mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
548 lines
16 KiB
548 lines
16 KiB
/*++
|
|
|
|
Copyright (c) 1989 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
dllinit.c
|
|
|
|
Abstract:
|
|
|
|
This module contains the initialization code for the Client-Server (CS)
|
|
Client DLL.
|
|
|
|
Author:
|
|
|
|
Steve Wood (stevewo) 8-Oct-1990
|
|
|
|
Environment:
|
|
|
|
User Mode only
|
|
|
|
Revision History:
|
|
|
|
--*/
|
|
|
|
#include "csrdll.h"
|
|
#include "ldrp.h"
|
|
|
|
BOOLEAN
|
|
CsrDllInitialize(
|
|
IN PVOID DllHandle,
|
|
IN ULONG Reason,
|
|
IN PCONTEXT Context OPTIONAL
|
|
)
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This function is the DLL initialization routine for the Client DLL
|
|
This function gets control when the application links to this DLL
|
|
are snapped.
|
|
|
|
Arguments:
|
|
|
|
Context - Supplies an optional context buffer that will be restore
|
|
after all DLL initialization has been completed. If this
|
|
parameter is NULL then this is a dynamic snap of this module.
|
|
Otherwise this is a static snap prior to the user process
|
|
gaining control.
|
|
|
|
Return Value:
|
|
|
|
Status value.
|
|
|
|
--*/
|
|
|
|
{
|
|
Context;
|
|
|
|
if (Reason != DLL_PROCESS_ATTACH) {
|
|
return( TRUE );
|
|
}
|
|
|
|
//
|
|
// Remember our DLL handle in a global variable.
|
|
//
|
|
|
|
CsrDllHandle = DllHandle;
|
|
|
|
return( TRUE );
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
CsrOneTimeInitialize( VOID )
|
|
{
|
|
NTSTATUS Status;
|
|
|
|
//
|
|
// Save away system information in a global variable
|
|
//
|
|
|
|
Status = NtQuerySystemInformation( SystemBasicInformation,
|
|
&CsrNtSysInfo,
|
|
sizeof( CsrNtSysInfo ),
|
|
NULL
|
|
);
|
|
if (!NT_SUCCESS( Status )) {
|
|
return( Status );
|
|
}
|
|
|
|
//
|
|
// Use the process heap for memory allocation.
|
|
//
|
|
|
|
CsrHeap = RtlProcessHeap();
|
|
|
|
CsrInitOnceDone = TRUE;
|
|
|
|
return( STATUS_SUCCESS );
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
CsrClientConnectToServer(
|
|
IN PWSTR ObjectDirectory,
|
|
IN ULONG ServerDllIndex,
|
|
IN PVOID ConnectionInformation,
|
|
IN OUT PULONG ConnectionInformationLength OPTIONAL,
|
|
OUT PBOOLEAN CalledFromServer OPTIONAL
|
|
)
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This function is called by the client side DLL to connect with its
|
|
server side DLL.
|
|
|
|
Arguments:
|
|
|
|
ObjectDirectory - Points to a null terminate string that is the same
|
|
as the value of the ObjectDirectory= argument passed to the CSRSS
|
|
program.
|
|
|
|
ServerDllIndex - Index of the server DLL that is being connected to.
|
|
It should match one of the ServerDll= arguments passed to the CSRSS
|
|
program.
|
|
|
|
ConnectionInformation - An optional pointer to uninterpreted data.
|
|
This data is intended for clients to pass package, version and
|
|
protocol identification information to the server to allow the
|
|
server to determine if it can satisify the client before
|
|
accepting the connection. Upon return to the client, the
|
|
ConnectionInformation data block contains any information passed
|
|
back from the server DLL by its call to the
|
|
CsrCompleteConnection call. The output data overwrites the
|
|
input data.
|
|
|
|
ConnectionInformationLength - Pointer to the length of the
|
|
ConnectionInformation data block. The output value is the
|
|
length of the data stored in the ConnectionInformation data
|
|
block by the server's call to the NtCompleteConnectPort
|
|
service. This parameter is OPTIONAL only if the
|
|
ConnectionInformation parameter is NULL, otherwise it is
|
|
required.
|
|
|
|
CalledFromServer - On output, TRUE if the dll has been called from
|
|
a server process.
|
|
|
|
Return Value:
|
|
|
|
Status value.
|
|
|
|
--*/
|
|
|
|
{
|
|
NTSTATUS Status;
|
|
CSR_API_MSG m;
|
|
PCSR_CLIENTCONNECT_MSG a = &m.u.ClientConnect;
|
|
PCSR_CAPTURE_HEADER CaptureBuffer;
|
|
HANDLE CsrServerModuleHandle;
|
|
STRING ProcedureName;
|
|
ANSI_STRING DllName;
|
|
UNICODE_STRING DllName_U;
|
|
PIMAGE_NT_HEADERS NtHeaders;
|
|
|
|
if (ARGUMENT_PRESENT( ConnectionInformation ) &&
|
|
(!ARGUMENT_PRESENT( ConnectionInformationLength ) ||
|
|
*ConnectionInformationLength == 0
|
|
)
|
|
) {
|
|
return( STATUS_INVALID_PARAMETER );
|
|
}
|
|
|
|
if (!CsrInitOnceDone) {
|
|
Status = CsrOneTimeInitialize();
|
|
if (!NT_SUCCESS( Status )) {
|
|
return( Status );
|
|
}
|
|
}
|
|
|
|
//
|
|
// if we are being called by a server process, skip lpc port initialization
|
|
// and call to server connect routine and just initialize heap. the
|
|
// dll initialization routine will do any necessary initialization. this
|
|
// stuff only needs to be done for the first connect.
|
|
//
|
|
|
|
if ( CsrServerProcess == TRUE ) {
|
|
*CalledFromServer = CsrServerProcess;
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
//
|
|
// If the image is an NT Native image, we are running in the
|
|
// context of the server.
|
|
//
|
|
|
|
NtHeaders = RtlImageNtHeader(NtCurrentPeb()->ImageBaseAddress);
|
|
if (! NtHeaders) {
|
|
return STATUS_INVALID_IMAGE_FORMAT;
|
|
}
|
|
CsrServerProcess =
|
|
(NtHeaders->OptionalHeader.Subsystem == IMAGE_SUBSYSTEM_NATIVE) ? TRUE : FALSE;
|
|
|
|
if ( CsrServerProcess ) {
|
|
extern PVOID NtDllBase;
|
|
RtlInitAnsiString( &DllName, "csrsrv" );
|
|
Status = RtlAnsiStringToUnicodeString(&DllName_U, &DllName, TRUE);
|
|
ASSERT(NT_SUCCESS(Status));
|
|
|
|
LdrDisableThreadCalloutsForDll(NtDllBase);
|
|
|
|
Status = LdrGetDllHandle(
|
|
UNICODE_NULL,
|
|
NULL,
|
|
&DllName_U,
|
|
(PVOID *)&CsrServerModuleHandle
|
|
);
|
|
|
|
RtlFreeUnicodeString(&DllName_U);
|
|
|
|
CsrServerProcess = TRUE;
|
|
|
|
RtlInitString(&ProcedureName,"CsrCallServerFromServer");
|
|
Status = LdrGetProcedureAddress(
|
|
CsrServerModuleHandle,
|
|
&ProcedureName,
|
|
0L,
|
|
(PVOID *)&CsrServerApiRoutine
|
|
);
|
|
ASSERT(NT_SUCCESS(Status));
|
|
|
|
ASSERT (CsrPortHeap==NULL);
|
|
CsrPortHeap = RtlProcessHeap();
|
|
|
|
CsrPortBaseTag = RtlCreateTagHeap( CsrPortHeap,
|
|
0,
|
|
L"CSRPORT!",
|
|
L"CAPTURE\0"
|
|
);
|
|
|
|
if (ARGUMENT_PRESENT(CalledFromServer)) {
|
|
*CalledFromServer = CsrServerProcess;
|
|
}
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
if ( ARGUMENT_PRESENT(ConnectionInformation) ) {
|
|
CsrServerProcess = FALSE;
|
|
if (CsrPortHandle == NULL) {
|
|
Status = CsrpConnectToServer( ObjectDirectory );
|
|
if (!NT_SUCCESS( Status )) {
|
|
return( Status );
|
|
}
|
|
}
|
|
|
|
a->ServerDllIndex = ServerDllIndex;
|
|
a->ConnectionInformationLength = *ConnectionInformationLength;
|
|
if (ARGUMENT_PRESENT( ConnectionInformation )) {
|
|
CaptureBuffer = CsrAllocateCaptureBuffer( 1,
|
|
a->ConnectionInformationLength
|
|
);
|
|
if (CaptureBuffer == NULL) {
|
|
return( STATUS_NO_MEMORY );
|
|
}
|
|
|
|
CsrAllocateMessagePointer( CaptureBuffer,
|
|
a->ConnectionInformationLength,
|
|
(PVOID *)&a->ConnectionInformation
|
|
);
|
|
RtlMoveMemory( a->ConnectionInformation,
|
|
ConnectionInformation,
|
|
a->ConnectionInformationLength
|
|
);
|
|
|
|
*ConnectionInformationLength = a->ConnectionInformationLength;
|
|
}
|
|
else {
|
|
CaptureBuffer = NULL;
|
|
}
|
|
|
|
Status = CsrClientCallServer( &m,
|
|
CaptureBuffer,
|
|
CSR_MAKE_API_NUMBER( CSRSRV_SERVERDLL_INDEX,
|
|
CsrpClientConnect
|
|
),
|
|
sizeof( *a )
|
|
);
|
|
|
|
if (CaptureBuffer != NULL) {
|
|
if (ARGUMENT_PRESENT( ConnectionInformation )) {
|
|
RtlMoveMemory( ConnectionInformation,
|
|
a->ConnectionInformation,
|
|
*ConnectionInformationLength
|
|
);
|
|
}
|
|
|
|
CsrFreeCaptureBuffer( CaptureBuffer );
|
|
}
|
|
}
|
|
else {
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
|
|
if (ARGUMENT_PRESENT(CalledFromServer)) {
|
|
*CalledFromServer = CsrServerProcess;
|
|
}
|
|
return( Status );
|
|
}
|
|
|
|
BOOLEAN
|
|
xProtectHandle(
|
|
HANDLE hObject
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
OBJECT_HANDLE_FLAG_INFORMATION HandleInfo;
|
|
|
|
Status = NtQueryObject( hObject,
|
|
ObjectHandleFlagInformation,
|
|
&HandleInfo,
|
|
sizeof( HandleInfo ),
|
|
NULL
|
|
);
|
|
if (NT_SUCCESS( Status )) {
|
|
HandleInfo.ProtectFromClose = TRUE;
|
|
|
|
Status = NtSetInformationObject( hObject,
|
|
ObjectHandleFlagInformation,
|
|
&HandleInfo,
|
|
sizeof( HandleInfo )
|
|
);
|
|
if (NT_SUCCESS( Status )) {
|
|
return TRUE;
|
|
}
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
BOOLEAN
|
|
xUnProtectHandle(
|
|
HANDLE hObject
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
OBJECT_HANDLE_FLAG_INFORMATION HandleInfo;
|
|
|
|
Status = NtQueryObject( hObject,
|
|
ObjectHandleFlagInformation,
|
|
&HandleInfo,
|
|
sizeof( HandleInfo ),
|
|
NULL
|
|
);
|
|
if (NT_SUCCESS( Status )) {
|
|
HandleInfo.ProtectFromClose = FALSE;
|
|
|
|
Status = NtSetInformationObject( hObject,
|
|
ObjectHandleFlagInformation,
|
|
&HandleInfo,
|
|
sizeof( HandleInfo )
|
|
);
|
|
if (NT_SUCCESS( Status )) {
|
|
return TRUE;
|
|
}
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
NTSTATUS
|
|
CsrpConnectToServer(
|
|
IN PWSTR ObjectDirectory
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
REMOTE_PORT_VIEW ServerView;
|
|
ULONG MaxMessageLength;
|
|
ULONG ConnectionInformationLength;
|
|
CSR_API_CONNECTINFO ConnectionInformation;
|
|
SECURITY_QUALITY_OF_SERVICE DynamicQos;
|
|
HANDLE PortSection;
|
|
PORT_VIEW ClientView;
|
|
ULONG n;
|
|
LARGE_INTEGER SectionSize;
|
|
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
|
|
PSID SystemSid;
|
|
|
|
//
|
|
// Create the port name string by combining the passed in object directory
|
|
// name with the port name.
|
|
//
|
|
|
|
n = ((wcslen( ObjectDirectory ) + 1) * sizeof( WCHAR )) +
|
|
sizeof( CSR_API_PORT_NAME );
|
|
CsrPortName.Length = 0;
|
|
CsrPortName.MaximumLength = (USHORT)n;
|
|
CsrPortName.Buffer = RtlAllocateHeap( CsrHeap, MAKE_TAG( CSR_TAG ), n );
|
|
if (CsrPortName.Buffer == NULL) {
|
|
return( STATUS_NO_MEMORY );
|
|
}
|
|
RtlAppendUnicodeToString( &CsrPortName, ObjectDirectory );
|
|
RtlAppendUnicodeToString( &CsrPortName, L"\\" );
|
|
RtlAppendUnicodeToString( &CsrPortName, CSR_API_PORT_NAME );
|
|
|
|
//
|
|
// Set up the security quality of service parameters to use over the
|
|
// port. Use the most efficient (least overhead) - which is dynamic
|
|
// rather than static tracking.
|
|
//
|
|
|
|
DynamicQos.ImpersonationLevel = SecurityImpersonation;
|
|
DynamicQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
|
|
DynamicQos.EffectiveOnly = TRUE;
|
|
|
|
|
|
//
|
|
// Create a section to contain the Port Memory. Port Memory is private
|
|
// memory that is shared between the client and server processes.
|
|
// This allows data that is too large to fit into an API request message
|
|
// to be passed to the server.
|
|
//
|
|
|
|
SectionSize.LowPart = CSR_PORT_MEMORY_SIZE;
|
|
SectionSize.HighPart = 0;
|
|
|
|
Status = NtCreateSection( &PortSection,
|
|
SECTION_ALL_ACCESS,
|
|
NULL,
|
|
&SectionSize,
|
|
PAGE_READWRITE,
|
|
SEC_RESERVE,
|
|
NULL
|
|
);
|
|
if (!NT_SUCCESS( Status )) {
|
|
return( Status );
|
|
}
|
|
|
|
//
|
|
// Connect to the server. This includes a description of the Port Memory
|
|
// section so that the LPC connection logic can make the section visible
|
|
// to both the client and server processes. Also pass information the
|
|
// server needs in the connection information structure.
|
|
//
|
|
|
|
ClientView.Length = sizeof( ClientView );
|
|
ClientView.SectionHandle = PortSection;
|
|
ClientView.SectionOffset = 0;
|
|
ClientView.ViewSize = SectionSize.LowPart;
|
|
ClientView.ViewBase = 0;
|
|
ClientView.ViewRemoteBase = 0;
|
|
|
|
ServerView.Length = sizeof( ServerView );
|
|
ServerView.ViewSize = 0;
|
|
ServerView.ViewBase = 0;
|
|
|
|
ConnectionInformationLength = sizeof( ConnectionInformation );
|
|
ConnectionInformation.ExpectedVersion = CSR_VERSION;
|
|
|
|
SystemSid = NULL;
|
|
Status = RtlAllocateAndInitializeSid( &NtAuthority,
|
|
1,
|
|
SECURITY_LOCAL_SYSTEM_RID,
|
|
0, 0, 0, 0, 0, 0, 0,
|
|
&SystemSid
|
|
);
|
|
if (!NT_SUCCESS( Status )) {
|
|
return( Status );
|
|
}
|
|
Status = NtSecureConnectPort( &CsrPortHandle,
|
|
&CsrPortName,
|
|
&DynamicQos,
|
|
&ClientView,
|
|
SystemSid,
|
|
&ServerView,
|
|
(PULONG)&MaxMessageLength,
|
|
(PVOID)&ConnectionInformation,
|
|
(PULONG)&ConnectionInformationLength
|
|
);
|
|
RtlFreeSid( SystemSid );
|
|
NtClose( PortSection );
|
|
if (!NT_SUCCESS( Status )) {
|
|
IF_DEBUG {
|
|
DbgPrint( "CSRDLL: Unable to connect to %wZ Server - Status == %X\n",
|
|
&CsrPortName,
|
|
Status
|
|
);
|
|
}
|
|
|
|
return( Status );
|
|
}
|
|
xProtectHandle(CsrPortHandle);
|
|
|
|
NtCurrentPeb()->ReadOnlySharedMemoryBase = ConnectionInformation.SharedSectionBase;
|
|
NtCurrentPeb()->ReadOnlySharedMemoryHeap = ConnectionInformation.SharedSectionHeap;
|
|
NtCurrentPeb()->ReadOnlyStaticServerData = (PVOID *)ConnectionInformation.SharedStaticServerData;
|
|
CsrProcessId = ConnectionInformation.ServerProcessId;
|
|
|
|
#if DBG
|
|
CsrDebug = ConnectionInformation.DebugFlags;
|
|
#endif
|
|
CsrObjectDirectory = ConnectionInformation.ObjectDirectory;
|
|
|
|
CsrPortMemoryRemoteDelta = (ULONG_PTR)ClientView.ViewRemoteBase -
|
|
(ULONG_PTR)ClientView.ViewBase;
|
|
|
|
IF_CSR_DEBUG( LPC ) {
|
|
DbgPrint( "CSRDLL: ClientView: Base=%p RemoteBase=%p Delta: %lX Size=%lX\n",
|
|
ClientView.ViewBase,
|
|
ClientView.ViewRemoteBase,
|
|
CsrPortMemoryRemoteDelta,
|
|
(ULONG)ClientView.ViewSize
|
|
);
|
|
}
|
|
|
|
//
|
|
// Create a sparse heap in the share memory section. Initially
|
|
// commit just one page.
|
|
//
|
|
|
|
CsrPortHeap = RtlCreateHeap( HEAP_CLASS_8, // Flags
|
|
ClientView.ViewBase, // HeapBase
|
|
ClientView.ViewSize, // ReserveSize
|
|
CsrNtSysInfo.PageSize, // CommitSize
|
|
0, // Reserved
|
|
0 // GrowthThreshold
|
|
);
|
|
if (CsrPortHeap == NULL) {
|
|
xUnProtectHandle(CsrPortHandle);
|
|
|
|
NtClose( CsrPortHandle );
|
|
CsrPortHandle = NULL;
|
|
|
|
return( STATUS_NO_MEMORY );
|
|
}
|
|
|
|
CsrPortBaseTag = RtlCreateTagHeap( CsrPortHeap,
|
|
0,
|
|
L"CSRPORT!",
|
|
L"!CSRPORT\0"
|
|
L"CAPTURE\0"
|
|
);
|
|
|
|
return( STATUS_SUCCESS );
|
|
}
|