求助!在网络数据拦截程序里调用加密卡的问题

Vxd钩子程序拦截网络数据,加密卡驱动程序是WDM.
试过两种方法调用,Directed_Sys_Control以及tKernelDeviceIoCtl,
都是接收网络数据时调用会死,但在处理应用层发下的IOCONTROL指令的函数里调用就OK,已经困惑很长时间,请帮助!

Vxd钩子程序拦截网络数据,加密卡驱动程序是WDM.
试过两种方法调用,Directed_Sys_Control以及tKernelDeviceIoCtl,
都是接收网络数据时调用会死,但在处理应用层发下的IOCONTROL指令的函数里调用就OK,已经困惑很长时间,请帮助!

关于vxd call wdm，我并不认为是安全的。原因有很多，
我也不全明白，大致想来有如下几个。1、vxd并不完全
支持irql，vxd的确可以调用kegetirql等几个irql的函数
来操作irql，但是并不完全。2、无法知道何时调用是安全
的。具体关于vxd call wdm，numega有一篇文章，该文章
本站上有转载。walter oney的那本wdm的书(windows device
driver modal)的一个附录里面也有详细描述。可以直接
象调用静态加载的动态库中的函数一样直接调用，并不需要
使用特别的方法。但是经过我一位师兄的实验，发现在他的
应用中，300到500次的调用一般还是安全的，但是超长时间
的调用一般都会死机。我没有仔细看过他的代码，但是那位
师兄的驱动程序开发时间实在太长，我无法怀疑他的代码中
会有内存泄漏之类的错误（何况那个sys还是我提供的）。

我能给你的建议就是，尽量把sys写成一个vxd，如果实在
不行，就把沟子程序写成sys。




最后，我对你的问题给分为0感到不满。这个问题我相信是
一个比较困难的问题，我也在等待vxd的高手回答这个问题，
特别是，何时调用才是安全的。我不知道写tr的刘涛涛是否
也浏览这个网站，但是我想他应该是研究过这个问题的，也许
他有很好的答案。

关于VxD Call WDM，我想也应是有解决方案的，下面就是我在微软网站里找到的有关内容，但我还没有时间去测试这种方法，但我想应该还是安全的吧。
In Figure 2, you can see that the application calls are routed to the new WDM driver (Wdmdrv.sys) by going through the VxD interface exported by the mapper *.sys driver (Mapsys.sys). The Mapsys.sys driver creates the VxD interface by using the VMM_Add_DDB call. Mapsys.sys is able to call into Wdmdrv.sys by using the simple dynamic linking mechanism used by DLLs.



Figure 2. WDM Mapper Solution

Let me warn you now, the prescription for interfacing VxDs with WDM drivers is not an easy one to take. It involves some assembly language with fairly complicated macros that are easily misused. Also, because Windows 2000 does not support VxDs, you must make sure that your small mapper *.sys driver is never run on a Windows 2000 system―attempting to call VMM_Add_DDB on a Windows 2000 system will cause an instant blue screen!

Enough with the warnings, on to the example.

The Doctor’s Example

 download MouseVxD, the example code described in this article.
(Zip file; file size: 21KB; file date: December 17, 1997)

The doctor’s example uses a USB mouse to simulate a device with a newly-added USB connection. In this example, assume the original device was a serial mouse that was controlled by an ordinary Windows 95 VxD driver that only allowed applications to detect button presses.

Also, assume the original VxD driver only provided three operations: Open, ReadButtonStatus, and Close, which were respectively accessed through the CreateFile, DeviceIoControl, and CloseHandle APIs.

This sample creates a new VxD driver, a mapper *.sys-style driver, and WDM driver that together provide the same user-mode interface as the original serial mouse VxD driver.

Enough talk about theory, time to look at the code. Let’s start with the sample app, Mousemon.exe. Assume Mousemon.exe is the \"original\" third party application that we need to maintain compatibility with. As you can see from examining Mousemon.c, the application is very simple: open the mouse with CreateFile, read the button status and loop until the user presses a ‘q’ at which time the mouse is closed and the application terminates.

Moving onto Mousebtn.vxd, we see things are nearly as simple. Mapvxd.c simply forwards the Open, Read, and Close requests from Mousemon.exe to Mapsys.sys.vxd via the VXDCALL mechanism. To see the details of the VxD call from ‘C,’ simply look at the Mousebtn.h file. But there’s not any magical medicine here; the Doctor is using the same technique described in Walter Oney’s book, System Programming for Windows 95.

Things get a little more complicated with the Mapsys.sys driver. First, examine the Mapsysa.asm and Mapsysa.inc files. Toward the beginning of Mapsysa.asm, you can see the \"Create_MAPSYS_Service_Table = 1\" statement that creates a service table from the list of entries included in the Mapsysa.inc file. Notice that the \"Create_MAPSYS_Service_Table = 1\" statement must come before the \"Declare_Virtual_Device\" statement. Otherwise, you’ll end up with an empty service table and things will quietly not work.

Also, notice that the \"Create_MAPSYS_Service_Table = 1\" statement by itself does not make the Mapsys.sys code accessible to other VxDs. To make Mapsys.sys accessible, you also need to make the VMM_Add_DDB call. The Windows 95 DDK documentation warns not to use the VMM_Add_DDB call, but in this case, you need to. Before calling VMM_Add_DDB, store the address of the VxD_Desc_Block (a.k.a. DDB) for your mapper sys driver into the EDI register. The name of your mapper sys DDB can be constructed by appending the string \"_DDB\" to the device name parameter used in the Declare_Virtual_Device statement.

