git://git.openafs.org / openafs.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw
Windows: Police Library IOCTLs
[openafs.git] / src / WINNT / afsrdr / kernel / lib / AFSCreate.cpp
diff --git a/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp b/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
index 388495c..efe1a8c 100644 (file)
--- a/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
@@ -56,7 +56,7 @@ NTSTATUS
 AFSCreate( IN PDEVICE_OBJECT LibDeviceObject,
            IN PIRP Irp)
 {
-
+    UNREFERENCED_PARAMETER(LibDeviceObject);
     NTSTATUS ntStatus = STATUS_SUCCESS;
     IO_STACK_LOCATION  *pIrpSp;
     FILE_OBJECT        *pFileObject = NULL;
@@ -99,7 +99,7 @@ try_exit:
 
         NOTHING;
     }
-    __except( AFSExceptionFilter( GetExceptionCode(), GetExceptionInformation()) )
+    __except( AFSExceptionFilter( __FUNCTION__, GetExceptionCode(), GetExceptionInformation()) )
     {
 
         AFSDbgLogMsg( 0,
@@ -107,6 +107,8 @@ try_exit:
                       "EXCEPTION - AFSCreate\n");
 
         ntStatus = STATUS_ACCESS_DENIED;
+
+        AFSDumpTraceFilesFnc();
     }
 
     //
@@ -136,14 +138,14 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
     AFSDeviceExt       *pDeviceExt = NULL;
     BOOLEAN             bOpenTargetDirectory = FALSE, bReleaseVolume = FALSE;
     PACCESS_MASK        pDesiredAccess = NULL;
-    UNICODE_STRING      uniComponentName, uniPathName, uniRootFileName, uniParsedFileName;
+    UNICODE_STRING      uniComponentName, uniRootFileName, uniParsedFileName;
     UNICODE_STRING      uniSubstitutedPathName;
     UNICODE_STRING      uniRelativeName;
     AFSNameArrayHdr    *pNameArray = NULL;
     AFSVolumeCB        *pVolumeCB = NULL;
     AFSDirectoryCB     *pParentDirectoryCB = NULL, *pDirectoryCB = NULL;
     ULONG               ulParseFlags = 0;
-    GUID                stAuthGroup;
+    GUID                stAuthGroup = {0};
     ULONG               ulNameProcessingFlags = 0;
     BOOLEAN             bOpenedReparsePoint = FALSE;
     LONG                lCount;
@@ -365,7 +367,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               "AFSCommonCreate Failed to open root Status %08lX\n",
                               ntStatus);
 
-                lCount = InterlockedDecrement( &AFSGlobalRoot->DirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &AFSGlobalRoot->DirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -374,6 +376,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               AFSGlobalRoot->DirectoryCB,
                               NULL,
                               lCount);
+
+                ASSERT( lCount >= 0);
             }
 
             try_return( ntStatus);
@@ -569,7 +573,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                 // Perform in this order to prevent thrashing
                 //
 
-                lCount = InterlockedIncrement( &pParentDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedIncrement( &pParentDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -611,7 +615,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                 //
                 // It is now safe to drop the Reference Count
                 //
-                lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -620,6 +624,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               pDirectoryCB,
                               NULL,
                               lCount);
+
+                ASSERT( lCount >= 0);
             }
 
             if( !NT_SUCCESS( ntStatus))
@@ -635,7 +641,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                 // Decrement the reference on the parent
                 //
 
-                lCount = InterlockedDecrement( &pParentDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pParentDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -644,6 +650,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               pParentDirectoryCB,
                               NULL,
                               lCount);
+
+                ASSERT( lCount >= 0);
             }
 
             try_return( ntStatus);
@@ -704,7 +712,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   &pDirectoryCB->NameInformation.FileName,
                                   ntStatus);
 
-                    lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                    lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                     AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                                   AFS_TRACE_LEVEL_VERBOSE,
@@ -713,6 +721,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   pDirectoryCB,
                                   NULL,
                                   lCount);
+
+                    ASSERT( lCount >= 0);
                 }
                 else
                 {
@@ -722,7 +732,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   "AFSCommonCreate Object name collision on create Status %08lX\n",
                                   ntStatus);
 
-                    InterlockedDecrement( &pParentDirectoryCB->OpenReferenceCount);
+                    lCount = InterlockedDecrement( &pParentDirectoryCB->DirOpenReferenceCount);
 
                     AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                                   AFS_TRACE_LEVEL_VERBOSE,
@@ -730,7 +740,9 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   &pParentDirectoryCB->NameInformation.FileName,
                                   pParentDirectoryCB,
                                   NULL,
-                                  pParentDirectoryCB->OpenReferenceCount);
+                                  lCount);
+
+                    ASSERT( lCount >= 0);
                 }
 
                 try_return( ntStatus = STATUS_OBJECT_NAME_COLLISION);
@@ -765,7 +777,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
             // Dereference the parent entry
             //
 
-            lCount = InterlockedDecrement( &pParentDirectoryCB->OpenReferenceCount);
+            lCount = InterlockedDecrement( &pParentDirectoryCB->DirOpenReferenceCount);
 
             AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                           AFS_TRACE_LEVEL_VERBOSE,
@@ -775,6 +787,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                           NULL,
                           lCount);
 
+            ASSERT( lCount >= 0);
+
             try_return( ntStatus);
         }
 
@@ -832,7 +846,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                 if( pDirectoryCB != NULL)
                 {
 
-                    lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                    lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                     AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                                   AFS_TRACE_LEVEL_VERBOSE,
@@ -841,11 +855,13 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   pDirectoryCB,
                                   NULL,
                                   lCount);
+
+                    ASSERT( lCount >= 0);
                 }
                 else
                 {
 
-                    lCount = InterlockedDecrement( &pParentDirectoryCB->OpenReferenceCount);
+                    lCount = InterlockedDecrement( &pParentDirectoryCB->DirOpenReferenceCount);
 
                     AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                                   AFS_TRACE_LEVEL_VERBOSE,
@@ -854,6 +870,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                                   pParentDirectoryCB,
                                   NULL,
                                   lCount);
+
+                    ASSERT( lCount >= 0);
                 }
             }
 
@@ -879,7 +897,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               "AFSCommonCreate (%08lX) Attempt to open root as delete on close\n",
                               Irp);
 
-                lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -889,6 +907,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               NULL,
                               lCount);
 
+                ASSERT( lCount >= 0);
+
                 try_return( ntStatus = STATUS_CANNOT_DELETE);
             }
 
@@ -904,7 +924,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               "AFSCommonCreate (%08lX) Attempt to open root as target directory\n",
                               Irp);
 
-                lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -914,6 +934,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               NULL,
                               lCount);
 
+                ASSERT( lCount >= 0);
+
                 try_return( ntStatus = STATUS_INVALID_PARAMETER);
             }
 
@@ -937,7 +959,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               pVolumeCB->ObjectInformation.FileId.Volume,
                               ntStatus);
 
-                lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -946,6 +968,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               pDirectoryCB,
                               NULL,
                               lCount);
+
+                ASSERT( lCount >= 0);
             }
 
             try_return( ntStatus);
@@ -993,7 +1017,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               &pDirectoryCB->NameInformation.FileName,
                               ntStatus);
 
-                lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -1002,6 +1026,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                               pDirectoryCB,
                               NULL,
                               lCount);
+
+                ASSERT( lCount >= 0);
             }
 
             try_return( ntStatus);
@@ -1028,7 +1054,7 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                           &pDirectoryCB->NameInformation.FileName,
                           ntStatus);
 
-            lCount = InterlockedDecrement( &pDirectoryCB->OpenReferenceCount);
+            lCount = InterlockedDecrement( &pDirectoryCB->DirOpenReferenceCount);
 
             AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                           AFS_TRACE_LEVEL_VERBOSE,
@@ -1037,6 +1063,8 @@ AFSCommonCreate( IN PDEVICE_OBJECT DeviceObject,
                           pDirectoryCB,
                           NULL,
                           lCount);
+
+            ASSERT( lCount >= 0);
         }
 
 try_exit:
@@ -1048,6 +1076,9 @@ try_exit:
             if( pCcb != NULL)
             {
 
+                AFSAcquireExcl( &pCcb->NPCcb->CcbLock,
+                                TRUE);
+
                 RtlCopyMemory( &pCcb->AuthGroup,
                                &stAuthGroup,
                                sizeof( GUID));
@@ -1090,9 +1121,9 @@ try_exit:
                               &pCcb->DirectoryCB->NameInformation.FileName,
                               pCcb->DirectoryCB,
                               pCcb,
-                              pCcb->DirectoryCB->OpenReferenceCount);
+                              lCount = pCcb->DirectoryCB->DirOpenReferenceCount);
 
-                ASSERT( pCcb->DirectoryCB->OpenReferenceCount > 0);
+                ASSERT( lCount >= 0);
 
                 pCcb->CurrentDirIndex = 0;
 
@@ -1109,6 +1140,8 @@ try_exit:
                 pCcb->NameArray = pNameArray;
 
                 pNameArray = NULL;
+
+                AFSReleaseResource( &pCcb->NPCcb->CcbLock);
             }
 
             //
@@ -1138,9 +1171,15 @@ try_exit:
                 // For files perform additional processing
                 //
 
-                if( pFcb->Header.NodeTypeCode == AFS_FILE_FCB)
+                switch( pFcb->Header.NodeTypeCode)
                 {
-                    pFileObject->SectionObjectPointer = &pFcb->NPFcb->SectionObjectPointers;
+
+                    case AFS_FILE_FCB:
+                    case AFS_IOCTL_FCB:
+                    {
+
+                        pFileObject->SectionObjectPointer = &pFcb->NPFcb->SectionObjectPointers;
+                    }
                 }
 
                 //
@@ -1215,7 +1254,7 @@ try_exit:
             if( uniSubstitutedPathName.Buffer != NULL)
             {
 
-                AFSExFreePool( uniSubstitutedPathName.Buffer);
+                AFSExFreePoolWithTag( uniSubstitutedPathName.Buffer, 0);
 
                 ClearFlag( ulParseFlags, AFS_PARSE_FLAG_FREE_FILE_BUFFER);
             }
@@ -1234,7 +1273,7 @@ try_exit:
         if( BooleanFlagOn( ulParseFlags, AFS_PARSE_FLAG_FREE_FILE_BUFFER))
         {
 
-            AFSExFreePool( uniRootFileName.Buffer);
+            AFSExFreePoolWithTag( uniRootFileName.Buffer, 0);
         }
 
         if( bReleaseVolume)
@@ -1380,7 +1419,8 @@ AFSOpenRoot( IN PIRP Irp,
 
         ntStatus = AFSValidateEntry( VolumeCB->DirectoryCB,
                                      AuthGroup,
-                                     FALSE);
+                                     FALSE,
+                                     TRUE);
 
         if( !NT_SUCCESS( ntStatus))
         {
@@ -1668,12 +1708,8 @@ AFSProcessCreate( IN PIRP               Irp,
     PFILE_OBJECT pFileObject = NULL;
     PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation( Irp);
     ULONG ulOptions = 0;
-    ULONG ulShareMode = 0;
-    ULONG ulAccess = 0;
     ULONG ulAttributes = 0;
-    LARGE_INTEGER   liAllocationSize = {0,0};
     BOOLEAN bFileCreated = FALSE, bReleaseFcb = FALSE, bAllocatedCcb = FALSE;
-    BOOLEAN bAllocatedFcb = FALSE;
     PACCESS_MASK pDesiredAccess = NULL;
     USHORT usShareAccess;
     AFSDirectoryCB *pDirEntry = NULL;
@@ -1867,53 +1903,29 @@ AFSProcessCreate( IN PIRP               Irp,
         // We may have raced and the Fcb is already created
         //
 
-        if( pObjectInfo->Fcb != NULL)
-        {
+        //
+        // Allocate and initialize the Fcb for the file.
+        //
 
-            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                          AFS_TRACE_LEVEL_VERBOSE,
-                          "AFSProcessCreate (%08lX) Not allocating Fcb for file %wZ\n",
-                          Irp,
-                          FullFileName);
+        ntStatus = AFSInitFcb( pDirEntry);
 
-            *Fcb = pObjectInfo->Fcb;
+        *Fcb = pObjectInfo->Fcb;
 
-            AFSAcquireExcl( &(*Fcb)->NPFcb->Resource,
-                            TRUE);
-        }
-        else
+        if( !NT_SUCCESS( ntStatus))
         {
 
-            //
-            // Allocate and initialize the Fcb for the file.
-            //
-
-            ntStatus = AFSInitFcb( pDirEntry);
-
-            *Fcb = pObjectInfo->Fcb;
-
-            if( !NT_SUCCESS( ntStatus))
-            {
-
-                AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                              AFS_TRACE_LEVEL_ERROR,
-                              "AFSProcessCreate (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
-                              Irp,
-                              FullFileName,
-                              ntStatus);
-
-                try_return( ntStatus);
-            }
-
-            if ( ntStatus != STATUS_REPARSE)
-            {
-
-                bAllocatedFcb = TRUE;
-            }
+            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
+                          AFS_TRACE_LEVEL_ERROR,
+                          "AFSProcessCreate (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
+                          Irp,
+                          FullFileName,
+                          ntStatus);
 
-            ntStatus = STATUS_SUCCESS;
+            try_return( ntStatus);
         }
 
+        ntStatus = STATUS_SUCCESS;
+
         //
         // Increment the open count on this Fcb
         //
@@ -2152,7 +2164,7 @@ try_exit:
                 // Decrement the reference added during initialization of the DE
                 //
 
-                lCount = InterlockedDecrement( &pDirEntry->OpenReferenceCount);
+                lCount = InterlockedDecrement( &pDirEntry->DirOpenReferenceCount);
 
                 AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                               AFS_TRACE_LEVEL_VERBOSE,
@@ -2161,6 +2173,8 @@ try_exit:
                               pDirEntry,
                               lCount);
 
+                ASSERT( lCount >= 0);
+
                 //
                 // Pull the directory entry from the parent
                 //
@@ -2187,11 +2201,9 @@ try_exit:
                               *Ccb);
             }
 
-            if( bAllocatedFcb)
-            {
-
-                AFSRemoveFcb( &pObjectInfo->Fcb);
-            }
+            //
+            // Fcb will be freed by AFSPrimaryVolumeWorker thread
+            //
 
             *Fcb = NULL;
 
@@ -2211,15 +2223,15 @@ AFSOpenTargetDirectory( IN PIRP Irp,
                         OUT AFSFcb **Fcb,
                         OUT AFSCcb **Ccb)
 {
-
+    UNREFERENCED_PARAMETER(VolumeCB);
     NTSTATUS ntStatus = STATUS_SUCCESS;
     PFILE_OBJECT pFileObject = NULL;
     PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation( Irp);
     PACCESS_MASK pDesiredAccess = NULL;
     USHORT usShareAccess;
     BOOLEAN bAllocatedCcb = FALSE;
-    BOOLEAN bReleaseFcb = FALSE, bAllocatedFcb = FALSE;
-    AFSObjectInfoCB *pParentObject = NULL, *pTargetObject = NULL;
+    BOOLEAN bReleaseFcb = FALSE;
+    AFSObjectInfoCB *pParentObject = NULL;
     UNICODE_STRING uniTargetName;
     LONG lCount;
 
@@ -2247,49 +2259,30 @@ AFSOpenTargetDirectory( IN PIRP Irp,
 
         //
         // Make sure we have an Fcb for the access
+
+        //
+        // Allocate and initialize the Fcb for the file.
         //
 
-        if( pParentObject->Fcb != NULL)
-        {
+        ntStatus = AFSInitFcb( ParentDirectoryCB);
 
-            *Fcb = pParentObject->Fcb;
+        *Fcb = pParentObject->Fcb;
 
-            AFSAcquireExcl( &(*Fcb)->NPFcb->Resource,
-                            TRUE);
-        }
-        else
+        if( !NT_SUCCESS( ntStatus))
         {
 
-            //
-            // Allocate and initialize the Fcb for the file.
-            //
-
-            ntStatus = AFSInitFcb( ParentDirectoryCB);
-
-            *Fcb = pParentObject->Fcb;
-
-            if( !NT_SUCCESS( ntStatus))
-            {
-
-                AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                              AFS_TRACE_LEVEL_ERROR,
-                              "AFSProcessCreate (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
-                              Irp,
-                              &ParentDirectoryCB->NameInformation.FileName,
-                              ntStatus);
-
-                try_return( ntStatus);
-            }
-
-            if ( ntStatus == STATUS_REPARSE)
-            {
-
-                bAllocatedFcb = TRUE;
-            }
+            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
+                          AFS_TRACE_LEVEL_ERROR,
+                          "AFSOpenTargetDirectory (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
+                          Irp,
+                          &ParentDirectoryCB->NameInformation.FileName,
+                          ntStatus);
 
