NTSTATUS DriverEntry(PDRIVER_OBJECT driverObject, PUNICODE_STRING registryPath)
{
LdrDataTableEntry *entry = driverObject->DriverSection;
PsLoadedModuleList = entry->in_load_links.Flink;
driverObject->DriverUnload = DriverUnload;
VCPU_DEBUG("We're mapped at %p (size: %d bytes (%d KB), on %d pages)\n",
entry->base, entry->size, entry->size / 1024, entry->size / PAGE_SIZE);
LdrDataTableEntry *kentry = container_of(PsLoadedModuleList->Flink, LdrDataTableEntry, in_load_links);
g_kernel_base = kentry->base;
VCPU_DEBUG("Kernel: %p -> %p (size: 0x%X pages: %d) path: %wS\n",
kentry->base, (uintptr_t)kentry->base + kentry->size,
kentry->size, BYTES_TO_PAGES(kentry->size),
kentry->path.Buffer);
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
NTSTATUS status = ksm_init();
if (NT_SUCCESS(status))
status = register_power_callback(&g_dev_ext);
if (NT_SUCCESS(status))
status = PsCreateSystemThread(&hThread, STANDARD_RIGHTS_ALL, NULL, NULL, &cid, (PKSTART_ROUTINE)sys_thread, NULL);
VCPU_DEBUG("ret: 0x%08X\n", status);
return status;
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath)
{
NTSTATUS status = STATUS_SUCCESS;
WDF_DRIVER_CONFIG config;
WDF_OBJECT_ATTRIBUTES attributes;
WDFDRIVER Driver;
PDRIVER_CONTEXT Context;
#if (NTDDI_VERSION > NTDDI_WIN7)
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
#endif
WPP_INIT_TRACING(DriverObject, RegistryPath);
TraceEvents(TRACE_LEVEL_INFORMATION, DBG_INIT,
"Virtio-Serial driver started...built on %s %s\n", __DATE__, __TIME__);
WDF_DRIVER_CONFIG_INIT(&config,VIOSerialEvtDeviceAdd);
config.DriverPoolTag = VIOSERIAL_DRIVER_MEMORY_TAG;
WDF_OBJECT_ATTRIBUTES_INIT_CONTEXT_TYPE(&attributes, DRIVER_CONTEXT);
attributes.EvtCleanupCallback = VIOSerialEvtDriverContextCleanup;
status = WdfDriverCreate(DriverObject,
RegistryPath,
&attributes,
&config,
&Driver);
if (!NT_SUCCESS(status)) {
TraceEvents(TRACE_LEVEL_ERROR, DBG_INIT,
"WdfDriverCreate failed - 0x%x\n", status);
WPP_CLEANUP(DriverObject);
return status;
}
Context = GetDriverContext(Driver);
// create a lookaside list used for allocating WRITE_BUFFER_ENTRY
// structures by all devices
status = WdfLookasideListCreate(WDF_NO_OBJECT_ATTRIBUTES,
sizeof(WRITE_BUFFER_ENTRY),
NonPagedPool,
WDF_NO_OBJECT_ATTRIBUTES,
VIOSERIAL_DRIVER_MEMORY_TAG,
&Context->WriteBufferLookaside);
if (!NT_SUCCESS(status))
{
TraceEvents(TRACE_LEVEL_ERROR, DBG_INIT,
"WdfLookasideListCreate failed - 0x%x\n", status);
return status;
}
TraceEvents(TRACE_LEVEL_INFORMATION, DBG_PNP, "<-- %s\n", __FUNCTION__);
return status;
}
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath)
{
NTSTATUS status = STATUS_SUCCESS;
WDF_DRIVER_CONFIG config;
WDF_OBJECT_ATTRIBUTES attributes;
WDFDRIVER driver;
#if (NTDDI_VERSION > NTDDI_WIN7)
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
#endif
WPP_INIT_TRACING(DriverObject, RegistryPath);
TraceEvents(TRACE_LEVEL_INFORMATION, DBG_INIT,
"Virtio-input driver started...built on %s %s\n", __DATE__, __TIME__);
WDF_DRIVER_CONFIG_INIT(&config,VIOInputEvtDeviceAdd);
config.DriverPoolTag = VIOINPUT_DRIVER_MEMORY_TAG;
WDF_OBJECT_ATTRIBUTES_INIT(&attributes);
attributes.EvtCleanupCallback = VIOInputEvtDriverContextCleanup;
status = WdfDriverCreate(DriverObject,
RegistryPath,
&attributes,
&config,
&driver);
if (!NT_SUCCESS(status))
{
TraceEvents(TRACE_LEVEL_ERROR, DBG_INIT,
"WdfDriverCreate failed - 0x%x\n", status);
WPP_CLEANUP(DriverObject);
return status;
}
TraceEvents(TRACE_LEVEL_INFORMATION, DBG_PNP, "<-- %s\n", __FUNCTION__);
return status;
}
NTSTATUS
DriverEntry(
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
This is the initialization routine for this miniFilter driver. This
registers with FltMgr and initializes all global data structures.
Arguments:
DriverObject - Pointer to driver object created by the system to
represent this driver.
RegistryPath - Unicode string identifying where the parameters for this
driver are located in the registry.
Return Value:
Routine can return non success error codes.
--*/
{
NTSTATUS status;
OBJECT_ATTRIBUTES oa;
PSECURITY_DESCRIPTOR sd;
UNICODE_STRING uniString;
//UNREFERENCED_PARAMETER(RegistryPath);
PT_DBG_PRINT(PTDBG_TRACE_ROUTINES,
("claimsman!DriverEntry: Entered\n"));
//
// Default to NonPagedPoolNx for non paged pool allocations where supported.
//
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
//
// Obtain the extensions to monitor from the registry
//
status = InitializeMonitoredExtensions(RegistryPath);
if (!NT_SUCCESS(status)) {
status = STATUS_SUCCESS;
ClaimsmanData.MonitoredExtensions = &MonitoredExtensionDefault;
ClaimsmanData.MonitoredExtensionCount = 1;
}
//
// Obtain the ignored users from the registry
//
status = InitializeIgnoredUsers(RegistryPath);
if (!NT_SUCCESS(status)) {
status = STATUS_SUCCESS;
ClaimsmanData.IgnoredUsers = &MonitoredExtensionDefault;
ClaimsmanData.IgnoredUserCount = 1;
}
//
// Register with FltMgr to tell it our callback routines
//
status = FltRegisterFilter(DriverObject,
&FilterRegistration,
&ClaimsmanData.Filter);
if (!NT_SUCCESS(status)) {
return status;
}
//
// Initialize communication port
//
RtlInitUnicodeString(&uniString, ClaimsmanPortName);
// Only ADMINs & SYSTEM can access the port
status = FltBuildDefaultSecurityDescriptor(&sd, FLT_PORT_ALL_ACCESS);
if (NT_SUCCESS(status)) {
InitializeObjectAttributes(&oa,
&uniString,
OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
NULL,
sd);
status = FltCreateCommunicationPort(ClaimsmanData.Filter,
&ClaimsmanData.ServerPort,
&oa,
NULL,
ClaimsmanConnect,
ClaimsmanDisconnect,
NULL,
1);
// Not needed anymore
FltFreeSecurityDescriptor(sd);
if (!NT_SUCCESS(status)) {
PT_DBG_PRINT(PTDBG_TRACE_ROUTINES,
("claimsman!DriverEntry: Unable to create communication port: %d\n", status));
}
else {
//
// Start filtering I/O.
//
status = FltStartFiltering(ClaimsmanData.Filter);
if (!NT_SUCCESS(status)) {
FltUnregisterFilter(ClaimsmanData.Filter);
FltCloseCommunicationPort(ClaimsmanData.ServerPort);
}
}
}
return status;
}
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
HANDLE ServiceKey;
HANDLE ParametersKey;
HANDLE UnplugKey;
ULONG Index;
NTSTATUS status;
ASSERT3P(__DriverGetDriverObject(), ==, NULL);
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
__DbgPrintEnable();
Trace("====>\n");
__DriverSetDriverObject(DriverObject);
DriverObject->DriverUnload = DriverUnload;
if (*InitSafeBootMode > 0)
goto done;
XenTouch();
Info("XENFILT %d.%d.%d (%d) (%02d.%02d.%04d)\n",
MAJOR_VERSION,
MINOR_VERSION,
MICRO_VERSION,
BUILD_NUMBER,
DAY,
MONTH,
YEAR);
status = RegistryInitialize(RegistryPath);
if (!NT_SUCCESS(status))
goto fail1;
status = RegistryOpenServiceKey(KEY_READ, &ServiceKey);
if (!NT_SUCCESS(status))
goto fail2;
status = RegistryOpenSubKey(ServiceKey, "Parameters", KEY_READ, &ParametersKey);
if (NT_SUCCESS(status))
__DriverSetParametersKey(ParametersKey);
status = RegistryOpenSubKey(ServiceKey, "Unplug", KEY_READ, &UnplugKey);
if (!NT_SUCCESS(status))
goto fail3;
__DriverSetUnplugKey(UnplugKey);
RegistryCloseKey(ServiceKey);
DriverObject->DriverExtension->AddDevice = AddDevice;
for (Index = 0; Index <= IRP_MJ_MAXIMUM_FUNCTION; Index++) {
#pragma prefast(suppress:28169) // No __drv_dispatchType annotation
#pragma prefast(suppress:28168) // No matching __drv_dispatchType annotation for IRP_MJ_CREATE
DriverObject->MajorFunction[Index] = Dispatch;
}
done:
Trace("<====\n");
return STATUS_SUCCESS;
fail3:
Error("fail3\n");
if (ParametersKey != NULL) {
RegistryCloseKey(ParametersKey);
__DriverSetParametersKey(NULL);
}
fail2:
Error("fail2\n");
RegistryTeardown();
fail1:
Error("fail1 (%08x)\n", status);
__DriverSetDriverObject(NULL);
ASSERT(IsZeroMemory(&Driver, sizeof (XENFILT_DRIVER)));
return status;
}
NTSTATUS
DriverEntry(
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
DriverEntry initializes the driver and is the first routine called by the
system after the driver is loaded. DriverEntry specifies the other entry
points in the function driver, such as EvtDevice and DriverUnload.
Parameters Description:
DriverObject - represents the instance of the function driver that is loaded
into memory. DriverEntry must initialize members of DriverObject before it
returns to the caller. DriverObject is allocated by the system before the
driver is loaded, and it is released by the system after the system unloads
the function driver from memory.
RegistryPath - represents the driver specific path in the Registry.
The function driver can use the path to store driver related data between
reboots. The path does not store hardware instance specific data.
Return Value:
STATUS_SUCCESS, or another status value for which NT_SUCCESS(status) equals
TRUE if successful,
STATUS_UNSUCCESSFUL, or another status for which NT_SUCCESS(status) equals
FALSE otherwise.
--*/
{
WDF_DRIVER_CONFIG config;
NTSTATUS status;
KdPrint(("DriverEntry for VHidMini\n"));
#ifdef _KERNEL_MODE
//
// Opt-in to using non-executable pool memory on Windows 8 and later.
// https://msdn.microsoft.com/en-us/library/windows/hardware/hh920402(v=vs.85).aspx
//
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
#endif
WDF_DRIVER_CONFIG_INIT(&config, EvtDeviceAdd);
status = WdfDriverCreate(DriverObject,
RegistryPath,
WDF_NO_OBJECT_ATTRIBUTES,
&config,
WDF_NO_HANDLE);
if (!NT_SUCCESS(status)) {
KdPrint(("Error: WdfDriverCreate failed 0x%x\n", status));
return status;
}
return status;
}
///////////////////////////////////////////////////////////////////////////////
///
/// Driver entry
///
///////////////////////////////////////////////////////////////////////////////
NTSTATUS
DriverEntry(
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
{
NTSTATUS Status;
UNICODE_STRING NtDeviceName = RTL_CONSTANT_STRING(QD_NT_DEVICE_NAME);
UNICODE_STRING DosDevicesLinkName = RTL_CONSTANT_STRING(QD_DOS_DEVICES_LINK_NAME);
BOOLEAN SymLinkCreated = FALSE;
PQD_COMM_CONTROL_DEVICE_EXTENSION controlExt;
UNREFERENCED_PARAMETER(RegistryPath);
// Request NX Non-Paged Pool when available
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_TRACE_LEVEL, "QuietDragon: DriverEntry: Driver loaded\n");
//
// Initialize globals.
//
//
// Create our device object.
//
// TODO Consider using IoCreateDeviceSecure
Status = IoCreateDevice(
DriverObject, // pointer to driver object
sizeof(QD_COMM_CONTROL_DEVICE_EXTENSION), // device extension size
&NtDeviceName, // device name
FILE_DEVICE_UNKNOWN, // device type
0, // device characteristics
FALSE, // not exclusive
&g_CommDeviceObject); // returned device object pointer
if (!NT_SUCCESS(Status))
{
goto Exit;
}
TD_ASSERT(g_CommDeviceObject == DriverObject->DeviceObject);
//
// Set dispatch routines.
//
DriverObject->MajorFunction[IRP_MJ_CREATE] = TdDeviceCreate;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = TdDeviceClose;
DriverObject->MajorFunction[IRP_MJ_CLEANUP] = TdDeviceCleanup;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = TdDeviceControl;
DriverObject->DriverUnload = TdDeviceUnload;
//
// Set up the device extension
//
controlExt = (PQD_COMM_CONTROL_DEVICE_EXTENSION)g_CommDeviceObject->DeviceExtension;
controlExt->MagicNumber = QD_COMM_CONTROL_EXTENSION_MAGIC_NUMBER;
InitializeListHead(&controlExt->ProcessQueue);
ExInitializeFastMutex(&controlExt->ProcessQueueLock);
InitializeListHead(&controlExt->RequestQueue);
ExInitializeFastMutex(&controlExt->RequestQueueLock);
ExInitializeFastMutex(&controlExt->DecisionDataLock);
controlExt->DecisionData = (PCONTROL_PROC_INTERNAL)ExAllocatePoolWithTag(NonPagedPool, sizeof(CONTROL_PROC_INTERNAL)*QD_MAX_PROCS, 'SRdd');
RtlZeroMemory(controlExt->DecisionData, sizeof(CONTROL_PROC_INTERNAL)*QD_MAX_PROCS);
// Init DecisionData
for (USHORT i = 0; i < QD_MAX_PROCS; i++) {
PCONTROL_PROC_INTERNAL control_proc = &(controlExt->DecisionData[i]);
control_proc->StartTime.QuadPart = 0;
KeInitializeEvent(&(control_proc->DecisionEvent), NotificationEvent, FALSE);
}
//
// Create a link in the Win32 namespace.
//
Status = IoCreateSymbolicLink(&DosDevicesLinkName, &NtDeviceName);
if (!NT_SUCCESS(Status))
{
goto Exit;
}
SymLinkCreated = TRUE;
//
// Set process create routines.
//
Status = PsSetCreateProcessNotifyRoutineEx(
MyCreateProcessNotifyRoutine,
FALSE
);
if (!NT_SUCCESS(Status))
{
DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "QuietDragon: DriverEntry: PsSetCreateProcessNotifyRoutineEx returned 0x%x\n", Status);
goto Exit;
}
gProcessNotifyRoutine_isSet = TRUE;
Exit:
if (!NT_SUCCESS(Status))
{
if (gProcessNotifyRoutine_isSet == TRUE)
{
Status = PsSetCreateProcessNotifyRoutineEx(
MyCreateProcessNotifyRoutine,
TRUE
);
TD_ASSERT(Status == STATUS_SUCCESS);
gProcessNotifyRoutine_isSet = FALSE;
}
if (SymLinkCreated == TRUE)
{
IoDeleteSymbolicLink(&DosDevicesLinkName);
}
if (g_CommDeviceObject != NULL)
{
IoDeleteDevice(g_CommDeviceObject);
}
}
return Status;
}
// A driver entry point
_Use_decl_annotations_ NTSTATUS DriverEntry(PDRIVER_OBJECT driver_object,
PUNICODE_STRING registry_path) {
UNREFERENCED_PARAMETER(registry_path);
PAGED_CODE();
static const wchar_t kLogFilePath[] = L"\\SystemRoot\\HyperPlatform.log";
static const auto kLogLevel =
(IsReleaseBuild()) ? kLogPutLevelInfo | kLogOptDisableFunctionName
: kLogPutLevelDebug | kLogOptDisableFunctionName;
auto status = STATUS_UNSUCCESSFUL;
driver_object->DriverUnload = DriverpDriverUnload;
HYPERPLATFORM_COMMON_DBG_BREAK();
// Request NX Non-Paged Pool when available
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
// Initialize log functions
bool need_reinitialization = false;
status = LogInitialization(kLogLevel, kLogFilePath);
if (status == STATUS_REINITIALIZATION_NEEDED) {
need_reinitialization = true;
} else if (!NT_SUCCESS(status)) {
return status;
}
// Test if the system is supported
if (!DriverpIsSuppoetedOS()) {
