/***************************************************************************
*
* 原理:利用SCM组件服务方式加载驱动
* 1、创建服务
* 2、开启服务
* 3、关闭服务
* 4、删除服务
*
****************************************************************************/
/****************************************************************************
*
* 函数名:LoadNTDriver
* 参数:
* 【IN】char* DriverName , char* DriverPath
* 【OUT】
* 功能描述:加载NT驱动
* 返回值:Bool 成功返回TRUE 失败返回FALSE
*
*
****************************************************************************/
#include <windows.h>
BOOL LoadNTDriver( char* DriverName, char* DriverPath )
{
BOOL bRet = false;
SC_HANDLE hManager = NULL; //SCM管理句柄
SC_HANDLE hService = NULL; //NT驱动服务句柄
//打开服务控制管理器SCM
hManager = OpenSCManager ( NULL, NULL, SC_MANAGER_ALL_ACCESS );
if( hManager == NULL )
{
//打开服务管理器失败
MessageBox( NULL, "ERROR", "OpenSCM", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
return bRet;
}
else
{
MessageBox( NULL, "SUCCESS", "OpenSCM", MB_OK );
}
//创建服务
hService = CreateService( hManager,
DriverName,
DriverName,
SERVICE_ALL_ACCESS,
SERVICE_KERNEL_DRIVER,
SERVICE_DEMAND_START,
SERVICE_ERROR_IGNORE,
DriverPath,
NULL,
NULL,
NULL,
NULL,
NULL );
DWORD dwRtn;
if( hService == NULL )
{
dwRtn = GetLastError();
if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS )
{
//由于其他原因创建服务失败
MessageBox( NULL, "ERROR", "CreateService", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
else
{
//服务已经创建过 只需打开服务
MessageBox( NULL, "ERROR", "Service Created", MB_OK );
}
//打开服务
hService = OpenService( hManager, DriverName, SERVICE_ALL_ACCESS );
if( hService == NULL )
{
//打开服务失败
MessageBox( NULL, "ERROR", "OpenService", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
else
{
MessageBox( NULL, "SUCCESS", "OpenService", MB_OK );
}
}
else
{
MessageBox( NULL, "SUCCESS", "CreateService", MB_OK );
}
//开启服务
bRet = StartService( hService, NULL, NULL);
if( !bRet )
{
dwRtn = GetLastError();
if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING)
{
MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
else
{
if( dwRtn == ERROR_IO_PENDING )
{
//设备被挂住
MessageBox( NULL, "ERROR", "StartService", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
else
{
//服务已经启动
MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
bRet = true;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
}
}
MessageBox( NULL, "SUCCESS", "StartService", MB_OK );
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
/****************************************************************************
*
* 函数名:UnLoadNTDriver
* 参数:
* 【IN】char* DriverName , char* DriverPath
* 【OUT】
* 功能描述:卸载NT驱动
* 返回值:Bool 成功返回TRUE 失败返回FALSE
* 作者:sysdog , 2009/10/7
*
****************************************************************************/
BOOL UnLoadNTDriver( char* DriverName, char* DriverPath )
{
BOOL bRet = false;
SC_HANDLE hManager = NULL;
SC_HANDLE hService = NULL;
SERVICE_STATUS SvrSta;
//打开SCM管理器
hManager = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS );
if( hManager == NULL )
{
//打开服务管理器失败
MessageBox( NULL, "ERROR", "OpenSCM", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
return bRet;
}
else
{
MessageBox( NULL, "SUCCESS", "OpenSCM", MB_OK );
}
//打开服务
hService = OpenService( hManager, DriverName, SERVICE_ALL_ACCESS );
if( hService == NULL )
{
//打开服务失败
MessageBox( NULL, "ERROR", "OpenService", MB_OK );
bRet = false;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}
else
{
MessageBox( NULL, "SUCCESS", "OpenService", MB_OK );
}
//停止驱动
if( !ControlService( hService,SERVICE_CONTROL_STOP, &SvrSta) )
{
MessageBox( NULL, "ERROR", "ControlService", MB_OK );
}
else
{
MessageBox( NULL, "SUCCESS", "ControlService", MB_OK );
}
//卸载服务
if( !DeleteService( hService ) )
{
MessageBox( NULL, "ERROR", "DeleteService", MB_OK );
}
else
{
MessageBox( NULL, "SUCCESS", "DeleteService", MB_OK );
}
bRet = true;
CloseServiceHandle( hManager );
CloseServiceHandle( hService );
return bRet;
}