NTSTATUS
DriverEntry (
__in PDRIVER_OBJECT DriverObject,
__in PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
This is the initialization routine for this filter driver. It registers
itself with the filter manager and initializes all its global data structures.
Arguments:
DriverObject - Pointer to driver object created by the system to
represent this driver.
RegistryPath - Unicode string identifying where the parameters for this
driver are located in the registry.
Return Value:
Returns STATUS_SUCCESS.
--*/
{
NTSTATUS status;
//
// Filters callback routines
//
FLT_OPERATION_REGISTRATION callbacks[] = {
{ IRP_MJ_CREATE,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreCreate,
CtxPostCreate },
{ IRP_MJ_CLEANUP,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreCleanup,
NULL },
{ IRP_MJ_CLOSE,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreClose,
NULL },
{ IRP_MJ_SET_INFORMATION,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreSetInfo,
CtxPostSetInfo },
{ IRP_MJ_OPERATION_END }
};
const FLT_CONTEXT_REGISTRATION contextRegistration[] = {
{ FLT_INSTANCE_CONTEXT,
0,
CtxContextCleanup,
CTX_INSTANCE_CONTEXT_SIZE,
CTX_INSTANCE_CONTEXT_TAG },
{ FLT_FILE_CONTEXT,
0,
CtxContextCleanup,
CTX_FILE_CONTEXT_SIZE,
CTX_FILE_CONTEXT_TAG },
{ FLT_STREAM_CONTEXT,
0,
CtxContextCleanup,
CTX_STREAM_CONTEXT_SIZE,
CTX_STREAM_CONTEXT_TAG },
{ FLT_STREAMHANDLE_CONTEXT,
0,
CtxContextCleanup,
CTX_STREAMHANDLE_CONTEXT_SIZE,
CTX_STREAMHANDLE_CONTEXT_TAG },
{ FLT_CONTEXT_END }
};
//
// Filters registration data structure
//
FLT_REGISTRATION filterRegistration = {
sizeof( FLT_REGISTRATION ), // Size
FLT_REGISTRATION_VERSION, // Version
0, // Flags
contextRegistration, // Context
callbacks, // Operation callbacks
CtxUnload, // Filters unload routine
CtxInstanceSetup, // InstanceSetup routine
CtxInstanceQueryTeardown, // InstanceQueryTeardown routine
CtxInstanceTeardownStart, // InstanceTeardownStart routine
CtxInstanceTeardownComplete, // InstanceTeardownComplete routine
NULL, NULL, NULL // Unused naming support callbacks
};
RtlZeroMemory( &Globals, sizeof( Globals ) );
#if DBG
//
// Initialize global debug level
//
CtxInitializeDebugLevel( RegistryPath );
#else
UNREFERENCED_PARAMETER( RegistryPath );
#endif
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver being loaded\n") );
//
// Register with the filter manager
//
status = FltRegisterFilter( DriverObject,
&filterRegistration,
&Globals.Filter );
if (!NT_SUCCESS( status )) {
return status;
}
//
// Start filtering I/O
//
status = FltStartFiltering( Globals.Filter );
if (!NT_SUCCESS( status )) {
FltUnregisterFilter( Globals.Filter );
}
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver loaded complete (Status = 0x%08X)\n",
status) );
return status;
}
NTSTATUS
CtxDriverEntry (
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
#endif
/*++
Routine Description:
This is the initialization routine for this filter driver. It registers
itself with the filter manager and initializes all its global data structures.
Arguments:
DriverObject - Pointer to driver object created by the system to
represent this driver.
RegistryPath - Unicode string identifying where the parameters for this
driver are located in the registry.
Return Value:
Returns STATUS_SUCCESS.
