00815 :
00816
00817 This service writes Length bytes of data from
the caller's segment
00818 buffers to
the file associated with FileHandle starting at
00819 StartingBlock|ByteOffset. The actual number of bytes written to
the file
00820 will be returned in
the second longword of
the IoStatusBlock.
00821
00822 If
the writer has
the file open
for APPEND access, then
the data will be
00823 written to
the current EOF mark. The StartingBlock and ByteOffset are
00824 ignored
if the caller has APPEND access.
00825
00826 Arguments:
00827
00828 FileHandle - Supplies a handle to
the file to be written.
00829
00830
Event - Optionally supplies an event to be set to
the Signaled state when
00831
the write operation
is complete.
00832
00833 ApcRoutine - Optionally supplies an APC routine to be executed when
the
00834 write operation
is complete.
00835
00836 ApcContext - Supplies a context parameter to be passed to
the APC routine
00837 when
it is invoked,
if an APC routine was specified.
00838
00839 IoStatusBlock - Supplies
the address of
the caller's I/O status block.
00840
00841 SegmentArray - An array of buffer segment pointers that specify
00842 where
the data should be read from.
00843
00844 Length - Length, in bytes, of
the data to be written to
the file.
00845
00846 ByteOffset - Specifies
the starting byte offset within
the file to begin
00847
the write operation. If not specified and
the file is open
for
00848 synchronous I/O, then
the current
file position
is used. If
the
00849
file is not opened
for synchronous I/O and
the parameter
is not
00850 specified, then
it is in error.
00851
00852
Key - Optionally specifies a key to be used
if there are locks associated
00853 with
the file.
00854
00855 Return Value:
00856
00857 The status returned
is success
if the write operation was properly queued
00858 to
the I/O system. Once
the write completes
the status of
the operation
00859 can be determined by examining
the Status field of
the I/O status block.
00860
00861 Notes:
00862 This interface
is only supported
for no buffering and asynchronous I/O.
00863
00864 --*/
00865
00866 {
00867
PIRP irp;
00868
NTSTATUS status;
00869
PFILE_OBJECT fileObject;
00870
PDEVICE_OBJECT deviceObject;
00871
PFAST_IO_DISPATCH fastIoDispatch;
00872 PFILE_SEGMENT_ELEMENT capturedArray =
NULL;
00873
KPROCESSOR_MODE requestorMode;
00874
PMDL mdl;
00875
PIO_STACK_LOCATION irpSp;
00876 ACCESS_MASK grantedAccess;
00877
OBJECT_HANDLE_INFORMATION handleInformation;
00878
NTSTATUS exceptionCode;
00879
PKEVENT eventObject = (
PKEVENT)
NULL;
00880 ULONG elementCount;
00881 ULONG keyValue = 0;
00882 LARGE_INTEGER fileOffset = {0,0};
00883 PULONG majorFunction;
00884 ULONG i;
00885 BOOLEAN synchronousIo;
00886
00887
PAGED_CODE();
00888
00889
00890
00891
00892
00893 requestorMode = KeGetPreviousMode();
00894
00895
00896
00897
00898
00899
00900
00901
00902 status =
ObReferenceObjectByHandle( FileHandle,
00903 0L,
00904 IoFileObjectType,
00905 requestorMode,
00906 (PVOID *) &fileObject,
00907 &handleInformation);
00908
if (!
NT_SUCCESS( status )) {
00909
return status;
00910 }
00911
00912 grantedAccess = handleInformation.
GrantedAccess;
00913
00914
00915
00916
00917
00918 deviceObject =
IoGetRelatedDeviceObject( fileObject );
00919
00920
00921
00922
00923
00924
00925
00926
if (!(fileObject->
Flags &
FO_NO_INTERMEDIATE_BUFFERING) ||
00927 (fileObject->
Flags &
FO_SYNCHRONOUS_IO) ||
00928 deviceObject->
Flags &
DO_BUFFERED_IO ||
00929 (deviceObject->
DeviceType != FILE_DEVICE_DISK_FILE_SYSTEM &&
00930 deviceObject->
DeviceType != FILE_DEVICE_DFS &&
00931 deviceObject->
DeviceType != FILE_DEVICE_TAPE_FILE_SYSTEM &&
00932 deviceObject->
DeviceType != FILE_DEVICE_CD_ROM_FILE_SYSTEM &&
00933 deviceObject->
DeviceType != FILE_DEVICE_NETWORK_FILE_SYSTEM &&
00934 deviceObject->
DeviceType != FILE_DEVICE_FILE_SYSTEM &&
00935 deviceObject->
DeviceType != FILE_DEVICE_DFS_VOLUME)) {
00936
00937
ObDereferenceObject( fileObject );
00938
return STATUS_INVALID_PARAMETER;
00939 }
00940
00941 elementCount =
BYTES_TO_PAGES( Length );
00942
00943
00944
00945
00946
00947
00948
if (requestorMode !=
KernelMode) {
00949
00950
00951
00952
00953
00954
00955
00956
00957
00958
00959
00960
00961
00962
00963
00964
00965
00966
if (!
SeComputeGrantedAccesses( grantedAccess, (!(fileObject->
Flags & FO_NAMED_PIPE) ? FILE_APPEND_DATA : 0) | FILE_WRITE_DATA )) {
00967
ObDereferenceObject( fileObject );
00968
return STATUS_ACCESS_DENIED;
00969 }
00970
00971
00972
00973
00974
00975
00976
try {
00977
00978
00979
00980
00981
00982
ProbeForWriteIoStatusEx( IoStatusBlock , ApcRoutine);
00983
00984
00985
00986
00987
00988
#ifdef _X86_
00989
ProbeForRead( SegmentArray,
00990 elementCount *
sizeof( FILE_SEGMENT_ELEMENT ),
00991
sizeof( ULONG )
00992 );
00993
#elif defined(_WIN64)
00994
00995
00996
00997
00998
00999
if (
PsGetCurrentProcess()->Wow64Process) {
01000
ProbeForRead( SegmentArray,
01001 elementCount *
sizeof( FILE_SEGMENT_ELEMENT ),
01002
sizeof( ULONG )
01003 );
01004 }
else {
01005
ProbeForRead( SegmentArray,
01006 elementCount *
sizeof( FILE_SEGMENT_ELEMENT ),
01007 TYPE_ALIGNMENT( FILE_SEGMENT_ELEMENT )
01008 );
01009 }
01010
#else
01011
ProbeForRead( SegmentArray,
01012 elementCount *
sizeof( FILE_SEGMENT_ELEMENT ),
01013 TYPE_ALIGNMENT( FILE_SEGMENT_ELEMENT )
01014 );
01015
#endif
01016
01017
if (Length != 0) {
01018
01019
01020
01021
01022
01023
01024 capturedArray =
ExAllocatePoolWithQuota( PagedPool,
01025 elementCount *
sizeof( FILE_SEGMENT_ELEMENT )
01026 );
01027
01028 RtlCopyMemory( capturedArray,
01029 SegmentArray,
01030 elementCount *
sizeof( FILE_SEGMENT_ELEMENT )
01031 );
01032
01033 SegmentArray = capturedArray;
01034
01035
01036
01037
01038
01039
for (i = 0; i < elementCount; i++) {
01040
01041
if ( SegmentArray[i].Alignment & (
PAGE_SIZE - 1)) {
01042
ExRaiseStatus(STATUS_INVALID_PARAMETER);
01043 }
01044 }
01045 }
01046
01047
01048
01049
01050
01051
01052
01053
01054
if (fileObject->
CompletionContext &&
IopApcRoutinePresent( ApcRoutine )) {
01055
01056
ExRaiseStatus(STATUS_INVALID_PARAMETER);
01057
01058 }
01059
01060
01061
01062
01063
01064
01065
if (ARGUMENT_PRESENT( ByteOffset )) {
01066
ProbeForRead( ByteOffset,
01067
sizeof( LARGE_INTEGER ),
01068
sizeof( ULONG ) );
01069 fileOffset = *ByteOffset;
01070 }
01071
01072
01073
01074
01075
01076
01077
01078
if (fileObject->
Flags &
FO_NO_INTERMEDIATE_BUFFERING) {
01079
01080
01081
01082
01083
01084
01085
01086
if ((deviceObject->
SectorSize &&
01087 (Length & (deviceObject->
SectorSize - 1)))) {
01088
01089
01090
01091
01092
01093
if ((deviceObject->
SectorSize &&
01094 Length % deviceObject->
SectorSize) ) {
01095
01096
ExRaiseStatus(STATUS_INVALID_PARAMETER);
01097 }
01098 }
01099
01100
01101
01102
01103
01104
01105
if (ARGUMENT_PRESENT( ByteOffset )) {
01106
if (fileOffset.LowPart == FILE_WRITE_TO_END_OF_FILE &&
01107 fileOffset.HighPart == -1) {
01108 NOTHING;
01109 }
else if (fileOffset.LowPart == FILE_USE_FILE_POINTER_POSITION &&
01110 fileOffset.HighPart == -1 &&
01111 (fileObject->
Flags &
FO_SYNCHRONOUS_IO)) {
01112 NOTHING;
01113 }
else if (deviceObject->
SectorSize &&
01114 (fileOffset.LowPart & (deviceObject->
SectorSize - 1))) {
01115
01116
ExRaiseStatus(STATUS_INVALID_PARAMETER);
01117 }
01118 }
01119 }
01120
01121
01122
01123
01124
01125
01126
if (ARGUMENT_PRESENT( Key )) {
01127 keyValue =
ProbeAndReadUlong( Key );
01128 }
01129
01130 } except(
IopExceptionFilter( GetExceptionInformation(), &exceptionCode )) {
01131
01132
01133
01134
01135
01136
01137
01138
ObDereferenceObject( fileObject );
01139
01140
if (capturedArray !=
NULL) {
01141
ExFreePool( capturedArray );
01142 }
01143
01144
return exceptionCode;
01145
01146 }
01147
01148 }
else {
01149
01150
01151
01152
01153
01154
01155
if (ARGUMENT_PRESENT( ByteOffset )) {
01156 fileOffset = *ByteOffset;
01157 }
01158
01159
if (ARGUMENT_PRESENT( Key )) {
01160 keyValue = *
Key;
01161 }
01162
#if DBG
01163
if (fileObject->
Flags &
FO_NO_INTERMEDIATE_BUFFERING) {
01164
01165
01166
01167
01168
01169
01170
01171
if ((deviceObject->
SectorSize &&
01172 (Length & (deviceObject->
SectorSize - 1)))) {
01173
01174
01175
01176
01177
01178
if ((deviceObject->
SectorSize &&
01179 Length % deviceObject->
SectorSize)) {
01180
ObDereferenceObject( fileObject );
01181
ASSERT( FALSE );
01182
return STATUS_INVALID_PARAMETER;
01183 }
01184 }
01185
01186
01187
01188
01189
01190
01191
if (ARGUMENT_PRESENT( ByteOffset )) {
01192
if (fileOffset.LowPart == FILE_WRITE_TO_END_OF_FILE &&
01193 fileOffset.HighPart == -1) {
01194 NOTHING;
01195 }
else if (fileOffset.LowPart == FILE_USE_FILE_POINTER_POSITION &&
01196 fileOffset.HighPart == -1 &&
01197 (fileObject->
Flags &
FO_SYNCHRONOUS_IO)) {
01198 NOTHING;
01199 }
else if (deviceObject->
SectorSize &&
01200 (fileOffset.LowPart & (deviceObject->
SectorSize - 1))) {
01201
ObDereferenceObject( fileObject );
01202
ASSERT( FALSE );
01203
return STATUS_INVALID_PARAMETER;
01204 }
01205 }
01206 }
01207
01208
if (Length != 0) {
01209
01210
01211
01212
01213
01214
for (i = 0; i < elementCount; i++) {
01215
01216
if ( SegmentArray[i].Alignment & (
PAGE_SIZE - 1)) {
01217
01218
ObDereferenceObject( fileObject );
01219
ASSERT(FALSE);
01220
return STATUS_INVALID_PARAMETER;
01221 }
01222 }
01223 }
01224
#endif // DBG
01225
01226 }
01227
01228
01229
01230
01231
01232
01233
01234
01235
if (
SeComputeGrantedAccesses( grantedAccess, FILE_APPEND_DATA | FILE_WRITE_DATA ) == FILE_APPEND_DATA) {
01236
01237
01238
01239
01240
01241
01242
01243 fileOffset.LowPart = FILE_WRITE_TO_END_OF_FILE;
01244 fileOffset.HighPart = -1;
01245 }
01246
01247
01248
01249
01250
01251
01252
01253
if (ARGUMENT_PRESENT( Event )) {
01254 status =
ObReferenceObjectByHandle( Event,
01255 EVENT_MODIFY_STATE,
01256 ExEventObjectType,
01257 requestorMode,
01258 (PVOID *) &eventObject,
01259 NULL );
01260
if (!
