23 Jul
2006
23 Jul
'06
5:43 a.m.
Author: ion
Date: Sun Jul 23 09:43:28 2006
New Revision: 23233
URL: http://svn.reactos.org/svn/reactos?rev=23233&view=rev
Log:
- ImperstionationLocale -> ImpersonationLocale.
- Implement PspWriteTebImpersonationInfo for setting the impersonation locale and
impersonation status in the TEB (since User-mode needs to read this value and we don't
want to NtQueryInformationThread for it each time to read the ETHERAD flag).
- Complete the implementation of PspSetPrimaryToken to recalculate a process's access
rights to itself based on a new primary token.
- Reorganize ps.h header like ob.h and io.h, implement Tracing support but not the tracing
itself yet.
- Get rid of some deprecated cruft.
Removed:
trunk/reactos/ntoskrnl/include/internal/arch/ps.h
Modified:
trunk/reactos/include/ndk/pstypes.h
trunk/reactos/ntoskrnl/KrnlFun.c
trunk/reactos/ntoskrnl/include/internal/ob.h
trunk/reactos/ntoskrnl/include/internal/ps.h
trunk/reactos/ntoskrnl/ke/kthread.c
trunk/reactos/ntoskrnl/ps/security.c
Modified: trunk/reactos/include/ndk/pstypes.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/pstypes.h?rev=…
==============================================================================
--- trunk/reactos/include/ndk/pstypes.h (original)
+++ trunk/reactos/include/ndk/pstypes.h Sun Jul 23 09:43:28 2006
@@ -780,7 +780,7 @@
ULONG SoftPatchPtr1;
ULONG SoftPatchPtr2;
PVOID *TlsExpansionSlots;
- ULONG ImpersionationLocale;
+ ULONG ImpersonationLocale;
ULONG IsImpersonating;
PVOID NlsCache;
PVOID pShimData;
Modified: trunk/reactos/ntoskrnl/KrnlFun.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/KrnlFun.c?rev=232…
==============================================================================
--- trunk/reactos/ntoskrnl/KrnlFun.c (original)
+++ trunk/reactos/ntoskrnl/KrnlFun.c Sun Jul 23 09:43:28 2006
@@ -30,8 +30,6 @@
// - Add security calls where necessary.
// - Add tracing.
// - Add failure/race checks for thread creation.
-// - Complete PspSetPrimaryToken.
-// - Update TEB Security information when impersonating.
//
// Ob:
// - Possible bug in deferred deletion under Cc Rewrite branch.
Removed: trunk/reactos/ntoskrnl/include/internal/arch/ps.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/…
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/arch/ps.h (original)
+++ trunk/reactos/ntoskrnl/include/internal/arch/ps.h (removed)
@@ -1,13 +1,0 @@
-#ifndef __NTOSKRNL_INCLUDE_INTERNAL_ARCH_PS_H
-#define __NTOSKRNL_INCLUDE_INTERNAL_ARCH_PS_H
-
-#ifdef _M_IX86
-#define KiArchContextSwitch KiSwapContext
-#define KiArchInitThreadWithContext Ke386InitThreadWithContext
-#else
-#error "Unknown processor"
-#endif
-
-#endif /* __NTOSKRNL_INCLUDE_INTERNAL_ARCH_PS_H */
-
-/* EOF */
Modified: trunk/reactos/ntoskrnl/include/internal/ob.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/…
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/ob.h (original)
+++ trunk/reactos/ntoskrnl/include/internal/ob.h Sun Jul 23 09:43:28 2006
@@ -5,6 +5,7 @@
* PURPOSE: Internal header for the Object Manager
* PROGRAMMERS: Alex Ionescu (alex.ionescu(a)reactos.org)
*/
+
//
// Define this if you want debugging support
//
Modified: trunk/reactos/ntoskrnl/include/internal/ps.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/…
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/ps.h (original)
+++ trunk/reactos/ntoskrnl/include/internal/ps.h Sun Jul 23 09:43:28 2006
@@ -1,61 +1,160 @@
-#ifndef __INCLUDE_INTERNAL_PS_H
-#define __INCLUDE_INTERNAL_PS_H
-
-/* Forward declarations. */
-struct _KTHREAD;
-struct _KTRAPFRAME;
-struct _EJOB;
-
-#include <internal/arch/ps.h>
-
-/* Top level irp definitions. */
-#define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
-#define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
-#define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
-#define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
-#define FSRTL_MAX_TOP_LEVEL_IRP_FLAG (0x04)
-
+/*
+* PROJECT: ReactOS Kernel
+* LICENSE: GPL - See COPYING in the top level directory
+* FILE: ntoskrnl/include/ps.h
+* PURPOSE: Internal header for the Process Manager
+* PROGRAMMERS: Alex Ionescu (alex.ionescu(a)reactos.org)
+*/
+
+//
+// Define this if you want debugging support
+//
+#define _PS_DEBUG_ 0x00
+
+//
+// These define the Debug Masks Supported
+//
+#define PS_THREAD_DEBUG 0x01
+#define PS_PROCESS_DEBUG 0x02
+#define PS_SECURITY_DEBUG 0x04
+#define PS_JOB_DEBUG 0x08
+#define PS_NOTIFICATIONS_DEBUG 0x10
+#define PS_WIN32K_DEBUG 0x20
+#define PS_STATE_DEBUG 0x40
+#define PS_QUOTA_DEBUG 0x80
+
+//
+// Debug/Tracing support
+//
+#if _PS_DEBUG_
+#ifdef NEW_DEBUG_SYSTEM_IMPLEMENTED // enable when Debug Filters are implemented
+#define PSTRACE DbgPrintEx
+#else
+#define PSTRACE(x, ...) \
+ if (x & PspTraceLevel) DbgPrint(__VA_ARGS__)
+#endif
+#else
+#define PSTRACE(x, ...) DPRINT(__VA_ARGS__)
+#endif
+
+//
+// Maximum Count of Notification Routines
+//
#define PSP_MAX_CREATE_THREAD_NOTIFY 8
#define PSP_MAX_LOAD_IMAGE_NOTIFY 8
#define PSP_MAX_CREATE_PROCESS_NOTIFY 8
+//
+// Maximum Job Scheduling Classes
+//
#define PSP_JOB_SCHEDULING_CLASSES 10
-VOID
-NTAPI
-PspShutdownProcessManager(VOID);
-
-VOID
-NTAPI
-PsInitThreadManagment(VOID);
-
-VOID
-INIT_FUNCTION
-NTAPI
-PiInitProcessManager(VOID);
-
-VOID
-NTAPI
-PsInitProcessManagment(VOID);
-
-VOID
-NTAPI
-PsInitIdleThread(VOID);
-
+//
+// Initialization Functions
+//
+VOID
+NTAPI
+PspShutdownProcessManager(
+ VOID
+);
+
+VOID
+INIT_FUNCTION
+NTAPI
+PsInitThreadManagment(
+ VOID
+);
+
+VOID
+INIT_FUNCTION
+NTAPI
+PiInitProcessManager(
+ VOID
+);
+
+VOID
+INIT_FUNCTION
+NTAPI
+PsInitProcessManagment(
+ VOID
+);
+
+VOID
+INIT_FUNCTION
+NTAPI
+PsInitIdleThread(
+ VOID
+);
+
+NTSTATUS
+NTAPI
+PsInitializeIdleOrFirstThread(
+ IN PEPROCESS Process,
+ OUT PETHREAD* ThreadPtr,
+ IN PKSTART_ROUTINE StartRoutine,
+ IN KPROCESSOR_MODE AccessMode,
+ IN BOOLEAN First
+);
+
+VOID
+NTAPI
+INIT_FUNCTION
+PsInitJobManagment(
+ VOID
+);
+
+//
+// Utility Routines
+//
+PETHREAD
+NTAPI
+PsGetNextProcessThread(
+ IN PEPROCESS Process,
+ IN PETHREAD Thread OPTIONAL
+);
+
+PEPROCESS
+NTAPI
+PsGetNextProcess(
+ IN PEPROCESS OldProcess OPTIONAL
+);
+
+NTSTATUS
+NTAPI
+PspMapSystemDll(
+ IN PEPROCESS Process,
