/************************************************************************
*?文件名稱:Driver.cpp?????????????????????????????????????????????????
*?作????者:張帆
*?完成日期:2007-11-1
*************************************************************************/

#include?“Driver.h“
#include?“stdio.h“
#include?“stdarg.h“
static?ULONG?address;
int?counts=0;

?
int?CopyNewCodeToGapSetJmp（char*?SectionGapStartchar*?newFunctionBufferULONG?lengthint?op_interruptint?pfnOldFuntionPointerint?dwFirstForJmp）;

/************************************************************************
*?函數(shù)名稱:DriverEntry
*?功能描述:初始化驅(qū)動程序，定位和申請硬件資源，創(chuàng)建內(nèi)核對象
*?參數(shù)列表:
??????pDriverobject:從I/O管理器中傳進(jìn)來的驅(qū)動對象
??????pRegistryPath:驅(qū)動程序在注冊表的中的路徑
*?返回?值:返回初始化驅(qū)動狀態(tài)
*************************************************************************/
char?outputa[100];
#pragma?PAGEDCODE

void?debugprint（const?char*format...）
{
va_list?va;
va_start（vaformat）;
vsprintf（outputaformatva）;
va_end（va）;
strcat（outputa“\n“）;
DbgPrint（outputa）;
}
/************************************************************************
*?函數(shù)名稱:CreateDevice
*?功能描述:初始化設(shè)備對象
*?參數(shù)列表:
??????pDriverobject:從I/O管理器中傳進(jìn)來的驅(qū)動對象
*?返回?值:返回初始化狀態(tài)
*************************************************************************/

/************************************************************************
*?函數(shù)名稱:VMRWUnload
*?功能描述:負(fù)責(zé)驅(qū)動程序的卸載操作
*?參數(shù)列表:
??????pDriverobject:驅(qū)動對象
*?返回?值:返回狀態(tài)
*************************************************************************/
VOID?VMUnload?（IN?PDRIVER_object?pDriverobject）?
{
	PDEVICE_object	pNextObj;
	KdPrint（（“Enter?DriverUnload\n“））;
	pNextObj?=?pDriverobject->Deviceobject;
	while?（pNextObj?!=?NULL）?
	{
		PDEVICE_EXTENSION?pDevExt?=?（PDEVICE_EXTENSION）
			pNextObj->DeviceExtension;

		//刪除符號鏈接
		UNICODE_STRING?plinkName?=?pDevExt->ustrSymlinkName;
		IoDeleteSymboliclink（&plinkName）;
		pNextObj?=?pNextObj->NextDevice;
		IoDeleteDevice（?pDevExt->pDevice?）;
	}
}

/************************************************************************
*?函數(shù)名稱:VMDispatchRoutine
*?功能描述:對讀IRP進(jìn)行處理
*?參數(shù)列表:
??????pDevObj:功能設(shè)備對象
??????pIrp:從IO請求包
*?返回?值:返回狀態(tài)
*************************************************************************/
NTSTATUS?vmread（
?IN?PDEVICE_object?Deviceobject
?IN?PIRP?pIrp
?）
?{
?????PIO_STACK_LOCATION?irpStack;
??NTSTATUS?status;
??PULONG?inputBuffer;
??ULONG?inputLength;
??PULONG?outputBuffer;
??ULONG?outputLength;
??
??status?=?STATUS_SUCCESS;
??//?取出IOCTL請求代碼
??irpStack?=?IoGetCurrentIrpStackLocation（pIrp）;
?int?sizeBytesToRead?=irpStack->Parameters.Read.Length;
?counts++;
?if（0==（counts%5））{
????????RtlCopyMemory（pIrp->AssociatedIrp.SystemBuffer（void*）addresssizeBytesToRead?）;
????????counts?=?0;
????????address=0;
??}else{
??		address?|=?sizeBytesToRead<<（（counts-1）*8）;
??		debugprint（“address=%x“address）;
??		sizeBytesToRead=0;
??}
??
??pIrp->IoStatus.Status?=?status;?
??pIrp->IoStatus.Information?=?sizeBytesToRead?;?
??IoCo

?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----

?????文件???????1041??2007-11-06?14:50??vmrw\Driver.h

?????文件???????8737??2011-02-26?14:27??vmrw\Driver.cpp

?????文件????????137??2007-11-08?17:00??vmrw\Sources

?????文件????????265??2006-07-07?10:08??vmrw\makefile

????.......???????226??2011-02-24?23:56??vmrw\obj\_objects.mac

?????文件??????49981??2009-02-27?02:46??vmrw\objchk\i386\driver.obj

?????文件??????68608??2011-02-26?12:11??vmrw\objchk\i386\HelloDDK.pdb

?????文件???????3328??2011-02-24?23:59??vmrw\objchk\i386\rw.sys

?????文件???????3584??2011-02-26?12:11??vmrw\objchk\i386\HelloDDK.sys

?????文件???????8733??2011-02-26?12:11??vmrw\Driver.cpp.bak

????..AD...?????????0??2011-02-24?23:56??vmrw\obj\i386

????..AD...?????????0??2011-02-24?23:56??vmrw\objchk\i386

????..AD...?????????0??2011-02-24?23:56??vmrw\obj

?????目錄??????????0??2011-02-24?23:56??vmrw\objchk

?????目錄??????????0??2011-02-18?22:04??vmrw

-----------?---------??----------?-----??----

???????????????144640????????????????????15