Kernel Mode Driver Framework >> C/C++ (PNP) >> IOCTL
METHOD_BUFFERED
參考資訊:
1. Source Code
METHOD_BUFFERED的處理手法就是I/O Manager會在Kernel配置一塊跟User Buffer一樣大小的記憶體,Driver只能對該配置的記憶體做讀寫的操作,而讀寫的操作都會同步回User Buffer,也因為結果都需要整塊複製回User Buffer,因此,METHOD_BUFFERED的方式會消耗比較大的資源,速度也比較慢。
記憶體指標:
| Buffer | Length | |
|---|---|---|
| Input | Step 1. WdfRequestRetrieveInputMemory() Step 2. WdfMemoryGetBuffer() |
傳入的第四個參數 |
| Output | Step 1. WdfRequestRetrieveOutputMemory() Step 2. WdfMemoryGetBuffer() |
傳入的第三個參數 |
main.c
#include <ntddk.h>
#include <wdf.h>
#define DEV_NAME L"\\Device\\MyDriver"
#define SYM_NAME L"\\DosDevices\\MyDriver"
#define IOCTL_SET CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_GET CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)
char szBuffer[255]={0};
void IrpFileCreate(WDFDEVICE Device, WDFREQUEST Request, WDFFILEOBJECT FileObject)
{
DbgPrint("IrpFieCreate");
WdfRequestComplete(Request, STATUS_SUCCESS);
}
void IrpFileClose(WDFFILEOBJECT FileObject)
{
DbgPrint("IrpFieClose");
}
void IrpIOCTL(WDFQUEUE Queue, WDFREQUEST Request, size_t OutputBufferLength, size_t InputBufferLength, ULONG IoControlCode)
{
ULONG len;
WDFMEMORY memory;
switch(IoControlCode){
case IOCTL_SET:
DbgPrint("IOCTL_SET");
WdfRequestRetrieveInputMemory(Request, &memory);
WdfMemoryCopyToBuffer(memory, 0, szBuffer, InputBufferLength);
DbgPrint("Buffer: %s, Length:%d", szBuffer, InputBufferLength);
WdfRequestSetInformation(Request, InputBufferLength);
break;
case IOCTL_GET:
DbgPrint("IOCTL_GET");
WdfRequestRetrieveOutputMemory(Request, &memory);
WdfMemoryCopyFromBuffer(memory, 0, szBuffer, OutputBufferLength);
len = strlen(szBuffer) + 1;
WdfRequestSetInformation(Request, len);
break;
}
WdfRequestComplete(Request, STATUS_SUCCESS);
}
NTSTATUS AddDevice(WDFDRIVER Driver, PWDFDEVICE_INIT pDeviceInit)
{
WDFDEVICE device;
UNICODE_STRING suDevName;
UNICODE_STRING szSymName;
WDF_FILEOBJECT_CONFIG file_cfg;
WDF_IO_QUEUE_CONFIG ioqueue_cfg;
RtlInitUnicodeString(&suDevName, DEV_NAME);
RtlInitUnicodeString(&szSymName, SYM_NAME);
WdfDeviceInitAssignName(pDeviceInit, &suDevName);
WdfDeviceInitSetIoType(pDeviceInit, WdfDeviceIoBuffered);
WDF_FILEOBJECT_CONFIG_INIT(&file_cfg, IrpFileCreate, IrpFileClose, NULL);
WdfDeviceInitSetFileObjectConfig(pDeviceInit, &file_cfg, WDF_NO_OBJECT_ATTRIBUTES);
WdfDeviceCreate(&pDeviceInit, WDF_NO_OBJECT_ATTRIBUTES, &device);
WdfDeviceCreateSymbolicLink(device, &szSymName);
WDF_IO_QUEUE_CONFIG_INIT_DEFAULT_QUEUE(&ioqueue_cfg, WdfIoQueueDispatchSequential);
ioqueue_cfg.EvtIoDeviceControl = IrpIOCTL;
return WdfIoQueueCreate(device, &ioqueue_cfg, WDF_NO_OBJECT_ATTRIBUTES, WDF_NO_HANDLE);
}
NTSTATUS DriverEntry(PDRIVER_OBJECT pOurDriver, PUNICODE_STRING pRegistry)
{
WDF_DRIVER_CONFIG config;
WDF_DRIVER_CONFIG_INIT(&config, AddDevice);
return WdfDriverCreate(pOurDriver, pRegistry, WDF_NO_OBJECT_ATTRIBUTES, &config, WDF_NO_HANDLE);
}
IrpIOCTL()收到IOCTL_SET時,Driver複製User Buffer的內容到szBuffer,而收到IOCTL_GET時,將szBuffer內容又複製回User Buffer,完成暫存的功能。
app.c
#define INITGUID
#include <windows.h>
#include <winioctl.h>
#include <strsafe.h>
#include <setupapi.h>
#include <stdio.h>
#include <stdlib.h>
#define IOCTL_SET CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_GET CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)
int __cdecl main(int argc, char* argv[])
{
DWORD dwRet = 0;
HANDLE hFile = NULL;
char szBuffer[255]={"I am error"};
hFile = CreateFile("\\\\.\\MyDriver", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
if (hFile == INVALID_HANDLE_VALUE) {
printf("failed to open mydriver");
return 1;
}
printf("SET: %s, %d\n", szBuffer, strlen(szBuffer)+1);
DeviceIoControl(hFile, IOCTL_SET, szBuffer, strlen(szBuffer)+1, NULL, 0, &dwRet, NULL);
memset(szBuffer, 0, sizeof(szBuffer));
DeviceIoControl(hFile, IOCTL_GET, NULL, 0, szBuffer, sizeof(szBuffer), &dwRet, NULL);
printf("GET: %s, %d\n", szBuffer, dwRet);
CloseHandle(hFile);
return 0;
}
結果
