📄 dvkrnldata.c
字号:
// dvKrnlData.c
//
// Generated by C DriverWizard 3.2.0 (Build 2485)
// Requires DDK Only
// File created on 9/12/2006
//
#include "pch.h"
#include "..\intrface.h"
extern PSERVICE_DESCRIPTOR_TABLE KeServiceDescriptorTable;
// global data
DVKRNLDATA_DATA g_Data;
///////////////////////////////////////////////////////////////////////////////////////////////////
// DriverEntry
// Installable driver initialization entry point.
// This entry point is called directly by the I/O system.
//
// Arguments:
// IN DriverObject
// pointer to the driver object
//
// IN RegistryPath
// pointer to a unicode string representing the path,
// to driver-specific key in the registry.
//
// Return Value:
// Status
//
NTSTATUS DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
NTSTATUS status;
PDEVICE_OBJECT deviceObject;
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
UNICODE_STRING ntName;
UNICODE_STRING win32Name;
dvKrnlDataDebugPrint(DBG_INIT, DBG_TRACE, __FUNCTION__"++");
dvKrnlDataDebugPrint(DBG_INIT, DBG_INFO, "Compiled at %s on %s", __TIME__, __DATE__);
#ifdef DBG
// DbgBreakPoint();
#endif
RtlZeroMemory(&g_Data, sizeof(DVKRNLDATA_DATA));
// save registry path
g_Data.RegistryPath.Length = RegistryPath->Length;
g_Data.RegistryPath.MaximumLength = RegistryPath->Length + sizeof(UNICODE_NULL);
g_Data.RegistryPath.Buffer = (PWCHAR)ExAllocatePoolWithTag(
PagedPool,
g_Data.RegistryPath.MaximumLength,
DVKRNLDATA_POOL_TAG
);
if(g_Data.RegistryPath.Buffer == NULL)
{
status = STATUS_INSUFFICIENT_RESOURCES;
dvKrnlDataDebugPrint(DBG_INIT, DBG_ERR, __FUNCTION__": Failed to allocate memory for RegistryPath");
return status;
}
RtlCopyUnicodeString(&g_Data.RegistryPath, RegistryPath);
// setup our dispatch function table in the driver object
DriverObject->MajorFunction[IRP_MJ_CREATE] = dvKrnlDataCreateDispatch;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = dvKrnlDataCloseDispatch;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = dvKrnlDataDeviceIoControlDispatch;
DriverObject->MajorFunction[IRP_MJ_READ] = dvKrnlDataReadDispatch;
DriverObject->MajorFunction[IRP_MJ_WRITE] = dvKrnlDataWriteDispatch;
DriverObject->MajorFunction[IRP_MJ_SHUTDOWN] = dvKrnlDataShutdownDispatch;
DriverObject->DriverUnload = dvKrnlDataUnload;
// initialize device name
RtlInitUnicodeString(&ntName, L"\\Device\\dvKrnlDataDevice");
// Create our function device object.
status = IoCreateDevice(
DriverObject,
sizeof(DVKRNLDATA_DEVICE_EXTENSION),
&ntName,
FILE_DEVICE_UNKNOWN,
0,
FALSE,
&deviceObject
);
if(!NT_SUCCESS (status))
{
ExFreePool(g_Data.RegistryPath.Buffer);
g_Data.RegistryPath.Buffer = NULL;
dvKrnlDataDebugPrint(DBG_INIT, DBG_ERR, __FUNCTION__"--. STATUS %x", status);
return status;
}
// Initialize the device extension.
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)deviceObject->DeviceExtension;
// Zero the memory
RtlZeroMemory(deviceExtension, sizeof(DVKRNLDATA_DEVICE_EXTENSION));
// save our device object pointer
deviceExtension->DeviceObject = deviceObject;
// This flag sets the buffering method for reads and writes
// to METHOD_BUFFERED. IOCTLs are handled by IO control codes
// independent of the value of this flag.
deviceObject->Flags |= DO_BUFFERED_IO;
RtlInitUnicodeString(&win32Name, L"\\??\\dvKrnlDataDevice");
status = IoCreateSymbolicLink(&win32Name, &ntName);
if(!NT_SUCCESS(status))
{
IoDeleteDevice(deviceObject);
ExFreePool(g_Data.RegistryPath.Buffer);
g_Data.RegistryPath.Buffer = NULL;
return status;
}
IoRegisterShutdownNotification(deviceObject);
dvKrnlDataDebugPrint(DBG_INIT, DBG_TRACE, __FUNCTION__"--. STATUS %x", status);
return status;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataCreateDispatch
// Dispatch routine for IRP_MJ_CREATE requests.
//
// Arguments:
// IN DeviceObject
// pointer to the device object for our device
//
// IN Irp
// the create IRP
//
// Return Value:
// NT status code.
//
NTSTATUS dvKrnlDataCreateDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
NTSTATUS status;
dvKrnlDataDebugPrint(DBG_CREATECLOSE, DBG_TRACE, __FUNCTION__"++. IRP %p", Irp);
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
InterlockedIncrement(&deviceExtension->OpenHandleCount);
status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
dvKrnlDataDebugPrint(DBG_CREATECLOSE, DBG_TRACE, __FUNCTION__"--. IRP %p, STATUS %x", Irp, status);
return status;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataCloseDispatch
// Dispatch routine for IRP_MJ_CLOSE requests.
//
// Arguments:
// IN DeviceObject
// pointer to the device object for our device
//
// IN Irp
// the close IRP
//
// Return Value:
// NT status code.
