|
程,一般不用管它
NTSTATUS DispatchClose(PDEVICE_OBJECT pDevObj, PIRP pIrp)
{
DbgPrint("[kernel] # 关闭派遣 \n");
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = 0;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}
// IRP_MJ_DEVICE_CONTROL 对应的处理例程,驱动最重要的函数
NTSTATUS DispatchIoctl(PDEVICE_OBJECT pDevObj, PIRP pIrp)
{
NTSTATUS status = STATUS_INVALID_DEVICE_REQUEST;
PIO_STACK_LOCATION pIrpStack;
ULONG uIoControlCode;
PVOID pIoBuffer;
ULONG uInSize;
ULONG uOutSize;
// 获得IRP里的关键数据
pIrpStack = IoGetCurrentIrpStackLocation(pIrp);
// 获取控制码
uIoControlCode = pIrpStack->Parameters.DeviceIoControl.IoControlCode;
// 输入和输出的缓冲区(DeviceIoControl的InBuffer和OutBuffer都是它)
pIoBuffer = pIrp->AssociatedIrp.SystemBuffer;
// EXE发送传入数据的BUFFER长度(DeviceIoControl的nInBufferSize)
uInSize = pIrpStack->Parameters.DeviceIoControl.InputBufferLength;
// EXE接收传出数据的BUFFER长度(DeviceIoControl的nOutBufferSize)
uOutSize = pIrpStack->Parameters.DeviceIoControl.OutputBufferLength;
// 对不同控制信号的处理流程
switch (uIoControlCode)
{
// 输出一段话
case IOCTL_IO_Msg:
{
DbgPrint("[Kernel] --> hello lyshark \n");
status = STATUS_SUCCESS;
break;
}
// 测试单一参数传递
case IOCTL_IO_TEST:
{
DWORD dw = 0;
// 得到输入参数
memcpy(&dw, pIoBuffer, sizeof(DWORD));
// 对输入参数进行处理
dw++;
// 设置输出参数
memcpy(pIoBuffer, &dw, sizeof(DWORD));
// 返回通信状态
status = STATUS_SUCCESS;
break;
}
// 输出一个数组
case IOCTL_IO_Array:
{
int *ArrayPtr = (int *)pIoBuffer;
int count = uInSize / sizeof(int);
for (int x = 0; x < count; x++)
{
DbgPrint("计数器: %d \n", ArrayPtr[x]);
}
status = STATUS_SUCCESS;
break;
}
// 测试传递结构体
case IOCTL_IO_STRUCT:
{
MyData recv_data, send_data;
// 获取到应用层传入的数据
/*
MyData *ptr = (MyData *)pIoBuffer;
DbgPrint("获取序列号: %d \n", ptr->uid);
DbgPrint("获取名字: %s \n", ptr->szBuf);
*/
// 获取数据
memcpy(&recv_data, pIoBuffer, sizeof(MyData));
DbgPrint("[驱动读入]: UID: %d --> Name: %s \n", recv_data.uuid, recv_data.szUname);
// 发送数据
memset(send_data.szUname, 0, 1024);
send_data.uuid = 1002;
strcpy(send_data.szUname, "lyshark");
memcpy(pIoBuffer, &send_data, sizeof(MyData));
status = STATUS_SUCCESS;
break;
}
// 测试传递字符串
case IOCTL_IO_String:
{
char szString[256] = { 0 };
char szSendPtr[256] = { 0 };
// 接收字符串
memcpy(szString, pIoBuffer, sizeof(szString));
DbgPrint("[接收字符串]: %s \n", szString);
// 发送字符串
strcpy(szSendPtr, "hi, R3");
memcpy(pIoBuffer, &szSendPtr, sizeof(szSendPtr));
status = STATUS_SUCCESS;
break;
}
}
// 设定DeviceIoControl的*lpBytesReturned的值(如果通信失败则返回0长度)
if (status == STATUS_SUCCESS)
{
pIrp->IoStatus.Information = uOutSize;
}
else
{
pIrp->IoStatus.Information = 0;
}
// 设定DeviceIoControl的返回值是成功还是失败
pIrp->IoStatus.Status = status;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return status;
}
// 驱动的初始化工作
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObj, PUNICODE_STRING pRegistryString)
{
NTSTATUS status = STATUS_SUCCESS;
UNICODE_STRING ustrLinkName;
UNICODE_STRING ustrDev |