|
|
/*++
Copyright (c) 1994 Microsoft Corporation
Module Name:
callback.c
Abstract:
This module implements user mode call back services.
Author:
William K. Cheung (wcheung) 30-Oct-1995
based on David N. Cutler (davec) 29-Oct-1994
Environment:
Kernel mode only.
Revision History:
--*/
#include "ki.h"
#ifdef ALLOC_PRAGMA
#pragma alloc_text (PAGE, KeUserModeCallback)
#pragma alloc_text (PAGE, NtW32Call)
#endif
�NTSTATUSKeUserModeCallback ( IN ULONG ApiNumber, IN PVOID InputBuffer, IN ULONG InputLength, OUT PVOID *OutputBuffer, IN PULONG OutputLength )
/*++
Routine Description:
This function call out from kernel mode to a user mode function.
Arguments:
ApiNumber - Supplies the API number.
InputBuffer - Supplies a pointer to a structure that is copied to the user stack.
InputLength - Supplies the length of the input structure.
Outputbuffer - Supplies a pointer to a variable that receives the address of the output buffer.
Outputlength - Supplies a pointer to a variable that receives the length of the output buffer.
Return Value:
If the callout cannot be executed, then an error status is returned. Otherwise, the status returned by the callback function is returned.
--*/
{ PUCALLOUT_FRAME CalloutFrame; ULONGLONG OldStack; ULONGLONG NewStack; ULONGLONG OldRsPFS; ULONGLONG OldStIFS; PKTRAP_FRAME TrapFrame; NTSTATUS Status; ULONG GdiBatchCount; ULONG Length; SHORT BsFrameSize; USHORT TearPointOffset;
ASSERT(KeGetPreviousMode() == UserMode); ASSERT(KeGetCurrentThread()->ApcState.KernelApcInProgress == FALSE); //
// Get the user mode stack pointer and attempt to copy input buffer
// to the user stack.
//
TrapFrame = KeGetCurrentThread()->TrapFrame; OldStack = TrapFrame->IntSp; OldRsPFS = TrapFrame->RsPFS; OldStIFS = TrapFrame->StIFS;
try {
//
// Compute new user mode stack address, probe for writability,
// and copy the input buffer to the user stack.
//
// N.B. EM requires stacks to be 16-byte aligned, therefore
// the input length must be rounded up to a 16-byte boundary.
//
Length = (InputLength + 16 - 1 + sizeof(UCALLOUT_FRAME) + STACK_SCRATCH_AREA) & ~(16 - 1); NewStack = OldStack - Length; CalloutFrame = (PUCALLOUT_FRAME)(NewStack + STACK_SCRATCH_AREA); ProbeForWrite((PVOID)NewStack, Length, sizeof(QUAD)); RtlCopyMemory(CalloutFrame + 1, InputBuffer, InputLength);
//
// Fill in the callout arguments.
//
CalloutFrame->Buffer = (PVOID)(CalloutFrame + 1); CalloutFrame->Length = InputLength; CalloutFrame->ApiNumber = ApiNumber; CalloutFrame->IntSp = OldStack; CalloutFrame->RsPFS = TrapFrame->RsPFS; CalloutFrame->BrRp = TrapFrame->BrRp;
//
// Always flush out the user RSE so the debugger and
// unwinding work across the call out.
//
KeFlushUserRseState (TrapFrame);
//
// If an exception occurs during the probe of the user stack, then
// always handle the exception and return the exception code as the
// status value.
//
} except (EXCEPTION_EXECUTE_HANDLER) { return GetExceptionCode(); }
//
// Call user mode.
//
TrapFrame->RsPFS = 0xC000000000000000i64; TrapFrame->StIFS = 0x8000000000000000i64; TrapFrame->IntSp = NewStack; Status = KiCallUserMode(OutputBuffer, OutputLength);
//
// When returning from user mode, any drawing done to the GDI TEB
// batch must be flushed. If the TEB cannot be accessed then blindly
// flush the GDI batch anyway.
//
GdiBatchCount = 1;
try { GdiBatchCount = ((PTEB)KeGetCurrentThread()->Teb)->GdiBatchCount; } except (EXCEPTION_EXECUTE_HANDLER) { NOTHING; }
if (GdiBatchCount > 0) {
//
// Some of the call back functions store a return values in the
// stack. The batch flush routine can sometimes overwrite these
// values causing failures. Add some slop in the stack to
// preserve these values.
//
TrapFrame->IntSp -= 256;
//
// call GDI batch flush routine
//
KeGdiFlushUserBatch(); }
TrapFrame->IntSp = OldStack; TrapFrame->RsPFS = OldRsPFS; TrapFrame->StIFS = OldStIFS; return Status;
}�NTSTATUSNtW32Call ( IN ULONG ApiNumber, IN PVOID InputBuffer, IN ULONG InputLength, OUT PVOID *OutputBuffer, OUT PULONG OutputLength )
/*++
Routine Description:
This function calls a W32 function.
N.B. ************** This is a temporary service *****************
Arguments:
ApiNumber - Supplies the API number.
InputBuffer - Supplies a pointer to a structure that is copied to the user stack.
InputLength - Supplies the length of the input structure.
Outputbuffer - Supplies a pointer to a variable that recevies the output buffer address.
Outputlength - Supplies a pointer to a variable that recevies the output buffer length.
Return Value:
TBS.
--*/
{
PVOID ValueBuffer; ULONG ValueLength; NTSTATUS Status;
ASSERT(KeGetPreviousMode() == UserMode);
//
// If the current thread is not a GUI thread, then fail the service
// since the thread does not have a large stack.
//
if (KeGetCurrentThread()->Win32Thread == (PVOID)&KeServiceDescriptorTable[0]) { return STATUS_NOT_IMPLEMENTED; }
//
// Probe the output buffer address and length for writeability.
//
try { ProbeForWriteUlong((PULONG)OutputBuffer); ProbeForWriteUlong(OutputLength);
//
// If an exception occurs during the probe of the output buffer or
// length, then always handle the exception and return the exception
// code as the status value.
//
} except(EXCEPTION_EXECUTE_HANDLER) { return GetExceptionCode(); }
//
// Call out to user mode specifying the input buffer and API number.
//
Status = KeUserModeCallback(ApiNumber, InputBuffer, InputLength, &ValueBuffer, &ValueLength);
//
// If the callout is successful, then the output buffer address and
// length.
//
if (NT_SUCCESS(Status)) { try { *OutputBuffer = ValueBuffer; *OutputLength = ValueLength;
} except(EXCEPTION_EXECUTE_HANDLER) { } }
return Status;}�VOIDKiTestGdiBatchCount ( )
/*++
Routine Description:
This function checks the GdiBatchCount and calls KeGdiFlushUserBatch if necessary.
Arguments:
None. Return Value:
None. --*/
{ ULONG GdiBatchCount = 1;
try { GdiBatchCount = ((PTEB)KeGetCurrentThread()->Teb)->GdiBatchCount; } except (EXCEPTION_EXECUTE_HANDLER) { NOTHING; }
if (GdiBatchCount > 0) { KeGdiFlushUserBatch(); }}
|
