- Return a default security descriptor when someone wants to retrieve the key security.

- Disable debug messages. svn path=/trunk/; revision=10839
2024-07-31 08:39:05 +00:00 · 2004-09-13 11:46:07 +00:00 · 2004-09-13 11:46:07 +00:00 · 00443884ee
parent f34a907c7a
commit 00443884ee
2 changed files with 158 additions and 21 deletions
--- a/reactos/ntoskrnl/cm/registry.c
+++ b/reactos/ntoskrnl/cm/registry.c
@ -1,4 +1,4 @@
-/* $Id: registry.c,v 1.125 2004/08/15 16:39:00 chorns Exp $
+/* $Id: registry.c,v 1.126 2004/09/13 11:46:07 ekohl Exp $
 *
 * COPYRIGHT:       See COPYING in the top level directory
 * PROJECT:         ReactOS kernel
@ -245,6 +245,9 @@ CmInitializeRegistry(VOID)
  OBJECT_ATTRIBUTES ObjectAttributes;
  UNICODE_STRING KeyName;
  PKEY_OBJECT RootKey;
+#if 0
+  PSECURITY_CELL RootSecurityCell;
+#endif
  HANDLE RootKeyHandle;
  HANDLE KeyHandle;
  NTSTATUS Status;
@ -313,6 +316,18 @@ CmInitializeRegistry(VOID)
  Status = RtlCreateUnicodeString(&RootKey->Name, L"Registry");
  assert(NT_SUCCESS(Status));

+#if 0
+  Status = CmiAllocateCell(CmiVolatileHive,
+			   0x10, //LONG CellSize,
+			   (PVOID *)&RootSecurityCell,
+			   &RootKey->KeyCell->SecurityKeyOffset);
+  assert(NT_SUCCESS(Status));
+
+  /* Copy the security descriptor */
+
+  CmiVolatileHive->RootSecurityCell = RootSecurityCell;
+#endif
+
  KeInitializeSpinLock(&CmiKeyListLock);

  /* Create '\Registry\Machine' key. */
@ -355,7 +370,7 @@ VOID INIT_FUNCTION
 CmInit2(PCHAR CommandLine)
 {
  ULONG PiceStart = 4;
-  BOOL MiniNT = FALSE;
+  BOOLEAN MiniNT = FALSE;
  PWCHAR SystemBootDevice;
  PWCHAR SystemStartOptions;
  ULONG Position;
@ -370,9 +385,13 @@ CmInit2(PCHAR CommandLine)
   * Parse the system boot device.
   */
  Position = 0;
-  SystemBootDevice = ExAllocatePool(PagedPool, (strlen(CommandLine) + 1) * sizeof(WCHAR));
+  SystemBootDevice = ExAllocatePool(PagedPool,
+				    (strlen(CommandLine) + 1) * sizeof(WCHAR));
  if (SystemBootDevice == NULL)
+  {
    KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }
+
  while (*CommandLine != 0 && *CommandLine != ' ')
    SystemBootDevice[Position++] = *(CommandLine++);
  SystemBootDevice[Position++] = 0;
@ -380,15 +399,16 @@ CmInit2(PCHAR CommandLine)
  /*
   * Write the system boot device to registry.
   */
-  Status = RtlWriteRegistryValue(
-    RTL_REGISTRY_ABSOLUTE,
-    L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
-    L"SystemBootDevice",
-    REG_SZ,
-    SystemBootDevice,
-    Position * sizeof(WCHAR));
+  Status = RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,
+				 L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
+				 L"SystemBootDevice",
+				 REG_SZ,
+				 SystemBootDevice,
+				 Position * sizeof(WCHAR));
  if (!NT_SUCCESS(Status))
+  {
    KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }

  /*
   * Parse the system start options.
@ -419,15 +439,16 @@ CmInit2(PCHAR CommandLine)
  /*
   * Write the system start options to registry.
   */
-  Status = RtlWriteRegistryValue(
-    RTL_REGISTRY_ABSOLUTE,
-    L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
-    L"SystemStartOptions",
-    REG_SZ,
-    SystemStartOptions,
-    Position * sizeof(WCHAR));
+  Status = RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,
+				 L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
+				 L"SystemStartOptions",
+				 REG_SZ,
+				 SystemStartOptions,
+				 Position * sizeof(WCHAR));
  if (!NT_SUCCESS(Status))
+  {
    KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }

  /*
   * Create a CurrentControlSet\Control\MiniNT key that is used
@ -1032,7 +1053,7 @@ CmShutdownRegistry(VOID)
  PREGISTRY_HIVE Hive;
  PLIST_ENTRY Entry;

-  DPRINT1("CmShutdownRegistry() called\n");
+  DPRINT("CmShutdownRegistry() called\n");

  /* Stop automatic hive synchronization */
  CmiHiveSyncEnabled = FALSE;
@ -1073,7 +1094,7 @@ CmShutdownRegistry(VOID)
  ExReleaseResourceLite(&CmiHiveListLock);
  KeLeaveCriticalRegion();

-  DPRINT1("CmShutdownRegistry() done\n");
+  DPRINT("CmShutdownRegistry() done\n");
 }


--- a/reactos/ntoskrnl/cm/regobj.c
+++ b/reactos/ntoskrnl/cm/regobj.c
@ -312,6 +312,118 @@ CmiObjectDelete(PVOID DeletedObject)
 }


+static NTSTATUS
+CmiQuerySecurityDescriptor(PKEY_OBJECT KeyObject,
+			   SECURITY_INFORMATION SecurityInformation,
+			   PSECURITY_DESCRIPTOR SecurityDescriptor,
+			   PULONG BufferLength)
+{
+  ULONG_PTR Current;
+  ULONG SidSize;
+  ULONG SdSize;
+  NTSTATUS Status;
+
+  DPRINT("CmiQuerySecurityDescriptor() called\n");
+
+  /*
+   * FIXME:
+   * This is a big hack!!
+   * We need to retrieve the security descriptor from the keys security cell!
+   */
+
+  if (SecurityInformation == 0)
+    {
+      return STATUS_ACCESS_DENIED;
+    }
+
+  SidSize = RtlLengthSid(SeWorldSid);
+  SdSize = sizeof(SECURITY_DESCRIPTOR) + (2 * SidSize);
+
+  if (*BufferLength < SdSize)
+    {
+      *BufferLength = SdSize;
+      return STATUS_BUFFER_TOO_SMALL;
+    }
+
+  *BufferLength = SdSize;
+
+  Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
+				       SECURITY_DESCRIPTOR_REVISION);
+  if (!NT_SUCCESS(Status))
+    {
+      return Status;
+    }
+
+  SecurityDescriptor->Control |= SE_SELF_RELATIVE;
+  Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
+
+  if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+    {
+      RtlCopyMemory((PVOID)Current,
+		    SeWorldSid,
+		    SidSize);
+      SecurityDescriptor->Owner = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
+      Current += SidSize;
+    }
+
+  if (SecurityInformation & GROUP_SECURITY_INFORMATION)
+    {
+      RtlCopyMemory((PVOID)Current,
+		    SeWorldSid,
+		    SidSize);
+      SecurityDescriptor->Group = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
+      Current += SidSize;
+    }
+
+  if (SecurityInformation & DACL_SECURITY_INFORMATION)
+    {
+      SecurityDescriptor->Control |= SE_DACL_PRESENT;
+    }
+
+  if (SecurityInformation & SACL_SECURITY_INFORMATION)
+    {
+      SecurityDescriptor->Control |= SE_SACL_PRESENT;
+    }
+
+  return STATUS_SUCCESS;
+}
+
+
+static NTSTATUS
+CmiAssignSecurityDescriptor(PKEY_OBJECT KeyObject,
+			    PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+#if 0
+  PREGISTRY_HIVE Hive;
+
+  DPRINT1("CmiAssignSecurityDescriptor() callled\n");
+
+  DPRINT1("KeyObject %p\n", KeyObject);
+  DPRINT1("KeyObject->RegistryHive %p\n", KeyObject->RegistryHive);
+
+  Hive = KeyObject->RegistryHive;
+  if (Hive == NULL)
+    {
+      DPRINT1("Create new root security cell\n");
+      return STATUS_SUCCESS;
+    }
+
+  if (Hive->RootSecurityCell == NULL)
+    {
+      DPRINT1("Create new root security cell\n");
+
+    }
+  else
+    {
+      DPRINT1("Search for security cell\n");
+
+    }
+#endif
+
+  return STATUS_SUCCESS;
+}
+
+
 NTSTATUS STDCALL
 CmiObjectSecurity(PVOID ObjectBody,
 		  SECURITY_OPERATION_CODE OperationCode,
@ -329,7 +441,10 @@ CmiObjectSecurity(PVOID ObjectBody,

      case QuerySecurityDescriptor:
        DPRINT("Query security descriptor\n");
-        return STATUS_UNSUCCESSFUL;
+        return CmiQuerySecurityDescriptor((PKEY_OBJECT)ObjectBody,
+					  SecurityInformation,
+					  SecurityDescriptor,
+					  BufferLength);

      case DeleteSecurityDescriptor:
        DPRINT("Delete security descriptor\n");
@ -337,7 +452,8 @@ CmiObjectSecurity(PVOID ObjectBody,

      case AssignSecurityDescriptor:
        DPRINT("Assign security descriptor\n");
-        return STATUS_SUCCESS;
+        return CmiAssignSecurityDescriptor((PKEY_OBJECT)ObjectBody,
+					   SecurityDescriptor);
    }

  return STATUS_UNSUCCESSFUL;