|
|
/*++ BUILD Version: 0003 // Increment this if a change has global effects
Copyright (c) 1989 Microsoft Corporation
Module Name:
srvblock.h
Abstract:
This module defines the standard header for data blocks maintained by the LAN Manager server.
Author:
Chuck Lenzmeier (chuckl) 1-Dec-1989 David Treadwell (davidtr)
Revision History:
--*/
#ifndef _SRVBLOCK_
#define _SRVBLOCK_
//#include "srvtypes.h"
�//
// The following define the various types of data blocks used by the
// server.
//
// *** The pool tag array in heapmgr.c must be maintained in concert
// with these definitions.
//
#define BlockTypeGarbage 0x00
#define BlockTypeBuffer 0x01
#define BlockTypeConnection 0x02
#define BlockTypeEndpoint 0x03
#define BlockTypeLfcb 0x04
#define BlockTypeMfcb 0x05
#define BlockTypeRfcb 0x06
#define BlockTypeSearch 0x07
#define BlockTypeSearchCore 0x08
#define BlockTypeSession 0x0A
#define BlockTypeShare 0x0B
#define BlockTypeTransaction 0x0C
#define BlockTypeTreeConnect 0x0D
#define BlockTypeWaitForOplockBreak 0x0E
#define BlockTypeCommDevice 0x0F
#define BlockTypeWorkContextInitial 0x10
#define BlockTypeWorkContextNormal 0x11
#define BlockTypeWorkContextRaw 0x12
#define BlockTypeWorkContextSpecial 0x13
#define BlockTypeCachedDirectory 0x14
// The following "blocks" do NOT have block headers.
#define BlockTypeDataBuffer 0x15
#define BlockTypeTable 0x16
#define BlockTypeNonpagedHeader 0x17
#define BlockTypePagedConnection 0x18
#define BlockTypePagedRfcb 0x19
#define BlockTypeNonpagedMfcb 0x1A
#define BlockTypeTimer 0x1B
#define BlockTypeAdminCheck 0x1C
#define BlockTypeWorkQueue 0x1D
#define BlockTypeDfs 0x1E
#define BlockTypeLargeReadX 0x1F
#define BlockTypeAdapterStatus 0x20
#define BlockTypeShareRemark 0x21
#define BlockTypeShareSecurityDescriptor 0x22
#define BlockTypeVolumeInformation 0x23
#define BlockTypeFSName 0x24
#define BlockTypeNameInfo 0x25
#define BlockTypeDirectoryInfo 0x26
#define BlockTypeDirCache 0x27
#define BlockTypeMisc 0x28
#define BlockTypeSnapShot 0x29
#define BlockTypeSecurityContext 0x2A
// The following is defined just to know how many types there are.
#define BlockTypeMax 0x2B
//
// The following define the various states that blocks can be in.
// Initializing is used (relatively rarely) to indicate that
// creation/initialization of a block is in progress. Active is the
// state blocks are usually in. Closing is used to indicate that a
// block is being prepared for deletion; when the reference count on the
// block reaches 0, the block will be deleted. Dead is used when
// debugging code is enabled to indicate that the block has been
// deleted.
//
#define BlockStateDead 0x00
#define BlockStateInitializing 0x01
#define BlockStateActive 0x02
#define BlockStateClosing 0x03
// The following is defined just to know how many states there are.
#define BlockStateMax 0x04
�//
// ALLOCATE_NONPAGED_POOL is a macro that translates to a call to
// SrvAllocateNonPagedPool if debugging is not enabled or to
// SrvAllocateNonPagedPoolDebug if it is enabled.
// DEALLOCATE_NONPAGED_POOL translates to SrvFreeNonPagedPool or
// SrvFreeNonPagedPoolDebug. The Srv routines are used to track pool
// usage by the server.
//
//
// When POOL_TAGGING is on, we pass the block type through to
// SrvAllocateNonPagedPool so that it can pass a tag to the pool
// allocator.
//
#ifdef POOL_TAGGING
#define ALLOCATE_NONPAGED_POOL(size,type) \
SrvAllocateNonPagedPool( (size), (type) )#else
#define ALLOCATE_NONPAGED_POOL(size,type) \
SrvAllocateNonPagedPool( (size) )#endif
#define DEALLOCATE_NONPAGED_POOL(addr) SrvFreeNonPagedPool( (addr) )
//
// Routines that track server nonpaged pool usage in order to support the
// "maxnonpagedmemoryusage" configuration parameter.
//
PVOID SRVFASTCALLSrvAllocateNonPagedPool ( IN CLONG NumberOfBytes#ifdef POOL_TAGGING
,IN CLONG BlockType#endif
);
VOID SRVFASTCALLSrvFreeNonPagedPool ( IN PVOID Address );
VOID SRVFASTCALLSrvClearLookAsideList( PLOOK_ASIDE_LIST l, VOID (SRVFASTCALL *FreeRoutine )( PVOID ) );
//
// The _HEAP macros are like the _NONPAGED_POOL macros, except they
// operate on paged pool. The "HEAP" name is historical, from the
// days when the server used process heap instead of paged pool.
//
// *** When SRVDBG2 is enabled, all server control blocks and all
// reference history blocks must be allocated from nonpaged pool,
// because SrvUpdateReferenceHistory touches these thing while
// holding a spin lock (i.e., at raised IRQL). To make this easy,
// the ALLOCATE_HEAP and FREE_HEAP macros are modified to use
// nonpaged pool. This means that ALL memory allocated by the
// server comes out of nonpaged pool when SRVDBG2 is on.
//
#if SRVDBG2
#define ALLOCATE_HEAP(size,type) ALLOCATE_NONPAGED_POOL( (size), (type) )
#define ALLOCATE_HEAP_COLD(size,type) ALLOCATE_NONPAGED_POOL( (size), (type) )
#define FREE_HEAP(addr) DEALLOCATE_NONPAGED_POOL( (addr) )
#else // SRVDBG2
//
// When POOL_TAGGING is on, we pass the block type through to
// SrvAllocateNonPagedPool so that it can pass a tag to the pool
// allocator.
//
#ifdef POOL_TAGGING
#define ALLOCATE_HEAP(size,type) SrvAllocatePagedPool( PagedPool, (size), (type) )
#define ALLOCATE_HEAP_COLD(size,type) SrvAllocatePagedPool( (PagedPool | POOL_COLD_ALLOCATION), (size), (type) )
#else
#define ALLOCATE_HEAP(size,type) SrvAllocatePagedPool( PagedPool, (size) )
#define ALLOCATE_HEAP_COLD(size,type) SrvAllocatePagedPool( (PagedPool | POOL_COLD_ALLOCATION), (size) )
#endif
#define FREE_HEAP(addr) SrvFreePagedPool( (addr) )
#endif // else SRVDBG2
//
// Routines that track server paged pool usage in order to support the
// "maxpagedmemoryusage" configuration parameter.
//
PVOID SRVFASTCALLSrvAllocatePagedPool ( IN POOL_TYPE PoolType, IN CLONG NumberOfBytes#ifdef POOL_TAGGING
,IN CLONG BlockType#endif
);
VOID SRVFASTCALLSrvFreePagedPool ( IN PVOID Address );
�//
// SHARE_TYPE is an enumerated type used to indicate what type of
// resource is being shared. This type corresponds to the server
// table StrShareTypeNames. Keep the two in sync.
//
typedef enum _SHARE_TYPE { ShareTypeDisk, ShareTypePrint, ShareTypePipe, ShareTypeWild // not a real share type, but can be specified in tcon
} SHARE_TYPE, *PSHARE_TYPE;
//
// SHARE_SNAPSHOT represents a snapshot availible for this share.
//
typedef struct _SHARE_SNAPSHOT{ LIST_ENTRY SnapShotList; ULONG Flags; HANDLE SnapShotRootDirectoryHandle; LARGE_INTEGER Timestamp; UNICODE_STRING SnapShotName; // "[email protected]"
UNICODE_STRING SnapShotPath;} SHARE_SNAPSHOT, *PSHARE_SNAPSHOT;
#define SNAPSHOT_NAME_LENGTH (strlen("@GMT-YYYY.MM.DD-HH.MM.SS")+1)*sizeof(WCHAR)
#define SNAPSHOT_NAME_FORMAT L"@GMT-%04d.%02d.%02d-%02d.%02d.%02d"
#define SRV_SNAP_SHARE_NOT_FOUND 1
//
// For each resource that the server shares, a Share Block is
// maintained. The global share list is anchored at SrvShareHashTable. A
// list of active tree connections using a resource is anchored in the
// Share Block.
//
typedef struct _SHARE { BLOCK_HEADER BlockHeader; // must be first element
LIST_ENTRY TreeConnectList; LIST_ENTRY GlobalShareList;
HANDLE RootDirectoryHandle;
UNICODE_STRING ShareName; UNICODE_STRING NtPathName; UNICODE_STRING DosPathName; UNICODE_STRING Remark; UNICODE_STRING RelativePath;
ULONG ShareNameHashValue;
union { struct { UNICODE_STRING Name; OEM_STRING OemName; } FileSystem; HANDLE hPrinter; } Type;
ULONG MaxUses; ULONG CurrentUses; ULONG CurrentRootHandleReferences; // used for removable devices
LONG QueryNamePrefixLength;
PSECURITY_DESCRIPTOR SecurityDescriptor; // for tree connects
PSECURITY_DESCRIPTOR FileSecurityDescriptor; // file acls on shares
SHARE_TYPE ShareType; BOOLEAN Removable; // Is the share storage removable?
BOOLEAN SpecialShare; BOOLEAN IsDfs; // Is this share in the Dfs?
BOOLEAN IsDfsRoot; // Is this share the root of a Dfs?
BOOLEAN PotentialSystemFile; // Are files in this share potentially
// system files?
BOOLEAN IsCatchShare; // Should the SRVCATCH code be active
ULONG ShareProperties;
//
// These flags are returned to the client on a tree connect to instruct the client
// how it can cache the files on this share. The server does not interpret these
// flags -- it is the client's responsibility to do the right thing.
//
ULONG CSCState;
PSRV_LOCK SecurityDescriptorLock;
HANDLE ShareVolumeHandle; LIST_ENTRY SnapShots; PSRV_LOCK SnapShotLock; LONG SnapShotEpic;
// WCHAR ShareNameData[ShareName.MaximumLength];
// WCHAR NtPathNameData[PathName.MaximumLength];
// WCHAR DosPathNameData[PathName.MaximumLength];
// SECURITY_DESCRIPTOR SecurityDescriptor;
} SHARE, *PSHARE;
//
// For each network that the server uses, an Endpoint Block is
// maintained. An ENDPOINT contains the network name (for
// administrative purposes), the endpoint name (server address), the
// endpoint (file) handle, a pointer to the endpoint object, a pointer
// to the transport provider's device object, and state information.
// The global endpoint list is anchored at SrvEndpointList. A list of
// active connections created using an endpoint is anchored in the
// Endpoint Block.
