📄 entry.c

📁 在驱动下读取SSDT的例子

💻 C

字号:

//////////////////////////////////////////////////////////////////////////
// SSDTDump by 李马
// http://www.titilima.cn
//////////////////////////////////////////////////////////////////////////

#include <ntddk.h>
#include "ioctl.h"
#include "SSDTDump.h"

NTSTATUS DriverEntry( PDRIVER_OBJECT pDriverObject,
                    PUNICODE_STRING pRegistryPath );

#pragma alloc_text( INIT, DriverEntry )

NTSTATUS DriverEntry( PDRIVER_OBJECT pDriverObject,
                    PUNICODE_STRING pRegistryPath )
{
    NTSTATUS s         = STATUS_SUCCESS;
    ULONG ulIndex      = 0;
    PDEVICE_OBJECT pdo = NULL;
    UNICODE_STRING sDriverName, sDosDeviceName;

    KdPrint(( "DriverEntry called.\r\n" ));

    RtlInitUnicodeString( &sDriverName, L"\\Device\\SSDTDump" );
    RtlInitUnicodeString( &sDosDeviceName, L"\\DosDevices\\SSDTDump" );

    s = IoCreateDevice( pDriverObject, 0, &sDriverName, FILE_DRIVER_SSDTDUMP,
        FILE_DEVICE_SECURE_OPEN, FALSE, &pdo );
    if ( STATUS_SUCCESS == s )
    {
        for ( ulIndex = 0; ulIndex < IRP_MJ_MAXIMUM_FUNCTION; ++ulIndex )
        {
            pDriverObject->MajorFunction[ulIndex] = SSDT_Unimplmented;
        }
        pDriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL]
            = SSDT_DeviceIoControl;
        pDriverObject->DriverUnload = SSDT_Unload;

        IoCreateSymbolicLink( &sDosDeviceName, &sDriverName );
    }

    return s;
}

💿 文件大小 27 K

👤 上传用户 zyhunicom

📂 所属分类嵌入式/单片机编程

🏷️ 相关标签

#SSDT #驱动 #读取

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -