📄 filter.c
字号:
#ifdef IOCTL_INTERFACE
FilterDeleteControlObject();
#endif
IoDetachDevice(deviceExtension->NextLowerDriver);
IoDeleteDevice(DeviceObject);
return status;
case IRP_MN_QUERY_STOP_DEVICE:
DbgPrint("观察:IRP_MN_QUERY_STOP_DEVICE:\n");
SET_NEW_PNP_STATE(deviceExtension,StopPending);
status = STATUS_SUCCESS;
break;
case IRP_MN_CANCEL_STOP_DEVICE:
DbgPrint("观察:IRP_MN_CANCEL_STOP_DEVICE:\n");
if (StopPending == deviceExtension->DevicePnPState)
{
RESTORE_PREVIOUS_PNP_STATE(deviceExtension);
}
status = STATUS_SUCCESS;
break;
case IRP_MN_STOP_DEVICE:
SET_NEW_PNP_STATE(deviceExtension, Stopped);
status = STATUS_SUCCESS;
break;
case IRP_MN_QUERY_REMOVE_DEVICE:
DbgPrint("观察:IRP_MN_QUERY_REMOVE_DEVICE:\n");
SET_NEW_PNP_STATE(deviceExtension, RemovePending);
status = STATUS_SUCCESS;
break;
case IRP_MN_SURPRISE_REMOVAL:
DbgPrint("观察:IRP_MN_SURPRISE_REMOVAL:\n");
SET_NEW_PNP_STATE(deviceExtension, SurpriseRemovePending);
status = STATUS_SUCCESS;
break;
case IRP_MN_CANCEL_REMOVE_DEVICE:
DbgPrint("观察:IRP_MN_CANCEL_REMOVE_DEVICE:\n");
if(RemovePending == deviceExtension->DevicePnPState)
{
RESTORE_PREVIOUS_PNP_STATE(deviceExtension);
}
status = STATUS_SUCCESS; // We must not fail this IRP.
break;
case IRP_MN_DEVICE_USAGE_NOTIFICATION:
DbgPrint("观察:IRP_MN_DEVICE_USAGE_NOTIFICATION:\n");
if ((DeviceObject->AttachedDevice == NULL) ||
(DeviceObject->AttachedDevice->Flags & DO_POWER_PAGABLE)) {
DeviceObject->Flags |= DO_POWER_PAGABLE;
}
IoCopyCurrentIrpStackLocationToNext(Irp);
IoSetCompletionRoutine(
Irp,
FilterDeviceUsageNotificationCompletionRoutine,
NULL,
TRUE,
TRUE,
TRUE
);
return IoCallDriver(deviceExtension->NextLowerDriver, Irp);
default:
DbgPrint("观察:default:\n");
status = Irp->IoStatus.Status;
break;
}
Irp->IoStatus.Status = status;
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(deviceExtension->NextLowerDriver,Irp);
IoReleaseRemoveLock(&deviceExtension->RemoveLock,Irp);
return status;
}
NTSTATUS
FilterStartCompletionRoutine(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp, IN PVOID Context
)
{
PKEVENT event = (PKEVENT)Context;
DbgPrint("观察:Entry FilterStartCompletionRoutine!\n");
UNREFERENCED_PARAMETER(DeviceObject);
if (Irp->PendingReturned == TRUE)
{
KeSetEvent(event,IO_NO_INCREMENT,FALSE);
}
return STATUS_MORE_PROCESSING_REQUIRED;
}
NTSTATUS
FilterCreateControlObject(
IN PDEVICE_OBJECT DeviceObject
)
{
UNICODE_STRING ntDeviceName;
UNICODE_STRING symbolicLinkName;
PCONTROL_DEVICE_EXTENSION deviceExtension;
NTSTATUS status = STATUS_UNSUCCESSFUL;
UNICODE_STRING sddlString;
DbgPrint("观察:Entry FilterCreateControlObject!\n");
PAGED_CODE();
// ExAcquireFastMutexUnsafe(&ControlMutex);
if (1 == ++InstanceCount)
{
RtlInitUnicodeString(&ntDeviceName, NTDEVICE_NAME_STRING);
RtlInitUnicodeString(&symbolicLinkName, SYMBOLIC_NAME_STRING);
RtlInitUnicodeString( &sddlString, L"D:P(A;;GA;;;SY)(A;;GA;;;BA)");
/*
status = IoCreateDeviceSecure(
DeviceObject->DriverObject,
sizeof(CONTROL_DEVICE_EXTENSION),
&ntDeviceName,
FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&sddlString,
(LPCGUID)&GUID_SD_FILTER_CONTROL_OBJECT,
&ControlDeviceObject
);
*/
if (NT_SUCCESS(status))
{
ControlDeviceObject->Flags |= DO_BUFFERED_IO;
status = IoCreateSymbolicLink(&symbolicLinkName,&ntDeviceName);
if ( !NT_SUCCESS( status ))
{
IoDeleteDevice(ControlDeviceObject);
DbgPrint("IoCreateSymbolicLink failed %x\n", status);
goto End;
}
deviceExtension = ControlDeviceObject->DeviceExtension;
deviceExtension->ControlData = NULL;
deviceExtension->Deleted = FALSE;
ControlDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
}
else
{
DbgPrint("IoCreateDevice failed %x\n", status);
}
}
End:
// ExReleaseFastMutexUnsafe(&ControlMutex);
return status;
}
VOID
FilterDeleteControlObject(
)
{
UNICODE_STRING symbolicLinkName;
PCONTROL_DEVICE_EXTENSION deviceExtension;
PAGED_CODE();
DbgPrint("观察:Entry FilterDeleteControlObject!\n");
// ExAcquireFastMutexUnsafe (&ControlMutex);
if(!(--InstanceCount) && ControlDeviceObject)
{
RtlInitUnicodeString(&symbolicLinkName, SYMBOLIC_NAME_STRING);
deviceExtension = ControlDeviceObject->DeviceExtension;
deviceExtension->Deleted = TRUE;
IoDeleteSymbolicLink(&symbolicLinkName);
IoDeleteDevice(ControlDeviceObject);
ControlDeviceObject = NULL;
}
// ExReleaseFastMutexUnsafe (&ControlMutex);
}
NTSTATUS
FilterDeviceUsageNotificationCompletionRoutine(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context
)
{
PDEVICE_EXTENSION deviceExtension;
DbgPrint("观察:Entry FilterDeviceUsageNotificationCompletionRoutine!\n");
UNREFERENCED_PARAMETER(Context);
deviceExtension = (PDEVICE_EXTENSION) DeviceObject->DeviceExtension;
if (Irp->PendingReturned)
{
IoMarkIrpPending(Irp);
}
if (!(deviceExtension->NextLowerDriver->Flags & DO_POWER_PAGABLE))
{
DeviceObject->Flags &= ~DO_POWER_PAGABLE;
}
IoReleaseRemoveLock(&deviceExtension->RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
NTSTATUS
USBSCSIPassThrough( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp )
{
NTSTATUS status;
KIRQL IrqLevel;
PDEVICE_OBJECT pDeviceObject;
PDEVICE_EXTENSION StorExtension = ( PDEVICE_EXTENSION )
DeviceObject->DeviceExtension;
DbgPrint("观察:进入USBSCSIPassThrough\n");
IoCopyCurrentIrpStackLocationToNext( Irp );
//
// 将 IRP 计数器加一,为支持 SMP 使用自旋锁
//
// KeAcquireSpinLock( &StorExtension->SpinLock, &IrqLevel );
// InterlockedIncrement( &StorExtension->IrpsInProgress );
// KeReleaseSpinLock( &StorExtension->SpinLock, IrqLevel );
IoSetCompletionRoutine( Irp,
USBSCSICompletion,
DeviceObject,
TRUE,
TRUE,
TRUE );
IoAcquireRemoveLock(&StorExtension->RemoveLock,Irp);
IoReleaseRemoveLock(&StorExtension->RemoveLock,Irp);
return IoCallDriver( StorExtension->NextLowerDriver, Irp );
}
NTSTATUS
USBSCSICompletion( IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context )
{
PDEVICE_EXTENSION deviceExtension;
NTSTATUS status;
PIO_STACK_LOCATION irpStack;
PSCSI_REQUEST_BLOCK CurSrb;
PMODE_PARAMETER_HEADER modeData;
PDEVICE_OBJECT pDeviceObject;
PCDB cdb ;
UCHAR opCode;
KIRQL IrqLevel;
PDEVICE_EXTENSION StorExtension = ( PDEVICE_EXTENSION )
DeviceObject->DeviceExtension;
IoAcquireRemoveLock(&StorExtension->RemoveLock,Irp);
DbgPrint("观察:USBSCSICompletion\n");
irpStack = IoGetCurrentIrpStackLocation( Irp );
CurSrb = ExAllocatePoolWithTag(NonPagedPool,
sizeof(SCSI_REQUEST_BLOCK),
DISK_TAG_SRB);
if (CurSrb == NULL)
{
DbgPrint("观察:CurSrb==NULL\n");
}
else
{
DbgPrint("观察:CurSrb!=NULL\n");
}
RtlZeroMemory(CurSrb, SCSI_REQUEST_BLOCK_SIZE);
if (irpStack->MajorFunction==IRP_MJ_INTERNAL_DEVICE_CONTROL)
{
DbgPrint("注意:我终于得到了IRP_MJ_INTERNAL_DEVICE_CONTROL\n");
CurSrb=irpStack->Parameters.Scsi.Srb;
cdb = (PCDB)CurSrb->Cdb;
opCode=cdb->CDB6GENERIC.OperationCode;
if (opCode==SCSIOP_WRITE)
{
DbgPrint("关键:opCode==SCSIOP_WRITE\n");
}
if (flag==0)
{
DbgPrint("观察:不进入进入U盘写保护\n");
goto _end;
}
// if(opCode==SCSIOP_MODE_SENSE && CurSrb->DataBuffer
// && CurSrb->DataTransferLength >=
// sizeof(MODE_PARAMETER_HEADER))
if (opCode==SCSIOP_MODE_SENSE)
{
DbgPrint("观察:进入U盘写保护\n");
modeData = (PMODE_PARAMETER_HEADER)CurSrb->DataBuffer;
// if (flag==1)
// {
modeData->DeviceSpecificParameter |= MODE_DSP_WRITE_PROTECT;
// }
}
}
_end:
if ( Irp->PendingReturned )
{
IoMarkIrpPending( Irp );
}
IoReleaseRemoveLock(&StorExtension->RemoveLock,Irp);
//
// 将 IRP 计数器减一,为支持 SMP 使用自旋锁
//
// KeAcquireSpinLock( &KeyExtension->SpinLock, &IrqLevel );
// InterlockedDecrement( &KeyExtension->IrpsInProgress );
// KeReleaseSpinLock( &KeyExtension->SpinLock, IrqLevel );
return Irp->IoStatus.Status ;
} ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -