d9/d9f/ntoskrnl_2io_2iomgr_2driver_8c_source.html

 /*
  * PROJECT:         ReactOS Kernel
  * LICENSE:         GPL - See COPYING in the top level directory
  * FILE:            ntoskrnl/io/iomgr/driver.c
  * PURPOSE:         Driver Object Management
  * PROGRAMMERS:     Alex Ionescu (alex.ionescu@reactos.org)
  *                  Filip Navara (navaraf@reactos.org)
  *                  Herv� Poussineau (hpoussin@reactos.org)
  */

 /* INCLUDES *******************************************************************/

 #include <ntoskrnl.h>
 #define NDEBUG
 #include <debug.h>

 /* GLOBALS ********************************************************************/

 ERESOURCE IopDriverLoadResource;

 LIST_ENTRY DriverReinitListHead;
 KSPIN_LOCK DriverReinitListLock;
 PLIST_ENTRY DriverReinitTailEntry;

 PLIST_ENTRY DriverBootReinitTailEntry;
 LIST_ENTRY DriverBootReinitListHead;
 KSPIN_LOCK DriverBootReinitListLock;

 UNICODE_STRING IopHardwareDatabaseKey =
    RTL_CONSTANT_STRING(L"\\REGISTRY\\MACHINE\\HARDWARE\\DESCRIPTION\\SYSTEM");
 static const WCHAR ServicesKeyName[] = L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\";

 POBJECT_TYPE IoDriverObjectType = NULL;

 #define TAG_RTLREGISTRY 'vrqR'

 extern BOOLEAN ExpInTextModeSetup;
 extern BOOLEAN PnpSystemInit;
 extern BOOLEAN PnPBootDriversLoaded;
 extern KEVENT PiEnumerationFinished;

 USHORT IopGroupIndex;
 PLIST_ENTRY IopGroupTable;

 /* TYPES *********************************************************************/

 // Parameters packet for Load/Unload work item's context
 typedef struct _LOAD_UNLOAD_PARAMS
 {
     NTSTATUS Status;
     PUNICODE_STRING RegistryPath;
     WORK_QUEUE_ITEM WorkItem;
     KEVENT Event;
     PDRIVER_OBJECT DriverObject;
     BOOLEAN SetEvent;
 } LOAD_UNLOAD_PARAMS, *PLOAD_UNLOAD_PARAMS;

 NTSTATUS
 IopDoLoadUnloadDriver(
     _In_opt_ PUNICODE_STRING RegistryPath,
     _Inout_ PDRIVER_OBJECT *DriverObject);

 /* PRIVATE FUNCTIONS **********************************************************/

 NTSTATUS
 NTAPI
 IopInvalidDeviceRequest(
     PDEVICE_OBJECT DeviceObject,
     PIRP Irp)
 {
     Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
     Irp->IoStatus.Information = 0;
     IoCompleteRequest(Irp, IO_NO_INCREMENT);
     return STATUS_INVALID_DEVICE_REQUEST;
 }

 VOID
 NTAPI
 IopDeleteDriver(IN PVOID ObjectBody)
 {
     PDRIVER_OBJECT DriverObject = ObjectBody;
     PIO_CLIENT_EXTENSION DriverExtension, NextDriverExtension;
     PAGED_CODE();

     DPRINT1("Deleting driver object '%wZ'\n", &DriverObject->DriverName);

     /* There must be no device objects remaining at this point */
     ASSERT(!DriverObject->DeviceObject);

     /* Get the extension and loop them */
     DriverExtension = IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
     while (DriverExtension)
     {
         /* Get the next one */
         NextDriverExtension = DriverExtension->NextExtension;
         ExFreePoolWithTag(DriverExtension, TAG_DRIVER_EXTENSION);

         /* Move on */
         DriverExtension = NextDriverExtension;
     }

     /* Check if the driver image is still loaded */
     if (DriverObject->DriverSection)
     {
         /* Unload it */
         MmUnloadSystemImage(DriverObject->DriverSection);
     }

     /* Check if it has a name */
     if (DriverObject->DriverName.Buffer)
     {
         /* Free it */
         ExFreePool(DriverObject->DriverName.Buffer);
     }

     /* Check if it has a service key name */
     if (DriverObject->DriverExtension->ServiceKeyName.Buffer)
     {
         /* Free it */
         ExFreePool(DriverObject->DriverExtension->ServiceKeyName.Buffer);
     }
 }

 NTSTATUS
 IopGetDriverNames(
     _In_ HANDLE ServiceHandle,
     _Out_ PUNICODE_STRING DriverName,
     _Out_opt_ PUNICODE_STRING ServiceName)
 {
     UNICODE_STRING driverName = {.Buffer = NULL}, serviceName;
     PKEY_VALUE_FULL_INFORMATION kvInfo;
     NTSTATUS status;

     PAGED_CODE();

     /* 1. Check the "ObjectName" field in the driver's registry key (it has priority) */
     status = IopGetRegistryValue(ServiceHandle, L"ObjectName", &kvInfo);
     if (NT_SUCCESS(status))
     {
         /* We've got the ObjectName, use it as the driver name */
         if (kvInfo->Type != REG_SZ || kvInfo->DataLength == 0)
         {
             ExFreePool(kvInfo);
             return STATUS_ILL_FORMED_SERVICE_ENTRY;
         }

         driverName.Length = kvInfo->DataLength - sizeof(UNICODE_NULL);
         driverName.MaximumLength = kvInfo->DataLength;
         driverName.Buffer = ExAllocatePoolWithTag(NonPagedPool, driverName.MaximumLength, TAG_IO);
         if (!driverName.Buffer)
         {
             ExFreePool(kvInfo);
             return STATUS_INSUFFICIENT_RESOURCES;
         }

         RtlMoveMemory(driverName.Buffer,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       driverName.Length);
         driverName.Buffer[driverName.Length / sizeof(WCHAR)] = UNICODE_NULL;
         ExFreePool(kvInfo);
     }

     /* Check whether we need to get ServiceName as well, either to construct
      * the driver name (because we could not use "ObjectName"), or because
      * it is requested by the caller. */
     PKEY_BASIC_INFORMATION basicInfo = NULL;
     if (!NT_SUCCESS(status) || ServiceName != NULL)
     {
         /* Retrieve the necessary buffer size */
         ULONG infoLength;
         status = ZwQueryKey(ServiceHandle, KeyBasicInformation, NULL, 0, &infoLength);
         if (status != STATUS_BUFFER_TOO_SMALL)
         {
             status = (NT_SUCCESS(status) ? STATUS_UNSUCCESSFUL : status);
             goto Cleanup;
         }

         /* Allocate the buffer and retrieve the data */
         basicInfo = ExAllocatePoolWithTag(PagedPool, infoLength, TAG_IO);
         if (!basicInfo)
         {
             status = STATUS_INSUFFICIENT_RESOURCES;
             goto Cleanup;
         }

         status = ZwQueryKey(ServiceHandle, KeyBasicInformation, basicInfo, infoLength, &infoLength);
         if (!NT_SUCCESS(status))
         {
             goto Cleanup;
         }

         serviceName.Length = basicInfo->NameLength;
         serviceName.MaximumLength = basicInfo->NameLength;
         serviceName.Buffer = basicInfo->Name;
     }

     /* 2. There is no "ObjectName" - construct it ourselves. Depending on the driver type,
      * it will be either "\Driver<ServiceName>" or "\FileSystem<ServiceName>" */
     if (driverName.Buffer == NULL)
     {
         ASSERT(basicInfo); // Container for serviceName

         /* Retrieve the driver type */
         ULONG driverType;
         status = IopGetRegistryValue(ServiceHandle, L"Type", &kvInfo);
         if (!NT_SUCCESS(status))
         {
             goto Cleanup;
         }
         if (kvInfo->Type != REG_DWORD || kvInfo->DataLength != sizeof(ULONG))
         {
             ExFreePool(kvInfo);
             status = STATUS_ILL_FORMED_SERVICE_ENTRY;
             goto Cleanup;
         }

         RtlMoveMemory(&driverType,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       sizeof(ULONG));
         ExFreePool(kvInfo);

         /* Compute the necessary driver name string size */
         if (driverType == SERVICE_RECOGNIZER_DRIVER || driverType == SERVICE_FILE_SYSTEM_DRIVER)
             driverName.MaximumLength = sizeof(FILESYSTEM_ROOT_NAME);
         else
             driverName.MaximumLength = sizeof(DRIVER_ROOT_NAME);

         driverName.MaximumLength += serviceName.Length;
         driverName.Length = 0;

         /* Allocate and build it */
         driverName.Buffer = ExAllocatePoolWithTag(NonPagedPool, driverName.MaximumLength, TAG_IO);
         if (!driverName.Buffer)
         {
             status = STATUS_INSUFFICIENT_RESOURCES;
             goto Cleanup;
         }

         if (driverType == SERVICE_RECOGNIZER_DRIVER || driverType == SERVICE_FILE_SYSTEM_DRIVER)
             RtlAppendUnicodeToString(&driverName, FILESYSTEM_ROOT_NAME);
         else
             RtlAppendUnicodeToString(&driverName, DRIVER_ROOT_NAME);

         RtlAppendUnicodeStringToString(&driverName, &serviceName);
     }

     if (ServiceName != NULL)
     {
         ASSERT(basicInfo); // Container for serviceName

         /* Allocate a copy for the caller */
         PWCHAR buf = ExAllocatePoolWithTag(PagedPool, serviceName.Length, TAG_IO);
         if (!buf)
         {
             status = STATUS_INSUFFICIENT_RESOURCES;
             goto Cleanup;
         }
         RtlMoveMemory(buf, serviceName.Buffer, serviceName.Length);
         ServiceName->MaximumLength = serviceName.Length;
         ServiceName->Length = serviceName.Length;
         ServiceName->Buffer = buf;
     }

     *DriverName = driverName;
     status = STATUS_SUCCESS;

 Cleanup:
     if (basicInfo)
         ExFreePoolWithTag(basicInfo, TAG_IO);

     if (!NT_SUCCESS(status) && driverName.Buffer)
         ExFreePoolWithTag(driverName.Buffer, TAG_IO);

     return status;
 }

 /*
  * RETURNS
  *  TRUE if String2 contains String1 as a suffix.
  */
 BOOLEAN
 NTAPI
 IopSuffixUnicodeString(
     IN PCUNICODE_STRING String1,
     IN PCUNICODE_STRING String2)
 {
     PWCHAR pc1;
     PWCHAR pc2;
     ULONG Length;

     if (String2->Length < String1->Length)
         return FALSE;

     Length = String1->Length / 2;
     pc1 = String1->Buffer;
     pc2 = &String2->Buffer[String2->Length / sizeof(WCHAR) - Length];

     if (pc1 && pc2)
     {
         while (Length--)
         {
             if( *pc1++ != *pc2++ )
                 return FALSE;
         }
         return TRUE;
     }
     return FALSE;
 }

 /*
  * IopDisplayLoadingMessage
  *
  * Display 'Loading XXX...' message.
  */
 VOID
 FASTCALL
 IopDisplayLoadingMessage(PUNICODE_STRING ServiceName)
 {
     CHAR TextBuffer[256];
     UNICODE_STRING DotSys = RTL_CONSTANT_STRING(L".SYS");

     if (ExpInTextModeSetup) return;
     if (!KeLoaderBlock) return;
     RtlUpcaseUnicodeString(ServiceName, ServiceName, FALSE);
     snprintf(TextBuffer, sizeof(TextBuffer),
             "%s%sSystem32\\Drivers\\%wZ%s\r\n",
             KeLoaderBlock->ArcBootDeviceName,
             KeLoaderBlock->NtBootPathName,
             ServiceName,
             IopSuffixUnicodeString(&DotSys, ServiceName) ? "" : ".SYS");
     HalDisplayString(TextBuffer);
 }

 /*
  * IopNormalizeImagePath
  *
  * Normalize an image path to contain complete path.
  *
  * Parameters
  *    ImagePath
  *       The input path and on exit the result path. ImagePath.Buffer
  *       must be allocated by ExAllocatePool on input. Caller is responsible
  *       for freeing the buffer when it's no longer needed.
  *
  *    ServiceName
  *       Name of the service that ImagePath belongs to.
  *
  * Return Value
  *    Status
  *
  * Remarks
  *    The input image path isn't freed on error.
  */
 NTSTATUS
 FASTCALL
 IopNormalizeImagePath(
     _Inout_ _When_(return>=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem)))
          PUNICODE_STRING ImagePath,
     _In_ PUNICODE_STRING ServiceName)
 {
     UNICODE_STRING SystemRootString = RTL_CONSTANT_STRING(L"\\SystemRoot\\");
     UNICODE_STRING DriversPathString = RTL_CONSTANT_STRING(L"\\SystemRoot\\System32\\drivers\\");
     UNICODE_STRING DotSysString = RTL_CONSTANT_STRING(L".sys");
     UNICODE_STRING InputImagePath;

     DPRINT("Normalizing image path '%wZ' for service '%wZ'\n", ImagePath, ServiceName);

     InputImagePath = *ImagePath;
     if (InputImagePath.Length == 0)
     {
         ImagePath->Length = 0;
         ImagePath->MaximumLength = DriversPathString.Length +
                                    ServiceName->Length +
                                    DotSysString.Length +
                                    sizeof(UNICODE_NULL);
         ImagePath->Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   ImagePath->MaximumLength,
                                                   TAG_IO);
         if (ImagePath->Buffer == NULL)
             return STATUS_NO_MEMORY;

         RtlCopyUnicodeString(ImagePath, &DriversPathString);
         RtlAppendUnicodeStringToString(ImagePath, ServiceName);
         RtlAppendUnicodeStringToString(ImagePath, &DotSysString);
     }
     else if (InputImagePath.Buffer[0] != L'\\')
     {
         ImagePath->Length = 0;
         ImagePath->MaximumLength = SystemRootString.Length +
                                    InputImagePath.Length +
                                    sizeof(UNICODE_NULL);
         ImagePath->Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   ImagePath->MaximumLength,
                                                   TAG_IO);
         if (ImagePath->Buffer == NULL)
             return STATUS_NO_MEMORY;

         RtlCopyUnicodeString(ImagePath, &SystemRootString);
         RtlAppendUnicodeStringToString(ImagePath, &InputImagePath);

         /* Free caller's string */
         ExFreePoolWithTag(InputImagePath.Buffer, TAG_RTLREGISTRY);
     }

     DPRINT("Normalized image path is '%wZ' for service '%wZ'\n", ImagePath, ServiceName);

     return STATUS_SUCCESS;
 }

 NTSTATUS
 IopInitializeDriverModule(
     _In_ PLDR_DATA_TABLE_ENTRY ModuleObject,
     _In_ HANDLE ServiceHandle,
     _Out_ PDRIVER_OBJECT *OutDriverObject,
     _Out_ NTSTATUS *DriverEntryStatus)
 {
     UNICODE_STRING DriverName, RegistryPath, ServiceName;
     NTSTATUS Status;

     PAGED_CODE();

     Status = IopGetDriverNames(ServiceHandle, &DriverName, &ServiceName);
     if (!NT_SUCCESS(Status))
     {
         MmUnloadSystemImage(ModuleObject);
         return Status;
     }

     DPRINT("Driver name: '%wZ'\n", &DriverName);

     /* Obtain the registry path for the DriverInit routine */
     PKEY_NAME_INFORMATION nameInfo;
     ULONG infoLength;
     Status = ZwQueryKey(ServiceHandle, KeyNameInformation, NULL, 0, &infoLength);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         nameInfo = ExAllocatePoolWithTag(NonPagedPool, infoLength, TAG_IO);
         if (nameInfo)
         {
             Status = ZwQueryKey(ServiceHandle,
                                 KeyNameInformation,
                                 nameInfo,
                                 infoLength,
                                 &infoLength);
             if (NT_SUCCESS(Status))
             {
                 RegistryPath.Length = nameInfo->NameLength;
                 RegistryPath.MaximumLength = nameInfo->NameLength;
                 RegistryPath.Buffer = nameInfo->Name;
             }
             else
             {
                 ExFreePoolWithTag(nameInfo, TAG_IO);
             }
         }
         else
         {
             Status = STATUS_INSUFFICIENT_RESOURCES;
         }
     }
     else
     {
         Status = NT_SUCCESS(Status) ? STATUS_UNSUCCESSFUL : Status;
     }

     if (!NT_SUCCESS(Status))
     {
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         MmUnloadSystemImage(ModuleObject);
         return Status;
     }

     /* Create the driver object */
     ULONG ObjectSize = sizeof(DRIVER_OBJECT) + sizeof(EXTENDED_DRIVER_EXTENSION);
     OBJECT_ATTRIBUTES objAttrs;
     PDRIVER_OBJECT driverObject;
     InitializeObjectAttributes(&objAttrs,
                                &DriverName,
                                OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                NULL,
                                NULL);

     Status = ObCreateObject(KernelMode,
                             IoDriverObjectType,
                             &objAttrs,
                             KernelMode,
                             NULL,
                             ObjectSize,
                             0,
                             0,
                             (PVOID*)&driverObject);
     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         MmUnloadSystemImage(ModuleObject);
         DPRINT1("Error while creating driver object \"%wZ\" status %x\n", &DriverName, Status);
         return Status;
     }

     DPRINT("Created driver object 0x%p for \"%wZ\"\n", driverObject, &DriverName);

     RtlZeroMemory(driverObject, ObjectSize);
     driverObject->Type = IO_TYPE_DRIVER;
     driverObject->Size = sizeof(DRIVER_OBJECT);
     driverObject->Flags = DRVO_LEGACY_DRIVER; // TODO: check the WDM_DRIVER flag on the module
     driverObject->DriverSection = ModuleObject;
     driverObject->DriverStart = ModuleObject->DllBase;
     driverObject->DriverSize = ModuleObject->SizeOfImage;
     driverObject->DriverInit = ModuleObject->EntryPoint;
     driverObject->HardwareDatabase = &IopHardwareDatabaseKey;
     driverObject->DriverExtension = (PDRIVER_EXTENSION)(driverObject + 1);
     driverObject->DriverExtension->DriverObject = driverObject;

     /* Loop all Major Functions */
     for (INT i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /* Invalidate each function */
         driverObject->MajorFunction[i] = IopInvalidDeviceRequest;
     }

     /* Add the Object and get its handle */
     HANDLE hDriver;
     Status = ObInsertObject(driverObject, NULL, FILE_READ_DATA, 0, NULL, &hDriver);
     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO);
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return Status;
     }

     /* Now reference it */
     Status = ObReferenceObjectByHandle(hDriver,
                                        0,
                                        IoDriverObjectType,
                                        KernelMode,
                                        (PVOID*)&driverObject,
                                        NULL);

     /* Close the extra handle */
     ZwClose(hDriver);

     if (!NT_SUCCESS(Status))
     {
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return Status;
     }

     /* Set up the service key name buffer */
     UNICODE_STRING serviceKeyName;
     serviceKeyName.Length = 0;
     // NULL-terminate for Windows compatibility
     serviceKeyName.MaximumLength = ServiceName.MaximumLength + sizeof(UNICODE_NULL);
     serviceKeyName.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                   serviceKeyName.MaximumLength,
                                                   TAG_IO);
     if (!serviceKeyName.Buffer)
     {
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&ServiceName);
         RtlFreeUnicodeString(&DriverName);
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     /* Copy the name and set it in the driver extension */
     RtlCopyUnicodeString(&serviceKeyName, &ServiceName);
     RtlFreeUnicodeString(&ServiceName);
     driverObject->DriverExtension->ServiceKeyName = serviceKeyName;

     /* Make a copy of the driver name to store in the driver object */
     UNICODE_STRING driverNamePaged;
     driverNamePaged.Length = 0;
     // NULL-terminate for Windows compatibility
     driverNamePaged.MaximumLength = DriverName.MaximumLength + sizeof(UNICODE_NULL);
     driverNamePaged.Buffer = ExAllocatePoolWithTag(PagedPool,
                                                    driverNamePaged.MaximumLength,
                                                    TAG_IO);
     if (!driverNamePaged.Buffer)
     {
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
         RtlFreeUnicodeString(&DriverName);
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     RtlCopyUnicodeString(&driverNamePaged, &DriverName);
     driverObject->DriverName = driverNamePaged;

     /* Finally, call its init function */
     Status = driverObject->DriverInit(driverObject, &RegistryPath);
     *DriverEntryStatus = Status;
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("'%wZ' initialization failed, status (0x%08lx)\n", &DriverName, Status);
         // return a special status value in case of failure
         Status = STATUS_FAILED_DRIVER_ENTRY;
     }

     /* HACK: We're going to say if we don't have any DOs from DriverEntry, then we're not legacy.
      * Other parts of the I/O manager depend on this behavior */
     if (!driverObject->DeviceObject)
     {
         driverObject->Flags &= ~DRVO_LEGACY_DRIVER;
     }

     // Windows does this fixup - keep it for compatibility
     for (INT i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /*
          * Make sure the driver didn't set any dispatch entry point to NULL!
          * Doing so is illegal; drivers shouldn't touch entry points they
          * do not implement.
          */

         /* Check if it did so anyway */
         if (!driverObject->MajorFunction[i])
         {
             /* Print a warning in the debug log */
             DPRINT1("Driver <%wZ> set DriverObject->MajorFunction[%lu] to NULL!\n",
                     &driverObject->DriverName, i);

             /* Fix it up */
             driverObject->MajorFunction[i] = IopInvalidDeviceRequest;
         }
     }

     // TODO: for legacy drivers, unload the driver if it didn't create any DO

     ExFreePoolWithTag(nameInfo, TAG_IO); // container for RegistryPath
     RtlFreeUnicodeString(&DriverName);

     if (!NT_SUCCESS(Status))
     {
         // if the driver entry has been failed, clear the object
         ObMakeTemporaryObject(driverObject);
         ObDereferenceObject(driverObject);
         return Status;
     }

     *OutDriverObject = driverObject;

     MmFreeDriverInitialization((PLDR_DATA_TABLE_ENTRY)driverObject->DriverSection);

     /* Set the driver as initialized */
     IopReadyDeviceObjects(driverObject);

     if (PnpSystemInit) IopReinitializeDrivers();

     return STATUS_SUCCESS;
 }

 NTSTATUS
 NTAPI
 MiResolveImageReferences(IN PVOID ImageBase,
                          IN PUNICODE_STRING ImageFileDirectory,
                          IN PUNICODE_STRING NamePrefix OPTIONAL,
                          OUT PCHAR *MissingApi,
                          OUT PWCHAR *MissingDriver,
                          OUT PLOAD_IMPORTS *LoadImports);

 //
 // Used for images already loaded (boot drivers)
 //
 CODE_SEG("INIT")
 NTSTATUS
 NTAPI
 LdrProcessDriverModule(PLDR_DATA_TABLE_ENTRY LdrEntry,
                        PUNICODE_STRING FileName,
                        PLDR_DATA_TABLE_ENTRY *ModuleObject)
 {
     NTSTATUS Status;
     UNICODE_STRING BaseName, BaseDirectory;
     PLOAD_IMPORTS LoadedImports = (PVOID)-2;
     PCHAR MissingApiName, Buffer;
     PWCHAR MissingDriverName;
     PVOID DriverBase = LdrEntry->DllBase;

     /* Allocate a buffer we'll use for names */
     Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                    MAXIMUM_FILENAME_LENGTH,
                                    TAG_LDR_WSTR);
     if (!Buffer)
     {
         /* Fail */
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     /* Check for a separator */
     if (FileName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR)
     {
         PWCHAR p;
         ULONG BaseLength;

         /* Loop the path until we get to the base name */
         p = &FileName->Buffer[FileName->Length / sizeof(WCHAR)];
         while (*(p - 1) != OBJ_NAME_PATH_SEPARATOR) p--;

         /* Get the length */
         BaseLength = (ULONG)(&FileName->Buffer[FileName->Length / sizeof(WCHAR)] - p);
         BaseLength *= sizeof(WCHAR);

         /* Setup the string */
         BaseName.Length = (USHORT)BaseLength;
         BaseName.Buffer = p;
     }
     else
     {
         /* Otherwise, we already have a base name */
         BaseName.Length = FileName->Length;
         BaseName.Buffer = FileName->Buffer;
     }

     /* Setup the maximum length */
     BaseName.MaximumLength = BaseName.Length;

     /* Now compute the base directory */
     BaseDirectory = *FileName;
     BaseDirectory.Length -= BaseName.Length;
     BaseDirectory.MaximumLength = BaseDirectory.Length;

     /* Resolve imports */
     MissingApiName = Buffer;
     Status = MiResolveImageReferences(DriverBase,
                                       &BaseDirectory,
                                       NULL,
                                       &MissingApiName,
                                       &MissingDriverName,
                                       &LoadedImports);

     /* Free the temporary buffer */
     ExFreePoolWithTag(Buffer, TAG_LDR_WSTR);

     /* Check the result of the imports resolution */
     if (!NT_SUCCESS(Status)) return Status;

     /* Return */
     *ModuleObject = LdrEntry;
     return STATUS_SUCCESS;
 }

 PDEVICE_OBJECT
 IopGetDeviceObjectFromDeviceInstance(PUNICODE_STRING DeviceInstance);

 /*
  * IopInitializeBuiltinDriver
  *
  * Initialize a driver that is already loaded in memory.
  */
 CODE_SEG("INIT")
 static
 BOOLEAN
 IopInitializeBuiltinDriver(IN PLDR_DATA_TABLE_ENTRY BootLdrEntry)
 {
     PDRIVER_OBJECT DriverObject;
     NTSTATUS Status;
     PWCHAR Buffer, FileNameWithoutPath;
     PWSTR FileExtension;
     PUNICODE_STRING ModuleName = &BootLdrEntry->BaseDllName;
     PLDR_DATA_TABLE_ENTRY LdrEntry;
     PLIST_ENTRY NextEntry;
     UNICODE_STRING ServiceName;
     BOOLEAN Success;

     /*
      * Display 'Loading XXX...' message
      */
     IopDisplayLoadingMessage(ModuleName);
     InbvIndicateProgress();

     Buffer = ExAllocatePoolWithTag(PagedPool,
                                    ModuleName->Length + sizeof(UNICODE_NULL),
                                    TAG_IO);
     if (Buffer == NULL)
     {
         return FALSE;
     }

     RtlCopyMemory(Buffer, ModuleName->Buffer, ModuleName->Length);
     Buffer[ModuleName->Length / sizeof(WCHAR)] = UNICODE_NULL;

     /*
      * Generate filename without path (not needed by freeldr)
      */
     FileNameWithoutPath = wcsrchr(Buffer, L'\\');
     if (FileNameWithoutPath == NULL)
     {
         FileNameWithoutPath = Buffer;
     }
     else
     {
         FileNameWithoutPath++;
     }

     /*
      * Strip the file extension from ServiceName
      */
     Success = RtlCreateUnicodeString(&ServiceName, FileNameWithoutPath);
     ExFreePoolWithTag(Buffer, TAG_IO);
     if (!Success)
     {
         return FALSE;
     }

     FileExtension = wcsrchr(ServiceName.Buffer, L'.');
     if (FileExtension != NULL)
     {
         ServiceName.Length -= (USHORT)wcslen(FileExtension) * sizeof(WCHAR);
         FileExtension[0] = UNICODE_NULL;
     }

     UNICODE_STRING RegistryPath;

     // Make the registry path for the driver
     RegistryPath.Length = 0;
     RegistryPath.MaximumLength = sizeof(ServicesKeyName) + ServiceName.Length;
     RegistryPath.Buffer = ExAllocatePoolWithTag(PagedPool, RegistryPath.MaximumLength, TAG_IO);
     if (RegistryPath.Buffer == NULL)
     {
         return FALSE;
     }
     RtlAppendUnicodeToString(&RegistryPath, ServicesKeyName);
     RtlAppendUnicodeStringToString(&RegistryPath, &ServiceName);
     RtlFreeUnicodeString(&ServiceName);

     HANDLE serviceHandle;
     Status = IopOpenRegistryKeyEx(&serviceHandle, NULL, &RegistryPath, KEY_READ);
     RtlFreeUnicodeString(&RegistryPath);
     if (!NT_SUCCESS(Status))
     {
         return FALSE;
     }

     /* Lookup the new Ldr entry in PsLoadedModuleList */
     for (NextEntry = PsLoadedModuleList.Flink;
          NextEntry != &PsLoadedModuleList;
          NextEntry = NextEntry->Flink)
     {
         LdrEntry = CONTAINING_RECORD(NextEntry,
                                      LDR_DATA_TABLE_ENTRY,
                                      InLoadOrderLinks);
         if (RtlEqualUnicodeString(ModuleName, &LdrEntry->BaseDllName, TRUE))
         {
             break;
         }
     }
     ASSERT(NextEntry != &PsLoadedModuleList);

     /*
      * Initialize the driver
      */
     NTSTATUS driverEntryStatus;
     Status = IopInitializeDriverModule(LdrEntry,
                                        serviceHandle,
                                        &DriverObject,
                                        &driverEntryStatus);

     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Driver '%wZ' load failed, status (%x)\n", ModuleName, Status);
         return FALSE;
     }

     // The driver has been loaded, now check if where are any PDOs
     // for that driver, and queue AddDevice call for them.
     // The check is possible because HKLM/SYSTEM/CCS/Services/<ServiceName>/Enum directory
     // is populated upon a new device arrival based on a (critical) device database

     // Legacy drivers may add devices inside DriverEntry.
     // We're lazy and always assume that they are doing so
     BOOLEAN deviceAdded = !!(DriverObject->Flags & DRVO_LEGACY_DRIVER);

     HANDLE enumServiceHandle;
     UNICODE_STRING enumName = RTL_CONSTANT_STRING(L"Enum");

     Status = IopOpenRegistryKeyEx(&enumServiceHandle, serviceHandle, &enumName, KEY_READ);
     ZwClose(serviceHandle);

     if (NT_SUCCESS(Status))
     {
         ULONG instanceCount = 0;
         PKEY_VALUE_FULL_INFORMATION kvInfo;
         Status = IopGetRegistryValue(enumServiceHandle, L"Count", &kvInfo);
         if (!NT_SUCCESS(Status))
         {
             goto Cleanup;
         }
         if (kvInfo->Type != REG_DWORD || kvInfo->DataLength != sizeof(ULONG))
         {
             ExFreePool(kvInfo);
             goto Cleanup;
         }

         RtlMoveMemory(&instanceCount,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       sizeof(ULONG));
         ExFreePool(kvInfo);

         DPRINT("Processing %u instances for %wZ module\n", instanceCount, ModuleName);

         for (ULONG i = 0; i < instanceCount; i++)
         {
             WCHAR num[11];
             UNICODE_STRING instancePath;
             RtlStringCchPrintfW(num, sizeof(num), L"%u", i);

             Status = IopGetRegistryValue(enumServiceHandle, num, &kvInfo);
             if (!NT_SUCCESS(Status))
             {
                 continue;
             }
             if (kvInfo->Type != REG_SZ || kvInfo->DataLength == 0)
             {
                 ExFreePool(kvInfo);
                 continue;
             }

             instancePath.Length = kvInfo->DataLength - sizeof(UNICODE_NULL);
             instancePath.MaximumLength = kvInfo->DataLength;
             instancePath.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                                         instancePath.MaximumLength,
                                                         TAG_IO);
             if (instancePath.Buffer)
             {
                 RtlMoveMemory(instancePath.Buffer,
                               (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                               instancePath.Length);
                 instancePath.Buffer[instancePath.Length / sizeof(WCHAR)] = UNICODE_NULL;

                 PDEVICE_OBJECT pdo = IopGetDeviceObjectFromDeviceInstance(&instancePath);
                 PiQueueDeviceAction(pdo, PiActionAddBootDevices, NULL, NULL);
                 ObDereferenceObject(pdo);
                 deviceAdded = TRUE;
             }

             ExFreePool(kvInfo);
         }

         ZwClose(enumServiceHandle);
     }
 Cleanup:
     /* Remove extra reference from IopInitializeDriverModule */
     ObDereferenceObject(DriverObject);

     return deviceAdded;
 }

 /*
  * IopInitializeBootDrivers
  *
  * Initialize boot drivers and free memory for boot files.
  *
  * Parameters
  *    None
  *
  * Return Value
  *    None
  */
 CODE_SEG("INIT")
 VOID
 FASTCALL
 IopInitializeBootDrivers(VOID)
 {
     PLIST_ENTRY ListHead, NextEntry, NextEntry2;
     PLDR_DATA_TABLE_ENTRY LdrEntry;
     NTSTATUS Status;
     UNICODE_STRING DriverName;
     ULONG i, Index;
     PDRIVER_INFORMATION DriverInfo, DriverInfoTag;
     HANDLE KeyHandle;
     PBOOT_DRIVER_LIST_ENTRY BootEntry;
     DPRINT("IopInitializeBootDrivers()\n");

     /* Create the RAW FS built-in driver */
     RtlInitUnicodeString(&DriverName, L"\\FileSystem\\RAW");

     Status = IoCreateDriver(&DriverName, RawFsDriverEntry);
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         return;
     }

     /* Get highest group order index */
     IopGroupIndex = PpInitGetGroupOrderIndex(NULL);
     if (IopGroupIndex == 0xFFFF) ASSERT(FALSE);

     /* Allocate the group table */
     IopGroupTable = ExAllocatePoolWithTag(PagedPool,
                                           IopGroupIndex * sizeof(LIST_ENTRY),
                                           TAG_IO);
     if (IopGroupTable == NULL) ASSERT(FALSE);

     /* Initialize the group table lists */
     for (i = 0; i < IopGroupIndex; i++) InitializeListHead(&IopGroupTable[i]);

     /* Loop the boot modules */
     ListHead = &KeLoaderBlock->LoadOrderListHead;
     for (NextEntry = ListHead->Flink;
          NextEntry != ListHead;
          NextEntry = NextEntry->Flink)
     {
         /* Get the entry */
         LdrEntry = CONTAINING_RECORD(NextEntry,
                                      LDR_DATA_TABLE_ENTRY,
                                      InLoadOrderLinks);

         /* Check if the DLL needs to be initialized */
         if (LdrEntry->Flags & LDRP_DRIVER_DEPENDENT_DLL)
         {
             /* Call its entrypoint */
             MmCallDllInitialize(LdrEntry, NULL);
         }
     }

     /* Loop the boot drivers */
     ListHead = &KeLoaderBlock->BootDriverListHead;
     for (NextEntry = ListHead->Flink;
          NextEntry != ListHead;
          NextEntry = NextEntry->Flink)
     {
         /* Get the entry */
         BootEntry = CONTAINING_RECORD(NextEntry,
                                       BOOT_DRIVER_LIST_ENTRY,
                                       Link);

         // FIXME: TODO: This LdrEntry is to be used in a special handling
         // for SETUPLDR (a similar procedure is done on Windows), where
         // the loader would, under certain conditions, be loaded in the
         // SETUPLDR-specific code block below...
 #if 0
         /* Get the driver loader entry */
         LdrEntry = BootEntry->LdrEntry;
 #endif

         /* Allocate our internal accounting structure */
         DriverInfo = ExAllocatePoolWithTag(PagedPool,
                                            sizeof(DRIVER_INFORMATION),
                                            TAG_IO);
         if (DriverInfo)
         {
             /* Zero it and initialize it */
             RtlZeroMemory(DriverInfo, sizeof(DRIVER_INFORMATION));
             InitializeListHead(&DriverInfo->Link);
             DriverInfo->DataTableEntry = BootEntry;

             /* Open the registry key */
             Status = IopOpenRegistryKeyEx(&KeyHandle,
                                           NULL,
                                           &BootEntry->RegistryPath,
                                           KEY_READ);
             DPRINT("IopOpenRegistryKeyEx(%wZ) returned 0x%08lx\n", &BootEntry->RegistryPath, Status);
 #if 0
             if (NT_SUCCESS(Status))
 #else // Hack still needed...
             if ((NT_SUCCESS(Status)) || /* ReactOS HACK for SETUPLDR */
                 ((KeLoaderBlock->SetupLdrBlock) && ((KeyHandle = (PVOID)1)))) // yes, it's an assignment!
 #endif
             {
                 /* Save the handle */
                 DriverInfo->ServiceHandle = KeyHandle;

                 /* Get the group oder index */
                 Index = PpInitGetGroupOrderIndex(KeyHandle);

                 /* Get the tag position */
                 DriverInfo->TagPosition = PipGetDriverTagPriority(KeyHandle);

                 /* Insert it into the list, at the right place */
                 ASSERT(Index < IopGroupIndex);
                 NextEntry2 = IopGroupTable[Index].Flink;
                 while (NextEntry2 != &IopGroupTable[Index])
                 {
                     /* Get the driver info */
                     DriverInfoTag = CONTAINING_RECORD(NextEntry2,
                                                       DRIVER_INFORMATION,
                                                       Link);

                     /* Check if we found the right tag position */
                     if (DriverInfoTag->TagPosition > DriverInfo->TagPosition)
                     {
                         /* We're done */
                         break;
                     }

                     /* Next entry */
                     NextEntry2 = NextEntry2->Flink;
                 }

                 /* Insert us right before the next entry */
                 NextEntry2 = NextEntry2->Blink;
                 InsertHeadList(NextEntry2, &DriverInfo->Link);
             }
         }
     }

     /* Loop each group index */
     for (i = 0; i < IopGroupIndex; i++)
     {
         /* Loop each group table */
         for (NextEntry = IopGroupTable[i].Flink;
              NextEntry != &IopGroupTable[i];
              NextEntry = NextEntry->Flink)
         {
             /* Get the entry */
             DriverInfo = CONTAINING_RECORD(NextEntry,
                                            DRIVER_INFORMATION,
                                            Link);

             /* Get the driver loader entry */
             LdrEntry = DriverInfo->DataTableEntry->LdrEntry;

             /* Initialize it */
             if (IopInitializeBuiltinDriver(LdrEntry))
             {
                 // it does not make sense to enumerate the tree if there are no new devices added
                 PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                                     PiActionEnumRootDevices,
                                     NULL,
                                     NULL);
             }
         }
     }

     /* HAL Root Bus is being initialized before loading the boot drivers so this may cause issues
      * when some devices are not being initialized with their drivers. This flag is used to delay
      * all actions with devices (except PnP root device) until boot drivers are loaded.
      * See PiQueueDeviceAction function
      */
     PnPBootDriversLoaded = TRUE;

     DbgPrint("BOOT DRIVERS LOADED\n");

     PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                         PiActionEnumDeviceTree,
                         NULL,
                         NULL);
 }

 CODE_SEG("INIT")
 VOID
 FASTCALL
 IopInitializeSystemDrivers(VOID)
 {
     PUNICODE_STRING *DriverList, *SavedList;

     PiPerformSyncDeviceAction(IopRootDeviceNode->PhysicalDeviceObject, PiActionEnumDeviceTree);

     /* No system drivers on the boot cd */
     if (KeLoaderBlock->SetupLdrBlock) return; // ExpInTextModeSetup

     /* Get the driver list */
     SavedList = DriverList = CmGetSystemDriverList();
     ASSERT(DriverList);

     /* Loop it */
     while (*DriverList)
     {
         /* Load the driver */
         ZwLoadDriver(*DriverList);

         /* Free the entry */
         RtlFreeUnicodeString(*DriverList);
         ExFreePool(*DriverList);

         /* Next entry */
         InbvIndicateProgress();
         DriverList++;
     }

     /* Free the list */
     ExFreePool(SavedList);

     PiQueueDeviceAction(IopRootDeviceNode->PhysicalDeviceObject,
                         PiActionEnumDeviceTree,
                         NULL,
                         NULL);
 }

 /*
  * IopUnloadDriver
  *
  * Unloads a device driver.
  *
  * Parameters
  *    DriverServiceName
  *       Name of the service to unload (registry key).
  *
  *    UnloadPnpDrivers
  *       Whether to unload Plug & Plug or only legacy drivers. If this
  *       parameter is set to FALSE, the routine will unload only legacy
  *       drivers.
  *
  * Return Value
  *    Status
  *
  * To do
  *    Guard the whole function by SEH.
  */

 NTSTATUS NTAPI
 IopUnloadDriver(PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)
 {
     UNICODE_STRING Backslash = RTL_CONSTANT_STRING(L"\\");
     RTL_QUERY_REGISTRY_TABLE QueryTable[2];
     UNICODE_STRING ImagePath;
     UNICODE_STRING ServiceName;
     UNICODE_STRING ObjectName;
     PDRIVER_OBJECT DriverObject;
     PDEVICE_OBJECT DeviceObject;
     PEXTENDED_DEVOBJ_EXTENSION DeviceExtension;
     NTSTATUS Status;
     USHORT LastBackslash;
     BOOLEAN SafeToUnload = TRUE;
     KPROCESSOR_MODE PreviousMode;
     UNICODE_STRING CapturedServiceName;

     PAGED_CODE();

     PreviousMode = ExGetPreviousMode();

     /* Need the appropriate priviliege */
     if (!SeSinglePrivilegeCheck(SeLoadDriverPrivilege, PreviousMode))
     {
         DPRINT1("No unload privilege!\n");
         return STATUS_PRIVILEGE_NOT_HELD;
     }

     /* Capture the service name */
     Status = ProbeAndCaptureUnicodeString(&CapturedServiceName,
                                           PreviousMode,
                                           DriverServiceName);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }

     DPRINT("IopUnloadDriver('%wZ', %u)\n", &CapturedServiceName, UnloadPnpDrivers);

     /* We need a service name */
     if (CapturedServiceName.Length == 0 || CapturedServiceName.Buffer == NULL)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INVALID_PARAMETER;
     }

     /*
      * Get the service name from the registry key name
      */
     Status = RtlFindCharInUnicodeString(RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END,
                                         &CapturedServiceName,
                                         &Backslash,
                                         &LastBackslash);
     if (NT_SUCCESS(Status))
     {
         NT_ASSERT(CapturedServiceName.Length >= LastBackslash + sizeof(WCHAR));
         ServiceName.Buffer = &CapturedServiceName.Buffer[LastBackslash / sizeof(WCHAR) + 1];
         ServiceName.Length = CapturedServiceName.Length - LastBackslash - sizeof(WCHAR);
         ServiceName.MaximumLength = CapturedServiceName.MaximumLength - LastBackslash - sizeof(WCHAR);
     }
     else
     {
         ServiceName = CapturedServiceName;
     }

     /*
      * Construct the driver object name
      */
     Status = RtlUShortAdd(sizeof(DRIVER_ROOT_NAME),
                           ServiceName.Length,
                           &ObjectName.MaximumLength);
     if (!NT_SUCCESS(Status))
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return Status;
     }
     ObjectName.Length = 0;
     ObjectName.Buffer = ExAllocatePoolWithTag(PagedPool,
                                               ObjectName.MaximumLength,
                                               TAG_IO);
     if (!ObjectName.Buffer)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
     NT_VERIFY(NT_SUCCESS(RtlAppendUnicodeToString(&ObjectName, DRIVER_ROOT_NAME)));
     NT_VERIFY(NT_SUCCESS(RtlAppendUnicodeStringToString(&ObjectName, &ServiceName)));

     /*
      * Find the driver object
      */
     Status = ObReferenceObjectByName(&ObjectName,
                                      0,
                                      0,
                                      0,
                                      IoDriverObjectType,
                                      KernelMode,
                                      0,
                                      (PVOID*)&DriverObject);

     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Can't locate driver object for %wZ\n", &ObjectName);
         ExFreePoolWithTag(ObjectName.Buffer, TAG_IO);
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return Status;
     }

     /* Free the buffer for driver object name */
     ExFreePoolWithTag(ObjectName.Buffer, TAG_IO);

     /* Check that driver is not already unloading */
     if (DriverObject->Flags & DRVO_UNLOAD_INVOKED)
     {
         DPRINT1("Driver deletion pending\n");
         ObDereferenceObject(DriverObject);
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_DELETE_PENDING;
     }

     /*
      * Get path of service...
      */
     RtlZeroMemory(QueryTable, sizeof(QueryTable));

     RtlInitUnicodeString(&ImagePath, NULL);

     QueryTable[0].Name = L"ImagePath";
     QueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
     QueryTable[0].EntryContext = &ImagePath;

     Status = RtlQueryRegistryValues(RTL_REGISTRY_ABSOLUTE,
                                     CapturedServiceName.Buffer,
                                     QueryTable,
                                     NULL,
                                     NULL);

     /* We no longer need service name */
     ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);

     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlQueryRegistryValues() failed (Status %x)\n", Status);
         ObDereferenceObject(DriverObject);
         return Status;
     }

     /*
      * Normalize the image path for all later processing.
      */
     Status = IopNormalizeImagePath(&ImagePath, &ServiceName);

     if (!NT_SUCCESS(Status))
     {
         DPRINT1("IopNormalizeImagePath() failed (Status %x)\n", Status);
         ObDereferenceObject(DriverObject);
         return Status;
     }

     /* Free the service path */
     ExFreePool(ImagePath.Buffer);

     /*
      * Unload the module and release the references to the device object
      */

     /* Call the load/unload routine, depending on current process */
     if (DriverObject->DriverUnload && DriverObject->DriverSection &&
         (UnloadPnpDrivers || (DriverObject->Flags & DRVO_LEGACY_DRIVER)))
     {
         /* Loop through each device object of the driver
            and set DOE_UNLOAD_PENDING flag */
         DeviceObject = DriverObject->DeviceObject;
         while (DeviceObject)
         {
             /* Set the unload pending flag for the device */
             DeviceExtension = IoGetDevObjExtension(DeviceObject);
             DeviceExtension->ExtensionFlags |= DOE_UNLOAD_PENDING;

             /* Make sure there are no attached devices or no reference counts */
             if ((DeviceObject->ReferenceCount) || (DeviceObject->AttachedDevice))
             {
                 /* Not safe to unload */
                 DPRINT1("Drivers device object is referenced or has attached devices\n");

                 SafeToUnload = FALSE;
             }

             DeviceObject = DeviceObject->NextDevice;
         }

         /* If not safe to unload, then return success */
         if (!SafeToUnload)
         {
             ObDereferenceObject(DriverObject);
             return STATUS_SUCCESS;
         }

         DPRINT1("Unloading driver '%wZ' (manual)\n", &DriverObject->DriverName);

         /* Set the unload invoked flag and call the unload routine */
         DriverObject->Flags |= DRVO_UNLOAD_INVOKED;
         Status = IopDoLoadUnloadDriver(NULL, &DriverObject);
         ASSERT(Status == STATUS_SUCCESS);

         /* Mark the driver object temporary, so it could be deleted later */
         ObMakeTemporaryObject(DriverObject);

         /* Dereference it 2 times */
         ObDereferenceObject(DriverObject);
         ObDereferenceObject(DriverObject);

         return Status;
     }
     else
     {
         DPRINT1("No DriverUnload function! '%wZ' will not be unloaded!\n", &DriverObject->DriverName);

         /* Dereference one time (refd inside this function) */
         ObDereferenceObject(DriverObject);

         /* Return unloading failure */
         return STATUS_INVALID_DEVICE_REQUEST;
     }
 }

 VOID
 NTAPI
 IopReinitializeDrivers(VOID)
 {
     PDRIVER_REINIT_ITEM ReinitItem;
     PLIST_ENTRY Entry;

     /* Get the first entry and start looping */
     Entry = ExInterlockedRemoveHeadList(&DriverReinitListHead,
                                         &DriverReinitListLock);
     while (Entry)
     {
         /* Get the item */
         ReinitItem = CONTAINING_RECORD(Entry, DRIVER_REINIT_ITEM, ItemEntry);

         /* Increment reinitialization counter */
         ReinitItem->DriverObject->DriverExtension->Count++;

         /* Remove the device object flag */
         ReinitItem->DriverObject->Flags &= ~DRVO_REINIT_REGISTERED;

         /* Call the routine */
         ReinitItem->ReinitRoutine(ReinitItem->DriverObject,
                                   ReinitItem->Context,
                                   ReinitItem->DriverObject->
                                   DriverExtension->Count);

         /* Free the entry */
         ExFreePool(Entry);

         /* Move to the next one */
         Entry = ExInterlockedRemoveHeadList(&DriverReinitListHead,
                                             &DriverReinitListLock);
     }
 }

 VOID
 NTAPI
 IopReinitializeBootDrivers(VOID)
 {
     PDRIVER_REINIT_ITEM ReinitItem;
     PLIST_ENTRY Entry;

     /* Get the first entry and start looping */
     Entry = ExInterlockedRemoveHeadList(&DriverBootReinitListHead,
                                         &DriverBootReinitListLock);
     while (Entry)
     {
         /* Get the item */
         ReinitItem = CONTAINING_RECORD(Entry, DRIVER_REINIT_ITEM, ItemEntry);

         /* Increment reinitialization counter */
         ReinitItem->DriverObject->DriverExtension->Count++;

         /* Remove the device object flag */
         ReinitItem->DriverObject->Flags &= ~DRVO_BOOTREINIT_REGISTERED;

         /* Call the routine */
         ReinitItem->ReinitRoutine(ReinitItem->DriverObject,
                                   ReinitItem->Context,
                                   ReinitItem->DriverObject->
                                   DriverExtension->Count);

         /* Free the entry */
         ExFreePool(Entry);

         /* Move to the next one */
         Entry = ExInterlockedRemoveHeadList(&DriverBootReinitListHead,
                                             &DriverBootReinitListLock);
     }

     /* Wait for all device actions being finished*/
     KeWaitForSingleObject(&PiEnumerationFinished, Executive, KernelMode, FALSE, NULL);
 }

 /* PUBLIC FUNCTIONS ***********************************************************/

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 IoCreateDriver(
     _In_opt_ PUNICODE_STRING DriverName,
     _In_ PDRIVER_INITIALIZE InitializationFunction)
 {
     WCHAR NameBuffer[100];
     USHORT NameLength;
     UNICODE_STRING LocalDriverName;
     NTSTATUS Status;
     OBJECT_ATTRIBUTES ObjectAttributes;
     ULONG ObjectSize;
     PDRIVER_OBJECT DriverObject;
     UNICODE_STRING ServiceKeyName;
     HANDLE hDriver;
     ULONG i, RetryCount = 0;

 try_again:
     /* First, create a unique name for the driver if we don't have one */
     if (!DriverName)
     {
         /* Create a random name and set up the string */
         NameLength = (USHORT)swprintf(NameBuffer,
                                       DRIVER_ROOT_NAME L"%08u",
                                       KeTickCount.LowPart);
         LocalDriverName.Length = NameLength * sizeof(WCHAR);
         LocalDriverName.MaximumLength = LocalDriverName.Length + sizeof(UNICODE_NULL);
         LocalDriverName.Buffer = NameBuffer;
     }
     else
     {
         /* So we can avoid another code path, use a local var */
         LocalDriverName = *DriverName;
     }

     /* Initialize the Attributes */
     ObjectSize = sizeof(DRIVER_OBJECT) + sizeof(EXTENDED_DRIVER_EXTENSION);
     InitializeObjectAttributes(&ObjectAttributes,
                                &LocalDriverName,
                                OBJ_PERMANENT | OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                NULL,
                                NULL);

     /* Create the Object */
     Status = ObCreateObject(KernelMode,
                             IoDriverObjectType,
                             &ObjectAttributes,
                             KernelMode,
                             NULL,
                             ObjectSize,
                             0,
                             0,
                             (PVOID*)&DriverObject);
     if (!NT_SUCCESS(Status)) return Status;

     DPRINT("IopCreateDriver(): created DO %p\n", DriverObject);

     /* Set up the Object */
     RtlZeroMemory(DriverObject, ObjectSize);
     DriverObject->Type = IO_TYPE_DRIVER;
     DriverObject->Size = sizeof(DRIVER_OBJECT);
     DriverObject->Flags = DRVO_BUILTIN_DRIVER;
     DriverObject->DriverExtension = (PDRIVER_EXTENSION)(DriverObject + 1);
     DriverObject->DriverExtension->DriverObject = DriverObject;
     DriverObject->DriverInit = InitializationFunction;
     /* Loop all Major Functions */
     for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /* Invalidate each function */
         DriverObject->MajorFunction[i] = IopInvalidDeviceRequest;
     }

     /* Set up the service key name buffer */
     ServiceKeyName.MaximumLength = LocalDriverName.Length + sizeof(UNICODE_NULL);
     ServiceKeyName.Buffer = ExAllocatePoolWithTag(PagedPool, LocalDriverName.MaximumLength, TAG_IO);
     if (!ServiceKeyName.Buffer)
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     /* For builtin drivers, the ServiceKeyName is equal to DriverName */
     RtlCopyUnicodeString(&ServiceKeyName, &LocalDriverName);
     ServiceKeyName.Buffer[ServiceKeyName.Length / sizeof(WCHAR)] = UNICODE_NULL;
     DriverObject->DriverExtension->ServiceKeyName = ServiceKeyName;

     /* Make a copy of the driver name to store in the driver object */
     DriverObject->DriverName.MaximumLength = LocalDriverName.Length;
     DriverObject->DriverName.Buffer = ExAllocatePoolWithTag(PagedPool,
                                                             DriverObject->DriverName.MaximumLength,
                                                             TAG_IO);
     if (!DriverObject->DriverName.Buffer)
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     RtlCopyUnicodeString(&DriverObject->DriverName, &LocalDriverName);

     /* Add the Object and get its handle */
     Status = ObInsertObject(DriverObject,
                             NULL,
                             FILE_READ_DATA,
                             0,
                             NULL,
                             &hDriver);

     /* Eliminate small possibility when this function is called more than
        once in a row, and KeTickCount doesn't get enough time to change */
     if (!DriverName && (Status == STATUS_OBJECT_NAME_COLLISION) && (RetryCount < 100))
     {
         RetryCount++;
         goto try_again;
     }

     if (!NT_SUCCESS(Status)) return Status;

     /* Now reference it */
     Status = ObReferenceObjectByHandle(hDriver,
                                        0,
                                        IoDriverObjectType,
                                        KernelMode,
                                        (PVOID*)&DriverObject,
                                        NULL);

     /* Close the extra handle */
     ZwClose(hDriver);

     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return Status;
     }

     /* Finally, call its init function */
     DPRINT("Calling driver entrypoint at %p\n", InitializationFunction);
     Status = InitializationFunction(DriverObject, NULL);
     if (!NT_SUCCESS(Status))
     {
         /* If it didn't work, then kill the object */
         DPRINT1("'%wZ' initialization failed, status (0x%08lx)\n", DriverName, Status);
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
         return Status;
     }

     // Windows does this fixup - keep it for compatibility
     for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
     {
         /*
          * Make sure the driver didn't set any dispatch entry point to NULL!
          * Doing so is illegal; drivers shouldn't touch entry points they
          * do not implement.
          */

         /* Check if it did so anyway */
         if (!DriverObject->MajorFunction[i])
         {
             /* Print a warning in the debug log */
             DPRINT1("Driver <%wZ> set DriverObject->MajorFunction[%lu] to NULL!\n",
                     &DriverObject->DriverName, i);

             /* Fix it up */
             DriverObject->MajorFunction[i] = IopInvalidDeviceRequest;
         }
     }

     /* Return the Status */
     return Status;
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 IoDeleteDriver(IN PDRIVER_OBJECT DriverObject)
 {
     /* Simply dereference the Object */
     ObDereferenceObject(DriverObject);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 IoRegisterBootDriverReinitialization(IN PDRIVER_OBJECT DriverObject,
                                      IN PDRIVER_REINITIALIZE ReinitRoutine,
                                      IN PVOID Context)
 {
     PDRIVER_REINIT_ITEM ReinitItem;

     /* Allocate the entry */
     ReinitItem = ExAllocatePoolWithTag(NonPagedPool,
                                        sizeof(DRIVER_REINIT_ITEM),
                                        TAG_REINIT);
     if (!ReinitItem) return;

     /* Fill it out */
     ReinitItem->DriverObject = DriverObject;
     ReinitItem->ReinitRoutine = ReinitRoutine;
     ReinitItem->Context = Context;

     /* Set the Driver Object flag and insert the entry into the list */
     DriverObject->Flags |= DRVO_BOOTREINIT_REGISTERED;
     ExInterlockedInsertTailList(&DriverBootReinitListHead,
                                 &ReinitItem->ItemEntry,
                                 &DriverBootReinitListLock);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 IoRegisterDriverReinitialization(IN PDRIVER_OBJECT DriverObject,
                                  IN PDRIVER_REINITIALIZE ReinitRoutine,
                                  IN PVOID Context)
 {
     PDRIVER_REINIT_ITEM ReinitItem;

     /* Allocate the entry */
     ReinitItem = ExAllocatePoolWithTag(NonPagedPool,
                                        sizeof(DRIVER_REINIT_ITEM),
                                        TAG_REINIT);
     if (!ReinitItem) return;

     /* Fill it out */
     ReinitItem->DriverObject = DriverObject;
     ReinitItem->ReinitRoutine = ReinitRoutine;
     ReinitItem->Context = Context;

     /* Set the Driver Object flag and insert the entry into the list */
     DriverObject->Flags |= DRVO_REINIT_REGISTERED;
     ExInterlockedInsertTailList(&DriverReinitListHead,
                                 &ReinitItem->ItemEntry,
                                 &DriverReinitListLock);
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 IoAllocateDriverObjectExtension(IN PDRIVER_OBJECT DriverObject,
                                 IN PVOID ClientIdentificationAddress,
                                 IN ULONG DriverObjectExtensionSize,
                                 OUT PVOID *DriverObjectExtension)
 {
     KIRQL OldIrql;
     PIO_CLIENT_EXTENSION DriverExtensions, NewDriverExtension;
     BOOLEAN Inserted = FALSE;

     /* Assume failure */
     *DriverObjectExtension = NULL;

     /* Allocate the extension */
     NewDriverExtension = ExAllocatePoolWithTag(NonPagedPool,
                                                sizeof(IO_CLIENT_EXTENSION) +
                                                DriverObjectExtensionSize,
                                                TAG_DRIVER_EXTENSION);
     if (!NewDriverExtension) return STATUS_INSUFFICIENT_RESOURCES;

     /* Clear the extension for teh caller */
     RtlZeroMemory(NewDriverExtension,
                   sizeof(IO_CLIENT_EXTENSION) + DriverObjectExtensionSize);

     /* Acqure lock */
     OldIrql = KeRaiseIrqlToDpcLevel();

     /* Fill out the extension */
     NewDriverExtension->ClientIdentificationAddress = ClientIdentificationAddress;

     /* Loop the current extensions */
     DriverExtensions = IoGetDrvObjExtension(DriverObject)->
                        ClientDriverExtension;
     while (DriverExtensions)
     {
         /* Check if the identifier matches */
         if (DriverExtensions->ClientIdentificationAddress ==
             ClientIdentificationAddress)
         {
             /* We have a collision, break out */
             break;
         }

         /* Go to the next one */
         DriverExtensions = DriverExtensions->NextExtension;
     }

     /* Check if we didn't collide */
     if (!DriverExtensions)
     {
         /* Link this one in */
         NewDriverExtension->NextExtension =
             IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
         IoGetDrvObjExtension(DriverObject)->ClientDriverExtension =
             NewDriverExtension;
         Inserted = TRUE;
     }

     /* Release the lock */
     KeLowerIrql(OldIrql);

     /* Check if insertion failed */
     if (!Inserted)
     {
         /* Free the entry and fail */
         ExFreePoolWithTag(NewDriverExtension, TAG_DRIVER_EXTENSION);
         return STATUS_OBJECT_NAME_COLLISION;
     }

     /* Otherwise, return the pointer */
     *DriverObjectExtension = NewDriverExtension + 1;
     return STATUS_SUCCESS;
 }

 /*
  * @implemented
  */
 PVOID
 NTAPI
 IoGetDriverObjectExtension(IN PDRIVER_OBJECT DriverObject,
                            IN PVOID ClientIdentificationAddress)
 {
     KIRQL OldIrql;
     PIO_CLIENT_EXTENSION DriverExtensions;

     /* Acquire lock */
     OldIrql = KeRaiseIrqlToDpcLevel();

     /* Loop the list until we find the right one */
     DriverExtensions = IoGetDrvObjExtension(DriverObject)->ClientDriverExtension;
     while (DriverExtensions)
     {
         /* Check for a match */
         if (DriverExtensions->ClientIdentificationAddress ==
             ClientIdentificationAddress)
         {
             /* Break out */
             break;
         }

         /* Keep looping */
         DriverExtensions = DriverExtensions->NextExtension;
     }

     /* Release lock */
     KeLowerIrql(OldIrql);

     /* Return nothing or the extension */
     if (!DriverExtensions) return NULL;
     return DriverExtensions + 1;
 }

 NTSTATUS
 IopLoadDriver(
     _In_ HANDLE ServiceHandle,
     _Out_ PDRIVER_OBJECT *DriverObject)
 {
     UNICODE_STRING ImagePath;
     NTSTATUS Status;
     PLDR_DATA_TABLE_ENTRY ModuleObject;
     PVOID BaseAddress;

     PKEY_VALUE_FULL_INFORMATION kvInfo;
     Status = IopGetRegistryValue(ServiceHandle, L"ImagePath", &kvInfo);
     if (NT_SUCCESS(Status))
     {
         if (kvInfo->Type != REG_EXPAND_SZ || kvInfo->DataLength == 0)
         {
             ExFreePool(kvInfo);
             return STATUS_ILL_FORMED_SERVICE_ENTRY;
         }

         ImagePath.Length = kvInfo->DataLength - sizeof(UNICODE_NULL);
         ImagePath.MaximumLength = kvInfo->DataLength;
         ImagePath.Buffer = ExAllocatePoolWithTag(PagedPool, ImagePath.MaximumLength, TAG_RTLREGISTRY);
         if (!ImagePath.Buffer)
         {
             ExFreePool(kvInfo);
             return STATUS_INSUFFICIENT_RESOURCES;
         }

         RtlMoveMemory(ImagePath.Buffer,
                       (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                       ImagePath.Length);
         ImagePath.Buffer[ImagePath.Length / sizeof(WCHAR)] = UNICODE_NULL;
         ExFreePool(kvInfo);
     }
     else
     {
         return Status;
     }

     /*
      * Normalize the image path for all later processing.
      */
     Status = IopNormalizeImagePath(&ImagePath, NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT("IopNormalizeImagePath() failed (Status %x)\n", Status);
         return Status;
     }

     DPRINT("FullImagePath: '%wZ'\n", &ImagePath);

     KeEnterCriticalRegion();
     ExAcquireResourceExclusiveLite(&IopDriverLoadResource, TRUE);

     /*
      * Load the driver module
      */
     DPRINT("Loading module from %wZ\n", &ImagePath);
     Status = MmLoadSystemImage(&ImagePath, NULL, NULL, 0, (PVOID)&ModuleObject, &BaseAddress);
     RtlFreeUnicodeString(&ImagePath);

     if (!NT_SUCCESS(Status))
     {
         DPRINT("MmLoadSystemImage() failed (Status %lx)\n", Status);
         ExReleaseResourceLite(&IopDriverLoadResource);
         KeLeaveCriticalRegion();
         return Status;
     }

     // Display the loading message
     ULONG infoLength;
     Status = ZwQueryKey(ServiceHandle, KeyBasicInformation, NULL, 0, &infoLength);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         PKEY_BASIC_INFORMATION servName = ExAllocatePoolWithTag(PagedPool, infoLength, TAG_IO);
         if (servName)
         {
             Status = ZwQueryKey(ServiceHandle,
                                 KeyBasicInformation,
                                 servName,
                                 infoLength,
                                 &infoLength);
             if (NT_SUCCESS(Status))
             {
                 UNICODE_STRING serviceName = {
                     .Length = servName->NameLength,
                     .MaximumLength = servName->NameLength,
                     .Buffer = servName->Name
                 };

                 IopDisplayLoadingMessage(&serviceName);
             }
             ExFreePoolWithTag(servName, TAG_IO);
         }
     }

     NTSTATUS driverEntryStatus;
     Status = IopInitializeDriverModule(ModuleObject,
                                        ServiceHandle,
                                        DriverObject,
                                        &driverEntryStatus);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("IopInitializeDriverModule() failed (Status %lx)\n", Status);
     }

     ExReleaseResourceLite(&IopDriverLoadResource);
     KeLeaveCriticalRegion();

     return Status;
 }

 static
 VOID
 NTAPI
 IopLoadUnloadDriverWorker(
     _Inout_ PVOID Parameter)
 {
     PLOAD_UNLOAD_PARAMS LoadParams = Parameter;

     ASSERT(PsGetCurrentProcess() == PsInitialSystemProcess);

     if (LoadParams->DriverObject)
     {
         // unload request
         LoadParams->DriverObject->DriverUnload(LoadParams->DriverObject);
         LoadParams->Status = STATUS_SUCCESS;
     }
     else
     {
         // load request
         HANDLE serviceHandle;
         NTSTATUS status;
         status = IopOpenRegistryKeyEx(&serviceHandle, NULL, LoadParams->RegistryPath, KEY_READ);
         if (!NT_SUCCESS(status))
         {
             LoadParams->Status = status;
         }
         else
         {
             LoadParams->Status = IopLoadDriver(serviceHandle, &LoadParams->DriverObject);
             ZwClose(serviceHandle);
         }
     }

     if (LoadParams->SetEvent)
     {
         KeSetEvent(&LoadParams->Event, 0, FALSE);
     }
 }

 NTSTATUS
 IopDoLoadUnloadDriver(
     _In_opt_ PUNICODE_STRING RegistryPath,
     _Inout_ PDRIVER_OBJECT *DriverObject)
 {
     LOAD_UNLOAD_PARAMS LoadParams;

     /* Prepare parameters block */
     LoadParams.RegistryPath = RegistryPath;
     LoadParams.DriverObject = *DriverObject;

     if (PsGetCurrentProcess() != PsInitialSystemProcess)
     {
         LoadParams.SetEvent = TRUE;
         KeInitializeEvent(&LoadParams.Event, NotificationEvent, FALSE);

         /* Initialize and queue a work item */
         ExInitializeWorkItem(&LoadParams.WorkItem, IopLoadUnloadDriverWorker, &LoadParams);
         ExQueueWorkItem(&LoadParams.WorkItem, DelayedWorkQueue);

         /* And wait till it completes */
         KeWaitForSingleObject(&LoadParams.Event, UserRequest, KernelMode, FALSE, NULL);
     }
     else
     {
         /* If we're already in a system process, call it right here */
         LoadParams.SetEvent = FALSE;
         IopLoadUnloadDriverWorker(&LoadParams);
     }

     return LoadParams.Status;
 }

 /*
  * NtLoadDriver
  *
  * Loads a device driver.
  *
  * Parameters
  *    DriverServiceName
  *       Name of the service to load (registry key).
  *
  * Return Value
  *    Status
  *
  * Status
  *    implemented
  */
 NTSTATUS NTAPI
 NtLoadDriver(IN PUNICODE_STRING DriverServiceName)
 {
     UNICODE_STRING CapturedServiceName = { 0, 0, NULL };
     KPROCESSOR_MODE PreviousMode;
     PDRIVER_OBJECT DriverObject;
     NTSTATUS Status;

     PAGED_CODE();

     PreviousMode = KeGetPreviousMode();

     /* Need the appropriate priviliege */
     if (!SeSinglePrivilegeCheck(SeLoadDriverPrivilege, PreviousMode))
     {
         DPRINT1("No load privilege!\n");
         return STATUS_PRIVILEGE_NOT_HELD;
     }

     /* Capture the service name */
     Status = ProbeAndCaptureUnicodeString(&CapturedServiceName,
                                           PreviousMode,
                                           DriverServiceName);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }

     DPRINT("NtLoadDriver('%wZ')\n", &CapturedServiceName);

     /* We need a service name */
     if (CapturedServiceName.Length == 0 || CapturedServiceName.Buffer == NULL)
     {
         ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
         return STATUS_INVALID_PARAMETER;
     }

     /* Load driver and call its entry point */
     DriverObject = NULL;
     Status = IopDoLoadUnloadDriver(&CapturedServiceName, &DriverObject);

     ReleaseCapturedUnicodeString(&CapturedServiceName, PreviousMode);
     return Status;
 }

 /*
  * NtUnloadDriver
  *
  * Unloads a legacy device driver.
  *
  * Parameters
  *    DriverServiceName
  *       Name of the service to unload (registry key).
  *
  * Return Value
  *    Status
  *
  * Status
  *    implemented
  */

 NTSTATUS NTAPI
 NtUnloadDriver(IN PUNICODE_STRING DriverServiceName)
 {
     return IopUnloadDriver(DriverServiceName, FALSE);
 }

 /* EOF */
ProbeAndCaptureUnicodeString
static __inline NTSTATUS ProbeAndCaptureUnicodeString(OUT PUNICODE_STRING Dest, IN KPROCESSOR_MODE CurrentMode, IN const UNICODE_STRING *UnsafeSrc)
Definition: probe.h:142

RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END
#define RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END
Definition: rtl.h:25

_KEY_NAME_INFORMATION
Definition: winternl.h:1184

STATUS_OBJECT_NAME_COLLISION
#define STATUS_OBJECT_NAME_COLLISION
Definition: udferr_usr.h:150

PCHAR
signed char * PCHAR
Definition: retypes.h:7

pc2
static const unsigned char pc2[48]
Definition: des.c:68

Context
Definition: compobj.c:4794

PiActionEnumRootDevices
Definition: io.h:539

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35

_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:917

ExpInTextModeSetup
BOOLEAN ExpInTextModeSetup
Definition: init.c:67

DRVO_BUILTIN_DRIVER
#define DRVO_BUILTIN_DRIVER
Definition: iotypes.h:2227

QueryTable
_In_ PCWSTR _Inout_ _At_ QueryTable _Pre_unknown_ PRTL_QUERY_REGISTRY_TABLE QueryTable
Definition: rtlfuncs.h:4155

IN
#define IN
Definition: typedefs.h:39

STATUS_DELETE_PENDING
#define STATUS_DELETE_PENDING
Definition: ntstatus.h:322

NotificationEvent
Definition: ntdef.template.h:356

RawFsDriverEntry
NTSTATUS NTAPI RawFsDriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
Definition: rawfs.c:1193

DRVO_LEGACY_DRIVER
#define DRVO_LEGACY_DRIVER
Definition: iotypes.h:2226

STATUS_PRIVILEGE_NOT_HELD
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9

MmFreeDriverInitialization
VOID NTAPI MmFreeDriverInitialization(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: sysldr.c:1635

IopInitializeBootDrivers
VOID FASTCALL IopInitializeBootDrivers(VOID)
Definition: driver.c:988

_DEVICE_NODE::PhysicalDeviceObject
PDEVICE_OBJECT PhysicalDeviceObject
Definition: iotypes.h:850

InbvIndicateProgress
VOID NTAPI InbvIndicateProgress(VOID)
Definition: inbv.c:884

IopRootDeviceNode
PDEVICE_NODE IopRootDeviceNode
Definition: devnode.c:18

NonPagedPool
Definition: ketypes.h:866

ExQueueWorkItem
VOID NTAPI ExQueueWorkItem(IN PWORK_QUEUE_ITEM WorkItem, IN WORK_QUEUE_TYPE QueueType)
Definition: work.c:723

KeRaiseIrqlToDpcLevel
IN OUT PLONG IN OUT PLONG Addend IN OUT PLONG IN LONG IN OUT PLONG IN LONG Increment KeRaiseIrqlToDpcLevel
Definition: CrNtStubs.h:67

_IO_CLIENT_EXTENSION::NextExtension
struct _IO_CLIENT_EXTENSION * NextExtension
Definition: iotypes.h:823

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

IopInitializeSystemDrivers
VOID FASTCALL IopInitializeSystemDrivers(VOID)
Definition: driver.c:1169

_LOADER_PARAMETER_BLOCK::ArcBootDeviceName
PSTR ArcBootDeviceName
Definition: arc.h:503

RtlUpcaseUnicodeString
NTSTATUS RtlUpcaseUnicodeString(PUNICODE_STRING dst, PUNICODE_STRING src, BOOLEAN Alloc)
Definition: string_lib.cpp:46

KeLowerIrql
#define KeLowerIrql(oldIrql)
Definition: env_spec_w32.h:602

Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101

pc1
static const unsigned char pc1[56]
Definition: des.c:54

TAG_IO
#define TAG_IO
Definition: tag.h:69

_In_opt_
#define _In_opt_
Definition: ms_sal.h:309

_KEY_VALUE_FULL_INFORMATION::DataOffset
ULONG DataOffset
Definition: nt_native.h:1158

_Inout_
#define _Inout_
Definition: ms_sal.h:378

CmGetSystemDriverList
PUNICODE_STRING *NTAPI CmGetSystemDriverList(VOID)
Definition: cmsysini.c:1776

RtlQueryRegistryValues
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)

IoAllocateDriverObjectExtension
NTSTATUS NTAPI IoAllocateDriverObjectExtension(IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress, IN ULONG DriverObjectExtensionSize, OUT PVOID *DriverObjectExtension)
Definition: driver.c:1784

Entry
struct _Entry Entry
Definition: kefuncs.h:627

PiQueueDeviceAction
VOID PiQueueDeviceAction(_In_ PDEVICE_OBJECT DeviceObject, _In_ DEVICE_ACTION Action, _In_opt_ PKEVENT CompletionEvent, _Out_opt_ NTSTATUS *CompletionStatus)
Queue a device operation to a worker thread.
Definition: devaction.c:2620

IopLoadUnloadDriverWorker
static VOID NTAPI IopLoadUnloadDriverWorker(_Inout_ PVOID Parameter)
Definition: driver.c:2011

OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228

IopReinitializeDrivers
VOID NTAPI IopReinitializeDrivers(VOID)
Definition: driver.c:1455

KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711

DbgPrint
#define DbgPrint
Definition: loader.c:25

_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370

_Out_
#define _Out_
Definition: ms_sal.h:345

_At_
#define _At_(target, annos)
Definition: ms_sal.h:244

_LOADER_PARAMETER_BLOCK::NtBootPathName
PSTR NtBootPathName
Definition: arc.h:505

TAG_RTLREGISTRY
#define TAG_RTLREGISTRY
Definition: driver.c:35

Buffer
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34

KEY_READ
#define KEY_READ
Definition: nt_native.h:1023

TRUE
#define TRUE
Definition: types.h:120

_OBJECT_ATTRIBUTES
Definition: umtypes.h:181

STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

_DRIVER_REINIT_ITEM
Definition: io.h:458

IopDisplayLoadingMessage
VOID FASTCALL IopDisplayLoadingMessage(PUNICODE_STRING ServiceName)
Definition: driver.c:317

ZwClose
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)

PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56

_LIST_ENTRY::Blink
struct _LIST_ENTRY * Blink
Definition: typedefs.h:122

InsertHeadList
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
Definition: rtlfuncs.h:201

_DRIVER_REINIT_ITEM::Context
PVOID Context
Definition: io.h:463

RtlStringCchPrintfW
NTSTRSAFEVAPI RtlStringCchPrintfW(_Out_writes_(cchDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cchDest, _In_ _Printf_format_string_ NTSTRSAFE_PCWSTR pszFormat,...)
Definition: ntstrsafe.h:1110

PiActionAddBootDevices
Definition: io.h:541

acpi_buffer::Length
ACPI_SIZE Length
Definition: actypes.h:1044

CHAR
char CHAR
Definition: xmlstorage.h:175

ExInterlockedInsertTailList
PLIST_ENTRY NTAPI ExInterlockedInsertTailList(IN OUT PLIST_ENTRY ListHead, IN OUT PLIST_ENTRY ListEntry, IN OUT PKSPIN_LOCK Lock)
Definition: interlocked.c:140

KeGetPreviousMode
#define KeGetPreviousMode()
Definition: ketypes.h:1107

IRP_MJ_MAXIMUM_FUNCTION
#define IRP_MJ_MAXIMUM_FUNCTION

IopDoLoadUnloadDriver
NTSTATUS IopDoLoadUnloadDriver(_In_opt_ PUNICODE_STRING RegistryPath, _Inout_ PDRIVER_OBJECT *DriverObject)
Process load and unload driver operations. This is mostly for NtLoadDriver and NtUnloadDriver,...
Definition: driver.c:2057

