mirror of
https://github.com/reactos/reactos.git
synced 2024-07-01 02:10:07 +00:00
[NTOSKRNL] Use the appropriated security descriptor when creating a device
CORE-9176
This commit is contained in:
parent
36c38c45ee
commit
73e7a5d474
|
@ -1045,6 +1045,8 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
ULONG AlignedDeviceExtensionSize;
|
ULONG AlignedDeviceExtensionSize;
|
||||||
ULONG TotalSize;
|
ULONG TotalSize;
|
||||||
HANDLE TempHandle;
|
HANDLE TempHandle;
|
||||||
|
PACL Dacl;
|
||||||
|
SECURITY_DESCRIPTOR SecurityDescriptor, *ReturnedSD;
|
||||||
PAGED_CODE();
|
PAGED_CODE();
|
||||||
|
|
||||||
/* Check if we have to generate a name */
|
/* Check if we have to generate a name */
|
||||||
|
@ -1060,12 +1062,20 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
DeviceName = &AutoName;
|
DeviceName = &AutoName;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Get the security descriptor */
|
||||||
|
ReturnedSD = IopCreateDefaultDeviceSecurityDescriptor(DeviceType,
|
||||||
|
DeviceCharacteristics,
|
||||||
|
DeviceName != NULL,
|
||||||
|
&SecurityDescriptor,
|
||||||
|
&Dacl,
|
||||||
|
NULL);
|
||||||
|
|
||||||
/* Initialize the Object Attributes */
|
/* Initialize the Object Attributes */
|
||||||
InitializeObjectAttributes(&ObjectAttributes,
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
DeviceName,
|
DeviceName,
|
||||||
OBJ_KERNEL_HANDLE,
|
OBJ_KERNEL_HANDLE,
|
||||||
NULL,
|
NULL,
|
||||||
SePublicOpenUnrestrictedSd);
|
ReturnedSD);
|
||||||
|
|
||||||
/* Honor exclusive flag */
|
/* Honor exclusive flag */
|
||||||
if (Exclusive) ObjectAttributes.Attributes |= OBJ_EXCLUSIVE;
|
if (Exclusive) ObjectAttributes.Attributes |= OBJ_EXCLUSIVE;
|
||||||
|
@ -1092,7 +1102,12 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
0,
|
0,
|
||||||
0,
|
0,
|
||||||
(PVOID*)&CreatedDeviceObject);
|
(PVOID*)&CreatedDeviceObject);
|
||||||
if (!NT_SUCCESS(Status)) return Status;
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
/* Clear the whole Object and extension so we don't null stuff manually */
|
/* Clear the whole Object and extension so we don't null stuff manually */
|
||||||
RtlZeroMemory(CreatedDeviceObject, TotalSize);
|
RtlZeroMemory(CreatedDeviceObject, TotalSize);
|
||||||
|
@ -1144,6 +1159,8 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
Status = IopCreateVpb(CreatedDeviceObject);
|
Status = IopCreateVpb(CreatedDeviceObject);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
|
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
|
||||||
|
|
||||||
/* Dereference the device object and fail */
|
/* Dereference the device object and fail */
|
||||||
ObDereferenceObject(CreatedDeviceObject);
|
ObDereferenceObject(CreatedDeviceObject);
|
||||||
return Status;
|
return Status;
|
||||||
|
@ -1197,7 +1214,12 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
1,
|
1,
|
||||||
(PVOID*)&CreatedDeviceObject,
|
(PVOID*)&CreatedDeviceObject,
|
||||||
&TempHandle);
|
&TempHandle);
|
||||||
if (!NT_SUCCESS(Status)) return Status;
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
/* Now do the final linking */
|
/* Now do the final linking */
|
||||||
ObReferenceObject(DriverObject);
|
ObReferenceObject(DriverObject);
|
||||||
|
@ -1211,6 +1233,9 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
|
||||||
/* Close the temporary handle and return to caller */
|
/* Close the temporary handle and return to caller */
|
||||||
ObCloseHandle(TempHandle, KernelMode);
|
ObCloseHandle(TempHandle, KernelMode);
|
||||||
*DeviceObject = CreatedDeviceObject;
|
*DeviceObject = CreatedDeviceObject;
|
||||||
|
|
||||||
|
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue