NTSTATUS DriverEntry()

in Silhouette/Silhouette.cpp [35:86]

• 39 lines of code
• 6 McCabe index (conditional complexity)

NTSTATUS DriverEntry(
	_In_ PDRIVER_OBJECT  DriverObject,
	_In_ PUNICODE_STRING RegistryPath
)
{
	NTSTATUS ntStatus = 0;

	UNREFERENCED_PARAMETER(RegistryPath);

	gpDriverObject = DriverObject;

	ntStatus = OpenLSA(&ghLsass);
	if (!NT_SUCCESS(ntStatus))
	{
		goto Cleanup;
	}

	// Start monitor thread
	KeInitializeEvent(&gWorkerThreadShutdown, NotificationEvent, FALSE);
	KeInitializeEvent(&gWorkerThreadSignal, SynchronizationEvent, FALSE);
	ntStatus = PsCreateSystemThread(&ghWorkerThread, THREAD_ALL_ACCESS, NULL, NULL, NULL, WorkingSetThread, NULL);
	if (!NT_SUCCESS(ntStatus))
	{
		goto Cleanup;
	}

	// Do an initial shrink
	ntStatus = EmptyWorkingSet(FALSE);
	if (!NT_SUCCESS(ntStatus))
	{
		goto Cleanup;
	}

	// Register minifilter
	ntStatus = RegisterFilter(DriverObject);
	if (!NT_SUCCESS(ntStatus))
	{
		goto Cleanup;
	}

	// Setting this makes it trivial to unload this driver, but easier for development
	DriverObject->DriverUnload = DriverUnload;

	DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "Silhouette: Loaded\n");

Cleanup:
	if (!NT_SUCCESS(ntStatus))
	{
		DriverUnload(DriverObject);
	}
	return ntStatus;
}