概述
说明:
exe程序通过打开驱动的设备,然后使用DeviceIOCtrl发送一个IOCtrl码,并将将要显示的驱动程序的名称传递给驱动程序,驱动程序受到IOCtrl码并接收到驱动程序的名称,调用枚举设备信息函数。
应用程序代码:
// ShowDeviceInfo.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include "ShowDeviceInfo.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
// 唯一的应用程序对象
CWinApp theApp;
using namespace std;
#define CTL_CODE( DeviceType, Function, Method, Access ) (
((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)
)
const ULONG IOCTL_ENUMDEV_DEVNAME = CTL_CODE(0x8000, 0x01, 0, 0x0001 | 0x0002);
int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
{
int nRetCode = 0;
// 初始化 MFC 并在失败时显示错误
if (!AfxWinInit(::GetModuleHandle(NULL), NULL, ::GetCommandLine(), 0))
{
// TODO: 更改错误代码以符合您的需要
_tprintf(_T("错误: MFC 初始化失败n"));
nRetCode = 1;
}
else
{
// TODO: 在此处为应用程序的行为编写代码。
}
HANDLE hdl = CreateFile(L"\\.\ENUMDEV_DeviceName",
GENERIC_WRITE | GENERIC_READ,0,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL ,NULL);
if (hdl == INVALID_HANDLE_VALUE)
{
CString csLog;
csLog.Format(L"CreateFile Error:%d",GetLastError());
AfxMessageBox(csLog);
return -1;
}
WCHAR *DriName = L"\Driver\ACPI";
DWORD dwInLen = wcslen(DriName)*2+2;
DWORD dwRetLen;
BOOL bRetRead = DeviceIoControl(hdl,IOCTL_ENUMDEV_DEVNAME,DriName,dwInLen,NULL,0,&dwRetLen,NULL);
if (bRetRead)
{
cout<<"DeviceIoControl OK!"<<endl;
}
CloseHandle(hdl);
system("PAUSE");
return nRetCode;
}
驱动程序代码:
///
///
/// Copyright (c) 2014 - <company name here>
///
/// Original filename: EnumDev.cpp
/// Project : EnumDev
/// Date of creation : 2014-06-26
/// Author(s) : <author name(s)>
///
/// Purpose : <description>
///
/// Revisions:
/// 0000 [2014-06-26] Initial revision.
///
///
// $Id$
#ifdef __cplusplus
extern "C" {
#endif
#include <ntddk.h>
#include <string.h>
#ifdef __cplusplus
}; // extern "C"
#endif
#include "EnumDev.h"
#ifdef __cplusplus
namespace { // anonymous namespace to limit the scope of this global variable!
#endif
PDRIVER_OBJECT pdoGlobalDrvObj = 0;
#ifdef __cplusplus
}; // anonymous namespace
#endif
#define DEVICE_NAME "\Device\ENUMDEV_DeviceName"
#define SYMLINK_NAME "\DosDevices\ENUMDEV_DeviceName"
PRESET_UNICODE_STRING(usDeviceName, DEVICE_NAME);
PRESET_UNICODE_STRING(usSymlinkName, SYMLINK_NAME);
#ifndef FILE_DEVICE_ENUMDEV
#define FILE_DEVICE_ENUMDEV 0x8000
#endif
const ULONG IOCTL_ENUMDEV_DEVNAME = CTL_CODE(FILE_DEVICE_ENUMDEV, 0x01, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA);
#if __cplusplus
extern "C"
{
#endif
#include <ntddk.h>
#pragma comment(lib"ntoskrnl.lib")
NTKERNELAPI NTSTATUS ObReferenceObjectByName(
IN PUNICODE_STRING ObjectName,
IN ULONG Attributes,
IN PACCESS_STATE PassedAccessState OPTIONAL,
IN ACCESS_MASK DesiredAccess OPTIONAL,
IN POBJECT_TYPE ObjectType,
IN KPROCESSOR_MODE AccessMode,
IN OUT PVOID ParseContent OPTIONAL,
OUT PVOID *Object);
NTKERNELAPI NTAPI IoGetBaseFileSystemDeviceObject(
IN PFILE_OBJECT FileObject);
extern POBJECT_TYPE *IoDriverObjectType;
//extern POBJECT_TYPE *IoDeviceObjectType;
#if __cplusplus
};
#endif
typedef struct _DEVICE_EXTENSION
{
PDEVICE_OBJECT pDevObj;
UNICODE_STRING usDevName;
UNICODE_STRING usLinkName;
PUCHAR buffer;
ULONG fileLen;
}DEVICE_EXTENSION,*PDEVICE_EXTENSION;
typedef struct _OBJECT_CREATE_INFORMATION
{
ULONG Attributes;
HANDLE RootDirectory;
PVOID ParseContext;
KPROCESSOR_MODE ProbeMode;
ULONG PagedPoolCharge;
ULONG NonPagedPoolCharge;
ULONG SecurityDescriptorCharge;
PSECURITY_DESCRIPTOR SecurityDescriptor;
PSECURITY_QUALITY_OF_SERVICE SecurityQos;
SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
}OBJECT_CREATE_INFORMATION,*POBJECT_CREATE_INFORMATION;
typedef struct _OBJECT_HEADER
{
LONG PointerCount;
union
{
LONG HandleCount;
PSINGLE_LIST_ENTRY SEntry;
};
POBJECT_TYPE Type;
UCHAR NameInfoOffset;
UCHAR HandleInfoOffset;
UCHAR QuotaInfoOffset;
UCHAR Flags;
union
{
POBJECT_CREATE_INFORMATION ObjectCreateInfo;
PVOID QuotaBlockCharged;
};
PSECURITY_DESCRIPTOR SecurityDescriptor;
QUAD Body;
}OBJECT_HEADER,*POBJECT_HEADER;
#define NUMBER_HASH_BUCKETS 37
typedef struct _OBJECT_DIRECTORY
{
struct _OBJECT_DIRECTORY_ENTRY* HashBuckets[NUMBER_HASH_BUCKETS];
struct _OBJECT_DIRECTORY_ENTRY** LookupBucket;
BOOLEAN LookupFound;
USHORT SymbolicLinkUsageCount;
struct _DEVICE_MAP* DeviceMap;
}OBJECT_DIRECTORY,*POBJECT_DIRECTORY;
typedef struct _OBJECT_HEADER_NAME_INFO
{
POBJECT_DIRECTORY Directory;
UNICODE_STRING Name;
ULONG Reserved;
#if DBG
ULONG Reserved2 ;
LONG DbgDereferenceCount ;
#endif
} OBJECT_HEADER_NAME_INFO, * POBJECT_HEADER_NAME_INFO;
#define OBJECT_TO_OBJECT_HEADER( o )
CONTAINING_RECORD( (o), OBJECT_HEADER, Body )
#define OBJECT_HEADER_TO_NAME_INFO( oh ) ((POBJECT_HEADER_NAME_INFO)
((oh)->NameInfoOffset == 0 ? NULL : ((PCHAR)(oh) - (oh)->NameInfoOffset)))
NTSTATUS ENUMDEV_DispatchCreateClose(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status = STATUS_SUCCESS;
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
VOID ENUMDEV_DriverUnload(
IN PDRIVER_OBJECT DriverObject
)
{
PDEVICE_OBJECT pdoNextDeviceObj = pdoGlobalDrvObj->DeviceObject;
IoDeleteSymbolicLink(&usSymlinkName);
// Delete all the device objects
while(pdoNextDeviceObj)
{
PDEVICE_OBJECT pdoThisDeviceObj = pdoNextDeviceObj;
pdoNextDeviceObj = pdoThisDeviceObj->NextDevice;
IoDeleteDevice(pdoThisDeviceObj);
}
}
VOID GetDeviceObjectInfo(PDEVICE_OBJECT pDevObj)
{
POBJECT_HEADER pObjectHeader;
POBJECT_HEADER_NAME_INFO pObjectHeaderNameInfo;
if (pDevObj == NULL)
{
KdPrint(("GetDeviceObjectInfo::pDevObj is NULL...n"));
return;
}
pObjectHeader = OBJECT_TO_OBJECT_HEADER(pDevObj);//得到对象头
if (pObjectHeader)
{
//查询设备名称并打印
pObjectHeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(pObjectHeader);
if (pObjectHeaderNameInfo && pObjectHeaderNameInfo->Name.Buffer)
{
KdPrint(("Driver Name:%wZ - Device Name:%wZ - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
&pObjectHeaderNameInfo->Name,
pDevObj->DriverObject,
pDevObj ));
}else if (pDevObj->DriverObject) //没有设备名称
{
KdPrint(("Driver Name:%wZ - Device Name:%S - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
L"NULL",
pDevObj->DriverObject,
pDevObj));
}
}
}
VOID getAttachedDevInfo(PDEVICE_OBJECT pDevObj)
{
PDEVICE_OBJECT pDeviceObject;
if (pDevObj == NULL)
{
return ;
}
pDeviceObject = pDevObj->AttachedDevice;//获取设备上的挂载设备
while(pDeviceObject)
{
KdPrint(( "Attached Driver Name:%wZ,Attached Driver Address:0x%x,Attached DeviceAddress:0x%xn",
&pDeviceObject->DriverObject->DriverName,
pDeviceObject->DriverObject,
pDeviceObject ));
pDeviceObject = pDeviceObject->AttachedDevice;//获取挂载设备上的挂载设备
}
}
PDRIVER_OBJECT EnumDeviceStack(PWSTR pwsDriverName)
{
//通过设备名获取所在驱动的驱动的对象指针
NTSTATUS status = STATUS_SUCCESS;
PDRIVER_OBJECT pDriverObj = NULL;
UNICODE_STRING usDriName;
RtlInitUnicodeString(&usDriName,pwsDriverName);
KdPrint(("usDevName:%wZn",&usDriName));
status = ObReferenceObjectByName(&usDriName,
OBJ_CASE_INSENSITIVE,
NULL,0,(POBJECT_TYPE)*IoDriverObjectType,
KernelMode,
NULL,
(PVOID*)&pDriverObj);//通过驱动名称获取驱动的对象指针
if (pDriverObj == NULL)
{
KdPrint(("ObReferenceObjectByName Error.status:0x%x",status));
return NULL;
}
PDEVICE_OBJECT pDevObj = pDriverObj->DeviceObject;//获取驱动下创建的设备
while(pDevObj)
{
GetDeviceObjectInfo(pDevObj);//获取设备信息并打印
//判断设备上是否有过滤设备
if (pDevObj->AttachedDevice)
{
getAttachedDevInfo(pDevObj);//获取设备上的挂载设备的信息
}
//判断设备上的VPB设备
if (pDevObj->Vpb && pDevObj->Vpb->DeviceObject)
{
GetDeviceObjectInfo(pDevObj->Vpb->DeviceObject);
if (pDevObj->Vpb->DeviceObject->AttachedDevice)
{
getAttachedDevInfo(pDevObj->Vpb->DeviceObject);
}
}
//得到在此驱动上建立的下一个设备
pDevObj = pDevObj->NextDevice;
}
return pDriverObj ;
}
NTSTATUS ENUMDEV_DispatchDeviceControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status = STATUS_SUCCESS;
ULONG uIn=0,uOut=0;
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
uIn = irpSp->Parameters.DeviceIoControl.InputBufferLength;
uOut = irpSp->Parameters.DeviceIoControl.OutputBufferLength;
switch(irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case IOCTL_ENUMDEV_DEVNAME:
{
KdPrint(("IOCTL_ENUMDEV_DEVNAME...."));
WCHAR* inputBuffer = (WCHAR*)Irp->AssociatedIrp.SystemBuffer;
KdPrint(("inputBuffer:%S",inputBuffer));
EnumDeviceStack(inputBuffer);
// status = SomeHandlerFunction(irpSp);
}
break;
default:
Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
Irp->IoStatus.Information = 0;
break;
}
status = Irp->IoStatus.Status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
#ifdef __cplusplus
extern "C" {
#endif
NTSTATUS DriverEntry(
IN OUT PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
PDEVICE_OBJECT pdoDeviceObj = 0;
NTSTATUS status = STATUS_UNSUCCESSFUL;
pdoGlobalDrvObj = DriverObject;
// Create the device object.
if(!NT_SUCCESS(status = IoCreateDevice(
DriverObject,
0,
&usDeviceName,
FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&pdoDeviceObj
)))
{
// Bail out (implicitly forces the driver to unload).
return status;
};
// Now create the respective symbolic link object
if(!NT_SUCCESS(status = IoCreateSymbolicLink(
&usSymlinkName,
&usDeviceName
)))
{
IoDeleteDevice(pdoDeviceObj);
return status;
}
// NOTE: You need not provide your own implementation for any major function that
// you do not want to handle. I have seen code using DDKWizard that left the
// *empty* dispatch routines intact. This is not necessary at all!
