From a818a86bf963f093f14bfb843d48504058fb9c7d Mon Sep 17 00:00:00 2001 From: Alex Ionescu Date: Sun, 23 Jul 2006 07:13:19 +0000 Subject: [PATCH] - Fixup PSTRACE to print much nicer output and actually work. - Add tracing for security.c and kill.c. svn path=/trunk/; revision=23234 --- reactos/ntoskrnl/include/internal/ps.h | 23 +++++++++++++++----- reactos/ntoskrnl/ps/kill.c | 30 +++++++++++++++++--------- reactos/ntoskrnl/ps/query.c | 3 +++ reactos/ntoskrnl/ps/security.c | 27 +++++++++++++++++++++-- 4 files changed, 66 insertions(+), 17 deletions(-) diff --git a/reactos/ntoskrnl/include/internal/ps.h b/reactos/ntoskrnl/include/internal/ps.h index 6b3b4f52653..961c6d29f8a 100644 --- a/reactos/ntoskrnl/include/internal/ps.h +++ b/reactos/ntoskrnl/include/internal/ps.h @@ -9,7 +9,7 @@ // // Define this if you want debugging support // -#define _PS_DEBUG_ 0x00 +#define _PS_DEBUG_ 0x01 // // These define the Debug Masks Supported @@ -22,19 +22,32 @@ #define PS_WIN32K_DEBUG 0x20 #define PS_STATE_DEBUG 0x40 #define PS_QUOTA_DEBUG 0x80 +#define PS_KILL_DEBUG 0x100 // // Debug/Tracing support // #if _PS_DEBUG_ #ifdef NEW_DEBUG_SYSTEM_IMPLEMENTED // enable when Debug Filters are implemented -#define PSTRACE DbgPrintEx +#define PSTRACE(x, ...) \ + { \ + DbgPrintEx("%s [%.16s] - ", \ + __FUNCTION__, \ + PsGetCurrentProcess()->ImageFileName); \ + DbgPrintEx(__VA_ARGS__); \ + } #else -#define PSTRACE(x, ...) \ - if (x & PspTraceLevel) DbgPrint(__VA_ARGS__) +#define PSTRACE(x, ...) \ + if (x & PspTraceLevel) \ + { \ + DbgPrint("%s [%.16s] - ", \ + __FUNCTION__, \ + PsGetCurrentProcess()->ImageFileName); \ + DbgPrint(__VA_ARGS__); \ + } #endif #else -#define PSTRACE(x, ...) DPRINT(__VA_ARGS__) +#define PSTRACE(x, ...) DPRINT(__VA_ARGS__); #endif // diff --git a/reactos/ntoskrnl/ps/kill.c b/reactos/ntoskrnl/ps/kill.c index 6d672978e61..0d3d5d227df 100644 --- a/reactos/ntoskrnl/ps/kill.c +++ b/reactos/ntoskrnl/ps/kill.c @@ -81,8 +81,10 @@ NTAPI PspTerminateProcess(IN PEPROCESS Process, IN NTSTATUS ExitStatus) { - PAGED_CODE(); PETHREAD Thread = NULL; + PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, + "Process: %p ExitStatus: %p\n", Process, ExitStatus); /* Check if this is a Critical Process */ if (Process->BreakOnTermination) @@ -151,6 +153,7 @@ PspReapRoutine(IN PVOID Context) PLIST_ENTRY *ListAddr; PLIST_ENTRY NextEntry; PETHREAD Thread; + PSTRACE(PS_KILL_DEBUG, "Context: %p\n", Context); /* Get the Reaper Address Pointer */ ListAddr = &PspReaperListHead.Flink; @@ -191,6 +194,7 @@ PspDeleteProcess(IN PVOID ObjectBody) PEPROCESS Process = (PEPROCESS)ObjectBody; KAPC_STATE ApcState; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "ObjectBody: %p\n", ObjectBody); /* Check if it has an Active Process Link */ if (Process->ActiveProcessLinks.Flink) @@ -321,6 +325,7 @@ PspDeleteThread(IN PVOID ObjectBody) PETHREAD Thread = (PETHREAD)ObjectBody; PEPROCESS Process = Thread->ThreadsProcess; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "ObjectBody: %p\n", ObjectBody); ASSERT(Thread->Tcb.Win32Thread == NULL); /* Check if we have a stack */ @@ -388,6 +393,7 @@ PspExitThread(IN NTSTATUS ExitStatus) PKAPC Apc; PTOKEN PrimaryToken; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "ExitStatus: %p\n", ExitStatus); /* Get the Current Thread and Process */ Thread = PsGetCurrentThread(); @@ -446,9 +452,6 @@ PspExitThread(IN NTSTATUS ExitStatus) KeEnterCriticalRegion(); ExAcquirePushLockExclusive(&CurrentProcess->ProcessLock); - /* Wake up the thread so we don't deadlock on lock */ - //KeForceResumeThread(&Thread->Tcb); - /* Decrease the active thread count, and check if it's 0 */ if (!(--CurrentProcess->ActiveThreads)) { @@ -794,10 +797,12 @@ PsExitSpecialApc(IN PKAPC Apc, IN OUT PKNORMAL_ROUTINE* NormalRoutine, IN OUT PVOID* NormalContext, IN OUT PVOID* SystemArgument1, - IN OUT PVOID* SystemArguemnt2) + IN OUT PVOID* SystemArgument2) { NTSTATUS Status; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, + "Apc: %p SystemArgument2: %p \n", Apc, SystemArgument2); /* Don't do anything unless we are in User-Mode */ if (Apc->SystemArgument2) @@ -820,6 +825,7 @@ PspExitNormalApc(IN PVOID NormalContext, PKAPC Apc = (PKAPC)SystemArgument1; PETHREAD Thread = PsGetCurrentThread(); PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "SystemArgument2: %p \n", SystemArgument2); /* This should never happen */ ASSERT(!(((ULONG_PTR)SystemArgument2) & 1)); @@ -861,6 +867,7 @@ PspTerminateThreadByPointer(IN PETHREAD Thread, NTSTATUS Status = STATUS_SUCCESS; ULONG Flags; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "Thread: %p ExitStatus: %p\n", Thread, ExitStatus); /* Check if this is a Critical Thread, and Bugcheck */ if (Thread->BreakOnTermination) @@ -935,6 +942,8 @@ PspExitProcess(IN BOOLEAN LastThread, { ULONG Actual; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, + "LastThread: %p Process: %p\n", LastThread, Process); /* Set Process Exit flag */ InterlockedOr((PLONG)&Process->Flags, PSF_PROCESS_EXITING_BIT); @@ -1002,11 +1011,7 @@ PsTerminateSystemThread(IN NTSTATUS ExitStatus) PETHREAD Thread = PsGetCurrentThread(); /* Make sure this is a system thread */ - if (Thread->SystemThread) - { - DPRINT1("Trying to Terminate a non-system thread!\n"); - return STATUS_INVALID_PARAMETER; - } + if (Thread->SystemThread) return STATUS_INVALID_PARAMETER; /* Terminate it for real */ return PspTerminateThreadByPointer(Thread, ExitStatus, TRUE); @@ -1025,6 +1030,8 @@ NtTerminateProcess(IN HANDLE ProcessHandle OPTIONAL, PETHREAD Thread, CurrentThread = PsGetCurrentThread(); BOOLEAN KillByHandle; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, + "ProcessHandle: %p ExitStatus: %p\n", ProcessHandle, ExitStatus); /* Remember how we will kill it */ KillByHandle = (ProcessHandle != NULL); @@ -1126,6 +1133,8 @@ NtTerminateThread(IN HANDLE ThreadHandle, PETHREAD CurrentThread = PsGetCurrentThread(); NTSTATUS Status; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, + "ThreadHandle: %p ExitStatus: %p\n", ThreadHandle, ExitStatus); /* Handle the special NULL case */ if (!ThreadHandle) @@ -1187,6 +1196,7 @@ NtRegisterThreadTerminatePort(IN HANDLE PortHandle) PVOID TerminationLpcPort; PETHREAD Thread; PAGED_CODE(); + PSTRACE(PS_KILL_DEBUG, "PortHandle: %p\n", PortHandle); /* Get the Port */ Status = ObReferenceObjectByHandle(PortHandle, diff --git a/reactos/ntoskrnl/ps/query.c b/reactos/ntoskrnl/ps/query.c index 58f6165cf05..f1fd06bf1e7 100644 --- a/reactos/ntoskrnl/ps/query.c +++ b/reactos/ntoskrnl/ps/query.c @@ -16,6 +16,9 @@ /* Include Information Class Tables */ #include "internal/ps_i.h" +/* Debugging Level */ +ULONG PspTraceLevel = 0; //PS_KILL_DEBUG | PS_SECURITY_DEBUG; + /* PRIVATE FUNCTIONS *********************************************************/ /* FIXME: diff --git a/reactos/ntoskrnl/ps/security.c b/reactos/ntoskrnl/ps/security.c index aa2e7e72ae3..ceb60f44d94 100644 --- a/reactos/ntoskrnl/ps/security.c +++ b/reactos/ntoskrnl/ps/security.c @@ -21,6 +21,7 @@ NTAPI PspDeleteProcessSecurity(IN PEPROCESS Process) { PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process); /* Check if we have a token */ if (Process->Token.Object) @@ -36,6 +37,7 @@ NTAPI PspDeleteThreadSecurity(IN PETHREAD Thread) { PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread); /* Check if we have active impersonation info */ if (Thread->ActiveImpersonationInfo) @@ -60,9 +62,10 @@ NTAPI PspInitializeProcessSecurity(IN PEPROCESS Process, IN PEPROCESS Parent OPTIONAL) { - PAGED_CODE(); NTSTATUS Status = STATUS_SUCCESS; PTOKEN NewToken, ParentToken; + PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process); /* If we have a parent, then duplicate the Token */ if (Parent) @@ -108,6 +111,7 @@ PspWriteTebImpersonationInfo(IN PETHREAD Thread, BOOLEAN IsImpersonating; KAPC_STATE ApcState; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread); /* Sanity check */ ASSERT(CurrentThread == PsGetCurrentThread()); @@ -174,6 +178,7 @@ PspAssignPrimaryToken(IN PEPROCESS Process, PACCESS_TOKEN OldToken; NTSTATUS Status; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Process: %p Token: %p\n", Process, Token); /* Lock the process */ PspLockProcessSecurityExclusive(Process); @@ -202,6 +207,7 @@ PspSetPrimaryToken(IN PEPROCESS Process, BOOLEAN Result, SdAllocated; PSECURITY_DESCRIPTOR SecurityDescriptor; SECURITY_SUBJECT_CONTEXT SubjectContext; + PSTRACE(PS_SECURITY_DEBUG, "Process: %p Token: %p\n", Process, Token); /* Make sure we got a handle */ if (TokenHandle) @@ -319,6 +325,8 @@ NtOpenProcessTokenEx(IN HANDLE ProcessHandle, KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); NTSTATUS Status = STATUS_SUCCESS; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, + "Process: %p DesiredAccess: %lx\n", ProcessHandle, DesiredAccess); /* Check if caller was user-mode */ if (PreviousMode != KernelMode) @@ -385,6 +393,7 @@ PsReferencePrimaryToken(PEPROCESS Process) { PACCESS_TOKEN Token; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", Process); /* Fast Reference the Token */ Token = ObFastReferenceObject(&Process->Token); @@ -417,6 +426,7 @@ PsOpenTokenOfProcess(IN HANDLE ProcessHandle, PEPROCESS Process; NTSTATUS Status; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Process: %p\n", ProcessHandle); /* Get the Token */ Status = ObReferenceObjectByHandle(ProcessHandle, @@ -448,6 +458,7 @@ PsAssignImpersonationToken(IN PETHREAD Thread, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; NTSTATUS Status; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p Token: %p\n", Thread, TokenHandle); /* Check if we were given a handle */ if (!TokenHandle) @@ -513,6 +524,7 @@ PsRevertThreadToSelf(IN PETHREAD Thread) { PTOKEN Token = NULL; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread); /* Make sure we had impersonation information */ if (Thread->ActiveImpersonationInfo) @@ -556,6 +568,7 @@ PsImpersonateClient(IN PETHREAD Thread, PPS_IMPERSONATION_INFORMATION Impersonation; PTOKEN OldToken = NULL; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p, Token: %p\n", Thread, Token); /* Check if we don't have a token */ if (!Token) @@ -653,6 +666,8 @@ PsReferenceEffectiveToken(IN PETHREAD Thread, PEPROCESS Process; PACCESS_TOKEN Token = NULL; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, + "Thread: %p, TokenType: %p\n", Thread, TokenType); /* Check if we don't have impersonation info */ Process = Thread->ThreadsProcess; @@ -715,6 +730,7 @@ PsReferenceImpersonationToken(IN PETHREAD Thread, { PTOKEN Token = NULL; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, "Thread: %p\n", Thread); /* If we don't have impersonation info, just quit */ if (!Thread->ActiveImpersonationInfo) return NULL; @@ -779,6 +795,8 @@ PsDisableImpersonation(IN PETHREAD Thread, PPS_IMPERSONATION_INFORMATION Impersonation = NULL; LONG NewValue, OldValue; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, + "Thread: %p State: %p\n", Thread, ImpersonationState); /* Check if we don't have impersonation */ if (Thread->ActiveImpersonationInfo) @@ -835,6 +853,8 @@ PsRestoreImpersonation(IN PETHREAD Thread, PTOKEN Token = NULL; PPS_IMPERSONATION_INFORMATION Impersonation; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, + "Thread: %p State: %p\n", Thread, ImpersonationState); /* Lock thread security */ PspLockThreadSecurityExclusive(Thread); @@ -859,7 +879,8 @@ PsRestoreImpersonation(IN PETHREAD Thread, Impersonation->Token = ImpersonationState->Token; /* Enable impersonation */ - InterlockedOr(&Thread->CrossThreadFlags, CT_ACTIVE_IMPERSONATION_INFO_BIT); + InterlockedOr(&Thread->CrossThreadFlags, + CT_ACTIVE_IMPERSONATION_INFO_BIT); } else { @@ -888,6 +909,8 @@ NtImpersonateThread(IN HANDLE ThreadHandle, KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); NTSTATUS Status = STATUS_SUCCESS; PAGED_CODE(); + PSTRACE(PS_SECURITY_DEBUG, + "Threads: %p %p\n", ThreadHandle, ThreadToImpersonateHandle); /* Check if call came from user mode */ if (PreviousMode != KernelMode)