[NTOS:OB]

- Define and use a pool tag for directory security descriptors. - Use a custom security descriptor to create the KernelObjects directory. svn path=/trunk/; revision=74103
2025-05-16 15:50:24 +00:00 · 2017-03-05 21:28:10 +00:00 · 2017-03-05 21:28:10 +00:00 · c4b8caf365
commit c4b8caf365
parent a1488a0f38
3 changed files with 92 additions and 7 deletions
--- a/reactos/ntoskrnl/include/internal/tag.h
+++ b/reactos/ntoskrnl/include/internal/tag.h
@ -150,6 +150,8 @@
 /* Object Manager Tags */
 #define OB_NAME_TAG             'mNbO'
 #define OB_DIR_TAG              'iDbO'
+#define TAG_OB_DIR_SD           'sDbO'
+

 /* formerly located in ps/cid.c */
 #define TAG_CIDOBJECT 'ODIC'
--- a/reactos/ntoskrnl/ob/obinit.c
+++ b/reactos/ntoskrnl/ob/obinit.c
@ -54,6 +54,82 @@ ULONG ObpInitializationPhase;

 /* PRIVATE FUNCTIONS *********************************************************/

+static
+NTSTATUS
+NTAPI
+INIT_FUNCTION
+ObpCreateKernelObjectsSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+    ULONG AclLength;
+    PACL Dacl;
+    NTSTATUS Status;
+
+    /* Initialize the SD */
+    Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
+                                         SECURITY_DESCRIPTOR_REVISION);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    /* Allocate the DACL */
+    AclLength = sizeof(ACL) +
+                sizeof(ACE) + RtlLengthSid(SeWorldSid) +
+                sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid) +
+                sizeof(ACE) + RtlLengthSid(SeLocalSystemSid);
+
+    Dacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_OB_DIR_SD);
+    if (Dacl == NULL)
+    {
+        return STATUS_INSUFFICIENT_RESOURCES;
+    }
+
+    /* Initialize the DACL */
+    RtlCreateAcl(Dacl, AclLength, ACL_REVISION);
+
+    /* Add the ACEs */
+    RtlAddAccessAllowedAce(Dacl,
+                           ACL_REVISION,
+                           GENERIC_READ,
+                           SeWorldSid);
+
+    RtlAddAccessAllowedAce(Dacl,
+                           ACL_REVISION,
+                           GENERIC_ALL,
+                           SeAliasAdminsSid);
+
+    RtlAddAccessAllowedAce(Dacl,
+                           ACL_REVISION,
+                           GENERIC_ALL,
+                           SeLocalSystemSid);
+
+    /* Attach the DACL to the SD */
+    Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor,
+                                          TRUE,
+                                          Dacl,
+                                          FALSE);
+
+    return Status;
+}
+
+static
+VOID
+NTAPI
+INIT_FUNCTION
+ObpFreeKernelObjectsSD(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+    PACL Dacl = NULL;
+    BOOLEAN DaclPresent, Defaulted;
+    NTSTATUS Status;
+
+    Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
+                                          &DaclPresent,
+                                          &Dacl,
+                                          &Defaulted);
+    if (NT_SUCCESS(Status) && Dacl != NULL)
+    {
+        ExFreePool(Dacl);
+    }
+}
+
 BOOLEAN
 INIT_FUNCTION
 NTAPI
@ -136,6 +212,7 @@ ObInitSystem(VOID)
    POBJECT_HEADER Header;
    POBJECT_HEADER_CREATOR_INFO CreatorInfo;
    POBJECT_HEADER_NAME_INFO NameInfo;
+    SECURITY_DESCRIPTOR KernelObjectsSD;
    NTSTATUS Status;

    /* Check if this is actually Phase 1 initialization */
@ -258,25 +335,31 @@ ObPostPhase0:
    Status = NtClose(Handle);
    if (!NT_SUCCESS(Status)) return FALSE;

-    /* Initialize Object Types directory attributes */
+    /* Create a custom security descriptor for the KernelObjects directory */
+    Status = ObpCreateKernelObjectsSD(&KernelObjectsSD);
+    if (!NT_SUCCESS(Status))
+        return FALSE;
+
+    /* Initialize the KernelObjects directory attributes */
    RtlInitUnicodeString(&Name, L"\\KernelObjects");
    InitializeObjectAttributes(&ObjectAttributes,
                               &Name,
                               OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
                               NULL,
-                               NULL);
-    
+                               &KernelObjectsSD);
+
    /* Create the directory */
    Status = NtCreateDirectoryObject(&Handle,
                                     DIRECTORY_ALL_ACCESS,
                                     &ObjectAttributes);
+    ObpFreeKernelObjectsSD(&KernelObjectsSD);
    if (!NT_SUCCESS(Status)) return FALSE;
-    
+
    /* Close the extra handle */
    Status = NtClose(Handle);
    if (!NT_SUCCESS(Status)) return FALSE;

-    /* Initialize Object Types directory attributes */
+    /* Initialize ObjectTypes directory attributes */
    RtlInitUnicodeString(&Name, L"\\ObjectTypes");
    InitializeObjectAttributes(&ObjectAttributes,
                               &Name,
--- a/reactos/ntoskrnl/ob/obname.c
+++ b/reactos/ntoskrnl/ob/obname.c
@ -55,10 +55,10 @@ ObpCreateGlobalDosDevicesSD(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
                sizeof(ACE) + RtlLengthSid(SeLocalSystemSid) +
                sizeof(ACE) + RtlLengthSid(SeCreatorOwnerSid);

-    Dacl = ExAllocatePool(PagedPool, AclLength);
+    Dacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_OB_DIR_SD);
    if (Dacl == NULL)
    {
-        return STATUS_NO_MEMORY;
+        return STATUS_INSUFFICIENT_RESOURCES;
    }

    /* Initialize the DACL */