Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 23:03:00 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread which isn't the current one. This is useful when creating a new process or thread since we're not actually in it.

Browse source 
- Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now create an AccessState.
- Also write the PID in the ObjectTable.

svn path=/trunk/; revision=23236
This commit is contained in:
Alex Ionescu 2006-07-23 08:20:57 +00:00
parent a92eec4397
commit 1223ca9cab
5 changed files with 138 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

23
reactos/ntoskrnl/include/internal/se.h
View file

@ -129,6 +129,17 @@ SeSubProcessToken(
IN ULONG SessionId IN ULONG SessionId
); );
NTSTATUS
NTAPI
SeCreateAccessStateEx(
IN PETHREAD Thread,
IN PEPROCESS Process,
IN OUT PACCESS_STATE AccessState,
IN PAUX_DATA AuxData,
IN ACCESS_MASK Access,
IN PGENERIC_MAPPING GenericMapping
);
NTSTATUS NTSTATUS
NTAPI NTAPI
SeIsTokenChild( SeIsTokenChild(
@ -160,6 +171,10 @@ VOID
NTAPI NTAPI
SeAuditProcessExit(IN PEPROCESS Process); SeAuditProcessExit(IN PEPROCESS Process);
VOID
NTAPI
SeAuditProcessCreate(IN PEPROCESS Process);
NTSTATUS NTSTATUS
NTAPI NTAPI
SeExchangePrimaryToken( SeExchangePrimaryToken(
@ -168,6 +183,14 @@ SeExchangePrimaryToken(
PACCESS_TOKEN* OldTokenP PACCESS_TOKEN* OldTokenP
); );
VOID
NTAPI
SeCaptureSubjectContextEx(
IN PETHREAD Thread,
IN PEPROCESS Process,
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
);
NTSTATUS NTSTATUS
NTAPI NTAPI
SeCaptureLuidAndAttributesArray( SeCaptureLuidAndAttributesArray(

35
reactos/ntoskrnl/ps/process.c
View file

@ -368,6 +368,9 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
PETHREAD CurrentThread; PETHREAD CurrentThread;
PEPROCESS CurrentProcess; PEPROCESS CurrentProcess;
ULONG MinWs, MaxWs; ULONG MinWs, MaxWs;
ACCESS_STATE LocalAccessState;
PACCESS_STATE AccessState = &LocalAccessState;
AUX_DATA AuxData;
PAGED_CODE(); PAGED_CODE();
DirectoryTableBase.QuadPart = 0; DirectoryTableBase.QuadPart = 0;
@ -633,7 +636,19 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
goto CleanupWithRef; goto CleanupWithRef;
} }
/* FIXME: Insert into Job Object */ /* Set the handle table PID */
Process->ObjectTable->UniqueProcessId = Process->UniqueProcessId;
/* Check if we need to audit */
if (SeDetailedAuditingWithToken(NULL)) SeAuditProcessCreate(Process);
/* Check if the parent had a job */
if ((Parent) && (Parent->Job))
{
/* FIXME: We need to insert this process */
DPRINT1("Jobs not yet supported\n");
KEBUGCHECK(0);
}
/* Create PEB only for User-Mode Processes */ /* Create PEB only for User-Mode Processes */
if (Parent) if (Parent)
@ -647,15 +662,29 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks); InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks);
KeReleaseGuardedMutex(&PspActiveProcessMutex); KeReleaseGuardedMutex(&PspActiveProcessMutex);
/* FIXME: SeCreateAccessStateEx */ /* Create an access state */
Status = SeCreateAccessStateEx(CurrentThread,
((Parent) &&
(Parent == PsInitialSystemProcess)) ?
Parent : CurrentProcess,
&LocalAccessState,
&AuxData,
DesiredAccess,
&PsProcessType->TypeInfo.GenericMapping);
if (!NT_SUCCESS(Status)) goto CleanupWithRef;
/* Insert the Process into the Object Directory */ /* Insert the Process into the Object Directory */
Status = ObInsertObject(Process, Status = ObInsertObject(Process,
NULL, AccessState,
DesiredAccess, DesiredAccess,
1, 1,
(PVOID*)&Process, (PVOID*)&Process,
&hProcess); &hProcess);
/* Free the access state */
if (AccessState) SeDeleteAccessState(AccessState);
/* Cleanup on failure */
if (!NT_SUCCESS(Status)) goto Cleanup; if (!NT_SUCCESS(Status)) goto Cleanup;
/* FIXME: Compute Quantum and Priority */ /* FIXME: Compute Quantum and Priority */

52
reactos/ntoskrnl/se/access.c
View file

@ -14,24 +14,19 @@
#define NDEBUG #define NDEBUG
#include <internal/debug.h> #include <internal/debug.h>
#define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | \
GENERIC_ALL)
/* FUNCTIONS ***************************************************************/ /* FUNCTIONS ***************************************************************/
/*
* @implemented
*/
NTSTATUS NTSTATUS
STDCALL NTAPI
SeCreateAccessState(PACCESS_STATE AccessState, SeCreateAccessStateEx(IN PETHREAD Thread,
PAUX_DATA AuxData, IN PEPROCESS Process,
ACCESS_MASK Access, IN OUT PACCESS_STATE AccessState,
PGENERIC_MAPPING GenericMapping) IN PAUX_DATA AuxData,
IN ACCESS_MASK Access,
IN PGENERIC_MAPPING GenericMapping)
{ {
ACCESS_MASK AccessMask = Access; ACCESS_MASK AccessMask = Access;
PTOKEN Token; PTOKEN Token;
PAGED_CODE(); PAGED_CODE();
/* Map the Generic Acess to Specific Access if we have a Mapping */ /* Map the Generic Acess to Specific Access if we have a Mapping */
@ -44,8 +39,10 @@ SeCreateAccessState(PACCESS_STATE AccessState,
RtlZeroMemory(AccessState, sizeof(ACCESS_STATE)); RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
/* Capture the Subject Context */ /* Capture the Subject Context */
SeCaptureSubjectContext(&AccessState->SubjectSecurityContext); SeCaptureSubjectContextEx(Thread,
Process,
&AccessState->SubjectSecurityContext);
/* Set Access State Data */ /* Set Access State Data */
AccessState->AuxData = AuxData; AccessState->AuxData = AuxData;
AccessState->RemainingDesiredAccess = AccessMask; AccessState->RemainingDesiredAccess = AccessMask;
@ -56,7 +53,7 @@ SeCreateAccessState(PACCESS_STATE AccessState,
Token = AccessState->SubjectSecurityContext.ClientToken ? Token = AccessState->SubjectSecurityContext.ClientToken ?
(PTOKEN)&AccessState->SubjectSecurityContext.ClientToken : (PTOKEN)&AccessState->SubjectSecurityContext.ClientToken :
(PTOKEN)&AccessState->SubjectSecurityContext.PrimaryToken; (PTOKEN)&AccessState->SubjectSecurityContext.PrimaryToken;
/* Check for Travers Privilege */ /* Check for Travers Privilege */
if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE) if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
{ {
@ -67,13 +64,34 @@ SeCreateAccessState(PACCESS_STATE AccessState,
/* Set the Auxiliary Data */ /* Set the Auxiliary Data */
AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState + AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
FIELD_OFFSET(ACCESS_STATE, FIELD_OFFSET(ACCESS_STATE,
Privileges)); Privileges));
if (GenericMapping) AuxData->GenericMapping = *GenericMapping; if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
/* Return Sucess */ /* Return Sucess */
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
/*
* @implemented
*/
NTSTATUS
STDCALL
SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
IN PAUX_DATA AuxData,
IN ACCESS_MASK Access,
IN PGENERIC_MAPPING GenericMapping)
{
PAGED_CODE();
/* Call the internal API */
return SeCreateAccessStateEx(PsGetCurrentThread(),
PsGetCurrentProcess(),
AccessState,
AuxData,
Access,
GenericMapping);
}
/* /*
* @implemented * @implemented
*/ */
@ -89,7 +107,7 @@ SeDeleteAccessState(IN PACCESS_STATE AccessState)
/* Deallocate Privileges */ /* Deallocate Privileges */
if (AccessState->PrivilegesAllocated) ExFreePool(AuxData->PrivilegeSet); if (AccessState->PrivilegesAllocated) ExFreePool(AuxData->PrivilegeSet);
/* Deallocate Name and Type Name */ /* Deallocate Name and Type Name */
if (AccessState->ObjectName.Buffer) if (AccessState->ObjectName.Buffer)
{ {

7
reactos/ntoskrnl/se/audit.c
View file

@ -23,6 +23,13 @@ SeDetailedAuditingWithToken(IN PTOKEN Token)
return FALSE; return FALSE;
} }
VOID
NTAPI
SeAuditProcessCreate(IN PEPROCESS Process)
{
/* FIXME */
}
VOID VOID
NTAPI NTAPI
SeAuditProcessExit(IN PEPROCESS Process) SeAuditProcessExit(IN PEPROCESS Process)

66
reactos/ntoskrnl/se/semgr.c
View file

@ -416,36 +416,52 @@ SeDefaultObjectMethod(PVOID Object,
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
VOID
NTAPI
SeCaptureSubjectContextEx(IN PETHREAD Thread,
IN PEPROCESS Process,
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
BOOLEAN CopyOnOpen, EffectiveOnly;
PAGED_CODE();
/* ROS HACK */
if (!Process) return;
/* Save the unique ID */
SubjectContext->ProcessAuditId = Process->UniqueProcessId;
/* Check if we have a thread */
if (!Thread)
{
/* We don't, so no token */
SubjectContext->ClientToken = NULL;
}
else
{
/* Get the impersonation token */
SubjectContext->ClientToken =
PsReferenceImpersonationToken(Thread,
&CopyOnOpen,
&EffectiveOnly,
&SubjectContext->ImpersonationLevel);
}
/* Get the primary token */
SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
}
/* /*
* @implemented * @implemented
*/ */
VOID STDCALL VOID
NTAPI
SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext) SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
{ {
PETHREAD Thread; /* Call the internal API */
BOOLEAN CopyOnOpen; SeCaptureSubjectContextEx(PsGetCurrentThread(),
BOOLEAN EffectiveOnly; PsGetCurrentProcess(),
SubjectContext);
PAGED_CODE();
Thread = PsGetCurrentThread();
if (Thread == NULL)
{
SubjectContext->ProcessAuditId = 0;
SubjectContext->PrimaryToken = NULL;
SubjectContext->ClientToken = NULL;
SubjectContext->ImpersonationLevel = 0;
}
else
{
SubjectContext->ProcessAuditId = Thread->ThreadsProcess;
SubjectContext->ClientToken =
PsReferenceImpersonationToken(Thread,
&CopyOnOpen,
&EffectiveOnly,
&SubjectContext->ImpersonationLevel);
SubjectContext->PrimaryToken = PsReferencePrimaryToken(Thread->ThreadsProcess);
}
} }