Author: ion Date: Sun Jun 11 10:52:56 2006 New Revision: 22303 URL: http://svn.reactos.ru/svn/reactos?rev=22303&view=rev Log: - Fix definitions of OB_QUERYNAME_METHOD and OB_OKAYTOCLOSE_METHOD. Add fixme for OB_SECURITY_METHOD, will change it later. - Simplified NtDuplicateObject to a simple stub around ObDuplicateObject, there is no need to have lengthy hacks for NtCurrentProcess/NtCurrentThread(). - Cleanup ObDuplicateObject to use normal Ob routines instead of grovelling through handle table structures and manually touching the handle count: It now calls ObpIncrementHandleCount and all the underlying operations are done on the duplicated handle. Also access state creation is done if the duplicated handle has different desired access. Modified: trunk/reactos/include/ndk/obtypes.h trunk/reactos/ntoskrnl/cm/cm.h trunk/reactos/ntoskrnl/cm/regobj.c trunk/reactos/ntoskrnl/include/internal/io.h trunk/reactos/ntoskrnl/include/internal/ob.h trunk/reactos/ntoskrnl/io/file.c trunk/reactos/ntoskrnl/ob/obhandle.c trunk/reactos/ntoskrnl/ob/obname.c Modified: trunk/reactos/include/ndk/obtypes.h URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/include/ndk/obtypes.h?rev=2… ============================================================================== --- trunk/reactos/include/ndk/obtypes.h (original) +++ trunk/reactos/include/ndk/obtypes.h Sun Jun 11 10:52:56 2006 @@ -215,7 +215,7 @@ (NTAPI *OB_SECURITY_METHOD)( IN PVOID Object, IN SECURITY_OPERATION_CODE OperationType, - IN SECURITY_INFORMATION SecurityInformation, + IN SECURITY_INFORMATION SecurityInformation, // FIXME: <= should be a pointer IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG CapturedLength, IN OUT PSECURITY_DESCRIPTOR *ObjectSecurityDescriptor, @@ -229,14 +229,16 @@ IN BOOLEAN HasObjectName, OUT POBJECT_NAME_INFORMATION ObjectNameInfo, IN ULONG Length, - OUT PULONG ReturnLength + OUT PULONG ReturnLength, + IN KPROCESSOR_MODE AccessMode ); typedef NTSTATUS (NTAPI *OB_OKAYTOCLOSE_METHOD)( IN PEPROCESS Process OPTIONAL, IN PVOID Object, - IN HANDLE Handle + IN HANDLE Handle, + IN KPROCESSOR_MODE AccessMode ); #else Modified: trunk/reactos/ntoskrnl/cm/cm.h URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/cm/cm.h?rev=22303&… ============================================================================== --- trunk/reactos/ntoskrnl/cm/cm.h (original) +++ trunk/reactos/ntoskrnl/cm/cm.h Sun Jun 11 10:52:56 2006 @@ -467,7 +467,8 @@ IN BOOLEAN HasObjectName, POBJECT_NAME_INFORMATION ObjectNameInfo, ULONG Length, - PULONG ReturnLength); + PULONG ReturnLength, + IN KPROCESSOR_MODE PreviousMode); NTSTATUS CmiImportHiveBins(PREGISTRY_HIVE Hive, Modified: trunk/reactos/ntoskrnl/cm/regobj.c URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/cm/regobj.c?rev=22… ============================================================================== --- trunk/reactos/ntoskrnl/cm/regobj.c (original) +++ trunk/reactos/ntoskrnl/cm/regobj.c Sun Jun 11 10:52:56 2006 @@ -691,7 +691,8 @@ IN BOOLEAN HasName, POBJECT_NAME_INFORMATION ObjectNameInfo, ULONG Length, - PULONG ReturnLength) + PULONG ReturnLength, + IN KPROCESSOR_MODE PreviousMode) { PKEY_OBJECT KeyObject; NTSTATUS Status; Modified: trunk/reactos/ntoskrnl/include/internal/io.h URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/include/internal/i… ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/io.h (original) +++ trunk/reactos/ntoskrnl/include/internal/io.h Sun Jun 11 10:52:56 2006 @@ -518,7 +518,8 @@ IN BOOLEAN HasName, POBJECT_NAME_INFORMATION ObjectNameInfo, ULONG Length, - PULONG ReturnLength + PULONG ReturnLength, + IN KPROCESSOR_MODE PreviousMode ); VOID Modified: trunk/reactos/ntoskrnl/include/internal/ob.h URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/include/internal/o… ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/ob.h (original) +++ trunk/reactos/ntoskrnl/include/internal/ob.h Sun Jun 11 10:52:56 2006 @@ -121,18 +121,6 @@ IN PVOID Object ); -NTSTATUS -NTAPI -ObDuplicateObject( - PEPROCESS SourceProcess, - PEPROCESS TargetProcess, - HANDLE SourceHandle, - PHANDLE TargetHandle, - ACCESS_MASK DesiredAccess, - ULONG HandleAttributes, - ULONG Options -); - VOID NTAPI ObQueryDeviceMapInformation( Modified: trunk/reactos/ntoskrnl/io/file.c URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/io/file.c?rev=2230… ============================================================================== --- trunk/reactos/ntoskrnl/io/file.c (original) +++ trunk/reactos/ntoskrnl/io/file.c Sun Jun 11 10:52:56 2006 @@ -411,7 +411,8 @@ IN BOOLEAN HasName, POBJECT_NAME_INFORMATION ObjectNameInfo, ULONG Length, - PULONG ReturnLength) + PULONG ReturnLength, + IN KPROCESSOR_MODE PreviousMode) { POBJECT_NAME_INFORMATION LocalInfo; PFILE_OBJECT FileObject; Modified: trunk/reactos/ntoskrnl/ob/obhandle.c URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/ob/obhandle.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obhandle.c (original) +++ trunk/reactos/ntoskrnl/ob/obhandle.c Sun Jun 11 10:52:56 2006 @@ -196,7 +196,8 @@ /* Call it and check if it's not letting us close it */ if (!ObjectType->TypeInfo.OkayToCloseProcedure(PsGetCurrentProcess(), Body, - Handle)) + Handle, + AccessMode)) { /* Fail */ ExUnlockHandleTableEntry(HandleTable, HandleEntry); @@ -1188,158 +1189,201 @@ NTSTATUS NTAPI -ObDuplicateObject(PEPROCESS SourceProcess, - PEPROCESS TargetProcess, - HANDLE SourceHandle, - PHANDLE TargetHandle, - ACCESS_MASK DesiredAccess, - ULONG HandleAttributes, - ULONG Options) +ObDuplicateObject(IN PEPROCESS SourceProcess, + IN HANDLE SourceHandle, + IN PEPROCESS TargetProcess OPTIONAL, + IN PHANDLE TargetHandle OPTIONAL, + IN ACCESS_MASK DesiredAccess, + IN ULONG HandleAttributes, + IN ULONG Options, + IN KPROCESSOR_MODE PreviousMode) { - PHANDLE_TABLE_ENTRY SourceHandleEntry; HANDLE_TABLE_ENTRY NewHandleEntry; BOOLEAN AttachedToProcess = FALSE; - PVOID ObjectBody; + PVOID SourceObject; POBJECT_HEADER ObjectHeader; - ULONG NewHandleCount; - HANDLE NewTargetHandle; - PEPROCESS CurrentProcess; + POBJECT_TYPE ObjectType; + HANDLE NewHandle; KAPC_STATE ApcState; NTSTATUS Status = STATUS_SUCCESS; - + ACCESS_MASK TargetAccess, SourceAccess; + ACCESS_STATE AccessState; + PACCESS_STATE PassedAccessState = NULL; + AUX_DATA AuxData; + PHANDLE_TABLE HandleTable = NULL; + OBJECT_HANDLE_INFORMATION HandleInformation; PAGED_CODE(); - - if(SourceProcess == NULL || - ObIsKernelHandle(SourceHandle, ExGetPreviousMode())) - { - SourceProcess = PsInitialSystemProcess; - SourceHandle = ObKernelHandleToHandle(SourceHandle); - } - - CurrentProcess = PsGetCurrentProcess(); - - KeEnterCriticalRegion(); - - if (SourceProcess != CurrentProcess) - { - KeStackAttachProcess(&SourceProcess->Pcb, - &ApcState); + OBTRACE("OBTRACE - %s - Duplicating handle: %lx for %p into %p\n", + __FUNCTION__, + SourceHandle, + SourceProcess, + TargetProcess); + + /* Check if we're not in the source process */ + if (SourceProcess != PsGetCurrentProcess()) + { + /* Attach to it */ + KeStackAttachProcess(&SourceProcess->Pcb, &ApcState); AttachedToProcess = TRUE; } - SourceHandleEntry = ExMapHandleToPointer(SourceProcess->ObjectTable, - SourceHandle); - if (SourceHandleEntry == NULL) - { - if (AttachedToProcess) - { - KeUnstackDetachProcess(&ApcState); - } - - KeLeaveCriticalRegion(); - return STATUS_INVALID_HANDLE; - } - - ObjectHeader = EX_HTE_TO_HDR(SourceHandleEntry); - ObjectBody = &ObjectHeader->Body; - - NewHandleEntry.Object = SourceHandleEntry->Object; - if(HandleAttributes & OBJ_INHERIT) - NewHandleEntry.ObAttributes |= EX_HANDLE_ENTRY_INHERITABLE; - else - NewHandleEntry.ObAttributes &= ~EX_HANDLE_ENTRY_INHERITABLE; - NewHandleEntry.GrantedAccess = ((Options & DUPLICATE_SAME_ACCESS) ? - SourceHandleEntry->GrantedAccess : - DesiredAccess); - if (Options & DUPLICATE_SAME_ACCESS) - { - NewHandleEntry.GrantedAccess = SourceHandleEntry->GrantedAccess; - } - else - { - if (DesiredAccess & GENERIC_ACCESS) - { - RtlMapGenericMask(&DesiredAccess, - &ObjectHeader->Type->TypeInfo.GenericMapping); - } - NewHandleEntry.GrantedAccess = DesiredAccess; - } - - /* reference the object so it doesn't get deleted after releasing the lock - and before creating a new handle for it */ - ObReferenceObject(ObjectBody); - - /* increment the handle count of the object, it should always be >= 2 because - we're holding a handle lock to this object! if the new handle count was - 1 here, we're in big trouble... it would've been safe to increment and - check the handle count without using interlocked functions because the - entry is locked, which means the handle count can't change. */ - NewHandleCount = InterlockedIncrement(&ObjectHeader->HandleCount); - ASSERT(NewHandleCount >= 2); - - ExUnlockHandleTableEntry(SourceProcess->ObjectTable, - SourceHandleEntry); - + + /* Now reference the source handle */ + Status = ObReferenceObjectByHandle(SourceHandle, + 0, + NULL, + PreviousMode, + (PVOID*)&SourceObject, + &HandleInformation); + + /* Check if we were attached */ if (AttachedToProcess) { + /* We can safely detach now */ KeUnstackDetachProcess(&ApcState); AttachedToProcess = FALSE; } - if (TargetProcess != CurrentProcess) - { - KeStackAttachProcess(&TargetProcess->Pcb, - &ApcState); + /* Fail if we couldn't reference it */ + if (!NT_SUCCESS(Status)) return Status; + + /* Get the source access */ + SourceAccess = HandleInformation.GrantedAccess; + + /* Check if we're not in the target process */ + if (TargetProcess != PsGetCurrentProcess()) + { + /* Attach to it */ + KeStackAttachProcess(&TargetProcess->Pcb, &ApcState); AttachedToProcess = TRUE; } - /* attempt to create the new handle */ - NewTargetHandle = ExCreateHandle(TargetProcess->ObjectTable, - &NewHandleEntry); + /* Check if we're duplicating the attributes */ + if (Options & DUPLICATE_SAME_ATTRIBUTES) + { + /* Duplicate them */ + HandleAttributes = HandleInformation.HandleAttributes; + } + + /* Check if we're duplicating the access */ + if (Options & DUPLICATE_SAME_ACCESS) DesiredAccess = SourceAccess; + + /* Get object data */ + ObjectHeader = OBJECT_TO_OBJECT_HEADER(SourceObject); + ObjectType = ObjectHeader->Type; + + /* Fill out the entry */ + NewHandleEntry.Object = ObjectHeader; + NewHandleEntry.ObAttributes |= HandleAttributes & + (EX_HANDLE_ENTRY_PROTECTFROMCLOSE | + EX_HANDLE_ENTRY_INHERITABLE | + EX_HANDLE_ENTRY_AUDITONCLOSE); + + /* Check if we're using a generic mask */ + if (DesiredAccess & GENERIC_ACCESS) + { + /* Map it */ + RtlMapGenericMask(&DesiredAccess, &ObjectType->TypeInfo.GenericMapping); + } + + /* Set the target access */ + TargetAccess = DesiredAccess; + NewHandleEntry.GrantedAccess = TargetAccess; + + /* Check if we're asking for new access */ + if (TargetAccess & ~SourceAccess) + { + /* We are. We need the security procedure to validate this */ + if (ObjectType->TypeInfo.SecurityProcedure == SeDefaultObjectMethod) + { + /* Use our built-in access state */ + PassedAccessState = &AccessState; + Status = SeCreateAccessState(&AccessState, + &AuxData, + TargetAccess, + &ObjectType->TypeInfo.GenericMapping); + } + else + { + /* Otherwise we can't allow this privilege elevation */ + Status = STATUS_ACCESS_DENIED; + } + } + else + { + /* We don't need an access state */ + Status = STATUS_SUCCESS; + } + + /* Make sure the access state was created OK */ + if (NT_SUCCESS(Status)) + { + /* Add a new handle */ + Status = ObpIncrementHandleCount(SourceObject, + PassedAccessState, + PreviousMode, + HandleAttributes, + PsGetCurrentProcess(), + ObDuplicateHandle); + + /* Set the handle table, now that we know this handle was added */ + HandleTable = PsGetCurrentProcess()->ObjectTable; + } + + /* Check if we were attached */ if (AttachedToProcess) { + /* We can safely detach now */ KeUnstackDetachProcess(&ApcState); AttachedToProcess = FALSE; } - if (NewTargetHandle != NULL) - { - if (Options & DUPLICATE_CLOSE_SOURCE) - { - if (SourceProcess != CurrentProcess) - { - KeStackAttachProcess(&SourceProcess->Pcb, - &ApcState); - AttachedToProcess = TRUE; - } - - /* delete the source handle */ - NtClose(SourceHandle); - - if (AttachedToProcess) - { - KeUnstackDetachProcess(&ApcState); - } - } - - ObDereferenceObject(ObjectBody); - - *TargetHandle = NewTargetHandle; - } - else - { - /* decrement the handle count we previously incremented, but don't call the - closing procedure because we're not closing a handle! */ - if(InterlockedDecrement(&ObjectHeader->HandleCount) == 0) - { - ObDereferenceObject(ObjectBody); - } - - ObDereferenceObject(ObjectBody); - Status = STATUS_UNSUCCESSFUL; - } - - KeLeaveCriticalRegion(); - + /* Check if we have to close the source handle */ + if (Options & DUPLICATE_CLOSE_SOURCE) + { + /* Attach and close */ + KeStackAttachProcess(&SourceProcess->Pcb, &ApcState); + NtClose(SourceHandle); + KeUnstackDetachProcess(&ApcState); + } + + /* Check if we had an access state */ + if (PassedAccessState) SeDeleteAccessState(PassedAccessState); + + /* Now check if incrementing actually failed */ + if (!NT_SUCCESS(Status)) + { + /* Dereference the source object */ + ObDereferenceObject(SourceObject); + return Status; + } + + /* Now create the handle */ + ObDereferenceObject(SourceObject); + NewHandle = ExCreateHandle(HandleTable, &NewHandleEntry); + if (!NewHandle) + { + /* Undo the increment */ + ObpDecrementHandleCount(SourceObject, + TargetProcess, + TargetAccess); + + /* Deference the object and set failure status */ + ObDereferenceObject(SourceObject); + Status = STATUS_INSUFFICIENT_RESOURCES; + } + + /* Return the handle */ + if (TargetHandle) *TargetHandle = NewHandle; + + /* Return status */ + OBTRACE("OBTRACE - %s - Duplicated handle: %lx for %p into %p. Source: %p HC PC %lx %lx\n", + __FUNCTION__, + NewHandle, + SourceProcess, + TargetProcess, + SourceObject, + ObjectHeader->PointerCount, + ObjectHeader->HandleCount); return Status; } @@ -1934,184 +1978,118 @@ return ObpCloseHandle(Handle, ExGetPreviousMode()); } -/* -* @implemented -*/ -NTSTATUS STDCALL -NtDuplicateObject (IN HANDLE SourceProcessHandle, - IN HANDLE SourceHandle, - IN HANDLE TargetProcessHandle, - OUT PHANDLE TargetHandle OPTIONAL, - IN ACCESS_MASK DesiredAccess, - IN ULONG HandleAttributes, - IN ULONG Options) +NTSTATUS +NTAPI +NtDuplicateObject(IN HANDLE SourceProcessHandle, + IN HANDLE SourceHandle, + IN HANDLE TargetProcessHandle OPTIONAL, + OUT PHANDLE TargetHandle OPTIONAL, + IN ACCESS_MASK DesiredAccess, + IN ULONG HandleAttributes, + IN ULONG Options) { - PEPROCESS SourceProcess; - PEPROCESS TargetProcess; - PEPROCESS CurrentProcess; + PEPROCESS SourceProcess, TargetProcess, Target; HANDLE hTarget; - BOOLEAN AttachedToProcess = FALSE; - KPROCESSOR_MODE PreviousMode; - KAPC_STATE ApcState; + KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); NTSTATUS Status = STATUS_SUCCESS; - ACCESS_STATE AccessState; - AUX_DATA AuxData; - PACCESS_STATE PassedAccessState = NULL; - PAGED_CODE(); - - PreviousMode = ExGetPreviousMode(); - - if(TargetHandle != NULL && PreviousMode != KernelMode) - { + OBTRACE("OBTRACE - %s - Duplicating handle: %lx for %lx into %lx.\n", + __FUNCTION__, + SourceHandle, + SourceProcessHandle, + TargetProcessHandle); + + if((TargetHandle) && (PreviousMode != KernelMode)) + { + /* Enter SEH */ _SEH_TRY { + /* Probe the handle */ ProbeForWriteHandle(TargetHandle); } _SEH_HANDLE { + /* Get the exception status */ Status = _SEH_GetExceptionCode(); } _SEH_END; - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - + /* Fail if the pointer was invalid */ + if (!NT_SUCCESS(Status)) return Status; + } + + /* Now reference the input handle */ Status = ObReferenceObjectByHandle(SourceProcessHandle, - PROCESS_DUP_HANDLE, - NULL, - PreviousMode, - (PVOID*)&SourceProcess, - NULL); - if (!NT_SUCCESS(Status)) - { - return(Status); - } - - Status = ObReferenceObjectByHandle(TargetProcessHandle, - PROCESS_DUP_HANDLE, - NULL, - PreviousMode, - (PVOID*)&TargetProcess, - NULL); - if (!NT_SUCCESS(Status)) - { - ObDereferenceObject(SourceProcess); - return(Status); - } - - CurrentProcess = PsGetCurrentProcess(); - - /* Check for magic handle first */ - if (SourceHandle == NtCurrentThread() || - SourceHandle == NtCurrentProcess()) - { - PVOID ObjectBody; - POBJECT_TYPE ObjectType; - - ObjectType = (SourceHandle == NtCurrentThread()) ? PsThreadType : PsProcessType; - - Status = ObReferenceObjectByHandle(SourceHandle, - 0, - ObjectType, - PreviousMode, - &ObjectBody, - NULL); - if(NT_SUCCESS(Status)) - { - if (Options & DUPLICATE_SAME_ACCESS) - { - /* grant all access rights */ - DesiredAccess = ((ObjectType == PsThreadType) ? THREAD_ALL_ACCESS : PROCESS_ALL_ACCESS); - } - else - { - if (DesiredAccess & GENERIC_ACCESS) - { - RtlMapGenericMask(&DesiredAccess, - &ObjectType->TypeInfo.GenericMapping); - } - } - - if (TargetProcess != CurrentProcess) - { - KeStackAttachProcess(&TargetProcess->Pcb, - &ApcState); - AttachedToProcess = TRUE; - } - - /* Use our built-in access state */ - PassedAccessState = &AccessState; - Status = SeCreateAccessState(&AccessState, - &AuxData, - DesiredAccess, - &ObjectType->TypeInfo.GenericMapping); - - /* Add a new handle */ - Status = ObpIncrementHandleCount(ObjectBody, - PassedAccessState, - PreviousMode, - HandleAttributes, - PsGetCurrentProcess(), - ObDuplicateHandle); - - if (AttachedToProcess) - { - KeUnstackDetachProcess(&ApcState); - AttachedToProcess = FALSE; - } - - ObDereferenceObject(ObjectBody); - - if (Options & DUPLICATE_CLOSE_SOURCE) - { - if (SourceProcess != CurrentProcess) - { - KeStackAttachProcess(&SourceProcess->Pcb, - &ApcState); - AttachedToProcess = TRUE; - } - - NtClose(SourceHandle); - - if (AttachedToProcess) - { - KeUnstackDetachProcess(&ApcState); - } - } + PROCESS_DUP_HANDLE, + PsProcessType, + PreviousMode, + (PVOID*)&SourceProcess, + NULL); + if (!NT_SUCCESS(Status)) return(Status); + + /* Check if got a target handle */ + if (TargetProcessHandle) + { + /* Now reference the output handle */ + Status = ObReferenceObjectByHandle(TargetProcessHandle, + PROCESS_DUP_HANDLE, + PsProcessType, + PreviousMode, + (PVOID*)&TargetProcess, + NULL); + if (NT_SUCCESS(Status)) + { + /* Use this target process */ + Target = TargetProcess; + } + else + { + /* No target process */ + Target = NULL; } } else { - Status = ObDuplicateObject(SourceProcess, - TargetProcess, - SourceHandle, - &hTarget, - DesiredAccess, - HandleAttributes, - Options); - } - + /* No target process */ + Status = STATUS_SUCCESS; + Target = NULL; + } + + /* Call the internal routine */ + Status = ObDuplicateObject(SourceProcess, + SourceHandle, + Target, + &hTarget, + DesiredAccess, + HandleAttributes, + Options, + PreviousMode); + + /* Check if the caller wanted the return handle */ + if (TargetHandle) + { + /* Protect the write to user mode */ + _SEH_TRY + { + /* Write the new handle */ + *TargetHandle = hTarget; + } + _SEH_HANDLE + { + /* Otherwise, get the exception code */ + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + + /* Dereference the processes */ + OBTRACE("OBTRACE - %s - Duplicated handle: %lx into %lx S %lx\n", + __FUNCTION__, + hTarget, + TargetProcessHandle, + Status); ObDereferenceObject(TargetProcess); ObDereferenceObject(SourceProcess); - - if(NT_SUCCESS(Status) && TargetHandle != NULL) - { - _SEH_TRY - { - *TargetHandle = hTarget; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - return Status; } - /* EOF */ Modified: trunk/reactos/ntoskrnl/ob/obname.c URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/ob/obname.c?rev=22… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obname.c (original) +++ trunk/reactos/ntoskrnl/ob/obname.c Sun Jun 11 10:52:56 2006 @@ -394,7 +394,7 @@ /* PUBLIC FUNCTIONS *********************************************************/ NTSTATUS -STDCALL +NTAPI ObQueryNameString(IN PVOID Object, OUT POBJECT_NAME_INFORMATION ObjectNameInfo, IN ULONG Length, @@ -418,7 +418,8 @@ TRUE, //fixme ObjectNameInfo, Length, - ReturnLength); + ReturnLength, + KernelMode); } /* Check if the object doesn't even have a name */