|
|
/*++
Copyright (c) 1998-1999 Microsoft Corporation
Module Name:
srlog.c
Abstract:
this file implements the sr logging functionality
Author:
Kanwaljit Marok (kmarok) 01-May-2000
Revision History:
--*/
#include "precomp.h"
#include "srdefs.h"
//
// Some SR_LOG related macros
//
#define MAX_RENAME_TRIES 1000
#define SR_LOG_FLAGS_ENABLE 0x00000001
#define SR_LOG_FLAGS_DIRTY 0x00000010
#define SR_MAX_LOG_FILE_SIZE (1024*1024)
//
// system volume information\_restore{machineguid}
//
#define SR_DATASTORE_PREFIX_LENGTH 79 * sizeof(WCHAR)
//
// Length of \_restore.{machineguid}\RPXX\S0000000.ACL
//
#define SR_ACL_FILENAME_LENGTH (SR_DATASTORE_PREFIX_LENGTH + \
32* sizeof(WCHAR))
#define SR_INLINE_ACL_SIZE(AclInfoSize) (sizeof(RECORD_HEADER)+ AclInfoSize)
#define SR_FILE_ACL_SIZE(pVolumeName) (sizeof(RECORD_HEADER) + \
pVolumeName->Length + \ SR_ACL_FILENAME_LENGTH)
#define UPDATE_LOG_OFFSET( pLogContext, BytesWritten ) \
((pLogContext)->FileOffset += BytesWritten) #define RESET_LOG_BUFFER( pLogContext ) \
((pLogContext)->BufferOffset = 0, \ (pLogContext)->LastBufferOffset = 0)
#define RESET_LOG_CONTEXT( pLogContext ) \
((pLogContext)->FileOffset = 0, \ RESET_LOG_BUFFER( pLogContext ), \ (pLogContext)->LoggingFlags = 0, \ (pLogContext)->AllocationSize = 0)
#define SET_ENABLE_FLAG( pLogContext ) \
SetFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )
#define CLEAR_ENABLE_FLAG( pLogContext ) \
ClearFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )
#define SET_DIRTY_FLAG( pLogContext ) \
SetFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY)
#define CLEAR_DIRTY_FLAG( pLogContext ) \
ClearFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY )
//
// Context passed to SrCreateFile
//
typedef struct _SR_OPEN_CONTEXT { //
// Path to file
//
PUNICODE_STRING pPath; //
// Handle will be returned here
//
HANDLE Handle; //
// Open options
//
ACCESS_MASK DesiredAccess; ULONG FileAttributes; ULONG ShareAccess; ULONG CreateDisposition; ULONG CreateOptions;
PSR_DEVICE_EXTENSION pExtension;
} SR_OPEN_CONTEXT, *PSR_OPEN_CONTEXT;
//
// Note : These api can be called only when the FileSystem
// is online and it is safe to read/write data.
//
VOIDSrPackString( IN PBYTE pBuffer, IN DWORD BufferSize, IN DWORD RecordType, IN PUNICODE_STRING pString );
NTSTATUSSrPackLogHeader( IN PSR_LOG_HEADER *ppLogHeader, IN PUNICODE_STRING pVolumePath );
NTSTATUSSrPackAclInformation( IN PBYTE pBuffer, IN PSECURITY_DESCRIPTOR pSecInfo, IN ULONG SecInfoSize, IN PSR_DEVICE_EXTENSION pExtension, IN BOOLEAN bInline );
VOIDSrLoggerFlushDpc( IN PKDPC Dpc, IN PVOID DeferredContext, IN PVOID SystemArgument1, IN PVOID SystemArgument2 );
VOIDSrLoggerFlushWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context );
VOIDSrLoggerAddLogContext( IN PSR_LOGGER_CONTEXT pLoggerInfo, IN PSR_LOG_CONTEXT pLogContext );
NTSTATUSSrLoggerRemoveLogContext( IN PSR_LOGGER_CONTEXT pLoggerInfo, IN PSR_LOG_CONTEXT pLogContext );
NTSTATUSSrLogOpen( IN PSR_LOG_CONTEXT pLogContext );
NTSTATUSSrLogClose( IN PSR_LOG_CONTEXT pLogContext );
NTSTATUSSrLogCheckAndRename( IN PSR_DEVICE_EXTENSION pExtension, IN PUNICODE_STRING pLogPath, IN HANDLE ExistingLogHandle );
NTSTATUSSrpLogWriteSynchronous( IN PSR_DEVICE_EXTENSION pExtension, IN PSR_LOG_CONTEXT pLogContext, IN PSR_LOG_ENTRY pLogEntry );
#ifndef SYNC_LOG_WRITE
NTSTATUSSrpLogWriteAsynchronous( IN PSR_DEVICE_EXTENSION pExtension, IN PSR_LOG_CONTEXT pLogContext, IN PSR_LOG_ENTRY pLogEntry );#endif
NTSTATUSSrLogFlush ( IN PSR_LOG_CONTEXT pLogContext );
NTSTATUSSrLogSwitch( IN PSR_LOG_CONTEXT pLogContext );
NTSTATUS SrGetRestorePointPath( IN PUNICODE_STRING pVolumeName, IN USHORT RestPtPathLength, OUT PUNICODE_STRING pRestPtPath );
NTSTATUS SrGetAclFileName( IN PUNICODE_STRING pVolumeName, IN USHORT AclFileNameLength, OUT PUNICODE_STRING pAclFileName );
NTSTATUSSrCreateFile( IN PSR_OPEN_CONTEXT pOpenContext );
//
// linker commands
//
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGE, SrPackString )
#pragma alloc_text( PAGE, SrPackLogEntry )
#pragma alloc_text( PAGE, SrPackLogHeader )
#pragma alloc_text( PAGE, SrPackDebugInfo )
#pragma alloc_text( PAGE, SrPackAclInformation )
#pragma alloc_text( PAGE, SrLoggerStart )
#pragma alloc_text( PAGE, SrLoggerStop )
#pragma alloc_text( PAGE, SrLoggerFlushWorkItem )
#pragma alloc_text( PAGE, SrLoggerAddLogContext )
#pragma alloc_text( PAGE, SrLoggerRemoveLogContext )
#pragma alloc_text( PAGE, SrLoggerSwitchLogs )
#pragma alloc_text( PAGE, SrCreateFile )
#pragma alloc_text( PAGE, SrLogOpen )
#pragma alloc_text( PAGE, SrLogClose )
#pragma alloc_text( PAGE, SrLogCheckAndRename )
#pragma alloc_text( PAGE, SrLogStart )
#pragma alloc_text( PAGE, SrLogStop )
#pragma alloc_text( PAGE, SrLogFlush )
#ifdef SYNC_LOG_WRITE
#pragma alloc_text( PAGE, SrpLogWriteSynchronous )
#else
#pragma alloc_text( PAGE, SrpLogWriteAsynchronous )
#endif
#pragma alloc_text( PAGE, SrLogFlush )
#pragma alloc_text( PAGE, SrLogWrite )
#pragma alloc_text( PAGE, SrLogSwitch )
#pragma alloc_text( PAGE, SrGetRestorePointPath )
#pragma alloc_text( PAGE, SrGetLogFileName )
#pragma alloc_text( PAGE, SrGetAclFileName )
#pragma alloc_text( PAGE, SrGetAclInformation )
#endif // ALLOC_PRAGMA
/////////////////////////////////////////////////////////////////////
//
// Packing/Marshaling Routines : Marshals information into records
//
/////////////////////////////////////////////////////////////////////
//++
// Function:
// SrPackString
//
// Description:
// This function packs a string into a record.
//
// Arguments:
// Pointer to memory to create the entry
// Size of memory
// Entry type
// Pointer to unicode string
//
// Return Value:
// None
//--
staticVOIDSrPackString( IN PBYTE pBuffer, IN DWORD BufferSize, IN DWORD RecordType, IN PUNICODE_STRING pString ){ PRECORD_HEADER pHeader = (PRECORD_HEADER)pBuffer;
PAGED_CODE();
UNREFERENCED_PARAMETER( BufferSize );
ASSERT( pBuffer ); ASSERT( pString );
pHeader->RecordSize = STRING_RECORD_SIZE( pString );
ASSERT( pHeader->RecordSize <= BufferSize );
pHeader->RecordType = RecordType;
//
// Copy string contents
//
RtlCopyMemory( pBuffer + sizeof(RECORD_HEADER), pString->Buffer, pString->Length );
//
// Add null terminator
//
*(PWCHAR)( pBuffer + sizeof(RECORD_HEADER) + pString->Length ) = UNICODE_NULL;} // SrPackString
//++
// Function:
// SrPackLogEntry
//
// Description:
// This function allocates and fills a SR_LOG_ENTRY structure. The
// caller is responsible for freeing the memory returned in ppLogEntry.
//
// Arguments:
// ppLogEntry - Pointer to a SR_LOG_ENTRY pointer. This gets set to the
// the log entry structure that is allocated and initialized by this
// routine.
// EntryType - The type of log entry this is.
// Attributes - The attributes for this file.
// SequenceNum - The sequence number for this log entry.
// pAclInfo - The ACL information for the file being modified, if needed.
// AclInfoSize - The size in bytes of pAclInfo, if needed.
// pDebugBlob - The debug blob to log, if needed.
// pPath1 - The first full path for the file or dir that this log entry
// pertains to, if needed.
// Path1StreamLength - The length of the stream component of the name
// in pPath1, if needed.
// pTempPath - The path to the temporary file in the restore location,
// if needed.
// pPath2 - The second full path for the file or dir that this log entry
// pertains to, if needed.
// Path2StreamLength - The length of the stream component of the name
// in pPath2, if needed.
// pExtension - The SR device extension for this volume.
// pShortName - The short name for the file or dir that this log entry
// pertains to, if needed.
//
// Return Value:
// This function returns STATUS_INSUFFICIENT_RESOURCES if it cannot
// allocate a log entry record large enough to store this entry.
//
// If there is a problem getting the ACL info, that error status is
// returned.
//
// If one of the parameters is ill-formed, STATUS_INVALID_PARAMETER
// is returned.
//
// Otherwise, STATUS_SUCCESS is returned.
//--
NTSTATUSSrPackLogEntry( OUT PSR_LOG_ENTRY *ppLogEntry, IN ULONG EntryType, IN ULONG Attributes, IN INT64 SequenceNum, IN PSECURITY_DESCRIPTOR pAclInfo OPTIONAL, IN ULONG AclInfoSize OPTIONAL, IN PVOID pDebugBlob OPTIONAL, IN PUNICODE_STRING pPath1, IN USHORT Path1StreamLength, IN PUNICODE_STRING pTempPath OPTIONAL, IN PUNICODE_STRING pPath2 OPTIONAL, IN USHORT Path2StreamLength OPTIONAL, IN PSR_DEVICE_EXTENSION pExtension, IN PUNICODE_STRING pShortName OPTIONAL ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; DWORD Size = 0; DWORD RequiredSize = 0; DWORD RecordSize = 0; PBYTE pLoc = NULL; DWORD EntryFlags = 0; BOOLEAN bAclInline = TRUE; PUCHAR pBuffer = NULL; PUNICODE_STRING pVolumeName; PSR_LOG_DEBUG_INFO pDebugInfo = (PSR_LOG_DEBUG_INFO) pDebugBlob;
//
// Unicode strings used for string manipulation.
//
UNICODE_STRING Path1Fix; UNICODE_STRING TempPathFix; UNICODE_STRING Path2Fix;
PAGED_CODE();
ASSERT( pPath1 != NULL ); ASSERT( pExtension != NULL ); ASSERT( ppLogEntry != NULL ); pVolumeName = pExtension->pNtVolumeName; ASSERT( pVolumeName != NULL );
// ====================================================================
//
// Prepare the necessary fields for the log entry.
//
// ====================================================================
//
// Remove the volume prefix from pPath1 and add the stream name to the
// visible portion of the name, if there is one.
//
ASSERT( RtlPrefixUnicodeString( pVolumeName, pPath1, FALSE ) ); ASSERT( IS_VALID_SR_STREAM_STRING( pPath1, Path1StreamLength ) ); Path1Fix.Length = Path1Fix.MaximumLength = (pPath1->Length + Path1StreamLength) - pVolumeName->Length; Path1Fix.Buffer = (PWSTR)((PBYTE)pPath1->Buffer + pVolumeName->Length);
//
// Find the file name component of the pTempPath if that was passed in.
//
if (pTempPath != NULL) { PWSTR pFileName = NULL; ULONG FileNameLength;
Status = SrFindCharReverse( pTempPath->Buffer, pTempPath->Length, L'\\', &pFileName, &FileNameLength );
if (!NT_SUCCESS( Status )) { Status = STATUS_INVALID_PARAMETER; goto SrPackLogEntry_Exit; }
ASSERT( pFileName != NULL );
//
// Move past the leading '\\'
//
pFileName++; FileNameLength -= sizeof( WCHAR ); TempPathFix.Length = TempPathFix.MaximumLength = (USHORT) FileNameLength; TempPathFix.Buffer = pFileName; }
//
// Remove the volume prefix from pPath2 if that was provided. Also, add
// the stream component to the visible portion of the name, if there
// is a stream component.
//
if (pPath2 != NULL) { ASSERT( IS_VALID_SR_STREAM_STRING( pPath2, Path2StreamLength ) );
if (RtlPrefixUnicodeString( pVolumeName, pPath2, FALSE )) { Path2Fix.Length = Path2Fix.MaximumLength = (pPath2->Length + Path2StreamLength) - pVolumeName->Length; Path2Fix.Buffer = (PWSTR)((PBYTE)pPath2->Buffer + pVolumeName->Length); } else { Path2Fix.Length = Path2Fix.MaximumLength = (pPath2->Length + Path2StreamLength); Path2Fix.Buffer = pPath2->Buffer; } }
// ====================================================================
//
// Calculate the total size needed for the log entry based on the
// components that we must log.
//
// ====================================================================
// First, account for the SR_LOG_ENTRY header.
RequiredSize = FIELD_OFFSET(SR_LOG_ENTRY, SubRecords);
// Count pPath1
RequiredSize += ( STRING_RECORD_SIZE(&Path1Fix) );
// Count pTempPath, if we've got one
if (pTempPath) { RequiredSize += ( STRING_RECORD_SIZE(&TempPathFix) ); } // Count pPath2, if we've got one
if (pPath2) { RequiredSize += ( STRING_RECORD_SIZE(&Path2Fix) ); } // Count pAclInfo, if we've got one. At this point, we assume that the
// Acl will be stored inline.
if( pAclInfo ) { RequiredSize += SR_INLINE_ACL_SIZE( AclInfoSize ); }
// Count pDebugInfo, if we've got any
if (pDebugInfo) { RequiredSize += pDebugInfo->Header.RecordSize; }
// Count pShortName, if we've got one
if (pShortName != NULL && pShortName->Length > 0) { RequiredSize += ( STRING_RECORD_SIZE(pShortName) ); }
//
// increment the size to accomodate the entry size at the end
//
RequiredSize += sizeof(DWORD);
// ====================================================================
//
// Check if we meet the buffer size requirements and initialize the
// record if we do.
//
// ====================================================================
//
// First, determine if we should keep the AclInfo inline or not.
//
if (SR_INLINE_ACL_SIZE( AclInfoSize ) > SR_MAX_INLINE_ACL_SIZE) { SrTrace( LOG, ("SR!Changing Acl to Non-resident form\n")); bAclInline = FALSE; RequiredSize -= SR_INLINE_ACL_SIZE( AclInfoSize ); RequiredSize += SR_FILE_ACL_SIZE( pVolumeName ); }
//
// Now allocate the buffer that will hold the log entry.
//
pBuffer = SrAllocateLogEntry( RequiredSize );
if (pBuffer == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto SrPackLogEntry_Exit; } // ====================================================================
//
// We've got a big enough LogEntry, so now properly fill the LogEntry.
//
// ====================================================================
//
// Initialize the static part of SR_LOG_ENTRY
//
RtlZeroMemory( pBuffer, RequiredSize );
//
// StreamOverwrite should be StreamChange
//
if (EntryType == SrEventStreamOverwrite) { EntryType = SrEventStreamChange; }
((PSR_LOG_ENTRY) pBuffer)->MagicNum = SR_LOG_MAGIC_NUMBER; ((PSR_LOG_ENTRY) pBuffer)->EntryType = EntryType; ((PSR_LOG_ENTRY) pBuffer)->EntryFlags = EntryFlags; ((PSR_LOG_ENTRY) pBuffer)->Attributes = Attributes; ((PSR_LOG_ENTRY) pBuffer)->SequenceNum = SequenceNum;
Size = FIELD_OFFSET( SR_LOG_ENTRY, SubRecords ); //
// add first filename string
//
pLoc = pBuffer + Size; RecordSize = STRING_RECORD_SIZE( &Path1Fix );
SrPackString( pLoc, RecordSize, RecordTypeFirstPath, &Path1Fix );
Size += RecordSize;
//
// add temp filename if passed
//
if( pTempPath ) { pLoc = pBuffer + Size; RecordSize = STRING_RECORD_SIZE( &TempPathFix );
SrPackString( pLoc, RecordSize, RecordTypeTempPath, &TempPathFix ); ((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_TEMPPATH; Size += RecordSize; }
//
// add second filename string if passed in
//
if( pPath2 ) { pLoc = pBuffer + Size; RecordSize = STRING_RECORD_SIZE( &Path2Fix );
SrPackString( pLoc, RecordSize, RecordTypeSecondPath, &Path2Fix ); ((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_SECONDPATH;
Size += RecordSize; }
//
// Pack and add the Acl information appropriately
//
if( pAclInfo ) { pLoc = pBuffer + Size;
Status = SrPackAclInformation( pLoc, pAclInfo, AclInfoSize, pExtension, bAclInline );
if (!NT_SUCCESS( Status )) goto SrPackLogEntry_Exit;
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_ACLINFO;
if (bAclInline) { Size += SR_INLINE_ACL_SIZE( AclInfoSize ); } else { Size += SR_FILE_ACL_SIZE( pVolumeName ); } }
//
// Pack debug info if passed in
//
if (pDebugBlob) { pLoc = pBuffer + Size;
RtlCopyMemory( pLoc, pDebugInfo, pDebugInfo->Header.RecordSize ); ((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_DEBUGINFO;
Size += pDebugInfo->Header.RecordSize; }
//
// pack and add the short name, if supplied
//
if (pShortName != NULL && pShortName->Length > 0) { pLoc = pBuffer + Size; RecordSize = STRING_RECORD_SIZE( pShortName );
SrPackString( pLoc, RecordSize, RecordTypeShortName, pShortName ); ((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_SHORTNAME;
Size += RecordSize; }
//
// increment the size to accomodate the entry size at the end
//
Size += sizeof(DWORD);
//
// fill in the header fields : record size, record type and
// update the size at the end
//
((PSR_LOG_ENTRY) pBuffer)->Header.RecordSize = Size; ((PSR_LOG_ENTRY) pBuffer)->Header.RecordType = RecordTypeLogEntry;
UPDATE_END_SIZE( pBuffer, Size );
*ppLogEntry = (PSR_LOG_ENTRY) pBuffer; Status = STATUS_SUCCESS;
SrPackLogEntry_Exit: RETURN(Status);} // SrPackLogEntry
//++
// Function:
// SrPackLogHeader
//
// Description:
// This function creates a proper SR_LOG_HEADER entry. It allocates
// the LogEntry structure so that it is big enough to store this header.
//
// Note: The caller is responsible for freeing the SR_LOG_ENTRY allocated.
//
// Arguments:
// ppLogHeader - Pointer to the PSR_LOG_HEADER that get set to the
// allocated log header address.
// pVolumePath - The volume path for this volume.
//
// Return Value:
// Returns STATUS_INSUFFICIENT_RESOURCES if the SR_LOG_ENTRY cannot
// be allocated. Otherwise, it returns STATUS_SUCCESS.
//--
NTSTATUSSrPackLogHeader( IN PSR_LOG_HEADER *ppLogHeader, IN PUNICODE_STRING pVolumePath ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; DWORD RequiredSize = 0; DWORD SubRecordSize = 0; DWORD Size = 0; PBYTE pLoc = NULL; PBYTE pBuffer = NULL;
PAGED_CODE();
ASSERT( ppLogHeader != NULL ); ASSERT( pVolumePath != NULL );
// ====================================================================
//
// First, figure out how much of the buffer we need to use.
//
// ====================================================================
RequiredSize = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
// Count the volume path.
RequiredSize += ( STRING_RECORD_SIZE(pVolumePath) );
// Increment the size to accomodate the LogHeader size at the end
RequiredSize += sizeof(DWORD);
// ====================================================================
//
// Second, make sure that the buffer passed in is large enough for
// the LogHeader.
//
// ====================================================================
Size = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
pBuffer = SrAllocateLogEntry( RequiredSize );
if (pBuffer == NULL) { //
// Not enough memory to pack the entry
//
Status = STATUS_INSUFFICIENT_RESOURCES; goto SrPackLogHeader_Exit; }
//
// Initialize the static part of SR_LOG_HEADER
//
RtlZeroMemory( pBuffer, RequiredSize );
((PSR_LOG_HEADER) pBuffer)->MagicNum = SR_LOG_MAGIC_NUMBER ; ((PSR_LOG_HEADER) pBuffer)->LogVersion = SR_LOG_VERSION ;
// ====================================================================
//
// Finally, the buffer is large enough for the LogHeader, so fill
// the buffer with the header.
//
// ====================================================================
Size = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
//
// Add the volume prefix
//
pLoc = (PBYTE)(&((PSR_LOG_HEADER)pBuffer)->SubRecords); SubRecordSize = STRING_RECORD_SIZE( pVolumePath );
SrPackString( pLoc, SubRecordSize, RecordTypeVolumePath, pVolumePath ); Size += SubRecordSize;
//
// Increment the size to accomodate the LogHeader size at the end
//
Size += sizeof(DWORD);
//
// Fill in the header fields : record size, record type and
// update the size at the end
//
ASSERT( RequiredSize == Size ); ((PSR_LOG_HEADER) pBuffer)->Header.RecordSize = Size; ((PSR_LOG_HEADER) pBuffer)->Header.RecordType = RecordTypeLogHeader;
UPDATE_END_SIZE( pBuffer, Size );
*ppLogHeader = (PSR_LOG_HEADER) pBuffer; Status = STATUS_SUCCESS;
SrPackLogHeader_Exit: RETURN( Status );} // SrPackLogHeader
//++
// Function:
// SrPackDebugInfo
//
// Description:
// This function creates a properly formatted debug info from
// the supplied data. if NULL is passed instead of the buffer
// then the API returns the size required to pack the entry.
//
// Arguments:
// Pointer to log entry buffer
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrPackDebugInfo( IN PBYTE pBuffer, IN DWORD BufferSize ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; DWORD Size = 0; PCHAR pStr; PEPROCESS peProcess;
PAGED_CODE();
ASSERT( pBuffer != NULL );
Size = sizeof(SR_LOG_DEBUG_INFO);
if (BufferSize < Size) { //
// Not enough memory to pack the entry
//
Status = STATUS_INSUFFICIENT_RESOURCES; goto SrPackDebugInfo_Exit; }
//
// fill in the header fields : record size, record type
//
((PSR_LOG_DEBUG_INFO)pBuffer)->Header.RecordSize = Size; ((PSR_LOG_DEBUG_INFO)pBuffer)->Header.RecordType = RecordTypeDebugInfo;
((PSR_LOG_DEBUG_INFO)pBuffer)->ThreadId = PsGetCurrentThreadId() ; ((PSR_LOG_DEBUG_INFO)pBuffer)->ProcessId = PsGetCurrentProcessId();
pStr = ((PSR_LOG_DEBUG_INFO)pBuffer)->ProcessName; *pStr = 0;
peProcess = PsGetCurrentProcess(); RtlCopyMemory( pStr, ((PBYTE)peProcess) + global->ProcNameOffset, PROCESS_NAME_MAX );
pStr[ PROCESS_NAME_MAX ] = 0;
Status = STATUS_SUCCESS;
SrPackDebugInfo_Exit: RETURN(Status);} // SrPackDebugInfo
//++
// Function:
// SrPackAclInformation
//
// Description:
// This function creates a properly formatted Acl record from
// the supplied data.
//
// Arguments:
// Pointer to log entry buffer
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrPackAclInformation( IN PBYTE pBuffer, IN PSECURITY_DESCRIPTOR pSecInfo, IN ULONG SecInfoSize, IN PSR_DEVICE_EXTENSION pExtension, IN BOOLEAN bInline ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; PRECORD_HEADER pHeader = (PRECORD_HEADER)pBuffer; PUNICODE_STRING pAclFileName = NULL; HANDLE AclFileHandle = NULL; PUNICODE_STRING pVolumeName;
PAGED_CODE();
ASSERT( pExtension != NULL ); pVolumeName = pExtension->pNtVolumeName; ASSERT( pVolumeName != NULL );
try { ASSERT( pBuffer != NULL ); ASSERT( pSecInfo != NULL ); ASSERT( SecInfoSize != 0 ); //
// CODEWORK: Convert ACL to Self contained form ??
//
if (bInline) { //
// Just format and put the contents into the buffer
//
pHeader->RecordSize = sizeof( RECORD_HEADER ) + SecInfoSize; pHeader->RecordType = RecordTypeAclInline; RtlCopyMemory( pBuffer + sizeof(RECORD_HEADER), pSecInfo, SecInfoSize ); Status = STATUS_SUCCESS; } else { SR_OPEN_CONTEXT OpenContext; IO_STATUS_BLOCK IoStatusBlock; //
// Write the contents out to a temp file and create a
// AclFile record.
//
Status = SrAllocateFileNameBuffer( SR_MAX_FILENAME_LENGTH, &pAclFileName ); if (!NT_SUCCESS( Status )) leave; Status = SrGetAclFileName( pVolumeName, SR_FILENAME_BUFFER_LENGTH, pAclFileName ); if (!NT_SUCCESS( Status )) leave; //
// Open Acl file and write the security info in that file
//
OpenContext.pPath = pAclFileName; OpenContext.Handle = NULL; OpenContext.DesiredAccess = FILE_GENERIC_WRITE | SYNCHRONIZE; OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL; OpenContext.ShareAccess = 0; OpenContext.CreateDisposition = FILE_OVERWRITE_IF; // OPEN always
OpenContext.CreateOptions = /*FILE_NO_INTERMEDIATE_BUFFERING |*/ FILE_WRITE_THROUGH | FILE_SYNCHRONOUS_IO_NONALERT; OpenContext.pExtension = pExtension; Status = SrPostSyncOperation(SrCreateFile, &OpenContext); if (NT_SUCCESS(Status)) { LARGE_INTEGER Offset; ASSERT(OpenContext.Handle != NULL); AclFileHandle = OpenContext.Handle;
Offset.QuadPart = 0; Status = ZwWriteFile( AclFileHandle, NULL, // Event
NULL, // ApcRoutine
NULL, // ApcContext
&IoStatusBlock, pSecInfo, SecInfoSize, &Offset, // ByteOffset
NULL ); // Key
if (NT_SUCCESS(Status)) { //
// Create AclFile type entry
//
SrPackString( pBuffer, STRING_RECORD_SIZE( pAclFileName ), RecordTypeAclFile, pAclFileName ); } } else { ASSERT(OpenContext.Handle == NULL); } } } finally { if (pAclFileName != NULL) { SrFreeFileNameBuffer( pAclFileName ); pAclFileName = NULL; } if (AclFileHandle != NULL) { ZwClose(AclFileHandle); AclFileHandle = NULL; } }
RETURN(Status); } // SrPackAclInformation
/////////////////////////////////////////////////////////////////////
//
// Logger Routines : Manipulate Logger object
//
/////////////////////////////////////////////////////////////////////
//++
// Function:
// SrLoggerStart
//
// Description:
// This function initializes the logger and enables the flushing
// routines.
//
// Arguments:
// PDEVICE_OBJECT pDeviceObject
// PSR_LOGGER_CONTEXT * pLogger
//
// Return Value:
// STATUS_XXX
//--
NTSTATUSSrLoggerStart( IN PDEVICE_OBJECT pDeviceObject, OUT PSR_LOGGER_CONTEXT * ppLogger ){ NTSTATUS Status; PSR_LOGGER_CONTEXT pInitInfo = NULL; PIO_WORKITEM pWorkItem = NULL; UNREFERENCED_PARAMETER( pDeviceObject );
ASSERT(IS_VALID_DEVICE_OBJECT(pDeviceObject)); ASSERT(ppLogger != NULL);
PAGED_CODE();
try {
Status = STATUS_SUCCESS; *ppLogger = NULL; //
// Allocate Logging Init info from NonPagedPool
//
pInitInfo = SR_ALLOCATE_STRUCT( NonPagedPool, SR_LOGGER_CONTEXT, SR_LOGGER_CONTEXT_TAG ); if (pInitInfo == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } RtlZeroMemory( pInitInfo, sizeof( SR_LOGGER_CONTEXT ) );
pInitInfo->Signature = SR_LOGGER_CONTEXT_TAG; pInitInfo->ActiveContexts = 0; #ifdef USE_LOOKASIDE
//
// Initialize Lookaside list used in logging module
//
ExInitializeNPagedLookasideList( &pInitInfo->LogBufferLookaside, NULL, NULL, 0, _globals.LogBufferSize, SR_LOG_BUFFER_TAG, 0 );
#endif
#ifndef SYNC_LOG_WRITE
//
// Allocate work item for the DPC
//
pWorkItem = IoAllocateWorkItem(global->pControlDevice); if (pWorkItem == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } //
// Initialize Dpc and timer object
//
KeInitializeTimer( &pInitInfo->Timer ); KeInitializeDpc ( &pInitInfo->Dpc, SrLoggerFlushDpc, pWorkItem ); //
// Start the timer for log flushing
//
KeSetTimer( &pInitInfo->Timer, global->LogFlushDueTime, &pInitInfo->Dpc );
#endif
*ppLogger = pInitInfo;
} finally {
Status = FinallyUnwind(SrLoggerStart, Status); if (!NT_SUCCESS( Status )) { if (pInitInfo != NULL) { SrLoggerStop( pInitInfo ); } *ppLogger = pInitInfo = NULL; if (pWorkItem != NULL) { IoFreeWorkItem(pWorkItem); } pWorkItem = NULL; } }
RETURN(Status); } // SrLoggerStart
//++
// Function:
// SrLoggerStop
//
// Description:
// This function stops the logger and frees the related resources
//
// Arguments:
// LoggerInfo pointer
//
// Return Value:
// STATUS_XXX
//--
//++
NTSTATUSSrLoggerStop( IN PSR_LOGGER_CONTEXT pLogger ){ NTSTATUS Status = STATUS_UNSUCCESSFUL;
PAGED_CODE();
ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
try { //
// Stop the timer routines
//
KeCancelTimer( &pLogger->Timer );
//
// Active log contexts must be zero other wise we are leaking
//
ASSERT( pLogger->ActiveContexts == 0 );
#ifdef USE_LOOKASIDE
//
// Free the lookaside lists
//
if (IS_LOOKASIDE_INITIALIZED(&pLogger->LogEntryLookaside)) { ExDeletePagedLookasideList( &pLogger->LogEntryLookaside); }
if (IS_LOOKASIDE_INITIALIZED(&pLogger->LogBufferLookaside)) { ExDeleteNPagedLookasideList( &pLogger->LogBufferLookaside); } #endif
SR_FREE_POOL_WITH_SIG( pLogger, SR_LOGGER_CONTEXT_TAG );
Status = STATUS_SUCCESS; } finally { Status = FinallyUnwind(SrLoggerStop, Status); }
RETURN(Status); } // SrLoggerStop
#ifndef SYNC_LOG_WRITE
//++
// Function:
// SrLoggerFlushDpc
//
// Description:
// This function is a DPC called to flush the log buffers. This will
// queue a workitem to flush the buffers. This should not be paged.
//
// Arguments:
// IN PKDPC Dpc
// IN PVOID DeferredContext
// IN PVOID SystemArgument1
// IN PVOID SystemArgument2
//
// Return Value:
// None
//--
VOIDSrLoggerFlushDpc( IN PKDPC Dpc, IN PVOID DeferredContext, IN PVOID SystemArgument1, IN PVOID SystemArgument2 ){ PIO_WORKITEM pSrWorkItem;
UNREFERENCED_PARAMETER( Dpc ); UNREFERENCED_PARAMETER( SystemArgument1 ); UNREFERENCED_PARAMETER( SystemArgument2 );
SrTrace( LOG, ("SR!SrLoggerFlushDpc Called...\n"));
pSrWorkItem = (PIO_WORKITEM) DeferredContext;
ASSERT(pSrWorkItem != NULL);
IoQueueWorkItem( pSrWorkItem, SrLoggerFlushWorkItem, DelayedWorkQueue, pSrWorkItem );
} // SrLoggerFlushDpc
//++
// Function:
// SrLoggerFlushWorkItem
//
// Description:
// This Workitem queued by DPC will actually flush the log buffers.
//
// Arguments:
// IN PDEVICE_OBJECT DeviceObject
// IN PVOID Context
//
// Return Value:
// None
//--
VOIDSrLoggerFlushWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context ){ NTSTATUS Status; PLIST_ENTRY pListEntry; PSR_DEVICE_EXTENSION pExtension;
PAGED_CODE();
UNREFERENCED_PARAMETER(DeviceObject); UNREFERENCED_PARAMETER(Context);
SrTrace(LOG, ("sr!SrLoggerFlushWorkItem: enter\n"));
try {
//
// Grab the DeviceExtensionListLock as we are about to
// iterate through this list. Since we are only going to be
// reading this list, we can get this lock shared.
//
SrAcquireDeviceExtensionListLockShared(); Status = STATUS_SUCCESS;
#if DBG
//
// sleep for twice the DPC interval to prove that 2 DPC's
// are not coming in at the same time
//
if (global->DebugControl & SR_DEBUG_DELAY_DPC) { LARGE_INTEGER Interval; Interval.QuadPart = -1 * (10 * NANO_FULL_SECOND); KeDelayExecutionThread(KernelMode, TRUE, &Interval); }#endif
ASSERT( global->pLogger != NULL );
//
// loop over all volumes flushing data to the disk.
//
for (pListEntry = global->DeviceExtensionListHead.Flink; pListEntry != &global->DeviceExtensionListHead; pListEntry = pListEntry->Flink) { pExtension = CONTAINING_RECORD( pListEntry, SR_DEVICE_EXTENSION, ListEntry ); ASSERT(IS_VALID_SR_DEVICE_EXTENSION(pExtension));
//
// Do a quick unsafe check to see if we have started logging this
// volume yet. If it appears we haven't, just continue onto the
// next entry in the list. If logging is just about to begin,
// we catch it on the next firing of this timer.
//
if (pExtension->pLogContext == NULL) {
continue; }
//
// It looks like we have started to log, so get the necessary
// locks and do our work to flush the volume.
//
try {
SrAcquireActivityLockExclusive( pExtension ); if (pExtension->pLogContext != NULL) { //
// yes, flush for this volume
//
Status = SrLogFlush( pExtension->pLogContext );
if (!NT_SUCCESS( Status )) { //
// Disable volume
//
Status = SrNotifyVolumeError( pExtension, pExtension->pLogContext->pLogFilePath, Status, SrEventVolumeError ); //
// Stop Logging
//
SrLogStop( pExtension, TRUE ); } } } finally {
SrReleaseActivityLock( pExtension ); } } } finally {
Status = FinallyUnwind(SrLoggerFlushWorkItem, Status);
//
// fire the timer again, do this with the global lock
// held so that it can be cancelled in SrLoggerStop.
//
//
// The DPC is going to reuse the work item
//
KeSetTimer( &global->pLogger->Timer, global->LogFlushDueTime, &global->pLogger->Dpc ); SrReleaseDeviceExtensionListLock(); } SrTrace(LOG, ("sr!SrLoggerFlushWorkItem: exit\n"));
} // SrLoggerFlushWorkItem
#endif
//++
// Function:
// SrLoggerAddLogContext
//
// Description:
// This function adds a given Log Context to the logger
//
// Arguments:
// pointer to LoggerInfo
// pointer to LogContext
//
// Return Value:
// STATUS_XXX
//--
VOIDSrLoggerAddLogContext( IN PSR_LOGGER_CONTEXT pLogger, IN PSR_LOG_CONTEXT pLogContext ){ PAGED_CODE();
UNREFERENCED_PARAMETER( pLogContext ); ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger)); ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
InterlockedIncrement(&pLogger->ActiveContexts);
} // SrLoggerAddLogContext
//++
// Function:
// SrLoggerRemoveLogContext
//
// Description:
// This Workitem queued by DPC will actually flush the log buffers.
//
// Arguments:
// pointer to LoggerInfo
// pointer to LogContext
//
// Return Value:
// STATUS_XXX
//--
NTSTATUSSrLoggerRemoveLogContext( IN PSR_LOGGER_CONTEXT pLogger, IN PSR_LOG_CONTEXT pLogContext ){ NTSTATUS Status = STATUS_UNSUCCESSFUL;
PAGED_CODE();
UNREFERENCED_PARAMETER( pLogContext ); ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger)); ASSERT(IS_VALID_LOG_CONTEXT(pLogContext)); InterlockedDecrement(&pLogger->ActiveContexts);
Status = STATUS_SUCCESS;
RETURN(Status); } // SrLoggerRemoveLogContext
//++
// Function:
// SrLoggerSwitchLogs
//
// Description:
// This function loops thru the log contexts and switches all the
// log contexts
//
// Arguments:
// pointer to LoggerInfo
//
// Return Value:
// STATUS_XXX
//--
NTSTATUSSrLoggerSwitchLogs( IN PSR_LOGGER_CONTEXT pLogger ){ NTSTATUS Status; PLIST_ENTRY pListEntry; PSR_DEVICE_EXTENSION pExtension;
PAGED_CODE();
UNREFERENCED_PARAMETER( pLogger ); ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
Status = STATUS_SUCCESS;
try {
SrAcquireDeviceExtensionListLockShared();
//
// loop over all volumes switching their logs
//
for (pListEntry = _globals.DeviceExtensionListHead.Flink; pListEntry != &_globals.DeviceExtensionListHead; pListEntry = pListEntry->Flink) { pExtension = CONTAINING_RECORD( pListEntry, SR_DEVICE_EXTENSION, ListEntry ); ASSERT(IS_VALID_SR_DEVICE_EXTENSION(pExtension));
//
// We only have to do work if this is a volume device object,
// not if this is a device object that is attached to a file
// system's control device object.
//
if (FlagOn( pExtension->FsType, SrFsControlDeviceObject )) { continue; } try {
SrAcquireActivityLockExclusive( pExtension );
//
// have we started logging on this volume?
//
if (pExtension->pLogContext != NULL) { //
// yes, switch for this volume
//
Status = SrLogSwitch(pExtension->pLogContext); } if (!NT_SUCCESS( Status )) { //
// Disable volume
//
Status = SrNotifyVolumeError( pExtension, NULL, Status, SrEventVolumeError );
if (pExtension->pLogContext != NULL) { //
// Stop Logging
//
SrLogStop( pExtension, TRUE ); } } } finally { Status = FinallyUnwind(SrLoggerSwitchLogs, Status); SrReleaseActivityLock( pExtension ); } } } finally {
Status = FinallyUnwind(SrLoggerSwitchLogs, Status); SrReleaseDeviceExtensionListLock(); } RETURN(Status); } // SrLoggerSwitchLogs
/////////////////////////////////////////////////////////////////////
//
// Log Routines : Manipulate individual Logs
//
/////////////////////////////////////////////////////////////////////
//++
// Function:
// SrCreateFile
//
// Description:
// This function just does a create on file, no sync needed
// written so that it can be called in a separate thread to avoid
// stack overflows via SrIoCreateFile
//
// Arguments:
//
// pOpenContext - pointer to the open context
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrCreateFile( IN PSR_OPEN_CONTEXT pOpenContext ){
OBJECT_ATTRIBUTES ObjectAttributes; IO_STATUS_BLOCK IoStatusBlock; NTSTATUS Status;
PAGED_CODE();
ASSERT(pOpenContext != NULL); ASSERT(pOpenContext->pPath != NULL);
SrTrace(LOG, ("Opening file %wZ", pOpenContext->pPath)); InitializeObjectAttributes( &ObjectAttributes, pOpenContext->pPath, OBJ_KERNEL_HANDLE, NULL, NULL );
ASSERT( pOpenContext->pExtension != NULL );
Status = SrIoCreateFile( &pOpenContext->Handle, pOpenContext->DesiredAccess, &ObjectAttributes, &IoStatusBlock, NULL, // AllocationSize
pOpenContext->FileAttributes, pOpenContext->ShareAccess, pOpenContext->CreateDisposition, pOpenContext->CreateOptions, NULL, // EaBuffer
0, // EaLength
0, pOpenContext->pExtension->pTargetDevice ); return Status;}
//++
// Function:
// SrLogOpen
//
// Description:
// This function creates a log file, no sync needed as it is always
// called internally
//
// Arguments:
// Pointer to open context
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogOpen( IN PSR_LOG_CONTEXT pLogContext ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; PSR_LOG_HEADER pLogHeader = NULL; SR_OPEN_CONTEXT OpenContext;
PAGED_CODE();
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext)); ASSERT(pLogContext->pLogFilePath != NULL ); ASSERT(pLogContext->LogHandle == NULL ); ASSERT(pLogContext->pLogFileObject == NULL);
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
try { SrTrace(FUNC_ENTRY, ("SR!SrLogOpen\n")); //
// Initialize the open context with the file create parameters
//
OpenContext.pPath = pLogContext->pLogFilePath;; OpenContext.Handle = NULL; OpenContext.DesiredAccess = FILE_GENERIC_WRITE | SYNCHRONIZE | FILE_APPEND_DATA; OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL; OpenContext.ShareAccess = FILE_SHARE_READ; OpenContext.CreateDisposition = FILE_OVERWRITE_IF; // OPEN always
OpenContext.CreateOptions = FILE_SYNCHRONOUS_IO_NONALERT; OpenContext.pExtension = pLogContext->pExtension;
SrTrace(LOG, ("Opening Log in another thread %wZ", pLogContext->pLogFilePath));
Status = SrPostSyncOperation(SrCreateFile, &OpenContext);
if (NT_SUCCESS(Status)) { SrTrace(LOG, (" - Succeeded\n"));
ASSERT(OpenContext.Handle != NULL);
pLogContext->LogHandle = OpenContext.Handle;
//
// Also get the file object associated with this handle.
//
Status = ObReferenceObjectByHandle( pLogContext->LogHandle, 0, *IoFileObjectType, KernelMode, (PVOID *) &(pLogContext->pLogFileObject), NULL );
if (!NT_SUCCESS( Status )) { leave; } //
// Initialize log context poperly for this log
//
#ifndef SYNC_LOG_WRITE
RtlZeroMemory( pLogContext->pLogBuffer, _globals.LogBufferSize );#endif
RESET_LOG_CONTEXT( pLogContext ); //
// Enable log context
//
SET_ENABLE_FLAG(pLogContext); //
// CODEWORK:kmarok: need to decide if we want to preallocate
// the log file and do it here
//
//
// Write the log header as the first entry into
// the newly created log
//
Status = SrPackLogHeader( &pLogHeader, pLogContext->pLogFilePath);
if (!NT_SUCCESS( Status )) leave;
Status = SrLogWrite( NULL, pLogContext, (PSR_LOG_ENTRY)pLogHeader ); if (!NT_SUCCESS( Status )) leave;
//
// Clear dirty flag because we haven't actually written any
// data
//
CLEAR_DIRTY_FLAG(pLogContext); } else { SrTrace(LOG, (" - Failed (0x%X) \n", Status)); } } finally { Status = FinallyUnwind(SrLogOpen, Status);
if (!NT_SUCCESS( Status )) { //
// Since the open failed, disable the log
//
CLEAR_ENABLE_FLAG(pLogContext);
if (pLogContext->pLogFileObject != NULL) { ObDereferenceObject( pLogContext->pLogFileObject ); pLogContext->pLogFileObject = NULL; } if (pLogContext->LogHandle) { ZwClose( pLogContext->LogHandle ); pLogContext->LogHandle = NULL; } }
if (pLogHeader != NULL) { SrFreeLogEntry( pLogHeader ); NULLPTR( pLogHeader ); } }
RETURN(Status); } // SrLogOpen
//++
// Function:
// SrLogClose
//
// Description:
// This function flushes the current log to disk if necessary then
// tries to rename the log to the normalized form (change.log.#).
// Finally it closes the handle to the log.
//
// Arguments:
// Pointer to Log Context
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogClose( IN PSR_LOG_CONTEXT pLogContext ){ NTSTATUS Status = STATUS_SUCCESS; NTSTATUS TempStatus = STATUS_SUCCESS;
PAGED_CODE();
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
//
// Flush & Close the log file
//
if ( pLogContext->LogHandle ) {#ifndef SYNC_LOG_WRITE
//
// We only need to force flush here if we are not doing synchronous
// log writes.
//
Status = SrLogFlush( pLogContext );#endif
//
// Rename this log to the "change.log.#" for uniformity.
//
if (NT_SUCCESS(Status)) { Status = SrLogCheckAndRename( pLogContext->pExtension, pLogContext->pLogFilePath, pLogContext->LogHandle ); }
//
// The close operation is only going to fail if the LogHandle
// is invalid. We need to close the handle even if we hit an
// error trying to flush the log, but it is the value returned from
// flushing the log that the caller really cares about, not the
// return value from closing the handle, so just store it in a
// temp variable and validate in checked builds.
//
ObDereferenceObject( pLogContext->pLogFileObject ); TempStatus = ZwClose( pLogContext->LogHandle ); CHECK_STATUS( TempStatus ); }
//
// modify the log context to indicate the log is closed
// donot clear the LogBuffer member ( reused )
//
pLogContext->LogHandle = NULL; pLogContext->pLogFileObject = NULL; RESET_LOG_CONTEXT(pLogContext);
RETURN( Status );} // SrLogClose
//++
// Function:
// SrLogCheckAndRename
//
// Description:
// This function checks and backsup a log file
//
// Arguments:
// pExtension - The SR_DEVICE_EXTENSION for this volume.
// pLogPath - The full path and file name to the change log.
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogCheckAndRename( IN PSR_DEVICE_EXTENSION pExtension, IN PUNICODE_STRING pLogPath, IN HANDLE ExistingLogHandle ){ INT i = 1; NTSTATUS Status = STATUS_UNSUCCESSFUL; HANDLE LogHandle = NULL; UNICODE_STRING RenamedFile; PFILE_RENAME_INFORMATION pRenameInformation = NULL; ULONG CharCount; ULONG RenameInformationLength; IO_STATUS_BLOCK IoStatusBlock; SR_OPEN_CONTEXT OpenContext; ULONG changeLogBaseLength; PAGED_CODE();
ASSERT( pLogPath != NULL );
SrTrace(FUNC_ENTRY, ("SR!SrLogCheckAndRename\n"));
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension) );
try { //
// If we don't have a handle, use the pLogPath passed in to open
// the log file.
//
if (ExistingLogHandle == NULL) { OpenContext.pPath = pLogPath; OpenContext.Handle = NULL; OpenContext.DesiredAccess = DELETE; OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL; OpenContext.ShareAccess = 0; OpenContext.CreateDisposition = FILE_OPEN; OpenContext.CreateOptions = FILE_NO_INTERMEDIATE_BUFFERING | FILE_SYNCHRONOUS_IO_NONALERT; OpenContext.pExtension = pExtension; Status = SrPostSyncOperation(SrCreateFile, &OpenContext);
if (Status == STATUS_OBJECT_NAME_NOT_FOUND || !NT_SUCCESS( Status )) { ASSERT(OpenContext.Handle == NULL); //
// we need to check for file not found status
//
if (Status == STATUS_OBJECT_NAME_NOT_FOUND) { Status = STATUS_SUCCESS; } leave; } //
// File exists so try to rename the file
//
LogHandle = OpenContext.Handle; ASSERT(LogHandle != NULL); } else {
//
// No need to open a new handle. We can just use the one
// we've got.
//
LogHandle = ExistingLogHandle; }
ASSERT(LogHandle != NULL);
//
// RenamedFile will hold just the new name of the file, not the
// full path to the new file since we are just doing a rename into
// the same directory.
//
// RenamedFile will just point into the appropriate place of the
// pRenameInformation buffer where the file name should be kept and
// will only reflect the length of the static portion of the
// "change.log." portion of the new name.
// We will do the appropriate length manipulations so that the
// pRenameInformation will be correct, but we don't need to copy the
// file name into the buffer as we try each name.
//
changeLogBaseLength = wcslen( s_cszChangeLogPrefix ) * sizeof( WCHAR ); RenamedFile.MaximumLength = (USHORT)(changeLogBaseLength + MAX_ULONG_LENGTH // the "%d"
+ sizeof( WCHAR )); // a NULL
RenameInformationLength = sizeof(FILE_RENAME_INFORMATION) + RenamedFile.MaximumLength;
pRenameInformation = SR_ALLOCATE_POOL( PagedPool, RenameInformationLength, SR_RENAME_BUFFER_TAG ); if (pRenameInformation == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; }
RenamedFile.Buffer = &pRenameInformation->FileName[0]; RenamedFile.Length = 0;
Status = RtlAppendUnicodeToString( &RenamedFile, s_cszChangeLogPrefix);
if (!NT_SUCCESS( Status )) { leave; }
//
// Do this initialization of the rename information structure
// here since it only needs to be done once.
//
pRenameInformation->ReplaceIfExists = FALSE; pRenameInformation->RootDirectory = NULL;
//
// Now loop trying to rename the file until we find an index that
// has not already been used.
//
while( 1 ) { RtlZeroMemory(&IoStatusBlock, sizeof(IoStatusBlock)); //
// Construct possible backup filename by appending the backup
// suffix.
//
CharCount = swprintf( &RenamedFile.Buffer[ RenamedFile.Length/sizeof(WCHAR)], L"%d", i++ );
ASSERT( CharCount * sizeof( WCHAR ) <= MAX_ULONG_LENGTH ); ASSERT( RenamedFile.Length + (CharCount * sizeof( WCHAR )) <= RenamedFile.MaximumLength); //
// Now update the rename info struct filename length
//
pRenameInformation->FileNameLength = RenamedFile.Length + (CharCount * sizeof( WCHAR )); SrTrace( LOG, ("SR!SrLogCheckAndRename: renaming to %.*S\n", pRenameInformation->FileNameLength/sizeof( WCHAR ), &pRenameInformation->FileName[0] )); Status = ZwSetInformationFile( LogHandle, &IoStatusBlock, pRenameInformation, RenameInformationLength, FileRenameInformation ); if ( NT_SUCCESS_NO_DBGBREAK( Status ) || (Status != STATUS_OBJECT_NAME_COLLISION) || (i > MAX_RENAME_TRIES) ) { break; } }
//
// To get DBG messages for unexpected errors in DEBUG builds...
//
CHECK_STATUS( Status ); } finally { if ( ExistingLogHandle == NULL ) { //
// If we have a NULL ExistingLogHandle then we opened this log handle
// and we are responsible for closing it. Otherwise, the caller
// who passed in the ExistingLogHandle will close the handle.
//
ZwClose(LogHandle); } if ( pRenameInformation != NULL ) { SR_FREE_POOL(pRenameInformation, SR_RENAME_BUFFER_TAG); } }
RETURN(Status);} // SrLogCheckAndRename
//
// Public API implementation
//
//++
// Function:
// SrLogStart
//
// Description:
// This function prepares the driver for Logging
// requests.
//
// Arguments:
// Pointer to Log Path
// Pointer to device extension
// Pointer to handle
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogStart( IN PUNICODE_STRING pLogPath, IN PSR_DEVICE_EXTENSION pExtension, OUT PSR_LOG_CONTEXT * ppLogContext ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; PSR_LOG_CONTEXT pLogContext = NULL;
PAGED_CODE();
ASSERT(pLogPath != NULL); ASSERT(ppLogContext != NULL);
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ));
try {
*ppLogContext = NULL; //
// should we short circuit out of here for testing mode?
//
if (!SR_LOGGING_ENABLED( pExtension ) || _globals.DontBackup) { leave; } *ppLogContext = SR_ALLOCATE_STRUCT( PagedPool, SR_LOG_CONTEXT, SR_LOG_CONTEXT_TAG ); if ( *ppLogContext == NULL ) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } pLogContext = *ppLogContext; RtlZeroMemory( pLogContext, sizeof(SR_LOG_CONTEXT) );
pLogContext->Signature = SR_LOG_CONTEXT_TAG; pLogContext->pExtension = pExtension; //
// grab a buffer to store the file name
//
Status = SrAllocateFileNameBuffer( pLogPath->Length, &(pLogContext->pLogFilePath) ); if (!NT_SUCCESS( Status )) leave;
//
// Store our backpointer to the device extension
//
pLogContext->pExtension = pExtension; //
// Save the filename in the context
//
RtlCopyMemory( pLogContext->pLogFilePath->Buffer, pLogPath->Buffer, pLogPath->Length );
pLogContext->pLogFilePath->Buffer [pLogPath->Length/sizeof(WCHAR)] = UNICODE_NULL;
pLogContext->pLogFilePath->Length = pLogPath->Length;
#ifndef SYNC_LOG_WRITE
//
// We only need a buffer to cache the log entries if we are doing
// asynchronous log writes.
//
pLogContext->pLogBuffer = SrAllocateLogBuffer( _globals.LogBufferSize ); if ( pLogContext->pLogBuffer == NULL ) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; }#endif
//
// rename the old log file if one exists
//
Status = SrLogCheckAndRename( pExtension, pLogContext->pLogFilePath, NULL );
if (!NT_SUCCESS(Status)) leave; //
// try and open the log file
//
Status = SrLogOpen( pLogContext ); if (NT_SUCCESS(Status)) { //
// Add the context to the logger
//
//
SrLoggerAddLogContext( global->pLogger, pLogContext ); } //
// Important: We should not fail after calling SrLoggerAddContext above
// because the finally clause assumes that if there's a failure,
// SrLoggerAddContext was not called yet. If this changes, use a
// BOOLEAN to appropriately indicate if SrLoggerAddContext is already
// called and use that to condition the call in the finally clause.
//
} finally { Status = FinallyUnwind(SrLogStart, Status); //
// if we are unsuccessful for some reason then clean up
// the logging structs (if necessary) .
//
if ((!NT_SUCCESS( Status )) && (pLogContext != NULL)) { //
// We assume as per note above that the context count is not
// incremented. Increment it now because SrLogStop will decrement it
//
SrLoggerAddLogContext(global->pLogger, pLogContext);
//
// Stop the log
//
SrLogStop( pExtension, TRUE ); *ppLogContext = pLogContext = NULL; } }
RETURN(Status); } // SrLogStart
//++
// Function:
// SrLogStop
//
// Description:
// This function closes / frees any resources used
// SR logging
//
// Arguments:
// pExtension - The SR device extension on this volume which contains
// our logging information.
// PurgeContexts - TRUE if we should purge all our contexts at this time
// CheckLog - TRUE if we should try to check and rename the log at
// this time. Note that checking the log could cause the volume
// to be remounted at this time. Therefore, if we don't want
// that to happen (i.e., during shutdown), CheckLog should be
// FALSE.
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogStop( IN PSR_DEVICE_EXTENSION pExtension, IN BOOLEAN PurgeContexts ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; PSR_LOG_CONTEXT pLogContext = pExtension->pLogContext;
PAGED_CODE();
//
// context must have been intialized by calling SrLogStart
//
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
try { //
// If we are diabling the volume then free all of the contexts
//
if (PurgeContexts) { SrDeleteAllContexts( pExtension ); }
//
// Close the log handle
//
if ( pLogContext->LogHandle ) { SrTrace( LOG, ("Stopped logging : %wZ\n", pLogContext->pLogFilePath));
//
// This call will flush the log to disk if necessary,
// renaming of the log to its normalized form if
// possible, and close the log handle.
//
Status = SrLogClose( pLogContext ); CHECK_STATUS( Status ); } //
// Remove the context from logger
//
SrLoggerRemoveLogContext( global->pLogger, pLogContext ); //
// Free buffers
//
#ifdef SYNC_LOG_WRITE
//
// If we are doing synchronous log writes, we shouldn't have a
// buffer to free here.
//
ASSERT( pLogContext->pLogBuffer == NULL );#else
//
// If we are doing asynchronous log writes, we need to free the buffer
// used to collect log entries.
//
if ( pLogContext->pLogBuffer ) { SrFreeLogBuffer( pLogContext->pLogBuffer ); pLogContext->pLogBuffer = NULL; } #endif
if ( pLogContext->pLogFilePath ) { SrFreeFileNameBuffer( pLogContext->pLogFilePath ); pLogContext->pLogFilePath = NULL; } SR_FREE_POOL_WITH_SIG(pLogContext, SR_LOG_CONTEXT_TAG); //
// Set logging state in extension
//
pExtension->pLogContext = NULL; pExtension->DriveChecked = FALSE;
Status = STATUS_SUCCESS; } finally { Status = FinallyUnwind(SrLogStop, Status); }
RETURN(Status); } // SrLogStop
//++
// Function:
// SrLogWrite
//
// Description:
// This function writes the entry into the log cache and
// flushes the cache in case the entry cannot fit in.
//
// Arguments:
// Pointer to Device object
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogWrite( IN PSR_DEVICE_EXTENSION pOptionalExtension OPTIONAL, IN PSR_LOG_CONTEXT pOptionalLogContext OPTIONAL, IN PSR_LOG_ENTRY pLogEntry ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; PSR_LOG_CONTEXT pLogContext = NULL; PSR_DEVICE_EXTENSION pExtension = NULL;
PAGED_CODE();
ASSERT(pOptionalExtension == NULL || IS_VALID_SR_DEVICE_EXTENSION(pOptionalExtension)); ASSERT(pOptionalExtension != NULL || pOptionalLogContext != NULL); ASSERT(pLogEntry != NULL);
if (pOptionalExtension != NULL) { //
// We need to ensure that the volume hasn't been disabled before
// we do anything.
//
if (pOptionalExtension->Disabled) { Status = STATUS_SUCCESS; goto SrLogWrite_Exit; } //
// we need to make sure our disk structures are good and logging
// has been started. it's possible we have been called simply to
// log and logging was stopped due to volume lock. we have to
// check with the global lock held.
//
Status = SrCheckVolume(pOptionalExtension, FALSE); if (!NT_SUCCESS( Status )) goto SrLogWrite_Exit; pLogContext = pOptionalExtension->pLogContext; } else { //
// use the free form context passed in (only SrLogOpen does this)
//
pLogContext = pOptionalLogContext; } ASSERT(IS_VALID_LOG_CONTEXT(pLogContext)); if (pLogContext == NULL) { //
// this is unexpected, but need to protect against
//
Status = STATUS_INVALID_PARAMETER; CHECK_STATUS(Status); goto SrLogWrite_Exit; } pExtension = pLogContext->pExtension; ASSERT( pExtension != NULL );
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_SHARED( pExtension ) || IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) ); try {
SrAcquireLogLockExclusive( pExtension );
//
// Check to make sure the volume is still enabled.
//
if (!SR_LOGGING_ENABLED( pExtension )) { Status = STATUS_SUCCESS; leave; } //
// bail if logging is disabled for this context
//
if (!FlagOn(pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE)) { leave; } //
// check the log file, if it is greater than 1Mb switch the log
//
if ( (pLogContext->FileOffset + pLogContext->BufferOffset + pLogEntry->Header.RecordSize) > SR_MAX_LOG_FILE_SIZE ) { Status = SrLogSwitch( pLogContext ); if (!NT_SUCCESS( Status )) { leave; } }
#ifdef SYNC_LOG_WRITE
Status = SrpLogWriteSynchronous( pExtension, pLogContext, pLogEntry);#else
Status = SrpLogWriteAsynchronous( pExtension, pLogContext, pLogEntry);#endif
} finally { Status = FinallyUnwind(SrLogWrite, Status);
SrReleaseLogLock(pExtension); }
SrLogWrite_Exit: RETURN(Status); } // SrLogWrite
//++
// Function:
// SrLogWriteSynchronous
//
// Description:
//
// This function writes each log entry to the current change log
// and ensures the updated change log is flushed to disk before
// it returns.
//
// Arguments:
//
// pExtension - The device extension for the volume whose change
// log is going to be updated.
// pLogContext - The log context that contains the information
// about which change log should updated.
// pLogEntry - The log entry to be written.
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrpLogWriteSynchronous( IN PSR_DEVICE_EXTENSION pExtension, IN PSR_LOG_CONTEXT pLogContext, IN PSR_LOG_ENTRY pLogEntry ){ NTSTATUS Status = STATUS_UNSUCCESSFUL;
PAGED_CODE();
UNREFERENCED_PARAMETER( pExtension );
ASSERT( IS_VALID_SR_DEVICE_EXTENSION( pExtension ) ); ASSERT( IS_VALID_LOG_CONTEXT( pLogContext ) ); ASSERT( pLogEntry != NULL );
ASSERT( IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) ); //
// In this mode, we are not buffering the log entries, so just point
// the pLogContext->pLogBuffer to the current pLogEntry so save the
// copy into the buffer.
//
ASSERT( pLogContext->pLogBuffer == NULL ); pLogContext->pLogBuffer = (PBYTE) pLogEntry; pLogContext->BufferOffset = pLogEntry->Header.RecordSize; SET_DIRTY_FLAG(pLogContext);
Status = SrLogFlush( pLogContext );
//
// Clear out the pLogBuffer reference to the pLogEntry whether or
// not the flush succeeded.
//
pLogContext->pLogBuffer = NULL;
RETURN(Status);}
#ifndef SYNC_LOG_WRITE
//++
// Function:
// SrLogWriteAsynchronous
//
// Description:
//
// This function buffers log writes then flushes the writes when the
// buffer is full.
//
// Arguments:
//
// pExtension - The device extension for the volume whose change
// log is going to be updated.
// pLogContext - The log context that contains the information
// about which change log should updated.
// pLogEntry - The log entry to be written.
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrpLogWriteAsynchronous( IN PSR_DEVICE_EXTENSION pExtension, IN PSR_LOG_CONTEXT pLogContext, IN PSR_LOG_ENTRY pLogEntry ){ NTSTATUS Status = STATUS_UNSUCCESSFUL;
PAGED_CODE();
ASSERT( IS_VALID_SR_DEVICE_EXTENSION( pExtension ) ); ASSERT( IS_VALID_LOG_CONTEXT( pLogContext ) ); ASSERT( pLogEntry != NULL );
ASSERT( IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) ); //
// Check if the entry can fit into the current buffer, if not
// then adjust the last entry of the buffer and write it down
// to the disk
//
if ( (pLogContext->BufferOffset + pLogEntry->Header.RecordSize) > _globals.LogBufferSize ) { //
// check to make sure we have 50mb free, we are about to
// grow the file
//
Status = SrCheckFreeDiskSpace( pLogContext->LogHandle, pExtension->pNtVolumeName ); if (!NT_SUCCESS( Status )) { goto SrpLogWriteAsynchronous_Exit; } //
// set the dirty flag because we have updated the buffer
//
SET_DIRTY_FLAG(pLogContext);
Status = SrLogFlush( pLogContext ); if (!NT_SUCCESS( Status )) { goto SrpLogWriteAsynchronous_Exit; }
//
// Check to make sure that the pLogEntry itself isn't bigger
// than the _globals.LogBufferSize.
//
if (pLogEntry->Header.RecordSize > _globals.LogBufferSize) { PBYTE pLogBuffer;
//
// The log was just successfully flushed, therefore there should
// be no data in the buffer yet.
//
ASSERT( pLogContext->BufferOffset == 0 ); //
// For synchronous writes, we don't expect there to be a log buffer
// in the context so we will save this off in a local and NULL
// this parameter in the pLogContext while we make this call.
//
pLogBuffer = pLogContext->pLogBuffer; pLogContext->pLogBuffer = NULL;
Status = SrpLogWriteSynchronous( pExtension, pLogContext, pLogEntry );
//
// We ALWAYS need to restore this pointer in the pLogContext.
//
pLogContext->pLogBuffer = pLogBuffer;
CHECK_STATUS( Status );
//
// Whether we succeeded or failed, we want to skip the logic below
// and exit now.
//
goto SrpLogWriteAsynchronous_Exit; } } //
// We now have enough room in the buffer for this pLogEntry, so append the
// entry to the buffer.
//
RtlCopyMemory( pLogContext->pLogBuffer + pLogContext->BufferOffset, pLogEntry, pLogEntry->Header.RecordSize );
//
// Update buffer pointers to reflect the entry has been added
//
pLogContext->LastBufferOffset = pLogContext->BufferOffset; pLogContext->BufferOffset += pLogEntry->Header.RecordSize;
SET_DIRTY_FLAG(pLogContext);
//
// We were able to copy into the buffer successfully, so return
// STATUS_SUCCESS.
//
Status = STATUS_SUCCESS; SrpLogWriteAsynchronous_Exit: RETURN(Status);}
#endif
//++
// Function:
// SrLogFlush
//
// Description:
// This function flushes the buffer contents in memory
// to the log, it doesn't increment file offset in the
// log context.
//
// Arguments:
// Pointer to new Log Context
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogFlush( IN PSR_LOG_CONTEXT pLogContext ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; IO_STATUS_BLOCK IoStatusBlock; BOOLEAN ExtendLogFile = FALSE;
PAGED_CODE();
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE(pLogContext->pExtension));
SrTrace(FUNC_ENTRY, ("SR!SrLogFlush\n") );
//
// should we short circuit out of here for testing mode?
//
if (global->DontBackup) { Status = STATUS_SUCCESS; goto SrLogFlush_Exit; }
//
// bail if the context is disabled
//
if (!FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )) { goto SrLogFlush_Exit; }
ASSERT( pLogContext->LogHandle != NULL );
if (FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY )) { SrTrace( LOG, ("Flushing Log :%wZ", pLogContext->pLogFilePath));
//
// Do we need to extend our log file? We can possibly loop here if
// the amount of data we need to write is greater than our
// allocation unit. We want to make sure that if we do have to extend
// the file that we have at least extended it enough for our
// current write.
//
while ((pLogContext->BufferOffset + pLogContext->FileOffset) > pLogContext->AllocationSize) { //
// This file will need to be extended for this write.
//
ExtendLogFile = TRUE; pLogContext->AllocationSize += _globals.LogAllocationUnit; }
if (ExtendLogFile) { FILE_ALLOCATION_INFORMATION fileAllocInfo;
fileAllocInfo.AllocationSize.QuadPart = pLogContext->AllocationSize;
Status = SrSetInformationFile( pLogContext->pExtension->pTargetDevice, pLogContext->pLogFileObject, &fileAllocInfo, sizeof( fileAllocInfo ), FileAllocationInformation );
if ((Status == STATUS_NO_SUCH_DEVICE) || (Status == STATUS_INVALID_HANDLE) || !NT_SUCCESS( Status )) { SrTrace( LOG, ("SrLogFlush: Log extension failed: 0x%x\n", Status) ); goto SrLogFlush_Exit; } } //
// Write the buffer to the disk. We have opened this file in append
// only mode, so the file system will maintain the current file
// position for us. This handle was open for SYNCHRONOUS access,
// therefore, this IO will not return until it has completed.
//
ASSERT( pLogContext->pLogBuffer != NULL ); Status = ZwWriteFile( pLogContext->LogHandle, NULL, // Event
NULL, // ApcRoutine
NULL, // ApcContext
&IoStatusBlock, pLogContext->pLogBuffer, pLogContext->BufferOffset, NULL, // ByteOffset
NULL ); // Key
//
// Handle STATUS_NO_SUCH_DEVICE because we expect this when
// HotPlugable devices are removed by surprise.
//
// Handle STATUS_INVALID_HANDLE because we expect this when
// a force-dismount came through on a volume.
//
if ((Status == STATUS_NO_SUCH_DEVICE) || (Status == STATUS_INVALID_HANDLE) || !NT_SUCCESS( Status )) { SrTrace( LOG,("SrLogFlush: Write failed: 0x%x\n", Status) ); goto SrLogFlush_Exit; }
Status = SrFlushBuffers( pLogContext->pExtension->pTargetDevice, pLogContext->pLogFileObject ); if (!NT_SUCCESS( Status )) { SrTrace( LOG,("SrLogFlush: Flush failed: 0x%x\n", Status) ); goto SrLogFlush_Exit; } SrTrace( LOG,("SrLogFlush: Flush succeeded!\n"));
//
// We've dumped the buffer to disk, so update our file offset with the
// number of bytes we have written, reset our buffer pointer, and
// clear the dirty flag on this log context since it is no longer
// dirty.
//
ASSERT( pLogContext->BufferOffset == IoStatusBlock.Information ); UPDATE_LOG_OFFSET( pLogContext, pLogContext->BufferOffset ); RESET_LOG_BUFFER( pLogContext ); CLEAR_DIRTY_FLAG( pLogContext ); }
//
// If we got here, the flush was successful, so return that status.
//
Status = STATUS_SUCCESS;
SrLogFlush_Exit:
#if DBG
if (Status == STATUS_NO_SUCH_DEVICE || Status == STATUS_INVALID_HANDLE) { return Status; }#endif
RETURN(Status);} // SrLogFlush
//++
// Function:
// SrLogSwitch
//
// Description:
// This function Switches the current log to the
// new log.
//
// Arguments:
// Pointer to new log context.
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrLogSwitch( IN PSR_LOG_CONTEXT pLogContext ){ NTSTATUS Status = STATUS_UNSUCCESSFUL;
PAGED_CODE();
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) || IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
//
// bail if the context is disabled
//
if (!FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )) { Status = STATUS_UNSUCCESSFUL; goto SrLogSwitch_Exit; }
if (pLogContext->LogHandle) { //
// flush, renames and close current log
//
Status = SrLogClose( pLogContext );
if (NT_SUCCESS(Status)) { //
// try and open the log file
//
Status = SrLogOpen( pLogContext ); } }
SrLogSwitch_Exit: RETURN(Status); } // SrLogSwitch
/////////////////////////////////////////////////////////////////////
//
// Misc Routines : Misc routines required by the logging module
//
/////////////////////////////////////////////////////////////////////
//++
// Function:
// SrGetRestorePointPath
//
// Description:
// This function creates a path for the restore point dir.
//
// Arguments:
// Pointer to log entry buffer
// Length of the Log filename buffer
// Pointer to the Log filename buffer
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUS SrGetRestorePointPath( IN PUNICODE_STRING pVolumeName, IN USHORT RestPtPathLength, OUT PUNICODE_STRING pRestPtPath ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; ULONG CharCount;
PAGED_CODE();
ASSERT(pVolumeName != NULL); ASSERT(pRestPtPath != NULL);
try { //
// Copy the volume name in the log file
//
pRestPtPath->Buffer = (PWSTR)(pRestPtPath+1); //
// TODO:(CODEWORK: grab a lock around global?)
//
//
// construct our restore point location string
//
CharCount = swprintf( pRestPtPath->Buffer, VOLUME_FORMAT RESTORE_LOCATION, pVolumeName, global->MachineGuid ); pRestPtPath->Length = (USHORT)CharCount * sizeof(WCHAR); pRestPtPath->MaximumLength = RestPtPathLength; if ( pRestPtPath->Length > RestPtPathLength ) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } //
// Append the restore point directory
//
CharCount = swprintf( &pRestPtPath->Buffer[pRestPtPath->Length/sizeof(WCHAR)], L"\\" RESTORE_POINT_PREFIX L"%d\\", global->FileConfig.CurrentRestoreNumber ); pRestPtPath->Length += (USHORT)CharCount * sizeof(WCHAR); pRestPtPath->MaximumLength = RestPtPathLength; if ( pRestPtPath->Length > RestPtPathLength ) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } //
// NULL terminate it
//
pRestPtPath->Buffer[pRestPtPath->Length/sizeof(WCHAR)] = UNICODE_NULL; Status = STATUS_SUCCESS; } finally { } RETURN(Status); } // SrGetRestorePointPath
//++
// Function:
// SrGetLogFileName
//
// Description:
// This function creates a path for change log in restore point dir.
//
// Arguments:
// Pointer to log entry buffer
// Length of the Log filename buffer
// Pointer to the Log filename buffer
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUS SrGetLogFileName( IN PUNICODE_STRING pVolumeName, IN USHORT LogFileNameLength, OUT PUNICODE_STRING pLogFileName ){ NTSTATUS Status;
PAGED_CODE();
ASSERT(pVolumeName != NULL); ASSERT(pLogFileName != NULL);
//
// Get restore point path
//
Status = SrGetRestorePointPath( pVolumeName, LogFileNameLength, pLogFileName );
if (NT_SUCCESS(Status)) { //
// Append changelog file name
//
Status = RtlAppendUnicodeToString( pLogFileName, s_cszCurrentChangeLog ); }
RETURN(Status); } // SrGetLogFileName
//++
// Function:
// SrGetAclFileName
//
// Description:
// This function creates a path for Acl file in restore point dir.
//
// Arguments:
// Pointer to log entry buffer
// Length of the Log filename buffer
// Pointer to the Log filename buffer
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUS SrGetAclFileName( IN PUNICODE_STRING pVolumeName, IN USHORT AclFileNameLength, OUT PUNICODE_STRING pAclFileName ){ NTSTATUS Status = STATUS_UNSUCCESSFUL; ULONG CharCount; ULONG NextFileNumber;
PAGED_CODE();
ASSERT(pVolumeName != NULL); ASSERT(pAclFileName != NULL);
//
// Get restore point path
//
Status = SrGetRestorePointPath( pVolumeName, AclFileNameLength, pAclFileName );
if (NT_SUCCESS(Status)) { //
// Generate a new file number and append it to the path above
//
Status = SrGetNextFileNumber(&NextFileNumber); if (!NT_SUCCESS( Status )) goto End;
//
// use the "S" prefix (e.g. "S0000001.Acl" )
//
CharCount = swprintf( &pAclFileName->Buffer[pAclFileName->Length/sizeof(WCHAR)], ACL_FILE_PREFIX L"%07d" ACL_FILE_SUFFIX, NextFileNumber );
pAclFileName->Length += (USHORT)CharCount * sizeof(WCHAR);
if ( pAclFileName->Length > AclFileNameLength ) { goto End; }
//
// NULL terminate it
//
pAclFileName->Buffer[pAclFileName->Length/sizeof(WCHAR)]=UNICODE_NULL; }
End: RETURN(Status); } // SrGetAclFileName
//++
// Function:
// SrGetAclInformation
//
// Description:
// This function gets the acl information from the given file
// and packs it into a sub-record
//
// Arguments:
// Pointer to filename
// Pointer to variable to return the address of security info
// Pointer to variable to return the size of security info
//
// Return Value:
// This function returns STATUS_XXX
//--
NTSTATUSSrGetAclInformation ( IN PFILE_OBJECT pFileObject, IN PSR_DEVICE_EXTENSION pExtension, OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor, OUT PULONG pSizeNeeded ){ NTSTATUS Status = STATUS_SUCCESS; PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL; ULONG SizeNeeded = 256;
struct { FILE_FS_ATTRIBUTE_INFORMATION Info; WCHAR Buffer[ 50 ]; } FileFsAttrInfoBuffer;
PAGED_CODE();
ASSERT(IS_VALID_FILE_OBJECT(pFileObject)); ASSERT(pSizeNeeded != NULL); ASSERT(ppSecurityDescriptor != NULL);
try {
*ppSecurityDescriptor = NULL; *pSizeNeeded = 0;
//
// First check if we already know if the fs supports acls
// Do this check now so we can leave real fast if the volume
// doesn't support ACLs
//
if (pExtension->CachedFsAttributes && (!FlagOn(pExtension->FsAttributes, FILE_PERSISTENT_ACLS))) { leave; } //
// Check if the file system supports acl stuff if necessary
//
if (!pExtension->CachedFsAttributes) { //
// We need to check now
//
Status = SrQueryVolumeInformationFile( pExtension->pTargetDevice, pFileObject, &FileFsAttrInfoBuffer.Info, sizeof(FileFsAttrInfoBuffer), FileFsAttributeInformation, NULL ); if (!NT_SUCCESS( Status )) leave; //
// Stow away the attributes for later use
//
pExtension->CachedFsAttributes = TRUE; pExtension->FsAttributes = FileFsAttrInfoBuffer.Info.FileSystemAttributes;
if (!FlagOn(pExtension->FsAttributes, FILE_PERSISTENT_ACLS)) leave; }
//
// Read in the security information from the source file
// (looping until we get a big enough buffer).
//
while (TRUE ) { //
// Alloc a buffer to hold the security info.
//
pSecurityDescriptor = SR_ALLOCATE_ARRAY( PagedPool, UCHAR, SizeNeeded, SR_SECURITY_DATA_TAG ); if (NULL == pSecurityDescriptor) { Status = STATUS_INSUFFICIENT_RESOURCES; leave; } //
// Query the security info
//
Status = SrQuerySecurityObject( pExtension->pTargetDevice, pFileObject, DACL_SECURITY_INFORMATION |SACL_SECURITY_INFORMATION |OWNER_SECURITY_INFORMATION |GROUP_SECURITY_INFORMATION, pSecurityDescriptor, SizeNeeded, &SizeNeeded ); //
// Not enough buffer?
//
if (STATUS_BUFFER_TOO_SMALL == Status || STATUS_BUFFER_OVERFLOW == Status) { //
// Get a bigger buffer and try again.
//
SR_FREE_POOL( pSecurityDescriptor, SR_SECURITY_DATA_TAG ); pSecurityDescriptor = NULL; SizeNeeded *= 2; continue; } break; } if (!NT_SUCCESS( Status )) leave; //
// Security descriptor should be self relative.
//
ASSERT(((PISECURITY_DESCRIPTOR_RELATIVE)pSecurityDescriptor)->Control & SE_SELF_RELATIVE); //
// return the security information
//
*ppSecurityDescriptor = pSecurityDescriptor; pSecurityDescriptor = NULL; *pSizeNeeded = SizeNeeded; SrTrace( LOG, ("sr!SrGetAclInformation: returning [0x%p,%d]\n", *ppSecurityDescriptor, SizeNeeded )); } finally { Status = FinallyUnwind(SrGetAclInformation, Status);
if (pSecurityDescriptor != NULL) { SR_FREE_POOL( pSecurityDescriptor, SR_SECURITY_DATA_TAG ); pSecurityDescriptor = NULL; } }
RETURN(Status); } // SrGetAclInformation
|
