archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-nt-4.0/private/ntos/bowser/mailslot.c

1279 lines
31 KiB
Raw Permalink Blame History

/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
mailslot.c
Abstract:
This module implements the routines needed to process incoming mailslot
requests.
Author:
Larry Osterman (larryo) 18-Oct-1991
Revision History:
18-Oct-1991 larryo
Created
--*/
#include "precomp.h"
#pragma hdrstop
#include <netlogon.h>
// Free list of 512-byte buffers.
LIST_ENTRY
BowserMailslotBufferList = {0};
KSPIN_LOCK
BowserMailslotSpinLock = {0};
// Largest "typical" datagram size
#define BOWSER_MAX_DATAGRAM_SIZE 512
// Total number of mailslot buffers currently allocated.
LONG
BowserNumberOfMailslotBuffers = {0};
// Number of 512-byte buffers currently allocated.
LONG
BowserNumberOfMaxSizeMailslotBuffers = {0};
// Number of 512-byte buffers currently in the free list.
LONG
BowserNumberOfFreeMailslotBuffers = {0};
#if DBG
ULONG
BowserMailslotCacheHitCount = 0;
ULONG
BowserMailslotCacheMissCount = 0;
#endif // DBG
//
// Variables describing bowser support for handling netlogon mailslot messages.
//
LIST_ENTRY
BowserNetlogonMailslotMessageQueue = {0};
ULONG
BowserNetlogonMaxMessageCount = 0;
ULONG
BowserNetlogonCurrentMessageCount = 0;
IRP_QUEUE
BowserNetlogonIrpQueue = {0};
//
// Forwards for the alloc_text
//
NTSTATUS
BowserNetlogonCopyMessage(
IN PIRP Irp,
IN PMAILSLOT_BUFFER MailslotBuffer
);
VOID
BowserNetlogonTrimMessageQueue (
VOID
);
BOOLEAN
BowserProcessNetlogonMailslotWrite(
IN PMAILSLOT_BUFFER MailslotBuffer
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE5NETLOGON, BowserNetlogonCopyMessage)
#pragma alloc_text(PAGE5NETLOGON, BowserNetlogonTrimMessageQueue)
#pragma alloc_text(PAGE5NETLOGON, BowserNetlogonDeleteTransportFromMessageQueue )
#pragma alloc_text(PAGE5NETLOGON, BowserProcessNetlogonMailslotWrite)
#pragma alloc_text(PAGE5NETLOGON, NetlogonMailslotEnable )
#pragma alloc_text(PAGE5NETLOGON, NetlogonMailslotRead )
#pragma alloc_text(PAGE, BowserProcessMailslotWrite)
#pragma alloc_text(PAGE4BROW, BowserFreeMailslotBuffer)
#pragma alloc_text(INIT, BowserpInitializeMailslot)
#pragma alloc_text(PAGE, BowserpUninitializeMailslot)
#endif
NTSTATUS
BowserNetlogonCopyMessage(
IN PIRP Irp,
IN PMAILSLOT_BUFFER MailslotBuffer
)
/*++
Routine Description:
This routine copies the data from the specified MailslotBuffer into the
IRP for the netlogon request.
This routine unconditionally frees the passed in Mailslot Buffer.
Arguments:
Irp - IRP for the IOCTL from the netlogon service.
MailslotBuffer - Buffer describing the mailslot message.
Return Value:
Status of the operation.
The caller should complete the I/O operation with this status code.
--*/
{
NTSTATUS Status;
PSMB_HEADER SmbHeader;
PSMB_TRANSACT_MAILSLOT MailslotSmb;
PUCHAR MailslotData;
OEM_STRING MailslotNameA;
UNICODE_STRING MailslotNameU;
UNICODE_STRING TransportName;
#ifdef _CAIRO_
UNICODE_STRING DestinationName;
#endif // _CAIRO_
USHORT DataCount;
PNETLOGON_MAILSLOT NetlogonMailslot;
PUCHAR Where;
PIO_STACK_LOCATION IrpSp;
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
//
// Extract the name of the mailslot and address/size of mailslot message
// from SMB.
//
SmbHeader = (PSMB_HEADER )MailslotBuffer->Buffer;
MailslotSmb = (PSMB_TRANSACT_MAILSLOT)(SmbHeader+1);
MailslotData = (((PCHAR )SmbHeader) + SmbGetUshort(&MailslotSmb->DataOffset));
RtlInitString(&MailslotNameA, MailslotSmb->Buffer );
DataCount = SmbGetUshort(&MailslotSmb->DataCount);
//
// Get the name of the transport and netbios name the mailslot message arrived on.
//
TransportName =
MailslotBuffer->TransportName->Transport->PagedTransport->TransportName;
#ifdef _CAIRO_
DestinationName =
MailslotBuffer->TransportName->PagedTransportName->Name->Name;
#endif // _CAIRO_
IrpSp = IoGetCurrentIrpStackLocation(Irp);
try {
//
// Convert mailslot name to unicode for return.
//
Status = RtlOemStringToUnicodeString(&MailslotNameU, &MailslotNameA, TRUE);
if (!NT_SUCCESS(Status)) {
BowserWriteErrorLogEntry(EVENT_BOWSER_NAME_CONVERSION_FAILED, Status, MailslotNameA.Buffer, MailslotNameA.Length, 0);
MailslotNameU.Buffer = NULL;
try_return( NOTHING );
}
//
// Ensure the data fits in the user's output buffer.
//
if ( IrpSp->Parameters.DeviceIoControl.OutputBufferLength <
sizeof(NETLOGON_MAILSLOT) + // Header structure
DataCount + // Actual mailslot message
sizeof(WCHAR) + // alignment of unicode strings
TransportName.Length + // TransportName
sizeof(WCHAR) + // zero terminator
MailslotNameU.Length + // Mailslot name
sizeof(WCHAR) ) { // zero terminator
try_return( Status = STATUS_BUFFER_TOO_SMALL );
}
//
// Get the address of Netlogon's buffer and fill in common portion.
//
NetlogonMailslot = MmGetSystemAddressForMdl( Irp->MdlAddress );
Where = (PUCHAR) (NetlogonMailslot+1);
NetlogonMailslot->TimeReceived = MailslotBuffer->TimeReceived;
//
// Copy the datagram to the buffer
//
NetlogonMailslot->MailslotMessageSize = DataCount;
NetlogonMailslot->MailslotMessageOffset = Where - (PUCHAR)NetlogonMailslot;
RtlCopyMemory( Where, MailslotData, DataCount );
Where += DataCount;
//
// Copy the transport name to the buffer
//
*Where = 0;
Where = ROUND_UP_POINTER( Where, ALIGN_WCHAR );
NetlogonMailslot->TransportNameSize = TransportName.Length;
NetlogonMailslot->TransportNameOffset = Where - (PUCHAR)NetlogonMailslot;
RtlCopyMemory( Where, TransportName.Buffer, TransportName.Length );
Where += TransportName.Length;
*((PWCH)Where) = L'\0';
Where += sizeof(WCHAR);
//
// Copy the mailslot name to the buffer
//
NetlogonMailslot->MailslotNameSize = MailslotNameU.Length;
NetlogonMailslot->MailslotNameOffset = Where - (PUCHAR)NetlogonMailslot;
RtlCopyMemory( Where, MailslotNameU.Buffer, MailslotNameU.Length );
Where += MailslotNameU.Length;
*((PWCH)Where) = L'\0';
Where += sizeof(WCHAR);
#ifdef _CAIRO_
//
// Copy the destination netbios name to the buffer
//
NetlogonMailslot->DestinationNameSize = DestinationName.Length;
NetlogonMailslot->DestinationNameOffset = Where - (PUCHAR)NetlogonMailslot;
RtlCopyMemory( Where, DestinationName.Buffer, DestinationName.Length );
Where += DestinationName.Length;
*((PWCH)Where) = L'\0';
Where += sizeof(WCHAR);
#endif // _CAIRO_
Status = STATUS_SUCCESS;
try_exit:NOTHING;
} finally {
//
// Free Locally allocated buffers
//
RtlFreeUnicodeString(&MailslotNameU);
//
// Always free the incoming mailslot message
//
BowserFreeMailslotBuffer( MailslotBuffer );
}
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
return Status;
}
VOID
BowserNetlogonTrimMessageQueue (
VOID
)
/*++
Routine Description:
This routines ensures there are not too many mailslot messages in
the message queue. Any excess messages are deleted.
Arguments:
None.
Return Value:
None.
--*/
{
KIRQL OldIrql;
dprintf(DPRT_NETLOGON, ("Bowser: trim message queue to %ld\n", BowserNetlogonMaxMessageCount ));
//
//
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
//
// If too many messages are queued,
// delete the oldest messages.
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
while ( BowserNetlogonCurrentMessageCount > BowserNetlogonMaxMessageCount){
PLIST_ENTRY Entry;
PMAILSLOT_BUFFER MailslotBuffer;
Entry = RemoveHeadList(&BowserNetlogonMailslotMessageQueue);
BowserNetlogonCurrentMessageCount--;
MailslotBuffer = CONTAINING_RECORD(Entry, MAILSLOT_BUFFER, Overlay.NextBuffer);
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserFreeMailslotBuffer( MailslotBuffer );
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
}
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
}
VOID
BowserNetlogonDeleteTransportFromMessageQueue (
PTRANSPORT Transport
)
/*++
Routine Description:
This routines removes queued mailslot messages that arrived on the specified
transport.
Arguments:
Transport - Transport who's mailslot messages are to be deleted.
Return Value:
None.
--*/
{
KIRQL OldIrql;
PLIST_ENTRY ListEntry;
dprintf(DPRT_NETLOGON, ("Bowser: remove messages queued by transport %lx\n", Transport ));
//
//
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
//
// Loop through all of the queued messages.
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
for ( ListEntry = BowserNetlogonMailslotMessageQueue.Flink;
ListEntry != &BowserNetlogonMailslotMessageQueue;
) {
PMAILSLOT_BUFFER MailslotBuffer;
//
// If the message wasn't queued by this transport,
// go on to the next entry.
//
MailslotBuffer = CONTAINING_RECORD(ListEntry, MAILSLOT_BUFFER, Overlay.NextBuffer);
if ( MailslotBuffer->TransportName->Transport != Transport ) {
ListEntry = ListEntry->Flink;
//
// Otherwise,
// delete the entry.
//
} else {
dprintf(DPRT_ALWAYS, ("Bowser: removing message %lx queued by transport %lx\n", MailslotBuffer, Transport ));
RemoveEntryList( ListEntry );
BowserNetlogonCurrentMessageCount--;
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserFreeMailslotBuffer( MailslotBuffer );
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
//
// Start over at the beginning of the list since we dropped the spinlock.
//
ListEntry = BowserNetlogonMailslotMessageQueue.Flink;
}
}
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
}
BOOLEAN
BowserProcessNetlogonMailslotWrite(
IN PMAILSLOT_BUFFER MailslotBuffer
)
/*++
Routine Description:
This routine checks to see if the described mailslot message is destined
to the Netlogon service and if the Bowser is currently handling such
messages
Arguments:
MailslotBuffer - Buffer describing the mailslot message.
Return Value:
TRUE - iff the mailslot message was successfully queued to the netlogon
service.
--*/
{
KIRQL OldIrql;
NTSTATUS Status;
PSMB_HEADER SmbHeader;
PSMB_TRANSACT_MAILSLOT MailslotSmb;
BOOLEAN TrimIt;
BOOLEAN ReturnValue;
PIRP Irp;
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
//
// If this message isn't destined to the Netlogon service,
// just return.
//
SmbHeader = (PSMB_HEADER )MailslotBuffer->Buffer;
MailslotSmb = (PSMB_TRANSACT_MAILSLOT)(SmbHeader+1);
if ( _stricmp( MailslotSmb->Buffer, NETLOGON_LM_MAILSLOT_A ) != 0 &&
_stricmp( MailslotSmb->Buffer, NETLOGON_NT_MAILSLOT_A ) != 0 ) {
ReturnValue = FALSE;
//
// The mailslot message is destined to netlogon.
//
} else {
//
// Check to ensure we're queuing messages to Netlogon
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
if ( BowserNetlogonMaxMessageCount == 0 ) {
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
ReturnValue = FALSE;
//
// Queueing to netlogon is enabled.
//
} else {
//
// If there already is an IRP from netlogon queued,
// return this mailslot message to netlogon now.
//
// This routine locks BowserIrpQueueSpinLock so watch the spin lock
// locking order.
//
ReturnValue = TRUE;
Irp = BowserDequeueQueuedIrp( &BowserNetlogonIrpQueue );
if ( Irp != NULL ) {
ASSERT( IsListEmpty( &BowserNetlogonMailslotMessageQueue ) );
dprintf(DPRT_NETLOGON, ("Bowser: found already queued netlogon IRP\n"));
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
Status = BowserNetlogonCopyMessage( Irp, MailslotBuffer );
BowserCompleteRequest( Irp, Status );
} else {
//
// Queue the mailslot message for netlogon to pick up later.
//
InsertTailList( &BowserNetlogonMailslotMessageQueue,
&MailslotBuffer->Overlay.NextBuffer);
BowserNetlogonCurrentMessageCount++;
TrimIt =
(BowserNetlogonCurrentMessageCount > BowserNetlogonMaxMessageCount);
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
//
// If there are too many messages queued,
// trim entries from the front.
//
if ( TrimIt ) {
BowserNetlogonTrimMessageQueue();
}
}
}
}
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
return ReturnValue;
}
NTSTATUS
NetlogonMailslotEnable (
IN PLMDR_REQUEST_PACKET InputBuffer
)
/*++
Routine Description:
This routine processes an IOCTL from the netlogon service to enable or
disable the queueing of netlogon mailslot messages.
Arguments:
InputBuffer - Specifies the number of mailslot messages to queue.
Zero disables queuing.
Return Value:
Status of operation.
Please note that this IRP is cancelable.
--*/
{
KIRQL OldIrql;
NTSTATUS Status;
ULONG MaxMessageCount;
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
try {
MaxMessageCount = InputBuffer->Parameters.NetlogonMailslotEnable.MaxMessageCount;
dprintf(DPRT_NETLOGON,
("NtDeviceIoControlFile: Netlogon enable %ld\n",
MaxMessageCount ));
//
// Set the new size of the message queue
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
BowserNetlogonMaxMessageCount = MaxMessageCount;
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
//
// Trim the message queue to the new size.
//
BowserNetlogonTrimMessageQueue();
try_return(Status = STATUS_SUCCESS);
try_exit:NOTHING;
} finally {
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
}
return Status;
}
NTSTATUS
NetlogonMailslotRead (
IN PIRP Irp,
IN ULONG OutputBufferLength
)
/*++
Routine Description:
This routine processes an IOCTL from the netlogon service to get the next
mailslot message.
Arguments:
IN PIRP Irp - I/O request packet describing request.
Return Value:
Status of operation.
Please note that this IRP is cancelable.
--*/
{
KIRQL OldIrql;
NTSTATUS Status;
ASSERT( IsListEmpty( &BowserNetlogonIrpQueue.Queue ) );
//
// Ensure the bowser is initialized.
//
ExAcquireResourceExclusive(&BowserDataResource, TRUE);
if (BowserData.Initialized != TRUE) {
dprintf(DPRT_NETLOGON, ("Bowser not started\n"));
ExReleaseResource(&BowserDataResource);
return STATUS_REDIRECTOR_NOT_STARTED;
}
ExReleaseResource(&BowserDataResource);
//
// Reference this discardable code.
//
BowserReferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
DISCARDABLE_CODE( BowserNetlogonDiscardableCodeSection );
//
// Reference the discardable code of BowserQueueNonBufferRequestReferenced()
//
BowserReferenceDiscardableCode( BowserDiscardableCodeSection );
DISCARDABLE_CODE( BowserDiscardableCodeSection );
//
// Ensure Netlogon has asked the browser to queue messages
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
if ( BowserNetlogonMaxMessageCount == 0 ) {
dprintf(DPRT_NETLOGON, ("Bowser called from Netlogon when not enabled\n"));
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
Status = STATUS_NOT_SUPPORTED;
//
// If there already is a mailslot message queued,
// just return it to netlogon immediately.
//
} else if ( !IsListEmpty( &BowserNetlogonMailslotMessageQueue )) {
PMAILSLOT_BUFFER MailslotBuffer;
PLIST_ENTRY ListEntry;
dprintf(DPRT_NETLOGON, ("Bowser found netlogon mailslot message already queued\n"));
ListEntry = RemoveHeadList(&BowserNetlogonMailslotMessageQueue);
BowserNetlogonCurrentMessageCount--;
MailslotBuffer = CONTAINING_RECORD(ListEntry, MAILSLOT_BUFFER, Overlay.NextBuffer);
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
Status = BowserNetlogonCopyMessage( Irp, MailslotBuffer );
//
// Otherwise, save this IRP until a mailslot message arrives.
// This routine locks BowserIrpQueueSpinLock so watch the spin lock
// locking order.
//
} else {
dprintf(DPRT_NETLOGON, ("Bowser: queue netlogon mailslot irp\n"));
Status = BowserQueueNonBufferRequestReferenced(
Irp,
&BowserNetlogonIrpQueue,
BowserCancelQueuedRequest );
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
}
BowserDereferenceDiscardableCode( BowserNetlogonDiscardableCodeSection );
BowserDereferenceDiscardableCode( BowserDiscardableCodeSection );
return Status;
}
VOID
BowserProcessMailslotWrite(
IN PVOID Context
)
/*++
Routine Description:
This routine performs all the task time operations to perform a mailslot
write.
It will open the mailslot, write the specified data into the mailslot,
and close the mailslot.
Arguments:
IN PWORK_HEADER WorkHeader - Specifies the mailslot buffer holding the
mailslot write
Return Value:
None.
--*/
{
PSMB_HEADER SmbHeader;
PSMB_TRANSACT_MAILSLOT MailslotSmb;
PMAILSLOT_BUFFER MailslotBuffer = Context;
PUCHAR MailslotData;
HANDLE MailslotHandle = NULL;
OBJECT_ATTRIBUTES ObjAttr;
OEM_STRING MailslotNameA;
UNICODE_STRING MailslotNameU;
IO_STATUS_BLOCK IoStatusBlock;
CHAR MailslotName[MAXIMUM_FILENAME_LENGTH+1];
NTSTATUS Status;
USHORT DataCount;
USHORT TotalDataCount;
PAGED_CODE();
ASSERT (MailslotBuffer->Signature == STRUCTURE_SIGNATURE_MAILSLOT_BUFFER);
SmbHeader = (PSMB_HEADER )MailslotBuffer->Buffer;
ASSERT (SmbHeader->Command == SMB_COM_TRANSACTION);
MailslotSmb = (PSMB_TRANSACT_MAILSLOT)(SmbHeader+1);
ASSERT (MailslotSmb->WordCount == 17);
ASSERT (MailslotSmb->Class == 2);
MailslotData = (((PCHAR )SmbHeader) + SmbGetUshort(&MailslotSmb->DataOffset));
MailslotNameU.MaximumLength = MAXIMUM_FILENAME_LENGTH*sizeof(WCHAR)+sizeof(WCHAR);
#define DEVICE_PREFIX_LENGTH 7
strcpy(MailslotName, "\\Device");
strncpy( MailslotName+DEVICE_PREFIX_LENGTH,
MailslotSmb->Buffer,
sizeof(MailslotName)-DEVICE_PREFIX_LENGTH);
MailslotName[sizeof(MailslotName)-1] = '\0';
RtlInitString(&MailslotNameA, MailslotName);
DataCount = SmbGetUshort(&MailslotSmb->DataCount);
TotalDataCount = SmbGetUshort(&MailslotSmb->TotalDataCount);
//
// If we didn't receive the total amount, or if the amount received is
// less than the data count, log this as an illegal datagram.
//
if (TotalDataCount != DataCount ||
DataCount >= MailslotBuffer->ReceiveLength ) {
BowserLogIllegalDatagram(MailslotBuffer->TransportName,
SmbHeader,
(USHORT)MailslotBuffer->ReceiveLength,
MailslotBuffer->ClientAddress,
0);
}
//
// Handle netlogon mailslot messages specially.
// Don't call the discardable code at all if netlogon isn't running
//
if ( BowserNetlogonMaxMessageCount != 0 &&
BowserProcessNetlogonMailslotWrite( MailslotBuffer ) ) {
return;
}
//
// Write the mailslot message to the mailslot
//
try {
Status = RtlOemStringToUnicodeString(&MailslotNameU, &MailslotNameA, TRUE);
if (!NT_SUCCESS(Status)) {
BowserWriteErrorLogEntry(EVENT_BOWSER_NAME_CONVERSION_FAILED, Status, MailslotNameA.Buffer, MailslotNameA.Length, 0);
try_return(NOTHING);
}
InitializeObjectAttributes(&ObjAttr,
&MailslotNameU,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
Status = NtCreateFile(&MailslotHandle, // Handle
GENERIC_WRITE | SYNCHRONIZE,
&ObjAttr, // Object Attributes
&IoStatusBlock, // Final I/O status block
NULL, // Allocation Size
FILE_ATTRIBUTE_NORMAL, // Normal attributes
FILE_SHARE_READ|FILE_SHARE_WRITE,// Sharing attributes
FILE_OPEN, // Create disposition
0, // CreateOptions
NULL, // EA Buffer
0); // EA Length
RtlFreeUnicodeString(&MailslotNameU);
//
// If the mailslot doesn't exist, ditch the request -
//
if (!NT_SUCCESS(Status)) {
BowserStatistics.NumberOfFailedMailslotOpens += 1;
try_return(NOTHING);
}
//
// Now that the mailslot is opened, write the mailslot data into
// the mailslot.
//
Status = NtWriteFile(MailslotHandle,
NULL,
NULL,
NULL,
&IoStatusBlock,
MailslotData,
DataCount,
NULL,
NULL);
if (!NT_SUCCESS(Status)) {
BowserStatistics.NumberOfFailedMailslotWrites += 1;
} else {
BowserStatistics.NumberOfMailslotWrites += 1;
}
try_exit:NOTHING;
} finally {
//
// If we opened the mailslot, close it.
//
if (MailslotHandle != NULL) {
ZwClose(MailslotHandle);
}
//
// Free the mailslot buffer holding this mailslot.
//
BowserFreeMailslotBuffer(MailslotBuffer);
}
}
PMAILSLOT_BUFFER
BowserAllocateMailslotBuffer(
IN PTRANSPORT_NAME TransportName,
IN ULONG RequestedBufferSize
)
/*++
Routine Description:
This routine will allocate a mailslot buffer from the mailslot buffer pool.
If it is unable to allocate a buffer, it will allocate the buffer from
non-paged pool (up to the maximum configured by the user).
Arguments:
TransportName - The transport name for this request.
RequestedBufferSize - Minimum size of buffer to allocate.
Return Value:
MAILSLOT_BUFFER - The allocated buffer.
--*/
{
KIRQL OldIrql;
PMAILSLOT_BUFFER Buffer = NULL;
ULONG BufferSize;
//
// If the request fits into a cached buffer,
// and there is a cache buffer available,
// use it.
//
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
if ( RequestedBufferSize <= BOWSER_MAX_DATAGRAM_SIZE &&
!IsListEmpty(&BowserMailslotBufferList)) {
PMAILSLOT_BUFFER Buffer;
PLIST_ENTRY Entry;
Entry = RemoveHeadList(&BowserMailslotBufferList);
BowserNumberOfFreeMailslotBuffers --;
Buffer = CONTAINING_RECORD(Entry, MAILSLOT_BUFFER, Overlay.NextBuffer);
#if DBG
BowserMailslotCacheHitCount++;
#endif // DBG
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
Buffer->TransportName = TransportName;
BowserReferenceTransportName(TransportName);
BowserReferenceTransport( TransportName->Transport );
return Buffer;
}
//
// If we've got too many buffers allocated,
// don't allocate any more.
//
// BowserData.NumberOfMailslotBuffers is the maximum number we're allowed to have
// in the cache at once. It defaults to 3.
//
// BowserNetlogonMaxMessageCount is the number of buffers the netlogon service may
// have queued at any one point in time. It may be zero when netlogon isn't
// running or if we're running on a non-DC. On DC's it defaults to 500.
//
// Add 50, to ensure we don't limit it by too much.
//
if ( (ULONG)BowserNumberOfMailslotBuffers >=
max( (ULONG)BowserData.NumberOfMailslotBuffers, BowserNetlogonMaxMessageCount+50 )) {
BowserStatistics.NumberOfMissedMailslotDatagrams += 1;
BowserNumberOfMissedMailslotDatagrams += 1;
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
return NULL;
}
//
// The first few buffers we allocate should be maximum size so we can keep a preallocated
// cache of huge buffers.
//
if ( BowserNumberOfMaxSizeMailslotBuffers < BowserData.NumberOfMailslotBuffers ) {
BufferSize = FIELD_OFFSET(MAILSLOT_BUFFER, Buffer) + BOWSER_MAX_DATAGRAM_SIZE;
BowserNumberOfMaxSizeMailslotBuffers += 1;
} else {
BufferSize = FIELD_OFFSET(MAILSLOT_BUFFER, Buffer) + RequestedBufferSize;
}
BowserNumberOfMailslotBuffers += 1;
ASSERT ( (BufferSize - FIELD_OFFSET(MAILSLOT_BUFFER, Buffer)) <= 0xffff);
#if DBG
BowserMailslotCacheMissCount++;
#endif // DBG
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
Buffer = ALLOCATE_POOL(NonPagedPool, BufferSize, POOL_MAILSLOT_BUFFER);
//
// If we couldn't allocate the buffer from non paged pool, give up.
//
if (Buffer == NULL) {
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
ASSERT (BowserNumberOfMailslotBuffers);
BowserNumberOfMailslotBuffers -= 1;
if ( BowserNumberOfMaxSizeMailslotBuffers != 0 ) {
BowserNumberOfMaxSizeMailslotBuffers -= 1;
}
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserStatistics.NumberOfFailedMailslotAllocations += 1;
//
// Since we couldn't allocate this buffer, we've effectively missed
// this mailslot request.
//
BowserStatistics.NumberOfMissedMailslotDatagrams += 1;
BowserNumberOfMissedMailslotDatagrams += 1;
return NULL;
}
Buffer->Signature = STRUCTURE_SIGNATURE_MAILSLOT_BUFFER;
Buffer->Size = FIELD_OFFSET(MAILSLOT_BUFFER, Buffer);
Buffer->BufferSize = BufferSize - FIELD_OFFSET(MAILSLOT_BUFFER, Buffer);
Buffer->TransportName = TransportName;
BowserReferenceTransportName(TransportName);
BowserReferenceTransport( TransportName->Transport );
return Buffer;
}
VOID
BowserFreeMailslotBuffer(
IN PMAILSLOT_BUFFER Buffer
)
/*++
Routine Description:
This routine will return a mailslot buffer to the view buffer pool.
If the buffer was allocated from must-succeed pool, it is freed back
to pool. In addition, if the buffer is smaller than the current
max view buffer size, we free it.
Arguments:
IN PVIEW_BUFFER Buffer - Supplies the buffer to free
Return Value:
None.
--*/
{
KIRQL OldIrql;
BowserReferenceDiscardableCode( BowserDiscardableCodeSection );
DISCARDABLE_CODE( BowserDiscardableCodeSection );
(VOID) BowserDereferenceTransportName( Buffer->TransportName );
BowserDereferenceTransport(Buffer->TransportName->Transport);
ACQUIRE_SPIN_LOCK(&BowserMailslotSpinLock, &OldIrql);
//
// Also, if a new transport was added that is larger than this buffer,
// we want to free the buffer.
//
//
// If we have more mailslot buffers than the size of our lookaside list,
// free it, don't stick it on our lookaside list.
//
if (Buffer->BufferSize != BOWSER_MAX_DATAGRAM_SIZE ||
BowserNumberOfFreeMailslotBuffers > BowserData.NumberOfMailslotBuffers) {
//
// Since we're returning this buffer to pool, we shouldn't count it
// against our total number of mailslot buffers.
//
BowserNumberOfMailslotBuffers -= 1;
ASSERT (BowserNumberOfMailslotBuffers >= 0);
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
FREE_POOL(Buffer);
BowserDereferenceDiscardableCode( BowserDiscardableCodeSection );
return;
}
InsertTailList(&BowserMailslotBufferList, &Buffer->Overlay.NextBuffer);
BowserNumberOfFreeMailslotBuffers ++;
RELEASE_SPIN_LOCK(&BowserMailslotSpinLock, OldIrql);
BowserDereferenceDiscardableCode( BowserDiscardableCodeSection );
}
VOID
BowserFreeMailslotBufferHighIrql(
IN PMAILSLOT_BUFFER Buffer
)
/*++
Routine Description:
This routine will return a mailslot buffer to the view buffer pool if the
caller is at raised irql.
Arguments:
Buffer - Supplies the buffer to free
Return Value:
None.
--*/
{
//
// Queue the request to a worker routine.
//
ExInitializeWorkItem(&Buffer->Overlay.WorkHeader,
(PWORKER_THREAD_ROUTINE) BowserFreeMailslotBuffer,
Buffer);
ExQueueWorkItem(&Buffer->Overlay.WorkHeader, DelayedWorkQueue);
}
VOID
BowserpInitializeMailslot (
VOID
)
/*++
Routine Description:
This routine will allocate a transport descriptor and bind the bowser
to the transport.
Arguments:
None
Return Value:
None
--*/
{
KeInitializeSpinLock(&BowserMailslotSpinLock);
InitializeListHead(&BowserMailslotBufferList);
InitializeListHead(&BowserNetlogonMailslotMessageQueue);
BowserInitializeIrpQueue( &BowserNetlogonIrpQueue );
}
VOID
BowserpUninitializeMailslot (
VOID
)
/*++
Routine Description:
Arguments:
None
Return Value:
None
--*/
{
PAGED_CODE();
//
// Trim the netlogon message queue to zero entries.
//
BowserNetlogonMaxMessageCount = 0;
BowserNetlogonTrimMessageQueue();
//
// Free the mailslot buffers.
while (!IsListEmpty(&BowserMailslotBufferList)) {
PLIST_ENTRY Entry;
PMAILSLOT_BUFFER Buffer;
Entry = RemoveHeadList(&BowserMailslotBufferList);
Buffer = CONTAINING_RECORD(Entry, MAILSLOT_BUFFER, Overlay.NextBuffer);
FREE_POOL(Buffer);
}
BowserUninitializeIrpQueue( &BowserNetlogonIrpQueue );
}