驱动层:
PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrp);
//得到输入缓冲区大小 ULONG cbin = stack->Parameters.DeviceIoControl.InputBufferLength;
//得到输出缓冲区大小 ULONG cbout = stack->Parameters.DeviceIoControl.OutputBufferLength;//得到IOCTL码 ULONG code = stack->Parameters.DeviceIoControl.IoControlCode;
CTL_CODE(DeviceType, Function, Method, Access) //ntddk.hMethod:
METHOD_BUFFERED //buffer mode
METHOD_IN_DIRECT or METHOD_OUT_DIRECT //直接映射地址
METHOD_NEITHER
如果为 METHOD_IN_DIRECT or METHOD_OUT_DIRECT,输入和BUFFER模式一样,但是输出就不再是输入那个地址,而是
采用MmGetSystemAddressForMdlSafe IN PMDL Mdl,
/*irp->MdlAddress*/ IN MM_PAGE_PRIORITY Priority NormalPagePriority);映射
如果为 METHOD_NEITHER:
输入地址int * InputBuffer=(int*)stack->Parameters.DeviceIoControl.Type3InputBuffer;
输出的地址:irq->UserBuffer
操作前必须判断:ProbeForRead and ProbeForWrite这两个函数判断是否可读写
最后
//对相应的IPR进行处理 pIrp->IoStatus.Information=info; //设置返回操作的字节数为0,这里无实际意义 pIrp->IoStatus.Status=STATUS_SUCCESS;//返回成功 IoCompleteRequest(pIrp,IO_NO_INCREMENT);//指示完成此IRP
用户层
1:CreateFile
2:BOOL WINAPI DeviceIoControl( __in HANDLE hDevice, __in DWORD dwIoControlCode, __in LPVOID lpInBuffer, __in DWORD nInBufferSize, __out LPVOID lpOutBuffer, __in DWORD nOutBufferSize, __out LPDWORD lpBytesReturned, __in LPOVERLAPPED lpOverlapped);
http://www.hztraining.com/bbs/showtopic-484.aspx
