📄 vxd-e6.html
字号:
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Author" content="Iczelion">
<meta name="GENERATOR" content="Mozilla/4.7 [en] (Win98; I) [Netscape]">
<title>Dynamic VxD and DeviceIoControl Interface</title>
</head>
<body text="#FFFFFF" bgcolor="#000080" link="#FFFF00" vlink="#8080FF" alink="#FF00FF">
<center>
<h1>
<font face="Arial,Helvetica"><font color="#FFFF99">DeviceIoControl Interface</font></font></h1></center>
<font face="Arial,Helvetica"><font size=-1>We will learn about dynamic
VxD in this tutorial. Specifically, we will learn how to create, load and
use them.</font></font>
<br><font face="Arial,Helvetica"><font size=-1>Download the example <a href="files/shellmsg.zip">here</a>.</font></font>
<h3>
<font face="Arial,Helvetica"><font color="#66FFFF"><font size=+0>VxD Interfaces</font></font></font></h3>
<font face="Arial,Helvetica"><font size=-1>There are a total of 4 interfaces
that VxD provides.</font></font>
<ul>
<li>
<b><font face="Arial,Helvetica"><font color="#66FF99"><font size=-1>VxD
services</font></font></font></b></li>
<li>
<b><font face="Arial,Helvetica"><font color="#66FF99"><font size=-1>V86
Interface</font></font></font></b></li>
<li>
<b><font face="Arial,Helvetica"><font color="#66FF99"><font size=-1>Protected-mode
(PM) Interface</font></font></font></b></li>
<li>
<b><font face="Arial,Helvetica"><font color="#66FF99"><font size=-1>Win32
DeviceIoControl Interface</font></font></font></b></li>
</ul>
<font face="Arial,Helvetica"><font size=-1>We already know about VxD services.
V86 and PM interfaces are functions that are callable from V86 and PM applications
respectively. Since V86 and PM applications are 16-bit, we cannot use those
two interfaces from a win32 application. With Windows 95, Microsoft adds
an another interface for win32 applications so they can call on the services
of VxDs: <b><font color="#FFFF99">DeviceIoControl</font></b> Interface.</font></font>
<h3>
<font face="Arial,Helvetica"><font color="#66FFFF"><font size=+0>DeviceIoControl
Interface</font></font></font></h3>
<font face="Arial,Helvetica"><font size=-1>To put it simply, the <b><font color="#FFFF99">DeviceIoControl</font></b>
interface is a way for win32 applications to call functions inside VxDs.
Don't confuse functions called via <b><font color="#FFFF99">DeviceIoControl</font></b>
with VxD services: they are not the same. For example, DeviceIoControl
function 1 may not be the same as VxD service 1. You should think of DeviceIoControl
functions as a separate group of functions, provided for use by win32 applications
only.</font></font>
<br><font face="Arial,Helvetica"><font size=-1>Since it's an interface,
there are two sides:</font></font>
<h3>
<font face="Arial,Helvetica"><font size=-1>On the win32 application side:</font></font></h3>
<font face="Arial,Helvetica"><font size=-1>It has to call <b><font color="#FFFF99">CreateFile</font></b>
to open/load the VxD first. If the call is successful, the VxD will be
in memory and <b><font color="#FFFF99">CreateFile</font></b> returns the
handle to the VxD in eax.</font></font>
<br><font face="Arial,Helvetica"><font size=-1>Next you call <b><font color="#FFFF99">DeviceIoControl</font></b>
API function to select the function to execute. <b><font color="#FFFF99">DeviceIoControl</font></b>
has the following syntax:</font></font>
<ul><b><font face="Arial,Helvetica"><font size=-1>DeviceIoControl PROTO
hDevice:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
dwIoControlCode:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
lpInBuffer:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
nInBufferSize:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
lpOutBuffer:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
nOutBufferSize:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
lpBytesReturned:DWORD,\</font></font></b>
<br><b><font face="Arial,Helvetica"><font size=-1>
lpOverlapped:DWORD</font></font></b>
<br>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">hDevice
</font></b>is
the handle of the VxD returned from CreateFile</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">dwIoControlCode
</font></b>is
the value that specifies the operation the VxD should perform. You must
somehow obtain the list of possible dwIoControlCode values for a VxD before
you know what operation you should select. But most of the time, you're
