VOID PendAuthorizationWorkItemRoutine(_In_ PDEVICE_OBJECT pDeviceObject,
_In_opt_ PVOID pContext)
{
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" ---> PendAuthorizationWorkItemRoutine()\n");
#endif /// DBG
UNREFERENCED_PARAMETER(pDeviceObject);
NT_ASSERT(pContext);
NT_ASSERT(((WORKITEM_DATA*)pContext)->pClassifyData);
NT_ASSERT(((WORKITEM_DATA*)pContext)->pInjectionData);
WORKITEM_DATA* pWorkItemData = (WORKITEM_DATA*)pContext;
if(pWorkItemData)
{
NTSTATUS status = STATUS_SUCCESS;
status = PerformPendAuthorization(&(pWorkItemData->pClassifyData),
&(pWorkItemData->pPendData),
(INJECTION_DATA**)&(pWorkItemData->pContext));
if(status != STATUS_SUCCESS)
{
if(pWorkItemData->pClassifyData)
KrnlHlprClassifyDataDestroyLocalCopy(&(pWorkItemData->pClassifyData));
if(pWorkItemData->pInjectionData)
KrnlHlprInjectionDataDestroy(&(pWorkItemData->pInjectionData));
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_ERROR_LEVEL,
" !!!! PendAuthorizationWorkItemRoutine() [status: %#x]\n",
status);
}
KrnlHlprWorkItemDataDestroy(&pWorkItemData);
}
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" <--- PendAuthorizationWorkItemRoutine()\n");
#endif /// DBG
return;
}
NTSTATUS KrnlHlprWorkItemDataCreate(_Outptr_ WORKITEM_DATA** ppWorkItemData,
_In_ CLASSIFY_DATA* pClassifyData,
_In_ REDIRECT_DATA* pRedirectData,
_In_opt_ PIO_WORKITEM pIOWorkItem, /* 0 */
_In_opt_ VOID* pContext) /* 0 */
{
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" ---> KrnlHlprWorkItemDataCreate()\n");
#endif /// DBG
NT_ASSERT(ppWorkItemData);
NT_ASSERT(pClassifyData);
NT_ASSERT(pRedirectData);
NTSTATUS status = STATUS_SUCCESS;
HLPR_NEW(*ppWorkItemData,
WORKITEM_DATA,
WFPSAMPLER_SYSLIB_TAG);
HLPR_BAIL_ON_ALLOC_FAILURE(*ppWorkItemData,
status);
KrnlHlprWorkItemDataPopulate(*ppWorkItemData,
pClassifyData,
pRedirectData,
pIOWorkItem,
pContext);
HLPR_BAIL_LABEL:
if(status != STATUS_SUCCESS)
KrnlHlprWorkItemDataDestroy(ppWorkItemData);
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" <--- KrnlHlprWorkItemDataCreate() [status: %#x]\n",
status);
#endif /// DBG
return status;
}
VOID PrvPendAuthorizationNotificationWorkItemRoutine(_In_ PDEVICE_OBJECT pDeviceObject,
_Inout_opt_ PVOID pContext)
{
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" ---> PrvPendAuthorizationNotificationWorkItemRoutine()\n");
#endif /// DBG
UNREFERENCED_PARAMETER(pDeviceObject);
NT_ASSERT(pContext);
NT_ASSERT(((WORKITEM_DATA*)pContext)->pNotifyData);
WORKITEM_DATA* pWorkItemData = (WORKITEM_DATA*)pContext;
if(pWorkItemData)
{
NTSTATUS status = STATUS_SUCCESS;
FWPM_CALLOUT* pCallout = 0;
PWSTR pCalloutName = L"";
status = FwpmCalloutGetById(g_EngineHandle,
pWorkItemData->pNotifyData->calloutID,
&pCallout);
if(status != STATUS_SUCCESS)
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_ERROR_LEVEL,
" !!!! PrvPendAuthorizationNotificationWorkItemRoutine : FwpmCalloutGetById() [status: %#x]\n",
status);
else
{
pCalloutName = pCallout->displayData.name;
if(pCallout->applicableLayer != FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT_V4 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT_V6 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_LISTEN_V4 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_LISTEN_V6 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_CONNECT_V4 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_CONNECT_V6 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4 &&
pCallout->applicableLayer != FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6)
{
status = STATUS_FWP_INCOMPATIBLE_LAYER;
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_ERROR_LEVEL,
" !!!! PrvPendAuthorizationNotificationWorkItemRoutine() [status: %#x]\n",
status);
}
}
switch(pWorkItemData->pNotifyData->notificationType)
{
case FWPS_CALLOUT_NOTIFY_ADD_FILTER:
{
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" -- A filter referencing %S callout was added\n",
pCalloutName);
break;
}
case FWPS_CALLOUT_NOTIFY_DELETE_FILTER:
{
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" -- A filter referencing %S callout was deleted\n",
pCalloutName);
break;
}
case FWPS_CALLOUT_NOTIFY_ADD_FILTER_POST_COMMIT:
{
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" -- A filter referencing %S callout was committed\n",
pCalloutName);
break;
}
default:
{
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" -- Invalid Notification Type. Please Contact [email protected]\n");
break;
}
}
FwpmFreeMemory((VOID**)&pCallout);
HLPR_DELETE(pWorkItemData->pNotifyData,
WFPSAMPLER_CALLOUT_DRIVER_TAG);
KrnlHlprWorkItemDataDestroy(&pWorkItemData);
}
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" <--- PrvPendAuthorizationNotificationWorkItemRoutine()\n");
#endif /// DBG
return;
}
NTSTATUS KrnlHlprWorkItemQueue(_In_ PDEVICE_OBJECT pWDMDevice,
_In_ IO_WORKITEM_ROUTINE* pWorkItemFn,
_In_ CLASSIFY_DATA* pClassifyData,
_In_ REDIRECT_DATA* pRedirectData,
_In_opt_ VOID* pContext) /* 0 */
{
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" ---> KrnlHlprWorkItemQueue()\n");
#endif /// DBG
NT_ASSERT(pWDMDevice);
NT_ASSERT(pWorkItemFn);
NT_ASSERT(pClassifyData);
NT_ASSERT(pRedirectData);
NTSTATUS status = STATUS_SUCCESS;
PIO_WORKITEM pIOWorkItem = 0;
WORKITEM_DATA* pWorkItemData = 0;
#pragma warning(push)
#pragma warning(disable: 6014) /// pIOWorkItem is cleaned up in KrnlHlprWorkItemDataDestroy
pIOWorkItem = IoAllocateWorkItem(pWDMDevice);
if(pIOWorkItem == 0)
{
status = STATUS_UNSUCCESSFUL;
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_ERROR_LEVEL,
" !!!! KrnlHlprWorkItemQueue : IoAllocateWorkItem() [status: %#x]\n",
status);
HLPR_BAIL;
}
#pragma warning(pop)
status = KrnlHlprWorkItemDataCreate(&pWorkItemData,
pClassifyData,
pRedirectData,
pIOWorkItem,
pContext);
HLPR_BAIL_ON_FAILURE(status);
IoQueueWorkItem(pWorkItemData->pIOWorkItem,
pWorkItemFn,
DelayedWorkQueue,
(PVOID)pWorkItemData);
HLPR_BAIL_LABEL:
if(status != STATUS_SUCCESS &&
pWorkItemData)
KrnlHlprWorkItemDataDestroy(&pWorkItemData);
#if DBG
DbgPrintEx(DPFLTR_IHVNETWORK_ID,
DPFLTR_INFO_LEVEL,
" <--- KrnlHlprWorkItemQueue() [status: %#x]\n",
status);
#endif /// DBG
return status;
}
