Added some security functions

Changes to csrss console support
Fixed bug in gdt.c

svn path=/trunk/; revision=901

reactos/apps/utils/shell/shell.c

@@ -124,7 +124,7 @@ int ExecuteProcess(char* name, char* cmdline, BOOL detached)
 			cmdline,
 			NULL,
 			NULL,
-			TRUE,
+			FALSE,
 			((TRUE == detached)
 			 ? DETACHED_PROCESS
 			: CREATE_NEW_CONSOLE
@@ -162,9 +162,11 @@ int ExecuteProcess(char* name, char* cmdline, BOOL detached)
 	  {
 	     	debug_printf("ProcessInformation.hThread %x\n",
 			     ProcessInformation.hThread);
-	     CloseHandle(ProcessInformation.hThread);
+//	     CloseHandle(ProcessInformation.hThread);
 	     WaitForSingleObject(ProcessInformation.hProcess, INFINITE);
 	     CloseHandle(ProcessInformation.hProcess);
+	     debug_printf("Thandle %x\n", ProcessInformation.hThread);
+	     CloseHandle(ProcessInformation.hThread);
 	  }
      }
    return(ret);

reactos/include/base.h

@@ -304,9 +304,10 @@ typedef char *PTSTR;
 #endif /* UNICODE */
 
 /*
-typedef PWSTR;
+ typedef PWSTR;
-typedef REGSAM;
+ */
-*/
+typedef PVOID REGSAM;
+
 
 typedef short RETCODE;
 

reactos/include/csrss/csrss.h

@@ -1,6 +1,11 @@
 #ifndef __INCLUDE_CSRSS_CSRSS_H
 #define __INCLUDE_CSRSS_CSRSS_H
 
+typedef struct
+{
+   
+} CONNECT_INFO, *PCONNECT_INFO;
+
 #define CSRSS_CREATE_PROCESS            (0x1)
 #define CSRSS_TERMINATE_PROCESS         (0x2)
 #define CSRSS_WRITE_CONSOLE             (0x3)

reactos/include/ddk/ntddk.h

@@ -35,8 +35,8 @@ extern "C"
 #include <ddk/cmtypes.h>
 #include <ddk/ketypes.h>
 #include <ddk/obtypes.h>
-#include <ddk/mmtypes.h>
 #include <ddk/setypes.h>
+#include <ddk/mmtypes.h>
 #include <ddk/iotypes.h>
 #include <ddk/extypes.h>
 #include <ddk/pstypes.h>

reactos/include/ddk/obtypes.h

@@ -80,7 +80,10 @@ typedef struct _OBJECT_TYPE
    
    /*
     */
-   VOID (*Security)(VOID);
+   NTSTATUS (*Security)(PVOID Object, 
+			ULONG InfoClass,
+			PVOID Info,
+			PULONG InfoLength);
    
    /*
     */

reactos/include/ddk/psfuncs.h

@@ -35,3 +35,9 @@ ULONG PsResumeThread(PETHREAD Thread,
 		     PNTSTATUS WaitStatus);
 PETHREAD PsGetCurrentThread(VOID);
 struct _EPROCESS* PsGetCurrentProcess(VOID);
+PACCESS_TOKEN PsReferenceImpersonationToken(PETHREAD Thread,
+					    PULONG Unknown1,
+					    PULONG Unknown2,
+					    SECURITY_IMPERSONATION_LEVEL* 
+					    Level);
+PACCESS_TOKEN PsReferencePrimaryToken(PEPROCESS Process);

reactos/include/ddk/pstypes.h

@@ -117,7 +117,7 @@ typedef struct _CLIENT_ID
 } CLIENT_ID, *PCLIENT_ID;
 
 typedef struct _NT_TIB {
-    struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;  // 00h
+    struct _EXCEPTION_REGISTRATION_RECORD* ExceptionList;  // 00h
     PVOID StackBase;                                       // 04h
     PVOID StackLimit;                                      // 08h
     PVOID SubSystemTib;                                    // 0Ch
@@ -269,6 +269,15 @@ typedef struct _TOP_LEVEL_IRP
 	ULONG TopLevelIrpConst;
 } TOP_LEVEL_IRP;
 
+typedef struct
+{
+   PACCESS_TOKEN Token;
+   UCHAR Unknown1;
+   UCHAR Unknown2;
+   UCHAR Pad[2];
+   SECURITY_IMPERSONATION_LEVEL Level;
+} IMPERSONATION_INFO, *PIMPERSONATION_INFO;
+
 typedef struct _ETHREAD {
 	KTHREAD			Tcb;
 	TIME			CreateTime;
@@ -282,7 +291,7 @@ typedef struct _ETHREAD {
 	PLARGE_INTEGER		LpcReplySemaphore;
 	PVOID			LpcReplyMessage;
 	PLARGE_INTEGER		LpcReplyMessageId;
-	PVOID			ImpersonationInfo;
+	PIMPERSONATION_INFO     ImpersonationInfo;
 	LIST_ENTRY		IrpList; //
 	TOP_LEVEL_IRP		TopLevelIrp;
 	ULONG			ReadClusterSize;
@@ -295,8 +304,10 @@ typedef struct _ETHREAD {
 	PKSTART_ROUTINE		StartAddress;
 	LPTHREAD_START_ROUTINE  Win32StartAddress; // Should Specify a win32 start func
 	UCHAR 			LpcExitThreadCalled;
-	UCHAR 			HardErrorsAreDisabled;
+        UCHAR 			HardErrorsAreDisabled;
-
+        UCHAR                   LpcReceivedMsgIdValid;
+        UCHAR                   ActiveImpersonationInfo;
+        ULONG                   PerformanceCountHigh;
 
    /*
     * Added by David Welch (welch@cwcom.net)

reactos/include/ddk/sefuncs.h

@@ -1,3 +1,50 @@
+NTSTATUS RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				     ULONG Revision);
+
+BOOLEAN RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor);
+
+ULONG RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor);
+
+NTSTATUS RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				      BOOLEAN DaclPresent,
+				      PACL Dacl,
+				      BOOLEAN DaclDefaulted);
+
+NTSTATUS RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				      PBOOLEAN DaclPresent,
+				      PACL* Dacl,
+				      PBOOLEAN DaclDefauted);
+
+NTSTATUS RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID Owner,
+				       BOOLEAN OwnerDefaulted);
+
+NTSTATUS RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID* Owner,
+				       PBOOLEAN OwnerDefaulted);
+
+NTSTATUS RtlSetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID Group,
+				       BOOLEAN GroupDefaulted);
+
+NTSTATUS RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID* Group,
+				       PBOOLEAN GroupDefaulted);
+
+ULONG RtlLengthRequiredSid(UCHAR SubAuthorityCount);
+
+NTSTATUS RtlInitializeSid(PSID Sid,
+			  PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
+			  UCHAR SubAuthorityCount);
+
+PULONG RtlSubAuthoritySid(PSID Sid, ULONG SubAuthority);
+
+BOOLEAN RtlEqualSid(PSID Sid1, PSID Sid2);
+
+NTSTATUS RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
+				     PSECURITY_DESCRIPTOR RelSD,
+				     PULONG BufferLength);
+
 BOOLEAN SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
 		      IN PSECURITY_DESCRIPTOR_CONTEXT SubjectSecurityContext,
 		      IN BOOLEAN SubjectContextLocked,
@@ -22,4 +69,5 @@ BOOLEAN SeSinglePrivilegeCheck(LUID PrivilegeValue,
 			       KPROCESSOR_MODE PreviousMode);
 
 
-
+ULONG RtlLengthSid(PSID Sid);
+NTSTATUS RtlCopySid(ULONG BufferLength, PSID Src, PSID Dest);

reactos/include/ddk/setypes.h

@@ -11,42 +11,199 @@
 #ifndef __INCLUDE_DDK_SETYPES_H
 #define __INCLUDE_DDK_SETYPES_H
 
+/* SID */
+#define SECURITY_NULL_RID	(0L)
+#define SECURITY_WORLD_RID	(0L)
+#define SECURITY_LOCAL_RID	(0L)
+#define SECURITY_CREATOR_OWNER_RID	(0L)
+#define SECURITY_CREATOR_GROUP_RID	(0x1L)
+#define SECURITY_DIALUP_RID	(0x1L)
+#define SECURITY_NETWORK_RID	(0x2L)
+#define SECURITY_BATCH_RID	(0x3L)
+#define SECURITY_INTERACTIVE_RID	(0x4L)
+#define SECURITY_LOGON_IDS_RID	(0x5L)
+#define SECURITY_LOGON_IDS_RID_COUNT	(0x3L)
+#define SECURITY_SERVICE_RID	(0x6L)
+#define SECURITY_LOCAL_SYSTEM_RID	(0x12L)
+#define SECURITY_BUILTIN_DOMAIN_RID	(0x20L)
+#define DOMAIN_USER_RID_ADMIN	(0x1f4L)
+#define DOMAIN_USER_RID_GUEST	(0x1f5L)
+#define DOMAIN_GROUP_RID_ADMINS	(0x200L)
+#define DOMAIN_GROUP_RID_USERS	(0x201L)
+#define DOMAIN_ALIAS_RID_ADMINS	(0x220L)
+#define DOMAIN_ALIAS_RID_USERS	(0x221L)
+#define DOMAIN_ALIAS_RID_GUESTS	(0x222L)
+#define DOMAIN_ALIAS_RID_POWER_USERS	(0x223L)
+#define DOMAIN_ALIAS_RID_ACCOUNT_OPS	(0x224L)
+#define DOMAIN_ALIAS_RID_SYSTEM_OPS	(0x225L)
+#define DOMAIN_ALIAS_RID_PRINT_OPS	(0x226L)
+#define DOMAIN_ALIAS_RID_BACKUP_OPS	(0x227L)
+#define DOMAIN_ALIAS_RID_REPLICATOR	(0x228L)
+
+/* TOKEN_GROUPS structure */
+#define SE_GROUP_MANDATORY	(0x1L)
+#define SE_GROUP_ENABLED_BY_DEFAULT	(0x2L)
+#define SE_GROUP_ENABLED	(0x4L)
+#define SE_GROUP_OWNER	(0x8L)
+#define SE_GROUP_LOGON_ID	(0xc0000000L)
+
+/* ACL Defines */
+#define ACL_REVISION  (2)
+
+/* ACE_HEADER structure */
+#define ACCESS_ALLOWED_ACE_TYPE      (0x0)
+#define ACCESS_DENIED_ACE_TYPE       (0x1)
+#define SYSTEM_AUDIT_ACE_TYPE        (0x2)
+#define SYSTEM_ALARM_ACE_TYPE        (0x3)
+
+/* ACE flags in the ACE_HEADER structure */
+#define OBJECT_INHERIT_ACE           (0x1)
+#define CONTAINER_INHERIT_ACE        (0x2)
+#define NO_PROPAGATE_INHERIT_ACE     (0x4)
+#define INHERIT_ONLY_ACE             (0x8)
+#define SUCCESSFUL_ACCESS_ACE_FLAG   (0x40)
+#define FAILED_ACCESS_ACE_FLAG       (0x80)
+
+/* SECURITY_DESCRIPTOR_CONTROL */
+#define SECURITY_DESCRIPTOR_REVISION	(1)
+#define SECURITY_DESCRIPTOR_MIN_LENGTH	(20)
+#define SE_OWNER_DEFAULTED	(1)
+#define SE_GROUP_DEFAULTED	(2)
+#define SE_DACL_PRESENT	(4)
+#define SE_DACL_DEFAULTED	(8)
+#define SE_SACL_PRESENT	(16)
+#define SE_SACL_DEFAULTED	(32)
+#define SE_SELF_RELATIVE	(32768)
+
+/* PRIVILEGE_SET */
+#define SE_PRIVILEGE_ENABLED_BY_DEFAULT	(0x1L)
+#define SE_PRIVILEGE_ENABLED	(0x2L)
+#define SE_PRIVILEGE_USED_FOR_ACCESS	(0x80000000L)
+#define PRIVILEGE_SET_ALL_NECESSARY	(0x1)
+
+typedef ULONG ACCESS_MASK;
 typedef ULONG ACCESS_MODE, *PACCESS_MODE;
+
+typedef struct _SECURITY_QUALITY_OF_SERVICE { 
+  DWORD Length; 
+  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 
+  /* SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; */
+  WINBOOL ContextTrackingMode; 
+  BOOLEAN EffectiveOnly; 
+} SECURITY_QUALITY_OF_SERVICE; 
+
 typedef SECURITY_QUALITY_OF_SERVICE* PSECURITY_QUALITY_OF_SERVICE;
 
+typedef struct _ACE_HEADER
+{
+   CHAR AceType;
+   CHAR AceFlags;
+   USHORT AceSize;
+   ACCESS_MASK AccessMask;
+} ACE_HEADER, *PACE_HEADER;
+
+typedef struct
+{
+   ACE_HEADER Header;
+} ACE, *PACE;
+
+typedef struct _SID_IDENTIFIER_AUTHORITY
+{
+   BYTE Value[6];
+} SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY;
+
+#define SECURITY_WORLD_SID_AUTHORITY      {0,0,0,0,0,1}
+
+typedef struct _SID 
+{
+   UCHAR  Revision;
+   UCHAR  SubAuthorityCount;
+   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
+   ULONG SubAuthority[1];
+} SID, *PSID;
+
+typedef struct _ACL {
+  UCHAR AclRevision; 
+  UCHAR Sbz1; 
+  USHORT AclSize; 
+  USHORT AceCount; 
+  USHORT Sbz2; 
+} ACL, *PACL; 
+
+typedef USHORT SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL;
+
 typedef struct _SECURITY_DESCRIPTOR_CONTEXT
 {
 } SECURITY_DESCRIPTOR_CONTEXT, *PSECURITY_DESCRIPTOR_CONTEXT;
 
-typedef struct _ACCESS_TOKEN {
+typedef LARGE_INTEGER LUID, *PLUID;
-	TOKEN_SOURCE			TokenSource;
+
-	LUID				AuthenticationId;
+typedef struct _LUID_AND_ATTRIBUTES 
-	LARGE_INTEGER			ExpirationTime;
+{   
-	LUID				ModifiedId;
+   LUID  Luid; 
-	ULONG				UserAndGroupCount;
+   DWORD Attributes; 
-	ULONG				PrivilegeCount;
+} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
-	ULONG				VariableLength;
+
-	ULONG				DynamicCharged;
+typedef struct _TOKEN_SOURCE 
-	ULONG				DynamicAvailable;
+{
-	ULONG				DefaultOwnerIndex;
+   CHAR SourceName[8]; 
-	PACL				DefaultDacl;
+   LARGE_INTEGER Unknown;
-	TOKEN_TYPE			TokenType;
+   LUID SourceIdentifier; 
-	SECURITY_IMPERSONATION_LEVEL 	ImpersonationLevel;
+} TOKEN_SOURCE, *PTOKEN_SOURCE; 
-	UCHAR				TokenFlags;
+
-	UCHAR				TokenInUse;
+
-	UCHAR				Unused[2];
+typedef struct _ACCESS_TOKEN 
-	PVOID				ProxyData;
+{
-	PVOID				AuditData;
+   TOKEN_SOURCE			TokenSource;               // 0x00
-	UCHAR				VariablePart[0];
+   LUID				AuthenticationId;          // 0x18
+   LARGE_INTEGER			ExpirationTime;            // 0x20
+   LUID				ModifiedId;                // 0x28
+   ULONG				UserAndGroupCount;         // 0x30
+   ULONG				PrivilegeCount;            // 0x34
+   ULONG				VariableLength;            // 0x38
+   ULONG				DynamicCharged;            // 0x3C
+   ULONG				DynamicAvailable;          // 0x40
+   ULONG				DefaultOwnerIndex;         // 0x44
+   ULONG                        Unknown[2];                        // 0x48
+   PLUID_AND_ATTRIBUTES         Privileges;                        // 0x50
+   ULONG                        Unknown1;                          // 0x54
+   PACL				DefaultDacl;                       // 0x58
+   TOKEN_TYPE			TokenType;                         // 0x5C
+   SECURITY_IMPERSONATION_LEVEL 	ImpersonationLevel;        // 0x60
+   UCHAR				TokenFlags;                // 0x64
+   UCHAR				TokenInUse;                // 0x65
+   UCHAR				Unused[2];                 // 0x66
+   PVOID				ProxyData;                 // 0x68
+   PVOID				AuditData;                 // 0x6c
+   UCHAR				VariablePart[0];           // 0x70
 } ACCESS_TOKEN, *PACCESS_TOKEN;
 
 
 typedef struct _SECURITY_SUBJECT_CONTEXT
 {
-	PACCESS_TOKEN ClientToken;
+   PACCESS_TOKEN ClientToken;                              // 0x0
-	SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;        // 0x4
-	PACCESS_TOKEN PrimaryToken;
+   PACCESS_TOKEN PrimaryToken;                             // 0x8
-	PVOID ProcessAuditId;
+   PVOID ProcessAuditId;                                   // 0xC
 } SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
 
+
+typedef struct _SECURITY_DESCRIPTOR {
+  UCHAR  Revision;
+  UCHAR  Sbz1;
+  SECURITY_DESCRIPTOR_CONTROL Control;
+  PSID Owner;
+  PSID Group;
+  PACL Sacl;
+  PACL Dacl;
+} SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR;
+
+BOOLEAN RtlValidSid(PSID Sid);
+
+/*
+ * from ntoskrnl/se/token.c:
+ */
+extern struct _OBJECT_TYPE* SeTokenType;
+
+
 #endif

reactos/include/defines.h

@@ -4149,77 +4149,6 @@ extern "C" {
 #define TAPE_DRIVE_WRITE_SETMARKS	(-2130706432)
 #define TAPE_DRIVE_WRITE_SHORT_FMKS	(-2080374784)
 
-
-/* SID */
-#define SECURITY_NULL_RID	(0L)
-#define SECURITY_WORLD_RID	(0L)
-#define SECURITY_LOCAL_RID	(0L)
-#define SECURITY_CREATOR_OWNER_RID	(0L)
-#define SECURITY_CREATOR_GROUP_RID	(0x1L)
-#define SECURITY_DIALUP_RID	(0x1L)
-#define SECURITY_NETWORK_RID	(0x2L)
-#define SECURITY_BATCH_RID	(0x3L)
-#define SECURITY_INTERACTIVE_RID	(0x4L)
-#define SECURITY_LOGON_IDS_RID	(0x5L)
-#define SECURITY_LOGON_IDS_RID_COUNT	(0x3L)
-#define SECURITY_SERVICE_RID	(0x6L)
-#define SECURITY_LOCAL_SYSTEM_RID	(0x12L)
-#define SECURITY_BUILTIN_DOMAIN_RID	(0x20L)
-#define DOMAIN_USER_RID_ADMIN	(0x1f4L)
-#define DOMAIN_USER_RID_GUEST	(0x1f5L)
-#define DOMAIN_GROUP_RID_ADMINS	(0x200L)
-#define DOMAIN_GROUP_RID_USERS	(0x201L)
-#define DOMAIN_ALIAS_RID_ADMINS	(0x220L)
-#define DOMAIN_ALIAS_RID_USERS	(0x221L)
-#define DOMAIN_ALIAS_RID_GUESTS	(0x222L)
-#define DOMAIN_ALIAS_RID_POWER_USERS	(0x223L)
-#define DOMAIN_ALIAS_RID_ACCOUNT_OPS	(0x224L)
-#define DOMAIN_ALIAS_RID_SYSTEM_OPS	(0x225L)
-#define DOMAIN_ALIAS_RID_PRINT_OPS	(0x226L)
-#define DOMAIN_ALIAS_RID_BACKUP_OPS	(0x227L)
-#define DOMAIN_ALIAS_RID_REPLICATOR	(0x228L)
-
-/* TOKEN_GROUPS structure */
-#define SE_GROUP_MANDATORY	(0x1L)
-#define SE_GROUP_ENABLED_BY_DEFAULT	(0x2L)
-#define SE_GROUP_ENABLED	(0x4L)
-#define SE_GROUP_OWNER	(0x8L)
-#define SE_GROUP_LOGON_ID	(0xc0000000L)
-
-/* ACL Defines */
-#define ACL_REVISION  (2)
-
-/* ACE_HEADER structure */
-#define ACCESS_ALLOWED_ACE_TYPE      (0x0)
-#define ACCESS_DENIED_ACE_TYPE       (0x1)
-#define SYSTEM_AUDIT_ACE_TYPE        (0x2)
-#define SYSTEM_ALARM_ACE_TYPE        (0x3)
-
-/* ACE flags in the ACE_HEADER structure */
-#define OBJECT_INHERIT_ACE           (0x1)
-#define CONTAINER_INHERIT_ACE        (0x2)
-#define NO_PROPAGATE_INHERIT_ACE     (0x4)
-#define INHERIT_ONLY_ACE             (0x8)
-#define SUCCESSFUL_ACCESS_ACE_FLAG   (0x40)
-#define FAILED_ACCESS_ACE_FLAG       (0x80)
-
-/* SECURITY_DESCRIPTOR_CONTROL */
-#define SECURITY_DESCRIPTOR_REVISION	(1)
-#define SECURITY_DESCRIPTOR_MIN_LENGTH	(20)
-#define SE_OWNER_DEFAULTED	(1)
-#define SE_GROUP_DEFAULTED	(2)
-#define SE_DACL_PRESENT	(4)
-#define SE_DACL_DEFAULTED	(8)
-#define SE_SACL_PRESENT	(16)
-#define SE_SACL_DEFAULTED	(32)
-#define SE_SELF_RELATIVE	(32768)
-
-/* PRIVILEGE_SET */
-#define SE_PRIVILEGE_ENABLED_BY_DEFAULT	(0x1L)
-#define SE_PRIVILEGE_ENABLED	(0x2L)
-#define SE_PRIVILEGE_USED_FOR_ACCESS	(0x80000000L)
-#define PRIVILEGE_SET_ALL_NECESSARY	(0x1)
-
 /* OPENFILENAME structure */
 #define OFN_ALLOWMULTISELECT	(0x200)
 #define OFN_CREATEPROMPT	(0x2000)

reactos/include/kernel32/kernel32.h

@@ -33,3 +33,7 @@ BOOL KERNEL32_AnsiToUnicode(PWSTR DestStr,
 			    LPCSTR SrcStr,
 			    ULONG MaxLen);
 PWSTR InternalAnsiToUnicode(PWSTR Out, LPCSTR In, ULONG MaxLength);
+
+BOOLEAN IsConsoleHandle(HANDLE Handle);
+
+WINBOOL STDCALL CloseConsoleHandle(HANDLE Handle);

reactos/include/structs.h

@@ -29,6 +29,7 @@
    59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */ 
 
+
 #ifndef _GNU_H_WINDOWS32_STRUCTURES
 #define _GNU_H_WINDOWS32_STRUCTURES
 
@@ -52,64 +53,15 @@ typedef union _ULARGE_INTEGER
   ULONGLONG QuadPart;
 } ULARGE_INTEGER, *PULARGE_INTEGER;
 
+#include <ddk/setypes.h>
 
 typedef struct _LIST_ENTRY { 
   struct _LIST_ENTRY *Flink; 
   struct _LIST_ENTRY *Blink; 
 } LIST_ENTRY, *PLIST_ENTRY; 
 
-typedef DWORD ACCESS_MASK; 
 
 
-typedef struct _SID_IDENTIFIER_AUTHORITY { 
-  BYTE Value[6]; 
-} SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY, 
-    *LPSID_IDENTIFIER_AUTHORITY; 
-
-
-typedef struct _ACL {
-  BYTE AclRevision; 
-  BYTE Sbz1; 
-  WORD AclSize; 
-  WORD AceCount; 
-  WORD Sbz2; 
-} ACL, *PACL; 
-
-
-typedef struct _SID {
-   BYTE  Revision;
-   BYTE  SubAuthorityCount;
-   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
-   DWORD SubAuthority[ANYSIZE_ARRAY];
-} SID, *PSID;
-
-typedef WORD SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL;
-
-typedef struct _SECURITY_DESCRIPTOR {
-  BYTE  Revision;
-  BYTE  Sbz1;
-  SECURITY_DESCRIPTOR_CONTROL Control;
-  PSID Owner;
-  PSID Group;
-  PACL Sacl;
-  PACL Dacl;
-} SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR;
-
-typedef struct _SECURITY_QUALITY_OF_SERVICE { 
-  DWORD Length; 
-  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 
-  /* SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; */
-  WINBOOL ContextTrackingMode; 
-  BOOLEAN EffectiveOnly; 
-} SECURITY_QUALITY_OF_SERVICE; 
-
-typedef LARGE_INTEGER LUID, *PLUID;
-
-typedef struct _TOKEN_SOURCE {
-  CHAR SourceName[8]; 
-  LUID SourceIdentifier; 
-} TOKEN_SOURCE, *PTOKEN_SOURCE; 
-
 typedef struct _PARTITION_INFORMATION { 
   BYTE PartitionType; 
   BOOLEAN BootIndicator; 
@@ -152,11 +104,6 @@ typedef struct _GENERIC_MAPPING {
   ACCESS_MASK GenericAll; 
 } GENERIC_MAPPING, *PGENERIC_MAPPING; 
 
-typedef struct _LUID_AND_ATTRIBUTES { 
-  LUID  Luid; 
-  DWORD Attributes; 
-} LUID_AND_ATTRIBUTES; 
-
 typedef struct _PRIVILEGE_SET { 
   DWORD PrivilegeCount; 
   DWORD Control; 
@@ -418,27 +365,7 @@ typedef struct tagACCEL {
   BYTE   fVirt; 
   WORD   key; 
   WORD   cmd; 
-} ACCEL, *LPACCEL; 
+} ACCEL, *LPACCEL;  
-
-typedef struct _ACE_HEADER {
-  BYTE AceType; 
-  BYTE AceFlags; 
-  WORD AceSize; 
-} ACE_HEADER; 
-
-typedef ACCESS_MASK REGSAM;
-
-typedef struct _ACCESS_ALLOWED_ACE {
-  ACE_HEADER Header; 
-  ACCESS_MASK Mask; 
-  DWORD SidStart; 
-} ACCESS_ALLOWED_ACE; 
-
-typedef struct _ACCESS_DENIED_ACE {
-  ACE_HEADER  Header; 
-  ACCESS_MASK Mask; 
-  DWORD       SidStart; 
-} ACCESS_DENIED_ACE; 
 
 typedef struct tagACCESSTIMEOUT {
   UINT  cbSize; 
@@ -2551,7 +2478,7 @@ typedef struct _JOB_INFO_1 {
   SYSTEMTIME Submitted; 
 } JOB_INFO_1; 
  
- 
+#if 0 
 typedef struct _JOB_INFO_2 { 
   DWORD      JobId; 
   LPTSTR     pPrinterName; 
@@ -2577,7 +2504,8 @@ typedef struct _JOB_INFO_2 {
   DWORD      Time; 
   DWORD      PagesPrinted ; 
 } JOB_INFO_2; 
- 
+#endif
+   
 typedef struct tagKERNINGPAIR { 
   WORD wFirst; 
   WORD wSecond; 
@@ -2619,11 +2547,13 @@ typedef struct tagLOCALESIGNATURE {
   DWORD  lsCsbDefault[2];
   DWORD  lsCsbSupported[2];
 } LOCALESIGNATURE; 
- 
+
+   #if 0
 typedef struct _LOCALGROUP_MEMBERS_INFO_0 {  
   PSID  lgrmi0_sid; 
 } LOCALGROUP_MEMBERS_INFO_0; 
- 
+ #endif
+   
 typedef struct _LOCALGROUP_MEMBERS_INFO_3 {  
   LPWSTR  lgrmi3_domainandname; 
 } LOCALGROUP_MEMBERS_INFO_3; 
@@ -3461,7 +3391,8 @@ typedef struct _PRINTER_INFO_1 {
   LPTSTR pName; 
   LPTSTR pComment; 
 } PRINTER_INFO_1, *PPRINTER_INFO_1, *LPPRINTER_INFO_1; 
- 
+
+   #if 0
 typedef struct _PRINTER_INFO_2 { 
   LPTSTR    pServerName; 
   LPTSTR    pPrinterName; 
@@ -3485,11 +3416,13 @@ typedef struct _PRINTER_INFO_2 {
   DWORD     cJobs; 
   DWORD     AveragePPM; 
 } PRINTER_INFO_2; 
- 
+
+   
 typedef struct _PRINTER_INFO_3 { 
   PSECURITY_DESCRIPTOR pSecurityDescriptor; 
 } PRINTER_INFO_3; 
- 
+ #endif
+   
 typedef struct _PRINTER_INFO_4 { 
   LPTSTR  pPrinterName; 
   LPTSTR  pServerName; 

reactos/lib/kernel32/misc/console.c

@@ -9,6 +9,9 @@
  *	19990204 EA	SetConsoleTitleA
  *      19990306 EA	Stubs
  */
+
+/* INCLUDES ******************************************************************/
+
 #include <ddk/ntddk.h>
 #include <ddk/ntddblue.h>
 #include <windows.h>
@@ -18,20 +21,26 @@
 #define NDEBUG
 #include <kernel32/kernel32.h>
 
+/* GLOBALS ******************************************************************/
 
-/* What is this?
+static HANDLE StdInput  = INVALID_HANDLE_VALUE;
-#define EXTENDED_CONSOLE */
+static HANDLE StdOutput = INVALID_HANDLE_VALUE;
-
+static HANDLE StdError  = INVALID_HANDLE_VALUE;
-HANDLE StdInput  = INVALID_HANDLE_VALUE;
-HANDLE StdOutput = INVALID_HANDLE_VALUE;
-HANDLE StdError  = INVALID_HANDLE_VALUE;
-#ifdef EXTENDED_CONSOLE
-HANDLE StdAux    = INVALID_HANDLE_VALUE;
-HANDLE StdPrint  = INVALID_HANDLE_VALUE;
-#endif
 
+/* FUNCTIONS *****************************************************************/
 
+WINBOOL STDCALL CloseConsoleHandle(HANDLE Handle)
+{   
+}
 
+BOOLEAN IsConsoleHandle(HANDLE Handle)
+{
+   if ((((ULONG)Handle) & 0x10000003) == 0x3)
+     {
+	return(TRUE);
+     }
+   return(FALSE);
+}
 
 
 /*--------------------------------------------------------------
@@ -47,10 +56,6 @@ HANDLE STDCALL GetStdHandle(DWORD nStdHandle)
       case STD_INPUT_HANDLE:	return StdInput;
       case STD_OUTPUT_HANDLE:	return StdOutput;
       case STD_ERROR_HANDLE:	return StdError;
-#ifdef EXTENDED_CONSOLE
-      case STD_AUX_HANDLE:	return StdError;
-      case STD_PRINT_HANDLE:	return StdError;
-#endif
      }
    SetLastError(0); /* FIXME: What error code? */
    return INVALID_HANDLE_VALUE;
@@ -60,43 +65,31 @@ HANDLE STDCALL GetStdHandle(DWORD nStdHandle)
 /*--------------------------------------------------------------
  *	SetStdHandle
  */
-WINBASEAPI
+WINBASEAPI BOOL WINAPI SetStdHandle(DWORD nStdHandle,
-BOOL
+				    HANDLE hHandle)
-WINAPI
-SetStdHandle(
-	DWORD	nStdHandle,
-	HANDLE	hHandle
-	)
 {
-	/* More checking needed? */
+   /* More checking needed? */
-	if (hHandle == INVALID_HANDLE_VALUE)
+   if (hHandle == INVALID_HANDLE_VALUE)
-	{
+     {
-		SetLastError(0);	/* FIXME: What error code? */
+	SetLastError(0);	/* FIXME: What error code? */
-		return FALSE;
-	}
-	SetLastError(ERROR_SUCCESS); /* OK */
-	switch (nStdHandle)
-	{
-		case STD_INPUT_HANDLE:
-			StdInput = hHandle;
-			return TRUE;
-		case STD_OUTPUT_HANDLE:
-			StdOutput = hHandle;
-			return TRUE;
-		case STD_ERROR_HANDLE:
-			StdError = hHandle;
-			return TRUE;
-#ifdef EXTENDED_CONSOLE
-		case STD_AUX_HANDLE:
-			StdError = hHandle;
-			return TRUE;
-		case STD_PRINT_HANDLE:
-			StdError = hHandle;
-			return TRUE;
-#endif
-	}
-	SetLastError(0); /* FIXME: What error code? */
 	return FALSE;
+     }
+   
+   SetLastError(ERROR_SUCCESS); /* OK */
+   switch (nStdHandle)
+     {
+      case STD_INPUT_HANDLE:
+	StdInput = hHandle;
+	return TRUE;
+      case STD_OUTPUT_HANDLE:
+	StdOutput = hHandle;
+	return TRUE;
+      case STD_ERROR_HANDLE:
+	StdError = hHandle;
+	return TRUE;
+     }
+   SetLastError(0); /* FIXME: What error code? */
+   return FALSE;
 }
 
 

reactos/lib/kernel32/misc/handle.c

@@ -7,110 +7,136 @@
  * UPDATE HISTORY:
  *                  Created 01/11/98
  */
+
+/* INCLUDES ******************************************************************/
+
 #include <ddk/ntddk.h>
 #include <windows.h>
 
+#define NDEBUG
+#include <kernel32/kernel32.h>
 
+/* FUNCTIONS *****************************************************************/
 
-WINBOOL
+WINBOOL WINAPI GetHandleInformation(HANDLE hObject, LPDWORD lpdwFlags)
-WINAPI
-GetHandleInformation(
-    HANDLE hObject,
-    LPDWORD lpdwFlags
-    )
 {
-	OBJECT_DATA_INFORMATION HandleInfo;
+   OBJECT_DATA_INFORMATION HandleInfo;
-	ULONG BytesWritten;
+   ULONG BytesWritten;
-	NTSTATUS errCode;
+   NTSTATUS errCode;
-
+   
-	errCode = NtQueryObject(hObject,ObjectDataInformation, &HandleInfo, sizeof(OBJECT_DATA_INFORMATION),&BytesWritten);
+   errCode = NtQueryObject(hObject,
-	if (!NT_SUCCESS(errCode) ) {
+			   ObjectDataInformation, 
-		SetLastError(RtlNtStatusToDosError(errCode));
+			   &HandleInfo, 
-		return FALSE;
+			   sizeof(OBJECT_DATA_INFORMATION),
-	}
+			   &BytesWritten);
-	if ( HandleInfo.bInheritHandle )
+   if (!NT_SUCCESS(errCode)) 
-		*lpdwFlags &= HANDLE_FLAG_INHERIT;
+     {
-	if ( HandleInfo.bProtectFromClose )
+	SetLastError(RtlNtStatusToDosError(errCode));
-		*lpdwFlags &= HANDLE_FLAG_PROTECT_FROM_CLOSE;
+	return FALSE;
-	return TRUE;
+     }
+   if ( HandleInfo.bInheritHandle )
+     *lpdwFlags &= HANDLE_FLAG_INHERIT;
+   if ( HandleInfo.bProtectFromClose )
+     *lpdwFlags &= HANDLE_FLAG_PROTECT_FROM_CLOSE;
+   return TRUE;
 }
 
 
-WINBOOL
+WINBOOL STDCALL SetHandleInformation(HANDLE hObject,
-STDCALL
+				     DWORD dwMask,
-SetHandleInformation(
+				     DWORD dwFlags)
-    HANDLE hObject,
-    DWORD dwMask,
-    DWORD dwFlags
-    )
 {
-	OBJECT_DATA_INFORMATION HandleInfo;
+   OBJECT_DATA_INFORMATION HandleInfo;
-	NTSTATUS errCode;
+   NTSTATUS errCode;
-	ULONG BytesWritten;
+   ULONG BytesWritten;
 
-	errCode = NtQueryObject(hObject,ObjectDataInformation,&HandleInfo,sizeof(OBJECT_DATA_INFORMATION),&BytesWritten);
+   errCode = NtQueryObject(hObject,
-	if (!NT_SUCCESS(errCode) ) {
+			   ObjectDataInformation,
-		SetLastError(RtlNtStatusToDosError(errCode));
+			   &HandleInfo,
-		return FALSE;
+			   sizeof(OBJECT_DATA_INFORMATION),
-	}
+			   &BytesWritten);
-	if ( (dwMask & HANDLE_FLAG_INHERIT)== HANDLE_FLAG_INHERIT) {
+   if (!NT_SUCCESS(errCode)) 
-		HandleInfo.bInheritHandle = (BOOLEAN)((dwFlags & HANDLE_FLAG_INHERIT) ==  HANDLE_FLAG_INHERIT);      
+     {
-	}	
+	SetLastError(RtlNtStatusToDosError(errCode));
-	if ( (dwMask & HANDLE_FLAG_PROTECT_FROM_CLOSE)  == HANDLE_FLAG_PROTECT_FROM_CLOSE ) {
+	return FALSE;
-		HandleInfo.bProtectFromClose = (BOOLEAN)((dwFlags & HANDLE_FLAG_PROTECT_FROM_CLOSE) == HANDLE_FLAG_PROTECT_FROM_CLOSE ) ; 
+     }
-	}
+   if (dwMask & HANDLE_FLAG_INHERIT)
-
+     {
-	errCode = NtSetInformationObject(hObject,ObjectDataInformation,&HandleInfo,sizeof(OBJECT_DATA_INFORMATION));
+	HandleInfo.bInheritHandle = TRUE;
-	if (!NT_SUCCESS(errCode) ) {
+     }	
-		SetLastError(RtlNtStatusToDosError(errCode));
+   if (dwMask & HANDLE_FLAG_PROTECT_FROM_CLOSE) 
-		return FALSE;
+     {
-	}
+	HandleInfo.bProtectFromClose = TRUE;
-
+     }
-	return TRUE;
+   
+   errCode = NtSetInformationObject(hObject,
+				    ObjectDataInformation,
+				    &HandleInfo,
+				    sizeof(OBJECT_DATA_INFORMATION));
+   if (!NT_SUCCESS(errCode)) 
+     {
+	SetLastError(RtlNtStatusToDosError(errCode));
+	return FALSE;
+     }
+   
+   return TRUE;
 }
 
 
-WINBOOL
+WINBOOL STDCALL CloseHandle(HANDLE  hObject)
-STDCALL
+/*
-CloseHandle(    HANDLE  hObject )
+ * FUNCTION: Closes an open object handle
+ * PARAMETERS:
+ *       hObject = Identifies an open object handle
+ * RETURNS: If the function succeeds, the return value is nonzero
+ *          If the function fails, the return value is zero
+ */
 {
-	NTSTATUS errCode;
+   NTSTATUS errCode;
-
+   
-	errCode = NtClose(hObject);
+   if (IsConsoleHandle(hObject))
-	if(!NT_SUCCESS(errCode)) {
+     {
-		SetLastError(RtlNtStatusToDosError(errCode));
+	return(CloseConsoleHandle(hObject));
-		return FALSE;
+     }
-	}
+   
-
+   errCode = NtClose(hObject);
-	return TRUE;
+   if (!NT_SUCCESS(errCode)) 
+     {     
+	SetLastError(RtlNtStatusToDosError(errCode));
+	return FALSE;
+     }
+   
+   return TRUE;
 }
 
 
-WINBOOL
+WINBOOL STDCALL DuplicateHandle(HANDLE hSourceProcessHandle,
-STDCALL
+				HANDLE hSourceHandle,
-DuplicateHandle(
+				HANDLE hTargetProcessHandle,
-    HANDLE hSourceProcessHandle,
+				LPHANDLE lpTargetHandle,
-    HANDLE hSourceHandle,
+				DWORD dwDesiredAccess,
-    HANDLE hTargetProcessHandle,
+				BOOL bInheritHandle,
-    LPHANDLE lpTargetHandle,
+				DWORD dwOptions)
-    DWORD dwDesiredAccess,
-    BOOL bInheritHandle,
-    DWORD dwOptions
-   )
 {
-	NTSTATUS errCode;
+   NTSTATUS errCode;
 
-	errCode = NtDuplicateObject(hSourceProcessHandle,hSourceHandle,hTargetProcessHandle,lpTargetHandle, dwDesiredAccess, (BOOLEAN)bInheritHandle,dwOptions);
+   errCode = NtDuplicateObject(hSourceProcessHandle,
-	if ( !NT_SUCCESS(errCode) ) {
+			       hSourceHandle,
-		SetLastError(RtlNtStatusToDosError(errCode));
+			       hTargetProcessHandle,
-		return FALSE;
+			       lpTargetHandle, 
-	}
+			       dwDesiredAccess, 
-
+			       (BOOLEAN)bInheritHandle,
-	return TRUE;
+			       dwOptions);
+   if (!NT_SUCCESS(errCode)) 
+     {
+	SetLastError(RtlNtStatusToDosError(errCode));
+	return FALSE;
+     }
+   
+   return TRUE;
 }
 
-UINT STDCALL
+UINT STDCALL SetHandleCount(UINT nCount)
-SetHandleCount(UINT nCount)
 {
-	return nCount;
+   return(nCount);
 }

reactos/lib/kernel32/misc/stubs.c

@@ -1,4 +1,4 @@
-/* $Id: stubs.c,v 1.10 1999/11/17 21:28:08 ariadne Exp $
+/* $Id: stubs.c,v 1.11 1999/12/26 15:50:44 dwelch Exp $
  *
  * KERNEL32.DLL stubs (unimplemented functions)
  * Remove from this file, if you implement them.
@@ -241,16 +241,6 @@ ClearCommError (
 }
 
 
-BOOL
-STDCALL
-CloseConsoleHandle (
-	HANDLE	hConsole
-	)
-{
-	SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
-	return FALSE;
-}
-
 BOOL
 STDCALL
 CloseProfileUserMapping ( VOID)

reactos/lib/ntdll/csr/api.c

@@ -0,0 +1,36 @@
+/* $Id: api.c,v 1.1 1999/12/26 15:50:46 dwelch Exp $
+ *
+ * COPYRIGHT:       See COPYING in the top level directory
+ * PROJECT:         ReactOS kernel
+ * FILE:            lib/ntdll/csr/api.c
+ * PURPOSE:         CSRSS API
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#define NDEBUG
+#include <ntdll/ntdll.h>
+
+/* GLOBALS *******************************************************************/
+
+static HANDLE WindowsApiPort;
+
+/* FUNCTIONS *****************************************************************/
+
+NTSTATUS CsrConnectToServer(VOID)
+{
+   NTSTATUS Status;
+   UNICODE_STRING PortName;
+   
+   RtlInitUnicodeString(&PortName, L"\\Windows\\ApiPort");
+   
+   Status = NtConnectPort(&WindowsApiPort,
+			  &PortName,
+			  NULL,
+			  NULL,
+			  NULL,
+			  NULL,
+			  
+}

reactos/lib/ntdll/ldr/utils.c

@@ -1,4 +1,4 @@
-/* $Id: utils.c,v 1.21 1999/12/20 02:14:37 dwelch Exp $
+/* $Id: utils.c,v 1.22 1999/12/26 15:50:46 dwelch Exp $
  * 
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
@@ -702,7 +702,6 @@ static NTSTATUS LdrFixupImports(PIMAGE_NT_HEADERS	NTHeaders,
 			       ImageBase + NTHeaders->OptionalHeader
 				 .DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT]
 			     .VirtualAddress);
-   DPRINT1("ImportModuleDirectory %x\n", ImportModuleDirectory);
    DPRINT("ImportModuleDirectory %x\n", ImportModuleDirectory);
    
    while (ImportModuleDirectory->dwRVAModuleName)

reactos/ntoskrnl/dbg/print.c

@@ -1,4 +1,4 @@
-/* $Id: print.c,v 1.4 1999/12/06 05:48:34 phreak Exp $
+/* $Id: print.c,v 1.5 1999/12/26 15:50:47 dwelch Exp $
  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
@@ -43,6 +43,7 @@
 #define SERIAL_DEBUG_BAUD_RATE 19200
 
 
+#define BOCHS_DEBUGGING
 #ifdef BOCHS_DEBUGGING
 #define BOCHS_LOGGER_PORT (0xe9)
 #endif

reactos/ntoskrnl/ke/gdt.c

@@ -42,7 +42,13 @@ VOID KeFreeGdtSelector(ULONG Entry)
 {
    KIRQL oldIrql;
    
-   DPRINT("KeFreeGdtSelector(Entry %x)\n",Entry);
+   DPRINT("KeFreeGdtSelector(Entry %d)\n",Entry);
+   
+   if (Entry > (6 + NR_TASKS))
+     {
+	DPRINT1("Entry too large\n");
+	KeBugCheck(0);
+     }
    
    KeAcquireSpinLock(&GdtLock, &oldIrql);
    KiGdt[Entry*4] = 0;

reactos/ntoskrnl/ke/i386/exp.c

@@ -325,15 +325,18 @@ asmlinkage void exception_handler(unsigned int edi,
      }
    
    DbgPrint("\n");
-   DbgPrint("Killing current task\n");
+   if ((cs&0xffff) == USER_CS &&
-//   for(;;);
+       eip < KERNEL_BASE)
-   KeLowerIrql(PASSIVE_LEVEL);
-   if ((cs&0xffff) == USER_CS)
      {
-	ZwTerminateProcess(NtCurrentProcess(),
+	DbgPrint("Killing current task\n");
-			   STATUS_NONCONTINUABLE_EXCEPTION);
+	//   for(;;);
-     }
+	KeLowerIrql(PASSIVE_LEVEL);
-   
+	if ((cs&0xffff) == USER_CS)
+	  {
+	     ZwTerminateProcess(NtCurrentProcess(),
+				STATUS_NONCONTINUABLE_EXCEPTION);
+	  }
+     }   
    for(;;);
 }
 

reactos/ntoskrnl/ke/i386/thread.c

@@ -140,7 +140,7 @@ NTSTATUS HalReleaseTask(PETHREAD Thread)
  * NOTE: The thread had better not be running when this is called
  */
 {
-   KeFreeGdtSelector(Thread->Tcb.Context.nr);
+   KeFreeGdtSelector(Thread->Tcb.Context.nr / 8);
    ExFreePool(Thread->Tcb.Context.KernelStackBase);
    if (Thread->Tcb.Context.SavedKernelStackBase != NULL)
      {

reactos/ntoskrnl/ke/timer.c

@@ -1,4 +1,4 @@
-/* $Id: timer.c,v 1.25 1999/12/18 17:48:22 dwelch Exp $
+/* $Id: timer.c,v 1.26 1999/12/26 15:50:48 dwelch Exp $
  *
  * COPYRIGHT:      See COPYING in the top level directory
  * PROJECT:        ReactOS kernel
@@ -137,7 +137,7 @@ NTSTATUS STDCALL NtDelayExecution(IN ULONG Alertable,
    
    IntervalP = (PLARGE_INTEGER)Interval;
    
-   DPRINT1("NtDelayExecution(Alertable %d, Internal %x) IntervalP %x\n",
+   DPRINT("NtDelayExecution(Alertable %d, Internal %x) IntervalP %x\n",
 	  Alertable, Internal, IntervalP);
    
    Status = KeDelayExecutionThread(UserMode, Alertable, IntervalP);

reactos/ntoskrnl/ke/wait.c

@@ -19,6 +19,7 @@
 #include <ddk/ntddk.h>
 #include <internal/ke.h>
 #include <internal/ps.h>
+#include <internal/ob.h>
 
 #define NDEBUG
 #include <internal/debug.h>
@@ -600,17 +601,22 @@ NTSTATUS STDCALL NtWaitForSingleObject (IN	HANDLE		Object,
 				      UserMode,
 				      &ObjectPtr,
 				      NULL);
-   if (Status != STATUS_SUCCESS)
+   if (!NT_SUCCESS(Status))
      {
 	return(Status);
      }
    
+   DPRINT("ObjectPtr %x\n", ObjectPtr);
+   
    Status = KeWaitForSingleObject(ObjectPtr,
 				  UserMode,
 				  UserMode,
 				  Alertable,
 				  Time);
    
+   DPRINT("Returned from wait (status is %x) ObjectPtr %x(%d)\n", 
+	   Status, ObjectPtr, ObGetReferenceCount(ObjectPtr));
+   
    ObDereferenceObject(ObjectPtr);
    
    return(Status);

reactos/ntoskrnl/makefile_rex

@@ -1,4 +1,4 @@
-# $Id: makefile_rex,v 1.40 1999/12/13 22:04:35 dwelch Exp $
+# $Id: makefile_rex,v 1.41 1999/12/26 15:50:47 dwelch Exp $
 #
 # ReactOS Operating System
 #
@@ -45,7 +45,8 @@ IO_OBJECTS = io/iomgr.o io/create.o io/irp.o io/device.o io/rw.o \
 	     io/fs.o io/vpb.o io/buildirp.o io/flush.o io/dir.o io/iocomp.o \
 	     io/mailslot.o io/npipe.o io/lock.o io/page.o io/cleanup.o
 
-OB_OBJECTS = ob/object.o ob/handle.o ob/namespc.o ob/ntobj.o ob/dirobj.o
+OB_OBJECTS = ob/object.o ob/handle.o ob/namespc.o ob/ntobj.o ob/dirobj.o \
+             ob/security.o
 
 PS_OBJECTS = ps/psmgr.o ps/thread.o ps/process.o ps/idle.o ps/kill.o \
              ps/tinfo.o ps/create.o
@@ -54,7 +55,7 @@ EX_OBJECTS = ex/work.o ex/fmutex.o ex/resource.o ex/time.o ex/interlck.o \
              ex/callback.o ex/napi.o ex/power.o ex/sysinfo.o ex/locale.o \
              ex/stamp.o ex/init.o
 
-SE_OBJECTS = se/semgr.o
+SE_OBJECTS = se/semgr.o se/acl.o se/sid.o se/sd.o se/token.o se/luid.o
 
 CM_OBJECTS = cm/registry.o
 

reactos/ntoskrnl/mm/i386/page.c

@@ -29,7 +29,7 @@ extern ULONG MiNrFreePages;
 #define PA_BIT_READWRITE (1)
 #define PA_BIT_USER      (2)
 
-#define PA_PRESENT (1<<PA_BIT_PRESENT)
+#define PA_PRESENT  (1<<PA_BIT_PRESENT)
 
 #define PAGETABLE_MAP     (0xf0000000)
 #define PAGEDIRECTORY_MAP (0xf0000000 + (PAGETABLE_MAP / (1024)))
@@ -231,17 +231,7 @@ VOID MmSetPage(PEPROCESS Process,
    PEPROCESS CurrentProcess = PsGetCurrentProcess();
    ULONG Attributes = 0;
    
-   if (PAGE_ROUND_DOWN(Address) == 0x77630000 ||
+   if (((ULONG)PhysicalAddress) >= 0x400000)
-       PAGE_ROUND_DOWN(Address) == 0x77631000 ||
-       PAGE_ROUND_DOWN(Address) == 0x77632000 ||
-       PAGE_ROUND_DOWN(Address) == 0x77633000)
-     {
-	DPRINT1("MmSetPage(Process %x, Address %x, flProtect %x, "
-		"PhysicalAddress %x)\n",Process,Address,flProtect,
-		PhysicalAddress);
-     }
-   
-    if (((ULONG)PhysicalAddress) >= 0x400000)
      {
 	DbgPrint("MmSetPage(Process %x, Address %x, PhysicalAddress %x)\n",
 		 Process, Address, PhysicalAddress);

reactos/ntoskrnl/mm/mm.c

@@ -249,8 +249,12 @@ ULONG MmPageFault(ULONG cs, ULONG eip, ULONG error_code)
     */
    __asm__("movl %%cr2,%0\n\t" : "=d" (cr2));                
 //   DbgPrint("Page fault address %x eip %x process %x code %x\n",cr2,eip,
-//	  PsGetCurrentProcess(), error_code);
+//	    PsGetCurrentProcess(), error_code);
 
+   MmSetPageProtect(PsGetCurrentProcess(),
+		    (PVOID)PAGE_ROUND_DOWN(PsGetCurrentProcess()),
+		    0x7);
+   
    cr2 = PAGE_ROUND_DOWN(cr2);
    
    if (error_code & 0x1)

reactos/ntoskrnl/nt/ntevent.c

@@ -3,7 +3,7 @@
  * PROJECT:         ReactOS kernel
  * FILE:            ntoskrnl/nt/event.c
  * PURPOSE:         Named event support
- * PROGRAMMER:      David Welch (welch@mcmail.com)
+ * PROGRAMMER:      Philip Susi and David Welch
  * UPDATE HISTORY:
  *                  Created 22/05/98
  */
@@ -13,6 +13,7 @@
 #include <ddk/ntddk.h>
 #include <internal/ob.h>
 
+#define NDEBUG
 #include <internal/debug.h>
 
 /* GLOBALS *******************************************************************/
@@ -21,6 +22,27 @@ POBJECT_TYPE ExEventType = NULL;
 
 /* FUNCTIONS *****************************************************************/
 
+NTSTATUS NtpCreateEvent(PVOID ObjectBody,
+			PVOID Parent,
+			PWSTR RemainingPath,
+			POBJECT_ATTRIBUTES ObjectAttributes)
+{
+   
+   DPRINT("NtpCreateDevice(ObjectBody %x, Parent %x, RemainingPath %w)\n",
+	  ObjectBody, Parent, RemainingPath);
+   
+   if (RemainingPath != NULL && wcschr(RemainingPath+1, '\\') != NULL)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   
+   if (Parent != NULL && RemainingPath != NULL)
+     {
+	ObAddEntryDirectory(Parent, ObjectBody, RemainingPath+1);
+     }
+   return(STATUS_SUCCESS);
+}
+
 VOID NtInitializeEventImplementation(VOID)
 {
    ANSI_STRING AnsiName;
@@ -44,6 +66,7 @@ VOID NtInitializeEventImplementation(VOID)
    ExEventType->Security = NULL;
    ExEventType->QueryName = NULL;
    ExEventType->OkayToClose = NULL;
+   ExEventType->Create = NtpCreateEvent;
 }
 
 NTSTATUS STDCALL NtClearEvent (IN HANDLE EventHandle)
@@ -74,13 +97,16 @@ NTSTATUS STDCALL NtCreateEvent (OUT PHANDLE			EventHandle,
 				IN BOOLEAN	InitialState)
 {
    PKEVENT Event;
-   DbgPrint( "Creating Event\n" );
+   
+   DPRINT("NtCreateEvent()\n");
    Event = ObCreateObject(EventHandle,
 			  DesiredAccess,
 			  ObjectAttributes,
 			  ExEventType);
-   KeInitializeEvent( Event, ManualReset ? NotificationEvent : SynchronizationEvent, InitialState );
+   KeInitializeEvent(Event, 
-   ObDereferenceObject( Event );
+		     ManualReset ? NotificationEvent : SynchronizationEvent, 
+		     InitialState );
+   ObDereferenceObject(Event);
    return(STATUS_SUCCESS);
 }
 
@@ -117,41 +143,31 @@ NTSTATUS STDCALL NtOpenEvent (OUT PHANDLE			EventHandle,
 }
 
 
-NTSTATUS
+NTSTATUS STDCALL NtPulseEvent(IN	HANDLE	EventHandle,
-STDCALL
+			      IN	PULONG	PulseCount	OPTIONAL)
-NtPulseEvent (
-	IN	HANDLE	EventHandle,
-	IN	PULONG	PulseCount	OPTIONAL
-	)
 {
-	UNIMPLEMENTED;
+   UNIMPLEMENTED;
 }
 
 
-NTSTATUS
+NTSTATUS STDCALL NtQueryEvent (IN	HANDLE	EventHandle,
-STDCALL
+			       IN	CINT	EventInformationClass,
-NtQueryEvent (
+			       OUT	PVOID	EventInformation,
-	IN	HANDLE	EventHandle,
+			       IN	ULONG	EventInformationLength,
-	IN	CINT	EventInformationClass,
+			       OUT	PULONG	ReturnLength)
-	OUT	PVOID	EventInformation,
-	IN	ULONG	EventInformationLength,
-	OUT	PULONG	ReturnLength
-	)
 {
-	UNIMPLEMENTED;
+   UNIMPLEMENTED;
 }
 
 
-NTSTATUS
+NTSTATUS STDCALL NtResetEvent(HANDLE	EventHandle,
-STDCALL
+			      PULONG	NumberOfWaitingThreads	OPTIONAL)
-NtResetEvent (
-	HANDLE	EventHandle,
-	PULONG	NumberOfWaitingThreads	OPTIONAL
-	)
 {
    PKEVENT Event;
    NTSTATUS Status;
    
+   DPRINT("NtResetEvent(EventHandle %x)\n", EventHandle);
+   
    Status = ObReferenceObjectByHandle(EventHandle,
 				      EVENT_MODIFY_STATE,
 				      ExEventType,
@@ -168,16 +184,14 @@ NtResetEvent (
 }
 
 
-NTSTATUS
+NTSTATUS STDCALL NtSetEvent(IN	HANDLE	EventHandle,
-STDCALL
+			    PULONG NumberOfThreadsReleased)
-NtSetEvent (
-	IN	HANDLE	EventHandle,
-	PULONG	NumberOfThreadsReleased
-	)
 {
    PKEVENT Event;
    NTSTATUS Status;
    
+   DPRINT("NtSetEvent(EventHandle %x)\n", EventHandle);
+   
    Status = ObReferenceObjectByHandle(EventHandle,
 				      EVENT_MODIFY_STATE,
 				      ExEventType,
@@ -189,6 +203,8 @@ NtSetEvent (
 	return(Status);
      }
    KeSetEvent(Event,IO_NO_INCREMENT,FALSE);
+      
+   
    ObDereferenceObject(Event);
    return(STATUS_SUCCESS);
 }

reactos/ntoskrnl/ob/handle.c

@@ -1,4 +1,4 @@
-/* $Id: handle.c,v 1.16 1999/12/22 14:48:25 dwelch Exp $
+/* $Id: handle.c,v 1.17 1999/12/26 15:50:50 dwelch Exp $
  *
  * COPYRIGHT:          See COPYING in the top level directory
  * PROJECT:            ReactOS kernel
@@ -47,7 +47,7 @@ static PHANDLE_REP ObpGetObjectByHandle(PHANDLE_TABLE HandleTable, HANDLE h)
  */
 {
    PLIST_ENTRY current;
-   unsigned int handle = ((unsigned int)h) - 1;
+   unsigned int handle = (((unsigned int)h) - 1) >> 3;
    unsigned int count=handle/HANDLE_BLOCK_ENTRIES;
    HANDLE_BLOCK* blk = NULL;
    unsigned int i;
@@ -130,10 +130,15 @@ NTSTATUS STDCALL NtDuplicateObject (IN	HANDLE		SourceProcessHandle,
    if (SourceHandleRep == NULL)
      {
 	KeReleaseSpinLock(&SourceProcess->Pcb.HandleTable.ListLock, oldIrql);
+	ObDereferenceObject(SourceProcess);
+	ObDereferenceObject(TargetProcess);
 	return(STATUS_INVALID_HANDLE);
      }
    ObjectBody = SourceHandleRep->ObjectBody;
-   BODY_TO_HEADER(ObjectBody)->RefCount++;
+   ObReferenceObjectByPointer(ObjectBody,
+			      GENERIC_ALL,
+			      NULL,
+			      UserMode);
    
    if (Options & DUPLICATE_SAME_ACCESS)
      {
@@ -187,13 +192,30 @@ VOID ObCloseAllHandles(PEPROCESS Process)
 	     
 	     if (ObjectBody != NULL)
 	       {
-		  DPRINT("Deleting handle to %x\n", Object);
+		  POBJECT_HEADER Header = BODY_TO_HEADER(ObjectBody);
 		  
-		  BODY_TO_HEADER(ObjectBody)->RefCount++;
+		  if (Header->ObjectType == PsProcessType ||
-		  BODY_TO_HEADER(ObjectBody)->HandleCount--;
+		      Header->ObjectType == PsThreadType)
+		    {
+		       DPRINT("Deleting handle to %x\n", ObjectBody);
+		    }
+		  
+		  ObReferenceObjectByPointer(ObjectBody,
+					     GENERIC_ALL,
+					     NULL,
+					     UserMode);
+		  Header->HandleCount--;
 		  current->handles[i].ObjectBody = NULL;
 		  
 		  KeReleaseSpinLock(&HandleTable->ListLock, oldIrql);
+		  
+		  if ((Header->ObjectType != NULL) &&
+		      (Header->ObjectType->Close != NULL))
+		    {
+		       Header->ObjectType->Close(ObjectBody, 
+						 Header->HandleCount);
+		    }
+		  
 		  ObDereferenceObject(ObjectBody);
 		  KeAcquireSpinLock(&HandleTable->ListLock, &oldIrql);
 		  current_entry = &HandleTable->ListHead;
@@ -205,6 +227,7 @@ VOID ObCloseAllHandles(PEPROCESS Process)
      }
    KeReleaseSpinLock(&HandleTable->ListLock, oldIrql);
    DPRINT("ObCloseAllHandles() finished\n");
+   DPRINT("Type %x\n", BODY_TO_HEADER(Process)->ObjectType);
 }
 
 VOID ObDeleteHandleTable(PEPROCESS Process)
@@ -304,6 +327,7 @@ PVOID ObDeleteHandle(PEPROCESS Process, HANDLE Handle)
    PVOID ObjectBody;
    KIRQL oldIrql;
    PHANDLE_TABLE HandleTable;
+   POBJECT_HEADER Header;
    
    DPRINT("ObDeleteHandle(Handle %x)\n",Handle);
    
@@ -313,12 +337,22 @@ PVOID ObDeleteHandle(PEPROCESS Process, HANDLE Handle)
    
    Rep = ObpGetObjectByHandle(HandleTable, Handle);
    ObjectBody = Rep->ObjectBody;
+   Header = BODY_TO_HEADER(ObjectBody);
    BODY_TO_HEADER(ObjectBody)->HandleCount--;
-   BODY_TO_HEADER(ObjectBody)->RefCount++;
+   ObReferenceObjectByPointer(ObjectBody,
+			      GENERIC_ALL,
+			      NULL,
+			      UserMode);
    Rep->ObjectBody = NULL;
    
    KeReleaseSpinLock(&HandleTable->ListLock, oldIrql);
    
+   if ((Header->ObjectType != NULL) &&
+       (Header->ObjectType->Close != NULL))
+     {
+	Header->ObjectType->Close(ObjectBody, Header->HandleCount);
+     }
+   
    DPRINT("Finished ObDeleteHandle()\n");
    return(ObjectBody);
 }
@@ -375,7 +409,7 @@ NTSTATUS ObCreateHandle(PEPROCESS Process,
 		  blk->handles[i].GrantedAccess = GrantedAccess;
 		  blk->handles[i].Inherit = Inherit;
 		  KeReleaseSpinLock(&HandleTable->ListLock, oldlvl);
-		  *HandleReturn = (HANDLE)(handle + i);
+		  *HandleReturn = (HANDLE)((handle + i) << 3);
 		  return(STATUS_SUCCESS);
 	       }
 	  }
@@ -395,7 +429,7 @@ NTSTATUS ObCreateHandle(PEPROCESS Process,
    new_blk->handles[0].ObjectBody = ObjectBody;
    new_blk->handles[0].GrantedAccess = GrantedAccess;
    new_blk->handles[0].Inherit = Inherit;
-   *HandleReturn = (HANDLE)handle;
+   *HandleReturn = (HANDLE)(handle << 3);
    return(STATUS_SUCCESS);   
 }
 
@@ -440,7 +474,10 @@ NTSTATUS ObReferenceObjectByHandle(HANDLE Handle,
    if (Handle == NtCurrentProcess() && 
        (ObjectType == PsProcessType || ObjectType == NULL))
      {
-	BODY_TO_HEADER(PsGetCurrentProcess())->RefCount++;
+	ObReferenceObjectByPointer(PsGetCurrentProcess(),
+				   PROCESS_ALL_ACCESS,
+				   PsProcessType,
+				   UserMode);
 	*Object = PsGetCurrentProcess();
 	DPRINT("Referencing current process %x\n", PsGetCurrentProcess());
 	return(STATUS_SUCCESS);
@@ -453,7 +490,10 @@ NTSTATUS ObReferenceObjectByHandle(HANDLE Handle,
    if (Handle == NtCurrentThread() && 
        (ObjectType == PsThreadType || ObjectType == NULL))
      {
-	BODY_TO_HEADER(PsGetCurrentThread())->RefCount++;
+	ObReferenceObjectByPointer(PsGetCurrentThread(),
+				   THREAD_ALL_ACCESS,
+				   PsThreadType,
+				   UserMode);
 	*Object = PsGetCurrentThread();
 	CHECKPOINT;
 	return(STATUS_SUCCESS);
@@ -475,7 +515,10 @@ NTSTATUS ObReferenceObjectByHandle(HANDLE Handle,
 	return(STATUS_INVALID_HANDLE);
      }
    ObjectBody = HandleRep->ObjectBody;
-   BODY_TO_HEADER(ObjectBody)->RefCount++;
+   ObReferenceObjectByPointer(ObjectBody,
+			      GENERIC_ALL,
+			      NULL,
+			      UserMode);
    GrantedAccess = HandleRep->GrantedAccess;
    KeReleaseSpinLock(&PsGetCurrentProcess()->Pcb.HandleTable.ListLock,
 		     oldIrql);
@@ -488,7 +531,8 @@ NTSTATUS ObReferenceObjectByHandle(HANDLE Handle,
 	return(STATUS_OBJECT_TYPE_MISMATCH);
      }   
    
-   if (!(GrantedAccess & DesiredAccess))
+   if (!(GrantedAccess & DesiredAccess) &&
+       !((~GrantedAccess) & DesiredAccess))
      {
 	CHECKPOINT;
 	return(STATUS_ACCESS_DENIED);
@@ -528,12 +572,7 @@ NTSTATUS STDCALL NtClose(HANDLE Handle)
 
    Header = BODY_TO_HEADER(ObjectBody);
    
-   if ((Header->ObjectType != NULL) &&
+   DPRINT("Dereferencing %x\n", ObjectBody);
-       (Header->ObjectType->Close != NULL))
-     {
-	Header->ObjectType->Close(ObjectBody, Header->HandleCount);
-     }
-   
    ObDereferenceObject(ObjectBody);
    
    return STATUS_SUCCESS;

reactos/ntoskrnl/ob/object.c

@@ -14,7 +14,9 @@
 #include <ddk/ntddk.h>
 #include <internal/ob.h>
 #include <internal/string.h>
+#include <internal/ps.h>
 #include <internal/id.h>
+#include <internal/ke.h>
 
 #define NDEBUG
 #include <internal/debug.h>
@@ -166,6 +168,8 @@ PVOID ObCreateObject(PHANDLE Handle,
    if (Header->ObjectType != NULL &&
        Header->ObjectType->Create != NULL)
      {
+	DPRINT("Calling %x\n", Header->ObjectType);
+	DPRINT("Calling %x\n", Header->ObjectType->Create);
 	Status = Header->ObjectType->Create(HEADER_TO_BODY(Header),
 					    Parent,
 					    RemainingPath,
@@ -201,10 +205,26 @@ NTSTATUS ObReferenceObjectByPointer(PVOID ObjectBody,
    
    if (ObjectType != NULL && ObjectHeader->ObjectType != ObjectType)
      {
-	DPRINT("Failed (type was %x %w)\n",ObjectHeader->ObjectType,
+	DPRINT("Failed %x (type was %x %w) should %x\n",
-	       ObjectHeader->ObjectType->TypeName.Buffer);
+		ObjectHeader,
+		ObjectHeader->ObjectType,
+		ObjectHeader->ObjectType->TypeName.Buffer,
+		ObjectType);
+	KeBugCheck(0);
 	return(STATUS_UNSUCCESSFUL);
      }
+   if (ObjectHeader->ObjectType == PsProcessType)
+     {
+	DPRINT("Ref p 0x%x refcount %d type %x ",
+		ObjectBody, ObjectHeader->RefCount, PsProcessType);
+	DPRINT("eip %x\n", ((PULONG)&ObjectBody)[-1]);
+     }
+   if (ObjectHeader->ObjectType == PsThreadType)
+     {
+	DPRINT("Deref t 0x%x with refcount %d type %x ",
+		ObjectBody, ObjectHeader->RefCount, PsThreadType);
+	DPRINT("eip %x\n", ((PULONG)&ObjectBody)[-1]);
+     }
    
    ObjectHeader->RefCount++;
    
@@ -270,10 +290,24 @@ VOID ObDereferenceObject(PVOID ObjectBody)
  */
 {
    POBJECT_HEADER Header = BODY_TO_HEADER(ObjectBody);
+   extern POBJECT_TYPE PsProcessType;
    
