驱动中IRP_MJ_READ异步

EXE部分

#include <stdio.h>#include <Windows.h>#include <WinIoCtl.h>#include "Ioctl.h"int main (void){char linkname[]="\\\\.\\HelloDDK";HANDLE hDevice = CreateFileA(linkname,GENERIC_READ | GENERIC_WRITE,0,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL|FILE_FLAG_OVERLAPPED,//此处设置FILE_FLAG_OVERLAPPEDNULL);if (hDevice == INVALID_HANDLE_VALUE){printf("Win32 error code: %d\n",GetLastError());return 1;}OVERLAPPED overlap1={0};OVERLAPPED overlap2={0};UCHAR  buffer[10]={0};ULONG ulRead=0;BOOL bRead=ReadFile(hDevice,buffer,10,&ulRead,&overlap1);if (!bRead && GetLastError()==ERROR_IO_PENDING){printf("The operation is pending\n");}else{printf("OK1\n");}bRead=ReadFile(hDevice,buffer,10,&ulRead,&overlap2);if (!bRead && GetLastError()==ERROR_IO_PENDING){printf("The operation is pending\n");}else{printf("OK12\n");}//迫使程序终止2秒Sleep(2000);printf("OK3\n");/*应用程序关闭设置的时候会产生IRP_MJ_CLEANIP类型的IRP，在IRP_MJ_CLEANUP的派遣函数中结束那些“挂起”的IRP_MJ_READ*///显示的调用CancelIo,其实在关闭设备时会自动运行CancelIoCancelIo(hDevice);//创建IRP_MJ_CLEANUP IRPCloseHandle(hDevice);getchar();getchar();return 0;}

 

 

 

 

