interface.h

驱动编程学习代码

//
// Device type           -- in the "User Defined" range."
//
#define OSINFO_TYPE 40000
//
// The IOCTL function codes from 0x800 to 0xFFF are for customer use.
//

#define IOCTL_ASMINT3               (ULONG)CTL_CODE( OSINFO_TYPE, 0x900, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_GETKERNALBASEINFO     (ULONG)CTL_CODE( OSINFO_TYPE, 0x901, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_GETSSDT               (ULONG)CTL_CODE( OSINFO_TYPE, 0x902, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_GETSSDTHOOKFLAG       (ULONG)CTL_CODE( OSINFO_TYPE, 0x903, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_GETSERVICENAMES       (ULONG)CTL_CODE( OSINFO_TYPE, 0x904, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_GETSERVICENAMESKRL    (ULONG)CTL_CODE( OSINFO_TYPE, 0x905, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_SETWORKITEM           (ULONG)CTL_CODE( OSINFO_TYPE, 0x907, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_DELAYGETNT            (ULONG)CTL_CODE( OSINFO_TYPE, 0x906, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_DUMPKCB               (ULONG)CTL_CODE( OSINFO_TYPE, 0x910, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_DUMPDEVICEOBJECT      (ULONG)CTL_CODE( OSINFO_TYPE, 0x911, METHOD_NEITHER, FILE_ANY_ACCESS )
#define IOCTL_ENUMPROCESS           (ULONG)CTL_CODE( OSINFO_TYPE, 0x912, METHOD_NEITHER, FILE_ANY_ACCESS )

#define DRIVER_FUNC_INSTALL     0x01
#define DRIVER_FUNC_REMOVE      0x02

#define DRIVER_NAME         "OSInfo"

#define NT_DEVICE_NAME      L"\\Device\\OSInfo"
#define DOS_DEVICE_NAME     L"\\DosDevices\\OSInfo"

#define ASMINT(x)   __asm{int x}






typedef ULONG           DWORD;
typedef unsigned short  WORD;
typedef unsigned char   BYTE;
typedef BYTE            BOOLEAN;

#define MAXIMUM_FILENAME_LENGTH 256

#ifndef _MAX_PATH
    #define _MAX_PATH   260 /* max. length of full pathname */
#endif


typedef struct _NTOSKRNL 
{
     ULONG ulBaseAddr;
     ULONG ulEndAddr;
     BYTE  a_bName[MAXIMUM_FILENAME_LENGTH];
     ULONG ulSrvNum;
} NTOSKRNL, *PNTOSKRNL;


typedef char SERVICENAME[50];

typedef struct _DUMPKCB 
{
    HANDLE  hKey;
    PVOID   pKCB;
    PVOID   pHive;
    ULONG   ulCell;
} DUMPKCB, *PDUMPKCB;




/////////////////////////////////////////////////////////////////////////