#include <stdio.h>#include <windef.h>#include <winbase.h>#include <winreg.h>#include <ndk/cmfuncs.h>#include <ndk/exfuncs.h>#include <ndk/iofuncs.h>#include <ndk/kefuncs.h>#include <ndk/lpcfuncs.h>#include <ndk/mmfuncs.h>#include <ndk/obfuncs.h>#include <ndk/psfuncs.h>#include <ndk/rtlfuncs.h>#include <ndk/setypes.h>#include <ndk/umfuncs.h>#include <ntstrsafe.h>#include <sm/smmsg.h>
Include dependency graph for smss.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Classes | |
| struct | _SMP_REGISTRY_VALUE |
| struct | _SMP_SUBSYSTEM |
Macros | |
| #define | WIN32_NO_STATUS |
| #define | NTOS_MODE_USER |
| #define | SMP_DEBUG_FLAG 0x01 |
| #define | SMP_ASYNC_FLAG 0x02 |
| #define | SMP_AUTOCHK_FLAG 0x04 |
| #define | SMP_SUBSYSTEM_FLAG 0x08 |
| #define | SMP_INVALID_PATH 0x10 |
| #define | SMP_DEFERRED_FLAG 0x20 |
| #define | SMP_POSIX_FLAG 0x100 |
| #define | SMP_OS2_FLAG 0x200 |
Typedefs | |
| typedef struct _SMP_REGISTRY_VALUE | SMP_REGISTRY_VALUE |
| typedef struct _SMP_REGISTRY_VALUE * | PSMP_REGISTRY_VALUE |
| typedef struct _SMP_SUBSYSTEM | SMP_SUBSYSTEM |
| typedef struct _SMP_SUBSYSTEM * | PSMP_SUBSYSTEM |
Macro Definition Documentation
◆ NTOS_MODE_USER
◆ SMP_ASYNC_FLAG
◆ SMP_AUTOCHK_FLAG
◆ SMP_DEBUG_FLAG
◆ SMP_DEFERRED_FLAG
◆ SMP_INVALID_PATH
◆ SMP_OS2_FLAG
◆ SMP_POSIX_FLAG
◆ SMP_SUBSYSTEM_FLAG
◆ WIN32_NO_STATUS
Typedef Documentation
◆ PSMP_REGISTRY_VALUE
| typedef struct _SMP_REGISTRY_VALUE * PSMP_REGISTRY_VALUE |
◆ PSMP_SUBSYSTEM
| typedef struct _SMP_SUBSYSTEM * PSMP_SUBSYSTEM |
◆ SMP_REGISTRY_VALUE
◆ SMP_SUBSYSTEM
| typedef struct _SMP_SUBSYSTEM SMP_SUBSYSTEM |
Function Documentation
◆ SmpAcquirePrivilege()
Definition at line 40 of file smutil.c.
42{
46
47 /* Assume failure */
48 *PrivilegeState = NULL;
49
50 /* Acquire the state structure to hold everything we need */
52 0,
57
58 /* Open our token */
61 &State->TokenHandle);
63 {
64 /* Fail */
67 }
68
69 /* Set one privilege in the enabled state */
72 State->NewPrivileges->PrivilegeCount = 1;
75
76 /* Adjust the privileges in the token */
79 FALSE,
80 State->NewPrivileges,
81 Size,
82 State->OldPrivileges,
83 &Size);
85 {
86 /* Our static buffer is not big enough, allocate a bigger one */
89 {
90 /* Out of memory, fail */
92 goto Quickie;
93 }
94
95 /* Now try again */
97 FALSE,
98 State->NewPrivileges,
99 Size,
100 State->OldPrivileges,
101 &Size);
102 }
103
104 /* Normalize failure code and check for success */
107 {
108 /* We got the privilege, return */
109 *PrivilegeState = State;
111 }
112
113Quickie:
114 /* Check if we used a dynamic buffer */
116 {
117 /* Free it */
119 }
120
121 /* Close the token handle and free the state structure */
125}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
Definition: security.c:350
Definition: stack_allocator.h:18
Definition: setypes.h:73
Definition: smutil.c:26
Definition: setypes.h:1018
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: tokenadj.c:451
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
FORCEINLINE LUID NTAPI_INLINE RtlConvertUlongToLuid(_In_ ULONG Val)
Definition: rtlfuncs.h:3541
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
Referenced by _main(), SmpLoadSubSystem(), and SmpLoadSubSystemsForMuSession().
◆ SmpAllocateSessionId()
| ULONG NTAPI SmpAllocateSessionId | ( | IN PSMP_SUBSYSTEM | Subsystem, |
| IN PSMP_SUBSYSTEM | OtherSubsystem | ||
| ) |
Definition at line 123 of file smsessn.c.
125{
127 PSMP_SESSION Session;
128
129 /* Allocate a new ID while under the lock */
132
133 /* Check for overflow */
135 {
136 /* Break if it happened */
138 }
139 else
140 {
141 /* Detect it for next time */
144 }
145
146 /* Allocate a session structure */
148 if (Session)
149 {
150 /* Write the session data and insert it into the session list */
151 Session->Subsystem = Subsystem;
153 Session->OtherSubsystem = OtherSubsystem;
155 }
156 else
157 {
159 }
160
161 /* Release the session lock */
164}
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
Definition: smsessn.c:19
Referenced by SmpLoadSubSystem(), and SmpSbCreateSession().
◆ SmpApiLoop()
Definition at line 423 of file smloop.c.
424{
429 SM_API_MSG RequestMsg;
430 PROCESS_BASIC_INFORMATION ProcessInformation;
432
433 /* Increase the number of API threads for throttling code for later */
435
436 /* Mark us critical */
438
439 /* Set the PID of the SM process itself for later checking */
442 &ProcessInformation,
443 sizeof(ProcessInformation),
444 NULL);
446
447 /* Now process incoming messages */
449 {
450 /* Begin waiting on a request */
453 &ReplyMsg->h,
454 &RequestMsg.h);
456 {
457 /* Ran out of memory, so do a little timeout and try again */
459 Timeout.QuadPart = -50000000;
461 continue;
462 }
463
464 /* Check what kind of request we received */
466 {
467 /* A new connection */
469 /* Create the right structures for it */
471 ReplyMsg = NULL;
472 break;
473
474 /* A closed connection */
476 /* Destroy any state we had for this client */
478 //if (ClientContext) SmpPushDeferredClientContext(ClientContext);
479 ReplyMsg = NULL;
480 break;
481
482 /* An actual API message */
483 default:
485 {
486 ReplyMsg = NULL;
487 break;
488 }
489
491
492 /* Check if the API is valid */
494 {
495 /* It isn't, fail */
498 }
500 !(ClientContext->Subsystem))
501 {
502 /* It's valid, but doesn't have a subsystem with it */
505 }
506 else
507 {
508 /* It's totally okay, so call the dispatcher for it */
510 ClientContext,
511 SmApiPort);
512 }
513
514 /* Write the result value and return the message back */
516 ReplyMsg = &RequestMsg;
517 break;
518 }
519 }
521}
while(CdLookupNextInitialFileDirent(IrpContext, Fcb, FileContext))
Definition: nsiface.idl:2307
long __cdecl _InterlockedExchangeAdd(_Interlocked_operand_ long volatile *_Addend, long _Value)
NTSYSAPI NTSTATUS __cdecl RtlSetThreadIsCritical(_In_ BOOLEAN NewValue, _Out_opt_ PBOOLEAN OldValue, _In_ BOOLEAN NeedBreaks)
NTSTATUS NTAPI NtDelayExecution(IN BOOLEAN Alertable, IN PLARGE_INTEGER DelayInterval)
Definition: wait.c:876
NTSTATUS NTAPI NtReplyWaitReceivePort(IN HANDLE PortHandle, OUT PVOID *PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage OPTIONAL, OUT PPORT_MESSAGE ReceiveMessage)
Definition: reply.c:743
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59
NTSTATUS NTAPI SmpHandleConnectionRequest(IN HANDLE SmApiPort, IN PSB_API_MSG SbApiMsg)
Definition: smloop.c:273
PSM_API_HANDLER SmpApiDispatch[SmpMaxApiNumber - SmpCreateForeignSessionApi]
Definition: smloop.c:258
Definition: winternl.h:402
Definition: smmsg.h:231
Definition: smloop.c:19
Definition: smmsg.h:103
Definition: typedefs.h:103
Referenced by SmpInit().
◆ SmpCheckDuplicateMuSessionId()
Definition at line 37 of file smsessn.c.
38{
39 PSMP_SUBSYSTEM Subsystem;
41 PLIST_ENTRY NextEntry;
42
43 /* Lock the subsystem database */
45
46 /* Scan each entry */
49 {
50 /* Check if this entry has the same session ID */
53 {
54 /* Break out of here! */
55 FoundDuplicate = TRUE;
56 break;
57 }
58
59 /* Keep going */
60 NextEntry = NextEntry->Flink;
61 }
62
63 /* Release the database and return the result */
65 return FoundDuplicate;
66}
Definition: typedefs.h:120
Definition: smss.h:64
Referenced by SmpLoadDeferedSubsystem(), SmpLoadSubSystem(), and SmpSbCreateSession().
◆ SmpCheckForCrashDump()
| BOOLEAN NTAPI SmpCheckForCrashDump | ( | IN PUNICODE_STRING | FileName | ) |
Definition at line 20 of file crashdmp.c.
Referenced by SmpCreatePagingFileOnFixedDrive().
◆ SmpCreatePagingFileDescriptor()
| NTSTATUS NTAPI SmpCreatePagingFileDescriptor | ( | IN PUNICODE_STRING | PageFileToken | ) |
Definition at line 139 of file pagefile.c.
140{
142 ULONG MinSize = 0, MaxSize = 0;
147 PLIST_ENTRY NextEntry;
148 UNICODE_STRING PageFileName, Arguments, SecondArgument;
149
150 /* Make sure we don't have too many */
152 {
154 SmpNumberOfPagingFiles);
156 }
157
158 /* Parse the specified and get the name and arguments out of it */
161 NULL,
162 &PageFileName,
163 NULL,
164 &Arguments);
166 {
167 /* Fail */
169 PageFileToken, Status);
171 }
172
173 /* Set the variable to let everyone know we have a pagefile token */
175
176 /* Parse the arguments, if any */
178 {
179 /* Parse the pagefile size */
181 {
182 /* Check if it's zero */
185 {
186 /* It isn't, break out */
187 ZeroSize = FALSE;
188 break;
189 }
190 }
191 }
192
193 /* Was a pagefile not specified, or was it specified with no size? */
195 {
196 /* In this case, the system will manage its size */
197 SystemManaged = TRUE;
198 }
199 else
200 {
201 /* We do have a size, so convert the arguments into a number */
204 {
205 /* Fail */
206 RtlFreeUnicodeString(&PageFileName);
207 RtlFreeUnicodeString(&Arguments);
209 }
210
211 /* Now advance to the next argument */
213 {
214 /* Found a space -- second argument must start here */
216 {
217 /* Use the rest of the arguments as a maximum size */
225 {
226 /* Fail */
227 RtlFreeUnicodeString(&PageFileName);
228 RtlFreeUnicodeString(&Arguments);
230 }
231
232 break;
233 }
234 }
235 }
236
237 /* We are done parsing arguments */
238 RtlFreeUnicodeString(&Arguments);
239
240 /* Now we can allocate our descriptor */
242 HEAP_ZERO_MEMORY,
245 {
246 /* Fail if we couldn't */
247 RtlFreeUnicodeString(&PageFileName);
249 }
250
251 /* Capture all our data into the descriptor */
252 Descriptor->Token = *PageFileToken;
253 Descriptor->Name = PageFileName;
256 if (SystemManaged)
261 {
263 }
264
265 /* Now loop the existing descriptors */
267 do
268 {
269 /* Are there none, or have we looped back to the beginning? */
271 {
272 /* This means no duplicates exist, so insert our descriptor! */
274 SmpNumberOfPagingFiles++;
276 PageFileToken, &Descriptor->Name);
278 }
279
280 /* Keep going until we find a duplicate, unless we are in "any" mode */
282 NextEntry = NextEntry->Flink;
285
286 /* We found a duplicate, so skip this descriptor/pagefile and fail */
288 RtlFreeUnicodeString(&PageFileName);
291}
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToInteger(PUNICODE_STRING String, ULONG Base, PULONG Value)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSTATUS NTAPI SmpParseCommandLine(IN PUNICODE_STRING CommandLine, OUT PULONG Flags, OUT PUNICODE_STRING FileName, OUT PUNICODE_STRING Directory, OUT PUNICODE_STRING Arguments)
Definition: smutil.c:233
Definition: pagefile.c:95
Definition: env_spec_w32.h:368
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:342
Referenced by SmpLoadDataFromRegistry().
◆ SmpCreatePagingFiles()
Definition at line 1049 of file pagefile.c.
1050{
1055 PLIST_ENTRY NextEntry;
1056
1057 /* Check if no paging files were requested */
1059 {
1060 /* The list should be empty -- nothing to do */
1064 }
1065
1066 /* Initialize the volume descriptors so we can know what's available */
1069 {
1070 /* We can't make decisions without this, so fail */
1072 Status);
1074 }
1075
1076 /* If we fail creating pagefiles, try to reduce by this much each time */
1078
1079 /* Loop the descriptor list */
1082 {
1083 /* Check what kind of descriptor this is */
1086 {
1087 /* This is a system-managed descriptor. Create the correct file */
1089 &Descriptor->Name);
1092 {
1093 /* We failed -- try again, with size minimization this time */
1095 &Descriptor->Name);
1097 }
1098 }
1099 else
1100 {
1101 /* This is a manually entered descriptor. Validate its size first */
1103
1104 /* Check if this is an ANY pagefile or a FIXED pagefile */
1106 &Descriptor->Name);
1108 {
1109 /* It's an any pagefile, try to create it wherever possible */
1112 &FuzzFactor,
1113 &Size);
1115 {
1116 /* We failed to create it. Try again with a smaller size */
1118 &Descriptor->Name);
1121 &FuzzFactor,
1122 &Size);
1123 }
1124 }
1125 else
1126 {
1127 /* It's a fixed pagefile: override the minimum and use ours */
1130 &FuzzFactor,
1131 &Size);
1132 }
1133 }
1134
1135 /* Go to the next descriptor */
1137 NextEntry = NextEntry->Flink;
1138 }
1139
1140 /* Check if none of the code in our loops above was able to create it */
1141 if (!Created)
1142 {
1143 /* Build an emergency pagefile ourselves */
1146 }
1147
1148 /* All done */
1150}
NTSTATUS NTAPI SmpCreateEmergencyPagingFile(VOID)
Definition: pagefile.c:834
NTSTATUS NTAPI SmpCreatePagingFileOnAnyDrive(IN PSMP_PAGEFILE_DESCRIPTOR Descriptor, IN PLARGE_INTEGER FuzzFactor, IN PLARGE_INTEGER MinimumSize)
Definition: pagefile.c:667
NTSTATUS NTAPI SmpCreatePagingFileOnFixedDrive(IN PSMP_PAGEFILE_DESCRIPTOR Descriptor, IN PLARGE_INTEGER FuzzFactor, IN PLARGE_INTEGER MinimumSize)
Definition: pagefile.c:535
NTSTATUS NTAPI SmpCreateSystemManagedPagingFile(IN PSMP_PAGEFILE_DESCRIPTOR Descriptor, IN BOOLEAN DecreaseSize)
Definition: pagefile.c:801
NTSTATUS NTAPI SmpValidatePagingFileSizes(IN PSMP_PAGEFILE_DESCRIPTOR Descriptor)
Definition: pagefile.c:749
Referenced by SmpLoadDataFromRegistry().
◆ SmpCreateSecurityDescriptors()
Definition at line 975 of file sminit.c.
976{
984 PACL Acl;
987
988 /* Check if this is the first call */
989 if (InitialCall)
990 {
991 /* Create and set the primary descriptor */
997 TRUE,
998 NULL,
999 FALSE);
1001
1002 /* Create and set the liberal descriptor */
1005 SECURITY_DESCRIPTOR_REVISION);
1008 TRUE,
1009 NULL,
1010 FALSE);
1012
1013 /* Create and set the \KnownDlls descriptor */
1016 SECURITY_DESCRIPTOR_REVISION);
1019 TRUE,
1020 NULL,
1021 FALSE);
1023
1024 /* Create and Set the \ApiPort descriptor */
1027 SECURITY_DESCRIPTOR_REVISION);
1030 TRUE,
1031 NULL,
1032 FALSE);
1034 }
1035
1036 /* Check if protection was requested in the registry (on by default) */
1038
1039 /* Exit if there's nothing to do */
1041
1042 /* Build the world SID */
1044 SECURITY_WORLD_RID,
1045 0, 0, 0, 0, 0, 0, 0,
1046 &WorldSid);
1048 {
1050 goto Quickie;
1051 }
1052
1053 /* Build the admin SID */
1056 DOMAIN_ALIAS_RID_ADMINS,
1057 0, 0, 0, 0, 0, 0,
1058 &AdminSid);
1060 {
1062 goto Quickie;
1063 }
1064
1065 /* Build the owner SID */
1068 0, 0, 0, 0, 0, 0, 0,
1069 &OwnerSid);
1071 {
1072 OwnerSid = NULL;
1073 goto Quickie;
1074 }
1075
1076 /* Build the restricted SID */
1079 0, 0, 0, 0, 0, 0, 0,
1080 &RestrictedSid);
1082 {
1083 RestrictedSid = NULL;
1084 goto Quickie;
1085 }
1086
1087 /* Build the system SID */
1090 0, 0, 0, 0, 0, 0, 0,
1091 &SystemSid);
1093 {
1094 SystemSid = NULL;
1095 goto Quickie;
1096 }
1097
1098 /* Now check if we're creating the core descriptors */
1099 if (!InitialCall)
1100 {
1101 /* We're skipping NextAcl so we have to do this here */
1103 SidLength *= 2;
1104 goto NotInitial;
1105 }
1106
1107 /* Allocate an ACL with two ACEs with two SIDs each */
1113
1114 /* Now build the ACL and add the two ACEs */
1121
1122 /* Set this as the DACL */
1124 TRUE,
1125 Acl,
1126 FALSE);
1128
1129NextAcl:
1130 /* Allocate an ACL with 6 ACEs, two ACEs per SID */
1132 SidLength *= 2;
1137
1138 /* Now build the ACL and add the six ACEs */
1147 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
1149 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
1153
1154 /* Now edit the last three ACEs and make them inheritable */
1164
1165 /* Set this as the DACL */
1167 TRUE,
1168 Acl,
1169 FALSE);
1171
1172NotInitial:
1173 /* The initial ACLs have been created, are we also protecting objects? */
1174 if (!ProtectionRequired) goto Quickie;
1175
1176 /* Allocate an ACL with 7 ACEs, two ACEs per SID, and one final owner ACE */
1177 SidLength += RtlLengthSid(OwnerSid);
1182
1183 /* Build the ACL and add the seven ACEs */
1188 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, RestrictedSid);
1194 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, RestrictedSid);
1200
1201 /* Edit the last 4 ACEs to make then inheritable */
1214
1215 /* Set this as the DACL for the primary SD */
1217 TRUE,
1218 Acl,
1219 FALSE);
1221
1222 /* Allocate an ACL with 7 ACEs, two ACEs per SID, and one final owner ACE */
1227
1228 /* Build the ACL and add the seven ACEs */
1231 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
1233 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
1237 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
1239 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
1245
1246 /* Edit the last 4 ACEs to make then inheritable */
1259
1260 /* Now set this as the DACL for the liberal SD */
1262 TRUE,
1263 Acl,
1264 FALSE);
1266
1267Quickie:
1268 /* Cleanup the SIDs */
1275}
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
struct _ACL ACL
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
PISECURITY_DESCRIPTOR SmpLiberalSecurityDescriptor
Definition: sminit.c:38
PISECURITY_DESCRIPTOR SmpKnownDllsSecurityDescriptor
Definition: sminit.c:39
PISECURITY_DESCRIPTOR SmpApiPortSecurityDescriptor
Definition: sminit.c:39
PISECURITY_DESCRIPTOR SmpPrimarySecurityDescriptor
Definition: sminit.c:38
Definition: ms-dtyp.idl:215
Definition: ms-dtyp.idl:209
Definition: ms-dtyp.idl:293
Definition: ms-dtyp.idl:194
Definition: ms-dtyp.idl:198
Referenced by SmpConfigureProtectionMode(), and SmpInit().
