functions.c

This the fourth edition of the Writing Device Drivers articles. This article will introduce the idea

/**********************************************************************
 * 
 *  Toby Opferman
 *
 *  Driver Example
 *
 *  This example is for educational purposes only.  I license this source
 *  out for use in learning how to write a device driver.
 *
 *     Driver Functionality
 **********************************************************************/

#define _X86_ 

#include <wdm.h>
#include "examplefilter.h"
#include <public.h>

/**********************************************************************
 * Internal Functions
 **********************************************************************/
NTSTATUS ExampleFilter_CompletionRoutine(PDEVICE_OBJECT DeviceObject, PIRP Irp, PVOID Context);
NTSTATUS ExampleFilter_FixNullString(PCHAR pString, UINT uiSize);

#pragma alloc_text(PAGE, ExampleFilter_CompletionRoutine)
#pragma alloc_text(PAGE, ExampleFilter_IoControlInternal)
#pragma alloc_text(PAGE, ExampleFilter_Create) 
#pragma alloc_text(PAGE, ExampleFilter_Close) 
#pragma alloc_text(PAGE, ExampleFilter_IoControl) 
#pragma alloc_text(PAGE, ExampleFilter_Read)
#pragma alloc_text(PAGE, ExampleFilter_Write)
#pragma alloc_text(PAGE, ExampleFilter_UnSupportedFunction)
                                

/**********************************************************************
 * 
 *  ExampleFilter_Create
 *
 *    This is called when an instance of this driver is created (CreateFile)
 *
 **********************************************************************/
NTSTATUS ExampleFilter_Create(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    NTSTATUS NtStatus = STATUS_SUCCESS;
    PEXAMPLE_FILTER_EXTENSION pExampleFilterDeviceContext = (PEXAMPLE_FILTER_EXTENSION)DeviceObject->DeviceExtension;
    PIO_STACK_LOCATION pIoStackIrp = NULL;

    DbgPrint("ExampleFilter_Create Called \r\n");

    /*
     * We do not want to process this IRP, we simply want to send it down to the next driver.
     * We use IoSkipCurrentIrpStackLocation() since we do not want to set a completion routine.
     *
     * We should not complete this IRP!  Once we pass it down we must forget about it.
     */

    IoSkipCurrentIrpStackLocation(Irp);

   /*
    * IoCallDriver() simply calls the appropriate entry point in the driver object associated
    * with the device object.  This is how drivers are basically "chained" together, they must know
    * that there are lower driver so they can perform the appropriate action and send down the IRP.
    *
    * They do not have to send the IRP down they could simply process it completely themselves if they wish.
    */

    NtStatus = IoCallDriver(pExampleFilterDeviceContext->pNextDeviceInChain, Irp);

    DbgPrint("ExampleFilter_Create Exit 0x%0x \r\n", NtStatus);
    return NtStatus;
}


/**********************************************************************
 * 
 *  ExampleFilter_Close
 *
 *    This is called when an instance of this driver is closed (CloseHandle)
 *
 **********************************************************************/
NTSTATUS ExampleFilter_Close(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    NTSTATUS NtStatus = STATUS_SUCCESS;
    PEXAMPLE_FILTER_EXTENSION pExampleFilterDeviceContext = (PEXAMPLE_FILTER_EXTENSION)DeviceObject->DeviceExtension;
    PIO_STACK_LOCATION pIoStackIrp = NULL;

    DbgPrint("ExampleFilter_Close Called \r\n");


    /*
     * We do not want to process this IRP, we simply want to send it down to the next driver.
     * We use IoSkipCurrentIrpStackLocation() since we do not want to set a completion routine.
     *
     * We should not complete this IRP!  Once we pass it down we must forget about it.
     */

    IoSkipCurrentIrpStackLocation(Irp);

   /*
    * IoCallDriver() simply calls the appropriate entry point in the driver object associated
    * with the device object.  This is how drivers are basically "chained" together, they must know
    * that there are lower driver so they can perform the appropriate action and send down the IRP.
    *
    * They do not have to send the IRP down they could simply process it completely themselves if they wish.
    */

    NtStatus = IoCallDriver(pExampleFilterDeviceContext->pNextDeviceInChain, Irp);

    DbgPrint("ExampleFilter_Close Exit 0x%0x \r\n", NtStatus);

    
    return NtStatus;
}


/**********************************************************************
 * 
 *  ExampleFilter_IoControlInternal
 *
 *    These are IOCTL's which can only be sent by other drivers.
 *
 **********************************************************************/
NTSTATUS ExampleFilter_IoControlInternal(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    NTSTATUS NtStatus = STATUS_NOT_SUPPORTED;
    PEXAMPLE_FILTER_EXTENSION pExampleFilterDeviceContext = (PEXAMPLE_FILTER_EXTENSION)DeviceObject->DeviceExtension;
    PIO_STACK_LOCATION pIoStackIrp = NULL;
    DbgPrint("ExampleFilter_IoControlInternal Called \r\n");

    /*
     * We do not want to process this IRP, we simply want to send it down to the next driver.
     * We use IoSkipCurrentIrpStackLocation() since we do not want to set a completion routine.
     *
     * We should not complete this IRP!  Once we pass it down we must forget about it.
     */

    IoSkipCurrentIrpStackLocation(Irp);

   /*
    * IoCallDriver() simply calls the appropriate entry point in the driver object associated
    * with the device object.  This is how drivers are basically "chained" together, they must know
    * that there are lower driver so they can perform the appropriate action and send down the IRP.
    *
    * They do not have to send the IRP down they could simply process it completely themselves if they wish.
    */

    NtStatus = IoCallDriver(pExampleFilterDeviceContext->pNextDeviceInChain, Irp);

    DbgPrint("ExampleFilter_IoControlInternal Exit 0x%0x \r\n", NtStatus);

    return NtStatus;
}



/**********************************************************************
 * 
 *  ExampleFilter_IoControl
 *
 *    This is called when an IOCTL is issued on the device handle (DeviceIoControl)
 *
 **********************************************************************/
NTSTATUS ExampleFilter_IoControl(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    NTSTATUS NtStatus = STATUS_NOT_SUPPORTED;
    PEXAMPLE_FILTER_EXTENSION pExampleFilterDeviceContext = (PEXAMPLE_FILTER_EXTENSION)DeviceObject->DeviceExtension;
    PIO_STACK_LOCATION pIoStackIrp = NULL;
    DbgPrint("ExampleFilter_IoControl Called \r\n");

    /*
     * We do not want to process this IRP, we simply want to send it down to the next driver.
     * We use IoSkipCurrentIrpStackLocation() since we do not want to set a completion routine.
     *
     * We should not complete this IRP!  Once we pass it down we must forget about it.
     */

    IoSkipCurrentIrpStackLocation(Irp);

   /*
    * IoCallDriver() simply calls the appropriate entry point in the driver object associated
    * with the device object.  This is how drivers are basically "chained" together, they must know
    * that there are lower driver so they can perform the appropriate action and send down the IRP.
    *
    * They do not have to send the IRP down they could simply process it completely themselves if they wish.
    */

    NtStatus = IoCallDriver(pExampleFilterDeviceContext->pNextDeviceInChain, Irp);

    DbgPrint("ExampleFilter_IoControl Exit 0x%0x \r\n", NtStatus);

    return NtStatus;
}






/**********************************************************************
 * 
 *  ExampleFilter_Write
 *
 *    This is called when a write is issued on the device handle (WriteFile/WriteFileEx)
 *
 *
 **********************************************************************/
NTSTATUS ExampleFilter_Write(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
    NTSTATUS NtStatus = STATUS_UNSUCCESSFUL;
    PEXAMPLE_FILTER_EXTENSION pExampleFilterDeviceContext = (PEXAMPLE_FILTER_EXTENSION)DeviceObject->DeviceExtension;
    PIO_STACK_LOCATION pIoStackIrp = NULL;
\
    DbgPrint("ExampleFilter_Write Called \r\n");


    /*
     * We do not want to process this IRP, we simply want to send it down to the next driver.
     * We use IoSkipCurrentIrpStackLocation() since we do not want to set a completion routine.
     *
     * We should not complete this IRP!  Once we pass it down we must forget about it.
     */

    IoSkipCurrentIrpStackLocation(Irp);

   /*
    * IoCallDriver() simply calls the appropriate entry point in the driver object associated
    * with the device object.  This is how drivers are basically "chained" together, they must know
    * that there are lower driver so they can perform the appropriate action and send down the IRP.
    *
    * They do not have to send the IRP down they could simply process it completely themselves if they wish.
    */

    NtStatus = IoCallDriver(pExampleFilterDeviceContext->pNextDeviceInChain, Irp);

    DbgPrint("ExampleFilter_Write Exit 0x%0x \r\n", NtStatus);