问题
I wrote a Windows driver (file system). All my logs print by the DbgPrint function. With the DebugView program (Capture Kernel - on) I can see all my logs.
I want to show/save its logs. So, I want to listen to kernel messages.
I tried to write some:
struct DbWinBuffer
{
DWORD dwProcessId;
char data[4096 - sizeof(DWORD)];
};
DbWinBuffer* dbBuffer;
HANDLE hAckEvent;
HANDLE hEvent;
HANDLE hSharedFile;
SECURITY_DESCRIPTOR sd;
SECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = true;
sa.lpSecurityDescriptor = &sd;
if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
{
printf("ERROR: InitializeSecurityDescriptor\\n");
return 1;
}
if (!SetSecurityDescriptorDacl(&sd, true, 0, false))
{
printf("ERROR: SetSecurityDescriptorDacl\n");
return 1;
}
hAckEvent = CreateEvent(&sa, false, false, L"DBWIN_BUFFER_READY");
if (!hAckEvent)
{
printf("ERROR: CreateEvent(\\"DBWIN_BUFFER_READY\\")\\n");
return 1;
}
hEvent = CreateEvent(&sa, false, false, L"DBWIN_DATA_READY");
if (!hEvent)
{
printf("ERROR: CreateEvent(\\"DBWIN_DATA_READY\\")\\n");
return 1;
}
hSharedFile = CreateFileMapping((HANDLE)-1, &sa, PAGE_READWRITE, 0, 4096, L"DBWIN_BUFFER");
if (!hSharedFile)
{
printf("ERROR: CreateFileMapping(\\"DBWIN_BUFFER\\")\\n");
return 1;
}
dbBuffer = static_cast<DbWinBuffer*>(MapViewOfFile(hSharedFile, FILE_MAP_READ, 0, 0, 4096));
if (!dbBuffer)
{
printf("ERROR: MapViewOfFile\\n");
return 1;
}
SetEvent(hAckEvent);
DWORD pid = GetCurrentProcessId();
printf("Tracing PID: %dnn", pid);
for (;;)
{
DWORD ret = WaitForSingleObject(hEvent, INFINITE);
if (ret == WAIT_FAILED)
{
printf("ERROR: WaitForSingleObject\\n");
return 1;
}
SetEvent(hAckEvent);
}
In this example I get only OutputDebugString, not the DbgPrint. How can I get DbgPrint messages?
来源:https://stackoverflow.com/questions/42326576/write-my-own-version-of-debugview