◆ SmpDeleteSession()
Definition at line 98 of file smsessn.c.
99{
100 PSMP_SESSION Session;
101
102 /* Enter the lock and get the session structure */
105 if (Session)
106 {
107 /* Remove it from the list */
110
111 /* Now free the structure outside of the lock */
113 }
114 else
115 {
116 /* ID doesn't map to one of our structures, nothing to do... */
118 }
119}
PSMP_SESSION NTAPI SmpSessionIdToSession(IN ULONG SessionId)
Definition: smsessn.c:70
Referenced by SmpLoadSubSystem(), and SmpSbCreateSession().
◆ SmpDereferenceSubsystem()
| VOID NTAPI SmpDereferenceSubsystem | ( | IN PSMP_SUBSYSTEM | SubSystem | ) |
Definition at line 47 of file smsubsys.c.
48{
49 /* Acquire the database lock while we (potentially) destroy this subsystem */
51
52 /* Drop the reference and see if it's terminating */
53 if (!(--SubSystem->ReferenceCount) && (SubSystem->Terminating))
54 {
55 /* Close all handles and free it */
60 }
61
62 /* Release the database lock */
64}
Referenced by SmpHandleConnectionRequest(), SmpLoadSubSystem(), and SmpSbCreateSession().
◆ SmpExecuteCommand()
| NTSTATUS NTAPI SmpExecuteCommand | ( | IN PUNICODE_STRING | CommandLine, |
| IN ULONG | MuSessionId, | ||
| OUT PHANDLE | ProcessId, | ||
| IN ULONG | Flags | ||
| ) |
Definition at line 210 of file smss.c.
214{
217
218 /* There's no longer a debugging subsystem */
220
221 /* Parse the command line to see what execution flags are requested */
223 &Flags,
224 &FileName,
225 &Directory,
226 &Arguments);
228 {
229 /* Fail if we couldn't do that */
231 CommandLine, Status);
233 }
234
235 /* Check if autochk is requested */
237 {
238 /* Run it */
240 }
242 {
244 &Directory,
245 CommandLine,
246 MuSessionId,
247 ProcessId,
248 Flags);
249 }
251 {
252 /* An invalid image was specified, fail */
255 }
256 else
257 {
258 /* An actual image name was present, execute it */
260 &Directory,
261 CommandLine,
262 MuSessionId,
263 Flags,
264 NULL);
265 }
266
267 /* Free all the token parameters */
271
272 /* Return to the caller */
274 {
276 CommandLine, Status);
277 }
279}
NTSTATUS NTAPI SmpExecuteImage(IN PUNICODE_STRING FileName, IN PUNICODE_STRING Directory, IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, IN ULONG Flags, IN PRTL_USER_PROCESS_INFORMATION ProcessInformation)
Definition: smss.c:30
NTSTATUS NTAPI SmpInvokeAutoChk(IN PUNICODE_STRING FileName, IN PUNICODE_STRING Directory, IN PUNICODE_STRING Arguments, IN ULONG Flags)
Definition: smss.c:149
NTSTATUS NTAPI SmpLoadSubSystem(IN PUNICODE_STRING FileName, IN PUNICODE_STRING Directory, IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, OUT PHANDLE ProcessId, IN ULONG Flags)
Definition: smsubsys.c:138
Definition: filecomp.c:348
Referenced by SmpLoadDataFromRegistry(), SmpLoadDeferedSubsystem(), and SmpLoadSubSystemsForMuSession().
◆ SmpExecuteImage()
| NTSTATUS NTAPI SmpExecuteImage | ( | IN PUNICODE_STRING | FileName, |
| IN PUNICODE_STRING | Directory, | ||
| IN PUNICODE_STRING | CommandLine, | ||
| IN ULONG | MuSessionId, | ||
| IN ULONG | Flags, | ||
| IN PRTL_USER_PROCESS_INFORMATION | ProcessInformation | ||
| ) |
Definition at line 30 of file smss.c.
36{
37 PRTL_USER_PROCESS_INFORMATION ProcessInfo;
39 RTL_USER_PROCESS_INFORMATION LocalProcessInfo;
40 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
41
42 /* Use the input process information if we have it, otherwise use local */
43 ProcessInfo = ProcessInformation;
44 if (!ProcessInfo) ProcessInfo = &LocalProcessInfo;
45
46 /* Create parameters for the target process */
48 FileName,
51 Directory,
52 CommandLine,
54 NULL,
55 NULL,
56 NULL,
57 0);
59 {
60 /* This is a pretty bad failure. ASSERT on checked builds and exit */
65 }
66
67 /* Set the size field as required */
69
70 /* Check if the debug flag was requested */
72 {
73 /* Write it in the process parameters */
74 ProcessParameters->DebugFlags = 1;
75 }
76 else
77 {
78 /* Otherwise inherit the flag that was passed to SMSS itself */
80 }
81
82 /* Subsystems get the first 1MB of memory reserved for DOS/IVT purposes */
84 {
86 }
87
88 /* And always force NX for anything that SMSS launches */
90
91 /* Now create the process in suspended state */
94 ProcessParameters,
95 NULL,
96 NULL,
97 NULL,
98 FALSE,
99 NULL,
100 NULL,
101 ProcessInfo);
102 RtlDestroyProcessParameters(ProcessParameters);
104 {
105 /* If we couldn't create it, fail back to the caller */
109 }
110
111 /* Associate a session with this process */
113
114 /* If the application is deferred (suspended), there's nothing to do */
116
117 /* Otherwise, get ready to start it, but make sure it's a native app */
119 {
120 /* Resume it */
123 {
124 /* Block on it unless Async was requested */
126 }
127
128 /* It's up and running now, close our handles */
131 }
132 else
133 {
134 /* This image is invalid, so kill it, close our handles, and fail */
141 }
142
143 /* Return the outcome of the process create */
145}
NTSYSAPI NTSTATUS NTAPI RtlDestroyProcessParameters(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(_Out_ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters, _In_ PUNICODE_STRING ImagePathName, _In_opt_ PUNICODE_STRING DllPath, _In_opt_ PUNICODE_STRING CurrentDirectory, _In_opt_ PUNICODE_STRING CommandLine, _In_opt_ PWSTR Environment, _In_opt_ PUNICODE_STRING WindowTitle, _In_opt_ PUNICODE_STRING DesktopInfo, _In_opt_ PUNICODE_STRING ShellInfo, _In_opt_ PUNICODE_STRING RuntimeInfo)
NTSYSAPI NTSTATUS NTAPI RtlCreateUserProcess(_In_ PUNICODE_STRING ImageFileName, _In_ ULONG Attributes, _In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters, _In_opt_ PSECURITY_DESCRIPTOR ProcessSecutityDescriptor, _In_opt_ PSECURITY_DESCRIPTOR ThreadSecurityDescriptor, _In_opt_ HANDLE ParentProcess, _In_ BOOLEAN CurrentDirectory, _In_opt_ HANDLE DebugPort, _In_opt_ HANDLE ExceptionPort, _Out_ PRTL_USER_PROCESS_INFORMATION ProcessInfo)
#define RTL_USER_PROCESS_PARAMETERS_RESERVE_1MB
Definition: rtltypes.h:46
NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, LONG ExitStatus)
NTSYSAPI NTSTATUS NTAPI NtWaitForSingleObject(IN HANDLE hObject, IN BOOLEAN bAlertable, IN PLARGE_INTEGER Timeout)
NTSTATUS NTAPI NtResumeThread(IN HANDLE ThreadHandle, OUT PULONG SuspendCount OPTIONAL)
Definition: state.c:290
NTSTATUS NTAPI SmpSetProcessMuSessionId(IN HANDLE ProcessHandle, IN ULONG SessionId)
Definition: smsessn.c:199
Definition: rtltypes.h:1568
SECTION_IMAGE_INFORMATION ImageInformation
Definition: rtltypes.h:1573
Definition: btrfs_drv.h:1898
Referenced by SmpExecuteCommand(), SmpExecuteInitialCommand(), SmpInvokeAutoChk(), and SmpLoadSubSystem().
◆ SmpExecuteInitialCommand()
| NTSTATUS NTAPI SmpExecuteInitialCommand | ( | IN ULONG | MuSessionId, |
| IN PUNICODE_STRING | InitialCommand, | ||
| IN HANDLE | InitialCommandProcess, | ||
| OUT PHANDLE | ReturnPid | ||
| ) |
Definition at line 283 of file smss.c.
287{
289 RTL_USER_PROCESS_INFORMATION ProcessInfo;
292
293 /* Check if we haven't yet connected to ourselves */
295 {
296 /* Connect to ourselves, as a client */
299 {
302 }
303 }
304
305 /* Parse the initial command line */
307 &Flags,
308 &FileName,
309 &Directory,
310 &Arguments);
312 {
313 /* Fail if it doesn't exist */
317 }
318
319 /* And fail if any other reason is also true */
321 {
323 InitialCommand, Status);
325 }
326
327 /* Execute the initial command, but defer its full execution */
329 &Directory,
330 InitialCommand,
331 MuSessionId,
332 SMP_DEFERRED_FLAG,
333 &ProcessInfo);
334
335 /* Free all the token parameters */
339
340 /* Bail out if we couldn't execute the initial command */
342
343 /* Now duplicate the handle to this process */
345 ProcessInfo.ProcessHandle,
346 NtCurrentProcess(),
347 InitialCommandProcess,
348 PROCESS_ALL_ACCESS,
349 0,
350 0);
352 {
353 /* Kill it utterly if duplication failed */
360 }
361
362 /* Return PID to the caller, and set this as the initial command PID */
365
366 /* Now call our server execution function to wrap up its initialization */
370}
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
NTSTATUS NTAPI SmConnectToSm(_In_opt_ PUNICODE_STRING SbApiPortName, _In_opt_ HANDLE SbApiPort, _In_opt_ ULONG ImageType, _Out_ PHANDLE SmApiPort)
Connects to the SM API port for registering a session callback port (Sb) associated to a subsystem,...
Definition: smclient.c:57
NTSTATUS NTAPI SmExecPgm(_In_ HANDLE SmApiPort, _In_ PRTL_USER_PROCESS_INFORMATION ProcessInformation, _In_ BOOLEAN DebugFlag)
Requests the SM to start a process under a new environment session.
Definition: smclient.c:265
Referenced by _main(), and SmpStartCsr().
◆ SmpGetProcessMuSessionId()
Definition at line 168 of file smsessn.c.
170{
172 ULONG ProcessSession;
173
174 /* Query the kernel for the session ID */
177 &ProcessSession,
178 sizeof(ProcessSession),
179 NULL);
181 {
182 /* Copy it back into the buffer */
183 *SessionId = ProcessSession;
184 }
185 else
186 {
187 /* Failure -- assume session zero */
190 *SessionId = 0;
191 }
192
193 /* Return result */
195}
Referenced by SmpHandleConnectionRequest(), SmpLoadDeferedSubsystem(), and SmpSbCreateSession().
◆ SmpInit()
Definition at line 2449 of file sminit.c.
2451{
2456 ULONG HardErrorMode;
2457
2458 /* Create the SMSS Heap */
2460 0,
2463 SmpHeap = RtlGetProcessHeap();
2464
2465 /* Enable hard errors */
2466 HardErrorMode = TRUE;
2469 &HardErrorMode,
2470 sizeof(HardErrorMode));
2471
2472 /* Initialize the subsystem list and the session list, plus their locks */
2477
2478 /* Initialize the process list */
2480
2481 /* Initialize session parameters */
2482 SmpNextSessionId = 1;
2485
2486 /* Create the initial security descriptors */
2489 {
2490 /* Fail */
2493 }
2494
2495 /* Initialize subsystem names */
2499
2500 /* Create the SM API Port */
2502 InitializeObjectAttributes(&ObjectAttributes, &PortName, 0, NULL, SmpApiPortSecurityDescriptor);
2504 &ObjectAttributes,
2509 SmpDebugPort = PortHandle;
2510
2511 /* Create two SM API threads */
2513 NULL,
2514 FALSE,
2515 0,
2516 0,
2517 0,
2518 SmpApiLoop,
2519 PortHandle,
2520 NULL,
2521 NULL);
2524 NULL,
2525 FALSE,
2526 0,
2527 0,
2528 0,
2529 SmpApiLoop,
2530 PortHandle,
2531 NULL,
2532 NULL);
2534
2535 /* Create the write event that autochk can set after running */
2538 &EventName,
2539 OBJ_PERMANENT,
2540 NULL,
2541 NULL);
2543 EVENT_ALL_ACCESS,
2544 &ObjectAttributes,
2545 0,
2546 0);
2548 {
2549 /* Should never really fail */
2551 &EventName, Status2);
2553 }
2554
2555 /* Now initialize everything else based on the registry parameters */
2558 {
2559 /* Autochk should've run now. Set the event and save the CSRSS handle */
2563 }
2564
2565 /* All done */
2567}
NTSYSAPI NTSTATUS NTAPI RtlCreateUserThread(_In_ PVOID ThreadContext, _Out_ HANDLE *OutThreadHandle, _Reserved_ PVOID Reserved1, _Reserved_ PVOID Reserved2, _Reserved_ PVOID Reserved3, _Reserved_ PVOID Reserved4, _Reserved_ PVOID Reserved5, _Reserved_ PVOID Reserved6, _Reserved_ PVOID Reserved7, _Reserved_ PVOID Reserved8)
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtSetEvent(IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL)
Definition: event.c:455
NTSTATUS NTAPI NtCreateEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN EVENT_TYPE EventType, IN BOOLEAN InitialState)
Definition: event.c:96
NTSTATUS NTAPI NtCreatePort(OUT PHANDLE PortHandle, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG MaxConnectInfoLength, IN ULONG MaxDataLength, IN ULONG MaxPoolUsage)
Definition: create.c:212
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1105
ULONG NTAPI RtlCreateTagHeap(_In_ HANDLE HeapHandle, _In_ ULONG Flags, _In_opt_ PWSTR TagName, _In_ PWSTR TagSubName)
Definition: heap.c:4031
NTSTATUS NTAPI SmpLoadDataFromRegistry(OUT PUNICODE_STRING InitialCommand)
Definition: sminit.c:2243
NTSTATUS NTAPI SmpCreateSecurityDescriptors(IN BOOLEAN InitialCall)
Definition: sminit.c:975
Definition: umtypes.h:182
Definition: smmsg.h:222
Referenced by _main().
◆ SmpLoadSubSystem()
| NTSTATUS NTAPI SmpLoadSubSystem | ( | IN PUNICODE_STRING | FileName, |
| IN PUNICODE_STRING | Directory, | ||
| IN PUNICODE_STRING | CommandLine, | ||
| IN ULONG | MuSessionId, | ||
| OUT PHANDLE | ProcessId, | ||
| IN ULONG | Flags | ||
| ) |
Definition at line 138 of file smsubsys.c.
144{
146 HANDLE SubSysProcessId;
148 SB_API_MSG SbApiMsg;
149 RTL_USER_PROCESS_INFORMATION ProcessInformation;
154
155 /* Make sure this is a found subsystem */
157 {
160 }
161
162 /* Don't use a session if the flag is set */
164
165 /* Lock the subsystems while we do a look up */
168 {
169 /* Check if we found a subsystem not yet fully initialized */
170 Subsystem = SmpLocateKnownSubSysByType(MuSessionId, -1);
171 if (!Subsystem) break;
173
174 /* Wait on it to initialize */
176
177 /* Dereference it and try the next one */
179 SmpDereferenceSubsystem(Subsystem);
180 }
181
182 /* Check if this is a POSIX subsystem */
184 {
185 /* Do we already have it? */
187 }
189 {
190 /* This is an OS/2 subsystem, do we we already have it? */
192 }
193
194 /* Check if we already have one of the optional subsystems for the session */
195 if (Subsystem)
196 {
197 /* Dereference and return, no work to do */
198 SmpDereferenceSubsystem(Subsystem);
201 }
202
203 /* Allocate a new subsystem! */
205 if (!NewSubsystem)
206 {
209 }
210
211 /* Initialize its header and reference count */
212 NewSubsystem->ReferenceCount = 1;
213 NewSubsystem->MuSessionId = MuSessionId;
214 NewSubsystem->ImageType = -1;
215
216 /* Clear out all the other data for now */
222
223 /* Create the event we'll be waiting on for initialization */
225 EVENT_ALL_ACCESS,
226 NULL,
227 NotificationEvent,
228 FALSE);
230 {
231 /* This failed, bail out */
235 }
236
237 /* Insert the subsystem and release the lock. It can now be found */
240
241 /* The OS/2 and POSIX subsystems are actually Windows applications! */
243 {
244 /* Locate the Windows subsystem for this session */
245 KnownSubsystem = SmpLocateKnownSubSysByType(MuSessionId,
247 if (!KnownSubsystem)
248 {
250 goto Quickie2;
251 }
252
253 /* Fill out all the process details and call CSRSS to launch it */
256 CreateProcess->In.CommandLine = CommandLine;
263 KnownSubsystem->SbApiPort);
265 {
266 /* Handle failures */
268 Status);
269 goto Quickie2;
270 }
271
272 /* Save the process information we'll need for the create session */
277 }
278 else
279 {
280 /* This must be CSRSS itself, so just launch it and that's it */
282 Directory,
283 CommandLine,
284 MuSessionId,
286 &ProcessInformation);
288 {
289 /* Handle failures */
291 Status);
292 goto Quickie2;
293 }
294 }
295
296 /* Fill out the handle and client ID in the subsystem structure now */
299
300 /* Check if we launched a native image or a subsystem-backed image */
302 {
303 /* This must be CSRSS itself, since it's a native subsystem image */
306
307 /* Was this the initial CSRSS on Session 0? */
308 if (!MuSessionId)
309 {
310 /* Then save it in the global variables */
311 SmpWindowsSubSysProcessId = SubSysProcessId;
313 }
315 }
316 else
317 {
318 /* This is the POSIX or OS/2 subsystem process, copy its information */
319 CreateSession->ProcessInfo = ProcessInformation;
320
321 CreateSession->DbgSessionId = 0;
323
324 /* This should find CSRSS because they are POSIX or OS/2 subsystems */
325 Subsystem = SmpLocateKnownSubSysByType(MuSessionId,
327 if (!Subsystem)
328 {
329 /* Odd failure -- but handle it anyway */
331 DPRINT1("SMSS: SmpLoadSubSystem - SmpLocateKnownSubSysByType Failed with Status %lx for sessionid %lu\n",
332 Status,
333 MuSessionId);
334 goto Quickie;
335 }
336
337 /* Duplicate the parent process handle for the subsystem to have */
339 ProcessInformation.ProcessHandle,
340 Subsystem->ProcessHandle,
341 &CreateSession->ProcessInfo.ProcessHandle,
342 PROCESS_ALL_ACCESS,
343 0,
344 0);
346 {
347 /* Fail since this is critical */
348 DPRINT1("SMSS: SmpLoadSubSystem - NtDuplicateObject Failed with Status %lx for sessionid %lu\n",
349 Status,
350 MuSessionId);
351 goto Quickie;
352 }
353
354 /* Duplicate the initial thread handle for the subsystem to have */
356 ProcessInformation.ThreadHandle,
357 Subsystem->ProcessHandle,
358 &CreateSession->ProcessInfo.ThreadHandle,
359 THREAD_ALL_ACCESS,
360 0,
361 0);
363 {
364 /* Fail since this is critical */
365 DPRINT1("SMSS: SmpLoadSubSystem - NtDuplicateObject Failed with Status %lx for sessionid %lu\n",
366 Status,
367 MuSessionId);
368 goto Quickie;
369 }
370
371 /* Allocate an internal Session ID for this subsystem */
373
374 /* Send the create session message to the subsystem */
376 SbApiMsg.h.u2.ZeroInit = 0;
381 &SbApiMsg.h,
382 &SbApiMsg.h);
385 {
386 /* Delete the session and handle failure if the LPC call failed */
388 DPRINT1("SMSS: SmpLoadSubSystem - NtRequestWaitReplyPort Failed with Status %lx for sessionid %lu\n",
389 Status,
390 MuSessionId);
391 goto Quickie;
392 }
393 }
394
395 /* Okay, everything looks good to go, initialize this subsystem now! */
398 {
399 /* That didn't work -- back out of everything */
401 goto Quickie;
402 }
403
404 /* Check if this was the subsystem for a different session */
405 if (MuSessionId)
406 {
407 /* Wait up to 60 seconds for it to initialize */
408 Timeout.QuadPart = -600000000;
410
411 /* Timeout is done -- does this session still exist? */
413 {
414 /* Nope, it died. Cleanup should've ocurred in a different path. */
417 }
418
419 /* Check if we timed our or there was another error with the wait */
421 {
422 /* Something is wrong with the subsystem, so back out of everything */
423 DPRINT1("SMSS: SmpLoadSubSystem - Timeout waiting for subsystem connect with Status %lx for sessionid %lu\n",
424 Status,
425 MuSessionId);
426 goto Quickie;
427 }
428 }
429 else
430 {
431 /* This a session 0 subsystem, just wait for it to initialize */
433 }
434
435 /* Subsystem is created, resumed, and initialized. Close handles and exit */
438 goto Quickie2;
439
440Quickie:
441 /* This is the failure path. First check if we need to detach from session */
443 {
444 /* We were not attached, or did not launch subsystems that required it */
446 AttachedSessionId,
448 Status);
449 }
450 else
451 {
452 /* Get the privilege we need for detachment */
455 {
456 /* We can't detach without it */
458 AttachedSessionId,
460 Status);
461 }
462 else
463 {
464 /* Now detach from the session */
466 &AttachedSessionId,
469 {
470 /* Failed to detach. Note the DPRINT1 has a typo in Windows */
473 }
474 else
475 {
476 /* Detachment worked, reset our attached session ID */
477 AttachedSessionId = -1;
478 }
479
480 /* And release the privilege we acquired */
482 }
483 }
484
485 /* Since this is the failure path, terminate the subsystem process */
488
489Quickie2:
490 /* This is the cleanup path -- first dereference our subsystems */
494
495 /* In the failure case, destroy the new subsystem we just created */
497 {
500 SmpDereferenceSubsystem(NewSubsystem);
501 }
502
503 /* Finally, we're all done! */
506}
NTSYSAPI NTSTATUS NTAPI NtSetSystemInformation(IN INT SystemInformationClass, IN PVOID SystemInformation, IN ULONG SystemInformationLength)
MMRESULT CreateSession(DeviceType device_type, UINT device_id, SessionInfo **session_info)
Definition: session.c:63
NTSTATUS NTAPI NtRequestWaitReplyPort(IN HANDLE PortHandle, IN PPORT_MESSAGE LpcRequest, IN OUT PPORT_MESSAGE LpcReply)
Definition: send.c:695
struct _SB_CREATE_SESSION_MSG SB_CREATE_SESSION_MSG
struct _SB_API_MSG SB_API_MSG
BOOLEAN NTAPI SmpCheckDuplicateMuSessionId(IN ULONG MuSessionId)
Definition: smsessn.c:37
ULONG NTAPI SmpAllocateSessionId(IN PSMP_SUBSYSTEM Subsystem, IN PSMP_SUBSYSTEM OtherSubsystem)
Definition: smsessn.c:123
NTSTATUS NTAPI SmpAcquirePrivilege(IN ULONG Privilege, OUT PVOID *PrivilegeStat)
Definition: smutil.c:40
NTSTATUS NTAPI SmpCallCsrCreateProcess(IN PSB_API_MSG SbApiMsg, IN USHORT MessageLength, IN HANDLE PortHandle)
Definition: smsubsys.c:29
VOID NTAPI SmpDereferenceSubsystem(IN PSMP_SUBSYSTEM SubSystem)
Definition: smsubsys.c:47
PSMP_SUBSYSTEM NTAPI SmpLocateKnownSubSysByType(IN ULONG MuSessionId, IN ULONG ImageType)
Definition: smsubsys.c:102
union _SB_API_MSG::@3491::@3493::@3495 u
Definition: smmsg.h:187
Definition: smmsg.h:159
Referenced by SmpExecuteCommand().
◆ SmpLoadSubSystemsForMuSession()
| NTSTATUS NTAPI SmpLoadSubSystemsForMuSession | ( | IN PULONG | MuSessionId, |
| OUT PHANDLE | ProcessId, | ||
| IN PUNICODE_STRING | InitialCommand | ||
| ) |
Definition at line 510 of file smsubsys.c.
513{
517 PLIST_ENTRY NextEntry;
520
521 /* Write a few last registry keys with the boot partition information */
523
524 /* Process "SetupExecute" values */
527 {
528 /* Execute each one and move on */
531 NextEntry = NextEntry->Flink;
532 }
533
534 /* Now process the subsystems */
537 {
538 /* Get the entry and check if this is the special Win32k entry */
541 {
542 /* Translate it */
544 &NtPath,
545 NULL,
546 NULL))
547 {
550 }
551 else
552 {
553 /* Get the driver privilege */
556 {
557 /* Create the new session */
560 MuSessionId,
561 sizeof(*MuSessionId));
563 {
568 }
569 AttachedSessionId = *MuSessionId;
570
571 /*
572 * Start Win32k.sys on this session. Use a hardcoded value
573 * instead of the Kmode one...
574 */
578 &DestinationString,
583 {
586 }
587 }
588 }
589 }
590
591 /* Next entry */
592 NextEntry = NextEntry->Flink;
593 }
594
595 /* Now parse the required subsystem list */
598 {
599 /* Get each entry and check if it's the internal debug or not */
602 {
603 /* Load the internal debug system */
605 *MuSessionId,
606 ProcessId,
608 }
609 else
610 {
611 /* Load the required subsystem */
613 *MuSessionId,
614 ProcessId,
615 SMP_SUBSYSTEM_FLAG);
616 }
618 {
621 }
622
623 /* Move to the next entry */
624 NextEntry = NextEntry->Flink;
625 }
626
627 /* Process the "Execute" list now */
630 {
631 /* Get the custom initial command */
633
634 /* Write the initial command and wait for 5 seconds (why??!) */
635 *InitialCommand = RegEntry->Name;
636 Timeout.QuadPart = -50000000;
638 }
639 else
640 {
641 /* Use the default Winlogon initial command */
644
645 /* Check if there's a debugger for Winlogon */
646 Status2 = LdrQueryImageFileExecutionOptions(InitialCommand,
648 REG_SZ,
649 InitialCommandBuffer,
651 InitialCommand->Length,
652 NULL);
654 {
655 /* Put the debugger string with the Winlogon string */
659 }
660 }
661
662 /* Finally check if there was a custom initial command */
665 {
666 /* Execute each one */
669 NextEntry = NextEntry->Flink;
670 }
671
672 /* Return status */
674}
#define SystemExtendServiceTableInformation
Definition: DriverTester.h:35
NTSTATUS NTAPI LdrQueryImageFileExecutionOptions(IN PUNICODE_STRING SubKey, IN PCWSTR ValueName, IN ULONG Type, OUT PVOID Buffer, IN ULONG BufferSize, OUT PULONG ReturnedLength OPTIONAL)
Definition: ldrinit.c:386
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
#define UNICODE_NULL
NTSTRSAFEAPI RtlStringCbCatW(_Inout_updates_bytes_(cbDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cbDest, _In_ NTSTRSAFE_PCWSTR pszSrc)
Definition: ntstrsafe.h:636
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
VOID NTAPI SmpTranslateSystemPartitionInformation(VOID)
Definition: sminit.c:811
NTSTATUS NTAPI SmpExecuteCommand(IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, OUT PHANDLE ProcessId, IN ULONG Flags)
Definition: smss.c:210
Definition: smss.h:56
Referenced by SmpLoadDataFromRegistry(), and SmpStartCsr().
◆ SmpLocateKnownSubSysByCid()
| PSMP_SUBSYSTEM NTAPI SmpLocateKnownSubSysByCid | ( | IN PCLIENT_ID | ClientId | ) |
Definition at line 68 of file smsubsys.c.
69{
71 PLIST_ENTRY NextEntry;
72
73 /* Lock the subsystem database */
75
76 /* Loop each subsystem in the database */
79 {
80 /* Check if this one matches the client ID and is still valid */
83 !(Subsystem->Terminating))
84 {
85 /* Add a reference and return it */
86 Subsystem->ReferenceCount++;
87 break;
88 }
89
90 /* Reset the current pointer and keep searching */
91 Subsystem = NULL;
92 NextEntry = NextEntry->Flink;
93 }
94
95 /* Release the lock and return the subsystem we found */
97 return Subsystem;
98}
Referenced by SmpHandleConnectionRequest().
◆ SmpLocateKnownSubSysByType()
Definition at line 102 of file smsubsys.c.
104{
106 PLIST_ENTRY NextEntry;
107
108 /* Lock the subsystem database */
110
111 /* Loop each subsystem in the database */
114 {
115 /* Check if this one matches the image and uID, and is still valid */
118 !(Subsystem->Terminating) &&
119 (Subsystem->MuSessionId == MuSessionId))
120 {
121 /* Return it referenced for the caller */
122 Subsystem->ReferenceCount++;
123 break;
124 }
125
126 /* Reset the current pointer and keep searching */
127 Subsystem = NULL;
128 NextEntry = NextEntry->Flink;
129 }
130
131 /* Release the lock and return the subsystem we found */
133 return Subsystem;
134}
Referenced by SmpHandleConnectionRequest(), SmpLoadSubSystem(), and SmpSbCreateSession().
◆ SmpPagingFileInitialize()
Definition at line 130 of file pagefile.c.
131{
132 /* Initialize the two lists */
135}
Referenced by SmpLoadDataFromRegistry().
◆ SmpParseCommandLine()
| NTSTATUS NTAPI SmpParseCommandLine | ( | IN PUNICODE_STRING | CommandLine, |
| OUT PULONG | Flags, | ||
| OUT PUNICODE_STRING | FileName, | ||
| OUT PUNICODE_STRING | Directory, | ||
| OUT PUNICODE_STRING | Arguments | ||
| ) |
Definition at line 233 of file smutil.c.
238{
242 PWCHAR FilePart;
244 UNICODE_STRING FullPathString;
245
246 /* Initialize output arguments to NULL */
250
251 /* Check if we haven't yet built a full default path or system root yet */
253 {
254 /* Initialize it based on shared user data string */
256
257 /* Allocate an empty string for the path */
260 RtlInitEmptyUnicodeString(&FullPathString,
264 {
265 /* Append the root, system32;, and then the current library path */
270 SmpDefaultLibPath = FullPathString;
271 }
272 }
273
274 /* Consume the command line */
275 CmdLineCopy = *CommandLine;
277 {
278 /* Parse the first token and check for modifiers/specifiers */
282
283 /* Debug requested? */
285 {
286 /* Convert into a flag */
288 }
290 {
291 /* Asynch requested, convert into a flag */
293 }
295 {
296 /* Autochk requested, convert into a flag */
298 }
299 else
300 {
301 /* No specifier found, keep going */
302 break;
303 }
304
305 /* Get rid of this token and get the next */
307 }
308
309 /* Initialize a string to hold the current path */
312 RtlInitEmptyUnicodeString(&PathString,
316 {
317 /* Fail if we have no memory for this */
320 }
321
322 /* Query the path from the environment */
324 &EnvString,
325 &PathString);
327 {
328 /* Our buffer was too small, free it */
330
331 /* And allocate one big enough */
333 RtlInitEmptyUnicodeString(&PathString,
337 {
338 /* Fail if we have no memory for this */
341 }
342
343 /* Now try again, this should work */
345 &EnvString,
346 &PathString);
347 }
349 {
350 /* Another failure means that the kernel hasn't passed the path correctly */
353 }
354 else
355 {
356 /* Check if the caller expects any flags out of here */
358 {
359 /* We can return the image not found flag -- so does the image exist */
361 Token.Buffer,
363 sizeof(PathBuffer),
364 PathBuffer,
365 &FilePart)) &&
367 Token.Buffer,
369 sizeof(PathBuffer),
370 PathBuffer,
371 &FilePart)))
372 {
373 /* It doesn't, let the caller know about it and exit */
378 }
379 }
380 else
381 {
382 /* Caller doesn't want flags, probably wants the image itself */
384 }
385 }
386
387 /* Free tokens and such, all that's left is to convert the image name */
391
392 /* Convert it and bail out if this failed */
394 {
396 &PathBuffer);
398 }
400
401 /* Finally, check if the caller also wanted the directory */
403 {
404 /* Is the file a relative name with no directory? */
405 if (FilePart <= PathBuffer)
406 {
407 /* Clear it */
409 }
410 else
411 {
412 /* There is a directory, and a filename -- separate those two */
413 *--FilePart = UNICODE_NULL;
415 }
416 }
417
418 /* We are done -- move on to the second pass to get the arguments */
420}
Definition: tokenizer.hpp:28
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI ULONG NTAPI RtlDosSearchPath_U(_In_ PCWSTR Path, _In_ PCWSTR FileName, _In_ PCWSTR Extension, _In_ ULONG BufferSize, _Out_ PWSTR Buffer, _Out_ PWSTR *PartName)
NTSYSAPI NTSTATUS NTAPI RtlQueryEnvironmentVariable_U(_In_opt_ PWSTR Environment, _In_ PCUNICODE_STRING Name, _Out_ PUNICODE_STRING Value)
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NTSTRSAFEAPI RtlStringCbCopyW(_Out_writes_bytes_(cbDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cbDest, _In_ NTSTRSAFE_PCWSTR pszSrc)
Definition: ntstrsafe.h:174
#define SharedUserData
NTSTATUS NTAPI SmpParseToken(IN PUNICODE_STRING Input, IN BOOLEAN SecondPass, OUT PUNICODE_STRING Token)
Definition: smutil.c:155
Referenced by SmpCreatePagingFileDescriptor(), SmpExecuteCommand(), and SmpExecuteInitialCommand().
◆ SmpQueryRegistrySosOption()
Definition at line 424 of file smutil.c.
425{
433
434 /* Open the key */
438 &KeyName,
439 OBJ_CASE_INSENSITIVE,
440 NULL,
441 NULL);
444 {
447 }
448
449 /* Query the value */
452 &ValueName,
454 PartialInfo,
455 sizeof(ValueBuffer),
456 &Length);
461 {
465 }
466
467 /* Check if it's set to SOS or sos */
470 {
471 /* It's not set, return FALSE */
473 }
474
475 /* It's set, return TRUE */
477}
_CONST_RETURN wchar_t *__cdecl wcsstr(_In_z_ const wchar_t *_Str, _In_z_ const wchar_t *_SubStr)
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
NTSYSAPI NTSTATUS NTAPI NtQueryValueKey(IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName, IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, IN PVOID KeyValueInformation, IN ULONG Length, IN PULONG ResultLength)
Definition: nt_native.h:1165
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
Referenced by SmpInvokeAutoChk().
◆ SmpReleasePrivilege()
Definition at line 129 of file smutil.c.
130{
132
133 /* Adjust the privileges in the token */
135 FALSE,
136 State->OldPrivileges,
137 0,
138 NULL,
139 NULL);
140
141 /* Check if we used a dynamic buffer */
143 {
144 /* Free it */
146 }
147
148 /* Close the token handle and free the state structure */
151}
struct _SMP_PRIVILEGE_STATE * PSMP_PRIVILEGE_STATE
Referenced by _main(), SmpLoadSubSystem(), and SmpLoadSubSystemsForMuSession().
◆ SmpRestoreBootStatusData()
Definition at line 531 of file smutil.c.
533{
535 PVOID BootState;
536
537 /* Lock the BSD */
540 {
541 /* Write the bootokay and bootshutdown values */
542 RtlGetSetBootStatusData(BootState,
543 FALSE,
544 RtlBsdItemBootGood,
545 &BootOkay,
546 sizeof(BootOkay),
547 NULL);
548 RtlGetSetBootStatusData(BootState,
549 FALSE,
551 &ShutdownOkay,
552 sizeof(ShutdownOkay),
553 NULL);
554
555 /* Unlock the BSD and return */
556 RtlUnlockBootStatusData(BootState);
557 }
558}
NTSTATUS NTAPI RtlLockBootStatusData(_Out_ PHANDLE FileHandle)
Definition: bootdata.c:231
NTSTATUS NTAPI RtlGetSetBootStatusData(_In_ HANDLE FileHandle, _In_ BOOLEAN Read, _In_ RTL_BSD_ITEM_TYPE DataClass, _In_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnLength)
Definition: bootdata.c:161
NTSTATUS NTAPI RtlUnlockBootStatusData(_In_ HANDLE FileHandle)
Definition: bootdata.c:267
Referenced by SmpInvokeAutoChk().
◆ SmpSaveAndClearBootStatusData()
Definition at line 481 of file smutil.c.
483{
486 PVOID BootStatusDataHandle;
487
488 /* Assume failure */
489 *BootOkay = FALSE;
490 *ShutdownOkay = FALSE;
491
492 /* Lock the BSD and fail if we couldn't */
495
496 /* Read the old settings */
497 RtlGetSetBootStatusData(BootStatusDataHandle,
498 TRUE,
499 RtlBsdItemBootGood,
500 BootOkay,
502 NULL);
503 RtlGetSetBootStatusData(BootStatusDataHandle,
504 TRUE,
506 ShutdownOkay,
508 NULL);
509
510 /* Set new ones indicating we got at least this far */
511 RtlGetSetBootStatusData(BootStatusDataHandle,
512 FALSE,
513 RtlBsdItemBootGood,
514 &Value,
516 NULL);
517 RtlGetSetBootStatusData(BootStatusDataHandle,
518 FALSE,
520 &Value,
522 NULL);
523
524 /* Unlock the BSD and return */
525 RtlUnlockBootStatusData(BootStatusDataHandle);
527}
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:413
Referenced by SmpInvokeAutoChk().
◆ SmpSbCreateSession()
| NTSTATUS NTAPI SmpSbCreateSession | ( | IN PVOID | Reserved, |
| IN PSMP_SUBSYSTEM | OtherSubsystem, | ||
| IN PRTL_USER_PROCESS_INFORMATION | ProcessInformation, | ||
| IN ULONG | DbgSessionId, | ||
| IN PCLIENT_ID | DbgUiClientId | ||
| ) |
Definition at line 36 of file smsbapi.c.
41{
43 ULONG SubSystemType = ProcessInformation->ImageInformation.SubSystemType;
44 ULONG MuSessionId;
46 PSMP_SUBSYSTEM KnownSubsys;
47 SB_API_MSG SbApiMsg = {0};
49
50 /* Write out the create session message including its initial process */
51 CreateSessionMsg->ProcessInfo = *ProcessInformation;
52 CreateSessionMsg->DbgSessionId = DbgSessionId;
53 if (DbgUiClientId)
54 {
55 CreateSessionMsg->DbgUiClientId = *DbgUiClientId;
56 }
57 else
58 {
61 }
62
63 /* Find a subsystem responsible for this session */
64 SmpGetProcessMuSessionId(ProcessInformation->ProcessHandle, &MuSessionId);
66 {
67 NtClose(ProcessInformation->ProcessHandle);
68 NtClose(ProcessInformation->ThreadHandle);
71 }
72
73 /* Find the subsystem suitable for this initial process */
74 KnownSubsys = SmpLocateKnownSubSysByType(MuSessionId, SubSystemType);
75 if (KnownSubsys)
76 {
77 /* Duplicate the process handle into the message */
79 ProcessInformation->ProcessHandle,
80 KnownSubsys->ProcessHandle,
83 0,
84 0);
86 {
87 /* Duplicate the thread handle into the message */
89 ProcessInformation->ThreadHandle,
90 KnownSubsys->ProcessHandle,
93 0,
94 0);
96 {
97 /* Close everything on failure */
98 NtClose(ProcessInformation->ProcessHandle);
99 NtClose(ProcessInformation->ThreadHandle);
100 SmpDereferenceSubsystem(KnownSubsys);
103 }
104
105 /* Close the original handles as they are no longer needed */
106 NtClose(ProcessInformation->ProcessHandle);
107 NtClose(ProcessInformation->ThreadHandle);
108
109 /* Finally, allocate a new SMSS session ID for this session */
112
113 /* Fill out the LPC message header and send it to the client! */
115 SbApiMsg.h.u2.ZeroInit = 0;
119 &SbApiMsg.h,
120 &SbApiMsg.h);
122 {
123 /* Bail out */
125 }
126 else
127 {
128 /* If the API succeeded, get the result value from the LPC */
130 }
131
132 /* Delete the session on any kind of failure */
134 }
135 else
136 {
137 /* Close the handles on failure */
139 NtClose(ProcessInformation->ProcessHandle);
140 NtClose(ProcessInformation->ThreadHandle);
141 }
142
143 /* Dereference the subsystem and return the status of the LPC call */
144 SmpDereferenceSubsystem(KnownSubsys);
146 }
147
148 /* If we don't yet have a subsystem, only native images can be launched */
150 {
151 /* Fail */
152#if DBG
155
157 SubSysName = SmpSubSystemNames[SubSystemType];
158 if (!SubSysName)
159 {
160 SubSysName = SubSysTypeName;
162 }
164#endif
166 NtClose(ProcessInformation->ProcessHandle);
167 NtClose(ProcessInformation->ThreadHandle);
169 }
170
171#if 0
172 /*
173 * This code is part of the LPC-based legacy debugging support for native
174 * applications, implemented with the debug client interface (DbgUi) and
175 * debug subsystem (DbgSs). It is now vestigial since WinXP+ and is here
176 * for informational purposes only.
177 */
179 {
182 {
184 ProcessInformation->ClientId.UniqueProcess,
185 ProcessInformation->ClientId.UniqueThread);
186 NtClose(ProcessInformation->ProcessHandle);
187 NtClose(ProcessInformation->ThreadHandle);
189 }
190
192 Process->ClientId = ProcessInformation->ClientId;
195 Process->ClientId.UniqueProcess,
196 Process->ClientId.UniqueThread);
197
199 ProcessDebugPort,
200 &SmpDebugPort,
203 }
204#endif
205
206 /* This is a native application being started as the initial command */
208 NtClose(ProcessInformation->ProcessHandle);
210 NtClose(ProcessInformation->ThreadHandle);
212}
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
NTSTATUS NTAPI SmpGetProcessMuSessionId(IN HANDLE ProcessHandle, OUT PULONG SessionId)
Definition: smsessn.c:168
VOID NTAPI SmpDereferenceSubsystem(IN PSMP_SUBSYSTEM SubSystem)
Definition: smsubsys.c:47
PSMP_SUBSYSTEM NTAPI SmpLocateKnownSubSysByType(IN ULONG MuSessionId, IN ULONG ImageType)
Definition: smsubsys.c:102
Referenced by SmpExecPgm().
◆ SmpSetProcessMuSessionId()
Definition at line 199 of file smsessn.c.
201{
203
204 /* Tell the kernel about the session ID */
207 &SessionId,
210 {
213 }
214
215 /* Return */
217}
Referenced by SmpExecuteImage().
◆ SmpTerminate()
| NTSTATUS NTAPI SmpTerminate | ( | IN PULONG_PTR | Parameters, |
| IN ULONG | ParameterMask, | ||
| IN ULONG | ParameterCount | ||
| ) |
Definition at line 374 of file smss.c.
377{
379 BOOLEAN Old;
381
382 /* Give the shutdown privilege to the thread */
384 STATUS_NO_TOKEN)
385 {
386 /* Thread doesn't have a token, give it to the entire process */
388 }
389
390 /* Take down the process/machine with a hard error */
392 ParameterCount,
393 ParameterMask,
394 Parameters,
395 OptionShutdownSystem,
396 &Response);
397
398 /* Terminate the process if the hard error didn't already */
400}
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:551
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
Definition: ncftp.h:89
_Must_inspect_result_ _In_ WDFQUEUE _In_opt_ WDFREQUEST _In_opt_ WDFFILEOBJECT _Inout_opt_ PWDF_REQUEST_PARAMETERS Parameters
Definition: wdfio.h:869
Referenced by _main(), SmpInitializeKnownDllsInternal(), and SmpUnhandledExceptionFilter().
◆ SmpTranslateSystemPartitionInformation()
Definition at line 811 of file sminit.c.
