In this installment, we will compile and deploy our first driver. You should have all the tools installed already.
Windows device drivers are reactive programs—all they really do is respond to events, somewhat similar to GUI programs. The kinds of events drivers recognize include:
Loading the driver into memory and unloading it from memory
Adding a new hardware device for which the driver is responsible
Transitioning to a power-savings mode
Reading and writing from a device
Handling an interrupt arriving from a device
A driver handles these events by registering functions that Windows invokes. In this post, we will use only two of these functions, invoked when a driver is loaded and unloaded.
Type the following into your favorite code editor and save it as HelloWorldDriver.c:
#include <ntddk.h>
void DriverUnload(
PDRIVER_OBJECT pDriverObject)
{
DbgPrint("Driver unloading\n");
}
NTSTATUS DriverEntry(
PDRIVER_OBJECT DriverObject,
PUNICODE_STRING RegistryPath)
{
DriverObject->DriverUnload = DriverUnload;
DbgPrint("Hello, World\n");
return STATUS_SUCCESS;
}
Read more: All Your Base Are Belong To Us