archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/base/lsa/server/scavenge.cxx

1150 lines
25 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1993.
  5. //
  6. // File: scavenge.c
  7. //
  8. // Contents: Home of the LSA scavenger thread
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 6-08-93 RichardW Created
  15. //
  16. //----------------------------------------------------------------------------
  18. #include <lsapch.hxx>
  20. #include "scavenge.hxx"
  22. #define SCAV_INTERNAL_NO_TRACE 0x10000000
  24. ULONG ScavNotifyCount;
  26. LIST_ENTRY NotifyList ;
  27. LIST_ENTRY NotifyEvents ;
  28. LIST_ENTRY ScavList ;
  29. LIST_ENTRY PageTouchList ;
  31. RTL_CRITICAL_SECTION NotifyLock ;
  32. RTL_CRITICAL_SECTION ScavLock ;
  33. RTL_CRITICAL_SECTION PageTouchLock ;
  35. HKEY LsaRegistryKey ;
  36. HANDLE LsaRegistryWatchEvent ;
  38. #define SCAV_TABLE 8
  39. PVOID DeadScavItems[ SCAV_TABLE ];
  40. ULONG DeadScavIndex ;
  42. #define SCAVENGER_WAIT_INTERVAL 60000L
  44. //
  45. // Internal flags:
  46. //
  48. #define SCAVFLAG_IN_PROGRESS 0x40000000 // Active
  49. #define SCAVFLAG_ABOUT_TO_DIE 0x20000000 // About to be removed
  50. #define SCAVFLAG_IMMEDIATE 0x08000000 // Immediate Execute
  51. #define SCAVFLAG_STATE_CHANGE 0x04000000 // State Change
  52. #define SCAVFLAG_TRIGGER_FREE 0x02000000 // Trigger will free
  53. #define SCAVFLAG_NOTIFY_EVENT 0x01000000
  55. #define SCAVFLAG_EXECUTE_INLINE 0x00800000 // Execute stub directly
  56. #define SCAVFLAG_ASYNC_TIMER_DELETE 0x00400000
  58. #define NOTIFYFLAG_CHILD_SYNC 0x80000000 // All sub funcs are synchronous
  59. #define NOTIFYFLAG_BLOCK_CALLS 0x40000000 // Block calls
  61. #define NOTIFY_FLAG_SYNCHRONOUS 0x00000001
  63. #if DBG
  64. #define SCAVFLAG_ITEM_BREAK 0x10000000
  65. #endif
  67. //
  68. // Define indices for well known events. Shutdown is triggered when
  69. // the console handler starts a shutdown. config is when someone adds
  70. // another notifier. state is when the state of the machine has changed.
  71. //
  73. #define SCAVENGER_SHUTDOWN_EVENT 0
  74. #define SCAVENGER_CONFIG_EVENT 1
  75. #define SCAVENGER_NOTIFY_EVENT 2
  77. #define LockScavenger() RtlEnterCriticalSection( &ScavLock )
  78. #define UnlockScavenger() RtlLeaveCriticalSection( &ScavLock )
  80. #define LockNotify() RtlEnterCriticalSection( &NotifyLock )
  81. #define UnlockNotify() RtlLeaveCriticalSection( &NotifyLock )
  84. //
  85. // Define locking macros for the scav list
  86. //
  88. #define LsapRefScavItem( Item ) \
  89. { \
  90. RtlEnterCriticalSection( &ScavLock ); \
  91. ((PLSAP_SCAVENGER_ITEM) Item)->RefCount++ ; \
  92. RtlLeaveCriticalSection( &ScavLock ); \
  93. }
  95. #define LsapRefScavItemUnsafe( Item ) \
  96. { \
  97. ((PLSAP_SCAVENGER_ITEM) Item)->RefCount++ ; \
  98. }
  102. DWORD
  103. WINAPI
  104. LsapScavengerThread(
  105. PVOID Ignored
  106. );
  109. BOOLEAN LsapBreakEveryMinute = FALSE;
  110. BOOLEAN LsapDebuggerOk = FALSE ;
  112. VOID
  113. LsapInternalBreak(
  114. VOID
  115. )
  116. {
  117. PLIST_ENTRY Scan ;
  118. PLSAP_PAGE_TOUCH Touch ;
  119. ULONG Sum = 0 ;
  120. PULONG Address ;
  121. SIZE_T i ;
  123. if ( !LsapDebuggerOk )
  124. {
  125. return;
  127. }
  129. RtlEnterCriticalSection( &PageTouchLock );
  131. Scan = PageTouchList.Flink ;
  133. while ( Scan != &PageTouchList )
  134. {
  135. Touch = CONTAINING_RECORD( Scan, LSAP_PAGE_TOUCH, List );
  137. Address = (PULONG) Touch->Address ;
  139. for ( i = 0 ; i < Touch->Range / sizeof( ULONG ) ; i++ )
  140. {
  141. Sum += *Address++ ;
  142. }
  144. Scan = Scan->Flink ;
  146. }
  148. DbgBreakPoint();
  150. RtlLeaveCriticalSection( &PageTouchLock );
  151. }
  153. VOID
  154. LsaIAddTouchAddress(
  155. PVOID Address,
  156. SIZE_T Range
  157. )
  158. {
  159. PLSAP_PAGE_TOUCH Touch ;
  160. PLIST_ENTRY Scan ;
  161. PLSAP_PAGE_TOUCH Touch2 = NULL ;
  163. Touch = (PLSAP_PAGE_TOUCH) LsapAllocatePrivateHeap(
  164. sizeof( LSAP_PAGE_TOUCH ) );
  166. if ( !Touch )
  167. {
  168. return;
  169. }
  171. Touch->Address = Address ;
  172. Touch->Range = Range ;
  174. RtlEnterCriticalSection( &PageTouchLock );
  176. Scan = PageTouchList.Flink ;
  178. while ( Scan != &PageTouchList )
  179. {
  180. Touch2 = CONTAINING_RECORD( Scan, LSAP_PAGE_TOUCH, List );
  182. if ( Touch2->Address == Touch->Address )
  183. {
  184. break;
  185. }
  187. Scan = Scan->Flink ;
  189. Touch2 = NULL ;
  190. }
  192. if ( !Touch2 )
  193. {
  194. InsertTailList( &PageTouchList, &Touch->List );
  195. }
  196. else
  197. {
  198. LsapFreePrivateHeap( Touch );
  199. }
  201. RtlLeaveCriticalSection( &PageTouchLock );
  203. }
  205. VOID
  206. LsaIRemoveTouchAddress(
  207. PVOID Address
  208. )
  209. {
  210. PLSAP_PAGE_TOUCH Touch = NULL ;
  211. PLIST_ENTRY Scan ;
  213. RtlEnterCriticalSection( &PageTouchLock );
  215. Scan = PageTouchList.Flink ;
  217. while ( Scan != &PageTouchList )
  218. {
  219. Touch = CONTAINING_RECORD( Scan, LSAP_PAGE_TOUCH, List );
  221. if ( Touch->Address == Address )
  222. {
  223. break;
  224. }
  226. Scan = Scan->Flink ;
  228. Touch = NULL ;
  229. }
  231. if ( Touch )
  232. {
  233. RemoveEntryList( &Touch->List );
  234. }
  236. RtlLeaveCriticalSection( &PageTouchLock );
  238. }
  240. ULONG
  241. NTAPI
  242. LsapScavengerBreak(
  243. PVOID Param
  244. )
  245. {
  246. if (LsapBreakEveryMinute)
  247. {
  248. LsapInternalBreak();
  249. }
  251. HANDLE hToken;
  252. DWORD ReturnLength;
  254. TOKEN_STATISTICS TokenStats;
  256. NTSTATUS Status;
  258. Status = NtOpenProcessToken(
  259. NtCurrentProcess(),
  260. TOKEN_QUERY,
  261. &hToken
  262. );
  264. if (NT_SUCCESS( Status )) {
  266. Status = NtQueryInformationToken (
  267. hToken,
  268. TokenStatistics,
  269. &TokenStats,
  270. sizeof( TOKEN_STATISTICS ),
  271. &ReturnLength
  272. );
  274. if (NT_SUCCESS( Status )) {
  276. if (TokenStats.ExpirationTime.QuadPart == 0i64) {
  278. LsapInternalBreak();
  279. }
  280. }
  282. NtClose( hToken );
  283. }
  285. return(0);
  286. }
  290. //+---------------------------------------------------------------------------
  291. //
  292. // Function: LsapRegistryWatch
  293. //
  294. // Synopsis: Callback that handles registry changes in the LSA key
  295. //
  296. // Arguments: [Ignored]
  297. //
  298. // History: 05-10-00 RichardW
  299. //
  300. // Notes:
  301. //
  302. //----------------------------------------------------------------------------
  303. DWORD
  304. LsapRegistryWatch(
  305. PVOID Ignored
  306. )
  307. {
  308. RegNotifyChangeKeyValue(
  309. LsaRegistryKey,
  310. TRUE,
  311. REG_NOTIFY_CHANGE_NAME |
  312. REG_NOTIFY_CHANGE_LAST_SET,
  313. LsaRegistryWatchEvent,
  314. TRUE );
  316. LsapEventNotify(
  317. NOTIFY_CLASS_REGISTRY_CHANGE,
  318. 0,
  319. 0,
  320. NULL );
  322. return 0 ;
  324. }
  327. //+---------------------------------------------------------------------------
  328. //
  329. // Function: LsapDerefScavItem
  330. //
  331. // Synopsis: Dereference, optionally freeing a scavenger item
  332. //
  333. // Arguments: [Item] --
  334. //
  335. // History: 6-03-97 RichardW Created
  336. //
  337. // Notes:
  338. //
  339. //----------------------------------------------------------------------------
  340. VOID
  341. LsapDerefScavItem(
  342. PLSAP_SCAVENGER_ITEM Item
  343. )
  344. {
  345. HANDLE TimerDeleteHandle ;
  347. LockScavenger();
  349. Item->RefCount-- ;
  351. if ( Item->RefCount == 0 )
  352. {
  353. DebugLog(( DEB_TRACE_SCAV, "Removing item %x\n", Item ));
  355. if ( Item->List.Flink )
  356. {
  357. RemoveEntryList( &Item->List );
  359. Item->List.Flink = NULL ;
  360. }
  362. if ( Item->PackageList.Flink )
  363. {
  364. RemoveEntryList( &Item->PackageList );
  366. Item->PackageList.Flink = NULL ;
  367. }
  369. //
  370. // Because the rtl thread pool is asynchronous to this one,
  371. // we need to keep track of recently deceased scavenger items
  372. // to prevent them from being used in an RTL thread. The add
  373. // function will scan the table to remove any potential duplicates.
  374. //
  376. DeadScavItems[ DeadScavIndex ] = Item ;
  377. DeadScavIndex ++ ;
  378. DeadScavIndex &= (SCAV_TABLE - 1);
  380. UnlockScavenger();
  382. if ( Item->Type == NOTIFIER_TYPE_INTERVAL )
  383. {
  384. //
  385. // Kill the timerq handle:
  386. //
  388. if ( (Item->Flags & SCAVFLAG_ASYNC_TIMER_DELETE) != 0 )
  389. {
  390. TimerDeleteHandle = 0 ;
  392. }
  393. else
  394. {
  396. TimerDeleteHandle = INVALID_HANDLE_VALUE ;
  397. }
  399. DeleteTimerQueueTimer( NULL,
  400. Item->TimerHandle,
  401. TimerDeleteHandle );
  402. }
  403. else if ( Item->Type == NOTIFIER_TYPE_HANDLE_WAIT )
  404. {
  405. UnregisterWaitEx( Item->TimerHandle,
  406. INVALID_HANDLE_VALUE );
  407. }
  409. if ( ( Item->Type != NOTIFIER_TYPE_NOTIFY_EVENT ) &&
  410. ( Item->Type != NOTIFIER_TYPE_IMMEDIATE ) )
  411. {
  412. //
  413. // Yield to let the other thread remove the item
  414. //
  416. Sleep( 100 );
  417. }
  419. Item->ScavCheck = SCAVMAGIC_FREE ;
  421. LsapFreePrivateHeap( Item );
  422. }
  423. else
  424. {
  425. UnlockScavenger();
  426. }
  429. }
  431. //+---------------------------------------------------------------------------
  432. //
  433. // Function: LsapScavengerTrigger
  434. //
  435. // Synopsis: Actual Trigger
