#include <stdio.h>
#include <windef.h>
#include <winbase.h>
#include <winreg.h>
#include <ndk/cmfuncs.h>
#include <ndk/exfuncs.h>
#include <ndk/iofuncs.h>
#include <ndk/kefuncs.h>
#include <ndk/lpcfuncs.h>
#include <ndk/mmfuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/setypes.h>
#include <ndk/umfuncs.h>
#include <ntstrsafe.h>
#include <sm/smmsg.h>

Include dependency graph for smss.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes
struct	_SMP_REGISTRY_VALUE

struct	_SMP_SUBSYSTEM

Macros
#define	WIN32_NO_STATUS

#define	NTOS_MODE_USER

#define	SMP_DEBUG_FLAG 0x01

#define	SMP_ASYNC_FLAG 0x02

#define	SMP_AUTOCHK_FLAG 0x04

#define	SMP_SUBSYSTEM_FLAG 0x08

#define	SMP_INVALID_PATH 0x10

#define	SMP_DEFERRED_FLAG 0x20

#define	SMP_POSIX_FLAG 0x100

#define	SMP_OS2_FLAG 0x200

Typedefs
typedef struct _SMP_REGISTRY_VALUE	SMP_REGISTRY_VALUE

typedef struct _SMP_REGISTRY_VALUE *	PSMP_REGISTRY_VALUE

typedef struct _SMP_SUBSYSTEM	SMP_SUBSYSTEM

typedef struct _SMP_SUBSYSTEM *	PSMP_SUBSYSTEM

Functions
BOOLEAN NTAPI	SmpCheckForCrashDump (IN PUNICODE_STRING FileName)

VOID NTAPI	SmpPagingFileInitialize (VOID)

NTSTATUS NTAPI	SmpCreatePagingFileDescriptor (IN PUNICODE_STRING PageFileToken)

NTSTATUS NTAPI	SmpCreatePagingFiles (VOID)

VOID NTAPI	SmpTranslateSystemPartitionInformation (VOID)

NTSTATUS NTAPI	SmpCreateSecurityDescriptors (IN BOOLEAN InitialCall)

NTSTATUS NTAPI	SmpInit (IN PUNICODE_STRING InitialCommand, OUT PHANDLE ProcessHandle)

ULONG NTAPI	SmpApiLoop (IN PVOID Parameter)

NTSTATUS NTAPI	SmpSbCreateSession (IN PVOID Reserved, IN PSMP_SUBSYSTEM OtherSubsystem, IN PRTL_USER_PROCESS_INFORMATION ProcessInformation, IN ULONG DbgSessionId, IN PCLIENT_ID DbgUiClientId)

BOOLEAN NTAPI	SmpCheckDuplicateMuSessionId (IN ULONG MuSessionId)

VOID NTAPI	SmpDeleteSession (IN ULONG SessionId)

ULONG NTAPI	SmpAllocateSessionId (IN PSMP_SUBSYSTEM Subsystem, IN PSMP_SUBSYSTEM OtherSubsystem)

NTSTATUS NTAPI	SmpGetProcessMuSessionId (IN HANDLE ProcessHandle, OUT PULONG SessionId)

NTSTATUS NTAPI	SmpSetProcessMuSessionId (IN HANDLE ProcessHandle, IN ULONG SessionId)

NTSTATUS NTAPI	SmpExecuteImage (IN PUNICODE_STRING FileName, IN PUNICODE_STRING Directory, IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, IN ULONG Flags, IN PRTL_USER_PROCESS_INFORMATION ProcessInformation)

NTSTATUS NTAPI	SmpExecuteCommand (IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, OUT PHANDLE ProcessId, IN ULONG Flags)

NTSTATUS NTAPI	SmpExecuteInitialCommand (IN ULONG MuSessionId, IN PUNICODE_STRING InitialCommand, IN HANDLE InitialCommandProcess, OUT PHANDLE ReturnPid)

NTSTATUS NTAPI	SmpTerminate (IN PULONG_PTR Parameters, IN ULONG ParameterMask, IN ULONG ParameterCount)

VOID NTAPI	SmpDereferenceSubsystem (IN PSMP_SUBSYSTEM SubSystem)

PSMP_SUBSYSTEM NTAPI	SmpLocateKnownSubSysByCid (IN PCLIENT_ID ClientId)

PSMP_SUBSYSTEM NTAPI	SmpLocateKnownSubSysByType (IN ULONG MuSessionId, IN ULONG ImageType)

NTSTATUS NTAPI	SmpLoadSubSystem (IN PUNICODE_STRING FileName, IN PUNICODE_STRING Directory, IN PUNICODE_STRING CommandLine, IN ULONG MuSessionId, OUT PHANDLE ProcessId, IN ULONG Flags)

NTSTATUS NTAPI	SmpLoadSubSystemsForMuSession (IN PULONG MuSessionId, OUT PHANDLE ProcessId, IN PUNICODE_STRING InitialCommand)

NTSTATUS NTAPI	SmpAcquirePrivilege (IN ULONG Privilege, OUT PVOID *PrivilegeStat)

VOID NTAPI	SmpReleasePrivilege (IN PVOID State)

NTSTATUS NTAPI	SmpParseCommandLine (IN PUNICODE_STRING CommandLine, OUT PULONG Flags, OUT PUNICODE_STRING FileName, OUT PUNICODE_STRING Directory, OUT PUNICODE_STRING Arguments)

BOOLEAN NTAPI	SmpQueryRegistrySosOption (VOID)

BOOLEAN NTAPI	SmpSaveAndClearBootStatusData (OUT PBOOLEAN BootOkay, OUT PBOOLEAN ShutdownOkay)

VOID NTAPI	SmpRestoreBootStatusData (IN BOOLEAN BootOkay, IN BOOLEAN ShutdownOkay)

Variables
RTL_CRITICAL_SECTION	SmpKnownSubSysLock

LIST_ENTRY	SmpKnownSubSysHead

RTL_CRITICAL_SECTION	SmpSessionListLock

LIST_ENTRY	SmpSessionListHead

ULONG	SmpNextSessionId

BOOLEAN	SmpNextSessionIdScanMode

BOOLEAN	SmpDbgSsLoaded

HANDLE	SmpWindowsSubSysProcess

HANDLE	SmpSessionsObjectDirectory

HANDLE	SmpWindowsSubSysProcessId

BOOLEAN	RegPosixSingleInstance

UNICODE_STRING	SmpDebugKeyword

UNICODE_STRING	SmpASyncKeyword

UNICODE_STRING	SmpAutoChkKeyword

PVOID	SmpHeap

ULONG	SmBaseTag

UNICODE_STRING	SmpSystemRoot

PWCHAR	SmpDefaultEnvironment

UNICODE_STRING	SmpDefaultLibPath

LIST_ENTRY	SmpSetupExecuteList

LIST_ENTRY	SmpSubSystemList

LIST_ENTRY	SmpSubSystemsToLoad

LIST_ENTRY	SmpSubSystemsToDefer

LIST_ENTRY	SmpExecuteList

ULONG	AttachedSessionId

BOOLEAN	SmpDebug

Macro Definition Documentation

◆ NTOS_MODE_USER

#define NTOS_MODE_USER

Definition at line 24 of file smss.h.

◆ SMP_ASYNC_FLAG

#define SMP_ASYNC_FLAG 0x02

Definition at line 45 of file smss.h.

◆ SMP_AUTOCHK_FLAG

#define SMP_AUTOCHK_FLAG 0x04

Definition at line 46 of file smss.h.

◆ SMP_DEBUG_FLAG

#define SMP_DEBUG_FLAG 0x01

Definition at line 44 of file smss.h.

◆ SMP_DEFERRED_FLAG

#define SMP_DEFERRED_FLAG 0x20

Definition at line 49 of file smss.h.

◆ SMP_INVALID_PATH

#define SMP_INVALID_PATH 0x10

Definition at line 48 of file smss.h.

◆ SMP_OS2_FLAG

#define SMP_OS2_FLAG 0x200

Definition at line 51 of file smss.h.

◆ SMP_POSIX_FLAG

#define SMP_POSIX_FLAG 0x100

Definition at line 50 of file smss.h.

◆ SMP_SUBSYSTEM_FLAG

#define SMP_SUBSYSTEM_FLAG 0x08

Definition at line 47 of file smss.h.

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 19 of file smss.h.

Typedef Documentation

◆ PSMP_REGISTRY_VALUE

typedef struct _SMP_REGISTRY_VALUE * PSMP_REGISTRY_VALUE

◆ PSMP_SUBSYSTEM

typedef struct _SMP_SUBSYSTEM * PSMP_SUBSYSTEM

◆ SMP_REGISTRY_VALUE

typedef struct _SMP_REGISTRY_VALUE SMP_REGISTRY_VALUE

◆ SMP_SUBSYSTEM

typedef struct _SMP_SUBSYSTEM SMP_SUBSYSTEM

Function Documentation

◆ SmpAcquirePrivilege()

NTSTATUS NTAPI SmpAcquirePrivilege	(	IN ULONG	Privilege,
		OUT PVOID *	PrivilegeStat
	)

Definition at line 40 of file smutil.c.

 {
     PSMP_PRIVILEGE_STATE State;
     ULONG Size;
     NTSTATUS Status;
 
     /* Assume failure */
     *PrivilegeState = NULL;
 
     /* Acquire the state structure to hold everything we need */
     State = RtlAllocateHeap(SmpHeap,
                             0,
                             sizeof(SMP_PRIVILEGE_STATE) +
                             sizeof(TOKEN_PRIVILEGES) +
                             sizeof(LUID_AND_ATTRIBUTES));
     if (!State) return STATUS_NO_MEMORY;
 
     /* Open our token */
     Status = NtOpenProcessToken(NtCurrentProcess(),
                                 TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
                                 &State->TokenHandle);
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         RtlFreeHeap(SmpHeap, 0, State);
         return Status;
     }
 
     /* Set one privilege in the enabled state */
     State->NewPrivileges = &State->NewBuffer;
     State->OldPrivileges = (PTOKEN_PRIVILEGES)&State->OldBuffer;
     State->NewPrivileges->PrivilegeCount = 1;
     State->NewPrivileges->Privileges[0].Luid = RtlConvertUlongToLuid(Privilege);
     State->NewPrivileges->Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
 
     /* Adjust the privileges in the token */
     Size = sizeof(State->OldBuffer);
     Status = NtAdjustPrivilegesToken(State->TokenHandle,
                                      FALSE,
                                      State->NewPrivileges,
                                      Size,
                                      State->OldPrivileges,
                                      &Size);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         /* Our static buffer is not big enough, allocate a bigger one */
         State->OldPrivileges = RtlAllocateHeap(SmpHeap, 0, Size);
         if (!State->OldPrivileges)
         {
             /* Out of memory, fail */
             Status = STATUS_NO_MEMORY;
             goto Quickie;
         }
 
         /* Now try again */
         Status = NtAdjustPrivilegesToken(State->TokenHandle,
                                          FALSE,
                                          State->NewPrivileges,
                                          Size,
                                          State->OldPrivileges,
                                          &Size);
     }
 
     /* Normalize failure code and check for success */
     if (Status == STATUS_NOT_ALL_ASSIGNED) Status = STATUS_PRIVILEGE_NOT_HELD;
     if (NT_SUCCESS(Status))
     {
         /* We got the privilege, return */
         *PrivilegeState = State;
         return STATUS_SUCCESS;
     }
 
 Quickie:
     /* Check if we used a dynamic buffer */
     if (State->OldPrivileges != (PTOKEN_PRIVILEGES)&State->OldBuffer)
     {
         /* Free it */
         RtlFreeHeap(SmpHeap, 0, State->OldPrivileges);
     }
 
     /* Close the token handle and free the state structure */
     NtClose(State->TokenHandle);
     RtlFreeHeap(SmpHeap, 0, State);
     return Status;
 }

Referenced by _main(), SmpLoadSubSystem(), and SmpLoadSubSystemsForMuSession().

◆ SmpAllocateSessionId()

ULONG NTAPI SmpAllocateSessionId	(	IN PSMP_SUBSYSTEM	Subsystem,
		IN PSMP_SUBSYSTEM	OtherSubsystem
	)

Definition at line 123 of file smsessn.c.

 {
     ULONG SessionId;
     PSMP_SESSION Session;
 
     /* Allocate a new ID while under the lock */
     RtlEnterCriticalSection(&SmpSessionListLock);
     SessionId = SmpNextSessionId++;
 
     /* Check for overflow */
     if (SmpNextSessionIdScanMode)
     {
         /* Break if it happened */
         UNIMPLEMENTED_DBGBREAK("SMSS: SessionId's Wrapped\n");
     }
     else
     {
         /* Detect it for next time */
         if (!SmpNextSessionId)
             SmpNextSessionIdScanMode = TRUE;
     }
 
     /* Allocate a session structure */
     Session = RtlAllocateHeap(SmpHeap, 0, sizeof(SMP_SESSION));
     if (Session)
     {
         /* Write the session data and insert it into the session list */
         Session->Subsystem = Subsystem;
         Session->SessionId = SessionId;
         Session->OtherSubsystem = OtherSubsystem;
         InsertTailList(&SmpSessionListHead, &Session->Entry);
     }
     else
     {
         DPRINT1("SMSS: Unable to keep track of session ID -- no memory available\n");
     }
 
     /* Release the session lock */
     RtlLeaveCriticalSection(&SmpSessionListLock);
     return SessionId;
 }

Referenced by SmpLoadSubSystem(), and SmpSbCreateSession().

◆ SmpApiLoop()

ULONG NTAPI SmpApiLoop ( IN PVOID Parameter )

Definition at line 423 of file smloop.c.

 {
     HANDLE SmApiPort = (HANDLE)Parameter;
     NTSTATUS Status;
     PSMP_CLIENT_CONTEXT ClientContext;
     PSM_API_MSG ReplyMsg = NULL;
     SM_API_MSG RequestMsg;
     PROCESS_BASIC_INFORMATION ProcessInformation;
     LARGE_INTEGER Timeout;
 
     /* Increase the number of API threads for throttling code for later */
     _InterlockedExchangeAdd(&SmTotalApiThreads, 1);
 
     /* Mark us critical */
     RtlSetThreadIsCritical(TRUE, NULL, TRUE);
 
     /* Set the PID of the SM process itself for later checking */
     NtQueryInformationProcess(NtCurrentProcess(),
                               ProcessBasicInformation,
                               &ProcessInformation,
                               sizeof(ProcessInformation),
                               NULL);
     SmUniqueProcessId = (HANDLE)ProcessInformation.UniqueProcessId;
 
     /* Now process incoming messages */
     while (TRUE)
     {
         /* Begin waiting on a request */
         Status = NtReplyWaitReceivePort(SmApiPort,
                                         (PVOID*)&ClientContext,
                                         &ReplyMsg->h,
                                         &RequestMsg.h);
         if (Status == STATUS_NO_MEMORY)
         {
             /* Ran out of memory, so do a little timeout and try again */
             if (ReplyMsg) DPRINT1("SMSS: Failed to reply to calling thread, retrying.\n");
             Timeout.QuadPart = -50000000;
             NtDelayExecution(FALSE, &Timeout);
             continue;
         }
 
         /* Check what kind of request we received */
         switch (RequestMsg.h.u2.s2.Type)
         {
             /* A new connection */
             case LPC_CONNECTION_REQUEST:
                 /* Create the right structures for it */
                 SmpHandleConnectionRequest(SmApiPort, (PSB_API_MSG)&RequestMsg);
                 ReplyMsg = NULL;
                 break;
 
             /* A closed connection */
             case LPC_PORT_CLOSED:
                 /* Destroy any state we had for this client */
                 DPRINT1("Port closed\n");
                 //if (ClientContext) SmpPushDeferredClientContext(ClientContext);
                 ReplyMsg = NULL;
                 break;
 
             /* An actual API message */
             default:
                 if (!ClientContext)
                 {
                     ReplyMsg = NULL;
                     break;
                 }
 
                 RequestMsg.ReturnValue = STATUS_PENDING;
 
                 /* Check if the API is valid */
                 if (RequestMsg.ApiNumber >= SmpMaxApiNumber)
                 {
                     /* It isn't, fail */
                     DPRINT1("Invalid API: %lx\n", RequestMsg.ApiNumber);
                     Status = STATUS_NOT_IMPLEMENTED;
                 }
                 else if ((RequestMsg.ApiNumber <= SmpTerminateForeignSessionApi) &&
                          !(ClientContext->Subsystem))
                 {
                     /* It's valid, but doesn't have a subsystem with it */
                     DPRINT1("Invalid session API\n");
                     Status = STATUS_INVALID_PARAMETER;
                 }
                 else
                 {
                     /* It's totally okay, so call the dispatcher for it */
                     Status = SmpApiDispatch[RequestMsg.ApiNumber](&RequestMsg,
                                                                   ClientContext,
                                                                   SmApiPort);
                 }
 
                 /* Write the result value and return the message back */
                 RequestMsg.ReturnValue = Status;
                 ReplyMsg = &RequestMsg;
                 break;
         }
     }
     return STATUS_SUCCESS;
 }

Referenced by SmpInit().

◆ SmpCheckDuplicateMuSessionId()

BOOLEAN NTAPI SmpCheckDuplicateMuSessionId ( IN ULONG MuSessionId )

Definition at line 37 of file smsessn.c.

 {
     PSMP_SUBSYSTEM Subsystem;
     BOOLEAN FoundDuplicate = FALSE;
     PLIST_ENTRY NextEntry;
 
     /* Lock the subsystem database */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
 
     /* Scan each entry */
     NextEntry = SmpKnownSubSysHead.Flink;
     while (NextEntry != &SmpKnownSubSysHead)
     {
         /* Check if this entry has the same session ID */
         Subsystem = CONTAINING_RECORD(NextEntry, SMP_SUBSYSTEM, Entry);
         if (Subsystem->MuSessionId == MuSessionId)
         {
             /* Break out of here! */
             FoundDuplicate = TRUE;
             break;
         }
 
         /* Keep going */
         NextEntry = NextEntry->Flink;
     }
 
     /* Release the database and return the result */
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
     return FoundDuplicate;
 }

Referenced by SmpLoadDeferedSubsystem(), SmpLoadSubSystem(), and SmpSbCreateSession().

◆ SmpCheckForCrashDump()

BOOLEAN NTAPI SmpCheckForCrashDump ( IN PUNICODE_STRING FileName )

Definition at line 20 of file crashdmp.c.

 {
     return FALSE;
 }

Referenced by SmpCreatePagingFileOnFixedDrive().

◆ SmpCreatePagingFileDescriptor()

NTSTATUS NTAPI SmpCreatePagingFileDescriptor ( IN PUNICODE_STRING PageFileToken )

Definition at line 139 of file pagefile.c.

 {
     NTSTATUS Status;
     ULONG MinSize = 0, MaxSize = 0;
     BOOLEAN SystemManaged = FALSE, ZeroSize = TRUE;
     PSMP_PAGEFILE_DESCRIPTOR Descriptor, ListDescriptor;
     ULONG i;
     WCHAR c;
     PLIST_ENTRY NextEntry;
     UNICODE_STRING PageFileName, Arguments, SecondArgument;
 
     /* Make sure we don't have too many */
     if (SmpNumberOfPagingFiles >= MAX_PAGING_FILES)
     {
         DPRINT1("SMSS:PFILE: Too many paging files specified - %lu\n",
                 SmpNumberOfPagingFiles);
         return STATUS_TOO_MANY_PAGING_FILES;
     }
 
     /* Parse the specified and get the name and arguments out of it */
     DPRINT("SMSS:PFILE: Paging file specifier `%wZ'\n", PageFileToken);
     Status = SmpParseCommandLine(PageFileToken,
                                  NULL,
                                  &PageFileName,
                                  NULL,
                                  &Arguments);
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         DPRINT1("SMSS:PFILE: SmpParseCommandLine(%wZ) failed - Status == %lx\n",
                 PageFileToken, Status);
         return Status;
     }
 
     /* Set the variable to let everyone know we have a pagefile token */
     SmpRegistrySpecifierPresent = TRUE;
 
     /* Parse the arguments, if any */
     if (Arguments.Buffer)
     {
         /* Parse the pagefile size */
         for (i = 0; i < Arguments.Length / sizeof(WCHAR); i++)
         {
             /* Check if it's zero */
             c = Arguments.Buffer[i];
             if ((c != L' ') && (c != L'\t') && (c != L'0'))
             {
                 /* It isn't, break out */
                 ZeroSize = FALSE;
                 break;
             }
         }
     }
 
     /* Was a pagefile not specified, or was it specified with no size? */
     if (!(Arguments.Buffer) || (ZeroSize))
     {
         /* In this case, the system will manage its size */
         SystemManaged = TRUE;
     }
     else
     {
         /* We do have a size, so convert the arguments into a number */
         Status = RtlUnicodeStringToInteger(&Arguments, 0, &MinSize);
         if (!NT_SUCCESS(Status))
         {
             /* Fail */
             RtlFreeUnicodeString(&PageFileName);
             RtlFreeUnicodeString(&Arguments);
             return Status;
         }
 
         /* Now advance to the next argument */
         for (i = 0; i < Arguments.Length / sizeof(WCHAR); i++)
         {
             /* Found a space -- second argument must start here */
             if (Arguments.Buffer[i] == L' ')
             {
                 /* Use the rest of the arguments as a maximum size */
                 SecondArgument.Buffer = &Arguments.Buffer[i];
                 SecondArgument.Length = (USHORT)(Arguments.Length -
                                         i * sizeof(WCHAR));
                 SecondArgument.MaximumLength = (USHORT)(Arguments.MaximumLength -
                                                i * sizeof(WCHAR));
                 Status = RtlUnicodeStringToInteger(&SecondArgument, 0, &MaxSize);
                 if (!NT_SUCCESS(Status))
                 {
                     /* Fail */
                     RtlFreeUnicodeString(&PageFileName);
                     RtlFreeUnicodeString(&Arguments);
                     return Status;
                 }
 
                 break;
             }
         }
     }
 
     /* We are done parsing arguments */
     RtlFreeUnicodeString(&Arguments);
 
     /* Now we can allocate our descriptor */
     Descriptor = RtlAllocateHeap(RtlGetProcessHeap(),
                                  HEAP_ZERO_MEMORY,
                                  sizeof(SMP_PAGEFILE_DESCRIPTOR));
     if (!Descriptor)
     {
         /* Fail if we couldn't */
         RtlFreeUnicodeString(&PageFileName);
         return STATUS_NO_MEMORY;
     }
 
     /* Capture all our data into the descriptor */
     Descriptor->Token = *PageFileToken;
     Descriptor->Name = PageFileName;
     Descriptor->MinSize.QuadPart = MinSize * MEGABYTE;
     Descriptor->MaxSize.QuadPart = MaxSize * MEGABYTE;
     if (SystemManaged)
         Descriptor->Flags |= SMP_PAGEFILE_SYSTEM_MANAGED;
     Descriptor->Name.Buffer[STANDARD_DRIVE_LETTER_OFFSET] =
     RtlUpcaseUnicodeChar(Descriptor->Name.Buffer[STANDARD_DRIVE_LETTER_OFFSET]);
     if (Descriptor->Name.Buffer[STANDARD_DRIVE_LETTER_OFFSET] == '?')
     {
         Descriptor->Flags |= SMP_PAGEFILE_ON_ANY_DRIVE;
     }
 
     /* Now loop the existing descriptors */
     NextEntry = SmpPagingFileDescriptorList.Flink;
     do
     {
         /* Are there none, or have we looped back to the beginning? */
         if (NextEntry == &SmpPagingFileDescriptorList)
         {
             /* This means no duplicates exist, so insert our descriptor! */
             InsertTailList(&SmpPagingFileDescriptorList, &Descriptor->Entry);
             SmpNumberOfPagingFiles++;
             DPRINT("SMSS:PFILE: Created descriptor for `%wZ' (`%wZ')\n",
                     PageFileToken, &Descriptor->Name);
             return STATUS_SUCCESS;
         }
 
         /* Keep going until we find a duplicate, unless we are in "any" mode */
         ListDescriptor = CONTAINING_RECORD(NextEntry, SMP_PAGEFILE_DESCRIPTOR, Entry);
         NextEntry = NextEntry->Flink;
     } while (!(ListDescriptor->Flags & SMP_PAGEFILE_ON_ANY_DRIVE) ||
              !(Descriptor->Flags & SMP_PAGEFILE_ON_ANY_DRIVE));
 
     /* We found a duplicate, so skip this descriptor/pagefile and fail */
     DPRINT1("SMSS:PFILE: Skipping duplicate specifier `%wZ'\n", PageFileToken);
     RtlFreeUnicodeString(&PageFileName);
     RtlFreeHeap(RtlGetProcessHeap(), 0, Descriptor);
     return STATUS_INVALID_PARAMETER;
 }

Referenced by SmpLoadDataFromRegistry().

◆ SmpCreatePagingFiles()

NTSTATUS NTAPI SmpCreatePagingFiles ( VOID )

Definition at line 1049 of file pagefile.c.

 {
     NTSTATUS Status;
     PSMP_PAGEFILE_DESCRIPTOR Descriptor;
     LARGE_INTEGER Size, FuzzFactor;
     BOOLEAN Created = FALSE;
     PLIST_ENTRY NextEntry;
 
     /* Check if no paging files were requested */
     if (!(SmpNumberOfPagingFiles) && !(SmpRegistrySpecifierPresent))
     {
         /* The list should be empty -- nothing to do */
         ASSERT(IsListEmpty(&SmpPagingFileDescriptorList));
         DPRINT1("SMSS:PFILE: No paging file was requested\n");
         return STATUS_SUCCESS;
     }
 
     /* Initialize the volume descriptors so we can know what's available */
     Status = SmpCreateVolumeDescriptors();
     if (!NT_SUCCESS(Status))
     {
         /* We can't make decisions without this, so fail */
         DPRINT1("SMSS:PFILE: Failed to create volume descriptors (status %X)\n",
                 Status);
         return Status;
     }
 
     /* If we fail creating pagefiles, try to reduce by this much each time */
     FuzzFactor.QuadPart = FUZZ_FACTOR;
 
     /* Loop the descriptor list */
     NextEntry = SmpPagingFileDescriptorList.Flink;
     while (NextEntry != &SmpPagingFileDescriptorList)
     {
         /* Check what kind of descriptor this is */
         Descriptor = CONTAINING_RECORD(NextEntry, SMP_PAGEFILE_DESCRIPTOR, Entry);
         if (Descriptor->Flags & SMP_PAGEFILE_SYSTEM_MANAGED)
         {
             /* This is a system-managed descriptor. Create the correct file */
             DPRINT("SMSS:PFILE: Creating a system managed paging file (`%wZ')\n",
                     &Descriptor->Name);
             Status = SmpCreateSystemManagedPagingFile(Descriptor, FALSE);
             if (!NT_SUCCESS(Status))
             {
                 /* We failed -- try again, with size minimization this time */
                 DPRINT("SMSS:PFILE: Trying lower sizes for (`%wZ')\n",
                         &Descriptor->Name);
                 Status = SmpCreateSystemManagedPagingFile(Descriptor, TRUE);
             }
         }
         else
         {
             /* This is a manually entered descriptor. Validate its size first */
             SmpValidatePagingFileSizes(Descriptor);
 
             /* Check if this is an ANY pagefile or a FIXED pagefile */
             DPRINT("SMSS:PFILE: Creating a normal paging file (`%wZ')\n",
                     &Descriptor->Name);
             if (Descriptor->Name.Buffer[STANDARD_DRIVE_LETTER_OFFSET] == L'?')
             {
                 /* It's an any pagefile, try to create it wherever possible */
                 Size = Descriptor->MinSize;
                 Status = SmpCreatePagingFileOnAnyDrive(Descriptor,
                                                        &FuzzFactor,
                                                        &Size);
                 if (!NT_SUCCESS(Status))
                 {
                     /* We failed to create it. Try again with a smaller size */
                     DPRINT("SMSS:PFILE: Trying lower sizes for (`%wZ')\n",
                             &Descriptor->Name);
                     Size.QuadPart = 16 * MEGABYTE;
                     Status = SmpCreatePagingFileOnAnyDrive(Descriptor,
                                                            &FuzzFactor,
                                                            &Size);
                 }
             }
             else
             {
                 /* It's a fixed pagefile: override the minimum and use ours */
                 Size.QuadPart = 16 * MEGABYTE;
                 Status = SmpCreatePagingFileOnFixedDrive(Descriptor,
                                                          &FuzzFactor,
                                                          &Size);
             }
         }
 
         /* Go to the next descriptor */
         if (NT_SUCCESS(Status)) Created = TRUE;
         NextEntry = NextEntry->Flink;
     }
 
     /* Check if none of the code in our loops above was able to create it */
     if (!Created)
     {
         /* Build an emergency pagefile ourselves */
         DPRINT1("SMSS:PFILE: Creating emergency paging file.\n");
         Status = SmpCreateEmergencyPagingFile();
     }
 
     /* All done */
     return Status;
 }

Referenced by SmpLoadDataFromRegistry().

◆ SmpCreateSecurityDescriptors()

NTSTATUS NTAPI SmpCreateSecurityDescriptors ( IN BOOLEAN InitialCall )

Definition at line 975 of file sminit.c.

 {
     NTSTATUS Status;
     PSID WorldSid = NULL, AdminSid = NULL, SystemSid = NULL;
     PSID RestrictedSid = NULL, OwnerSid = NULL;
     SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY};
     SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
     SID_IDENTIFIER_AUTHORITY CreatorAuthority = {SECURITY_CREATOR_SID_AUTHORITY};
     ULONG AclLength, SidLength;
     PACL Acl;
     PACE_HEADER Ace;
     BOOLEAN ProtectionRequired = FALSE;
 
     /* Check if this is the first call */
     if (InitialCall)
     {
         /* Create and set the primary descriptor */
         SmpPrimarySecurityDescriptor = &SmpPrimarySDBody;
         Status = RtlCreateSecurityDescriptor(SmpPrimarySecurityDescriptor,
                                              SECURITY_DESCRIPTOR_REVISION);
         ASSERT(NT_SUCCESS(Status));
         Status = RtlSetDaclSecurityDescriptor(SmpPrimarySecurityDescriptor,
                                               TRUE,
                                               NULL,
                                               FALSE);
         ASSERT(NT_SUCCESS(Status));
 
         /* Create and set the liberal descriptor */
         SmpLiberalSecurityDescriptor = &SmpLiberalSDBody;
         Status = RtlCreateSecurityDescriptor(SmpLiberalSecurityDescriptor,
                                              SECURITY_DESCRIPTOR_REVISION);
         ASSERT(NT_SUCCESS(Status));
         Status = RtlSetDaclSecurityDescriptor(SmpLiberalSecurityDescriptor,
                                               TRUE,
                                               NULL,
                                               FALSE);
         ASSERT(NT_SUCCESS(Status));
 
         /* Create and set the \KnownDlls descriptor */
         SmpKnownDllsSecurityDescriptor = &SmpKnownDllsSDBody;
         Status = RtlCreateSecurityDescriptor(SmpKnownDllsSecurityDescriptor,
                                              SECURITY_DESCRIPTOR_REVISION);
         ASSERT(NT_SUCCESS(Status));
         Status = RtlSetDaclSecurityDescriptor(SmpKnownDllsSecurityDescriptor,
                                               TRUE,
                                               NULL,
                                               FALSE);
         ASSERT(NT_SUCCESS(Status));
 
         /* Create and Set the \ApiPort descriptor */
         SmpApiPortSecurityDescriptor = &SmpApiPortSDBody;
         Status = RtlCreateSecurityDescriptor(SmpApiPortSecurityDescriptor,
                                              SECURITY_DESCRIPTOR_REVISION);
         ASSERT(NT_SUCCESS(Status));
         Status = RtlSetDaclSecurityDescriptor(SmpApiPortSecurityDescriptor,
                                               TRUE,
                                               NULL,
                                               FALSE);
         ASSERT(NT_SUCCESS(Status));
     }
 
     /* Check if protection was requested in the registry (on by default) */
     if (SmpProtectionMode & 1) ProtectionRequired = TRUE;
 
     /* Exit if there's nothing to do */
     if (!(InitialCall || ProtectionRequired)) return STATUS_SUCCESS;
 
     /* Build the world SID */
     Status = RtlAllocateAndInitializeSid(&WorldAuthority, 1,
                                          SECURITY_WORLD_RID,
                                          0, 0, 0, 0, 0, 0, 0,
                                          &WorldSid);
     if (!NT_SUCCESS(Status))
     {
         WorldSid = NULL;
         goto Quickie;
     }
 
     /* Build the admin SID */
     Status = RtlAllocateAndInitializeSid(&NtAuthority, 2,
                                          SECURITY_BUILTIN_DOMAIN_RID,
                                          DOMAIN_ALIAS_RID_ADMINS,
                                          0, 0, 0, 0, 0, 0,
                                          &AdminSid);
     if (!NT_SUCCESS(Status))
     {
         AdminSid = NULL;
         goto Quickie;
     }
 
     /* Build the owner SID */
     Status = RtlAllocateAndInitializeSid(&CreatorAuthority, 1,
                                          SECURITY_CREATOR_OWNER_RID,
                                          0, 0, 0, 0, 0, 0, 0,
                                          &OwnerSid);
     if (!NT_SUCCESS(Status))
     {
         OwnerSid = NULL;
         goto Quickie;
     }
 
     /* Build the restricted SID */
     Status = RtlAllocateAndInitializeSid(&NtAuthority, 1,
                                          SECURITY_RESTRICTED_CODE_RID,
                                          0, 0, 0, 0, 0, 0, 0,
                                          &RestrictedSid);
     if (!NT_SUCCESS(Status))
     {
         RestrictedSid = NULL;
         goto Quickie;
     }
 
     /* Build the system SID */
     Status = RtlAllocateAndInitializeSid(&NtAuthority, 1,
                                          SECURITY_LOCAL_SYSTEM_RID,
                                          0, 0, 0, 0, 0, 0, 0,
                                          &SystemSid);
     if (!NT_SUCCESS(Status))
     {
         SystemSid = NULL;
         goto Quickie;
     }
 
     /* Now check if we're creating the core descriptors */
     if (!InitialCall)
     {
         /* We're skipping NextAcl so we have to do this here */
         SidLength = RtlLengthSid(WorldSid) + RtlLengthSid(RestrictedSid) + RtlLengthSid(AdminSid);
         SidLength *= 2;
         goto NotInitial;
     }
 
     /* Allocate an ACL with two ACEs with two SIDs each */
     SidLength = RtlLengthSid(SystemSid) + RtlLengthSid(AdminSid);
     AclLength = sizeof(ACL) + 2 * sizeof(ACCESS_ALLOWED_ACE) + SidLength;
     Acl = RtlAllocateHeap(RtlGetProcessHeap(), 0, AclLength);
     if (!Acl) Status = STATUS_NO_MEMORY;
     if (!NT_SUCCESS(Status)) goto NextAcl;
 
     /* Now build the ACL and add the two ACEs */
     Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION2);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, SystemSid);
     ASSERT(NT_SUCCESS(Status));
 
     /* Set this as the DACL */
     Status = RtlSetDaclSecurityDescriptor(SmpApiPortSecurityDescriptor,
                                           TRUE,
                                           Acl,
                                           FALSE);
     ASSERT(NT_SUCCESS(Status));
 
 NextAcl:
     /* Allocate an ACL with 6 ACEs, two ACEs per SID */
     SidLength = RtlLengthSid(WorldSid) + RtlLengthSid(RestrictedSid) + RtlLengthSid(AdminSid);
     SidLength *= 2;
     AclLength = sizeof(ACL) + 6 * sizeof(ACCESS_ALLOWED_ACE) + SidLength;
     Acl = RtlAllocateHeap(RtlGetProcessHeap(), 0, AclLength);
     if (!Acl) Status = STATUS_NO_MEMORY;
     if (!NT_SUCCESS(Status)) goto NotInitial;
 
     /* Now build the ACL and add the six ACEs */
     Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION2);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
 
     /* Now edit the last three ACEs and make them inheritable */
     Status = RtlGetAce(Acl, 3, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 4, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 5, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
 
     /* Set this as the DACL */
     Status = RtlSetDaclSecurityDescriptor(SmpKnownDllsSecurityDescriptor,
                                           TRUE,
                                           Acl,
                                           FALSE);
     ASSERT(NT_SUCCESS(Status));
 
 NotInitial:
     /* The initial ACLs have been created, are we also protecting objects? */
     if (!ProtectionRequired) goto Quickie;
 
     /* Allocate an ACL with 7 ACEs, two ACEs per SID, and one final owner ACE */
     SidLength += RtlLengthSid(OwnerSid);
     AclLength = sizeof(ACL) + 7 * sizeof (ACCESS_ALLOWED_ACE) + 2 * SidLength;
     Acl = RtlAllocateHeap(RtlGetProcessHeap(), 0, AclLength);
     if (!Acl) Status = STATUS_NO_MEMORY;
     if (!NT_SUCCESS(Status)) goto Quickie;
 
     /* Build the ACL and add the seven ACEs */
     Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION2);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, OwnerSid);
     ASSERT(NT_SUCCESS(Status));
 
     /* Edit the last 4 ACEs to make then inheritable */
     Status = RtlGetAce(Acl, 3, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 4, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 5, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 6, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
 
     /* Set this as the DACL for the primary SD */
     Status = RtlSetDaclSecurityDescriptor(SmpPrimarySecurityDescriptor,
                                           TRUE,
                                           Acl,
                                           FALSE);
     ASSERT(NT_SUCCESS(Status));
 
     /* Allocate an ACL with 7 ACEs, two ACEs per SID, and one final owner ACE */
     AclLength = sizeof(ACL) + 7 * sizeof (ACCESS_ALLOWED_ACE) + 2 * SidLength;
     Acl = RtlAllocateHeap(RtlGetProcessHeap(), 0, AclLength);
     if (!Acl) Status = STATUS_NO_MEMORY;
     if (!NT_SUCCESS(Status)) goto Quickie;
 
     /* Build the ACL and add the seven ACEs */
     Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION2);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, WorldSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_EXECUTE | GENERIC_READ | GENERIC_WRITE, RestrictedSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, AdminSid);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION2, GENERIC_ALL, OwnerSid);
     ASSERT(NT_SUCCESS(Status));
 
     /* Edit the last 4 ACEs to make then inheritable */
     Status = RtlGetAce(Acl, 3, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 4, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 5, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
     Status = RtlGetAce(Acl, 6, (PVOID)&Ace);
     ASSERT(NT_SUCCESS(Status));
     Ace->AceFlags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE;
 
     /* Now set this as the DACL for the liberal SD */
     Status = RtlSetDaclSecurityDescriptor(SmpLiberalSecurityDescriptor,
                                           TRUE,
                                           Acl,
                                           FALSE);
     ASSERT(NT_SUCCESS(Status));
 
 Quickie:
     /* Cleanup the SIDs */
     if (OwnerSid) RtlFreeHeap(RtlGetProcessHeap(), 0, OwnerSid);
     if (AdminSid) RtlFreeHeap(RtlGetProcessHeap(), 0, AdminSid);
     if (WorldSid) RtlFreeHeap(RtlGetProcessHeap(), 0, WorldSid);
     if (SystemSid) RtlFreeHeap(RtlGetProcessHeap(), 0, SystemSid);
     if (RestrictedSid) RtlFreeHeap(RtlGetProcessHeap(), 0, RestrictedSid);
     return Status;
 }

Referenced by SmpConfigureProtectionMode(), and SmpInit().

◆ SmpDeleteSession()

VOID NTAPI SmpDeleteSession ( IN ULONG SessionId )

Definition at line 98 of file smsessn.c.

 {
     PSMP_SESSION Session;
 
     /* Enter the lock and get the session structure */
     RtlEnterCriticalSection(&SmpSessionListLock);
     Session = SmpSessionIdToSession(SessionId);
     if (Session)
     {
         /* Remove it from the list */
         RemoveEntryList(&Session->Entry);
         RtlLeaveCriticalSection(&SmpSessionListLock);
 
         /* Now free the structure outside of the lock */
         RtlFreeHeap(SmpHeap, 0, Session);
     }
     else
     {
         /* ID doesn't map to one of our structures, nothing to do... */
         RtlLeaveCriticalSection(&SmpSessionListLock);
     }
 }

Referenced by SmpLoadSubSystem(), and SmpSbCreateSession().

◆ SmpDereferenceSubsystem()

VOID NTAPI SmpDereferenceSubsystem ( IN PSMP_SUBSYSTEM SubSystem )

Definition at line 47 of file smsubsys.c.

 {
     /* Acquire the database lock while we (potentially) destroy this subsystem */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
 
     /* Drop the reference and see if it's terminating */
     if (!(--SubSystem->ReferenceCount) && (SubSystem->Terminating))
     {
         /* Close all handles and free it */
         if (SubSystem->Event) NtClose(SubSystem->Event);
         if (SubSystem->ProcessHandle) NtClose(SubSystem->ProcessHandle);
         if (SubSystem->SbApiPort) NtClose(SubSystem->SbApiPort);
         RtlFreeHeap(SmpHeap, 0, SubSystem);
     }
 
     /* Release the database lock */
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
 }

Referenced by SmpHandleConnectionRequest(), SmpLoadSubSystem(), and SmpSbCreateSession().

◆ SmpExecuteCommand()

NTSTATUS NTAPI SmpExecuteCommand	(	IN PUNICODE_STRING	CommandLine,
		IN ULONG	MuSessionId,
		OUT PHANDLE	ProcessId,
		IN ULONG	Flags
	)

Definition at line 210 of file smss.c.

 {
     NTSTATUS Status;
     UNICODE_STRING Arguments, Directory, FileName;
 
     /* There's no longer a debugging subsystem */
     if (Flags & SMP_DEBUG_FLAG) return STATUS_SUCCESS;
 
     /* Parse the command line to see what execution flags are requested */
     Status = SmpParseCommandLine(CommandLine,
                                  &Flags,
                                  &FileName,
                                  &Directory,
                                  &Arguments);
     if (!NT_SUCCESS(Status))
     {
         /* Fail if we couldn't do that */
         DPRINT1("SMSS: SmpParseCommandLine( %wZ ) failed - Status == %lx\n",
                 CommandLine, Status);
         return Status;
     }
 
     /* Check if autochk is requested */
     if (Flags & SMP_AUTOCHK_FLAG)
     {
         /* Run it */
         Status = SmpInvokeAutoChk(&FileName, &Directory, &Arguments, Flags);
     }
     else if (Flags & SMP_SUBSYSTEM_FLAG)
     {
         Status = SmpLoadSubSystem(&FileName,
                                   &Directory,
                                   CommandLine,
                                   MuSessionId,
                                   ProcessId,
                                   Flags);
     }
     else if (Flags & SMP_INVALID_PATH)
     {
         /* An invalid image was specified, fail */
         DPRINT1("SMSS: Image file (%wZ) not found\n", &FileName);
         Status = STATUS_OBJECT_NAME_NOT_FOUND;
     }
     else
     {
         /* An actual image name was present, execute it */
         Status = SmpExecuteImage(&FileName,
                                  &Directory,
                                  CommandLine,
                                  MuSessionId,
                                  Flags,
                                  NULL);
     }
 
     /* Free all the token parameters */
     if (FileName.Buffer)  RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
     if (Directory.Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Directory.Buffer);
     if (Arguments.Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Arguments.Buffer);
 
     /* Return to the caller */
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Command '%wZ' failed - Status == %x\n",
                 CommandLine, Status);
     }
     return Status;
 }

Referenced by SmpLoadDataFromRegistry(), SmpLoadDeferedSubsystem(), and SmpLoadSubSystemsForMuSession().

◆ SmpExecuteImage()

NTSTATUS NTAPI SmpExecuteImage	(	IN PUNICODE_STRING	FileName,
		IN PUNICODE_STRING	Directory,
		IN PUNICODE_STRING	CommandLine,
		IN ULONG	MuSessionId,
		IN ULONG	Flags,
		IN PRTL_USER_PROCESS_INFORMATION	ProcessInformation
	)

Definition at line 30 of file smss.c.

 {
     PRTL_USER_PROCESS_INFORMATION ProcessInfo;
     NTSTATUS Status;
     RTL_USER_PROCESS_INFORMATION LocalProcessInfo;
     PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
 
     /* Use the input process information if we have it, otherwise use local */
     ProcessInfo = ProcessInformation;
     if (!ProcessInfo) ProcessInfo = &LocalProcessInfo;
 
     /* Create parameters for the target process */
     Status = RtlCreateProcessParameters(&ProcessParameters,
                                         FileName,
                                         SmpDefaultLibPath.Length ?
                                         &SmpDefaultLibPath : NULL,
                                         Directory,
                                         CommandLine,
                                         SmpDefaultEnvironment,
                                         NULL,
                                         NULL,
                                         NULL,
                                         0);
     if (!NT_SUCCESS(Status))
     {
         /* This is a pretty bad failure. ASSERT on checked builds and exit */
         ASSERTMSG("RtlCreateProcessParameters failed.\n", NT_SUCCESS(Status));
         DPRINT1("SMSS: RtlCreateProcessParameters failed for %wZ - Status == %lx\n",
                 FileName, Status);
         return Status;
     }
 
     /* Set the size field as required */
     ProcessInfo->Size = sizeof(*ProcessInfo);
 
     /* Check if the debug flag was requested */
     if (Flags & SMP_DEBUG_FLAG)
     {
         /* Write it in the process parameters */
         ProcessParameters->DebugFlags = 1;
     }
     else
     {
         /* Otherwise inherit the flag that was passed to SMSS itself */
         ProcessParameters->DebugFlags = SmpDebug;
     }
 
     /* Subsystems get the first 1MB of memory reserved for DOS/IVT purposes */
     if (Flags & SMP_SUBSYSTEM_FLAG)
     {
         ProcessParameters->Flags |= RTL_USER_PROCESS_PARAMETERS_RESERVE_1MB;
     }
 
     /* And always force NX for anything that SMSS launches */
     ProcessParameters->Flags |= RTL_USER_PROCESS_PARAMETERS_NX;
 
     /* Now create the process in suspended state */
     Status = RtlCreateUserProcess(FileName,
                                   OBJ_CASE_INSENSITIVE,
                                   ProcessParameters,
                                   NULL,
                                   NULL,
                                   NULL,
                                   FALSE,
                                   NULL,
                                   NULL,
                                   ProcessInfo);
     RtlDestroyProcessParameters(ProcessParameters);
     if (!NT_SUCCESS(Status))
     {
         /* If we couldn't create it, fail back to the caller */
         DPRINT1("SMSS: Failed load of %wZ - Status  == %lx\n",
                 FileName, Status);
         return Status;
     }
 
     /* Associate a session with this process */
     Status = SmpSetProcessMuSessionId(ProcessInfo->ProcessHandle, MuSessionId);
 
     /* If the application is deferred (suspended), there's nothing to do */
     if (Flags & SMP_DEFERRED_FLAG) return Status;
 
     /* Otherwise, get ready to start it, but make sure it's a native app */
     if (ProcessInfo->ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_NATIVE)
     {
         /* Resume it */
         NtResumeThread(ProcessInfo->ThreadHandle, NULL);
         if (!(Flags & SMP_ASYNC_FLAG))
         {
             /* Block on it unless Async was requested */
             NtWaitForSingleObject(ProcessInfo->ThreadHandle, FALSE, NULL);
         }
 
         /* It's up and running now, close our handles */
         NtClose(ProcessInfo->ThreadHandle);
         NtClose(ProcessInfo->ProcessHandle);
     }
     else
     {
         /* This image is invalid, so kill it, close our handles, and fail */
         Status = STATUS_INVALID_IMAGE_FORMAT;
         NtTerminateProcess(ProcessInfo->ProcessHandle, Status);
         NtWaitForSingleObject(ProcessInfo->ThreadHandle, FALSE, NULL);
         NtClose(ProcessInfo->ThreadHandle);
         NtClose(ProcessInfo->ProcessHandle);
         DPRINT1("SMSS: Not an NT image - %wZ\n", FileName);
     }
 
     /* Return the outcome of the process create */
     return Status;
 }

Referenced by SmpExecuteCommand(), SmpExecuteInitialCommand(), SmpInvokeAutoChk(), and SmpLoadSubSystem().

◆ SmpExecuteInitialCommand()

NTSTATUS NTAPI SmpExecuteInitialCommand	(	IN ULONG	MuSessionId,
		IN PUNICODE_STRING	InitialCommand,
		IN HANDLE	InitialCommandProcess,
		OUT PHANDLE	ReturnPid
	)

Definition at line 283 of file smss.c.

 {
     NTSTATUS Status;
     RTL_USER_PROCESS_INFORMATION ProcessInfo;
     UNICODE_STRING Arguments, Directory, FileName;
     ULONG Flags = 0;
 
     /* Check if we haven't yet connected to ourselves */
     if (!SmApiPort)
     {
         /* Connect to ourselves, as a client */
         Status = SmConnectToSm(NULL, NULL, 0, &SmApiPort);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("SMSS: Unable to connect to SM - Status == %lx\n", Status);
             return Status;
         }
     }
 
     /* Parse the initial command line */
     Status = SmpParseCommandLine(InitialCommand,
                                  &Flags,
                                  &FileName,
                                  &Directory,
                                  &Arguments);
     if (Flags & SMP_INVALID_PATH)
     {
         /* Fail if it doesn't exist */
         DPRINT1("SMSS: Initial command image (%wZ) not found\n", &FileName);
         if (FileName.Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
         return STATUS_OBJECT_NAME_NOT_FOUND;
     }
 
     /* And fail if any other reason is also true */
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: SmpParseCommandLine( %wZ ) failed - Status == %lx\n",
                 InitialCommand, Status);
         return Status;
     }
 
     /* Execute the initial command, but defer its full execution */
     Status = SmpExecuteImage(&FileName,
                              &Directory,
                              InitialCommand,
                              MuSessionId,
                              SMP_DEFERRED_FLAG,
                              &ProcessInfo);
 
     /* Free all the token parameters */
     if (FileName.Buffer)  RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
     if (Directory.Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Directory.Buffer);
     if (Arguments.Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Arguments.Buffer);
 
     /* Bail out if we couldn't execute the initial command */
     if (!NT_SUCCESS(Status)) return Status;
 
     /* Now duplicate the handle to this process */
     Status = NtDuplicateObject(NtCurrentProcess(),
                                ProcessInfo.ProcessHandle,
                                NtCurrentProcess(),
                                InitialCommandProcess,
                                PROCESS_ALL_ACCESS,
                                0,
                                0);
     if (!NT_SUCCESS(Status))
     {
         /* Kill it utterly if duplication failed */
         DPRINT1("SMSS: DupObject Failed. Status == %lx\n", Status);
         NtTerminateProcess(ProcessInfo.ProcessHandle, Status);
         NtResumeThread(ProcessInfo.ThreadHandle, NULL);
         NtClose(ProcessInfo.ThreadHandle);
         NtClose(ProcessInfo.ProcessHandle);
         return Status;
     }
 
     /* Return PID to the caller, and set this as the initial command PID */
     if (ReturnPid) *ReturnPid = ProcessInfo.ClientId.UniqueProcess;
     if (!MuSessionId) SmpInitialCommandProcessId = ProcessInfo.ClientId.UniqueProcess;
 
     /* Now call our server execution function to wrap up its initialization */
     Status = SmExecPgm(SmApiPort, &ProcessInfo, FALSE);
     if (!NT_SUCCESS(Status)) DPRINT1("SMSS: SmExecPgm Failed. Status == %lx\n", Status);
     return Status;
 }

Referenced by _main(), and SmpStartCsr().

◆ SmpGetProcessMuSessionId()

NTSTATUS NTAPI SmpGetProcessMuSessionId	(	IN HANDLE	ProcessHandle,
		OUT PULONG	SessionId
	)

Definition at line 168 of file smsessn.c.

 {
     NTSTATUS Status;
     ULONG ProcessSession;
 
     /* Query the kernel for the session ID */
     Status = NtQueryInformationProcess(ProcessHandle,
                                        ProcessSessionInformation,
                                        &ProcessSession,
                                        sizeof(ProcessSession),
                                        NULL);
     if (NT_SUCCESS(Status))
     {
         /* Copy it back into the buffer */
         *SessionId = ProcessSession;
     }
     else
     {
         /* Failure -- assume session zero */
         DPRINT1("SMSS: GetProcessMuSessionId, Process=%p, Status=%x\n",
                 ProcessHandle, Status);
         *SessionId = 0;
     }
 
     /* Return result */
     return Status;
 }

Referenced by SmpHandleConnectionRequest(), SmpLoadDeferedSubsystem(), and SmpSbCreateSession().

◆ SmpInit()

NTSTATUS NTAPI SmpInit	(	IN PUNICODE_STRING	InitialCommand,
		OUT PHANDLE	ProcessHandle
	)

Definition at line 2449 of file sminit.c.

 {
     NTSTATUS Status, Status2;
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING PortName, EventName;
     HANDLE EventHandle, PortHandle;
     ULONG HardErrorMode;
 
     /* Create the SMSS Heap */
     SmBaseTag = RtlCreateTagHeap(RtlGetProcessHeap(),
                                  0,
                                  L"SMSS!",
                                  L"INIT");
     SmpHeap = RtlGetProcessHeap();
 
     /* Enable hard errors */
     HardErrorMode = TRUE;
     NtSetInformationProcess(NtCurrentProcess(),
                             ProcessDefaultHardErrorMode,
                             &HardErrorMode,
                             sizeof(HardErrorMode));
 
     /* Initialize the subsystem list and the session list, plus their locks */
     RtlInitializeCriticalSection(&SmpKnownSubSysLock);
     InitializeListHead(&SmpKnownSubSysHead);
     RtlInitializeCriticalSection(&SmpSessionListLock);
     InitializeListHead(&SmpSessionListHead);
 
     /* Initialize the process list */
     InitializeListHead(&NativeProcessList);
 
     /* Initialize session parameters */
     SmpNextSessionId = 1;
     SmpNextSessionIdScanMode = FALSE;
     SmpDbgSsLoaded = FALSE;
 
     /* Create the initial security descriptors */
     Status = SmpCreateSecurityDescriptors(TRUE);
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
         SMSS_CHECKPOINT(SmpCreateSecurityDescriptors, Status);
         return Status;
     }
 
     /* Initialize subsystem names */
     RtlInitUnicodeString(&SmpSubsystemName, L"NT-Session Manager");
     RtlInitUnicodeString(&PosixName, L"POSIX");
     RtlInitUnicodeString(&Os2Name, L"OS2");
 
     /* Create the SM API Port */
     RtlInitUnicodeString(&PortName, L"\\SmApiPort");
     InitializeObjectAttributes(&ObjectAttributes, &PortName, 0, NULL, SmpApiPortSecurityDescriptor);
     Status = NtCreatePort(&PortHandle,
                           &ObjectAttributes,
                           sizeof(SB_CONNECTION_INFO),
                           sizeof(SM_API_MSG),
                           sizeof(SB_API_MSG) * 32);
     ASSERT(NT_SUCCESS(Status));
     SmpDebugPort = PortHandle;
 
     /* Create two SM API threads */
     Status = RtlCreateUserThread(NtCurrentProcess(),
                                  NULL,
                                  FALSE,
                                  0,
                                  0,
                                  0,
                                  SmpApiLoop,
                                  PortHandle,
                                  NULL,
                                  NULL);
     ASSERT(NT_SUCCESS(Status));
     Status = RtlCreateUserThread(NtCurrentProcess(),
                                  NULL,
                                  FALSE,
                                  0,
                                  0,
                                  0,
                                  SmpApiLoop,
                                  PortHandle,
                                  NULL,
                                  NULL);
     ASSERT(NT_SUCCESS(Status));
 
     /* Create the write event that autochk can set after running */
     RtlInitUnicodeString(&EventName, L"\\Device\\VolumesSafeForWriteAccess");
     InitializeObjectAttributes(&ObjectAttributes,
                                &EventName,
                                OBJ_PERMANENT,
                                NULL,
                                NULL);
     Status2 = NtCreateEvent(&EventHandle,
                             EVENT_ALL_ACCESS,
                             &ObjectAttributes,
                             0,
                             0);
     if (!NT_SUCCESS(Status2))
     {
         /* Should never really fail */
         DPRINT1("SMSS: Unable to create %wZ event - Status == %lx\n",
                 &EventName, Status2);
         ASSERT(NT_SUCCESS(Status2));
     }
 
     /* Now initialize everything else based on the registry parameters */
     Status = SmpLoadDataFromRegistry(InitialCommand);
     if (NT_SUCCESS(Status))
     {
         /* Autochk should've run now. Set the event and save the CSRSS handle */
         *ProcessHandle = SmpWindowsSubSysProcess;
         NtSetEvent(EventHandle, NULL);
         NtClose(EventHandle);
     }
 
     /* All done */
     return Status;
 }

Referenced by _main().

◆ SmpLoadSubSystem()

NTSTATUS NTAPI SmpLoadSubSystem	(	IN PUNICODE_STRING	FileName,
		IN PUNICODE_STRING	Directory,
		IN PUNICODE_STRING	CommandLine,
		IN ULONG	MuSessionId,
		OUT PHANDLE	ProcessId,
		IN ULONG	Flags
	)

Definition at line 138 of file smsubsys.c.

 {
     PSMP_SUBSYSTEM Subsystem, NewSubsystem, KnownSubsystem = NULL;
     HANDLE SubSysProcessId;
     NTSTATUS Status = STATUS_SUCCESS;
     SB_API_MSG SbApiMsg;
     RTL_USER_PROCESS_INFORMATION ProcessInformation;
     LARGE_INTEGER Timeout;
     PVOID State;
     PSB_CREATE_PROCESS_MSG CreateProcess = &SbApiMsg.u.CreateProcess;
     PSB_CREATE_SESSION_MSG CreateSession = &SbApiMsg.u.CreateSession;
 
     /* Make sure this is a found subsystem */
     if (Flags & SMP_INVALID_PATH)
     {
         DPRINT1("SMSS: Unable to find subsystem - %wZ\n", FileName);
         return STATUS_OBJECT_NAME_NOT_FOUND;
     }
 
     /* Don't use a session if the flag is set */
     if (Flags & 0x80) MuSessionId = 0;
 
     /* Lock the subsystems while we do a look up */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
     while (TRUE)
     {
         /* Check if we found a subsystem not yet fully initialized */
         Subsystem = SmpLocateKnownSubSysByType(MuSessionId, -1);
         if (!Subsystem) break;
         RtlLeaveCriticalSection(&SmpKnownSubSysLock);
 
         /* Wait on it to initialize */
         NtWaitForSingleObject(Subsystem->Event, FALSE, NULL);
 
         /* Dereference it and try the next one */
         RtlEnterCriticalSection(&SmpKnownSubSysLock);
         SmpDereferenceSubsystem(Subsystem);
     }
 
     /* Check if this is a POSIX subsystem */
     if (Flags & SMP_POSIX_FLAG)
     {
         /* Do we already have it? */
         Subsystem = SmpLocateKnownSubSysByType(MuSessionId, IMAGE_SUBSYSTEM_POSIX_CUI);
     }
     else if (Flags & SMP_OS2_FLAG)
     {
         /* This is an OS/2 subsystem, do we we already have it? */
         Subsystem = SmpLocateKnownSubSysByType(MuSessionId, IMAGE_SUBSYSTEM_OS2_CUI);
     }
 
     /* Check if we already have one of the optional subsystems for the session */
     if (Subsystem)
     {
         /* Dereference and return, no work to do */
         SmpDereferenceSubsystem(Subsystem);
         RtlLeaveCriticalSection(&SmpKnownSubSysLock);
         return STATUS_SUCCESS;
     }
 
     /* Allocate a new subsystem! */
     NewSubsystem = RtlAllocateHeap(SmpHeap, SmBaseTag, sizeof(SMP_SUBSYSTEM));
     if (!NewSubsystem)
     {
         RtlLeaveCriticalSection(&SmpKnownSubSysLock);
         return STATUS_NO_MEMORY;
     }
 
     /* Initialize its header and reference count */
     NewSubsystem->ReferenceCount = 1;
     NewSubsystem->MuSessionId = MuSessionId;
     NewSubsystem->ImageType = -1;
 
     /* Clear out all the other data for now */
     NewSubsystem->Terminating = FALSE;
     NewSubsystem->ProcessHandle = NULL;
     NewSubsystem->Event = NULL;
     NewSubsystem->PortHandle = NULL;
     NewSubsystem->SbApiPort = NULL;
 
     /* Create the event we'll be waiting on for initialization */
     Status = NtCreateEvent(&NewSubsystem->Event,
                            EVENT_ALL_ACCESS,
                            NULL,
                            NotificationEvent,
                            FALSE);
     if (!NT_SUCCESS(Status))
     {
         /* This failed, bail out */
         RtlFreeHeap(SmpHeap, 0, NewSubsystem);
         RtlLeaveCriticalSection(&SmpKnownSubSysLock);
         return STATUS_NO_MEMORY;
     }
 
     /* Insert the subsystem and release the lock. It can now be found */
     InsertTailList(&SmpKnownSubSysHead, &NewSubsystem->Entry);
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
 
     /* The OS/2 and POSIX subsystems are actually Windows applications! */
     if (Flags & (SMP_POSIX_FLAG | SMP_OS2_FLAG))
     {
         /* Locate the Windows subsystem for this session */
         KnownSubsystem = SmpLocateKnownSubSysByType(MuSessionId,
                                                     IMAGE_SUBSYSTEM_WINDOWS_GUI);
         if (!KnownSubsystem)
         {
             DPRINT1("SMSS: SmpLoadSubSystem - SmpLocateKnownSubSysByType Failed\n");
             goto Quickie2;
         }
 
         /* Fill out all the process details and call CSRSS to launch it */
         CreateProcess->In.ImageName = FileName;
         CreateProcess->In.CurrentDirectory = Directory;
         CreateProcess->In.CommandLine = CommandLine;
         CreateProcess->In.DllPath = SmpDefaultLibPath.Length ?
                                     &SmpDefaultLibPath : NULL;
         CreateProcess->In.Flags = Flags | SMP_DEFERRED_FLAG;
         CreateProcess->In.DebugFlags = SmpDebug;
         Status = SmpCallCsrCreateProcess(&SbApiMsg,
                                          sizeof(*CreateProcess),
                                          KnownSubsystem->SbApiPort);
         if (!NT_SUCCESS(Status))
         {
             /* Handle failures */
             DPRINT1("SMSS: SmpLoadSubSystem - SmpCallCsrCreateProcess Failed with  Status %lx\n",
                     Status);
             goto Quickie2;
         }
 
         /* Save the process information we'll need for the create session */
         ProcessInformation.ProcessHandle = CreateProcess->Out.ProcessHandle;
         ProcessInformation.ThreadHandle = CreateProcess->Out.ThreadHandle;
         ProcessInformation.ClientId = CreateProcess->Out.ClientId;
         ProcessInformation.ImageInformation.SubSystemType = CreateProcess->Out.SubsystemType;
     }
     else
     {
         /* This must be CSRSS itself, so just launch it and that's it */
         Status = SmpExecuteImage(FileName,
                                  Directory,
                                  CommandLine,
                                  MuSessionId,
                                  Flags | SMP_DEFERRED_FLAG,
                                  &ProcessInformation);
         if (!NT_SUCCESS(Status))
         {
             /* Handle failures */
             DPRINT1("SMSS: SmpLoadSubSystem - SmpExecuteImage Failed with  Status %lx\n",
                     Status);
             goto Quickie2;
         }
     }
 
     /* Fill out the handle and client ID in the subsystem structure now */
     NewSubsystem->ProcessHandle = ProcessInformation.ProcessHandle;
     NewSubsystem->ClientId = ProcessInformation.ClientId;
 
     /* Check if we launched a native image or a subsystem-backed image */
     if (ProcessInformation.ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_NATIVE)
     {
         /* This must be CSRSS itself, since it's a native subsystem image */
         SubSysProcessId = ProcessInformation.ClientId.UniqueProcess;
         if ((ProcessId) && !(*ProcessId)) *ProcessId = SubSysProcessId;
 
         /* Was this the initial CSRSS on Session 0? */
         if (!MuSessionId)
         {
             /* Then save it in the global variables */
             SmpWindowsSubSysProcessId = SubSysProcessId;
             SmpWindowsSubSysProcess = ProcessInformation.ProcessHandle;
         }
         ASSERT(NT_SUCCESS(Status));
     }
     else
     {
         /* This is the POSIX or OS/2 subsystem process, copy its information */
         CreateSession->ProcessInfo = ProcessInformation;
 
         CreateSession->DbgSessionId = 0;
         *(PULONGLONG)&CreateSession->DbgUiClientId = 0;
 
         /* This should find CSRSS because they are POSIX or OS/2 subsystems */
         Subsystem = SmpLocateKnownSubSysByType(MuSessionId,
                                                ProcessInformation.ImageInformation.SubSystemType);
         if (!Subsystem)
         {
             /* Odd failure -- but handle it anyway */
             Status = STATUS_NO_SUCH_PACKAGE;
             DPRINT1("SMSS: SmpLoadSubSystem - SmpLocateKnownSubSysByType Failed with  Status %lx for sessionid %lu\n",
                     Status,
                     MuSessionId);
             goto Quickie;
         }
 
         /* Duplicate the parent process handle for the subsystem to have */
         Status = NtDuplicateObject(NtCurrentProcess(),
                                    ProcessInformation.ProcessHandle,
                                    Subsystem->ProcessHandle,
                                    &CreateSession->ProcessInfo.ProcessHandle,
                                    PROCESS_ALL_ACCESS,
                                    0,
                                    0);
         if (!NT_SUCCESS(Status))
         {
             /* Fail since this is critical */
             DPRINT1("SMSS: SmpLoadSubSystem - NtDuplicateObject Failed with  Status %lx for sessionid %lu\n",
                     Status,
                     MuSessionId);
             goto Quickie;
         }
 
         /* Duplicate the initial thread handle for the subsystem to have */
         Status = NtDuplicateObject(NtCurrentProcess(),
                                    ProcessInformation.ThreadHandle,
                                    Subsystem->ProcessHandle,
                                    &CreateSession->ProcessInfo.ThreadHandle,
                                    THREAD_ALL_ACCESS,
                                    0,
                                    0);
         if (!NT_SUCCESS(Status))
         {
             /* Fail since this is critical */
             DPRINT1("SMSS: SmpLoadSubSystem - NtDuplicateObject Failed with  Status %lx for sessionid %lu\n",
                     Status,
                     MuSessionId);
             goto Quickie;
         }
 
         /* Allocate an internal Session ID for this subsystem */
         CreateSession->SessionId = SmpAllocateSessionId(Subsystem, NULL);
 
         /* Send the create session message to the subsystem */
         SbApiMsg.ReturnValue = STATUS_SUCCESS;
         SbApiMsg.h.u2.ZeroInit = 0;
         SbApiMsg.h.u1.s1.DataLength = sizeof(SB_CREATE_SESSION_MSG) + 8;
         SbApiMsg.h.u1.s1.TotalLength = sizeof(SB_API_MSG);
         SbApiMsg.ApiNumber = SbpCreateSession;
         Status = NtRequestWaitReplyPort(Subsystem->SbApiPort,
                                         &SbApiMsg.h,
                                         &SbApiMsg.h);
         if (NT_SUCCESS(Status)) Status = SbApiMsg.ReturnValue;
         if (!NT_SUCCESS(Status))
         {
             /* Delete the session and handle failure if the LPC call failed */
             SmpDeleteSession(CreateSession->SessionId);
             DPRINT1("SMSS: SmpLoadSubSystem - NtRequestWaitReplyPort Failed with  Status %lx for sessionid %lu\n",
                     Status,
                     MuSessionId);
             goto Quickie;
         }
     }
 
     /* Okay, everything looks good to go, initialize this subsystem now! */
     Status = NtResumeThread(ProcessInformation.ThreadHandle, NULL);
     if (!NT_SUCCESS(Status))
     {
         /* That didn't work -- back out of everything */
         DPRINT1("SMSS: SmpLoadSubSystem - NtResumeThread failed Status %lx\n", Status);
         goto Quickie;
     }
 
     /* Check if this was the subsystem for a different session */
     if (MuSessionId)
     {
         /* Wait up to 60 seconds for it to initialize */
         Timeout.QuadPart = -600000000;
         Status = NtWaitForSingleObject(NewSubsystem->Event, FALSE, &Timeout);
 
         /* Timeout is done -- does this session still exist? */
         if (!SmpCheckDuplicateMuSessionId(MuSessionId))
         {
             /* Nope, it died. Cleanup should've ocurred in a different path. */
             DPRINT1("SMSS: SmpLoadSubSystem - session deleted\n");
             return STATUS_DELETE_PENDING;
         }
 
         /* Check if we timed our or there was another error with the wait */
         if (Status != STATUS_WAIT_0)
         {
             /* Something is wrong with the subsystem, so back out of everything */
             DPRINT1("SMSS: SmpLoadSubSystem - Timeout waiting for subsystem connect with Status %lx for sessionid %lu\n",
                     Status,
                     MuSessionId);
             goto Quickie;
         }
     }
     else
     {
         /* This a session 0 subsystem, just wait for it to initialize */
         NtWaitForSingleObject(NewSubsystem->Event, FALSE, NULL);
     }
 
     /* Subsystem is created, resumed, and initialized. Close handles and exit */
     NtClose(ProcessInformation.ThreadHandle);
     Status = STATUS_SUCCESS;
     goto Quickie2;
 
 Quickie:
     /* This is the failure path. First check if we need to detach from session */
     if ((AttachedSessionId == -1) || (Flags & (SMP_POSIX_FLAG | SMP_OS2_FLAG)))
     {
         /* We were not attached, or did not launch subsystems that required it */
         DPRINT1("SMSS: Did not detach from Session Space: SessionId=%x Flags=%x Status=%x\n",
                 AttachedSessionId,
                 Flags | SMP_DEFERRED_FLAG,
                 Status);
     }
     else
     {
         /* Get the privilege we need for detachment */
         Status = SmpAcquirePrivilege(SE_LOAD_DRIVER_PRIVILEGE, &State);
         if (!NT_SUCCESS(Status))
         {
             /* We can't detach without it */
             DPRINT1("SMSS: Did not detach from Session Space: SessionId=%x Flags=%x Status=%x\n",
                     AttachedSessionId,
                     Flags | SMP_DEFERRED_FLAG,
                     Status);
         }
         else
         {
             /* Now detach from the session */
             Status = NtSetSystemInformation(SystemSessionDetach,
                                             &AttachedSessionId,
                                             sizeof(AttachedSessionId));
             if (!NT_SUCCESS(Status))
             {
                 /* Failed to detach. Note the DPRINT1 has a typo in Windows */
                 DPRINT1("SMSS: SmpStartCsr, Couldn't Detach from Session Space. Status=%x\n", Status);
                 ASSERT(NT_SUCCESS(Status));
             }
             else
             {
                 /* Detachment worked, reset our attached session ID */
                 AttachedSessionId = -1;
             }
 
             /* And release the privilege we acquired */
             SmpReleasePrivilege(State);
         }
     }
 
     /* Since this is the failure path, terminate the subsystem process */
     NtTerminateProcess(ProcessInformation.ProcessHandle, Status);
     NtClose(ProcessInformation.ThreadHandle);
 
 Quickie2:
     /* This is the cleanup path -- first dereference our subsystems */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
     if (Subsystem) SmpDereferenceSubsystem(Subsystem);
     if (KnownSubsystem) SmpDereferenceSubsystem(KnownSubsystem);
 
     /* In the failure case, destroy the new subsystem we just created */
     if (!NT_SUCCESS(Status))
     {
         RemoveEntryList(&NewSubsystem->Entry);
         NtSetEvent(NewSubsystem->Event, NULL);
         SmpDereferenceSubsystem(NewSubsystem);
     }
 
     /* Finally, we're all done! */
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
     return Status;
 }

Referenced by SmpExecuteCommand().

◆ SmpLoadSubSystemsForMuSession()

NTSTATUS NTAPI SmpLoadSubSystemsForMuSession	(	IN PULONG	MuSessionId,
		OUT PHANDLE	ProcessId,
		IN PUNICODE_STRING	InitialCommand
	)

Definition at line 510 of file smsubsys.c.

 {
     NTSTATUS Status = STATUS_SUCCESS, Status2;
     PSMP_REGISTRY_VALUE RegEntry;
     UNICODE_STRING DestinationString, NtPath;
     PLIST_ENTRY NextEntry;
     LARGE_INTEGER Timeout;
     PVOID State;
 
     /* Write a few last registry keys with the boot partition information */
     SmpTranslateSystemPartitionInformation();
 
     /* Process "SetupExecute" values */
     NextEntry = SmpSetupExecuteList.Flink;
     while (NextEntry != &SmpSetupExecuteList)
     {
         /* Execute each one and move on */
         RegEntry = CONTAINING_RECORD(NextEntry, SMP_REGISTRY_VALUE, Entry);
         SmpExecuteCommand(&RegEntry->Name, 0, NULL, 0);
         NextEntry = NextEntry->Flink;
     }
 
     /* Now process the subsystems */
     NextEntry = SmpSubSystemList.Flink;
     while (NextEntry != &SmpSubSystemList)
     {
         /* Get the entry and check if this is the special Win32k entry */
         RegEntry = CONTAINING_RECORD(NextEntry, SMP_REGISTRY_VALUE, Entry);
         if (_wcsicmp(RegEntry->Name.Buffer, L"Kmode") == 0)
         {
             /* Translate it */
             if (!RtlDosPathNameToNtPathName_U(RegEntry->Value.Buffer,
                                               &NtPath,
                                               NULL,
                                               NULL))
             {
                 Status = STATUS_OBJECT_PATH_SYNTAX_BAD;
                 DPRINT1("Failed: %lx\n", Status);
             }
             else
             {
                 /* Get the driver privilege */
                 Status = SmpAcquirePrivilege(SE_LOAD_DRIVER_PRIVILEGE, &State);
                 if (NT_SUCCESS(Status))
                 {
                     /* Create the new session */
                     ASSERT(AttachedSessionId == -1);
                     Status = NtSetSystemInformation(SystemSessionCreate,
                                                     MuSessionId,
                                                     sizeof(*MuSessionId));
                     if (!NT_SUCCESS(Status))
                     {
                         DPRINT1("SMSS: Session space creation failed\n");
                         SmpReleasePrivilege(State);
                         RtlFreeHeap(RtlGetProcessHeap(), 0, NtPath.Buffer);
                         return Status;
                     }
                     AttachedSessionId = *MuSessionId;
 
                     /*
                      * Start Win32k.sys on this session. Use a hardcoded value
                      * instead of the Kmode one...
                      */
                     RtlInitUnicodeString(&DestinationString,
                                          L"\\SystemRoot\\System32\\win32k.sys");
                     Status = NtSetSystemInformation(SystemExtendServiceTableInformation,
                                                     &DestinationString,
                                                     sizeof(DestinationString));
                     RtlFreeHeap(RtlGetProcessHeap(), 0, NtPath.Buffer);
                     SmpReleasePrivilege(State);
                     if (!NT_SUCCESS(Status))
                     {
                         DPRINT1("SMSS: Load of WIN32K failed.\n");
                         return Status;
                     }
                 }
             }
         }
 
         /* Next entry */
         NextEntry = NextEntry->Flink;
     }
 
     /* Now parse the required subsystem list */
     NextEntry = SmpSubSystemsToLoad.Flink;
     while (NextEntry != &SmpSubSystemsToLoad)
     {
         /* Get each entry and check if it's the internal debug or not */
         RegEntry = CONTAINING_RECORD(NextEntry, SMP_REGISTRY_VALUE, Entry);
         if (_wcsicmp(RegEntry->Name.Buffer, L"Debug") == 0)
         {
             /* Load the internal debug system */
             Status = SmpExecuteCommand(&RegEntry->Value,
                                        *MuSessionId,
                                        ProcessId,
                                        SMP_DEBUG_FLAG | SMP_SUBSYSTEM_FLAG);
         }
         else
         {
             /* Load the required subsystem */
             Status = SmpExecuteCommand(&RegEntry->Value,
                                        *MuSessionId,
                                        ProcessId,
                                        SMP_SUBSYSTEM_FLAG);
         }
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("SMSS: Subsystem execute failed (%wZ)\n", &RegEntry->Value);
             return Status;
         }
 
         /* Move to the next entry */
         NextEntry = NextEntry->Flink;
     }
 
     /* Process the "Execute" list now */
     NextEntry = SmpExecuteList.Blink;
     if (NextEntry != &SmpExecuteList)
     {
         /* Get the custom initial command */
         RegEntry = CONTAINING_RECORD(NextEntry, SMP_REGISTRY_VALUE, Entry);
 
         /* Write the initial command and wait for 5 seconds (why??!) */
         *InitialCommand = RegEntry->Name;
         Timeout.QuadPart = -50000000;
         NtDelayExecution(FALSE, &Timeout);
     }
     else
     {
         /* Use the default Winlogon initial command */
         RtlInitUnicodeString(InitialCommand, L"winlogon.exe");
         InitialCommandBuffer[0] = UNICODE_NULL;
 
         /* Check if there's a debugger for Winlogon */
         Status2 = LdrQueryImageFileExecutionOptions(InitialCommand,
                                                     L"Debugger",
                                                     REG_SZ,
                                                     InitialCommandBuffer,
                                                     sizeof(InitialCommandBuffer) -
                                                     InitialCommand->Length,
                                                     NULL);
         if ((NT_SUCCESS(Status2)) && (InitialCommandBuffer[0]))
         {
             /* Put the debugger string with the Winlogon string */
             RtlStringCbCatW(InitialCommandBuffer, sizeof(InitialCommandBuffer), L" ");
             RtlStringCbCatW(InitialCommandBuffer, sizeof(InitialCommandBuffer), InitialCommand->Buffer);
             RtlInitUnicodeString(InitialCommand, InitialCommandBuffer);
         }
     }
 
     /* Finally check if there was a custom initial command */
     NextEntry = SmpExecuteList.Flink;
     while (NextEntry != &SmpExecuteList)
     {
         /* Execute each one */
         RegEntry = CONTAINING_RECORD(NextEntry, SMP_REGISTRY_VALUE, Entry);
         SmpExecuteCommand(&RegEntry->Name, *MuSessionId, NULL, 0);
         NextEntry = NextEntry->Flink;
     }
 
     /* Return status */
     return Status;
 }

Referenced by SmpLoadDataFromRegistry(), and SmpStartCsr().

◆ SmpLocateKnownSubSysByCid()

PSMP_SUBSYSTEM NTAPI SmpLocateKnownSubSysByCid ( IN PCLIENT_ID ClientId )

Definition at line 68 of file smsubsys.c.

 {
     PSMP_SUBSYSTEM Subsystem = NULL;
     PLIST_ENTRY NextEntry;
 
     /* Lock the subsystem database */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
 
     /* Loop each subsystem in the database */
     NextEntry = SmpKnownSubSysHead.Flink;
     while (NextEntry != &SmpKnownSubSysHead)
     {
         /* Check if this one matches the client ID and is still valid */
         Subsystem = CONTAINING_RECORD(NextEntry, SMP_SUBSYSTEM, Entry);
         if ((*(PULONGLONG)&Subsystem->ClientId == *(PULONGLONG)ClientId) &&
             !(Subsystem->Terminating))
         {
             /* Add a reference and return it */
             Subsystem->ReferenceCount++;
             break;
         }
 
         /* Reset the current pointer and keep searching */
         Subsystem = NULL;
         NextEntry = NextEntry->Flink;
     }
 
     /* Release the lock and return the subsystem we found */
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
     return Subsystem;
 }

Referenced by SmpHandleConnectionRequest().

◆ SmpLocateKnownSubSysByType()

PSMP_SUBSYSTEM NTAPI SmpLocateKnownSubSysByType	(	IN ULONG	MuSessionId,
		IN ULONG	ImageType
	)

Definition at line 102 of file smsubsys.c.

 {
     PSMP_SUBSYSTEM Subsystem = NULL;
     PLIST_ENTRY NextEntry;
 
     /* Lock the subsystem database */
     RtlEnterCriticalSection(&SmpKnownSubSysLock);
 
     /* Loop each subsystem in the database */
     NextEntry = SmpKnownSubSysHead.Flink;
     while (NextEntry != &SmpKnownSubSysHead)
     {
         /* Check if this one matches the image and uID, and is still valid */
         Subsystem = CONTAINING_RECORD(NextEntry, SMP_SUBSYSTEM, Entry);
         if ((Subsystem->ImageType == ImageType) &&
             !(Subsystem->Terminating) &&
             (Subsystem->MuSessionId == MuSessionId))
         {
             /* Return it referenced for the caller */
             Subsystem->ReferenceCount++;
             break;
         }
 
         /* Reset the current pointer and keep searching */
         Subsystem = NULL;
         NextEntry = NextEntry->Flink;
     }
 
     /* Release the lock and return the subsystem we found */
     RtlLeaveCriticalSection(&SmpKnownSubSysLock);
     return Subsystem;
 }

Referenced by SmpHandleConnectionRequest(), SmpLoadSubSystem(), and SmpSbCreateSession().

◆ SmpPagingFileInitialize()

VOID NTAPI SmpPagingFileInitialize ( VOID )

Definition at line 130 of file pagefile.c.

 {
     /* Initialize the two lists */
     InitializeListHead(&SmpPagingFileDescriptorList);
     InitializeListHead(&SmpVolumeDescriptorList);
 }

Referenced by SmpLoadDataFromRegistry().

◆ SmpParseCommandLine()

NTSTATUS NTAPI SmpParseCommandLine	(	IN PUNICODE_STRING	CommandLine,
		OUT PULONG	Flags,
		OUT PUNICODE_STRING	FileName,
		OUT PUNICODE_STRING	Directory,
		OUT PUNICODE_STRING	Arguments
	)

Definition at line 233 of file smutil.c.

 {
     ULONG Length;
     UNICODE_STRING EnvString, PathString, CmdLineCopy, Token;
     WCHAR PathBuffer[MAX_PATH];
     PWCHAR FilePart;
     NTSTATUS Status;
     UNICODE_STRING FullPathString;
 
     /* Initialize output arguments to NULL */
     RtlInitUnicodeString(FileName, NULL);
     RtlInitUnicodeString(Arguments, NULL);
     if (Directory) RtlInitUnicodeString(Directory, NULL);
 
     /* Check if we haven't yet built a full default path or system root yet */
     if (!SmpSystemRoot.Length)
     {
         /* Initialize it based on shared user data string */
         RtlInitUnicodeString(&SmpSystemRoot, SharedUserData->NtSystemRoot);
 
         /* Allocate an empty string for the path */
         Length = SmpDefaultLibPath.MaximumLength + SmpSystemRoot.MaximumLength +
                  sizeof(L"\\system32;");
         RtlInitEmptyUnicodeString(&FullPathString,
                                   RtlAllocateHeap(SmpHeap, SmBaseTag, Length),
                                   (USHORT)Length);
         if (FullPathString.Buffer)
         {
             /* Append the root, system32;, and then the current library path */
             RtlAppendUnicodeStringToString(&FullPathString, &SmpSystemRoot);
             RtlAppendUnicodeToString(&FullPathString, L"\\system32;");
             RtlAppendUnicodeStringToString(&FullPathString, &SmpDefaultLibPath);
             RtlFreeHeap(SmpHeap, 0, SmpDefaultLibPath.Buffer);
             SmpDefaultLibPath = FullPathString;
         }
     }
 
     /* Consume the command line */
     CmdLineCopy = *CommandLine;
     while (TRUE)
     {
         /* Parse the first token and check for modifiers/specifiers */
         Status = SmpParseToken(&CmdLineCopy, FALSE, &Token);
         if (!(NT_SUCCESS(Status)) || !(Token.Buffer)) return STATUS_UNSUCCESSFUL;
         if (!Flags) break;
 
