nt!PiBuildDeviceNodeInstancePath函数分析和DeviceNode-＞InstancePath的由来--重要

nt!PiBuildDeviceNodeInstancePath函数分析和DeviceNode->InstancePath的由来--重要

NTSTATUS
PiProcessNewDeviceNode(
IN PDEVICE_NODE DeviceNode

)
{

status =PipMakeGloballyUniqueId(deviceObject, instanceID, &uniqueInstanceID);

if (instanceID != NULL) {

ExFreePool(instanceID);
}
instanceID = uniqueInstanceID;

0: kd> dv uniqueInstanceID
uniqueInstanceID = 0xe1285440
0: kd> dx -r1 ((ntkrnlmp!unsigned short *)0xe1285440)
((ntkrnlmp!unsigned short *)0xe1285440) : 0xe1285440 : 0x32 [Type: unsigned short *]
0x32 [Type: unsigned short]
0: kd> db 0xe1285440
e1285440 32 00 26 00 64 00 61 00-62 00 61 00 33 00 66 00 2.&.d.a.b.a.3.f.
e1285450 66 00 26 00 30 00 00 00-4c 49 53 54 70 b2 b2 b2 f.&.0...LISTp...

0: kd> dt _device_node 0x894ffea8
nt!_DEVICE_NODE
+0x000 Sibling : 0x8952a1e0 _DEVICE_NODE
+0x004 Child : (null)
+0x008 Parent : 0x899c1008 _DEVICE_NODE
+0x00c LastChild : (null)
+0x010 Level : 3
+0x014 Notify : (null)
+0x018 State : 301 ( DeviceNodeUninitialized )
+0x01c PreviousState : 0 (No matching name)
+0x020 StateHistory : [20] 0 (No matching name)
+0x070 StateHistoryEntry : 0
+0x074 CompletionStatus : 0n0
+0x078 PendingIrp : (null)
+0x07c Flags : 0x10
+0x080 UserFlags : 0
+0x084 Problem : 0
+0x088 PhysicalDeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x08c ResourceList : (null)
+0x090 ResourceListTranslated : (null)
+0x094 InstancePath : _UNICODE_STRING "" 还没赋值
+0x09c ServiceName : _UNICODE_STRING ""
+0x0a4 DuplicatePDO : (null)
+0x0a8 ResourceRequirements : (null)
+0x0ac InterfaceType : 0xffffffff (No matching name)
+0x0b0 BusNumber : 0xffffffff
+0x0b4 ChildInterfaceType : 0xffffffff (No matching name)
+0x0b8 ChildBusNumber : 0xffffffff
+0x0bc ChildBusTypeIndex : 0xffff
+0x0be RemovalPolicy : 0 ''
+0x0bf HardwareRemovalPolicy : 0 ''
+0x0c0 TargetDeviceNotify : _LIST_ENTRY [ 0x894fff68 - 0x894fff68 ]
+0x0c8 DeviceArbiterList : _LIST_ENTRY [ 0x894fff70 - 0x894fff70 ]
+0x0d0 DeviceTranslatorList : _LIST_ENTRY [ 0x894fff78 - 0x894fff78 ]
+0x0d8 NoTranslatorMask : 0
+0x0da QueryTranslatorMask : 0
+0x0dc NoArbiterMask : 0
+0x0de QueryArbiterMask : 0
+0x0e0 OverUsed1 : __unnamed
+0x0e4 OverUsed2 : __unnamed
+0x0e8 BootResources : (null)
+0x0ec CapabilityFlags : 0
+0x0f0 DockInfo : __unnamed
+0x100 DisableableDepends : 0
+0x104 PendedSetInterfaceState : _LIST_ENTRY [ 0x894fffac - 0x894fffac ]
+0x10c LegacyBusListEntry : _LIST_ENTRY [ 0x894fffb4 - 0x894fffb4 ]
0: kd> dx -id 0,0,899a2278 -r1 ((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8)
((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8) : 0x899050e8 : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT *]
[<Raw View>] [Type: _DEVICE_OBJECT]
Flags : 0x1040
UpperDevices : None
LowerDevices : None
Driver : 0x89981f38 : Driver "\Driver\ACPI" [Type: _DRIVER_OBJECT *]
0: kd> dx -id 0,0,899a2278 -r1 -nv (*((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8))
(*((ntkrnlmp!_DEVICE_OBJECT *)0x899050e8)) : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT]
[+0x000] Type : 3 [Type: short]
[+0x002] Size : 0xb8 [Type: unsigned short]
[+0x004] ReferenceCount : 0 [Type: long]
[+0x008] DriverObject : 0x89981f38 : Driver "\Driver\ACPI" [Type: _DRIVER_OBJECT *]
[+0x00c] NextDevice : 0x89981b98 : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT *]
[+0x010] AttachedDevice : 0x0 [Type: _DEVICE_OBJECT *]
[+0x014] CurrentIrp : 0x0 [Type: _IRP *]
[+0x018] Timer : 0x0 [Type: _IO_TIMER *]
[+0x01c] Flags : 0x1040 [Type: unsigned long]
[+0x020] Characteristics : 0x80 [Type: unsigned long]
[+0x024] Vpb : 0x0 [Type: _VPB *]
[+0x028] DeviceExtension : 0x899c0d58 [Type: void *]
[+0x02c] DeviceType : 0x32 [Type: unsigned long]
[+0x030] StackSize : 1 [Type: char]
[+0x034] Queue [Type: __unnamed]
[+0x05c] AlignmentRequirement : 0x0 [Type: unsigned long]
[+0x060] DeviceQueue [Type: _KDEVICE_QUEUE]
[+0x074] Dpc [Type: _KDPC]
[+0x094] ActiveThreadCount : 0x0 [Type: unsigned long]
[+0x098] SecurityDescriptor : 0xe1297680 [Type: void *]
[+0x09c] DeviceLock [Type: _KEVENT]
[+0x0ac] SectorSize : 0x0 [Type: unsigned short]
[+0x0ae] Spare1 : 0x0 [Type: unsigned short]
[+0x0b0] DeviceObjectExtension : 0x899051a0 [Type: _DEVOBJ_EXTENSION *]
[+0x0b4] Reserved : 0x0 [Type: void *]
0: kd> dt acpi!_Device_Extension 0x899c0d58
+0x000 Flags : 0x05402000`02010020
+0x000 UFlags : __unnamed
+0x008 Signature : 0x5f534750
+0x00c DebugFlags : 0
+0x010 DispatchTable : 0xf743830c IRP_DISPATCH_TABLE
+0x014 WorkContext : WORK_QUEUE_CONTEXT
+0x014 Fdo : _FDO_DEVICE_EXTENSION
+0x014 Filter : _FILTER_DEVICE_EXTENSION
+0x014 Pdo : _PDO_DEVICE_EXTENSION
+0x058 WorkQueue : EXTENSION_WORKER
+0x058 Button : BUTTON_EXTENSION
+0x058 Thermal : THERMAL_EXTENSION
+0x058 LinkNode : LINK_NODE_EXTENSION
+0x058 Dock : DOCK_EXTENSION
+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION
+0x088 DeviceState : 0 ( Stopped )
+0x08c PreviousState : 0 ( Stopped )
+0x090 PowerInfo : _ACPI_POWER_INFO
+0x10c DeviceID : 0x899c1148 "ACPI\PNP0A03"
+0x10c Address : 0x899c1148
+0x110 InstanceID : (null) 还没有赋值
+0x114 ResourceList : (null)
+0x118 PnpResourceList : (null)
+0x11c OutstandingIrpCount : 0n1
+0x120 ReferenceCount : 0n83
+0x124 HibernatePathCount : 0n0
+0x128 RemoveEvent : (null)
+0x12c AcpiObject : 0x899affac _NSObj
+0x130 DeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x134 TargetDeviceObject : (null)
+0x138 PhysicalDeviceObject : 0x899050e8 _DEVICE_OBJECT
+0x13c ParentExtension : 0x89981a18 _DEVICE_EXTENSION
+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899c0d38 - 0x8990efe8 ]
+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x899ae150 - 0x89981b58 ]
+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x899c0ea8 - 0x899c0ea8 ]
+0x158 EjectDeviceList : _LIST_ENTRY [ 0x899c0eb0 - 0x899c0eb0 ]
0: kd> db 0x899affac
899affac 4c ff 9a 89 ac 40 9b 89-f0 f0 9a 89 24 00 9b 89 L....@......$...
899affbc 50 43 49 30 30 f3 9a 89-4c ff 9a 89 00 00 06 00 PCI00...L.......

//
// Build the device instance path and create the instance key.
//
status = PiBuildDeviceNodeInstancePath(DeviceNode, busID, deviceID, instanceID);
if (NT_SUCCESS(status)) {

status = PiCreateDeviceInstanceKey(DeviceNode, &instanceKey, &disposition);
}

0: kd> kc
#
00 nt!PiBuildDeviceNodeInstancePath
01 nt!PiProcessNewDeviceNode
02 nt!PipProcessDevNodeTree
03 nt!PipDeviceActionWorker
04 nt!PipRequestDeviceAction
05 nt!IopInitializeBootDrivers
06 nt!IoInitSystem
07 nt!Phase1Initialization
08 nt!PspSystemThreadStartup
09 nt!KiThreadStartup
0: kd> dv
DeviceNode = 0x894ffea8
BusID = 0xe1271120
DeviceID = 0xe127112a
InstanceID = 0xe1285440
0: kd> dx -r1 ((ntkrnlmp!unsigned short *)0xe1271120)
((ntkrnlmp!unsigned short *)0xe1271120) : 0xe1271120 : 0x41 [Type: unsigned short *]
0x41 [Type: unsigned short]
0: kd> db 0xe1271120
e1271120 41 00 43 00 50 00 49 00-00 00 50 00 4e 00 50 00 A.C.P.I...P.N.P.
e1271130 30 00 41 00 30 00 33 00-00 00 55 52 43 45 53 79 0.A.0.3...URCESy
e1271140 05 04 07 04 43 4d 56 49-88 21 27 e1 19 cb 27 e1 ....CMVI.!'...'.
e1271150 69 3a 27 e1 59 eb 28 e1-e1 d5 26 e1 11 81 27 e1 i:'.Y.(...&...'.
e1271160 29 6f 29 e1 31 d1 29 e1-99 0e 29 e1 e1 49 29 e1 )o).1.)...)..I).
e1271170 b1 61 28 e1 64 b2 b2 b2-07 04 02 00 4f 62 53 71 .a(.d.......ObSq
e1271180 d1 92 27 e1 31 1b 27 e1-02 04 02 0c 4f 62 44 69 ..'.1.'.....ObDi
e1271190 00 00 00 00 e8 78 98 89-02 04 21 0c 43 4d 33 39 .....x....!.CM39
0: kd> db 0xe127112a
e127112a 50 00 4e 00 50 00 30 00-41 00 30 00 33 00 00 00 P.N.P.0.A.0.3...
e127113a 55 52 43 45 53 79 05 04-07 04 43 4d 56 49 88 21 URCESy....CMVI.!
e127114a 27 e1 19 cb 27 e1 69 3a-27 e1 59 eb 28 e1 e1 d5 '...'.i:'.Y.(...
e127115a 26 e1 11 81 27 e1 29 6f-29 e1 31 d1 29 e1 99 0e &...'.)o).1.)...
e127116a 29 e1 e1 49 29 e1 b1 61-28 e1 64 b2 b2 b2 07 04 )..I)..a(.d.....
e127117a 02 00 4f 62 53 71 d1 92-27 e1 31 1b 27 e1 02 04 ..ObSq..'.1.'...
e127118a 02 0c 4f 62 44 69 00 00-00 00 e8 78 98 89 02 04 ..ObDi.....x....
e127119a 21 0c 43 4d 33 39 00 00-00 00 00 00 00 00 00 00 !.CM39..........
0: kd> db 0xe1285440
e1285440 32 00 26 00 64 00 61 00-62 00 61 00 33 00 66 00 2.&.d.a.b.a.3.f.
e1285450 66 00 26 00 30 00 00 00-4c 49 53 54 70 b2 b2 b2 f.&.0...LISTp...

