Commit graph

343 commits

Author SHA1 Message Date
Jérôme Gardou
57e018acf6 [NTOS:MM] Use FORCEINLINE instead of simple inline
inline implies an implementation must exist in another compilation unit
2023-07-23 23:58:42 +02:00
Stanislav Motylkov
5ae65ab7a7 [NTOS:KE] Add x86 CPU features reporting to AMD64
CORE-18023 CORE-14922
2023-07-02 21:00:32 +03:00
Stanislav Motylkov
6a6b383abd [NTOS:KE] Report x86 CPU features in a separate function
KiGetFeatureBits() is now being called in the early boot phase 0
when the Kernel Debugger is not yet initialized, so debug prints
are not available here. Move the debug prints into a new function
and call it at the right time. CORE-18023
2023-07-02 21:00:31 +03:00
Stanislav Motylkov
00715ccf8b [NTOS:KE] Fix magic constants for x86 CPU features
Do it the same way as in amd64 ke.h/cpu.c. CORE-18023
2023-07-02 21:00:31 +03:00
Victor Perevertkin
6cac5b8c9e
[NTOS:PNP] Refactor PnpRootCreateDevice
- Remove unused "DriverObject" argument
- Make "FullInstancePath" mandatory
- Extract the PDO creation into separate function, it will be used later
2023-06-29 19:25:28 +03:00
Victor Perevertkin
bbf64c0cc4
[NTOS:PNP] Do not create an extra "PDO" device inside PnP root driver
The root device object is in fact a PDO and a FDO at the same time. Thus
there is no need in creating two device objects here, one is enough.
This commit also removes the explicit device extension for the root DO,
because the only reason it existed is to distinguish the root driver's
FDO from its PDOs. This can easily be done by comparing with
IopRootDeviceNode.

Also collect some unused garbage while we are here.
2023-06-29 19:25:25 +03:00
Hermès Bélusca-Maïto
2674e26cbb
[NTOS:IO] Reformat iorsrce.c, no functional code changes.
- Fix whitespace; add SAL annotations, doxygen documentation...

- Deduplicate the array of description strings corresponding to
  IO_QUERY_DEVICE_DATA_FORMAT.

- Unhardcode the "[3]" into 'IoQueryDeviceMaxData': the maximum number
  of device data queried.
2023-06-04 21:40:07 +02:00
Hermès Bélusca-Maïto
579eab8a31
[NTOS] Include kdbg/kdb.h only in the files that really need it. 2023-04-11 00:44:10 +02:00
Hermès Bélusca-Maïto
eb02a85214
[NTOS:KD] Split internal/kd.h into a part shared in the whole kernel and a private part only used within ntoskrnl/kd. 2023-03-27 23:31:34 +02:00
Hermès Bélusca-Maïto
6fafe54f89
[NTOS:KD:KDBG] Move some files to a better place. 2023-03-27 23:31:28 +02:00
Hermès Bélusca-Maïto
9d9536d431
[NTOS:KD64] Format string of KdpDprintf can be const. 2023-03-22 19:57:59 +01:00
Hermès Bélusca-Maïto
4ce819ca5a
[NTOS:KD][KDBG] Rework the BootPhase >= 2 initialization of the KD/KDBG kernel debugger. (#4892)
CORE-17470

+ KdpDebugLogInit: Add resources cleanup in failure code paths.

Fix, in an NT-compatible manner, how (and when) the KD/KDBG BootPhase >=2
initialization steps are performed.
These are necessary for any functionality KDBG needs, that would depend
on the NT I/O Manager and the storage and filesystem stacks to be running.
This includes, creating the debug log file, and for KDBG, loading its
KDBinit initialization file.

As a result, file debug logging is fixed.

The old ReactOS-specific (NT-incompatible) callback we did in the middle
of IoInitSystem() is removed, in favor of a runtime mechanism that should
work on Windows as well.

The idea for this new mechanism is loosely inspired by the TDL4 rootkit,
see http://blog.w4kfu.com/public/tdl4_article/draft_tdl4article.html
but contrary to it, a specific hook is used instead, as well as the
technique of driver reinitialization:
https://web.archive.org/web/20211021050515/https://driverentry.com.br/en/blog/?p=261

Its rationale is as follows:

We want to be able to perform I/O-related initialization (starting a
logger thread for file log debugging, loading KDBinit file for KDBG,
etc.). A good place for this would be as early as possible, once the
I/O Manager has started the storage and the boot filesystem drivers.

Here is an overview of the initialization steps of the NT Kernel and
Executive:
----
KiSystemStartup(KeLoaderBlock)
    if (Cpu == 0) KdInitSystem(0, KeLoaderBlock);
    KiSwitchToBootStack() -> KiSystemStartupBootStack()
    -> KiInitializeKernel() -> ExpInitializeExecutive(Cpu, KeLoaderBlock)

(NOTE: Any unexpected debugger break will call KdInitSystem(0, NULL); )
KdInitSystem(0, LoaderBlock) -> KdDebuggerInitialize0(LoaderBlock);

ExpInitializeExecutive(Cpu == 0):    ExpInitializationPhase = 0;
    HalInitSystem(0, KeLoaderBlock); <-- Sets HalInitPnpDriver callback.
    ...
    PsInitSystem(LoaderBlock)
        PsCreateSystemThread(Phase1Initialization)

Phase1Initialization(Discard):       ExpInitializationPhase = 1;
    HalInitSystem(1, KeLoaderBlock);
    ...
    Early initialization of Ob, Ex, Ke.
    KdInitSystem(1, KeLoaderBlock);
    ...
    KdDebuggerInitialize1(LoaderBlock);
    ...
    IoInitSystem(LoaderBlock);
    ...
----
As we can see, KdDebuggerInitialize1() is the last KD initialization
routine the kernel calls, and is called *before* the I/O Manager starts.
Thus, direct Nt/ZwCreateFile ... calls done there would fail. Also,
we want to do the I/O initialization as soon as possible. There does
not seem to be any exported way to be notified about the I/O manager
initialization steps... that is, unless we somehow become a driver and
insert ourselves in the flow!

Since we are not a regular driver, we need to invoke IoCreateDriver()
to create one. However, remember that we are currently running *before*
IoInitSystem(), the I/O subsystem is not initialized yet. Due to this,
calling IoCreateDriver(), much like any other IO functions, would lead
to a crash, because it calls
ObCreateObject(..., IoDriverObjectType, ...), and IoDriverObjectType
is non-initialized yet (it's NULL).

The chosen solution is to hook a "known" exported callback: namely, the
HalInitPnpDriver() callback (it initializes the "HAL Root Bus Driver").
It is set very early on by the HAL via the HalInitSystem(0, ...) call,
and is called early on by IoInitSystem() before any driver is loaded,
but after the I/O Manager has been minimally set up so that new drivers
can be created.
When the hook: KdpInitDriver() is called, we create our driver with
IoCreateDriver(), specifying its entrypoint KdpDriverEntry(), then
restore and call the original HalInitPnpDriver() callback.

Another possible unexplored alternative, could be to insert ourselves
in the KeLoaderBlock->LoadOrderListHead boot modules list, or in the
KeLoaderBlock->BootDriverListHead boot-driver list. (Note that while
we may be able to do this, because boot-drivers are resident in memory,
much like we are, we cannot insert ourselves in the system-driver list
however, since those drivers are expected to come from PE image files.)

Once the KdpDriverEntry() driver entrypoint is called, we register
KdpDriverReinit() for re-initialization with the I/O Manager, in order
to provide more initialization points. KdpDriverReinit() calls the KD
providers at BootPhase >= 2, and schedules further reinitializations
(at most 3 more) if any of the providers request so.
2023-03-11 01:22:19 +01:00
Hervé Poussineau
bf734e5373
[NTOS:KD] Move handling of Dmesg buffer from screen provider to KDBG provider. (#5143)
CORE-10749

The dmesg command is now available even if screen output is disabled.

Co-authored-by: Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
2023-03-10 23:59:08 +01:00
Hermès Bélusca-Maïto
dfb6996b45
[NTOS:KDBG] Split KdbInitialize into KdbSymInit and KDBG initialization proper.
- KdbSymInit() in kdb_symbols.c only initializes symbols implementation
  support.
- The rest of KdbInitialize gets moved into kdb_cli.c and initializes
  the KDBG debugger itself.
- Move KdbDebugPrint to kdb_cli.c as well.
2023-03-10 20:56:21 +01:00
Hermès Bélusca-Maïto
a8b09eddc4
[NTOS:KD] Add some annotations. 2023-03-09 18:32:36 +01:00
George Bișoc
b284e82f47
[NTOS:SE] Do not allocate memory pool just for the access rights
Access check is an expensive operation, that is, whenever an access to an
object is performed an access check has to be done to ensure the access
can be allowed to the calling thread who attempts to access such object.

Currently SepAnalyzeAcesFromDacl allocates a block of pool memory for
access check rights, nagging the Memory Manager like a desperate naughty
creep. So instead initialize the access rights as a simple variable in
SepAccessCheck and pass it out as an address to SepAnalyzeAcesFromDacl so
that the function will fill it up with access rights. This helps with
performance, avoiding wasting a few bits of memory just to hold these
access rights.

In addition to that, add a few asserts and fix the copyright header on
both se.h and accesschk.c, to reflect the Coding Style rules.
2023-03-07 17:50:39 +01:00
Timo Kreuzer
b89a4eed72 [NTOS:EX] Initialize ExpTimeRefreshLock 2022-12-01 20:17:40 +02:00
Timo Kreuzer
9658c6a220 [NTOSKRNL] Print boot cycles on x64 just like on x86 2022-11-24 21:17:58 +02:00
Hermès Bélusca-Maïto
ffb05406e6
[NTOS:KD64] Implement KdLogDbgPrint() for the WinDbg !dbgprint command.
See this command's documentation:
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/-dbgprint
and the section "DbgPrint buffer and the debugger"
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/reading-and-filtering-debugging-messages#dbgprint-buffer-and-the-debugger
for more details.

- Loosely implement the function, based on our existing circular printout
  buffers in kdio.c.
- Enable its usage in the KdpPrint() and KdpPrompt() functions.

Notice that this function will *only* capture the strings being sent **to**
the debugger, and not the strings the debugger itself produce. (This means
that we cannot use the KdPrintCircularBuffer as a replacement for our
KDBG dmesg one, for example...)

How to test:
Run ReactOS under WinDbg, and use the !dbgprint command to view the
buffer. You can also use the Memory Window, place yourself at the
address pointed by KdPrintCircularBuffer and KdPrintWritePointer, and
read its contents.

What you should observe:
Prior notice: The circular buffer in debug builds of ReactOS and Windows
is 0x8000 bytes large. In release builds, its size is down to 0x1000.
1- When you start e.g. the 2nd-stage GUI installation of ReactOS, going
   past the initial "devices installation" and letting it stabilize on
   the Welcome page, break into WinDbg and run the !dbgprint command. You
   should notice that the end of its output is weirdly truncated, compared
   to what has been actually emitted to the debug output. Comparing this
   with the actual contents of the circular buffer (via Memory Window),
   shows that the buffer contents is actually correct.
2- Copy all the text that has been output by the !dbgprint command and
   paste it in an editor; count the number of all characters appearing +
   newlines (only CR or LF), and observe that this number is "mysteriously"
   equal to 16384 == 0x4000.
3- Continue running ReactOS installation for a little while, breaking back
   back into WinDbg and looking at !dbgprint again. Its output seems to be
   still stopping at the same place as before (but the actual buffer memory
   contents shows otherwise). Continue running ROS installation, and break
   into the debugger when ROS is about to restart. You should now observe
   that the dbgprint buffer rolled over:
     dd nt!KdPrintRolloverCount shows 1.
   Carefully analysing the output of !dbgprint, however, you will notice
   that it looks a bit garbage-y: the first part of the output is actually
   truncated after 16384 characters, then you get a second part of the
   buffer showing what ReactOS was printing while shutting down. Then
   you get again what was shown at the top of the !dbgprint output.
   (Of course, comparing with the actual contents of the circular buffer
   in memory shows that its contents are fine...)

The reason of these strange observations, is because there is an intrinsic
bug in the !dbgprint command implementation (in kdexts.dll). Essentially,
it displays the contents of the circular buffer in two single dprintf()
calls: one for the "older" (bottom) part of the buffer:
  [WritePointer, EndOfBuffer]
and one for the "newer" (upper) part of the buffer:
  [CircularBuffer, WritePointer[ .
The first aspect of the bug (causing observation 3), is that those two
parts are not necessarily NULL-terminated strings (especially after
rollover), so for example, displaying the upper part of the buffer, will
potentially also display part of the buffer's bottom part.
The second aspect of the bug (explaining observations 1 and 2), is due
to the implementation of the dprintf() function (callback in dbgenv.dll).
There, it uses a fixed-sized buffer of size 0x4000 == 16384 characters.
Since the output of the circular buffer is not done by little chunks,
but by the two large parts, if any of those are larger than 0x4000 they
get truncated on display.
(This last observation is confirmed in a completely different context by
https://community.osr.com/discussion/112439/dprintf-s-max-string-length .)
2022-11-24 01:18:18 +01:00
Hermès Bélusca-Maïto
36335d9cee
[NTOS:KD64] Correctly initialize the KdPrint buffer data in KdDebuggerDataBlock so as to fix the WinDbg !dbgprint command.
Now, !dbgprint just shows an empty log (since we don't fill it), instead
of showing the following error:

  kd> !dbgprint
  Can't find DbgPrint buffer
2022-11-24 01:18:17 +01:00
Hermès Bélusca-Maïto
c29d6806b8
[NTOS:KD] Remove last remnant of KdpDetectConflicts, deprecated since 2007.
Addendum to commit be2645ad8 (r25987).
2022-11-22 02:10:54 +01:00
Hermès Bélusca-Maïto
271b985981
[NTOS:KD] Cleanup of some old code.
- Remove KdbInit() macro and directly use KdbpCliInit() (since the place
  where it was used was already within an #ifdef KDBG block).

- Declare KdpKdbgInit() only when KDBG is defined, move its definition
  into kdio.c and remove the legacy wrappers/kdbg.c file.
  And in KdbInitialize(), set KdpInitRoutine directly to the former,
  instead of using the KdpKdbgInit indirection.

- Don't reset KdComPortInUse in KdpDebugLogInit().

- Minor refactorings: KdpSerialDebugPrint -> KdpSerialPrint and make it
  static; argument name "Message" -> "String", "StringLength" -> "Length".
2022-11-18 18:11:30 +01:00
Hermès Bélusca-Maïto
98e585364b
[NTOS:KD] Annotate KdInitSystem and remove redundant declaration in kd.h 2022-11-18 18:11:29 +01:00
George Bișoc
caa3571cd7
[NTOS:SE] Implement security debug facility routines
debug.c will serve as a centralized facility for security debugging routines and everything related to that. This file will be expanded with further debug functions for the Security subsystem if needed.
2022-11-08 18:24:37 +01:00
Hermès Bélusca-Maïto
ab5fdac922
[NTOS] Add TAG_DACL in tag.h and use it. 2022-11-03 02:55:49 +01:00
Hermès Bélusca-Maïto
33e0a69dad
[NTOS] tag.h formatting (align values on 4-space tab stops). 2022-11-03 02:55:48 +01:00
Jérôme Gardou
2ae9feb59f [NTOS] Properly implement and use FsRtlAcquireFileForModWriteEx 2022-11-02 19:41:04 +01:00
Jérôme Gardou
75125228be [NTOS] Add some sanity checks when synchronizing PDEs 2022-09-17 13:48:56 +02:00
Kyle Katarn
3703bbd631
[NTOS:MM] Implement PeakCommitment (MmPeakCommitment, MmTotalCommittedPages) (#4650)
And return the corresponding values in SystemPerformanceInformation.
Lockless updating counters suggestion by Thomas Faber.
2022-09-12 14:22:52 +02:00
Timo Kreuzer
e9a129c1e2 [NTOS] Remove useless functions 2022-08-22 11:22:08 +02:00
Timo Kreuzer
fe777bb52f [NTOS:KDBG] Nuke KdbEnter and KdbpCliModuleLoaded
They are not used anymore. Also clean up some obsolete prototypes.
2022-07-20 23:57:42 +02:00
George Bișoc
54a00aa8eb
[CMLIB][NTOS:CM] Deduplicate other common definitions between CMLIB and the NTOS CM
Addendum to commit 8c2454e (r70605). Credits and courtesy go to Hermès BÉLUSCA - MAÏTO.

CORE-10802 CORE-10793
2022-07-10 14:35:53 +02:00
George Bișoc
4471ee4dfa
[NTOS:SE] Properly handle dynamic counters in token
On current master, ReactOS faces these problems:

- ObCreateObject charges both paged and non paged pool a size of TOKEN structure, not the actual dynamic contents of WHAT IS inside a token. For paged pool charge the size is that of the dynamic area (primary group + default DACL if any). This is basically what DynamicCharged is for.
For the non paged pool charge, the actual charge is that of TOKEN structure upon creation. On duplication and filtering however, the paged pool charge size is that of the inherited dynamic charged space from an existing token whereas the non paged pool size is that of the calculated token body
length for the new duplicated/filtered token. On current master, we're literally cheating the kernel by charging the wrong amount of quota not taking into account the dynamic contents which they come from UM.

- Both DynamicCharged and DynamicAvailable are not fully handled (DynamicAvailable is pretty much poorly handled with some cases still to be taking into account). DynamicCharged is barely handled, like at all.

- As a result of these two points above, NtSetInformationToken doesn't check when the caller wants to set up a new default token DACL or primary group if the newly DACL or the said group exceeds the dynamic charged boundary. So what happens is that I'm going to act like a smug bastard fat politician and whack
the primary group and DACL of an token however I want to, because why in the hell not? In reality no, the kernel has to punish whoever attempts to do that, although we currently don't.

- The dynamic area (aka DynamicPart) only picks up the default DACL but not the primary group as well. Generally the dynamic part is composed of primary group and default DACL, if provided.

In addition to that, we aren't returning the dynamic charged and available area in token statistics. SepComputeAvailableDynamicSpace helper is here to accommodate that. Apparently Windows is calculating the dynamic available area rather than just querying the DynamicAvailable field directly from the token.
My theory regarding this is like the following: on Windows both TokenDefaultDacl and TokenPrimaryGroup classes are barely used by the system components during startup (LSASS provides both a DACL and primary group when calling NtCreateToken anyway). In fact DynamicAvailable is 0 during token creation, duplication and filtering when inspecting a token with WinDBG. So
if an application wants to query token statistics that application will face a dynamic available space of 0.
2022-06-29 10:06:37 +02:00
George Bișoc
5e1f292062
[NTOS:SE] NtQueryInformationToken: implement token sandbox inert querying 2022-06-13 18:17:10 +02:00
George Bișoc
d0d86ab588
[NTOSKRNL] Force a probe against ReturnLength on query & Misc ICIF stuff
NtQueryInformationToken is by far the only system call in NT where ReturnLength simply cannot be optional. On Windows this parameter is always probed and an argument to NULL directly leads to an access violation exception.
This is due to the fact of how tokens work, as its information contents (token user, owner, primary group, et al) are dynamic and can vary throughout over time in memory.

What happens on current ReactOS master however is that ReturnLength is only probed if the parameter is not NULL. On a NULL case scenario the probing checks succeed and NtQueryInformationToken fails later. For this, just get rid of CompleteProbing
parameter and opt in for a bit mask flag based approach, with ICIF_FORCE_RETURN_LENGTH_PROBE being set on DefaultQueryInfoBufferCheck which NtQueryInformationToken calls it to do sanity checks.

In addition to that...

- Document the ICIF probe helpers
- Annotate the ICIF prope helpers with SAL
- With the riddance of CompleteProbing and adoption of flags based approach, add ICIF_PROBE_READ_WRITE and ICIF_PROBE_READ flags alongside with ICIF_FORCE_RETURN_LENGTH_PROBE
2022-06-12 11:05:05 +02:00
George Bișoc
9a2c62b544
[NTOS:SE] Reorganize the security manager component
The current state of Security manager's code is kind of a mess. Mainly, there's code scattered around places where they shouldn't belong and token implementation (token.c) is already of a bloat in itself as it is. The file has over 6k lines and it's subject to grow exponentially with improvements, features, whatever that is.

With that being said, the token implementation code in the kernel will be split accordingly and rest of the code moved to appropriate places. The new layout will look as follows (excluding the already existing files):

- client.c (Client security implementation code)
- objtype.c (Object type list implementation code -- more code related to object types will be put here when I'm going to implement object type access checks in the future)
- subject.c (Subject security context support)

The token implementation in the kernel will be split in 4 distinct files as shown:

- token.c (Base token support routines)
- tokenlif.c (Life management of a token object -- that is Duplication, Creation and Filtering)
- tokencls.c (Token Query/Set Information Classes support)
- tokenadj.c (Token privileges/groups adjusting support)

In addition to that, tidy up the internal header and reorganize it as well.
2022-05-29 20:22:19 +02:00
George Bișoc
c020966091
[NTOS:KE] Implement the internal FPU state context structure
This is needed to store FPU state information when saving or restoring the floating point state of a system due to a call to KeSaveFloatingPointState or KeRestoreFloatingPointState.
2022-05-24 18:39:45 +02:00
George Bișoc
d88cd0eefc
[NTOS:KE] Move related FPU instrunctions to internal intrinsic file 2022-05-24 18:39:45 +02:00
George Bișoc
657bc083dc
[NTOSKRNL] Add FPU pool tags 2022-05-24 18:39:45 +02:00
Hermès Bélusca-Maïto
b414e1e4d7
[NTOS] Don't define _IN_KERNEL_ globally for the kernel, but just where it's needed: when including regstr.h. 2022-05-07 18:38:35 +02:00
Hermès Bélusca-Maïto
cfbb734799
[NTOS] Remove ROS-specific __NTOSKRNL__
See https://reactos.org/archives/public/ros-kernel/2004-June/003878.html
> In the source files one set of headers is included if
__NTDLL__ is defines and onother set if __NTOSKRNL__ is defines (dirty
workaround for our messy headers).
2022-05-07 17:53:51 +02:00
George Bișoc
c93bf84747
[NTOS:SE] Add SepGetSidFromAce prototype & Niscellaneous Stuff 2022-05-06 10:09:52 +02:00
George Bișoc
9101a5dc6d
[NTOSKRNL] Add security access check rights pool tag 2022-05-06 10:09:52 +02:00
Victor Perevertkin
cf0bc1c132
[NTOS:PNP] Halfplement IoInvalidateDeviceState
Implement the correct start-stop sequence for resource rebalancing
without the actual rebalancing. Also move IoInvalidateDeviceState
processing into the enumeration thread as it should be.

CORE-17519
2022-04-27 02:42:20 +03:00
George Bișoc
11d9c88c35
[NTOS:SE] Add token debug code
Implement initial token debug code. For now debug information that is being tracked are: process image file name, process and thread client IDs and token creation method. More specific debug code can be added later only if needed.

As for the token creation method, this follows the same principle as on Windows where the creation method is defined by a value denoting the first letter of the said method of creation. That is, 0xC is for token creation, 0xD is for token duplication and 0xF is for token filtering. The debug field names are taken from Windows PDB symbols for WinDBG debug extension support purposes. The names must not be changed!
2022-04-19 11:04:59 +02:00
Hermès Bélusca-Maïto
6ff0232368
[NTOS:CM] Adapt cmboot.c for usage in NT/ReactOS bootloader.
- Add a new cmboot.h header to isolate the boot-support definitions
  shared with the NT/ReactOS bootloader.

- Move CmpFreeDriverList() to cmboot.c so that we can use it for
  cleanup paths in the NT/ReactOS bootloader.

- CmpFindControlSet(): Directly build the control set name in UNICODE,
  instead of doing an ANSI->UNICODE conversion.

- Directly assign the CurrentControlSet\Services constant string,
  instead of going the route of init-empty-string + append-string.
  This is possible since that string is not modified later.

- Remove ASSERT(FALSE), replacing them with correct failure handling.

- Add cleanup paths in CmpAddDriverToList().

- Simplify and fix CmpFreeDriverList(): it's the full DriverNode
  that needs to be freed; not the LIST_ENTRY pointer.

- Add other validity checks:
  * Registry value types and data sizes;
  * For multi-strings, verify that they are NULL-terminated.
  * For (multi-)strings, check whether they are NULL-terminated before
    optionally removing their trailing NULL character from the count.
    Check also whether they are of zero-length and take appropriate
    action where necessary.

- Add CmpIsDriverInList() for future usage in CMBOOT compiled in
  bootloader mode.

- Add SAL annotations and Doxygen documentation.

- Add debug traces.

- Formatting / code style fixes.

** TODO: Fix SafeBoot support **
2022-04-16 18:37:45 +02:00
Hermès Bélusca-Maïto
f7e8214b55
[NTOS:INBV] Code refactoring: Move all the boot animation-specific code out of inbv.c and into the new bootanim.c file.
- inbv.c now only contains the Inbv-specific API and nothing else.

- It will make easier for people to write their own boot themes & animations,
  by just copying/adapting the bootanim.c file (and the resources).

- Add SAL annotations.

- All INBV progress bar functions (except for InbvIndicateProgress())
  should not be INIT-only functions, since they can be (not yet in ROS)
  used at later times -- namely, for feedback during hibernation.
2022-02-13 21:29:14 +01:00
Hermès Bélusca-Maïto
e17f7d6994
[NTOS:INBV] Add documentation to the progress-bar helpers. And fix a bug in them.
In particular, the progress percentage specified to InbvUpdateProgressBar(),
or the progress feedback made with InbvIndicateProgress() calls, is
**relative** to the progress sub-range specified with a previous call to
InbvSetProgressBarSubset() (by default, the range is 0...100%).

This functionality is used e.g. when the number of progress steps is
unknown prior, for example when loading drivers: in this case progress
is made within a given percentage range.

This bug has always been with us since 2010.
2022-02-13 21:16:52 +01:00
George Bișoc
b22eefac88
[NTOS:PS] Process Quota Overhaul
-- Rewrite PspChargeProcessQuotaSpecifiedPool and PspReturnProcessQuotaSpecifiedPool private kernel routines, with the goal to implement the algorithms necessary to manage the fields of quota blocks (Usage, Return, Limit and Peak).
-- Invoke the Mm if quota limit raising or returning has to be done
-- When destroying a quota block, make sure that we're giving back all the rest of non-returned quotas to Memory Mm
-- Crash the system with QUOTA_UNDERFLOW if someone is returning way too much quota than it was previously charged
-- When a process exits, ensure that it doesn't hold up any charged quotas in QuotaUsage field of the process object, that way we're enforcing proper kernel consistency
-- Implement PsChargeSharedPoolQuota and PsChargeProcessPageFileQuota functions, used exclusively by the Object Manager. These routines are used to charge or return amount of quotas of a newly created object.
-- On PspInheritQuota, when assigning to process the default quota block if no parent process is given, we must increment the reference counts as we're using it
-- Handle the ProcessCount reference field, as it wasn't used
-- Annotate the functions with SAL
-- Document the code

=== REMARKS ===
Windows LogOn (Winlogon) is responsible for setting up a different quota block for all the processes within an interactive session, which is what we don't do. What we're currently doing instead is we're using the default block, PspDefaultQuotaBlock, for all the processes
across the system. The default block contains the default limits of -1 (which would imply no limits). By definition, the kernel won't ever return STATUS_QUOTA_EXCEEDED as we literally don't set up a definite limit for regular processes. This situation has to be tackled
in the future.

=== TODO FOR FUTURE ===
Most of the code in PspChargeProcessQuotaSpecifiedPool and PspReturnProcessQuotaSpecifiedPool private routines must be refactored in order to reduce the usage of the quota spin lock, possibly wrapping such code in a loop and whatnot.

CORE-17784
2022-01-11 10:11:09 +01:00
George Bișoc
32e9710fd1
[NTOS:OB] Add a system process quota block macro
OBP_SYSTEM_PROCESS_QUOTA is a macro that'll be used as a way to assign a dummy quota block to system processes, as we mustn't do anything to those in case the Object Manager is charging or returning pool quotas.
2022-01-11 10:11:09 +01:00