named_pipe.c 46.6 KB
Newer Older
1 2 3 4
/*
 * Server-side pipe management
 *
 * Copyright (C) 1998 Alexandre Julliard
5
 * Copyright (C) 2001 Mike McCormack
6
 * Copyright 2016 Jacek Caban for CodeWeavers
7
 *
8 9 10 11 12 13 14 15 16 17 18 19
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
20
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 22 23
 */

#include "config.h"
24
#include "wine/port.h"
25 26 27

#include <assert.h>
#include <string.h>
28
#include <stdarg.h>
29 30 31
#include <stdio.h>
#include <stdlib.h>

32 33
#include "ntstatus.h"
#define WIN32_NO_STATUS
34
#include "windef.h"
35
#include "winternl.h"
36
#include "winioctl.h"
37

38
#include "file.h"
39 40 41
#include "handle.h"
#include "thread.h"
#include "request.h"
42
#include "security.h"
43
#include "process.h"
44

45 46 47 48 49
enum pipe_state
{
    ps_idle_server,
    ps_wait_open,
    ps_connected_server,
50 51 52 53
    ps_wait_disconnect,
    ps_wait_connect
};

54 55
struct named_pipe;

56 57 58 59 60 61 62 63
struct pipe_message
{
    struct list          entry;      /* entry in message queue */
    data_size_t          read_pos;   /* already read bytes */
    struct iosb         *iosb;       /* message iosb */
    struct async        *async;      /* async of pending write */
};

64
struct pipe_end
65
{
66 67
    struct object        obj;        /* object header */
    struct fd           *fd;         /* pipe file descriptor */
68
    unsigned int         flags;      /* pipe flags */
69
    struct pipe_end     *connection; /* the other end of the pipe */
70 71
    process_id_t         client_pid; /* process that created the client */
    process_id_t         server_pid; /* process that created the server */
72
    data_size_t          buffer_size;/* size of buffered data that doesn't block caller */
73
    struct list          message_queue;
74 75
    struct async_queue   read_q;     /* read queue */
    struct async_queue   write_q;    /* write queue */
76 77 78 79 80
};

struct pipe_server
{
    struct pipe_end      pipe_end;   /* common header for pipe_client and pipe_server */
81 82 83
    struct list          entry;      /* entry in named pipe servers list */
    enum pipe_state      state;      /* server state */
    struct pipe_client  *client;     /* client that this server is connected to */
84
    struct named_pipe   *pipe;
85
    unsigned int         options;    /* pipe options */
86 87 88 89
};

struct pipe_client
{
90
    struct pipe_end      pipe_end;   /* common header for pipe_client and pipe_server */
91
    struct pipe_server  *server;     /* server that this client is connected to */
92
    unsigned int         flags;      /* file flags */
93 94 95 96 97
};

struct named_pipe
{
    struct object       obj;         /* object header */
98
    unsigned int        flags;
99
    unsigned int        sharing;
100 101 102
    unsigned int        maxinstances;
    unsigned int        outsize;
    unsigned int        insize;
103
    unsigned int        instances;
104
    timeout_t           timeout;
105
    struct list         servers;     /* list of servers using this pipe */
106
    struct async_queue  waiters;     /* list of clients waiting to connect */
107 108
};

109 110 111
struct named_pipe_device
{
    struct object       obj;         /* object header */
112
    struct fd          *fd;          /* pseudo-fd for ioctls */
113 114 115
    struct namespace   *pipes;       /* named pipe namespace */
};

116
static void named_pipe_dump( struct object *obj, int verbose );
117
static unsigned int named_pipe_map_access( struct object *obj, unsigned int access );
118
static int named_pipe_link_name( struct object *obj, struct object_name *name, struct object *parent );
119 120
static struct object *named_pipe_open_file( struct object *obj, unsigned int access,
                                            unsigned int sharing, unsigned int options );
121
static void named_pipe_destroy( struct object *obj );
122 123 124 125 126

static const struct object_ops named_pipe_ops =
{
    sizeof(struct named_pipe),    /* size */
    named_pipe_dump,              /* dump */
127
    no_get_type,                  /* get_type */
128 129 130 131
    no_add_queue,                 /* add_queue */
    NULL,                         /* remove_queue */
    NULL,                         /* signaled */
    NULL,                         /* satisfied */
132
    no_signal,                    /* signal */
133
    no_get_fd,                    /* get_fd */
134
    named_pipe_map_access,        /* map_access */
135 136
    default_get_sd,               /* get_sd */
    default_set_sd,               /* set_sd */
137
    no_lookup_name,               /* lookup_name */
138 139
    named_pipe_link_name,         /* link_name */
    default_unlink_name,          /* unlink_name */
140
    named_pipe_open_file,         /* open_file */
141
    no_close_handle,              /* close_handle */
142 143 144
    named_pipe_destroy            /* destroy */
};

145
/* common server and client pipe end functions */
146
static enum server_fd_type pipe_end_get_fd_type( struct fd *fd );
147
static struct fd *pipe_end_get_fd( struct object *obj );
148
static int pipe_end_read( struct fd *fd, struct async *async, file_pos_t pos );
149
static int pipe_end_write( struct fd *fd, struct async *async_data, file_pos_t pos );
150
static int pipe_end_flush( struct fd *fd, struct async *async );
151
static void pipe_end_get_volume_info( struct fd *fd, unsigned int info_class );
152
static void pipe_end_reselect_async( struct fd *fd, struct async_queue *queue );
153

154 155
/* server end functions */
static void pipe_server_dump( struct object *obj, int verbose );
156 157 158
static struct security_descriptor *pipe_server_get_sd( struct object *obj );
static int pipe_server_set_sd( struct object *obj, const struct security_descriptor *sd,
                               unsigned int set_info );
159
static void pipe_server_destroy( struct object *obj);
160
static int pipe_server_ioctl( struct fd *fd, ioctl_code_t code, struct async *async );
161
static void pipe_server_get_file_info( struct fd *fd, unsigned int info_class );
162 163 164 165 166

static const struct object_ops pipe_server_ops =
{
    sizeof(struct pipe_server),   /* size */
    pipe_server_dump,             /* dump */
167
    no_get_type,                  /* get_type */
168 169
    add_queue,                    /* add_queue */
    remove_queue,                 /* remove_queue */
170 171
    default_fd_signaled,          /* signaled */
    no_satisfied,                 /* satisfied */
172
    no_signal,                    /* signal */
173
    pipe_end_get_fd,              /* get_fd */
174
    default_fd_map_access,        /* map_access */
175 176
    pipe_server_get_sd,           /* get_sd */
    pipe_server_set_sd,           /* set_sd */
177
    no_lookup_name,               /* lookup_name */
178 179
    no_link_name,                 /* link_name */
    NULL,                         /* unlink_name */
180
    no_open_file,                 /* open_file */
181
    fd_close_handle,              /* close_handle */
182 183 184 185 186
    pipe_server_destroy           /* destroy */
};

static const struct fd_ops pipe_server_fd_ops =
{
187
    default_fd_get_poll_events,   /* get_poll_events */
188
    default_poll_event,           /* poll_event */
189
    pipe_end_get_fd_type,         /* get_fd_type */
190
    pipe_end_read,                /* read */
191
    pipe_end_write,               /* write */
192
    pipe_end_flush,               /* flush */
193
    pipe_server_get_file_info,    /* get_file_info */
194
    pipe_end_get_volume_info,     /* get_volume_info */
195
    pipe_server_ioctl,            /* ioctl */
196
    no_fd_queue_async,            /* queue_async */
197
    pipe_end_reselect_async       /* reselect_async */
198
};
199

200 201
/* client end functions */
static void pipe_client_dump( struct object *obj, int verbose );
202 203 204
static struct security_descriptor *pipe_client_get_sd( struct object *obj );
static int pipe_client_set_sd( struct object *obj, const struct security_descriptor *sd,
                               unsigned int set_info );
205
static void pipe_client_destroy( struct object *obj );
206
static int pipe_client_ioctl( struct fd *fd, ioctl_code_t code, struct async *async );
207
static void pipe_client_get_file_info( struct fd *fd, unsigned int info_class );
208

209
static const struct object_ops pipe_client_ops =
210
{
211 212
    sizeof(struct pipe_client),   /* size */
    pipe_client_dump,             /* dump */
213
    no_get_type,                  /* get_type */
214 215
    add_queue,                    /* add_queue */
    remove_queue,                 /* remove_queue */
216
    default_fd_signaled,          /* signaled */
217
    no_satisfied,                 /* satisfied */
218
    no_signal,                    /* signal */
219
    pipe_end_get_fd,              /* get_fd */
220
    default_fd_map_access,        /* map_access */
221 222
    pipe_client_get_sd,           /* get_sd */
    pipe_client_set_sd,           /* set_sd */
223
    no_lookup_name,               /* lookup_name */
224 225
    no_link_name,                 /* link_name */
    NULL,                         /* unlink_name */
226
    no_open_file,                 /* open_file */
227
    fd_close_handle,              /* close_handle */
228
    pipe_client_destroy           /* destroy */
229 230
};

231
static const struct fd_ops pipe_client_fd_ops =
232
{
233
    default_fd_get_poll_events,   /* get_poll_events */
234
    default_poll_event,           /* poll_event */
235
    pipe_end_get_fd_type,         /* get_fd_type */
236
    pipe_end_read,                /* read */
237
    pipe_end_write,               /* write */
238
    pipe_end_flush,               /* flush */
239
    pipe_client_get_file_info,    /* get_file_info */
240
    pipe_end_get_volume_info,     /* get_volume_info */
241
    pipe_client_ioctl,            /* ioctl */
242
    no_fd_queue_async,            /* queue_async */
243
    pipe_end_reselect_async       /* reselect_async */
244 245
};

246
static void named_pipe_device_dump( struct object *obj, int verbose );
247
static struct object_type *named_pipe_device_get_type( struct object *obj );
248
static struct fd *named_pipe_device_get_fd( struct object *obj );
249 250
static struct object *named_pipe_device_lookup_name( struct object *obj,
    struct unicode_str *name, unsigned int attr );
251 252
static struct object *named_pipe_device_open_file( struct object *obj, unsigned int access,
                                                   unsigned int sharing, unsigned int options );
253
static void named_pipe_device_destroy( struct object *obj );
254
static enum server_fd_type named_pipe_device_get_fd_type( struct fd *fd );
255
static int named_pipe_device_ioctl( struct fd *fd, ioctl_code_t code, struct async *async );
256 257 258 259 260

static const struct object_ops named_pipe_device_ops =
{
    sizeof(struct named_pipe_device), /* size */
    named_pipe_device_dump,           /* dump */
261
    named_pipe_device_get_type,       /* get_type */
262 263 264 265 266
    no_add_queue,                     /* add_queue */
    NULL,                             /* remove_queue */
    NULL,                             /* signaled */
    no_satisfied,                     /* satisfied */
    no_signal,                        /* signal */
267
    named_pipe_device_get_fd,         /* get_fd */
268
    no_map_access,                    /* map_access */
269 270
    default_get_sd,                   /* get_sd */
    default_set_sd,                   /* set_sd */
271
    named_pipe_device_lookup_name,    /* lookup_name */
272 273
    directory_link_name,              /* link_name */
    default_unlink_name,              /* unlink_name */
274
    named_pipe_device_open_file,      /* open_file */
275
    fd_close_handle,                  /* close_handle */
276 277 278
    named_pipe_device_destroy         /* destroy */
};

279 280
static const struct fd_ops named_pipe_device_fd_ops =
{
281 282
    default_fd_get_poll_events,       /* get_poll_events */
    default_poll_event,               /* poll_event */
283
    named_pipe_device_get_fd_type,    /* get_fd_type */
284 285 286
    no_fd_read,                       /* read */
    no_fd_write,                      /* write */
    no_fd_flush,                      /* flush */
287
    no_fd_get_file_info,              /* get_file_info */
288
    no_fd_get_volume_info,            /* get_volume_info */
289
    named_pipe_device_ioctl,          /* ioctl */
290
    default_fd_queue_async,           /* queue_async */
291
    default_fd_reselect_async         /* reselect_async */
292 293
};

294 295
static void named_pipe_dump( struct object *obj, int verbose )
{
296
    fputs( "Named pipe\n", stderr );
297 298
}

299 300 301 302 303 304 305 306 307
static unsigned int named_pipe_map_access( struct object *obj, unsigned int access )
{
    if (access & GENERIC_READ)    access |= STANDARD_RIGHTS_READ;
    if (access & GENERIC_WRITE)   access |= STANDARD_RIGHTS_WRITE | FILE_CREATE_PIPE_INSTANCE;
    if (access & GENERIC_EXECUTE) access |= STANDARD_RIGHTS_EXECUTE;
    if (access & GENERIC_ALL)     access |= STANDARD_RIGHTS_ALL;
    return access & ~(GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL);
}

308 309 310 311
static void pipe_server_dump( struct object *obj, int verbose )
{
    struct pipe_server *server = (struct pipe_server *) obj;
    assert( obj->ops == &pipe_server_ops );
312
    fprintf( stderr, "Named pipe server pipe=%p state=%d\n", server->pipe, server->state );
313 314 315
}

static void pipe_client_dump( struct object *obj, int verbose )
316
{
317
    struct pipe_client *client = (struct pipe_client *) obj;
318 319
    assert( obj->ops == &pipe_client_ops );
    fprintf( stderr, "Named pipe client server=%p\n", client->server );
320 321
}

322 323 324 325 326 327
static void named_pipe_destroy( struct object *obj)
{
    struct named_pipe *pipe = (struct named_pipe *) obj;

    assert( list_empty( &pipe->servers ) );
    assert( !pipe->instances );
328
    free_async_queue( &pipe->waiters );
329 330
}

331
static struct fd *pipe_end_get_fd( struct object *obj )
332
{
333 334
    struct pipe_end *pipe_end = (struct pipe_end *) obj;
    return (struct fd *) grab_object( pipe_end->fd );
335 336
}

337
static void set_server_state( struct pipe_server *server, enum pipe_state state )
338
{
339
    server->state = state;
340

341
    switch(state)
342 343 344
    {
    case ps_connected_server:
    case ps_wait_disconnect:
345
        break;
346 347
    case ps_wait_open:
    case ps_idle_server:
348
        set_no_fd_status( server->pipe_end.fd, STATUS_PIPE_LISTENING );
349 350
        break;
    case ps_wait_connect:
351
        set_no_fd_status( server->pipe_end.fd, STATUS_PIPE_DISCONNECTED );
352 353
        break;
    }
354 355
}

356

357 358 359 360 361 362 363 364 365 366 367 368
static struct pipe_message *queue_message( struct pipe_end *pipe_end, struct iosb *iosb )
{
    struct pipe_message *message;

    if (!(message = mem_alloc( sizeof(*message) ))) return NULL;
    message->iosb = (struct iosb *)grab_object( iosb );
    message->async = NULL;
    message->read_pos = 0;
    list_add_tail( &pipe_end->message_queue, &message->entry );
    return message;
}

369 370 371 372 373
static void wake_message( struct pipe_message *message )
{
    struct async *async = message->async;

    message->async = NULL;
374 375
    if (!async) return;

376 377
    message->iosb->status = STATUS_SUCCESS;
    message->iosb->result = message->iosb->in_size;
378 379
    async_terminate( async, message->iosb->result ? STATUS_ALERTED : STATUS_SUCCESS );
    release_object( async );
380 381
}

382 383 384 385 386 387 388
static void free_message( struct pipe_message *message )
{
    list_remove( &message->entry );
    if (message->iosb) release_object( message->iosb );
    free( message );
}

389 390 391
static void pipe_end_disconnect( struct pipe_end *pipe_end, unsigned int status )
{
    struct pipe_end *connection = pipe_end->connection;
392 393
    struct pipe_message *message, *next;
    struct async *async;
394 395 396

    pipe_end->connection = NULL;

397
    fd_async_wake_up( pipe_end->fd, ASYNC_TYPE_WAIT, status );
398 399
    async_wake_up( &pipe_end->read_q, status );
    LIST_FOR_EACH_ENTRY_SAFE( message, next, &pipe_end->message_queue, struct pipe_message, entry )
400
    {
401 402 403 404 405
        async = message->async;
        if (async || status == STATUS_PIPE_DISCONNECTED) free_message( message );
        if (!async) continue;
        async_terminate( async, status );
        release_object( async );
406
    }
407 408
    if (status == STATUS_PIPE_DISCONNECTED) set_fd_signaled( pipe_end->fd, 0 );

409 410 411 412 413 414 415
    if (connection)
    {
        connection->connection = NULL;
        pipe_end_disconnect( connection, status );
    }
}

416 417 418 419 420 421 422 423 424 425
static void pipe_end_destroy( struct pipe_end *pipe_end )
{
    struct pipe_message *message;

    while (!list_empty( &pipe_end->message_queue ))
    {
        message = LIST_ENTRY( list_head(&pipe_end->message_queue), struct pipe_message, entry );
        assert( !message->async );
        free_message( message );
    }
426

427 428
    free_async_queue( &pipe_end->read_q );
    free_async_queue( &pipe_end->write_q );
429
    if (pipe_end->fd) release_object( pipe_end->fd );
430 431
}

432 433 434 435 436 437
static void pipe_server_destroy( struct object *obj)
{
    struct pipe_server *server = (struct pipe_server *)obj;

    assert( obj->ops == &pipe_server_ops );

438 439
    pipe_end_disconnect( &server->pipe_end, STATUS_PIPE_BROKEN );

440
    pipe_end_destroy( &server->pipe_end );
441
    if (server->client)
442 443 444 445 446 447 448 449
    {
        server->client->server = NULL;
        server->client = NULL;
    }

    assert( server->pipe->instances );
    server->pipe->instances--;

450
    list_remove( &server->entry );
451 452 453 454
    release_object( server->pipe );
}

static void pipe_client_destroy( struct object *obj)
455
{
456 457
    struct pipe_client *client = (struct pipe_client *)obj;
    struct pipe_server *server = client->server;
458

459
    assert( obj->ops == &pipe_client_ops );
460

461 462
    pipe_end_disconnect( &client->pipe_end, STATUS_PIPE_BROKEN );

463
    if (server)
464
    {
465
        switch(server->state)
466 467
        {
        case ps_connected_server:
468 469
            /* Don't destroy the server's fd here as we can't
               do a successful flush without it. */
470
            set_server_state( server, ps_wait_disconnect );
471
            break;
472 473 474 475
        case ps_idle_server:
        case ps_wait_open:
        case ps_wait_disconnect:
        case ps_wait_connect:
476
            assert( 0 );
477
        }
478 479 480
        assert( server->client );
        server->client = NULL;
        client->server = NULL;
481
    }
482 483

    pipe_end_destroy( &client->pipe_end );
484 485
}

486 487
static void named_pipe_device_dump( struct object *obj, int verbose )
{
488
    fputs( "Named pipe device\n", stderr );
489 490
}

491 492 493 494 495 496 497
static struct object_type *named_pipe_device_get_type( struct object *obj )
{
    static const WCHAR name[] = {'D','e','v','i','c','e'};
    static const struct unicode_str str = { name, sizeof(name) };
    return get_object_type( &str );
}

498 499 500
static struct fd *named_pipe_device_get_fd( struct object *obj )
{
    struct named_pipe_device *device = (struct named_pipe_device *)obj;
501
    return (struct fd *)grab_object( device->fd );
502 503
}

504 505 506 507 508 509 510 511 512
static struct object *named_pipe_device_lookup_name( struct object *obj, struct unicode_str *name,
                                                     unsigned int attr )
{
    struct named_pipe_device *device = (struct named_pipe_device*)obj;
    struct object *found;

    assert( obj->ops == &named_pipe_device_ops );
    assert( device->pipes );

513 514
    if (!name) return NULL;  /* open the device itself */

515 516 517 518 519 520
    if ((found = find_object( device->pipes, name, attr | OBJ_CASE_INSENSITIVE )))
        name->len = 0;

    return found;
}

521 522 523 524 525 526
static struct object *named_pipe_device_open_file( struct object *obj, unsigned int access,
                                                   unsigned int sharing, unsigned int options )
{
    return grab_object( obj );
}

527 528 529 530
static void named_pipe_device_destroy( struct object *obj )
{
    struct named_pipe_device *device = (struct named_pipe_device*)obj;
    assert( obj->ops == &named_pipe_device_ops );
531
    if (device->fd) release_object( device->fd );
532
    free( device->pipes );
533 534
}

535
static enum server_fd_type named_pipe_device_get_fd_type( struct fd *fd )
536
{
537
    return FD_TYPE_DEVICE;
538 539
}

540
struct object *create_named_pipe_device( struct object *root, const struct unicode_str *name )
541 542 543
{
    struct named_pipe_device *dev;

544
    if ((dev = create_named_object( root, &named_pipe_device_ops, name, 0, NULL )) &&
545 546
        get_error() != STATUS_OBJECT_NAME_EXISTS)
    {
547
        dev->pipes = NULL;
548
        if (!(dev->fd = alloc_pseudo_fd( &named_pipe_device_fd_ops, &dev->obj, 0 )) ||
549
            !(dev->pipes = create_namespace( 7 )))
550 551 552 553 554
        {
            release_object( dev );
            dev = NULL;
        }
    }
555
    return &dev->obj;
556 557
}

558
static int pipe_end_flush( struct fd *fd, struct async *async )
559
{
560
    struct pipe_end *pipe_end = get_fd_user( fd );
561

562
    if (pipe_end->connection && !list_empty( &pipe_end->connection->message_queue ))
563
    {
564 565
        fd_queue_async( pipe_end->fd, async, ASYNC_TYPE_WAIT );
        set_error( STATUS_PENDING );
566
    }
567
    return 1;
568 569
}

570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605
static void pipe_end_get_file_info( struct fd *fd, struct named_pipe *pipe, unsigned int info_class )
{
    switch (info_class)
    {
    case FileNameInformation:
        {
            FILE_NAME_INFORMATION *name_info;
            data_size_t name_len, reply_size;
            const WCHAR *name;

            if (get_reply_max_size() < sizeof(*name_info))
            {
                set_error( STATUS_INFO_LENGTH_MISMATCH );
                return;
            }

            name = get_object_name( &pipe->obj, &name_len );
            reply_size = offsetof( FILE_NAME_INFORMATION, FileName[name_len/sizeof(WCHAR) + 1] );
            if (reply_size > get_reply_max_size())
            {
                reply_size = get_reply_max_size();
                set_error( STATUS_BUFFER_OVERFLOW );
            }

            if (!(name_info = set_reply_data_size( reply_size ))) return;
            name_info->FileNameLength = name_len + sizeof(WCHAR);
            name_info->FileName[0] = '\\';
            reply_size -= offsetof( FILE_NAME_INFORMATION, FileName[1] );
            if (reply_size) memcpy( &name_info->FileName[1], name, reply_size );
            break;
        }
    default:
        no_fd_get_file_info( fd, info_class );
    }
}

606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635
static struct security_descriptor *pipe_server_get_sd( struct object *obj )
{
    struct pipe_server *server = (struct pipe_server *) obj;
    return default_get_sd( &server->pipe->obj );
}

static struct security_descriptor *pipe_client_get_sd( struct object *obj )
{
    struct pipe_client *client = (struct pipe_client *) obj;
    if (client->server) return default_get_sd( &client->server->pipe->obj );
    set_error( STATUS_PIPE_DISCONNECTED );
    return NULL;
}

static int pipe_server_set_sd( struct object *obj, const struct security_descriptor *sd,
                               unsigned int set_info )
{
    struct pipe_server *server = (struct pipe_server *) obj;
    return default_set_sd( &server->pipe->obj, sd, set_info );
}

static int pipe_client_set_sd( struct object *obj, const struct security_descriptor *sd,
                               unsigned int set_info )
{
    struct pipe_client *client = (struct pipe_client *) obj;
    if (client->server) return default_set_sd( &client->server->pipe->obj, sd, set_info );
    set_error( STATUS_PIPE_DISCONNECTED );
    return 0;
}

636 637 638 639 640 641 642 643 644 645 646 647 648
static void pipe_server_get_file_info( struct fd *fd, unsigned int info_class )
{
    struct pipe_server *server = get_fd_user( fd );
    pipe_end_get_file_info( fd, server->pipe, info_class );
}

static void pipe_client_get_file_info( struct fd *fd, unsigned int info_class )
{
    struct pipe_client *client = get_fd_user( fd );
    if (client->server) pipe_end_get_file_info( fd, client->server->pipe, info_class );
    else set_error( STATUS_PIPE_DISCONNECTED );
}

649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670
static void pipe_end_get_volume_info( struct fd *fd, unsigned int info_class )
{
    switch (info_class)
    {
    case FileFsDeviceInformation:
        {
            static const FILE_FS_DEVICE_INFORMATION device_info =
            {
                FILE_DEVICE_NAMED_PIPE,
                FILE_DEVICE_ALLOW_APPCONTAINER_TRAVERSAL
            };
            if (get_reply_max_size() >= sizeof(device_info))
                set_reply_data( &device_info, sizeof(device_info) );
            else
                set_error( STATUS_BUFFER_TOO_SMALL );
            break;
        }
    default:
        set_error( STATUS_NOT_IMPLEMENTED );
    }
}

671 672 673 674
static void message_queue_read( struct pipe_end *pipe_end, struct iosb *iosb )
{
    struct pipe_message *message;

675
    if (pipe_end->flags & NAMED_PIPE_MESSAGE_STREAM_READ)
676
    {
677 678 679 680 681 682 683 684 685 686 687 688 689 690 691
        message = LIST_ENTRY( list_head(&pipe_end->message_queue), struct pipe_message, entry );
        iosb->out_size = min( iosb->out_size, message->iosb->in_size - message->read_pos );
        iosb->status = message->read_pos + iosb->out_size < message->iosb->in_size
            ? STATUS_BUFFER_OVERFLOW : STATUS_SUCCESS;
    }
    else
    {
        data_size_t avail = 0;
        LIST_FOR_EACH_ENTRY( message, &pipe_end->message_queue, struct pipe_message, entry )
        {
            avail += message->iosb->in_size - message->read_pos;
            if (avail >= iosb->out_size) break;
        }
        iosb->out_size = min( iosb->out_size, avail );
        iosb->status = STATUS_SUCCESS;
692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730
    }

    message = LIST_ENTRY( list_head(&pipe_end->message_queue), struct pipe_message, entry );
    if (!message->read_pos && message->iosb->in_size == iosb->out_size) /* fast path */
    {
        iosb->out_data = message->iosb->in_data;
        message->iosb->in_data = NULL;
        wake_message( message );
        free_message( message );
    }
    else
    {
        data_size_t write_pos = 0, writing;
        char *buf = NULL;

        if (iosb->out_size && !(buf = iosb->out_data = malloc( iosb->out_size )))
        {
            iosb->out_size = 0;
            iosb->status = STATUS_NO_MEMORY;
            return;
        }

        do
        {
            message = LIST_ENTRY( list_head(&pipe_end->message_queue), struct pipe_message, entry );
            writing = min( iosb->out_size - write_pos, message->iosb->in_size - message->read_pos );
            if (writing) memcpy( buf + write_pos, (const char *)message->iosb->in_data + message->read_pos, writing );
            write_pos += writing;
            message->read_pos += writing;
            if (message->read_pos == message->iosb->in_size)
            {
                wake_message(message);
                free_message(message);
            }
        } while (write_pos < iosb->out_size);
    }
    iosb->result = iosb->out_size;
}

731 732 733 734
/* We call async_terminate in our reselect implementation, which causes recursive reselect.
 * We're not interested in such reselect calls, so we ignore them. */
static int ignore_reselect;

735 736 737 738 739 740 741 742 743
static void reselect_write_queue( struct pipe_end *pipe_end );

static void reselect_read_queue( struct pipe_end *pipe_end )
{
    struct async *async;
    struct iosb *iosb;
    int read_done = 0;

    ignore_reselect = 1;
744
    while (!list_empty( &pipe_end->message_queue ) && (async = find_pending_async( &pipe_end->read_q )))
745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763
    {
        iosb = async_get_iosb( async );
        message_queue_read( pipe_end, iosb );
        async_terminate( async, iosb->result ? STATUS_ALERTED : iosb->status );
        release_object( async );
        release_object( iosb );
        read_done = 1;
    }
    ignore_reselect = 0;

    if (pipe_end->connection)
    {
        if (list_empty( &pipe_end->message_queue ))
            fd_async_wake_up( pipe_end->connection->fd, ASYNC_TYPE_WAIT, STATUS_SUCCESS );
        else if (read_done)
            reselect_write_queue( pipe_end->connection );
    }
}

764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784
static void reselect_write_queue( struct pipe_end *pipe_end )
{
    struct pipe_message *message, *next;
    struct pipe_end *reader = pipe_end->connection;
    data_size_t avail = 0;

    if (!reader) return;

    ignore_reselect = 1;

    LIST_FOR_EACH_ENTRY_SAFE( message, next, &reader->message_queue, struct pipe_message, entry )
    {
        if (message->async && message->iosb->status != STATUS_PENDING)
        {
            release_object( message->async );
            message->async = NULL;
            free_message( message );
        }
        else
        {
            avail += message->iosb->in_size - message->read_pos;
785
            if (message->async && (avail <= reader->buffer_size || !message->iosb->in_size))
786 787 788 789 790
                wake_message( message );
        }
    }

    ignore_reselect = 0;
791 792 793
    reselect_read_queue( reader );
}

794
static int pipe_end_read( struct fd *fd, struct async *async, file_pos_t pos )
795 796 797 798 799 800 801 802 803
{
    struct pipe_end *pipe_end = get_fd_user( fd );

    if (!pipe_end->connection && list_empty( &pipe_end->message_queue ))
    {
        set_error( STATUS_PIPE_BROKEN );
        return 0;
    }

804
    queue_async( &pipe_end->read_q, async );
805 806
    reselect_read_queue( pipe_end );
    set_error( STATUS_PENDING );
807
    return 1;
808 809
}

810
static int pipe_end_write( struct fd *fd, struct async *async, file_pos_t pos )
811
{
812
    struct pipe_end *pipe_end = get_fd_user( fd );
813
    struct pipe_message *message;
814
    struct iosb *iosb;
815

816
    if (!pipe_end->connection)
817 818 819 820 821
    {
        set_error( STATUS_PIPE_DISCONNECTED );
        return 0;
    }

822
    if (!(pipe_end->flags & NAMED_PIPE_MESSAGE_STREAM_WRITE) && !get_req_data_size()) return 1;
823

824 825 826 827
    iosb = async_get_iosb( async );
    message = queue_message( pipe_end->connection, iosb );
    release_object( iosb );
    if (!message) return 0;
828

829 830 831
    message->async = (struct async *)grab_object( async );
    queue_async( &pipe_end->write_q, async );
    reselect_write_queue( pipe_end );
832
    set_error( STATUS_PENDING );
833
    return 1;
834 835
}

836 837 838 839 840 841
static void pipe_end_reselect_async( struct fd *fd, struct async_queue *queue )
{
    struct pipe_end *pipe_end = get_fd_user( fd );

    if (ignore_reselect) return;

842
    if (&pipe_end->write_q == queue)
843
        reselect_write_queue( pipe_end );
844
    else if (&pipe_end->read_q == queue)
845
        reselect_read_queue( pipe_end );
846 847
}

848
static enum server_fd_type pipe_end_get_fd_type( struct fd *fd )
849
{
850
    return FD_TYPE_PIPE;
851 852
}

853
static int pipe_end_peek( struct pipe_end *pipe_end )
854 855 856 857 858
{
    unsigned reply_size = get_reply_max_size();
    FILE_PIPE_PEEK_BUFFER *buffer;
    struct pipe_message *message;
    data_size_t avail = 0;
859
    data_size_t message_length = 0;
860 861 862 863

    if (reply_size < offsetof( FILE_PIPE_PEEK_BUFFER, Data ))
    {
        set_error( STATUS_INFO_LENGTH_MISMATCH );
864
        return 0;
865 866 867
    }
    reply_size -= offsetof( FILE_PIPE_PEEK_BUFFER, Data );

868 869 870 871 872 873
    if (!pipe_end->connection && list_empty( &pipe_end->message_queue ))
    {
        set_error( STATUS_PIPE_BROKEN );
        return 0;
    }

874 875
    LIST_FOR_EACH_ENTRY( message, &pipe_end->message_queue, struct pipe_message, entry )
        avail += message->iosb->in_size - message->read_pos;
876
    reply_size = min( reply_size, avail );
877

878
    if (avail && (pipe_end->flags & NAMED_PIPE_MESSAGE_STREAM_WRITE))
879 880
    {
        message = LIST_ENTRY( list_head(&pipe_end->message_queue), struct pipe_message, entry );
881 882
        message_length = message->iosb->in_size - message->read_pos;
        reply_size = min( reply_size, message_length );
883 884
    }

885
    if (!(buffer = set_reply_data_size( offsetof( FILE_PIPE_PEEK_BUFFER, Data[reply_size] )))) return 0;
886 887 888
    buffer->NamedPipeState    = 0;  /* FIXME */
    buffer->ReadDataAvailable = avail;
    buffer->NumberOfMessages  = 0;  /* FIXME */
889
    buffer->MessageLength     = message_length;
890 891 892 893 894 895 896 897 898 899 900 901 902

    if (reply_size)
    {
        data_size_t write_pos = 0, writing;
        LIST_FOR_EACH_ENTRY( message, &pipe_end->message_queue, struct pipe_message, entry )
        {
            writing = min( reply_size - write_pos, message->iosb->in_size - message->read_pos );
            memcpy( buffer->Data + write_pos, (const char *)message->iosb->in_data + message->read_pos,
                    writing );
            write_pos += writing;
            if (write_pos == reply_size) break;
        }
    }
903
    return 1;
904 905
}

906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945
static int pipe_end_transceive( struct pipe_end *pipe_end, struct async *async )
{
    struct pipe_message *message;
    struct iosb *iosb;

    if ((pipe_end->flags & (NAMED_PIPE_MESSAGE_STREAM_WRITE | NAMED_PIPE_MESSAGE_STREAM_READ))
        != (NAMED_PIPE_MESSAGE_STREAM_WRITE | NAMED_PIPE_MESSAGE_STREAM_READ))
    {
        set_error( STATUS_INVALID_READ_MODE );
        return 0;
    }

    if (!pipe_end->connection)
    {
        set_error( STATUS_PIPE_BROKEN );
        return 0;
    }

    /* not allowed if we already have read data buffered */
    if (!list_empty( &pipe_end->message_queue ))
    {
        set_error( STATUS_PIPE_BUSY );
        return 0;
    }

    iosb = async_get_iosb( async );
    /* ignore output buffer copy transferred because of METHOD_NEITHER */
    iosb->in_size -= iosb->out_size;
    /* transaction never blocks on write, so just queue a message without async */
    message = queue_message( pipe_end->connection, iosb );
    release_object( iosb );
    if (!message) return 0;
    reselect_read_queue( pipe_end->connection );

    queue_async( &pipe_end->read_q, async );
    reselect_read_queue( pipe_end );
    set_error( STATUS_PENDING );
    return 1;
}

946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977
static int pipe_end_get_connection_attribute( struct pipe_end *pipe_end )
{
    const char *attr = get_req_data();
    data_size_t value_size, attr_size = get_req_data_size();
    void *value;

    if (attr_size == sizeof("ClientProcessId") && !memcmp( attr, "ClientProcessId", attr_size ))
    {
        value = &pipe_end->client_pid;
        value_size = sizeof(pipe_end->client_pid);
    }
    else if (attr_size == sizeof("ServerProcessId") && !memcmp( attr, "ServerProcessId", attr_size ))
    {
        value = &pipe_end->server_pid;
        value_size = sizeof(pipe_end->server_pid);
    }
    else
    {
        set_error( STATUS_ILLEGAL_FUNCTION );
        return 0;
    }

    if (get_reply_max_size() < value_size)
    {
        set_error( STATUS_INFO_LENGTH_MISMATCH );
        return 0;
    }

    set_reply_data( value, value_size );
    return 1;
}

978 979 980 981
static int pipe_end_ioctl( struct pipe_end *pipe_end, ioctl_code_t code, struct async *async )
{
    switch(code)
    {
982 983 984
    case FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE:
        return pipe_end_get_connection_attribute( pipe_end );

985 986 987 988 989 990 991 992 993 994 995
    case FSCTL_PIPE_PEEK:
        return pipe_end_peek( pipe_end );

    case FSCTL_PIPE_TRANSCEIVE:
        return pipe_end_transceive( pipe_end, async );

    default:
        return default_fd_ioctl( pipe_end->fd, code, async );
    }
}

996
static int pipe_server_ioctl( struct fd *fd, ioctl_code_t code, struct async *async )
997 998 999 1000 1001
{
    struct pipe_server *server = get_fd_user( fd );

    switch(code)
    {
1002 1003 1004 1005 1006
    case FSCTL_PIPE_LISTEN:
        switch(server->state)
        {
        case ps_idle_server:
        case ps_wait_connect:
1007
            fd_queue_async( server->pipe_end.fd, async, ASYNC_TYPE_WAIT );
1008 1009 1010 1011
            set_server_state( server, ps_wait_open );
            async_wake_up( &server->pipe->waiters, STATUS_SUCCESS );
            set_error( STATUS_PENDING );
            return 1;
1012 1013 1014 1015 1016 1017 1018 1019 1020 1021
        case ps_connected_server:
            set_error( STATUS_PIPE_CONNECTED );
            break;
        case ps_wait_disconnect:
            set_error( STATUS_NO_DATA_DETECTED );
            break;
        case ps_wait_open:
            set_error( STATUS_INVALID_HANDLE );
            break;
        }
1022
        return 0;
1023

1024 1025 1026 1027 1028 1029
    case FSCTL_PIPE_DISCONNECT:
        switch(server->state)
        {
        case ps_connected_server:
            assert( server->client );

1030
            /* dump the client and server fds - client loses all waiting data */
1031
            pipe_end_disconnect( &server->pipe_end, STATUS_PIPE_DISCONNECTED );
1032 1033 1034
            server->client->server = NULL;
            server->client = NULL;
            set_server_state( server, ps_wait_connect );
1035 1036 1037
            break;
        case ps_wait_disconnect:
            assert( !server->client );
1038
            pipe_end_disconnect( &server->pipe_end, STATUS_PIPE_DISCONNECTED );
1039
            set_server_state( server, ps_wait_connect );
1040 1041 1042
            break;
        case ps_idle_server:
        case ps_wait_open:
1043
            set_error( STATUS_PIPE_LISTENING );
1044
            return 0;
1045
        case ps_wait_connect:
1046
            set_error( STATUS_PIPE_DISCONNECTED );
1047
            return 0;
1048
        }
1049
        return 1;
1050

1051
    default:
1052
        return pipe_end_ioctl( &server->pipe_end, code, async );
1053 1054 1055
    }
}

1056
static int pipe_client_ioctl( struct fd *fd, ioctl_code_t code, struct async *async )
1057 1058 1059 1060 1061
{
    struct pipe_client *client = get_fd_user( fd );

    switch(code)
    {
1062 1063 1064 1065
    case FSCTL_PIPE_LISTEN:
        set_error( STATUS_ILLEGAL_FUNCTION );
        return 0;

1066
    default:
1067
        return pipe_end_ioctl( &client->pipe_end, code, async );
1068 1069 1070
    }
}

1071 1072
static struct pipe_server *get_pipe_server_obj( struct process *process,
                                obj_handle_t handle, unsigned int access )
1073
{
1074 1075 1076
    struct object *obj;
    obj = get_handle_obj( process, handle, access, &pipe_server_ops );
    return (struct pipe_server *) obj;
1077 1078
}

1079
static void init_pipe_end( struct pipe_end *pipe_end, unsigned int pipe_flags, data_size_t buffer_size )
1080 1081 1082
{
    pipe_end->fd = NULL;
    pipe_end->flags = pipe_flags;
1083
    pipe_end->connection = NULL;
1084
    pipe_end->buffer_size = buffer_size;
1085 1086
    init_async_queue( &pipe_end->read_q );
    init_async_queue( &pipe_end->write_q );
1087
    list_init( &pipe_end->message_queue );
1088 1089
}

1090 1091
static struct pipe_server *create_pipe_server( struct named_pipe *pipe, unsigned int options,
                                               unsigned int pipe_flags )
1092
{
1093
    struct pipe_server *server;
1094

1095
    server = alloc_object( &pipe_server_ops );
1096
    if (!server)
1097 1098
        return NULL;

1099 1100
    server->pipe = pipe;
    server->client = NULL;
1101
    server->options = options;
1102
    init_pipe_end( &server->pipe_end, pipe_flags, pipe->insize );
1103
    server->pipe_end.server_pid = get_process_id( current->process );
1104

1105
    list_add_head( &pipe->servers, &server->entry );
1106
    grab_object( pipe );
1107
    if (!(server->pipe_end.fd = alloc_pseudo_fd( &pipe_server_fd_ops, &server->pipe_end.obj, options )))
1108 1109
    {
        release_object( server );
1110
        return NULL;
1111
    }
1112
    set_fd_signaled( server->pipe_end.fd, 1 );
1113
    set_server_state( server, ps_idle_server );
1114
    return server;
1115 1116
}

1117 1118
static struct pipe_client *create_pipe_client( unsigned int flags, unsigned int pipe_flags,
                                               data_size_t buffer_size, unsigned int options )
1119
{
1120
    struct pipe_client *client;
1121

1122
    client = alloc_object( &pipe_client_ops );
1123
    if (!client)
1124 1125
        return NULL;

1126
    client->server = NULL;
1127
    client->flags = flags;
1128
    init_pipe_end( &client->pipe_end, pipe_flags, buffer_size );
1129
    client->pipe_end.client_pid = get_process_id( current->process );
1130

1131 1132 1133 1134 1135 1136 1137 1138 1139
    client->pipe_end.fd = alloc_pseudo_fd( &pipe_client_fd_ops, &client->pipe_end.obj, options );
    if (!client->pipe_end.fd)
    {
        release_object( client );
        return NULL;
    }
    allow_fd_caching( client->pipe_end.fd );
    set_fd_signaled( client->pipe_end.fd, 1 );

1140 1141 1142
    return client;
}

1143
static struct pipe_server *find_available_server( struct named_pipe *pipe )
1144
{
1145
    struct pipe_server *server;
1146

1147
    /* look for pipe servers that are listening */
1148 1149
    LIST_FOR_EACH_ENTRY( server, &pipe->servers, struct pipe_server, entry )
    {
1150
        if (server->state == ps_wait_open)
1151 1152
            return (struct pipe_server *)grab_object( server );
    }
1153 1154 1155 1156 1157 1158 1159 1160

    /* fall back to pipe servers that are idle */
    LIST_FOR_EACH_ENTRY( server, &pipe->servers, struct pipe_server, entry )
    {
        if (server->state == ps_idle_server)
            return (struct pipe_server *)grab_object( server );
    }

1161
    return NULL;
1162 1163
}

1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177
static int named_pipe_link_name( struct object *obj, struct object_name *name, struct object *parent )
{
    struct named_pipe_device *dev = (struct named_pipe_device *)parent;

    if (parent->ops != &named_pipe_device_ops)
    {
        set_error( STATUS_OBJECT_NAME_INVALID );
        return 0;
    }
    namespace_add( dev->pipes, name );
    name->parent = grab_object( parent );
    return 1;
}

1178 1179 1180 1181 1182 1183
static struct object *named_pipe_open_file( struct object *obj, unsigned int access,
                                            unsigned int sharing, unsigned int options )
{
    struct named_pipe *pipe = (struct named_pipe *)obj;
    struct pipe_server *server;
    struct pipe_client *client;
1184
    unsigned int pipe_sharing;
1185

1186
    if (!(server = find_available_server( pipe )))
1187 1188 1189 1190 1191
    {
        set_error( STATUS_PIPE_NOT_AVAILABLE );
        return NULL;
    }

1192 1193 1194 1195 1196 1197 1198 1199 1200
    pipe_sharing = server->pipe->sharing;
    if (((access & GENERIC_READ) && !(pipe_sharing & FILE_SHARE_READ)) ||
        ((access & GENERIC_WRITE) && !(pipe_sharing & FILE_SHARE_WRITE)))
    {
        set_error( STATUS_ACCESS_DENIED );
        release_object( server );
        return NULL;
    }

1201
    if ((client = create_pipe_client( options, pipe->flags, pipe->outsize, options )))
1202
    {
1203
        set_no_fd_status( server->pipe_end.fd, STATUS_BAD_DEVICE_TYPE );
1204 1205
        allow_fd_caching( server->pipe_end.fd );
        if (server->state == ps_wait_open)
1206
            fd_async_wake_up( server->pipe_end.fd, ASYNC_TYPE_WAIT, STATUS_SUCCESS );
1207 1208 1209 1210 1211
        set_server_state( server, ps_connected_server );
        server->client = client;
        client->server = server;
        server->pipe_end.connection = &client->pipe_end;
        client->pipe_end.connection = &server->pipe_end;
1212 1213
        server->pipe_end.client_pid = client->pipe_end.client_pid;
        client->pipe_end.server_pid = server->pipe_end.server_pid;
1214 1215
    }
    release_object( server );
1216
    return &client->pipe_end.obj;
1217 1218
}

1219
static int named_pipe_device_ioctl( struct fd *fd, ioctl_code_t code, struct async *async )
1220 1221 1222 1223 1224 1225 1226
{
    struct named_pipe_device *device = get_fd_user( fd );

    switch(code)
    {
    case FSCTL_PIPE_WAIT:
        {
1227 1228
            const FILE_PIPE_WAIT_FOR_BUFFER *buffer = get_req_data();
            data_size_t size = get_req_data_size();
1229 1230 1231
            struct named_pipe *pipe;
            struct pipe_server *server;
            struct unicode_str name;
1232
            timeout_t when;
1233 1234 1235 1236 1237

            if (size < sizeof(*buffer) ||
                size < FIELD_OFFSET(FILE_PIPE_WAIT_FOR_BUFFER, Name[buffer->NameLength/sizeof(WCHAR)]))
            {
                set_error( STATUS_INVALID_PARAMETER );
1238
                return 0;
1239 1240 1241
            }
            name.str = buffer->Name;
            name.len = (buffer->NameLength / sizeof(WCHAR)) * sizeof(WCHAR);
1242 1243
            if (!(pipe = open_named_object( &device->obj, &named_pipe_ops, &name, 0 ))) return 0;

