Windows2003-3790/base/ntos/lpc/lpccompl.c
2020-09-30 16:53:55 +02:00

1082 lines
34 KiB
C
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
lpccompl.c
Abstract:
Local Inter-Process Communication (LPC) connection system services.
Author:
Steve Wood (stevewo) 15-May-1989
Revision History:
--*/
#include "lpcp.h"
//
// Local procedure prototypes
//
VOID
LpcpPrepareToWakeClient (
IN PETHREAD ClientThread
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE,NtAcceptConnectPort)
#pragma alloc_text(PAGE,NtCompleteConnectPort)
#pragma alloc_text(PAGE,LpcpPrepareToWakeClient)
#endif
NTSTATUS
NtAcceptConnectPort (
OUT PHANDLE PortHandle,
IN PVOID PortContext OPTIONAL,
IN PPORT_MESSAGE ConnectionRequest,
IN BOOLEAN AcceptConnection,
IN OUT PPORT_VIEW ServerView OPTIONAL,
OUT PREMOTE_PORT_VIEW ClientView OPTIONAL
)
/*++
Routine Description:
A server process can accept or reject a client connection request
using the NtAcceptConnectPort service.
The ConnectionRequest parameter must specify a connection request
returned by a previous call to the NtListenPort service. This
service will either complete the connection if the AcceptConnection
parameter is TRUE, or reject the connection request if the
AcceptConnection parameter is FALSE.
In either case, the contents of the data portion of the connection
request is the data to return to the caller of NtConnectPort.
If the connection request is accepted, then two communication port
objects will be created and connected together. One will be
inserted in the client process' handle table and returned to the
client via the PortHandle parameter it specified on the
NtConnectPort service. The other will be inserted in the server
process' handle table and returned via the PortHandle parameter
specified on the NtCompleteConnectPort service. In addition the
two communication ports (client and server) will be linked together.
If the connection request is accepted, and the ServerView parameter
was specified, then the section handle is examined. If it is valid,
then the portion of the section described by the SectionOffset and
ViewSize fields will be mapped into both the client and server
process address spaces. The address in server's address space will
be returned in the ViewBase field. The address in the client's
address space will be returned in the ViewRemoteBase field. The
actual offset and size used to map the section will be returned in
the SectionOffset and ViewSize fields.
Communication port objects are temporary objects that have no names
and cannot be inherited. When either the client or server process
calls the !f NtClose service for a communication port, the port will
be deleted since there can never be more than one outstanding handle
for each communication port. The port object type specific delete
procedure will then be invoked. This delete procedure will examine
the communication port, and if it is connected to another
communication port, it will queue an LPC_PORT_CLOSED datagram to
that port's message queue. This will allow both the client and
server processes to notice when a port becomes disconnected, either
because of an explicit call to NtClose or an implicit call due to
process termination. In addition, the delete procedure will scan
the message queue of the port being closed and for each message
still in the queue, it will return an ERROR_PORT_CLOSED status to
any thread that is waiting for a reply to the message.
Arguments:
PortHandle - A pointer to a variable that will receive the server
communication port object handle value.
PortContext - An uninterpreted pointer that is stored in the
server communication port. This pointer is returned whenever
a message is received for this port.
ConnectionRequest - A pointer to a structure that describes the
connection request being accepted or rejected:
The ConnectionRequest structure
ULONG Length - Specifies the size of this data structure in
bytes.
CLIENT_ID ClientId - Specifies a structure that contains the
client identifier (CLIENT_ID) of the thread that sent the
request.
The ClientId Structure
ULONG UniqueProcessId - A unique value for each process
in the system.
ULONG UniqueThreadId - A unique value for each thread in the
system.
ULONG MessageId - A unique value that identifies the connection
request being completed.
ULONG PortAttributes - This field has no meaning for this service.
ULONG ClientViewSize - This field has no meaning for this service.
AcceptConnection - Specifies a boolean value which indicates where
the connection request is being accepted or rejected. A value
of TRUE means that the connection request is accepted and a
server communication port handle will be created and connected
to the client's communication port handle. A value of FALSE
means that the connection request is not accepted.
ServerView - A pointer to a structure that specifies the section that
the server process will use to send messages back to the client
process connected to this port.
The ServerView Structure
ULONG Length - Specifies the size of this data structure in
bytes.
HANDLE SectionHandle - Specifies an open handle to a section
object.
ULONG SectionOffset - Specifies a field that will receive the
actual offset, in bytes, from the start of the section. The
initial value of this parameter specifies the byte offset
within the section that the client's view is based. The
value is rounded down to the next host page size boundary.
ULONG ViewSize - Specifies the size of the view, in bytes.
PVOID ViewBase - Specifies a field that will receive the base
address of the port memory in the server's address space.
PVOID ViewRemoteBase - Specifies a field that will receive
the base address of the server port's memory in the client's
address space. Used to generate pointers that are
meaningful to the client.
ClientView - An optional pointer to a structure that will receive
information about the client process' view in the server's
address space. The server process can use this information
to validate pointers it receives from the client process.
The ClientView Structure
ULONG Length - Specifies the size of this data structure in
bytes.
PVOID ViewBase - Specifies a field that will receive the base
address of the client port's memory in the server's address
space.
ULONG ViewSize - Specifies a field that will receive the
size, in bytes, of the client's view in the server's address
space. If this field is zero, then client has no view in
the server's address space.
Return Value:
NTSTATUS - An appropriate status value.
--*/
{
PLPCP_PORT_OBJECT ConnectionPort;
PLPCP_PORT_OBJECT ServerPort;
PLPCP_PORT_OBJECT ClientPort;
PVOID ClientSectionToMap;
HANDLE Handle;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status;
ULONG ConnectionInfoLength;
PLPCP_MESSAGE Msg;
PLPCP_CONNECTION_MESSAGE ConnectMsg;
PORT_MESSAGE CapturedReplyMessage;
PVOID SectionToMap;
LARGE_INTEGER SectionOffset;
SIZE_T ViewSize;
PEPROCESS ClientProcess;
PETHREAD ClientThread;
PORT_VIEW CapturedServerView;
PAGED_CODE();
//
// Get previous processor mode and probe output arguments if necessary.
//
PreviousMode = KeGetPreviousMode();
if (PreviousMode != KernelMode) {
try {
ProbeForWriteHandle( PortHandle );
ProbeForReadSmallStructure( ConnectionRequest,
sizeof( *ConnectionRequest ),
sizeof( ULONG ));
CapturedReplyMessage = *ConnectionRequest;
if (ARGUMENT_PRESENT( ServerView )) {
CapturedServerView = ProbeAndReadStructure( ServerView, PORT_VIEW );
if (CapturedServerView.Length != sizeof( *ServerView )) {
return STATUS_INVALID_PARAMETER;
}
ProbeForWriteSmallStructure( ServerView,
sizeof( *ServerView ),
sizeof( ULONG ));
}
if (ARGUMENT_PRESENT( ClientView )) {
if (ProbeAndReadUlong( &ClientView->Length ) != sizeof( *ClientView )) {
return STATUS_INVALID_PARAMETER;
}
ProbeForWriteSmallStructure( ClientView,
sizeof( *ClientView ),
sizeof( ULONG ));
}
} except( EXCEPTION_EXECUTE_HANDLER ) {
return GetExceptionCode();
}
} else {
//
// Otherwise the previous mode is kernel mode
//
CapturedReplyMessage = *ConnectionRequest;
if (ARGUMENT_PRESENT( ServerView )) {
if (ServerView->Length != sizeof( *ServerView )) {
return STATUS_INVALID_PARAMETER;
}
CapturedServerView = *ServerView;
}
if (ARGUMENT_PRESENT( ClientView )) {
if (ClientView->Length != sizeof( *ClientView )) {
return STATUS_INVALID_PARAMETER;
}
}
}
//
// Translate the ClientId from the connection request into a
// thread pointer. This is a referenced pointer to keep the thread
// from evaporating out from under us.
//
Status = PsLookupProcessThreadByCid( &CapturedReplyMessage.ClientId,
&ClientProcess,
&ClientThread );
if (!NT_SUCCESS( Status )) {
return Status;
}
//
// Acquire the mutex that guards the LpcReplyMessage field of
// the thread and get the pointer to the message that the thread
// is waiting for a reply to.
//
LpcpAcquireLpcpLock();
//
// See if the thread is waiting for a reply to the connection request
// specified on this call. If not then a bogus connection request
// has been specified, so release the mutex, dereference the thread
// and return failure.
//
// The check is that the client is waiting for a reply to a connection
// request and that the message id is both valid and lines up correctly
//
if (( LpcpGetThreadMessage( ClientThread ) == NULL ) ||
(CapturedReplyMessage.MessageId == 0) ||
(ClientThread->LpcReplyMessageId != CapturedReplyMessage.MessageId) ||
((LpcpGetThreadMessage(ClientThread)->Request.u2.s2.Type & ~LPC_KERNELMODE_MESSAGE) != LPC_CONNECTION_REQUEST)) {
Msg = NULL;
} else {
//
// Remember the LPCP message from the thread
//
Msg = LpcpGetThreadMessage(ClientThread);
//
// Get connection message immediately following the LPCP message
//
ConnectMsg = (PLPCP_CONNECTION_MESSAGE)(Msg + 1);
//
// Remember the client port from the connection message
//
ClientPort = ConnectMsg->ClientPort;
//
// Get a pointer to the connection port from the client port.
//
ConnectionPort = ClientPort->ConnectionPort;
//
// Check if the server process accept the connection
//
if ( ConnectionPort->ServerProcess != PsGetCurrentProcess() ) {
//
// Release the LPC mutex
//
LpcpReleaseLpcpLock();
ObDereferenceObject( ClientProcess );
ObDereferenceObject( ClientThread );
return (STATUS_REPLY_MESSAGE_MISMATCH);
}
//
// Remove the LPC message from the thread
//
ClientThread->LpcReplyMessage = NULL;
//
// Remove the client port from the connection message
//
ConnectMsg->ClientPort = NULL;
//
// Clean up the rest of the client thread. This cleanup use to be
// done unconditionally right before releasing the mutex however
// this causes trouble if our caller supplied a bad reply message
// and we clobber an arbitrary threads state
//
ClientThread->LpcReplyMessageId = 0;
}
//
// Release the mutex that guards the field.
//
LpcpReleaseLpcpLock();
//
// Now if we did not get an LPCP message from a client thread then this
// isn't a good call and we'll dereference what we thought was the
// client thread/process and tell our caller their mistake
//
if ( !Msg ) {
LpcpPrint(( "%s Attempted AcceptConnectPort to Thread %lx (%s)\n",
PsGetCurrentProcess()->ImageFileName,
ClientThread,
THREAD_TO_PROCESS( ClientThread )->ImageFileName ));
LpcpPrint(( "failed. MessageId == %u\n", CapturedReplyMessage.MessageId ));
LpcpPrint(( " Thread MessageId == %u\n", ClientThread->LpcReplyMessageId ));
LpcpPrint(( " Thread Msg == %x\n", ClientThread->LpcReplyMessage ));
ObDereferenceObject( ClientProcess );
ObDereferenceObject( ClientThread );
return (STATUS_REPLY_MESSAGE_MISMATCH);
}
//
// At this point we have a good matching client for this accept connect
// call.
//
LpcpTrace(("Replying to Connect Msg %lx to Port %lx\n",
Msg, ClientPort->ConnectionPort ));
//
// Regardless of whether we are accepting or rejecting the connection,
// return the connection information to the waiting thread.
//
ConnectionInfoLength = CapturedReplyMessage.u1.s1.DataLength;
if (ConnectionInfoLength > ConnectionPort->MaxConnectionInfoLength) {
ConnectionInfoLength = ConnectionPort->MaxConnectionInfoLength;
}
Msg->Request.u1.s1.DataLength = (CSHORT)(sizeof( *ConnectMsg ) +
ConnectionInfoLength);
Msg->Request.u1.s1.TotalLength = (CSHORT)(sizeof( *Msg ) +
Msg->Request.u1.s1.DataLength);
Msg->Request.u2.s2.Type = LPC_REPLY;
Msg->Request.u2.s2.DataInfoOffset = 0;
Msg->Request.ClientId = CapturedReplyMessage.ClientId;
Msg->Request.MessageId = CapturedReplyMessage.MessageId;
Msg->Request.ClientViewSize = 0;
try {
RtlCopyMemory( ConnectMsg + 1,
(PCHAR)(ConnectionRequest + 1),
ConnectionInfoLength );
} except( EXCEPTION_EXECUTE_HANDLER ) {
Status = GetExceptionCode();
}
//
// Now it is time to process a positive accept request
//
ClientSectionToMap = NULL;
if (AcceptConnection) {
//
// Allocate and initialize a server communication port object.
// Communication ports have no names, can not be inherited and
// are process private handles.
//
Status = ObCreateObject( PreviousMode,
LpcPortObjectType,
NULL,
PreviousMode,
NULL,
FIELD_OFFSET( LPCP_PORT_OBJECT, WaitEvent ),
0,
0,
(PVOID *)&ServerPort );
if (!NT_SUCCESS( Status )) {
goto bailout;
}
RtlZeroMemory( ServerPort, FIELD_OFFSET( LPCP_PORT_OBJECT, WaitEvent ));
ServerPort->PortContext = PortContext;
ServerPort->Flags = SERVER_COMMUNICATION_PORT;
InitializeListHead( &ServerPort->LpcReplyChainHead );
InitializeListHead( &ServerPort->LpcDataInfoChainHead );
//
// Connect the newly created server communication port to the
// connection port with a referenced pointer. Prevents the
// connection port from going away until all of the communication
// ports have been closed.
//
ObReferenceObject( ConnectionPort );
ServerPort->ConnectionPort = ConnectionPort;
ServerPort->MaxMessageLength = ConnectionPort->MaxMessageLength;
//
// Connect the client and server communication ports together
// with unreferenced pointers. They are unreferenced so that
// the PortObjectType delete procedure will get called when a
// communication port is closed. If this were not the case then
// we would need a special NtClosePort system service in order
// to tear down a pair of connected communication ports.
//
ServerPort->ConnectedPort = ClientPort;
ClientPort->ConnectedPort = ServerPort;
ServerPort->Creator = PsGetCurrentThread()->Cid;
ClientPort->Creator = Msg->Request.ClientId;
//
// If the client has allocated a port memory section that is mapped
// into the client's address space, then map a view of the same
// section for the server process to see.
//
LpcpAcquireLpcpLock();
ClientSectionToMap = ConnectMsg->SectionToMap;
ConnectMsg->SectionToMap = NULL;
LpcpReleaseLpcpLock();
if (ClientSectionToMap) {
LARGE_INTEGER LargeSectionOffset;
LargeSectionOffset.LowPart = ConnectMsg->ClientView.SectionOffset;
LargeSectionOffset.HighPart = 0;
Status = MmMapViewOfSection( ClientSectionToMap,
PsGetCurrentProcess(),
&ServerPort->ClientSectionBase,
0,
0,
&LargeSectionOffset,
&ConnectMsg->ClientView.ViewSize,
ViewUnmap,
0,
PAGE_READWRITE );
ConnectMsg->ClientView.SectionOffset = LargeSectionOffset.LowPart;
if (NT_SUCCESS( Status )) {
ConnectMsg->ClientView.ViewRemoteBase = ServerPort->ClientSectionBase;
//
// The client section was mapped. We'll add an extra reference to
// server process. This reference will be removed on port cleanup.
//
ServerPort->MappingProcess = PsGetCurrentProcess();
ObReferenceObject( ServerPort->MappingProcess );
} else {
//
// At this point we're really going to drop all the way
// out to the label bailout: because everything else is
// protected with a test against Status. But first we have
// to release the server port that we've just created
//
ObDereferenceObject( ServerPort );
}
}
//
// If the server process has allocated a port memory section for
// send data to the client on call back requests, map two views
// of that section, the first for the server process and the
// second view for the client process. Return the location of the
// server's view to the caller of this function. Return the
// client's view to the client process via the reply to the
// connection request.
//
if (NT_SUCCESS( Status ) && ARGUMENT_PRESENT( ServerView )) {
LARGE_INTEGER LargeSectionOffset;
LargeSectionOffset.LowPart = CapturedServerView.SectionOffset;
LargeSectionOffset.HighPart = 0;
//
// Map in the section into the servers address space
//
//
// Does this call need to verify that the section handle
// is still valid.
//
Status = ObReferenceObjectByHandle( CapturedServerView.SectionHandle,
SECTION_MAP_READ |
SECTION_MAP_WRITE,
MmSectionObjectType,
PreviousMode,
(PVOID *)&SectionToMap,
NULL );
if (NT_SUCCESS( Status )) {
Status = MmMapViewOfSection( SectionToMap,
PsGetCurrentProcess(),
&ServerPort->ServerSectionBase,
0,
0,
&LargeSectionOffset,
&CapturedServerView.ViewSize,
ViewUnmap,
0,
PAGE_READWRITE );
if (NT_SUCCESS( Status )) {
//
// The section was mapped into the server process. We'll add a
// reference to the server process only if we didn't before.
//
if ( ServerPort->MappingProcess == NULL ) {
ServerPort->MappingProcess = PsGetCurrentProcess();
ObReferenceObject( ServerPort->MappingProcess );
}
CapturedServerView.SectionOffset = LargeSectionOffset.LowPart;
CapturedServerView.ViewBase = ServerPort->ServerSectionBase;
SectionOffset.LowPart = CapturedServerView.SectionOffset;
SectionOffset.HighPart = 0;
ViewSize = CapturedServerView.ViewSize;
Status = MmMapViewOfSection( SectionToMap,
ClientProcess,
&ClientPort->ServerSectionBase,
0,
0,
&SectionOffset,
&ViewSize,
ViewUnmap,
0,
PAGE_READWRITE );
if (NT_SUCCESS( Status )) {
//
// The section was mapped into the client process. We'll add a
// reference to the client process only we didn't before.
// (we don't have also a client section)
//
if ( ClientPort->MappingProcess == NULL ) {
ClientPort->MappingProcess = ClientProcess;
ObReferenceObject( ClientProcess );
}
//
// Let the server know where the client's view of the
// section got mapped
//
CapturedServerView.ViewRemoteBase = ClientPort->ServerSectionBase;
//
// Let the client know where the server's view of the
// section got mapped
//
ConnectMsg->ServerView.ViewBase = ClientPort->ServerSectionBase;
ConnectMsg->ServerView.ViewSize = ViewSize;
} else {
ObDereferenceObject( ServerPort );
}
} else {
ObDereferenceObject( ServerPort );
}
ObDereferenceObject( SectionToMap );
} else {
ObDereferenceObject( ServerPort );
}
}
//
// Insert the server communication port object in specified object
// table. Set port handle value if successful. If not
// successful, then the port will have been dereferenced, which
// will cause it to be freed, after our delete procedure is
// called. The delete procedure will undo the work done to
// initialize the port.
//
if (NT_SUCCESS( Status )) {
//
// Add an extra reference to the object otherwise right when we
// create the handle a rouge caller might close and destroy the
// port.
//
ObReferenceObject( ServerPort );
//
// Now add the handle
//
Status = ObInsertObject( ServerPort,
NULL,
PORT_ALL_ACCESS,
0,
(PVOID *)NULL,
&Handle );
if (NT_SUCCESS( Status )) {
try {
if (ARGUMENT_PRESENT( ServerView )) {
*ServerView = CapturedServerView;
}
if (ARGUMENT_PRESENT( ClientView )) {
ClientView->ViewBase = ConnectMsg->ClientView.ViewRemoteBase;
ClientView->ViewSize = ConnectMsg->ClientView.ViewSize;
}
*PortHandle = Handle;
if (!ARGUMENT_PRESENT( PortContext )) {
ServerPort->PortContext = Handle;
}
ServerPort->ClientThread = ClientThread;
LpcpAcquireLpcpLock();
ClientThread->LpcReplyMessage = Msg;
LpcpReleaseLpcpLock();
ClientThread = NULL;
} except( EXCEPTION_EXECUTE_HANDLER ) {
NtClose( Handle );
Status = GetExceptionCode();
}
}
//
// Now we can remove the extra object reference
//
ObDereferenceObject( ServerPort );
}
} else {
//
// Otherwise the server has not accepted the connection request
//
LpcpPrint(( "Refusing connection from %x.%x\n",
Msg->Request.ClientId.UniqueProcess,
Msg->Request.ClientId.UniqueThread ));
}
bailout:
if ( ClientSectionToMap ) {
ObDereferenceObject( ClientSectionToMap );
}
//
// If the client is not null then this is an error condition and we need
// to cleanup and wake the client thread. In success cases the client
// thread is woken up with a call to Complete Connect Request
//
if (ClientThread != NULL) {
LpcpAcquireLpcpLock();
ClientThread->LpcReplyMessage = Msg;
if (AcceptConnection) {
LpcpPrint(( "LPC: Failing AcceptConnection with Status == %x\n", Status ));
}
LpcpPrepareToWakeClient( ClientThread );
LpcpReleaseLpcpLock();
//
// Wake up the thread that is waiting for an answer to its connection
// request inside of NtConnectPort.
//
KeReleaseSemaphore( &ClientThread->LpcReplySemaphore,
0,
1L,
FALSE );
//
// Dereference client thread and return the system service status.
