2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: ntoskrnl/io/iomgr/file.c
5 * PURPOSE: Functions that deal with managing the FILE_OBJECT itself.
6 * PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
9 * Filip Navara (navaraf@reactos.org)
13 /* INCLUDES *****************************************************************/
19 extern ERESOURCE IopSecurityResource
;
21 /* PRIVATE FUNCTIONS *********************************************************/
25 IopCheckBackupRestorePrivilege(IN PACCESS_STATE AccessState
,
26 IN OUT PULONG CreateOptions
,
27 IN KPROCESSOR_MODE PreviousMode
,
30 ACCESS_MASK DesiredAccess
, ReadAccess
, WriteAccess
;
31 PRIVILEGE_SET Privileges
;
32 BOOLEAN AccessGranted
, HaveBackupPriv
= FALSE
, CheckRestore
= FALSE
;
35 /* Don't do anything if privileges were checked already */
36 if (AccessState
->Flags
& SE_BACKUP_PRIVILEGES_CHECKED
) return;
38 /* Check if the file was actually opened for backup purposes */
39 if (*CreateOptions
& FILE_OPEN_FOR_BACKUP_INTENT
)
41 /* Set the check flag since were doing it now */
42 AccessState
->Flags
|= SE_BACKUP_PRIVILEGES_CHECKED
;
44 /* Set the access masks required */
45 ReadAccess
= READ_CONTROL
|
46 ACCESS_SYSTEM_SECURITY
|
49 WriteAccess
= WRITE_DAC
|
51 ACCESS_SYSTEM_SECURITY
|
54 FILE_ADD_SUBDIRECTORY
|
56 DesiredAccess
= AccessState
->RemainingDesiredAccess
;
58 /* Check if desired access was the maximum */
59 if (DesiredAccess
& MAXIMUM_ALLOWED
)
61 /* Then add all the access masks required */
62 DesiredAccess
|= (ReadAccess
| WriteAccess
);
65 /* Check if the file already exists */
66 if (Disposition
& FILE_OPEN
)
68 /* Check if desired access has the read mask */
69 if (ReadAccess
& DesiredAccess
)
71 /* Setup the privilege check lookup */
72 Privileges
.PrivilegeCount
= 1;
73 Privileges
.Control
= PRIVILEGE_SET_ALL_NECESSARY
;
74 Privileges
.Privilege
[0].Luid
= SeBackupPrivilege
;
75 Privileges
.Privilege
[0].Attributes
= 0;
76 AccessGranted
= SePrivilegeCheck(&Privileges
,
78 SubjectSecurityContext
,
82 /* Remember that backup was allowed */
83 HaveBackupPriv
= TRUE
;
85 /* Append the privileges and update the access state */
86 SeAppendPrivileges(AccessState
, &Privileges
);
87 AccessState
->PreviouslyGrantedAccess
|= (DesiredAccess
& ReadAccess
);
88 AccessState
->RemainingDesiredAccess
&= ~ReadAccess
;
89 DesiredAccess
&= ~ReadAccess
;
91 /* Set backup privilege for the token */
92 AccessState
->Flags
|= TOKEN_HAS_BACKUP_PRIVILEGE
;
98 /* Caller is creating the file, check restore privileges later */
102 /* Check if caller wants write access or if it's creating a file */
103 if ((WriteAccess
& DesiredAccess
) || (CheckRestore
))
105 /* Setup the privilege lookup and do it */
106 Privileges
.PrivilegeCount
= 1;
107 Privileges
.Control
= PRIVILEGE_SET_ALL_NECESSARY
;
108 Privileges
.Privilege
[0].Luid
= SeRestorePrivilege
;
109 Privileges
.Privilege
[0].Attributes
= 0;
110 AccessGranted
= SePrivilegeCheck(&Privileges
,
111 &AccessState
->SubjectSecurityContext
,
115 /* Remember that privilege was given */
116 HaveBackupPriv
= TRUE
;
118 /* Append the privileges and update the access state */
119 SeAppendPrivileges(AccessState
, &Privileges
);
120 AccessState
->PreviouslyGrantedAccess
|= (DesiredAccess
& WriteAccess
);
121 AccessState
->RemainingDesiredAccess
&= ~WriteAccess
;
123 /* Set restore privilege for the token */
124 AccessState
->Flags
|= TOKEN_HAS_RESTORE_PRIVILEGE
;
128 /* If we don't have the privilege, remove the option */
129 if (!HaveBackupPriv
) *CreateOptions
&= ~FILE_OPEN_FOR_BACKUP_INTENT
;
135 IopCheckDeviceAndDriver(IN POPEN_PACKET OpenPacket
,
136 IN PDEVICE_OBJECT DeviceObject
)
138 /* Make sure the object is valid */
139 if ((IoGetDevObjExtension(DeviceObject
)->ExtensionFlags
&
140 (DOE_UNLOAD_PENDING
|
143 DOE_REMOVE_PROCESSED
)) ||
144 (DeviceObject
->Flags
& DO_DEVICE_INITIALIZING
))
146 /* It's unloading or initializing, so fail */
147 DPRINT1("You are seeing this because the following ROS driver: %wZ\n"
148 " sucks. Please fix it's AddDevice Routine\n",
149 &DeviceObject
->DriverObject
->DriverName
);
150 return STATUS_NO_SUCH_DEVICE
;
152 else if ((DeviceObject
->Flags
& DO_EXCLUSIVE
) &&
153 (DeviceObject
->ReferenceCount
) &&
154 !(OpenPacket
->RelatedFileObject
) &&
155 !(OpenPacket
->Options
& IO_ATTACH_DEVICE
))
157 return STATUS_ACCESS_DENIED
;
162 /* Increase reference count */
163 InterlockedIncrement(&DeviceObject
->ReferenceCount
);
164 return STATUS_SUCCESS
;
170 IopDoNameTransmogrify(IN PIRP Irp
,
171 IN PFILE_OBJECT FileObject
,
172 IN PREPARSE_DATA_BUFFER DataBuffer
)
176 USHORT RequiredLength
;
181 ASSERT(Irp
->IoStatus
.Status
== STATUS_REPARSE
);
182 ASSERT(Irp
->IoStatus
.Information
== IO_REPARSE_TAG_MOUNT_POINT
);
183 ASSERT(Irp
->Tail
.Overlay
.AuxiliaryBuffer
!= NULL
);
184 ASSERT(DataBuffer
!= NULL
);
185 ASSERT(DataBuffer
->ReparseTag
== IO_REPARSE_TAG_MOUNT_POINT
);
186 ASSERT(DataBuffer
->ReparseDataLength
< MAXIMUM_REPARSE_DATA_BUFFER_SIZE
);
187 ASSERT(DataBuffer
->Reserved
< MAXIMUM_REPARSE_DATA_BUFFER_SIZE
);
189 /* First of all, validate data */
190 if (DataBuffer
->ReparseDataLength
< REPARSE_DATA_BUFFER_HEADER_SIZE
||
191 (DataBuffer
->SymbolicLinkReparseBuffer
.PrintNameLength
+
192 DataBuffer
->SymbolicLinkReparseBuffer
.SubstituteNameLength
+
193 FIELD_OFFSET(REPARSE_DATA_BUFFER
, MountPointReparseBuffer
.PathBuffer
[0])) > MAXIMUM_REPARSE_DATA_BUFFER_SIZE
)
195 Irp
->IoStatus
.Status
= STATUS_IO_REPARSE_DATA_INVALID
;
198 /* Everything went right */
199 if (NT_SUCCESS(Irp
->IoStatus
.Status
))
201 /* Compute buffer & length */
202 Buffer
= (PWSTR
)((ULONG_PTR
)DataBuffer
->MountPointReparseBuffer
.PathBuffer
+
203 DataBuffer
->MountPointReparseBuffer
.SubstituteNameOffset
);
204 Length
= DataBuffer
->MountPointReparseBuffer
.SubstituteNameLength
;
206 /* Check we don't overflow */
207 if (((ULONG
)MAXUSHORT
- DataBuffer
->Reserved
) <= (Length
+ sizeof(UNICODE_NULL
)))
209 Irp
->IoStatus
.Status
= STATUS_IO_REPARSE_DATA_INVALID
;
213 /* Compute how much mem we'll need */
214 RequiredLength
= DataBuffer
->Reserved
+ Length
+ sizeof(UNICODE_NULL
);
216 /* Check if FileObject can already hold what we need */
217 if (FileObject
->FileName
.MaximumLength
>= RequiredLength
)
219 NewBuffer
= FileObject
->FileName
.Buffer
;
223 /* Allocate otherwise */
224 NewBuffer
= ExAllocatePoolWithTag(PagedPool
, RequiredLength
, TAG_IO_NAME
);
225 if (NewBuffer
== NULL
)
227 Irp
->IoStatus
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
233 /* Everything went right */
234 if (NT_SUCCESS(Irp
->IoStatus
.Status
))
237 if (DataBuffer
->Reserved
)
239 RtlMoveMemory((PWSTR
)((ULONG_PTR
)NewBuffer
+ Length
),
240 (PWSTR
)((ULONG_PTR
)FileObject
->FileName
.Buffer
+ FileObject
->FileName
.Length
- DataBuffer
->Reserved
),
241 DataBuffer
->Reserved
);
247 RtlCopyMemory(NewBuffer
, Buffer
, Length
);
250 /* And finally replace buffer if new one was allocated */
251 FileObject
->FileName
.Length
= RequiredLength
- sizeof(UNICODE_NULL
);
252 if (NewBuffer
!= FileObject
->FileName
.Buffer
)
254 if (FileObject
->FileName
.Buffer
)
256 ExFreePoolWithTag(FileObject
->FileName
.Buffer
, TAG_IO_NAME
);
259 FileObject
->FileName
.Buffer
= NewBuffer
;
260 FileObject
->FileName
.MaximumLength
= RequiredLength
;
261 FileObject
->FileName
.Buffer
[RequiredLength
/ sizeof(WCHAR
) - 1] = UNICODE_NULL
;
265 /* We don't need them anymore - it was allocated by the driver */
266 ExFreePool(DataBuffer
);
271 IopParseDevice(IN PVOID ParseObject
,
273 IN OUT PACCESS_STATE AccessState
,
274 IN KPROCESSOR_MODE AccessMode
,
276 IN OUT PUNICODE_STRING CompleteName
,
277 IN OUT PUNICODE_STRING RemainingName
,
278 IN OUT PVOID Context
,
279 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL
,
282 POPEN_PACKET OpenPacket
= (POPEN_PACKET
)Context
;
283 PDEVICE_OBJECT OriginalDeviceObject
= (PDEVICE_OBJECT
)ParseObject
;
284 PDEVICE_OBJECT DeviceObject
, OwnerDevice
;
286 PFILE_OBJECT FileObject
;
289 PIO_STACK_LOCATION StackLoc
;
290 IO_SECURITY_CONTEXT SecurityContext
;
291 IO_STATUS_BLOCK IoStatusBlock
;
292 BOOLEAN DirectOpen
= FALSE
, OpenCancelled
, UseDummyFile
;
293 OBJECT_ATTRIBUTES ObjectAttributes
;
295 PDUMMY_FILE_OBJECT LocalFileObject
;
296 PFILE_BASIC_INFORMATION FileBasicInfo
;
298 KPROCESSOR_MODE CheckMode
;
299 BOOLEAN VolumeOpen
= FALSE
;
300 ACCESS_MASK DesiredAccess
, GrantedAccess
;
301 BOOLEAN AccessGranted
, LockHeld
= FALSE
;
302 PPRIVILEGE_SET Privileges
= NULL
;
303 UNICODE_STRING FileString
;
305 IOTRACE(IO_FILE_DEBUG
, "ParseObject: %p. RemainingName: %wZ\n",
306 ParseObject
, RemainingName
);
308 for (Attempt
= 0; Attempt
< IOP_MAX_REPARSE_TRAVERSAL
; ++Attempt
)
313 /* Validate the open packet */
314 if (!IopValidateOpenPacket(OpenPacket
)) return STATUS_OBJECT_TYPE_MISMATCH
;
316 /* Valide reparse point in case we traversed a mountpoint */
317 if (OpenPacket
->TraversedMountPoint
)
319 /* This is a reparse point we understand */
320 ASSERT(OpenPacket
->Information
== IO_REPARSE_TAG_MOUNT_POINT
);
322 /* Make sure we're dealing with correct DO */
323 if (OriginalDeviceObject
->DeviceType
!= FILE_DEVICE_DISK
&&
324 OriginalDeviceObject
->DeviceType
!= FILE_DEVICE_CD_ROM
&&
325 OriginalDeviceObject
->DeviceType
!= FILE_DEVICE_VIRTUAL_DISK
&&
326 OriginalDeviceObject
->DeviceType
!= FILE_DEVICE_TAPE
)
328 OpenPacket
->FinalStatus
= STATUS_IO_REPARSE_DATA_INVALID
;
329 return STATUS_IO_REPARSE_DATA_INVALID
;
333 /* Check if we have a related file object */
334 if (OpenPacket
->RelatedFileObject
)
336 /* Use the related file object's device object */
337 OriginalDeviceObject
= OpenPacket
->RelatedFileObject
->DeviceObject
;
340 /* Validate device status */
341 Status
= IopCheckDeviceAndDriver(OpenPacket
, OriginalDeviceObject
);
342 if (!NT_SUCCESS(Status
))
344 /* We failed, return status */
345 OpenPacket
->FinalStatus
= Status
;
349 /* Map the generic mask and set the new mapping in the access state */
350 RtlMapGenericMask(&AccessState
->RemainingDesiredAccess
,
351 &IoFileObjectType
->TypeInfo
.GenericMapping
);
352 RtlMapGenericMask(&AccessState
->OriginalDesiredAccess
,
353 &IoFileObjectType
->TypeInfo
.GenericMapping
);
354 SeSetAccessStateGenericMapping(AccessState
,
355 &IoFileObjectType
->TypeInfo
.GenericMapping
);
356 DesiredAccess
= AccessState
->RemainingDesiredAccess
;
358 /* Check what kind of access checks to do */
359 if ((AccessMode
!= KernelMode
) ||
360 (OpenPacket
->Options
& IO_FORCE_ACCESS_CHECK
))
362 /* Call is from user-mode or kernel is forcing checks */
363 CheckMode
= UserMode
;
367 /* Call is from the kernel */
368 CheckMode
= KernelMode
;
371 /* Check privilege for backup or restore operation */
372 IopCheckBackupRestorePrivilege(AccessState
,
373 &OpenPacket
->CreateOptions
,
375 OpenPacket
->Disposition
);
377 /* Check if we are re-parsing */
378 if (((OpenPacket
->Override
) && !(RemainingName
->Length
)) ||
379 (AccessState
->Flags
& SE_BACKUP_PRIVILEGES_CHECKED
))
381 /* Get granted access from the last call */
382 DesiredAccess
|= AccessState
->PreviouslyGrantedAccess
;
385 /* Check if this is a volume open */
386 if ((OpenPacket
->RelatedFileObject
) &&
387 (OpenPacket
->RelatedFileObject
->Flags
& FO_VOLUME_OPEN
) &&
388 !(RemainingName
->Length
))
394 /* Now check if we need access checks */
395 if (((AccessMode
!= KernelMode
) ||
396 (OpenPacket
->Options
& IO_FORCE_ACCESS_CHECK
)) &&
397 (!(OpenPacket
->RelatedFileObject
) || (VolumeOpen
)) &&
398 !(OpenPacket
->Override
))
400 KeEnterCriticalRegion();
401 ExAcquireResourceSharedLite(&IopSecurityResource
, TRUE
);
403 /* Check if a device object is being parsed */
404 if (!RemainingName
->Length
)
406 /* Lock the subject context */
407 SeLockSubjectContext(&AccessState
->SubjectSecurityContext
);
410 /* Do access check */
411 AccessGranted
= SeAccessCheck(OriginalDeviceObject
->
413 &AccessState
->SubjectSecurityContext
,
419 TypeInfo
.GenericMapping
,
425 /* Append and free the privileges */
426 SeAppendPrivileges(AccessState
, Privileges
);
427 SeFreePrivileges(Privileges
);
430 /* Check if we got access */
433 /* Update access state */
434 AccessState
->PreviouslyGrantedAccess
|= GrantedAccess
;
435 AccessState
->RemainingDesiredAccess
&= ~(GrantedAccess
|
437 OpenPacket
->Override
= TRUE
;
440 FileString
.Length
= 8;
441 FileString
.MaximumLength
= 8;
442 FileString
.Buffer
= L
"File";
444 /* Do Audit/Alarm for open operation */
445 SeOpenObjectAuditAlarm(&FileString
,
446 OriginalDeviceObject
,
448 OriginalDeviceObject
->SecurityDescriptor
,
453 &AccessState
->GenerateOnClose
);
457 /* Check if we need to do traverse validation */
458 if (!(AccessState
->Flags
& TOKEN_HAS_TRAVERSE_PRIVILEGE
) ||
459 ((OriginalDeviceObject
->DeviceType
== FILE_DEVICE_DISK
) ||
460 (OriginalDeviceObject
->DeviceType
== FILE_DEVICE_CD_ROM
)))
462 /* Check if this is a restricted token */
463 if (!(AccessState
->Flags
& TOKEN_IS_RESTRICTED
))
465 /* Do the FAST traverse check */
466 AccessGranted
= SeFastTraverseCheck(OriginalDeviceObject
->SecurityDescriptor
,
474 AccessGranted
= FALSE
;
477 /* Check if we failed to get access */
480 /* Lock the subject context */
481 SeLockSubjectContext(&AccessState
->SubjectSecurityContext
);
484 /* Do access check */
485 AccessGranted
= SeAccessCheck(OriginalDeviceObject
->
487 &AccessState
->SubjectSecurityContext
,
493 TypeInfo
.GenericMapping
,
499 /* Append and free the privileges */
500 SeAppendPrivileges(AccessState
, Privileges
);
501 SeFreePrivileges(Privileges
);
505 /* FIXME: Do Audit/Alarm for traverse check */
509 /* Access automatically granted */
510 AccessGranted
= TRUE
;
514 ExReleaseResourceLite(&IopSecurityResource
);
515 KeLeaveCriticalRegion();
517 /* Check if we hold the lock */
521 SeUnlockSubjectContext(&AccessState
->SubjectSecurityContext
);
524 /* Check if access failed */
527 /* Dereference the device and fail */
528 DPRINT1("Traverse access failed!\n");
529 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
530 return STATUS_ACCESS_DENIED
;
534 /* Check if we can simply use a dummy file */
535 UseDummyFile
= ((OpenPacket
->QueryOnly
) || (OpenPacket
->DeleteOnly
));
538 /* FIXME: Small hack still exists, have to check why...
539 * This is triggered multiple times by usetup and then once per boot.
541 if (ExpInTextModeSetup
&&
543 !(RemainingName
->Length
) &&
544 !(OpenPacket
->RelatedFileObject
) &&
545 ((wcsstr(CompleteName
->Buffer
, L
"Harddisk")) ||
546 (wcsstr(CompleteName
->Buffer
, L
"Floppy"))) &&
549 DPRINT1("Using IopParseDevice() hack. Requested invalid attributes: %lx\n",
550 DesiredAccess
& ~(SYNCHRONIZE
|
551 FILE_READ_ATTRIBUTES
|
553 ACCESS_SYSTEM_SECURITY
|
560 /* Check if this is a direct open */
561 if (!(RemainingName
->Length
) &&
562 !(OpenPacket
->RelatedFileObject
) &&
563 ((DesiredAccess
& ~(SYNCHRONIZE
|
564 FILE_READ_ATTRIBUTES
|
566 ACCESS_SYSTEM_SECURITY
|
571 /* Remember this for later */
575 /* Check if we have a related FO that wasn't a direct open */
576 if ((OpenPacket
->RelatedFileObject
) &&
577 !(OpenPacket
->RelatedFileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
))
579 /* The device object is the one we were given */
580 DeviceObject
= ParseObject
;
582 /* Check if the related FO had a VPB */
583 if (OpenPacket
->RelatedFileObject
->Vpb
)
585 /* Yes, remember it */
586 Vpb
= OpenPacket
->RelatedFileObject
->Vpb
;
589 InterlockedIncrement((PLONG
)&Vpb
->ReferenceCount
);
591 /* Check if we were given a specific top level device to use */
592 if (OpenPacket
->InternalFlags
& IOP_USE_TOP_LEVEL_DEVICE_HINT
)
594 DeviceObject
= Vpb
->DeviceObject
;
600 /* Check if it has a VPB */
601 if ((OriginalDeviceObject
->Vpb
) && !(DirectOpen
))
603 /* Check if the VPB is mounted, and mount it */
604 Vpb
= IopCheckVpbMounted(OpenPacket
,
605 OriginalDeviceObject
,
608 if (!Vpb
) return Status
;
610 /* Get the VPB's device object */
611 DeviceObject
= Vpb
->DeviceObject
;
615 /* The device object is the one we were given */
616 DeviceObject
= OriginalDeviceObject
;
619 /* If we weren't given a specific top level device, look for an attached device */
620 if (!(OpenPacket
->InternalFlags
& IOP_USE_TOP_LEVEL_DEVICE_HINT
) &&
621 DeviceObject
->AttachedDevice
)
623 /* Get the attached device */
624 DeviceObject
= IoGetAttachedDevice(DeviceObject
);
628 if (OpenPacket
->InternalFlags
& IOP_USE_TOP_LEVEL_DEVICE_HINT
)
630 // FIXME: Verify our device object is good to use
631 ASSERT(DirectOpen
== FALSE
);
634 /* If we traversed a mount point, reset the information */
635 if (OpenPacket
->TraversedMountPoint
)
637 OpenPacket
->TraversedMountPoint
= FALSE
;
640 /* Check if this is a secure FSD */
641 if ((DeviceObject
->Characteristics
& FILE_DEVICE_SECURE_OPEN
) &&
642 ((OpenPacket
->RelatedFileObject
) || (RemainingName
->Length
)) &&
648 KeEnterCriticalRegion();
649 ExAcquireResourceSharedLite(&IopSecurityResource
, TRUE
);
651 /* Lock the subject context */
652 SeLockSubjectContext(&AccessState
->SubjectSecurityContext
);
654 /* Do access check */
655 AccessGranted
= SeAccessCheck(OriginalDeviceObject
->SecurityDescriptor
,
656 &AccessState
->SubjectSecurityContext
,
661 &IoFileObjectType
->TypeInfo
.GenericMapping
,
665 if (Privileges
!= NULL
)
667 /* Append and free the privileges */
668 SeAppendPrivileges(AccessState
, Privileges
);
669 SeFreePrivileges(Privileges
);
672 /* Check if we got access */
675 AccessState
->PreviouslyGrantedAccess
|= GrantedAccess
;
676 AccessState
->RemainingDesiredAccess
&= ~(GrantedAccess
| MAXIMUM_ALLOWED
);
679 FileString
.Length
= 8;
680 FileString
.MaximumLength
= 8;
681 FileString
.Buffer
= L
"File";
683 /* Do Audit/Alarm for open operation
684 * NOTA: we audit target device object
686 SeOpenObjectAuditAlarm(&FileString
,
689 OriginalDeviceObject
->SecurityDescriptor
,
694 &AccessState
->GenerateOnClose
);
696 SeUnlockSubjectContext(&AccessState
->SubjectSecurityContext
);
698 ExReleaseResourceLite(&IopSecurityResource
);
699 KeLeaveCriticalRegion();
701 /* Check if access failed */
704 /* Dereference the device and fail */
705 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
706 if (Vpb
) IopDereferenceVpbAndFree(Vpb
);
707 return STATUS_ACCESS_DENIED
;
711 /* Allocate the IRP */
712 Irp
= IoAllocateIrp(DeviceObject
->StackSize
, TRUE
);
715 /* Dereference the device and VPB, then fail */
716 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
717 if (Vpb
) IopDereferenceVpbAndFree(Vpb
);
718 return STATUS_INSUFFICIENT_RESOURCES
;
721 /* Now set the IRP data */
722 Irp
->RequestorMode
= AccessMode
;
723 Irp
->Flags
= IRP_CREATE_OPERATION
| IRP_SYNCHRONOUS_API
| IRP_DEFER_IO_COMPLETION
;
724 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
725 Irp
->UserIosb
= &IoStatusBlock
;
726 Irp
->MdlAddress
= NULL
;
727 Irp
->PendingReturned
= FALSE
;
728 Irp
->UserEvent
= NULL
;
730 Irp
->CancelRoutine
= NULL
;
731 Irp
->Tail
.Overlay
.AuxiliaryBuffer
= NULL
;
733 /* Setup the security context */
734 SecurityContext
.SecurityQos
= SecurityQos
;
735 SecurityContext
.AccessState
= AccessState
;
736 SecurityContext
.DesiredAccess
= AccessState
->RemainingDesiredAccess
;
737 SecurityContext
.FullCreateOptions
= OpenPacket
->CreateOptions
;
739 /* Get the I/O Stack location */
740 StackLoc
= IoGetNextIrpStackLocation(Irp
);
741 StackLoc
->Control
= 0;
743 /* Check what kind of file this is */
744 switch (OpenPacket
->CreateFileType
)
747 case CreateFileTypeNone
:
749 /* Set the major function and EA Length */
750 StackLoc
->MajorFunction
= IRP_MJ_CREATE
;
751 StackLoc
->Parameters
.Create
.EaLength
= OpenPacket
->EaLength
;
754 StackLoc
->Flags
= (UCHAR
)OpenPacket
->Options
;
755 StackLoc
->Flags
|= !(Attributes
& OBJ_CASE_INSENSITIVE
) ? SL_CASE_SENSITIVE
: 0;
759 case CreateFileTypeNamedPipe
:
761 /* Set the named pipe MJ and set the parameters */
762 StackLoc
->MajorFunction
= IRP_MJ_CREATE_NAMED_PIPE
;
763 StackLoc
->Parameters
.CreatePipe
.Parameters
= OpenPacket
->ExtraCreateParameters
;
767 case CreateFileTypeMailslot
:
769 /* Set the mailslot MJ and set the parameters */
770 StackLoc
->MajorFunction
= IRP_MJ_CREATE_MAILSLOT
;
771 StackLoc
->Parameters
.CreateMailslot
.Parameters
= OpenPacket
->ExtraCreateParameters
;
775 /* Set the common data */
776 Irp
->Overlay
.AllocationSize
= OpenPacket
->AllocationSize
;
777 Irp
->AssociatedIrp
.SystemBuffer
= OpenPacket
->EaBuffer
;
778 StackLoc
->Parameters
.Create
.Options
= (OpenPacket
->Disposition
<< 24) |
779 (OpenPacket
->CreateOptions
&
781 StackLoc
->Parameters
.Create
.FileAttributes
= OpenPacket
->FileAttributes
;
782 StackLoc
->Parameters
.Create
.ShareAccess
= OpenPacket
->ShareAccess
;
783 StackLoc
->Parameters
.Create
.SecurityContext
= &SecurityContext
;
785 /* Check if we really need to create an object */
788 ULONG ObjectSize
= sizeof(FILE_OBJECT
);
790 /* Tag on space for a file object extension */
791 if (OpenPacket
->InternalFlags
& IOP_CREATE_FILE_OBJECT_EXTENSION
)
792 ObjectSize
+= sizeof(FILE_OBJECT_EXTENSION
);
794 /* Create the actual file object */
795 InitializeObjectAttributes(&ObjectAttributes
,
800 Status
= ObCreateObject(KernelMode
,
808 (PVOID
*)&FileObject
);
809 if (!NT_SUCCESS(Status
))
811 /* Create failed, free the IRP */
814 /* Dereference the device and VPB */
815 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
816 if (Vpb
) IopDereferenceVpbAndFree(Vpb
);
818 /* We failed, return status */
819 OpenPacket
->FinalStatus
= Status
;
823 /* Clear the file object */
824 RtlZeroMemory(FileObject
, sizeof(FILE_OBJECT
));
826 /* Check if this is Synch I/O */
827 if (OpenPacket
->CreateOptions
&
828 (FILE_SYNCHRONOUS_IO_ALERT
| FILE_SYNCHRONOUS_IO_NONALERT
))
830 /* Set the synch flag */
831 FileObject
->Flags
|= FO_SYNCHRONOUS_IO
;
833 /* Check if it's also alertable */
834 if (OpenPacket
->CreateOptions
& FILE_SYNCHRONOUS_IO_ALERT
)
836 /* It is, set the alertable flag */
837 FileObject
->Flags
|= FO_ALERTABLE_IO
;
841 /* Check if this is synch I/O */
842 if (FileObject
->Flags
& FO_SYNCHRONOUS_IO
)
844 /* Initialize the event */
845 KeInitializeEvent(&FileObject
->Lock
, SynchronizationEvent
, FALSE
);
848 /* Check if the caller requested no intermediate buffering */
849 if (OpenPacket
->CreateOptions
& FILE_NO_INTERMEDIATE_BUFFERING
)
851 /* Set the correct flag for the FSD to read */
852 FileObject
->Flags
|= FO_NO_INTERMEDIATE_BUFFERING
;
855 /* Check if the caller requested write through support */
856 if (OpenPacket
->CreateOptions
& FILE_WRITE_THROUGH
)
858 /* Set the correct flag for the FSD to read */
859 FileObject
->Flags
|= FO_WRITE_THROUGH
;
862 /* Check if the caller says the file will be only read sequentially */
863 if (OpenPacket
->CreateOptions
& FILE_SEQUENTIAL_ONLY
)
865 /* Set the correct flag for the FSD to read */
866 FileObject
->Flags
|= FO_SEQUENTIAL_ONLY
;
869 /* Check if the caller believes the file will be only read randomly */
870 if (OpenPacket
->CreateOptions
& FILE_RANDOM_ACCESS
)
872 /* Set the correct flag for the FSD to read */
873 FileObject
->Flags
|= FO_RANDOM_ACCESS
;
876 /* Check if we were asked to setup a file object extension */
877 if (OpenPacket
->InternalFlags
& IOP_CREATE_FILE_OBJECT_EXTENSION
)
879 PFILE_OBJECT_EXTENSION FileObjectExtension
;
881 /* Make sure the file object knows it has an extension */
882 FileObject
->Flags
|= FO_FILE_OBJECT_HAS_EXTENSION
;
884 FileObjectExtension
= (PFILE_OBJECT_EXTENSION
)(FileObject
+ 1);
885 FileObject
->FileObjectExtension
= FileObjectExtension
;
887 /* Add the top level device which we'll send the request to */
888 if (OpenPacket
->InternalFlags
& IOP_USE_TOP_LEVEL_DEVICE_HINT
)
890 FileObjectExtension
->TopDeviceObjectHint
= DeviceObject
;
896 /* Use the dummy object instead */
897 LocalFileObject
= OpenPacket
->LocalFileObject
;
898 RtlZeroMemory(LocalFileObject
, sizeof(DUMMY_FILE_OBJECT
));
901 FileObject
= (PFILE_OBJECT
)&LocalFileObject
->ObjectHeader
.Body
;
902 LocalFileObject
->ObjectHeader
.Type
= IoFileObjectType
;
903 LocalFileObject
->ObjectHeader
.PointerCount
= 1;
906 /* Setup the file header */
907 FileObject
->Type
= IO_TYPE_FILE
;
908 FileObject
->Size
= sizeof(FILE_OBJECT
);
909 FileObject
->RelatedFileObject
= OpenPacket
->RelatedFileObject
;
910 FileObject
->DeviceObject
= OriginalDeviceObject
;
912 /* Check if this is a direct device open */
913 if (DirectOpen
) FileObject
->Flags
|= FO_DIRECT_DEVICE_OPEN
;
915 /* Check if the caller wants case sensitivity */
916 if (!(Attributes
& OBJ_CASE_INSENSITIVE
))
918 /* Tell the driver about it */
919 FileObject
->Flags
|= FO_OPENED_CASE_SENSITIVE
;
922 /* Now set the file object */
923 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
924 StackLoc
->FileObject
= FileObject
;
926 /* Check if the file object has a name */
927 if (RemainingName
->Length
)
929 /* Setup the unicode string */
930 FileObject
->FileName
.MaximumLength
= RemainingName
->Length
+
932 FileObject
->FileName
.Buffer
= ExAllocatePoolWithTag(PagedPool
,
937 if (!FileObject
->FileName
.Buffer
)
939 /* Failed to allocate the name, free the IRP */
942 /* Dereference the device object and VPB */
943 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
944 if (Vpb
) IopDereferenceVpbAndFree(Vpb
);
946 /* Clear the FO and dereference it */
947 FileObject
->DeviceObject
= NULL
;
948 if (!UseDummyFile
) ObDereferenceObject(FileObject
);
951 return STATUS_INSUFFICIENT_RESOURCES
;
956 RtlCopyUnicodeString(&FileObject
->FileName
, RemainingName
);
958 /* Initialize the File Object event and set the FO */
959 KeInitializeEvent(&FileObject
->Event
, NotificationEvent
, FALSE
);
960 OpenPacket
->FileObject
= FileObject
;
962 /* Queue the IRP and call the driver */
963 IopQueueIrpToThread(Irp
);
964 Status
= IoCallDriver(DeviceObject
, Irp
);
965 if (Status
== STATUS_PENDING
)
967 /* Wait for the driver to complete the create */
968 KeWaitForSingleObject(&FileObject
->Event
,
974 /* Get the new status */
975 Status
= IoStatusBlock
.Status
;
979 /* We'll have to complete it ourselves */
980 ASSERT(!Irp
->PendingReturned
);
981 ASSERT(!Irp
->MdlAddress
);
983 /* Handle name change if required */
984 if (Status
== STATUS_REPARSE
)
986 /* Check this is a mount point */
987 if (Irp
->IoStatus
.Information
== IO_REPARSE_TAG_MOUNT_POINT
)
989 PREPARSE_DATA_BUFFER ReparseData
;
991 /* Reparse point attributes were passed by the driver in the auxiliary buffer */
992 ASSERT(Irp
->Tail
.Overlay
.AuxiliaryBuffer
!= NULL
);
993 ReparseData
= (PREPARSE_DATA_BUFFER
)Irp
->Tail
.Overlay
.AuxiliaryBuffer
;
995 ASSERT(ReparseData
->ReparseTag
== IO_REPARSE_TAG_MOUNT_POINT
);
996 ASSERT(ReparseData
->ReparseDataLength
< MAXIMUM_REPARSE_DATA_BUFFER_SIZE
);
997 ASSERT(ReparseData
->Reserved
< MAXIMUM_REPARSE_DATA_BUFFER_SIZE
);
999 IopDoNameTransmogrify(Irp
, FileObject
, ReparseData
);
1003 /* Completion happens at APC_LEVEL */
1004 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
1006 /* Get the new I/O Status block ourselves */
1007 IoStatusBlock
= Irp
->IoStatus
;
1008 Status
= IoStatusBlock
.Status
;
1010 /* Manually signal the even, we can't have any waiters */
1011 FileObject
->Event
.Header
.SignalState
= 1;
1013 /* Now that we've signaled the events, de-associate the IRP */
1014 IopUnQueueIrpFromThread(Irp
);
1016 /* Check if the IRP had an input buffer */
1017 if ((Irp
->Flags
& IRP_BUFFERED_IO
) &&
1018 (Irp
->Flags
& IRP_DEALLOCATE_BUFFER
))
1020 /* Free it. A driver might've tacked one on */
1021 ExFreePool(Irp
->AssociatedIrp
.SystemBuffer
);
1024 /* Free the IRP and bring the IRQL back down */
1026 KeLowerIrql(OldIrql
);
1029 /* Copy the I/O Status */
1030 OpenPacket
->Information
= IoStatusBlock
.Information
;
1032 /* The driver failed to create the file */
1033 if (!NT_SUCCESS(Status
))
1035 /* Check if we have a name */
1036 if (FileObject
->FileName
.Length
)
1039 ExFreePoolWithTag(FileObject
->FileName
.Buffer
, TAG_IO_NAME
);
1040 FileObject
->FileName
.Length
= 0;
1043 /* Clear its device object */
1044 FileObject
->DeviceObject
= NULL
;
1046 /* Save this now because the FO might go away */
1047 OpenCancelled
= FileObject
->Flags
& FO_FILE_OPEN_CANCELLED
?
1050 /* Clear the file object in the open packet */
1051 OpenPacket
->FileObject
= NULL
;
1053 /* Dereference the file object */
1054 if (!UseDummyFile
) ObDereferenceObject(FileObject
);
1056 /* Dereference the device object */
1057 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
1059 /* Unless the driver cancelled the open, dereference the VPB */
1060 if (!(OpenCancelled
) && (Vpb
)) IopDereferenceVpbAndFree(Vpb
);
1062 /* Set the status and return */
1063 OpenPacket
->FinalStatus
= Status
;
1066 else if (Status
== STATUS_REPARSE
)
1068 if (OpenPacket
->Information
== IO_REPARSE
||
1069 OpenPacket
->Information
== IO_REPARSE_TAG_MOUNT_POINT
)
1071 /* Update CompleteName with reparse info which got updated in IopDoNameTransmogrify() */
1072 if (CompleteName
->MaximumLength
< FileObject
->FileName
.Length
)
1074 PWSTR NewCompleteName
;
1076 /* Allocate a new buffer for the string */
1077 NewCompleteName
= ExAllocatePoolWithTag(PagedPool
, FileObject
->FileName
.Length
, TAG_IO_NAME
);
1078 if (NewCompleteName
== NULL
)
1080 OpenPacket
->FinalStatus
= STATUS_INSUFFICIENT_RESOURCES
;
1081 return STATUS_INSUFFICIENT_RESOURCES
;
1084 /* Release the old one */
1085 if (CompleteName
->Buffer
!= NULL
)
1087 ExFreePoolWithTag(CompleteName
->Buffer
, 0);
1090 /* And setup the new one */
1091 CompleteName
->Buffer
= NewCompleteName
;
1092 CompleteName
->MaximumLength
= FileObject
->FileName
.Length
;
1095 /* Copy our new complete name */
1096 RtlCopyUnicodeString(CompleteName
, &FileObject
->FileName
);
1098 if (OpenPacket
->Information
== IO_REPARSE_TAG_MOUNT_POINT
)
1100 OpenPacket
->RelatedFileObject
= NULL
;
1104 /* Check if we have a name */
1105 if (FileObject
->FileName
.Length
)
1108 ExFreePoolWithTag(FileObject
->FileName
.Buffer
, 0);
1109 FileObject
->FileName
.Length
= 0;
1112 /* Clear its device object */
1113 FileObject
->DeviceObject
= NULL
;
1115 /* Clear the file object in the open packet */
1116 OpenPacket
->FileObject
= NULL
;
1118 /* Dereference the file object */
1119 if (!UseDummyFile
) ObDereferenceObject(FileObject
);
1121 /* Dereference the device object */
1122 IopDereferenceDeviceObject(OriginalDeviceObject
, FALSE
);
1124 /* Unless the driver cancelled the open, dereference the VPB */
1125 if (Vpb
!= NULL
) IopDereferenceVpbAndFree(Vpb
);
1127 if (OpenPacket
->Information
!= IO_REMOUNT
)
1129 OpenPacket
->RelatedFileObject
= NULL
;
1131 /* Inform we traversed a mount point for later attempt */
1132 if (OpenPacket
->Information
== IO_REPARSE_TAG_MOUNT_POINT
)
1134 OpenPacket
->TraversedMountPoint
= 1;
1137 /* In case we override checks, but got this on volume open, fail hard */
1138 if (OpenPacket
->Override
)
1140 KeBugCheckEx(DRIVER_RETURNED_STATUS_REPARSE_FOR_VOLUME_OPEN
,
1141 (ULONG_PTR
)OriginalDeviceObject
,
1142 (ULONG_PTR
)DeviceObject
,
1143 (ULONG_PTR
)CompleteName
,
1144 OpenPacket
->Information
);
1147 /* Return to IO/OB so that information can be upgraded */
1148 return STATUS_REPARSE
;
1151 /* Loop again and reattempt an opening */
1158 if (Attempt
== IOP_MAX_REPARSE_TRAVERSAL
)
1159 return STATUS_UNSUCCESSFUL
;
1161 /* Get the owner of the File Object */
1162 OwnerDevice
= IoGetRelatedDeviceObject(FileObject
);
1165 * It's possible that the device to whom we sent the IRP to
1166 * isn't actually the device that ended opening the file object
1169 if (OwnerDevice
!= DeviceObject
)
1171 /* We have to de-reference the VPB we had associated */
1172 if (Vpb
) IopDereferenceVpbAndFree(Vpb
);
1174 /* And re-associate with the actual one */
1175 Vpb
= FileObject
->Vpb
;
1176 if (Vpb
) InterlockedIncrement((PLONG
)&Vpb
->ReferenceCount
);
1179 /* Make sure we are not using a dummy */
1182 /* Check if this was a volume open */
1183 if ((!(FileObject
->RelatedFileObject
) ||
1184 (FileObject
->RelatedFileObject
->Flags
& FO_VOLUME_OPEN
)) &&
1185 !(FileObject
->FileName
.Length
))
1187 /* All signs point to it, but make sure it was actually an FSD */
1188 if ((OwnerDevice
->DeviceType
== FILE_DEVICE_DISK_FILE_SYSTEM
) ||
1189 (OwnerDevice
->DeviceType
== FILE_DEVICE_CD_ROM_FILE_SYSTEM
) ||
1190 (OwnerDevice
->DeviceType
== FILE_DEVICE_TAPE_FILE_SYSTEM
) ||
1191 (OwnerDevice
->DeviceType
== FILE_DEVICE_FILE_SYSTEM
))
1193 /* The owner device is an FSD, so this is a volume open for real */
1194 FileObject
->Flags
|= FO_VOLUME_OPEN
;
1198 /* Reference the object and set the parse check */
1199 ObReferenceObject(FileObject
);
1200 *Object
= FileObject
;
1201 OpenPacket
->FinalStatus
= IoStatusBlock
.Status
;
1202 OpenPacket
->ParseCheck
= TRUE
;
1203 return OpenPacket
->FinalStatus
;
1207 /* Check if this was a query */
1208 if (OpenPacket
->QueryOnly
)
1210 /* Check if the caller wants basic info only */
1211 if (!OpenPacket
->FullAttributes
)
1213 /* Allocate the buffer */
1214 FileBasicInfo
= ExAllocatePoolWithTag(NonPagedPool
,
1215 sizeof(*FileBasicInfo
),
1220 Status
= IoQueryFileInformation(FileObject
,
1221 FileBasicInformation
,
1222 sizeof(*FileBasicInfo
),
1225 if (NT_SUCCESS(Status
))
1228 RtlCopyMemory(OpenPacket
->BasicInformation
,
1233 /* Free our buffer */
1234 ExFreePoolWithTag(FileBasicInfo
, TAG_IO
);
1239 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1244 /* This is a full query */
1245 Status
= IoQueryFileInformation(
1247 FileNetworkOpenInformation
,
1248 sizeof(FILE_NETWORK_OPEN_INFORMATION
),
1249 OpenPacket
->NetworkInformation
,
1251 if (!NT_SUCCESS(Status
)) ASSERT(Status
!= STATUS_NOT_IMPLEMENTED
);
1255 /* Delete the file object */
1256 IopDeleteFile(FileObject
);
1258 /* Clear out the file */
1259 OpenPacket
->FileObject
= NULL
;
1261 /* Set and return status */
1262 OpenPacket
->FinalStatus
= Status
;
1263 OpenPacket
->ParseCheck
= TRUE
;
1270 IopParseFile(IN PVOID ParseObject
,
1271 IN PVOID ObjectType
,
1272 IN OUT PACCESS_STATE AccessState
,
1273 IN KPROCESSOR_MODE AccessMode
,
1274 IN ULONG Attributes
,
1275 IN OUT PUNICODE_STRING CompleteName
,
1276 IN OUT PUNICODE_STRING RemainingName
,
1277 IN OUT PVOID Context OPTIONAL
,
1278 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL
,
1282 POPEN_PACKET OpenPacket
= (POPEN_PACKET
)Context
;
1284 /* Validate the open packet */
1285 if (!IopValidateOpenPacket(OpenPacket
)) return STATUS_OBJECT_TYPE_MISMATCH
;
1287 /* Get the device object */
1288 DeviceObject
= IoGetRelatedDeviceObject(ParseObject
);
1289 OpenPacket
->RelatedFileObject
= ParseObject
;
1291 /* Call the main routine */
1292 return IopParseDevice(DeviceObject
,
1306 IopDeleteFile(IN PVOID ObjectBody
)
1308 PFILE_OBJECT FileObject
= (PFILE_OBJECT
)ObjectBody
;
1310 PIO_STACK_LOCATION StackPtr
;
1313 PDEVICE_OBJECT DeviceObject
;
1314 BOOLEAN DereferenceDone
= FALSE
;
1317 IOTRACE(IO_FILE_DEBUG
, "ObjectBody: %p\n", ObjectBody
);
1319 /* Check if the file has a device object */
1320 if (FileObject
->DeviceObject
)
1322 /* Check if this is a direct open or not */
1323 if (FileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
)
1325 /* Get the attached device */
1326 DeviceObject
= IoGetAttachedDevice(FileObject
->DeviceObject
);
1330 /* Use the file object's device object */
1331 DeviceObject
= IoGetRelatedDeviceObject(FileObject
);
1335 ASSERT(!(FileObject
->Flags
& FO_SYNCHRONOUS_IO
) ||
1336 (InterlockedExchange((PLONG
)&FileObject
->Busy
, TRUE
) == FALSE
));
1338 /* Check if the handle wasn't created yet */
1339 if (!(FileObject
->Flags
& FO_HANDLE_CREATED
))
1341 /* Send the cleanup IRP */
1342 IopCloseFile(NULL
, ObjectBody
, 0, 1, 1);
1345 /* Clear and set up Events */
1346 KeClearEvent(&FileObject
->Event
);
1347 KeInitializeEvent(&Event
, SynchronizationEvent
, FALSE
);
1349 /* Allocate an IRP */
1350 Irp
= IopAllocateIrpMustSucceed(DeviceObject
->StackSize
);
1353 Irp
->UserEvent
= &Event
;
1354 Irp
->UserIosb
= &Irp
->IoStatus
;
1355 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
1356 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
1357 Irp
->Flags
= IRP_CLOSE_OPERATION
| IRP_SYNCHRONOUS_API
;
1359 /* Set up Stack Pointer Data */
1360 StackPtr
= IoGetNextIrpStackLocation(Irp
);
1361 StackPtr
->MajorFunction
= IRP_MJ_CLOSE
;
1362 StackPtr
->FileObject
= FileObject
;
1365 IopQueueIrpToThread(Irp
);
1367 /* Get the VPB and check if this isn't a direct open */
1368 Vpb
= FileObject
->Vpb
;
1369 if ((Vpb
) && !(FileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
))
1371 /* Dereference the VPB before the close */
1372 InterlockedDecrement((PLONG
)&Vpb
->ReferenceCount
);
1375 /* Check if the FS will never disappear by itself */
1376 if (FileObject
->DeviceObject
->Flags
& DO_NEVER_LAST_DEVICE
)
1378 /* Dereference it */
1379 InterlockedDecrement(&FileObject
->DeviceObject
->ReferenceCount
);
1380 DereferenceDone
= TRUE
;
1383 /* Call the FS Driver */
1384 Status
= IoCallDriver(DeviceObject
, Irp
);
1385 if (Status
== STATUS_PENDING
)
1387 /* Wait for completion */
1388 KeWaitForSingleObject(&Event
, Executive
, KernelMode
, FALSE
, NULL
);
1391 /* De-queue the IRP */
1392 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
1393 IopUnQueueIrpFromThread(Irp
);
1394 KeLowerIrql(OldIrql
);
1399 /* Clear the file name */
1400 if (FileObject
->FileName
.Buffer
)
1402 ExFreePoolWithTag(FileObject
->FileName
.Buffer
, TAG_IO_NAME
);
1403 FileObject
->FileName
.Buffer
= NULL
;
1406 /* Check if the FO had a completion port */
1407 if (FileObject
->CompletionContext
)
1410 ObDereferenceObject(FileObject
->CompletionContext
->Port
);
1411 ExFreePool(FileObject
->CompletionContext
);
1414 /* Check if the FO had extension */
1415 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
1417 /* Release filter context structure if any */
1418 FsRtlPTeardownPerFileObjectContexts(FileObject
);
1421 /* Check if dereference has been done yet */
1422 if (!DereferenceDone
)
1424 /* Dereference device object */
1425 IopDereferenceDeviceObject(FileObject
->DeviceObject
, FALSE
);
1432 IopGetDeviceAttachmentBase(IN PDEVICE_OBJECT DeviceObject
)
1434 PDEVICE_OBJECT PDO
= DeviceObject
;
1436 /* Go down the stack to attempt to get the PDO */
1437 for (; ((PEXTENDED_DEVOBJ_EXTENSION
)PDO
->DeviceObjectExtension
)->AttachedTo
!= NULL
;
1438 PDO
= ((PEXTENDED_DEVOBJ_EXTENSION
)PDO
->DeviceObjectExtension
)->AttachedTo
);
1445 IopGetDevicePDO(IN PDEVICE_OBJECT DeviceObject
)
1450 ASSERT(DeviceObject
!= NULL
);
1452 OldIrql
= KeAcquireQueuedSpinLock(LockQueueIoDatabaseLock
);
1453 /* Get the base DO */
1454 PDO
= IopGetDeviceAttachmentBase(DeviceObject
);
1455 /* Check whether that's really a PDO and if so, keep it */
1456 if ((PDO
->Flags
& DO_BUS_ENUMERATED_DEVICE
) != DO_BUS_ENUMERATED_DEVICE
)
1462 ObReferenceObject(PDO
);
1464 KeReleaseQueuedSpinLock(LockQueueIoDatabaseLock
, OldIrql
);
1471 IopSetDeviceSecurityDescriptor(IN PDEVICE_OBJECT DeviceObject
,
1472 IN PSECURITY_INFORMATION SecurityInformation
,
1473 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1474 IN POOL_TYPE PoolType
,
1475 IN PGENERIC_MAPPING GenericMapping
)
1478 PSECURITY_DESCRIPTOR OldSecurityDescriptor
, CachedSecurityDescriptor
, NewSecurityDescriptor
;
1482 /* Keep attempting till we find our old SD or fail */
1485 KeEnterCriticalRegion();
1486 ExAcquireResourceSharedLite(&IopSecurityResource
, TRUE
);
1488 /* Get our old SD and reference it */
1489 OldSecurityDescriptor
= DeviceObject
->SecurityDescriptor
;
1490 if (OldSecurityDescriptor
!= NULL
)
1492 ObReferenceSecurityDescriptor(OldSecurityDescriptor
, 1);
1495 ExReleaseResourceLite(&IopSecurityResource
);
1496 KeLeaveCriticalRegion();
1498 /* Set the SD information */
1499 NewSecurityDescriptor
= OldSecurityDescriptor
;
1500 Status
= SeSetSecurityDescriptorInfo(NULL
, SecurityInformation
,
1501 SecurityDescriptor
, &NewSecurityDescriptor
,
1502 PoolType
, GenericMapping
);
1504 if (!NT_SUCCESS(Status
))
1506 if (OldSecurityDescriptor
!= NULL
)
1508 ObDereferenceSecurityDescriptor(OldSecurityDescriptor
, 1);
1514 /* Add the new DS to the internal cache */
1515 Status
= ObLogSecurityDescriptor(NewSecurityDescriptor
,
1516 &CachedSecurityDescriptor
, 1);
1517 ExFreePool(NewSecurityDescriptor
);
1518 if (!NT_SUCCESS(Status
))
1520 ObDereferenceSecurityDescriptor(OldSecurityDescriptor
, 1);
1524 KeEnterCriticalRegion();
1525 ExAcquireResourceExclusiveLite(&IopSecurityResource
, TRUE
);
1526 /* Check if someone changed it in our back */
1527 if (DeviceObject
->SecurityDescriptor
== OldSecurityDescriptor
)
1529 /* We're clear, do the swap */
1530 DeviceObject
->SecurityDescriptor
= CachedSecurityDescriptor
;
1531 ExReleaseResourceLite(&IopSecurityResource
);
1532 KeLeaveCriticalRegion();
1534 /* And dereference old SD (twice - us + not in use) */
1535 ObDereferenceSecurityDescriptor(OldSecurityDescriptor
, 2);
1539 ExReleaseResourceLite(&IopSecurityResource
);
1540 KeLeaveCriticalRegion();
1542 /* If so, try again */
1543 ObDereferenceSecurityDescriptor(OldSecurityDescriptor
, 1);
1544 ObDereferenceSecurityDescriptor(CachedSecurityDescriptor
, 1);
1552 IopSetDeviceSecurityDescriptors(IN PDEVICE_OBJECT UpperDeviceObject
,
1553 IN PDEVICE_OBJECT PhysicalDeviceObject
,
1554 IN PSECURITY_INFORMATION SecurityInformation
,
1555 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1556 IN POOL_TYPE PoolType
,
1557 IN PGENERIC_MAPPING GenericMapping
)
1559 PDEVICE_OBJECT CurrentDO
= PhysicalDeviceObject
, NextDevice
;
1560 NTSTATUS Status
= STATUS_SUCCESS
, TmpStatus
;
1564 ASSERT(PhysicalDeviceObject
!= NULL
);
1566 /* We always reference the DO we're working on */
1567 ObReferenceObject(CurrentDO
);
1569 /* Go up from PDO to latest DO */
1572 /* Attempt to set the new SD on it */
1573 TmpStatus
= IopSetDeviceSecurityDescriptor(CurrentDO
, SecurityInformation
,
1574 SecurityDescriptor
, PoolType
,
1576 /* Was our last one? Remember that status then */
1577 if (CurrentDO
== UpperDeviceObject
)
1582 /* Try to move to the next DO (and thus, reference it) */
1583 NextDevice
= CurrentDO
->AttachedDevice
;
1586 ObReferenceObject(NextDevice
);
1589 /* Dereference current DO and move to the next one */
1590 ObDereferenceObject(CurrentDO
);
1591 CurrentDO
= NextDevice
;
1593 while (CurrentDO
!= NULL
);
1600 IopGetSetSecurityObject(IN PVOID ObjectBody
,
1601 IN SECURITY_OPERATION_CODE OperationCode
,
1602 IN PSECURITY_INFORMATION SecurityInformation
,
1603 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1604 IN OUT PULONG BufferLength
,
1605 IN OUT PSECURITY_DESCRIPTOR
*OldSecurityDescriptor
,
1606 IN POOL_TYPE PoolType
,
1607 IN OUT PGENERIC_MAPPING GenericMapping
)
1609 IO_STATUS_BLOCK IoStatusBlock
;
1610 PIO_STACK_LOCATION StackPtr
;
1611 PFILE_OBJECT FileObject
;
1612 PDEVICE_OBJECT DeviceObject
;
1614 BOOLEAN LocalEvent
= FALSE
;
1616 NTSTATUS Status
= STATUS_SUCCESS
;
1618 IOTRACE(IO_FILE_DEBUG
, "ObjectBody: %p\n", ObjectBody
);
1620 /* Check if this is a device or file */
1621 if (((PFILE_OBJECT
)ObjectBody
)->Type
== IO_TYPE_DEVICE
)
1624 DeviceObject
= (PDEVICE_OBJECT
)ObjectBody
;
1630 FileObject
= (PFILE_OBJECT
)ObjectBody
;
1632 /* Check if this is a direct open */
1633 if (FileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
)
1635 /* Get the Device Object */
1636 DeviceObject
= IoGetAttachedDevice(FileObject
->DeviceObject
);
1640 /* Otherwise, use the direct device*/
1641 DeviceObject
= FileObject
->DeviceObject
;
1645 /* Check if the request was for a device object */
1646 if (!(FileObject
) ||
1647 (!(FileObject
->FileName
.Length
) && !(FileObject
->RelatedFileObject
)) ||
1648 (FileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
))
1650 /* Check what kind of request this was */
1651 if (OperationCode
== QuerySecurityDescriptor
)
1653 return SeQuerySecurityDescriptorInfo(SecurityInformation
,
1656 &DeviceObject
->SecurityDescriptor
);
1658 else if (OperationCode
== DeleteSecurityDescriptor
)
1660 /* Simply return success */
1661 return STATUS_SUCCESS
;
1663 else if (OperationCode
== AssignSecurityDescriptor
)
1665 Status
= STATUS_SUCCESS
;
1667 /* Make absolutely sure this is a device object */
1668 if (!(FileObject
) || !(FileObject
->Flags
& FO_STREAM_FILE
))
1670 PSECURITY_DESCRIPTOR CachedSecurityDescriptor
;
1672 /* Add the security descriptor in cache */
1673 Status
= ObLogSecurityDescriptor(SecurityDescriptor
, &CachedSecurityDescriptor
, 1);
1674 if (NT_SUCCESS(Status
))
1676 KeEnterCriticalRegion();
1677 ExAcquireResourceExclusiveLite(&IopSecurityResource
, TRUE
);
1679 /* Assign the Security Descriptor */
1680 DeviceObject
->SecurityDescriptor
= CachedSecurityDescriptor
;
1682 ExReleaseResourceLite(&IopSecurityResource
);
1683 KeLeaveCriticalRegion();
1690 else if (OperationCode
== SetSecurityDescriptor
)
1692 /* Get the Physical Device Object if any */
1693 PDEVICE_OBJECT PDO
= IopGetDevicePDO(DeviceObject
);
1697 /* Apply the new SD to any DO in the path from PDO to current DO */
1698 Status
= IopSetDeviceSecurityDescriptors(DeviceObject
, PDO
,
1699 SecurityInformation
,
1701 PoolType
, GenericMapping
);
1702 ObDereferenceObject(PDO
);
1706 /* Otherwise, just set for ourselves */
1707 Status
= IopSetDeviceSecurityDescriptor(DeviceObject
,
1708 SecurityInformation
,
1710 PoolType
, GenericMapping
);
1713 return STATUS_SUCCESS
;
1716 /* Shouldn't happen */
1717 return STATUS_SUCCESS
;
1719 else if (OperationCode
== DeleteSecurityDescriptor
)
1721 /* Same as for devices, do nothing */
1722 return STATUS_SUCCESS
;
1725 /* At this point, we know we're a file. Reference it */
1726 ObReferenceObject(FileObject
);
1728 /* Check if we should use Sync IO or not */
1729 if (FileObject
->Flags
& FO_SYNCHRONOUS_IO
)
1731 /* Lock the file object */
1732 Status
= IopLockFileObject(FileObject
, ExGetPreviousMode());
1733 if (Status
!= STATUS_SUCCESS
)
1735 ObDereferenceObject(FileObject
);
1741 /* Use local event */
1742 KeInitializeEvent(&Event
, SynchronizationEvent
, FALSE
);
1746 /* Clear the File Object event */
1747 KeClearEvent(&FileObject
->Event
);
1749 /* Get the device object */
1750 DeviceObject
= IoGetRelatedDeviceObject(FileObject
);
1752 /* Allocate the IRP */
1753 Irp
= IoAllocateIrp(DeviceObject
->StackSize
, FALSE
);
1754 if (!Irp
) return IopCleanupFailedIrp(FileObject
, NULL
, NULL
);
1757 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
1758 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
1759 Irp
->RequestorMode
= ExGetPreviousMode();
1760 Irp
->UserIosb
= &IoStatusBlock
;
1761 Irp
->UserEvent
= (LocalEvent
) ? &Event
: NULL
;
1762 Irp
->Flags
= (LocalEvent
) ? IRP_SYNCHRONOUS_API
: 0;
1763 Irp
->Overlay
.AsynchronousParameters
.UserApcRoutine
= NULL
;
1765 /* Set Stack Parameters */
1766 StackPtr
= IoGetNextIrpStackLocation(Irp
);
1767 StackPtr
->FileObject
= FileObject
;
1769 /* Check if this is a query or set */
1770 if (OperationCode
== QuerySecurityDescriptor
)
1772 /* Set the major function and parameters */
1773 StackPtr
->MajorFunction
= IRP_MJ_QUERY_SECURITY
;
1774 StackPtr
->Parameters
.QuerySecurity
.SecurityInformation
=
1775 *SecurityInformation
;
1776 StackPtr
->Parameters
.QuerySecurity
.Length
= *BufferLength
;
1777 Irp
->UserBuffer
= SecurityDescriptor
;
1781 /* Set the major function and parameters for a set */
1782 StackPtr
->MajorFunction
= IRP_MJ_SET_SECURITY
;
1783 StackPtr
->Parameters
.SetSecurity
.SecurityInformation
=
1784 *SecurityInformation
;
1785 StackPtr
->Parameters
.SetSecurity
.SecurityDescriptor
=
1790 IopQueueIrpToThread(Irp
);
1792 /* Update operation counts */
1793 IopUpdateOperationCount(IopOtherTransfer
);
1795 /* Call the Driver */
1796 Status
= IoCallDriver(DeviceObject
, Irp
);
1798 /* Check if this was async I/O */
1801 /* Check if the IRP is pending completion */
1802 if (Status
== STATUS_PENDING
)
1804 /* Wait on the local event */
1805 KeWaitForSingleObject(&Event
,
1810 Status
= IoStatusBlock
.Status
;
1815 /* Check if the IRP is pending completion */
1816 if (Status
== STATUS_PENDING
)
1818 /* Wait on the file object */
1819 KeWaitForSingleObject(&FileObject
->Event
,
1824 Status
= FileObject
->FinalStatus
;
1827 /* Release the lock */
1828 IopUnlockFileObject(FileObject
);
1831 /* This Driver doesn't implement Security, so try to give it a default */
1832 if (Status
== STATUS_INVALID_DEVICE_REQUEST
)
1834 /* Was this a query? */
1835 if (OperationCode
== QuerySecurityDescriptor
)
1837 /* Set a World Security Descriptor */
1838 Status
= SeSetWorldSecurityDescriptor(*SecurityInformation
,
1844 /* It wasn't a query, so just fake success */
1845 Status
= STATUS_SUCCESS
;
1848 else if (OperationCode
== QuerySecurityDescriptor
)
1850 /* Callers usually expect the normalized form */
1851 if (Status
== STATUS_BUFFER_OVERFLOW
) Status
= STATUS_BUFFER_TOO_SMALL
;
1856 *BufferLength
= (ULONG
)IoStatusBlock
.Information
;
1858 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
1860 /* Get the exception code */
1861 Status
= _SEH2_GetExceptionCode();
1872 IopQueryName(IN PVOID ObjectBody
,
1874 OUT POBJECT_NAME_INFORMATION ObjectNameInfo
,
1876 OUT PULONG ReturnLength
,
1877 IN KPROCESSOR_MODE PreviousMode
)
1879 return IopQueryNameInternal(ObjectBody
,
1890 IopQueryNameInternal(IN PVOID ObjectBody
,
1892 IN BOOLEAN QueryDosName
,
1893 OUT POBJECT_NAME_INFORMATION ObjectNameInfo
,
1895 OUT PULONG ReturnLength
,
1896 IN KPROCESSOR_MODE PreviousMode
)
1898 POBJECT_NAME_INFORMATION LocalInfo
;
1899 PFILE_NAME_INFORMATION LocalFileInfo
;
1900 PFILE_OBJECT FileObject
= (PFILE_OBJECT
)ObjectBody
;
1901 ULONG LocalReturnLength
, FileLength
;
1902 BOOLEAN LengthMismatch
= FALSE
;
1905 IOTRACE(IO_FILE_DEBUG
, "ObjectBody: %p\n", ObjectBody
);
1907 /* Validate length */
1908 if (Length
< sizeof(OBJECT_NAME_INFORMATION
))
1910 /* Wrong length, fail */
1911 *ReturnLength
= sizeof(OBJECT_NAME_INFORMATION
);
1912 return STATUS_INFO_LENGTH_MISMATCH
;
1915 if (QueryDosName
) return STATUS_NOT_IMPLEMENTED
;
1917 /* Allocate Buffer */
1918 LocalInfo
= ExAllocatePoolWithTag(PagedPool
, Length
, TAG_IO
);
1919 if (!LocalInfo
) return STATUS_INSUFFICIENT_RESOURCES
;
1921 /* Query the name */
1922 Status
= ObQueryNameString(FileObject
->DeviceObject
,
1925 &LocalReturnLength
);
1926 if (!NT_SUCCESS(Status
) && (Status
!= STATUS_INFO_LENGTH_MISMATCH
))
1928 /* Free the buffer and fail */
1929 ExFreePoolWithTag(LocalInfo
, TAG_IO
);
1933 /* Copy the information */
1934 RtlCopyMemory(ObjectNameInfo
,
1936 (LocalReturnLength
> Length
) ?
1937 Length
: LocalReturnLength
);
1939 /* Set buffer pointer */
1940 p
= (PWCHAR
)(ObjectNameInfo
+ 1);
1941 ObjectNameInfo
->Name
.Buffer
= p
;
1943 /* Advance in buffer */
1944 p
+= (LocalInfo
->Name
.Length
/ sizeof(WCHAR
));
1946 /* Check if this already filled our buffer */
1947 if (LocalReturnLength
> Length
)
1949 /* Set the length mismatch to true, so that we can return
1950 * the proper buffer size to the caller later
1952 LengthMismatch
= TRUE
;
1954 /* Save the initial buffer length value */
1955 *ReturnLength
= LocalReturnLength
;
1958 /* Now get the file name buffer and check the length needed */
1959 LocalFileInfo
= (PFILE_NAME_INFORMATION
)LocalInfo
;
1960 FileLength
= Length
-
1962 FIELD_OFFSET(FILE_NAME_INFORMATION
, FileName
);
1964 /* Query the File name */
1965 if (PreviousMode
== KernelMode
&&
1966 BooleanFlagOn(FileObject
->Flags
, FO_SYNCHRONOUS_IO
))
1968 Status
= IopGetFileInformation(FileObject
,
1969 LengthMismatch
? Length
: FileLength
,
1970 FileNameInformation
,
1972 &LocalReturnLength
);
1976 Status
= IoQueryFileInformation(FileObject
,
1977 FileNameInformation
,
1978 LengthMismatch
? Length
: FileLength
,
1980 &LocalReturnLength
);
1982 if (NT_ERROR(Status
))
1984 /* Fail on errors only, allow warnings */
1985 ExFreePoolWithTag(LocalInfo
, TAG_IO
);
1989 /* If the provided buffer is too small, return the required size */
1992 /* Add the required length */
1993 *ReturnLength
+= LocalFileInfo
->FileNameLength
;
1995 /* Free the allocated buffer and return failure */
1996 ExFreePoolWithTag(LocalInfo
, TAG_IO
);
1997 return STATUS_BUFFER_OVERFLOW
;
2000 /* Now calculate the new lengths left */
2001 FileLength
= LocalReturnLength
-
2002 FIELD_OFFSET(FILE_NAME_INFORMATION
, FileName
);
2003 LocalReturnLength
= (ULONG
)((ULONG_PTR
)p
-
2004 (ULONG_PTR
)ObjectNameInfo
+
2005 LocalFileInfo
->FileNameLength
);
2007 /* Don't copy the name if it's not valid */
2008 if (LocalFileInfo
->FileName
[0] != OBJ_NAME_PATH_SEPARATOR
)
2010 /* Free the allocated buffer and return failure */
2011 ExFreePoolWithTag(LocalInfo
, TAG_IO
);
2012 return STATUS_OBJECT_PATH_INVALID
;
2015 /* Write the Name and null-terminate it */
2016 RtlCopyMemory(p
, LocalFileInfo
->FileName
, FileLength
);
2017 p
+= (FileLength
/ sizeof(WCHAR
));
2019 LocalReturnLength
+= sizeof(UNICODE_NULL
);
2021 /* Return the length needed */
2022 *ReturnLength
= LocalReturnLength
;
2024 /* Setup the length and maximum length */
2025 FileLength
= (ULONG
)((ULONG_PTR
)p
- (ULONG_PTR
)ObjectNameInfo
);
2026 ObjectNameInfo
->Name
.Length
= (USHORT
)FileLength
-
2027 sizeof(OBJECT_NAME_INFORMATION
);
2028 ObjectNameInfo
->Name
.MaximumLength
= (USHORT
)ObjectNameInfo
->Name
.Length
+
2029 sizeof(UNICODE_NULL
);
2031 /* Free buffer and return */
2032 ExFreePoolWithTag(LocalInfo
, TAG_IO
);
2038 IopCloseFile(IN PEPROCESS Process OPTIONAL
,
2039 IN PVOID ObjectBody
,
2040 IN ACCESS_MASK GrantedAccess
,
2041 IN ULONG HandleCount
,
2042 IN ULONG SystemHandleCount
)
2044 PFILE_OBJECT FileObject
= (PFILE_OBJECT
)ObjectBody
;
2047 PIO_STACK_LOCATION StackPtr
;
2049 PDEVICE_OBJECT DeviceObject
;
2051 IO_STATUS_BLOCK IoStatusBlock
;
2052 IOTRACE(IO_FILE_DEBUG
, "ObjectBody: %p\n", ObjectBody
);
2054 /* If this isn't the last handle for the current process, quit */
2055 if (HandleCount
!= 1) return;
2057 /* Check if the file is locked and has more then one handle opened */
2058 if ((FileObject
->LockOperation
) && (SystemHandleCount
!= 1))
2060 /* Check if this is a direct open or not */
2061 if (BooleanFlagOn(FileObject
->Flags
, FO_DIRECT_DEVICE_OPEN
))
2063 /* Get the attached device */
2064 DeviceObject
= IoGetAttachedDevice(FileObject
->DeviceObject
);
2068 /* Get the FO's device */
2069 DeviceObject
= IoGetRelatedDeviceObject(FileObject
);
2072 /* Check if this is a sync FO and lock it */
2073 if (BooleanFlagOn(FileObject
->Flags
, FO_SYNCHRONOUS_IO
))
2075 (VOID
)IopLockFileObject(FileObject
, KernelMode
);
2078 /* Go the FastIO path if possible, otherwise fall back to IRP */
2079 if (DeviceObject
->DriverObject
->FastIoDispatch
== NULL
||
2080 DeviceObject
->DriverObject
->FastIoDispatch
->FastIoUnlockAll
== NULL
||
2081 !DeviceObject
->DriverObject
->FastIoDispatch
->FastIoUnlockAll(FileObject
, PsGetCurrentProcess(), &IoStatusBlock
, DeviceObject
))
2083 /* Clear and set up Events */
2084 KeClearEvent(&FileObject
->Event
);
2085 KeInitializeEvent(&Event
, SynchronizationEvent
, FALSE
);
2087 /* Allocate an IRP */
2088 Irp
= IopAllocateIrpMustSucceed(DeviceObject
->StackSize
);
2091 Irp
->UserEvent
= &Event
;
2092 Irp
->UserIosb
= &Irp
->IoStatus
;
2093 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
2094 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
2095 Irp
->RequestorMode
= KernelMode
;
2096 Irp
->Flags
= IRP_SYNCHRONOUS_API
;
2097 Irp
->Overlay
.AsynchronousParameters
.UserApcRoutine
= NULL
;
2098 ObReferenceObject(FileObject
);
2100 /* Set up Stack Pointer Data */
2101 StackPtr
= IoGetNextIrpStackLocation(Irp
);
2102 StackPtr
->MajorFunction
= IRP_MJ_LOCK_CONTROL
;
2103 StackPtr
->MinorFunction
= IRP_MN_UNLOCK_ALL
;
2104 StackPtr
->FileObject
= FileObject
;
2107 IopQueueIrpToThread(Irp
);
2109 /* Call the FS Driver */
2110 Status
= IoCallDriver(DeviceObject
, Irp
);
2111 if (Status
== STATUS_PENDING
)
2113 /* Wait for completion */
2114 KeWaitForSingleObject(&Event
, UserRequest
, KernelMode
, FALSE
, NULL
);
2117 /* IO will unqueue & free for us */
2120 /* Release the lock if we were holding it */
2121 if (BooleanFlagOn(FileObject
->Flags
, FO_SYNCHRONOUS_IO
))
2123 IopUnlockFileObject(FileObject
);
2127 /* Make sure this is the last handle */
2128 if (SystemHandleCount
!= 1) return;
2130 /* Check if this is a direct open or not */
2131 if (FileObject
->Flags
& FO_DIRECT_DEVICE_OPEN
)
2133 /* Get the attached device */
2134 DeviceObject
= IoGetAttachedDevice(FileObject
->DeviceObject
);
2138 /* Get the FO's device */
2139 DeviceObject
= IoGetRelatedDeviceObject(FileObject
);
2142 /* Set the handle created flag */
2143 FileObject
->Flags
|= FO_HANDLE_CREATED
;
2145 /* Check if this is a sync FO and lock it */
2146 if (Process
!= NULL
&&
2147 BooleanFlagOn(FileObject
->Flags
, FO_SYNCHRONOUS_IO
))
2149 (VOID
)IopLockFileObject(FileObject
, KernelMode
);
2152 /* Clear and set up Events */
2153 KeClearEvent(&FileObject
->Event
);
2154 KeInitializeEvent(&Event
, SynchronizationEvent
, FALSE
);
2156 /* Allocate an IRP */
2157 Irp
= IopAllocateIrpMustSucceed(DeviceObject
->StackSize
);
2160 Irp
->UserEvent
= &Event
;
2161 Irp
->UserIosb
= &Irp
->IoStatus
;
2162 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
2163 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
2164 Irp
->Overlay
.AsynchronousParameters
.UserApcRoutine
= NULL
;
2165 Irp
->Flags
= IRP_CLOSE_OPERATION
| IRP_SYNCHRONOUS_API
;
2167 /* Set up Stack Pointer Data */
2168 StackPtr
= IoGetNextIrpStackLocation(Irp
);
2169 StackPtr
->MajorFunction
= IRP_MJ_CLEANUP
;
2170 StackPtr
->FileObject
= FileObject
;
2173 IopQueueIrpToThread(Irp
);
2175 /* Update operation counts */
2176 IopUpdateOperationCount(IopOtherTransfer
);
2178 /* Call the FS Driver */
2179 Status
= IoCallDriver(DeviceObject
, Irp
);
2180 if (Status
== STATUS_PENDING
)
2182 /* Wait for completion */
2183 KeWaitForSingleObject(&Event
, UserRequest
, KernelMode
, FALSE
, NULL
);
2186 /* Unqueue the IRP */
2187 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
2188 IopUnQueueIrpFromThread(Irp
);
2189 KeLowerIrql(OldIrql
);
2194 /* Release the lock if we were holding it */
2195 if (Process
!= NULL
&&
2196 BooleanFlagOn(FileObject
->Flags
, FO_SYNCHRONOUS_IO
))
2198 IopUnlockFileObject(FileObject
);
2204 IopQueryAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes
,
2205 IN FILE_INFORMATION_CLASS FileInformationClass
,
2206 IN ULONG FileInformationSize
,
2207 OUT PVOID FileInformation
)
2210 KPROCESSOR_MODE AccessMode
= ExGetPreviousMode();
2211 DUMMY_FILE_OBJECT LocalFileObject
;
2212 FILE_NETWORK_OPEN_INFORMATION NetworkOpenInfo
;
2214 OPEN_PACKET OpenPacket
;
2217 IOTRACE(IO_FILE_DEBUG
, "Class: %lx\n", FileInformationClass
);
2219 /* Check if the caller was user mode */
2220 if (AccessMode
!= KernelMode
)
2222 /* Protect probe in SEH */
2225 /* Probe the buffer */
2226 ProbeForWrite(FileInformation
, FileInformationSize
, sizeof(ULONG
));
2228 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2230 /* Return the exception code */
2231 _SEH2_YIELD(return _SEH2_GetExceptionCode());
2236 /* Check if this is a basic or full request */
2237 IsBasic
= (FileInformationSize
== sizeof(FILE_BASIC_INFORMATION
));
2239 /* Setup the Open Packet */
2240 RtlZeroMemory(&OpenPacket
, sizeof(OPEN_PACKET
));
2241 OpenPacket
.Type
= IO_TYPE_OPEN_PACKET
;
2242 OpenPacket
.Size
= sizeof(OPEN_PACKET
);
2243 OpenPacket
.CreateOptions
= FILE_OPEN_REPARSE_POINT
;
2244 OpenPacket
.ShareAccess
= FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
;
2245 OpenPacket
.Disposition
= FILE_OPEN
;
2246 OpenPacket
.BasicInformation
= IsBasic
? FileInformation
: NULL
;
2247 OpenPacket
.NetworkInformation
= IsBasic
? &NetworkOpenInfo
:
2248 (AccessMode
!= KernelMode
) ?
2249 &NetworkOpenInfo
: FileInformation
;
2250 OpenPacket
.QueryOnly
= TRUE
;
2251 OpenPacket
.FullAttributes
= IsBasic
? FALSE
: TRUE
;
2252 OpenPacket
.LocalFileObject
= &LocalFileObject
;
2254 /* Update the operation count */
2255 IopUpdateOperationCount(IopOtherTransfer
);
2258 * Attempt opening the file. This will call the I/O Parse Routine for
2259 * the File Object (IopParseDevice) which will use the dummy file obejct
2260 * send the IRP to its device object. Note that we have two statuses
2261 * to worry about: the Object Manager's status (in Status) and the I/O
2262 * status, which is in the Open Packet's Final Status, and determined
2263 * by the Parse Check member.
