kjkim
/
BSOne.SFC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
BSOne.SFC/Tocsg.Module/Bs1Flt/bs1fltctrl/interface.cpp

1243 lines
28 KiB
C++
Raw Blame History

#include "pch.h"
CInterface::CInterface()
{
fltlib_ = NULL;
m_hPort = INVALID_HANDLE_VALUE;
m_hShProcessTerminate = INVALID_HANDLE_VALUE;
}
CInterface::~CInterface()
{
Close();
}
BOOL CInterface::NtNameToDosNameW(LPWSTR dosName, SIZE_T size, LPWSTR ntName)
{
WCHAR drives[1024] = { 0, };
WCHAR deviceName[1024] = { 0, };
WCHAR* name = drives, tmp[3];
int n = GetLogicalDriveStringsW(sizeof(drives), drives);
if (n >= sizeof(drives) || n == 0)
{
return FALSE;
}
while (*name)
{
Sleep(1);
tmp[0] = name[0]; tmp[1] = name[1]; tmp[2] = L'\0';
if (!QueryDosDeviceW(tmp, deviceName, sizeof(deviceName)))
continue;
if (wcsncmp(deviceName, ntName, lstrlenW(deviceName)) == 0)
{
StringCbCopyW(dosName, size, tmp);
StringCbCatW(dosName, size, ntName + lstrlenW(deviceName));
return TRUE;
}
name += lstrlenW(name) + 1;
}
return FALSE;
}
BOOL CInterface::DosNameToNtNameW(LPWSTR ntName, SIZE_T size, LPCWSTR dosName)
{
WCHAR drives[1024] = { 0, };
WCHAR deviceName[1024] = { 0, };
WCHAR* name = drives, tmp[3];
tmp[0] = dosName[0]; tmp[1] = dosName[1]; tmp[2] = _T('\0');
if (!QueryDosDeviceW(tmp, deviceName, 1024))
return FALSE;
StringCbCopyW(ntName, size, deviceName);
StringCbCatW(ntName, size, dosName + 2);
return TRUE;
}
BOOL CInterface::Open(LPCTSTR name)
{
HRESULT hr = SEVERITY_SUCCESS;
for(DWORD i = 0; i<5; ++i)
{
hr = pFilterConnectCommunicationPort( name,
0,
NULL,
0,
NULL,
&m_hPort );
if (SUCCEEDED(hr))
{
BSONE_DEBUG(L"FilterConnectCommunicationPort fail %x\n", hr);
return TRUE;
}
}
return FALSE;
}
BOOL CInterface::Clear()
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)CLEAR;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x %x\n", GetLastError(), CLEAR);
return FALSE;
}
BSONE_DEBUG(_T("CInterface::Clear(), Success\n"));
return TRUE;
}
BOOL CInterface::OpenEx(LPCTSTR name)
{
HRESULT hr = SEVERITY_SUCCESS;
for(DWORD i = 0; i<5; ++i)
{
hr = pFilterConnectCommunicationPort( name,
0,
NULL,
0,
NULL,
&m_hPort );
if(!SUCCEEDED(hr))
{
BSONE_DEBUG(_T("CInterface::OpenEx(), Fail %x\n"), hr);
Sleep(200);
continue;
}
else
{
break;
}
}
if(!SUCCEEDED(hr))
{
BSONE_DEBUG(_T("CInterface::OpenEx(), Fail %x\n"), hr);
return FALSE;
}
if(!Clear())
return FALSE;
return TRUE;
}
BOOL CInterface::Close()
{
if(m_hPort != INVALID_HANDLE_VALUE)
{
StartAndStop(FALSE);
CloseHandle(m_hPort);
m_hPort = INVALID_HANDLE_VALUE;
}
if(fltlib_ != NULL)
{
::FreeLibrary(fltlib_);
fltlib_ = NULL;
}
if(m_hShProcessTerminate == INVALID_HANDLE_VALUE)
{
CloseHandle(m_hShProcessTerminate);
m_hShProcessTerminate = INVALID_HANDLE_VALUE;
}
return TRUE;
}
BOOL CInterface::Init()
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR wszEventName[MAX_PATH] = {0,};
CNullSA sa;
fltlib_ = ::LoadLibrary(_T("fltlib.dll"));
if(fltlib_ == NULL)
{
return FALSE;
}
pFilterConnectCommunicationPort = (fpFilterConnectCommunicationPort)::GetProcAddress(fltlib_, "FilterConnectCommunicationPort");
pFilterSendMessage = (fpFilterSendMessage)::GetProcAddress(fltlib_, "FilterSendMessage");
pFilterReplyMessage = (fpFilterReplyMessage)::GetProcAddress(fltlib_, "FilterReplyMessage");
pFilterGetMessage = (fpFilterGetMessage)::GetProcAddress(fltlib_, "FilterGetMessage");
if(!pFilterConnectCommunicationPort || !pFilterSendMessage || !pFilterReplyMessage || !pFilterGetMessage)
{
BSONE_DEBUG(L"Invaild Func Adr %x %x %x %x\n", pFilterConnectCommunicationPort, pFilterSendMessage, pFilterReplyMessage, pFilterGetMessage );
return FALSE;
}
StringCbPrintfW(wszEventName, sizeof(wszEventName), L"Global\\%s", PROCESS_TERMINATE_SHARE_EVENT);
m_hShProcessTerminate = CreateEventW(sa, FALSE, FALSE, wszEventName);
if(m_hShProcessTerminate == INVALID_HANDLE_VALUE)
{
BSONE_DEBUG(L"share event fail GL = %d\n", GetLastError());
return FALSE;
}
// if(!Open(PB_SHARELOCK_PORTNAME))
// {
// PB_DEBUG(L"open fail %x %s\n", GetLastError(), PB_SHARELOCK_PORTNAME);
// return FALSE;
// }
//
// if(!Clear())
// {
// return FALSE;
// }
// if(!StartAndStop(TRUE))
// return FALSE;
//
return TRUE;
}
HRESULT CInterface::SetReplyMessage(LPVOID p, SIZE_T size)
{
HRESULT hr;
hr = pFilterReplyMessage( m_hPort, (PFILTER_REPLY_HEADER) p, (DWORD)size );
if(SUCCEEDED( hr ))
{
return hr;
}
BSONE_DEBUGA("Error replying message. Error = 0x%X\n", hr);
return hr;
}
HRESULT CInterface::GetMessage(LPVOID p, SIZE_T size, LPOVERLAPPED lpov)
{
HRESULT hr;
hr = pFilterGetMessage( m_hPort, (PFILTER_MESSAGE_HEADER)p, (DWORD)size, lpov);
if(SUCCEEDED( hr ))
{
return hr;
}
//PB_DEBUGA("Error GetMessage. Error = 0x%X, %p, %d, %p\n", hr, p, size, lpov);
return hr;
}
HRESULT CInterface::SendMessage(LPVOID inbuff, SIZE_T inbuffsize, LPVOID outbuff, SIZE_T outbuffsize, DWORD *pdwReturnSize)
{
HRESULT hr;
hr = pFilterSendMessage(m_hPort, inbuff, (DWORD)inbuffsize, outbuff, (DWORD)outbuffsize, pdwReturnSize);
if(SUCCEEDED( hr ))
{
return hr;
}
BSONE_DEBUGA("Error SendMessage. Error = 0x%X", hr);
return hr;
}
BOOL CInterface::SetProtectPath(DWORD dwType, WCHAR * buf, SIZE_T size)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR ntDevicePath[PATH_SIZE] = {0,};
WCHAR dosname[3] = {0,};
if(size >= PATH_SIZE - 10)
return FALSE;
DosNameToNtNameW(ntDevicePath, sizeof(ntDevicePath), buf);
msg.w.file_path_.size = (DWORD)wcslen(ntDevicePath) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)SET_PATH;
msg.w.file_path_.type = (ULONG)dwType;
BSONE_DEBUG(L"SetProtectPath, ntDevicePath(%s) ulType(%d)", ntDevicePath, dwType);
StringCbCopyW(msg.w.file_path_.path, sizeof(msg.w.file_path_.path), ntDevicePath);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::DelProtectPath(DWORD dwType, WCHAR * buf, SIZE_T size)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR ntDevicePath[PATH_SIZE] = {0,};
WCHAR dosname[3] = {0,};
if(buf != NULL)
{
if(size >= PATH_SIZE - 10)
return FALSE;
if(!DosNameToNtNameW(ntDevicePath, sizeof(ntDevicePath), buf))
{
BSONE_DEBUG(_T("Exist Drive Name\n"));
return FALSE;
}
msg.w.file_path_.size = (DWORD)wcslen(ntDevicePath) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)DEL_PATH;
msg.w.file_path_.type = (ULONG)dwType;
StringCbCopyW(msg.w.file_path_.path, sizeof(msg.w.file_path_.path), ntDevicePath);
}
else
{
msg.w.file_path_.size = 0;
msg.id_ = (ULONGLONG)DEL_PATH;
msg.w.file_path_.type = (ULONG)dwType;
}
BSONE_DEBUG(_T("dwType(%d), ntDevicePath(%s)\n"), dwType, ntDevicePath);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetFileName(DWORD dwType, WCHAR * buf, SIZE_T size)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR ntDevicePath[PATH_SIZE] = {0,};