-            ntStatus = STATUS_SUCCESS;
+            try_return( ntStatus);
         }
 
+        ntStatus = STATUS_SUCCESS;
+
         //
         // Increment the open count on this Fcb
         //
@@ -2479,11 +2472,9 @@ try_exit:
 
             *Ccb = NULL;
 
-            if( bAllocatedFcb)
-            {
-
-                AFSRemoveFcb( &pParentObject->Fcb);
-            }
+            //
+            // Fcb will be freed by AFSPrimaryVolumeWorker thread
+            //
 
             *Fcb = NULL;
         }
@@ -2501,14 +2492,14 @@ AFSProcessOpen( IN PIRP Irp,
                 OUT AFSFcb **Fcb,
                 OUT AFSCcb **Ccb)
 {
-
+    UNREFERENCED_PARAMETER(VolumeCB);
     NTSTATUS ntStatus = STATUS_SUCCESS;
     PFILE_OBJECT pFileObject = NULL;
     PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation( Irp);
     PACCESS_MASK pDesiredAccess = NULL;
     USHORT usShareAccess;
-    BOOLEAN bAllocatedCcb = FALSE, bReleaseFcb = FALSE, bAllocatedFcb = FALSE;
-    ULONG ulAdditionalFlags = 0, ulOptions = 0;
+    BOOLEAN bAllocatedCcb = FALSE, bReleaseFcb = FALSE;
+    ULONG ulOptions = 0;
     AFSFileOpenCB   stOpenCB;
     AFSFileOpenResultCB stOpenResultCB;
     ULONG       ulResultLen = 0;
@@ -2561,7 +2552,8 @@ AFSProcessOpen( IN PIRP Irp,
 
         ntStatus = AFSValidateEntry( DirectoryCB,
                                      AuthGroup,
-                                     FALSE);
+                                     FALSE,
+                                     TRUE);
 
         if( !NT_SUCCESS( ntStatus))
         {
@@ -2607,38 +2599,28 @@ AFSProcessOpen( IN PIRP Irp,
         // Be sure we have an Fcb for the current object
         //
 
-        if( pObjectInfo->Fcb == NULL)
-        {
-
-            ntStatus = AFSInitFcb( DirectoryCB);
-
-            if( !NT_SUCCESS( ntStatus))
-            {
+        ntStatus = AFSInitFcb( DirectoryCB);
 
-                AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                              AFS_TRACE_LEVEL_ERROR,
-                              "AFSProcessOpen (%08lX) Failed to init fcb on %wZ Status %08lX\n",
-                              Irp,
-                              &DirectoryCB->NameInformation.FileName,
-                              ntStatus);
+        if( !NT_SUCCESS( ntStatus))
+        {
 
-                try_return( ntStatus);
-            }
+            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
+                          AFS_TRACE_LEVEL_ERROR,
+                          "AFSProcessOpen (%08lX) Failed to init fcb on %wZ Status %08lX\n",
+                          Irp,
+                          &DirectoryCB->NameInformation.FileName,
+                          ntStatus);
 
-            if ( ntStatus != STATUS_REPARSE)
-            {
+            try_return( ntStatus);
+        }
 
-                bAllocatedFcb = TRUE;
-            }
+        ntStatus = STATUS_SUCCESS;
 
-            ntStatus = STATUS_SUCCESS;
-        }
-        else
-        {
+        //
+        // AFSInitFcb returns the Fcb resource held
+        //
 
-            AFSAcquireExcl( pObjectInfo->Fcb->Header.Resource,
-                            TRUE);
-        }
+        bReleaseFcb = TRUE;
 
         //
         // Increment the open count on this Fcb
@@ -2652,8 +2634,6 @@ AFSProcessOpen( IN PIRP Irp,
                       pObjectInfo->Fcb,
                       lCount);
 
-        bReleaseFcb = TRUE;
-
         //
         // Check access on the entry
         //
@@ -2696,8 +2676,29 @@ AFSProcessOpen( IN PIRP Irp,
                 BooleanFlagOn(ulOptions, FILE_DELETE_ON_CLOSE))
             {
 
-                if( !MmFlushImageSection( &pObjectInfo->Fcb->NPFcb->SectionObjectPointers,
-                                          MmFlushForWrite))
+                BOOLEAN bMmFlushed;
+
+                AFSDbgLogMsg( AFS_SUBSYSTEM_LOCK_PROCESSING,
+                              AFS_TRACE_LEVEL_VERBOSE,
+                              "AFSProcessOpen Acquiring Fcb SectionObject lock %08lX EXCL %08lX\n",
+                              &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                              PsGetCurrentThread());
+
+                AFSAcquireExcl( &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                                TRUE);
+
+                bMmFlushed = MmFlushImageSection( &pObjectInfo->Fcb->NPFcb->SectionObjectPointers,
+                                                  MmFlushForWrite);
+
+                AFSDbgLogMsg( AFS_SUBSYSTEM_LOCK_PROCESSING,
+                              AFS_TRACE_LEVEL_VERBOSE,
+                              "AFSProcessOpen Releasing Fcb SectionObject lock %08lX EXCL %08lX\n",
+                              &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                              PsGetCurrentThread());
+
+                AFSReleaseResource( &pObjectInfo->Fcb->NPFcb->SectionObjectResource);
+
+                if ( !bMmFlushed)
                 {
 
                     ntStatus = BooleanFlagOn(ulOptions, FILE_DELETE_ON_CLOSE) ? STATUS_CANNOT_DELETE :
@@ -2997,11 +2998,9 @@ try_exit:
 
             *Ccb = NULL;
 
-            if( bAllocatedFcb)
-            {
-
-                AFSRemoveFcb( &pObjectInfo->Fcb);
-            }
+            //
+            // Fcb will be freed by AFSPrimaryVolumeWorker thread
+            //
 
             *Fcb = NULL;
         }
@@ -3020,16 +3019,16 @@ AFSProcessOverwriteSupersede( IN PDEVICE_OBJECT DeviceObject,
                               OUT AFSFcb       **Fcb,
                               OUT AFSCcb       **Ccb)
 {
-
+    UNREFERENCED_PARAMETER(DeviceObject);
     NTSTATUS ntStatus = STATUS_SUCCESS;
     PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation( Irp);
     PFILE_OBJECT pFileObject = NULL;
     LARGE_INTEGER liZero = {0,0};
     BOOLEAN bReleasePaging = FALSE, bReleaseFcb = FALSE;
     ULONG   ulAttributes = 0;
-    LARGE_INTEGER liTime;
     ULONG ulCreateDisposition = 0;
-    BOOLEAN bAllocatedCcb = FALSE, bAllocatedFcb = FALSE;
+    BOOLEAN bAllocatedCcb = FALSE;
+    BOOLEAN bUserMapped = FALSE;
     PACCESS_MASK pDesiredAccess = NULL;
     USHORT usShareAccess;
     AFSObjectInfoCB *pParentObjectInfo = NULL;
@@ -3074,7 +3073,8 @@ AFSProcessOverwriteSupersede( IN PDEVICE_OBJECT DeviceObject,
 
         ntStatus = AFSValidateEntry( DirectoryCB,
                                      AuthGroup,
-                                     FALSE);
+                                     FALSE,
+                                     TRUE);
 
         if( !NT_SUCCESS( ntStatus))
         {
@@ -3093,40 +3093,24 @@ AFSProcessOverwriteSupersede( IN PDEVICE_OBJECT DeviceObject,
         // Be sure we have an Fcb for the object block
         //
 
-        if( pObjectInfo->Fcb == NULL)
-        {
-
-            ntStatus = AFSInitFcb( DirectoryCB);
-
-            *Fcb = pObjectInfo->Fcb;
+        ntStatus = AFSInitFcb( DirectoryCB);
 
-            if( !NT_SUCCESS( ntStatus))
-            {
-
-                AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                              AFS_TRACE_LEVEL_ERROR,
-                              "AFSProcessOverwriteSupersede (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
-                              Irp,
-                              &DirectoryCB->NameInformation.FileName,
-                              ntStatus);
-
-                try_return( ntStatus);
-            }
+        *Fcb = pObjectInfo->Fcb;
 