2265 Status
= ObOpenObjectByName(ObjectAttributes
,
2269 FILE_READ_ATTRIBUTES
,
2272 if (OpenPacket
.ParseCheck
== FALSE
)
2275 DPRINT("IopQueryAttributesFile failed for '%wZ' with 0x%lx\n",
2276 ObjectAttributes
->ObjectName
, Status
);
2281 /* Use the Io status */
2282 Status
= OpenPacket
.FinalStatus
;
2285 /* Check if we were succesful and this was user mode and a full query */
2286 if ((NT_SUCCESS(Status
)) && (AccessMode
!= KernelMode
) && !(IsBasic
))
2288 /* Enter SEH for copy */
2291 /* Copy the buffer back */
2292 RtlCopyMemory(FileInformation
,
2294 FileInformationSize
);
2296 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2298 /* Get exception code */
2299 Status
= _SEH2_GetExceptionCode();
2310 IopAcquireFileObjectLock(
2311 _In_ PFILE_OBJECT FileObject
,
2312 _In_ KPROCESSOR_MODE WaitMode
,
2313 _In_ BOOLEAN Alertable
,
2314 _Out_ PBOOLEAN LockFailed
)
2320 InterlockedIncrement((PLONG
)&FileObject
->Waiters
);
2322 Status
= STATUS_SUCCESS
;
2325 if (!InterlockedExchange((PLONG
)&FileObject
->Busy
, TRUE
))
2329 Status
= KeWaitForSingleObject(&FileObject
->Lock
,
2334 } while (Status
== STATUS_SUCCESS
);
2336 InterlockedDecrement((PLONG
)&FileObject
->Waiters
);
2337 if (Status
== STATUS_SUCCESS
)
2339 ObReferenceObject(FileObject
);
2340 *LockFailed
= FALSE
;
2344 if (!FileObject
->Busy
&& FileObject
->Waiters
)
2346 KeSetEvent(&FileObject
->Lock
, IO_NO_INCREMENT
, FALSE
);
2356 IoGetFileObjectFilterContext(IN PFILE_OBJECT FileObject
)
2358 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
2361 /* FIXME: return NULL for the moment ~ */
2370 IoChangeFileObjectFilterContext(IN PFILE_OBJECT FileObject
,
2371 IN PVOID FilterContext
,
2374 if (!(FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
))
2376 return STATUS_INVALID_PARAMETER
;
2381 return STATUS_NOT_IMPLEMENTED
;
2386 IopCreateFile(OUT PHANDLE FileHandle
,
2387 IN ACCESS_MASK DesiredAccess
,
2388 IN POBJECT_ATTRIBUTES ObjectAttributes
,
2389 OUT PIO_STATUS_BLOCK IoStatusBlock
,
2390 IN PLARGE_INTEGER AllocationSize OPTIONAL
,
2391 IN ULONG FileAttributes
,
2392 IN ULONG ShareAccess
,
2393 IN ULONG Disposition
,
2394 IN ULONG CreateOptions
,
2395 IN PVOID EaBuffer OPTIONAL
,
2397 IN CREATE_FILE_TYPE CreateFileType
,
2398 IN PVOID ExtraCreateParameters OPTIONAL
,
2401 IN PDEVICE_OBJECT DeviceObject OPTIONAL
)
2403 KPROCESSOR_MODE AccessMode
;
2404 HANDLE LocalHandle
= 0;
2405 LARGE_INTEGER SafeAllocationSize
;
2406 NTSTATUS Status
= STATUS_SUCCESS
;
2407 PNAMED_PIPE_CREATE_PARAMETERS NamedPipeCreateParameters
;
2408 POPEN_PACKET OpenPacket
;
2409 ULONG EaErrorOffset
;
2412 IOTRACE(IO_FILE_DEBUG
, "FileName: %wZ\n", ObjectAttributes
->ObjectName
);
2415 /* Check if we have no parameter checking to do */
2416 if (Options
& IO_NO_PARAMETER_CHECKING
)
2418 /* Then force kernel-mode access to avoid checks */
2419 AccessMode
= KernelMode
;
2423 /* Otherwise, use the actual mode */
2424 AccessMode
= ExGetPreviousMode();
2427 /* Check if we need to do parameter checking */
2428 if ((AccessMode
!= KernelMode
) || (Options
& IO_CHECK_CREATE_PARAMETERS
))
2430 /* Validate parameters */
2431 if (FileAttributes
& ~FILE_ATTRIBUTE_VALID_FLAGS
)
2433 DPRINT1("File Create 'FileAttributes' Parameter contains invalid flags!\n");
2434 return STATUS_INVALID_PARAMETER
;
2437 if (ShareAccess
& ~FILE_SHARE_VALID_FLAGS
)
2439 DPRINT1("File Create 'ShareAccess' Parameter contains invalid flags!\n");
2440 return STATUS_INVALID_PARAMETER
;
2443 if (Disposition
> FILE_MAXIMUM_DISPOSITION
)
2445 DPRINT1("File Create 'Disposition' Parameter is out of range!\n");
2446 return STATUS_INVALID_PARAMETER
;
2449 if (CreateOptions
& ~FILE_VALID_OPTION_FLAGS
)
2451 DPRINT1("File Create 'CreateOptions' parameter contains invalid flags!\n");
2452 return STATUS_INVALID_PARAMETER
;
2455 if ((CreateOptions
& (FILE_SYNCHRONOUS_IO_ALERT
| FILE_SYNCHRONOUS_IO_NONALERT
)) &&
2456 (!(DesiredAccess
& SYNCHRONIZE
)))
2458 DPRINT1("File Create 'CreateOptions' parameter FILE_SYNCHRONOUS_IO_* requested, but 'DesiredAccess' does not have SYNCHRONIZE!\n");
2459 return STATUS_INVALID_PARAMETER
;
2462 if ((CreateOptions
& FILE_DELETE_ON_CLOSE
) && (!(DesiredAccess
& DELETE
)))
2464 DPRINT1("File Create 'CreateOptions' parameter FILE_DELETE_ON_CLOSE requested, but 'DesiredAccess' does not have DELETE!\n");
2465 return STATUS_INVALID_PARAMETER
;
2468 if ((CreateOptions
& (FILE_SYNCHRONOUS_IO_NONALERT
| FILE_SYNCHRONOUS_IO_ALERT
)) ==
2469 (FILE_SYNCHRONOUS_IO_NONALERT
| FILE_SYNCHRONOUS_IO_ALERT
))
2471 DPRINT1("File Create 'FileAttributes' parameter both FILE_SYNCHRONOUS_IO_NONALERT and FILE_SYNCHRONOUS_IO_ALERT specified!\n");
2472 return STATUS_INVALID_PARAMETER
;
2475 if ((CreateOptions
& FILE_DIRECTORY_FILE
) && !(CreateOptions
& FILE_NON_DIRECTORY_FILE
) &&
2476 (CreateOptions
& ~(FILE_DIRECTORY_FILE
|
2477 FILE_SYNCHRONOUS_IO_ALERT
|
2478 FILE_SYNCHRONOUS_IO_NONALERT
|
2479 FILE_WRITE_THROUGH
|
2480 FILE_COMPLETE_IF_OPLOCKED
|
2481 FILE_OPEN_FOR_BACKUP_INTENT
|
2482 FILE_DELETE_ON_CLOSE
|
2483 FILE_OPEN_FOR_FREE_SPACE_QUERY
|
2484 FILE_OPEN_BY_FILE_ID
|
2485 FILE_NO_COMPRESSION
|
2486 FILE_OPEN_REPARSE_POINT
)))
2488 DPRINT1("File Create 'CreateOptions' Parameter has flags incompatible with FILE_DIRECTORY_FILE!\n");
2489 return STATUS_INVALID_PARAMETER
;
2492 if ((CreateOptions
& FILE_DIRECTORY_FILE
) && !(CreateOptions
& FILE_NON_DIRECTORY_FILE
) &&
2493 (Disposition
!= FILE_CREATE
) && (Disposition
!= FILE_OPEN
) && (Disposition
!= FILE_OPEN_IF
))
2495 DPRINT1("File Create 'CreateOptions' Parameter FILE_DIRECTORY_FILE requested, but 'Disposition' is not FILE_CREATE/FILE_OPEN/FILE_OPEN_IF!\n");
2496 return STATUS_INVALID_PARAMETER
;
2499 if ((CreateOptions
& FILE_COMPLETE_IF_OPLOCKED
) && (CreateOptions
& FILE_RESERVE_OPFILTER
))
2501 DPRINT1("File Create 'CreateOptions' Parameter both FILE_COMPLETE_IF_OPLOCKED and FILE_RESERVE_OPFILTER specified!\n");
2502 return STATUS_INVALID_PARAMETER
;
2505 if ((CreateOptions
& FILE_NO_INTERMEDIATE_BUFFERING
) && (DesiredAccess
& FILE_APPEND_DATA
))
2507 DPRINT1("File Create 'CreateOptions' parameter FILE_NO_INTERMEDIATE_BUFFERING requested, but 'DesiredAccess' FILE_APPEND_DATA requires it!\n");
2508 return STATUS_INVALID_PARAMETER
;
2511 /* Now check if this is a named pipe */
2512 if (CreateFileType
== CreateFileTypeNamedPipe
)
2514 /* Make sure we have extra parameters */
2515 if (!ExtraCreateParameters
)
2517 DPRINT1("Invalid parameter: ExtraCreateParameters == 0!\n");
2518 return STATUS_INVALID_PARAMETER
;
2521 /* Get the parameters and validate them */
2522 NamedPipeCreateParameters
= ExtraCreateParameters
;
2523 if ((NamedPipeCreateParameters
->NamedPipeType
> FILE_PIPE_MESSAGE_TYPE
) ||
2524 (NamedPipeCreateParameters
->ReadMode
> FILE_PIPE_MESSAGE_MODE
) ||
2525 (NamedPipeCreateParameters
->CompletionMode
> FILE_PIPE_COMPLETE_OPERATION
) ||
2526 (ShareAccess
& FILE_SHARE_DELETE
) ||
2527 ((Disposition
< FILE_OPEN
) || (Disposition
> FILE_OPEN_IF
)) ||
2528 (CreateOptions
& ~FILE_VALID_PIPE_OPTION_FLAGS
))
2530 /* Invalid named pipe create */
2531 DPRINT1("Invalid named pipe create\n");
2532 return STATUS_INVALID_PARAMETER
;
2535 else if (CreateFileType
== CreateFileTypeMailslot
)
2537 /* Make sure we have extra parameters */
2538 if (!ExtraCreateParameters
)
2540 DPRINT1("Invalid parameter: ExtraCreateParameters == 0!\n");
2541 return STATUS_INVALID_PARAMETER
;
2544 /* Get the parameters and validate them */
2545 if ((ShareAccess
& FILE_SHARE_DELETE
) ||
2546 !(ShareAccess
& ~FILE_SHARE_WRITE
) ||
2547 (Disposition
!= FILE_CREATE
) ||
2548 (CreateOptions
& ~FILE_VALID_MAILSLOT_OPTION_FLAGS
))
2550 /* Invalid mailslot create */
2551 DPRINT1("Invalid mailslot create\n");
2552 return STATUS_INVALID_PARAMETER
;
2557 /* Allocate the open packet */
2558 OpenPacket
= ExAllocatePoolWithTag(NonPagedPool
, sizeof(*OpenPacket
), 'pOoI');
2559 if (!OpenPacket
) return STATUS_INSUFFICIENT_RESOURCES
;
2560 RtlZeroMemory(OpenPacket
, sizeof(*OpenPacket
));
2562 /* Check if the call came from user mode */
2563 if (AccessMode
!= KernelMode
)
2567 /* Probe the output parameters */
2568 ProbeForWriteHandle(FileHandle
);
2569 ProbeForWriteIoStatusBlock(IoStatusBlock
);
2571 /* Probe the allocation size if one was passed in */
2574 SafeAllocationSize
= ProbeForReadLargeInteger(AllocationSize
);
2578 SafeAllocationSize
.QuadPart
= 0;
2581 /* Make sure it's valid */
2582 if (SafeAllocationSize
.QuadPart
< 0)
2584 RtlRaiseStatus(STATUS_INVALID_PARAMETER
);
2587 /* Check if EA was passed in */
2588 if ((EaBuffer
) && (EaLength
))
2591 ProbeForRead(EaBuffer
, EaLength
, sizeof(ULONG
));
2593 /* And marshall it */
2594 OpenPacket
->EaBuffer
= ExAllocatePoolWithTag(NonPagedPool
,
2597 OpenPacket
->EaLength
= EaLength
;
2598 RtlCopyMemory(OpenPacket
->EaBuffer
, EaBuffer
, EaLength
);
2600 /* Validate the buffer */
2601 Status
= IoCheckEaBufferValidity(OpenPacket
->EaBuffer
,
2604 if (!NT_SUCCESS(Status
))
2606 /* Undo everything if it's invalid */
2607 DPRINT1("Invalid EA buffer\n");
2608 IoStatusBlock
->Status
= Status
;
2609 IoStatusBlock
->Information
= EaErrorOffset
;
2610 RtlRaiseStatus(Status
);
2614 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2616 /* Return the exception code */
2617 if (OpenPacket
->EaBuffer
!= NULL
) ExFreePool(OpenPacket
->EaBuffer
);
2618 ExFreePool(OpenPacket
);
2619 _SEH2_YIELD(return _SEH2_GetExceptionCode());
2625 /* Check if this is a device attach */
2626 if (CreateOptions
& IO_ATTACH_DEVICE_API
)
2628 /* Set the flag properly */
2629 Options
|= IO_ATTACH_DEVICE
;
2630 CreateOptions
&= ~IO_ATTACH_DEVICE_API
;
2633 /* Check if we have allocation size */
2637 SafeAllocationSize
= *AllocationSize
;
2641 /* Otherwise, no size */
2642 SafeAllocationSize
.QuadPart
= 0;
2645 /* Check if we have an EA packet */
2646 if ((EaBuffer
) && (EaLength
))
2648 /* Allocate the kernel copy */
2649 OpenPacket
->EaBuffer
= ExAllocatePoolWithTag(NonPagedPool
,
2652 if (!OpenPacket
->EaBuffer
)
2654 ExFreePool(OpenPacket
);
2655 DPRINT1("Failed to allocate open packet EA buffer\n");
2656 return STATUS_INSUFFICIENT_RESOURCES
;
2660 OpenPacket
->EaLength
= EaLength
;
2661 RtlCopyMemory(OpenPacket
->EaBuffer
, EaBuffer
, EaLength
);
2663 /* Validate the buffer */
2664 Status
= IoCheckEaBufferValidity(OpenPacket
->EaBuffer
,
2667 if (!NT_SUCCESS(Status
))
2669 /* Undo everything if it's invalid */
2670 DPRINT1("Invalid EA buffer\n");
2671 ExFreePool(OpenPacket
->EaBuffer
);
2672 IoStatusBlock
->Status
= Status
;
2673 IoStatusBlock
->Information
= EaErrorOffset
;
2674 ExFreePool(OpenPacket
);
2680 /* Setup the Open Packet */
2681 OpenPacket
->Type
= IO_TYPE_OPEN_PACKET
;
2682 OpenPacket
->Size
= sizeof(*OpenPacket
);
2683 OpenPacket
->AllocationSize
= SafeAllocationSize
;
2684 OpenPacket
->CreateOptions
= CreateOptions
;
2685 OpenPacket
->FileAttributes
= (USHORT
)FileAttributes
;
2686 OpenPacket
->ShareAccess
= (USHORT
)ShareAccess
;
2687 OpenPacket
->Options
= Options
;
2688 OpenPacket
->Disposition
= Disposition
;
2689 OpenPacket
->CreateFileType
= CreateFileType
;
2690 OpenPacket
->ExtraCreateParameters
= ExtraCreateParameters
;
2691 OpenPacket
->InternalFlags
= Flags
;
2692 OpenPacket
->TopDeviceObjectHint
= DeviceObject
;
2694 /* Update the operation count */
2695 IopUpdateOperationCount(IopOtherTransfer
);
2698 * Attempt opening the file. This will call the I/O Parse Routine for
2699 * the File Object (IopParseDevice) which will create the object and
2700 * send the IRP to its device object. Note that we have two statuses
2701 * to worry about: the Object Manager's status (in Status) and the I/O
2702 * status, which is in the Open Packet's Final Status, and determined
2703 * by the Parse Check member.
2705 Status
= ObOpenObjectByName(ObjectAttributes
,
2713 /* Free the EA Buffer */
2714 if (OpenPacket
->EaBuffer
) ExFreePool(OpenPacket
->EaBuffer
);
2716 /* Now check for Ob or Io failure */
2717 if (!(NT_SUCCESS(Status
)) || (OpenPacket
->ParseCheck
== FALSE
))
2719 /* Check if Ob thinks well went well */
2720 if (NT_SUCCESS(Status
))
2723 * Tell it otherwise. Because we didn't use an ObjectType,
2724 * it incorrectly returned us a handle to God knows what.
2726 ZwClose(LocalHandle
);
2727 Status
= STATUS_OBJECT_TYPE_MISMATCH
;
2730 /* Now check the Io status */
2731 if (!NT_SUCCESS(OpenPacket
->FinalStatus
))
2733 /* Use this status instead of Ob's */
2734 Status
= OpenPacket
->FinalStatus
;
2736 /* Check if it was only a warning */
2737 if (NT_WARNING(Status
))
2739 /* Protect write with SEH */
2742 /* In this case, we copy the I/O Status back */
2743 IoStatusBlock
->Information
= OpenPacket
->Information
;
2744 IoStatusBlock
->Status
= OpenPacket
->FinalStatus
;
2746 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2748 /* Get exception code */
2749 Status
= _SEH2_GetExceptionCode();
2754 else if ((OpenPacket
->FileObject
) && (OpenPacket
->ParseCheck
== FALSE
))
2757 * This can happen in the very bizarre case where the parse routine
2758 * actually executed more then once (due to a reparse) and ended
2759 * up failing after already having created the File Object.
