BOOL WINAPI DeviceIoControl( HANDLE hDevice,
DWORD dwIoControlCode,
PVOID lpInBuffer,
DWORD nInBufferSize,
PVOID lpOutBuffer,
DWORD nOutBufferSize,
PDWORD lpBytesReturned,
POVERLAPPED lpOverlapped);
列表 4-27. DeviceIoControl 函数的原型
BOOL WINAPI IoControl (HANDLE hDevice,
DWORD dCode,
PVOID pInput,
DWORD dInput,
PVOID pOutput,
DWORD dOutput)
{
DWORD dData = https://www.rkxy.com.cn/dnjc/0;
return DeviceIoControl (hDevice, dCode,
pInput, dInput,
pOutput, dOutput,
&dData, NULL)
&&
(dData =https://www.rkxy.com.cn/dnjc/= dOutput);
}
// -----------------------------------------------------------------
BOOL WINAPI ReadBinary (HANDLE hDevice,
DWORD dCode,
PVOID pOutput,
DWORD dOutput)
{
return IoControl (hDevice, dCode, NULL, 0, pOutput, dOutput);
}
// -----------------------------------------------------------------
BOOL WINAPI ReadCpuInfo (HANDLE hDevice,
PSPY_CPU_INFO psci)
{
return IoControl (hDevice, SPY_IO_CPU_INFO,
NULL, 0,
psci, SPY_CPU_INFO_);
}
// -----------------------------------------------------------------
BOOL WINAPI ReadSegment (HANDLE hDevice,
DWORD dSelector,
PSPY_SEGMENT pss)
{
return IoControl (hDevice, SPY_IO_SEGMENT,
&dSelector, DWORD_,
pss, SPY_SEGMENT_);
}
// -----------------------------------------------------------------
BOOL WINAPI ReadPhysical (HANDLE hDevice,
PVOID pLinear,
PPHYSICAL_ADDRESS ppa)
{
return IoControl (hDevice, SPY_IO_PHYSICAL,
&pLinear, PVOID_,
ppa, PHYSICAL_ADDRESS_)
&&
(ppa->LowPart || ppa->HighPart);
}
列表 4-28 几个 IOCTL 的外包函数
到目前为止,本节列出的所有函数都需要 Spy 设备的一个句柄 。现在,我将介绍如何获取该句柄 。这实际上是一个非常简单的 Win32 操作,和打开文件类似 。列表 4-29 展示了 w2k_mem.exe 的命令处理例程的实现细节 。该代码使用 API 函数 w2kFilePath() 、 w2kServiceLoad() 和 w2kServiceUnload(),这几个函数由 w2k_lib.dll 导出 。如果你已经读过第三章中关于 Windows 2000 服务控制管理器的介绍,你应该通过 列表 3-8 已了解了 w2kServiceLoad() 和 w2kServiceUnload()。这些强大的函数可随时加载或卸载内核模式的设备驱动,并且能处理一些良性的错误,如,妥善的处理加载一个已经载入内存的驱动程序 。w2kFilePath() 是一个帮助函数 。w2k_mem.exe 调用它来获取 Spy 驱动程序的完整路径 。
WORD awSpyFile [] = SW(DRV_FILENAME);
WORD awSpyDevice [] = SW(DRV_MODULE);
WORD awSpyDisplay [] = SW(DRV_NAME);
WORD awSpyPath [] = SW(DRV_PATH);
// -----------------------------------------------------------------
void WINAPI Execute (PPWORD ppwArguments,
DWORD dArguments)
{
SPY_VERSION_INFO svi;
DWORD dOptions, dRequest, dReceive;
WORD awPath [MAX_PATH] = L"?";
SC_HANDLE hControl = NULL;
HANDLE hDevice = INVALID_HANDLE_VALUE;
_printf (L"rnLoading "%s" (%s) ...rn",
awSpyDisplay, awSpyDevice);
if (w2kFilePath (NULL, awSpyFile, awPath, MAX_PATH))
{
_printf (L"Driver: "%s"rn",
awPath);
hControl = w2kServiceLoad (awSpyDevice, awSpyDisplay,
awPath, TRUE);
}
if (hControl != NULL)
{
_printf (L"Opening "%s" ...rn",
awSpyPath);
hDevice = CreateFile (awSpyPath, GENERIC_READ,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL, NULL);
}
else
{
_printf (L"Unable to load the spy device driver.rn");
}
if (hDevice != INVALID_HANDLE_VALUE)
{
if (ReadBinary (hDevice, SPY_IO_VERSION_INFO,
推荐阅读
- 佐助见到秽土鼬是哪集
- Windows 2000 上配置和应用安全模板
- 如何在 Windows 2000 中启用自动登录
- 2 《Undocumented Windows 2000 Secrets》翻译 --- 第四章
- 1 《Undocumented Windows 2000 Secrets》翻译 --- 第四章
- Windows 2000下的Raw Socket编程
- Windows 2000开发过程中一些有趣的数据
- Windows2000软件冲突一例
- 大叔与少年什么时候开始播
- 盛世嫡妃好看吗