 //   DPRINT("ObDeferenceObject(ObjectBody %x) RefCount %d\n",ObjectBody,
 //	  Header->RefCount);
-      
+
+   if (Header->ObjectType == PsProcessType)
+     {
+	DPRINT("Deref p 0x%x with refcount %d type %x ",
+		ObjectBody, Header->RefCount, PsProcessType);
+	DPRINT("eip %x\n", ((PULONG)&ObjectBody)[-1]);
+     }
+   if (Header->ObjectType == PsThreadType)
+     {
+	DPRINT("Deref t 0x%x with refcount %d type %x ",
+		ObjectBody, Header->RefCount, PsThreadType);
+	DPRINT("eip %x\n", ((PULONG)&ObjectBody)[-1]);
+     }
+   
    Header->RefCount--;
    
    ObPerformRetentionChecks(Header);

reactos/ntoskrnl/ob/security.c

@@ -0,0 +1,74 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/ob/object.c
+ * PROGRAMER:         ?
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/ob.h>
+
+#include <internal/debug.h>
+
+/* FUNCTIONS ***************************************************************/
+
+NTSTATUS STDCALL NtQuerySecurityObject(IN HANDLE ObjectHandle,
+				       IN CINT SecurityObjectInformationClass,
+				       OUT PVOID SecurityObjectInformation,
+				       IN ULONG	Length,
+				       OUT PULONG ReturnLength)
+{
+   NTSTATUS Status;
+   PVOID Object;
+   OBJECT_HANDLE_INFORMATION HandleInfo;
+   POBJECT_HEADER Header;
+   
+   Status = ObReferenceObjectByHandle(ObjectHandle,
+				      0,
+				      NULL,
+				      KeGetPreviousMode(),
+				      &Object,
+				      &HandleInfo);
+   if (!NT_SUCCESS(Status))
+     {
+	return(Status);
+     }
+  
+   Header = BODY_TO_HEADER(Object);
+   if (Header->ObjectType != NULL &&
+       Header->ObjectType->Security != NULL)
+     {
+	Status = Header->ObjectType->Security(Object, 
+					      SecurityObjectInformationClass,
+					      SecurityObjectInformation,
+					      &Length);     
+	*ReturnLength = Length;
+     }
+   else
+     {
+	Status = STATUS_NOT_IMPLEMENTED;
+     }
+   ObDereferenceObject(Object);
+   return(Status);
+}
+
+
+NTSTATUS
+STDCALL
+NtSetSecurityObject(
+	IN	HANDLE			Handle, 
+	IN	SECURITY_INFORMATION	SecurityInformation, 
+	IN	PSECURITY_DESCRIPTOR	SecurityDescriptor 
+	)
+{
+   UNIMPLEMENTED;
+}
+
+
+

reactos/ntoskrnl/ps/create.c

@@ -1,4 +1,4 @@
-/* $Id: create.c,v 1.5 1999/12/22 14:48:26 dwelch Exp $
+/* $Id: create.c,v 1.6 1999/12/26 15:50:51 dwelch Exp $
  *
  * COPYRIGHT:              See COPYING in the top level directory
  * PROJECT:                ReactOS kernel
@@ -43,11 +43,35 @@ extern LIST_ENTRY PiThreadListHead;
 
 /* FUNCTIONS ***************************************************************/
 
+PACCESS_TOKEN PsReferenceImpersonationToken(PETHREAD Thread,
+					    PULONG Unknown1,
+					    PULONG Unknown2,
+					    SECURITY_IMPERSONATION_LEVEL* 
+					    Level)
+{
+   if (Thread->ActiveImpersonationInfo == 0)
+     {
+	return(NULL);
+     }
+   
+   *Level = Thread->ImpersonationInfo->Level;
+   *Unknown1 = Thread->ImpersonationInfo->Unknown1;
+   *Unknown2 = Thread->ImpersonationInfo->Unknown2;
+   ObReferenceObjectByPointer(Thread->ImpersonationInfo->Token,
+			      GENERIC_ALL,
+			      SeTokenType,
+			      KernelMode);
+   return(Thread->ImpersonationInfo->Token);
+}
+
 static VOID PiTimeoutThread( struct _KDPC *dpc, PVOID Context, PVOID arg1, PVOID arg2 )
 {
    // wake up the thread, and tell it it timed out
    NTSTATUS Status = STATUS_TIMEOUT;
-   PsUnfreezeThread( (ETHREAD *)Context, &Status );
+   
+   DPRINT("PiTimeoutThread()\n");
+   
+   KeRemoveAllWaitsThread((PETHREAD)Context, Status);
 }
 
 VOID PiBeforeBeginThread(VOID)
@@ -76,6 +100,8 @@ VOID PiDeleteThread(PVOID ObjectBody)
    DPRINT("PiDeleteThread(ObjectBody %x)\n",ObjectBody);
    
    KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
+   DPRINT("Process %x(%d)\n", ((PETHREAD)ObjectBody)->ThreadsProcess,
+	   ObGetReferenceCount(((PETHREAD)ObjectBody)->ThreadsProcess));
    ObDereferenceObject(((PETHREAD)ObjectBody)->ThreadsProcess);
    ((PETHREAD)ObjectBody)->ThreadsProcess = NULL;
    PiNrThreads--;

reactos/ntoskrnl/ps/kill.c

@@ -78,17 +78,19 @@ VOID PsReapThreads(VOID)
 	     PEPROCESS Process = current->ThreadsProcess; 
 	     NTSTATUS Status = current->ExitStatus;
 	     
+	     DPRINT("PsProcessType %x\n", PsProcessType);
 	     ObReferenceObjectByPointer(Process, 
 					0, 
 					PsProcessType, 
-					KernelMode );
+					KernelMode);
 	     DPRINT("Reaping thread %x\n", current);
+	     DPRINT("Ref count %d\n", ObGetReferenceCount(Process));
 	     current->Tcb.State = THREAD_STATE_TERMINATED_2;
 	     RemoveEntryList(&current->Tcb.ProcessThreadListEntry);
 	     KeReleaseSpinLock(&PiThreadListLock, oldIrql);
 	     ObDereferenceObject(current);
 	     KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-	     if(IsListEmpty( &Process->Pcb.ThreadListHead))
+	     if(IsListEmpty(&Process->Pcb.ThreadListHead))
 	       {
 		  /* 
 		   * TODO: Optimize this so it doesnt jerk the IRQL around so 
@@ -99,6 +101,7 @@ VOID PsReapThreads(VOID)
 		  PiTerminateProcess(Process, Status);
 		  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
 	       }
+	     DPRINT("Ref count %d\n", ObGetReferenceCount(Process));
 	     ObDereferenceObject(Process);
 	     current_entry = PiThreadListHead.Flink;
 	  }
@@ -129,6 +132,9 @@ VOID PsTerminateCurrentThread(NTSTATUS ExitStatus)
    CurrentThread->Tcb.DispatcherHeader.SignalState = TRUE;
    KeDispatcherObjectWake(&CurrentThread->Tcb.DispatcherHeader);
    
+   DPRINT("Type %x\n", 
+	   BODY_TO_HEADER(CurrentThread->ThreadsProcess)->ObjectType);
+   
    PsDispatchThreadNoLock(THREAD_STATE_TERMINATED_1);
    KeBugCheck(0);
 }
@@ -145,10 +151,15 @@ VOID PsTerminateOtherThread(PETHREAD Thread, NTSTATUS ExitStatus)
      {
 	RemoveEntryList(&Thread->Tcb.QueueListEntry);
      }
+   RemoveEntryList(&Thread->Tcb.ProcessThreadListEntry);
    Thread->Tcb.State = THREAD_STATE_TERMINATED_2;
    Thread->Tcb.DispatcherHeader.SignalState = TRUE;
    KeDispatcherObjectWake(&Thread->Tcb.DispatcherHeader);
    KeReleaseSpinLock(&PiThreadListLock, oldIrql);
+   if (IsListEmpty(&Thread->ThreadsProcess->Pcb.ThreadListHead))
+     {
+	PiTerminateProcess(Thread->ThreadsProcess, ExitStatus);
+     }
    ObDereferenceObject(Thread);
 }
 
@@ -160,13 +171,20 @@ NTSTATUS STDCALL PiTerminateProcess(PEPROCESS Process,
    DPRINT("PsTerminateProcess(Process %x, ExitStatus %x)\n",
           Process, ExitStatus);
    
+   if (Process->Pcb.ProcessState == PROCESS_STATE_TERMINATED)
+     {
+	return(STATUS_SUCCESS);
+     }
+   
    PiTerminateProcessThreads(Process, ExitStatus);
    ObCloseAllHandles(Process);
    KeRaiseIrql(DISPATCH_LEVEL, &oldlvl);
    Process->Pcb.ProcessState = PROCESS_STATE_TERMINATED;
    Process->Pcb.DispatcherHeader.SignalState = TRUE;
+   DPRINT("Type %x\n", BODY_TO_HEADER(Process)->ObjectType);
    KeDispatcherObjectWake(&Process->Pcb.DispatcherHeader);
    KeLowerIrql(oldlvl);
+   DPRINT("Type %x\n", BODY_TO_HEADER(Process)->ObjectType);
    return(STATUS_SUCCESS);
 }
 
@@ -193,7 +211,9 @@ NTSTATUS STDCALL NtTerminateProcess(IN	HANDLE		ProcessHandle,
    PiTerminateProcess(Process, ExitStatus);
    if (PsGetCurrentThread()->ThreadsProcess == Process)
    {
+      DPRINT("Type %x\n", BODY_TO_HEADER(Process)->ObjectType);
       ObDereferenceObject(Process);
+      DPRINT("Type %x\n", BODY_TO_HEADER(Process)->ObjectType);
       PsTerminateCurrentThread(ExitStatus);
    }
    ObDereferenceObject(Process);

reactos/ntoskrnl/ps/process.c

@@ -36,6 +36,36 @@ static ULONG PiNextProcessUniqueId = 0;
 
 /* FUNCTIONS *****************************************************************/
 
+PACCESS_TOKEN PsReferencePrimaryToken(PEPROCESS Process)
+{
+   ObReferenceObjectByPointer(Process->Token,
+			      GENERIC_ALL,
+			      SeTokenType,
+			      UserMode);
+   return(Process->Token);
+}
+
+NTSTATUS PsOpenTokenOfProcess(HANDLE ProcessHandle,
+			      PACCESS_TOKEN* Token)
+{
+   PEPROCESS Process;
+   NTSTATUS Status;
+   
+   Status = ObReferenceObjectByHandle(ProcessHandle,
+				      PROCESS_QUERY_INFORMATION,
+				      PsProcessType,
+				      UserMode,
+				      (PVOID*)&Process,
+				      NULL);
+   if (!NT_SUCCESS(Status))
+     {
+	return(Status);
+     }
+   *Token = PsReferencePrimaryToken(Process);
+   ObDereferenceObject(Process);
+   return(STATUS_SUCCESS);
+}
+
 VOID PiKillMostProcesses(VOID)
 {
    KIRQL oldIrql;
@@ -205,9 +235,7 @@ struct _EPROCESS* PsGetCurrentProcess(VOID)
      }
 }
 
-NTSTATUS
+NTSTATUS STDCALL NtCreateProcess (
-STDCALL
-NtCreateProcess (
 	OUT	PHANDLE			ProcessHandle,
 	IN	ACCESS_MASK		DesiredAccess,
 	IN	POBJECT_ATTRIBUTES	ObjectAttributes	OPTIONAL,

reactos/ntoskrnl/se/acl.c

@@ -0,0 +1,198 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/se/acl.c
+ * PROGRAMER:         David Welch <welch@cwcom.net>
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/debug.h>
+
+/* FUNCTIONS ***************************************************************/
+
+BOOLEAN RtlFirstFreeAce(PACL Acl, PACE* Ace)
+{
+   PACE Current;
+   PVOID AclEnd;
+   ULONG i;
+     
+   Current = (PACE)(Acl + 1);
+   *Ace = NULL;
+   i = 0;
+   if (Acl->AceCount == 0)
+     {
+	*Ace = Current;
+	return(TRUE);
+     }
+   AclEnd = Acl->AclSize + Acl;
+   do
+     {
+	if ((PVOID)Current >= AclEnd)
+	  {
+	     return(FALSE);
+	  }
+	if (Current->Header.AceType == 4)
+	  {
+	     if (Acl->AclRevision < 3)
+	       {
+		  return(FALSE);
+	       }
+	  }
+	Current = (PACE)((PVOID)Current + (ULONG)Current->Header.AceSize);
+	i++;
+     } while (i < Acl->AceCount);
+   if ((PVOID)Current >= AclEnd)
+     {
+	return(FALSE);
+     }
+   *Ace = Current;
+   return(TRUE);
+}
+
+NTSTATUS RtlpAddKnownAce(PACL Acl,
+			 ULONG Revision,
+			 ACCESS_MASK AccessMask,
+			 PSID Sid,
+			 ULONG Type)
+{
+   PACE Ace;
+   
+   if (!RtlValidSid(Sid))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (Acl->AclRevision > 3 ||
+       Revision > 3)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (Revision < Acl->AclRevision)
+     {
+	Revision = Acl->AclRevision;
+     }
+   if (!RtlFirstFreeAce(Acl, &Ace))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (Ace == NULL)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (((PVOID)Ace + RtlLengthSid(Sid) + sizeof(ACE)) >= 
+       ((PVOID)Acl + Acl->AclSize))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   Ace->Header.AceFlags = 0;
+   Ace->Header.AceType = Type;
+   Ace->Header.AceSize = RtlLengthSid(Sid) + sizeof(ACE);
+   Ace->Header.AccessMask = AccessMask;
+   RtlCopySid(RtlLengthSid(Sid), Sid, (PSID)Ace + 1);
+   Acl->AceCount++;
+   Acl->AclRevision = Revision;
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlAddAccessAllowedAce(PACL Acl,
+				ULONG Revision,
+				ACCESS_MASK AccessMask,
+				PSID Sid)
+{
+   return(RtlpAddKnownAce(Acl, Revision, AccessMask, Sid, 0));
+}
+
+NTSTATUS RtlAddAcl(PACL Acl,
+		   ULONG AclRevision,
+		   ULONG StartingIndex,
+		   PACE AceList,
+		   ULONG AceListLength)
+{   
+   PACE Ace;
+   ULONG i;
+   PACE Current;
+   ULONG j;
+   
+   if (Acl->AclRevision != 2 &&
+       Acl->AclRevision != 3)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (!RtlFirstFreeAce(Acl,&Ace))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (Acl->AclRevision <= AclRevision)
+     {
+	AclRevision = Acl->AclRevision;
+     }
+   if (((PVOID)AceList + AceListLength) <= (PVOID)AceList)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   i = 0;
+   Current = (PACE)(Acl + 1);
+   while ((PVOID)Current < ((PVOID)AceList + AceListLength))
+     {
+	if (AceList->Header.AceType == 4 &&
+	    AclRevision < 3)
+	  {
+	     return(STATUS_UNSUCCESSFUL);
+	  }
+	Current = (PACE)((PVOID)Current + Current->Header.AceSize);
+     }
+   if (Ace == NULL)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (((PVOID)Ace + AceListLength) >= ((PVOID)Acl + Acl->AclSize))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (StartingIndex != 0)
+     {
+	if (Acl->AceCount > 0)
+	  {
+	     Current = (PACE)(Acl + 1);
+	     for (j = 0; j < StartingIndex; j++)
+	       {
+		  Current = (PACE)((PVOID)Current + Current->Header.AceSize);
+	       }
+	  }
+     }
+   /* RtlpAddData(AceList, AceListLength, Current, (PVOID)Ace - Current)); */
+   memcpy(Current, AceList, AceListLength);
+   Acl->AceCount = Acl->AceCount + i;
+   Acl->AclRevision = AclRevision;
+   return(TRUE);
+}
+       
+       
+NTSTATUS RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
+{
+   if (AclSize < 8)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (AclRevision != 2 ||
+       AclRevision != 3)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (AclSize > 0xffff)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   AclSize = AclSize & ~(0x3);
+   Acl->AclSize = AclSize;
+   Acl->AclRevision = AclRevision;
+   Acl->AceCount = 0;
+   Acl->Sbz1 = 0;
+   Acl->Sbz2 = 0;
+   return(STATUS_SUCCESS);
+}

reactos/ntoskrnl/se/luid.c

@@ -0,0 +1,36 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/se/semgr.c
+ * PROGRAMER:         ?
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/debug.h>
+
+/* GLOBALS *******************************************************************/
+
+static KSPIN_LOCK LuidLock;
+static LARGE_INTEGER LuidIncrement;
+static LUID Luid;
+
+/* FUNCTIONS *****************************************************************/
+
+NTSTATUS STDCALL NtAllocateLocallyUniqueId(OUT LUID* LocallyUniqueId)
+{
+   KIRQL oldIrql;
+   LUID ReturnedLuid;
+   
+   KeAcquireSpinLock(&LuidLock, &oldIrql);
+   ReturnedLuid = Luid;
+   Luid = RtlLargeIntegerAdd(Luid, LuidIncrement);
+   KeReleaseSpinLock(&LuidLock, oldIrql);
+   *LocallyUniqueId = ReturnedLuid;
+   return(STATUS_SUCCESS);
+}

reactos/ntoskrnl/se/sd.c

@@ -0,0 +1,286 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/se/sd.c
+ * PROGRAMER:         David Welch <welch@cwcom.net>
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/debug.h>
+
+/* FUNCTIONS ***************************************************************/
+
+NTSTATUS RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				     ULONG Revision)
+{
+   if (Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   SecurityDescriptor->Revision = 1;
+   SecurityDescriptor->Sbz1 = 0;
+   SecurityDescriptor->Control = 0;
+   SecurityDescriptor->Owner = NULL;
+   SecurityDescriptor->Group = NULL;
+   SecurityDescriptor->Sacl = NULL;
+   SecurityDescriptor->Dacl = NULL;
+   return(STATUS_SUCCESS);
+}
+
+ULONG RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+   PSID Owner;
+   PSID Group;
+   ULONG Length;
+   PACL Dacl;
+   PACL Sacl;
+   
+   Length = sizeof(SECURITY_DESCRIPTOR);
+   
+   if (SecurityDescriptor->Owner != NULL)
+     {
+	Owner = SecurityDescriptor->Owner;
+	if (SecurityDescriptor->Control & 0x80)
+	  {
+	     Owner = (PSID)((ULONG)Owner + 
+			    (ULONG)SecurityDescriptor);
+	  }
+	Length = Length + ((sizeof(SID) + (Owner->SubAuthorityCount - 1) * 
+			   sizeof(ULONG) + 3) & 0xfc);
+     }
+   if (SecurityDescriptor->Group != NULL)
+     {
+	Group = SecurityDescriptor->Group;
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
+	  }
+	Length = Length + ((sizeof(SID) + (Group->SubAuthorityCount - 1) *
+			   sizeof(ULONG) + 3) & 0xfc);
+     }
+      if (SecurityDescriptor->Control & 0x4 &&
+       SecurityDescriptor->Dacl != NULL)
+     {
+	Dacl = SecurityDescriptor->Dacl;
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     Dacl = (PACL)((ULONG)Dacl + (PVOID)SecurityDescriptor);
+	  }
+	Length = Length + ((Dacl->AclSize + 3) & 0xfc);
+     }
+   if (SecurityDescriptor->Control & 0x10 &&
+       SecurityDescriptor->Sacl != NULL)
+     {
+	Sacl = SecurityDescriptor->Sacl;
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     Sacl = (PACL)((ULONG)Sacl + (PVOID)SecurityDescriptor);
+	  }
+	Length = Length + ((Sacl->AclSize + 3) & 0xfc);
+     }
+   return(Length);
+}
+
+NTSTATUS RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				      PBOOLEAN DaclPresent,
+				      PACL* Dacl,
+				      PBOOLEAN DaclDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (!(SecurityDescriptor->Control & 0x4))
+     {
+	*DaclPresent = 0;
+	return(STATUS_SUCCESS);
+     }
+   *DaclPresent = 1;
+   if (SecurityDescriptor->Dacl == NULL)
+     {
+	*Dacl = NULL;
+     }
+   else
+     {
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     *Dacl = (PACL)((ULONG)SecurityDescriptor->Dacl +
+			    (PVOID)SecurityDescriptor);
+	  }
+	else
+	  {
+	     *Dacl = SecurityDescriptor->Dacl;
+	  }
+     }
+   if (SecurityDescriptor->Control & 0x8)
+     {
+	*DaclDefaulted = 1;
+     }
+   else
+     {
+	*DaclDefaulted = 0;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				      BOOLEAN DaclPresent,
+				      PACL Dacl,
+				      BOOLEAN DaclDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Control & 0x8000)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (!DaclPresent)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x4);
+	return(STATUS_SUCCESS);
+     }
+   SecurityDescriptor->Control = SecurityDescriptor->Control | 0x4;
+   SecurityDescriptor->Dacl = Dacl;
+   SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x8);
+   if (DaclDefaulted)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control | 0x80;
+     }
+   return(STATUS_SUCCESS);
+}
+
+BOOLEAN RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+   UNIMPLEMENTED;
+}
+
+NTSTATUS RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				      PSID Owner,
+				      BOOLEAN OwnerDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Control & 0x8000)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   SecurityDescriptor->Owner = Owner;
+   SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x1);
+   if (OwnerDefaulted)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control | 0x1;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID* Owner,
+				       PBOOLEAN OwnerDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Owner != NULL)
+     {
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     *Owner = (PSID)((ULONG)SecurityDescriptor->Owner +
+			     (PVOID)SecurityDescriptor);
+	  }
+	else
+	  {
+	     *Owner = SecurityDescriptor->Owner;
+	  }
+     }
+   else
+     {
+	*Owner = NULL;
+     }
+   if (SecurityDescriptor->Control & 0x1)
+     {
+	*OwnerDefaulted = 1;
+     }
+   else
+     {
+	*OwnerDefaulted = 0;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlSetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID Group,
+				       BOOLEAN GroupDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Control & 0x8000)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   SecurityDescriptor->Group = Group;
+   SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x2);
+   if (GroupDefaulted)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control | 0x2;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+				       PSID* Group,
+				       PBOOLEAN GroupDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Group != NULL)
+     {
+	if (SecurityDescriptor->Control & 0x8000)
+	  {
+	     *Group = (PSID)((ULONG)SecurityDescriptor->Group +
+			     (PVOID)SecurityDescriptor);
+	  }
+	else
+	  {
+	     *Group = SecurityDescriptor->Group;
+	  }
+     }
+   else
+     {
+	*Group = NULL;
+     }
+   if (SecurityDescriptor->Control & 0x2)
+     {
+	*GroupDefaulted = 1;
+     }
+   else
+     {
+	*GroupDefaulted = 0;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
+				     PSECURITY_DESCRIPTOR RelSD,
+				     PULONG BufferLength)
+{
+   if (AbsSD->Control & 0x8000)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   UNIMPLEMENTED;
+}

reactos/ntoskrnl/se/semgr.c

@@ -17,66 +17,10 @@
 /* FUNCTIONS ***************************************************************/
 
 
-NTSTATUS
-STDCALL
-NtQueryInformationToken (
-	IN	HANDLE			TokenHandle,     
-	IN	TOKEN_INFORMATION_CLASS	TokenInformationClass,
-	OUT	PVOID			TokenInformation,  
-  	IN	ULONG			TokenInformationLength,
-  	OUT	PULONG			ReturnLength
-	)
-{
-	UNIMPLEMENTED;
-}
 
-
+NTSTATUS STDCALL NtPrivilegeCheck (IN	HANDLE		ClientToken,
-NTSTATUS
+				   IN	PPRIVILEGE_SET	RequiredPrivileges,  
-STDCALL
+				   IN	PBOOLEAN	Result)
-NtQuerySecurityObject (
-	IN	HANDLE	Object,
-	IN	CINT	SecurityObjectInformationClass,
-	OUT	PVOID	SecurityObjectInformation,
-	IN	ULONG	Length,
-	OUT	PULONG	ReturnLength
-	)
-{
-	UNIMPLEMENTED;
-}
-
-
-NTSTATUS
-STDCALL
-NtSetSecurityObject(
-	IN	HANDLE			Handle, 
-	IN	SECURITY_INFORMATION	SecurityInformation, 
-	IN	PSECURITY_DESCRIPTOR	SecurityDescriptor 
-	)
-{
-   UNIMPLEMENTED;
-}
-
-
-NTSTATUS
-STDCALL
-NtSetInformationToken(
-	IN	HANDLE			TokenHandle,            
-	IN	TOKEN_INFORMATION_CLASS	TokenInformationClass,
-	OUT	PVOID			TokenInformation,       
-	IN	ULONG			TokenInformationLength   
-	)
-{
-	UNIMPLEMENTED;
-}
-
-
-NTSTATUS
-STDCALL
-NtPrivilegeCheck (
-	IN	HANDLE		ClientToken,             
-	IN	PPRIVILEGE_SET	RequiredPrivileges,  
-	IN	PBOOLEAN	Result                    
-	)
 {
    UNIMPLEMENTED;
 }
@@ -155,19 +99,6 @@ NtOpenThreadToken (
 }
 
 
-NTSTATUS
-STDCALL
-NtDuplicateToken (
-	IN	HANDLE				ExistingToken, 
-	IN	ACCESS_MASK			DesiredAccess, 
-	IN	POBJECT_ATTRIBUTES		ObjectAttributes,
-	IN	SECURITY_IMPERSONATION_LEVEL	ImpersonationLevel,
-	IN	TOKEN_TYPE			TokenType,  
-	OUT	PHANDLE				NewToken
-	)
-{
-	UNIMPLEMENTED;
-}
 
 
 NTSTATUS STDCALL NtImpersonateThread (IN HANDLE ThreadHandle,
@@ -179,37 +110,6 @@ NTSTATUS STDCALL NtImpersonateThread (IN HANDLE ThreadHandle,
 }
 
 
-NTSTATUS
-STDCALL
-NtCreateToken (
-	OUT PHANDLE TokenHandle,
-	IN ACCESS_MASK DesiredAccess,
-	IN POBJECT_ATTRIBUTES ObjectAttributes,
-	IN TOKEN_TYPE TokenType,
-	IN PLUID AuthenticationId,
-	IN PLARGE_INTEGER ExpirationTime,
-	IN PTOKEN_USER TokenUser,
-	IN PTOKEN_GROUPS TokenGroups,
-	IN PTOKEN_PRIVILEGES TokenPrivileges,
-	IN PTOKEN_OWNER TokenOwner,
-	IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
-	IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
-	IN PTOKEN_SOURCE TokenSource
-	)
-{
-	UNIMPLEMENTED;
-}
-
-
-NTSTATUS
-STDCALL
-NtAllocateLocallyUniqueId (
-	OUT	LUID	* LocallyUniqueId
-	)
-{
-	UNIMPLEMENTED;
-}
-
 
 NTSTATUS
 STDCALL
@@ -299,34 +199,135 @@ NtDeleteObjectAuditAlarm (
  UNIMPLEMENTED;
 }
 
-NTSTATUS RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+VOID SeReleaseSubjectContext(PSECURITY_SUBJECT_CONTEXT SubjectContext)
-				     ULONG Revision)
 {
-   UNIMPLEMENTED;
+   
 }
 
-ULONG RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
+VOID SeCaptureSubjectContext(PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
-   UNIMPLEMENTED;
+   PEPROCESS Process;
+   ULONG a;
+   ULONG b;
+   
+   Process = PsGetCurrentThread()->ThreadsProcess;
+   
+   SubjectContext->ProcessAuditId = Process;
+   SubjectContext->ClientToken = 
+     PsReferenceImpersonationToken(PsGetCurrentThread(),
+				   &a,
+				   &b,
+				   &SubjectContext->ImpersonationLevel);
+   SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
 }
 
-NTSTATUS RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+BOOLEAN SepPrivilegeCheck(PACCESS_TOKEN Token,
-				      BOOLEAN DaclPresent,
+			  PLUID_AND_ATTRIBUTES Privileges,
-				      PACL Dacl,
+			  ULONG PrivilegeCount,
-				      BOOLEAN DaclDefaulted)
+			  ULONG PrivilegeControl,
+			  KPROCESSOR_MODE PreviousMode)
 {
-   UNIMPLEMENTED;
+   ULONG i;
-}
+   PLUID_AND_ATTRIBUTES Current;
+   ULONG j;
+   ULONG k;
+   
+   if (PreviousMode == KernelMode)
+     {
+	return(TRUE);
+     }
+   
+   j = 0;
+   if (PrivilegeCount != 0)
+     {
+	k = PrivilegeCount;
+	do
+	  {
+	     i = Token->PrivilegeCount;
+	     Current = Token->Privileges;
+	     for (i = 0; i < Token->PrivilegeCount; i++)
+	       {
+		  if (!(Current[i].Attributes & 2) &&
+		      Privileges[i].Luid.u.LowPart == 
+		      Current[i].Luid.u.LowPart &&
+		      Privileges[i].Luid.u.HighPart == 
+		      Current[i].Luid.u.HighPart)
+		    {
+		       Privileges[i].Attributes = 
+			 Privileges[i].Attributes | 0x80;
+		       j++;
+		       break;
+		    }
+	       }
+	     k--;
+	  } while (k > 0);
+     }
+   
+   if ((PrivilegeControl & 0x2) && PrivilegeCount == j)       
+     {
+	return(TRUE);
+     }
+       
+   if (j > 0 && !(PrivilegeControl & 0x2))
+     {
+	return(TRUE);
+     }
 
-BOOLEAN RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
+   return(FALSE);
+}
+   
+BOOLEAN SePrivilegeCheck(PPRIVILEGE_SET Privileges,
+			 PSECURITY_SUBJECT_CONTEXT SubjectContext,
+			 KPROCESSOR_MODE PreviousMode)
 {
-   UNIMPLEMENTED;
+   PACCESS_TOKEN Token = NULL;
+   
+   if (SubjectContext->ClientToken == NULL)
+     {
+	Token = SubjectContext->PrimaryToken;
+     }
+   else
+     {
+	Token = SubjectContext->ClientToken;
+	if (SubjectContext->ImpersonationLevel < 2)
+	  {
+	     return(FALSE);
+	  }
+     }
+   
+   return(SepPrivilegeCheck(Token,
+			    Privileges->Privilege,
+			    Privileges->PrivilegeCount,
+			    Privileges->Control,
+			    PreviousMode));			    
 }
 
 BOOLEAN SeSinglePrivilegeCheck(LUID PrivilegeValue,
 			       KPROCESSOR_MODE PreviousMode)
 {
-   UNIMPLEMENTED;
+   SECURITY_SUBJECT_CONTEXT SubjectContext;
+   BOOLEAN r;
+   PRIVILEGE_SET Priv;
+   
+   SeCaptureSubjectContext(&SubjectContext);
+   
+   Priv.PrivilegeCount = 1;
+   Priv.Control = 1;
+   Priv.Privilege[0].Luid = PrivilegeValue;
+   Priv.Privilege[0].Attributes = 0;
+   
+   r = SePrivilegeCheck(&Priv,
+			&SubjectContext,
+			PreviousMode);
+      
+   if (PreviousMode != KernelMode)
+     {
+/*	SePrivilegeServiceAuditAlarm(0,
+				     &SubjectContext,
+				     &PrivilegeValue);*/
+     }
+   SeReleaseSubjectContext(&SubjectContext);
+   return(r);
 }
 
 NTSTATUS SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor)
@@ -358,12 +359,12 @@ BOOLEAN SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
  * FUNCTION: Determines whether the requested access rights can be granted
  * to an object protected by a security descriptor and an object owner
  * ARGUMENTS:
- *      SecurityDescriptor = Security descriptor protected the object
+ *      SecurityDescriptor = Security descriptor protecting the object
  *      SubjectSecurityContext = Subject's captured security context
  *      SubjectContextLocked = Indicates the user's subject context is locked
  *      DesiredAccess = Access rights the caller is trying to acquire
  *      PreviouslyGrantedAccess = Specified the access rights already granted
- *      Priveleges = ?
+ *      Privileges = ?
  *      GenericMapping = Generic mapping associated with the object
  *      AccessMode = Access mode used for the check
  *      GrantedAccess (OUT) = On return specifies the access granted
@@ -371,7 +372,67 @@ BOOLEAN SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
  * RETURNS: If access was granted, returns TRUE
  */
 {
-   UNIMPLEMENTED;
+   ULONG i;
+   PACL Dacl;
+   BOOLEAN Present;
+   BOOLEAN Defaulted;
+   NTSTATUS Status;
+   PACE CurrentAce;
+   PSID Sid;
+   ACCESS_MASK CurrentAccess;
+   
+   CurrentAccess = PreviouslyGrantedAccess;
+   
+   /*    
+    * Ignore the SACL for now
+    */
+   
+   /*
+    * Check the DACL
+    */
+   Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
+					 &Present,
+					 &Dacl,
+					 &Defaulted);
+   if (!NT_SUCCESS(Status))
+     {
+	return(Status);
+     }
+   
+   CurrentAce = (PACE)(Dacl + 1);
+   for (i = 0; i < Dacl->AceCount; i++)
+     {
+	Sid = (PSID)(CurrentAce + 1);
+	if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
+	  {
+	     if (RtlEqualSid(Sid, NULL))
+	       {
+		  *AccessStatus = STATUS_ACCESS_DENIED;
+		  *GrantedAccess = 0;
+		  return(STATUS_SUCCESS);
+	       }
+	  }
+	if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
+	  {
+	     if (RtlEqualSid(Sid, NULL))
+	       {
+		  CurrentAccess = CurrentAccess | 
+		    CurrentAce->Header.AccessMask;		  
+	       }
+	  }
+     }
+   if (!(CurrentAccess & DesiredAccess) &&
+       !((~CurrentAccess) & DesiredAccess))
+     {
+	*AccessStatus = STATUS_ACCESS_DENIED;	
+     }
+   else
+     {
+	*AccessStatus = STATUS_SUCCESS;
+     }
+   *GrantedAccess = CurrentAccess;
+   
+   return(STATUS_SUCCESS);
 }
 
 

reactos/ntoskrnl/se/sid.c

@@ -0,0 +1,90 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/se/sid.c
+ * PROGRAMER:         David Welch <welch@cwcom.net>
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/debug.h>
+
+/* FUNCTIONS ***************************************************************/
+
+BOOLEAN RtlValidSid(PSID Sid)
+{
+   if ((Sid->Revision & 0xf) != 1)
+     {
+	return(FALSE);
+     }
+   if (Sid->SubAuthorityCount > 15)
+     {
+	return(FALSE);
+     }
+   return(TRUE);
+}
+
+ULONG RtlLengthRequiredSid(UCHAR SubAuthorityCount)
+{
+   return(sizeof(SID) + (SubAuthorityCount - 1) * sizeof(ULONG));
+}
+
+NTSTATUS RtlInitializeSid(PSID Sid,
+			  PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
+			  UCHAR SubAuthorityCount)
+{
+   Sid->Revision = 1;
+   Sid->SubAuthorityCount = SubAuthorityCount;
+   memcpy(&Sid->IdentifierAuthority, IdentifierAuthority, 
+	  sizeof(SID_IDENTIFIER_AUTHORITY));
+   return(STATUS_SUCCESS);
+}
+
+PULONG RtlSubAuthoritySid(PSID Sid, ULONG SubAuthority)
+{
+   return(&Sid->SubAuthority[SubAuthority]);
+}
+
+PUCHAR RtlSubAuthorityCountSid(PSID Sid)
+{
+   return(&Sid->SubAuthorityCount);
+}
+
+BOOLEAN RtlEqualSid(PSID Sid1, PSID Sid2)
+{
+   if (Sid1->Revision != Sid2->Revision)
+     {
+	return(FALSE);
+     }
+   if ((*RtlSubAuthorityCountSid(Sid1)) !=
+       (*RtlSubAuthorityCountSid(Sid2)))
+     {
+	return(FALSE);
+     }
+   if (memcmp(Sid1, Sid2, RtlLengthSid(Sid1) != 0))
+     {
+	return(FALSE);
+     }
+   return(TRUE);
+}
+
+ULONG RtlLengthSid(PSID Sid)
+{
+   return(sizeof(SID) + (Sid->SubAuthorityCount-1)*4);
+}
+
+
+NTSTATUS RtlCopySid(ULONG BufferLength, PSID Src, PSID Dest)
+{
+   if (BufferLength < RtlLengthSid(Src))
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   memmove(Dest, Src, RtlLengthSid(Src));
+   return(STATUS_SUCCESS);
+}

reactos/ntoskrnl/se/token.c

@@ -0,0 +1,120 @@
+/*
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Security manager
+ * FILE:              kernel/se/token.c
+ * PROGRAMER:         David Welch <welch@cwcom.net>
+ * REVISION HISTORY:
+ *                 26/07/98: Added stubs for security functions
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <internal/debug.h>
+
+/* GLOBALS *******************************************************************/
+
+POBJECT_TYPE SeTokenType = NULL;
+
+/* FUNCTIONS *****************************************************************/
+
+VOID SeInitializeTokenManager(VOID)
+{
+   UNICODE_STRING TypeName;
+   
+   RtlInitUnicodeString(&TypeName, L"Token");
+   
+   SeTokenType = ExAllocatePool(NonPagedPool, sizeof(OBJECT_TYPE));
+   
+   SeTokenType->MaxObjects = ULONG_MAX;
+   SeTokenType->MaxHandles = ULONG_MAX;
+   SeTokenType->TotalObjects = 0;
+   SeTokenType->TotalHandles = 0;
+   SeTokenType->PagedPoolCharge = 0;
+   SeTokenType->NonpagedPoolCharge = 0;
+   SeTokenType->Dump = NULL;
+   SeTokenType->Open = NULL;
+   SeTokenType->Close = NULL;
+   SeTokenType->Delete = NULL;
+   SeTokenType->Parse = NULL;
+   SeTokenType->Security = NULL;
+   SeTokenType->QueryName = NULL;
+   SeTokenType->OkayToClose = NULL;
+   SeTokenType->Create = NULL;
+   
+}
+
+NTSTATUS STDCALL NtQueryInformationToken(IN HANDLE TokenHandle,     
+					 IN TOKEN_INFORMATION_CLASS 
+					 TokenInformationClass,
+					 OUT PVOID TokenInformation,  
+					 IN ULONG TokenInformationLength,
+					 OUT PULONG ReturnLength)
+{
+   NTSTATUS Status;
+   PACCESS_TOKEN Token;
+   
+   Status = ObReferenceObjectByHandle(TokenHandle,
+//				      TOKEN_QUERY_INFORMATION,
+				      0,
+				      SeTokenType,
+				      UserMode,
+				      (PVOID*)&Token,
+				      NULL);
+   if (!NT_SUCCESS(Status))
+     {
+	return(Status);
+     }
+   
+   ObDereferenceObject(Token);
+   return(STATUS_SUCCESS);
+}
+
+
+
+
+NTSTATUS
+STDCALL
+NtSetInformationToken(
+	IN	HANDLE			TokenHandle,            
+	IN	TOKEN_INFORMATION_CLASS	TokenInformationClass,
+	OUT	PVOID			TokenInformation,       
+	IN	ULONG			TokenInformationLength   
+	)
+{
+	UNIMPLEMENTED;
+}
+
+NTSTATUS
+STDCALL
+NtDuplicateToken (
+	IN	HANDLE				ExistingToken, 
+	IN	ACCESS_MASK			DesiredAccess, 
+	IN	POBJECT_ATTRIBUTES		ObjectAttributes,
+	IN	SECURITY_IMPERSONATION_LEVEL	ImpersonationLevel,
+	IN	TOKEN_TYPE			TokenType,  
+	OUT	PHANDLE				NewToken
+	)
+{
+	UNIMPLEMENTED;
+}
+
+NTSTATUS STDCALL NtCreateToken(OUT PHANDLE TokenHandle,
+			       IN ACCESS_MASK DesiredAccess,
+			       IN POBJECT_ATTRIBUTES ObjectAttributes,
+			       IN TOKEN_TYPE TokenType,
+			       IN PLUID AuthenticationId,
+			       IN PLARGE_INTEGER ExpirationTime,
+			       IN PTOKEN_USER TokenUser,
+			       IN PTOKEN_GROUPS TokenGroups,
+			       IN PTOKEN_PRIVILEGES TokenPrivileges,
+			       IN PTOKEN_OWNER TokenOwner,
+			       IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
+			       IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
+			       IN PTOKEN_SOURCE TokenSource)
+{
+	UNIMPLEMENTED;
+}
+

reactos/subsys/csrss/api/handle.c

@@ -0,0 +1,20 @@
+/* $Id: handle.c,v 1.1 1999/12/26 15:50:53 dwelch Exp $
+ *
+ * reactos/subsys/csrss/api/handle.c
+ *
+ * Console I/O functions
+ *
+ * ReactOS Operating System
+ */
+
+/* INCLUDES ******************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include "csrss.h"
+#include "api.h"
+
+/* FUNCTIONS *****************************************************************/
+
+NTSTATUS CsrCreateObject(PHANDLE Handle,
+			 PVOID Object)