驅動層:
PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrp);
//得到輸入緩衝區大小
ULONG cbin = stack->Parameters.DeviceIoControl.InputBufferLength;
//得到輸出緩衝區大小
ULONG cbout = stack->Parameters.DeviceIoControl.OutputBufferLength;
//得到IOCTL碼
ULONG code = stack->Parameters.DeviceIoControl.IoControlCode;
CTL_CODE(DeviceType, Function, Method, Access) //ntddk.h
Method:
METHOD_BUFFERED //buffer mode
METHOD_IN_DIRECT or METHOD_OUT_DIRECT //直接映射地址
METHOD_NEITHER
如果為 METHOD_IN_DIRECT or METHOD_OUT_DIRECT,輸入和BUFFER模式一樣,但是輸出就不再是輸入那個地址,而是
採用MmGetSystemAddressForMdlSafe IN PMDL Mdl,
/*irp->MdlAddress*/ IN MM_PAGE_PRIORITY Priority NormalPagePriority);映射
如果為 METHOD_NEITHER:
輸入地址int * InputBuffer=(int*)stack->Parameters.DeviceIoControl.Type3InputBuffer;
輸出的地址:irq->UserBuffer
操作前必須判斷:ProbeForRead and ProbeForWrite這兩個函數判斷是否可讀寫
最後
//對相應的IPR進行處理
pIrp->IoStatus.Information=info; //設定返回操作的位元組數為0,這裡無實際意義
pIrp->IoStatus.Status=STATUS_SUCCESS;//返回成功
IoCompleteRequest(pIrp,IO_NO_INCREMENT);//指示完成此IRP
使用者層
1:CreateFile
2:BOOL WINAPI DeviceIoControl(
__in HANDLE hDevice,
__in DWORD dwIoControlCode,
__in LPVOID lpInBuffer,
__in DWORD nInBufferSize,
__out LPVOID lpOutBuffer,
__in DWORD nOutBufferSize,
__out LPDWORD lpBytesReturned,
__in LPOVERLAPPED lpOverlapped
);
http://www.hztraining.com/bbs/showtopic-484.aspx