[tfaber] 69570: [KMTESTS:OB] - Add a test showing that I was wrong and ZwDuplicateObject can get you a kernel handle after all CORE-10207 - Ros-diffs

17 Oct 2015

Author: tfaber
Date: Sat Oct 17 17:41:43 2015
New Revision: 69570

URL: http://svn.reactos.org/svn/reactos?rev=69570&view=rev
Log:
[KMTESTS:OB]
- Add a test showing that I was wrong and ZwDuplicateObject can get you a kernel handle
after all
CORE-10207

Modified:
    trunk/rostests/kmtests/ntos_ob/ObHandle.c

Modified: trunk/rostests/kmtests/ntos_ob/ObHandle.c
URL:
http://svn.reactos.org/svn/reactos/trunk/rostests/kmtests/ntos_ob/ObHandle.…
==============================================================================

--- trunk/rostests/kmtests/ntos_ob/ObHandle.c	[iso-8859-1] (original)
+++ trunk/rostests/kmtests/ntos_ob/ObHandle.c	[iso-8859-1] Sat Oct 17 17:41:43 2015
@@ -24,6 +24,8 @@
 #define KERNEL_HANDLE_FLAG ((ULONG_PTR)0xFFFFFFFF80000000)
 #define IsUserHandle(h)   (((ULONG_PTR)(h) & KERNEL_HANDLE_FLAG) == 0)
 #define IsKernelHandle(h) (((ULONG_PTR)(h) & KERNEL_HANDLE_FLAG) ==
KERNEL_HANDLE_FLAG)
+
+static HANDLE SystemProcessHandle;
 
 static
 VOID
@@ -81,6 +83,34 @@
             CheckObject(Handle, 2UL, 1UL, 0UL, DIRECTORY_ALL_ACCESS);
         }
     }
+
+    /* If TargetProcess is the System process, we do get a kernel handle */
+    Status = ZwDuplicateObject(ZwCurrentProcess(),
+                               Handle,
+                               SystemProcessHandle,
+                               &NewHandle,
+                               DIRECTORY_ALL_ACCESS,
+                               OBJ_KERNEL_HANDLE,
+                               0);
+    ok_eq_hex(Status, STATUS_SUCCESS);
+    if (!skip(NT_SUCCESS(Status), "DuplicateHandle failed\n"))
+    {
+        ok(IsKernelHandle(NewHandle), "New handle = %p\n", NewHandle);
+        CheckObject(NewHandle, 3UL, 2UL, 0, DIRECTORY_ALL_ACCESS);
+        CheckObject(Handle, 3UL, 2UL, 0UL, DIRECTORY_ALL_ACCESS);
+
+        Status = ObCloseHandle(NewHandle, UserMode);
+        ok_eq_hex(Status, STATUS_INVALID_HANDLE);
+        CheckObject(NewHandle, 3UL, 2UL, 0, DIRECTORY_ALL_ACCESS);
+        CheckObject(Handle, 3UL, 2UL, 0UL, DIRECTORY_ALL_ACCESS);
+
+        if (IsKernelHandle(NewHandle))
+        {
+            Status = ObCloseHandle(NewHandle, KernelMode);
+            ok_eq_hex(Status, STATUS_SUCCESS);
+            CheckObject(Handle, 2UL, 1UL, 0UL, DIRECTORY_ALL_ACCESS);
+        }
+    }
 }
 
 START_TEST(ObHandle)
@@ -90,6 +120,19 @@
     HANDLE KernelDirectoryHandle;
     HANDLE UserDirectoryHandle;
 
+    Status = ObOpenObjectByPointer(PsInitialSystemProcess,
+                                   OBJ_KERNEL_HANDLE,
+                                   NULL,
+                                   PROCESS_ALL_ACCESS,
+                                   *PsProcessType,
+                                   KernelMode,
+                                   &SystemProcessHandle);
+    ok_eq_hex(Status, STATUS_SUCCESS);
+    if (skip(NT_SUCCESS(Status), "No handle for system process\n"))
+    {
+        SystemProcessHandle = NULL;
+    }
+
     InitializeObjectAttributes(&ObjectAttributes,
                                NULL,
                                0,
@@ -208,4 +251,9 @@
         Status = ObCloseHandle((HANDLE)123, KernelMode);
         Status = ObCloseHandle((HANDLE)(123 | 0x80000000), KernelMode);*/
     KmtEndSeh(STATUS_SUCCESS);
+
+    if (SystemProcessHandle)
+    {
+        ObCloseHandle(SystemProcessHandle, KernelMode);
+    }
 }



    