NT_SUCCESS( status )) {
01261
ObDereferenceObject( fileObject );
01262
if (capturedArray !=
NULL) {
01263
ExFreePool( capturedArray );
01264 }
01265
return status;
01266 }
else {
01267
KeClearEvent( eventObject );
01268 }
01269 }
01270
01271
01272
01273
01274
01275 fastIoDispatch = deviceObject->
DriverObject->
FastIoDispatch;
01276
01277
01278
01279
01280
01281
01282
01283
01284
01285
01286
01287
01288
01289
01290
01291
if (fileObject->
Flags &
FO_SYNCHRONOUS_IO) {
01292
01293 BOOLEAN interrupted;
01294
01295
if (!
IopAcquireFastLock( fileObject )) {
01296 status =
IopAcquireFileObjectLock( fileObject,
01297 requestorMode,
01298 (BOOLEAN) ((fileObject->
Flags & FO_ALERTABLE_IO) != 0),
01299 &interrupted );
01300
if (interrupted) {
01301
if (eventObject) {
01302
ObDereferenceObject( eventObject );
01303 }
01304
ObDereferenceObject( fileObject );
01305
if (capturedArray !=
NULL) {
01306
ExFreePool( capturedArray );
01307 }
01308
return status;
01309 }
01310 }
01311
01312 synchronousIo =
TRUE;
01313
01314
if ((!ARGUMENT_PRESENT( ByteOffset ) && !fileOffset.LowPart ) ||
01315 (fileOffset.LowPart == FILE_USE_FILE_POINTER_POSITION &&
01316 fileOffset.HighPart == -1 )) {
01317 fileOffset = fileObject->
CurrentByteOffset;
01318 }
01319
01320 }
else if (!ARGUMENT_PRESENT( ByteOffset ) && !(fileObject->
Flags & (
FO_NAMED_PIPE |
FO_MAILSLOT))) {
01321
01322
01323
01324
01325
01326
01327
01328
if (eventObject) {
01329
ObDereferenceObject( eventObject );
01330 }
01331
ObDereferenceObject( fileObject );
01332
if (capturedArray !=
NULL) {
01333
ExFreePool( capturedArray );
01334 }
01335
return STATUS_INVALID_PARAMETER;
01336
01337 }
else {
01338
01339
01340
01341
01342
01343 synchronousIo =
FALSE;
01344 }
01345
01346
01347
01348
01349
01350
if (fileOffset.HighPart < 0 &&
01351 (fileOffset.HighPart != -1 ||
01352 fileOffset.LowPart != FILE_WRITE_TO_END_OF_FILE)) {
01353
01354
if (eventObject) {
01355
ObDereferenceObject( eventObject );
01356 }
01357
if (synchronousIo) {
01358
IopReleaseFileObjectLock( fileObject );
01359 }
01360
ObDereferenceObject( fileObject );
01361
if (capturedArray !=
NULL) {
01362
ExFreePool( capturedArray );
01363 }
01364
return STATUS_INVALID_PARAMETER;
01365 }
01366
01367
01368
01369
01370
01371
KeClearEvent( &fileObject->
Event );
01372
01373
01374
01375
01376
01377
01378
01379 irp =
IopAllocateIrp( deviceObject->
StackSize, TRUE );
01380
if (!irp) {
01381
01382
01383
01384
01385
01386
01387
IopAllocateIrpCleanup( fileObject, eventObject );
01388
01389
if (capturedArray !=
NULL) {
01390
ExFreePool( capturedArray );
01391 }
01392
return STATUS_INSUFFICIENT_RESOURCES;
01393 }
01394 irp->
Tail.Overlay.OriginalFileObject = fileObject;
01395 irp->
