Xen project Mailing List

RE: [PATCH 3/4 v2] SDV: ZwRegistryOpen rule violations

To: Paul Durrant <paul@xxxxxxx>, "win-pv-devel@xxxxxxxxxxxxxxxxxxxx" <win-pv-devel@xxxxxxxxxxxxxxxxxxxx>

From: Owen Smith <owen.smith@xxxxxxxxxx>

Date: Mon, 21 Feb 2022 09:13:45 +0000

Accept-language: en-GB, en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qQFIhRL8FLmoegXh+I9wBJHHaew3ETTYrTf3zFRYG4A=; b=Pm1EONtrThOXcaSFqVDmyygYQDEtHynn3CqQOTHlm4wBbbyFjm4PcmPgTCgfvPpCBv8srVZUPZIAMhDWh3o7mm9VuM18rphACsTP/SrA/KAwD66qtEEkg5cpwZuOzv6mi/z6DS7nYZYjkJjRjAcSiEWBvORqreQ1l0NGvV16Nvm0zl6efYBtb1WN1tSBMi1nm7MQ5hpqCytu/v1RoCpqcbtVmCb9qguUfGdhoBjLD4Tqls8kg9RH1XLggMdl2UTGckRZy3Dw/MJC5Ze361J/q3S+yHxZrMzcY9fjverfBH7LbN2t7uKOydFbKA3rXSOvb0hAJSuGKtLcdOi2n+BNCA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XS+1LBOz0I5Mmlv9pcH2pQnTrFaXO3G7D5PW5G6A/poE8LTOGjX0GjEH70zzTEQ55dquoPE2eOjZtq2qYgRkbjuQ4+Jlv1P1EEpfHFPiJdpFefmCa/86o3c/T8EO8fvkVFrsnC7PPgiJUvOe/CQgppVJm9RxIMLfrl6dgvztKbIX8sRtOfwkaACH+xkefq6mFrqR/LMUmMtTGyANyJGQJW4HDCakikvG384YAHXXCYz4nuMQx5rnmdlldEWBgYFv1ZloXv/ITkXVvQbHUS3uH8gKY03kEvKuF2kp2ekddJa7zj0rYKVSbjY3wn/92jc6HfXOLuQzC/UokS9j6yfPTg==

Authentication-results: esa2.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Delivery-date: Mon, 21 Feb 2022 09:13:58 +0000

Ironport-data: A9a23:UUbObayzb2bJvXEtx3x6t+dLxirEfRIJ4+MujC+fZmUNrF6WrkUDz zQZXDuBOPjeNmb0eIhwPIy/80wC7ZLUydcyTAdo+yAxQypGp/SeCIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwnj/0bv656yMUOZigHtIQMsadUsxKbVIiGHdJZS5LwbZj2NYy24HhWmthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ NplmrngbBV2FI/1vMczakIILQEhOrdLweqSSZS/mZT7I0zudnLtx7NlDV0sPJ1e8eFyaY1M3 aVGcnZXNEnF3r/ohuLgIgVvrp1LwM3DO5wSvDd7yDDFDd4tQIzZQrWM7thdtNs1rp4SQ62FO pFHAdZpREqRbyZfEEZONNEnvO6PtlbhTBx7703A8MLb5ECMlVcsgdABKuH9Zd2MAN1L20qVu G/C12D4GQ0BcsySzyKf9XChjfOJmjn0MKoKHaC83u5nhhuU3GN7NfENfQLl+7/j0Bf4Ao8Bb RxPksYzkUQs3GOOHvzvADeamVqnkCdHC+RwTOog5TjYn8I4/D2lLmQDSzdAbvkvu8k3WSEm2 ze1oj/5OdB8mObLECzAr994uRv3YHFIdjFaOUfoWCNYu4GLnW0lsv7Yoj+P+oaRh8a9Jzz/y iviQMMW1+RK1p5jO0lWEDn6b9OQSnrhE1RdCub/BDvNAuZFiGmNPdHA1LQjxawcRLt1t3HY1 JT+p+CQ7foVEbaGnzGXTeMGEdmBvqjZbWaM3Q8yTsR7plxBHkJPmqgKvVlDyLpBaJ5YKVcFn meI0e+u2HOjFCTzNvImC25AI88r0bLhBbzYugP8NbJzjmxKXFbfpklGPBfIt0i0yRREufxva P+zLJf3ZV5HWPsP8dZDb7pEuVPd7ntlnj27qFGS50nP7Idyk1bPF+9eaQPWNrpRAWHtiFy9z uuz/vCikn13eOb/fjPW4cgUK1ULJmI8Hpf4t4pccevrH+asMDpJ5yP5qV/5R7FYog==

Ironport-hdrordr: A9a23:TdHGTa3fQvr9VCubFIiruwqjBQtyeYIsimQD101hICG9Lfb2qy n+ppgmPEHP5Qr5AEtQ4+xoS5PwPE80kqQFrLX5XI3SFjUO3VHHEGgM1/qF/9SNIVycygcZ79 YaT0EcMqy9MbEZt7eC3ODQKb9Jq7PnkJxAx92ut0uFJTsaLZ2IhD0JbzpzZ3cGIzWucqBJcK Z0iPA3xQaISDAyVICWF3MFV+/Mq5ngj5T9eyMLABYh9U2nkS6owKSSKWnW4j4uFxd0hZsy+2 nMlAL0oo+5teug9xPa32jPq7xLhdrazMdZDsDksLlaFtyssHfoWG1SYczAgNkHmpDs1L/sqq iIn/4UBbUy15oWRBDwnfKi4Xim7N9k0Q6f9bbRuwqdnSW+fkNiNyMJv/MmTjLJr0Unp91yy6 RNwiaQsIdWFwrJmGDn68HPTAwCrDv8nZMOq59ls5Vka/ppVFaRl/1swGpFVJMbWC7q4oEuF+ djSMna+fZNaFufK3TUpHNmztCgVmk6Wk7ueDlIhuWFlzxN2HxpxUoRw8IS2n8G6ZImUpFBo+ DJKL5hmr1CRtIfKah9GOACS82qDXGle2OFDEuCZVD8UK0XMXPErJD6pL0z+eGxYZQNiIA/nZ zQOWkowVLau3iefPFm8Kc7giwlGl/NLAgF4vsulKREhg==

List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>

Thread-index: AQHYIyJkxzZ5160oSU+ZPbRMBIUBRaydv+ag

Thread-topic: [PATCH 3/4 v2] SDV: ZwRegistryOpen rule violations

-----Original Message----- From: Paul Durrant <paul@xxxxxxx> Sent: 16 February 2022 10:45 To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx Cc: Owen Smith <owen.smith@xxxxxxxxxx>; Paul Durrant <paul@xxxxxxx> Subject: [PATCH 3/4 v2] SDV: ZwRegistryOpen rule violations [CAUTION - EXTERNAL EMAIL] DO NOT reply, click links, or open attachments unless you have verified the sender and know the content is safe. From: Owen Smith <owen.smith@xxxxxxxxxx> Dont hold the ParametersKey open, SDV treats this as a mismatched ZwRegistryOpen and ZwClose pair. Open the registry key when required, and close it once its no longer required. Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx> Remove DriverGetParametersKey() from xenfilt/driver.h and don't add the implementation of DriverOpenParametersKey() in xenfilt/driver.c. Signed-off-by: Paul Durrant <paul@xxxxxxx> I completely missed that the ParametersKey was never used, I was just fixing SDV issues. Removing this unused code is good. Acked-By: Owen Smith <owen.smith@xxxxxxxxxx> --- src/xenfilt/driver.c | 101 +++++++++++++++++++------------------------ src/xenfilt/driver.h | 5 --- 2 files changed, 45 insertions(+), 61 deletions(-) diff --git a/src/xenfilt/driver.c b/src/xenfilt/driver.c index f131282fd795..8a8396e528b8 100644 --- a/src/xenfilt/driver.c +++ b/src/xenfilt/driver.c @@ -47,7 +47,6 @@ typedef struct _XENFILT_DRIVER { PDRIVER_OBJECT DriverObject; - HANDLE ParametersKey; MUTEX Mutex; LIST_ENTRY List; @@ -113,28 +112,31 @@ DriverGetDriverObject( return __DriverGetDriverObject(); } -static FORCEINLINE VOID -__DriverSetParametersKey( - IN HANDLE Key +static FORCEINLINE NTSTATUS +__DriverOpenParametersKey( + OUT PHANDLE ParametersKey ) { - Driver.ParametersKey = Key; -} + HANDLE ServiceKey; + NTSTATUS status; -static FORCEINLINE HANDLE -__DriverGetParametersKey( - VOID - ) -{ - return Driver.ParametersKey; -} + status = RegistryOpenServiceKey(KEY_READ, &ServiceKey); + if (!NT_SUCCESS(status)) + goto fail1; -HANDLE -DriverGetParametersKey( - VOID - ) -{ - return __DriverGetParametersKey(); + status = RegistryOpenSubKey(ServiceKey, "Parameters", KEY_READ, ParametersKey); + if (!NT_SUCCESS(status)) + goto fail2; + + RegistryCloseKey(ServiceKey); + + return STATUS_SUCCESS; + +fail2: + RegistryCloseKey(ServiceKey); + +fail1: + return status; } static FORCEINLINE VOID @@ -244,7 +246,9 @@ __DriverGetActive( ASSERT3U(KeGetCurrentIrql(), ==, PASSIVE_LEVEL); - ParametersKey = __DriverGetParametersKey(); + status = __DriverOpenParametersKey(&ParametersKey); + if (!NT_SUCCESS(status)) + goto fail1; status = RtlStringCbPrintfA(Name, MAXNAMELEN, "Active%s", Key); ASSERT(NT_SUCCESS(status)); @@ -254,14 +258,14 @@ __DriverGetActive( NULL, &Ansi); if (!NT_SUCCESS(status)) - goto fail1; + goto fail2; Length = Ansi[0].Length + sizeof (CHAR); *Value = __AllocatePoolWithTag(NonPagedPool, Length, 'TLIF'); status = STATUS_NO_MEMORY; if (*Value == NULL) - goto fail2; + goto fail3; status = RtlStringCbPrintfA(*Value, Length, @@ -271,13 +275,20 @@ __DriverGetActive( RegistryFreeSzValue(Ansi); + RegistryCloseKey(ParametersKey); + Trace("<====\n"); return STATUS_SUCCESS; +fail3: + Error("fail3\n"); + fail2: Error("fail2\n"); + RegistryCloseKey(ParametersKey); + fail1: if (status != STATUS_OBJECT_NAME_NOT_FOUND) Error("fail1 (%08x)\n", status); @@ -409,8 +420,6 @@ DriverUnload( IN PDRIVER_OBJECT DriverObject ) { - HANDLE ParametersKey; - ASSERT3P(DriverObject, ==, __DriverGetDriverObject()); Trace("====>\n"); @@ -428,10 +437,6 @@ DriverUnload( EmulatedTeardown(Driver.EmulatedContext); Driver.EmulatedContext = NULL; - ParametersKey = __DriverGetParametersKey(); - __DriverSetParametersKey(NULL); - RegistryCloseKey(ParametersKey); - RegistryTeardown(); Info("XENFILT %d.%d.%d (%d) (%02d.%02d.%04d)\n", @@ -744,8 +749,11 @@ DriverGetEmulatedType( HANDLE ParametersKey; XENFILT_EMULATED_OBJECT_TYPE Type; ULONG Index; + NTSTATUS status; - ParametersKey = __DriverGetParametersKey(); + status = __DriverOpenParametersKey(&ParametersKey); + if (!NT_SUCCESS(status)) + goto fail1; Type = XENFILT_EMULATED_OBJECT_TYPE_UNKNOWN; Index = 0; @@ -753,7 +761,6 @@ DriverGetEmulatedType( do { ULONG Length; PANSI_STRING Ansi; - NTSTATUS status; Length = (ULONG)strlen(&Id[Index]); if (Length == 0) @@ -779,7 +786,14 @@ DriverGetEmulatedType( Index += Length + 1; } while (Type == XENFILT_EMULATED_OBJECT_TYPE_UNKNOWN); + RegistryCloseKey(ParametersKey); + return Type; + +fail1: + Error("fail1 %08x\n", status); + + return XENFILT_EMULATED_OBJECT_TYPE_UNKNOWN; } DRIVER_ADD_DEVICE DriverAddDevice; @@ -886,8 +900,6 @@ DriverEntry( IN PUNICODE_STRING RegistryPath ) { - HANDLE ServiceKey; - HANDLE ParametersKey; PXENFILT_EMULATED_CONTEXT EmulatedContext; ULONG Index; NTSTATUS status; @@ -926,19 +938,9 @@ DriverEntry( if (!NT_SUCCESS(status)) goto fail1; - status = RegistryOpenServiceKey(KEY_READ, &ServiceKey); - if (!NT_SUCCESS(status)) - goto fail2; - - status = RegistryOpenSubKey(ServiceKey, "Parameters", KEY_READ, &ParametersKey); - if (!NT_SUCCESS(status)) - goto fail3; - - __DriverSetParametersKey(ParametersKey); - status = EmulatedInitialize(&EmulatedContext); if (!NT_SUCCESS(status)) - goto fail4; + goto fail2; __DriverSetEmulatedContext(EmulatedContext); @@ -948,8 +950,6 @@ DriverEntry( sizeof (Driver.EmulatedInterface)); ASSERT(NT_SUCCESS(status)); - RegistryCloseKey(ServiceKey); - DriverObject->DriverExtension->AddDevice = DriverAddDevice; for (Index = 0; Index <= IRP_MJ_MAXIMUM_FUNCTION; Index++) { @@ -966,17 +966,6 @@ done: Trace("<====\n"); return STATUS_SUCCESS; -fail4: - Error("fail4\n"); - - __DriverSetParametersKey(NULL); - RegistryCloseKey(ParametersKey); - -fail3: - Error("fail3\n"); - - RegistryCloseKey(ServiceKey); - fail2: Error("fail2\n"); diff --git a/src/xenfilt/driver.h b/src/xenfilt/driver.h index 286580bed8a0..6a5665d58e45 100644 --- a/src/xenfilt/driver.h +++ b/src/xenfilt/driver.h @@ -37,11 +37,6 @@ DriverGetDriverObject( VOID ); -extern HANDLE -DriverGetParametersKey( - VOID - ); - extern VOID DriverAcquireMutex( VOID -- 2.17.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.