Commit graph

120 commits

Author SHA1 Message Date
Pierre Schweitzer
651ba03c6d
[NTOSKRNL] Taggify some allocs 2019-06-10 14:54:55 +02:00
Pierre Schweitzer
a5daa8894d
[NTOSKRNL] Implement SepCleanupLUIDDeviceMapDirectory
This will clean up all the links (drive letters) created
by an user on session deletion once LUID device maps are
in use
2019-06-10 14:49:50 +02:00
Pierre Schweitzer
5ecc05003d
[NTOSKRNL] On session last reference removal, dereference LUID device map 2019-06-10 12:30:49 +02:00
Pierre Schweitzer
7c618faa32
[NTOSKRNL] Implement SeGetLogonIdDeviceMap 2019-06-01 21:09:20 +02:00
Pierre Schweitzer
59806f7eb0
[NTOSKRNL] Stub SeGetLogonIdDeviceMap 2019-06-01 18:37:47 +02:00
Hermès Bélusca-Maïto
627b1df579
[NTOS] Fix typos. 2019-04-22 19:41:19 +02:00
Pierre Schweitzer
eb8b481cd4
[NTOSKRNL] Rewrite/fix our UUID generation implementation
So that it matches Windows behavior
Also implement ExUuidCreate that will generate UUID version 1

The implementation is based on the RFC 4122
2019-03-01 08:22:48 +01:00
Timo Kreuzer
71fefa32db
[NDK][NTOS] Add global definition of INIT_FUNCTION/INIT_SECTION (#779)
* Add an NDK header to define INIT_FUNCTION/INIT_SECTION globally
* Use _declspec(allocate(x)) and _declspec(code_seg(x)) on MSVC versions that support it
* Use INIT_FUNCTION on functions only and INIT_SECTION on data only (required by MSVC)
* Place INIT_FUNCTION before the return type (required by MSVC)
* Make sure declarations and implementations share the same modifiers (required by MSVC)
* Add a global linker option to suppress warnings about defined but unused INIT section
* Merge INIT section into .text in freeldr
2018-12-30 12:19:11 +01:00
Pierre Schweitzer
95bc44e214
[NTOSKRNL] Don't leak DACL
Spotted by Thomas :-)
2018-11-11 23:21:36 +01:00
Pierre Schweitzer
6747dacf10
[NTOSKRNL] Create a security descriptor for the \security directory object 2018-11-10 23:25:10 +01:00
Pierre Schweitzer
2ce071d19a
[NTOSKRNL] Implement SeComputeQuotaInformationSize() 2018-10-27 19:36:14 +02:00
Hermès Bélusca-Maïto
7f9282927b
[NTOS:SE] Fixes for NT tokens.
- SeIsTokenChild(): Correctly check whether a caller-provided token
  is a child from the current process' primary token by looking at
  its ParentTokenId member.

- Add a SeIsTokenSibling() helper to determine whether a caller-provided
  token and the current process' primary token are siblings, by comparing
  their ParentTokenId's and AuthenticationId's.

NOTE: Children tokens are created through CreateRestrictedToken();
sibling tokens are created through DuplicateToken() (amongst others).

See slide 49 of https://www.slideshare.net/Shakacon/social-engineering-the-windows-kernel-by-james-forshaw
or https://googleprojectzero.blogspot.com/2016/01/raising-dead.html
for some details.
2018-09-28 00:45:01 +02:00
Timo Kreuzer
6c154c0625 [NTOS:SE] Fix SeSetSecurityDescriptorInfoEx to prevent pool corruption on x64 2018-08-16 16:32:49 +02:00
Hermès Bélusca-Maïto
4d494caf61
[NTOS:SE] Overhaul the token management code.
- Overhaul SepCreateToken() and SepDuplicateToken() so that they
  implement the "variable information area" of the token, where
  immutable lists of user & groups and privileges reside, and the
  "dynamic information area" (allocated separately in paged pool),
  where mutable data such as the token's default DACL is stored.
  Perform the necessary adaptations in SepDeleteToken() and in
  NtSetInformationToken().

- Actually dereference the token's logon session, when needed, in the
  'TokenSessionReference' case in NtSetInformationToken().

- Overhaul SepFindPrimaryGroupAndDefaultOwner() so that it returns
  the indices of candidate primary group and default owner within the
  token's user & groups array. This allows for fixing the 'TokenOwner'
  and 'TokenPrimaryGroup' cases of NtSetInformationToken(), since the
  owner or primary group being set *MUST* already exist in the token's
  user & groups array (as a by-product, memory corruptions that existed
  before due to the broken way of setting these properties disappear too).

- Lock tokens every time operations are performed on them (NOTE: we
  still use a global token lock!).

- Touch the ModifiedId LUID member of tokens everytime a write operation
  (property change, etc...) is made on them.

- Fix some group attributes in the SYSTEM process token, SepCreateSystemProcessToken().

- Make the SeCreateTokenPrivilege mandatory when calling NtCreateToken().

- Update the token pool tags.

- Explicitly use the Ex*ResourceLite() versions of the locking functions
  in the token locking macros.
2018-06-27 23:40:18 +02:00
Hermès Bélusca-Maïto
9594022ce1
[NTOS:SE] Add a documentation note about SeTokenIsWriteRestricted() and SeTokenIsAdmin(), and update the one for NtDuplicateToken().
[XDK] Move TOKEN_HAS_ADMIN_GROUP where appropriate.
2018-06-27 23:40:15 +02:00
Hermès Bélusca-Maïto
f61694cfbb
[NTOS:SE] Minor style changes.
- Use TRUE/FALSE instead of 1/0 for booleans.
- Use NULL instead of 0 for null pointers.
- Print 0x prefix for hex values in DPRINTs.
- Use new annotations for SepCreateToken() and SepDuplicateToken().
2018-06-27 23:40:15 +02:00
Hermès Bélusca-Maïto
986bf4c407
[NTOS:SE] In SepCreateClientSecurity(), fix the impersonation level value passed to the SeCopyClientToken() call.
Caught while debugging, in the case the ImpersonationLevel value was
uninitialized, due to the fact it was left untouched on purpose by
PsReferenceEffectiveToken().
2018-06-27 23:40:14 +02:00
Hermès Bélusca-Maïto
0ef734dba4
[FORMATTING] No code change; typo fix. 2018-06-27 23:40:14 +02:00
Hermès Bélusca-Maïto
5b2dda9134
[NTOS:SE] Finish SepCreateImpersonationTokenDacl() implementation.
- Re-enable a commented-out block;
- Return the allocated Dacl.
- Use the correct pool tag when freeing the allocated Dacl.
2018-06-27 23:40:14 +02:00
Colin Finck
c2c66aff7d Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys. 2017-10-03 07:45:34 +00:00