_BREAK ;
paramTable[0].EntryContext = shouldBreak;
paramTable[0].DefaultType = REG_DWORD;
paramTable[0].DefaultData = &zero;
paramTable[0].DefaultLength = sizeof(ULONG);
paramTable[1].Flags = RTL_QUERY_REGISTRY_DIRECT;
paramTable[1].Name = REG_DBG ;
paramTable[1].EntryContext = debugMask;
paramTable[1].DefaultType = REG_DWORD;
paramTable[1].DefaultData = &zero;
paramTable[1].DefaultLength = sizeof(ULONG);
paramTable[2].Flags = RTL_QUERY_REGISTRY_DIRECT;
paramTable[2].Name = REG_EVENT ;
paramTable[2].EntryContext = eventLog;
paramTable[2].DefaultType = REG_DWORD;
paramTable[2].DefaultData = &zero;
paramTable[2].DefaultLength = sizeof(ULONG);
paramTable[3].Flags = RTL_QUERY_REGISTRY_DIRECT;
paramTable[3].Name = REG_DEFAULT_INTLINE ;
paramTable[3].EntryContext = interrupt_Line;
paramTable[3].DefaultType = REG_DWORD;
paramTable[3].DefaultData = &zero;
paramTable[3].DefaultLength = sizeof(ULONG);
if (!NT_SUCCESS( status =
RtlQueryRegistryValues(RTL_REGISTRY_ABSOLUTE | RTL_REGISTRY_OPTIONAL,
path->Buffer,
¶mTable[0],
NULL,
NULL)))
{
// If it failed, it may have partially updated the variables
// The query function quits on the first error
// to ensure that everything is consistent, we reset the values
KdPrint( ("readReg: Failed return uncessful\n") );
*shouldBreak = 0;
*debugMask = 0;
return status;
}
KdPrint( ("%s: shouldBreak = 0x%x\n", DBG_MSG_HDR, *shouldBreak ) );
KdPrint( ("%s: debugMask = 0x%x\n", DBG_MSG_HDR, *debugMask ) );
KdPrint( ("%s: eventLog = 0x%x\n", DBG_MSG_HDR, *eventLog ) );
return ( status);
}
NTSTATUSOpenDevicesKey( IN PWSTR RegistryPathName, OUT PHANDLE DevicesKey)/*++Routine Description : Create a volatile key under this driver's services node to contain the device name list.Arguments : RegistryPathName - registry entry DevicesKey - key to devices key in registryReturn Value : NT status code - STATUS_SUCCESS if no problems--*/{HANDLE hKey;OBJECT_ATTRIBUTES oa;NTSTATUS Status;UNICODE_STRING uStr; RtlInitUnicodeString(&uStr, RegistryPathName); // // First try opening this key // InitializeObjectAttributes(&oa, &uStr, OBJ_CASE_INSENSITIVE, NULL, (PSECURITY_DESCRIPTOR)NULL); Status = ZwOpenKey(&hKey, KEY_CREATE_SUB_KEY, &oa); if (!NT_SUCCESS(Status)) { return Status; } RtlInitUnicodeString(&uStr, DEVICES_SUBKEY); InitializeObjectAttributes(&oa, &uStr, OBJ_CASE_INSENSITIVE, hKey, (PSECURITY_DESCRIPTOR)NULL); Status = ZwCreateKey(DevicesKey, KEY_ALL_ACCESS, &oa, 0, NULL, REG_OPTION_VOLATILE, NULL); ZwClose(hKey); return Status;}
#ifdef NEVERNTSTATUS WriteRegistrySZ( IN PCWSTR RegistryPath, IN PCWSTR ValueName, IN PCWSTR Value)/*++Routine Description : Write the given REG_SZ into the registry using the path and value name supplied by calling RtlWriteRegistryValueArguments : RegistryPath- path to registry key ValueName - name of value to write Value - value to storeReturn Value : NTSTATUS code--*/{NTSTATUS Status; // Writes caller-supplied data into the registry along the specified relative path // at the given value name Status = RtlWriteRegistryValue( RTL_REGISTRY_ABSOLUTE, (LPWSTR)RegistryPath, (LPWSTR)ValueName, REG_SZ, &Value, sizeof(Value)); if (!NT_SUCCESS(Status)) { KdPrint(("Writing parameter %ls to registry failed status %8X", ValueName, Status)); } return Status;}#endif
NTSTATUSWriteRegistryDWORD( IN PCWSTR RegistryPath, IN PCWSTR ValueName, IN ULONG Value)/*++Routine Description : Write the given DWORD into the registry using the path and value name supplied by calling RtlWriteRegistryValueArguments : RegistryPath- path to registry key ValueName - name of value to write Value - value to storeReturn Value :⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -