用户部分代码:
int main() { HANDLE hDevice = CreateFile(L"\\.\MyTest", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (hDevice==INVALID_HANDLE_VALUE) { printf("Failed to obtain device handle..."); getchar(); return 0; } UCHAR buffer[10]; ULONG size; LPDWORD ll; BOOL result = ReadFile(hDevice, buffer, 10, &size, NULL); if (result) { printf("READ %d BYTES...", size); for (size_t i = 0; i < (size_t)size; i++) { printf("%02x ", buffer[i]); } } CloseHandle(hDevice); getchar(); return 0; }
驱动部分代码:
#include <ntddk.h> #define DEVICE_NAME L"\Device\MyTestDevice" #define SYMBOL_LINK_NAME L"\??\MyTest" PDEVICE_OBJECT pDevice; UNICODE_STRING DeviceName; UNICODE_STRING SymbolLinkName; NTSTATUS DeviceCreate(PDEVICE_OBJECT pDeviceObject,PIRP pIrp); NTSTATUS DeviceClose(PDEVICE_OBJECT pDeviceObject, PIRP pIrp); NTSTATUS DeviceRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp); NTSTATUS unload(PDRIVER_OBJECT driver) { DbgPrint("driver :%ws unload", driver->DriverName); DbgPrint("driver unload success..."); IoDeleteSymbolicLink(&SymbolLinkName); IoDeleteDevice(pDevice); return STATUS_SUCCESS; } NTSTATUS DriverEntry(PDRIVER_OBJECT driver,PUNICODE_STRING reg_path) { NTSTATUS ntstatus = STATUS_SUCCESS; driver->DriverUnload = unload; driver->MajorFunction[IRP_MJ_CREATE] = DeviceCreate;//创建 driver->MajorFunction[IRP_MJ_READ] = DeviceRead;//通信 driver->MajorFunction[IRP_MJ_CLOSE] = DeviceClose;//关闭 RtlInitUnicodeString(&DeviceName, DEVICE_NAME); RtlInitUnicodeString(&SymbolLinkName, SYMBOL_LINK_NAME); ntstatus = IoCreateDevice(driver, 0, &DeviceName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &pDevice); if (!NT_SUCCESS(ntstatus)) { DbgPrint("IoCreateDevice Failed"); return ntstatus; } ntstatus = IoCreateSymbolicLink(&SymbolLinkName, &DeviceName); if (!NT_SUCCESS(ntstatus)) { DbgPrint("IoCreateSymbolicLink Failed"); IoDeleteDevice(pDevice); return ntstatus; } pDevice->Flags |= DO_BUFFERED_IO; DbgPrint("%ws", reg_path->Buffer); DbgPrint("driver load success..."); return STATUS_SUCCESS; } NTSTATUS DeviceCreate(PDEVICE_OBJECT pDeviceObject, PIRP pIrp) { //业务代码区 //设置返回状态 pIrp->IoStatus.Status = STATUS_SUCCESS; pIrp->IoStatus.Information = 0; IoCompleteRequest(pIrp, IO_NO_INCREMENT); DbgPrint("create device success...%d",pDeviceObject->ActiveThreadCount);//这里蛋疼得狠,vs2019里,pDeviceObject不用一下,编译就报错,所有派遣函数一样 return STATUS_SUCCESS; } NTSTATUS DeviceClose(PDEVICE_OBJECT pDeviceObject, PIRP pIrp) { //业务代码区 //设置返回状态 pIrp->IoStatus.Status = STATUS_SUCCESS;//getLastError()得到的值 pIrp->IoStatus.Information = 0; //返回给3环多少数据,没有填0 IoCompleteRequest(pIrp, IO_NO_INCREMENT); DbgPrint("create device success...%d", pDeviceObject->ActiveThreadCount); return STATUS_SUCCESS; } NTSTATUS DeviceRead(PDEVICE_OBJECT pDeviceObject, PIRP pIrp) { PIO_STACK_LOCATION iostack; iostack = IoGetCurrentIrpStackLocation(pIrp); ULONG length = iostack->Parameters.Read.Length; PVOID pBuffer = pIrp->AssociatedIrp.SystemBuffer; pIrp->IoStatus.Status = STATUS_SUCCESS;//getLastError()得到的值 pIrp->IoStatus.Information = length; //返回给3环多少数据,没有填0 RtlFillMemory(pBuffer,length,0xAA); IoCompleteRequest(pIrp, IO_NO_INCREMENT); DbgPrint("read device success...%d", pDeviceObject->ActiveThreadCount); return STATUS_SUCCESS; }