ReactOS 0.4.15-dev-5664-g3bf4ef6
SeHelpers.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS kernel-mode tests
3 * LICENSE: LGPLv2.1+ - See COPYING.LIB in the top level directory
4 * PURPOSE: Kernel-Mode Test Suite Helper functions for Se tests
5 * PROGRAMMER: Thomas Faber <thomas.faber@reactos.org>
6 */
7
8#include <kmt_test.h>
9#include "se.h"
10
13 _Inout_ PACL Acl,
19 _In_ BOOLEAN Failure)
20{
22 USHORT AceSize;
24
26 if (Failure) Flags |= FAILED_ACCESS_ACE_FLAG;
27
28 AceSize = FIELD_OFFSET(SYSTEM_AUDIT_ACE, SidStart) + RtlLengthSid(Sid);
29 Ace = ExAllocatePoolWithTag(PagedPool, AceSize, 'cAmK');
30 if (!Ace)
32 Ace->Header.AceType = SYSTEM_AUDIT_ACE_TYPE;
33 Ace->Header.AceFlags = Flags;
34 Ace->Header.AceSize = AceSize;
35 Ace->Mask = AccessMask;
36 Status = RtlCopySid(AceSize - FIELD_OFFSET(SYSTEM_AUDIT_ACE, SidStart),
37 (PSID)&Ace->SidStart,
38 Sid);
40 if (NT_SUCCESS(Status))
41 {
42 Status = RtlAddAce(Acl,
45 Ace,
46 AceSize);
47 }
48 ExFreePoolWithTag(Ace, 'cAmK');
49 return Status;
50}
51
54 _Inout_ PACL Acl,
59{
61 USHORT AceSize;
63
65 Ace = ExAllocatePoolWithTag(PagedPool, AceSize, 'cAmK');
66 if (!Ace)
68 Ace->Header.AceType = SYSTEM_MANDATORY_LABEL_ACE_TYPE;
69 Ace->Header.AceFlags = Flags;
70 Ace->Header.AceSize = AceSize;
71 Ace->Mask = AccessMask;
73 (PSID)&Ace->SidStart,
74 Sid);
76 if (NT_SUCCESS(Status))
77 {
78 Status = RtlAddAce(Acl,
81 Ace,
82 AceSize);
83 }
84 ExFreePoolWithTag(Ace, 'cAmK');
85 return Status;
86}
87
88VOID
91 _In_ ULONG SidSize,
92 _In_ PISID ExpectedSid,
93 _In_ PCSTR FileAndLine)
94{
95 BOOLEAN Okay;
97
98 KmtOk(Sid != NULL, FileAndLine, "Sid is NULL\n");
99 if (KmtSkip(Sid != NULL, FileAndLine, "No Sid\n"))
100 return;
101 if (KmtSkip(SidSize >= sizeof(ULONG), FileAndLine, "Sid too small: %lu\n", SidSize))
102 return;
103 Okay = RtlValidSid(Sid);
104 KmtOk(Okay == TRUE, FileAndLine, "Invalid Sid\n");
105 if (KmtSkip(Okay, FileAndLine, "Invalid Sid\n"))
106 return;
107
109 KmtOk(SidSize >= Length, FileAndLine, "SidSize %lu too small, need %lu\n", SidSize, Length);
110 if (KmtSkip(SidSize >= Length, FileAndLine, "Sid too small\n"))
111 return;
112 Okay = RtlEqualSid(Sid, ExpectedSid);
113 KmtOk(Okay, FileAndLine, "Sids %p and %p not equal\n", Sid, ExpectedSid);
114 if (!Okay)
115 {
116 WCHAR Buffer1[128];
117 WCHAR Buffer2[128];
118 UNICODE_STRING SidString1, SidString2;
119 RtlInitEmptyUnicodeString(&SidString1, Buffer1, sizeof(Buffer1));
120 RtlInitEmptyUnicodeString(&SidString2, Buffer2, sizeof(Buffer2));
122 (void)RtlConvertSidToUnicodeString(&SidString2, ExpectedSid, FALSE);
123 KmtOk(0, FileAndLine, "Got %wZ, expected %wZ\n", &SidString1, &SidString2);
124 }
125}
126
127VOID
129 _In_ PACL Acl,
130 _In_ ULONG AceCount,
131 _In_ PCSTR FileAndLine,
132 _In_ va_list Arguments)
133{
134 ULONG i;
136 PACE_HEADER AceHeader;
137 INT AceType;
140 PISID Sid;
141 PACCESS_ALLOWED_ACE AllowedAce;
142 PACCESS_DENIED_ACE DeniedAce;
143 PSYSTEM_AUDIT_ACE AuditAce;
144
145 KmtOk(Acl != NULL, FileAndLine, "Acl is NULL\n");
146 if (KmtSkip(Acl != NULL, FileAndLine, "No ACL\n"))
147 return;
148 KmtOk((ULONG_PTR)Acl % sizeof(ULONG) == 0, FileAndLine, "Unaligned ACL %p\n", Acl);
149 KmtOk(Acl->AclRevision == ACL_REVISION, FileAndLine, "AclRevision is %u\n", Acl->AclRevision);
150 KmtOk(Acl->Sbz1 == 0, FileAndLine, "Sbz1 is %u\n", Acl->Sbz1);
151 KmtOk(Acl->Sbz2 == 0, FileAndLine, "Sbz2 is %u\n", Acl->Sbz2);
152 KmtOk(Acl->AclSize >= sizeof(*Acl), FileAndLine, "AclSize too small: %u\n", Acl->AclSize);
153 KmtOk(Acl->AceCount == AceCount, FileAndLine, "AceCount is %u, expected %lu\n", Acl->AceCount, AceCount);
154 Offset = sizeof(*Acl);
155 for (i = 0; i < Acl->AceCount; i++)
156 {
157 KmtOk(Acl->AclSize >= Offset + sizeof(*AceHeader), FileAndLine, "AclSize too small (%u) at Offset %lu, ACE #%lu\n", Acl->AclSize, Offset, i);
158 if (Acl->AclSize < Offset + sizeof(*AceHeader))
159 break;
160 AceHeader = (PACE_HEADER)((PUCHAR)Acl + Offset);
161 KmtOk((ULONG_PTR)AceHeader % sizeof(ULONG) == 0, FileAndLine, "[%lu] Unaligned ACE %p\n", i, AceHeader);
162 KmtOk(AceHeader->AceSize % sizeof(ULONG) == 0, FileAndLine, "[%lu] Unaligned ACE size %u\n", i, AceHeader->AceSize);
163 KmtOk(Acl->AclSize >= Offset + AceHeader->AceSize, FileAndLine, "[%lu] AclSize too small (%u) at Offset %lu\n", i, Acl->AclSize, Offset);
164 if (Acl->AclSize < Offset + AceHeader->AceSize)
165 break;
166 Offset += AceHeader->AceSize;
167 if (i >= AceCount)
168 continue;
169 AceType = va_arg(Arguments, INT);
170 AceFlags = va_arg(Arguments, INT);
171 KmtOk(AceHeader->AceType == AceType, FileAndLine, "[%lu] AceType is %u, expected %u\n", i, AceHeader->AceType, AceType);
172 KmtOk(AceHeader->AceFlags == AceFlags, FileAndLine, "[%lu] AceFlags is 0x%x, expected 0x%x\n", i, AceHeader->AceFlags, AceFlags);
174 {
175 Sid = va_arg(Arguments, PSID);
176 Mask = va_arg(Arguments, INT);
177 KmtOk(AceHeader->AceSize >= sizeof(*AllowedAce), FileAndLine, "[%lu] AllowedAce AceSize too small: %u\n", i, AceHeader->AceSize);
178 if (AceHeader->AceSize < sizeof(*AllowedAce))
179 continue;
180 AllowedAce = (PACCESS_ALLOWED_ACE)AceHeader;
181 KmtOk(AllowedAce->Mask == Mask, FileAndLine, "[%lu] AllowedAce Mask is 0x%lx, expected 0x%lx\n", i, AllowedAce->Mask, Mask);
182 CheckSid__((PSID)&AllowedAce->SidStart,
183 AceHeader->AceSize - FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart),
184 Sid,
185 FileAndLine);
186 }
188 {
189 Sid = va_arg(Arguments, PSID);
190 Mask = va_arg(Arguments, INT);
191 KmtOk(AceHeader->AceSize >= sizeof(*DeniedAce), FileAndLine, "[%lu] DeniedAce AceSize too small: %u\n", i, AceHeader->AceSize);
192 if (AceHeader->AceSize < sizeof(*DeniedAce))
193 continue;
194 DeniedAce = (PACCESS_DENIED_ACE)AceHeader;
195 KmtOk(DeniedAce->Mask == Mask, FileAndLine, "[%lu] DeniedAce Mask is 0x%lx, expected 0x%lx\n", i, DeniedAce->Mask, Mask);
196 CheckSid__((PSID)&DeniedAce->SidStart,
197 AceHeader->AceSize - FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart),
198 Sid,
199 FileAndLine);
200 }
201 else if (AceType == SYSTEM_AUDIT_ACE_TYPE)
202 {
203 Sid = va_arg(Arguments, PSID);
204 Mask = va_arg(Arguments, INT);
205 KmtOk(AceHeader->AceSize >= sizeof(*AuditAce), FileAndLine, "[%lu] AuditAce AceSize too small: %u\n", i, AceHeader->AceSize);
206 if (AceHeader->AceSize < sizeof(*AuditAce))
207 continue;
208 AuditAce = (PSYSTEM_AUDIT_ACE)AceHeader;
209 KmtOk(AuditAce->Mask == Mask, FileAndLine, "[%lu] AuditAce Mask is 0x%lx, expected 0x%lx\n", i, AuditAce->Mask, Mask);
210 CheckSid__((PSID)&AuditAce->SidStart,
211 AceHeader->AceSize - FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart),
212 Sid,
213 FileAndLine);
214 }
215 }
216}
217
218VOID
220 _In_ PACL Acl,
221 _In_ ULONG AceCount,
222 _In_ PCSTR FileAndLine,
223 ...)
