[ion] 23236: - Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread which isn't the current one. This is useful when creating a new process or thread since we're not actually in it. - Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now create an AccessState. - Also write the PID in the ObjectTable.
23 Jul
2006
23 Jul
'06
8:20 a.m.
Author: ion
Date: Sun Jul 23 12:20:57 2006
New Revision: 23236
URL: http://svn.reactos.org/svn/reactos?rev=23236&view=rev
Log:
- Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState
into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread
which isn't the current one. This is useful when creating a new process or thread
since we're not actually in it.
- Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now
create an AccessState.
- Also write the PID in the ObjectTable.
Modified:
trunk/reactos/ntoskrnl/include/internal/se.h
trunk/reactos/ntoskrnl/ps/process.c
trunk/reactos/ntoskrnl/se/access.c
trunk/reactos/ntoskrnl/se/audit.c
trunk/reactos/ntoskrnl/se/semgr.c
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/…
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/se.h (original)
+++ trunk/reactos/ntoskrnl/include/internal/se.h Sun Jul 23 12:20:57 2006
@@ -131,6 +131,17 @@
NTSTATUS
NTAPI
+SeCreateAccessStateEx(
+ IN PETHREAD Thread,
+ IN PEPROCESS Process,
+ IN OUT PACCESS_STATE AccessState,
+ IN PAUX_DATA AuxData,
+ IN ACCESS_MASK Access,
+ IN PGENERIC_MAPPING GenericMapping
+);
+
+NTSTATUS
+NTAPI
SeIsTokenChild(
IN PTOKEN Token,
OUT PBOOLEAN IsChild
@@ -160,12 +171,24 @@
NTAPI
SeAuditProcessExit(IN PEPROCESS Process);
+VOID
+NTAPI
+SeAuditProcessCreate(IN PEPROCESS Process);
+
NTSTATUS
NTAPI
SeExchangePrimaryToken(
struct _EPROCESS* Process,
PACCESS_TOKEN NewToken,
PACCESS_TOKEN* OldTokenP
+);
+
+VOID
+NTAPI
+SeCaptureSubjectContextEx(
+ IN PETHREAD Thread,
+ IN PEPROCESS Process,
+ OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
);
NTSTATUS
Modified: trunk/reactos/ntoskrnl/ps/process.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/process.c?rev=…
==============================================================================
--- trunk/reactos/ntoskrnl/ps/process.c (original)
+++ trunk/reactos/ntoskrnl/ps/process.c Sun Jul 23 12:20:57 2006
@@ -368,6 +368,9 @@
PETHREAD CurrentThread;
PEPROCESS CurrentProcess;
ULONG MinWs, MaxWs;
+ ACCESS_STATE LocalAccessState;
+ PACCESS_STATE AccessState = &LocalAccessState;
+ AUX_DATA AuxData;
PAGED_CODE();
DirectoryTableBase.QuadPart = 0;
@@ -633,7 +636,19 @@
goto CleanupWithRef;
}
- /* FIXME: Insert into Job Object */
+ /* Set the handle table PID */
+ Process->ObjectTable->UniqueProcessId = Process->UniqueProcessId;
+
+ /* Check if we need to audit */
+ if (SeDetailedAuditingWithToken(NULL)) SeAuditProcessCreate(Process);
+
+ /* Check if the parent had a job */
+ if ((Parent) && (Parent->Job))
+ {
+ /* FIXME: We need to insert this process */
+ DPRINT1("Jobs not yet supported\n");
+ KEBUGCHECK(0);
+ }
/* Create PEB only for User-Mode Processes */
if (Parent)
@@ -647,15 +662,29 @@
InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks);
KeReleaseGuardedMutex(&PspActiveProcessMutex);
- /* FIXME: SeCreateAccessStateEx */
+ /* Create an access state */
+ Status = SeCreateAccessStateEx(CurrentThread,
+ ((Parent) &&
+ (Parent == PsInitialSystemProcess)) ?
+ Parent : CurrentProcess,
+ &LocalAccessState,
+ &AuxData,
+ DesiredAccess,
+ &PsProcessType->TypeInfo.GenericMapping);
+ if (!NT_SUCCESS(Status)) goto CleanupWithRef;
/* Insert the Process into the Object Directory */
Status = ObInsertObject(Process,
- NULL,
+ AccessState,
DesiredAccess,
1,
(PVOID*)&Process,
&hProcess);
+
+ /* Free the access state */
+ if (AccessState) SeDeleteAccessState(AccessState);
+
+ /* Cleanup on failure */
if (!NT_SUCCESS(Status)) goto Cleanup;
/* FIXME: Compute Quantum and Priority */
Modified: trunk/reactos/ntoskrnl/se/access.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/access.c?rev=2…
==============================================================================
--- trunk/reactos/ntoskrnl/se/access.c (original)
+++ trunk/reactos/ntoskrnl/se/access.c Sun Jul 23 12:20:57 2006
@@ -14,24 +14,19 @@
#define NDEBUG
#include <internal/debug.h>
-#define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | \
- GENERIC_ALL)
-
/* FUNCTIONS ***************************************************************/
-/*
- * @implemented
- */
NTSTATUS
-STDCALL
-SeCreateAccessState(PACCESS_STATE AccessState,
- PAUX_DATA AuxData,
- ACCESS_MASK Access,
- PGENERIC_MAPPING GenericMapping)
+NTAPI
+SeCreateAccessStateEx(IN PETHREAD Thread,
+ IN PEPROCESS Process,
+ IN OUT PACCESS_STATE AccessState,
+ IN PAUX_DATA AuxData,
+ IN ACCESS_MASK Access,
+ IN PGENERIC_MAPPING GenericMapping)
{
ACCESS_MASK AccessMask = Access;
PTOKEN Token;
-
PAGED_CODE();
/* Map the Generic Acess to Specific Access if we have a Mapping */
@@ -44,8 +39,10 @@
RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
/* Capture the Subject Context */
- SeCaptureSubjectContext(&AccessState->SubjectSecurityContext);
-
+ SeCaptureSubjectContextEx(Thread,
+ Process,
+ &AccessState->SubjectSecurityContext);
+
/* Set Access State Data */
AccessState->AuxData = AuxData;
AccessState->RemainingDesiredAccess = AccessMask;
@@ -56,7 +53,7 @@
Token = AccessState->SubjectSecurityContext.ClientToken ?
(PTOKEN)&AccessState->SubjectSecurityContext.ClientToken :
(PTOKEN)&AccessState->SubjectSecurityContext.PrimaryToken;
-
+
/* Check for Travers Privilege */
if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
{
@@ -67,11 +64,32 @@
/* Set the Auxiliary Data */
AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
FIELD_OFFSET(ACCESS_STATE,
- Privileges));
+ Privileges));
if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
/* Return Sucess */
return STATUS_SUCCESS;
+}
+
+/*
+ * @implemented
+ */
+NTSTATUS
+STDCALL
+SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
+ IN PAUX_DATA AuxData,
+ IN ACCESS_MASK Access,
+ IN PGENERIC_MAPPING GenericMapping)
+{
+ PAGED_CODE();
+
+ /* Call the internal API */
+ return SeCreateAccessStateEx(PsGetCurrentThread(),
+ PsGetCurrentProcess(),
+ AccessState,
+ AuxData,
+ Access,
+ GenericMapping);
}
/*
@@ -89,7 +107,7 @@
/* Deallocate Privileges */
if (AccessState->PrivilegesAllocated) ExFreePool(AuxData->PrivilegeSet);
-
+
/* Deallocate Name and Type Name */
if (AccessState->ObjectName.Buffer)
{
Modified: trunk/reactos/ntoskrnl/se/audit.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/audit.c?rev=23…
==============================================================================
--- trunk/reactos/ntoskrnl/se/audit.c (original)
+++ trunk/reactos/ntoskrnl/se/audit.c Sun Jul 23 12:20:57 2006
@@ -21,6 +21,13 @@
{
/* FIXME */
return FALSE;
+}
+
+VOID
+NTAPI
+SeAuditProcessCreate(IN PEPROCESS Process)
+{
+ /* FIXME */
}
VOID
Modified: trunk/reactos/ntoskrnl/se/semgr.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=23…
==============================================================================
--- trunk/reactos/ntoskrnl/se/semgr.c (original)
+++ trunk/reactos/ntoskrnl/se/semgr.c Sun Jul 23 12:20:57 2006
@@ -416,36 +416,52 @@
return STATUS_SUCCESS;
}
+VOID
+NTAPI
+SeCaptureSubjectContextEx(IN PETHREAD Thread,
+ IN PEPROCESS Process,
+ OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
+{
+ BOOLEAN CopyOnOpen, EffectiveOnly;
+ PAGED_CODE();
+
+ /* ROS HACK */
+ if (!Process) return;
+
+ /* Save the unique ID */
+ SubjectContext->ProcessAuditId = Process->UniqueProcessId;
+
+ /* Check if we have a thread */
+ if (!Thread)
+ {
+ /* We don't, so no token */
+ SubjectContext->ClientToken = NULL;
+ }
+ else
+ {
+ /* Get the impersonation token */
+ SubjectContext->ClientToken =
+ PsReferenceImpersonationToken(Thread,
+ &CopyOnOpen,
+ &EffectiveOnly,
+ &SubjectContext->ImpersonationLevel);
+ }
+
+ /* Get the primary token */
+ SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
+}
+
/*
* @implemented
*/
-VOID STDCALL
+VOID
+NTAPI
SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
- PETHREAD Thread;
- BOOLEAN CopyOnOpen;
- BOOLEAN EffectiveOnly;
-
- PAGED_CODE();
-
- Thread = PsGetCurrentThread();
- if (Thread == NULL)
- {
- SubjectContext->ProcessAuditId = 0;
- SubjectContext->PrimaryToken = NULL;
- SubjectContext->ClientToken = NULL;
- SubjectContext->ImpersonationLevel = 0;
- }
- else
- {
- SubjectContext->ProcessAuditId = Thread->ThreadsProcess;
- SubjectContext->ClientToken =
- PsReferenceImpersonationToken(Thread,
- &CopyOnOpen,
- &EffectiveOnly,
- &SubjectContext->ImpersonationLevel);
- SubjectContext->PrimaryToken =
PsReferencePrimaryToken(Thread->ThreadsProcess);
- }
+ /* Call the internal API */
+ SeCaptureSubjectContextEx(PsGetCurrentThread(),
+ PsGetCurrentProcess(),
+ SubjectContext);
}
6690
days inactive
6690
days old
0 comments
1 participants
participants (1)
-
ion@svn.reactos.org