描述:
头文件:
#pragma once
extern "C" {
#include <NTDDK.h>
}
#include "Unicode.h"
typedef struct _DEVICE_EXTENSION {
PDEVICE_OBJECT pDevice;
ULONG DeviceNumber;
CUString ustrDeviceName; // internal name
CUString ustrSymLinkName; // external name
// Reserve space for pointer to loopback buffer
PVOID deviceBuffer;
ULONG deviceBufferSize;
} DEVICE_EXTENSION, *PDEVICE_EXTENSION;
.CPP文件:
#include "MyDrv.h"
static NTSTATUS CreateDevice (
IN PDRIVER_OBJECT pDriverObject,
IN ULONG DeviceNumber );
static VOID DriverUnload (
IN PDRIVER_OBJECT pDriverObject );
static NTSTATUS DispatchCreate (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp );
static NTSTATUS DispatchClose (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp );
static NTSTATUS DispatchRead (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp );
/////////////////////////////////////////////////////////////////////////////
extern "C" NTSTATUS DriverEntry (
IN PDRIVER_OBJECT pDriverObject,
IN PUNICODE_STRING pRegistryPath )
{
ULONG ulDeviceNumber = 0;
NTSTATUS status;
pDriverObject->DriverUnload = DriverUnload;
pDriverObject->MajorFunction[IRP_MJ_CREATE] = DispatchCreate;
pDriverObject->MajorFunction[IRP_MJ_CLOSE] = DispatchClose;
pDriverObject->MajorFunction[IRP_MJ_READ] = DispatchRead;
status = CreateDevice(pDriverObject, ulDeviceNumber);
return status;
}
NTSTATUS CreateDevice (
IN PDRIVER_OBJECT pDriverObject,
IN ULONG ulDeviceNumber ) //创建设备,初始化设备扩展,建立连接名用于user CreateFile
{
NTSTATUS status;
PDEVICE_OBJECT pDevObj;
PDEVICE_EXTENSION pDevExt;
CUString devName("\\Device\\JTESTDRV");
status = IoCreateDevice( pDriverObject,
sizeof(DEVICE_EXTENSION),
&(UNICODE_STRING)devName,
FILE_DEVICE_UNKNOWN,
0, TRUE,
&pDevObj );
if (!NT_SUCCESS(status))
return status;
pDevObj->Flags |= DO_BUFFERED_IO;
pDevExt = (PDEVICE_EXTENSION)pDevObj->DeviceExtension;
pDevExt->pDevice = pDevObj; // back pointer
pDevExt->DeviceNumber = ulDeviceNumber;
pDevExt->ustrDeviceName = devName;
pDevExt->deviceBuffer = NULL;
pDevExt->deviceBufferSize = 0;
CUString symLinkName("\\??\\JMYDRV");
symLinkName += CUString(ulDeviceNumber+1); // 1 based
pDevExt->ustrSymLinkName = symLinkName;
status = IoCreateSymbolicLink( &(UNICODE_STRING)symLinkName,
&(UNICODE_STRING)devName );
if (!NT_SUCCESS(status))
{
// if it fails now, must delete Device object
IoDeleteDevice( pDevObj );
return status;
}
return STATUS_SUCCESS;
}
VOID DriverUnload (
IN PDRIVER_OBJECT pDriverObject ) //释放设备扩展的buffer,删除联结,删除设备
{
PDEVICE_OBJECT pNextObj;
pNextObj = pDriverObject->DeviceObject;
while (pNextObj != NULL)
{
PDEVICE_EXTENSION pDevExt = (PDEVICE_EXTENSION)
pNextObj->DeviceExtension;
// Free up any buffer still held by this device
if (pDevExt->deviceBuffer != NULL)
{
ExFreePool(pDevExt->deviceBuffer);
pDevExt->deviceBuffer = NULL;
pDevExt->deviceBufferSize = 0;
}
// DevExt also holds the symbolic link name
UNICODE_STRING pLinkName =
pDevExt->ustrSymLinkName;
// ... which can now be deleted
IoDeleteSymbolicLink(&pLinkName);
// a little trickery...
// we need to delete the device object, BUT
// the Device object is pointed to by pNextObj
// If we delete the device object first,
// we can't traverse to the next Device in the list
// Rather than create another pointer, we can
// use the DeviceExtension's back pointer to the device
// So, first update the next pointer...
pNextObj = pNextObj->NextDevice;
// then delete the device using the Extension
IoDeleteDevice( pDevExt->pDevice );
}
}
NTSTATUS DispatchCreate (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp ) //不做任何事情,完成该IRP
{
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = 0; // no bytes xfered
IoCompleteRequest( pIrp, IO_NO_INCREMENT );
return STATUS_SUCCESS;
}
NTSTATUS DispatchClose (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp ) //删除设备扩展的buffer,完成IRP
{
// Dig out the Device Extension from the Device object
PDEVICE_EXTENSION pDevExt = (PDEVICE_EXTENSION)
pDevObj->DeviceExtension;
if (pDevExt->deviceBuffer != NULL) {
ExFreePool(pDevExt->deviceBuffer);
pDevExt->deviceBuffer = NULL;
pDevExt->deviceBufferSize = 0;
}
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = 0; // no bytes xfered
IoCompleteRequest( pIrp, IO_NO_INCREMENT );
return STATUS_SUCCESS;
}
NTSTATUS DispatchRead (
IN PDEVICE_OBJECT pDevObj,
IN PIRP pIrp )
{
NTSTATUS status = STATUS_SUCCESS;
PVOID userBuffer;
ULONG xferSize;
PVOID str=NULL;
if (str != NULL)
{
ExFreePool(str);
str = NULL;
}
// The stack location contains the user buffer info
PIO_STACK_LOCATION pIrpStack = IoGetCurrentIrpStackLocation( pIrp );
// Dig out the Device Extension from the Device object
// Determine the length of the request
xferSize = pIrpStack->Parameters.Read.Length;
str = ExAllocatePool( PagedPool, xferSize );
str="this is a test";
//&