1244 1245
            if (!(server = find_available_server( pipe )))
            {
1246
                queue_async( &pipe->waiters, async );
1247 1248
                when = buffer->TimeoutSpecified ? buffer->Timeout.QuadPart : pipe->timeout;
                async_set_timeout( async, when, STATUS_IO_TIMEOUT );
1249
                release_object( pipe );
1250
                set_error( STATUS_PENDING );
1251
                return 1;
1252 1253
            }

1254
            release_object( server );
1255
            release_object( pipe );
1256
            return 0;
1257 1258 1259
        }

    default:
1260
        return default_fd_ioctl( fd, code, async );
1261 1262 1263 1264
    }
}


1265 1266 1267
DECL_HANDLER(create_named_pipe)
{
    struct named_pipe *pipe;
1268
    struct pipe_server *server;
1269
    struct unicode_str name;
1270
    struct object *root;
1271
    const struct security_descriptor *sd;
1272
    const struct object_attributes *objattr = get_req_object_attributes( &sd, &name, &root );
1273 1274

    if (!objattr) return;
1275

1276 1277
    if (!req->sharing || (req->sharing & ~(FILE_SHARE_READ | FILE_SHARE_WRITE)) ||
        (!(req->flags & NAMED_PIPE_MESSAGE_STREAM_WRITE) && (req->flags & NAMED_PIPE_MESSAGE_STREAM_READ)))
1278
    {
1279
        if (root) release_object( root );
1280 1281 1282 1283
        set_error( STATUS_INVALID_PARAMETER );
        return;
    }

1284 1285 1286 1287 1288 1289 1290
    if (!name.len)  /* pipes need a root directory even without a name */
    {
        if (!objattr->rootdir)
        {
            set_error( STATUS_OBJECT_PATH_SYNTAX_BAD );
            return;
        }
1291
        if (!(root = get_directory_obj( current->process, objattr->rootdir ))) return;
1292
    }
1293

1294
    pipe = create_named_object( root, &named_pipe_ops, &name, objattr->attributes | OBJ_OPENIF, NULL );
1295 1296 1297

    if (root) release_object( root );
    if (!pipe) return;
1298

1299
    if (get_error() != STATUS_OBJECT_NAME_EXISTS)
1300
    {
1301 1302
        /* initialize it if it didn't already exist */
        pipe->instances = 0;
1303
        init_async_queue( &pipe->waiters );
1304
        list_init( &pipe->servers );
1305 1306 1307 1308
        pipe->insize = req->insize;
        pipe->outsize = req->outsize;
        pipe->maxinstances = req->maxinstances;
        pipe->timeout = req->timeout;
1309
        pipe->flags = req->flags & NAMED_PIPE_MESSAGE_STREAM_WRITE;
1310
        pipe->sharing = req->sharing;
1311 1312 1313 1314
        if (sd) default_set_sd( &pipe->obj, sd, OWNER_SECURITY_INFORMATION |
                                                GROUP_SECURITY_INFORMATION |
                                                DACL_SECURITY_INFORMATION |
                                                SACL_SECURITY_INFORMATION );
1315
    }
1316 1317
    else
    {
1318
        if (pipe->maxinstances <= pipe->instances)
1319
        {
1320
            set_error( STATUS_INSTANCE_NOT_AVAILABLE );
1321 1322 1323
            release_object( pipe );
            return;
        }
1324
        if (pipe->sharing != req->sharing)
1325 1326 1327 1328 1329
        {
            set_error( STATUS_ACCESS_DENIED );
            release_object( pipe );
            return;
        }
1330
        clear_error(); /* clear the name collision */
1331
    }
1332

1333
    server = create_pipe_server( pipe, req->options, req->flags );
1334
    if (server)
1335
    {
1336
        reply->handle = alloc_handle( current->process, server, req->access, objattr->attributes );
1337 1338
        server->pipe->instances++;
        release_object( server );
1339 1340 1341 1342 1343
    }

    release_object( pipe );
}

1344 1345
DECL_HANDLER(get_named_pipe_info)
{
1346
    struct pipe_server *server;
1347
    struct pipe_client *client = NULL;
1348

1349
    server = get_pipe_server_obj( current->process, req->handle, FILE_READ_ATTRIBUTES );
1350
    if (!server)
1351
    {
1352 1353 1354
        if (get_error() != STATUS_OBJECT_TYPE_MISMATCH)
            return;

1355 1356
        clear_error();
        client = (struct pipe_client *)get_handle_obj( current->process, req->handle,
1357
                                                       0, &pipe_client_ops );
1358 1359 1360
        if (!client) return;
        server = client->server;
    }
1361

1362
    reply->flags = client ? client->pipe_end.flags : server->pipe_end.flags;
1363 1364 1365 1366 1367 1368 1369 1370
    if (server)
    {
        reply->sharing      = server->pipe->sharing;
        reply->maxinstances = server->pipe->maxinstances;
        reply->instances    = server->pipe->instances;
        reply->insize       = server->pipe->insize;
        reply->outsize      = server->pipe->outsize;
    }
1371

1372 1373 1374 1375 1376 1377 1378
    if (client)
        release_object(client);
    else
    {
        reply->flags |= NAMED_PIPE_SERVER_END;
        release_object(server);
    }
1379
}
1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395

DECL_HANDLER(set_named_pipe_info)
{
    struct pipe_server *server;
    struct pipe_client *client = NULL;

    server = get_pipe_server_obj( current->process, req->handle, FILE_WRITE_ATTRIBUTES );
    if (!server)
    {
        if (get_error() != STATUS_OBJECT_TYPE_MISMATCH)
            return;

        clear_error();
        client = (struct pipe_client *)get_handle_obj( current->process, req->handle,
                                                       0, &pipe_client_ops );
        if (!client) return;
1396 1397 1398 1399 1400
        if (!(server = client->server))
        {
            release_object( client );
            return;
        }
1401 1402 1403 1404 1405 1406 1407 1408 1409
    }

    if ((req->flags & ~(NAMED_PIPE_MESSAGE_STREAM_READ | NAMED_PIPE_NONBLOCKING_MODE)) ||
            ((req->flags & NAMED_PIPE_MESSAGE_STREAM_READ) && !(server->pipe->flags & NAMED_PIPE_MESSAGE_STREAM_WRITE)))
    {
        set_error( STATUS_INVALID_PARAMETER );
    }
    else if (client)
    {
1410
        client->pipe_end.flags = server->pipe->flags | req->flags;
1411 1412 1413
    }
    else
    {
1414
        server->pipe_end.flags = server->pipe->flags | req->flags;
1415 1416 1417 1418 1419 1420 1421
    }

    if (client)
        release_object(client);
    else
        release_object(server);
}