Tail.Overlay.Thread =
PsGetCurrentThread();
01396 irp->
Tail.Overlay.AuxiliaryBuffer = (PVOID)
NULL;
01397 irp->
RequestorMode = requestorMode;
01398 irp->
PendingReturned =
FALSE;
01399 irp->
Cancel =
FALSE;
01400 irp->
CancelRoutine = (
PDRIVER_CANCEL)
NULL;
01401
01402
01403
01404
01405
01406 irp->
UserEvent = eventObject;
01407 irp->
UserIosb = IoStatusBlock;
01408 irp->
Overlay.AsynchronousParameters.UserApcRoutine = ApcRoutine;
01409 irp->
Overlay.AsynchronousParameters.UserApcContext = ApcContext;
01410
01411
01412
01413
01414
01415
01416
01417
01418
01419
01420
01421 irpSp =
IoGetNextIrpStackLocation( irp );
01422 majorFunction = (PULONG) irpSp;
01423 *majorFunction =
IRP_MJ_WRITE;
01424 irpSp->
FileObject = fileObject;
01425
if (fileObject->
Flags &
FO_WRITE_THROUGH) {
01426 irpSp->
Flags =
SL_WRITE_THROUGH;
01427 }
01428
01429
01430
01431
01432
01433
01434
01435
01436
01437
01438 irp->
AssociatedIrp.SystemBuffer = (PVOID)
NULL;
01439 irp->
MdlAddress = (
PMDL)
NULL;
01440
01441
01442
01443
01444
01445
01446
01447
01448
01449 mdl = (
PMDL)
NULL;
01450 irp->
Flags = 0;
01451
01452
if (Length) {
01453
01454
try {
01455
01456
01457
01458
01459
01460
01461
01462
01463 mdl =
IoAllocateMdl( (PVOID)(ULONG_PTR) SegmentArray[0].Buffer, Length, FALSE, TRUE, irp );
01464
if (mdl ==
NULL) {
01465
ExRaiseStatus( STATUS_INSUFFICIENT_RESOURCES );
01466 }
01467
01468
01469
01470
01471
01472
01473
MmProbeAndLockSelectedPages( mdl,
01474 SegmentArray,
01475 requestorMode,
01476 IoReadAccess );
01477
01478 irp->
UserBuffer = (PVOID)(ULONG_PTR) SegmentArray[0].Buffer;
01479
01480 } except(EXCEPTION_EXECUTE_HANDLER) {
01481
01482
01483
01484
01485
01486
01487
01488
01489
IopExceptionCleanup( fileObject,
01490 irp,
01491 eventObject,
01492 (
PKEVENT) NULL );
01493
01494
if (capturedArray !=
NULL) {
01495
ExFreePool( capturedArray );
01496 }
01497
return GetExceptionCode();
01498 }
01499
01500 }
01501
01502
01503
01504
01505
01506
if (capturedArray !=
NULL) {
01507
ExFreePool( capturedArray );
01508 }
01509
01510
01511
01512
01513
01514
01515
if (fileObject->
Flags &
FO_NO_INTERMEDIATE_BUFFERING) {
01516 irp->
Flags |=
IRP_NOCACHE |
IRP_WRITE_OPERATION |
IRP_DEFER_IO_COMPLETION;
01517 }
else {
01518 irp->
Flags |=
IRP_WRITE_OPERATION |
IRP_DEFER_IO_COMPLETION;
01519 }
01520
01521
01522
01523
01524
01525
01526 irpSp->
Parameters.Write.Length = Length;
01527 irpSp->
Parameters.Write.Key = keyValue;
01528 irpSp->
Parameters.Write.ByteOffset = fileOffset;
01529
01530
01531
01532
01533
01534
01535 status =
IopSynchronousServiceTail( deviceObject,
01536 irp,
01537 fileObject,
01538 TRUE,
01539 requestorMode,
01540 synchronousIo,
01541 WriteTransfer );
01542
01543
return status;
01544
01545 }
}