ReactOS 0.4.15-dev-7953-g1f49173
sqos.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Security Quality of Service (SQoS) implementation support
5 * COPYRIGHT: Copyright David Welch <welch@cwcom.net>
6 */
7
8/* INCLUDES *******************************************************************/
9
10#include <ntoskrnl.h>
11#define NDEBUG
12#include <debug.h>
13
14/* FUNCTIONS *******************************************************************/
15
50NTSTATUS
51NTAPI
52SepCaptureSecurityQualityOfService(
53 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
54 _In_ KPROCESSOR_MODE AccessMode,
55 _In_ POOL_TYPE PoolType,
56 _In_ BOOLEAN CaptureIfKernel,
57 _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService,
58 _Out_ PBOOLEAN Present)
59{
60 PSECURITY_QUALITY_OF_SERVICE CapturedQos;
61 NTSTATUS Status = STATUS_SUCCESS;
62
63 PAGED_CODE();
64
65 ASSERT(CapturedSecurityQualityOfService);
66 ASSERT(Present);
67
68 if (ObjectAttributes != NULL)
69 {
70 if (AccessMode != KernelMode)
71 {
72 SECURITY_QUALITY_OF_SERVICE SafeQos;
73
74 _SEH2_TRY
75 {
76 ProbeForRead(ObjectAttributes,
77 sizeof(OBJECT_ATTRIBUTES),
78 sizeof(ULONG));
79 if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
80 {
81 if (ObjectAttributes->SecurityQualityOfService != NULL)
82 {
83 ProbeForRead(ObjectAttributes->SecurityQualityOfService,
84 sizeof(SECURITY_QUALITY_OF_SERVICE),
85 sizeof(ULONG));
86
87 if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
88 sizeof(SECURITY_QUALITY_OF_SERVICE))
89 {
90 /*
91 * Don't allocate memory here because ExAllocate should bugcheck
92 * the system if it's buggy, SEH would catch that! So make a local
93 * copy of the qos structure.
94 */
95 RtlCopyMemory(&SafeQos,
96 ObjectAttributes->SecurityQualityOfService,
97 sizeof(SECURITY_QUALITY_OF_SERVICE));
98 *Present = TRUE;
99 }
100 else
101 {
102 Status = STATUS_INVALID_PARAMETER;
103 }
104 }
105 else
106 {
107 *CapturedSecurityQualityOfService = NULL;
108 *Present = FALSE;
109 }
110 }
111 else
112 {
113 Status = STATUS_INVALID_PARAMETER;
114 }
115 }
116 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
117 {
118 Status = _SEH2_GetExceptionCode();
119 }
120 _SEH2_END;
121
122 if (NT_SUCCESS(Status))
123 {
124 if (*Present)
125 {
126 CapturedQos = ExAllocatePoolWithTag(PoolType,
127 sizeof(SECURITY_QUALITY_OF_SERVICE),
128 TAG_QOS);
129 if (CapturedQos != NULL)
130 {
131 RtlCopyMemory(CapturedQos,
132 &SafeQos,
133 sizeof(SECURITY_QUALITY_OF_SERVICE));
134 *CapturedSecurityQualityOfService = CapturedQos;
135 }
136 else
137 {
138 Status = STATUS_INSUFFICIENT_RESOURCES;
139 }
140 }
141 else
142 {
143 *CapturedSecurityQualityOfService = NULL;
144 }
145 }
146 }
147 else
148 {
149 if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
150 {
151 if (CaptureIfKernel)
152 {
153 if (ObjectAttributes->SecurityQualityOfService != NULL)
154 {
155 if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
156 sizeof(SECURITY_QUALITY_OF_SERVICE))
157 {
158 CapturedQos = ExAllocatePoolWithTag(PoolType,
159 sizeof(SECURITY_QUALITY_OF_SERVICE),
160 TAG_QOS);
161 if (CapturedQos != NULL)
162 {
163 RtlCopyMemory(CapturedQos,
164 ObjectAttributes->SecurityQualityOfService,
165 sizeof(SECURITY_QUALITY_OF_SERVICE));
166 *CapturedSecurityQualityOfService = CapturedQos;
167 *Present = TRUE;
168 }
169 else
170 {
171 Status = STATUS_INSUFFICIENT_RESOURCES;
172 }
173 }
174 else
175 {
176 Status = STATUS_INVALID_PARAMETER;
177 }
178 }
179 else
180 {
181 *CapturedSecurityQualityOfService = NULL;
182 *Present = FALSE;
183 }
184 }
185 else
186 {
187 *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
188 *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
189 }
190 }
191 else
192 {
193 Status = STATUS_INVALID_PARAMETER;
194 }
195 }
196 }
197 else
198 {
199 *CapturedSecurityQualityOfService = NULL;
200 *Present = FALSE;
201 }
202
203 return Status;
204}
205
223VOID
224NTAPI
225SepReleaseSecurityQualityOfService(
226 _In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
227 _In_ KPROCESSOR_MODE AccessMode,
228 _In_ BOOLEAN CaptureIfKernel)
229{
230 PAGED_CODE();
231
232 if (CapturedSecurityQualityOfService != NULL &&
233 (AccessMode != KernelMode || CaptureIfKernel))
234 {
235 ExFreePoolWithTag(CapturedSecurityQualityOfService, TAG_QOS);
236 }
237}
238
239/* EOF */
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
#define _SEH2_END
Definition: filesup.c:22
_SEH2_TRY
#define _SEH2_TRY
Definition: filesup.c:19
Status
Status
Definition: gdiplustypes.h:25
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
PSECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
ASSERT
#define ASSERT(a)
Definition: mode.c:44
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
_Out_
#define _Out_
Definition: ms_sal.h:345
_In_
#define _In_
Definition: ms_sal.h:308
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
KernelMode
#define KernelMode
Definition: asm.h:34
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:159
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
SepCaptureSecurityQualityOfService
NTSTATUS NTAPI SepCaptureSecurityQualityOfService(_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
Captures the security quality of service data given the object attributes from an object.
Definition: sqos.c:52
SepReleaseSecurityQualityOfService
VOID NTAPI SepReleaseSecurityQualityOfService(_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases (frees) the captured SQOS data from an object in the memory pool.
Definition: sqos.c:225
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
TAG_QOS
#define TAG_QOS
Definition: tag.h:154
PBOOLEAN
unsigned char * PBOOLEAN
Definition: typedefs.h:53
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
NTAPI
#define NTAPI
Definition: typedefs.h:36
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396