Driver: Use event to wait processes enumeration

src/driver/fortps.c

@@ -610,21 +610,16 @@ static PFORT_PSNODE fort_pstree_handle_new_proc(PFORT_PSTREE ps_tree, PCUNICODE_
 
 inline static BOOL fort_pstree_wait_enum_processes(PFORT_PSTREE ps_tree)
 {
-    for (;;) {
-        const UCHAR flags =
-                (fort_pstree_flags(ps_tree) & (FORT_PSTREE_ENUM_STARTED | FORT_PSTREE_ENUM_DONE));
-        if (flags == 0)
-            return FALSE;
+    const UCHAR flags =
+            (fort_pstree_flags(ps_tree) & (FORT_PSTREE_ENUM_STARTED | FORT_PSTREE_ENUM_DONE));
+    if (flags == 0)
+        return FALSE;
 
-        if (flags == (FORT_PSTREE_ENUM_STARTED | FORT_PSTREE_ENUM_DONE))
-            return TRUE;
-
-        /* Wait for processes enumeration */
-        LARGE_INTEGER delay;
-        delay.QuadPart = -30 * 1000 * 10; /* sleep 30000us (30ms) */
-
-        KeDelayExecutionThread(KernelMode, FALSE, &delay);
+    if (flags == FORT_PSTREE_ENUM_STARTED) {
+        KeWaitForSingleObject(&ps_tree->enum_event, Executive, KernelMode, FALSE, NULL);
     }
+
+    return TRUE;
 }
 
 inline static PFORT_PSNODE fort_pstree_notify_process(PFORT_PSTREE ps_tree, PEPROCESS process,
@@ -725,6 +720,8 @@ FORT_API void fort_pstree_open(PFORT_PSTREE ps_tree)
     tommy_arrayof_init(&ps_tree->procs, sizeof(FORT_PSNODE));
     tommy_hashdyn_init(&ps_tree->procs_map);
 
+    KeInitializeEvent(&ps_tree->enum_event, NotificationEvent, FALSE);
+
     KeInitializeSpinLock(&ps_tree->lock);
 
     fort_pstree_update(ps_tree, /*active=*/TRUE); /* Start process monitor */
@@ -841,6 +838,8 @@ FORT_API void NTAPI fort_pstree_enum_processes(void)
 
     fort_pstree_flags_set(ps_tree, FORT_PSTREE_ENUM_DONE, TRUE);
 
+    KeSetEvent(&ps_tree->enum_event, 0, FALSE);
+
     fort_mem_free(buffer, FORT_PSTREE_POOL_TAG);
 }
 

src/driver/fortps.h

@@ -23,6 +23,8 @@ typedef struct fort_pstree
     tommy_arrayof procs;
     tommy_hashdyn procs_map;
 
+    KEVENT enum_event;
+
     KSPIN_LOCK lock;
 } FORT_PSTREE, *PFORT_PSTREE;