//========================================================================
//TITLE:
// 串口伪驱动实例
//AUTHOR:
// norains
//DATE:
// Monday 23-April-2007
//Environment:
// EVC4.0 + Standard SDK 4.2
// EVC4.0 + Standard SDK 5.0
//========================================================================
所谓的伪驱动,就是不是真正意义上的驱动;而挂着驱动的名号,却又是因为和底层驱动有着千丝万缕的联系.
在此之前,先让我们看看wince的驱动结构:(图1)

而我们的伪驱动是挂接在PDD层之上,MDD层之下,形成一个"通道":(图2)

伪驱动的实现其实很简单,对外实现MDD层的借口,而其内则是通过调用原串口驱动实现其功能.
现在以夏普LH7A404平台为基础编写串口伪驱动,代码如下:

//--------------------------------------------------------------------
//Macrodefine

//ForSHARPLH404
#defineCOM_DLL_PATHTEXT("/WINDOWS/OEMserial.dll")

//-------------------------------------------------------------------
//Functiondefine
typedefHANDLE(WINAPI*DLL_COM_INIT)(ULONGIdentifie);
typedefBOOL(WINAPI*DLL_COM_DEINIT)(void);
typedefHANDLE(WINAPI*DLL_COM_OPEN)(HANDLEpContext,DWORDAccessCode,DWORDShareMode);
typedefBOOL(WINAPI*DLL_COM_CLOSE)(DWORDpContext);
typedefULONG(WINAPI*DLL_COM_READ)(HANDLEpContext,PUCHARpTargetBuffer,ULONGBufferLength,PULONGpBytesRead);
typedefULONG(WINAPI*DLL_COM_WRITE)(HANDLECOM_Write,PUCHARpSourceBytes,ULONGNumberOfBytes);
typedefBOOL(WINAPI*DLL_COM_POWERDOWN)(HANDLEpContext);
typedefBOOL(WINAPI*DLL_COM_POWERUP)(HANDLEpContext);
typedefBOOL(WINAPI*DLL_COM_IOCONTROL)(DWORDdwOpenData,DWORDdwCode,PBYTEpBufIn,DWORDdwLenIn,PBYTEpBufOut,DWORDdwLenOut,PDWORDpdwActualOut);
typedefDWORD(WINAPI*DLL_COM_SEEK)(DWORDhOpenContext,longAmount,WORDType);


DLL_COM_INITCOM_INIT;
DLL_COM_DEINITCOM_DEINIT;
DLL_COM_OPENCOM_OPEN;
DLL_COM_CLOSECOM_CLOSE;
DLL_COM_READCOM_READ;
DLL_COM_WRITECOM_WRITE;
DLL_COM_SEEKCOM_SEEK;
DLL_COM_POWERDOWNCOM_POWERDOWN;
DLL_COM_POWERUPCOM_POWERUP;
DLL_COM_IOCONTROLCOM_IOCONTROL;
//-------------------------------------------------------------------
BOOLAPIENTRYDllMain(HANDLEhModule,DWORDul_reason_for_call,LPVOIDlpReserved)

...{

HINSTANCEhInstComDll=LoadLibrary(COM_DLL_PATH);
if(hInstComDll!=NULL)

...{
COM_INIT=(DLL_COM_INIT)GetProcAddress(hInstComDll,TEXT("COM_Init"));
COM_DEINIT=(DLL_COM_DEINIT)GetProcAddress(hInstComDll,TEXT("COM_Deinit"));
COM_OPEN=(DLL_COM_OPEN)GetProcAddress(hInstComDll,TEXT("COM_Open"));
COM_CLOSE=(DLL_COM_CLOSE)GetProcAddress(hInstComDll,TEXT("COM_Close"));
COM_READ=(DLL_COM_READ)GetProcAddress(hInstComDll,TEXT("COM_Read"));
COM_WRITE=(DLL_COM_WRITE)GetProcAddress(hInstComDll,TEXT("COM_Write"));
COM_POWERDOWN=(DLL_COM_POWERDOWN)GetProcAddress(hInstComDll,TEXT("COM_PowerDown"));
COM_POWERUP=(DLL_COM_POWERUP)GetProcAddress(hInstComDll,TEXT("COM_PowerUp"));
COM_IOCONTROL=(DLL_COM_IOCONTROL)GetProcAddress(hInstComDll,TEXT("COM_IOControl"));
COM_SEEK=(DLL_COM_SEEK)GetProcAddress(hInstComDll,TEXT("COM_Seek"));
}
else

...{
WRITELOG("DllMain()hInstComDllisNULL");
returnFALSE;
}


if(COM_INIT==NULL||
COM_DEINIT==NULL||
COM_OPEN==NULL||
COM_CLOSE==NULL||
COM_READ==NULL||
COM_WRITE==NULL||
COM_SEEK==NULL||
COM_POWERDOWN==NULL||
COM_POWERUP==NULL||
COM_IOCONTROL==NULL)

...{

WRITELOG("FunctionofDllMain()isNULL");
returnFALSE;
}



returnTRUE;
}



HANDLECOM_Init(ULONGIdentifier)

...{
returnCOM_INIT(Identifier);
}


BOOLCOM_Deinit(void)

...{
returnCOM_DEINIT();
}


HANDLECOM_Open(HANDLEpContext,DWORDAccessCode,DWORDShareMode)

...{

returnCOM_OPEN(pContext,AccessCode,ShareMode);
}


BOOLCOM_Close(DWORDpContext)

...{

returnCOM_CLOSE(pContext);
}


ULONGCOM_Read(HANDLEpContext,PUCHARpTargetBuffer,ULONGBufferLength)

...{
returnCOM_READ(pContext,pTargetBuffer,BufferLengthd);
}


ULONGCOM_Write(HANDLECOM_Write,PUCHARpSourceBytes,ULONGNumberOfBytes)

...{
returnCOM_WRITE(COM_Write,pSourceBytes,NumberOfBytes);
}

DWORDCOM_Seek(DWORDhOpenContext,longAmount,WORDType)

...{
returnCOM_SEEK(hOpenContext,Amount,Type);
}


BOOLCOM_PowerDown(HANDLEpContext)

...{
returnCOM_POWERDOWN(pContext);
}


BOOLCOM_PowerUp(HANDLEpContext)

...{
returnCOM_POWERUP(pContext);
}


BOOLCOM_IOControl(DWORDdwOpenData,DWORDdwCode,PBYTEpBufIn,DWORDdwLenIn,PBYTEpBufOut,DWORDdwLenOut,PDWORDpdwActualOut)

...{
returnCOM_IOCONTROL(dwOpenData,dwCode,pBufIn,dwLenIn,pBufOut,dwLenOut,pdwActualOut);
}
"OEMserial.dll"是原来LH404的驱动,我们这个伪驱动仅仅是在代码中调用该动态链接库实现该实现的功能而已.
如果需要让我们的伪驱动正常运作,在将伪驱动包含进系统之后,还需要更改相关的注册表----将位于[HKEY_LOCAL_MACHINE/Drivers/BuiltIn/series]的"DLL"键值改为我们伪驱动的名字即可.
这伪驱动有什么现实上的意义呢?对于应用层的话,也许不会起到任何作用;但如果是用作分析数据或破解算法的话,有时候确实一个挺方便的方法,毕竟调用驱动的任何数据都会经过我们的这个伪驱动,还有什么不能做的呢?
//TITLE:
// 串口伪驱动实例
//AUTHOR:
// norains
//DATE:
// Monday 23-April-2007
//Environment:
// EVC4.0 + Standard SDK 4.2
// EVC4.0 + Standard SDK 5.0
//========================================================================
所谓的伪驱动,就是不是真正意义上的驱动;而挂着驱动的名号,却又是因为和底层驱动有着千丝万缕的联系.
在此之前,先让我们看看wince的驱动结构:(图1)

而我们的伪驱动是挂接在PDD层之上,MDD层之下,形成一个"通道":(图2)

伪驱动的实现其实很简单,对外实现MDD层的借口,而其内则是通过调用原串口驱动实现其功能.
现在以夏普LH7A404平台为基础编写串口伪驱动,代码如下:

//--------------------------------------------------------------------
//Macrodefine
//ForSHARPLH404
#defineCOM_DLL_PATHTEXT("/WINDOWS/OEMserial.dll")
//-------------------------------------------------------------------
//Functiondefine
typedefHANDLE(WINAPI*DLL_COM_INIT)(ULONGIdentifie);
typedefBOOL(WINAPI*DLL_COM_DEINIT)(void);
typedefHANDLE(WINAPI*DLL_COM_OPEN)(HANDLEpContext,DWORDAccessCode,DWORDShareMode);
typedefBOOL(WINAPI*DLL_COM_CLOSE)(DWORDpContext);
typedefULONG(WINAPI*DLL_COM_READ)(HANDLEpContext,PUCHARpTargetBuffer,ULONGBufferLength,PULONGpBytesRead);
typedefULONG(WINAPI*DLL_COM_WRITE)(HANDLECOM_Write,PUCHARpSourceBytes,ULONGNumberOfBytes);
typedefBOOL(WINAPI*DLL_COM_POWERDOWN)(HANDLEpContext);
typedefBOOL(WINAPI*DLL_COM_POWERUP)(HANDLEpContext);
typedefBOOL(WINAPI*DLL_COM_IOCONTROL)(DWORDdwOpenData,DWORDdwCode,PBYTEpBufIn,DWORDdwLenIn,PBYTEpBufOut,DWORDdwLenOut,PDWORDpdwActualOut);
typedefDWORD(WINAPI*DLL_COM_SEEK)(DWORDhOpenContext,longAmount,WORDType);

DLL_COM_INITCOM_INIT;
DLL_COM_DEINITCOM_DEINIT;
DLL_COM_OPENCOM_OPEN;
DLL_COM_CLOSECOM_CLOSE;
DLL_COM_READCOM_READ;
DLL_COM_WRITECOM_WRITE;
DLL_COM_SEEKCOM_SEEK;
DLL_COM_POWERDOWNCOM_POWERDOWN;
DLL_COM_POWERUPCOM_POWERUP;
DLL_COM_IOCONTROLCOM_IOCONTROL;
//-------------------------------------------------------------------
BOOLAPIENTRYDllMain(HANDLEhModule,DWORDul_reason_for_call,LPVOIDlpReserved)
...{
HINSTANCEhInstComDll=LoadLibrary(COM_DLL_PATH);
if(hInstComDll!=NULL)
...{
COM_INIT=(DLL_COM_INIT)GetProcAddress(hInstComDll,TEXT("COM_Init"));
COM_DEINIT=(DLL_COM_DEINIT)GetProcAddress(hInstComDll,TEXT("COM_Deinit"));
COM_OPEN=(DLL_COM_OPEN)GetProcAddress(hInstComDll,TEXT("COM_Open"));
COM_CLOSE=(DLL_COM_CLOSE)GetProcAddress(hInstComDll,TEXT("COM_Close"));
COM_READ=(DLL_COM_READ)GetProcAddress(hInstComDll,TEXT("COM_Read"));
COM_WRITE=(DLL_COM_WRITE)GetProcAddress(hInstComDll,TEXT("COM_Write"));
COM_POWERDOWN=(DLL_COM_POWERDOWN)GetProcAddress(hInstComDll,TEXT("COM_PowerDown"));
COM_POWERUP=(DLL_COM_POWERUP)GetProcAddress(hInstComDll,TEXT("COM_PowerUp"));
COM_IOCONTROL=(DLL_COM_IOCONTROL)GetProcAddress(hInstComDll,TEXT("COM_IOControl"));
COM_SEEK=(DLL_COM_SEEK)GetProcAddress(hInstComDll,TEXT("COM_Seek"));
}
else
...{
WRITELOG("DllMain()hInstComDllisNULL");
returnFALSE;
}

if(COM_INIT==NULL||
COM_DEINIT==NULL||
COM_OPEN==NULL||
COM_CLOSE==NULL||
COM_READ==NULL||
COM_WRITE==NULL||
COM_SEEK==NULL||
COM_POWERDOWN==NULL||
COM_POWERUP==NULL||
COM_IOCONTROL==NULL)
...{
WRITELOG("FunctionofDllMain()isNULL");
returnFALSE;
}


returnTRUE;
}


HANDLECOM_Init(ULONGIdentifier)
...{
returnCOM_INIT(Identifier);
}

BOOLCOM_Deinit(void)
...{
returnCOM_DEINIT();
}

HANDLECOM_Open(HANDLEpContext,DWORDAccessCode,DWORDShareMode)
...{
returnCOM_OPEN(pContext,AccessCode,ShareMode);
}

BOOLCOM_Close(DWORDpContext)
...{
returnCOM_CLOSE(pContext);
}

ULONGCOM_Read(HANDLEpContext,PUCHARpTargetBuffer,ULONGBufferLength)
...{
returnCOM_READ(pContext,pTargetBuffer,BufferLengthd);
}

ULONGCOM_Write(HANDLECOM_Write,PUCHARpSourceBytes,ULONGNumberOfBytes)
...{
returnCOM_WRITE(COM_Write,pSourceBytes,NumberOfBytes);
}
DWORDCOM_Seek(DWORDhOpenContext,longAmount,WORDType)
...{
returnCOM_SEEK(hOpenContext,Amount,Type);
}

BOOLCOM_PowerDown(HANDLEpContext)
...{
returnCOM_POWERDOWN(pContext);
}

BOOLCOM_PowerUp(HANDLEpContext)
...{
returnCOM_POWERUP(pContext);
}

BOOLCOM_IOControl(DWORDdwOpenData,DWORDdwCode,PBYTEpBufIn,DWORDdwLenIn,PBYTEpBufOut,DWORDdwLenOut,PDWORDpdwActualOut)
...{
returnCOM_IOCONTROL(dwOpenData,dwCode,pBufIn,dwLenIn,pBufOut,dwLenOut,pdwActualOut);
}
"OEMserial.dll"是原来LH404的驱动,我们这个伪驱动仅仅是在代码中调用该动态链接库实现该实现的功能而已.
如果需要让我们的伪驱动正常运作,在将伪驱动包含进系统之后,还需要更改相关的注册表----将位于[HKEY_LOCAL_MACHINE/Drivers/BuiltIn/series]的"DLL"键值改为我们伪驱动的名字即可.
这伪驱动有什么现实上的意义呢?对于应用层的话,也许不会起到任何作用;但如果是用作分析数据或破解算法的话,有时候确实一个挺方便的方法,毕竟调用驱动的任何数据都会经过我们的这个伪驱动,还有什么不能做的呢?
本文介绍了一种在Windows CE平台上实现的串口伪驱动实例,该伪驱动位于PDD层之上、MDD层之下,通过调用原始串口驱动来实现功能。以夏普LH7A404平台为例,展示了如何通过加载原始驱动库并调用其提供的接口来完成读写等操作。

被折叠的 条评论
为什么被折叠?



