mirror of
https://github.com/reactos/reactos.git
synced 2024-06-29 01:12:06 +00:00
- Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread which isn't the current one. This is useful when creating a new process or thread since we're not actually in it.
- Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now create an AccessState. - Also write the PID in the ObjectTable. svn path=/trunk/; revision=23236
This commit is contained in:
parent
a92eec4397
commit
1223ca9cab
|
@ -129,6 +129,17 @@ SeSubProcessToken(
|
|||
IN ULONG SessionId
|
||||
);
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SeCreateAccessStateEx(
|
||||
IN PETHREAD Thread,
|
||||
IN PEPROCESS Process,
|
||||
IN OUT PACCESS_STATE AccessState,
|
||||
IN PAUX_DATA AuxData,
|
||||
IN ACCESS_MASK Access,
|
||||
IN PGENERIC_MAPPING GenericMapping
|
||||
);
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SeIsTokenChild(
|
||||
|
@ -160,6 +171,10 @@ VOID
|
|||
NTAPI
|
||||
SeAuditProcessExit(IN PEPROCESS Process);
|
||||
|
||||
VOID
|
||||
NTAPI
|
||||
SeAuditProcessCreate(IN PEPROCESS Process);
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SeExchangePrimaryToken(
|
||||
|
@ -168,6 +183,14 @@ SeExchangePrimaryToken(
|
|||
PACCESS_TOKEN* OldTokenP
|
||||
);
|
||||
|
||||
VOID
|
||||
NTAPI
|
||||
SeCaptureSubjectContextEx(
|
||||
IN PETHREAD Thread,
|
||||
IN PEPROCESS Process,
|
||||
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
|
||||
);
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SeCaptureLuidAndAttributesArray(
|
||||
|
|
|
@ -368,6 +368,9 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
|
|||
PETHREAD CurrentThread;
|
||||
PEPROCESS CurrentProcess;
|
||||
ULONG MinWs, MaxWs;
|
||||
ACCESS_STATE LocalAccessState;
|
||||
PACCESS_STATE AccessState = &LocalAccessState;
|
||||
AUX_DATA AuxData;
|
||||
PAGED_CODE();
|
||||
DirectoryTableBase.QuadPart = 0;
|
||||
|
||||
|
@ -633,7 +636,19 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
|
|||
goto CleanupWithRef;
|
||||
}
|
||||
|
||||
/* FIXME: Insert into Job Object */
|
||||
/* Set the handle table PID */
|
||||
Process->ObjectTable->UniqueProcessId = Process->UniqueProcessId;
|
||||
|
||||
/* Check if we need to audit */
|
||||
if (SeDetailedAuditingWithToken(NULL)) SeAuditProcessCreate(Process);
|
||||
|
||||
/* Check if the parent had a job */
|
||||
if ((Parent) && (Parent->Job))
|
||||
{
|
||||
/* FIXME: We need to insert this process */
|
||||
DPRINT1("Jobs not yet supported\n");
|
||||
KEBUGCHECK(0);
|
||||
}
|
||||
|
||||
/* Create PEB only for User-Mode Processes */
|
||||
if (Parent)
|
||||
|
@ -647,15 +662,29 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
|
|||
InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks);
|
||||
KeReleaseGuardedMutex(&PspActiveProcessMutex);
|
||||
|
||||
/* FIXME: SeCreateAccessStateEx */
|
||||
/* Create an access state */
|
||||
Status = SeCreateAccessStateEx(CurrentThread,
|
||||
((Parent) &&
|
||||
(Parent == PsInitialSystemProcess)) ?
|
||||
Parent : CurrentProcess,
|
||||
&LocalAccessState,
|
||||
&AuxData,
|
||||
DesiredAccess,
|
||||
&PsProcessType->TypeInfo.GenericMapping);
|
||||
if (!NT_SUCCESS(Status)) goto CleanupWithRef;
|
||||
|
||||
/* Insert the Process into the Object Directory */
|
||||
Status = ObInsertObject(Process,
|
||||
NULL,
|
||||
AccessState,
|
||||
DesiredAccess,
|
||||
1,
|
||||
(PVOID*)&Process,
|
||||
&hProcess);
|
||||
|
||||
/* Free the access state */
|
||||
if (AccessState) SeDeleteAccessState(AccessState);
|
||||
|
||||
/* Cleanup on failure */
|
||||
if (!NT_SUCCESS(Status)) goto Cleanup;
|
||||
|
||||
/* FIXME: Compute Quantum and Priority */
|
||||
|
|
|
@ -14,24 +14,19 @@
|
|||
#define NDEBUG
|
||||
#include <internal/debug.h>
|
||||
|
||||
#define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | \
|
||||
GENERIC_ALL)
|
||||
|
||||
/* FUNCTIONS ***************************************************************/
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
NTSTATUS
|
||||
STDCALL
|
||||
SeCreateAccessState(PACCESS_STATE AccessState,
|
||||
PAUX_DATA AuxData,
|
||||
ACCESS_MASK Access,
|
||||
PGENERIC_MAPPING GenericMapping)
|
||||
NTAPI
|
||||
SeCreateAccessStateEx(IN PETHREAD Thread,
|
||||
IN PEPROCESS Process,
|
||||
IN OUT PACCESS_STATE AccessState,
|
||||
IN PAUX_DATA AuxData,
|
||||
IN ACCESS_MASK Access,
|
||||
IN PGENERIC_MAPPING GenericMapping)
|
||||
{
|
||||
ACCESS_MASK AccessMask = Access;
|
||||
PTOKEN Token;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Map the Generic Acess to Specific Access if we have a Mapping */
|
||||
|
@ -44,8 +39,10 @@ SeCreateAccessState(PACCESS_STATE AccessState,
|
|||
RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
|
||||
|
||||
/* Capture the Subject Context */
|
||||
SeCaptureSubjectContext(&AccessState->SubjectSecurityContext);
|
||||
|
||||
SeCaptureSubjectContextEx(Thread,
|
||||
Process,
|
||||
&AccessState->SubjectSecurityContext);
|
||||
|
||||
/* Set Access State Data */
|
||||
AccessState->AuxData = AuxData;
|
||||
AccessState->RemainingDesiredAccess = AccessMask;
|
||||
|
@ -56,7 +53,7 @@ SeCreateAccessState(PACCESS_STATE AccessState,
|
|||
Token = AccessState->SubjectSecurityContext.ClientToken ?
|
||||
(PTOKEN)&AccessState->SubjectSecurityContext.ClientToken :
|
||||
(PTOKEN)&AccessState->SubjectSecurityContext.PrimaryToken;
|
||||
|
||||
|
||||
/* Check for Travers Privilege */
|
||||
if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
|
||||
{
|
||||
|
@ -67,13 +64,34 @@ SeCreateAccessState(PACCESS_STATE AccessState,
|
|||
/* Set the Auxiliary Data */
|
||||
AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
|
||||
FIELD_OFFSET(ACCESS_STATE,
|
||||
Privileges));
|
||||
Privileges));
|
||||
if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
|
||||
|
||||
/* Return Sucess */
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
NTSTATUS
|
||||
STDCALL
|
||||
SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
|
||||
IN PAUX_DATA AuxData,
|
||||
IN ACCESS_MASK Access,
|
||||
IN PGENERIC_MAPPING GenericMapping)
|
||||
{
|
||||
PAGED_CODE();
|
||||
|
||||
/* Call the internal API */
|
||||
return SeCreateAccessStateEx(PsGetCurrentThread(),
|
||||
PsGetCurrentProcess(),
|
||||
AccessState,
|
||||
AuxData,
|
||||
Access,
|
||||
GenericMapping);
|
||||
}
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
|
@ -89,7 +107,7 @@ SeDeleteAccessState(IN PACCESS_STATE AccessState)
|
|||
|
||||
/* Deallocate Privileges */
|
||||
if (AccessState->PrivilegesAllocated) ExFreePool(AuxData->PrivilegeSet);
|
||||
|
||||
|
||||
/* Deallocate Name and Type Name */
|
||||
if (AccessState->ObjectName.Buffer)
|
||||
{
|
||||
|
|
|
@ -23,6 +23,13 @@ SeDetailedAuditingWithToken(IN PTOKEN Token)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
VOID
|
||||
NTAPI
|
||||
SeAuditProcessCreate(IN PEPROCESS Process)
|
||||
{
|
||||
/* FIXME */
|
||||
}
|
||||
|
||||
VOID
|
||||
NTAPI
|
||||
SeAuditProcessExit(IN PEPROCESS Process)
|
||||
|
|
|
@ -416,36 +416,52 @@ SeDefaultObjectMethod(PVOID Object,
|
|||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
VOID
|
||||
NTAPI
|
||||
SeCaptureSubjectContextEx(IN PETHREAD Thread,
|
||||
IN PEPROCESS Process,
|
||||
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
BOOLEAN CopyOnOpen, EffectiveOnly;
|
||||
PAGED_CODE();
|
||||
|
||||
/* ROS HACK */
|
||||
if (!Process) return;
|
||||
|
||||
/* Save the unique ID */
|
||||
SubjectContext->ProcessAuditId = Process->UniqueProcessId;
|
||||
|
||||
/* Check if we have a thread */
|
||||
if (!Thread)
|
||||
{
|
||||
/* We don't, so no token */
|
||||
SubjectContext->ClientToken = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Get the impersonation token */
|
||||
SubjectContext->ClientToken =
|
||||
PsReferenceImpersonationToken(Thread,
|
||||
&CopyOnOpen,
|
||||
&EffectiveOnly,
|
||||
&SubjectContext->ImpersonationLevel);
|
||||
}
|
||||
|
||||
/* Get the primary token */
|
||||
SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
|
||||
}
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
VOID
|
||||
NTAPI
|
||||
SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
PETHREAD Thread;
|
||||
BOOLEAN CopyOnOpen;
|
||||
BOOLEAN EffectiveOnly;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
Thread = PsGetCurrentThread();
|
||||
if (Thread == NULL)
|
||||
{
|
||||
SubjectContext->ProcessAuditId = 0;
|
||||
SubjectContext->PrimaryToken = NULL;
|
||||
SubjectContext->ClientToken = NULL;
|
||||
SubjectContext->ImpersonationLevel = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
SubjectContext->ProcessAuditId = Thread->ThreadsProcess;
|
||||
SubjectContext->ClientToken =
|
||||
PsReferenceImpersonationToken(Thread,
|
||||
&CopyOnOpen,
|
||||
&EffectiveOnly,
|
||||
&SubjectContext->ImpersonationLevel);
|
||||
SubjectContext->PrimaryToken = PsReferencePrimaryToken(Thread->ThreadsProcess);
|
||||
}
|
||||
/* Call the internal API */
|
||||
SeCaptureSubjectContextEx(PsGetCurrentThread(),
|
||||
PsGetCurrentProcess(),
|
||||
SubjectContext);
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue