Commit graph

17 commits

Author SHA1 Message Date
unknown
310563aece
[NTOS:SE] Let SepGetSidFromAce figure out the ACE type
As the commit title says. Instead of having the caller figuring out what
the ACE type should be of the ACE.
2023-08-23 17:54:47 +02:00
George Bișoc
8289de6ef7
[NTOS:SE] Cast the ACE to known ACE type variants on SepGetSidFromAce
ACCESS_DENIED_ACE_TYPE, ACCESS_ALLOWED_ACE_TYPE, SYSTEM_AUDIT_ACE_TYPE and
SYSTEM_ALARM_ACE_TYPE belong to the same commonly internal ACE type, aka KNOWN_ACE,
as each of these ACEs have the same structure field offsets.

The only difference are ACCESS_DENIED_OBJECT_ACE_TYPE and ACCESS_ALLOWED_OBJECT_ACE_TYPE
as they have their own internal ACE type variant, the KNOWN_OBJECT_ACE structure.

The general guideline is that public ACE structure variants have to be used elsehwere
such as in UM whilst the kernel has to use the internal known ACE type variants when possible.
2023-08-22 17:54:18 +02:00
George Bișoc
8b75dce45a
[NTOS:SE][FORMATTING] Fix the file header
This fixes the copyright file header at the top of the file, reflecting
the Coding Style rules. No code changes!
2023-03-07 18:39:46 +01:00
George Bișoc
e2ee126c23
[NTOS:SE] Add new ACE types for SepGetSidFromAce routine 2022-11-08 18:24:37 +01:00
George Bișoc
9a2c62b544
[NTOS:SE] Reorganize the security manager component
The current state of Security manager's code is kind of a mess. Mainly, there's code scattered around places where they shouldn't belong and token implementation (token.c) is already of a bloat in itself as it is. The file has over 6k lines and it's subject to grow exponentially with improvements, features, whatever that is.

With that being said, the token implementation code in the kernel will be split accordingly and rest of the code moved to appropriate places. The new layout will look as follows (excluding the already existing files):

- client.c (Client security implementation code)
- objtype.c (Object type list implementation code -- more code related to object types will be put here when I'm going to implement object type access checks in the future)
- subject.c (Subject security context support)

The token implementation in the kernel will be split in 4 distinct files as shown:

- token.c (Base token support routines)
- tokenlif.c (Life management of a token object -- that is Duplication, Creation and Filtering)
- tokencls.c (Token Query/Set Information Classes support)
- tokenadj.c (Token privileges/groups adjusting support)

In addition to that, tidy up the internal header and reorganize it as well.
2022-05-29 20:22:19 +02:00
George Bișoc
bac67a65f2
[NTOS:SE] Implement SepGetSidFromAce
This function will be used to retrieve a security identifier from a valid access control entry in the kernel. Mostly and exclusively used within access checks related code and such.
2022-05-06 10:09:53 +02:00
George Bișoc
1b06522638
[NTOS:SE] Assign the captured SID and/or privileges to NULL manually on token filtering
This reverts 8479509 commit which pretty much does nothing at all (the captured pointer is NULL within the stack of the function has no effect outside of the function). My mistake, sorry.
2022-02-10 09:51:58 +01:00
George Bișoc
8479509a7b
[NTOS:SE] Assign the captured privilege or SID as NULL when releasing
Whenever a captured security property such as privilege or SID is released, we must not have such captured property point at random address in memory but rather we must assign it as NULL after it's been freed from pool memory. This avoids potential double-after-free situations where we might release a buffer twice.
This is exactly the case with token filtering.
2022-02-09 10:29:56 +01:00
George Bișoc
f909e8762d
[NTOS:SE] Validate the SID lengths when capturing them
SIDs are variadic by nature which means their lengths can vary in a given amount of time and certain factors that allow for this happen. This also especially can lead to issues when capturing SIDs and attributes because SeCaptureSidAndAttributesArray might end up overwriting the buffer during the time it's been called.

Therefore when we're copying the SIDs, validate their lengths. In addition to that, update the documentation header accordingly and add some debug prints in code.
2021-11-16 10:55:44 +01:00
George Bișoc
9c1c88de3e
[NTOS:SE] Define a name macro for the threshold value
Instead of having this magic value as is, describe it within a macro for readability purposes.
2021-09-27 09:39:23 +02:00
Hermès Bélusca-Maïto
9393fc320e
[FORMATTING] Remove trailing whitespace. Addendum to 34593d93.
Excluded: 3rd-party code (incl. wine) and most of the win32ss.
2021-09-13 03:52:22 +02:00
George Bișoc
8567d8145e
[NTOS:SE] Annotate the remaining functions with SAL 2021-08-22 10:29:58 +02:00
George Bișoc
6413009c10
[NTOS:SE] Document the whole subsystem in Doxygen format
And update the file comment headers.
2021-08-22 10:29:47 +02:00
George Bișoc
7692c10527
[NTOS:SE] Unify all the SRM tags in one place
And rename SEP_LOGON_SESSION_TAG and SEP_LOGON_NOTIFICATION_TAG to TAG_LOGON_SESSION and TAG_LOGON_NOTIFICATION respectively.
2021-07-31 16:10:50 +02:00
Victor Perevertkin
5c7ce4475e
[REACTOS] Cleanup INIT and some PAGE section allocations
- Change INIT_FUNCTION and INIT_SECTION to CODE_SEG("INIT") and DATA_SEG("INIT") respectively
- Remove INIT_FUNCTION from function prototypes
- Remove alloc_text pragma calls as they are not needed anymore
2020-11-02 21:45:31 +03:00
Serge Gautherie
b20f815126
[NTOSKRNL] Place INIT_FUNCTION before the return type (#2823)
(but after 'static' or SAL 2 annotation.)
Follow-up to 71fefa32, which mentions that it's actually required by the compiler in some circumstances.
2020-05-23 15:56:10 +02:00
Colin Finck
c2c66aff7d Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys. 2017-10-03 07:45:34 +00:00
Renamed from reactos/ntoskrnl/se/sid.c (Browse further)