#include <ntoskrnl.h>#include <debug.h>
Include dependency graph for driver.c:
Go to the source code of this file.
Classes | |
| struct | _LOAD_UNLOAD_PARAMS |
Macros | |
| #define | NDEBUG |
Typedefs | |
| typedef struct _LOAD_UNLOAD_PARAMS | LOAD_UNLOAD_PARAMS |
| typedef struct _LOAD_UNLOAD_PARAMS * | PLOAD_UNLOAD_PARAMS |
Variables | |
| ERESOURCE | IopDriverLoadResource |
| LIST_ENTRY | DriverReinitListHead |
| KSPIN_LOCK | DriverReinitListLock |
| PLIST_ENTRY | DriverReinitTailEntry |
| PLIST_ENTRY | DriverBootReinitTailEntry |
| LIST_ENTRY | DriverBootReinitListHead |
| KSPIN_LOCK | DriverBootReinitListLock |
| UNICODE_STRING | IopHardwareDatabaseKey |
| static const WCHAR | ServicesKeyName [] = L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\" |
| POBJECT_TYPE | IoDriverObjectType = NULL |
| BOOLEAN | ExpInTextModeSetup |
| BOOLEAN | PnpSystemInit |
| BOOLEAN | PnPBootDriversLoaded |
| KEVENT | PiEnumerationFinished |
| USHORT | IopGroupIndex |
| PLIST_ENTRY | IopGroupTable |
Macro Definition Documentation
◆ NDEBUG
Typedef Documentation
◆ LOAD_UNLOAD_PARAMS
◆ PLOAD_UNLOAD_PARAMS
| typedef struct _LOAD_UNLOAD_PARAMS * PLOAD_UNLOAD_PARAMS |
Function Documentation
◆ IoAllocateDriverObjectExtension()
| NTSTATUS NTAPI IoAllocateDriverObjectExtension | ( | IN PDRIVER_OBJECT | DriverObject, |
| IN PVOID | ClientIdentificationAddress, | ||
| IN ULONG | DriverObjectExtensionSize, | ||
| OUT PVOID * | DriverObjectExtension | ||
| ) |
Definition at line 1811 of file driver.c.
1815{
1817 PIO_CLIENT_EXTENSION DriverExtensions, NewDriverExtension;
1819
1820 /* Assume failure */
1821 *DriverObjectExtension = NULL;
1822
1823 /* Allocate the extension */
1826 DriverObjectExtensionSize,
1827 TAG_DRIVER_EXTENSION);
1829
1830 /* Clear the extension for teh caller */
1831 RtlZeroMemory(NewDriverExtension,
1833
1834 /* Acqure lock */
1836
1837 /* Fill out the extension */
1839
1840 /* Loop the current extensions */
1842 ClientDriverExtension;
1843 while (DriverExtensions)
1844 {
1845 /* Check if the identifier matches */
1848 {
1849 /* We have a collision, break out */
1850 break;
1851 }
1852
1853 /* Go to the next one */
1854 DriverExtensions = DriverExtensions->NextExtension;
1855 }
1856
1857 /* Check if we didn't collide */
1858 if (!DriverExtensions)
1859 {
1860 /* Link this one in */
1861 NewDriverExtension->NextExtension =
1864 NewDriverExtension;
1865 Inserted = TRUE;
1866 }
1867
1868 /* Release the lock */
1870
1871 /* Check if insertion failed */
1872 if (!Inserted)
1873 {
1874 /* Free the entry and fail */
1877 }
1878
1879 /* Otherwise, return the pointer */
1880 *DriverObjectExtension = NewDriverExtension + 1;
1882}
IN OUT PLONG IN OUT PLONG Addend IN OUT PLONG IN LONG IN OUT PLONG IN LONG Increment KeRaiseIrqlToDpcLevel
Definition: CrNtStubs.h:68
Definition: iotypes.h:827
PVOID ClientIdentificationAddress
Definition: iotypes.h:829
struct _IO_CLIENT_EXTENSION * NextExtension
Definition: iotypes.h:828
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:792
Referenced by _IRQL_requires_max_(), DriverEntry(), HidRegisterMinidriver(), KoDriverInitialize(), KsInitializeDriver(), Mx::MxAllocateDriverObjectExtension(), NdisMRegisterMiniport(), PciIdeXInitialize(), ScsiPortInitialize(), StorPortInitialize(), StreamClassRegisterAdapter(), VideoPortInitialize(), and WdfWriteKmdfVersionToRegistry().
◆ IoCreateDriver()
| NTSTATUS NTAPI IoCreateDriver | ( | _In_opt_ PUNICODE_STRING | DriverName, |
| _In_ PDRIVER_INITIALIZE | InitializationFunction | ||
| ) |
Definition at line 1561 of file driver.c.
1564{
1565 WCHAR NameBuffer[100];
1566 USHORT NameLength;
1567 UNICODE_STRING LocalDriverName;
1570 ULONG ObjectSize;
1572 UNICODE_STRING ServiceKeyName;
1575
1576try_again:
1577 /* First, create a unique name for the driver if we don't have one */
1578 if (!DriverName)
1579 {
1580 /* Create a random name and set up the string */
1586 LocalDriverName.Buffer = NameBuffer;
1587 }
1588 else
1589 {
1590 /* So we can avoid another code path, use a local var */
1591 LocalDriverName = *DriverName;
1592 }
1593
1594 /* Initialize the Attributes */
1597 &LocalDriverName,
1599 NULL,
1600 NULL);
1601
1602 /* Create the Object */
1604 IoDriverObjectType,
1605 &ObjectAttributes,
1606 KernelMode,
1607 NULL,
1608 ObjectSize,
1609 0,
1610 0,
1613
1615
1616 /* Set up the Object */
1624 /* Loop all Major Functions */
1626 {
1627 /* Invalidate each function */
1629 }
1630
1631 /* Set up the service key name buffer */
1633 ServiceKeyName.Buffer = ExAllocatePoolWithTag(PagedPool, LocalDriverName.MaximumLength, TAG_IO);
1635 {
1636 /* Fail */
1640 }
1641
1642 /* For builtin drivers, the ServiceKeyName is equal to DriverName */
1643 RtlCopyUnicodeString(&ServiceKeyName, &LocalDriverName);
1645 DriverObject->DriverExtension->ServiceKeyName = ServiceKeyName;
1646
1647 /* Make a copy of the driver name to store in the driver object */
1650 DriverObject->DriverName.MaximumLength,
1651 TAG_IO);
1653 {
1654 /* Fail */
1658 }
1659
1661
1662 /* Add the Object and get its handle */
1664 NULL,
1665 FILE_READ_DATA,
1666 0,
1667 NULL,
1668 &hDriver);
1669
1670 /* Eliminate small possibility when this function is called more than
1671 once in a row, and KeTickCount doesn't get enough time to change */
1673 {
1674 RetryCount++;
1675 goto try_again;
1676 }
1677
1679
1680 /* Now reference it */
1682 0,
1683 IoDriverObjectType,
1684 KernelMode,
1686 NULL);
1687
1688 /* Close the extra handle */
1690
1692 {
1693 /* Fail */
1697 }
1698
1699 /* Finally, call its init function */
1703 {
1704 /* If it didn't work, then kill the object */
1709 }
1710
1711 /* Windows does this fixup, keep it for compatibility */
1713 {
1714 /*
1715 * Make sure the driver didn't set any dispatch entry point to NULL!
1716 * Doing so is illegal; drivers shouldn't touch entry points they
1717 * do not implement.
1718 */
1719
1720 /* Check if it did so anyway */
1722 {
1723 /* Print a warning in the debug log */
1726
1727 /* Fix it up */
1729 }
1730 }
1731
1732 /* Return the Status */
1734}
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
Definition: nsiface.idl:2307
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
#define UNICODE_NULL
NTSTATUS NTAPI IopInvalidDeviceRequest(PDEVICE_OBJECT DeviceObject, PIRP Irp)
Definition: driver.c:65
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2935
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:951
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
Definition: iotypes.h:2274
Definition: iotypes.h:947
Definition: umtypes.h:182
Definition: env_spec_w32.h:368
_In_ LPWSTR _In_ ULONG _In_ ULONG _In_ ULONG _Out_ DEVINFO _In_ HDEV _In_ LPWSTR _In_ HANDLE hDriver
Definition: winddi.h:3557
struct _DRIVER_OBJECT DRIVER_OBJECT
struct _DRIVER_EXTENSION * PDRIVER_EXTENSION
#define IO_TYPE_DRIVER
#define IRP_MJ_MAXIMUM_FUNCTION
Referenced by HaliInitPnpDriver(), IopInitializeBootDrivers(), IopInitializePlugPlayServices(), and WmiInitialize().
◆ IoDeleteDriver()
| VOID NTAPI IoDeleteDriver | ( | _In_ PDRIVER_OBJECT | DriverObject | ) |
◆ IoGetDriverObjectExtension()
| PVOID NTAPI IoGetDriverObjectExtension | ( | IN PDRIVER_OBJECT | DriverObject, |
| IN PVOID | ClientIdentificationAddress | ||
| ) |
Definition at line 1889 of file driver.c.
1891{
1893 PIO_CLIENT_EXTENSION DriverExtensions;
1894
1895 /* Acquire lock */
1897
1898 /* Loop the list until we find the right one */
1900 while (DriverExtensions)
1901 {
1902 /* Check for a match */
1905 {
1906 /* Break out */
1907 break;
1908 }
1909
1910 /* Keep looping */
1911 DriverExtensions = DriverExtensions->NextExtension;
1912 }
1913
1914 /* Release lock */
1916
1917 /* Return nothing or the extension */
1919 return DriverExtensions + 1;
1920}
Referenced by _Dispatch_type_(), _IRQL_requires_max_(), ClassAddDevice(), ClassDispatchPnp(), ClassGetPdoId(), ClassPnpQueryFdoRelations(), ClassPnpStartDevice(), ClassUnload(), ConDrvCreateController(), ConDrvDeleteController(), CreateClassDeviceObject(), CreateGreenFdo(), DestroyPortDriver(), GreenAddDevice(), GreenDispatch(), HidClassAddDevice(), i8042RemoveDevice(), IntVideoPortAddDevice(), IntVideoPortFilterResourceRequirements(), IntVideoPortPnPStartDevice(), KeyboardAddDevice(), KopDispatchCreate(), KsAddDevice(), Mx::MxGetDriverObjectExtension(), NdisIAddDevice(), PciIdeXAddDevice(), PciIdeXFdoStartDevice(), PortAddDevice(), PortUnload(), ScreenAddDevice(), ScsiPortInitialize(), SermouseAddDevice(), StorPortInitialize(), StreamClassAddDevice(), StreamClassStartDevice(), VfdCreateDevice(), VfdDeleteDevice(), VfdStoreLink(), VfdUnloadDriver(), VideoPortGetAccessRanges(), VideoPortInitialize(), and WdfDeleteKmdfVersionFromRegistry().
◆ IopDeleteDriver()
Definition at line 77 of file driver.c.
78{
81 PAGED_CODE();
82
84
85 /* There must be no device objects remaining at this point */
87
88 /* Get the extension and loop them */
91 {
92 /* Get the next one */
93 NextDriverExtension = DriverExtension->NextExtension;
95
96 /* Move on */
97 DriverExtension = NextDriverExtension;
98 }
99
100 /* Check if the driver image is still loaded */
102 {
103 /* Unload it */
105 }
106
107 /* Check if it has a name */
109 {
110 /* Free it */
112 }
113
114 /* Check if it has a service key name */
116 {
117 /* Free it */
119 }
120}
Referenced by IopCreateObjectTypes().
◆ IopDisplayLoadingMessage()
| VOID FASTCALL IopDisplayLoadingMessage | ( | PUNICODE_STRING | ServiceName | ) |
Definition at line 315 of file driver.c.
316{
319
324 "%s%sSystem32\\Drivers\\%wZ%s\r\n",
327 ServiceName,
330}
NTSTATUS RtlUpcaseUnicodeString(PUNICODE_STRING dst, PUNICODE_STRING src, BOOLEAN Alloc)
Definition: string_lib.cpp:46
NTHALAPI VOID NTAPI HalDisplayString(PUCHAR String)
BOOLEAN NTAPI IopSuffixUnicodeString(IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2)
Definition: driver.c:281
Referenced by IopInitializeBuiltinDriver(), and IopLoadDriver().
◆ IopDoLoadUnloadDriver()
| NTSTATUS IopDoLoadUnloadDriver | ( | _In_opt_ PUNICODE_STRING | RegistryPath, |
| _Inout_ PDRIVER_OBJECT * | DriverObject | ||
| ) |
Process load and unload driver operations. This is mostly for NtLoadDriver and NtUnloadDriver, because their code should run inside PsInitialSystemProcess.
- Parameters
-
[in] RegistryPath The registry path DriverObject The driver object
- Returns
- Status of the operation
Definition at line 2084 of file driver.c.
2087{
2088 LOAD_UNLOAD_PARAMS LoadParams;
2089
2090 /* Prepare parameters block */
2093
2095 {
2098
2099 /* Initialize and queue a work item */
2102
2103 /* And wait till it completes */
2105 }
2106 else
2107 {
2108 /* If we're already in a system process, call it right here */
2110 IopLoadUnloadDriverWorker(&LoadParams);
2111 }
2112
2114}
#define KeWaitForSingleObject(pEvt, foo, a, b, c)
Definition: env_spec_w32.h:478
static VOID NTAPI IopLoadUnloadDriverWorker(_Inout_ PVOID Parameter)
Definition: driver.c:2038
Definition: driver.c:47
_Must_inspect_result_ _In_ PDRIVER_OBJECT _In_ PCUNICODE_STRING RegistryPath
Definition: wdfdriver.h:215
VOID NTAPI ExQueueWorkItem(IN PWORK_QUEUE_ITEM WorkItem, IN WORK_QUEUE_TYPE QueueType)
Definition: work.c:723
Referenced by IopUnloadDriver(), and NtLoadDriver().
◆ IopGetDeviceObjectFromDeviceInstance()
| PDEVICE_OBJECT IopGetDeviceObjectFromDeviceInstance | ( | PUNICODE_STRING | DeviceInstance | ) |
Definition at line 118 of file plugplay.c.
119{
121 IOP_FIND_DEVICE_INSTANCE_TRAVERSE_CONTEXT DeviceInstanceContext;
122
125
127 DeviceInstance->Length == 0)
128 {
130 {
133 }
134 else
136 }
137
138 /* Traverse the device tree to find the matching device node */
142 IopRootDeviceNode,
144 &DeviceInstanceContext);
146
147 /* In case of error or instance not found, this will still be NULL from above. */
149}
#define IopInitDeviceTreeTraverseContext( _DeviceTreeTraverseContext, _DeviceNode, _Action, _Context)
Definition: io.h:229
NTSTATUS IopTraverseDeviceTree(PDEVICETREE_TRAVERSE_CONTEXT Context)
NTSTATUS IopFindDeviceInstanceTraverse(_In_ PDEVICE_NODE DeviceNode, _Inout_ PVOID Context)
Definition: plugplay.c:98
Definition: compobj.c:4795
Definition: io.h:475
PDEVICE_OBJECT DeviceObject
Definition: plugplay.c:24
PCUNICODE_STRING InstancePath
Definition: plugplay.c:23
Referenced by IopInitializeBuiltinDriver().
◆ IopGetDriverNames()
| NTSTATUS IopGetDriverNames | ( | _In_ HANDLE | ServiceHandle, |
| _Out_ PUNICODE_STRING | DriverName, | ||
| _Out_opt_ PUNICODE_STRING | ServiceName | ||
| ) |
Definition at line 123 of file driver.c.
127{
129 PKEY_VALUE_FULL_INFORMATION kvInfo;
131
132 PAGED_CODE();
133
134 /* 1. Check the "ObjectName" field in the driver's registry key (it has priority) */
137 {
138 /* We've got the ObjectName, use it as the driver name */
140 {
141 ExFreePool(kvInfo);
143 }
144
149 {
150 ExFreePool(kvInfo);
152 }
153
156 driverName.Length);
158 ExFreePool(kvInfo);
159 }
160
161 /* Check whether we need to get ServiceName as well, either to construct
162 * the driver name (because we could not use "ObjectName"), or because
163 * it is requested by the caller. */
166 {
167 /* Retrieve the necessary buffer size */
168 ULONG infoLength;
171 {
174 }
175
176 /* Allocate the buffer and retrieve the data */
178 if (!basicInfo)
179 {
182 }
183
186 {
188 }
189
193 }
194
195 /* 2. There is no "ObjectName" - construct it ourselves. Depending on the driver type,
196 * it will be either "\Driver<ServiceName>" or "\FileSystem<ServiceName>" */
198 {
200
201 /* Retrieve the driver type */
202 ULONG driverType;
205 {
207 }
209 {
210 ExFreePool(kvInfo);
213 }
214
215 RtlMoveMemory(&driverType,
218 ExFreePool(kvInfo);
219
220 /* Compute the necessary driver name string size */
223 else
225
227 driverName.Length = 0;
228
229 /* Allocate and build it */
232 {
235 }
236
239 else
241
243 }
244
246 {
248
249 /* Allocate a copy for the caller */
252 {
255 }
260 }
261
262 *DriverName = driverName;
264
265Cleanup:
266 if (basicInfo)
268
271
273}
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
NTSTATUS NTAPI IopGetRegistryValue(IN HANDLE Handle, IN PWSTR ValueName, OUT PKEY_VALUE_FULL_INFORMATION *Information)
Definition: pnpmgr.c:1606
Definition: nt_native.h:1099
Definition: nt_native.h:1155
Referenced by IopInitializeDriverModule(), and PiAttachFilterDriversCallback().
◆ IopInitializeBootDrivers()
Definition at line 1008 of file driver.c.
1009{
1010 PLIST_ENTRY ListHead, NextEntry, NextEntry2;
1011 PLDR_DATA_TABLE_ENTRY LdrEntry;
1013 UNICODE_STRING DriverName;
1017 PBOOT_DRIVER_LIST_ENTRY BootEntry;
1019
1020 /* Create the RAW FS built-in driver */
1022
1025 {
1026 /* Fail */
1027 return;
1028 }
1029
1030 /* Get highest group order index */
1033 {
1034 UNIMPLEMENTED_DBGBREAK();
1035 }
1036
1037 /* Allocate the group table */
1040 TAG_IO);
1042 {
1043 UNIMPLEMENTED_DBGBREAK();
1044 }
1045
1046 /* Initialize the group table lists */
1048
1049 /* Loop the boot modules */
1052 NextEntry != ListHead;
1053 NextEntry = NextEntry->Flink)
1054 {
1055 /* Get the entry */
1056 LdrEntry = CONTAINING_RECORD(NextEntry,
1057 LDR_DATA_TABLE_ENTRY,
1058 InLoadOrderLinks);
1059
1060 /* Check if the DLL needs to be initialized */
1062 {
1063 /* Call its entrypoint */
1065 }
1066 }
1067
1068 /* Loop the boot drivers */
1071 NextEntry != ListHead;
1072 NextEntry = NextEntry->Flink)
1073 {
1074 /* Get the entry */
1075 BootEntry = CONTAINING_RECORD(NextEntry,
1076 BOOT_DRIVER_LIST_ENTRY,
1077 Link);
1078
1079 // FIXME: TODO: This LdrEntry is to be used in a special handling
1080 // for SETUPLDR (a similar procedure is done on Windows), where
1081 // the loader would, under certain conditions, be loaded in the
1082 // SETUPLDR-specific code block below...
1083#if 0
1084 /* Get the driver loader entry */
1085 LdrEntry = BootEntry->LdrEntry;
1086#endif
1087
1088 /* Allocate our internal accounting structure */
1091 TAG_IO);
1093 {
1094 /* Zero it and initialize it */
1098
1099 /* Open the registry key */
1101 NULL,
1102 &BootEntry->RegistryPath,
1103 KEY_READ);
1105#if 0
1107#else // Hack still needed...
1110#endif
1111 {
1112 /* Save the handle */
1114
1115 /* Get the group oder index */
1117
1118 /* Get the tag position */
1120
1121 /* Insert it into the list, at the right place */
1125 {
1126 /* Get the driver info */
1127 DriverInfoTag = CONTAINING_RECORD(NextEntry2,
1128 DRIVER_INFORMATION,
1129 Link);
1130
1131 /* Check if we found the right tag position */
1133 {
1134 /* We're done */
1135 break;
1136 }
1137
1138 /* Next entry */
1139 NextEntry2 = NextEntry2->Flink;
1140 }
1141
1142 /* Insert us right before the next entry */
1143 NextEntry2 = NextEntry2->Blink;
1145 }
1146 }
1147 }
1148
1149 /* Loop each group index */
1151 {
1152 /* Loop each group table */
1155 NextEntry = NextEntry->Flink)
1156 {
1157 /* Get the entry */
1159 DRIVER_INFORMATION,
1160 Link);
1161
1162 /* Get the driver loader entry */
1164
1165 /* Initialize it */
1167 {
1168 // it does not make sense to enumerate the tree if there are no new devices added
1170 PiActionEnumRootDevices,
1171 NULL,
1172 NULL);
1173 }
1174 }
1175 }
1176
1177 /* HAL Root Bus is being initialized before loading the boot drivers so this may cause issues
1178 * when some devices are not being initialized with their drivers. This flag is used to delay
1179 * all actions with devices (except PnP root device) until boot drivers are loaded.
1180 * See PiQueueDeviceAction function
1181 */
1183
1185
1187 PiActionEnumDeviceTree,
1188 NULL,
1189 NULL);
1190}
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI IopOpenRegistryKeyEx(PHANDLE KeyHandle, HANDLE ParentKey, PUNICODE_STRING Name, ACCESS_MASK DesiredAccess)
Definition: pnpmgr.c:1455
NTSTATUS NTAPI RawFsDriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
Definition: rawfs.c:1193
USHORT NTAPI PpInitGetGroupOrderIndex(IN HANDLE ServiceHandle)
Definition: pnpinit.c:155
USHORT NTAPI PipGetDriverTagPriority(IN HANDLE ServiceHandle)
Definition: pnpinit.c:198
VOID PiQueueDeviceAction(_In_ PDEVICE_OBJECT DeviceObject, _In_ DEVICE_ACTION Action, _In_opt_ PKEVENT CompletionEvent, _Out_opt_ NTSTATUS *CompletionStatus)
Queue a device operation to a worker thread.
Definition: devaction.c:2655
NTSTATUS NTAPI MmCallDllInitialize(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN PLIST_ENTRY ListHead)
Definition: sysldr.c:295
static BOOLEAN IopInitializeBuiltinDriver(IN PLDR_DATA_TABLE_ENTRY BootLdrEntry)
Definition: driver.c:792
NTSTATUS NTAPI IoCreateDriver(_In_opt_ PUNICODE_STRING DriverName, _In_ PDRIVER_INITIALIZE InitializationFunction)
Definition: driver.c:1561
Definition: arc.h:199
Definition: ne2000.h:186
Definition: btrfs_drv.h:1876
Definition: typedefs.h:120
struct _SETUP_LOADER_BLOCK * SetupLdrBlock
Definition: arc.h:511
Referenced by IoInitSystem().
◆ IopInitializeBuiltinDriver()
|
static |
Definition at line 792 of file driver.c.
793{
797 PWSTR FileExtension;
799 PLDR_DATA_TABLE_ENTRY LdrEntry;
800 PLIST_ENTRY NextEntry;
803
804 /*
805 * Display 'Loading XXX...' message
806 */
808 InbvIndicateProgress();
809
812 TAG_IO);
814 {
816 }
817
820
821 /*
822 * Generate filename without path (not needed by freeldr)
823 */
826 {
827 FileNameWithoutPath = Buffer;
828 }
829 else
830 {
831 FileNameWithoutPath++;
832 }
833
834 /*
835 * Strip the file extension from ServiceName
836 */
840 {
842 }
843
846 {
848 FileExtension[0] = UNICODE_NULL;
849 }
850
852
853 // Make the registry path for the driver
854 RegistryPath.Length = 0;
858 {
860 }
864
865 HANDLE serviceHandle;
869 {
871 }
872
873 /* Lookup the new Ldr entry in PsLoadedModuleList */
875 NextEntry != &PsLoadedModuleList;
876 NextEntry = NextEntry->Flink)
877 {
878 LdrEntry = CONTAINING_RECORD(NextEntry,
879 LDR_DATA_TABLE_ENTRY,
880 InLoadOrderLinks);
882 {
883 break;
884 }
885 }
887
888 /*
889 * Initialize the driver
890 */
891 NTSTATUS driverEntryStatus;
893 serviceHandle,
894 &DriverObject,
895 &driverEntryStatus);
896
898 {
901 }
902
903 // The driver has been loaded, now check if where are any PDOs
904 // for that driver, and queue AddDevice call for them.
905 // The check is possible because HKLM/SYSTEM/CCS/Services/<ServiceName>/Enum directory
906 // is populated upon a new device arrival based on a (critical) device database
907
908 // Legacy drivers may add devices inside DriverEntry.
909 // We're lazy and always assume that they are doing so
911
912 HANDLE enumServiceHandle;
914
916 ZwClose(serviceHandle);
917
919 {
920 ULONG instanceCount = 0;
921 PKEY_VALUE_FULL_INFORMATION kvInfo;
924 {
926 }
928 {
929 ExFreePool(kvInfo);
931 }
932
933 RtlMoveMemory(&instanceCount,
936 ExFreePool(kvInfo);
937
939
941 {
943 UNICODE_STRING instancePath;
945
948 {
949 continue;
950 }
952 {
953 ExFreePool(kvInfo);
954 continue;
955 }
956
960 instancePath.MaximumLength,
961 TAG_IO);
963 {
966 instancePath.Length);
968
971 {
973 ObDereferenceObject(pdo);
974 deviceAdded = TRUE;
975 }
976 else
977 {
979 }
980 }
981
982 ExFreePool(kvInfo);
983 }
984
985 ZwClose(enumServiceHandle);
986 }
987Cleanup:
988 /* Remove extra reference from IopInitializeDriverModule */
990
991 return deviceAdded;
992}
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
Definition: acpixf.h:1280
Definition: bufpool.h:45
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
VOID NTAPI InbvIndicateProgress(VOID)
Gives some progress feedback, without specifying any explicit number of progress steps or percentage....
Definition: inbv.c:625
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
PDEVICE_OBJECT IopGetDeviceObjectFromDeviceInstance(PUNICODE_STRING DeviceInstance)
Definition: plugplay.c:118
NTSTATUS IopInitializeDriverModule(_In_ PLDR_DATA_TABLE_ENTRY ModuleObject, _In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT *OutDriverObject, _Out_ NTSTATUS *DriverEntryStatus)
Initialize a loaded driver.
Definition: driver.c:428
VOID FASTCALL IopDisplayLoadingMessage(PUNICODE_STRING ServiceName)
Definition: driver.c:315
NTSTRSAFEVAPI RtlStringCchPrintfW(_Out_writes_(cchDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cchDest, _In_ _Printf_format_string_ NTSTRSAFE_PCWSTR pszFormat,...)
Definition: ntstrsafe.h:1110
Definition: env_spec_w32.h:413
Referenced by IopInitializeBootDrivers().
◆ IopInitializeDriverModule()
| NTSTATUS IopInitializeDriverModule | ( | _In_ PLDR_DATA_TABLE_ENTRY | ModuleObject, |
| _In_ HANDLE | ServiceHandle, | ||
| _Out_ PDRIVER_OBJECT * | OutDriverObject, | ||
| _Out_ NTSTATUS * | DriverEntryStatus | ||
| ) |
Initialize a loaded driver.
- Parameters
-
[in] ModuleObject Module object representing the driver. It can be retrieved by IopLoadServiceModule. Freed on failure, so in a such case this should not be accessed anymore [in] ServiceHandle Handle to a driver's CCS/Services/<ServiceName> key [out] DriverObject This contains the driver object if it was created (even with unsuccessfull result) [out] DriverEntryStatus This contains the status value returned by the driver's DriverEntry routine (will not be valid of the return value is not STATUS_SUCCESS or STATUS_FAILED_DRIVER_ENTRY)
- Returns
- Status of the operation
Definition at line 428 of file driver.c.
433{
436
437 PAGED_CODE();
438
441 {
442 MmUnloadSystemImage(ModuleObject);
444 }
445
447
448 /*
449 * Retrieve the driver's PE image NT header and perform some sanity checks.
450 * NOTE: We suppose that since the driver has been successfully loaded,
451 * its NT and optional headers are all valid and have expected sizes.
452 */
454 ASSERT(NtHeaders);
455 // NOTE: ModuleObject->SizeOfImage is actually (number of PTEs)*PAGE_SIZE.
457 ASSERT(ModuleObject->EntryPoint == RVA(ModuleObject->DllBase, NtHeaders->OptionalHeader.AddressOfEntryPoint));
458
459 /* Obtain the registry path for the DriverInit routine */
460 PKEY_NAME_INFORMATION nameInfo;
461 ULONG infoLength;
464 {
466 if (nameInfo)
467 {
468 Status = ZwQueryKey(ServiceHandle,
469 KeyNameInformation,
470 nameInfo,
471 infoLength,
472 &infoLength);
474 {
478 }
479 else
480 {
482 }
483 }
484 else
485 {
487 }
488 }
489 else
490 {
492 }
493
495 {
497 RtlFreeUnicodeString(&DriverName);
498 MmUnloadSystemImage(ModuleObject);
500 }
501
502 /* Create the driver object */
504 OBJECT_ATTRIBUTES objAttrs;
505 PDRIVER_OBJECT driverObject;
506 InitializeObjectAttributes(&objAttrs,
507 &DriverName,
509 NULL,
510 NULL);
511
513 IoDriverObjectType,
514 &objAttrs,
515 KernelMode,
516 NULL,
517 ObjectSize,
518 0,
519 0,
520 (PVOID*)&driverObject);
522 {
525 RtlFreeUnicodeString(&DriverName);
526 MmUnloadSystemImage(ModuleObject);
529 }
530
532
533 RtlZeroMemory(driverObject, ObjectSize);
536
537 /* Set the legacy flag if this is not a WDM driver */
540
541 driverObject->DriverSection = ModuleObject;
542 driverObject->DriverStart = ModuleObject->DllBase;
543 driverObject->DriverSize = ModuleObject->SizeOfImage;
544 driverObject->DriverInit = ModuleObject->EntryPoint;
548
549 /* Loop all Major Functions */
551 {
552 /* Invalidate each function */
554 }
555
556 /* Add the Object and get its handle */
560 {
563 RtlFreeUnicodeString(&DriverName);
565 }
566
567 /* Now reference it */
569 0,
570 IoDriverObjectType,
571 KernelMode,
572 (PVOID*)&driverObject,
573 NULL);
574
575 /* Close the extra handle */
577
579 {
582 RtlFreeUnicodeString(&DriverName);
584 }
585
586 /* Set up the service key name buffer */
587 UNICODE_STRING serviceKeyName;
588 serviceKeyName.Length = 0;
589 // NULL-terminate for Windows compatibility
592 serviceKeyName.MaximumLength,
593 TAG_IO);
595 {
596 ObMakeTemporaryObject(driverObject);
597 ObDereferenceObject(driverObject);
600 RtlFreeUnicodeString(&DriverName);
602 }
603
604 /* Copy the name and set it in the driver extension */
608
609 /* Make a copy of the driver name to store in the driver object */
610 UNICODE_STRING driverNamePaged;
611 driverNamePaged.Length = 0;
612 // NULL-terminate for Windows compatibility
615 driverNamePaged.MaximumLength,
616 TAG_IO);
618 {
619 ObMakeTemporaryObject(driverObject);
620 ObDereferenceObject(driverObject);
622 RtlFreeUnicodeString(&DriverName);
624 }
625
626 RtlCopyUnicodeString(&driverNamePaged, &DriverName);
627 driverObject->DriverName = driverNamePaged;
628
629 /* Finally, call its init function */
631 *DriverEntryStatus = Status;
633 {
635 // return a special status value in case of failure
637 }
638
639 /* HACK: We're going to say if we don't have any DOs from DriverEntry, then we're not legacy.
640 * Other parts of the I/O manager depend on this behavior */
642 {
643 driverObject->Flags &= ~DRVO_LEGACY_DRIVER;
644 }
645
646 /* Windows does this fixup, keep it for compatibility */
648 {
649 /*
650 * Make sure the driver didn't set any dispatch entry point to NULL!
651 * Doing so is illegal; drivers shouldn't touch entry points they
652 * do not implement.
653 */
654
655 /* Check if it did so anyway */
657 {
658 /* Print a warning in the debug log */
661
662 /* Fix it up */
664 }
665 }
666
667 // TODO: for legacy drivers, unload the driver if it didn't create any DO
668
670 RtlFreeUnicodeString(&DriverName);
671
673 {
674 // if the driver entry has been failed, clear the object
675 ObMakeTemporaryObject(driverObject);
676 ObDereferenceObject(driverObject);
678 }
679
680 *OutDriverObject = driverObject;
681
683
684 /* Set the driver as initialized */
685 IopReadyDeviceObjects(driverObject);
686
688
690}
#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
Definition: ntimage.h:462
VOID NTAPI IopReadyDeviceObjects(IN PDRIVER_OBJECT Driver)
Definition: device.c:34
VOID NTAPI MmFreeDriverInitialization(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: sysldr.c:1622
NTSTATUS IopGetDriverNames(_In_ HANDLE ServiceHandle, _Out_ PUNICODE_STRING DriverName, _Out_opt_ PUNICODE_STRING ServiceName)
Definition: driver.c:123
Definition: iotypes.h:2218
PDRIVER_DISPATCH MajorFunction[IRP_MJ_MAXIMUM_FUNCTION+1]
Definition: iotypes.h:2289
Definition: ntddk_ex.h:181
Definition: winternl.h:1184
#define ROUND_TO_PAGES(Size)
Referenced by IopInitializeBuiltinDriver(), and IopLoadDriver().
◆ IopInitializeSystemDrivers()
Definition at line 1195 of file driver.c.
1196{
1197 PUNICODE_STRING *DriverList, *SavedList;
1198
1200
1201 /* No system drivers on the boot cd */
1203
1204 /* Get the driver list */
1205 SavedList = DriverList = CmGetSystemDriverList();
1206 ASSERT(DriverList);
1207
1208 /* Loop it */
1209 while (*DriverList)
1210 {
1211 /* Load the driver */
1212 ZwLoadDriver(*DriverList);
1213
1214 /* Free the entry */
1215 RtlFreeUnicodeString(*DriverList);
1216 ExFreePool(*DriverList);
1217
1218 /* Next entry */
1219 InbvIndicateProgress();
1220 DriverList++;
1221 }
1222
1223 /* Free the list */
1224 ExFreePool(SavedList);
1225
1227 PiActionEnumDeviceTree,
1228 NULL,
1229 NULL);
1230}
NTSTATUS PiPerformSyncDeviceAction(_In_ PDEVICE_OBJECT DeviceObject, _In_ DEVICE_ACTION Action)
Perfom a device operation synchronously via PiQueueDeviceAction.
Definition: devaction.c:2714
Referenced by IoInitSystem().
◆ IopInvalidDeviceRequest()
| NTSTATUS NTAPI IopInvalidDeviceRequest | ( | PDEVICE_OBJECT | DeviceObject, |
| PIRP | Irp | ||
| ) |
Definition at line 65 of file driver.c.
Referenced by IoCreateDriver(), and IopInitializeDriverModule().
◆ IopLoadDriver()
| NTSTATUS IopLoadDriver | ( | _In_ HANDLE | ServiceHandle, |
| _Out_ PDRIVER_OBJECT * | DriverObject | ||
| ) |
Definition at line 1923 of file driver.c.
1926{
1927 UNICODE_STRING ImagePath;
1929 PLDR_DATA_TABLE_ENTRY ModuleObject;
1931
1932 PKEY_VALUE_FULL_INFORMATION kvInfo;
1935 {
1937 {
1938 ExFreePool(kvInfo);
1940 }
1941
1946 {
1947 ExFreePool(kvInfo);
1949 }
1950
1953 ImagePath.Length);
1955 ExFreePool(kvInfo);
1956 }
1957 else
1958 {
1960 }
1961
1962 /*
1963 * Normalize the image path for all later processing.
1964 */
1967 {
1970 }
1971
1973
1974 KeEnterCriticalRegion();
1976
1977 /*
1978 * Load the driver module
1979 */
1982 RtlFreeUnicodeString(&ImagePath);
1983
1985 {
1988 KeLeaveCriticalRegion();
1990 }
1991
1992 // Display the loading message
1993 ULONG infoLength;
1996 {
1998 if (servName)
1999 {
2000 Status = ZwQueryKey(ServiceHandle,
2001 KeyBasicInformation,
2002 servName,
2003 infoLength,
2004 &infoLength);
2006 {
2008 .Length = servName->NameLength,
2009 .MaximumLength = servName->NameLength,
2010 .Buffer = servName->Name
2011 };
2012
2014 }
2016 }
2017 }
2018
2019 NTSTATUS driverEntryStatus;
2021 ServiceHandle,
2022 DriverObject,
2023 &driverEntryStatus);
2025 {
2027 }
2028
2030 KeLeaveCriticalRegion();
2031
2033}
#define ExAcquireResourceExclusiveLite(res, wait)
Definition: env_spec_w32.h:615
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
VOID FASTCALL ExReleaseResourceLite(IN PERESOURCE Resource)
Definition: resource.c:1817
NTSTATUS NTAPI MmLoadSystemImage(IN PUNICODE_STRING FileName, IN PUNICODE_STRING NamePrefix OPTIONAL, IN PUNICODE_STRING LoadedName OPTIONAL, IN ULONG Flags, OUT PVOID *ModuleObject, OUT PVOID *ImageBaseAddress)
Definition: sysldr.c:2885
NTSTATUS FASTCALL IopNormalizeImagePath(_Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING ImagePath, _In_ PUNICODE_STRING ServiceName)
Definition: driver.c:354
Referenced by IopLoadUnloadDriverWorker(), and PiAttachFilterDriversCallback().
◆ IopLoadUnloadDriverWorker()
Definition at line 2038 of file driver.c.
2040{
2042
2044
2046 {
2047 // unload request
2050 }
2051 else
2052 {
2053 // load request
2054 HANDLE serviceHandle;
2058 {
2060 }
2061 else
2062 {
2064 ZwClose(serviceHandle);
2065 }
2066 }
2067
2069 {
2071 }
2072}
NTSTATUS IopLoadDriver(_In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT *DriverObject)
Definition: driver.c:1923
Referenced by IopDoLoadUnloadDriver().
◆ IopNormalizeImagePath()
| NTSTATUS FASTCALL IopNormalizeImagePath | ( | _Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING | ImagePath, |
| _In_ PUNICODE_STRING | ServiceName | ||
| ) |
Definition at line 354 of file driver.c.
358{
362 UNICODE_STRING InputImagePath;
363
365
366 InputImagePath = *ImagePath;
368 {
369 ImagePath->Length = 0;
370 ImagePath->MaximumLength = DriversPathString.Length +
371 ServiceName->Length +
372 DotSysString.Length +
375 ImagePath->MaximumLength,
376 TAG_IO);
379
380 RtlCopyUnicodeString(ImagePath, &DriversPathString);
382 RtlAppendUnicodeStringToString(ImagePath, &DotSysString);
383 }
385 {
386 ImagePath->Length = 0;
387 ImagePath->MaximumLength = SystemRootString.Length +
388 InputImagePath.Length +
391 ImagePath->MaximumLength,
392 TAG_IO);
395
396 RtlCopyUnicodeString(ImagePath, &SystemRootString);
397 RtlAppendUnicodeStringToString(ImagePath, &InputImagePath);
398
399 /* Free caller's string */
401 }
402
404
406}
Referenced by IopLoadDriver(), and IopUnloadDriver().
◆ IopReinitializeBootDrivers()
Definition at line 1517 of file driver.c.
1518{
1519 PDRIVER_REINIT_ITEM ReinitItem;
1521
1522 /* Get the first entry and start looping */
1524 &DriverBootReinitListLock);
1526 {
1527 /* Get the item */
1529
1530 /* Increment reinitialization counter */
1532
1533 /* Remove the device object flag */
1535
1536 /* Call the routine */
1538 ReinitItem->Context,
1539 ReinitItem->DriverObject->
1540 DriverExtension->Count);
1541
1542 /* Free the entry */
1544
1545 /* Move to the next one */
1547 &DriverBootReinitListLock);
1548 }
1549
1550 /* Wait for all device actions being finished*/
1552}
PLIST_ENTRY NTAPI ExInterlockedRemoveHeadList(IN OUT PLIST_ENTRY ListHead, IN OUT PKSPIN_LOCK Lock)
Definition: interlocked.c:166
Definition: io.h:447
Referenced by IoInitSystem().
◆ IopReinitializeDrivers()
Definition at line 1481 of file driver.c.
