From 7fee8ebabeb4d86a88c118f70f6dc7c95381df55 Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Mon, 13 Mar 2017 00:10:23 +0000 Subject: [PATCH] [NTOS:OB] - Allocate all of the kernel objects security descriptor and the dos devices security descriptor from the paged pool, instead of just the ACLs. - Replace special security descriptor free routines by calls to ExFreePoolWithTag. - Replace the TAG_OB_DIR_SD by TAG_SD. svn path=/trunk/; revision=74157 --- reactos/ntoskrnl/include/internal/tag.h | 1 - reactos/ntoskrnl/ob/obinit.c | 74 +++++++++++------------ reactos/ntoskrnl/ob/obname.c | 79 ++++++++++++------------- 3 files changed, 73 insertions(+), 81 deletions(-) diff --git a/reactos/ntoskrnl/include/internal/tag.h b/reactos/ntoskrnl/include/internal/tag.h index 45ee8a5c6b5..eec80135f23 100644 --- a/reactos/ntoskrnl/include/internal/tag.h +++ b/reactos/ntoskrnl/include/internal/tag.h @@ -150,7 +150,6 @@ /* Object Manager Tags */ #define OB_NAME_TAG 'mNbO' #define OB_DIR_TAG 'iDbO' -#define TAG_OB_DIR_SD 'sDbO' /* formerly located in ps/cid.c */ diff --git a/reactos/ntoskrnl/ob/obinit.c b/reactos/ntoskrnl/ob/obinit.c index 8e3cd0b1df9..dcda078d308 100644 --- a/reactos/ntoskrnl/ob/obinit.c +++ b/reactos/ntoskrnl/ob/obinit.c @@ -58,32 +58,37 @@ static NTSTATUS NTAPI INIT_FUNCTION -ObpCreateKernelObjectsSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor) +ObpCreateKernelObjectsSD(OUT PSECURITY_DESCRIPTOR *SecurityDescriptor) { - ULONG AclLength; + PSECURITY_DESCRIPTOR Sd = NULL; PACL Dacl; + ULONG AclSize, SdSize; NTSTATUS Status; - /* Initialize the SD */ - Status = RtlCreateSecurityDescriptor(SecurityDescriptor, - SECURITY_DESCRIPTOR_REVISION); - if (!NT_SUCCESS(Status)) - return Status; + AclSize = sizeof(ACL) + + sizeof(ACE) + RtlLengthSid(SeWorldSid) + + sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid) + + sizeof(ACE) + RtlLengthSid(SeLocalSystemSid); - /* Allocate the DACL */ - AclLength = sizeof(ACL) + - sizeof(ACE) + RtlLengthSid(SeWorldSid) + - sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid) + - sizeof(ACE) + RtlLengthSid(SeLocalSystemSid); + SdSize = sizeof(SECURITY_DESCRIPTOR) + AclSize; - Dacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_OB_DIR_SD); - if (Dacl == NULL) + /* Allocate the SD and ACL */ + Sd = ExAllocatePoolWithTag(PagedPool, SdSize, TAG_SD); + if (Sd == NULL) { return STATUS_INSUFFICIENT_RESOURCES; } + /* Initialize the SD */ + Status = RtlCreateSecurityDescriptor(Sd, + SECURITY_DESCRIPTOR_REVISION); + if (!NT_SUCCESS(Status)) + goto done; + + Dacl = (PACL)((INT_PTR)Sd + sizeof(SECURITY_DESCRIPTOR)); + /* Initialize the DACL */ - RtlCreateAcl(Dacl, AclLength, ACL_REVISION); + RtlCreateAcl(Dacl, AclSize, ACL_REVISION); /* Add the ACEs */ RtlAddAccessAllowedAce(Dacl, @@ -102,34 +107,25 @@ ObpCreateKernelObjectsSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor) SeLocalSystemSid); /* Attach the DACL to the SD */ - Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor, + Status = RtlSetDaclSecurityDescriptor(Sd, TRUE, Dacl, FALSE); + if (!NT_SUCCESS(Status)) + goto done; + + *SecurityDescriptor = Sd; + +done: + if (!NT_SUCCESS(Status)) + { + if (Sd != NULL) + ExFreePoolWithTag(Sd, TAG_SD); + } return Status; } -static -VOID -NTAPI -INIT_FUNCTION -ObpFreeKernelObjectsSD(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor) -{ - PACL Dacl = NULL; - BOOLEAN DaclPresent, Defaulted; - NTSTATUS Status; - - Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor, - &DaclPresent, - &Dacl, - &Defaulted); - if (NT_SUCCESS(Status) && Dacl != NULL) - { - ExFreePoolWithTag(Dacl, TAG_OB_DIR_SD); - } -} - BOOLEAN INIT_FUNCTION NTAPI @@ -212,7 +208,7 @@ ObInitSystem(VOID) POBJECT_HEADER Header; POBJECT_HEADER_CREATOR_INFO CreatorInfo; POBJECT_HEADER_NAME_INFO NameInfo; - SECURITY_DESCRIPTOR KernelObjectsSD; + PSECURITY_DESCRIPTOR KernelObjectsSD = NULL; NTSTATUS Status; /* Check if this is actually Phase 1 initialization */ @@ -346,13 +342,13 @@ ObPostPhase0: &Name, OBJ_CASE_INSENSITIVE | OBJ_PERMANENT, NULL, - &KernelObjectsSD); + KernelObjectsSD); /* Create the directory */ Status = NtCreateDirectoryObject(&Handle, DIRECTORY_ALL_ACCESS, &ObjectAttributes); - ObpFreeKernelObjectsSD(&KernelObjectsSD); + ExFreePoolWithTag(KernelObjectsSD, TAG_SD); if (!NT_SUCCESS(Status)) return FALSE; /* Close the extra handle */ diff --git a/reactos/ntoskrnl/ob/obname.c b/reactos/ntoskrnl/ob/obname.c index 83cf5a36556..0a104bf9d23 100644 --- a/reactos/ntoskrnl/ob/obname.c +++ b/reactos/ntoskrnl/ob/obname.c @@ -34,35 +34,40 @@ UNICODE_STRING ObpDosDevicesShortName = NTSTATUS NTAPI INIT_FUNCTION -ObpCreateGlobalDosDevicesSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor) +ObpCreateGlobalDosDevicesSD(OUT PSECURITY_DESCRIPTOR *SecurityDescriptor) { - ULONG AclLength; + PSECURITY_DESCRIPTOR Sd = NULL; PACL Dacl; + ULONG AclSize, SdSize; NTSTATUS Status; - /* Initialize the SD */ - Status = RtlCreateSecurityDescriptor(SecurityDescriptor, - SECURITY_DESCRIPTOR_REVISION); - if (!NT_SUCCESS(Status)) - return Status; + AclSize = sizeof(ACL) + + sizeof(ACE) + RtlLengthSid(SeWorldSid) + + sizeof(ACE) + RtlLengthSid(SeLocalSystemSid) + + sizeof(ACE) + RtlLengthSid(SeWorldSid) + + sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid) + + sizeof(ACE) + RtlLengthSid(SeLocalSystemSid) + + sizeof(ACE) + RtlLengthSid(SeCreatorOwnerSid); - /* Allocate the DACL */ - AclLength = sizeof(ACL) + - sizeof(ACE) + RtlLengthSid(SeWorldSid) + - sizeof(ACE) + RtlLengthSid(SeLocalSystemSid) + - sizeof(ACE) + RtlLengthSid(SeWorldSid) + - sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid) + - sizeof(ACE) + RtlLengthSid(SeLocalSystemSid) + - sizeof(ACE) + RtlLengthSid(SeCreatorOwnerSid); + SdSize = sizeof(SECURITY_DESCRIPTOR) + AclSize; - Dacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_OB_DIR_SD); - if (Dacl == NULL) + /* Allocate the SD and ACL */ + Sd = ExAllocatePoolWithTag(PagedPool, SdSize, TAG_SD); + if (Sd == NULL) { return STATUS_INSUFFICIENT_RESOURCES; } + /* Initialize the SD */ + Status = RtlCreateSecurityDescriptor(Sd, + SECURITY_DESCRIPTOR_REVISION); + if (!NT_SUCCESS(Status)) + return Status; + + Dacl = (PACL)((INT_PTR)Sd + sizeof(SECURITY_DESCRIPTOR)); + /* Initialize the DACL */ - RtlCreateAcl(Dacl, AclLength, ACL_REVISION); + RtlCreateAcl(Dacl, AclSize, ACL_REVISION); /* Add the ACEs */ RtlAddAccessAllowedAce(Dacl, @@ -100,33 +105,25 @@ ObpCreateGlobalDosDevicesSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor) SeCreatorOwnerSid); /* Attach the DACL to the SD */ - Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor, + Status = RtlSetDaclSecurityDescriptor(Sd, TRUE, Dacl, FALSE); + if (!NT_SUCCESS(Status)) + goto done; + + *SecurityDescriptor = Sd; + +done: + if (!NT_SUCCESS(Status)) + { + if (Sd != NULL) + ExFreePoolWithTag(Sd, TAG_SD); + } return Status; } -VOID -NTAPI -INIT_FUNCTION -ObpFreeGlobalDosDevicesSD(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor) -{ - PACL Dacl = NULL; - BOOLEAN DaclPresent, Defaulted; - NTSTATUS Status; - - Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor, - &DaclPresent, - &Dacl, - &Defaulted); - if (NT_SUCCESS(Status) && Dacl != NULL) - { - ExFreePoolWithTag(Dacl, TAG_OB_DIR_SD); - } -} - NTSTATUS NTAPI INIT_FUNCTION @@ -135,7 +132,7 @@ ObpCreateDosDevicesDirectory(VOID) OBJECT_ATTRIBUTES ObjectAttributes; UNICODE_STRING RootName, TargetName, LinkName; HANDLE Handle, SymHandle; - SECURITY_DESCRIPTOR DosDevicesSD; + PSECURITY_DESCRIPTOR DosDevicesSD = NULL; NTSTATUS Status; /* Create a custom security descriptor for the global DosDevices directory */ @@ -149,11 +146,11 @@ ObpCreateDosDevicesDirectory(VOID) &RootName, OBJ_PERMANENT, NULL, - &DosDevicesSD); + DosDevicesSD); Status = NtCreateDirectoryObject(&Handle, DIRECTORY_ALL_ACCESS, &ObjectAttributes); - ObpFreeGlobalDosDevicesSD(&DosDevicesSD); + ExFreePoolWithTag(DosDevicesSD, TAG_SD); if (!NT_SUCCESS(Status)) return Status; /*********************************************\