/*++

Copyright (c) 1994  Microsoft Corporation

Module Name:

    callback.c

Abstract:

    This module implements user mode call back services.

Author:

    David N. Cutler (davec) 29-Oct-1994

Environment:

    Kernel mode only.

Revision History:

--*/

#include "ki.h"

#ifdef ALLOC_PRAGMA
#pragma alloc_text (PAGE, KeUserModeCallback)
#endif


NTSTATUS
KeUserModeCallback (
    IN ULONG ApiNumber,
    IN PVOID InputBuffer,
    IN ULONG InputLength,
    OUT PVOID *OutputBuffer,
    IN PULONG OutputLength
    )

/*++

Routine Description:

    This function call out from kernel mode to a user mode function.

Arguments:

    ApiNumber - Supplies the API number.

    InputBuffer - Supplies a pointer to a structure that is copied
        to the user stack.

    InputLength - Supplies the length of the input structure.

    Outputbuffer - Supplies a pointer to a variable that receives
        the address of the output buffer.

    Outputlength - Supplies a pointer to a variable that receives
        the length of the output buffer.

Return Value:

    If the callout cannot be executed, then an error status is
    returned. Otherwise, the status returned by the callback function
    is returned.

--*/

{

    ULONG Length;
    ULONG NewStack;
    ULONG OldStack;
    NTSTATUS Status;
    PULONG UserStack;
    PVOID ValueBuffer;
    ULONG ValueLength;
    ULONG GdiBatchCount;
    PEXCEPTION_REGISTRATION_RECORD ExceptionList;
    PTEB Teb;

    ASSERT(KeGetPreviousMode() == UserMode);
    ASSERT(KeGetCurrentThread()->ApcState.KernelApcInProgress == FALSE);

    //
    // Get the user mode stack pointer and attempt to copy input buffer
    // to the user stack.
    //

    UserStack = KiGetUserModeStackAddress();
    OldStack = *UserStack;
    try {

        //
        // Compute new user mode stack address, probe for writability,
        // and copy the input buffer to the user stack.
        //

        Length =  (InputLength + sizeof(CHAR) - 1) & ~(sizeof(CHAR) - 1);
        NewStack = OldStack - Length;
        ProbeForWrite((PCHAR)(NewStack - 16), Length + 16, sizeof(CHAR));
        RtlCopyMemory((PVOID)NewStack, InputBuffer, Length);

        //
        // Push arguments onto user stack.
        //

        *(PULONG)(NewStack - 4) = (ULONG)InputLength;
        *(PULONG)(NewStack - 8) = (ULONG)NewStack;
        *(PULONG)(NewStack - 12) = ApiNumber;
        *(PULONG)(NewStack - 16) = 0;
        NewStack -= 16;

        //
        // Save the exception list in case another handler is defined during
        // the callout.
        //

        Teb = (PTEB)KeGetCurrentThread()->Teb;
        ExceptionList = Teb->NtTib.ExceptionList;

        //
        // Call user mode.
        //

        *UserStack = NewStack;
        Status = KiCallUserMode(OutputBuffer, OutputLength);

        //
        // Restore exception list.
        //

        Teb->NtTib.ExceptionList = ExceptionList;

    //
    // If an exception occurs during the probe of the user stack, then
    // always handle the exception and return the exception code as the
    // status value.
    //

    } except (EXCEPTION_EXECUTE_HANDLER) {
        return GetExceptionCode();
    }

    //
    // When returning from user mode, any drawing done to the GDI TEB
    // batch must be flushed.  If the TEB cannot be accessed then blindly
    // flush the GDI batch anyway.
    //

    GdiBatchCount = 1;

    try {
        GdiBatchCount = Teb->GdiBatchCount;
    } except (EXCEPTION_EXECUTE_HANDLER) {
        NOTHING;
    }

    if (GdiBatchCount > 0) {

        //
        // call GDI batch flush routine
        //

        *UserStack -= 256;
        KeGdiFlushUserBatch();
    }

    *UserStack = OldStack;
    return Status;
}