SUPDrv-win.cpp revision d0dda9013fea84af1276affdb6e6001123ae0b13
/* $Id$ */
/** @file
* VBoxDrv - The VirtualBox Support Driver - Windows NT specifics.
*/
/*
* Copyright (C) 2006-2007 Oracle Corporation
*
* This file is part of VirtualBox Open Source Edition (OSE), as
* available from http://www.virtualbox.org. This file is free software;
* General Public License (GPL) as published by the Free Software
* Foundation, in version 2 as it comes in the "COPYING" file of the
* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
*
* The contents of this file may alternatively be used under the terms
* of the Common Development and Distribution License Version 1.0
* (CDDL) only, as it comes in the "COPYING.CDDL" file of the
* VirtualBox OSE distribution, in which case the provisions of the
* CDDL are applicable instead of those of the GPL.
*
* You may elect to license modified versions of this file under the
* terms and conditions of either the GPL or the CDDL or both.
*/
/*******************************************************************************
* Header Files *
*******************************************************************************/
#define LOG_GROUP LOG_GROUP_SUP_DRV
#include "../SUPDrvInternal.h"
#include <excpt.h>
#include <ntimage.h>
#include <iprt/initterm.h>
/*******************************************************************************
* Defined Constants And Macros *
*******************************************************************************/
/** The support service name. */
#define SERVICE_NAME "VBoxDrv"
/** Win32 Device name. */
#define DEVICE_NAME "\\\\.\\VBoxDrv"
/** NT Device name. */
#define DEVICE_NAME_NT L"\\Device\\VBoxDrv"
/** Win Symlink name. */
#define DEVICE_NAME_DOS L"\\DosDevices\\VBoxDrv"
/** The Pool tag (VBox). */
#define SUPDRV_NT_POOL_TAG 'xoBV'
/*******************************************************************************
* Structures and Typedefs *
*******************************************************************************/
#if 0 //def RT_ARCH_AMD64
typedef struct SUPDRVEXECMEM
{
void *pvMapping;
void *pvAllocation;
#endif
/*******************************************************************************
* Internal Functions *
*******************************************************************************/
static int VBoxDrvNtDeviceControlSlow(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PIRP pIrp, PIO_STACK_LOCATION pStack);
static VOID _stdcall VBoxPowerDispatchCallback(PVOID pCallbackContext, PVOID pArgument1, PVOID pArgument2);
/*******************************************************************************
* Exported Functions *
*******************************************************************************/
/**
* Driver entry point.
*
* @returns appropriate status code.
* @param pDrvObj Pointer to driver object.
* @param pRegPath Registry base path.
*/
{
/*
* Create device.
* (That means creating a device object and a symbolic link so the DOS
* subsystems (OS/2, win32, ++) can access the device.)
*/
rc = IoCreateDevice(pDrvObj, sizeof(SUPDRVDEVEXT), &DevName, FILE_DEVICE_UNKNOWN, 0, FALSE, &pDevObj);
if (NT_SUCCESS(rc))
{
if (NT_SUCCESS(rc))
{
if (RT_SUCCESS(vrc))
{
Log(("VBoxDrv::DriverEntry\n"));
/*
* Initialize the device extension.
*/
if (!vrc)
{
/*
* Setup the driver entry points in pDrvObj.
*/
/* more? */
/* Register ourselves for power state changes. */
if (rc == STATUS_SUCCESS)
pDevExt->hPowerCallback = ExRegisterCallback(pDevExt->pObjPowerCallback, VBoxPowerDispatchCallback, pDevObj);
Log(("VBoxDrv::DriverEntry returning STATUS_SUCCESS\n"));
return STATUS_SUCCESS;
}
RTR0Term();
}
else
{
}
}
else
}
else
if (NT_SUCCESS(rc))
return rc;
}
/**
* Unload the driver.
*
* @param pDrvObj Driver object.
*/
{
/* Clean up the power callback registration. */
if (pDevExt->hPowerCallback)
if (pDevExt->pObjPowerCallback)
/*
* We ASSUME that it's not possible to unload a driver with open handles.
* Start by deleting the symbolic link
*/
/*
* Terminate the GIP page and delete the device extension.
*/
RTR0Term();
}
/**
* Create (i.e. Open) file entry point.
*
* @param pDevObj Device object.
* @param pIrp Request packet.
*/
{
Log(("VBoxDrvNtCreate\n"));
/*
* We are not remotely similar to a directory...
* (But this is possible.)
*/
{
return STATUS_NOT_A_DIRECTORY;
}
/*
* Call common code for the rest.
*/
//#if 0 /** @todo check if this works, consider OBJ_KERNEL_HANDLE too. */
//#else
// bool fUser = true;
//#endif
if (!rc)
return rcNt;
}
/**
* Clean up file handle entry point.
*
* @param pDevObj Device object.
* @param pIrp Request packet.
*/
{
if (pSession)
{
}
return STATUS_SUCCESS;
}
/**
* Close file entry point.
*
* @param pDevObj Device object.
* @param pIrp Request packet.
*/
{
if (pSession)
{
}
return STATUS_SUCCESS;
}
/**
* Device I/O Control entry point.
*
* @param pDevObj Device object.
* @param pIrp Request packet.
*/
{
/*
* Deal with the two high-speed IOCtl that takes it's arguments from
* the session and iCmd, and only returns a VBox status code.
*
* Note: The previous method of returning the rc prior to IOC version
* 7.4 has been abandond, we're no longer compatible with that
* interface.
*/
if ( ulCmd == SUP_IOCTL_FAST_DO_RAW_RUN
|| ulCmd == SUP_IOCTL_FAST_DO_NOP)
{
int rc = supdrvIOCtlFast(ulCmd, (unsigned)(uintptr_t)pIrp->UserBuffer /* VMCPU id */, pDevExt, pSession);
#else
int rc = supdrvIOCtlFast(ulCmd, (unsigned)(uintptr_t)pIrp->UserBuffer /* VMCPU id */, pDevExt, pSession);
#endif
/* Complete the I/O request. */
return rcNt;
}
}
/**
* Worker for VBoxDrvNtDeviceControl that takes the slow IOCtl functions.
*
* @returns NT status code.
*
* @param pDevObj Device object.
* @param pSession The session.
* @param pIrp Request packet.
* @param pStack The stack location containing the DeviceControl parameters.
*/
static int VBoxDrvNtDeviceControlSlow(PSUPDRVDEVEXT pDevExt, PSUPDRVSESSION pSession, PIRP pIrp, PIO_STACK_LOCATION pStack)
{
unsigned cbOut = 0;
int rc = 0;
Log2(("VBoxDrvNtDeviceControlSlow(%p,%p): ioctl=%#x pBuf=%p cbIn=%#x cbOut=%#x pSession=%p\n",
#ifdef RT_ARCH_AMD64
/* Don't allow 32-bit processes to do any I/O controls. */
if (!IoIs32bitProcess(pIrp))
#endif
{
/* Verify that it's a buffered CTL. */
{
/* Verify that the sizes in the request header are correct. */
{
/*
* Do the job.
*/
if (!rc)
{
{
OSDBGPRINT(("VBoxDrvLinuxIOCtl: too much output! %#x > %#x; uCmd=%#x!\n",
}
}
else
}
else
{
Log(("VBoxDrvNtDeviceControlSlow: Mismatching sizes (%#x) - Hdr=%#lx/%#lx Irp=%#lx/%#lx!\n",
}
}
else
{
Log(("VBoxDrvNtDeviceControlSlow: not buffered request (%#x) - not supported\n",
}
}
#ifdef RT_ARCH_AMD64
else
{
Log(("VBoxDrvNtDeviceControlSlow: WOW64 req - not supported\n"));
}
#endif
/* complete the request. */
return rcNt;
}
/**
* Internal Device I/O Control entry point, used for IDC.
*
* @param pDevObj Device object.
* @param pIrp Request packet.
*/
{
unsigned cbOut = 0;
int rc = 0;
Log2(("VBoxDrvNtInternalDeviceControl(%p,%p): ioctl=%#x pBuf=%p cbIn=%#x cbOut=%#x pSession=%p\n",
/* Verify that it's a buffered CTL. */
{
/* Verify the pDevExt in the session. */
: !pSession
)
{
/* Verify that the size in the request header is correct. */
{
/*
* Do the job.
*/
if (!rc)
{
/** @todo Handle SUPDRV_IDC_REQ_DISCONNECT and drop the
* windows hack in the generic code. */
}
else
}
else
{
Log(("VBoxDrvNtInternalDeviceControl: Mismatching sizes (%#x) - Hdr=%#lx Irp=%#lx/%#lx!\n",
}
}
else
}
else
{
Log(("VBoxDrvNtInternalDeviceControl: not buffered request (%#x) - not supported\n",
}
/* complete the request. */
return rcNt;
}
/**
* Stub function for functions we don't implemented.
*
* @returns STATUS_NOT_SUPPORTED
* @param pDevObj Device object.
* @param pIrp IRP.
*/
{
Log(("VBoxDrvNtNotSupportedStub\n"));
return STATUS_NOT_SUPPORTED;
}
/**
* ExRegisterCallback handler for power events
*
* @param pCallbackContext User supplied parameter (pDevObj)
* @param pArgument1 First argument
* @param pArgument2 Second argument
*/
{
/* Power change imminent? */
if ((unsigned)pArgument1 == PO_CB_SYSTEM_STATE_LOCK)
{
if ((unsigned)pArgument2 == 0)
Log(("VBoxPowerDispatchCallback: about to go into suspend mode!\n"));
else
Log(("VBoxPowerDispatchCallback: resumed!\n"));
/* Inform any clients that have registered themselves with IPRT. */
}
}
/**
* Initializes any OS specific object creator fields.
*/
{
}
/**
* Checks if the session can access the object.
*
* @returns true if a decision has been made.
* @returns false if the default access policy should be applied.
*
* @param pObj The object in question.
* @param pSession The session wanting to access the object.
* @param pszObjName The object name, can be NULL.
* @param prc Where to store the result when returning true.
*/
bool VBOXCALL supdrvOSObjCanAccess(PSUPDRVOBJ pObj, PSUPDRVSESSION pSession, const char *pszObjName, int *prc)
{
return false;
}
/**
* Force async tsc mode (stub).
*/
{
return false;
}
#define MY_SystemUnloadGdiDriverInformation 27
typedef struct MYSYSTEMGDIDRIVERINFO
{
int VBOXCALL supdrvOSLdrOpen(PSUPDRVDEVEXT pDevExt, PSUPDRVLDRIMAGE pImage, const char *pszFilename)
{
# ifndef RT_ARCH_X86
# error "VBOX_WITHOUT_NATIVE_R0_LOADER is only safe on x86."
# endif
return VERR_NOT_SUPPORTED;
#else
/*
* Convert the filename from DOS UTF-8 to NT UTF-16.
*/
if (RT_FAILURE(rc))
return rc;
if (!pwcsFilename)
return VERR_NO_TMP_MEMORY;
pwcsFilename[0] = '\\';
if (RT_SUCCESS(rc))
{
/*
* Try load it.
*/
Info.ImageLength = 0;
NTSTATUS rcNt = ZwSetSystemInformation(MY_SystemLoadGdiDriverInSystemSpaceInformation, &Info, sizeof(Info));
if (NT_SUCCESS(rcNt))
{
Log(("ImageAddress=%p SectionPointer=%p ImageLength=%#x cbImageBits=%#x rcNt=%#x '%ls'\n",
Info.ImageAddress, Info.SectionPointer, Info.ImageLength, pImage->cbImageBits, rcNt, Info.Name.Buffer));
# ifdef DEBUG_bird
SUPR0Printf("ImageAddress=%p SectionPointer=%p ImageLength=%#x cbImageBits=%#x rcNt=%#x '%ws'\n",
Info.ImageAddress, Info.SectionPointer, Info.ImageLength, pImage->cbImageBits, rcNt, Info.Name.Buffer);
# endif
{
/*
* Lock down the entire image, just to be on the safe side.
*/
rc = RTR0MemObjLockKernel(&pImage->hMemLock, pImage->pvImage, pImage->cbImageBits, RTMEM_PROT_READ);
if (RT_FAILURE(rc))
{
}
}
else
{
}
}
else
{
switch (rcNt)
{
case /* 0xc0000003 */ STATUS_INVALID_INFO_CLASS:
# ifdef RT_ARCH_AMD64
/* Unwind will crash and BSOD, so no fallback here! */
# else
/*
* Use the old way of loading the modules.
*
* Note! We do *NOT* try class 26 because it will probably
* not work correctly on terminal servers and such.
*/
# endif
break;
case /* 0xc0000034 */ STATUS_OBJECT_NAME_NOT_FOUND:
break;
case /* 0xC0000263 */ STATUS_DRIVER_ENTRYPOINT_NOT_FOUND:
break;
case 0xC0000428 /* STATUS_INVALID_IMAGE_HASH */ :
break;
case 0xC000010E /* STATUS_IMAGE_ALREADY_LOADED */ :
Log(("WARNING: see #4853 for cause of this failure on Windows 7 x64\n"));
break;
default:
break;
}
}
}
return rc;
#endif
}
int VBOXCALL supdrvOSLdrValidatePointer(PSUPDRVDEVEXT pDevExt, PSUPDRVLDRIMAGE pImage, void *pv, const uint8_t *pbImageBits)
{
return VINF_SUCCESS;
}
/**
* memcmp + log.
*
* @returns Same as memcmp.
* @param pImage The image.
* @param pbImageBits The image bits ring-3 uploads.
* @param uRva The RVA to start comparing at.
* @param cb The number of bytes to compare.
*/
static int supdrvNtCompare(PSUPDRVLDRIMAGE pImage, const uint8_t *pbImageBits, uint32_t uRva, uint32_t cb)
{
if (iDiff)
{
{
char szBytes[128];
break;
}
}
return iDiff;
}
int VBOXCALL supdrvOSLdrLoad(PSUPDRVDEVEXT pDevExt, PSUPDRVLDRIMAGE pImage, const uint8_t *pbImageBits, PSUPLDRLOAD pReq)
{
if (pImage->pvNtSectionObj)
{
/*
* Usually, the entire image matches exactly.
*/
return VINF_SUCCESS;
/*
* However, on Windows Server 2003 (sp2 x86) both import thunk tables
* are fixed up and we typically get a mismatch in the INIT section.
*
* So, lets see if everything matches when excluding the
* OriginalFirstThunk tables. To make life simpler, set the max number
* of imports to 16 and just record and sort the locations that needs
* to be excluded from the comparison.
*/
IMAGE_NT_HEADERS const *pNtHdrs;
: 0));
&& pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size >= sizeof(IMAGE_IMPORT_DESCRIPTOR)
&& pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress > sizeof(IMAGE_NT_HEADERS)
&& pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress < pImage->cbImageBits
)
{
struct MyRegion
{
} aExcludeRgns[16];
unsigned cExcludeRgns = 0;
/ sizeof(IMAGE_IMPORT_DESCRIPTOR);
IMAGE_IMPORT_DESCRIPTOR const *pImp;
while ( cImpsLeft-- > 0
{
if ( uRvaThunk > sizeof(IMAGE_NT_HEADERS)
{
/* Find the size of the thunk table. */
cThunks++;
/* Ordered table insert. */
unsigned i = 0;
for (; i < cExcludeRgns; i++)
break;
if (i != cExcludeRgns)
cExcludeRgns++;
}
/* advance */
pImp++;
}
/*
* Ok, do the comparison.
*/
int iDiff = 0;
for (unsigned i = 0; !iDiff && i < cExcludeRgns; i++)
{
}
if (!iDiff)
return VINF_SUCCESS;
}
else
return VERR_LDR_MISMATCH_NATIVE;
}
return VERR_INTERNAL_ERROR_4;
}
{
if (pImage->pvNtSectionObj)
{
{
}
if (rcNt != STATUS_SUCCESS)
}
}
/**
* Converts an IPRT error code to an nt status code.
*
* @returns corresponding nt status code.
* @param rc IPRT error status code.
*/
{
switch (rc)
{
case VINF_SUCCESS: return STATUS_SUCCESS;
case VERR_GENERAL_FAILURE: return STATUS_NOT_SUPPORTED;
case VERR_INVALID_PARAMETER: return STATUS_INVALID_PARAMETER;
case VERR_INVALID_MAGIC: return STATUS_UNKNOWN_REVISION;
case VERR_INVALID_HANDLE: return STATUS_INVALID_HANDLE;
case VERR_INVALID_POINTER: return STATUS_INVALID_ADDRESS;
case VERR_LOCK_FAILED: return STATUS_NOT_LOCKED;
case VERR_ALREADY_LOADED: return STATUS_IMAGE_ALREADY_LOADED;
case VERR_PERMISSION_DENIED: return STATUS_ACCESS_DENIED;
case VERR_VERSION_MISMATCH: return STATUS_REVISION_MISMATCH;
}
return STATUS_UNSUCCESSFUL;
}
/** @todo use the nocrt stuff? */
{
return 0;
}
#if 0 /* See alternative in SUPDrvA-win.asm */
/**
* Alternative version of SUPR0Printf for Windows.
*
* @returns 0.
* @param pszFormat The format string.
*/
{
char szMsg[512];
return 0;
}
#endif