(十一)、IRP与派遣函数

IRP

1、IRP结构

MdlAddress : 内存描述符

UserBuffer : 用户缓冲区

Tail：IRP的尾部，保存了一个联合体

Paramters：从应用层传递来的参数

2、IRP类型

IRP一共有28种

3、编写派遣函数

我们需要在每个派遣函数里面都要调用函数 IoCompleteRequest,我们一般设置为优先级不改变，即IO_NO_INCREMENT

代码

0环代码:

#include <ntddk.h>

VOID Unload(PDRIVER_OBJECT driver)
{
    UNICODE_STRING SymbolicLinkName = RTL_CONSTANT_STRING(L"\\??\\DDK");

    IoDeleteSymbolicLink(&SymbolicLinkName);
    IoDeleteDevice(driver->DeviceObject);
    DbgPrint("Driver Unload\n");
}

NTSTATUS DispatchRoution(IN PDEVICE_OBJECT DeciceObject, IN PIRP Irp)
{
    static CHAR* irpname[] = {
    " IRP_MJ_CREATE                    " ,
    " IRP_MJ_CREATE_NAMED_PIPE        " ,
    " IRP_MJ_CLOSE                    " ,
    " IRP_MJ_READ                    " ,
    " IRP_MJ_WRITE                    " ,
    " IRP_MJ_QUERY_INFORMATION        " ,
    " IRP_MJ_SET_INFORMATION        "     ,
    " IRP_MJ_QUERY_EA                " ,
    " IRP_MJ_SET_EA                    " ,
    " IRP_MJ_FLUSH_BUFFERS            " ,
    " IRP_MJ_QUERY_VOLUME_INFORMATI    " ,
    " IRP_MJ_SET_VOLUME_INFORMATION    " ,
    " IRP_MJ_DIRECTORY_CONTROL        " ,
    " IRP_MJ_FILE_SYSTEM_CONTROL    "     ,
    " IRP_MJ_DEVICE_CONTROL            " ,
    " IRP_MJ_INTERNAL_DEVICE_CONTRO    " ,
    " IRP_MJ_SHUTDOWN                " ,
    " IRP_MJ_LOCK_CONTROL            " ,
    " IRP_MJ_CLEANUP                "     ,
    " IRP_MJ_CREATE_MAILSLOT        "     ,
    " IRP_MJ_QUERY_SECURITY            " ,
    " IRP_MJ_SET_SECURITY            " ,
    " IRP_MJ_POWER                    " ,
    " IRP_MJ_SYSTEM_CONTROL            " ,
    " IRP_MJ_DEVICE_CHANGE            " ,
    " IRP_MJ_QUERY_QUOTA            " ,
    " IRP_MJ_SET_QUOTA                " ,
    " IRP_MJ_PNP                    "
    };
    PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp);//IRP栈单元//
    DbgPrint("%s\n", irpname[stack->MajorFunction]);
    Irp->IoStatus.Information = 0;        //返回状态//
    Irp->IoStatus.Status = STATUS_SUCCESS;
    
    IoCompleteRequest(Irp, IO_NO_INCREMENT);//优先级不改变//
    return STATUS_SUCCESS;
}

NTSTATUS DriverEntry(PDRIVER_OBJECT driver)
{
    DbgPrint("Driver Load\n");
    //PCHAR buff = NULL;
    NTSTATUS status;
    UNICODE_STRING DeviceName = RTL_CONSTANT_STRING(L"\\Device\\MyDDK");
    UNICODE_STRING SymbolName = RTL_CONSTANT_STRING(L"\\??\\DDK");
    PDEVICE_OBJECT DeviceObject;
    for (int i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
    {
        driver->MajorFunction[i] = DispatchRoution;
    }
    status = IoCreateDevice(driver,0,&DeviceName,FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN,FALSE,&DeviceObject);//创建设备//
    
    
    if (!NT_SUCCESS(status))
    {
        DbgPrint("创建设备成功\n");
        return status;
    }

    status = IoCreateSymbolicLink(&SymbolName, &DeviceName);            //创建符号链接//
    if (!NT_SUCCESS(status))
    {
        DbgPrint("符号链接创建失败\n");
        IoDeleteDevice(DeviceObject);    
        return status;
    }
    driver->Flags |= DO_BUFFERED_IO;
    driver->Flags &= ~DO_DEVICE_INITIALIZING;



    driver->DriverUnload = Unload;
    return STATUS_SUCCESS;
}

三环代码：

// 三环代码.cpp : 此文件包含 "main" 函数。程序执行将在此处开始并结束。
//

#include <iostream>
#include <stdio.h>
#include <Windows.h>
using namespace std;

#define IOTEST CTL_CODE(FILE_DEVICE_UNKNOWN,0x800,METHOD_BUFFERED,FILE_ANY_ACCESS)
int main()
{
    // \\\\.\\ 相当于 \\?\\ //
    HANDLE hDevice = CreateFile(TEXT("\\\\.\\DDK"),
        GENERIC_ALL,
        FILE_SHARE_READ | FILE_SHARE_WRITE,
        NULL,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        NULL);
    if (hDevice == INVALID_HANDLE_VALUE)
    {
        cout << "打开设备失败" <<GetLastError();
        getchar();
        return -1;
    }
    DWORD dwRet;
    ReadFile(hDevice, NULL, 0, &dwRet, NULL);
    WriteFile(hDevice, NULL, 0, &dwRet, NULL);
    GetFileSize(hDevice, NULL);
    DeviceIoControl(hDevice, IOTEST, NULL, 0, NULL, 0, &dwRet, NULL);
    CloseHandle(hDevice);

    getchar();
    return 0;
}

 

其中 Create内部把\\\\.\\ 替换成 \\?\\

 

 

 

 

__EOF__

本文作者：_TLSN
本文链接：https://www.cnblogs.com/lordtianqiyi/articles/16098059.html
关于博主：评论和私信会在第一时间回复。或者直接私信我。
版权声明：本博客所有文章除特别声明外，均采用 BY-NC-SA 许可协议。转载请注明出处！
声援博主：如果您觉得文章对您有帮助，可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力！