diff --git a/reactos/ntoskrnl/ntoskrnl.def b/reactos/ntoskrnl/ntoskrnl.def index 8b924aaf69e..ba6c5210657 100644 --- a/reactos/ntoskrnl/ntoskrnl.def +++ b/reactos/ntoskrnl/ntoskrnl.def @@ -1,4 +1,4 @@ -; $Id: ntoskrnl.def,v 1.180 2004/05/18 12:24:40 ekohl Exp $ +; $Id: ntoskrnl.def,v 1.181 2004/05/20 12:42:51 ekohl Exp $ ; ; reactos/ntoskrnl/ntoskrnl.def ; @@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm@8 SeExports DATA ;SeFreePrivileges@4 SeImpersonateClient@8 -;SeLockSubjectContext@4 +SeLockSubjectContext@4 ;SeMarkLogonSessionForTerminationNotification@4 SeOpenObjectAuditAlarm@36 SeOpenObjectForDeleteAuditAlarm@36 @@ -904,19 +904,19 @@ SePrivilegeCheck@12 ;SePrivilegeObjectAuditAlarm@24 SePublicDefaultDacl DATA SeQueryAuthenticationIdToken@8 -;SeQuerySecurityDescriptorInfo@16 +SeQuerySecurityDescriptorInfo@16 ;SeRegisterLogonSessionTerminatedRoutine@4 ;SeReleaseSecurityDescriptor@12 SeReleaseSubjectContext@4 ;SeSetAccessStateGenericMapping@8 -;SeSetSecurityDescriptorInfo@24 +SeSetSecurityDescriptorInfo@24 SeSinglePrivilegeCheck@12 SeSystemDefaultDacl DATA SeTokenImpersonationLevel@4 SeTokenType@4 -;SeUnlockSubjectContext@4 +SeUnlockSubjectContext@4 ;SeUnregisterLogonSessionTerminatedRoutine@4 -;SeValidSecurityDescriptor@8 +SeValidSecurityDescriptor@8 WRITE_REGISTER_UCHAR@8 WRITE_REGISTER_ULONG@8 WRITE_REGISTER_USHORT@8 diff --git a/reactos/ntoskrnl/ntoskrnl.edf b/reactos/ntoskrnl/ntoskrnl.edf index 172bee59e1d..4514a03c411 100644 --- a/reactos/ntoskrnl/ntoskrnl.edf +++ b/reactos/ntoskrnl/ntoskrnl.edf @@ -1,4 +1,4 @@ -; $Id: ntoskrnl.edf,v 1.166 2004/05/18 12:24:40 ekohl Exp $ +; $Id: ntoskrnl.edf,v 1.167 2004/05/20 12:42:51 ekohl Exp $ ; ; reactos/ntoskrnl/ntoskrnl.def ; @@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm=SeDeleteObjectAuditAlarm@8 SeExports DATA ;SeFreePrivileges=SeFreePrivileges@4 SeImpersonateClient=SeImpersonateClient@8 -;SeLockSubjectContext=SeLockSubjectContext@4 +SeLockSubjectContext=SeLockSubjectContext@4 ;SeMarkLogonSessionForTerminationNotification=SeMarkLogonSessionForTerminationNotification@4 SeOpenObjectAuditAlarm=SeOpenObjectAuditAlarm@36 SeOpenObjectForDeleteAuditAlarm=SeOpenObjectForDeleteAuditAlarm@36 @@ -904,19 +904,19 @@ SePrivilegeCheck=SePrivilegeCheck@12 ;SePrivilegeObjectAuditAlarm=SePrivilegeObjectAuditAlarm@24 SePublicDefaultDacl DATA SeQueryAuthenticationIdToken=SeQueryAuthenticationIdToken@8 -;SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16 +SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16 ;SeRegisterLogonSessionTerminatedRoutine=SeRegisterLogonSessionTerminatedRoutine@4 ;SeReleaseSecurityDescriptor=SeReleaseSecurityDescriptor@12 SeReleaseSubjectContext=SeReleaseSubjectContext@4 ;SeSetAccessStateGenericMapping=SeSetAccessStateGenericMapping@8 -;SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24 +SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24 SeSinglePrivilegeCheck=SeSinglePrivilegeCheck@12 SeSystemDefaultDacl DATA SeTokenImpersonationLevel=SeTokenImpersonationLevel@4 SeTokenType=SeTokenType@4 -;SeUnlockSubjectContext=SeUnlockSubjectContext@4 +SeUnlockSubjectContext=SeUnlockSubjectContext@4 ;SeUnregisterLogonSessionTerminatedRoutine=SeUnregisterLogonSessionTerminatedRoutine@4 -;SeValidSecurityDescriptor=SeValidSecurityDescriptor@8 +SeValidSecurityDescriptor=SeValidSecurityDescriptor@8 WRITE_REGISTER_UCHAR=WRITE_REGISTER_UCHAR@8 WRITE_REGISTER_ULONG=WRITE_REGISTER_ULONG@8 WRITE_REGISTER_USHORT=WRITE_REGISTER_USHORT@8 diff --git a/reactos/ntoskrnl/se/audit.c b/reactos/ntoskrnl/se/audit.c index 3ac4c417f13..2ee2bd6c4e5 100644 --- a/reactos/ntoskrnl/se/audit.c +++ b/reactos/ntoskrnl/se/audit.c @@ -1,4 +1,4 @@ -/* $Id: audit.c,v 1.3 2004/05/18 12:23:48 ekohl Exp $ +/* $Id: audit.c,v 1.4 2004/05/20 12:42:11 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -101,6 +101,9 @@ NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, } +/* + * @unimplemented + */ VOID STDCALL SeDeleteObjectAuditAlarm(IN PVOID Object, IN HANDLE Handle) @@ -109,6 +112,9 @@ SeDeleteObjectAuditAlarm(IN PVOID Object, } +/* + * @unimplemented + */ VOID STDCALL SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName, IN PVOID Object OPTIONAL, @@ -124,6 +130,9 @@ SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName, } +/* + * @unimplemented + */ VOID STDCALL SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName, IN PVOID Object OPTIONAL, diff --git a/reactos/ntoskrnl/se/sd.c b/reactos/ntoskrnl/se/sd.c index bed3c1a855b..02c3c643a5c 100644 --- a/reactos/ntoskrnl/se/sd.c +++ b/reactos/ntoskrnl/se/sd.c @@ -1,4 +1,4 @@ -/* $Id: sd.c,v 1.13 2003/12/30 18:52:06 fireball Exp $ +/* $Id: sd.c,v 1.14 2004/05/20 12:42:11 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -781,4 +781,46 @@ RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD, return(STATUS_SUCCESS); } + +/* + * @unimplemented + */ +NTSTATUS STDCALL +SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation, + OUT PSECURITY_DESCRIPTOR SecurityDescriptor, + IN OUT PULONG Length, + IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} + + +/* + * @unimplemented + */ +NTSTATUS STDCALL +SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL, + IN PSECURITY_INFORMATION SecurityInformation, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, + IN POOL_TYPE PoolType, + IN PGENERIC_MAPPING GenericMapping) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} + + +/* + * @unimplemented + */ +BOOLEAN STDCALL +SeValidSecurityDescriptor(IN ULONG Length, + IN PSECURITY_DESCRIPTOR SecurityDescriptor) +{ + UNIMPLEMENTED; + return FALSE; +} + /* EOF */ diff --git a/reactos/ntoskrnl/se/semgr.c b/reactos/ntoskrnl/se/semgr.c index 908e693f579..fc08889145b 100644 --- a/reactos/ntoskrnl/se/semgr.c +++ b/reactos/ntoskrnl/se/semgr.c @@ -1,4 +1,4 @@ -/* $Id: semgr.c,v 1.29 2004/03/14 18:13:19 ekohl Exp $ +/* $Id: semgr.c,v 1.30 2004/05/20 12:42:11 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -38,20 +38,20 @@ SeInit1(VOID) SepInitLuid(); if (!SepInitSecurityIDs()) - return(FALSE); + return FALSE; if (!SepInitDACLs()) - return(FALSE); + return FALSE; if (!SepInitSDs()) - return(FALSE); + return FALSE; SepInitPrivileges(); if (!SepInitExports()) - return(FALSE); + return FALSE; - return(TRUE); + return TRUE; } @@ -60,7 +60,7 @@ SeInit2(VOID) { SepInitializeTokenImplementation(); - return(TRUE); + return TRUE; } @@ -87,7 +87,7 @@ SeInitSRM(VOID) if (!NT_SUCCESS(Status)) { DPRINT1("Failed to create 'Security' directory!\n"); - return(FALSE); + return FALSE; } /* Create 'LSA_AUTHENTICATION_INITALIZED' event */ @@ -105,9 +105,9 @@ SeInitSRM(VOID) FALSE); if (!NT_SUCCESS(Status)) { - DPRINT1("Failed to create 'Security' directory!\n"); + DPRINT1("Failed to create 'LSA_AUTHENTICATION_INITALIZED' event!\n"); NtClose(DirectoryHandle); - return(FALSE); + return FALSE; } NtClose(EventHandle); @@ -115,7 +115,7 @@ SeInitSRM(VOID) /* FIXME: Create SRM port and listener thread */ - return(TRUE); + return TRUE; } @@ -126,7 +126,7 @@ SepInitExports(VOID) sizeof(SE_EXPORTS), TAG_SXPT); if (SeExports == NULL) - return(FALSE); + return FALSE; SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege; SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege; @@ -172,7 +172,7 @@ SepInitExports(VOID) SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid; SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid; - return(TRUE); + return TRUE; } @@ -220,21 +220,7 @@ NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, * @implemented */ VOID STDCALL -SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext) -{ - ObDereferenceObject (SubjectContext->PrimaryToken); - if (SubjectContext->ClientToken != NULL) - { - ObDereferenceObject (SubjectContext->ClientToken); - } -} - - -/* - * @implemented - */ -VOID STDCALL -SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext) +SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext) { PEPROCESS Process; BOOLEAN CopyOnOpen; @@ -248,7 +234,41 @@ SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext) &CopyOnOpen, &EffectiveOnly, &SubjectContext->ImpersonationLevel); - SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process); + SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process); +} + + +/* + * @unimplemented + */ +VOID STDCALL +SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext) +{ + UNIMPLEMENTED; +} + + +/* + * @implemented + */ +VOID STDCALL +SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext) +{ + ObDereferenceObject (SubjectContext->PrimaryToken); + if (SubjectContext->ClientToken != NULL) + { + ObDereferenceObject (SubjectContext->ClientToken); + } +} + + +/* + * @unimplemented + */ +VOID STDCALL +SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext) +{ + UNIMPLEMENTED; } @@ -360,7 +380,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor, if (Descriptor->Control & SE_SACL_PRESENT || Descriptor->Sacl == NULL ||) { - Sacl = NULL; + Sacl = NULL; } else { @@ -379,7 +399,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor, GenericMapping); } #else - UNIMPLEMENTED; + UNIMPLEMENTED; return(STATUS_NOT_IMPLEMENTED); #endif } @@ -449,13 +469,13 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, PACE CurrentAce; PSID Sid; ACCESS_MASK CurrentAccess; - + CurrentAccess = PreviouslyGrantedAccess; - - /* + + /* * Ignore the SACL for now */ - + /* * Check the DACL */ @@ -467,7 +487,7 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, { return(Status); } - + CurrentAce = (PACE)(Dacl + 1); for (i = 0; i < Dacl->AceCount; i++) { @@ -493,16 +513,15 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, if (!(CurrentAccess & DesiredAccess) && !((~CurrentAccess) & DesiredAccess)) { - *AccessStatus = STATUS_ACCESS_DENIED; + *AccessStatus = STATUS_ACCESS_DENIED; } else { *AccessStatus = STATUS_SUCCESS; } *GrantedAccess = CurrentAccess; - + return(STATUS_SUCCESS); } - /* EOF */