22 Aug
2023
22 Aug
'23
4:11 p.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=5f3fab72a9b242394fe64…
commit 5f3fab72a9b242394fe64119072c2449e8acead0
Author: George Bișoc <george.bisoc(a)reactos.org>
AuthorDate: Wed Jun 21 17:44:34 2023 +0200
Commit: unknown <george.bisoc(a)reactos.org>
CommitDate: Tue Aug 22 17:54:17 2023 +0200
[NTOS:SE] Implement SepDumpAccessAndStatusList
This function will dump all the access status and granted access rights
of each object list of a list whenever an access check by type (or by type
result list) fails. This is for debugging purposes.
---
ntoskrnl/se/debug.c | 38 +++++++++++++++++++++++++++++++++++++-
1 file changed, 37 insertions(+), 1 deletion(-)
diff --git a/ntoskrnl/se/debug.c b/ntoskrnl/se/debug.c
index 87e4f1e57e1..1f038ac0702 100644
--- a/ntoskrnl/se/debug.c
+++ b/ntoskrnl/se/debug.c
@@ -2,7 +2,7 @@
* PROJECT: ReactOS Kernel
* LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
* PURPOSE: Security subsystem debug routines support
- * COPYRIGHT: Copyright 2022 George Bișoc <george.bisoc(a)reactos.org>
+ * COPYRIGHT: Copyright 2022-2023 George Bișoc <george.bisoc(a)reactos.org>
*/
/* INCLUDES *******************************************************************/
@@ -344,4 +344,40 @@ SepDumpAccessRightsStats(
#endif
}
+/**
+ * @brief
+ * Dumps access and status values of each object type
+ * in the result list.
+ */
+VOID
+SepDumpAccessAndStatusList(
+ _In_ PACCESS_MASK GrantedAccessList,
+ _In_ PNTSTATUS AccessStatusList,
+ _In_ BOOLEAN IsResultList,
+ _In_ POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
+ _In_ ULONG ObjectTypeListLength)
+{
+#ifndef NDEBUG
+ ULONG ResultListIndex;
+ ULONG ObjectTypeIndex;
+ ULONG ResultListLength;
+
+ DbgPrint("================== ACCESS & STATUS OBJECT TYPE LIST STATISTICS
==================\n");
+ ResultListLength = IsResultList ? ObjectTypeListLength : 1;
+ for (ResultListIndex = 0; ResultListIndex < ResultListLength; ResultListIndex++)
+ {
+ DbgPrint("Result Index #%lu, Granted access rights -> 0x%08lx, Access
status -> 0x%08lx\n",
+ ResultListIndex, GrantedAccessList[ResultListIndex],
AccessStatusList[ResultListIndex]);
+ }
+
+ for (ObjectTypeIndex = 0; ObjectTypeIndex < ObjectTypeListLength;
ObjectTypeIndex++)
+ {
+ DbgPrint("================== #%lu OBJECT ACCESS RIGHTS
==================\n", ObjectTypeIndex);
+ DbgPrint("Remaining access rights -> 0x%08lx\n",
ObjectTypeList[ObjectTypeIndex].ObjectAccessRights.RemainingAccessRights);
+ DbgPrint("Granted access rights -> 0x%08lx\n",
ObjectTypeList[ObjectTypeIndex].ObjectAccessRights.GrantedAccessRights);
+ DbgPrint("Denied access rights -> 0x%08lx\n",
ObjectTypeList[ObjectTypeIndex].ObjectAccessRights.DeniedAccessRights);
+ }
+#endif
+}
+
/* EOF */