--*/
{
NTSTATUS status;
//
// Filters callback routines
//
FLT_OPERATION_REGISTRATION callbacks[] = {
{ IRP_MJ_CREATE,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreCreate,
CtxPostCreate },
{ IRP_MJ_CLEANUP,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreCleanup,
NULL },
{ IRP_MJ_CLOSE,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreClose,
NULL },
{ IRP_MJ_SET_INFORMATION,
FLTFL_OPERATION_REGISTRATION_SKIP_PAGING_IO,
CtxPreSetInfo,
CtxPostSetInfo },
{ IRP_MJ_OPERATION_END }
};
const FLT_CONTEXT_REGISTRATION contextRegistration[] = {
{ FLT_INSTANCE_CONTEXT,
0,
CtxContextCleanup,
CTX_INSTANCE_CONTEXT_SIZE,
CTX_INSTANCE_CONTEXT_TAG },
{ FLT_FILE_CONTEXT,
0,
CtxContextCleanup,
CTX_FILE_CONTEXT_SIZE,
CTX_FILE_CONTEXT_TAG },
{ FLT_STREAM_CONTEXT,
0,
CtxContextCleanup,
CTX_STREAM_CONTEXT_SIZE,
CTX_STREAM_CONTEXT_TAG },
{ FLT_STREAMHANDLE_CONTEXT,
0,
CtxContextCleanup,
CTX_STREAMHANDLE_CONTEXT_SIZE,
CTX_STREAMHANDLE_CONTEXT_TAG },
{ FLT_CONTEXT_END }
};
//
// Filters registration data structure
//
#if !__NDAS_FS_MINI__
FLT_REGISTRATION filterRegistration = {
#else
FLT_REGISTRATION CtxFilterRegistration = {
#endif
sizeof( FLT_REGISTRATION ), // Size
FLT_REGISTRATION_VERSION, // Version
0, // Flags
contextRegistration, // Context
callbacks, // Operation callbacks
CtxUnload, // Filters unload routine
CtxInstanceSetup, // InstanceSetup routine
CtxInstanceQueryTeardown, // InstanceQueryTeardown routine
CtxInstanceTeardownStart, // InstanceTeardownStart routine
CtxInstanceTeardownComplete, // InstanceTeardownComplete routine
NULL, NULL, NULL // Unused naming support callbacks
};
RtlZeroMemory( &Globals, sizeof( Globals ) );
#if DBG
//
// Initialize global debug level
//
CtxInitializeDebugLevel( RegistryPath );
#else
UNREFERENCED_PARAMETER( RegistryPath );
#endif
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver being loaded\n") );
#if __NDAS_FS_MINI__
UNREFERENCED_PARAMETER( DriverObject );
UNREFERENCED_PARAMETER( RegistryPath );
status = STATUS_SUCCESS;
#else
//
// Register with the filter manager
//
status = FltRegisterFilter( DriverObject,
&filterRegistration,
&Globals.Filter );
if (!NT_SUCCESS( status )) {
return status;
}
//
// Start filtering I/O
//
status = FltStartFiltering( Globals.Filter );
if (!NT_SUCCESS( status )) {
FltUnregisterFilter( Globals.Filter );
}
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver loaded complete (Status = 0x%08X)\n",
status) );
#endif
return status;
}
#if DBG
VOID
CtxInitializeDebugLevel (
__in PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
This routine tries to read the filter DebugLevel parameter from
the registry. This value will be found in the registry location
indicated by the RegistryPath passed in.
Arguments:
RegistryPath - The path key passed to the driver during DriverEntry.
Return Value:
None.
--*/
{
OBJECT_ATTRIBUTES attributes;
HANDLE driverRegKey;
NTSTATUS status;
ULONG resultLength;
UNICODE_STRING valueName;
UCHAR buffer[sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( LONG )];
Globals.DebugLevel = DEBUG_TRACE_ERROR;
#if __NDAS_FS_MINI__
Globals.DebugLevel |= DEBUG_TRACE_INSTANCES;
Globals.DebugLevel |= DEBUG_TRACE_INSTANCE_CONTEXT_OPERATIONS;
Globals.DebugLevel |= DEBUG_INFO_CREATE;
//Globals.DebugLevel |= 0xFFFFFFFF;
#endif
//
// Open the desired registry key
//
InitializeObjectAttributes( &attributes,
RegistryPath,
OBJ_CASE_INSENSITIVE,
NULL,
NULL );
status = ZwOpenKey( &driverRegKey,
KEY_READ,
&attributes );
if (NT_SUCCESS( status )) {
//
// Read the DebugFlags value from the registry.
//
RtlInitUnicodeString( &valueName, L"DebugLevel" );
status = ZwQueryValueKey( driverRegKey,
&valueName,
KeyValuePartialInformation,
buffer,
sizeof(buffer),
&resultLength );
if (NT_SUCCESS( status )) {
Globals.DebugLevel = *((PULONG) &(((PKEY_VALUE_PARTIAL_INFORMATION) buffer)->Data));
}
}
//
// Close the registry entry
//
ZwClose( driverRegKey );
}
NTSTATUS
DriverEntry (
_In_ PDRIVER_OBJECT DriverObject,
_In_ PUNICODE_STRING RegistryPath
)
/*++
Routine Description:
This is the initialization routine for this filter driver. It registers
itself with the filter manager and initializes all its global data structures.
Arguments:
DriverObject - Pointer to driver object created by the system to
represent this driver.
RegistryPath - Unicode string identifying where the parameters for this
driver are located in the registry.
Return Value:
Returns STATUS_SUCCESS.
--*/
{
NTSTATUS status;
//
// Default to NonPagedPoolNx for non paged pool allocations where supported.
//
ExInitializeDriverRuntime( DrvRtPoolNxOptIn );
RtlZeroMemory( &Globals, sizeof( Globals ) );
#if DBG
//
// Initialize global debug level
//
CtxInitializeDebugLevel( RegistryPath );
#else
UNREFERENCED_PARAMETER( RegistryPath );
#endif
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver being loaded\n") );
//
// Register with the filter manager
//
status = FltRegisterFilter( DriverObject,
&FilterRegistration,
&Globals.Filter );
if (!NT_SUCCESS( status )) {
return status;
}
//
// Start filtering I/O
//
status = FltStartFiltering( Globals.Filter );
if (!NT_SUCCESS( status )) {
FltUnregisterFilter( Globals.Filter );
}
DebugTrace( DEBUG_TRACE_LOAD_UNLOAD,
("[Ctx]: Driver loaded complete (Status = 0x%08X)\n",
status) );
return status;
}