From 5d6d938039e9bde94c0f6ae06177427c598e6ae4 Mon Sep 17 00:00:00 2001 From: Bill Zissimopoulos Date: Sat, 12 Dec 2015 17:01:30 -0800 Subject: [PATCH] sys: FspFsvrtTransact testing --- inc/winfsp/fsctl.h | 35 ++++++---- src/dll/fsctl.c | 4 +- src/sys/cleanup.c | 6 +- src/sys/driver.h | 2 +- src/sys/fsctl.c | 26 +++---- src/sys/iop.c | 1 - tst/winfsp-tests/mount-test.c | 123 ++++++++++++++++++++++++++++++++++ 7 files changed, 163 insertions(+), 34 deletions(-) diff --git a/inc/winfsp/fsctl.h b/inc/winfsp/fsctl.h index 45acba9c..b40dc72e 100644 --- a/inc/winfsp/fsctl.h +++ b/inc/winfsp/fsctl.h @@ -35,8 +35,9 @@ extern const __declspec(selectany) GUID FspFsvrtDeviceClassGuid = #define FSP_FSCTL_TRANSACT \ CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0x800 + 'T', METHOD_BUFFERED, FILE_ANY_ACCESS) -#define FSP_FSCTL_CREATE_BUFFER_SIZE 128 -#define FSP_FSCTL_TRANSACT_BUFFER_SIZE 16384 +#define FSP_FSCTL_CREATE_BUFFER_SIZEMIN 128 +#define FSP_FSCTL_TRANSACT_REQ_BUFFER_SIZEMIN 16384 /* checked by driver! */ +#define FSP_FSCTL_TRANSACT_RSP_BUFFER_SIZEMIN 16384 /* not checked by driver! */ #define FSP_FSCTL_VOLUME_PARAMS_SIZE FSP_FSCTL_DEFAULT_ALIGN_UP(sizeof(FSP_FSCTL_VOLUME_PARAMS)) #define FSP_FSCTL_TRANSACT_REQ_SIZEMAX (4096 - 64) /* 64: size for internal request header */ @@ -154,14 +155,19 @@ typedef struct FSP_FSCTL_DECLSPEC_ALIGN UINT8 Buffer[]; } FSP_FSCTL_TRANSACT_RSP; #pragma warning(pop) +static inline BOOLEAN FspFsctlTransactCanProduceRequest( + FSP_FSCTL_TRANSACT_REQ *Request, PVOID RequestBufEnd) +{ + return (PUINT8)Request + FSP_FSCTL_TRANSACT_REQ_SIZEMAX <= (PUINT8)RequestBufEnd; +} static inline FSP_FSCTL_TRANSACT_REQ *FspFsctlTransactProduceRequest( - FSP_FSCTL_TRANSACT_REQ *Request, SIZE_T RequestSize, PVOID RequestBufEnd) + FSP_FSCTL_TRANSACT_REQ *Request, SIZE_T RequestSize) { PVOID NextRequest = (PUINT8)Request + FSP_FSCTL_DEFAULT_ALIGN_UP(RequestSize); - return NextRequest <= RequestBufEnd ? NextRequest : 0; + return NextRequest; } -static inline const FSP_FSCTL_TRANSACT_REQ *FspFsctlTransactConsumeRequest( - const FSP_FSCTL_TRANSACT_REQ *Request, PVOID RequestBufEnd) +static inline FSP_FSCTL_TRANSACT_REQ *FspFsctlTransactConsumeRequest( + FSP_FSCTL_TRANSACT_REQ *Request, PVOID RequestBufEnd) { if ((PUINT8)Request + sizeof(Request->Size) > (PUINT8)RequestBufEnd || sizeof(FSP_FSCTL_TRANSACT_REQ) > Request->Size) @@ -169,14 +175,19 @@ static inline const FSP_FSCTL_TRANSACT_REQ *FspFsctlTransactConsumeRequest( PVOID NextRequest = (PUINT8)Request + FSP_FSCTL_DEFAULT_ALIGN_UP(Request->Size); return NextRequest <= RequestBufEnd ? NextRequest : 0; } +static inline BOOLEAN FspFsctlTransactCanProduceResponse( + FSP_FSCTL_TRANSACT_RSP *Response, PVOID ResponseBufEnd) +{ + return (PUINT8)Response + FSP_FSCTL_TRANSACT_RSP_SIZEMAX <= (PUINT8)ResponseBufEnd; +} static inline FSP_FSCTL_TRANSACT_RSP *FspFsctlTransactProduceResponse( - FSP_FSCTL_TRANSACT_RSP *Response, SIZE_T ResponseSize, PVOID ResponseBufEnd) + FSP_FSCTL_TRANSACT_RSP *Response, SIZE_T ResponseSize) { PVOID NextResponse = (PUINT8)Response + FSP_FSCTL_DEFAULT_ALIGN_UP(ResponseSize); - return NextResponse <= ResponseBufEnd ? NextResponse : 0; + return NextResponse; } -static inline const FSP_FSCTL_TRANSACT_RSP *FspFsctlTransactConsumeResponse( - const FSP_FSCTL_TRANSACT_RSP *Response, PVOID ResponseBufEnd) +static inline FSP_FSCTL_TRANSACT_RSP *FspFsctlTransactConsumeResponse( + FSP_FSCTL_TRANSACT_RSP *Response, PVOID ResponseBufEnd) { if ((PUINT8)Response + sizeof(Response->Size) > (PUINT8)ResponseBufEnd || sizeof(FSP_FSCTL_TRANSACT_RSP) > Response->Size) @@ -193,8 +204,8 @@ FSP_API NTSTATUS FspFsctlOpenVolume(PWSTR VolumePath, PHANDLE PVolumeHandle); FSP_API NTSTATUS FspFsctlDeleteVolume(HANDLE VolumeHandle); FSP_API NTSTATUS FspFsctlTransact(HANDLE VolumeHandle, - FSP_FSCTL_TRANSACT_RSP *ResponseBuf, SIZE_T ResponseBufSize, - FSP_FSCTL_TRANSACT_REQ *RequestBuf, SIZE_T *PRequestBufSize); + PVOID ResponseBuf, SIZE_T ResponseBufSize, + PVOID RequestBuf, SIZE_T *PRequestBufSize); #endif #endif diff --git a/src/dll/fsctl.c b/src/dll/fsctl.c index 389ed132..140d4586 100644 --- a/src/dll/fsctl.c +++ b/src/dll/fsctl.c @@ -237,8 +237,8 @@ exit: } FSP_API NTSTATUS FspFsctlTransact(HANDLE VolumeHandle, - FSP_FSCTL_TRANSACT_RSP *ResponseBuf, SIZE_T ResponseBufSize, - FSP_FSCTL_TRANSACT_REQ *RequestBuf, SIZE_T *PRequestBufSize) + PVOID ResponseBuf, SIZE_T ResponseBufSize, + PVOID RequestBuf, SIZE_T *PRequestBufSize) { NTSTATUS Result = STATUS_SUCCESS; DWORD Bytes; diff --git a/src/sys/cleanup.c b/src/sys/cleanup.c index cc29e77b..4aea9e75 100644 --- a/src/sys/cleanup.c +++ b/src/sys/cleanup.c @@ -79,9 +79,9 @@ static NTSTATUS FspFsvolCleanup( if (0 == OpenCount) { /* - * The following must be done under the file system volume device Resource, - * because we are manipulating its GenericTable. - */ + * The following must be done under the file system volume device Resource, + * because we are manipulating its GenericTable. + */ ExAcquireResourceExclusiveLite(&FsvolDeviceExtension->Base.Resource, TRUE); try { diff --git a/src/sys/driver.h b/src/sys/driver.h index 21f177fa..50f5c7c8 100644 --- a/src/sys/driver.h +++ b/src/sys/driver.h @@ -425,7 +425,7 @@ LONG FspFileContextClose(FSP_FILE_CONTEXT *Context) { ASSERT(ExIsResourceAcquiredExclusiveLite(Context->Header.Resource)); ASSERT(0 < Context->OpenCount); - return Context->OpenCount--; + return --Context->OpenCount; } static inline VOID FspFileContextRetain(FSP_FILE_CONTEXT *Context) diff --git a/src/sys/fsctl.c b/src/sys/fsctl.c index bf1ce07f..f5a7bd29 100644 --- a/src/sys/fsctl.c +++ b/src/sys/fsctl.c @@ -113,7 +113,7 @@ static NTSTATUS FspFsctlCreateVolume( !FspValidRelativeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorSize, DACL_SECURITY_INFORMATION)) return STATUS_INVALID_PARAMETER; - if (FSP_FSCTL_CREATE_BUFFER_SIZE > OutputBufferLength) + if (FSP_FSCTL_CREATE_BUFFER_SIZEMIN > OutputBufferLength) return STATUS_BUFFER_TOO_SMALL; NTSTATUS Result; @@ -138,7 +138,7 @@ static NTSTATUS FspFsctlCreateVolume( UNICODE_STRING DeviceSddl; UNICODE_STRING DeviceName; RtlInitUnicodeString(&DeviceSddl, L"" FSP_FSVRT_DEVICE_SDDL); - RtlInitEmptyUnicodeString(&DeviceName, SystemBuffer, FSP_FSCTL_CREATE_BUFFER_SIZE); + RtlInitEmptyUnicodeString(&DeviceName, SystemBuffer, FSP_FSCTL_CREATE_BUFFER_SIZEMIN); Result = RtlUnicodeStringPrintf(&DeviceName, L"\\Device\\Volume{%08lx-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", Guid.Data1, Guid.Data2, Guid.Data3, @@ -340,16 +340,18 @@ static NTSTATUS FspFsvrtTransact( ULONG InputBufferLength = IrpSp->Parameters.FileSystemControl.InputBufferLength; ULONG OutputBufferLength = IrpSp->Parameters.FileSystemControl.OutputBufferLength; PVOID SystemBuffer = Irp->AssociatedIrp.SystemBuffer; - if (sizeof(FSP_FSCTL_TRANSACT_RSP) > InputBufferLength || 0 == SystemBuffer) + if (0 == SystemBuffer || + (0 != InputBufferLength && + FSP_FSCTL_DEFAULT_ALIGN_UP(sizeof(FSP_FSCTL_TRANSACT_RSP)) > InputBufferLength)) return STATUS_INVALID_PARAMETER; - if (FSP_FSCTL_TRANSACT_BUFFER_SIZE > OutputBufferLength) + if (FSP_FSCTL_TRANSACT_REQ_BUFFER_SIZEMIN > OutputBufferLength) return STATUS_BUFFER_TOO_SMALL; NTSTATUS Result; FSP_FSVRT_DEVICE_EXTENSION *FsvrtDeviceExtension = FspFsvrtDeviceExtension(DeviceObject); PUINT8 SystemBufferEnd; - const FSP_FSCTL_TRANSACT_RSP *Response, *NextResponse; - FSP_FSCTL_TRANSACT_REQ *Request, *NextRequest, *PendingIrpRequest; + FSP_FSCTL_TRANSACT_RSP *Response, *NextResponse; + FSP_FSCTL_TRANSACT_REQ *Request, *PendingIrpRequest; PIRP ProcessIrp, PendingIrp; /* access check */ @@ -388,7 +390,7 @@ retry: /* send any pending IRP's to the user-mode file system */ Request = SystemBuffer; SystemBufferEnd = (PUINT8)SystemBuffer + OutputBufferLength; - ASSERT((PUINT8)Request + FSP_FSCTL_TRANSACT_REQ_SIZEMAX <= SystemBufferEnd); + ASSERT(FspFsctlTransactCanProduceRequest(Request, SystemBufferEnd)); for (;;) { PendingIrpRequest = FspIopRequest(PendingIrp); @@ -398,13 +400,8 @@ retry: FspIopCompleteIrp(PendingIrp, Result); else { - NextRequest = FspFsctlTransactProduceRequest( - Request, PendingIrpRequest->Size, SystemBufferEnd); - /* this should not fail as we have already checked that we have enough space */ - ASSERT(0 != NextRequest); - RtlCopyMemory(Request, PendingIrpRequest, PendingIrpRequest->Size); - Request = NextRequest; + Request = FspFsctlTransactProduceRequest(Request, PendingIrpRequest->Size); if (!FspIoqStartProcessingIrp(&FsvrtDeviceExtension->Ioq, PendingIrp)) { @@ -420,7 +417,7 @@ retry: } /* check that we have enough space before pulling the next pending IRP off the queue */ - if ((PUINT8)Request + FSP_FSCTL_TRANSACT_REQ_SIZEMAX > SystemBufferEnd) + if (!FspFsctlTransactCanProduceRequest(Request, SystemBufferEnd)) break; } @@ -433,7 +430,6 @@ retry: if (Request == SystemBuffer) goto retry; - RtlZeroMemory(Request, SystemBufferEnd - (PUINT8)Request); Irp->IoStatus.Information = (PUINT8)Request - (PUINT8)SystemBuffer; return STATUS_SUCCESS; diff --git a/src/sys/iop.c b/src/sys/iop.c index add824c6..e6236046 100644 --- a/src/sys/iop.c +++ b/src/sys/iop.c @@ -151,7 +151,6 @@ VOID FspIopCompleteIrpEx(PIRP Irp, NTSTATUS Result, BOOLEAN DeviceRelease) PAGED_CODE(); ASSERT(STATUS_PENDING != Result); - ASSERT(0 == Irp->Tail.Overlay.DriverContext[3]); if (0 != FspIopRequest(Irp)) { diff --git a/tst/winfsp-tests/mount-test.c b/tst/winfsp-tests/mount-test.c index e3733d4e..79919b37 100644 --- a/tst/winfsp-tests/mount-test.c +++ b/tst/winfsp-tests/mount-test.c @@ -113,9 +113,132 @@ void mount_volume_cancel_test(void) mount_volume_cancel_dotest(L"WinFsp.Net"); } +static unsigned __stdcall mount_volume_transact_dotest_thread(void *FilePath) +{ + FspDebugLog(__FUNCTION__ ": \"%S\"\n", FilePath); + + HANDLE Handle; + Handle = CreateFileW(FilePath, + FILE_GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0); + if (INVALID_HANDLE_VALUE == Handle) + return GetLastError(); + CloseHandle(Handle); + return 0; +} + +void mount_volume_transact_dotest(PWSTR DeviceName) +{ + NTSTATUS Result; + BOOL Success; + FSP_FSCTL_VOLUME_PARAMS Params = { 0 }; + WCHAR VolumePath[MAX_PATH]; + WCHAR FilePath[MAX_PATH]; + HANDLE VolumeHandle; + HANDLE Thread; + DWORD ExitCode; + + Params.SectorSize = 16384; + Params.SerialNumber = 0x12345678; + Result = FspFsctlCreateVolume(DeviceName, &Params, 0, VolumePath, sizeof VolumePath); + ASSERT(STATUS_SUCCESS == Result); + + StringCbPrintfW(FilePath, sizeof FilePath, L"\\\\?\\GLOBALROOT%s\\file0", VolumePath); + Thread = (HANDLE)_beginthreadex(0, 0, mount_volume_transact_dotest_thread, FilePath, 0, 0); + ASSERT(0 != Thread); + + Sleep(1000); /* give some time to the thread to execute */ + + Result = FspFsctlOpenVolume(VolumePath, &VolumeHandle); + ASSERT(STATUS_SUCCESS == Result); + + FSP_FSCTL_DECLSPEC_ALIGN UINT8 RequestBuf[FSP_FSCTL_TRANSACT_REQ_BUFFER_SIZEMIN]; + FSP_FSCTL_DECLSPEC_ALIGN UINT8 ResponseBuf[FSP_FSCTL_TRANSACT_RSP_BUFFER_SIZEMIN]; + UINT8 *RequestBufEnd; + UINT8 *ResponseBufEnd = ResponseBuf + sizeof ResponseBuf; + SIZE_T RequestBufSize; + SIZE_T ResponseBufSize; + FSP_FSCTL_TRANSACT_REQ *Request = (PVOID)RequestBuf, *NextRequest; + FSP_FSCTL_TRANSACT_RSP *Response = (PVOID)ResponseBuf; + + ResponseBufSize = 0; + RequestBufSize = sizeof RequestBuf; + Result = FspFsctlTransact(VolumeHandle, ResponseBuf, ResponseBufSize, RequestBuf, &RequestBufSize); + ASSERT(STATUS_SUCCESS == Result); + + RequestBufEnd = RequestBuf + RequestBufSize; + + NextRequest = FspFsctlTransactConsumeRequest(Request, RequestBufEnd); + ASSERT(0 != NextRequest); + + ASSERT(0 == Request->Version); + ASSERT(FSP_FSCTL_TRANSACT_REQ_SIZEMAX >= Request->Size); + ASSERT(0 != Request->Hint); + ASSERT(FspFsctlTransactCreateKind == Request->Kind); + ASSERT(FILE_CREATE == ((Request->Req.Create.CreateOptions >> 24) & 0xff)); + ASSERT(FILE_ATTRIBUTE_NORMAL == Request->Req.Create.FileAttributes); + ASSERT(0 == Request->Req.Create.SecurityDescriptor.Offset); + ASSERT(0 == Request->Req.Create.SecurityDescriptor.Size); + ASSERT(0 == Request->Req.Create.AllocationSize); + ASSERT(FILE_GENERIC_READ == Request->Req.Create.DesiredAccess); + ASSERT((FILE_SHARE_READ | FILE_SHARE_WRITE) == Request->Req.Create.ShareAccess); + ASSERT(0 == Request->Req.Create.Ea.Offset); + ASSERT(0 == Request->Req.Create.Ea.Size); + ASSERT(Request->Req.Create.UserMode); + ASSERT(Request->Req.Create.HasTraversePrivilege); + ASSERT(!Request->Req.Create.OpenTargetDirectory); + ASSERT(!Request->Req.Create.CaseSensitive); + + ASSERT(FspFsctlTransactCanProduceResponse(Response, ResponseBufEnd)); + + RtlZeroMemory(Response, sizeof *Response); + Response->Size = sizeof *Response; + Response->Hint = Request->Hint; + Response->Kind = Request->Kind; + Response->IoStatus.Status = STATUS_SUCCESS; + Response->IoStatus.Information = FILE_CREATED; + Response->Rsp.Create.Opened.UserContext = 41; + Response->Rsp.Create.Opened.UserContext2 = 42; + Response->Rsp.Create.Opened.FileAttributes = FILE_ATTRIBUTE_NORMAL; + Response->Rsp.Create.Opened.SecurityDescriptor.Offset = 0; + Response->Rsp.Create.Opened.SecurityDescriptor.Size = 0; + + Response = FspFsctlTransactProduceResponse(Response, Response->Size); + ASSERT(0 != Response); + + Request = NextRequest; + NextRequest = FspFsctlTransactConsumeRequest(Request, RequestBufEnd); + ASSERT(0 == NextRequest); + + ResponseBufSize = (PUINT8)Response - ResponseBuf; + RequestBufSize = sizeof RequestBuf; + Result = FspFsctlTransact(VolumeHandle, ResponseBuf, ResponseBufSize, RequestBuf, &RequestBufSize); + ASSERT(STATUS_SUCCESS == Result); + + Result = FspFsctlDeleteVolume(VolumeHandle); + ASSERT(STATUS_SUCCESS == Result); + + Success = CloseHandle(VolumeHandle); + ASSERT(Success); + + WaitForSingleObject(Thread, INFINITE); + GetExitCodeThread(Thread, &ExitCode); + CloseHandle(Thread); + + ASSERT(0 == ExitCode); +} + +void mount_volume_transact_test(void) +{ + if (WinFspDiskTests) + mount_volume_transact_dotest(L"WinFsp.Disk"); + if (WinFspNetTests) + mount_volume_transact_dotest(L"WinFsp.Net"); +} + void mount_tests(void) { TEST(mount_invalid_test); TEST(mount_create_delete_test); TEST(mount_volume_cancel_test); + TEST(mount_volume_transact_test); }