From 1c36df367b3cce1e9809d5ec98f926310d8e195b Mon Sep 17 00:00:00 2001
From: Pierre Schweitzer <pierre@reactos.org>
Date: Sun, 28 Dec 2014 18:31:06 +0000
Subject: [PATCH] [NTOSKRNL] - In case of AssignSecurityDescriptor operation in
 IopGetSetSecurityObject(), put the security descriptor in cache before
 attempting the assignement - In IopUnloadDevice(), don't attempt to free the
 security descriptor, let this to Ob by just derefencing it. Spotted & fixed
 by Thomas.

This unregresses VMware Tools installation.

CORE-7991

svn path=/trunk/; revision=65862
---
 reactos/ntoskrnl/io/iomgr/device.c |  4 ++--
 reactos/ntoskrnl/io/iomgr/file.c   | 23 +++++++++++++++++++----
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/reactos/ntoskrnl/io/iomgr/device.c b/reactos/ntoskrnl/io/iomgr/device.c
index c68d8306dbd..88ea608577b 100644
--- a/reactos/ntoskrnl/io/iomgr/device.c
+++ b/reactos/ntoskrnl/io/iomgr/device.c
@@ -396,8 +396,8 @@ IopUnloadDevice(IN PDEVICE_OBJECT DeviceObject)
         /* Check if we have a Security Descriptor */
         if (DeviceObject->SecurityDescriptor)
         {
-            /* Free it */
-            ExFreePoolWithTag(DeviceObject->SecurityDescriptor, TAG_SD);
+            /* Dereference it */
+            ObDereferenceSecurityDescriptor(DeviceObject->SecurityDescriptor, 1);
         }
 
         /* Remove the device from the list */
diff --git a/reactos/ntoskrnl/io/iomgr/file.c b/reactos/ntoskrnl/io/iomgr/file.c
index 404c12c1b85..d82779c34a9 100644
--- a/reactos/ntoskrnl/io/iomgr/file.c
+++ b/reactos/ntoskrnl/io/iomgr/file.c
@@ -1551,15 +1551,30 @@ IopGetSetSecurityObject(IN PVOID ObjectBody,
         }
         else if (OperationCode == AssignSecurityDescriptor)
         {
+            Status = STATUS_SUCCESS;
+
             /* Make absolutely sure this is a device object */
             if (!(FileObject) || !(FileObject->Flags & FO_STREAM_FILE))
             {
-                /* Assign the Security Descriptor */
-                DeviceObject->SecurityDescriptor = SecurityDescriptor;
+                PSECURITY_DESCRIPTOR CachedSecurityDescriptor;
+
+                /* Add the security descriptor in cache */
+                Status = ObLogSecurityDescriptor(SecurityDescriptor, &CachedSecurityDescriptor, 1);
+                if (NT_SUCCESS(Status))
+                {
+                    KeEnterCriticalRegion();
+                    ExAcquireResourceExclusiveLite(&IopSecurityResource, TRUE);
+
+                    /* Assign the Security Descriptor */
+                    DeviceObject->SecurityDescriptor = CachedSecurityDescriptor;
+
+                    ExReleaseResourceLite(&IopSecurityResource);
+                    KeLeaveCriticalRegion();
+                }
             }
 
-            /* Return success */
-            return STATUS_SUCCESS;
+            /* Return status */
+            return Status;
         }
         else if (OperationCode == SetSecurityDescriptor)
         {