void difi_ddk_helper_initialize()
{
// TODO: this must be run with interrupts enabled.
if(InterlockedCompareExchange(&aux_klib_initialized, 1, 0) == 0)
{
difi_dbg_print("Calling AuxKlibInitialize\n");
AuxKlibInitialize();
}
}
void DtraceWinOSKernelModuleInfo(void)
{
PAUX_MODULE_EXTENDED_INFO info = NULL;
ULONG size = 0, mods, i;
modctl_t *temp, *prev = NULL;
char *s, *tmp;
if (AuxKlibInitialize() != STATUS_SUCCESS ||
AuxKlibQueryModuleInformation(&size, sizeof(AUX_MODULE_EXTENDED_INFO), NULL) != STATUS_SUCCESS ||
size == 0 || (info = ExAllocatePoolWithTag(NonPagedPool, size, 'Tag1')) == NULL ||
(AuxKlibQueryModuleInformation(&size, sizeof(AUX_MODULE_EXTENDED_INFO), info) != STATUS_SUCCESS)) {
dprintf("dtrace.sys: failed in DtraceWinOSKernelModuleInfo\n");
if (info != NULL)
ExFreePoolWithTag(info, 'Tag1');
return;
}
mods = size / sizeof(AUX_MODULE_EXTENDED_INFO);
modules = ExAllocatePoolWithTag(NonPagedPool, sizeof(modctl_t), 'Tag1');
RtlZeroMemory(modules, sizeof(modctl_t));
temp = modules;
i = 0;
do {
temp->imgbase = (uintptr_t) info[i].BasicInfo.ImageBase;
temp->size = info[i].ImageSize;
temp->loadcnt = 0;
temp->nenabled = 0;
temp->fbt_nentries = 0;
s = info[i].FullPathName + info[i].FileNameOffset;
tmp = ExAllocatePoolWithTag(NonPagedPool, strlen(s)+1, 'Tag1');
if (tmp != NULL) {
strcpy(tmp, s);
temp->mod_modname = tmp;
}
temp->mod_next = modules;
if (prev != NULL)
prev->mod_next = temp;
prev = temp;
} while (++i < mods && (temp = ExAllocatePoolWithTag(NonPagedPool, sizeof(modctl_t), 'Tag1')) != NULL);
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT theDriverObject, IN PUNICODE_STRING theRegistryPath)
{
NTSTATUS status = STATUS_NOT_SUPPORTED;
PDEVICE_OBJECT pDeviceObject;
ULONG i;
if(KiwiOsIndex = getWindowsIndex())
{
status = IoCreateDevice(theDriverObject, 0, &uStrDriverName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &pDeviceObject);
if(NT_SUCCESS(status))
{
for(i = 0; i < IRP_MJ_MAXIMUM_FUNCTION; i++)
theDriverObject->MajorFunction[i] = UnSupported;
theDriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = MimiDispatchDeviceControl;
theDriverObject->DriverUnload = DriverUnload;
pDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
IoCreateSymbolicLink(&uStrDosDeviceName, &uStrDriverName);
status = AuxKlibInitialize();
}
}
return status;
}
_Must_inspect_result_
NTSTATUS
FxpGetImageBase(
__in PDRIVER_OBJECT DriverObject,
__out PVOID* ImageBase,
__out PULONG ImageSize
)
{
NTSTATUS status = STATUS_UNSUCCESSFUL;
ULONG modulesSize = 0;
AUX_MODULE_EXTENDED_INFO* modules = NULL;
AUX_MODULE_EXTENDED_INFO* module;
PVOID addressInImage = NULL;
ULONG numberOfModules;
ULONG i;
//
// Basic validation.
//
if (NULL == DriverObject || NULL == ImageBase || NULL == ImageSize) {
status = STATUS_INVALID_PARAMETER;
goto exit;
}
//
// Get the address of a well known entry in the Image.
//
addressInImage = (PVOID) DriverObject->DriverStart;
ASSERT(addressInImage != NULL);
//
// Initialize the AUX Kernel Library.
//
status = AuxKlibInitialize();
if (!NT_SUCCESS(status)) {
goto exit;
}
//
// Get size of area needed for loaded modules.
//
status = AuxKlibQueryModuleInformation(&modulesSize,
sizeof(AUX_MODULE_EXTENDED_INFO),
NULL);
if (!NT_SUCCESS(status) || (0 == modulesSize)) {
goto exit;
}
numberOfModules = modulesSize / sizeof(AUX_MODULE_EXTENDED_INFO);
//
// Allocate returned-sized memory for the modules area.
//
modules = (AUX_MODULE_EXTENDED_INFO*) ExAllocatePoolWithTag(PagedPool,
modulesSize,
'30LW');
if (NULL == modules) {
status = STATUS_INSUFFICIENT_RESOURCES;
goto exit;
}
//
// Request the modules array be filled with module information.
//
status = AuxKlibQueryModuleInformation(&modulesSize,
sizeof(AUX_MODULE_EXTENDED_INFO),
modules);
if (!NT_SUCCESS(status)) {
goto exit;
}
//
// Traverse list, searching for the well known address in Image for which the
// module's Image Base Address is in its range.
//
module = modules;
for (i=0; i < numberOfModules; i++) {
if (addressInImage >= module->BasicInfo.ImageBase &&
addressInImage < WDF_PTR_ADD_OFFSET(module->BasicInfo.ImageBase,
module->ImageSize)) {
*ImageBase = module->BasicInfo.ImageBase;
*ImageSize = module->ImageSize;
status = STATUS_SUCCESS;
goto exit;
}
module++;
}
status = STATUS_NOT_FOUND;
exit:
if (modules != NULL) {
ExFreePool(modules);
modules = NULL;
}
return status;
}
/*----------------------------------------------------------------------
*
* DriverEntry.
*
*/
NTSTATUS DriverEntry(
__in PDRIVER_OBJECT DriverObject,
__in PUNICODE_STRING RegistryPath
)
{
PDEVICE_OBJECT DeviceObject;
UNICODE_STRING NameStringDos = RTL_CONSTANT_STRING( CFIXKR_DEVICE_DOS_NAME ) ;
UNICODE_STRING NameStringNt = RTL_CONSTANT_STRING( CFIXKR_DEVICE_NT_NAME ) ;
NTSTATUS Status;
UNREFERENCED_PARAMETER( RegistryPath );
//
// We'll need AuxKlib.
//
Status = AuxKlibInitialize();
if ( ! NT_SUCCESS( Status ) )
{
return Status;
}
Status = CfixkrpInitializeDriverConnectionRegistry();
if ( ! NT_SUCCESS( Status ) )
{
return Status;
}
//
// Create the single device.
//
Status = IoCreateDevice(
DriverObject,
sizeof ( CFIXKRP_DEVICE_EXTENSION ),
&NameStringNt,
FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&DeviceObject );
if ( ! NT_SUCCESS( Status ) )
{
goto Cleanup;
}
//
// Create symlink.
//
Status = IoCreateSymbolicLink(
&NameStringDos,
&NameStringNt );
if ( ! NT_SUCCESS( Status ) )
{
goto Cleanup;
}
//
// Install routines.
//
DriverObject->MajorFunction[ IRP_MJ_CREATE ] = CfixkrpDispatchCreate;
DriverObject->MajorFunction[ IRP_MJ_CLEANUP ] = CfixkrpDispatchCleanup;
DriverObject->MajorFunction[ IRP_MJ_CLOSE ] = CfixkrpDispatchClose;
DriverObject->MajorFunction[ IRP_MJ_PNP ] = CfixkrpDispatchPnp;
DriverObject->MajorFunction[ IRP_MJ_DEVICE_CONTROL ] = CfixkrpDispatchDeviceControl;
DriverObject->DriverUnload = CfixkrpUnload;
Cleanup:
if ( ! NT_SUCCESS( Status ) )
{
//
// Initialization failed.
//
if ( DeviceObject != NULL )
{
IoDeleteDevice( DeviceObject );
}
CfixkrpTeardownDriverConnectionRegistry();
}
return Status;
}