WCHAR dosname[3] = {0,};
if(size >= PATH_SIZE - 10)
return FALSE;
msg.w.file_path_.size = (DWORD)wcslen(buf) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)SET_FILENAME;
msg.w.file_path_.type = (ULONG)dwType;
StringCbCopyW(msg.w.file_path_.path, sizeof(msg.w.file_path_.path), buf);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetPid(DWORD dwType, DWORD dwProcessId)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_PID;
msg.type_ = dwType;
msg.pid_ = dwProcessId;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::RemovePid(DWORD dwProcessId)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
DWORD dwType = 0;
msg.id_ = (ULONGLONG)REMOVE_PID;
msg.pid_ = dwProcessId;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), &dwType, sizeof(DWORD), &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessPath(DWORD dwType, WCHAR * buf, SIZE_T size)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR ntDevicePath[PATH_SIZE] = {0,};
WCHAR dosname[3] = {0,};
if(size >= sizeof(ntDevicePath) - 10)
{
BSONE_DEBUG(L"size fail %x,%x\n", size, (DWORD)(sizeof(ntDevicePath) - 10));
return FALSE;
}
WCHAR *ptr = wcsrchr(buf, '\\');
if(ptr)
{
DosNameToNtNameW(ntDevicePath, sizeof(ntDevicePath), buf);
}
else
StringCbCopyW(ntDevicePath, sizeof(ntDevicePath), buf);
msg.id_ = (ULONGLONG)SET_PROCESSNAME;
msg.w.process_path_.type = (ULONG)dwType;
msg.w.process_path_.size = (DWORD)wcslen(ntDevicePath) * (DWORD)sizeof(WCHAR);
StringCbCopyW(msg.w.process_path_.path, sizeof(msg.w.process_path_.path), ntDevicePath);
BSONE_DEBUG(L"path(%s) size(%d)", msg.w.process_path_.path, size);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::DelProcessPath(DWORD dwType, WCHAR * buf, SIZE_T size)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR ntDevicePath[PATH_SIZE] = {0,};
WCHAR dosname[3] = {0,};
if(buf != NULL)
{
if (size >= sizeof(ntDevicePath) - 10)
{
BSONE_DEBUG(L"size fail %x,%x\n", size, (DWORD)(sizeof(ntDevicePath) - 10));
return FALSE;
}
WCHAR *ptr = wcsrchr(buf, '\\');
if(ptr)
{
if(!DosNameToNtNameW(ntDevicePath, sizeof(ntDevicePath), buf))
{
BSONE_DEBUG(_T("Exist Drive Name\n"));
return FALSE;
}
}
else
{
StringCbCopyW(ntDevicePath, sizeof(ntDevicePath), buf);
}
msg.w.process_path_.size = (DWORD)wcslen(ntDevicePath) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)DEL_PROCESSNAME;
msg.w.process_path_.type = (ULONG)dwType;
StringCbCopyW(msg.w.process_path_.path, sizeof(msg.w.process_path_.path), ntDevicePath);
}
else
{
msg.w.process_path_.size = 0;
msg.id_ = (ULONGLONG)DEL_PROCESSNAME;
msg.w.process_path_.type = (ULONG)dwType;
}
BSONE_DEBUG(_T("dwType(%d), ntDevicePath(%s)\n"), dwType, ntDevicePath);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::StartAndStop(DWORD flags)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
if( flags )
{
msg.id_ = (ULONGLONG)START;
}
else
{
msg.id_ = (ULONGLONG)STOP;
}
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetFolderProtect(BOOL enable)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)START_FOLDER_PROTECT;
msg.state_ = (ULONG)enable;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
DWORD CInterface::GetProcessNotifyStatus()
{
HRESULT hr;
BS1FLT_MESSAGE msg = {0,};
DWORD dwReturnSize;
m_dwProcessNotify = 1;
msg.id_ = GET_PROCESS_NOTIFY_STATUS;
hr = pFilterSendMessage(m_hPort, &msg, sizeof(msg), &m_dwProcessNotify, sizeof(m_dwProcessNotify), &dwReturnSize);
