📄 filter.c
字号:
#include "filter.h"
ULONG InstanceCount = 0;
int flag=1;
#ifdef ALLOC_PRAGMA
#pragma alloc_text (INIT, DriverEntry)
#pragma alloc_text (PAGE, FilterAddDevice)
#pragma alloc_text (PAGE, FilterDispatchPnp)
#pragma alloc_text (PAGE, FilterUnload)
#endif
#ifdef IOCTL_INTERFACE
#ifdef ALLOC_PRAGMA
#pragma alloc_text (PAGE, FilterCreateControlObject)
#pragma alloc_text (PAGE, FilterDeleteControlObject)
#pragma alloc_text (PAGE, FilterDispatchIo)
#endif
FAST_NUTEX ControlMutex;
//ULONG InstanceCount = 0;
//PDEVICE_OBJECT ControlDeviceObject;
#endif
PDEVICE_OBJECT ControlDeviceObject;
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
NTSTATUS status = STATUS_SUCCESS;
ULONG ulIndex;
PDRIVER_DISPATCH * dispatch;
DbgPrint("test:1111111111111111\n");
DbgPrint("观察:Entry DriverEntry\n");
UNREFERENCED_PARAMETER (RegistryPath);
for (ulIndex=0,dispatch=DriverObject->MajorFunction;
ulIndex<=IRP_MJ_MAXIMUM_FUNCTION;
ulIndex++,dispatch++)
{
*dispatch = FilterPass;
}
DriverObject->MajorFunction[IRP_MJ_SCSI]=USBSCSIPassThrough;
// DriverObject->MajorFunction[IRP_MJ_SCSI]=FilterPass;
DriverObject->MajorFunction[IRP_MJ_PNP] = FilterDispatchPnp;
DriverObject->DriverUnload = FilterUnload;
DriverObject->DriverExtension->AddDevice = FilterAddDevice;
#ifdef IOCTL_INTERFACE
// DriverObject->MajorFunction[IRP_MJ_CREATE] =
// DriverObject->MajorFunction[IRP_MJ_CLOSE] =
// DriverObject->MajorFunction[IRP_MJ_CLEANUP] =
// DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL]
// = FilterDispatchIo;
// DriverObject->MajorFunction[IRP_MJ_SCSI] = USBSCSIPassThrough;
ExInitializeFastMutex(&ControlMutex);
#endif
return status;
}
VOID
FilterUnload(
IN PDRIVER_OBJECT DriverObject
)
{
PAGED_CODE();
ASSERT(DriverObject->DeviceObject == NULL);
DbgPrint("观察:Entry FilterUnload\n");
return;
}
NTSTATUS
FilterAddDevice(
IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT PhysicalDeviceObject
)
{
NTSTATUS status = STATUS_SUCCESS;
PDEVICE_OBJECT deviceObject=NULL;
PDEVICE_EXTENSION deviceExtension;
ULONG deviceType=FILE_DEVICE_DISK;
UNICODE_STRING ntName;
UNICODE_STRING win32Name;
RtlInitUnicodeString(&ntName, L"\\Device\\dnmm");
RtlInitUnicodeString(&win32Name, L"\\DosDevices\\dnmm");
DbgPrint("观察:Entry FilterAddDevice\n");
PAGED_CODE();
if (!IoIsWdmVersionAvailable(1,0x20))
{
deviceObject=IoGetAttachedDeviceReference(PhysicalDeviceObject);
deviceType=deviceObject->DeviceType;
ObDereferenceObject(deviceObject);
}
status=IoCreateDevice(
DriverObject,
sizeof (DEVICE_EXTENSION),
&ntName,
FILE_DEVICE_DISK,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&deviceObject
);
if (!NT_SUCCESS(status))
{
return status;
}
deviceExtension=(PDEVICE_EXTENSION)deviceObject->DeviceExtension;
deviceExtension->NextLowerDriver=IoAttachDeviceToDeviceStack(
deviceObject,
PhysicalDeviceObject);
if (NULL==deviceExtension->NextLowerDriver)
{
DbgPrint("注意了:FilterAddDevice:NULL==deviceExtension->NextLowerDriver\n");
IoDeleteDevice(deviceObject);
return STATUS_UNSUCCESSFUL;
}
status = IoCreateSymbolicLink(
&win32Name,
&ntName);
if (!NT_SUCCESS(status))
{
DbgPrint("重点啊:IoCreateSymbolicLink(&win32Name, &ntName) 错了的\n");
}
deviceObject->Flags |= deviceExtension->NextLowerDriver->Flags&
(DO_BUFFERED_IO|DO_DIRECT_IO|DO_POWER_PAGABLE);
// deviceObject->DeviceType=deviceExtension->NextLowerDriver->DeviceType;
deviceObject->DeviceType=FILE_DEVICE_DISK;
deviceObject->Characteristics=deviceExtension->NextLowerDriver->Characteristics;
deviceExtension->Self=deviceObject;
IoInitializeRemoveLock(&deviceExtension->RemoveLock,
POOL_TAG,1,100);
INITIALIZE_PNP_STATE(deviceExtension);
deviceObject->Flags&=~DO_DEVICE_INITIALIZING;
return STATUS_SUCCESS;
}
NTSTATUS
FilterDispatchIo(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp )
{
PIO_STACK_LOCATION irpStack;
NTSTATUS status;
PCONTROL_DEVICE_EXTENSION deviceExtension;
DbgPrint("观察:Entry FilterDispatchIo\n");
PAGED_CODE();
if (DeviceObject!=ControlDeviceObject)
{
return FilterPass(DeviceObject,Irp);
}
deviceExtension=ControlDeviceObject->DeviceExtension;
if (!deviceExtension->Deleted)
{
status=STATUS_SUCCESS;
Irp->IoStatus.Information=0;
irpStack=IoGetCurrentIrpStackLocation(Irp);
switch(irpStack->MajorFunction)
{
case IRP_MJ_CREATE:
DbgPrint("I am IRP_MJ_CREATE\n");
break;
case IRP_MJ_CLOSE:
DbgPrint("I am IRP_MJ_CLOSE\n");
break;
case IRP_MJ_CLEANUP:
DbgPrint("I am IRP_MJ_CLEANUP\n");
break;
case IRP_MJ_DEVICE_CONTROL:
DbgPrint("I am IRP_MJ_DEVICE_CONTROL\n");
break;
default:
break;
}
}
else
{
ASSERTMSG(FALSE, "Requests being sent to a dead device\n");
status = STATUS_DEVICE_REMOVED;
}
Irp->IoStatus.Status=status;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
DbgPrint("观察:Entry FilterDispatchIo is over!!!\n");
return status;
}
NTSTATUS
FilterPass(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDEVICE_EXTENSION deviceExtension;
NTSTATUS status;
PIO_STACK_LOCATION irpStack;
PVOID inputBuffer;
CHAR n;
DbgPrint("观察:Entry FilterPass!\n");
irpStack = IoGetCurrentIrpStackLocation(Irp);
DbgPrint("关键:irpStack->MajorFunction=%d\n",irpStack->MajorFunction);
if (irpStack->MajorFunction==IRP_MJ_DEVICE_CONTROL)
{
if (irpStack->Parameters.DeviceIoControl.IoControlCode==IOCTL_800)
{
inputBuffer = Irp->AssociatedIrp.SystemBuffer;
DbgPrint("我得到了IOCTL_800并且inputBuffer=%s\n",inputBuffer);
n=*(CHAR*)inputBuffer;
n=n-'0';
if (n==0)
{
DbgPrint("flag=0\n");
flag=0;
}
if (n==1)
{
DbgPrint("flag=1\n");
flag=1;
}
}
}
deviceExtension=(PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
status=IoAcquireRemoveLock(&deviceExtension->RemoveLock,Irp);
if (!NT_SUCCESS(status))
{
Irp->IoStatus.Status=status;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
return status;
}
IoSkipCurrentIrpStackLocation(Irp);
status=IoCallDriver(deviceExtension->NextLowerDriver,Irp);
IoReleaseRemoveLock(&deviceExtension->RemoveLock,Irp);
return status;
}
NTSTATUS
FilterDispatchPnp(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDEVICE_EXTENSION deviceExtension;
PIO_STACK_LOCATION irpStack;
NTSTATUS status;
KEVENT event;
DbgPrint("观察:Entry FilterDispatchPnp.\n");
PAGED_CODE();
deviceExtension = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
irpStack = IoGetCurrentIrpStackLocation(Irp);
status = IoAcquireRemoveLock(&deviceExtension->RemoveLock,Irp);
if (!NT_SUCCESS(status))
{
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
return status;
}
switch(irpStack->MinorFunction)
{
case IRP_MN_START_DEVICE:
DbgPrint("观察:IRP_MN_START_DEVICE:\n");
KeInitializeEvent(&event,NotificationEvent,FALSE);
IoCopyCurrentIrpStackLocationToNext(Irp);
IoSetCompletionRoutine(Irp,
(PIO_COMPLETION_ROUTINE) FilterStartCompletionRoutine,
&event,
TRUE,
TRUE,
TRUE);
status = IoCallDriver(deviceExtension->NextLowerDriver,Irp);
if (status == STATUS_PENDING)
{
KeWaitForSingleObject(&event,Executive,KernelMode,FALSE,NULL);
status = Irp->IoStatus.Status;
}
if (NT_SUCCESS(status))
{
SET_NEW_PNP_STATE(deviceExtension,Started);
if (deviceExtension->NextLowerDriver->Characteristics & FILE_REMOVABLE_MEDIA)
{
DeviceObject->Characteristics|=FILE_REMOVABLE_MEDIA;
}
#ifdef IOCTL_INTERFACE
if (Stop != deviceExtension->PreviousPnPState)
{
FilterCreateControlObject(DeviceObject);
}
#endif
}
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
IoReleaseRemoveLock(&deviceExtension->RemoveLock,Irp);
return status;
case IRP_MN_REMOVE_DEVICE:
DbgPrint("观察:IRP_MN_REMOV_DEVICE:\n");
IoReleaseRemoveLockAndWait(&deviceExtension->RemoveLock,Irp);
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(deviceExtension->NextLowerDriver,Irp);
SET_NEW_PNP_STATE(deviceExtension,Deleted);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -