⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 singlemode.cpp

📁 实现了隐藏进程,使进程对任务管理器和进程查看器均不可见,使文件对资源管理器不可见 是驱动编程入门的好例子
💻 CPP
字号:
🔍 
#include "SingleMode.h"
SingleProcessorMode::SingleProcessorMode()
{
	mCpuCount = KeNumberProcessors;
	DpcArray = new KDPC[mCpuCount];
	if(mCpuCount > 1)
	{
		for(CCHAR i = 0; i < mCpuCount; i++)
		{
			KeInitializeDpc(&DpcArray[i], DpcRoutine, (PVOID)&mHub);
			KeSetImportanceDpc(&DpcArray[i], HighImportance);
			KeSetTargetProcessorDpc(&DpcArray[i], i);
		}
	}
}

void SingleProcessorMode::DpcRoutine(KDPC *pDpc, void *pContext, void *pArg1, void *pArg2)
{
	PLONG mHub = (PLONG )pContext;
	KIRQL Irql;

	// Indicate that we catch the processor
	InterlockedDecrement(mHub);
	
	//Wait until all our DPC will catch all processors	

	while(*mHub > 0);
	
	KeRaiseIrql(HIGH_LEVEL, &Irql);  // catch processor

	// value lower then 0 in variable mHum indicate that useful work already done
	if(*mHub >= 0)
	{
		// wait until useful work will be done
	
		while(*mHub >= 0);
	}

	KeLowerIrql(Irql);
	
}

void SingleProcessorMode::Enter()
{
	if(mCpuCount > 1)
	{
		KeEnterCriticalRegion();
	
		mSavedPriority = KeSetPriorityThread(KeGetCurrentThread(), HIGH_PRIORITY);
		KAFFINITY ActiveProcessors = KeQueryActiveProcessors();

		KeRaiseIrql(DISPATCH_LEVEL, &mSavedIrql);
		CCHAR CurrentProcessor = (CCHAR) KeGetCurrentProcessorNumber();
		
		mHub = 1;
		// Set for all processors except this DPC
		for(CCHAR i = mCpuCount - 1; i >= 0; i--)
		{
			if(i != CurrentProcessor && (ActiveProcessors & (1u << i)) != 0)
			{
				InterlockedIncrement(&mHub);
				KeInsertQueueDpc(&DpcArray[i], 0, 0);
			}
		}
		// Decrement mHub because this processor is catch		
		InterlockedDecrement(&mHub);

		// Lowering Irql for resolving DPC 
		// If Irql will be to high DPC will be never set
		KeLowerIrql(mSavedIrql);
		
		// Waiting until all DPC reach the target
		while(mHub > 0);

		KeRaiseIrql(HIGH_LEVEL, &mSavedIrql);
	}
	else
		KeRaiseIrql(HIGH_LEVEL, &mSavedIrql);
}

void SingleProcessorMode::Exit()
{
	if(mCpuCount > 1)
	{
		// value -1 indicate that all useful work are done
		InterlockedExchange(&mHub, -1);
		KeLowerIrql(mSavedIrql);
		KeSetPriorityThread(KeGetCurrentThread(), mSavedPriority);
		
		KeLeaveCriticalRegion();
	}
	else
		KeLowerIrql(mSavedIrql);
}

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -