您的位置:首页 > 其它

加载NT驱动

2013-04-01 17:33 204 查看
// LoadNTDriver.cpp : 定义控制台应用程序的入口点。
//

#include "stdafx.h"
#include <Windows.h>
#include <winsvc.h>
#include <conio.h>
#include <stdio.h>

#define DRIVER_NAME TEXT("HelloDDK")
#define DRIVER_PATH TEXT("..\\Driver Debug\\HelloDDK.sys")

/************************************************************************
* 函数名称:LoadNTDriver
* 功能描述:装在NT驱动程序
* 参数列表:
lpszDriverName:驱动名
lpszDriverPath:驱动路径
* 返回 值:是否卸载成功BOOL
*************************************************************************/
BOOL LoadNTDriver(TCHAR * lpszDriverName,
TCHAR * lpszDriverPath)
{
TCHAR szDriverImagePath[256];
//得到完整的驱动路径
GetFullPathName(lpszDriverPath, 256, szDriverImagePath, NULL);

BOOL bRet = FALSE;

SC_HANDLE hServiceMgr = NULL;//SCM管理器的句柄
SC_HANDLE hServiceDDK = NULL;//TN驱动程序的服务句柄

//SC_MANAGER_ALL_ACCESS 使用权限
hServiceMgr = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);

if( hServiceMgr == NULL )
{
//OpenSCManager失败
printf("OpenSCManager() Faild %d ! \n", GetLastError());
bRet = FALSE;
goto BeforeLeave;
}
else
{
//OpenSCManager成功
printf("OpenSCManager() ok ! \n");
}

//创建驱动所对应的服务
hServiceDDK = CreateService(hServiceMgr,
lpszDriverName, //驱动程序的在注册表中的名字
lpszDriverName, // 注册表驱动程序的 DisplayName 值
SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限
SERVICE_KERNEL_DRIVER, // 表示加载的服务是驱动程序
SERVICE_DEMAND_START, // 注册表驱动程序的 Start 值
SERVICE_ERROR_IGNORE, // 注册表驱动程序的 ErrorControl 值
szDriverImagePath, // 注册表驱动程序的 ImagePath 值
NULL,
NULL,
NULL,
NULL,
NULL);

DWORD dwRtn;
//判断服务是否失败
if( hServiceDDK == NULL )
{
dwRtn = GetLastError();
if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS )
{
//由于其他原因创建服务失败
printf("CreateService() Faild %d ! \n", dwRtn);
bRet = FALSE;
goto BeforeLeave;
}
else
{
//服务创建失败,是由于服务已经创建过
printf("CreateService() Faild Service is ERROR_IO_PENDING OR ERROR_SERVICE_EXISTS ! \n");
}

//驱动程序已经加载,只需要打开
hServiceDDK = OpenService( hServiceMgr, lpszDriverName, SERVICE_ALL_ACCESS );
if( hServiceDDK == NULL )
{
//如果打开服务也失败,则意味着错误
dwRtn = GetLastError();
printf("OpenService() Faild %d ! \n", dwRtn);
bRet = FALSE;
goto BeforeLeave;
}
else
{
printf("OpenService() ok ! \n");
}
}
else
{
printf("CreateService() ok ! \n");
}

//开启此项服务
bRet = StartService( hServiceDDK, NULL, NULL );
if( !bRet )
{
DWORD DWORD = GetLastError();
if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING )
{
//开启服务失败
printf("StartSrivce() Faild %d ! \n", dwRtn);
bRet = FALSE;
goto BeforeLeave;
}
else
{
if( dwRtn == ERROR_IO_PENDING )
{
//设备被挂住
printf( "StartService() Faild ERROR_IO_PENDING ! \n" );
bRet = FALSE;
goto BeforeLeave;
}
else
{
//服务已经开启
printf( "StartService() ok ERROR_SERVICE_ALREADY_RUNNING ! \n" );
bRet = TRUE;
goto BeforeLeave;
}
}
}

bRet = TRUE;

//离开前关闭句柄
BeforeLeave:
if(hServiceDDK)
CloseServiceHandle(hServiceDDK);
if(hServiceMgr)
CloseServiceHandle(hServiceMgr);
return bRet;
}

/************************************************************************
* 函数名称:UnloadNTDriver
* 功能描述:卸载驱动程序
* 参数列表:
szSvrName:服务名
* 返回 值:是否卸载成功BOOL
*************************************************************************/
BOOL UnloadNTDriver(TCHAR * szSvrName)
{
BOOL bRet = FALSE;
SC_HANDLE hServiceMgr = NULL;//SCM管理器的句柄
SC_HANDLE hServiceDDK = NULL;//TN驱动程序的服务句柄
SERVICE_STATUS SvrSta;
//打开SCM管理器
hServiceMgr = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS );
if( hServiceMgr == NULL )
{
//打开SCM管理器失败
printf( "OpenSCManager() Faild %d \n", GetLastError() );
bRet = FALSE;
goto BeforeLeave;
}
else
{
//打开SCM管理器成功
printf( "OpenSCManager() ok ! \n" );
}

//打开驱动所对应的服务
hServiceDDK = OpenService( hServiceMgr, szSvrName, SERVICE_ALL_ACCESS );

if( hServiceDDK == NULL )
{
//打开驱动所对应的服务失败
printf( "OpenService() Faild %d \n", GetLastError() );
bRet = FALSE;
goto BeforeLeave;
}
else
{
printf( "OpenService() ok ! \n" );
}

//停止驱动程序,如果停止失败,只有重新启动才能,再动态加载
//SERVICE_CONTROL_CONTINUE:针对暂停的服务发出继续运行的命令
//SERVICE_CONTROL_PAUSE:针对正运行的服务发出暂停的命令
//SERVICE_CONTROL_STOP:针对运行的服务发出停止的命令
if( !ControlService( hServiceDDK, SERVICE_CONTROL_STOP, &SvrSta) )
{
printf( "ControlService() Faild %d ! \n", GetLastError());
}
else
{
//打开驱动所对应的失败
printf("ControlService() ok ! \n");
}

//动态卸载驱动程序
if( !DeleteService( hServiceDDK) )
{
//卸载失败
printf( "DeleteService() Faild %d !\n", GetLastError() );
}
else
{
//卸载成功
printf( "DeleteService() ok !\n" );
}

bRet = TRUE;

//离开前 关闭打开的句柄
BeforeLeave:
if( hServiceDDK )
CloseServiceHandle(hServiceDDK);
if( hServiceMgr )
CloseServiceHandle(hServiceMgr);
return bRet;
}

/************************************************************************
* 函数名称:TestDriver
* 功能描述:测试驱动程序
* 参数列表:
* 返回 值:void
*************************************************************************/
void TestDriver()
{
//测试驱动程序
HANDLE hDevice = CreateFile(_T("\\\\.\\HelloDDK"),
GENERIC_WRITE | GENERIC_READ,
0,
NULL,
OPEN_EXISTING,
0,
NULL);
if( hDevice != INVALID_HANDLE_VALUE )
{
printf( "Create Device ok ! \n" );
}
else
{
printf( "Create Device faild %d !\n", GetLastError() );
}

CloseHandle(hDevice);

}

int _tmain(int argc, _TCHAR* argv[])
{
//加载驱动
BOOL bRet = LoadNTDriver(DRIVER_NAME,DRIVER_PATH);
if (!bRet)
{
printf("LoadNTDriver error\n");
return 0;
}
//加载成功

printf( "press any to create device!\n" );
getch();

TestDriver();

//这时候你可以通过注册表,或其他查看符号连接的软件验证。
printf( "press any to unload the driver!\n" );
getch();

//卸载驱动
UnloadNTDriver(DRIVER_NAME);
if (!bRet)
{
printf("UnloadNTDriver error\n");
return 0;
}

return 0;
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: