-
Notifications
You must be signed in to change notification settings - Fork 0
/
Comm.c
134 lines (109 loc) · 3.49 KB
/
Comm.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
#include "Comm.h"
#include "wdmuk.h"
#include "ntddk.h"
#include "Trace.h"
#include "Comm.tmh"
extern WDM_DRIVER gDriver;
NTSTATUS
WdmConnectNotify(
_In_ PFLT_PORT ClientPort,
_In_ PVOID ServerPortCookie,
_In_ PVOID ConnectionContext,
_In_ ULONG SizeOfContext,
_Out_ PVOID *ConnectionPortCookie
)
{
UNREFERENCED_PARAMETER(ClientPort);
UNREFERENCED_PARAMETER(ServerPortCookie);
UNREFERENCED_PARAMETER(ConnectionContext);
UNREFERENCED_PARAMETER(SizeOfContext);
UNREFERENCED_PARAMETER(ConnectionPortCookie);
LogInfo("\"WdmConnectNotify\" was called");
gDriver.ClientPort = ClientPort;
return STATUS_SUCCESS;
}
VOID
WdmDisconnectNotify(
_In_ PVOID ConnectionCookie
)
{
UNREFERENCED_PARAMETER(ConnectionCookie);
LogInfo("\"WdmDisconnectNotify\" was called");
gDriver.ClientPort = NULL;
}
NTSTATUS
WdmMessageNotify(
_In_ PVOID PortCookie,
_In_ PVOID InputBuffer OPTIONAL,
_In_ ULONG InputBufferLength,
_Out_ PVOID OutputBuffer OPTIONAL,
_In_ ULONG OutputBufferLength,
_Out_ PULONG ReturnOutputBufferLength
)
{
USHORT extLen = 0;
COMMAND_CODE cmdCode = -1;
NTSTATUS retStatus = STATUS_UNSUCCESSFUL;
//NTSTATUS status = STATUS_UNSUCCESSFUL;
UNREFERENCED_PARAMETER(PortCookie);
UNREFERENCED_PARAMETER(InputBufferLength);
UNREFERENCED_PARAMETER(OutputBuffer);
UNREFERENCED_PARAMETER(OutputBufferLength);
UNREFERENCED_PARAMETER(ReturnOutputBufferLength);
if (InputBuffer == NULL)
{
LogWarning("\"WdmMessageNotify\" InputBuffer is null");
return STATUS_INVALID_PARAMETER;
}
cmdCode = *(PCOMMAND_CODE)InputBuffer;
LogInfo("\"WdmMessageNotify\" cmdCode: [%d]\n", cmdCode);
__try
{
switch (cmdCode)
{
// Set extension and activate monitor
case cmdExtension:
{
PEXTENSION ext = (PEXTENSION)InputBuffer;
if (gDriver.Extension.Buffer == NULL)
{
gDriver.Extension.Buffer = ExAllocatePoolWithTag(NonPagedPool, WDM_BUFFER_SIZE * sizeof(WCHAR), WDM_TAG_NAME);
if (gDriver.Extension.Buffer == NULL)
{
LogErrorHex("ExAllocatePoolWithTag", 0);
__leave;
}
}
extLen = (USHORT)wcslen(ext->Extension);
RtlCopyMemory(gDriver.Extension.Buffer, ext->Extension, (extLen + 1) * sizeof(WCHAR));
gDriver.Extension.Buffer[extLen] = L'\0';
gDriver.Extension.Length = extLen * sizeof(WCHAR);
gDriver.Extension.MaximumLength = (USHORT)WDM_BUFFER_SIZE * sizeof(WCHAR);
gDriver.MonitorExtention = TRUE;
LogInfo("Extension set [%wZ] \n", &gDriver.Extension);
break;
}
// Generate custom BSOD
case cmdCustomBsod:
{
// TODO: ...
break;
}
default:
{
LogError("Unknown command code received: [%d]", cmdCode);
__leave;
}
}
retStatus = STATUS_SUCCESS;
}
__finally
{
if (!NT_SUCCESS(retStatus) && gDriver.Extension.Buffer != NULL)
{
ExFreePoolWithTag(gDriver.Extension.Buffer, WDM_TAG_NAME);
gDriver.Extension.Buffer = NULL;
}
}
return retStatus;
}