ReactOS 0.4.16-dev-1067-ge98bba2
Macros | Functions
sqos.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for sqos.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

NTSTATUS NTAPI SepCaptureSecurityQualityOfService (_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
 Captures the security quality of service data given the object attributes from an object.
 
VOID NTAPI SepReleaseSecurityQualityOfService (_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases (frees) the captured SQOS data from an object in the memory pool.
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 11 of file sqos.c.

Function Documentation

◆ SepCaptureSecurityQualityOfService()

NTSTATUS NTAPI SepCaptureSecurityQualityOfService ( _In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
_Out_ PBOOLEAN  Present 
)

Captures the security quality of service data given the object attributes from an object.

Parameters
[in]ObjectAttributesAttributes of an object where SQOS is to be retrieved. If the caller doesn't fill object attributes to the function, it automatically assumes SQOS is not present, or if, there's no SQOS present in the object attributes list of the object itself.
[in]AccessModeProcessor access mode.
[in]PoolTypeThe pool type for the captured SQOS to be used for allocation.
[in]CaptureIfKernelCapture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
[out]CapturedSecurityQualityOfServiceThe captured SQOS data from the object.
[out]PresentReturns TRUE if SQOS is present in an object, FALSE otherwise. FALSE is also immediately returned if no object attributes is given to the call.
Returns
STATUS_SUCCESS if SQOS from the object has been fully and successfully captured. STATUS_INVALID_PARAMETER if the caller submits an invalid object attributes list. STATUS_INSUFFICIENT_RESOURCES if the function has failed to allocate some resources in the pool for the captured SQOS. A failure NTSTATUS code is returned otherwise.

Definition at line 52 of file sqos.c.

59{
60 PSECURITY_QUALITY_OF_SERVICE CapturedQos;
61 NTSTATUS Status = STATUS_SUCCESS;
62
63 PAGED_CODE();
64
65 ASSERT(CapturedSecurityQualityOfService);
66 ASSERT(Present);
67
68 if (ObjectAttributes != NULL)
69 {
70 if (AccessMode != KernelMode)
71 {
72 SECURITY_QUALITY_OF_SERVICE SafeQos;
73
74 _SEH2_TRY
75 {
76 ProbeForRead(ObjectAttributes,
77 sizeof(OBJECT_ATTRIBUTES),
78 sizeof(ULONG));
79 if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
80 {
81 if (ObjectAttributes->SecurityQualityOfService != NULL)
82 {
83 ProbeForRead(ObjectAttributes->SecurityQualityOfService,
84 sizeof(SECURITY_QUALITY_OF_SERVICE),
85 sizeof(ULONG));
86
87 if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
88 sizeof(SECURITY_QUALITY_OF_SERVICE))
89 {
90 /*
91 * Don't allocate memory here because ExAllocate should bugcheck
92 * the system if it's buggy, SEH would catch that! So make a local
93 * copy of the qos structure.
94 */
95 RtlCopyMemory(&SafeQos,
96 ObjectAttributes->SecurityQualityOfService,
97 sizeof(SECURITY_QUALITY_OF_SERVICE));
98 *Present = TRUE;
99 }
100 else
101 {
102 Status = STATUS_INVALID_PARAMETER;
103 }
104 }
105 else
106 {
107 *CapturedSecurityQualityOfService = NULL;
108 *Present = FALSE;
109 }
110 }
111 else
112 {
113 Status = STATUS_INVALID_PARAMETER;
114 }
115 }
116 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
117 {
118 Status = _SEH2_GetExceptionCode();
119 }
120 _SEH2_END;
121
122 if (NT_SUCCESS(Status))
123 {
124 if (*Present)
125 {
126 CapturedQos = ExAllocatePoolWithTag(PoolType,
127 sizeof(SECURITY_QUALITY_OF_SERVICE),
128 TAG_QOS);
129 if (CapturedQos != NULL)
130 {
131 RtlCopyMemory(CapturedQos,
132 &SafeQos,
133 sizeof(SECURITY_QUALITY_OF_SERVICE));
134 *CapturedSecurityQualityOfService = CapturedQos;
135 }
136 else
137 {
138 Status = STATUS_INSUFFICIENT_RESOURCES;
139 }
140 }
141 else
142 {
143 *CapturedSecurityQualityOfService = NULL;
144 }
145 }
146 }
147 else
148 {
149 if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
150 {
151 if (CaptureIfKernel)
152 {
153 if (ObjectAttributes->SecurityQualityOfService != NULL)
154 {
155 if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
156 sizeof(SECURITY_QUALITY_OF_SERVICE))
157 {
158 CapturedQos = ExAllocatePoolWithTag(PoolType,
159 sizeof(SECURITY_QUALITY_OF_SERVICE),
160 TAG_QOS);
161 if (CapturedQos != NULL)
162 {
163 RtlCopyMemory(CapturedQos,
164 ObjectAttributes->SecurityQualityOfService,
165 sizeof(SECURITY_QUALITY_OF_SERVICE));
166 *CapturedSecurityQualityOfService = CapturedQos;
167 *Present = TRUE;
168 }
169 else
170 {
171 Status = STATUS_INSUFFICIENT_RESOURCES;
172 }
173 }
174 else
175 {
176 Status = STATUS_INVALID_PARAMETER;
177 }
178 }
179 else
180 {
181 *CapturedSecurityQualityOfService = NULL;
182 *Present = FALSE;
183 }
184 }
185 else
186 {
187 *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
188 *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
189 }
190 }
191 else
192 {
193 Status = STATUS_INVALID_PARAMETER;
194 }
195 }
196 }
197 else
198 {
199 *CapturedSecurityQualityOfService = NULL;
200 *Present = FALSE;
201 }
202
203 return Status;
204}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Status
Definition: gdiplustypes.h:25
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
PSECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
ASSERT
#define ASSERT(a)
Definition: mode.c:44
KernelMode
#define KernelMode
Definition: asm.h:38
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:181
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
TAG_QOS
#define TAG_QOS
Definition: tag.h:153
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396

Referenced by NtDuplicateToken().

◆ SepReleaseSecurityQualityOfService()

VOID NTAPI SepReleaseSecurityQualityOfService ( _In_opt_ PSECURITY_QUALITY_OF_SERVICE  CapturedSecurityQualityOfService,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ BOOLEAN  CaptureIfKernel 
)

Releases (frees) the captured SQOS data from an object in the memory pool.

Parameters
[in]CapturedSecurityQualityOfServiceThe captured SQOS data to be released.
[in]AccessModeProcessor access mode.
[in]CaptureIfKernelCapture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
Returns
Nothing.

Definition at line 225 of file sqos.c.

229{
230 PAGED_CODE();
231
232 if (CapturedSecurityQualityOfService != NULL &&
233 (AccessMode != KernelMode || CaptureIfKernel))
234 {
235 ExFreePoolWithTag(CapturedSecurityQualityOfService, TAG_QOS);
236 }
237}
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109

Referenced by NtDuplicateToken().