812{
818 size_t StrLength;
824
825 /* Open the setup key */
828 &UnicodeString,
829 OBJ_CASE_INSENSITIVE,
830 NULL,
831 NULL);
834 {
836 return;
837 }
838
839 /* Query the system partition */
842 &UnicodeString,
844 PartialInfo,
845 sizeof(ValueBuffer),
846 &Length);
850 {
852 PartialInfo->Type, Status);
853 return;
854 }
855
856 /* Initialize the system partition string */
857 RtlInitEmptyUnicodeString(&SystemPartition,
858 (PWCHAR)PartialInfo->Data,
859 PartialInfo->DataLength);
861 SystemPartition.MaximumLength,
862 &StrLength);
864
865 /* Enumerate the directory looking for the symbolic link string */
869 DirInfo,
870 sizeof(DirInfoBuffer),
871 TRUE,
872 TRUE,
873 &Context,
874 NULL);
876 {
878 return;
879 }
880
881 /* Keep searching until we find it */
882 do
883 {
884 /* Is this it? */
888 {
889 /* Looks like we found it, open the link to get its target */
891 &DirInfo->Name,
892 OBJ_CASE_INSENSITIVE,
894 NULL);
897 &ObjectAttributes);
899 {
900 /* Open worked, query the target now */
902 &LinkTarget,
903 NULL);
904 NtClose(LinkHandle);
905
906 /* Check if it matches the string we had found earlier */
909 &LinkTarget,
910 TRUE)) ||
912 &LinkTarget,
913 TRUE)) &&
915 {
916 /* All done */
917 break;
918 }
919 }
920 }
921
922 /* Couldn't find it, try again */
924 DirInfo,
925 sizeof(DirInfoBuffer),
926 TRUE,
927 FALSE,
928 &Context,
929 NULL);
932 {
934 return;
935 }
936
937 /* Open the setup key again, for full access this time */
941 &UnicodeString,
942 OBJ_CASE_INSENSITIVE,
943 NULL,
944 NULL);
947 {
949 Status);
950 return;
951 }
952
953 /* Wrap up the end of the link buffer */
954 wcsncpy(LinkBuffer, DirInfo->Name.Buffer, 2);
957
958 /* Now set this as the "BootDir" */
961 &UnicodeString,
962 0,
963 REG_SZ,
964 LinkBuffer,
967 {
969 }
971}
struct _OBJECT_DIRECTORY_INFORMATION OBJECT_DIRECTORY_INFORMATION
NTSYSAPI NTSTATUS NTAPI NtSetValueKey(IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName, IN ULONG TitleIndex OPTIONAL, IN ULONG Type, IN PVOID Data, IN ULONG DataSize)
Definition: ntapi.c:859
struct _KEY_VALUE_PARTIAL_INFORMATION KEY_VALUE_PARTIAL_INFORMATION
NTSYSAPI BOOLEAN NTAPI RtlPrefixUnicodeString(IN PUNICODE_STRING String1, IN PUNICODE_STRING String2, IN BOOLEAN CaseInSensitive)
_Must_inspect_result_ NTSTRSAFEAPI RtlStringCbLengthW(_In_reads_or_z_(cbMax/sizeof(wchar_t)) STRSAFE_LPCWSTR psz, _In_ _In_range_(1, NTSTRSAFE_MAX_CCH *sizeof(wchar_t)) size_t cbMax, _Out_opt_ _Deref_out_range_(<, cbMax - 1) size_t *pcbLength)
Definition: ntstrsafe.h:1641
NTSTATUS NTAPI NtQueryDirectoryObject(IN HANDLE DirectoryHandle, OUT PVOID Buffer, IN ULONG BufferLength, IN BOOLEAN ReturnSingleEntry, IN BOOLEAN RestartScan, IN OUT PULONG Context, OUT PULONG ReturnLength OPTIONAL)
Definition: obdir.c:490
NTSTATUS NTAPI NtQuerySymbolicLinkObject(IN HANDLE LinkHandle, OUT PUNICODE_STRING LinkTarget, OUT PULONG ResultLength OPTIONAL)
Definition: oblink.c:903
NTSTATUS NTAPI NtOpenSymbolicLinkObject(OUT PHANDLE LinkHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: oblink.c:831
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
Definition: compobj.c:4795
Definition: ntobjfs.cpp:135
Definition: obtypes.h:277
Referenced by SmpLoadSubSystemsForMuSession().
Variable Documentation
◆ AttachedSessionId
|
extern |
Definition at line 21 of file smss.c.
Referenced by _main(), SmpLoadSubSystem(), and SmpLoadSubSystemsForMuSession().
◆ RegPosixSingleInstance
|
extern |
Definition at line 22 of file smsubsys.c.
Referenced by SmpConfigureSubSystems().
◆ SmBaseTag
|
extern |
Definition at line 26 of file sminit.c.
Referenced by SmpConfigureEnvironment(), SmpInit(), SmpInitializeKnownDllPath(), SmpLoadSubSystem(), SmpParseCommandLine(), SmpParseToken(), SmpProcessFileRenames(), SmpSaveRegistryValue(), and SmpSbCreateSession().
◆ SmpASyncKeyword
| UNICODE_STRING SmpASyncKeyword |
Definition at line 90 of file smss.h.
Referenced by SmpLoadDataFromRegistry().
◆ SmpAutoChkKeyword
| UNICODE_STRING SmpAutoChkKeyword |
Definition at line 90 of file smss.h.
Referenced by SmpLoadDataFromRegistry().
◆ SmpDbgSsLoaded
|
extern |
Definition at line 30 of file smsessn.c.
Referenced by SmpInit(), and SmpSbCreateSession().
◆ SmpDebug
|
extern |
Definition at line 22 of file smss.c.
Referenced by _main(), SmExecuteProgram(), SmpExecuteImage(), and SmpLoadSubSystem().
◆ SmpDebugKeyword
|
extern |
Definition at line 34 of file smutil.c.
Referenced by SmpLoadDataFromRegistry(), and SmpParseCommandLine().
◆ SmpDefaultEnvironment
|
extern |
Definition at line 28 of file sminit.c.
Referenced by SmExecuteProgram(), SmpExecuteImage(), SmpLoadDataFromRegistry(), and SmpParseCommandLine().
◆ SmpDefaultLibPath
|
extern |
Definition at line 29 of file sminit.c.
Referenced by SmpConfigureEnvironment(), SmpExecuteImage(), SmpLoadSubSystem(), and SmpParseCommandLine().
◆ SmpExecuteList
|
extern |
Definition at line 23 of file sminit.c.
Referenced by SmpLoadDataFromRegistry(), and SmpLoadSubSystemsForMuSession().
◆ SmpHeap
|
extern |
Definition at line 25 of file sminit.c.
Referenced by SmpAcquirePrivilege(), SmpAllocateSessionId(), SmpDeleteSession(), SmpDereferenceSubsystem(), SmpHandleConnectionRequest(), SmpInit(), SmpLoadSubSystem(), SmpParseCommandLine(), SmpParseToken(), SmpReleasePrivilege(), and SmpSbCreateSession().
◆ SmpKnownSubSysHead
|
extern |
Definition at line 19 of file smsubsys.c.
Referenced by SmpCheckDuplicateMuSessionId(), SmpInit(), SmpLoadSubSystem(), SmpLocateKnownSubSysByCid(), and SmpLocateKnownSubSysByType().
◆ SmpKnownSubSysLock
|
extern |
Definition at line 18 of file smsubsys.c.
Referenced by SmpCheckDuplicateMuSessionId(), SmpDereferenceSubsystem(), SmpInit(), SmpLoadSubSystem(), SmpLocateKnownSubSysByCid(), and SmpLocateKnownSubSysByType().
◆ SmpNextSessionId
|
extern |
Definition at line 28 of file smsessn.c.
Referenced by SmpAllocateSessionId(), and SmpInit().
◆ SmpNextSessionIdScanMode
|
extern |
Definition at line 29 of file smsessn.c.
Referenced by SmpAllocateSessionId(), and SmpInit().
◆ SmpSessionListHead
|
extern |
Definition at line 27 of file smsessn.c.
Referenced by SmpAllocateSessionId(), SmpInit(), and SmpSessionIdToSession().
◆ SmpSessionListLock
|
extern |
Definition at line 26 of file smsessn.c.
Referenced by SmpAllocateSessionId(), SmpDeleteSession(), and SmpInit().
◆ SmpSessionsObjectDirectory
|
extern |
Definition at line 31 of file smsessn.c.
Referenced by SmpLoadDataFromRegistry().
◆ SmpSetupExecuteList
|
extern |
Definition at line 19 of file sminit.c.
Referenced by SmpLoadDataFromRegistry(), and SmpLoadSubSystemsForMuSession().
◆ SmpSubSystemList
|
extern |
Definition at line 22 of file sminit.c.
Referenced by SmpLoadDataFromRegistry(), and SmpLoadSubSystemsForMuSession().
◆ SmpSubSystemsToDefer
|
extern |
Definition at line 22 of file sminit.c.
Referenced by SmpConfigureSubSystems(), SmpLoadDataFromRegistry(), and SmpLoadDeferedSubsystem().
◆ SmpSubSystemsToLoad
|
extern |
Definition at line 22 of file sminit.c.
Referenced by SmpConfigureSubSystems(), SmpLoadDataFromRegistry(), and SmpLoadSubSystemsForMuSession().
◆ SmpSystemRoot
|
extern |
Definition at line 20 of file smss.c.
Referenced by SmpParseCommandLine().
◆ SmpWindowsSubSysProcess
|
extern |
Definition at line 20 of file smsubsys.c.
Referenced by SmpInit(), and SmpLoadSubSystem().
◆ SmpWindowsSubSysProcessId
|
extern |
Definition at line 21 of file smsubsys.c.
Referenced by SmpLoadDataFromRegistry(), and SmpLoadSubSystem().
