[NTOS:CM]

- Return a valid security descriptor for keys, even though it's hacked. Based on code removed in r26704. CORE-8382 #resolve #comment Fixed, now we fail with E_FAIL instead. Hurray. svn path=/trunk/; revision=63777
2025-05-23 19:14:48 +00:00 · 2014-07-29 22:21:37 +00:00 · 2014-07-29 22:21:37 +00:00 · 602fd06fa1
commit 602fd06fa1
parent 0e1dff05eb
1 changed files with 100 additions and 0 deletions
--- a/reactos/ntoskrnl/config/cmse.c
+++ b/reactos/ntoskrnl/config/cmse.c
@ -137,6 +137,74 @@ CmpHiveRootSecurityDescriptor(VOID)
    return SecurityDescriptor;
 }

+NTSTATUS
+CmpQuerySecurityDescriptor(IN PCM_KEY_BODY KeyBody,
+                           IN SECURITY_INFORMATION SecurityInformation,
+                           OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
+                           IN OUT PULONG BufferLength)
+{
+    PISECURITY_DESCRIPTOR_RELATIVE RelSd;
+    PUCHAR Current;
+    ULONG SidSize;
+    ULONG SdSize;
+    NTSTATUS Status;
+
+    DBG_UNREFERENCED_PARAMETER(KeyBody);
+
+    if (SecurityInformation == 0)
+    {
+        return STATUS_ACCESS_DENIED;
+    }
+
+    SidSize = RtlLengthSid(SeWorldSid);
+    SdSize = sizeof(*RelSd) + 2 * SidSize;
+    RelSd = SecurityDescriptor;
+
+    if (*BufferLength < SdSize)
+    {
+        *BufferLength = SdSize;
+        return STATUS_BUFFER_TOO_SMALL;
+    }
+
+    *BufferLength = SdSize;
+
+    Status = RtlCreateSecurityDescriptorRelative(RelSd,
+                                                 SECURITY_DESCRIPTOR_REVISION);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    Current = (PUCHAR)(RelSd + 1);
+    ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+
+    if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+    {
+        RtlCopyMemory(Current, SeWorldSid, SidSize);
+        RelSd->Owner = Current - (PUCHAR)RelSd;
+        Current += SidSize;
+        ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+    }
+
+    if (SecurityInformation & GROUP_SECURITY_INFORMATION)
+    {
+        RtlCopyMemory(Current, SeWorldSid, SidSize);
+        RelSd->Group = Current - (PUCHAR)RelSd;
+        Current += SidSize;
+        ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+    }
+
+    if (SecurityInformation & DACL_SECURITY_INFORMATION)
+    {
+        RelSd->Control |= SE_DACL_PRESENT;
+    }
+
+    if (SecurityInformation & SACL_SECURITY_INFORMATION)
+    {
+        RelSd->Control |= SE_SACL_PRESENT;
+    }
+
+    return STATUS_SUCCESS;
+}
+
 NTSTATUS
 NTAPI
 CmpSecurityMethod(IN PVOID ObjectBody,
@ -148,6 +216,38 @@ CmpSecurityMethod(IN PVOID ObjectBody,
                  IN POOL_TYPE PoolType,
                  IN PGENERIC_MAPPING GenericMapping)
 {
+    DBG_UNREFERENCED_PARAMETER(OldSecurityDescriptor);
+    DBG_UNREFERENCED_PARAMETER(GenericMapping);
+
+    switch (OperationCode)
+    {
+        case SetSecurityDescriptor:
+            DPRINT("Set security descriptor\n");
+            ASSERT((PoolType == PagedPool) || (PoolType == NonPagedPool));
+            /* HACK */
+            break;
+
+        case QuerySecurityDescriptor:
+            DPRINT("Query security descriptor\n");
+            return CmpQuerySecurityDescriptor(ObjectBody,
+                                              *SecurityInformation,
+                                              SecurityDescriptor,
+                                              BufferLength);
+
+        case DeleteSecurityDescriptor:
+            DPRINT("Delete security descriptor\n");
+            /* HACK */
+            break;
+
+        case AssignSecurityDescriptor:
+            DPRINT("Assign security descriptor\n");
+            /* HACK */
+            break;
+
+        default:
+            KeBugCheckEx(SECURITY_SYSTEM, 0, STATUS_INVALID_PARAMETER, 0, 0);
+    }
+
    /* HACK */
    return STATUS_SUCCESS;
 }