Author: ion Date: Wed Sep 12 16:29:28 2012 New Revision: 57284 URL: http://svn.reactos.org/svn/reactos?rev=57284&view=rev Log: [NTOSKRNL]: Use the token lock acquire/release macros that were already written instead of manually doing it. Also fix the macros since they didn't work in GCC. No functional change, just code cleanup. Modified: trunk/reactos/ntoskrnl/include/internal/se.h trunk/reactos/ntoskrnl/se/access.c trunk/reactos/ntoskrnl/se/semgr.c Modified: trunk/reactos/ntoskrnl/include/internal/se.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/… ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] Wed Sep 12 16:29:28 2012 @@ -1,4 +1,28 @@ #pragma once + +typedef struct _KNOWN_ACE +{ + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} KNOWN_ACE, *PKNOWN_ACE; + +typedef struct _KNOWN_OBJECT_ACE +{ + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG Flags; + ULONG SidStart; +} KNOWN_OBJECT_ACE, *PKNOWN_OBJECT_ACE; + +typedef struct _KNOWN_COMPOUND_ACE +{ + ACE_HEADER Header; + ACCESS_MASK Mask; + USHORT CompoundAceType; + USHORT Reserved; + ULONG SidStart; +} KNOWN_COMPOUND_ACE, *PKNOWN_COMPOUND_ACE; PSID FORCEINLINE @@ -75,6 +99,8 @@ return Descriptor->Sacl; } } + +#ifndef RTL_H /* SID Authorities */ extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority; @@ -156,6 +182,19 @@ extern PSECURITY_DESCRIPTOR SeSystemDefaultSd; extern PSECURITY_DESCRIPTOR SeUnrestrictedSd; + +#define SepAcquireTokenLockExclusive(Token) \ + KeEnterCriticalRegion(); \ + ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \ + +#define SepAcquireTokenLockShared(Token) \ + KeEnterCriticalRegion(); \ + ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \ + +#define SepReleaseTokenLock(Token) \ + ExReleaseResource(((PTOKEN)Token)->TokenLock); \ + KeLeaveCriticalRegion(); \ + // // Token Functions // @@ -434,24 +473,6 @@ OUT PACCESS_TOKEN* NewToken ); -#define SepAcquireTokenLockExclusive(Token) \ - do { \ - KeEnterCriticalRegion(); \ - ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \ - while(0) - -#define SepAcquireTokenLockShared(Token) \ - do { \ - KeEnterCriticalRegion(); \ - ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \ - while(0) - -#define SepReleaseTokenLock(Token) \ - do { \ - ExReleaseResource(((PTOKEN)Token)->TokenLock); \ - KeLeaveCriticalRegion(); \ - while(0) - VOID NTAPI SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess); @@ -460,4 +481,6 @@ SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess); +#endif + /* EOF */ Modified: trunk/reactos/ntoskrnl/se/access.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/access.c?rev=5… ============================================================================== --- trunk/reactos/ntoskrnl/se/access.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/access.c [iso-8859-1] Wed Sep 12 16:29:28 2012 @@ -130,11 +130,7 @@ ASSERT(Sid != NULL); /* Lock the token if needed */ - if (!TokenLocked) - { - KeEnterCriticalRegion(); - ExAcquireResourceSharedLite(Token->TokenLock, TRUE); - } + if (!TokenLocked) SepAcquireTokenLockShared(Token); /* Check if the owner SID is found, handling restricted case as well */ Result = SepSidInToken(Token, Sid); @@ -144,11 +140,7 @@ } /* Release the lock if we had acquired it */ - if (!TokenLocked) - { - ExReleaseResourceLite(Token->TokenLock); - KeLeaveCriticalRegion(); - } + if (!TokenLocked) SepReleaseTokenLock(Token); /* Return the result */ return Result; @@ -168,15 +160,13 @@ TokenControl->TokenSource = Token->TokenSource; /* Lock the token */ - KeEnterCriticalRegion(); - ExAcquireResourceSharedLite(Token->TokenLock, TRUE); + SepAcquireTokenLockShared(Token); /* Capture the modified it */ TokenControl->ModifiedId = Token->ModifiedId; /* Unlock it */ - ExReleaseResourceLite(Token->TokenLock); - KeLeaveCriticalRegion(); + SepReleaseTokenLock(Token); } NTSTATUS @@ -327,13 +317,11 @@ ClientToken = SubjectContext->ClientToken; /* Always lock the primary */ - KeEnterCriticalRegion(); - ExAcquireResourceSharedLite(PrimaryToken->TokenLock, TRUE); + SepAcquireTokenLockShared(PrimaryToken); /* Lock the impersonation one if it's there */ if (!ClientToken) return; - KeEnterCriticalRegion(); - ExAcquireResourceSharedLite(ClientToken->TokenLock, TRUE); + SepAcquireTokenLockShared(ClientToken); } /* @@ -351,13 +339,11 @@ ClientToken = SubjectContext->ClientToken; /* Always unlock the primary one */ - ExReleaseResourceLite(PrimaryToken->TokenLock); - KeLeaveCriticalRegion(); + SepReleaseTokenLock(PrimaryToken); /* Unlock the impersonation one if it's there */ if (!ClientToken) return; - ExReleaseResourceLite(ClientToken->TokenLock); - KeLeaveCriticalRegion(); + SepReleaseTokenLock(ClientToken); } /* Modified: trunk/reactos/ntoskrnl/se/semgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=57… ============================================================================== --- trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] Wed Sep 12 16:29:28 2012 @@ -952,8 +952,7 @@ SeCaptureSubjectContext(&SubjectSecurityContext); /* Lock the token */ - KeEnterCriticalRegion(); - ExAcquireResourceSharedLite(Token->TokenLock, TRUE); + SepAcquireTokenLockShared(Token); /* Check if the token is the owner and grant WRITE_DAC and READ_CONTROL rights */ if (DesiredAccess & (WRITE_DAC | READ_CONTROL | MAXIMUM_ALLOWED)) @@ -990,8 +989,7 @@ /* Release subject context and unlock the token */ SeReleaseSubjectContext(&SubjectSecurityContext); - ExReleaseResourceLite(Token->TokenLock); - KeLeaveCriticalRegion(); + SepReleaseTokenLock(Token); /* Release the captured security descriptor */ SeReleaseSecurityDescriptor(CapturedSecurityDescriptor,