Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/*
|
2006-07-18 15:13:55 +00:00
|
|
|
* PROJECT: ReactOS Kernel
|
|
|
|
|
* LICENSE: GPL - See COPYING in the top level directory
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
* FILE: ntoskrnl/ps/security.c
|
2006-07-18 15:13:55 +00:00
|
|
|
* PURPOSE: Process Manager: Process/Thread Security
|
|
|
|
|
* PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
|
|
|
|
|
* Eric Kohl
|
|
|
|
|
* Thomas Weidenmueller (w3seek@reactos.org)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* INCLUDES ******************************************************************/
|
|
|
|
|
|
|
|
|
|
#include <ntoskrnl.h>
|
|
|
|
|
#define NDEBUG
|
2008-08-30 16:31:06 +00:00
|
|
|
#include <debug.h>
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-09-16 20:37:49 +00:00
|
|
|
PTOKEN PspBootAccessToken;
|
|
|
|
|
|
|
|
|
|
VOID
|
|
|
|
|
NTAPI
|
|
|
|
|
SeAssignPrimaryToken(
|
|
|
|
|
IN PEPROCESS Process,
|
|
|
|
|
IN PTOKEN Token
|
|
|
|
|
);
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* PRIVATE FUNCTIONS *********************************************************/
|
2005-05-06 22:54:40 +00:00
|
|
|
|
2006-07-09 18:54:13 +00:00
|
|
|
VOID
|
|
|
|
|
NTAPI
|
|
|
|
|
PspDeleteProcessSecurity(IN PEPROCESS Process)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
2006-07-09 18:54:13 +00:00
|
|
|
/* Check if we have a token */
|
|
|
|
|
if (Process->Token.Object)
|
|
|
|
|
{
|
|
|
|
|
/* Deassign it */
|
|
|
|
|
SeDeassignPrimaryToken(Process);
|
|
|
|
|
Process->Token.Object = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
VOID
|
|
|
|
|
NTAPI
|
|
|
|
|
PspDeleteThreadSecurity(IN PETHREAD Thread)
|
|
|
|
|
{
|
2007-01-18 09:44:49 +00:00
|
|
|
PPS_IMPERSONATION_INFORMATION ImpersonationInfo = Thread->ImpersonationInfo;
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
2006-07-09 18:54:13 +00:00
|
|
|
/* Check if we have active impersonation info */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Dereference its token */
|
2007-01-18 09:44:49 +00:00
|
|
|
ObDereferenceObject(ImpersonationInfo->Token);
|
2006-07-09 18:54:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check if we have impersonation info */
|
2007-01-18 09:44:49 +00:00
|
|
|
if (ImpersonationInfo)
|
2006-07-09 18:54:13 +00:00
|
|
|
{
|
|
|
|
|
/* Free it */
|
2007-01-18 09:44:49 +00:00
|
|
|
ExFreePool(ImpersonationInfo);
|
2006-07-23 21:38:31 +00:00
|
|
|
PspClearCrossThreadFlag(Thread, CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-09 18:54:13 +00:00
|
|
|
Thread->ImpersonationInfo = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
PspInitializeProcessSecurity(IN PEPROCESS Process,
|
|
|
|
|
IN PEPROCESS Parent OPTIONAL)
|
|
|
|
|
{
|
|
|
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
|
|
|
PTOKEN NewToken, ParentToken;
|
2006-07-23 07:13:19 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
|
|
|
|
/* If we have a parent, then duplicate the Token */
|
|
|
|
|
if (Parent)
|
|
|
|
|
{
|
|
|
|
|
/* Get the Parent Token */
|
|
|
|
|
ParentToken = PsReferencePrimaryToken(Parent);
|
|
|
|
|
|
|
|
|
|
/* Duplicate it */
|
2006-07-22 22:57:42 +00:00
|
|
|
Status = SeSubProcessToken(ParentToken,
|
|
|
|
|
&NewToken,
|
|
|
|
|
TRUE,
|
2012-08-01 07:54:37 +00:00
|
|
|
MmGetSessionId(Process));
|
2006-07-18 15:13:55 +00:00
|
|
|
|
|
|
|
|
/* Dereference the Parent */
|
|
|
|
|
ObFastDereferenceObject(&Parent->Token, ParentToken);
|
|
|
|
|
|
|
|
|
|
/* Set the new Token */
|
2007-01-18 09:44:49 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* Initailize the fast reference */
|
|
|
|
|
ObInitializeFastReference(&Process->Token, NewToken);
|
|
|
|
|
}
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* No parent, assign the Boot Token */
|
|
|
|
|
ObInitializeFastReference(&Process->Token, NULL);
|
|
|
|
|
SeAssignPrimaryToken(Process, PspBootAccessToken);
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return to caller */
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-23 05:43:28 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
PspWriteTebImpersonationInfo(IN PETHREAD Thread,
|
|
|
|
|
IN PETHREAD CurrentThread)
|
|
|
|
|
{
|
|
|
|
|
PEPROCESS Process;
|
|
|
|
|
PTEB Teb;
|
|
|
|
|
BOOLEAN Attached = FALSE;
|
|
|
|
|
BOOLEAN IsImpersonating;
|
|
|
|
|
KAPC_STATE ApcState;
|
|
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread);
|
2006-07-23 05:43:28 +00:00
|
|
|
|
|
|
|
|
/* Sanity check */
|
|
|
|
|
ASSERT(CurrentThread == PsGetCurrentThread());
|
|
|
|
|
|
|
|
|
|
/* Get process and TEB */
|
|
|
|
|
Process = Thread->ThreadsProcess;
|
|
|
|
|
Teb = Thread->Tcb.Teb;
|
|
|
|
|
if (Teb)
|
|
|
|
|
{
|
|
|
|
|
/* Check if we're not in the right process */
|
|
|
|
|
if (Thread->Tcb.ApcState.Process != &Process->Pcb)
|
|
|
|
|
{
|
|
|
|
|
/* Attach to the process */
|
|
|
|
|
KeStackAttachProcess(&Process->Pcb, &ApcState);
|
|
|
|
|
Attached = TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Check if we're in a different thread or acquire rundown */
|
|
|
|
|
if ((Thread == CurrentThread) ||
|
|
|
|
|
