我使用以下代码创建KMDF驱动程序
NTSTATUS WatchdogEvtDeviceAdd(IN WDFDRIVER Driver, IN OUT PWDFDEVICE_INIT DeviceInit)
{
UNREFERENCED_PARAMETER(Driver);
DbgPrint("Device Watchdog: WatchdogEvtDeviceAdd\n");
DECLARE_CONST_UNICODE_STRING(NTDeviceName, L"\\Device\\DeviceWatchdog");
DECLARE_CONST_UNICODE_STRING(DosDeviceName, L"\\DosDevices\\DeviceWatchdog");
WDF_OBJECT_ATTRIBUTES ObjectAttributes;
WDF_OBJECT_ATTRIBUTES_INIT(&ObjectAttributes);
WDF_OBJECT_ATTRIBUTES_SET_CONTEXT_TYPE(&ObjectAttributes, WATCHDOG_DEVICE_CONTEXT);
WdfFdoInitSetFilter(DeviceInit);
NTSTATUS Status = WdfDeviceInitAssignName(DeviceInit, &NTDeviceName);
if (!NT_SUCCESS(Status)) {
DbgPrint("Device Watchdog: WdfDeviceInitialize failed - 0x%08x\n", Status);
return Status;
}
WDFDEVICE Device = NULL;
Status = WdfDeviceCreate(&DeviceInit, &ObjectAttributes, &Device);
if (!NT_SUCCESS(Status)) {
DbgPrint("Device Watchdog: WdfDeviceCreate failed - 0x%08x\n", Status);
return Status;
}
PWATCHDOG_DEVICE_CONTEXT DeviceContext = GetContextFromWatchdogDevice(Device);
DeviceContext->TargetToSendRequestsTo = WdfDeviceGetIoTarget(Device);
Status = WdfDeviceCreateSymbolicLink(Device, &DosDeviceName);
if (!NT_SUCCESS(Status)) {
DbgPrint("Device Watchdog: WdfDeviceCreateSymbolicLink failed - 0x%08x\n", Status);
return Status;
}
WDF_IO_QUEUE_CONFIG IoCallbacks;
WDF_IO_QUEUE_CONFIG_INIT_DEFAULT_QUEUE(&IoCallbacks, WdfIoQueueDispatchParallel);
IoCallbacks.EvtIoRead = WatchdogEvtIoRead;
IoCallbacks.EvtIoWrite = WatchdogEvtIoWrite;
IoCallbacks.EvtIoDeviceControl = WatchdogEvtIoDeviceControl;
Status = WdfIoQueueCreate(Device, &IoCallbacks, WDF_NO_OBJECT_ATTRIBUTES, WDF_NO_HANDLE);
if (!NT_SUCCESS(Status)) {
DbgPrint("Device Watchdog: WdfIoQueueCreate failed - 0x%08x\n", Status);
return Status;
}
WdfControlFinishInitializing(Device);
return STATUS_SUCCESS;
}
此代码有效,我可以看到我的过滤器附加到我设置为上层过滤器的正确设备上。我还可以看到我的驱动程序在\ GLOBAL ?? \ DeviceWatchdog下的WinObj中注册,并带有符号链接到\ Device \ DeviceWatchdog。但是,当我尝试在用户模式应用程序上使用::CreateFile(L"\\\\.\\DeviceWatchdog", GENERIC_READ | GENERIC_WRITE, 0, nullptr, OPEN_EXISTING, 0, nullptr)
时,句柄无效,我收到错误代码2.