NT4/private/ntos/io/dir.c
2020-09-30 17:12:29 +02:00

1355 lines
44 KiB
C
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
dir.c
Abstract:
This module contains the code to implement the NtQueryDirectoryFile,
NtQueryOleDirectoryFile and the NtNotifyChangeDirectoryFile system
services for the NT I/O system.
Author:
Darryl E. Havens (darrylh) 21-Jun-1989
Environment:
Kernel mode only
Revision History:
--*/
#include "iop.h"
NTSTATUS
BuildQueryDirectoryIrp(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan,
IN UCHAR MinorFunction,
OUT BOOLEAN *SynchronousIo,
OUT PDEVICE_OBJECT *DeviceObject,
OUT PIRP *Pirp,
OUT PFILE_OBJECT *FileObject,
OUT KPROCESSOR_MODE *RequestorMode
);
NTSTATUS
NtQueryOleDirectoryFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE, BuildQueryDirectoryIrp)
#pragma alloc_text(PAGE, NtQueryDirectoryFile)
#pragma alloc_text(PAGE, NtQueryOleDirectoryFile)
#pragma alloc_text(PAGE, NtNotifyChangeDirectoryFile)
#endif
NTSTATUS
BuildQueryDirectoryIrp(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan,
IN UCHAR MinorFunction,
OUT BOOLEAN *SynchronousIo,
OUT PDEVICE_OBJECT *DeviceObject,
OUT PIRP *Pirp,
OUT PFILE_OBJECT *FileObject,
OUT KPROCESSOR_MODE *RequestorMode
)
/*++
Routine Description:
This service operates on a directory file or OLE container specified by the
FileHandle parameter. The service returns information about files in the
directory or embeddings and streams in the container specified by the file
handle. The ReturnSingleEntry parameter specifies that only a single entry
should be returned rather than filling the buffer. The actual number of
files whose information is returned, is the smallest of the following:
o One entry, if the ReturnSingleEntry parameter is TRUE.
o The number of entries whose information fits into the specified
buffer.
o The number of entries that exist.
o One entry if the optional FileName parameter is specified.
If the optional FileName parameter is specified, then the only information
that is returned is for that single entries, if it exists. Note that the
file name may not specify any wildcard characters according to the naming
conventions of the target file system. The ReturnSingleEntry parameter is
simply ignored.
The information that is obtained about the entries in the directory or OLE
container is based on the FileInformationClass parameter. Legal values are
hard coded based on the MinorFunction.
Arguments:
FileHandle - Supplies a handle to the directory file or OLE container for
which information should be returned.
Event - Supplies an optional event to be set to the Signaled state when
the query is complete.
ApcRoutine - Supplies an optional APC routine to be executed when the
query is complete.
ApcContext - Supplies a context parameter to be passed to the ApcRoutine,
if an ApcRoutine was specified.
IoStatusBlock - Address of the caller's I/O status block.
FileInformation - Supplies a buffer to receive the requested information
returned about the contents of the directory.
Length - Supplies the length, in bytes, of the FileInformation buffer.
FileInformationClass - Specfies the type of information that is to be
returned about the files in the specified directory or OLE container.
ReturnSingleEntry - Supplies a BOOLEAN value that, if TRUE, indicates that
only a single entry should be returned.
FileName - Optionally supplies a file name within the specified directory
or OLE container.
RestartScan - Supplies a BOOLEAN value that, if TRUE, indicates that the
scan should be restarted from the beginning. This parameter must be
set to TRUE by the caller the first time the service is invoked.
MinorFunction - IRP_MN_QUERY_DIRECTORY or IRP_MN_QUERY_OLE_DIRECTORY
SynchronousIo - pointer to returned BOOLEAN; TRUE if synchronous I/O
DeviceObject - pointer to returned pointer to device object
Pirp - pointer to returned pointer to device object
FileObject - pointer to returned pointer to file object
RequestorMode - pointer to returned requestor mode
Return Value:
The status returned is STATUS_SUCCESS if a valid irp was created for the
query operation.
--*/
{
PIRP irp;
NTSTATUS status;
PFILE_OBJECT fileObject;
PDEVICE_OBJECT deviceObject;
PKEVENT eventObject = (PKEVENT) NULL;
KPROCESSOR_MODE requestorMode;
PCHAR auxiliaryBuffer = (PCHAR) NULL;
PIO_STACK_LOCATION irpSp;
PMDL mdl;
PAGED_CODE();
//
// Get the previous mode; i.e., the mode of the caller.
//
requestorMode = KeGetPreviousMode();
*RequestorMode = requestorMode;
try {
if (requestorMode != KernelMode) {
ULONG operationlength = 0; // assume invalid
//
// The caller's access mode is not kernel so probe and validate
// each of the arguments as necessary. If any failures occur,
// the condition handler will be invoked to handle them. It
// will simply cleanup and return an access violation status
// code back to the system service dispatcher.
//
//
// The IoStatusBlock parameter must be writeable by the caller.
//
ProbeForWriteIoStatus( IoStatusBlock );
//
// Ensure that the FileInformationClass parameter is legal for
// querying information about files in the directory or object.
//
if (FileInformationClass == FileDirectoryInformation) {
operationlength = sizeof(FILE_DIRECTORY_INFORMATION);
} else if (FileInformationClass == FileOleDirectoryInformation) {
operationlength = sizeof(FILE_OLE_DIR_INFORMATION);
} else if (MinorFunction == IRP_MN_QUERY_DIRECTORY) {
switch (FileInformationClass)
{
case FileFullDirectoryInformation:
operationlength = sizeof(FILE_FULL_DIR_INFORMATION);
break;
case FileBothDirectoryInformation:
operationlength = sizeof(FILE_BOTH_DIR_INFORMATION);
break;
case FileNamesInformation:
operationlength = sizeof(FILE_NAMES_INFORMATION);
break;
}
}
//
// If the FileInformationClass parameter is illegal, fail now.
//
if (operationlength == 0) {
return STATUS_INVALID_INFO_CLASS;
}
//
// Ensure that the caller's supplied buffer is at least large enough
// to contain the fixed part of the structure required for this
// query.
//
if (Length < operationlength) {
return STATUS_INFO_LENGTH_MISMATCH;
}
//
// The FileInformation buffer must be writeable by the caller.
//
#if defined(_X86_)
ProbeForWrite( FileInformation, Length, sizeof( ULONG ) );
#else
ProbeForWrite( FileInformation,
Length,
IopQuerySetAlignmentRequirement[FileInformationClass] );
#endif
}
//
// If the optional FileName parameter was specified, then it must be
// readable by the caller. Capture the file name string in a pool
// block. Note that if an error occurs during the copy, the cleanup
// code in the exception handler will deallocate the pool before
// returning an access violation status.
//
if (ARGUMENT_PRESENT( FileName )) {
UNICODE_STRING fileName;
PUNICODE_STRING nameBuffer;
//
// Capture the string descriptor itself to ensure that the
// string is readable by the caller without the caller being
// able to change the memory while its being checked.
//
if (requestorMode != KernelMode) {
fileName = ProbeAndReadUnicodeString( FileName );
} else {
fileName = *FileName;
}
if (fileName.Length) {
//
// The length of the string is non-zero, so probe the
// buffer described by the descriptor if the caller was
// not kernel mode. Likewise, if the caller's mode was
// not kernel, then check the length of the name string
// to ensure that it is not too long.
//
if (requestorMode != KernelMode) {
ProbeForRead( fileName.Buffer,
fileName.Length,
sizeof( UCHAR ) );
//
// account for unicode
//
if (fileName.Length > MAXIMUM_FILENAME_LENGTH<<1) {
ExRaiseStatus( STATUS_INVALID_PARAMETER );
}
}
//
// Allocate an auxiliary buffer large enough to contain
// a file name descriptor and to hold the entire file
// name itself. Copy the body of the string into the
// buffer.
//
auxiliaryBuffer = ExAllocatePoolWithQuota( NonPagedPool,
fileName.Length + sizeof( UNICODE_STRING ) );
RtlCopyMemory( auxiliaryBuffer + sizeof( UNICODE_STRING ),
fileName.Buffer,
fileName.Length );
//
// Finally, build the Unicode string descriptor in the
// auxiliary buffer.
//
nameBuffer = (PUNICODE_STRING) auxiliaryBuffer;
nameBuffer->Length = fileName.Length;
nameBuffer->MaximumLength = fileName.Length;
nameBuffer->Buffer = (PWSTR) (auxiliaryBuffer + sizeof( UNICODE_STRING ) );
}
}
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred while probing the caller's buffers,
// attempting to allocate a pool buffer, or while trying to copy
// the caller's data. Determine what happened, clean everything
// up, and return an appropriate error status code.
//
if (auxiliaryBuffer) {
ExFreePool( auxiliaryBuffer );
}
#if DBG
if (GetExceptionCode() == STATUS_DATATYPE_MISALIGNMENT) {
DbgBreakPoint();
}
#endif // DBG
return GetExceptionCode();
}
//
// There were no blatant errors so far, so reference the file object so
// the target device object can be found. Note that if the handle does
// not refer to a file object, or if the caller does not have the required
// access to the file, then it will fail.
//
status = ObReferenceObjectByHandle( FileHandle,
FILE_LIST_DIRECTORY,
IoFileObjectType,
requestorMode,
(PVOID *) &fileObject,
(POBJECT_HANDLE_INFORMATION) NULL );
if (!NT_SUCCESS( status )) {
if (auxiliaryBuffer) {
ExFreePool( auxiliaryBuffer );
}
return status;
}
*FileObject = fileObject;
//
// If this file has an I/O completion port associated w/it, then ensure
// that the caller did not supply an APC routine, as the two are mutually
// exclusive methods for I/O completion notification.
//
if (fileObject->CompletionContext && ARGUMENT_PRESENT( ApcRoutine )) {
ObDereferenceObject( fileObject );
if (auxiliaryBuffer) {
ExFreePool( auxiliaryBuffer );
}
return STATUS_INVALID_PARAMETER;
}
//
// Get the address of the event object and set the event to the Not-
// Signaled state, if an event was specified. Note here, too, that if
// the handle does not refer to an event, or if the event cannot be
// written, then the reference will fail.
//
if (ARGUMENT_PRESENT( Event )) {
status = ObReferenceObjectByHandle( Event,
EVENT_MODIFY_STATE,
ExEventObjectType,
requestorMode,
(PVOID *) &eventObject,
(POBJECT_HANDLE_INFORMATION) NULL );
if (!NT_SUCCESS( status )) {
if (auxiliaryBuffer) {
ExFreePool( auxiliaryBuffer );
}
ObDereferenceObject( fileObject );
return status;
} else {
KeClearEvent( eventObject );
}
}
//
// Make a special check here to determine whether this is a synchronous
// I/O operation. If it is, then wait here until the file is owned by
// the current thread.
//
if (fileObject->Flags & FO_SYNCHRONOUS_IO) {
BOOLEAN interrupted;
if (!IopAcquireFastLock( fileObject )) {
status = IopAcquireFileObjectLock( fileObject,
requestorMode,
(BOOLEAN) ((fileObject->Flags & FO_ALERTABLE_IO) != 0),
&interrupted );
if (interrupted) {
if (auxiliaryBuffer != NULL) {
ExFreePool( auxiliaryBuffer );
}
if (eventObject != NULL) {
ObDereferenceObject( eventObject );
}
ObDereferenceObject( fileObject );
return status;
}
}
*SynchronousIo = TRUE;
} else {
*SynchronousIo = FALSE;
}
//
// Set the file object to the Not-Signaled state.
//
KeClearEvent( &fileObject->Event );
//
// Get the address of the target device object.
//
deviceObject = IoGetRelatedDeviceObject( fileObject );
*DeviceObject = deviceObject;
//
// Allocate and initialize the I/O Request Packet (IRP) for this operation.
// The allocation is performed with an exception handler in case the
// caller does not have enough quota to allocate the packet.
irp = IoAllocateIrp( deviceObject->StackSize, TRUE );
if (!irp) {
//
// An IRP could not be allocated. Cleanup and return an appropriate
// error status code.
//
IopAllocateIrpCleanup( fileObject, eventObject );
return STATUS_INSUFFICIENT_RESOURCES;
}
*Pirp = irp;
irp->Tail.Overlay.OriginalFileObject = fileObject;
irp->Tail.Overlay.Thread = PsGetCurrentThread();
irp->RequestorMode = requestorMode;
//
// Fill in the service independent parameters in the IRP.
//
irp->UserEvent = eventObject;
irp->UserIosb = IoStatusBlock;
irp->Overlay.AsynchronousParameters.UserApcRoutine = ApcRoutine;
irp->Overlay.AsynchronousParameters.UserApcContext = ApcContext;
//
// Get a pointer to the stack location for the first driver. This will be
// used to pass the original function codes and parameters.
//
irpSp = IoGetNextIrpStackLocation( irp );
irpSp->MajorFunction = IRP_MJ_DIRECTORY_CONTROL;
irpSp->MinorFunction = MinorFunction;
irpSp->FileObject = fileObject;
// Also, copy the caller's parameters to the service-specific portion of
// the IRP.
//
irp->Tail.Overlay.AuxiliaryBuffer = auxiliaryBuffer;
irp->AssociatedIrp.SystemBuffer = (PVOID) NULL;
irp->MdlAddress = (PMDL) NULL;
//
// Now determine whether this driver expects to have data buffered to it
// or whether it performs direct I/O. This is based on the DO_BUFFERED_IO
// flag in the device object. If the flag is set, then a system buffer is
// allocated and the driver's data will be copied into it. Otherwise, a
// Memory Descriptor List (MDL) is allocated and the caller's buffer is
// locked down using it.
//
if (deviceObject->Flags & DO_BUFFERED_IO) {
//
// The device does not support direct I/O. Allocate a system buffer
// and specify that it should be deallocated on completion. Also
// indicate that this is an input operation so the data will be copied
// into the caller's buffer. This is done using an exception handler
// that will perform cleanup if the operation fails.
//
try {
//
// Allocate the intermediary system buffer from nonpaged pool and
// charge quota for it.
//
irp->AssociatedIrp.SystemBuffer =
ExAllocatePoolWithQuota( NonPagedPool, Length );
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred while either probing the caller's
// buffer or allocate the system buffer. Determine what actually
// happened, clean everything up, and return an appropriate error
// status code.
//
IopExceptionCleanup( fileObject,
irp,
eventObject,
(PKEVENT) NULL );
if (auxiliaryBuffer != NULL) {
ExFreePool( auxiliaryBuffer );
}
return GetExceptionCode();
}
//
// Remember the address of the caller's buffer so the copy can take
// place during I/O completion. Also, set the flags so that the
// completion code knows to do the copy and to deallocate the buffer.
//
irp->UserBuffer = FileInformation;
irp->Flags = (ULONG) (IRP_BUFFERED_IO |
IRP_DEALLOCATE_BUFFER |
IRP_INPUT_OPERATION);
} else if (deviceObject->Flags & DO_DIRECT_IO) {
//
// This is a direct I/O operation. Allocate an MDL and invoke the
// memory management routine to lock the buffer into memory. This is
// done using an exception handler that will perform cleanup if the
// operation fails.
//
mdl = (PMDL) NULL;
try {
//
// Allocate an MDL, charging quota for it, and hang it off of the
// IRP. Probe and lock the pages associated with the caller's
// buffer for write access and fill in the MDL with the PFNs of
// those pages.
//
mdl = IoAllocateMdl( FileInformation, Length, FALSE, TRUE, irp );
if (mdl == NULL) {
ExRaiseStatus( STATUS_INSUFFICIENT_RESOURCES );
}
MmProbeAndLockPages( mdl, requestorMode, IoWriteAccess );
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred while either probing the caller's
// buffer or allocating the MDL. Determine what actually happened,
// clean everything up, and return an appropriate error status code.
//
IopExceptionCleanup( fileObject,
irp,
eventObject,
(PKEVENT) NULL );
if (auxiliaryBuffer != NULL) {
ExFreePool( auxiliaryBuffer );
}
return GetExceptionCode();
}
} else {
//
// Pass the address of the user's buffer so the driver has access to
// it. It is now the driver's responsibility to do everything.
//
irp->UserBuffer = FileInformation;
}
//
// Copy the caller's parameters to the service-specific portion of the
// IRP.
//
irpSp->Parameters.QueryDirectory.Length = Length;
irpSp->Parameters.QueryDirectory.FileInformationClass = FileInformationClass;
irpSp->Parameters.QueryDirectory.FileIndex = 0;
irpSp->Parameters.QueryDirectory.FileName = (PSTRING) auxiliaryBuffer;
irpSp->Flags = 0;
if (RestartScan) {
irpSp->Flags = SL_RESTART_SCAN;
}
if (ReturnSingleEntry) {
irpSp->Flags |= SL_RETURN_SINGLE_ENTRY;
}
irp->Flags |= IRP_DEFER_IO_COMPLETION;
//
// Return with everything set up for the caller to complete the I/O.
//
return STATUS_SUCCESS;
}
NTSTATUS
NtQueryDirectoryFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan
)
/*++
Routine Description:
This service operates on a directory file specified by the FileHandle
parameter. The service returns information about files in the directory
specified by the file handle. The ReturnSingleEntry parameter specifies
that only a single entry should be returned rather than filling the buffer.
The actual number of files whose information is returned, is the smallest
of the following:
o One entry, if the ReturnSingleEntry parameter is TRUE.
o The number of files whose information fits into the specified
buffer.
o The number of files that exist.
o One entry if the optional FileName parameter is specified.
If the optional FileName parameter is specified, then the only information
that is returned is for that single file, if it exists. Note that the
file name may not specify any wildcard characters according to the naming
conventions of the target file system. The ReturnSingleEntry parameter is
simply ignored.
The information that is obtained about the files in the directory is based
on the FileInformationClass parameter. The legal values are as follows:
o FileNamesInformation
o FileDirectoryInformation
o FileFullDirectoryInformation
o FileOleDirectoryInformation
Arguments:
FileHandle - Supplies a handle to the directory file for which information
should be returned.
Event - Supplies an optional event to be set to the Signaled state when
the query is complete.
ApcRoutine - Supplies an optional APC routine to be executed when the
query is complete.
ApcContext - Supplies a context parameter to be passed to the ApcRoutine,
if an ApcRoutine was specified.
IoStatusBlock - Address of the caller's I/O status block.
FileInformation - Supplies a buffer to receive the requested information
returned about the contents of the directory.
Length - Supplies the length, in bytes, of the FileInformation buffer.
FileInformationClass - Specfies the type of information that is to be
returned about the files in the specified directory.
ReturnSingleEntry - Supplies a BOOLEAN value that, if TRUE, indicates that
only a single entry should be returned.
FileName - Optionally supplies a file name within the specified directory.
RestartScan - Supplies a BOOLEAN value that, if TRUE, indicates that the
scan should be restarted from the beginning. This parameter must be
set to TRUE by the caller the first time the service is invoked.
Return Value:
The status returned is success if the query operation was properly queued
to the I/O system. Once the operation completes, the status of the query
can be determined by examining the Status field of the I/O status block.
--*/
{
NTSTATUS status;
BOOLEAN synchronousIo;
PDEVICE_OBJECT deviceObject;
PIRP irp;
PFILE_OBJECT fileObject;
KPROCESSOR_MODE requestorMode;
PAGED_CODE();
//
// Build the irp with the appropriate minor function & allowed info levels.
//
status = BuildQueryDirectoryIrp( FileHandle,
Event,
ApcRoutine,
ApcContext,
IoStatusBlock,
FileInformation,
Length,
FileInformationClass,
ReturnSingleEntry,
FileName,
RestartScan,
IRP_MN_QUERY_DIRECTORY,
&synchronousIo,
&deviceObject,
&irp,
&fileObject,
&requestorMode);
if (NT_SUCCESS( status )) {
//
// Queue the packet, call the driver, and synchronize appopriately with
// I/O completion.
//
status = IopSynchronousServiceTail( deviceObject,
irp,
fileObject,
TRUE,
requestorMode,
synchronousIo,
OtherTransfer );
}
return status;
}
NTSTATUS
NtQueryOleDirectoryFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan
)
/*++
Routine Description:
This service operates on a directory file specified by the FileHandle
parameter. The service returns information about OLE embeddings and
streams in the container specified by the file handle. The
ReturnSingleEntry parameter specifies that only a single entry should be
returned rather than filling the buffer. The actual number of entries
whose information is returned, is the smallest of the following:
o One entry, if the ReturnSingleEntry parameter is TRUE.
o The number of entries whose information fits into the specified
buffer.
o The number of OLE embeddings and streams that exist.
o One entry if the optional FileName parameter is specified.