//
#if SRVDBG29
#define HISTORY_LENGTH 256
typedef struct { ULONG Operation; PVOID Connection; BLOCK_HEADER ConnectionHeader;} HISTORY, *PHISTORY;#define UpdateConnectionHistory(_op,_endp,_conn) { \
PHISTORY history = &(_endp)->History[(_endp)->NextHistoryLocation++]; \ if ((_endp)->NextHistoryLocation >= HISTORY_LENGTH) { \ (_endp)->NextHistoryLocation = 0; \ } \ history->Operation = *(PULONG)(_op); \ history->Connection = (_conn); \ if (_conn) { \ history->ConnectionHeader = *(PBLOCK_HEADER)(_conn); \ } \}#endif
struct _CONNECTION;
typedef struct _ENDPOINT { BLOCK_HEADER BlockHeader; // must be first element
//
// List of free connections.
//
LIST_ENTRY FreeConnectionList;
//
// Table of connections. We use a table instead of a list in order
// to speed up lookup of IPX connections based on the SID stored in
// the SMB header.
//
TABLE_HEADER ConnectionTable;
ORDERED_LIST_ENTRY GlobalEndpointListEntry;
//
// Handle and file/device objects for connection-oriented endpoint
// or for connectionless server data socket.
//
HANDLE EndpointHandle; PFILE_OBJECT FileObject; PDEVICE_OBJECT DeviceObject; PULONG IpxMaxPacketSizeArray; ULONG MaxAdapters;
//
// Handle and file/device objects for connectionless NetBIOS name
// socket.
//
HANDLE NameSocketHandle; PFILE_OBJECT NameSocketFileObject; PDEVICE_OBJECT NameSocketDeviceObject;
PDRIVER_DISPATCH FastTdiSend; PDRIVER_DISPATCH FastTdiSendDatagram;
TDI_ADDRESS_IPX LocalAddress;
ULONG FreeConnectionCount; ULONG TotalConnectionCount;
//
// Various flags
//
struct { ULONG IsConnectionless : 1; // connectionless transport?
ULONG NameInConflict : 1; // unable to claim name?
ULONG IsPrimaryName : 1; // set if not an alternate name
ULONG IsNoNetBios : 1; // set if we are direct hosting on a VC
ULONG RemapPipeNames : 1; // set if we are remapping pipe names for clusters
};
WCHAR NetworkAddressData[12 + 1];
UNICODE_STRING NetworkName; // administrative name
UNICODE_STRING TransportName; // e.g., "\Device\Nbf_Elnkii01"
UNICODE_STRING ServerName; // e.g., L"NTSERVER"
ANSI_STRING TransportAddress; // e.g., "NTSERVER "
UNICODE_STRING NetworkAddress; UNICODE_STRING DomainName; // domain being served by this endpoint
OEM_STRING OemDomainName; // oem version of domain name
// WCHAR NetworkNameData[NetworkName.MaximumLength/2];
// WCHAR TransportNameData[TransportName.MaximumLength/2];
// WCHAR ServerName[ ServerName.MaximumLength/2 ];
// CHAR TransportAddressData[TransportAddress.MaximumLength];
// WCHAR DomainNameData[ DNLEN + 1];
// CHAR OemDomainNameData[ DNLEN+1 ]
BOOLEAN AlternateAddressFormat; // should this endpoint be included when
// enumerating?
#if SRVDBG29
ULONG NextHistoryLocation; HISTORY History[HISTORY_LENGTH];#endif
} ENDPOINT, *PENDPOINT;
�//
// Size of search hash table (must be a power of 2)
//
#define SEARCH_HASH_TABLE_SIZE 4
typedef struct _HASH_TABLE_ENTRY {
LIST_ENTRY ListHead; BOOLEAN Dirty;
} HASH_TABLE_ENTRY, *PHASH_TABLE_ENTRY;
//
// When we discover something which is a directory, we place the name
// in this per-connection cache for quick re-use for CheckPath.
//
typedef struct { BLOCK_HEADER; LIST_ENTRY ListEntry; // list is linked through this element
UNICODE_STRING DirectoryName; // canonicalized name of this directory
USHORT Tid; // DirectoryName is relative to this tid
ULONG TimeStamp; // Tick count when this element was cached
} CACHED_DIRECTORY, *PCACHED_DIRECTORY;
//
// For each connection (virtual circuit) that is created, a Connection
// Block is maintained. All connections made over a single endpoint are
// linked through that endpoint. Tables of sessions, tree connects, and
// files created using a connection are anchored in the connection
// block.
//
// The Lock field in the connection protects the data in the connection
// and the data structures associated with the connection, such as
// the tree connects and sessions. However, the list of connections
// linked off the endpoint is protected by the endpoint lock, and
// LFCBs and RFCBs associated with a connection are protected by
// the MFCB's lock.
//
typedef struct _PAGED_CONNECTION {
PAGED_HEADER PagedHeader;
//
// List of active transactions
//
LIST_ENTRY TransactionList;
//
// This list is maintained in order of access, so the entry at the top
// of the list is the oldest, the entry at the bottom is the youngest.
//
LIST_ENTRY CoreSearchList;
//
// This information is used to determine whether oplocks and Raw
// I/O's are allowed. This is determined by information obtained by
// querying the transport provider using TDI_QUERY_CONNECTION_INFO.
//
LARGE_INTEGER LinkInfoValidTime; LARGE_INTEGER Throughput; LARGE_INTEGER Delay;
//
// Table headers for session, tree connect, and search tables.
//
TABLE_HEADER SessionTable; TABLE_HEADER TreeConnectTable; TABLE_HEADER SearchTable;
HANDLE ConnectionHandle;
//
// The number of searches active on the connection.
//
USHORT CurrentNumberOfCoreSearches;
//
// Hash table for picking out duplicate core searches
//
HASH_TABLE_ENTRY SearchHashTable[SEARCH_HASH_TABLE_SIZE];
//
// The encryption key obtained from LsaCallAuthenticationPackage.
// This is a per-VC value--any logon on a given VC uses this
// encryption key.
//
UCHAR EncryptionKey[MSV1_0_CHALLENGE_LENGTH];
//
// If we have an NT5 client, this is its build number (if non-zero)
//
ULONG ClientBuildNumber;
//
// Have we logged an invalid SMB for this client yet? We use this
// flag to keep a single client from flooding the event log
//
BOOLEAN LoggedInvalidSmb;
#if SRVNTVERCHK
//
// Have we determined that the client's NT build number is too old to
// allow it to connect to this server?
//
BOOLEAN ClientTooOld;#endif
} PAGED_CONNECTION, *PPAGED_CONNECTION;
#define MAX_SAVED_RESPONSE_LENGTH 100
#define SRV_CONNECTION_SOCKADDR_SIZE 32
typedef struct _CONNECTION {
QUEUEABLE_BLOCK_HEADER ; // must be first element
/* start of spin lock cache line */
//
// Per-connection spin lock.
//
KSPIN_LOCK SpinLock;
//
// Points to the endpoint spinlock that guards this connection's
// entry in the endpoint connection table.
//
PKSPIN_LOCK EndpointSpinLock;
//
// This is the WORK_QUEUE we are queueing on, which may not be the
// same as PreferredWorkQueue due to load balancing
//
PWORK_QUEUE CurrentWorkQueue;
//
// A countdown for the number of operations we'll do before we try
// to pick a better processor for this connection
//
ULONG BalanceCount;
//
// Cached Rfcb
//
struct _RFCB *CachedRfcb; ULONG CachedFid;
//
// BreakIIToNoneJustSent is set when a oplock break II to none is
// sent, and reset whenever an SMB is received. If a raw read
// arrives while this is set, the raw read is rejected.
//
BOOLEAN BreakIIToNoneJustSent;
//
// Raw io enabled
//
BOOLEAN EnableRawIo;
//
// Sid represents the connection's location in the endpoint's
// connection table.
//
USHORT Sid;
// The SidIndex allows us to use all the 16 bits for the index. For
// regular connections this prevents the aliasing problem that can occur
// in using the IXPSID index since the IPX sequence number takes up 4 bits
USHORT SidIndex;
// additional USHORT to satisfy alignment on dword boundaries
USHORT Pad;
//
// Pointer to the endpoint, fileobject, and deviceobject
//
PENDPOINT Endpoint; PFILE_OBJECT FileObject;
PDEVICE_OBJECT DeviceObject;
//
// The maximum message size we can send over this connection.
//
ULONG MaximumSendSize;
//
// This is the WORK_QUEUE we would prefer to be on, because this
// queue assigns work to the same procesor that is handling the
// adaptor's DPCs
//
PWORK_QUEUE PreferredWorkQueue;
//
// Table header for file table.
//
TABLE_HEADER FileTable;
//
// The SMB dialect chosen for this connection. Used in fsd.
//
SMB_DIALECT SmbDialect;
//
// List of active work items associated with the connection.
//
LIST_ENTRY InProgressWorkItemList;
//
// Stores the time of the last oplock break resp processed. This is
// used to synchronize readraw processing with the oplock break
// processing.
//
ULONG LatestOplockBreakResponse;
//
// The following two fields descibe operations in progress on this
// connection. It is possible that there are multiple oplock breaks
// in progress. Also, there is a brief window when multiple raw
// reads can be active -- after we've sent the response to one raw
// read, but before we've done postprocessing (so it looks like the
// first one is still in progress), we could receive another raw
// read request.
//
// Interaction between the two fields are controlled using
// SrvFsdSpinLock (see the block comment in oplock.c for details).
//
LONG OplockBreaksInProgress; ULONG RawReadsInProgress;
//
// Are oplocks allowed?
//
BOOLEAN OplocksAlwaysDisabled; BOOLEAN EnableOplocks;
//
// Is the client coming in over IPX?
//
BOOLEAN DirectHostIpx;
//
// Are security signatures currently active for this connection?
// Security signatures are not supported for Direct Host IPX connections
// and some W9x clients
//
BOOLEAN SmbSecuritySignatureActive;
union { //
// The following struct of this union holds relevant state
// when the client is connecting over direct host IPX.
// IpxAddress holds the client's IPX address, when the client
// 'connects' over IPX.
//
struct { USHORT SequenceNumber; USHORT LastResponseLength; USHORT LastResponseBufferLength; USHORT LastUid; USHORT LastTid; NTSTATUS LastResponseStatus; ULONG IpxDuplicateCount; ULONG IpxDropDuplicateCount; ULONG StartupTime; TDI_ADDRESS_IPX IpxAddress; PVOID LastResponse; };
//
// This struct holds relevant state when the client is using
// a virtual circuit.
//
struct {
//
// The following fields are used for security signatures.
//
MD5_CTX Md5Context;
ULONG SmbSecuritySignatureIndex;
// If we are unable to allocate a WORK_CONTEXT
// at receive indicate time, the receive is done
// in SrvFsdServiceNeedResourceQueue. Depending
// on the received SMB, we sometimes do not send
// a response SMB. Since the Tdi lookahead data
// is not available when SrvFsdServiceNeedResourceQueue
// is run, we have to remember not to advance the signature
// index for the response.
BOOLEAN NoResponseSignatureIndex;
//
// The following field, if non-zero is the IP address of the client
//
ULONG ClientIPAddress;
USHORT SockAddr[SRV_CONNECTION_SOCKADDR_SIZE/sizeof(USHORT)];
}; };
//
// Pointer to paged part of connection block.
//
PPAGED_CONNECTION PagedConnection;
//
// Per-connection interlock.
//
KSPIN_LOCK Interlock;
//
// Quadword align list entries and large ints
//
LIST_ENTRY EndpointFreeListEntry;
//
// A list of deferred oplock work break items. Oplock breaks are
// deferred if a read raw is in progress, or if the server runs
// out of work context blocks, and cannot send the oplock break
// request.
//
LIST_ENTRY OplockWorkList;
//
// List of RFCBs with batch oplocks that have been cached after
// being closed by the client. Count of such RFCBs.
//
LIST_ENTRY CachedOpenList; ULONG CachedOpenCount;
//
// List of directories which have been recently identified. This is a list of
// CACHED_DIRECTORY entries.
//
LIST_ENTRY CachedDirectoryList; ULONG CachedDirectoryCount;
//
// Security context handle for the extensible security negotiate buffer.
//
CtxtHandle NegotiateHandle;
//
// The following represent consumer capabilities.
//
ULONG ClientCapabilities;
//
// Per-connection resource.
//
SRV_LOCK Lock;
//
// Lock for dealing with the license server
//
SRV_LOCK LicenseLock;
//
// Oem version of the client machine name string.
//
OEM_STRING OemClientMachineNameString;
//
// A string for the client's name. The Buffer field points to the
// leading slashes (below), the MaximumLength is
// (COMPUTER_NAME_LENGTH + 3) * sizeof(WCHAR), and Length is the
// number of characters in the name that are not blanks *
// sizeof(WHCAR).
//
UNICODE_STRING ClientMachineNameString;
//
// The following two fields make up the client's name in the form
// "\\client ", including a trailing NULL.
//
WCHAR LeadingSlashes[2]; WCHAR ClientMachineName[COMPUTER_NAME_LENGTH+1];
//
// Head of singly linked list of cached transactions.
//
SLIST_HEADER CachedTransactionList; LONG CachedTransactionCount;
//
// The time when the last message was received for this connection
//
ULONG LastRequestTime;
//
// If we are on the OnNeedResourceQueue for a pending recieve, this
// is the amount of data that was indicated to us.
//
ULONG BytesAvailable;
//
// OnNeedResource is true if this connection is on the global need
// recource queue. This happens if it is waiting for a work context
// block to complete a pending receive or an oplock break request.
//
BOOLEAN OnNeedResourceQueue;
//
// NotReusable is set when an operation fails in such a way that the
// server's idea of the connection state may be different than the
// transport's. For example, a server-initiated disconnect failed.
// If we tried to reuse the connection (by returning it from a
// connect indication), the transport would get confused. When
// NotReusable is set, SrvDereferenceConnection frees the connection
// instead of putting it on the endpoint's free list.
//
BOOLEAN NotReusable;
//
// DisconnectPending indicates that a disconect indication has been
// received from the transport. ReceivePending indicates that the
// server could not assign a work item to handle a receive indication.
//
BOOLEAN DisconnectPending; BOOLEAN ReceivePending;
//
// Oem version of the client name. We need this because we could
// not do unicode operations in the fsd, where we initially get our
// computer name.
//
CHAR OemClientMachineName[COMPUTER_NAME_LENGTH+1];
//
// Information about the client context.
//
UNICODE_STRING ClientOSType; UNICODE_STRING ClientLanManType;
UCHAR BuiltinSavedResponse[MAX_SAVED_RESPONSE_LENGTH];
//
// The number of sessions active on the connection.
//
USHORT CurrentNumberOfSessions;
// Used to monitor how many work contexts a client is using up
LONG InProgressWorkContextCount; LONG OperationsPendingOnTransport; BOOLEAN IsConnectionSuspect; DISCONNECT_REASON DisconnectReason;
} CONNECTION, *PCONNECTION;
//
// For each session that is created, a Session Block is maintained. All
// sessions created over a single connection are linked through a table
// owned by that connection. A list of files opened using a session can
// be obtained by searching the file table owned by the connection
// block.
//
// This is copied from ntmsv1_0.h
typedef struct _SECURITY_CONTEXT { BLOCK_HEADER BlockHeader; CtxtHandle UserHandle;} SECURITY_CONTEXT, *PSECURITY_CONTEXT;
typedef enum _SRV_SESSION_KEY_STATE { SrvSessionKeyUnavailible = 0, SrvSessionKeyAuthenticating, SrvSessionKeyAvailible} SRV_SESSION_KEY_STATE;
#define MSV1_0_USER_SESSION_KEY_LENGTH 16
typedef struct _SESSION { //
// *** NOTE: The reference count field in the session block
// header is not used! Instead, the reference count is
// in the NonpagedHeader structure.
//
BLOCK_HEADER BlockHeader;
PNONPAGED_HEADER NonpagedHeader;
ULONG CurrentFileOpenCount; // count of files open on the session
ULONG CurrentSearchOpenCount; // count of searches open on the session
ORDERED_LIST_ENTRY GlobalSessionListEntry;
PCONNECTION Connection;
//
// If clients are using the GSS-style authentication, we query the
// UserHandle for the user and domain names. If they are using
// old-style authentication, we store the names here. In any case,
// code that needs access to the user and/or domain names should
// call SrvGetUserAndDomainName() and SrvReleaseUserAndDomainName()
//
UNICODE_STRING NtUserName; UNICODE_STRING NtUserDomain;
LARGE_INTEGER StartTime; LARGE_INTEGER LastUseTime; // for autologoff
LARGE_INTEGER LogOffTime; // for forced logoff
LARGE_INTEGER KickOffTime; // for forced logoff
LARGE_INTEGER LastExpirationMessage; // for forced logoff
LUID LogonId; CHAR NtUserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]; CHAR LanManSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
PSECURITY_CONTEXT SecurityContext; // Security handle to this user
USHORT MaxBufferSize; // Consumer's maximum buffer size
USHORT MaxMpxCount; // Actual max multiplexed pending requests
USHORT Uid;
SRV_SESSION_KEY_STATE SessionKeyState; // Used to determine if the session key can be given to the user.
BOOLEAN UsingUppercasePaths; // Must paths be uppercased?
BOOLEAN GuestLogon; // Is the client logged on as a guest?
BOOLEAN EncryptedLogon; // Was an encrypted password sent?
BOOLEAN LogoffAlertSent; BOOLEAN TwoMinuteWarningSent; BOOLEAN FiveMinuteWarningSent; BOOLEAN IsNullSession; // Is client using a null session?
BOOLEAN IsAdmin; // Is this an administrative user?
BOOLEAN IsLSNotified; // Does license server know about this user?
BOOLEAN LogonSequenceInProgress; // Are we in the middle of an extended logon sequence?
BOOLEAN IsSessionExpired; // Do we need to reauthenticate?
HANDLE hLicense; // if( IsLSNotified ) this is License handle
#if SRVNTVERCHK
//
// Have we determined that we don't like this client's domain?
//
BOOLEAN ClientBadDomain;#endif
//CHAR UserNameBuffer[UserName.MaximumLength];
} SESSION, *PSESSION;
//
// For each tree connect that is made, a Tree Connect Block is
// maintained. All tree connects made over a single connection are
// linked through a table owned by that connection. All tree connects
// made to a single shared resource are linked through that share block.
// A list of files opened using a tree connect can be obtained by
// searching the file table owned by the connection block.
//
typedef struct _TREE_CONNECT { //
// *** NOTE: The reference count field in the tree connect block
// header is not used! Instead, the reference count is
// in the NonpagedHeader structure.
//
BLOCK_HEADER BlockHeader;
PNONPAGED_HEADER NonpagedHeader;
PCONNECTION Connection; PSESSION Session; PSHARE Share;
ORDERED_LIST_ENTRY GlobalTreeConnectListEntry;
ULONG CurrentFileOpenCount;
LIST_ENTRY ShareListEntry; LIST_ENTRY PrintFileList; // only if print share
LARGE_INTEGER StartTime;
UNICODE_STRING ServerName;
BOOLEAN RemapPipeNames;
USHORT Tid;
} TREE_CONNECT, *PTREE_CONNECT;
�//
// Master File Control Block (MFCB) -- one per named file that is open
// at least once. Used to support compatibility mode and oplocks.
//
// Local File Control Block (LFCB) -- one for each local open instance.
// Represents local file object/handle. There may be multiple
// LFCBs linked to a single MFCB.
//
// Remote File Control Block (RFCB) -- one for each remote open instance.
// Represents remote FID. There is usually one RFCB per LFCB, but
// multiple compatibility mode RFCBs may be linked to a single LFCB.
// Multiple remote FCB opens for a single file from a single session
// are folded into one RFCB, because old DOS redirectors only send
// one close.
//
//
// For each disk file that is open, a Master File Control Block (MFCB)
// is maintained. If a given file is open multiple times, there is one
// MFCB for the file and multiple LFCBs, one for each local open
// instance. All MFCBs are linked into the global Master File Table.
// The MFCB has a list of the LFCBs representing open instances for the
// file.
//
typedef struct _NONPAGED_MFCB {
union {
//
// When NONPAGED_MFCB structures are freed, they may be placed
// on the WORK_QUEUE's MfcbFreeList to avoid unnecessary Nonpaged
// pool activity. SingleListEntry is used for the linkage.
//
SLIST_ENTRY SingleListEntry;
struct { ULONG Type; PVOID PagedBlock;
//
// We must serialize opens to the same file, since 2 concurrent opens
// may be compatibility mode opens. This lock also protects all data
// in this MFCB and the LFCBs and RFCBs associated with this MFCB.
//
SRV_LOCK Lock; }; };
LARGE_INTEGER OpenFileSize; ULONG OpenFileAttributes;
} NONPAGED_MFCB, *PNONPAGED_MFCB;
typedef struct _MFCB {
//
// *** NOTE: The reference count field in the mfcb block
// header is not used! Instead, the reference count is
// in the NonpagedHeader structure.
//
BLOCK_HEADER BlockHeader; // must be first element
PNONPAGED_MFCB NonpagedMfcb;
//
// All LFCBs for a given named file are linked to the parent MFCB.
//
LIST_ENTRY LfcbList;
//
// The count of active RFCB for this MFCB. This is used to coordinate
// compatibility opens with non-compatibility mode opens.
//
ULONG ActiveRfcbCount;
//
// The fully qualified name of the file is appended to the MFCB.
// The FileName field is a descriptor for the name.
//
UNICODE_STRING FileName;
//
// Mfcbs are linked into the MfcbHashTable by MfcbHashTableEntry
//
LIST_ENTRY MfcbHashTableEntry;
//
// FileNameHashValue is a hash value derived from the upper case
// version of FileName. It is used to speed up name comparisons, and to
// locate the hash entry
//
ULONG FileNameHashValue;
//
// CompatibilityOpen indicates whether the file is open in
// compatibility mode.
//
BOOLEAN CompatibilityOpen;
//
// Timestamp for SnapShot opens
//
LARGE_INTEGER SnapShotTime;
#if SRVCATCH
CHAR SrvCatch;#endif
// WCHAR FileNameData[FileName.MaximumLength/2];
} MFCB, *PMFCB;
//
// The MFCBs are all linked into the master MFCB hash table.
//
typedef struct { LIST_ENTRY List; // the list of MFCBs in this bucket
PSRV_LOCK Lock; // protects this bucket's list
} MFCBHASH, *PMFCBHASH;
�//
// For each instance of a local file open, a Local File Control Block
// (LFCB) is maintained. All LFCBs for a particular named file are
// linked through the MFCB for that file.
//
// LFCBs contain information that is specific to the local open, such
// as the file handle and a pointer to the file object. The LFCB also
// contains other information that is common to all child RFCBs, such
// as pointers to the owning connection and tree connect.
//
//
typedef struct _LFCB {
union { BLOCK_HEADER BlockHeader; // must be first element
SINGLE_LIST_ENTRY SingleListEntry; // used when LFCB is freed
};
//
// Multiple remote opens of a file are folded into a single local
// open by linking the RFCBs to the parent LFCB.
//
LIST_ENTRY RfcbList;
//
// The number of associated active RFCBs.
//
ULONG HandleCount;
//
// LFCBs are linked into their MFCB's open file list.
//
PMFCB Mfcb; LIST_ENTRY MfcbListEntry;
//
// Connection, Session, and TreeConnect are referenced pointers to
// the respective "owning" blocks.
//
PCONNECTION Connection; PSESSION Session; PTREE_CONNECT TreeConnect;
//
// GrantedAccess is the access obtained when the file was opened.
// For a compatibility mode open, this is the maximum access
// available to the client; individual opens may have less access.
//
ACCESS_MASK GrantedAccess;
//
// FileHandle is a handle to the open file. FileObject is a
// referenced pointer. DeviceObject is NOT a referenced pointer;
// the reference to the file object prevents the device object from
// going away.
//
HANDLE FileHandle; PFILE_OBJECT FileObject; PDEVICE_OBJECT DeviceObject;
//
// FileMode tracks whether writethrough is enabled for this file
// object.
ULONG FileMode;
//
// The job ID of a print job corresponding to the opened file.
// This is only used for print file opens.
//
ULONG JobId;
//
// Cache these hot-path entry points.
//
PFAST_IO_READ FastIoRead; PFAST_IO_WRITE FastIoWrite; PFAST_IO_LOCK FastIoLock; PFAST_IO_UNLOCK_SINGLE FastIoUnlockSingle; PFAST_IO_MDL_READ MdlRead; PFAST_IO_MDL_READ_COMPLETE MdlReadComplete; PFAST_IO_PREPARE_MDL_WRITE PrepareMdlWrite; PFAST_IO_MDL_WRITE_COMPLETE MdlWriteComplete;
//
// CompatibilityOpen indicates whether the file is open in
// compatibility mode.
//
BOOLEAN CompatibilityOpen;
} LFCB, *PLFCB;
�//
// For each instance of a remote file open, a Remote File Control Block
// (RFCB) is maintained. The RFCB points to the LFCB that contains the
// local file handle. Normally RFCBs and LFCBs exist in one-to-one
// correspondence, but multiple compatibility mode opens are folded into
// a single local open, so that the server can enforce the appropriate
// sharing rules.
//
// RFCBs contain information that is specific to the remote open, such
// as the assigned FID, the PID of the creator, the granted access mask,
// and the current file position.
//
// All RFCBs for a single connection are linked through a table owned by
// that connection; the FID assigned to the RFCB represents an index
// into the file table. Pointers to the owning connection and tree
// connect can be found in the LFCB, which is pointed to by the RFCB. A
// list of files opened through a given tree connect can be obtained by
// searching the owning connection's file table for RFCBs whose parent
// LFCBs point to the tree connect.
//
//
// WRITE_MPX_CONTEXT holds context associated with an active Write Block
// Multiplexed sequence.
//
// !!! This structure is probably big enough to be worth putting
// outside the RFCB.
//
#define MAX_GLOM_RUN_COUNT 8
typedef struct _WRITE_MPX_RUN { USHORT Offset; USHORT Length;} WRITE_MPX_RUN, *PWRITE_MPX_RUN;
typedef struct _WRITE_MPX_CONTEXT {
//
// ReferenceCount counts the number of Write Mpx SMBs that are
// currently being processed. When this count goes to zero, and
// we have received the sequenced command that ends the current
// mux, we send the response. This method is needed to ensure
// that we don't process the mux SMBs out-of-order, which leads
// to performance problems, and even worse, data corruption,
// thanks to the mask-shifting method used by the Snowball redir.
//
ULONG ReferenceCount;
//
// Mask holds the logical OR of the masks received in multiplexed
// write requests. When an IPX client sends the last block of write
// mpx data, we send back MpxMask to indicate whether we lost any
// frames.
//
ULONG Mask;
//
// FileObject is a copy of the file object pointer from the LFCB.
//
PFILE_OBJECT FileObject;
//
// Mid holds the MID of the current multiplexed write. PreviousMid
// hold the MID of the previous one. This needs to be retained in
// order to deal with duplicated write mux SMBs -- if a duplicate
// SMB arrives AFTER the first SMB of the next write mux (with a new
// MID), we need to know to toss it, not kill the new write mux.
//
USHORT Mid; USHORT PreviousMid;
//
// SequenceNumber holds the sequence number given in the last
// request of the mux. This needs to be retained because we
// may be simultaneously processing previous parts of the mux
// when we detect that we've received the sequenced comand.
//
USHORT SequenceNumber;
//
// Glomming is set if the current write mux series is being glommed
// into one large write.
//
// GlomPending is set when the indication for the first packet of
// a new write mux occurs. It is cleared when the FSP is done
// preparing the glomming operation. While GlomPending is set,
// subsequent packets of the write mux are queued to GlomDelayList.
//
BOOLEAN Glomming; BOOLEAN GlomPending; LIST_ENTRY GlomDelayList;
ULONG StartOffset; USHORT Length; BOOLEAN GlomComplete;
//
// MpxGlommingAllowed is set when the underlying file system
// supports MDL write.
//
BOOLEAN MpxGlommingAllowed;
PMDL MdlChain;
ULONG NumberOfRuns; WRITE_MPX_RUN RunList[MAX_GLOM_RUN_COUNT];
} WRITE_MPX_CONTEXT, *PWRITE_MPX_CONTEXT;
#define NO_OPLOCK_BREAK_IN_PROGRESS ((UCHAR)-1)
typedef struct _PAGED_RFCB {
PAGED_HEADER PagedHeader;
//
// RFCBs are linked into their parent LFCB's compatibility open
// list.
//
LIST_ENTRY LfcbListEntry;
//
// Information about the last lock attempt by the client that failed.
//
LARGE_INTEGER LastFailingLockOffset;
//
// Current oplock break timeout.
//
LARGE_INTEGER OplockBreakTimeoutTime;
//
// FcbOpenCount indicates how many remote FCB opens this RFCB
// represents. (Whether an RFCB represents a compatibility mode
// open can be determined by looking at the LFCB.)
//
// *** Note that FCB opens are treated similarly to compatibility
// mode opens. However, soft compatibility maps compatibility
// opens into regular opens, but it does not change an FCB open
// into a non-FCB open. So it is possible to have an FCB open
// that is not a compatibility mode open.
//
CLONG FcbOpenCount;
//
// Per-file context for a direct host IPX smart card, if we have one.
// The smart card is willing to handle the read operations for this file if
// IpxSmartCardContext is not NULL.
//
PVOID IpxSmartCardContext;
//
// The time the RFCB was opened. This combined with the ResumeKey uniquely identify
// an RFCB
//
LARGE_INTEGER OpenTime;
} PAGED_RFCB, *PPAGED_RFCB;
typedef struct _RFCB {
//
// The list entry in the RFCB's block header is used to queue the
// RFCB for oplock processing to the nonblocking worker thread work
// queue, which also contains work context blocks.
//
// *** Note that this is an unnamed field, so that its elements can
// can be referenced directly. The field names defined in
// QUEUEABLE_BLOCK_HEADER cannot be used elsewhere in this
// block.
//
QUEUEABLE_BLOCK_HEADER ; // must be first element
/* start of spin lock cache line */
//
// These booleans indicate whether we've already been granted
// read/write/lock access, thus saving a few instructions on every
// read/write/lock. These are checked during the file open.
//
BOOLEAN ReadAccessGranted; // TRUE, if read access in granted
BOOLEAN WriteAccessGranted; // TRUE, if write access is granted
BOOLEAN LockAccessGranted; // TRUE, if lock access is granted
BOOLEAN UnlockAccessGranted; // TRUE, if unlock access is granted
BOOLEAN AppendAccessGranted; // TRUE, if append access is granted
BOOLEAN ExclusiveLockGranted; // TRUE, if exclusive lock access is granted
//
// CurrentPosition maintains the file position after the last Read,
// Write, or Seek by the client. This field is needed only to
// support relative Seeks. Since clients that use relative seeks only
// need 32-bits of file position, this field is maintained as a ULONG.
//
ULONG CurrentPosition;
//
// Type of this share. Accessed in the fsd.
//
SHARE_TYPE ShareType;
//
// The connection pointer is copied from the LFCB so that we can
// find the connection at DPC level (the LFCB is paged, as is the
// pointer to the LFCB in PagedRfcb).
//
PCONNECTION Connection;
//
// The LFCB is used to find the file handle, file object, etc.
//
PLFCB Lfcb;
//
// MpxGlommingAllowed is set when the underlying file system
// supports MDL write.
//
BOOLEAN MpxGlommingAllowed;
//
// The following two booleans describe the read mode, and blocking
// mode of a named pipe.
//
BOOLEAN BlockingModePipe; // TRUE = Blocking, FALSE = Nonblocking
BOOLEAN ByteModePipe; // TRUE = Byte mode, FALSE = Message mode
//
// Indicates whether this file has been written to.
//
BOOLEAN WrittenTo;
/* end of spin lock cache line */
//
// RawWriteSerializationList holds works items that have been queued
// pending completion of a raw write. When the raw write count is
// decremented to 0, this list is flushed by restarting all queued
// work items.
//
LIST_ENTRY RawWriteSerializationList;
//
// fid << 16. Used for key computations.
//
ULONG ShiftedFid;
//
// RawWriteCount counts the number of active raw writes. This is
// used to prevent the file handle from being closed while raw
// writes are in progress. If Raw writes are in progress when the
// close happens, we defer the cleanup until the rawwritecount goes
// to zero.
//
ULONG RawWriteCount;
//
// SavedError retains the error code when a raw read or a raw write
// in writebehind mode gets an error. The next access to the file
// will receive an error indication.
//
NTSTATUS SavedError;
//
// NumberOfLocks is the count of locks currently on the file.
// It is here to support the File APis and RFCB cacheing -- you can't
// cache an RFCB if it has locks in it.
//
LONG NumberOfLocks;
//
// Fid is the file ID assigned to the file and returned to the
// client. Pid is the process ID given by the client when the file
// was opened. Tid is a copy of the parent tree connect's Tid
// field. Uid is used to ensure that the client using a file handle
// is the same one that opened the file.
//
USHORT Fid; USHORT Pid; USHORT Tid; USHORT Uid;
//
// WriteMpx is a WRITE_MPX_CONTEXT structure. It retains context
// about multiplexed write operations. This structure is not used
// on connectionless sessions.
//
WRITE_MPX_CONTEXT WriteMpx;
//
// FileMode tracks whether writethrough is enabled for this file
// object.
ULONG FileMode;
//
// MFCB points to the Master File Control Block for this file.
//
PMFCB Mfcb;
//
// Oplock information. The oplock IRP currently in progress, etc.
// The list entry for queueing the RFCB for oplock break processing
// is located in the block header.
//
PIRP Irp; BOOLEAN OnOplockBreaksInProgressList;
//
// The oplock level to change to, if there is an oplock break
// in progress. Otherwise it is always NO_OPLOCK_BREAK_IN_PROGRESS.
//
UCHAR NewOplockLevel;
//
// This boolean indicates whether or an oplock granted open response
// need to be sent for this RFCB. If it is FALSE, and an oplock break
// request needs to be sent, the request must be deferred until after
// sending the open response.
//
// Access to these fields is synchronized using the MFCB lock.
//
BOOLEAN OpenResponseSent; BOOLEAN DeferredOplockBreak;
//
// Pointer to the paged portion of the rfcb
//
PPAGED_RFCB PagedRfcb;
//
// CachedOpen is set if the RFCB has been cached after being
// closed by the client.
//
LIST_ENTRY CachedOpenListEntry; BOOLEAN CachedOpen;
//
// See if this rfcb can be cached.
//
BOOLEAN IsCacheable;
//
// See if the file was accessed in the last scavenger update period.
// (This is used to update the session last access time).
//
BOOLEAN IsActive;
//
// Is it ok for us to do MPX writes to this RFCB?
//
BOOLEAN MpxWritesOk;
//
// This event is used when the server needs to request an oplock II
// when the initial oplock request fails.
//
PKEVENT RetryOplockRequest;
//
// All RFCBs in the server are stored in a global list to support
// NetFileEnum. This field contains the LIST_ENTRY for the RFCB in
// the global list and a resume handle to support resuming
// enumerations.
//
ORDERED_LIST_ENTRY GlobalRfcbListEntry;
//
// GrantedAccess is the access allowed through this open. This
// GrantedAccess may allow less access than that given in the parent
// LFCB for compatibility mode opens.
//
ACCESS_MASK GrantedAccess;
//
// ShareAccess is the file sharing access specified when the file
// was opened.
//
ULONG ShareAccess;
//
// Current oplock state.
//
OPLOCK_STATE OplockState;
//
// Is it ok for us to do MPX reads to this RFCB?
//
BOOLEAN MpxReadsOk;#ifdef SRVCATCH
CHAR SrvCatch;#endif
#ifdef SRVDBG_RFCBHIST
UCHAR HistoryIndex; ULONG History[256];#endif
} RFCB, *PRFCB;
#ifdef SRVDBG_RFCBHIST
VOID UpdateRfcbHistory( PRFCB Rfcb, ULONG Event );#else
#define UpdateRfcbHistory(_rfcb,_event)
#endif
//
// Each incoming (request) and outgoing (response) buffer is represented
// by a BUFFER structure. This descriptor describes the size of the
// buffer, its address, and a full and partial MDL that may be used
// to describe the buffer.
//
// *** The descriptor contains a pointer to the real buffer, which is
// normally allocated out of nonpaged pool. The descriptor itself
// may be allocated out of the FSP heap, although receive buffer
// descriptors are allocated from nonpaged pool, so the FSD
// read/write code can access them.
//
typedef struct _BUFFER { PVOID Buffer; CLONG BufferLength; // Length allocated to buffer
PMDL Mdl; // MDL describing entire buffer
PMDL PartialMdl; // Partial MDL for read/write/etc.
CLONG DataLength; // Length of data currently in buffer
ULONG Reserved; // Pad to quadword
} BUFFER, *PBUFFER;
#define MIN_SEND_SIZE 512
#define MAX_PARTIAL_BUFFER_SIZE 65535
//
// For each search request that is started (Find First or core Search),
// a search block is allocated. This is used to hold enough information
// that the search may be quickly restarted or rewound.
//
// Ths InUse field is protected by Connection->Lock--this lock must be
// held when accessing this field of the search block.
//
typedef struct _SEARCH { BLOCK_HEADER BlockHeader;
HANDLE DirectoryHandle;
ULONG LastFileIndexReturned; UNICODE_STRING SearchName; UNICODE_STRING LastFileNameReturned;
LARGE_INTEGER LastUseTime; LIST_ENTRY LastUseListEntry; LIST_ENTRY HashTableEntry;
PSESSION Session; PTREE_CONNECT TreeConnect; ULONG SearchStorageType;
struct _DIRECTORY_CACHE *DirectoryCache; USHORT NumberOfCachedFiles;
USHORT SearchAttributes; SHORT CoreSequence; SHORT TableIndex; USHORT HashTableIndex;
USHORT Pid; USHORT Flags2;
BOOLEAN Wildcards; BOOLEAN InUse; BOOLEAN DownlevelTimewarp;
// WCHAR SearchNameData[SearchName.MaximumLength/2];
} SEARCH, *PSEARCH;
//
// Each pending transaction request (Transaction, Transaction2, and
// Ioctl) has a transaction block. It records information that is
// needed to stage input and output data across multiple SMBs.
//
// *******************************************************************
// * *
// * DO NOT CHANGE THIS STRUCTURE WITHOUT CHANGING THE CORRESPONDING *
// * STRUCTURE IN net\inc\xstypes.h! *
// * *
// *******************************************************************
//
typedef struct _TRANSACTION {
//
// *** NOTE: The reference count field in the transaction block
// header is not used! Instead, the reference count is
// in the NonpagedHeader structure.
//
BLOCK_HEADER BlockHeader;
PNONPAGED_HEADER NonpagedHeader;
//
// The connection, session, and tree connect pointers are referenced
// pointers if and only if Inserted is TRUE. Otherwise, they are
// simply copies of the work context block's pointers.
//
PCONNECTION Connection; PSESSION Session; PTREE_CONNECT TreeConnect;
LIST_ENTRY ConnectionListEntry;
UNICODE_STRING TransactionName; // not used if Transaction2
ULONG StartTime; ULONG Timeout; CLONG cMaxBufferSize; // if needed we stash this here
//
// The following pointers point into either the trailing portion
// of the transaction block or the last received SMB.
//
// *** ALL information in buffers pointed to by these parameters
// should ALWAYS be in little-endian format. Always use the
// macros defined in srvmacro.h (SmbGetAlignedUshort, etc.) to
// read from or write into these buffers.
//
PSMB_USHORT InSetup; PSMB_USHORT OutSetup; PCHAR InParameters; PCHAR OutParameters; PCHAR InData; PCHAR OutData;
//
// *** Data in all the remaining fields of the transaction block are
// in native format, so no special macros should be used, except
// when copying data to/from the actual SMB.
//
CLONG SetupCount; // amount received (all in first buffer)
CLONG MaxSetupCount; // max that can be sent back
CLONG ParameterCount; // amount received or sent
CLONG TotalParameterCount; // amount expected
CLONG MaxParameterCount; // max that can be sent back
CLONG DataCount; // amount received or sent
CLONG TotalDataCount; // amount expected
CLONG MaxDataCount; // max that can be sent back
USHORT Category; // Ioctl function category
USHORT Function; // Nt Transaction or ioctl function code
//
// The SMB data and paramters may or may not be copied to the
// transaction buffer. If they are not copied, they are read
// and/or written directly into an SMB buffer.
//
// Setup words are never copied.
//
BOOLEAN InputBufferCopied; // if FALSE input buffer is in SMB
BOOLEAN OutputBufferCopied; // if FALSE output buffer is in SMB
BOOLEAN OutDataAllocated; // if TRUE OutData buffer has been separately allocated
USHORT Flags;
USHORT Tid; USHORT Pid; USHORT Uid; USHORT OtherInfo;
HANDLE FileHandle; // Used only for CallNamedPipe processing
PFILE_OBJECT FileObject; // Used only for CallNamedPipe processing
//
// The following fields are used while the response is being sent.
//
CLONG ParameterDisplacement; CLONG DataDisplacement;
//
// PipeRequest is set for named pipe transactions. RemoteApiRequest
// is set for remote API requests.
//
BOOLEAN PipeRequest; BOOLEAN RemoteApiRequest;
//
// The following boolean is TRUE if the transaction has been inserted
// on the connection's transaction list. It will be FALSE when the
// transaction can be handled using a single SMB exchange.
//
BOOLEAN Inserted;
//
// This boolean is TRUE if the transaction is in the state where
// it is waiting for a transaction secondary request to come in
// to acknowledge the receipt of the previous piece of a multipiece
// transaction response.
//
BOOLEAN MultipieceIpxSend;
//
// This boolean is TRUE if all of the transaction data has been received
// and the transaction has been scheduled for execution.
//
BOOLEAN Executing;
//
// The main part of the transaction block is trailed by transaction
// name data and possibly setup words and parameter and data bytes.
//
} TRANSACTION, *PTRANSACTION;
//
// Each pending blocking open request has a BLOCKING_OPEN block. This
// block contains all the info needed to make the call into the file
// system.
typedef struct _BLOCKING_OPEN { BLOCK_HEADER BlockHeader;
PMFCB Mfcb;
PIO_STATUS_BLOCK IoStatusBlock;
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING RelativeName;
PVOID EaBuffer; CLONG EaLength;
LARGE_INTEGER AllocationSize; ULONG DesiredAccess; ULONG FileAttributes; ULONG ShareAccess; ULONG CreateDisposition; ULONG CreateOptions;
BOOLEAN CaseInsensitive;
} BLOCKING_OPEN, *PBLOCKING_OPEN;
//
// SRV_TIMER is used for timed operations. The server maintains a pool
// of these structures.
//
typedef struct _SRV_TIMER { SLIST_ENTRY Next; KEVENT Event; KTIMER Timer; KDPC Dpc;} SRV_TIMER, *PSRV_TIMER;
typedef struct _IPX_CLIENT_ADDRESS { TA_IPX_ADDRESS IpxAddress; TDI_CONNECTION_INFORMATION Descriptor; IPX_DATAGRAM_OPTIONS DatagramOptions;} IPX_CLIENT_ADDRESS, *PIPX_CLIENT_ADDRESS;
//
// The state for an I/O request is maintained in a Work Context Block.
// Various fields in the block are filled in or not depending upon the
// request. When a worker thread removes a work item from the FSP work
// queue, it uses the context block, and items pointed to by the
// context block, to determine what to do.
//
// *** Not all of the back pointers have to be here, because a tree
// connect points to a session, which points to a connection, which
// points to an endpoint, etc. However, depending on the operation
// and the state of the operation, we may have a connection pointer
// but no session pointer, etc. So we maintain all of the
// pointers.
//
// *** Any changes to the first 2 elements of this structure must be
// made in concert with the SPECIAL_WORK_ITEM structure in srvtypes.h
//
typedef struct _WORK_CONTEXT {
//
// The list entry in the block header is used to queue the WC for to
// the nonblocking or blocking worker thread work queue. The
// nonblocking work queue also contains RFCBs.
//
// *** Note that this is an unnamed field, so that its elements can
// can be referenced directly. The field names defined in
// QUEUEABLE_BLOCK_HEADER cannot be used elsewhere in this
// block.
//
// Timestamp (in the block header) is used to calculate the total
// time this work context block was on the work queue.
//
// When the work context block is not in use, Timestamp is used to
// record the time at which the block was inserted on the free list.
// This is used to determine when dynamically-allocated work context
// blocks have been idle long enough justify their deletion.
//
// FspRestartRoutine (in the block header) is the routine that is to
// be called by worker thread when the work item is dequeued from
// the work queue.
//
QUEUEABLE_BLOCK_HEADER ; // must be first element
//
// This is the WORK_QUEUE to queue on if we're doing nonblocking work
// It will always point to a valid WORK_QUEUE, even if we're doing
// blocking work.
//
PWORK_QUEUE CurrentWorkQueue;
//
// The free list this should be returned to when work is done
//
PSLIST_HEADER FreeList;
//
// FsdRestartRoutine is the routine that is to be called by the
// FSD's I/O completion routine. This routine can do more
// processing or queue the work item to the FSP. In this case, when
// a worker thread removes the item from the work queue, it calls
// FspRestartRoutine.
//
PRESTART_ROUTINE FsdRestartRoutine;
//
// Linkage field for the in-progress work item list.
//
LIST_ENTRY InProgressListEntry;
//
// Pointers to various structures that might be used.
// These pointers are all referenced pointers. It is
// the responsibility of the SMB processing routines to
// dereference and clear these pointers when they are no
// longer needed.
//
PRFCB Rfcb; PSHARE Share; PSESSION Session; PTREE_CONNECT TreeConnect; PSECURITY_CONTEXT SecurityContext;
//
// These are gathered in one place to facilitate quick zeroing
// of their values when the work context is finished
//
struct _WorkContextZeroBeforeReuse { //
// unreferenced pointer to the endpoint structure for
// this work context. Filled in by SrvRestartReceive and
// available to all SMB processing routines.
//
// Endpoint must be the first element in this structure. See
// INITIALIZE_WORK_CONTEXT in srvmacro.h if changed.
//
PENDPOINT Endpoint; // not a referenced pointer
//
// referenced pointer to the connection structure for this
// this work context. Filled in by SrvRestartReceive and
// available to all SMB processing routines.
//
PCONNECTION Connection; // a reference pointer
//
// The number of times this SMB has been queued to a worker thread
// for processing.
//
ULONG ProcessingCount;
//
// This is a random collection of flags that are needed to steer
// the WorkItem
//
struct {
//
// Can the processing of the current SMB block?
//
ULONG BlockingOperation : 1;
//
// UsingExtraSmbBuffer is TRUE if this work context uses the an extra SMB
// buffer.
//
ULONG UsingExtraSmbBuffer : 1;
//
// Did this Work Item cause a successful oplock open to occur?
//
ULONG OplockOpen : 1;
//
// If we got an ACCESS_DENIED error when opening a file, was it because
// of share ACL checking?
ULONG ShareAclFailure : 1;
//
// Should the WorkContext be queued to the head of the list?
//
ULONG QueueToHead : 1;
//
// Even if security signatures are enabled, do not generate a signature for
// this response.
//
ULONG NoResponseSmbSecuritySignature : 1;
//
// The indicated message exceeds the SMB buffer size. This is allowed
// only for specific SMB(s)
//
ULONG LargeIndication: 1;
#if DBG_STUCK
//
// Do not include this operation in the StuckOperation catching logic
// which is in the scavenger
//
ULONG IsNotStuck : 1;#endif
};
// For SnapShot usage
LARGE_INTEGER SnapShotTime;
};
//
// Pointers to allocated buffers. RequestBuffer is the buffer into
// which the SMB is read. ResponseBuffer is the buffer into which
// the response is written.
//
// *** Currently, ResponseBuffer is always the same as
// RequestBuffer. We have separate pointers in order to reduce
// dependence on this being the case.
//
PBUFFER RequestBuffer; PBUFFER ResponseBuffer;
//
// SMB processing pointers. These are pointers into the request
// buffer. They are maintained in the work context block in support
// of SMB processors that do asynchronous I/O.
//
// Separate request and response parameter pointers are maintained
// to make AndX processing simpler and more efficient. RequestHeader
// is normally the same as ResponseHeader -- both are normally the
// same as RequestBuffer.Buffer. SMB processing code must not depend
// on this -- it must not assume the the request and response buffers
// are the same, nor can it assume that they are different. Special
// rules around AndX SMBs do allow them to assume that the response
// to one command will not overwrite the next request.
//
PSMB_HEADER RequestHeader; PVOID RequestParameters; PSMB_HEADER ResponseHeader; PVOID ResponseParameters;
//
// Pointer to the IRP associated with this work item.
//
PIRP Irp;
//
// StartTime stores the time at which processing of the current
// request began so that the turnaround time may be calculated.
//
ULONG StartTime;
//
// The PartOfInitialAllocation boolean indicates whether this work
// item is part of the block of work items allocated at server
// startup (see blkwork.c\SrvAllocateInitialWorkItems). Such work
// items cannot be deleted during server operation. A work item
// that is dynamically allocated in response to server load does not
// have this bit set, and is a candidate for deletion when the
// server's load decreases.
//
ULONG PartOfInitialAllocation;
//
// The following field contadins the command code of the next
// command to be processed in an SMB. The SMB processing
// initializer and chained (AndX) SMB command processors load this
// field prior to calling or returning to SrvProcessSmb.
//
UCHAR NextCommand;
//
// ClientAddress is used when receiving or sending over IPX.
//
PIPX_CLIENT_ADDRESS ClientAddress;
//
// Spin lock protecting reference count.
//
KSPIN_LOCK SpinLock;
//
// The security signature index for the request
//
ULONG SmbSecuritySignatureIndex;
//
// The security signature index for the response
//
ULONG ResponseSmbSecuritySignatureIndex;
//
// The following union is used to hold request-specific state while
// a response is being sent or while waiting for more data.
//
union {
//
// RemainingEchoCount is used when processing the Echo SMB.
//
USHORT RemainingEchoCount;
//
// Structure used for lock processing. This structure is
// currently used when processing the Lock, LockingAndX, and the
// LockAndRead SMBs.
//
struct {
//
// LockRange is used when processing the LockingAndX SMB. It is
// really either a PLOCKING_ANDX_RANGE, or a PNTLOCKING_ANDX_RANGE
// not just a PVOID.
//
PVOID LockRange;
//
// Timer is a timer and DPC used to timeout lock requests.
//
PSRV_TIMER Timer;
} Lock;
//
// Transaction is used when processing the Transaction[2] SMBs.
// Or when processing a write and X SMB.
//
PTRANSACTION Transaction;
//
// MdlIo is used when processing the ReadRaw or WriteRaw
// SMBs when "MDL read" or "MDL write" is used. It
// retains the status of the response send while the MDL is
// returned to the file system.
//
struct { IO_STATUS_BLOCK IoStatus; ULONG IrpFlags; } MdlIo;
//
// LastWriteTime is used when processing any Read or Write SMB
// that uses RestartChainedClose as a restart routine. This
// field contains the new last write time to set for the file.
//
ULONG LastWriteTime;
//
// CurrentTableIndex is used when processing the Flush SMB. It
// retains the current index into the connection's file table
// when an asynchronous flush is in progress.
//
LONG CurrentTableIndex;
//
// ReadRaw is used when processing the Read Block Raw SMB.
// Offset is the file offset of the read. SavedResponseBuffer
// points to the original SMB response buffer descriptor, which
// is temporarily replaced by a descriptor for the raw read
// buffer. MdlRead indicates whether an MDL read was used,
// rather than a Copy read.
//
struct {
union {
//
// Used for non named pipe reads
//
LARGE_INTEGER Offset; ULONG Length;
//
// Used only for named pipe reads
//
PFILE_PIPE_PEEK_BUFFER PipePeekBuffer;
} ReadRawOtherInfo;
PBUFFER SavedResponseBuffer;
BOOLEAN MdlRead;
} ReadRaw;
//
// WriteRaw is used when processing the Write Block Raw SMB.
// FinalResponseBuffer points to the buffer allocated to contain
// the final response SMB, if writethrough mode was specified.
// Offset is the file offset of the write. ImmediateLength is
// the amount of write data that was sent with the request SMB.
// Pid is the PID of the writer, used to form the lock key on
// the write. FileObject is a pointer to the file object copied
// from the LFCB. (Pid is not used when MDL write is used;
// FileObject is not used when copy write is used.)
//
struct { struct _WORK_CONTEXT *RawWorkContext; } WriteRawPhase1;
struct { LARGE_INTEGER Offset; ULONG Length; PVOID FinalResponseBuffer; CLONG ImmediateLength; PMDL FirstMdl; //PFILE_OBJECT FileObject;
USHORT Pid; BOOLEAN MdlWrite; BOOLEAN ImmediateWriteDone; } WriteRaw;
//
// ReadAndX is the structure used when handling the ReadAndX
// SMB.
//
struct { LARGE_INTEGER ReadOffset; ULONG ReadLength; PCHAR ReadAddress; union { struct { PFILE_PIPE_PEEK_BUFFER PipePeekBuffer; ULONG LastWriteTimeInSeconds; // used if Close is chained
}; struct { // used for ReadLength > negotiated size
PBYTE Buffer; // allocated paged pool, if copy read
PMDL SavedMdl; PMDL CacheMdl; USHORT PadCount; BOOLEAN MdlRead; }; }; } ReadAndX;
#define READX_BUFFER_OFFSET (sizeof(SMB_HEADER) + FIELD_OFFSET(RESP_READ_ANDX, Buffer) )
//
// WriteAndX is the structure used when handling the flavor of WriteAndX that
// exceeds the negotiated buffer size
//
struct { ULONG CurrentWriteLength; // amount of data that was written this time
LARGE_INTEGER Offset; // file offset for this piece of the write
ULONG RemainingWriteLength; // amount of data remaining to be read from xport
ULONG Key; // lock key for the operation
PCHAR WriteAddress; // address in buffer for the data
ULONG BufferLength; // Maximum buffer length in this WorkContext
NTSTATUS FinalStatus; // Final status of the operation
PMDL MdlAddress; // File MDL if MdlWrite == TRUE
BOOLEAN InitialComplete; // TRUE if we have written first part to the file
} WriteAndX;
//
// ReadMpx is the structure used when handling the ReadMpx SMB, unless
// we have a SmartCard accelerating our reads. In this case,
// SmartCardRead is used.
//
struct { ULONG Offset; USHORT FragmentSize; USHORT RemainingLength; ULONG ReadLength; BOOLEAN MdlRead; UCHAR Unused; USHORT CurrentMdlOffset; // logically part of MDL read struct below
union { struct { PVOID MpxBuffer; PMDL MpxBufferMdl; PCHAR NextFragmentAddress; } ; struct { PMDL FirstMdl; PMDL CurrentMdl; } ; } ; } ReadMpx;
//
// SmartCardRead is used to handle direct host read requests if we have
// a Smart Card accelerating the particular request.
//
struct { PDEVICE_OBJECT DeviceObject; PFAST_IO_MDL_READ_COMPLETE MdlReadComplete; } SmartCardRead;
//
// WriteMpx is the structure used when handling the WriteMpx SMB.
//
struct { ULONG Offset; USHORT WriteLength; USHORT Mid; BOOLEAN FirstPacketOfGlom; PVOID Buffer; ULONG ReceiveDatagramFlags; PVOID TransportContext; PMDL DataMdl; } WriteMpx;
struct { LARGE_INTEGER CacheOffset; ULONG WriteLength; PMDL CacheMdl; } WriteMpxMdlWriteComplete;
//
// FastTransactNamedPipe is used when handling a small named pipe
// transaction.
//
struct { PSMB_USHORT OutSetup; PCHAR OutParam; PCHAR OutData; } FastTransactNamedPipe;
} Parameters;
// !!! check whether the compiler leaves a dword gap here!
//
// The following union holds state information about SMBs in progress
// waiting for an oplock break. It is kept separate from the Parameters
// union, since information from both is needed to process some SMBs.
//
union {
//
// Open is the structure used when handling the Open,
// OpenAndX, Open2, Create, or CreateTemporary SMB.
//
struct { PRFCB Rfcb; PFILE_FULL_EA_INFORMATION NtFullEa; ULONG EaErrorOffset;
//
// The Irp used to open the file is the same Irp used to handle
// the oplock processing. This can cause us to lose the original
// iosb->Information. Save it here.
//
ULONG_PTR IosbInformation;
//
// If TRUE, the file was opened only in order to get a handle
// so that we can wait for an oplock to break. This handle will
// be immediately closed, and the open will be retried with the
// user requested access.
//
BOOLEAN TemporaryOpen; } Open;
//
// FileInformation is the structure used when handling the
// QueryInformation, SetInformation, QueryPathInformation,
// or SetPathInformation SMB.
//
struct { HANDLE FileHandle; } FileInformation;
//
// LockLength is used to contain the length of a byte range
// lock since the IRP stack location has no room to hold it.
LARGE_INTEGER LockLength;
} Parameters2;
//
// This field is used when the current operation is blocked waiting
// for an oplock break to occur.
//
struct _WAIT_FOR_OPLOCK_BREAK *WaitForOplockBreak;
union { //
// where we keep the actual client address data.
//
IPX_CLIENT_ADDRESS ClientAddressData;
//
// For a VC-based client, this is the amount of available data if
// LargeIndication is set (above)
//
ULONG BytesAvailable; };
struct { LARGE_INTEGER G_StartTime; ULONG ElapseKCPU; ULONG ElapseUCPU; ULONG ClientAddr; PFILE_OBJECT FileObject; };
ULONG KCPUStart; ULONG UCPUStart; UCHAR PreviousSMB; UCHAR bAlreadyTrace; USHORT FileNameSize; WCHAR strFileName[1024];
#if DBG_STUCK
//
// Time at which this work context was allocated for this current
// unit of work. This time is examined by debugging code in the
// scavenger to help find operations which are taking too long
// to complete.
//
LARGE_INTEGER OpStartTime;#endif
} WORK_CONTEXT, *PWORK_CONTEXT;
//
// Structure used to maintain information about a thread waiting for
// an oplock break.
//
typedef struct _WAIT_FOR_OPLOCK_BREAK { BLOCK_HEADER BlockHeader; LIST_ENTRY ListEntry; LARGE_INTEGER TimeoutTime; PIRP Irp; WAIT_STATE WaitState;} WAIT_FOR_OPLOCK_BREAK, *PWAIT_FOR_OPLOCK_BREAK;
�//
// Block manager routines
//
//
// Buffer routines
//
VOIDSrvAllocateBuffer ( OUT PBUFFER *Buffer, IN CLONG BufferLength );
VOIDSrvFreeBuffer ( IN PBUFFER Buffer );
//
// Connection routines
//
VOIDSrvAllocateConnection ( OUT PCONNECTION *Connection );
VOIDSrvCloseConnection ( IN PCONNECTION Connection, IN BOOLEAN RemoteDisconnect );
VOIDSrvCloseConnectionsFromClient( IN PCONNECTION Connection, IN BOOLEAN OnlyIfNoSessions );
VOIDSrvCloseFreeConnection ( IN PCONNECTION Connection );
VOIDSrvDereferenceConnection ( IN PCONNECTION Connection );
VOIDSrvFreeConnection ( IN PCONNECTION Connection );
#if DBG
NTSTATUSSrvQueryConnections ( OUT PVOID Buffer, IN ULONG BufferLength, OUT PULONG BytesWritten );#endif
//
// Endpoint routines
//
VOIDSrvAllocateEndpoint ( OUT PENDPOINT *Endpoint, IN PUNICODE_STRING NetworkName, IN PUNICODE_STRING TransportName, IN PANSI_STRING TransportAddress, IN PUNICODE_STRING DomainName );
BOOLEAN SRVFASTCALLSrvCheckAndReferenceEndpoint ( IN PENDPOINT Endpoint );
VOIDSrvCloseEndpoint ( IN PENDPOINT Endpoint );
VOID SRVFASTCALLSrvDereferenceEndpoint ( IN PENDPOINT Endpoint );
VOIDSrvFreeEndpoint ( IN PENDPOINT Endpoint );
VOIDSrvReferenceEndpoint ( IN PENDPOINT Endpoint );
BOOLEANSrvFindNamedEndpoint ( IN PUNICODE_STRING ServerName, IN PBOOLEAN RemapPipeNames OPTIONAL );
VOIDEmptyFreeConnectionList ( IN PENDPOINT Endpoint );
PCONNECTIONWalkConnectionTable ( IN PENDPOINT Endpoint, IN PUSHORT Index );
//
// Local File Control Block routines
//
VOIDSrvAllocateLfcb ( OUT PLFCB *Lfcb, IN PWORK_CONTEXT WorkContext );
VOIDSrvCloseLfcb ( IN PLFCB Lfcb );
VOIDSrvDereferenceLfcb ( IN PLFCB Lfcb );
VOIDSrvFreeLfcb ( IN PLFCB Lfcb, IN PWORK_QUEUE queue );
VOIDSrvReferenceLfcb ( IN PLFCB Lfcb );
//
// Master File Control Block routines
//
PMFCBSrvCreateMfcb( IN PUNICODE_STRING FileName, IN PWORK_CONTEXT WorkContext, IN ULONG HashValue );
PMFCBSrvFindMfcb( IN PUNICODE_STRING FileName, IN BOOLEAN CaseInsensitive, OUT PSRV_LOCK *Lock, OUT PULONG HashValue, IN PWORK_CONTEXT WorkContext );
VOIDSrvDereferenceMfcb ( IN PMFCB Mfcb );
VOIDSrvFreeMfcb ( IN PMFCB Mfcb );
VOIDSrvUnlinkLfcbFromMfcb ( IN PLFCB Lfcb );
//
// Remote File Control Block routines
//
VOID SRVFASTCALLSrvAllocateRfcb ( OUT PRFCB *Rfcb, IN PWORK_CONTEXT WorkContext );
BOOLEAN SRVFASTCALLSrvCheckAndReferenceRfcb ( IN PRFCB Rfcb );
VOID SRVFASTCALLSrvCloseRfcb ( IN PRFCB Rfcb );
VOIDSrvCloseRfcbsOnLfcb ( PLFCB Lfcb );
VOIDSrvCloseRfcbsOnSessionOrPid ( IN PSESSION Session, IN PUSHORT Pid OPTIONAL );
VOIDSrvCloseRfcbsOnTree ( PTREE_CONNECT TreeConnect );
VOIDSrvCompleteRfcbClose ( IN PRFCB Rfcb );
VOID SRVFASTCALLSrvDereferenceRfcb ( IN PRFCB Rfcb );
VOID SRVFASTCALLSrvFreeRfcb ( IN PRFCB Rfcb, IN PWORK_QUEUE queue );
VOID SRVFASTCALLSrvReferenceRfcb ( IN PRFCB Rfcb );
BOOLEANSrvFindCachedRfcb ( IN PWORK_CONTEXT WorkContext, IN PMFCB Mfcb, IN ACCESS_MASK DesiredAccess, IN ULONG ShareAccess, IN ULONG CreateDisposition, IN ULONG CreateOptions, IN OPLOCK_TYPE RequestedOplockType, OUT PNTSTATUS Status );
VOIDSrvCloseCachedRfcb ( IN PRFCB Rfcb, IN KIRQL OldIrql );
VOIDSrvCloseCachedRfcbsOnConnection ( IN PCONNECTION Connection );
VOIDSrvCloseCachedRfcbsOnLfcb ( IN PLFCB Lfcb );
ULONGSrvCountCachedRfcbsForTid( PCONNECTION connection, USHORT Tid);
ULONGSrvCountCachedRfcbsForUid( PCONNECTION connection, USHORT Uid);
//
// Search Block routines
//
typedefBOOLEAN(*PSEARCH_FILTER_ROUTINE) ( IN PSEARCH Search, IN PVOID FunctionParameter1, IN PVOID FunctionParameter2 );
VOIDSrvAllocateSearch ( OUT PSEARCH *Search, IN PUNICODE_STRING SearchName, IN BOOLEAN IsCoreSearch );
VOIDSrvCloseSearch ( IN PSEARCH Search );
VOIDSrvCloseSearches ( IN PCONNECTION Connection, IN PSEARCH_FILTER_ROUTINE SearchFilterRoutine, IN PVOID FunctionParameter1, IN PVOID FunctionParameter2 );
VOIDSrvDereferenceSearch ( IN PSEARCH Search );
VOIDSrvFreeSearch ( IN PSEARCH Search );
VOIDSrvReferenceSearch ( IN PSEARCH Search );
BOOLEANSrvSearchOnDelete( IN PSEARCH Search, IN PUNICODE_STRING DirectoryName, IN PTREE_CONNECT TreeConnect );
BOOLEANSrvSearchOnPid( IN PSEARCH Search, IN USHORT Pid, IN PVOID Dummy );
BOOLEANSrvSearchOnSession( IN PSEARCH Search, IN PSESSION Session, IN PVOID Dummy );
BOOLEANSrvSearchOnTreeConnect( IN PSEARCH Search, IN PTREE_CONNECT TreeConnect, IN PVOID Dummy );
VOIDSrvForceTimeoutSearches( IN PCONNECTION Connection );
ULONGSrvTimeoutSearches( IN PLARGE_INTEGER SearchCutoffTime OPTIONAL, IN PCONNECTION Connection, IN BOOLEAN OnlyTimeoutOneBlock );
VOIDRemoveDuplicateCoreSearches( IN PPAGED_CONNECTION PagedConnection );
VOIDSrvAddToSearchHashTable( IN PPAGED_CONNECTION PagedConnection, IN PSEARCH Search );
//
// Cached directory routines
//
BOOLEANSrvIsDirectoryCached ( IN PWORK_CONTEXT WorkContext, IN PUNICODE_STRING DirectoryName );
VOIDSrvCacheDirectoryName ( IN PWORK_CONTEXT WorkContext, IN PUNICODE_STRING DirectoryName );
VOIDSrvRemoveCachedDirectoryName ( IN PWORK_CONTEXT WorkContext, IN PUNICODE_STRING DirectoryName );
VOIDSrvCloseCachedDirectoryEntries ( IN PCONNECTION Connection );
//
// Security Context routines
//
PSECURITY_CONTEXTSrvAllocateSecurityContext();
VOIDSrvSetSecurityContext( PSECURITY_CONTEXT Context, PCtxtHandle handle );
VOIDSrvReferenceSecurityContext( PSECURITY_CONTEXT Context );
VOIDSrvDereferenceSecurityContext( PSECURITY_CONTEXT Context );
VOIDSrvReplaceSessionSecurityContext( PSESSION Session, PSECURITY_CONTEXT Context, PWORK_CONTEXT WorkContext );
//
// Session routines
//
VOIDSrvAllocateSession ( OUT PSESSION *Session, IN PUNICODE_STRING UserName, IN PUNICODE_STRING Domain );
BOOLEAN SRVFASTCALLSrvCheckAndReferenceSession ( IN PSESSION Session );
VOIDSrvCloseSession ( IN PSESSION Session );
VOIDSrvCloseSessionsOnConnection ( IN PCONNECTION Connection, IN PUNICODE_STRING UserName OPTIONAL );
VOID SRVFASTCALLSrvDereferenceSession ( IN PSESSION Session );
VOIDSrvFreeSession ( IN PSESSION Session );
//
// Smb Security Signature Routines
//
BOOLEAN SRVFASTCALLSrvCheckSmbSecuritySignature( IN PWORK_CONTEXT WorkContext );
VOID SRVFASTCALLSrvAddSmbSecuritySignature( IN OUT PWORK_CONTEXT WorkContext, IN PMDL Mdl, IN ULONG SendLength );
VOID SRVFASTCALLSrvInitializeSmbSecuritySignature( IN OUT PCONNECTION Connection, IN PUCHAR SessionKey, IN PUCHAR ChallengeResponse, IN ULONG ChallengeResponseLength );
VOIDSrvHashUserSessionKey( PCHAR SessionKey );
//
// Share routines
//
VOIDSrvAllocateShare ( OUT PSHARE *Share, IN PUNICODE_STRING ShareName, IN PUNICODE_STRING NtPathName, IN PUNICODE_STRING DosPathName, IN PUNICODE_STRING Remark, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_DESCRIPTOR FileSecurityDescriptor OPTIONAL, IN SHARE_TYPE ShareType );
VOIDSrvCloseShare ( IN PSHARE Share );
VOIDSrvDereferenceShare ( IN PSHARE Share );
VOIDSrvDereferenceShareForTreeConnect ( PSHARE Share );
VOIDSrvFreeShare ( IN PSHARE Share );
VOIDSrvReferenceShare ( IN PSHARE Share );
NTSTATUSSrvReferenceShareForTreeConnect ( PSHARE Share );
//
// Table routines
//
VOIDSrvAllocateTable ( IN PTABLE_HEADER TableHeader, IN ULONG NumberOfEntries, IN BOOLEAN Nonpaged );
#define SrvFreeTable( _table ) { \
if ( (_table)->Nonpaged ) { \ DEALLOCATE_NONPAGED_POOL( (_table)->Table ); \ } else { \ FREE_HEAP( (_table)->Table ); \ } \ DEBUG (_table)->Table = NULL; \ DEBUG (_table)->TableSize = -1; \ DEBUG (_table)->FirstFreeEntry = -1; \ DEBUG (_table)->LastFreeEntry = -1; \ }
BOOLEANSrvGrowTable ( IN PTABLE_HEADER TableHeader, IN ULONG NumberOfNewEntries, IN ULONG MaxNumberOfEntries, OUT NTSTATUS* pStatus );
VOIDSrvRemoveEntryTable ( IN PTABLE_HEADER TableHeader, IN USHORT Index );
//
// Transaction routines
//
VOIDSrvAllocateTransaction ( OUT PTRANSACTION *Transaction, OUT PVOID *TrailingBytes, IN PCONNECTION Connection, IN CLONG TrailingByteCount, IN PVOID TransactionName, IN PVOID EndOfSourceBuffer OPTIONAL, IN BOOLEAN SourceIsUnicode, IN BOOLEAN RemoteApiRequest );
VOIDSrvCloseTransaction ( IN PTRANSACTION Transaction );
VOIDSrvCloseTransactionsOnSession ( PSESSION Session );
VOIDSrvCloseTransactionsOnTree ( PTREE_CONNECT TreeConnect );
VOIDSrvDereferenceTransaction ( IN PTRANSACTION Transaction );
VOIDSrvFreeTransaction ( IN PTRANSACTION Transaction );
PTRANSACTIONSrvFindTransaction ( IN PCONNECTION Connection, IN PSMB_HEADER Header, IN USHORT Fid OPTIONAL );
BOOLEANSrvInsertTransaction ( IN PTRANSACTION Transaction );
//
// Tree connect routines
//
VOIDSrvAllocateTreeConnect ( OUT PTREE_CONNECT *TreeConnect, IN PUNICODE_STRING ServerName OPTIONAL );
BOOLEAN SRVFASTCALLSrvCheckAndReferenceTreeConnect ( IN PTREE_CONNECT TreeConnect );
VOIDSrvCloseTreeConnect ( IN PTREE_CONNECT TreeConnect );
VOID SRVFASTCALLSrvDereferenceTreeConnect ( IN PTREE_CONNECT TreeConnect );
VOIDSrvFreeTreeConnect ( IN PTREE_CONNECT TreeConnect );
VOIDSrvDisconnectTreeConnectsFromSession ( PCONNECTION connection, PSESSION Session );
VOIDSrvCloseTreeConnectsOnShare ( IN PSHARE Share );
//
// Work item routines (includes work contexts, buffers, MDLs, IRPs, etc)
//
NTSTATUSSrvAllocateInitialWorkItems ( VOID );
NTSTATUSSrvAllocateNormalWorkItem ( OUT PWORK_CONTEXT *WorkContext, IN PWORK_QUEUE queue );
VOIDSrvAllocateRawModeWorkItem ( OUT PWORK_CONTEXT *WorkContext, IN PWORK_QUEUE queue);
PWORK_CONTEXTSrvGetRawModeWorkItem ( VOID );
VOIDSrvRequeueRawModeWorkItem ( IN PWORK_CONTEXT WorkContext );
VOID SRVFASTCALLSrvDereferenceWorkItem ( IN PWORK_CONTEXT WorkContext );
VOIDSrvFsdDereferenceWorkItem ( IN PWORK_CONTEXT WorkContext );
NTSTATUSSrvAllocateExtraSmbBuffer ( IN OUT PWORK_CONTEXT WorkContext );
VOIDSrvAllocateWaitForOplockBreak ( OUT PWAIT_FOR_OPLOCK_BREAK *WaitForOplockBreak );
VOIDSrvDereferenceWaitForOplockBreak ( IN PWAIT_FOR_OPLOCK_BREAK WaitForOplockBreak );
VOIDSrvFreeWaitForOplockBreak ( IN PWAIT_FOR_OPLOCK_BREAK WaitForOplockBreak );
VOIDSrvOplockWaitTimeout( IN PWAIT_FOR_OPLOCK_BREAK WaitForOplockBreak );
NTSTATUSSrvCheckOplockWaitState( IN PWAIT_FOR_OPLOCK_BREAK WaitForOplockBreak );
NTSTATUSSrvWaitForOplockBreak ( IN PWORK_CONTEXT WorkContext, IN HANDLE FileHandle );
NTSTATUSSrvStartWaitForOplockBreak ( IN PWORK_CONTEXT WorkContext, IN PRESTART_ROUTINE RestartRoutine, IN HANDLE Handle OPTIONAL, IN PFILE_OBJECT FileObject OPTIONAL );
VOIDSrvSendDelayedOplockBreak ( IN PCONNECTION Connection );
VOIDSrvFreeInitialWorkItems ( VOID );
VOIDSrvFreeNormalWorkItem ( IN PWORK_CONTEXT WorkContext );
VOIDSrvFreeRawModeWorkItem ( IN PWORK_CONTEXT WorkContext );
//
// Timer routines
//
PSRV_TIMERSrvAllocateTimer ( VOID );
VOIDSrvCancelTimer ( IN PSRV_TIMER Timer );
#define SrvDeleteTimer(_timer) DEALLOCATE_NONPAGED_POOL(_timer)
#define SrvFreeTimer(_timer) \
ExInterlockedPushEntrySList(&SrvTimerList, &(_timer)->Next, &GLOBAL_SPIN_LOCK(Timer))
VOIDSrvSetTimer ( IN PSRV_TIMER Timer, IN PLARGE_INTEGER Timeout, IN PKDEFERRED_ROUTINE TimeoutHandler, IN PVOID Context );
#if SRVDBG2
VOIDSrvInitializeReferenceHistory ( IN PBLOCK_HEADER Block, IN LONG InitialReferenceCount );
VOIDSrvUpdateReferenceHistory ( IN PBLOCK_HEADER Block, IN PVOID Caller, IN PVOID CallersCaller, IN BOOLEAN IsDereference );
VOIDSrvTerminateReferenceHistory ( IN PBLOCK_HEADER Block );
#define INITIALIZE_REFERENCE_HISTORY(block) \
SrvInitializeReferenceHistory( \ &(block)->BlockHeader, \ ((PBLOCK_HEADER)(block))->ReferenceCount \ )
#define UPDATE_REFERENCE_HISTORY(block,isdereference) \
{ \ PVOID caller, callerscaller; \ RtlGetCallersAddress( &caller, &callerscaller ); \ SrvUpdateReferenceHistory( \ &(block)->BlockHeader, \ caller, \ callerscaller, \ isdereference \ ); \ }
#define TERMINATE_REFERENCE_HISTORY(block) \
SrvTerminateReferenceHistory( &(block)->BlockHeader )
#else
#define INITIALIZE_REFERENCE_HISTORY(block)
#define UPDATE_REFERENCE_HISTORY(block,isdereference)
#define TERMINATE_REFERENCE_HISTORY(block)
#endif // if SRVDBG2
#endif // ndef _SRVBLOCK
|
