ReactOS 0.4.15-dev-7924-g5949c20
driver.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Service Control Manager
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: base/system/services/driver.c
5 * PURPOSE: Driver control interface
6 * COPYRIGHT: Copyright 2005-2006 Eric Kohl
7 *
8 */
9
10/* INCLUDES *****************************************************************/
11
12#include "services.h"
13
14#include <ndk/iofuncs.h>
15#include <ndk/setypes.h>
16
17#define NDEBUG
18#include <debug.h>
19
20/* FUNCTIONS ****************************************************************/
21
22static
23DWORD
24ScmLoadDriver(PSERVICE lpService)
25{
26 NTSTATUS Status = STATUS_SUCCESS;
27 BOOLEAN WasPrivilegeEnabled = FALSE;
28 PWSTR pszDriverPath;
29 UNICODE_STRING DriverPath;
30
31 /* Build the driver path */
32 /* 52 = wcslen(L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\") */
33 pszDriverPath = HeapAlloc(GetProcessHeap(),
34 HEAP_ZERO_MEMORY,
35 (52 + wcslen(lpService->lpServiceName) + 1) * sizeof(WCHAR));
36 if (pszDriverPath == NULL)
37 return ERROR_NOT_ENOUGH_MEMORY;
38
39 wcscpy(pszDriverPath,
40 L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\");
41 wcscat(pszDriverPath,
42 lpService->lpServiceName);
43
44 RtlInitUnicodeString(&DriverPath,
45 pszDriverPath);
46
47 DPRINT(" Path: %wZ\n", &DriverPath);
48
49 /* Acquire driver-loading privilege */
50 Status = RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
51 TRUE,
52 FALSE,
53 &WasPrivilegeEnabled);
54 if (!NT_SUCCESS(Status))
55 {
56 /* We encountered a failure, exit properly */
57 DPRINT1("SERVICES: Cannot acquire driver-loading privilege, Status = 0x%08lx\n", Status);
58 goto done;
59 }
60
61 Status = NtLoadDriver(&DriverPath);
62
63 /* Release driver-loading privilege */
64 RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
65 WasPrivilegeEnabled,
66 FALSE,
67 &WasPrivilegeEnabled);
68
69done:
70 HeapFree(GetProcessHeap(), 0, pszDriverPath);
71 return RtlNtStatusToDosError(Status);
72}
73
74
75static
76DWORD
77ScmUnloadDriver(PSERVICE lpService)
78{
79 NTSTATUS Status = STATUS_SUCCESS;
80 BOOLEAN WasPrivilegeEnabled = FALSE;
81 PWSTR pszDriverPath;
82 UNICODE_STRING DriverPath;
83 DWORD dwError;
84
85 /* Build the driver path */
86 /* 52 = wcslen(L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\") */
87 pszDriverPath = HeapAlloc(GetProcessHeap(),
88 HEAP_ZERO_MEMORY,
89 (52 + wcslen(lpService->lpServiceName) + 1) * sizeof(WCHAR));
90 if (pszDriverPath == NULL)
91 return ERROR_NOT_ENOUGH_MEMORY;
92
93 wcscpy(pszDriverPath,
94 L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\");
95 wcscat(pszDriverPath,
96 lpService->lpServiceName);
97
98 RtlInitUnicodeString(&DriverPath,
99 pszDriverPath);
100
101 DPRINT(" Path: %wZ\n", &DriverPath);
102
103 /* Acquire driver-unloading privilege */
104 Status = RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
105 TRUE,
106 FALSE,
107 &WasPrivilegeEnabled);
108 if (!NT_SUCCESS(Status))
109 {
110 /* We encountered a failure, exit properly */
111 DPRINT1("SERVICES: Cannot acquire driver-unloading privilege, Status = 0x%08lx\n", Status);
112 dwError = RtlNtStatusToDosError(Status);
113 goto done;
114 }
115
116 Status = NtUnloadDriver(&DriverPath);
117 if (Status == STATUS_INVALID_DEVICE_REQUEST)
118 dwError = ERROR_INVALID_SERVICE_CONTROL;
119 else
120 dwError = RtlNtStatusToDosError(Status);
121
122 /* Release driver-unloading privilege */
123 RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
124 WasPrivilegeEnabled,
125 FALSE,
126 &WasPrivilegeEnabled);
127
128done:
129 HeapFree(GetProcessHeap(), 0, pszDriverPath);
130 return dwError;
131}
132
133
134static
135DWORD
136ScmGetDriverStatus(PSERVICE lpService,
137 LPSERVICE_STATUS lpServiceStatus)
138{
139 OBJECT_ATTRIBUTES ObjectAttributes;
140 UNICODE_STRING DirName;
141 HANDLE DirHandle;
142 NTSTATUS Status = STATUS_SUCCESS;
143 POBJECT_DIRECTORY_INFORMATION DirInfo;
144 ULONG BufferLength;
145 ULONG DataLength;
146 ULONG Index;
147 DWORD dwError = ERROR_SUCCESS;
148 BOOLEAN bFound = FALSE;
149 DWORD dwPreviousState;
150
151 DPRINT1("ScmGetDriverStatus() called\n");
152
153 /* Zero output buffer if any */
154 if (lpServiceStatus != NULL)
155 {
156 memset(lpServiceStatus, 0, sizeof(SERVICE_STATUS));
157 }
158
159 /* Select the appropriate object directory based on driver type */
160 if (lpService->Status.dwServiceType == SERVICE_KERNEL_DRIVER)
161 {
162 RtlInitUnicodeString(&DirName, L"\\Driver");
163 }
164 else // if (lpService->Status.dwServiceType == SERVICE_FILE_SYSTEM_DRIVER)
165 {
166 ASSERT(lpService->Status.dwServiceType == SERVICE_FILE_SYSTEM_DRIVER);
167 RtlInitUnicodeString(&DirName, L"\\FileSystem");
168 }
169
170 InitializeObjectAttributes(&ObjectAttributes,
171 &DirName,
172 0,
173 NULL,
174 NULL);
175
176 /* Open the object directory where loaded drivers are */
177 Status = NtOpenDirectoryObject(&DirHandle,
178 DIRECTORY_QUERY | DIRECTORY_TRAVERSE,
179 &ObjectAttributes);
180 if (!NT_SUCCESS(Status))
181 {
182 DPRINT1("NtOpenDirectoryObject() failed\n");
183 return RtlNtStatusToDosError(Status);
184 }
185
186 /* Allocate a buffer big enough for querying the object */
187 BufferLength = sizeof(OBJECT_DIRECTORY_INFORMATION) +
188 2 * MAX_PATH * sizeof(WCHAR);
189 DirInfo = (OBJECT_DIRECTORY_INFORMATION*) HeapAlloc(GetProcessHeap(),
190 HEAP_ZERO_MEMORY,
191 BufferLength);
192
193 /* Now, start browsing entry by entry */
194 Index = 0;
195 while (TRUE)
196 {
197 Status = NtQueryDirectoryObject(DirHandle,
198 DirInfo,
199 BufferLength,
200 TRUE,
201 FALSE,
202 &Index,
203 &DataLength);
204 /* End of enumeration, the driver was not found */
205 if (Status == STATUS_NO_MORE_ENTRIES)
206 {
207 DPRINT("No more services\n");
208 break;
209 }
210
211 /* Other error, fail */
212 if (!NT_SUCCESS(Status))
213 break;
214
215 DPRINT("Comparing: '%S' '%wZ'\n", lpService->lpServiceName, &DirInfo->Name);
216
217 /* Compare names to check whether it matches our driver */
218 if (_wcsicmp(lpService->lpServiceName, DirInfo->Name.Buffer) == 0)
219 {
220 /* That's our driver, bail out! */
221 DPRINT1("Found: '%S' '%wZ'\n",
222 lpService->lpServiceName, &DirInfo->Name);
223 bFound = TRUE;
224
225 break;
226 }
227 }
228
229 /* Release resources we don't need */
230 HeapFree(GetProcessHeap(),
231 0,
232 DirInfo);
233 NtClose(DirHandle);
234
235 /* Only quit if there's a failure
236 * Not having found the driver is legit!
237 * It means the driver was registered as a service, but not loaded
238 * We have not to fail in that situation, but to return proper status
239 */
240 if (!NT_SUCCESS(Status) && Status != STATUS_NO_MORE_ENTRIES)
241 {
242 DPRINT1("Status: %lx\n", Status);
243 return RtlNtStatusToDosError(Status);
244 }
245
246 /* Now, we have two cases:
247 * We found the driver: it means it's running
248 * We didn't find the driver: it wasn't running
249 */
250 if (bFound)
251 {
252 /* Found, return it's running */
253
254 dwPreviousState = lpService->Status.dwCurrentState;
255
256 /* It is running */
257 lpService->Status.dwCurrentState = SERVICE_RUNNING;
258
259 if (dwPreviousState == SERVICE_STOPPED)
260 {
261 /* Make it run if it was stopped before */
262 lpService->Status.dwWin32ExitCode = ERROR_SUCCESS;
263 lpService->Status.dwServiceSpecificExitCode = ERROR_SUCCESS;
264 lpService->Status.dwControlsAccepted = SERVICE_ACCEPT_STOP;
265 lpService->Status.dwCheckPoint = 0;
266 lpService->Status.dwWaitHint = 0;
267 }
268
269 if (lpService->Status.dwWin32ExitCode == ERROR_SERVICE_NEVER_STARTED)
270 lpService->Status.dwWin32ExitCode = ERROR_SUCCESS;
271 }
272 else
273 {
274 /* Not found, return it's stopped */
275
276 if (lpService->Status.dwCurrentState == SERVICE_STOP_PENDING)
277 {
278 /* Stopped successfully */
279 lpService->Status.dwWin32ExitCode = ERROR_SUCCESS;
280 lpService->Status.dwCurrentState = SERVICE_STOPPED;
281 lpService->Status.dwControlsAccepted = 0;
282 lpService->Status.dwCheckPoint = 0;
283 lpService->Status.dwWaitHint = 0;
284 }
285 else if (lpService->Status.dwCurrentState == SERVICE_STOPPED)
286 {
287 /* Don't change the current status */
288 }
289 else
290 {
291 lpService->Status.dwWin32ExitCode = ERROR_GEN_FAILURE;
292 lpService->Status.dwCurrentState = SERVICE_STOPPED;
293 lpService->Status.dwControlsAccepted = 0;
294 lpService->Status.dwCheckPoint = 0;
295 lpService->Status.dwWaitHint = 0;
296 }
297 }
298
299 /* Copy service status if required */
300 if (lpServiceStatus != NULL)
301 {
302 RtlCopyMemory(lpServiceStatus,
303 &lpService->Status,
304 sizeof(SERVICE_STATUS));
305 }
306
307 DPRINT1("ScmGetDriverStatus() done (Error: %lu)\n", dwError);
308
309 return ERROR_SUCCESS;
310}
311
312
313DWORD
314ScmStartDriver(PSERVICE pService)
315{
316 DWORD dwError;
317
318 DPRINT("ScmStartDriver(%p)\n", pService);
319
320 dwError = ScmLoadDriver(pService);
321 if (dwError == ERROR_SUCCESS)
322 {
323 pService->Status.dwCurrentState = SERVICE_RUNNING;
324 pService->Status.dwControlsAccepted = SERVICE_ACCEPT_STOP;
325 pService->Status.dwWin32ExitCode = ERROR_SUCCESS;
326 }
327
328 DPRINT("ScmStartDriver returns %lu\n", dwError);
329
330 return dwError;
331}
332
333
334DWORD
335ScmControlDriver(PSERVICE lpService,
336 DWORD dwControl,
337 LPSERVICE_STATUS lpServiceStatus)
338{
339 DWORD dwError;
340
341 DPRINT("ScmControlDriver() called\n");
342
343 switch (dwControl)
344 {
345 case SERVICE_CONTROL_STOP:
346 /* Check the drivers status */
347 dwError = ScmGetDriverStatus(lpService,
348 lpServiceStatus);
349 if (dwError != ERROR_SUCCESS)
350 goto done;
351
352 /* Fail, if it is not running */
353 if (lpService->Status.dwCurrentState != SERVICE_RUNNING)
354 {
355 dwError = ERROR_INVALID_SERVICE_CONTROL;
356 goto done;
357 }
358
359 /* Unload the driver */
360 dwError = ScmUnloadDriver(lpService);
361 if (dwError == ERROR_INVALID_SERVICE_CONTROL)
362 {
363 /* The driver cannot be stopped, mark it non-stoppable */
364 lpService->Status.dwControlsAccepted = 0;
365 goto done;
366 }
367
368 /* Make the driver 'stop pending' */
369 lpService->Status.dwCurrentState = SERVICE_STOP_PENDING;
370
371 /* Check the drivers status again */
372 dwError = ScmGetDriverStatus(lpService,
373 lpServiceStatus);
374 break;
375
376 case SERVICE_CONTROL_INTERROGATE:
377 dwError = ScmGetDriverStatus(lpService,
378 lpServiceStatus);
379 break;
380
381 default:
382 dwError = ERROR_INVALID_SERVICE_CONTROL;
383 }
384
385done:
386 DPRINT("ScmControlDriver() done (Erorr: %lu)\n", dwError);
387
388 return dwError;
389}
390
391/* EOF */
NtUnloadDriver
NTSTATUS NtUnloadDriver(IN PUNICODE_STRING DriverServiceName)
Definition: driver.c:2208
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DPRINT1
#define DPRINT1
Definition: precomp.h:8
ScmGetDriverStatus
static DWORD ScmGetDriverStatus(PSERVICE lpService, LPSERVICE_STATUS lpServiceStatus)
Definition: driver.c:136
ScmStartDriver
DWORD ScmStartDriver(PSERVICE pService)
Definition: driver.c:314
ScmUnloadDriver
static DWORD ScmUnloadDriver(PSERVICE lpService)
Definition: driver.c:77
ScmLoadDriver
static DWORD ScmLoadDriver(PSERVICE lpService)
Definition: driver.c:24
ScmControlDriver
DWORD ScmControlDriver(PSERVICE lpService, DWORD dwControl, LPSERVICE_STATUS lpServiceStatus)
Definition: driver.c:335
DirName
_In_ PFCB _In_ PCD_NAME DirName
Definition: cdprocs.h:737
DataLength
_In_ ULONG _In_opt_ WDFREQUEST _In_opt_ PVOID _In_ size_t _In_ PVOID _In_ size_t _Out_ size_t * DataLength
Definition: cdrom.h:1444
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Status
Status
Definition: gdiplustypes.h:25
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SE_LOAD_DRIVER_PRIVILEGE
#define SE_LOAD_DRIVER_PRIVILEGE
Definition: security.c:664
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
OBJECT_DIRECTORY_INFORMATION
struct _OBJECT_DIRECTORY_INFORMATION OBJECT_DIRECTORY_INFORMATION
RtlAdjustPrivilege
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
DIRECTORY_QUERY
#define DIRECTORY_QUERY
Definition: nt_native.h:1254
DIRECTORY_TRAVERSE
#define DIRECTORY_TRAVERSE
Definition: nt_native.h:1255
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
NtLoadDriver
NTSTATUS NTAPI NtLoadDriver(IN PUNICODE_STRING DriverServiceName)
Definition: driver.c:2147
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
L
#define L(x)
Definition: ntvdm.h:50
NtOpenDirectoryObject
NTSTATUS NTAPI NtOpenDirectoryObject(OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: obdir.c:393
NtQueryDirectoryObject
NTSTATUS NTAPI NtQueryDirectoryObject(IN HANDLE DirectoryHandle, OUT PVOID Buffer, IN ULONG BufferLength, IN BOOLEAN ReturnSingleEntry, IN BOOLEAN RestartScan, IN OUT PULONG Context, OUT PULONG ReturnLength OPTIONAL)
Definition: obdir.c:490
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
wcscat
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
memset
#define memset(x, y, z)
Definition: compat.h:39
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
DPRINT
#define DPRINT
Definition: sndvol32.h:71
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_DIRECTORY_INFORMATION
Definition: obtypes.h:277
_OBJECT_DIRECTORY_INFORMATION::Name
UNICODE_STRING Name
Definition: obtypes.h:278
_SERVICE_STATUS
Definition: winsvc.h:98
_SERVICE_STATUS::dwServiceType
DWORD dwServiceType
Definition: winsvc.h:99
_SERVICE_STATUS::dwWin32ExitCode
DWORD dwWin32ExitCode
Definition: winsvc.h:102
_SERVICE_STATUS::dwControlsAccepted
DWORD dwControlsAccepted
Definition: winsvc.h:101
_SERVICE_STATUS::dwWaitHint
DWORD dwWaitHint
Definition: winsvc.h:105
_SERVICE_STATUS::dwCurrentState
DWORD dwCurrentState
Definition: winsvc.h:100
_SERVICE_STATUS::dwCheckPoint
DWORD dwCheckPoint
Definition: winsvc.h:104
_SERVICE_STATUS::dwServiceSpecificExitCode
DWORD dwServiceSpecificExitCode
Definition: winsvc.h:103
_SERVICE
Definition: services.h:60
_SERVICE::Status
SERVICE_STATUS Status
Definition: services.h:70
_SERVICE::lpServiceName
LPWSTR lpServiceName
Definition: services.h:62
_UNICODE_STRING
Definition: env_spec_w32.h:368
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_DEVICE_REQUEST
#define STATUS_INVALID_DEVICE_REQUEST
Definition: udferr_usr.h:138
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
ERROR_SERVICE_NEVER_STARTED
#define ERROR_SERVICE_NEVER_STARTED
Definition: winerror.h:628
ERROR_GEN_FAILURE
#define ERROR_GEN_FAILURE
Definition: winerror.h:134
ERROR_INVALID_SERVICE_CONTROL
#define ERROR_INVALID_SERVICE_CONTROL
Definition: winerror.h:603
SERVICE_STOPPED
#define SERVICE_STOPPED
Definition: winsvc.h:21
SERVICE_ACCEPT_STOP
#define SERVICE_ACCEPT_STOP
Definition: winsvc.h:28
SERVICE_STOP_PENDING
#define SERVICE_STOP_PENDING
Definition: winsvc.h:23
SERVICE_RUNNING
#define SERVICE_RUNNING
Definition: winsvc.h:24
SERVICE_CONTROL_STOP
#define SERVICE_CONTROL_STOP
Definition: winsvc.h:36
SERVICE_CONTROL_INTERROGATE
#define SERVICE_CONTROL_INTERROGATE
Definition: winsvc.h:39
SERVICE_KERNEL_DRIVER
#define SERVICE_KERNEL_DRIVER
Definition: cmtypes.h:953
SERVICE_FILE_SYSTEM_DRIVER
#define SERVICE_FILE_SYSTEM_DRIVER
Definition: cmtypes.h:954
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180