Skip to content

Commit

Permalink
Stabality improvements
Browse files Browse the repository at this point in the history 
see CHANGELOG
  • Loading branch information
@sn99
sn99 authored Dec 20, 2022
1 parent 9414821 commit cf2fc75
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 11 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
# v0.6.0

- Fix issue of floating point operations in kernel driver
- Performance improvements

# v0.5.5

- Upgrade `C` standard to `C11`
Expand Down
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "fsfilter-rs"
version = "0.5.5"
version = "0.6.0"
edition = "2021"
authors = ["sn99 <[email protected]>"]
description = "A rust library to monitor filesystem and more in windows"
Expand Down
6 changes: 1 addition & 5 deletions minifilter/snFilter/ShanonEntropy.cpp
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
// #pragma warning(disable : 28110)

#include "ShanonEntropy.h"

constexpr DOUBLE M_LOG2E = 1.4426950408889634;
Expand All @@ -17,10 +15,8 @@ _Kernel_float_used_ DOUBLE shannonEntropy(PUCHAR buffer, size_t size)
bucketByteVals[buffer[i]]++;
}

KFLOATING_SAVE SaveState;
__try
{
KeSaveFloatingPointState(&SaveState);
for (ULONG i = 0; i < MAX_BYTE_SIZE; i++)
{
if (bucketByteVals[i] != 0)
Expand All @@ -33,7 +29,7 @@ _Kernel_float_used_ DOUBLE shannonEntropy(PUCHAR buffer, size_t size)
}
__finally
{
KeRestoreFloatingPointState(&SaveState);
}

return entropy;
}
26 changes: 23 additions & 3 deletions minifilter/snFilter/snFilter.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -574,7 +574,14 @@ FSProcessPreOperartion(_Inout_ PFLT_CALLBACK_DATA Data, _In_ PCFLT_RELATED_OBJEC

__try
{
newItem->Entropy = shannonEntropy((PUCHAR)writeBuffer, newItem->MemSizeUsed);
KFLOATING_SAVE SaveState;
NTSTATUS Status = KeSaveFloatingPointState(&SaveState);
if (NT_SUCCESS(Status))
{
newItem->Entropy = shannonEntropy((PUCHAR)writeBuffer, newItem->MemSizeUsed);
}

KeRestoreFloatingPointState(&SaveState);
newItem->isEntropyCalc = TRUE;
}
__except (EXCEPTION_EXECUTE_HANDLER)
Expand Down Expand Up @@ -936,7 +943,14 @@ FSProcessPostReadIrp(_Inout_ PFLT_CALLBACK_DATA Data, _In_ PCFLT_RELATED_OBJECTS
// we catch EXCEPTION_EXECUTE_HANDLER so to prevent crash when calculating
__try
{
entry->data.Entropy = shannonEntropy((PUCHAR)ReadBuffer, Data->IoStatus.Information);

KFLOATING_SAVE SaveState;
NTSTATUS Status = KeSaveFloatingPointState(&SaveState);
if (NT_SUCCESS(Status))
{
entry->data.Entropy = shannonEntropy((PUCHAR)ReadBuffer, Data->IoStatus.Information);
}
KeRestoreFloatingPointState(&SaveState);
entry->data.isEntropyCalc = TRUE;
}
__except (EXCEPTION_EXECUTE_HANDLER)
Expand Down Expand Up @@ -976,7 +990,13 @@ FLT_POSTOP_CALLBACK_STATUS FSProcessPostReadSafe(_Inout_ PFLT_CALLBACK_DATA Data
{
if (entry != nullptr)
{
entry->data.Entropy = shannonEntropy((PUCHAR)ReadBuffer, Data->IoStatus.Information);
KFLOATING_SAVE SaveState;
NTSTATUS Status = KeSaveFloatingPointState(&SaveState);
if (NT_SUCCESS(Status))
{
entry->data.Entropy = shannonEntropy((PUCHAR)ReadBuffer, Data->IoStatus.Information);
}
KeRestoreFloatingPointState(&SaveState);
entry->data.MemSizeUsed = Data->IoStatus.Information;
entry->data.isEntropyCalc = TRUE;
}
Expand Down
4 changes: 2 additions & 2 deletions minifilter/snFilter/snFilter.vcxproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
<PreferredToolArchitecture>x64</PreferredToolArchitecture>
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
<WholeProgramOptimization>true</WholeProgramOptimization>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
Expand All @@ -49,7 +49,7 @@
<ConfigurationType>Driver</ConfigurationType>
<DriverType>WDM</DriverType>
<WholeProgramOptimization>true</WholeProgramOptimization>
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
<Driver_SpectreMitigation>false</Driver_SpectreMitigation>
<PreferredToolArchitecture>x64</PreferredToolArchitecture>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
Expand Down

0 comments on commit cf2fc75

Please sign in to comment.