AFSInitServerStrings();
//
- // Register the call back for process creation and tear down
+ // Register the call back for process creation and tear down.
+ // On Vista SP1 and above, PsSetCreateProcessNotifyRoutineEx
+ // will be used. This function returns STATUS_ACCESS_DENIED
+ // if there is a signing error. In that case, the AFSProcessNotifyEx
+ // routine has not been registered and we can fallback to the
+ // Windows 2000 interface and AFSProcessNotify.
//
RtlInitUnicodeString( &uniPsSetCreateProcessNotifyRoutineEx,
pPsSetCreateProcessNotifyRoutineEx = (PsSetCreateProcessNotifyRoutineEx_t)MmGetSystemRoutineAddress(&uniPsSetCreateProcessNotifyRoutineEx);
+ ntStatus = STATUS_ACCESS_DENIED;
+
if ( pPsSetCreateProcessNotifyRoutineEx)
{
- pPsSetCreateProcessNotifyRoutineEx( AFSProcessNotifyEx,
- FALSE);
+ ntStatus = pPsSetCreateProcessNotifyRoutineEx( AFSProcessNotifyEx,
+ FALSE);
}
- else
+
+ if ( ntStatus == STATUS_ACCESS_DENIED)
{
- PsSetCreateProcessNotifyRoutine( AFSProcessNotify,
- FALSE);
+ ntStatus = PsSetCreateProcessNotifyRoutine( AFSProcessNotify,
+ FALSE);
}
+ ntStatus = STATUS_SUCCESS;
+
try_exit:
if( !NT_SUCCESS( ntStatus))
else
{
- AFSProcessDestroy( ParentId,
- ProcessId);
+ AFSProcessDestroy( ProcessId);
}
return;
else
{
- AFSProcessDestroy( CreateInfo->ParentProcessId,
- ProcessId);
+ AFSProcessDestroy( ProcessId);
}
}
}
void
-AFSProcessDestroy( IN HANDLE ParentId,
- IN HANDLE ProcessId)
+AFSProcessDestroy( IN HANDLE ProcessId)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
ullProcessID);
ntStatus = AFSLocateHashEntry( pDeviceExt->Specific.Control.ProcessTree.TreeHead,
- (ULONGLONG)ullProcessID,
+ ullProcessID,
(AFSBTreeEntry **)&pProcessCB);
if( !NT_SUCCESS( ntStatus) ||
pProcessCB == NULL)
{
+ AFSProcessCreate( 0,
+ ProcessId,
+ 0,
+ 0);
+ }
+
+ if( !NT_SUCCESS( ntStatus) ||
+ pProcessCB == NULL)
+ {
+
AFSDbgLogMsg( AFS_SUBSYSTEM_AUTHGROUP_PROCESSING,
AFS_TRACE_LEVEL_ERROR,
"%s Failed to locate process entry for ProcessID %I64X\n",
__FUNCTION__,
ullProcessID);
- ASSERT( FALSE);
AFSReleaseResource( pDeviceExt->Specific.Control.ProcessTree.TreeLock);
+
try_return( ntStatus = STATUS_UNSUCCESSFUL);
}
IN HANDLE CreatingThreadId);
void
-AFSProcessDestroy( IN HANDLE ParentId,
- IN HANDLE ProcessId);
+AFSProcessDestroy( IN HANDLE ProcessId);
GUID *
AFSValidateProcessEntry( IN HANDLE ProcessId);
DRIVERTYPE=FS
USE_MAPSYM=1
+LINKER_FLAGS=/INTEGRITYCHECK
+
INCLUDES=Include;..\..\Common;
TARGETLIBS=$(DDK_LIB_PATH)\ntstrsafe.lib \