#include<ntddk.h>
#include<ntstrsafe.h>
//提供一个Unload函数只是为了让这个程序能动态卸载
VOID DriverUnload(PDRIVER_OBJECT driver) {
DbgPrint("first:Our driver is unloading...\r\n");
}
#define CWK_CDO_SYB_NAME L"\\??\\slbkcdo_3948d33e"
PDEVICE_OBJECT g_co = {0};//全局设备对象指针
const GUID guid =
{ 0x8a32b368, 0x3249, 0x12e1, {0x92,0x16, 0x46, 0x1a, 0x21, 0x30, 0x29, 0x06} };//GUID
NTSTATUS DriverEntry(PDRIVER_OBJECT driver, PUNICODE_STRING reg_path) {
UNICODE_STRING cdo_name = RTL_CONSTANT_STRING(L"\\Device\\cwk_3948d33e");
NTSTATUS status = NULL;
NTSTATUS driverStatus = NULL;
UNICODE_STRING cdo_syb = RTL_CONSTANT_STRING(CWK_CDO_SYB_NAME);
//生成符号链接
#if DBG
__asm int 3
#endif // DBG
IoDeleteSymbolicLink(&cdo_syb);//可能有同名的符号链接因此先删除
driverStatus = IoCreateDevice(driver, 0, &cdo_name, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN
, FALSE, &g_co);//创建设备对象
status = IoCreateSymbolicLink(&cdo_syb,&cdo_name);
if (!NT_SUCCESS(status)) {
//如果设备删除设备对象
//IoDeleteDevice(g_co);
return status;
}
else {
DbgPrint("成功");
}
driver->DriverUnload = DriverUnload;
return STATUS_SUCCESS;
}
//DbgPrint("当前KernelModule中断级别:%d.\r\n",kil);
//设置一个卸载函数,便于这个函数退出
![C语言第四章自述2第四章 选择结构程序设计[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)