DriverObject->MajorFunction[IRP_MJ_CREATE] =
DriverObject->MajorFunction[IRP_MJ_CLOSE] = ENUMDEV_DispatchCreateClose;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = ENUMDEV_DispatchDeviceControl;
DriverObject->DriverUnload = ENUMDEV_DriverUnload;
return STATUS_SUCCESS;
}
#ifdef __cplusplus
}; // extern "C"
#endif
下面是另一个版本的驱动代码:使用IoGetdeviceProperty函数 有设备对象指针获得设备名称-效果是一样的
///
///
/// Copyright (c) 2014 - <company name here>
///
/// Original filename: EnumDev.cpp
/// Project : EnumDev
/// Date of creation : 2014-06-26
/// Author(s) : <author name(s)>
///
/// Purpose : <description>
///
/// Revisions:
/// 0000 [2014-06-26] Initial revision.
///
///
// $Id$
#ifdef __cplusplus
extern "C" {
#endif
#include <ntddk.h>
#include <string.h>
#ifdef __cplusplus
}; // extern "C"
#endif
#include "EnumDev.h"
#ifdef __cplusplus
namespace { // anonymous namespace to limit the scope of this global variable!
#endif
PDRIVER_OBJECT pdoGlobalDrvObj = 0;
#ifdef __cplusplus
}; // anonymous namespace
#endif
#define DEVICE_NAME "\Device\ENUMDEV_DeviceName"
#define SYMLINK_NAME "\DosDevices\ENUMDEV_DeviceName"
PRESET_UNICODE_STRING(usDeviceName, DEVICE_NAME);
PRESET_UNICODE_STRING(usSymlinkName, SYMLINK_NAME);
#ifndef FILE_DEVICE_ENUMDEV
#define FILE_DEVICE_ENUMDEV 0x8000
#endif
const ULONG IOCTL_ENUMDEV_DEVNAME = CTL_CODE(FILE_DEVICE_ENUMDEV, 0x01, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA);
#if __cplusplus
extern "C"
{
#endif
#include <ntddk.h>
#pragma comment(lib"ntoskrnl.lib")
NTKERNELAPI NTSTATUS ObReferenceObjectByName(
IN PUNICODE_STRING ObjectName,
IN ULONG Attributes,
IN PACCESS_STATE PassedAccessState OPTIONAL,
IN ACCESS_MASK DesiredAccess OPTIONAL,
IN POBJECT_TYPE ObjectType,
IN KPROCESSOR_MODE AccessMode,
IN OUT PVOID ParseContent OPTIONAL,
OUT PVOID *Object);
NTKERNELAPI NTAPI IoGetBaseFileSystemDeviceObject(
IN PFILE_OBJECT FileObject);
extern POBJECT_TYPE *IoDriverObjectType;
//extern POBJECT_TYPE *IoDeviceObjectType;
#if __cplusplus
};
#endif
typedef struct _DEVICE_EXTENSION
{
PDEVICE_OBJECT pDevObj;
UNICODE_STRING usDevName;
UNICODE_STRING usLinkName;
PUCHAR buffer;
ULONG fileLen;
}DEVICE_EXTENSION,*PDEVICE_EXTENSION;
/*
typedef struct _OBJECT_CREATE_INFORMATION
{
ULONG Attributes;
HANDLE RootDirectory;
PVOID ParseContext;
KPROCESSOR_MODE ProbeMode;
ULONG PagedPoolCharge;
ULONG NonPagedPoolCharge;
ULONG SecurityDescriptorCharge;
PSECURITY_DESCRIPTOR SecurityDescriptor;
PSECURITY_QUALITY_OF_SERVICE SecurityQos;
SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
}OBJECT_CREATE_INFORMATION,*POBJECT_CREATE_INFORMATION;
typedef struct _OBJECT_HEADER
{
LONG PointerCount;
union
{
LONG HandleCount;
PSINGLE_LIST_ENTRY SEntry;
};
POBJECT_TYPE Type;
UCHAR NameInfoOffset;
UCHAR HandleInfoOffset;
UCHAR QuotaInfoOffset;
UCHAR Flags;
union
{
POBJECT_CREATE_INFORMATION ObjectCreateInfo;
PVOID QuotaBlockCharged;
};
PSECURITY_DESCRIPTOR SecurityDescriptor;
QUAD Body;
}OBJECT_HEADER,*POBJECT_HEADER;
#define NUMBER_HASH_BUCKETS 37
typedef struct _OBJECT_DIRECTORY
{
struct _OBJECT_DIRECTORY_ENTRY* HashBuckets[NUMBER_HASH_BUCKETS];
struct _OBJECT_DIRECTORY_ENTRY** LookupBucket;
BOOLEAN LookupFound;
USHORT SymbolicLinkUsageCount;
struct _DEVICE_MAP* DeviceMap;
}OBJECT_DIRECTORY,*POBJECT_DIRECTORY;
typedef struct _OBJECT_HEADER_NAME_INFO
{
POBJECT_DIRECTORY Directory;
UNICODE_STRING Name;
ULONG Reserved;
#if DBG
ULONG Reserved2 ;
LONG DbgDereferenceCount ;
#endif
} OBJECT_HEADER_NAME_INFO, * POBJECT_HEADER_NAME_INFO;
#define OBJECT_TO_OBJECT_HEADER( o )
CONTAINING_RECORD( (o), OBJECT_HEADER, Body )
#define OBJECT_HEADER_TO_NAME_INFO( oh ) ((POBJECT_HEADER_NAME_INFO)
((oh)->NameInfoOffset == 0 ? NULL : ((PCHAR)(oh) - (oh)->NameInfoOffset)))
*/
NTSTATUS ENUMDEV_DispatchCreateClose(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status = STATUS_SUCCESS;
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
VOID ENUMDEV_DriverUnload(
IN PDRIVER_OBJECT DriverObject
)
{
PDEVICE_OBJECT pdoNextDeviceObj = pdoGlobalDrvObj->DeviceObject;
IoDeleteSymbolicLink(&usSymlinkName);
// Delete all the device objects
while(pdoNextDeviceObj)
{
PDEVICE_OBJECT pdoThisDeviceObj = pdoNextDeviceObj;
pdoNextDeviceObj = pdoThisDeviceObj->NextDevice;
IoDeleteDevice(pdoThisDeviceObj);
}
}
VOID GetDeviceObjectInfo(PDEVICE_OBJECT pDevObj)
{
//POBJECT_HEADER pObjectHeader;
//POBJECT_HEADER_NAME_INFO pObjectHeaderNameInfo;
if (pDevObj == NULL)
{
KdPrint(("GetDeviceObjectInfo::pDevObj is NULL...n"));
return;
}
PWCHAR pResutlt = NULL;
ULONG uNeedSize =0;
NTSTATUS status = IoGetDeviceProperty(pDevObj,
DevicePropertyPhysicalDeviceObjectName,0,NULL,&uNeedSize);
if (status == STATUS_BUFFER_TOO_SMALL && uNeedSize > 0)
{
pResutlt = (PWCHAR)ExAllocatePool(PagedPool,uNeedSize+1);
if (pResutlt)
{
RtlZeroMemory(pResutlt,uNeedSize+1);
status = IoGetDeviceProperty(pDevObj,DevicePropertyPhysicalDeviceObjectName,uNeedSize+1,pResutlt,&uNeedSize);
if (NT_SUCCESS(status))
{
if (pResutlt)
{
KdPrint(("Driver Name:%wZ - Device Name:%S - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
pResutlt,
pDevObj->DriverObject,
pDevObj));
}else
{
KdPrint(("Driver Name:%wZ - Device Name:%S - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
L"NULL",
pDevObj->DriverObject,
pDevObj));
}
}
}
}else
{
return ;
}
if (pResutlt)
{
ExFreePool(pResutlt);
pResutlt = NULL;
}
/*
pObjectHeader = OBJECT_TO_OBJECT_HEADER(pDevObj);//得到对象头
if (pObjectHeader)
{
//查询设备名称并打印
pObjectHeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(pObjectHeader);
if (pObjectHeaderNameInfo && pObjectHeaderNameInfo->Name.Buffer)
{
KdPrint(("Driver Name:%wZ - Device Name:%wZ - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
&pObjectHeaderNameInfo->Name,
pDevObj->DriverObject,
pDevObj ));
}else if (pDevObj->DriverObject) //没有设备名称
{
KdPrint(("Driver Name:%wZ - Device Name:%S - Driver Address:0x%x - Device Address:0x%xn",
&pDevObj->DriverObject->DriverName,
L"NULL",
pDevObj->DriverObject,
pDevObj));
}
}*/
}
VOID getAttachedDevInfo(PDEVICE_OBJECT pDevObj)
{
PDEVICE_OBJECT pDeviceObject;
if (pDevObj == NULL)
{
return ;
}
pDeviceObject = pDevObj->AttachedDevice;//获取设备上的挂载设备
while(pDeviceObject)
{
KdPrint(( "Attached Driver Name:%wZ,Attached Driver Address:0x%x,Attached DeviceAddress:0x%xn",
&pDeviceObject->DriverObject->DriverName,
pDeviceObject->DriverObject,
pDeviceObject ));
pDeviceObject = pDeviceObject->AttachedDevice;//获取挂载设备上的挂载设备
}
}
PDRIVER_OBJECT EnumDeviceStack(PWSTR pwsDriverName)
{
//通过设备名获取所在驱动的驱动的对象指针
NTSTATUS status = STATUS_SUCCESS;
PDRIVER_OBJECT pDriverObj = NULL;
UNICODE_STRING usDriName;
RtlInitUnicodeString(&usDriName,pwsDriverName);
KdPrint(("usDevName:%wZn",&usDriName));
status = ObReferenceObjectByName(&usDriName,
OBJ_CASE_INSENSITIVE,
NULL,0,(POBJECT_TYPE)*IoDriverObjectType,
KernelMode,
NULL,
(PVOID*)&pDriverObj);//通过驱动名称获取驱动的对象指针
if (pDriverObj == NULL)
{
KdPrint(("ObReferenceObjectByName Error.status:0x%x",status));
return NULL;
}
PDEVICE_OBJECT pDevObj = pDriverObj->DeviceObject;//获取驱动下创建的设备
while(pDevObj)
{
GetDeviceObjectInfo(pDevObj);//获取设备信息并打印
//判断设备上是否有过滤设备
if (pDevObj->AttachedDevice)
{
getAttachedDevInfo(pDevObj);//获取设备上的挂载设备的信息
}
//判断设备上的VPB设备
if (pDevObj->Vpb && pDevObj->Vpb->DeviceObject)
{
GetDeviceObjectInfo(pDevObj->Vpb->DeviceObject);
if (pDevObj->Vpb->DeviceObject->AttachedDevice)
{
getAttachedDevInfo(pDevObj->Vpb->DeviceObject);
}
}
//得到在此驱动上建立的下一个设备
pDevObj = pDevObj->NextDevice;
}
return pDriverObj ;
}
NTSTATUS ENUMDEV_DispatchDeviceControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status = STATUS_SUCCESS;
ULONG uIn=0,uOut=0;
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
uIn = irpSp->Parameters.DeviceIoControl.InputBufferLength;
uOut = irpSp->Parameters.DeviceIoControl.OutputBufferLength;
switch(irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case IOCTL_ENUMDEV_DEVNAME:
{
KdPrint(("IOCTL_ENUMDEV_DEVNAME...."));
WCHAR* inputBuffer = (WCHAR*)Irp->AssociatedIrp.SystemBuffer;
KdPrint(("inputBuffer:%S",inputBuffer));
EnumDeviceStack(inputBuffer);
// status = SomeHandlerFunction(irpSp);
}
break;
default:
Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
Irp->IoStatus.Information = 0;
break;
}
status = Irp->IoStatus.Status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
#ifdef __cplusplus
extern "C" {
#endif
NTSTATUS DriverEntry(
IN OUT PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
PDEVICE_OBJECT pdoDeviceObj = 0;
NTSTATUS status = STATUS_UNSUCCESSFUL;
pdoGlobalDrvObj = DriverObject;
// Create the device object.
if(!NT_SUCCESS(status = IoCreateDevice(
DriverObject,
0,
&usDeviceName,
FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&pdoDeviceObj
)))
{
// Bail out (implicitly forces the driver to unload).
return status;
};
// Now create the respective symbolic link object
if(!NT_SUCCESS(status = IoCreateSymbolicLink(
&usSymlinkName,
&usDeviceName
)))
{
IoDeleteDevice(pdoDeviceObj);
return status;
}
// NOTE: You need not provide your own implementation for any major function that
// you do not want to handle. I have seen code using DDKWizard that left the
// *empty* dispatch routines intact. This is not necessary at all!
DriverObject->MajorFunction[IRP_MJ_CREATE] =
DriverObject->MajorFunction[IRP_MJ_CLOSE] = ENUMDEV_DispatchCreateClose;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = ENUMDEV_DispatchDeviceControl;
DriverObject->DriverUnload = ENUMDEV_DriverUnload;
return STATUS_SUCCESS;
}
#ifdef __cplusplus
}; // extern "C"
#endif
最后
以上就是粗心航空为你收集整理的通过驱动名称枚举驱动下设备和挂载设备的信息的全部内容,希望文章能够帮你解决通过驱动名称枚举驱动下设备和挂载设备的信息所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复