If the optional FileName parameter is specified, then the only information
that is returned is for that single entry, if it exists. Note that the
file name may not specify any wildcard characters according to the naming
conventions of the target file system. The ReturnSingleEntry parameter is
simply ignored.
The information that is obtained about the OLE embeddings and streams in
the container is based on the FileInformationClass parameter. The legal
values are as follows:
o FileDirectoryInformation
o FileOleDirectoryInformation
Arguments:
FileHandle - Supplies a handle to the container for which information
should be returned.
Event - Supplies an optional event to be set to the Signaled state when
the query is complete.
ApcRoutine - Supplies an optional APC routine to be executed when the
query is complete.
ApcContext - Supplies a context parameter to be passed to the ApcRoutine,
if an ApcRoutine was specified.
IoStatusBlock - Address of the caller's I/O status block.
FileInformation - Supplies a buffer to receive the requested information
returned about the contents of the container.
Length - Supplies the length, in bytes, of the FileInformation buffer.
FileInformationClass - Specfies the type of information that is to be
returned about the embeddings and streams in the specified container.
ReturnSingleEntry - Supplies a BOOLEAN value that, if TRUE, indicates that
only a single entry should be returned.
FileName - Optionally supplies an embeeding/stream name within the
specified container.
RestartScan - Supplies a BOOLEAN value that, if TRUE, indicates that the
scan should be restarted from the beginning. This parameter must be
set to TRUE by the caller the first time the service is invoked.
Return Value:
The status returned is success if the query operation was properly queued
to the I/O system. Once the operation completes, the status of the query
can be determined by examining the Status field of the I/O status block.
--*/
{
NTSTATUS status;
BOOLEAN synchronousIo;
PDEVICE_OBJECT deviceObject;
PIRP irp;
PFILE_OBJECT fileObject;
KPROCESSOR_MODE requestorMode;
PAGED_CODE();
//
// Build the irp with the appropriate minor function & allowed info levels.
//
status = BuildQueryDirectoryIrp( FileHandle,
Event,
ApcRoutine,
ApcContext,
IoStatusBlock,
FileInformation,
Length,
FileInformationClass,
ReturnSingleEntry,
FileName,
RestartScan,
IRP_MN_QUERY_OLE_DIRECTORY,
&synchronousIo,
&deviceObject,
&irp,
&fileObject,
&requestorMode);
if (NT_SUCCESS( status )) {
//
// Queue the packet, call the driver, and synchronize appopriately with
// I/O completion.
//
status = IopSynchronousServiceTail( deviceObject,
irp,
fileObject,
TRUE,
requestorMode,
synchronousIo,
OtherTransfer );
}
return status;
}
NTSTATUS
NtNotifyChangeDirectoryFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID Buffer,
IN ULONG Length,
IN ULONG CompletionFilter,
IN BOOLEAN WatchTree
)
/*++
Routine Description:
This service monitors a directory file for changes. Once a change is
made to the directory specified by the FileHandle parameter, the I/O
operation is completed.
Arguments:
FileHandle - Supplies a handle to the file whose EAs should be changed.
Event - Supplies an optional event to be set to the Signaled state when the
change is complete.
ApcRoutine - Supplies an optional APC routine to be executed when the change
is complete.
ApcContext - Supplies a context parameter to be passed to the ApcRoutine,
if an ApcRoutine was specified.
IoStatusBlock - Address of the caller's I/O status block.
Buffer - Address of variable to receive the names of the files or
directories that have changed since the last time that the service
was invoked.
Length - Length of the output buffer. On the first call, this parameter
also serves as a guideline for how large to make the system's
internal buffer. Specifying a buffer length of zero causes the request
to complete when changes are made, but no information about the
changes are returned.
CompletionFilter - Indicates the types of changes to files or directories
within the directory that will complete the I/O operation.
WatchTree - A BOOLEAN value that indicates whether or not changes to
directories below the directory referred to by the FileHandle
parameter cause the operation to complete.
Return Value:
The status returned is success if the operation was properly queued to the
I/O system. Once the operation completes, the status of the operation can
be determined by examining the Status field of the I/O status block.
--*/
{
PIRP irp;
NTSTATUS status;
PFILE_OBJECT fileObject;
PDEVICE_OBJECT deviceObject;
PKEVENT eventObject = (PKEVENT) NULL;
KPROCESSOR_MODE requestorMode;
PIO_STACK_LOCATION irpSp;
BOOLEAN synchronousIo;
PAGED_CODE();
//
// Get the previous mode; i.e., the mode of the caller.
