Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

4112 lines
92 KiB

  1. //
  2. // Driver Verifier Control Applet
  3. // Copyright (c) Microsoft Corporation, 1999
  4. //
  5. //
  6. // module: verify.cxx
  7. // author: silviuc
  8. // created: Mon Jan 04 12:40:57 1999
  9. //
  10. extern "C" {
  11. #include "nt.h"
  12. #include "ntrtl.h"
  13. #include "nturtl.h"
  14. }
  15. #include <stdio.h>
  16. #include <stdlib.h>
  17. #include <stdarg.h>
  18. #include <string.h>
  19. #include <tchar.h>
  20. #include <windows.h>
  21. #include <time.h>
  22. #include <ntverp.h>
  23. #include <common.ver>
  24. #include "verify.hxx"
  25. #include "image.hxx"
  26. #include "resource.h"
  27. //
  28. // IO verification levels
  29. //
  30. #define IO_VERIFICATION_LEVEL_MAX 3
  31. //
  32. // all the possible verification flags
  33. //
  34. const UINT VerifierAllOptions = (DRIVER_VERIFIER_SPECIAL_POOLING |
  35. DRIVER_VERIFIER_FORCE_IRQL_CHECKING |
  36. DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES |
  37. DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS |
  38. DRIVER_VERIFIER_IO_CHECKING |
  39. DRIVER_VERIFIER_DEADLOCK_DETECTION );
  40. //
  41. // the options that can be modified on the fly
  42. //
  43. const UINT VerifierModifyableOptions = (DRIVER_VERIFIER_SPECIAL_POOLING |
  44. DRIVER_VERIFIER_FORCE_IRQL_CHECKING |
  45. DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES);
  46. //
  47. // system IO verifier values
  48. //
  49. #define SYS_IO_VERIFIER_DISABLED_VALUE 0
  50. #define SYS_IO_VERIFIER_BASE_VALUE 1
  51. //////////////////////////////////////////////////////////////////////
  52. ////////////////////////////////////////////////////////// Global Data
  53. //////////////////////////////////////////////////////////////////////
  54. //
  55. // Command line / GUI
  56. //
  57. BOOL g_bCommandLineMode = FALSE;
  58. //
  59. // OS version and build number information
  60. //
  61. OSVERSIONINFO g_OsVersion;
  62. //
  63. // Was the debug privilege already enabled?
  64. // We need this privilege to set volatile options.
  65. //
  66. BOOL g_bPrivegeEnabled = FALSE;
  67. //////////////////////////////////////////////////////////////////////
  68. ///////////////////////////////////////////////////// Registry Strings
  69. //////////////////////////////////////////////////////////////////////
  70. LPCTSTR RegMemoryManagementKeyName =
  71. TEXT ("System\\CurrentControlSet\\Control\\Session Manager\\Memory Management");
  72. LPCTSTR RegVerifyDriversValueName =
  73. TEXT ("VerifyDrivers");
  74. LPCTSTR RegVerifyDriverLevelValueName =
  75. TEXT ("VerifyDriverLevel");
  76. LPCTSTR RegSessionManagerKeyName =
  77. TEXT ("System\\CurrentControlSet\\Control\\Session Manager");
  78. LPCTSTR RegIOVerifyKeyName =
  79. TEXT ("System\\CurrentControlSet\\Control\\Session Manager\\I/O System");
  80. LPCTSTR RegIOVerifySubKeyName =
  81. TEXT ("I/O System");
  82. LPCTSTR RegIOVerifyLevelValueName =
  83. TEXT ("IoVerifierLevel");
  84. //////////////////////////////////////////////////////////////////////
  85. //////////////////////////////////////////////// command line support
  86. //////////////////////////////////////////////////////////////////////
  87. void
  88. VrfDumpChangedSettings(
  89. UINT OldFlags,
  90. UINT NewFlags );
  91. BOOL
  92. VrfEnableDebugPrivilege (
  93. );
  94. //////////////////////////////////////////////////////////////////////
  95. /////////////// Forward decl for local registry manipulation functions
  96. //////////////////////////////////////////////////////////////////////
  97. BOOL
  98. ReadRegistryValue (
  99. HKEY HKey,
  100. LPCTSTR Name,
  101. DWORD * Value,
  102. DWORD DefaultValue);
  103. BOOL
  104. WriteRegistryValue (
  105. HKEY HKey,
  106. LPCTSTR Name,
  107. DWORD Value);
  108. BOOL
  109. ReadMmString (
  110. HKEY MmKey,
  111. LPCTSTR Name,
  112. LPTSTR Buffer,
  113. DWORD BufferSize);
  114. BOOL
  115. WriteMmString (
  116. HKEY MmKey,
  117. LPCTSTR Name,
  118. LPTSTR Value);
  119. //////////////////////////////////////////////////////////////////////
  120. /////////////// Forward decl for local sys level IO verifier functions
  121. //////////////////////////////////////////////////////////////////////
  122. BOOL
  123. SetSysIoVerifierSettings(
  124. ULONG SysIoVerifierLevel );
  125. //////////////////////////////////////////////////////////////////////
  126. /////////////////////// Forward decl for driver manipulation functions
  127. //////////////////////////////////////////////////////////////////////
  128. typedef enum {
  129. VRF_DRIVER_LOAD_SUCCESS,
  130. VRF_DRIVER_LOAD_CANNOT_FIND_IMAGE,
  131. VRF_DRIVER_LOAD_INVALID_IMAGE
  132. } VRF_DRIVER_LOAD_STATUS;
  133. ULONG
  134. GetActiveDriversList (
  135. PVRF_DRIVER_STATE DriverInfo,
  136. ULONG MaxNumberOfDrivers);
  137. BOOL
  138. SetVerifiedDriversFromNamesString (
  139. PVRF_VERIFIER_STATE VrfState );
  140. BOOL
  141. GetVerifiedDriversToString (
  142. PVRF_VERIFIER_STATE VrfState );
  143. BOOL
  144. SetAllDriversStatus (
  145. PVRF_VERIFIER_STATE VrfState,
  146. BOOL Verified);
  147. BOOL
  148. VrfSearchVerifierDriver (
  149. PVRF_VERIFIER_STATE VrfState,
  150. LPCTSTR DriverName,
  151. ULONG & HitIndex);
  152. BOOL
  153. KrnSearchVerifierDriver (
  154. LPCTSTR DriverName,
  155. ULONG & HitIndex);
  156. LPCTSTR
  157. IsMiniportDriver (
  158. LPCTSTR DriverName, VRF_DRIVER_LOAD_STATUS &ErrorCode);
  159. BOOL
  160. VrfGetVersionInfo(
  161. LPTSTR lptstrFileName,
  162. LPTSTR lptstrCompany,
  163. int nCompanyBufferLength,
  164. LPTSTR lptstrVersion,
  165. int nVersionBufferLength );
  166. BOOL
  167. ConvertAnsiStringToTcharString (
  168. LPBYTE Source,
  169. ULONG SourceLength,
  170. LPTSTR Destination,
  171. ULONG DestinationLength);
  172. //
  173. // Support for dynamic set of verified drivers
  174. //
  175. BOOL
  176. VrfVolatileAddOrRemoveDriversCmdLine(
  177. int nArgsNo,
  178. LPTSTR szCmdLineArgs[] );
  179. //////////////////////////////////////////////////////////////////////
  180. ////////////////////////////////////////// Exported Verifier Functions
  181. //////////////////////////////////////////////////////////////////////
  182. //
  183. // Function:
  184. //
  185. // VrfGetVerifierState
  186. //
  187. // Description:
  188. //
  189. // Reads all Mm related registry settings and fills the structure
  190. // with the appropriate BOOLean values.
  191. //
  192. BOOL
  193. VrfGetVerifierState (
  194. PVRF_VERIFIER_STATE VrfState)
  195. {
  196. static KRN_VERIFIER_STATE KrnState;
  197. HKEY MmKey = NULL;
  198. HKEY IoKey = NULL;
  199. LONG Result;
  200. DWORD Value;
  201. DWORD IoValue;
  202. ULONG Index;
  203. ULONG FoundIndex;
  204. if (VrfState == NULL) {
  205. return FALSE;
  206. }
  207. //
  208. // Open the Mm key
  209. //
  210. Result = RegOpenKeyEx (
  211. HKEY_LOCAL_MACHINE,
  212. RegMemoryManagementKeyName,
  213. 0,
  214. KEY_QUERY_VALUE,
  215. &MmKey);
  216. if (Result != ERROR_SUCCESS) {
  217. if( Result == ERROR_ACCESS_DENIED ) {
  218. VrfErrorResourceFormat ( IDS_ACCESS_IS_DENIED );
  219. }
  220. else {
  221. VrfErrorResourceFormat (
  222. IDS_REGOPENKEYEX_FAILED,
  223. RegMemoryManagementKeyName,
  224. (DWORD)Result);
  225. }
  226. return FALSE;
  227. }
  228. //
  229. // Set the driver specific information.
  230. //
  231. VrfState->DriverNames[ 0 ] = 0;
  232. VrfState->AdditionalDriverNames[ 0 ] = 0;
  233. VrfState->DriverCount = GetActiveDriversList (
  234. VrfState->DriverInfo, ARRAY_LENGTH( VrfState->DriverInfo ) );
  235. //
  236. // Read VerifyDriverLevel value
  237. //
  238. if (ReadRegistryValue (MmKey, RegVerifyDriverLevelValueName, &Value, 0) == FALSE) {
  239. RegCloseKey (MmKey);
  240. return FALSE;
  241. }
  242. VrfState->SpecialPoolVerification = (Value & DRIVER_VERIFIER_SPECIAL_POOLING) ? TRUE : FALSE;
  243. VrfState->PagedCodeVerification = (Value & DRIVER_VERIFIER_FORCE_IRQL_CHECKING) ? TRUE : FALSE;
  244. VrfState->AllocationFaultInjection = (Value & DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES) ? TRUE : FALSE;
  245. VrfState->PoolTracking = (Value & DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS) ? TRUE : FALSE;
  246. VrfState->IoVerifier = (Value & DRIVER_VERIFIER_IO_CHECKING) ? TRUE : FALSE;
  247. //
  248. // the sys level IO verifier can be enabled only if VrfState->IoVerifier == TRUE
  249. //
  250. if( VrfState->IoVerifier == TRUE )
  251. {
  252. //
  253. // don't know yet if the sys level IO verifier is enabled
  254. //
  255. IoValue = SYS_IO_VERIFIER_DISABLED_VALUE;
  256. //
  257. // Open the IO key
  258. //
  259. Result = RegOpenKeyEx (
  260. HKEY_LOCAL_MACHINE,
  261. RegIOVerifyKeyName,
  262. 0,
  263. KEY_QUERY_VALUE,
  264. &IoKey);
  265. if (Result != ERROR_SUCCESS ) {
  266. //
  267. // if Result == ERROR_FILE_NOT_FOUND just use out default value for IoValue
  268. //
  269. if( Result != ERROR_FILE_NOT_FOUND ) {
  270. //
  271. // the key is there but we cannot read it, fatal error
  272. //
  273. if( Result == ERROR_ACCESS_DENIED ) {
  274. VrfErrorResourceFormat(
  275. IDS_ACCESS_IS_DENIED );
  276. }
  277. else {
  278. VrfErrorResourceFormat(
  279. IDS_REGOPENKEYEX_FAILED,
  280. RegIOVerifyKeyName,
  281. (DWORD)Result);
  282. }
  283. RegCloseKey (MmKey);
  284. return FALSE;
  285. }
  286. }
  287. else {
  288. //
  289. // IO key opened, read the IoVerifierLevel value
  290. //
  291. if ( ReadRegistryValue (
  292. IoKey,
  293. RegIOVerifyLevelValueName,
  294. &IoValue,
  295. SYS_IO_VERIFIER_DISABLED_VALUE ) == FALSE) {
  296. RegCloseKey (IoKey);
  297. RegCloseKey (MmKey);
  298. return FALSE;
  299. }
  300. //
  301. // done with the IO key
  302. //
  303. RegCloseKey (IoKey);
  304. }
  305. if (IoValue)
  306. {
  307. VrfState->SysIoVerifierLevel = IoValue - SYS_IO_VERIFIER_BASE_VALUE;
  308. }
  309. }
  310. //
  311. // Read VerifyDrivers value
  312. //
  313. VrfState->AllDriversVerified = FALSE;
  314. if (ReadMmString (MmKey,
  315. RegVerifyDriversValueName,
  316. VrfState->DriverNames,
  317. sizeof( VrfState->DriverNames ) ) == FALSE) {
  318. RegCloseKey (MmKey);
  319. return FALSE;
  320. }
  321. if ( VrfState->DriverNames[ 0 ] == TEXT('*') ) {
  322. VrfState->AllDriversVerified = TRUE;
  323. SetAllDriversStatus (VrfState, TRUE);
  324. }
  325. else {
  326. SetVerifiedDriversFromNamesString ( VrfState );
  327. }
  328. //
  329. // Get the kernel verifier state and mark any active drivers
  330. // as already verified.
  331. //
  332. if (KrnGetSystemVerifierState ( &KrnState ) == TRUE) {
  333. for (Index = 0; Index < KrnState.DriverCount; Index++) {
  334. if (VrfSearchVerifierDriver (
  335. VrfState,
  336. KrnState.DriverInfo[Index].Name,
  337. FoundIndex) == TRUE) {
  338. VrfState->DriverInfo[FoundIndex].CurrentlyVerified = TRUE;
  339. }
  340. }
  341. }
  342. //
  343. // Close the Mm key and return success
  344. //
  345. RegCloseKey (MmKey);
  346. return TRUE;
  347. }
  348. //
  349. // Function:
  350. //
  351. // VrfSetVerifierState
  352. //
  353. // Description:
  354. //
  355. // Writes all Mm related registry settings according with
  356. // the structure.
  357. //
  358. BOOL
  359. VrfSetVerifierState (
  360. PVRF_VERIFIER_STATE VrfState)
  361. {
  362. HKEY MmKey = NULL;
  363. LONG Result;
  364. DWORD Value;
  365. size_t StringLength;
  366. size_t CrtCharIndex;
  367. //
  368. // Open the Mm key
  369. //
  370. Result = RegOpenKeyEx (
  371. HKEY_LOCAL_MACHINE,
  372. RegMemoryManagementKeyName,
  373. 0,
  374. KEY_SET_VALUE,
  375. &MmKey);
  376. if (Result != ERROR_SUCCESS) {
  377. if( Result == ERROR_ACCESS_DENIED ) {
  378. VrfErrorResourceFormat(
  379. IDS_ACCESS_IS_DENIED );
  380. }
  381. else {
  382. VrfErrorResourceFormat(
  383. IDS_REGOPENKEYEX_FAILED,
  384. RegMemoryManagementKeyName,
  385. (DWORD)Result);
  386. }
  387. return FALSE;
  388. }
  389. //
  390. // Write VerifyDriverLevel value
  391. //
  392. Value = (VrfState->SpecialPoolVerification ? DRIVER_VERIFIER_SPECIAL_POOLING : 0);
  393. Value |= (VrfState->PagedCodeVerification ? DRIVER_VERIFIER_FORCE_IRQL_CHECKING : 0);
  394. Value |= (VrfState->AllocationFaultInjection ? DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES : 0);
  395. Value |= (VrfState->PoolTracking ? DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS : 0);
  396. Value |= (VrfState->IoVerifier ? DRIVER_VERIFIER_IO_CHECKING : 0);
  397. if (WriteRegistryValue (MmKey, RegVerifyDriverLevelValueName, Value) == FALSE) {
  398. RegCloseKey (MmKey);
  399. return FALSE;
  400. }
  401. //
  402. // enable/disable system level IO verifier
  403. //
  404. if ( VrfState->IoVerifier == FALSE )
  405. {
  406. VrfState->SysIoVerifierLevel = 0;
  407. }
  408. if( ! SetSysIoVerifierSettings(
  409. VrfState->SysIoVerifierLevel ) )
  410. {
  411. RegCloseKey (MmKey);
  412. return FALSE;
  413. }
  414. //
  415. // Write VerifyDrivers value
  416. //
  417. if (VrfState->AllDriversVerified) {
  418. if (WriteMmString (MmKey, RegVerifyDriversValueName, TEXT("*")) == FALSE) {
  419. RegCloseKey (MmKey);
  420. return FALSE;
  421. }
  422. }
  423. else {
  424. GetVerifiedDriversToString (
  425. VrfState );
  426. //
  427. // do we have any significant characters in VrfState->DriverNames?
  428. //
  429. StringLength = _tcslen( VrfState->DriverNames );
  430. for( CrtCharIndex = 0; CrtCharIndex < StringLength; CrtCharIndex++ ) {
  431. if( VrfState->DriverNames[ CrtCharIndex ] != _T( ' ' ) &&
  432. VrfState->DriverNames[ CrtCharIndex ] != _T( '\t' ) ) {
  433. break;
  434. }
  435. }
  436. if( CrtCharIndex < StringLength )
  437. {
  438. //
  439. // we have at least one significant character in the string
  440. //
  441. if (WriteMmString (MmKey, RegVerifyDriversValueName, VrfState->DriverNames) == FALSE) {
  442. RegCloseKey (MmKey);
  443. return FALSE;
  444. }
  445. }
  446. else {
  447. //
  448. // no drivers will be verified, erase the driver list from the registry
  449. //
  450. Result = RegDeleteValue (MmKey, RegVerifyDriversValueName);
  451. if (Result != ERROR_SUCCESS && Result != ERROR_FILE_NOT_FOUND) {
  452. VrfErrorResourceFormat(
  453. IDS_REGDELETEVALUE_FAILED,
  454. RegVerifyDriversValueName,
  455. (DWORD)Result);
  456. RegCloseKey (MmKey);
  457. return FALSE;
  458. }
  459. }
  460. }
  461. //
  462. // Close the Mm key and return success
  463. //
  464. RegCloseKey (MmKey);
  465. return TRUE;
  466. }
  467. //
  468. // Function:
  469. //
  470. // VrfSetVolatileFlags
  471. //
  472. // Description:
  473. //
  474. // This functions modifies verifier options on the fly.
  475. //
  476. BOOL
  477. VrfSetVolatileFlags (
  478. UINT uNewFlags)
  479. {
  480. NTSTATUS Status;
  481. //
  482. // Just use NtSetSystemInformation to set the flags
  483. // that can be modified on the fly. Don't write anything to the registry.
  484. //
  485. //
  486. // enable debug privilege
  487. //
  488. if( g_bPrivegeEnabled != TRUE )
  489. {
  490. g_bPrivegeEnabled = VrfEnableDebugPrivilege();
  491. if( g_bPrivegeEnabled != TRUE )
  492. {
  493. return FALSE;
  494. }
  495. }
  496. //
  497. // set the new flags
  498. //
  499. Status = NtSetSystemInformation(
  500. SystemVerifierInformation,
  501. &uNewFlags,
  502. sizeof( uNewFlags ) );
  503. if( ! NT_SUCCESS( Status ) )
  504. {
  505. if( Status == STATUS_ACCESS_DENIED )
  506. {
  507. //
  508. // access denied
  509. //
  510. VrfErrorResourceFormat(
  511. IDS_ACCESS_IS_DENIED );
  512. }
  513. else
  514. {
  515. //
  516. // some other error
  517. //
  518. VrfErrorResourceFormat(
  519. IDS_CANNOT_CHANGE_SETTING_ON_FLY );
  520. }
  521. return FALSE;
  522. }
  523. return TRUE;
  524. }
  525. //
  526. // Function:
  527. //
  528. // VrfSetVolatileOptions
  529. //
  530. // Description:
  531. //
  532. // This functions modifies verifier options on the fly.
  533. //
  534. BOOL
  535. VrfSetVolatileOptions(
  536. BOOL bSpecialPool,
  537. BOOL bIrqlChecking,
  538. BOOL bFaultInjection )
  539. {
  540. ULONG uNewFlags;
  541. uNewFlags = 0;
  542. if( bSpecialPool )
  543. {
  544. uNewFlags |= DRIVER_VERIFIER_SPECIAL_POOLING;
  545. }
  546. if( bIrqlChecking )
  547. {
  548. uNewFlags |= DRIVER_VERIFIER_FORCE_IRQL_CHECKING;
  549. }
  550. if( bFaultInjection )
  551. {
  552. uNewFlags |= DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES;
  553. }
  554. return VrfSetVolatileFlags( uNewFlags );
  555. }
  556. //
  557. // Function:
  558. //
  559. // VrfClearAllVerifierSettings
  560. //
  561. // Description:
  562. //
  563. // This functions deletes all registry values that control in one
  564. // way or another the Driver Verifier.
  565. //
  566. BOOL
  567. VrfClearAllVerifierSettings (
  568. )
  569. {
  570. HKEY MmKey = NULL;
  571. HKEY IoKey = NULL;
  572. LONG Result;
  573. LPTSTR ValueName;
  574. //
  575. // Open the Mm key
  576. //
  577. Result = RegOpenKeyEx (
  578. HKEY_LOCAL_MACHINE,
  579. RegMemoryManagementKeyName,
  580. 0,
  581. KEY_SET_VALUE,
  582. &MmKey);
  583. if (Result != ERROR_SUCCESS) {
  584. if( Result == ERROR_ACCESS_DENIED ) {
  585. VrfErrorResourceFormat(
  586. IDS_ACCESS_IS_DENIED );
  587. }
  588. else {
  589. VrfErrorResourceFormat(
  590. IDS_REGOPENKEYEX_FAILED,
  591. RegMemoryManagementKeyName,
  592. (DWORD)Result);
  593. }
  594. return FALSE;
  595. }
  596. //
  597. // Delete VerifyDriverLevel value
  598. //
  599. ValueName = (LPTSTR)RegVerifyDriverLevelValueName;
  600. Result = RegDeleteValue (MmKey, ValueName);
  601. if (Result != ERROR_SUCCESS && Result != ERROR_FILE_NOT_FOUND) {
  602. VrfErrorResourceFormat(
  603. IDS_REGDELETEVALUE_FAILED,
  604. ValueName,
  605. (DWORD)Result);
  606. RegCloseKey (MmKey);
  607. return FALSE;
  608. }
  609. //
  610. // Delete VerifyDrivers value
  611. //
  612. ValueName = (LPTSTR)RegVerifyDriversValueName;
  613. Result = RegDeleteValue (MmKey, ValueName);
  614. if (Result != ERROR_SUCCESS && Result != ERROR_FILE_NOT_FOUND) {
  615. VrfErrorResourceFormat(
  616. IDS_REGDELETEVALUE_FAILED,
  617. ValueName,
  618. (DWORD)Result);
  619. RegCloseKey (MmKey);
  620. return FALSE;
  621. }
  622. //
  623. // Close the Mm key
  624. //
  625. RegCloseKey (MmKey);
  626. //
  627. // delete the sys level IO verifier value
  628. //
  629. return SetSysIoVerifierSettings( 0 );
  630. }
  631. //
  632. // Function:
  633. //
  634. // VrfSearchVerifiedDriver
  635. //
  636. // Description:
  637. //
  638. // This function searches the VerifierState->DriverInfo database for the specified
  639. // driver. It sets the index if something has been found.
  640. //
  641. BOOL
  642. VrfSearchVerifierDriver (
  643. PVRF_VERIFIER_STATE VrfState,
  644. LPCTSTR DriverName,
  645. ULONG & HitIndex)
  646. {
  647. ULONG Index;
  648. ASSERT (DriverName != NULL);
  649. for (Index = 0; Index < VrfState->DriverCount; Index++) {
  650. if (_tcsicmp (DriverName, VrfState->DriverInfo[Index].Name) == 0) {
  651. HitIndex = Index;
  652. return TRUE;
  653. }
  654. }
  655. return FALSE;
  656. }
  657. //////////////////////////////////////////////////////////////////////
  658. ////////////////////////////////////////// System verifier information
  659. //////////////////////////////////////////////////////////////////////
  660. //
  661. // Function:
  662. //
  663. // KrnGetSystemVerifierState
  664. //
  665. // Description:
  666. //
  667. // This function queries the system verifier state using
  668. // NtQuerysystemInformation().
  669. //
  670. BOOL
  671. KrnGetSystemVerifierState (
  672. PKRN_VERIFIER_STATE KrnState)
  673. {
  674. ULONG Index;
  675. NTSTATUS Status;
  676. ULONG Length = 0;
  677. ULONG buffersize;
  678. PSYSTEM_VERIFIER_INFORMATION VerifierInfo;
  679. PSYSTEM_VERIFIER_INFORMATION VerifierInfoBase;
  680. //
  681. // Sanity checks
  682. //
  683. if (KrnState == NULL) {
  684. return FALSE;
  685. }
  686. //
  687. // Initalize the returned structure and global vars
  688. // before the search.
  689. //
  690. VerifierInfo = NULL;
  691. KrnState->DriverCount = 0;
  692. //
  693. // Try to get the right size for the NtQuery buffer
  694. //
  695. buffersize = 1024;
  696. do {
  697. VerifierInfo = (PSYSTEM_VERIFIER_INFORMATION)malloc (buffersize);
  698. if (VerifierInfo == NULL) {
  699. Status = STATUS_INSUFFICIENT_RESOURCES;
  700. break;
  701. }
  702. Status = NtQuerySystemInformation (SystemVerifierInformation,
  703. VerifierInfo,
  704. buffersize,
  705. &Length);
  706. if (Status != STATUS_INFO_LENGTH_MISMATCH) {
  707. break;
  708. }
  709. free (VerifierInfo);
  710. buffersize += 1024;
  711. } while (1);
  712. if (! NT_SUCCESS(Status)) {
  713. VrfErrorResourceFormat(
  714. IDS_QUERY_SYSINFO_FAILED,
  715. Status);
  716. return FALSE;
  717. }
  718. //
  719. // If no info fill out return success but no info.
  720. //
  721. if (Length == 0) {
  722. free (VerifierInfo);
  723. return TRUE;
  724. }
  725. //
  726. // Fill out the cumulative-driver stuff.
  727. //
  728. VerifierInfoBase = VerifierInfo;
  729. KrnState->Level = VerifierInfo->Level;
  730. KrnState->SpecialPool = (VerifierInfo->Level & DRIVER_VERIFIER_SPECIAL_POOLING) ? TRUE : FALSE;
  731. KrnState->IrqlChecking = (VerifierInfo->Level & DRIVER_VERIFIER_FORCE_IRQL_CHECKING) ? TRUE : FALSE;
  732. KrnState->FaultInjection = (VerifierInfo->Level & DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES) ? TRUE : FALSE;
  733. KrnState->PoolTrack = (VerifierInfo->Level & DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS) ? TRUE : FALSE;
  734. KrnState->IoVerif = (VerifierInfo->Level & DRIVER_VERIFIER_IO_CHECKING) ? TRUE : FALSE;
  735. KrnState->RaiseIrqls = VerifierInfo->RaiseIrqls;
  736. KrnState->AcquireSpinLocks = VerifierInfo->AcquireSpinLocks;
  737. KrnState->SynchronizeExecutions = VerifierInfo->SynchronizeExecutions;
  738. KrnState->AllocationsAttempted = VerifierInfo->AllocationsAttempted;
  739. KrnState->AllocationsSucceeded = VerifierInfo->AllocationsSucceeded;
  740. KrnState->AllocationsSucceededSpecialPool = VerifierInfo->AllocationsSucceededSpecialPool;
  741. KrnState->AllocationsWithNoTag = VerifierInfo->AllocationsWithNoTag;
  742. KrnState->Trims = VerifierInfo->Trims;
  743. KrnState->AllocationsFailed = VerifierInfo->AllocationsFailed;
  744. KrnState->AllocationsFailedDeliberately = VerifierInfo->AllocationsFailedDeliberately;
  745. KrnState->UnTrackedPool = VerifierInfo->UnTrackedPool;
  746. //
  747. // Fill out the per-driver stuff.
  748. //
  749. VerifierInfo = VerifierInfoBase;
  750. Index = 0;
  751. do {
  752. ANSI_STRING Name;
  753. NTSTATUS Status;
  754. Status = RtlUnicodeStringToAnsiString (
  755. & Name,
  756. & VerifierInfo->DriverName,
  757. TRUE);
  758. if (! (NT_SUCCESS(Status))) {
  759. free (VerifierInfoBase);
  760. return FALSE;
  761. }
  762. ConvertAnsiStringToTcharString (
  763. (LPBYTE)(Name.Buffer),
  764. Name.Length,
  765. KrnState->DriverInfo[Index].Name,
  766. ARRAY_LENGTH( KrnState->DriverInfo[Index].Name ) - 1 );
  767. RtlFreeAnsiString (& Name);
  768. KrnState->DriverInfo[Index].Loads = VerifierInfo->Loads;
  769. KrnState->DriverInfo[Index].Unloads = VerifierInfo->Unloads;
  770. KrnState->DriverInfo[Index].CurrentPagedPoolAllocations = VerifierInfo->CurrentPagedPoolAllocations;
  771. KrnState->DriverInfo[Index].CurrentNonPagedPoolAllocations = VerifierInfo->CurrentNonPagedPoolAllocations;
  772. KrnState->DriverInfo[Index].PeakPagedPoolAllocations = VerifierInfo->PeakPagedPoolAllocations;
  773. KrnState->DriverInfo[Index].PeakNonPagedPoolAllocations = VerifierInfo->PeakNonPagedPoolAllocations;
  774. KrnState->DriverInfo[Index].PagedPoolUsageInBytes = VerifierInfo->PagedPoolUsageInBytes;
  775. KrnState->DriverInfo[Index].NonPagedPoolUsageInBytes = VerifierInfo->NonPagedPoolUsageInBytes;
  776. KrnState->DriverInfo[Index].PeakPagedPoolUsageInBytes = VerifierInfo->PeakPagedPoolUsageInBytes;
  777. KrnState->DriverInfo[Index].PeakNonPagedPoolUsageInBytes = VerifierInfo->PeakNonPagedPoolUsageInBytes;
  778. KrnState->DriverCount++;
  779. Index++;
  780. if (VerifierInfo->NextEntryOffset == 0) {
  781. break;
  782. }
  783. VerifierInfo = (PSYSTEM_VERIFIER_INFORMATION)((PCHAR)VerifierInfo + VerifierInfo->NextEntryOffset);
  784. }
  785. while (1);
  786. free (VerifierInfoBase);
  787. return TRUE;
  788. }
  789. //////////////////////////////////////////////////////////////////////
  790. //////////////////////////////////////// Read/write Mm Registry Values
  791. //////////////////////////////////////////////////////////////////////
  792. BOOL
  793. ReadRegistryValue (
  794. HKEY HKey,
  795. LPCTSTR Name,
  796. DWORD * Value,
  797. DWORD DefaultValue)
  798. {
  799. LONG Result;
  800. DWORD Reserved;
  801. DWORD Type;
  802. DWORD Size;
  803. //
  804. // default value
  805. //
  806. *Value = DefaultValue;
  807. Size = sizeof *Value;
  808. Result = RegQueryValueEx (
  809. HKey,
  810. Name,
  811. 0,
  812. &Type,
  813. (LPBYTE)(Value),
  814. &Size);
  815. //
  816. // Deal with a value that is not defined.
  817. //
  818. if (Result == ERROR_FILE_NOT_FOUND) {
  819. *Value = 0;
  820. return TRUE;
  821. }
  822. if (Result != ERROR_SUCCESS) {
  823. VrfErrorResourceFormat(
  824. IDS_REGQUERYVALUEEX_FAILED,
  825. Name,
  826. (DWORD)Result);
  827. return FALSE;
  828. }
  829. if (Type != REG_DWORD) {
  830. VrfErrorResourceFormat(
  831. IDS_REGQUERYVALUEEX_UNEXP_TYPE,
  832. Name);
  833. return FALSE;
  834. }
  835. if (Size != sizeof *Value) {
  836. VrfErrorResourceFormat(
  837. IDS_REGQUERYVALUEEX_UNEXP_SIZE,
  838. Name);
  839. return FALSE;
  840. }
  841. return TRUE;
  842. }
  843. BOOL
  844. WriteRegistryValue (
  845. HKEY HKey,
  846. LPCTSTR Name,
  847. DWORD Value)
  848. {
  849. LONG Result;
  850. Result = RegSetValueEx (
  851. HKey,
  852. Name,
  853. 0,
  854. REG_DWORD,
  855. (LPBYTE)(&Value),
  856. sizeof Value);
  857. if (Result != ERROR_SUCCESS) {
  858. VrfErrorResourceFormat(
  859. IDS_REGSETVALUEEX_FAILED,
  860. Name,
  861. (DWORD)Result);
  862. return FALSE;
  863. }
  864. return TRUE;
  865. }
  866. BOOL
  867. ReadMmString (
  868. HKEY MmKey,
  869. LPCTSTR Name,
  870. LPTSTR Buffer,
  871. DWORD BufferSize)
  872. {
  873. LONG Result;
  874. DWORD Reserved;
  875. DWORD Type;
  876. DWORD Size;
  877. //
  878. // default value
  879. //
  880. *Buffer = 0;
  881. Size = BufferSize;
  882. Result = RegQueryValueEx (
  883. MmKey,
  884. Name,
  885. 0,
  886. &Type,
  887. (LPBYTE)(Buffer),
  888. &Size);
  889. //
  890. // Deal with a value that is not defined.
  891. //
  892. if (Result == ERROR_FILE_NOT_FOUND) {
  893. *Buffer = 0;
  894. return TRUE;
  895. }
  896. if (Result != ERROR_SUCCESS) {
  897. VrfErrorResourceFormat(
  898. IDS_REGQUERYVALUEEX_FAILED,
  899. Name,
  900. (DWORD)Result);
  901. return FALSE;
  902. }
  903. if (Type != REG_SZ) {
  904. VrfErrorResourceFormat(
  905. IDS_REGQUERYVALUEEX_UNEXP_TYPE,
  906. Name);
  907. return FALSE;
  908. }
  909. return TRUE;
  910. }
  911. BOOL
  912. WriteMmString (
  913. HKEY MmKey,
  914. LPCTSTR Name,
  915. LPTSTR Value)
  916. {
  917. LONG Result;
  918. DWORD Reserved;
  919. DWORD Type;
  920. DWORD Size;
  921. Result = RegSetValueEx (
  922. MmKey,
  923. Name,
  924. 0,
  925. REG_SZ,
  926. (LPBYTE)(Value),
  927. (_tcslen (Value) + 1) * sizeof (TCHAR));
  928. if (Result != ERROR_SUCCESS) {
  929. VrfErrorResourceFormat(
  930. IDS_REGSETVALUEEX_FAILED,
  931. Name,
  932. (DWORD)Result);
  933. return FALSE;
  934. }
  935. return TRUE;
  936. }
  937. //////////////////////////////////////////////////////////////////////
  938. BOOL
  939. SetSysIoVerifierSettings(
  940. ULONG SysIoVerifierLevel )
  941. {
  942. HKEY IoKey = NULL;
  943. HKEY SmKey = NULL;
  944. BOOL IoKeyOpened;
  945. LONG Result;
  946. BOOL bSuccess;
  947. bSuccess = TRUE;
  948. //
  949. // Open the "I/O System" key
  950. //
  951. IoKeyOpened = FALSE;
  952. Result = RegOpenKeyEx (
  953. HKEY_LOCAL_MACHINE,
  954. RegIOVerifyKeyName,
  955. 0,
  956. KEY_QUERY_VALUE | KEY_WRITE,
  957. &IoKey);
  958. if( Result != ERROR_SUCCESS ) {
  959. if( Result == ERROR_FILE_NOT_FOUND ) {
  960. if( SysIoVerifierLevel != 0 ) {
  961. //
  962. // the IO key doesn't exist, try to create it
  963. //
  964. //
  965. // open the "Session Manager" key
  966. //
  967. Result = RegOpenKeyEx (
  968. HKEY_LOCAL_MACHINE,
  969. RegSessionManagerKeyName,
  970. 0,
  971. KEY_QUERY_VALUE | KEY_WRITE,
  972. &SmKey);
  973. if( Result != ERROR_SUCCESS ) {
  974. VrfErrorResourceFormat(
  975. IDS_REGOPENKEYEX_FAILED,
  976. RegSessionManagerKeyName,
  977. (DWORD)Result);
  978. return FALSE;
  979. }
  980. //
  981. // create the IO key
  982. //
  983. Result = RegCreateKeyEx(
  984. SmKey,
  985. RegIOVerifySubKeyName,
  986. 0,
  987. NULL,
  988. REG_OPTION_NON_VOLATILE,
  989. KEY_WRITE | KEY_QUERY_VALUE,
  990. NULL,
  991. &IoKey,
  992. NULL );
  993. if( Result != ERROR_SUCCESS ) {
  994. VrfErrorResourceFormat(
  995. IDS_REGCREATEKEYEX_FAILED,
  996. RegIOVerifyKeyName,
  997. (DWORD)Result);
  998. RegCloseKey (SmKey);
  999. return FALSE;
  1000. }
  1001. //
  1002. // IO key creation successful
  1003. //
  1004. RegCloseKey (SmKey);
  1005. IoKeyOpened = TRUE;
  1006. }
  1007. //
  1008. // else ( SysIoVerifierLevel == 0 )
  1009. // don't need to create the IO key
  1010. //
  1011. }
  1012. else {
  1013. if( Result == ERROR_ACCESS_DENIED ) {
  1014. //
  1015. // access is denied
  1016. //
  1017. VrfErrorResourceFormat(
  1018. IDS_ACCESS_IS_DENIED );
  1019. }
  1020. else {
  1021. //
  1022. // other error opening the IO key
  1023. //
  1024. VrfErrorResourceFormat(
  1025. IDS_REGOPENKEYEX_FAILED,
  1026. RegIOVerifyKeyName,
  1027. (DWORD)Result);
  1028. }
  1029. return FALSE;
  1030. }
  1031. }
  1032. else {
  1033. IoKeyOpened = TRUE;
  1034. }
  1035. if( SysIoVerifierLevel != 0 ) {
  1036. ASSERT( IoKeyOpened == TRUE );
  1037. //
  1038. // set the key
  1039. //
  1040. bSuccess = WriteRegistryValue(
  1041. IoKey,
  1042. RegIOVerifyLevelValueName,
  1043. SYS_IO_VERIFIER_BASE_VALUE + SysIoVerifierLevel );
  1044. RegCloseKey (IoKey);
  1045. }
  1046. else {
  1047. if( IoKeyOpened == TRUE ) {
  1048. //
  1049. // the IO key exists, delete the value
  1050. //
  1051. Result = RegDeleteValue (IoKey, RegIOVerifyLevelValueName);
  1052. if (Result != ERROR_SUCCESS && Result != ERROR_FILE_NOT_FOUND) {
  1053. VrfErrorResourceFormat(
  1054. IDS_REGDELETEVALUE_FAILED,
  1055. RegIOVerifyLevelValueName,
  1056. (DWORD)Result);
  1057. bSuccess = FALSE;
  1058. }
  1059. RegCloseKey (IoKey);
  1060. }
  1061. }
  1062. return bSuccess;
  1063. }
  1064. //////////////////////////////////////////////////////////////////////
  1065. //////////////////////////////////////////////////// Driver Management
  1066. //////////////////////////////////////////////////////////////////////
  1067. //
  1068. // Function:
  1069. //
  1070. // GetActiveDriversList
  1071. //
  1072. // Description:
  1073. //
  1074. // This function determines all the drivers that are currently
  1075. // loaded in the system. It will fill the 'DriverInfo' vector
  1076. // with the drivers' names.
  1077. //
  1078. // Return:
  1079. //
  1080. // The number of drivers detected whose names are written in
  1081. // the 'DriverInfo' vector.
  1082. //
  1083. ULONG
  1084. GetActiveDriversList (
  1085. PVRF_DRIVER_STATE DriverInfo,
  1086. ULONG MaxNumberOfDrivers)
  1087. {
  1088. LPTSTR Buffer;
  1089. ULONG BufferSize;
  1090. NTSTATUS Status;
  1091. PRTL_PROCESS_MODULES Modules;
  1092. ULONG Index;
  1093. ULONG DriverIndex;
  1094. BOOL bResult;
  1095. TCHAR TcharBuffer [MAX_PATH];
  1096. for (BufferSize = 0x10000; TRUE; BufferSize += 0x1000) {
  1097. Buffer = (LPTSTR) malloc (BufferSize);
  1098. if (Buffer == NULL) {
  1099. return 0;
  1100. }
  1101. Status = NtQuerySystemInformation (
  1102. SystemModuleInformation,
  1103. (PVOID)Buffer,
  1104. BufferSize,
  1105. NULL);
  1106. if (! NT_SUCCESS(Status)) {
  1107. if (Status == STATUS_INFO_LENGTH_MISMATCH) {
  1108. free( Buffer );
  1109. continue;
  1110. }
  1111. else {
  1112. VrfErrorResourceFormat(
  1113. IDS_CANT_GET_ACTIVE_DRVLIST,
  1114. Status);
  1115. free (Buffer);
  1116. return 0;
  1117. }
  1118. }
  1119. else {
  1120. break;
  1121. }
  1122. }
  1123. Modules = (PRTL_PROCESS_MODULES)Buffer;
  1124. for ( Index = 0, DriverIndex = 0;
  1125. Index < Modules->NumberOfModules && DriverIndex < MaxNumberOfDrivers;
  1126. Index++ )
  1127. {
  1128. TCHAR *First, *Last, *Current;
  1129. //
  1130. // Get to work in processing the full path driver.
  1131. //
  1132. ConvertAnsiStringToTcharString (
  1133. Modules->Modules[Index].FullPathName,
  1134. strlen( (const char *)(Modules->Modules[Index].FullPathName) ),
  1135. TcharBuffer,
  1136. ARRAY_LENGTH( TcharBuffer ) - 1 );
  1137. First = TcharBuffer;
  1138. Last = First + _tcslen (TcharBuffer);
  1139. //
  1140. // Filter modules not ending in ".sys"
  1141. //
  1142. if (Last - 4 <= First || _tcsicmp (Last - 4, TEXT(".sys")) != 0)
  1143. continue;
  1144. //
  1145. // Extract the file name from the full path name
  1146. //
  1147. for (Current = Last; Current >= First; Current--) {
  1148. if (*Current == TEXT('\\')) {
  1149. break;
  1150. }
  1151. }
  1152. ZeroMemory (&(DriverInfo[DriverIndex]), sizeof (DriverInfo[DriverIndex]));
  1153. _tcsncpy ((DriverInfo[DriverIndex].Name), Current + 1, 30);
  1154. bResult = VrfGetVersionInfo(
  1155. DriverInfo[DriverIndex].Name,
  1156. DriverInfo[DriverIndex].Provider,
  1157. ARRAY_LENGTH( DriverInfo[DriverIndex].Provider ),
  1158. DriverInfo[DriverIndex].Version,
  1159. ARRAY_LENGTH( DriverInfo[DriverIndex].Version ) );
  1160. if( bResult != TRUE )
  1161. {
  1162. //
  1163. // defaults
  1164. //
  1165. bResult = GetStringFromResources(
  1166. IDS_NOT_AVAILABLE,
  1167. DriverInfo[DriverIndex].Provider,
  1168. ARRAY_LENGTH( DriverInfo[DriverIndex].Provider ) );
  1169. if( bResult != TRUE )
  1170. {
  1171. ASSERT( FALSE );
  1172. DriverInfo[DriverIndex].Provider[ 0 ] = 0;
  1173. }
  1174. bResult = GetStringFromResources(
  1175. IDS_NOT_AVAILABLE,
  1176. DriverInfo[DriverIndex].Version,
  1177. ARRAY_LENGTH( DriverInfo[DriverIndex].Version ) );
  1178. if( bResult != TRUE )
  1179. {
  1180. ASSERT( FALSE );
  1181. DriverInfo[DriverIndex].Version[ 0 ] = 0;
  1182. }
  1183. }
  1184. DriverIndex++;
  1185. }
  1186. free (Buffer);
  1187. return DriverIndex;
  1188. }
  1189. //
  1190. // Function:
  1191. //
  1192. // SetVerifiedDriversFromNamesString
  1193. //
  1194. // Description:
  1195. //
  1196. // This function parses the string containing all the
  1197. // verified drivers as it was read from the registry,
  1198. // marks corresponding entries in the DriverInfo array
  1199. // as verified and adds the rest of the driver names to
  1200. // AdditionalDriverNames.
  1201. //
  1202. BOOL
  1203. SetVerifiedDriversFromNamesString (
  1204. PVRF_VERIFIER_STATE VrfState )
  1205. {
  1206. ULONG Index;
  1207. LPTSTR First, Last, Current, End;
  1208. TCHAR Save;
  1209. //
  1210. // Sanity checks
  1211. //
  1212. if ( VrfState == NULL ) {
  1213. return FALSE;
  1214. }
  1215. VrfState->AdditionalDriverNames[0] = 0;
  1216. First = VrfState->DriverNames;
  1217. Last = First + _tcslen (VrfState->DriverNames);
  1218. for (Current = First; Current < Last; Current++) {
  1219. if (*Current == TEXT(' ')
  1220. || *Current == TEXT('\t')
  1221. || *Current == TEXT('\n')) {
  1222. continue;
  1223. }
  1224. //
  1225. // Search for a driver name.
  1226. //
  1227. for (End = Current;
  1228. *End != 0 && *End != TEXT(' ') && *End != TEXT('\n') && *End != TEXT('\t');
  1229. End++) {
  1230. // nothing
  1231. }
  1232. Save = *End;
  1233. *End = 0;
  1234. //
  1235. // Search for the found driver in the VrfState->DriverInfo vector.
  1236. //
  1237. for (Index = 0; Index < VrfState->DriverCount; Index++) {
  1238. if (_tcsicmp (VrfState->DriverInfo[Index].Name, Current) == 0) {
  1239. VrfState->DriverInfo[Index].Verified = TRUE;
  1240. break;
  1241. }
  1242. }
  1243. //
  1244. // Add the driver to the string with unloaded drivers if this is
  1245. // not in the list.
  1246. //
  1247. if (Index == VrfState->DriverCount) {
  1248. if( _tcslen( VrfState->AdditionalDriverNames ) + _tcslen( Current ) >= ARRAY_LENGTH( VrfState->AdditionalDriverNames ) )
  1249. {
  1250. //
  1251. // Cannot strcat to AdditionalDriverNames, overflow
  1252. //
  1253. return FALSE;
  1254. }
  1255. _tcscat (VrfState->AdditionalDriverNames, Current);
  1256. _tcscat (VrfState->AdditionalDriverNames, TEXT(" "));
  1257. }
  1258. //
  1259. // Restore written character and resume search for the next driver.
  1260. //
  1261. *End = Save;
  1262. Current = End;
  1263. }
  1264. //
  1265. // Now we have to mark miniports as checked in case we get something
  1266. // from the registry string that links against a miniport.
  1267. //
  1268. for (Index = 0; Index < VrfState->DriverCount; Index++) {
  1269. if (VrfState->DriverInfo[Index].Verified == TRUE) {
  1270. VrfNotifyDriverSelection (VrfState, Index);
  1271. }
  1272. }
  1273. //
  1274. // The same check should happen for drivers that appear
  1275. // in the AdditionalDriverNames buffer. These are drivers
  1276. // that are not loaded right now but they still need the miniport
  1277. // check.
  1278. //
  1279. First = VrfState->AdditionalDriverNames;
  1280. Last = First + _tcslen (VrfState->AdditionalDriverNames);
  1281. for (Current = First; Current < Last; Current++) {
  1282. if (*Current == TEXT(' ') || *Current == TEXT('\t') || *Current == TEXT('\n')) {
  1283. continue;
  1284. }
  1285. //
  1286. // Search for a driver name.
  1287. //
  1288. for (End = Current;
  1289. *End != 0 && *End != TEXT(' ') && *End != TEXT('\n') && *End != TEXT('\t');
  1290. End++) {
  1291. // nothing
  1292. }
  1293. Save = *End;
  1294. *End = 0;
  1295. //
  1296. // Find out if there is a miniport linked against this driver.
  1297. //
  1298. {
  1299. LPCTSTR Miniport;
  1300. ULONG FoundIndex;
  1301. VRF_DRIVER_LOAD_STATUS LoadStatus;
  1302. Miniport = IsMiniportDriver (Current, LoadStatus);
  1303. if (Miniport != NULL) {
  1304. if (VrfSearchVerifierDriver (VrfState, Miniport, FoundIndex)) {
  1305. VrfState->DriverInfo[FoundIndex].Verified = TRUE;
  1306. }
  1307. }
  1308. }
  1309. //
  1310. // Restore written character and resume search for the next driver.
  1311. //
  1312. *End = Save;
  1313. Current = End;
  1314. }
  1315. //
  1316. // Finally return
  1317. //
  1318. return TRUE;
  1319. }
  1320. //
  1321. // Function:
  1322. //
  1323. // GetVerifiedDriversToString
  1324. //
  1325. // Description:
  1326. //
  1327. // This function gets the state of settings as they are kept
  1328. // in VrfState->DriverInfo and VrfState->AdditionalDriverNames and
  1329. // fills VrfState->DriverNames with driver names without duplicates.
  1330. //
  1331. BOOL
  1332. GetVerifiedDriversToString (
  1333. PVRF_VERIFIER_STATE VrfState )
  1334. {
  1335. ULONG Index;
  1336. LPTSTR First, Last, Current;
  1337. ULONG NameLength;
  1338. TCHAR *Buffer;
  1339. //
  1340. // Sanity checks
  1341. //
  1342. if (VrfState == NULL) {
  1343. return FALSE;
  1344. }
  1345. Buffer = VrfState->DriverNames;
  1346. First = Buffer;
  1347. Last = First + ARRAY_LENGTH( VrfState->DriverNames );
  1348. Current = First;
  1349. *Current = 0;
  1350. for (Index = 0; Index < VrfState->DriverCount; Index++) {
  1351. if ( VrfState->DriverInfo[Index].Verified ) {
  1352. NameLength = _tcslen (VrfState->DriverInfo[Index].Name);
  1353. if (Current + NameLength + 2 >= Last) {
  1354. //
  1355. // Buffer overflow
  1356. //
  1357. return FALSE;
  1358. }
  1359. _tcscpy (Current, VrfState->DriverInfo[Index].Name);
  1360. Current += NameLength;
  1361. *Current++ = TEXT(' ');
  1362. *Current = 0;
  1363. }
  1364. }
  1365. //
  1366. // Copy the additional drivers at the end of the driver string
  1367. // and avoid duplicates.
  1368. //
  1369. {
  1370. LPTSTR FirstAddtl, CurrentAddtl, LastAddtl, EndAddtl;
  1371. TCHAR SaveAddtl;
  1372. _tcslwr (Buffer);
  1373. _tcslwr (VrfState->AdditionalDriverNames);
  1374. FirstAddtl = VrfState->AdditionalDriverNames;
  1375. LastAddtl = FirstAddtl + _tcslen (VrfState->AdditionalDriverNames);
  1376. for (CurrentAddtl = FirstAddtl; CurrentAddtl < LastAddtl; CurrentAddtl++) {
  1377. if (*CurrentAddtl == TEXT(' ') || *CurrentAddtl == TEXT('\t') || *CurrentAddtl == TEXT('\n')) {
  1378. continue;
  1379. }
  1380. //
  1381. // Search for a driver name.
  1382. //
  1383. for (EndAddtl = CurrentAddtl;
  1384. *EndAddtl != TEXT('\0') && *EndAddtl != TEXT(' ') && *EndAddtl != TEXT('\n') && *EndAddtl != TEXT('\t');
  1385. EndAddtl++) {
  1386. // nothing
  1387. }
  1388. SaveAddtl = *EndAddtl;
  1389. *EndAddtl = 0;
  1390. if (_tcsstr (Buffer, CurrentAddtl) == NULL) {
  1391. _tcscat (Buffer, TEXT(" "));
  1392. _tcscat (Buffer, CurrentAddtl);
  1393. //
  1394. // Figure out if we need to add a miniport to the checked
  1395. // drivers string.
  1396. //
  1397. {
  1398. LPCTSTR MiniportName;
  1399. VRF_DRIVER_LOAD_STATUS LoadStatus;
  1400. MiniportName = IsMiniportDriver (CurrentAddtl, LoadStatus);
  1401. if (MiniportName == NULL && LoadStatus != VRF_DRIVER_LOAD_SUCCESS) {
  1402. switch (LoadStatus) {
  1403. case VRF_DRIVER_LOAD_SUCCESS:
  1404. break;
  1405. case VRF_DRIVER_LOAD_CANNOT_FIND_IMAGE:
  1406. VrfErrorResourceFormat(
  1407. IDS_CANT_FIND_IMAGE,
  1408. CurrentAddtl);
  1409. break;
  1410. case VRF_DRIVER_LOAD_INVALID_IMAGE:
  1411. VrfErrorResourceFormat(
  1412. IDS_INVALID_IMAGE,
  1413. CurrentAddtl);
  1414. break;
  1415. default:
  1416. ASSERT ( FALSE );
  1417. break;
  1418. }
  1419. }
  1420. else if (MiniportName != NULL && _tcsstr (Buffer, MiniportName) == NULL) {
  1421. _tcscat (Buffer, TEXT(" "));
  1422. _tcscat (Buffer, MiniportName);
  1423. }
  1424. }
  1425. }
  1426. //
  1427. // Restore written character and resume search for the next driver.
  1428. //
  1429. *EndAddtl = SaveAddtl;
  1430. CurrentAddtl = EndAddtl;
  1431. }
  1432. }
  1433. //
  1434. // Finish
  1435. //
  1436. return TRUE;
  1437. }
  1438. BOOL
  1439. SetAllDriversStatus (
  1440. PVRF_VERIFIER_STATE VrfState,
  1441. BOOL Verified)
  1442. {
  1443. ULONG Index;
  1444. for (Index = 0; Index < VrfState->DriverCount; Index++) {
  1445. VrfState->DriverInfo[Index].Verified = Verified;
  1446. }
  1447. return TRUE;
  1448. }
  1449. //////////////////////////////////////////////////////////////////////
  1450. //////////////////////////////////////// Driver selection notification
  1451. //////////////////////////////////////////////////////////////////////
  1452. LPTSTR Miniport [] = {
  1453. TEXT ("videoprt.sys"),
  1454. TEXT ("scsiport.sys"),
  1455. NULL
  1456. };
  1457. LPCTSTR
  1458. IsMiniportDriver (
  1459. LPCTSTR DriverName,
  1460. VRF_DRIVER_LOAD_STATUS &ErrorCode)
  1461. {
  1462. IMAGE_BROWSE_INFO Info;
  1463. TCHAR DriverPath [MAX_PATH];
  1464. ULONG Index;
  1465. BOOL TryAgain = FALSE;
  1466. ErrorCode = VRF_DRIVER_LOAD_SUCCESS;
  1467. //
  1468. // Search for the driver image.
  1469. //
  1470. if (ImgSearchDriverImage (DriverName, DriverPath, ARRAY_LENGTH( DriverPath ) ) == FALSE) {
  1471. ErrorCode = VRF_DRIVER_LOAD_CANNOT_FIND_IMAGE;
  1472. return NULL;
  1473. }
  1474. //
  1475. // Parse the image
  1476. //
  1477. if (ImgInitializeBrowseInfo (DriverPath, &Info) == FALSE) {
  1478. ImgDeleteBrowseInfo (& Info);
  1479. ErrorCode = VRF_DRIVER_LOAD_INVALID_IMAGE;
  1480. return NULL;
  1481. }
  1482. //
  1483. // Iterate import modules
  1484. //
  1485. {
  1486. PIMAGE_IMPORT_DESCRIPTOR CurrentDescriptor;
  1487. CurrentDescriptor = Info.ImportDescriptor;
  1488. while (CurrentDescriptor->Characteristics) {
  1489. for (Index = 0; Miniport[Index]; Index++) {
  1490. //
  1491. // We need to apply an address correction to the descriptor name
  1492. // because the address in an RVA for the loaded image not for the
  1493. // file layout.
  1494. //
  1495. {
  1496. TCHAR NameBuffer [MAX_PATH];
  1497. ConvertAnsiStringToTcharString (
  1498. (LPBYTE)(CurrentDescriptor->Name + Info.AddressCorrection),
  1499. strlen( (const char *)( CurrentDescriptor->Name + Info.AddressCorrection ) ),
  1500. NameBuffer,
  1501. ARRAY_LENGTH( NameBuffer ) - 1 );
  1502. if (_tcsicmp (NameBuffer, Miniport[Index]) == 0) {
  1503. ImgDeleteBrowseInfo (& Info);
  1504. return Miniport[Index];
  1505. }
  1506. }
  1507. }
  1508. CurrentDescriptor++;
  1509. }
  1510. }
  1511. ImgDeleteBrowseInfo (& Info);
  1512. return NULL;
  1513. }
  1514. //
  1515. // Function:
  1516. //
  1517. // VrfNotifyDriverSelection
  1518. //
  1519. // Description:
  1520. //
  1521. // This function is called from GUI part when a driver is
  1522. // selected. In case the driver is linked against a miniport
  1523. // driver we have to automatically add to the verified
  1524. // drivers list the specific miniport.
  1525. //
  1526. // Return:
  1527. //
  1528. // TRUE if an additional driver has been marked selected
  1529. // due to indirect linking. FALSE if no change has been
  1530. // made.
  1531. //
  1532. BOOL
  1533. VrfNotifyDriverSelection (
  1534. PVRF_VERIFIER_STATE VerifierState,
  1535. ULONG Index)
  1536. {
  1537. LPCTSTR MiniportName;
  1538. ULONG FoundIndex;
  1539. VRF_DRIVER_LOAD_STATUS LoadStatus;
  1540. //
  1541. // Sanity checks
  1542. //
  1543. if ( Index >= VerifierState->DriverCount ) {
  1544. return FALSE;
  1545. }
  1546. //
  1547. // If this is a driver that links against a miniport as
  1548. // opposed to ntoskrnl we should add the miniport to the
  1549. // verified list.
  1550. //
  1551. try {
  1552. MiniportName = IsMiniportDriver (
  1553. VerifierState->DriverInfo[Index].Name,
  1554. LoadStatus);
  1555. switch (LoadStatus) {
  1556. case VRF_DRIVER_LOAD_SUCCESS:
  1557. break;
  1558. case VRF_DRIVER_LOAD_CANNOT_FIND_IMAGE:
  1559. VrfErrorResourceFormat(
  1560. IDS_CANT_FIND_IMAGE,
  1561. VerifierState->DriverInfo[Index].Name);
  1562. break;
  1563. case VRF_DRIVER_LOAD_INVALID_IMAGE:
  1564. VrfErrorResourceFormat(
  1565. IDS_INVALID_IMAGE,
  1566. VerifierState->DriverInfo[Index].Name);
  1567. break;
  1568. default:
  1569. ASSERT ( FALSE );
  1570. break;
  1571. }
  1572. } catch (...) {
  1573. //
  1574. // Protect against a blunder in the image parsing code
  1575. //
  1576. VrfErrorResourceFormat(
  1577. IDS_INVALID_IMAGE,
  1578. VerifierState->DriverInfo[Index].Name);
  1579. return FALSE;
  1580. }
  1581. if (MiniportName != NULL) {
  1582. if (VrfSearchVerifierDriver (VerifierState, MiniportName, FoundIndex) == FALSE) {
  1583. return FALSE;
  1584. }
  1585. VerifierState->DriverInfo[FoundIndex].Verified = TRUE;
  1586. return TRUE;
  1587. }
  1588. return FALSE;
  1589. }
  1590. //////////////////////////////////////////////////////////////////////
  1591. BOOL
  1592. VrfGetVersionInfo(
  1593. LPTSTR lptstrFileName,
  1594. LPTSTR lptstrCompany,
  1595. int nCompanyBufferLength,
  1596. LPTSTR lptstrVersion,
  1597. int nVersionBufferLength )
  1598. {
  1599. DWORD dwWholeBlockSize;
  1600. DWORD dwDummyHandle;
  1601. UINT uInfoLengthInTChars;
  1602. LPVOID lpWholeVerBlock;
  1603. LPVOID lpTranslationInfoBuffer;
  1604. LPVOID lpVersionString;
  1605. LPVOID lpCompanyString;
  1606. BOOL bResult;
  1607. TCHAR strLocale[ 32 ];
  1608. TCHAR strBlockName[ 64 ];
  1609. TCHAR strDriverPath[ MAX_PATH ];
  1610. //
  1611. // sanity checks
  1612. //
  1613. if( lptstrFileName == NULL ||
  1614. lptstrCompany == NULL || nCompanyBufferLength <= 0 ||
  1615. lptstrVersion == NULL || nVersionBufferLength <= 0 )
  1616. {
  1617. ASSERT( FALSE );
  1618. return FALSE;
  1619. }
  1620. //
  1621. // get the full driver path
  1622. //
  1623. bResult = ImgSearchDriverImage(
  1624. lptstrFileName,
  1625. strDriverPath,
  1626. ARRAY_LENGTH( strDriverPath ) );
  1627. if( bResult != TRUE )
  1628. {
  1629. return FALSE;
  1630. }
  1631. //
  1632. // get the size of the file info block
  1633. //
  1634. dwWholeBlockSize = GetFileVersionInfoSize(
  1635. strDriverPath,
  1636. &dwDummyHandle );
  1637. if( dwWholeBlockSize == 0 )
  1638. {
  1639. return FALSE;
  1640. }
  1641. //
  1642. // allocate the buffer for the version information
  1643. //
  1644. lpWholeVerBlock = malloc( dwWholeBlockSize );
  1645. if( lpWholeVerBlock == NULL )
  1646. {
  1647. return FALSE;
  1648. }
  1649. //
  1650. // get the version information
  1651. //
  1652. bResult = GetFileVersionInfo(
  1653. strDriverPath,
  1654. dwDummyHandle,
  1655. dwWholeBlockSize,
  1656. lpWholeVerBlock );
  1657. if( bResult != TRUE )
  1658. {
  1659. free( lpWholeVerBlock );
  1660. return FALSE;
  1661. }
  1662. //
  1663. // get the locale info
  1664. //
  1665. bResult = VerQueryValue(
  1666. lpWholeVerBlock,
  1667. _T( "\\VarFileInfo\\Translation" ),
  1668. &lpTranslationInfoBuffer,
  1669. &uInfoLengthInTChars );
  1670. if( bResult != TRUE || lpTranslationInfoBuffer == NULL )
  1671. {
  1672. free( lpWholeVerBlock );
  1673. return FALSE;
  1674. }
  1675. //
  1676. // Locale info comes back as two little endian words.
  1677. // Flip 'em, 'cause we need them big endian for our calls.
  1678. //
  1679. _stprintf(
  1680. strLocale,
  1681. _T( "%02X%02X%02X%02X" ),
  1682. HIBYTE( LOWORD ( * (LPDWORD) lpTranslationInfoBuffer) ),
  1683. LOBYTE( LOWORD ( * (LPDWORD) lpTranslationInfoBuffer) ),
  1684. HIBYTE( HIWORD ( * (LPDWORD) lpTranslationInfoBuffer) ),
  1685. LOBYTE( HIWORD ( * (LPDWORD) lpTranslationInfoBuffer) ) );
  1686. //
  1687. // get the file version
  1688. //
  1689. _stprintf(
  1690. strBlockName,
  1691. _T( "\\StringFileInfo\\%s\\FileVersion" ),
  1692. strLocale );
  1693. bResult = VerQueryValue(
  1694. lpWholeVerBlock,
  1695. strBlockName,
  1696. &lpVersionString,
  1697. &uInfoLengthInTChars );
  1698. if( bResult != TRUE )
  1699. {
  1700. free( lpWholeVerBlock );
  1701. return FALSE;
  1702. }
  1703. if( uInfoLengthInTChars > (UINT)nVersionBufferLength )
  1704. {
  1705. uInfoLengthInTChars = (UINT)nVersionBufferLength;
  1706. }
  1707. if( uInfoLengthInTChars == 0 )
  1708. {
  1709. *lptstrVersion = 0;
  1710. }
  1711. else
  1712. {
  1713. MoveMemory(
  1714. lptstrVersion,
  1715. lpVersionString,
  1716. uInfoLengthInTChars * sizeof( TCHAR ) );
  1717. //
  1718. // we need to zero terminate the string for above case
  1719. // uInfoLengthInTChars > (UINT)nVersionBufferLength
  1720. //
  1721. lptstrVersion[ uInfoLengthInTChars - 1 ] = 0;
  1722. }
  1723. //
  1724. // get the company name
  1725. //
  1726. _stprintf(
  1727. strBlockName,
  1728. _T( "\\StringFileInfo\\%s\\CompanyName" ),
  1729. strLocale );
  1730. bResult = VerQueryValue(
  1731. lpWholeVerBlock,
  1732. strBlockName,
  1733. &lpCompanyString,
  1734. &uInfoLengthInTChars );
  1735. if( bResult != TRUE )
  1736. {
  1737. free( lpWholeVerBlock );
  1738. return FALSE;
  1739. }
  1740. if( uInfoLengthInTChars > (UINT)nCompanyBufferLength )
  1741. {
  1742. uInfoLengthInTChars = (UINT)nCompanyBufferLength;
  1743. }
  1744. if( uInfoLengthInTChars == 0 )
  1745. {
  1746. *lptstrCompany = 0;
  1747. }
  1748. else
  1749. {
  1750. MoveMemory(
  1751. lptstrCompany,
  1752. lpCompanyString,
  1753. uInfoLengthInTChars * sizeof( TCHAR ) );
  1754. //
  1755. // we need to zero terminate the string for above case
  1756. // uInfoLengthInTChars > (UINT)nCompanyBufferLength
  1757. //
  1758. lptstrCompany[ uInfoLengthInTChars - 1 ] = 0;
  1759. }
  1760. //
  1761. // clean-up
  1762. //
  1763. free( lpWholeVerBlock );
  1764. return TRUE;
  1765. }
  1766. //////////////////////////////////////////////////////////////////////
  1767. //////////////////////////////////////////////////// String conversion
  1768. //////////////////////////////////////////////////////////////////////
  1769. //
  1770. // Function:
  1771. //
  1772. // ConvertAnsiStringToTcharString
  1773. //
  1774. // Description:
  1775. //
  1776. // This function converts an ANSI string to a TCHAR string,
  1777. // that is ANSO or UNICODE.
  1778. //
  1779. // The function is needed because the system returns the active
  1780. // modules as ANSI strings.
  1781. //
  1782. BOOL
  1783. ConvertAnsiStringToTcharString (
  1784. LPBYTE Source,
  1785. ULONG SourceLength,
  1786. LPTSTR Destination,
  1787. ULONG DestinationLength)
  1788. {
  1789. int nCharsConverted;
  1790. int nBytesToTranslate;
  1791. nBytesToTranslate = (int)( (SourceLength < DestinationLength) ? SourceLength : DestinationLength ) * sizeof( char );
  1792. nCharsConverted = MultiByteToWideChar(
  1793. CP_ACP,
  1794. MB_ERR_INVALID_CHARS,
  1795. (LPCSTR)Source,
  1796. nBytesToTranslate,
  1797. Destination,
  1798. DestinationLength );
  1799. ASSERT( nBytesToTranslate == nCharsConverted );
  1800. if( nCharsConverted > 0 )
  1801. {
  1802. Destination[ nCharsConverted ] = 0;
  1803. CharLower( Destination );
  1804. }
  1805. return TRUE;
  1806. }
  1807. //////////////////////////////////////////////////////////////////////
  1808. ////////////////////////////////////////////// Command-line processing
  1809. //////////////////////////////////////////////////////////////////////
  1810. BOOL
  1811. VrfDumpStateToFile(
  1812. FILE *file,
  1813. BOOL bConvertToOEM
  1814. )
  1815. {
  1816. static KRN_VERIFIER_STATE KrnState;
  1817. UINT Index;
  1818. SYSTEMTIME SystemTime;
  1819. TCHAR strLocalTime[ 64 ];
  1820. TCHAR strLocalDate[ 64 ];
  1821. if( file == NULL )
  1822. return FALSE;
  1823. //
  1824. // output the date&time in the current user format
  1825. //
  1826. GetLocalTime( &SystemTime );
  1827. if( GetDateFormat(
  1828. LOCALE_USER_DEFAULT,
  1829. 0,
  1830. &SystemTime,
  1831. NULL,
  1832. strLocalDate,
  1833. ARRAY_LENGTH( strLocalDate ) ) )
  1834. {
  1835. VrfFTPrintf(
  1836. bConvertToOEM,
  1837. file,
  1838. _T( "%s, " ),
  1839. strLocalDate );
  1840. }
  1841. else
  1842. {
  1843. ASSERT( FALSE );
  1844. }
  1845. if( GetTimeFormat(
  1846. LOCALE_USER_DEFAULT,
  1847. 0,
  1848. &SystemTime,
  1849. NULL,
  1850. strLocalTime,
  1851. ARRAY_LENGTH( strLocalTime ) ) )
  1852. {
  1853. VrfFTPrintf(
  1854. bConvertToOEM,
  1855. file,
  1856. _T( "%s\n" ),
  1857. strLocalTime);
  1858. }
  1859. else
  1860. {
  1861. ASSERT( FALSE );
  1862. VrfFTPrintf(
  1863. bConvertToOEM,
  1864. file,
  1865. _T( "\n" ) );
  1866. }
  1867. //
  1868. // get the current verifier statistics
  1869. //
  1870. if (KrnGetSystemVerifierState (& KrnState) == FALSE) {
  1871. VrfOuputStringFromResources(
  1872. IDS_CANTGET_VERIF_STATE,
  1873. bConvertToOEM,
  1874. file );
  1875. return FALSE;
  1876. }
  1877. if (KrnState.DriverCount == 0) {
  1878. //
  1879. // no statistics to dump
  1880. //
  1881. return VrfOuputStringFromResources(
  1882. IDS_NO_DRIVER_VERIFIED,
  1883. bConvertToOEM,
  1884. file );
  1885. }
  1886. else {
  1887. //
  1888. // dump the counters
  1889. //
  1890. //
  1891. // global counters
  1892. //
  1893. if( ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_LEVEL, KrnState.Level ) ) ||
  1894. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_RAISEIRQLS, KrnState.RaiseIrqls ) ) ||
  1895. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ACQUIRESPINLOCKS, KrnState.AcquireSpinLocks ) ) ||
  1896. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_SYNCHRONIZEEXECUTIONS, KrnState.SynchronizeExecutions) ) ||
  1897. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSATTEMPTED, KrnState.AllocationsAttempted) ) ||
  1898. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSSUCCEEDED, KrnState.AllocationsSucceeded) ) ||
  1899. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSSUCCEEDEDSPECIALPOOL, KrnState.AllocationsSucceededSpecialPool) ) ||
  1900. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSWITHNOTAG, KrnState.AllocationsWithNoTag) ) ||
  1901. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSFAILED, KrnState.AllocationsFailed) ) ||
  1902. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_ALLOCATIONSFAILEDDELIBERATELY, KrnState.AllocationsFailedDeliberately) ) ||
  1903. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_TRIMS, KrnState.Trims) ) ||
  1904. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_UNTRACKEDPOOL, KrnState.UnTrackedPool) ) )
  1905. {
  1906. return FALSE;
  1907. }
  1908. //
  1909. // per driver counters
  1910. //
  1911. if( ! VrfOuputStringFromResources(
  1912. IDS_THE_VERIFIED_DRIVERS,
  1913. bConvertToOEM,
  1914. file ) )
  1915. {
  1916. return FALSE;
  1917. }
  1918. for ( Index = 0; Index < KrnState.DriverCount; Index++) {
  1919. VrfFTPrintf(
  1920. bConvertToOEM,
  1921. file,
  1922. _T( "\n" ) );
  1923. if( VrfFTPrintfResourceFormat(
  1924. bConvertToOEM,
  1925. file,
  1926. IDS_NAME_LOADS_UNLOADS,
  1927. KrnState.DriverInfo[Index].Name,
  1928. KrnState.DriverInfo[Index].Loads,
  1929. KrnState.DriverInfo[Index].Unloads) == FALSE )
  1930. {
  1931. return FALSE;
  1932. }
  1933. //
  1934. // pool statistics
  1935. //
  1936. if( ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_CURRENTPAGEDPOOLALLOCATIONS, KrnState.DriverInfo[Index].CurrentPagedPoolAllocations) ) ||
  1937. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_CURRENTNONPAGEDPOOLALLOCATIONS, KrnState.DriverInfo[Index].CurrentNonPagedPoolAllocations) ) ||
  1938. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_PEAKPAGEDPOOLALLOCATIONS, KrnState.DriverInfo[Index].PeakPagedPoolAllocations) ) ||
  1939. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_PEAKNONPAGEDPOOLALLOCATIONS, KrnState.DriverInfo[Index].PeakNonPagedPoolAllocations) ) ||
  1940. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_PAGEDPOOLUSAGEINBYTES, (ULONG) KrnState.DriverInfo[Index].PagedPoolUsageInBytes) ) ||
  1941. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_NONPAGEDPOOLUSAGEINBYTES, (ULONG) KrnState.DriverInfo[Index].NonPagedPoolUsageInBytes) ) ||
  1942. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_PEAKPAGEDPOOLUSAGEINBYTES, (ULONG) KrnState.DriverInfo[Index].PeakPagedPoolUsageInBytes) ) ||
  1943. ( ! VrfFTPrintfResourceFormat( bConvertToOEM, file, IDS_PEAKNONPAGEDPOOLUSAGEINBYTES, (ULONG) KrnState.DriverInfo[Index].PeakNonPagedPoolUsageInBytes) ) )
  1944. {
  1945. return FALSE;
  1946. }
  1947. }
  1948. }
  1949. return TRUE;
  1950. }
  1951. //////////////////////////////////////////////////////////////////////
  1952. void
  1953. PrintHelpInformation()
  1954. {
  1955. VrfTPrintfResourceFormat( IDS_HELP_LINE1, VER_PRODUCTVERSION_STR );
  1956. VrfPrintNarrowStringOEMFormat( VER_LEGALCOPYRIGHT_STR );
  1957. VrfPrintStringFromResources( IDS_HELP_LINE3 );
  1958. VrfPrintStringFromResources( IDS_HELP_LINE4 );
  1959. VrfPrintStringFromResources( IDS_HELP_LINE5 );
  1960. VrfPrintStringFromResources( IDS_HELP_LINE6 );
  1961. VrfPrintStringFromResources( IDS_HELP_LINE7 );
  1962. VrfPrintStringFromResources( IDS_HELP_LINE8 );
  1963. VrfPrintStringFromResources( IDS_HELP_LINE9 );
  1964. VrfPrintStringFromResources( IDS_HELP_LINE10 );
  1965. VrfPrintStringFromResources( IDS_HELP_LINE11 );
  1966. VrfPrintStringFromResources( IDS_HELP_LINE12 );
  1967. VrfPrintStringFromResources( IDS_HELP_LINE13 );
  1968. VrfPrintStringFromResources( IDS_HELP_LINE14 );
  1969. VrfPrintStringFromResources( IDS_HELP_LINE15 );
  1970. VrfPrintStringFromResources( IDS_HELP_LINE16 );
  1971. VrfPrintStringFromResources( IDS_HELP_LINE17 );
  1972. VrfPrintStringFromResources( IDS_HELP_LINE18 );
  1973. VrfPrintStringFromResources( IDS_HELP_LINE19 );
  1974. VrfPrintStringFromResources( IDS_HELP_LINE20 );
  1975. VrfPrintStringFromResources( IDS_HELP_LINE21 );
  1976. VrfPrintStringFromResources( IDS_HELP_LINE22 );
  1977. VrfPrintStringFromResources( IDS_HELP_LINE23 );
  1978. VrfPrintStringFromResources( IDS_HELP_LINE24 );
  1979. VrfPrintStringFromResources( IDS_HELP_LINE25 );
  1980. VrfPrintStringFromResources( IDS_HELP_LINE26 );
  1981. VrfPrintStringFromResources( IDS_HELP_LINE27 );
  1982. VrfPrintStringFromResources( IDS_HELP_LINE28 );
  1983. VrfPrintStringFromResources( IDS_HELP_LINE29 );
  1984. VrfPrintStringFromResources( IDS_HELP_LINE30 );
  1985. VrfPrintStringFromResources( IDS_HELP_LINE31 );
  1986. }
  1987. //////////////////////////////////////////////////////////////////////
  1988. DWORD
  1989. VrfExecuteCommandLine (
  1990. int Count,
  1991. LPTSTR Args[])
  1992. {
  1993. static KRN_VERIFIER_STATE KrnState;
  1994. ULONG Flags;
  1995. ULONG IoLevel;
  1996. int Index;
  1997. UINT LoadStringResult;
  1998. VRF_DRIVER_LOAD_STATUS LoadStatus;
  1999. BOOL CreateLog;
  2000. LPTSTR LogFileName;
  2001. DWORD LogInterval;
  2002. FILE *file;
  2003. BOOL bFlagsSpecified = FALSE;
  2004. BOOL bIoLevelSpecified = FALSE;
  2005. BOOL bNamesSpecified = FALSE;
  2006. BOOL bVolatileSpecified = FALSE;
  2007. TCHAR strDriver[ 64 ];
  2008. DWORD nReturnValue;
  2009. NTSTATUS Status;
  2010. BOOL bResult;
  2011. BOOL bIoVerifierEnabled;
  2012. ULONG SysIoVerifierLevel;
  2013. TCHAR Names [4196];
  2014. TCHAR OldNames [4196];
  2015. TCHAR strCmdLineOption[ 128 ];
  2016. TCHAR WarningBuffer [256];
  2017. g_bCommandLineMode = TRUE;
  2018. nReturnValue = EXIT_CODE_SUCCESS;
  2019. ASSERT (Count != 0);
  2020. Flags = 1;
  2021. Names[0] = 0;
  2022. //
  2023. // Search for help
  2024. //
  2025. if( GetStringFromResources(
  2026. IDS_HELP_CMDLINE_SWITCH,
  2027. strCmdLineOption,
  2028. ARRAY_LENGTH( strCmdLineOption ) ) )
  2029. {
  2030. if (Count == 2 && _tcsicmp (Args[1], strCmdLineOption) == 0)
  2031. {
  2032. PrintHelpInformation();
  2033. return nReturnValue;
  2034. }
  2035. }
  2036. //
  2037. // Figure out if we are on a valid build for the
  2038. // driver verifier functionality.
  2039. //
  2040. if (g_OsVersion.dwMajorVersion < 5 || g_OsVersion.dwBuildNumber < 1954) {
  2041. //
  2042. // Right now we do not do anything if we do not have the right build.
  2043. //
  2044. VrfPrintStringFromResources( IDS_BUILD_WARN );
  2045. return nReturnValue;
  2046. }
  2047. //
  2048. // Search for /reset
  2049. //
  2050. if( GetStringFromResources(
  2051. IDS_RESET_CMDLINE_SWITCH,
  2052. strCmdLineOption,
  2053. ARRAY_LENGTH( strCmdLineOption ) ) )
  2054. {
  2055. if (Count == 2 && _tcsicmp (Args[1], strCmdLineOption) == 0)
  2056. {
  2057. if( VrfClearAllVerifierSettings() )
  2058. {
  2059. return EXIT_CODE_REBOOT_NEEDED;
  2060. }
  2061. else
  2062. {
  2063. return EXIT_CODE_ERROR;
  2064. }
  2065. }
  2066. }
  2067. //
  2068. // Search for /log
  2069. //
  2070. CreateLog = FALSE;
  2071. if( GetStringFromResources(
  2072. IDS_LOG_CMDLINE_SWITCH,
  2073. strCmdLineOption,
  2074. ARRAY_LENGTH( strCmdLineOption ) ) )
  2075. {
  2076. for (Index = 1; Index < Count - 1; Index++)
  2077. {
  2078. if (_tcsicmp (Args[Index], strCmdLineOption ) == 0)
  2079. {
  2080. CreateLog = TRUE;
  2081. LogFileName = Args[Index + 1];
  2082. break;
  2083. }
  2084. }
  2085. }
  2086. if( CreateLog )
  2087. {
  2088. //
  2089. // Default Value
  2090. //
  2091. LogInterval = 30000; // 30 sec
  2092. //
  2093. // Search for /interval
  2094. //
  2095. if( GetStringFromResources(
  2096. IDS_INTERVAL_CMDLINE_SWITCH,
  2097. strCmdLineOption,
  2098. ARRAY_LENGTH( strCmdLineOption ) ) )
  2099. {
  2100. for (Index = 1; Index < Count - 1; Index++)
  2101. {
  2102. if (_tcsicmp (Args[Index], strCmdLineOption) == 0)
  2103. {
  2104. LogInterval = _ttoi (Args[Index + 1]) * 1000;
  2105. if( LogInterval == 0 )
  2106. {
  2107. LogInterval = 30000; // 30 sec
  2108. }
  2109. }
  2110. }
  2111. }
  2112. //
  2113. // Infinite loop
  2114. //
  2115. while( TRUE )
  2116. {
  2117. //
  2118. // Open the file
  2119. //
  2120. file = _tfopen( LogFileName, TEXT("a+") );
  2121. if( file == NULL )
  2122. {
  2123. //
  2124. // print a error message
  2125. //
  2126. VrfTPrintfResourceFormat(
  2127. IDS_CANT_APPEND_FILE,
  2128. LogFileName );
  2129. break;
  2130. }
  2131. //
  2132. // Dump current information
  2133. //
  2134. if( ! VrfDumpStateToFile ( file, FALSE ) ) {
  2135. //
  2136. // Insufficient disk space ?
  2137. //
  2138. VrfTPrintfResourceFormat(
  2139. IDS_CANT_WRITE_FILE,
  2140. LogFileName );
  2141. }
  2142. fflush( file );
  2143. VrfFTPrintf(
  2144. FALSE,
  2145. file,
  2146. TEXT("\n\n") );
  2147. //
  2148. // Close the file
  2149. //
  2150. fclose( file );
  2151. //
  2152. // Sleep
  2153. //
  2154. Sleep( LogInterval );
  2155. }
  2156. return nReturnValue;
  2157. }
  2158. //
  2159. // Search for /query
  2160. //
  2161. if( GetStringFromResources(
  2162. IDS_QUERY_CMDLINE_SWITCH,
  2163. strCmdLineOption,
  2164. ARRAY_LENGTH( strCmdLineOption ) ) )
  2165. {
  2166. if (Count == 2 && _tcsicmp (Args[1], strCmdLineOption) == 0)
  2167. {
  2168. VrfDumpStateToFile ( stdout, TRUE );
  2169. fflush( stdout );
  2170. return nReturnValue;
  2171. }
  2172. }
  2173. //
  2174. // Search for /flags
  2175. //
  2176. if( GetStringFromResources(
  2177. IDS_FLAGS_CMDLINE_SWITCH,
  2178. strCmdLineOption,
  2179. ARRAY_LENGTH( strCmdLineOption ) ) )
  2180. {
  2181. for (Index = 1; Index < Count - 1; Index++)
  2182. {
  2183. if (_tcsicmp (Args[Index], strCmdLineOption) == 0)
  2184. {
  2185. Flags = _ttoi (Args[Index + 1]);
  2186. Flags &= VerifierAllOptions;
  2187. bFlagsSpecified = TRUE;
  2188. }
  2189. }
  2190. }
  2191. //
  2192. // Search for /iolevel
  2193. //
  2194. if( GetStringFromResources(
  2195. IDS_IOLEVEL_CMDLINE_SWITCH,
  2196. strCmdLineOption,
  2197. ARRAY_LENGTH( strCmdLineOption ) ) )
  2198. {
  2199. for (Index = 1; Index < Count - 1; Index++)
  2200. {
  2201. if (_tcsicmp (Args[Index], strCmdLineOption) == 0)
  2202. {
  2203. IoLevel = _ttoi (Args[Index + 1]);
  2204. if( ( IoLevel != 0 ) && ( IoLevel <= IO_VERIFICATION_LEVEL_MAX ) )
  2205. {
  2206. bIoLevelSpecified = TRUE;
  2207. }
  2208. }
  2209. }
  2210. }
  2211. //
  2212. // Search for /all
  2213. //
  2214. if( GetStringFromResources(
  2215. IDS_ALL_CMDLINE_SWITCH,
  2216. strCmdLineOption,
  2217. ARRAY_LENGTH( strCmdLineOption ) ) )
  2218. {
  2219. for (Index = 1; Index < Count; Index++)
  2220. {
  2221. if (_tcsicmp (Args[Index], strCmdLineOption) == 0)
  2222. {
  2223. _tcscat (Names, TEXT("*"));
  2224. bNamesSpecified = TRUE;
  2225. }
  2226. }
  2227. }
  2228. //
  2229. // Search for /driver
  2230. //
  2231. LoadStringResult = LoadString ( // cannot reuse the static string buffer
  2232. GetModuleHandle (NULL),
  2233. IDS_DRIVER_CMDLINE_SWITCH,
  2234. strDriver,
  2235. sizeof strDriver / sizeof (TCHAR));
  2236. ASSERT (LoadStringResult > 0);
  2237. if (LoadStringResult > 0) {
  2238. for (Index = 1; Index < Count - 1; Index++) {
  2239. if (_tcsicmp (Args[Index], strDriver) == 0) {
  2240. int NameIndex;
  2241. LPCTSTR MiniportName;
  2242. bNamesSpecified = ( Index < ( Count - 1 ) ); // have some driver names?
  2243. for (NameIndex = Index + 1; NameIndex < Count; NameIndex++) {
  2244. _tcscat (Names, Args[NameIndex]);
  2245. _tcscat (Names, TEXT(" "));
  2246. MiniportName = IsMiniportDriver (Args[NameIndex], LoadStatus);
  2247. if (MiniportName == NULL && LoadStatus != VRF_DRIVER_LOAD_SUCCESS) {
  2248. switch (LoadStatus) {
  2249. case VRF_DRIVER_LOAD_SUCCESS:
  2250. break;
  2251. case VRF_DRIVER_LOAD_CANNOT_FIND_IMAGE:
  2252. VrfTPrintfResourceFormat(
  2253. IDS_CANT_FIND_IMAGE,
  2254. Args[NameIndex] );
  2255. //
  2256. // newline
  2257. //
  2258. VrfPutTS( _TEXT( "" ) );
  2259. break;
  2260. case VRF_DRIVER_LOAD_INVALID_IMAGE:
  2261. VrfTPrintfResourceFormat(
  2262. IDS_INVALID_IMAGE,
  2263. Args[NameIndex] );
  2264. //
  2265. // newline
  2266. //
  2267. VrfPutTS( _TEXT( "" ) );
  2268. break;
  2269. default:
  2270. ASSERT ( FALSE );
  2271. break;
  2272. }
  2273. }
  2274. else if (MiniportName != NULL && _tcsstr (Names, MiniportName) == NULL) {
  2275. _tcscat (Names, MiniportName);
  2276. _tcscat (Names, TEXT(" "));
  2277. }
  2278. }
  2279. break;
  2280. }
  2281. }
  2282. }
  2283. //
  2284. // Search for /volatile
  2285. //
  2286. if( GetStringFromResources(
  2287. IDS_DONTREBOOT_CMDLINE_SWITCH,
  2288. strCmdLineOption,
  2289. ARRAY_LENGTH( strCmdLineOption ) ) )
  2290. {
  2291. for (Index = 1; Index < Count; Index++)
  2292. {
  2293. if (_tcsicmp (Args[Index], strCmdLineOption) == 0)
  2294. {
  2295. bVolatileSpecified = TRUE;
  2296. //
  2297. // found /volatile in the command line
  2298. //
  2299. if( bFlagsSpecified && ! bNamesSpecified )
  2300. {
  2301. if( g_OsVersion.dwBuildNumber >= 2055 )
  2302. {
  2303. //
  2304. // see if there are any verifier flags active
  2305. //
  2306. if (KrnGetSystemVerifierState (& KrnState) == FALSE)
  2307. {
  2308. //
  2309. // cannot get current verifier settings
  2310. //
  2311. VrfPrintStringFromResources( IDS_CANTGET_VERIF_STATE );
  2312. return EXIT_CODE_ERROR;
  2313. }
  2314. else
  2315. {
  2316. //
  2317. // compare the active flags with the new ones
  2318. //
  2319. if( KrnState.DriverCount != 0 )
  2320. {
  2321. //
  2322. // there are some drivers currently verified
  2323. //
  2324. if( KrnState.Level != Flags )
  2325. {
  2326. //
  2327. // try to change something on the fly
  2328. //
  2329. bResult = VrfSetVolatileFlags(
  2330. Flags );
  2331. if( bResult )
  2332. {
  2333. //
  2334. // success - tell the user what flags have changed
  2335. //
  2336. VrfDumpChangedSettings(
  2337. KrnState.Level,
  2338. Flags );
  2339. return EXIT_CODE_SUCCESS;
  2340. }
  2341. else
  2342. {
  2343. //
  2344. // cannot change settings
  2345. //
  2346. return EXIT_CODE_ERROR;
  2347. }
  2348. }
  2349. else
  2350. {
  2351. //
  2352. // the specified flags are the same as the active ones
  2353. //
  2354. VrfPrintStringFromResources( IDS_SAME_FLAGS_AS_ACTIVE );
  2355. return EXIT_CODE_SUCCESS;
  2356. }
  2357. }
  2358. else
  2359. {
  2360. VrfPrintStringFromResources( IDS_NO_DRIVER_VERIFIED );
  2361. return EXIT_CODE_SUCCESS;
  2362. }
  2363. }
  2364. }
  2365. else
  2366. {
  2367. //
  2368. // the build is too old - we cannot change options on the fly
  2369. //
  2370. VrfPrintStringFromResources( IDS_CANT_CHANGE_SETTINGS_BUILD_OLD );
  2371. return EXIT_CODE_ERROR;
  2372. }
  2373. }
  2374. else
  2375. {
  2376. //
  2377. // the flags were not specified - look for /adddriver, /removedriver
  2378. //
  2379. if( VrfVolatileAddOrRemoveDriversCmdLine( Count, Args ) == TRUE )
  2380. {
  2381. //
  2382. // changed the verified drivers list
  2383. //
  2384. return EXIT_CODE_SUCCESS;
  2385. }
  2386. else
  2387. {
  2388. //
  2389. // nothing to change
  2390. //
  2391. VrfPrintStringFromResources( IDS_NO_SETTINGS_WERE_CHANGED );
  2392. return EXIT_CODE_ERROR;
  2393. }
  2394. }
  2395. //
  2396. // Unreached - the code above will always return from the function.
  2397. //
  2398. ASSERT( FALSE );
  2399. return EXIT_CODE_ERROR;
  2400. }
  2401. }
  2402. }
  2403. else
  2404. {
  2405. ASSERT( FALSE );
  2406. }
  2407. //
  2408. // Write everything to the registry
  2409. //
  2410. if( !bVolatileSpecified && ( bFlagsSpecified || bNamesSpecified ) )
  2411. {
  2412. HKEY MmKey = NULL;
  2413. LONG Result;
  2414. DWORD Value;
  2415. DWORD OldValue;
  2416. Result = RegOpenKeyEx (
  2417. HKEY_LOCAL_MACHINE,
  2418. RegMemoryManagementKeyName,
  2419. 0,
  2420. KEY_SET_VALUE | KEY_QUERY_VALUE,
  2421. &MmKey);
  2422. if (Result != ERROR_SUCCESS) {
  2423. if( Result == ERROR_ACCESS_DENIED ) {
  2424. VrfPrintStringFromResources(
  2425. IDS_ACCESS_IS_DENIED );
  2426. return EXIT_CODE_ERROR;
  2427. }
  2428. else {
  2429. VrfTPrintfResourceFormat(
  2430. IDS_REGOPENKEYEX_FAILED,
  2431. RegMemoryManagementKeyName,
  2432. (DWORD)Result);
  2433. //
  2434. // newline
  2435. //
  2436. VrfPutTS( _TEXT( "" ) );
  2437. return EXIT_CODE_ERROR;
  2438. }
  2439. }
  2440. if( bFlagsSpecified )
  2441. {
  2442. Value = Flags;
  2443. if( ReadRegistryValue ( MmKey, RegVerifyDriverLevelValueName, &OldValue, 0) == FALSE) {
  2444. RegCloseKey (MmKey);
  2445. return EXIT_CODE_ERROR;
  2446. }
  2447. if (WriteRegistryValue (MmKey, RegVerifyDriverLevelValueName, Value) == FALSE) {
  2448. RegCloseKey (MmKey);
  2449. return EXIT_CODE_ERROR;
  2450. }
  2451. bIoVerifierEnabled = ( (Flags & DRIVER_VERIFIER_IO_CHECKING) != 0 );
  2452. if( bIoVerifierEnabled && bIoLevelSpecified == TRUE )
  2453. {
  2454. SysIoVerifierLevel = IoLevel;
  2455. }
  2456. else
  2457. {
  2458. SysIoVerifierLevel = 0;
  2459. }
  2460. if ( ! SetSysIoVerifierSettings ( SysIoVerifierLevel ) )
  2461. {
  2462. RegCloseKey (MmKey);
  2463. return EXIT_CODE_ERROR;
  2464. }
  2465. if( OldValue != Value ) {
  2466. nReturnValue = EXIT_CODE_REBOOT_NEEDED;
  2467. }
  2468. }
  2469. if( bNamesSpecified )
  2470. {
  2471. if (ReadMmString (MmKey, RegVerifyDriversValueName, OldNames, sizeof( OldNames ) ) == FALSE) {
  2472. RegCloseKey (MmKey);
  2473. return EXIT_CODE_ERROR;
  2474. }
  2475. if (WriteMmString (MmKey, RegVerifyDriversValueName, Names) == FALSE) {
  2476. RegCloseKey (MmKey);
  2477. return EXIT_CODE_ERROR;
  2478. }
  2479. if( _tcsicmp (OldNames, Names) ){
  2480. nReturnValue = EXIT_CODE_REBOOT_NEEDED;
  2481. }
  2482. }
  2483. RegCloseKey (MmKey);
  2484. }
  2485. else
  2486. {
  2487. PrintHelpInformation();
  2488. }
  2489. return nReturnValue;
  2490. }
  2491. //////////////////////////////////////////////////////////////////////
  2492. BOOL
  2493. GetStringFromResources(
  2494. UINT uIdResource,
  2495. TCHAR *strBuffer,
  2496. int nBufferLength )
  2497. {
  2498. UINT LoadStringResult;
  2499. if( strBuffer == NULL || nBufferLength < 1 )
  2500. {
  2501. ASSERT( FALSE );
  2502. return FALSE;
  2503. }
  2504. LoadStringResult = LoadString (
  2505. GetModuleHandle (NULL),
  2506. uIdResource,
  2507. strBuffer,
  2508. nBufferLength );
  2509. ASSERT (LoadStringResult > 0);
  2510. return (LoadStringResult > 0);
  2511. }
  2512. //////////////////////////////////////////////////////////////////////
  2513. void
  2514. VrfPrintStringFromResources(
  2515. UINT uIdResource)
  2516. {
  2517. TCHAR strText[ 256 ];
  2518. if( GetStringFromResources(
  2519. uIdResource,
  2520. strText,
  2521. ARRAY_LENGTH( strText ) ) )
  2522. {
  2523. VrfOutputWideStringOEMFormat( strText, TRUE, stdout );
  2524. }
  2525. }
  2526. //////////////////////////////////////////////////////////////////////
  2527. BOOL
  2528. VrfOuputStringFromResources(
  2529. UINT uIdResource,
  2530. BOOL bConvertToOEM,
  2531. FILE *file )
  2532. {
  2533. TCHAR strText[ 256 ];
  2534. BOOL bResult;
  2535. bResult = TRUE;
  2536. if( GetStringFromResources(
  2537. uIdResource,
  2538. strText,
  2539. ARRAY_LENGTH( strText ) ) )
  2540. {
  2541. if( bConvertToOEM )
  2542. {
  2543. VrfOutputWideStringOEMFormat( strText, TRUE, file );
  2544. }
  2545. else
  2546. {
  2547. bResult = ( _fputts( strText, file ) >= 0 );
  2548. }
  2549. }
  2550. return bResult;
  2551. }
  2552. //////////////////////////////////////////////////////////////////////
  2553. void
  2554. VrfDumpChangedSettings(
  2555. UINT OldFlags,
  2556. UINT NewFlags )
  2557. {
  2558. UINT uDifferentFlags;
  2559. OldFlags &= VerifierModifyableOptions;
  2560. NewFlags &= VerifierModifyableOptions;
  2561. if( OldFlags == NewFlags )
  2562. {
  2563. //
  2564. // no settings were changed
  2565. //
  2566. VrfPrintStringFromResources(
  2567. IDS_NO_SETTINGS_WERE_CHANGED );
  2568. }
  2569. else
  2570. {
  2571. VrfPrintStringFromResources(
  2572. IDS_CHANGED_SETTINGS_ARE );
  2573. uDifferentFlags = OldFlags ^ NewFlags;
  2574. //
  2575. // changed DRIVER_VERIFIER_SPECIAL_POOLING ?
  2576. //
  2577. if( uDifferentFlags & DRIVER_VERIFIER_SPECIAL_POOLING )
  2578. {
  2579. if( NewFlags & DRIVER_VERIFIER_SPECIAL_POOLING )
  2580. {
  2581. VrfPrintStringFromResources(
  2582. IDS_SPECIAL_POOL_ENABLED_NOW );
  2583. }
  2584. else
  2585. {
  2586. VrfPrintStringFromResources(
  2587. IDS_SPECIAL_POOL_DISABLED_NOW );
  2588. }
  2589. }
  2590. //
  2591. // changed DRIVER_VERIFIER_FORCE_IRQL_CHECKING ?
  2592. //
  2593. if( uDifferentFlags & DRIVER_VERIFIER_FORCE_IRQL_CHECKING )
  2594. {
  2595. if( NewFlags & DRIVER_VERIFIER_FORCE_IRQL_CHECKING )
  2596. {
  2597. VrfPrintStringFromResources(
  2598. IDS_FORCE_IRQLCHECK_ENABLED_NOW );
  2599. }
  2600. else
  2601. {
  2602. VrfPrintStringFromResources(
  2603. IDS_FORCE_IRQLCHECK_DISABLED_NOW );
  2604. }
  2605. }
  2606. //
  2607. // changed DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES ?
  2608. //
  2609. if( uDifferentFlags & DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES )
  2610. {
  2611. if( NewFlags & DRIVER_VERIFIER_INJECT_ALLOCATION_FAILURES )
  2612. {
  2613. VrfPrintStringFromResources(
  2614. IDS_FAULT_INJECTION_ENABLED_NOW );
  2615. }
  2616. else
  2617. {
  2618. VrfPrintStringFromResources(
  2619. IDS_FAULT_INJECTION_DISABLED_NOW );
  2620. }
  2621. }
  2622. //
  2623. // changed DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS ?
  2624. //
  2625. if( uDifferentFlags & DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS )
  2626. {
  2627. if( NewFlags & DRIVER_VERIFIER_TRACK_POOL_ALLOCATIONS )
  2628. {
  2629. VrfPrintStringFromResources(
  2630. IDS_POOL_TRACK_ENABLED_NOW );
  2631. }
  2632. else
  2633. {
  2634. VrfPrintStringFromResources(
  2635. IDS_POOL_TRACK_DISABLED_NOW );
  2636. }
  2637. }
  2638. //
  2639. // changed DRIVER_VERIFIER_IO_CHECKING ?
  2640. //
  2641. if( uDifferentFlags & DRIVER_VERIFIER_IO_CHECKING )
  2642. {
  2643. if( NewFlags & DRIVER_VERIFIER_IO_CHECKING )
  2644. {
  2645. VrfPrintStringFromResources(
  2646. IDS_IO_CHECKING_ENABLED_NOW );
  2647. }
  2648. else
  2649. {
  2650. VrfPrintStringFromResources(
  2651. IDS_IO_CHECKING_DISABLED_NOW );
  2652. }
  2653. }
  2654. //
  2655. // the changes are not saved to the registry
  2656. //
  2657. VrfPrintStringFromResources(
  2658. IDS_CHANGES_ACTIVE_ONLY_BEFORE_REBOOT );
  2659. }
  2660. }
  2661. //////////////////////////////////////////////////////////////////////
  2662. BOOL
  2663. VrfEnableDebugPrivilege (
  2664. )
  2665. {
  2666. struct
  2667. {
  2668. DWORD Count;
  2669. LUID_AND_ATTRIBUTES Privilege [1];
  2670. } Info;
  2671. HANDLE Token;
  2672. BOOL Result;
  2673. //
  2674. // open the process token
  2675. //
  2676. Result = OpenProcessToken (
  2677. GetCurrentProcess (),
  2678. TOKEN_ADJUST_PRIVILEGES,
  2679. & Token);
  2680. if( Result != TRUE )
  2681. {
  2682. VrfErrorResourceFormat(
  2683. IDS_ACCESS_IS_DENIED );
  2684. return FALSE;
  2685. }
  2686. //
  2687. // prepare the info structure
  2688. //
  2689. Info.Count = 1;
  2690. Info.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
  2691. Result = LookupPrivilegeValue (
  2692. NULL,
  2693. SE_DEBUG_NAME,
  2694. &(Info.Privilege[0].Luid));
  2695. if( Result != TRUE )
  2696. {
  2697. VrfErrorResourceFormat(
  2698. IDS_ACCESS_IS_DENIED );
  2699. CloseHandle( Token );
  2700. return FALSE;
  2701. }
  2702. //
  2703. // adjust the privileges
  2704. //
  2705. Result = AdjustTokenPrivileges (
  2706. Token,
  2707. FALSE,
  2708. (PTOKEN_PRIVILEGES) &Info,
  2709. NULL,
  2710. NULL,
  2711. NULL);
  2712. if( Result != TRUE || GetLastError() != ERROR_SUCCESS )
  2713. {
  2714. VrfErrorResourceFormat(
  2715. IDS_ACCESS_IS_DENIED );
  2716. CloseHandle( Token );
  2717. return FALSE;
  2718. }
  2719. CloseHandle( Token );
  2720. return TRUE;
  2721. }
  2722. //////////////////////////////////////////////////////////////////////
  2723. void
  2724. VrfPrintNarrowStringOEMFormat(
  2725. char *szText )
  2726. {
  2727. char szTextOEM[ 512 ];
  2728. ASSERT( szText != NULL );
  2729. //
  2730. // make a copy of the string
  2731. //
  2732. strncpy( szTextOEM, szText, ARRAY_LENGTH( szTextOEM ) - 1 );
  2733. szTextOEM[ ARRAY_LENGTH( szTextOEM ) - 1 ] = (char)0;
  2734. //
  2735. // convert the string to OEM
  2736. //
  2737. if( CharToOemA( szTextOEM, szTextOEM ) )
  2738. {
  2739. puts( szTextOEM );
  2740. }
  2741. else
  2742. {
  2743. ASSERT( FALSE );
  2744. }
  2745. }
  2746. //////////////////////////////////////////////////////////////////////
  2747. BOOL
  2748. VrfOutputWideStringOEMFormat(
  2749. LPTSTR strText,
  2750. BOOL bAppendNewLine,
  2751. FILE *file )
  2752. {
  2753. TCHAR strTextCopy[ 512 ];
  2754. BOOL bResult;
  2755. char szTextOEM[ 512 ];
  2756. if( strText == NULL || file == NULL )
  2757. {
  2758. ASSERT( FALSE );
  2759. return FALSE;
  2760. }
  2761. //
  2762. // make a copy of the string
  2763. //
  2764. _tcsncpy( strTextCopy, strText, ARRAY_LENGTH( strTextCopy ) - 1 );
  2765. strTextCopy[ ARRAY_LENGTH( strTextCopy ) - 1 ] = (TCHAR)0;
  2766. //
  2767. // convert the string to OEM
  2768. //
  2769. if( CharToOem( strTextCopy, szTextOEM ) )
  2770. {
  2771. bResult = ( fputs( szTextOEM, file ) >= 0 );
  2772. if( bResult && bAppendNewLine )
  2773. {
  2774. bResult = ( fputs( "\n", file ) >= 0 );
  2775. }
  2776. }
  2777. else
  2778. {
  2779. ASSERT( FALSE );
  2780. bResult = FALSE;
  2781. }
  2782. return bResult;
  2783. }
  2784. //////////////////////////////////////////////////////////////////////
  2785. BOOL
  2786. __cdecl
  2787. VrfFTPrintf(
  2788. BOOL bConvertToOEM,
  2789. FILE *file,
  2790. LPTSTR fmt,
  2791. ...)
  2792. {
  2793. BOOL bResult;
  2794. TCHAR strMessage[ 256 ];
  2795. va_list prms;
  2796. if( fmt == NULL || file == NULL )
  2797. {
  2798. ASSERT( FALSE );
  2799. return FALSE;
  2800. }
  2801. va_start (prms, fmt);
  2802. _vsntprintf ( strMessage, ARRAY_LENGTH( strMessage ), fmt, prms);
  2803. if( bConvertToOEM )
  2804. {
  2805. bResult = VrfOutputWideStringOEMFormat(
  2806. strMessage,
  2807. FALSE,
  2808. file );
  2809. }
  2810. else
  2811. {
  2812. bResult = ( _ftprintf( file, _T( "%s" ), strMessage ) >= 0 );
  2813. }
  2814. va_end (prms);
  2815. return bResult;
  2816. }
  2817. //////////////////////////////////////////////////////////////////////
  2818. BOOL
  2819. __cdecl
  2820. VrfFTPrintfResourceFormat(
  2821. BOOL bConvertToOEM,
  2822. FILE *file,
  2823. UINT uIdResFmtString,
  2824. ...)
  2825. {
  2826. TCHAR strFormat[ 256 ];
  2827. TCHAR strMessage[ 256 ];
  2828. va_list prms;
  2829. BOOL bResult;
  2830. bResult = TRUE;
  2831. if( GetStringFromResources(
  2832. uIdResFmtString,
  2833. strFormat,
  2834. ARRAY_LENGTH( strFormat ) ) )
  2835. {
  2836. va_start (prms, uIdResFmtString);
  2837. _vsntprintf ( strMessage, ARRAY_LENGTH( strMessage ), strFormat, prms);
  2838. if( bConvertToOEM )
  2839. {
  2840. bResult = VrfOutputWideStringOEMFormat(
  2841. strMessage,
  2842. FALSE,
  2843. file );
  2844. }
  2845. else
  2846. {
  2847. bResult = ( _ftprintf( file, _T( "%s" ), strMessage ) >= 0 );
  2848. }
  2849. va_end (prms);
  2850. }
  2851. else
  2852. {
  2853. ASSERT( FALSE );
  2854. bResult = FALSE;
  2855. }
  2856. return bResult;
  2857. }
  2858. //////////////////////////////////////////////////////////////////////
  2859. void
  2860. __cdecl
  2861. VrfTPrintfResourceFormat(
  2862. UINT uIdResFmtString,
  2863. ...)
  2864. {
  2865. TCHAR strMessage[ 256 ];
  2866. TCHAR strFormat[ 256 ];
  2867. va_list prms;
  2868. //
  2869. // get the format string
  2870. //
  2871. if( GetStringFromResources(
  2872. uIdResFmtString,
  2873. strFormat,
  2874. ARRAY_LENGTH( strFormat ) ) )
  2875. {
  2876. va_start (prms, uIdResFmtString);
  2877. //
  2878. // get the message string as UNICODE
  2879. //
  2880. _vsntprintf (
  2881. strMessage,
  2882. ARRAY_LENGTH( strMessage ),
  2883. strFormat,
  2884. prms);
  2885. //
  2886. // output it as OEM
  2887. //
  2888. VrfOutputWideStringOEMFormat(
  2889. strMessage,
  2890. FALSE,
  2891. stdout );
  2892. va_end (prms);
  2893. }
  2894. return;
  2895. }
  2896. //////////////////////////////////////////////////////////////////////
  2897. void
  2898. VrfPutTS(
  2899. LPTSTR strText )
  2900. {
  2901. if( strText == NULL )
  2902. {
  2903. ASSERT( FALSE );
  2904. return;
  2905. }
  2906. VrfOutputWideStringOEMFormat(
  2907. strText,
  2908. TRUE,
  2909. stdout );
  2910. }
  2911. //////////////////////////////////////////////////////////////////////
  2912. //
  2913. // Support for dynamic set of verified drivers
  2914. //
  2915. BOOL VrfVolatileAddDriver(
  2916. const WCHAR *szDriverName )
  2917. {
  2918. UNICODE_STRING usDriverName;
  2919. NTSTATUS Status;
  2920. UINT uIdErrorString;
  2921. //
  2922. // enable debug privilege
  2923. //
  2924. if( g_bPrivegeEnabled != TRUE )
  2925. {
  2926. g_bPrivegeEnabled = VrfEnableDebugPrivilege();
  2927. if( g_bPrivegeEnabled != TRUE )
  2928. {
  2929. return FALSE;
  2930. }
  2931. }
  2932. //
  2933. // Must driver name as a UNICODE_STRING
  2934. //
  2935. ASSERT( szDriverName != NULL );
  2936. RtlInitUnicodeString(
  2937. &usDriverName,
  2938. szDriverName );
  2939. Status = NtSetSystemInformation(
  2940. SystemVerifierAddDriverInformation,
  2941. &usDriverName,
  2942. sizeof( UNICODE_STRING ) );
  2943. if( ! NT_SUCCESS( Status ) )
  2944. {
  2945. switch( Status )
  2946. {
  2947. case STATUS_INVALID_INFO_CLASS:
  2948. uIdErrorString = IDS_VERIFIER_ADD_NOT_SUPPORTED;
  2949. break;
  2950. case STATUS_NOT_SUPPORTED:
  2951. uIdErrorString = IDS_DYN_ADD_NOT_SUPPORTED;
  2952. break;
  2953. case STATUS_IMAGE_ALREADY_LOADED:
  2954. uIdErrorString = IDS_DYN_ADD_ALREADY_LOADED;
  2955. break;
  2956. case STATUS_INSUFFICIENT_RESOURCES:
  2957. case STATUS_NO_MEMORY:
  2958. uIdErrorString = IDS_DYN_ADD_INSUF_RESOURCES;
  2959. break;
  2960. case STATUS_PRIVILEGE_NOT_HELD:
  2961. uIdErrorString = IDS_DYN_ADD_ACCESS_DENIED;
  2962. break;
  2963. default:
  2964. VrfErrorResourceFormat(
  2965. IDS_DYN_ADD_MISC_ERROR,
  2966. szDriverName,
  2967. Status );
  2968. return FALSE;
  2969. }
  2970. VrfErrorResourceFormat(
  2971. uIdErrorString,
  2972. szDriverName );
  2973. return FALSE;
  2974. }
  2975. return TRUE;
  2976. }
  2977. //////////////////////////////////////////////////////////////////////
  2978. BOOL VrfVolatileRemoveDriver(
  2979. const WCHAR *szDriverName )
  2980. {
  2981. UNICODE_STRING usDriverName;
  2982. NTSTATUS Status;
  2983. UINT uIdErrorString;
  2984. //
  2985. // enable debug privilege
  2986. //
  2987. if( g_bPrivegeEnabled != TRUE )
  2988. {
  2989. g_bPrivegeEnabled = VrfEnableDebugPrivilege();
  2990. if( g_bPrivegeEnabled != TRUE )
  2991. {
  2992. return FALSE;
  2993. }
  2994. }
  2995. //
  2996. // Must driver name as a UNICODE_STRING
  2997. //
  2998. ASSERT( szDriverName != NULL );
  2999. RtlInitUnicodeString(
  3000. &usDriverName,
  3001. szDriverName );
  3002. Status = NtSetSystemInformation(
  3003. SystemVerifierRemoveDriverInformation,
  3004. &usDriverName,
  3005. sizeof( UNICODE_STRING ) );
  3006. if( ! NT_SUCCESS( Status ) )
  3007. {
  3008. switch( Status )
  3009. {
  3010. case STATUS_INVALID_INFO_CLASS:
  3011. uIdErrorString = IDS_VERIFIER_REMOVE_NOT_SUPPORTED;
  3012. break;
  3013. case STATUS_NOT_SUPPORTED:
  3014. //
  3015. // the driver verifier is not currently active at all -> success
  3016. //
  3017. case STATUS_NOT_FOUND:
  3018. //
  3019. // the driver is not currently verified -> success
  3020. //
  3021. return TRUE;
  3022. case STATUS_IMAGE_ALREADY_LOADED:
  3023. uIdErrorString = IDS_DYN_REMOVE_ALREADY_LOADED;
  3024. break;
  3025. case STATUS_INSUFFICIENT_RESOURCES:
  3026. case STATUS_NO_MEMORY:
  3027. uIdErrorString = IDS_DYN_REMOVE_INSUF_RESOURCES;
  3028. break;
  3029. case STATUS_PRIVILEGE_NOT_HELD:
  3030. uIdErrorString = IDS_DYN_REMOVE_ACCESS_DENIED;
  3031. break;
  3032. default:
  3033. VrfErrorResourceFormat(
  3034. IDS_DYN_REMOVE_MISC_ERROR,
  3035. szDriverName,
  3036. Status );
  3037. return FALSE;
  3038. }
  3039. VrfErrorResourceFormat(
  3040. uIdErrorString,
  3041. szDriverName );
  3042. return FALSE;
  3043. }
  3044. return TRUE;
  3045. }
  3046. //////////////////////////////////////////////////////////////////////
  3047. BOOL
  3048. VrfVolatileAddOrRemoveDriversCmdLine(
  3049. int nArgsNo,
  3050. LPTSTR szCmdLineArgs[] )
  3051. {
  3052. int nCrtArg;
  3053. BOOL bChangedSomething;
  3054. BOOL bResult;
  3055. BOOL bAddDriverSpecified = FALSE;
  3056. BOOL bRemoveDriverSpecified = FALSE;
  3057. TCHAR szAddDriverOption[ 128 ];
  3058. TCHAR szRemoveDriverOption[ 128 ];
  3059. //
  3060. // /loaddriver and /removedriver command line options
  3061. //
  3062. bResult = GetStringFromResources(
  3063. IDS_ADDDRIVER_CMDLINE_SWITCH,
  3064. szAddDriverOption,
  3065. ARRAY_LENGTH( szAddDriverOption ) );
  3066. if( bResult != TRUE )
  3067. {
  3068. return FALSE;
  3069. }
  3070. bResult = GetStringFromResources(
  3071. IDS_REMOVEDRIVER_CMDLINE_SWITCH,
  3072. szRemoveDriverOption,
  3073. ARRAY_LENGTH( szRemoveDriverOption ) );
  3074. if( bResult != TRUE )
  3075. {
  3076. return FALSE;
  3077. }
  3078. //
  3079. // parse all the cmd line args
  3080. //
  3081. for( nCrtArg = 0; nCrtArg < nArgsNo; nCrtArg++ )
  3082. {
  3083. if( _tcsicmp( szCmdLineArgs[ nCrtArg ], szAddDriverOption ) == 0 )
  3084. {
  3085. //
  3086. // /adddriver
  3087. //
  3088. bAddDriverSpecified = TRUE;
  3089. bRemoveDriverSpecified = FALSE;
  3090. }
  3091. else
  3092. {
  3093. if( _tcsicmp( szCmdLineArgs[ nCrtArg ], szRemoveDriverOption ) == 0 )
  3094. {
  3095. //
  3096. // /removedriver
  3097. //
  3098. bRemoveDriverSpecified = TRUE;
  3099. bAddDriverSpecified = FALSE;
  3100. }
  3101. else
  3102. {
  3103. if( bAddDriverSpecified )
  3104. {
  3105. //
  3106. // this must be a driver name to be added
  3107. //
  3108. if( VrfVolatileAddDriver( szCmdLineArgs[ nCrtArg ] ) )
  3109. {
  3110. bChangedSomething = TRUE;
  3111. VrfTPrintfResourceFormat(
  3112. IDS_DYN_ADD_VERIFIED_NOW,
  3113. szCmdLineArgs[ nCrtArg ] );
  3114. }
  3115. }
  3116. else
  3117. {
  3118. if( bRemoveDriverSpecified )
  3119. {
  3120. //
  3121. // this must be a driver name to be added
  3122. //
  3123. if( VrfVolatileRemoveDriver( szCmdLineArgs[ nCrtArg ] ) )
  3124. {
  3125. bChangedSomething = TRUE;
  3126. VrfTPrintfResourceFormat(
  3127. IDS_DYN_ADD_NOT_VERIFIED_NOW,
  3128. szCmdLineArgs[ nCrtArg ] );
  3129. }
  3130. }
  3131. }
  3132. }
  3133. }
  3134. }
  3135. return bChangedSomething;
  3136. }
  3137. //
  3138. // end of module: verify.cxx
  3139. //