驱动:
- C/C++ code
#pragma INITCODEextern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDrvObj, IN PUNICODE_STRING RegistryPath){ NTSTATUS status; KdPrint(("Enter DriverEntry\n")); //注册其它驱动用函数入口 pDrvObj->DriverUnload = DriverUnlocd; pDrvObj->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DDKDeviceIoControl; pDrvObj->MajorFunction[IRP_MJ_READ] = DDKReadFile; //创建驱动设备对象 status = CreateDevice(pDrvObj); KdPrint(("Leave DriverEntry\n")); return status;}应用程序:
- C/C++ code
DWORD dwNum, dwOut = 4, dwOutRet; HANDLE hDriver = CreateFile(".//EnumProcess.sys", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if(INVALID_HANDLE_VALUE == hDriver) { MessageBox("CreateFile failed!"); return FALSE; } BOOL bOk = ReadFile(hDriver, &dwNum, sizeof(DWORD), &dwOutRet, NULL); if(!bOk) { DWORD dwError = GetLastError(); CString str; str.Format("DeviceIoControl1 failed! code:%d\n", dwError); MessageBox(str); return FALSE; }ReadFile返回真,可是dwOutRet接收回来的不是4,我在IRP_MJ_READ例程设置返回4的,用windbg看才知道没进入我指定的IRP_MJ_READ例程。驱动已经加载了,高手们给小弟指点下吧。
------解决方案--------------------
弱弱的问一下,你这是读文件吗?
符号链接是什么?