Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1767 lines
48 KiB

/*++
Copyright (c) 1992 Microsoft Corporation
Module Name:
blkconn.c
Abstract:
This module contains allocate, free, close, reference, and dereference
routines for AFD connections.
Author:
David Treadwell (davidtr) 10-Mar-1992
Revision History:
--*/
#include "afdp.h"
VOID
AfdFreeConnection (
IN PVOID Context
);
VOID
AfdFreeConnectionResources (
PAFD_CONNECTION connection
);
VOID
AfdFreeNPConnectionResources (
PAFD_CONNECTION connection
);
VOID
AfdRefreshConnection (
PAFD_CONNECTION connection
);
PAFD_CONNECTION
AfdReuseConnection (
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGEAFD, AfdAbortConnection )
#pragma alloc_text( PAGE, AfdAddFreeConnection )
#pragma alloc_text( PAGE, AfdAllocateConnection )
#pragma alloc_text( PAGE, AfdCreateConnection )
#pragma alloc_text( PAGE, AfdFreeConnection )
#pragma alloc_text( PAGE, AfdFreeConnectionResources )
#pragma alloc_text( PAGE, AfdReuseConnection )
#pragma alloc_text( PAGEAFD, AfdRefreshConnection )
#pragma alloc_text( PAGEAFD, AfdFreeNPConnectionResources )
#pragma alloc_text( PAGEAFD, AfdGetConnectionReferenceFromEndpoint )
#if REFERENCE_DEBUG
#pragma alloc_text( PAGEAFD, AfdReferenceConnection )
#pragma alloc_text( PAGEAFD, AfdDereferenceConnection )
#else
#pragma alloc_text( PAGEAFD, AfdCloseConnection )
#endif
#pragma alloc_text( PAGEAFD, AfdGetFreeConnection )
#pragma alloc_text( PAGEAFD, AfdGetReturnedConnection )
#pragma alloc_text( PAGEAFD, AfdFindReturnedConnection )
#pragma alloc_text( PAGEAFD, AfdGetUnacceptedConnection )
#pragma alloc_text( PAGEAFD, AfdAddConnectedReference )
#pragma alloc_text( PAGEAFD, AfdDeleteConnectedReference )
#endif
#if GLOBAL_REFERENCE_DEBUG
AFD_GLOBAL_REFERENCE_DEBUG AfdGlobalReference[MAX_GLOBAL_REFERENCE];
LONG AfdGlobalReferenceSlot = -1;
#endif
#if AFD_PERF_DBG
#define CONNECTION_REUSE_DISABLED (AfdDisableConnectionReuse)
#else
#define CONNECTION_REUSE_DISABLED (FALSE)
#endif
VOID
AfdAbortConnection (
IN PAFD_CONNECTION Connection
)
{
NTSTATUS status;
ASSERT( Connection != NULL );
ASSERT( Connection->ConnectedReferenceAdded );
//
// Abort the connection. We need to set the CleanupBegun flag
// before initiating the abort so that the connected reference
// will get properly removed in AfdRestartAbort.
//
// Note that if AfdBeginAbort fails then AfdRestartAbort will not
// get invoked, so we must remove the connected reference ourselves.
//
Connection->CleanupBegun = TRUE;
status = AfdBeginAbort( Connection );
if( !NT_SUCCESS(status) ) {
AfdDeleteConnectedReference( Connection, FALSE );
}
//
// Remove the active reference.
//
DEREFERENCE_CONNECTION( Connection );
} // AfdAbortConnection
NTSTATUS
AfdAddFreeConnection (
IN PAFD_ENDPOINT Endpoint
)
/*++
Routine Description:
Adds a connection object to an endpoints pool of connections available
to satisfy a connect indication.
Arguments:
Endpoint - a pointer to the endpoint to which to add a connection.
Return Value:
NTSTATUS -- Indicates the status of the request.
--*/
{
PAFD_CONNECTION connection;
NTSTATUS status;
PAGED_CODE( );
ASSERT( Endpoint->Type == AfdBlockTypeVcListening ||
Endpoint->Type == AfdBlockTypeVcBoth );
//
// Create a new connection block and associated connection object.
//
status = AfdCreateConnection(
&Endpoint->TransportInfo->TransportDeviceName,
Endpoint->AddressHandle,
IS_TDI_BUFFERRING(Endpoint),
Endpoint->InLine,
Endpoint->OwningProcess,
&connection
);
if ( NT_SUCCESS(status) ) {
ASSERT( IS_TDI_BUFFERRING(Endpoint) == connection->TdiBufferring );
if (IS_DELAYED_ACCEPTANCE_ENDPOINT (Endpoint)) {
status = AfdDelayedAcceptListen (Endpoint, connection);
if (!NT_SUCCESS (status)) {
DEREFERENCE_CONNECTION (connection);
}
}
else {
//
// Set up the handle in the listening connection structure and place
// the connection on the endpoint's list of listening connections.
//
ASSERT (connection->Endpoint==NULL);
InterlockedPushEntrySList(
&Endpoint->Common.VcListening.FreeConnectionListHead,
&connection->SListEntry);
status = STATUS_SUCCESS;
}
}
return status;
} // AfdAddFreeConnection
PAFD_CONNECTION
AfdAllocateConnection (
VOID
)
{
PAFD_CONNECTION connection;
PAGED_CODE( );
if ((AfdConnectionsFreeing<AFD_CONNECTIONS_FREEING_MAX)
|| ((connection = AfdReuseConnection ())==NULL)) {
//
// Allocate a buffer to hold the connection structure.
//
connection = AFD_ALLOCATE_POOL(
NonPagedPool,
sizeof(AFD_CONNECTION),
AFD_CONNECTION_POOL_TAG
);
if ( connection == NULL ) {
return NULL;
}
}
RtlZeroMemory( connection, sizeof(AFD_CONNECTION) );
//
// Initialize the reference count to 1 to account for the caller's
// reference. Connection blocks are temporary--as soon as the last
// reference goes away, so does the connection. There is no active
// reference on a connection block.
//
connection->ReferenceCount = 1;
//
// Initialize the connection structure.
//
connection->Type = AfdBlockTypeConnection;
connection->State = AfdConnectionStateFree;
//connection->Handle = NULL;
//connection->FileObject = NULL;
//connection->RemoteAddress = NULL;
//connection->Endpoint = NULL;
//connection->ReceiveBytesIndicated = 0;
//connection->ReceiveBytesTaken = 0;
//connection->ReceiveBytesOutstanding = 0;
//connection->ReceiveExpeditedBytesIndicated = 0;
//connection->ReceiveExpeditedBytesTaken = 0;
//connection->ReceiveExpeditedBytesOutstanding = 0;
//connection->ConnectDataBuffers = NULL;
//connection->DisconnectIndicated = FALSE;
//connection->AbortIndicated = FALSE;
//connection->ConnectedReferenceAdded = FALSE;
//connection->SpecialCondition = FALSE;
//connection->CleanupBegun = FALSE;
//connection->OwningProcess = NULL;
//connection->ClosePendedTransmit = FALSE;
#if REFERENCE_DEBUG
connection->CurrentReferenceSlot = -1;
RtlZeroMemory(
&connection->ReferenceDebug,
sizeof(AFD_REFERENCE_DEBUG) * MAX_REFERENCE
);
#endif
//
// Return a pointer to the new connection to the caller.
//
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdAllocateConnection: connection at %p\n", connection ));
}
return connection;
} // AfdAllocateConnection
NTSTATUS
AfdCreateConnection (
IN PUNICODE_STRING TransportDeviceName,
IN HANDLE AddressHandle,
IN BOOLEAN TdiBufferring,
IN LOGICAL InLine,
IN PEPROCESS ProcessToCharge,
OUT PAFD_CONNECTION *Connection
)
/*++
Routine Description:
Allocates a connection block and creates a connection object to
go with the block. This routine also associates the connection
with the specified address handle (if any).
Arguments:
TransportDeviceName - Name to use when creating the connection object.
AddressHandle - a handle to an address object for the specified
transport. If specified (non NULL), the connection object that
is created is associated with the address object.
TdiBufferring - whether the TDI provider supports data bufferring.
Only passed so that it can be stored in the connection
structure.
InLine - if TRUE, the endpoint should be created in OOB inline
mode.
ProcessToCharge - the process which should be charged the quota
for this connection.
Connection - receives a pointer to the new connection.
Return Value:
NTSTATUS -- Indicates the status of the request.
--*/
{
NTSTATUS status;
IO_STATUS_BLOCK ioStatusBlock;
OBJECT_ATTRIBUTES objectAttributes;
CHAR eaBuffer[sizeof(FILE_FULL_EA_INFORMATION) - 1 +
TDI_CONNECTION_CONTEXT_LENGTH + 1 +
sizeof(CONNECTION_CONTEXT)];
PFILE_FULL_EA_INFORMATION ea;
CONNECTION_CONTEXT UNALIGNED *ctx;
PAFD_CONNECTION connection;
PAGED_CODE( );
//
// Attempt to charge this process quota for the data bufferring we
// will do on its behalf.
//
status = PsChargeProcessPoolQuota(
ProcessToCharge,
NonPagedPool,
sizeof (AFD_CONNECTION)
);
if (!NT_SUCCESS (status)) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_INFO_LEVEL,
"AfdCreateConnection: PsChargeProcessPoolQuota failed.\n" ));
return status;
}
//
// Allocate a connection block.
//
connection = AfdAllocateConnection( );
if ( connection == NULL ) {
PsReturnPoolQuota(
ProcessToCharge,
NonPagedPool,
sizeof (AFD_CONNECTION)
);
return STATUS_INSUFFICIENT_RESOURCES;
}
AfdRecordQuotaHistory(
ProcessToCharge,
(LONG)sizeof (AFD_CONNECTION),
"CreateConn ",
connection
);
AfdRecordPoolQuotaCharged(sizeof (AFD_CONNECTION));
//
// Remember the process that got charged the pool quota for this
// connection object. Also reference the process to which we're
// going to charge the quota so that it is still around when we
// return the quota.
//
ASSERT( connection->OwningProcess == NULL );
connection->OwningProcess = ProcessToCharge;
ObReferenceObject( ProcessToCharge );
//
// If the provider does not buffer, initialize appropriate lists in
// the connection object.
//
connection->TdiBufferring = TdiBufferring;
if ( !TdiBufferring ) {
InitializeListHead( &connection->VcReceiveIrpListHead );
InitializeListHead( &connection->VcSendIrpListHead );
InitializeListHead( &connection->VcReceiveBufferListHead );
connection->VcBufferredReceiveBytes = 0;
connection->VcBufferredExpeditedBytes = 0;
connection->VcBufferredReceiveCount = 0;
connection->VcBufferredExpeditedCount = 0;
connection->VcReceiveBytesInTransport = 0;
#if DBG
connection->VcReceiveIrpsInTransport = 0;
#endif
connection->VcBufferredSendBytes = 0;
connection->VcBufferredSendCount = 0;
} else {
connection->VcNonBlockingSendPossible = TRUE;
connection->VcZeroByteReceiveIndicated = FALSE;
}
//
// Set up the send and receive window with default maximums.
//
connection->MaxBufferredReceiveBytes = AfdReceiveWindowSize;
connection->MaxBufferredSendBytes = AfdSendWindowSize;
//
// We need to open a connection object to the TDI provider for this
// endpoint. First create the EA for the connection context and the
// object attributes structure which will be used for all the
// connections we open here.
//
ea = (PFILE_FULL_EA_INFORMATION)eaBuffer;
ea->NextEntryOffset = 0;
ea->Flags = 0;
ea->EaNameLength = TDI_CONNECTION_CONTEXT_LENGTH;
ea->EaValueLength = sizeof(CONNECTION_CONTEXT);
RtlMoveMemory( ea->EaName, TdiConnectionContext, ea->EaNameLength + 1 );
//
// Use the pointer to the connection block as the connection context.
//
ctx = (CONNECTION_CONTEXT UNALIGNED *)&ea->EaName[ea->EaNameLength + 1];
*ctx = (CONNECTION_CONTEXT)connection;
// We ask to create a kernel handle which is
// the handle in the context of the system process
// so that application cannot close it on us while
// we are creating and referencing it.
InitializeObjectAttributes(
&objectAttributes,
TransportDeviceName,
OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, // attributes
NULL,
NULL
);
//
// Do the actual open of the connection object.
//
status = IoCreateFile(
&connection->Handle,
GENERIC_READ | GENERIC_WRITE | SYNCHRONIZE,
&objectAttributes,
&ioStatusBlock,
NULL, // AllocationSize
0, // FileAttributes
0, // ShareAccess
FILE_CREATE, // CreateDisposition
0, // CreateOptions
eaBuffer,
FIELD_OFFSET( FILE_FULL_EA_INFORMATION, EaName[0] ) +
ea->EaNameLength + 1 + ea->EaValueLength,
CreateFileTypeNone, // CreateFileType
NULL, // ExtraCreateParameters
IO_NO_PARAMETER_CHECKING // Options
);
if ( NT_SUCCESS(status) ) {
status = ioStatusBlock.Status;
}
if ( !NT_SUCCESS(status) ) {
DEREFERENCE_CONNECTION( connection );
return status;
}
#if DBG
{
NTSTATUS status1;
OBJECT_HANDLE_FLAG_INFORMATION handleInfo;
handleInfo.Inherit = FALSE;
handleInfo.ProtectFromClose = TRUE;
status1 = ZwSetInformationObject (
connection->Handle,
ObjectHandleFlagInformation,
&handleInfo,
sizeof (handleInfo)
);
ASSERT (NT_SUCCESS (status1));
}
#endif
AfdRecordConnOpened();
//
// Reference the connection's file object.
//
status = ObReferenceObjectByHandle(
connection->Handle,
0,
(POBJECT_TYPE) NULL,
KernelMode,
(PVOID *)&connection->FileObject,
NULL
);
ASSERT( NT_SUCCESS(status) );
IF_DEBUG(OPEN_CLOSE) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdCreateConnection: file object for connection %p at %p\n",
connection, connection->FileObject ));
}
AfdRecordConnRef();
//
// Remember the device object to which we need to give requests for
// this connection object. We can't just use the
// fileObject->DeviceObject pointer because there may be a device
// attached to the transport protocol.
//
connection->DeviceObject =
IoGetRelatedDeviceObject( connection->FileObject );
//
// Associate the connection with the address object on the endpoint if
// an address handle was specified.
//
if ( AddressHandle != NULL ) {
TDI_REQUEST_KERNEL_ASSOCIATE associateRequest;
associateRequest.AddressHandle = AddressHandle;
status = AfdIssueDeviceControl(
connection->FileObject,
&associateRequest,
sizeof (associateRequest),
NULL,
0,
TDI_ASSOCIATE_ADDRESS
);
if ( !NT_SUCCESS(status) ) {
DEREFERENCE_CONNECTION( connection );
return status;
}
}
//
// If requested, set the connection to be inline.
//
if ( InLine ) {
status = AfdSetInLineMode( connection, TRUE );
if ( !NT_SUCCESS(status) ) {
DEREFERENCE_CONNECTION( connection );
return status;
}
}
//
// Set up the connection pointer and return.
//
*Connection = connection;
UPDATE_CONN2( connection, "Connection object handle: %lx", HandleToUlong (connection->Handle));
return STATUS_SUCCESS;
} // AfdCreateConnection
VOID
AfdFreeConnection (
IN PVOID Context
)
{
PAFD_CONNECTION connection;
PAFD_ENDPOINT listenEndpoint;
PAGED_CODE( );
InterlockedDecrement (&AfdConnectionsFreeing);
ASSERT( Context != NULL );
connection = CONTAINING_RECORD(
Context,
AFD_CONNECTION,
WorkItem
);
if (connection->Endpoint != NULL &&
!CONNECTION_REUSE_DISABLED &&
!connection->Endpoint->EndpointCleanedUp &&
connection->Endpoint->Type == AfdBlockTypeVcConnecting &&
(listenEndpoint=connection->Endpoint->Common.VcConnecting.ListenEndpoint) != NULL &&
-listenEndpoint->Common.VcListening.FailedConnectionAdds <
listenEndpoint->Common.VcListening.MaxExtraConnections &&
(IS_DELAYED_ACCEPTANCE_ENDPOINT (listenEndpoint) ||
ExQueryDepthSList (
&listenEndpoint->Common.VcListening.FreeConnectionListHead)
< AFD_MAXIMUM_FREE_CONNECTIONS ) ) {
AfdRefreshConnection (connection);
}
else {
AfdFreeConnectionResources (connection);
//
// Free the space that holds the connection itself.
