|
|
/*++
Copyright (c) 1997-1999 Microsoft Corporation
Module Name:
pnp.c
Abstract:
This module contains the PnP and PM routines
Author:
Vadim Eydelman (vadime) Apr-1997
Revision History:
--*/
#include "afdp.h"
NTSTATUSAfdPassQueryDeviceRelation ( IN PFILE_OBJECT FileObject, IN PIRP Irp, IN PIO_STACK_LOCATION IrpSp );
NTSTATUSAfdRestartQueryDeviceRelation ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context );
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGE, AfdPnpPower )
#pragma alloc_text( PAGE, AfdPassQueryDeviceRelation )
#pragma alloc_text( PAGEAFD, AfdRestartQueryDeviceRelation )
#endif
NTSTATUSFASTCALLAfdPnpPower ( IN PIRP Irp, IN PIO_STACK_LOCATION IrpSp )
/*++
Routine Description:
This is the dispatch routine for PNP_POWER irp
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/
{ PAGED_CODE( );
switch (IrpSp->MinorFunction) {
//
// We only support target device relation query
//
case IRP_MN_QUERY_DEVICE_RELATIONS: if (IrpSp->Parameters.QueryDeviceRelations.Type==TargetDeviceRelation) {
NTSTATUS status; PAFD_ENDPOINT endpoint; PAFD_CONNECTION connection; //
// Set up local variables.
//
endpoint = IrpSp->FileObject->FsContext; ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) ); //
// Dispatch to correct TDI object of underlying transport
// driver depedning on endpoint type
//
switch (endpoint->Type) { case AfdBlockTypeVcConnecting: case AfdBlockTypeVcBoth: connection = AfdGetConnectionReferenceFromEndpoint (endpoint); if (connection!=NULL) { status = AfdPassQueryDeviceRelation (connection->FileObject, Irp, IrpSp); DEREFERENCE_CONNECTION (connection); return status; } // fall through to try address handle if we have one.
case AfdBlockTypeVcListening: case AfdBlockTypeDatagram: if (endpoint->State==AfdEndpointStateBound || endpoint->State==AfdEndpointStateConnected) { return AfdPassQueryDeviceRelation (endpoint->AddressFileObject, Irp, IrpSp); } // fall through to fail
case AfdBlockTypeHelper: case AfdBlockTypeEndpoint: case AfdBlockTypeSanHelper: case AfdBlockTypeSanEndpoint: break; default: ASSERT (!"Unknown endpoint type!"); break; } } default: break; } Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; IoCompleteRequest( Irp, AfdPriorityBoost );
//
// We do not support the rest
//
return STATUS_INVALID_DEVICE_REQUEST;}
NTSTATUSAfdPassQueryDeviceRelation ( IN PFILE_OBJECT FileObject, IN PIRP Irp, IN PIO_STACK_LOCATION IrpSp )
/*++
Routine Description:
This is the dispatch routine for PNP_POWER irp
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/
{ PIO_STACK_LOCATION nextIrpSp;
PAGED_CODE ();
nextIrpSp = IoGetNextIrpStackLocation( Irp );
*nextIrpSp = *IrpSp;
//
// Reference file object so it does not go away until this
// IRP completes
//
ObReferenceObject (FileObject); nextIrpSp->FileObject = FileObject;
IoSetCompletionRoutine( Irp, AfdRestartQueryDeviceRelation, FileObject, TRUE, TRUE, TRUE );
#ifdef _AFD_VARIABLE_STACK_
return AfdCallDriverStackIncrease ( IoGetRelatedDeviceObject( FileObject ), Irp );#else // _AFD_VARIABLE_STACK_
return IoCallDriver ( IoGetRelatedDeviceObject( FileObject ), Irp );#endif
}
NTSTATUSAfdRestartQueryDeviceRelation ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context ) { PFILE_OBJECT fileObject = Context;
UNREFERENCED_PARAMETER (DeviceObject); UNREFERENCED_PARAMETER (Irp); //
// Dereference file object that we referenced when calling the
// lower driver
//
ObDereferenceObject (fileObject);
//
// Tell IO system to continue with IRP completion
//
return STATUS_SUCCESS;}
#include <tdiinfo.h>
#include <ntddip.h>
#include <ntddip6.h>
#include <ntddtcp.h>
#include <ipinfo.h>
typedef struct _AFD_PROTOCOL { USHORT AddressType; USHORT AddressLength; LPWSTR NetworkLayerDeviceName; LPWSTR TransportLayerDeviceName; ULONG RtChangeIoctl; ULONG RtChangeDataSize; LONG RoutingQueryRefCount; HANDLE DeviceHandle; PFILE_OBJECT FileObject;} AFD_PROTOCOL, *PAFD_PROTOCOL;
PAFD_PROTOCOLAfdGetProtocolInfo( IN USHORT AddressType );
NTSTATUSAfdOpenDevice ( LPWSTR DeviceNameStr, HANDLE *Handle, PFILE_OBJECT *FileObject );
NTSTATUSAfdGetRoutingQueryReference ( IN PAFD_PROTOCOL Protocol );
VOIDAfdDereferenceRoutingQuery ( PAFD_PROTOCOL Protocol );
NTSTATUSAfdTcpQueueRoutingChangeRequest ( IN PAFD_ENDPOINT Endpoint, IN PIRP Irp, IN BOOLEAN Overlapped );
NTSTATUSAfdTcpRestartRoutingChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context );
NTSTATUSAfdTcpSignalRoutingChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context );
NTSTATUSAfdTcpRoutingQuery ( PTA_ADDRESS Dest, PTA_ADDRESS Intf );
NTSTATUSAfdTcp6RoutingQuery ( PTA_ADDRESS Dest, PTA_ADDRESS Intf );
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGE, AfdOpenDevice )
#pragma alloc_text( PAGE, AfdRoutingInterfaceQuery )
#pragma alloc_text( PAGE, AfdTcpRoutingQuery )
#pragma alloc_text( PAGE, AfdTcp6RoutingQuery )
#pragma alloc_text( PAGE, AfdGetRoutingQueryReference )
#pragma alloc_text( PAGE, AfdDereferenceRoutingQuery )
#pragma alloc_text( PAGE, AfdGetProtocolInfo )
#pragma alloc_text( PAGEAFD, AfdTcpQueueRoutingChangeRequest )
#pragma alloc_text( PAGEAFD, AfdTcpRestartRoutingChange )
#pragma alloc_text( PAGEAFD, AfdTcpSignalRoutingChange )
#pragma alloc_text( PAGEAFD, AfdCleanupRoutingChange )
#endif
AFD_PROTOCOL Ip = { TDI_ADDRESS_TYPE_IP, TDI_ADDRESS_LENGTH_IP, DD_IP_DEVICE_NAME, DD_TCP_DEVICE_NAME, IOCTL_IP_RTCHANGE_NOTIFY_REQUEST, sizeof(IPNotifyData), 0, NULL, NULL };AFD_PROTOCOL Ip6= { TDI_ADDRESS_TYPE_IP6, TDI_ADDRESS_LENGTH_IP6, DD_IPV6_DEVICE_NAME, DD_TCPV6_DEVICE_NAME, IOCTL_IPV6_RTCHANGE_NOTIFY_REQUEST, sizeof(IPV6_RTCHANGE_NOTIFY_REQUEST), 0, NULL, NULL };
const char ZeroString[16] = { 0 };
PAFD_PROTOCOLAfdGetProtocolInfo( IN USHORT AddressType ){ switch (AddressType) { case TDI_ADDRESS_TYPE_IP: return &Ip; case TDI_ADDRESS_TYPE_IP6: return &Ip6; default: return NULL; }}
NTSTATUSAfdRoutingInterfaceQuery ( IN PFILE_OBJECT FileObject, IN ULONG IoctlCode, IN KPROCESSOR_MODE RequestorMode, IN PVOID InputBuffer, IN ULONG InputBufferLength, IN PVOID OutputBuffer, IN ULONG OutputBufferLength, OUT PULONG_PTR Information )/*++
Routine Description:
Processes routing query request. Protocol independent portion.
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/{ CHAR addrBuffer[AFD_MAX_FAST_TRANSPORT_ADDRESS]; PTRANSPORT_ADDRESS tempAddr; NTSTATUS status;
UNREFERENCED_PARAMETER (IoctlCode);#if !DBG
UNREFERENCED_PARAMETER (FileObject);#endif
PAGED_CODE ();
//
// Initialize locals for proper cleanup.
//
*Information = 0; tempAddr = (PTRANSPORT_ADDRESS)addrBuffer;
//
// Validate input parameters
//
if( InputBufferLength < sizeof(*tempAddr) ) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdRoutingInterfaceQuery: Endp: %p - invalid input buffer (%p-%d).\n", FileObject->FsContext, InputBuffer, InputBufferLength)); status = STATUS_INVALID_PARAMETER; goto Complete; }
try { //
// Copy input address into the local (or allocated from pool) buffer
//
if (InputBufferLength>sizeof (addrBuffer)) { tempAddr = AFD_ALLOCATE_POOL_WITH_QUOTA (PagedPool, InputBufferLength, AFD_ROUTING_QUERY_POOL_TAG); // AFD_ALLOCATE_POOL_WITH_QUOTA macro sets POOL_RAISE_IF_ALLOCATION_FAILURE
}
//
// Validate user mode pointers
//
if (RequestorMode!=KernelMode) { ProbeForRead (InputBuffer, InputBufferLength, sizeof (CHAR)); } RtlCopyMemory (tempAddr, InputBuffer, InputBufferLength);
//
// Validate the internal consistency of the transport address AFTER
// copying it into the internal buffer to prevent malicious app from
// changing it on the fly while we are checking.
//
if (tempAddr->TAAddressCount!=1 || InputBufferLength < (ULONG)FIELD_OFFSET (TRANSPORT_ADDRESS, Address[0].Address[tempAddr->Address[0].AddressLength])) { ExRaiseStatus (STATUS_INVALID_PARAMETER); } } except (EXCEPTION_EXECUTE_HANDLER) { status = GetExceptionCode (); goto Complete; }
//
// PROBLEM. We only support IP for now
//
switch (tempAddr->Address[0].AddressType) { case TDI_ADDRESS_TYPE_IP: status = AfdTcpRoutingQuery (&tempAddr->Address[0], &tempAddr->Address[0]); break; case TDI_ADDRESS_TYPE_IP6: status = AfdTcp6RoutingQuery (&tempAddr->Address[0], &tempAddr->Address[0]); break; default: status = STATUS_NOT_SUPPORTED; goto Complete; }
//
// Convert output to socket address if we succeeded.
//
if (NT_SUCCESS (status)) { //
// Conversion to sockaddr requires extra bytes for address family
// in addition to TDI_ADDRESS
//
if ((tempAddr->Address[0].AddressLength+sizeof(u_short) <= OutputBufferLength)) { try { //
// Validate user mode pointers
//
if (RequestorMode!=KernelMode) { ProbeForWrite (OutputBuffer, OutputBufferLength, sizeof (CHAR)); } //
// Copy the data from the type on which corresponds
// to the socket address.
//
RtlCopyMemory ( OutputBuffer, &tempAddr->Address[0].AddressType, tempAddr->Address[0].AddressLength+sizeof(u_short)); } except (EXCEPTION_EXECUTE_HANDLER) { status = GetExceptionCode (); goto Complete; } } else { //
// Output buffer is not big enough, return warning
// and the required buffer size.
//
status = STATUS_BUFFER_OVERFLOW; } *Information = tempAddr->Address[0].AddressLength+sizeof(u_short); }
Complete:
//
// Free address buffer if we allocated one.
//
if (tempAddr!=(PTRANSPORT_ADDRESS)addrBuffer) { AFD_FREE_POOL (tempAddr, AFD_ROUTING_QUERY_POOL_TAG); }
return status;} //AfdRoutingInterfaceQuery
NTSTATUSFASTCALLAfdRoutingInterfaceChange ( IN PIRP Irp, IN PIO_STACK_LOCATION IrpSp )/*++
Routine Description:
Processes routing change IRP
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/{ PTRANSPORT_ADDRESS destAddr; NTSTATUS status; PAFD_ENDPOINT endpoint; BOOLEAN overlapped; AFD_TRANSPORT_IOCTL_INFO ioctlInfo;
PAGED_CODE ();
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdRoutingInterfaceChange: Endp: %p, buf: %p, inlen: %ld, outlen: %ld.\n", IrpSp->FileObject->FsContext, Irp->AssociatedIrp.SystemBuffer, IrpSp->Parameters.DeviceIoControl.InputBufferLength, IrpSp->Parameters.DeviceIoControl.OutputBufferLength)); }
#ifdef _WIN64
if (IoIs32bitProcess (Irp)) { PAFD_TRANSPORT_IOCTL_INFO32 ioctlInfo32; ioctlInfo32 = Irp->AssociatedIrp.SystemBuffer; if (IrpSp->Parameters.DeviceIoControl.InputBufferLength<sizeof (*ioctlInfo32)) { status = STATUS_INVALID_PARAMETER; goto complete; } ioctlInfo.Handle = ioctlInfo32->Handle; ioctlInfo.InputBuffer = UlongToPtr(ioctlInfo32->InputBuffer); ioctlInfo.InputBufferLength = ioctlInfo32->InputBufferLength; ioctlInfo.IoControlCode = ioctlInfo32->IoControlCode; ioctlInfo.AfdFlags = ioctlInfo32->AfdFlags; ioctlInfo.PollEvent = ioctlInfo32->PollEvent; } else#endif // _WIN64
{ if (IrpSp->Parameters.DeviceIoControl.InputBufferLength<sizeof (ioctlInfo)) { status = STATUS_INVALID_PARAMETER; goto complete; } ioctlInfo = *((PAFD_TRANSPORT_IOCTL_INFO)Irp->AssociatedIrp.SystemBuffer); } //
// Setup locals
//
endpoint = IrpSp->FileObject->FsContext; ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) ); //
// Check if request is overlapped
//
overlapped = (BOOLEAN)((ioctlInfo.AfdFlags & AFD_OVERLAPPED)!=0);
//
// Validate input parameters
//
AFD_W4_INIT status = STATUS_SUCCESS; try { ULONG sysBufferLength; sysBufferLength = max ( IrpSp->Parameters.DeviceIoControl.InputBufferLength, IrpSp->Parameters.DeviceIoControl.OutputBufferLength);
if (Irp->RequestorMode != KernelMode) { ProbeForRead( ioctlInfo.InputBuffer, ioctlInfo.InputBufferLength, sizeof(UCHAR) ); }
if (ioctlInfo.InputBufferLength>sysBufferLength){ PVOID newSystemBuffer; //
// Don't use AFD allocation routine on this as we are substituting
// system buffer
//
newSystemBuffer = ExAllocatePoolWithQuotaTag ( NonPagedPool|POOL_RAISE_IF_ALLOCATION_FAILURE, ioctlInfo.InputBufferLength, AFD_SYSTEM_BUFFER_POOL_TAG ); if (newSystemBuffer==NULL) { ExRaiseStatus (STATUS_INSUFFICIENT_RESOURCES); } ExFreePool (Irp->AssociatedIrp.SystemBuffer); Irp->AssociatedIrp.SystemBuffer = newSystemBuffer; }
//
// Copy application data to the system buffer
//
RtlCopyMemory (Irp->AssociatedIrp.SystemBuffer, ioctlInfo.InputBuffer, ioctlInfo.InputBufferLength);
} except( AFD_EXCEPTION_FILTER (status) ) { ASSERT (NT_ERROR (status)); goto complete; }
destAddr = Irp->AssociatedIrp.SystemBuffer;
if(ioctlInfo.InputBufferLength < sizeof(*destAddr) || ioctlInfo.InputBufferLength < (ULONG)FIELD_OFFSET (TRANSPORT_ADDRESS, Address[0].Address[destAddr->Address[0].AddressLength]) ) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdRoutingInterfaceChange: Endp: %p - invalid parameter.\n", IrpSp->FileObject->FsContext)); status = STATUS_INVALID_PARAMETER; goto complete;
}
//
// PROBLEM We only support IP for now
//
if (destAddr->Address[0].AddressType!=TDI_ADDRESS_TYPE_IP && destAddr->Address[0].AddressType!=TDI_ADDRESS_TYPE_IP6) { status = STATUS_NOT_SUPPORTED; goto complete; }
//
// Reset the poll bit
//
endpoint->EventsActive &= ~AFD_POLL_ROUTING_IF_CHANGE;
return AfdTcpQueueRoutingChangeRequest (endpoint, Irp, overlapped);
complete: Irp->IoStatus.Status = status; Irp->IoStatus.Information = 0; IoCompleteRequest (Irp, AfdPriorityBoost);
return status;
} // AfdRoutingInterfaceChange
NTSTATUSAfdOpenDevice ( LPWSTR DeviceNameStr, HANDLE *Handle, PFILE_OBJECT *FileObject )/*++
Routine Description:
Opens specified device driver (control channel) and returns handle and file object
Arguments:
DeviceNameStr - device to open.
Handle - returned handle.
FileObject - returned file object.Return Value:
NTSTATUS -- Indicates whether the device was opened OK
--*/{ NTSTATUS status; UNICODE_STRING DeviceName; OBJECT_ATTRIBUTES objectAttributes; IO_STATUS_BLOCK iosb;
PAGED_CODE( );
RtlInitUnicodeString(&DeviceName, DeviceNameStr);
//
// We ask to create a kernel handle which is
// the handle in the context of the system process
// so that application cannot close it on us while
// we are creating and referencing it.
//
InitializeObjectAttributes( &objectAttributes, &DeviceName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, // attributes
NULL, NULL );
status = IoCreateFile( Handle, MAXIMUM_ALLOWED, &objectAttributes, &iosb, // returned status information.
0, // block size (unused).
0, // file attributes.
FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_CREATE, // create disposition.
0, // create options.
NULL, // eaInfo
0, // eaLength
CreateFileTypeNone, // CreateFileType
NULL, // ExtraCreateParameters
IO_NO_PARAMETER_CHECKING // Options
| IO_FORCE_ACCESS_CHECK );
if (NT_SUCCESS (status)) { status = ObReferenceObjectByHandle ( *Handle, 0L, *IoFileObjectType, KernelMode, (PVOID *)FileObject, NULL ); if (!NT_SUCCESS (status)) { ZwClose (*Handle); *Handle = NULL; } }
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdOpenDevice: Opened %ls, handle: %p, file: %p, status: %lx.\n", DeviceNameStr, *Handle, *FileObject, status)); } return status;
} // AfdOpenDevice
VOIDAfdDereferenceRoutingQuery ( PAFD_PROTOCOL Protocol ){
//
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion(); ExAcquireResourceExclusiveLite(AfdResource, TRUE);
ASSERT(Protocol->RoutingQueryRefCount > 0); ASSERT(Protocol->DeviceHandle != NULL);
if (InterlockedDecrement(&Protocol->RoutingQueryRefCount) == 0) {
HANDLE DeviceHandle = Protocol->DeviceHandle; PFILE_OBJECT FileObject = Protocol->FileObject;
Protocol->DeviceHandle = NULL; Protocol->FileObject = NULL;
ExReleaseResourceLite(AfdResource); KeLeaveCriticalRegion();
ObDereferenceObject(FileObject);
//
// Do this in the context of system process so that it does not
// get closed when applications exit
//
ZwClose(DeviceHandle);
} else {
ExReleaseResourceLite(AfdResource); KeLeaveCriticalRegion();
}
} // AfdDereferenceRoutingQuery
NTSTATUSAfdTcp6RoutingQuery ( PTA_ADDRESS Dest, PTA_ADDRESS Intf )/*++
Routine Description:
Submits routing query request to TCP6
Arguments:
Dest - destination to query
Intf - interface through which destination can be reached.
Return Value:
NTSTATUS -- Indicates whether operation succeded
--*/{ NTSTATUS status; TDIObjectID *lpObject; CHAR byBuffer[FIELD_OFFSET(TCP_REQUEST_QUERY_INFORMATION_EX, Context) + sizeof(TDI_ADDRESS_IP6)]; TCP_REQUEST_QUERY_INFORMATION_EX *ptrqiBuffer = (TCP_REQUEST_QUERY_INFORMATION_EX *) byBuffer; IP6RouteEntry routeEntry; IO_STATUS_BLOCK iosb; KEVENT event; PIRP irp; PIO_STACK_LOCATION irpSp; HANDLE tcpDeviceHandle; PFILE_OBJECT tcpFileObject; PDEVICE_OBJECT tcpDeviceObject;
PAGED_CODE ();
if (Dest->AddressLength<TDI_ADDRESS_LENGTH_IP6) { KdPrintEx ((DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdTcp6RoutingQuery: Destination address buffer too small.\n")); return STATUS_BUFFER_TOO_SMALL; }
//
// Open TCP6 driver.
//
status = AfdOpenDevice (DD_TCPV6_DEVICE_NAME, &tcpDeviceHandle, &tcpFileObject); if (!NT_SUCCESS (status)) { return status; } tcpDeviceObject = IoGetRelatedDeviceObject ( tcpFileObject );
//
// Setup the query
//
RtlCopyMemory( (PVOID)ptrqiBuffer->Context, Dest->Address, TDI_ADDRESS_LENGTH_IP6);
lpObject = &ptrqiBuffer->ID; lpObject->toi_id = IP6_GET_BEST_ROUTE_ID; lpObject->toi_class = INFO_CLASS_PROTOCOL; lpObject->toi_type = INFO_TYPE_PROVIDER; lpObject->toi_entity.tei_entity = CL_NL_ENTITY; lpObject->toi_entity.tei_instance = 0;
KeInitializeEvent (&event, NotificationEvent, FALSE);
//
// Build and setup the IRP and call the driver
//
irp = IoBuildDeviceIoControlRequest ( IOCTL_TCP_QUERY_INFORMATION_EX, //Control
tcpDeviceObject, // Device
ptrqiBuffer, // Input buffer
sizeof(byBuffer), // Input buffer size
&routeEntry, // Output buffer
sizeof(routeEntry), // Output buffer size
FALSE, // Internal ?
&event, // Event
&iosb // Status block
); if (irp==NULL) { IF_DEBUG(ROUTING_QUERY) { KdPrintEx ((DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdTcp6RoutingQuery: Could not allocate IRP.\n")); } status = STATUS_INSUFFICIENT_RESOURCES; goto complete; }
irpSp = IoGetNextIrpStackLocation (irp); irpSp->FileObject = tcpFileObject;
status = IoCallDriver (tcpDeviceObject, irp);
if (status==STATUS_PENDING) { status = KeWaitForSingleObject( &event, Executive, KernelMode, FALSE, // Alertable
NULL); // Timeout
}
IF_DEBUG (ROUTING_QUERY) { KdPrintEx ((DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdTcp6RoutingQuery: IP6_GET_BEST_ROUTE_ID - status: %lx.\n", status)); }
if (!NT_SUCCESS (status)) { goto complete; }
if (!NT_SUCCESS (iosb.Status)) { status = iosb.Status; goto complete; }
// Fill in IPv6 address
Intf->AddressType = TDI_ADDRESS_TYPE_IP6; Intf->AddressLength = TDI_ADDRESS_LENGTH_IP6; RtlCopyMemory( ((PTDI_ADDRESS_IP6)Intf->Address)->sin6_addr, &routeEntry.ire_Source, sizeof(routeEntry.ire_Source) ); ((PTDI_ADDRESS_IP6)Intf->Address)->sin6_flowinfo = 0; ((PTDI_ADDRESS_IP6)Intf->Address)->sin6_port = 0; ((PTDI_ADDRESS_IP6)Intf->Address)->sin6_scope_id = routeEntry.ire_ScopeId; status = STATUS_SUCCESS;
complete: ObDereferenceObject (tcpFileObject); ZwClose (tcpDeviceHandle);
return status;}
NTSTATUSAfdTcpRoutingQuery ( PTA_ADDRESS Dest, PTA_ADDRESS Intf )/*++
Routine Description:
Submits routing query request to TCP
Arguments:
Dest - destination to query Intf - interface through which destination can be reached.
Return Value:
NTSTATUS -- Indicates whether operation succeded
--*/{ NTSTATUS status; TDIObjectID *lpObject; TCP_REQUEST_QUERY_INFORMATION_EX trqiBuffer; ULONG *pIpAddr; ULONG ipSource; IO_STATUS_BLOCK iosb; KEVENT event; PIRP irp; PIO_STACK_LOCATION irpSp; HANDLE tcpDeviceHandle; PFILE_OBJECT tcpFileObject; PDEVICE_OBJECT tcpDeviceObject;
PAGED_CODE ();
if (Dest->AddressLength<TDI_ADDRESS_LENGTH_IP) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdTcpRoutingQuery: Destination address buffer too small.\n")); return STATUS_BUFFER_TOO_SMALL; }
//
// Open TCP driver.
//
status = AfdOpenDevice (DD_TCP_DEVICE_NAME, &tcpDeviceHandle, &tcpFileObject); if (!NT_SUCCESS (status)) { return status; } tcpDeviceObject = IoGetRelatedDeviceObject ( tcpFileObject );
//
// Setup the query
//
RtlZeroMemory (&trqiBuffer, sizeof (trqiBuffer));
pIpAddr = (ULONG *)trqiBuffer.Context; *pIpAddr = ((PTDI_ADDRESS_IP)Dest->Address)->in_addr;
lpObject = &trqiBuffer.ID; lpObject->toi_id = IP_GET_BEST_SOURCE; lpObject->toi_class = INFO_CLASS_PROTOCOL; lpObject->toi_type = INFO_TYPE_PROVIDER; lpObject->toi_entity.tei_entity = CL_NL_ENTITY; lpObject->toi_entity.tei_instance = 0;
KeInitializeEvent (&event, NotificationEvent, FALSE);
//
// Build and setup the IRP and call the driver
//
irp = IoBuildDeviceIoControlRequest ( IOCTL_TCP_QUERY_INFORMATION_EX, //Control
tcpDeviceObject, // Device
&trqiBuffer, // Input buffer
sizeof(trqiBuffer), // Input buffer size
&ipSource, // Output buffer
sizeof(ipSource), // Output buffer size
FALSE, // Internal ?
&event, // Event
&iosb // Status block
); if (irp==NULL) { IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpRoutingQuery: Could not allocate IRP.\n")); } status = STATUS_INSUFFICIENT_RESOURCES; goto complete; }
irpSp = IoGetNextIrpStackLocation (irp); irpSp->FileObject = tcpFileObject;
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpRoutingQuery: Quering for route to %lx.\n", ((PTDI_ADDRESS_IP)Dest->Address)->in_addr)); } status = IoCallDriver (tcpDeviceObject, irp);
if (status==STATUS_PENDING) { status = KeWaitForSingleObject( &event, Executive, KernelMode, FALSE, // Alertable
NULL); // Timeout
}
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpRoutingQuery: IP_GET_BEST_SOURCE - status: %lx.\n", status)); }
if (!NT_SUCCESS (status)) { goto complete; }
if (!NT_SUCCESS (iosb.Status)) { status = iosb.Status; goto complete; }
Intf->AddressType = TDI_ADDRESS_TYPE_IP; Intf->AddressLength = TDI_ADDRESS_LENGTH_IP; ((PTDI_ADDRESS_IP)Intf->Address)->in_addr = ipSource; ((PTDI_ADDRESS_IP)Intf->Address)->sin_port = 0; RtlFillMemory (((PTDI_ADDRESS_IP)Intf->Address)->sin_zero, sizeof (((PTDI_ADDRESS_IP)Intf->Address)->sin_zero), 0); IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpRoutingQuery: Found interface %lx.\n", ((PTDI_ADDRESS_IP)Intf->Address)->in_addr)); } status = STATUS_SUCCESS;
complete: ObDereferenceObject (tcpFileObject); ZwClose (tcpDeviceHandle);
return status;} // AfdTcpRoutingQuery
NTSTATUSAfdGetRoutingQueryReference ( PAFD_PROTOCOL Protocol )/*++
Routine Description:
Initializes routing query if necessary and references it
Arguments:
None
Return Value:
NTSTATUS -- Indicates whether operation succeded
--*/{
// KAPC_STATE apcState;
HANDLE DeviceHandle; PFILE_OBJECT FileObject; NTSTATUS status;
status = AfdOpenDevice (Protocol->NetworkLayerDeviceName, &DeviceHandle, &FileObject); if (NT_SUCCESS (status)) {
//
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion (); ExAcquireResourceExclusiveLite ( AfdResource, TRUE); if (Protocol->DeviceHandle==NULL) { Protocol->DeviceHandle = DeviceHandle; Protocol->FileObject = FileObject; ASSERT (Protocol->RoutingQueryRefCount==0); Protocol->RoutingQueryRefCount = 1; ExReleaseResourceLite( AfdResource ); KeLeaveCriticalRegion (); } else { ASSERT (Protocol->RoutingQueryRefCount>0); InterlockedIncrement (&Protocol->RoutingQueryRefCount);
ExReleaseResourceLite( AfdResource ); KeLeaveCriticalRegion ();
ObDereferenceObject (FileObject); status = ZwClose (DeviceHandle); ASSERT (status==STATUS_SUCCESS); } } else { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdGetRoutingQueryReference: Network layer device open failed, status: %lx.\n", status)); }
return status;} // AfdGetRoutingQueryReference
NTSTATUSAfdTcpQueueRoutingChangeRequest ( IN PAFD_ENDPOINT Endpoint, IN PIRP Irp, BOOLEAN Overlapped )/*++
Routine Description:
Submits routing change request to TCP
Arguments: Endpoint - endpoint on which request is issued
Irp - the request
Overlapped - whether request is overlapped (and thus should be pended event on non-blocking socket)
Return Value:
NTSTATUS -- Indicates whether operation succeded
--*/{ PTRANSPORT_ADDRESS destAddr; NTSTATUS status; PFILE_OBJECT fileObject; PDEVICE_OBJECT deviceObject; PIO_STACK_LOCATION irpSp; AFD_LOCK_QUEUE_HANDLE lockHandle; struct Notify { ROUTING_NOTIFY Ctx; char Data[1]; } * notify; PIRP irp; PIO_COMPLETION_ROUTINE compRoutine; PAFD_PROTOCOL Protocol;
//
// Set locals for easy cleanup.
//
notify = NULL; irp = NULL;
destAddr = Irp->AssociatedIrp.SystemBuffer;
Protocol = AfdGetProtocolInfo(destAddr->Address[0].AddressType); if (Protocol == NULL) { status = STATUS_INVALID_PARAMETER; goto complete; }
if (destAddr->Address[0].AddressLength < Protocol->AddressLength) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdTcpQueueRoutingChangeRequest: Destination buffer too small.\n")); status = STATUS_INVALID_PARAMETER; goto complete; }
//
// Allocate context structures to keep IRP in the endpoint list in
// case the latter gets closed and we need to cancel the IRP.
// Also allocate buffer for passing data to IP
//
try { notify = AFD_ALLOCATE_POOL_WITH_QUOTA (NonPagedPool, FIELD_OFFSET(struct Notify, Data[Protocol->RtChangeDataSize]), AFD_ROUTING_QUERY_POOL_TAG); // AFD_ALLOCATE_POOL_WITH_QUOTA macro sets POOL_RAISE_IF_ALLOCATION_FAILURE
} except (EXCEPTION_EXECUTE_HANDLER) { status = GetExceptionCode (); notify = NULL; goto complete; }
//
// Open IP driver if necessary
//
AfdAcquireSpinLock (&Endpoint->SpinLock, &lockHandle); //
// Check if endpoint was cleaned-up and cancel the request.
//
if (Endpoint->EndpointCleanedUp) {
AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle); status = STATUS_CANCELLED; goto complete;
}
if (Endpoint->RoutingQueryReferenced) {
//
// Since this endpoint already has a reference to the routing query
// protocol structure, we do not need to add another since we hold
// the endpoint spinlock and the only time the reference is
// decremented is at endpoint cleanup. Similarly, we should not
// decrement the reference in the error path.
//
if (((Protocol->AddressType == TDI_ADDRESS_TYPE_IP) && Endpoint->RoutingQueryIPv6) || ((Protocol->AddressType == TDI_ADDRESS_TYPE_IP6) && !Endpoint->RoutingQueryIPv6)) {
//
// Another thread referenced routing query for a different
// protocol family - we can't support both of the at the
// same time.
//
AfdReleaseSpinLock(&Endpoint->SpinLock, &lockHandle); status = STATUS_INVALID_PARAMETER; goto complete;
}
ASSERT(Protocol->DeviceHandle != NULL); ASSERT(Protocol->FileObject != NULL); ASSERT(Protocol->RoutingQueryRefCount > 0); } else {
AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle);
status = AfdGetRoutingQueryReference(Protocol); if (!NT_SUCCESS(status)) goto complete; ASSERT(Protocol->DeviceHandle != NULL);
AfdAcquireSpinLock(&Endpoint->SpinLock, &lockHandle);
if (Endpoint->EndpointCleanedUp) {
//
// Endpoint was cleaned-up while we were
// referencing routing query. Release the reference.
//
AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle); AfdDereferenceRoutingQuery(Protocol); status = STATUS_CANCELLED; goto complete;
}
if (Endpoint->RoutingQueryReferenced) {
//
// Another thread referenced routing query for this endpoint.
//
LONG result;
if ((Protocol->AddressType==TDI_ADDRESS_TYPE_IP && Endpoint->RoutingQueryIPv6) || (Protocol->AddressType==TDI_ADDRESS_TYPE_IP6 && !Endpoint->RoutingQueryIPv6)) {
//
// Another thread referenced routing query for a different
// protocol family - we can't support both of the at the
// same time.
//
AfdReleaseSpinLock(&Endpoint->SpinLock, &lockHandle); AfdDereferenceRoutingQuery(Protocol); status = STATUS_INVALID_PARAMETER; goto complete;
}
//
// Since we know that that other's thread reference cannot
// go away while we are holding spinlock, we can simply
// decrement the reference count and be sure that it
// won't go all the way to 0.
//
result = InterlockedDecrement(&Protocol->RoutingQueryRefCount); ASSERT(result > 0);
} else {
Endpoint->RoutingQueryReferenced = TRUE; if (Protocol->AddressType == TDI_ADDRESS_TYPE_IP6) Endpoint->RoutingQueryIPv6 = TRUE;
} // if (Endpoint->RoutingQueryReferenced)
} // if (Endpoint->RoutingQueryReferenced)
fileObject = Protocol->FileObject; deviceObject = IoGetRelatedDeviceObject(fileObject);
if (Endpoint->NonBlocking && !Overlapped) {
//
// For non-blocking socket and non-overlapped requests
// we shall post the query using new IRP,
// so even if thread in which rhe request
// is originated by user exits, our request to IP does not get
// cancelled and we will still signal the event.
//
irp = IoAllocateIrp (deviceObject->StackSize, TRUE); if (irp==NULL) { AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle); status = STATUS_INSUFFICIENT_RESOURCES; goto complete; }
//
// Save the endpoint reference in notify context.
//
REFERENCE_ENDPOINT (Endpoint); notify->Ctx.NotifyContext = Endpoint;
//
// Setup completion routine so we can remove the IRP
// from the endpoint list and free it.
//
compRoutine = AfdTcpSignalRoutingChange;
} else {
//
// Blocking endpoint: just pass the original request on to the IP
//
irp = Irp;
//
// Save the original system buffer of the IRP, so we can restore
// it when TCP completes it
//
notify->Ctx.NotifyContext = Irp->AssociatedIrp.SystemBuffer;
//
// Setup completion routine so we can restore the IRP and remove it
// from the endpoint list
//
compRoutine = AfdTcpRestartRoutingChange;
}
//
// Insert notification into the endpoint list
//
InsertTailList (&Endpoint->RoutingNotifications, ¬ify->Ctx.NotifyListLink);
AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle);
//
// Save pointer to IRP in notify structure
//
notify->Ctx.NotifyIrp = irp;
//
// Setup IP notification request
//
switch(Protocol->AddressType) { case TDI_ADDRESS_TYPE_IP: { IPNotifyData *data = (IPNotifyData *)notify->Data; data->Version = 0; data->Add = ((PTDI_ADDRESS_IP)destAddr->Address[0].Address)->in_addr; break; } case TDI_ADDRESS_TYPE_IP6: { IPV6_RTCHANGE_NOTIFY_REQUEST *data = (IPV6_RTCHANGE_NOTIFY_REQUEST *)notify->Data; data->Flags = 0; data->ScopeId = ((PTDI_ADDRESS_IP6)destAddr->Address[0].Address)->sin6_scope_id; if (RtlEqualMemory(((PTDI_ADDRESS_IP6)destAddr->Address[0].Address)->sin6_addr, ZeroString, 16)) { data->PrefixLength = 0; } else { data->PrefixLength = 128; } RtlCopyMemory( &data->Prefix, ((PTDI_ADDRESS_IP6)destAddr->Address[0].Address)->sin6_addr, 16); break; } default: __assume (0); }
//
// Setup IRP stack location to forward IRP to IP
// Must be METHOD_BUFFERED or we are not setting it up correctly
//
ASSERT ( (Protocol->RtChangeIoctl & 0x03)==METHOD_BUFFERED ); irp->AssociatedIrp.SystemBuffer = notify->Data;
irpSp = IoGetNextIrpStackLocation (irp); irpSp->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL; irpSp->MinorFunction = 0; irpSp->Flags = 0; irpSp->Control = 0; irpSp->FileObject = fileObject; irpSp->Parameters.DeviceIoControl.InputBufferLength = Protocol->RtChangeDataSize; irpSp->Parameters.DeviceIoControl.OutputBufferLength = 0; irpSp->Parameters.DeviceIoControl.IoControlCode = Protocol->RtChangeIoctl; irpSp->Parameters.DeviceIoControl.Type3InputBuffer = NULL; IoSetCompletionRoutine( irp, compRoutine, notify, TRUE, TRUE, TRUE );
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpQueueRoutingChangeRequest: Passing Irp %p to IP\n", irp)); }
if (irp==Irp) { //
// Just pass the request through to the driver and return what it
// returns
//
return AfdIoCallDriver (Endpoint, deviceObject, irp); }
IoCallDriver (deviceObject, irp);
status = STATUS_DEVICE_NOT_READY; // To be converted to WSAEWOULDBLOCK
notify = NULL; // So it doesn't get freed below.
//
// Error cases
//
complete: IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpQueueRoutingChangeRequest: completing with status: %lx\n", status)); } if (notify!=NULL) { AFD_FREE_POOL (notify, AFD_ROUTING_QUERY_POOL_TAG); }
Irp->IoStatus.Status = status; Irp->IoStatus.Information = 0;
IoCompleteRequest( Irp, AfdPriorityBoost );
return status;} //AfdTcpQueueRoutingChangeRequest
NTSTATUSAfdTcpRestartRoutingChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context )/*++
Routine Description:
Completion routing for routing change IRP forwarded to IP
Arguments: DeviceObject - must be our device object
Irp - the request to be completed
Context - completion context
Return Value:
NTSTATUS -- Indicates to the system what to do next with the IRP
--*/{ PROUTING_NOTIFY notifyCtx = Context; PAFD_ENDPOINT endpoint = IoGetCurrentIrpStackLocation (Irp)->FileObject->FsContext;
UNREFERENCED_PARAMETER (DeviceObject); ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) );
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpRestartRoutingChange: Irp: %p, status: %lx, info: %ld.\n", Irp, Irp->IoStatus.Status, Irp->IoStatus.Information)); }
//
// Check if IRP is still on the endpoint's list and remove if it is
//
if (InterlockedExchangePointer ((PVOID *)¬ifyCtx->NotifyIrp, NULL)!=NULL) { AFD_LOCK_QUEUE_HANDLE lockHandle; AfdAcquireSpinLock (&endpoint->SpinLock, &lockHandle); RemoveEntryList (¬ifyCtx->NotifyListLink); AfdIndicateEventSelectEvent (endpoint, AFD_POLL_ROUTING_IF_CHANGE, Irp->IoStatus.Status); AfdReleaseSpinLock( &endpoint->SpinLock, &lockHandle );
//
// Indicate event as the endpoint is still active
//
AfdIndicatePollEvent (endpoint, AFD_POLL_ROUTING_IF_CHANGE, Irp->IoStatus.Status); }
//
// If pending has be returned for this IRP then mark the current
// stack as pending.
//
if ( Irp->PendingReturned ) { IoMarkIrpPending( Irp ); }
//
// Restore the IRP to its previous glory and free allocated context structure
//
Irp->AssociatedIrp.SystemBuffer = notifyCtx->NotifyContext; AfdCompleteOutstandingIrp (endpoint, Irp);
AFD_FREE_POOL (notifyCtx, AFD_ROUTING_QUERY_POOL_TAG); return STATUS_SUCCESS;}
NTSTATUSAfdTcpSignalRoutingChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context )/*++
Routine Description:
Completion routing for routing change IRP submitted to IP
Arguments: DeviceObject - must be our device object
Irp - the request to be completed
Context - completion context
Return Value:
NTSTATUS -- Indicates to the system what to do next with the IRP
--*/{ PROUTING_NOTIFY notifyCtx = Context; PAFD_ENDPOINT endpoint = notifyCtx->NotifyContext;
UNREFERENCED_PARAMETER (DeviceObject); ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) );
IF_DEBUG (ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdTcpSignalRoutingChange: Irp: %p, status: %lx, info: %ld.\n", Irp, Irp->IoStatus.Status, Irp->IoStatus.Information)); }
//
// Check if IRP is still on the endpoint's list and remove if it is
//
if (InterlockedExchangePointer ((PVOID *)¬ifyCtx->NotifyIrp, NULL)!=NULL) { AFD_LOCK_QUEUE_HANDLE lockHandle;
AfdAcquireSpinLock (&endpoint->SpinLock, &lockHandle); RemoveEntryList (¬ifyCtx->NotifyListLink); AfdIndicateEventSelectEvent (endpoint, AFD_POLL_ROUTING_IF_CHANGE, Irp->IoStatus.Status); AfdReleaseSpinLock( &endpoint->SpinLock, &lockHandle );
//
// Indicate event as the endpoint is still active
//
AfdIndicatePollEvent (endpoint, AFD_POLL_ROUTING_IF_CHANGE, Irp->IoStatus.Status); }
//
// Release previously acquired endpoint reference
//
DEREFERENCE_ENDPOINT (endpoint);
//
// Free allocated irp and context structure
//
IoFreeIrp (Irp); AFD_FREE_POOL (notifyCtx, AFD_ROUTING_QUERY_POOL_TAG);
return STATUS_MORE_PROCESSING_REQUIRED;}
VOIDAfdCleanupRoutingChange ( PAFD_ENDPOINT Endpoint ){ AFD_LOCK_QUEUE_HANDLE lockHandle; KIRQL cancelIrql; USHORT addressType; PLIST_ENTRY listEntry; PAFD_PROTOCOL protocol; //
// If there are pending routing notifications on endpoint, cancel them.
// We must hold both cancel and endpoint spinlocks to make
// sure that IRP is not completed as we are cancelling it
//
IoAcquireCancelSpinLock( &cancelIrql ); AfdAcquireSpinLockAtDpcLevel( &Endpoint->SpinLock, &lockHandle );
//
// Can only have one cleanup call per endpoint
// So this should be set.
//
ASSERT (Endpoint->RoutingQueryReferenced); Endpoint->RoutingQueryReferenced = FALSE; if (Endpoint->RoutingQueryIPv6) { Endpoint->RoutingQueryIPv6 = FALSE; addressType = TDI_ADDRESS_TYPE_IP6; } else { addressType = TDI_ADDRESS_TYPE_IP; }
listEntry = Endpoint->RoutingNotifications.Flink; while (listEntry!=&Endpoint->RoutingNotifications) { PIRP notifyIrp; PROUTING_NOTIFY notifyCtx = CONTAINING_RECORD (listEntry, ROUTING_NOTIFY, NotifyListLink); listEntry = listEntry->Flink;
//
// Check if IRP has not been completed yet
//
notifyIrp = (PIRP)InterlockedExchangePointer ((PVOID *)¬ifyCtx->NotifyIrp, NULL); if (notifyIrp!=NULL) {
//
// Remove it from the list and call cancel routing while still
// holding cancel spinlock
//
RemoveEntryList (¬ifyCtx->NotifyListLink); AfdReleaseSpinLockFromDpcLevel ( &Endpoint->SpinLock, &lockHandle); notifyIrp->CancelIrql = cancelIrql; AfdCancelIrp (notifyIrp);
//
// Reacquire cancel and endpoint spinlocks
//
IoAcquireCancelSpinLock( &cancelIrql ); AfdAcquireSpinLockAtDpcLevel( &Endpoint->SpinLock, &lockHandle ); } }
AfdReleaseSpinLockFromDpcLevel ( &Endpoint->SpinLock, &lockHandle); IoReleaseCancelSpinLock( cancelIrql ); protocol = AfdGetProtocolInfo(addressType); ASSERT(protocol != NULL); AfdDereferenceRoutingQuery(protocol);
}
VOIDAfdCancelAddressListChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
BOOLEANAfdCleanupAddressListChange ( PAFD_ENDPOINT Endpoint, PAFD_REQUEST_CONTEXT RequestCtx );
NTSTATUSAfdInitializeAddressList (VOID);
VOIDAfdAddAddressHandler ( IN PTA_ADDRESS NetworkAddress, IN PUNICODE_STRING DeviceName, IN PTDI_PNP_CONTEXT Context );
VOIDAfdDelAddressHandler ( IN PTA_ADDRESS NetworkAddress, IN PUNICODE_STRING DeviceName, IN PTDI_PNP_CONTEXT Context );
VOIDAfdProcessAddressChangeList ( USHORT AddressType, PUNICODE_STRING DeviceName );
NTSTATUSAfdPnPPowerChange( IN PUNICODE_STRING DeviceName, IN PNET_PNP_EVENT PowerEvent, IN PTDI_PNP_CONTEXT Context1, IN PTDI_PNP_CONTEXT Context2 );
VOIDAfdReturnNicsPackets ( PVOID Pdo );
BOOLEANAfdHasHeldPacketsFromNic ( PAFD_CONNECTION Connection, PVOID Pdo );
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGE, AfdAddressListQuery )
#pragma alloc_text( PAGEAFD, AfdAddressListChange )
#pragma alloc_text( PAGEAFD, AfdCancelAddressListChange )
#pragma alloc_text( PAGE, AfdInitializeAddressList )
#pragma alloc_text( PAGE, AfdDeregisterPnPHandlers )
#pragma alloc_text( PAGE, AfdAddAddressHandler )
#pragma alloc_text( PAGE, AfdDelAddressHandler )
#pragma alloc_text( PAGEAFD, AfdProcessAddressChangeList )
#pragma alloc_text( PAGE, AfdPnPPowerChange )
#pragma alloc_text( PAGEAFD, AfdReturnNicsPackets )
#pragma alloc_text( PAGEAFD, AfdHasHeldPacketsFromNic )
#endif
//
// Cache the device being brought down as a result of
// removal or power down event, so we do not scan our endpoints
// unnecessarily when more than one transport propagates device down
// event for the same device to us.
