Driver: Don't close existing connections on installation

This commit is contained in:
Nodir Temirkhodjaev 2023-05-20 13:23:29 +03:00
parent eef86a75a4
commit 8e2c84ed20
2 changed files with 28 additions and 19 deletions

View File

@ -84,15 +84,17 @@ inline static BOOL fort_callout_ale_associate_flow(PCFORT_CALLOUT_ARG ca,
group_index, ca->isIPv6, is_tcp, ca->inbound, cx->is_reauth, &log_stat);
if (!NT_SUCCESS(status)) {
if (status == FORT_STATUS_FLOW_BLOCK) {
cx->blocked = TRUE; /* block (Reauth) */
cx->block_reason = FORT_BLOCK_REASON_REAUTH;
return TRUE;
if (status != FORT_STATUS_FLOW_BLOCK) {
LOG("Classify v4: Flow assoc. error: %x\n", status);
TRACE(FORT_CALLOUT_FLOW_ASSOC_ERROR, status, 0, 0);
}
LOG("Classify v4: Flow assoc. error: %x\n", status);
TRACE(FORT_CALLOUT_FLOW_ASSOC_ERROR, status, 0, 0);
} else if (!log_stat) {
cx->blocked = TRUE; /* block (Error) */
cx->block_reason = FORT_BLOCK_REASON_REAUTH;
return TRUE;
}
if (!log_stat) {
fort_buffer_proc_new_write(&fort_device()->buffer, cx->process_id, cx->real_path->Length,
cx->real_path->Buffer, &cx->irp, &cx->info);
}

View File

@ -169,7 +169,7 @@ static void fort_flow_context_stream_init(
}
}
inline static void fort_flow_context_stream_set(
inline static NTSTATUS fort_flow_context_stream_set(
PFORT_STAT stat, UINT64 flow_id, UINT64 flowContext, BOOL isIPv6, BOOL is_tcp)
{
UINT16 layerId;
@ -177,7 +177,7 @@ inline static void fort_flow_context_stream_set(
fort_flow_context_stream_init(stat, isIPv6, is_tcp, &layerId, &calloutId);
FwpsFlowAssociateContext0(flow_id, layerId, calloutId, flowContext);
return FwpsFlowAssociateContext0(flow_id, layerId, calloutId, flowContext);
}
inline static void fort_flow_context_transport_set(
@ -196,14 +196,20 @@ inline static void fort_flow_context_transport_set(
}
}
static void fort_flow_context_set(
static NTSTATUS fort_flow_context_set(
PFORT_STAT stat, PFORT_FLOW flow, BOOL isIPv6, BOOL is_tcp, BOOL inbound)
{
const UINT64 flow_id = flow->flow_id;
const UINT64 flowContext = (UINT64) flow;
fort_flow_context_stream_set(stat, flow_id, flowContext, isIPv6, is_tcp);
const NTSTATUS status =
fort_flow_context_stream_set(stat, flow_id, flowContext, isIPv6, is_tcp);
if (!NT_SUCCESS(status))
return status;
fort_flow_context_transport_set(stat, flow_id, flowContext, isIPv6, inbound);
return STATUS_SUCCESS;
}
inline static void fort_flow_context_stream_remove(
@ -324,8 +330,6 @@ static PFORT_FLOW fort_flow_new(PFORT_STAT stat, UINT64 flow_id, const tommy_key
flow->flow_id = flow_id;
fort_flow_context_set(stat, flow, isIPv6, is_tcp, inbound);
return flow;
}
@ -340,16 +344,19 @@ inline static UCHAR fort_stat_group_speed_limit(PFORT_CONF_GROUP conf_group, UCH
inline static NTSTATUS fort_flow_add_new(PFORT_STAT stat, PFORT_FLOW *flow, UINT64 flow_id,
tommy_key_t flow_hash, BOOL isIPv6, BOOL is_tcp, BOOL inbound, BOOL is_reauth)
{
if (is_reauth) {
/* Can't remove existing context, because of possible deadlock */
return FORT_STATUS_FLOW_BLOCK;
}
*flow = fort_flow_new(stat, flow_id, flow_hash, isIPv6, is_tcp, inbound);
if (*flow == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
return STATUS_SUCCESS;
NTSTATUS status = fort_flow_context_set(stat, *flow, isIPv6, is_tcp, inbound);
if (!NT_SUCCESS(status)) {
fort_flow_free(stat, *flow);
/* Can't remove existing context, because of possible deadlock */
status = is_reauth ? FORT_STATUS_FLOW_BLOCK : status;
}
return status;
}
static NTSTATUS fort_flow_add(PFORT_STAT stat, UINT64 flow_id, UCHAR group_index, UINT16 proc_index,