//
requestorMode = KeGetPreviousMode();
if (requestorMode != KernelMode) {
//
// The caller's access mode is user, so probe each of the arguments
// and capture them as necessary. If any failures occur, the condition
// handler will be invoked to handle them. It will simply cleanup and
// return an access violation status code back to the system service
// dispatcher.
//
try {
//
// The IoStatusBlock parameter must be writeable by the caller.
//
ProbeForWriteIoStatus( IoStatusBlock );
//
// The Buffer parameter must be writeable by the caller.
//
if (Length != 0) {
ProbeForWrite( Buffer,
Length,
sizeof( ULONG ) );
}
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred probing the caller's I/O status
// block. Simply return the appropriate error status code.
//
return GetExceptionCode();
}
//
// The CompletionFilter parameter must not contain any values which
// are illegal, nor may it not specifiy anything at all. Likewise,
// the caller must supply a non-null buffer.
//
if (((CompletionFilter & ~FILE_NOTIFY_VALID_MASK) ||
!CompletionFilter)) {
return STATUS_INVALID_PARAMETER;
}
}
//
// There were no blatant errors so far, so reference the file object so
// the target device object can be found. Note that if the handle does
// not refer to a file object, or if the caller does not have the required
// access to the file, then it will fail.
//
status = ObReferenceObjectByHandle( FileHandle,
FILE_LIST_DIRECTORY,
IoFileObjectType,
requestorMode,
(PVOID *) &fileObject,
(POBJECT_HANDLE_INFORMATION) NULL );
if (!NT_SUCCESS( status )) {
return status;
}
//
// If this file has an I/O completion port associated w/it, then ensure
// that the caller did not supply an APC routine, as the two are mutually
// exclusive methods for I/O completion notification.
//
if (fileObject->CompletionContext && ARGUMENT_PRESENT( ApcRoutine )) {
ObDereferenceObject( fileObject );
return STATUS_INVALID_PARAMETER;
}
//
// Get the address of the event object and set the event to the Not-
// Signaled state, if an event was specified. Note here too, that if
// the handle does not refer to an event, or if the event cannot be
// written, then the reference will fail.
//
if (ARGUMENT_PRESENT( Event )) {
status = ObReferenceObjectByHandle( Event,
EVENT_MODIFY_STATE,
ExEventObjectType,
requestorMode,
(PVOID *) &eventObject,
(POBJECT_HANDLE_INFORMATION) NULL );
if (!NT_SUCCESS( status )) {
ObDereferenceObject( fileObject );
return status;
} else {
KeClearEvent( eventObject );
}
}
//
// Make a special check here to determine whether this is a synchronous
// I/O operation. If it is, then wait here until the file is owned by
// the current thread.
//
if (fileObject->Flags & FO_SYNCHRONOUS_IO) {
BOOLEAN interrupted;
if (!IopAcquireFastLock( fileObject )) {
status = IopAcquireFileObjectLock( fileObject,
requestorMode,
(BOOLEAN) ((fileObject->Flags & FO_ALERTABLE_IO) != 0),
&interrupted );
if (interrupted) {
if (eventObject != NULL) {
ObDereferenceObject( eventObject );
}
ObDereferenceObject( fileObject );
return status;
}
}
synchronousIo = TRUE;
} else {
synchronousIo = FALSE;
}
//
// Set the file object to the Not-Signaled state.
//
KeClearEvent( &fileObject->Event );
//
// Get the address of the target device object.
//
deviceObject = IoGetRelatedDeviceObject( fileObject );
//
// Allocate and initialize the I/O Request Packet (IRP) for this operation.
// The allocation is performed with an exception handler in case the
// caller does not have enough quota to allocate the packet.
irp = IoAllocateIrp( deviceObject->StackSize, TRUE );
if (!irp) {
//
// An IRP could not be allocated. Cleanup and return an appropriate
// error status code.
//
IopAllocateIrpCleanup( fileObject, eventObject );
return STATUS_INSUFFICIENT_RESOURCES;
}
irp->Tail.Overlay.OriginalFileObject = fileObject;
irp->Tail.Overlay.Thread = PsGetCurrentThread();
irp->RequestorMode = requestorMode;
//
// Fill in the service independent parameters in the IRP.
