代码:
#include <Vcl.h>
#include <WinIOCtl.h>
#include <stdio.h>
#pragma hdrstop
#pragma inline
#include "DiskPhyID.h"
//#include "Unit1.h"
//---------------------------------------------------------------------------
#define GETVERSIONOUTPARAMS GETVERSIONINPARAMS
#define DFP_GET_VERSION SMART_GET_VERSION
#define DFP_SEND_DRIVE_COMMAND SMART_SEND_DRIVE_COMMAND
#define DFP_RCV_DRIVE_DATA SMART_RCV_DRIVE_DATA
const WORD IDE_ATAPI_IDENTIFY = 0xA1; //读取ATAPI设备的命令
const WORD IDE_ATA_IDENTIFY = 0xEC; //读取ATA设备的命令
const int MAX_IDE_DRIVES = 4;
//函数声明
void __fastcall ReadPhysicalDrive(TStringList *ModelList,TStringList *SerialNumberList);
void __fastcall ReadPhysicalDriveOnNT(TStringList *ModelList,TStringList *SerialNumberList);
bool __fastcall DoIdentify(HANDLE hPhysicalDriveIOCTL, PSENDCMDINPARAMS pSCIP,
PSENDCMDOUTPARAMS pSCOP, byte bIDCmd, byte bDriveNum,
PDWORD lpcbBytesReturned);
void __fastcall ReadPhysicalDriveOnW9X(TStringList *ModelList,TStringList *SerialNumberList);
void __fastcall ReadPhysicalDriveOnW9X_Ring0(bool IsFirst,WORD BaseAddress,BYTE MoS,
bool &IsIDEExist,bool &IsDiskExist,WORD *OutData);
char* __fastcall ConvertToString(DWORD DiskData[256], int FirstIndex, int LastIndex);
//---------------------------------------------------------------------------
//辅助函数
//ReadPhysicalDrive
void __fastcall ReadPhysicalDrive(TStringList *ModelList,TStringList *SerialNumberList)
{
switch(Win32Platform)
{
case VER_PLATFORM_WIN32_WINDOWS:
ReadPhysicalDriveOnW9X(ModelList,SerialNumberList);
break;
case VER_PLATFORM_WIN32_NT:
ReadPhysicalDriveOnNT(ModelList,SerialNumberList);
break;
}
}
//---------------------------------------------------------------------------
//ConvertToString
char* __fastcall ConvertToString(DWORD DiskData[256], int FirstIndex, int LastIndex)
{
static char ResBuf[1024];
int Index = 0;
int Position = 0;
// Each integer has two characters stored in it backwards
for(Index = FirstIndex; Index <= LastIndex; Index++)
{
// Get high byte for 1st character
ResBuf[Position] = (char)(DiskData[Index] / 256);
Position++;
// Get low byte for 2nd character
ResBuf[Position] = (char)(DiskData[Index] % 256);
Position++;
}
// End the string
ResBuf[Position] = '\0';
// Cut off the trailing blanks
for(Index = Position - 1; Index > 0 && ' ' == ResBuf[Index]; Index--)
ResBuf[Index] = '\0';
return ResBuf;
}
//---------------------------------------------------------------------------
/*---------------------------------------------------------------------------
Windows NT4/2000/XP 代码
//-------------------------------------------------------------------------*/
//---------------------------------------------------------------------------
//ReadPhysicalDriveOnNT
void __fastcall ReadPhysicalDriveOnNT(TStringList *ModelList,TStringList *SerialNumberList)
{
//输出参数
byte IdOutCmd[sizeof(SENDCMDOUTPARAMS) + IDENTIFY_BUFFER_SIZE - 1];
for(int Drive=0; Drive < MAX_IDE_DRIVES; Drive++)
{
HANDLE hPhysicalDriveIOCTL;
char DriveName[32];
sprintf(DriveName,"\\\\.\\PhysicalDrive%d",Drive);
hPhysicalDriveIOCTL = CreateFile(DriveName,
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
OPEN_EXISTING, 0, NULL);
if(hPhysicalDriveIOCTL != INVALID_HANDLE_VALUE)
{
DWORD cbBytesReturned = 0;
GETVERSIONOUTPARAMS VersionParams;
// Get the version, etc of PhysicalDrive IOCTL
ZeroMemory(&VersionParams,sizeof(GETVERSIONOUTPARAMS));
if(!DeviceIoControl(hPhysicalDriveIOCTL,DFP_GET_VERSION,
NULL,0,&VersionParams,sizeof(VersionParams),
&cbBytesReturned, NULL))
{
continue;
}
////
if(VersionParams.bIDEDeviceMap > 0)
{
// IDE or ATAPI IDENTIFY cmd
byte bIDCmd = 0;
SENDCMDINPARAMS InParams;
// Now, get the ID sector for all IDE devices in the system.
// If the device is ATAPI use the IDE_ATAPI_IDENTIFY command,
// otherwise use the IDE_ATA_IDENTIFY command
// 具体所得结果请参考上面的说明
bIDCmd = (VersionParams.bIDEDeviceMap >> Drive & 0x10) ? IDE_ATAPI_IDENTIFY : IDE_ATA_IDENTIFY;
ZeroMemory(&InParams,sizeof(SENDCMDINPARAMS));
ZeroMemory(IdOutCmd,sizeof(IdOutCmd));
if(DoIdentify(hPhysicalDriveIOCTL,
&InParams,(PSENDCMDOUTPARAMS)IdOutCmd,
(BYTE)bIDCmd,(BYTE)Drive,
&cbBytesReturned))
{
DWORD DiskData[256];
USHORT *pIDSector; //对应结构IDSECTOR,见头文件
char HardDriveSerialNumber[21];
char HardDriveModelNumber[41];
pIDSector = (USHORT*)((SENDCMDOUTPARAMS*)IdOutCmd)->bBuffer;
for(int i=0; i < 256; i++)
DiskData = pIDSector;
//取系列号
ZeroMemory(HardDriveSerialNumber,sizeof(HardDriveSerialNumber));
strcpy(HardDriveSerialNumber,ConvertToString(DiskData, 10, 19));
//取模型号和一个简单说明(包括设备类型,主从设备标识)
ZeroMemory(HardDriveModelNumber,sizeof(HardDriveModelNumber));
strcpy(HardDriveModelNumber,ConvertToString(DiskData, 27, 46));
if(ModelList != NULL)
ModelList->Add(AnsiString(HardDriveModelNumber));
if(SerialNumberList != NULL)
SerialNumberList->Add(AnsiString(HardDriveSerialNumber));
}
}
CloseHandle (hPhysicalDriveIOCTL);
}
}
}
//---------------------------------------------------------------------------
//DoIdentify
bool __fastcall DoIdentify(HANDLE hPhysicalDriveIOCTL, PSENDCMDINPARAMS pSCIP,
PSENDCMDOUTPARAMS pSCOP, byte bIDCmd, byte bDriveNum,
PDWORD lpcbBytesReturned)
{
// Set up data structures for IDENTIFY command.
pSCIP->cBufferSize = IDENTIFY_BUFFER_SIZE;
pSCIP->irDriveRegs.bFeaturesReg = 0;
pSCIP->irDriveRegs.bSectorCountReg = 1;
pSCIP->irDriveRegs.bSectorNumberReg = 1;
pSCIP->irDriveRegs.bCylLowReg = 0;
pSCIP->irDriveRegs.bCylHighReg = 0;
//Compute the drive number.(主盘和从盘所对应的值是不一样的)
pSCIP->irDriveRegs.bDriveHeadReg = (bDriveNum & 1) ? 0xB0 : 0xA0;
// The command can either be IDE identify or ATAPI identify.
pSCIP->irDriveRegs.bCommandReg = bIDCmd;
pSCIP->bDriveNumber = bDriveNum;
pSCIP->cBufferSize = IDENTIFY_BUFFER_SIZE;
return DeviceIoControl(hPhysicalDriveIOCTL, DFP_RCV_DRIVE_DATA,
(LPVOID)pSCIP,
sizeof(SENDCMDINPARAMS) - 1,
(LPVOID)pSCOP,
sizeof(SENDCMDOUTPARAMS) + IDENTIFY_BUFFER_SIZE - 1,
lpcbBytesReturned, NULL);
}
//---------------------------------------------------------------------------
/*---------------------------------------------------------------------------
Windows 95/98/ME 代码
//-------------------------------------------------------------------------*/
//---------------------------------------------------------------------------
//ReadPhysicalDriveOnW9X
void __fastcall ReadPhysicalDriveOnW9X(TStringList *ModelList,TStringList *SerialNumberList)
{
WORD OutData[256];
SetPriorityClass(GetCurrentProcess(),REALTIME_PRIORITY_CLASS);
//经过测试,发现第一次调用而且Drive >= 2时会在Ring0代码中出现错误,导致蓝屏。
//经过N(N>15)次的蓝屏后仍找不到原因:(,不得不在这里增加一段无用代码以避
//免蓝屏的出现。(期待高人能指出原因)
for(int Drive = 0; Drive < 8; Drive++)
{
WORD BaseAddress;
BYTE MoS; // Master Or Slave
bool IsIDEExist;
bool IsDiskExist;
switch(Drive / 2)
{
case 0: BaseAddress = 0x01F0; break;
case 1: BaseAddress = 0x0170; break;
case 2: BaseAddress = 0x01E8; break;
case 3: BaseAddress = 0x0168; break;
}
MoS = (BYTE)(((Drive % 2) == 0) ? 0xA0 : 0xB0);
//进入Ring0
IsIDEExist = false;
IsDiskExist = false;
ReadPhysicalDriveOnW9X_Ring0(true,BaseAddress,MoS,IsIDEExist,IsDiskExist,OutData);
}
for(int Drive = 0; Drive < 8; Drive++)
{
WORD BaseAddress;
BYTE MoS; // Master Or Slave
bool IsIDEExist;
bool IsDiskExist;
switch(Drive / 2)
{
case 0: BaseAddress = 0x01F0; break;
case 1: BaseAddress = 0x0170; break;
case 2: BaseAddress = 0x01E8; break;
case 3: BaseAddress = 0x0168; break;
}
MoS = (BYTE)(((Drive % 2) == 0) ? 0xA0 : 0xB0);
//进入Ring0
IsIDEExist = false;
IsDiskExist = false;
ZeroMemory(OutData,sizeof(OutData));
ReadPhysicalDriveOnW9X_Ring0(false,BaseAddress,MoS,IsIDEExist,IsDiskExist,OutData);
if(IsIDEExist && IsDiskExist)
{
DWORD DiskData[256];
char HardDriveSerialNumber[21];
char HardDriveModelNumber[41];
for(int k=0; k < 256; k++)
DiskData[k] = OutData[k];
//取系列号
ZeroMemory(HardDriveSerialNumber,sizeof(HardDriveSerialNumber));
strcpy(HardDriveSerialNumber,ConvertToString(DiskData, 10, 19));
//取模型号和一个简单说明(包括设备类型,主从设备标识)
ZeroMemory(HardDriveModelNumber,sizeof(HardDriveModelNumber));
strcpy(HardDriveModelNumber,ConvertToString(DiskData,27,46));
if(ModelList != NULL)
ModelList->Add(AnsiString(HardDriveModelNumber));
if(SerialNumberList != NULL)
SerialNumberList->Add(AnsiString(HardDriveSerialNumber));
}
}
SetPriorityClass(GetCurrentProcess(),NORMAL_PRIORITY_CLASS);
}
//---------------------------------------------------------------------------
//dwBaseAddress = IDE(0,1,2,3) : 1F0h, 170h, 1E8h, 168h
//MoS = Master(0xA0) Or Slave(0xB0)
void __fastcall ReadPhysicalDriveOnW9X_Ring0(bool IsFirst,WORD BaseAddress,BYTE MoS,
bool &IsIDEExist,bool &IsDiskExist,WORD *pOutData)
{
BYTE IDTR_1[6];
DWORD OldExceptionHook;
const int HookExceptionNo = 5;
////////////////////
BYTE _IsIDEExist = 0;
BYTE _IsDiskExist = 0;
WORD OutDataBuf[256];
BYTE _IsFirst = (BYTE)IsFirst;
const BYTE cBit00 = 0x01;
const BYTE cBit02 = 0x04;
const BYTE cBit06 = 0x40;
const BYTE cBit07 = 0x80;
const BYTE cERR = cBit00;
const BYTE cBusy = cBit07;
const BYTE ATA_CMD = 0xEC;
const BYTE ATAPI_CMD = 0xA1;
//不能在汇编下正常跟踪Ring0代码,通过这个变量查看代码执行到何处出现错误
// WORD TrackFlag;
////////////////////
__asm
{
//必须先执行这条语句
JMP EnterRing0
//*/
//等待IDE设备直到其不为忙为止
WaitWhileBusy proc
MOV EBX, 100000
MOV DX, BaseAddress
ADD DX, 7
LoopWhileBusy:
DEC EBX
CMP EBX, 0
JZ Timeout
in AL, DX
TEST AL, cBusy
JNZ LoopWhileBusy
JMP DriveReady
//超时,直接退出
Timeout:
JMP LeaveRing0
DriveReady:
RET
ENDP //End of WaitWhileBusy Procedure
//设置主盘和从盘标志
SelectDevice proc
MOV DX, BaseAddress
ADD DX, 6
MOV AL, MoS
out DX, AL
RET
ENDP //End of SelectDevice Procedure
//向IDE设备发送存取指令
SendCmd proc
MOV DX, BaseAddress
ADD DX, 7
MOV AL, BL //BL是主从盘标识,在过程外设置
out DX, AL
RET
ENDP //End of SendCmd Procedure
//*/
////////////////////////////////////////////////////////////////////////
//Ring0代码
Ring0Proc:
PUSHAD
//查询IDE设备是否存在
MOV DX,BaseAddress
ADD DX,7
in AL,DX
// MOV TrackFlag,1
//当AL的值是0xFF或者0x7F时,IDE设备不存在,这时候直接返回
CMP AL,0xFF
JZ LeaveRing0
CMP AL,0x7F
JZ LeaveRing0
// MOV TrackFlag,2
//设置IDE设备存在标志
MOV _IsIDEExist,1
//查询IDE设备上的驱动器是否存在(有IDE插槽在主板上,但是却不一定有硬盘插在上面)
CALL WaitWhileBusy
CALL SelectDevice
//第一次调用,直接返回
CMP _IsFirst,1
JZ LeaveRing0
//第一次调用时,如果执行这行语句会导致蓝屏,Why???
CALL WaitWhileBusy
// MOV TrackFlag,3
//AL的值等于cBit06时,不存在驱动器,直接返回
TEST AL, cBit06
JZ LeaveRing0
// MOV TrackFlag,4
//设置驱动器存在标志
MOV _IsDiskExist,1
//发送存取端口命令
//无法像NT/2000/XP那样可以通过查询VERSION的值得到驱动器的类型,
//所以只能一步一步地测试,如果不是ATA设备,再尝试使用ATAPI设备命令
CALL WaitWhileBusy
CALL SelectDevice //设置主从盘标识
MOV BL,ATA_CMD //发送读取命令
CALL SendCmd
CALL WaitWhileBusy
// MOV TrackFlag,5
//检查是否出错
MOV DX, BaseAddress
ADD DX, 7
in AL, DX
TEST AL, cBit00
JZ RetrieveInfo //没有错误时则读数据
//如果出错,则进一步尝试使用ATAPI设备命令
CALL WaitWhileBusy
CALL SelectDevice
MOV BL,ATAPI_CMD
CALL SendCmd
CALL WaitWhileBusy
// MOV TrackFlag,6
//检查是否还出错
MOV DX, BaseAddress
ADD DX, 7
in AL, DX
TEST AL, cBit00
JZ RetrieveInfo //没有错误时则读数据
// MOV TrackFlag,7
JMP LeaveRing0 //如果还是出错,直接返回
//*/
//读取数据
RetrieveInfo:
// MOV TrackFlag,8
LEA EDI,OutDataBuf
MOV ECX,256
MOV DX, BaseAddress
CLD
REP INSW
//退出Ring0代码
LeaveRing0:
POPAD
IRETD
//激活Ring0代码
EnterRing0:
//修改中断门
SIDT FWORD PTR IDTR_1
MOV EAX,DWORD PTR IDTR_1 + 02h
ADD EAX,HookExceptionNo * 08h + 04h
CLI
//保存原异常处理例程入口
MOV ECX,DWORD PTR [EAX]
MOV CX,WORD PTR [EAX-04h]
MOV OldExceptionHook,ECX
//指定新入口
LEA EBX,Ring0Proc
MOV WORD PTR [EAX-04h],BX
SHR EBX,10h
MOV WORD PTR[EAX+02h],BX
//激活Ring0代码
INT HookExceptionNo
// POPAD
//复原入口
MOV ECX,OldExceptionHook
MOV WORD PTR[EAX-04h],CX
SHR ECX,10h
MOV WORD PTR[EAX+02h],CX
STI
}
if(!IsFirst)
{
IsIDEExist = (bool)_IsIDEExist;
IsDiskExist = (bool)_IsDiskExist;
CopyMemory(pOutData,OutDataBuf,sizeof(OutDataBuf));
}
// Form1->Memo1->Lines->Add("Enter Ring0...TrackFlag = " + IntToStr(TrackFlag));
}
代码:
#include <Vcl.h>
//---------------------------------------------------------------------------
/*/
//IDEREGS.bIDEDeviceMap的值(二进制)如下:
00010001 ATAPI Primary Drive 0
00000001 ATA Primary Drive 0
00100010 ATAPI Primary Drive 1
00000010 ATA Primary Drive 1
01000100 ATAPI Secondary Drive 0
00000100 ATA Secondary Drive 0
10001000 ATAPI Secondary Drive 1
00001000 ATA Secondary Drive 1
//NT 1扇去格式(???)
typedef struct _IDSECTOR
{
USHORT wGenConfig;
USHORT wNumCyls;
USHORT wReserved;
USHORT wNumHeads;
USHORT wBytesPerTrack;
USHORT wBytesPerSector;
USHORT wSectorsPerTrack;
USHORT wVendorUnique[3];
CHAR sSerialNumber[20];
USHORT wBufferType;
USHORT wBufferSize;
USHORT wECCSize;
CHAR sFirmwareRev[8];
CHAR sModelNumber[40];
USHORT wMoreVendorUnique;
USHORT wDoubleWordIO;
USHORT wCapabilities;
USHORT wReserved1;
USHORT wPIOTiming;
USHORT wDMATiming;
USHORT wBS;
USHORT wNumCurrentCyls;
USHORT wNumCurrentHeads;
USHORT wNumCurrentSectorsPerTrack;
ULONG ulCurrentSectorCapacity;
USHORT wMultSectorStuff;
ULONG ulTotalAddressableSectors;
USHORT wSingleWordDMA;
USHORT wMultiWordDMA;
BYTE bReserved[128];
} IDSECTOR, *PIDSECTOR;
// W9X 扇区部分
typedef struct _IdeInfo
{
BYTE IDEExists[4];
BYTE DiskExists[8];
WORD DisksRawInfo[8*256];
} IDEINFO, *PIDEINFO;
typedef struct _DiskInfo
{
BOOL DiskExists;
BOOL ATAdevice;
BOOL RemovableDevice;
WORD TotLogCyl;
WORD TotLogHeads;
WORD TotLogSPT;
char SerialNumber[20];
char FirmwareRevision[8];
char ModelNumber[40];
WORD CurLogCyl;
WORD CurLogHeads;
WORD CurLogSPT;
} DISKINFO,*PDISKINFO;
//*/
//---------------------------------------------------------------------------
extern "C" void __fastcall ReadPhysicalDrive(TStringList *ModelList,TStringList *SerialNumberList);
extern "C" void __fastcall ReadPhysicalDriveOnNT(TStringList *ModelList,TStringList *SerialNumberList);
extern "C" void __fastcall ReadPhysicalDriveOnW9X(TStringList *ModelList,TStringList *SerialNumberList);
