|
阅读:975回复:2
驱动卸载的问题
忙了好几天,在各位高手的点拨下,做了个禁用CDROM的驱动,本以为成功了,可还有问题:若光驱里已有光盘时,加载驱动,这时是禁用不了的,拿出光盘后光驱就被禁用了,还有就是卸载后要重启才生效,请看看
我的代码: #include "filter.h" extern "C" /*-----------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------*/ NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject,IN PUNICODE_STRING RegistryPath) { UNICODE_STRING target_device_name; //目标设备名 PDEVICE_OBJECT target_device_object; PFILE_OBJECT target_file_object; NTSTATUS status; UNICODE_STRING ntDeviceName; UNICODE_STRING win32DeviceName; fSymbolicLink = FALSE; RtlInitUnicodeString(&target_device_name, TARGET_DEVICE_NAME); status = IoGetDeviceObjectPointer(&target_device_name, 0, &target_file_object, &target_device_object ); if(!NT_SUCCESS(status)) { return status; } RtlInitUnicodeString(&ntDeviceName, NT_DEVICE_NAME); PDEVICE_OBJECT fido; /////////////建立设备fido/////////////////////////////////////////////////// status = IoCreateDevice(DriverObject, sizeof(DEVICE_EXTENSION), &ntDeviceName, FILE_DEVICE_UNKNOWN, 0, FALSE, &fido); if(!NT_SUCCESS(status)) { return status; } else { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION)fido->DeviceExtension; pdx->fdo = fido; //新设备对象放到堆栈上,返给你下一层设备对象的地址 PDEVICE_OBJECT fdo = IoAttachDeviceToDeviceStack(fido,target_device_object); pdx->NextStackDevice = fdo; //初始化设备标志 //DO_DIRECT_IO:(读写操作使用直接方式(内存描述符表)访问用户模式数据) //DO_BUFFERED_IO:(读写操作使用缓冲方式(系统复制缓冲区)访问用户模式数据) fido->Flags |= fdo->Flags & (DO_DIRECT_IO|DO_BUFFERED_IO); fido->Flags |= DO_POWER_PAGABLE; //必须在PASSIVE_LEVEL级上处理IRP_MJ_PNP请求 fido->DeviceType = fdo->DeviceType; fido->Characteristics = fdo->Characteristics; //清除DO_DEVICE_INITIALIZING 标志 fido->Flags &= ~DO_DEVICE_INITIALIZING; RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME); //建立符号连接 status = IoCreateSymbolicLink(&win32DeviceName, &ntDeviceName); if (!NT_SUCCESS(status)) { return status; } else { fSymbolicLink = TRUE; } } if (!NT_SUCCESS(status)) { if(fido) { IoDeleteDevice(fido); } if(fSymbolicLink) { IoDeleteSymbolicLink(&win32DeviceName); } return status; } ULONG i; for(i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++) { DriverObject->MajorFunction = MySendToNextDriver; } DriverObject->MajorFunction[IRP_MJ_READ] = MyDrvDeviceControl; DriverObject->MajorFunction[IRP_MJ_CREATE] = MyDrvDeviceControl; DriverObject->MajorFunction[IRP_MJ_SET_INFORMATION] = MyDrvDeviceControl; DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = MyDrvDeviceControl; DriverObject->DriverUnload = DriverUnload; return STATUS_SUCCESS; } /*-----------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------*/ VOID DriverUnload(IN PDRIVER_OBJECT DeviceObject) { UNICODE_STRING win32DeviceName; RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME); /* if(fido) { IoDeleteDevice(fido); } */ if(fSymbolicLink) { IoDeleteSymbolicLink(&win32DeviceName); } } /*-----------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------*/ NTSTATUS MySendToNextDriver(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp) { PDEVICE_EXTENSION deviceExtension; IoSkipCurrentIrpStackLocation(Irp); deviceExtension = (PDEVICE_EXTENSION)DeviceObject->DeviceExtension; return IoCallDriver(deviceExtension->NextStackDevice, Irp); } /*-----------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------*/ NTSTATUS MyDrvDeviceControl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) { //Irp->IoStatus.Status = STATUS_UNSUCCESSFUL; Irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; Irp->IoStatus.Information = 0; IoCompleteRequest(Irp, IO_NO_INCREMENT); return STATUS_INSUFFICIENT_RESOURCES; } |
|
|
沙发#
发布于:2004-11-19 20:34
贴个完整的上来......
|
|
|
|
板凳#
发布于:2004-11-20 08:57
显然你做的是个磁盘过滤驱动程序.
如果光驱里有盘, 那么说明文件系统已经MOUNT好了, 当然你的过滤驱动什么也改变不了. 文件系统直接和你下面的磁盘驱动打交道了. 拿出光盘, 文件系统被卸载, 再放入光盘, 这时文件系统重新MOUNT, 它就会和你的过滤驱动打交道, 你就可以禁用光驱了. 这时你不能卸载你的驱动. 当你拿出光盘, 文件系统UNMOUNT以后, 你可以卸载你的过滤驱动. 你在UNLOAD的时候, 首先要detach, 然后delete你的设备对象, 再delete你的符号连接. 这样应该不需要重启动. |
|