freeotfehashdriver.c
来自「文件驱动加密,功能强大,可产生加密分区,支持AES,MD2,MD4,MD5MD2」· C语言 代码 · 共 1,396 行 · 第 1/4 页
C
1,396 行
while(pendingIrp = IoCsqRemoveNextIrp(&devExt->CancelSafeQueue, NULL))
{
// Cancel the IRP
DEBUGOUTMAINDRV(DEBUGLEV_INFO, ("Cancelling an IRP...\n"));
pendingIrp->IoStatus.Information = 0;
pendingIrp->IoStatus.Status = STATUS_CANCELLED;
IoCompleteRequest(pendingIrp, IO_NO_INCREMENT);
}
}
DEBUGOUTMAINDRV(DEBUGLEV_EXIT, ("CancelAllQueuedIRPs\n"));
}
// =========================================================================
VOID CSQInsertIrp (
IN PIO_CSQ Csq,
IN PIRP Irp
)
{
PDEVICE_EXTENSION devExtension;
devExtension = CONTAINING_RECORD(Csq,
DEVICE_EXTENSION, CancelSafeQueue);
InsertTailList(&devExtension->PendingIRPQueue,
&Irp->Tail.Overlay.ListEntry);
}
// =========================================================================
VOID CSQRemoveIrp(
IN PIO_CSQ Csq,
IN PIRP Irp
)
{
PDEVICE_EXTENSION devExtension;
devExtension = CONTAINING_RECORD(Csq,
DEVICE_EXTENSION, CancelSafeQueue);
RemoveEntryList(&Irp->Tail.Overlay.ListEntry);
}
// =========================================================================
PIRP CSQPeekNextIrp(
IN PIO_CSQ Csq,
IN PIRP Irp,
IN PVOID PeekContext
)
{
PDEVICE_EXTENSION devExtension;
PIRP nextIrp = NULL;
PLIST_ENTRY nextEntry;
PLIST_ENTRY listHead;
PIO_STACK_LOCATION irpStack;
devExtension = CONTAINING_RECORD(Csq,
DEVICE_EXTENSION, CancelSafeQueue);
listHead = &devExtension->PendingIRPQueue;
//
// If the IRP is NULL, we will start peeking from the listhead, else
// we will start from that IRP onwards. This is done under the
// assumption that new IRPs are always inserted at the tail.
//
if(Irp == NULL) {
nextEntry = listHead->Flink;
} else {
nextEntry = Irp->Tail.Overlay.ListEntry.Flink;
}
while(nextEntry != listHead) {
nextIrp = CONTAINING_RECORD(nextEntry, IRP, Tail.Overlay.ListEntry);
irpStack = IoGetCurrentIrpStackLocation(nextIrp);
//
// If context is present, continue until you find a matching one.
// Else you break out as you got next one.
//
if(PeekContext) {
if(irpStack->FileObject == (PFILE_OBJECT) PeekContext) {
break;
}
} else {
break;
}
nextIrp = NULL;
nextEntry = nextEntry->Flink;
}
return nextIrp;
}
// =========================================================================
VOID CSQAcquireLock(
IN PIO_CSQ Csq,
OUT PKIRQL Irql
)
{
PDEVICE_EXTENSION devExtension;
devExtension = CONTAINING_RECORD(Csq,
DEVICE_EXTENSION, CancelSafeQueue);
KeAcquireSpinLock(&devExtension->IRPQueueLock, Irql);
}
// =========================================================================
VOID CSQReleaseLock(
IN PIO_CSQ Csq,
IN KIRQL Irql
)
{
PDEVICE_EXTENSION devExtension;
devExtension = CONTAINING_RECORD(Csq,
DEVICE_EXTENSION, CancelSafeQueue);
KeReleaseSpinLock(&devExtension->IRPQueueLock, Irql);
}
// =========================================================================
VOID CSQCompleteCanceledIrp(
IN PIO_CSQ pCsq,
IN PIRP Irp
)
{
Irp->IoStatus.Status = STATUS_CANCELLED;
Irp->IoStatus.Information = 0;
DEBUGOUTHASHDRV(DEBUGLEV_WARN, ("Cancelled IRP.\n"));
IoCompleteRequest(Irp, IO_NO_INCREMENT);
}
// =========================================================================
NTSTATUS
QueueIRPToThread(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PDEVICE_EXTENSION devExt;
NTSTATUS status;
PIO_STACK_LOCATION irpSp;
DEBUGOUTHASHDRV(DEBUGLEV_ENTER, ("QueueIrpToThread\n"));
devExt = (PDEVICE_EXTENSION)DeviceObject->DeviceExtension;
status = STATUS_PENDING;
// Note: IoCsqInsertIrp marks the IRP pending.
IoCsqInsertIrp(&devExt->CancelSafeQueue, Irp, NULL);
// A semaphore remains signaled as long as its count is greater than
// zero, and non-signaled when the count is zero. Following function
// increments the semaphore count by 1.
KeReleaseSemaphore(
&devExt->IRPQueueSemaphore,
0, // No priority boost
1, // Increment semaphore by 1
FALSE // No WaitForXxx after this call
);
DEBUGOUTHASHDRV(DEBUGLEV_EXIT, ("QueueIrpToThread\n"));
return status;
}
// =========================================================================
// This is the main thread that removes IRP from the queue
// and processes (peforms I/O on) it.
// Context - this is set to the device object
VOID
FreeOTFEThread(
IN PVOID Context
)
{
NTSTATUS status;
PDEVICE_OBJECT devObj;
PDEVICE_EXTENSION devExt;
PIRP Irp;
PIO_STACK_LOCATION irpSp;
DEBUGOUTHASHDRV(DEBUGLEV_ENTER, ("FreeOTFEThread\n"));
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Setting threads priority...\n"));
KeSetPriorityThread(KeGetCurrentThread(), LOW_REALTIME_PRIORITY);
devObj = (PDEVICE_OBJECT)Context;
devExt = (PDEVICE_EXTENSION)devObj->DeviceExtension;
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Entering endless loop for queued event signals...\n"));
while (TRUE)
{
// Wait until signalled that there is one or more IRP queued...
status = KeWaitForSingleObject(
&devExt->IRPQueueSemaphore,
Executive,
KernelMode,
FALSE,
NULL
);
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Queued event signalled.\n"));
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread is for device: %ls\n", devExt->zzDeviceName.Buffer));
// If we're supposed to terminate the thread, bail out...
if (devExt->TerminateThread)
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread has been requested to terminate!.\n"));
break; // Thread terminates after this loop terminates
}
// Remove a pending IRP from the queue.
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread getting next queued IRP.\n"));
Irp = IoCsqRemoveNextIrp(&devExt->CancelSafeQueue, NULL);
// Default...
status = STATUS_NOT_IMPLEMENTED;
Irp->IoStatus.Information = 0;
if (!Irp)
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Queued IRP was cancelled; next.\n"));
continue; // go back to waiting
}
irpSp = IoGetCurrentIrpStackLocation(Irp);
switch (irpSp->MajorFunction)
{
case IRP_MJ_DEVICE_CONTROL:
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("THREAD: IRP_MJ_DEVICE_CONTROL\n"));
switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case IOCTL_FREEOTFEHASH_HASHDATA:
{
status = IOCTL_FreeOTFEHashIOCTL_Hash(devObj, Irp);
break;
}
default:
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("THREAD: Unrecognised IRP_MJ_DEVICE_CONTROL IRP.\n"));
}
} // switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
break;
} // case IRP_MJ_DEVICE_CONTROL:
default:
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("THREAD: Unrecognised IRP MajorFunction.\n"));
}
} // switch (irpSp->MajorFunction)
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread completing IRP (%d).\n", status));
if (!(NT_SUCCESS(status)))
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread setting IoStatus.Information = 0\n"));
Irp->IoStatus.Information = 0;
}
Irp->IoStatus.Status = status;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
} // while (TRUE)
// This part will only be reached if the thread has been signalled to
// terminate
devExt = NULL;
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Terminating thread...\n"));
status = PsTerminateSystemThread(STATUS_SUCCESS);
if (!NT_SUCCESS(status))
{
DEBUGOUTHASHDRV(DEBUGLEV_ERROR, ("Thread did NOT terminate OK\n"));
}
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Thread dropping out.\n"));
DEBUGOUTHASHDRV(DEBUGLEV_EXIT, ("FreeOTFEThread\n"));
}
// =========================================================================
NTSTATUS
GetHashDetails(
IN GUID* HashGUID,
IN OUT HASH* HashDetails
)
{
NTSTATUS status = STATUS_NOT_FOUND;
HASH_DRIVER_INFO tmpDevExt;
unsigned int i;
DEBUGOUTHASHDRV(DEBUGLEV_ENTER, ("GetHashDetails\n"));
// This is a bit of a hack to get the details...
ImpHashDriverExtDetailsInit(&tmpDevExt);
for (i = 0; i<tmpDevExt.HashCount; i++)
{
if (IsEqualGUID(&tmpDevExt.HashDetails[i].HashGUID, HashGUID))
{
DEBUGOUTHASHDRV(DEBUGLEV_INFO, ("Located relevant details\n"));
RtlCopyMemory(
HashDetails,
&tmpDevExt.HashDetails[i],
sizeof(HASH)
);
status = STATUS_SUCCESS;
}
}
ImpHashDriverExtDetailsCleardown(&tmpDevExt);
DEBUGOUTHASHDRV(DEBUGLEV_EXIT, ("GetHashDetails\n"));
return status;
}
// =========================================================================
// =========================================================================
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?