devicedriverusermode.cpp

进程监控最简单的设备驱动

#include <stdio.h>

#include "DeviceDriverUserMode.h"

#define FILE_DEVICE_MYPORT	32768   //设备类型定义 0-32767被Microsoft占用，用户自定义可用32768-65535
#define MYPORT_IOCTL_BASE   2048   //I/O控制码定义 0-2047被Microsoft占用，用户自定义可用2048-4095 
#define IOCTL_MYPORT_READ_BYTE		CTL_CODE(FILE_DEVICE_MYPORT, MYPORT_IOCTL_BASE, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_MYPORT_WRITE_BYTE		CTL_CODE(FILE_DEVICE_MYPORT, MYPORT_IOCTL_BASE+1, METHOD_BUFFERED, FILE_ANY_ACCESS)

HANDLE driverHandle=NULL;

BOOL StartDriver(LPCTSTR lpszDriverPath, LPCTSTR lpszServiceName)
{
	SC_HANDLE hSCManager;
	SC_HANDLE hService;
	BOOL bResult = FALSE;
	hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
	if(hSCManager)
	{
		hService = CreateService(hSCManager,lpszServiceName,lpszServiceName,SERVICE_ALL_ACCESS,SERVICE_KERNEL_DRIVER,SERVICE_DEMAND_START,SERVICE_ERROR_NORMAL,lpszDriverPath,NULL,NULL,NULL,NULL,NULL);
		if(hService == NULL)
		{
			if(::GetLastError() == ERROR_SERVICE_EXISTS)
			{				
				hService = OpenService(hSCManager, lpszServiceName, SERVICE_ALL_ACCESS);
			}
		}
		if(hService)
		{
			bResult = StartService(hService, 0, NULL);
			CloseServiceHandle(hService);
		}
		CloseServiceHandle(hSCManager);
	}
	return bResult;
}
BOOL StopDriver(LPCTSTR lpszServiceName)
{
	SC_HANDLE hSCManager;
	SC_HANDLE hService;
	BOOL bResult;
	SERVICE_STATUS ServiceStatus;
	bResult = FALSE;
	hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
	if(hSCManager)
	{
		hService = OpenService(hSCManager, lpszServiceName, SERVICE_ALL_ACCESS);
		if(hService)
		{
			bResult = ControlService(hService, SERVICE_CONTROL_STOP, &ServiceStatus);
			bResult = bResult && DeleteService(hService);
			CloseServiceHandle(hService);
		}
		CloseServiceHandle(hSCManager);
	}
	return bResult;
}
HANDLE OpenDevice(LPCTSTR lpszDevicePath)
{
	HANDLE hDevice;
	hDevice= ::CreateFile(lpszDevicePath, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0,	NULL);
	return hDevice;
}
BOOL initDevice(TCHAR* driverFile,TCHAR* driverName)
{
	BOOL bResult;
	TCHAR szOld[MAX_PATH];
    if(GetModuleFileName(NULL,szOld,MAX_PATH)==0)
    {
		return FALSE;
    }
	TCHAR szNew[MAX_PATH];
	_TINT   ch = TEXT('\\');
	::ZeroMemory((PBYTE)szNew, sizeof(MAX_PATH));
	_tcscpy(szNew, szOld);
	TCHAR *pdest = _tcsrchr(szNew, ch);
	if( pdest != NULL )
	{
		_tcscpy(&pdest[1], driverFile);
	}
	else
	{
		_tcscpy(szNew, driverFile);
	}
	bResult = StartDriver(szNew, driverName);
	//
	TCHAR szTmp[MAX_PATH];
    ::ZeroMemory((PBYTE)szTmp, sizeof(MAX_PATH));
    _tcscpy(szTmp, "\\\\.\\");
	_tcscat(szTmp, driverName);
	if(bResult) 
	{
		driverHandle=OpenDevice(szTmp);
	}
	else
	{
		printf("StartDriver Failed, error=%d\n",GetLastError());
	}
	bResult = (bResult && driverHandle!=INVALID_HANDLE_VALUE);
	return bResult;
}
BOOL overDevice(TCHAR* driverName)
{
    return (CloseHandle(driverHandle) && StopDriver(driverName));
}