1482{
1483 PDRIVER_REINIT_ITEM ReinitItem;
1485
1486 /* Get the first entry and start looping */
1488 &DriverReinitListLock);
1490 {
1491 /* Get the item */
1493
1494 /* Increment reinitialization counter */
1496
1497 /* Remove the device object flag */
1499
1500 /* Call the routine */
1502 ReinitItem->Context,
1503 ReinitItem->DriverObject->
1504 DriverExtension->Count);
1505
1506 /* Free the entry */
1508
1509 /* Move to the next one */
1511 &DriverReinitListLock);
1512 }
1513}
Referenced by IoInitSystem(), and IopInitializeDriverModule().
◆ IopSuffixUnicodeString()
| BOOLEAN NTAPI IopSuffixUnicodeString | ( | IN PCUNICODE_STRING | String1, |
| IN PCUNICODE_STRING | String2 | ||
| ) |
Definition at line 281 of file driver.c.
284{
288
291
292 Length = String1->Length / 2;
293 pc1 = String1->Buffer;
295
297 {
299 {
302 }
304 }
306}
Referenced by IopDisplayLoadingMessage().
◆ IopUnloadDriver()
| NTSTATUS NTAPI IopUnloadDriver | ( | PUNICODE_STRING | DriverServiceName, |
| BOOLEAN | UnloadPnpDrivers | ||
| ) |
Definition at line 1254 of file driver.c.
1255{
1258 UNICODE_STRING ImagePath;
1263 PEXTENDED_DEVOBJ_EXTENSION DeviceExtension;
1265 USHORT LastBackslash;
1268 UNICODE_STRING CapturedServiceName;
1269
1270 PAGED_CODE();
1271
1273
1274 /* Need the appropriate priviliege */
1276 {
1279 }
1280
1281 /* Capture the service name */
1283 PreviousMode,
1284 DriverServiceName);
1286 {
1288 }
1289
1291
1292 /* We need a service name */
1294 {
1297 }
1298
1299 /*
1300 * Get the service name from the registry key name
1301 */
1303 &CapturedServiceName,
1304 &Backslash,
1305 &LastBackslash);
1307 {
1312 }
1313 else
1314 {
1315 ServiceName = CapturedServiceName;
1316 }
1317
1318 /*
1319 * Construct the driver object name
1320 */
1322 ServiceName.Length,
1323 &ObjectName.MaximumLength);
1325 {
1328 }
1329 ObjectName.Length = 0;
1331 ObjectName.MaximumLength,
1332 TAG_IO);
1334 {
1337 }
1340
1341 /*
1342 * Find the driver object
1343 */
1345 0,
1346 0,
1347 0,
1348 IoDriverObjectType,
1349 KernelMode,
1350 0,
1352
1354 {
1359 }
1360
1361 /* Free the buffer for driver object name */
1363
1364 /* Check that driver is not already unloading */
1366 {
1371 }
1372
1373 /*
1374 * Get path of service...
1375 */
1377
1379
1383
1385 CapturedServiceName.Buffer,
1386 QueryTable,
1387 NULL,
1388 NULL);
1389
1390 /* We no longer need service name */
1392
1394 {
1398 }
1399
1400 /*
1401 * Normalize the image path for all later processing.
1402 */
1404
1406 {
1410 }
1411
1412 /* Free the service path */
1414
1415 /*
1416 * Unload the module and release the references to the device object
1417 */
1418
1419 /* Call the load/unload routine, depending on current process */
1422 {
1423 /* Loop through each device object of the driver
1424 and set DOE_UNLOAD_PENDING flag */
1427 {
1428 /* Set the unload pending flag for the device */
1431
1432 /* Make sure there are no attached devices or no reference counts */
1434 {
1435 /* Not safe to unload */
1437
1438 SafeToUnload = FALSE;
1439 }
1440
1442 }
1443
1444 /* If not safe to unload, then return success */
1445 if (!SafeToUnload)
1446 {
1449 }
1450
1452
1453 /* Set the unload invoked flag and call the unload routine */
1457
1458 /* Mark the driver object temporary, so it could be deleted later */
1460
1461 /* Dereference it 2 times */
1464
1466 }
1467 else
1468 {
1470
1471 /* Dereference one time (refd inside this function) */
1473
1474 /* Return unloading failure */
1476 }
1477}
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
_In_ PCWSTR _Inout_ _At_ QueryTable _Pre_unknown_ PRTL_QUERY_REGISTRY_TABLE QueryTable
Definition: rtlfuncs.h:4197
#define RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END
Definition: rtl.h:25
NTSTATUS NTAPI RtlFindCharInUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING SearchString, _In_ PCUNICODE_STRING MatchString, _Out_ PUSHORT Position)
NTSTATUS IopDoLoadUnloadDriver(_In_opt_ PUNICODE_STRING RegistryPath, _Inout_ PDRIVER_OBJECT *DriverObject)
Process load and unload driver operations. This is mostly for NtLoadDriver and NtUnloadDriver,...
Definition: driver.c:2084
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
NTSTATUS NTAPI ObReferenceObjectByName(IN PUNICODE_STRING ObjectPath, IN ULONG Attributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext, OUT PVOID *ObjectPtr)
Definition: obref.c:409
static __inline NTSTATUS ProbeAndCaptureUnicodeString(OUT PUNICODE_STRING Dest, IN KPROCESSOR_MODE CurrentMode, IN const UNICODE_STRING *UnsafeSrc)
Definition: probe.h:142
static __inline VOID ReleaseCapturedUnicodeString(IN PUNICODE_STRING CapturedString, IN KPROCESSOR_MODE CurrentMode)
Definition: probe.h:239
Definition: iotypes.h:928
Definition: nt_native.h:108
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
Referenced by NtUnloadDriver().
◆ IoRegisterBootDriverReinitialization()
| VOID NTAPI IoRegisterBootDriverReinitialization | ( | IN PDRIVER_OBJECT | DriverObject, |
| IN PDRIVER_REINITIALIZE | ReinitRoutine, | ||
| IN PVOID | Context | ||
| ) |
Definition at line 1753 of file driver.c.
1756{
1757 PDRIVER_REINIT_ITEM ReinitItem;
1758
1759 /* Allocate the entry */
1762 TAG_REINIT);
1763 if (!ReinitItem) return;
1764
1765 /* Fill it out */
1767 ReinitItem->ReinitRoutine = ReinitRoutine;
1769
1770 /* Set the Driver Object flag and insert the entry into the list */
1773 &ReinitItem->ItemEntry,
1774 &DriverBootReinitListLock);
1775}
PLIST_ENTRY NTAPI ExInterlockedInsertTailList(IN OUT PLIST_ENTRY ListHead, IN OUT PLIST_ENTRY ListEntry, IN OUT PKSPIN_LOCK Lock)
Definition: interlocked.c:140
Referenced by DriverEntry().
◆ IoRegisterDriverReinitialization()
| VOID NTAPI IoRegisterDriverReinitialization | ( | IN PDRIVER_OBJECT | DriverObject, |
| IN PDRIVER_REINITIALIZE | ReinitRoutine, | ||
| IN PVOID | Context | ||
| ) |
Definition at line 1782 of file driver.c.
1785{
1786 PDRIVER_REINIT_ITEM ReinitItem;
1787
1788 /* Allocate the entry */
1791 TAG_REINIT);
1792 if (!ReinitItem) return;
1793
1794 /* Fill it out */
1796 ReinitItem->ReinitRoutine = ReinitRoutine;
1798
1799 /* Set the Driver Object flag and insert the entry into the list */
1802 &ReinitItem->ItemEntry,
1803 &DriverReinitListLock);
1804}
Referenced by DiskBootDriverReinit(), and DriverEntry().
◆ LdrProcessDriverModule()
| NTSTATUS NTAPI LdrProcessDriverModule | ( | PLDR_DATA_TABLE_ENTRY | LdrEntry, |
| PUNICODE_STRING | FileName, | ||
| PLDR_DATA_TABLE_ENTRY * | ModuleObject | ||
| ) |
Definition at line 707 of file driver.c.
710{
712 UNICODE_STRING BaseName, BaseDirectory;
715 PWCHAR MissingDriverName;
717
718 /* Allocate a buffer we'll use for names */
721 TAG_LDR_WSTR);
723 {
724 /* Fail */
726 }
727
728 /* Check for a separator */
730 {
732 ULONG BaseLength;
733
734 /* Loop the path until we get to the base name */
737
738 /* Get the length */
741
742 /* Setup the string */
745 }
746 else
747 {
748 /* Otherwise, we already have a base name */
751 }
752
753 /* Setup the maximum length */
755
756 /* Now compute the base directory */
757 BaseDirectory = *FileName;
760
761 /* Resolve imports */
762 MissingApiName = Buffer;
764 &BaseDirectory,
765 NULL,
766 &MissingApiName,
767 &MissingDriverName,
768 &LoadedImports);
769
770 /* Free the temporary buffer */
772
773 /* Check the result of the imports resolution */
775
776 /* Return */
777 *ModuleObject = LdrEntry;
779}
NTSTATUS NTAPI MiResolveImageReferences(IN PVOID ImageBase, IN PUNICODE_STRING ImageFileDirectory, IN PUNICODE_STRING NamePrefix OPTIONAL, OUT PCHAR *MissingApi, OUT PWCHAR *MissingDriver, OUT PLOAD_IMPORTS *LoadImports)
Definition: sysldr.c:987
Definition: filecomp.c:348
Definition: ldrtypes.h:171
◆ MiResolveImageReferences()
| NTSTATUS NTAPI MiResolveImageReferences | ( | IN PVOID | ImageBase, |
| IN PUNICODE_STRING | ImageFileDirectory, | ||
| IN PUNICODE_STRING NamePrefix | OPTIONAL, | ||
| OUT PCHAR * | MissingApi, | ||
| OUT PWCHAR * | MissingDriver, | ||
| OUT PLOAD_IMPORTS * | LoadImports | ||
| ) |
Definition at line 987 of file sysldr.c.
993{
995 PCHAR MissingApiBuffer = *MissingApi, ImportName;
996 PIMAGE_IMPORT_DESCRIPTOR ImportDescriptor, CurrentImport;
997 ULONG ImportSize, ImportCount = 0, LoadedImportsSize, ExportSize;
998 PLOAD_IMPORTS LoadedImports, NewImports;
1001 ANSI_STRING TempString;
1002 UNICODE_STRING NameString, DllName;
1004 PVOID ImportBase, DllBase;
1005 PLIST_ENTRY NextEntry;
1006 PIMAGE_EXPORT_DIRECTORY ExportDirectory;
1008 PIMAGE_THUNK_DATA OrigThunk, FirstThunk;
1009 PAGED_CODE();
1011 __FUNCTION__, ImageBase, ImageFileDirectory);
1012
1013 /* No name string buffer yet */
1015
1016 /* Assume no imports */
1017 *LoadImports = MM_SYSLDR_NO_IMPORTS;
1018
1019 /* Get the import descriptor */
1020 ImportDescriptor = RtlImageDirectoryEntryToData(ImageBase,
1021 TRUE,
1023 &ImportSize);
1025
1026 /* Loop all imports to count them */
1027 for (CurrentImport = ImportDescriptor;
1029 CurrentImport++)
1030 {
1031 /* One more */
1032 ImportCount++;
1033 }
1034
1035 /* Make sure we have non-zero imports */
1036 if (ImportCount)
1037 {
1038 /* Calculate and allocate the list we'll need */
1041 LoadedImportsSize,
1042 TAG_LDR_IMPORTS);
1043 if (LoadedImports)
1044 {
1045 /* Zero it */
1046 RtlZeroMemory(LoadedImports, LoadedImportsSize);
1047 LoadedImports->Count = ImportCount;
1048 }
1049 }
1050 else
1051 {
1052 /* No table */
1053 LoadedImports = NULL;
1054 }
1055
1056 /* Reset the import count and loop descriptors again */
1057 ImportCount = GdiLink = NormalLink = 0;
1059 {
1060 /* Get the name */
1062
1063 /* Check if this is a GDI driver */
1064 GdiLink = GdiLink |
1066
1067 /* We can also allow dxapi (for Windows compat, allow IRT and coverage) */
1068 NormalLink = NormalLink |
1073
1074 /* Check if this is a valid GDI driver */
1075 if ((GdiLink) && (NormalLink))
1076 {
1077 /* It's not, it's importing stuff it shouldn't be! */
1079 goto Failure;
1080 }
1081
1082 /* Check for user-mode printer or video card drivers, which don't belong */
1089 {
1090 /* This is not kernel code */
1092 goto Failure;
1093 }
1094
1095 /* Check if this is a "core" import, which doesn't get referenced */
1099 {
1100 /* Don't reference this */
1101 ReferenceNeeded = FALSE;
1102 }
1103 else
1104 {
1105 /* Reference these modules */
1106 ReferenceNeeded = TRUE;
1107 }
1108
1109 /* Now setup a unicode string for the import */
1110 RtlInitAnsiString(&TempString, ImportName);
1113 {
1114 /* Failed */
1115 goto Failure;
1116 }
1117
1118 /* We don't support name prefixes yet */
1120
1121 /* Remember that we haven't loaded the import at this point */
1122CheckDllState:
1124 ImportBase = NULL;
1125
1126 /* Loop the driver list */
1129 {
1130 /* Get the loader entry and compare the name */
1131 LdrEntry = CONTAINING_RECORD(NextEntry,
1132 LDR_DATA_TABLE_ENTRY,
1133 InLoadOrderLinks);
1135 &LdrEntry->BaseDllName,
1136 TRUE))
1137 {
1138 /* Get the base address */
1139 ImportBase = LdrEntry->DllBase;
1140
1141 /* Check if we haven't loaded yet, and we need references */
1143 {
1144 /* Make sure we're not already loading */
1146 {
1147 /* Increase the load count */
1148 LdrEntry->LoadCount++;
1149 }
1150 }
1151
1152 /* Done, break out */
1153 break;
1154 }
1155
1156 /* Go to the next entry */
1157 NextEntry = NextEntry->Flink;
1158 }
1159
1160 /* Check if we haven't loaded the import yet */
1161 if (!ImportBase)
1162 {
1163 /* Setup the import DLL name */
1165 ImageFileDirectory->Length +
1168 DllName.MaximumLength,
1169 TAG_LDR_WSTR);
1171 {
1172 /* We're out of resources */
1174 goto Failure;
1175 }
1176
1177 /* Add the import name to the base directory */
1178 RtlCopyUnicodeString(&DllName, ImageFileDirectory);
1179 RtlAppendUnicodeStringToString(&DllName,
1180 &NameString);
1181
1182 /* Load the image */
1184 NamePrefix,
1185 NULL,
1186 FALSE,
1187 (PVOID *)&DllEntry,
1188 &DllBase);
1189
1190 /* win32k / GDI drivers can also import from system32 folder */
1193 {
1194 /* Free the old name buffer */
1196
1197 /* Calculate size for a string the adds 'drivers\' */
1199
1200 /* Allocate the new buffer */
1202 DllName.MaximumLength,
1203 TAG_LDR_WSTR);
1205 {
1206 /* We're out of resources */
1208 goto Failure;
1209 }
1210
1211 /* Copy image directory and append 'drivers\' folder name */
1212 RtlCopyUnicodeString(&DllName, ImageFileDirectory);
1213 RtlAppendUnicodeStringToString(&DllName, &DriversFolderName);
1214
1215 /* Now add the import name */
1216 RtlAppendUnicodeStringToString(&DllName, &NameString);
1217
1218 /* Try once again to load the image */
1220 NamePrefix,
1221 NULL,
1222 FALSE,
1223 (PVOID *)&DllEntry,
1224 &DllBase);
1225 }
1226
1228 {
1229 /* Fill out the information for the error */
1230 *MissingDriver = DllName.Buffer;
1231 *(PULONG)MissingDriver |= 1;
1232 *MissingApi = NULL;
1233
1235
1236 /* Don't free the name */
1238
1239 /* Cleanup and return */
1240 goto Failure;
1241 }
1242
1243 /* We can free the DLL Name */
1246
1247 /* We're now loaded */
1249
1250 /* Sanity check */
1251 ASSERT(DllBase == DllEntry->DllBase);
1252
1253 /* Call the initialization routines */
1256 {
1257 /* We failed, unload the image */
1258 MmUnloadSystemImage(DllEntry);
1261 }
1262
1263 /* Loop again to make sure that everything is OK */
1264 goto CheckDllState;
1265 }
1266
1267 /* Check if we're support to reference this import */
1268 if ((ReferenceNeeded) && (LoadedImports))
1269 {
1270 /* Make sure we're not already loading */
1272 {
1273 /* Add the entry */
1274 LoadedImports->Entry[ImportCount] = LdrEntry;
1275 ImportCount++;
1276 }
1277 }
1278
1279 /* Free the import name */
1280 RtlFreeUnicodeString(&NameString);
1281
1282 /* Set the missing driver name and get the export directory */
1284 ExportDirectory = RtlImageDirectoryEntryToData(ImportBase,
1285 TRUE,
1287 &ExportSize);
1288 if (!ExportDirectory)
1289 {
1290 /* Cleanup and return */
1293 goto Failure;
1294 }
1295
1296 /* Make sure we have an IAT */
1298 {
1299 /* Get the first thunks */
1301 ImportDescriptor->OriginalFirstThunk);
1303 ImportDescriptor->FirstThunk);
1304
1305 /* Loop the IAT */
1307 {
1308 /* Snap thunk */
1310 ImageBase,
1311 OrigThunk++,
1312 FirstThunk++,
1313 ExportDirectory,
1314 ExportSize,
1315 FALSE,
1316 MissingApi);
1318 {
1319 /* Cleanup and return */
1320 goto Failure;
1321 }
1322
1323 /* Reset the buffer */
1324 *MissingApi = MissingApiBuffer;
1325 }
1326 }
1327
1328 /* Go to the next import */
1329 ImportDescriptor++;
1330 }
1331
1332 /* Check if we have an import list */
1333 if (LoadedImports)
1334 {
1335 /* Reset the count again, and loop entries */
1336 ImportCount = 0;
1338 {
1340 {
1341 /* Got an entry, OR it with 1 in case it's the single entry */
1343 MM_SYSLDR_SINGLE_ENTRY);
1344 ImportCount++;
1345 }
1346 }
1347
1348 /* Check if we had no imports */
1349 if (!ImportCount)
1350 {
1351 /* Free the list and set it to no imports */
1353 LoadedImports = MM_SYSLDR_NO_IMPORTS;
1354 }
1355 else if (ImportCount == 1)
1356 {
1357 /* Just one entry, we can free the table and only use our entry */
1359 LoadedImports = (PLOAD_IMPORTS)ImportEntry;
1360 }
1362 {
1363 /* Allocate a new list */
1366 LoadedImportsSize,
1367 TAG_LDR_IMPORTS);
1368 if (NewImports)
1369 {
1370 /* Set count */
1371 NewImports->Count = 0;
1372
1373 /* Loop all the imports */
1375 {
1376 /* Make sure it's valid */
1378 {
1379 /* Copy it */
1381 NewImports->Count++;
1382 }
1383 }
1384
1385 /* Free the old copy */
1387 LoadedImports = NewImports;
1388 }
1389 }
1390
1391 /* Return the list */
1392 *LoadImports = LoadedImports;
1393 }
1394
1395 /* Return success */
1397
1398Failure:
1399
1400 /* Cleanup and return */
1401 RtlFreeUnicodeString(&NameString);
1402
1403 if (LoadedImports)
1404 {
1405 MiDereferenceImports(LoadedImports);
1407 }
1408
1410}
struct _LOAD_IMPORTS * PLOAD_IMPORTS
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
#define STATUS_DRIVER_ENTRYPOINT_NOT_FOUND
Definition: ntstatus.h:736
Definition: env_spec_w32.h:375
Definition: compat.h:156
Definition: ntimage.h:572
Definition: ntimage.h:510
union _IMAGE_THUNK_DATA32::@2114 u1
NTSTATUS NTAPI MiSnapThunk(IN PVOID DllBase, IN PVOID ImageBase, IN PIMAGE_THUNK_DATA Name, IN PIMAGE_THUNK_DATA Address, IN PIMAGE_EXPORT_DIRECTORY ExportDirectory, IN ULONG ExportSize, IN BOOLEAN SnapForwarder, OUT PCHAR *MissingApi)
Definition: sysldr.c:678
NTSTATUS NTAPI MiDereferenceImports(IN PLOAD_IMPORTS ImportList)
Definition: sysldr.c:382
NTSTATUS NTAPI MmLoadSystemImage(IN PUNICODE_STRING FileName, IN PUNICODE_STRING NamePrefix OPTIONAL, IN PUNICODE_STRING LoadedName OPTIONAL, IN ULONG Flags, OUT PVOID *ModuleObject, OUT PVOID *ImageBaseAddress)
Definition: sysldr.c:2885
NTSTATUS NTAPI MmCallDllInitialize(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN PLIST_ENTRY ListHead)
Definition: sysldr.c:295
Referenced by LdrProcessDriverModule(), and MmLoadSystemImage().
◆ NtLoadDriver()
| NTSTATUS NTAPI NtLoadDriver | ( | IN PUNICODE_STRING | DriverServiceName | ) |
Definition at line 2132 of file driver.c.
2133{
2138
2139 PAGED_CODE();
2140
2142
2143 /* Need the appropriate priviliege */
2145 {
2148 }
2149
2150 /* Capture the service name */
2152 PreviousMode,
2153 DriverServiceName);
2155 {
2157 }
2158
2160
2161 /* We need a service name */
2163 {
2166 }
2167
2168 /* Load driver and call its entry point */
2171
2174}
Referenced by NtStartDriver(), ScmLoadDriver(), and wmain().
◆ NtUnloadDriver()
| NTSTATUS NTAPI NtUnloadDriver | ( | IN PUNICODE_STRING | DriverServiceName | ) |
Definition at line 2193 of file driver.c.
2194{
2196}
NTSTATUS NTAPI IopUnloadDriver(PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)
Definition: driver.c:1254
Referenced by LoadVia_SystemExtendServiceTableInformation(), LoadVia_SystemLoadGdiDriverInformation(), NtStopDriver(), ScmUnloadDriver(), START_TEST(), and wmain().
Variable Documentation
◆ DriverBootReinitListHead
| LIST_ENTRY DriverBootReinitListHead |
Definition at line 26 of file driver.c.
Referenced by IoInitSystem(), IopReinitializeBootDrivers(), and IoRegisterBootDriverReinitialization().
◆ DriverBootReinitListLock
| KSPIN_LOCK DriverBootReinitListLock |
Definition at line 27 of file driver.c.
Referenced by IoInitSystem(), IopReinitializeBootDrivers(), and IoRegisterBootDriverReinitialization().
◆ DriverBootReinitTailEntry
| PLIST_ENTRY DriverBootReinitTailEntry |
◆ DriverReinitListHead
| LIST_ENTRY DriverReinitListHead |
Definition at line 21 of file driver.c.
Referenced by IoInitSystem(), IopReinitializeDrivers(), and IoRegisterDriverReinitialization().
◆ DriverReinitListLock
| KSPIN_LOCK DriverReinitListLock |
Definition at line 22 of file driver.c.
Referenced by IoInitSystem(), IopReinitializeDrivers(), and IoRegisterDriverReinitialization().
◆ DriverReinitTailEntry
| PLIST_ENTRY DriverReinitTailEntry |
◆ ExpInTextModeSetup
|
extern |
Definition at line 69 of file init.c.
Referenced by CmpGetRegistryPath(), DisplayBootBitmap(), ExpInitializeExecutive(), and IopDisplayLoadingMessage().
◆ IoDriverObjectType
| POBJECT_TYPE IoDriverObjectType = NULL |
Definition at line 33 of file driver.c.
Referenced by IoCreateDriver(), IopCreateObjectTypes(), IopGetDriverPathInformation(), IopInitializeDriverModule(), IopUnloadDriver(), PiAttachFilterDriversCallback(), and TestObjectTypes().
◆ IopDriverLoadResource
| ERESOURCE IopDriverLoadResource |
Definition at line 19 of file driver.c.
Referenced by IoInitSystem(), and IopLoadDriver().
◆ IopGroupIndex
| USHORT IopGroupIndex |
Definition at line 40 of file driver.c.
Referenced by IopInitializeBootDrivers().
◆ IopGroupTable
| PLIST_ENTRY IopGroupTable |
Definition at line 41 of file driver.c.
Referenced by IopInitializeBootDrivers().
◆ IopHardwareDatabaseKey
| UNICODE_STRING IopHardwareDatabaseKey |
◆ PiEnumerationFinished
|
extern |
Definition at line 50 of file devaction.c.
Referenced by IopReinitializeBootDrivers().
◆ PnPBootDriversLoaded
|
extern |
Definition at line 26 of file pnpinit.c.
Referenced by IopInitializeBootDrivers().
◆ PnpSystemInit
|
extern |
Definition at line 17 of file iomgr.c.
Referenced by IopInitializeDriverModule().
◆ ServicesKeyName
|
static |
Definition at line 31 of file driver.c.
Referenced by IopInitializeBuiltinDriver(), and MmCallDllInitialize().
