w jakim celu istnieje funkcja IoGetCurrentIrpStackLocation()?
przeciez kazdy DispatchRoutine ma 2 argumenty, *DEVICE_OBJECT i *IRP.
jaka jest roznica miedzy IoGetCurrentIrpStackLocation() a argumentem?
w jakim celu istnieje funkcja IoGetCurrentIrpStackLocation()?
przeciez kazdy DispatchRoutine ma 2 argumenty, *DEVICE_OBJECT i *IRP.
jaka jest roznica miedzy IoGetCurrentIrpStackLocation() a argumentem?
stack location dla IRP pozwala Ci pobrac rozszerzone informacje na temat requestu jak np. wielkosc bufora przy IRP_MJ_READ/IRP_MJ_WRITE. Poszukaj na MSDN np. dla read masz liste informacji:
http://msdn.microsoft.com/en-us/library/ms795902.aspx
lkd> dt _IRP
nt!_IRP
+0x000 Type : Int2B
+0x002 Size : Uint2B
+0x004 MdlAddress : Ptr32 _MDL
+0x008 Flags : Uint4B
+0x00c AssociatedIrp : __unnamed
+0x010 ThreadListEntry : _LIST_ENTRY
+0x018 IoStatus : _IO_STATUS_BLOCK
+0x020 RequestorMode : Char
+0x021 PendingReturned : UChar
+0x022 StackCount : Char
+0x023 CurrentLocation : Char
+0x024 Cancel : UChar
+0x025 CancelIrql : UChar
+0x026 ApcEnvironment : Char
+0x027 AllocationFlags : UChar
+0x028 UserIosb : Ptr32 _IO_STATUS_BLOCK
+0x02c UserEvent : Ptr32 _KEVENT
+0x030 Overlay : __unnamed
+0x038 CancelRoutine : Ptr32 void
+0x03c UserBuffer : Ptr32 Void
+0x040 Tail : __unnamed
co to jest ten stack location?
jak to si ma to struktury IRP?
chodzi o associatedirp? bo tylko to pole ma jakis sens...
czy iogetstacklocation po prostu updatuje to pole czy co ;/?
IoGetCurrentIrpStackLocation nie jest funkcją tylko makrem
#define IoGetCurrentIrpStackLocation( rp) ((Irp)->Tail.Overlay.CurrentStackLocation)
Pozdrawiam,
lord_zero
A oto i sama struktura IO_STACK_LOCATION:
kd> dt nt!_IO_STACK_LOCATION
+0x000 MajorFunction : UChar
+0x001 MinorFunction : UChar
+0x002 Flags : UChar
+0x003 Control : UChar
+0x004 Parameters : __unnamed
+0x014 DeviceObject : Ptr32 _DEVICE_OBJECT
+0x018 FileObject : Ptr32 _FILE_OBJECT
+0x01c CompletionRoutine : Ptr32 long
+0x020 Context : Ptr32 Void
lord_zero
skad mam wiedziec ze Irp.Tail = Irp.Tail.Overlay.CurrentStackLocation?
tzn musze sie potem odwolywac np do Irp.Tail.Overlay.CurrentStackLocation.Parameters?
jak poznac co jest dalej, Parameters to jest struktura, na 100% a kd pisze __unnamed ;/
tak samo tail = __unnamed, nawet nie wiem jak sie nazywa struktura...
do odczytu symboli uzywam kd, jak do tego dojsc?
i jeszcze 1, jak moge poznac wartosc stalej? Czy kd tez to obsluguje?
napisz prosze co w ogole chcesz uzyskac i co robisz
aktualnie nic konkretnego, po prostu nie rozumiem zaleznosci miedzy irp a io_stack_location.
io_stack_location to jest pole struktury irp, tyle ze gleboko w niej, nie widze sensu dlaczego to tak jest i dlaczego nie uzywac tylko irp do przekazywania danych.
zawsze używasz tylko IRP, stack location to tylko rozszerzone dane dla IRP
Oto ta sama struktura z widokiem na podstruktury:
kd> dt -b nt!_IO_STACK_LOCATION
+0x000 MajorFunction : UChar
+0x001 MinorFunction : UChar
+0x002 Flags : UChar
+0x003 Control : UChar
+0x004 Parameters : __unnamed
+0x000 Create : __unnamed
+0x000 SecurityContext : Ptr32
+0x004 Options : Uint4B
+0x008 FileAttributes : Uint2B
+0x00a ShareAccess : Uint2B
+0x00c EaLength : Uint4B
+0x000 CreatePipe : __unnamed
+0x000 SecurityContext : Ptr32
+0x004 Options : Uint4B
+0x008 Reserved : Uint2B
+0x00a ShareAccess : Uint2B
+0x00c Parameters : Ptr32
+0x000 CreateMailslot : __unnamed
+0x000 SecurityContext : Ptr32
+0x004 Options : Uint4B
+0x008 Reserved : Uint2B
+0x00a ShareAccess : Uint2B
+0x00c Parameters : Ptr32
+0x000 Read : __unnamed
+0x000 Length : Uint4B
+0x004 Key : Uint4B
+0x008 ByteOffset : _LARGE_INTEGER
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 u : __unnamed
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 QuadPart : Int8B
+0x000 Write : __unnamed
+0x000 Length : Uint4B
+0x004 Key : Uint4B
+0x008 ByteOffset : _LARGE_INTEGER
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 u : __unnamed
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 QuadPart : Int8B
+0x000 QueryDirectory : __unnamed
+0x000 Length : Uint4B
+0x004 FileName : Ptr32
+0x008 FileInformationClass :
FileDirectoryInformation = 1
FileFullDirectoryInformation = 2
FileBothDirectoryInformation = 3
FileBasicInformation = 4
FileStandardInformation = 5
FileInternalInformation = 6
FileEaInformation = 7
FileAccessInformation = 8
FileNameInformation = 9
FileRenameInformation = 10
FileLinkInformation = 11
FileNamesInformation = 12
FileDispositionInformation = 13
FilePositionInformation = 14
FileFullEaInformation = 15
FileModeInformation = 16
FileAlignmentInformation = 17
FileAllInformation = 18
FileAllocationInformation = 19
FileEndOfFileInformation = 20
FileAlternateNameInformation = 21
FileStreamInformation = 22
FilePipeInformation = 23
FilePipeLocalInformation = 24
FilePipeRemoteInformation = 25
FileMailslotQueryInformation = 26
FileMailslotSetInformation = 27
FileCompressionInformation = 28
FileObjectIdInformation = 29
FileCompletionInformation = 30
FileMoveClusterInformation = 31
FileQuotaInformation = 32
FileReparsePointInformation = 33
FileNetworkOpenInformation = 34
FileAttributeTagInformation = 35
FileTrackingInformation = 36
FileIdBothDirectoryInformation = 37
FileIdFullDirectoryInformation = 38
FileValidDataLengthInformation = 39
FileShortNameInformation = 40
FileMaximumInformation = 41
+0x00c FileIndex : Uint4B
+0x000 NotifyDirectory : __unnamed
+0x000 Length : Uint4B
+0x004 CompletionFilter : Uint4B
+0x000 QueryFile : __unnamed
+0x000 Length : Uint4B
+0x004 FileInformationClass :
FileDirectoryInformation = 1
FileFullDirectoryInformation = 2
FileBothDirectoryInformation = 3
FileBasicInformation = 4
FileStandardInformation = 5
FileInternalInformation = 6
FileEaInformation = 7
FileAccessInformation = 8
FileNameInformation = 9
FileRenameInformation = 10
FileLinkInformation = 11
FileNamesInformation = 12
FileDispositionInformation = 13
FilePositionInformation = 14
FileFullEaInformation = 15
FileModeInformation = 16
FileAlignmentInformation = 17
FileAllInformation = 18
FileAllocationInformation = 19
FileEndOfFileInformation = 20
FileAlternateNameInformation = 21
FileStreamInformation = 22
FilePipeInformation = 23
FilePipeLocalInformation = 24
FilePipeRemoteInformation = 25
FileMailslotQueryInformation = 26
FileMailslotSetInformation = 27
FileCompressionInformation = 28
FileObjectIdInformation = 29
FileCompletionInformation = 30
FileMoveClusterInformation = 31
FileQuotaInformation = 32
FileReparsePointInformation = 33
FileNetworkOpenInformation = 34
FileAttributeTagInformation = 35
FileTrackingInformation = 36
FileIdBothDirectoryInformation = 37
FileIdFullDirectoryInformation = 38
FileValidDataLengthInformation = 39
FileShortNameInformation = 40
FileMaximumInformation = 41
+0x000 SetFile : __unnamed
+0x000 Length : Uint4B
+0x004 FileInformationClass :
FileDirectoryInformation = 1
FileFullDirectoryInformation = 2
FileBothDirectoryInformation = 3
FileBasicInformation = 4
FileStandardInformation = 5
FileInternalInformation = 6
FileEaInformation = 7
FileAccessInformation = 8
FileNameInformation = 9
FileRenameInformation = 10
FileLinkInformation = 11
FileNamesInformation = 12
FileDispositionInformation = 13
FilePositionInformation = 14
FileFullEaInformation = 15
FileModeInformation = 16
FileAlignmentInformation = 17
FileAllInformation = 18
FileAllocationInformation = 19
FileEndOfFileInformation = 20
FileAlternateNameInformation = 21
FileStreamInformation = 22
FilePipeInformation = 23
FilePipeLocalInformation = 24
FilePipeRemoteInformation = 25
FileMailslotQueryInformation = 26
FileMailslotSetInformation = 27
FileCompressionInformation = 28
FileObjectIdInformation = 29
FileCompletionInformation = 30
FileMoveClusterInformation = 31
FileQuotaInformation = 32
FileReparsePointInformation = 33
FileNetworkOpenInformation = 34
FileAttributeTagInformation = 35
FileTrackingInformation = 36
FileIdBothDirectoryInformation = 37
FileIdFullDirectoryInformation = 38
FileValidDataLengthInformation = 39
FileShortNameInformation = 40
FileMaximumInformation = 41
+0x008 FileObject : Ptr32
+0x00c ReplaceIfExists : UChar
+0x00d AdvanceOnly : UChar
+0x00c ClusterCount : Uint4B
+0x00c DeleteHandle : Ptr32
+0x000 QueryEa : __unnamed
+0x000 Length : Uint4B
+0x004 EaList : Ptr32
+0x008 EaListLength : Uint4B
+0x00c EaIndex : Uint4B
+0x000 SetEa : __unnamed
+0x000 Length : Uint4B
+0x000 QueryVolume : __unnamed
+0x000 Length : Uint4B
+0x004 FsInformationClass :
FileFsVolumeInformation = 1
FileFsLabelInformation = 2
FileFsSizeInformation = 3
FileFsDeviceInformation = 4
FileFsAttributeInformation = 5
FileFsControlInformation = 6
FileFsFullSizeInformation = 7
FileFsObjectIdInformation = 8
FileFsDriverPathInformation = 9
FileFsMaximumInformation = 10
+0x000 SetVolume : __unnamed
+0x000 Length : Uint4B
+0x004 FsInformationClass :
FileFsVolumeInformation = 1
FileFsLabelInformation = 2
FileFsSizeInformation = 3
FileFsDeviceInformation = 4
FileFsAttributeInformation = 5
FileFsControlInformation = 6
FileFsFullSizeInformation = 7
FileFsObjectIdInformation = 8
FileFsDriverPathInformation = 9
FileFsMaximumInformation = 10
+0x000 FileSystemControl : __unnamed
+0x000 OutputBufferLength : Uint4B
+0x004 InputBufferLength : Uint4B
+0x008 FsControlCode : Uint4B
+0x00c Type3InputBuffer : Ptr32
+0x000 LockControl : __unnamed
+0x000 Length : Ptr32
+0x004 Key : Uint4B
+0x008 ByteOffset : _LARGE_INTEGER
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 u : __unnamed
+0x000 LowPart : Uint4B
+0x004 HighPart : Int4B
+0x000 QuadPart : Int8B
+0x000 DeviceIoControl : __unnamed
+0x000 OutputBufferLength : Uint4B
+0x004 InputBufferLength : Uint4B
+0x008 IoControlCode : Uint4B
+0x00c Type3InputBuffer : Ptr32
+0x000 QuerySecurity : __unnamed
+0x000 SecurityInformation : Uint4B
+0x004 Length : Uint4B
+0x000 SetSecurity : __unnamed
+0x000 SecurityInformation : Uint4B
+0x004 SecurityDescriptor : Ptr32
+0x000 MountVolume : __unnamed
+0x000 Vpb : Ptr32
+0x004 DeviceObject : Ptr32
+0x000 VerifyVolume : __unnamed
+0x000 Vpb : Ptr32
+0x004 DeviceObject : Ptr32
+0x000 Scsi : __unnamed
+0x000 Srb : Ptr32
+0x000 QueryQuota : __unnamed
+0x000 Length : Uint4B
+0x004 StartSid : Ptr32
+0x008 SidList : Ptr32
+0x00c SidListLength : Uint4B
+0x000 SetQuota : __unnamed
+0x000 Length : Uint4B
+0x000 QueryDeviceRelations : __unnamed
+0x000 Type :
BusRelations = 0
EjectionRelations = 1
PowerRelations = 2
RemovalRelations = 3
TargetDeviceRelation = 4
SingleBusRelations = 5
+0x000 QueryInterface : __unnamed
+0x000 InterfaceType : Ptr32
+0x004 Size : Uint2B
+0x006 Version : Uint2B
+0x008 Interface : Ptr32
+0x00c InterfaceSpecificData : Ptr32
+0x000 DeviceCapabilities : __unnamed
+0x000 Capabilities : Ptr32
+0x000 FilterResourceRequirements : __unnamed
+0x000 IoResourceRequirementList : Ptr32
+0x000 ReadWriteConfig : __unnamed
+0x000 WhichSpace : Uint4B
+0x004 Buffer : Ptr32
+0x008 Offset : Uint4B
+0x00c Length : Uint4B
+0x000 SetLock : __unnamed
+0x000 Lock : UChar
+0x000 QueryId : __unnamed
+0x000 IdType :
BusQueryDeviceID = 0
BusQueryHardwareIDs = 1
BusQueryCompatibleIDs = 2
BusQueryInstanceID = 3
BusQueryDeviceSerialNumber = 4
+0x000 QueryDeviceText : __unnamed
+0x000 DeviceTextType :
DeviceTextDescription = 0
DeviceTextLocationInformation = 1
+0x004 LocaleId : Uint4B
+0x000 UsageNotification : __unnamed
+0x000 InPath : UChar
+0x001 Reserved : UChar
+0x004 Type :
DeviceUsageTypeUndefined = 0
DeviceUsageTypePaging = 1
DeviceUsageTypeHibernation = 2
DeviceUsageTypeDumpFile = 3
+0x000 WaitWake : __unnamed
+0x000 PowerState :
PowerSystemUnspecified = 0
PowerSystemWorking = 1
PowerSystemSleeping1 = 2
PowerSystemSleeping2 = 3
PowerSystemSleeping3 = 4
PowerSystemHibernate = 5
PowerSystemShutdown = 6
PowerSystemMaximum = 7
+0x000 PowerSequence : __unnamed
+0x000 PowerSequence : Ptr32
+0x000 Power : __unnamed
+0x000 SystemContext : Uint4B
+0x004 Type :
SystemPowerState = 0
DevicePowerState = 1
+0x008 State : _POWER_STATE
+0x000 SystemState :
PowerSystemUnspecified = 0
PowerSystemWorking = 1
PowerSystemSleeping1 = 2
PowerSystemSleeping2 = 3
PowerSystemSleeping3 = 4
PowerSystemHibernate = 5
PowerSystemShutdown = 6
PowerSystemMaximum = 7
+0x000 DeviceState :
PowerDeviceUnspecified = 0
PowerDeviceD0 = 1
PowerDeviceD1 = 2
PowerDeviceD2 = 3
PowerDeviceD3 = 4
PowerDeviceMaximum = 5
+0x00c ShutdownType :
PowerActionNone = 0
PowerActionReserved = 1
PowerActionSleep = 2
PowerActionHibernate = 3
PowerActionShutdown = 4
PowerActionShutdownReset = 5
PowerActionShutdownOff = 6
PowerActionWarmEject = 7
+0x000 StartDevice : __unnamed
+0x000 AllocatedResources : Ptr32
+0x004 AllocatedResourcesTranslated : Ptr32
+0x000 WMI : __unnamed
+0x000 ProviderId : Uint4B
+0x004 DataPath : Ptr32
+0x008 BufferSize : Uint4B
+0x00c Buffer : Ptr32
+0x000 Others : __unnamed
+0x000 Argument1 : Ptr32
+0x004 Argument2 : Ptr32
+0x008 Argument3 : Ptr32
+0x00c Argument4 : Ptr32
+0x014 DeviceObject : Ptr32
+0x018 FileObject : Ptr32
+0x01c CompletionRoutine : Ptr32
+0x020 Context : Ptr32
Do parametrów możesz się odwołać w ten sposób:
CurrentStackLocation = IoGetCurrentIrpStackLocation(Irp);
InputBufferLength = CurrentStackLocation->Parameters.DeviceIoControl.InputBufferLength;
Zajrzyj do plików nagłowkowych DDK/WDK
A tak nawiasem. Istnienie struktur(y) IO_STACK_LOCATION nie jest przypadkowe i bez znaczenia. W przypadku gdy pakiet IRP kierowany jest bezpośrednio do jednego urządzenia nie znajdującego się w łańcuchu urządzeń menadżer I/O alokuje tylko jedną taką strukturę. Gdy natomiast pakiet kierowany jest do łańcucha urządzeń menadżer I/O alokuje tyle struktur IO_STACK_LOCATION ile jest urządzeń w łancuchu. Po co te ceregiele? Zazwyczaj pakiet IRP nie przepływa swobodnie przez poszczególne ogniwa łańcucha - jego zawartość może być modyfikowana na dowolnym etapie wędrówki. Dla przykładu sterownik może zarejestrować własną procedurę kończącą obsługą żądania I/O nadpisując adres zawarty w polu CompletionRoutine struktury IO_STACK_LOCATION...
Pozdrawiam,
lord_zero
aha, czyli zamiast IoGetCurrentIrpStackLocation() moge odwolywac sie bezposrednio do Irp.Tail.Overlay.CurrentStackLocation.Parameters.DeviceIoControl.InputBufferLength
czemu po prostu nie zrobisz tak?
PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation(pIrp);
pIrpSp->...
Zgadza się.
lord_zero