Windows驱动程序,从内核创建/挂载一个磁盘设备
我一直被问题困扰了3个星期,并且真的想要 转移到填充文件系统代码的“真正的移植”工作。我是 试图模拟动态安装请求,从用户发布到 内核驱动程序。所以它是关于内核端代码的。Windows驱动程序,从内核创建/挂载一个磁盘设备
我一直在阅读Dokan的源码,win-btrfs 和其他一些其他类似的东西。即,创建一个新的假 磁盘设备,并以某种方式得到它具有被分配 一个驱动器号“音量”以及文件系统请求进入浇筑......
我愿意相信(哈),其我很接近...我尽可能简化了 源,以帮助阅读,并且类似地 清理了日志,用变量名替换了十六进制地址。
我生成基于名称的uuid,并且我在调用之前将 评论中使用的名称。由程序生成
handle_mount_request_and_create_volume()
{
deviceCharacteristics = FILE_DEVICE_IS_MOUNTED;
deviceCharacteristics |= FILE_REMOVABLE_MEDIA;
// First create the disk device object,
// WIN_DriverObject is the DriverEntry object
status = IoCreateDeviceSecure(WIN_DriverObject,
sizeof(myfs_mount_object_t),
// '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
&diskDeviceName,
FILE_DEVICE_DISK,
deviceCharacteristics,
FALSE,
&SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RW_RES_R,
NULL,
&diskDeviceObject);
myfs_mount_object_t *zmo_dcb = diskDeviceObject->DeviceExtension;
// '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
AsciiStringToUnicodeString(buf, &zmo_dcb->device_name);
// '\DosDevices\Global\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
AsciiStringToUnicodeString(buf, &zmo_dcb->symlink_name);
// '\Device\Myfs{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
AsciiStringToUnicodeString(buf, &zmo_dcb->fs_name);
diskDeviceObject->Flags |= DO_DIRECT_IO;
// Now create the filesystem device object
status = IoCreateDeviceSecure(
WIN_DriverObject,
sizeof(myfs_mount_object_t),
// '\Device\Myfs{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
&fsDeviceName,
FILE_DEVICE_DISK_FILE_SYSTEM,
deviceCharacteristics,
FALSE,
&SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RW_RES_R,
NULL,
&fsDeviceObject);
myfs_mount_object_t *zmo_vcb = fsDeviceObject->DeviceExtension;
dprintf("WinDeviceObject : %p\n", WIN_DriverObject);
dprintf("diskDeviceObject: %p\n", diskDeviceObject);
dprintf("fsDeviceObject : %p\n", fsDeviceObject);
// '\Device\Myfs{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
AsciiStringToUnicodeString(buf, &zmo_vcb->device_name);
// '\DosDevices\Global\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
AsciiStringToUnicodeString(buf, &zmo_vcb->symlink_name);
fsDeviceObject->Flags |= DO_DIRECT_IO;
diskDeviceObject->Vpb->DeviceObject = fsDeviceObject;
diskDeviceObject->Vpb->RealDevice = fsDeviceObject;
diskDeviceObject->Vpb->Flags |= VPB_MOUNTED;
diskDeviceObject->Vpb->VolumeLabelLength = wcslen(VOLUME_LABEL) * sizeof(WCHAR);
RtlStringCchCopyW(diskDeviceObject->Vpb->VolumeLabel,
sizeof(diskDeviceObject->Vpb->VolumeLabel)/sizeof(WCHAR),
VOLUME_LABEL);
diskDeviceObject->Vpb->SerialNumber = 0x19831116;
ObReferenceObject(fsDeviceObject);
ObReferenceObject(diskDeviceObject);
// Create symlink for userland
// '\DosDevices\Global\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
// '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
status = IoCreateSymbolicLink(&symbolicLinkTarget, &diskDeviceName);
// Mark devices as initialized
diskDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
fsDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
// Send IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION on the
// diskDeviceObject to MountMgr
// '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
SendVolumeArrivalNotification(&diskDeviceName);
// register objects
status = IoReportDetectedDevice(
WIN_DriverObject,
InterfaceTypeUndefined,
0, 0, NULL, NULL, FALSE,
&pnpDeviceObject);
IoAttachDeviceToDeviceStack(pnpDeviceObject, diskDeviceObject);
IoRegisterDeviceInterface(
pnpDeviceObject,
&GUID_DEVINTERFACE_DISK,
NULL,
// out "\??\ROOT#MYFS#0000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
&diskDeviceName);
IoSetDeviceInterfaceState(&diskDeviceName, TRUE);
IoRegisterDeviceInterface(
pnpDeviceObject,
&MOUNTDEV_MOUNTED_DEVICE_GUID,
NULL,
// out "\??\ROOT#MYFS#0000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
&fsDeviceName);
status = IoSetDeviceInterfaceState(&Dcb->fs_name, TRUE);
// Lets call IOCTL_MOUNTMGR_NEXT_DRIVE_LETTER
status = mountmgr_add_drive_letter(mountmgrDeviceObject, &fsDeviceName);
dprintf("DriveLetterWasAssigned = %u, CurrentDriveLetter = %c\n", mmdli.DriveLetterWasAssigned, mmdli.CurrentDriveLetter);
// Lets call IOCTL_MOUNTMGR_QUERY_POINTS
status = mountmgr_get_drive_letter(mountmgrDeviceObject, &diskDeviceName);
dprintf(" point %d: '%.*S' '%.*S'\n", Index,
ipoint->DeviceNameLength/sizeof(WCHAR), DeviceName,
ipoint->SymbolicLinkNameLength/sizeof(WCHAR), SymbolicLinkName);
输出:
** Run code:
WinDeviceObject : FFFFAA81D83CC060
diskDeviceObject: FFFFAA81D260A080
fsDeviceObject : FFFFAA81D301EC40
=> SendVolumeArrivalNotification
# First requests come in, I don't really know what to do in CREATE/CLEANUP
# and CLOSE, so they mostly just return STATUS_SUCCESS
dispatcher: enter: major 0: minor 0: IRP_MJ_CREATE diskDeviceObject
IRP_MJ_CREATE: FileObject FFFFAA81D6AE8CC0 related 0000000000000000 name '(null)' flags 0x0
Setting FileObject->Vpb to FFFFAA81D559B590
dispatcher: exit: 0x0
dispatcher: enter: major 18: minor 0: IRP_MJ_CLEANUP diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 2: minor 0: IRP_MJ_CLOSE diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 0: minor 0: IRP_MJ_CREATE diskDeviceObject
IRP_MJ_CREATE: FileObject FFFFAA81D6AE8CC0 related 0000000000000000 name '(null)' flags 0x0
Setting FileObject->Vpb to FFFFAA81D559B590
dispatcher: exit: 0x0
dispatcher: enter: major 18: minor 0: IRP_MJ_CLEANUP deviceObject FFFFAA81D260A080
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
dispatcher: exit: STATUS_BUFFER_OVERFLOW
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
replying with '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_UNIQUE_ID
dispatcher: exit: STATUS_BUFFER_OVERFLOW
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_UNIQUE_ID
replying with '\DosDevices\Global\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_STABLE_GUID
dispatcher: exit: STATUS_NOT_IMPLEMENTED
# Doesn't sound like I want/need to use stable_guid, so skipping it
dispatcher: enter: major 2: minor 0: IRP_MJ_CLOSE diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 0: minor 0: IRP_MJ_CREATE diskDeviceObject
IRP_MJ_CREATE: FileObject FFFFAA81D6AE8CC0 related 0000000000000000 name '(null)' flags 0x0
Setting FileObject->Vpb to FFFFAA81D559B590
dispatcher: exit: 0x0
dispatcher: enter: major 18: minor 0: IRP_MJ_CLEANUP diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME
dispatcher: exit: STATUS_NOT_IMPLEMENTED
# Similarly here, should be ok to go without, right?
dispatcher: enter: major 2: minor 0: IRP_MJ_CLOSE diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 0: minor 0: IRP_MJ_CREATE diskDeviceObject
IRP_MJ_CREATE: FileObject FFFFAA81D6AE8CC0 related 0000000000000000 name '(null)' flags 0x0
Setting FileObject->Vpb to FFFFAA81D559B590
dispatcher: exit: 0x0
dispatcher: enter: major 18: minor 0: IRP_MJ_CLEANUP diskDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_VOLUME_ONLINE
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL diskDeviceObject
IOCTL_VOLUME_POST_ONLINE
dispatcher: exit: 0x0
dispatcher: enter: major 2: minor 0: IRP_MJ_CLOSE diskDeviceObject
dispatcher: exit: 0x0
<= SendVolumeArrivalNotification
IoReportDetectedDevice success
IoAttachDeviceToDeviceStack success
# Reply to GUID_DEVINTERFACE_DISK
IoRegisterDeviceInterface success: \??\ROOT#MYFS#0000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
IoSetDeviceInterfaceState success
# Reply to MOUNTDEV_MOUNTED_DEVICE_GUID
IoRegisterDeviceInterface success: \??\ROOT#MYFS#0000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
IoSetDeviceInterfaceState success
# IOCTL_MOUNTMGR_NEXT_DRIVE_LETTER work
mmdlt = \Device\Myfs{0b1bb601-af0b-32e8-a1d2-54c167af6277}
dispatcher: enter: major 0: minor 0: IRP_MJ_CREATE fsDeviceObject
IRP_MJ_CREATE: FileObject FFFFAA81D2958390 related 0000000000000000 name '(null)' flags 0x0
Setting FileObject->Vpb to FFFFAA81D559B590
dispatcher: exit: 0x0
dispatcher: enter: major 18: minor 0: IRP_MJ_CLEANUP fsDeviceObject
dispatcher: exit: 0x0
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL fsDeviceObject
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
dispatcher: exit: STATUS_BUFFER_OVERFLOW
dispatcher: enter: major 14: minor 0: IRP_MJ_DEVICE_CONTROL fsDeviceObject
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
replying with '\Device\Myfs{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
dispatcher: exit: 0x0
dispatcher: enter: major 2: minor 0: IRP_MJ_CLOSE fsDeviceObject
dispatcher: exit: 0x0
DriveLetterWasAssigned = 0, CurrentDriveLetter = D
# Oh, claims it has a drive letter?
IOCTL_MOUNTMGR_QUERY_POINTS return 0
point 0: '\Device\HarddiskVolume1' '\??\Volume{168821f0-0000-0000-0000-100000000000}'
point 1: '\Device\HarddiskVolume2' '\DosDevices\C:'
point 2: '\Device\HarddiskVolume2' '\??\Volume{168821f0-0000-0000-0000-501f00000000}'
point 3: '\Device\Floppy0' '\DosDevices\A:'
point 4: '\Device\Floppy0' '\??\Volume{ffc72bda-0526-11e7-ba78-806e6f6e6963}'
point 5: '' '\??\Volume{5d761629-339b-11e7-baa7-ab3bc3128e46}'
point 6: '' '\DosDevices\D:'
没有我的代码,我只会有0,1,2,3和4。因此,它似乎 我已创建5 6.我不知道5是什么,Volume GUID确实 与代码或输出中的任何内容不匹配。 6有“D:”像上面虽然...
“D:”出现是令人鼓舞的,但应该左侧 (DeviceName)真的是空的?那接下来我应该看看吗?
或者它是对IRP_MJ_CREATE的调用吗?我几乎没有任何回应,但回复 STATUS_SUCCESS。我没有将Vpb分配给FileObject,但没有任何区别。
什么是设备5?是我的问题,是一个生成的名称,因为我 不正确地回答某处?
或者我错过了一个基本的命令?
希望我的Windows开发者...
最后,它应该工作,那一定是我做的事。这几乎是它的结果。我在某处找到了这些线条;
if (Status != STATUS_SUCCESS)
Irp->IoStatus.Information = 0;
这意味着我吹掉了查询探测名称长度的“需要的大小”返回整数。只有在这里看到代码的人才能回答这个问题。现在,我能得到一个更好:
point 4: '\Device\Volume{0b1bb601-af0b-32e8-a1d2-54c167af6277}'
'\DosDevices\D:'
和一堆新的查询,包括IRP_MJ_DIRECTORY_CONTROL,所以我至少可以继续。对不起,噪音。