#include <ddk/ntddk.h>
static VOID STDCALL
my_unload( IN PDRIVER_OBJECT DriverObject ) {
}
NTSTATUS STDCALL
DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) {
DbgPrint("DriverEntry called
");
DriverObject->DriverUnload = my_unload;
return STATUS_SUCCESS;
}
编译:gcc -o "OBJ文件名" -O3 -c "源文件名"
连接:ld "OBJ文件名" --subsystem=native --image-base=0x10000 --file-alignment=0x1000 --section-alignment=0x1000 --entry=_DriverEntry@8 -nostartfiles --nostdlib -shared -L "库路径" -l ntoskrnl -o "驱动文件名"