Hi Everybody,
While trying to implement WMI in one of my projects, faced a really though problem (at least for me - a WMI beginner) I have been trying to figure it out, for 3 days. So asking was the last resort:<
Problem is as follows:
1.I dont have an AddDevice routine, I create my device in DriverEntry.
2.Upon user request via DeviceIoControl, Driver registers to WMI like the line below:
IoWMIRegistrationControl(DriverObject->DeviceObject,WMIREG_ACTION_REGISTER);
3.Every structure is initialized correctly (WMILIB_CONTEXT,GUIDLIST etc.) And I use BASENAME for my instances, so no PDO…
4.F?nally deregistering from WMI with WMIREG_ACTION_DEREGISTER. (DriverUnload routine)
After performing the 2nd step, I think I should be able to see my WMI CLASS name in WMI EXPLORER utilities, but I AM NOT ABLE TO??? I also try to connect to the “root\WMI:class” programatically but it errs to… What should I do to successfully register my CLASS to root\WMI namespace? (source code below)
ANY HELP IS APPRECIATED,
THANKS
Full source code is here:
//MOF RESOURCE FILE
#include <windows.h>
LANGUAGE LANG_ENGLISH, SUBLANG_NEUTRAL
MofResource MOFDATA wmi42.bmf
//--------------------------------------------
//MOF FILE
[Dynamic, Provider(“WMIProv”),
WMI,
Description(“Wmi42 Sample Schema”),
guid(“ACF28F39-88C5-4019-BD87-C695ED44C98B”)]
class Wmi42
{
[key, read]
string InstanceName;
[read] boolean Active;
[WmiDataId(1),Description(“Some Question”)]
uint32 TheAnswer;
[WmiDataId(2),
read, write,
DisplayName(“BOOLEAN”) : amended,
Description(“boolean data”) : amended]
boolean Xboolean;
[WmiDataId(3),
read, write,
DisplayName(“UCHAR”) : amended,
Description(“unsigned character data”) : amended]
uint8 Xuint8;
[WmiDataId(4),
read, write,
DisplayName(“USHORT”) : amended,
Description(“unsigned short data”) : amended]
uint16 Xuint16;
};
//----------------------------------------------------------------------------------
//Here is WMI header file
//WMI.H--------------------
#include “wmilib.h”
#include “wmistr.h”
// Wmi42 Sample Schema
static GUID Wmi42_GUID = {0xacf28f39,0x88c5,0x4019,0xbd,0x87,0xc6,0x95,0xed,0x44,0xc9,0x8b} ;
typedef struct _Wmi42
{
// The Answer to the Ultimate Question
ULONG TheAnswer;
#define Wmi42_TheAnswer_SIZE sizeof(ULONG)
#define Wmi42_TheAnswer_ID 1
// boolean data
BOOLEAN Xboolean;
#define Wmi42_Xboolean_SIZE sizeof(BOOLEAN)
#define Wmi42_Xboolean_ID 2
// unsigned character data
UCHAR Xuint8;
#define Wmi42_Xuint8_SIZE sizeof(UCHAR)
#define Wmi42_Xuint8_ID 3
// unsigned short data
USHORT Xuint16;
#define Wmi42_Xuint16_SIZE sizeof(USHORT)
#define Wmi42_Xuint16_ID 4
} Wmi42, PWmi42;
#define Wmi42_SIZE (FIELD_OFFSET(Wmi42, Xuint16) + Wmi42_Xuint16_SIZE)
//WMI FUNCTIONS
//##########################################################################################################3
NTSTATUS WmiQueryReginfo(PDEVICE_OBJECT fdo, PULONG flags,PUNICODE_STRING instname, PUNICODE_STRING regpath,PUNICODE_STRING resname, PDEVICE_OBJECT* pdo){
*flags = WMIREG_FLAG_INSTANCE_BASENAME;
*regpath = &driverRegKey;
RtlInitUnicodeString(resname, L"MofResource");
static WCHAR basename = L"WMIEXTRA";
instname->Buffer = (PWCHAR) ExAllocatePool(PagedPool,
sizeof(basename));
if (!instname->Buffer){
DbgPrint(“INSUFFICIENT WmiQueryReginfo”);
return STATUS_INSUFFICIENT_RESOURCES;
}
instname->MaximumLength = sizeof(basename);
instname->Length = sizeof(basename) - 2;
RtlCopyMemory(instname->Buffer, basename, sizeof(basename));
DbgPrint(“SUCCESS WmiQueryReginfo”);
return STATUS_SUCCESS;
}
//##########################################################################################################3
//##########################################################################################################3
NTSTATUS WmiQueryDataBlock(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp,IN ULONG GuidIndex,IN ULONG InstanceIndex,IN ULONG InstanceCount,IN OUT PULONG InstanceLengthArray,IN ULONG BufferAvail,OUT PUCHAR Buffer){
DbgPrint(“WmiQueryDataBlock”);
NTSTATUS status = STATUS_SUCCESS;
PWmi42 pvalue = (PWmi42) Buffer;
pvalue->TheAnswer = 0xE;
InstanceLengthArray[0] = Wmi42_SIZE;
return WmiCompleteRequest(DeviceObject, Irp, STATUS_SUCCESS,Wmi42_SIZE, IO_NO_INCREMENT);
}
//##########################################################################################################3
//##########################################################################################################3
NTSTATUS WmiSetDataBlock(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp,IN ULONG GuidIndex,IN ULONG InstanceIndex,IN ULONG BufferSize,IN PUCHAR Buffer){
NTSTATUS status = STATUS_SUCCESS;
DbgPrint(“WmiSetDataBlock”);
return status;
}
//##########################################################################################################3
//##########################################################################################################3
NTSTATUS WmiSetDataItem(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp,IN ULONG GuidIndex,IN ULONG InstanceIndex,IN ULONG DataItemId,IN ULONG BufferSize,IN PUCHAR Buffer){
NTSTATUS status = STATUS_SUCCESS;
DbgPrint(“WmiSetDataItem”);
return status;
}
//##########################################################################################################3
//##########################################################################################################3
NTSTATUS WmiExecuteMethod(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp,IN ULONG GuidIndex,IN ULONG InstanceIndex,IN ULONG MethodId,IN ULONG InBufferSize,IN ULONG OutBufferSize,IN OUT PUCHAR Buffer){
NTSTATUS status = STATUS_SUCCESS;
DbgPrint(“WmiExecuteMethod”);
return status;
}
//##########################################################################################################3
//##########################################################################################################3
NTSTATUS WmiFunctionControl(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp,IN ULONG GuidIndex,IN WMIENABLEDISABLECONTROL Function,IN BOOLEAN Enable){
NTSTATUS status = STATUS_SUCCESS;
DbgPrint(“WmiFunctionControl”);
return status;
}
//##########################################################################################################3
//##############################################################################################################
WMIGUIDREGINFO guidlist = {
{&Wmi42_GUID, 1, 0},
};
//##############################################################################################################
//##############################################################################################################
WMILIB_CONTEXT wmiContext = {
1,//arraysize(guidlist)
guidlist,
WmiQueryReginfo,
WmiQueryDataBlock,
NULL,//WmiSetDataBlock,
NULL,//WmiSetDataItem,
NULL,//WmiExecuteMethod,
NULL,//WmiFunctionControl,
};
//##############################################################################################################
//##############################################################################################################
typedef struct _WMI{
ULONG_PTR ProviderId;
PVOID DataPath;
ULONG BufferSize;
PVOID Buffer;
} WMI,*PWMI;
WMI wmi;
//============================================================================================================
//WMI ile ilgili olan DISPATCH FUNC burada!
NTSTATUS SUR32SystemControl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
SYSCTL_IRP_DISPOSITION irpStatus;
NTSTATUS status;
PIO_STACK_LOCATION pIO = IoGetCurrentIrpStackLocation(Irp);
DbgPrint(“MINOR FUNCTION : %x”,(DWORD)pIO->MinorFunction);
status = WmiSystemControl(&wmiContext,DeviceObject,Irp,&irpStatus);
DbgPrint(“WmiSystemControl Returns : %x”,(DWORD)status);
//?imdi IRP’nin durumunu kontrol ve ona g?re gerekeni yap!
switch (irpStatus)
{
case IrpProcessed:
DbgPrint(“IrpProcessed”);
break;
case IrpNotCompleted:
DbgPrint(“IrpNotCompleted %x”,(DWORD)Irp->IoStatus.Status);
IoCompleteRequest(Irp, IO_NO_INCREMENT);
break;
default:
case IrpNotWmi:
case IrpForward:
DbgPrint(“IrpNotWmi IrpForward”);
IoCompleteRequest(Irp, IO_NO_INCREMENT);
break;
}
return STATUS_SUCCESS;
}
//============================================================================================================</windows.h>