win10驱动下获取cpu信息-白红宇

win10驱动下获取cpu信息

阅读量：7228 次

发布时间：2019-06-29

本文共 9022 字，大约阅读时间需要 30 分钟。

entry.c

#include "Driver.h"NTSTATUS DriverEntry(    IN PDRIVER_OBJECT pDriverObject,    IN PUNICODE_STRING pRegistryPath){    NTSTATUS status;    //判断CPU类型    CPUType();    KdPrint(("Enter DriverEntry\n"));    //DbgBreakPoint();    //设置卸载函数    pDriverObject->DriverUnload =DDKUnload;    //设置派遣函数    pDriverObject->MajorFunction[IRP_MJ_CREATE] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_CLOSE] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_WRITE] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_READ] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_CLEANUP] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_SET_INFORMATION] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_SHUTDOWN] = DDKDispatchRoutin;    pDriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = DDKDispatchRoutin;    //创建驱动设备对象    status = CreateDevice(pDriverObject);    KdPrint(("Leave DriverEntry\n"));    return status;}NTSTATUS CreateDevice(    IN PDRIVER_OBJECT   pDriverObject){    NTSTATUS status;    PDEVICE_OBJECT pDevObj;    PDEVICE_EXTENSION pDevExt;    //创建设备名称    UNICODE_STRING devName;    RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice");    //创建设备    status = IoCreateDevice(pDriverObject,        sizeof(DEVICE_EXTENSION),        &devName,        FILE_DEVICE_UNKNOWN,        0, TRUE,        &pDevObj);    if (!NT_SUCCESS(status))        return status;    pDevObj->Flags |= DO_BUFFERED_IO;    pDevExt = (PDEVICE_EXTENSION)pDevObj->DeviceExtension;    pDevExt->pDevice = pDevObj;    pDevExt->ustrDeviceName = devName;    //创建符号链接    UNICODE_STRING symLinkName;    RtlInitUnicodeString(&symLinkName, L"\\??\\TESTDDK");    pDevExt->ustrSymLinkName = symLinkName;    status = IoCreateSymbolicLink(&symLinkName, &devName);    if (!NT_SUCCESS(status))    {        IoDeleteDevice(pDevObj);        return status;    }    return STATUS_SUCCESS;}#pragma PAGEDCODEVOID DDKUnload(IN PDRIVER_OBJECT pDriverObject){    PDEVICE_OBJECT  pNextObj;    KdPrint(("Enter DriverUnload\n"));    pNextObj = pDriverObject->DeviceObject;    while (pNextObj != NULL)    {        PDEVICE_EXTENSION pDevExt = (PDEVICE_EXTENSION)            pNextObj->DeviceExtension;        //删除符号链接        UNICODE_STRING pLinkName = pDevExt->ustrSymLinkName;        IoDeleteSymbolicLink(&pLinkName);        pNextObj = pNextObj->NextDevice;        IoDeleteDevice(pDevExt->pDevice);    }}#pragma PAGEDCODENTSTATUS DDKDispatchRoutin(IN PDEVICE_OBJECT pDevObj,    IN PIRP pIrp){    KdPrint(("Enter HelloDDKDispatchRoutin\n"));    PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrp);    //建立一个字符串数组与IRP类型对应起来    static char* irpname[] =    {        "IRP_MJ_CREATE",        "IRP_MJ_CREATE_NAMED_PIPE",        "IRP_MJ_CLOSE",        "IRP_MJ_READ",        "IRP_MJ_WRITE",        "IRP_MJ_QUERY_INFORMATION",        "IRP_MJ_SET_INFORMATION",        "IRP_MJ_QUERY_EA",        "IRP_MJ_SET_EA",        "IRP_MJ_FLUSH_BUFFERS",        "IRP_MJ_QUERY_VOLUME_INFORMATION",        "IRP_MJ_SET_VOLUME_INFORMATION",        "IRP_MJ_DIRECTORY_CONTROL",        "IRP_MJ_FILE_SYSTEM_CONTROL",        "IRP_MJ_DEVICE_CONTROL",        "IRP_MJ_INTERNAL_DEVICE_CONTROL",        "IRP_MJ_SHUTDOWN",        "IRP_MJ_LOCK_CONTROL",        "IRP_MJ_CLEANUP",        "IRP_MJ_CREATE_MAILSLOT",        "IRP_MJ_QUERY_SECURITY",        "IRP_MJ_SET_SECURITY",        "IRP_MJ_POWER",        "IRP_MJ_SYSTEM_CONTROL",        "IRP_MJ_DEVICE_CHANGE",        "IRP_MJ_QUERY_QUOTA",        "IRP_MJ_SET_QUOTA",        "IRP_MJ_PNP",    };    UCHAR type = stack->MajorFunction;    if (type >= arraysize(irpname))        KdPrint((" - Unknown IRP, major type %X\n", type));    else        KdPrint(("\t%s\n", irpname[type]));    //对一般IRP的简单操作，后面会介绍对IRP更复杂的操作    NTSTATUS status = STATUS_SUCCESS;    // 完成IRP    pIrp->IoStatus.Status = status;    pIrp->IoStatus.Information = 0; // bytes xfered    IoCompleteRequest(pIrp, IO_NO_INCREMENT);    KdPrint(("Leave DDKDispatchRoutin\n"));    return status;}stRet CPUType(){    stRet st_Ret = {FALSE,FALSE};     ULONG CPUInfo[4] = { -1 };    CHAR cpu_string[48];    __cpuid(CPUInfo, 0);    INT num_ids = CPUInfo[0];    //GenuineIntel是Intel的CPU     //0x47, 0x65, 0x6E, 0x75,   0x69, 0x6E, 0x65, 0x49,   0x6E, 0x74, 0x65, 0x6C,   0x00, 0x00, 0x00, 0x00 GenuineIntel    if ((CPUInfo[1] == 0x756e6547) && (CPUInfo[2] == 0x6c65746e) && (CPUInfo[3] == 0x49656e69))    {        st_Ret.bIntelCPU=TRUE;        KdPrint(("GenuineIntel\n"));    }    //AuthenticAMD 是AMD的CPU    //0x41, 0x75, 0x74, 0x68,   0x65, 0x6E, 0x74, 0x69,   0x63, 0x41, 0x4D, 0x44,   0x00, 0x00, 0x00, 0x00  AuthenticAMD    if ((CPUInfo[1] == 0x68747541) && (CPUInfo[2] == 0x444d4163) && (CPUInfo[3] == 0x69746e65))    {        st_Ret.bIntelCPU = TRUE;        KdPrint(("AuthenticAMD\n"));    }    INT cpu_info[4] = { -1 };    __cpuid(cpu_info, 0);    // Interpret CPU feature information.    if (num_ids > 0) {        int cpu_info7[4] = { 0 };        __cpuid(cpu_info, 1);        if (num_ids >= 7) {            __cpuid(cpu_info7, 7);        }        signature_ = cpu_info[0];        stepping_ = cpu_info[0] & 0xf;        model_ = ((cpu_info[0] >> 4) & 0xf) + ((cpu_info[0] >> 12) & 0xf0);        family_ = (cpu_info[0] >> 8) & 0xf;        type_ = (cpu_info[0] >> 12) & 0x3;        ext_model_ = (cpu_info[0] >> 16) & 0xf;        ext_family_ = (cpu_info[0] >> 20) & 0xff;        has_mmx_ = (cpu_info[3] & 0x00800000) != 0;        has_sse_ = (cpu_info[3] & 0x02000000) != 0;        has_sse2_ = (cpu_info[3] & 0x04000000) != 0;        has_sse3_ = (cpu_info[2] & 0x00000001) != 0;        has_ssse3_ = (cpu_info[2] & 0x00000200) != 0;        has_sse41_ = (cpu_info[2] & 0x00080000) != 0;        has_sse42_ = (cpu_info[2] & 0x00100000) != 0;        has_aesni_ = (cpu_info[2] & 0x02000000) != 0;        has_avx2_ = has_avx_ && (cpu_info7[1] & 0x00000020) != 0;    }    // Get the brand string of the cpu.    __cpuid(cpu_info, 0x80000000);    const int parameter_end = 0x80000004;    int max_parameter = cpu_info[0];    //CHAR temp[40] = { -1 };    if (cpu_info[0] >= parameter_end) {        PCHAR cpu_string_ptr = cpu_string;        for (int parameter = 0x80000002; parameter <= parameter_end &&            cpu_string_ptr < &cpu_string[lstrlen(cpu_string)]; parameter++) {            __cpuid(cpu_info, parameter);            lstrcpy(cpu_string_ptr, cpu_info, lstrlen(cpu_info));            cpu_string_ptr += lstrlen(cpu_info);        }        //lstrcpy(g_cpu_string, cpu_string_ptr-34, 32);        KdPrint(("cpu_string:%s cpu_string:%x\n", cpu_string, cpu_string));        DbgBreakPoint();     }    const int parameter_containing_non_stop_time_stamp_counter = 0x80000007;    if (max_parameter >= parameter_containing_non_stop_time_stamp_counter) {        __cpuid(cpu_info, parameter_containing_non_stop_time_stamp_counter);        has_non_stop_time_stamp_counter_ = (cpu_info[3] & (1 << 8)) != 0;    }     return st_Ret;}//  字符串长度DWORD lstrlen(PCHAR pSrc){    DWORD   dwRet = 0;    while (*pSrc != 0)    {        dwRet++;        pSrc++;    }    return dwRet;}//  字符拷贝VOID lstrcpy(PCHAR pDst, PCHAR pSrc, DWORD len){    //while (1)    //{    //  //  复制字符，直到零结尾    //  *pDst = *pSrc;    //  if (*pSrc == 0)    //      break;    //  //  下一个字符    //  pSrc++;    //  pDst++;    //}    for (DWORD i = 0; i < len; i++) {            //  复制字符             *pDst = *pSrc;            if (*pSrc == 0)                break;            //  下一个字符            pSrc++;            pDst++;    }}

Driver.h

//#include 
    
     #include 
     
      #include 
      
       #include 
       
        #define PAGEDCODE code_seg("PAGE")#define LOCKEDCODE code_seg()#define INITCODE code_seg("INIT")#define PAGEDDATA data_seg("PAGE")#define LOCKEDDATA data_seg()#define INITDATA data_seg("INIT")#define arraysize(p) (sizeof(p)/sizeof((p)[0]))typedef struct _DEVICE_EXTENSION {    PDEVICE_OBJECT pDevice;    UNICODE_STRING ustrDeviceName;  //设备名称    UNICODE_STRING ustrSymLinkName; //符号链接名} DEVICE_EXTENSION, *PDEVICE_EXTENSION;typedef struct MyStruct{    //Intel    BOOLEAN bIntelCPU;    //AMD    BOOLEAN bAMDCPU;}stRet;INT signature_;  // raw form of type, family, model, and steppingINT type_;  // process typeINT family_;  // family of the processorINT model_;  // model of processorINT stepping_;  // processor revision numberINT ext_model_;INT ext_family_;BOOLEAN has_mmx_;BOOLEAN has_sse_;BOOLEAN has_sse2_;BOOLEAN has_sse3_;BOOLEAN has_ssse3_;BOOLEAN has_sse41_;BOOLEAN has_sse42_;BOOLEAN has_avx_;BOOLEAN has_avx2_;BOOLEAN has_aesni_;BOOLEAN has_non_stop_time_stamp_counter_;ULONG CPUInfo[4] = { -1 };//CHAR g_cpu_string[0x36];PCHAR cpu_string_ptr;// 函数声明stRet CPUType();NTSTATUS CreateDevice(IN PDRIVER_OBJECT pDriverObject);VOID DDKUnload(IN PDRIVER_OBJECT pDriverObject);NTSTATUS DDKDispatchRoutin(IN PDEVICE_OBJECT pDevObj,    IN PIRP pIrp);//  字符串长度DWORD lstrlen(PCHAR pSrc);//  字符拷贝VOID lstrcpy(PCHAR pDst, PCHAR pSrc, DWORD len);

win10驱动下获取cpu信息