[C] 纯文本查看 复制代码
#pragma once
//DriverA
#include <ntddk.h>
//创建自定义设备扩展
typedef struct _DEVICE_EXTENTION
{
PDEVICE_OBJECT pDeviceObject;
UNICODE_STRING uszDeviceName;
UNICODE_STRING uszSymbolName;
PIRP pCurrentIrp;
KTIMER kTimer;
KDPC kDpc;
}DEVICE_EXTENTION, *PDEVICE_EXTENTION;
//驱动入口
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObject, PUNICODE_STRING puszRegPathName);
//驱动卸载
VOID MyDriverUnload(PDRIVER_OBJECT pDriverObject);
//创建设备对象 为了交互数据
NTSTATUS CreateDevice(PDRIVER_OBJECT pDriverObject);
//普通回调
NTSTATUS DispatchGeneral(PDEVICE_OBJECT pDeviceObject, PIRP pIrp);
//读取回调 将当前要处理的IRP挂起 3秒后触发DPC回调结束IRP 同步
NTSTATUS DispatchRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp);
#include "DriverA.h"
//DPC回调
VOID DeferTimer(
_In_ struct _KDPC *Dpc,
_In_opt_ PVOID DeferredContext,
_In_opt_ PVOID SystemArgument1,
_In_opt_ PVOID SystemArgument2
)
{
PDEVICE_EXTENTION pDeviceExtention = NULL;
PDEVICE_OBJECT pDeviceObject = (PDEVICE_OBJECT)DeferredContext;
pDeviceExtention = (PDEVICE_EXTENTION)pDeviceObject->DeviceExtension;
PIRP pCurrentIrp = pDeviceExtention->pCurrentIrp;
KdPrint(("DriverA\n"));
pCurrentIrp->IoStatus.Information = 0;
pCurrentIrp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(pCurrentIrp, IO_NO_INCREMENT);
}
//驱动卸载
VOID MyDriverUnload(PDRIVER_OBJECT pDriverObject)
{
PDEVICE_EXTENTION pDeviceExtention = NULL;
PDEVICE_OBJECT pFirstDeviceObject = NULL;
pFirstDeviceObject = pDriverObject->DeviceObject;
ASSERT(pFirstDeviceObject != NULL);
pDeviceExtention = (PDEVICE_EXTENTION)(pFirstDeviceObject->DeviceExtension);
KeCancelTimer(&pDeviceExtention->kTimer);
pDeviceExtention = (PDEVICE_EXTENTION)pFirstDeviceObject->DeviceExtension;
IoDeleteSymbolicLink(&pDeviceExtention->uszSymbolName);
IoDeleteDevice(pDeviceExtention->pDeviceObject);
}
//创建设备对象 为了交互数据
NTSTATUS CreateDevice(PDRIVER_OBJECT pDriverObject)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
UNICODE_STRING uszDeviceName = RTL_CONSTANT_STRING(L"\\Device\\DriverA");
UNICODE_STRING uszSymbolName = RTL_CONSTANT_STRING(L"\\??\\DriverASymbol");
PDEVICE_OBJECT pDeviceObject = NULL;
PDEVICE_EXTENTION pDeviceExtention = NULL;
ntStatus = IoCreateDevice(pDriverObject, sizeof(DEVICE_EXTENTION), &uszDeviceName,
FILE_DEVICE_UNKNOWN, 0, TRUE, &pDeviceObject);
if (!NT_SUCCESS(ntStatus))
{
KdPrint(("IoCreateDevice 错误:%x\n", ntStatus));
return ntStatus;
}
ntStatus = IoCreateSymbolicLink(&uszSymbolName, &uszDeviceName);
if (!NT_SUCCESS(ntStatus))
{
KdPrint(("IoCreateSymbolicLink 错误:%x\n", ntStatus));
return ntStatus;
}
pDeviceExtention = (PDEVICE_EXTENTION)(pDeviceObject->DeviceExtension);
//初始化时间对象
KeInitializeTimer(&pDeviceExtention->kTimer);
//初始化DPC对象
KeInitializeDpc(&pDeviceExtention->kDpc, DeferTimer, (PVOID)pDeviceObject);
pDeviceExtention->pDeviceObject = pDeviceObject;
pDeviceExtention->uszDeviceName = uszDeviceName;
pDeviceExtention->uszSymbolName = uszSymbolName;
pDeviceObject->Flags |= DO_DIRECT_IO;
return ntStatus;
}
//普通回调
NTSTATUS DispatchGeneral(PDEVICE_OBJECT pDeviceObject, PIRP pIrp)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
pIrp->IoStatus.Information = 0;
pIrp->IoStatus.Status = ntStatus;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return ntStatus;
}
//读取回调 将当前要处理的IRP挂起 3秒后触发DPC回调结束IRP 同步
NTSTATUS DispatchRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp)
{
PDEVICE_EXTENTION pDeviceExtention = NULL;
IoMarkIrpPending(pIrp);
pDeviceExtention = (PDEVICE_EXTENTION)(pDeviceObject->DeviceExtension);
pDeviceExtention->pCurrentIrp = pIrp;
LARGE_INTEGER aa = { 0 };
aa.QuadPart = -30000000;
//启动定时器 3秒后进入DPC回调
KeSetTimer(
&pDeviceExtention->kTimer,
aa,
&pDeviceExtention->kDpc);
return STATUS_PENDING;
}
//驱动入口
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObject, PUNICODE_STRING puszRegPathName)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
pDriverObject->DriverUnload = MyDriverUnload;
CreateDevice(pDriverObject);
for (ULONG64 uCount = 0; uCount < IRP_MJ_MAXIMUM_FUNCTION; uCount++)
{
pDriverObject->MajorFunction[uCount] = DispatchGeneral;
}
pDriverObject->MajorFunction[IRP_MJ_READ] = DispatchRead;
return ntStatus;
}
#include <ntddk.h>
//DriverB
VOID DriverUnLoad(PDRIVER_OBJECT pDriverObj)
{
KdPrint(("Driver unload\n"));
}
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObj, PUNICODE_STRING pRegPath)
{
KdPrint(("Driver load\n"));
pDriverObj->DriverUnload = DriverUnLoad;
HANDLE hDeivce = NULL;
OBJECT_ATTRIBUTES objAttr = { 0 };
IO_STATUS_BLOCK ioStack = { 0 };
NTSTATUS ntStatus = 0;
UNICODE_STRING uszDeviceName = RTL_CONSTANT_STRING(L"\\Device\\DriverA");
InitializeObjectAttributes(&objAttr, &uszDeviceName, OBJ_CASE_INSENSITIVE, NULL, NULL);
ntStatus = ZwCreateFile(&hDeivce, GENERIC_ALL, &objAttr, &ioStack, 0, FILE_ATTRIBUTE_NORMAL, FILE_READ_ACCESS, FILE_OPEN_IF, FILE_SYNCHRONOUS_IO_ALERT, NULL, 0);
if (!NT_SUCCESS(ntStatus))
{
KdPrint(("ZwCreateFile 错误\n"));
return ntStatus;
}
ntStatus = ZwReadFile(hDeivce, NULL, NULL, NULL, &ioStack, NULL, 0, 0, NULL);
if (!NT_SUCCESS(ntStatus))
{
KdPrint(("ZwReadFile 错误\n"));
ZwClose(hDeivce);
return ntStatus;
}
ZwClose(hDeivce);
KdPrint(("DriverB\n"));
return STATUS_SUCCESS;
}
发表于 2019-12-25 13:17
