CORE-18958
Introduce an emergency log-off and restart feature, available when holding
down the control key and selecting "Log Off" or "Shut down" in the MSGINA
Ctrl-Alt-Del security dialog, similar to Windows Server 2003 and newer
Windows versions.
As it turns out, those three functions were duplicating the same code
between each other. Reimplement these in terms of a common helper,
RtlFindExportedRoutineByName().
Indeed: MiFindExportedRoutineByName() was just MiLocateExportName()
but taking a PANSI_STRING instead of a NULL-terminated string.
A similar state of affairs also existed in Windows <= 2003, and the
MS guys also noticed it. Both routines have been then merged and renamed
to MiFindExportedRoutineByName() on Windows 8 (taking a PCSTR instead),
and finally renamed and exported as RtlFindExportedRoutineByName()
on Windows 10.
It was implemented in psmgr.c but in a recursive way. That implementation
is replaced, in the NameToOrdinal() helper, by the better non-recursive one
found in the MiLocateExportName() and MiFindExportedRoutineByName() functions.
This NameToOrdinal() helper is then called in lieu of the duplicated code
in MiLocateExportName() and MiFindExportedRoutineByName(). In addition,
one block of code in MiSnapThunk() is simplified in a similar manner.
Follow-up to #5610.
- Add _EnsureWriteBag, _PruneMRUTree, _GetMRUSize and
_GetMRUSlots helper functions.
- Add code into _GetMRUSlot, _FindNearestInheritBag, and Write.
- Add CLSID_MruPidlList and IID_IMruPidlList definitions into
<shlguid_undoc.h>.
- Add IMruPidlList interface into <shlobj_undoc.h>.
CORE-9283
- Don't forget to release RTL_RELATIVE_NAME_U before return
- Ignore lpSearchFilter correctly as on Windows
Fixes 6 failures in kernel32:FindFiles test in LiveCD.
CORE-19061
Following PR #5571 (commit 2d53e953c), it became apparent that the
management of the status-bar when showing the menu hints could be
simplified further.
Use "simple-text" status-bar display mode when showing menu hints.
The original status-bar panes state is "remembered" and are automatically
restored when the "simple-text" mode is disabled.
Previously it was in cpprt, which is a support library for C++, containing functions that are not exported by msvcrt. But since Vista __CxxFrameHandler3 is exported by msvcrt. Therefore move it to crt, and to satisfy pre-Vista configurations, also add it to msvcrtex.
Use two longs instead of one for the first parameter of EngCreateBitmap export. Make it same as win32k export.
MSDN documentation says that 1st parameter is SIZEL (SIZE) structure, which actually contains 2 longs inside. Sice it is passed by value, it needs to take enough memory when export in dxgthk and redirect to win32k (since it's actually a win32k function).
Fixes the compilation of our dxg.sys when calling dxgthk!EngCreateBitmap from it.
Found during my DirectX investigations.
mkisofs and its components uses K&R-style function definitions
to support very old compilers. Modern compilers consider K&R syntax
to be deprecated. Clang therefore emits a large number of warnings
over this.
Follow-up to #5590.
- Add CViewStatePropertyBag class.
- Add SHGetViewStatePropertyBag definition.
- Add FreeViewStatePropertyBagCache function and
use it in DllMain to free the cache.
CORE-9283
Object ACEs are supported starting from Revision 4, the current code checks
if the revision is above Revision 4. An Object ACE has to be strictly set on that revision,
whereas Object ACLs can be of any revision starting from ACL_REVISION4.
Write the necessary ACL validation code for ACEs whose types are ACCESS_ALLOWED_OBJECT_ACE_TYPE
or ACCESS_DENIED_OBJECT_ACE_TYPE. This ensures each created object type ACL has valid ACE
contents.
ACCESS_DENIED_ACE_TYPE, ACCESS_ALLOWED_ACE_TYPE, SYSTEM_AUDIT_ACE_TYPE and
SYSTEM_ALARM_ACE_TYPE belong to the same commonly internal ACE type, aka KNOWN_ACE,
as each of these ACEs have the same structure field offsets.
The only difference are ACCESS_DENIED_OBJECT_ACE_TYPE and ACCESS_ALLOWED_OBJECT_ACE_TYPE
as they have their own internal ACE type variant, the KNOWN_OBJECT_ACE structure.
The general guideline is that public ACE structure variants have to be used elsehwere
such as in UM whilst the kernel has to use the internal known ACE type variants when possible.
- Implement SepDenyAccessObjectTypeResultList, SepAllowAccessObjectTypeResultList,
SepDenyAccessObjectTypeList and SepAllowAccessObjectTypeList. These routines will
be used to grant or deny access to sub-objects of an object in the list.
- Refactor SepAnalyzeAcesFromDacl and SepAccessCheck to accomodate the newly
implemented access check by type mechanism.
- SepAccessCheck will now be SepAccessCheckWorker, a worker helper function that further
abstracts the access check mechanism in the kernel. Whereas the SepAccessCheck name will be
used as a centralized function used by the access check NT system calls.
- Deprecate SepGetSDOwner and SepGetSDGroup in favor of SepGetOwnerFromDescriptor and
SepGetGroupFromDescriptor. The former functions were buggy as they might potentially
return garbage data if either the owner or group were passed as NULL to a security
descriptor, hence a second chance exception fault. This was caught when writing tests
for NtAccessCheckByType.
- Shorten the debug prints by removing the name of the functions, the person who reads
the debugger output has to look at the source code anyway.
This implements various private kernel routines for object type list management
needed for access check code infrastructure. In addition, update the code documentation
and add missing comments.
This function will dump all the access status and granted access rights
of each object list of a list whenever an access check by type (or by type
result list) fails. This is for debugging purposes.
OBJECT_TYPE_LIST_INTERNAL will serve as an internal kernel data structure
to hold validated object type contents that are copied from UM.
The difference between the public and the internal one is that the internal structure has
an additional member for access check rights that have been granted on each
object element in the list.
The newly updated SAL2 annotations reflect those from Process Hacker.
Also these syscalls must have their function's status code checked, as
most of other Native syscalls have them checked.
* [KMTEST:TcpIp] Use 10 second timeout value instead of INFINITE
On x64 the test sometimes fails to connect and then times out on the testbot, causing the system to be rebooted.
Co-authored-by: Stanislav Motylkov <x86corez@gmail.com>