//
PVOID AfdLastRemovedPdo = NULL;ULONGLONG AfdLastRemoveTime = 0i64;
NTSTATUSAfdAddressListQuery ( IN PFILE_OBJECT FileObject, IN ULONG IoctlCode, IN KPROCESSOR_MODE RequestorMode, IN PVOID InputBuffer, IN ULONG InputBufferLength, IN PVOID OutputBuffer, IN ULONG OutputBufferLength, OUT PULONG_PTR Information )/*++
Routine Description:
Processes address list query IRP
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/{ NTSTATUS status; PLIST_ENTRY listEntry; PTRANSPORT_ADDRESS addressList; PAFD_ENDPOINT endpoint; PUCHAR addressBuf; ULONG dataLen; PAFD_ADDRESS_ENTRY addressEntry; USHORT addressType;
UNREFERENCED_PARAMETER (IoctlCode); PAGED_CODE ();
*Information = 0; status = STATUS_SUCCESS;
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListQuery: Endp: %p, buf: %p, inlen: %ld, outlen: %ld.\n", FileObject->FsContext, OutputBuffer, InputBufferLength, OutputBufferLength)); }
//
// Validate input parameters
//
if( InputBufferLength < sizeof(USHORT) || OutputBufferLength < FIELD_OFFSET (TRANSPORT_ADDRESS, Address) ) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdAddressListQuery: Endp: %p - invalid parameter.\n", FileObject->FsContext)); return STATUS_INVALID_PARAMETER; }
endpoint = FileObject->FsContext; ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) );
try { if (RequestorMode!=KernelMode) { ProbeForReadSmallStructure (InputBuffer, sizeof (addressType), sizeof (USHORT)); ProbeForWrite (OutputBuffer, OutputBufferLength, sizeof (ULONG)); }
addressType = *((PUSHORT)InputBuffer);
addressList = OutputBuffer; addressBuf = (PUCHAR)OutputBuffer; dataLen = FIELD_OFFSET (TRANSPORT_ADDRESS, Address); addressList->TAAddressCount = 0; } except (AFD_EXCEPTION_FILTER (status)) { ASSERT (NT_ERROR (status)); return status; }
//
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion (); ExAcquireResourceSharedLite( AfdResource, TRUE );
//
// Setup address handlers with TDI if not already done
//
if (AfdBindingHandle==NULL) { ExReleaseResourceLite( AfdResource );
ExAcquireResourceExclusiveLite( AfdResource, TRUE );
if (AfdBindingHandle==NULL) { status = AfdInitializeAddressList (); if (!NT_SUCCESS (status)) { ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion (); return status; } } else status = STATUS_SUCCESS; ASSERT (AfdBindingHandle!=NULL); }
ExAcquireResourceSharedLite( AfdAddressListLock, TRUE ); ExReleaseResourceLite( AfdResource );
//
// Walk the address list and pick up the addresses of matching protocol
// family
//
listEntry = AfdAddressEntryList.Flink; while (listEntry!=&AfdAddressEntryList) { addressEntry = CONTAINING_RECORD (listEntry, AFD_ADDRESS_ENTRY, AddressListLink); listEntry = listEntry->Flink;
//
// Found a match ?
//
if ((addressEntry->Address.AddressType==addressType) //
// Special check for Netbios addresses because
// we have separate protocols for each lana/device
//
&& ((addressType!=TDI_ADDRESS_TYPE_NETBIOS) || endpoint->TransportInfo==NULL || RtlEqualUnicodeString ( &addressEntry->DeviceName, &endpoint->TransportInfo->TransportDeviceName, TRUE))) { ULONG addressLength = FIELD_OFFSET (TA_ADDRESS, Address[addressEntry->Address.AddressLength]); AFD_W4_INIT ASSERT (status==STATUS_SUCCESS || status==STATUS_BUFFER_OVERFLOW); try {
//
// Copy address to the output buffer if it is not full
//
if (status==STATUS_SUCCESS) { if (dataLen+addressLength<=OutputBufferLength) { RtlCopyMemory (&addressBuf[dataLen], &addressEntry->Address, addressLength); IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListQuery: Adding address of type: %d, length: %d.\n", addressEntry->Address.AddressType, addressEntry->Address.AddressLength)); } } else { //
// End of buffer reached. Set error code so we do not
// attempt to copy more data
//
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListQuery: Buffer is full.\n")); } status = STATUS_BUFFER_OVERFLOW; } }
//
// Count the addresses and total buffer length whether we copied
// them or not to the output buffer
//
addressList->TAAddressCount += 1; dataLen += addressLength; } except (AFD_EXCEPTION_FILTER (status)) { ASSERT (NT_ERROR (status)); dataLen = 0; break; } } } ExReleaseResourceLite (AfdAddressListLock); KeLeaveCriticalRegion ();
//
// Return total number of copied/required bytes in the buffer and status
//
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListQuery: Address count: %ld, total buffer size: %ld.\n", addressList->TAAddressCount, dataLen)); } *Information = dataLen;
return status;} //AfdAddressListQuery
//
// Context structure allocated for non-blocking address list change IOCTLs
//
typedef struct _AFD_NBCHANGE_CONTEXT { AFD_REQUEST_CONTEXT Context; // Context to keep track of request
AFD_ADDRESS_CHANGE Change; // Address change parameters
} AFD_NBCHANGE_CONTEXT, *PAFD_NBCHANGE_CONTEXT;
NTSTATUSFASTCALLAfdAddressListChange ( IN PIRP Irp, IN PIO_STACK_LOCATION IrpSp )/*++
Routine Description:
Processes address list change IRP
Arguments:
Irp - Pointer to I/O request packet.
IrpSp - pointer to the stack location to use for this request.
Return Value:
NTSTATUS -- Indicates whether the request was successfully queued.
--*/{ NTSTATUS status = STATUS_PENDING; USHORT addressType; PAFD_ADDRESS_CHANGE change; PAFD_REQUEST_CONTEXT requestCtx; PAFD_ENDPOINT endpoint; AFD_LOCK_QUEUE_HANDLE addressLockHandle, endpointLockHandle; KIRQL oldIrql; BOOLEAN overlapped; AFD_TRANSPORT_IOCTL_INFO ioctlInfo;
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListChange: Endp: %p, buf: %p, inlen: %ld, outlen: %ld.\n", IrpSp->FileObject->FsContext, Irp->AssociatedIrp.SystemBuffer, IrpSp->Parameters.DeviceIoControl.InputBufferLength, IrpSp->Parameters.DeviceIoControl.OutputBufferLength)); }
endpoint = IrpSp->FileObject->FsContext; ASSERT( IS_AFD_ENDPOINT_TYPE( endpoint ) );
//
// Validate input parameters
//
#ifdef _WIN64
if (IoIs32bitProcess (Irp)) { PAFD_TRANSPORT_IOCTL_INFO32 ioctlInfo32; ioctlInfo32 = Irp->AssociatedIrp.SystemBuffer; if (IrpSp->Parameters.DeviceIoControl.InputBufferLength<sizeof (*ioctlInfo32)) { status = STATUS_INVALID_PARAMETER; goto complete; } ioctlInfo.Handle = ioctlInfo32->Handle; ioctlInfo.InputBuffer = UlongToPtr(ioctlInfo32->InputBuffer); ioctlInfo.InputBufferLength = ioctlInfo32->InputBufferLength; ioctlInfo.IoControlCode = ioctlInfo32->IoControlCode; ioctlInfo.AfdFlags = ioctlInfo32->AfdFlags; ioctlInfo.PollEvent = ioctlInfo32->PollEvent; } else#endif // _WIN64
{
if (IrpSp->Parameters.DeviceIoControl.InputBufferLength<sizeof (ioctlInfo)) { status = STATUS_INVALID_PARAMETER; goto complete; }
//
// Just copy the buffer verified by the IO system
//
ioctlInfo = *((PAFD_TRANSPORT_IOCTL_INFO) Irp->AssociatedIrp.SystemBuffer); }
if( ioctlInfo.InputBufferLength < sizeof(USHORT)) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdAddressListChange: Endp: %p - invalid parameter.\n", IrpSp->FileObject->FsContext)); status = STATUS_INVALID_PARAMETER; goto complete; }
try { if (Irp->RequestorMode != KernelMode) { ProbeForRead( ioctlInfo.InputBuffer, ioctlInfo.InputBufferLength, sizeof (USHORT) ); }
addressType = *((PUSHORT)ioctlInfo.InputBuffer); } except( AFD_EXCEPTION_FILTER (status) ) { ASSERT (NT_ERROR (status)); goto complete; }
//
// Check if request is overlapped
//
overlapped = (BOOLEAN)((ioctlInfo.AfdFlags & AFD_OVERLAPPED)!=0);
//
// Reset the poll bit
//
endpoint->EventsActive &= ~AFD_POLL_ADDRESS_LIST_CHANGE;
//
// Setup address handlers with TDI if not already done
//
if (AfdBindingHandle==NULL) { //
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion (); ExAcquireResourceExclusiveLite( AfdResource, TRUE );
if (AfdBindingHandle==NULL) status = AfdInitializeAddressList (); else status = STATUS_SUCCESS;
ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion ();
if (!NT_SUCCESS (status)) { goto complete; } }
//
// Setup locals
//
if (endpoint->NonBlocking && !overlapped) { PAFD_NBCHANGE_CONTEXT nbCtx; //
// If endpoint is non-blocking and request is not overlapped,
// we'll have to complete it right away and remeber that we
// need to set event when address list changes
//
//
// Allocate context to keep track of this request
//
try { nbCtx = AFD_ALLOCATE_POOL_WITH_QUOTA (NonPagedPool, sizeof(AFD_NBCHANGE_CONTEXT), AFD_ADDRESS_CHANGE_POOL_TAG); // AFD_ALLOCATE_POOL_WITH_QUOTA macro sets POOL_RAISE_IF_ALLOCATION_FAILURE
} except (AFD_EXCEPTION_FILTER (status)) { ASSERT (NT_ERROR (status)); nbCtx = NULL; IF_DEBUG(ROUTING_QUERY) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListChange: Endp: %p - can't allocate change strucure.\n", IrpSp->FileObject->FsContext)); } goto complete; }
requestCtx = &nbCtx->Context; change = &nbCtx->Change;
change->Endpoint = endpoint; change->NonBlocking = TRUE; status = STATUS_DEVICE_NOT_READY; } else {
C_ASSERT (sizeof (IrpSp->Parameters.Others)>=sizeof (*requestCtx)); C_ASSERT (sizeof (Irp->Tail.Overlay.DriverContext)>=sizeof (*change));
requestCtx = (PAFD_REQUEST_CONTEXT)&IrpSp->Parameters.Others;
change = (PAFD_ADDRESS_CHANGE)Irp->Tail.Overlay.DriverContext; change->NonBlocking = FALSE; change->Irp = Irp;
}
//
// Remeber the endpoint and address type for the request
//
change->AddressType = addressType; requestCtx->CleanupRoutine = AfdCleanupAddressListChange; requestCtx->Context = change;
//
// Insert change notification into the list
//
KeRaiseIrql (DISPATCH_LEVEL, &oldIrql); AfdAcquireSpinLockAtDpcLevel (&AfdAddressChangeLock, &addressLockHandle);
//
// While holding the address change spinlock acquire endpoint
// spinlock so if notification occurs, neither structure can
// be deallocated or IRP completed while we are queuing
// it to endpoint list
//
AfdAcquireSpinLockAtDpcLevel (&endpoint->SpinLock, &endpointLockHandle);
//
// Check if endpoint was cleaned-up and cancel the request.
//
if (endpoint->EndpointCleanedUp) { AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &endpointLockHandle); AfdReleaseSpinLockFromDpcLevel (&AfdAddressChangeLock, &addressLockHandle); KeLowerIrql (oldIrql);
if (change->NonBlocking) { AFD_FREE_POOL (CONTAINING_RECORD ( requestCtx, AFD_NBCHANGE_CONTEXT, Context), AFD_ADDRESS_CHANGE_POOL_TAG); }
status = STATUS_CANCELLED; goto complete; }
//
// If request is non-blocking, check if we have another non-blocking
// request on the same endpoint. If so, we do not need to have
// two request structures in the list waiting to signal.
//
if (change->NonBlocking) { PLIST_ENTRY listEntry = endpoint->RequestList.Flink; while (listEntry!=&endpoint->RequestList) { PAFD_REQUEST_CONTEXT req = CONTAINING_RECORD ( listEntry, AFD_REQUEST_CONTEXT, EndpointListLink); listEntry = listEntry->Flink; if (req->CleanupRoutine==AfdCleanupAddressListChange) { PAFD_ADDRESS_CHANGE chg = req->Context; if (chg->NonBlocking) { AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &endpointLockHandle); AfdReleaseSpinLockFromDpcLevel (&AfdAddressChangeLock, &addressLockHandle); KeLowerIrql (oldIrql); AFD_FREE_POOL (CONTAINING_RECORD ( requestCtx, AFD_NBCHANGE_CONTEXT, Context), AFD_ADDRESS_CHANGE_POOL_TAG); KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL, "AfdAddressListChange: Endp: %p - non-blocking request already pending.\n", IrpSp->FileObject->FsContext)); ASSERT (status == STATUS_DEVICE_NOT_READY); goto complete; } } } }
InsertTailList (&AfdAddressChangeList, &change->ChangeListLink); AfdReleaseSpinLockFromDpcLevel (&AfdAddressChangeLock, &addressLockHandle); InsertTailList (&endpoint->RequestList, &requestCtx->EndpointListLink); if (!change->NonBlocking) {
//
// Set cancel routine
//
IoSetCancelRoutine( Irp, AfdCancelAddressListChange ); if ( !Irp->Cancel || IoSetCancelRoutine( Irp, NULL ) == NULL) { IoMarkIrpPending (Irp); //
// Either there was no cancel or cancel routine has
// been invoked already
//
AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &endpointLockHandle); KeLowerIrql (oldIrql);
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListChange: Queued change IRP: %p on endp: %p .\n", Irp, endpoint)); }
return STATUS_PENDING; } else { RemoveEntryList (&requestCtx->EndpointListLink); AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &endpointLockHandle); KeLowerIrql (oldIrql); goto complete; } } else { ASSERT (status==STATUS_DEVICE_NOT_READY); } AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &endpointLockHandle); KeLowerIrql (oldIrql);
complete:
Irp->IoStatus.Status = status; Irp->IoStatus.Information = 0;
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddressListChange: Completing IRP: %ld on endp: %p with status: %lx .\n", Irp, IrpSp->FileObject->FsContext, status)); } IoCompleteRequest( Irp, 0 );
return status;}
VOIDAfdCancelAddressListChange ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp )/*++
Routine Description:
Cancel routine for pending address list change IRP
Arguments: DeviceObject - must be our device object
Irp - the request to be cancelled
Return Value:
None
--*/{ AFD_LOCK_QUEUE_HANDLE lockHandle; PAFD_ADDRESS_CHANGE change; PAFD_REQUEST_CONTEXT requestCtx; PAFD_ENDPOINT endpoint; PIO_STACK_LOCATION irpSp;
UNREFERENCED_PARAMETER (DeviceObject); //
// We do not use cancel spinlock to manage address list queue, so
// we can release it right away
//
IoReleaseCancelSpinLock( Irp->CancelIrql );
//
// Get the request context and remove it from the queue if not
// already removed.
//
irpSp = IoGetCurrentIrpStackLocation (Irp); endpoint = irpSp->FileObject->FsContext; ASSERT (IS_AFD_ENDPOINT_TYPE (endpoint));
requestCtx = (PAFD_REQUEST_CONTEXT)&irpSp->Parameters.DeviceIoControl; change = requestCtx->Context; ASSERT (change==(PAFD_ADDRESS_CHANGE)Irp->Tail.Overlay.DriverContext); ASSERT (change->NonBlocking==FALSE);
AfdAcquireSpinLock (&AfdAddressChangeLock, &lockHandle); if (change->ChangeListLink.Flink!=NULL) { RemoveEntryList (&change->ChangeListLink); change->ChangeListLink.Flink = NULL; } AfdReleaseSpinLock (&AfdAddressChangeLock, &lockHandle);
AfdAcquireSpinLock (&endpoint->SpinLock, &lockHandle); if (AfdIsRequestInQueue (requestCtx)) { //
// Context is still in the list, just remove it so
// noone can see it anymore and complete the IRP
//
RemoveEntryList (&requestCtx->EndpointListLink); } else if (!AfdIsRequestCompleted (requestCtx)) { //
// During endpoint cleanup, this context was removed from the
// list and cleanup routine is about to be called, don't
// free this IRP until cleanup routine is called
// Also, indicate to the cleanup routine that we are done
// with this IRP and it can free it.
//
AfdMarkRequestCompleted (requestCtx); AfdReleaseSpinLock (&endpoint->SpinLock, &lockHandle); return; }
AfdReleaseSpinLock (&endpoint->SpinLock, &lockHandle);
Irp->IoStatus.Status = STATUS_CANCELLED; Irp->IoStatus.Information = 0; IoCompleteRequest (Irp, IO_NO_INCREMENT);
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdCancelAddressListChange: Cancelled IRP: %p on endp: %p .\n", Irp, endpoint)); }}
BOOLEANAfdCleanupAddressListChange ( PAFD_ENDPOINT Endpoint, PAFD_REQUEST_CONTEXT RequestCtx ){ AFD_LOCK_QUEUE_HANDLE lockHandle; PAFD_ADDRESS_CHANGE change;
change = RequestCtx->Context;
//
// In no case IRP and request structure
// could have been freed until we mark it as completed as
// the caller of this routine should have marked the request
// as being cancelled
//
ASSERT (RequestCtx->EndpointListLink.Flink==NULL);
AfdAcquireSpinLock (&AfdAddressChangeLock, &lockHandle); if (change->ChangeListLink.Flink!=NULL) { RemoveEntryList (&change->ChangeListLink); change->ChangeListLink.Flink = NULL; } AfdReleaseSpinLock (&AfdAddressChangeLock, &lockHandle);
AfdAcquireSpinLock (&Endpoint->SpinLock, &lockHandle); //
// The processing routine has either already initiated completion
// of this request and marked it as completed what it saw that the request is
// no longer on the endpoint queue, or the processing routine will
// never see the request since we removed it from the processing list.
// However, it is possible that blocking request is being cancelled in another
// thread as we cleaning up, so we need to sync with the cancel routine.
//
if (AfdIsRequestCompleted (RequestCtx) || change->NonBlocking || IoSetCancelRoutine (change->Irp, NULL)!=NULL) { AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle); if (change->NonBlocking) { ASSERT (CONTAINING_RECORD (RequestCtx, AFD_NBCHANGE_CONTEXT, Context) ==CONTAINING_RECORD (change, AFD_NBCHANGE_CONTEXT, Change)); ASSERT (Endpoint == change->Endpoint); AFD_FREE_POOL (CONTAINING_RECORD (RequestCtx, AFD_NBCHANGE_CONTEXT, Context), AFD_ADDRESS_CHANGE_POOL_TAG); } else { PIRP irp = change->Irp; ASSERT (change==(PAFD_ADDRESS_CHANGE)irp->Tail.Overlay.DriverContext); ASSERT (Endpoint == IoGetCurrentIrpStackLocation (irp)->FileObject->FsContext); ASSERT (RequestCtx == (PAFD_REQUEST_CONTEXT) &IoGetCurrentIrpStackLocation (irp)->Parameters.DeviceIoControl); irp->IoStatus.Status = STATUS_CANCELLED; irp->IoStatus.Information = 0; IoCompleteRequest (irp, IO_NO_INCREMENT); } return TRUE; } else {
//
// AFD has not completed the request before returning
// from cancel routine, mark the request to indicate
// that we are done with it and cancel routine
// can free it
//
AfdMarkRequestCompleted (RequestCtx); AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle);
return FALSE; }
}
NTSTATUSAfdInitializeAddressList (VOID)/*++
Routine Description:
Register address handler routinges with TDI
Arguments: None
Return Value:
NTSTATUS -- Indicates whether registration succeded
--*/
{ NTSTATUS status; TDI_CLIENT_INTERFACE_INFO info; UNICODE_STRING afdName; PAGED_CODE ();
//
// Do basic initialization if we haven't done this before.
//
if (AfdAddressListLock == NULL) {
//
// Initialize spinlock that protects address change list.
//
AfdInitializeSpinLock(&AfdAddressChangeLock);
//
// Allocate and initialize resource that protects address list
//
AfdAddressListLock = AFD_ALLOCATE_POOL_PRIORITY( NonPagedPool, sizeof(*AfdAddressListLock), AFD_RESOURCE_POOL_TAG, HighPoolPriority );
if (AfdAddressListLock == NULL) return (STATUS_INSUFFICIENT_RESOURCES);
ExInitializeResourceLite(AfdAddressListLock);
//
// Initialize our lists
//
InitializeListHead(&AfdAddressEntryList); InitializeListHead(&AfdAddressChangeList);
}
if (AfdTdiPnPHandlerLock == NULL) {
AfdTdiPnPHandlerLock = AFD_ALLOCATE_POOL_PRIORITY( NonPagedPool, sizeof(*AfdTdiPnPHandlerLock), AFD_RESOURCE_POOL_TAG, HighPoolPriority );
if (AfdTdiPnPHandlerLock == NULL) return (STATUS_INSUFFICIENT_RESOURCES);
ExInitializeResourceLite(AfdTdiPnPHandlerLock);
}
//
// Setup the TDI request structure
//
RtlZeroMemory (&info, sizeof (info)); RtlInitUnicodeString(&afdName, L"AFD");#ifdef TDI_CURRENT_VERSION
info.TdiVersion = TDI_CURRENT_VERSION;#else
info.MajorTdiVersion = 2; info.MinorTdiVersion = 0;#endif
info.Unused = 0; info.ClientName = &afdName; info.BindingHandler = NULL; info.AddAddressHandlerV2 = AfdAddAddressHandler; info.DelAddressHandlerV2 = AfdDelAddressHandler; info.PnPPowerHandler = AfdPnPPowerChange;
//
// Register handlers with TDI.
// Note, it should be safe to hold AfdResource while registering
// with TDI as it won't have any reason to callback into us.
// However, we need AfdTdiPnPHandlerLock to protect AfdBindingHandle
// between registering and deregistering as we can't hold AfdResource
// while deregistering handlers with TDI because it can callback
// into us and deadlock.
//
ExAcquireResourceExclusiveLite(AfdTdiPnPHandlerLock, TRUE); status = TdiRegisterPnPHandlers(&info, sizeof(info), &AfdBindingHandle); ExReleaseResourceLite(AfdTdiPnPHandlerLock);
if (!NT_SUCCESS (status)) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_ERROR_LEVEL, "AfdInitializeAddressList: Failed to register PnP handlers: %lx .\n", status)); return status; }
return STATUS_SUCCESS;}
VOIDAfdDeregisterPnPHandlers ( PVOID Param ){
UNREFERENCED_PARAMETER(Param); ASSERT(AfdAddressListLock == NULL || ExIsResourceAcquiredSharedLite(AfdAddressListLock) == 0 || ExIsResourceAcquiredExclusiveLite(AfdAddressListLock));
KeEnterCriticalRegion(); ExAcquireResourceExclusiveLite(AfdResource, TRUE);
//
// Free address list and associated structures
//
if (AfdBindingHandle) {
HANDLE bindingHandle; ASSERT(AfdTdiPnPHandlerLock != NULL); ExAcquireResourceExclusiveLite(AfdTdiPnPHandlerLock, TRUE);
bindingHandle = AfdBindingHandle; AfdBindingHandle = NULL;
ExReleaseResourceLite(AfdResource);
TdiDeregisterPnPHandlers(bindingHandle);
ExReleaseResourceLite(AfdTdiPnPHandlerLock);
//
// RACE CONDITION!
//
ExAcquireResourceExclusiveLite(AfdResource, TRUE); ASSERT(AfdAddressListLock != NULL); ExAcquireResourceExclusiveLite(AfdAddressListLock, TRUE);
while (!IsListEmpty(&AfdAddressEntryList)) {
PAFD_ADDRESS_ENTRY addressEntry; PLIST_ENTRY listEntry;
listEntry = RemoveHeadList(&AfdAddressEntryList); addressEntry = CONTAINING_RECORD( listEntry, AFD_ADDRESS_ENTRY, AddressListLink );
AFD_FREE_POOL( addressEntry, AFD_TRANSPORT_ADDRESS_POOL_TAG );
}
//
// Don't call if endpoint list is empty, since the driver
// may be paged out. There should be no-one to notify anyway
// if there are no sockets there.
//
if (!IsListEmpty (&AfdEndpointListHead)) { //
// Call routine to notify all the clients
//
ASSERT(!IsListEmpty(&AfdTransportInfoListHead)); ASSERT(AfdLoaded);
AfdProcessAddressChangeList(TDI_ADDRESS_TYPE_UNSPEC, NULL);
}
ExReleaseResourceLite(AfdAddressListLock);
}
ExReleaseResourceLite(AfdResource); KeLeaveCriticalRegion();
}
VOIDAfdAddAddressHandler ( IN PTA_ADDRESS NetworkAddress, IN PUNICODE_STRING DeviceName, IN PTDI_PNP_CONTEXT Context )/*++
Routine Description:
TDI add address handler
Arguments: NetworkAddress - new network address available on the system
Context1 - name of the device to which address belongs
Context2 - PDO to which address belongs
Return Value:
None
--*/{ PAFD_ADDRESS_ENTRY addrEntry; PAGED_CODE ();
UNREFERENCED_PARAMETER (Context); //
// Clear the cached last removed PDO when we get address add notification
// since PDO can now be reused for something else.
//
AfdLastRemovedPdo = NULL;
if (DeviceName==NULL) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_ERROR_LEVEL, "AfdAddAddressHandler: " "NO DEVICE NAME SUPPLIED when adding address of type %d., IGNORING IT!!!\n", NetworkAddress->AddressType)); return; }
//
// Allocate memory to keep address in our list
// Note since the address information usually gets
// populated during boot and not used right away, we
// make it a "cold" allocation. The flag has no effect
// after system is booted.
//
addrEntry = AFD_ALLOCATE_POOL_PRIORITY (PagedPool|POOL_COLD_ALLOCATION, ALIGN_UP(FIELD_OFFSET (AFD_ADDRESS_ENTRY, Address.Address[NetworkAddress->AddressLength]), WCHAR) +DeviceName->MaximumLength, AFD_TRANSPORT_ADDRESS_POOL_TAG, HighPoolPriority);
if (addrEntry!=NULL) {
//
// Insert new address in the list
//
RtlCopyMemory (&addrEntry->Address, NetworkAddress, FIELD_OFFSET (TA_ADDRESS, Address[NetworkAddress->AddressLength]));
addrEntry->DeviceName.MaximumLength = DeviceName->MaximumLength; addrEntry->DeviceName.Buffer = ALIGN_UP_POINTER(&addrEntry->Address.Address[NetworkAddress->AddressLength], WCHAR); RtlCopyUnicodeString (&addrEntry->DeviceName, DeviceName);
//
// We shouldn't be calling into TDI while having resource
// acquired in shared mode because it can cause a deadloclk
// rigth here as TDI reenters us and we need to acquire the
// resource exclusive
//
ASSERT ( ExIsResourceAcquiredSharedLite ( AfdAddressListLock )==0 || ExIsResourceAcquiredExclusiveLite( AfdAddressListLock ));
//
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion ();
//
// Acquire AfdResource since we will be checking if there are endpoints in
// the list to decide whether to call non-pageable routine.
//
ExAcquireResourceSharedLite (AfdResource, TRUE); ExAcquireResourceExclusiveLite( AfdAddressListLock, TRUE );
InsertTailList (&AfdAddressEntryList, &addrEntry->AddressListLink);
//
// Don't call if endpoint list is empty, since the driver
// may be paged out. There should be no-one to notify anyway
// if there are no sockets there.
//
if (!IsListEmpty (&AfdEndpointListHead)) { //
// Call routine to notify all the clietns
//
ASSERT (!IsListEmpty (&AfdTransportInfoListHead)); ASSERT (AfdLoaded);
AfdProcessAddressChangeList (NetworkAddress->AddressType, DeviceName); }
ExReleaseResourceLite (AfdAddressListLock); ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion (); } else { //
// Failed allocation - queue work item to deregister PnP
// handlers and notify all apps.
// When apps come back will re-register and our list will
// get re-populated, or we'll fail the app's call(s);
//
AfdQueueWorkItem (&AfdDeregisterPnPHandlers, &AfdPnPDeregisterWorker); }
IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdAddAddressHandler: Type: %d, length: %d, device: %*ls .\n", NetworkAddress->AddressType, NetworkAddress->AddressLength, DeviceName->Length/2, DeviceName->Buffer)); }}
VOIDAfdDelAddressHandler ( IN PTA_ADDRESS NetworkAddress, IN PUNICODE_STRING DeviceName, IN PTDI_PNP_CONTEXT Context )/*++
Routine Description:
TDI delete address handler
Arguments: NetworkAddress - network address that is no longer available on the system
Context1 - name of the device to which address belongs
Context2 - PDO to which address belongs
Return Value:
None
--*/{ PAFD_ADDRESS_ENTRY addrEntry; PLIST_ENTRY listEntry;
UNREFERENCED_PARAMETER (Context); PAGED_CODE ();
if (DeviceName==NULL) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_ERROR_LEVEL, "AfdDelAddressHandler: " "NO DEVICE NAME SUPPLIED when deleting address of type %d.\n", NetworkAddress->AddressType)); return; }
//
// We shouldn't be calling into TDI while having resource
// acquired in shared mode because it can cause a deadloclk
// rigth here as TDI reenters us and we need to acquire the
// resource exclusive
//
ASSERT ( ExIsResourceAcquiredSharedLite ( AfdAddressListLock )==0 || ExIsResourceAcquiredExclusiveLite( AfdAddressListLock )); //
// Find address in our list
//
//
// Make sure the thread in which we execute cannot get
// suspeneded in APC while we own the global resource.
//
KeEnterCriticalRegion (); //
// Acquire AfdResource since we will be checking if there are endpoints in
// the list to decide whether to call non-pageable routine.
//
ExAcquireResourceSharedLite (AfdResource, TRUE); ExAcquireResourceExclusiveLite( AfdAddressListLock, TRUE ); listEntry = AfdAddressEntryList.Flink; while (listEntry!=&AfdAddressEntryList) { addrEntry = CONTAINING_RECORD (listEntry, AFD_ADDRESS_ENTRY, AddressListLink); listEntry = listEntry->Flink; if (RtlEqualMemory (&addrEntry->Address, NetworkAddress, FIELD_OFFSET (TA_ADDRESS, Address[NetworkAddress->AddressLength])) && RtlEqualUnicodeString (&addrEntry->DeviceName, DeviceName, TRUE)) {
//
// Remove it and notify the clients
//
RemoveEntryList (&addrEntry->AddressListLink); //
// Don't call if endpoint list is empty, since the driver
// may be paged out. There should be no-one to notify anyway
// if there are no sockets there.
//
if (!IsListEmpty (&AfdEndpointListHead)) {
ASSERT (!IsListEmpty (&AfdTransportInfoListHead)); ASSERT (AfdLoaded);
AfdProcessAddressChangeList (NetworkAddress->AddressType, DeviceName); }
ExReleaseResourceLite (AfdAddressListLock); ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion (); AFD_FREE_POOL (addrEntry, AFD_TRANSPORT_ADDRESS_POOL_TAG); IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdDelAddressHandler: Type: %d, length: %d, device: %*ls .\n", NetworkAddress->AddressType, NetworkAddress->AddressLength, DeviceName->Length/2, DeviceName->Buffer)); } return; } } ExReleaseResourceLite (AfdAddressListLock); ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion (); ASSERT (!"AfdDelAddressHandler: Could not find matching entry");}
VOIDAfdProcessAddressChangeList ( USHORT AddressType, PUNICODE_STRING DeviceName )/*++
Routine Description:
Notifuis all interested clients of address arrival/deletion
Arguments: AddressType - type of the address that arrived/ was deleted
DeviceName - name of the device to which address belongs
Return Value:
None
--*/{ AFD_LOCK_QUEUE_HANDLE lockHandle; PLIST_ENTRY listEntry; LIST_ENTRY completedChangeList; PAFD_ADDRESS_CHANGE change; PAFD_REQUEST_CONTEXT requestCtx; PIRP irp; PIO_STACK_LOCATION irpSp; PAFD_ENDPOINT endpoint; PAFD_TRANSPORT_INFO transportInfo;
// ASSERT ((AddressType!=TDI_ADDRESS_TYPE_NETBIOS) || (DeviceName!=NULL));
//
// Special check for Netbios addresses because
// we have separate protocols for each lana/device
//
transportInfo = NULL; if ((AddressType==TDI_ADDRESS_TYPE_NETBIOS) && (DeviceName!=NULL)) { BOOLEAN found = FALSE; for ( listEntry = AfdTransportInfoListHead.Flink; listEntry != &AfdTransportInfoListHead; listEntry = listEntry->Flink ) { transportInfo = CONTAINING_RECORD( listEntry, AFD_TRANSPORT_INFO, TransportInfoListEntry ); if (RtlEqualUnicodeString ( DeviceName, &transportInfo->TransportDeviceName, TRUE)) { found = TRUE; break; } } if (!found) return; }
//
// Create local list to process notifications after spinlock is released
//
InitializeListHead (&completedChangeList);
//
// Walk the list and move matching notifications to the local list
//
AfdAcquireSpinLock (&AfdAddressChangeLock, &lockHandle); listEntry = AfdAddressChangeList.Flink; while (listEntry!=&AfdAddressChangeList) { change = CONTAINING_RECORD (listEntry, AFD_ADDRESS_CHANGE, ChangeListLink); if (change->NonBlocking) { endpoint = change->Endpoint; requestCtx = &CONTAINING_RECORD (change, AFD_NBCHANGE_CONTEXT, Change)->Context; AFD_W4_INIT irp = NULL; ASSERT (requestCtx->Context==change); } else { irp = change->Irp; irpSp = IoGetCurrentIrpStackLocation (irp); requestCtx = (PAFD_REQUEST_CONTEXT)&irpSp->Parameters.DeviceIoControl; endpoint = irpSp->FileObject->FsContext; ASSERT (change==(PAFD_ADDRESS_CHANGE)irp->Tail.Overlay.DriverContext); }
listEntry = listEntry->Flink; if (((change->AddressType==AddressType) || (AddressType==TDI_ADDRESS_TYPE_UNSPEC)) //
// Special check for Netbios addresses because
// we have separate protocols for each lana/device
//
&& ((transportInfo==NULL) || (transportInfo==endpoint->TransportInfo)) ) { AFD_LOCK_QUEUE_HANDLE lockHandle2;
RemoveEntryList (&change->ChangeListLink); change->ChangeListLink.Flink = NULL; //
// If request is already canceled, let cancel routine complete it
//
if (!change->NonBlocking && IoSetCancelRoutine (irp, NULL)==NULL) { continue; }
AfdAcquireSpinLockAtDpcLevel (&endpoint->SpinLock, &lockHandle2); if (AfdIsRequestInQueue (requestCtx)) { //
// Context is still in the list, just remove it so
// no-one can see it anymore and complete
//
RemoveEntryList (&requestCtx->EndpointListLink); InsertTailList (&completedChangeList, &change->ChangeListLink); if (change->NonBlocking) { AfdIndicateEventSelectEvent (change->Endpoint, AFD_POLL_ADDRESS_LIST_CHANGE, STATUS_SUCCESS); } } else if (!AfdIsRequestCompleted (requestCtx)) { //
// During endpoint cleanup, this context was removed from the
// list and cleanup routine is about to be called, don't
// free this IRP until cleanup routine is called
// Also, indicate to the cleanup routine that we are done
// with this IRP and it can free it.
//
AfdMarkRequestCompleted (requestCtx); }
AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &lockHandle2); } } AfdReleaseSpinLock (&AfdAddressChangeLock, &lockHandle);
//
// Signal interested clients and complete IRPs as necessary
//
while (!IsListEmpty (&completedChangeList)) { listEntry = RemoveHeadList (&completedChangeList); change = CONTAINING_RECORD (listEntry, AFD_ADDRESS_CHANGE, ChangeListLink); if (change->NonBlocking) { IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdProcessAddressChangeList: Signalling address list change on endpoint %p .\n", change->Endpoint)); } AfdIndicatePollEvent (change->Endpoint, AFD_POLL_ADDRESS_LIST_CHANGE, STATUS_SUCCESS); AFD_FREE_POOL (CONTAINING_RECORD (change, AFD_NBCHANGE_CONTEXT, Change), AFD_ADDRESS_CHANGE_POOL_TAG); } else { irp = change->Irp; irp->IoStatus.Status = STATUS_SUCCESS; irp->IoStatus.Information = 0; IF_DEBUG (ADDRESS_LIST) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL, "AfdProcessAddressChangeList: Completing change IRP: %p with status: 0 .\n", irp)); } IoCompleteRequest (irp, AfdPriorityBoost); } }}
BOOLEANAfdHasHeldPacketsFromNic ( PAFD_CONNECTION Connection, PVOID Pdo ){ PLIST_ENTRY le; //
// Scan the list of buffers and check with TDI/NDIS
// if packet belongs to a given card
//
if (!IsListEmpty( &Connection->VcReceiveBufferListHead ) ) { le = Connection->VcReceiveBufferListHead.Flink; while ( le!=&Connection->VcReceiveBufferListHead ) { PAFD_BUFFER afdBuffer; afdBuffer = CONTAINING_RECORD( le, AFD_BUFFER, BufferListEntry ); if ((afdBuffer->BufferLength==AfdBufferTagSize) && afdBuffer->NdisPacket && TdiMatchPdoWithChainedReceiveContext (afdBuffer->Context, Pdo)) { KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_WARNING_LEVEL, "AFD: Aborting connection %p due to held packet %p at power down on nic %p\n", Connection, afdBuffer->Context, Pdo)); return TRUE; } le = le->Flink; } } return FALSE;}
VOIDAfdReturnNicsPackets ( PVOID Pdo ){ KIRQL oldIrql; AFD_LOCK_QUEUE_HANDLE lockHandle; PLIST_ENTRY listEntry, le; LIST_ENTRY connList;
//
// Don't scan twice for the same PDO if this event
// is less than 3 sec apart from previous.
// Several transports bound to the same NIC may indicate
// the set power event to us
//
if ((AfdLastRemovedPdo!=Pdo) || ((KeQueryInterruptTime()-AfdLastRemoveTime)>30000000i64)) {
//
// Scan the list of endpoints and find packets
// that belong to the NIC.
//
KeEnterCriticalRegion (); ExAcquireResourceExclusiveLite (AfdResource, TRUE);
if (!IsListEmpty (&AfdEndpointListHead)) { KeRaiseIrql (DISPATCH_LEVEL, &oldIrql);
listEntry = AfdEndpointListHead.Flink; while (listEntry!=&AfdEndpointListHead) { PAFD_CONNECTION connection; PAFD_ENDPOINT endpoint = CONTAINING_RECORD ( listEntry, AFD_ENDPOINT, GlobalEndpointListEntry); listEntry = listEntry->Flink; switch (endpoint->Type) { case AfdBlockTypeDatagram: //
// Afd currently does not support buffer
// ownership on datagram sockets.
//
// If such support is added, we will need to
// add code here to return all the buffers
// owned by the netcards.
//
break; case AfdBlockTypeVcConnecting: //
// Drop all of the connections that have unreturned packets.
//
AfdAcquireSpinLockAtDpcLevel (&endpoint->SpinLock, &lockHandle); connection = AFD_CONNECTION_FROM_ENDPOINT (endpoint); if (endpoint->State==AfdEndpointStateConnected && !IS_TDI_BUFFERRING(endpoint) && connection!=NULL && AfdHasHeldPacketsFromNic (connection, Pdo)) { REFERENCE_CONNECTION (connection); AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &lockHandle); AfdBeginAbort (connection); AfdAcquireSpinLockAtDpcLevel (&endpoint->SpinLock, &lockHandle); //
// Make sure we do not have any buffered data
// (could have just checked for netcard owned
// buffers, but connection is going down anyway
// - save memory).
//
connection->VcBufferredReceiveBytes = 0; connection->VcBufferredReceiveCount = 0; connection->VcBufferredExpeditedBytes = 0; connection->VcBufferredExpeditedCount = 0; connection->VcReceiveBytesInTransport = 0; while ( !IsListEmpty( &connection->VcReceiveBufferListHead ) ) { PAFD_BUFFER_HEADER afdBuffer; le = RemoveHeadList( &connection->VcReceiveBufferListHead ); afdBuffer = CONTAINING_RECORD( le, AFD_BUFFER_HEADER, BufferListEntry );
DEBUG afdBuffer->BufferListEntry.Flink = NULL; if (afdBuffer->RefCount==1 || // Can't change once off the list
InterlockedDecrement (&afdBuffer->RefCount)==0) { afdBuffer->ExpeditedData = FALSE; AfdReturnBuffer( afdBuffer, connection->OwningProcess ); } } AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &lockHandle); DEREFERENCE_CONNECTION (connection); } else { AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &lockHandle); } break; case AfdBlockTypeVcBoth: case AfdBlockTypeVcListening: if (IS_TDI_BUFFERRING (endpoint)) break;
//
// Drop all unaccepted and/or returned connections that have
// unreturned packets.
//
InitializeListHead (&connList); AfdAcquireSpinLockAtDpcLevel (&endpoint->SpinLock, &lockHandle); le = endpoint->Common.VcListening.UnacceptedConnectionListHead.Flink; while ( le!=&endpoint->Common.VcListening.UnacceptedConnectionListHead ) { connection = CONTAINING_RECORD (le, AFD_CONNECTION, ListEntry); ASSERT( connection->Endpoint == endpoint ); le = le->Flink; if (AfdHasHeldPacketsFromNic (connection, Pdo)) { RemoveEntryList (&connection->ListEntry); InsertTailList (&connList, &connection->ListEntry); InterlockedIncrement (&endpoint->Common.VcListening.FailedConnectionAdds); } }
le = endpoint->Common.VcListening.ReturnedConnectionListHead.Flink; while ( le!=&endpoint->Common.VcListening.ReturnedConnectionListHead ) { connection = CONTAINING_RECORD (le, AFD_CONNECTION, ListEntry); ASSERT( connection->Endpoint == endpoint ); le = le->Flink; if (AfdHasHeldPacketsFromNic (connection, Pdo)) { RemoveEntryList (&connection->ListEntry); InsertTailList (&connList, &connection->ListEntry); InterlockedIncrement (&endpoint->Common.VcListening.FailedConnectionAdds); } } AfdReleaseSpinLockFromDpcLevel (&endpoint->SpinLock, &lockHandle); while (!IsListEmpty (&connList)) { le = RemoveHeadList (&connList); connection = CONTAINING_RECORD (le, AFD_CONNECTION, ListEntry); AfdAbortConnection( connection ); }
if ( endpoint->Common.VcListening.FailedConnectionAdds > 0 ) { AfdInitiateListenBacklogReplenish( endpoint ); } break; } } KeLowerIrql (oldIrql); }
ExReleaseResourceLite (AfdResource); KeLeaveCriticalRegion (); } AfdLastRemovedPdo = Pdo; AfdLastRemoveTime = KeQueryInterruptTime ();}
NTSTATUSAfdPnPPowerChange( IN PUNICODE_STRING DeviceName, IN PNET_PNP_EVENT PowerEvent, IN PTDI_PNP_CONTEXT Context1, IN PTDI_PNP_CONTEXT Context2 ){ UNREFERENCED_PARAMETER (DeviceName); PAGED_CODE (); switch (PowerEvent->NetEvent) { case NetEventSetPower: { NET_DEVICE_POWER_STATE powerState = *((PNET_DEVICE_POWER_STATE)PowerEvent->Buffer); ASSERT (PowerEvent->BufferLength>=sizeof (NET_DEVICE_POWER_STATE));
switch (powerState) { case NetDeviceStateD0: //
// Clear the cached last removed PDO when we get Power UP notification
// since PDO can now be reused for something else.
//
AfdLastRemovedPdo = NULL; goto DoNothing; default: ASSERTMSG ("NIC enters unknown power state", FALSE); case NetDeviceStateD1: case NetDeviceStateD2: case NetDeviceStateD3: case NetDeviceStateUnspecified: //
// Break to execute PDO matching code
//
break; } break; } case NetEventQueryRemoveDevice: //
// Break to execute PDO matching code
//
break; case NetEventCancelRemoveDevice: //
// Clear the cached last removed PDO when we get Power UP notification
// since PDO can now be removed again.
//
AfdLastRemovedPdo = NULL; goto DoNothing; default: goto DoNothing; }
//
// When power is removed or device is disabled, we need to release all
// packets that we may own.
// We can only do this for transports that give us
// PDO, so NDIS can match the packet to the device.
// Note that PDO is usually the second context argument (first one is
// usually the device name), but we check the first one too since
// the TDI spec isn't crystal clear on this (it just says: for example TCP
// usually <does the above>).
//
if ((Context2!=NULL) && (Context2->ContextType==TDI_PNP_CONTEXT_TYPE_PDO) && (Context2->ContextSize==sizeof (PVOID)) ){ AfdReturnNicsPackets (*((PVOID UNALIGNED *)&Context2->ContextData)); } else if ((Context1!=NULL) && (Context1->ContextType==TDI_PNP_CONTEXT_TYPE_PDO) && (Context1->ContextSize==sizeof (PVOID)) ) { AfdReturnNicsPackets (*((PVOID UNALIGNED *)&Context1->ContextData)); }
DoNothing:
return STATUS_SUCCESS;}
|