+ OUT PVOID *DllBase
+);
+
+NTSTATUS
+NTAPI
+PsLocateSystemDll(
+ VOID
+);
+
+NTSTATUS
+NTAPI
+PspGetSystemDllEntryPoints(
+ VOID
+);
+
+//
+// Security Routines
+//
PACCESS_TOKEN
-STDCALL
+NTAPI
PsReferenceEffectiveToken(
- PETHREAD Thread,
- PTOKEN_TYPE TokenType,
- PUCHAR b,
- PSECURITY_IMPERSONATION_LEVEL Level
-);
-
-NTSTATUS
-STDCALL
+ IN PETHREAD Thread,
+ OUT PTOKEN_TYPE TokenType,
+ OUT PUCHAR b,
+ OUT PSECURITY_IMPERSONATION_LEVEL Level
+);
+
+NTSTATUS
+NTAPI
PsOpenTokenOfProcess(
- HANDLE ProcessHandle,
- PACCESS_TOKEN* Token
+ IN HANDLE ProcessHandle,
+ OUT PACCESS_TOKEN* Token
);
NTSTATUS
@@ -66,15 +165,30 @@
IN PTOKEN Token OPTIONAL
);
-PETHREAD
-NTAPI
-PsGetNextProcessThread(
- IN PEPROCESS Process,
- IN PETHREAD Thread OPTIONAL
-);
-
-VOID
-STDCALL
+NTSTATUS
+NTAPI
+PspInitializeProcessSecurity(
+ IN PEPROCESS Process,
+ IN PEPROCESS Parent OPTIONAL
+);
+
+VOID
+NTAPI
+PspDeleteProcessSecurity(
+ IN PEPROCESS Process
+);
+
+VOID
+NTAPI
+PspDeleteThreadSecurity(
+ IN PETHREAD Thread
+);
+
+//
+// Reaping and Deletion
+//
+VOID
+NTAPI
PsExitSpecialApc(
PKAPC Apc,
PKNORMAL_ROUTINE *NormalRoutine,
@@ -83,121 +197,95 @@
PVOID *SystemArgument2
);
-NTSTATUS
-STDCALL
-PspInitializeProcessSecurity(
- PEPROCESS Process,
- PEPROCESS Parent OPTIONAL
-);
-
-VOID
-STDCALL
+VOID
+NTAPI
+PspReapRoutine(
+ IN PVOID Context
+);
+
+VOID
+NTAPI
+PspExitThread(
+ IN NTSTATUS ExitStatus
+);
+
+NTSTATUS
+NTAPI
+PspTerminateThreadByPointer(
+ IN PETHREAD Thread,
+ IN NTSTATUS ExitStatus,
+ IN BOOLEAN bSelf
+);
+
+VOID
+NTAPI
+PspExitProcess(
+ IN BOOLEAN LastThread,
+ IN PEPROCESS Process
+);
+
+VOID
+NTAPI
+PspDeleteProcess(
+ IN PVOID ObjectBody
+);
+
+VOID
+NTAPI
+PspDeleteThread(
+ IN PVOID ObjectBody
+);
+
+//
+// Thread/Process Startup
+//
+VOID
+NTAPI
PspSystemThreadStartup(
PKSTART_ROUTINE StartRoutine,
PVOID StartContext
);
-NTSTATUS
-NTAPI
-PsInitializeIdleOrFirstThread(
- PEPROCESS Process,
- PETHREAD* ThreadPtr,
- PKSTART_ROUTINE StartRoutine,
- KPROCESSOR_MODE AccessMode,
- BOOLEAN First
-);
-
-VOID
-STDCALL
-PspReapRoutine(PVOID Context);
-
-VOID
-STDCALL
-PspExitThread(NTSTATUS ExitStatus);
-
-NTSTATUS
-STDCALL
-PspTerminateThreadByPointer(
- PETHREAD Thread,
- NTSTATUS ExitStatus,
- BOOLEAN bSelf
-);
-
-PEPROCESS
-STDCALL
-PsGetNextProcess(PEPROCESS OldProcess);
-
-VOID
-STDCALL
-PsIdleThreadMain(PVOID Context);
-
-VOID
-STDCALL
-PspExitProcess(BOOLEAN LastThread,
- PEPROCESS Process);
-
-VOID
-STDCALL
-PspDeleteProcess(PVOID ObjectBody);
-
-VOID
-STDCALL
-PspDeleteThread(PVOID ObjectBody);
-
-VOID
-NTAPI
-INIT_FUNCTION
-PsInitJobManagment(VOID);
-
-VOID
-STDCALL
+VOID
+NTAPI
+PsIdleThreadMain(
+ IN PVOID Context
+);
+
+//
+// Quota Support
+//
+VOID
+NTAPI
PspInheritQuota(
- PEPROCESS Process,
- PEPROCESS ParentProcess
-);
-
-VOID
-STDCALL
-PspDestroyQuotaBlock(PEPROCESS Process);
-
-NTSTATUS
-STDCALL
-PspMapSystemDll(
- PEPROCESS Process,
- PVOID *DllBase
-);
-
-NTSTATUS
-STDCALL
-PsLocateSystemDll(VOID);
-
-NTSTATUS
-STDCALL
-PspGetSystemDllEntryPoints(VOID);
-
-VOID
-NTAPI
-PspRemoveProcessFromJob(
- IN PEPROCESS Process,
- IN PEJOB Job
-);
