mirror of
https://github.com/reactos/reactos.git
synced 2024-08-21 19:03:01 +00:00
4471ee4dfa
On current master, ReactOS faces these problems: - ObCreateObject charges both paged and non paged pool a size of TOKEN structure, not the actual dynamic contents of WHAT IS inside a token. For paged pool charge the size is that of the dynamic area (primary group + default DACL if any). This is basically what DynamicCharged is for. For the non paged pool charge, the actual charge is that of TOKEN structure upon creation. On duplication and filtering however, the paged pool charge size is that of the inherited dynamic charged space from an existing token whereas the non paged pool size is that of the calculated token body length for the new duplicated/filtered token. On current master, we're literally cheating the kernel by charging the wrong amount of quota not taking into account the dynamic contents which they come from UM. - Both DynamicCharged and DynamicAvailable are not fully handled (DynamicAvailable is pretty much poorly handled with some cases still to be taking into account). DynamicCharged is barely handled, like at all. - As a result of these two points above, NtSetInformationToken doesn't check when the caller wants to set up a new default token DACL or primary group if the newly DACL or the said group exceeds the dynamic charged boundary. So what happens is that I'm going to act like a smug bastard fat politician and whack the primary group and DACL of an token however I want to, because why in the hell not? In reality no, the kernel has to punish whoever attempts to do that, although we currently don't. - The dynamic area (aka DynamicPart) only picks up the default DACL but not the primary group as well. Generally the dynamic part is composed of primary group and default DACL, if provided. In addition to that, we aren't returning the dynamic charged and available area in token statistics. SepComputeAvailableDynamicSpace helper is here to accommodate that. Apparently Windows is calculating the dynamic available area rather than just querying the DynamicAvailable field directly from the token. My theory regarding this is like the following: on Windows both TokenDefaultDacl and TokenPrimaryGroup classes are barely used by the system components during startup (LSASS provides both a DACL and primary group when calling NtCreateToken anyway). In fact DynamicAvailable is 0 during token creation, duplication and filtering when inspecting a token with WinDBG. So if an application wants to query token statistics that application will face a dynamic available space of 0. |
||
|---|---|---|
| .. | ||
| amd64 | ||
| arch | ||
| arm | ||
| i386 | ||
| cc.h | ||
| cm.h | ||
| cm_x.h | ||
| cmboot.h | ||
| dbgk.h | ||
| ex.h | ||
| fsrtl.h | ||
| hal.h | ||
| hdl.h | ||
| icif.h | ||
| inbv.h | ||
| io.h | ||
| io_i.h | ||
| io_x.h | ||
| kd.h | ||
| kd64.h | ||
| ke.h | ||
| ke_x.h | ||
| ldr.h | ||
| lpc.h | ||
| lpc_x.h | ||
| mm.h | ||
| napi.h | ||
| ntoskrnl.h | ||
| ob.h | ||
| ob_x.h | ||
| po.h | ||
| probe.h | ||
| ps.h | ||
| ps_i.h | ||
| ps_x.h | ||
| rtl.h | ||
| se.h | ||
| spinlock.h | ||
| tag.h | ||
| test.h | ||
| vdm.h | ||