win10驅動下獲取cpu資訊
阿新 • • 發佈:2018-11-15
entry.c
#include "Driver.h" NTSTATUS DriverEntry( IN PDRIVER_OBJECT pDriverObject, IN PUNICODE_STRING pRegistryPath) { NTSTATUS status; //判斷CPU型別 CPUType(); KdPrint(("Enter DriverEntry\n")); //DbgBreakPoint(); //設定解除安裝函式 pDriverObject->DriverUnload =DDKUnload; //設定派遣函式 pDriverObject->MajorFunction[IRP_MJ_CREATE] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_CLOSE] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_WRITE] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_READ] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_CLEANUP] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_SET_INFORMATION] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_SHUTDOWN] = DDKDispatchRoutin; pDriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = DDKDispatchRoutin; //建立驅動裝置物件 status = CreateDevice(pDriverObject); KdPrint(("Leave DriverEntry\n")); return status; } NTSTATUS CreateDevice( IN PDRIVER_OBJECT pDriverObject) { NTSTATUS status; PDEVICE_OBJECT pDevObj; PDEVICE_EXTENSION pDevExt; //建立裝置名稱 UNICODE_STRING devName; RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice"); //建立裝置 status = IoCreateDevice(pDriverObject, sizeof(DEVICE_EXTENSION), &devName, FILE_DEVICE_UNKNOWN, 0, TRUE, &pDevObj); if (!NT_SUCCESS(status)) return status; pDevObj->Flags |= DO_BUFFERED_IO; pDevExt = (PDEVICE_EXTENSION)pDevObj->DeviceExtension; pDevExt->pDevice = pDevObj; pDevExt->ustrDeviceName = devName; //建立符號連結 UNICODE_STRING symLinkName; RtlInitUnicodeString(&symLinkName, L"\\??\\TESTDDK"); pDevExt->ustrSymLinkName = symLinkName; status = IoCreateSymbolicLink(&symLinkName, &devName); if (!NT_SUCCESS(status)) { IoDeleteDevice(pDevObj); return status; } return STATUS_SUCCESS; } #pragma PAGEDCODE VOID DDKUnload(IN PDRIVER_OBJECT pDriverObject) { PDEVICE_OBJECT pNextObj; KdPrint(("Enter DriverUnload\n")); pNextObj = pDriverObject->DeviceObject; while (pNextObj != NULL) { PDEVICE_EXTENSION pDevExt = (PDEVICE_EXTENSION) pNextObj->DeviceExtension; //刪除符號連結 UNICODE_STRING pLinkName = pDevExt->ustrSymLinkName; IoDeleteSymbolicLink(&pLinkName); pNextObj = pNextObj->NextDevice; IoDeleteDevice(pDevExt->pDevice); } } #pragma PAGEDCODE NTSTATUS DDKDispatchRoutin(IN PDEVICE_OBJECT pDevObj, IN PIRP pIrp) { KdPrint(("Enter HelloDDKDispatchRoutin\n")); PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(pIrp); //建立一個字串陣列與IRP型別對應起來 static