SYS部分

#include "hello.h"#include "Ioctl.h"NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING  RegistryPath){DbgPrint("Hello from!\n");DriverObject->DriverUnload = HelloUnload;for (int i=0;i<IRP_MJ_MAXIMUM_FUNCTION;i++){DriverObject->MajorFunction[i]=HelloDDKDispatchRoutine;}DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL]=HelloDDKControl;DriverObject->MajorFunction[IRP_MJ_READ]=HelloDDKRead;#if DBG_asm int 3#endif//创建设备CreateDevice(DriverObject);return STATUS_SUCCESS;}//卸载函数void HelloUnload(IN PDRIVER_OBJECT DriverObject){DbgPrint("Goodbye from!\n");PDEVICE_OBJECT pNextObj=NULL;pNextObj=DriverObject->DeviceObject;while (pNextObj){PDEVICE_EXTENSION pDevExt=(PDEVICE_EXTENSION)pNextObj->DeviceExtension;//删除符号连接IoDeleteSymbolicLink(&pDevExt->ustrSymLinkName);//删除设备IoDeleteDevice(pDevExt->pDevice);pNextObj=pNextObj->NextDevice;}}NTSTATUS HelloDDKControl(IN PDEVICE_OBJECT pDevObj,IN PIRP pIrp){#if DBG_asm int 3#endifNTSTATUS status=STATUS_SUCCESS;//获取当前堆栈PIO_STACK_LOCATION stack=IoGetCurrentIrpStackLocation(pIrp);//获取输入参数大小ULONG cbin=stack->Parameters.DeviceIoControl.InputBufferLength;//获取输出参数大小ULONG cbout=stack->Parameters.DeviceIoControl.OutputBufferLength;//得到IOCTL控制码ULONG code=stack->Parameters.DeviceIoControl.IoControlCode;switch (code){case IOCTL_TEST1://缓冲区方式IOCTL{}break;default:status=STATUS_INVALID_VARIANT;}//设置IRP的完成状态pIrp->IoStatus.Status=status;pIrp->IoStatus.Information=0;IoCompleteRequest(pIrp,IO_NO_INCREMENT);return status;}VOID CancelReadIRP(IN PDEVICE_OBJECT pDevObj,IN PIRP pIrp){#if DBG_asm int 3#endifPDEVICE_EXTENSION pDevExt=(PDEVICE_EXTENSION)pDevObj->DeviceExtension;//设置完成状态为STATUS_CANCELLEDpIrp->IoStatus.Status=STATUS_CANCELLED;pIrp->IoStatus.Information=0;IoCompleteRequest(pIrp,IO_NO_INCREMENT);//释放Cancel自旋锁IoReleaseCancelSpinLock(pIrp->CancelIrql);return;}//读设备IRPNTSTATUS HelloDDKRead(IN PDEVICE_OBJECT pDevObj,IN PIRP pIrp){#if DBG_asm int 3#endifPDEVICE_EXTENSION pDevExt=(PDEVICE_EXTENSION)pDevObj->DeviceExtension;IoSetCancelRoutine(pIrp,CancelReadIRP);//将IRP设置为挂起IoMarkIrpPending(pIrp);//返回pending状态return STATUS_PENDING;}//创建设备NTSTATUS CreateDevice(PDRIVER_OBJECT pDriver_Object){//定义变量NTSTATUS status=STATUS_SUCCESS;PDEVICE_OBJECT pDevObje=NULL;PDEVICE_EXTENSION pDevExt=NULL;//初始化字符串UNICODE_STRING devname;UNICODE_STRING symLinkName;RtlInitUnicodeString(&devname,L"\\device\\hello");RtlInitUnicodeString(&symLinkName,L"\\??\\HelloDDK");//创建设备if (IoCreateDevice(pDriver_Object,sizeof(PDEVICE_EXTENSION),&devname,FILE_DEVICE_UNKNOWN,NULL,TRUE,&pDevObje)!=STATUS_SUCCESS ){DbgPrint("创建设备失败\n");return status;}pDevObje->Flags |= DO_BUFFERED_IO;;pDevExt=(PDEVICE_EXTENSION)pDevObje->DeviceExtension;pDevExt->pDevice=pDevObje;pDevExt->ustrDeviceName=devname;pDevExt->ustrSymLinkName=symLinkName;//创建符号连接if (IoCreateSymbolicLink(&symLinkName,&devname)!=STATUS_SUCCESS ){DbgPrint("创建符号连接失败\n");IoDeleteDevice(pDevObje);return status;}return STATUS_SUCCESS;}//派遣函数NTSTATUS HelloDDKDispatchRoutine(IN PDEVICE_OBJECT pDevObj,IN PIRP pIrP){//#if DBG//_asm int 3//#endifPIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrP);//建立一个字符串数组与IRP类型对应起来static char* irpname[] = {"IRP_MJ_CREATE","IRP_MJ_CREATE_NAMED_PIPE","IRP_MJ_CLOSE","IRP_MJ_READ","IRP_MJ_WRITE","IRP_MJ_QUERY_INFORMATION","IRP_MJ_SET_INFORMATION","IRP_MJ_QUERY_EA","IRP_MJ_SET_EA","IRP_MJ_FLUSH_BUFFERS","IRP_MJ_QUERY_VOLUME_INFORMATION","IRP_MJ_SET_VOLUME_INFORMATION","IRP_MJ_DIRECTORY_CONTROL","IRP_MJ_FILE_SYSTEM_CONTROL","IRP_MJ_DEVICE_CONTROL","IRP_MJ_INTERNAL_DEVICE_CONTROL","IRP_MJ_SHUTDOWN","IRP_MJ_LOCK_CONTROL","IRP_MJ_CLEANUP","IRP_MJ_CREATE_MAILSLOT","IRP_MJ_QUERY_SECURITY","IRP_MJ_SET_SECURITY","IRP_MJ_POWER","IRP_MJ_SYSTEM_CONTROL","IRP_MJ_DEVICE_CHANGE","IRP_MJ_QUERY_QUOTA","IRP_MJ_SET_QUOTA","IRP_MJ_PNP",};UCHAR type = stack->MajorFunction;if (type >= CountArray(irpname))KdPrint(("无效的IRP类型 %X\n", type));elseKdPrint(("%s\n", irpname[type]));pIrP->IoStatus.Status=STATUS_SUCCESS;//设置完成状态pIrP->IoStatus.Information=0;//设置操作字节为0IoCompleteRequest(pIrP,IO_NO_INCREMENT);//结束IRP派遣函数，第二个参数表示不增加优先级return STATUS_SUCCESS;}