根據MSDN的介紹,自己對一些基本結構做一些翻譯,幫助自己理解。
驅動物件 DRIVER_OBJECT
typedef struct _DRIVER_OBJECT { CSHORT Type; CSHORT Size; PDEVICE_OBJECT DeviceObject; ULONG Flags; PVOID DriverStart; ULONG DriverSize; PVOID DriverSection; PDRIVER_EXTENSION DriverExtension; UNICODE_STRING DriverName; PUNICODE_STRING HardwareDatabase; PFAST_IO_DISPATCH FastIoDispatch; PDRIVER_INITIALIZE DriverInit; PDRIVER_STARTIO DriverStartIo; PDRIVER_UNLOAD DriverUnload; PDRIVER_DISPATCH MajorFunction[IRP_MJ_MAXIMUM_FUNCTION + 1]; } DRIVER_OBJECT, *PDRIVER_OBJECT;
DeviceObject
指向驅動建立的裝置物件的指標。當驅動成功呼叫IoCreateDevice時,這個成員會自動更新。驅動可以用這個成員和 DEVICE_OBJECT 的 NextDevice 成員去遍歷驅動建立的所有裝置物件(A driver can use this member and the NextDevice member of DEVICE_OBJECT to step through a list of all the device objects that the driver created.)
DriverExtension
指向驅動擴充套件的指標。驅動擴充套件的唯一可訪問成員是 DriverExtension->AddDevice,驅動的 DriverEntry 例程儲存了驅動的 AddDevice例程。(The only accessible member of the driver extension is DriverExtension->AddDevice, into which a driver's DriverEntry routine stores the driver's AddDevice routine.)
HardwareDatabase
指向路徑 \Registry\Machine\Hardware ,在這個登錄檔路徑儲存著硬體的配置資訊。(Pointer to the \Registry\Machine\Hardware path to the hardware configuration information in the registry.)
FastIoDispatch
指向一個定義驅動的 fast I/O 入口的指標的指標。這個成員僅僅在FSDs個網路傳輸驅動裡面使用。
DriverInit
由 I/O 管理器設定的 DriverEntry 例程的入口點。
DriverStartIo
驅動的 StartIo 例程的入口點。如果有的話,當驅動初始化的時候,DriverEntry將會設定這個值;如果驅動沒有 StartIo例程,這個成員就是 NULL。
DriverUnload
驅動的解除安裝例程的入口點。如果有的話,DriverEntry將在驅動初始化的時候設定這個值;如果驅動沒有解除安裝例程,這個成員就是 NULL。
MajorFunction[IRP_MJ_MAXIMUM_FUNCTION + 1]
由驅動的 DispatchXxx 例程的入口點組成的 Dispatch 表。陣列的索引值IRP_MJ_XXX 對應著 IRP 主要函式編碼。每個驅動都必須給驅動處理的 IRP_MJ_XXX 請求透過這個陣列設定入口點。更多資訊可以檢視 Writing Dispatch Routines。
裝置物件 DEVICE_OBJECT
typedef struct _DEVICE_OBJECT { CSHORT Type; USHORT Size; LONG ReferenceCount; struct _DRIVER_OBJECT *DriverObject; struct _DEVICE_OBJECT *NextDevice; struct _DEVICE_OBJECT *AttachedDevice; struct _IRP *CurrentIrp; PIO_TIMER Timer; ULONG Flags; ULONG Characteristics; __volatile PVPB Vpb; PVOID DeviceExtension; DEVICE_TYPE DeviceType; CCHAR StackSize; union { LIST_ENTRY ListEntry; WAIT_CONTEXT_BLOCK Wcb; } Queue; ULONG AlignmentRequirement; KDEVICE_QUEUE DeviceQueue; KDPC Dpc; ULONG ActiveThreadCount; PSECURITY_DESCRIPTOR SecurityDescriptor; KEVENT DeviceLock; USHORT SectorSize; USHORT Spare1; struct _DEVOBJ_EXTENSION *DeviceObjectExtension; PVOID Reserved; } DEVICE_OBJECT, *PDEVICE_OBJECT;
檔案物件 DEVICE_OBJECT
typedef struct _FILE_OBJECT { CSHORT Type; CSHORT Size; PDEVICE_OBJECT DeviceObject; PVPB Vpb; PVOID FsContext; PVOID FsContext2; PSECTION_OBJECT_POINTERS SectionObjectPointer; PVOID PrivateCacheMap; NTSTATUS FinalStatus; struct _FILE_OBJECT *RelatedFileObject; BOOLEAN LockOperation; BOOLEAN DeletePending; BOOLEAN ReadAccess; BOOLEAN WriteAccess; BOOLEAN DeleteAccess; BOOLEAN SharedRead; BOOLEAN SharedWrite; BOOLEAN SharedDelete; ULONG Flags; UNICODE_STRING FileName; LARGE_INTEGER CurrentByteOffset; __volatile ULONG Waiters; __volatile ULONG Busy; PVOID LastLock; KEVENT Lock; KEVENT Event; __volatile PIO_COMPLETION_CONTEXT CompletionContext; KSPIN_LOCK IrpListLock; LIST_ENTRY IrpList; __volatile PVOID FileObjectExtension; } FILE_OBJECT, *PFILE_OBJECT;