LogTermination();
return STATUS_CANCELLED;
}
// Initialize global variables
status = GlobalObjectInitialization();
if (!NT_SUCCESS(status)) {
LogTermination();
return status;
}
// Initialize perf functions
status = PerfInitialization();
if (!NT_SUCCESS(status)) {
GlobalObjectTermination();
LogTermination();
return status;
}
// Initialize utility functions
status = UtilInitialization(driver_object);
if (!NT_SUCCESS(status)) {
PerfTermination();
GlobalObjectTermination();
LogTermination();
return status;
}
// Initialize power callback
status = PowerCallbackInitialization();
if (!NT_SUCCESS(status)) {
UtilTermination();
PerfTermination();
GlobalObjectTermination();
LogTermination();
return status;
}
// Initialize hot-plug callback
status = HotplugCallbackInitialization();
if (!NT_SUCCESS(status)) {
PowerCallbackTermination();
UtilTermination();
PerfTermination();
GlobalObjectTermination();
LogTermination();
return status;
}
// Virtualize all processors
status = VmInitialization();
if (!NT_SUCCESS(status)) {
HotplugCallbackTermination();
PowerCallbackTermination();
UtilTermination();
PerfTermination();
GlobalObjectTermination();
LogTermination();
return status;
}
// Register re-initialization for the log functions if needed
if (need_reinitialization) {
LogRegisterReinitialization(driver_object);
}
HYPERPLATFORM_LOG_INFO("The VMM has been installed.");
return status;
}
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
HANDLE ServiceKey;
HANDLE ParametersKey;
ULONG Index;
NTSTATUS status;
ASSERT3P(__DriverGetDriverObject(), ==, NULL);
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
__EnableDbgPrint();
Trace("====>\n");
__DriverSetDriverObject(DriverObject);
if (*InitSafeBootMode > 0)
goto done;
status = LogInitialize();
if (!NT_SUCCESS(status))
goto fail1;
Info("%s (%s)\n",
MAJOR_VERSION_STR "." MINOR_VERSION_STR "." MICRO_VERSION_STR "." BUILD_NUMBER_STR,
DAY_STR "/" MONTH_STR "/" YEAR_STR);
SystemGetInformation();
status = HypercallInitialize(&Driver.HypercallInterface);
if (!NT_SUCCESS(status))
goto fail2;
status = ModuleInitialize();
if (!NT_SUCCESS(status))
goto fail3;
status = ProcessInitialize();
if (!NT_SUCCESS(status))
goto fail4;
status = RegistryInitialize(RegistryPath);
if (!NT_SUCCESS(status))
goto fail5;
status = RegistryOpenServiceKey(KEY_READ, &ServiceKey);
if (!NT_SUCCESS(status))
goto fail6;
status = RegistryOpenSubKey(ServiceKey, "Parameters", KEY_READ, &ParametersKey);
if (NT_SUCCESS(status))
__DriverSetParametersKey(ParametersKey);
RegistryCloseKey(ServiceKey);
Driver.DriverObject->DriverUnload = DriverUnload;
Driver.DriverObject->DriverExtension->AddDevice = AddDevice;
for (Index = 0; Index <= IRP_MJ_MAXIMUM_FUNCTION; Index++) {
#pragma prefast(suppress:28169) // No __drv_dispatchType annotation
#pragma prefast(suppress:28168) // No matching __drv_dispatchType annotation for IRP_MJ_CREATE
Driver.DriverObject->MajorFunction[Index] = Dispatch;
}
done:
Trace("<====\n");
return STATUS_SUCCESS;
fail6:
Error("fail6\n");
RegistryTeardown();
fail5:
Error("fail5\n");
ProcessTeardown();
fail4:
Error("fail4\n");
ModuleTeardown();
fail3:
Error("fail3\n");
HypercallTeardown(&Driver.HypercallInterface);
fail2:
Error("fail2\n");
LogTeardown();
fail1:
Error("fail1 (%08x)\n", status);
__DriverSetDriverObject(NULL);
ASSERT(IsZeroMemory(&Driver, sizeof (XEN_DRIVER)));
return status;
}
NTSTATUS
DriverEntry (
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
This is the initialization routine for this filter driver. It registers
itself with the filter manager and initializes all its global data structures.