0: kd> dx -r1 ((ntkrnlmp!_DEVICE_NODE *)0x899c1008)
((ntkrnlmp!_DEVICE_NODE *)0x899c1008) : 0x899c1008 [Type: _DEVICE_NODE *]
[+0x000] Sibling : 0x0 [Type: _DEVICE_NODE *]
[+0x004] Child : 0x894ffea8 [Type: _DEVICE_NODE *]
[+0x008] Parent : 0x89986008 [Type: _DEVICE_NODE *]
[+0x00c] LastChild : 0x8952a500 [Type: _DEVICE_NODE *]
[+0x010] Level : 0x2 [Type: unsigned long]
[+0x014] Notify : 0x0 [Type: _PO_DEVICE_NOTIFY *]
[+0x018] State : DeviceNodeStarted (776) [Type: _PNP_DEVNODE_STATE]
[+0x01c] PreviousState : DeviceNodeEnumerateCompletion (781) [Type: _PNP_DEVNODE_STATE]
[+0x020] StateHistory [Type: _PNP_DEVNODE_STATE [20]]
[+0x070] StateHistoryEntry : 0x8 [Type: unsigned long]
[+0x074] CompletionStatus : 0 [Type: long]
[+0x078] PendingIrp : 0x0 [Type: _IRP *]
[+0x07c] Flags : 0xf0 [Type: unsigned long]
[+0x080] UserFlags : 0x0 [Type: unsigned long]
[+0x084] Problem : 0x0 [Type: unsigned long]
[+0x088] PhysicalDeviceObject : 0x899c1de0 : Device for "\Driver\ACPI_HAL" [Type: _DEVICE_OBJECT *]
[+0x08c] ResourceList : 0xe127b758 [Type: _CM_RESOURCE_LIST *]
[+0x090] ResourceListTranslated : 0xe127fe58 [Type: _CM_RESOURCE_LIST *]
[+0x094] InstancePath : "ACPI_HAL\PNP0C08\0" [Type: _UNICODE_STRING]

参考结果：
DevNode 0x89db5008 for PDO 0x89db5cb8
InstancePath is "ACPI_HAL\PNP0C08\0"
ServiceName is "ACPI"
State = DeviceNodeStarted (0x308)
Previous State = DeviceNodeEnumerateCompletion (0x30d)
DevNode 0x89d26558 for PDO 0x89d38bf0
InstancePath is "ACPI\PNP0A03\2&daba3ff&0"
ServiceName is "pci"
State = DeviceNodeStarted (0x308)
Previous State = DeviceNodeEnumerateCompletion (0x30d)
参考结果：

//
// Construct the instance path as <BUS>\<DEVICE>\<INSTANCE>. This should always be NULL terminated
// since we have precomputed the length that we pass into this counted routine.
//
StringCbPrintfW(instancePath, length, L"%s\\%s\\%s", BusID, DeviceID, InstanceID);

0: kd> gu
eax=00000000 ebx=00000000 ecx=00000030 edx=894fff3c esi=894ffea8 edi=899050e8
eip=80c93a98 esp=f789a2e0 ebp=f789a38c iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
nt!PiProcessNewDeviceNode+0x216:
80c93a98 3bc3 cmp eax,ebx
0: kd> dx -r1 ((ntkrnlmp!_DEVICE_NODE *)0x894ffea8)
((ntkrnlmp!_DEVICE_NODE *)0x894ffea8) : 0x894ffea8 [Type: _DEVICE_NODE *]
[+0x000] Sibling : 0x8952a1e0 [Type: _DEVICE_NODE *]
[+0x004] Child : 0x0 [Type: _DEVICE_NODE *]
[+0x008] Parent : 0x899c1008 [Type: _DEVICE_NODE *]
[+0x00c] LastChild : 0x0 [Type: _DEVICE_NODE *]
[+0x010] Level : 0x3 [Type: unsigned long]
[+0x014] Notify : 0x0 [Type: _PO_DEVICE_NOTIFY *]
[+0x018] State : DeviceNodeUninitialized (769) [Type: _PNP_DEVNODE_STATE]
[+0x01c] PreviousState : 0 [Type: _PNP_DEVNODE_STATE]
[+0x020] StateHistory [Type: _PNP_DEVNODE_STATE [20]]
[+0x070] StateHistoryEntry : 0x0 [Type: unsigned long]
[+0x074] CompletionStatus : 0 [Type: long]
[+0x078] PendingIrp : 0x0 [Type: _IRP *]
[+0x07c] Flags : 0x10 [Type: unsigned long]
[+0x080] UserFlags : 0x0 [Type: unsigned long]
[+0x084] Problem : 0x0 [Type: unsigned long]
[+0x088] PhysicalDeviceObject : 0x899050e8 : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT *]
[+0x08c] ResourceList : 0x0 [Type: _CM_RESOURCE_LIST *]
[+0x090] ResourceListTranslated : 0x0 [Type: _CM_RESOURCE_LIST *]
[+0x094] InstancePath :"ACPI\PNP0A03\2&daba3ff&0"[Type: _UNICODE_STRING]