Minifilter的动态安装、加载及卸载
MINIFILTER框架的文件系统过滤驱动,无法使用的CreateService和OpenService进行动态加载。
看了一下,使用Inf文件安装Minifilter驱动的方式是在注册表驱动服务项下比传统驱动多创建了Instances子键,然后读取DefaultInstance值,这个值标明了Instance选项,然后,再去读指定的Instance的Altitude和Flags值。
知道两者区别后就很容易通过些注册表的方式进行Minifilter的动态安装。
下面是实现代码
头文件实现:
头文件代码
#include <winsvc.h>
#include <winioctl.h>
#define DRIVER_NAME "HelloDDK"
#define DRIVER_PATH ".\\HelloDDK.sys"
BOOL InstallDriver(const char* lpszDriverName,const char* lpszDriverPath,const char* lpszAltitude);
BOOL StartDriver(const char* lpszDriverName);
BOOL StopDriver(const char* lpszDriverName);
BOOL DeleteDriver(const char* lpszDriverName);
CPP文件实现:
CPP文件实现代码
#include "stdafx.h"
#include "SysLoader.h"
//======================================== 动态加载/卸载sys驱动 ======================================
// SYS文件跟程序放在同个目录下
// 如果产生的SYS名为HelloDDK.sys,那么安装驱动InstallDriver("HelloDDK",".\\HelloDDK.sys","370030"/*Altitude*/);
// 启动驱动服务 StartDriver("HelloDDK");
// 停止驱动服务 StopDriver("HelloDDK");
// 卸载SYS也是类似的调用过程, DeleteDriver("HelloDDK");
//====================================================================================================
BOOL InstallDriver(const char* lpszDriverName,const char* lpszDriverPath,const char* lpszAltitude)
{
char szTempStr[MAX_PATH];
HKEY hKey;
DWORD dwData;
char szDriverImagePath[MAX_PATH];
if( NULL==lpszDriverName || NULL==lpszDriverPath )
{
return FALSE;
}
//得到完整的驱动路径
GetFullPathName(lpszDriverPath, MAX_PATH, szDriverImagePath, NULL);
SC_HANDLE hServiceMgr=NULL;// SCM管理器的句柄
SC_HANDLE hService=NULL;// NT驱动程序的服务句柄
//打开服务控制管理器
hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS );
if( hServiceMgr == NULL )
{
// OpenSCManager失败
CloseServiceHandle(hServiceMgr);
return FALSE;
}
// OpenSCManager成功
//创建驱动所对应的服务
hService = CreateService( hServiceMgr,
lpszDriverName, // 驱动程序的在注册表中的名字
lpszDriverName, // 注册表驱动程序的DisplayName 值
SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限
SERVICE_FILE_SYSTEM_DRIVER, // 表示加载的服务是文件系统驱动程序
SERVICE_DEMAND_START, // 注册表驱动程序的Start 值
SERVICE_ERROR_IGNORE, // 注册表驱动程序的ErrorControl 值
szDriverImagePath, // 注册表驱动程序的ImagePath 值
"FSFilter Activity Monitor",// 注册表驱动程序的Group 值
NULL,
"FltMgr", // 注册表驱动程序的DependOnService 值
NULL,
NULL);
if( hService == NULL )
{
if( GetLastError() == ERROR_SERVICE_EXISTS )
{
//服务创建失败,是由于服务已经创立过
CloseServiceHandle(hService); // 服务句柄
CloseServiceHandle(hServiceMgr); // SCM句柄
return TRUE;
}
else
{
CloseServiceHandle(hService); // 服务句柄
CloseServiceHandle(hServiceMgr); // SCM句柄
return FALSE;
}
}
CloseServiceHandle(hService); // 服务句柄
CloseServiceHandle(hServiceMgr); // SCM句柄
//-------------------------------------------------------------------------------------------------------
// SYSTEM\\CurrentControlSet\\Services\\DriverName\\Instances子健下的键值项
//-------------------------------------------------------------------------------------------------------
strcpy(szTempStr,"SYSTEM\\CurrentControlSet\\Services\\");
strcat(szTempStr,lpszDriverName);
strcat(szTempStr,"\\Instances");
if(RegCreateKeyEx(HKEY_LOCAL_MACHINE,szTempStr,0,"",TRUE,KEY_ALL_ACCESS,NULL,&hKey,(LPDWORD)&dwData)!=ERROR_SUCCESS)
{
return FALSE;
}
// 注册表驱动程序的DefaultInstance 值
strcpy(szTempStr,lpszDriverName);
strcat(szTempStr," Instance");
if(RegSetValueEx(hKey,"DefaultInstance",0,REG_SZ,(CONST BYTE*)szTempStr,(DWORD)strlen(szTempStr))!=ERROR_SUCCESS)
{
return FALSE;
}
RegFlushKey(hKey);//刷新注册表
RegCloseKey(hKey);
//-------------------------------------------------------------------------------------------------------
//-------------------------------------------------------------------------------------------------------
// SYSTEM\\CurrentControlSet\\Services\\DriverName\\Instances\\DriverName Instance子健下的键值项
//-------------------------------------------------------------------------------------------------------
strcpy(szTempStr,"SYSTEM\\CurrentControlSet\\Services\\");
strcat(szTempStr,lpszDriverName);
strcat(szTempStr,"\\Instances\\");
strcat(szTempStr,lpszDriverName);
strcat(szTempStr," Instance");
if(RegCreateKeyEx(HKEY_LOCAL_MACHINE,szTempStr,0,"",TRUE,KEY_ALL_ACCESS,NULL,&hKey,(LPDWORD)&dwData)!=ERROR_SUCCESS)
{
return FALSE;
}
// 注册表驱动程序的Altitude 值
strcpy(szTempStr,lpszAltitude);
if(RegSetValueEx(hKey,"Altitude",0,REG_SZ,(CONST BYTE*)szTempStr,(DWORD)strlen(szTempStr))!=ERROR_SUCCESS)
{
return FALSE;
}
// 注册表驱动程序的Flags 值
dwData=0x0;
if(RegSetValueEx(hKey,"Flags",0,REG_DWORD,(CONST BYTE*)&dwData,sizeof(DWORD))!=ERROR_SUCCESS)
{
return FALSE;
}
RegFlushKey(hKey);//刷新注册表
RegCloseKey(hKey);
//-------------------------------------------------------------------------------------------------------
return TRUE;
}
BOOL StartDriver(const char* lpszDriverName)
{
SC_HANDLE schManager;
SC_HANDLE schService;
SERVICE_STATUS svcStatus;
if(NULL==lpszDriverName)
{
return FALSE;
}
schManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
if(NULL==schManager)
{
CloseServiceHandle(schManager);
return FALSE;
}
schService=OpenService(schManager,lpszDriverName,SERVICE_ALL_ACCESS);
if(NULL==schService)
{
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return FALSE;
}
if(!StartService(schService,0,NULL))
{
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
if( GetLastError() == ERROR_SERVICE_ALREADY_RUNNING )
{
// 服务已经开启
return TRUE;
}
return FALSE;
}
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return TRUE;
}
BOOL StopDriver(const char* lpszDriverName)
{
SC_HANDLE schManager;
SC_HANDLE schService;
SERVICE_STATUS svcStatus;
bool bStopped=false;
schManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
if(NULL==schManager)
{
return FALSE;
}
schService=OpenService(schManager,lpszDriverName,SERVICE_ALL_ACCESS);
if(NULL==schService)
{
CloseServiceHandle(schManager);
return FALSE;
}
if(!ControlService(schService,SERVICE_CONTROL_STOP,&svcStatus) && (svcStatus.dwCurrentState!=SERVICE_STOPPED))
{
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return FALSE;
}
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return TRUE;
}
BOOL DeleteDriver(const char* lpszDriverName)
{
SC_HANDLE schManager;
SC_HANDLE schService;
SERVICE_STATUS svcStatus;
schManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
if(NULL==schManager)
{
return FALSE;
}
schService=OpenService(schManager,lpszDriverName,SERVICE_ALL_ACCESS);
if(NULL==schService)
{
CloseServiceHandle(schManager);
return FALSE;
}
ControlService(schService,SERVICE_CONTROL_STOP,&svcStatus);
if(!DeleteService(schService))
{
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return FALSE;
}
CloseServiceHandle(schService);
CloseServiceHandle(schManager);
return TRUE;
}
作者:
js2854
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。