In this example, the VMM_Add_DDB macro is called from the MAPSYS_Init_VxD procedure, which is called from DriverEntry() when the Mapsys.sys driver is loaded.

Also included in the Mapsysa.asm file are simple procedures to implement all the Service functions. These Service functions first convert parameters passed via registers from the Mousebtn.vxd into parameters passed via the standard ‘C’ convention on the stack. Then the Service function calls the appropriate routine in the Mapsys.c file. These routines in the Mapsys.c function log the event and then call the appropriate function in Wdmdrv.sys. Notice that the Mapsys.c routines are able to directly call into Wdmdrv.sys because Wdmdrv.sys exported these functions using the same technique used by DLLs.

For more information on how DLLs can use exported functions, consult the Win32 SDK documentation and look at the SOURCES file for Mapsys.sys.

The Wdmdrv.c file contains a lot of code, but don’t let that scare you. We’ve finished all the mapping stuff. Most of the code in this file has to do with communicating with HID to access the mouse and isn’t as relevant to this discussion. However, the code is well commented and you may find a few tips, especially if you’re working with a HID device.

The only interesting thing to note (which many of you will find obvious) is that Wdmdrv.sys is a WDM driver (see Figure 2). This means you have access to all the power of WDM. It also means that you have the responsibility of running under Windows 2000. So, don’t go making VXDCALLs in this driver. You need to keep all references to VxDs in either the base VxD driver (Mousebtn.vxd) or the mapper sys file (Mapsys.sys).

How to Build and Run the Doctor’s Sample

Now that you have a basic understanding of the theory behind the sample, let’s get the sample running. The sample was tested with prototype USB mice using the Windows 98 Beta 3 and Microsoft Visual C++? version 5.0.

Notice that to actually execute the sample you’ll need a USB mouse, which are a little hard to come by at this time. However, you should be able to understand what’s happening just by looking at the source code. Those of you fortunate enough to have a USB mouse can step through the code using Soft-ICE.

The sample consists of four separate executables. The sample application (Mousemon.exe) is built from a Visual C++ environment (run Vcvars32.bat from a command window) by running nmake /f mousemon.mak. The Mousebtn.vxd, Mapsys.sys, and Wdmdrv.sys drivers are built from the WDM / Windows 98 DDK checked build environment. Notice that Wdmdrv.sys must be built before Mapsys.sys because Mapsys.sys needs to link with Wdmdrv.lib. Make sure that you also have the Ml.exe assembler on your path. This assembler is included with the Windows NT 4.0 DDK.

To build the Mousevxd.vxd driver, simply run nmake from the Mousevxd directory. (Build.exe doesn’t currently support making VxDs, so the Doctor has provided a simple, ordinary makefile.) To build the Mapsys.sys executable, run build -ew from the Sys subdirectory. Likewise, to build the Wdmdrv.sys driver, run build -ew from the Wdmdrv subdirectory. After you have the driver binaries built, copy Mapsys.sys and Wdmsys.sys to the Windows/System32/Drivers directory, and copy Mousebtn.vxd to the Windows/System directory.

For simplicity, instruct Windows 98 to load the Mapsys.sys driver during startup by merging the Mapsys.reg file into your test machine’s registry. You can do this by double-clicking the Mapsys.reg file and choose Yes to the registry change dialogs. In a production driver example, you probably don’t want to load your *.sys driver during startup; instead, you would let the Windows 98 Plug and Play manager load your *.sys file after detecting the corresponding hardware.

Before starting the Mousemon.exe application, make sure your USB mouse is working properly. Then, remove or rename the Mouhid.vxd file in the Windows/System directory to prevent Windows 98 from trying to use the USB mouse at the same time as Wdmdrv.sys is using it. After all this is done, reboot the test computer. Now, execute the Mousemon.exe program, and you should see print statements indicating which buttons are pressed on the USB mouse.

Final Bits of Advice

As I mentioned earlier, VxD-to-SYS mapping is tricky and it’s very easy to make a mistake. For example, putting the service table macros in the wrong order will cause the VxD interfaces to quietly not be exported. By quietly, I mean that you won’t get any error messages or crashes, your VXDCALLs into the mapper *.sys file will simply return before executing any code.

So, take small steps when developing a VxD to SYS mapper by adding only little bits of code before testing and debugging. Most importantly, remember that you should only be using this technique when you absolutely have to―that is, when you must support an existing application that cannot be modified to call WDM.

Finally, make every effort to keep the WDM driver compliant with the WDM rules. Don’t make VXDCALLs in the WDM driver, and be sure to test it under both Windows 98 and Windows 2000 with applications that know how to access WDM drivers. By doing this, you’ll have less driver executable files to produce and maintain, which is easier on you and easier on your customers.

That’s all for this visit. Remember to send your comments and suggestions for future articles to DrIver@microsoft.com.

关于VxD Call WDM，我想也应是有解决方案的，下面就是我在微软网站里找到的有关内容，但我还没有时间去测试这种方法，但我想应该还是安全的吧。

 

blue，please give me this article\'s URL,thanks.

引用：
-----------------------------------------------------------
关于VxD Call WDM，我想也应是有解决方案的，下面就是我在微软网站里找到的有关内容，但我还没有时间去测试这种方法，但我想应该还是安全的吧。
――――――――――――――――――――――
斑竹blue,给我一个url,lam123@263.net
谢谢！

这是我当时看到后存下来的，而现在我也没有找到那个URL，有兴趣的话你自已找一下，题目为《Adding a VxD Interface to a SYS Driver
》,那个例子下载地址： http://www.microsoft.com/hwdev/download/respec/mousevxd.zip