代码很简单，也没什么好说的

#include <ntifs.h>

#define SECTION_SIZE 0x1000

VOID
DrvUnload(
    IN PDRIVER_OBJECT  DriverObject
    );

NTSTATUS
DriverEntry( IN PDRIVER_OBJECT DriverObject,IN PUNICODE_STRING RegistryPath )
{
 HANDLE ShareHandle;
 OBJECT_ATTRIBUTES Objatt;
 UNICODE_STRING uString;
 NTSTATUS status;
 LARGE_INTEGER SecSize;
 LARGE_INTEGER offsetsize = {0,0};
 SIZE_T liViewSize;
 PVOID Viraddr = NULL;
 PCHAR TestString = "SharedMemory Test !";
 
 SecSize.HighPart = 0;
 SecSize.LowPart = SECTION_SIZE;
 liViewSize = 0;
 
 RtlInitUnicodeString( &uString,L"\\BaseNamedObjects\\ShareMemory");
 InitializeObjectAttributes( &Objatt,&uString,OBJ_CASE_INSENSITIVE,NULL,NULL );
 
 DriverObject->DriverUnload = DrvUnload;
 
 status = ZwCreateSection( &ShareHandle,
         SECTION_MAP_READ | SECTION_MAP_WRITE,
         &Objatt,
         &SecSize,
         PAGE_READWRITE,
         SEC_COMMIT,
         NULL );
 if( status != STATUS_SUCCESS )
 {
  DbgPrint("CreateSection Object fail \n");
  ZwClose( ShareHandle );
  return STATUS_SUCCESS;
 }
 DbgPrint("CreateSection SUCCESS \n ");
 
 status = ZwMapViewOfSection( ShareHandle,
         NtCurrentProcess(),
         &Viraddr,
         0,
         SECTION_SIZE,
         &offsetsize,
         &liViewSize,
         ViewShare,
         0,
         PAGE_READWRITE );
 if( status != STATUS_SUCCESS )
 {
  DbgPrint("MapViewof Virual addr fail \n ");
  ZwClose( ShareHandle );
  return STATUS_SUCCESS;
 }
 DbgPrint("MapView of Virual Addr SUCCUESS \n ");
 
 memcpy( Viraddr,TestString,19 );
 
 //ZwUnmapViewOfSection( ShareHandle,Viraddr );
 //ZwClose( ShareHandle );
 
 return STATUS_SUCCESS;
 
}

VOID
DrvUnload(
    IN PDRIVER_OBJECT  DriverObject
    )
{
 
}







#include <ntifs.h>

#define SECTION_SIZE 0x1000

VOID
DrvUnload(
    IN PDRIVER_OBJECT  DriverObject
    );

NTSTATUS
DriverEntry( IN PDRIVER_OBJECT DriverObject,IN PUNICODE_STRING RegisterPath )
{
 OBJECT_ATTRIBUTES Objatt;
 UNICODE_STRING uString;
 PVOID Viraddr = NULL;
 LARGE_INTEGER offsetsize = {0,0};
 SIZE_T liViewSize = 0;
 CHAR TestString[100];
 NTSTATUS status;
 HANDLE ShareHandle;
 
 RtlInitUnicodeString( &uString,L"\\BaseNamedObjects\\ShareMemory");
 InitializeObjectAttributes( &Objatt,&uString,OBJ_CASE_INSENSITIVE,NULL,NULL );
 
 DriverObject->DriverUnload = DrvUnload;
 
 status = ZwOpenSection( &ShareHandle,
       SECTION_ALL_ACCESS,
       &Objatt );
 if( status != STATUS_SUCCESS )
 {
  DbgPrint("Open SectionObject fail \n");
  return STATUS_UNSUCCESSFUL;
 }
 
 status = ZwMapViewOfSection( ShareHandle,
         NtCurrentProcess(),
         &Viraddr,
         0,
         SECTION_SIZE,
         &offsetsize,
         &liViewSize,
         ViewShare,
         0,
         PAGE_READWRITE );
 if( status != STATUS_SUCCESS )
 {
  DbgPrint("Get SectionObject Virtual Address Error \n");
  return STATUS_UNSUCCESSFUL;
 }
 
 memcpy( TestString,Viraddr,19 );
 DbgPrint("TestString is %s \n",(PCHAR)Viraddr);
 
 ZwUnmapViewOfSection( ShareHandle,Viraddr );
 ZwClose( ShareHandle );
 
 return STATUS_SUCCESS;
 
}

VOID
DrvUnload(
    IN PDRIVER_OBJECT  DriverObject
    )
{
 
}