//
ObDereferenceObject( ClientThread );
}
if (ClientPort) {
ObDereferenceObject( ClientPort );
}
ObDereferenceObject( ClientProcess );
//
// And return to our caller
//
return Status;
}
NTSTATUS
NtCompleteConnectPort (
IN HANDLE PortHandle
)
/*++
Routine Description:
This routine is called by the server after it calls NtAcceptConnectPort to
wake up the client thread. Between calling NtAcceptConnectPort and
NtCompleteConnectPort the server can do whatever work is necessary before
waking up the client
Arguments:
PortHandle - Supplies a handle to the server communication port
Return Value:
NTSTATUS - An appropriate status value.
--*/
{
PLPCP_PORT_OBJECT PortObject;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status;
PETHREAD ClientThread;
PAGED_CODE();
//
// Get previous processor mode
//
PreviousMode = KeGetPreviousMode();
//
// Reference the port object by handle
//
Status = LpcpReferencePortObject( PortHandle,
0,
PreviousMode,
&PortObject );
if (!NT_SUCCESS( Status )) {
return Status;
}
//
// Error if a port type is invalid.
//
if ((PortObject->Flags & PORT_TYPE) != SERVER_COMMUNICATION_PORT) {
ObDereferenceObject( PortObject );
return STATUS_INVALID_PORT_HANDLE;
}
//
// Under the LPC lock we need to check for a client thread and if there
// is one we'll remember and remove the client thread, and then prepare
// to wake the client
//
LpcpAcquireLpcpLock();
if (PortObject->ClientThread == NULL) {
LpcpReleaseLpcpLock();
ObDereferenceObject( PortObject );
return STATUS_INVALID_PARAMETER;
}
ClientThread = PortObject->ClientThread;
//
// Double check that the thread is still waiting for a reply message
//
if (LpcpGetThreadMessage(ClientThread) == NULL) {
LpcpReleaseLpcpLock();
ObDereferenceObject( PortObject );
//
// At this point the client has already been woken. We will get a client died message
//
return STATUS_SUCCESS;
}
//
// The check needs to ensure that the client thread is really on the
// reply chain for the sever's connection port. This is a quick and
// dirty fix for NT 5.0. We zoom down the connection port lpc reply
// chain looking for an entry that contains the client threads. If
// we find a match it's okay if we don't it's bad.
//
if (PortObject->ConnectionPort) {
PLIST_ENTRY Entry;
for (Entry = PortObject->ConnectionPort->LpcReplyChainHead.Flink;
Entry != (PLIST_ENTRY)(&PortObject->ConnectionPort->LpcReplyChainHead.Flink);
Entry = Entry->Flink) {
if (Entry == ((PLIST_ENTRY)(&ClientThread->LpcReplyChain.Flink))) {
break;
}
}
if (Entry != ((PLIST_ENTRY)(&ClientThread->LpcReplyChain.Flink))) {
LpcpReleaseLpcpLock();
ObDereferenceObject( PortObject );
//
// At this point the client has already been woken. We will get a client died message
//
return STATUS_SUCCESS;
}
}
//
// Now do the wakeup
//
PortObject->ClientThread = NULL;
LpcpPrepareToWakeClient( ClientThread );
LpcpReleaseLpcpLock();
//
// Wake up the thread that is waiting for an answer to its connection
// request inside of NtConnectPort.
//
KeReleaseSemaphore( &ClientThread->LpcReplySemaphore,
0,
1L,
FALSE );
//
// Dereference client thread
//
ObDereferenceObject( ClientThread );
ObDereferenceObject( PortObject );
//
// And return to our caller
//
return Status;
}
//
// Local support routine
//
VOID
LpcpPrepareToWakeClient (
IN PETHREAD ClientThread
)
/*++
Routine Description:
This routine is used to prepare the client thread to receive a reply to
its connection request
Arguments:
ClientThread - Specifies the thread we are preparing to wake up
Return Value:
None.
--*/
{
PAGED_CODE();
//
// Remove the thread from the rundown list the connection port as we are
// sending a reply. The operation only needs to take place if the
// thread isn't exiting and it's in the lpc reply chain for a connection
// port
//
if ((!ClientThread->LpcExitThreadCalled) &&
(!IsListEmpty( &ClientThread->LpcReplyChain ))) {
RemoveEntryList( &ClientThread->LpcReplyChain );
InitializeListHead( &ClientThread->LpcReplyChain );
}
//
// And return to our caller
//
return;
}