char* irpname[] = { "IRP_MJ_CREATE", "IRP_MJ_CREATE_NAMED_PIPE", "IRP_MJ_CLOSE", "IRP_MJ_READ", "IRP_MJ_WRITE", "IRP_MJ_QUERY_INFORMATION", "IRP_MJ_SET_INFORMATION", "IRP_MJ_QUERY_EA", "IRP_MJ_SET_EA", "IRP_MJ_FLUSH_BUFFERS", "IRP_MJ_QUERY_VOLUME_INFORMATION", "IRP_MJ_SET_VOLUME_INFORMATION", "IRP_MJ_DIRECTORY_CONTROL", "IRP_MJ_FILE_SYSTEM_CONTROL", "IRP_MJ_DEVICE_CONTROL", "IRP_MJ_INTERNAL_DEVICE_CONTROL", "IRP_MJ_SHUTDOWN", "IRP_MJ_LOCK_CONTROL", "IRP_MJ_CLEANUP", "IRP_MJ_CREATE_MAILSLOT", "IRP_MJ_QUERY_SECURITY", "IRP_MJ_SET_SECURITY", "IRP_MJ_POWER", "IRP_MJ_SYSTEM_CONTROL", "IRP_MJ_DEVICE_CHANGE", "IRP_MJ_QUERY_QUOTA", "IRP_MJ_SET_QUOTA", "IRP_MJ_PNP", }; UCHAR type = stack->MajorFunction; if (type >= arraysize(irpname)) KdPrint((" - Unknown IRP, major type %X\n", type)); else KdPrint(("\t%s\n", irpname[type])); //對一般IRP的簡單操作,後面會介紹對IRP更復雜的操作 NTSTATUS status = STATUS_SUCCESS; // 完成IRP pIrp->IoStatus.Status = status; pIrp->IoStatus.Information = 0; // bytes xfered IoCompleteRequest(pIrp, IO_NO_INCREMENT); KdPrint(("Leave DDKDispatchRoutin\n")); return status; } stRet CPUType() { stRet st_Ret = {FALSE,FALSE}; ULONG CPUInfo[4] = { -1 }; CHAR cpu_string[48]; __cpuid(CPUInfo, 0); INT num_ids = CPUInfo[0]; //GenuineIntel是Intel的CPU //0x47, 0x65, 0x6E, 0x75, 0x69, 0x6E, 0x65, 0x49, 0x6E, 0x74, 0x65, 0x6C, 0x00, 0x00, 0x00, 0x00 GenuineIntel if ((CPUInfo[1] == 0x756e6547) && (CPUInfo[2] == 0x6c65746e) && (CPUInfo[3] == 0x49656e69)) { st_Ret.bIntelCPU=TRUE; KdPrint(("GenuineIntel\n")); } //AuthenticAMD 是AMD的CPU //0x41, 0x75, 0x74, 0x68, 0x65, 0x6E, 0x74, 0x69, 0x63, 0x41, 0x4D, 0x44, 0x00, 0x00, 0x00, 0x00 AuthenticAMD if ((CPUInfo[1] == 0x68747541) && (CPUInfo[2] == 0x444d4163) && (CPUInfo[3] == 0x69746e65)) { st_Ret.bIntelCPU = TRUE; KdPrint(("AuthenticAMD\n")); } INT cpu_info[4] = { -1 }; __cpuid(cpu_info, 0); // Interpret CPU feature information. if (num_ids > 0) { int cpu_info7[4] = { 0 }; __cpuid(cpu_info, 1); if (num_ids >= 7) { __cpuid(cpu_info7, 7); } signature_ = cpu_info[0]; stepping_ = cpu_info[0] & 0xf; model_ = ((cpu_info[0] >> 4) & 0xf) + ((cpu_info[0] >> 12) & 0xf0); family_ = (cpu_info[0] >> 8) & 0xf; type_ = (cpu_info[0] >> 12) & 0x3; ext_model_ = (cpu_info[0] >> 16) & 0xf; ext_family_ = (cpu_info[0] >> 20) & 0xff; has_mmx_ = (cpu_info[3] & 0x00800000) != 0; has_sse_ = (cpu_info[3] & 0x02000000) != 0; has_sse2_ = (cpu_info[3] & 0x04000000) != 0; has_sse3_ = (cpu_info[2] & 0x00000001) != 0; has_ssse3_ = (cpu_info[2] & 0x00000200) != 0; has_sse41_ = (cpu_info[2] & 0x00080000) != 0; has_sse42_ = (cpu_info[2] & 0x00100000) != 0; has_aesni_ = (cpu_info[2] & 0x02000000) != 0; has_avx2_ = has_avx_ && (cpu_info7[1] & 0x00000020) != 0; } // Get the brand string of the cpu. __cpuid(cpu_info, 0x80000000); const int parameter_end = 0x80000004; int max_parameter = cpu_info[0]; //CHAR temp[40] = { -1 }; if (cpu_info[0] >= parameter_end) { PCHAR cpu_string_ptr = cpu_string; for (int parameter = 0x80000002; parameter <= parameter_end && cpu_string_ptr < &cpu_string[lstrlen(cpu_string)]; parameter++) { __cpuid(cpu_info, parameter); lstrcpy(cpu_string_ptr, cpu_info, lstrlen(cpu_info)); cpu_string_ptr += lstrlen(cpu_info); } //lstrcpy(g_cpu_string, cpu_string_ptr-34, 32); KdPrint(("cpu_string:%s cpu_string:%x\n", cpu_string, cpu_string)); DbgBreakPoint(); } const int parameter_containing_non_stop_time_stamp_counter = 0x80000007; if (max_parameter >= parameter_containing_non_stop_time_stamp_counter) { __cpuid(cpu_info, parameter_containing_non_stop_time_stamp_counter); has_non_stop_time_stamp_counter_ = (cpu_info[3] & (1 << 8)) != 0; } return st_Ret; } // 字串長度 DWORD lstrlen(PCHAR pSrc) { DWORD dwRet = 0; while (*pSrc != 0) { dwRet++; pSrc++; } return dwRet; } // 字元拷貝 VOID lstrcpy(PCHAR pDst, PCHAR pSrc, DWORD len) { //while (1) //{ // // 複製字元,直到零結尾 // *pDst = *pSrc; // if (*pSrc == 0) // break; // // 下一個字元 // pSrc++; // pDst++; //} for (DWORD i = 0; i < len; i++) { // 複製字元 *pDst = *pSrc; if (*pSrc == 0) break; // 下一個字元 pSrc++; pDst++; } }
Driver.h
//#include <NTDDK.h> #include <ntifs.h> #include <string.h> #include <ntstrsafe.h> #define PAGEDCODE code_seg("PAGE") #define LOCKEDCODE code_seg() #define INITCODE code_seg("INIT") #define PAGEDDATA data_seg("PAGE") #define LOCKEDDATA data_seg() #define INITDATA data_seg("INIT") #define arraysize(p) (sizeof(p)/sizeof((p)[0])) typedef struct _DEVICE_EXTENSION { PDEVICE_OBJECT pDevice; UNICODE_STRING ustrDeviceName; //裝置名稱 UNICODE_STRING ustrSymLinkName; //符號連結名 } DEVICE_EXTENSION, *PDEVICE_EXTENSION; typedef struct MyStruct { //Intel BOOLEAN bIntelCPU; //AMD BOOLEAN bAMDCPU; }stRet; INT signature_; // raw form of type, family, model, and stepping INT type_; // process type INT family_; // family of the processor INT model_; // model of processor INT stepping_; // processor revision number INT ext_model_; INT ext_family_; BOOLEAN has_mmx_; BOOLEAN has_sse_; BOOLEAN has_sse2_; BOOLEAN has_sse3_; BOOLEAN has_ssse3_; BOOLEAN has_sse41_; BOOLEAN has_sse42_; BOOLEAN has_avx_; BOOLEAN has_avx2_; BOOLEAN has_aesni_; BOOLEAN has_non_stop_time_stamp_counter_; ULONG CPUInfo[4] = { -1 }; //CHAR g_cpu_string[0x36]; PCHAR cpu_string_ptr; // 函式宣告 stRet CPUType(); NTSTATUS CreateDevice(IN PDRIVER_OBJECT pDriverObject); VOID DDKUnload(IN PDRIVER_OBJECT pDriverObject); NTSTATUS DDKDispatchRoutin(IN PDEVICE_OBJECT pDevObj, IN PIRP pIrp); // 字串長度 DWORD lstrlen(PCHAR pSrc); // 字元拷貝 VOID lstrcpy(PCHAR pDst, PCHAR pSrc, DWORD len);
