#include <ntoskrnl.h>
#include <debug.h>

Include dependency graph for driver.c:

Classes
struct	_LOAD_UNLOAD_PARAMS

Macros
#define	NDEBUG

#define	TAG_RTLREGISTRY 'vrqR'

Typedefs
typedef struct _LOAD_UNLOAD_PARAMS	LOAD_UNLOAD_PARAMS

typedef struct _LOAD_UNLOAD_PARAMS *	PLOAD_UNLOAD_PARAMS

Functions
NTSTATUS	IopDoLoadUnloadDriver (_In_opt_ PUNICODE_STRING RegistryPath, _Inout_ PDRIVER_OBJECT *DriverObject)
	Process load and unload driver operations. This is mostly for NtLoadDriver and NtUnloadDriver, because their code should run inside PsInitialSystemProcess. More...

NTSTATUS NTAPI	IopInvalidDeviceRequest (PDEVICE_OBJECT DeviceObject, PIRP Irp)

VOID NTAPI	IopDeleteDriver (IN PVOID ObjectBody)

NTSTATUS	IopGetDriverNames (_In_ HANDLE ServiceHandle, _Out_ PUNICODE_STRING DriverName, _Out_opt_ PUNICODE_STRING ServiceName)

BOOLEAN NTAPI	IopSuffixUnicodeString (IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2)

VOID FASTCALL	IopDisplayLoadingMessage (PUNICODE_STRING ServiceName)

NTSTATUS FASTCALL	IopNormalizeImagePath (_Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING ImagePath, _In_ PUNICODE_STRING ServiceName)

NTSTATUS	IopInitializeDriverModule (_In_ PLDR_DATA_TABLE_ENTRY ModuleObject, _In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT OutDriverObject, _Out_ NTSTATUS DriverEntryStatus)
	Initialize a loaded driver. More...

NTSTATUS NTAPI	MiResolveImageReferences (IN PVOID ImageBase, IN PUNICODE_STRING ImageFileDirectory, IN PUNICODE_STRING NamePrefix OPTIONAL, OUT PCHAR MissingApi, OUT PWCHAR MissingDriver, OUT PLOAD_IMPORTS *LoadImports)

NTSTATUS NTAPI	LdrProcessDriverModule (PLDR_DATA_TABLE_ENTRY LdrEntry, PUNICODE_STRING FileName, PLDR_DATA_TABLE_ENTRY *ModuleObject)

PDEVICE_OBJECT	IopGetDeviceObjectFromDeviceInstance (PUNICODE_STRING DeviceInstance)

BOOLEAN	IopInitializeBuiltinDriver (IN PLDR_DATA_TABLE_ENTRY BootLdrEntry)

VOID FASTCALL	IopInitializeBootDrivers (VOID)

VOID FASTCALL	IopInitializeSystemDrivers (VOID)

NTSTATUS NTAPI	IopUnloadDriver (PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)

VOID NTAPI	IopReinitializeDrivers (VOID)

VOID NTAPI	IopReinitializeBootDrivers (VOID)

NTSTATUS NTAPI	IoCreateDriver (_In_opt_ PUNICODE_STRING DriverName, _In_ PDRIVER_INITIALIZE InitializationFunction)

VOID NTAPI	IoDeleteDriver (IN PDRIVER_OBJECT DriverObject)

VOID NTAPI	IoRegisterBootDriverReinitialization (IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)

VOID NTAPI	IoRegisterDriverReinitialization (IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)

NTSTATUS NTAPI	IoAllocateDriverObjectExtension (IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress, IN ULONG DriverObjectExtensionSize, OUT PVOID *DriverObjectExtension)

PVOID NTAPI	IoGetDriverObjectExtension (IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress)

NTSTATUS	IopLoadDriver (_In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT *DriverObject)

static VOID NTAPI	IopLoadUnloadDriverWorker (_Inout_ PVOID Parameter)

NTSTATUS NTAPI	NtLoadDriver (IN PUNICODE_STRING DriverServiceName)

NTSTATUS NTAPI	NtUnloadDriver (IN PUNICODE_STRING DriverServiceName)

Variables
ERESOURCE	IopDriverLoadResource

LIST_ENTRY	DriverReinitListHead

KSPIN_LOCK	DriverReinitListLock

PLIST_ENTRY	DriverReinitTailEntry

PLIST_ENTRY	DriverBootReinitTailEntry

LIST_ENTRY	DriverBootReinitListHead

KSPIN_LOCK	DriverBootReinitListLock

UNICODE_STRING	IopHardwareDatabaseKey

static const WCHAR	ServicesKeyName [] = L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\"

POBJECT_TYPE	IoDriverObjectType = NULL

BOOLEAN	ExpInTextModeSetup

BOOLEAN	PnpSystemInit

BOOLEAN	PnPBootDriversLoaded

KEVENT	PiEnumerationFinished

USHORT	IopGroupIndex

PLIST_ENTRY	IopGroupTable

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 14 of file driver.c.

◆ TAG_RTLREGISTRY

#define TAG_RTLREGISTRY 'vrqR'

Definition at line 35 of file driver.c.

Typedef Documentation

◆ LOAD_UNLOAD_PARAMS

typedef struct _LOAD_UNLOAD_PARAMS LOAD_UNLOAD_PARAMS

◆ PLOAD_UNLOAD_PARAMS

typedef struct _LOAD_UNLOAD_PARAMS * PLOAD_UNLOAD_PARAMS

Function Documentation

◆ IoAllocateDriverObjectExtension()

NTSTATUS NTAPI IoAllocateDriverObjectExtension	(	IN PDRIVER_OBJECT	DriverObject,
		IN PVOID	ClientIdentificationAddress,
		IN ULONG	DriverObjectExtensionSize,
		OUT PVOID *	DriverObjectExtension
	)

Definition at line 1761 of file driver.c.

 {
     KIRQL OldIrql;
     PIO_CLIENT_EXTENSION DriverExtensions, NewDriverExtension;
     BOOLEAN Inserted = FALSE;
 
     /* Assume failure */
     *DriverObjectExtension = NULL;
 
     /* Allocate the extension */
     NewDriverExtension = ExAllocatePoolWithTag(NonPagedPool,
                                                sizeof(IO_CLIENT_EXTENSION) +
                                                DriverObjectExtensionSize,
                                                TAG_DRIVER_EXTENSION);
     if (!NewDriverExtension) return STATUS_INSUFFICIENT_RESOURCES;
 
     /* Clear the extension for teh caller */
     RtlZeroMemory(NewDriverExtension,
                   sizeof(IO_CLIENT_EXTENSION) + DriverObjectExtensionSize);
 
     /* Acqure lock */
     OldIrql = KeRaiseIrqlToDpcLevel();
 
     /* Fill out the extension */
     NewDriverExtension->ClientIdentificationAddress = ClientIdentificationAddress;
 
     /* Loop the current extensions */
     DriverExtensions = IoGetDrvObjExtension(DriverObject)->
                        ClientDriverExtension;
     while (DriverExtensions)
     {
         /* Check if the identifier matches */
         if (DriverExtensions->ClientIdentificationAddress ==
             ClientIdentificationAddress)
         {
             /* We have a collision, break out */
             break;
         }
 
         /* Go to the next one */
         DriverExtensions = DriverExtensions->NextExtension;
     }
 
     /* Check if we didn't collide */
     if (!DriverExtensions)
     {
         /* Link this one in */
         NewDriverExtension->NextExtension =
             IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
         IoGetDrvObjExtension(DriverObject)->ClientDriverExtension =
             NewDriverExtension;
         Inserted = TRUE;
     }
 
     /* Release the lock */
     KeLowerIrql(OldIrql);
 
     /* Check if insertion failed */
     if (!Inserted)
     {
         /* Free the entry and fail */
         ExFreePoolWithTag(NewDriverExtension, TAG_DRIVER_EXTENSION);
         return STATUS_OBJECT_NAME_COLLISION;
     }
 
     /* Otherwise, return the pointer */
     *DriverObjectExtension = NewDriverExtension + 1;
     return STATUS_SUCCESS;
 }

Referenced by _IRQL_requires_max_(), DriverEntry(), HidRegisterMinidriver(), KoDriverInitialize(), KsInitializeDriver(), Mx::MxAllocateDriverObjectExtension(), NdisMRegisterMiniport(), PciIdeXInitialize(), ScsiPortInitialize(), StorPortInitialize(), StreamClassRegisterAdapter(), VideoPortInitialize(), and WdfWriteKmdfVersionToRegistry().

◆ IoCreateDriver()

NTSTATUS NTAPI IoCreateDriver	(	_In_opt_ PUNICODE_STRING	DriverName,
		_In_ PDRIVER_INITIALIZE	InitializationFunction
	)

Definition at line 1512 of file driver.c.

 {
     WCHAR NameBuffer[100];
     USHORT NameLength;
     UNICODE_STRING LocalDriverName;
     NTSTATUS Status;
     OBJECT_ATTRIBUTES ObjectAttributes;
     ULONG ObjectSize;
     PDRIVER_OBJECT DriverObject;
     UNICODE_STRING ServiceKeyName;
     HANDLE hDriver;
     ULONG i, RetryCount = 0;
 
 try_again:
     /* First, create a unique name for the driver if we don't have one */
     if (!DriverName)
     {
         /* Create a random name and set up the string */
         NameLength = (USHORT)swprintf(NameBuffer,
                                       DRIVER_ROOT_NAME L"%08u",
                                       KeTickCount.LowPart);
         LocalDriverName.Length = NameLength * sizeof(WCHAR);
         LocalDriverName.MaximumLength = LocalDriverName.Length + sizeof(UNICODE_NULL);
         LocalDriverName.Buffer = NameBuffer;
     }
     else
     {
         /* So we can avoid another code path, use a local var */
         LocalDriverName = *DriverName;
     }
 
     /* Initialize the Attributes */
     ObjectSize = sizeof(DRIVER_OBJECT) + sizeof(EXTENDED_DRIVER_EXTENSION);
     InitializeObjectAttributes(&ObjectAttributes,
                                &LocalDriverName,
                                OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                NULL,
                                NULL);
 
     /* Create the Object */
     Status = ObCreateObject(KernelMode,
                             IoDriverObjectType,
                             &ObjectAttributes,
                             KernelMode,
                             NULL,
                             ObjectSize,
                             0,
                             0,
                             (PVOID*)&DriverObject);
     if (!NT_SUCCESS(Status)) return Status;
 
     DPRINT("IopCreateDriver(): created DO %p\n", DriverObject);
 
     /* Set up the Object */
     RtlZeroMemory(DriverObject, ObjectSize);
     DriverObject->Type = IO_TYPE_DRIVER;
     DriverObject->Size = sizeof(DRIVER_OBJECT);
     DriverObject->Flags = DRVO_BUILTIN_DRIVER;
     DriverObject->DriverExtension = (PDRIVER_EXTENSION)(DriverObject + 1);
     DriverObject->DriverExtension->DriverObject = DriverObject;
     DriverObject->DriverInit = InitializationFunction;
     /* Loop all Major Functions */
     for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /* Invalidate each function */
         DriverObject->MajorFunction[i] = IopInvalidDeviceRequest;
     }
 
     /* Set up the service key name buffer */
     ServiceKeyName.MaximumLength = LocalDriverName.Length + sizeof(UNICODE_NULL);
     ServiceKeyName.Buffer = ExAllocatePoolWithTag(PagedPool, LocalDriverName.MaximumLength, TAG_IO);
     if (!ServiceKeyName.Buffer)
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     /* For builtin drivers, the ServiceKeyName is equal to DriverName */
     RtlCopyUnicodeString(&ServiceKeyName, &LocalDriverName);
     ServiceKeyName.Buffer[ServiceKeyName.Length / sizeof(WCHAR)] = UNICODE_NULL;
     DriverObject->DriverExtension->ServiceKeyName = ServiceKeyName;
 
     /* Make a copy of the driver name to store in the driver object */
     DriverObject->DriverName.MaximumLength = LocalDriverName.Length;
     DriverObject->DriverName.Buffer = ExAllocatePoolWithTag(PagedPool,
                                                             DriverObject->DriverName.MaximumLength,
                                                             TAG_IO);
     if (!DriverObject->DriverName.Buffer)
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     RtlCopyUnicodeString(&DriverObject->DriverName, &LocalDriverName);
 
