WDK Mini Filter Example
Macros | Functions | Variables
minispy.c File Reference
#include "mspyKern.h"
#include <stdio.h>

Go to the source code of this file.

Macros

#define SetFlagInterlocked(_ptrFlags, _flagToSet)   ((VOID)InterlockedOr(((volatile LONG *)(_ptrFlags)),_flagToSet))
 

Functions

NTSTATUS DriverEntry (_In_ PDRIVER_OBJECT DriverObject, _In_ PUNICODE_STRING RegistryPath)
 
NTSTATUS SpyMessage (_In_ PVOID ConnectionCookie, _In_reads_bytes_opt_(InputBufferSize) PVOID InputBuffer, _In_ ULONG InputBufferSize, _Out_writes_bytes_to_opt_(OutputBufferSize, *ReturnOutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferSize, _Out_ PULONG ReturnOutputBufferLength)
 
NTSTATUS SpyConnect (_In_ PFLT_PORT ClientPort, _In_ PVOID ServerPortCookie, _In_reads_bytes_(SizeOfContext) PVOID ConnectionContext, _In_ ULONG SizeOfContext, _Flt_ConnectionCookie_Outptr_ PVOID *ConnectionCookie)
 
VOID SpyDisconnect (_In_opt_ PVOID ConnectionCookie)
 
NTSTATUS SpyEnlistInTransaction (_In_ PCFLT_RELATED_OBJECTS FltObjects)
 
NTSTATUS SpyFilterUnload (_In_ FLT_FILTER_UNLOAD_FLAGS Flags)
 
NTSTATUS SpyQueryTeardown (_In_ PCFLT_RELATED_OBJECTS FltObjects, _In_ FLT_INSTANCE_QUERY_TEARDOWN_FLAGS Flags)
 
FLT_PREOP_CALLBACK_STATUS SpyPreOperationCallback (_Inout_ PFLT_CALLBACK_DATA Data, _In_ PCFLT_RELATED_OBJECTS FltObjects, _Flt_CompletionContext_Outptr_ PVOID *CompletionContext)
 
FLT_POSTOP_CALLBACK_STATUS SpyPostOperationCallback (_Inout_ PFLT_CALLBACK_DATA Data, _In_ PCFLT_RELATED_OBJECTS FltObjects, _In_ PVOID CompletionContext, _In_ FLT_POST_OPERATION_FLAGS Flags)
 
NTSTATUS SpyKtmNotificationCallback (_In_ PCFLT_RELATED_OBJECTS FltObjects, _In_ PFLT_CONTEXT TransactionContext, _In_ ULONG TransactionNotification)
 
VOID SpyDeleteTxfContext (_Inout_ PMINISPY_TRANSACTION_CONTEXT Context, _In_ FLT_CONTEXT_TYPE ContextType)
 
LONG SpyExceptionFilter (_In_ PEXCEPTION_POINTERS ExceptionPointer, _In_ BOOLEAN AccessingUserBuffer)
 

Variables

MINISPY_DATA MiniSpyData
 
NTSTATUS StatusToBreakOn = 0
 
DRIVER_INITIALIZE DriverEntry
 

Macro Definition Documentation

◆ SetFlagInterlocked

#define SetFlagInterlocked (   _ptrFlags,
  _flagToSet 
)    ((VOID)InterlockedOr(((volatile LONG *)(_ptrFlags)),_flagToSet))

Definition at line 83 of file minispy.c.

Function Documentation

◆ DriverEntry()

NTSTATUS DriverEntry ( _In_ PDRIVER_OBJECT  DriverObject,
_In_ PUNICODE_STRING  RegistryPath 
)

Definition at line 91 of file minispy.c.

◆ SpyConnect()

NTSTATUS SpyConnect ( _In_ PFLT_PORT  ClientPort,
_In_ PVOID  ServerPortCookie,
_In_reads_bytes_(SizeOfContext) PVOID  ConnectionContext,
_In_ ULONG  SizeOfContext,
_Flt_ConnectionCookie_Outptr_ PVOID *  ConnectionCookie 
)

Definition at line 235 of file minispy.c.

◆ SpyDeleteTxfContext()

VOID SpyDeleteTxfContext ( _Inout_ PMINISPY_TRANSACTION_CONTEXT  Context,
_In_ FLT_CONTEXT_TYPE  ContextType 
)

Definition at line 1322 of file minispy.c.

◆ SpyDisconnect()

VOID SpyDisconnect ( _In_opt_ PVOID  ConnectionCookie)

Definition at line 278 of file minispy.c.

◆ SpyEnlistInTransaction()

NTSTATUS SpyEnlistInTransaction ( _In_ PCFLT_RELATED_OBJECTS  FltObjects)

Definition at line 1049 of file minispy.c.

◆ SpyExceptionFilter()

LONG SpyExceptionFilter ( _In_ PEXCEPTION_POINTERS  ExceptionPointer,
_In_ BOOLEAN  AccessingUserBuffer 
)

Definition at line 1336 of file minispy.c.

◆ SpyFilterUnload()

NTSTATUS SpyFilterUnload ( _In_ FLT_FILTER_UNLOAD_FLAGS  Flags)

Definition at line 309 of file minispy.c.

◆ SpyKtmNotificationCallback()

NTSTATUS SpyKtmNotificationCallback ( _In_ PCFLT_RELATED_OBJECTS  FltObjects,
_In_ PFLT_CONTEXT  TransactionContext,
_In_ ULONG  TransactionNotification 
)

Definition at line 1289 of file minispy.c.

◆ SpyMessage()

NTSTATUS SpyMessage ( _In_ PVOID  ConnectionCookie,
_In_reads_bytes_opt_(InputBufferSize) PVOID  InputBuffer,
_In_ ULONG  InputBufferSize,
_Out_writes_bytes_to_opt_(OutputBufferSize, *ReturnOutputBufferLength) PVOID  OutputBuffer,
_In_ ULONG  OutputBufferSize,
_Out_ PULONG  ReturnOutputBufferLength 
)

Definition at line 383 of file minispy.c.

◆ SpyPostOperationCallback()

FLT_POSTOP_CALLBACK_STATUS SpyPostOperationCallback ( _Inout_ PFLT_CALLBACK_DATA  Data,
_In_ PCFLT_RELATED_OBJECTS  FltObjects,
_In_ PVOID  CompletionContext,
_In_ FLT_POST_OPERATION_FLAGS  Flags 
)

Definition at line 911 of file minispy.c.

◆ SpyPreOperationCallback()

FLT_PREOP_CALLBACK_STATUS SpyPreOperationCallback ( _Inout_ PFLT_CALLBACK_DATA  Data,
_In_ PCFLT_RELATED_OBJECTS  FltObjects,
_Flt_CompletionContext_Outptr_ PVOID *  CompletionContext 
)

Definition at line 593 of file minispy.c.

◆ SpyQueryTeardown()

NTSTATUS SpyQueryTeardown ( _In_ PCFLT_RELATED_OBJECTS  FltObjects,
_In_ FLT_INSTANCE_QUERY_TEARDOWN_FLAGS  Flags 
)

Definition at line 354 of file minispy.c.

Variable Documentation

◆ DriverEntry

DRIVER_INITIALIZE DriverEntry

Definition at line 32 of file minispy.c.

◆ MiniSpyData

MINISPY_DATA MiniSpyData

Definition at line 26 of file minispy.c.

◆ StatusToBreakOn

NTSTATUS StatusToBreakOn = 0

Definition at line 27 of file minispy.c.

Social Network


Services Overview

Architect, implement and test file system filter drivers for a wide range of functionality. We can offer several levels of assistance to meet your specific.

Contact Us

You are welcome to contact us for salse or partnership.

Sales: sales@easefilter.com
Support: support@easefilter.com
Info: info@easefilter.com

© Copyright EaseFilter Inc..