Arguments:
DriverObject - Pointer to driver object created by the system to
represent this driver.
RegistryPath - Unicode string identifying where the parameters for this
driver are located in the registry.
Return Value:
Returns STATUS_SUCCESS.
--*/
{
NTSTATUS status;
//
// Default to NonPagedPoolNx for non paged pool allocations where supported.
//
ExInitializeDriverRuntime( DrvRtPoolNxOptIn );
RtlZeroMemory( &Globals, sizeof( Globals ) );
#if DBG
//
// Initialize global debug level
//
CtxInitializeDebugLevel( RegistryPath );
#else
UNREFERENCED_PARAMETER( RegistryPath );
#endif
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver being loaded\n") );
//
// Register with the filter manager
//
status = FltRegisterFilter( DriverObject,
&FilterRegistration,
&Globals.Filter );
if (!NT_SUCCESS( status )) {
return status;
}
//
// Start filtering I/O
//
status = FltStartFiltering( Globals.Filter );
if (!NT_SUCCESS( status )) {
FltUnregisterFilter( Globals.Filter );
}
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver loaded complete (Status = 0x%08X)\n",
status) );
return status;
}
NTSTATUS
DriverEntry(
__in PDRIVER_OBJECT DriverObject,
__in PUNICODE_STRING RegistryPath
)
{
UNICODE_STRING name;
UNICODE_STRING string;
NTSTATUS status;
//
// This creates a local buffer which is big enough to hold a copy of the
// constant string assigned to it. It does not point to the constant
// string. As such, it is a writeable buffer.
//
// NOTE: KMDF_DEVICE_NAME L"XXXX" creates a concatenated string of
// KMDF_DEVICE_NAME + L"XXXX". This is done to give us room for
// appending a number up to 4 digits long after KMDF_DEVICE_NAME if
// you want a null terminated string, 5 digits long if the string is
// not null terminated (as is the case for a UNICODE_STRING)
//
WCHAR buffer[] = KMDF_DEVICE_NAME L"XXXX";
//
// Initialize global to make NonPagedPool be treated as NxPool on Win8
// and NonPagedPool on down-level
//
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
RtlInitUnicodeString(&string, WDF_REGISTRY_DBGPRINT_ON);
//
// Determine if debug prints are on.
//
(void) WdfLdrDiagnosticsValueByNameAsULONG(&string, &WdfLdrDbgPrintOn);
__Print(("DriverEntry\n"));
DriverObject->DriverUnload = DriverUnload;
FxLibraryGlobals.DriverObject = DriverObject;
DriverObject->MajorFunction[IRP_MJ_CREATE] = FxLibraryDispatch;
DriverObject->MajorFunction[IRP_MJ_CLEANUP] = FxLibraryDispatch;
DriverObject->MajorFunction[IRP_MJ_CLOSE] = FxLibraryDispatch;
RtlZeroMemory(&name, sizeof(name));
name.Buffer = buffer;
name.Length = 0x0;
name.MaximumLength = sizeof(buffer);
//
// We use the string when we declare the buffer to get the right sized
// buffer. Now we want to make sure there are no contents before we
// use it to create a device object.
//
RtlZeroMemory(buffer, sizeof(buffer));
status = FxLibraryCreateDevice(&name);
if (!NT_SUCCESS(status)) {
__Print(("ERROR: FxLibraryCreateDevice failed with Status 0x%x\n", status));
return status;
}
//
// Register this library with WdfLdr
//
// NOTE: Once WdfRegisterLibrary returns NT_SUCCESS() we must return
// NT_SUCCESS from DriverEntry!
