對於驅動程式的安裝工具,司徒目前使用NuMega公司製作的EzDriverInstaller,將main.sys和main.inf放在同一個目錄並執行EzDriverInstaller,選擇File => Open...(開啟main.inf檔案),接著按Add New Device就可以在DbgView上面看到輸出訊息
Device Manager
Device Object
參考資訊:
https://wasm.in/
http://four-f.narod.ru/
https://github.com/steward-fu/ddk
main.c
#include <ntddk.h>
#include <wdf.h>
NTSTATUS AddDevice(WDFDRIVER myDriver, PWDFDEVICE_INIT pMyDeviceInit)
{
WDFDEVICE device = { 0 };
UNICODE_STRING szDeviceName = { 0 };
DbgPrint("Hello, world!");
RtlInitUnicodeString(&szDeviceName, L"\\Device\\MyDriver");
WdfDeviceInitAssignName(pMyDeviceInit, &szDeviceName);
return WdfDeviceCreate(&pMyDeviceInit, WDF_NO_OBJECT_ATTRIBUTES, &device);
}
NTSTATUS DriverEntry(PDRIVER_OBJECT pMyDriver, PUNICODE_STRING pMyRegistry)
{
WDF_DRIVER_CONFIG config = { 0 };
WDF_DRIVER_CONFIG_INIT(&config, AddDevice);
return WdfDriverCreate(pMyDriver, pMyRegistry, WDF_NO_OBJECT_ATTRIBUTES, &config, WDF_NO_HANDLE);
}
main.inf
[Version] Signature=$CHICAGO$ Class=Unknown Provider=%MFGNAME% DriverVer=8/21/2019,1.0.0.0 [Manufacturer] %MFGNAME%=DeviceList [DeviceList] %DESCRIPTION%=DriverInstall, *MyDriver [DestinationDirs] DefaultDestDir=10,System32\Drivers [SourceDisksFiles] main.sys=1,,, [SourceDisksNames] 1=%INSTDISK%,,, [DriverInstall.NT] CopyFiles=DriverCopyFiles [DriverCopyFiles] main.sys,,,2 [DriverInstall.NT.Services] AddService=FILEIO,2,DriverService [DriverService] ServiceType=1 StartType=3 ErrorControl=1 ServiceBinary=%10%\system32\drivers\main.sys [DriverInstall.NT.HW] AddReg=DriverHwAddReg [DriverHwAddReg] HKR,,SampleInfo,,"" [DriverInstall] AddReg=DriverAddReg CopyFiles=DriverCopyFiles [DriverAddReg] HKR,,DevLoader,,*ntkern HKR,,NTMPDriver,,main.sys [DriverInstall.HW] AddReg=DriverHwAddReg [Strings] MFGNAME="MyDriver" INSTDISK="MyDriver Disc" DESCRIPTION="MyDriver"
編譯
C:\> "c:\wdf\bin\x86\x86\cl.exe" -nologo -I"c:\wdf\inc\wdf\kmdf\1.9" -I"c:\wdf\inc\ddk" -I"c:\wdf\inc\crt" -I"c:\wdf\inc\api" -D_X86_ /c /Zl /Gz /DKMDF_MAJOR_VERSION=1 /DKMDF_MINOR_VERSION=9 /DKMDF_MAJOR_VERSION_STRING=01 /DKMDF_MINOR_VERSION_STRING=009 main.c C:\> "c:\wdf\bin\x86\x86\link.exe" -INCREMENTAL:NO -debug:FULL -debugtype:cv -driver -base:0x10000 /entry:FxDriverEntry@8 -subsystem:native "c:\wdf\lib\win7\i386\BufferOverflowK.lib" "c:\wdf\lib\win7\i386\ntoskrnl.lib" "c:\wdf\lib\win7\i386\hal.lib" "c:\wdf\lib\win7\i386\wmilib.lib" "c:\wdf\lib\wdf\kmdf\i386\1.9\WdfLdr.lib" "c:\wdf\lib\wdf\kmdf\i386\1.9\WdfDriverEntry.lib" -out:main.sys main.obj
在開始安裝驅動程式之前,需要先下載除錯工具,讓驅動程式的Debug訊息可以顯示在除錯工具上面,目前最佳的Debug輸出訊息工具是DbgView,該公司目前已經被Microsoft併購,所以可以從Microsoft網站下載,下載完後執行DbgView並將Capture => Capture Kernel選項打勾,接著重啟DbgView
對於驅動程式的安裝工具,司徒目前使用NuMega公司製作的EzDriverInstaller,將main.sys和main.inf放在同一個目錄並執行EzDriverInstaller,選擇File => Open...(開啟main.inf檔案),接著按Add New Device就可以在DbgView上面看到輸出訊息
Device Manager
Device Object