-            if ( ntStatus != STATUS_REPARSE)
-            {
+        if( !NT_SUCCESS( ntStatus))
+        {
 
-                bAllocatedFcb = TRUE;
-            }
+            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
+                          AFS_TRACE_LEVEL_ERROR,
+                          "AFSProcessOverwriteSupersede (%08lX) Failed to initialize fcb %wZ Status %08lX\n",
+                          Irp,
+                          &DirectoryCB->NameInformation.FileName,
+                          ntStatus);
 
-            ntStatus = STATUS_SUCCESS;
+            try_return( ntStatus);
         }
-        else
-        {
 
-            AFSAcquireExcl( pObjectInfo->Fcb->Header.Resource,
-                            TRUE);
-        }
+        ntStatus = STATUS_SUCCESS;
 
         //
         // Increment the open count on this Fcb.
@@ -3169,13 +3153,32 @@ AFSProcessOverwriteSupersede( IN PDEVICE_OBJECT DeviceObject,
             }
         }
 
+        AFSDbgLogMsg( AFS_SUBSYSTEM_LOCK_PROCESSING,
+                      AFS_TRACE_LEVEL_VERBOSE,
+                      "AFSProcessOverwriteSupercede Acquiring Fcb SectionObject lock %08lX EXCL %08lX\n",
+                      &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                      PsGetCurrentThread());
+
+        AFSAcquireExcl( &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                        TRUE);
+
         //
         //  Before we actually truncate, check to see if the purge
         //  is going to fail.
         //
 
-        if( !MmCanFileBeTruncated( &pObjectInfo->Fcb->NPFcb->SectionObjectPointers,
-                                   &liZero))
+        bUserMapped = !MmCanFileBeTruncated( &pObjectInfo->Fcb->NPFcb->SectionObjectPointers,
+                                             &liZero);
+
+        AFSDbgLogMsg( AFS_SUBSYSTEM_LOCK_PROCESSING,
+                      AFS_TRACE_LEVEL_VERBOSE,
+                      "AFSProcessOverwriteSupercede Releasing Fcb SectionObject lock %08lX EXCL %08lX\n",
+                      &pObjectInfo->Fcb->NPFcb->SectionObjectResource,
+                      PsGetCurrentThread());
+
+        AFSReleaseResource( &pObjectInfo->Fcb->NPFcb->SectionObjectResource);
+
+        if( bUserMapped)
         {
 
             ntStatus = STATUS_USER_MAPPED_FILE;
@@ -3429,11 +3432,9 @@ try_exit:
 
             *Ccb = NULL;
 
-            if( bAllocatedFcb)
-            {
-
-                AFSRemoveFcb( &pObjectInfo->Fcb);
-            }
+            //
+            // Fcb will be freed by AFSPrimaryVolumeWorker thread
+            //
 
             *Fcb = NULL;
         }
@@ -3451,11 +3452,21 @@ AFSControlDeviceCreate( IN PIRP Irp)
     __Enter
     {
 
-        //
-        // For now, jsut let the open happen
-        //
-
-        Irp->IoStatus.Information = FILE_OPENED;
+        if ( KernelMode == Irp->RequestorMode) {
+            //
+            // For now, just let the open happen
+            //
+            Irp->IoStatus.Information = FILE_OPENED;
+        }
+        else
+        {
+            //
+            // Not from usermode, All access must be via
+            // the FS component (which will do the
+            // security check)
+            //
+            ntStatus = STATUS_ACCESS_DENIED;
+        }
     }
 
     return ntStatus;
@@ -3472,8 +3483,7 @@ AFSOpenIOCtlFcb( IN PIRP Irp,
     NTSTATUS ntStatus = STATUS_SUCCESS;
     PFILE_OBJECT pFileObject = NULL;
     PIO_STACK_LOCATION pIrpSp = IoGetCurrentIrpStackLocation( Irp);
-    BOOLEAN bReleaseFcb = FALSE, bAllocatedCcb = FALSE, bAllocatedFcb = FALSE;
-    UNICODE_STRING uniFullFileName;
+    BOOLEAN bReleaseFcb = FALSE, bAllocatedCcb = FALSE;
     AFSPIOCtlOpenCloseRequestCB stPIOCtlOpen;
     AFSFileID stFileID;
     AFSObjectInfoCB *pParentObjectInfo = NULL;
@@ -3502,46 +3512,28 @@ AFSOpenIOCtlFcb( IN PIRP Irp,
             }
         }
 
