Write a Windows daemon (5) File System redirection and daemon redirection

Write a Windows daemon (5) File System redirection and daemon redirection
Write a Windows daemon (5) File System redirection

Users who often operate files or registries on Windows may know that there is a "File System/Registry redirection. Generally speaking, when a 32-bit program runs on a 64-bit Windows system, the operating system will redirect access to the System32 folder to SysWow64, redirect access to HKEY_LOCAL_MACHINE \ SOFTWARE \ Wow6432Node. Of course, there are more than these paths and registries. For more information, see MSDN: https://msdn.microsoft.com/en-us/library/aa384187.aspx and https://msdn.microsoft.com/en-us/library/aa384232 (v = vs.85). aspx.

We usually compile only a 32-bit program for convenient release, and do not compile 64 programs. If the Code involves accessing the file and registry, consider this issue.

Windows provides two APIs (three, but none of them are recommended) to disable file system/Registry redirection: Wow64DisableWow64FsRedirection and Wow64RevertWow64FsRedirection. As the name suggests, the former is used to disable and the latter is used to recover.

Some people may say: I just keep disabling it. Why do I need to recover it? You may think less about this. Some code segments may not be concerned with redirection, so you have not considered this issue. If the result of this code segment affects multiple threads, and you just disabled the redirection of a thread that contains this code segment, so some threads disabled the redirection, and some threads did not disable the redirection, and the obtained results were inconsistent.

Generally, we disable redirection before calling a function with redirection problems. After the call is completed, the redirection will be restored. This is easy to think of using the RAII method: Disable it in the class constructor and restore it in the Destructor:

class scoped_disable_wow64_fsredirection : public boost::noncopyable{public:    scoped_disable_wow64_fsredirection();    ~scoped_disable_wow64_fsredirection();private:    static bool disable(void **ppOldValue);    static bool revert(void *pOldValue);private:    void *_pOldValue;};

Disable is called in the implementation of constructor, and revert is called in the implementation of destructor.

Disable calls Wow64DisableWow64FsRedirection, and revert calls Wow64RevertWow64FsRedirection.

Note: The class name is so long that it can be "as the name suggests. I did not expect any better name yet. Ah, naming is a headache.

But we cannot directly call these two Windows APIs. Why?

Static boost: once_flag once _; typedef int (_ stdcall * fnWow64DisableWow64FsRedirection) (void *); typedef int (_ stdcall * direction) (void *); static fnWow64DisableWow64FsRedirection direction = NULL; static fnWow64RevertWow64FsRedirection direction = NULL; static void load_wow64_funcs () {g_fnWow64DisableWow64FsRedirection = reinterpr Et_cast <summary> (WindowsUtil: load_function ("Kernel32.dll", "Wow64DisableWow64FsRedirection"); response = reinterpret_cast <summary> (WindowsUtil: load_function ("Kernel32.dll ", "Wow64RevertWow64FsRedirection");} scoped_disable_wow64_fsredirection: scoped_disable_wow64_fsredirection (): _ pOldValue (NULL) {boost: call_once (onc) E _, load_wow64_funcs); disable (& _ pOldValue);} scoped_disable_wow64_fsredirection ::~ Returns () {revert (_ pOldValue);} bool scoped_disable_wow64_fsredirection: disable (void ** ppOldValue) {bool ret = true; if (then) {if (! Callback (ppOldValue) {ErrorLogLastErr ("Wow64DisableWow64FsRedirection fail"); ret = false ;}} return ret;} bool failed: revert (void * pOldValue) {bool ret = true; if (g_fnWow64RevertWow64FsRedirection) {if (! G_fnWow64RevertWow64FsRedirection (pOldValue) {ErrorLogLastErr ("Wow64RevertWow64FsRedirection fail"); ret = false ;}} return ret ;}

Here we use the call_once mentioned in the previous article to load these two functions.

Load_function encapsulates the call of the GetModuleHandleA-GetProcAddress functions. For details, see the source code.

 

You only need to define a class instance. Remember to minimize the scope to avoid affecting other code segments.

 

Source code: https://git.oschina.net/mkdym/DaemonSvc.git (main) & https://github.com/mkdym/DaemonSvc.git (to improve the Force Grid ).

 

Sunday, January 1, November 1, 2015