static
VOID
TestLowerDeviceKernelAPI(
IN PDEVICE_OBJECT DeviceObject)
{
PDEVICE_OBJECT RetObject;
RetObject = IoGetLowerDeviceObject(DeviceObject);
ok(RetObject == AttachDeviceObject,
"Expected an Attached DeviceObject %p, got %p\n", AttachDeviceObject, RetObject);
if (RetObject)
{
ObDereferenceObject(RetObject);
}
RetObject = IoGetDeviceAttachmentBaseRef(DeviceObject);
ok(RetObject == AttachDeviceObject,
"Expected an Attached DeviceObject %p, got %p\n", AttachDeviceObject, RetObject);
if (RetObject)
{
ObDereferenceObject(RetObject);
}
}
NTSTATUS
FltpGetBaseDeviceObjectName(_In_ PDEVICE_OBJECT DeviceObject,
_Inout_ PUNICODE_STRING ObjectName)
{
PDEVICE_OBJECT BaseDeviceObject;
NTSTATUS Status;
/*
* Get the lowest device object on the stack, which may be the
* object we were passed, and lookup the name for that object
*/
BaseDeviceObject = IoGetDeviceAttachmentBaseRef(DeviceObject);
Status = FltpGetObjectName(BaseDeviceObject, ObjectName);
ObDereferenceObject(BaseDeviceObject);
return Status;
}
NTSTATUS
File_ReadWriteFile(
__in ULONG MajorFunction,
__in PFLT_INSTANCE Instance,
__in PFILE_OBJECT FileObject,
__in PLARGE_INTEGER ByteOffset,
__in ULONG Length,
__in PVOID Buffer,
__out PULONG BytesReadWrite,
__in FLT_IO_OPERATION_FLAGS FltFlags
)
{
ULONG i;
PIRP irp;
KEVENT Event;
PIO_STACK_LOCATION ioStackLocation;
IO_STATUS_BLOCK IoStatusBlock = { 0 };
PDEVICE_OBJECT pVolumeDevObj = NULL ;
PDEVICE_OBJECT pFileSysDevObj= NULL ;
PDEVICE_OBJECT pNextDevObj = NULL ;
//获取minifilter相邻下层的设备对象
pVolumeDevObj = IoGetDeviceAttachmentBaseRef(FileObject->DeviceObject) ;
if (NULL == pVolumeDevObj)
{
return STATUS_UNSUCCESSFUL ;
}
pFileSysDevObj = pVolumeDevObj->Vpb->DeviceObject ;
pNextDevObj = pFileSysDevObj ;
if (NULL == pNextDevObj)
{
ObDereferenceObject(pVolumeDevObj) ;
return STATUS_UNSUCCESSFUL ;
}
//开始构建读写IRP
KeInitializeEvent(&Event, SynchronizationEvent, FALSE);
// 分配irp.
irp = IoAllocateIrp(pNextDevObj->StackSize, FALSE);
if(irp == NULL) {
ObDereferenceObject(pVolumeDevObj) ;
return STATUS_INSUFFICIENT_RESOURCES;
}
irp->AssociatedIrp.SystemBuffer = NULL;
irp->MdlAddress = NULL;
irp->UserBuffer = Buffer;
irp->UserEvent = &Event;
irp->UserIosb = &IoStatusBlock;
irp->Tail.Overlay.Thread = PsGetCurrentThread();
irp->RequestorMode = KernelMode;
if(MajorFunction == IRP_MJ_READ)
irp->Flags = IRP_DEFER_IO_COMPLETION|IRP_READ_OPERATION|IRP_NOCACHE;
else if (MajorFunction == IRP_MJ_WRITE)
irp->Flags = IRP_DEFER_IO_COMPLETION|IRP_WRITE_OPERATION|IRP_NOCACHE;
else
{
ObDereferenceObject(pVolumeDevObj) ;
return STATUS_UNSUCCESSFUL ;
}
if ((FltFlags & FLTFL_IO_OPERATION_PAGING) == FLTFL_IO_OPERATION_PAGING)
{
irp->Flags |= IRP_PAGING_IO ;
}
// 填写irpsp
ioStackLocation = IoGetNextIrpStackLocation(irp);
ioStackLocation->MajorFunction = (UCHAR)MajorFunction;
ioStackLocation->MinorFunction = (UCHAR)IRP_MN_NORMAL;
ioStackLocation->DeviceObject = pNextDevObj;
ioStackLocation->FileObject = FileObject ;
if(MajorFunction == IRP_MJ_READ)
{
ioStackLocation->Parameters.Read.ByteOffset = *ByteOffset;
ioStackLocation->Parameters.Read.Length = Length;
}
else
{
ioStackLocation->Parameters.Write.ByteOffset = *ByteOffset;
ioStackLocation->Parameters.Write.Length = Length ;
}
// 设置完成
IoSetCompletionRoutine(irp, File_ReadWriteFileComplete, 0, TRUE, TRUE, TRUE);
(void) IoCallDriver(pNextDevObj, irp);
KeWaitForSingleObject(&Event, Executive, KernelMode, TRUE, 0);
*BytesReadWrite = IoStatusBlock.Information;
ObDereferenceObject(pVolumeDevObj) ;
return IoStatusBlock.Status;
}