-        if( pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB->ObjectInformation->Fcb == NULL)
-        {
-
-            //
-            // Allocate and initialize the Fcb for the file.
-            //
-
-            ntStatus = AFSInitFcb( pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB);
-
-            *Fcb = pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB->ObjectInformation->Fcb;
-
-            if( !NT_SUCCESS( ntStatus))
-            {
-
-                AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
-                              AFS_TRACE_LEVEL_ERROR,
-                              "AFSOpenIOCtlFcb (%08lX) Failed to initialize fcb Status %08lX\n",
-                              Irp,
-                              ntStatus);
-
-                try_return( ntStatus);
-            }
+        //
+        // Allocate and initialize the Fcb for the file.
+        //
 
-            if ( ntStatus != STATUS_REPARSE)
-            {
+        ntStatus = AFSInitFcb( pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB);
 
-                bAllocatedFcb = TRUE;
-            }
+        *Fcb = pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB->ObjectInformation->Fcb;
 
-            ntStatus = STATUS_SUCCESS;
-        }
-        else
+        if( !NT_SUCCESS( ntStatus))
         {
 
-            *Fcb = pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB->ObjectInformation->Fcb;
+            AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
+                          AFS_TRACE_LEVEL_ERROR,
+                          "AFSOpenIOCtlFcb (%08lX) Failed to initialize fcb Status %08lX\n",
+                          Irp,
+                          ntStatus);
 
-            AFSAcquireExcl( &(*Fcb)->NPFcb->Resource,
-                            TRUE);
+            try_return( ntStatus);
         }
 
+        ntStatus = STATUS_SUCCESS;
+
         //
         // Increment the open reference and handle on the node
         //
@@ -3634,7 +3626,7 @@ AFSOpenIOCtlFcb( IN PIRP Irp,
         // Reference the directory entry
         //
 
-        lCount = InterlockedIncrement( &((*Ccb)->DirectoryCB->OpenReferenceCount));
+        lCount = InterlockedIncrement( &((*Ccb)->DirectoryCB->DirOpenReferenceCount));
 
         AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                       AFS_TRACE_LEVEL_VERBOSE,
@@ -3689,7 +3681,7 @@ try_exit:
         // is already referenced
         //
 
-        lCount = InterlockedDecrement( &ParentDirCB->OpenReferenceCount);
+        lCount = InterlockedDecrement( &ParentDirCB->DirOpenReferenceCount);
 
         AFSDbgLogMsg( AFS_SUBSYSTEM_DIRENTRY_REF_COUNTING,
                       AFS_TRACE_LEVEL_VERBOSE,
@@ -3699,6 +3691,8 @@ try_exit:
                       NULL,
                       lCount);
 
+        ASSERT( lCount >= 0);
+
         //
         // If we created the Fcb we need to release the resources
         //
@@ -3736,15 +3730,9 @@ try_exit:
 
             *Ccb = NULL;
 
-            if( bAllocatedFcb)
-            {
-
-                //
-                // Need to tear down this Fcb since it is not in the tree for the worker thread
-                //
-
-                AFSRemoveFcb( &pParentObjectInfo->Specific.Directory.PIOCtlDirectoryCB->ObjectInformation->Fcb);
-            }
+            //
+            // Fcb will be freed by AFSPrimaryVolumeWorker thread
+            //
 
             *Fcb = NULL;
         }
@@ -3977,7 +3965,12 @@ try_exit:
                 // Need to tear down this Fcb since it is not in the tree for the worker thread
                 //
 
+                AFSAcquireExcl( &DirectoryCB->ObjectInformation->NonPagedInfo->ObjectInfoLock,
+                                TRUE);
+
                 AFSRemoveFcb( &DirectoryCB->ObjectInformation->Fcb);
+
+                AFSReleaseResource( &DirectoryCB->ObjectInformation->NonPagedInfo->ObjectInfoLock);
             }
 
             *Fcb = NULL;
OpenAFS Master Repository