ReactOS 0.4.16-dev-1521-gb8f1da6
Functions
registry.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

HANDLE GetRootKeyByPredefKey (IN HANDLE KeyHandle, OUT PCWSTR *RootKeyMountPoint OPTIONAL)
 
HANDLE GetRootKeyByName (IN PCWSTR RootKeyName, OUT PCWSTR *RootKeyMountPoint OPTIONAL)
 
BOOLEAN ImportRegistryFile (IN PCWSTR SourcePath, IN PCWSTR FileName, IN PCWSTR Section, IN LCID LocaleId, IN BOOLEAN Delete)
 
NTSTATUS VerifyRegistryHives (IN PUNICODE_STRING NtSystemRoot, OUT PBOOLEAN ShouldRepairRegistry)
 
NTSTATUS RegInitializeRegistry (IN PUNICODE_STRING NtSystemRoot)
 
VOID RegCleanupRegistry (IN PUNICODE_STRING NtSystemRoot)
 

Function Documentation

◆ GetRootKeyByName()

HANDLE GetRootKeyByName ( IN PCWSTR  RootKeyName,
OUT PCWSTR *RootKeyMountPoint  OPTIONAL 
)

Definition at line 107 of file registry.c.

110{
111 UCHAR i;
112
113 for (i = 0; i < ARRAYSIZE(RootKeys); ++i)
114 {
115 if (!_wcsicmp(RootKeyName, RootKeys[i].Name))
116 {
117 if (RootKeyMountPoint)
118 *RootKeyMountPoint = RootKeys[i].MountPoint;
119 return RootKeys[i].Handle;
120 }
121 }
122
123 return NULL;
124}
RootKeys
ROOT_KEY RootKeys[]
Definition: registry.c:70
Name
LPWSTR Name
Definition: desk.c:124
NULL
#define NULL
Definition: types.h:112
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
_ROOT_KEY::Handle
HANDLE Handle
Definition: registry.c:67
_ROOT_KEY::MountPoint
PCWSTR MountPoint
Definition: registry.c:66
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by registry_callback().

◆ GetRootKeyByPredefKey()

HANDLE GetRootKeyByPredefKey ( IN HANDLE  KeyHandle,
OUT PCWSTR *RootKeyMountPoint  OPTIONAL 
)

Definition at line 90 of file registry.c.

93{
94 ULONG_PTR Index = GetPredefKeyIndex(KeyHandle);
95
96 if (!IsPredefKey(KeyHandle))
97 return NULL;
98 if (Index >= ARRAYSIZE(RootKeys))
99 return NULL;
100
101 if (RootKeyMountPoint)
102 *RootKeyMountPoint = RootKeys[Index].MountPoint;
103 return RootKeys[Index].Handle;
104}
IsPredefKey
#define IsPredefKey(HKey)
Definition: registry.c:83
GetPredefKeyIndex
#define GetPredefKeyIndex(HKey)
Definition: registry.c:86
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182

Referenced by AddCodepageToRegistry(), AddFontsSettingsToRegistry(), AddHotkeySettings(), AddKbLayoutsToRegistry(), ProcessDisplayRegistry(), ProcessLocaleRegistry(), SetDefaultPagefile(), SetGeoID(), and SetMountedDeviceValue().

◆ ImportRegistryFile()

BOOLEAN ImportRegistryFile ( IN PCWSTR  SourcePath,
IN PCWSTR  FileName,
IN PCWSTR  Section,
IN LCID  LocaleId,
IN BOOLEAN  Delete 
)

Definition at line 507 of file registry.c.

513{
514 HINF hInf;
515 UINT ErrorLine;
516 WCHAR FileNameBuffer[MAX_PATH];
517
518 /* Load the INF file from the installation media */
519 CombinePaths(FileNameBuffer, ARRAYSIZE(FileNameBuffer), 2,
520 SourcePath, FileName);
521
522 hInf = SpInfOpenInfFile(FileNameBuffer,
523 NULL,
524 INF_STYLE_WIN4,
525 LocaleId,
526 &ErrorLine);
527 if (hInf == INVALID_HANDLE_VALUE)
528 {
529 DPRINT1("SpInfOpenInfFile() failed\n");
530 return FALSE;
531 }
532
533#if 0
534 if (!registry_callback(hInf, L"DelReg", FALSE))
535 {
536 DPRINT1("registry_callback() failed\n");
537 SpInfCloseInfFile(hInf);
538 return FALSE;
539 }
540#endif
541
542 if (!registry_callback(hInf, L"AddReg", FALSE))
543 {
544 DPRINT1("registry_callback() failed\n");
545 SpInfCloseInfFile(hInf);
546 return FALSE;
547 }
548
549 if (!registry_callback(hInf, L"AddReg.NT" INF_ARCH, FALSE))
550 {
551 DPRINT1("registry_callback() failed\n");
552 SpInfCloseInfFile(hInf);
553 return FALSE;
554 }
555
556 SpInfCloseInfFile(hInf);
557 return TRUE;
558}
DPRINT1
#define DPRINT1
Definition: precomp.h:8
FileNameBuffer
WCHAR FileNameBuffer[MAX_PATH]
Definition: framewnd.c:248
registry_callback
static BOOLEAN registry_callback(HINF hInf, PCWSTR Section, BOOLEAN Delete)
Definition: registry.c:412
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
L
#define L(x)
Definition: resources.c:13
CombinePaths
NTSTATUS CombinePaths(OUT PWSTR PathBuffer, IN SIZE_T cchPathSize, IN ULONG NumberOfPathComponents, IN ...)
Definition: filesup.c:664
INF_STYLE_WIN4
#define INF_STYLE_WIN4
Definition: infsupp.h:43
SpInfOpenInfFile
#define SpInfOpenInfFile
Definition: infsupp.h:148
SpInfCloseInfFile
#define SpInfCloseInfFile
Definition: infsupp.h:139
UINT
unsigned int UINT
Definition: ndis.h:50
_FileName
Definition: filecomp.c:348
LocaleId
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ PCUNICODE_STRING _In_ PCUNICODE_STRING _In_ LCID LocaleId
Definition: wdfpdo.h:437
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

◆ RegCleanupRegistry()

VOID RegCleanupRegistry ( IN PUNICODE_STRING  NtSystemRoot)

Definition at line 997 of file registry.c.

999{
1000 NTSTATUS Status;
1001 HANDLE KeyHandle;
1002 UNICODE_STRING KeyName;
1003 OBJECT_ATTRIBUTES ObjectAttributes;
1004 BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
1005 UINT i;
1006 WCHAR SrcPath[MAX_PATH];
1007 WCHAR DstPath[MAX_PATH];
1008
1009 /* Acquire restore privilege */
1010 Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
1011 if (!NT_SUCCESS(Status))
1012 {
1013 DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
1014 /* Exit prematurely here.... */
1015 return;
1016 }
1017
1018 /* Acquire backup privilege */
1019 Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
1020 if (!NT_SUCCESS(Status))
1021 {
1022 DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
1023 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
1024 /* Exit prematurely here.... */
1025 return;
1026 }
1027
1028 /*
1029 * To keep the running system clean we need first to remove the symlinks
1030 * we have created and then unmounting the hives. Finally we delete the
1031 * master registry keys.
1032 */
1033
1034 for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
1035 {
1036 if (RegistryHives[i].State == Create || RegistryHives[i].State == Repair)
1037 {
1038 /* Delete the registry symlink to this key */
1039 Status = DeleteSymLinkKey(RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
1040 RegistryHives[i].RegSymLink);
1041 if (!NT_SUCCESS(Status))
1042 {
1043 DPRINT1("DeleteSymLinkKey(%S) failed, Status 0x%08lx\n",
1044 RegistryHives[i].RegSymLink, Status);
1045 }
1046
1047 /* Unmount the hive */
1048 Status = DisconnectRegistry(NULL,
1049 RegistryHives[i].HiveRegistryPath,
1050 1 /* REG_FORCE_UNLOAD */);
1051 if (!NT_SUCCESS(Status))
1052 {
1053 DPRINT1("Unmounting '%S' failed\n", RegistryHives[i].HiveRegistryPath);
1054 }
1055
1056 /* Switch the hive state to 'Update' */
1057 RegistryHives[i].State = Update;
1058 }
1059 else
1060 {
1061 /* Delete the *DUMMY* volatile hives created for the update procedure */
1062
1063 RtlInitUnicodeString(&KeyName, RegistryHives[i].RegSymLink);
1064 InitializeObjectAttributes(&ObjectAttributes,
1065 &KeyName,
1066 OBJ_CASE_INSENSITIVE,
1067 RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
1068 NULL);
1069 KeyHandle = NULL;
1070 Status = NtOpenKey(&KeyHandle,
1071 DELETE,
1072 &ObjectAttributes);
1073 if (!NT_SUCCESS(Status))
1074 {
1075 DPRINT1("NtOpenKey(%wZ) failed, Status 0x%08lx\n", &KeyName, Status);
1076 // return;
1077 }
1078
1079 NtDeleteKey(KeyHandle);
1080 NtClose(KeyHandle);
1081 }
1082 }
1083
1084 /*
1085 * FIXME: Once force-unloading keys is correctly fixed, I'll fix
1086 * this code that closes some of the registry keys that were opened
1087 * inside the hives we've just unmounted above...
1088 */
1089
1090 /* Remove the registry root keys */
1091 for (i = 0; i < ARRAYSIZE(RootKeys); ++i)
1092 {
1093 if (RootKeys[i].Handle)
1094 {
1095 NtFlushKey(RootKeys[i].Handle); // FIXME: Why does it hang? Answer: because we have some problems in CMAPI!
1096 NtDeleteKey(RootKeys[i].Handle);
1097 NtClose(RootKeys[i].Handle);
1098 RootKeys[i].Handle = NULL;
1099 }
1100 }
1101
1102 //
1103 // RegBackupRegistry()
1104 //
1105 /* Now backup the hives into .sav files */
1106 for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
1107 {
1108 if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
1109 continue;
1110
1111 CombinePaths(SrcPath, ARRAYSIZE(SrcPath), 3,
1112 NtSystemRoot->Buffer, L"System32\\config", RegistryHives[i].HiveName);
1113 RtlStringCchCopyW(DstPath, ARRAYSIZE(DstPath), SrcPath);
1114 RtlStringCchCatW(DstPath, ARRAYSIZE(DstPath), L".sav");
1115
1116 DPRINT1("Copy hive: %S ==> %S\n", SrcPath, DstPath);
1117 Status = SetupCopyFile(SrcPath, DstPath, FALSE);
1118 if (!NT_SUCCESS(Status))
1119 {
1120 DPRINT1("SetupCopyFile() failed (Status %lx)\n", Status);
1121 // return Status;
1122 }
1123 }
1124
1125 /* Remove restore and backup privileges */
1126 RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
1127 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
1128}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RegistryHives
HIVE_LIST_ENTRY RegistryHives[]
Definition: registry.c:581
Create
@ Create
Definition: registry.c:563
Update
@ Update
Definition: registry.c:565
Repair
@ Repair
Definition: registry.c:564
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
SetupCopyFile
NTSTATUS SetupCopyFile(IN PCWSTR SourceFileName, IN PCWSTR DestinationFileName, IN BOOLEAN FailIfExists)
Definition: filesup.c:223
Handle
ULONG Handle
Definition: gdb_input.c:15
Status
Status
Definition: gdiplustypes.h:25
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
SE_BACKUP_PRIVILEGE
#define SE_BACKUP_PRIVILEGE
Definition: security.c:671
SE_RESTORE_PRIVILEGE
#define SE_RESTORE_PRIVILEGE
Definition: security.c:672
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
RtlAdjustPrivilege
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
DELETE
#define DELETE
Definition: nt_native.h:57
NtDeleteKey
NTSTATUS NTAPI NtDeleteKey(IN HANDLE KeyHandle)
Definition: ntapi.c:408
NtFlushKey
NTSTATUS NTAPI NtFlushKey(IN HANDLE KeyHandle)
Definition: ntapi.c:1085
NtSystemRoot
UNICODE_STRING NtSystemRoot
Definition: init.c:76
RtlStringCchCopyW
NTSTRSAFEAPI RtlStringCchCopyW(_Out_writes_(cchDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cchDest, _In_ NTSTRSAFE_PCWSTR pszSrc)
Definition: ntstrsafe.h:127
RtlStringCchCatW
NTSTRSAFEAPI RtlStringCchCatW(_Inout_updates_(cchDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cchDest, _In_ NTSTRSAFE_PCWSTR pszSrc)
Definition: ntstrsafe.h:601
DisconnectRegistry
NTSTATUS DisconnectRegistry(IN HANDLE RootKey OPTIONAL, IN PCWSTR RegMountPoint, IN ULONG Flags)
Definition: regutil.c:432
DeleteSymLinkKey
NTSTATUS DeleteSymLinkKey(IN HANDLE RootKey OPTIONAL, IN PCWSTR LinkKeyName)
Definition: regutil.c:318
DstPath
IN HANDLE DstPath
Definition: fsutil.h:81
_HIVE_LIST_ENTRY::HiveName
PCWSTR HiveName
Definition: registry.c:570
_HIVE_LIST_ENTRY::State
HIVE_UPDATE_STATE State
Definition: registry.c:574
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_UNICODE_STRING
Definition: env_spec_w32.h:368
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699

Referenced by UpdateRegistry().

◆ RegInitializeRegistry()

NTSTATUS RegInitializeRegistry ( IN PUNICODE_STRING  NtSystemRoot)

Definition at line 679 of file registry.c.

681{
682 NTSTATUS Status;
683 HANDLE KeyHandle;
684 UNICODE_STRING KeyName;
685 OBJECT_ATTRIBUTES ObjectAttributes;
686 BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
687 ULONG Disposition;
688 UINT i;
689
690 /* Acquire restore privilege */
691 Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
692 if (!NT_SUCCESS(Status))
693 {
694 DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
695 /* Exit prematurely here.... */
696 return Status;
697 }
698
699 /* Acquire backup privilege */
700 Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
701 if (!NT_SUCCESS(Status))
702 {
703 DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
704 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
705 /* Exit prematurely here.... */
706 return Status;
707 }
708
709 /*
710 * Create the template proto-hive.
711 *
712 * Use a dummy root key name:
713 * - On 2k/XP/2k3, this is "$$$PROTO.HIV"
714 * - On Vista+, this is "CMI-CreateHive{guid}"
715 * See https://github.com/libyal/winreg-kb/blob/main/docs/sources/windows-registry/Files.md
716 * for more information.
717 */
718 RtlInitUnicodeString(&KeyName, L"\\Registry\\Machine\\SYSTEM\\$$$PROTO.HIV");
719 InitializeObjectAttributes(&ObjectAttributes,
720 &KeyName,
721 OBJ_CASE_INSENSITIVE,
722 NULL,
723 NULL);
724 Status = NtCreateKey(&KeyHandle,
725 KEY_ALL_ACCESS,
726 &ObjectAttributes,
727 0,
728 NULL,
729 REG_OPTION_NON_VOLATILE,
730 NULL);
731 if (!NT_SUCCESS(Status))
732 {
733 DPRINT1("NtCreateKey() failed to create the proto-hive (Status %lx)\n", Status);
734 goto Quit;
735 }
736 NtFlushKey(KeyHandle);
737
738 for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
739 {
740 if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
741 continue;
742
743 Status = CreateRegistryFile(NtSystemRoot,
744 RegistryHives[i].HiveName,
745 RegistryHives[i].State != Repair, // RegistryHives[i].State == Create,
746 KeyHandle);
747 if (!NT_SUCCESS(Status))
748 {
749 DPRINT1("CreateRegistryFile(%S) failed, Status 0x%08lx\n", RegistryHives[i].HiveName, Status);
750 /* Exit prematurely here.... */
751 /* That is now done, remove the proto-hive */
752 NtDeleteKey(KeyHandle);
753 NtClose(KeyHandle);
754 goto Quit;
755 }
756 }
757
758 /* That is now done, remove the proto-hive */
759 NtDeleteKey(KeyHandle);
760 NtClose(KeyHandle);
761
762
763 /*
764 * Prepare the registry root keys. Since we cannot create real registry keys
765 * inside the master keys (\Registry, \Registry\Machine or \Registry\User),
766 * we need to perform some SymLink tricks instead.
767 */
768
769 /* Our offline HKLM '\Registry\Machine' is inside '\Registry\Machine\SYSTEM\USetup_Machine' */
770 RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].MountPoint);
771 InitializeObjectAttributes(&ObjectAttributes,
772 &KeyName,
773 OBJ_CASE_INSENSITIVE,
774 NULL,
775 NULL);
776 KeyHandle = NULL;
777 Status = NtCreateKey(&KeyHandle,
778 KEY_ALL_ACCESS,
779 &ObjectAttributes,
780 0,
781 NULL,
782 // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
783 // but I need to check whether it works OK on ReactOS too.
784 REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
785 &Disposition);
786 if (!NT_SUCCESS(Status))
787 {
788 DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
789 // return Status;
790 }
791 RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle = KeyHandle;
792
793 /* Our offline HKU '\Registry\User' is inside '\Registry\Machine\SYSTEM\USetup_User' */
