📄 csdn技术中心 实战deviceiocontrol 之六:访问物理端口.mht
字号:
class=3Dnum>0x0000f000</SPAN>
=20
<SPAN class=3Drem>// I/O=BF=D8=D6=C6=C2=EB=B6=A8=D2=E5</SPAN>
<SPAN class=3Drem>// =
0-2047=B1=BBMicrosoft=D5=BC=D3=C3=A3=AC=D3=C3=BB=A7=D7=D4=B6=A8=D2=E5=BF=C9=
=D3=C32048-4095 </SPAN>
<SPAN class=3Dkey>#define</SPAN> MYPORT_IOCTL_BASE <SPAN =
class=3Dnum>0xf00</SPAN>
=20
<SPAN class=3Dkey>#define</SPAN> IOCTL_MYPORT_READ_BYTE =
CTL_CODE(FILE_DEVICE_MYPORT, MYPORT_IOCTL_BASE, METHOD_BUFFERED, =
FILE_ANY_ACCESS)
<SPAN class=3Dkey>#define</SPAN> IOCTL_MYPORT_WRITE_BYTE =
CTL_CODE(FILE_DEVICE_MYPORT, MYPORT_IOCTL_BASE+1, METHOD_BUFFERED, =
FILE_ANY_ACCESS)
=20
<SPAN class=3Drem>// =
IOPM=CA=C765536=B8=F6=B6=CB=BF=DA=B5=C4=CE=BB=C6=C1=B1=CE=BE=D8=D5=F3=A3=AC=
=B0=FC=BA=AC8192=D7=D6=BD=DA(8192 x 8 =3D 65536)</SPAN>
<SPAN class=3Drem>// 0 bit: =
=D4=CA=D0=ED=D3=A6=D3=C3=B3=CC=D0=F2=B7=C3=CE=CA=B6=D4=D3=A6=B6=CB=BF=DA<=
/SPAN>
<SPAN class=3Drem>// 1 bit: =
=BD=FB=D6=B9=D3=A6=D3=C3=B3=CC=D0=F2=B7=C3=CE=CA=B6=D4=D3=A6=B6=CB=BF=DA<=
/SPAN>
=20
<SPAN class=3Dkey>#define</SPAN> IOPM_SIZE <SPAN =
class=3Dnum>8192</SPAN>
=20
<SPAN class=3Dkey>typedef</SPAN> UCHAR IOPM[IOPM_SIZE];
=20
IOPM *pIOPM =3D NULL;
=20
<SPAN class=3Drem>// =
=C9=E8=B1=B8=C3=FB(=D2=AA=C7=F3=D2=D4UNICODE=B1=ED=CA=BE)</SPAN>
<SPAN class=3Dkey>const</SPAN> WCHAR NameBuffer[] =3D <SPAN =
class=3Dstr>L"\\Device\\MyPort"</SPAN>;
<SPAN class=3Dkey>const</SPAN> WCHAR DOSNameBuffer[] =3D <SPAN =
class=3Dstr>L"\\DosDevices\\MyPort"</SPAN>;
=20
<SPAN class=3Drem>// =
=D5=E2=CA=C7=C1=BD=B8=F6=D4=DAntoskrnl.exe=D6=D0=B5=C4=CE=B4=BC=FB=CE=C4=B5=
=B5=B5=C4=B7=FE=CE=F1=C0=FD=B3=CC</SPAN>
<SPAN class=3Drem>// =
=C3=BB=D3=D0=CF=D6=B3=C9=B5=C4=D2=D1=BE=AD=CB=B5=C3=F7=CB=FC=C3=C7=D4=AD=D0=
=CD=B5=C4=CD=B7=CE=C4=BC=FE=A3=AC=CE=D2=C3=C7=D7=D4=BC=BA=C9=F9=C3=F7</SP=
AN>
<SPAN class=3Dkey>void</SPAN> Ke386SetIoAccessMap(<SPAN =
class=3Dkey>int</SPAN>, IOPM *);
<SPAN class=3Dkey>void</SPAN> Ke386IoSetAccessProcess(PEPROCESS, <SPAN =
class=3Dkey>int</SPAN>);
=20
<SPAN class=3Drem>// =
=BA=AF=CA=FD=D4=AD=D0=CD=D4=A4=CF=C8=CB=B5=C3=F7</SPAN>
NTSTATUS MyPortDispatch(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
<SPAN class=3Dkey>void</SPAN> MyPortUnload(IN PDRIVER_OBJECT =
DriverObject);
=20
<SPAN class=3Drem>// =
=C7=FD=B6=AF=B3=CC=D0=F2=C8=EB=BF=DA=A3=AC=D3=C9=CF=B5=CD=B3=D7=D4=B6=AF=B5=
=F7=D3=C3=A3=AC=BE=CD=CF=F1WIN32=D3=A6=D3=C3=B3=CC=D0=F2=B5=C4WinMain</SP=
AN>
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING =
RegistryPath)
{
PDEVICE_OBJECT deviceObject;
NTSTATUS status;
UNICODE_STRING uniNameString, uniDOSString;
=20
<SPAN class=3Drem>// =CE=AAIOPM=B7=D6=C5=E4=C4=DA=B4=E6</SPAN>
pIOPM =3D MmAllocateNonCachedMemory(<SPAN =
class=3Dkey>sizeof</SPAN>(IOPM));
<SPAN class=3Dkey>if</SPAN> (pIOPM =3D=3D <SPAN =
class=3Dnum>0</SPAN>)
{
<SPAN class=3Dkey>return</SPAN> STATUS_INSUFFICIENT_RESOURCES;
}
=20
<SPAN class=3Drem>// =
IOPM=C8=AB=B2=BF=B3=F5=CA=BC=BB=AF=CE=AA0(=D4=CA=D0=ED=B7=C3=CE=CA=CB=F9=D3=
=D0=B6=CB=BF=DA)</SPAN>
RtlZeroMemory(pIOPM, <SPAN class=3Dkey>sizeof</SPAN>(IOPM));
=20
<SPAN class=3Drem>// =
=BD=ABIOPM=BC=D3=D4=D8=B5=BD=B5=B1=C7=B0=BD=F8=B3=CC</SPAN>
Ke386IoSetAccessProcess(PsGetCurrentProcess(), <SPAN =
class=3Dnum>1</SPAN>);
Ke386SetIoAccessMap(<SPAN class=3Dnum>1</SPAN>, pIOPM);
=20
<SPAN class=3Drem>// =D6=B8=B6=A8=C7=FD=B6=AF=C3=FB=D7=D6</SPAN>
RtlInitUnicodeString(&uniNameString, NameBuffer);
RtlInitUnicodeString(&uniDOSString, DOSNameBuffer);
=20
<SPAN class=3Drem>// =B4=B4=BD=A8=C9=E8=B1=B8</SPAN>
status =3D IoCreateDevice(DriverObject, <SPAN class=3Dnum>0</SPAN>,
&uniNameString,
FILE_DEVICE_MYPORT,
<SPAN class=3Dnum>0</SPAN>, FALSE, &deviceObject);
=20
<SPAN class=3Dkey>if</SPAN> (!NT_SUCCESS(status))
{
<SPAN class=3Dkey>return</SPAN> status;
}
=20
<SPAN class=3Drem>// =
=B4=B4=BD=A8WIN32=D3=A6=D3=C3=B3=CC=D0=F2=D0=E8=D2=AA=B5=C4=B7=FB=BA=C5=C1=
=AC=BD=D3</SPAN>
status =3D IoCreateSymbolicLink (&uniDOSString, =
&uniNameString);
=20
<SPAN class=3Dkey>if</SPAN> (!NT_SUCCESS(status))
{
<SPAN class=3Dkey>return</SPAN> status;
}
=20
<SPAN class=3Drem>// =
=D6=B8=B6=A8=C7=FD=B6=AF=B3=CC=D0=F2=D3=D0=B9=D8=B2=D9=D7=F7=B5=C4=C4=A3=BF=
=E9=C8=EB=BF=DA(=BA=AF=CA=FD=D6=B8=D5=EB)</SPAN>
<SPAN class=3Drem>// =
=C9=E6=BC=B0=D2=D4=CF=C2=C1=BD=B8=F6=C4=A3=BF=E9=A3=BAMyPortDispatch=BA=CD=
MyPortUnload</SPAN>
DriverObject->MajorFunction[IRP_MJ_CREATE] =3D
DriverObject->MajorFunction[IRP_MJ_CLOSE] =3D
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] =3D =
MyPortDispatch;
DriverObject->DriverUnload =3D MyPortUnload;
=20
<SPAN class=3Dkey>return</SPAN> STATUS_SUCCESS;
}
=20
<SPAN class=3Drem>// IRP=B4=A6=C0=ED=C4=A3=BF=E9</SPAN>
NTSTATUS MyPortDispatch(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PIO_STACK_LOCATION IrpStack;
ULONG dwInputBufferLength;
ULONG dwOutputBufferLength;
ULONG dwIoControlCode;
PULONG pvIOBuffer;
NTSTATUS ntStatus;
=20
<SPAN class=3Drem>// =
=CC=EE=B3=E4=BC=B8=B8=F6=C4=AC=C8=CF=D6=B5</SPAN>
Irp->IoStatus.Status =3D STATUS_SUCCESS; <SPAN class=3Drem>// =
=B7=B5=BB=D8=D7=B4=CC=AC</SPAN>
Irp->IoStatus.Information =3D <SPAN class=3Dnum>0</SPAN>; =
<SPAN class=3Drem>// =CA=E4=B3=F6=B3=A4=B6=C8</SPAN>
=20
IrpStack =3D IoGetCurrentIrpStackLocation(Irp);
=20
<SPAN class=3Drem>// Get the pointer to the input/output buffer and =
it's length</SPAN>
=20
<SPAN class=3Drem>// =
=CA=E4=C8=EB=CA=E4=B3=F6=B9=B2=D3=C3=B5=C4=BB=BA=B3=E5=C7=F8</SPAN>
<SPAN class=3Drem>// =
=D2=F2=CE=AA=CE=D2=C3=C7=D4=DAIOCTL=D6=D0=D6=B8=B6=A8=C1=CBMETHOD_BUFFERE=
D=A3=AC</SPAN>
pvIOBuffer =3D Irp->AssociatedIrp.SystemBuffer;
=20
<SPAN class=3Dkey>switch</SPAN> (IrpStack->MajorFunction)
{
<SPAN class=3Dkey>case</SPAN> IRP_MJ_CREATE: <SPAN =
class=3Drem>// =
=D3=EBWIN32=D3=A6=D3=C3=B3=CC=D0=F2=D6=D0=B5=C4CreateFile=B6=D4=D3=A6</SP=
AN>
<SPAN class=3Dkey>break</SPAN>;
=20
<SPAN class=3Dkey>case</SPAN> IRP_MJ_CLOSE: <SPAN =
class=3Drem>// =
=D3=EBWIN32=D3=A6=D3=C3=B3=CC=D0=F2=D6=D0=B5=C4CloseHandle=B6=D4=D3=A6</S=
PAN>
<SPAN class=3Dkey>break</SPAN>;
=20
<SPAN class=3Dkey>case</SPAN> IRP_MJ_DEVICE_CONTROL: =
<SPAN class=3Drem>// =
=D3=EBWIN32=D3=A6=D3=C3=B3=CC=D0=F2=D6=D0=B5=C4DeviceIoControl=B6=D4=D3=A6=
</SPAN>
dwIoControlCode =3D =
IrpStack->Parameters.DeviceIoControl.IoControlCode;
<SPAN class=3Dkey>switch</SPAN> (dwIoControlCode)
{
<SPAN class=3Drem>// =
=CE=D2=C3=C7=D4=BC=B6=A8=A3=AC=BB=BA=B3=E5=C7=F8=B9=B2=C1=BD=B8=F6DWORD=A3=
=AC=B5=DA=D2=BB=B8=F6DWORD=CE=AA=B6=CB=BF=DA=A3=AC=B5=DA=B6=FE=B8=F6DWORD=
=CE=AA=CA=FD=BE=DD</SPAN>
<SPAN class=3Drem>// =
=D2=BB=B0=E3=D7=F6=B7=A8=CA=C7=D7=A8=C3=C5=B6=A8=D2=E5=D2=BB=B8=F6=BD=E1=B9=
=B9=A3=AC=B4=CB=B4=A6=BC=F2=B5=A5=BB=AF=B4=A6=C0=ED=C1=CB</SPAN>
<SPAN class=3Dkey>case</SPAN> IOCTL_MYPORT_READ_BYTE: =
<SPAN class=3Drem>// =B4=D3=B6=CB=BF=DA=B6=C1=D7=D6=BD=DA</SPAN>
pvIOBuffer[<SPAN class=3Dnum>1</SPAN>] =3D =
_inp(pvIOBuffer[<SPAN class=3Dnum>0</SPAN>]);
Irp->IoStatus.Information =3D <SPAN =
class=3Dnum>8</SPAN>; <SPAN class=3Drem>// =
=CA=E4=B3=F6=B3=A4=B6=C8=CE=AA8</SPAN>
<SPAN class=3Dkey>break</SPAN>;
<SPAN class=3Dkey>case</SPAN> IOCTL_MYPORT_WRITE_BYTE: =
<SPAN class=3Drem>// =D0=B4=D7=D6=BD=DA=B5=BD=B6=CB=BF=DA</SPAN>
_outp(pvIOBuffer[<SPAN class=3Dnum>0</SPAN>], =
pvIOBuffer[<SPAN class=3Dnum>1</SPAN>]);
<SPAN class=3Dkey>break</SPAN>;
<SPAN class=3Dkey>default</SPAN>: <SPAN =
class=3Drem>// =B2=BB=D6=A7=B3=D6=B5=C4IOCTL</SPAN>
Irp->IoStatus.Status =3D =
STATUS_INVALID_PARAMETER;
}
}
=20
ntStatus =3D Irp->IoStatus.Status;
=20
IoCompleteRequest (Irp, IO_NO_INCREMENT);
=20
<SPAN class=3Dkey>return</SPAN> ntStatus;
}
=20
<SPAN class=3Drem>// =C9=BE=B3=FD=C7=FD=B6=AF</SPAN>
<SPAN class=3Dkey>void</SPAN> MyPortUnload(IN PDRIVER_OBJECT =
DriverObject)
{
UNICODE_STRING uniDOSString;
=20
<SPAN class=3Dkey>if</SPAN>(pIOPM)
{
<SPAN class=3Drem>// =
=CA=CD=B7=C5IOPM=D5=BC=D3=C3=B5=C4=BF=D5=BC=E4</SPAN>
MmFreeNonCachedMemory(pIOPM, <SPAN =
class=3Dkey>sizeof</SPAN>(IOPM));
}
=20
RtlInitUnicodeString(&uniDOSString, DOSNameBuffer);
=20
<SPAN class=3Drem>// =
=C9=BE=B3=FD=B7=FB=BA=C5=C1=AC=BD=D3=BA=CD=C9=E8=B1=B8</SPAN>
IoDeleteSymbolicLink (&uniDOSString);
IoDeleteDevice(DriverObject->DeviceObject);
}
</CODE></PRE>
<P=20
=
class=3Dbhw98>=CF=C2=C3=E6=B8=F8=B3=F6=CA=B5=CF=D6=C9=E8=B1=B8=C7=FD=B6=AF=
=B3=CC=D0=F2=B5=C4=B6=AF=CC=AC=BC=D3=D4=D8=B5=C4=D4=B4=C2=EB=A1=A3=B6=AF=CC=
=AC=BC=D3=D4=D8=B5=C4=BA=C3=B4=A6=CA=C7=A3=AC=C4=E3=B2=BB=D3=C3=D7=F6=C8=CE=
=BA=CE=CC=ED=BC=D3=D0=C2=D3=B2=BC=FE=B5=C4=B2=D9=D7=F7=A3=AC=D2=B2=B2=BB=D3=
=C3=B1=E0=BC=AD=D7=A2=B2=E1=B1=ED=A3=AC=B8=FC=B2=BB=D3=C3=D6=D8=D0=C2=C6=F4=
=B6=AF=BC=C6=CB=E3=BB=FA=A1=A3=20
<PRE class=3Dbhw98><CODE class=3Dbhw98><SPAN class=3Drem>// =
=B0=B2=D7=B0=C7=FD=B6=AF=B2=A2=C6=F4=B6=AF=B7=FE=CE=F1</SPAN>
<SPAN class=3Drem>// lpszDriverPath: =
=C7=FD=B6=AF=B3=CC=D0=F2=C2=B7=BE=B6</SPAN>
<SPAN class=3Drem>// lpszServiceName: =B7=FE=CE=F1=C3=FB </SPAN>
BOOL StartDriver(LPCTSTR lpszDriverPath, LPCTSTR lpszServiceName)
{
SC_HANDLE hSCManager; <SPAN class=3Drem>// =
=B7=FE=CE=F1=BF=D8=D6=C6=B9=DC=C0=ED=C6=F7=BE=E4=B1=FA</SPAN>
SC_HANDLE hService; <SPAN class=3Drem>// =
=B7=FE=CE=F1=BE=E4=B1=FA</SPAN>
DWORD dwLastError; <SPAN class=3Drem>// =
=B4=ED=CE=F3=C2=EB</SPAN>
BOOL bResult =3D FALSE; <SPAN class=3Drem>// =
=B7=B5=BB=D8=D6=B5</SPAN>
=20
<SPAN class=3Drem>// =
=B4=F2=BF=AA=B7=FE=CE=F1=BF=D8=D6=C6=B9=DC=C0=ED=C6=F7</SPAN>
hSCManager =3D OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
=20
<SPAN class=3Dkey>if</SPAN> (hSCManager)
{
<SPAN class=3Drem>// =B4=B4=BD=A8=B7=FE=CE=F1</SPAN>
hService =3D CreateService(hSCManager,
lpszServiceName,
lpszServiceName,
SERVICE_ALL_ACCESS,
SERVICE_KERNEL_DRIVER,
SERVICE_DEMAND_START,
SERVICE_ERROR_NORMAL,
lpszDriverPath,
NULL,
NULL,
NULL,
NULL,
NULL);
=20
<SPAN class=3Dkey>if</SPAN> (hService =3D=3D NULL)
{
<SPAN class=3Dkey>if</SPAN> (::GetLastError() =3D=3D =
ERROR_SERVICE_EXISTS)
{
hService =3D ::OpenService(hSCManager, lpszServiceName, =
SERVICE_ALL_ACCESS);
}
}
=20
<SPAN class=3Dkey>if</SPAN> (hService)
{
<SPAN class=3Drem>// =C6=F4=B6=AF=B7=FE=CE=F1</SPAN>
bResult =3D StartService(hService, <SPAN =
class=3Dnum>0</SPAN>, NULL);
=20
<SPAN class=3Drem>// =
=B9=D8=B1=D5=B7=FE=CE=F1=BE=E4=B1=FA</SPAN>
CloseServiceHandle(hService);
}
=20
<SPAN class=3Drem>// =
=B9=D8=B1=D5=B7=FE=CE=F1=BF=D8=D6=C6=B9=DC=C0=ED=C6=F7=BE=E4=B1=FA</SPAN>=
CloseServiceHandle(hSCManager);
}
=20
<SPAN class=3Dkey>return</SPAN> bResult;
}
=20
<SPAN class=3Drem>// =
=CD=A3=D6=B9=B7=FE=CE=F1=B2=A2=D0=B6=CF=C2=C7=FD=B6=AF</SPAN>
<SPAN class=3Drem>// lpszServiceName: =B7=FE=CE=F1=C3=FB </SPAN>
BOOL StopDriver(LPCTSTR lpszServiceName)
{
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -