NTSTATUS IrpCreate(IN PUNICODE_STRING Name,IN ACCESS_MASK DesiredAccess,IN ULONG FileAttributes,IN ULONG ShareAccess,IN ULONG CreateDisposition,IN ULONG CreateOptions,IN PDEVICE_OBJECT DeviceObject,IN PDEVICE_OBJECT RealDevice,IN PFILE_OBJECT RelatedFileObject,OUT PHANDLE ReturnHandle,PVOID* ReturnObject) Yf!*OGF
{ (rP7Gf;m]
NTSTATUS Status; gm}c oS
KEVENT Event; NQzH8D&?
PIRP pIrp; B2U 39UW'
PFILE_OBJECT FileObject; "vQ )P+
IO_STATUS_BLOCK IoStatusBlock; z f9T1~mE9
PIO_STACK_LOCATION IOStack; VIZ N[!
IO_SECURITY_CONTEXT IoSecurityContext; 8Rujs]Zd
ACCESS_STATE AccessState; [H@lJI
AUX_DATA AuxData; g/7 h=w
PGENERIC_MAPPING pGenericMapping; /*}]i<K
OBJECT_ATTRIBUTES ObjectAttributs; I7|ij=
K?i/0t
KeInitializeEvent(&Event,SynchronizationEvent,FALSE); wWd=!XhS
pIrp = IoAllocateIrp(DeviceObject->StackSize,FALSE); PBgL[7,"
if(pIrp==NULL)return STATUS_INSUFFICIENT_RESOURCES; T;"jjUL(r
InitializeObjectAttributes(&ObjectAttributs,NULL,OBJ_CASE_INSENSITIVE,0,NULL); EEW+5#M+J
Status = ObCreateObject(KernelMode,*IoFileObjectType,&ObjectAttributs,KernelMode,NULL,sizeof(FILE_OBJECT),0,0,(PVOID*)&FileObject); t-,%N3
if(!NT_SUCCESS(Status)) 7c,=C@OE
{ - Uc! j0
IoFreeIrp(pIrp); d3 /qZ9cK
return Status; GWqz,%n
} FUc4bD
memset(FileObject,0,sizeof(FILE_OBJECT)); r|P{z/e
FileObject->Type=5; cK E?9}m|{
FileObject->Size=sizeof(FILE_OBJECT); $*o~]C):O
FileObject->Flags=FO_SYNCHRONOUS_IO; E:Gn]Gkci
FileObject->DeviceObject = RealDevice; x?3UNN,
FileObject->RelatedFileObject = RelatedFileObject; ^BOvF#6
KeInitializeEvent(&FileObject->Lock,SynchronizationEvent,FALSE); kS~#Pg; /
KeInitializeEvent(&FileObject->Event,SynchronizationEvent,FALSE); ULf68(Od
FileObject->FileName.Buffer = (PWSTR)ExAllocatePool(NonPagedPool,Name->MaximumLength); N]*?K%9K
RtlCopyUnicodeString(&FileObject->FileName,Name); ?v ;F
pIrp->UserEvent=&Event; (K!ux+
pIrp->UserIosb=&IoStatusBlock; "U.oqQ?(g
pIrp->Tail.Overlay.Thread = (PETHREAD)KeGetCurrentThread(); 93'_x#hxp
pIrp->Tail.Overlay.OriginalFileObject=FileObject; ,g saJ
pIrp->RequestorMode=KernelMode; TS|y& tq
pIrp->Flags=IRP_CREATE_OPERATION|IRP_SYNCHRONOUS_API; / [Ved
pIrp->PendingReturned=FALSE; (_4Kwwz'
pIrp->Cancel=FALSE; GA~kdt]1
pIrp->MdlAddress=NULL; WL6wOf}(
pIrp->CancelRoutine=NULL; 0U)tJc
pIrp->Tail.Overlay.AuxiliaryBuffer=NULL; }!a>BVK7
IOStack = IoGetNextIrpStackLocation(pIrp); Sh UzTd`L
IOStack->MajorFunction=IRP_MJ_CREATE; Y'oEd0>*{$
IOStack->DeviceObject=DeviceObject; /jBgHE?Q>
IOStack->FileObject=FileObject; n" EdFvOp
pGenericMapping = IoGetFileObjectGenericMapping(); 8Tm&pL'
SeCreateAccessState(&AccessState,&AuxData,DesiredAccess,pGenericMapping); KJCj q`
IoSecurityContext.AccessState = &AccessState; 4tVaX75DUe
IoSecurityContext.DesiredAccess = DesiredAccess; d>t>/f}
IoSecurityContext.SecurityQos=NULL; DU/+:
IoSecurityContext.FullCreateOptions=0; df/diYx"
IOStack->Parameters.Create.SecurityContext=&IoSecurityContext; 4S ,x
IOStack->Parameters.Create.Options=(CreateDisposition<<0x18)|CreateOptions; %8h&}8
IOStack->Parameters.Create.FileAttributes = (USHORT)FileAttributes; 8?6FI+rt.
IOStack->Parameters.Create.ShareAccess = (USHORT)ShareAccess; /)[fp? IFA
IOStack->Parameters.Create.EaLength=0; yLX"m{+b
IOStack->Context=NULL; E)! xq2~
IOStack->Control=SL_INVOKE_ON_CANCEL|SL_INVOKE_ON_SUCCESS|SL_INVOKE_ON_ERROR; T"$TPa
IOStack->CompletionRoutine = IoCompletionRoutine; s%r+@LQ
Status = IoCallDriver(DeviceObject,pIrp); 7Hw+5G
if(Status == STATUS_PENDING) Gz#DTqwB
KeWaitForSingleObject(&Event,Executive,KernelMode,FALSE,NULL); yN-B[%
Status=IoStatusBlock.Status; z87& %Nr
if(NT_SUCCESS(Status)) `dx5{3i
{ gTBG}C
MyReferenceObject(FileObject); 0Ikb 1L
} J^0QdZe_
return Status; G Ly*"
} 3-k7O &F1
w"drK
void MyReferenceObject(PFILE_OBJECT FileObject) w1y%3oqy
{ c_~cRm fV
InterlockedIncrement(&FileObject->DeviceObject->ReferenceCount); ^tA,k/lq
if(FileObject->Vpb) {[Sdk)6)
InterlockedIncrement((volatile LONG*)&FileObject->Vpb->ReferenceCount); `_ Gi5p}
}
构造 Create IRP
最新推荐文章于 2020-12-28 15:59:29 发布