     /* Add the Object and get its handle */
     Status = ObInsertObject(DriverObject,
                             NULL,
                             FILE_READ_DATA,
                             0,
                             NULL,
                             &hDriver);
 
     /* Eliminate small possibility when this function is called more than
        once in a row, and KeTickCount doesn't get enough time to change */
     if (!DriverName && (Status == STATUS_OBJECT_NAME_COLLISION) && (RetryCount < 100))
     {
         RetryCount++;
         goto try_again;
     }
 
     if (!NT_SUCCESS(Status)) return Status;
 
     /* Now reference it */
     Status = ObReferenceObjectByHandle(hDriver,
                                        0,
                                        IoDriverObjectType,
                                        KernelMode,
                                        (PVOID*)&DriverObject,
                                        NULL);
 
     /* Close the extra handle */
     ZwClose(hDriver);
 
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return Status;
     }
 
     /* Finally, call its init function */
     DPRINT("Calling driver entrypoint at %p\n", InitializationFunction);
     Status = (*InitializationFunction)(DriverObject, NULL);
     if (!NT_SUCCESS(Status))
     {
         /* If it didn't work, then kill the object */
         DPRINT1("'%wZ' initialization failed, status (0x%08lx)\n", DriverName, Status);
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return Status;
     }
 
     // Windows does this fixup - keep it for compatibility
     for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /*
          * Make sure the driver didn't set any dispatch entry point to NULL!
          * Doing so is illegal; drivers shouldn't touch entry points they
          * do not implement.
          */
 
         /* Check if it did so anyway */
         if (!DriverObject->MajorFunction[i])
         {
             /* Print a warning in the debug log */
             DPRINT1("Driver <%wZ> set DriverObject->MajorFunction[%lu] to NULL!\n",
                     &DriverObject->DriverName, i);
 
             /* Fix it up */
             DriverObject->MajorFunction[i] = IopInvalidDeviceRequest;
         }
     }
 
     /* Return the Status */
     return Status;
 }

Referenced by HaliInitPnpDriver(), IopInitializeBootDrivers(), IopInitializePlugPlayServices(), and WmiInitialize().

◆ IoDeleteDriver()

VOID NTAPI IoDeleteDriver ( IN PDRIVER_OBJECT DriverObject )

Definition at line 1692 of file driver.c.

 {
     /* Simply dereference the Object */
     ObDereferenceObject(DriverObject);
 }

◆ IoGetDriverObjectExtension()

PVOID NTAPI IoGetDriverObjectExtension	(	IN PDRIVER_OBJECT	DriverObject,
		IN PVOID	ClientIdentificationAddress
	)

Definition at line 1839 of file driver.c.

 {
     KIRQL OldIrql;
     PIO_CLIENT_EXTENSION DriverExtensions;
 
     /* Acquire lock */
     OldIrql = KeRaiseIrqlToDpcLevel();
 
     /* Loop the list until we find the right one */
     DriverExtensions = IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
     while (DriverExtensions)
     {
         /* Check for a match */
         if (DriverExtensions->ClientIdentificationAddress ==
             ClientIdentificationAddress)
         {
             /* Break out */
             break;
         }
 
         /* Keep looping */
         DriverExtensions = DriverExtensions->NextExtension;
     }
 
     /* Release lock */
     KeLowerIrql(OldIrql);
 
     /* Return nothing or the extension */
     if (!DriverExtensions) return NULL;
     return DriverExtensions + 1;
 }

Referenced by _Dispatch_type_(), _IRQL_requires_max_(), ClassAddDevice(), ClassDispatchPnp(), ClassGetPdoId(), ClassPnpQueryFdoRelations(), ClassPnpStartDevice(), ClassUnload(), ConDrvCreateController(), ConDrvDeleteController(), CreateClassDeviceObject(), CreateGreenFdo(), DestroyPortDriver(), GreenAddDevice(), GreenDispatch(), HidClassAddDevice(), i8042RemoveDevice(), IntVideoPortAddDevice(), IntVideoPortFilterResourceRequirements(), IntVideoPortPnPStartDevice(), KeyboardAddDevice(), KopDispatchCreate(), KsAddDevice(), Mx::MxGetDriverObjectExtension(), NdisIAddDevice(), PciIdeXAddDevice(), PciIdeXFdoStartDevice(), PortAddDevice(), PortUnload(), ScreenAddDevice(), ScsiPortInitialize(), SermouseAddDevice(), StorPortInitialize(), StreamClassAddDevice(), StreamClassStartDevice(), VfdCreateDevice(), VfdDeleteDevice(), VfdStoreLink(), VfdUnloadDriver(), VideoPortGetAccessRanges(), VideoPortInitialize(), and WdfDeleteKmdfVersionFromRegistry().

◆ IopDeleteDriver()

VOID NTAPI IopDeleteDriver ( IN PVOID ObjectBody )

Definition at line 79 of file driver.c.

 {
     PDRIVER_OBJECT DriverObject = ObjectBody;
     PIO_CLIENT_EXTENSION DriverExtension, NextDriverExtension;
     PAGED_CODE();
 
     DPRINT1("Deleting driver object '%wZ'\n", &DriverObject->DriverName);
 
     /* There must be no device objects remaining at this point */
     ASSERT(!DriverObject->DeviceObject);
 
     /* Get the extension and loop them */
     DriverExtension = IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
     while (DriverExtension)
     {
         /* Get the next one */
         NextDriverExtension = DriverExtension->NextExtension;
         ExFreePoolWithTag(DriverExtension, TAG_DRIVER_EXTENSION);
 
         /* Move on */
         DriverExtension = NextDriverExtension;
     }
 
     /* Check if the driver image is still loaded */
     if (DriverObject->DriverSection)
     {
         /* Unload it */
         MmUnloadSystemImage(DriverObject->DriverSection);
     }
 
     /* Check if it has a name */
     if (DriverObject->DriverName.Buffer)
     {
         /* Free it */
         ExFreePool(DriverObject->DriverName.Buffer);
     }
 
     /* Check if it has a service key name */
     if (DriverObject->DriverExtension->ServiceKeyName.Buffer)
     {
         /* Free it */
         ExFreePool(DriverObject->DriverExtension->ServiceKeyName.Buffer);
     }
 }

Referenced by IopCreateObjectTypes().

◆ IopDisplayLoadingMessage()

VOID FASTCALL IopDisplayLoadingMessage ( PUNICODE_STRING ServiceName )

Definition at line 295 of file driver.c.

 {
     CHAR TextBuffer[256];
     UNICODE_STRING DotSys = RTL_CONSTANT_STRING(L".SYS");
 
     if (ExpInTextModeSetup) return;
     if (!KeLoaderBlock) return;
     RtlUpcaseUnicodeString(ServiceName, ServiceName, FALSE);
     snprintf(TextBuffer, sizeof(TextBuffer),
             "%s%sSystem32\\Drivers\\%wZ%s\r\n",
             KeLoaderBlock->ArcBootDeviceName,
             KeLoaderBlock->NtBootPathName,
             ServiceName,
             IopSuffixUnicodeString(&DotSys, ServiceName) ? "" : ".SYS");
     HalDisplayString(TextBuffer);
 }

Referenced by IopInitializeBuiltinDriver(), and IopLoadDriver().

◆ IopDoLoadUnloadDriver()

NTSTATUS IopDoLoadUnloadDriver	(	_In_opt_ PUNICODE_STRING	RegistryPath,
		_Inout_ PDRIVER_OBJECT *	DriverObject
	)

Process load and unload driver operations. This is mostly for NtLoadDriver and NtUnloadDriver, because their code should run inside PsInitialSystemProcess.

Parameters

[in]	RegistryPath	The registry path
	DriverObject	The driver object

Returns: Status of the operation

Definition at line 2033 of file driver.c.

 {
     LOAD_UNLOAD_PARAMS LoadParams;
 
     /* Prepare parameters block */
     LoadParams.RegistryPath = RegistryPath;
     LoadParams.DriverObject = *DriverObject;
 
     if (PsGetCurrentProcess() != PsInitialSystemProcess)
     {
         LoadParams.SetEvent = TRUE;
         KeInitializeEvent(&LoadParams.Event, NotificationEvent, FALSE);
 
         /* Initialize and queue a work item */
         ExInitializeWorkItem(&LoadParams.WorkItem, IopLoadUnloadDriverWorker, &LoadParams);
         ExQueueWorkItem(&LoadParams.WorkItem, DelayedWorkQueue);
 
         /* And wait till it completes */
         KeWaitForSingleObject(&LoadParams.Event, UserRequest, KernelMode, FALSE, NULL);
     }
     else
     {
         /* If we're already in a system process, call it right here */
         LoadParams.SetEvent = FALSE;
         IopLoadUnloadDriverWorker(&LoadParams);
     }
 
     return LoadParams.Status;
 }

Referenced by IopUnloadDriver(), and NtLoadDriver().

◆ IopGetDeviceObjectFromDeviceInstance()

PDEVICE_OBJECT IopGetDeviceObjectFromDeviceInstance ( PUNICODE_STRING DeviceInstance )

Definition at line 122 of file plugplay.c.

 {
     if (IopRootDeviceNode == NULL)
         return NULL;
 
     if (DeviceInstance == NULL ||
         DeviceInstance->Length == 0)
     {
         if (IopRootDeviceNode->PhysicalDeviceObject)
         {
             ObReferenceObject(IopRootDeviceNode->PhysicalDeviceObject);
             return IopRootDeviceNode->PhysicalDeviceObject;
         }
         else
             return NULL;
     }
 
     return IopTraverseDeviceNode(IopRootDeviceNode, DeviceInstance);
 }

Referenced by IopInitializeBuiltinDriver().

◆ IopGetDriverNames()

NTSTATUS IopGetDriverNames	(	_In_ HANDLE	ServiceHandle,
		_Out_ PUNICODE_STRING	DriverName,
		_Out_opt_ PUNICODE_STRING	ServiceName
	)

Definition at line 125 of file driver.c.

 {
     UNICODE_STRING driverName = {.Buffer = NULL}, serviceName;
     PKEY_VALUE_FULL_INFORMATION kvInfo;
     NTSTATUS status;
 
     PAGED_CODE();
 
     // 1. Check the "ObjectName" field in the driver's registry key (it has the priority)
     status = IopGetRegistryValue(ServiceHandle, L"ObjectName", &kvInfo);
     if (NT_SUCCESS(status))
     {
         // we're got the ObjectName. Use it to create the DRIVER_OBJECT
         if (kvInfo->Type != REG_SZ || kvInfo->DataLength == 0)
         {
             ExFreePool(kvInfo);
             return STATUS_ILL_FORMED_SERVICE_ENTRY;
         }
 
         driverName.Length = kvInfo->DataLength - sizeof(WCHAR),
         driverName.MaximumLength = kvInfo->DataLength,
         driverName.Buffer = ExAllocatePoolWithTag(NonPagedPool, driverName.MaximumLength, TAG_IO);
         if (!driverName.Buffer)
         {
             ExFreePool(kvInfo);
             return STATUS_INSUFFICIENT_RESOURCES;
         }
 
         RtlMoveMemory(driverName.Buffer,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       driverName.Length);
         ExFreePool(kvInfo);
     }
 
     // check if we need to get ServiceName as well
     PKEY_BASIC_INFORMATION basicInfo;
     if (!NT_SUCCESS(status) || ServiceName != NULL)
     {
         ULONG infoLength;
         status = ZwQueryKey(ServiceHandle, KeyBasicInformation, NULL, 0, &infoLength);
         if (status == STATUS_BUFFER_TOO_SMALL)
         {
             basicInfo = ExAllocatePoolWithTag(PagedPool, infoLength, TAG_IO);
             if (!basicInfo)
             {
                 return STATUS_INSUFFICIENT_RESOURCES;
             }
 
             status = ZwQueryKey(ServiceHandle, KeyBasicInformation, basicInfo, infoLength, &infoLength);
             if (!NT_SUCCESS(status))
             {
                 ExFreePoolWithTag(basicInfo, TAG_IO);
                 return status;
             }
 
             serviceName.Length = basicInfo->NameLength;
             serviceName.MaximumLength = basicInfo->NameLength;
             serviceName.Buffer = basicInfo->Name;
         }
         else
         {
             return NT_SUCCESS(status) ? STATUS_UNSUCCESSFUL : status;
         }
     }
 
     // 2. there is no "ObjectName" - construct it ourselves. Depending on a driver type,
     // it will be either "\Driver<ServiceName>" or "\FileSystem<ServiceName>"
     if (driverName.Buffer == NULL)
     {
         status = IopGetRegistryValue(ServiceHandle, L"Type", &kvInfo);
         if (!NT_SUCCESS(status))
         {
             ExFreePoolWithTag(basicInfo, TAG_IO);
             return status;
         }
         if (kvInfo->Type != REG_DWORD)
         {
             ExFreePool(kvInfo);
             ExFreePoolWithTag(basicInfo, TAG_IO); // container for serviceName
             return STATUS_ILL_FORMED_SERVICE_ENTRY;
         }
 
         UINT32 driverType;
         RtlMoveMemory(&driverType, (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset), sizeof(UINT32));
         ExFreePool(kvInfo);
 
         driverName.Length = 0;
         if (driverType == SERVICE_RECOGNIZER_DRIVER || driverType == SERVICE_FILE_SYSTEM_DRIVER)
             driverName.MaximumLength = sizeof(FILESYSTEM_ROOT_NAME) + serviceName.Length;
         else
             driverName.MaximumLength = sizeof(DRIVER_ROOT_NAME) + serviceName.Length;
         driverName.Buffer = ExAllocatePoolWithTag(NonPagedPool, driverName.MaximumLength, TAG_IO);
         if (!driverName.Buffer)
         {
             ExFreePoolWithTag(basicInfo, TAG_IO); // container for serviceName
             return STATUS_INSUFFICIENT_RESOURCES;
         }
 
         if (driverType == SERVICE_RECOGNIZER_DRIVER || driverType == SERVICE_FILE_SYSTEM_DRIVER)
             RtlAppendUnicodeToString(&driverName, FILESYSTEM_ROOT_NAME);
         else
             RtlAppendUnicodeToString(&driverName, DRIVER_ROOT_NAME);
 
         RtlAppendUnicodeStringToString(&driverName, &serviceName);
     }
 
     if (ServiceName)
     {
         PWCHAR buf = ExAllocatePoolWithTag(PagedPool, serviceName.Length, TAG_IO);
         if (!buf)
         {
             ExFreePoolWithTag(basicInfo, TAG_IO); // container for serviceName
             ExFreePoolWithTag(driverName.Buffer, TAG_IO);
             return STATUS_INSUFFICIENT_RESOURCES;
         }
         RtlMoveMemory(buf, serviceName.Buffer, serviceName.Length);
         ServiceName->MaximumLength = serviceName.Length;
         ServiceName->Length = serviceName.Length;
         ServiceName->Buffer = buf;
     }
     ExFreePoolWithTag(basicInfo, TAG_IO); // container for ServiceName
 
     *DriverName = driverName;
 
     return STATUS_SUCCESS;
 }

Referenced by IopInitializeDriverModule(), and PiAttachFilterDriversCallback().

◆ IopInitializeBootDrivers()

VOID FASTCALL IopInitializeBootDrivers ( VOID )

Definition at line 965 of file driver.c.

 {
     PLIST_ENTRY ListHead, NextEntry, NextEntry2;
     PLDR_DATA_TABLE_ENTRY LdrEntry;
     NTSTATUS Status;
     UNICODE_STRING DriverName;
     ULONG i, Index;
     PDRIVER_INFORMATION DriverInfo, DriverInfoTag;
     HANDLE KeyHandle;
     PBOOT_DRIVER_LIST_ENTRY BootEntry;
     DPRINT("IopInitializeBootDrivers()\n");
 
     /* Create the RAW FS built-in driver */
     RtlInitUnicodeString(&DriverName, L"\\FileSystem\\RAW");
 
     Status = IoCreateDriver(&DriverName, RawFsDriverEntry);
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         return;
     }
 
     /* Get highest group order index */
     IopGroupIndex = PpInitGetGroupOrderIndex(NULL);
     if (IopGroupIndex == 0xFFFF) ASSERT(FALSE);
 
     /* Allocate the group table */
     IopGroupTable = ExAllocatePoolWithTag(PagedPool,
                                           IopGroupIndex * sizeof(LIST_ENTRY),
                                           TAG_IO);
     if (IopGroupTable == NULL) ASSERT(FALSE);
 
     /* Initialize the group table lists */
     for (i = 0; i < IopGroupIndex; i++) InitializeListHead(&IopGroupTable[i]);
 
     /* Loop the boot modules */
     ListHead = &KeLoaderBlock->LoadOrderListHead;
     NextEntry = ListHead->Flink;
     while (ListHead != NextEntry)
     {
         /* Get the entry */
         LdrEntry = CONTAINING_RECORD(NextEntry,
                                      LDR_DATA_TABLE_ENTRY,
                                      InLoadOrderLinks);
 
         /* Check if the DLL needs to be initialized */
         if (LdrEntry->Flags & LDRP_DRIVER_DEPENDENT_DLL)
         {
             /* Call its entrypoint */
             MmCallDllInitialize(LdrEntry, NULL);
         }
 
         /* Go to the next driver */
         NextEntry = NextEntry->Flink;
     }
 
     /* Loop the boot drivers */
     ListHead = &KeLoaderBlock->BootDriverListHead;
     NextEntry = ListHead->Flink;
     while (ListHead != NextEntry)
     {
         /* Get the entry */
         BootEntry = CONTAINING_RECORD(NextEntry,
                                       BOOT_DRIVER_LIST_ENTRY,
                                       Link);
 
         /* Get the driver loader entry */
         LdrEntry = BootEntry->LdrEntry;
 
         /* Allocate our internal accounting structure */
         DriverInfo = ExAllocatePoolWithTag(PagedPool,
                                            sizeof(DRIVER_INFORMATION),
                                            TAG_IO);
         if (DriverInfo)
         {
             /* Zero it and initialize it */
             RtlZeroMemory(DriverInfo, sizeof(DRIVER_INFORMATION));
             InitializeListHead(&DriverInfo->Link);
             DriverInfo->DataTableEntry = BootEntry;
 
             /* Open the registry key */
             Status = IopOpenRegistryKeyEx(&KeyHandle,
                                           NULL,
                                           &BootEntry->RegistryPath,
                                           KEY_READ);
             DPRINT("IopOpenRegistryKeyEx(%wZ) returned 0x%08lx\n", &BootEntry->RegistryPath, Status);
 #if 0
             if (NT_SUCCESS(Status))
 #else // Hack still needed...
             if ((NT_SUCCESS(Status)) || /* ReactOS HACK for SETUPLDR */
                 ((KeLoaderBlock->SetupLdrBlock) && ((KeyHandle = (PVOID)1)))) // yes, it's an assignment!
 #endif
             {
                 /* Save the handle */
                 DriverInfo->ServiceHandle = KeyHandle;
 
                 /* Get the group oder index */
                 Index = PpInitGetGroupOrderIndex(KeyHandle);
 
                 /* Get the tag position */
                 DriverInfo->TagPosition = PipGetDriverTagPriority(KeyHandle);
 
                 /* Insert it into the list, at the right place */
                 ASSERT(Index < IopGroupIndex);
                 NextEntry2 = IopGroupTable[Index].Flink;
                 while (NextEntry2 != &IopGroupTable[Index])
                 {
                     /* Get the driver info */
                     DriverInfoTag = CONTAINING_RECORD(NextEntry2,
                                                       DRIVER_INFORMATION,
                                                       Link);
 
                     /* Check if we found the right tag position */
                     if (DriverInfoTag->TagPosition > DriverInfo->TagPosition)
                     {
                         /* We're done */
                         break;
                     }
 
                     /* Next entry */
                     NextEntry2 = NextEntry2->Flink;
                 }
 
                 /* Insert us right before the next entry */
                 NextEntry2 = NextEntry2->Blink;
                 InsertHeadList(NextEntry2, &DriverInfo->Link);
             }
         }
 
         /* Go to the next driver */
         NextEntry = NextEntry->Flink;
     }
 
     /* Loop each group index */
     for (i = 0; i < IopGroupIndex; i++)
     {
         /* Loop each group table */
         NextEntry = IopGroupTable[i].Flink;
         while (NextEntry != &IopGroupTable[i])
         {
             /* Get the entry */
             DriverInfo = CONTAINING_RECORD(NextEntry,
                                            DRIVER_INFORMATION,
                                            Link);
 
             /* Get the driver loader entry */
             LdrEntry = DriverInfo->DataTableEntry->LdrEntry;
 
             /* Initialize it */
             if (IopInitializeBuiltinDriver(LdrEntry))
             {
                 // it does not make sense to enumerate the tree if there are no new devices added
                 PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                                     PiActionEnumRootDevices,
                                     NULL,
                                     NULL);
             }           
 
             /* Next entry */
             NextEntry = NextEntry->Flink;
         }
     }
 
     /* HAL Root Bus is being initialized before loading the boot drivers so this may cause issues
      * when some devices are not being initialized with their drivers. This flag is used to delay
      * all actions with devices (except PnP root device) until boot drivers are loaded.
      * See PiQueueDeviceAction function
      */
     PnPBootDriversLoaded = TRUE;
 
     DbgPrint("BOOT DRIVERS LOADED\n");
 
     PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                         PiActionEnumDeviceTree,
                         NULL,
                         NULL);
 }

Referenced by IoInitSystem().

◆ IopInitializeBuiltinDriver()

BOOLEAN IopInitializeBuiltinDriver ( IN PLDR_DATA_TABLE_ENTRY BootLdrEntry )

Definition at line 756 of file driver.c.

 {
     PDRIVER_OBJECT DriverObject;
     NTSTATUS Status;
     PWCHAR Buffer, FileNameWithoutPath;
     PWSTR FileExtension;
     PUNICODE_STRING ModuleName = &BootLdrEntry->BaseDllName;
     PLDR_DATA_TABLE_ENTRY LdrEntry;
     PLIST_ENTRY NextEntry;
     UNICODE_STRING ServiceName;
     BOOLEAN Success;
 
     /*
      * Display 'Loading XXX...' message
      */
     IopDisplayLoadingMessage(ModuleName);
     InbvIndicateProgress();
 
     Buffer = ExAllocatePoolWithTag(PagedPool,
                                    ModuleName->Length + sizeof(UNICODE_NULL),
                                    TAG_IO);
     if (Buffer == NULL)
     {
         return FALSE;
     }
 
     RtlCopyMemory(Buffer, ModuleName->Buffer, ModuleName->Length);
     Buffer[ModuleName->Length / sizeof(WCHAR)] = UNICODE_NULL;
 
     /*
      * Generate filename without path (not needed by freeldr)
      */
     FileNameWithoutPath = wcsrchr(Buffer, L'\\');
     if (FileNameWithoutPath == NULL)
     {
         FileNameWithoutPath = Buffer;
     }
     else
     {
         FileNameWithoutPath++;
     }
 
     /*
      * Strip the file extension from ServiceName
      */
     Success = RtlCreateUnicodeString(&ServiceName, FileNameWithoutPath);
     ExFreePoolWithTag(Buffer, TAG_IO);
     if (!Success)
     {
         return FALSE;
     }
 
     FileExtension = wcsrchr(ServiceName.Buffer, L'.');
     if (FileExtension != NULL)
     {
         ServiceName.Length -= (USHORT)wcslen(FileExtension) * sizeof(WCHAR);
         FileExtension[0] = UNICODE_NULL;
     }
 
     UNICODE_STRING RegistryPath;
 
     // Make the registry path for the driver
     RegistryPath.Length = 0;
     RegistryPath.MaximumLength = sizeof(ServicesKeyName) + ServiceName.Length;
     RegistryPath.Buffer = ExAllocatePoolWithTag(PagedPool, RegistryPath.MaximumLength, TAG_IO);
     if (RegistryPath.Buffer == NULL)
     {
         return FALSE;
     }
     RtlAppendUnicodeToString(&RegistryPath, ServicesKeyName);
     RtlAppendUnicodeStringToString(&RegistryPath, &ServiceName);
     RtlFreeUnicodeString(&ServiceName);
 
