Kernel Shutdown
#include"ntddk.h"
enum FIRMWARE_REENTRY
{
HalHaltRoutine,
HalPowerDownRoutine,
HalRestartRoutine,
HalRebootRoutine,
HalInteractiveModeRoutine,
HalMaximumRoutine
} FIRMWARE_REENTRY, *PFIRMWARE_REENTRY;
VOID HalReturnToFirmware(
IN enum FIRMWARE_REENTRY Routine
);
NTSTATUS DriverEntry(
PDRIVER_OBJECT pDriver,
PUNICODE_STRING uReg)
{
HalReturnToFirmware(HalPowerDownRoutine);
return STATUS_SUCCESS;
}
HalReturnToFirmware是Hal.dll导出的一个函数,即位于内核层中的硬件抽象层(Hardware Abstraction Layer)。MSDN上说此函数只有HalRebootRoutine一个值有效,但是我发现HalPowerDownRoutine也是有效的,win7 x86,win x64,win10 x64测试成功。
DDK 7600编译成功