mirror of
https://github.com/reactos/reactos.git
synced 2025-06-10 04:14:53 +00:00
[NTOSKRNL] Add a few ASSERTs to ObpGetDosDevicesProtection for DBG builds
This commit is contained in:
Pierre Schweitzer
parent
8f655f9466
commit
1b42731dca
1 changed files with 59 additions and 45 deletions
|
|
@ -41,9 +41,11 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||||
{
|
{
|
||||||
PACL Dacl;
|
PACL Dacl;
|
||||||
ULONG AclSize;
|
ULONG AclSize;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
/* Initialize the SD */
|
/* Initialize the SD */
|
||||||
RtlCreateSecurityDescriptor(SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION);
|
Status = RtlCreateSecurityDescriptor(SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
if (ObpProtectionMode & 1)
|
if (ObpProtectionMode & 1)
|
||||||
{
|
{
|
||||||
|
|
@ -63,42 +65,49 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Initialize the DACL */
|
/* Initialize the DACL */
|
||||||
RtlCreateAcl(Dacl, AclSize, ACL_REVISION);
|
Status = RtlCreateAcl(Dacl, AclSize, ACL_REVISION);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
/* Add the ACEs */
|
/* Add the ACEs */
|
||||||
RtlAddAccessAllowedAce(Dacl,
|
Status = RtlAddAccessAllowedAce(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
GENERIC_READ | GENERIC_EXECUTE,
|
GENERIC_READ | GENERIC_EXECUTE,
|
||||||
SeWorldSid);
|
SeWorldSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(Dacl,
|
Status = RtlAddAccessAllowedAce(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeLocalSystemSid);
|
SeLocalSystemSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAceEx(Dacl,
|
Status = RtlAddAccessAllowedAceEx(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
||||||
GENERIC_EXECUTE,
|
GENERIC_EXECUTE,
|
||||||
SeWorldSid);
|
SeWorldSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAceEx(Dacl,
|
Status = RtlAddAccessAllowedAceEx(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeAliasAdminsSid);
|
SeAliasAdminsSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAceEx(Dacl,
|
Status = RtlAddAccessAllowedAceEx(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeLocalSystemSid);
|
SeLocalSystemSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAceEx(Dacl,
|
Status = RtlAddAccessAllowedAceEx(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeCreatorOwnerSid);
|
SeCreatorOwnerSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
@ -115,28 +124,33 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Initialize the DACL */
|
/* Initialize the DACL */
|
||||||
RtlCreateAcl(Dacl, AclSize, ACL_REVISION);
|
Status = RtlCreateAcl(Dacl, AclSize, ACL_REVISION);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
/* Add the ACEs */
|
/* Add the ACEs */
|
||||||
RtlAddAccessAllowedAce(Dacl,
|
Status = RtlAddAccessAllowedAce(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
GENERIC_READ | GENERIC_EXECUTE | GENERIC_WRITE,
|
GENERIC_READ | GENERIC_EXECUTE | GENERIC_WRITE,
|
||||||
SeWorldSid);
|
SeWorldSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(Dacl,
|
Status = RtlAddAccessAllowedAce(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeLocalSystemSid);
|
SeLocalSystemSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
RtlAddAccessAllowedAceEx(Dacl,
|
Status = RtlAddAccessAllowedAceEx(Dacl,
|
||||||
ACL_REVISION,
|
ACL_REVISION,
|
||||||
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE,
|
||||||
GENERIC_ALL,
|
GENERIC_ALL,
|
||||||
SeWorldSid);
|
SeWorldSid);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Attach the DACL to the SD */
|
/* Attach the DACL to the SD */
|
||||||
RtlSetDaclSecurityDescriptor(SecurityDescriptor, TRUE, Dacl, FALSE);
|
Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor, TRUE, Dacl, FALSE);
|
||||||
|
ASSERT(NT_SUCCESS(Status));
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue