Steward
分享是一種喜悅、更是一種幸福
驅動程式 - Windows NT Driver (Legacy) - 使用範例 - Pascal (DDDK) - Handle IOCTL IRP - Choose METHOD_NEITHER
參考資訊:
https://wasm.in/
http://four-f.narod.ru/
https://github.com/steward-fu/ddk
http://www.delphibasics.info/home/delphibasicsprojects/delphidriverdevelopmentkit
main.pas
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 | unit main; interfaceuses DDDK; const DEV_NAME = '\Device\MyDriver'; SYM_NAME = '\DosDevices\MyDriver'; METHOD_BUFFERED = 0; METHOD_IN_DIRECT = 1; METHOD_OUT_DIRECT = 2; METHOD_NEITHER = 3; FILE_ANY_ACCESS = 0; FILE_DEVICE_UNKNOWN = $22; IOCTL_GET_NEI = (FILE_DEVICE_UNKNOWN shl 16) or (FILE_ANY_ACCESS shl 14) or ($800 shl 2) or (METHOD_NEITHER); IOCTL_SET_NEI = (FILE_DEVICE_UNKNOWN shl 16) or (FILE_ANY_ACCESS shl 14) or ($801 shl 2) or (METHOD_NEITHER);function _DriverEntry(pMyDriver : PDriverObject; pMyRegistry : PUnicodeString) : NTSTATUS; stdcall; implementationvar szBuffer : array[0..255] of char; function IrpOpen(pMyDevice : PDeviceObject; pIrp : PIrp) : NTSTATUS; stdcall;begin DbgPrint('IRP_MJ_CREATE', []); Result := STATUS_SUCCESS; pIrp^.IoStatus.Information := 0; pIrp^.IoStatus.Status := Result; IoCompleteRequest(pIrp, IO_NO_INCREMENT);end; function IrpClose(pMyDevice : PDeviceObject; pIrp : PIrp) : NTSTATUS; stdcall;begin DbgPrint('IRP_MJ_CLOSE', []); Result := STATUS_SUCCESS; pIrp^.IoStatus.Information := 0; pIrp^.IoStatus.Status := Result; IoCompleteRequest(pIrp, IO_NO_INCREMENT);end; function IrpIOCTL(pMyDevice : PDeviceObject; pIrp : PIrp) : NTSTATUS; stdcall;var len : ULONG; code : ULONG; psk : PIoStackLocation; begin len := 0; psk := IoGetCurrentIrpStackLocation(pIrp); code := psk^.Parameters.DeviceIoControl.IoControlCode; case code of IOCTL_GET_NEI: begin DbgPrint('IOCTL_GET', []); len := strlen(@szBuffer[0]); memcpy(pIrp^.UserBuffer, @szBuffer[0], len); end; IOCTL_SET_NEI: begin DbgPrint('IOCTL_SET', []); len := psk^.Parameters.DeviceIoControl.InputBufferLength; memcpy(@szBuffer[0], psk^.Parameters.DeviceIoControl.Type3InputBuffer, len); DbgPrint('Buffer: %s, Length: %d', [szBuffer, len]); end; end; Result := STATUS_SUCCESS; pIrp^.IoStatus.Information := len; pIrp^.IoStatus.Status := Result; IoCompleteRequest(pIrp, IO_NO_INCREMENT);end; procedure Unload(pMyDriver : PDriverObject); stdcall;var szSymName : TUnicodeString; begin RtlInitUnicodeString(@szSymName, SYM_NAME); IoDeleteSymbolicLink(@szSymName); IoDeleteDevice(pMyDriver^.DeviceObject);end; function _DriverEntry(pMyDriver : PDriverObject; pMyRegistry : PUnicodeString) : NTSTATUS; stdcall;var szDevName : TUnicodeString; szSymName : TUnicodeString; pMyDevice : PDeviceObject; begin RtlInitUnicodeString(@szDevName, DEV_NAME); RtlInitUnicodeString(@szSymName, SYM_NAME); IoCreateDevice(pMyDriver, 0, @szDevName, FILE_DEVICE_UNKNOWN, 0, FALSE, pMyDevice); pMyDriver^.MajorFunction[IRP_MJ_CREATE] := @IrpOpen; pMyDriver^.MajorFunction[IRP_MJ_CLOSE] := @IrpClose; pMyDriver^.MajorFunction[IRP_MJ_DEVICE_CONTROL] := @IrpIOCTL; pMyDriver^.DriverUnload := @Unload; pMyDevice^.Flags := pMyDevice^.Flags or DO_BUFFERED_IO; pMyDevice^.Flags := pMyDevice^.Flags and not DO_DEVICE_INITIALIZING; Result := IoCreateSymbolicLink(@szSymName, @szDevName);end;end. |
完成