_LOAD_IMPORTS
Definition: ldrtypes.h:170

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369

RegistryPath
_Must_inspect_result_ _In_ PDRIVER_OBJECT _In_ PCUNICODE_STRING RegistryPath
Definition: wdfdriver.h:213

STATUS_FAILED_DRIVER_ENTRY
#define STATUS_FAILED_DRIVER_ENTRY
Definition: ntstatus.h:911

_LOAD_UNLOAD_PARAMS::WorkItem
WORK_QUEUE_ITEM WorkItem
Definition: driver.c:52

DriverBootReinitListHead
LIST_ENTRY DriverBootReinitListHead
Definition: driver.c:26

_KEY_VALUE_FULL_INFORMATION::DataLength
ULONG DataLength
Definition: nt_native.h:1159

STATUS_INVALID_DEVICE_REQUEST
#define STATUS_INVALID_DEVICE_REQUEST
Definition: udferr_usr.h:138

snprintf
#define snprintf
Definition: wintirpc.h:48

hDriver
_In_ LPWSTR _In_ ULONG _In_ ULONG _In_ ULONG _Out_ DEVINFO _In_ HDEV _In_ LPWSTR _In_ HANDLE hDriver
Definition: winddi.h:3553

SeSinglePrivilegeCheck
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
Definition: priv.c:520

_RTL_QUERY_REGISTRY_TABLE::Name
PWSTR Name
Definition: nt_native.h:111

ExGetPreviousMode
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
Definition: sysinfo.c:3070

FILESYSTEM_ROOT_NAME
#define FILESYSTEM_ROOT_NAME
Definition: ldr.h:6

IopLoadDriver
NTSTATUS IopLoadDriver(_In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT *DriverObject)
Definition: driver.c:1896

_OBJECT_TYPE
Definition: obtypes.h:379

IoDriverObjectType
POBJECT_TYPE IoDriverObjectType
Definition: driver.c:33

KernelMode
Definition: ketypes.h:11

PnpSystemInit
BOOLEAN PnpSystemInit
Definition: iomgr.c:17

ModuleName
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
Definition: acpixf.h:1274

_When_
#define _When_(expr, annos)
Definition: ms_sal.h:254

PWCHAR
uint16_t * PWCHAR
Definition: typedefs.h:56

swprintf
#define swprintf
Definition: precomp.h:40

NT_VERIFY
#define NT_VERIFY(exp)
Definition: rtlfuncs.h:3287

_KEY_BASIC_INFORMATION
Definition: nt_native.h:1099

ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62

Parameter
_In_ PVOID Parameter
Definition: ldrtypes.h:241

_LOAD_UNLOAD_PARAMS::Event
KEVENT Event
Definition: driver.c:53

IoDeleteDriver
VOID NTAPI IoDeleteDriver(IN PDRIVER_OBJECT DriverObject)
Definition: driver.c:1715

IopGetDriverNames
NTSTATUS IopGetDriverNames(_In_ HANDLE ServiceHandle, _Out_ PUNICODE_STRING DriverName, _Out_opt_ PUNICODE_STRING ServiceName)
Definition: driver.c:125

LDRP_DRIVER_DEPENDENT_DLL
#define LDRP_DRIVER_DEPENDENT_DLL
Definition: ldrtypes.h:56

IopInvalidDeviceRequest
NTSTATUS NTAPI IopInvalidDeviceRequest(PDEVICE_OBJECT DeviceObject, PIRP Irp)
Definition: driver.c:67

KeSetEvent
LONG NTAPI KeSetEvent(IN PKEVENT Event, IN KPRIORITY Increment, IN BOOLEAN Wait)
Definition: eventobj.c:159

_KEY_NAME_INFORMATION::Name
WCHAR Name[1]
Definition: winternl.h:1186

KeWaitForSingleObject
NTSTATUS NTAPI KeWaitForSingleObject(IN PVOID Object, IN KWAIT_REASON WaitReason, IN KPROCESSOR_MODE WaitMode, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
Definition: wait.c:416

FASTCALL
#define FASTCALL
Definition: nt_native.h:50

OBJ_KERNEL_HANDLE
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231

IopReinitializeBootDrivers
VOID NTAPI IopReinitializeBootDrivers(VOID)
Definition: driver.c:1491

SERVICE_RECOGNIZER_DRIVER
#define SERVICE_RECOGNIZER_DRIVER
Definition: cmtypes.h:956

INT
int32_t INT
Definition: typedefs.h:58

Link
static int Link(const char **args)
Definition: vfdcmd.c:2414

MAXIMUM_FILENAME_LENGTH
#define MAXIMUM_FILENAME_LENGTH
Definition: env_spec_w32.h:41

RtlMoveMemory
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264

RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)

STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69

PpInitGetGroupOrderIndex
USHORT NTAPI PpInitGetGroupOrderIndex(IN HANDLE ServiceHandle)
Definition: pnpinit.c:155

_KEY_VALUE_FULL_INFORMATION::Type
ULONG Type
Definition: nt_native.h:1157

DRVO_REINIT_REGISTERED
#define DRVO_REINIT_REGISTERED
Definition: iotypes.h:4469

IoRegisterDriverReinitialization
VOID NTAPI IoRegisterDriverReinitialization(IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)
Definition: driver.c:1755

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

_DRIVER_REINIT_ITEM::ItemEntry
LIST_ENTRY ItemEntry
Definition: io.h:460

_BOOT_DRIVER_LIST_ENTRY
Definition: arc.h:198

RtlFindCharInUnicodeString
NTSTATUS NTAPI RtlFindCharInUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING SearchString, _In_ PCUNICODE_STRING MatchString, _Out_ PUSHORT Position)

ExAcquireResourceExclusiveLite
BOOLEAN NTAPI ExAcquireResourceExclusiveLite(IN PERESOURCE Resource, IN BOOLEAN Wait)
Definition: resource.c:770

buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751

KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591

DeviceObject
_In_ PDEVICE_OBJECT DeviceObject
Definition: wdfdevice.h:2055

DriverReinitListLock
KSPIN_LOCK DriverReinitListLock
Definition: driver.c:22

IopInitializeBuiltinDriver
static BOOLEAN IopInitializeBuiltinDriver(IN PLDR_DATA_TABLE_ENTRY BootLdrEntry)
Definition: driver.c:779

ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494

DriverBootReinitListLock
KSPIN_LOCK DriverBootReinitListLock
Definition: driver.c:27

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

_LOADER_PARAMETER_BLOCK::SetupLdrBlock
struct _SETUP_LOADER_BLOCK * SetupLdrBlock
Definition: arc.h:511

TAG_LDR_WSTR
#define TAG_LDR_WSTR
Definition: tag.h:110

FALSE
#define FALSE
Definition: types.h:117

UNICODE_NULL
#define UNICODE_NULL

PsInitialSystemProcess
PEPROCESS PsInitialSystemProcess
Definition: psmgr.c:50

Irp
_In_ PIRP Irp
Definition: csq.h:116

MmCallDllInitialize
NTSTATUS NTAPI MmCallDllInitialize(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN PLIST_ENTRY ListHead)
Definition: sysldr.c:308

LOAD_UNLOAD_PARAMS
struct _LOAD_UNLOAD_PARAMS LOAD_UNLOAD_PARAMS

OBJ_NAME_PATH_SEPARATOR
#define OBJ_NAME_PATH_SEPARATOR
Definition: arcname_tests.c:25

_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371

FILE_READ_DATA
#define FILE_READ_DATA
Definition: nt_native.h:628

_DRIVER_OBJECT::DriverExtension
PDRIVER_EXTENSION DriverExtension
Definition: iotypes.h:2282

KeyNameInformation
Definition: winternl.h:831

PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17

_DRIVER_INFORMATION::Link
LIST_ENTRY Link
Definition: io.h:403

ExInterlockedRemoveHeadList
PLIST_ENTRY NTAPI ExInterlockedRemoveHeadList(IN OUT PLIST_ENTRY ListHead, IN OUT PKSPIN_LOCK Lock)
Definition: interlocked.c:166

IopGetDeviceObjectFromDeviceInstance
PDEVICE_OBJECT IopGetDeviceObjectFromDeviceInstance(PUNICODE_STRING DeviceInstance)
Definition: plugplay.c:121

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

IopNormalizeImagePath
NTSTATUS FASTCALL IopNormalizeImagePath(_Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING ImagePath, _In_ PUNICODE_STRING ServiceName)
Definition: driver.c:356

PDRIVER_REINITIALIZE
VOID(NTAPI * PDRIVER_REINITIALIZE)(_In_ struct _DRIVER_OBJECT *DriverObject, _In_opt_ PVOID Context, _In_ ULONG Count)
Definition: iotypes.h:4455

SeLoadDriverPrivilege
const LUID SeLoadDriverPrivilege
Definition: priv.c:27

_DRIVER_INFORMATION::ServiceHandle
HANDLE ServiceHandle
Definition: io.h:406

_In_
#define _In_
Definition: ms_sal.h:308

DriverReinitListHead
LIST_ENTRY DriverReinitListHead
Definition: driver.c:21

IoCompleteRequest
#define IoCompleteRequest
Definition: irp.c:1240

IoCreateDriver
NTSTATUS NTAPI IoCreateDriver(_In_opt_ PUNICODE_STRING DriverName, _In_ PDRIVER_INITIALIZE InitializationFunction)
Definition: driver.c:1535

_DRIVER_REINIT_ITEM::DriverObject
PDRIVER_OBJECT DriverObject
Definition: io.h:461

_FileName
Definition: filecomp.c:347

Buffer
Definition: bufpool.h:45

_DRIVER_INFORMATION::TagPosition
USHORT TagPosition
Definition: io.h:407

PVOID
void * PVOID
Definition: retypes.h:9

_DEVICE_OBJECT
Definition: env_spec_w32.h:413

SERVICE_FILE_SYSTEM_DRIVER
#define SERVICE_FILE_SYSTEM_DRIVER
Definition: cmtypes.h:954

KeLoaderBlock
PLOADER_PARAMETER_BLOCK KeLoaderBlock
Definition: krnlinit.c:29

_LOAD_UNLOAD_PARAMS
Definition: driver.c:48

ClientIdentificationAddress
__drv_aliasesMem _In_ PVOID ClientIdentificationAddress
Definition: iofuncs.h:1028

CONTAINING_RECORD
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560

TAG_REINIT
#define TAG_REINIT
Definition: tag.h:73

PiEnumerationFinished
KEVENT PiEnumerationFinished
Definition: devaction.c:50

DriverObject
_Must_inspect_result_ _In_ PDRIVER_OBJECT DriverObject
Definition: wdfdriver.h:213

DRVO_UNLOAD_INVOKED
#define DRVO_UNLOAD_INVOKED
Definition: iotypes.h:2225

ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:952

OldIrql
KIRQL OldIrql
Definition: mm.h:1502

MmUnloadSystemImage
NTSTATUS NTAPI MmUnloadSystemImage(IN PVOID ImageHandle)
Definition: sysldr.c:911

STATUS_ILL_FORMED_SERVICE_ENTRY
#define STATUS_ILL_FORMED_SERVICE_ENTRY
Definition: ntstatus.h:588

Status
Status
Definition: gdiplustypes.h:24

RtlAppendUnicodeToString
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62

serviceName
char serviceName[]
Definition: tftpd.cpp:34

_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121

ReleaseCapturedUnicodeString
static __inline VOID ReleaseCapturedUnicodeString(IN PUNICODE_STRING CapturedString, IN KPROCESSOR_MODE CurrentMode)
Definition: probe.h:239

PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103

BaseAddress
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404

_DRIVER_OBJECT::Flags
ULONG Flags
Definition: iotypes.h:2278

__drv_allocatesMem
#define __drv_allocatesMem(kind)
Definition: driverspecs.h:256

ExInitializeWorkItem
#define ExInitializeWorkItem(Item, Routine, Context)
Definition: exfuncs.h:265

ServiceName
LPTSTR ServiceName
Definition: ServiceMain.c:15

_RTL_QUERY_REGISTRY_TABLE
Definition: nt_native.h:108

ASSERT
#define ASSERT(a)
Definition: mode.c:44

DOE_UNLOAD_PENDING
#define DOE_UNLOAD_PENDING
Definition: iotypes.h:149

TAG_DRIVER_EXTENSION
#define TAG_DRIVER_EXTENSION
Definition: tag.h:42

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

_DRIVER_INFORMATION
Definition: ne2000.h:185

_KEY_BASIC_INFORMATION::Name
WCHAR Name[1]
Definition: nt_native.h:1103

Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179

PsLoadedModuleList
LIST_ENTRY PsLoadedModuleList
Definition: sysldr.c:34

DriverReinitTailEntry
PLIST_ENTRY DriverReinitTailEntry
Definition: driver.c:23

_RTL_QUERY_REGISTRY_TABLE::EntryContext
PVOID EntryContext
Definition: nt_native.h:112

_Post_notnull_
#define _Post_notnull_
Definition: ms_sal.h:701

MiResolveImageReferences
NTSTATUS NTAPI MiResolveImageReferences(IN PVOID ImageBase, IN PUNICODE_STRING ImageFileDirectory, IN PUNICODE_STRING NamePrefix OPTIONAL, OUT PCHAR *MissingApi, OUT PWCHAR *MissingDriver, OUT PLOAD_IMPORTS *LoadImports)
Definition: sysldr.c:1000

ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203

_EXTENDED_DEVOBJ_EXTENSION::ExtensionFlags
ULONG ExtensionFlags
Definition: iotypes.h:929

num
GLuint GLuint num
Definition: glext.h:9618

IopGroupTable
PLIST_ENTRY IopGroupTable
Definition: driver.c:43

_LOADER_PARAMETER_BLOCK::BootDriverListHead
LIST_ENTRY BootDriverListHead
Definition: arc.h:495

RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)

ExReleaseResourceLite
VOID FASTCALL ExReleaseResourceLite(IN PERESOURCE Resource)
Definition: resource.c:1817

KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7

IopReadyDeviceObjects
VOID NTAPI IopReadyDeviceObjects(IN PDRIVER_OBJECT Driver)
Definition: device.c:34

Success
Definition: eventcreate.c:712

IoRegisterBootDriverReinitialization
VOID NTAPI IoRegisterBootDriverReinitialization(IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)
Definition: driver.c:1726

STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132

ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350

_DRIVER_INFORMATION::DataTableEntry
PBOOT_DRIVER_LIST_ENTRY DataTableEntry
Definition: io.h:405

RtlCreateUnicodeString
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

_KEY_VALUE_FULL_INFORMATION
Definition: nt_native.h:1155

PDRIVER_INITIALIZE
DRIVER_INITIALIZE * PDRIVER_INITIALIZE
Definition: iotypes.h:2235

NtUnloadDriver
NTSTATUS NTAPI NtUnloadDriver(IN PUNICODE_STRING DriverServiceName)
Definition: driver.c:2166

L
static const WCHAR L[]
Definition: oid.c:1250

KeTickCount
NTKERNELAPI volatile KSYSTEM_TIME KeTickCount
Definition: clock.c:19

_LOAD_UNLOAD_PARAMS::Status
NTSTATUS Status
Definition: driver.c:50

_DRIVER_OBJECT::DriverUnload
PDRIVER_UNLOAD DriverUnload
Definition: iotypes.h:2288

IoGetDriverObjectExtension
PVOID NTAPI IoGetDriverObjectExtension(IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress)
Definition: driver.c:1862

OBJ_PERMANENT
#define OBJ_PERMANENT
Definition: winternl.h:226

KeEnterCriticalRegion
#define KeEnterCriticalRegion()
Definition: ke_x.h:88

_LDR_DATA_TABLE_ENTRY
Definition: btrfs_drv.h:1922

DeviceInstance
_In_ PNDIS_STRING DeviceInstance
Definition: ndis.h:5202

_LOAD_UNLOAD_PARAMS::SetEvent
BOOLEAN SetEvent
Definition: driver.c:55

DRIVER_OBJECT
struct _DRIVER_OBJECT DRIVER_OBJECT

_LIST_ENTRY
Definition: typedefs.h:119

wcsrchr
#define wcsrchr
Definition: compat.h:16

Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80

RTL_REGISTRY_ABSOLUTE
#define RTL_REGISTRY_ABSOLUTE
Definition: nt_native.h:161

DriverExtension
PPCI_DRIVER_EXTENSION DriverExtension
Definition: pci.c:31

DriverBootReinitTailEntry
PLIST_ENTRY DriverBootReinitTailEntry
Definition: driver.c:25

PagedPool
Definition: ketypes.h:867

_LOADER_PARAMETER_BLOCK::LoadOrderListHead
LIST_ENTRY LoadOrderListHead
Definition: arc.h:493

PiPerformSyncDeviceAction
NTSTATUS PiPerformSyncDeviceAction(_In_ PDEVICE_OBJECT DeviceObject, _In_ DEVICE_ACTION Action)
Perfom a device operation synchronously via PiQueueDeviceAction.
Definition: devaction.c:2679

_LOAD_UNLOAD_PARAMS::DriverObject
PDRIVER_OBJECT DriverObject
Definition: driver.c:54

_IRP
Definition: Bus_PDO_QueryResourceRequirements.c:92

_WORK_QUEUE_ITEM
Definition: extypes.h:202

_DRIVER_OBJECT
Definition: iotypes.h:2274

_RTL_QUERY_REGISTRY_TABLE::Flags
ULONG Flags
Definition: nt_native.h:110

_UNICODE_STRING
Definition: env_spec_w32.h:368

IopGetRegistryValue
NTSTATUS NTAPI IopGetRegistryValue(IN HANDLE Handle, IN PWSTR ValueName, OUT PKEY_VALUE_FULL_INFORMATION *Information)
Definition: pnpmgr.c:1606

FileName
struct _FileName FileName
Definition: fatprocs.h:893

IopDriverLoadResource
ERESOURCE IopDriverLoadResource
Definition: driver.c:19

ObInsertObject
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2931

_BOOT_DRIVER_LIST_ENTRY::RegistryPath
UNICODE_STRING RegistryPath
Definition: arc.h:202

DriverInfo
DRIVER_INFORMATION DriverInfo
Definition: main.c:59

KeLeaveCriticalRegion
#define KeLeaveCriticalRegion()
Definition: ke_x.h:119

_LOAD_UNLOAD_PARAMS::RegistryPath
PUNICODE_STRING RegistryPath
Definition: driver.c:51

KeInitializeEvent
#define KeInitializeEvent(pEvt, foo, foo2)
Definition: env_spec_w32.h:477

IopOpenRegistryKeyEx
NTSTATUS NTAPI IopOpenRegistryKeyEx(PHANDLE KeyHandle, HANDLE ParentKey, PUNICODE_STRING Name, ACCESS_MASK DesiredAccess)
Definition: pnpmgr.c:1455

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

USHORT
unsigned short USHORT
Definition: pedump.c:61

_BOOT_DRIVER_LIST_ENTRY::LdrEntry
struct _LDR_DATA_TABLE_ENTRY * LdrEntry
Definition: arc.h:203

KeyBasicInformation
Definition: nt_native.h:1131

IopDeleteDriver
VOID NTAPI IopDeleteDriver(IN PVOID ObjectBody)
Definition: driver.c:79

_KEY_NAME_INFORMATION::NameLength
ULONG NameLength
Definition: winternl.h:1185

PDRIVER_EXTENSION
struct _DRIVER_EXTENSION * PDRIVER_EXTENSION

InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944

REG_EXPAND_SZ
#define REG_EXPAND_SZ
Definition: nt_native.h:1494

IopHardwareDatabaseKey
UNICODE_STRING IopHardwareDatabaseKey
Definition: driver.c:29

STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260

RtlAppendUnicodeStringToString
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)

KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72

_LDR_DATA_TABLE_ENTRY::BaseDllName
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145

_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346

PiActionEnumDeviceTree
Definition: io.h:538

NULL
#define NULL
Definition: types.h:112

PLOAD_UNLOAD_PARAMS
struct _LOAD_UNLOAD_PARAMS * PLOAD_UNLOAD_PARAMS

_KEY_BASIC_INFORMATION::NameLength
ULONG NameLength
Definition: nt_native.h:1102

DelayedWorkQueue
Definition: extypes.h:190

HalDisplayString
NTHALAPI VOID NTAPI HalDisplayString(PUCHAR String)

_KEVENT
Definition: ketypes.h:799

wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)

_EXTENDED_DEVOBJ_EXTENSION
Definition: iotypes.h:922

IO_TYPE_DRIVER
#define IO_TYPE_DRIVER

_DRIVER_EXTENSION::Count
ULONG Count
Definition: iotypes.h:2221

_EXTENDED_DRIVER_EXTENSION
Definition: iotypes.h:941

DPRINT1
#define DPRINT1
Definition: precomp.h:8

String2
_In_ const STRING * String2
Definition: rtlfuncs.h:2304

IopInitializeDriverModule
NTSTATUS IopInitializeDriverModule(_In_ PLDR_DATA_TABLE_ENTRY ModuleObject, _In_ HANDLE ServiceHandle, _Out_ PDRIVER_OBJECT *OutDriverObject, _Out_ NTSTATUS *DriverEntryStatus)
Initialize a loaded driver.
Definition: driver.c:430

TextBuffer
char TextBuffer[BUFFERLEN]
Definition: combotst.c:45

Context
struct tagContext Context
Definition: acpixf.h:1034

OUT
#define OUT
Definition: typedefs.h:40

PnPBootDriversLoaded
BOOLEAN PnPBootDriversLoaded
Definition: pnpinit.c:26

_LDR_DATA_TABLE_ENTRY::Flags
ULONG Flags
Definition: ntddk_ex.h:207

ERESOURCE
ULONG ERESOURCE
Definition: env_spec_w32.h:594

ULONG
unsigned int ULONG
Definition: retypes.h:1

IO_NO_INCREMENT
#define IO_NO_INCREMENT
Definition: iotypes.h:598

RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262

InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106

RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263

_DRIVER_REINIT_ITEM::ReinitRoutine
PDRIVER_REINITIALIZE ReinitRoutine
Definition: io.h:462

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

ServicesKeyName
static const WCHAR ServicesKeyName[]
Definition: driver.c:31

_IO_CLIENT_EXTENSION::ClientIdentificationAddress
PVOID ClientIdentificationAddress
Definition: iotypes.h:824

p
GLfloat GLfloat p
Definition: glext.h:8902

DPRINT
#define DPRINT
Definition: sndvol32.h:71

void
Definition: nsiface.idl:2306

IopUnloadDriver
NTSTATUS NTAPI IopUnloadDriver(PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)
Definition: driver.c:1228

IoGetDevObjExtension
#define IoGetDevObjExtension(DeviceObject)
Definition: io.h:129

REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

IoGetDrvObjExtension
#define IoGetDrvObjExtension(DriverObject)
Definition: io.h:136

ObReferenceObjectByName
NTSTATUS NTAPI ObReferenceObjectByName(IN PUNICODE_STRING ObjectPath, IN ULONG Attributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext, OUT PVOID *ObjectPtr)
Definition: obref.c:409

status
static SERVICE_STATUS status
Definition: service.c:31

NtLoadDriver
NTSTATUS NTAPI NtLoadDriver(IN PUNICODE_STRING DriverServiceName)
Definition: driver.c:2105

CODE_SEG
static CODE_SEG("PAGE")
Definition: isapnp.c:1482

RtlEqualUnicodeString
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)

IopGroupIndex
USHORT IopGroupIndex
Definition: driver.c:42

UserRequest
Definition: ketypes.h:409

Entry
base of all file and directory entries
Definition: entries.h:82

ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

_DRIVER_OBJECT::DriverInit
PDRIVER_INITIALIZE DriverInit
Definition: iotypes.h:2286

RTL_QUERY_REGISTRY_DIRECT
#define RTL_QUERY_REGISTRY_DIRECT
Definition: nt_native.h:144

Executive
Definition: ketypes.h:403

MmLoadSystemImage
NTSTATUS NTAPI MmLoadSystemImage(IN PUNICODE_STRING FileName, IN PUNICODE_STRING NamePrefix OPTIONAL, IN PUNICODE_STRING LoadedName OPTIONAL, IN ULONG Flags, OUT PVOID *ModuleObject, OUT PVOID *ImageBaseAddress)
Definition: sysldr.c:2898

DRIVER_ROOT_NAME
#define DRIVER_ROOT_NAME
Definition: ldr.h:5

PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

DRVO_BOOTREINIT_REGISTERED
#define DRVO_BOOTREINIT_REGISTERED
Definition: iotypes.h:4471

PipGetDriverTagPriority
USHORT NTAPI PipGetDriverTagPriority(IN HANDLE ServiceHandle)
Definition: pnpinit.c:198

RTL_CONSTANT_STRING
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14

NT_ASSERT
#define NT_ASSERT
Definition: rtlfuncs.h:3310

ObMakeTemporaryObject
VOID NTAPI ObMakeTemporaryObject(IN PVOID ObjectBody)
Definition: oblife.c:1361

REG_SZ
#define REG_SZ
Definition: layer.c:22

_IO_CLIENT_EXTENSION
Definition: iotypes.h:821

LdrProcessDriverModule
NTSTATUS NTAPI LdrProcessDriverModule(PLDR_DATA_TABLE_ENTRY LdrEntry, PUNICODE_STRING FileName, PLDR_DATA_TABLE_ENTRY *ModuleObject)
Definition: driver.c:694

status
Definition: ps.c:97

OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68

IopSuffixUnicodeString
BOOLEAN NTAPI IopSuffixUnicodeString(IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2)
Definition: driver.c:283