ReactOS  0.4.15-dev-3165-gdf6fff7
sqos.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for sqos.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

NTSTATUS NTAPI SepCaptureSecurityQualityOfService (_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
 Captures the security quality of service data given the object attributes from an object. More...
 
VOID NTAPI SepReleaseSecurityQualityOfService (_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases (frees) the captured SQOS data from an object in the memory pool. More...
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 11 of file sqos.c.

Function Documentation

◆ SepCaptureSecurityQualityOfService()

NTSTATUS NTAPI SepCaptureSecurityQualityOfService ( _In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
_Out_ PBOOLEAN  Present 
)

Captures the security quality of service data given the object attributes from an object.

Parameters
[in]ObjectAttributesAttributes of an object where SQOS is to be retrieved. If the caller doesn't fill object attributes to the function, it automatically assumes SQOS is not present, or if, there's no SQOS present in the object attributes list of the object itself.
[in]AccessModeProcessor access mode.
[in]PoolTypeThe pool type for the captured SQOS to be used for allocation.
[in]CaptureIfKernelCapture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
[out]CapturedSecurityQualityOfServiceThe captured SQOS data from the object.
[out]PresentReturns TRUE if SQOS is present in an object, FALSE otherwise. FALSE is also immediately returned if no object attributes is given to the call.
Returns
STATUS_SUCCESS if SQOS from the object has been fully and successfully captured. STATUS_INVALID_PARAMETER if the caller submits an invalid object attributes list. STATUS_INSUFFICIENT_RESOURCES if the function has failed to allocate some resources in the pool for the captured SQOS. A failure NTSTATUS code is returned otherwise.

Definition at line 52 of file sqos.c.

59 {
60  PSECURITY_QUALITY_OF_SERVICE CapturedQos;
62 
63  PAGED_CODE();
64 
65  ASSERT(CapturedSecurityQualityOfService);
66  ASSERT(Present);
67 
68  if (ObjectAttributes != NULL)
69  {
70  if (AccessMode != KernelMode)
71  {
73 
74  _SEH2_TRY
75  {
77  sizeof(OBJECT_ATTRIBUTES),
78  sizeof(ULONG));
80  {
81  if (ObjectAttributes->SecurityQualityOfService != NULL)
82  {
83  ProbeForRead(ObjectAttributes->SecurityQualityOfService,
85  sizeof(ULONG));
86 
87  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
89  {
90  /*
91  * Don't allocate memory here because ExAllocate should bugcheck
92  * the system if it's buggy, SEH would catch that! So make a local
93  * copy of the qos structure.
94  */
95  RtlCopyMemory(&SafeQos,
96  ObjectAttributes->SecurityQualityOfService,
98  *Present = TRUE;
99  }
100  else
101  {
103  }
104  }
105  else
106  {
107  *CapturedSecurityQualityOfService = NULL;
108  *Present = FALSE;
109  }
110  }
111  else
112  {
114  }
115  }
117  {
119  }
120  _SEH2_END;
121 
122  if (NT_SUCCESS(Status))
123  {
124  if (*Present)
125  {
126  CapturedQos = ExAllocatePoolWithTag(PoolType,
128  TAG_QOS);
129  if (CapturedQos != NULL)
130  {
131  RtlCopyMemory(CapturedQos,
132  &SafeQos,
134  *CapturedSecurityQualityOfService = CapturedQos;
135  }
136  else
137  {
139  }
140  }
141  else
142  {
143  *CapturedSecurityQualityOfService = NULL;
144  }
145  }
146  }
147  else
148  {
149  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
150  {
151  if (CaptureIfKernel)
152  {
153  if (ObjectAttributes->SecurityQualityOfService != NULL)
154  {
155  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
157  {
158  CapturedQos = ExAllocatePoolWithTag(PoolType,
160  TAG_QOS);
161  if (CapturedQos != NULL)
162  {
163  RtlCopyMemory(CapturedQos,
164  ObjectAttributes->SecurityQualityOfService,
166  *CapturedSecurityQualityOfService = CapturedQos;
167  *Present = TRUE;
168  }
169  else
170  {
172  }
173  }
174  else
175  {
177  }
178  }
179  else
180  {
181  *CapturedSecurityQualityOfService = NULL;
182  *Present = FALSE;
183  }
184  }
185  else
186  {
187  *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
188  *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
189  }
190  }
191  else
192  {
194  }
195  }
196  }
197  else
198  {
199  *CapturedSecurityQualityOfService = NULL;
200  *Present = FALSE;
201  }
202 
203  return Status;
204 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
_SEH2_TRY
Definition: create.c:4226
#define FALSE
Definition: types.h:117
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Status
Definition: gdiplustypes.h:24
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
Definition: create.c:4400
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define TAG_QOS
Definition: tag.h:177
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define PAGED_CODE()

Referenced by NtDuplicateToken().

◆ SepReleaseSecurityQualityOfService()

VOID NTAPI SepReleaseSecurityQualityOfService ( _In_opt_ PSECURITY_QUALITY_OF_SERVICE  CapturedSecurityQualityOfService,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ BOOLEAN  CaptureIfKernel 
)

Releases (frees) the captured SQOS data from an object in the memory pool.

Parameters
[in]CapturedSecurityQualityOfServiceThe captured SQOS data to be released.
[in]AccessModeProcessor access mode.
[in]CaptureIfKernelCapture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
Returns
Nothing.

Definition at line 225 of file sqos.c.

229 {
230  PAGED_CODE();
231 
232  if (CapturedSecurityQualityOfService != NULL &&
233  (AccessMode != KernelMode || CaptureIfKernel))
234  {
235  ExFreePoolWithTag(CapturedSecurityQualityOfService, TAG_QOS);
236  }
237 }
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
#define NULL
Definition: types.h:112
#define TAG_QOS
Definition: tag.h:177
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define PAGED_CODE()

Referenced by NtDuplicateToken().