794 RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_USERS)].MountPoint);
795 InitializeObjectAttributes(&ObjectAttributes,
796 &KeyName,
797 OBJ_CASE_INSENSITIVE,
798 NULL,
799 NULL);
800 KeyHandle = NULL;
801 Status = NtCreateKey(&KeyHandle,
802 KEY_ALL_ACCESS,
803 &ObjectAttributes,
804 0,
805 NULL,
806 // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
807 // but I need to check whether it works OK on ReactOS too.
808 REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
809 &Disposition);
810 if (!NT_SUCCESS(Status))
811 {
812 DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
813 // return Status;
814 }
815 RootKeys[GetPredefKeyIndex(HKEY_USERS)].Handle = KeyHandle;
816
817
818 /*
819 * Now properly mount the offline hive files
820 */
821 for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
822 {
823 // if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
824 // continue;
825
826 if (RegistryHives[i].State == Create || RegistryHives[i].State == Repair)
827 {
828 Status = ConnectRegistry(NULL,
829 RegistryHives[i].HiveRegistryPath,
830 NtSystemRoot,
831 RegistryHives[i].HiveName
832 /* SystemSecurity, sizeof(SystemSecurity) */);
833 if (!NT_SUCCESS(Status))
834 {
835 DPRINT1("ConnectRegistry(%S) failed, Status 0x%08lx\n",
836 RegistryHives[i].HiveName, Status);
837 }
838
839 /* Create the registry symlink to this key */
840 Status = CreateSymLinkKey(RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
841 RegistryHives[i].RegSymLink,
842 RegistryHives[i].HiveRegistryPath);
843 if (!NT_SUCCESS(Status))
844 {
845 DPRINT1("CreateSymLinkKey(%S) failed, Status 0x%08lx\n",
846 RegistryHives[i].RegSymLink, Status);
847 }
848 }
849 else
850 {
851 /* Create *DUMMY* volatile hives just to make the update procedure working */
852
853 RtlInitUnicodeString(&KeyName, RegistryHives[i].RegSymLink);
854 InitializeObjectAttributes(&ObjectAttributes,
855 &KeyName,
856 OBJ_CASE_INSENSITIVE,
857 RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
858 NULL);
859 KeyHandle = NULL;
860 Status = NtCreateKey(&KeyHandle,
861 KEY_ALL_ACCESS,
862 &ObjectAttributes,
863 0,
864 NULL,
865 // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
866 // but I need to check whether it works OK on ReactOS too.
867 REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
868 &Disposition);
869 if (!NT_SUCCESS(Status))
870 {
871 DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
872 // return Status;
873 }
874 NtClose(KeyHandle);
875 }
876 }
877
878
879 /* HKCU is a handle to 'HKU\.DEFAULT' */
880#if 0
881 RtlInitUnicodeString(&KeyName, L".DEFAULT");
882 InitializeObjectAttributes(&ObjectAttributes,
883 &KeyName,
884 OBJ_CASE_INSENSITIVE,
885 RootKeys[GetPredefKeyIndex(HKEY_USERS)].Handle,
886 NULL);
887#else
888 RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_CURRENT_USER)].MountPoint);
889 InitializeObjectAttributes(&ObjectAttributes,
890 &KeyName,
891 OBJ_CASE_INSENSITIVE,
892 NULL,
893 NULL);
894#endif
895 KeyHandle = NULL;
896 Status = NtOpenKey(&KeyHandle,
897 KEY_ALL_ACCESS,
898 &ObjectAttributes);
899 if (!NT_SUCCESS(Status))
900 {
901 DPRINT1("NtOpenKey(%wZ) failed (Status %lx)\n", &KeyName, Status);
902 }
903 RootKeys[GetPredefKeyIndex(HKEY_CURRENT_USER)].Handle = KeyHandle;
904
905
906 /* HKCR is a handle to 'HKLM\Software\Classes' */
907#if 0
908 RtlInitUnicodeString(&KeyName, L"Software\\Classes");
909 InitializeObjectAttributes(&ObjectAttributes,
910 &KeyName,
911 OBJ_CASE_INSENSITIVE,
912 RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
913 NULL);
914#else
915 RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_CLASSES_ROOT)].MountPoint);
916 InitializeObjectAttributes(&ObjectAttributes,
917 &KeyName,
918 OBJ_CASE_INSENSITIVE,
919 NULL,
920 NULL);
921#endif
922 KeyHandle = NULL;
923 /* We use NtCreateKey instead of NtOpenKey because Software\Classes doesn't exist originally */
924 Status = NtCreateKey(&KeyHandle,
925 KEY_ALL_ACCESS,
926 &ObjectAttributes,
927 0,
928 NULL,
929 REG_OPTION_NON_VOLATILE,
930 &Disposition);
931 if (!NT_SUCCESS(Status))
932 {
933 DPRINT1("NtCreateKey(%wZ) failed (Status %lx)\n", &KeyName, Status);
934 }
935 else
936 {
937 DPRINT("NtCreateKey() succeeded to %s the %wZ key (Status %lx)\n",
938 Disposition == REG_CREATED_NEW_KEY ? "create" : /* REG_OPENED_EXISTING_KEY */ "open",
939 &KeyName, Status);
940 }
941 RootKeys[GetPredefKeyIndex(HKEY_CLASSES_ROOT)].Handle = KeyHandle;
942
943
944 Status = STATUS_SUCCESS;
945
946
947 /* Create the 'HKLM\SYSTEM\ControlSet001' key */
948 // REGISTRY_SETUP_MACHINE L"SYSTEM\\ControlSet001"
949 RtlInitUnicodeString(&KeyName, L"SYSTEM\\ControlSet001");
950 InitializeObjectAttributes(&ObjectAttributes,
951 &KeyName,
952 OBJ_CASE_INSENSITIVE,
953 RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
954 NULL);
955 Status = NtCreateKey(&KeyHandle,
956 KEY_ALL_ACCESS,
957 &ObjectAttributes,
958 0,
959 NULL,
960 REG_OPTION_NON_VOLATILE,
961 &Disposition);
962 if (!NT_SUCCESS(Status))
963 {
964 DPRINT1("NtCreateKey() failed to create the ControlSet001 key (Status %lx)\n", Status);
965 // return Status;
966 }
967 else
968 {
969 DPRINT("NtCreateKey() succeeded to %s the ControlSet001 key (Status %lx)\n",
970 Disposition == REG_CREATED_NEW_KEY ? "create" : /* REG_OPENED_EXISTING_KEY */ "open",
971 Status);
972 }
973 NtClose(KeyHandle);
974
975 /* Create the 'HKLM\SYSTEM\CurrentControlSet' symlink */
976 Status = CreateSymLinkKey(RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
977 L"SYSTEM\\CurrentControlSet",
978 REGISTRY_SETUP_MACHINE L"SYSTEM\\ControlSet001");
979 if (!NT_SUCCESS(Status))
980 {
981 DPRINT1("CreateSymLinkKey(CurrentControlSet) failed, Status 0x%08lx\n", Status);
982 }
983
984
985 Status = STATUS_SUCCESS;
986
987
988Quit:
989 /* Remove restore and backup privileges */
990 RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
991 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
992
993 return Status;
994}
REGISTRY_SETUP_MACHINE
#define REGISTRY_SETUP_MACHINE
Definition: registry.c:60
Disposition
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: cmfuncs.h:56
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
REG_CREATED_NEW_KEY
#define REG_CREATED_NEW_KEY
Definition: nt_native.h:1084
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
CreateRegistryFile
NTSTATUS CreateRegistryFile(IN PUNICODE_STRING NtSystemRoot, IN PCWSTR RegistryKey, IN BOOLEAN IsHiveNew, IN HANDLE ProtoKeyHandle)
Definition: regutil.c:140
CreateSymLinkKey
NTSTATUS CreateSymLinkKey(IN HANDLE RootKey OPTIONAL, IN PCWSTR LinkKeyName, IN PCWSTR TargetKeyName)
Definition: regutil.c:254
ConnectRegistry
NTSTATUS ConnectRegistry(IN HANDLE RootKey OPTIONAL, IN PCWSTR RegMountPoint, IN PUNICODE_STRING NtSystemRoot, IN PCWSTR RegistryKey)
Definition: regutil.c:391
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
DPRINT
#define DPRINT
Definition: sndvol32.h:73
ULONG
uint32_t ULONG
Definition: typedefs.h:59
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
HKEY_CURRENT_USER
#define HKEY_CURRENT_USER
Definition: winreg.h:11
HKEY_CLASSES_ROOT
#define HKEY_CLASSES_ROOT
Definition: winreg.h:10
HKEY_USERS
#define HKEY_USERS
Definition: winreg.h:13

