pgpwipedeletent.c

PGP8.0源码 请认真阅读您的文件包然后写出其具体功能

/*____________________________________________________________________________
	Copyright (C) 2002 PGP Corporation
	All rights reserved.


	$Id: pgpWipeDeleteNT.c,v 1.10 2002/09/27 16:11:54 wjb Exp $
____________________________________________________________________________*/
#include "ntddk.h"

#include "PGPsdkDriver.h"
#include "pgpDriverNT.h"

#include "pgpWipeDeleteNT.h"

//----------------------------------------------------------------------
//                         DEFINES
//----------------------------------------------------------------------

//
// NT Final Build number
//
#define NT4FINAL        1381

//----------------------------------------------------------------------
//                         TYPEDEFS
//----------------------------------------------------------------------

//
// This is passed to the CLOSE completion routine for an PGPWDNT
//
typedef struct {
	PIRP					Irp;

#if	(_WIN32_WINNT >= 0x0500)
	PIO_WORKITEM			WorkItem;
#else	// _WIN32_WINNT < 0x5000
	WORK_QUEUE_ITEM			WorkItem;
#endif	// _WIN32_WINNT >= 0x5000

	PVOID					Token;
	PDEVICE_OBJECT			DeviceObject;
	char *					FileName;
} PGPWDNT_COMPLETE_CONTEXT, *PPGPWDNT_COMPLETE_CONTEXT;


//----------------------------------------------------------------------
//                         FORWARD DEFINES
//----------------------------------------------------------------------

//
// File name information
//

#if	(_WIN32_WINNT < 0x0500)

typedef struct _FILE_NAME_INFORMATION {
    ULONG FileNameLength;
    WCHAR FileName[1];
} FILE_NAME_INFORMATION, *PFILE_NAME_INFORMATION;

#endif	// _WIN32_WINNT < 0x5000

typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
    ULONG FileSystemAttributes;
    LONG MaximumComponentNameLength;
    ULONG FileSystemNameLength;
    WCHAR FileSystemName[1];
} FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;


// prototypes for external functions
int __cdecl swprintf( WCHAR *, const WCHAR *, ... );

HANDLE
PsReferencePrimaryToken(
		PEPROCESS Process );

NTSTATUS NTAPI
ZwQueryVolumeInformationFile(
		HANDLE FileHandle,
		PIO_STATUS_BLOCK IoStatusBlock,
		PVOID FsInformation,
		ULONG Length,
		FS_INFORMATION_CLASS FsInformationClass );

//
// These are prototypes for PGPWDNT's Fast I/O hooks. The originals
// prototypes can be found in NTDDK.H
//
BOOLEAN  PGPWDNTFastIoCheckifPossible(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN BOOLEAN Wait,
				IN ULONG LockKey,
				IN BOOLEAN CheckForReadOperation,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoRead(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN BOOLEAN Wait,
				IN ULONG LockKey,
				OUT PVOID Buffer,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoWrite(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN BOOLEAN Wait,
				IN ULONG LockKey,
				IN PVOID Buffer,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoQueryBasicInfo(
				IN PFILE_OBJECT FileObject,
				IN BOOLEAN Wait,
				OUT PFILE_BASIC_INFORMATION Buffer,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoQueryStandardInfo(
				IN PFILE_OBJECT FileObject,
				IN BOOLEAN Wait,
				OUT PFILE_STANDARD_INFORMATION Buffer,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoLock(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN PLARGE_INTEGER Length,
				PEPROCESS ProcessId,
				ULONG Key,
				BOOLEAN FailImmediately,
				BOOLEAN ExclusiveLock,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoUnlockSingle(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN PLARGE_INTEGER Length,
				PEPROCESS ProcessId,
				ULONG Key,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoUnlockAll(
				IN PFILE_OBJECT FileObject,
				PEPROCESS ProcessId,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoUnlockAllByKey(
				IN PFILE_OBJECT FileObject,
				PEPROCESS ProcessId,
				ULONG Key,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoDeviceControl(
				IN PFILE_OBJECT FileObject,
				IN BOOLEAN Wait,
				IN PVOID InputBuffer,
				IN ULONG InputBufferLength,
				OUT PVOID OutbufBuffer,
				IN ULONG OutputBufferLength,
				IN ULONG IoControlCode,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
VOID     PGPWDNTFastIoAcquireFile(
				PFILE_OBJECT FileObject );
VOID     PGPWDNTFastIoReleaseFile(
				PFILE_OBJECT FileObject );
VOID     PGPWDNTFastIoDetachDevice(
				PDEVICE_OBJECT SourceDevice,
				PDEVICE_OBJECT TargetDevice );

//
// These are new NT 4.0 Fast I/O calls
//
BOOLEAN  PGPWDNTFastIoQueryNetworkOpenInfo(
				IN PFILE_OBJECT FileObject,
				IN BOOLEAN Wait,
				OUT struct _FILE_NETWORK_OPEN_INFORMATION *Buffer,
				OUT struct _IO_STATUS_BLOCK *IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
NTSTATUS PGPWDNTFastIoAcquireForModWrite(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER EndingOffset,
				OUT struct _ERESOURCE **ResourceToRelease,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoMdlRead(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN ULONG LockKey,
				OUT PMDL *MdlChain,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoMdlReadComplete(
				IN PFILE_OBJECT FileObject,
				IN PMDL MdlChain,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoPrepareMdlWrite(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN ULONG LockKey,
				OUT PMDL *MdlChain,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoMdlWriteComplete(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN PMDL MdlChain,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoReadCompressed(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN ULONG LockKey,
				OUT PVOID Buffer,
				OUT PMDL *MdlChain,
				OUT PIO_STATUS_BLOCK IoStatus,
				OUT struct _COMPRESSED_DATA_INFO *CompressedDataInfo,
				IN ULONG CompressedDataInfoLength,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoWriteCompressed(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN ULONG Length,
				IN ULONG LockKey,
				IN PVOID Buffer,
				OUT PMDL *MdlChain,
				OUT PIO_STATUS_BLOCK IoStatus,
				IN struct _COMPRESSED_DATA_INFO *CompressedDataInfo,
				IN ULONG CompressedDataInfoLength,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoMdlReadCompleteCompressed(
				IN PFILE_OBJECT FileObject,
				IN PMDL MdlChain,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoMdlWriteCompleteCompressed(
				IN PFILE_OBJECT FileObject,
				IN PLARGE_INTEGER FileOffset,
				IN PMDL MdlChain,
				IN PDEVICE_OBJECT DeviceObject );
BOOLEAN  PGPWDNTFastIoQueryOpen(
				IN struct _IRP *Irp,
				OUT PFILE_NETWORK_OPEN_INFORMATION NetworkInformation,
				IN PDEVICE_OBJECT DeviceObject );
NTSTATUS PGPWDNTFastIoReleaseForModWrite(
				IN PFILE_OBJECT FileObject,
				IN struct _ERESOURCE *ResourceToRelease,
				IN PDEVICE_OBJECT DeviceObject );
NTSTATUS PGPWDNTFastIoAcquireForCcFlush(
				IN PFILE_OBJECT FileObject,
				IN PDEVICE_OBJECT DeviceObject );
NTSTATUS PGPWDNTFastIoReleaseForCcFlush(
				IN PFILE_OBJECT FileObject,
				IN PDEVICE_OBJECT DeviceObject );

//----------------------------------------------------------------------
//                         GLOBALS
//----------------------------------------------------------------------

//
// This is PGPWDNT's user-inteface device object. It is addressed
// by calls from the GUI including CreateFile and DeviceIoControl
//
PDEVICE_OBJECT		GUIDevice;

//
// Table of our hook devices for each drive letter. This makes it
// easy to look up the device object that was created to hook a
// particular drive.
//
PDEVICE_OBJECT		LDriveDevices[26];

//
// System process
//
PEPROCESS			SystemProcess;

ULONG				tc_callback		=	0;
PKTHREAD			tc_thread		=	0;
ULONG				tc_flags		=	0;

//
// Undocumented ntoskrnl variable
//
extern PSHORT		NtBuildNumber;

//
// Local globals
//
KSEMAPHORE			apc_sem;
int					num_scheds;

//
// This PGPWDNT's Fast I/O dispatch table. Note that NT assumes that
// file system drivers support some Fast I/O calls, so this table must
// be present for an file system filter driver
//
FAST_IO_DISPATCH    FastIOHook = {
    sizeof(FAST_IO_DISPATCH),
    PGPWDNTFastIoCheckifPossible,
    PGPWDNTFastIoRead,
    PGPWDNTFastIoWrite,
    PGPWDNTFastIoQueryBasicInfo,
    PGPWDNTFastIoQueryStandardInfo,
    PGPWDNTFastIoLock,
    PGPWDNTFastIoUnlockSingle,
    PGPWDNTFastIoUnlockAll,
    PGPWDNTFastIoUnlockAllByKey,
    PGPWDNTFastIoDeviceControl,
    PGPWDNTFastIoAcquireFile,
    PGPWDNTFastIoReleaseFile,
    PGPWDNTFastIoDetachDevice,

    //
    // new for NT 4.0
    //
    PGPWDNTFastIoQueryNetworkOpenInfo,
    PGPWDNTFastIoAcquireForModWrite,
    PGPWDNTFastIoMdlRead,
    PGPWDNTFastIoMdlReadComplete,
    PGPWDNTFastIoPrepareMdlWrite,
    PGPWDNTFastIoMdlWriteComplete,
    PGPWDNTFastIoReadCompressed,
    PGPWDNTFastIoWriteCompressed,
    PGPWDNTFastIoMdlReadCompleteCompressed,
    PGPWDNTFastIoMdlWriteCompleteCompressed,
    PGPWDNTFastIoQueryOpen,
    PGPWDNTFastIoReleaseForModWrite,
    PGPWDNTFastIoAcquireForCcFlush,
    PGPWDNTFastIoReleaseForCcFlush
};



//----------------------------------------------------------------------
//             I R P    R E L A T E D   F U N C T I O N S
//----------------------------------------------------------------------

//----------------------------------------------------------------------
//
// PGPWDNTIoComplete
//
// This routine is used to handle I/O (read OR write) completion.
//
//----------------------------------------------------------------------
static NTSTATUS PGPWDNTIoComplete(PDEVICE_OBJECT DeviceObject,
				    PIRP Irp,
				    PVOID Context)
{
    //
    // Copy the status information back into the "user" IOSB.
    //
    *Irp->UserIosb = Irp->IoStatus;

    if( !NT_SUCCESS(Irp->IoStatus.Status) ) {

        PGPdbgPrint(("   ERROR ON IRP: %x\n", Irp->IoStatus.Status ));
    }

    //
    // Set the user event - wakes up the mainline code doing this.
    //
    KeSetEvent(Irp->UserEvent, 0, FALSE);

    //
    // Free the IRP now that we are done with it.
    //
    IoFreeIrp(Irp);

    //
    // We return STATUS_MORE_PROCESSING_REQUIRED because this "magic" return
	// value tells the I/O Manager that additional processing will be done by
	// this driver to the IRP - in fact, it might (as it is in this case)
	// already BE done - and the IRP cannot be completed.
    //
    return STATUS_MORE_PROCESSING_REQUIRED;
}


//----------------------------------------------------------------------
//
// PGPWDNTIsDirectory
//
// Returns TRUE if its a directory or we can't tell, FALSE if its a file.
//
//----------------------------------------------------------------------
BOOLEAN PGPWDNTIsDirectory(PDEVICE_OBJECT DeviceObject,
                            PFILE_OBJECT FileObject )
{
    PIRP irp;
    KEVENT event;
    IO_STATUS_BLOCK IoStatusBlock;
    PIO_STACK_LOCATION ioStackLocation;
    FILE_STANDARD_INFORMATION fileInfo;

    //
    // First, start by initializing the event
    //
    KeInitializeEvent(&event, SynchronizationEvent, FALSE);

    //
    // Allocate an irp for this request.  This could also come from a
    // private pool, for instance.
    //
    irp = IoAllocateIrp(DeviceObject->StackSize, FALSE);

    if (!irp) {

        //
        // Failure!
        //
        return FALSE;
    }

    irp->AssociatedIrp.SystemBuffer = &fileInfo;
    irp->UserEvent = &event;
    irp->UserIosb = &IoStatusBlock;
    irp->Tail.Overlay.Thread = PsGetCurrentThread();
    irp->Tail.Overlay.OriginalFileObject = FileObject;
    irp->RequestorMode = KernelMode;
    irp->Flags = 0;

    //
    // Set up the I/O stack location.
    //
    ioStackLocation = IoGetNextIrpStackLocation(irp);
    ioStackLocation->MajorFunction = IRP_MJ_QUERY_INFORMATION;
    ioStackLocation->DeviceObject = DeviceObject;
    ioStackLocation->FileObject = FileObject;
    ioStackLocation->Parameters.QueryVolume.Length =
								sizeof(FILE_STANDARD_INFORMATION);
    ioStackLocation->Parameters.QueryVolume.FsInformationClass =
								FileStandardInformation;

    //
    // Set the completion routine.
    //
    IoSetCompletionRoutine(irp, PGPWDNTIoComplete, 0, TRUE, TRUE, TRUE);

    //
    // Send the request to the lower layer driver.
    //
    (void) IoCallDriver(DeviceObject, irp);

    //
    // Wait for the I/O
    //
    KeWaitForSingleObject(&event, Executive, KernelMode, TRUE, 0);

    //
    // Return whether its a directory or not
    //
    if( !NT_SUCCESS( irp->IoStatus.Status ) || fileInfo.Directory) {