- 本节主要介绍驱动开发的一些基础知识。
转自:
http://blog.csdn.net/baggiowangyu/article/details/7804567
1. 驱动程序的基本组成
1.1. 最经常见到的数据结构
a. DRIVER_OBJECT驱动对象
- // WDK中对驱动对象的定义
- // 每个驱动程序都会有一个唯一的驱动对象与之对应
- // 它是在驱动加载时被内核对象管理程序创建的
- typedef struct _DRIVER_OBJECT {
- CSHORT Type;
- CSHORT Size;
- //
- // The following links all of the devices created by a single driver
- // together on a list, and the Flags word provides an extensible flag
- // location for driver objects.
- //
- PDEVICE_OBJECT DeviceObject;
- ULONG Flags;
- //
- // The following section describes where the driver is loaded. The count
- // field is used to count the number of times the driver has had its
- // registered reinitialization routine invoked.
- //
- PVOID DriverStart;
- ULONG DriverSize;
- PVOID DriverSection;
- PDRIVER_EXTENSION DriverExtension;
- //
- // The driver name field is used by the error log thread
- // determine the name of the driver that an I/O request is/was bound.
- //
- UNICODE_STRING DriverName;
- //
- // The following section is for registry support. Thise is a pointer
- // to the path to the hardware information in the registry
- //
- PUNICODE_STRING HardwareDatabase;
- //
- // The following section contains the optional pointer to an array of
- // alternate entry points to a driver for "fast I/O" support. Fast I/O
- // is performed by invoking the driver routine directly with separate
- // parameters, rather than using the standard IRP call mechanism. Note
- // that these functions may only be used for synchronous I/O, and when
- // the file is cached.
- //
- PFAST_IO_DISPATCH FastIoDispatch;
- //
- // The following section describes the entry points to this particular
- // driver. Note that the major function dispatch table must be the last
- // field in the object so that it remains extensible.
- //
- PDRIVER_INITIALIZE DriverInit;
- PDRIVER_STARTIO DriverStartIo;
- PDRIVER_UNLOAD DriverUnload;
- PDRIVER_DISPATCH MajorFunction[IRP_MJ_MAXIMUM_FUNCTION + 1];
- } DRIVER_OBJECT;
- typedef struct _DRIVER_OBJECT *PDRIVER_OBJECT;
参数说明:
- DeviceObject : 每个驱动程序都会有至少一个设备对象。每个设备对象都有一个指向下一个设备对象的指针,最后一个设备对象指向空。此参数指的是驱动对象的第一个设备对象。设备对象的创建与删除都是由程序员自行处理的。
- DriverName : 驱动名称,由UNICODE_STRING记录。一般格式为\Driver\[DriverName]。
- HardwareDatabase : 设备的硬件数据库名称。一般格式为\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM。
- DriverStartIo : 记录StartIO派发函数地址,用于序列化操作。
- DriverUnload : 指定驱动卸载时的回调函数地址。
- MajorFunction : 记录处理IRP的派发函数的函数地址。
- FastIoDispatch : 文件驱动中会用到此成员,用于处理快速IO请求。
驱动对象图解:
b. DEVICE_OBJECT设备对象
- // WDK定义的设备对象
- typedef struct DECLSPEC_ALIGN(MEMORY_ALLOCATION_ALIGNMENT) _DEVICE_OBJECT {
- CSHORT Type;
- USHORT Size;
- LONG ReferenceCount;
- struct _DRIVER_OBJECT *DriverObject;
- struct _DEVICE_OBJECT *NextDevice;
- struct _DEVICE_OBJECT *AttachedDevice;
- struct _IRP *CurrentIrp;
- PIO_TIMER Timer;
- ULONG Flags; // See above: DO_...
- ULONG Characteristics; // See ntioapi: FILE_...
- __volatile PVPB Vpb;
- PVOID DeviceExtension;
- DEVICE_TYPE DeviceType;
- CCHAR StackSize;
- union {
- LIST_ENTRY ListEntry;
- WAIT_CONTEXT_BLOCK Wcb;
- } Queue;
- ULONG AlignmentRequirement;
- KDEVICE_QUEUE DeviceQueue;
- KDPC Dpc;
- //
- // The following field is for exclusive use by the filesystem to keep
- // track of the number of Fsp threads currently using the device
- //
- ULONG ActiveThreadCount;
- PSECURITY_DESCRIPTOR SecurityDescriptor;
- KEVENT DeviceLock;
- USHORT SectorSize;
- USHORT Spare1;
- struct _DEVOBJ_EXTENSION *DeviceObjectExtension;
- PVOID Reserved;
- } DEVICE_OBJECT;
- typedef struct _DEVICE_OBJECT *PDEVICE_OBJECT;
参数说明:
- DriverObject : 指向驱动程序中的驱动对象。如果多个设备对象属于同一个驱动程序,则它们所指的驱动对象是相同的。
- NextDevice : 指向下一个设备对象。
- AttachedDevice : 指向下一个设备对象。如果有更高一层的驱动附加到这个驱动的时候,其指向的就是更高一层的那个驱动。
- CurrentIrp : 使用StartIO派发函数的时候,它指向的是当前的IRP结构
- Flags : 标志域,32位无符号整形,其值有以下几种:
- DO_BUFFERED_IO : 读写操作使用缓冲方式(系统复制缓冲区)访问用户模式数据。
- DO_EXCLUSIVE : 一次只允许一个线程打开设备句柄。
- DO_DIRECT_IO : 读写操作使用直接方式(内存描述表)访问用户模式数据。
- DO_DEVICE_INITIALIZING : 设备对象正在初始化。
- DO_P