(ExAcquireRundownProtection(&Thread->RundownProtect)))
|
2006-07-23 05:43:28 +00:00
|
|
|
{
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Check if the thread is impersonating */
|
|
|
|
|
IsImpersonating = (BOOLEAN)Thread->ActiveImpersonationInfo;
|
|
|
|
|
if (IsImpersonating)
|
|
|
|
|
{
|
|
|
|
|
/* Set TEB data */
|
|
|
|
|
Teb->ImpersonationLocale = -1;
|
|
|
|
|
Teb->IsImpersonating = 1;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Set TEB data */
|
|
|
|
|
Teb->ImpersonationLocale = 0;
|
|
|
|
|
Teb->IsImpersonating = 0;
|
|
|
|
|
}
|
2006-07-23 05:43:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check if we're in a different thread */
|
|
|
|
|
if (Thread != CurrentThread)
|
|
|
|
|
{
|
|
|
|
|
/* Release protection */
|
|
|
|
|
ExReleaseRundownProtection(&Thread->RundownProtect);
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Detach */
|
2006-07-23 05:43:28 +00:00
|
|
|
if (Attached) KeUnstackDetachProcess(&ApcState);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return to caller */
|
|
|
|
|
return STATUS_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
PspAssignPrimaryToken(IN PEPROCESS Process,
|
2007-01-18 09:44:49 +00:00
|
|
|
IN HANDLE Token,
|
|
|
|
|
IN PACCESS_TOKEN AccessToken OPTIONAL)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2007-01-18 09:44:49 +00:00
|
|
|
PACCESS_TOKEN NewToken = AccessToken, OldToken;
|
2006-07-18 15:13:55 +00:00
|
|
|
NTSTATUS Status;
|
2006-07-22 16:03:12 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p Token: %p\n", Process, Token);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Check if we don't have a pointer */
|
|
|
|
|
if (!AccessToken)
|
|
|
|
|
{
|
|
|
|
|
/* Reference it from the handle */
|
|
|
|
|
Status = ObReferenceObjectByHandle(Token,
|
|
|
|
|
TOKEN_ASSIGN_PRIMARY,
|
2012-04-21 06:35:45 +00:00
|
|
|
SeTokenObjectType,
|
2007-01-18 09:44:49 +00:00
|
|
|
ExGetPreviousMode(),
|
|
|
|
|
&NewToken,
|
|
|
|
|
NULL);
|
|
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
|
|
|
|
}
|
2006-07-18 15:13:55 +00:00
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Exchange tokens */
|
|
|
|
|
Status = SeExchangePrimaryToken(Process, NewToken, &OldToken);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Acquire and release the lock */
|
|
|
|
|
PspLockProcessSecurityExclusive(Process);
|
2006-07-22 16:03:12 +00:00
|
|
|
PspUnlockProcessSecurityExclusive(Process);
|
|
|
|
|
|
|
|
|
|
/* Dereference Tokens and Return */
|
|
|
|
|
if (NT_SUCCESS(Status)) ObDereferenceObject(OldToken);
|
2010-03-10 04:12:25 +00:00
|
|
|
if (!AccessToken) ObDereferenceObject(NewToken);
|
2006-07-18 15:13:55 +00:00
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-22 16:03:12 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
PspSetPrimaryToken(IN PEPROCESS Process,
|
|
|
|
|
IN HANDLE TokenHandle OPTIONAL,
|
2007-01-18 09:44:49 +00:00
|
|
|
IN PACCESS_TOKEN Token OPTIONAL)
|
2006-07-22 16:03:12 +00:00
|
|
|
{
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
2018-09-25 23:33:02 +00:00
|
|
|
BOOLEAN IsChildOrSibling;
|
2007-01-18 09:44:49 +00:00
|
|
|
PACCESS_TOKEN NewToken = Token;
|
2006-07-23 05:43:28 +00:00
|
|
|
NTSTATUS Status, AccessStatus;
|
|
|
|
|
BOOLEAN Result, SdAllocated;
|
[NTOSKRNL]
Coverity code defects fixes :
- Cache: CID 701441
- Config: CIDs 716570, 716669, 716760
- Dbgk: Kdbg: CIDs 716571, 515128/9, 500432
- Ex: CIDs 500156/7, 515122, 716200/67, 701301, 514669
- Fsrtl: Fstub: CIDs 701341/2, 701288, 716770, 701302, and CIDs 716576/7/8 + 514636 + 716805 thanks to Thomas Faber
- Io: CIDs 514576, 514643, 514672/3, 716203, 716269, 716581, 716591, 716713
- Ke: CIDs 515125, 716592
- Ps: CIDs 716603/4, 701422
- Ob: Po: CIDs 514671/680, 701419/420/421, 716763, 716601/2
All the details are given in the different bug reports.
CORE-6677 CORE-6679 CORE-6680 CORE-6683 CORE-6686 CORE-6692 CORE-6693 CORE-6694 CORE-6695 CORE-6696 #comment Committed in rev.57400 #resolve #close
svn path=/trunk/; revision=57400
2012-09-27 17:16:31 +00:00
|
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor = NULL;
|
2006-07-23 05:43:28 +00:00
|
|
|
SECURITY_SUBJECT_CONTEXT SubjectContext;
|
2018-09-25 23:33:02 +00:00
|
|
|
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p Token: %p\n", Process, Token);
|
2006-07-22 16:03:12 +00:00
|
|
|
|
2018-09-25 23:33:02 +00:00
|
|
|
/* Reference the token by handle if we don't already have a token object */
|
|
|
|
|
if (!Token)
|
2006-07-22 16:03:12 +00:00
|
|
|
{
|
|
|
|
|
Status = ObReferenceObjectByHandle(TokenHandle,
|
|
|
|
|
TOKEN_ASSIGN_PRIMARY,
|
2012-04-21 06:35:45 +00:00
|
|
|
SeTokenObjectType,
|
2006-07-22 16:03:12 +00:00
|
|
|
PreviousMode,
|
2007-01-18 09:44:49 +00:00
|
|
|
(PVOID*)&NewToken,
|
2006-07-22 16:03:12 +00:00
|
|
|
NULL);
|
|
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-25 23:33:02 +00:00
|
|
|
/*
|
|
|
|
|
* Check whether this token is a child or sibling of the current process token.
|
|
|
|
|
* NOTE: On Windows Vista+ both of these checks (together with extra steps)
|
|
|
|
|
* are now performed by a new SeIsTokenAssignableToProcess() helper.
