Added access right mapping

Fixed access rights svn path=/trunk/; revision=1593
2024-12-28 10:04:49 +00:00 · 2001-02-02 20:49:40 +00:00 · 2001-02-02 20:49:40 +00:00 · ec9ef6951c
commit ec9ef6951c
parent 5f529d5a90
10 changed files with 59 additions and 29 deletions
--- a/reactos/include/ddk/ntddk.h
+++ b/reactos/include/ddk/ntddk.h
@ -1,4 +1,4 @@
-/* $Id: ntddk.h,v 1.18 2001/01/28 21:36:05 ekohl Exp $
+/* $Id: ntddk.h,v 1.19 2001/02/02 20:45:36 ekohl Exp $
 *
 * COPYRIGHT:      See COPYING in the top level directory
 * PROJECT:        ReactOS kernel
@ -28,6 +28,7 @@ extern "C"
 #include <ntos/types.h>
 #include <ntos/disk.h>
 #include <ntos/registry.h>
+#include <ntos/port.h>
 #include <napi/types.h>

 #include <pe.h>
--- a/reactos/include/ntos.h
+++ b/reactos/include/ntos.h
@ -1,11 +1,12 @@
 #ifndef _NTOS_H
 #define _NTOS_H
-/* $Id: ntos.h,v 1.2 2000/06/29 23:35:11 dwelch Exp $ */
+/* $Id: ntos.h,v 1.3 2001/02/02 20:44:00 ekohl Exp $ */

 #include <ddk/ntddk.h>
 #include <ntos/heap.h>
 #include <ntos/synch.h>
 #include <ntos/keyboard.h>
 #include <ntos/console.h>
+#include <ntos/port.h>

 #endif /* ndef _NTOS_H */
--- a/reactos/include/ntos/port.h
+++ b/reactos/include/ntos/port.h
@ -0,0 +1,23 @@
+/* $Id: port.h,v 1.1 2001/02/02 20:44:21 ekohl Exp $
+ *
+ * COPYRIGHT:    See COPYING in the top level directory
+ * PROJECT:      ReactOS kernel
+ * FILE:         include/ntos/port.h
+ * PURPOSE:      Port declarations used by all the parts of the 
+ *               system
+ * PROGRAMMER:   Eric Kohl <ekokl@rz-online.de>
+ * UPDATE HISTORY: 
+ *               02/02/2001: Created
+ */
+
+#ifndef __INCLUDE_PORT_H
+#define __INCLUDE_PORT_H
+
+
+/* Port Object Access */
+
+#define PORT_ALL_ACCESS               (0x1)
+
+#endif /* __INCLUDE_PORT_H */
+
+/* EOF */
--- a/reactos/ntoskrnl/include/internal/port.h
+++ b/reactos/ntoskrnl/include/internal/port.h
@ -39,11 +39,6 @@ LpcSendTerminationPort (PEPORT	Port,
 			TIME	CreationTime);


-/* Port Object Access */
-
-#define PORT_ALL_ACCESS               (0x1)
-
-
 /* EPORT.State */

 #define EPORT_INACTIVE                (0)
--- a/reactos/ntoskrnl/ob/handle.c
+++ b/reactos/ntoskrnl/ob/handle.c
@ -1,4 +1,4 @@
-/* $Id: handle.c,v 1.26 2001/01/29 00:31:24 ekohl Exp $
+/* $Id: handle.c,v 1.27 2001/02/02 20:46:36 ekohl Exp $
 *
 * COPYRIGHT:          See COPYING in the top level directory
 * PROJECT:            ReactOS kernel
@ -134,7 +134,7 @@ NTSTATUS STDCALL NtDuplicateObject (IN	HANDLE		SourceProcessHandle,
     }
   ObjectBody = SourceHandleRep->ObjectBody;
   ObReferenceObjectByPointer(ObjectBody,
-			      GENERIC_ALL,
+			      0,
 			      NULL,
 			      UserMode);
   
@ -199,7 +199,7 @@ VOID ObCloseAllHandles(PEPROCESS Process)
 		    }
 		  
 		  ObReferenceObjectByPointer(ObjectBody,
-					     GENERIC_ALL,
+					     0,
 					     NULL,
 					     UserMode);
 		  Header->HandleCount--;
@ -347,7 +347,7 @@ PVOID ObDeleteHandle(PEPROCESS Process, HANDLE Handle)
 	Header = BODY_TO_HEADER(ObjectBody);
 	BODY_TO_HEADER(ObjectBody)->HandleCount--;
 	ObReferenceObjectByPointer(ObjectBody,
-				   GENERIC_ALL,
+				   0,
 				   NULL,
 				   UserMode);
 	Rep->ObjectBody = NULL;
@ -530,7 +530,7 @@ NTSTATUS STDCALL ObReferenceObjectByHandle(HANDLE Handle,
     }
   ObjectBody = HandleRep->ObjectBody;
   ObReferenceObjectByPointer(ObjectBody,
-			      GENERIC_ALL,
+			      0,
 			      NULL,
 			      UserMode);
   GrantedAccess = HandleRep->GrantedAccess;
@ -550,12 +550,16 @@ NTSTATUS STDCALL ObReferenceObjectByHandle(HANDLE Handle,
 	DPRINT("Reference from %x\n", ((PULONG)&Handle)[-1]);
     }
   
