Chapter III: Write kernel mode drivers
Gushaow@mails.gscas.ac.cn
In addition to documentation, DDK also provides special header files and import libraries to interact with Windows 2000 kernel modules. The main problem is that the VC does not provide a guide to generating kernel mode driver projects. This book provides a kernel mode driver wizard, which has a complete source code in / src / w2k_wiz. In fact, this template can generate several types of projects, including Win32 dynamic connection libraries and applications.
The entrance to the driver is DriveREntry (), of course, can be set to other names through / entry when the connection is connected. First create the device object and symbolic link when driving initial test, then save the value of the device object and the device context. Then set all acceptable IRP callback processing functions and Driverunload function pointers.
#pragma alloc_text (init, driverentry), making DriveREntry stored in another code segment init instead of the default code segment. The drive loader recognizes this special paragraph and discards it after the initial test is completed.
The next chapter will appear using a technique called device I / O control (IOCTL) so that the user mode code is allowed to have some degree of remote control. If a program needs to access system resources that cannot be obtained in user mode, the kernel mode driver can complete this work, and IOCTL will rack the bridge between the two. Of course, a communication protocol must be customized between the two.
l The client is controlled by a special entry point, that is, kernel32! deviceiocontrol ().
l The client provides a device representation, a control code, an input data buffer. The device is indicated that the handle of the device that is successfully opened.
l Control code tells the IOCTL distribution routine of the target device to call which control function.
l The result of the operation is applied to the customer through a state code.
Load and unload drive
In general, the drive is loaded and started when the system is started. However, you can dynamically load and uninstall the drive through the Service Control Manager.
The service is 2K to run the powerful module running the program in the background, independently of the user interface shell. That is, the service is a process that can run even if there is no user login. Refer to Windows Developer's Journal, 1996a, and 1996d, Paula Tomlinson's two articles.
Service Control Manager can handle services and drivers.
The interface of the service control manager is open to the Win32 program via Advapi32.dll. Before you can load and access any service, you must open the handle of the service control manager to call OpenScManager (). The following is a list of interface functions for the service control manager for loading and uninstalling service / drive.
Name
Description
ClosServiceHandle
Close Handle Obtained from OpenScManager (), CreateService (), or OPENSERVICEF)
ControlService
STOP, PAUSE, Continue, Interrogate, or Notify a loading service / driver
CreateService
Load a service / driver
DeleteService
Unload a service / driver
Openscmanager
Obtain a Handle to the SC Manager
OpenService
Obtain a Handle to a loading service / driver
QueryServiceStatus
Query The Properties and The Current State of a Service / Driver
StartService
START A LOADED Service / Driver
The general process of loading the driver: 1. Call OpenScManager () get the manager handle
2. Call CreateService () Add services to your system / drive
3. Call startService () Start service / driver
4. Call CloseServiceHandle () Release Manager and Service / Drive Handle.
If the StartService call fails, you must call the deleteService, and the CREATSERVICE function requires a full path parameter. If it is a relative path, the call will fail, so you must get the path with getFullPathname.
The Service Control Manager provides a function for enumeration: EnumServicesStatus.