BSONE_DEBUG(_T("status = %x\n"), m_dwProcessNotify);
if(SUCCEEDED( hr ))
{
return m_dwProcessNotify;
}
return 0;
}
BOOL CInterface::SetShareWatch(BOOL bIsWatch)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)START_IS_SHARE_FOLDER_WATCHE;
msg.state_ = (ULONG)bIsWatch;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::Debug(DWORD dwFlag)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_DEBUG_LEVEL;
msg.pid_ = (ULONG)dwFlag;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetTerminiateProcess(DWORD dwProcessId)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_TERMINATE_PROCESS;
msg.pid_ = dwProcessId;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetDeleteFile(WCHAR * buf)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR dosname[3] = {0,};
WCHAR delpath[PATH_SIZE] = L"\\??\\";
// if(size >= 1024 - 30)
// {
// return FALSE;
// }
StringCbCatW(delpath, sizeof(delpath), buf);
msg.id_ = (ULONGLONG)SET_DELETE_FILE;
msg.w.file_path_.size = (DWORD)wcslen(delpath);
StringCbCopyW(msg.w.file_path_.path, ARRAYSIZE(msg.w.file_path_.path), delpath);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if(IS_ERROR( hResult ))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProtectFilePath(PWCHAR lpwPath)
{
BS1FLT_MESSAGE msg = {0,};
HRESULT hResult = 0;
DWORD dwRet = 0;
WCHAR szNtFilePath[PATH_SIZE] = {0,};
if (!DosNameToNtNameW(szNtFilePath, sizeof(szNtFilePath), lpwPath))
{
BSONE_DEBUG(_T("DosNameToNtNameW Fail.\n"));
return FALSE;
}
msg.id_ = (ULONGLONG)SET_WRITE_RENAME_PROTECT_FILEPATH;
msg.w.file_path_.type = 0;
msg.w.file_path_.size = (DWORD)wcslen(szNtFilePath);
StringCbCopyW(msg.w.file_path_.path, ARRAYSIZE(msg.w.file_path_.path), szNtFilePath);
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
BSONE_DEBUG(L"FilePath(%s), hResult(%x)\n", lpwPath, hResult);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
DWORD CInterface::GetMessageProc()
{
//PROCESS_MESSAGE msg;
DWORD bytesReturned = 0;
HRESULT hr = 0;
SCANNER_MESSAGE message = { 0, };
//DWORD bufferSize = sizeof(PROCESS_MESSAGE);
//PROCESS_MESSAGE* msg = (PROCESS_MESSAGE*)malloc(bufferSize); // <20><><EFBFBD><EFBFBD> <20>Ҵ<EFBFBD>
//if (!msg) {
//
// BSONE_DEBUG(L"Memory allocation failed");
// return 1;
//}
while (true)
{
BSONE_DEBUG(L"FilterGetMessage, wait");
hr = pFilterGetMessage(m_hPort, (PFILTER_MESSAGE_HEADER)&message.MessageHeader, SCANNER_MESSAGE_SIZE, NULL);
//hr = pFilterGetMessage(m_hPort, (PFILTER_MESSAGE_HEADER)&msg, sizeof(msg), NULL);
//if (hr == HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER))
//{
// // <20><><EFBFBD><EFBFBD> ũ<><C5A9> <20><><EFBFBD><EFBFBD> <20><> <20>ٽ<EFBFBD> <20>Ҵ<EFBFBD>
// free(msg);
// bufferSize = bytesReturned;
// msg = (PROCESS_MESSAGE*)malloc(bufferSize);
// if (!msg)
// {
// BSONE_DEBUG(L"Memory allocation failed");
// break;
// }
// continue; // <20>ٽ<EFBFBD> <20>õ<EFBFBD>
//}
//else if (FAILED(hr)) {
// BSONE_DEBUG(L"FilterGetMessage, Fail(%x)", hr);
// break;
//}
if (hr == HRESULT_FROM_WIN32(ERROR_OPERATION_ABORTED)) {
BSONE_DEBUG(L"FilterGetMessage aborted.");
hr = S_OK;
break;
}
else if (FAILED(hr)) {
BSONE_DEBUG(L"Failed to get message from the minifilter.(%x)", hr);
continue;
}
if (SUCCEEDED(hr))
{
//std::wcout << L"Detected Process: " << msg.ProcessName << L"\n";
