阅读:1931回复:1
如何实现NDIS中间层驱动程序的动态加载?
听说snetcfg就可以解决自动安装的问题,Bindview可以解决动态加载的问题
。哪位老大可以解释一下,或者把XP DDK里那个bindview代码发给我??? 多谢了!! |
|
沙发#
发布于:2005-02-20 13:18
先贴个动态加载驱动的代码,转的。我改了一下。
#include <windows.h> #include <winsvc.h> #include <conio.h> #include<stdio.h> #define dname "\\wdm1.sys" #define sevname "wdm1"///驱动程序的在注册表中的名字 #define disname "wdm1"// 注册表驱动程序的 DisplayName 值 #define filename "\\\\.\\wdm1" void DelSvr( char * szSvrName ); //自动卸载驱动程序。 int main(int argc, char* argv[]) { HANDLE hWdm; printf("Hello World!\n"); SC_HANDLE hServiceMgr, hServiceTwdm; BOOL bRtn; DWORD dwRtn, dwSize = 256; char szDir[256]; if( argc > 1 ) //加任一个参数表示卸载驱动程序。 { DelSvr( dname ); return 0; } GetCurrentDirectory( dwSize, szDir );//取当前目录 strcat( szDir, dname ); //取驱动程序的全路径 LPCTSTR lpszBinaryPathName = TEXT(szDir); hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS ); //打开服务控制管理器 if( hServiceMgr == NULL ) { printf( "OpenSCManager() Faild %d ! n", GetLastError() ); return 0; } else { printf( "OpenSCManager() ok ! n" ); } hServiceTwdm = CreateService( hServiceMgr, TEXT(sevname), //SYSTEMCurrentControlSetServices 驱动程序的在注册表中的名字 TEXT(disname), // 注册表驱动程序的 DisplayName 值 SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限 SERVICE_KERNEL_DRIVER,// 表示加载的服务是驱动程序 SERVICE_DEMAND_START, // 注册表驱动程序的 Start 值 SERVICE_ERROR_IGNORE, // 注册表驱动程序的 ErrorControl 值 lpszBinaryPathName, // 注册表驱动程序的 ImagePath 值 NULL, NULL, NULL, NULL, NULL); if( hServiceTwdm == NULL ) { dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS ) { CloseServiceHandle( hServiceMgr ); printf( "CrateService() Faild %d ! n", dwRtn ); return 0; } else { printf( "CrateService() Faild Service is ERROR_IO_PENDING or ERROR_SERVICE_EXISTS! n" ); } // 驱动程序已经加载,只需要打开 hServiceTwdm = OpenService( hServiceMgr, TEXT(sevname), SERVICE_ALL_ACCESS ); if( hServiceTwdm == NULL ) { dwRtn = GetLastError(); CloseServiceHandle( hServiceMgr ); printf( "OpenService() Faild %d ! n", dwRtn ); return 0; } else { printf( "OpenService() ok ! n" ); } } else { printf( "CrateService() ok ! n" ); } // 启动驱动程序,调用驱动程序的 DriverEntry 函数 bRtn = StartService( hServiceTwdm, NULL, NULL ); if( !bRtn ) { dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING ) { printf( "StartService() Faild %d ! n", dwRtn ); CloseServiceHandle( hServiceTwdm ); CloseServiceHandle( hServiceMgr ); return 0; } else { if( dwRtn != ERROR_IO_PENDING ) { printf( "StartService() Faild ERROR_IO_PENDING ! n"); } else { printf( "StartService() Faild ERROR_SERVICE_ALREADY_RUNNING ! n"); } } } //测试驱动程序 hWdm = CreateFile(filename, GENERIC_WRITE | GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL); if( hWdm != INVALID_HANDLE_VALUE ) { printf( "Open Driver Twdm ok ! n" ); } else { printf( "Open Driver Twdm faild %d ! n", GetLastError() ); } CloseHandle( hWdm ); CloseServiceHandle( hServiceTwdm ); CloseServiceHandle( hServiceMgr ); //这时候你可以通过注册表,或其他查看符号连接的软件验证。 printf( "按任意键 卸载驱动程序 !n" ); getch(); //卸载驱动程序。 DelSvr(sevname ); return 0; } //卸载驱动程序。 void DelSvr( char * szSvrName ) { SC_HANDLE hServiceMgr, hServiceTwdm; SERVICE_STATUS SvrSta; hServiceMgr = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS ); if( hServiceMgr == NULL ) { printf( "DelSvr::OpenSCManager() Faild %d ! n", GetLastError() ); return; } else { printf( "DelSvr::OpenSCManager() ok ! n" ); } hServiceTwdm = OpenService( hServiceMgr, TEXT(szSvrName), SERVICE_ALL_ACCESS ); if( hServiceTwdm == NULL ) { CloseServiceHandle( hServiceMgr ); printf( "DelSvr::OpenService() Faild %d ! n", GetLastError() ); return; } else { printf( "DelSvr::OpenService() ok ! n" ); } //停止驱动程序,如果停止失败,只有重新启动才能,再动态加载。 if( !ControlService( hServiceTwdm, SERVICE_CONTROL_STOP , &SvrSta ) ) { printf( "DelSvr::ControlService() Faild %d !n", GetLastError() ); } else { printf( "DelSvr::ControlService() ok !n" ); } //动态卸载驱动程序。 if( !DeleteService( hServiceTwdm ) ) { printf( "DelSvr:eleteSrevice() Faild %d !n", GetLastError() ); } else { printf( "DelSvr:eleteSrevice() ok !n" ); } CloseServiceHandle( hServiceTwdm ); CloseServiceHandle( hServiceMgr ); return; } |
|