Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

798 lines
20 KiB

  1. /*++
  2. Copyright (c) 1997-2000 Microsoft Corporation
  3. Module Name:
  4. Pnp.c
  5. Abstract:
  6. This module implements the Plug and Play routines for UDFS called by
  7. the dispatch driver.
  8. // @@BEGIN_DDKSPLIT
  9. Author:
  10. Dan Lovinger [DanLo] 23-Jul-1997
  11. Revision History:
  12. // @@END_DDKSPLIT
  13. --*/
  14. #include "UdfProcs.h"
  15. //
  16. // The Bug check file id for this module
  17. //
  18. #define BugCheckFileId (UDFS_BUG_CHECK_PNP)
  19. NTSTATUS
  20. UdfPnpQueryRemove (
  21. PIRP_CONTEXT IrpContext,
  22. PIRP Irp,
  23. PVCB Vcb
  24. );
  25. NTSTATUS
  26. UdfPnpRemove (
  27. PIRP_CONTEXT IrpContext,
  28. PIRP Irp,
  29. PVCB Vcb
  30. );
  31. NTSTATUS
  32. UdfPnpSurpriseRemove (
  33. PIRP_CONTEXT IrpContext,
  34. PIRP Irp,
  35. PVCB Vcb
  36. );
  37. NTSTATUS
  38. UdfPnpCancelRemove (
  39. PIRP_CONTEXT IrpContext,
  40. PIRP Irp,
  41. PVCB Vcb
  42. );
  43. NTSTATUS
  44. UdfPnpCompletionRoutine (
  45. IN PDEVICE_OBJECT DeviceObject,
  46. IN PIRP Irp,
  47. IN PVOID Contxt
  48. );
  49. #ifdef ALLOC_PRAGMA
  50. #pragma alloc_text(PAGE, UdfCommonPnp)
  51. #pragma alloc_text(PAGE, UdfPnpCancelRemove)
  52. #pragma alloc_text(PAGE, UdfPnpQueryRemove)
  53. #pragma alloc_text(PAGE, UdfPnpRemove)
  54. #pragma alloc_text(PAGE, UdfPnpSurpriseRemove)
  55. #endif
  56. NTSTATUS
  57. UdfCommonPnp (
  58. IN PIRP_CONTEXT IrpContext,
  59. IN PIRP Irp
  60. )
  61. /*++
  62. Routine Description:
  63. This is the common routine for doing PnP operations called
  64. by both the fsd and fsp threads
  65. Arguments:
  66. Irp - Supplies the Irp to process
  67. Return Value:
  68. NTSTATUS - The return status for the operation
  69. --*/
  70. {
  71. NTSTATUS Status;
  72. BOOLEAN PassThrough = FALSE;
  73. PIO_STACK_LOCATION IrpSp;
  74. PVOLUME_DEVICE_OBJECT OurDeviceObject;
  75. PVCB Vcb;
  76. //
  77. // Get the current Irp stack location.
  78. //
  79. IrpSp = IoGetCurrentIrpStackLocation( Irp );
  80. //
  81. // Find our Vcb. This is tricky since we have no file object in the Irp.
  82. //
  83. OurDeviceObject = (PVOLUME_DEVICE_OBJECT) IrpSp->DeviceObject;
  84. //
  85. // IO holds a handle reference on our VDO and holds the device lock, which
  86. // syncs us against mounts/verifies. However we hold no reference on the
  87. // volume, which may already have been torn down (and the Vpb freed), for
  88. // example by a force dismount. Check for this condition. We must hold this
  89. // lock until the pnp worker functions take additional locks/refs on the Vcb.
  90. //
  91. UdfAcquireUdfData( IrpContext);
  92. //
  93. // Make sure this device object really is big enough to be a volume device
  94. // object. If it isn't, we need to get out before we try to reference some
  95. // field that takes us past the end of an ordinary device object.
  96. //
  97. if (OurDeviceObject->DeviceObject.Size != sizeof(VOLUME_DEVICE_OBJECT) ||
  98. NodeType( &OurDeviceObject->Vcb ) != UDFS_NTC_VCB) {
  99. //
  100. // We were called with something we don't understand.
  101. //
  102. Status = STATUS_INVALID_PARAMETER;
  103. UdfReleaseUdfData( IrpContext);
  104. UdfCompleteRequest( IrpContext, Irp, Status );
  105. return Status;
  106. }
  107. //
  108. // Force all PnP operations to be synchronous.
  109. //
  110. SetFlag( IrpContext->Flags, IRP_CONTEXT_FLAG_WAIT );
  111. Vcb = &OurDeviceObject->Vcb;
  112. //
  113. // Check that the Vcb hasn't already been deleted. If so, just pass the
  114. // request through to the driver below, we don't need to do anything.
  115. //
  116. if (NULL == Vcb->Vpb) {
  117. PassThrough = TRUE;
  118. }
  119. else {
  120. //
  121. // Case on the minor code.
  122. //
  123. switch ( IrpSp->MinorFunction ) {
  124. case IRP_MN_QUERY_REMOVE_DEVICE:
  125. Status = UdfPnpQueryRemove( IrpContext, Irp, Vcb );
  126. break;
  127. case IRP_MN_SURPRISE_REMOVAL:
  128. Status = UdfPnpSurpriseRemove( IrpContext, Irp, Vcb );
  129. break;
  130. case IRP_MN_REMOVE_DEVICE:
  131. Status = UdfPnpRemove( IrpContext, Irp, Vcb );
  132. break;
  133. case IRP_MN_CANCEL_REMOVE_DEVICE:
  134. Status = UdfPnpCancelRemove( IrpContext, Irp, Vcb );
  135. break;
  136. default:
  137. PassThrough = TRUE;
  138. break;
  139. }
  140. }
  141. if (PassThrough) {
  142. UdfReleaseUdfData( IrpContext);
  143. //
  144. // Just pass the IRP on. As we do not need to be in the
  145. // way on return, ellide ourselves out of the stack.
  146. //
  147. IoSkipCurrentIrpStackLocation( Irp );
  148. Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
  149. //
  150. // Cleanup our Irp Context. The driver has completed the Irp.
  151. //
  152. UdfCompleteRequest( IrpContext, NULL, STATUS_SUCCESS );
  153. }
  154. return Status;
  155. }
  156. NTSTATUS
  157. UdfPnpQueryRemove (
  158. PIRP_CONTEXT IrpContext,
  159. PIRP Irp,
  160. PVCB Vcb
  161. )
  162. /*++
  163. Routine Description:
  164. This routine handles the PnP query remove operation. The filesystem
  165. is responsible for answering whether there are any reasons it sees
  166. that the volume can not go away (and the device removed). Initiation
  167. of the dismount begins when we answer yes to this question.
  168. Query will be followed by a Cancel or Remove.
  169. Arguments:
  170. Irp - Supplies the Irp to process
  171. Vcb - Supplies the volume being queried.
  172. Return Value:
  173. NTSTATUS - The return status for the operation
  174. --*/
  175. {
  176. NTSTATUS Status;
  177. KEVENT Event;
  178. BOOLEAN VcbPresent = TRUE;
  179. ASSERT_EXCLUSIVE_UDFDATA;
  180. //
  181. // Having said yes to a QUERY, any communication with the
  182. // underlying storage stack is undefined (and may block)
  183. // until the bounding CANCEL or REMOVE is sent.
  184. //
  185. // Acquire the global resource so that we can try to vaporize the volume,
  186. // and the vcb resource itself.
  187. //
  188. UdfAcquireVcbExclusive( IrpContext, Vcb, FALSE );
  189. //
  190. // Drop a reference on the Vcb to keep it around after we drop the locks.
  191. //
  192. UdfLockVcb( IrpContext, Vcb);
  193. Vcb->VcbReference += 1;
  194. UdfUnlockVcb( IrpContext, Vcb);
  195. UdfReleaseUdfData( IrpContext);
  196. Status = UdfLockVolumeInternal( IrpContext, Vcb, NULL );
  197. //
  198. // Reacquire the global lock, which means dropping the Vcb resource.
  199. //
  200. UdfReleaseVcb( IrpContext, Vcb );
  201. UdfAcquireUdfData( IrpContext );
  202. UdfAcquireVcbExclusive( IrpContext, Vcb, FALSE );
  203. //
  204. // Remove our extra reference.
  205. //
  206. UdfLockVcb( IrpContext, Vcb);
  207. Vcb->VcbReference -= 1;
  208. UdfUnlockVcb( IrpContext, Vcb);
  209. if (NT_SUCCESS( Status )) {
  210. //
  211. // We need to pass this down before starting the dismount, which
  212. // could disconnect us immediately from the stack.
  213. //
  214. //
  215. // Get the next stack location, and copy over the stack location
  216. //
  217. IoCopyCurrentIrpStackLocationToNext( Irp );
  218. //
  219. // Set up the completion routine
  220. //
  221. KeInitializeEvent( &Event, NotificationEvent, FALSE );
  222. IoSetCompletionRoutine( Irp,
  223. UdfPnpCompletionRoutine,
  224. &Event,
  225. TRUE,
  226. TRUE,
  227. TRUE );
  228. //
  229. // Send the request and wait.
  230. //
  231. Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
  232. if (Status == STATUS_PENDING) {
  233. KeWaitForSingleObject( &Event,
  234. Executive,
  235. KernelMode,
  236. FALSE,
  237. NULL );
  238. Status = Irp->IoStatus.Status;
  239. }
  240. //
  241. // Now if no one below us failed already, initiate the dismount
  242. // on this volume, make it go away. PnP needs to see our internal
  243. // streams close and drop their references to the target device.
  244. //
  245. // Since we were able to lock the volume, we are guaranteed to
  246. // move this volume into dismount state and disconnect it from
  247. // the underlying storage stack. The force on our part is actually
  248. // unnecesary, though complete.
  249. //
  250. // What is not strictly guaranteed, though, is that the closes
  251. // for the metadata streams take effect synchronously underneath
  252. // of this call. This would leave references on the target device
  253. // even though we are disconnected!
  254. //
  255. if (NT_SUCCESS( Status )) {
  256. VcbPresent = UdfCheckForDismount( IrpContext, Vcb, TRUE );
  257. ASSERT( !VcbPresent || Vcb->VcbCondition == VcbDismountInProgress );
  258. }
  259. //
  260. // Note: Normally everything will complete and the internal streams will
  261. // vaporise. However there is some code in the system which drops additional
  262. // references on file objects, including our internal stream file objects,
  263. // for tracing purposes. If that happens to run concurrently with our
  264. // teardown, our internal streams will not vaporise until those references
  265. // are removed. So it's possible that the volume still remains at this
  266. // point. The pnp query remove will fail due references on the device.
  267. // To be cleaner we will return an error here. We could pend the pnp
  268. // IRP until the volume goes away, but since we don't know when that will
  269. // be, and this is a very rare case, we'll just fail the query.
  270. //
  271. // The reason this is the case is that handles/fileobjects place a reference
  272. // on the device objects they overly. In the filesystem case, these references
  273. // are on our target devices. PnP correcly thinks that if references remain
  274. // on the device objects in the stack that someone has a handle, and that this
  275. // counts as a reason to not succeed the query - even though every interrogated
  276. // driver thinks that it is OK.
  277. //
  278. if (NT_SUCCESS( Status) && VcbPresent && (Vcb->VcbReference != 0)) {
  279. Status = STATUS_DEVICE_BUSY;
  280. }
  281. }
  282. //
  283. // Release the Vcb if it could still remain.
  284. //
  285. if (VcbPresent) {
  286. UdfReleaseVcb( IrpContext, Vcb );
  287. }
  288. UdfReleaseUdfData( IrpContext );
  289. //
  290. // Cleanup our IrpContext and complete the IRP if neccesary.
  291. //
  292. UdfCompleteRequest( IrpContext, Irp, Status );
  293. return Status;
  294. }
  295. NTSTATUS
  296. UdfPnpRemove (
  297. PIRP_CONTEXT IrpContext,
  298. PIRP Irp,
  299. PVCB Vcb
  300. )
  301. /*++
  302. Routine Description:
  303. This routine handles the PnP remove operation. This is our notification
  304. that the underlying storage device for the volume we have is gone, and
  305. an excellent indication that the volume will never reappear. The filesystem
  306. is responsible for initiation or completion the dismount.
  307. Arguments:
  308. Irp - Supplies the Irp to process
  309. Vcb - Supplies the volume being removed.
  310. Return Value:
  311. NTSTATUS - The return status for the operation
  312. --*/
  313. {
  314. NTSTATUS Status;
  315. KEVENT Event;
  316. BOOLEAN VcbPresent = TRUE;
  317. ASSERT_EXCLUSIVE_UDFDATA;
  318. //
  319. // REMOVE - a storage device is now gone. We either got
  320. // QUERY'd and said yes OR got a SURPRISE OR a storage
  321. // stack failed to spin back up from a sleep/stop state
  322. // (the only case in which this will be the first warning).
  323. //
  324. // Note that it is entirely unlikely that we will be around
  325. // for a REMOVE in the first two cases, as we try to intiate
  326. // dismount.
  327. //
  328. //
  329. // Acquire the global resource so that we can try to vaporize
  330. // the volume, and the vcb resource itself.
  331. //
  332. UdfAcquireVcbExclusive( IrpContext, Vcb, FALSE );
  333. //
  334. // The device will be going away. Remove our lock and find
  335. // out if we ever had one in the first place.
  336. //
  337. Status = UdfUnlockVolumeInternal( IrpContext, Vcb, NULL );
  338. //
  339. // If the volume had not been locked, we must invalidate the
  340. // volume to ensure it goes away properly. The remove will
  341. // succeed.
  342. //
  343. if (!NT_SUCCESS( Status )) {
  344. UdfLockVcb( IrpContext, Vcb );
  345. if (Vcb->VcbCondition != VcbDismountInProgress) {
  346. UdfSetVcbCondition( Vcb, VcbInvalid);
  347. }
  348. UdfUnlockVcb( IrpContext, Vcb );
  349. Status = STATUS_SUCCESS;
  350. }
  351. //
  352. // We need to pass this down before starting the dismount, which
  353. // could disconnect us immediately from the stack.
  354. //
  355. //
  356. // Get the next stack location, and copy over the stack location
  357. //
  358. IoCopyCurrentIrpStackLocationToNext( Irp );
  359. //
  360. // Set up the completion routine
  361. //
  362. KeInitializeEvent( &Event, NotificationEvent, FALSE );
  363. IoSetCompletionRoutine( Irp,
  364. UdfPnpCompletionRoutine,
  365. &Event,
  366. TRUE,
  367. TRUE,
  368. TRUE );
  369. //
  370. // Send the request and wait.
  371. //
  372. Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
  373. if (Status == STATUS_PENDING) {
  374. KeWaitForSingleObject( &Event,
  375. Executive,
  376. KernelMode,
  377. FALSE,
  378. NULL );
  379. Status = Irp->IoStatus.Status;
  380. }
  381. //
  382. // Now make our dismount happen. This may not vaporize the
  383. // Vcb, of course, since there could be any number of handles
  384. // outstanding if we were not preceeded by a QUERY.
  385. //
  386. // PnP will take care of disconnecting this stack if we
  387. // couldn't get off of it immediately.
  388. //
  389. VcbPresent = UdfCheckForDismount( IrpContext, Vcb, TRUE );
  390. //
  391. // Release the Vcb if it could still remain.
  392. //
  393. if (VcbPresent) {
  394. UdfReleaseVcb( IrpContext, Vcb );
  395. }
  396. UdfReleaseUdfData( IrpContext );
  397. //
  398. // Cleanup our IrpContext and complete the IRP.
  399. //
  400. UdfCompleteRequest( IrpContext, Irp, Status );
  401. return Status;
  402. }
  403. NTSTATUS
  404. UdfPnpSurpriseRemove (
  405. PIRP_CONTEXT IrpContext,
  406. PIRP Irp,
  407. PVCB Vcb
  408. )
  409. /*++
  410. Routine Description:
  411. This routine handles the PnP surprise remove operation. This is another
  412. type of notification that the underlying storage device for the volume we
  413. have is gone, and is excellent indication that the volume will never reappear.
  414. The filesystem is responsible for initiation or completion the dismount.
  415. For the most part, only "real" drivers care about the distinction of a
  416. surprise remove, which is a result of our noticing that a user (usually)
  417. physically reached into the machine and pulled something out.
  418. Surprise will be followed by a Remove when all references have been shut down.
  419. Arguments:
  420. Irp - Supplies the Irp to process
  421. Vcb - Supplies the volume being removed.
  422. Return Value:
  423. NTSTATUS - The return status for the operation
  424. --*/
  425. {
  426. NTSTATUS Status;
  427. KEVENT Event;
  428. BOOLEAN VcbPresent = TRUE;
  429. ASSERT_EXCLUSIVE_UDFDATA;
  430. //
  431. // SURPRISE - a device was physically yanked away without
  432. // any warning. This means external forces.
  433. //
  434. UdfAcquireVcbExclusive( IrpContext, Vcb, FALSE );
  435. //
  436. // Invalidate the volume right now.
  437. //
  438. // The intent here is to make every subsequent operation
  439. // on the volume fail and grease the rails toward dismount.
  440. // By definition there is no going back from a SURPRISE.
  441. //
  442. UdfLockVcb( IrpContext, Vcb );
  443. if (Vcb->VcbCondition != VcbDismountInProgress) {
  444. UdfSetVcbCondition( Vcb, VcbInvalid);
  445. }
  446. UdfUnlockVcb( IrpContext, Vcb );
  447. //
  448. // We need to pass this down before starting the dismount, which
  449. // could disconnect us immediately from the stack.
  450. //
  451. //
  452. // Get the next stack location, and copy over the stack location
  453. //
  454. IoCopyCurrentIrpStackLocationToNext( Irp );
  455. //
  456. // Set up the completion routine
  457. //
  458. KeInitializeEvent( &Event, NotificationEvent, FALSE );
  459. IoSetCompletionRoutine( Irp,
  460. UdfPnpCompletionRoutine,
  461. &Event,
  462. TRUE,
  463. TRUE,
  464. TRUE );
  465. //
  466. // Send the request and wait.
  467. //
  468. Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
  469. if (Status == STATUS_PENDING) {
  470. KeWaitForSingleObject( &Event,
  471. Executive,
  472. KernelMode,
  473. FALSE,
  474. NULL );
  475. Status = Irp->IoStatus.Status;
  476. }
  477. //
  478. // Now make our dismount happen. This may not vaporize the
  479. // Vcb, of course, since there could be any number of handles
  480. // outstanding since this is an out of band notification.
  481. //
  482. VcbPresent = UdfCheckForDismount( IrpContext, Vcb, TRUE );
  483. //
  484. // Release the Vcb if it could still remain.
  485. //
  486. if (VcbPresent) {
  487. UdfReleaseVcb( IrpContext, Vcb );
  488. }
  489. UdfReleaseUdfData( IrpContext );
  490. //
  491. // Cleanup our IrpContext and complete the IRP.
  492. //
  493. UdfCompleteRequest( IrpContext, Irp, Status );
  494. return Status;
  495. }
  496. NTSTATUS
  497. UdfPnpCancelRemove (
  498. PIRP_CONTEXT IrpContext,
  499. PIRP Irp,
  500. PVCB Vcb
  501. )
  502. /*++
  503. Routine Description:
  504. This routine handles the PnP cancel remove operation. This is our
  505. notification that a previously proposed remove (query) was eventually
  506. vetoed by a component. The filesystem is responsible for cleaning up
  507. and getting ready for more IO.
  508. Arguments:
  509. Irp - Supplies the Irp to process
  510. Vcb - Supplies the volume being removed.
  511. Return Value:
  512. NTSTATUS - The return status for the operation
  513. --*/
  514. {
  515. NTSTATUS Status;
  516. ASSERT_EXCLUSIVE_UDFDATA;
  517. //
  518. // CANCEL - a previous QUERY has been rescinded as a result
  519. // of someone vetoing. Since PnP cannot figure out who may
  520. // have gotten the QUERY (think about it: stacked drivers),
  521. // we must expect to deal with getting a CANCEL without having
  522. // seen the QUERY.
  523. //
  524. // For UDFS, this is quite easy. In fact, we can't get a
  525. // CANCEL if the underlying drivers succeeded the QUERY since
  526. // we disconnect the Vpb on our dismount initiation. This is
  527. // actually pretty important because if PnP could get to us
  528. // after the disconnect we'd be thoroughly unsynchronized
  529. // with respect to the Vcb getting torn apart - merely referencing
  530. // the volume device object is insufficient to keep us intact.
  531. //
  532. UdfAcquireVcbExclusive( IrpContext, Vcb, FALSE );
  533. UdfReleaseUdfData( IrpContext);
  534. //
  535. // Unlock the volume. This is benign if we never had seen
  536. // a QUERY.
  537. //
  538. (VOID) UdfUnlockVolumeInternal( IrpContext, Vcb, NULL );
  539. UdfReleaseVcb( IrpContext, Vcb );
  540. //
  541. // Send the request. The underlying driver will complete the
  542. // IRP. Since we don't need to be in the way, simply ellide
  543. // ourselves out of the IRP stack.
  544. //
  545. IoSkipCurrentIrpStackLocation( Irp );
  546. Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
  547. UdfCompleteRequest( IrpContext, NULL, STATUS_SUCCESS );
  548. return Status;
  549. }
  550. //
  551. // Local support routine
  552. //
  553. NTSTATUS
  554. UdfPnpCompletionRoutine (
  555. IN PDEVICE_OBJECT DeviceObject,
  556. IN PIRP Irp,
  557. IN PVOID Contxt
  558. )
  559. {
  560. PKEVENT Event = (PKEVENT) Contxt;
  561. KeSetEvent( Event, 0, FALSE );
  562. return STATUS_MORE_PROCESSING_REQUIRED;
  563. UNREFERENCED_PARAMETER( DeviceObject );
  564. UNREFERENCED_PARAMETER( Contxt );
  565. }