Exemple #1
0
static
BOOLEAN NTAPI
UpdateProgressPercentage(
    IN PPROGRESSBAR Bar,
    IN BOOLEAN AlwaysUpdate,
    OUT PSTR Buffer,
    IN SIZE_T cchBufferSize)
{
    // static PCSTR ProgressFormatText;
    ULONG OldProgress = Bar->Progress;

    /* Calculate the new percentage */
    if (Bar->StepCount == 0)
        Bar->Progress = 0;
    else
        Bar->Progress = ((100 * Bar->CurrentStep + (Bar->StepCount / 2)) / Bar->StepCount);

    /* Build the progress string if it has changed */
    if ( Bar->ProgressFormatText &&
        (AlwaysUpdate || (Bar->Progress != OldProgress)) )
    {
        RtlStringCchPrintfA(Buffer, cchBufferSize,
                            Bar->ProgressFormatText, Bar->Progress);
        return TRUE;
    }
    return FALSE;
}
Exemple #2
0
static NTSTATUS
EmulatedAddDevices(
    IN  PVOID           Context,
    IN  HANDLE          Key,
    IN  PCHAR           Name
    )
{
    PEMULATED_DEVICE    Entry = *(PEMULATED_DEVICE *)Context;
    PCHAR               Class = Entry->Class;
    PANSI_STRING        Alias;
    NTSTATUS            status;

    status = RtlStringCchPrintfA(Entry->Device,
                                 MAXIMUM_DEVICE_NAME_LENGTH,
                                 "%s",
                                 Name);
    ASSERT(NT_SUCCESS(status));

    status = RegistryQuerySzValue(Key, Name, &Alias);
    if (!NT_SUCCESS(status))
        goto fail1;

    status = RtlStringCchPrintfA(Entry->Alias,
                                 MAXIMUM_ALIAS_LENGTH,
                                 "%s",
                                 Alias[0].Buffer);
    ASSERT(NT_SUCCESS(status));

    RegistryFreeSzValue(Alias);

    Entry++;
    
    status = RtlStringCchPrintfA(Entry->Class,
                                 MAXIMUM_CLASS_NAME_LENGTH,
                                 "%s",
                                 Class);
    ASSERT(NT_SUCCESS(status));

    *(PEMULATED_DEVICE *)Context = Entry;

    return STATUS_SUCCESS;

fail1:
    return status;
}
Exemple #3
0
/*
 * io_control_debug_print
 *
 *  Arguments:
 *      irp
 *      io_stack_irp
 *      input_buffer
 *      output_buffer
 */
NTSTATUS io_control_debug_print(
        PIRP irp,
        PIO_STACK_LOCATION  io_stack_irp,
        unsigned char * input_buffer,
        unsigned char * output_buffer )
{
    unsigned long output_buffer_length = io_stack_irp->Parameters.DeviceIoControl.OutputBufferLength;
    NTSTATUS    function_result = STATUS_SUCCESS;

    UNREFERENCED_PARAMETER(input_buffer);

    try {
        ProbeForWrite(
                (NTSTRSAFE_PSTR)output_buffer,
                output_buffer_length,
                sizeof(char) );
#ifdef DEBUG
        function_result = RtlStringCchPrintfA(
                (NTSTRSAFE_PSTR)output_buffer, output_buffer_length, 
                "Oregano: Debug vars (0x%08X): %x %x %x %x %x %x %x %x\r\n", 
                &DebugVar0, DebugVar0, DebugVar1, DebugVar2, DebugVar3, DebugVar4, DebugVar5, DebugVar6, DebugVar7);
#else
        function_result = RtlStringCchPrintfA(
                (NTSTRSAFE_PSTR)output_buffer, output_buffer_length, 
                "Oregano: Debug" );
#endif
        if( FALSE == NT_SUCCESS(function_result) ) {
            goto IO_CONTROL_DEBUG_PRINT_RETURN;
        }
        KdPrint(( "%s", output_buffer ));
    } except (EXCEPTION_EXECUTE_HANDLER) {
        KdPrint(( "Oregano: io_control_debug_print: Failed to read buffer\r\n" ));
    }

IO_CONTROL_DEBUG_PRINT_RETURN:
    irp->IoStatus.Information   = output_buffer_length;
    return function_result;
}
Exemple #4
0
static NTSTATUS
v2v_read_grantref(struct v2v_channel *chan, xenbus_transaction_t xbt, int x, BOOLEAN is_prod)
{
    NTSTATUS status = STATUS_SUCCESS;
    const char *fmt = (is_prod ? "prod-gref-%d" : "cons-gref-%d");
    ALIEN_GRANT_REF *gref = (is_prod ? &chan->u.supplicant.prod_grefs[x] : &chan->u.supplicant.cons_grefs[x]);
    char buf[GREF_STRING_LEN];

    status = RtlStringCchPrintfA(buf, GREF_STRING_LEN, fmt, x);
    if (!NT_SUCCESS(status))
        return status;

    return v2v_xenstore_gather(xbt, chan->remote_prefix, buf, xenstore_gather_type_alien_grant_ref,
                               gref, NULL);
}
Exemple #5
0
static NTSTATUS
v2v_write_grantref(struct v2v_channel *chan, xenbus_transaction_t xbt, int x, BOOLEAN is_prod)
{
    NTSTATUS status = STATUS_SUCCESS;
    const char *fmt = (is_prod ? "prod-gref-%d" : "cons-gref-%d");
    GRANT_REF *gref = (is_prod ? &chan->u.temple.prod_grefs[x] : &chan->u.temple.cons_grefs[x]);
    char buf[GREF_STRING_LEN];
    uint32_t xen_gref;

    xen_gref = xen_GRANT_REF(*gref);

    status = RtlStringCchPrintfA(buf, GREF_STRING_LEN, fmt, x);
    if (!NT_SUCCESS(status))
        return status;

    return v2v_xenstore_printfv(xbt, chan->local_prefix, buf, NULL, "%d", xen_gref);
}
Exemple #6
0
// Converts a pool tag in integer to a printable string
_Use_decl_annotations_ static std::array<char, 5> DdimonpTagToString(
    ULONG tag_value) {
  PoolTag tag = {tag_value};
  for (auto& c : tag.chars) {
    if (!c && isspace(c)) {
      c = ' ';
    }
    if (!isprint(c)) {
      c = '.';
    }
  }

  std::array<char, 5> str;
  auto status =
      RtlStringCchPrintfA(str.data(), str.size(), "%c%c%c%c", tag.chars[0],
                          tag.chars[1], tag.chars[2], tag.chars[3]);
  NT_VERIFY(NT_SUCCESS(status));
  return str;
}
Exemple #7
0
static NTSTATUS
EmulatedAddClasses(
    IN  PVOID           Context,
    IN  HANDLE          Key,
    IN  PCHAR           Name
    )
{
    PEMULATED_DEVICE    Entry = *(PEMULATED_DEVICE *)Context;
    HANDLE              ClassKey;
    NTSTATUS            status;

    status = RtlStringCchPrintfA(Entry->Class,
                                 MAXIMUM_CLASS_NAME_LENGTH,
                                 "%s",
                                 Name);
    ASSERT(NT_SUCCESS(status));

    status = RegistryOpenSubKey(Key, Name, KEY_ALL_ACCESS, &ClassKey);
    if (!NT_SUCCESS(status))
        goto fail1;

    status = RegistryEnumerateValues(ClassKey, EmulatedAddDevices, &Entry);
    if (!NT_SUCCESS(status))
        goto fail2;

    RegistryCloseKey(ClassKey);

    *(PEMULATED_DEVICE *)Context = Entry;

    return STATUS_SUCCESS;

fail2:
    RegistryCloseKey(ClassKey);
    
fail1:
    return status;
}
Exemple #8
0
// Concatenates meta information such as the current time and a process ID to
// user given log message.
EXTERN_C static NTSTATUS LogpMakePrefix(_In_ ULONG Level,
                                        _In_ const char *FunctionName,
                                        _In_ const char *LogMessage,
                                        _Out_ char *LogBuffer,
                                        _In_ size_t LogBufferLength) {
  char const *levelString = nullptr;
  switch (Level) {
    case LOGP_LEVEL_DEBUG:
      levelString = "DBG";
      break;
    case LOGP_LEVEL_INFO:
      levelString = "INF";
      break;
    case LOGP_LEVEL_WARN:
      levelString = "WRN";
      break;
    case LOGP_LEVEL_ERROR:
      levelString = "ERR";
      break;
    default:
      return STATUS_INVALID_PARAMETER;
  }

  auto status = STATUS_SUCCESS;

  char timeBuffer[20] = {};
  if ((g_LogpDebugFlag & LOG_OPT_DISABLE_TIME) == 0) {
    // Want the current time.
    TIME_FIELDS timeFields;
    LARGE_INTEGER systemTime, localTime;
    KeQuerySystemTime(&systemTime);
    ExSystemTimeToLocalTime(&systemTime, &localTime);
    RtlTimeToTimeFields(&localTime, &timeFields);

    status = RtlStringCchPrintfA(timeBuffer, RTL_NUMBER_OF(timeBuffer),
                                 "%02u:%02u:%02u.%03u\t", timeFields.Hour,
                                 timeFields.Minute, timeFields.Second,
                                 timeFields.Milliseconds);
    if (!NT_SUCCESS(status)) {
      return status;
    }
  }

  char functionNameBuffer[50] = {};
  if ((g_LogpDebugFlag & LOG_OPT_DISABLE_FUNCTION_NAME) == 0) {
    // Want the function name
    const auto baseFunctionName = LogpFindBaseFunctionName(FunctionName);
    status = RtlStringCchPrintfA(functionNameBuffer,
                                 RTL_NUMBER_OF(functionNameBuffer), "%-40s\t",
                                 baseFunctionName);
    if (!NT_SUCCESS(status)) {
      return status;
    }
  }

  //
  // It uses PsGetProcessId(PsGetCurrentProcess()) instead of
  // PsGetCurrentThreadProcessId() because the later sometimes returns
  // unwanted value, for example:
  //  PID == 4 but its image name != ntoskrnl.exe
  // The author is guessing that it is related to attaching processes but
  // not quite sure. The former way works as expected.
  //
  status = RtlStringCchPrintfA(
      LogBuffer, LogBufferLength, "%s%s\t%5lu\t%5lu\t%-15s\t%s%s\r\n", timeBuffer,
      levelString,
      reinterpret_cast<ULONG_PTR>(PsGetProcessId(PsGetCurrentProcess())),
      reinterpret_cast<ULONG_PTR>(PsGetCurrentThreadId()),
      PsGetProcessImageFileName(PsGetCurrentProcess()), functionNameBuffer,
      LogMessage);
  return status;
}
Exemple #9
0
NTSTATUS
DiskGenerateDeviceName(
    IN ULONG DeviceNumber,
    OUT PCCHAR *RawName
    )

/*++

Routine Description:

    This routine will allocate a unicode string buffer and then fill it in
    with a generated name for the specified device object.

    It is the responsibility of the user to allocate a UNICODE_STRING structure
    to pass in and to free UnicodeName->Buffer when done with it.

Arguments:

    DeviceObject - a pointer to the device object

    UnicodeName - a unicode string to put the name buffer into

Return Value:

    status

--*/

#define FDO_NAME_FORMAT "\\Device\\Harddisk%d\\DR%d"

{
    CHAR rawName[64] = { 0 };
    NTSTATUS status;

    PAGED_CODE();

        status = RtlStringCchPrintfA(rawName, sizeof(rawName) - 1, FDO_NAME_FORMAT, DeviceNumber,
                                    diskDeviceSequenceNumber++);
        if (!NT_SUCCESS(status)) {
            TracePrint((TRACE_LEVEL_ERROR, TRACE_FLAG_PNP, "DiskGenerateDeviceName: Format FDO name failed with error: 0x%X\n", status));
            return status;
        }

    *RawName = ExAllocatePoolWithTag(PagedPool,
                                     strlen(rawName) + 1,
                                     DISK_TAG_NAME);

    if(*RawName == NULL) {
        return STATUS_INSUFFICIENT_RESOURCES;
    }

    status = RtlStringCchCopyA(*RawName, strlen(rawName) + 1, rawName);
    if (!NT_SUCCESS(status)) {
        TracePrint((TRACE_LEVEL_ERROR, TRACE_FLAG_PNP, "DiskGenerateDeviceName: Device name copy failed with error: 0x%X\n", status));
        FREE_POOL(*RawName);
        return status;
    }

    TracePrint((TRACE_LEVEL_INFORMATION, TRACE_FLAG_PNP, "DiskGenerateDeviceName: generated \"%s\"\n", rawName));

    return STATUS_SUCCESS;
}
Exemple #10
0
NTSTATUS
AFSDbgLogMsg( IN ULONG Subsystem,
              IN ULONG Level,
              IN PCCH Format,
              ...)
{

    NTSTATUS ntStatus = STATUS_SUCCESS;
    va_list va_args;
    ULONG ulBytesWritten = 0;
    BOOLEAN bReleaseLock = FALSE;
    char    *pCurrentTrace = NULL;

    __Enter
    {

        if( AFSDbgBuffer == NULL)
        {

            try_return( ntStatus = STATUS_DEVICE_NOT_READY);
        }

        if( Subsystem > 0 &&
            (Subsystem & AFSTraceComponent) == 0)
        {

            //
            // Not tracing this subsystem
            //

            try_return( ntStatus);
        }

        if( Level > 0 &&
            Level > AFSTraceLevel)
        {

            //
            // Not tracing this level
            //

            try_return( ntStatus);
        }

        AFSAcquireExcl( &AFSDbgLogLock,
                        TRUE);

        bReleaseLock = TRUE;

        //
        // Check again under lock
        //

        if( AFSDbgBuffer == NULL)
        {

            try_return( ntStatus = STATUS_DEVICE_NOT_READY);
        }

        if( AFSDbgLogRemainingLength < 255)
        {

            AFSDbgLogRemainingLength = AFSDbgBufferLength;

            AFSDbgCurrentBuffer = AFSDbgBuffer;

            SetFlag( AFSDbgLogFlags, AFS_DBG_LOG_WRAPPED);
        }

        pCurrentTrace = AFSDbgCurrentBuffer;

        RtlStringCchPrintfA( AFSDbgCurrentBuffer,
                             10,
                             "%08lX:",
                             AFSDbgLogCounter++);

        AFSDbgCurrentBuffer += 9;

        AFSDbgLogRemainingLength -= 9;

        va_start( va_args, Format);

        ntStatus = RtlStringCbVPrintfA( AFSDbgCurrentBuffer,
                                        AFSDbgLogRemainingLength,
                                        Format,
                                        va_args);

        if( ntStatus == STATUS_BUFFER_OVERFLOW)
        {

            RtlZeroMemory( AFSDbgCurrentBuffer,
                           AFSDbgLogRemainingLength);

            AFSDbgLogRemainingLength = AFSDbgBufferLength;

            AFSDbgCurrentBuffer = AFSDbgBuffer;

            SetFlag( AFSDbgLogFlags, AFS_DBG_LOG_WRAPPED);

            pCurrentTrace = AFSDbgCurrentBuffer;

            RtlStringCchPrintfA( AFSDbgCurrentBuffer,
                                 10,
                                 "%08lX:",
                                 AFSDbgLogCounter++);

            AFSDbgCurrentBuffer += 9;

            AFSDbgLogRemainingLength -= 9;

            ntStatus = RtlStringCbVPrintfA( AFSDbgCurrentBuffer,
                                            AFSDbgLogRemainingLength,
                                            Format,
                                            va_args);
        }

        if( NT_SUCCESS( ntStatus))
        {

            RtlStringCbLengthA( AFSDbgCurrentBuffer,
                                AFSDbgLogRemainingLength,
                                (size_t *)&ulBytesWritten);

            AFSDbgCurrentBuffer += ulBytesWritten;

            AFSDbgLogRemainingLength -= ulBytesWritten;
        }

        va_end( va_args);

        if( BooleanFlagOn( AFSDebugFlags, AFS_DBG_TRACE_TO_DEBUGGER) &&
            pCurrentTrace != NULL)
        {

            DbgPrint( pCurrentTrace);
        }

try_exit:

        if( bReleaseLock)
        {

            AFSReleaseResource( &AFSDbgLogLock);
        }
    }

    return ntStatus;
}
Exemple #11
0
/////////////////////////////////////////////////////
//                                                 //
// GetIrpTableHooksAndDetours()                    //
//                                                 //
/////////////////////////////////////////////////////
//Description:  Scans the IRP table for the passed-in
//				driver and attempts to determine if a
//				dispatch routine is hooked.
//
//Returns:      void
/////////////////////////////////////////////////////
BOOL GetIrpTableHooksAndDetours(PUNICODE_STRING puDriverName, 
								PUNICODE_STRING puDeviceName, 
								ULONG DriverBaseAddress, 
								ULONG DriverSize, 
								PHOOKED_DISPATCH_FUNCTIONS_TABLE pHookTable,
								PDETOURED_DISPATCH_FUNCTIONS_TABLE pDetourTable)
{
	NTSTATUS nt;
	PDRIVER_DISPATCH* pDriverIrpTable;
	PDRIVER_DISPATCH dispatchFunctionAddress;
	CHAR dispatchFunctionName[256];
	PFILE_OBJECT fileObj;
	PDRIVER_OBJECT driverObj;
	PDEVICE_OBJECT deviceObj;
	PSYSTEM_MODULE_INFORMATION pModInfo;
	PCHAR pUnknownBuf="[unknown]";
	CHAR ContainingModule[256];
	BOOL IsHooked=FALSE,IsDetoured=FALSE;
	PDETOURINFO d;
	int i,j;

	//prep work
	pModInfo=ExAllocatePoolWithTag(NonPagedPool,sizeof(SYSTEM_MODULE_INFORMATION),CW_TAG);
	d=ExAllocatePoolWithTag(NonPagedPool,sizeof(DETOURINFO),CW_TAG);

	if (pModInfo == NULL || d == NULL)
	{
		DbgPrint("GetIrpTableHooksAndDetours():  ERROR:  pModInfo or d was NULL.");
		return FALSE;
	}

	//get a pointer to the driver's device object structure that represents this exposed device name
	//note: ACCESS_MASK of FILE_READ_DATA is important because it ensures
	//the file system is mounted on the storage device (if dealing with fs device)
	nt=IoGetDeviceObjectPointer(puDeviceName,FILE_READ_DATA,&fileObj,&deviceObj);
	if (!NT_SUCCESS(nt))
	{
		DbgPrint("GetIrpTableHooksAndDetours():  Error:  failed to obtain device pointer:  0x%08x",nt);
		return FALSE;
	}

	//get a pointer to the device's DRIVER_OBJECT structure
	driverObj=deviceObj->DriverObject;

	//from the driver object structure, get a pointer to the IRP table
	pDriverIrpTable=driverObj->MajorFunction;

	DbgPrint("GetIrpTableHooksAndDetours():  IRP table pointer obtained.");

	//iterate over all pointers in the IRP function handler table for this driver
	//note there are 28 IRP major function codes, and all drivers must specify
	//a routine for each one; the I/O manager fills entires in the IRP table
	//that the driver chose not to handle with a generic routine.
	for (i=0;i<IRP_MJ_MAXIMUM_FUNCTION+1;i++)
	{
		dispatchFunctionAddress=pDriverIrpTable[i];

		//---------------------------------------------
		//GET CONTAINING MODULE NAME AND FUNCTION NAME
		//---------------------------------------------
		//get the containing module of this  function by its address in memory
		if(GetModInfoByAddress((ULONG)dispatchFunctionAddress,pModInfo))
		{
			RtlStringCbCopyExA(ContainingModule,256,pModInfo->ImageName,NULL,NULL,0);

			//get the name of the function from the containing module's export table
			//or if not exported, store [unknown]
			if (!GetFunctionName(pModInfo->Base,(ULONG)dispatchFunctionAddress,dispatchFunctionName))
				RtlStringCbCopyExA(dispatchFunctionName,256,pUnknownBuf,NULL,NULL,0);
		}
		//if we cant find the containing module, there's a problem:
		//	(1) ZwQuerySystemInformation() is hooked.  we're screwed.
		//	(2) the module was not in the system's module list, so it injected somehow
		//in either case, the user should suspect something's up from this fact alone.
		else
		{
			RtlStringCbCopyExA(ContainingModule,256,pUnknownBuf,NULL,NULL,0);
			RtlStringCbCopyExA(dispatchFunctionName,256,pUnknownBuf,NULL,NULL,0);
		}

		////////////////////////////////////////
		//				HOOKED
		////////////////////////////////////////
		if (pHookTable != NULL)
		{
			pHookTable->HookedEntries[i].DispatchFunctionAddress=(ULONG)dispatchFunctionAddress;			
			RtlStringCbCopyExA(pHookTable->HookedEntries[i].ContainingModule,256,ContainingModule,NULL,NULL,0);
			RtlStringCbCopyExA(pHookTable->HookedEntries[i].DispatchFunctionName,256,dispatchFunctionName,NULL,NULL,0);

			if (!IsAddressWithinModule((ULONG)dispatchFunctionAddress,DriverBaseAddress,DriverSize))
			{
				pHookTable->HookedEntries[i].IrpMajorFunctionHooked=i;
				pHookTable->isHooked=TRUE;
			}
			else
			{
				pHookTable->isHooked=FALSE;
			}

			pHookTable->NumHookedEntries++;
		}

		////////////////////////////////////////
		//				DETOURED
		////////////////////////////////////////
		if (pDetourTable != NULL)
		{
			pDetourTable->DetouredEntries[i].DispatchFunctionAddress=(ULONG)dispatchFunctionAddress;
			RtlStringCbCopyExA(pDetourTable->DetouredEntries[i].DetouringModule,256,ContainingModule,NULL,NULL,0);
			RtlStringCbCopyExA(pDetourTable->DetouredEntries[i].DispatchFunctionName,256,dispatchFunctionName,NULL,NULL,0);

			if (IsFunctionPrologueDetoured((ULONG)dispatchFunctionAddress,DriverBaseAddress,DriverSize,d))
			{
				pDetourTable->isDetoured=TRUE;

				if (d->detouringModule != NULL)
					RtlStringCbCopyExA(pDetourTable->DetouredEntries[i].DetouringModule,256,d->detouringModule,NULL,NULL,0);

				pDetourTable->DetouredEntries[i].TargetAddress=d->TargetAddress;

				//loop through possible decoded instructions
				for (j = 0;j<d->numDisassembled; j++) 
				{
					RtlStringCchPrintfA(
						pDetourTable->DetouredEntries[i].Disassembly[j],
						256,
						"%08I64x (%02d) %s %s %s\n", 
						d->decodedInstructions[j].offset,
						d->decodedInstructions[j].size,
						(char*)d->decodedInstructions[j].instructionHex.p,
						(char*)d->decodedInstructions[j].mnemonic.p,
						(char*)d->decodedInstructions[j].operands.p
						);
				}
			}
			else
			{
				pDetourTable->isDetoured=FALSE;
			}

			pDetourTable->NumDetours++;
		}
	}

	//decrease reference count
	ObDereferenceObject(&fileObj);

	if (pModInfo != NULL)
		ExFreePoolWithTag(pModInfo,CW_TAG);
	if (d != NULL)
		ExFreePoolWithTag(d,CW_TAG);

	return TRUE;
}
VOID DbgPrintArgType(ULONG logLevel, OVS_ARGTYPE argType, const char* padding, int index)
{
    char msg[256];

    RtlStringCchPrintfA(msg, 256, "%s%d. ", padding, index);

    switch (argType)
    {
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PSEUDOGROUP_FLOW,   "FLOW");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_PI_GROUP,      "FLOW/PI");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_MASK_GROUP,    "FLOW/PI_MASKS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ENCAP_GROUP,     "FLOW/PACKET_ENCAP");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_GROUP,    "FLOW/PI/TUNNEL");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_ACTIONS_GROUP, "FLOW/ACTIONS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_STATS,         "FLOW: STATS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_TCP_FLAGS,     "FLOW: TCP_FLAGS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_TIME_USED,     "FLOW: TIME_USED");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_FLOW_CLEAR,         "FLOW: CLEAR");

        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_PACKET_PRIORITY,     "..PI: PACKET_PRIORITY\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_DP_INPUT_PORT,       "..PI: IN_PORT\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ETH_ADDRESS,         "..PI: ETH_ADDR\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ETH_TYPE,            "..PI: ETH_TYPE\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_VLAN_TCI,            "..PI: VLAN_TCI\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_IPV4,                "..PI: IPV4\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_IPV6,                "..PI: IPV6\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TCP,                 "..PI: TCP\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TCP_FLAGS,           "..PI: TCP_FLAGS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_UDP,                 "..PI: UDP\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_SCTP,                "..PI: SCTP\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ICMP,                "..PI: ICMP\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ICMP6,               "..PI: ICMP6\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_ARP,                 "..PI: ARP\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_NEIGHBOR_DISCOVERY,  "..PI: ND\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_PACKET_MARK,         "..PI: PACKET MARK\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_IPV4_TUNNEL,         "..PI: IPV4 TUNNEL\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_MPLS,                "..PI: MPLS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_DATAPATH_HASH,       "..PI: DP_HASH\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_DATAPATH_RECIRCULATION_ID,    "..PI: DP_RECIRC_ID\n");

        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_ID,           "..PI/TUNNEL: ID\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_IPV4_SRC,     "..PI/TUNNEL: IPV4 SRC\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_IPV4_DST,     "..PI/TUNNEL: IPV4 DST\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_TOS,          "..PI/TUNNEL: TOS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_TTL,          "..PI/TUNNEL: TTL\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_DONT_FRAGMENT,"..PI/TUNNEL: DONT_FRAGMENT\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_CHECKSUM,     "..PI/TUNNEL: CHECKSUM\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_OAM,          "..PI/TUNNEL: OAM\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PI_TUNNEL_GENEVE_OPTIONS, "..PI/TUNNEL: GENEVE_OPTS\n");

        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PSEUDOGROUP_PACKET,     "PACKET");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PACKET_PI_GROUP,        "PACKET/PI");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PACKET_ACTIONS_GROUP,   "PACKET/ACTIONS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PACKET_BUFFER,          "PACKET: BUFFER\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PACKET_USERDATA,        "PACKET: USER_DATA\n");
        
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_SAMPLE_ACTIONS_GROUP,    "..ACTIONS/SAMPLE/ACTIONS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_UPCALL_GROUP,            "..ACTIONS/UPCALL");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_UPCALL_PORT_ID,          "..ACTIONS/UPCALL: PORT ID\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_UPCALL_DATA,             "..ACTIONS/UPCALL: DATA\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_SAMPLE_GROUP,            "..ACTIONS/SAMPLE");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_SAMPLE_PROBABILITY,      "..ACTIONS/SAMPLE: PROBABILITY\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_SETINFO_GROUP,           "..ACTIONS/SET INFO");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_OUTPUT_TO_PORT,          "..ACTIONS: OUT TO PORT\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_PUSH_VLAN,               "..ACTIONS: PUSH VLAN\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_POP_VLAN,                "..ACTIONS: POP VLAN\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_PUSH_MPLS,               "..ACTIONS: PUSH MPLS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_POP_MPLS,                "..ACTIONS: POP MPLS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_RECIRCULATION,           "..ACTIONS: DP_RECIRC\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_ACTION_HASH,                    "..ACTIONS: DP_HASH\n");
        
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PSEUDOGROUP_DATAPATH,       "DATAPATH");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_DATAPATH_NAME,              "DATAPATH: NAME\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_DATAPATH_UPCALL_PORT_ID,    "DATAPATH: UPCALL_PORT_ID\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_DATAPATH_STATS,             "DATAPATH: STATS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_DATAPATH_MEGAFLOW_STATS,    "DATAPATH: MEGAFLOW_STATS\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_DATAPATH_USER_FEATURES,     "DATAPATH: USER_FEATURES\n");

        __STR_CASE_ARGTYPE(OVS_ARGTYPE_PSEUDOGROUP_OFPORT,             "OFPORT");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_OPTIONS_GROUP,           "OFPORT/OPTIONS");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_OPTION_DESTINATION_PORT, "OFPORT/OPTIONS: DESTINATION\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_NUMBER,                  "OFPORT: NUMBER\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_TYPE,                    "OFPORT: TYPE\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_NAME,                    "OFPORT: NAME\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_UPCALL_PORT_ID,          "OFPORT: UPCALL_PORT_ID\n");
        __STR_CASE_ARGTYPE(OVS_ARGTYPE_OFPORT_STATS,                   "OFPORT: STATS\n");

    default:
        OVS_CHECK(__UNEXPECTED__);
    }

    DEBUGP_ARG(logLevel, msg, padding, index);
}
NTSTATUS
Acpi_EvaluatePld (
    _In_ PACPI_CONTEXT AcpiCtx,
    _In_ LPCSTR DeviceName,
    _Out_ PACPI_PLD_BUFFER PldBuffer
    )
{
    NTSTATUS status;
    WDFDEVICE device;
    WDF_MEMORY_DESCRIPTOR inputMemDesc;
    ACPI_EVAL_INPUT_BUFFER_EX inputBuffer;
    size_t inputBufferSize;
    WDFMEMORY outputMemory;
    WDF_MEMORY_DESCRIPTOR outputMemDesc;
    PACPI_EVAL_OUTPUT_BUFFER outputBuffer;
    size_t outputBufferSize;
    size_t outputArgumentBufferSize;
    WDF_OBJECT_ATTRIBUTES attributes;

    PAGED_CODE();

    TRACE_FUNC_ENTRY(TRACE_FLAG_ACPI);

    device = Context_GetWdfDevice(AcpiCtx);
    outputMemory = WDF_NO_HANDLE;

    inputBufferSize = sizeof(inputBuffer);
    RtlZeroMemory(&inputBuffer, inputBufferSize);

    inputBuffer.Signature = ACPI_EVAL_INPUT_BUFFER_SIGNATURE_EX;

    status = RtlStringCchPrintfA(inputBuffer.MethodName,
                                 sizeof(inputBuffer.MethodName),
                                 "%s._PLD",
                                 DeviceName);
    if (!NT_SUCCESS(status))
    {
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] RtlStringCchPrintfA for creating method name failed - %!STATUS!", device, status);
        goto Exit;
    }

    outputArgumentBufferSize = 1024;
    outputBufferSize =
        FIELD_OFFSET(ACPI_EVAL_OUTPUT_BUFFER, Argument) +
        outputArgumentBufferSize;

    WDF_OBJECT_ATTRIBUTES_INIT(&attributes);
    attributes.ParentObject = device;

    status = WdfMemoryCreate(&attributes,
                             NonPagedPoolNx,
                             0,
                             outputBufferSize,
                             &outputMemory,
                             (PVOID*) &outputBuffer);

    if (!NT_SUCCESS(status))
    {
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] WdfMemoryCreate failed for %Iu bytes - %!STATUS!", device, outputBufferSize, status);
        goto Exit;
    }

    RtlZeroMemory(outputBuffer, outputBufferSize);

    WDF_MEMORY_DESCRIPTOR_INIT_BUFFER(&inputMemDesc, &inputBuffer, (ULONG) inputBufferSize);
    WDF_MEMORY_DESCRIPTOR_INIT_HANDLE(&outputMemDesc, outputMemory, NULL);

    status = WdfIoTargetSendInternalIoctlSynchronously(
                 WdfDeviceGetIoTarget(device),
                 NULL,
                 IOCTL_ACPI_EVAL_METHOD_EX,
                 &inputMemDesc,
                 &outputMemDesc,
                 NULL,
                 NULL);

    if (!NT_SUCCESS(status))
    {
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] IOCTL_ACPI_EVAL_METHOD_EX for %s failed - %!STATUS!", device, inputBuffer.MethodName, status);
        goto Exit;
    }

    if (outputBuffer->Signature != ACPI_EVAL_OUTPUT_BUFFER_SIGNATURE)
    {
        status = STATUS_ACPI_INVALID_DATA;
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] ACPI_EVAL_OUTPUT_BUFFER signature is incorrect", device);
        goto Exit;
    }

    if (outputBuffer->Count < 1)
    {
        status = STATUS_ACPI_INVALID_DATA;
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] _PLD for %s didn't return anything", device, inputBuffer.MethodName);
        goto Exit;
    }

    if (outputBuffer->Argument[0].Type != ACPI_METHOD_ARGUMENT_BUFFER)
    {
        status = STATUS_ACPI_INVALID_DATA;
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] _PLD for %s returned an unexpected argument of type %d", device, inputBuffer.MethodName, outputBuffer->Argument[0].Type);
        goto Exit;
    }

    if (outputBuffer->Argument[0].DataLength < sizeof(*PldBuffer))
    {
        status = STATUS_ACPI_INVALID_DATA;
        TRACE_ERROR(TRACE_FLAG_ACPI, "[Device: 0x%p] Unexpected _PLD buffer size for %s. Expected %Iu bytes, got %Iu bytes", device, inputBuffer.MethodName, sizeof(*PldBuffer), outputBuffer->Argument[0].DataLength);
        goto Exit;
    }

    *PldBuffer = *((PACPI_PLD_BUFFER) outputBuffer->Argument[0].Data);

Exit:

    if (outputMemory != WDF_NO_HANDLE)
    {
        WdfObjectDelete(outputMemory);
    }

    TRACE_FUNC_EXIT(TRACE_FLAG_ACPI);

    return status;
}
Exemple #14
0
// Concatenates meta information such as the current time and a process ID to
// user given log message.
_Use_decl_annotations_ static NTSTATUS LogpMakePrefix(
    ULONG level, const char *function_name, const char *log_message,
    char *log_buffer, SIZE_T log_buffer_length) {
  char const *level_string = nullptr;
  switch (level) {
    case kLogpLevelDebug:
      level_string = "DBG\t";
      break;
    case kLogpLevelInfo:
      level_string = "INF\t";
      break;
    case kLogpLevelWarn:
      level_string = "WRN\t";
      break;
    case kLogpLevelError:
      level_string = "ERR\t";
      break;
    default:
      return STATUS_INVALID_PARAMETER;
  }

  auto status = STATUS_SUCCESS;

  char time_buffer[20] = {};
  if ((g_logp_debug_flag & kLogOptDisableTime) == 0) {
    // Want the current time.
    TIME_FIELDS time_fields;
    LARGE_INTEGER system_time, local_time;
    KeQuerySystemTime(&system_time);
    ExSystemTimeToLocalTime(&system_time, &local_time);
    RtlTimeToTimeFields(&local_time, &time_fields);

    status = RtlStringCchPrintfA(time_buffer, RTL_NUMBER_OF(time_buffer),
                                 "%02u:%02u:%02u.%03u\t", time_fields.Hour,
                                 time_fields.Minute, time_fields.Second,
                                 time_fields.Milliseconds);
    if (!NT_SUCCESS(status)) {
      return status;
    }
  }

  // Want the function name
  char function_name_buffer[50] = {};
  if ((g_logp_debug_flag & kLogOptDisableFunctionName) == 0) {
    const auto base_function_name = LogpFindBaseFunctionName(function_name);
    status = RtlStringCchPrintfA(function_name_buffer,
                                 RTL_NUMBER_OF(function_name_buffer), "%-40s\t",
                                 base_function_name);
    if (!NT_SUCCESS(status)) {
      return status;
    }
  }

  // Want the processor number
  char processro_number[10] = {};
  if ((g_logp_debug_flag & kLogOptDisableProcessorNumber) == 0) {
    status =
        RtlStringCchPrintfA(processro_number, RTL_NUMBER_OF(processro_number),
                            "#%lu\t", KeGetCurrentProcessorNumberEx(nullptr));
    if (!NT_SUCCESS(status)) {
      return status;
    }
  }

  // It uses PsGetProcessId(PsGetCurrentProcess()) instead of
  // PsGetCurrentThreadProcessId() because the later sometimes returns
  // unwanted value, for example:
  //  PID == 4 but its image name != ntoskrnl.exe
  // The author is guessing that it is related to attaching processes but
  // not quite sure. The former way works as expected.
  status = RtlStringCchPrintfA(
      log_buffer, log_buffer_length, "%s%s%s%5Iu\t%5Iu\t%-15s\t%s%s\r\n",
      time_buffer, level_string, processro_number,
      reinterpret_cast<ULONG_PTR>(PsGetProcessId(PsGetCurrentProcess())),
      reinterpret_cast<ULONG_PTR>(PsGetCurrentThreadId()),
      PsGetProcessImageFileName(PsGetCurrentProcess()), function_name_buffer,
      log_message);
  return status;
}