#include <ntoskrnl.h>#include <debug.h>
Include dependency graph for sqos.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
Functions | |
| NTSTATUS NTAPI | SepCaptureSecurityQualityOfService (_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present) |
| Captures the security quality of service data given the object attributes from an object. | |
| VOID NTAPI | SepReleaseSecurityQualityOfService (_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel) |
| Releases (frees) the captured SQOS data from an object in the memory pool. | |
Macro Definition Documentation
◆ NDEBUG
Function Documentation
◆ SepCaptureSecurityQualityOfService()
| NTSTATUS NTAPI SepCaptureSecurityQualityOfService | ( | _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, |
| _In_ KPROCESSOR_MODE | AccessMode, | ||
| _In_ POOL_TYPE | PoolType, | ||
| _In_ BOOLEAN | CaptureIfKernel, | ||
| _Out_ PSECURITY_QUALITY_OF_SERVICE * | CapturedSecurityQualityOfService, | ||
| _Out_ PBOOLEAN | Present | ||
| ) |
Captures the security quality of service data given the object attributes from an object.
- Parameters
-
[in] ObjectAttributes Attributes of an object where SQOS is to be retrieved. If the caller doesn't fill object attributes to the function, it automatically assumes SQOS is not present, or if, there's no SQOS present in the object attributes list of the object itself. [in] AccessMode Processor access mode. [in] PoolType The pool type for the captured SQOS to be used for allocation. [in] CaptureIfKernel Capture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise. [out] CapturedSecurityQualityOfService The captured SQOS data from the object. [out] Present Returns TRUE if SQOS is present in an object, FALSE otherwise. FALSE is also immediately returned if no object attributes is given to the call.
- Returns
- STATUS_SUCCESS if SQOS from the object has been fully and successfully captured. STATUS_INVALID_PARAMETER if the caller submits an invalid object attributes list. STATUS_INSUFFICIENT_RESOURCES if the function has failed to allocate some resources in the pool for the captured SQOS. A failure NTSTATUS code is returned otherwise.
Definition at line 52 of file sqos.c.
59{
60 PSECURITY_QUALITY_OF_SERVICE CapturedQos;
62
63 PAGED_CODE();
64
65 ASSERT(CapturedSecurityQualityOfService);
66 ASSERT(Present);
67
69 {
71 {
72 SECURITY_QUALITY_OF_SERVICE SafeQos;
73
74 _SEH2_TRY
75 {
80 {
82 {
86
89 {
90 /*
91 * Don't allocate memory here because ExAllocate should bugcheck
92 * the system if it's buggy, SEH would catch that! So make a local
93 * copy of the qos structure.
94 */
95 RtlCopyMemory(&SafeQos,
96 ObjectAttributes->SecurityQualityOfService,
98 *Present = TRUE;
99 }
100 else
101 {
103 }
104 }
105 else
106 {
107 *CapturedSecurityQualityOfService = NULL;
108 *Present = FALSE;
109 }
110 }
111 else
112 {
114 }
115 }
117 {
119 }
120 _SEH2_END;
121
123 {
124 if (*Present)
125 {
128 TAG_QOS);
130 {
131 RtlCopyMemory(CapturedQos,
132 &SafeQos,
134 *CapturedSecurityQualityOfService = CapturedQos;
135 }
136 else
137 {
139 }
140 }
141 else
142 {
143 *CapturedSecurityQualityOfService = NULL;
144 }
145 }
146 }
147 else
148 {
150 {
151 if (CaptureIfKernel)
152 {
154 {
157 {
160 TAG_QOS);
162 {
163 RtlCopyMemory(CapturedQos,
164 ObjectAttributes->SecurityQualityOfService,
166 *CapturedSecurityQualityOfService = CapturedQos;
167 *Present = TRUE;
168 }
169 else
170 {
172 }
173 }
174 else
175 {
177 }
178 }
179 else
180 {
181 *CapturedSecurityQualityOfService = NULL;
182 *Present = FALSE;
183 }
184 }
185 else
186 {
187 *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
189 }
190 }
191 else
192 {
194 }
195 }
196 }
197 else
198 {
199 *CapturedSecurityQualityOfService = NULL;
200 *Present = FALSE;
201 }
202
204}
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
Definition: umtypes.h:182
Definition: lsa.idl:63
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
Referenced by NtDuplicateToken().
◆ SepReleaseSecurityQualityOfService()
| VOID NTAPI SepReleaseSecurityQualityOfService | ( | _In_opt_ PSECURITY_QUALITY_OF_SERVICE | CapturedSecurityQualityOfService, |
| _In_ KPROCESSOR_MODE | AccessMode, | ||
| _In_ BOOLEAN | CaptureIfKernel | ||
| ) |
Releases (frees) the captured SQOS data from an object in the memory pool.
- Parameters
-
[in] CapturedSecurityQualityOfService The captured SQOS data to be released. [in] AccessMode Processor access mode. [in] CaptureIfKernel Capture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
- Returns
- Nothing.
Definition at line 225 of file sqos.c.
Referenced by NtDuplicateToken().