|
|
|
|
|
*/
|
|
|
|
|
Status = SeIsTokenChild(NewToken, &IsChildOrSibling);
|
2006-07-22 16:03:12 +00:00
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* Failed, dereference */
|
2018-09-25 23:33:02 +00:00
|
|
|
if (!Token) ObDereferenceObject(NewToken);
|
2006-07-22 16:03:12 +00:00
|
|
|
return Status;
|
|
|
|
|
}
|
2018-09-25 23:33:02 +00:00
|
|
|
if (!IsChildOrSibling)
|
|
|
|
|
{
|
|
|
|
|
Status = SeIsTokenSibling(NewToken, &IsChildOrSibling);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* Failed, dereference */
|
|
|
|
|
if (!Token) ObDereferenceObject(NewToken);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-07-22 16:03:12 +00:00
|
|
|
|
|
|
|
|
/* Check if this was an independent token */
|
2018-09-25 23:33:02 +00:00
|
|
|
if (!IsChildOrSibling)
|
2006-07-22 16:03:12 +00:00
|
|
|
{
|
|
|
|
|
/* Make sure we have the privilege to assign a new one */
|
|
|
|
|
if (!SeSinglePrivilegeCheck(SeAssignPrimaryTokenPrivilege,
|
|
|
|
|
PreviousMode))
|
|
|
|
|
{
|
|
|
|
|
/* Failed, dereference */
|
2018-09-25 23:33:02 +00:00
|
|
|
if (!Token) ObDereferenceObject(NewToken);
|
2006-07-22 16:03:12 +00:00
|
|
|
return STATUS_PRIVILEGE_NOT_HELD;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Assign the token */
|
2007-01-18 09:44:49 +00:00
|
|
|
Status = PspAssignPrimaryToken(Process, NULL, NewToken);
|
2006-07-22 16:03:12 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/*
|
2006-07-23 05:43:28 +00:00
|
|
|
* We need to completely reverify if the process still has access to
|
|
|
|
|
* itself under this new token.
|
2006-07-22 16:03:12 +00:00
|
|
|
*/
|
2006-07-23 05:43:28 +00:00
|
|
|
Status = ObGetObjectSecurity(Process,
|
|
|
|
|
&SecurityDescriptor,
|
|
|
|
|
&SdAllocated);
|
|
|
|
|
if (NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* Setup the security context */
|
|
|
|
|
SubjectContext.ProcessAuditId = Process;
|
|
|
|
|
SubjectContext.PrimaryToken = PsReferencePrimaryToken(Process);
|
|
|
|
|
SubjectContext.ClientToken = NULL;
|
|
|
|
|
|
|
|
|
|
/* Do the access check */
|
|
|
|
|
Result = SeAccessCheck(SecurityDescriptor,
|
|
|
|
|
&SubjectContext,
|
|
|
|
|
FALSE,
|
|
|
|
|
MAXIMUM_ALLOWED,
|
|
|
|
|
0,
|
|
|
|
|
NULL,
|
|
|
|
|
&PsProcessType->TypeInfo.GenericMapping,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
&Process->GrantedAccess,
|
|
|
|
|
&AccessStatus);
|
|
|
|
|
|
|
|
|
|
/* Dereference the token and let go the SD */
|
|
|
|
|
ObFastDereferenceObject(&Process->Token,
|
|
|
|
|
SubjectContext.PrimaryToken);
|
|
|
|
|
ObReleaseObjectSecurity(SecurityDescriptor, SdAllocated);
|
|
|
|
|
|
|
|
|
|
/* Remove access if it failed */
|
|
|
|
|
if (!Result) Process->GrantedAccess = 0;
|
2007-01-18 09:44:49 +00:00
|
|
|
|
|
|
|
|
/* Setup granted access */
|
|
|
|
|
Process->GrantedAccess |= (PROCESS_VM_OPERATION |
|
|
|
|
|
PROCESS_VM_READ |
|
|
|
|
|
PROCESS_VM_WRITE |
|
|
|
|
|
PROCESS_QUERY_INFORMATION |
|
|
|
|
|
PROCESS_TERMINATE |
|
|
|
|
|
PROCESS_CREATE_THREAD |
|
|
|
|
|
PROCESS_DUP_HANDLE |
|
|
|
|
|
PROCESS_CREATE_PROCESS |
|
|
|
|
|
PROCESS_SET_INFORMATION |
|
|
|
|
|
STANDARD_RIGHTS_ALL |
|
|
|
|
|
PROCESS_SET_QUOTA);
|
2006-07-23 05:43:28 +00:00
|
|
|
}
|
2019-06-02 07:50:05 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* In case LUID device maps are enable, we may not be using
|
|
|
|
|
* system device map for this process, but a logon LUID based
|
|
|
|
|
* device map. Because we change primary token, this usage is
|
|
|
|
|
* no longer valid, so dereference the process device map
|
|
|
|
|
*/
|
|
|
|
|
if (ObIsLUIDDeviceMapsEnabled()) ObDereferenceDeviceMap(Process);
|
2006-07-22 16:03:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Dereference the token */
|
2018-09-25 23:33:02 +00:00
|
|
|
if (!Token) ObDereferenceObject(NewToken);
|
2006-07-22 16:03:12 +00:00
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/* FUNCTIONS *****************************************************************/
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-05-09 01:38:29 +00:00
|
|
|
NTSTATUS
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
NtOpenProcessToken(IN HANDLE ProcessHandle,
|
|
|
|
|
IN ACCESS_MASK DesiredAccess,
|
|
|
|
|
OUT PHANDLE TokenHandle)
|
|
|
|
|
{
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Call the newer API */
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
return NtOpenProcessTokenEx(ProcessHandle,
|
|
|
|
|
DesiredAccess,
|
|
|
|
|
0,
|
|
|
|
|
TokenHandle);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
NTSTATUS
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
NtOpenProcessTokenEx(IN HANDLE ProcessHandle,
|
|
|
|
|
IN ACCESS_MASK DesiredAccess,
|
|
|
|
|
IN ULONG HandleAttributes,
|
|
|
|
|
OUT PHANDLE TokenHandle)
|
|
|
|
|
{
|
2006-07-18 15:13:55 +00:00
|
|
|
PACCESS_TOKEN Token;
|
|
|
|
|
HANDLE hToken;
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
2009-08-26 17:31:02 +00:00
|
|
|
NTSTATUS Status;
|
2006-07-18 15:13:55 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG,
|
|
|
|
|
"Process: %p DesiredAccess: %lx\n", ProcessHandle, DesiredAccess);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
|
|
|
|
/* Check if caller was user-mode */
|
|
|
|
|
if (PreviousMode != KernelMode)
|
|
|
|
|
{
|
|
|
|
|
/* Enter SEH for probing */
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_TRY
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Probe the token handle */
|
|
|
|
|
ProbeForWriteHandle(TokenHandle);
|
|
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2009-08-26 17:31:02 +00:00
|
|
|
/* Return the exception code */
|
|
|
|
|
_SEH2_YIELD(return _SEH2_GetExceptionCode());
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_END;
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
|
2015-09-24 02:40:30 +00:00
|
|
|
/* Validate object attributes */
|
|
|
|
|
HandleAttributes = ObpValidateAttributes(HandleAttributes, PreviousMode);
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Open the process token */
|
|
|
|
|
Status = PsOpenTokenOfProcess(ProcessHandle, &Token);
|
2007-01-18 09:44:49 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Reference it by handle and dereference the pointer */
|
|
|
|
|
Status = ObOpenObjectByPointer(Token,
|
2006-07-22 22:57:42 +00:00
|
|
|
HandleAttributes,
|
2006-07-18 15:13:55 +00:00
|
|
|
NULL,
|
|
|
|
|
DesiredAccess,
|
2012-04-21 06:35:45 +00:00
|
|
|
SeTokenObjectType,
|
2006-07-18 15:13:55 +00:00
|
|
|
PreviousMode,
|
|
|
|
|
&hToken);
|
|
|
|
|
ObDereferenceObject(Token);
|
|
|
|
|
|
|
|
|
|
/* Make sure we got a handle */
|
2007-01-18 09:44:49 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Enter SEH for write */
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_TRY
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Return the handle */
|
|
|
|
|
*TokenHandle = hToken;
|
|
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
2008-11-24 13:40:26 +00:00
|
|
|
Status = _SEH2_GetExceptionCode();
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_END;
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return status */
|
|
|
|
|
return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-05-09 01:38:29 +00:00
|
|
|
PACCESS_TOKEN
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsReferencePrimaryToken(PEPROCESS Process)
|
|
|
|
|
{
|
2005-05-06 22:54:40 +00:00
|
|
|
PACCESS_TOKEN Token;
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2005-05-06 22:54:40 +00:00
|
|
|
/* Fast Reference the Token */
|
|
|
|
|
Token = ObFastReferenceObject(&Process->Token);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2005-05-06 22:54:40 +00:00
|
|
|
/* Check if we got the Token or if we got locked */
|
|
|
|
|
if (!Token)
|
|
|
|
|
{
|
|
|
|
|
/* Lock the Process */
|
|
|
|
|
PspLockProcessSecurityShared(Process);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2005-05-06 22:54:40 +00:00
|
|
|
/* Do a Locked Fast Reference */
|
2006-07-11 19:45:16 +00:00
|
|
|
Token = ObFastReferenceObjectLocked(&Process->Token);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2005-05-06 22:54:40 +00:00
|
|
|
/* Unlock the Process */
|
|
|
|
|
PspUnlockProcessSecurityShared(Process);
|
|
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2005-05-06 22:54:40 +00:00
|
|
|
/* Return the Token */
|
|
|
|
|
return Token;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
NTSTATUS
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
|
|
|
|
PsOpenTokenOfProcess(IN HANDLE ProcessHandle,
|
|
|
|
|
OUT PACCESS_TOKEN* Token)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
|
|
|
|
PEPROCESS Process;
|
|
|
|
|
NTSTATUS Status;
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", ProcessHandle);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/* Get the Token */
|
|
|
|
|
Status = ObReferenceObjectByHandle(ProcessHandle,
|
|
|
|
|
PROCESS_QUERY_INFORMATION,
|
|
|
|
|
PsProcessType,
|
|
|
|
|
ExGetPreviousMode(),
|
|
|
|
|
(PVOID*)&Process,
|
|
|
|
|
NULL);
|
2006-07-22 22:57:42 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Reference the token and dereference the process */
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
*Token = PsReferencePrimaryToken(Process);
|
|
|
|
|
ObDereferenceObject(Process);
|
|
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/* Return */
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-05-09 01:38:29 +00:00
|
|
|
NTSTATUS
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
|
|
|
|
PsAssignImpersonationToken(IN PETHREAD Thread,
|
|
|
|
|
IN HANDLE TokenHandle)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
|
|
|
|
PACCESS_TOKEN Token;
|
|
|
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
|
|
|
|
NTSTATUS Status;
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p Token: %p\n", Thread, TokenHandle);
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Check if we were given a handle */
|
2006-07-22 22:57:42 +00:00
|
|
|
if (!TokenHandle)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Undo impersonation */
|
|
|
|
|
PsRevertThreadToSelf(Thread);
|
|
|
|
|
return STATUS_SUCCESS;
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
2006-07-22 22:57:42 +00:00
|
|
|
|
|
|
|
|
/* Get the token object */
|
|
|
|
|
Status = ObReferenceObjectByHandle(TokenHandle,
|
|
|
|
|
TOKEN_IMPERSONATE,
|
2012-04-21 06:35:45 +00:00
|
|
|
SeTokenObjectType,
|
2006-07-22 22:57:42 +00:00
|
|
|
KeGetPreviousMode(),
|
|
|
|
|
(PVOID*)&Token,
|
|
|
|
|
NULL);
|
|
|
|
|
if (!NT_SUCCESS(Status)) return(Status);
|
|
|
|
|
|
|
|
|
|
/* Make sure it's an impersonation token */
|
|
|
|
|
if (SeTokenType(Token) != TokenImpersonation)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Fail */
|
|
|
|
|
ObDereferenceObject(Token);
|
|
|
|
|
return STATUS_BAD_TOKEN_TYPE;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Get the impersonation level */
|
2006-07-22 22:57:42 +00:00
|
|
|
ImpersonationLevel = SeTokenImpersonationLevel(Token);
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Call the impersonation API */
|
2005-10-29 21:33:57 +00:00
|
|
|
Status = PsImpersonateClient(Thread,
|
|
|
|
|
Token,
|
|
|
|
|
FALSE,
|
|
|
|
|
FALSE,
|
|
|
|
|
ImpersonationLevel);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Dereference the token and return status */
|
2007-01-18 09:44:49 +00:00
|
|
|
ObDereferenceObject(Token);
|
2005-10-29 21:33:57 +00:00
|
|
|
return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2006-07-18 15:13:55 +00:00
|
|
|
VOID
|
|
|
|
|
NTAPI
|
|
|
|
|
PsRevertToSelf(VOID)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Call the per-thread API */
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsRevertThreadToSelf(PsGetCurrentThread());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
VOID
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsRevertThreadToSelf(IN PETHREAD Thread)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PTOKEN Token = NULL;
|
|
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Make sure we had impersonation information */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Lock the thread security */
|
|
|
|
|
PspLockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
|
|
|
|
/* Make sure it's still active */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Disable impersonation */
|
2006-07-23 21:38:31 +00:00
|
|
|
PspClearCrossThreadFlag(Thread, CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
|
|
|
|
/* Get the token */
|
|
|
|
|
Token = Thread->ImpersonationInfo->Token;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Release thread security */
|
|
|
|
|
PspUnlockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Check if we had a token */
|
|
|
|
|
if (Token)
|
|
|
|
|
{
|
|
|
|
|
/* Dereference the impersonation token */
|
|
|
|
|
ObDereferenceObject(Token);
|
2006-07-23 05:43:28 +00:00
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Write impersonation info to the TEB */
|
|
|
|
|
PspWriteTebImpersonationInfo(Thread, PsGetCurrentThread());
|
|
|
|
|
}
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-06-18 18:32:29 +00:00
|
|
|
NTSTATUS
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsImpersonateClient(IN PETHREAD Thread,
|
|
|
|
|
IN PACCESS_TOKEN Token,
|
|
|
|
|
IN BOOLEAN CopyOnOpen,
|
|
|
|
|
IN BOOLEAN EffectiveOnly,
|
|
|
|
|
IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
|
|
|
|
|
{
|
2007-01-18 09:44:49 +00:00
|
|
|
PPS_IMPERSONATION_INFORMATION Impersonation, OldData;
|
2021-04-12 12:42:52 +00:00
|
|
|
PTOKEN OldToken = NULL, ProcessToken = NULL;
|
2023-06-06 15:24:15 +00:00
|
|
|
BOOLEAN CopiedToken = FALSE;
|
2021-04-12 12:42:52 +00:00
|
|
|
PACCESS_TOKEN NewToken, ImpersonationToken;
|
2020-05-11 06:41:38 +00:00
|
|
|
PEJOB Job;
|
2021-04-12 12:42:52 +00:00
|
|
|
NTSTATUS Status;
|
2020-05-11 06:41:38 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p, Token: %p\n", Thread, Token);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Check if we don't have a token */
|
|
|
|
|
if (!Token)
|
|
|
|
|
{
|
|
|
|
|
/* Make sure we're impersonating */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* We seem to be, lock the thread */
|
|
|
|
|
PspLockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
|
|
|
|
/* Make sure we're still impersonating */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Disable impersonation */
|
2006-07-23 21:38:31 +00:00
|
|
|
PspClearCrossThreadFlag(Thread,
|
|
|
|
|
CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Get the token */
|
|
|
|
|
OldToken = Thread->ImpersonationInfo->Token;
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Unlock the process and write TEB information */
|
2006-07-22 22:57:42 +00:00
|
|
|
PspUnlockThreadSecurityExclusive(Thread);
|
2007-01-18 09:44:49 +00:00
|
|
|
PspWriteTebImpersonationInfo(Thread, PsGetCurrentThread());
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Check if we have impersonation info */
|
|
|
|
|
Impersonation = Thread->ImpersonationInfo;
|
|
|
|
|
if (!Impersonation)
|
|
|
|
|
{
|
|
|
|
|
/* We need to allocate a new one */
|
|
|
|
|
Impersonation = ExAllocatePoolWithTag(PagedPool,
|
|
|
|
|
sizeof(*Impersonation),
|
|
|
|
|
TAG_PS_IMPERSONATION);
|
|
|
|
|
if (!Impersonation) return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
|
|
|
|
|
|
/* Update the pointer */
|
2010-01-13 22:35:43 +00:00
|
|
|
OldData = InterlockedCompareExchangePointer((PVOID*)&Thread->
|
2007-01-18 09:44:49 +00:00
|
|
|
ImpersonationInfo,
|
|
|
|
|
Impersonation,
|
|
|
|
|
NULL);
|
|
|
|
|
if (OldData)
|
2006-07-22 22:57:42 +00:00
|
|
|
{
|
|
|
|
|
/* Someone beat us to it, free our copy */
|
[NTOSKRNL]
Coverity code defects fixes :
- Cache: CID 701441
- Config: CIDs 716570, 716669, 716760
- Dbgk: Kdbg: CIDs 716571, 515128/9, 500432
- Ex: CIDs 500156/7, 515122, 716200/67, 701301, 514669
- Fsrtl: Fstub: CIDs 701341/2, 701288, 716770, 701302, and CIDs 716576/7/8 + 514636 + 716805 thanks to Thomas Faber
- Io: CIDs 514576, 514643, 514672/3, 716203, 716269, 716581, 716591, 716713
- Ke: CIDs 515125, 716592
- Ps: CIDs 716603/4, 701422
- Ob: Po: CIDs 514671/680, 701419/420/421, 716763, 716601/2
All the details are given in the different bug reports.
CORE-6677 CORE-6679 CORE-6680 CORE-6683 CORE-6686 CORE-6692 CORE-6693 CORE-6694 CORE-6695 CORE-6696 #comment Committed in rev.57400 #resolve #close
svn path=/trunk/; revision=57400
2012-09-27 17:16:31 +00:00
|
|
|
ExFreePoolWithTag(Impersonation, TAG_PS_IMPERSONATION);
|
2007-01-18 09:44:49 +00:00
|
|
|
Impersonation = OldData;
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-12 12:42:52 +00:00
|
|
|
/*
|
|
|
|
|
* Assign the token we get from the caller first. The reason
|
|
|
|
|
* we have to do that is because we're unsure if we can impersonate
|
|
|
|
|
* in the first place. In the scenario where we cannot then the
|
|
|
|
|
* last resort is to make a copy of the token and assign that newly
|
|
|
|
|
* token to the impersonation information.
|
|
|
|
|
*/
|
|
|
|
|
ImpersonationToken = Token;
|
|
|
|
|
|
|
|
|
|
/* Obtain a token from the process */
|
|
|
|
|
ProcessToken = PsReferencePrimaryToken(Thread->ThreadsProcess);
|
|
|
|
|
if (!ProcessToken)
|
|
|
|
|
{
|
|
|
|
|
/* We can't continue this way without having the process' token... */
|
|
|
|
|
return STATUS_UNSUCCESSFUL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Make sure we can impersonate */
|
|
|
|
|
if (!SeTokenCanImpersonate(ProcessToken,
|
|
|
|
|
Token,
|
|
|
|
|
ImpersonationLevel))
|
|
|
|
|
{
|
|
|
|
|
/* We can't, make a copy of the token instead */
|
|
|
|
|
Status = SeCopyClientToken(Token,
|
|
|
|
|
SecurityIdentification,
|
|
|
|
|
KernelMode,
|
|
|
|
|
&NewToken);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* We can't even make a copy of the token? Then bail out... */
|
|
|
|
|
ObFastDereferenceObject(&Thread->ThreadsProcess->Token, ProcessToken);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-06 15:24:15 +00:00
|
|
|
/*
|
|
|
|
|
* Since we cannot impersonate, assign the newly copied token.
|
|
|
|
|
* SeCopyClientToken already holds a reference to the copied token,
|
|
|
|
|
* let the code path below know that it must not reference it twice.
|
|
|
|
|
*/
|
|
|
|
|
CopiedToken = TRUE;
|
|
|
|
|
ImpersonationLevel = SecurityIdentification;
|
2021-04-12 12:42:52 +00:00
|
|
|
ImpersonationToken = NewToken;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We no longer need the process' token */
|
|
|
|
|
ObFastDereferenceObject(&Thread->ThreadsProcess->Token, ProcessToken);
|
2020-05-11 06:41:38 +00:00
|
|
|
|
|
|
|
|
/* Check if this is a job */
|
|
|
|
|
Job = Thread->ThreadsProcess->Job;
|
|
|
|
|
if (Job != NULL)
|
|
|
|
|
{
|
|
|
|
|
/* No admin allowed in this job */
|
|
|
|
|
if ((Job->SecurityLimitFlags & JOB_OBJECT_SECURITY_NO_ADMIN) &&
|
2021-04-12 12:42:52 +00:00
|
|
|
SeTokenIsAdmin(ImpersonationToken))
|
2020-05-11 06:41:38 +00:00
|
|
|
{
|
2023-06-06 15:24:15 +00:00
|
|
|
if (CopiedToken)
|
|
|
|
|
{
|
|
|
|
|
ObDereferenceObject(ImpersonationToken);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-11 06:41:38 +00:00
|
|
|
return STATUS_ACCESS_DENIED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* No restricted tokens allowed in this job */
|
|
|
|
|
if ((Job->SecurityLimitFlags & JOB_OBJECT_SECURITY_RESTRICTED_TOKEN) &&
|
2021-04-12 12:42:52 +00:00
|
|
|
SeTokenIsRestricted(ImpersonationToken))
|
2020-05-11 06:41:38 +00:00
|
|
|
{
|
2023-06-06 15:24:15 +00:00
|
|
|
if (CopiedToken)
|
|
|
|
|
{
|
|
|
|
|
ObDereferenceObject(ImpersonationToken);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-11 06:41:38 +00:00
|
|
|
return STATUS_ACCESS_DENIED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We don't support job filters yet */
|
|
|
|
|
if (Job->Filter != NULL)
|
|
|
|
|
{
|
|
|
|
|
ASSERT(Job->Filter == NULL);
|
|
|
|
|
}
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Lock thread security */
|
|
|
|
|
PspLockThreadSecurityExclusive(Thread);
|
2005-06-18 18:32:29 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Check if we're impersonating */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Get the token */
|
|
|
|
|
OldToken = Impersonation->Token;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Otherwise, enable impersonation */
|
2006-07-23 21:38:31 +00:00
|
|
|
PspSetCrossThreadFlag(Thread, CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Now fill it out */
|
|
|
|
|
Impersonation->ImpersonationLevel = ImpersonationLevel;
|
|
|
|
|
Impersonation->CopyOnOpen = CopyOnOpen;
|
|
|
|
|
Impersonation->EffectiveOnly = EffectiveOnly;
|
2021-04-12 12:42:52 +00:00
|
|
|
Impersonation->Token = ImpersonationToken;
|
2023-06-06 15:24:15 +00:00
|
|
|
|
|
|
|
|
/* Do not reference the token again if we copied it */
|
|
|
|
|
if (!CopiedToken)
|
|
|
|
|
{
|
|
|
|
|
ObReferenceObject(ImpersonationToken);
|
|
|
|
|
}
|
2006-07-22 22:57:42 +00:00
|
|
|
|
|
|
|
|
/* Unlock the thread */
|
|
|
|
|
PspUnlockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
2007-01-18 09:44:49 +00:00
|
|
|
/* Write impersonation info to the TEB */
|
|
|
|
|
PspWriteTebImpersonationInfo(Thread, PsGetCurrentThread());
|
|
|
|
|
}
|
2006-07-23 05:43:28 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Dereference the token and return success */
|
2007-01-18 09:44:49 +00:00
|
|
|
if (OldToken) PsDereferenceImpersonationToken(OldToken);
|
2005-06-18 18:32:29 +00:00
|
|
|
return STATUS_SUCCESS;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PACCESS_TOKEN
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
|
|
|
|
PsReferenceEffectiveToken(IN PETHREAD Thread,
|
|
|
|
|
OUT IN PTOKEN_TYPE TokenType,
|
|
|
|
|
OUT PBOOLEAN EffectiveOnly,
|
2018-06-25 13:21:33 +00:00
|
|
|
OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
|
|
|
|
PEPROCESS Process;
|
2006-07-22 22:57:42 +00:00
|
|
|
PACCESS_TOKEN Token = NULL;
|
2018-06-25 13:21:33 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2018-06-25 13:21:33 +00:00
|
|
|
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG,
|
|
|
|
|
"Thread: %p, TokenType: %p\n", Thread, TokenType);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Check if we don't have impersonation info */
|
2006-07-22 22:57:42 +00:00
|
|
|
Process = Thread->ThreadsProcess;
|
2014-02-16 08:56:34 +00:00
|
|
|
if (Thread->ActiveImpersonationInfo)
|
2005-05-06 22:54:40 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Lock the Process */
|
|
|
|
|
PspLockProcessSecurityShared(Process);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Make sure impersonation is still active */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Get the token */
|
|
|
|
|
Token = Thread->ImpersonationInfo->Token;
|
|
|
|
|
ObReferenceObject(Token);
|
|
|
|
|
|
|
|
|
|
/* Return data to caller */
|
|
|
|
|
*TokenType = TokenImpersonation;
|
|
|
|
|
*EffectiveOnly = Thread->ImpersonationInfo->EffectiveOnly;
|
2018-06-25 13:21:33 +00:00
|
|
|
*ImpersonationLevel = Thread->ImpersonationInfo->ImpersonationLevel;
|
2007-01-18 09:44:49 +00:00
|
|
|
|
|
|
|
|
/* Unlock the Process */
|
|
|
|
|
PspUnlockProcessSecurityShared(Process);
|
|
|
|
|
return Token;
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Unlock the Process */
|
|
|
|
|
PspUnlockProcessSecurityShared(Process);
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2014-02-16 08:56:34 +00:00
|
|
|
/* Fast Reference the Token */
|
|
|
|
|
Token = ObFastReferenceObject(&Process->Token);
|
|
|
|
|
|
|
|
|
|
/* Check if we got the Token or if we got locked */
|
|
|
|
|
if (!Token)
|
|
|
|
|
{
|
|
|
|
|
/* Lock the Process */
|
|
|
|
|
PspLockProcessSecurityShared(Process);
|
|
|
|
|
|
|
|
|
|
/* Do a Locked Fast Reference */
|
|
|
|
|
Token = ObFastReferenceObjectLocked(&Process->Token);
|
|
|
|
|
|
|
|
|
|
/* Unlock the Process */
|
|
|
|
|
PspUnlockProcessSecurityShared(Process);
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Return the token */
|
2007-01-18 09:44:49 +00:00
|
|
|
*TokenType = TokenPrimary;
|
|
|
|
|
*EffectiveOnly = FALSE;
|
2018-06-25 13:21:33 +00:00
|
|
|
// NOTE: ImpersonationLevel is left untouched on purpose!