//
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdFreeConnection: Freeing connection at %p\n",
connection ));
}
connection->Type = AfdBlockTypeInvalidConnection;
AFD_FREE_POOL(
connection,
AFD_CONNECTION_POOL_TAG
);
}
} // AfdFreeConnection
PAFD_CONNECTION
AfdReuseConnection (
) {
PAFD_CONNECTION connection;
PAFD_ENDPOINT listenEndpoint;
PVOID Context;
PAGED_CODE( );
while ((Context = AfdGetWorkerByRoutine (AfdFreeConnection))!=NULL) {
connection = CONTAINING_RECORD(
Context,
AFD_CONNECTION,
WorkItem
);
if (connection->Endpoint != NULL &&
!CONNECTION_REUSE_DISABLED &&
!connection->Endpoint->EndpointCleanedUp &&
connection->Endpoint->Type == AfdBlockTypeVcConnecting &&
(listenEndpoint=connection->Endpoint->Common.VcConnecting.ListenEndpoint) != NULL &&
-listenEndpoint->Common.VcListening.FailedConnectionAdds <
listenEndpoint->Common.VcListening.MaxExtraConnections &&
(IS_DELAYED_ACCEPTANCE_ENDPOINT (listenEndpoint) ||
ExQueryDepthSList (
&listenEndpoint->Common.VcListening.FreeConnectionListHead)
< AFD_MAXIMUM_FREE_CONNECTIONS ) ) {
AfdRefreshConnection (connection);
}
else {
AfdFreeConnectionResources (connection);
return connection;
}
}
return NULL;
}
VOID
AfdFreeNPConnectionResources (
PAFD_CONNECTION connection
)
{
if ( !connection->TdiBufferring && connection->VcDisconnectIrp != NULL ) {
IoFreeIrp( connection->VcDisconnectIrp );
connection->VcDisconnectIrp = NULL;
}
if ( connection->ConnectDataBuffers != NULL ) {
AfdFreeConnectDataBuffers( connection->ConnectDataBuffers );
connection->ConnectDataBuffers = NULL;
}
//
// If this is a bufferring connection, remove all the AFD buffers
// from the connection's lists and free them.
//
if ( !connection->TdiBufferring ) {
PAFD_BUFFER_HEADER afdBuffer;
PLIST_ENTRY listEntry;
ASSERT( IsListEmpty( &connection->VcReceiveIrpListHead ) );
ASSERT( IsListEmpty( &connection->VcSendIrpListHead ) );
while ( !IsListEmpty( &connection->VcReceiveBufferListHead ) ) {
listEntry = RemoveHeadList( &connection->VcReceiveBufferListHead );
afdBuffer = CONTAINING_RECORD( listEntry, AFD_BUFFER_HEADER, BufferListEntry );
ASSERT (afdBuffer->RefCount == 1);
afdBuffer->ExpeditedData = FALSE;
AfdReturnBuffer( afdBuffer, connection->OwningProcess );
}
}
if ( connection->Endpoint != NULL ) {
//
// If there is a transmit file IRP on the endpoint, complete it.
//
if ( connection->ClosePendedTransmit ) {
AfdCompleteClosePendedTPackets( connection->Endpoint );
}
DEREFERENCE_ENDPOINT( connection->Endpoint );
connection->Endpoint = NULL;
}
}
VOID
AfdRefreshConnection (
PAFD_CONNECTION connection
)
{
PAFD_ENDPOINT listeningEndpoint;
ASSERT( connection->ReferenceCount == 0 );
ASSERT( connection->Type == AfdBlockTypeConnection );
ASSERT( connection->OnLRList == FALSE );
UPDATE_CONN( connection);
//
// Reference the listening endpoint so that it does not
// go away while we are cleaning up this connection object
// for reuse. Note that we actually have an implicit reference
// to the listening endpoint through the connection's endpoint
//
listeningEndpoint = connection->Endpoint->Common.VcConnecting.ListenEndpoint;
#if REFERENCE_DEBUG
{
BOOLEAN res;
CHECK_REFERENCE_ENDPOINT (listeningEndpoint, res);
ASSERT (res);
}
#else
REFERENCE_ENDPOINT( listeningEndpoint );
#endif
ASSERT( listeningEndpoint->Type == AfdBlockTypeVcListening ||
listeningEndpoint->Type == AfdBlockTypeVcBoth );
AfdFreeNPConnectionResources (connection);
//
// Reinitialize various fields in the connection object.
//
connection->ReferenceCount = 1;
ASSERT( connection->Type == AfdBlockTypeConnection );
connection->State = AfdConnectionStateFree;
connection->ConnectionStateFlags = 0;
connection->TdiBufferring = IS_TDI_BUFFERRING (listeningEndpoint);
if ( !connection->TdiBufferring ) {
ASSERT( IsListEmpty( &connection->VcReceiveIrpListHead ) );
ASSERT( IsListEmpty( &connection->VcSendIrpListHead ) );
ASSERT( IsListEmpty( &connection->VcReceiveBufferListHead ) );
connection->VcBufferredReceiveBytes = 0;
connection->VcBufferredExpeditedBytes = 0;
connection->VcBufferredReceiveCount = 0;
connection->VcBufferredExpeditedCount = 0;
connection->VcReceiveBytesInTransport = 0;
#if DBG
connection->VcReceiveIrpsInTransport = 0;
#endif
connection->VcBufferredSendBytes = 0;
connection->VcBufferredSendCount = 0;
} else {
connection->VcNonBlockingSendPossible = TRUE;
connection->VcZeroByteReceiveIndicated = FALSE;
}
if (IS_DELAYED_ACCEPTANCE_ENDPOINT (listeningEndpoint)) {
NTSTATUS status;
status = AfdDelayedAcceptListen (listeningEndpoint, connection);
if (NT_SUCCESS (status)) {
//
// Reduce the count of failed connection adds on the listening
// endpoint to account for this connection object which we're
// adding back onto the queue.
//
InterlockedDecrement(
&listeningEndpoint->Common.VcListening.FailedConnectionAdds
);
AfdRecordConnectionsReused ();
}
else {
DEREFERENCE_CONNECTION (connection);
}
}
else {
//
// Place the connection on the listening endpoint's list of
// available connections.
