DEV_OBJ和 DRI_OBJ 结构_dev->obj->-优快云博客

本文详细解析了Windows内核中的设备对象结构，包括结构组成、各域的用途及重要性，帮助开发者深入理解设备驱动开发的基础知识。

struct _DRIVER_OBJECT (sizeof=168)

+00 int16 Type

+02 int16 Size

+04 struct _DEVICE_OBJECT *DeviceObject

+08 uint32 Flags

+0c void *DriverStart

+10 uint32 DriverSize

+14 void *DriverSection

+18 struct _DRIVER_EXTENSION *DriverExtension

+1c struct _UNICODE_STRING DriverName

+1c uint16 Length

+1e uint16 MaximumLength

+20 uint16 *Buffer

+24 struct _UNICODE_STRING *HardwareDatabase

+28 struct _FAST_IO_DISPATCH *FastIoDispatch

+2c function *DriverInit+30 function *DriverStartIo

+34 function *DriverUnload+38 function *MajorFunction[28]

DDK 中有对于一些域的说明

[00] IRP_MJ_CREATE

[01] IRP_MJ_CREATE_NAMED_PIPE

[02] IRP_MJ_CLOSE

[03] IRP_MJ_READ

[04] IRP_MJ_WRITE

[05] IRP_MJ_QUERY_INFORMATION

[06] IRP_MJ_SET_INFORMATION

[07] IRP_MJ_QUERY_EA

[08] IRP_MJ_SET_EA

[09] IRP_MJ_FLUSH_BUFFERS

[0a] IRP_MJ_QUERY_VOLUME_INFORMATION

[0b] IRP_MJ_SET_VOLUME_INFORMATION

[0c] IRP_MJ_DIRECTORY_CONTROL

[0d] IRP_MJ_FILE_SYSTEM_CONTROL

[0e] IRP_MJ_DEVICE_CONTROL

[0f] IRP_MJ_INTERNAL_DEVICE_CONTROL

[10] IRP_MJ_SHUTDOWN

[11] IRP_MJ_LOCK_CONTROL

[12] IRP_MJ_CLEANUP

[13] IRP_MJ_CREATE_MAILSLOT

[14] IRP_MJ_QUERY_SECURITY

[15] IRP_MJ_SET_SECURITY

[16] IRP_MJ_POWER

[17] IRP_MJ_SYSTEM_CONTROL

[18] IRP_MJ_DEVICE_CHANGE

[19] IRP_MJ_QUERY_QUOTA

[1a] IRP_MJ_SET_QUOTA

[1b] IRP_MJ_PNP

struct _DRIVER_EXTENSION (sizeof=24)

+00 struct _DRIVER_OBJECT *DriverObject

+04 function *AddDevice

+08 uint32 Count

+0c struct _UNICODE_STRING ServiceKeyName

+0c uint16 Length

+0e uint16 MaximumLength

+10 uint16 *Buffer

+14 struct _IO_CLIENT_EXTENSION *ClientDriverExtension

设备对象结构 DEVICE_OBJECT ，定义如下

struct _DEVICE_OBJECT (sizeof=184)

+00 int16 Type

+02 uint16 Size

+04 int32 ReferenceCount

+08 struct _DRIVER_OBJECT *DriverObject

+0c struct _DEVICE_OBJECT *NextDevice

+10 struct _DEVICE_OBJECT *AttachedDevice

+14 struct _IRP *CurrentIrp

+18 struct _IO_TIMER *Timer

+1c uint32 Flags

+20 uint32 Characteristics

+24 struct _VPB *Vpb

+28 void *DeviceExtension

+2c uint32 DeviceType

+30 char StackSize

+34 union __unnamed62 Queue

+34 struct _LIST_ENTRY ListEntry

+34 struct _LIST_ENTRY *Flink

+38 struct _LIST_ENTRY *Blink

+34 struct _WAIT_CONTEXT_BLOCK Wcb

+34 struct _KDEVICE_QUEUE_ENTRY WaitQueueEntry

+34 struct _LIST_ENTRY DeviceListEntry

+34 struct _LIST_ENTRY *Flink

+38 struct _LIST_ENTRY *Blink

+3c uint32 SortKey

+40 byte Inserted

+44 function *DeviceRoutine

+48 void *DeviceContext

+4c uint32 NumberOfMapRegisters

+50 void *DeviceObject

+54 void *CurrentIrp

+58 struct _KDPC *BufferChainingDpc

+5c uint32 AlignmentRequirement

+60 struct _KDEVICE_QUEUE DeviceQueue

+60 int16 Type+62 int16 Size

+64 struct _LIST_ENTRY DeviceListHead

+64 struct _LIST_ENTRY *Flink

+68 struct _LIST_ENTRY *Blink

+6c uint32 Lock

+70 byte Busy

+74 struct _KDPC Dpc

+74 int16 Type

+76 byte Number

+77 byte Importance

+78 struct _LIST_ENTRY DpcListEntry

+78 struct _LIST_ENTRY *Flink

+7c struct _LIST_ENTRY *Blink

+80 function *DeferredRoutine

+84 void *DeferredContext

+88 void *SystemArgument1

+8c void *SystemArgument2

+90 uint32 *Lock

+94 uint32 ActiveThreadCount

+98 void *SecurityDescriptor

+9c struct _KEVENT DeviceLock

+9c struct _DISPATCHER_HEADER Header

+9c byte Type

+9d byte Absolute

+9e byte Size

+9f byte Inserted

+a0 int32 SignalState

+a4 struct _LIST_ENTRY WaitListHead

+a4 struct _LIST_ENTRY *Flink

+a8 struct _LIST_ENTRY *Blink

+ac uint16 SectorSize+ae uint16 Spare1

+b0 struct _DEVOBJ_EXTENSION *DeviceObjectExtension

+b4 void *Reserved

DDK 中有对于一些域的说明

struct _DEVOBJ_EXTENSION (sizeof=36)

+00 int16 Type

+02 uint16 Size

+04 struct _DEVICE_OBJECT *DeviceObject

+08 uint32 PowerFlags

+0c *Dope+10 uint32 ExtensionFlags

+14 void *DeviceNode

+18 struct _DEVICE_OBJECT *AttachedTo

+1c struct _LIST_ENTRY FileObjectList

+1c struct _LIST_ENTRY *Flink

+20 struct _LIST_ENTRY *Blink