the one who codes the VxD so you <i><font color="#FFCC33">know </font></i>the
list of all possible dwIoControlCode values.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">lpInBuffer</font></b>
is the address of the buffer that contains the data the VxD needs to use
to perform the operation specified in dwIoControlCode. If the operation
doesn't need data, you can pass<b><font color="#FFFF99"> NULL</font></b>.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">nInBufferSize</font></b>
is the size, in bytes, of the data in the buffer pointed to by <b><font color="#66FF99">lpInBuffer</font></b>.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">lpOutBuffer
</font></b>is
the address of the buffer that the VxD will fill with the output data when
the operation is successful. If the operation doesn't have any data to
return, this field can be <b><font color="#FFFF99">NULL</font></b>.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">nOutBufferSize</font></b>
is the size, in bytes, of the buffer pointed to by <b><font color="#66FF99">lpOutBuffer</font></b></font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">lpBytesReturned</font></b><font color="#FFFFFF">
is the address of a dword variable that will receive the size of data the
VxD filled into </font><b><font color="#66FF99">lpOutBuffer</font></b><font color="#FFFFFF">.</font></font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">lpOverlapped</font></b><font color="#FFFFFF">
is the address of the </font><b><font color="#FFFF99">OVERLAPPED </font></b><font color="#FFFFFF">structure
if you want the operation to be asynchronous. If you want to wait until
the operation is finished, put </font><b><font color="#FFFF99">NULL</font></b><font color="#FFFFFF">
in this field.</font></font></font></li>
</ul>
<h3>
<font face="Arial,Helvetica"><font size=-1>On the VxD side:</font></font></h3>
<font face="Arial,Helvetica"><font size=-1>It <b><font color="#FFFF99">must</font></b>
process <b><font color="#FFFF99">w32_deviceIoControl</font></b> message.
When the VxD receives w32_deviceIoControl message, its registers have the
following values:</font></font>
<ul>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#FFFF99">ebx
</font></b>contains the VM handle.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#FFFF99">esi
</font></b>is
the pointer to <b><font color="#66FF99">DIOCParams</font></b> structure
which contains information passed from the win32 application.</font></font></li>
</ul>
<font face="Arial,Helvetica"><font size=-1><b><font color="#FFFF99">DIOCParams</font></b>
is defined as follows:</font></font>
<ul><b><tt>DIOCParams <font color="#FFCC33">STRUC</font></tt></b>
<br><b><tt> <font color="#FFFF99">Internal1 </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> VMHandle </font>
DD ?</tt></b>
<br><b><tt> <font color="#FFFF99">Internal2 </font>
DD ?</tt></b>
<br><b><tt> <font color="#FFFF99">dwIoControlCode </font>
DD ?</tt></b>
<br><b><tt> <font color="#FFFF99">lpvInBuffer </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> cbInBuffer </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> lpvOutBuffer </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> cbOutBuffer </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> lpcbBytesReturned
</font>DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> lpoOverlapped </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> hDevice </font>
DD ?</tt></b>
<br><b><tt><font color="#FFFF99"> tagProcess </font>
DD ?</tt></b>
<br><b><tt>DIOCParams <font color="#FFCC33">ENDS</font></tt></b>
<br>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">Internal1</font></b>
is the pointer to the client register structure of the win32 application</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">VMHandle
</font></b>no
explanation needed</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">Internal2
</font></b>is
the pointer to device descriptor block (DDB)</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">dwIoControlCode,
lpvInBuffer, cbInBuffer, lpvOutBuffer, cbOutBuffer, lpcbBytesReturned,
lpOverlapped</font></b> are the parameters that were passed to DeviceIoControl
API call.</font></font></li>
<li>
<font face="Arial,Helvetica"><font size=-1><b><font color="#66FF99">hDevice</font></b>
is the ring-3 device handle</font></font></li>
<li>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -