IRP 结构和IO_STACK_LOCATION 结构

IRP 是 I/O request packet 的缩写，即 I/O 请求包。驱动与驱动之间通过 IRP 进行通信。而使用驱动的应用层调用的 CreatFile,ReadFile,WriteFile,DeviceIoControl 等函数，说到底也是使用 IRP 和驱动进行通信。

一个 IRP 由两部分组成。首先是头部或者叫包的固定部分，是一个 IRP 结构。紧跟在这个头部之后的是 I/O stack locations ，这是一个 IO_STACK_LOCATION 结构的数组，这个数组中元素的个数是根据情况而定的，由 IoAllocateIrp( IN CCHAR StackSize , IN BOOLEAN ChargeQuota ) 时的参数 StackSize 决定。而 StackSize 通常由 IRP 发往的目标 DEVICE_OBJECT 的 30 char StackSize 决定。而这个 StackSize 是由设备对象连入所在的设备栈时，根据在设备栈中位置决定的。我们先看看 IRP 结构和 IO_STACK_LOCATION 结构的定义。

IRP 结构定义如下

struct _IRP (sizeof=112)
00 int16 Type
02 uint16 Size
04 struct _MDL *MdlAddress
08 uint32 Flags
0c union __unnamed14 AssociatedIrp
0c struct _IRP *MasterIrp
0c int32 IrpCount
0c void *SystemBuffer
10 struct _LIST_ENTRY ThreadListEntry
10 struct _LIST_ENTRY *Flink
14 struct _LIST_ENTRY *Blink
18 struct _IO_STATUS_BLOCK IoStatus
18 int32 Status
18 void *Pointer
1c uint32 Information
20 char RequestorMode
21 byte PendingReturned
22 char StackCount
23 char CurrentLocation
24 byte Cancel
25 byte CancelIrql
26 char ApcEnvironment
27 byte AllocationFlags
28 struct _IO_STATUS_BLOCK *UserIosb
2c struct _KEVENT *UserEvent
30 union __unnamed15 Overlay
30 struct __unnamed16 AsynchronousParameters
30 function *UserApcRoutine
34 void *UserApcContext
30 union _LARGE_INTEGER AllocationSize
30 uint32 LowPart
34 int32 HighPart
30 struct __unnamed3 u
30 uint32 LowPart
34 int32 HighPart
30 int64 QuadPart
38 function *CancelRoutine
3c void *UserBuffer
40 union __unnamed17 Tail
40 struct __unnamed18 Overlay
40 struct _KDEVICE_QUEUE_ENTRY DeviceQueueEntry
40 struct _LIST_ENTRY DeviceListEntry
40 struct _LIST_ENTRY *Flink
44 struct _LIST_ENTRY *Blink
48 uint32 SortKey
4c byte Inserted
40 void *DriverContext[4]
50 struct _ETHREAD *Thread
54 char *AuxiliaryBuffer
58 struct _LIST_ENTRY ListEntry
58 struct _LIST_ENTRY *Flink
5c struct _LIST_ENTRY *Blink
60 struct _IO_STACK_LOCATION *CurrentStackLocation
60 uint32 PacketType
64 struct _FILE_OBJECT *OriginalFileObject
40 struct _KAPC Apc
40 int16 Type
42 int16 Size
44 uint32 Spare0
48 struct _KTHREAD *Thread
4c struct _LIST_ENTRY ApcListEntry
4c struct _LIST_ENTRY *Flink
50 struct _LIST_ENTRY *Blink
54 function *KernelRoutine
58 function *RundownRoutine
5c function *NormalRoutine
60 void *NormalContext
64 void *SystemArgument1
68 void *SystemArgument2
6c char ApcStateIndex
6d char ApcMode
6e byte Inserted
40 void *CompletionKey

IO_STACK_LOCATION 结构定义如下

struct _IO_STACK_LOCATION (sizeof=36)
00 byte MajorFunction
01 byte MinorFunction
02 byte Flags
03 byte Control
04 union __unnamed19 Parameters
04 struct __unnamed20 Create
04 struct _IO_SECURITY_CONTEXT *SecurityContext
08 uint32 Options
0c uint16 FileAttributes
0e uint16 ShareAccess
10 uint32 EaLength
04 struct __unnamed21 CreatePipe
04 struct _IO_SECURITY_CONTEXT *SecurityContext
08 uint32 Options
0c uint16 Reserved
0e uint16 ShareAccess
10 struct _NAMED_PIPE_CREATE_PARAMETERS *Parameters
04 struct __unnamed22 CreateMailslot
04 struct _IO_SECURITY_CONTEXT *SecurityContext
08 uint32 Options
0c uint16 Reserved
0e uint16 ShareAccess
10 struct _MAILSLOT_CREATE_PARAMETERS *Parameters
04 struct __unnamed23 Read
04 uint32 Length
08 uint32 Key
0c union _LARGE_INTEGER ByteOffset
0c uint32 LowPart
10 int32 HighPart
0c struct __unnamed3 u
0c uint32 LowPart
10 int32 HighPart
0c int64 QuadPart
04 struct __unnamed23 Write
04 uint32 Length
08 uint32 Key
0c union _LARGE_INTEGER ByteOffset
0c uint32 LowPart
10 int32 HighPart
0c struct __unnamed3 u
0c uint32 LowPart
10 int32 HighPart
0c int64 QuadPart
04 struct __unnamed24 QueryDirectory
04 uint32 Length
08 struct _STRING *FileName
0c int32 FileInformationClass
10 uint32 FileIndex
04 struct __unnamed25 NotifyDirectory
04 uint32 Length
08 uint32 CompletionFilter
04 struct __unnamed26 QueryFile
04 uint32 Length
08 int32 FileInformationClass
04 struct __unnamed27 SetFile
04 uint32 Length
08 int32 FileInformationClass
0c struct _FILE_OBJECT *FileObject
10 byte ReplaceIfExists
11 byte AdvanceOnly
10 uint32 ClusterCount
10 void *DeleteHandle
04 struct __unnamed28 QueryEa
04 uint32 Length
08 void *EaList
0c uint32 EaListLength
10 uint32 EaIndex
04 struct __unnamed29 SetEa
04 uint32 Length
04 struct __unnamed30 QueryVolume
04 uint32 Length
08 int32 FsInformationClass
04 struct __unnamed30 SetVolume
04 uint32 Length
08 int32 FsInformationClass
04 struct __unnamed31 FileSystemControl
04 uint32 OutputBufferLength
08 uint32 InputBufferLength
0c uint32 FsControlCode
10 void *Type3InputBuffer
04 struct __unnamed32 LockControl
04 union _LARGE_INTEGER *Length
08 uint32 Key
0c union _LARGE_INTEGER ByteOffset
0c uint32 LowPart
10 int32 HighPart
0c struct __unnamed3 u
0c uint32 LowPart
10 int32 HighPart
0c int64 QuadPart
04 struct __unnamed33 DeviceIoControl
04 uint32 OutputBufferLength
08 uint32 InputBufferLength
0c uint32 IoControlCode
10 void *Type3InputBuffer
04 struct __unnamed34 QuerySecurity
04 uint32 SecurityInformation
08 uint32 Length
04 struct __unnamed35 SetSecurity
04 uint32 SecurityInformation
08 void *SecurityDescriptor
04 struct __unnamed36 MountVolume
04 struct _VPB *Vpb
08 struct _DEVICE_OBJECT *DeviceObject
04 struct __unnamed36 VerifyVolume
04 struct _VPB *Vpb
08 struct _DEVICE_OBJECT *DeviceObject
04 struct __unnamed37 Scsi
04 *Srb
04 struct __unnamed38 QueryQuota
04 uint32 Length
08 void *StartSid
0c struct _FILE_GET_QUOTA_INFORMATION *SidList
10 uint32 SidListLength
04 struct __unnamed29 SetQuota
04 uint32 Length
04 struct __unnamed39 QueryDeviceRelations
04 int32 Type
04 struct __unnamed40 QueryInterface
04 struct _GUID *InterfaceType
08 uint16 Size
0a uint16 Version
0c struct _INTERFACE *Interface
10 void *InterfaceSpecificData
04 struct __unnamed41 DeviceCapabilities
04 struct _DEVICE_CAPABILITIES *Capabilities
04 struct __unnamed42 FilterResourceRequirements
04 struct _IO_RESOURCE_REQUIREMENTS_LIST *IoResourceRequirementList
04 struct __unnamed51 ReadWriteConfig
04 uint32 WhichSpace
08 void *Buffer
0c uint32 Offset
10 uint32 Length
04 struct __unnamed52 SetLock
04 byte Lock
04 struct __unnamed53 QueryId
04 int32 IdType
04 struct __unnamed54 QueryDeviceText
04 int32 DeviceTextType
08 uint32 LocaleId
04 struct __unnamed55 UsageNotification
04 byte InPath
05 byte Reserved[3]
08 int32 Type
04 struct __unnamed56 WaitWake
04 int32 PowerState
04 struct __unnamed57 PowerSequence
04 struct _POWER_SEQUENCE *PowerSequence
04 struct __unnamed58 Power
04 uint32 SystemContext
08 int32 Type
0c union _POWER_STATE State
0c int32 SystemState
0c int32 DeviceState
10 int32 ShutdownType
04 struct __unnamed59 StartDevice
04 struct _CM_RESOURCE_LIST *AllocatedResources
08 struct _CM_RESOURCE_LIST *AllocatedR