3569 lines
97 KiB
C
3569 lines
97 KiB
C
/*++
|
|
|
|
Copyright (c) 1998-1999 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
srlog.c
|
|
|
|
Abstract:
|
|
|
|
this file implements the sr logging functionality
|
|
|
|
Author:
|
|
|
|
Kanwaljit Marok (kmarok) 01-May-2000
|
|
|
|
Revision History:
|
|
|
|
--*/
|
|
|
|
#include "precomp.h"
|
|
#include "srdefs.h"
|
|
|
|
//
|
|
// Some SR_LOG related macros
|
|
//
|
|
|
|
#define MAX_RENAME_TRIES 1000
|
|
|
|
|
|
#define SR_LOG_FLAGS_ENABLE 0x00000001
|
|
#define SR_LOG_FLAGS_DIRTY 0x00000010
|
|
|
|
#define SR_MAX_LOG_FILE_SIZE (1024*1024)
|
|
|
|
//
|
|
// system volume information\_restore{machineguid}
|
|
//
|
|
|
|
#define SR_DATASTORE_PREFIX_LENGTH 79 * sizeof(WCHAR)
|
|
|
|
//
|
|
// Length of \_restore.{machineguid}\RPXX\S0000000.ACL
|
|
//
|
|
|
|
#define SR_ACL_FILENAME_LENGTH (SR_DATASTORE_PREFIX_LENGTH + \
|
|
32* sizeof(WCHAR))
|
|
|
|
#define SR_INLINE_ACL_SIZE(AclInfoSize) (sizeof(RECORD_HEADER)+ AclInfoSize)
|
|
|
|
#define SR_FILE_ACL_SIZE(pVolumeName) (sizeof(RECORD_HEADER) + \
|
|
pVolumeName->Length + \
|
|
SR_ACL_FILENAME_LENGTH)
|
|
|
|
#define UPDATE_LOG_OFFSET( pLogContext, BytesWritten ) \
|
|
((pLogContext)->FileOffset += BytesWritten)
|
|
|
|
#define RESET_LOG_BUFFER( pLogContext ) \
|
|
((pLogContext)->BufferOffset = 0, \
|
|
(pLogContext)->LastBufferOffset = 0)
|
|
|
|
#define RESET_LOG_CONTEXT( pLogContext ) \
|
|
((pLogContext)->FileOffset = 0, \
|
|
RESET_LOG_BUFFER( pLogContext ), \
|
|
(pLogContext)->LoggingFlags = 0, \
|
|
(pLogContext)->AllocationSize = 0)
|
|
|
|
#define SET_ENABLE_FLAG( pLogContext ) \
|
|
SetFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )
|
|
|
|
#define CLEAR_ENABLE_FLAG( pLogContext ) \
|
|
ClearFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE )
|
|
|
|
#define SET_DIRTY_FLAG( pLogContext ) \
|
|
SetFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY)
|
|
|
|
#define CLEAR_DIRTY_FLAG( pLogContext ) \
|
|
ClearFlag( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY )
|
|
|
|
|
|
//
|
|
// Context passed to SrCreateFile
|
|
//
|
|
typedef struct _SR_OPEN_CONTEXT {
|
|
//
|
|
// Path to file
|
|
//
|
|
PUNICODE_STRING pPath;
|
|
//
|
|
// Handle will be returned here
|
|
//
|
|
HANDLE Handle;
|
|
//
|
|
// Open options
|
|
//
|
|
ACCESS_MASK DesiredAccess;
|
|
ULONG FileAttributes;
|
|
ULONG ShareAccess;
|
|
ULONG CreateDisposition;
|
|
ULONG CreateOptions;
|
|
|
|
PSR_DEVICE_EXTENSION pExtension;
|
|
|
|
} SR_OPEN_CONTEXT, *PSR_OPEN_CONTEXT;
|
|
|
|
//
|
|
// Note : These api can be called only when the FileSystem
|
|
// is online and it is safe to read/write data.
|
|
//
|
|
|
|
|
|
VOID
|
|
SrPackString(
|
|
IN PBYTE pBuffer,
|
|
IN DWORD BufferSize,
|
|
IN DWORD RecordType,
|
|
IN PUNICODE_STRING pString
|
|
);
|
|
|
|
NTSTATUS
|
|
SrPackLogHeader(
|
|
IN PSR_LOG_HEADER *ppLogHeader,
|
|
IN PUNICODE_STRING pVolumePath
|
|
);
|
|
|
|
NTSTATUS
|
|
SrPackAclInformation(
|
|
IN PBYTE pBuffer,
|
|
IN PSECURITY_DESCRIPTOR pSecInfo,
|
|
IN ULONG SecInfoSize,
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN BOOLEAN bInline
|
|
);
|
|
|
|
VOID
|
|
SrLoggerFlushDpc(
|
|
IN PKDPC Dpc,
|
|
IN PVOID DeferredContext,
|
|
IN PVOID SystemArgument1,
|
|
IN PVOID SystemArgument2
|
|
);
|
|
|
|
VOID
|
|
SrLoggerFlushWorkItem (
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PVOID Context
|
|
);
|
|
|
|
VOID
|
|
SrLoggerAddLogContext(
|
|
IN PSR_LOGGER_CONTEXT pLoggerInfo,
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrLoggerRemoveLogContext(
|
|
IN PSR_LOGGER_CONTEXT pLoggerInfo,
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrLogOpen(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrLogClose(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrLogCheckAndRename(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PUNICODE_STRING pLogPath,
|
|
IN HANDLE ExistingLogHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SrpLogWriteSynchronous(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PSR_LOG_CONTEXT pLogContext,
|
|
IN PSR_LOG_ENTRY pLogEntry
|
|
);
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
NTSTATUS
|
|
SrpLogWriteAsynchronous(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PSR_LOG_CONTEXT pLogContext,
|
|
IN PSR_LOG_ENTRY pLogEntry
|
|
);
|
|
#endif
|
|
|
|
NTSTATUS
|
|
SrLogFlush (
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrLogSwitch(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
);
|
|
|
|
NTSTATUS
|
|
SrGetRestorePointPath(
|
|
IN PUNICODE_STRING pVolumeName,
|
|
IN USHORT RestPtPathLength,
|
|
OUT PUNICODE_STRING pRestPtPath
|
|
);
|
|
|
|
NTSTATUS
|
|
SrGetAclFileName(
|
|
IN PUNICODE_STRING pVolumeName,
|
|
IN USHORT AclFileNameLength,
|
|
OUT PUNICODE_STRING pAclFileName
|
|
);
|
|
|
|
NTSTATUS
|
|
SrCreateFile(
|
|
IN PSR_OPEN_CONTEXT pOpenContext
|
|
);
|
|
|
|
|
|
//
|
|
// linker commands
|
|
//
|
|
|
|
#ifdef ALLOC_PRAGMA
|
|
|
|
#pragma alloc_text( PAGE, SrPackString )
|
|
#pragma alloc_text( PAGE, SrPackLogEntry )
|
|
#pragma alloc_text( PAGE, SrPackLogHeader )
|
|
#pragma alloc_text( PAGE, SrPackDebugInfo )
|
|
#pragma alloc_text( PAGE, SrPackAclInformation )
|
|
#pragma alloc_text( PAGE, SrLoggerStart )
|
|
#pragma alloc_text( PAGE, SrLoggerStop )
|
|
#pragma alloc_text( PAGE, SrLoggerFlushWorkItem )
|
|
#pragma alloc_text( PAGE, SrLoggerAddLogContext )
|
|
#pragma alloc_text( PAGE, SrLoggerRemoveLogContext )
|
|
#pragma alloc_text( PAGE, SrLoggerSwitchLogs )
|
|
#pragma alloc_text( PAGE, SrCreateFile )
|
|
#pragma alloc_text( PAGE, SrLogOpen )
|
|
#pragma alloc_text( PAGE, SrLogClose )
|
|
#pragma alloc_text( PAGE, SrLogCheckAndRename )
|
|
#pragma alloc_text( PAGE, SrLogStart )
|
|
#pragma alloc_text( PAGE, SrLogStop )
|
|
#pragma alloc_text( PAGE, SrLogFlush )
|
|
|
|
#ifdef SYNC_LOG_WRITE
|
|
#pragma alloc_text( PAGE, SrpLogWriteSynchronous )
|
|
#else
|
|
#pragma alloc_text( PAGE, SrpLogWriteAsynchronous )
|
|
#endif
|
|
|
|
#pragma alloc_text( PAGE, SrLogFlush )
|
|
#pragma alloc_text( PAGE, SrLogWrite )
|
|
#pragma alloc_text( PAGE, SrLogSwitch )
|
|
#pragma alloc_text( PAGE, SrGetRestorePointPath )
|
|
#pragma alloc_text( PAGE, SrGetLogFileName )
|
|
#pragma alloc_text( PAGE, SrGetAclFileName )
|
|
#pragma alloc_text( PAGE, SrGetAclInformation )
|
|
|
|
#endif // ALLOC_PRAGMA
|
|
|
|
/////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Packing/Marshaling Routines : Marshals information into records
|
|
//
|
|
/////////////////////////////////////////////////////////////////////
|
|
|
|
//++
|
|
// Function:
|
|
// SrPackString
|
|
//
|
|
// Description:
|
|
// This function packs a string into a record.
|
|
//
|
|
// Arguments:
|
|
// Pointer to memory to create the entry
|
|
// Size of memory
|
|
// Entry type
|
|
// Pointer to unicode string
|
|
//
|
|
// Return Value:
|
|
// None
|
|
//--
|
|
|
|
static
|
|
VOID
|
|
SrPackString(
|
|
IN PBYTE pBuffer,
|
|
IN DWORD BufferSize,
|
|
IN DWORD RecordType,
|
|
IN PUNICODE_STRING pString
|
|
)
|
|
{
|
|
PRECORD_HEADER pHeader = (PRECORD_HEADER)pBuffer;
|
|
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER( BufferSize );
|
|
|
|
ASSERT( pBuffer );
|
|
ASSERT( pString );
|
|
|
|
pHeader->RecordSize = STRING_RECORD_SIZE( pString );
|
|
|
|
ASSERT( pHeader->RecordSize <= BufferSize );
|
|
|
|
pHeader->RecordType = RecordType;
|
|
|
|
//
|
|
// Copy string contents
|
|
//
|
|
|
|
RtlCopyMemory( pBuffer + sizeof(RECORD_HEADER),
|
|
pString->Buffer,
|
|
pString->Length );
|
|
|
|
//
|
|
// Add null terminator
|
|
//
|
|
|
|
*(PWCHAR)( pBuffer + sizeof(RECORD_HEADER) + pString->Length ) = UNICODE_NULL;
|
|
} // SrPackString
|
|
|
|
//++
|
|
// Function:
|
|
// SrPackLogEntry
|
|
//
|
|
// Description:
|
|
// This function allocates and fills a SR_LOG_ENTRY structure. The
|
|
// caller is responsible for freeing the memory returned in ppLogEntry.
|
|
//
|
|
// Arguments:
|
|
// ppLogEntry - Pointer to a SR_LOG_ENTRY pointer. This gets set to the
|
|
// the log entry structure that is allocated and initialized by this
|
|
// routine.
|
|
// EntryType - The type of log entry this is.
|
|
// Attributes - The attributes for this file.
|
|
// SequenceNum - The sequence number for this log entry.
|
|
// pAclInfo - The ACL information for the file being modified, if needed.
|
|
// AclInfoSize - The size in bytes of pAclInfo, if needed.
|
|
// pDebugBlob - The debug blob to log, if needed.
|
|
// pPath1 - The first full path for the file or dir that this log entry
|
|
// pertains to, if needed.
|
|
// Path1StreamLength - The length of the stream component of the name
|
|
// in pPath1, if needed.
|
|
// pTempPath - The path to the temporary file in the restore location,
|
|
// if needed.
|
|
// pPath2 - The second full path for the file or dir that this log entry
|
|
// pertains to, if needed.
|
|
// Path2StreamLength - The length of the stream component of the name
|
|
// in pPath2, if needed.
|
|
// pExtension - The SR device extension for this volume.
|
|
// pShortName - The short name for the file or dir that this log entry
|
|
// pertains to, if needed.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_INSUFFICIENT_RESOURCES if it cannot
|
|
// allocate a log entry record large enough to store this entry.
|
|
//
|
|
// If there is a problem getting the ACL info, that error status is
|
|
// returned.
|
|
//
|
|
// If one of the parameters is ill-formed, STATUS_INVALID_PARAMETER
|
|
// is returned.
|
|
//
|
|
// Otherwise, STATUS_SUCCESS is returned.
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrPackLogEntry(
|
|
OUT PSR_LOG_ENTRY *ppLogEntry,
|
|
IN ULONG EntryType,
|
|
IN ULONG Attributes,
|
|
IN INT64 SequenceNum,
|
|
IN PSECURITY_DESCRIPTOR pAclInfo OPTIONAL,
|
|
IN ULONG AclInfoSize OPTIONAL,
|
|
IN PVOID pDebugBlob OPTIONAL,
|
|
IN PUNICODE_STRING pPath1,
|
|
IN USHORT Path1StreamLength,
|
|
IN PUNICODE_STRING pTempPath OPTIONAL,
|
|
IN PUNICODE_STRING pPath2 OPTIONAL,
|
|
IN USHORT Path2StreamLength OPTIONAL,
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PUNICODE_STRING pShortName OPTIONAL
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
DWORD Size = 0;
|
|
DWORD RequiredSize = 0;
|
|
DWORD RecordSize = 0;
|
|
PBYTE pLoc = NULL;
|
|
DWORD EntryFlags = 0;
|
|
BOOLEAN bAclInline = TRUE;
|
|
PUCHAR pBuffer = NULL;
|
|
PUNICODE_STRING pVolumeName;
|
|
PSR_LOG_DEBUG_INFO pDebugInfo = (PSR_LOG_DEBUG_INFO) pDebugBlob;
|
|
|
|
//
|
|
// Unicode strings used for string manipulation.
|
|
//
|
|
|
|
UNICODE_STRING Path1Fix;
|
|
UNICODE_STRING TempPathFix;
|
|
UNICODE_STRING Path2Fix;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( pPath1 != NULL );
|
|
ASSERT( pExtension != NULL );
|
|
ASSERT( ppLogEntry != NULL );
|
|
|
|
pVolumeName = pExtension->pNtVolumeName;
|
|
ASSERT( pVolumeName != NULL );
|
|
|
|
// ====================================================================
|
|
//
|
|
// Prepare the necessary fields for the log entry.
|
|
//
|
|
// ====================================================================
|
|
|
|
//
|
|
// Remove the volume prefix from pPath1 and add the stream name to the
|
|
// visible portion of the name, if there is one.
|
|
//
|
|
|
|
ASSERT( RtlPrefixUnicodeString( pVolumeName, pPath1, FALSE ) );
|
|
ASSERT( IS_VALID_SR_STREAM_STRING( pPath1, Path1StreamLength ) );
|
|
|
|
Path1Fix.Length = Path1Fix.MaximumLength = (pPath1->Length + Path1StreamLength) - pVolumeName->Length;
|
|
Path1Fix.Buffer = (PWSTR)((PBYTE)pPath1->Buffer + pVolumeName->Length);
|
|
|
|
//
|
|
// Find the file name component of the pTempPath if that was passed in.
|
|
//
|
|
|
|
if (pTempPath != NULL)
|
|
{
|
|
PWSTR pFileName = NULL;
|
|
ULONG FileNameLength;
|
|
|
|
Status = SrFindCharReverse( pTempPath->Buffer,
|
|
pTempPath->Length,
|
|
L'\\',
|
|
&pFileName,
|
|
&FileNameLength );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
goto SrPackLogEntry_Exit;
|
|
}
|
|
|
|
ASSERT( pFileName != NULL );
|
|
|
|
//
|
|
// Move past the leading '\\'
|
|
//
|
|
|
|
pFileName++;
|
|
FileNameLength -= sizeof( WCHAR );
|
|
|
|
TempPathFix.Length = TempPathFix.MaximumLength = (USHORT) FileNameLength;
|
|
TempPathFix.Buffer = pFileName;
|
|
}
|
|
|
|
//
|
|
// Remove the volume prefix from pPath2 if that was provided. Also, add
|
|
// the stream component to the visible portion of the name, if there
|
|
// is a stream component.
|
|
//
|
|
|
|
if (pPath2 != NULL)
|
|
{
|
|
ASSERT( IS_VALID_SR_STREAM_STRING( pPath2, Path2StreamLength ) );
|
|
|
|
if (RtlPrefixUnicodeString( pVolumeName,
|
|
pPath2,
|
|
FALSE ))
|
|
{
|
|
Path2Fix.Length = Path2Fix.MaximumLength = (pPath2->Length + Path2StreamLength) - pVolumeName->Length;
|
|
Path2Fix.Buffer = (PWSTR)((PBYTE)pPath2->Buffer + pVolumeName->Length);
|
|
}
|
|
else
|
|
{
|
|
Path2Fix.Length = Path2Fix.MaximumLength = (pPath2->Length + Path2StreamLength);
|
|
Path2Fix.Buffer = pPath2->Buffer;
|
|
}
|
|
}
|
|
|
|
// ====================================================================
|
|
//
|
|
// Calculate the total size needed for the log entry based on the
|
|
// components that we must log.
|
|
//
|
|
// ====================================================================
|
|
|
|
// First, account for the SR_LOG_ENTRY header.
|
|
|
|
RequiredSize = FIELD_OFFSET(SR_LOG_ENTRY, SubRecords);
|
|
|
|
// Count pPath1
|
|
RequiredSize += ( STRING_RECORD_SIZE(&Path1Fix) );
|
|
|
|
// Count pTempPath, if we've got one
|
|
if (pTempPath)
|
|
{
|
|
RequiredSize += ( STRING_RECORD_SIZE(&TempPathFix) );
|
|
}
|
|
|
|
// Count pPath2, if we've got one
|
|
if (pPath2)
|
|
{
|
|
RequiredSize += ( STRING_RECORD_SIZE(&Path2Fix) );
|
|
}
|
|
|
|
// Count pAclInfo, if we've got one. At this point, we assume that the
|
|
// Acl will be stored inline.
|
|
if( pAclInfo )
|
|
{
|
|
RequiredSize += SR_INLINE_ACL_SIZE( AclInfoSize );
|
|
}
|
|
|
|
// Count pDebugInfo, if we've got any
|
|
if (pDebugInfo)
|
|
{
|
|
RequiredSize += pDebugInfo->Header.RecordSize;
|
|
}
|
|
|
|
// Count pShortName, if we've got one
|
|
if (pShortName != NULL && pShortName->Length > 0)
|
|
{
|
|
RequiredSize += ( STRING_RECORD_SIZE(pShortName) );
|
|
}
|
|
|
|
//
|
|
// increment the size to accomodate the entry size at the end
|
|
//
|
|
|
|
RequiredSize += sizeof(DWORD);
|
|
|
|
// ====================================================================
|
|
//
|
|
// Check if we meet the buffer size requirements and initialize the
|
|
// record if we do.
|
|
//
|
|
// ====================================================================
|
|
|
|
//
|
|
// First, determine if we should keep the AclInfo inline or not.
|
|
//
|
|
|
|
if (SR_INLINE_ACL_SIZE( AclInfoSize ) > SR_MAX_INLINE_ACL_SIZE)
|
|
{
|
|
SrTrace( LOG, ("SR!Changing Acl to Non-resident form\n"));
|
|
bAclInline = FALSE;
|
|
RequiredSize -= SR_INLINE_ACL_SIZE( AclInfoSize );
|
|
RequiredSize += SR_FILE_ACL_SIZE( pVolumeName );
|
|
}
|
|
|
|
//
|
|
// Now allocate the buffer that will hold the log entry.
|
|
//
|
|
|
|
pBuffer = SrAllocateLogEntry( RequiredSize );
|
|
|
|
if (pBuffer == NULL)
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto SrPackLogEntry_Exit;
|
|
}
|
|
|
|
// ====================================================================
|
|
//
|
|
// We've got a big enough LogEntry, so now properly fill the LogEntry.
|
|
//
|
|
// ====================================================================
|
|
|
|
//
|
|
// Initialize the static part of SR_LOG_ENTRY
|
|
//
|
|
|
|
RtlZeroMemory( pBuffer, RequiredSize );
|
|
|
|
//
|
|
// StreamOverwrite should be StreamChange
|
|
//
|
|
|
|
if (EntryType == SrEventStreamOverwrite)
|
|
{
|
|
EntryType = SrEventStreamChange;
|
|
}
|
|
|
|
((PSR_LOG_ENTRY) pBuffer)->MagicNum = SR_LOG_MAGIC_NUMBER;
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryType = EntryType;
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags = EntryFlags;
|
|
((PSR_LOG_ENTRY) pBuffer)->Attributes = Attributes;
|
|
((PSR_LOG_ENTRY) pBuffer)->SequenceNum = SequenceNum;
|
|
|
|
Size = FIELD_OFFSET( SR_LOG_ENTRY, SubRecords );
|
|
|
|
//
|
|
// add first filename string
|
|
//
|
|
|
|
pLoc = pBuffer + Size;
|
|
RecordSize = STRING_RECORD_SIZE( &Path1Fix );
|
|
|
|
SrPackString( pLoc,
|
|
RecordSize,
|
|
RecordTypeFirstPath,
|
|
&Path1Fix );
|
|
|
|
Size += RecordSize;
|
|
|
|
//
|
|
// add temp filename if passed
|
|
//
|
|
|
|
if( pTempPath )
|
|
{
|
|
pLoc = pBuffer + Size;
|
|
RecordSize = STRING_RECORD_SIZE( &TempPathFix );
|
|
|
|
SrPackString( pLoc,
|
|
RecordSize,
|
|
RecordTypeTempPath,
|
|
&TempPathFix );
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_TEMPPATH;
|
|
|
|
Size += RecordSize;
|
|
}
|
|
|
|
//
|
|
// add second filename string if passed in
|
|
//
|
|
|
|
if( pPath2 )
|
|
{
|
|
pLoc = pBuffer + Size;
|
|
RecordSize = STRING_RECORD_SIZE( &Path2Fix );
|
|
|
|
SrPackString( pLoc,
|
|
RecordSize,
|
|
RecordTypeSecondPath,
|
|
&Path2Fix );
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_SECONDPATH;
|
|
|
|
Size += RecordSize;
|
|
}
|
|
|
|
|
|
//
|
|
// Pack and add the Acl information appropriately
|
|
//
|
|
|
|
if( pAclInfo )
|
|
{
|
|
pLoc = pBuffer + Size;
|
|
|
|
Status = SrPackAclInformation( pLoc,
|
|
pAclInfo,
|
|
AclInfoSize,
|
|
pExtension,
|
|
bAclInline );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
goto SrPackLogEntry_Exit;
|
|
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_ACLINFO;
|
|
|
|
if (bAclInline)
|
|
{
|
|
Size += SR_INLINE_ACL_SIZE( AclInfoSize );
|
|
}
|
|
else
|
|
{
|
|
Size += SR_FILE_ACL_SIZE( pVolumeName );
|
|
}
|
|
}
|
|
|
|
//
|
|
// Pack debug info if passed in
|
|
//
|
|
|
|
if (pDebugBlob)
|
|
{
|
|
pLoc = pBuffer + Size;
|
|
|
|
RtlCopyMemory( pLoc,
|
|
pDebugInfo,
|
|
pDebugInfo->Header.RecordSize );
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_DEBUGINFO;
|
|
|
|
Size += pDebugInfo->Header.RecordSize;
|
|
}
|
|
|
|
//
|
|
// pack and add the short name, if supplied
|
|
//
|
|
|
|
if (pShortName != NULL && pShortName->Length > 0)
|
|
{
|
|
pLoc = pBuffer + Size;
|
|
RecordSize = STRING_RECORD_SIZE( pShortName );
|
|
|
|
SrPackString( pLoc,
|
|
RecordSize,
|
|
RecordTypeShortName,
|
|
pShortName );
|
|
((PSR_LOG_ENTRY) pBuffer)->EntryFlags |= ENTRYFLAGS_SHORTNAME;
|
|
|
|
Size += RecordSize;
|
|
}
|
|
|
|
//
|
|
// increment the size to accomodate the entry size at the end
|
|
//
|
|
|
|
Size += sizeof(DWORD);
|
|
|
|
//
|
|
// fill in the header fields : record size, record type and
|
|
// update the size at the end
|
|
//
|
|
|
|
((PSR_LOG_ENTRY) pBuffer)->Header.RecordSize = Size;
|
|
((PSR_LOG_ENTRY) pBuffer)->Header.RecordType = RecordTypeLogEntry;
|
|
|
|
UPDATE_END_SIZE( pBuffer, Size );
|
|
|
|
*ppLogEntry = (PSR_LOG_ENTRY) pBuffer;
|
|
Status = STATUS_SUCCESS;
|
|
|
|
SrPackLogEntry_Exit:
|
|
|
|
RETURN(Status);
|
|
} // SrPackLogEntry
|
|
|
|
//++
|
|
// Function:
|
|
// SrPackLogHeader
|
|
//
|
|
// Description:
|
|
// This function creates a proper SR_LOG_HEADER entry. It allocates
|
|
// the LogEntry structure so that it is big enough to store this header.
|
|
//
|
|
// Note: The caller is responsible for freeing the SR_LOG_ENTRY allocated.
|
|
//
|
|
// Arguments:
|
|
// ppLogHeader - Pointer to the PSR_LOG_HEADER that get set to the
|
|
// allocated log header address.
|
|
// pVolumePath - The volume path for this volume.
|
|
//
|
|
// Return Value:
|
|
// Returns STATUS_INSUFFICIENT_RESOURCES if the SR_LOG_ENTRY cannot
|
|
// be allocated. Otherwise, it returns STATUS_SUCCESS.
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrPackLogHeader(
|
|
IN PSR_LOG_HEADER *ppLogHeader,
|
|
IN PUNICODE_STRING pVolumePath
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
DWORD RequiredSize = 0;
|
|
DWORD SubRecordSize = 0;
|
|
DWORD Size = 0;
|
|
PBYTE pLoc = NULL;
|
|
PBYTE pBuffer = NULL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( ppLogHeader != NULL );
|
|
ASSERT( pVolumePath != NULL );
|
|
|
|
// ====================================================================
|
|
//
|
|
// First, figure out how much of the buffer we need to use.
|
|
//
|
|
// ====================================================================
|
|
|
|
RequiredSize = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
|
|
|
|
// Count the volume path.
|
|
RequiredSize += ( STRING_RECORD_SIZE(pVolumePath) );
|
|
|
|
// Increment the size to accomodate the LogHeader size at the end
|
|
RequiredSize += sizeof(DWORD);
|
|
|
|
// ====================================================================
|
|
//
|
|
// Second, make sure that the buffer passed in is large enough for
|
|
// the LogHeader.
|
|
//
|
|
// ====================================================================
|
|
|
|
Size = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
|
|
|
|
pBuffer = SrAllocateLogEntry( RequiredSize );
|
|
|
|
if (pBuffer == NULL)
|
|
{
|
|
//
|
|
// Not enough memory to pack the entry
|
|
//
|
|
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto SrPackLogHeader_Exit;
|
|
}
|
|
|
|
//
|
|
// Initialize the static part of SR_LOG_HEADER
|
|
//
|
|
|
|
RtlZeroMemory( pBuffer, RequiredSize );
|
|
|
|
((PSR_LOG_HEADER) pBuffer)->MagicNum = SR_LOG_MAGIC_NUMBER ;
|
|
((PSR_LOG_HEADER) pBuffer)->LogVersion = SR_LOG_VERSION ;
|
|
|
|
// ====================================================================
|
|
//
|
|
// Finally, the buffer is large enough for the LogHeader, so fill
|
|
// the buffer with the header.
|
|
//
|
|
// ====================================================================
|
|
|
|
Size = FIELD_OFFSET(SR_LOG_HEADER, SubRecords);
|
|
|
|
//
|
|
// Add the volume prefix
|
|
//
|
|
|
|
pLoc = (PBYTE)(&((PSR_LOG_HEADER)pBuffer)->SubRecords);
|
|
SubRecordSize = STRING_RECORD_SIZE( pVolumePath );
|
|
|
|
SrPackString( pLoc,
|
|
SubRecordSize,
|
|
RecordTypeVolumePath,
|
|
pVolumePath );
|
|
Size += SubRecordSize;
|
|
|
|
//
|
|
// Increment the size to accomodate the LogHeader size at the end
|
|
//
|
|
|
|
Size += sizeof(DWORD);
|
|
|
|
//
|
|
// Fill in the header fields : record size, record type and
|
|
// update the size at the end
|
|
//
|
|
|
|
ASSERT( RequiredSize == Size );
|
|
|
|
((PSR_LOG_HEADER) pBuffer)->Header.RecordSize = Size;
|
|
((PSR_LOG_HEADER) pBuffer)->Header.RecordType = RecordTypeLogHeader;
|
|
|
|
UPDATE_END_SIZE( pBuffer, Size );
|
|
|
|
*ppLogHeader = (PSR_LOG_HEADER) pBuffer;
|
|
Status = STATUS_SUCCESS;
|
|
|
|
SrPackLogHeader_Exit:
|
|
|
|
RETURN( Status );
|
|
} // SrPackLogHeader
|
|
|
|
//++
|
|
// Function:
|
|
// SrPackDebugInfo
|
|
//
|
|
// Description:
|
|
// This function creates a properly formatted debug info from
|
|
// the supplied data. if NULL is passed instead of the buffer
|
|
// then the API returns the size required to pack the entry.
|
|
//
|
|
// Arguments:
|
|
// Pointer to log entry buffer
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrPackDebugInfo(
|
|
IN PBYTE pBuffer,
|
|
IN DWORD BufferSize
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
DWORD Size = 0;
|
|
PCHAR pStr;
|
|
PEPROCESS peProcess;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( pBuffer != NULL );
|
|
|
|
Size = sizeof(SR_LOG_DEBUG_INFO);
|
|
|
|
if (BufferSize < Size)
|
|
{
|
|
//
|
|
// Not enough memory to pack the entry
|
|
//
|
|
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto SrPackDebugInfo_Exit;
|
|
}
|
|
|
|
//
|
|
// fill in the header fields : record size, record type
|
|
//
|
|
|
|
((PSR_LOG_DEBUG_INFO)pBuffer)->Header.RecordSize = Size;
|
|
((PSR_LOG_DEBUG_INFO)pBuffer)->Header.RecordType =
|
|
RecordTypeDebugInfo;
|
|
|
|
((PSR_LOG_DEBUG_INFO)pBuffer)->ThreadId = PsGetCurrentThreadId() ;
|
|
((PSR_LOG_DEBUG_INFO)pBuffer)->ProcessId = PsGetCurrentProcessId();
|
|
|
|
pStr = ((PSR_LOG_DEBUG_INFO)pBuffer)->ProcessName;
|
|
|
|
*pStr = 0;
|
|
|
|
peProcess = PsGetCurrentProcess();
|
|
|
|
RtlCopyMemory( pStr,
|
|
((PBYTE)peProcess) + global->ProcNameOffset,
|
|
PROCESS_NAME_MAX );
|
|
|
|
pStr[ PROCESS_NAME_MAX ] = 0;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
SrPackDebugInfo_Exit:
|
|
|
|
RETURN(Status);
|
|
} // SrPackDebugInfo
|
|
|
|
//++
|
|
// Function:
|
|
// SrPackAclInformation
|
|
//
|
|
// Description:
|
|
// This function creates a properly formatted Acl record from
|
|
// the supplied data.
|
|
//
|
|
// Arguments:
|
|
// Pointer to log entry buffer
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrPackAclInformation(
|
|
IN PBYTE pBuffer,
|
|
IN PSECURITY_DESCRIPTOR pSecInfo,
|
|
IN ULONG SecInfoSize,
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN BOOLEAN bInline
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
PRECORD_HEADER pHeader = (PRECORD_HEADER)pBuffer;
|
|
PUNICODE_STRING pAclFileName = NULL;
|
|
HANDLE AclFileHandle = NULL;
|
|
PUNICODE_STRING pVolumeName;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( pExtension != NULL );
|
|
|
|
pVolumeName = pExtension->pNtVolumeName;
|
|
ASSERT( pVolumeName != NULL );
|
|
|
|
try
|
|
{
|
|
ASSERT( pBuffer != NULL );
|
|
ASSERT( pSecInfo != NULL );
|
|
ASSERT( SecInfoSize != 0 );
|
|
|
|
//
|
|
// CODEWORK: Convert ACL to Self contained form ??
|
|
//
|
|
|
|
if (bInline)
|
|
{
|
|
//
|
|
// Just format and put the contents into the buffer
|
|
//
|
|
|
|
pHeader->RecordSize = sizeof( RECORD_HEADER ) +
|
|
SecInfoSize;
|
|
|
|
pHeader->RecordType = RecordTypeAclInline;
|
|
|
|
RtlCopyMemory( pBuffer + sizeof(RECORD_HEADER),
|
|
pSecInfo,
|
|
SecInfoSize );
|
|
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
else
|
|
{
|
|
SR_OPEN_CONTEXT OpenContext;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
|
|
//
|
|
// Write the contents out to a temp file and create a
|
|
// AclFile record.
|
|
//
|
|
|
|
Status = SrAllocateFileNameBuffer( SR_MAX_FILENAME_LENGTH,
|
|
&pAclFileName );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
Status = SrGetAclFileName( pVolumeName,
|
|
SR_FILENAME_BUFFER_LENGTH,
|
|
pAclFileName );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
//
|
|
// Open Acl file and write the security info in that file
|
|
//
|
|
OpenContext.pPath = pAclFileName;
|
|
OpenContext.Handle = NULL;
|
|
OpenContext.DesiredAccess = FILE_GENERIC_WRITE | SYNCHRONIZE;
|
|
OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL;
|
|
OpenContext.ShareAccess = 0;
|
|
OpenContext.CreateDisposition = FILE_OVERWRITE_IF; // OPEN always
|
|
OpenContext.CreateOptions = /*FILE_NO_INTERMEDIATE_BUFFERING |*/
|
|
FILE_WRITE_THROUGH |
|
|
FILE_SYNCHRONOUS_IO_NONALERT;
|
|
OpenContext.pExtension = pExtension;
|
|
|
|
Status = SrPostSyncOperation(SrCreateFile,
|
|
&OpenContext);
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
LARGE_INTEGER Offset;
|
|
|
|
ASSERT(OpenContext.Handle != NULL);
|
|
|
|
AclFileHandle = OpenContext.Handle;
|
|
|
|
Offset.QuadPart = 0;
|
|
|
|
Status = ZwWriteFile( AclFileHandle,
|
|
NULL, // Event
|
|
NULL, // ApcRoutine
|
|
NULL, // ApcContext
|
|
&IoStatusBlock,
|
|
pSecInfo,
|
|
SecInfoSize,
|
|
&Offset, // ByteOffset
|
|
NULL ); // Key
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// Create AclFile type entry
|
|
//
|
|
|
|
SrPackString( pBuffer,
|
|
STRING_RECORD_SIZE( pAclFileName ),
|
|
RecordTypeAclFile,
|
|
pAclFileName );
|
|
}
|
|
} else {
|
|
ASSERT(OpenContext.Handle == NULL);
|
|
}
|
|
}
|
|
}
|
|
finally
|
|
{
|
|
if (pAclFileName != NULL)
|
|
{
|
|
SrFreeFileNameBuffer( pAclFileName );
|
|
pAclFileName = NULL;
|
|
}
|
|
|
|
if (AclFileHandle != NULL)
|
|
{
|
|
ZwClose(AclFileHandle);
|
|
AclFileHandle = NULL;
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrPackAclInformation
|
|
|
|
|
|
|
|
|
|
/////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Logger Routines : Manipulate Logger object
|
|
//
|
|
/////////////////////////////////////////////////////////////////////
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerStart
|
|
//
|
|
// Description:
|
|
// This function initializes the logger and enables the flushing
|
|
// routines.
|
|
//
|
|
// Arguments:
|
|
// PDEVICE_OBJECT pDeviceObject
|
|
// PSR_LOGGER_CONTEXT * pLogger
|
|
//
|
|
// Return Value:
|
|
// STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLoggerStart(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
OUT PSR_LOGGER_CONTEXT * ppLogger
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
PSR_LOGGER_CONTEXT pInitInfo = NULL;
|
|
PIO_WORKITEM pWorkItem = NULL;
|
|
|
|
UNREFERENCED_PARAMETER( pDeviceObject );
|
|
|
|
ASSERT(IS_VALID_DEVICE_OBJECT(pDeviceObject));
|
|
ASSERT(ppLogger != NULL);
|
|
|
|
PAGED_CODE();
|
|
|
|
try
|
|
{
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
*ppLogger = NULL;
|
|
|
|
//
|
|
// Allocate Logging Init info from NonPagedPool
|
|
//
|
|
|
|
pInitInfo = SR_ALLOCATE_STRUCT( NonPagedPool,
|
|
SR_LOGGER_CONTEXT,
|
|
SR_LOGGER_CONTEXT_TAG );
|
|
|
|
if (pInitInfo == NULL)
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
RtlZeroMemory( pInitInfo, sizeof( SR_LOGGER_CONTEXT ) );
|
|
|
|
pInitInfo->Signature = SR_LOGGER_CONTEXT_TAG;
|
|
pInitInfo->ActiveContexts = 0;
|
|
|
|
#ifdef USE_LOOKASIDE
|
|
|
|
//
|
|
// Initialize Lookaside list used in logging module
|
|
//
|
|
|
|
ExInitializeNPagedLookasideList( &pInitInfo->LogBufferLookaside,
|
|
NULL,
|
|
NULL,
|
|
0,
|
|
_globals.LogBufferSize,
|
|
SR_LOG_BUFFER_TAG,
|
|
0 );
|
|
|
|
#endif
|
|
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
|
|
//
|
|
// Allocate work item for the DPC
|
|
//
|
|
pWorkItem = IoAllocateWorkItem(global->pControlDevice);
|
|
if (pWorkItem == NULL) {
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Initialize Dpc and timer object
|
|
//
|
|
|
|
KeInitializeTimer( &pInitInfo->Timer );
|
|
|
|
KeInitializeDpc ( &pInitInfo->Dpc,
|
|
SrLoggerFlushDpc,
|
|
pWorkItem );
|
|
|
|
//
|
|
// Start the timer for log flushing
|
|
//
|
|
|
|
KeSetTimer( &pInitInfo->Timer,
|
|
global->LogFlushDueTime,
|
|
&pInitInfo->Dpc );
|
|
|
|
#endif
|
|
|
|
*ppLogger = pInitInfo;
|
|
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLoggerStart, Status);
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
if (pInitInfo != NULL) {
|
|
SrLoggerStop( pInitInfo );
|
|
}
|
|
*ppLogger = pInitInfo = NULL;
|
|
if (pWorkItem != NULL) {
|
|
IoFreeWorkItem(pWorkItem);
|
|
}
|
|
pWorkItem = NULL;
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLoggerStart
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerStop
|
|
//
|
|
// Description:
|
|
// This function stops the logger and frees the related resources
|
|
//
|
|
// Arguments:
|
|
// LoggerInfo pointer
|
|
//
|
|
// Return Value:
|
|
// STATUS_XXX
|
|
//--
|
|
//++
|
|
|
|
NTSTATUS
|
|
SrLoggerStop(
|
|
IN PSR_LOGGER_CONTEXT pLogger
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
|
|
|
|
try {
|
|
|
|
//
|
|
// Stop the timer routines
|
|
//
|
|
|
|
KeCancelTimer( &pLogger->Timer );
|
|
|
|
//
|
|
// Active log contexts must be zero other wise we are leaking
|
|
//
|
|
|
|
ASSERT( pLogger->ActiveContexts == 0 );
|
|
|
|
#ifdef USE_LOOKASIDE
|
|
|
|
//
|
|
// Free the lookaside lists
|
|
//
|
|
|
|
if (IS_LOOKASIDE_INITIALIZED(&pLogger->LogEntryLookaside))
|
|
{
|
|
ExDeletePagedLookasideList(
|
|
&pLogger->LogEntryLookaside);
|
|
}
|
|
|
|
if (IS_LOOKASIDE_INITIALIZED(&pLogger->LogBufferLookaside))
|
|
{
|
|
ExDeleteNPagedLookasideList(
|
|
&pLogger->LogBufferLookaside);
|
|
}
|
|
|
|
#endif
|
|
|
|
SR_FREE_POOL_WITH_SIG( pLogger, SR_LOGGER_CONTEXT_TAG );
|
|
|
|
Status = STATUS_SUCCESS;
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLoggerStop, Status);
|
|
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLoggerStop
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerFlushDpc
|
|
//
|
|
// Description:
|
|
// This function is a DPC called to flush the log buffers. This will
|
|
// queue a workitem to flush the buffers. This should not be paged.
|
|
//
|
|
// Arguments:
|
|
// IN PKDPC Dpc
|
|
// IN PVOID DeferredContext
|
|
// IN PVOID SystemArgument1
|
|
// IN PVOID SystemArgument2
|
|
//
|
|
// Return Value:
|
|
// None
|
|
//--
|
|
|
|
VOID
|
|
SrLoggerFlushDpc(
|
|
IN PKDPC Dpc,
|
|
IN PVOID DeferredContext,
|
|
IN PVOID SystemArgument1,
|
|
IN PVOID SystemArgument2
|
|
)
|
|
{
|
|
PIO_WORKITEM pSrWorkItem;
|
|
|
|
UNREFERENCED_PARAMETER( Dpc );
|
|
UNREFERENCED_PARAMETER( SystemArgument1 );
|
|
UNREFERENCED_PARAMETER( SystemArgument2 );
|
|
|
|
SrTrace( LOG, ("SR!SrLoggerFlushDpc Called...\n"));
|
|
|
|
pSrWorkItem = (PIO_WORKITEM) DeferredContext;
|
|
|
|
ASSERT(pSrWorkItem != NULL);
|
|
|
|
IoQueueWorkItem( pSrWorkItem,
|
|
SrLoggerFlushWorkItem,
|
|
DelayedWorkQueue,
|
|
pSrWorkItem );
|
|
|
|
} // SrLoggerFlushDpc
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerFlushWorkItem
|
|
//
|
|
// Description:
|
|
// This Workitem queued by DPC will actually flush the log buffers.
|
|
//
|
|
// Arguments:
|
|
// IN PDEVICE_OBJECT DeviceObject
|
|
// IN PVOID Context
|
|
//
|
|
// Return Value:
|
|
// None
|
|
//--
|
|
|
|
VOID
|
|
SrLoggerFlushWorkItem (
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PVOID Context
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
PLIST_ENTRY pListEntry;
|
|
|
|
PSR_DEVICE_EXTENSION pExtension;
|
|
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER(DeviceObject);
|
|
UNREFERENCED_PARAMETER(Context);
|
|
|
|
SrTrace(LOG, ("sr!SrLoggerFlushWorkItem: enter\n"));
|
|
|
|
try {
|
|
|
|
//
|
|
// Grab the DeviceExtensionListLock as we are about to
|
|
// iterate through this list. Since we are only going to be
|
|
// reading this list, we can get this lock shared.
|
|
//
|
|
|
|
SrAcquireDeviceExtensionListLockShared();
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
#if DBG
|
|
//
|
|
// sleep for twice the DPC interval to prove that 2 DPC's
|
|
// are not coming in at the same time
|
|
//
|
|
|
|
if (global->DebugControl & SR_DEBUG_DELAY_DPC)
|
|
{
|
|
LARGE_INTEGER Interval;
|
|
|
|
Interval.QuadPart = -1 * (10 * NANO_FULL_SECOND);
|
|
KeDelayExecutionThread(KernelMode, TRUE, &Interval);
|
|
}
|
|
#endif
|
|
|
|
ASSERT( global->pLogger != NULL );
|
|
|
|
//
|
|
// loop over all volumes flushing data to the disk.
|
|
//
|
|
|
|
|
|
for (pListEntry = global->DeviceExtensionListHead.Flink;
|
|
pListEntry != &global->DeviceExtensionListHead;
|
|
pListEntry = pListEntry->Flink)
|
|
{
|
|
pExtension = CONTAINING_RECORD( pListEntry,
|
|
SR_DEVICE_EXTENSION,
|
|
ListEntry );
|
|
|
|
ASSERT(IS_VALID_SR_DEVICE_EXTENSION(pExtension));
|
|
|
|
//
|
|
// Do a quick unsafe check to see if we have started logging this
|
|
// volume yet. If it appears we haven't, just continue onto the
|
|
// next entry in the list. If logging is just about to begin,
|
|
// we catch it on the next firing of this timer.
|
|
//
|
|
|
|
if (pExtension->pLogContext == NULL) {
|
|
|
|
continue;
|
|
}
|
|
|
|
//
|
|
// It looks like we have started to log, so get the necessary
|
|
// locks and do our work to flush the volume.
|
|
//
|
|
|
|
try {
|
|
|
|
SrAcquireActivityLockExclusive( pExtension );
|
|
|
|
if (pExtension->pLogContext != NULL)
|
|
{
|
|
//
|
|
// yes, flush for this volume
|
|
//
|
|
|
|
Status = SrLogFlush( pExtension->pLogContext );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
//
|
|
// Disable volume
|
|
//
|
|
|
|
Status = SrNotifyVolumeError( pExtension,
|
|
pExtension->pLogContext->pLogFilePath,
|
|
Status,
|
|
SrEventVolumeError );
|
|
//
|
|
// Stop Logging
|
|
//
|
|
|
|
SrLogStop( pExtension, TRUE );
|
|
}
|
|
}
|
|
} finally {
|
|
|
|
SrReleaseActivityLock( pExtension );
|
|
}
|
|
}
|
|
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLoggerFlushWorkItem, Status);
|
|
|
|
//
|
|
// fire the timer again, do this with the global lock
|
|
// held so that it can be cancelled in SrLoggerStop.
|
|
//
|
|
|
|
//
|
|
// The DPC is going to reuse the work item
|
|
//
|
|
KeSetTimer( &global->pLogger->Timer,
|
|
global->LogFlushDueTime,
|
|
&global->pLogger->Dpc );
|
|
|
|
SrReleaseDeviceExtensionListLock();
|
|
}
|
|
|
|
SrTrace(LOG, ("sr!SrLoggerFlushWorkItem: exit\n"));
|
|
|
|
} // SrLoggerFlushWorkItem
|
|
|
|
#endif
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerAddLogContext
|
|
//
|
|
// Description:
|
|
// This function adds a given Log Context to the logger
|
|
//
|
|
// Arguments:
|
|
// pointer to LoggerInfo
|
|
// pointer to LogContext
|
|
//
|
|
// Return Value:
|
|
// STATUS_XXX
|
|
//--
|
|
|
|
VOID
|
|
SrLoggerAddLogContext(
|
|
IN PSR_LOGGER_CONTEXT pLogger,
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER( pLogContext );
|
|
ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
|
|
InterlockedIncrement(&pLogger->ActiveContexts);
|
|
|
|
} // SrLoggerAddLogContext
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerRemoveLogContext
|
|
//
|
|
// Description:
|
|
// This Workitem queued by DPC will actually flush the log buffers.
|
|
//
|
|
// Arguments:
|
|
// pointer to LoggerInfo
|
|
// pointer to LogContext
|
|
//
|
|
// Return Value:
|
|
// STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLoggerRemoveLogContext(
|
|
IN PSR_LOGGER_CONTEXT pLogger,
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER( pLogContext );
|
|
ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
InterlockedDecrement(&pLogger->ActiveContexts);
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLoggerRemoveLogContext
|
|
|
|
|
|
//++
|
|
// Function:
|
|
// SrLoggerSwitchLogs
|
|
//
|
|
// Description:
|
|
// This function loops thru the log contexts and switches all the
|
|
// log contexts
|
|
//
|
|
// Arguments:
|
|
// pointer to LoggerInfo
|
|
//
|
|
// Return Value:
|
|
// STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLoggerSwitchLogs(
|
|
IN PSR_LOGGER_CONTEXT pLogger
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
PLIST_ENTRY pListEntry;
|
|
PSR_DEVICE_EXTENSION pExtension;
|
|
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER( pLogger );
|
|
ASSERT(IS_VALID_LOGGER_CONTEXT(pLogger));
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
try {
|
|
|
|
SrAcquireDeviceExtensionListLockShared();
|
|
|
|
//
|
|
// loop over all volumes switching their logs
|
|
//
|
|
|
|
for (pListEntry = _globals.DeviceExtensionListHead.Flink;
|
|
pListEntry != &_globals.DeviceExtensionListHead;
|
|
pListEntry = pListEntry->Flink)
|
|
{
|
|
pExtension = CONTAINING_RECORD( pListEntry,
|
|
SR_DEVICE_EXTENSION,
|
|
ListEntry );
|
|
|
|
ASSERT(IS_VALID_SR_DEVICE_EXTENSION(pExtension));
|
|
|
|
//
|
|
// We only have to do work if this is a volume device object,
|
|
// not if this is a device object that is attached to a file
|
|
// system's control device object.
|
|
//
|
|
|
|
if (FlagOn( pExtension->FsType, SrFsControlDeviceObject ))
|
|
{
|
|
continue;
|
|
}
|
|
|
|
try {
|
|
|
|
SrAcquireActivityLockExclusive( pExtension );
|
|
|
|
//
|
|
// have we started logging on this volume?
|
|
//
|
|
|
|
if (pExtension->pLogContext != NULL)
|
|
{
|
|
//
|
|
// yes, switch for this volume
|
|
//
|
|
|
|
Status = SrLogSwitch(pExtension->pLogContext);
|
|
}
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
//
|
|
// Disable volume
|
|
//
|
|
|
|
Status = SrNotifyVolumeError( pExtension,
|
|
NULL,
|
|
Status,
|
|
SrEventVolumeError );
|
|
|
|
if (pExtension->pLogContext != NULL)
|
|
{
|
|
//
|
|
// Stop Logging
|
|
//
|
|
|
|
SrLogStop( pExtension, TRUE );
|
|
}
|
|
}
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLoggerSwitchLogs, Status);
|
|
SrReleaseActivityLock( pExtension );
|
|
}
|
|
|
|
}
|
|
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLoggerSwitchLogs, Status);
|
|
SrReleaseDeviceExtensionListLock();
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLoggerSwitchLogs
|
|
|
|
|
|
/////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Log Routines : Manipulate individual Logs
|
|
//
|
|
/////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
//++
|
|
// Function:
|
|
// SrCreateFile
|
|
//
|
|
// Description:
|
|
// This function just does a create on file, no sync needed
|
|
// written so that it can be called in a separate thread to avoid
|
|
// stack overflows via SrIoCreateFile
|
|
//
|
|
// Arguments:
|
|
//
|
|
// pOpenContext - pointer to the open context
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrCreateFile(
|
|
IN PSR_OPEN_CONTEXT pOpenContext
|
|
)
|
|
{
|
|
|
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
NTSTATUS Status;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pOpenContext != NULL);
|
|
ASSERT(pOpenContext->pPath != NULL);
|
|
|
|
SrTrace(LOG, ("Opening file %wZ", pOpenContext->pPath));
|
|
|
|
InitializeObjectAttributes( &ObjectAttributes,
|
|
pOpenContext->pPath,
|
|
OBJ_KERNEL_HANDLE,
|
|
NULL,
|
|
NULL );
|
|
|
|
ASSERT( pOpenContext->pExtension != NULL );
|
|
|
|
Status = SrIoCreateFile(
|
|
&pOpenContext->Handle,
|
|
pOpenContext->DesiredAccess,
|
|
&ObjectAttributes,
|
|
&IoStatusBlock,
|
|
NULL, // AllocationSize
|
|
pOpenContext->FileAttributes,
|
|
pOpenContext->ShareAccess,
|
|
pOpenContext->CreateDisposition,
|
|
pOpenContext->CreateOptions,
|
|
NULL, // EaBuffer
|
|
0, // EaLength
|
|
0,
|
|
pOpenContext->pExtension->pTargetDevice );
|
|
|
|
return Status;
|
|
}
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogOpen
|
|
//
|
|
// Description:
|
|
// This function creates a log file, no sync needed as it is always
|
|
// called internally
|
|
//
|
|
// Arguments:
|
|
// Pointer to open context
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogOpen(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
PSR_LOG_HEADER pLogHeader = NULL;
|
|
SR_OPEN_CONTEXT OpenContext;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
ASSERT(pLogContext->pLogFilePath != NULL );
|
|
ASSERT(pLogContext->LogHandle == NULL );
|
|
ASSERT(pLogContext->pLogFileObject == NULL);
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
|
|
|
|
try
|
|
{
|
|
SrTrace(FUNC_ENTRY, ("SR!SrLogOpen\n"));
|
|
|
|
//
|
|
// Initialize the open context with the file create parameters
|
|
//
|
|
OpenContext.pPath = pLogContext->pLogFilePath;;
|
|
OpenContext.Handle = NULL;
|
|
OpenContext.DesiredAccess = FILE_GENERIC_WRITE |
|
|
SYNCHRONIZE |
|
|
FILE_APPEND_DATA;
|
|
OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL;
|
|
OpenContext.ShareAccess = FILE_SHARE_READ;
|
|
OpenContext.CreateDisposition = FILE_OVERWRITE_IF; // OPEN always
|
|
OpenContext.CreateOptions = FILE_SYNCHRONOUS_IO_NONALERT;
|
|
OpenContext.pExtension = pLogContext->pExtension;
|
|
|
|
SrTrace(LOG, ("Opening Log in another thread %wZ", pLogContext->pLogFilePath));
|
|
|
|
Status = SrPostSyncOperation(SrCreateFile,
|
|
&OpenContext);
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
SrTrace(LOG, (" - Succeeded\n"));
|
|
|
|
ASSERT(OpenContext.Handle != NULL);
|
|
|
|
pLogContext->LogHandle = OpenContext.Handle;
|
|
|
|
//
|
|
// Also get the file object associated with this handle.
|
|
//
|
|
|
|
Status = ObReferenceObjectByHandle( pLogContext->LogHandle,
|
|
0,
|
|
*IoFileObjectType,
|
|
KernelMode,
|
|
(PVOID *) &(pLogContext->pLogFileObject),
|
|
NULL );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Initialize log context poperly for this log
|
|
//
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
RtlZeroMemory( pLogContext->pLogBuffer, _globals.LogBufferSize );
|
|
#endif
|
|
RESET_LOG_CONTEXT( pLogContext );
|
|
|
|
//
|
|
// Enable log context
|
|
//
|
|
|
|
SET_ENABLE_FLAG(pLogContext);
|
|
|
|
//
|
|
// CODEWORK:kmarok: need to decide if we want to preallocate
|
|
// the log file and do it here
|
|
//
|
|
|
|
//
|
|
// Write the log header as the first entry into
|
|
// the newly created log
|
|
//
|
|
|
|
Status = SrPackLogHeader( &pLogHeader,
|
|
pLogContext->pLogFilePath);
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
Status = SrLogWrite( NULL,
|
|
pLogContext,
|
|
(PSR_LOG_ENTRY)pLogHeader );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
//
|
|
// Clear dirty flag because we haven't actually written any
|
|
// data
|
|
//
|
|
|
|
CLEAR_DIRTY_FLAG(pLogContext);
|
|
}
|
|
else
|
|
{
|
|
SrTrace(LOG, (" - Failed (0x%X) \n", Status));
|
|
}
|
|
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLogOpen, Status);
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
//
|
|
// Since the open failed, disable the log
|
|
//
|
|
CLEAR_ENABLE_FLAG(pLogContext);
|
|
|
|
if (pLogContext->pLogFileObject != NULL)
|
|
{
|
|
ObDereferenceObject( pLogContext->pLogFileObject );
|
|
pLogContext->pLogFileObject = NULL;
|
|
}
|
|
|
|
if (pLogContext->LogHandle)
|
|
{
|
|
ZwClose( pLogContext->LogHandle );
|
|
pLogContext->LogHandle = NULL;
|
|
}
|
|
}
|
|
|
|
if (pLogHeader != NULL)
|
|
{
|
|
SrFreeLogEntry( pLogHeader );
|
|
NULLPTR( pLogHeader );
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLogOpen
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogClose
|
|
//
|
|
// Description:
|
|
// This function flushes the current log to disk if necessary then
|
|
// tries to rename the log to the normalized form (change.log.#).
|
|
// Finally it closes the handle to the log.
|
|
//
|
|
// Arguments:
|
|
// Pointer to Log Context
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogClose(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
NTSTATUS TempStatus = STATUS_SUCCESS;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
|
|
|
|
//
|
|
// Flush & Close the log file
|
|
//
|
|
|
|
if ( pLogContext->LogHandle )
|
|
{
|
|
#ifndef SYNC_LOG_WRITE
|
|
//
|
|
// We only need to force flush here if we are not doing synchronous
|
|
// log writes.
|
|
//
|
|
|
|
Status = SrLogFlush( pLogContext );
|
|
#endif
|
|
|
|
//
|
|
// Rename this log to the "change.log.#" for uniformity.
|
|
//
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
Status = SrLogCheckAndRename( pLogContext->pExtension,
|
|
pLogContext->pLogFilePath,
|
|
pLogContext->LogHandle );
|
|
}
|
|
|
|
//
|
|
// The close operation is only going to fail if the LogHandle
|
|
// is invalid. We need to close the handle even if we hit an
|
|
// error trying to flush the log, but it is the value returned from
|
|
// flushing the log that the caller really cares about, not the
|
|
// return value from closing the handle, so just store it in a
|
|
// temp variable and validate in checked builds.
|
|
//
|
|
|
|
ObDereferenceObject( pLogContext->pLogFileObject );
|
|
TempStatus = ZwClose( pLogContext->LogHandle );
|
|
CHECK_STATUS( TempStatus );
|
|
}
|
|
|
|
//
|
|
// modify the log context to indicate the log is closed
|
|
// donot clear the LogBuffer member ( reused )
|
|
//
|
|
|
|
pLogContext->LogHandle = NULL;
|
|
pLogContext->pLogFileObject = NULL;
|
|
RESET_LOG_CONTEXT(pLogContext);
|
|
|
|
RETURN( Status );
|
|
} // SrLogClose
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogCheckAndRename
|
|
//
|
|
// Description:
|
|
// This function checks and backsup a log file
|
|
//
|
|
// Arguments:
|
|
// pExtension - The SR_DEVICE_EXTENSION for this volume.
|
|
// pLogPath - The full path and file name to the change log.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogCheckAndRename(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PUNICODE_STRING pLogPath,
|
|
IN HANDLE ExistingLogHandle
|
|
)
|
|
{
|
|
INT i = 1;
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
HANDLE LogHandle = NULL;
|
|
UNICODE_STRING RenamedFile;
|
|
PFILE_RENAME_INFORMATION pRenameInformation = NULL;
|
|
ULONG CharCount;
|
|
ULONG RenameInformationLength;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
SR_OPEN_CONTEXT OpenContext;
|
|
ULONG changeLogBaseLength;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( pLogPath != NULL );
|
|
|
|
SrTrace(FUNC_ENTRY, ("SR!SrLogCheckAndRename\n"));
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension) );
|
|
|
|
try
|
|
{
|
|
//
|
|
// If we don't have a handle, use the pLogPath passed in to open
|
|
// the log file.
|
|
//
|
|
|
|
if (ExistingLogHandle == NULL) {
|
|
|
|
OpenContext.pPath = pLogPath;
|
|
OpenContext.Handle = NULL;
|
|
OpenContext.DesiredAccess = DELETE;
|
|
OpenContext.FileAttributes = FILE_ATTRIBUTE_NORMAL;
|
|
OpenContext.ShareAccess = 0;
|
|
OpenContext.CreateDisposition = FILE_OPEN;
|
|
OpenContext.CreateOptions = FILE_NO_INTERMEDIATE_BUFFERING
|
|
| FILE_SYNCHRONOUS_IO_NONALERT;
|
|
OpenContext.pExtension = pExtension;
|
|
|
|
Status = SrPostSyncOperation(SrCreateFile,
|
|
&OpenContext);
|
|
|
|
if (Status == STATUS_OBJECT_NAME_NOT_FOUND ||
|
|
!NT_SUCCESS( Status ))
|
|
{
|
|
ASSERT(OpenContext.Handle == NULL);
|
|
//
|
|
// we need to check for file not found status
|
|
//
|
|
if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
|
|
{
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// File exists so try to rename the file
|
|
//
|
|
LogHandle = OpenContext.Handle;
|
|
ASSERT(LogHandle != NULL);
|
|
|
|
} else {
|
|
|
|
//
|
|
// No need to open a new handle. We can just use the one
|
|
// we've got.
|
|
//
|
|
|
|
LogHandle = ExistingLogHandle;
|
|
}
|
|
|
|
ASSERT(LogHandle != NULL);
|
|
|
|
//
|
|
// RenamedFile will hold just the new name of the file, not the
|
|
// full path to the new file since we are just doing a rename into
|
|
// the same directory.
|
|
//
|
|
// RenamedFile will just point into the appropriate place of the
|
|
// pRenameInformation buffer where the file name should be kept and
|
|
// will only reflect the length of the static portion of the
|
|
// "change.log." portion of the new name.
|
|
// We will do the appropriate length manipulations so that the
|
|
// pRenameInformation will be correct, but we don't need to copy the
|
|
// file name into the buffer as we try each name.
|
|
//
|
|
|
|
changeLogBaseLength = wcslen( s_cszChangeLogPrefix ) * sizeof( WCHAR );
|
|
RenamedFile.MaximumLength = (USHORT)(changeLogBaseLength
|
|
+ MAX_ULONG_LENGTH // the "%d"
|
|
+ sizeof( WCHAR )); // a NULL
|
|
|
|
RenameInformationLength = sizeof(FILE_RENAME_INFORMATION) + RenamedFile.MaximumLength;
|
|
|
|
pRenameInformation = SR_ALLOCATE_POOL( PagedPool,
|
|
RenameInformationLength,
|
|
SR_RENAME_BUFFER_TAG );
|
|
|
|
if (pRenameInformation == NULL)
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
RenamedFile.Buffer = &pRenameInformation->FileName[0];
|
|
RenamedFile.Length = 0;
|
|
|
|
Status = RtlAppendUnicodeToString( &RenamedFile, s_cszChangeLogPrefix);
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Do this initialization of the rename information structure
|
|
// here since it only needs to be done once.
|
|
//
|
|
|
|
pRenameInformation->ReplaceIfExists = FALSE;
|
|
pRenameInformation->RootDirectory = NULL;
|
|
|
|
//
|
|
// Now loop trying to rename the file until we find an index that
|
|
// has not already been used.
|
|
//
|
|
|
|
while( 1 )
|
|
{
|
|
RtlZeroMemory(&IoStatusBlock, sizeof(IoStatusBlock));
|
|
|
|
//
|
|
// Construct possible backup filename by appending the backup
|
|
// suffix.
|
|
//
|
|
|
|
CharCount = swprintf( &RenamedFile.Buffer[ RenamedFile.Length/sizeof(WCHAR)],
|
|
L"%d",
|
|
i++ );
|
|
|
|
ASSERT( CharCount * sizeof( WCHAR ) <= MAX_ULONG_LENGTH );
|
|
ASSERT( RenamedFile.Length + (CharCount * sizeof( WCHAR )) <=
|
|
RenamedFile.MaximumLength);
|
|
|
|
//
|
|
// Now update the rename info struct filename length
|
|
//
|
|
|
|
pRenameInformation->FileNameLength = RenamedFile.Length +
|
|
(CharCount * sizeof( WCHAR ));
|
|
|
|
SrTrace( LOG,
|
|
("SR!SrLogCheckAndRename: renaming to %.*S\n",
|
|
pRenameInformation->FileNameLength/sizeof( WCHAR ),
|
|
&pRenameInformation->FileName[0] ));
|
|
|
|
Status = ZwSetInformationFile( LogHandle,
|
|
&IoStatusBlock,
|
|
pRenameInformation,
|
|
RenameInformationLength,
|
|
FileRenameInformation );
|
|
|
|
if ( NT_SUCCESS_NO_DBGBREAK( Status ) ||
|
|
(Status != STATUS_OBJECT_NAME_COLLISION) ||
|
|
(i > MAX_RENAME_TRIES) )
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
|
|
//
|
|
// To get DBG messages for unexpected errors in DEBUG builds...
|
|
//
|
|
|
|
CHECK_STATUS( Status );
|
|
|
|
}
|
|
finally
|
|
{
|
|
if ( ExistingLogHandle == NULL )
|
|
{
|
|
//
|
|
// If we have a NULL ExistingLogHandle then we opened this log handle
|
|
// and we are responsible for closing it. Otherwise, the caller
|
|
// who passed in the ExistingLogHandle will close the handle.
|
|
//
|
|
|
|
ZwClose(LogHandle);
|
|
}
|
|
|
|
if ( pRenameInformation != NULL )
|
|
{
|
|
SR_FREE_POOL(pRenameInformation, SR_RENAME_BUFFER_TAG);
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
} // SrLogCheckAndRename
|
|
|
|
|
|
//
|
|
// Public API implementation
|
|
//
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogStart
|
|
//
|
|
// Description:
|
|
// This function prepares the driver for Logging
|
|
// requests.
|
|
//
|
|
// Arguments:
|
|
// Pointer to Log Path
|
|
// Pointer to device extension
|
|
// Pointer to handle
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogStart(
|
|
IN PUNICODE_STRING pLogPath,
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
OUT PSR_LOG_CONTEXT * ppLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
PSR_LOG_CONTEXT pLogContext = NULL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pLogPath != NULL);
|
|
ASSERT(ppLogContext != NULL);
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ));
|
|
|
|
try
|
|
{
|
|
|
|
*ppLogContext = NULL;
|
|
|
|
//
|
|
// should we short circuit out of here for testing mode?
|
|
//
|
|
|
|
if (!SR_LOGGING_ENABLED( pExtension ) ||
|
|
_globals.DontBackup)
|
|
{
|
|
leave;
|
|
}
|
|
|
|
*ppLogContext = SR_ALLOCATE_STRUCT( PagedPool,
|
|
SR_LOG_CONTEXT,
|
|
SR_LOG_CONTEXT_TAG );
|
|
|
|
if ( *ppLogContext == NULL )
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
pLogContext = *ppLogContext;
|
|
|
|
RtlZeroMemory( pLogContext, sizeof(SR_LOG_CONTEXT) );
|
|
|
|
pLogContext->Signature = SR_LOG_CONTEXT_TAG;
|
|
pLogContext->pExtension = pExtension;
|
|
|
|
//
|
|
// grab a buffer to store the file name
|
|
//
|
|
|
|
Status = SrAllocateFileNameBuffer( pLogPath->Length,
|
|
&(pLogContext->pLogFilePath) );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
//
|
|
// Store our backpointer to the device extension
|
|
//
|
|
|
|
pLogContext->pExtension = pExtension;
|
|
|
|
//
|
|
// Save the filename in the context
|
|
//
|
|
|
|
RtlCopyMemory( pLogContext->pLogFilePath->Buffer,
|
|
pLogPath->Buffer,
|
|
pLogPath->Length );
|
|
|
|
pLogContext->pLogFilePath->Buffer
|
|
[pLogPath->Length/sizeof(WCHAR)] = UNICODE_NULL;
|
|
|
|
pLogContext->pLogFilePath->Length = pLogPath->Length;
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
|
|
//
|
|
// We only need a buffer to cache the log entries if we are doing
|
|
// asynchronous log writes.
|
|
//
|
|
|
|
pLogContext->pLogBuffer = SrAllocateLogBuffer( _globals.LogBufferSize );
|
|
|
|
if ( pLogContext->pLogBuffer == NULL )
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
#endif
|
|
|
|
//
|
|
// rename the old log file if one exists
|
|
//
|
|
|
|
Status = SrLogCheckAndRename( pExtension, pLogContext->pLogFilePath, NULL );
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
leave;
|
|
|
|
//
|
|
// try and open the log file
|
|
//
|
|
|
|
Status = SrLogOpen( pLogContext );
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// Add the context to the logger
|
|
//
|
|
//
|
|
SrLoggerAddLogContext( global->pLogger,
|
|
pLogContext );
|
|
}
|
|
//
|
|
// Important: We should not fail after calling SrLoggerAddContext above
|
|
// because the finally clause assumes that if there's a failure,
|
|
// SrLoggerAddContext was not called yet. If this changes, use a
|
|
// BOOLEAN to appropriately indicate if SrLoggerAddContext is already
|
|
// called and use that to condition the call in the finally clause.
|
|
//
|
|
}
|
|
finally
|
|
{
|
|
Status = FinallyUnwind(SrLogStart, Status);
|
|
|
|
//
|
|
// if we are unsuccessful for some reason then clean up
|
|
// the logging structs (if necessary) .
|
|
//
|
|
|
|
if ((!NT_SUCCESS( Status )) && (pLogContext != NULL))
|
|
{
|
|
//
|
|
// We assume as per note above that the context count is not
|
|
// incremented. Increment it now because SrLogStop will decrement it
|
|
//
|
|
|
|
SrLoggerAddLogContext(global->pLogger,
|
|
pLogContext);
|
|
|
|
//
|
|
// Stop the log
|
|
//
|
|
|
|
SrLogStop( pExtension, TRUE );
|
|
*ppLogContext = pLogContext = NULL;
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLogStart
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogStop
|
|
//
|
|
// Description:
|
|
// This function closes / frees any resources used
|
|
// SR logging
|
|
//
|
|
// Arguments:
|
|
// pExtension - The SR device extension on this volume which contains
|
|
// our logging information.
|
|
// PurgeContexts - TRUE if we should purge all our contexts at this time
|
|
// CheckLog - TRUE if we should try to check and rename the log at
|
|
// this time. Note that checking the log could cause the volume
|
|
// to be remounted at this time. Therefore, if we don't want
|
|
// that to happen (i.e., during shutdown), CheckLog should be
|
|
// FALSE.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogStop(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN BOOLEAN PurgeContexts
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
PSR_LOG_CONTEXT pLogContext = pExtension->pLogContext;
|
|
|
|
PAGED_CODE();
|
|
|
|
//
|
|
// context must have been intialized by calling SrLogStart
|
|
//
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
|
|
|
|
try
|
|
{
|
|
|
|
//
|
|
// If we are diabling the volume then free all of the contexts
|
|
//
|
|
|
|
if (PurgeContexts)
|
|
{
|
|
SrDeleteAllContexts( pExtension );
|
|
}
|
|
|
|
//
|
|
// Close the log handle
|
|
//
|
|
|
|
if ( pLogContext->LogHandle )
|
|
{
|
|
SrTrace( LOG, ("Stopped logging : %wZ\n",
|
|
pLogContext->pLogFilePath));
|
|
|
|
//
|
|
// This call will flush the log to disk if necessary,
|
|
// renaming of the log to its normalized form if
|
|
// possible, and close the log handle.
|
|
//
|
|
|
|
Status = SrLogClose( pLogContext );
|
|
CHECK_STATUS( Status );
|
|
}
|
|
|
|
//
|
|
// Remove the context from logger
|
|
//
|
|
|
|
SrLoggerRemoveLogContext( global->pLogger,
|
|
pLogContext );
|
|
|
|
//
|
|
// Free buffers
|
|
//
|
|
|
|
#ifdef SYNC_LOG_WRITE
|
|
//
|
|
// If we are doing synchronous log writes, we shouldn't have a
|
|
// buffer to free here.
|
|
//
|
|
|
|
ASSERT( pLogContext->pLogBuffer == NULL );
|
|
#else
|
|
//
|
|
// If we are doing asynchronous log writes, we need to free the buffer
|
|
// used to collect log entries.
|
|
//
|
|
|
|
if ( pLogContext->pLogBuffer )
|
|
{
|
|
SrFreeLogBuffer( pLogContext->pLogBuffer );
|
|
pLogContext->pLogBuffer = NULL;
|
|
}
|
|
#endif
|
|
|
|
if ( pLogContext->pLogFilePath )
|
|
{
|
|
SrFreeFileNameBuffer( pLogContext->pLogFilePath );
|
|
pLogContext->pLogFilePath = NULL;
|
|
}
|
|
|
|
SR_FREE_POOL_WITH_SIG(pLogContext, SR_LOG_CONTEXT_TAG);
|
|
|
|
//
|
|
// Set logging state in extension
|
|
//
|
|
|
|
pExtension->pLogContext = NULL;
|
|
pExtension->DriveChecked = FALSE;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
finally
|
|
{
|
|
Status = FinallyUnwind(SrLogStop, Status);
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLogStop
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogWrite
|
|
//
|
|
// Description:
|
|
// This function writes the entry into the log cache and
|
|
// flushes the cache in case the entry cannot fit in.
|
|
//
|
|
// Arguments:
|
|
// Pointer to Device object
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogWrite(
|
|
IN PSR_DEVICE_EXTENSION pOptionalExtension OPTIONAL,
|
|
IN PSR_LOG_CONTEXT pOptionalLogContext OPTIONAL,
|
|
IN PSR_LOG_ENTRY pLogEntry
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
PSR_LOG_CONTEXT pLogContext = NULL;
|
|
PSR_DEVICE_EXTENSION pExtension = NULL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pOptionalExtension == NULL || IS_VALID_SR_DEVICE_EXTENSION(pOptionalExtension));
|
|
ASSERT(pOptionalExtension != NULL || pOptionalLogContext != NULL);
|
|
ASSERT(pLogEntry != NULL);
|
|
|
|
if (pOptionalExtension != NULL)
|
|
{
|
|
//
|
|
// We need to ensure that the volume hasn't been disabled before
|
|
// we do anything.
|
|
//
|
|
|
|
if (pOptionalExtension->Disabled) {
|
|
|
|
Status = STATUS_SUCCESS;
|
|
goto SrLogWrite_Exit;
|
|
}
|
|
|
|
//
|
|
// we need to make sure our disk structures are good and logging
|
|
// has been started. it's possible we have been called simply to
|
|
// log and logging was stopped due to volume lock. we have to
|
|
// check with the global lock held.
|
|
//
|
|
|
|
Status = SrCheckVolume(pOptionalExtension, FALSE);
|
|
if (!NT_SUCCESS( Status ))
|
|
goto SrLogWrite_Exit;
|
|
|
|
pLogContext = pOptionalExtension->pLogContext;
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// use the free form context passed in (only SrLogOpen does this)
|
|
//
|
|
|
|
pLogContext = pOptionalLogContext;
|
|
}
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
if (pLogContext == NULL)
|
|
{
|
|
//
|
|
// this is unexpected, but need to protect against
|
|
//
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
CHECK_STATUS(Status);
|
|
goto SrLogWrite_Exit;
|
|
}
|
|
|
|
pExtension = pLogContext->pExtension;
|
|
ASSERT( pExtension != NULL );
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_SHARED( pExtension ) ||
|
|
IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) );
|
|
|
|
try {
|
|
|
|
SrAcquireLogLockExclusive( pExtension );
|
|
|
|
//
|
|
// Check to make sure the volume is still enabled.
