Driver: Don't expand kernel stack for workers

2024-11-15 06:15:15 +00:00 · 2023-04-15 18:58:30 +03:00 · 2023-04-15 18:58:30 +03:00 · 153e41563b
commit 153e41563b
parent a2c5eb33c6
8 changed files with 11 additions and 46 deletions
--- a/src/driver/evt/FORTEVT_MSG00001.bin
+++ b/src/driver/evt/FORTEVT_MSG00001.bin
--- a/src/driver/evt/fortevt.h
+++ b/src/driver/evt/fortevt.h
@ -39,7 +39,6 @@
 #define FACILITY_DRIVER                  0x4
 #define FACILITY_SHAPER                  0x5
 #define FACILITY_PROCESS_TREE            0x6
-#define FACILITY_WORKER                  0x7


 //
@ -173,14 +172,4 @@
 //
 #define FORT_PSTREE_ENUM_PROCESSES_ERROR ((NTSTATUS)0xC0060002L)

-/* Worker */
-//
-// MessageId: FORT_WORKER_CALLBACK_ERROR
-//
-// MessageText:
-//
-// Worker: Callback Error.
-//
-#define FORT_WORKER_CALLBACK_ERROR       ((NTSTATUS)0xC0070001L)
-
 #endif // FORTEVT_H
--- a/src/driver/evt/fortevt.mc
+++ b/src/driver/evt/fortevt.mc
@ -21,7 +21,6 @@ FacilityNames = (
    Driver = 4:FACILITY_DRIVER
    Shaper = 5:FACILITY_SHAPER
    ProcessTree = 6:FACILITY_PROCESS_TREE
-    Worker = 7:FACILITY_WORKER
 )


@ -101,10 +100,4 @@ Language=English
 Enum Processes Error.
 .

-;/* Worker */
-MessageId=1 Facility=Worker Severity=Error SymbolicName=FORT_WORKER_CALLBACK_ERROR
-Language=English
-Worker: Callback Error.
-.
-
 ;#endif // FORTEVT_H
--- a/src/driver/fortdev.c
+++ b/src/driver/fortdev.c
@ -21,10 +21,8 @@ FORT_API void fort_device_set(PFORT_DEVICE device)
    g_device = device;
 }

-static void NTAPI fort_worker_reauth(PVOID worker)
+static void NTAPI fort_worker_reauth(void)
 {
-    UNUSED(worker);
-
    const FORT_CONF_FLAGS conf_flags = fort_device()->conf.conf_flags;
    NTSTATUS status;

@ -215,7 +213,7 @@ static NTSTATUS fort_device_control_app(const PFORT_APP_ENTRY app_entry, ULONG l
            fort_conf_ref_put(&fort_device()->conf, conf_ref);

            if (NT_SUCCESS(status)) {
-                fort_worker_reauth(NULL);
+                fort_worker_reauth();
            }

            return status;
@ -235,7 +233,7 @@ static NTSTATUS fort_device_control_setzones(const PFORT_CONF_ZONES zones, ULONG
        } else {
            fort_conf_zones_set(&fort_device()->conf, conf_zones);

-            fort_worker_reauth(NULL);
+            fort_worker_reauth();

            return STATUS_SUCCESS;
        }
@ -249,7 +247,7 @@ static NTSTATUS fort_device_control_setzoneflag(const PFORT_CONF_ZONE_FLAG zone_
    if (len == sizeof(FORT_CONF_ZONE_FLAG)) {
        fort_conf_zone_flag_set(&fort_device()->conf, zone_flag);

-        fort_worker_reauth(NULL);
+        fort_worker_reauth();

        return STATUS_SUCCESS;
    }
--- a/src/driver/fortps.c
+++ b/src/driver/fortps.c
@ -825,10 +825,8 @@ static void fort_pstree_enum_processes_loop(
    }
 }

-FORT_API void NTAPI fort_pstree_enum_processes(PVOID worker)
+FORT_API void NTAPI fort_pstree_enum_processes(void)
 {
-    UNUSED(worker);
-
    NTSTATUS status;

    ULONG bufferSize;
--- a/src/driver/fortps.h
+++ b/src/driver/fortps.h
@ -36,7 +36,7 @@ FORT_API void fort_pstree_open(PFORT_PSTREE ps_tree);

 FORT_API void fort_pstree_close(PFORT_PSTREE ps_tree);

-FORT_API void NTAPI fort_pstree_enum_processes(PVOID worker);
+FORT_API void NTAPI fort_pstree_enum_processes(void);

 FORT_API BOOL fort_pstree_get_proc_name(
        PFORT_PSTREE ps_tree, DWORD processId, PUNICODE_STRING path, BOOL *inherited);
--- a/src/driver/fortwrk.c
+++ b/src/driver/fortwrk.c
@ -11,20 +11,10 @@ static void fort_worker_callback_run(
        PFORT_WORKER worker, enum FORT_WORKER_TYPE worker_type, UCHAR id_bits)
 {
    if ((id_bits & (1 << worker_type)) != 0) {
-        worker->funcs[worker_type](worker);
+        worker->funcs[worker_type]();
    }
 }

-static void NTAPI fort_worker_callback_expand(PVOID context)
-{
-    PFORT_WORKER worker = (PFORT_WORKER) context;
-
-    const UCHAR id_bits = InterlockedAnd8(&worker->id_bits, 0);
-
-    fort_worker_callback_run(worker, FORT_WORKER_REAUTH, id_bits);
-    fort_worker_callback_run(worker, FORT_WORKER_PSTREE, id_bits);
-}
-
 static void NTAPI fort_worker_callback(PDEVICE_OBJECT device, PVOID context)
 {
    UNUSED(device);
@ -33,13 +23,10 @@ static void NTAPI fort_worker_callback(PDEVICE_OBJECT device, PVOID context)

    InterlockedDecrement16(&worker->queue_size);

-    const NTSTATUS status =
-            KeExpandKernelStackAndCallout(&fort_worker_callback_expand, worker, KERNEL_STACK_SIZE);
+    const UCHAR id_bits = InterlockedAnd8(&worker->id_bits, 0);

-    if (!NT_SUCCESS(status)) {
-        LOG("Worker Callback: Error: %x\n", status);
-        TRACE(FORT_WORKER_CALLBACK_ERROR, status, 0, 0);
-    }
+    fort_worker_callback_run(worker, FORT_WORKER_REAUTH, id_bits);
+    fort_worker_callback_run(worker, FORT_WORKER_PSTREE, id_bits);
 }

 static void fort_worker_wait(PFORT_WORKER worker)
--- a/src/driver/fortwrk.h
+++ b/src/driver/fortwrk.h
@ -9,7 +9,7 @@ enum FORT_WORKER_TYPE {
    FORT_WORKER_FUNC_COUNT,
 };

-typedef void(NTAPI *FORT_WORKER_FUNC)(PVOID worker);
+typedef void(NTAPI *FORT_WORKER_FUNC)(void);

 typedef struct fort_worker
 {