  436. //
  437. // Arguments: [Parameter] -- Item to call
  438. //
  439. // History: 5-24-97 RichardW Created
  440. //
  441. // Notes:
  442. //
  443. //----------------------------------------------------------------------------
  444. ULONG
  445. LsapScavengerTrigger(
  446. PVOID Parameter
  447. )
  448. {
  449. PLSAP_SCAVENGER_ITEM Item ;
  450. #ifdef LSAP_VERIFY_PACKAGE_ID
  451. ULONG_PTR dwPackageID, dwCurId;
  452. #endif
  454. if ( ShutdownBegun )
  455. {
  456. return 0;
  457. }
  459. SetCurrentSession( pDefaultSession );
  461. Item = (PLSAP_SCAVENGER_ITEM) Parameter ;
  463. DsysAssert( Item->ScavCheck == SCAVMAGIC_ACTIVE );
  465. __try
  466. {
  467. #ifdef LSAP_VERIFY_PACKAGE_ID
  468. dwPackageID = Item->PackageId;
  469. dwCurId = GetCurrentPackageId();
  471. if ((dwCurId != SPMGR_ID) || (dwPackageID != SPMGR_ID))
  472. #endif
  473. {
  474. SetCurrentPackageId( Item->PackageId );
  475. }
  477. (VOID) Item->Function( Item->Parameter );
  479. #ifdef LSAP_VERIFY_PACKAGE_ID
  480. if (dwPackageID != SPMGR_ID)
  481. #endif
  482. {
  483. SetCurrentPackageId( SPMGR_ID );
  484. }
  485. }
  486. __except( SP_EXCEPTION )
  487. {
  488. SPException( GetExceptionCode(), Item->PackageId );
  489. }
  491. LsapDerefScavItem( Item );
  493. return 0 ;
  494. }
  497. //+---------------------------------------------------------------------------
  498. //
  499. // Function: LsapTimerCallback
  500. //
  501. // Synopsis: Callback from thread pool for scavenger items
  502. //
  503. // Arguments: [Context] --
  504. // [Timeout] --
  505. //
  506. // History: 7-01-98 RichardW Created
  507. //
  508. // Notes:
  509. //
  510. //----------------------------------------------------------------------------
  511. VOID
  512. LsapTimerCallback(
  513. PVOID Context,
  514. BOOLEAN Timeout
  515. )
  516. {
  517. PLSAP_SCAVENGER_ITEM Item ;
  518. ULONG i ;
  519. BOOL OneShot ;
  521. SetCurrentSession( pDefaultSession );
  523. Item = (PLSAP_SCAVENGER_ITEM) Context ;
  525. //
  526. // We only scan for handle and timer events. Things executed
  527. // by QueueUserWorkItem don't end up in this list, but that's
  528. // okay, since those items go directly to LsapScavengerTrigger
  529. //
  531. LockScavenger();
  533. for ( i = 0 ; i < SCAV_TABLE ; i++ )
  534. {
  535. if ( DeadScavItems[ i ] == Item )
  536. {
  537. break;
  538. }
  539. }
  541. if ( i != SCAV_TABLE )
  542. {
  543. //
  544. // uh oh, a dead one that was still in the queue in this
  545. // rtl worker thread. Ignore it.
  546. //
  548. UnlockScavenger();
  550. return ;
  551. }
  553. if ( Item->Flags & SCAVFLAG_ASYNC_TIMER_DELETE )
  554. {
  555. //
  556. // This is a bad condition. An item that should have
  557. // been fired once has shown up again. Ignore it.
  558. //
  560. UnlockScavenger();
  562. return;
  564. }
  566. LsapRefScavItemUnsafe( Item );
  568. OneShot = ( Item->Flags & NOTIFIER_FLAG_ONE_SHOT ) != 0 ;
  570. if ( OneShot )
  571. {
  572. //
  573. // This flag has the side effect of preventing further
  574. // callbacks. That lets us delete is asynchronously later.
  575. //
  577. Item->Flags |= SCAVFLAG_ASYNC_TIMER_DELETE ;
  579. }
  581. UnlockScavenger();
  583. if ( (Item->Flags & SCAV_INTERNAL_NO_TRACE ) == 0 )
  584. {
  585. DebugLog(( DEB_TRACE_SCAV, "Triggering item %x, type %d\n",
  586. Item, Item->Type ));
  587. }
  589. LsapScavengerTrigger( Item );
  591. //
  592. // If this is a one-shot item that's in the list, then it was
  593. // a delayed or otherwise "real" one-shot. Deref it again to
  594. // kill it.
  595. //
  596. if ( OneShot )
  597. {
  598. LsapDerefScavItem( Item );
  599. }
  600. }
  602. //+---------------------------------------------------------------------------
  603. //
  604. // Function: LsapScavengerHandleNotify
  605. //
  606. // Synopsis: Called whenever a notification event goes off.
  607. //
  608. // Arguments: [Ignored] --
  609. //
  610. // History: 5-23-97 RichardW Created
  611. //
  612. // Notes:
  613. //
  614. //----------------------------------------------------------------------------
  615. DWORD
  616. WINAPI
  617. LsapScavengerHandleNotify(
  618. PVOID Ignored
  619. )
  620. {
  621. PLIST_ENTRY NotifyScan ;
  622. PLIST_ENTRY EventScan ;
  623. PLSAP_NOTIFY_EVENT Event ;
  624. PLSAP_SCAVENGER_ITEM Item ;
  627. do
  628. {
  630. LockNotify();
  632. if ( !IsListEmpty( &NotifyEvents ) )
  633. {
  634. EventScan = RemoveHeadList( &NotifyEvents );
  635. }
  636. else
  637. {
  638. EventScan = NULL ;
  639. }
  641. UnlockNotify();
  643. if ( EventScan )
  644. {
  645. Event = CONTAINING_RECORD( EventScan, LSAP_NOTIFY_EVENT, List );
  647. LockScavenger();
  649. NotifyScan = NotifyList.Flink ;
  651. while ( NotifyScan != &NotifyList )
  652. {
  653. Item = CONTAINING_RECORD( NotifyScan, LSAP_SCAVENGER_ITEM, List );
  655. if ( Item->Class == Event->Notify.EventClass )
  656. {
  657. Event->Notify.PackageParameter = Item->Parameter ;
  659. Item->Function( &Event->Notify );
  660. }
  662. NotifyScan = NotifyScan->Flink ;
  663. }
  665. UnlockScavenger();
  667. if ( Event->Flags & NOTIFY_FLAG_SYNCHRONOUS )
  668. {
  669. SetEvent( Event->hSync );
  670. }
  672. LsapFreeLsaHeap( Event );
  673. }
  675. } while ( EventScan );
  677. return 0 ;
  678. }
  681. //+---------------------------------------------------------------------------
  682. //
  683. // Function: LsaIRegisterNotification
  684. //
  685. // Synopsis: Registers a callback, to be called on either a handle signalled,
  686. // or an time based interval, or special async events
  687. //
  688. // Arguments: [pFunction] -- Callback function
  689. // [pvParameter] -- Parameter to pass
  690. // [Type] -- Type of callback
  691. // [Class] -- Event class
  692. // [fItem] -- Flags
  693. // [Interval] -- Interval to call
  694. // [hEvent] -- Handle to wait on
  695. //
  696. // History: 6-03-97 RichardW Created
  697. //
  698. // Notes:
  699. //
  700. //----------------------------------------------------------------------------
  701. PVOID
  702. NTAPI
  703. LsaIRegisterNotification(
  704. IN LPTHREAD_START_ROUTINE pFunction,
  705. IN PVOID pvParameter,
  706. IN ULONG Type,
  707. IN ULONG Class,
  708. IN ULONG fItem,
  709. IN ULONG Interval,
  710. IN HANDLE hEvent)
  711. {
  712. PLSAP_SCAVENGER_ITEM Item ;
  713. PLIST_ENTRY List = NULL ;
  714. BOOL Success ;
  715. DWORD DueTime ;
  716. ULONG i;
  718. Item = (PLSAP_SCAVENGER_ITEM) LsapAllocatePrivateHeap(
  719. sizeof( LSAP_SCAVENGER_ITEM ) );
  721. if ( !Item )
  722. {
  723. return NULL ;
  724. }
  726. Item->List.Flink = NULL ;
  727. Item->PackageList.Flink = NULL ;
  729. Item->Type = Type ;
  730. Item->Function = pFunction ;
  731. Item->Parameter = pvParameter ;
  732. Item->RefCount = 1 ;
  733. Item->PackageId = GetCurrentPackageId();
  734. Item->ScavCheck = SCAVMAGIC_ACTIVE;
  735. Item->Flags = fItem ;
  737. switch ( Type )
  738. {
  739. case NOTIFIER_TYPE_IMMEDIATE:
  741. Item->Flags |= NOTIFIER_FLAG_ONE_SHOT ;
  743. Success = QueueUserWorkItem( LsapScavengerTrigger,
  744. Item,
  745. FALSE );
  747. //
  748. // And that's all. the item may in fact be freed by now, since the
  749. // worker thread could have completed. So, return success now,
  750. //
  752. return (Item);
  754. break;
  756. case NOTIFIER_TYPE_INTERVAL:
  758. if ( fItem & NOTIFIER_FLAG_SECONDS )
  759. {
  760. Interval *= 60 ;
  761. }
  763. Interval *= 1000 ;
  765. Success = CreateTimerQueueTimer(
  766. &Item->TimerHandle,
  767. NULL,
  768. LsapTimerCallback,
  769. Item,
  770. Interval,
  771. (fItem & NOTIFIER_FLAG_ONE_SHOT ?
  772. 0 : Interval ),
  773. 0 );
  776. break;
  778. case NOTIFIER_TYPE_HANDLE_WAIT:
  780. Item->TimerHandle = RegisterWaitForSingleObjectEx(
  781. hEvent,
  782. LsapTimerCallback,
  783. Item,
  784. INFINITE,
  785. (fItem & NOTIFIER_FLAG_NEW_THREAD ?
  786. 0 : WT_EXECUTEINWAITTHREAD ) );
  788. Success = (Item->TimerHandle != NULL);
  790. break;
  793. case NOTIFIER_TYPE_NOTIFY_EVENT:
  795. Item->Class = Class ;
  796. Item->Flags |= SCAVFLAG_NOTIFY_EVENT ;
  798. LockScavenger();
  800. InsertTailList( &NotifyList, &Item->List );
  802. UnlockScavenger();
  804. Success = TRUE ;
  806. break;
  808. default:
  810. Success = FALSE ;
  812. break;
  814. }
  816. if ( !Success )
  817. {
  818. LsapFreePrivateHeap( Item );
  820. return NULL ;
  821. }
  823. //
  824. // Okay, we have set up the item, more or less. Now, insert it
  825. // into the list we have selected for it.
  826. //
  828. DebugLog(( DEB_TRACE_SCAV, "Created scavenger item %x, type %d\n",
  829. Item, Item->Type ));
  831. if ( (Item->Type != NOTIFIER_TYPE_NOTIFY_EVENT) &&
  832. (Item->Type != NOTIFIER_TYPE_IMMEDIATE ) )
  833. {
  834. LockScavenger();
  836. InsertTailList( &ScavList, &Item->List );
  838. //
  839. // Make sure this pointer doesn't show up in the list of dead ones.
  840. // this can happen due to heap reuse.
  841. //
  843. for ( i = 0 ; i < SCAV_TABLE ; i++ )
  844. {
  845. if ( DeadScavItems[ i ] == Item )
  846. {
  847. DeadScavItems[ i ] = NULL ;
  848. }
  849. }
  851. UnlockScavenger();
  852. }
  854. return Item ;
  856. }
  859. //+---------------------------------------------------------------------------
  860. //
  861. // Function: LsaICancelNotification
  862. //
  863. // Arguments: [pvScavHandle] --
  864. //
  865. // History: 5-26-97 RichardW Created
  866. //
  867. // Notes:
  868. //
  869. //----------------------------------------------------------------------------
  870. NTSTATUS
  871. NTAPI
  872. LsaICancelNotification(
  873. PVOID pvScavHandle
  874. )
  875. {
  876. PLSAP_SCAVENGER_ITEM Item ;
  878. Item = (PLSAP_SCAVENGER_ITEM) pvScavHandle ;
  880. if ( Item->ScavCheck != SCAVMAGIC_ACTIVE )
  881. {
  882. return STATUS_INVALID_PARAMETER ;
  883. }
  885. LsapDerefScavItem( Item );
  887. return STATUS_SUCCESS ;
  889. }
  891. //+---------------------------------------------------------------------------
  892. //
  893. // Function: LsapEventNotify
  894. //
  895. // Synopsis: Notify waiters of a security package event
  896. //
  897. // Arguments: [Class] -- Event Class
  898. // [Flags] -- Flags
  899. // [EventSize] -- Size of event data
  900. // [EventData] -- ptr to event data
  901. //
  902. // History: 5-26-97 RichardW Created
  903. //
  904. // Notes:
  905. //
  906. //----------------------------------------------------------------------------
  907. BOOLEAN
  908. NTAPI
  909. LsapEventNotify(
  910. ULONG Class,
  911. ULONG Flags,
  912. ULONG EventSize,
  913. PVOID EventData)
  914. {
  915. PLSAP_NOTIFY_EVENT Event ;
  916. HANDLE hEvent = NULL;
  918. Event = (PLSAP_NOTIFY_EVENT) LsapAllocateLsaHeap( sizeof( LSAP_NOTIFY_EVENT ) + EventSize );
  919. if (Event)
  920. {
  921. Event->Notify.EventClass = Class;
  922. Event->Notify.EventDataSize = EventSize;
  923. Event->Notify.EventData = (PUCHAR) ( Event + 1 );
  925. RtlCopyMemory( Event->Notify.EventData,
  926. EventData,
  927. EventSize );
  929. Event->Flags = Flags;
  931. if (Flags & NOTIFY_FLAG_SYNCHRONOUS)
  932. {
  933. hEvent = CreateEvent( NULL, TRUE, FALSE, NULL );
  935. Event->hSync = hEvent ;
  937. if (!Event->hSync)
  938. {
  939. LsapFreeLsaHeap( Event );
  940. return(FALSE);
  941. }
  943. }
  944. else
  945. {
  946. Event->hSync = NULL ;
  947. }
  950. //
  951. // Insert event into list
  952. //
  954. LockNotify();
  956. InsertTailList( &NotifyEvents, &Event->List );
  958. UnlockNotify();
  961. DebugLog((DEB_TRACE_SCAV, "EventNotify( %d ) - Data at %x\n",
  962. Class, Event->Notify.EventData ));
  964. //
  965. // Wake up the scavenger thread
  966. //
  968. SetEvent( hStateChangeEvent );
  970. //
  971. // If told to wait, block until scav thread signals the event
  972. //
  974. if (Flags & NOTIFY_FLAG_SYNCHRONOUS)
  975. {
  976. WaitForSingleObjectEx( hEvent,
  977. INFINITE,
  978. FALSE );
  980. CloseHandle( hEvent );
  982. }
  984. return( TRUE );
  986. }
  988. return( FALSE );
  989. }
  991. //+---------------------------------------------------------------------------
  992. //
  993. // Function: LsapInitializeScavenger
  994. //
  995. // Synopsis: Initialize Scavenger,
  996. //
  997. // Arguments: (none)
  998. //
  999. // History: 5-26-97 RichardW Created
  1000. //
  1001. // Notes:
  1002. //
  1003. //----------------------------------------------------------------------------
  1004. BOOL
  1005. LsapInitializeScavenger(
  1006. VOID
  1007. )
  1008. {
  1009. ULONG i ;
  1010. PVOID hNotify ;
  1011. HANDLE hThread ;
  1012. DWORD tid ;
  1013. DWORD Debugger ;
  1014. DWORD dwSize ;
  1015. DWORD dwType ;
  1016. SYSTEM_KERNEL_DEBUGGER_INFORMATION KdInfo ;
  1018. //
  1019. // Initialize the lists
  1020. //
  1022. InitializeListHead( &NotifyList );
  1024. InitializeListHead( &NotifyEvents );
  1026. InitializeListHead( &ScavList );
  1028. InitializeListHead( &PageTouchList );
  1031. RtlInitializeCriticalSection( &ScavLock );
  1033. RtlInitializeCriticalSection( &NotifyLock );
  1035. RtlInitializeCriticalSection( &PageTouchLock );
  1037. //
  1038. // Event set whenever there is a notification.
  1039. //
  1041. hStateChangeEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1043. //
  1044. // Create basic entries
  1045. //
  1047. hNotify = LsaIRegisterNotification( LsapScavengerHandleNotify,
  1048. 0,
  1049. NOTIFIER_TYPE_HANDLE_WAIT,
  1050. 0,
  1051. NOTIFIER_FLAG_NEW_THREAD,
  1052. 0,
  1053. hStateChangeEvent );
  1056. if ( RegOpenKeyEx( HKEY_LOCAL_MACHINE,
  1057. TEXT("System\\CurrentControlSet\\Control\\Lsa"),
  1058. 0,
  1059. KEY_READ,
  1060. &LsaRegistryKey ) == 0 )
  1061. {
  1062. LsaRegistryWatchEvent = CreateEvent( NULL, FALSE, FALSE, NULL );
  1064. if ( LsaRegistryWatchEvent )
  1065. {
  1066. hNotify = LsaIRegisterNotification(
  1067. LsapRegistryWatch,
  1068. NULL,
  1069. NOTIFIER_TYPE_HANDLE_WAIT,
  1070. 0,
  1071. NOTIFIER_FLAG_NEW_THREAD,
  1072. 0,
  1073. LsaRegistryWatchEvent );
  1075. if ( hNotify )
  1076. {
  1077. //
  1078. // Call it once to start the registry watch
  1079. //
  1080. LsapRegistryWatch( NULL );
  1081. }
  1082. else
  1083. {
  1084. CloseHandle( LsaRegistryWatchEvent );
  1085. }
  1086. }
  1087. else
  1088. {
  1089. RegCloseKey( LsaRegistryKey );
  1090. }
  1092. }
  1094. //
  1095. // If we are under a debugger, or a kernel debugger is attached, or the
  1096. // flag is in the registry, turn on the watch thread
  1097. //
  1099. Debugger = 0 ;
  1100. dwSize = sizeof( Debugger );
  1102. RegQueryValueEx( LsaRegistryKey,
  1103. TEXT("EnableDebugCheck"),
  1104. 0,
  1105. &dwType,
  1106. (PBYTE) &Debugger,
  1107. &dwSize );
  1109. NtQuerySystemInformation(
  1110. SystemKernelDebuggerInformation,
  1111. &KdInfo,
  1112. sizeof( KdInfo ),
  1113. NULL );
  1116. if ( (KdInfo.KernelDebuggerEnabled) ||
  1117. (NtCurrentPeb()->BeingDebugged) ||
  1118. (Debugger != 0 ) )
  1119. {
  1121. LsapDebuggerOk = TRUE ;
  1123. (void) LsaIRegisterNotification(
  1124. LsapScavengerBreak,
  1125. NULL,
  1126. NOTIFIER_TYPE_INTERVAL,
  1127. 0, // no class
  1128. SCAV_INTERNAL_NO_TRACE, // no flags
  1129. 60, // every minute
  1130. NULL // no handle
  1131. );
  1133. }
  1136. return TRUE ;
  1138. }
  1141. BOOLEAN
  1142. NTAPI
  1143. LsaIEventNotify(
  1144. ULONG Class,
  1145. ULONG Flags,
  1146. ULONG EventSize,
  1147. PVOID EventData)
  1148. {
  1149. return LsapEventNotify( Class, Flags, EventSize, EventData );
  1150. }