關閉廣告

目前分類:Driver (4)

瀏覽方式: 標題列表 簡短摘要 


Driver-----


#include 
#include 
#include "PriorityBoosterCommon.h"

NTSTATUS BoosterCreateClose(PDEVICE_OBJECT DeviceObject, PIRP Irp);
NTSTATUS BoosterWrite(PDEVICE_OBJECT DeviceObject, PIRP Irp);
void BoosterUnload(PDRIVER_OBJECT DriverObject);


extern "C" NTSTATUS
DriverEntry(_In_ PDRIVER_OBJECT DriverObject, _In_ PUNICODE_STRING RegistryPath)
{
        UNREFERENCED_PARAMETER(RegistryPath);
        KdPrint(("Boster: DriverEntry \n"));


        DriverObject->DriverUnload = BoosterUnload;

        DriverObject->MajorFunction[IRP_MJ_CREATE] = BoosterCreateClose;
        DriverObject->MajorFunction[IRP_MJ_CLOSE] = BoosterCreateClose;
        DriverObject->MajorFunction[IRP_MJ_WRITE] = BoosterWrite;


        UNICODE_STRING devName = RTL_CONSTANT_STRING(L"\\Device\\Booster");

        PDEVICE_OBJECT DeviceObject;
        NTSTATUS status = IoCreateDevice
        (
                DriverObject,                   // our driver object
                0,                                              // no need for extra bytes
                &devName,                           // the device name
                FILE_DEVICE_UNKNOWN,    // device type
                0,                                              // characteristics flags
                FALSE,                                  // not exclusive
                &DeviceObject                       // the resulting pointer
        );
        if (!NT_SUCCESS(status)) {
                KdPrint(("Failed to create device object (0x%08X)\n", status));
                return status;
        }

        UNICODE_STRING symLink = RTL_CONSTANT_STRING(L"\\??\\Booster");
        status = IoCreateSymbolicLink(&symLink, &devName);
        if (!NT_SUCCESS(status)) {
                KdPrint(("Failed to create symbolic link (0x%08X)\n", status));
                IoDeleteDevice(DeviceObject);                   // Very important!
                return status;
        }
        return STATUS_SUCCESS;
}

 
void BoosterUnload(PDRIVER_OBJECT DriverObject)
{
        KdPrint(("Boster: Driver unload\n"));

        UNICODE_STRING symLink = RTL_CONSTANT_STRING(L"\\??\\Booster");
        // delete symbolic link
        IoDeleteSymbolicLink(&symLink);

        // delete device object
        IoDeleteDevice(DriverObject->DeviceObject);
}


NTSTATUS BoosterCreateClose(PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
        UNREFERENCED_PARAMETER(DeviceObject);

        Irp->IoStatus.Status = STATUS_SUCCESS;
        Irp->IoStatus.Information = 0;
        IoCompleteRequest(Irp, IO_NO_INCREMENT);
        return STATUS_SUCCESS;
}

NTSTATUS BoosterWrite(PDEVICE_OBJECT, PIRP Irp) {
        auto status = STATUS_SUCCESS;
        ULONG_PTR information = 0;


        auto irpSp = IoGetCurrentIrpStackLocation(Irp);
        do {
                if (irpSp->Parameters.Write.Length < sizeof(ThreadData)) {
                        status = STATUS_BUFFER_TOO_SMALL;
                        break;
                }

                auto data = static_cast(Irp->UserBuffer);
                if (data == nullptr || data->Priority < 1 || data->Priority > 31) {
                        status = STATUS_INVALID_PARAMETER;
                        break;
                }

                PETHREAD thread;
                status = PsLookupThreadByThreadId(ULongToHandle(data->ThreadId), &thread);
                if (!NT_SUCCESS(status))
                {
                        break;
                }
                auto oldPriority = KeSetPriorityThread(thread, data->Priority);
                KdPrint(("Priority change ofr thread %u from %d to %d succeeded!\n",
                        data->ThreadId, oldPriority, data->Priority));

                ObDereferenceObject(thread);
                information = sizeof(ThreadData);
        } while (false);

        Irp->IoStatus.Status = status;
        Irp->IoStatus.Information = information;

        IoCompleteRequest(Irp, IO_NO_INCREMENT);

        return status;

}

 

 

(繼續閱讀...)

Eric 發表在 痞客邦 留言(0) 人氣()

▲top


// Beep.cpp : This file contains the 'main' function. Program execution begins and ends there.
//

#include 
#include 
#include 
#include 

#pragma comment(lib, "ntdll")

int main(int argc, const char* argv[]) {
        printf("beep [ ]\n");
        int freq = 800, duration = 1000;
        if (argc > 2) {
                freq = atoi(argv[1]);
                duration = atoi(argv[2]);
        }
        
        HANDLE hFile;
        OBJECT_ATTRIBUTES attr;
        UNICODE_STRING name;
        RtlInitUnicodeString(&name, DD_BEEP_DEVICE_NAME_U);
        InitializeObjectAttributes(&attr, &name, OBJ_CASE_INSENSITIVE, nullptr, nullptr);
        IO_STATUS_BLOCK ioStatus;
        auto status = ::NtOpenFile(&hFile, GENERIC_WRITE, &attr, &ioStatus, 0, 0);
        if (NT_SUCCESS(status)) {
                BEEP_SET_PARAMETERS params;
                params.Frequency = freq;
                params.Duration = duration;
                DWORD bytes;
                //
                // play the sound
                //
                printf("Playing freq: %u, duration: %u\n", freq, duration);
                ::DeviceIoControl(hFile, IOCTL_BEEP_SET, ¶ms, sizeof(params), nullptr, 0, &bytes, nullptr);

                //
                // the sound starts playing and the call returns immediately
                // Wait so that the app doesn't close
                //
                ::Sleep(duration);
                ::CloseHandle(hFile);
        }
        else {
                printf("Failed in NtOpenFile (status=0x%X)\n", status);
        }
        return 0;
}

Eric 發表在 痞客邦 留言(0) 人氣()

▲top

 

 

(繼續閱讀...)

Eric 發表在 痞客邦 留言(0) 人氣()

▲top

這一整個月都在開始邊學寫Driver,除了每天BlueScreen之外,

還有更多的是只要一個細節沒處理好就葛屁的莫名其妙了,

(繼續閱讀...)

Eric 發表在 痞客邦 留言(0) 人氣()

▲top

Close

您尚未登入,將以訪客身份留言。亦可以上方服務帳號登入留言

請輸入暱稱 ( 最多顯示 6 個中文字元 )

請輸入標題 ( 最多顯示 9 個中文字元 )

請輸入內容 ( 最多 140 個中文字元 )

reload

請輸入左方認證碼:

看不懂,換張圖

請輸入驗證碼