[ion] 23236: - Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread which isn't the current one. This is useful when creating a new process or thread since we're not actually in it. - Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now create an AccessState. - Also write the PID in the ObjectTable.
Author: ion Date: Sun Jul 23 12:20:57 2006 New Revision: 23236
URL: http://svn.reactos.org/svn/reactos?rev=23236&view=rev Log: - Refactor SeCaptureSubjectContext into SeCaptureSubjectContextEx and SeCreateAccessState into SeCreateAccessStateEx. The *Ex routines allow specifying a custom process/thread which isn't the current one. This is useful when creating a new process or thread since we're not actually in it. - Implemented a bit more security calls in PspCreateProcess as seen in WI II. We now create an AccessState. - Also write the PID in the ObjectTable.
Modified: trunk/reactos/ntoskrnl/include/internal/se.h trunk/reactos/ntoskrnl/ps/process.c trunk/reactos/ntoskrnl/se/access.c trunk/reactos/ntoskrnl/se/audit.c trunk/reactos/ntoskrnl/se/semgr.c
Modified: trunk/reactos/ntoskrnl/include/internal/se.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/s... ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/se.h (original) +++ trunk/reactos/ntoskrnl/include/internal/se.h Sun Jul 23 12:20:57 2006 @@ -131,6 +131,17 @@
NTSTATUS NTAPI +SeCreateAccessStateEx( + IN PETHREAD Thread, + IN PEPROCESS Process, + IN OUT PACCESS_STATE AccessState, + IN PAUX_DATA AuxData, + IN ACCESS_MASK Access, + IN PGENERIC_MAPPING GenericMapping +); + +NTSTATUS +NTAPI SeIsTokenChild( IN PTOKEN Token, OUT PBOOLEAN IsChild @@ -160,12 +171,24 @@ NTAPI SeAuditProcessExit(IN PEPROCESS Process);
+VOID +NTAPI +SeAuditProcessCreate(IN PEPROCESS Process); + NTSTATUS NTAPI SeExchangePrimaryToken( struct _EPROCESS* Process, PACCESS_TOKEN NewToken, PACCESS_TOKEN* OldTokenP +); + +VOID +NTAPI +SeCaptureSubjectContextEx( + IN PETHREAD Thread, + IN PEPROCESS Process, + OUT PSECURITY_SUBJECT_CONTEXT SubjectContext );
NTSTATUS
Modified: trunk/reactos/ntoskrnl/ps/process.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/process.c?rev=2... ============================================================================== --- trunk/reactos/ntoskrnl/ps/process.c (original) +++ trunk/reactos/ntoskrnl/ps/process.c Sun Jul 23 12:20:57 2006 @@ -368,6 +368,9 @@ PETHREAD CurrentThread; PEPROCESS CurrentProcess; ULONG MinWs, MaxWs; + ACCESS_STATE LocalAccessState; + PACCESS_STATE AccessState = &LocalAccessState; + AUX_DATA AuxData; PAGED_CODE(); DirectoryTableBase.QuadPart = 0;
@@ -633,7 +636,19 @@ goto CleanupWithRef; }
- /* FIXME: Insert into Job Object */ + /* Set the handle table PID */ + Process->ObjectTable->UniqueProcessId = Process->UniqueProcessId; + + /* Check if we need to audit */ + if (SeDetailedAuditingWithToken(NULL)) SeAuditProcessCreate(Process); + + /* Check if the parent had a job */ + if ((Parent) && (Parent->Job)) + { + /* FIXME: We need to insert this process */ + DPRINT1("Jobs not yet supported\n"); + KEBUGCHECK(0); + }
/* Create PEB only for User-Mode Processes */ if (Parent) @@ -647,15 +662,29 @@ InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks); KeReleaseGuardedMutex(&PspActiveProcessMutex);
- /* FIXME: SeCreateAccessStateEx */ + /* Create an access state */ + Status = SeCreateAccessStateEx(CurrentThread, + ((Parent) && + (Parent == PsInitialSystemProcess)) ? + Parent : CurrentProcess, + &LocalAccessState, + &AuxData, + DesiredAccess, + &PsProcessType->TypeInfo.GenericMapping); + if (!NT_SUCCESS(Status)) goto CleanupWithRef;
/* Insert the Process into the Object Directory */ Status = ObInsertObject(Process, - NULL, + AccessState, DesiredAccess, 1, (PVOID*)&Process, &hProcess); + + /* Free the access state */ + if (AccessState) SeDeleteAccessState(AccessState); + + /* Cleanup on failure */ if (!NT_SUCCESS(Status)) goto Cleanup;
/* FIXME: Compute Quantum and Priority */
Modified: trunk/reactos/ntoskrnl/se/access.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/access.c?rev=23... ============================================================================== --- trunk/reactos/ntoskrnl/se/access.c (original) +++ trunk/reactos/ntoskrnl/se/access.c Sun Jul 23 12:20:57 2006 @@ -14,24 +14,19 @@ #define NDEBUG #include <internal/debug.h>
-#define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | \ - GENERIC_ALL) - /* FUNCTIONS ***************************************************************/
-/* - * @implemented - */ NTSTATUS -STDCALL -SeCreateAccessState(PACCESS_STATE AccessState, - PAUX_DATA AuxData, - ACCESS_MASK Access, - PGENERIC_MAPPING GenericMapping) +NTAPI +SeCreateAccessStateEx(IN PETHREAD Thread, + IN PEPROCESS Process, + IN OUT PACCESS_STATE AccessState, + IN PAUX_DATA AuxData, + IN ACCESS_MASK Access, + IN PGENERIC_MAPPING GenericMapping) { ACCESS_MASK AccessMask = Access; PTOKEN Token; - PAGED_CODE();
/* Map the Generic Acess to Specific Access if we have a Mapping */ @@ -44,8 +39,10 @@ RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
/* Capture the Subject Context */ - SeCaptureSubjectContext(&AccessState->SubjectSecurityContext); - + SeCaptureSubjectContextEx(Thread, + Process, + &AccessState->SubjectSecurityContext); + /* Set Access State Data */ AccessState->AuxData = AuxData; AccessState->RemainingDesiredAccess = AccessMask; @@ -56,7 +53,7 @@ Token = AccessState->SubjectSecurityContext.ClientToken ? (PTOKEN)&AccessState->SubjectSecurityContext.ClientToken : (PTOKEN)&AccessState->SubjectSecurityContext.PrimaryToken; - + /* Check for Travers Privilege */ if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE) { @@ -67,11 +64,32 @@ /* Set the Auxiliary Data */ AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState + FIELD_OFFSET(ACCESS_STATE, - Privileges)); + Privileges)); if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
/* Return Sucess */ return STATUS_SUCCESS; +} + +/* + * @implemented + */ +NTSTATUS +STDCALL +SeCreateAccessState(IN OUT PACCESS_STATE AccessState, + IN PAUX_DATA AuxData, + IN ACCESS_MASK Access, + IN PGENERIC_MAPPING GenericMapping) +{ + PAGED_CODE(); + + /* Call the internal API */ + return SeCreateAccessStateEx(PsGetCurrentThread(), + PsGetCurrentProcess(), + AccessState, + AuxData, + Access, + GenericMapping); }
/* @@ -89,7 +107,7 @@
/* Deallocate Privileges */ if (AccessState->PrivilegesAllocated) ExFreePool(AuxData->PrivilegeSet); - + /* Deallocate Name and Type Name */ if (AccessState->ObjectName.Buffer) {
Modified: trunk/reactos/ntoskrnl/se/audit.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/audit.c?rev=232... ============================================================================== --- trunk/reactos/ntoskrnl/se/audit.c (original) +++ trunk/reactos/ntoskrnl/se/audit.c Sun Jul 23 12:20:57 2006 @@ -21,6 +21,13 @@ { /* FIXME */ return FALSE; +} + +VOID +NTAPI +SeAuditProcessCreate(IN PEPROCESS Process) +{ + /* FIXME */ }
VOID
Modified: trunk/reactos/ntoskrnl/se/semgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=232... ============================================================================== --- trunk/reactos/ntoskrnl/se/semgr.c (original) +++ trunk/reactos/ntoskrnl/se/semgr.c Sun Jul 23 12:20:57 2006 @@ -416,36 +416,52 @@ return STATUS_SUCCESS; }
+VOID +NTAPI +SeCaptureSubjectContextEx(IN PETHREAD Thread, + IN PEPROCESS Process, + OUT PSECURITY_SUBJECT_CONTEXT SubjectContext) +{ + BOOLEAN CopyOnOpen, EffectiveOnly; + PAGED_CODE(); + + /* ROS HACK */ + if (!Process) return; + + /* Save the unique ID */ + SubjectContext->ProcessAuditId = Process->UniqueProcessId; + + /* Check if we have a thread */ + if (!Thread) + { + /* We don't, so no token */ + SubjectContext->ClientToken = NULL; + } + else + { + /* Get the impersonation token */ + SubjectContext->ClientToken = + PsReferenceImpersonationToken(Thread, + &CopyOnOpen, + &EffectiveOnly, + &SubjectContext->ImpersonationLevel); + } + + /* Get the primary token */ + SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process); +} + /* * @implemented */ -VOID STDCALL +VOID +NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext) { - PETHREAD Thread; - BOOLEAN CopyOnOpen; - BOOLEAN EffectiveOnly; - - PAGED_CODE(); - - Thread = PsGetCurrentThread(); - if (Thread == NULL) - { - SubjectContext->ProcessAuditId = 0; - SubjectContext->PrimaryToken = NULL; - SubjectContext->ClientToken = NULL; - SubjectContext->ImpersonationLevel = 0; - } - else - { - SubjectContext->ProcessAuditId = Thread->ThreadsProcess; - SubjectContext->ClientToken = - PsReferenceImpersonationToken(Thread, - &CopyOnOpen, - &EffectiveOnly, - &SubjectContext->ImpersonationLevel); - SubjectContext->PrimaryToken = PsReferencePrimaryToken(Thread->ThreadsProcess); - } + /* Call the internal API */ + SeCaptureSubjectContextEx(PsGetCurrentThread(), + PsGetCurrentProcess(), + SubjectContext); }
-
ion@svn.reactos.org