根据MSDN的介绍,自己对一些基本结构做一些翻译,帮助自己理解。
驱动对象 DRIVER_OBJECT
typedef struct _DRIVER_OBJECT { CSHORT Type; CSHORT Size; PDEVICE_OBJECT DeviceObject; ULONG Flags; PVOID DriverStart; ULONG DriverSize; PVOID DriverSection; PDRIVER_EXTENSION DriverExtension; UNICODE_STRING DriverName; PUNICODE_STRING HardwareDatabase; PFAST_IO_DISPATCH FastIoDispatch; PDRIVER_INITIALIZE DriverInit; PDRIVER_STARTIO DriverStartIo; PDRIVER_UNLOAD DriverUnload; PDRIVER_DISPATCH MajorFunction[IRP_MJ_MAXIMUM_FUNCTION + 1]; } DRIVER_OBJECT, *PDRIVER_OBJECT;
DeviceObject
指向驱动创建的设备对象的指针。当驱动成功调用IoCreateDevice时,这个成员会自动更新。驱动可以用这个成员和 DEVICE_OBJECT 的 NextDevice 成员去遍历驱动创建的所有设备对象(A driver can use this member and the NextDevice member of DEVICE_OBJECT to step through a list of all the device objects that the driver created.)
DriverExtension
指向驱动扩展的指针。驱动扩展的唯一可访问成员是 DriverExtension->AddDevice,驱动的 DriverEntry 例程存储了驱动的 AddDevice例程。(The only accessible member of the driver extension is DriverExtension->AddDevice, into which a driver's DriverEntry routine stores the driver's AddDevice routine.)
HardwareDatabase
指向路径 \Registry\Machine\Hardware ,在这个注册表路径存储着硬件的配置信息。(Pointer to the \Registry\Machine\Hardware path to the hardware configuration information in the registry.)
FastIoDispatch
指向一个定义驱动的 fast I/O 入口的指针的指针。这个成员仅仅在FSDs个网络传输驱动里面使用。
DriverInit
由 I/O 管理器设置的 DriverEntry 例程的入口点。
DriverStartIo
驱动的 StartIo 例程的入口点。如果有的话,当驱动初始化的时候,DriverEntry将会设置这个值;如果驱动没有 StartIo例程,这个成员就是 NULL。
DriverUnload
驱动的卸载例程的入口点。如果有的话,DriverEntry将在驱动初始化的时候设置这个值;如果驱动没有卸载例程,这个成员就是 NULL。
MajorFunction[IRP_MJ_MAXIMUM_FUNCTION + 1]
由驱动的 DispatchXxx 例程的入口点组成的 Dispatch 表。数组的索引值IRP_MJ_XXX 对应着 IRP 主要函数编码。每个驱动都必须给驱动处理的 IRP_MJ_XXX 请求通过这个数组设置入口点。更多信息可以查看 Writing Dispatch Routines。
设备对象 DEVICE_OBJECT
typedef struct _DEVICE_OBJECT { CSHORT Type; USHORT Size; LONG ReferenceCount; struct _DRIVER_OBJECT *DriverObject; struct _DEVICE_OBJECT *NextDevice; struct _DEVICE_OBJECT *AttachedDevice; struct _IRP *CurrentIrp; PIO_TIMER Timer; ULONG Flags; ULONG Characteristics; __volatile PVPB Vpb; PVOID DeviceExtension; DEVICE_TYPE DeviceType; CCHAR StackSize; union { LIST_ENTRY ListEntry; WAIT_CONTEXT_BLOCK Wcb; } Queue; ULONG AlignmentRequirement; KDEVICE_QUEUE DeviceQueue; KDPC Dpc; ULONG ActiveThreadCount; PSECURITY_DESCRIPTOR SecurityDescriptor; KEVENT DeviceLock; USHORT SectorSize; USHORT Spare1; struct _DEVOBJ_EXTENSION *DeviceObjectExtension; PVOID Reserved; } DEVICE_OBJECT, *PDEVICE_OBJECT;
文件对象 DEVICE_OBJECT
typedef struct _FILE_OBJECT { CSHORT Type; CSHORT Size; PDEVICE_OBJECT DeviceObject; PVPB Vpb; PVOID FsContext; PVOID FsContext2; PSECTION_OBJECT_POINTERS SectionObjectPointer; PVOID PrivateCacheMap; NTSTATUS FinalStatus; struct _FILE_OBJECT *RelatedFileObject; BOOLEAN LockOperation; BOOLEAN DeletePending; BOOLEAN ReadAccess; BOOLEAN WriteAccess; BOOLEAN DeleteAccess; BOOLEAN SharedRead; BOOLEAN SharedWrite; BOOLEAN SharedDelete; ULONG Flags; UNICODE_STRING FileName; LARGE_INTEGER CurrentByteOffset; __volatile ULONG Waiters; __volatile ULONG Busy; PVOID LastLock; KEVENT Lock; KEVENT Event; __volatile PIO_COMPLETION_CONTEXT CompletionContext; KSPIN_LOCK IrpListLock; LIST_ENTRY IrpList; __volatile PVOID FileObjectExtension; } FILE_OBJECT, *PFILE_OBJECT;