From d98001de17b9988296e56c223b0344d58686912e Mon Sep 17 00:00:00 2001 From: Pierre Schweitzer Date: Mon, 31 Dec 2018 10:21:14 +0100 Subject: [PATCH] [TCPIP] Save the SubProcessTag when an ADDRESS_FILE is created --- drivers/network/tcpip/include/titypes.h | 1 + drivers/network/tcpip/tcpip/fileobjs.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/drivers/network/tcpip/include/titypes.h b/drivers/network/tcpip/include/titypes.h index e63fad28214..3f75976b4ea 100644 --- a/drivers/network/tcpip/include/titypes.h +++ b/drivers/network/tcpip/include/titypes.h @@ -155,6 +155,7 @@ typedef struct _ADDRESS_FILE { IP_ADDRESS AddrCache; /* One entry address cache (destination address of last packet transmitted) */ HANDLE ProcessId; /* Creator process ID */ + PVOID SubProcessTag; /* Creator process tag */ LARGE_INTEGER CreationTime; /* Time of creation */ /* The following members are used to control event notification */ diff --git a/drivers/network/tcpip/tcpip/fileobjs.c b/drivers/network/tcpip/tcpip/fileobjs.c index 30a3939e2b0..400f956034b 100644 --- a/drivers/network/tcpip/tcpip/fileobjs.c +++ b/drivers/network/tcpip/tcpip/fileobjs.c @@ -10,6 +10,10 @@ #include "precomp.h" +/* FIXME: including pstypes.h without ntifs fails */ +#include +#include + /* Uncomment for logging of connections and address files every 10 seconds */ //#define LOG_OBJECTS @@ -425,6 +429,7 @@ NTSTATUS FileOpenAddress( AddrFile->BCast = 1; AddrFile->HeaderIncl = 1; AddrFile->ProcessId = PsGetCurrentProcessId(); + AddrFile->SubProcessTag = ((PTEB)PsGetCurrentThreadTeb())->SubProcessTag; KeQuerySystemTime(&AddrFile->CreationTime); /* Make sure address is a local unicast address or 0 */