📄 wdf.h
字号:
// 头文件: wdf.h
//
// 代码文件: wdf.c
//
// 说明: 头文件中含有开发Windows文件系统驱动的数据类型和一些函数调用的
// 声明。代码文件中含有一些函数的实现,主要包括分发函数的设置。
//
// 依赖: ntifs.h
//
// 作者: 楚狂人
//
// 单位: 小媛工作室
//
// 联系: walled_river@sina.com
//
// 创建日期: 2004年8月27日
//
// 更新日期: 2004年9月1日
#ifndef _WIN_DRV_FILE_SYS_H_
#define _WIN_DRV_FILE_SYS_H_
#include "ntifs.h"
// 文件系统过滤驱动的主要前景:
// 1.加密文件系统
// 2.压缩文件系统
// 3.隐藏卷
// 4.硬盘加速
// 基本数据类型
typedef CHAR wd_char;
typedef LONG wd_long;
typedef ULONG wd_ulong;
#define wd_wchar WCHAR
#define wd_size ULONG
#define wd_pvoid PVOID
#define wd_void VOID
#define wd_bool BOOLEAN
#define wd_dat_32 ULONG
#define wd_dat_16 USHORT
#define wd_pvoid PVOID
#define wd_void VOID
#define wd_byte UCHAR
#define wd_uchar UCHAR
#define wd_true TRUE
#define wd_false FALSE
#define wd_null NULL
// 设备、驱动对象类型
typedef DRIVER_OBJECT wd_drv;
typedef DEVICE_OBJECT wd_dev;
typedef DRIVER_OBJECT wd_pdrv;
typedef PDEVICE_OBJECT wd_pdev;
// 状态相关的类型和宏
typedef NTSTATUS wd_stat;
enum {
wd_stat_suc = STATUS_SUCCESS,
wd_stat_path_not_found = STATUS_OBJECT_PATH_NOT_FOUND,
wd_stat_insufficient_res = STATUS_INSUFFICIENT_RESOURCES,
wd_stat_invalid_dev_req = STATUS_INVALID_DEVICE_REQUEST,
wd_stat_no_such_dev = STATUS_NO_SUCH_DEVICE,
wd_stat_image_already_loaded = STATUS_IMAGE_ALREADY_LOADED,
wd_stat_more_processing = STATUS_MORE_PROCESSING_REQUIRED,
wd_stat_pending = STATUS_PENDING
};
_inline wd_bool wd_suc(wd_stat state)
{
return NT_SUCCESS(state);
}
// 其他
#define in IN
#define out OUT
#define optional OPTIONAL
#define wd_ustr UNICODE_STRING
#define wdp_ustr PUNICODE_STRING
#define wd_main DriverEntry
#define wd_printf0
#define wd_printf1 DbgPrint
#define wd_fio_disp FAST_IO_DISPATCH
typedef PDRIVER_DISPATCH wd_disp_fuc;
enum{
wd_dev_name_max_len = 64
};
// 更多的数据类型
typedef FILE_OBJECT wd_file;
typedef LARGE_INTEGER wd_lgint;
typedef LONGLONG wd_llong;
typedef IO_STATUS_BLOCK wd_io_stat_block;
typedef FILE_BASIC_INFORMATION wd_file_basic_infor;
typedef FILE_STANDARD_INFORMATION wd_file_standard_infor;
typedef PEPROCESS wd_proc_id;
typedef FILE_NETWORK_OPEN_INFORMATION wd_file_net_open_infor;
typedef PMDL wd_pmdl;
typedef MDL wd_mdl;
typedef COMPRESSED_DATA_INFO wd_compressed_data_info;
_inline wd_llong wd_int64(wd_lgint num)
{
return num.QuadPart;
}
_inline wd_void wd_int64_set(wd_lgint num,wd_llong ac_num)
{
num.QuadPart = ac_num;
}
_inline wd_ulong wd_lgint_high(wd_lgint num)
{
return num.u.HighPart;
}
_inline wd_ulong wd_lgint_low(wd_lgint num)
{
return num.u.LowPart;
}
// // 内存管理相关的一组函数
// 简单内存分配
wd_pvoid wd_malloc(
wd_bool paged,
wd_size size);
// 简单内存释放
wd_void wd_free(wd_pvoid point);
// 内存清零
wd_void wd_memzero(
wd_pvoid point,
wd_size size);
_inline wd_void wd_memcpy(wd_pvoid dst,
wd_pvoid src,
wd_size size)
{
RtlCopyMemory(dst,src,size);
}
// unicode string 初始化
_inline wd_void wd_ustr_init(in out wd_ustr* str,
in const wd_wchar* chars)
{
RtlInitUnicodeString(str,chars);
};
_inline wd_void wd_ustr_init_em(
in out wd_ustr*str,
in wd_wchar *chars,
in wd_size size)
{
RtlInitEmptyUnicodeString(str,chars,size);
};
// 这个函数比较两个字符串是否符合
wd_long wd_ustr_accord(in wd_ustr *str1,
in wd_ustr *str2,
in wd_bool case_insen);
// case_insen为true表示不区分大小写
_inline wd_long wd_ustr_cmp(in wd_ustr *str1,
in wd_ustr *str2,
in wd_bool case_insen)
{
return RtlCompareUnicodeString(str1,str2,case_insen);
}
_inline wd_void wd_ustr_copy(in wd_ustr *dest,
in wd_ustr *src)
{
RtlCopyUnicodeString(dest,src);
};
/////////////////////////// irp相关函数 ///////////////////////////////
typedef enum {
wd_user_mode = UserMode,
wd_kernel_mode = KernelMode
} wd_proc_mode;
#define wd_irp IRP
#define wd_pirp PIRP
typedef IO_STACK_LOCATION wd_io_stack;
typedef PIO_STACK_LOCATION wd_pio_stack;
_inline wd_stat wd_irp_over(wd_irp *irp)
{
wd_stat status = irp->IoStatus.Status;
IoCompleteRequest(irp, IO_NO_INCREMENT);
return status;
}
_inline wd_ulong wd_irp_flags(wd_irp *irp)
{
return irp->Flags;
}
// 这个函数可以立刻失败掉一个irp
_inline wd_stat wd_irp_failed(wd_pirp irp,wd_stat status_error)
{
irp->IoStatus.Status = status_error;
irp->IoStatus.Information = 0;
return wd_irp_over(irp);
}
_inline wd_uchar wd_irpsp_minor(wd_io_stack *irpsp)
{
return irpsp->MinorFunction;
}
_inline wd_uchar wd_irpsp_major(wd_io_stack *irpsp)
{
return irpsp->MajorFunction;
}
_inline wd_uchar wd_irpsp_minor_set(wd_io_stack *irpsp,wd_uchar minor)
{
return irpsp->MinorFunction = minor;
}
_inline wd_uchar wd_irpsp_major_set(wd_io_stack *irpsp,wd_uchar major)
{
return irpsp->MajorFunction = major;
}
_inline wd_ulong wd_irpsp_fs_ctl_code(wd_io_stack *irpsp)
{
return irpsp->Parameters.FileSystemControl.FsControlCode;
}
// 这个函数可以跳过当前io_stack
_inline wd_void wd_skip_io_stack(wd_pirp irp)
{
IoSkipCurrentIrpStackLocation(irp);
}
_inline wd_void wd_copy_io_stack(wd_irp *irp)
{
IoCopyCurrentIrpStackLocationToNext(irp);
}
_inline wd_stat wd_irp_call(wd_dev *dev,wd_pirp irp)
{
return IoCallDriver(dev,irp);
}
_inline wd_proc_mode wd_irp_req_mode(wd_irp *irp)
{
return irp->RequestorMode;
}
_inline wd_void wd_irp_req_mode_set(wd_irp *irp,wd_proc_mode req_mode)
{
irp->RequestorMode = req_mode;
}
//
_inline wd_stat wd_irp_status(wd_irp *irp)
{
return irp->IoStatus.Status;
}
_inline wd_stat wd_irp_stat_set(wd_irp *irp,
wd_stat status)
{
return (irp->IoStatus.Status = status);
}
_inline wd_void wd_irp_infor_set(wd_irp *irp,
wd_ulong infor)
{
irp->IoStatus.Information = infor;
}
_inline wd_ulong wd_irp_infor(wd_irp *irp)
{
return irp->IoStatus.Information;
}
_inline wd_io_stack *wd_cur_io_stack(wd_irp *irp)
{
return IoGetCurrentIrpStackLocation(irp);
}
typedef wd_io_stack wd_irpsp;
// 设置irp完成例程
typedef PIO_COMPLETION_ROUTINE wd_irp_comp_func;
_inline wd_void wd_irp_comp(wd_irp *irp,
wd_irp_comp_func complete,
wd_void *context)
{
IoSetCompletionRoutine(
irp,
complete,
context,
wd_true,
wd_true,
wd_true);
}
///////////////////////// 设备操作相关函数 /////////////////////////
typedef OBJECT_NAME_INFORMATION wd_obj_name;
typedef DEVICE_TYPE wd_dev_type;
enum {
wdf_dev_secure_open = FILE_DEVICE_SECURE_OPEN
};
enum {
wd_dev_disk_fs = FILE_DEVICE_DISK_FILE_SYSTEM,
wd_dev_cdrom_fs = FILE_DEVICE_CD_ROM_FILE_SYSTEM,
wd_dev_network_fs = FILE_DEVICE_NETWORK_FILE_SYSTEM
};
_inline wd_dev * wd_dev_attached(wd_dev *dev)
{
return dev->AttachedDevice;
}
typedef VPB wd_vpb;
_inline wd_vpb * wd_dev_vbp(wd_dev *dev)
{
return dev->Vpb;
}
_inline wd_dev * wd_vbp_dev(wd_vpb *vpb)
{
return vpb->DeviceObject;
}
_inline wd_stat wd_dev_create(in wd_drv *drv,
in wd_size ext_size,
in wd_ustr *name optional,
in wd_dev_type type,
in wd_ulong dev_chars,
in wd_bool exclusive,
out wd_dev **dev)
{
return IoCreateDevice(
drv,
ext_size,
name,
type,
dev_chars,
exclusive,
dev);
}
// 生成一个文件过滤驱动CDO
_inline wd_stat wdff_cdo_create(in wd_drv *driver,
in wd_size exten_len,
in wd_ustr *name,
out wd_dev **device)
{
// 然后生成一个控制对象
return wd_dev_create(
driver,
exten_len,
name,
wd_dev_disk_fs,
wdf_dev_secure_open,
wd_false,
device);
}
// 这个函数比较大,不适合做内联,这个函数可以得到一个对象的名字
wd_void wd_obj_get_name(in wd_void *obj,
in out wd_ustr *name);
wd_void wd_file_get_name(in wd_void *obj,
in out wd_ustr *name);
_inline wd_dev_type wd_dev_get_type(in wd_dev *dev)
{
return dev->DeviceType;
}
_inline wd_drv * wd_dev_drv(in wd_dev *dev)
{
return dev->DriverObject;
}
_inline wd_void wd_dev_del(in wd_dev *device)
{
IoDeleteDevice(device);
}
_inline wd_void wd_dev_clr_init_flag(wd_dev *dev)
{
dev->Flags &= ~DO_DEVICE_INITIALIZING;
}
_inline wd_void wd_dev_copy_buffer_flag(wd_dev *new_dev,
wd_dev *old_dev)
{
if(old_dev->Flags & DO_BUFFERED_IO)
new_dev->Flags &= DO_BUFFERED_IO;
if(old_dev->Flags & DO_DIRECT_IO)
new_dev->Flags &= DO_DIRECT_IO;
}
_inline wd_void wd_dev_copy_flag(wd_dev *new_dev,
wd_dev *old_dev)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -