archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/fs/fltsamples/filespy/usergui/drvcomm.cpp

567 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "global.h"
  2. #include "protos.h"
  4. #include "filespyview.h"
  5. #include "fastioview.h"
  6. #include "fsfilterview.h"
  7. #include "leftview.h"
  8. #include "filespyLib.h"
  10. void DisplayIrpFields(CFileSpyView *pView, PLOG_RECORD pLog);
  11. void DisplayFastIoFields(CFastIoView *pView, PLOG_RECORD pLog);
  12. void DisplayFsFilterFields(CFsFilterView *pView, PLOG_RECORD pLog);
  14. DWORD StartFileSpy(void)
  15. {
  17. DWORD nBytesNeeded;
  18. CLeftView *pDriveView;
  20. pDriveView = (CLeftView *) pLeftView;
  22. // Open Service control manager
  23. hSCManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS) ;
  25. hService = OpenServiceW(hSCManager, FILESPY_SERVICE_NAME, FILESPY_SERVICE_ACCESS);
  26. if (hService == NULL)
  27. {
  28. DisplayError(GetLastError());
  29. return 0;
  30. }
  32. if (!QueryServiceStatusEx( hService,
  33. SC_STATUS_PROCESS_INFO,
  34. (UCHAR *)&ServiceInfo,
  35. sizeof(ServiceInfo),
  36. &nBytesNeeded))
  37. {
  38. DisplayError(GetLastError());
  39. CloseServiceHandle(hSCManager);
  40. CloseServiceHandle(hService);
  41. MessageBox(NULL, L"Unable to query Service status information", L"Startup Error", MB_OK|MB_ICONEXCLAMATION);
  42. return 0;
  43. }
  45. if(ServiceInfo.dwCurrentState != SERVICE_RUNNING) {
  46. //
  47. // Service hasn't been started yet, so try to start service
  48. //
  49. if (!StartService(hService, 0, NULL))
  50. {
  51. CloseServiceHandle(hSCManager);
  52. CloseServiceHandle(hService);
  53. MessageBox(NULL, L"Unable to start service", L"Startup Error", MB_OK|MB_ICONSTOP);
  54. return 0;
  55. }
  56. }
  58. //
  59. // Open the device that is used to talk to FileSpy.
  60. //
  61. hDevice = CreateFile( FILESPY_W32_DEVICE_NAME,
  62. GENERIC_READ | GENERIC_WRITE,
  63. 0,
  64. NULL,
  65. OPEN_EXISTING,
  66. FILE_ATTRIBUTE_NORMAL,
  67. NULL );
  68. if (hDevice == INVALID_HANDLE_VALUE)
  69. {
  70. CloseServiceHandle(hSCManager);
  71. CloseServiceHandle(hService);
  72. MessageBox(NULL, L"Unable to open FileSpy device", L"Device Error", MB_OK|MB_ICONSTOP);
  73. return 0;
  74. }
  76. QueryDeviceAttachments();
  77. pDriveView->UpdateImage();
  79. // Create the polling thread
  80. hPollThread = CreateThread(NULL, 0, PollFileSpy, NULL, 0, &nPollThreadId);
  82. return 1;
  83. }
  85. DWORD ShutdownFileSpy(void)
  86. {
  87. USHORT ti;
  89. for (ti = 0; ti < nTotalDrives; ti++)
  90. {
  91. if (VolInfo[ti].bHook)
  92. {
  93. DetachFromDrive( VolInfo[ti].nDriveName );
  94. }
  95. }
  96. CloseHandle(hDevice);
  97. CloseServiceHandle(hService);
  98. CloseServiceHandle(hSCManager);
  99. return 1;
  100. }
  102. BOOL QueryDeviceAttachments(void)
  103. {
  104. WCHAR Buffer[BUFFER_SIZE];
  105. ULONG nBytesReturned;
  106. BOOL nReturnValue;
  107. USHORT ti;
  108. PATTACHED_DEVICE pDevice;
  110. nReturnValue = DeviceIoControl(hDevice, FILESPY_ListDevices, NULL, 0, Buffer, sizeof( Buffer ), &nBytesReturned, NULL);
  112. if (nReturnValue && nBytesReturned)
  113. {
  114. pDevice = (PATTACHED_DEVICE) Buffer;
  115. while ( ((char *)pDevice) < (((char *)Buffer) + nBytesReturned))
  116. {
  117. if (pDevice->LoggingOn)
  118. {
  119. //
  120. // Locate this drive in VolInfo and set its attachment status
  121. //
  122. for (ti = 0; ti < nTotalDrives; ti++)
  123. {
  124. if (VolInfo[ti].nDriveName == towupper( pDevice->DeviceNames[0] ))
  125. {
  126. VolInfo[ti].bHook = 1;
  127. VolInfo[ti].nImage += IMAGE_ATTACHSTART;
  128. }
  129. }
  130. }
  131. pDevice++;
  132. }
  133. }
  134. return nReturnValue;
  135. }
  137. DWORD AttachToDrive(WCHAR cDriveName)
  138. {
  139. WCHAR sDriveString[5];
  140. DWORD nResult, nBytesReturned;
  142. wcscpy(sDriveString, L" :\0");
  143. sDriveString[0] = cDriveName;
  145. nResult = DeviceIoControl( hDevice,
  146. FILESPY_StartLoggingDevice,
  147. sDriveString,
  148. sizeof( sDriveString),
  149. NULL,
  150. 0,
  151. &nBytesReturned,
  152. NULL);
  153. if (!nResult)
  154. {
  155. DisplayError(GetLastError());
  156. return 0;
  157. }
  158. return 1;
  159. }
  161. DWORD DetachFromDrive(WCHAR cDriveName)
  162. {
  163. WCHAR sDriveString[5];
  164. DWORD nResult, nBytesReturned;
  166. wcscpy(sDriveString, L" :\0");
  167. sDriveString[0] = cDriveName;
  169. nResult = DeviceIoControl( hDevice,
  170. FILESPY_StopLoggingDevice,
  171. sDriveString,
  172. sizeof(sDriveString),
  173. NULL,
  174. 0,
  175. &nBytesReturned,
  176. NULL );
  177. if (!nResult)
  178. {
  179. DisplayError(GetLastError());
  180. return 0;
  181. }
  182. return 1;
  183. }
  185. DWORD WINAPI PollFileSpy(LPVOID pParm)
  186. {
  187. char pBuffer[BUFFER_SIZE];
  188. DWORD nBytesReturned, nResult;
  189. PLOG_RECORD pLog;
  190. CFileSpyView *pIrpView;
  191. CFastIoView *pFastView;
  192. CFsFilterView *pFilterView;
  194. UNREFERENCED_PARAMETER( pParm );
  196. pIrpView = (CFileSpyView *) pSpyView;
  197. pFastView = (CFastIoView *) pFastIoView;
  198. pFilterView = (CFsFilterView *) pFsFilterView;
  200. while (1)
  201. {
  202. //
  203. // Start receiving log
  204. //
  205. nResult = DeviceIoControl(hDevice, FILESPY_GetLog, NULL, 0, pBuffer, \
  206. BUFFER_SIZE, &nBytesReturned, NULL);
  208. if (nResult) {
  210. if (nBytesReturned > 0)
  211. {
  212. pLog = (PLOG_RECORD) pBuffer;
  214. while ((CHAR *) pLog < pBuffer + nBytesReturned) {
  216. switch (GET_RECORD_TYPE(pLog))
  217. {
  218. case RECORD_TYPE_IRP:
  219. DisplayIrpFields(pIrpView, pLog);
  220. break;
  221. case RECORD_TYPE_FASTIO:
  222. DisplayFastIoFields(pFastView, pLog);
  223. break;
  224. case RECORD_TYPE_FS_FILTER_OP:
  225. DisplayFsFilterFields(pFilterView, pLog);
  226. break;
  227. default:
  228. //
  229. // Special handling required
  230. break;
  231. }
  233. //
  234. // Move to the next LogRecord
  235. //
  237. pLog = (PLOG_RECORD) (((CHAR *) pLog) + pLog->Length);
  238. }
  239. }
  240. else
  241. {
  242. Sleep( 500 );
  243. }
  245. } else {
  247. return 1;
  249. }
  250. }
  251. return 1;
  252. }
  254. void DisplayIrpFields(CFileSpyView *pView, PLOG_RECORD pLog)
  255. {
  256. INT nItem;
  257. CHAR cStr[NAME_SIZE], cMnStr[NAME_SIZE];
  258. WCHAR sStr[NAME_SIZE], sMnStr[NAME_SIZE];
  259. ULONG nameLength;
  261. if (IRPFilter[pLog->Record.RecordIrp.IrpMajor] == 0)
  262. {
  263. return;
  264. }
  265. else
  266. {
  267. if (nSuppressPagingIO && (pLog->Record.RecordIrp.IrpFlags & IRP_PAGING_IO || pLog->Record.RecordIrp.IrpFlags & IRP_SYNCHRONOUS_PAGING_IO))
  268. {
  269. return;
  270. }
  271. }
  273. nItem = pView->GetListCtrl().GetItemCount();
  275. //
  276. // nItem is 1 based but when we insert/delete items ListCtrl takes 0 based parameter
  277. // so automatically nItem gives an insertion number which is the last item
  278. //
  279. pView->GetListCtrl().InsertItem( nItem,L" " );
  280. pView->GetListCtrl().EnsureVisible( nItem, FALSE );
  282. //
  283. // Sequence number
  284. //
  285. swprintf( sStr, L"%06X ", pLog->SequenceNumber );
  286. pView->GetListCtrl().SetItemText( nItem, 0, sStr );
  288. //
  289. // Irp major and minor strings
  290. //
  292. GetIrpName( pLog->Record.RecordIrp.IrpMajor,
  293. pLog->Record.RecordIrp.IrpMinor,
  294. (ULONG)(ULONG_PTR)pLog->Record.RecordIrp.Argument3,
  295. cStr,
  296. cMnStr);
  298. MultiByteToWideChar(CP_ACP,0,cStr,-1,sStr,sizeof(sStr)/sizeof(WCHAR));
  299. MultiByteToWideChar(CP_ACP,0,cMnStr,-1,sMnStr,sizeof(sStr)/sizeof(WCHAR));
  301. pView->GetListCtrl().SetItemText( nItem, 1, sStr);
  302. pView->GetListCtrl().SetItemText( nItem, 2, sMnStr);
  304. //
  305. // FileObject
  306. //
  307. swprintf( sStr,
  308. L"%08X",
  309. pLog->Record.RecordIrp.FileObject );
  310. pView->GetListCtrl().SetItemText( nItem, 3, sStr );
  312. //
  313. // FileName
  314. //
  315. nameLength = pLog->Length - SIZE_OF_LOG_RECORD;
  316. swprintf( sStr, L"%.*s", nameLength/sizeof(WCHAR), pLog->Name );
  317. pView->GetListCtrl().SetItemText( nItem, 4, sStr );
  319. //
  320. // Process and thread ids
  321. //
  322. swprintf( sStr,
  323. L"%08X:%08X",
  324. pLog->Record.RecordIrp.ProcessId,
  325. pLog->Record.RecordIrp.ThreadId );
  326. pView->GetListCtrl().SetItemText( nItem, 5, sStr );
  328. //
  329. // Originating time
  330. //
  331. GetTimeString( (FILETIME *) &pLog->Record.RecordIrp.OriginatingTime, sStr );
  332. pView->GetListCtrl().SetItemText( nItem, 6, sStr );
  334. //
  335. // Completion time
  336. //
  337. GetTimeString( (FILETIME *) &pLog->Record.RecordIrp.CompletionTime, sStr );
  338. pView->GetListCtrl().SetItemText( nItem, 7, sStr );
  340. //
  341. // Irp flags
  342. //
  343. GetFlagsString( pLog->Record.RecordIrp.IrpFlags, sStr );
  344. pView->GetListCtrl().SetItemText( nItem, 8, sStr );
  346. //
  347. // Sequence number
  348. //
  349. swprintf( sStr,
  350. L"%08lX:%08lX",
  351. pLog->Record.RecordIrp.ReturnStatus,
  352. pLog->Record.RecordIrp.ReturnInformation);
  353. pView->GetListCtrl().SetItemText( nItem, 9, sStr );
  354. }
  356. void DisplayFastIoFields(CFastIoView *pView, PLOG_RECORD pLog)
  357. {
  358. INT nItem;
  359. CHAR cStr[NAME_SIZE];
  360. WCHAR sStr[NAME_SIZE];
  361. ULONG nameLength;
  363. if (FASTIOFilter[pLog->Record.RecordFastIo.Type] == 0)
  364. {
  365. return;
  366. }
  368. nItem = pView->GetListCtrl().GetItemCount();
  370. //
  371. // nItem is 1 based but when we insert/delete items ListCtrl takes 0 based parameter
  372. // so automatically nItem gives an insertion number which is the last item
  373. //
  374. pView->GetListCtrl().InsertItem( nItem, L" " );
  375. pView->GetListCtrl().EnsureVisible( nItem, FALSE );
  377. //
  378. // Sequence number
  379. //
  380. swprintf( sStr, L"%06X ", pLog->SequenceNumber );
  381. pView->GetListCtrl().SetItemText( nItem, 0, sStr );
  383. //
  384. // Fast IO type
  385. //
  386. GetFastioName( pLog->Record.RecordFastIo.Type, cStr );
  387. MultiByteToWideChar(CP_ACP,0,cStr,-1,sStr,sizeof(sStr)/sizeof(WCHAR));
  389. pView->GetListCtrl().SetItemText( nItem, 1, sStr );
  391. //
  392. // FileObject
  393. //
  394. swprintf( sStr, L"%08X", pLog->Record.RecordFastIo.FileObject) ;
  395. pView->GetListCtrl().SetItemText( nItem, 2, sStr );
  397. //
  398. // File name
  399. //
  400. nameLength = pLog->Length - SIZE_OF_LOG_RECORD;
  401. swprintf( sStr, L"%.*s", nameLength/sizeof(WCHAR), pLog->Name );
  402. pView->GetListCtrl().SetItemText( nItem, 3, sStr );
  404. //
  405. // File offset
  406. //
  407. swprintf( sStr, L"%08X", pLog->Record.RecordFastIo.FileOffset );
  408. pView->GetListCtrl().SetItemText( nItem, 4, sStr );
  410. //
  411. // File length
  412. //
  413. swprintf( sStr, L"%08X", pLog->Record.RecordFastIo.Length );
  414. pView->GetListCtrl().SetItemText( nItem, 5, sStr );
  416. //
  417. // Fast IO can wait
  418. //
  419. if (pLog->Record.RecordFastIo.Wait)
  420. {
  421. pView->GetListCtrl().SetItemText(nItem, 6, L"True");
  422. }
  423. else
  424. {
  425. pView->GetListCtrl().SetItemText(nItem, 6, L"False");
  426. }
  428. //
  429. // Thread and process ids
  430. //
  431. swprintf( sStr,
  432. L"%08X:%08X",
  433. pLog->Record.RecordFastIo.ProcessId,
  434. pLog->Record.RecordFastIo.ThreadId );
  435. pView->GetListCtrl().SetItemText( nItem, 7, sStr );
  437. //
  438. // Start time
  439. //
  440. GetTimeString( (FILETIME *) &pLog->Record.RecordFastIo.StartTime,
  441. sStr);
  442. pView->GetListCtrl().SetItemText( nItem, 8, sStr );
  444. //
  445. // Completion time
  446. //
  447. GetTimeString( (FILETIME *) &pLog->Record.RecordFastIo.CompletionTime, sStr );
  448. pView->GetListCtrl().SetItemText( nItem, 9, sStr );
  450. //
  451. // Return status
  452. //
  453. swprintf( sStr, L"%08X", pLog->Record.RecordFastIo.ReturnStatus );
  454. pView->GetListCtrl().SetItemText( nItem, 10, sStr );
  455. }
  457. void DisplayFsFilterFields(CFsFilterView *pView, PLOG_RECORD pLog)
  458. {
  459. INT nItem;
  460. CHAR cStr[NAME_SIZE];
  461. WCHAR sStr[NAME_SIZE];
  462. ULONG nameLength;
  464. nItem = pView->GetListCtrl().GetItemCount();
  466. //
  467. // nItem is 1 based but when we insert/delete items ListCtrl takes 0 based parameter
  468. // so automatically nItem gives an insertion number which is the last item
  469. //
  470. pView->GetListCtrl().InsertItem( nItem, L" " );
  471. pView->GetListCtrl().EnsureVisible( nItem, FALSE );
  473. //
  474. // Sequence number
  475. //
  476. swprintf( sStr, L"%06X ", pLog->SequenceNumber );
  477. pView->GetListCtrl().SetItemText( nItem, 0, sStr );
  479. //
  480. // Fs Filter operation
  481. //
  483. GetFsFilterOperationName( pLog->Record.RecordFsFilterOp.FsFilterOperation, cStr );
  484. MultiByteToWideChar(CP_ACP,0,cStr,-1,sStr,sizeof(sStr)/sizeof(WCHAR));
  486. pView->GetListCtrl().SetItemText( nItem, 1, sStr );
  488. //
  489. // FileObject
  490. //
  491. swprintf( sStr, L"%08X", pLog->Record.RecordFsFilterOp.FileObject );
  492. pView->GetListCtrl().SetItemText( nItem, 2, sStr );
  494. //
  495. // File name
  496. //
  497. nameLength = pLog->Length - SIZE_OF_LOG_RECORD;
  498. swprintf( sStr, L"%.*s", nameLength/sizeof(WCHAR), pLog->Name );
  499. pView->GetListCtrl().SetItemText( nItem, 3, sStr );
  501. //
  502. // Process and thread id
  503. //
  504. swprintf( sStr,
  505. L"%08X:%08X",
  506. pLog->Record.RecordFsFilterOp.ProcessId,
  507. pLog->Record.RecordFsFilterOp.ThreadId );
  508. pView->GetListCtrl().SetItemText( nItem, 4, sStr );
  510. //
  511. // Originating time
  512. //
  513. GetTimeString( (FILETIME *) &pLog->Record.RecordFsFilterOp.OriginatingTime, sStr );
  514. pView->GetListCtrl().SetItemText( nItem, 5, sStr );
  516. //
  517. // Completion time
  518. //
  519. GetTimeString( (FILETIME *) &pLog->Record.RecordFsFilterOp.CompletionTime, sStr );
  520. pView->GetListCtrl().SetItemText( nItem, 6, sStr );
  522. //
  523. // Return status
  524. //
  525. swprintf( sStr, L"%08X", pLog->Record.RecordFsFilterOp.ReturnStatus );
  526. pView->GetListCtrl().SetItemText( nItem, 7, sStr );
  527. }
  529. void GetFlagsString(DWORD nFlags, PWCHAR sStr)
  530. {
  532. swprintf(sStr, L"%08lX ", nFlags);
  534. if (nFlags & IRP_NOCACHE)
  535. {
  536. wcscat( sStr, L"NOCACHE ");
  537. }
  538. if (nFlags & IRP_PAGING_IO)
  539. {
  540. wcscat(sStr, L"PAGEIO ");
  541. }
  542. if (nFlags & IRP_SYNCHRONOUS_API)
  543. {
  544. wcscat(sStr, L"SYNCAPI ");
  545. }
  546. if (nFlags & IRP_SYNCHRONOUS_PAGING_IO)
  547. {
  548. wcscat(sStr, L"SYNCPAGEIO");
  549. }
  550. }
  553. void GetTimeString(FILETIME *pFileTime, PWCHAR sStr)
  554. {
  555. FILETIME LocalFileTime;
  556. SYSTEMTIME SystemTime;
  558. FileTimeToLocalFileTime(pFileTime, &LocalFileTime);
  559. FileTimeToSystemTime(&LocalFileTime, &SystemTime);
  561. swprintf( sStr,
  562. L"%02d:%02d:%02d:%03d",
  563. SystemTime.wHour,
  564. SystemTime.wMinute,
  565. SystemTime.wSecond,
  566. SystemTime.wMilliseconds);
  567. }