-
-
Notifications
You must be signed in to change notification settings - Fork 66
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into various_kernel_fixes
- Loading branch information
Showing
5 changed files
with
254 additions
and
235 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,83 +1,78 @@ | ||
#pragma once | ||
|
||
#ifndef CTL_CODE | ||
#define CTL_CODE(DeviceType, Function, Method, Access) \ | ||
(((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)) | ||
#endif // CTL_CODE | ||
|
||
#ifndef FILE_DEVICE_UNKNOWN | ||
#define FILE_DEVICE_UNKNOWN 0x0022 | ||
#endif // FILE_DEVICE_UNKNOWN | ||
|
||
#ifndef METHOD_BUFFERED | ||
#define METHOD_BUFFERED 0 | ||
#endif // METHOD_BUFFERED | ||
|
||
#ifndef FILE_ANY_ACCESS | ||
#define FILE_ANY_ACCESS 0 | ||
#endif // FILE_ANY_ACCESS | ||
|
||
namespace CFB::Comms | ||
{ | ||
|
||
/// | ||
///@brief An enumeration class of the available IOCTL supported by the driver | ||
/// | ||
enum class Ioctl : u32 | ||
{ | ||
// clang-format off | ||
|
||
/// | ||
///@brief ControlDriver - obsolete | ||
/// | ||
ControlDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief HookDriver | ||
/// | ||
HookDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief UnhookDriver | ||
/// | ||
UnhookDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetNumberOfDrivers | ||
/// | ||
GetNumberOfDrivers = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetNamesOfDrivers | ||
/// | ||
GetNamesOfDrivers = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetDriverInfo | ||
/// | ||
GetDriverInfo = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief SetEventPointer | ||
/// | ||
SetEventPointer = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x806, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief EnableMonitoring | ||
/// | ||
EnableMonitoring = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x807, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief DisableMonitoring | ||
/// | ||
DisableMonitoring = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief StoreTestCase | ||
/// | ||
StoreTestCase = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x809, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
// clang-format on | ||
}; | ||
|
||
} // namespace CFB::Comms | ||
#pragma once | ||
|
||
#ifndef CTL_CODE | ||
#define CTL_CODE(DeviceType, Function, Method, Access) \ | ||
(((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)) | ||
#endif // CTL_CODE | ||
|
||
#ifndef FILE_DEVICE_UNKNOWN | ||
#define FILE_DEVICE_UNKNOWN 0x0022 | ||
#endif // FILE_DEVICE_UNKNOWN | ||
|
||
#ifndef METHOD_BUFFERED | ||
#define METHOD_BUFFERED 0 | ||
#endif // METHOD_BUFFERED | ||
|
||
#ifndef FILE_ANY_ACCESS | ||
#define FILE_ANY_ACCESS 0 | ||
#endif // FILE_ANY_ACCESS | ||
|
||
namespace CFB::Comms | ||
{ | ||
|
||
/// | ||
///@brief An enumeration class of the available IOCTL supported by the driver | ||
/// | ||
enum class Ioctl : u32 | ||
{ | ||
// clang-format off | ||
|
||
/// | ||
///@brief ControlDriver - obsolete | ||
/// | ||
ControlDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief HookDriver | ||
/// | ||
HookDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief UnhookDriver | ||
/// | ||
UnhookDriver = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetNumberOfDrivers | ||
/// | ||
GetNumberOfDrivers = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetNamesOfDrivers | ||
/// | ||
GetNamesOfDrivers = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief GetDriverInfo | ||
/// | ||
GetDriverInfo = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief SetEventPointer | ||
/// | ||
SetEventPointer = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x806, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief EnableMonitoring | ||
/// | ||
EnableMonitoring = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x807, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
/// | ||
///@brief DisableMonitoring | ||
/// | ||
DisableMonitoring = CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS), | ||
|
||
// clang-format on | ||
}; | ||
|
||
} // namespace CFB::Comms |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,98 +1,96 @@ | ||
project(IrpMonitor | ||
LANGUAGES CXX | ||
VERSION 0.2.0 | ||
DESCRIPTION "Driver part of CFB" | ||
) | ||
|
||
message(STATUS "Configuring '${PROJECT_NAME}'") | ||
|
||
set(DRIVER_SOURCE_DIR ${CFB_ROOT_DIR}/Driver/Source) | ||
set(DRIVER_HEADER_DIR ${CFB_ROOT_DIR}/Driver/Headers) | ||
|
||
set(DRIVER_VERSION_MAJOR ${PROJECT_VERSION_MAJOR} CACHE INTERNAL "DRIVER_VERSION_MAJOR") | ||
set(DRIVER_VERSION_MINOR ${PROJECT_VERSION_MINOR} CACHE INTERNAL "DRIVER_VERSION_MINOR") | ||
set(DRIVER_VERSION_PATCH ${PROJECT_VERSION_PATCH} CACHE INTERNAL "DRIVER_VERSION_PATCH") | ||
|
||
set(DRIVER_RC_FILE ${DRIVER_SOURCE_DIR}/Driver.rc) | ||
set(DRIVER_RES_FILE ${DRIVER_SOURCE_DIR}/Driver.res) | ||
set(CFB_CERT_CN "${CFB_COMPANY_NAME}") | ||
set(CFB_CERT_STORE "PrivateCertStore") | ||
set(CFB_DRIVER_INF_FILE "${DRIVER_SOURCE_DIR}/${PROJECT_NAME}.inf") | ||
|
||
configure_file(${DRIVER_RC_FILE}.in ${DRIVER_RC_FILE} NEWLINE_STYLE WIN32 ESCAPE_QUOTES) | ||
|
||
set( | ||
DRIVER_HEADER_FILES | ||
|
||
${DRIVER_HEADER_DIR}/Context.hpp | ||
${DRIVER_HEADER_DIR}/Native.hpp | ||
${DRIVER_HEADER_DIR}/DriverUtils.hpp | ||
${DRIVER_HEADER_DIR}/HookedDriverManager.hpp | ||
${DRIVER_HEADER_DIR}/HookedDriver.hpp | ||
${DRIVER_HEADER_DIR}/Callbacks.hpp | ||
${DRIVER_HEADER_DIR}/CapturedIrpManager.hpp | ||
${DRIVER_HEADER_DIR}/CapturedIrp.hpp | ||
) | ||
|
||
set( | ||
DRIVER_SOURCE_FILES | ||
|
||
${DRIVER_SOURCE_DIR}/Entry.cpp | ||