-
-NTSTATUS
-NTAPI
-PspDeleteLdt(IN PEPROCESS Process);
-
-NTSTATUS
-NTAPI
-PspDeleteVdmObjects(IN PEPROCESS Process);
-
-VOID
-NTAPI
-PspDeleteProcessSecurity(IN PEPROCESS Process);
-
-VOID
-NTAPI
-PspDeleteThreadSecurity(IN PETHREAD Thread);
-
+ IN PEPROCESS Process,
+ IN PEPROCESS ParentProcess
+);
+
+VOID
+NTAPI
+PspDestroyQuotaBlock(
+ IN PEPROCESS Process
+);
+
+//
+// VDM Support
+//
+NTSTATUS
+NTAPI
+PspDeleteLdt(
+ IN PEPROCESS Process
+);
+
+NTSTATUS
+NTAPI
+PspDeleteVdmObjects(
+ IN PEPROCESS Process
+);
+
+//
+// Job Routines
+//
VOID
NTAPI
PspExitProcessFromJob(
@@ -205,6 +293,17 @@
IN PEPROCESS Process
);
+VOID
+NTAPI
+PspRemoveProcessFromJob(
+ IN PEPROCESS Process,
+ IN PEJOB Job
+);
+
+//
+// Global data inside the Process Manager
+//
+extern ULONG PspTraceLevel;
extern LCID PsDefaultThreadLocaleId;
extern LCID PsDefaultSystemLocaleId;
extern LIST_ENTRY PspReaperListHead;
@@ -231,6 +330,8 @@
extern PVOID PspSystemDllBase;
extern BOOLEAN PspUseJobSchedulingClasses;
extern CHAR PspJobSchedulingClasses[PSP_JOB_SCHEDULING_CLASSES];
+
+//
+// Inlined Functions
+//
#include "ps_x.h"
-
-#endif /* __INCLUDE_INTERNAL_PS_H */
Modified: trunk/reactos/ntoskrnl/ke/kthread.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/kthread.c?rev=…
==============================================================================
--- trunk/reactos/ntoskrnl/ke/kthread.c (original)
+++ trunk/reactos/ntoskrnl/ke/kthread.c Sun Jul 23 09:43:28 2006
@@ -187,7 +187,7 @@
/* Special note for Filip: This will release the Dispatcher DB Lock ;-) --
Alex */
DPRINT("You are : %x, swapping to: %x\n", OldThread,
CurrentThread);
- KiArchContextSwitch(CurrentThread);
+ KiSwapContext(CurrentThread);
DPRINT("You are : %x, swapped from: %x\n", OldThread,
CurrentThread);
return;
}
@@ -841,11 +841,11 @@
_SEH_TRY
{
/* Initalize the Thread Context */
- KiArchInitThreadWithContext(Thread,
- SystemRoutine,
- StartRoutine,
- StartContext,
- Context);
+ Ke386InitThreadWithContext(Thread,
+ SystemRoutine,
+ StartRoutine,
+ StartContext,
+ Context);
}
_SEH_HANDLE
{
Modified: trunk/reactos/ntoskrnl/ps/security.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/security.c?rev…
==============================================================================
--- trunk/reactos/ntoskrnl/ps/security.c (original)
+++ trunk/reactos/ntoskrnl/ps/security.c Sun Jul 23 09:43:28 2006
@@ -99,6 +99,75 @@
NTSTATUS
NTAPI
+PspWriteTebImpersonationInfo(IN PETHREAD Thread,
+ IN PETHREAD CurrentThread)
+{
+ PEPROCESS Process;
+ PTEB Teb;
+ BOOLEAN Attached = FALSE;
+ BOOLEAN IsImpersonating;
+ KAPC_STATE ApcState;
+ PAGED_CODE();
+
+ /* Sanity check */
+ ASSERT(CurrentThread == PsGetCurrentThread());
+
+ /* Get process and TEB */
+ Process = Thread->ThreadsProcess;
+ Teb = Thread->Tcb.Teb;
+ if (Teb)
+ {
+ /* Check if we're not in the right process */
+ if (Thread->Tcb.ApcState.Process != &Process->Pcb)
+ {
+ /* Attach to the process */
+ KeStackAttachProcess(&Process->Pcb, &ApcState);
+ Attached = TRUE;
+ }
+
+ /* Check if we're in a different thread */
+ if (Thread != CurrentThread)
+ {
+ /* Acquire thread rundown protection */
+ ExAcquireRundownProtection(&Thread->RundownProtect);
+ }
+
+ /* Check if the thread is impersonating */
+ IsImpersonating = Thread->ActiveImpersonationInfo;
+ if (IsImpersonating)
+ {
+ /* Set TEB data */
+ Teb->ImpersonationLocale = -1;
+ Teb->IsImpersonating = 1;
+ }
+ else
+ {
+ /* Set TEB data */
+ Teb->ImpersonationLocale = 0;
+ Teb->IsImpersonating = 0;
+ }
+
+ /* Set new flag */
+ Thread->ActiveImpersonationInfo = TRUE;
+
+ /* Check if we're in a different thread */
+ if (Thread != CurrentThread)
+ {
+ /* Release protection */
+ ExReleaseRundownProtection(&Thread->RundownProtect);
+ }
+
+ /* Dettach */
+ if (Attached) KeUnstackDetachProcess(&ApcState);
+ }
+
+ /* Return to caller */
+ return STATUS_SUCCESS;
+}
+
+
+NTSTATUS
+NTAPI
PspAssignPrimaryToken(IN PEPROCESS Process,
IN PTOKEN Token)
{
@@ -129,7 +198,10 @@
{
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
BOOLEAN IsChild;
- NTSTATUS Status;
+ NTSTATUS Status, AccessStatus;
+ BOOLEAN Result, SdAllocated;
+ PSECURITY_DESCRIPTOR SecurityDescriptor;
+ SECURITY_SUBJECT_CONTEXT SubjectContext;
/* Make sure we got a handle */
if (TokenHandle)
@@ -171,14 +243,42 @@
if (NT_SUCCESS(Status))
{
/*
- * The idea here is that we need to completely reverify
- * if the process still has access to itself under this new
- * token, by doing an SeAccessCheck with the Primary Token and
- * the SD of the Process (ObGetObjectSecurity).
- * In the really twisted case where we lose access to ourselves,
- * we would set Process->GrantedAccess to 0.
+ * We need to completely reverify if the process still has access to
+ * itself under this new token.
*/
- DPRINT1("Process security not complete\n");
+ Status = ObGetObjectSecurity(Process,
+ &SecurityDescriptor,
+ &SdAllocated);
+ if (NT_SUCCESS(Status))
+ {
+ /* Setup the security context */
+ SubjectContext.ProcessAuditId = Process;
+ SubjectContext.PrimaryToken = PsReferencePrimaryToken(Process);
+ SubjectContext.ClientToken = NULL;
+
+ /* Do the access check */
+ Result = SeAccessCheck(SecurityDescriptor,
+ &SubjectContext,
+ FALSE,
+ MAXIMUM_ALLOWED,
+ 0,
+ NULL,
+ &PsProcessType->TypeInfo.GenericMapping,
+ PreviousMode,
+ &Process->GrantedAccess,
+ &AccessStatus);
+
+ /* Dereference the token and let go the SD */
+ ObFastDereferenceObject(&Process->Token,
+ SubjectContext.PrimaryToken);
+ ObReleaseObjectSecurity(SecurityDescriptor, SdAllocated);
+
+ /* Remove access if it failed */
+ if (!Result) Process->GrantedAccess = 0;
+ }
+
+ /* Dereference the process */
+ ObDereferenceObject(Process);
}
/* Dereference the token */
@@ -437,6 +537,9 @@
/* Dereference the impersonation token */
if (Token) ObDereferenceObject(Token);
+
+ /* Write impersonation info to the TEB */
+ PspWriteTebImpersonationInfo(Thread, PsGetCurrentThread());
}
/*
@@ -529,8 +632,10 @@
PspUnlockThreadSecurityExclusive(Thread);
}
+ /* Write impersonation info to the TEB */
+ PspWriteTebImpersonationInfo(Thread, PsGetCurrentThread());
+
/* Dereference the token and return success */
- ObReferenceObject(Token);
if (OldToken) ObDereferenceObject(OldToken);
return STATUS_SUCCESS;
}