224{
225 va_list Arguments;
226
227 va_start(Arguments, FileAndLine);
228 VCheckAcl__(Acl, AceCount, FileAndLine, Arguments);
229 va_end(Arguments);
230}
unsigned char BOOLEAN
VOID VCheckAcl__(_In_ PACL Acl, _In_ ULONG AceCount, _In_ PCSTR FileAndLine, _In_ va_list Arguments)
Definition: SeHelpers.c:128
VOID CheckSid__(_In_ PSID Sid, _In_ ULONG SidSize, _In_ PISID ExpectedSid, _In_ PCSTR FileAndLine)
Definition: SeHelpers.c:89
VOID CheckAcl__(_In_ PACL Acl, _In_ ULONG AceCount, _In_ PCSTR FileAndLine,...)
Definition: SeHelpers.c:219
NTSTATUS RtlxAddAuditAccessAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
Definition: SeHelpers.c:12
NTSTATUS RtlxAddMandatoryLabelAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
Definition: SeHelpers.c:53
char * va_list
Definition: acmsvcex.h:78
#define va_end(ap)
Definition: acmsvcex.h:90
#define va_start(ap, A)
Definition: acmsvcex.h:91
#define va_arg(ap, T)
Definition: acmsvcex.h:89
LONG NTSTATUS
Definition: precomp.h:26
@ Ace
Definition: card.h:12
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static const ACEFLAG AceFlags[]
Definition: security.c:2423
static const ACEFLAG AceType[]
Definition: security.c:2382
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define PagedPool
Definition: env_spec_w32.h:308
@ Success
Definition: eventcreate.c:712
unsigned int Mask
Definition: fpcontrol.c:82
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
BOOLEAN BOOLEAN KmtOk(INT Condition, PCSTR FileAndLine, PCSTR Format,...) KMT_FORMAT(ms_printf
BOOLEAN BOOLEAN VOID VOID BOOLEAN BOOLEAN KmtSkip(INT Condition, PCSTR FileAndLine, PCSTR Format,...) KMT_FORMAT(ms_printf
unsigned char * PUCHAR
Definition: retypes.h:3
unsigned int ULONG
Definition: retypes.h:1
#define ASSERT(a)
Definition: mode.c:44
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
struct _SYSTEM_AUDIT_ACE * PSYSTEM_AUDIT_ACE
struct _ACCESS_DENIED_ACE * PACCESS_DENIED_ACE
struct _ACE_HEADER * PACE_HEADER
struct _ACCESS_ALLOWED_ACE * PACCESS_ALLOWED_ACE
#define _Inout_
Definition: ms_sal.h:378
#define _In_
Definition: ms_sal.h:308
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133
_In_ ULONG Revision
Definition: rtlfuncs.h:1130
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
ULONG ACCESS_MASK
Definition: nt_native.h:40
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
unsigned short USHORT
Definition: pedump.c:61
ACCESS_MASK Mask
Definition: ms-dtyp.idl:217
ACCESS_MASK Mask
Definition: ms-dtyp.idl:232
USHORT AceSize
Definition: ms-dtyp.idl:212
UCHAR AceFlags
Definition: ms-dtyp.idl:211
UCHAR AceType
Definition: ms-dtyp.idl:210
ACCESS_MASK Mask
Definition: ms-dtyp.idl:268
#define MAXULONG
Definition: typedefs.h:251
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
int32_t INT
Definition: typedefs.h:58
const char * PCSTR
Definition: typedefs.h:52
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
#define SYSTEM_AUDIT_ACE_TYPE
Definition: setypes.h:719
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
Definition: setypes.h:741
#define ACL_REVISION
Definition: setypes.h:39
#define FAILED_ACCESS_ACE_FLAG
Definition: setypes.h:754
#define SUCCESSFUL_ACCESS_ACE_FLAG
Definition: setypes.h:753
__wchar_t WCHAR
Definition: xmlstorage.h:180