File: giveio.c

package info (click to toggle)
avrdude 5.2-2
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k
  • size: 2,284 kB
  • ctags: 1,520
  • sloc: ansic: 15,167; sh: 3,437; yacc: 1,051; lex: 240; makefile: 158
file content (168 lines) | stat: -rwxr-xr-x 5,754 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
/*********************************************************************

Author:     Dale Roberts
Date:       8/30/95
Program:    GIVEIO.SYS
Compile:    Use DDK BUILD facility

Purpose:    Give direct port I/O access to a user mode process.

*********************************************************************/
#include <ntddk.h>

/*
 *  The name of our device driver.
 */
#define DEVICE_NAME_STRING	L"giveio"

/*
 *  This is the "structure" of the IOPM.  It is just a simple
 * character array of length 0x2000.
 *
 *  This holds 8K * 8 bits -> 64K bits of the IOPM, which maps the
 * entire 64K I/O space of the x86 processor.  Any 0 bits will give
 * access to the corresponding port for user mode processes.  Any 1
 * bits will disallow I/O access to the corresponding port.
 */
#define	IOPM_SIZE	0x2000
typedef UCHAR IOPM[IOPM_SIZE];

/*
 *  This will hold simply an array of 0's which will be copied
 * into our actual IOPM in the TSS by Ke386SetIoAccessMap().
 * The memory is allocated at driver load time.
 */
IOPM *IOPM_local = 0;

/*
 *  These are the two undocumented calls that we will use to give
 * the calling process I/O access.
 *
 *  Ke386IoSetAccessMap() copies the passed map to the TSS.
 *
 *  Ke386IoSetAccessProcess() adjusts the IOPM offset pointer so that
 * the newly copied map is actually used.  Otherwise, the IOPM offset
 * points beyond the end of the TSS segment limit, causing any I/O
 * access by the user mode process to generate an exception.
 */
void Ke386SetIoAccessMap(int, IOPM *);
void Ke386QueryIoAccessMap(int, IOPM *);
void Ke386IoSetAccessProcess(PEPROCESS, int);

/*********************************************************************
  Release any allocated objects.
*********************************************************************/
VOID GiveioUnload(IN PDRIVER_OBJECT DriverObject)
{
	WCHAR DOSNameBuffer[] = L"\\DosDevices\\" DEVICE_NAME_STRING;
	UNICODE_STRING uniDOSString;

	if(IOPM_local)
		MmFreeNonCachedMemory(IOPM_local, sizeof(IOPM));

	RtlInitUnicodeString(&uniDOSString, DOSNameBuffer);
	IoDeleteSymbolicLink (&uniDOSString);
	IoDeleteDevice(DriverObject->DeviceObject);
}

/*********************************************************************
  Set the IOPM (I/O permission map) of the calling process so that it
is given full I/O access.  Our IOPM_local[] array is all zeros, so
the IOPM will be all zeros.  If OnFlag is 1, the process is given I/O
access.  If it is 0, access is removed.
*********************************************************************/
VOID SetIOPermissionMap(int OnFlag)
{
	Ke386IoSetAccessProcess(PsGetCurrentProcess(), OnFlag);
	Ke386SetIoAccessMap(1, IOPM_local);
}

void GiveIO(void)
{
	SetIOPermissionMap(1);
}

/*********************************************************************
  Service handler for a CreateFile() user mode call.

  This routine is entered in the driver object function call table by
the DriverEntry() routine.  When the user mode application calls
CreateFile(), this routine gets called while still in the context of
the user mode application, but with the CPL (the processor's Current
Privelege Level) set to 0.  This allows us to do kernel mode
operations.  GiveIO() is called to give the calling process I/O
access.  All the user mode application needs do to obtain I/O access
is open this device with CreateFile().  No other operations are
required.
*********************************************************************/
NTSTATUS GiveioCreateDispatch(
    IN  PDEVICE_OBJECT  DeviceObject,
    IN  PIRP            Irp
    )
{
	GiveIO();			// give the calling process I/O access

    Irp->IoStatus.Information = 0;
    Irp->IoStatus.Status = STATUS_SUCCESS;
    IoCompleteRequest(Irp, IO_NO_INCREMENT);
    return STATUS_SUCCESS;
}

/*********************************************************************
  Driver Entry routine.

  This routine is called only once after the driver is initially
loaded into memory.  It allocates everything necessary for the
driver's operation.  In our case, it allocates memory for our IOPM
array, and creates a device which user mode applications can open.
It also creates a symbolic link to the device driver.  This allows
a user mode application to access our driver using the \\.\giveio
notation.
*********************************************************************/
NTSTATUS DriverEntry(
    IN PDRIVER_OBJECT DriverObject,
    IN PUNICODE_STRING RegistryPath
    )
{
	PDEVICE_OBJECT deviceObject;
	NTSTATUS status;
	WCHAR NameBuffer[] = L"\\Device\\" DEVICE_NAME_STRING;
	WCHAR DOSNameBuffer[] = L"\\DosDevices\\" DEVICE_NAME_STRING;
	UNICODE_STRING uniNameString, uniDOSString;

	//
	//  Allocate a buffer for the local IOPM and zero it.
	//
	IOPM_local = MmAllocateNonCachedMemory(sizeof(IOPM));
	if(IOPM_local == 0)
		return STATUS_INSUFFICIENT_RESOURCES;
	RtlZeroMemory(IOPM_local, sizeof(IOPM));

	//
	//  Set up device driver name and device object.
	//
	RtlInitUnicodeString(&uniNameString, NameBuffer);
	RtlInitUnicodeString(&uniDOSString, DOSNameBuffer);

	status = IoCreateDevice(DriverObject, 0,
					&uniNameString,
					FILE_DEVICE_UNKNOWN,
					0, FALSE, &deviceObject);

	if(!NT_SUCCESS(status))
		return status;

	status = IoCreateSymbolicLink (&uniDOSString, &uniNameString);

	if (!NT_SUCCESS(status))
		return status;

    //
    //  Initialize the Driver Object with driver's entry points.
	// All we require are the Create and Unload operations.
    //
    DriverObject->MajorFunction[IRP_MJ_CREATE] = GiveioCreateDispatch;
	DriverObject->DriverUnload = GiveioUnload;
    return STATUS_SUCCESS;
}