|
阅读:1252回复:1
如何创建设备目录
我们创建设备对象的时候可以“FileSystem\\Filters\\FileSpy"去创建符号连接,但是"FileSystem\\Filters1"这个目录怎么去创建的呢?请大虾指教一二
|
|
|
沙发#
发布于:2005-01-04 09:41
ZwCreateDirectoryObject
The ZwCreateDirectoryObject routine creates or opens a directory object, which is a container for other objects. NTSTATUS ZwCreateDirectoryObject( OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes ); Parameters DirectoryHandle Pointer to a variable that receives the directory object handle if the call is successful. The driver must close the handle with ZwClose once the handle is no longer in use. DesiredAccess Specifies the ACCESS_MASK value that expresses the type of access that the caller requires to the directory object. This value is compared with the granted access on an existing directory object. A caller can specify one or a combination of the following. DesiredAccess Flags Meaning DIRECTORY_QUERY Query access to the directory object DIRECTORY_TRAVERSE Name-lookup access to the directory object DIRECTORY_CREATE_OBJECT Name-creation access to the directory object DIRECTORY_CREATE_SUBDIRECTORY Subdirectory-creation access to the directory object DIRECTORY_ALL_ACCESS All of the preceding ObjectAttributes Pointer to a structure that specifies the object's attributes, which has already been initialized with InitializeObjectAttributes. If the caller is not running in the system process context, it must set the OBJ_KERNEL_HANDLE attribute for ObjectAttributes. Headers Declared in wdm.h and ntddk.h. Include wdm.h or ntddk.h. Return Value ZwCreateDirectoryObject returns an NTSTATUS value. Possible return values include: STATUS_SUCCESS STATUS_ACCESS_DENIED STATUS_ACCESS_VIOLATION STATUS_DATATYPE_MISALIGNMENT Comments A directory object is a container for other objects. Note that file system directories are not represented by directory objects, but rather by file objects. Directory objects are an integral part of the system's object management and are manipulated indirectly as a result of other operations. For example, when a device object is created, its name is inserted in a directory object and the pointer counts of both the directory object and the named device object are incremented. Any named object's header contains a pointer to the directory object containing that object's name. Drivers that create a set of device objects might set up a directory object when they initialize. For example, a disk driver might use this technique to group the device object representing a physical disk and the device objects representing partitions on that disk in a driver-created directory object. Before the DriverEntry routine returns control, such a driver calls ZwMakeTemporaryObject if its directory object was initialized with the OBJ_PERMANENT attribute, and ZwClose to release the directory object that was created to hold such a group of related device objects. If a directory object was initialized as temporary and its handle count becomes zero, the directory object's name is deleted. Name deletion occurs for a temporary object when the last handle to the object has been closed. A driver also can use this technique to delete a directory object it creates when the object is no longer required. Driver routines that run in a process context other than that of the system process must set the OBJ_KERNEL_HANDLE attribute for the ObjectAttributes parameter of ZwCreateDirectoryObject. This restricts the use of the handle returned by ZwCreateDirectoryObject to processes running only in kernel mode. Otherwise, the handle can be accessed by the process in whose context the driver is running. Drivers can call InitializeObjectAttributes to set the OBJ_KERNEL_HANDLE attribute as follows. InitializeObjectAttributes(&ObjectAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); Callers of ZwCreateDirectoryObject must be running at IRQL = PASSIVE_LEVEL. |
|
|
