ReactOS  0.4.13-dev-235-g7373cb3
ob.h File Reference
#include "ob_x.h"
Include dependency graph for ob.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _OBP_SET_HANDLE_ATTRIBUTES_CONTEXT
 
struct  _OBP_CLOSE_HANDLE_CONTEXT
 
struct  _OBP_FIND_HANDLE_DATA
 
struct  _SECURITY_DESCRIPTOR_HEADER
 
struct  _OB_SD_CACHE_LIST
 
union  ALIGNEDNAME
 
struct  _OB_TEMP_BUFFER
 

Macros

#define _OB_DEBUG_   0x00
 
#define OB_HANDLE_DEBUG   0x01
 
#define OB_NAMESPACE_DEBUG   0x02
 
#define OB_SECURITY_DEBUG   0x04
 
#define OB_REFERENCE_DEBUG   0x08
 
#define OB_CALLBACK_DEBUG   0x10
 
#define OBTRACE(x, fmt, ...)   DPRINT(fmt, ##__VA_ARGS__)
 
#define GENERIC_ACCESS
 
#define OBJ_PROTECT_CLOSE   0x01
 
#define OBJ_AUDIT_OBJECT_CLOSE   0x04
 
#define OBJ_HANDLE_ATTRIBUTES
 
#define KERNEL_HANDLE_FLAG   0x80000000
 
#define ObpIsKernelHandle(Handle, ProcessorMode)
 
#define ObKernelHandleToHandle(Handle)   (HANDLE)((ULONG_PTR)(Handle) & ~KERNEL_HANDLE_FLAG)
 
#define ObMarkHandleAsKernelHandle(Handle)   (HANDLE)((ULONG_PTR)(Handle) | KERNEL_HANDLE_FLAG)
 
#define ObpGetHandleObject(x)   ((POBJECT_HEADER)((ULONG_PTR)x->Object & ~OBJ_HANDLE_ATTRIBUTES))
 
#define ObpGetHeaderForSd(x)   CONTAINING_RECORD((x), SECURITY_DESCRIPTOR_HEADER, SecurityDescriptor)
 
#define ObpGetHeaderForEntry(x)   CONTAINING_RECORD((x), SECURITY_DESCRIPTOR_HEADER, Link)
 
#define TAG_OB_TEMP_STORAGE   'tSbO'
 

Typedefs

typedef struct _OBP_SET_HANDLE_ATTRIBUTES_CONTEXT OBP_SET_HANDLE_ATTRIBUTES_CONTEXT
 
typedef struct _OBP_SET_HANDLE_ATTRIBUTES_CONTEXTPOBP_SET_HANDLE_ATTRIBUTES_CONTEXT
 
typedef struct _OBP_CLOSE_HANDLE_CONTEXT OBP_CLOSE_HANDLE_CONTEXT
 
typedef struct _OBP_CLOSE_HANDLE_CONTEXTPOBP_CLOSE_HANDLE_CONTEXT
 
typedef struct _OBP_FIND_HANDLE_DATA OBP_FIND_HANDLE_DATA
 
typedef struct _OBP_FIND_HANDLE_DATAPOBP_FIND_HANDLE_DATA
 
typedef struct _SECURITY_DESCRIPTOR_HEADER SECURITY_DESCRIPTOR_HEADER
 
typedef struct _SECURITY_DESCRIPTOR_HEADERPSECURITY_DESCRIPTOR_HEADER
 
typedef struct _OB_SD_CACHE_LIST OB_SD_CACHE_LIST
 
typedef struct _OB_SD_CACHE_LISTPOB_SD_CACHE_LIST
 
typedef struct _OB_TEMP_BUFFER OB_TEMP_BUFFER
 
typedef struct _OB_TEMP_BUFFERPOB_TEMP_BUFFER
 

Functions

INIT_FUNCTION BOOLEAN NTAPI ObInitSystem (VOID)
 
VOID NTAPI ObShutdownSystem (VOID)
 
BOOLEAN NTAPI ObpDeleteEntryDirectory (IN POBP_LOOKUP_CONTEXT Context)
 
BOOLEAN NTAPI ObpInsertEntryDirectory (IN POBJECT_DIRECTORY Parent, IN POBP_LOOKUP_CONTEXT Context, IN POBJECT_HEADER ObjectHeader)
 
PVOID NTAPI ObpLookupEntryDirectory (IN POBJECT_DIRECTORY Directory, IN PUNICODE_STRING Name, IN ULONG Attributes, IN UCHAR SearchShadow, IN POBP_LOOKUP_CONTEXT Context)
 
VOID NTAPI ObpDeleteSymbolicLink (IN PVOID ObjectBody)
 
NTSTATUS NTAPI ObpParseSymbolicLink (IN PVOID ParsedObject, IN PVOID ObjectType, IN OUT PACCESS_STATE AccessState, IN KPROCESSOR_MODE AccessMode, IN ULONG Attributes, IN OUT PUNICODE_STRING FullPath, IN OUT PUNICODE_STRING RemainingName, IN OUT PVOID Context OPTIONAL, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL, OUT PVOID *NextObject)
 
VOID NTAPI ObpCreateSymbolicLinkName (IN POBJECT_SYMBOLIC_LINK SymbolicLink)
 
VOID NTAPI ObpDeleteSymbolicLinkName (IN POBJECT_SYMBOLIC_LINK SymbolicLink)
 
NTSTATUS NTAPI ObInitProcess (IN PEPROCESS Parent OPTIONAL, IN PEPROCESS Process)
 
PHANDLE_TABLE NTAPI ObReferenceProcessHandleTable (IN PEPROCESS Process)
 
VOID NTAPI ObDereferenceProcessHandleTable (IN PEPROCESS Process)
 
VOID NTAPI ObKillProcess (IN PEPROCESS Process)
 
NTSTATUS NTAPI ObpLookupObjectName (IN HANDLE RootHandle OPTIONAL, IN OUT PUNICODE_STRING ObjectName, IN ULONG Attributes, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL, IN PVOID InsertObject OPTIONAL, IN OUT PACCESS_STATE AccessState, OUT POBP_LOOKUP_CONTEXT LookupContext, OUT PVOID *FoundObject)
 
BOOLEAN NTAPI ObpSetHandleAttributes (IN OUT PHANDLE_TABLE_ENTRY HandleTableEntry, IN ULONG_PTR Context)
 
VOID NTAPI ObQueryDeviceMapInformation (IN PEPROCESS Process, OUT PPROCESS_DEVICEMAP_INFORMATION DeviceMapInfo)
 
VOID NTAPI ObpDeleteObject (IN PVOID Object, IN BOOLEAN CalledFromWorkerThread)
 
LONG FASTCALL ObDereferenceObjectEx (IN PVOID Object, IN LONG Count)
 
LONG FASTCALL ObReferenceObjectEx (IN PVOID Object, IN LONG Count)
 
BOOLEAN FASTCALL ObReferenceObjectSafe (IN PVOID Object)
 
VOID NTAPI ObpReapObject (IN PVOID Unused)
 
VOID FASTCALL ObpSetPermanentObject (IN PVOID ObjectBody, IN BOOLEAN Permanent)
 
VOID NTAPI ObpDeleteNameCheck (IN PVOID Object)
 
VOID NTAPI ObClearProcessHandleTable (IN PEPROCESS Process)
 
NTSTATUS NTAPI ObDuplicateObject (IN PEPROCESS SourceProcess, IN HANDLE SourceHandle, IN PEPROCESS TargetProcess OPTIONAL, IN PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options, IN KPROCESSOR_MODE PreviousMode)
 
VOID NTAPI ObFreeObjectCreateInfoBuffer (IN POBJECT_CREATE_INFORMATION ObjectCreateInfo)
 
VOID NTAPI ObpFreeObjectNameBuffer (IN PUNICODE_STRING Name)
 
VOID NTAPI ObpDeleteObjectType (IN PVOID Object)
 
NTSTATUS NTAPI ObReferenceFileObjectForWrite (IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode, OUT PFILE_OBJECT *FileObject, OUT POBJECT_HANDLE_INFORMATION HandleInformation)
 
NTSTATUS NTAPI ObpCreateDeviceMap (IN HANDLE DirectoryHandle)
 
VOID NTAPI ObDereferenceDeviceMap (IN PEPROCESS Process)
 
VOID FASTCALL ObfDereferenceDeviceMap (IN PDEVICE_MAP DeviceMap)
 
VOID NTAPI ObInheritDeviceMap (IN PEPROCESS Parent, IN PEPROCESS Process)
 
INIT_FUNCTION NTSTATUS NTAPI ObpCreateDosDevicesDirectory (VOID)
 
INIT_FUNCTION NTSTATUS NTAPI ObpInitSdCache (VOID)
 
PSECURITY_DESCRIPTOR NTAPI ObpReferenceSecurityDescriptor (IN POBJECT_HEADER ObjectHeader)
 
BOOLEAN NTAPI ObCheckObjectAccess (IN PVOID Object, IN OUT PACCESS_STATE AccessState, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS ReturnedStatus)
 
BOOLEAN NTAPI ObCheckCreateObjectAccess (IN PVOID Object, IN ACCESS_MASK CreateAccess, IN PACCESS_STATE AccessState, IN PUNICODE_STRING ComponentName, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
 
BOOLEAN NTAPI ObpCheckTraverseAccess (IN PVOID Object, IN ACCESS_MASK TraverseAccess, IN PACCESS_STATE AccessState OPTIONAL, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
 
BOOLEAN NTAPI ObpCheckObjectReference (IN PVOID Object, IN OUT PACCESS_STATE AccessState, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
 
NTSTATUS NTAPI ObAssignObjectSecurityDescriptor (IN PVOID Object, IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, IN POOL_TYPE PoolType)
 
NTSTATUS NTAPI ObDeassignSecurity (IN OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
 
NTSTATUS NTAPI ObQuerySecurityDescriptorInfo (IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG Length, IN PSECURITY_DESCRIPTOR *OutputSecurityDescriptor)
 
NTSTATUS NTAPI ObSetSecurityDescriptorInfo (IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
 
VOID FASTCALL ObInitializeFastReference (IN PEX_FAST_REF FastRef, IN PVOID Object)
 
PVOID FASTCALL ObFastReplaceObject (IN PEX_FAST_REF FastRef, IN PVOID Object)
 
PVOID FASTCALL ObFastReferenceObject (IN PEX_FAST_REF FastRef)
 
PVOID FASTCALL ObFastReferenceObjectLocked (IN PEX_FAST_REF FastRef)
 
VOID FASTCALL ObFastDereferenceObject (IN PEX_FAST_REF FastRef, IN PVOID Object)
 
NTSTATUS NTAPI ObpCaptureObjectName (IN PUNICODE_STRING CapturedName, IN PUNICODE_STRING ObjectName, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN AllocateFromLookaside)
 
NTSTATUS NTAPI ObpCaptureObjectCreateInformation (IN POBJECT_ATTRIBUTES ObjectAttributes, IN KPROCESSOR_MODE AccessMode, IN KPROCESSOR_MODE CreatorMode, IN BOOLEAN AllocateFromLookaside, IN POBJECT_CREATE_INFORMATION ObjectCreateInfo, OUT PUNICODE_STRING ObjectName)
 
ULONG NTAPI ObGetProcessHandleCount (IN PEPROCESS Process)
 

Variables

ULONG ObpTraceLevel
 
KEVENT ObpDefaultObject
 
KGUARDED_MUTEX ObpDeviceMapLock
 
POBJECT_TYPE ObpTypeObjectType
 
POBJECT_TYPE ObpDirectoryObjectType
 
POBJECT_TYPE ObpSymbolicLinkObjectType
 
POBJECT_DIRECTORY ObpRootDirectoryObject
 
POBJECT_DIRECTORY ObpTypeDirectoryObject
 
PHANDLE_TABLE ObpKernelHandleTable
 
WORK_QUEUE_ITEM ObpReaperWorkItem
 
volatile PVOID ObpReaperList
 
GENERAL_LOOKASIDE ObpNameBufferLookasideList
 
GENERAL_LOOKASIDE ObpCreateInfoLookasideList
 
BOOLEAN IoCountOperations
 
ALIGNEDNAME ObpDosDevicesShortNamePrefix
 
ALIGNEDNAME ObpDosDevicesShortNameRoot
 
UNICODE_STRING ObpDosDevicesShortName
 
WCHAR ObpUnsecureGlobalNamesBuffer [128]
 
ULONG ObpUnsecureGlobalNamesLength
 
ULONG ObpObjectSecurityMode
 

Macro Definition Documentation

◆ _OB_DEBUG_

#define _OB_DEBUG_   0x00

Definition at line 12 of file ob.h.

◆ GENERIC_ACCESS

#define GENERIC_ACCESS
Value:
GENERIC_WRITE | \
GENERIC_EXECUTE | \
GENERIC_ALL)
#define GENERIC_READ
Definition: compat.h:124

Definition at line 40 of file ob.h.

◆ KERNEL_HANDLE_FLAG

#define KERNEL_HANDLE_FLAG   0x80000000

Definition at line 62 of file ob.h.

◆ OB_CALLBACK_DEBUG

#define OB_CALLBACK_DEBUG   0x10

Definition at line 21 of file ob.h.

◆ OB_HANDLE_DEBUG

#define OB_HANDLE_DEBUG   0x01

Definition at line 17 of file ob.h.

◆ OB_NAMESPACE_DEBUG

#define OB_NAMESPACE_DEBUG   0x02

Definition at line 18 of file ob.h.

◆ OB_REFERENCE_DEBUG

#define OB_REFERENCE_DEBUG   0x08

Definition at line 20 of file ob.h.

◆ OB_SECURITY_DEBUG

#define OB_SECURITY_DEBUG   0x04

Definition at line 19 of file ob.h.

◆ OBJ_AUDIT_OBJECT_CLOSE

#define OBJ_AUDIT_OBJECT_CLOSE   0x04

Definition at line 51 of file ob.h.

◆ OBJ_HANDLE_ATTRIBUTES

#define OBJ_HANDLE_ATTRIBUTES
Value:
OBJ_INHERIT | \
OBJ_AUDIT_OBJECT_CLOSE)
#define OBJ_PROTECT_CLOSE
Definition: ob.h:49

Definition at line 52 of file ob.h.

◆ OBJ_PROTECT_CLOSE

#define OBJ_PROTECT_CLOSE   0x01

Definition at line 49 of file ob.h.

◆ ObKernelHandleToHandle

#define ObKernelHandleToHandle (   Handle)    (HANDLE)((ULONG_PTR)(Handle) & ~KERNEL_HANDLE_FLAG)

Definition at line 73 of file ob.h.

◆ ObMarkHandleAsKernelHandle

#define ObMarkHandleAsKernelHandle (   Handle)    (HANDLE)((ULONG_PTR)(Handle) | KERNEL_HANDLE_FLAG)

Definition at line 75 of file ob.h.

◆ ObpGetHandleObject

#define ObpGetHandleObject (   x)    ((POBJECT_HEADER)((ULONG_PTR)x->Object & ~OBJ_HANDLE_ATTRIBUTES))

Definition at line 81 of file ob.h.

◆ ObpGetHeaderForEntry

#define ObpGetHeaderForEntry (   x)    CONTAINING_RECORD((x), SECURITY_DESCRIPTOR_HEADER, Link)

Definition at line 93 of file ob.h.

◆ ObpGetHeaderForSd

Definition at line 87 of file ob.h.

◆ ObpIsKernelHandle

#define ObpIsKernelHandle (   Handle,
  ProcessorMode 
)
Value:
((ProcessorMode) == KernelMode) && \
((Handle) != NtCurrentProcess()) && \
#define NtCurrentThread()
#define NtCurrentProcess()
Definition: nt_native.h:1657
_In_ HANDLE Handle
Definition: extypes.h:390
#define ULONG_PTR
Definition: config.h:101
#define KERNEL_HANDLE_FLAG
Definition: ob.h:62

Definition at line 64 of file ob.h.

◆ OBTRACE

#define OBTRACE (   x,
  fmt,
  ... 
)    DPRINT(fmt, ##__VA_ARGS__)

Definition at line 34 of file ob.h.

◆ TAG_OB_TEMP_STORAGE

#define TAG_OB_TEMP_STORAGE   'tSbO'

Definition at line 150 of file ob.h.

Typedef Documentation

◆ OB_SD_CACHE_LIST

◆ OB_TEMP_BUFFER

◆ OBP_CLOSE_HANDLE_CONTEXT

◆ OBP_FIND_HANDLE_DATA

◆ OBP_SET_HANDLE_ATTRIBUTES_CONTEXT

◆ POB_SD_CACHE_LIST

◆ POB_TEMP_BUFFER

◆ POBP_CLOSE_HANDLE_CONTEXT

◆ POBP_FIND_HANDLE_DATA

◆ POBP_SET_HANDLE_ATTRIBUTES_CONTEXT

◆ PSECURITY_DESCRIPTOR_HEADER

◆ SECURITY_DESCRIPTOR_HEADER

Function Documentation

◆ ObAssignObjectSecurityDescriptor()

NTSTATUS NTAPI ObAssignObjectSecurityDescriptor ( IN PVOID  Object,
IN PSECURITY_DESCRIPTOR SecurityDescriptor  OPTIONAL,
IN POOL_TYPE  PoolType 
)

Definition at line 20 of file obsecure.c.

23 {
24  POBJECT_HEADER ObjectHeader;
27  PEX_FAST_REF FastRef;
28  PAGED_CODE();
29 
30  /* Get the object header */
31  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
32  FastRef = (PEX_FAST_REF)&ObjectHeader->SecurityDescriptor;
34  {
35  /* Nothing to assign */
37  return STATUS_SUCCESS;
38  }
39 
40  /* Add it to our internal cache */
42  &NewSd,
43  MAX_FAST_REFS + 1);
44  if (NT_SUCCESS(Status))
45  {
46  /* Free the old copy */
48 
49  /* Set the new pointer */
50  ASSERT(NewSd);
51  ExInitializeFastReference(FastRef, NewSd);
52  }
53 
54  /* Return status */
55  return Status;
56 }
FORCEINLINE VOID ExInitializeFastReference(OUT PEX_FAST_REF FastRef, IN OPTIONAL PVOID Object)
Definition: ex.h:582
struct _EX_FAST_REF * PEX_FAST_REF
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
smooth NULL
Definition: ftsmooth.c:416
#define TAG_SD
Definition: tag.h:176
if(!(yy_init))
Definition: macro.lex.yy.c:714
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static IUnknown Object
Definition: main.c:512
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
NTSTATUS NTAPI ObLogSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor, IN ULONG RefBias)
Definition: obsdcach.c:364
Status
Definition: gdiplustypes.h:24
#define MAX_FAST_REFS
Definition: ex.h:128
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
return STATUS_SUCCESS
Definition: btrfs.c:2745
PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: obtypes.h:503

Referenced by SeDefaultObjectMethod(), and WmipSecurityMethod().

◆ ObCheckCreateObjectAccess()

BOOLEAN NTAPI ObCheckCreateObjectAccess ( IN PVOID  Object,
IN ACCESS_MASK  CreateAccess,
IN PACCESS_STATE  AccessState,
IN PUNICODE_STRING  ComponentName,
IN BOOLEAN  LockHeld,
IN KPROCESSOR_MODE  AccessMode,
OUT PNTSTATUS  AccessStatus 
)

Definition at line 203 of file obsecure.c.

210 {
211  POBJECT_HEADER ObjectHeader;
214  BOOLEAN SdAllocated;
215  BOOLEAN Result = TRUE;
219  PAGED_CODE();
220 
221  /* Get the header and type */
222  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
223  ObjectType = ObjectHeader->Type;
224 
225  /* Get the security descriptor */
227  if (!NT_SUCCESS(Status))
228  {
229  /* We failed */
230  *AccessStatus = Status;
231  return FALSE;
232  }
233 
234  /* Lock the security context */
235  SeLockSubjectContext(&AccessState->SubjectSecurityContext);
236 
237  /* Check if we have an SD */
238  if (SecurityDescriptor)
239  {
240  /* Now do the entire access check */
242  &AccessState->SubjectSecurityContext,
243  TRUE,
244  CreateAccess,
245  0,
246  &Privileges,
247  &ObjectType->TypeInfo.GenericMapping,
248  AccessMode,
249  &GrantedAccess,
250  AccessStatus);
251  if (Privileges)
252  {
253  /* We got privileges, append them to the access state and free them */
256  }
257  }
258 
259  /* We're done, unlock the context and release security */
260  SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
262  return Result;
263 }
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
Definition: accesschk.c:340
ObjectType
Definition: metafile.c:80
#define TRUE
Definition: types.h:120
VOID NTAPI SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:336
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:314
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NTSTATUS NTAPI SeAppendPrivileges(IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
Definition: priv.c:407
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static IUnknown Object
Definition: main.c:512
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
Status
Definition: gdiplustypes.h:24
VOID NTAPI SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
Definition: priv.c:480
POBJECT_TYPE Type
Definition: obtypes.h:493
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by ObpLookupObjectName().

◆ ObCheckObjectAccess()

BOOLEAN NTAPI ObCheckObjectAccess ( IN PVOID  Object,
IN OUT PACCESS_STATE  AccessState,
IN BOOLEAN  LockHeld,
IN KPROCESSOR_MODE  AccessMode,
OUT PNTSTATUS  ReturnedStatus 
)

Definition at line 441 of file obsecure.c.

446 {
447  POBJECT_HEADER ObjectHeader;
450  BOOLEAN SdAllocated;
452  BOOLEAN Result;
455  PAGED_CODE();
456 
457  /* Get the object header and type */
458  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
459  ObjectType = ObjectHeader->Type;
460 
461  /* Get security information */
463  if (!NT_SUCCESS(Status))
464  {
465  /* Return failure */
466  *ReturnedStatus = Status;
467  return FALSE;
468  }
469  else if (!SecurityDescriptor)
470  {
471  /* Otherwise, if we don't actually have an SD, return success */
472  *ReturnedStatus = Status;
473  return TRUE;
474  }
475 
476  /* Lock the security context */
477  SeLockSubjectContext(&AccessState->SubjectSecurityContext);
478 
479  /* Now do the entire access check */
481  &AccessState->SubjectSecurityContext,
482  TRUE,
483  AccessState->RemainingDesiredAccess,
484  AccessState->PreviouslyGrantedAccess,
485  &Privileges,
486  &ObjectType->TypeInfo.GenericMapping,
487  AccessMode,
488  &GrantedAccess,
489  ReturnedStatus);
490  if (Privileges)
491  {
492  /* We got privileges, append them to the access state and free them */
495  }
496 
497  /* Check if access was granted */
498  if (Result)
499  {
500  /* Update the access state */
501  AccessState->RemainingDesiredAccess &= ~(GrantedAccess |
503  AccessState->PreviouslyGrantedAccess |= GrantedAccess;
504  }
505 
506  /* Do audit alarm */
508  Object,
509  NULL,
511  AccessState,
512  FALSE,
513  Result,
514  AccessMode,
515  &AccessState->GenerateOnClose);
516 
517  /* We're done, unlock the context and release security */
518  SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
520  return Result;
521 }
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
Definition: accesschk.c:340
ObjectType
Definition: metafile.c:80
#define TRUE
Definition: types.h:120
VOID NTAPI SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:336
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:314
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NTSTATUS NTAPI SeAppendPrivileges(IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
Definition: priv.c:407
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static IUnknown Object
Definition: main.c:512
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
VOID NTAPI SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName, IN PVOID Object OPTIONAL, IN PUNICODE_STRING AbsoluteObjectName OPTIONAL, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PACCESS_STATE AccessState, IN BOOLEAN ObjectCreated, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE AccessMode, OUT PBOOLEAN GenerateOnClose)
Definition: audit.c:803
Status
Definition: gdiplustypes.h:24
VOID NTAPI SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
Definition: priv.c:480
POBJECT_TYPE Type
Definition: obtypes.h:493
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by CmpDoOpen(), and ObpIncrementHandleCount().

◆ ObClearProcessHandleTable()

VOID NTAPI ObClearProcessHandleTable ( IN PEPROCESS  Process)

Definition at line 2024 of file obhandle.c.

2025 {
2029  BOOLEAN AttachedToProcess = FALSE;
2030 
2031  ASSERT(Process);
2032 
2033  /* Ensure the handle table doesn't go away while we use it */
2035  if (!HandleTable) return;
2036 
2037  /* Attach to the current process if needed */
2038  if (PsGetCurrentProcess() != Process)
2039  {
2041  AttachedToProcess = TRUE;
2042  }
2043 
2044  /* Enter a critical region */
2046 
2047  /* Fill out the context */
2048  Context.AccessMode = UserMode;
2049  Context.HandleTable = HandleTable;
2050 
2051  /* Sweep the handle table to close all handles */
2054  &Context);
2055 
2056  /* Leave the critical region */
2058 
2059  /* Detach if needed */
2060  if (AttachedToProcess)
2062 
2063  /* Let the handle table go */
2065 }
PHANDLE_TABLE NTAPI ObReferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:29
#define TRUE
Definition: types.h:120
KAPC_STATE
Definition: ketypes.h:1273
static XMS_HANDLE HandleTable[XMS_MAX_HANDLES]
Definition: himem.c:83
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
Definition: procobj.c:701
#define PsGetCurrentProcess
Definition: psfuncs.h:17
unsigned char BOOLEAN
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define KeEnterCriticalRegion()
Definition: ke_x.h:83
#define KeLeaveCriticalRegion()
Definition: ke_x.h:114
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
Definition: procobj.c:753
_Out_ PKAPC_STATE ApcState
Definition: mm.h:1484
VOID NTAPI ExSweepHandleTable(IN PHANDLE_TABLE HandleTable, IN PEX_SWEEP_HANDLE_CALLBACK EnumHandleProcedure, IN PVOID Context)
Definition: handle.c:1196
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
struct tagContext Context
Definition: acpixf.h:1012
BOOLEAN NTAPI ObpCloseHandleCallback(IN PHANDLE_TABLE_ENTRY HandleTableEntry, IN HANDLE Handle, IN PVOID Context)
Definition: obhandle.c:1921
VOID NTAPI ObDereferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:51

Referenced by NtTerminateProcess(), and PspTerminateProcess().

◆ ObDeassignSecurity()

NTSTATUS NTAPI ObDeassignSecurity ( IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor)

Definition at line 60 of file obsecure.c.

61 {
62  EX_FAST_REF FastRef;
63  ULONG Count;
64  PSECURITY_DESCRIPTOR OldSecurityDescriptor;
65 
66  /* Get the fast reference and capture it */
67  FastRef = *(PEX_FAST_REF)SecurityDescriptor;
68 
69  /* Don't free again later */
71 
72  /* Get the descriptor and reference count */
73  OldSecurityDescriptor = ExGetObjectFastReference(FastRef);
74  Count = ExGetCountFastReference(FastRef);
75 
76  /* Dereference the descriptor */
77  ObDereferenceSecurityDescriptor(OldSecurityDescriptor, Count + 1);
78 
79  /* All done */
80  return STATUS_SUCCESS;
81 }
FORCEINLINE PVOID ExGetObjectFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:566
VOID NTAPI ObDereferenceSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Count)
Definition: obsdcach.c:287
struct _EX_FAST_REF * PEX_FAST_REF
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_Inout_ __drv_aliasesMem PSLIST_ENTRY _Inout_ PSLIST_ENTRY _In_ ULONG Count
Definition: exfuncs.h:1015
smooth NULL
Definition: ftsmooth.c:416
FORCEINLINE ULONG ExGetCountFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:574
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2745

Referenced by SeDefaultObjectMethod(), and WmipSecurityMethod().

◆ ObDereferenceDeviceMap()

VOID NTAPI ObDereferenceDeviceMap ( IN PEPROCESS  Process)

Definition at line 72 of file devicemap.c.

73 {
74  PDEVICE_MAP DeviceMap;
75 
76  DPRINT("ObDereferenceDeviceMap()\n");
77 
78  /* Get the pointer to this process devicemap and reset it
79  holding the device map lock */
81  DeviceMap = Process->DeviceMap;
82  Process->DeviceMap = NULL;
84 
85  /* Continue only if there is a device map */
86  if (DeviceMap == NULL)
87  return;
88 
89  /* Acquire the device map lock again */
91 
92  /* Decrement the reference counter */
93  DeviceMap->ReferenceCount--;
94  DPRINT("ReferenceCount: %lu\n", DeviceMap->ReferenceCount);
95 
96  /* Leave, if there are still references to this device map */
97  if (DeviceMap->ReferenceCount != 0)
98  {
99  /* Release the device map lock and leave */
101  return;
102  }
103 
104  /* Nobody is referencing it anymore, unlink the DOS directory */
105  DeviceMap->DosDevicesDirectory->DeviceMap = NULL;
106 
107  /* Release the device map lock */
109 
110  /* Dereference the DOS Devices Directory and free the DeviceMap */
112  ExFreePoolWithTag(DeviceMap, 'mDbO');
113 }
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
struct _DEVICE_MAP * DeviceMap
Definition: obtypes.h:418
ULONG ReferenceCount
Definition: obtypes.h:527
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
POBJECT_DIRECTORY DosDevicesDirectory
Definition: obtypes.h:525
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24

Referenced by PspDeleteProcess().

◆ ObDereferenceObjectEx()

LONG FASTCALL ObDereferenceObjectEx ( IN PVOID  Object,
IN LONG  Count 
)

Definition at line 90 of file obref.c.

92 {
94  LONG_PTR NewCount;
95 
96  /* Extract the object header */
98 
99  /* Check whether the object can now be deleted. */
100  NewCount = InterlockedExchangeAddSizeT(&Header->PointerCount, -Count) - Count;
101  if (!NewCount) ObpDeferObjectDeletion(Header);
102 
103  /* Return the current count */
104  return NewCount;
105 }
_Inout_ __drv_aliasesMem PSLIST_ENTRY _Inout_ PSLIST_ENTRY _In_ ULONG Count
Definition: exfuncs.h:1015
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
VOID NTAPI ObpDeferObjectDeletion(IN POBJECT_HEADER Header)
Definition: obref.c:55
Definition: Header.h:8
static IUnknown Object
Definition: main.c:512
#define InterlockedExchangeAddSizeT(a, b)
Definition: interlocked.h:196
__int3264 LONG_PTR
Definition: mstsclib_h.h:276

Referenced by ExpTimerApcKernelRoutine(), ExTimerRundown(), NtCancelTimer(), NtSetTimer(), ObFastReferenceObject(), ObFastReplaceObject(), and PspCreateThread().

◆ ObDereferenceProcessHandleTable()

VOID NTAPI ObDereferenceProcessHandleTable ( IN PEPROCESS  Process)

Definition at line 51 of file obhandle.c.

52 {
53  /* Release the process lock */
54  ExReleaseRundownProtection(&Process->RundownProtect);
55 }
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219

Referenced by ObClearProcessHandleTable(), ObDuplicateObject(), ObFindHandleForObject(), ObGetProcessHandleCount(), and ObInitProcess().

◆ ObDuplicateObject()

NTSTATUS NTAPI ObDuplicateObject ( IN PEPROCESS  SourceProcess,
IN HANDLE  SourceHandle,
IN PEPROCESS TargetProcess  OPTIONAL,
IN PHANDLE TargetHandle  OPTIONAL,
IN ACCESS_MASK  DesiredAccess,
IN ULONG  HandleAttributes,
IN ULONG  Options,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 2201 of file obhandle.c.

2209 {
2210  HANDLE_TABLE_ENTRY NewHandleEntry;
2211  BOOLEAN AttachedToProcess = FALSE;
2212  PVOID SourceObject;
2213  POBJECT_HEADER ObjectHeader;
2215  HANDLE NewHandle;
2217  NTSTATUS Status;
2218  ACCESS_MASK TargetAccess, SourceAccess;
2221  AUX_ACCESS_DATA AuxData;
2224  ULONG AuditMask;
2226 
2227  PAGED_CODE();
2229  "%s - Duplicating handle: %p for %p into %p\n",
2230  __FUNCTION__,
2231  SourceHandle,
2232  SourceProcess,
2233  TargetProcess);
2234 
2235  /* Assume failure */
2236  if (TargetHandle) *TargetHandle = NULL;
2237 
2238  /* Check if we're not duplicating the same access */
2239  if (!(Options & DUPLICATE_SAME_ACCESS))
2240  {
2241  /* Validate the desired access */
2242  Status = STATUS_SUCCESS; //ObpValidateDesiredAccess(DesiredAccess);
2243  if (!NT_SUCCESS(Status)) return Status;
2244  }
2245 
2246  /* Reference the object table */
2247  HandleTable = ObReferenceProcessHandleTable(SourceProcess);
2249 
2250  /* Reference the process object */
2252  SourceProcess,
2253  HandleTable,
2254  PreviousMode,
2255  &SourceObject,
2257  &AuditMask);
2258  if (!NT_SUCCESS(Status))
2259  {
2260  /* Fail */
2261  ObDereferenceProcessHandleTable(SourceProcess);
2262  return Status;
2263  }
2264  else
2265  {
2266  /* Check if we have to don't have to audit object close */
2267  if (!(HandleInformation.HandleAttributes & OBJ_AUDIT_OBJECT_CLOSE))
2268  {
2269  /* Then there is no audit mask */
2270  AuditMask = 0;
2271  }
2272  }
2273 
2274  /* Check if there's no target process */
2275  if (!TargetProcess)
2276  {
2277  /* Check if the caller wanted actual duplication */
2279  {
2280  /* Invalid request */
2282  }
2283  else
2284  {
2285  /* Otherwise, do the attach */
2286  KeStackAttachProcess(&SourceProcess->Pcb, &ApcState);
2287 
2288  /* Close the handle and detach */
2291  }
2292 
2293  /* Return */
2294  ObDereferenceProcessHandleTable(SourceProcess);
2295  ObDereferenceObject(SourceObject);
2296  return Status;
2297  }
2298 
2299  /* Create a kernel handle if asked, but only in the system process */
2300  if (PreviousMode == KernelMode &&
2302  TargetProcess == PsInitialSystemProcess)
2303  {
2304  KernelHandle = TRUE;
2305  }
2306 
2307  /* Get the target handle table */
2308  HandleTable = ObReferenceProcessHandleTable(TargetProcess);
2309  if (!HandleTable)
2310  {
2311  /* Check if the caller wanted us to close the handle */
2313  {
2314  /* Do the attach */
2315  KeStackAttachProcess(&SourceProcess->Pcb, &ApcState);
2316 
2317  /* Close the handle and detach */
2320  }
2321 
2322  /* Return */
2323  ObDereferenceProcessHandleTable(SourceProcess);
2324  ObDereferenceObject(SourceObject);
2326  }
2327 
2328  /* Get the source access */
2329  SourceAccess = HandleInformation.GrantedAccess;
2330 
2331  /* Check if we're not in the target process */
2332  if (TargetProcess != PsGetCurrentProcess())
2333  {
2334  /* Attach to it */
2335  KeStackAttachProcess(&TargetProcess->Pcb, &ApcState);
2336  AttachedToProcess = TRUE;
2337  }
2338 
2339  /* Check if we're duplicating the attributes */
2341  {
2342  /* Duplicate them */
2343  HandleAttributes = HandleInformation.HandleAttributes;
2344  }
2345  else
2346  {
2347  /* Don't allow caller to bypass auditing */
2348  HandleAttributes |= HandleInformation.HandleAttributes &
2350  }
2351 
2352  /* Check if we're duplicating the access */
2353  if (Options & DUPLICATE_SAME_ACCESS) DesiredAccess = SourceAccess;
2354 
2355  /* Get object data */
2356  ObjectHeader = OBJECT_TO_OBJECT_HEADER(SourceObject);
2357  ObjectType = ObjectHeader->Type;
2358 
2359  /* Fill out the entry */
2360  RtlZeroMemory(&NewHandleEntry, sizeof(HANDLE_TABLE_ENTRY));
2361  NewHandleEntry.Object = ObjectHeader;
2362  NewHandleEntry.ObAttributes |= (HandleAttributes & OBJ_HANDLE_ATTRIBUTES);
2363 
2364  /* Check if we're using a generic mask */
2366  {
2367  /* Map it */
2369  &ObjectType->TypeInfo.GenericMapping);
2370  }
2371 
2372  /* Set the target access, always propagate ACCESS_SYSTEM_SECURITY */
2373  TargetAccess = DesiredAccess & (ObjectType->TypeInfo.ValidAccessMask |
2375  NewHandleEntry.GrantedAccess = TargetAccess;
2376 
2377  /* Check if we're asking for new access */
2378  if (TargetAccess & ~SourceAccess)
2379  {
2380  /* We are. We need the security procedure to validate this */
2381  if (ObjectType->TypeInfo.SecurityProcedure == SeDefaultObjectMethod)
2382  {
2383  /* Use our built-in access state */
2386  &AuxData,
2387  TargetAccess,
2388  &ObjectType->TypeInfo.GenericMapping);
2389  }
2390  else
2391  {
2392  /* Otherwise we can't allow this privilege elevation */
2394  }
2395  }
2396  else
2397  {
2398  /* We don't need an access state */
2400  }
2401 
2402  /* Make sure the access state was created OK */
2403  if (NT_SUCCESS(Status))
2404  {
2405  /* Add a new handle */
2406  Status = ObpIncrementHandleCount(SourceObject,
2408  PreviousMode,
2412  }
2413 
2414  /* Check if we were attached */
2415  if (AttachedToProcess)
2416  {
2417  /* We can safely detach now */
2419  AttachedToProcess = FALSE;
2420  }
2421 
2422  /* Check if we have to close the source handle */
2424  {
2425  /* Attach and close */
2426  KeStackAttachProcess(&SourceProcess->Pcb, &ApcState);
2429  }
2430 
2431  /* Check if we had an access state */
2433 
2434  /* Now check if incrementing actually failed */
2435  if (!NT_SUCCESS(Status))
2436  {
2437  /* Dereference handle tables */
2438  ObDereferenceProcessHandleTable(SourceProcess);
2439  ObDereferenceProcessHandleTable(TargetProcess);
2440 
2441  /* Dereference the source object */
2442  ObDereferenceObject(SourceObject);
2443  return Status;
2444  }
2445 
2446  if (NewHandleEntry.ObAttributes & OBJ_PROTECT_CLOSE)
2447  {
2448  NewHandleEntry.ObAttributes &= ~OBJ_PROTECT_CLOSE;
2449  NewHandleEntry.GrantedAccess |= ObpAccessProtectCloseBit;
2450  }
2451 
2452  /* Now create the handle */
2453  NewHandle = ExCreateHandle(HandleTable, &NewHandleEntry);
2454  if (!NewHandle)
2455  {
2456  /* Undo the increment */
2457  ObpDecrementHandleCount(SourceObject,
2458  TargetProcess,
2459  TargetAccess,
2460  ObjectType);
2461 
2462  /* Deference the object and set failure status */
2463  ObDereferenceObject(SourceObject);
2465  }
2466 
2467  /* Mark it as a kernel handle if requested */
2468  if (KernelHandle)
2469  {
2470  NewHandle = ObMarkHandleAsKernelHandle(NewHandle);
2471  }
2472 
2473  /* Return the handle */
2474  if (TargetHandle) *TargetHandle = NewHandle;
2475 
2476  /* Dereference handle tables */
2477  ObDereferenceProcessHandleTable(SourceProcess);
2478  ObDereferenceProcessHandleTable(TargetProcess);
2479 
2480  /* Return status */
2482  "%s - Duplicated handle: %p for %p into %p. Source: %p HC PC %lx %lx\n",
2483  __FUNCTION__,
2484  NewHandle,
2485  SourceProcess,
2486  TargetProcess,
2487  SourceObject,
2488  ObjectHeader->PointerCount,
2489  ObjectHeader->HandleCount);
2490  return Status;
2491 }
ObjectType
Definition: metafile.c:80
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:429
#define DUPLICATE_CLOSE_SOURCE
PHANDLE_TABLE NTAPI ObReferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:29
#define TRUE
Definition: types.h:120
ULONG ObpAccessProtectCloseBit
Definition: obhandle.c:21
NTSTATUS NTAPI SeCreateAccessState(IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:439
KAPC_STATE
Definition: ketypes.h:1273
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LONG_PTR HandleCount
Definition: obtypes.h:490
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
HANDLE KernelHandle
Definition: legacy.c:24
ULONG_PTR ObAttributes
Definition: extypes.h:600
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
#define GENERIC_ACCESS
Definition: wlx.c:26
_Inout_opt_ PACCESS_STATE PassedAccessState
Definition: obfuncs.h:71
static XMS_HANDLE HandleTable[XMS_MAX_HANDLES]
Definition: himem.c:83
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
_In_ HANDLE SourceHandle
Definition: obfuncs.h:429
enum OPTION_FLAGS Options
Definition: stats.c:44
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
HANDLE NTAPI ExCreateHandle(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:791
#define OBJ_PROTECT_CLOSE
#define OBJ_AUDIT_OBJECT_CLOSE
Definition: ob.h:51
#define DUPLICATE_SAME_ACCESS
PEPROCESS PsInitialSystemProcess
Definition: psmgr.c:50
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
Definition: procobj.c:701
#define PsGetCurrentProcess
Definition: psfuncs.h:17
Definition: extypes.h:595
NTSTATUS NTAPI ObpIncrementHandleCount(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN ULONG HandleAttributes, IN PEPROCESS Process, IN OB_OPEN_REASON OpenReason)
Definition: obhandle.c:808
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
VOID NTAPI ObpDecrementHandleCount(IN PVOID ObjectBody, IN PEPROCESS Process, IN ACCESS_MASK GrantedAccess, IN POBJECT_TYPE ObjectType)
Definition: obhandle.c:527
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define ObMarkHandleAsKernelHandle(Handle)
Definition: ob.h:75
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define STATUS_PROCESS_IS_TERMINATING
Definition: ntstatus.h:488
ULONG GrantedAccess
Definition: extypes.h:606
static OB_SECURITY_METHOD SeDefaultObjectMethod
Definition: ObTypes.c:139
_In_ ACCESS_MASK _In_opt_ POBJECT_TYPE _In_ KPROCESSOR_MODE _Out_ PVOID _Out_opt_ POBJECT_HANDLE_INFORMATION HandleInformation
Definition: obfuncs.h:40
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
NTSTATUS NTAPI ObpReferenceProcessObjectByHandle(IN HANDLE Handle, IN PEPROCESS Process, IN PHANDLE_TABLE HandleTable, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation, OUT PACCESS_MASK AuditMask)
Definition: obhandle.c:88
#define OB_HANDLE_DEBUG
Definition: ob.h:17
Status
Definition: gdiplustypes.h:24
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
Definition: procobj.c:753
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_Out_ PKAPC_STATE ApcState
Definition: mm.h:1484
#define OBTRACE(x, fmt,...)
Definition: ob.h:34
VOID NTAPI SeDeleteAccessState(IN PACCESS_STATE AccessState)
Definition: access.c:460
LONG_PTR PointerCount
Definition: obtypes.h:487
unsigned int ULONG
Definition: retypes.h:1
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
PVOID Object
Definition: extypes.h:599
POBJECT_TYPE Type
Definition: obtypes.h:493
#define OBJ_HANDLE_ATTRIBUTES
Definition: ob.h:52
return STATUS_SUCCESS
Definition: btrfs.c:2745
VOID NTAPI ObDereferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:51
#define __FUNCTION__
Definition: types.h:112
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE TargetHandle
Definition: obfuncs.h:429
ULONG ACCESS_MASK
Definition: nt_native.h:40
NTSYSAPI VOID NTAPI RtlMapGenericMask(PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping)

Referenced by DbgkpOpenHandles(), and NtDuplicateObject().

◆ ObFastDereferenceObject()

VOID FASTCALL ObFastDereferenceObject ( IN PEX_FAST_REF  FastRef,
IN PVOID  Object 
)

Definition at line 169 of file obref.c.

171 {
172  /* Release a fast reference. If this failed, use the slow path */
174 }
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
static IUnknown Object
Definition: main.c:512
FORCEINLINE BOOLEAN ExReleaseFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: ex.h:671

Referenced by NtOpenThreadTokenEx(), PspCreateProcess(), PspCreateThread(), PspExitThread(), PspInitializeProcessSecurity(), PspSetPrimaryToken(), SeIsTokenChild(), SeIsTokenSibling(), and SeReleaseSubjectContext().

◆ ObFastReferenceObject()

PVOID FASTCALL ObFastReferenceObject ( IN PEX_FAST_REF  FastRef)

Definition at line 134 of file obref.c.

135 {
136  EX_FAST_REF OldValue;
138  PVOID Object;
139 
140  /* Reference the object and get it pointer */
141  OldValue = ExAcquireFastReference(FastRef);
142  Object = ExGetObjectFastReference(OldValue);
143 
144  /* Check how many references are left */
145  Count = ExGetCountFastReference(OldValue);
146 
147  /* Check if the reference count is over 1 */
148  if (Count > 1) return Object;
149 
150  /* Check if the reference count has reached 0 */
151  if (!Count) return NULL;
152 
153  /* Otherwise, reference the object 7 times */
155 
156  /* Now update the reference count */
157  if (!ExInsertFastReference(FastRef, Object))
158  {
159  /* We failed: completely dereference the object */
161  }
162 
163  /* Return the Object */
164  return Object;
165 }
LONG FASTCALL ObReferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:79
FORCEINLINE PVOID ExGetObjectFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:566
FORCEINLINE BOOLEAN ExInsertFastReference(IN OUT PEX_FAST_REF FastRef, IN PVOID Object)
Definition: ex.h:632
_Inout_ __drv_aliasesMem PSLIST_ENTRY _Inout_ PSLIST_ENTRY _In_ ULONG Count
Definition: exfuncs.h:1015
uint32_t ULONG_PTR
Definition: typedefs.h:63
FORCEINLINE EX_FAST_REF ExAcquireFastReference(IN OUT PEX_FAST_REF FastRef)
Definition: ex.h:603
smooth NULL
Definition: ftsmooth.c:416
LONG FASTCALL ObDereferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:90
FORCEINLINE ULONG ExGetCountFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:574
static IUnknown Object
Definition: main.c:512
#define MAX_FAST_REFS
Definition: ex.h:128

Referenced by PsReferenceEffectiveToken(), and PsReferencePrimaryToken().

◆ ObFastReferenceObjectLocked()

PVOID FASTCALL ObFastReferenceObjectLocked ( IN PEX_FAST_REF  FastRef)

Definition at line 121 of file obref.c.

122 {
123  PVOID Object;
124  EX_FAST_REF OldValue = *FastRef;
125 
126  /* Get the object and reference it slowly */
127  Object = ExGetObjectFastReference(OldValue);
129  return Object;
130 }
FORCEINLINE PVOID ExGetObjectFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:566
static IUnknown Object
Definition: main.c:512
#define ObReferenceObject
Definition: obfuncs.h:204

Referenced by PsReferenceEffectiveToken(), and PsReferencePrimaryToken().

◆ ObFastReplaceObject()

PVOID FASTCALL ObFastReplaceObject ( IN PEX_FAST_REF  FastRef,
IN PVOID  Object 
)

◆ ObfDereferenceDeviceMap()

VOID FASTCALL ObfDereferenceDeviceMap ( IN PDEVICE_MAP  DeviceMap)

Definition at line 118 of file devicemap.c.

119 {
120  DPRINT("ObfDereferenceDeviceMap()\n");
121 
122  /* Acquire the device map lock */
124 
125  /* Decrement the reference counter */
126  DeviceMap->ReferenceCount--;
127  DPRINT("ReferenceCount: %lu\n", DeviceMap->ReferenceCount);
128 
129  /* Leave, if there are still references to this device map */
130  if (DeviceMap->ReferenceCount != 0)
131  {
132  /* Release the device map lock and leave */
134  return;
135  }
136 
137  /* Nobody is referencing it anymore, unlink the DOS directory */
138  DeviceMap->DosDevicesDirectory->DeviceMap = NULL;
139 
140  /* Release the devicemap lock */
142 
143  /* Dereference the DOS Devices Directory and free the Device Map */
144  ObDereferenceObject(DeviceMap->DosDevicesDirectory );
145  ExFreePoolWithTag(DeviceMap, 'mDbO');
146 }
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24

◆ ObFreeObjectCreateInfoBuffer()

VOID NTAPI ObFreeObjectCreateInfoBuffer ( IN POBJECT_CREATE_INFORMATION  ObjectCreateInfo)

Definition at line 604 of file oblife.c.

605 {
606  /* Call the macro. We use this function to isolate Ob internals from Io */
608 }
FORCEINLINE VOID ObpFreeCapturedAttributes(IN PVOID Buffer, IN PP_NPAGED_LOOKASIDE_NUMBER Type)
Definition: ob_x.h:348

Referenced by IoCreateStreamFileObjectLite().

◆ ObGetProcessHandleCount()

ULONG NTAPI ObGetProcessHandleCount ( IN PEPROCESS  Process)

Definition at line 59 of file obhandle.c.

60 {
61  ULONG HandleCount;
63 
64  ASSERT(Process);
65 
66  /* Ensure the handle table doesn't go away while we use it */
68 
69  if (HandleTable != NULL)
70  {
71  /* Count the number of handles the process has */
72  HandleCount = HandleTable->HandleCount;
73 
74  /* Let the handle table go */
76  }
77  else
78  {
79  /* No handle table, no handles */
80  HandleCount = 0;
81  }
82 
83  return HandleCount;
84 }
PHANDLE_TABLE NTAPI ObReferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:29
static XMS_HANDLE HandleTable[XMS_MAX_HANDLES]
Definition: himem.c:83
smooth NULL
Definition: ftsmooth.c:416
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
unsigned int ULONG
Definition: retypes.h:1
VOID NTAPI ObDereferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:51

Referenced by NtQueryInformationProcess(), and QSI_DEF().

◆ ObInheritDeviceMap()

VOID NTAPI ObInheritDeviceMap ( IN PEPROCESS  Parent,
IN PEPROCESS  Process 
)

Definition at line 151 of file devicemap.c.

153 {
154  PDEVICE_MAP DeviceMap;
155 
156  DPRINT("ObInheritDeviceMap()\n");
157 
158  /* Acquire the device map lock */
160 
161  /* Get the parent process device map or the system device map */
162  DeviceMap = (Parent != NULL) ? Parent->DeviceMap : ObSystemDeviceMap;
163  if (DeviceMap != NULL)
164  {
165  /* Reference the device map and attach it to the new process */
166  DeviceMap->ReferenceCount++;
167  DPRINT("ReferenceCount: %lu\n", DeviceMap->ReferenceCount);
168 
169  Process->DeviceMap = DeviceMap;
170  }
171 
172  /* Release the device map lock */
174 }
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn BOOLEAN Physical UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
Definition: acpixf.h:716
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
if(!(yy_init))
Definition: macro.lex.yy.c:714
PDEVICE_MAP ObSystemDeviceMap
Definition: obinit.c:46
ULONG ReferenceCount
Definition: obtypes.h:527
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24

Referenced by PspCreateProcess().

◆ ObInitializeFastReference()

VOID FASTCALL ObInitializeFastReference ( IN PEX_FAST_REF  FastRef,
IN PVOID  Object 
)

Definition at line 109 of file obref.c.

111 {
112  /* Check if we were given an object and reference it 7 times */
114 
115  /* Setup the fast reference */
117 }
LONG FASTCALL ObReferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:79
FORCEINLINE VOID ExInitializeFastReference(OUT PEX_FAST_REF FastRef, IN OPTIONAL PVOID Object)
Definition: ex.h:582
static IUnknown Object
Definition: main.c:512
#define MAX_FAST_REFS
Definition: ex.h:128

Referenced by PspInitializeProcessSecurity(), SeAssignPrimaryToken(), and SepInitializationPhase0().

◆ ObInitProcess()

NTSTATUS NTAPI ObInitProcess ( IN PEPROCESS Parent  OPTIONAL,
IN PEPROCESS  Process 
)

Definition at line 2087 of file obhandle.c.

2089 {
2090  PHANDLE_TABLE ParentTable, ObjectTable;
2091 
2092  /* Check for a parent */
2093  if (Parent)
2094  {
2095  /* Reference the parent's table */
2096  ParentTable = ObReferenceProcessHandleTable(Parent);
2097  if (!ParentTable) return STATUS_PROCESS_IS_TERMINATING;
2098 
2099  /* Duplicate it */
2100  ObjectTable = ExDupHandleTable(Process,
2101  ParentTable,
2103  OBJ_INHERIT);
2104  }
2105  else
2106  {
2107  /* Otherwise just create a new table */
2108  ParentTable = NULL;
2109  ObjectTable = ExCreateHandleTable(Process);
2110  }
2111 
2112  /* Make sure we have a table */
2113  if (ObjectTable)
2114  {
2115  /* Associate it */
2116  Process->ObjectTable = ObjectTable;
2117 
2118  /* Check for auditing */
2120  {
2121  /* FIXME: TODO */
2122  DPRINT1("Need auditing!\n");
2123  }
2124 
2125  /* Get rid of the old table now */
2126  if (ParentTable) ObDereferenceProcessHandleTable(Parent);
2127 
2128  /* We are done */
2129  return STATUS_SUCCESS;
2130  }
2131  else
2132  {
2133  /* Fail */
2134  Process->ObjectTable = NULL;
2135  if (ParentTable) ObDereferenceProcessHandleTable(Parent);
2137  }
2138 }
PHANDLE_TABLE NTAPI ObReferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:29
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn BOOLEAN Physical UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
Definition: acpixf.h:716
smooth NULL
Definition: ftsmooth.c:416
PHANDLE_TABLE NTAPI ExDupHandleTable(IN PEPROCESS Process, IN PHANDLE_TABLE HandleTable, IN PEX_DUPLICATE_HANDLE_CALLBACK DupHandleProcedure, IN ULONG_PTR Mask)
Definition: handle.c:1036
#define OBJ_INHERIT
Definition: winternl.h:225
#define STATUS_PROCESS_IS_TERMINATING
Definition: ntstatus.h:488
PHANDLE_TABLE NTAPI ExCreateHandleTable(IN PEPROCESS Process OPTIONAL)
Definition: handle.c:765
#define DPRINT1
Definition: precomp.h:8
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
BOOLEAN NTAPI ObpDuplicateHandleCallback(IN PEPROCESS Process, IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY OldEntry, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: obhandle.c:1957
BOOLEAN NTAPI SeDetailedAuditingWithToken(IN PTOKEN Token)
Definition: audit.c:25
return STATUS_SUCCESS
Definition: btrfs.c:2745
VOID NTAPI ObDereferenceProcessHandleTable(IN PEPROCESS Process)
Definition: obhandle.c:51

Referenced by PspCreateProcess().

◆ ObInitSystem()

INIT_FUNCTION BOOLEAN NTAPI ObInitSystem ( VOID  )

Definition at line 201 of file obinit.c.

202 {
205  OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
207  HANDLE Handle;
208  PKPRCB Prcb = KeGetCurrentPrcb();
209  PLIST_ENTRY ListHead, NextEntry;
211  POBJECT_HEADER_CREATOR_INFO CreatorInfo;
212  POBJECT_HEADER_NAME_INFO NameInfo;
213  PSECURITY_DESCRIPTOR KernelObjectsSD = NULL;
215 
216  /* Check if this is actually Phase 1 initialization */
217  if (ObpInitializationPhase != 0) goto ObPostPhase0;
218 
219  /* Initialize the OBJECT_CREATE_INFORMATION List */
221  NonPagedPool,
223  'ICbO',
224  32,
226 
227  /* Set the captured UNICODE_STRING Object Name List */
229  PagedPool,
230  248,
231  'MNbO',
232  16,
234 
235  /* Temporarily setup both pointers to the shared list */
240 
241  /* Initialize the security descriptor cache */
242  ObpInitSdCache();
243 
244  /* Initialize the Default Event */
246 
247  /* Initialize the Dos Device Map mutex */
249 
250  /* Setup default access for the system process */
251  PsGetCurrentProcess()->GrantedAccess = PROCESS_ALL_ACCESS;
252  PsGetCurrentThread()->GrantedAccess = THREAD_ALL_ACCESS;
253 
254  /* Setup the Object Reaper */
256 
257  /* Initialize default Quota block */
259 
260  /* Create kernel handle table */
261  PsGetCurrentProcess()->ObjectTable = ExCreateHandleTable(NULL);
262  ObpKernelHandleTable = PsGetCurrentProcess()->ObjectTable;
263 
264  /* Create the Type Type */
265  RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
266  RtlInitUnicodeString(&Name, L"Type");
267  ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
268  ObjectTypeInitializer.ValidAccessMask = OBJECT_TYPE_ALL_ACCESS;
269  ObjectTypeInitializer.UseDefaultObject = TRUE;
270  ObjectTypeInitializer.MaintainTypeList = TRUE;
271  ObjectTypeInitializer.PoolType = NonPagedPool;
272  ObjectTypeInitializer.GenericMapping = ObpTypeMapping;
273  ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(OBJECT_TYPE);
274  ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
275  ObjectTypeInitializer.DeleteProcedure = ObpDeleteObjectType;
276  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &ObpTypeObjectType);
277 
278  /* Create the Directory Type */
279  RtlInitUnicodeString(&Name, L"Directory");
280  ObjectTypeInitializer.PoolType = PagedPool;
281  ObjectTypeInitializer.ValidAccessMask = DIRECTORY_ALL_ACCESS;
282  ObjectTypeInitializer.CaseInsensitive = TRUE;
283  ObjectTypeInitializer.MaintainTypeList = FALSE;
284  ObjectTypeInitializer.GenericMapping = ObpDirectoryMapping;
285  ObjectTypeInitializer.DeleteProcedure = NULL;
286  ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(OBJECT_DIRECTORY);
287  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &ObpDirectoryObjectType);
288  ObpDirectoryObjectType->TypeInfo.ValidAccessMask &= ~SYNCHRONIZE;
289 
290  /* Create 'symbolic link' object type */
291  RtlInitUnicodeString(&Name, L"SymbolicLink");
292  ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(OBJECT_SYMBOLIC_LINK);
293  ObjectTypeInitializer.GenericMapping = ObpSymbolicLinkMapping;
294  ObjectTypeInitializer.ValidAccessMask = SYMBOLIC_LINK_ALL_ACCESS;
295  ObjectTypeInitializer.ParseProcedure = ObpParseSymbolicLink;
296  ObjectTypeInitializer.DeleteProcedure = ObpDeleteSymbolicLink;
297  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &ObpSymbolicLinkObjectType);
298  ObpSymbolicLinkObjectType->TypeInfo.ValidAccessMask &= ~SYNCHRONIZE;
299 
300  /* Phase 0 initialization complete */
302  return TRUE;
303 
304 ObPostPhase0:
305 
306  /* Re-initialize lookaside lists */
307  ObInit2();
308 
309  /* Initialize Object Types directory attributes */
310  RtlInitUnicodeString(&Name, L"\\");
312  &Name,
314  NULL,
316 
317  /* Create the directory */
321  if (!NT_SUCCESS(Status)) return FALSE;
322 
323  /* Get a handle to it */
325  0,
327  KernelMode,
329  NULL);
330  if (!NT_SUCCESS(Status)) return FALSE;
331 
332  /* Close the extra handle */
333  Status = NtClose(Handle);
334  if (!NT_SUCCESS(Status)) return FALSE;
335 
336  /* Create a custom security descriptor for the KernelObjects directory */
337  Status = ObpCreateKernelObjectsSD(&KernelObjectsSD);
338  if (!NT_SUCCESS(Status))
339  return FALSE;
340 
341  /* Initialize the KernelObjects directory attributes */
342  RtlInitUnicodeString(&Name, L"\\KernelObjects");
344  &Name,
346  NULL,
347  KernelObjectsSD);
348 
349  /* Create the directory */
353  ExFreePoolWithTag(KernelObjectsSD, TAG_SD);
354  if (!NT_SUCCESS(Status)) return FALSE;
355 
356  /* Close the extra handle */
357  Status = NtClose(Handle);
358  if (!NT_SUCCESS(Status)) return FALSE;
359 
360  /* Initialize ObjectTypes directory attributes */
361  RtlInitUnicodeString(&Name, L"\\ObjectTypes");
363  &Name,
365  NULL,
366  NULL);
367 
368  /* Create the directory */
372  if (!NT_SUCCESS(Status)) return FALSE;
373 
374  /* Get a handle to it */
376  0,
378  KernelMode,
380  NULL);
381  if (!NT_SUCCESS(Status)) return FALSE;
382 
383  /* Close the extra handle */
384  Status = NtClose(Handle);
385  if (!NT_SUCCESS(Status)) return FALSE;
386 
387  /* Initialize lookup context */
389 
390  /* Lock it */
392 
393  /* Loop the object types */
394  ListHead = &ObpTypeObjectType->TypeList;
395  NextEntry = ListHead->Flink;
396  while (ListHead != NextEntry)
397  {
398  /* Get the creator info from the list */
399  CreatorInfo = CONTAINING_RECORD(NextEntry,
401  TypeList);
402 
403  /* Recover the header and the name header from the creator info */
404  Header = (POBJECT_HEADER)(CreatorInfo + 1);
406 
407  /* Make sure we have a name, and aren't inserted yet */
408  if ((NameInfo) && !(NameInfo->Directory))
409  {
410  /* Do the initial lookup to setup the context */
412  &NameInfo->Name,
414  FALSE,
415  &Context))
416  {
417  /* Insert this object type */
419  &Context,
420  Header);
421  }
422  }
423 
424  /* Move to the next entry */
425  NextEntry = NextEntry->Flink;
426  }
427 
428  /* Cleanup after lookup */
430 
431  /* Initialize DOS Devices Directory and related Symbolic Links */
433  if (!NT_SUCCESS(Status)) return FALSE;
434  return TRUE;
435 }
VOID NTAPI ObpDeleteSymbolicLink(IN PVOID ObjectBody)
POBJECT_DIRECTORY Directory
Definition: obtypes.h:432
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1048
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
#define TRUE
Definition: types.h:120
#define PROCESS_ALL_ACCESS
Definition: nt_native.h:1324
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
WORK_QUEUE_ITEM ObpReaperWorkItem
Definition: oblife.c:28
static INIT_FUNCTION NTSTATUS NTAPI ObpCreateKernelObjectsSD(OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
Definition: obinit.c:63
LONG NTSTATUS
Definition: precomp.h:26
FORCEINLINE struct _KPRCB * KeGetCurrentPrcb(VOID)
Definition: ketypes.h:1062
UNICODE_STRING Name
Definition: obtypes.h:433
GENERIC_MAPPING ObpDirectoryMapping
Definition: obinit.c:27
INIT_FUNCTION NTSTATUS NTAPI ObpInitSdCache(VOID)
Definition: obsdcach.c:61
#define OBJ_OPENLINK
Definition: winternl.h:230
#define OBJECT_HEADER_TO_NAME_INFO(h)
Definition: obtypes.h:114
#define OBJ_PERMANENT
Definition: winternl.h:226
GENERAL_LOOKASIDE ObpCreateInfoLookasideList
Definition: oblife.c:26
ULONG ObpInitializationPhase
Definition: obinit.c:53
VOID NTAPI ObpDeleteObjectType(IN PVOID Object)
Definition: oblife.c:1329
static POBJECT_TYPE ObpDefaultObject
Definition: ObTypes.c:138
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
GENERIC_MAPPING ObpTypeMapping
Definition: obinit.c:19
POBJECT_DIRECTORY ObpRootDirectoryObject
Definition: obname.c:19
PP_LOOKASIDE_LIST PPLookasideList[16]
Definition: ketypes.h:624
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
struct _OBJECT_HEADER * POBJECT_HEADER
Definition: Header.h:8
GENERAL_LOOKASIDE ObpNameBufferLookasideList
Definition: oblife.c:26
struct NameRec_ * Name
Definition: cdprocs.h:464
#define PsGetCurrentProcess
Definition: psfuncs.h:17
VOID NTAPI ObpReapObject(IN PVOID Unused)
Definition: oblife.c:221
smooth NULL
Definition: ftsmooth.c:416
PHANDLE_TABLE ObpKernelHandleTable
Definition: obhandle.c:20
#define TAG_SD
Definition: tag.h:176
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
OBJECT_TYPE
Definition: ntobjenum.h:23
INIT_FUNCTION VOID NTAPI ExInitializeSystemLookasideList(IN PGENERAL_LOOKASIDE List, IN POOL_TYPE Type, IN ULONG Size, IN ULONG Tag, IN USHORT MaximumDepth, IN PLIST_ENTRY ListHead)
Definition: lookas.c:35
BOOLEAN NTAPI ObpInsertEntryDirectory(IN POBJECT_DIRECTORY Parent, IN POBP_LOOKUP_CONTEXT Context, IN POBJECT_HEADER ObjectHeader)
Definition: obdir.c:46
struct _LIST_ENTRY * Flink
Definition: typedefs.h:119
_In_ HANDLE Handle
Definition: extypes.h:390
#define ObpDirectoryObjectType
Definition: ObTypes.c:123
#define ExInitializeWorkItem(Item, Routine, Context)
Definition: exfuncs.h:265
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
FORCEINLINE VOID ObpAcquireDirectoryLockExclusive(IN POBJECT_DIRECTORY Directory, IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:190
OB_PARSE_METHOD ParseProcedure
Definition: obtypes.h:370
PHANDLE_TABLE NTAPI ExCreateHandleTable(IN PEPROCESS Process OPTIONAL)
Definition: handle.c:765
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:760
static const WCHAR L[]
Definition: oid.c:1250
PVOID NTAPI ObpLookupEntryDirectory(IN POBJECT_DIRECTORY Directory, IN PUNICODE_STRING Name, IN ULONG Attributes, IN UCHAR SearchShadow, IN POBP_LOOKUP_CONTEXT Context)
Definition: obdir.c:123
BOOLEAN INIT_FUNCTION NTAPI ObInit2(VOID)
Definition: obinit.c:134
Definition: typedefs.h:117
#define SYNCHRONIZE
Definition: nt_native.h:61
#define OBJECT_TYPE_ALL_ACCESS
Definition: nt_native.h:1248
Status
Definition: gdiplustypes.h:24
FORCEINLINE VOID ObpReleaseLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:255
NTSTATUS NTAPI NtCreateDirectoryObject(OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: obdir.c:731
#define ObpSymbolicLinkObjectType
Definition: ObTypes.c:124
VOID FASTCALL KeInitializeGuardedMutex(OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:31
FORCEINLINE VOID ObpInitializeLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:221
#define KeInitializeEvent(pEvt, foo, foo2)
Definition: env_spec_w32.h:477
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:759
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
NTSTATUS NTAPI ObpParseSymbolicLink(IN PVOID ParsedObject, IN PVOID ObjectType, IN OUT PACCESS_STATE AccessState, IN KPROCESSOR_MODE AccessMode, IN ULONG Attributes, IN OUT PUNICODE_STRING FullPath, IN OUT PUNICODE_STRING RemainingName, IN OUT PVOID Context OPTIONAL, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL, OUT PVOID *NextObject)
Definition: oblink.c:363
GENERIC_MAPPING ObpSymbolicLinkMapping
Definition: obinit.c:38
VOID NTAPI PsInitializeQuotaSystem(VOID)
Definition: quota.c:100
INIT_FUNCTION NTSTATUS NTAPI ObpCreateDosDevicesDirectory(VOID)
Definition: obname.c:133
static POBJECT_TYPE ObpTypeObjectType
Definition: ObTypes.c:122
struct tagContext Context
Definition: acpixf.h:1012
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24
LIST_ENTRY TypeList
Definition: obtypes.h:382
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
struct _OBJECT_SYMBOLIC_LINK OBJECT_SYMBOLIC_LINK
ULONG DefaultNonPagedPoolCharge
Definition: obtypes.h:365
LIST_ENTRY ExSystemLookasideListHead
Definition: lookas.c:25
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
Definition: sd.c:23
POBJECT_DIRECTORY ObpTypeDirectoryObject
Definition: obname.c:20
struct _OBJECT_DIRECTORY OBJECT_DIRECTORY

Referenced by ExpInitializeExecutive(), and Phase1InitializationDiscard().

◆ ObKillProcess()

VOID NTAPI ObKillProcess ( IN PEPROCESS  Process)

Definition at line 2157 of file obhandle.c.

2158 {
2161  BOOLEAN HardErrors;
2162  PAGED_CODE();
2163 
2164  /* Wait for process rundown and then complete it */
2165  ExWaitForRundownProtectionRelease(&Process->RundownProtect);
2166  ExRundownCompleted(&Process->RundownProtect);
2167 
2168  /* Get the object table */
2169  HandleTable = Process->ObjectTable;
2170  if (!HandleTable) return;
2171 
2172  /* Disable hard errors while we close handles */
2173  HardErrors = IoSetThreadHardErrorMode(FALSE);
2174 
2175  /* Enter a critical region */
2177 
2178  /* Fill out the context */
2179  Context.AccessMode = KernelMode;
2180  Context.HandleTable = HandleTable;
2181 
2182  /* Sweep the handle table to close all handles */
2185  &Context);
2186  ASSERT(HandleTable->HandleCount == 0);
2187 
2188  /* Leave the critical region */
2190 
2191  /* Re-enable hard errors */
2192  IoSetThreadHardErrorMode(HardErrors);
2193 
2194  /* Destroy the object table */
2195  Process->ObjectTable = NULL;
2197 }
NTKERNELAPI VOID FASTCALL ExRundownCompleted(_Out_ PEX_RUNDOWN_REF RunRef)
VOID NTAPI ExDestroyHandleTable(IN PHANDLE_TABLE HandleTable, IN PVOID DestroyHandleProcedure OPTIONAL)
Definition: handle.c:927
static XMS_HANDLE HandleTable[XMS_MAX_HANDLES]
Definition: himem.c:83
#define PAGED_CODE()
Definition: video.h:57
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
NTKERNELAPI VOID FASTCALL ExWaitForRundownProtectionRelease(_Inout_ PEX_RUNDOWN_REF RunRef)
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
BOOLEAN NTAPI IoSetThreadHardErrorMode(IN BOOLEAN HardErrorEnabled)
Definition: error.c:707
#define KeEnterCriticalRegion()
Definition: ke_x.h:83
#define KeLeaveCriticalRegion()
Definition: ke_x.h:114
VOID NTAPI ExSweepHandleTable(IN PHANDLE_TABLE HandleTable, IN PEX_SWEEP_HANDLE_CALLBACK EnumHandleProcedure, IN PVOID Context)
Definition: handle.c:1196
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
struct tagContext Context
Definition: acpixf.h:1012
BOOLEAN NTAPI ObpCloseHandleCallback(IN PHANDLE_TABLE_ENTRY HandleTableEntry, IN HANDLE Handle, IN PVOID Context)
Definition: obhandle.c:1921

Referenced by PspDeleteProcess(), and PspExitThread().

◆ ObpCaptureObjectCreateInformation()

NTSTATUS NTAPI ObpCaptureObjectCreateInformation ( IN POBJECT_ATTRIBUTES  ObjectAttributes,
IN KPROCESSOR_MODE  AccessMode,
IN KPROCESSOR_MODE  CreatorMode,
IN BOOLEAN  AllocateFromLookaside,
IN POBJECT_CREATE_INFORMATION  ObjectCreateInfo,
OUT PUNICODE_STRING  ObjectName 
)

Definition at line 456 of file oblife.c.

462 {
463  ULONG SdCharge, QuotaInfoSize;
466  PSECURITY_QUALITY_OF_SERVICE SecurityQos;
467  PUNICODE_STRING LocalObjectName = NULL;
468  PAGED_CODE();
469 
470  /* Zero out the Capture Data */
471  RtlZeroMemory(ObjectCreateInfo, sizeof(OBJECT_CREATE_INFORMATION));
472 
473  /* SEH everything here for protection */
474  _SEH2_TRY
475  {
476  /* Check if we got attributes */
477  if (ObjectAttributes)
478  {
479  /* Check if we're in user mode */
480  if (AccessMode != KernelMode)
481  {
482  /* Probe the attributes */
484  sizeof(OBJECT_ATTRIBUTES),
485  sizeof(ULONG));
486  }
487 
488  /* Validate the Size and Attributes */
489  if ((ObjectAttributes->Length != sizeof(OBJECT_ATTRIBUTES)) ||
491  {
492  /* Invalid combination, fail */
494  }
495 
496  /* Set some Create Info and do not allow user-mode kernel handles */
497  ObjectCreateInfo->RootDirectory = ObjectAttributes->RootDirectory;
498  ObjectCreateInfo->Attributes = ObjectAttributes->Attributes & OBJ_VALID_KERNEL_ATTRIBUTES;
499  if (CreatorMode != KernelMode) ObjectCreateInfo->Attributes &= ~OBJ_KERNEL_HANDLE;
500  LocalObjectName = ObjectAttributes->ObjectName;
501  SecurityDescriptor = ObjectAttributes->SecurityDescriptor;
502  SecurityQos = ObjectAttributes->SecurityQualityOfService;
503 
504  /* Check if we have a security descriptor */
505  if (SecurityDescriptor)
506  {
507  /* Capture it. Note: This has an implicit memory barrier due
508  to the function call, so cleanup is safe here.) */
510  AccessMode,
511  NonPagedPool,
512  TRUE,
513  &ObjectCreateInfo->
515  if (!NT_SUCCESS(Status))
516  {
517  /* Capture failed, quit */
518  ObjectCreateInfo->SecurityDescriptor = NULL;
519  _SEH2_YIELD(return Status);
520  }
521 
522  /*
523  * By default, assume a SD size of 1024 and allow twice its
524  * size.
525  * If SD size happen to be bigger than that, then allow it
526  */
527  SdCharge = 2048;
528  SeComputeQuotaInformationSize(ObjectCreateInfo->SecurityDescriptor,
529  &QuotaInfoSize);
530  if ((2 * QuotaInfoSize) > 2048)
531  {
532  SdCharge = 2 * QuotaInfoSize;
533  }
534 
535  /* Save the probe mode and security descriptor size */
536  ObjectCreateInfo->SecurityDescriptorCharge = SdCharge;
537  ObjectCreateInfo->ProbeMode = AccessMode;
538  }
539 
540  /* Check if we have QoS */
541  if (SecurityQos)
542  {
543  /* Check if we came from user mode */
544  if (AccessMode != KernelMode)
545  {
546  /* Validate the QoS */
547  ProbeForRead(SecurityQos,
549  sizeof(ULONG));
550  }
551 
552  /* Save Info */
553  ObjectCreateInfo->SecurityQualityOfService = *SecurityQos;
554  ObjectCreateInfo->SecurityQos =
555  &ObjectCreateInfo->SecurityQualityOfService;
556  }
557  }
558  else
559  {
560  /* We don't have a name */
561  LocalObjectName = NULL;
562  }
563  }
565  {
566  /* Cleanup and return the exception code */
567  ObpReleaseObjectCreateInformation(ObjectCreateInfo);
569  }
570  _SEH2_END;
571 
572  /* Now check if the Object Attributes had an Object Name */
573  if (LocalObjectName)
574  {
576  LocalObjectName,
577  AccessMode,
578  AllocateFromLookaside);
579  }
580  else
581  {
582  /* Clear the string */
583  RtlInitEmptyUnicodeString(ObjectName, NULL, 0);
584 
585  /* It cannot have specified a Root Directory */
586  if (ObjectCreateInfo->RootDirectory)
587  {
589  }
590  }
591 
592  /* Cleanup if we failed */
593  if (!NT_SUCCESS(Status))
594  {
595  ObpReleaseObjectCreateInformation(ObjectCreateInfo);
596  }
597 
598  /* Return status to caller */
599  return Status;
600 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define TRUE
Definition: types.h:120
NTSTATUS NTAPI SeComputeQuotaInformationSize(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PULONG QuotaInfoSize)
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
FORCEINLINE VOID ObpReleaseObjectCreateInformation(IN POBJECT_CREATE_INFORMATION ObjectCreateInfo)
Definition: ob_x.h:296
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
#define PAGED_CODE()
Definition: video.h:57
_SEH2_TRY
Definition: create.c:4250
NTSTATUS NTAPI ObpCaptureObjectName(IN OUT PUNICODE_STRING CapturedName, IN PUNICODE_STRING ObjectName, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN UseLookaside)
Definition: oblife.c:377
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
smooth NULL
Definition: ftsmooth.c:416
#define OBJ_VALID_KERNEL_ATTRIBUTES
Definition: obtypes.h:92
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Definition: gdiplustypes.h:24
_SEH2_END
Definition: create.c:4424
LONG NTAPI ExSystemExceptionFilter(VOID)
Definition: harderr.c:351
#define STATUS_OBJECT_NAME_INVALID
Definition: udferr_usr.h:148
unsigned int ULONG
Definition: retypes.h:1
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
NTSTATUS NTAPI SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor, IN KPROCESSOR_MODE CurrentMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
Definition: sd.c:434
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
return STATUS_SUCCESS
Definition: btrfs.c:2745
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231

Referenced by ObCreateObject(), and ObOpenObjectByName().

◆ ObpCaptureObjectName()

NTSTATUS NTAPI ObpCaptureObjectName ( IN PUNICODE_STRING  CapturedName,
IN PUNICODE_STRING  ObjectName,
IN KPROCESSOR_MODE  AccessMode,
IN BOOLEAN  AllocateFromLookaside 
)

Referenced by ObReferenceObjectByName().

◆ ObpCheckObjectReference()

BOOLEAN NTAPI ObpCheckObjectReference ( IN PVOID  Object,
IN OUT PACCESS_STATE  AccessState,
IN BOOLEAN  LockHeld,
IN KPROCESSOR_MODE  AccessMode,
OUT PNTSTATUS  AccessStatus 
)

Definition at line 340 of file obsecure.c.

345 {
346  POBJECT_HEADER ObjectHeader;
349  BOOLEAN SdAllocated;
350  BOOLEAN Result;
354  PAGED_CODE();
355 
356  /* Get the header and type */
357  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
358  ObjectType = ObjectHeader->Type;
359 
360  /* Get the security descriptor */
362  if (!NT_SUCCESS(Status))
363  {
364  /* We failed */
365  *AccessStatus = Status;
366  return FALSE;
367  }
368 
369  /* Lock the security context */
370  SeLockSubjectContext(&AccessState->SubjectSecurityContext);
371 
372  /* Now do the entire access check */
374  &AccessState->SubjectSecurityContext,
375  TRUE,
376  AccessState->RemainingDesiredAccess,
377  AccessState->PreviouslyGrantedAccess,
378  &Privileges,
379  &ObjectType->TypeInfo.GenericMapping,
380  AccessMode,
381  &GrantedAccess,
382  AccessStatus);
383  if (Result)
384  {
385  /* Update the access state */
386  AccessState->RemainingDesiredAccess &= ~GrantedAccess;
387  AccessState->PreviouslyGrantedAccess |= GrantedAccess;
388  }
389 
390  /* Check if we have an SD */
391  if (SecurityDescriptor)
392  {
393  /* Do audit alarm */
394 #if 0
395  SeObjectReferenceAuditAlarm(&AccessState->OperationID,
396  Object,
398  &AccessState->SubjectSecurityContext,
399  AccessState->RemainingDesiredAccess |
400  AccessState->PreviouslyGrantedAccess,
401  ((PAUX_ACCESS_DATA)(AccessState->AuxData))->
402  PrivilegeSet,
403  Result,
404  AccessMode);
405 #endif
406  }
407 
408  /* We're done, unlock the context and release security */
409  SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
411  return Result;
412 }
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
Definition: accesschk.c:340
ObjectType
Definition: metafile.c:80
#define TRUE
Definition: types.h:120
VOID NTAPI SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:336
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:314
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static IUnknown Object
Definition: main.c:512
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
Status
Definition: gdiplustypes.h:24
POBJECT_TYPE Type
Definition: obtypes.h:493
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by ObReferenceObjectByName().

◆ ObpCheckTraverseAccess()

BOOLEAN NTAPI ObpCheckTraverseAccess ( IN PVOID  Object,
IN ACCESS_MASK  TraverseAccess,
IN PACCESS_STATE AccessState  OPTIONAL,
IN BOOLEAN  LockHeld,
IN KPROCESSOR_MODE  AccessMode,
OUT PNTSTATUS  AccessStatus 
)

Definition at line 267 of file obsecure.c.