|
2005-05-06 22:54:40 +00:00
|
|
|
return Token;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-05-09 01:38:29 +00:00
|
|
|
PACCESS_TOKEN
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsReferenceImpersonationToken(IN PETHREAD Thread,
|
|
|
|
|
OUT PBOOLEAN CopyOnOpen,
|
|
|
|
|
OUT PBOOLEAN EffectiveOnly,
|
|
|
|
|
OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PTOKEN Token = NULL;
|
|
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* If we don't have impersonation info, just quit */
|
|
|
|
|
if (!Thread->ActiveImpersonationInfo) return NULL;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Lock the thread */
|
|
|
|
|
PspLockThreadSecurityShared(Thread);
|
|
|
|
|
|
|
|
|
|
/* Make sure we still have active impersonation */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Return data from caller */
|
|
|
|
|
ObReferenceObject(Thread->ImpersonationInfo->Token);
|
|
|
|
|
*ImpersonationLevel = Thread->ImpersonationInfo->ImpersonationLevel;
|
|
|
|
|
*CopyOnOpen = Thread->ImpersonationInfo->CopyOnOpen;
|
|
|
|
|
*EffectiveOnly = Thread->ImpersonationInfo->EffectiveOnly;
|
|
|
|
|
|
|
|
|
|
/* Set the token */
|
|
|
|
|
Token = Thread->ImpersonationInfo->Token;
|
|
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Unlock thread and return impersonation token */
|
|
|
|
|
PspUnlockThreadSecurityShared(Thread);
|
|
|
|
|
return Token;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#undef PsDereferenceImpersonationToken
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
VOID
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* If we got a token, dereference it */
|
|
|
|
|
if (ImpersonationToken) ObDereferenceObject(ImpersonationToken);
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#undef PsDereferencePrimaryToken
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
VOID
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Dereference the token*/
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
ObDereferenceObject(PrimaryToken);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
|
|
|
|
BOOLEAN
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsDisableImpersonation(IN PETHREAD Thread,
|
2013-09-22 00:26:31 +00:00
|
|
|
OUT PSE_IMPERSONATION_STATE ImpersonationState)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PPS_IMPERSONATION_INFORMATION Impersonation = NULL;
|
2013-09-22 00:26:31 +00:00
|
|
|
LONG OldFlags;
|
2006-07-22 22:57:42 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG,
|
|
|
|
|
"Thread: %p State: %p\n", Thread, ImpersonationState);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
|
|
|
|
/* Check if we don't have impersonation */
|
2006-07-22 22:57:42 +00:00
|
|
|
if (Thread->ActiveImpersonationInfo)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Lock thread security */
|
|
|
|
|
PspLockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
|
|
|
|
/* Disable impersonation */
|
2013-09-22 00:26:31 +00:00
|
|
|
OldFlags = PspClearCrossThreadFlag(Thread,
|
|
|
|
|
CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
2006-08-16 03:17:21 +00:00
|
|
|
/* Make sure nobody disabled it behind our back */
|
2013-09-22 00:26:31 +00:00
|
|
|
if (OldFlags & CT_ACTIVE_IMPERSONATION_INFO_BIT)
|
2006-07-22 22:57:42 +00:00
|
|
|
{
|
|
|
|
|
/* Copy the old state */
|
|
|
|
|
Impersonation = Thread->ImpersonationInfo;
|
|
|
|
|
ImpersonationState->Token = Impersonation->Token;
|
|
|
|
|
ImpersonationState->CopyOnOpen = Impersonation->CopyOnOpen;
|
|
|
|
|
ImpersonationState->EffectiveOnly = Impersonation->EffectiveOnly;
|
|
|
|
|
ImpersonationState->Level = Impersonation->ImpersonationLevel;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Unlock thread security */
|
|
|
|
|
PspUnlockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
|
|
|
|
/* If we had impersonation info, return true */
|
|
|
|
|
if (Impersonation) return TRUE;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
2006-07-22 22:57:42 +00:00
|
|
|
/* Clear everything */
|
|
|
|
|
ImpersonationState->Token = NULL;
|
|
|
|
|
ImpersonationState->CopyOnOpen = FALSE;
|
|
|
|
|
ImpersonationState->EffectiveOnly = FALSE;
|
|
|
|
|
ImpersonationState->Level = SecurityAnonymous;
|
|
|
|
|
return FALSE;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
2005-05-09 01:38:29 +00:00
|
|
|
*/
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
VOID
|
2006-07-18 15:13:55 +00:00
|
|
|
NTAPI
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
PsRestoreImpersonation(IN PETHREAD Thread,
|
|
|
|
|
IN PSE_IMPERSONATION_STATE ImpersonationState)
|
|
|
|
|
{
|
2006-07-22 22:57:42 +00:00
|
|
|
PTOKEN Token = NULL;
|
|
|
|
|
PPS_IMPERSONATION_INFORMATION Impersonation;
|
|
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG,
|
|
|
|
|
"Thread: %p State: %p\n", Thread, ImpersonationState);
|
2006-07-22 22:57:42 +00:00
|
|
|
|
|
|
|
|
/* Lock thread security */
|
|
|
|
|
PspLockThreadSecurityExclusive(Thread);
|
|
|
|
|
|
|
|
|
|
/* Get the impersonation info */
|
|
|
|
|
Impersonation = Thread->ImpersonationInfo;
|
|
|
|
|
|
|
|
|
|
/* Check if we're impersonating */
|
|
|
|
|
if (Thread->ActiveImpersonationInfo)
|
|
|
|
|
{
|
|
|
|
|
/* Get the token */
|
|
|
|
|
Token = Impersonation->Token;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check if we have an impersonation state */
|
|
|
|
|
if (ImpersonationState)
|
|
|
|
|
{
|
|
|
|
|
/* Fill out the impersonation info */
|
|
|
|
|
Impersonation->ImpersonationLevel = ImpersonationState->Level;
|
|
|
|
|
Impersonation->CopyOnOpen = ImpersonationState->CopyOnOpen;
|
|
|
|
|
Impersonation->EffectiveOnly = ImpersonationState->EffectiveOnly;
|
|
|
|
|
Impersonation->Token = ImpersonationState->Token;
|
|
|
|
|
|
|
|
|
|
/* Enable impersonation */
|
2006-07-23 21:38:31 +00:00
|
|
|
PspSetCrossThreadFlag(Thread, CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Disable impersonation */
|
2006-07-23 21:38:31 +00:00
|
|
|
PspClearCrossThreadFlag(Thread, CT_ACTIVE_IMPERSONATION_INFO_BIT);
|
2006-07-22 22:57:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Unlock the thread */
|
|
|
|
|
PspUnlockThreadSecurityExclusive(Thread);
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
/* Dereference the token */
|
2006-07-22 22:57:42 +00:00
|
|
|
if (Token) ObDereferenceObject(Token);
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
2006-07-18 15:13:55 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
NtImpersonateThread(IN HANDLE ThreadHandle,
|
|
|
|
|
IN HANDLE ThreadToImpersonateHandle,
|
|
|
|
|
IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
|
|
|
|
|
{
|
|
|
|
|
SECURITY_QUALITY_OF_SERVICE SafeServiceQoS;
|
|
|
|
|
SECURITY_CLIENT_CONTEXT ClientContext;
|
|
|
|
|
PETHREAD Thread;
|
|
|
|
|
PETHREAD ThreadToImpersonate;
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
2009-08-26 17:31:02 +00:00
|
|
|
NTSTATUS Status;
|
2006-07-18 15:13:55 +00:00
|
|
|
PAGED_CODE();
|
2006-07-23 07:13:19 +00:00
|
|
|
PSTRACE(PS_SECURITY_DEBUG,
|
|
|
|
|
"Threads: %p %p\n", ThreadHandle, ThreadToImpersonateHandle);
|
2006-07-18 15:13:55 +00:00
|
|
|
|
|
|
|
|
/* Check if call came from user mode */
|
|
|
|
|
if (PreviousMode != KernelMode)
|
|
|
|
|
{
|
|
|
|
|
/* Enter SEH for probing */
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_TRY
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Probe QoS */
|
|
|
|
|
ProbeForRead(SecurityQualityOfService,
|
|
|
|
|
sizeof(SECURITY_QUALITY_OF_SERVICE),
|
|
|
|
|
sizeof(ULONG));
|
|
|
|
|
|
|
|
|
|
/* Capture it */
|
|
|
|
|
SafeServiceQoS = *SecurityQualityOfService;
|
|
|
|
|
SecurityQualityOfService = &SafeServiceQoS;
|
|
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
2009-08-26 17:31:02 +00:00
|
|
|
/* Return the exception code */
|
|
|
|
|
_SEH2_YIELD(return _SEH2_GetExceptionCode());
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
2008-11-24 13:40:26 +00:00
|
|
|
_SEH2_END;
|
2006-07-18 15:13:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Reference the thread */
|
|
|
|
|
Status = ObReferenceObjectByHandle(ThreadHandle,
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
THREAD_DIRECT_IMPERSONATION,
|
2006-07-18 15:13:55 +00:00
|
|
|
PsThreadType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&Thread,
|
|
|
|
|
NULL);
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Reference the impersonating thead */
|
|
|
|
|
Status = ObReferenceObjectByHandle(ThreadToImpersonateHandle,
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
THREAD_IMPERSONATE,
|
2006-07-18 15:13:55 +00:00
|
|
|
PsThreadType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&ThreadToImpersonate,
|
|
|
|
|
NULL);
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Create a client security context */
|
|
|
|
|
Status = SeCreateClientSecurity(ThreadToImpersonate,
|
|
|
|
|
SecurityQualityOfService,
|
|
|
|
|
0,
|
|
|
|
|
&ClientContext);
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Do the impersonation */
|
|
|
|
|
SeImpersonateClient(&ClientContext, Thread);
|
[NTOS]: While attempting to ressucitate the user-mode shutdown code in CSRSS (disabled since 2006), it seemed clear that one of the main steps is to obtain the caller's LUID in order to kill the right processes. This LUID is obtained from the current thread's token, and we know it's the callers since we're supposed to impersonate the caller. Unfortunately, impersonation failed, making the whole process fail.
Impersonation failed because NtImpersonateThread was actually inverting the THREAD_IMPERSONATE rights, asking the client thread for the server's permissions, and vice versa. Fixing this resulted in yet another failure.
Analysis of this failure showed that even opening the server (ie: current) thread for THREAD_DIRECT_IMPERSONATION failed, which is unusual since the current thread should have access to all its rights. This is determined in PspCreateThread when the ETHREAD->GrantedAccess field is set.
Continuing onto this path, tracing revealed that GrantedAccess was merely 0x1607F and not 0x1F3FF as expected, meaning that not all rights were given, including the impersonate right (0x200), explaining the failure, but not the deeper reason behind it.
Attempting to identify which code path set this GrantedAccess, the SepAccessCheck routine came to light. A bug there caused MAXIMUM_ALLOWED accesses to fail in certain scenarios, such as when the object had no security descriptor, because MAXIMUM_ALLOWED would be granted as an absolute value, when instead of it is a flag that should grant GENERIC_ALL. Fixing that bug, the failure continued.
Further analysis identified that the Administrators SID was being found with GENERIC_READ + WRITE + EXECUTE access, and no SID was found for GENERIC_ALL access. This happened when searching the system token's default DACL, which is assigned to the kernel (but for kernel-mode callers, this check was skipped), smss, winlogon, etc.
The code for creating this system token was heavily hacked, so the function to create the system token, as well as NtCreateToken were refactored to use a common piece of token-creating code. Furthermode, the system token was correctly created with Local System as the user, and Administrators as one of the groups. Finally, SeDefaultDacl was used (already setup properly) instead of a badly configured Default DACL. The new shared code also correctly sets the SE_GROUP_ENABLED flag on all SE_GROUP_MANDATORY groups, and scans tokens to set the TOKEN_HAS_ADMIN_GROUP and TOKEN_HAS_TRAVERSE_PRIVILEGE flags which were not previously set.
With the correct system token and default DACL, the Local System SID was now found, but the failure continued. This was revealed to be due to an even deeper rooted problem, as the SepIsSidInToken routine checked for SE_GROUP_ENABLED before listing a SID as "present". Although this is correct for actual groups, the User SID will never have the SE_GROUP_ENABLED flag as it is not a group. This caused any granted access ACE belonging to a user (instead of a group) to be ignored, causing either access check failures, or limited rights returned (in the MAXIMUM_ALLOWED case).
Upon fixing this bug, the NtImpersonateThread call finally returned success, since the rights were now correct. Promptly upon calling NtOpenThreadToken to query the LUID however, the system ASSERTED with FALSE.
The code at fault was a line in NtOpenThreadTokenEx which forcefully ASSERTed if the impersonation code path was taken, presumably because this was never tested, and ReactOS would actually always fail impersonation attempts due to the bugs fixed above. This routine was thus quickly reworked to fix some mistakes (such as forgetting to actually impersonate the client, incorrect referencing/dereferencing of thread/tokens, and assumptions about DACL creation success).
Having fixed the NtOpenThreadTokenEx routine, the LUID query now went through for the impersonated token, but soon causing a user-mode crash, due to an incorrect parameter reference in the CsrGetProcessLuid function in the csrsrv code by Alex (which I copy/pasted to reduce code duplication).
Fixing this final bug finally allowed the correct LUID to be queried and I was able to continue development of not-yet-commited user-mode shutdown code.
svn path=/trunk/; revision=46028
2010-03-09 10:35:58 +00:00
|
|
|
if (ClientContext.ClientToken)
|
2006-07-18 15:13:55 +00:00
|
|
|
{
|
|
|
|
|
/* Dereference the client token if we had one */
|
|
|
|
|
ObDereferenceObject(ClientContext.ClientToken);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Dereference the thread to impersonate */
|
|
|
|
|
ObDereferenceObject(ThreadToImpersonate);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Dereference the main thread */
|
|
|
|
|
ObDereferenceObject(Thread);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return status */
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/* EOF */
|