Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fsfilters isolation updates #1013

Merged
merged 7 commits into from
Oct 4, 2023
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
124 changes: 83 additions & 41 deletions filesys/miniFilter/MetadataManager/MetadataManagerInit.c
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ FmmInstanceTeardownComplete (

VOID
FmmInitializeDebugLevel (
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
);

Expand Down Expand Up @@ -115,11 +116,11 @@ FmmInitializeDebugLevel (

//
// If we need to verify that the metadata file is indeed open whenever
// a create suceeds on the volume, then we need to monitor all creates
// a create suceeds on the volume, then we need to monitor all creates
// not just DASD creates.

// If that is not the case, then we are better off telling filter manager
// to show us only DASD creates. That way we can avoid the performance
// If that is not the case, then we are better off telling filter manager
// to show us only DASD creates. That way we can avoid the performance
// penalty of being called for all creates when we only have use for DASD
// creates.
//
Expand Down Expand Up @@ -241,7 +242,7 @@ Return Value:
//
// Default to NonPagedPoolNx for non paged pool allocations where supported.
//

ExInitializeDriverRuntime( DrvRtPoolNxOptIn );


Expand All @@ -253,7 +254,7 @@ Return Value:
// Initialize global debug level
//

FmmInitializeDebugLevel( RegistryPath );
FmmInitializeDebugLevel( DriverObject, RegistryPath );

#else

Expand Down Expand Up @@ -301,6 +302,7 @@ Return Value:

VOID
FmmInitializeDebugLevel (
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
/*++
Expand All @@ -313,6 +315,9 @@ Routine Description:

Arguments:

DriverObject - Pointer to driver object created by the system to
represent this driver.

RegistryPath - The path key passed to the driver during DriverEntry.

Return Value:
Expand All @@ -322,56 +327,93 @@ Return Value:
--*/
{
OBJECT_ATTRIBUTES attributes;
HANDLE driverRegKey;
OSVERSIONINFOW versionInfo;
HANDLE driverRegKey = NULL;
NTSTATUS status;
ULONG resultLength;
UNICODE_STRING valueName;
UCHAR buffer[sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( LONG )];

Globals.DebugLevel = DEBUG_TRACE_ERROR;

RtlZeroMemory( &versionInfo, sizeof( versionInfo ) );

//
// Open the desired registry key
// Determine the OS version being run.
//

InitializeObjectAttributes( &attributes,
RegistryPath,
OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
NULL,
NULL );
versionInfo.dwOSVersionInfoSize = sizeof( versionInfo );

status = ZwOpenKey( &driverRegKey,
KEY_READ,
&attributes );
status = RtlGetVersion( &versionInfo );

if (NT_SUCCESS( status )) {
if (!NT_SUCCESS( status )) {

goto cleanup;
}

//
// Open the desired registry key
//

if (versionInfo.dwBuildNumber >= 25952) {
//
// Read the DebugFlags value from the registry.
// Open the Parameters key for the service.
//

RtlInitUnicodeString( &valueName, L"DebugLevel" );
status = IoOpenDriverRegistryKey( DriverObject,
DriverRegKeyParameters,
KEY_READ,
0,
&driverRegKey );

if (!NT_SUCCESS( status )) {

status = ZwQueryValueKey( driverRegKey,
&valueName,
KeyValuePartialInformation,
buffer,
sizeof(buffer),
&resultLength );
goto cleanup;
}
} else {
InitializeObjectAttributes( &attributes,
RegistryPath,
OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
NULL,
NULL );

if (NT_SUCCESS( status )) {
status = ZwOpenKey( &driverRegKey,
KEY_READ,
&attributes );

Globals.DebugLevel = *((PULONG) &(((PKEY_VALUE_PARTIAL_INFORMATION) buffer)->Data));
if (!NT_SUCCESS( status )) {

goto cleanup;
}

//
// Close the registry entry
//

ZwClose( driverRegKey );

}

//
// Read the DebugFlags value from the registry.
//

RtlInitUnicodeString( &valueName, L"DebugLevel" );

status = ZwQueryValueKey( driverRegKey,
&valueName,
KeyValuePartialInformation,
buffer,
sizeof(buffer),
&resultLength );

if (NT_SUCCESS( status )) {

Globals.DebugLevel = *((PULONG) &(((PKEY_VALUE_PARTIAL_INFORMATION) buffer)->Data));
}

cleanup:

//
// Close the registry entry
//

if (driverRegKey != NULL) {
ZwClose( driverRegKey );
}
}

#endif
Expand Down Expand Up @@ -678,22 +720,22 @@ Return Value:
}

//
// If this is an automatic attachment (mount, load, etc) and we are not
// attaching to this volume because we do not support attaching to this
// volume, then simply return STATUS_FLT_DO_NOT_ATTACH. If we return
// anything else fltmgr logs an event log indicating failure to attach.
// Since this failure to attach is not really an error, we do not want
// If this is an automatic attachment (mount, load, etc) and we are not
// attaching to this volume because we do not support attaching to this
// volume, then simply return STATUS_FLT_DO_NOT_ATTACH. If we return
// anything else fltmgr logs an event log indicating failure to attach.
// Since this failure to attach is not really an error, we do not want
// this failure to be logged as an error in the event log. For all other
// error codes besides the ones we consider "normal", if is ok for fltmgr
// to actually log the failure to attach.
//
// If this is a manual attach attempt that we have failed then we want to
// give the user a clear indication of why the attachment failed. Hence in
// If this is a manual attach attempt that we have failed then we want to
// give the user a clear indication of why the attachment failed. Hence in
// this case, we will not override the error status with STATUS_FLT_DO_NOT_ATTACH
// irrespective of the cause of the failure to attach
//

if (status == STATUS_NOT_SUPPORTED &&
if (status == STATUS_NOT_SUPPORTED &&
!FlagOn( Flags, FLTFL_INSTANCE_SETUP_MANUAL_ATTACHMENT )) {

status = STATUS_FLT_DO_NOT_ATTACH;
Expand Down
Binary file modified filesys/miniFilter/MetadataManager/fmm.inf
Binary file not shown.
Binary file modified filesys/miniFilter/NameChanger/NameChanger.inf
Binary file not shown.
2 changes: 1 addition & 1 deletion filesys/miniFilter/NameChanger/nc.c
Original file line number Diff line number Diff line change
Expand Up @@ -988,7 +988,7 @@ Return Value:

NcCompatInit( );

Status = NcInitializeMapping( RegistryPath );
Status = NcInitializeMapping( DriverObject, RegistryPath );
if (!NT_SUCCESS( Status )) {
return Status;
}
Expand Down
Loading