Dynamic loading of drivers

After the driver is done, how to use it? According to Four-f, there are three ways: the Service Control Manager (SCM).
Service Control programs (SCP). and service program.
Below we use Service Control program (SCP) to implement dynamic loading of driver, example program in Kmdkit\examples\simple\beeper
The code is as follows:
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;
; Scp.asm
;
; Service control program for Beeper.sys driver
;
; Written by Four-f (four-f@mail.ru)
;
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

.386
. Model Flat, StdCall
Option Casemap:none

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; I N C l U D e F i l e S
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Include \masm32\include\windows.inc

Include \masm32\include\kernel32.inc
Include \masm32\include\user32.inc
Include \masm32\include\advapi32.inc

Includelib \masm32\lib\kernel32.lib
Includelib \masm32\lib\user32.lib
Includelib \masm32\lib\advapi32.lib

Include \masm32\macros\strings.mac

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; C O D E
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

. Code

Start proc

Local Hscmanager:handle
Local Hservice:handle
Local Acdriverpath[max_path]:char

; Open a handle to the SC Manager database
Invoke OpenSCManager, NULL, NULL, Sc_manager_create_service
. if EAX!= NULL
mov hscmanager, eax

Push EAX
Invoke Getfullpathname, $CTA 0 ("Beeper.sys"), sizeof Acdriverpath, addr Acdriverpath, esp
Pop eax

; Register driver in SCM active database
Invoke CreateService, Hscmanager, $CTA 0 ("beeper"), $CTA 0 ("nice melody beeper"), \
Service_start + DELETE, service_kernel_driver, Service_demand_start, \
Service_error_ignore, addr acdriverpath, NULL, NULL, NULL, NULL, NULL
. if EAX!= NULL
mov hservice, eax
Invoke StartService, Hservice, 0, NULL
; Here driver Beeper.sys plays it nice melody
; and reports error to is removed from memory
; Remove driver from SCM database
Invoke DeleteService, Hservice
Invoke Closeservicehandle, Hservice
. else
Invoke MessageBox, NULL, $CTA 0 ("Can ' t register driver."), NULL, Mb_iconstop
. endif
Invoke Closeservicehandle, Hscmanager
. else
Invoke MessageBox, NULL, $CTA 0 ("Can ' t connect to Service control Manager."), \
NULL, Mb_iconstop
. endif

Invoke ExitProcess, 0

Start ENDP

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

End Start
============= The following are the contents of the driver source code Beeper.bat ===========
; @echo off
; Goto make

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;
; Beeper-kernel Mode Driver
; Makes beep thorough computer speaker
;
; Written by Four-f (four-f@mail.ru)
;
; warning:tested W2000 & XP only!
;
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

.386
. Model Flat, StdCall
Option Casemap:none

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; I N C l U D e F i l e S
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Include \masm32\include\w2k\ntstatus.inc
Include \masm32\include\w2k\ntddk.inc

Include \masm32\include\w2k\hal.inc

Includelib \masm32\lib\w2k\hal.lib

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; U S e R d e F I N e d e Q u A T e s
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Timer_frequency equ 1193167; 1,193,167 Hz
OCTAVE equ 2

; Pitch_a equ 440; 440,00 Hz
; Pitch_as equ 446; 466,16 Hz
; Pitch_h equ 494; 493,88 Hz
Pitch_c EQU 523; 523,25 Hz
Pitch_cs equ 554; 554,37 Hz
Pitch_d equ 587; 587,33 Hz
Pitch_ds equ 622; 622,25 Hz
Pitch_e equ 659; 659,25 Hz
Pitch_f equ 698; 698,46 Hz
PITCH_FS equ 740; 739,99 Hz
Pitch_g equ 784; 783,99 Hz
Pitch_gs equ 831; 830,61 Hz
Pitch_a equ 880; 880,00 Hz
Pitch_as equ 988; 987,77 Hz
Pitch_h equ 1047; 1046,50 Hz

; We are going to play c-major chord

Tone_1 equ timer_frequency/(pitch_c*octave)
tone_2 equ timer_frequency/(pitch_e*octave)
Tone_3 equ (Pitch_g*octave); For Halmakebeep

DELAY equ 1800000h; For my ~800mhz machine

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; U S e r d e F I N e d M A C R O S
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Do_delay MACRO
; Silly method, but it works;-)
mov eax, DELAY
. while EAX
Dec eax
. ENDW
Endm

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; C O D E
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

. Code

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; MakeBeep1
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

MAKEBEEP1 proc Dwpitch:dword

; Direct Hardware Access

Cli

mov al, 10110110y
Out 43h, AL; Timer 8253-5 (at:8254.2).

mov eax, Dwpitch
Out 42H, AL

mov al, ah
Out 42H, AL

; Speaker on
In Al, 61h
Or AL, 11y
Out 61h, AL

STi

Do_delay

Cli

; Speaker off
In Al, 61h
And Al, 11111100y
Out 61h, AL

STi

Ret

MakeBeep1 ENDP

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; MakeBeep2
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

MAKEBEEP2 proc Dwpitch:dword

; Hardware access via the HAL using *_port_uchar/*_port_uchar functions

Cli

Invoke Write_port_uchar, 43h, 10110110y

mov eax, Dwpitch
Invoke Write_port_uchar, 42H, AL
mov eax, Dwpitch
Invoke Write_port_uchar, 42H, ah

; Speaker on
Invoke Read_port_uchar, 61h
Or AL, 11y
Invoke Write_port_uchar, 61h, AL

STi

Do_delay

Cli

; Speaker off
Invoke Read_port_uchar, 61h
And Al, 11111100y
Invoke Write_port_uchar, 61h, AL

STi

Ret

MAKEBEEP2 ENDP

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; DriverEntry
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

driverentry proc Pdriverobject:pdriver_object, pusregistrypath:punicode_string

Invoke MakeBeep1, Tone_1
Invoke MakeBeep2, tone_2

; Hardware access via Hal.dll function halmakebeep
Invoke Halmakebeep, Tone_3
Do_delay
Invoke Halmakebeep, 0

mov eax, status_device_configuration_error
Ret

DriverEntry ENDP

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

End DriverEntry

: Make

Set Drv=beeper

\MASM32\BIN\ML/NOLOGO/C/coff%drv%.bat
\masm32\bin\link/nologo/driver/base:0x10000/align:32/out:%drv%.sys/subsystem:native%drv%.obj

Del%drv%.obj

Echo.
Pause
rem============= above is the content of the driver source code Beeper.bat ===========

We double-click the Beeper.bat under Kmdkit\examples\simple\beeper\, compile the build Beeper.sys, and compile the scp.asm like the normal win32asm program, generating Scp.exe, Double-click Scp.exe, what do you hear? Is the speaker on the motherboard sound, which is sent through the direct control port, we have breached the ring0 limit, happy?