silence97
驱动牛犊
驱动牛犊
  • 注册日期2015-12-02
  • 最后登录2015-12-02
  • 粉丝0
  • 关注1
  • 积分3分
  • 威望21点
  • 贡献值0点
  • 好评度0点
  • 原创分0分
  • 专家分0分
阅读:976回复:1

关于IoWorkItem,DPC 的问题

楼主#
更多 发布于:2015-12-02 11:48
我想在DISPATCH_LEVEL下运行PASSIVE_LEVEL级别的函数,思路是创建线程,在线程中调用一个定时器,此时级别为DISPATCH,定时器的回调函数customDpc运行在了DISPATCH级别,我在customDPC函数中,使用IoWorkItem,该API运行在DISPATCH上,但是他的回调参数可以运行在PASSIVE上,我就是想这么实现,但是出现了BSOD,问题也不是LEVEL的问题,我觉得是IoWorkItem的使用问题, 大家帮忙看看  全部代码见2楼(代码可直接复制,编译也通过了)


silence97
驱动牛犊
驱动牛犊
  • 注册日期2015-12-02
  • 最后登录2015-12-02
  • 粉丝0
  • 关注1
  • 积分3分
  • 威望21点
  • 贡献值0点
  • 好评度0点
  • 原创分0分
  • 专家分0分
沙发#
发布于:2015-12-02 11:48
#include<stdio.h>
#include<stdlib.h>
#include "ntddk.h"

typedef struct my_info{
int age;
int weight;
char* name;
}myInfo, *PmyInfo;
VOID ThreadStart(IN PVOID StartContext);

VOID CustomDpc(IN struct _KDPC *Dpc,
 IN PVOID DeferredContext,
 IN PVOID SystemArgument1,
 IN PVOID SystemArgument2);
 
VOID SyncTechUnload(IN PDRIVER_OBJECT DriverObject);
VOID workItem();
KTIMER Timer;   //?????????????????
PDEVICE_OBJECT DeviceObject;
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING  RegistryPath)
{
HANDLE hThread;
OBJECT_ATTRIBUTES ObjectAttributes;
CLIENT_ID  CID;
NTSTATUS status;
UNICODE_STRING DeviceName, Win32Device;


KdPrint(("dpc:DriverEntry Cur Process:%s Cur IRQL:%d\n",
(char*)((ULONG)IoGetCurrentProcess()+0x174), KeGetCurrentIrql()));

RtlInitUnicodeString(&DeviceName, L"\\Device\\Dpc0");
RtlInitUnicodeString(&Win32Device, L"\\DosDevices\\Dpc0");
status = IoCreateDevice(DriverObject,
10,
&DeviceName,
FILE_DEVICE_UNKNOWN,
0,
FALSE,
&DeviceObject);
if(!NT_SUCCESS(status))
return status;
if(!DeviceObject)
{
KdPrint(("dpc:DeviceObject is failure\n"));    
return STATUS_UNEXPECTED_IO_ERROR;
}
//初始化定时器
KeInitializeTimer(&Timer);
DriverObject->DriverUnload = SyncTechUnload;
InitializeObjectAttributes(&ObjectAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL);
//创建一个系统线程
status = PsCreateSystemThread(
&hThread,
GENERIC_READ|GENERIC_WRITE,
&ObjectAttributes,
NtCurrentProcess(),
&CID,
(PKSTART_ROUTINE)ThreadStart,
NULL
);
if (!NT_SUCCESS(status))
{
KdPrint(("dpc:PsCreateSystemThread failure!\n"));
return 0;
}
ZwClose(hThread);
KdPrint(("Exit\n"));
return STATUS_SUCCESS;
}

VOID ThreadStart(IN PVOID StartContext)
{
LARGE_INTEGER DueTime;
KDPC Dpc;
PmyInfo pmyInfo;
KdPrint(("dpc:Cur Process: %s IRQL:%d\n",
(char*)((ULONG)IoGetCurrentProcess()+0x174), KeGetCurrentIrql()));
pmyInfo = ExAllocatePool(NonPagedPool, sizeof(myInfo));
pmyInfo->age = 23;
pmyInfo->weight = 60;
pmyInfo->name = "zc";
//KdPrint(("dpc: my age is %d , my weight is %d \n", context->age, context->weight));
DueTime = RtlConvertLongToLargeInteger(-100000000);
//初始化一个Dpc
KeInitializeDpc(&Dpc, (PKDEFERRED_ROUTINE)CustomDpc, pmyInfo);
//设置DPC定时器
KeSetTimer(&Timer, DueTime, &Dpc);
//等待定时器
KeWaitForSingleObject(&Timer, Executive, KernelMode, FALSE, NULL);
KdPrint(("dpc:ThreadStart time expire"));
return;
}

//简单输出进程名和当前的IRQL,注意该函数运行在dispatch级别

VOID CustomDpc(IN struct _KDPC *Dpc,
 IN PmyInfo pmyInfo,
 IN PVOID SystemArgument1,
 IN PVOID SystemArgument2)
{

PIO_WORKITEM pIoWorkItem;
KdPrint(("dpc:CustomDpc Process: %s IRQL:%d\n",
(char*)((ULONG)IoGetCurrentProcess()+0x174), KeGetCurrentIrql()));

  
  KdPrint(("dpc: my age is %d , my weight is %d, my name is %s\n",
          pmyInfo->age, pmyInfo->weight, pmyInfo->name));
          
  pIoWorkItem = IoAllocateWorkItem(DeviceObject);
  if(pIoWorkItem)
  {
      IoQueueWorkItem(pIoWorkItem, (PIO_WORKITEM_ROUTINE)workItem, DelayedWorkQueue, NULL);
  }

}

VOID workItem()  //IoWorkItem回调函数
{
KdPrint(("dpc:workItem Process: %s IRQL:%d\n",
(char*)((ULONG)IoGetCurrentProcess()+0x174), KeGetCurrentIrql()));
}


VOID SyncTechUnload(IN PDRIVER_OBJECT DriverObject)
{
KdPrint(("dpc:DpcTest unload!\n"));
}
游客

返回顶部