//
status = WdfRegisterLibrary( &WdfLibraryInfo, RegistryPath, &name );
if (!NT_SUCCESS(status)) {
__Print(("ERROR: WdfRegisterLibrary failed with Status 0x%x\n", status));
FxLibraryCleanup();
return status;
}
//
// Write KMDF version to registry
//
WdfWriteKmdfVersionToRegistry(DriverObject, RegistryPath);
return STATUS_SUCCESS;
}
NTSTATUS
DriverEntry(
DRIVER_OBJECT* driverObject,
UNICODE_STRING* registryPath
)
{
NTSTATUS status;
WDFDEVICE device;
WDFDRIVER driver;
WDFKEY configKey;
NET_BUFFER_LIST_POOL_PARAMETERS nblPoolParams = {0};
// Request NX Non-Paged Pool when available
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
status = StreamEditInitDriverObjects(
driverObject,
registryPath,
&driver,
&device
);
if (!NT_SUCCESS(status))
{
goto Exit;
}
status = WdfDriverOpenParametersRegistryKey(
driver,
KEY_READ,
WDF_NO_OBJECT_ATTRIBUTES,
&configKey
);
if (!NT_SUCCESS(status))
{
goto Exit;
}
status = StreamEditLoadConfig(configKey);
if (!NT_SUCCESS(status))
{
goto Exit;
}
gStringToReplaceMdl = IoAllocateMdl(
configStringToReplace,
(ULONG) strlen(configStringToReplace),
FALSE,
FALSE,
NULL
);
if (gStringToReplaceMdl == NULL)
{
status = STATUS_NO_MEMORY;
goto Exit;
}
MmBuildMdlForNonPagedPool(gStringToReplaceMdl);
gNdisGenericObj = NdisAllocateGenericObject(
driverObject,
STREAM_EDITOR_NDIS_OBJ_TAG,
0
);
if (gNdisGenericObj == NULL)
{
status = STATUS_NO_MEMORY;
goto Exit;
}
nblPoolParams.Header.Type = NDIS_OBJECT_TYPE_DEFAULT;
nblPoolParams.Header.Revision = NET_BUFFER_LIST_POOL_PARAMETERS_REVISION_1;
nblPoolParams.Header.Size = sizeof(nblPoolParams);
nblPoolParams.fAllocateNetBuffer = TRUE;
nblPoolParams.DataSize = 0;
nblPoolParams.PoolTag = STREAM_EDITOR_NBL_POOL_TAG;
gNetBufferListPool = NdisAllocateNetBufferListPool(
gNdisGenericObj,
&nblPoolParams
);
if (gNetBufferListPool == NULL)
{
status = STATUS_NO_MEMORY;
goto Exit;
}
status = FwpsInjectionHandleCreate(
AF_UNSPEC,
FWPS_INJECTION_TYPE_STREAM,
&gInjectionHandle
);
if (!NT_SUCCESS(status))
{
goto Exit;
}
gWdmDevice = WdfDeviceWdmGetDeviceObject(device);
status = StreamEditRegisterCallout(
&gStreamEditor,
gWdmDevice
);
if (!NT_SUCCESS(status))
{
goto Exit;
}
if (configEditInline)
{
InlineEditInit(&gStreamEditor);
}
else
{
status = OobEditInit(&gStreamEditor);
if (!NT_SUCCESS(status))
{
goto Exit;
}
}
Exit:
if (!NT_SUCCESS(status))
{
if (gEngineHandle != NULL)
{
StreamEditUnregisterCallout();
}
if (gInjectionHandle != NULL)
{
FwpsInjectionHandleDestroy(gInjectionHandle);
}
if (gNetBufferListPool != NULL)
{
NdisFreeNetBufferListPool(gNetBufferListPool);
}
if (gNdisGenericObj != NULL)
{
NdisFreeGenericObject(gNdisGenericObj);
}
if (gStringToReplaceMdl != NULL)
{
IoFreeMdl(gStringToReplaceMdl);
}
}
return status;
}
