驅動程式 - Windows Driver Model (WDM) - 使用範例 - C/C++ (DDK) - Hello, world!

參考資訊：
https://wasm.in/
http://four-f.narod.ru/
https://github.com/steward-fu/ddk

Hello, world!是學習C/C++程式設計的第一個入門程式，而對於驅動程式來說這個傳統依然不變，因為它是最簡單的程式，寫出一個這樣的程式才會有信心繼續往下一個目標邁進，司徒就先教大家如何寫一個Hello, world!驅動程式

main.c

#include <wdm.h>
 
static PDEVICE_OBJECT pNextDevice = NULL;
 
static NTSTATUS AddDevice(PDRIVER_OBJECT pMyDriver, PDEVICE_OBJECT pPhyDevice)
{
    PDEVICE_OBJECT pMyDevice = NULL;
    UNICODE_STRING usDeviceName = {0};

    DbgPrint("Hello, world!");
    RtlInitUnicodeString(&usDeviceName, L"\\Device\\MyDriver");
    IoCreateDevice(pMyDriver, 0, &usDeviceName, FILE_DEVICE_UNKNOWN, 0, FALSE, &pMyDevice);
    pNextDevice = IoAttachDeviceToDeviceStack(pMyDevice, pPhyDevice);
    pMyDevice->Flags &= ~DO_DEVICE_INITIALIZING;
    pMyDevice->Flags |= DO_BUFFERED_IO;
    return STATUS_SUCCESS;
}
 
static void Unload(PDRIVER_OBJECT pMyDriver)
{
}
 
static NTSTATUS IrpDispatch(PDEVICE_OBJECT pMyDevice, PIRP pIrp)
{
    PIO_STACK_LOCATION pStack = IoGetCurrentIrpStackLocation(pIrp);

    if (pStack->MinorFunction == IRP_MN_REMOVE_DEVICE) {
        IoDetachDevice(pNextDevice);
        IoDeleteDevice(pMyDevice);
        IoCompleteRequest(pIrp, IO_NO_INCREMENT);
        return STATUS_SUCCESS;
    }
    IoSkipCurrentIrpStackLocation(pIrp);
    return IoCallDriver(pNextDevice, pIrp);
}
 
NTSTATUS DriverEntry(PDRIVER_OBJECT pMyDriver, PUNICODE_STRING pMyRegistry)
{
    pMyDriver->MajorFunction[IRP_MJ_PNP] = IrpDispatch;
    pMyDriver->DriverExtension->AddDevice = AddDevice;
    pMyDriver->DriverUnload = Unload;
    return STATUS_SUCCESS;
}

L39~42：只有做Callback設定的動作，需要設定AddDevice、PNP、DriverUnload這三個Callback
L07~16：產生一個Device Object，用來管理新加入的裝置(純軟體虛擬裝置也算)，接著初使化相關旗標
L25~34：主要處理移除Device Object的動作，其餘Irp不處理，直接往下傳遞

main.inf

[Version]
Signature=$CHICAGO$
Class=Unknown
Provider=%MFGNAME%
DriverVer=8/21/2019,1.0.0.0
 
[Manufacturer]
%MFGNAME%=DeviceList
 
[DeviceList]
%DESCRIPTION%=DriverInstall, *MyDriver
 
[DestinationDirs]
DefaultDestDir=10,System32\Drivers
 
[SourceDisksFiles]
main.sys=1,,,
 
[SourceDisksNames]
1=%INSTDISK%,,,
 
[DriverInstall.NT]
CopyFiles=DriverCopyFiles
 
[DriverCopyFiles]
main.sys,,,2
 
[DriverInstall.NT.Services]
AddService=FILEIO,2,DriverService
 
[DriverService]
ServiceType=1
StartType=3
ErrorControl=1
ServiceBinary=%10%\system32\drivers\main.sys
 
[DriverInstall.NT.HW]
AddReg=DriverHwAddReg
 
[DriverHwAddReg]
HKR,,SampleInfo,,""
 
[DriverInstall]
AddReg=DriverAddReg
CopyFiles=DriverCopyFiles
 
[DriverAddReg]
HKR,,DevLoader,,*ntkern
HKR,,NTMPDriver,,main.sys
 
[DriverInstall.HW]
AddReg=DriverHwAddReg
 
[Strings]
MFGNAME="MyDriver"
INSTDISK="MyDriver Disc"
DESCRIPTION="MyDriver"

編譯

"c:\winddk\bin\x86\cl.exe" -nologo -I"c:\winddk\inc\wxp" -I"c:\winddk\inc\ddk\wxp" -I"c:\winddk\inc\ddk\wdm\wxp" -I"c:\winddk\inc\crt" -D_X86_ /c /Zel /Gz main.c
"c:\winddk\bin\x86\link.exe" -INCREMENTAL:NO -debug:FULL -debugtype:cv -driver -base:0x10000 -entry:DriverEntry@8 -subsystem:native,5.01 "c:\winddk\lib\wxp\i386\ntoskrnl.lib" -out:main.sys main.obj

在開始安裝驅動程式之前，需要先下載除錯工具，讓驅動程式的Debug訊息可以顯示在除錯工具上面，目前最佳的Debug輸出訊息工具是DbgView，該公司目前已經被Microsoft併購，所以可以從Microsoft網站下載，下載完後執行DbgView並將Capture => Capture Kernel選項打勾，接著重啟DbgView


對於驅動程式的安裝工具，司徒目前使用NuMega公司製作的EzDriverInstaller，將main.sys和main.inf放在同一個目錄並執行EzDriverInstaller，選擇File => Open...(開啟main.inf檔案)，接著按Add New Device就可以在DbgView上面看到輸出訊息



Device Manager


Device Object