//
ASSERT (connection->Endpoint == NULL);
InterlockedPushEntrySList(
&listeningEndpoint->Common.VcListening.FreeConnectionListHead,
&connection->SListEntry);
//
// Reduce the count of failed connection adds on the listening
// endpoint to account for this connection object which we're
// adding back onto the queue.
//
InterlockedDecrement(
&listeningEndpoint->Common.VcListening.FailedConnectionAdds
);
AfdRecordConnectionsReused ();
}
//
// Get rid of the reference we added to the listening endpoint
// above.
//
DEREFERENCE_ENDPOINT( listeningEndpoint );
}
VOID
AfdFreeConnectionResources (
PAFD_CONNECTION connection
)
{
NTSTATUS status;
PAGED_CODE( );
ASSERT( connection->ReferenceCount == 0 );
ASSERT( connection->Type == AfdBlockTypeConnection );
ASSERT( connection->OnLRList == FALSE );
UPDATE_CONN( connection );
//
// Free and dereference the various objects on the connection.
// Close and dereference the TDI connection object on the endpoint,
// if any.
//
if ( connection->Handle != NULL ) {
//
// Disassociate this connection object from the address object.
//
status = AfdIssueDeviceControl(
connection->FileObject,
NULL,
0,
NULL,
0,
TDI_DISASSOCIATE_ADDRESS
);
// ASSERT( NT_SUCCESS(status) );
//
// Close the handle.
//
#if DBG
{
NTSTATUS status1;
OBJECT_HANDLE_FLAG_INFORMATION handleInfo;
handleInfo.Inherit = FALSE;
handleInfo.ProtectFromClose = FALSE;
status1 = ZwSetInformationObject (
connection->Handle,
ObjectHandleFlagInformation,
&handleInfo,
sizeof (handleInfo)
);
ASSERT (NT_SUCCESS (status1));
}
#endif
status = ZwClose( connection->Handle );
#if DBG
if (!NT_SUCCESS(status) ) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_ERROR_LEVEL,
"AfdFreeConnectionResources: ZwClose() failed (%lx)\n",
status));
ASSERT (FALSE);
}
#endif
AfdRecordConnClosed();
}
if ( connection->FileObject != NULL ) {
ObDereferenceObject( connection->FileObject );
connection->FileObject = NULL;
AfdRecordConnDeref();
}
//
// Free remaining buffers and return quota charges associated with them.
//
AfdFreeNPConnectionResources (connection);
//
// Return the quota we charged to this process when we allocated
// the connection object and buffered data on it.
//
PsReturnPoolQuota(
connection->OwningProcess,
NonPagedPool,
sizeof (AFD_CONNECTION)
);
AfdRecordQuotaHistory(
connection->OwningProcess,
-(LONG)sizeof (AFD_CONNECTION),
"ConnDealloc ",
connection
);
AfdRecordPoolQuotaReturned(
sizeof (AFD_CONNECTION)
);
//
// Dereference the process that got the quota charge.
//
ASSERT( connection->OwningProcess != NULL );
ObDereferenceObject( connection->OwningProcess );
connection->OwningProcess = NULL;
if ( connection->RemoteAddress != NULL ) {
AFD_RETURN_REMOTE_ADDRESS (
connection->RemoteAddress,
connection->RemoteAddressLength,
);
connection->RemoteAddress = NULL;
}
}
#if REFERENCE_DEBUG
VOID
AfdReferenceConnection (
IN PAFD_CONNECTION Connection,
IN LONG LocationId,
IN ULONG Param
)
{
LONG result;
ASSERT( Connection->Type == AfdBlockTypeConnection );
ASSERT( Connection->ReferenceCount > 0 );
ASSERT( Connection->ReferenceCount != 0xD1000000 );
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdReferenceConnection: connection %p, new refcnt %ld\n",
Connection, Connection->ReferenceCount+1 ));
}
//
// Do the actual increment of the reference count.
//
result = InterlockedIncrement( (PLONG)&Connection->ReferenceCount );
#if REFERENCE_DEBUG
AFD_UPDATE_REFERENCE_DEBUG(Connection, result, LocationId, Param)
#endif
} // AfdReferenceConnection
#endif
PAFD_CONNECTION
AfdGetConnectionReferenceFromEndpoint (
PAFD_ENDPOINT Endpoint
)
// Why do we need this routine?
// If VC endpoint is in connected state it maintains the referenced
// pointer to the connection object until it is closed (e.g. all references
// to the underlying file object are removed). So checking for connected
// state should be enough in any dispatch routine (or any routine called
// from the dispatch routine) because Irp that used to get to AFD maintains
// a reference to the corresponding file object.
// However, there exist a notable exception from this case: TransmitFile
// can remove the reference to the connection object in the process of endpoint
// reuse. So, to be 100% safe, it is better to use this routine in all cases.
{
AFD_LOCK_QUEUE_HANDLE lockHandle;
PAFD_CONNECTION connection;
AfdAcquireSpinLock (&Endpoint->SpinLock, &lockHandle);
connection = AFD_CONNECTION_FROM_ENDPOINT (Endpoint);
if (connection!=NULL) {
REFERENCE_CONNECTION (connection);
}
AfdReleaseSpinLock (&Endpoint->SpinLock, &lockHandle);
return connection;
}
#if REFERENCE_DEBUG
VOID
AfdDereferenceConnection (
IN PAFD_CONNECTION Connection,
IN LONG LocationId,
IN ULONG Param
)
{
LONG result;
PAFD_ENDPOINT listenEndpoint;
ASSERT( Connection->Type == AfdBlockTypeConnection );
ASSERT( Connection->ReferenceCount > 0 );
ASSERT( Connection->ReferenceCount != 0xD1000000 );
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdDereferenceConnection: connection %p, new refcnt %ld\n",
Connection, Connection->ReferenceCount-1 ));
}
//
// Note that if we're tracking refcnts, we *must* call
// AfdUpdateConnectionTrack before doing the dereference. This is
// because the connection object might go away in another thread as
// soon as we do the dereference. However, because of this,
// the refcnt we store with this may sometimes be incorrect.
//
AFD_UPDATE_REFERENCE_DEBUG(Connection, Connection->ReferenceCount-1, LocationId, Param);
//
// We must hold AfdSpinLock while doing the dereference and check
// for free. This is because some code makes the assumption that
// the connection structure will not go away while AfdSpinLock is
// held, and that code references the endpoint before releasing
// AfdSpinLock. If we did the InterlockedDecrement() without the
// lock held, our count may go to zero, that code may reference the
// connection, and then a double free might occur.
//
// There is no such code anymore. The endpoint spinlock is now
// held when getting a connection from endpoint structure.
// Other code uses InterlockedCompareExchange to never increment
// connection reference if it is at 0.
//
//
result = InterlockedDecrement( (PLONG)&Connection->ReferenceCount );
//
// If the reference count is now 0, free the connection in an
// executive worker thread.
//
if ( result == 0 ) {
#else
VOID
AfdCloseConnection (
IN PAFD_CONNECTION Connection
)
{
PAFD_ENDPOINT listenEndpoint;
#endif
if (Connection->Endpoint != NULL &&
!CONNECTION_REUSE_DISABLED &&
!Connection->Endpoint->EndpointCleanedUp &&
Connection->Endpoint->Type == AfdBlockTypeVcConnecting &&
(listenEndpoint=Connection->Endpoint->Common.VcConnecting.ListenEndpoint) != NULL &&
-listenEndpoint->Common.VcListening.FailedConnectionAdds <
listenEndpoint->Common.VcListening.MaxExtraConnections &&
(IS_DELAYED_ACCEPTANCE_ENDPOINT (listenEndpoint) ||
ExQueryDepthSList (
&listenEndpoint->Common.VcListening.FreeConnectionListHead)
< AFD_MAXIMUM_FREE_CONNECTIONS ) ) {
AfdRefreshConnection (Connection);
}
else {
InterlockedIncrement (&AfdConnectionsFreeing);
//
// We're going to do this by queueing a request to an executive
// worker thread. We do this for several reasons: to ensure
// that we're at IRQL 0 so we can free pageable memory, and to
// ensure that we're in a legitimate context for a close
// operation
//
AfdQueueWorkItem(
AfdFreeConnection,
&Connection->WorkItem
);
}
#if REFERENCE_DEBUG
}
} // AfdDereferenceConnection
#else
} // AfdCloseConnection
#endif
#if REFERENCE_DEBUG
BOOLEAN
AfdCheckAndReferenceConnection (
PAFD_CONNECTION Connection,
IN LONG LocationId,
IN ULONG Param
)
#else
BOOLEAN
AfdCheckAndReferenceConnection (
PAFD_CONNECTION Connection
)
#endif
{
LONG result;
do {
result = Connection->ReferenceCount;
if (result<=0) {
result = 0;
break;
}
}
while (InterlockedCompareExchange ((PLONG)&Connection->ReferenceCount,
(result+1),
result)!=result);
if (result>0) {
#if REFERENCE_DEBUG
AFD_UPDATE_REFERENCE_DEBUG(Connection, result+1, LocationId, Param);
#endif
ASSERT( result < 0xFFFF );
return TRUE;
}
else {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_ERROR_LEVEL,
"AfdCheckAndReferenceConnection: Connection %p is gone (refcount: %ld!\n",
Connection, result));
return FALSE;
}
}
PAFD_CONNECTION
AfdGetFreeConnection (
IN PAFD_ENDPOINT Endpoint,
OUT PIRP *Irp
)
/*++
Routine Description:
Takes a connection off of the endpoint's queue of listening
connections.
Arguments:
Endpoint - a pointer to the endpoint from which to get a connection.
Irp - place to return a super accept IRP if we have any
Return Value:
AFD_CONNECTION - a pointer to an AFD connection block.
--*/
{
PAFD_CONNECTION connection;
PSINGLE_LIST_ENTRY listEntry;
PIRP irp;
ASSERT( Endpoint->Type == AfdBlockTypeVcListening ||
Endpoint->Type == AfdBlockTypeVcBoth );
//
// First try pre-accepted connections
//
while ((listEntry = InterlockedPopEntrySList (
&Endpoint->Common.VcListening.PreacceptedConnectionsListHead
))!=NULL) {
//
// Find the connection pointer from the list entry and return a
// pointer to the connection object.
//
connection = CONTAINING_RECORD(
listEntry,
AFD_CONNECTION,
SListEntry
);
//
// Check if super accept Irp has not been cancelled
//
irp = InterlockedExchangePointer ((PVOID *)&connection->AcceptIrp, NULL);
if ((irp!=NULL) && (IoSetCancelRoutine (irp, NULL)!=NULL)) {
//
// Return the IRP to the caller along with the connection.
//
*Irp = irp;
goto ReturnConnection;
}
//
// Irp has been or is about to be cancelled
//
if (irp!=NULL) {
KIRQL cancelIrql;
//
// Cleanup and cancel the super accept IRP.
//
AfdCleanupSuperAccept (irp, STATUS_CANCELLED);
//
// The cancel routine won't find the IRP in the connection,
// so we need to cancel it ourselves. Just make sure that
// the cancel routine is done before doing so.
//
IoAcquireCancelSpinLock (&cancelIrql);
IoReleaseCancelSpinLock (cancelIrql);
IoCompleteRequest (irp, AfdPriorityBoost);
}
//
// This connection has already been diassociated from endpoint.
// If backlog is below the level we need, put it on the free
// list, otherwise, get rid of it.
//
ASSERT (connection->Endpoint==NULL);
if (Endpoint->Common.VcListening.FailedConnectionAdds>=0 &&
ExQueryDepthSList (&Endpoint->Common.VcListening.FreeConnectionListHead)<AFD_MAXIMUM_FREE_CONNECTIONS) {
InterlockedPushEntrySList (
&Endpoint->Common.VcListening.FreeConnectionListHead,
&connection->SListEntry);
}
else {
InterlockedIncrement (&Endpoint->Common.VcListening.FailedConnectionAdds);
DEREFERENCE_CONNECTION (connection);
}
}
//
// Remove the first entry from the list. If the list is empty,
// return NULL.
//
listEntry = InterlockedPopEntrySList (
&Endpoint->Common.VcListening.FreeConnectionListHead);
if (listEntry==NULL) {
return NULL;
}
//
// Find the connection pointer from the list entry and return a
// pointer to the connection object.
//
connection = CONTAINING_RECORD(
listEntry,
AFD_CONNECTION,
SListEntry
);
*Irp = NULL;
ReturnConnection:
//
// Assign unique non-zero sequence number (unique in the context
// of the given listening endpoint).
//
connection->Sequence = InterlockedIncrement (&Endpoint->Common.VcListening.Sequence);
if (connection->Sequence==0) {
connection->Sequence = InterlockedIncrement (&Endpoint->Common.VcListening.Sequence);
ASSERT (connection->Sequence!=0);
}
return connection;
} // AfdGetFreeConnection
PAFD_CONNECTION
AfdGetReturnedConnection (
IN PAFD_ENDPOINT Endpoint,
IN LONG Sequence
)
/*++
Routine Description:
Takes a connection off of the endpoint's queue of returned
connections.
*** NOTE: This routine must be called with endpoint spinlock held!!
Arguments:
Endpoint - a pointer to the endpoint from which to get a connection.
Sequence - the sequence the connection must match. If 0, the first returned
connection is used.
Return Value:
AFD_CONNECTION - a pointer to an AFD connection block.
--*/
{
PAFD_CONNECTION connection;
PLIST_ENTRY listEntry;
ASSERT( Endpoint->Type == AfdBlockTypeVcListening ||
Endpoint->Type == AfdBlockTypeVcBoth );
//
// Walk the endpoint's list of returned connections until we reach
// the end or until we find one with a matching sequence.
//
for ( listEntry = Endpoint->Common.VcListening.ReturnedConnectionListHead.Flink;
listEntry != &Endpoint->Common.VcListening.ReturnedConnectionListHead;
listEntry = listEntry->Flink ) {
connection = CONTAINING_RECORD(
listEntry,
AFD_CONNECTION,
ListEntry
);
if ( Sequence == connection->Sequence || Sequence == 0 ) {
//
// Found the connection we were looking for. Remove
// the connection from the list, release the spin lock,
// and return the connection.
//
RemoveEntryList( listEntry );
return connection;
}
}
return NULL;
} // AfdGetReturnedConnection
PAFD_CONNECTION
AfdFindReturnedConnection(
IN PAFD_ENDPOINT Endpoint,
IN LONG Sequence
)
/*++
Routine Description:
Scans the endpoints queue of returned connections looking for one
with the specified sequence number.
Arguments:
Endpoint - A pointer to the endpoint from which to get a connection.
Sequence - The sequence the connection must match.
Return Value:
AFD_CONNECTION - A pointer to an AFD connection block if successful,
NULL if not.
--*/
{
PAFD_CONNECTION connection;
PLIST_ENTRY listEntry;
ASSERT( Endpoint != NULL );
ASSERT( IS_AFD_ENDPOINT_TYPE( Endpoint ) );
//
// Walk the endpoint's list of returned connections until we reach
// the end or until we find one with a matching sequence.
//
for( listEntry = Endpoint->Common.VcListening.ReturnedConnectionListHead.Flink;
listEntry != &Endpoint->Common.VcListening.ReturnedConnectionListHead;
listEntry = listEntry->Flink ) {
connection = CONTAINING_RECORD(
listEntry,
AFD_CONNECTION,
ListEntry
);
if( Sequence == connection->Sequence ) {
return connection;
}
}
return NULL;
} // AfdFindReturnedConnection
PAFD_CONNECTION
AfdGetUnacceptedConnection (
IN PAFD_ENDPOINT Endpoint
)
/*++
Routine Description:
Takes a connection of the endpoint's queue of unaccpted connections.
*** NOTE: This routine must be called with endpoint spinlock held!!
Arguments:
Endpoint - a pointer to the endpoint from which to get a connection.
Return Value:
AFD_CONNECTION - a pointer to an AFD connection block.
--*/
{
PAFD_CONNECTION connection;
PLIST_ENTRY listEntry;
ASSERT( Endpoint->Type == AfdBlockTypeVcListening ||
Endpoint->Type == AfdBlockTypeVcBoth );
ASSERT( KeGetCurrentIrql( ) == DISPATCH_LEVEL );
if ( IsListEmpty( &Endpoint->Common.VcListening.UnacceptedConnectionListHead ) ) {
return NULL;
}
//
// Dequeue a listening connection and remember its handle.
//
listEntry = RemoveHeadList( &Endpoint->Common.VcListening.UnacceptedConnectionListHead );
connection = CONTAINING_RECORD( listEntry, AFD_CONNECTION, ListEntry );
return connection;
} // AfdGetUnacceptedConnection
VOID
AfdAddConnectedReference (
IN PAFD_CONNECTION Connection
)
/*++
Routine Description:
Adds the connected reference to an AFD connection block. The
connected reference is special because it prevents the connection
object from being freed until we receive a disconnect event, or know
through some other means that the virtual circuit is disconnected.
Arguments:
Connection - a pointer to an AFD connection block.
Return Value:
None.
--*/
{
AFD_LOCK_QUEUE_HANDLE lockHandle;
AfdAcquireSpinLock( &Connection->Endpoint->SpinLock, &lockHandle );
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdAddConnectedReference: connection %p, new refcnt %ld\n",
Connection, Connection->ReferenceCount+1 ));
}
ASSERT( !Connection->ConnectedReferenceAdded );
ASSERT( Connection->Type == AfdBlockTypeConnection );
//
// Increment the reference count and remember that the connected
// reference has been placed on the connection object.
//
Connection->ConnectedReferenceAdded = TRUE;
AfdRecordConnectedReferencesAdded();
AfdReleaseSpinLock( &Connection->Endpoint->SpinLock, &lockHandle );
REFERENCE_CONNECTION( Connection );
} // AfdAddConnectedReference
VOID
AfdDeleteConnectedReference (
IN PAFD_CONNECTION Connection,
IN BOOLEAN EndpointLockHeld
)
/*++
Routine Description:
Removes the connected reference to an AFD connection block. If the
connected reference has already been removed, this routine does
nothing. The connected reference should be removed as soon as we
know that it is OK to close the connection object handle, but not
before. Removing this reference too soon could abort a connection
which shouldn't get aborted.
Arguments:
Connection - a pointer to an AFD connection block.
EndpointLockHeld - TRUE if the caller already has the endpoint
spin lock. The lock remains held on exit.
Return Value:
None.
--*/
{
AFD_LOCK_QUEUE_HANDLE lockHandle;
PAFD_ENDPOINT endpoint;
#if REFERENCE_DEBUG
PVOID caller, callersCaller;
RtlGetCallersAddress( &caller, &callersCaller );
#endif
endpoint = Connection->Endpoint;
if ( !EndpointLockHeld ) {
AfdAcquireSpinLock( &endpoint->SpinLock, &lockHandle );
}
//
// Only do a dereference if the connected reference is still active
// on the connectiuon object.
//
if ( Connection->ConnectedReferenceAdded ) {
//
// Three things must be true before we can remove the connected
// reference:
//
// 1) There must be no sends outstanding on the connection if
// the TDI provider does not support bufferring. This is
// because AfdRestartBufferSend() looks at the connection
// object.
//
// 2) Cleanup must have started on the endpoint. Until we get a
// cleanup IRP on the endpoint, we could still get new sends.
//
// 3) We have been indicated with a disconnect on the
// connection. We want to keep the connection object around
// until we get a disconnect indication in order to avoid
// premature closes on the connection object resulting in an
// unintended abort. If the transport does not support
// orderly release, then this condition is not necessary.
//
if ( (Connection->TdiBufferring ||
Connection->VcBufferredSendCount == 0)
&&
Connection->CleanupBegun
&&
(Connection->AbortIndicated || Connection->DisconnectIndicated ||
!IS_TDI_ORDERLY_RELEASE(endpoint) ||
IS_CROOT_ENDPOINT(endpoint)) ) {
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdDeleteConnectedReference: connection %p, new refcnt %ld\n",
Connection, Connection->ReferenceCount-1 ));
}
//
// Be careful about the order of things here. We must FIRST
// reset the flag, then release the spin lock and call
// AfdDereferenceConnection(). Note that it is illegal to
// call AfdDereferenceConnection() with a spin lock held.
//
Connection->ConnectedReferenceAdded = FALSE;
AfdRecordConnectedReferencesDeleted();
if ( !EndpointLockHeld ) {
AfdReleaseSpinLock( &endpoint->SpinLock, &lockHandle );
}
DEREFERENCE_CONNECTION( Connection );
} else {
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdDeleteConnectedReference: connection %p, %ld sends pending\n",
Connection, Connection->VcBufferredSendCount ));
}
UPDATE_CONN2( Connection, "Not removing cref, state flags: %lx",
Connection->ConnectionStateFlags);
//
// Remember that the connected reference deletion is still
// pending, i.e. there is a special condition on the
// endpoint. This will cause AfdRestartBufferSend() to do
// the actual dereference when the last send completes.
//
Connection->SpecialCondition = TRUE;
if ( !EndpointLockHeld ) {
AfdReleaseSpinLock( &endpoint->SpinLock, &lockHandle );
}
}
} else {
IF_DEBUG(CONNECTION) {
KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
"AfdDeleteConnectedReference: already removed on connection %p, refcnt %ld\n",
Connection, Connection->ReferenceCount ));
}
if ( !EndpointLockHeld ) {
AfdReleaseSpinLock( &endpoint->SpinLock, &lockHandle );
}
}
return;
} // AfdDeleteConnectedReference
#if REFERENCE_DEBUG
VOID
AfdUpdateConnectionTrack (
IN PAFD_CONNECTION Connection,
IN LONG LocationId,
IN ULONG Param
)
{
AFD_UPDATE_REFERENCE_DEBUG (Connection, Connection->ReferenceCount, LocationId, Param);
#if GLOBAL_REFERENCE_DEBUG
{
PAFD_GLOBAL_REFERENCE_DEBUG globalSlot;
newSlot = InterlockedIncrement( &AfdGlobalReferenceSlot );
globalSlot = &AfdGlobalReference[newSlot % MAX_GLOBAL_REFERENCE];
globalSlot->Info1 = Info1;
globalSlot->Info2 = Info2;
globalSlot->Action = Action;
globalSlot->NewCount = NewReferenceCount;
globalSlot->Connection = Connection;
KeQueryTickCount( &globalSlot->TickCounter );
}
#endif
} // AfdUpdateConnectionTrack
#endif