Windows驱动开发-r3和r0通信

用户部分代码:

int main()
{
    HANDLE hDevice = CreateFile(L"\\\\.\\MyTest", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hDevice==INVALID_HANDLE_VALUE)
    {
        printf("Failed to obtain device handle...");
        getchar();
        return 0;
    }

    UCHAR buffer[10];
    ULONG size;
    LPDWORD ll;
    BOOL result = ReadFile(hDevice, buffer, 10, &size, NULL);
    if (result)
    {
        printf("READ %d BYTES...", size);
        for (size_t i = 0; i < (size_t)size; i++)
        {
            printf("%02x\n", buffer[i]);
        }
    }
    CloseHandle(hDevice);
    getchar();
    return 0;
}

驱动部分代码:

#include <ntddk.h>

#define DEVICE_NAME L"\\Device\\MyTestDevice"
#define SYMBOL_LINK_NAME L"\\??\\MyTest"

PDEVICE_OBJECT pDevice;
UNICODE_STRING DeviceName;
UNICODE_STRING SymbolLinkName;

NTSTATUS DeviceCreate(PDEVICE_OBJECT pDeviceObject,PIRP pIrp);
NTSTATUS DeviceClose(PDEVICE_OBJECT pDeviceObject, PIRP pIrp);
NTSTATUS DeviceRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp);

NTSTATUS unload(PDRIVER_OBJECT driver)
{
    DbgPrint("driver :%ws unload", driver->DriverName);
    DbgPrint("driver unload success...");
    IoDeleteSymbolicLink(&SymbolLinkName);
    IoDeleteDevice(pDevice);
    return STATUS_SUCCESS;
}

NTSTATUS DriverEntry(PDRIVER_OBJECT driver,PUNICODE_STRING reg_path)
{
    NTSTATUS ntstatus = STATUS_SUCCESS;
    driver->DriverUnload = unload;
    driver->MajorFunction[IRP_MJ_CREATE] = DeviceCreate;//创建
    driver->MajorFunction[IRP_MJ_READ] = DeviceRead;//通信
    driver->MajorFunction[IRP_MJ_CLOSE] = DeviceClose;//关闭

    RtlInitUnicodeString(&DeviceName, DEVICE_NAME);
    RtlInitUnicodeString(&SymbolLinkName, SYMBOL_LINK_NAME);

    ntstatus = IoCreateDevice(driver, 0, &DeviceName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &pDevice);
    if (!NT_SUCCESS(ntstatus))
    {
        DbgPrint("IoCreateDevice Failed");
        return ntstatus;
    }

    ntstatus = IoCreateSymbolicLink(&SymbolLinkName, &DeviceName);
    if (!NT_SUCCESS(ntstatus))
    {
        DbgPrint("IoCreateSymbolicLink Failed");
        IoDeleteDevice(pDevice);
        return ntstatus;
    }

    pDevice->Flags |= DO_BUFFERED_IO;
    DbgPrint("%ws", reg_path->Buffer);
    DbgPrint("driver load success...");
    return STATUS_SUCCESS;
}

NTSTATUS DeviceCreate(PDEVICE_OBJECT pDeviceObject, PIRP pIrp)
{
    //业务代码区

    //设置返回状态
    pIrp->IoStatus.Status = STATUS_SUCCESS;
    pIrp->IoStatus.Information = 0;            
    IoCompleteRequest(pIrp, IO_NO_INCREMENT);
    DbgPrint("create device success...%d",pDeviceObject->ActiveThreadCount);//这里蛋疼得狠,vs2019里,pDeviceObject不用一下,编译就报错,所有派遣函数一样
    return STATUS_SUCCESS;
}

NTSTATUS DeviceClose(PDEVICE_OBJECT pDeviceObject, PIRP pIrp)
{
    //业务代码区

    //设置返回状态
    pIrp->IoStatus.Status = STATUS_SUCCESS;//getLastError()得到的值
    pIrp->IoStatus.Information = 0;            //返回给3环多少数据,没有填0
    IoCompleteRequest(pIrp, IO_NO_INCREMENT);
    DbgPrint("create device success...%d", pDeviceObject->ActiveThreadCount);
    return STATUS_SUCCESS;
}

NTSTATUS DeviceRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp)
{
    PIO_STACK_LOCATION iostack;
    iostack = IoGetCurrentIrpStackLocation(pIrp);
    ULONG length = iostack->Parameters.Read.Length;
    PVOID pBuffer = pIrp->AssociatedIrp.SystemBuffer;

    pIrp->IoStatus.Status = STATUS_SUCCESS;//getLastError()得到的值
    pIrp->IoStatus.Information = length;            //返回给3环多少数据,没有填0
    RtlFillMemory(pBuffer,length,0xAA);
    IoCompleteRequest(pIrp, IO_NO_INCREMENT);
    DbgPrint("read device success...%d", pDeviceObject->ActiveThreadCount);
    return STATUS_SUCCESS;
}

 

posted @ 2020-02-19 14:54  AGB  阅读(1298)  评论(0编辑  收藏  举报