Windows驱动开发之HelloWorld
Windows驱动开发之HelloWorld
1)Windows驱动开发介绍
Windows驱动开发衔接应用层与内核层,核心区分ring3(用户态,MFC,Win32等应用程序运行层,权限受限且受系统严格管控)与ring0(内核态,驱动程序运行层,拥有系统最高权限,可直接访问硬件与内存)。不同于上层应用聚焦业务功能实现,驱动开发需直面硬件交互,内存管理,中断处理等底层核心逻辑,是打通软件指令与硬件执行的关键技术桥梁。
2)NT/WDM/WDF/KWDF/UWDF常见的驱动开发介绍
NT:基础型内核模式驱动框架,面向核心系统功能开发;
WDM:支持热插拔机制,适配即插即用设备的驱动开发标准;
WDF/KWDF/UWDF:
WDF(WindowsDriverFoundation)为驱动开发提供封装框架,简化底层操作,开发者仅需调用封装接口即可完成核心逻辑开发;但安全领域的驱动开发需尽量贴近底层实现,而非单纯依赖框架封装。其核心采用事件驱动机制,通过回调函数响应设备事件,类似上层开发中专注业务逻辑的开发模式。
KWDF:面向内核模式的WDF子框架,适配内核态驱动开发;
UWDF:面向用户模式的WDF子框架,适用于摄像头,USB等外设驱动开发,需掌握COM组件相关知识。
3)程序开发流程
1.VS2022开发去驱动开发的组件:VisualStudioInstaller,找到需要安装的64latestspectre和WindowsDriverkit安装就行。
2.安装驱动开发SDK:打开这个地址下载SDK安装包https://learn.microsoft.com/en-us/windows/apps/windows-sdk/downloads
3.安装驱动开发WDK:这个地址下载WDK安装包https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk
4.VS2022新建一个项目:使用VS2022新建一个EmptyWDMDriver项目,项目建好,添加一个main.c文件就行。
5.使用工具:DebugView,KmdManager,或者自己写驱动加载器。
4)代码示例
/*
Create device object
admin run winobj.exe -> Device -> Name find my device
winobj check device symbol name
https://learn.microsoft.com/zh-cn/sysinternals/downloads/winobj
1)Fist sys
vs2022->propertys->c/c++->General->Treat Warnings As Errors -> No(/WX-)
vmware win10 cmd
Show error
windows blocked the installtaion of a digitally unsigned driver
bcdedit /set testsigning on
or
gpedit.msc
Administrative Templates -> System -> Driver Installation -> Code signing for device drivers->Ignore
DebugView.zip
2) debug windows cmd -> msconfig and copy boot use "bcdedit /copy {current} /d debug"
bcdedit /copy {current} /d debug
bcdedit /displayorder {389da118-6d83-11ee-9f7b-94002af10242} /addlast
bcdedit /dbgsettings SERIAL DEBUGPORT:1 BAUDRATE:115200
bcdedit /bootdebug {389da118-6d83-11ee-9f7b-94002af10242} ON
bcdedit /timeout 30
shutdown /r /t 0
debug sys win10
bcdedit /dbgsettings none
bcdedit /set {current} debug no
bcdedit /copy {current} /d "Myos"
bcdedit /debug on
bcdedit /dbgsettings serial debugport 1 baudrate 115200
bcdedit /set {dbgsettings} port 1
bcdedit /set {current} debug yes
bcdedit /set testsigning on
bcdedit /set nointegritychecks on
bcdedit /enum {current} /v
bcdedit /set “{current}” bootmenupolicy Legacy
msconfig -> boot Myos set Debug an set serial,port,baudrate
shutdown /r /t 0
vmware add Serial port
\\.\pipe\com_1
This end is the **server**
The other end is an application
vs2022 Device Configuration
win10
DESKTOP-D56RR44
or network error
bcdedit /debug on
bcdedit /dbgsettings net hostip:vs2022devip port:50000
bcdedit /dbgsettings net hostip:192.168.0.101 port:50000
43s86sbw2q9n.1npb68a31q4t2.2ig4ylv5tvk1w.lcgcr6ivajdf
bcdedit /dbgsettings
bcdedit /set {default} debug yes
shutdown /r /t 0
bcdedit /dbgsettings
vs2022
or
windbg
C:\Program Files (x86)\Windows Kits\10\Debuggers\x64 desktop windbg.exe - Shortcut
windbg.exe-Shortcut properties
Target input
have symbols
"C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\windbg.exe" -y SRV*E:\symbol*http://msdl.microsoft.com/download/symbols -b -k com:port=//./pipe/com_1,baud=115200,pipe
no symbols
"C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\windbg.exe" -b -k com:port=//./pipe/com_1,baud=115200,pipe
input g
Environment Variables
_NT_SYMBOL_PATH
SRV*E:\symbol* https://msdl.microsoft.com/download/symbols
windows sdk wdk
https://learn.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads#step-2-install-the-wdk
Released with WDK and related downloads
Windows 11, Version 24H2 WDK 10.0.26100.3323 (released March 14, 2025)
Windows 11, Version 24H2 WDK 10.0.26100.2454 (released November 27, 2024)
Windows 11, Version 24H2 WDK 10.0.26100.2161 (released November 4, 2024)
Windows 11, Version 24H2 WDK 10.0.26100.1882 (released October 14, 2024)
Windows 11, Version 24H2 WDK 10.0.26100.1591 (released September 18, 2024)
Windows 11, Version 24H2 WDK 10.0.26100.1 (released May 2024)
Windows 11, Version 23H2 WDK 10.0.22621.2428 (released October 24, 2023)
Windows 11, version 22H2 WDK for Windows 11, version 22H2 (10.0.22621.382, released May 24, 2022)
Windows 11, version 21H2 WDK for Windows 11, version 21H2
Windows Server 2022 WDK for Windows Server 2022
Windows 10, version 2004 WDK for Windows 10, version 2004
Windows 10, version 1903 WDK for Windows 10, version 1903
Windows 10, version 1809
Windows Server 2019 WDK for Windows 10, version 1809
Windows 10, version 1607
Windows Server 2016 WDK for Windows 10, version 1607
Windows 8.1 Update WDK 8.1 Update (English only) - permanently unavailable
WDK 8.1 Update Test Pack (English only) - permanently unavailable
WDK 8.1 Samples
Note: You can use any WDK from Windows 10, version 1607 through Windows 11, version 21H2 to build drivers for Windows 8.1.
Windows 8 WDK 8 Samples
regedit
Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BaseDriver
/* Example 1: Windows Service Startup Type (The Start value under the registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[Service Name])
0: Boot Start (Initiated by the system loader, only for core drivers)
1: System Start (Initiated by the session manager, for critical system services)
2: Automatic Start (Runs automatically after the system boots up)
3: Manual Start (Triggered by the user or other services)
4: Disabled (The service cannot be started)
*/
#include<ntddk.h>
VOIDDriverUnload(PDRIVER_OBJECTdriver);
#definePAGEDCODEcode_seg("PAGE")
NTSTATUSDriverEntry(INPDRIVER_OBJECTpDriverObject,
INPUNICODE_STRINGpRegistryPath)
{
//DbgBreakPoint();
KdBreakPoint();
DbgPrint("Hello,wewdkdirver\r\n");
KdPrint(("Hello,wewdkdirverbyKdPrint\r\n"));
DbgPrint("pRegistryPath:%wZ\r\n",pRegistryPath);
pDriverObject->DriverUnload=DriverUnload;
returnSTATUS_SUCCESS;
}
//Unloadfunction
VOIDDriverUnload(PDRIVER_OBJECTDriverObject)
{
DbgPrint("Ourdriverisunloading\r\n");
KdPrint(("OurdriverisunloadingbyKdPrint\r\n"));
}