Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

813 lines
21 KiB

#include "ntos.h"
#include "io.h"
#include <stdarg.h>
#include <wmistr.h>
NTSTATUS
WmiSampSystemControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
);
NTSTATUS
WmiSampFunctionControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN WMIENABLEDISABLEFUNCTION Function,
IN BOOLEAN Enable
);
NTSTATUS
WmiSampExecuteWmiMethod(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG MethodId,
IN ULONG InBufferSize,
IN ULONG OutBufferSize,
IN PUCHAR Buffer
);
NTSTATUS
WmiSampSetWmiDataItem(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG DataItemId,
IN ULONG BufferSize,
IN PUCHAR Buffer
);
NTSTATUS
WmiSampSetWmiDataBlock(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG BufferSize,
IN PUCHAR Buffer
);
NTSTATUS
WmiSampQueryWmiDataBlock(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG BufferAvail,
OUT PUCHAR Buffer
);
NTSTATUS
WmiSampQueryWmiRegInfo(
IN PDEVICE_OBJECT DeviceObject,
OUT ULONG *RegFlags,
OUT PUNICODE_STRING InstanceName,
OUT PUNICODE_STRING *RegistryPath
);
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
);
NTSTATUS
WmiSampPnP(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
);
NTSTATUS
WmiSampForward(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
);
VOID
WmiSampUnload(
IN PDRIVER_OBJECT DriverObject
);
NTSTATUS
WmiSampCreateDeviceObject(
IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT *DeviceObject,
LONG Instance
);
NTSTATUS
WmiSampAddDevice(
IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT PhysicalDeviceObject
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(INIT,DriverEntry)
#pragma alloc_text(PAGE,WmiSampQueryWmiRegInfo)
#pragma alloc_text(PAGE,WmiSampQueryWmiDataBlock)
#pragma alloc_text(PAGE,WmiSampSetWmiDataBlock)
#pragma alloc_text(PAGE,WmiSampSetWmiDataItem)
#pragma alloc_text(PAGE,WmiSampExecuteWmiMethod)
#pragma alloc_text(PAGE,WmiSampFunctionControl)
#endif
// {15D851F1-6539-11d1-A529-00A0C9062910}
GUIDREGINFO WmiSampGuidList[] =
{
{
{ 0x15d851f1, 0x6539, 0x11d1, 0xa5, 0x29, 0x0, 0xa0, 0xc9, 0x6, 0x29, 0x10 },
WMIREG_FLAG_EXPENSIVE
},
};
ULONG WmiSampDummyData[4] = { 1, 2, 3, 4};
UNICODE_STRING WmiSampRegistryPath;
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
Installable driver initialization entry point.
This is where the driver is called when the driver is being loaded
by the I/O system. This entry point is called directly by the I/O system.
Arguments:
DriverObject - pointer to the driver object
RegistryPath - pointer to a unicode string representing the path
to driver-specific key in the registry
Return Value:
STATUS_SUCCESS if successful,
STATUS_UNSUCCESSFUL otherwise
--*/
{
NTSTATUS ntStatus = STATUS_SUCCESS;
PDEVICE_OBJECT deviceObject = NULL;
WmiSampRegistryPath.Length = 0;
WmiSampRegistryPath.MaximumLength = RegistryPath->Length;
WmiSampRegistryPath.Buffer = ExAllocatePool(PagedPool,
RegistryPath->Length+2);
RtlCopyUnicodeString(&WmiSampRegistryPath, RegistryPath);
/*
// Create dispatch points for the various events handled by this
// driver. For example, device I/O control calls (e.g., when a Win32
// application calls the DeviceIoControl function) will be dispatched to
// routine specified below in the IRP_MJ_DEVICE_CONTROL case.
//
// For more information about the IRP_XX_YYYY codes, please consult the
// Windows NT DDK documentation.
//
*/
DriverObject->MajorFunction[IRP_MJ_CREATE] = WmiSampForward;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = WmiSampForward;
DriverObject->DriverUnload = WmiSampUnload;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = WmiSampForward;
DriverObject->MajorFunction[IRP_MJ_PNP] = WmiSampPnP;
DriverObject->MajorFunction[IRP_MJ_POWER] = WmiSampForward;
DriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = WmiSampSystemControl;
DriverObject->DriverExtension->AddDevice = WmiSampAddDevice;
return ntStatus;
}
NTSTATUS
WmiSampSystemControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
return(IoWMISystemControl((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp));
}
NTSTATUS
WmiSampPnP(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
/*++
Routine Description:
Process the IRPs sent to this device.
Arguments:
DeviceObject - pointer to a device object
Irp - pointer to an I/O Request Packet
Return Value:
NTSTATUS
--*/
{
PIO_STACK_LOCATION irpStack, nextStack;
PWMILIB_INFO wmilibInfo;
NTSTATUS status;
irpStack = IoGetCurrentIrpStackLocation (Irp);
/*
// Get a pointer to the device extension
*/
wmilibInfo = (PWMILIB_INFO)DeviceObject->DeviceExtension;
switch (irpStack->MinorFunction)
{
case IRP_MN_START_DEVICE:
{
IoWMIRegistrationControl(DeviceObject, WMIREG_ACTION_REGISTER);
break; //IRP_MN_START_DEVICE
}
case IRP_MN_REMOVE_DEVICE:
{
IoWMIRegistrationControl(DeviceObject, WMIREG_ACTION_DEREGISTER);
IoDetachDevice(wmilibInfo->LowerDeviceObject);
IoDeleteDevice (DeviceObject);
break; //IRP_MN_REMOVE_DEVICE
}
}
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(wmilibInfo->LowerDeviceObject, Irp);
return(status);
}
NTSTATUS
WmiSampForward(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PIO_STACK_LOCATION irpStack, nextStack;
PWMILIB_INFO wmilibInfo;
NTSTATUS status;
irpStack = IoGetCurrentIrpStackLocation (Irp);
/*
// Get a pointer to the device extension
*/
wmilibInfo = (PWMILIB_INFO)DeviceObject->DeviceExtension;
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver(wmilibInfo->LowerDeviceObject, Irp);
return(status);
}
VOID
WmiSampUnload(
IN PDRIVER_OBJECT DriverObject
)
/*++
Routine Description:
Free all the allocated resources, etc.
TODO: This is a placeholder for driver writer to add code on unload
Arguments:
DriverObject - pointer to a driver object
Return Value:
None
--*/
{
ExFreePool(WmiSampRegistryPath.Buffer);
}
NTSTATUS
WmiSampCreateDeviceObject(
IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT *DeviceObject,
LONG Instance
)
/*++
Routine Description:
Creates a Functional DeviceObject
Arguments:
DriverObject - pointer to the driver object for device
DeviceObject - pointer to DeviceObject pointer to return
created device object.
Instance - instnace of the device create.
Return Value:
STATUS_SUCCESS if successful,
STATUS_UNSUCCESSFUL otherwise
--*/
{
NTSTATUS status;
WCHAR deviceNameBuffer[] = L"\\Device\\Sample-0";
UNICODE_STRING deviceNameUnicodeString;
deviceNameBuffer[15] = (USHORT) ('0' + Instance);
RtlInitUnicodeString (&deviceNameUnicodeString,
deviceNameBuffer);
status = IoCreateDevice (DriverObject,
sizeof(WMILIB_INFO),
&deviceNameUnicodeString,
FILE_DEVICE_UNKNOWN,
0,
FALSE,
DeviceObject);
return status;
}
ULONG Instance;
NTSTATUS
WmiSampAddDevice(
IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT PhysicalDeviceObject
)
/*++
Routine Description:
This routine is called to create a new instance of the device
Arguments:
DriverObject - pointer to the driver object for this instance of Sample
PhysicalDeviceObject - pointer to a device object created by the bus
Return Value:
STATUS_SUCCESS if successful,
STATUS_UNSUCCESSFUL otherwise
--*/
{
NTSTATUS status;
PDEVICE_OBJECT deviceObject = NULL;
PWMILIB_INFO wmilibInfo;
DbgBreakPoint();
// create our functional device object (FDO)
status = WmiSampCreateDeviceObject(DriverObject, &deviceObject, Instance++);
if (NT_SUCCESS(status)) {
wmilibInfo = deviceObject->DeviceExtension;
deviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
/*
// Add more flags here if your driver supports other specific
// behavior. For example, if your IRP_MJ_READ and IRP_MJ_WRITE
// handlers support DIRECT_IO, you would set that flag here.
//
// Also, store away the Physical device Object
*/
wmilibInfo->LowerPDO = PhysicalDeviceObject;
//
// Attach to the StackDeviceObject. This is the device object that what we
// use to send Irps and Urbs down the USB software stack
//
wmilibInfo->LowerDeviceObject =
IoAttachDeviceToDeviceStack(deviceObject, PhysicalDeviceObject);
wmilibInfo->GuidCount = 1;
wmilibInfo->GuidList = WmiSampGuidList;
wmilibInfo->QueryWmiRegInfo = WmiSampQueryWmiRegInfo;
wmilibInfo->QueryWmiDataBlock = WmiSampQueryWmiDataBlock;
wmilibInfo->SetWmiDataBlock = WmiSampSetWmiDataBlock;
wmilibInfo->SetWmiDataItem = WmiSampSetWmiDataItem;
wmilibInfo->ExecuteWmiMethod = WmiSampExecuteWmiMethod;
wmilibInfo->WmiFunctionControl = WmiSampFunctionControl;
}
return(status);
}
NTSTATUS
WmiSampQueryWmiRegInfo(
IN PDEVICE_OBJECT DeviceObject,
OUT ULONG *RegFlags,
OUT PUNICODE_STRING InstanceName,
OUT PUNICODE_STRING *RegistryPath
)
/*++
Routine Description:
This routine is a callback into the driver to retrieve the list of
guids or data blocks that the driver wants to register with WMI. This
routine may not pend or block. Driver should NOT call
ClassWmiCompleteRequest.
Arguments:
DeviceObject is the device whose data block is being queried
*RegFlags returns with a set of flags that describe the guids being
registered for this device. If the device wants enable and disable
collection callbacks before receiving queries for the registered
guids then it should return the WMIREG_FLAG_EXPENSIVE flag. Also the
returned flags may specify WMIREG_FLAG_INSTANCE_PDO in which case
the instance name is determined from the PDO associated with the
device object. Note that the PDO must have an associated devnode. If
WMIREG_FLAG_INSTANCE_PDO is not set then Name must return a unique
name for the device.
InstanceName returns with the instance name for the guids if
WMIREG_FLAG_INSTANCE_PDO is not set in the returned *RegFlags. The
caller will call ExFreePool with the buffer returned.
*RegistryPath returns with the registry path of the driver
Return Value:
status
--*/
{
*RegFlags = WMIREG_FLAG_INSTANCE_PDO;
*RegistryPath = &WmiSampRegistryPath;
return(STATUS_SUCCESS);
}
NTSTATUS
WmiSampQueryWmiDataBlock(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG BufferAvail,
OUT PUCHAR Buffer
)
/*++
Routine Description:
This routine is a callback into the driver to query for the contents of
a data block. When the driver has finished filling the data block it
must call ClassWmiCompleteRequest to complete the irp. The driver can
return STATUS_PENDING if the irp cannot be completed immediately.
Arguments:
DeviceObject is the device whose data block is being queried
Irp is the Irp that makes this request
GuidIndex is the index into the list of guids provided when the
device registered
BufferAvail on has the maximum size available to write the data
block.
Buffer on return is filled with the returned data block
Return Value:
status
--*/
{
NTSTATUS status;
ULONG sizeNeeded;
switch (GuidIndex)
{
case 0:
{
sizeNeeded = 4 * sizeof(ULONG);
if (BufferAvail >= sizeNeeded)
{
RtlCopyMemory(Buffer, WmiSampDummyData, sizeNeeded);
status = STATUS_SUCCESS;
} else {
status = STATUS_BUFFER_TOO_SMALL;
}
break;
}
default:
{
status = STATUS_WMI_GUID_NOT_FOUND;
}
}
status = IoWMICompleteRequest((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp,
status,
sizeNeeded,
IO_NO_INCREMENT);
return(status);
}
NTSTATUS
WmiSampSetWmiDataBlock(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG BufferSize,
IN PUCHAR Buffer
)
/*++
Routine Description:
This routine is a callback into the driver to query for the contents of
a data block. When the driver has finished filling the data block it
must call ClassWmiCompleteRequest to complete the irp. The driver can
return STATUS_PENDING if the irp cannot be completed immediately.
Arguments:
DeviceObject is the device whose data block is being queried
Irp is the Irp that makes this request
GuidIndex is the index into the list of guids provided when the
device registered
BufferSize has the size of the data block passed
Buffer has the new values for the data block
Return Value:
status
--*/
{
NTSTATUS status;
ULONG sizeNeeded;
switch(GuidIndex)
{
case 0:
{
sizeNeeded = 4 * sizeof(ULONG);
if (BufferSize == sizeNeeded)
{
RtlCopyMemory(WmiSampDummyData, Buffer, sizeNeeded);
status = STATUS_SUCCESS;
} else {
status = STATUS_INFO_LENGTH_MISMATCH;
}
break;
}
default:
{
status = STATUS_WMI_GUID_NOT_FOUND;
}
}
status = IoWMICompleteRequest((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp,
status,
0,
IO_NO_INCREMENT);
return(status);
}
NTSTATUS
WmiSampSetWmiDataItem(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG DataItemId,
IN ULONG BufferSize,
IN PUCHAR Buffer
)
/*++
Routine Description:
This routine is a callback into the driver to query for the contents of
a data block. When the driver has finished filling the data block it
must call ClassWmiCompleteRequest to complete the irp. The driver can
return STATUS_PENDING if the irp cannot be completed immediately.
Arguments:
DeviceObject is the device whose data block is being queried
Irp is the Irp that makes this request
GuidIndex is the index into the list of guids provided when the
device registered
DataItemId has the id of the data item being set
BufferSize has the size of the data item passed
Buffer has the new values for the data item
Return Value:
status
--*/
{
NTSTATUS status;
switch(GuidIndex)
{
case 0:
{
if ((BufferSize == sizeof(ULONG)) &&
(DataItemId <= 3))
{
WmiSampDummyData[DataItemId] = *((PULONG)Buffer);
status = STATUS_SUCCESS;
} else {
status = STATUS_INVALID_DEVICE_REQUEST;
}
break;
}
default:
{
status = STATUS_WMI_GUID_NOT_FOUND;
}
}
status = IoWMICompleteRequest((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp,
status,
0,
IO_NO_INCREMENT);
return(status);
}
NTSTATUS
WmiSampExecuteWmiMethod(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN ULONG MethodId,
IN ULONG InBufferSize,
IN ULONG OutBufferSize,
IN PUCHAR Buffer
)
/*++
Routine Description:
This routine is a callback into the driver to execute a method. When the
driver has finished filling the data block it must call
ClassWmiCompleteRequest to complete the irp. The driver can
return STATUS_PENDING if the irp cannot be completed immediately.
Arguments:
DeviceObject is the device whose data block is being queried
Irp is the Irp that makes this request
GuidIndex is the index into the list of guids provided when the
device registered
MethodId has the id of the method being called
InBufferSize has the size of the data block passed in as the input to
the method.
OutBufferSize on entry has the maximum size available to write the
returned data block.
Buffer is filled with the returned data block
Return Value:
status
--*/
{
ULONG sizeNeeded = 4 * sizeof(ULONG);
NTSTATUS status;
ULONG tempData[4];
switch(GuidIndex)
{
case 0:
{
if (MethodId == 1)
{
if (OutBufferSize >= sizeNeeded)
{
if (InBufferSize == sizeNeeded)
{
RtlCopyMemory(tempData, Buffer, sizeNeeded);
RtlCopyMemory(Buffer, WmiSampDummyData, sizeNeeded);
RtlCopyMemory(WmiSampDummyData, tempData, sizeNeeded);
status = STATUS_SUCCESS;
} else {
status = STATUS_INVALID_DEVICE_REQUEST;
}
} else {
status = STATUS_BUFFER_TOO_SMALL;
}
} else {
status = STATUS_INVALID_DEVICE_REQUEST;
}
break;
}
default:
{
status = STATUS_WMI_GUID_NOT_FOUND;
}
}
status = IoWMICompleteRequest((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp,
status,
0,
IO_NO_INCREMENT);
return(status);
}
NTSTATUS
WmiSampFunctionControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN ULONG GuidIndex,
IN WMIENABLEDISABLEFUNCTION Function,
IN BOOLEAN Enable
)
/*++
Routine Description:
This routine is a callback into the driver to enabled or disable event
generation or data block collection. A device should only expect a
single enable when the first event or data consumer enables events or
data collection and a single disable when the last event or data
consumer disables events or data collection. Data blocks will only
receive collection enable/disable if they were registered as requiring
it.
Arguments:
DeviceObject is the device whose data block is being queried
GuidIndex is the index into the list of guids provided when the
device registered
Function specifies which functionality is being enabled or disabled
Enable is TRUE then the function is being enabled else disabled
Return Value:
status
--*/
{
NTSTATUS status;
status = IoWMICompleteRequest((PWMILIB_INFO)DeviceObject->DeviceExtension,
DeviceObject,
Irp,
STATUS_SUCCESS,
0,
IO_NO_INCREMENT);
return(status);
}