//std::wcout << L"Process Path: " << msg.ProcessPath << L"\n";
//std::wcout << L"Process ID: " << msg.ProcessId << L"\n";
BSONE_DEBUG(L"FilterGetMessage, [%d], ProcessName[%s], ProcessPath[%s]", message.Notification.ProcessId, message.Notification.ProcessName, message.Notification.ProcessPath);
if (m_cb)
{
//m_cb(&msg);
}
//InjectDLL(msg.ProcessId, "C:\\InjectDLL.dll");
}
else
{
BSONE_DEBUG(L"FilterGetMessage, Fail(%x)", hr);
}
Sleep(500);
}
return 1;
}
DWORD WINAPI CInterface::GetMessageThread(LPVOID pArg)
{
CInterface* pCInterface = reinterpret_cast<CInterface*>(pArg);
if (!pCInterface)
{
return ERROR_INVALID_PARAMETER;
}
BSONE_DEBUG(L"start");
return pCInterface->GetMessageProc();
}
BOOL CInterface::StartGetMessageThread(DWORD nEnumInterval, BOOL bNotifyCurrent, fpCallBack cb, BOOL bOnce)
{
if (m_hThread)
return TRUE;
if (!m_hQuit)
{
m_hQuit = CreateEvent(NULL, TRUE, FALSE, NULL);
if (!m_hQuit)
{
BSONE_DEBUG(L"CreateEvent fail ge(%x)\n", GetLastError());
return FALSE;
}
}
m_bOnce = bOnce;
m_nEnumInterval = nEnumInterval;
m_bNotifyCurrent = bNotifyCurrent;
m_cb = cb;
DWORD nThreadId = 0;
m_hThread = CreateThread(NULL, 0, GetMessageThread, (PVOID)this, 0, &nThreadId);
if (!m_hThread)
{
BSONE_DEBUG(L"CreateThread fail ge(%x)\n", GetLastError());
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetHook(DWORD type, BOOL enable)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_HOOK;
msg.state_ = (ULONG)enable;
msg.type_ = type;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", hResult);
return FALSE;
}
return TRUE;
}
HRESULT CInterface::GetLog(LPVOID outbuff, SIZE_T outbuffsize, DWORD* pdwReturnSize)
{
HRESULT hResult;
BS1FLT_MESSAGE msg = { 0, };
msg.id_ = GET_LOG;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), outbuff, (DWORD)outbuffsize, pdwReturnSize);
if (SUCCEEDED(hResult))
{
return hResult;
}
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", hResult);
return hResult;
}
BOOL CInterface::SetDeviceProtect(DWORD enable)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT hResult = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)START_DEVICE_PROTECT;
msg.state_ = (ULONG)enable;
hResult = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(hResult))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", hResult);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetUsbDiskException(DWORD state, LPCWSTR vid, LPCWSTR pid, LPCWSTR productrevisionlevel, LPCWSTR vendorspecific)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
string svid;
string spid;
string sproductrevisionlevel;
string sserial;
msg.id_ = (ULONGLONG)SET_USB_DISK_EXCEPT;
msg.w.usb_except_.device_type = BDC_USB_DISK;
msg.state_ = state;
if (msg.state_ != STATE_CLEAR)
{
convert_unicode_to_ansi_string(svid, vid, wcslen(vid));
convert_unicode_to_ansi_string(spid, pid, wcslen(pid));
svid = ToUpperA(svid);
spid = ToUpperA(spid);
StringCbCopyA(msg.w.usb_except_.vendorid, sizeof(msg.w.usb_except_.vendorid), svid.c_str());
StringCbCopyA(msg.w.usb_except_.productid, sizeof(msg.w.usb_except_.productid), spid.c_str());
if (productrevisionlevel != NULL && productrevisionlevel[0] != L'\0')
{
convert_unicode_to_ansi_string(sproductrevisionlevel, productrevisionlevel, wcslen(productrevisionlevel));
sproductrevisionlevel = ToUpperA(sproductrevisionlevel);
StringCbCopyA(msg.w.usb_except_.productrevisionlevel, sizeof(msg.w.usb_except_.productrevisionlevel), sproductrevisionlevel.c_str());
}
if (vendorspecific != NULL && vendorspecific[0] != L'\0')
{
convert_unicode_to_ansi_string(sserial, vendorspecific, wcslen(vendorspecific));
sserial = ToUpperA(sserial);
StringCbCopyA(msg.w.usb_except_.vendorspecific, sizeof(msg.w.usb_except_.vendorspecific), sserial.c_str());
}
}
BSONE_DEBUGA("state(%d), vid(%s), pid(%s), serial(%s)\n", msg.state_, msg.w.usb_except_.vendorid, msg.w.usb_except_.productid, msg.w.usb_except_.vendorspecific);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetPolicy(enum_devicetype devcie_type, enum_devicestate state, BOOL islog)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_POLICY;
msg.device_policy_.device_type = devcie_type;
msg.device_policy_.state = state;
msg.device_policy_.islog = (ULONG)islog;
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessProtect(BOOL enable)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_PROCESS_PROTECT;
msg.state_ = enable;
BSONE_DEBUG(_T("msg.id(%d), msg.folder_protect_(%d)\n"), msg.id_, msg.state_);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessProtectName(DWORD type, LPCWSTR name)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_PROCESS_PROTECT_PROCESSNAME;
msg.w.process_path_.type = (ULONG)type;
msg.w.process_path_.size = (DWORD)wcslen(name) * (DWORD)sizeof(WCHAR);
StringCbCopyW(msg.w.process_path_.path, sizeof(msg.w.process_path_.path), name);
BSONE_DEBUG(L"type(%d), name(%s)", type, name);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::DelProcessProtectName(DWORD type, LPCWSTR name)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
if (name != NULL)
{
msg.w.process_path_.size = (DWORD)wcslen(name) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)DEL_PROCESS_PROTECT_PROCESSNAME;
msg.w.process_path_.type = (ULONG)type;
StringCbCopyW(msg.w.process_path_.path, sizeof(msg.w.process_path_.path), name);
BSONE_DEBUG(_T("type(%d), name(%s)\n"), type, name);
}
else
{
msg.w.process_path_.size = 0;
msg.id_ = (ULONGLONG)DEL_PROCESS_PROTECT_PROCESSNAME;
msg.w.process_path_.type = (ULONG)type;
BSONE_DEBUG(_T("all delete type(%d), name(%s)\n"), type, name);
}
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessProtectId(DWORD type, DWORD pid)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_PROCESS_PROTECT_PID;
msg.type_ = type;
msg.pid_ = pid;
BSONE_DEBUG(L"type(%d) pid(%d)", type, pid);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::DelProcessProtectId(DWORD type, DWORD pid)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)DEL_PROCESS_PROTECT_PID;
msg.type_ = type;
msg.pid_ = pid;
BSONE_DEBUG(L"type(%d) pid(%d)", type, pid);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetRegProtect(BOOL enable)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)SET_REG_PROTECT;
msg.state_ = enable;
BSONE_DEBUG(_T("msg.id(%d), msg.state_(%d)\n"), msg.id_, msg.state_);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetRegProtectName(LPCWSTR regkey)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
wstring wregkey;
msg.id_ = (ULONGLONG)SET_REG_KEY;
wregkey = ToUpper(regkey);
StringCbCopyW(msg.w.regkey_.regkey, sizeof(msg.w.regkey_.regkey), wregkey.c_str());
BSONE_DEBUG(L"regkey(%s)", regkey);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::DelRegProtectName(LPCWSTR regkey)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
wstring wregkey;
if (regkey != NULL)
{
msg.w.regkey_.size = (DWORD)wcslen(regkey) * (DWORD)sizeof(WCHAR);
msg.id_ = (ULONGLONG)DEL_REG_KEY;
wregkey = ToUpper(regkey);
StringCbCopyW(msg.w.regkey_.regkey, sizeof(msg.w.regkey_.regkey), wregkey.c_str());
BSONE_DEBUG(_T("regkey(%s)\n"), regkey);
}
else
{
msg.w.process_path_.size = 0;
msg.id_ = (ULONGLONG)DEL_REG_KEY;
BSONE_DEBUG(_T("all delete type\n"));
}
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetUsbPortException(DWORD state, DWORD vid, DWORD pid, DWORD bcddevice, LPCWSTR serial)
{
BS1FLT_MESSAGE msg = { 0, };
DWORD dwRet = 0;
HRESULT result = 0;
string svid;
string spid;
string sproductrevisionlevel;
string svendor;
msg.id_ = (ULONGLONG)SET_USB_PORT_EXCEPT;
msg.state_ = state;
if (msg.state_ != STATE_CLEAR)
{
msg.w.usb_except_.device_type = BDC_USB;
msg.w.usb_port_except_.vendorid = vid;
msg.w.usb_port_except_.productid = pid;
msg.w.usb_port_except_.bcddevice = bcddevice;
StringCbCopyW(msg.w.usb_port_except_.serial, sizeof(msg.w.usb_port_except_.serial), serial);
}
BSONE_DEBUG(L"vid(%x), pid(%x), (%s)\n", vid, pid, serial);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetLogtype(DWORD type)
{
BS1FLT_MESSAGE msg = { 0, };
DWORD dwRet = 0;
HRESULT result = 0;
msg.id_ = (ULONGLONG)SET_LOG_TYPE;
msg.type_ = type;
BSONE_DEBUG(L"type(%x)\n", type);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessCreate(BOOL enable)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
msg.id_ = (ULONGLONG)START_PROCESS_CREATE;
msg.state_ = enable;
BSONE_DEBUG(_T("id(%d), state(%d)\n"), msg.id_, msg.state_);
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail %x\n", result);
return FALSE;
}
return TRUE;
}
BOOL CInterface::SetProcessCreateBlockRule(DWORD state, LPCWSTR name, LPCWSTR cmd, LPCWSTR parentName)
{
BS1FLT_MESSAGE msg = { 0, };
HRESULT result = 0;
DWORD dwRet = 0;
wstring processName;
wstring processNameCmd;
msg.id_ = (ULONGLONG)SET_PROCESS_CREATE_BLOCK_RULE;
msg.state_ = state;
if (msg.state_ == STATE_SET)
{
if (name != NULL && name[0] != 0)
{
processName = ToUpper(name);
StringCbCopyW(msg.w.process_create_block_rule_.ProcessName, sizeof(msg.w.process_create_block_rule_.ProcessName), processName.c_str());
}
if (cmd != NULL && cmd[0] != 0)
{
processNameCmd = ToUpper(cmd);
StringCbCopyW(msg.w.process_create_block_rule_.CommandLine, sizeof(msg.w.process_create_block_rule_.CommandLine), processNameCmd.c_str());
}
if (parentName != NULL && parentName[0] != 0)
{
wstring processParentName = ToUpper(parentName);
StringCbCopyW(msg.w.process_create_block_rule_.ParentProcessName, sizeof(msg.w.process_create_block_rule_.ParentProcessName), processParentName.c_str());
}
BSONE_DEBUGA("state(%d), ProcessName(%s), CommandLine(%s), ParentProcessName(%s)\n", msg.state_,
msg.w.process_create_block_rule_.ProcessName,
msg.w.process_create_block_rule_.CommandLine,
msg.w.process_create_block_rule_.ParentProcessName
);
}
else
{
BSONE_DEBUGA("state(%d)\n", msg.state_);
}
result = pFilterSendMessage(m_hPort, &msg, sizeof(msg), NULL, 0, &dwRet);
if (IS_ERROR(result))
{
BSONE_DEBUG(L"FilterSendMessage fail (%x)\n", result);
return FALSE;
}
return TRUE;
}
Reference in New Issue View Git Blame Copy Permalink