//
irp->UserEvent = eventObject;
irp->UserIosb = IoStatusBlock;
irp->Overlay.AsynchronousParameters.UserApcRoutine = ApcRoutine;
irp->Overlay.AsynchronousParameters.UserApcContext = ApcContext;
//
// Get a pointer to the stack location for the first driver. This will be
// used to pass the original function codes and the parameters.
//
irpSp = IoGetNextIrpStackLocation( irp );
irpSp->MajorFunction = IRP_MJ_DIRECTORY_CONTROL;
irpSp->MinorFunction = IRP_MN_NOTIFY_CHANGE_DIRECTORY;
irpSp->FileObject = fileObject;
//
// Now determine whether this device expects to have data buffered to it
// or whether it performs direct I/O. This is based on the DO_BUFFERED_IO
// flag in the device object. If the flag is set, then a system buffer is
// allocated and the driver's data will be copied into it. Otherwise, a
// Memory Descriptor List (MDL) is allocated and the caller's buffer is
// locked down using it.
//
if (Length != 0) {
if (deviceObject->Flags & DO_BUFFERED_IO) {
//
// The device does not support direct I/O. Allocate a system
// buffer and specify that it should be deallocated on completion.
// Also indicate that this is an input operation so the data will
// be copied into the caller's buffer. This is done using an
// exception handler that will perform cleanup if the operation
// fails.
//
try {
//
// Allocate the intermediary system buffer from nonpaged pool
// and charge quota for it.
//
irp->AssociatedIrp.SystemBuffer =
ExAllocatePoolWithQuota( NonPagedPool, Length );
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred while attempting to allocate the
// intermediary system buffer. Clean everything up and return
// an appropriate error status code.
//
IopExceptionCleanup( fileObject,
irp,
eventObject,
(PKEVENT) NULL );
return GetExceptionCode();
}
//
// Remember the address of the caller's buffer so the copy can take
// place during I/O completion. Also, set the flags so that the
// completion code knows to do the copy and to deallocate the
// buffer.
//
irp->UserBuffer = Buffer;
irp->Flags = IRP_BUFFERED_IO |
IRP_DEALLOCATE_BUFFER |
IRP_INPUT_OPERATION;
} else if (deviceObject->Flags & DO_DIRECT_IO) {
//
// This is a direct I/O operation. Allocate an MDL and invoke the
// memory management routine to lock the buffer into memory. This
// is done using an exception handler that will perform cleanup if
// the operation fails.
//
PMDL mdl;
mdl = (PMDL) NULL;
try {
//
// Allocate an MDL, charging quota for it, and hang it off of
// the IRP. Probe and lock the pages associated with the
// caller's buffer for write access and fill in the MDL with
// the PFNs of those pages.
//
mdl = IoAllocateMdl( Buffer, Length, FALSE, TRUE, irp );
if (mdl == NULL) {
ExRaiseStatus( STATUS_INSUFFICIENT_RESOURCES );
}
MmProbeAndLockPages( mdl, requestorMode, IoWriteAccess );
} except(EXCEPTION_EXECUTE_HANDLER) {
//
// An exception was incurred while either probing the caller's
// buffer of allocating the MDL. Determine what actually
// happened, clean everything up, and return an appropriate
// error status code.
//
IopExceptionCleanup( fileObject,
irp,
eventObject,
(PKEVENT) NULL );
return GetExceptionCode();
}
} else {
//
// Pass the address of the user's buffer so the driver has access
// to it. It is now the driver's responsibility to do everything.
//
irp->UserBuffer = Buffer;
}
}
//
// Copy the caller's parameters to the service-specific portion of the
// IRP.
//
irpSp->Parameters.NotifyDirectory.Length = Length;
irpSp->Parameters.NotifyDirectory.CompletionFilter = CompletionFilter;
if (WatchTree) {
irpSp->Flags = SL_WATCH_TREE;
}
//
// Queue the packet, call the driver, and synchronize appopriately with
// I/O completion.
//
return IopSynchronousServiceTail( deviceObject,
irp,
fileObject,
FALSE,
requestorMode,
synchronousIo,
OtherTransfer );
}