nt!PiBuildDeviceNodeInstancePath函数分析和DeviceNode->InstancePath的由来--重要
NTSTATUS
PiProcessNewDeviceNode(
IN PDEVICE_NODE DeviceNode
)
{
status = PipMakeGloballyUniqueId(deviceObject, instanceID, &uniqueInstanceID);
if (instanceID != NULL) {
ExFreePool(instanceID);
}
instanceID = uniqueInstanceID;
0: kd> dv uniqueInstanceID
uniqueInstanceID = 0xe1285440
0: kd> dx -r1 ((ntkrnlmp!unsigned short *)0xe1285440)
((ntkrnlmp!unsigned short *)0xe1285440) : 0xe1285440 : 0x32 [Type: unsigned short *]
0x32 [Type: unsigned short]
0: kd> db 0xe1285440
e1285440 32 00 26 00 64 00 61 00-62 00 61 00 33 00 66 00 2.&.d.a.b.a.3.f.
e1285450 66 00 26 00 30 00 00 00-4c 49 53 54 70 b2 b2 b2 f.&.0...LISTp...
0: kd> dt _device_node 0x894ffea8
nt!_DEVICE_NODE
+0x000 Sibling : 0x8952a1e0 _DEVICE_NODE
+0x004 Child : (null)
+0x008 Parent : 0x899c1008 _DEVICE_NODE
+0x00c LastChild : (null)
+0x010 Level : 3
+0x014 Notify : (null)
+0x018 State : 301 ( DeviceNodeUninitialized )
+0x01c PreviousState : 0 (No matching name)
+0x020 StateHistory : [20] 0 (No matching name)
+0x070 StateHistoryEntry : 0
+0x074 CompletionStatus : 0n0
+0x078 PendingIrp : (null)
+0x07c Flags : 0x10
+0x080 UserFlags : 0
+0x084 Problem : 0
+0x088 PhysicalDeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x08c ResourceList : (null)
+0x090 ResourceListTranslated : (null)
+0x094 InstancePath : _UNICODE_STRING "" 还没赋值
+0x09c ServiceName : _UNICODE_STRING ""
+0x0a4 DuplicatePDO : (null)
+0x0a8 ResourceRequirements : (null)
+0x0ac InterfaceType : 0xffffffff (No matching name)
+0x0b0 BusNumber : 0xffffffff
+0x0b4 ChildInterfaceType : 0xffffffff (No matching name)
+0x0b8 ChildBusNumber : 0xffffffff
+0x0bc ChildBusTypeIndex : 0xffff
+0x0be RemovalPolicy : 0 ''
+0x0bf HardwareRemovalPolicy : 0 ''
+0x0c0 TargetDeviceNotify : _LIST_ENTRY [ 0x894fff68 - 0x894fff68 ]
+0x0c8 DeviceArbiterList : _LIST_ENTRY [ 0x894fff70 - 0x894fff70 ]
+0x0d0 DeviceTranslatorList : _LIST_ENTRY [ 0x894fff78 - 0x894fff78 ]
+0x0d8 NoTranslatorMask : 0
+0x0da QueryTranslatorMask : 0
+0x0dc NoArbiterMask : 0
+0x0de QueryArbiterMask : 0
+0x0e0 OverUsed1 : __unnamed
+0x0e4 OverUsed2 : __unnamed
+0x0e8 BootResources : (null)
+0x0ec CapabilityFlags : 0
+0x0f0 DockInfo : __unnamed
+0x100 DisableableDepends : 0
+0x104 PendedSetInterfaceState : _LIST_ENTRY [ 0x894fffac - 0x894fffac ]
+0x10c LegacyBusListEntry : _LIST_ENTRY [ 0x894fffb4 - 0x894fffb4 ]
0: kd> dx -id 0,0,899a2278 -r1 ((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8)
((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8) : 0x899050e8 : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT *]
\
Flags : 0x1040
UpperDevices : None
LowerDevices : None
Driver : 0x89981f38 : Driver "\Driver\ACPI" [Type: _DRIVER_OBJECT *]
0: kd> dx -id 0,0,899a2278 -r1 -nv (*((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8))
(*((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8)) : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT]
+0x000\] Type : 3 \[Type: short
+0x002\] Size : 0xb8 \[Type: unsigned short
+0x004\] ReferenceCount : 0 \[Type: long
+0x008\] DriverObject : 0x89981f38 : Driver "\\Driver\\ACPI" \[Type: _DRIVER_OBJECT \*
+0x00c\] NextDevice : 0x89981b98 : Device for "\\Driver\\ACPI" \[Type: _DEVICE_OBJECT \*
+0x010\] AttachedDevice : 0x0 \[Type: _DEVICE_OBJECT \*
+0x014\] CurrentIrp : 0x0 \[Type: _IRP \*
+0x018\] Timer : 0x0 \[Type: _IO_TIMER \*
+0x01c\] Flags : 0x1040 \[Type: unsigned long
+0x020\] Characteristics : 0x80 \[Type: unsigned long
+0x024\] Vpb : 0x0 \[Type: _VPB \*
+0x028\] DeviceExtension : 0x899c0d58 \[Type: void \*
+0x02c\] DeviceType : 0x32 \[Type: unsigned long
+0x030\] StackSize : 1 \[Type: char
+0x034\] Queue \[Type: __unnamed
+0x05c\] AlignmentRequirement : 0x0 \[Type: unsigned long
+0x060\] DeviceQueue \[Type: _KDEVICE_QUEUE
+0x074\] Dpc \[Type: _KDPC
+0x094\] ActiveThreadCount : 0x0 \[Type: unsigned long
+0x098\] SecurityDescriptor : 0xe1297680 \[Type: void \*
+0x09c\] DeviceLock \[Type: _KEVENT
+0x0ac\] SectorSize : 0x0 \[Type: unsigned short
+0x0ae\] Spare1 : 0x0 \[Type: unsigned short
+0x0b0\] DeviceObjectExtension : 0x899051a0 \[Type: _DEVOBJ_EXTENSION \*
+0x0b4\] Reserved : 0x0 \[Type: void \*
0: kd> dt acpi!_Device_Extension 0x899c0d58
+0x000 Flags : 0x05402000`02010020
+0x000 UFlags : __unnamed
+0x008 Signature : 0x5f534750
+0x00c DebugFlags : 0
+0x010 DispatchTable : 0xf743830c IRP_DISPATCH_TABLE
+0x014 WorkContext : WORK_QUEUE_CONTEXT
+0x014 Fdo : _FDO_DEVICE_EXTENSION
+0x014 Filter : _FILTER_DEVICE_EXTENSION
+0x014 Pdo : _PDO_DEVICE_EXTENSION
+0x058 WorkQueue : EXTENSION_WORKER
+0x058 Button : BUTTON_EXTENSION
+0x058 Thermal : THERMAL_EXTENSION
+0x058 LinkNode : LINK_NODE_EXTENSION
+0x058 Dock : DOCK_EXTENSION
+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION
+0x088 DeviceState : 0 ( Stopped )
+0x08c PreviousState : 0 ( Stopped )
+0x090 PowerInfo : _ACPI_POWER_INFO
+0x10c DeviceID : 0x899c1148 "ACPI\PNP0A03"
+0x10c Address : 0x899c1148
+0x110 InstanceID : (null) 还没有赋值
+0x114 ResourceList : (null)
+0x118 PnpResourceList : (null)
+0x11c OutstandingIrpCount : 0n1
+0x120 ReferenceCount : 0n83
+0x124 HibernatePathCount : 0n0
+0x128 RemoveEvent : (null)
+0x12c AcpiObject : 0x899affac _NSObj
+0x130 DeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x134 TargetDeviceObject : (null)
+0x138 PhysicalDeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x13c ParentExtension : 0x89981a18 _DEVICE_EXTENSION
+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899c0d38 - 0x8990efe8 ]
+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x899ae150 - 0x89981b58 ]
+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x899c0ea8 - 0x899c0ea8 ]
+0x158 EjectDeviceList : _LIST_ENTRY [ 0x899c0eb0 - 0x899c0eb0 ]
0: kd> db 0x899affac
899affac 4c ff 9a 89 ac 40 9b 89-f0 f0 9a 89 24 00 9b 89 L....@......$...
899affbc 50 43 49 30 30 f3 9a 89-4c ff 9a 89 00 00 06 00 PCI00...L.......
//
// Build the device instance path and create the instance key.
//
status = PiBuildDeviceNodeInstancePath(DeviceNode, busID, deviceID, instanceID);
if (NT_SUCCESS(status)) {
status = PiCreateDeviceInstanceKey(DeviceNode, &instanceKey, &disposition);
}
0: kd> kc
00 nt!PiBuildDeviceNodeInstancePath
01 nt!PiProcessNewDeviceNode
02 nt!PipProcessDevNodeTree
03 nt!PipDeviceActionWorker
04 nt!PipRequestDeviceAction
05 nt!IopInitializeBootDrivers
06 nt!IoInitSystem
07 nt!Phase1Initialization
08 nt!PspSystemThreadStartup
09 nt!KiThreadStartup
0: kd> dv
DeviceNode = 0x894ffea8
BusID = 0xe1271120
DeviceID = 0xe127112a
InstanceID = 0xe1285440
0: kd> dx -r1 ((ntkrnlmp!unsigned short *)0xe1271120)
((ntkrnlmp!unsigned short *)0xe1271120) : 0xe1271120 : 0x41 [Type: unsigned short *]
0x41 [Type: unsigned short]
0: kd> db 0xe1271120
e1271120 41 00 43 00 50 00 49 00-00 00 50 00 4e 00 50 00 A.C.P.I...P.N.P.
e1271130 30 00 41 00 30 00 33 00-00 00 55 52 43 45 53 79 0.A.0.3...URCESy
e1271140 05 04 07 04 43 4d 56 49-88 21 27 e1 19 cb 27 e1 ....CMVI.!'...'.
e1271150 69 3a 27 e1 59 eb 28 e1-e1 d5 26 e1 11 81 27 e1 i:'.Y.(...&...'.
e1271160 29 6f 29 e1 31 d1 29 e1-99 0e 29 e1 e1 49 29 e1 )o).1.)...)..I).
e1271170 b1 61 28 e1 64 b2 b2 b2-07 04 02 00 4f 62 53 71 .a(.d.......ObSq
e1271180 d1 92 27 e1 31 1b 27 e1-02 04 02 0c 4f 62 44 69 ..'.1.'.....ObDi
e1271190 00 00 00 00 e8 78 98 89-02 04 21 0c 43 4d 33 39 .....x....!.CM39
0: kd> db 0xe127112a
e127112a 50 00 4e 00 50 00 30 00-41 00 30 00 33 00 00 00 P.N.P.0.A.0.3...
e127113a 55 52 43 45 53 79 05 04-07 04 43 4d 56 49 88 21 URCESy....CMVI.!
e127114a 27 e1 19 cb 27 e1 69 3a-27 e1 59 eb 28 e1 e1 d5 '...'.i:'.Y.(...
e127115a 26 e1 11 81 27 e1 29 6f-29 e1 31 d1 29 e1 99 0e &...'.)o).1.)...
e127116a 29 e1 e1 49 29 e1 b1 61-28 e1 64 b2 b2 b2 07 04 )..I)..a(.d.....
e127117a 02 00 4f 62 53 71 d1 92-27 e1 31 1b 27 e1 02 04 ..ObSq..'.1.'...
e127118a 02 0c 4f 62 44 69 00 00-00 00 e8 78 98 89 02 04 ..ObDi.....x....
e127119a 21 0c 43 4d 33 39 00 00-00 00 00 00 00 00 00 00 !.CM39..........
0: kd> db 0xe1285440
e1285440 32 00 26 00 64 00 61 00-62 00 61 00 33 00 66 00 2.&.d.a.b.a.3.f.
e1285450 66 00 26 00 30 00 00 00-4c 49 53 54 70 b2 b2 b2 f.&.0...LISTp...
0: kd> dx -r1 ((ntkrnlmp!_DEVICE_NODE *)0x899c1008)
((ntkrnlmp!_DEVICE_NODE *)0x899c1008) : 0x899c1008 [Type: _DEVICE_NODE *]
+0x000\] Sibling : 0x0 \[Type: _DEVICE_NODE \*
+0x004\] Child : 0x894ffea8 \[Type: _DEVICE_NODE \*
+0x008\] Parent : 0x89986008 \[Type: _DEVICE_NODE \*
+0x00c\] LastChild : 0x8952a500 \[Type: _DEVICE_NODE \*
+0x010\] Level : 0x2 \[Type: unsigned long
+0x014\] Notify : 0x0 \[Type: _PO_DEVICE_NOTIFY \*
+0x018\] State : DeviceNodeStarted (776) \[Type: _PNP_DEVNODE_STATE
+0x01c\] PreviousState : DeviceNodeEnumerateCompletion (781) \[Type: _PNP_DEVNODE_STATE
+0x020\] StateHistory \[Type: _PNP_DEVNODE_STATE \[20\]
+0x070\] StateHistoryEntry : 0x8 \[Type: unsigned long
+0x074\] CompletionStatus : 0 \[Type: long
+0x078\] PendingIrp : 0x0 \[Type: _IRP \*
+0x07c\] Flags : 0xf0 \[Type: unsigned long
+0x080\] UserFlags : 0x0 \[Type: unsigned long
+0x084\] Problem : 0x0 \[Type: unsigned long
+0x088\] PhysicalDeviceObject : 0x899c1de0 : Device for "\\Driver\\ACPI_HAL" \[Type: _DEVICE_OBJECT \*
+0x08c\] ResourceList : 0xe127b758 \[Type: _CM_RESOURCE_LIST \*
+0x090\] ResourceListTranslated : 0xe127fe58 \[Type: _CM_RESOURCE_LIST \*
+0x094\] InstancePath : "ACPI_HAL\\PNP0C08\\0" \[Type: _UNICODE_STRING
参考结果:
DevNode 0x89db5008 for PDO 0x89db5cb8
InstancePath is "ACPI_HAL\PNP0C08\0"
ServiceName is "ACPI"
State = DeviceNodeStarted (0x308)
Previous State = DeviceNodeEnumerateCompletion (0x30d)
DevNode 0x89d26558 for PDO 0x89d38bf0
InstancePath is "ACPI\PNP0A03\2&daba3ff&0"
ServiceName is "pci"
State = DeviceNodeStarted (0x308)
Previous State = DeviceNodeEnumerateCompletion (0x30d)
参考结果:
//
// Construct the instance path as <BUS>\<DEVICE>\<INSTANCE>. This should always be NULL terminated
// since we have precomputed the length that we pass into this counted routine.
//
StringCbPrintfW(instancePath, length, L"%s\\%s\\%s", BusID, DeviceID, InstanceID);
0: kd> gu
eax=00000000 ebx=00000000 ecx=00000030 edx=894fff3c esi=894ffea8 edi=899050e8
eip=80c93a98 esp=f789a2e0 ebp=f789a38c iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
nt!PiProcessNewDeviceNode+0x216:
80c93a98 3bc3 cmp eax,ebx
0: kd> dx -r1 ((ntkrnlmp!_DEVICE_NODE *)0x894ffea8)
((ntkrnlmp!_DEVICE_NODE *)0x894ffea8) : 0x894ffea8 [Type: _DEVICE_NODE *]
+0x000\] Sibling : 0x8952a1e0 \[Type: _DEVICE_NODE \*
+0x004\] Child : 0x0 \[Type: _DEVICE_NODE \*
+0x008\] Parent : 0x899c1008 \[Type: _DEVICE_NODE \*
+0x00c\] LastChild : 0x0 \[Type: _DEVICE_NODE \*
+0x010\] Level : 0x3 \[Type: unsigned long
+0x014\] Notify : 0x0 \[Type: _PO_DEVICE_NOTIFY \*
+0x018\] State : DeviceNodeUninitialized (769) \[Type: _PNP_DEVNODE_STATE
+0x01c\] PreviousState : 0 \[Type: _PNP_DEVNODE_STATE
+0x020\] StateHistory \[Type: _PNP_DEVNODE_STATE \[20\]
+0x070\] StateHistoryEntry : 0x0 \[Type: unsigned long
+0x074\] CompletionStatus : 0 \[Type: long
+0x078\] PendingIrp : 0x0 \[Type: _IRP \*
+0x07c\] Flags : 0x10 \[Type: unsigned long
+0x080\] UserFlags : 0x0 \[Type: unsigned long
+0x084\] Problem : 0x0 \[Type: unsigned long
+0x088\] PhysicalDeviceObject : 0x899050e8 : Device for "\\Driver\\ACPI" \[Type: _DEVICE_OBJECT \*
+0x08c\] ResourceList : 0x0 \[Type: _CM_RESOURCE_LIST \*
+0x090\] ResourceListTranslated : 0x0 \[Type: _CM_RESOURCE_LIST \*
+0x094\] InstancePath : "ACPI\\PNP0A03\\2\&daba3ff\&0" \[Type: _UNICODE_STRING