chikago.c

这是一本学习 window编程的很好的参考教材

//////////////////////////////////////////////////////////////////////
// Chikago.c
//
// Main VxD source file. 

#include "VxBuild.h" 
//this header file is in INCLUDE dir. of supplied code
// Dont forget to add the apropriate libraries from LIB dir. too.. 

#include "Chikintr.h"
#include "Ldata.h"
#include "Lcode.h"

/* Following defination are not found in many SDK/DDK ... krishnaa Added them.*/

#define ON_CREATE_PROCESS(f) case CREATE_PROCESS: \
	f((PTCB)r_edx);								\
	{_asm cmp eax, 1}							\
	return;

#define ON_DESTROY_PROCESS(f) case DESTROY_PROCESS: \
  f((PTCB)r_edx); \
  break;
struct APCDataXX
{
	
  DWORD dwThreadOrProcess; // Which one Thread or Process
  DWORD dwCreated; // What happened , created or destroyed
  DWORD dwIdDATA; // What PID /TID ??
} ;
typedef struct APCDataXX APCDataX;

PVOID FunctionEventAPC = 0;	// User mode function to call on event.

DWORD TheThreadT = 0;		// User Mode Thread 


// Prototypes
BOOL OnSysDynamicDeviceInit();
BOOL OnSysDynamicDeviceExit();
DWORD OnW32DeviceIoControl(ULONG dwService, DWORD dwDDB,
    DWORD hDevice, struct DIOCParams* lpDIOCParms);	

void OnProcessCreate(DWORD pid);
void OnCreateThread(DWORD tid);
void OnDestroyProcess(DWORD);
void OnDestroyThread(DWORD );
// Device Descriptor Block (DDB)
DECLARE_VIRTUAL_DEVICE_7('C','H','I','K','A','G','O')
// System control message dispatch map
BEGIN_DISPATCH_MAP
    ON_SYS_DYNAMIC_DEVICE_INIT(OnSysDynamicDeviceInit)
    ON_SYS_DYNAMIC_DEVICE_EXIT(OnSysDynamicDeviceExit)
    ON_W32_DEVICEIOCONTROL(OnW32DeviceIoControl)
	ON_CREATE_PROCESS(OnProcessCreate)
	ON_CREATE_THREAD(OnCreateThread)
	ON_DESTROY_THREAD(OnDestroyThread)
	ON_DESTROY_PROCESS(OnDestroyProcess)
END_DISPATCH_MAP 

/////////////////// OnSysDynamicDeviceInit()
//
// Control message handler called when VxD is loaded.
//
// Return Value
//
//    Returns TRUE if successful; FALSE to abort loading.

BOOL OnSysDynamicDeviceInit()
{

    return TRUE;
}

/////////////////// OnSysDynamicDeviceExit()
//
// Control message handler called when VxD is unloaded.

BOOL OnSysDynamicDeviceExit()
{
    return TRUE;
}

/////////////////// OnW32DeviceIoControl()
//
// Handler for DeviceIoControl, CreateFile, and CloseHandle calls 
// from Win32 apps and DLLs.
//
// Return Value
//
//    Returns 0 if successful, -1 if request is pending, or 
//    an error code.

DWORD OnW32DeviceIoControl(ULONG dwService, DWORD dwDDB,
    DWORD hDevice, struct DIOCParams* lpDIOCParms)
{
    DWORD dwRet = 0;

    switch (dwService)
    {
    case DIOC_OPEN: // CreateFile call
		_Debug_Printf_Service("Created Handle to Chikago driver!\n");break;
    case DIOC_CLOSEHANDLE: 
		_Debug_Printf_Service("Closed Handle to Chikago driver!\n");
		// CloseHandle call
        dwRet = 0;  // Return success
        break;

    case IOCTL_TEST:
        // TODO: Process request
		_Debug_Printf_Service("Chikago Obtained APC func address.!\n");
        if (lpDIOCParms->lpcbBytesReturned)
            *((PDWORD)(lpDIOCParms->lpcbBytesReturned)) = 0;
		FunctionEventAPC=*((PVOID*)lpDIOCParms->lpvInBuffer ); //Take Function address.
		TheThreadT=Get_Cur_Thread_Handle(); // Store the Thread handle for APC queueing. The APC will be qued in this thread.
        dwRet = 0;
        break;

	case IOCTL_RELEASE:
		_Debug_Printf_Service("Release Memory Called %d\n",0);
		_HeapFree(*(PVOID*)lpDIOCParms->lpvInBuffer,0); // Release memory
    default:
        dwRet = 1;
        break;
    }

    return dwRet;
}

void OnProcessCreate(DWORD pid)
{
	APCDataX * apm;
	apm=(APCDataX*)_HeapAllocate(sizeof(APCDataX),0);
	apm->dwCreated =TRUE; //Creation
	apm->dwIdDATA =pid;
	apm->dwThreadOrProcess =TRUE; // Process
	
	_Debug_Printf_Service("%d Process Created\n",pid);
	_VWIN32_QueueUserApc(FunctionEventAPC,(DWORD)apm,TheThreadT);
}

void OnCreateThread(DWORD tid)
{
	APCDataX * apm;
	apm=(APCDataX*)_HeapAllocate(sizeof(APCDataX),0);
	apm->dwCreated =TRUE; // It's Created
	apm->dwIdDATA =tid;
	apm->dwThreadOrProcess =FALSE;// False means it's Thread
	
	_Debug_Printf_Service("%d Thread Created\n",tid);
	_VWIN32_QueueUserApc(FunctionEventAPC,(DWORD)apm,TheThreadT);

}

void OnDestroyProcess(DWORD pid)
{
	APCDataX * apm;
	apm=(APCDataX*)_HeapAllocate(sizeof(APCDataX),0);
	apm->dwCreated =FALSE;// FALSE means it's Destroyed
	apm->dwIdDATA =pid;
	apm->dwThreadOrProcess =TRUE;//It's a Process
	_Debug_Printf_Service("%d Process Destroyed\n",pid);
	_VWIN32_QueueUserApc(FunctionEventAPC,(DWORD)apm,TheThreadT);

}
void OnDestroyThread(DWORD tid)
{

	APCDataX * apm;
	apm=(APCDataX*)_HeapAllocate(sizeof(APCDataX),0);
	apm->dwCreated =FALSE; // FALSE means it's Destroyed
	apm->dwIdDATA =tid;
	apm->dwThreadOrProcess =FALSE; // False means it's Thread
	_Debug_Printf_Service("%d Thread Destroyed\n",tid); 
	_VWIN32_QueueUserApc(FunctionEventAPC,(DWORD)apm,TheThreadT);

}