|
阅读:1402回复:6
请教IrpStack的一个问题
LONGLONG FilePointer = IrpStack->Parameters.Read.ByteOffset.QuadPart;
这里的filepoint得到值是什么呢 我查了ntddk.h的PIO_STACK_LOCATION 结构可在Read结构中ByteOffset已经是最小成员没有发现QuadPart.哪位高手用过呢请执教。 |
|
|
沙发#
发布于:2003-09-17 18:28
struct _IO_STACK_LOCATION (sizeof=36)
+00 byte MajorFunction +01 byte MinorFunction +02 byte Flags +03 byte Control +04 union __unnamed19 Parameters +04 struct __unnamed20 Create +04 struct _IO_SECURITY_CONTEXT *SecurityContext +08 uint32 Options +0c uint16 FileAttributes +0e uint16 ShareAccess +10 uint32 EaLength +04 struct __unnamed21 CreatePipe +04 struct _IO_SECURITY_CONTEXT *SecurityContext +08 uint32 Options +0c uint16 Reserved +0e uint16 ShareAccess +10 struct _NAMED_PIPE_CREATE_PARAMETERS *Parameters +04 struct __unnamed22 CreateMailslot +04 struct _IO_SECURITY_CONTEXT *SecurityContext +08 uint32 Options +0c uint16 Reserved +0e uint16 ShareAccess +10 struct _MAILSLOT_CREATE_PARAMETERS *Parameters +04 struct __unnamed23 Read +04 uint32 Length +08 uint32 Key +0c union _LARGE_INTEGER ByteOffset +0c uint32 LowPart +10 int32 HighPart +0c struct __unnamed3 u +0c uint32 LowPart +10 int32 HighPart +0c int64 QuadPart +04 struct __unnamed23 Write +04 uint32 Length +08 uint32 Key +0c union _LARGE_INTEGER ByteOffset +0c uint32 LowPart +10 int32 HighPart +0c struct __unnamed3 u +0c uint32 LowPart +10 int32 HighPart +0c int64 QuadPart +04 struct __unnamed24 QueryDirectory +04 uint32 Length +08 struct _STRING *FileName +0c int32 FileInformationClass +10 uint32 FileIndex +04 struct __unnamed25 NotifyDirectory +04 uint32 Length +08 uint32 CompletionFilter +04 struct __unnamed26 QueryFile +04 uint32 Length +08 int32 FileInformationClass +04 struct __unnamed27 SetFile +04 uint32 Length +08 int32 FileInformationClass +0c struct _FILE_OBJECT *FileObject +10 byte ReplaceIfExists +11 byte AdvanceOnly +10 uint32 ClusterCount +10 void *DeleteHandle +04 struct __unnamed28 QueryEa +04 uint32 Length +08 void *EaList +0c uint32 EaListLength +10 uint32 EaIndex +04 struct __unnamed29 SetEa +04 uint32 Length +04 struct __unnamed30 QueryVolume +04 uint32 Length +08 int32 FsInformationClass +04 struct __unnamed30 SetVolume +04 uint32 Length +08 int32 FsInformationClass +04 struct __unnamed31 FileSystemControl +04 uint32 OutputBufferLength +08 uint32 InputBufferLength +0c uint32 FsControlCode +10 void *Type3InputBuffer +04 struct __unnamed32 LockControl +04 union _LARGE_INTEGER *Length +08 uint32 Key +0c union _LARGE_INTEGER ByteOffset +0c uint32 LowPart +10 int32 HighPart +0c struct __unnamed3 u +0c uint32 LowPart +10 int32 HighPart +0c int64 QuadPart +04 struct __unnamed33 DeviceIoControl +04 uint32 OutputBufferLength +08 uint32 InputBufferLength +0c uint32 IoControlCode +10 void *Type3InputBuffer +04 struct __unnamed34 QuerySecurity +04 uint32 SecurityInformation +08 uint32 Length +04 struct __unnamed35 SetSecurity +04 uint32 SecurityInformation +08 void *SecurityDescriptor +04 struct __unnamed36 MountVolume +04 struct _VPB *Vpb +08 struct _DEVICE_OBJECT *DeviceObject +04 struct __unnamed36 VerifyVolume +04 struct _VPB *Vpb +08 struct _DEVICE_OBJECT *DeviceObject +04 struct __unnamed37 Scsi +04 *Srb +04 struct __unnamed38 QueryQuota +04 uint32 Length +08 void *StartSid +0c struct _FILE_GET_QUOTA_INFORMATION *SidList +10 uint32 SidListLength +04 struct __unnamed29 SetQuota +04 uint32 Length +04 struct __unnamed39 QueryDeviceRelations +04 int32 Type +04 struct __unnamed40 QueryInterface +04 struct _GUID *InterfaceType +08 uint16 Size +0a uint16 Version +0c struct _INTERFACE *Interface +10 void *InterfaceSpecificData +04 struct __unnamed41 DeviceCapabilities +04 struct _DEVICE_CAPABILITIES *Capabilities +04 struct __unnamed42 FilterResourceRequirements +04 struct _IO_RESOURCE_REQUIREMENTS_LIST *IoResourceRequirementList +04 struct __unnamed51 ReadWriteConfig +04 uint32 WhichSpace +08 void *Buffer +0c uint32 Offset +10 uint32 Length +04 struct __unnamed52 SetLock +04 byte Lock +04 struct __unnamed53 QueryId +04 int32 IdType +04 struct __unnamed54 QueryDeviceText +04 int32 DeviceTextType +08 uint32 LocaleId +04 struct __unnamed55 UsageNotification +04 byte InPath +05 byte Reserved[3] +08 int32 Type +04 struct __unnamed56 WaitWake +04 int32 PowerState +04 struct __unnamed57 PowerSequence +04 struct _POWER_SEQUENCE *PowerSequence +04 struct __unnamed58 Power +04 uint32 SystemContext +08 int32 Type +0c union _POWER_STATE State +0c int32 SystemState +0c int32 DeviceState +10 int32 ShutdownType +04 struct __unnamed59 StartDevice +04 struct _CM_RESOURCE_LIST *AllocatedResources +08 struct _CM_RESOURCE_LIST *AllocatedResourcesTranslated +04 struct __unnamed60 WMI +04 uint32 ProviderId +08 void *DataPath +0c uint32 BufferSize +10 void *Buffer +04 struct __unnamed61 Others +04 void *Argument1 +08 void *Argument2 +0c void *Argument3 +10 void *Argument4 +14 struct _DEVICE_OBJECT *DeviceObject +18 struct _FILE_OBJECT *FileObject +1c function *CompletionRoutine +20 void *Context 其中共用体read部分 ... ―――――――――――――――――― +04 struct __unnamed23 Read +04 uint32 Length +08 uint32 Key +0c union _LARGE_INTEGER ByteOffset +0c uint32 LowPart +10 int32 HighPart +0c struct __unnamed3 u +0c uint32 LowPart +10 int32 HighPart +0c int64 QuadPart ―――――――――――――――――― +14 struct _DEVICE_OBJECT *DeviceObject ... [编辑 - 9/17/03 by jiurl] |
|
|
板凳#
发布于:2003-09-17 20:32
老大这是在哪个头文件程序里呢,请指明呢
顺便问问Read.ByteOffset.QuadPart中的QuadPart是代表什么意思呢 因为程序中有几个不太明白 LONGLONG FilePointer = IrpStack->Parameters.Read.ByteOffset.QuadPart; ULONG ReadLen = IrpStack->Parameters.Read.Length; DebugPrint(\"Read %d bytes from file pointer %d\",(int)ReadLen,(int)FilePointer); // Get access to the shared buffer KIRQL irql; KeAcquireSpinLock(&BufferLock,&irql); // Check file pointer if( FilePointer<0) status = STATUS_INVALID_PARAMETER; if( FilePointer>=(LONGLONG)BufferSize) status = STATUS_END_OF_FILE; if( status==STATUS_SUCCESS) { // Get transfer count if( ((ULONG)FilePointer)+ReadLen>BufferSize) { BytesTxd = BufferSize - (ULONG)FilePointer; if( BytesTxd<0) BytesTxd = 0; } else BytesTxd = ReadLen; // Read from shared buffer if( BytesTxd>0 && Buffer!=NULL) RtlCopyMemory( Irp->AssociatedIrp.SystemBuffer, Buffer+FilePointer, BytesTxd); }为什么这里的源地址要用Buffer+FilePointer以其为什么BytesTxd = BufferSize - (ULONG)FilePointer; [编辑 - 9/17/03 by dlianghui] |
|
|
地板#
发布于:2003-09-18 11:42
ByteOffset是一个64位的值(类型定义为一个union),
QuadPart就是64位整型(LONGLONG), 还可以只访问ByteOffset高32位(HighPart)或低32位(LowPart). |
|
|
|
地下室#
发布于:2003-09-18 12:48
一个一个问题地来:
1,ByteOffset是一个LARGE_INTEGER类型的值,至于这个类型的声明,搜索MSDN(别告诉我你没有啊)就有,或者你也可以在头文件里搜(有可能在VISUAL STUDIO里而不是DDK)。 2,你这个程序好象是一个黑皮的书里的例子,我记不得是ART BAKER那个还是另外一本翻译了DDK的。它的原意是用内存模拟一个虚拟文件。而这里的FilePointer就是文件读写时的当前指针(就象以前用文件读写的API时由系统维护的那个文件当前指针,因为文件在C/C++里面是以流的形式).在这个用连续内存虚拟成的文件里,文件指针其实就是内存块的偏移量,我记得它好象是由例子里的应用程序在发送文件读写请求时指定的,然后通过这个IRP传进来。 3,Buffer+FilePointer就是应用程序所请求的该虚拟文件从指定文件指针(FilePointer)开始的内容,所以要从内存块的起始地址加上偏移量。而发送的字节数当然是从总数减去偏移量了。 |
|
|
|
5楼#
发布于:2003-09-18 21:10
虽然QuadPart没有找到,但是你的三个回答让我明白了
真是太谢谢slough了。我现在看的是一个别人以前做的一个有关pcidp的驱动程序,不过不知道是从那借鉴来的,请告知。还有我怎么给你分呢虽然我分不多,但是你让我明白一个问题,呵呵,没有其他方法作为感谢,就给点分吧 |
|
|
6楼#
发布于:2003-09-22 10:00
无所谓啦, 其实我也不知道怎么加分--偶也是不怎么上来的, 碰巧你写的这个程序我以前看过.
|
|
|