C++ (Cpp) FltDeletePushLock示例

编程语言: C++ (Cpp)

方法/功能: FltDeletePushLock

hotexamples.com的示例: 3

C++ (Cpp) FltDeletePushLock - 已找到3个示例。这些是从开源项目中提取的最受好评的FltDeletePushLock现实C++ (Cpp)示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

文件： Protect.c 项目： xqrzd/HazardShield

/// <summary>
/// Starts filtering process and thread access rights.
/// </summary>
NTSTATUS HsRegisterProtector()
{
	NTSTATUS status;
	OB_CALLBACK_REGISTRATION callbackRegistration;
	OB_OPERATION_REGISTRATION operationRegistration[2];

	operationRegistration[0].ObjectType = PsProcessType;
	operationRegistration[0].Operations = OB_OPERATION_HANDLE_CREATE | OB_OPERATION_HANDLE_DUPLICATE;
	operationRegistration[0].PreOperation = HspObPreCallback;
	operationRegistration[0].PostOperation = NULL;

	operationRegistration[1].ObjectType = PsThreadType;
	operationRegistration[1].Operations = OB_OPERATION_HANDLE_CREATE | OB_OPERATION_HANDLE_DUPLICATE;
	operationRegistration[1].PreOperation = HspObPreCallback;
	operationRegistration[1].PostOperation = NULL;

	callbackRegistration.Version = OB_FLT_REGISTRATION_VERSION;
	callbackRegistration.RegistrationContext = NULL;
	callbackRegistration.OperationRegistrationCount = ARRAYSIZE(operationRegistration);
	callbackRegistration.OperationRegistration = operationRegistration;

	RtlInitUnicodeString(&callbackRegistration.Altitude, L"40100.7");

	FltInitializePushLock(&ObCallbackInstance.ProtectedProcessLock);

	RtlInitializeGenericTableAvl(
		&ObCallbackInstance.ProtectedProcesses,
		HspCompareProtectedProcess,
		HsAvlAllocate,
		HsAvlFree,
		NULL);

	status = ObRegisterCallbacks(&callbackRegistration, &ObCallbackInstance.RegistrationHandle);

	if (!NT_SUCCESS(status))
		FltDeletePushLock(&ObCallbackInstance.ProtectedProcessLock);

	return status;
}

示例#2

显示文件

文件： Protect.c 项目： xqrzd/HazardShield

/// <summary>
/// Stops process and thread access rights filtering.
/// </summary>
VOID HsUnRegisterProtector()
{
	ObUnRegisterCallbacks(ObCallbackInstance.RegistrationHandle);

	// If ObUnRegisterCallbacks waits for callbacks to finish processing
	// there is no need to lock here.

	FltAcquirePushLockExclusive(&ObCallbackInstance.ProtectedProcessLock);
	HsAvlDeleteAllElements(&ObCallbackInstance.ProtectedProcesses);
	FltReleasePushLock(&ObCallbackInstance.ProtectedProcessLock);
	FltDeletePushLock(&ObCallbackInstance.ProtectedProcessLock);
}

示例#3

显示文件

文件： fltbox.cpp 项目： NeoAnomaly/accessch

FilterBoxList::~FilterBoxList (
    )
{
    FltDeletePushLock( &m_AccessLock );

    FilterBox* pEntry = NULL;

    PLIST_ENTRY Flink = m_List.Flink;
    while ( Flink != &m_List )
    {
        pEntry = CONTAINING_RECORD(
            Flink,
            FilterBox,
            m_List
            );

        Flink = Flink->Flink;
        RemoveEntryList( &pEntry->m_List );

        ASSERT( !pEntry->m_RefCount );
        pEntry->FilterBox::~FilterBox();
        FREE_POOL( pEntry );
    }
}