[hbelusca] 58233: [SERVICES] Fix acquiring/releasing driver-loading and unloading privilege (see r57754) by using the RtlAdjustPrivilege API instead of using the standard user-mode Win32 API (thus ... - Ros-diffs

26 Jan 2013

Author: hbelusca
Date: Sat Jan 26 23:14:05 2013
New Revision: 58233
URL: http://svn.reactos.org/svn/reactos?rev=58233&view=rev
Log:
[SERVICES]
Fix acquiring/releasing driver-loading and unloading privilege (see r57754) by using the RtlAdjustPrivilege API instead of using the standard user-mode Win32 API (thus get rid of calling LSA when calling LookupPrivilegeValueW).
Modified:
    trunk/reactos/base/system/services/driver.c
    trunk/reactos/base/system/services/services.h
Modified: trunk/reactos/base/system/services/driver.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/driver...
==============================================================================

--- trunk/reactos/base/system/services/driver.c [iso-8859-1] (original)
+++ trunk/reactos/base/system/services/driver.c [iso-8859-1] Sat Jan 26 23:14:05 2013
@@ -16,57 +16,13 @@
/* FUNCTIONS ****************************************************************/
-static DWORD EnablePrivilege(LPCWSTR lpszPrivilegeName, BOOL bEnablePrivilege)
-{
-    DWORD  dwRet  = ERROR_SUCCESS;
-    HANDLE hToken = NULL;
-
-    if (OpenProcessToken(GetCurrentProcess(),
-                         TOKEN_ADJUST_PRIVILEGES,
-                         &hToken))
-    {
-        TOKEN_PRIVILEGES tp;
-
-        tp.PrivilegeCount = 1;
-        tp.Privileges[0].Attributes = (bEnablePrivilege ? SE_PRIVILEGE_ENABLED : 0);
-
-        if (LookupPrivilegeValueW(NULL,
-                                  lpszPrivilegeName,
-                                  &tp.Privileges[0].Luid))
-        {
-            if (AdjustTokenPrivileges(hToken, FALSE, &tp, 0, NULL, NULL))
-            {
-                if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
-                    dwRet = ERROR_NOT_ALL_ASSIGNED;
-            }
-            else
-            {
-                dwRet = GetLastError();
-            }
-        }
-        else
-        {
-            dwRet = GetLastError();
-        }
-
-        CloseHandle(hToken);
-    }
-    else
-    {
-        dwRet = GetLastError();
-    }
-
-    return dwRet;
-}
-
-
 DWORD
 ScmLoadDriver(PSERVICE lpService)
 {
+    NTSTATUS Status = STATUS_SUCCESS;
+    BOOLEAN WasPrivilegeEnabled = FALSE;
     PWSTR pszDriverPath;
     UNICODE_STRING DriverPath;
-    NTSTATUS Status;
-    DWORD dwError = ERROR_SUCCESS;
/* Build the driver path */
     /* 52 = wcslen(L"\Registry\Machine\System\CurrentControlSet\Services\") */
@@ -87,38 +43,38 @@
     DPRINT("  Path: %wZ\n", &DriverPath);
/* Acquire driver-loading privilege */
-    dwError = EnablePrivilege(SE_LOAD_DRIVER_NAME, TRUE);
-    if (dwError != ERROR_SUCCESS)
+    Status = RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
+                                TRUE,
+                                FALSE,
+                                &WasPrivilegeEnabled);
+    if (!NT_SUCCESS(Status))
     {
         /* We encountered a failure, exit properly */
-        DPRINT1("SERVICES: Cannot acquire driver-loading privilege, error = %lu\n", dwError);
+        DPRINT1("SERVICES: Cannot acquire driver-loading privilege, Status = 0x%08lx\n", Status);
         goto done;
     }
Status = NtLoadDriver(&DriverPath);
/* Release driver-loading privilege */
-    EnablePrivilege(SE_LOAD_DRIVER_NAME, FALSE);
-
-    if (!NT_SUCCESS(Status))
-    {
-        dwError = RtlNtStatusToDosError(Status);
-    }
+    RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
+                       WasPrivilegeEnabled,
+                       FALSE,
+                       &WasPrivilegeEnabled);
done:
     HeapFree(GetProcessHeap(), 0, pszDriverPath);
-
-    return dwError;
+    return RtlNtStatusToDosError(Status);
 }
DWORD
 ScmUnloadDriver(PSERVICE lpService)
 {
+    NTSTATUS Status = STATUS_SUCCESS;
+    BOOLEAN WasPrivilegeEnabled = FALSE;
     PWSTR pszDriverPath;
     UNICODE_STRING DriverPath;
-    NTSTATUS Status;
-    DWORD dwError = ERROR_SUCCESS;
/* Build the driver path */
     /* 52 = wcslen(L"\Registry\Machine\System\CurrentControlSet\Services\") */
@@ -136,29 +92,31 @@
     RtlInitUnicodeString(&DriverPath,
                          pszDriverPath);
+    DPRINT("  Path: %wZ\n", &DriverPath);
+
     /* Acquire driver-unloading privilege */
-    dwError = EnablePrivilege(SE_LOAD_DRIVER_NAME, TRUE);
-    if (dwError != ERROR_SUCCESS)
+    Status = RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
+                                TRUE,
+                                FALSE,
+                                &WasPrivilegeEnabled);
+    if (!NT_SUCCESS(Status))
     {
         /* We encountered a failure, exit properly */
-        DPRINT1("SERVICES: Cannot acquire driver-unloading privilege, error = %lu\n", dwError);
+        DPRINT1("SERVICES: Cannot acquire driver-unloading privilege, Status = 0x%08lx\n", Status);
         goto done;
     }
Status = NtUnloadDriver(&DriverPath);
/* Release driver-unloading privilege */
-    EnablePrivilege(SE_LOAD_DRIVER_NAME, FALSE);
-
-    if (!NT_SUCCESS(Status))
-    {
-        dwError = RtlNtStatusToDosError(Status);
-    }
+    RtlAdjustPrivilege(SE_LOAD_DRIVER_PRIVILEGE,
+                       WasPrivilegeEnabled,
+                       FALSE,
+                       &WasPrivilegeEnabled);
done:
     HeapFree(GetProcessHeap(), 0, pszDriverPath);
-
-    return dwError;
+    return RtlNtStatusToDosError(Status);
 }
Modified: trunk/reactos/base/system/services/services.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/servic...
==============================================================================
--- trunk/reactos/base/system/services/services.h [iso-8859-1] (original)
+++ trunk/reactos/base/system/services/services.h [iso-8859-1] Sat Jan 26 23:14:05 2013
@@ -14,6 +14,7 @@
 #include <ndk/iofuncs.h>
 #include <ndk/obfuncs.h>
 #include <ndk/rtlfuncs.h>
+#include <ndk/setypes.h>
 #include <services/services.h>
 #include <svcctl_s.h>

    