driver第二次无法启动
driver can't start at the second time
我开始编程 driver。我修改了很多文章并开发了一个测试 driver,它也有效。一开始它只是一个 Hello World Driver。
在控制台中,我安装了 driver,启动然后停止并删除。一切正常。
就在我想重新安装并启动它时,它 return 在函数 "StartService" 处出现错误 2。通过 Debug-Message 我可以看到,在第二次时,函数 DriverEntry 没有被调用。
但是当我重新启动 PC 时,我可以安装并启动 driver。
不幸的是,我找不到任何关于这个问题的文章。只是 return 2 的其他问题,即 Driver 未找到。但这一切都奏效了。
我安装 driver 有:
SC_HANDLE hSCManager;
SC_HANDLE hService;
SERVICE_STATUS ss;
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
printf("Load Driver\n");
if(hSCManager)
{
printf("Create Service\n");
getchar();
hService = CreateService(hSCManager, TEXT("Example"), TEXT("Example Driver"), SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, TEXT("C:\Windows\System32\drivers\MyFirstDriver.sys"), NULL, NULL, NULL, NULL, NULL);
//hService = CreateService(hSCManager, TEXT("Example"), TEXT("Example Driver"), SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, TEXT("C:\driver\temp2\MyFirstDriver.sys"), NULL, NULL, NULL, NULL, NULL);
if(!hService)
{
printf("OpenService Service\n");
getchar();
hService = OpenService(hSCManager, TEXT("Example"), SERVICE_START | DELETE | SERVICE_STOP);
}
if(hService)
{
printf("Start Service\n");
getchar();
if (StartService(hService, 0, NULL))
{
printf("Start war erfolgreich\n");
}
else
{
printf("Fehler beim starten\n");
printf("StartService failed (%d)\n", GetLastError());
}
Sleep(5000);
printf("Press Enter to close service\n");
getchar();
printf("beendet\n");
getchar();
ControlService(hService, SERVICE_CONTROL_STOP, &ss);
if (DeleteService(hService)) {
printf("Delete war erfolgreich\n");
}
else
{
printf("Fehler beim Delete\n");
printf("Delete failed (%d)\n", GetLastError());
//Error nr 6
}
if (CloseServiceHandle(hService)) {
printf("Close war erfolgreich\n");
}
else
{
printf("Fehler beim Close\n");
printf("Close failed (%d)\n", GetLastError());
}
}
printf("Press Enter to close service\n");
getchar();
CloseServiceHandle(hSCManager);
}
return 0;
driver代码:
#include "stdafx.h"
#include "functions.h"
void MyFirstDriverUnload(IN PDRIVER_OBJECT DriverObject);
NTSTATUS MyFirstDriverCreate(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverClose(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverDefaultHandler(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverAddDevice(IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject);
NTSTATUS MyFirstDriverPnP(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverRead(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverUnsupportedFunc(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
typedef struct _deviceExtension
{
PDEVICE_OBJECT DeviceObject;
PDEVICE_OBJECT TargetDeviceObject;
PDEVICE_OBJECT PhysicalDeviceObject;
UNICODE_STRING DeviceInterface;
} MyFirstDriver_DEVICE_EXTENSION, *PMyFirstDriver_DEVICE_EXTENSION;
// {282b517a-9a95-4fdc-8167-aec5f8463df3}
static const GUID GUID_MyFirstDriverInterface = {0x282B517A, 0x9a95, 0x4fdc, {0x81, 0x67, 0xae, 0xc5, 0xf8, 0x46, 0x3d, 0xf3 } };
#ifdef __cplusplus
extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath);
#endif
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
{
DbgPrint("DriverEntry01 Called \r\n");
NTSTATUS NtStatus = STATUS_SUCCESS;
INT uiIndex = 0;
DbgPrint("DriverEntry02 Called \r\n");
PDEVICE_OBJECT pDeviceObject = NULL;
DbgPrint("DriverEntry03 Called \r\n");
UNICODE_STRING usDriverName, usDosDeviceName;
DbgPrint("DriverEntry3 Called \r\n");
DbgPrint("DriverEntry4 Called \r\n");
DbgPrint("DriverEntry5 Called \r\n");
DbgPrint("DriverEntry6 Called \r\n");
RtlInitUnicodeString(&usDriverName, L"\Device\Example");
DbgPrint("DriverEntry7 Called \r\n");
RtlInitUnicodeString(&usDosDeviceName, L"\DosDevices\Example");
DbgPrint("DriverEntry8 Called \r\n");
NtStatus = IoCreateDevice(DriverObject, 0, &usDriverName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &pDeviceObject);
DbgPrint("DriverEntry9 Called \r\n");
if(NtStatus == STATUS_SUCCESS)
{
DbgPrint("DriverEntry10 Called \r\n");
for(uiIndex = 0; uiIndex < IRP_MJ_MAXIMUM_FUNCTION; uiIndex++)
DriverObject->MajorFunction[uiIndex] = MyFirstDriverUnsupportedFunc;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = MyFirstDriverClose;
DriverObject->MajorFunction[IRP_MJ_CREATE] = MyFirstDriverCreate;
DriverObject->MajorFunction[IRP_MJ_PNP] = MyFirstDriverPnP;
DriverObject->MajorFunction[IRP_MJ_READ] = MyFirstDriverRead;
DriverObject->DriverUnload = MyFirstDriverUnload;
DriverObject->Flags &= (~DO_DEVICE_INITIALIZING);
IoCreateSymbolicLink(&usDosDeviceName, &usDriverName);
}
return NtStatus;
}
void MyFirstDriverUnload(IN PDRIVER_OBJECT DriverObject)
{
DbgPrint("Goodbye from MyFirstDriver!\n");
}
NTSTATUS MyFirstDriverUnsupportedFunc(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("MyFirstDriverUnsupportedFunc \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverRead(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("Example Read Called \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverClose(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("Drive Close \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverCreate(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}
NTSTATUS MyFirstDriverDefaultHandler(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PMyFirstDriver_DEVICE_EXTENSION deviceExtension = NULL;
IoSkipCurrentIrpStackLocation(Irp);
deviceExtension = (PMyFirstDriver_DEVICE_EXTENSION) DeviceObject->DeviceExtension;
return IoCallDriver(deviceExtension->TargetDeviceObject, Irp);
}
NTSTATUS MyFirstDriverAddDevice(IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject)
{
PDEVICE_OBJECT DeviceObject = NULL;
PMyFirstDriver_DEVICE_EXTENSION pExtension = NULL;
NTSTATUS status;
status = IoCreateDevice(DriverObject,
sizeof(MyFirstDriver_DEVICE_EXTENSION),
NULL,
FILE_DEVICE_UNKNOWN,
0,
0,
&DeviceObject);
if (!NT_SUCCESS(status))
return status;
pExtension = (PMyFirstDriver_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
pExtension->DeviceObject = DeviceObject;
pExtension->PhysicalDeviceObject = PhysicalDeviceObject;
pExtension->TargetDeviceObject = IoAttachDeviceToDeviceStack(DeviceObject, PhysicalDeviceObject);
status = IoRegisterDeviceInterface(PhysicalDeviceObject, &GUID_MyFirstDriverInterface, NULL, &pExtension->DeviceInterface);
ASSERT(NT_SUCCESS(status));
DeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
return STATUS_SUCCESS;
}
NTSTATUS MyFirstDriverIrpCompletion(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context
)
{
PKEVENT Event = (PKEVENT) Context;
UNREFERENCED_PARAMETER(DeviceObject);
UNREFERENCED_PARAMETER(Irp);
KeSetEvent(Event, IO_NO_INCREMENT, FALSE);
return(STATUS_MORE_PROCESSING_REQUIRED);
}
NTSTATUS MyFirstDriverForwardIrpSynchronous(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PMyFirstDriver_DEVICE_EXTENSION deviceExtension;
KEVENT event;
NTSTATUS status;
KeInitializeEvent(&event, NotificationEvent, FALSE);
deviceExtension = (PMyFirstDriver_DEVICE_EXTENSION) DeviceObject->DeviceExtension;
IoCopyCurrentIrpStackLocationToNext(Irp);
IoSetCompletionRoutine(Irp, MyFirstDriverIrpCompletion, &event, TRUE, TRUE, TRUE);
status = IoCallDriver(deviceExtension->TargetDeviceObject, Irp);
if (status == STATUS_PENDING) {
KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL);
status = Irp->IoStatus.Status;
}
return status;
}
NTSTATUS MyFirstDriverPnP(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
PMyFirstDriver_DEVICE_EXTENSION pExt = ((PMyFirstDriver_DEVICE_EXTENSION)DeviceObject->DeviceExtension);
NTSTATUS status;
ASSERT(pExt);
switch (irpSp->MinorFunction)
{
case IRP_MN_START_DEVICE:
IoSetDeviceInterfaceState(&pExt->DeviceInterface, TRUE);
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_QUERY_REMOVE_DEVICE:
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_REMOVE_DEVICE:
IoSetDeviceInterfaceState(&pExt->DeviceInterface, FALSE);
status = MyFirstDriverForwardIrpSynchronous(DeviceObject, Irp);
IoDetachDevice(pExt->TargetDeviceObject);
IoDeleteDevice(pExt->DeviceObject);
RtlFreeUnicodeString(&pExt->DeviceInterface);
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_QUERY_PNP_DEVICE_STATE:
status = MyFirstDriverForwardIrpSynchronous(DeviceObject, Irp);
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
return MyFirstDriverDefaultHandler(DeviceObject, Irp);
}
编辑:
我对 sc create 和 sc start 进行了同样的尝试。第二次,它给出了 2 号错误以及他找不到文件的附加信息。
但是,正如我所说,他第一次可以找到文件并加载。第二次没有。
我怀疑问题不在于第二次启动驱动程序。但我不确定:您没有检查 ControlService(hService, SERVICE_CONTROL_STOP, &ss); 的 return 值。我的假设是the driver can't stop。检查 return 值以查看驱动程序是否确实停止,然后再尝试再次启动它。
您的驱动程序包含大量错误,无法卸载。您在 DriverEntry 中创建了设备 "\Device\Example",但没有删除它 MyFirstDriverUnload - 因此该设备并阻止驱动程序卸载。您也尝试成为 WDM 驱动程序,但我确定您没有将您的驱动程序注册为任何设备 ID 的 WDM,并且您的 MyFirstDriverAddDevice 从未调用过。 WDM 驱动程序(在您将自己的设备附加到设备堆栈之后)根本无法通过 start/stop 卸载,只能在 stop/destroying 堆栈之后卸载。
DriverObject->Flags &= (~DO_DEVICE_INITIALIZING);
否则一个错误。关于 IRP 处理我还没说。但同样 - 在这个具体案例中,驱动程序未卸载,因为您没有在 MyFirstDriverUnload.
中调用 IoDeleteDevice
我开始编程 driver。我修改了很多文章并开发了一个测试 driver,它也有效。一开始它只是一个 Hello World Driver。 在控制台中,我安装了 driver,启动然后停止并删除。一切正常。 就在我想重新安装并启动它时,它 return 在函数 "StartService" 处出现错误 2。通过 Debug-Message 我可以看到,在第二次时,函数 DriverEntry 没有被调用。 但是当我重新启动 PC 时,我可以安装并启动 driver。 不幸的是,我找不到任何关于这个问题的文章。只是 return 2 的其他问题,即 Driver 未找到。但这一切都奏效了。
我安装 driver 有:
SC_HANDLE hSCManager;
SC_HANDLE hService;
SERVICE_STATUS ss;
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
printf("Load Driver\n");
if(hSCManager)
{
printf("Create Service\n");
getchar();
hService = CreateService(hSCManager, TEXT("Example"), TEXT("Example Driver"), SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, TEXT("C:\Windows\System32\drivers\MyFirstDriver.sys"), NULL, NULL, NULL, NULL, NULL);
//hService = CreateService(hSCManager, TEXT("Example"), TEXT("Example Driver"), SERVICE_START | DELETE | SERVICE_STOP, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, TEXT("C:\driver\temp2\MyFirstDriver.sys"), NULL, NULL, NULL, NULL, NULL);
if(!hService)
{
printf("OpenService Service\n");
getchar();
hService = OpenService(hSCManager, TEXT("Example"), SERVICE_START | DELETE | SERVICE_STOP);
}
if(hService)
{
printf("Start Service\n");
getchar();
if (StartService(hService, 0, NULL))
{
printf("Start war erfolgreich\n");
}
else
{
printf("Fehler beim starten\n");
printf("StartService failed (%d)\n", GetLastError());
}
Sleep(5000);
printf("Press Enter to close service\n");
getchar();
printf("beendet\n");
getchar();
ControlService(hService, SERVICE_CONTROL_STOP, &ss);
if (DeleteService(hService)) {
printf("Delete war erfolgreich\n");
}
else
{
printf("Fehler beim Delete\n");
printf("Delete failed (%d)\n", GetLastError());
//Error nr 6
}
if (CloseServiceHandle(hService)) {
printf("Close war erfolgreich\n");
}
else
{
printf("Fehler beim Close\n");
printf("Close failed (%d)\n", GetLastError());
}
}
printf("Press Enter to close service\n");
getchar();
CloseServiceHandle(hSCManager);
}
return 0;
driver代码:
#include "stdafx.h"
#include "functions.h"
void MyFirstDriverUnload(IN PDRIVER_OBJECT DriverObject);
NTSTATUS MyFirstDriverCreate(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverClose(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverDefaultHandler(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverAddDevice(IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject);
NTSTATUS MyFirstDriverPnP(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverRead(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
NTSTATUS MyFirstDriverUnsupportedFunc(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);
typedef struct _deviceExtension
{
PDEVICE_OBJECT DeviceObject;
PDEVICE_OBJECT TargetDeviceObject;
PDEVICE_OBJECT PhysicalDeviceObject;
UNICODE_STRING DeviceInterface;
} MyFirstDriver_DEVICE_EXTENSION, *PMyFirstDriver_DEVICE_EXTENSION;
// {282b517a-9a95-4fdc-8167-aec5f8463df3}
static const GUID GUID_MyFirstDriverInterface = {0x282B517A, 0x9a95, 0x4fdc, {0x81, 0x67, 0xae, 0xc5, 0xf8, 0x46, 0x3d, 0xf3 } };
#ifdef __cplusplus
extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath);
#endif
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
{
DbgPrint("DriverEntry01 Called \r\n");
NTSTATUS NtStatus = STATUS_SUCCESS;
INT uiIndex = 0;
DbgPrint("DriverEntry02 Called \r\n");
PDEVICE_OBJECT pDeviceObject = NULL;
DbgPrint("DriverEntry03 Called \r\n");
UNICODE_STRING usDriverName, usDosDeviceName;
DbgPrint("DriverEntry3 Called \r\n");
DbgPrint("DriverEntry4 Called \r\n");
DbgPrint("DriverEntry5 Called \r\n");
DbgPrint("DriverEntry6 Called \r\n");
RtlInitUnicodeString(&usDriverName, L"\Device\Example");
DbgPrint("DriverEntry7 Called \r\n");
RtlInitUnicodeString(&usDosDeviceName, L"\DosDevices\Example");
DbgPrint("DriverEntry8 Called \r\n");
NtStatus = IoCreateDevice(DriverObject, 0, &usDriverName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &pDeviceObject);
DbgPrint("DriverEntry9 Called \r\n");
if(NtStatus == STATUS_SUCCESS)
{
DbgPrint("DriverEntry10 Called \r\n");
for(uiIndex = 0; uiIndex < IRP_MJ_MAXIMUM_FUNCTION; uiIndex++)
DriverObject->MajorFunction[uiIndex] = MyFirstDriverUnsupportedFunc;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = MyFirstDriverClose;
DriverObject->MajorFunction[IRP_MJ_CREATE] = MyFirstDriverCreate;
DriverObject->MajorFunction[IRP_MJ_PNP] = MyFirstDriverPnP;
DriverObject->MajorFunction[IRP_MJ_READ] = MyFirstDriverRead;
DriverObject->DriverUnload = MyFirstDriverUnload;
DriverObject->Flags &= (~DO_DEVICE_INITIALIZING);
IoCreateSymbolicLink(&usDosDeviceName, &usDriverName);
}
return NtStatus;
}
void MyFirstDriverUnload(IN PDRIVER_OBJECT DriverObject)
{
DbgPrint("Goodbye from MyFirstDriver!\n");
}
NTSTATUS MyFirstDriverUnsupportedFunc(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("MyFirstDriverUnsupportedFunc \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverRead(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("Example Read Called \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverClose(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
NTSTATUS NtStatus = STATUS_SUCCESS;
DbgPrint("Drive Close \r\n");
return NtStatus;
}
NTSTATUS MyFirstDriverCreate(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}
NTSTATUS MyFirstDriverDefaultHandler(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PMyFirstDriver_DEVICE_EXTENSION deviceExtension = NULL;
IoSkipCurrentIrpStackLocation(Irp);
deviceExtension = (PMyFirstDriver_DEVICE_EXTENSION) DeviceObject->DeviceExtension;
return IoCallDriver(deviceExtension->TargetDeviceObject, Irp);
}
NTSTATUS MyFirstDriverAddDevice(IN PDRIVER_OBJECT DriverObject, IN PDEVICE_OBJECT PhysicalDeviceObject)
{
PDEVICE_OBJECT DeviceObject = NULL;
PMyFirstDriver_DEVICE_EXTENSION pExtension = NULL;
NTSTATUS status;
status = IoCreateDevice(DriverObject,
sizeof(MyFirstDriver_DEVICE_EXTENSION),
NULL,
FILE_DEVICE_UNKNOWN,
0,
0,
&DeviceObject);
if (!NT_SUCCESS(status))
return status;
pExtension = (PMyFirstDriver_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
pExtension->DeviceObject = DeviceObject;
pExtension->PhysicalDeviceObject = PhysicalDeviceObject;
pExtension->TargetDeviceObject = IoAttachDeviceToDeviceStack(DeviceObject, PhysicalDeviceObject);
status = IoRegisterDeviceInterface(PhysicalDeviceObject, &GUID_MyFirstDriverInterface, NULL, &pExtension->DeviceInterface);
ASSERT(NT_SUCCESS(status));
DeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
return STATUS_SUCCESS;
}
NTSTATUS MyFirstDriverIrpCompletion(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context
)
{
PKEVENT Event = (PKEVENT) Context;
UNREFERENCED_PARAMETER(DeviceObject);
UNREFERENCED_PARAMETER(Irp);
KeSetEvent(Event, IO_NO_INCREMENT, FALSE);
return(STATUS_MORE_PROCESSING_REQUIRED);
}
NTSTATUS MyFirstDriverForwardIrpSynchronous(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PMyFirstDriver_DEVICE_EXTENSION deviceExtension;
KEVENT event;
NTSTATUS status;
KeInitializeEvent(&event, NotificationEvent, FALSE);
deviceExtension = (PMyFirstDriver_DEVICE_EXTENSION) DeviceObject->DeviceExtension;
IoCopyCurrentIrpStackLocationToNext(Irp);
IoSetCompletionRoutine(Irp, MyFirstDriverIrpCompletion, &event, TRUE, TRUE, TRUE);
status = IoCallDriver(deviceExtension->TargetDeviceObject, Irp);
if (status == STATUS_PENDING) {
KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL);
status = Irp->IoStatus.Status;
}
return status;
}
NTSTATUS MyFirstDriverPnP(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
PMyFirstDriver_DEVICE_EXTENSION pExt = ((PMyFirstDriver_DEVICE_EXTENSION)DeviceObject->DeviceExtension);
NTSTATUS status;
ASSERT(pExt);
switch (irpSp->MinorFunction)
{
case IRP_MN_START_DEVICE:
IoSetDeviceInterfaceState(&pExt->DeviceInterface, TRUE);
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_QUERY_REMOVE_DEVICE:
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_REMOVE_DEVICE:
IoSetDeviceInterfaceState(&pExt->DeviceInterface, FALSE);
status = MyFirstDriverForwardIrpSynchronous(DeviceObject, Irp);
IoDetachDevice(pExt->TargetDeviceObject);
IoDeleteDevice(pExt->DeviceObject);
RtlFreeUnicodeString(&pExt->DeviceInterface);
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
case IRP_MN_QUERY_PNP_DEVICE_STATE:
status = MyFirstDriverForwardIrpSynchronous(DeviceObject, Irp);
Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return status;
}
return MyFirstDriverDefaultHandler(DeviceObject, Irp);
}
编辑: 我对 sc create 和 sc start 进行了同样的尝试。第二次,它给出了 2 号错误以及他找不到文件的附加信息。 但是,正如我所说,他第一次可以找到文件并加载。第二次没有。
我怀疑问题不在于第二次启动驱动程序。但我不确定:您没有检查 ControlService(hService, SERVICE_CONTROL_STOP, &ss); 的 return 值。我的假设是the driver can't stop。检查 return 值以查看驱动程序是否确实停止,然后再尝试再次启动它。
您的驱动程序包含大量错误,无法卸载。您在 DriverEntry 中创建了设备 "\Device\Example",但没有删除它 MyFirstDriverUnload - 因此该设备并阻止驱动程序卸载。您也尝试成为 WDM 驱动程序,但我确定您没有将您的驱动程序注册为任何设备 ID 的 WDM,并且您的 MyFirstDriverAddDevice 从未调用过。 WDM 驱动程序(在您将自己的设备附加到设备堆栈之后)根本无法通过 start/stop 卸载,只能在 stop/destroying 堆栈之后卸载。
DriverObject->Flags &= (~DO_DEVICE_INITIALIZING);
否则一个错误。关于 IRP 处理我还没说。但同样 - 在这个具体案例中,驱动程序未卸载,因为您没有在 MyFirstDriverUnload.
IoDeleteDevice