本文深入探讨Ring3驱动的加载过程,通过分析Instdrv.h头文件和Instdrv.cpp源代码,揭示Windows系统中Ring3驱动的实现细节和使用方法。
头文件 Instdrv.h
#ifndef _INSTDRV_H_
#define _INSTDRV_H_
BOOL
LoadDeviceDriver(
IN const TCHAR * Name,
IN const TCHAR * Path,
OUT HANDLE * lphDevice,
OUT PDWORD Error
);
BOOL
UnloadDeviceDriver(
IN const TCHAR * Name
);
BOOL
LoadNTDriver(
PWCHAR lpszDriverName,
PWCHAR lpszDriverPath,
BOOL bForceReload
);
BOOL
UnloadNTDriver(
PWCHAR wszSvrName
);
#endif // _INSTDRV_H_
源文件 Instdrv.cpp
/******************************************************************************
*
* FileMon - File System Monitor for Windows NT/9x
*
* Copyright (c) 1996 Mark Russinovich and Bryce Cogswell
*
* See readme.txt for terms and conditions.
*
* PROGRAM: Instdrv.c
*
* PURPOSE: Loads and unloads the Filemon device driver. This code
* is taken from the instdrv example in the NT DDK.
*
******************************************************************************/
#include <windows.h>
#include <stdlib.h>
#include <string.h>
//#include "..\CommonHelper\helper.h"
/****************************************************************************
*
* FUNCTION: InstallDriver( IN SC_HANDLE, IN LPCTSTR, IN LPCTSTR)
*
* PURPOSE: Creates a driver service.
*
****************************************************************************/
BOOL
InstallDriver(
IN SC_HANDLE SchSCManager,
IN LPCTSTR DriverName,
IN LPCTSTR ServiceExe
)
{
SC_HANDLE schService;
//
// NOTE: This creates an entry for a standalone driver. If this
// is modified for use with a driver that requires a Tag,
// Group, and/or Dependencies, it may be necessary to
// query the registry for existing driver information
// (in order to determine a unique Tag, etc.).
//
schService = CreateService(
SchSCManager, // SCManager database
DriverName, // name of service
DriverName, // name to display
SERVICE_ALL_ACCESS, // desired access
SERVICE_KERNEL_DRIVER, // service type
SERVICE_AUTO_START, // start type
SERVICE_ERROR_NORMAL, // error control type
ServiceExe, // service's binary
NULL, // no load ordering group
NULL, // no tag identifier
NULL, // no dependencies
NULL, // LocalSystem account
NULL // no password
);
if (schService == NULL)
return FALSE;
CloseServiceHandle(schService);
return TRUE;
}
/****************************************************************************
*
* FUNCTION: StartDriver( IN SC_HANDLE, IN LPCTSTR)
*
* PURPOSE: Starts the driver service.
*
****************************************************************************/
BOOL
StartDriver(
IN SC_HANDLE SchSCManager,
IN LPCTSTR DriverName
)
{
SC_HANDLE schService;
BOOL ret;
schService = OpenService(
SchSCManager,
DriverName,
SERVICE_ALL_ACCESS
);
if (schService == NULL)
return FALSE;
ret = StartService(schService, 0, NULL)
|| GetLastError() == ERROR_SERVICE_ALREADY_RUNNING
|| GetLastError() == ERROR_SERVICE_DISABLED;
CloseServiceHandle(<
最低0.47元/天 解锁文章
扫一扫
1129
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