     HANDLE serviceHandle;
     Status = IopOpenRegistryKeyEx(&serviceHandle, NULL, &RegistryPath, KEY_READ);
     RtlFreeUnicodeString(&RegistryPath);
     if (!NT_SUCCESS(Status))
     {
         return FALSE;
     }
 
     /* Lookup the new Ldr entry in PsLoadedModuleList */
     NextEntry = PsLoadedModuleList.Flink;
     while (NextEntry != &PsLoadedModuleList)
     {
         LdrEntry = CONTAINING_RECORD(NextEntry,
                                      LDR_DATA_TABLE_ENTRY,
                                      InLoadOrderLinks);
         if (RtlEqualUnicodeString(ModuleName, &LdrEntry->BaseDllName, TRUE))
         {
             break;
         }
 
         NextEntry = NextEntry->Flink;
     }
     ASSERT(NextEntry != &PsLoadedModuleList);
 
     /*
      * Initialize the driver
      */
     NTSTATUS driverEntryStatus;
     Status = IopInitializeDriverModule(LdrEntry,
                                        serviceHandle,
                                        &DriverObject,
                                        &driverEntryStatus);
 
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Driver '%wZ' load failed, status (%x)\n", ModuleName, Status);
         return FALSE;
     }
 
     // The driver has been loaded, now check if where are any PDOs
     // for that driver, and queue AddDevice call for them.
     // The check is possible because HKLM/SYSTEM/CCS/Services/<ServiceName>/Enum directory
     // is populated upon a new device arrival based on a (critical) device database
     
     // Legacy drivers may add devices inside DriverEntry.
     // We're lazy and always assume that they are doing so
     BOOLEAN deviceAdded = (_Bool)(DriverObject->Flags & DRVO_LEGACY_DRIVER);
 
     HANDLE enumServiceHandle;
     UNICODE_STRING enumName = RTL_CONSTANT_STRING(L"Enum");
 
     Status = IopOpenRegistryKeyEx(&enumServiceHandle, serviceHandle, &enumName, KEY_READ);
     ZwClose(serviceHandle);
 
     if (NT_SUCCESS(Status))
     {
         UINT32 instanceCount = 0;
         PKEY_VALUE_FULL_INFORMATION kvInfo;
         Status = IopGetRegistryValue(enumServiceHandle, L"Count", &kvInfo);
         if (!NT_SUCCESS(Status))
         {
             goto Cleanup;
         }
         if (kvInfo->Type != REG_DWORD)
         {
             ExFreePool(kvInfo);
             goto Cleanup;
         }
 
         RtlMoveMemory(&instanceCount,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       sizeof(UINT32));
         ExFreePool(kvInfo);
 
         DPRINT("Processing %u instances for %wZ module\n", instanceCount, ModuleName);
 
         for (UINT32 i = 0; i < instanceCount; i++)
         {
             WCHAR num[11];
             UNICODE_STRING instancePath;
             RtlStringCchPrintfW(num, sizeof(num), L"%u", i);
 
             Status = IopGetRegistryValue(enumServiceHandle, num, &kvInfo);
             if (!NT_SUCCESS(Status))
             {
                 continue;
             }
             if (kvInfo->Type != REG_SZ || kvInfo->DataLength == 0)
             {
                 ExFreePool(kvInfo);
                 continue;
             }
 
             instancePath.Length = kvInfo->DataLength - sizeof(WCHAR),
             instancePath.MaximumLength = kvInfo->DataLength,
             instancePath.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                         instancePath.MaximumLength,
                                                         TAG_IO);
             if (instancePath.Buffer)
             {
                 RtlMoveMemory(instancePath.Buffer,
                           (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                           instancePath.Length);
 
                 PDEVICE_OBJECT pdo = IopGetDeviceObjectFromDeviceInstance(&instancePath);
                 PiQueueDeviceAction(pdo, PiActionAddBootDevices, NULL, NULL);
                 ObDereferenceObject(pdo);
                 deviceAdded = TRUE;
             }
 
             ExFreePool(kvInfo);            
         }
 
         ZwClose(enumServiceHandle);
     }
 Cleanup:
     /* Remove extra reference from IopInitializeDriverModule */
     ObDereferenceObject(DriverObject);
 
     return deviceAdded;
 }

Referenced by IopInitializeBootDrivers().

◆ IopInitializeDriverModule()

NTSTATUS IopInitializeDriverModule	(	_In_ PLDR_DATA_TABLE_ENTRY	ModuleObject,
		_In_ HANDLE	ServiceHandle,
		_Out_ PDRIVER_OBJECT *	OutDriverObject,
		_Out_ NTSTATUS *	DriverEntryStatus
	)

Initialize a loaded driver.

Parameters

[in]	ModuleObject	Module object representing the driver. It can be retrieved by IopLoadServiceModule. Freed on failure, so in a such case this should not be accessed anymore
[in]	ServiceHandle	Handle to a driver's CCS/Services/<ServiceName> key
[out]	DriverObject	This contains the driver object if it was created (even with unsuccessfull result)
[out]	DriverEntryStatus	This contains the status value returned by the driver's DriverEntry routine (will not be valid of the return value is not STATUS_SUCCESS or STATUS_FAILED_DRIVER_ENTRY)

Returns: Status of the operation

Definition at line 408 of file driver.c.

 {
     UNICODE_STRING DriverName, RegistryPath, ServiceName;
     NTSTATUS Status;
 
     PAGED_CODE();
 
     Status = IopGetDriverNames(ServiceHandle, &DriverName, &ServiceName);
     if (!NT_SUCCESS(Status))
     {
         MmUnloadSystemImage(ModuleObject);
         return Status;
     }
 
     DPRINT("Driver name: '%wZ'\n", &DriverName);
 
     // obtain the registry path for the DriverInit routine
     PKEY_NAME_INFORMATION nameInfo;
     ULONG infoLength;
     Status = ZwQueryKey(ServiceHandle, KeyNameInformation, NULL, 0, &infoLength);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         nameInfo = ExAllocatePoolWithTag(NonPagedPool, infoLength, TAG_IO);
         if (nameInfo)
         {
             Status = ZwQueryKey(ServiceHandle,
                                 KeyNameInformation,
                                 nameInfo,
                                 infoLength,
                                 &infoLength);
             if (NT_SUCCESS(Status))
             {
                 RegistryPath.Length = nameInfo->NameLength;
                 RegistryPath.MaximumLength = nameInfo->NameLength;
                 RegistryPath.Buffer = nameInfo->Name;
             }
             else
             {
                 ExFreePoolWithTag(nameInfo, TAG_IO);
             }
         }
         else
         {
             Status = STATUS_INSUFFICIENT_RESOURCES;
         }
     }
     else
     {
         Status = NT_SUCCESS(Status) ? STATUS_UNSUCCESSFUL : Status;
     }
 
     if (!NT_SUCCESS(Status))
     {
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         MmUnloadSystemImage(ModuleObject);
         return Status;
     }
 
     // create the driver object
     UINT32 ObjectSize = sizeof(DRIVER_OBJECT) + sizeof(EXTENDED_DRIVER_EXTENSION);
     OBJECT_ATTRIBUTES objAttrs;
     PDRIVER_OBJECT driverObject;
     InitializeObjectAttributes(&objAttrs,
                                &DriverName,
                                OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                NULL,
                                NULL);
 
     Status = ObCreateObject(KernelMode,
                             IoDriverObjectType,
                             &objAttrs,
                             KernelMode,
                             NULL,
                             ObjectSize,
                             0,
                             0,
                             (PVOID*)&driverObject);
     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         MmUnloadSystemImage(ModuleObject);
         DPRINT1("Error while creating driver object \"%wZ\" status %x\n", &DriverName, Status);
         return Status;
     }
 
     DPRINT("Created driver object 0x%p for \"%wZ\"\n", driverObject, &DriverName);
 
     RtlZeroMemory(driverObject, ObjectSize);
     driverObject->Type = IO_TYPE_DRIVER;
     driverObject->Size = sizeof(DRIVER_OBJECT);
     driverObject->Flags = DRVO_LEGACY_DRIVER; // TODO: check the WDM_DRIVER flag on the module
     driverObject->DriverSection = ModuleObject;
     driverObject->DriverStart = ModuleObject->DllBase;
     driverObject->DriverSize = ModuleObject->SizeOfImage;
     driverObject->DriverInit = ModuleObject->EntryPoint;
     driverObject->HardwareDatabase = &IopHardwareDatabaseKey;
     driverObject->DriverExtension = (PDRIVER_EXTENSION)(driverObject + 1);
     driverObject->DriverExtension->DriverObject = driverObject;
 
     /* Loop all Major Functions */
     for (INT i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /* Invalidate each function */
         driverObject->MajorFunction[i] = IopInvalidDeviceRequest;
     }
 
     /* Add the Object and get its handle */
     HANDLE hDriver;
     Status = ObInsertObject(driverObject, NULL, FILE_READ_DATA, 0, NULL, &hDriver);
     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO);
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return Status;
     }
 
     /* Now reference it */
     Status = ObReferenceObjectByHandle(hDriver,
                                        0,
                                        IoDriverObjectType,
                                        KernelMode,
                                        (PVOID*)&driverObject,
                                        NULL);
 
     /* Close the extra handle */
     ZwClose(hDriver);
 
     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return Status;
     }
 
     /* Set up the service key name buffer */
     UNICODE_STRING serviceKeyName;
     serviceKeyName.Length = 0;
     // put a NULL character at the end for Windows compatibility
     serviceKeyName.MaximumLength = ServiceName.MaximumLength + sizeof(UNICODE_NULL);
     serviceKeyName.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   serviceKeyName.MaximumLength,
                                                   TAG_IO);
     if (!serviceKeyName.Buffer)
     {
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     /* Copy the name and set it in the driver extension */
     RtlCopyUnicodeString(&serviceKeyName, &ServiceName);
     RtlFreeUnicodeString(&ServiceName);
     driverObject->DriverExtension->ServiceKeyName = serviceKeyName;
 
     /* Make a copy of the driver name to store in the driver object */
     UNICODE_STRING driverNamePaged;
     driverNamePaged.Length = 0;
     // put a NULL character at the end for Windows compatibility
     driverNamePaged.MaximumLength = DriverName.MaximumLength + sizeof(UNICODE_NULL);
     driverNamePaged.Buffer = ExAllocatePoolWithTag(PagedPool,
                                                    driverNamePaged.MaximumLength,
                                                    TAG_IO);
     if (!driverNamePaged.Buffer)
     {
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&DriverName);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     RtlCopyUnicodeString(&driverNamePaged, &DriverName);
     driverObject->DriverName = driverNamePaged;
 
     /* Finally, call its init function */
     Status = driverObject->DriverInit(driverObject, &RegistryPath);
     *DriverEntryStatus = Status;
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("'%wZ' initialization failed, status (0x%08lx)\n", &DriverName, Status);
         // return a special status value in case of failure
         Status = STATUS_FAILED_DRIVER_ENTRY;
     }
 
     /* HACK: We're going to say if we don't have any DOs from DriverEntry, then we're not legacy.
      * Other parts of the I/O manager depend on this behavior */
     if (!driverObject->DeviceObject)
     {
         driverObject->Flags &= ~DRVO_LEGACY_DRIVER;
     }
 
     // Windows does this fixup - keep it for compatibility
     for (INT i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /*
          * Make sure the driver didn't set any dispatch entry point to NULL!
          * Doing so is illegal; drivers shouldn't touch entry points they
          * do not implement.
          */
 
         /* Check if it did so anyway */
         if (!driverObject->MajorFunction[i])
         {
             /* Print a warning in the debug log */
             DPRINT1("Driver <%wZ> set DriverObject->MajorFunction[%lu] to NULL!\n",
                     &driverObject->DriverName, i);
 
             /* Fix it up */
             driverObject->MajorFunction[i] = IopInvalidDeviceRequest;
         }
     }
 
     // TODO: for legacy drivers, unload the driver if it didn't create any DO
 
     ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
     RtlFreeUnicodeString(&DriverName);
 
     if (!NT_SUCCESS(Status))
     {
         // if the driver entry has been failed, clear the object
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         return Status;
     }
 
     *OutDriverObject = driverObject;
 
     MmFreeDriverInitialization((PLDR_DATA_TABLE_ENTRY)driverObject->DriverSection);
 
     /* Set the driver as initialized */
     IopReadyDeviceObjects(driverObject);
 
     if (PnpSystemInit) IopReinitializeDrivers();
 
     return STATUS_SUCCESS;
 }

Referenced by IopInitializeBuiltinDriver(), and IopLoadDriver().

◆ IopInitializeSystemDrivers()

VOID FASTCALL IopInitializeSystemDrivers ( VOID )

Definition at line 1146 of file driver.c.

 {
     PUNICODE_STRING *DriverList, *SavedList;
 
     PiPerformSyncDeviceAction(IopRootDeviceNode->PhysicalDeviceObject, PiActionEnumDeviceTree);
 
     /* No system drivers on the boot cd */
     if (KeLoaderBlock->SetupLdrBlock) return; // ExpInTextModeSetup
 
     /* Get the driver list */
     SavedList = DriverList = CmGetSystemDriverList();
     ASSERT(DriverList);
 
     /* Loop it */
     while (*DriverList)
     {
         /* Load the driver */
         ZwLoadDriver(*DriverList);
 
         /* Free the entry */
         RtlFreeUnicodeString(*DriverList);
         ExFreePool(*DriverList);
 
         /* Next entry */
         InbvIndicateProgress();
         DriverList++;
     }
 
     /* Free the list */
     ExFreePool(SavedList);
 
     PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                         PiActionEnumDeviceTree,
                         NULL,
                         NULL);
 }

Referenced by IoInitSystem().

◆ IopInvalidDeviceRequest()

NTSTATUS NTAPI IopInvalidDeviceRequest	(	PDEVICE_OBJECT	DeviceObject,
		PIRP	Irp
	)

Definition at line 67 of file driver.c.

 {
     Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
     Irp->IoStatus.Information = 0;
     IoCompleteRequest(Irp, IO_NO_INCREMENT);
     return STATUS_INVALID_DEVICE_REQUEST;
 }

Referenced by IoCreateDriver(), and IopInitializeDriverModule().

◆ IopLoadDriver()

NTSTATUS IopLoadDriver	(	_In_ HANDLE	ServiceHandle,
		_Out_ PDRIVER_OBJECT *	DriverObject
	)

Definition at line 1873 of file driver.c.

 {
     UNICODE_STRING ImagePath;
     NTSTATUS Status;
     PLDR_DATA_TABLE_ENTRY ModuleObject;
     PVOID BaseAddress;
 
     PKEY_VALUE_FULL_INFORMATION kvInfo;
     Status = IopGetRegistryValue(ServiceHandle, L"ImagePath", &kvInfo);
     if (NT_SUCCESS(Status))
     {
         if (kvInfo->Type != REG_EXPAND_SZ || kvInfo->DataLength == 0)
         {
             ExFreePool(kvInfo);
             return STATUS_ILL_FORMED_SERVICE_ENTRY;
         }
 
         ImagePath.Length = kvInfo->DataLength - sizeof(UNICODE_NULL),
         ImagePath.MaximumLength = kvInfo->DataLength,
         ImagePath.Buffer = ExAllocatePoolWithTag(PagedPool, ImagePath.MaximumLength, TAG_RTLREGISTRY);
         if (!ImagePath.Buffer)
         {
             ExFreePool(kvInfo);
             return STATUS_INSUFFICIENT_RESOURCES;
         }
 
         RtlMoveMemory(ImagePath.Buffer,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       ImagePath.Length);
         ExFreePool(kvInfo);
     }
     else
     {
         return Status;
     }
 
     /*
      * Normalize the image path for all later processing.
      */
     Status = IopNormalizeImagePath(&ImagePath, NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT("IopNormalizeImagePath() failed (Status %x)\n", Status);
         return Status;
     }
 
     DPRINT("FullImagePath: '%wZ'\n", &ImagePath);
 
     KeEnterCriticalRegion();
     ExAcquireResourceExclusiveLite(&IopDriverLoadResource, TRUE);
 
     /*
      * Load the driver module
      */
     DPRINT("Loading module from %wZ\n", &ImagePath);
     Status = MmLoadSystemImage(&ImagePath, NULL, NULL, 0, (PVOID)&ModuleObject, &BaseAddress);
     RtlFreeUnicodeString(&ImagePath);
 
     if (!NT_SUCCESS(Status))
     {
         DPRINT("MmLoadSystemImage() failed (Status %lx)\n", Status);
         ExReleaseResourceLite(&IopDriverLoadResource);
         KeLeaveCriticalRegion();
         return Status;
     }
 
     // Display the loading message
     ULONG infoLength;
     Status = ZwQueryKey(ServiceHandle, KeyBasicInformation, NULL, 0, &infoLength);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         PKEY_BASIC_INFORMATION servName = ExAllocatePoolWithTag(PagedPool, infoLength, TAG_IO);
         if (servName)
         {
             Status = ZwQueryKey(ServiceHandle,
                                 KeyBasicInformation,
                                 servName,
                                 infoLength,
                                 &infoLength);
             if (NT_SUCCESS(Status))
             {
                 UNICODE_STRING serviceName = {
                     .Length = servName->NameLength,
                     .MaximumLength = servName->NameLength,
                     .Buffer = servName->Name
                 };
 
                 IopDisplayLoadingMessage(&serviceName);
             }
             ExFreePoolWithTag(servName, TAG_IO);
         }
     }
 
     NTSTATUS driverEntryStatus;
     Status = IopInitializeDriverModule(ModuleObject,
                                        ServiceHandle,
                                        DriverObject,
                                        &driverEntryStatus);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("IopInitializeDriverModule() failed (Status %lx)\n", Status);
     }
 
     ExReleaseResourceLite(&IopDriverLoadResource);
     KeLeaveCriticalRegion();
 
     return Status;
 }

Referenced by IopLoadUnloadDriverWorker(), and PiAttachFilterDriversCallback().

◆ IopLoadUnloadDriverWorker()

static VOID NTAPI IopLoadUnloadDriverWorker ( _Inout_ PVOID Parameter )

static

Definition at line 1987 of file driver.c.

 {
     PLOAD_UNLOAD_PARAMS LoadParams = Parameter;
 
     ASSERT(PsGetCurrentProcess() == PsInitialSystemProcess);
 
     if (LoadParams->DriverObject)
     {
         // unload request
         LoadParams->DriverObject->DriverUnload(LoadParams->DriverObject);
         LoadParams->Status = STATUS_SUCCESS;
     }
     else
     {
         // load request
         HANDLE serviceHandle;
         NTSTATUS status;
         status = IopOpenRegistryKeyEx(&serviceHandle, NULL, LoadParams->RegistryPath, KEY_READ);
         if (!NT_SUCCESS(status))
         {
             LoadParams->Status = status;
         }
         else
         {
             LoadParams->Status = IopLoadDriver(serviceHandle, &LoadParams->DriverObject);
             ZwClose(serviceHandle);
         }
     }
 
     if (LoadParams->SetEvent)
     {
         KeSetEvent(&LoadParams->Event, 0, FALSE);
     }
 }

Referenced by IopDoLoadUnloadDriver().

◆ IopNormalizeImagePath()

NTSTATUS FASTCALL IopNormalizeImagePath	(	_Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING	ImagePath,
		_In_ PUNICODE_STRING	ServiceName
	)

Definition at line 334 of file driver.c.

 {
     UNICODE_STRING SystemRootString = RTL_CONSTANT_STRING(L"\\SystemRoot\\");
     UNICODE_STRING DriversPathString = RTL_CONSTANT_STRING(L"\\SystemRoot\\System32\\drivers\\");
     UNICODE_STRING DotSysString = RTL_CONSTANT_STRING(L".sys");
     UNICODE_STRING InputImagePath;
 
     DPRINT("Normalizing image path '%wZ' for service '%wZ'\n", ImagePath, ServiceName);
 
     InputImagePath = *ImagePath;
     if (InputImagePath.Length == 0)
     {
         ImagePath->Length = 0;
         ImagePath->MaximumLength = DriversPathString.Length +
                                    ServiceName->Length +
                                    DotSysString.Length +
                                    sizeof(UNICODE_NULL);
         ImagePath->Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   ImagePath->MaximumLength,
                                                   TAG_IO);
         if (ImagePath->Buffer == NULL)
             return STATUS_NO_MEMORY;
 
         RtlCopyUnicodeString(ImagePath, &DriversPathString);
         RtlAppendUnicodeStringToString(ImagePath, ServiceName);
         RtlAppendUnicodeStringToString(ImagePath, &DotSysString);
     }
     else if (InputImagePath.Buffer[0] != L'\\')
     {
         ImagePath->Length = 0;
         ImagePath->MaximumLength = SystemRootString.Length +
                                    InputImagePath.Length +
                                    sizeof(UNICODE_NULL);
         ImagePath->Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   ImagePath->MaximumLength,
                                                   TAG_IO);
         if (ImagePath->Buffer == NULL)
             return STATUS_NO_MEMORY;
 
         RtlCopyUnicodeString(ImagePath, &SystemRootString);
         RtlAppendUnicodeStringToString(ImagePath, &InputImagePath);
 
         /* Free caller's string */
         ExFreePoolWithTag(InputImagePath.Buffer, TAG_RTLREGISTRY);
     }
 
     DPRINT("Normalized image path is '%wZ' for service '%wZ'\n", ImagePath, ServiceName);
 
     return STATUS_SUCCESS;
 }

Referenced by IopLoadDriver(), and IopUnloadDriver().

◆ IopReinitializeBootDrivers()

VOID NTAPI IopReinitializeBootDrivers ( VOID )

Definition at line 1468 of file driver.c.

 {
     PDRIVER_REINIT_ITEM ReinitItem;
     PLIST_ENTRY Entry;
 
     /* Get the first entry and start looping */
     Entry = ExInterlockedRemoveHeadList(&DriverBootReinitListHead,
                                         &DriverBootReinitListLock);
     while (Entry)
     {
         /* Get the item */
         ReinitItem = CONTAINING_RECORD(Entry, DRIVER_REINIT_ITEM, ItemEntry);
 
         /* Increment reinitialization counter */
         ReinitItem->DriverObject->DriverExtension->Count++;
 
         /* Remove the device object flag */
         ReinitItem->DriverObject->Flags &= ~DRVO_BOOTREINIT_REGISTERED;
 
         /* Call the routine */
         ReinitItem->ReinitRoutine(ReinitItem->DriverObject,
                                   ReinitItem->Context,
                                   ReinitItem->DriverObject->
                                   DriverExtension->Count);
 
         /* Free the entry */
         ExFreePool(Entry);
 
         /* Move to the next one */
         Entry = ExInterlockedRemoveHeadList(&DriverBootReinitListHead,
                                             &DriverBootReinitListLock);
     }
 
     /* Wait for all device actions being finished*/
     KeWaitForSingleObject(&PiEnumerationFinished, Executive, KernelMode, FALSE, NULL);
 }

Referenced by IoInitSystem().

◆ IopReinitializeDrivers()

VOID NTAPI IopReinitializeDrivers ( VOID )

Definition at line 1432 of file driver.c.

 {
     PDRIVER_REINIT_ITEM ReinitItem;
     PLIST_ENTRY Entry;
 
     /* Get the first entry and start looping */
     Entry = ExInterlockedRemoveHeadList(&DriverReinitListHead,
                                         &DriverReinitListLock);
     while (Entry)
     {
         /* Get the item */
         ReinitItem = CONTAINING_RECORD(Entry, DRIVER_REINIT_ITEM, ItemEntry);
 
         /* Increment reinitialization counter */
         ReinitItem->DriverObject->DriverExtension->Count++;
 
         /* Remove the device object flag */
         ReinitItem->DriverObject->Flags &= ~DRVO_REINIT_REGISTERED;
 
         /* Call the routine */
         ReinitItem->ReinitRoutine(ReinitItem->DriverObject,
                                   ReinitItem->Context,
                                   ReinitItem->DriverObject->
                                   DriverExtension->Count);
 
         /* Free the entry */
         ExFreePool(Entry);
 
         /* Move to the next one */
         Entry = ExInterlockedRemoveHeadList(&DriverReinitListHead,
                                             &DriverReinitListLock);
     }
 }

Referenced by IoInitSystem(), and IopInitializeDriverModule().

◆ IopSuffixUnicodeString()

BOOLEAN NTAPI IopSuffixUnicodeString	(	IN PCUNICODE_STRING	String1,
		IN PCUNICODE_STRING	String2
	)

Definition at line 261 of file driver.c.

 {
     PWCHAR pc1;
     PWCHAR pc2;
     ULONG Length;
 
     if (String2->Length < String1->Length)
         return FALSE;
 
     Length = String1->Length / 2;
     pc1 = String1->Buffer;
     pc2 = &String2->Buffer[String2->Length / sizeof(WCHAR) - Length];
 
     if (pc1 && pc2)
     {
         while (Length--)
         {
             if( *pc1++ != *pc2++ )
                 return FALSE;
         }
         return TRUE;
     }
     return FALSE;
 }

Referenced by IopDisplayLoadingMessage().

◆ IopUnloadDriver()

NTSTATUS NTAPI IopUnloadDriver	(	PUNICODE_STRING	DriverServiceName,
		BOOLEAN	UnloadPnpDrivers
	)

Definition at line 1205 of file driver.c.

 {
     UNICODE_STRING Backslash = RTL_CONSTANT_STRING(L"\\");
     RTL_QUERY_REGISTRY_TABLE QueryTable[2];
     UNICODE_STRING ImagePath;
     UNICODE_STRING ServiceName;
     UNICODE_STRING ObjectName;
     PDRIVER_OBJECT DriverObject;
     PDEVICE_OBJECT DeviceObject;
     PEXTENDED_DEVOBJ_EXTENSION DeviceExtension;
     NTSTATUS Status;
     USHORT LastBackslash;
     BOOLEAN SafeToUnload = TRUE;
     KPROCESSOR_MODE PreviousMode;
     UNICODE_STRING CapturedServiceName;
 
     PAGED_CODE();
 
     PreviousMode = ExGetPreviousMode();
 
     /* Need the appropriate priviliege */
     if (!SeSinglePrivilegeCheck(SeLoadDriverPrivilege, PreviousMode))
     {
         DPRINT1("No unload privilege!\n");
         return STATUS_PRIVILEGE_NOT_HELD;
     }
 
     /* Capture the service name */
     Status = ProbeAndCaptureUnicodeString(&CapturedServiceName,
                                           PreviousMode,
                                           DriverServiceName);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }
 
     DPRINT("IopUnloadDriver('%wZ', %u)\n", &CapturedServiceName, UnloadPnpDrivers);
 
     /* We need a service name */
     if (CapturedServiceName.Length == 0 || CapturedServiceName.Buffer == NULL)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INVALID_PARAMETER;
     }
 
     /*
      * Get the service name from the registry key name
      */
     Status = RtlFindCharInUnicodeString(RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END,
                                         &CapturedServiceName,
                                         &Backslash,
                                         &LastBackslash);
     if (NT_SUCCESS(Status))
     {
         NT_ASSERT(CapturedServiceName.Length >= LastBackslash + sizeof(WCHAR));
         ServiceName.Buffer = &CapturedServiceName.Buffer[LastBackslash / sizeof(WCHAR) + 1];
         ServiceName.Length = CapturedServiceName.Length - LastBackslash - sizeof(WCHAR);
         ServiceName.MaximumLength = CapturedServiceName.MaximumLength - LastBackslash - sizeof(WCHAR);
     }
     else
     {
         ServiceName = CapturedServiceName;
     }
 
     /*
      * Construct the driver object name
      */
     Status = RtlUShortAdd(sizeof(DRIVER_ROOT_NAME),
                           ServiceName.Length,
                           &ObjectName.MaximumLength);
     if (!NT_SUCCESS(Status))
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return Status;
     }
     ObjectName.Length = 0;
     ObjectName.Buffer = ExAllocatePoolWithTag(PagedPool,
                                               ObjectName.MaximumLength,
                                               TAG_IO);
     if (!ObjectName.Buffer)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
     NT_VERIFY(NT_SUCCESS(RtlAppendUnicodeToString(&ObjectName, DRIVER_ROOT_NAME)));
     NT_VERIFY(NT_SUCCESS(RtlAppendUnicodeStringToString(&ObjectName, &ServiceName)));
 
     /*
      * Find the driver object
      */
     Status = ObReferenceObjectByName(&ObjectName,
                                      0,
                                      0,
                                      0,
                                      IoDriverObjectType,
                                      KernelMode,
                                      0,
                                      (PVOID*)&DriverObject);
 
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Can't locate driver object for %wZ\n", &ObjectName);
         ExFreePoolWithTag(ObjectName.Buffer, TAG_IO);
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return Status;
     }
 
     /* Free the buffer for driver object name */
     ExFreePoolWithTag(ObjectName.Buffer, TAG_IO);
 
     /* Check that driver is not already unloading */
     if (DriverObject->Flags & DRVO_UNLOAD_INVOKED)
     {
         DPRINT1("Driver deletion pending\n");
         ObDereferenceObject(DriverObject);
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_DELETE_PENDING;
     }
 
     /*
      * Get path of service...
      */
     RtlZeroMemory(QueryTable, sizeof(QueryTable));
 
     RtlInitUnicodeString(&ImagePath, NULL);
 
     QueryTable[0].Name = L"ImagePath";
     QueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
     QueryTable[0].EntryContext = &ImagePath;
 
     Status = RtlQueryRegistryValues(RTL_REGISTRY_ABSOLUTE,
                                     CapturedServiceName.Buffer,
                                     QueryTable,
                                     NULL,
                                     NULL);
 
     /* We no longer need service name */
     ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
 
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlQueryRegistryValues() failed (Status %x)\n", Status);
         ObDereferenceObject(DriverObject);
         return Status;
     }
 
     /*
      * Normalize the image path for all later processing.
      */
     Status = IopNormalizeImagePath(&ImagePath, &ServiceName);
 
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("IopNormalizeImagePath() failed (Status %x)\n", Status);
         ObDereferenceObject(DriverObject);
         return Status;
     }
 
     /* Free the service path */
     ExFreePool(ImagePath.Buffer);
 
     /*
      * Unload the module and release the references to the device object
      */
 
     /* Call the load/unload routine, depending on current process */
     if (DriverObject->DriverUnload && DriverObject->DriverSection &&
         (UnloadPnpDrivers || (DriverObject->Flags & DRVO_LEGACY_DRIVER)))
     {
         /* Loop through each device object of the driver
            and set DOE_UNLOAD_PENDING flag */
         DeviceObject = DriverObject->DeviceObject;
         while (DeviceObject)
         {
             /* Set the unload pending flag for the device */
             DeviceExtension = IoGetDevObjExtension(DeviceObject);
             DeviceExtension->ExtensionFlags |= DOE_UNLOAD_PENDING;
 
             /* Make sure there are no attached devices or no reference counts */
             if ((DeviceObject->ReferenceCount) || (DeviceObject->AttachedDevice))
             {
                 /* Not safe to unload */
                 DPRINT1("Drivers device object is referenced or has attached devices\n");
 
                 SafeToUnload = FALSE;
             }
 
             DeviceObject = DeviceObject->NextDevice;
         }
 
         /* If not safe to unload, then return success */
         if (!SafeToUnload)
         {
             ObDereferenceObject(DriverObject);
             return STATUS_SUCCESS;
         }
 
         DPRINT1("Unloading driver '%wZ' (manual)\n", &DriverObject->DriverName);
 
         /* Set the unload invoked flag and call the unload routine */
         DriverObject->Flags |= DRVO_UNLOAD_INVOKED;
         Status = IopDoLoadUnloadDriver(NULL, &DriverObject);
         ASSERT(Status == STATUS_SUCCESS);
 
         /* Mark the driver object temporary, so it could be deleted later */
         ObMakeTemporaryObject(DriverObject);
 
         /* Dereference it 2 times */
         ObDereferenceObject(DriverObject);
         ObDereferenceObject(DriverObject);
 
         return Status;
     }
     else
     {
         DPRINT1("No DriverUnload function! '%wZ' will not be unloaded!\n", &DriverObject->DriverName);
 
         /* Dereference one time (refd inside this function) */
         ObDereferenceObject(DriverObject);
 
         /* Return unloading failure */
         return STATUS_INVALID_DEVICE_REQUEST;
     }
 }

Referenced by NtUnloadDriver().

◆ IoRegisterBootDriverReinitialization()

VOID NTAPI IoRegisterBootDriverReinitialization	(	IN PDRIVER_OBJECT	DriverObject,
		IN PDRIVER_REINITIALIZE	ReinitRoutine,
		IN PVOID	Context
	)

Definition at line 1703 of file driver.c.

 {
     PDRIVER_REINIT_ITEM ReinitItem;
 
     /* Allocate the entry */
     ReinitItem = ExAllocatePoolWithTag(NonPagedPool,
                                        sizeof(DRIVER_REINIT_ITEM),
                                        TAG_REINIT);
     if (!ReinitItem) return;
 
     /* Fill it out */
     ReinitItem->DriverObject = DriverObject;
     ReinitItem->ReinitRoutine = ReinitRoutine;
     ReinitItem->Context = Context;
 
     /* Set the Driver Object flag and insert the entry into the list */
     DriverObject->Flags |= DRVO_BOOTREINIT_REGISTERED;
     ExInterlockedInsertTailList(&DriverBootReinitListHead,
                                 &ReinitItem->ItemEntry,
                                 &DriverBootReinitListLock);
 }

Referenced by _Function_class_(), and DriverEntry().

◆ IoRegisterDriverReinitialization()

VOID NTAPI IoRegisterDriverReinitialization	(	IN PDRIVER_OBJECT	DriverObject,
		IN PDRIVER_REINITIALIZE	ReinitRoutine,
		IN PVOID	Context
	)

Definition at line 1732 of file driver.c.

 {
     PDRIVER_REINIT_ITEM ReinitItem;
 
     /* Allocate the entry */
     ReinitItem = ExAllocatePoolWithTag(NonPagedPool,
                                        sizeof(DRIVER_REINIT_ITEM),
                                        TAG_REINIT);
     if (!ReinitItem) return;
 
     /* Fill it out */
     ReinitItem->DriverObject = DriverObject;
     ReinitItem->ReinitRoutine = ReinitRoutine;
     ReinitItem->Context = Context;
 
     /* Set the Driver Object flag and insert the entry into the list */
     DriverObject->Flags |= DRVO_REINIT_REGISTERED;
     ExInterlockedInsertTailList(&DriverReinitListHead,
                                 &ReinitItem->ItemEntry,
                                 &DriverReinitListLock);
 }

Referenced by DiskBootDriverReinit(), and DriverEntry().

◆ LdrProcessDriverModule()

NTSTATUS NTAPI LdrProcessDriverModule	(	PLDR_DATA_TABLE_ENTRY	LdrEntry,
		PUNICODE_STRING	FileName,
		PLDR_DATA_TABLE_ENTRY *	ModuleObject
	)

Definition at line 672 of file driver.c.

 {
     NTSTATUS Status;
     UNICODE_STRING BaseName, BaseDirectory;
     PLOAD_IMPORTS LoadedImports = (PVOID)-2;
     PCHAR MissingApiName, Buffer;
     PWCHAR MissingDriverName;
     PVOID DriverBase = LdrEntry->DllBase;
 
     /* Allocate a buffer we'll use for names */
     Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                    MAXIMUM_FILENAME_LENGTH,
                                    TAG_LDR_WSTR);
     if (!Buffer)
     {
         /* Fail */
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     /* Check for a separator */
     if (FileName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR)
     {
         PWCHAR p;
         ULONG BaseLength;
 
         /* Loop the path until we get to the base name */
         p = &FileName->Buffer[FileName->Length / sizeof(WCHAR)];
         while (*(p - 1) != OBJ_NAME_PATH_SEPARATOR) p--;
 
         /* Get the length */
         BaseLength = (ULONG)(&FileName->Buffer[FileName->Length / sizeof(WCHAR)] - p);
         BaseLength *= sizeof(WCHAR);
 
         /* Setup the string */
         BaseName.Length = (USHORT)BaseLength;
         BaseName.Buffer = p;
     }
     else
     {
         /* Otherwise, we already have a base name */
         BaseName.Length = FileName->Length;
         BaseName.Buffer = FileName->Buffer;
     }
 
     /* Setup the maximum length */
     BaseName.MaximumLength = BaseName.Length;
 
     /* Now compute the base directory */
     BaseDirectory = *FileName;
     BaseDirectory.Length -= BaseName.Length;
     BaseDirectory.MaximumLength = BaseDirectory.Length;
 
     /* Resolve imports */
     MissingApiName = Buffer;
     Status = MiResolveImageReferences(DriverBase,
                                       &BaseDirectory,
                                       NULL,
                                       &MissingApiName,
                                       &MissingDriverName,
                                       &LoadedImports);
 
     /* Free the temporary buffer */
     ExFreePoolWithTag(Buffer, TAG_LDR_WSTR);
 
     /* Check the result of the imports resolution */
     if (!NT_SUCCESS(Status)) return Status;
 
     /* Return */
     *ModuleObject = LdrEntry;
     return STATUS_SUCCESS;
 }

◆ MiResolveImageReferences()

NTSTATUS NTAPI MiResolveImageReferences	(	IN PVOID	ImageBase,
		IN PUNICODE_STRING	ImageFileDirectory,
		IN PUNICODE_STRING NamePrefix	OPTIONAL,
		OUT PCHAR *	MissingApi,
		OUT PWCHAR *	MissingDriver,
		OUT PLOAD_IMPORTS *	LoadImports
	)

Definition at line 1000 of file sysldr.c.

 {
     static UNICODE_STRING DriversFolderName = RTL_CONSTANT_STRING(L"drivers\\");
     PCHAR MissingApiBuffer = *MissingApi, ImportName;
     PIMAGE_IMPORT_DESCRIPTOR ImportDescriptor, CurrentImport;
     ULONG ImportSize, ImportCount = 0, LoadedImportsSize, ExportSize;
     PLOAD_IMPORTS LoadedImports, NewImports;
     ULONG GdiLink, NormalLink, i;
     BOOLEAN ReferenceNeeded, Loaded;
     ANSI_STRING TempString;
     UNICODE_STRING NameString, DllName;
     PLDR_DATA_TABLE_ENTRY LdrEntry = NULL, DllEntry, ImportEntry = NULL;
     PVOID ImportBase, DllBase;
     PLIST_ENTRY NextEntry;
     PIMAGE_EXPORT_DIRECTORY ExportDirectory;
     NTSTATUS Status;
     PIMAGE_THUNK_DATA OrigThunk, FirstThunk;
     PAGED_CODE();
     DPRINT("%s - ImageBase: %p. ImageFileDirectory: %wZ\n",
            __FUNCTION__, ImageBase, ImageFileDirectory);
 
     /* No name string buffer yet */
     NameString.Buffer = NULL;
 
     /* Assume no imports */
     *LoadImports = MM_SYSLDR_NO_IMPORTS;
 
     /* Get the import descriptor */
     ImportDescriptor = RtlImageDirectoryEntryToData(ImageBase,
                                                     TRUE,
                                                     IMAGE_DIRECTORY_ENTRY_IMPORT,
                                                     &ImportSize);
     if (!ImportDescriptor) return STATUS_SUCCESS;
 
     /* Loop all imports to count them */
     for (CurrentImport = ImportDescriptor;
          (CurrentImport->Name) && (CurrentImport->OriginalFirstThunk);
          CurrentImport++)
     {
         /* One more */
         ImportCount++;
     }
 
     /* Make sure we have non-zero imports */
     if (ImportCount)
     {
         /* Calculate and allocate the list we'll need */
         LoadedImportsSize = ImportCount * sizeof(PVOID) + sizeof(SIZE_T);
         LoadedImports = ExAllocatePoolWithTag(PagedPool,
                                               LoadedImportsSize,
                                               TAG_LDR_IMPORTS);
         if (LoadedImports)
         {
             /* Zero it */
             RtlZeroMemory(LoadedImports, LoadedImportsSize);
             LoadedImports->Count = ImportCount;
         }
     }
     else
     {
         /* No table */
         LoadedImports = NULL;
     }
 
     /* Reset the import count and loop descriptors again */
     ImportCount = GdiLink = NormalLink = 0;
     while ((ImportDescriptor->Name) && (ImportDescriptor->OriginalFirstThunk))
     {
         /* Get the name */
         ImportName = (PCHAR)((ULONG_PTR)ImageBase + ImportDescriptor->Name);
 
         /* Check if this is a GDI driver */
         GdiLink = GdiLink |
                   !(_strnicmp(ImportName, "win32k", sizeof("win32k") - 1));
 
         /* We can also allow dxapi (for Windows compat, allow IRT and coverage) */
         NormalLink = NormalLink |
                      ((_strnicmp(ImportName, "win32k", sizeof("win32k") - 1)) &&
                       (_strnicmp(ImportName, "dxapi", sizeof("dxapi") - 1)) &&
                       (_strnicmp(ImportName, "coverage", sizeof("coverage") - 1)) &&
                       (_strnicmp(ImportName, "irt", sizeof("irt") - 1)));
 
         /* Check if this is a valid GDI driver */
         if ((GdiLink) && (NormalLink))
         {
             /* It's not, it's importing stuff it shouldn't be! */
             Status = STATUS_PROCEDURE_NOT_FOUND;
             goto Failure;
         }
 
         /* Check for user-mode printer or video card drivers, which don't belong */
         if (!(_strnicmp(ImportName, "ntdll", sizeof("ntdll") - 1)) ||
             !(_strnicmp(ImportName, "winsrv", sizeof("winsrv") - 1)) ||
             !(_strnicmp(ImportName, "advapi32", sizeof("advapi32") - 1)) ||
             !(_strnicmp(ImportName, "kernel32", sizeof("kernel32") - 1)) ||
             !(_strnicmp(ImportName, "user32", sizeof("user32") - 1)) ||
             !(_strnicmp(ImportName, "gdi32", sizeof("gdi32") - 1)))
         {
             /* This is not kernel code */
             Status = STATUS_PROCEDURE_NOT_FOUND;
             goto Failure;
         }
 
         /* Check if this is a "core" import, which doesn't get referenced */
         if (!(_strnicmp(ImportName, "ntoskrnl", sizeof("ntoskrnl") - 1)) ||
             !(_strnicmp(ImportName, "win32k", sizeof("win32k") - 1)) ||
             !(_strnicmp(ImportName, "hal", sizeof("hal") - 1)))
         {
             /* Don't reference this */
             ReferenceNeeded = FALSE;
         }
         else
         {
             /* Reference these modules */
             ReferenceNeeded = TRUE;
         }
 
         /* Now setup a unicode string for the import */
         RtlInitAnsiString(&TempString, ImportName);
         Status = RtlAnsiStringToUnicodeString(&NameString, &TempString, TRUE);
         if (!NT_SUCCESS(Status))
         {
             /* Failed */
             goto Failure;
         }
 
         /* We don't support name prefixes yet */
         if (NamePrefix) DPRINT1("Name Prefix not yet supported!\n");
 
         /* Remember that we haven't loaded the import at this point */
 CheckDllState:
         Loaded = FALSE;
         ImportBase = NULL;
 
         /* Loop the driver list */
         NextEntry = PsLoadedModuleList.Flink;
         while (NextEntry != &PsLoadedModuleList)
         {
             /* Get the loader entry and compare the name */
             LdrEntry = CONTAINING_RECORD(NextEntry,
                                          LDR_DATA_TABLE_ENTRY,
                                          InLoadOrderLinks);
             if (RtlEqualUnicodeString(&NameString,
                                       &LdrEntry->BaseDllName,
                                       TRUE))
             {
                 /* Get the base address */
                 ImportBase = LdrEntry->DllBase;
 
                 /* Check if we haven't loaded yet, and we need references */
                 if (!(Loaded) && (ReferenceNeeded))
                 {
                     /* Make sure we're not already loading */
                     if (!(LdrEntry->Flags & LDRP_LOAD_IN_PROGRESS))
                     {
                         /* Increase the load count */
                         LdrEntry->LoadCount++;
                     }
                 }
 
                 /* Done, break out */
                 break;
             }
 
             /* Go to the next entry */
             NextEntry = NextEntry->Flink;
         }
 
         /* Check if we haven't loaded the import yet */
         if (!ImportBase)
         {
             /* Setup the import DLL name */
             DllName.MaximumLength = NameString.Length +
                                     ImageFileDirectory->Length +
                                     sizeof(UNICODE_NULL);
             DllName.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                    DllName.MaximumLength,
                                                    TAG_LDR_WSTR);
             if (!DllName.Buffer)
             {
                 /* We're out of resources */
                 Status = STATUS_INSUFFICIENT_RESOURCES;
                 goto Failure;
             }
 
             /* Add the import name to the base directory */
             RtlCopyUnicodeString(&DllName, ImageFileDirectory);
             RtlAppendUnicodeStringToString(&DllName,
                                            &NameString);
 
             /* Load the image */
             Status = MmLoadSystemImage(&DllName,
                                        NamePrefix,
                                        NULL,
                                        FALSE,
                                        (PVOID *)&DllEntry,
                                        &DllBase);
 
             /* win32k / GDI drivers can also import from system32 folder */
             if ((Status == STATUS_OBJECT_NAME_NOT_FOUND) &&
                 (MI_IS_SESSION_ADDRESS(ImageBase) || 1)) // HACK
             {
                 /* Free the old name buffer */
                 ExFreePoolWithTag(DllName.Buffer, TAG_LDR_WSTR);
 
                 /* Calculate size for a string the adds 'drivers\' */
                 DllName.MaximumLength += DriversFolderName.Length;
 
                 /* Allocate the new buffer */
                 DllName.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                        DllName.MaximumLength,
                                                        TAG_LDR_WSTR);
                 if (!DllName.Buffer)
                 {
                     /* We're out of resources */
                     Status = STATUS_INSUFFICIENT_RESOURCES;
                     goto Failure;
                 }
 
                 /* Copy image directory and append 'drivers\' folder name */
                 RtlCopyUnicodeString(&DllName, ImageFileDirectory);
                 RtlAppendUnicodeStringToString(&DllName, &DriversFolderName);
 
                 /* Now add the import name */
                 RtlAppendUnicodeStringToString(&DllName, &NameString);
 
                 /* Try once again to load the image */
                 Status = MmLoadSystemImage(&DllName,
                                            NamePrefix,
                                            NULL,
                                            FALSE,
                                            (PVOID *)&DllEntry,
                                            &DllBase);
             }
 
             if (!NT_SUCCESS(Status))
             {
                 /* Fill out the information for the error */
                 *MissingDriver = DllName.Buffer;
                 *(PULONG)MissingDriver |= 1;
                 *MissingApi = NULL;
 
                 DPRINT1("Failed to load dependency: %wZ\n", &DllName);
 
                 /* Don't free the name */
                 DllName.Buffer = NULL;
 
                 /* Cleanup and return */
                 goto Failure;
             }
 
             /* We can free the DLL Name */
             ExFreePoolWithTag(DllName.Buffer, TAG_LDR_WSTR);
             DllName.Buffer = NULL;
 
             /* We're now loaded */
             Loaded = TRUE;
 
             /* Sanity check */
             ASSERT(DllBase == DllEntry->DllBase);
 
             /* Call the initialization routines */
             Status = MmCallDllInitialize(DllEntry, &PsLoadedModuleList);
             if (!NT_SUCCESS(Status))
             {
                 /* We failed, unload the image */
                 MmUnloadSystemImage(DllEntry);
                 ERROR_DBGBREAK("MmCallDllInitialize failed with status 0x%x\n", Status);
                 Loaded = FALSE;
             }
 
             /* Loop again to make sure that everything is OK */
             goto CheckDllState;
         }
 
         /* Check if we're support to reference this import */
         if ((ReferenceNeeded) && (LoadedImports))
         {
             /* Make sure we're not already loading */
             if (!(LdrEntry->Flags & LDRP_LOAD_IN_PROGRESS))
             {
                 /* Add the entry */
                 LoadedImports->Entry[ImportCount] = LdrEntry;
                 ImportCount++;
             }
         }
 
         /* Free the import name */
         RtlFreeUnicodeString(&NameString);
 
         /* Set the missing driver name and get the export directory */
         *MissingDriver = LdrEntry->BaseDllName.Buffer;
         ExportDirectory = RtlImageDirectoryEntryToData(ImportBase,
                                                        TRUE,
                                                        IMAGE_DIRECTORY_ENTRY_EXPORT,
                                                        &ExportSize);
         if (!ExportDirectory)
         {
             /* Cleanup and return */
             DPRINT1("Warning: Driver failed to load, %S not found\n", *MissingDriver);
             Status = STATUS_DRIVER_ENTRYPOINT_NOT_FOUND;
             goto Failure;
         }
 
         /* Make sure we have an IAT */
         if (ImportDescriptor->OriginalFirstThunk)
         {
             /* Get the first thunks */
             OrigThunk = (PVOID)((ULONG_PTR)ImageBase +
                                 ImportDescriptor->OriginalFirstThunk);
             FirstThunk = (PVOID)((ULONG_PTR)ImageBase +
                                  ImportDescriptor->FirstThunk);
 
             /* Loop the IAT */
             while (OrigThunk->u1.AddressOfData)
             {
                 /* Snap thunk */
                 Status = MiSnapThunk(ImportBase,
                                      ImageBase,
                                      OrigThunk++,
                                      FirstThunk++,
                                      ExportDirectory,
                                      ExportSize,
                                      FALSE,
                                      MissingApi);
                 if (!NT_SUCCESS(Status))
                 {
                     /* Cleanup and return */
                     goto Failure;
                 }
 
                 /* Reset the buffer */
                 *MissingApi = MissingApiBuffer;
             }
         }
 
         /* Go to the next import */
         ImportDescriptor++;
     }
 
     /* Check if we have an import list */
     if (LoadedImports)
     {
         /* Reset the count again, and loop entries */
         ImportCount = 0;
         for (i = 0; i < LoadedImports->Count; i++)
         {
             if (LoadedImports->Entry[i])
             {
                 /* Got an entry, OR it with 1 in case it's the single entry */
                 ImportEntry = (PVOID)((ULONG_PTR)LoadedImports->Entry[i] |
                                       MM_SYSLDR_SINGLE_ENTRY);
                 ImportCount++;
             }
         }
 
         /* Check if we had no imports */
         if (!ImportCount)
         {
             /* Free the list and set it to no imports */
             ExFreePoolWithTag(LoadedImports, TAG_LDR_IMPORTS);
             LoadedImports = MM_SYSLDR_NO_IMPORTS;
         }
         else if (ImportCount == 1)
         {
             /* Just one entry, we can free the table and only use our entry */
             ExFreePoolWithTag(LoadedImports, TAG_LDR_IMPORTS);
             LoadedImports = (PLOAD_IMPORTS)ImportEntry;
         }
         else if (ImportCount != LoadedImports->Count)
         {
             /* Allocate a new list */
             LoadedImportsSize = ImportCount * sizeof(PVOID) + sizeof(SIZE_T);
             NewImports = ExAllocatePoolWithTag(PagedPool,
                                                LoadedImportsSize,
                                                TAG_LDR_IMPORTS);
             if (NewImports)
             {
                 /* Set count */
                 NewImports->Count = 0;
 
                 /* Loop all the imports */
                 for (i = 0; i < LoadedImports->Count; i++)
                 {
                     /* Make sure it's valid */
                     if (LoadedImports->Entry[i])
                     {
                         /* Copy it */
                         NewImports->Entry[NewImports->Count] = LoadedImports->Entry[i];
                         NewImports->Count++;
                     }
                 }
 
                 /* Free the old copy */
                 ExFreePoolWithTag(LoadedImports, TAG_LDR_IMPORTS);
                 LoadedImports = NewImports;
             }
         }
 
         /* Return the list */
         *LoadImports = LoadedImports;
     }
 
     /* Return success */
     return STATUS_SUCCESS;
 
 Failure:
 
     /* Cleanup and return */
     RtlFreeUnicodeString(&NameString);
 
     if (LoadedImports)
     {
         MiDereferenceImports(LoadedImports);
         ExFreePoolWithTag(LoadedImports, TAG_LDR_IMPORTS);
     }
 
     return Status;
 }

Referenced by LdrProcessDriverModule(), and MmLoadSystemImage().

◆ NtLoadDriver()

NTSTATUS NTAPI NtLoadDriver ( IN PUNICODE_STRING DriverServiceName )

Definition at line 2081 of file driver.c.

 {
     UNICODE_STRING CapturedServiceName = { 0, 0, NULL };
     KPROCESSOR_MODE PreviousMode;
     PDRIVER_OBJECT DriverObject;
     NTSTATUS Status;
 
     PAGED_CODE();
 
     PreviousMode = KeGetPreviousMode();
 
     /* Need the appropriate priviliege */
     if (!SeSinglePrivilegeCheck(SeLoadDriverPrivilege, PreviousMode))
     {
         DPRINT1("No load privilege!\n");
         return STATUS_PRIVILEGE_NOT_HELD;
     }
 
     /* Capture the service name */
     Status = ProbeAndCaptureUnicodeString(&CapturedServiceName,
                                           PreviousMode,
                                           DriverServiceName);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }
 
     DPRINT("NtLoadDriver('%wZ')\n", &CapturedServiceName);
 
     /* We need a service name */
     if (CapturedServiceName.Length == 0 || CapturedServiceName.Buffer == NULL)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INVALID_PARAMETER;
     }
 
     /* Load driver and call its entry point */
     DriverObject = NULL;
     Status = IopDoLoadUnloadDriver(&CapturedServiceName, &DriverObject);
 
     ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
     return Status;
 }

Referenced by NtStartDriver(), ScmLoadDriver(), and wmain().

◆ NtUnloadDriver()

NTSTATUS NTAPI NtUnloadDriver ( IN PUNICODE_STRING DriverServiceName )

Definition at line 2142 of file driver.c.

 {
     return IopUnloadDriver(DriverServiceName, FALSE);
 }

Referenced by LoadVia_SystemExtendServiceTableInformation(), LoadVia_SystemLoadGdiDriverInformation(), NtStopDriver(), ScmUnloadDriver(), START_TEST(), and wmain().

Variable Documentation

◆ DriverBootReinitListHead

LIST_ENTRY DriverBootReinitListHead

Definition at line 26 of file driver.c.

Referenced by IoInitSystem(), IopReinitializeBootDrivers(), and IoRegisterBootDriverReinitialization().

◆ DriverBootReinitListLock

KSPIN_LOCK DriverBootReinitListLock

Definition at line 27 of file driver.c.

Referenced by IoInitSystem(), IopReinitializeBootDrivers(), and IoRegisterBootDriverReinitialization().

◆ DriverBootReinitTailEntry

PLIST_ENTRY DriverBootReinitTailEntry

Definition at line 25 of file driver.c.

◆ DriverReinitListHead

LIST_ENTRY DriverReinitListHead

Definition at line 21 of file driver.c.

Referenced by IoInitSystem(), IopReinitializeDrivers(), and IoRegisterDriverReinitialization().

◆ DriverReinitListLock

KSPIN_LOCK DriverReinitListLock

Definition at line 22 of file driver.c.

Referenced by IoInitSystem(), IopReinitializeDrivers(), and IoRegisterDriverReinitialization().

◆ DriverReinitTailEntry

PLIST_ENTRY DriverReinitTailEntry

Definition at line 23 of file driver.c.

◆ ExpInTextModeSetup

BOOLEAN ExpInTextModeSetup

Definition at line 67 of file init.c.

Referenced by CmpGetRegistryPath(), DisplayBootBitmap(), ExpInitializeExecutive(), and IopDisplayLoadingMessage().

◆ IoDriverObjectType

POBJECT_TYPE IoDriverObjectType = NULL

Definition at line 33 of file driver.c.

Referenced by IoCreateDriver(), IopCreateObjectTypes(), IopGetDriverPathInformation(), IopInitializeDriverModule(), IopUnloadDriver(), PiAttachFilterDriversCallback(), and TestObjectTypes().

◆ IopDriverLoadResource

ERESOURCE IopDriverLoadResource

Definition at line 19 of file driver.c.

Referenced by IoInitSystem(), and IopLoadDriver().

◆ IopGroupIndex

USHORT IopGroupIndex

Definition at line 42 of file driver.c.

Referenced by IopInitializeBootDrivers().

◆ IopGroupTable

PLIST_ENTRY IopGroupTable

Definition at line 43 of file driver.c.

Referenced by IopInitializeBootDrivers().

◆ IopHardwareDatabaseKey

UNICODE_STRING IopHardwareDatabaseKey

Initial value:

=

RTL_CONSTANT_STRING(L"\\REGISTRY\\MACHINE\\HARDWARE\\DESCRIPTION\\SYSTEM")

L

static const WCHAR L[]

Definition: oid.c:1250

RTL_CONSTANT_STRING

#define RTL_CONSTANT_STRING(s)

Definition: tunneltest.c:14

Definition at line 29 of file driver.c.

Referenced by IopInitializeDriverModule().

◆ PiEnumerationFinished

KEVENT PiEnumerationFinished

Definition at line 50 of file devaction.c.

Referenced by IopReinitializeBootDrivers().

◆ PnPBootDriversLoaded

BOOLEAN PnPBootDriversLoaded

Definition at line 26 of file pnpinit.c.

Referenced by IopInitializeBootDrivers().

◆ PnpSystemInit

BOOLEAN PnpSystemInit

Definition at line 17 of file iomgr.c.

Referenced by IopInitializeDriverModule().

◆ ServicesKeyName

const WCHAR ServicesKeyName[] = L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\"

static

Definition at line 31 of file driver.c.

Referenced by IopInitializeBuiltinDriver(), and MmCallDllInitialize().

Classes

Macros

Typedefs

Functions

Variables

Macro Definition Documentation

◆ NDEBUG

◆ TAG_RTLREGISTRY

Typedef Documentation

◆ LOAD_UNLOAD_PARAMS

◆ PLOAD_UNLOAD_PARAMS

Function Documentation

◆ IoAllocateDriverObjectExtension()

◆ IoCreateDriver()

◆ IoDeleteDriver()

◆ IoGetDriverObjectExtension()

◆ IopDeleteDriver()

◆ IopDisplayLoadingMessage()

◆ IopDoLoadUnloadDriver()

◆ IopGetDeviceObjectFromDeviceInstance()

◆ IopGetDriverNames()

◆ IopInitializeBootDrivers()

◆ IopInitializeBuiltinDriver()

◆ IopInitializeDriverModule()

◆ IopInitializeSystemDrivers()

◆ IopInvalidDeviceRequest()

◆ IopLoadDriver()

◆ IopLoadUnloadDriverWorker()

◆ IopNormalizeImagePath()

◆ IopReinitializeBootDrivers()

◆ IopReinitializeDrivers()

◆ IopSuffixUnicodeString()

◆ IopUnloadDriver()

◆ IoRegisterBootDriverReinitialization()

◆ IoRegisterDriverReinitialization()

◆ LdrProcessDriverModule()

◆ MiResolveImageReferences()

◆ NtLoadDriver()

◆ NtUnloadDriver()

Variable Documentation

◆ DriverBootReinitListHead

◆ DriverBootReinitListLock

◆ DriverBootReinitTailEntry

◆ DriverReinitListHead

◆ DriverReinitListLock

◆ DriverReinitTailEntry

◆ ExpInTextModeSetup

◆ IoDriverObjectType

◆ IopDriverLoadResource

◆ IopGroupIndex

◆ IopGroupTable

◆ IopHardwareDatabaseKey

◆ PiEnumerationFinished

◆ PnPBootDriversLoaded

◆ PnpSystemInit

◆ ServicesKeyName