|
|
//
|
|
|
|
if (!SR_LOGGING_ENABLED( pExtension ))
|
|
{
|
|
Status = STATUS_SUCCESS;
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// bail if logging is disabled for this context
|
|
//
|
|
|
|
if (!FlagOn(pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE))
|
|
{
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// check the log file, if it is greater than 1Mb switch the log
|
|
//
|
|
|
|
if ( (pLogContext->FileOffset +
|
|
pLogContext->BufferOffset +
|
|
pLogEntry->Header.RecordSize) > SR_MAX_LOG_FILE_SIZE )
|
|
{
|
|
Status = SrLogSwitch( pLogContext );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
leave;
|
|
}
|
|
}
|
|
|
|
#ifdef SYNC_LOG_WRITE
|
|
Status = SrpLogWriteSynchronous( pExtension,
|
|
pLogContext,
|
|
pLogEntry);
|
|
#else
|
|
Status = SrpLogWriteAsynchronous( pExtension,
|
|
pLogContext,
|
|
pLogEntry);
|
|
#endif
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrLogWrite, Status);
|
|
|
|
SrReleaseLogLock(pExtension);
|
|
}
|
|
|
|
SrLogWrite_Exit:
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLogWrite
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogWriteSynchronous
|
|
//
|
|
// Description:
|
|
//
|
|
// This function writes each log entry to the current change log
|
|
// and ensures the updated change log is flushed to disk before
|
|
// it returns.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// pExtension - The device extension for the volume whose change
|
|
// log is going to be updated.
|
|
// pLogContext - The log context that contains the information
|
|
// about which change log should updated.
|
|
// pLogEntry - The log entry to be written.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrpLogWriteSynchronous(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PSR_LOG_CONTEXT pLogContext,
|
|
IN PSR_LOG_ENTRY pLogEntry
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
|
|
PAGED_CODE();
|
|
|
|
UNREFERENCED_PARAMETER( pExtension );
|
|
|
|
ASSERT( IS_VALID_SR_DEVICE_EXTENSION( pExtension ) );
|
|
ASSERT( IS_VALID_LOG_CONTEXT( pLogContext ) );
|
|
ASSERT( pLogEntry != NULL );
|
|
|
|
ASSERT( IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) );
|
|
|
|
//
|
|
// In this mode, we are not buffering the log entries, so just point
|
|
// the pLogContext->pLogBuffer to the current pLogEntry so save the
|
|
// copy into the buffer.
|
|
//
|
|
|
|
ASSERT( pLogContext->pLogBuffer == NULL );
|
|
pLogContext->pLogBuffer = (PBYTE) pLogEntry;
|
|
pLogContext->BufferOffset = pLogEntry->Header.RecordSize;
|
|
|
|
SET_DIRTY_FLAG(pLogContext);
|
|
|
|
Status = SrLogFlush( pLogContext );
|
|
|
|
//
|
|
// Clear out the pLogBuffer reference to the pLogEntry whether or
|
|
// not the flush succeeded.
|
|
//
|
|
|
|
pLogContext->pLogBuffer = NULL;
|
|
|
|
RETURN(Status);
|
|
}
|
|
|
|
#ifndef SYNC_LOG_WRITE
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogWriteAsynchronous
|
|
//
|
|
// Description:
|
|
//
|
|
// This function buffers log writes then flushes the writes when the
|
|
// buffer is full.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// pExtension - The device extension for the volume whose change
|
|
// log is going to be updated.
|
|
// pLogContext - The log context that contains the information
|
|
// about which change log should updated.
|
|
// pLogEntry - The log entry to be written.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrpLogWriteAsynchronous(
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
IN PSR_LOG_CONTEXT pLogContext,
|
|
IN PSR_LOG_ENTRY pLogEntry
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT( IS_VALID_SR_DEVICE_EXTENSION( pExtension ) );
|
|
ASSERT( IS_VALID_LOG_CONTEXT( pLogContext ) );
|
|
ASSERT( pLogEntry != NULL );
|
|
|
|
ASSERT( IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pExtension ) );
|
|
|
|
//
|
|
// Check if the entry can fit into the current buffer, if not
|
|
// then adjust the last entry of the buffer and write it down
|
|
// to the disk
|
|
//
|
|
|
|
if ( (pLogContext->BufferOffset + pLogEntry->Header.RecordSize) >
|
|
_globals.LogBufferSize )
|
|
{
|
|
//
|
|
// check to make sure we have 50mb free, we are about to
|
|
// grow the file
|
|
//
|
|
|
|
Status = SrCheckFreeDiskSpace( pLogContext->LogHandle,
|
|
pExtension->pNtVolumeName );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
goto SrpLogWriteAsynchronous_Exit;
|
|
}
|
|
|
|
//
|
|
// set the dirty flag because we have updated the buffer
|
|
//
|
|
|
|
SET_DIRTY_FLAG(pLogContext);
|
|
|
|
Status = SrLogFlush( pLogContext );
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
goto SrpLogWriteAsynchronous_Exit;
|
|
}
|
|
|
|
//
|
|
// Check to make sure that the pLogEntry itself isn't bigger
|
|
// than the _globals.LogBufferSize.
|
|
//
|
|
|
|
if (pLogEntry->Header.RecordSize > _globals.LogBufferSize)
|
|
{
|
|
PBYTE pLogBuffer;
|
|
|
|
//
|
|
// The log was just successfully flushed, therefore there should
|
|
// be no data in the buffer yet.
|
|
//
|
|
|
|
ASSERT( pLogContext->BufferOffset == 0 );
|
|
|
|
//
|
|
// For synchronous writes, we don't expect there to be a log buffer
|
|
// in the context so we will save this off in a local and NULL
|
|
// this parameter in the pLogContext while we make this call.
|
|
//
|
|
|
|
pLogBuffer = pLogContext->pLogBuffer;
|
|
pLogContext->pLogBuffer = NULL;
|
|
|
|
Status = SrpLogWriteSynchronous( pExtension,
|
|
pLogContext,
|
|
pLogEntry );
|
|
|
|
//
|
|
// We ALWAYS need to restore this pointer in the pLogContext.
|
|
//
|
|
|
|
pLogContext->pLogBuffer = pLogBuffer;
|
|
|
|
CHECK_STATUS( Status );
|
|
|
|
//
|
|
// Whether we succeeded or failed, we want to skip the logic below
|
|
// and exit now.
|
|
//
|
|
|
|
goto SrpLogWriteAsynchronous_Exit;
|
|
}
|
|
}
|
|
|
|
//
|
|
// We now have enough room in the buffer for this pLogEntry, so append the
|
|
// entry to the buffer.
|
|
//
|
|
|
|
RtlCopyMemory( pLogContext->pLogBuffer + pLogContext->BufferOffset,
|
|
pLogEntry,
|
|
pLogEntry->Header.RecordSize );
|
|
|
|
//
|
|
// Update buffer pointers to reflect the entry has been added
|
|
//
|
|
|
|
pLogContext->LastBufferOffset = pLogContext->BufferOffset;
|
|
pLogContext->BufferOffset += pLogEntry->Header.RecordSize;
|
|
|
|
SET_DIRTY_FLAG(pLogContext);
|
|
|
|
//
|
|
// We were able to copy into the buffer successfully, so return
|
|
// STATUS_SUCCESS.
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
SrpLogWriteAsynchronous_Exit:
|
|
|
|
RETURN(Status);
|
|
}
|
|
|
|
#endif
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogFlush
|
|
//
|
|
// Description:
|
|
// This function flushes the buffer contents in memory
|
|
// to the log, it doesn't increment file offset in the
|
|
// log context.
|
|
//
|
|
// Arguments:
|
|
// Pointer to new Log Context
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogFlush(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
BOOLEAN ExtendLogFile = FALSE;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE(pLogContext->pExtension));
|
|
|
|
SrTrace(FUNC_ENTRY, ("SR!SrLogFlush\n") );
|
|
|
|
//
|
|
// should we short circuit out of here for testing mode?
|
|
//
|
|
|
|
if (global->DontBackup)
|
|
{
|
|
Status = STATUS_SUCCESS;
|
|
goto SrLogFlush_Exit;
|
|
}
|
|
|
|
//
|
|
// bail if the context is disabled
|
|
//
|
|
|
|
if (!FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE ))
|
|
{
|
|
goto SrLogFlush_Exit;
|
|
}
|
|
|
|
ASSERT( pLogContext->LogHandle != NULL );
|
|
|
|
if (FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_DIRTY ))
|
|
{
|
|
SrTrace( LOG, ("Flushing Log :%wZ", pLogContext->pLogFilePath));
|
|
|
|
//
|
|
// Do we need to extend our log file? We can possibly loop here if
|
|
// the amount of data we need to write is greater than our
|
|
// allocation unit. We want to make sure that if we do have to extend
|
|
// the file that we have at least extended it enough for our
|
|
// current write.
|
|
//
|
|
|
|
while ((pLogContext->BufferOffset + pLogContext->FileOffset) >
|
|
pLogContext->AllocationSize)
|
|
{
|
|
//
|
|
// This file will need to be extended for this write.
|
|
//
|
|
|
|
ExtendLogFile = TRUE;
|
|
pLogContext->AllocationSize += _globals.LogAllocationUnit;
|
|
}
|
|
|
|
if (ExtendLogFile)
|
|
{
|
|
FILE_ALLOCATION_INFORMATION fileAllocInfo;
|
|
|
|
fileAllocInfo.AllocationSize.QuadPart = pLogContext->AllocationSize;
|
|
|
|
Status = SrSetInformationFile( pLogContext->pExtension->pTargetDevice,
|
|
pLogContext->pLogFileObject,
|
|
&fileAllocInfo,
|
|
sizeof( fileAllocInfo ),
|
|
FileAllocationInformation );
|
|
|
|
if ((Status == STATUS_NO_SUCH_DEVICE) ||
|
|
(Status == STATUS_INVALID_HANDLE) ||
|
|
!NT_SUCCESS( Status ))
|
|
{
|
|
SrTrace( LOG, ("SrLogFlush: Log extension failed: 0x%x\n", Status) );
|
|
goto SrLogFlush_Exit;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Write the buffer to the disk. We have opened this file in append
|
|
// only mode, so the file system will maintain the current file
|
|
// position for us. This handle was open for SYNCHRONOUS access,
|
|
// therefore, this IO will not return until it has completed.
|
|
//
|
|
|
|
ASSERT( pLogContext->pLogBuffer != NULL );
|
|
|
|
Status = ZwWriteFile( pLogContext->LogHandle,
|
|
NULL, // Event
|
|
NULL, // ApcRoutine
|
|
NULL, // ApcContext
|
|
&IoStatusBlock,
|
|
pLogContext->pLogBuffer,
|
|
pLogContext->BufferOffset,
|
|
NULL, // ByteOffset
|
|
NULL ); // Key
|
|
|
|
//
|
|
// Handle STATUS_NO_SUCH_DEVICE because we expect this when
|
|
// HotPlugable devices are removed by surprise.
|
|
//
|
|
// Handle STATUS_INVALID_HANDLE because we expect this when
|
|
// a force-dismount came through on a volume.
|
|
//
|
|
|
|
if ((Status == STATUS_NO_SUCH_DEVICE) ||
|
|
(Status == STATUS_INVALID_HANDLE) ||
|
|
!NT_SUCCESS( Status ))
|
|
{
|
|
SrTrace( LOG,("SrLogFlush: Write failed: 0x%x\n", Status) );
|
|
goto SrLogFlush_Exit;
|
|
}
|
|
|
|
Status = SrFlushBuffers( pLogContext->pExtension->pTargetDevice,
|
|
pLogContext->pLogFileObject );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
{
|
|
SrTrace( LOG,("SrLogFlush: Flush failed: 0x%x\n", Status) );
|
|
goto SrLogFlush_Exit;
|
|
}
|
|
|
|
SrTrace( LOG,("SrLogFlush: Flush succeeded!\n"));
|
|
|
|
//
|
|
// We've dumped the buffer to disk, so update our file offset with the
|
|
// number of bytes we have written, reset our buffer pointer, and
|
|
// clear the dirty flag on this log context since it is no longer
|
|
// dirty.
|
|
//
|
|
|
|
ASSERT( pLogContext->BufferOffset == IoStatusBlock.Information );
|
|
|
|
UPDATE_LOG_OFFSET( pLogContext, pLogContext->BufferOffset );
|
|
|
|
RESET_LOG_BUFFER( pLogContext );
|
|
CLEAR_DIRTY_FLAG( pLogContext );
|
|
}
|
|
|
|
//
|
|
// If we got here, the flush was successful, so return that status.
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
SrLogFlush_Exit:
|
|
|
|
#if DBG
|
|
if (Status == STATUS_NO_SUCH_DEVICE ||
|
|
Status == STATUS_INVALID_HANDLE)
|
|
{
|
|
return Status;
|
|
}
|
|
#endif
|
|
|
|
RETURN(Status);
|
|
} // SrLogFlush
|
|
|
|
//++
|
|
// Function:
|
|
// SrLogSwitch
|
|
//
|
|
// Description:
|
|
// This function Switches the current log to the
|
|
// new log.
|
|
//
|
|
// Arguments:
|
|
// Pointer to new log context.
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrLogSwitch(
|
|
IN PSR_LOG_CONTEXT pLogContext
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_LOG_CONTEXT(pLogContext));
|
|
|
|
ASSERT( IS_ACTIVITY_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) ||
|
|
IS_LOG_LOCK_ACQUIRED_EXCLUSIVE( pLogContext->pExtension ) );
|
|
|
|
//
|
|
// bail if the context is disabled
|
|
//
|
|
|
|
if (!FlagOn( pLogContext->LoggingFlags, SR_LOG_FLAGS_ENABLE ))
|
|
{
|
|
Status = STATUS_UNSUCCESSFUL;
|
|
goto SrLogSwitch_Exit;
|
|
}
|
|
|
|
if (pLogContext->LogHandle)
|
|
{
|
|
//
|
|
// flush, renames and close current log
|
|
//
|
|
|
|
Status = SrLogClose( pLogContext );
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// try and open the log file
|
|
//
|
|
|
|
Status = SrLogOpen( pLogContext );
|
|
}
|
|
}
|
|
|
|
SrLogSwitch_Exit:
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrLogSwitch
|
|
|
|
/////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Misc Routines : Misc routines required by the logging module
|
|
//
|
|
/////////////////////////////////////////////////////////////////////
|
|
|
|
//++
|
|
// Function:
|
|
// SrGetRestorePointPath
|
|
//
|
|
// Description:
|
|
// This function creates a path for the restore point dir.
|
|
//
|
|
// Arguments:
|
|
// Pointer to log entry buffer
|
|
// Length of the Log filename buffer
|
|
// Pointer to the Log filename buffer
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrGetRestorePointPath(
|
|
IN PUNICODE_STRING pVolumeName,
|
|
IN USHORT RestPtPathLength,
|
|
OUT PUNICODE_STRING pRestPtPath
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
ULONG CharCount;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pVolumeName != NULL);
|
|
ASSERT(pRestPtPath != NULL);
|
|
|
|
try
|
|
{
|
|
//
|
|
// Copy the volume name in the log file
|
|
//
|
|
|
|
pRestPtPath->Buffer = (PWSTR)(pRestPtPath+1);
|
|
|
|
//
|
|
// TODO:(CODEWORK: grab a lock around global?)
|
|
//
|
|
|
|
//
|
|
// construct our restore point location string
|
|
//
|
|
|
|
CharCount = swprintf( pRestPtPath->Buffer,
|
|
VOLUME_FORMAT RESTORE_LOCATION,
|
|
pVolumeName,
|
|
global->MachineGuid );
|
|
|
|
pRestPtPath->Length = (USHORT)CharCount * sizeof(WCHAR);
|
|
pRestPtPath->MaximumLength = RestPtPathLength;
|
|
|
|
if ( pRestPtPath->Length > RestPtPathLength )
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Append the restore point directory
|
|
//
|
|
|
|
CharCount = swprintf(
|
|
&pRestPtPath->Buffer[pRestPtPath->Length/sizeof(WCHAR)],
|
|
L"\\" RESTORE_POINT_PREFIX L"%d\\",
|
|
global->FileConfig.CurrentRestoreNumber );
|
|
|
|
pRestPtPath->Length += (USHORT)CharCount * sizeof(WCHAR);
|
|
|
|
pRestPtPath->MaximumLength = RestPtPathLength;
|
|
|
|
if ( pRestPtPath->Length > RestPtPathLength )
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// NULL terminate it
|
|
//
|
|
|
|
pRestPtPath->Buffer[pRestPtPath->Length/sizeof(WCHAR)] = UNICODE_NULL;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
finally
|
|
{
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrGetRestorePointPath
|
|
|
|
//++
|
|
// Function:
|
|
// SrGetLogFileName
|
|
//
|
|
// Description:
|
|
// This function creates a path for change log in restore point dir.
|
|
//
|
|
// Arguments:
|
|
// Pointer to log entry buffer
|
|
// Length of the Log filename buffer
|
|
// Pointer to the Log filename buffer
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrGetLogFileName(
|
|
IN PUNICODE_STRING pVolumeName,
|
|
IN USHORT LogFileNameLength,
|
|
OUT PUNICODE_STRING pLogFileName
|
|
)
|
|
{
|
|
NTSTATUS Status;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pVolumeName != NULL);
|
|
ASSERT(pLogFileName != NULL);
|
|
|
|
//
|
|
// Get restore point path
|
|
//
|
|
|
|
Status = SrGetRestorePointPath( pVolumeName,
|
|
LogFileNameLength,
|
|
pLogFileName );
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// Append changelog file name
|
|
//
|
|
|
|
Status = RtlAppendUnicodeToString( pLogFileName, s_cszCurrentChangeLog );
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrGetLogFileName
|
|
|
|
//++
|
|
// Function:
|
|
// SrGetAclFileName
|
|
//
|
|
// Description:
|
|
// This function creates a path for Acl file in restore point dir.
|
|
//
|
|
// Arguments:
|
|
// Pointer to log entry buffer
|
|
// Length of the Log filename buffer
|
|
// Pointer to the Log filename buffer
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrGetAclFileName(
|
|
IN PUNICODE_STRING pVolumeName,
|
|
IN USHORT AclFileNameLength,
|
|
OUT PUNICODE_STRING pAclFileName
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
|
ULONG CharCount;
|
|
ULONG NextFileNumber;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(pVolumeName != NULL);
|
|
ASSERT(pAclFileName != NULL);
|
|
|
|
//
|
|
// Get restore point path
|
|
//
|
|
|
|
Status = SrGetRestorePointPath( pVolumeName,
|
|
AclFileNameLength,
|
|
pAclFileName );
|
|
|
|
if (NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// Generate a new file number and append it to the path above
|
|
//
|
|
|
|
Status = SrGetNextFileNumber(&NextFileNumber);
|
|
if (!NT_SUCCESS( Status ))
|
|
goto End;
|
|
|
|
//
|
|
// use the "S" prefix (e.g. "S0000001.Acl" )
|
|
//
|
|
|
|
CharCount = swprintf( &pAclFileName->Buffer[pAclFileName->Length/sizeof(WCHAR)],
|
|
ACL_FILE_PREFIX L"%07d" ACL_FILE_SUFFIX,
|
|
NextFileNumber );
|
|
|
|
pAclFileName->Length += (USHORT)CharCount * sizeof(WCHAR);
|
|
|
|
if ( pAclFileName->Length > AclFileNameLength )
|
|
{
|
|
goto End;
|
|
}
|
|
|
|
//
|
|
// NULL terminate it
|
|
//
|
|
|
|
pAclFileName->Buffer[pAclFileName->Length/sizeof(WCHAR)]=UNICODE_NULL;
|
|
}
|
|
|
|
End:
|
|
RETURN(Status);
|
|
|
|
} // SrGetAclFileName
|
|
|
|
|
|
//++
|
|
// Function:
|
|
// SrGetAclInformation
|
|
//
|
|
// Description:
|
|
// This function gets the acl information from the given file
|
|
// and packs it into a sub-record
|
|
//
|
|
// Arguments:
|
|
// Pointer to filename
|
|
// Pointer to variable to return the address of security info
|
|
// Pointer to variable to return the size of security info
|
|
//
|
|
// Return Value:
|
|
// This function returns STATUS_XXX
|
|
//--
|
|
|
|
NTSTATUS
|
|
SrGetAclInformation (
|
|
IN PFILE_OBJECT pFileObject,
|
|
IN PSR_DEVICE_EXTENSION pExtension,
|
|
OUT PSECURITY_DESCRIPTOR * ppSecurityDescriptor,
|
|
OUT PULONG pSizeNeeded
|
|
)
|
|
{
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
|
|
ULONG SizeNeeded = 256;
|
|
|
|
struct
|
|
{
|
|
FILE_FS_ATTRIBUTE_INFORMATION Info;
|
|
WCHAR Buffer[ 50 ];
|
|
} FileFsAttrInfoBuffer;
|
|
|
|
PAGED_CODE();
|
|
|
|
ASSERT(IS_VALID_FILE_OBJECT(pFileObject));
|
|
ASSERT(pSizeNeeded != NULL);
|
|
ASSERT(ppSecurityDescriptor != NULL);
|
|
|
|
try
|
|
{
|
|
|
|
*ppSecurityDescriptor = NULL;
|
|
*pSizeNeeded = 0;
|
|
|
|
//
|
|
// First check if we already know if the fs supports acls
|
|
// Do this check now so we can leave real fast if the volume
|
|
// doesn't support ACLs
|
|
//
|
|
if (pExtension->CachedFsAttributes &&
|
|
(!FlagOn(pExtension->FsAttributes, FILE_PERSISTENT_ACLS))) {
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Check if the file system supports acl stuff if necessary
|
|
//
|
|
if (!pExtension->CachedFsAttributes) {
|
|
//
|
|
// We need to check now
|
|
//
|
|
Status = SrQueryVolumeInformationFile( pExtension->pTargetDevice,
|
|
pFileObject,
|
|
&FileFsAttrInfoBuffer.Info,
|
|
sizeof(FileFsAttrInfoBuffer),
|
|
FileFsAttributeInformation,
|
|
NULL );
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
//
|
|
// Stow away the attributes for later use
|
|
//
|
|
pExtension->CachedFsAttributes = TRUE;
|
|
pExtension->FsAttributes = FileFsAttrInfoBuffer.Info.FileSystemAttributes;
|
|
|
|
if (!FlagOn(pExtension->FsAttributes, FILE_PERSISTENT_ACLS))
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Read in the security information from the source file
|
|
// (looping until we get a big enough buffer).
|
|
//
|
|
|
|
while (TRUE )
|
|
{
|
|
//
|
|
// Alloc a buffer to hold the security info.
|
|
//
|
|
|
|
pSecurityDescriptor = SR_ALLOCATE_ARRAY( PagedPool,
|
|
UCHAR,
|
|
SizeNeeded,
|
|
SR_SECURITY_DATA_TAG );
|
|
|
|
if (NULL == pSecurityDescriptor)
|
|
{
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
leave;
|
|
}
|
|
|
|
//
|
|
// Query the security info
|
|
//
|
|
|
|
Status = SrQuerySecurityObject( pExtension->pTargetDevice,
|
|
pFileObject,
|
|
DACL_SECURITY_INFORMATION
|
|
|SACL_SECURITY_INFORMATION
|
|
|OWNER_SECURITY_INFORMATION
|
|
|GROUP_SECURITY_INFORMATION,
|
|
pSecurityDescriptor,
|
|
SizeNeeded,
|
|
&SizeNeeded );
|
|
|
|
//
|
|
// Not enough buffer?
|
|
//
|
|
|
|
if (STATUS_BUFFER_TOO_SMALL == Status ||
|
|
STATUS_BUFFER_OVERFLOW == Status)
|
|
{
|
|
//
|
|
// Get a bigger buffer and try again.
|
|
//
|
|
|
|
SR_FREE_POOL( pSecurityDescriptor,
|
|
SR_SECURITY_DATA_TAG );
|
|
|
|
pSecurityDescriptor = NULL;
|
|
SizeNeeded *= 2;
|
|
continue;
|
|
}
|
|
|
|
break;
|
|
}
|
|
|
|
if (!NT_SUCCESS( Status ))
|
|
leave;
|
|
|
|
//
|
|
// Security descriptor should be self relative.
|
|
//
|
|
|
|
ASSERT(((PISECURITY_DESCRIPTOR_RELATIVE)pSecurityDescriptor)->Control & SE_SELF_RELATIVE);
|
|
|
|
//
|
|
// return the security information
|
|
//
|
|
|
|
*ppSecurityDescriptor = pSecurityDescriptor;
|
|
pSecurityDescriptor = NULL;
|
|
|
|
*pSizeNeeded = SizeNeeded;
|
|
|
|
SrTrace( LOG, ("sr!SrGetAclInformation: returning [0x%p,%d]\n",
|
|
*ppSecurityDescriptor,
|
|
SizeNeeded ));
|
|
|
|
} finally {
|
|
|
|
Status = FinallyUnwind(SrGetAclInformation, Status);
|
|
|
|
if (pSecurityDescriptor != NULL)
|
|
{
|
|
SR_FREE_POOL( pSecurityDescriptor, SR_SECURITY_DATA_TAG );
|
|
pSecurityDescriptor = NULL;
|
|
}
|
|
}
|
|
|
|
RETURN(Status);
|
|
|
|
} // SrGetAclInformation
|
|
|