${DRIVER_SOURCE_DIR}/DriverUtils.cpp | ||
${DRIVER_SOURCE_DIR}/HookedDriverManager.cpp | ||
${DRIVER_SOURCE_DIR}/HookedDriver.cpp | ||
${DRIVER_SOURCE_DIR}/Callbacks.cpp | ||
${DRIVER_SOURCE_DIR}/CapturedIrpManager.cpp | ||
${DRIVER_SOURCE_DIR}/CapturedIrp.cpp | ||
) | ||
|
||
wdk_add_driver( | ||
${PROJECT_NAME} | ||
KMDF | ||
1.15 | ||
|
||
${DRIVER_HEADER_FILES} | ||
${DRIVER_SOURCE_FILES} | ||
) | ||
|
||
add_executable(CFB::Kernel::Driver ALIAS ${PROJECT_NAME}) | ||
|
||
target_include_directories(${PROJECT_NAME} PRIVATE ${DRIVER_HEADER_DIR}) | ||
target_compile_definitions(${PROJECT_NAME} PRIVATE CFB_KERNEL_DRIVER=1) | ||
target_link_options(${PROJECT_NAME} PUBLIC /integritycheck) | ||
target_link_libraries(${PROJECT_NAME} CFB::Kernel::CommonLib ${DRIVER_RES_FILE}) | ||
|
||
# | ||
# Custom command directives | ||
# | ||
add_custom_command( | ||
TARGET ${PROJECT_NAME} PRE_BUILD | ||
COMMAND | ||
rc /nologo /fo ${DRIVER_RES_FILE} /r ${DRIVER_RC_FILE} | ||
COMMENT | ||
"Compiling '${DRIVER_RES_FILE}' resource file" | ||
) | ||
|
||
add_custom_command( | ||
TARGET ${PROJECT_NAME} POST_BUILD | ||
COMMAND | ||
powershell -ep bypass "Get-ChildItem -Recurse Cert:\\CurrentUser | Where-Object { $_.Subject -match '${CFB_CERT_CN}' } | Remove-Item" | ||
COMMAND | ||
makecert.exe -r -pe -ss ${CFB_CERT_STORE} -n CN="${CFB_CERT_CN}" -eku 1.3.6.1.5.5.7.3.3 "$<TARGET_FILE_DIR:${PROJECT_NAME}>/BlahCatTest.cer" | ||
COMMAND | ||
signtool.exe sign /v /a /fd SHA256 /s ${CFB_CERT_STORE} /n "${CFB_CERT_CN}" $<TARGET_FILE:${PROJECT_NAME}> | ||
COMMAND | ||
certmgr.exe -del -c -n "${CFB_CERT_CN}" -s -r currentUser ${CFB_CERT_STORE} | ||
COMMAND | ||
"${CMAKE_COMMAND}" -E copy_if_different $<TARGET_FILE:${PROJECT_NAME}> "$ENV{TEMP}" | ||
COMMENT | ||
"Sign driver, copy to tempdir" | ||
) | ||
|
||
# | ||
# Install directives | ||
# | ||
install(TARGETS ${PROJECT_NAME} DESTINATION Driver) | ||
install(FILES $<TARGET_PDB_FILE:${PROJECT_NAME}> DESTINATION Driver OPTIONAL) | ||
install(FILES ${CFB_DRIVER_INF_FILE} DESTINATION Driver OPTIONAL) | ||
install(FILES "$<TARGET_FILE_DIR:${PROJECT_NAME}>/BlahCatTest.cer" DESTINATION Driver OPTIONAL) | ||
project(IrpMonitor | ||
LANGUAGES CXX | ||
VERSION 0.2.0 | ||
DESCRIPTION "Driver part of CFB" | ||
) | ||
|
||
message(STATUS "Configuring '${PROJECT_NAME}'") | ||
|
||
set(DRIVER_SOURCE_DIR ${CFB_ROOT_DIR}/Driver/Source) | ||
set(DRIVER_HEADER_DIR ${CFB_ROOT_DIR}/Driver/Headers) | ||
|
||
set(DRIVER_VERSION_MAJOR ${PROJECT_VERSION_MAJOR} CACHE INTERNAL "DRIVER_VERSION_MAJOR") | ||
set(DRIVER_VERSION_MINOR ${PROJECT_VERSION_MINOR} CACHE INTERNAL "DRIVER_VERSION_MINOR") | ||
set(DRIVER_VERSION_PATCH ${PROJECT_VERSION_PATCH} CACHE INTERNAL "DRIVER_VERSION_PATCH") | ||
|
||
set(DRIVER_RC_FILE ${DRIVER_SOURCE_DIR}/Driver.rc) | ||
set(DRIVER_RES_FILE ${DRIVER_SOURCE_DIR}/Driver.res) | ||
set(CFB_CERT_CN "${CFB_COMPANY_NAME}") | ||
set(CFB_CERT_STORE "PrivateCertStore") | ||
set(CFB_DRIVER_INF_FILE "${DRIVER_SOURCE_DIR}/${PROJECT_NAME}.inf") | ||
|
||
configure_file(${DRIVER_RC_FILE}.in ${DRIVER_RC_FILE} NEWLINE_STYLE WIN32 ESCAPE_QUOTES) | ||
|
||
set( | ||
DRIVER_HEADER_FILES | ||
|
||
${DRIVER_HEADER_DIR}/Context.hpp | ||
${DRIVER_HEADER_DIR}/Native.hpp | ||
${DRIVER_HEADER_DIR}/DriverUtils.hpp | ||
${DRIVER_HEADER_DIR}/HookedDriverManager.hpp | ||
${DRIVER_HEADER_DIR}/HookedDriver.hpp | ||
${DRIVER_HEADER_DIR}/Callbacks.hpp | ||
${DRIVER_HEADER_DIR}/CapturedIrpManager.hpp | ||
${DRIVER_HEADER_DIR}/CapturedIrp.hpp | ||
) | ||
|
||
set( | ||
DRIVER_SOURCE_FILES | ||
|
||
${DRIVER_SOURCE_DIR}/Entry.cpp | ||
${DRIVER_SOURCE_DIR}/DriverUtils.cpp | ||
${DRIVER_SOURCE_DIR}/HookedDriverManager.cpp | ||
${DRIVER_SOURCE_DIR}/HookedDriver.cpp | ||
${DRIVER_SOURCE_DIR}/Callbacks.cpp | ||
${DRIVER_SOURCE_DIR}/CapturedIrpManager.cpp | ||
${DRIVER_SOURCE_DIR}/CapturedIrp.cpp | ||
) | ||
|
||
wdk_add_driver( | ||
${PROJECT_NAME} | ||
KMDF | ||
1.15 | ||
|
||
${DRIVER_HEADER_FILES} | ||
${DRIVER_SOURCE_FILES} | ||
) | ||
|
||
add_executable(CFB::Kernel::Driver ALIAS ${PROJECT_NAME}) | ||
|
||
target_include_directories(${PROJECT_NAME} PRIVATE ${DRIVER_HEADER_DIR}) | ||
target_compile_definitions(${PROJECT_NAME} PRIVATE CFB_KERNEL_DRIVER=1) | ||
target_link_options(${PROJECT_NAME} PUBLIC /integritycheck) | ||
target_link_libraries(${PROJECT_NAME} CFB::Kernel::CommonLib ${DRIVER_RES_FILE}) | ||
|
||
# | ||
# Custom command directives | ||
# | ||
add_custom_command( | ||
TARGET ${PROJECT_NAME} PRE_BUILD | ||
COMMAND | ||
rc /nologo /fo ${DRIVER_RES_FILE} /r ${DRIVER_RC_FILE} | ||
COMMENT | ||
"Compiling '${DRIVER_RES_FILE}' resource file" | ||
) | ||
|
||
add_custom_command( | ||
TARGET ${PROJECT_NAME} POST_BUILD | ||
COMMAND | ||
makecert.exe -r -pe -ss ${CFB_CERT_STORE} -n CN="${CFB_CERT_CN}" -eku 1.3.6.1.5.5.7.3.3 "$<TARGET_FILE_DIR:${PROJECT_NAME}>/BlahCatTest.cer" | ||
COMMAND | ||
signtool.exe sign /v /a /fd SHA256 /s ${CFB_CERT_STORE} /n "${CFB_CERT_CN}" $<TARGET_FILE:${PROJECT_NAME}> | ||
COMMAND | ||
certmgr.exe -del -c -n "${CFB_CERT_CN}" -s -r currentUser ${CFB_CERT_STORE} | ||
COMMAND | ||
"${CMAKE_COMMAND}" -E copy_if_different $<TARGET_FILE:${PROJECT_NAME}> "$ENV{TEMP}" | ||
COMMENT | ||
"Sign driver, copy to tempdir" | ||
) | ||
|
||
# | ||
# Install directives | ||
# | ||
install(TARGETS ${PROJECT_NAME} DESTINATION Driver) | ||
install(FILES $<TARGET_PDB_FILE:${PROJECT_NAME}> DESTINATION Driver OPTIONAL) | ||
install(FILES ${CFB_DRIVER_INF_FILE} DESTINATION Driver OPTIONAL) | ||
install(FILES "$<TARGET_FILE_DIR:${PROJECT_NAME}>/BlahCatTest.cer" DESTINATION Driver OPTIONAL) |
Oops, something went wrong.