Referenced by main(), and UpdateRegistry().

◆ VerifyRegistryHives()

NTSTATUS VerifyRegistryHives ( IN PUNICODE_STRING  NtSystemRoot,
OUT PBOOLEAN  ShouldRepairRegistry 
)

These hives are created by LSASS during 2nd stage setup

Definition at line 603 of file registry.c.

606{
607 NTSTATUS Status;
608 BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
609 UINT i;
610
611 /* Suppose first the registry hives do not have to be fully recreated */
612 *ShouldRepairRegistry = FALSE;
613
614 /* Acquire restore privilege */
615 Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
616 if (!NT_SUCCESS(Status))
617 {
618 DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
619 /* Exit prematurely here.... */
620 return Status;
621 }
622
623 /* Acquire backup privilege */
624 Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
625 if (!NT_SUCCESS(Status))
626 {
627 DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
628 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
629 /* Exit prematurely here.... */
630 return Status;
631 }
632
633 for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
634 {
635 Status = VerifyRegistryHive(NtSystemRoot, RegistryHives[i].HiveName);
636 if (!NT_SUCCESS(Status))
637 {
638 DPRINT1("Registry hive '%S' needs repair!\n", RegistryHives[i].HiveName);
639 RegistryHives[i].State = Repair;
640 *ShouldRepairRegistry = TRUE;
641 }
642 else
643 {
644 RegistryHives[i].State = Update;
645 }
646 }
647
649 for (i = 0; i < ARRAYSIZE(SecurityRegistryHives); ++i)
650 {
651 Status = VerifyRegistryHive(NtSystemRoot, SecurityRegistryHives[i].HiveName);
652 if (!NT_SUCCESS(Status))
653 {
654 DPRINT1("Registry hive '%S' needs repair!\n", SecurityRegistryHives[i].HiveName);
655 SecurityRegistryHives[i].State = Repair;
656 /*
657 * Note that it's not the role of the 1st-stage installer to fix
658 * the security hives. This should be done at 2nd-stage installation
659 * by LSASS.
660 */
661 }
662 else
663 {
664 SecurityRegistryHives[i].State = Update;
665 }
666 }
667
668 /* Reset the status (we succeeded in checking all the hives) */
669 Status = STATUS_SUCCESS;
670
671 /* Remove restore and backup privileges */
672 RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
673 RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
674
675 return Status;
676}
SecurityRegistryHives
HIVE_LIST_ENTRY SecurityRegistryHives[]
Definition: registry.c:594
VerifyRegistryHive
NTSTATUS VerifyRegistryHive(IN PUNICODE_STRING NtSystemRoot, IN PCWSTR RegistryKey)
Definition: regutil.c:455

Referenced by UpdateRegistry().