2761 if (OpenPacket
->FileObject
->FileName
.Length
)
2763 /* It had a name, free it */
2764 ExFreePoolWithTag(OpenPacket
->FileObject
->FileName
.Buffer
, TAG_IO_NAME
);
2767 /* Clear the device object to invalidate the FO, and dereference */
2768 OpenPacket
->FileObject
->DeviceObject
= NULL
;
2769 ObDereferenceObject(OpenPacket
->FileObject
);
2774 /* We reached success and have a valid file handle */
2775 OpenPacket
->FileObject
->Flags
|= FO_HANDLE_CREATED
;
2776 ASSERT(OpenPacket
->FileObject
->Type
== IO_TYPE_FILE
);
2778 /* Enter SEH for write back */
2781 /* Write back the handle and I/O Status */
2782 *FileHandle
= LocalHandle
;
2783 IoStatusBlock
->Information
= OpenPacket
->Information
;
2784 IoStatusBlock
->Status
= OpenPacket
->FinalStatus
;
2786 /* Get the Io status */
2787 Status
= OpenPacket
->FinalStatus
;
2789 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2791 /* Get the exception status */
2792 Status
= _SEH2_GetExceptionCode();
2797 /* Check if we were 100% successful */
2798 if ((OpenPacket
->ParseCheck
!= FALSE
) && (OpenPacket
->FileObject
))
2800 /* Dereference the File Object */
2801 ObDereferenceObject(OpenPacket
->FileObject
);
2805 ExFreePool(OpenPacket
);
2809 /* FUNCTIONS *****************************************************************/
2816 IoCheckQuerySetFileInformation(IN FILE_INFORMATION_CLASS FileInformationClass
,
2818 IN BOOLEAN SetOperation
)
2821 return STATUS_NOT_IMPLEMENTED
;
2829 IoCheckQuotaBufferValidity(IN PFILE_QUOTA_INFORMATION QuotaBuffer
,
2830 IN ULONG QuotaLength
,
2831 OUT PULONG ErrorOffset
)
2834 return STATUS_NOT_IMPLEMENTED
;
2842 IoCreateFile(OUT PHANDLE FileHandle
,
2843 IN ACCESS_MASK DesiredAccess
,
2844 IN POBJECT_ATTRIBUTES ObjectAttributes
,
2845 OUT PIO_STATUS_BLOCK IoStatusBlock
,
2846 IN PLARGE_INTEGER AllocationSize OPTIONAL
,
2847 IN ULONG FileAttributes
,
2848 IN ULONG ShareAccess
,
2849 IN ULONG Disposition
,
2850 IN ULONG CreateOptions
,
2851 IN PVOID EaBuffer OPTIONAL
,
2853 IN CREATE_FILE_TYPE CreateFileType
,
2854 IN PVOID ExtraCreateParameters OPTIONAL
,
2859 return IopCreateFile(FileHandle
,
2871 ExtraCreateParameters
,
2882 IoCreateFileSpecifyDeviceObjectHint(OUT PHANDLE FileHandle
,
2883 IN ACCESS_MASK DesiredAccess
,
2884 IN POBJECT_ATTRIBUTES ObjectAttributes
,
2885 OUT PIO_STATUS_BLOCK IoStatusBlock
,
2886 IN PLARGE_INTEGER AllocationSize OPTIONAL
,
2887 IN ULONG FileAttributes
,
2888 IN ULONG ShareAccess
,
2889 IN ULONG Disposition
,
2890 IN ULONG CreateOptions
,
2891 IN PVOID EaBuffer OPTIONAL
,
2893 IN CREATE_FILE_TYPE CreateFileType
,
2894 IN PVOID ExtraCreateParameters OPTIONAL
,
2896 IN PVOID DeviceObject
)
2902 /* Check if we were passed a device to send the create request to*/
2905 /* We'll tag this request into a file object extension */
2906 Flags
= (IOP_CREATE_FILE_OBJECT_EXTENSION
| IOP_USE_TOP_LEVEL_DEVICE_HINT
);
2909 return IopCreateFile(FileHandle
,
2921 ExtraCreateParameters
,
2922 Options
| IO_NO_PARAMETER_CHECKING
,
2932 IoCreateStreamFileObjectEx(IN PFILE_OBJECT FileObject OPTIONAL
,
2933 IN PDEVICE_OBJECT DeviceObject OPTIONAL
,
2934 OUT PHANDLE FileObjectHandle OPTIONAL
)
2936 PFILE_OBJECT CreatedFileObject
;
2939 OBJECT_ATTRIBUTES ObjectAttributes
;
2941 IOTRACE(IO_FILE_DEBUG
, "FileObject: %p\n", FileObject
);
2943 /* Choose Device Object */
2944 if (FileObject
) DeviceObject
= FileObject
->DeviceObject
;
2946 /* Reference the device object and initialize attributes */
2947 InterlockedIncrement(&DeviceObject
->ReferenceCount
);
2948 InitializeObjectAttributes(&ObjectAttributes
, NULL
, 0, NULL
, NULL
);
2950 /* Create the File Object */
2951 Status
= ObCreateObject(KernelMode
,
2956 sizeof(FILE_OBJECT
),
2957 sizeof(FILE_OBJECT
),
2959 (PVOID
*)&CreatedFileObject
);
2960 if (!NT_SUCCESS(Status
))
2963 IopDereferenceDeviceObject(DeviceObject
, FALSE
);
2964 ExRaiseStatus(Status
);
2967 /* Set File Object Data */
2968 RtlZeroMemory(CreatedFileObject
, sizeof(FILE_OBJECT
));
2969 CreatedFileObject
->DeviceObject
= DeviceObject
;
2970 CreatedFileObject
->Type
= IO_TYPE_FILE
;
2971 CreatedFileObject
->Size
= sizeof(FILE_OBJECT
);
2972 CreatedFileObject
->Flags
= FO_STREAM_FILE
;
2974 /* Initialize the wait event */
2975 KeInitializeEvent(&CreatedFileObject
->Event
, SynchronizationEvent
, FALSE
);
2977 /* Insert it to create a handle for it */
2978 Status
= ObInsertObject(CreatedFileObject
,
2982 (PVOID
*)&CreatedFileObject
,
2984 if (!NT_SUCCESS(Status
)) ExRaiseStatus(Status
);
2986 /* Set the handle created flag */
2987 CreatedFileObject
->Flags
|= FO_HANDLE_CREATED
;
2988 ASSERT(CreatedFileObject
->Type
== IO_TYPE_FILE
);
2990 /* Check if we have a VPB */
2991 if (DeviceObject
->Vpb
)
2994 InterlockedIncrement((PLONG
)&DeviceObject
->Vpb
->ReferenceCount
);
2997 /* Check if the caller wants the handle */
2998 if (FileObjectHandle
)
3001 *FileObjectHandle
= FileHandle
;
3002 ObDereferenceObject(CreatedFileObject
);
3006 /* Otherwise, close it */
3007 ObCloseHandle(FileHandle
, KernelMode
);
3010 /* Return the file object */
3011 return CreatedFileObject
;
3019 IoCreateStreamFileObject(IN PFILE_OBJECT FileObject
,
3020 IN PDEVICE_OBJECT DeviceObject
)
3022 /* Call the newer function */
3023 return IoCreateStreamFileObjectEx(FileObject
, DeviceObject
, NULL
);
3031 IoCreateStreamFileObjectLite(IN PFILE_OBJECT FileObject OPTIONAL
,
3032 IN PDEVICE_OBJECT DeviceObject OPTIONAL
)
3034 PFILE_OBJECT CreatedFileObject
;
3036 OBJECT_ATTRIBUTES ObjectAttributes
;
3038 IOTRACE(IO_FILE_DEBUG
, "FileObject: %p\n", FileObject
);
3040 /* Choose Device Object */
3041 if (FileObject
) DeviceObject
= FileObject
->DeviceObject
;
3043 /* Reference the device object and initialize attributes */
3044 InterlockedIncrement(&DeviceObject
->ReferenceCount
);
3045 InitializeObjectAttributes(&ObjectAttributes
, NULL
, 0, NULL
, NULL
);
3047 /* Create the File Object */
3048 Status
= ObCreateObject(KernelMode
,
3053 sizeof(FILE_OBJECT
),
3054 sizeof(FILE_OBJECT
),
3056 (PVOID
*)&CreatedFileObject
);
3057 if (!NT_SUCCESS(Status
))
3060 IopDereferenceDeviceObject(DeviceObject
, FALSE
);
3061 ExRaiseStatus(Status
);
3064 /* Set File Object Data */
3065 RtlZeroMemory(CreatedFileObject
, sizeof(FILE_OBJECT
));
3066 CreatedFileObject
->DeviceObject
= DeviceObject
;
3067 CreatedFileObject
->Type
= IO_TYPE_FILE
;
3068 CreatedFileObject
->Size
= sizeof(FILE_OBJECT
);
3069 CreatedFileObject
->Flags
= FO_STREAM_FILE
;
3071 /* Initialize the wait event */
3072 KeInitializeEvent(&CreatedFileObject
->Event
, SynchronizationEvent
, FALSE
);
3074 /* Destroy create information */
3075 ObFreeObjectCreateInfoBuffer(OBJECT_TO_OBJECT_HEADER(CreatedFileObject
)->
3077 OBJECT_TO_OBJECT_HEADER(CreatedFileObject
)->ObjectCreateInfo
= NULL
;
3079 /* Set the handle created flag */
3080 CreatedFileObject
->Flags
|= FO_HANDLE_CREATED
;
3081 ASSERT(CreatedFileObject
->Type
== IO_TYPE_FILE
);
3083 /* Check if we have a VPB */
3084 if (DeviceObject
->Vpb
)
3087 InterlockedIncrement((PLONG
)&DeviceObject
->Vpb
->ReferenceCount
);
3090 /* Return the file object */
3091 return CreatedFileObject
;
3099 IoGetFileObjectGenericMapping(VOID
)
3101 /* Return the mapping */
3102 return &IopFileMapping
;
3110 IoIsFileOriginRemote(IN PFILE_OBJECT FileObject
)
3112 /* Return the flag status */
3113 return FileObject
->Flags
& FO_REMOTE_ORIGIN
? TRUE
: FALSE
;
3121 IoFastQueryNetworkAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes
,
3122 IN ACCESS_MASK DesiredAccess
,
3123 IN ULONG OpenOptions
,
3124 OUT PIO_STATUS_BLOCK IoStatus
,
3125 OUT PFILE_NETWORK_OPEN_INFORMATION Buffer
)
3128 DUMMY_FILE_OBJECT LocalFileObject
;
3130 OPEN_PACKET OpenPacket
;
3132 IOTRACE(IO_FILE_DEBUG
, "FileName: %wZ\n", ObjectAttributes
->ObjectName
);
3134 /* Setup the Open Packet */
3135 RtlZeroMemory(&OpenPacket
, sizeof(OPEN_PACKET
));
3136 OpenPacket
.Type
= IO_TYPE_OPEN_PACKET
;
3137 OpenPacket
.Size
= sizeof(OPEN_PACKET
);
3138 OpenPacket
.CreateOptions
= OpenOptions
| FILE_OPEN_REPARSE_POINT
;
3139 OpenPacket
.ShareAccess
= FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
;
3140 OpenPacket
.Options
= IO_FORCE_ACCESS_CHECK
;
3141 OpenPacket
.Disposition
= FILE_OPEN
;
3142 OpenPacket
.NetworkInformation
= Buffer
;
3143 OpenPacket
.QueryOnly
= TRUE
;
3144 OpenPacket
.FullAttributes
= TRUE
;
3145 OpenPacket
.LocalFileObject
= &LocalFileObject
;
3148 * Attempt opening the file. This will call the I/O Parse Routine for
3149 * the File Object (IopParseDevice) which will use the dummy file obejct
3150 * send the IRP to its device object. Note that we have two statuses
3151 * to worry about: the Object Manager's status (in Status) and the I/O
3152 * status, which is in the Open Packet's Final Status, and determined
3153 * by the Parse Check member.
3155 Status
= ObOpenObjectByName(ObjectAttributes
,
3162 if (OpenPacket
.ParseCheck
== FALSE
)
3165 IoStatus
->Status
= Status
;
3169 /* Use the Io status */
3170 IoStatus
->Status
= OpenPacket
.FinalStatus
;
3171 IoStatus
->Information
= OpenPacket
.Information
;
3174 /* Return success */
3183 IoUpdateShareAccess(IN PFILE_OBJECT FileObject
,
3184 OUT PSHARE_ACCESS ShareAccess
)
3188 /* Check if the file has an extension */
3189 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
3191 /* Check if caller specified to ignore access checks */
3192 //if (FileObject->FoExtFlags & IO_IGNORE_SHARE_ACCESS_CHECK)
3194 /* Don't update share access */
3199 /* Otherwise, check if there's any access present */
3200 if ((FileObject
->ReadAccess
) ||
3201 (FileObject
->WriteAccess
) ||
3202 (FileObject
->DeleteAccess
))
3204 /* Increase the open count */
3205 ShareAccess
->OpenCount
++;
3207 /* Add new share access */
3208 ShareAccess
->Readers
+= FileObject
->ReadAccess
;
3209 ShareAccess
->Writers
+= FileObject
->WriteAccess
;
3210 ShareAccess
->Deleters
+= FileObject
->DeleteAccess
;
3211 ShareAccess
->SharedRead
+= FileObject
->SharedRead
;
3212 ShareAccess
->SharedWrite
+= FileObject
->SharedWrite
;
3213 ShareAccess
->SharedDelete
+= FileObject
->SharedDelete
;
3222 IoCheckShareAccess(IN ACCESS_MASK DesiredAccess
,
3223 IN ULONG DesiredShareAccess
,
3224 IN PFILE_OBJECT FileObject
,
3225 IN PSHARE_ACCESS ShareAccess
,
3229 BOOLEAN WriteAccess
;
3230 BOOLEAN DeleteAccess
;
3232 BOOLEAN SharedWrite
;
3233 BOOLEAN SharedDelete
;
3236 /* Get access masks */
3237 ReadAccess
= (DesiredAccess
& (FILE_READ_DATA
| FILE_EXECUTE
)) != 0;
3238 WriteAccess
= (DesiredAccess
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) != 0;
3239 DeleteAccess
= (DesiredAccess
& DELETE
) != 0;
3241 /* Set them in the file object */
3242 FileObject
->ReadAccess
= ReadAccess
;
3243 FileObject
->WriteAccess
= WriteAccess
;
3244 FileObject
->DeleteAccess
= DeleteAccess
;
3246 /* Check if the file has an extension */
3247 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
3249 /* Check if caller specified to ignore access checks */
3250 //if (FileObject->FoExtFlags & IO_IGNORE_SHARE_ACCESS_CHECK)
3252 /* Don't check share access */
3253 return STATUS_SUCCESS
;
3257 /* Check if we have any access */
3258 if ((ReadAccess
) || (WriteAccess
) || (DeleteAccess
))
3260 /* Get shared access masks */
3261 SharedRead
= (DesiredShareAccess
& FILE_SHARE_READ
) != 0;
3262 SharedWrite
= (DesiredShareAccess
& FILE_SHARE_WRITE
) != 0;
3263 SharedDelete
= (DesiredShareAccess
& FILE_SHARE_DELETE
) != 0;
3266 FileObject
->SharedRead
= SharedRead
;
3267 FileObject
->SharedWrite
= SharedWrite
;
3268 FileObject
->SharedDelete
= SharedDelete
;
3270 /* Check if the shared access is violated */
3272 (ShareAccess
->SharedRead
< ShareAccess
->OpenCount
)) ||
3274 (ShareAccess
->SharedWrite
< ShareAccess
->OpenCount
)) ||
3276 (ShareAccess
->SharedDelete
< ShareAccess
->OpenCount
)) ||
3277 ((ShareAccess
->Readers
!= 0) && !SharedRead
) ||
3278 ((ShareAccess
->Writers
!= 0) && !SharedWrite
) ||
3279 ((ShareAccess
->Deleters
!= 0) && !SharedDelete
))
3281 /* Sharing violation, fail */
3282 return STATUS_SHARING_VIOLATION
;
3285 /* It's not, check if caller wants us to update it */
3288 /* Increase open count */
3289 ShareAccess
->OpenCount
++;
3291 /* Update shared access */
3292 ShareAccess
->Readers
+= ReadAccess
;
3293 ShareAccess
->Writers
+= WriteAccess
;
3294 ShareAccess
->Deleters
+= DeleteAccess
;
3295 ShareAccess
->SharedRead
+= SharedRead
;
3296 ShareAccess
->SharedWrite
+= SharedWrite
;
3297 ShareAccess
->SharedDelete
+= SharedDelete
;
3301 /* Validation successful */
3302 return STATUS_SUCCESS
;
3310 IoRemoveShareAccess(IN PFILE_OBJECT FileObject
,
3311 IN PSHARE_ACCESS ShareAccess
)
3315 /* Check if the file has an extension */
3316 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
3318 /* Check if caller specified to ignore access checks */
3319 //if (FileObject->FoExtFlags & IO_IGNORE_SHARE_ACCESS_CHECK)
3321 /* Don't update share access */
3326 /* Otherwise, check if there's any access present */
3327 if ((FileObject
->ReadAccess
) ||
3328 (FileObject
->WriteAccess
) ||
3329 (FileObject
->DeleteAccess
))
3331 /* Decrement the open count */
3332 ShareAccess
->OpenCount
--;
3334 /* Remove share access */
3335 ShareAccess
->Readers
-= FileObject
->ReadAccess
;
3336 ShareAccess
->Writers
-= FileObject
->WriteAccess
;
3337 ShareAccess
->Deleters
-= FileObject
->DeleteAccess
;
3338 ShareAccess
->SharedRead
-= FileObject
->SharedRead
;
3339 ShareAccess
->SharedWrite
-= FileObject
->SharedWrite
;
3340 ShareAccess
->SharedDelete
-= FileObject
->SharedDelete
;
3349 IoSetShareAccess(IN ACCESS_MASK DesiredAccess
,
3350 IN ULONG DesiredShareAccess
,
3351 IN PFILE_OBJECT FileObject
,
3352 OUT PSHARE_ACCESS ShareAccess
)
3355 BOOLEAN WriteAccess
;
3356 BOOLEAN DeleteAccess
;
3358 BOOLEAN SharedWrite
;
3359 BOOLEAN SharedDelete
;
3360 BOOLEAN Update
= TRUE
;
3363 ReadAccess
= (DesiredAccess
& (FILE_READ_DATA
| FILE_EXECUTE
)) != 0;
3364 WriteAccess
= (DesiredAccess
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) != 0;
3365 DeleteAccess
= (DesiredAccess
& DELETE
) != 0;
3367 /* Check if the file has an extension */
3368 if (FileObject
->Flags
& FO_FILE_OBJECT_HAS_EXTENSION
)
3370 /* Check if caller specified to ignore access checks */
3371 //if (FileObject->FoExtFlags & IO_IGNORE_SHARE_ACCESS_CHECK)
3373 /* Don't update share access */
3378 /* Update basic access */
3379 FileObject
->ReadAccess
= ReadAccess
;
3380 FileObject
->WriteAccess
= WriteAccess
;
3381 FileObject
->DeleteAccess
= DeleteAccess
;
3383 /* Check if we have no access as all */
3384 if (!(ReadAccess
) && !(WriteAccess
) && !(DeleteAccess
))
3386 /* Check if we need to update the structure */
3387 if (!Update
) return;
3389 /* Otherwise, clear data */
3390 ShareAccess
->OpenCount
= 0;
3391 ShareAccess
->Readers
= 0;
3392 ShareAccess
->Writers
= 0;
3393 ShareAccess
->Deleters
= 0;
3394 ShareAccess
->SharedRead
= 0;
3395 ShareAccess
->SharedWrite
= 0;
3396 ShareAccess
->SharedDelete
= 0;
3400 /* Calculate shared access */
3401 SharedRead
= (DesiredShareAccess
& FILE_SHARE_READ
) != 0;
3402 SharedWrite
= (DesiredShareAccess
& FILE_SHARE_WRITE
) != 0;
3403 SharedDelete
= (DesiredShareAccess
& FILE_SHARE_DELETE
) != 0;
3405 /* Set it in the FO */
3406 FileObject
->SharedRead
= SharedRead
;
3407 FileObject
->SharedWrite
= SharedWrite
;
3408 FileObject
->SharedDelete
= SharedDelete
;
3410 /* Check if we need to update the structure */
3411 if (!Update
) return;
3413 /* Otherwise, set data */
3414 ShareAccess
->OpenCount
= 1;
3415 ShareAccess
->Readers
= ReadAccess
;
3416 ShareAccess
->Writers
= WriteAccess
;
3417 ShareAccess
->Deleters
= DeleteAccess
;
3418 ShareAccess
->SharedRead
= SharedRead
;
3419 ShareAccess
->SharedWrite
= SharedWrite
;
3420 ShareAccess
->SharedDelete
= SharedDelete
;
3429 IoCancelFileOpen(IN PDEVICE_OBJECT DeviceObject
,
3430 IN PFILE_OBJECT FileObject
)
3436 PIO_STACK_LOCATION Stack
;
3438 /* Check if handles were already created for the
3439 * open file. If so, that's over.
3441 if (FileObject
->Flags
& FO_HANDLE_CREATED
)
3442 KeBugCheckEx(INVALID_CANCEL_OF_FILE_OPEN
,
3443 (ULONG_PTR
)FileObject
,
3444 (ULONG_PTR
)DeviceObject
, 0, 0);
3446 /* Reset the events */
3447 KeInitializeEvent(&Event
, SynchronizationEvent
, FALSE
);
3448 KeClearEvent(&FileObject
->Event
);
3450 /* Allocate the IRP we'll use */
3451 Irp
= IopAllocateIrpMustSucceed(DeviceObject
->StackSize
);
3452 /* Properly set it */
3453 Irp
->Tail
.Overlay
.Thread
= PsGetCurrentThread();
3454 Irp
->UserEvent
= &Event
;
3455 Irp
->UserIosb
= &Irp
->IoStatus
;
3456 Irp
->Overlay
.AsynchronousParameters
.UserApcRoutine
= NULL
;
3457 Irp
->Tail
.Overlay
.OriginalFileObject
= FileObject
;
3458 Irp
->RequestorMode
= KernelMode
;
3459 Irp
->Flags
= IRP_CLOSE_OPERATION
| IRP_SYNCHRONOUS_API
;
3461 Stack
= IoGetNextIrpStackLocation(Irp
);
3462 Stack
->MajorFunction
= IRP_MJ_CLEANUP
;
3463 Stack
->FileObject
= FileObject
;
3465 /* Put on top of IRPs list of the thread */
3466 IopQueueIrpToThread(Irp
);
3468 /* Call the driver */
3469 Status
= IoCallDriver(DeviceObject
, Irp
);
3470 if (Status
== STATUS_PENDING
)
3472 KeWaitForSingleObject(&Event
, UserRequest
,
3473 KernelMode
, FALSE
, NULL
);
3476 /* Remove from IRPs list */
3477 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
3478 IopUnQueueIrpFromThread(Irp
);
3479 KeLowerIrql(OldIrql
);
3484 /* Clear the event */
3485 KeClearEvent(&FileObject
->Event
);
3486 /* And finally, mark the open operation as canceled */
3487 FileObject
->Flags
|= FO_FILE_OPEN_CANCELLED
;
3495 IoQueryFileDosDeviceName(IN PFILE_OBJECT FileObject
,
3496 OUT POBJECT_NAME_INFORMATION
*ObjectNameInformation
)
3499 ULONG Length
, ReturnLength
;
3500 POBJECT_NAME_INFORMATION LocalInfo
;
3502 /* Start with a buffer length of 200 */
3505 * We'll loop until query works.
3506 * We will use returned length for next loop
3507 * iteration, trying to have a big enough buffer.
3509 for (Length
= 200; ; Length
= ReturnLength
)
3511 /* Allocate our work buffer */
3512 LocalInfo
= ExAllocatePoolWithTag(PagedPool
, Length
, 'nDoI');
3513 if (LocalInfo
== NULL
)
3515 return STATUS_INSUFFICIENT_RESOURCES
;
3518 /* Query the DOS name */
3519 Status
= IopQueryNameInternal(FileObject
,
3526 /* If it succeed, nothing more to do */
3527 if (Status
== STATUS_SUCCESS
)
3532 /* Otherwise, prepare for re-allocation */
3533 ExFreePoolWithTag(LocalInfo
, 'nDoI');
3536 * If we failed because of something else
3537 * than memory, simply stop and fail here
3539 if (Status
!= STATUS_BUFFER_OVERFLOW
)
3541 return STATUS_BUFFER_OVERFLOW
;
3545 /* Success case here: return our buffer */
3546 *ObjectNameInformation
= LocalInfo
;
3547 return STATUS_SUCCESS
;
3555 IoSetFileOrigin(IN PFILE_OBJECT FileObject
,
3558 NTSTATUS Status
= STATUS_SUCCESS
;
3561 /* Get the flag status */
3562 FlagSet
= FileObject
->Flags
& FO_REMOTE_ORIGIN
? TRUE
: FALSE
;
3564 /* Don't set the flag if it was set already, and don't remove it if it wasn't set */
3565 if (Remote
&& !FlagSet
)
3568 FileObject
->Flags
|= FO_REMOTE_ORIGIN
;
3570 else if (!Remote
&& FlagSet
)
3572 /* Remove the flag */
3573 FileObject
->Flags
&= ~FO_REMOTE_ORIGIN
;
3578 Status
= STATUS_INVALID_PARAMETER_MIX
;
3590 NtCreateFile(PHANDLE FileHandle
,
3591 ACCESS_MASK DesiredAccess
,
3592 POBJECT_ATTRIBUTES ObjectAttributes
,
3593 PIO_STATUS_BLOCK IoStatusBlock
,
3594 PLARGE_INTEGER AllocateSize
,
3595 ULONG FileAttributes
,
3597 ULONG CreateDisposition
,
3598 ULONG CreateOptions
,
3602 /* Call the I/O Function */
3603 return IoCreateFile(FileHandle
,
3621 NtCreateMailslotFile(OUT PHANDLE FileHandle
,
3622 IN ACCESS_MASK DesiredAccess
,
3623 IN POBJECT_ATTRIBUTES ObjectAttributes
,
3624 OUT PIO_STATUS_BLOCK IoStatusBlock
,
3625 IN ULONG CreateOptions
,
3626 IN ULONG MailslotQuota
,
3627 IN ULONG MaxMessageSize
,
3628 IN PLARGE_INTEGER TimeOut
)
3630 MAILSLOT_CREATE_PARAMETERS Buffer
;
3633 /* Check for Timeout */
3636 /* check if the call came from user mode */
3637 if (KeGetPreviousMode() != KernelMode
)
3639 /* Enter SEH for Probe */
3642 /* Probe the timeout */
3643 Buffer
.ReadTimeout
= ProbeForReadLargeInteger(TimeOut
);
3645 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
3647 /* Return the exception code */
3648 _SEH2_YIELD(return _SEH2_GetExceptionCode());
3654 /* Otherwise, capture directly */
3655 Buffer
.ReadTimeout
= *TimeOut
;
3658 /* Set the correct setting */
3659 Buffer
.TimeoutSpecified
= TRUE
;
3663 /* Tell the FSD we don't have a timeout */
3664 Buffer
.TimeoutSpecified
= FALSE
;
3668 Buffer
.MailslotQuota
= MailslotQuota
;
3669 Buffer
.MaximumMessageSize
= MaxMessageSize
;
3672 return IoCreateFile(FileHandle
,
3678 FILE_SHARE_READ
| FILE_SHARE_WRITE
,
3683 CreateFileTypeMailslot
,
3690 NtCreateNamedPipeFile(OUT PHANDLE FileHandle
,
3691 IN ACCESS_MASK DesiredAccess
,
3692 IN POBJECT_ATTRIBUTES ObjectAttributes
,
3693 OUT PIO_STATUS_BLOCK IoStatusBlock
,
3694 IN ULONG ShareAccess
,
3695 IN ULONG CreateDisposition
,
3696 IN ULONG CreateOptions
,
3697 IN ULONG NamedPipeType
,
3699 IN ULONG CompletionMode
,
3700 IN ULONG MaximumInstances
,
3701 IN ULONG InboundQuota
,
3702 IN ULONG OutboundQuota
,
3703 IN PLARGE_INTEGER DefaultTimeout
)
3705 NAMED_PIPE_CREATE_PARAMETERS Buffer
;
3708 /* Check for Timeout */
3711 /* check if the call came from user mode */
3712 if (KeGetPreviousMode() != KernelMode
)
3714 /* Enter SEH for Probe */
3717 /* Probe the timeout */
3718 Buffer
.DefaultTimeout
=
3719 ProbeForReadLargeInteger(DefaultTimeout
);
3721 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
3723 /* Return the exception code */
3724 _SEH2_YIELD(return _SEH2_GetExceptionCode());
3730 /* Otherwise, capture directly */
3731 Buffer
.DefaultTimeout
= *DefaultTimeout
;
3734 /* Set the correct setting */
3735 Buffer
.TimeoutSpecified
= TRUE
;
3739 /* Tell the FSD we don't have a timeout */
3740 Buffer
.TimeoutSpecified
= FALSE
;
3744 Buffer
.NamedPipeType
= NamedPipeType
;
3745 Buffer
.ReadMode
= ReadMode
;
3746 Buffer
.CompletionMode
= CompletionMode
;
3747 Buffer
.MaximumInstances
= MaximumInstances
;
3748 Buffer
.InboundQuota
= InboundQuota
;
3749 Buffer
.OutboundQuota
= OutboundQuota
;
3752 return IoCreateFile(FileHandle
,
3763 CreateFileTypeNamedPipe
,
3770 NtFlushWriteBuffer(VOID
)
3774 /* Call the kernel */
3775 KeFlushWriteBuffer();
3776 return STATUS_SUCCESS
;
3784 NtOpenFile(OUT PHANDLE FileHandle
,
3785 IN ACCESS_MASK DesiredAccess
,
3786 IN POBJECT_ATTRIBUTES ObjectAttributes
,
3787 OUT PIO_STATUS_BLOCK IoStatusBlock
,
3788 IN ULONG ShareAccess
,
3789 IN ULONG OpenOptions
)
3791 /* Call the I/O Function */
3792 return IoCreateFile(FileHandle
,
3810 NtQueryAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes
,
3811 OUT PFILE_BASIC_INFORMATION FileInformation
)
3813 /* Call the internal helper API */
3814 return IopQueryAttributesFile(ObjectAttributes
,
3815 FileBasicInformation
,
3816 sizeof(FILE_BASIC_INFORMATION
),
3822 NtQueryFullAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes
,
3823 OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation
)
3825 /* Call the internal helper API */
3826 return IopQueryAttributesFile(ObjectAttributes
,
3827 FileNetworkOpenInformation
,
3828 sizeof(FILE_NETWORK_OPEN_INFORMATION
),
3833 * @name NtCancelIoFile
3835 * Cancel all pending I/O operations in the current thread for specified
3839 * Handle to file object to cancel requests for. No specific
3840 * access rights are needed.
3841 * @param IoStatusBlock
3842 * Pointer to status block which is filled with final completition
3843 * status on successful return.
3851 NtCancelIoFile(IN HANDLE FileHandle
,
3852 OUT PIO_STATUS_BLOCK IoStatusBlock
)
3854 PFILE_OBJECT FileObject
;
3858 BOOLEAN OurIrpsInList
= FALSE
;
3859 LARGE_INTEGER Interval
;
3860 KPROCESSOR_MODE PreviousMode
= KeGetPreviousMode();
3862 PLIST_ENTRY ListHead
, NextEntry
;
3864 IOTRACE(IO_API_DEBUG
, "FileHandle: %p\n", FileHandle
);
3866 /* Check the previous mode */
3867 if (PreviousMode
!= KernelMode
)
3869 /* Enter SEH for probing */
3872 /* Probe the I/O Status Block */
3873 ProbeForWriteIoStatusBlock(IoStatusBlock
);
3875 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
3877 /* Return the exception code */
3878 _SEH2_YIELD(return _SEH2_GetExceptionCode());
3883 /* Reference the file object */
3884 Status
= ObReferenceObjectByHandle(FileHandle
,
3888 (PVOID
*)&FileObject
,
3890 if (!NT_SUCCESS(Status
)) return Status
;
3892 /* IRP cancellations are synchronized at APC_LEVEL. */
3893 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
3895 /* Get the current thread */
3896 Thread
= PsGetCurrentThread();
3898 /* Update the operation counts */
3899 IopUpdateOperationCount(IopOtherTransfer
);
3902 ListHead
= &Thread
->IrpList
;
3903 NextEntry
= ListHead
->Flink
;
3904 while (ListHead
!= NextEntry
)
3906 /* Get the IRP and check if the File Object matches */
3907 Irp
= CONTAINING_RECORD(NextEntry
, IRP
, ThreadListEntry
);
3908 if (Irp
->Tail
.Overlay
.OriginalFileObject
== FileObject
)
3910 /* Cancel this IRP and keep looping */
3912 OurIrpsInList
= TRUE
;
3915 /* Go to the next entry */
3916 NextEntry
= NextEntry
->Flink
;
3919 /* Lower the IRQL */
3920 KeLowerIrql(OldIrql
);
3922 /* Check if we had found an IRP */
3925 /* Setup a 10ms wait */
3926 Interval
.QuadPart
= -100000;
3929 while (OurIrpsInList
)
3932 KeDelayExecutionThread(KernelMode
, FALSE
, &Interval
);
3933 OurIrpsInList
= FALSE
;
3936 KeRaiseIrql(APC_LEVEL
, &OldIrql
);
3938 /* Now loop the list again */
3939 NextEntry
= ListHead
->Flink
;
3940 while (NextEntry
!= ListHead
)
3942 /* Get the IRP and check if the File Object matches */
3943 Irp
= CONTAINING_RECORD(NextEntry
, IRP
, ThreadListEntry
);
3944 if (Irp
->Tail
.Overlay
.OriginalFileObject
== FileObject
)
3947 OurIrpsInList
= TRUE
;
3951 /* Go to the next entry */
3952 NextEntry
= NextEntry
->Flink
;
3955 /* Lower the IRQL */
3956 KeLowerIrql(OldIrql
);
3960 /* Enter SEH for writing back the I/O Status */
3964 IoStatusBlock
->Status
= STATUS_SUCCESS
;
3965 IoStatusBlock
->Information
= 0;
3967 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
3969 /* Ignore exception */
3973 /* Dereference the file object and return success */
3974 ObDereferenceObject(FileObject
);
3975 return STATUS_SUCCESS
;
3983 NtDeleteFile(IN POBJECT_ATTRIBUTES ObjectAttributes
)
3986 DUMMY_FILE_OBJECT LocalFileObject
;
3988 KPROCESSOR_MODE AccessMode
= KeGetPreviousMode();
3989 OPEN_PACKET OpenPacket
;
3991 IOTRACE(IO_API_DEBUG
, "FileMame: %wZ\n", ObjectAttributes
->ObjectName
);
3993 /* Setup the Open Packet */
3994 RtlZeroMemory(&OpenPacket
, sizeof(OPEN_PACKET
));
3995 OpenPacket
.Type
= IO_TYPE_OPEN_PACKET
;
3996 OpenPacket
.Size
= sizeof(OPEN_PACKET
);
3997 OpenPacket
.CreateOptions
= FILE_DELETE_ON_CLOSE
;
3998 OpenPacket
.ShareAccess
= FILE_SHARE_READ
|
4001 OpenPacket
.Disposition
= FILE_OPEN
;
4002 OpenPacket
.DeleteOnly
= TRUE
;
4003 OpenPacket
.LocalFileObject
= &LocalFileObject
;
4005 /* Update the operation counts */
4006 IopUpdateOperationCount(IopOtherTransfer
);
4009 * Attempt opening the file. This will call the I/O Parse Routine for
4010 * the File Object (IopParseDevice) which will use the dummy file obejct
4011 * send the IRP to its device object. Note that we have two statuses
4012 * to worry about: the Object Manager's status (in Status) and the I/O
4013 * status, which is in the Open Packet's Final Status, and determined
4014 * by the Parse Check member.
4016 Status
= ObOpenObjectByName(ObjectAttributes
,
4023 if (OpenPacket
.ParseCheck
== FALSE
) return Status
;
4025 /* Retrn the Io status */
4026 return OpenPacket
.FinalStatus
;