Struct Driver

Source

pub struct Driver { /* private fields */ }

Expand description

A minifilter is identified by a port (know in advance), like a named pipe used for communication, and a handle, retrieved by open_kernel_driver_com.

Implementations§

Source §

impl Driver

Source

pub fn close_kernel_communication(&self) -> bool

Can be used to properly close the communication (and unregister) with the minifilter. If this fn is not used and the program has stopped, the handle is automatically closed, seemingly without any side-effects.

Source

pub fn driver_set_app_pid(&self) -> Result<(), Error>

The user-mode running app (this one) has to register itself to the driver.

§Panics

This fn panics if it is unable to get the current pid.

§Errors

This fn returns an error if it is unable to register itself to the minifilter.

Source

pub fn open_kernel_driver_com() -> Result<Self, Error>

Try to open a com canal with the minifilter before this app is registered.

§Panics

This function will panic if the minifilter port has any nul value (except the last one) in it’s name.

§Errors

This fn can fail is the minifilter is unreachable:

if it is not started (try sc start snFilter first
if a connection is already established: it can accepts only one at a time.

In that case the Error is raised by the OS (windows::Error) and is generally readable.

Source

pub fn get_irp(&self, vecnew: &mut Vec<u8>) -> Option<ReplyIrp>

Ask the driver for a ReplyIrp, if any. This is a low-level function and the returned object uses C pointers. Managing C pointers requires a special care, because of the Rust timelines. ReplyIrp is optional since the minifilter returns null if there is no new activity.

§Panics

This fn panics if it is unable to get the current pid or cannot get driver message from the minifilter.

Source

pub fn try_kill(&self, gid: c_ulonglong) -> Result<HRESULT, Error>

Ask the minifilter to kill all pids related to the given gid. Pids are killed in driver-mode by calls to NtClose.

Trait Implementations§

Source §

impl Debug for Driver

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl UnwindSafe for Driver

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §