|
阅读:1353回复:3
构造IRP
高手进来看看,帮帮忙,构造IRP 的问题。
文件系统识别器的代码,我现在想调用这个函数从磁盘读取数据,读取不出来啊。 NTSTATUS FsRecReadSectors(IN PDEVICE_OBJECT DeviceObject, IN ULONG DiskSector, IN ULONG SectorCount, IN ULONG SectorSize, IN OUT PUCHAR Buffer) { PIO_STACK_LOCATION Stack; IO_STATUS_BLOCK IoStatus; LARGE_INTEGER Offset; ULONG BlockSize; PKEVENT Event; PIRP Irp; NTSTATUS Status; Event = ExAllocatePool(NonPagedPool, sizeof(KEVENT)); if (Event == NULL) { return(STATUS_INSUFFICIENT_RESOURCES); } KeInitializeEvent(Event, NotificationEvent, FALSE); Offset.QuadPart = (LONGLONG)DiskSector * (LONGLONG)SectorSize; BlockSize = SectorCount * SectorSize; KdPrint( ("FsrecReadSectors(DeviceObject %x, DiskSector %d, Buffer %x)\n", DeviceObject, DiskSector, Buffer) ); KdPrint( ("Offset %I64x BlockSize %ld\n", Offset.QuadPart, BlockSize) ); KdPrint( ("Building synchronous FSD Request...\n") ); Irp = IoBuildSynchronousFsdRequest(IRP_MJ_READ, DeviceObject, Buffer, BlockSize, &Offset, Event, &IoStatus); if (Irp == NULL) { KdPrint( ("IoBuildSynchronousFsdRequest failed\n") ); ExFreePool(Event); return(STATUS_INSUFFICIENT_RESOURCES); } KdPrint( ("Calling IO Driver... with irp %x\n", Irp) ); //Status = IoCallDriver(DeviceObject, Irp); Status = Read_CallHookIRP( DeviceObject, Irp ); if (Status == STATUS_PENDING) { KdPrint( ("Operation pending\n") ); KeWaitForSingleObject(Event, Suspended, KernelMode, FALSE, NULL); Status = IoStatus.Status; } ExFreePool(Event); return(STATUS_SUCCESS); } 为什么我调用这个函数总是读不出数据,但返回的结果都是成功的。这个函数对(PDEVICE_OBJECT DeviceObject)有什么要求啊,请高手讲解讲解啊。 |
|
|
沙发#
发布于:2008-10-16 15:00
顶一下
|
|
|
板凳#
发布于:2008-10-16 16:11
对这个不甚了解,函数结束return值就是STATUS_SUCCESS,如果改成IoStatus.Status也是成功吗?还是Read_CallHookIRP函数有问题,没得到数据?你自己仔细调试一下……我自己构造IRP经常死锁,汗……
|
|
|
|
地板#
发布于:2008-10-16 16:26
谢谢关注啊。Read_CallHookIRP 等同于 IoCallDriver 就是 HOOK \\Driver\\Disk 驱动的IRP_MJ_READ 函数,避免重入。
|
|