//
NTSTATUS dvKrnlDataCloseDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
NTSTATUS status;
dvKrnlDataDebugPrint(DBG_CREATECLOSE, DBG_TRACE, __FUNCTION__"++. IRP %p", Irp);
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
Irp->IoStatus.Status = status;
IoCompleteRequest (Irp, IO_NO_INCREMENT);
InterlockedDecrement(&deviceExtension->OpenHandleCount);
dvKrnlDataDebugPrint(DBG_CREATECLOSE, DBG_TRACE, __FUNCTION__"--. IRP %p, STATUS %x", Irp, status);
return status;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataUnload
// Driver unload callback.
//
// Arguments:
// IN DriverObject
// pointer to the driver object
//
// Return Value:
// none
//
VOID dvKrnlDataUnload(
IN PDRIVER_OBJECT DriverObject
)
{
UNICODE_STRING win32Name;
dvKrnlDataDebugPrint(DBG_UNLOAD, DBG_TRACE, __FUNCTION__"++");
RtlInitUnicodeString(&win32Name, L"\\??\\dvKrnlDataDevice");
IoDeleteSymbolicLink(&win32Name);
IoUnregisterShutdownNotification(DriverObject->DeviceObject);
IoDeleteDevice(DriverObject->DeviceObject);
// The device object(s) should be NULL now
// (since we unload, all the devices objects associated with this
// driver must be deleted.
ASSERT(DriverObject->DeviceObject == NULL);
// We should not be unloaded until all the devices we control
// have been removed from our queue.
// release memory block allocated for registry path
if (g_Data.RegistryPath.Buffer != NULL)
{
ExFreePool(g_Data.RegistryPath.Buffer);
g_Data.RegistryPath.Buffer = NULL;
}
dvKrnlDataDebugPrint(DBG_UNLOAD, DBG_TRACE, __FUNCTION__"--");
return;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataReadDispatch
// Dispatch routine for IRP_MJ_READ requests.
//
// Arguments:
// IN DeviceObject
// pointer to the device object for our device
//
// IN Irp
// the read IRP
//
// Return Value:
// NT status code.
//
NTSTATUS dvKrnlDataReadDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status;
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
PIO_STACK_LOCATION irpStack;
PVOID readBuffer;
ULONG readLength;
dvKrnlDataDebugPrint(DBG_IO, DBG_TRACE, __FUNCTION__"++. IRP %p", Irp);
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
// Get our IRP stack location
irpStack = IoGetCurrentIrpStackLocation(Irp);
// Get the read buffer length
readLength = irpStack->Parameters.Read.Length;
if (readLength == 0)
{
// just complete 0 length request
status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
dvKrnlDataDebugPrint(DBG_IO, DBG_WARN, __FUNCTION__"--. IRP %p, STATUS %x", Irp, status);
return status;
}
readBuffer = Irp->AssociatedIrp.SystemBuffer;
status = STATUS_NOT_IMPLEMENTED;
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = 0;
IoCompleteRequest (Irp, IO_NO_INCREMENT);
dvKrnlDataDebugPrint(DBG_IO, DBG_TRACE, __FUNCTION__"--. IRP %p STATUS %x", Irp, status);
return status;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataWriteDispatch
// Dispatch routine for IRP_MJ_WRITE requests.
//
// Arguments:
// IN DeviceObject
// pointer to the device object for our device
//
// IN Irp
// the write IRP
//
// Return Value:
// NT status code.
//
NTSTATUS dvKrnlDataWriteDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status;
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
PIO_STACK_LOCATION irpStack;
PVOID writeBuffer;
ULONG writeLength;
dvKrnlDataDebugPrint(DBG_IO, DBG_TRACE, __FUNCTION__"++. IRP %p", Irp);
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
// Get our IRP stack location
irpStack = IoGetCurrentIrpStackLocation(Irp);
// Get the write buffer length
writeLength = irpStack->Parameters.Write.Length;
if (writeLength == 0)
{
// just complete 0 length request
status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
dvKrnlDataDebugPrint(DBG_IO, DBG_WARN, __FUNCTION__"--. IRP %p, STATUS %x", Irp, status);
return status;
}
writeBuffer = Irp->AssociatedIrp.SystemBuffer;
status = STATUS_NOT_IMPLEMENTED;
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = 0;
IoCompleteRequest (Irp, IO_NO_INCREMENT);
dvKrnlDataDebugPrint(DBG_IO, DBG_TRACE, __FUNCTION__"--. IRP %p STATUS %x", Irp, status);
return status;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// dvKrnlDataDeviceIoControlDispatch
// Dispatch routine for IRP_MJ_DEVICE_CONTROL requests.
//
// Arguments:
// IN DeviceObject
// pointer to the device object for our device
//
// IN Irp
// the device i/o control IRP
//
// Return Value:
// NT status code.
//
NTSTATUS dvKrnlDataDeviceIoControlDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PIO_STACK_LOCATION irpStack;
NTSTATUS status;
PDVKRNLDATA_DEVICE_EXTENSION deviceExtension;
PVOID inputBuffer;
ULONG inputLength;
PVOID outputBuffer;
ULONG outputLength;
DWORD dwRealLen = 0;
dvKrnlDataDebugPrint(DBG_IO, DBG_TRACE, __FUNCTION__"++. IRP %p", Irp);
deviceExtension = (PDVKRNLDATA_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
// Get our IRP stack location
irpStack = IoGetCurrentIrpStackLocation(Irp);
// Get the buffer lengths
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -