📄 usbfilter.c
字号:
if (!(USBDeviceExe->NextLowerDriver->Flags & DO_POWER_PAGABLE))
{
DeviceObject->Flags &= ~DO_POWER_PAGABLE;
}
IoReleaseRemoveLock(&USBDeviceExe->RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
NTSTATUS
USBFilterSCSI( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp )
{
NTSTATUS ntStatus;
KIRQL IrqLevel;
// PDEVICE_OBJECT pDeviceObject;
PUSB_DEVICE_EXTENSION USBDeviceExe = ( PUSB_DEVICE_EXTENSION )
DeviceObject->DeviceExtension;
DbgPrint(CURINFO "USBFilterSCSI!...\n");
IoCopyCurrentIrpStackLocationToNext( Irp );
IoSetCompletionRoutine( Irp,
USBSCSICompletion,
DeviceObject,
TRUE,
TRUE,
TRUE );
IoAcquireRemoveLock(&USBDeviceExe->RemoveLock,Irp);
IoReleaseRemoveLock(&USBDeviceExe->RemoveLock,Irp);
return IoCallDriver( USBDeviceExe->NextLowerDriver, Irp );
}
NTSTATUS
USBSCSICompletion( IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context )
{
NTSTATUS ntStatus;
PIO_STACK_LOCATION IrpStack;
PSCSI_REQUEST_BLOCK CurSrb;
PMODE_PARAMETER_HEADER modeData;
PDEVICE_OBJECT pDeviceObject;
PCDB cdb ;
UCHAR opCode;
KIRQL IrqLevel;
ULONG Len1,Len2,Len3;
PUSB_DEVICE_EXTENSION USBDeviceExe = ( PUSB_DEVICE_EXTENSION )DeviceObject->DeviceExtension;
Len1=Len2=Len3=0;
IoAcquireRemoveLock(&USBDeviceExe->RemoveLock,Irp);
DbgPrint(CURINFO "USBSCSICompletion!...\n");
IrpStack = IoGetCurrentIrpStackLocation( Irp );
CurSrb = ExAllocatePoolWithTag(NonPagedPool,
sizeof(SCSI_REQUEST_BLOCK),
DISK_TAG_SRB);
if (CurSrb == NULL)
{
DbgPrint(CURINFO "Allocate is falied !...\n");
}
else
{
DbgPrint(CURINFO "Allocate is success!...\n");
}
RtlZeroMemory(CurSrb, SCSI_REQUEST_BLOCK_SIZE);
if (IrpStack->MajorFunction==IRP_MJ_INTERNAL_DEVICE_CONTROL)
{
DbgPrint(CURINFO "IRP_MJ_INTERNAL_DEVICE_CONTROL\n");
CurSrb=IrpStack->Parameters.Scsi.Srb;
//cdb = (PCDB)CurSrb->Cdb;
opCode=CurSrb->Cdb[0];
if (opCode==SCSIOP_WRITE || opCode==SCSIOP_WRITE6 )
{
DbgPrint(CURINFO "opCode==SCSIOP_WRITE\n");
Len1=(0x00FF0000 & CurSrb->Cdb[2])>>16;
Len2=(0x0000FF00 & CurSrb->Cdb[3])>>8;
Len3=(0x000000FF & CurSrb->Cdb[4]);
DbgPrint(CURINFO "Write Len 0x%x 0x%x 0x%x\n",Len1,Len2,Len3);
/****打开此段代码容易引起系统的重启。问题没有解决
RtlCopyMemory(IoInfo,(UCHAR*)CurSrb->DataBuffer,Len3);
MyDriverWriteFile(IoInfo,\
Len3,\
pReadFile);*/
}
if(opCode==SCSIOP_READ6 || opCode==SCSIOP_READ )
{
DbgPrint(CURINFO "opCode==SCSIOP_READ\n");
Len1=(0x00FF0000 & CurSrb->Cdb[2])>>16;
Len2=(0x0000FF00 & CurSrb->Cdb[3])>>8;
Len3=(0x000000FF & CurSrb->Cdb[4]);
DbgPrint(CURINFO "Read Len 0x%x 0x%x 0x%x\n",Len1,Len2,Len3);
/****打开此段代码容易引起系统的重启。问题没有解决
RtlCopyMemory(IoInfo,(UCHAR*)CurSrb->DataBuffer,Len3);
MyDriverWriteFile(IoInfo,\
Len3,\
pWriteFile);
*/
}
if (opCode==SCSIOP_MODE_SENSE)
{
DbgPrint(CURINFO "SCSIOP_MODE_SENSE\n");
modeData = (PMODE_PARAMETER_HEADER)CurSrb->DataBuffer;
modeData->DeviceSpecificParameter |= MODE_DSP_WRITE_PROTECT;
}
}
if ( Irp->PendingReturned )
{
IoMarkIrpPending( Irp );
}
IoReleaseRemoveLock(&USBDeviceExe->RemoveLock,Irp);
return Irp->IoStatus.Status ;
}
/******************************************
文件操作
*/
NTSTATUS
CreateLogFile(IN PVOID Context,
IN OUT HANDLE *FileHandle,
IN PSTR FileName)
{
NTSTATUS ntStatus;
OBJECT_ATTRIBUTES ObjectAttributes;
POBJECT_ATTRIBUTES pObjectAttributes;
IO_STATUS_BLOCK IoStatusBlock;
UNICODE_STRING UniFileName;
ANSI_STRING m_AnsiFileName;
PFILE_WORK_ITEM workitem;
ULONG level;
DbgPrint("Create Log File...\n");
pObjectAttributes =&ObjectAttributes;
RtlInitAnsiString(&m_AnsiFileName,FileName);
level = KeGetCurrentIrql();
if(level < DISPATCH_LEVEL)
{
ntStatus = RtlAnsiStringToUnicodeString(&UniFileName , &m_AnsiFileName ,TRUE);
if(!NT_SUCCESS(ntStatus))
return ntStatus;
InitializeObjectAttributes(pObjectAttributes,&UniFileName,OBJ_CASE_INSENSITIVE,NULL,NULL);
ntStatus=ZwCreateFile(FileHandle,
GENERIC_WRITE | SYNCHRONIZE | FILE_APPEND_DATA|GENERIC_READ,
&ObjectAttributes,
&IoStatusBlock,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN|FILE_CREATE,/*FILE_OVERWRITE_IF,*/
FILE_SYNCHRONOUS_IO_NONALERT,
NULL,
0);
if(NT_SUCCESS(ntStatus) && FileHandle != NULL)
{
return ntStatus;
}
}
else
{
ntStatus = STATUS_PENDING;
workitem = (PFILE_WORK_ITEM)ExAllocatePool(NonPagedPool,\
sizeof(FILE_WORK_ITEM));
if (workitem)
{
ExInitializeWorkItem(&workitem->WorkItem,MyDriverCreateFileWorkItem,workitem);
workitem->FileContext = Context;
workitem->FileHandle = *FileHandle;
workitem->pUFileName = &UniFileName;
ExQueueWorkItem(&workitem->WorkItem,
DelayedWorkQueue);
}
else
{
ntStatus = STATUS_INSUFFICIENT_RESOURCES;
}
}
return ntStatus;
}
VOID MyDriverCreateFileWorkItem(
PVOID Context)
{
HANDLE FileHandle;
NTSTATUS ntStatus;
OBJECT_ATTRIBUTES ObjectAttributes;
IO_STATUS_BLOCK IoStatusBlock;
PCWSTR FileName;
PUNICODE_STRING pUniFileName;
LARGE_INTEGER ByteOffset;
PFILE_WORK_ITEM workitem = (PFILE_WORK_ITEM) Context;
// DbgPrint("MyDriverCreateFileWorkItem function...\n");
FileHandle = workitem->FileHandle;
pUniFileName = workitem->pUFileName;
InitializeObjectAttributes(&ObjectAttributes,pUniFileName,
OBJ_CASE_INSENSITIVE,NULL,NULL);
ntStatus=ZwCreateFile( &FileHandle,
GENERIC_WRITE | SYNCHRONIZE | FILE_APPEND_DATA|GENERIC_READ,
&ObjectAttributes,
&IoStatusBlock,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN|FILE_CREATE,/*FILE_OVERWRITE_IF,*/
FILE_SYNCHRONOUS_IO_NONALERT,
NULL,
0
);
if(NT_SUCCESS(ntStatus) && FileHandle != NULL)
{
}
ExFreePool(workitem);
return;
}
VOID MyDriverWriteFile(
IN PVOID Buffer,
IN ULONG Length,
IN OUT HANDLE FileHandle)
{
NTSTATUS ntStatus;
OBJECT_ATTRIBUTES ObjectAttributes;
IO_STATUS_BLOCK IoStatusBlock;
UNICODE_STRING UniFileName;
PFILE_WORK_ITEM workitem;
LARGE_INTEGER ByteOffset;
DbgPrint(".....MyDriverWriteFile1 function...\n");
if(KeGetCurrentIrql() < DISPATCH_LEVEL)
{
if(Buffer==NULL)
{
DbgPrint("The Buffer is NULL...\n");
return;
}
// DbgPrint("@@@@@@@@@@@@WriteFile %s..%d....\n",Buffer,Length);
ntStatus=ZwWriteFile(FileHandle,
0,
0,
0,
&IoStatusBlock,
Buffer,
Length,
NULL,
NULL);
if(NT_SUCCESS(ntStatus) && FileHandle != NULL)
{
DbgPrint("@@@@@@@@@@@@ ############## WriteFile is ok!......\n");
}
}
else
{
// DbgPrint("KeSetEvent ...........\n");
// KeSetEvent(&devExt->BeginEvent,0,0);
ntStatus = STATUS_PENDING;
workitem = (PFILE_WORK_ITEM)ExAllocatePool(NonPagedPool,
sizeof(FILE_WORK_ITEM));
if (workitem) {
ExInitializeWorkItem(&workitem->WorkItem,
MyDriverWriteFileWorkItem,
workitem);
workitem->FileContext =Buffer ;//KeyBuffer;
workitem->FileHandle = FileHandle;
workitem->Length = Length;
ExQueueWorkItem(&workitem->WorkItem,\
DelayedWorkQueue);
}
else
{
ntStatus = STATUS_INSUFFICIENT_RESOURCES;
}
}
return;
}
VOID MyDriverWriteFileWorkItem(
PVOID Context)
{
HANDLE FileHandle;
NTSTATUS ntStatus;
IO_STATUS_BLOCK IoStatusBlock;
LARGE_INTEGER ByteOffset;
PVOID Buffer;
ULONG Length;
PFILE_WORK_ITEM workitem = (PFILE_WORK_ITEM) Context;
FileHandle = workitem->FileHandle;
Buffer = workitem->FileContext;
Length = workitem->Length;
if(Buffer==NULL)
{
DbgPrint("The Buffer is NULL...\n");
return;
}
// DbgPrint("@@@@@@@@@@@@@@@################# 2 ZwWriteFile function....\n");
// DbgPrint("@@@@@@@@@@@@WriteFile2 %s....%d....\n",Buffer,Length);
ntStatus=ZwWriteFile(FileHandle,
0,
0,
0,
&IoStatusBlock,
Buffer,
Length,
NULL,
NULL);
if(NT_SUCCESS(ntStatus) && FileHandle != NULL)
{
DbgPrint("@@@@@@@@@@@@@@@#################ZwWriteFile is ok!\n");
}
ExFreePool(workitem);
return;
}
VOID MyDriverCloseFile(
IN OUT HANDLE FileHandle)
{
NTSTATUS ntStatus;
PFILE_WORK_ITEM workitem;
ULONG level = KeGetCurrentIrql();
DbgPrint("MyDriverCloseFile function...\n");
if(level < DISPATCH_LEVEL)
{
ntStatus = ZwClose(FileHandle);
if(NT_SUCCESS(ntStatus))
{
return;
}
}
else
{
ntStatus = STATUS_PENDING;
workitem = (PFILE_WORK_ITEM)ExAllocatePool(NonPagedPool,
sizeof(FILE_WORK_ITEM));
if (workitem)
{
ExInitializeWorkItem(&workitem->WorkItem,MyDriverCloseFileWorkItem,workitem);
workitem->FileHandle = FileHandle;
ExQueueWorkItem(&workitem->WorkItem,
DelayedWorkQueue);
}
else
{
ntStatus = STATUS_INSUFFICIENT_RESOURCES;
}
}
return ;
}
VOID MyDriverCloseFileWorkItem(
PVOID Context)
{
HANDLE FileHandle;
NTSTATUS ntStatus;
IO_STATUS_BLOCK IoStatusBlock;
LARGE_INTEGER ByteOffset;
PVOID Buffer;
ULONG Length;
PFILE_WORK_ITEM workitem = (PFILE_WORK_ITEM) Context;
DbgPrint("MyDriverCloseFileWorkItem function...\n");
FileHandle = workitem->FileHandle;
ntStatus=ZwClose(FileHandle);
if(NT_SUCCESS(ntStatus))
{
}
ExFreePool(workitem);
return;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -