Windows Driver Development (i)

The author learns that driver programming is a primer from two books. They are "cold river alone fishing-kernel security programming" and "Windows Driver Development technology detailed." The two books introduce the method of making the driver from different angles.

In my understanding, the driver can be divided into two types of three kinds:

Type one: Traditional drive

The traditional driver is characterized by the need to handle all the IRP itself, and implement the distribution function for different IRP. It can be divided into the following two kinds:

1. NT Type driver: This driver is loaded by registering the system service and does not support Plug and play (that is, the IRP is not processed IRP_MJ_PNP).

2. WDM driver: This driver does not load by registering the system service, it needs to ouch itself to write the INF file. At the same time, it is the most characteristic compared with NT type driver to support Plug and Play function.

Type II: micro-Filtration Drive

Micro-filtering drive is a driving framework that Microsoft has launched. It encapsulates operations such as creating device objects within the driver, so that users do not have to bother with this part of the work. Users only need to deal with different IRP to their response of the pre-and post-operation and the user-state and the kernel-state communication can be understood as a micro-filter driver for the IRP processing similar to the user-configured API hooks.

It's best to use a micro-filter driver for newcomers who just started writing drivers. Because it encapsulates a lot of internal logic, we just need to implement the appropriate processing logic. Since the author first began to look at the "Windows Driver Development technology detailed", so from the first chapter of "from the two simplest drive talk" began to touch the traditional driver of two forms, so as to get started.

Before you begin to introduce the traditional driver, add a description of how the driver is compiled.

There are many ways to compile a drive.

Microsoft officially recommends using the WDK-provided build environments to compile drivers for the appropriate system, which requires the user to create the source file for compilation, which is difficult for unfamiliar people

Vs+ddkwizard. The Ddkwizard plugin adds a DDK project to VS, which can generate basic WDM driver templates, which is relatively handy, but requires some configuration.

Use vs compilation directly. This is the most convenient for people who are accustomed to the development of the user, and this is the way I use it now. It's a bit more configurable, but I'm sure it's not an obstacle. Here's a look at how to configure VS (Take VS2005 as an example)

VS2005 Configuring the Drive compilation Environment method:

1. Install the WDK and configure the system environment variables: wdkroot-d:\winddk\7600.16385.1

2. Start VS2005, in the menu bar "Tools"-"Options" select "Projects and Solutions"-"VC + + directory" and then add the required directories, the specific configuration such as:

Note: $ (wdkroot) \inc\api must be placed first, otherwise it will cause compilation to fail

3. The specific project properties are set as follows:

Note: When you create a project, select the Win32 project

According to the configuration of the tablets can be directly compiled driver, this configuration is XP system, the other system links to different libraries on it.

Note: If you encounter the following error during compilation:

Error LNK2019: unresolved external symbol @[email protected]

Please set the "Buffer security check" for "Project Properties"-"C + +"-code generation to "no"