archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/sdktools/trace/samples/tracekmp/tracekmp.c

754 lines
17 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1997-1999 Microsoft Corporation
  5. Module Name:
  7. tracekmp.c
  9. Abstract:
  11. Sample kernel mode trace provider/driver.
  13. Author:
  15. Jee Fung Pang (jeepang) 03-Dec-1997
  17. Revision History:
  19. --*/
  21. #include <stdio.h>
  22. #include <stdlib.h>
  23. #include <ntddk.h>
  24. #include <wmistr.h>
  25. #include <evntrace.h>
  26. #include "kmpioctl.h"
  27. #include <wmikm.h>
  29. #define TRACEKMP_NT_DEVICE_NAME L"\\Device\\TraceKmp"
  30. #define TRACEKMP_WIN32_DEVICE_NAME L"\\DosDevices\\TRACEKMP"
  31. #define TRACEKMP_DRIVER_NAME L"TRACEKMP"
  33. typedef struct _DEVICE_EXTENSION {
  34. PDEVICE_OBJECT DeviceObject;
  36. ULONG IrpSequenceNumber;
  37. UCHAR IrpRetryCount;
  39. } DEVICE_EXTENSION, *PDEVICE_EXTENSION;
  41. //
  42. // Proc Ctrs Device Extension Object
  43. //
  44. //extern PDEVICE_OBJECT pTracekmpDeviceObject;
  46. NTSTATUS
  47. DriverEntry(
  48. IN PDRIVER_OBJECT DriverObject,
  49. IN PUNICODE_STRING RegistryPath
  50. );
  51. VOID
  52. TraceEventLogger(
  53. IN PTRACEHANDLE pLoggerHandle
  54. );
  56. NTSTATUS
  57. TracekmpDispatchOpen(
  58. IN PDEVICE_OBJECT pDO,
  59. IN PIRP Irp
  60. );
  62. NTSTATUS
  63. TracekmpDispatchClose(
  64. IN PDEVICE_OBJECT pDO,
  65. IN PIRP Irp
  66. );
  68. NTSTATUS
  69. TracekmpDispatchDeviceControl(
  70. IN PDEVICE_OBJECT pDO,
  71. IN PIRP Irp
  72. );
  74. NTSTATUS
  75. PcWmiRegisterGuids(
  76. IN PWMIREGINFO WmiRegInfo,
  77. IN ULONG wmiRegInfoSize,
  78. IN PULONG pReturnSize
  79. );
  81. #ifdef USE_CALLBACK
  82. NTSTATUS
  83. TracekmpControlCallback(
  84. IN ULONG ActionCode,
  85. IN PVOID DataPath,
  86. IN ULONG BufferSize,
  87. IN OUT PVOID Buffer,
  88. IN PVOID Context,
  89. OUT PULONG Size
  90. );
  91. #else
  92. NTSTATUS
  93. PcWmiDispatch(
  94. IN PDEVICE_OBJECT pDO,
  95. IN PIRP Irp
  96. );
  97. #endif
  99. VOID
  100. TracekmpDriverUnload(
  101. IN PDRIVER_OBJECT DriverObject
  102. );
  104. #ifdef ALLOC_PRAGMA
  105. #pragma alloc_text( page, TracekmpDispatchOpen )
  106. #pragma alloc_text( page, TracekmpDispatchClose )
  107. #pragma alloc_text( page, TracekmpDispatchDeviceControl )
  108. #ifdef USE_CALLBACK
  109. #pragma alloc_text( page, TracekmpControlCallback )
  110. #else
  111. #pragma alloc_text( page, PcWmiDispatch )
  112. #endif
  113. #pragma alloc_text( init, DriverEntry )
  114. #pragma alloc_text( page, TracekmpDriverUnload )
  115. #endif // ALLOC_PRAGMA
  117. #define PROC_REG_PATH L"System\\CurrentControlSet\\Services\\TRACEKMP"
  119. #define MAXEVENTS 100
  121. GUID TracekmpGuid =
  122. {0xd58c126f, 0xb309, 0x11d1, 0x96, 0x9e, 0x00, 0x00, 0xf8, 0x75, 0xa5, 0xbc};
  124. ULONG TracekmpEnable = 0;
  125. TRACEHANDLE LoggerHandle;
  128. PDEVICE_OBJECT pTracekmpDeviceObject;
  130. NTSTATUS
  131. DriverEntry(
  132. IN PDRIVER_OBJECT DriverObject,
  133. IN PUNICODE_STRING RegistryPath
  134. )
  135. /*++
  137. Routine Description:
  139. This is the callback function when we call IoCreateDriver to create a
  140. WMI Driver Object. In this function, we need to remember the
  141. DriverObject, create a device object and then create a Win32 visible
  142. symbolic link name so that the WMI user mode component can access us.
  144. Arguments:
  145. DriverObject - pointer to the driver object
  146. RegistryPath - pointer to a unicode string representing the path
  147. to driver-specific key in the registry
  149. Return Value:
  151. STATUS_SUCCESS if successful
  152. STATUS_UNSUCCESSFUL otherwise
  154. --*/
  155. {
  156. NTSTATUS status = STATUS_SUCCESS;
  157. ULONG i;
  158. UNICODE_STRING deviceName;
  159. UNICODE_STRING linkName;
  161. //
  162. // Create Dispatch Entry Points.
  163. //
  164. DriverObject->DriverUnload = TracekmpDriverUnload;
  165. DriverObject->MajorFunction[ IRP_MJ_CREATE ] = TracekmpDispatchOpen;
  166. DriverObject->MajorFunction[ IRP_MJ_CLOSE ] = TracekmpDispatchClose;
  167. DriverObject->MajorFunction[ IRP_MJ_DEVICE_CONTROL ] =
  168. TracekmpDispatchDeviceControl;
  170. //
  171. // Wire a function to start fielding WMI IRPS
  172. //
  174. #ifndef USE_CALLBACK
  175. DriverObject->MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] = PcWmiDispatch;
  176. #endif
  178. RtlInitUnicodeString( &deviceName, TRACEKMP_NT_DEVICE_NAME );
  180. //
  181. // Create the Device object
  182. //
  183. status = IoCreateDevice(
  184. DriverObject,
  185. sizeof( DEVICE_EXTENSION ),
  186. &deviceName,
  187. FILE_DEVICE_UNKNOWN,
  188. 0,
  189. FALSE,
  190. &pTracekmpDeviceObject);
  192. if( !NT_SUCCESS( status )) {
  193. return status;
  194. }
  196. RtlInitUnicodeString( &linkName, TRACEKMP_WIN32_DEVICE_NAME );
  197. status = IoCreateSymbolicLink( &linkName, &deviceName );
  199. if( !NT_SUCCESS( status )) {
  200. IoDeleteDevice( pTracekmpDeviceObject );
  201. return status;
  202. }
  205. //
  206. // Choose a buffering mechanism
  207. //
  208. pTracekmpDeviceObject->Flags |= DO_BUFFERED_IO;
  210. //
  211. // Register with WMI here
  212. //
  213. #ifdef USE_CALLBACK
  214. status = IoWMIRegistrationControl(
  215. (PDEVICE_OBJECT) TracekmpControlCallback,
  216. WMIREG_ACTION_REGISTER | WMIREG_FLAG_CALLBACK);
  217. #else
  218. status = IoWMIRegistrationControl(pTracekmpDeviceObject,
  219. WMIREG_ACTION_REGISTER);
  220. #endif
  221. if (!NT_SUCCESS(status))
  222. {
  223. DbgPrint("TRACEKMP: Failed to register for WMI support\n");
  224. }
  226. return STATUS_SUCCESS;
  227. }
  229. NTSTATUS
  230. TracekmpDispatchOpen(
  231. IN PDEVICE_OBJECT pDO,
  232. IN PIRP Irp
  233. )
  234. {
  235. Irp->IoStatus.Status = STATUS_SUCCESS;
  236. Irp->IoStatus.Information = 0;
  238. IoCompleteRequest( Irp, IO_NO_INCREMENT );
  239. return STATUS_SUCCESS;
  240. }
  242. //++
  243. // Function:
  244. // TracekmpDispatchClose
  245. //
  246. // Description:
  247. // This function dispatches CloseHandle
  248. // requests from Win32
  249. //
  250. // Arguments:
  251. // Pointer to Device object
  252. // Pointer to IRP for this request
  253. //
  254. // Return Value:
  255. // This function returns STATUS_XXX
  256. //--
  257. NTSTATUS
  258. TracekmpDispatchClose(
  259. IN PDEVICE_OBJECT pDO,
  260. IN PIRP Irp
  261. )
  262. {
  263. Irp->IoStatus.Status = STATUS_SUCCESS;
  264. Irp->IoStatus.Information = 0;
  266. IoCompleteRequest( Irp, IO_NO_INCREMENT );
  267. return STATUS_SUCCESS;
  268. }
  270. //++
  271. // Function:
  272. // TracekmpDispatchDeviceControl
  273. //
  274. // Description:
  275. // This function dispatches DeviceIoControl
  276. // requests from Win32
  277. //
  278. // Arguments:
  279. // Pointer to Device object
  280. // Pointer to IRP for this request
  281. //
  282. // Return Value:
  283. // This function returns STATUS_XXX
  284. //--
  285. NTSTATUS
  286. TracekmpDispatchDeviceControl(
  287. IN PDEVICE_OBJECT pDO,
  288. IN PIRP Irp
  289. )
  290. {
  291. NTSTATUS status;
  292. EVENT_TRACE_HEADER Header, *Wnode;
  293. PIO_STACK_LOCATION irpStack =
  294. IoGetCurrentIrpStackLocation( Irp );
  295. PVOID Buffer = Irp->AssociatedIrp.SystemBuffer;
  296. ULONG InBufferLen = irpStack->Parameters.DeviceIoControl.InputBufferLength;
  297. ULONG OutBufferLen= irpStack->Parameters.DeviceIoControl.OutputBufferLength;
  298. // WMI_LOGGER_INFORMATION LoggerInfo;
  300. ULONG ControlCode =
  301. irpStack->Parameters.
  302. DeviceIoControl.IoControlCode;
  304. // RtlZeroMemory(&LoggerInfo, sizeof(LoggerInfo));
  305. // LoggerInfo.Wnode.BufferSize = sizeof(LoggerInfo);
  306. // LoggerInfo.Wnode.Flags = WNODE_FLAG_TRACED_GUID;
  307. // RtlInitUnicodeString(&LoggerInfo.LoggerName, L"TraceKmp");
  308. // RtlInitUnicodeString(&LoggerInfo.LogFileName, L"C:\\tracekmp.etl");
  310. Irp->IoStatus.Information = OutBufferLen;
  312. switch( ControlCode )
  313. {
  314. case IOCTL_TRACEKMP_TRACE_EVENT:
  316. //
  317. // Every time you get this IOCTL, we also log a trace event
  318. // to illustrate that the event can be caused by user-mode
  319. //
  321. if (TracekmpEnable) {
  322. Wnode = &Header;
  323. RtlZeroMemory(Wnode, sizeof(EVENT_TRACE_HEADER));
  324. Wnode->Size = sizeof(EVENT_TRACE_HEADER);
  325. Wnode->Flags |= WNODE_FLAG_TRACED_GUID;
  326. Wnode->Guid = TracekmpGuid;
  327. ((PWNODE_HEADER)Wnode)->HistoricalContext = LoggerHandle;
  328. status = IoWMIWriteEvent((PVOID)Wnode);
  329. }
  330. else {
  331. status = STATUS_SUCCESS;
  332. }
  333. Irp->IoStatus.Information = 0;
  334. break;
  336. case IOCTL_TRACEKMP_START:
  337. status = WmiStartTrace(Buffer);
  338. DbgPrint("Start status = %X\n", status);
  339. break;
  341. case IOCTL_TRACEKMP_STOP:
  342. status = WmiStopTrace(Buffer);
  343. DbgPrint("Stop status = %X\n", status);
  344. break;
  346. case IOCTL_TRACEKMP_QUERY:
  347. status = WmiQueryTrace(Buffer);
  348. DbgPrint("Query status = %X\n", status);
  349. break;
  351. case IOCTL_TRACEKMP_UPDATE:
  352. status = WmiUpdateTrace(Buffer);
  353. DbgPrint("Update status = %X\n", status);
  354. break;
  356. case IOCTL_TRACEKMP_FLUSH:
  357. status = WmiFlushTrace(Buffer);
  358. DbgPrint("Flush status = %X\n", status);
  359. break;
  360. //
  361. // Not one we recognize. Error.
  362. //
  363. default:
  364. status = STATUS_INVALID_PARAMETER;
  365. Irp->IoStatus.Information = 0;
  366. break;
  367. }
  369. //
  370. // Get rid of this request
  371. //
  372. Irp->IoStatus.Status = status;
  373. IoCompleteRequest( Irp, IO_NO_INCREMENT );
  374. return status;
  375. }
  377. NTSTATUS
  378. PcWmiRegisterGuids(
  379. IN PWMIREGINFO WmiRegInfo,
  380. IN ULONG wmiRegInfoSize,
  381. IN PULONG pReturnSize
  382. )
  383. {
  384. //
  385. // Register a Control Guid as a Trace Guid.
  386. //
  388. ULONG SizeNeeded;
  389. PWMIREGGUIDW WmiRegGuidPtr;
  390. ULONG Status;
  391. ULONG GuidCount;
  392. LPGUID ControlGuid;
  393. ULONG RegistryPathSize;
  394. PUCHAR ptmp;
  396. *pReturnSize = 0;
  397. GuidCount = 1;
  398. ControlGuid = &TracekmpGuid;
  400. //
  401. // Allocate WMIREGINFO for controlGuid + GuidCount.
  402. //
  403. RegistryPathSize = sizeof(PROC_REG_PATH) - sizeof(WCHAR) + sizeof(USHORT);
  404. SizeNeeded = sizeof(WMIREGINFOW) + GuidCount * sizeof(WMIREGGUIDW) +
  405. RegistryPathSize;
  408. if (SizeNeeded > wmiRegInfoSize) {
  409. *((PULONG)WmiRegInfo) = SizeNeeded;
  410. *pReturnSize = sizeof(ULONG);
  411. return STATUS_SUCCESS;
  412. }
  415. RtlZeroMemory(WmiRegInfo, SizeNeeded);
  416. WmiRegInfo->BufferSize = SizeNeeded;
  417. WmiRegInfo->GuidCount = GuidCount;
  418. WmiRegInfo->NextWmiRegInfo =
  419. WmiRegInfo->RegistryPath =
  420. WmiRegInfo->MofResourceName = 0;
  422. WmiRegGuidPtr = &WmiRegInfo->WmiRegGuid[0];
  423. WmiRegGuidPtr->Guid = *ControlGuid;
  424. WmiRegGuidPtr->Flags |= WMIREG_FLAG_TRACED_GUID;
  425. WmiRegGuidPtr->Flags |= WMIREG_FLAG_TRACE_CONTROL_GUID;
  426. WmiRegGuidPtr->InstanceCount = 0;
  427. WmiRegGuidPtr->InstanceInfo = 0;
  429. ptmp = (PUCHAR)&WmiRegInfo->WmiRegGuid[1];
  430. WmiRegInfo->RegistryPath = PtrToUlong((PVOID) (ptmp - (PUCHAR)WmiRegInfo));
  431. *((PUSHORT)ptmp) = sizeof(PROC_REG_PATH) - sizeof(WCHAR);
  433. ptmp += sizeof(USHORT);
  434. RtlCopyMemory(ptmp, PROC_REG_PATH, sizeof(PROC_REG_PATH) - sizeof(WCHAR));
  436. *pReturnSize = SizeNeeded;
  437. return(STATUS_SUCCESS);
  440. }
  442. #ifndef USE_CALLBACK
  443. NTSTATUS
  444. PcWmiDispatch(
  445. IN PDEVICE_OBJECT pDO,
  446. IN PIRP Irp
  447. )
  448. {
  450. PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
  451. ULONG BufferSize = irpSp->Parameters.WMI.BufferSize;
  452. PVOID Buffer = irpSp->Parameters.WMI.Buffer;
  453. ULONG ReturnSize = 0;
  454. NTSTATUS Status = STATUS_SUCCESS;
  455. PWNODE_HEADER Wnode=NULL;
  456. HANDLE ThreadHandle;
  458. UNREFERENCED_PARAMETER(pDO);
  460. switch (irpSp->MinorFunction) {
  462. case IRP_MN_REGINFO:
  463. #if DBG
  464. DbgPrint("IRP_MN_REG_INFO\n");
  465. #endif
  466. Status = PcWmiRegisterGuids( Buffer,
  467. BufferSize,
  468. &ReturnSize);
  469. break;
  471. case IRP_MN_ENABLE_EVENTS:
  473. InterlockedExchange(&TracekmpEnable, 1);
  475. Wnode = (PWNODE_HEADER)Buffer;
  476. if (BufferSize >= sizeof(WNODE_HEADER)) {
  477. LoggerHandle = Wnode->HistoricalContext;
  478. #if DBG
  479. DbgPrint("LoggerHandle %I64u\n", Wnode->HistoricalContext);
  481. DbgPrint("BufferSize %d\n", Wnode->BufferSize);
  482. DbgPrint("Flags %x\n", Wnode->Flags);
  483. DbgPrint("Version %x\n", Wnode->Version);
  484. #endif
  485. }
  487. //
  488. // After getting enabled, create a thread to log a few events
  489. // to test this out.
  491. Status = PsCreateSystemThread(
  492. &ThreadHandle,
  493. THREAD_ALL_ACCESS,
  494. NULL,
  495. NULL,
  496. NULL,
  497. TraceEventLogger,
  498. &LoggerHandle );
  500. if (NT_SUCCESS(Status)) { // if SystemThread is started
  501. ZwClose (ThreadHandle);
  502. }
  505. #if DBG
  506. DbgPrint("IRP_MN_ENABLE_EVENTS\n");
  507. #endif
  508. break;
  510. case IRP_MN_DISABLE_EVENTS:
  511. InterlockedExchange(&TracekmpEnable, 0);
  512. #if DBG
  513. DbgPrint(" IRP_MN_DISABLE_EVENTS\n");
  514. #endif
  515. break;
  517. case IRP_MN_ENABLE_COLLECTION:
  519. #if DBG
  520. DbgPrint("IRP_MN_ENABLE_COLLECTION\n");
  521. #endif
  522. break;
  524. case IRP_MN_DISABLE_COLLECTION:
  525. #if DBG
  526. DbgPrint("IRP_MN_DISABLE_COLLECTION\n");
  527. #endif
  528. break;
  529. default:
  530. Status = STATUS_INVALID_DEVICE_REQUEST;
  531. Irp->IoStatus.Status = Status;
  532. Irp->IoStatus.Information = 0;
  533. #if DBG
  534. DbgPrint("DEFAULT\n");
  535. #endif
  536. return Status;
  537. }
  540. //
  541. // Before the packet goes back to the
  542. // I/O Manager, log a message.
  543. //
  545. Irp->IoStatus.Status = Status;
  546. Irp->IoStatus.Information = ReturnSize;
  547. IoCompleteRequest( Irp, IO_NO_INCREMENT );
  548. return Status;
  549. }
  550. #endif
  552. VOID
  553. TraceEventLogger(
  554. IN PTRACEHANDLE pLoggerHandle
  555. )
  556. {
  557. NTSTATUS status;
  558. EVENT_TRACE_HEADER Header, *Wnode;
  559. PULONG TraceMarker;
  560. ULONG i = 0;
  561. TRACEHANDLE LoggerHandle = *pLoggerHandle;
  563. while (TracekmpEnable) {
  564. //
  565. // NOTE: For optimization, the set up of the HEADER should be done
  566. // one outside of this while loop. It is left here so that the caller
  567. // at least needs to be conscious of what is being sent
  568. //
  569. Wnode = &Header;
  570. RtlZeroMemory(Wnode, sizeof(EVENT_TRACE_HEADER));
  571. Wnode->Size = sizeof(EVENT_TRACE_HEADER);
  573. Wnode->Flags = WNODE_FLAG_TRACED_GUID;
  574. Wnode->Guid = TracekmpGuid;
  575. ((PWNODE_HEADER)Wnode)->HistoricalContext = LoggerHandle;
  577. //
  578. // Call TraceLogger to write this event
  579. //
  581. status = IoWMIWriteEvent((PVOID)Wnode);
  583. #ifdef DBG
  584. if ( !(i%100) ) {
  585. DbgPrint("Another Hundred Events Written \n");
  586. DbgPrint("Status %x LoggerHandle %I64X\n", status, LoggerHandle);
  587. }
  588. #endif
  590. if (i++ > MAXEVENTS)
  591. break;
  593. }
  595. PsTerminateSystemThread(status);
  596. return;
  598. }
  600. VOID
  601. TracekmpDriverUnload(
  602. IN PDRIVER_OBJECT DriverObject
  603. )
  604. {
  605. PDEVICE_OBJECT pDevObj;
  607. UNICODE_STRING linkName;
  609. #if DBG
  610. DbgPrint("Unloading the Driver\n");
  611. #endif
  613. //
  614. // Get pointer to Device object
  615. //
  616. pDevObj = DriverObject->DeviceObject;
  618. //
  619. IoWMIRegistrationControl(pDevObj, WMIREG_ACTION_DEREGISTER);
  621. //
  622. // Form the Win32 symbolic link name.
  623. //
  624. RtlInitUnicodeString(
  625. &linkName,
  626. TRACEKMP_WIN32_DEVICE_NAME );
  628. //
  629. // Remove symbolic link from Object
  630. // namespace...
  631. //
  632. IoDeleteSymbolicLink( &linkName );
  635. //
  636. // Unload the callbacks from the kernel to this driver
  637. //
  638. IoDeleteDevice( pDevObj );
  640. }
  642. #ifdef USE_CALLBACK
  643. NTSTATUS
  644. TracekmpControlCallback(
  645. IN WMIACTIONCODE ActionCode,
  646. IN PVOID DataPath,
  647. IN ULONG BufferSize,
  648. IN OUT PVOID Buffer,
  649. IN PVOID Context,
  650. OUT PULONG Size
  651. )
  652. //
  653. // This callback routine is called to process enable/disable action codes
  654. //
  655. {
  656. PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation(Irp);
  657. ULONG BufferSize = irpSp->Parameters.WMI.BufferSize;
  658. PVOID Buffer = irpSp->Parameters.WMI.Buffer;
  659. ULONG ReturnSize = 0;
  660. NTSTATUS Status = STATUS_SUCCESS;
  661. PWNODE_HEADER Wnode=NULL;
  662. HANDLE ThreadHandle;
  664. UNREFERENCED_PARAMETER(pDO);
  666. switch (ActionCode) {
  668. case IRP_MN_REG_INFO :
  669. #if DBG
  670. DbgPrint("IRP_MN_REG_INFO\n");
  671. #endif
  672. Status = PcWmiRegisterGuids( Buffer,
  673. BufferSize,
  674. &ReturnSize);
  675. break;
  677. case IRP_MN_ENABLE_EVENTS :
  679. InterlockedExchange(&TracekmpEnable, 1);
  681. Wnode = (PWNODE_HEADER)Buffer;
  682. if (BufferSize >= sizeof(WNODE_HEADER)) {
  683. LoggerHandle = Wnode->HistoricalContext;
  684. #if DBG
  685. DbgPrint("LoggerHandle %I64u\n", Wnode->HistoricalContext);
  687. DbgPrint("BufferSize %d\n", Wnode->BufferSize);
  688. DbgPrint("Flags %x\n", Wnode->Flags);
  689. DbgPrint("Version %x\n", Wnode->Version);
  690. #endif
  691. }
  693. //
  694. // After getting enabled, create a thread to log a few events
  695. // to test this out.
  697. Status = PsCreateSystemThread(
  698. &ThreadHandle,
  699. THREAD_ALL_ACCESS,
  700. NULL,
  701. NULL,
  702. NULL,
  703. TraceEventLogger,
  704. &LoggerHandle );
  706. if (NT_SUCCESS(Status)) { // if SystemThread is started
  707. ZwClose (ThreadHandle);
  708. }
  711. #if DBG
  712. DbgPrint("IRP_MN_ENABLE_EVENTS\n");
  713. #endif
  714. break;
  716. case IRP_MN_DISABLE_EVENTS :
  717. InterlockedExchange(&TracekmpEnable, 0);
  718. #if DBG
  719. DbgPrint(" IRP_MN_DISABLE_EVENTS\n");
  720. #endif
  721. break;
  723. case IRP_MN_ENABLE_COLLECTION :
  725. #if DBG
  726. DbgPrint("IRP_MN_ENABLE_COLLECTION\n");
  727. #endif
  728. break;
  730. case IRP_MN_DISABLE_COLLECTION :
  731. #if DBG
  732. DbgPrint("IRP_MN_DISABLE_COLLECTION\n");
  733. #endif
  734. break;
  735. default:
  736. Status = STATUS_INVALID_DEVICE_REQUEST;
  737. ReturnSize = 0;
  738. #if DBG
  739. DbgPrint("DEFAULT\n");
  740. #endif
  741. return Status;
  742. }
  745. //
  746. // Before the packet goes back to the
  747. // I/O Manager, log a message.
  748. //
  750. if (Size)
  751. *Size = ReturnSize;
  752. return Status;
  753. }
  754. #endif // USE_CALLBACK