-   if ((AccessMode == UserMode) &&
-       (!(GrantedAccess & DesiredAccess) &&
-        !((~GrantedAccess) & DesiredAccess)))
+   if (AccessMode == UserMode)
     {
-	CHECKPOINT;
-	return(STATUS_ACCESS_DENIED);
+	RtlMapGenericMask(&DesiredAccess, ObjectHeader->ObjectType->Mapping);
+
+	if (!(GrantedAccess & DesiredAccess) &&
+	    !((~GrantedAccess) & DesiredAccess))
+	  {
+	     CHECKPOINT;
+	     return(STATUS_ACCESS_DENIED);
+	  }
     }
   
   *Object = ObjectBody;
--- a/reactos/ntoskrnl/ob/object.c
+++ b/reactos/ntoskrnl/ob/object.c
@ -1,4 +1,4 @@
-/* $Id: object.c,v 1.31 2001/01/29 00:31:24 ekohl Exp $
+/* $Id: object.c,v 1.32 2001/02/02 20:46:36 ekohl Exp $
 * 
 * COPYRIGHT:     See COPYING in the top level directory
 * PROJECT:       ReactOS kernel
@ -252,6 +252,10 @@ PVOID STDCALL ObCreateObject(PHANDLE Handle,
     {
 	RtlInitUnicodeString (&RemainingPath, NULL);
     }
+
+   RtlMapGenericMask(&DesiredAccess,
+		     Type->Mapping);
+
   Header = (POBJECT_HEADER)ExAllocatePool(NonPagedPool,
 					   OBJECT_ALLOC_SIZE(Type));
   ObInitializeObject(Header,
--- a/reactos/ntoskrnl/ps/create.c
+++ b/reactos/ntoskrnl/ps/create.c
@ -1,4 +1,4 @@
-/* $Id: create.c,v 1.29 2001/01/21 14:54:29 dwelch Exp $
+/* $Id: create.c,v 1.30 2001/02/02 20:47:14 ekohl Exp $
 *
 * COPYRIGHT:              See COPYING in the top level directory
 * PROJECT:                ReactOS kernel
@ -250,7 +250,7 @@ PsReferenceImpersonationToken(PETHREAD Thread,
   *Unknown1 = Thread->ImpersonationInfo->Unknown1;
   *Unknown2 = Thread->ImpersonationInfo->Unknown2;
   ObReferenceObjectByPointer(Thread->ImpersonationInfo->Token,
-			      GENERIC_ALL,
+			      TOKEN_ALL_ACCESS,
 			      SeTokenType,
 			      KernelMode);
   return(Thread->ImpersonationInfo->Token);
--- a/reactos/ntoskrnl/ps/process.c
+++ b/reactos/ntoskrnl/ps/process.c
@ -1,4 +1,4 @@
-/* $Id: process.c,v 1.56 2001/01/28 17:38:40 ekohl Exp $
+/* $Id: process.c,v 1.57 2001/02/02 20:47:14 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -111,7 +111,7 @@ NTSTATUS STDCALL NtOpenProcessToken(IN	HANDLE		ProcessHandle,
 PACCESS_TOKEN STDCALL PsReferencePrimaryToken(PEPROCESS Process)
 {
   ObReferenceObjectByPointer(Process->Token,
-			      GENERIC_ALL,
+			      TOKEN_ALL_ACCESS,
 			      SeTokenType,
 			      UserMode);
   return(Process->Token);
--- a/reactos/ntoskrnl/se/token.c
+++ b/reactos/ntoskrnl/se/token.c
@ -1,4 +1,4 @@
-/* $Id: token.c,v 1.9 2001/01/28 17:42:56 ekohl Exp $
+/* $Id: token.c,v 1.10 2001/02/02 20:47:43 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -56,7 +56,7 @@ NTSTATUS SeExchangePrimaryToken(PEPROCESS Process,
   Process->Token = NewToken;
   NewToken->TokenInUse = 1;
   ObReferenceObjectByPointer(NewToken,
-			      GENERIC_ALL,
+			      TOKEN_ALL_ACCESS,
 			      SeTokenType,
 			      KernelMode);
   OldToken->TokenInUse = 0;
--- a/reactos/subsys/smss/init.c
+++ b/reactos/subsys/smss/init.c
@ -1,4 +1,4 @@
-/* $Id: init.c,v 1.21 2000/12/28 20:38:28 ekohl Exp $
+/* $Id: init.c,v 1.22 2001/02/02 20:48:38 ekohl Exp $
 *
 * init.c - Session Manager initialization
 * 
@ -180,7 +180,7 @@ BOOL InitSessionManager (HANDLE	Children[])
 			 L"\\SmApiPort");
   InitializeObjectAttributes (&ObjectAttributes,
 			       &UnicodeString,
-			       0xff,
+			       PORT_ALL_ACCESS,
 			       NULL,
 			       NULL);
   
@ -226,7 +226,9 @@ BOOL InitSessionManager (HANDLE	Children[])
   Status = RtlCreateEnvironment (FALSE,
 				  &SmSystemEnvironment);
   if (!NT_SUCCESS(Status))
-     return FALSE;
+     {
+	return FALSE;
+     }
 #ifndef NDEBUG
   DisplayString (L"SM: System Environment created\n");
 #endif
@ -378,7 +380,7 @@ BOOL InitSessionManager (HANDLE	Children[])
 	                      L"\\DbgSsApiPort");
 	InitializeObjectAttributes (&ObjectAttributes,
 	                            &UnicodeString,
-	                            0xff,
+	                            PORT_ALL_ACCESS,
 	                            NULL,
 	                            NULL);

@ -401,7 +403,7 @@ BOOL InitSessionManager (HANDLE	Children[])
 	                      L"\\DbgUiApiPort");
 	InitializeObjectAttributes (&ObjectAttributes,
 	                            &UnicodeString,
-	                            0xff,
+	                            PORT_ALL_ACCESS,
 	                            NULL,
 	                            NULL);