|
阅读:1741回复:6
使用DeviceIoControl后应用程序无法退出(关闭)?
我写了一个简单的驱动程序,主要实现应用程序与驱动程序
之间相互交换数据,但是发现应用程序只能加载一次,关闭后 还能在进程中见到它。 在基于对话框应用中: void OnClickSetData() { HANDLE hWdm = CreateFile(\"\\\\\\\\.\\\\Twdm1\", GENERIC_WRITE | GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL ); if( hWdm != INVALID_HANDLE_VALUE ) { char m_dwOptions[10]; DWORD bytesWrite; m_dwOptions[0] = \'a\'; m_dwOptions[1] = \'b\'; m_dwOptions[2] = \'c\'; m_dwOptions[3] = \'d\'; m_dwOptions[4] = \'e\'; printf( \"Open Driver Twdm ok ! \\n\" ); if( DeviceIoControl(hWdm ,IOCTL_SET_FILTER, ( char * )m_dwOptions, 10, ( char * )m_dwOptions, 10, &bytesWrite, NULL ) ) { printf( \"IOCTL_SET_FILTER ! \\n\" ); } else { printf( \"IOCTL_SET_FILTER erro \\n\" ); } } else { printf( \"Open Driver Twdm faild %d ! \\n\", GetLastError() ); } CloseHandle( hWdm ); } } 驱动程序: #include <ntddk.h> #define IOCTL_SET_FILTER \\ CTL_CODE(0x8000, 801, METHOD_BUFFERED, FILE_ANY_ACCESS) #define NT_DEVICE_NAME L\"\\\\Device\\\\Twdm1\" #define DOS_DEVICE_NAME L\"\\\\DosDevices\\\\Twdm1\" NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ); NTSTATUS DispatchCreate(PDEVICE_OBJECT fdo, PIRP Irp); NTSTATUS DispatchClose(PDEVICE_OBJECT fdo, PIRP Irp); NTSTATUS DispatchControl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp); VOID GpdUnload(PDRIVER_OBJECT DriverObject); NTSTATUS CompleteRequest(IN PIRP Irp, IN NTSTATUS status, IN ULONG_PTR info); ////////////////////// PDEVICE_OBJECT fdo; BOOLEAN fSymbolicLink; NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { //UNREFERENCED_PARAMETER (RegistryPath); NTSTATUS status; UNICODE_STRING ntDeviceName; UNICODE_STRING win32DeviceName; DbgPrint( \"TWDM: DriverEntry for Twdm.sys ...... \\n\" ); fSymbolicLink = FALSE; // // Create dispatch points for the IRPs. // DriverObject->MajorFunction[IRP_MJ_CREATE] = DispatchCreate; DriverObject->MajorFunction[IRP_MJ_CLOSE] = DispatchClose; DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DispatchControl; DriverObject->DriverUnload = GpdUnload; //DriverObject->MajorFunction[IRP_MJ_PNP] = GpdDispatchPnp; //DriverObject->MajorFunction[IRP_MJ_POWER] = GpdDispatchPower; //DriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = GpdDispatchSystemControl; //DriverObject->DriverExtension->AddDevice = GpdAddDevice; RtlInitUnicodeString(&ntDeviceName, NT_DEVICE_NAME); status = IoCreateDevice(DriverObject, 0, &ntDeviceName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &fdo); if (!NT_SUCCESS (status)) { DbgPrint( \"TWDM: IoCreateDevice() faild ! \\n\" ); } else { DbgPrint( \"TWDM: IoCreateDevice() ok ! \\n\" ); RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME); status = IoCreateSymbolicLink( &win32DeviceName, &ntDeviceName ); if (!NT_SUCCESS(status)) { DbgPrint( \"TWDM: IoCreateSymbolicLink() faild ! \\n\" ); } else { DbgPrint( \"TWDM: IoCreateSymbolicLink() ok ! \\n\" ); fSymbolicLink = TRUE; } fdo->Flags &= ~DO_DEVICE_INITIALIZING; } if (!NT_SUCCESS(status)) { if(fdo) { IoDeleteDevice(fdo); } if(fSymbolicLink) { IoDeleteSymbolicLink(&win32DeviceName); } } return status; } NTSTATUS DispatchControl(PDEVICE_OBJECT fdo, PIRP Irp) { unsigned long info; unsigned long cbin; unsigned long cbout; unsigned long code; PDEVICE_EXTENSION pdx; PIO_STACK_LOCATION stack; NTSTATUS status; // DispatchControl pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; status = IoAcquireRemoveLock(&pdx->RemoveLock, Irp); if (!NT_SUCCESS(status)) return CompleteRequest(Irp, status, 0); info = 0; stack = IoGetCurrentIrpStackLocation(Irp); cbin = stack->Parameters.DeviceIoControl.InputBufferLength; cbout = stack->Parameters.DeviceIoControl.OutputBufferLength; code = stack->Parameters.DeviceIoControl.IoControlCode; switch (code) { // process request case IOCTL_SET_FILTER: break; default: status = STATUS_INVALID_DEVICE_REQUEST; break; } // process request IoReleaseRemoveLock(&pdx->RemoveLock, Irp); return CompleteRequest(Irp, status, info); } NTSTATUS CompleteRequest(IN PIRP Irp, IN NTSTATUS status, IN ULONG_PTR info) { // CompleteRequest Irp->IoStatus.Status = status; Irp->IoStatus.Information = info; IoCompleteRequest(Irp, IO_NO_INCREMENT); return status; } // CompleteRequest // DispatchControl NTSTATUS DispatchCreate(PDEVICE_OBJECT fdo, PIRP Irp) { NTSTATUS status; DbgPrint( \"TWDM: IRP_MJ_CREATE for Twdm.sys ...... \\n\" ); status = STATUS_SUCCESS; Irp->IoStatus.Status = status; Irp->IoStatus.Information = 0; IoCompleteRequest( Irp, IO_NO_INCREMENT ); return status; } // DispatchCreate NTSTATUS DispatchClose(PDEVICE_OBJECT fdo, PIRP Irp) { // DispatchClose NTSTATUS status; DbgPrint( \"TWDM: IRP_MJ_CLOSE for Twdm.sys ...... \\n\" ); status = STATUS_SUCCESS; Irp->IoStatus.Status = status; Irp->IoStatus.Information = 0; IoCompleteRequest( Irp, IO_NO_INCREMENT ); return status; } // DispatchClose VOID GpdUnload(PDRIVER_OBJECT DriverObject) { UNICODE_STRING win32DeviceName; DbgPrint( \"TWDM: GpdUnload() for Twdm.sys ...... \\n\" ); RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME); if(fdo) { IoDeleteDevice(fdo); } if(fSymbolicLink) { IoDeleteSymbolicLink(&win32DeviceName); } } 我用DriverStudio的Driver monitor加载驱动程序后,再用上面的应用程序对它控制,发现虽然应用程序窗口关闭了,但是在按CTRL+ALT+DEL时居然还在进程列表中,而且Driver monitor也无法卸载驱动程序了。 注:当我不用应用程序对它控制时Driver monitor可以正常加、卸载驱动程序, 不知应该怎么样解决? |
|
|
|
沙发#
发布于:2003-02-22 12:48
这个问题一般是在驱动程序里面没有向上返回正确的info,你在DispatchControl例程里只给info置了初值0,传给 CompleteRequest的参数info可能就不确定了。你用softice调试一下,可能就在 CompleteRequest里出毛病的。
|
|
|
|
板凳#
发布于:2003-02-22 13:21
关闭后还能在进程中见到它,
是指驱动没有卸栽吗? |
|
|
|
地板#
发布于:2003-02-22 19:31
没见到你的IoInitializeRemoveLock,是在别的地方吗?
|
|
|
|
地下室#
发布于:2003-02-26 18:44
驱动和应用程序都无法退出,驱动显示当前不可控制的错误。
|
|
|
|
5楼#
发布于:2003-02-26 18:49
IoInitializeRemoveLock是在别的地方
|
|
|
|
6楼#
发布于:2003-02-26 18:53
哪位大虾能给我一个例子,不胜感激!
Email: wangwolue@163.net |
|
|