diff --git a/reactos/ntoskrnl/cm/ntfunc.c b/reactos/ntoskrnl/cm/ntfunc.c index c68ca938ed3..26734175ccc 100644 --- a/reactos/ntoskrnl/cm/ntfunc.c +++ b/reactos/ntoskrnl/cm/ntfunc.c @@ -1638,7 +1638,7 @@ NtSetValueKey(IN HANDLE KeyHandle, KeyCell->Flags |= REG_KEY_LINK_CELL; } - NtQuerySystemTime (&KeyCell->LastWriteTime); + ZwQuerySystemTime (&KeyCell->LastWriteTime); CmiMarkBlockDirty (RegistryHive, KeyObject->KeyCellOffset); ExReleaseResourceLite(&CmiRegistryLock); @@ -1683,7 +1683,7 @@ NtDeleteValueKey (IN HANDLE KeyHandle, KeyObject->KeyCellOffset, ValueName); - NtQuerySystemTime (&KeyObject->KeyCell->LastWriteTime); + ZwQuerySystemTime (&KeyObject->KeyCell->LastWriteTime); CmiMarkBlockDirty (KeyObject->RegistryHive, KeyObject->KeyCellOffset); /* Release hive lock */ diff --git a/reactos/ntoskrnl/ex/profile.c b/reactos/ntoskrnl/ex/profile.c index 8d1129f2283..30170a648ed 100644 --- a/reactos/ntoskrnl/ex/profile.c +++ b/reactos/ntoskrnl/ex/profile.c @@ -178,6 +178,7 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, if(!SeSinglePrivilegeCheck(SeSystemProfilePrivilege, PreviousMode)) { + DPRINT1("NtCreateProfile: Caller requires the SeSystemProfilePrivilege privilege!\n"); return STATUS_PRIVILEGE_NOT_HELD; } } diff --git a/reactos/ntoskrnl/ex/sysinfo.c b/reactos/ntoskrnl/ex/sysinfo.c index 7f391dbce83..a9d26be80af 100644 --- a/reactos/ntoskrnl/ex/sysinfo.c +++ b/reactos/ntoskrnl/ex/sysinfo.c @@ -154,6 +154,7 @@ NtQuerySystemEnvironmentValue (IN PUNICODE_STRING VariableName, RtlReleaseCapturedUnicodeString(&WName, PreviousMode, FALSE); + DPRINT1("NtQuerySystemEnvironmentValue: Caller requires the SeSystemEnvironmentPrivilege privilege!\n"); return STATUS_PRIVILEGE_NOT_HELD; } @@ -295,6 +296,7 @@ NtSetSystemEnvironmentValue (IN PUNICODE_STRING VariableName, } else { + DPRINT1("NtSetSystemEnvironmentValue: Caller requires the SeSystemEnvironmentPrivilege privilege!\n"); Status = STATUS_PRIVILEGE_NOT_HELD; } diff --git a/reactos/ntoskrnl/ex/time.c b/reactos/ntoskrnl/ex/time.c index 3ba5c01032c..9902536a4fb 100644 --- a/reactos/ntoskrnl/ex/time.c +++ b/reactos/ntoskrnl/ex/time.c @@ -142,28 +142,57 @@ ExpSetTimeZoneInformation(PTIME_ZONE_INFORMATION TimeZoneInformation) * RETURNS: Status */ NTSTATUS STDCALL -NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime, - OUT PLARGE_INTEGER UnsafeOldSystemTime OPTIONAL) +NtSetSystemTime(IN PLARGE_INTEGER SystemTime, + OUT PLARGE_INTEGER PreviousTime OPTIONAL) { LARGE_INTEGER OldSystemTime; LARGE_INTEGER NewSystemTime; LARGE_INTEGER LocalTime; TIME_FIELDS TimeFields; - NTSTATUS Status; - - /* FIXME: Check for SeSystemTimePrivilege */ - - Status = MmCopyFromCaller(&NewSystemTime, UnsafeNewSystemTime, - sizeof(NewSystemTime)); - if (!NT_SUCCESS(Status)) + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + + if(PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(SystemTime, + sizeof(LARGE_INTEGER), + sizeof(ULONG)); + NewSystemTime = *SystemTime; + if(PreviousTime != NULL) + { + ProbeForWrite(PreviousTime, + sizeof(LARGE_INTEGER), + sizeof(ULONG)); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) { return Status; } + } + + if(!SeSinglePrivilegeCheck(SeSystemtimePrivilege, + PreviousMode)) + { + DPRINT1("NtSetSystemTime: Caller requires the SeSystemtimePrivilege privilege!\n"); + return STATUS_PRIVILEGE_NOT_HELD; + } + + if(PreviousTime != NULL) + { + KeQuerySystemTime(&OldSystemTime); + } - if (UnsafeOldSystemTime != NULL) - { - KeQuerySystemTime(&OldSystemTime); - } ExSystemTimeToLocalTime(&NewSystemTime, &LocalTime); RtlTimeToTimeFields(&LocalTime, @@ -173,15 +202,18 @@ NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime, /* Set system time */ KiSetSystemTime(&NewSystemTime); - if (UnsafeOldSystemTime != NULL) + if(PreviousTime != NULL) + { + _SEH_TRY { - Status = MmCopyToCaller(UnsafeOldSystemTime, &OldSystemTime, - sizeof(OldSystemTime)); - if (!NT_SUCCESS(Status)) - { - return Status; - } + *PreviousTime = OldSystemTime; } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } return STATUS_SUCCESS; } @@ -194,19 +226,38 @@ NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime, * time of day in the standard time format. */ NTSTATUS STDCALL -NtQuerySystemTime(OUT PLARGE_INTEGER UnsafeCurrentTime) +NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime) { - LARGE_INTEGER CurrentTime; - NTSTATUS Status; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status = STATUS_SUCCESS; - KeQuerySystemTime(&CurrentTime); - Status = MmCopyToCaller(UnsafeCurrentTime, &CurrentTime, - sizeof(CurrentTime)); - if (!NT_SUCCESS(Status)) + PreviousMode = ExGetPreviousMode(); + + if(PreviousMode != KernelMode) + { + _SEH_TRY { - return(Status); + ProbeForRead(SystemTime, + sizeof(LARGE_INTEGER), + sizeof(ULONG)); + + /* it's safe to pass the pointer directly to KeQuerySystemTime as it's just + a basic copy to these pointer, if it raises an exception nothing dangerous + can happen! */ + KeQuerySystemTime(SystemTime); } - return STATUS_SUCCESS; + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + KeQuerySystemTime(SystemTime); + } + + return Status; } diff --git a/reactos/ntoskrnl/ob/symlink.c b/reactos/ntoskrnl/ob/symlink.c index 11fe7068e65..5d657fd9ac9 100644 --- a/reactos/ntoskrnl/ob/symlink.c +++ b/reactos/ntoskrnl/ob/symlink.c @@ -256,7 +256,7 @@ NtCreateSymbolicLinkObject(OUT PHANDLE LinkHandle, DPRINT("DeviceName %S\n", SymbolicLink->TargetName.Buffer); - NtQuerySystemTime (&SymbolicLink->CreateTime); + ZwQuerySystemTime (&SymbolicLink->CreateTime); DPRINT("%s() = STATUS_SUCCESS\n",__FUNCTION__); ObDereferenceObject(SymbolicLink); diff --git a/reactos/ntoskrnl/ps/process.c b/reactos/ntoskrnl/ps/process.c index 1a2726824a0..4f7f3aafac1 100644 --- a/reactos/ntoskrnl/ps/process.c +++ b/reactos/ntoskrnl/ps/process.c @@ -1932,6 +1932,7 @@ NtSetInformationProcess(IN HANDLE ProcessHandle, if(!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode)) { + DPRINT1("NtSetInformationProcess: Caller requires the SeTcbPrivilege privilege for setting ProcessSessionInformation!\n"); /* can't set the session id, bail! */ Status = STATUS_PRIVILEGE_NOT_HELD; break;