         /* Debug requested? */
         if (RtlEqualUnicodeString(&Token, &SmpDebugKeyword, TRUE))
         {
             /* Convert into a flag */
             *Flags |= SMP_DEBUG_FLAG;
         }
         else if (RtlEqualUnicodeString(&Token, &SmpASyncKeyword, TRUE))
         {
             /* Asynch requested, convert into a flag */
             *Flags |= SMP_ASYNC_FLAG;
         }
         else if (RtlEqualUnicodeString(&Token, &SmpAutoChkKeyword, TRUE))
         {
             /* Autochk requested, convert into a flag */
             *Flags |= SMP_AUTOCHK_FLAG;
         }
         else
         {
             /* No specifier found, keep going */
             break;
         }
 
         /* Get rid of this token and get the next */
         RtlFreeHeap(SmpHeap, 0, Token.Buffer);
     }
 
     /* Initialize a string to hold the current path */
     RtlInitUnicodeString(&EnvString, L"Path");
     Length = PAGE_SIZE;
     RtlInitEmptyUnicodeString(&PathString,
                               RtlAllocateHeap(SmpHeap, SmBaseTag, Length),
                               (USHORT)Length);
     if (!PathString.Buffer)
     {
         /* Fail if we have no memory for this */
         RtlFreeHeap(SmpHeap, 0, Token.Buffer);
         return STATUS_INSUFFICIENT_RESOURCES;
     }
 
     /* Query the path from the environment */
     Status = RtlQueryEnvironmentVariable_U(SmpDefaultEnvironment,
                                            &EnvString,
                                            &PathString);
     if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         /* Our buffer was too small, free it */
         RtlFreeHeap(SmpHeap, 0, PathString.Buffer);
 
         /* And allocate one big enough */
         Length = PathString.Length + sizeof(UNICODE_NULL);
         RtlInitEmptyUnicodeString(&PathString,
                                   RtlAllocateHeap(SmpHeap, SmBaseTag, Length),
                                   (USHORT)Length);
         if (!PathString.Buffer)
         {
             /* Fail if we have no memory for this */
             RtlFreeHeap(SmpHeap, 0, Token.Buffer);
             return STATUS_INSUFFICIENT_RESOURCES;
         }
 
         /* Now try again, this should work */
         Status = RtlQueryEnvironmentVariable_U(SmpDefaultEnvironment,
                                                &EnvString,
                                                &PathString);
     }
     if (!NT_SUCCESS(Status))
     {
         /* Another failure means that the kernel hasn't passed the path correctly */
         DPRINT1("SMSS: %wZ environment variable not defined.\n", &EnvString);
         Status = STATUS_OBJECT_NAME_NOT_FOUND;
     }
     else
     {
         /* Check if the caller expects any flags out of here */
         if (Flags)
         {
             /* We can return the image not found flag -- so does the image exist */
             if (!(RtlDosSearchPath_U(PathString.Buffer,
                                      Token.Buffer,
                                      L".exe",
                                      sizeof(PathBuffer),
                                      PathBuffer,
                                      &FilePart)) &&
                 !(RtlDosSearchPath_U(SmpDefaultLibPath.Buffer,
                                      Token.Buffer,
                                      L".exe",
                                      sizeof(PathBuffer),
                                      PathBuffer,
                                      &FilePart)))
             {
                 /* It doesn't, let the caller know about it and exit */
                 *Flags |= SMP_INVALID_PATH;
                 *FileName = Token;
                 RtlFreeHeap(SmpHeap, 0, PathString.Buffer);
                 return STATUS_SUCCESS;
             }
         }
         else
         {
             /* Caller doesn't want flags, probably wants the image itself */
             RtlStringCbCopyW(PathBuffer, sizeof(PathBuffer), Token.Buffer);
         }
     }
 
     /* Free tokens and such, all that's left is to convert the image name */
     RtlFreeHeap(SmpHeap, 0, Token.Buffer);
     RtlFreeHeap(SmpHeap, 0, PathString.Buffer);
     if (!NT_SUCCESS(Status)) return Status;
 
     /* Convert it and bail out if this failed */
     if (!RtlDosPathNameToNtPathName_U(PathBuffer, FileName, NULL, NULL))
     {
         DPRINT1("SMSS: Unable to translate %ws into an NT File Name\n",
                 &PathBuffer);
         Status = STATUS_OBJECT_PATH_INVALID;
     }
     if (!NT_SUCCESS(Status)) return Status;
 
     /* Finally, check if the caller also wanted the directory */
     if (Directory)
     {
         /* Is the file a relative name with no directory? */
         if (FilePart <= PathBuffer)
         {
             /* Clear it */
             RtlInitUnicodeString(Directory, NULL);
         }
         else
         {
             /* There is a directory, and a filename -- separate those two */
             *--FilePart = UNICODE_NULL;
             RtlCreateUnicodeString(Directory, PathBuffer);
         }
     }
 
     /* We are done -- move on to the second pass to get the arguments */
     return SmpParseToken(&CmdLineCopy, TRUE, Arguments);
 }

Referenced by SmpCreatePagingFileDescriptor(), SmpExecuteCommand(), and SmpExecuteInitialCommand().

◆ SmpQueryRegistrySosOption()

BOOLEAN NTAPI SmpQueryRegistrySosOption ( VOID )

Definition at line 424 of file smutil.c.

 {
     NTSTATUS Status;
     UNICODE_STRING KeyName, ValueName;
     OBJECT_ATTRIBUTES ObjectAttributes;
     HANDLE KeyHandle;
     ULONG Length;
     WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
     PKEY_VALUE_PARTIAL_INFORMATION PartialInfo = (PVOID)ValueBuffer;
 
     /* Open the key */
     RtlInitUnicodeString(&KeyName,
                          L"\\Registry\\Machine\\System\\CurrentControlSet\\Control");
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     Status = NtOpenKey(&KeyHandle, KEY_READ, &ObjectAttributes);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Cannot open control key (Status 0x%x)\n", Status);
         return FALSE;
     }
 
     /* Query the value */
     RtlInitUnicodeString(&ValueName, L"SystemStartOptions");
     Status = NtQueryValueKey(KeyHandle,
                              &ValueName,
                              KeyValuePartialInformation,
                              PartialInfo,
                              sizeof(ValueBuffer),
                              &Length);
     ASSERT(Length < VALUE_BUFFER_SIZE);
     NtClose(KeyHandle);
     if (!NT_SUCCESS(Status) ||
         ((PartialInfo->Type != REG_SZ) && (PartialInfo->Type != REG_EXPAND_SZ)))
     {
         DPRINT1("SMSS: Cannot query value key (Type %lu, Status 0x%x)\n",
                 PartialInfo->Type, Status);
         return FALSE;
     }
 
     /* Check if it's set to SOS or sos */
     if (!(wcsstr((PWCHAR)PartialInfo->Data, L"SOS")) ||
          (wcsstr((PWCHAR)PartialInfo->Data, L"sos")))
     {
         /* It's not set, return FALSE */
         return FALSE;
     }
 
     /* It's set, return TRUE */
     return TRUE;
 }

Referenced by SmpInvokeAutoChk().

◆ SmpReleasePrivilege()

VOID NTAPI SmpReleasePrivilege ( IN PVOID State )

Definition at line 129 of file smutil.c.

 {
     PSMP_PRIVILEGE_STATE State = (PSMP_PRIVILEGE_STATE)PrivState;
 
     /* Adjust the privileges in the token */
     NtAdjustPrivilegesToken(State->TokenHandle,
                             FALSE,
                             State->OldPrivileges,
                             0,
                             NULL,
                             NULL);
 
     /* Check if we used a dynamic buffer */
     if (State->OldPrivileges != (PTOKEN_PRIVILEGES)&State->OldBuffer)
     {
         /* Free it */
         RtlFreeHeap(SmpHeap, 0, State->OldPrivileges);
     }
 
     /* Close the token handle and free the state structure */
     NtClose(State->TokenHandle);
     RtlFreeHeap(SmpHeap, 0, State);
 }

Referenced by _main(), SmpLoadSubSystem(), and SmpLoadSubSystemsForMuSession().

◆ SmpRestoreBootStatusData()

VOID NTAPI SmpRestoreBootStatusData	(	IN BOOLEAN	BootOkay,
		IN BOOLEAN	ShutdownOkay
	)

Definition at line 531 of file smutil.c.

 {
     NTSTATUS Status;
     PVOID BootState;
 
     /* Lock the BSD */
     Status = RtlLockBootStatusData(&BootState);
     if (NT_SUCCESS(Status))
     {
         /* Write the bootokay and bootshutdown values */
         RtlGetSetBootStatusData(BootState,
                                 FALSE,
                                 RtlBsdItemBootGood,
                                 &BootOkay,
                                 sizeof(BootOkay),
                                 NULL);
         RtlGetSetBootStatusData(BootState,
                                 FALSE,
                                 RtlBsdItemBootShutdown,
                                 &ShutdownOkay,
                                 sizeof(ShutdownOkay),
                                 NULL);
 
         /* Unlock the BSD and return */
         RtlUnlockBootStatusData(BootState);
     }
 }

Referenced by SmpInvokeAutoChk().

◆ SmpSaveAndClearBootStatusData()

BOOLEAN NTAPI SmpSaveAndClearBootStatusData	(	OUT PBOOLEAN	BootOkay,
		OUT PBOOLEAN	ShutdownOkay
	)

Definition at line 481 of file smutil.c.

 {
     NTSTATUS Status;
     BOOLEAN Value = TRUE;
     PVOID BootStatusDataHandle;
 
     /* Assume failure */
     *BootOkay = FALSE;
     *ShutdownOkay = FALSE;
 
     /* Lock the BSD and fail if we couldn't */
     Status = RtlLockBootStatusData(&BootStatusDataHandle);
     if (!NT_SUCCESS(Status)) return FALSE;
 
     /* Read the old settings */
     RtlGetSetBootStatusData(BootStatusDataHandle,
                             TRUE,
                             RtlBsdItemBootGood,
                             BootOkay,
                             sizeof(BOOLEAN),
                             NULL);
     RtlGetSetBootStatusData(BootStatusDataHandle,
                             TRUE,
                             RtlBsdItemBootShutdown,
                             ShutdownOkay,
                             sizeof(BOOLEAN),
                             NULL);
 
     /* Set new ones indicating we got at least this far */
     RtlGetSetBootStatusData(BootStatusDataHandle,
                             FALSE,
                             RtlBsdItemBootGood,
                             &Value,
                             sizeof(Value),
                             NULL);
     RtlGetSetBootStatusData(BootStatusDataHandle,
                             FALSE,
                             RtlBsdItemBootShutdown,
                             &Value,
                             sizeof(Value),
                             NULL);
 
     /* Unlock the BSD and return */
     RtlUnlockBootStatusData(BootStatusDataHandle);
     return TRUE;
 }

Referenced by SmpInvokeAutoChk().

◆ SmpSbCreateSession()

NTSTATUS NTAPI SmpSbCreateSession	(	IN PVOID	Reserved,
		IN PSMP_SUBSYSTEM	OtherSubsystem,
		IN PRTL_USER_PROCESS_INFORMATION	ProcessInformation,
		IN ULONG	DbgSessionId,
		IN PCLIENT_ID	DbgUiClientId
	)

Definition at line 36 of file smsbapi.c.

 {
     NTSTATUS Status;
     ULONG SubSystemType = ProcessInformation->ImageInformation.SubSystemType;
     ULONG MuSessionId;
     ULONG SessionId;
     PSMP_SUBSYSTEM KnownSubsys;
     SB_API_MSG SbApiMsg = {0};
     PSB_CREATE_SESSION_MSG CreateSessionMsg = &SbApiMsg.u.CreateSession;
 
     /* Write out the create session message including its initial process */
     CreateSessionMsg->ProcessInfo = *ProcessInformation;
     CreateSessionMsg->DbgSessionId = DbgSessionId;
     if (DbgUiClientId)
     {
         CreateSessionMsg->DbgUiClientId = *DbgUiClientId;
     }
     else
     {
         CreateSessionMsg->DbgUiClientId.UniqueThread = NULL;
         CreateSessionMsg->DbgUiClientId.UniqueProcess = NULL;
     }
 
     /* Find a subsystem responsible for this session */
     SmpGetProcessMuSessionId(ProcessInformation->ProcessHandle, &MuSessionId);
     if (!SmpCheckDuplicateMuSessionId(MuSessionId))
     {
         NtClose(ProcessInformation->ProcessHandle);
         NtClose(ProcessInformation->ThreadHandle);
         DPRINT1("SMSS: CreateSession status=%x\n", STATUS_OBJECT_NAME_NOT_FOUND);
         return STATUS_OBJECT_NAME_NOT_FOUND;
     }
 
     /* Find the subsystem suitable for this initial process */
     KnownSubsys = SmpLocateKnownSubSysByType(MuSessionId, SubSystemType);
     if (KnownSubsys)
     {
         /* Duplicate the process handle into the message */
         Status = NtDuplicateObject(NtCurrentProcess(),
                                    ProcessInformation->ProcessHandle,
                                    KnownSubsys->ProcessHandle,
                                    &CreateSessionMsg->ProcessInfo.ProcessHandle,
                                    PROCESS_ALL_ACCESS,
                                    0,
                                    0);
         if (NT_SUCCESS(Status))
         {
             /* Duplicate the thread handle into the message */
             Status = NtDuplicateObject(NtCurrentProcess(),
                                        ProcessInformation->ThreadHandle,
                                        KnownSubsys->ProcessHandle,
                                        &CreateSessionMsg->ProcessInfo.ThreadHandle,
                                        THREAD_ALL_ACCESS,
                                        0,
                                        0);
             if (!NT_SUCCESS(Status))
             {
                 /* Close everything on failure */
                 NtClose(ProcessInformation->ProcessHandle);
                 NtClose(ProcessInformation->ThreadHandle);
                 SmpDereferenceSubsystem(KnownSubsys);
                 DPRINT1("SmpSbCreateSession: NtDuplicateObject (Thread) Failed %lx\n", Status);
                 return Status;
             }
 
             /* Close the original handles as they are no longer needed */
             NtClose(ProcessInformation->ProcessHandle);
             NtClose(ProcessInformation->ThreadHandle);
 
             /* Finally, allocate a new SMSS session ID for this session */
             SessionId = SmpAllocateSessionId(KnownSubsys, OtherSubsystem);
             CreateSessionMsg->SessionId = SessionId;
 
             /* Fill out the LPC message header and send it to the client! */
             SbApiMsg.ApiNumber = SbpCreateSession;
             SbApiMsg.h.u2.ZeroInit = 0;
             SbApiMsg.h.u1.s1.DataLength = sizeof(SB_CREATE_SESSION_MSG) + 8;
             SbApiMsg.h.u1.s1.TotalLength = sizeof(SbApiMsg);
             Status = NtRequestWaitReplyPort(KnownSubsys->SbApiPort,
                                             &SbApiMsg.h,
                                             &SbApiMsg.h);
             if (!NT_SUCCESS(Status))
             {
                 /* Bail out */
                 DPRINT1("SmpSbCreateSession: NtRequestWaitReply Failed %lx\n", Status);
             }
             else
             {
                 /* If the API succeeded, get the result value from the LPC */
                 Status = SbApiMsg.ReturnValue;
             }
 
             /* Delete the session on any kind of failure */
             if (!NT_SUCCESS(Status)) SmpDeleteSession(SessionId);
         }
         else
         {
             /* Close the handles on failure */
             DPRINT1("SmpSbCreateSession: NtDuplicateObject (Process) Failed %lx\n", Status);
             NtClose(ProcessInformation->ProcessHandle);
             NtClose(ProcessInformation->ThreadHandle);
         }
 
         /* Dereference the subsystem and return the status of the LPC call */
         SmpDereferenceSubsystem(KnownSubsys);
         return Status;
     }
 
     /* If we don't yet have a subsystem, only native images can be launched */
     if (SubSystemType != IMAGE_SUBSYSTEM_NATIVE)
     {
         /* Fail */
 #if DBG
         PCSTR SubSysName = NULL;
         CHAR SubSysTypeName[sizeof("Type 0x")+8];
 
         if (SubSystemType < RTL_NUMBER_OF(SmpSubSystemNames))
             SubSysName = SmpSubSystemNames[SubSystemType];
         if (!SubSysName)
         {
             SubSysName = SubSysTypeName;
             sprintf(SubSysTypeName, "Type 0x%08lx", SubSystemType);
         }
         DPRINT1("SMSS: %s SubSystem not found (either not started or destroyed).\n", SubSysName);
 #endif
         Status = STATUS_UNSUCCESSFUL;
         NtClose(ProcessInformation->ProcessHandle);
         NtClose(ProcessInformation->ThreadHandle);
         return Status;
     }
 
 #if 0
     /*
      * This code is part of the LPC-based legacy debugging support for native
      * applications, implemented with the debug client interface (DbgUi) and
      * debug subsystem (DbgSs). It is now vestigial since WinXP+ and is here
      * for informational purposes only.
      */
     if ((*(ULONGLONG)&CreateSessionMsg.DbgUiClientId) && SmpDbgSsLoaded)
     {
         Process = RtlAllocateHeap(SmpHeap, SmBaseTag, sizeof(SMP_PROCESS));
         if (!Process)
         {
             DPRINT1("Unable to initialize debugging for Native App %lx.%lx -- out of memory\n",
                     ProcessInformation->ClientId.UniqueProcess,
                     ProcessInformation->ClientId.UniqueThread);
             NtClose(ProcessInformation->ProcessHandle);
             NtClose(ProcessInformation->ThreadHandle);
             return STATUS_NO_MEMORY;
         }
 
         Process->DbgUiClientId = CreateSessionMsg->DbgUiClientId;
         Process->ClientId = ProcessInformation->ClientId;
         InsertHeadList(&NativeProcessList, &Process->Entry);
         DPRINT1("Native Debug App %lx.%lx\n",
                 Process->ClientId.UniqueProcess,
                 Process->ClientId.UniqueThread);
 
         Status = NtSetInformationProcess(ProcessInformation->ProcessHandle,
                                          ProcessDebugPort,
                                          &SmpDebugPort,
                                          sizeof(SmpDebugPort));
         ASSERT(NT_SUCCESS(Status));
     }
 #endif
 
     /* This is a native application being started as the initial command */
     DPRINT("Subsystem active, starting thread\n");
     NtClose(ProcessInformation->ProcessHandle);
     NtResumeThread(ProcessInformation->ThreadHandle, NULL);
     NtClose(ProcessInformation->ThreadHandle);
     return STATUS_SUCCESS;
 }

Referenced by SmpExecPgm().

◆ SmpSetProcessMuSessionId()

NTSTATUS NTAPI SmpSetProcessMuSessionId	(	IN HANDLE	ProcessHandle,
		IN ULONG	SessionId
	)

Definition at line 199 of file smsessn.c.

 {
     NTSTATUS Status;
 
     /* Tell the kernel about the session ID */
     Status = NtSetInformationProcess(ProcessHandle,
                                      ProcessSessionInformation,
                                      &SessionId,
                                      sizeof(SessionId));
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: SetProcessMuSessionId, Process=%p, Status=%x\n",
                 ProcessHandle, Status);
     }
 
     /* Return */
     return Status;
 }

Referenced by SmpExecuteImage().

◆ SmpTerminate()

NTSTATUS NTAPI SmpTerminate	(	IN PULONG_PTR	Parameters,
		IN ULONG	ParameterMask,
		IN ULONG	ParameterCount
	)

Definition at line 374 of file smss.c.

 {
     NTSTATUS Status;
     BOOLEAN Old;
     ULONG Response;
 
     /* Give the shutdown privilege to the thread */
     if (RtlAdjustPrivilege(SE_SHUTDOWN_PRIVILEGE, TRUE, TRUE, &Old) ==
         STATUS_NO_TOKEN)
     {
         /* Thread doesn't have a token, give it to the entire process */
         RtlAdjustPrivilege(SE_SHUTDOWN_PRIVILEGE, TRUE, FALSE, &Old);
     }
 
     /* Take down the process/machine with a hard error */
     Status = NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED,
                               ParameterCount,
                               ParameterMask,
                               Parameters,
                               OptionShutdownSystem,
                               &Response);
 
     /* Terminate the process if the hard error didn't already */
     return NtTerminateProcess(NtCurrentProcess(), Status);
 }

Referenced by _main(), SmpInitializeKnownDllsInternal(), and SmpUnhandledExceptionFilter().

◆ SmpTranslateSystemPartitionInformation()

VOID NTAPI SmpTranslateSystemPartitionInformation ( VOID )

Definition at line 811 of file sminit.c.

 {
     NTSTATUS Status;
     UNICODE_STRING UnicodeString, LinkTarget, SearchString, SystemPartition;
     OBJECT_ATTRIBUTES ObjectAttributes;
     HANDLE KeyHandle, LinkHandle;
     ULONG Length, Context;
     size_t StrLength;
     WCHAR LinkBuffer[MAX_PATH];
     CHAR ValueBuffer[sizeof(KEY_VALUE_PARTIAL_INFORMATION) + 512];
     PKEY_VALUE_PARTIAL_INFORMATION PartialInfo = (PVOID)ValueBuffer;
     CHAR DirInfoBuffer[sizeof(OBJECT_DIRECTORY_INFORMATION) + 512];
     POBJECT_DIRECTORY_INFORMATION DirInfo = (PVOID)DirInfoBuffer;
 
     /* Open the setup key */
     RtlInitUnicodeString(&UnicodeString, L"\\Registry\\Machine\\System\\Setup");
     InitializeObjectAttributes(&ObjectAttributes,
                                &UnicodeString,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     Status = NtOpenKey(&KeyHandle, KEY_READ, &ObjectAttributes);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Cannot open system setup key for reading: 0x%x\n", Status);
         return;
     }
 
     /* Query the system partition */
     RtlInitUnicodeString(&UnicodeString, L"SystemPartition");
     Status = NtQueryValueKey(KeyHandle,
                              &UnicodeString,
                              KeyValuePartialInformation,
                              PartialInfo,
                              sizeof(ValueBuffer),
                              &Length);
     NtClose(KeyHandle);
     if (!NT_SUCCESS(Status) ||
         ((PartialInfo->Type != REG_SZ) && (PartialInfo->Type != REG_EXPAND_SZ)))
     {
         DPRINT1("SMSS: Cannot query SystemPartition value (Type %lu, Status 0x%x)\n",
                 PartialInfo->Type, Status);
         return;
     }
 
     /* Initialize the system partition string */
     RtlInitEmptyUnicodeString(&SystemPartition,
                               (PWCHAR)PartialInfo->Data,
                               PartialInfo->DataLength);
     RtlStringCbLengthW(SystemPartition.Buffer,
                        SystemPartition.MaximumLength,
                        &StrLength);
     SystemPartition.Length = (USHORT)StrLength;
 
     /* Enumerate the directory looking for the symbolic link string */
     RtlInitUnicodeString(&SearchString, L"SymbolicLink");
     RtlInitEmptyUnicodeString(&LinkTarget, LinkBuffer, sizeof(LinkBuffer));
     Status = NtQueryDirectoryObject(SmpDosDevicesObjectDirectory,
                                     DirInfo,
                                     sizeof(DirInfoBuffer),
                                     TRUE,
                                     TRUE,
                                     &Context,
                                     NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Cannot find drive letter for system partition\n");
         return;
     }
 
     /* Keep searching until we find it */
     do
     {
         /* Is this it? */
         if ((RtlEqualUnicodeString(&DirInfo->TypeName, &SearchString, TRUE)) &&
             (DirInfo->Name.Length == 2 * sizeof(WCHAR)) &&
             (DirInfo->Name.Buffer[1] == L':'))
         {
             /* Looks like we found it, open the link to get its target */
             InitializeObjectAttributes(&ObjectAttributes,
                                        &DirInfo->Name,
                                        OBJ_CASE_INSENSITIVE,
                                        SmpDosDevicesObjectDirectory,
                                        NULL);
             Status = NtOpenSymbolicLinkObject(&LinkHandle,
                                               SYMBOLIC_LINK_ALL_ACCESS,
                                               &ObjectAttributes);
             if (NT_SUCCESS(Status))
             {
                 /* Open worked, query the target now */
                 Status = NtQuerySymbolicLinkObject(LinkHandle,
                                                    &LinkTarget,
                                                    NULL);
                 NtClose(LinkHandle);
 
                 /* Check if it matches the string we had found earlier */
                 if ((NT_SUCCESS(Status)) &&
                     ((RtlEqualUnicodeString(&SystemPartition,
                                             &LinkTarget,
                                             TRUE)) ||
                     ((RtlPrefixUnicodeString(&SystemPartition,
                                              &LinkTarget,
                                              TRUE)) &&
                      (LinkTarget.Buffer[SystemPartition.Length / sizeof(WCHAR)] == L'\\'))))
                 {
                     /* All done */
                     break;
                 }
             }
         }
 
         /* Couldn't find it, try again */
         Status = NtQueryDirectoryObject(SmpDosDevicesObjectDirectory,
                                         DirInfo,
                                         sizeof(DirInfoBuffer),
                                         TRUE,
                                         FALSE,
                                         &Context,
                                         NULL);
     } while (NT_SUCCESS(Status));
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Cannot find drive letter for system partition\n");
         return;
     }
 
     /* Open the setup key again, for full access this time */
     RtlInitUnicodeString(&UnicodeString,
                          L"\\Registry\\Machine\\Software\\Microsoft\\Windows\\CurrentVersion\\Setup");
     InitializeObjectAttributes(&ObjectAttributes,
                                &UnicodeString,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     Status = NtOpenKey(&KeyHandle, KEY_ALL_ACCESS, &ObjectAttributes);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: Cannot open software setup key for writing: 0x%x\n",
                 Status);
         return;
     }
 
     /* Wrap up the end of the link buffer */
     wcsncpy(LinkBuffer, DirInfo->Name.Buffer, 2);
     LinkBuffer[2] = L'\\';
     LinkBuffer[3] = L'\0';
 
     /* Now set this as the "BootDir" */
     RtlInitUnicodeString(&UnicodeString, L"BootDir");
     Status = NtSetValueKey(KeyHandle,
                            &UnicodeString,
                            0,
                            REG_SZ,
                            LinkBuffer,
                            4 * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SMSS: couldn't write BootDir value: 0x%x\n", Status);
     }
     NtClose(KeyHandle);
 }

Classes

Macros

Typedefs

Functions

Variables

Macro Definition Documentation

◆ NTOS_MODE_USER

◆ SMP_ASYNC_FLAG

◆ SMP_AUTOCHK_FLAG

◆ SMP_DEBUG_FLAG

◆ SMP_DEFERRED_FLAG

◆ SMP_INVALID_PATH

◆ SMP_OS2_FLAG

◆ SMP_POSIX_FLAG

◆ SMP_SUBSYSTEM_FLAG

◆ WIN32_NO_STATUS

Typedef Documentation

◆ PSMP_REGISTRY_VALUE

◆ PSMP_SUBSYSTEM

◆ SMP_REGISTRY_VALUE

◆ SMP_SUBSYSTEM

Function Documentation

◆ SmpAcquirePrivilege()

◆ SmpAllocateSessionId()

◆ SmpApiLoop()

◆ SmpCheckDuplicateMuSessionId()

◆ SmpCheckForCrashDump()

◆ SmpCreatePagingFileDescriptor()

◆ SmpCreatePagingFiles()

◆ SmpCreateSecurityDescriptors()

◆ SmpDeleteSession()

◆ SmpDereferenceSubsystem()

◆ SmpExecuteCommand()

◆ SmpExecuteImage()

◆ SmpExecuteInitialCommand()

◆ SmpGetProcessMuSessionId()

◆ SmpInit()

◆ SmpLoadSubSystem()

◆ SmpLoadSubSystemsForMuSession()

◆ SmpLocateKnownSubSysByCid()

◆ SmpLocateKnownSubSysByType()

◆ SmpPagingFileInitialize()

◆ SmpParseCommandLine()

◆ SmpQueryRegistrySosOption()

◆ SmpReleasePrivilege()

◆ SmpRestoreBootStatusData()

◆ SmpSaveAndClearBootStatusData()

◆ SmpSbCreateSession()

◆ SmpSetProcessMuSessionId()

◆ SmpTerminate()

◆ SmpTranslateSystemPartitionInformation()