2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: drivers/net/afd/afd/lock.c
5 * PURPOSE: Ancillary functions driver
6 * PROGRAMMER: Art Yerkes (ayerkes@speakeasy.net)
12 PVOID
GetLockedData(PIRP Irp
, PIO_STACK_LOCATION IrpSp
)
14 ASSERT(Irp
->MdlAddress
);
15 ASSERT(Irp
->Tail
.Overlay
.DriverContext
[0]);
17 return Irp
->Tail
.Overlay
.DriverContext
[0];
20 /* Lock a method_neither request so it'll be available from DISPATCH_LEVEL */
21 PVOID
LockRequest( PIRP Irp
,
22 PIO_STACK_LOCATION IrpSp
,
24 KPROCESSOR_MODE
*LockMode
) {
25 BOOLEAN LockFailed
= FALSE
;
27 ASSERT(!Irp
->MdlAddress
);
29 switch (IrpSp
->MajorFunction
)
31 case IRP_MJ_DEVICE_CONTROL
:
32 case IRP_MJ_INTERNAL_DEVICE_CONTROL
:
33 ASSERT(IrpSp
->Parameters
.DeviceIoControl
.Type3InputBuffer
);
34 ASSERT(IrpSp
->Parameters
.DeviceIoControl
.InputBufferLength
);
38 IoAllocateMdl( IrpSp
->Parameters
.DeviceIoControl
.Type3InputBuffer
,
39 IrpSp
->Parameters
.DeviceIoControl
.InputBufferLength
,
43 if( Irp
->MdlAddress
) {
45 MmProbeAndLockPages( Irp
->MdlAddress
, Irp
->RequestorMode
, IoModifyAccess
);
46 } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
) {
51 AFD_DbgPrint(MIN_TRACE
,("Failed to lock pages\n"));
52 IoFreeMdl( Irp
->MdlAddress
);
53 Irp
->MdlAddress
= NULL
;
57 /* The mapped address goes in index 1 */
58 Irp
->Tail
.Overlay
.DriverContext
[1] = MmGetSystemAddressForMdlSafe(Irp
->MdlAddress
, NormalPagePriority
);
59 if (!Irp
->Tail
.Overlay
.DriverContext
[1])
61 AFD_DbgPrint(MIN_TRACE
,("Failed to get mapped address\n"));
62 MmUnlockPages(Irp
->MdlAddress
);
63 IoFreeMdl( Irp
->MdlAddress
);
64 Irp
->MdlAddress
= NULL
;
68 /* The allocated address goes in index 0 */
69 Irp
->Tail
.Overlay
.DriverContext
[0] = ExAllocatePool(NonPagedPool
, MmGetMdlByteCount(Irp
->MdlAddress
));
70 if (!Irp
->Tail
.Overlay
.DriverContext
[0])
72 AFD_DbgPrint(MIN_TRACE
,("Failed to allocate memory\n"));
73 MmUnlockPages(Irp
->MdlAddress
);
74 IoFreeMdl( Irp
->MdlAddress
);
75 Irp
->MdlAddress
= NULL
;
79 RtlCopyMemory(Irp
->Tail
.Overlay
.DriverContext
[0],
80 Irp
->Tail
.Overlay
.DriverContext
[1],
81 MmGetMdlByteCount(Irp
->MdlAddress
));
83 /* If we don't want a copy back, we zero the mapped address pointer */
86 Irp
->Tail
.Overlay
.DriverContext
[1] = NULL
;
89 /* We're using a user-mode buffer directly */
100 ASSERT(Irp
->UserBuffer
);
103 IoAllocateMdl(Irp
->UserBuffer
,
104 (IrpSp
->MajorFunction
== IRP_MJ_READ
) ?
105 IrpSp
->Parameters
.Read
.Length
: IrpSp
->Parameters
.Write
.Length
,
109 if( Irp
->MdlAddress
) {
110 PAFD_RECV_INFO AfdInfo
;
113 MmProbeAndLockPages( Irp
->MdlAddress
, Irp
->RequestorMode
, IoModifyAccess
);
114 } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
) {
119 AFD_DbgPrint(MIN_TRACE
,("Failed to lock pages\n"));
120 IoFreeMdl( Irp
->MdlAddress
);
121 Irp
->MdlAddress
= NULL
;
125 /* We need to create the info struct that AFD expects for all send/recv requests */
126 AfdInfo
= ExAllocatePool(NonPagedPool
, sizeof(AFD_RECV_INFO
) + sizeof(AFD_WSABUF
));
129 AFD_DbgPrint(MIN_TRACE
,("Failed to allocate memory\n"));
130 MmUnlockPages(Irp
->MdlAddress
);
131 IoFreeMdl( Irp
->MdlAddress
);
132 Irp
->MdlAddress
= NULL
;
136 /* We'll append the buffer array to this struct */
137 AfdInfo
->BufferArray
= (PAFD_WSABUF
)(AfdInfo
+ 1);
138 AfdInfo
->BufferCount
= 1;
140 /* Setup the default flags values */
141 AfdInfo
->AfdFlags
= 0;
142 AfdInfo
->TdiFlags
= 0;
144 /* Now build the buffer array */
145 AfdInfo
->BufferArray
[0].buf
= MmGetSystemAddressForMdl(Irp
->MdlAddress
);
146 AfdInfo
->BufferArray
[0].len
= MmGetMdlByteCount(Irp
->MdlAddress
);
148 /* Store the struct where AFD expects */
149 Irp
->Tail
.Overlay
.DriverContext
[0] = AfdInfo
;
151 /* Don't copy anything out */
152 Irp
->Tail
.Overlay
.DriverContext
[1] = NULL
;
154 /* We're using a placeholder buffer that we allocated */
155 if (LockMode
!= NULL
)
157 *LockMode
= KernelMode
;
168 return GetLockedData(Irp
, IrpSp
);
171 VOID
UnlockRequest( PIRP Irp
, PIO_STACK_LOCATION IrpSp
)
173 ASSERT(Irp
->MdlAddress
);
174 ASSERT(Irp
->Tail
.Overlay
.DriverContext
[0]);
176 /* Check if we need to copy stuff back */
177 if (Irp
->Tail
.Overlay
.DriverContext
[1] != NULL
)
179 RtlCopyMemory(Irp
->Tail
.Overlay
.DriverContext
[1],
180 Irp
->Tail
.Overlay
.DriverContext
[0],
181 MmGetMdlByteCount(Irp
->MdlAddress
));
184 ExFreePool(Irp
->Tail
.Overlay
.DriverContext
[0]);
185 MmUnlockPages( Irp
->MdlAddress
);
186 IoFreeMdl( Irp
->MdlAddress
);
187 Irp
->MdlAddress
= NULL
;
190 /* Note: We add an extra buffer if LockAddress is true. This allows us to
191 * treat the address buffer as an ordinary client buffer. It's only used
194 PAFD_WSABUF
LockBuffers( PAFD_WSABUF Buf
, UINT Count
,
195 PVOID AddressBuf
, PINT AddressLen
,
196 BOOLEAN Write
, BOOLEAN LockAddress
,
197 KPROCESSOR_MODE LockMode
) {
199 /* Copy the buffer array so we don't lose it */
200 UINT Lock
= LockAddress
? 2 : 0;
201 UINT Size
= (sizeof(AFD_WSABUF
) + sizeof(AFD_MAPBUF
)) * (Count
+ Lock
);
202 PAFD_WSABUF NewBuf
= ExAllocatePool( PagedPool
, Size
);
203 BOOLEAN LockFailed
= FALSE
;
206 AFD_DbgPrint(MID_TRACE
,("Called(%08x)\n", NewBuf
));
209 RtlZeroMemory(NewBuf
, Size
);
211 MapBuf
= (PAFD_MAPBUF
)(NewBuf
+ Count
+ Lock
);
214 RtlCopyMemory( NewBuf
, Buf
, sizeof(AFD_WSABUF
) * Count
);
216 if (AddressBuf
&& AddressLen
) {
217 NewBuf
[Count
].buf
= AddressBuf
;
218 NewBuf
[Count
].len
= *AddressLen
;
219 NewBuf
[Count
+ 1].buf
= (PVOID
)AddressLen
;
220 NewBuf
[Count
+ 1].len
= sizeof(*AddressLen
);
224 } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
) {
225 AFD_DbgPrint(MIN_TRACE
,("Access violation copying buffer info "
226 "from userland (%x %x)\n",
228 ExFreePool( NewBuf
);
229 _SEH2_YIELD(return NULL
);
232 for( i
= 0; i
< Count
; i
++ ) {
233 AFD_DbgPrint(MID_TRACE
,("Locking buffer %d (%x:%d)\n",
234 i
, NewBuf
[i
].buf
, NewBuf
[i
].len
));
236 if( NewBuf
[i
].buf
&& NewBuf
[i
].len
) {
237 MapBuf
[i
].Mdl
= IoAllocateMdl( NewBuf
[i
].buf
,
243 MapBuf
[i
].Mdl
= NULL
;
247 AFD_DbgPrint(MID_TRACE
,("NewMdl @ %x\n", MapBuf
[i
].Mdl
));
249 if( MapBuf
[i
].Mdl
) {
250 AFD_DbgPrint(MID_TRACE
,("Probe and lock pages\n"));
252 MmProbeAndLockPages( MapBuf
[i
].Mdl
, LockMode
,
253 Write
? IoModifyAccess
: IoReadAccess
);
254 } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
) {
257 AFD_DbgPrint(MID_TRACE
,("MmProbeAndLock finished\n"));
260 AFD_DbgPrint(MIN_TRACE
,("Failed to lock pages\n"));
261 IoFreeMdl( MapBuf
[i
].Mdl
);
262 MapBuf
[i
].Mdl
= NULL
;
263 ExFreePool( NewBuf
);
267 ExFreePool( NewBuf
);
273 AFD_DbgPrint(MID_TRACE
,("Leaving %x\n", NewBuf
));
278 VOID
UnlockBuffers( PAFD_WSABUF Buf
, UINT Count
, BOOL Address
) {
279 UINT Lock
= Address
? 2 : 0;
280 PAFD_MAPBUF Map
= (PAFD_MAPBUF
)(Buf
+ Count
+ Lock
);
285 for( i
= 0; i
< Count
+ Lock
; i
++ ) {
287 MmUnlockPages( Map
[i
].Mdl
);
288 IoFreeMdl( Map
[i
].Mdl
);
297 /* Produce a kernel-land handle array with handles replaced by object
298 * pointers. This will allow the system to do proper alerting */
299 PAFD_HANDLE
LockHandles( PAFD_HANDLE HandleArray
, UINT HandleCount
) {
301 NTSTATUS Status
= STATUS_SUCCESS
;
303 PAFD_HANDLE FileObjects
= ExAllocatePool
304 ( NonPagedPool
, HandleCount
* sizeof(AFD_HANDLE
) );
306 for( i
= 0; FileObjects
&& i
< HandleCount
; i
++ ) {
307 FileObjects
[i
].Status
= 0;
308 FileObjects
[i
].Events
= HandleArray
[i
].Events
;
309 FileObjects
[i
].Handle
= 0;
310 if( !HandleArray
[i
].Handle
) continue;
311 if( NT_SUCCESS(Status
) ) {
312 Status
= ObReferenceObjectByHandle
313 ( (PVOID
)HandleArray
[i
].Handle
,
317 (PVOID
*)&FileObjects
[i
].Handle
,
321 if( !NT_SUCCESS(Status
) )
323 AFD_DbgPrint(MIN_TRACE
,("Failed to reference handles (0x%x)\n", Status
));
324 FileObjects
[i
].Handle
= 0;
328 if( !NT_SUCCESS(Status
) ) {
329 UnlockHandles( FileObjects
, HandleCount
);
336 VOID
UnlockHandles( PAFD_HANDLE HandleArray
, UINT HandleCount
) {
339 for( i
= 0; i
< HandleCount
; i
++ ) {
340 if( HandleArray
[i
].Handle
)
341 ObDereferenceObject( (PVOID
)HandleArray
[i
].Handle
);
344 ExFreePool( HandleArray
);
348 BOOLEAN
SocketAcquireStateLock( PAFD_FCB FCB
) {
349 if( !FCB
) return FALSE
;
351 return !KeWaitForMutexObject(&FCB
->Mutex
,
358 VOID
SocketStateUnlock( PAFD_FCB FCB
) {
359 KeReleaseMutex(&FCB
->Mutex
, FALSE
);
362 NTSTATUS NTAPI UnlockAndMaybeComplete
363 ( PAFD_FCB FCB
, NTSTATUS Status
, PIRP Irp
,
365 Irp
->IoStatus
.Status
= Status
;
366 Irp
->IoStatus
.Information
= Information
;
367 if ( Irp
->MdlAddress
) UnlockRequest( Irp
, IoGetCurrentIrpStackLocation( Irp
) );
368 (void)IoSetCancelRoutine(Irp
, NULL
);
369 SocketStateUnlock( FCB
);
370 IoCompleteRequest( Irp
, IO_NETWORK_INCREMENT
);
375 NTSTATUS
LostSocket( PIRP Irp
) {
376 NTSTATUS Status
= STATUS_FILE_CLOSED
;
377 AFD_DbgPrint(MIN_TRACE
,("Called.\n"));
378 Irp
->IoStatus
.Information
= 0;
379 Irp
->IoStatus
.Status
= Status
;
380 if ( Irp
->MdlAddress
) UnlockRequest( Irp
, IoGetCurrentIrpStackLocation( Irp
) );
381 IoCompleteRequest( Irp
, IO_NO_INCREMENT
);
385 NTSTATUS
QueueUserModeIrp(PAFD_FCB FCB
, PIRP Irp
, UINT Function
)
389 /* Add the IRP to the queue in all cases (so AfdCancelHandler will work properly) */
390 InsertTailList( &FCB
->PendingIrpList
[Function
],
391 &Irp
->Tail
.Overlay
.ListEntry
);
393 /* Acquire the cancel spin lock and check the cancel bit */
394 IoAcquireCancelSpinLock(&Irp
->CancelIrql
);
397 /* We are not cancelled; we're good to go so
398 * set the cancel routine, release the cancel spin lock,
399 * mark the IRP as pending, and
400 * return STATUS_PENDING to the caller
402 (void)IoSetCancelRoutine(Irp
, AfdCancelHandler
);
403 IoReleaseCancelSpinLock(Irp
->CancelIrql
);
404 IoMarkIrpPending(Irp
);
405 Status
= STATUS_PENDING
;
409 /* We were already cancelled before we were able to register our cancel routine
410 * so we are to call the cancel routine ourselves right here to cancel the IRP
411 * (which handles all the stuff we do above) and return STATUS_CANCELLED to the caller
413 AfdCancelHandler(IoGetCurrentIrpStackLocation(Irp
)->DeviceObject
,
415 Status
= STATUS_CANCELLED
;
421 NTSTATUS
LeaveIrpUntilLater( PAFD_FCB FCB
, PIRP Irp
, UINT Function
) {
424 Status
= QueueUserModeIrp(FCB
, Irp
, Function
);
426 SocketStateUnlock( FCB
);