Write a daemon on Windows (5) file system redirection

Write a daemon on Windows (5) file system redirection

A classmate who often operates files or registries on Windows may know that there is "file System/Registry redirection" in this case. In general, when 32-bit programs run on 64-bit Windows, the operating system redirects access to the System32 folder to SysWow64, redirecting access to HKEY_LOCAL_MACHINE\Software to Hkey_local_ Under the Machine\software\wow6432node. Of course not only these paths and the registry. Please see msdn:https://msdn.microsoft.com/en-us/library/aa384187.aspx and https://msdn.microsoft.com/en-us/library/for details. aa384232 (v=vs.85). aspx.

We usually compile a 32-bit program to make it easier to publish, and not compile the 64 program. If the code involves accessing the file and the registry, consider the problem.

Windows provides two APIs (exactly 3, but one is deprecated) to disable file System/Registry redirection: Wow64disablewow64fsredirection, Wow64revertwow64fsredirection. As the name implies, the former is used for disabling, the latter for recovery.

Some students may have said: I have been disabled on the line, why do I have to recover? You think less, some snippets may not care if there is a redirect, so it does not consider the problem, if the result of this code snippet affects multiple threads, and you just happen to have a thread that contains this snippet of redirection is disabled, it becomes that some threads are disabled redirection, some threads are not disabled, The results obtained are inconsistent.

In general we disable redirection before a function call that will have a redirect problem, and after the call is complete, restore the redirect. It's easy to think of using the RAII technique: Disable in the class constructor, restore in destructor:

classScoped_disable_wow64_fsredirection: Publicboost::noncopyable{ Public: Scoped_disable_wow64_fsredirection (); ~scoped_disable_wow64_fsredirection ();Private:    Static BOOLDisablevoid**ppoldvalue); Static BOOLRevertvoid*poldvalue);Private:    void*_poldvalue;};

Disable is called in the implementation of the constructor, and revert is called in the implementation of the destructor.

Where disable is called the Wow64disablewow64fsredirection,revert is called the wow64revertwow64fsredirection.

Note: The class name is so long to be able to achieve the "as the name implies" degree. I didn't think of any better name. Hey, it's a headache.

But we can't call these two Windows APIs directly, why?

On windowsxp so popular platform, they did not ah! If you call these two functions directly, on XP, the whole program will not run up.

What to do?

Dynamically loading these two functions with GetProcAddress, without these two functions, means there is no redirection problem.

Here is the implementation:

StaticBoost::once_flag once_;typedefint(__stdcall *fnwow64disablewow64fsredirection) (void*); typedefint(__stdcall *fnwow64revertwow64fsredirection) (void*);StaticFnwow64disablewow64fsredirection g_fnwow64disablewow64fsredirection =NULL;StaticFnwow64revertwow64fsredirection g_fnwow64revertwow64fsredirection =NULL;Static voidLoad_wow64_funcs () {g_fnwow64disablewow64fsredirection= reinterpret_cast<fnwow64disablewow64fsredirection>(Windowsutil::load_function ("Kernel32.dll","wow64disablewow64fsredirection")); G_fnwow64revertwow64fsredirection= reinterpret_cast<fnwow64revertwow64fsredirection>(Windowsutil::load_function ("Kernel32.dll","wow64revertwow64fsredirection"));} Scoped_disable_wow64_fsredirection::scoped_disable_wow64_fsredirection (): _poldvalue (NULL) {boost::call_once (    Once_, Load_wow64_funcs); Disable (&_poldvalue);} Scoped_disable_wow64_fsredirection::~scoped_disable_wow64_fsredirection () {revert (_poldvalue);}BOOLScoped_disable_wow64_fsredirection::d isable (void**ppoldvalue) {    BOOLRET =true; if(g_fnwow64disablewow64fsredirection) {if(!g_fnwow64disablewow64fsredirection (Ppoldvalue)) {Errorloglasterr ("Wow64disablewow64fsredirection fail"); RET=false; }    }    returnret;}BOOLScoped_disable_wow64_fsredirection::revert (void*poldvalue) {    BOOLRET =true; if(g_fnwow64revertwow64fsredirection) {if(!g_fnwow64revertwow64fsredirection (Poldvalue)) {Errorloglasterr ("Wow64revertwow64fsredirection fail"); RET=false; }    }    returnret;}

Here we use the call_once described in the previous article to load these two functions.

Load_function encapsulates the invocation of the getmodulehandlea-getprocaddress two functions, see the source code for details.

When used, only one instance of the class needs to be defined. Remember to narrow the scope as much as possible to avoid affecting other pieces of code.

Source: Https://git.oschina.net/mkdym/DaemonSvc.git (Master) && Https://github.com/mkdym/DaemonSvc.git (for lifting).

Sunday November 1, 2015

Write a daemon on Windows (5) file system redirection