[ros-diffs] [ekohl] 69735: [NTOSKRNL] - Initialize SepRmDbLock and create the system and anonymous logon sessions in Phase 0, right before the system process token is created. - Implement functions to referenc...

Author: ekohl Date: Thu Oct 29 22:50:14 2015 New Revision: 69735 URL: http://svn.reactos.org/svn/reactos?rev=69735&view=rev Log: [NTOSKRNL] - Initialize SepRmDbLock and create the system and anonymous logon sessions in Phase 0, right before the system process token is created. - Implement functions to reference and dereference a logon session. - Reference a logon session in SepCreateToken and SepDuplicateToken. - Dereference a logon session in SepDeleteToken. Modified: trunk/reactos/ntoskrnl/include/internal/se.h trunk/reactos/ntoskrnl/se/semgr.c trunk/reactos/ntoskrnl/se/srm.c trunk/reactos/ntoskrnl/se/token.c Modified: trunk/reactos/ntoskrnl/include/internal/se.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/… ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] Thu Oct 29 22:50:14 2015 @@ -269,6 +269,10 @@ BOOLEAN NTAPI +SeRmInitPhase0(VOID); + +BOOLEAN +NTAPI SeRmInitPhase1(VOID); VOID @@ -502,7 +506,7 @@ _In_ BOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping); - + PACL SepSelectAcl( _In_opt_ PACL ExplicitAcl, @@ -577,6 +581,14 @@ _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted); +NTSTATUS +SepRmReferenceLogonSession( + PLUID LogonLuid); + +NTSTATUS +SepRmDereferenceLogonSession( + PLUID LogonLuid); + #endif /* EOF */ Modified: trunk/reactos/ntoskrnl/se/semgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=69… ============================================================================== --- trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] Thu Oct 29 22:50:14 2015 @@ -109,6 +109,9 @@ /* Initialize token objects */ SepInitializeTokenImplementation(); + /* Initialize logon sessions */ + if (!SeRmInitPhase0()) return FALSE; + /* Clear impersonation info for the idle thread */ PsGetCurrentThread()->ImpersonationInfo = NULL; PspClearCrossThreadFlag(PsGetCurrentThread(), Modified: trunk/reactos/ntoskrnl/se/srm.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/srm.c?rev=6973… ============================================================================== --- trunk/reactos/ntoskrnl/se/srm.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/srm.c [iso-8859-1] Thu Oct 29 22:50:14 2015 @@ -143,27 +143,39 @@ BOOLEAN NTAPI +SeRmInitPhase0(VOID) +{ + NTSTATUS Status; + + /* Initialize the database lock */ + KeInitializeGuardedMutex(&SepRmDbLock); + + /* Create the system logon session */ + Status = SepRmCreateLogonSession(&SeSystemAuthenticationId); + if (!NT_VERIFY(NT_SUCCESS(Status))) + { + return FALSE; + } + + /* Create the anonymous logon session */ + Status = SepRmCreateLogonSession(&SeAnonymousAuthenticationId); + if (!NT_VERIFY(NT_SUCCESS(Status))) + { + return FALSE; + } + + return TRUE; +} + + +BOOLEAN +NTAPI SeRmInitPhase1(VOID) { UNICODE_STRING Name; OBJECT_ATTRIBUTES ObjectAttributes; HANDLE ThreadHandle; NTSTATUS Status; - - // Windows does this in SeRmInitPhase0, but it should not matter - KeInitializeGuardedMutex(&SepRmDbLock); - - Status = SepRmCreateLogonSession(&SeSystemAuthenticationId); - if (!NT_VERIFY(NT_SUCCESS(Status))) - { - return FALSE; - } - - Status = SepRmCreateLogonSession(&SeAnonymousAuthenticationId); - if (!NT_VERIFY(NT_SUCCESS(Status))) - { - return FALSE; - } /* Create the SeRm command port */ RtlInitUnicodeString(&Name, L"\\SeRmCommandPort"); @@ -289,8 +301,8 @@ NTSTATUS Status; PAGED_CODE(); - DPRINT1("SepRmCreateLogonSession(<0x%lx,0x%lx>)\n", - LogonLuid->HighPart, LogonLuid->LowPart); + DPRINT("SepRmCreateLogonSession(%08lx:%08lx)\n", + LogonLuid->HighPart, LogonLuid->LowPart); /* Allocate a new session structure */ NewSession = ExAllocatePoolWithTag(PagedPool, @@ -347,12 +359,90 @@ SepRmDeleteLogonSession( PLUID LogonLuid) { - DPRINT1("SepRmDeleteLogonSession(<0x%lx,0x%lx>)\n", - LogonLuid->HighPart, LogonLuid->LowPart); + DPRINT("SepRmDeleteLogonSession(%08lx:%08lx)\n", + LogonLuid->HighPart, LogonLuid->LowPart); UNIMPLEMENTED; NT_ASSERT(FALSE); return STATUS_NOT_IMPLEMENTED; +} + + +NTSTATUS +SepRmReferenceLogonSession( + PLUID LogonLuid) +{ + PSEP_LOGON_SESSION_REFERENCES CurrentSession; + + PAGED_CODE(); + + DPRINT("SepRmReferenceLogonSession(%08lx:%08lx)\n", + LogonLuid->HighPart, LogonLuid->LowPart); + + /* Acquire the database lock */ + KeAcquireGuardedMutex(&SepRmDbLock); + + /* Loop all existing sessions */ + for (CurrentSession = SepLogonSessions; + CurrentSession != NULL; + CurrentSession = CurrentSession->Next) + { + /* Check if the LUID matches the new one */ + if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid)) + { + /* Reference the session */ + CurrentSession->ReferenceCount += 1; + DPRINT1("ReferenceCount: %lu\n", CurrentSession->ReferenceCount); + + /* Release the database lock */ + KeReleaseGuardedMutex(&SepRmDbLock); + + return STATUS_SUCCESS; + } + } + + /* Release the database lock */ + KeReleaseGuardedMutex(&SepRmDbLock); + + return STATUS_NO_SUCH_LOGON_SESSION; +} + + +NTSTATUS +SepRmDereferenceLogonSession( + PLUID LogonLuid) +{ + PSEP_LOGON_SESSION_REFERENCES CurrentSession; + + DPRINT("SepRmDereferenceLogonSession(%08lx:%08lx)\n", + LogonLuid->HighPart, LogonLuid->LowPart); + + /* Acquire the database lock */ + KeAcquireGuardedMutex(&SepRmDbLock); + + /* Loop all existing sessions */ + for (CurrentSession = SepLogonSessions; + CurrentSession != NULL; + CurrentSession = CurrentSession->Next) + { + /* Check if the LUID matches the new one */ + if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid)) + { + /* Dereference the session */ + CurrentSession->ReferenceCount -= 1; + DPRINT1("ReferenceCount: %lu\n", CurrentSession->ReferenceCount); + + /* Release the database lock */ + KeReleaseGuardedMutex(&SepRmDbLock); + + return STATUS_SUCCESS; + } + } + + /* Release the database lock */ + KeReleaseGuardedMutex(&SepRmDbLock); + + return STATUS_NO_SUCH_LOGON_SESSION; } Modified: trunk/reactos/ntoskrnl/se/token.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/token.c?rev=69… ============================================================================== --- trunk/reactos/ntoskrnl/se/token.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/token.c [iso-8859-1] Thu Oct 29 22:50:14 2015 @@ -480,6 +480,9 @@ *NewAccessToken = AccessToken; + /* Reference the logon session */ + SepRmReferenceLogonSession(&AccessToken->AuthenticationId); + done: if (!NT_SUCCESS(Status)) { @@ -608,6 +611,11 @@ SepDeleteToken(PVOID ObjectBody) { PTOKEN AccessToken = (PTOKEN)ObjectBody; + + DPRINT1("SepDeleteToken()\n"); + + /* Dereference the logon session */ + SepRmDereferenceLogonSession(&AccessToken->AuthenticationId); if (AccessToken->UserAndGroups) ExFreePoolWithTag(AccessToken->UserAndGroups, TAG_TOKEN_USERS); @@ -699,6 +707,8 @@ NTSTATUS Status; ULONG TokenFlags = 0; + PAGED_CODE(); + /* Loop all groups */ for (i = 0; i < GroupCount; i++) { @@ -885,6 +895,9 @@ /* Return pointer instead of handle */ *TokenHandle = (HANDLE)AccessToken; } + + /* Reference the logon session */ + SepRmReferenceLogonSession(AuthenticationId); done: if (!NT_SUCCESS(Status))