273 {
274  POBJECT_HEADER ObjectHeader;
277  BOOLEAN SdAllocated;
278  BOOLEAN Result;
282  PAGED_CODE();
283 
284  /* Get the header and type */
285  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
286  ObjectType = ObjectHeader->Type;
287 
288  /* Get the security descriptor */
290  if (!NT_SUCCESS(Status))
291  {
292  /* We failed */
293  *AccessStatus = Status;
294  return FALSE;
295  }
296 
297  /* First try to perform a fast traverse check
298  * If it fails, then the entire access check will
299  * have to be done.
300  */
302  AccessState,
304  AccessMode);
305  if (Result)
306  {
308  return TRUE;
309  }
310 
311  /* Lock the security context */
312  SeLockSubjectContext(&AccessState->SubjectSecurityContext);
313 
314  /* Now do the entire access check */
316  &AccessState->SubjectSecurityContext,
317  TRUE,
318  TraverseAccess,
319  0,
320  &Privileges,
321  &ObjectType->TypeInfo.GenericMapping,
322  AccessMode,
323  &GrantedAccess,
324  AccessStatus);
325  if (Privileges)
326  {
327  /* We got privileges, append them to the access state and free them */
330  }
331 
332  /* We're done, unlock the context and release security */
333  SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
335  return Result;
336 }
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
Definition: accesschk.c:340
ObjectType
Definition: metafile.c:80
#define TRUE
Definition: types.h:120
VOID NTAPI SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:336
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:314
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NTSTATUS NTAPI SeAppendPrivileges(IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
Definition: priv.c:407
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
#define FILE_WRITE_DATA
Definition: nt_native.h:631
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static IUnknown Object
Definition: main.c:512
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
BOOLEAN NTAPI SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PACCESS_STATE AccessState, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE AccessMode)
Definition: accesschk.c:460
Status
Definition: gdiplustypes.h:24
VOID NTAPI SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
Definition: priv.c:480
POBJECT_TYPE Type
Definition: obtypes.h:493
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by ObpLookupObjectName().

◆ ObpCreateDeviceMap()

NTSTATUS NTAPI ObpCreateDeviceMap ( IN HANDLE  DirectoryHandle)

Definition at line 20 of file devicemap.c.

21 {
22  POBJECT_DIRECTORY DirectoryObject = NULL;
23  PDEVICE_MAP DeviceMap = NULL;
25 
30  (PVOID*)&DirectoryObject,
31  NULL);
32  if (!NT_SUCCESS(Status))
33  {
34  DPRINT("ObReferenceObjectByHandle() failed (Status 0x%08lx)\n", Status);
35  return Status;
36  }
37 
38  /* Allocate and initialize a new device map */
40  sizeof(*DeviceMap),
41  'mDbO');
42  if (DeviceMap == NULL)
43  {
44  ObDereferenceObject(DirectoryObject);
46  }
47 
48  /* Initialize the device map */
49  RtlZeroMemory(DeviceMap, sizeof(*DeviceMap));
50  DeviceMap->ReferenceCount = 1;
51  DeviceMap->DosDevicesDirectory = DirectoryObject;
52 
53  /* Acquire the device map lock */
55 
56  /* Attach the device map to the directory object */
57  DirectoryObject->DeviceMap = DeviceMap;
58 
59  /* Attach the device map to the process */
60  ObSystemDeviceMap = DeviceMap;
61  PsGetCurrentProcess()->DeviceMap = DeviceMap;
62 
63  /* Release the device map lock */
65 
66  return STATUS_SUCCESS;
67 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
#define KeGetPreviousMode()
Definition: ketypes.h:1081
LONG NTSTATUS
Definition: precomp.h:26
static HANDLE DirectoryHandle
Definition: ObType.c:48
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
#define PsGetCurrentProcess
Definition: psfuncs.h:17
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
#define DIRECTORY_TRAVERSE
Definition: nt_native.h:1255
#define ObpDirectoryObjectType
Definition: ObTypes.c:123
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PDEVICE_MAP ObSystemDeviceMap
Definition: obinit.c:46
Status
Definition: gdiplustypes.h:24
struct _DEVICE_MAP * DeviceMap
Definition: obtypes.h:418
ULONG ReferenceCount
Definition: obtypes.h:527
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
POBJECT_DIRECTORY DosDevicesDirectory
Definition: obtypes.h:525
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24
return STATUS_SUCCESS
Definition: btrfs.c:2745

Referenced by ObpCreateDosDevicesDirectory().

◆ ObpCreateDosDevicesDirectory()

INIT_FUNCTION NTSTATUS NTAPI ObpCreateDosDevicesDirectory ( VOID  )

Definition at line 133 of file obname.c.

134 {
136  UNICODE_STRING RootName, TargetName, LinkName;
137  HANDLE Handle, SymHandle;
138  PSECURITY_DESCRIPTOR DosDevicesSD = NULL;
140 
141  /* Create a custom security descriptor for the global DosDevices directory */
142  Status = ObpCreateGlobalDosDevicesSD(&DosDevicesSD);
143  if (!NT_SUCCESS(Status))
144  return Status;
145 
146  /* Create the global DosDevices directory \?? */
147  RtlInitUnicodeString(&RootName, L"\\GLOBAL??");
149  &RootName,
151  NULL,
152  DosDevicesSD);
156  ExFreePoolWithTag(DosDevicesSD, TAG_SD);
157  if (!NT_SUCCESS(Status)) return Status;
158 
159  /* Create the system device map */
161  if (!NT_SUCCESS(Status))
162  return Status;
163 
164  /*********************************************\
165  |*** HACK until we support device mappings ***|
166  |*** Add a symlink \??\ <--> \GLOBAL??\ ***|
167  \*********************************************/
168  RtlInitUnicodeString(&LinkName, L"\\??");
170  &LinkName,
172  NULL,
173  NULL);
174  Status = NtCreateSymbolicLinkObject(&SymHandle,
177  &RootName);
178  if (NT_SUCCESS(Status)) NtClose(SymHandle);
179  /*********************************************\
180  \*********************************************/
181 
182  // FIXME: Create a device mapping for the global \?? directory
183 
184  /*
185  * Initialize the \??\GLOBALROOT symbolic link
186  * pointing to the root directory \ .
187  */
188  RtlInitUnicodeString(&LinkName, L"GLOBALROOT");
191  &LinkName,
193  Handle,
194  NULL);
195  Status = NtCreateSymbolicLinkObject(&SymHandle,
198  &TargetName);
199  if (NT_SUCCESS(Status)) NtClose(SymHandle);
200 
201  /*
202  * Initialize the \??\Global symbolic link pointing to the global
203  * DosDevices directory \?? . It is used to access the global \??
204  * by user-mode components which, by default, use a per-session
205  * DosDevices directory.
206  */
207  RtlInitUnicodeString(&LinkName, L"Global");
209  &LinkName,
211  Handle,
212  NULL);
213  Status = NtCreateSymbolicLinkObject(&SymHandle,
216  &RootName);
217  if (NT_SUCCESS(Status)) NtClose(SymHandle);
218 
219  /* Close the directory handle */
220  NtClose(Handle);
221  if (!NT_SUCCESS(Status)) return Status;
222 
223  /*
224  * Initialize the \DosDevices symbolic link pointing to the global
225  * DosDevices directory \?? , for backward compatibility with
226  * Windows NT-2000 systems.
227  */
228  RtlCreateUnicodeString(&LinkName, L"\\DosDevices");
231  &LinkName,
233  NULL,
234  NULL);
235  Status = NtCreateSymbolicLinkObject(&SymHandle,
238  &RootName);
239  if (NT_SUCCESS(Status)) NtClose(SymHandle);
240 
241  /* Return status */
242  return Status;
243 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
const uint16_t * PCWSTR
Definition: typedefs.h:55
LONG NTSTATUS
Definition: precomp.h:26
#define OBJ_PERMANENT
Definition: winternl.h:226
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
INIT_FUNCTION NTSTATUS NTAPI ObpCreateGlobalDosDevicesSD(OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
Definition: obname.c:40
smooth NULL
Definition: ftsmooth.c:416
NTSTATUS NTAPI ObpCreateDeviceMap(IN HANDLE DirectoryHandle)
Definition: devicemap.c:20
#define TAG_SD
Definition: tag.h:176
_In_ HANDLE Handle
Definition: extypes.h:390
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ALIGNEDNAME ObpDosDevicesShortNameRoot
Definition: obname.c:24
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
static const WCHAR L[]
Definition: oid.c:1250
WCHAR TargetName[256]
Definition: arping.c:27
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI NtCreateDirectoryObject(OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: obdir.c:731
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by ObInitSystem().

◆ ObpCreateSymbolicLinkName()

VOID NTAPI ObpCreateSymbolicLinkName ( IN POBJECT_SYMBOLIC_LINK  SymbolicLink)

Definition at line 184 of file oblink.c.

185 {
186  POBJECT_HEADER ObjectHeader;
187  POBJECT_HEADER_NAME_INFO ObjectNameInfo;
188  PVOID Object = NULL;
190  UNICODE_STRING TargetPath;
193  ULONG ReparseCnt;
194  const ULONG MaxReparseAttempts = 20;
196 
197  /* FIXME: Need to support Device maps */
198 
199  /* Get header data */
200  ObjectHeader = OBJECT_TO_OBJECT_HEADER(SymbolicLink);
201  ObjectNameInfo = ObpReferenceNameInfo(ObjectHeader);
202 
203  /* Check if we are not actually in a directory with a device map */
204  if (!(ObjectNameInfo) ||
205  !(ObjectNameInfo->Directory) /*||
206  !(ObjectNameInfo->Directory->DeviceMap)*/)
207  {
208  ObpDereferenceNameInfo(ObjectNameInfo);
209  return;
210  }
211 
212  /* Check if it's a DOS drive letter, and set the drive index accordingly */
213  if (ObjectNameInfo->Name.Length == 2 * sizeof(WCHAR) &&
214  ObjectNameInfo->Name.Buffer[1] == L':' &&
215  ( (ObjectNameInfo->Name.Buffer[0] >= L'A' &&
216  ObjectNameInfo->Name.Buffer[0] <= L'Z') ||
217  (ObjectNameInfo->Name.Buffer[0] >= L'a' &&
218  ObjectNameInfo->Name.Buffer[0] <= L'z') ))
219  {
220  SymbolicLink->DosDeviceDriveIndex =
221  RtlUpcaseUnicodeChar(ObjectNameInfo->Name.Buffer[0]) - L'A';
222  /* The Drive index start from 1 */
223  SymbolicLink->DosDeviceDriveIndex++;
224 
225  /* Initialize lookup context */
227 
228  /* Start the search from the root */
230  TargetPath = SymbolicLink->LinkTarget;
231 
232  /*
233  * Locate the IoDeviceObject if any this symbolic link points to.
234  * To prevent endless reparsing, setting an upper limit on the
235  * number of reparses.
236  */
238  ReparseCnt = 0;
239  while (Status == STATUS_REPARSE_OBJECT &&
240  ReparseCnt < MaxReparseAttempts)
241  {
242  Status =
244  &Directory,
245  &TargetPath,
246  &Context,
247  &Object);
249  ReparseCnt++;
250  }
251 
252  /* Cleanup lookup context */
254 
255  /* Error, or max resparse attemtps exceeded */
256  if (! NT_SUCCESS(Status) || ReparseCnt >= MaxReparseAttempts)
257  {
258  /* Cleanup */
259  ObpDereferenceNameInfo(ObjectNameInfo);
260  return;
261  }
262 
263  if (Object)
264  {
265  /* Calculate the drive type */
266  switch(((PDEVICE_OBJECT)Object)->DeviceType)
267  {
270  break;
271  case FILE_DEVICE_CD_ROM:
274  break;
275  case FILE_DEVICE_DISK:
278  if (((PDEVICE_OBJECT)Object)->Characteristics & FILE_REMOVABLE_MEDIA)
280  else
282  break;
283  case FILE_DEVICE_NETWORK:
286  break;
287  default:
288  DPRINT1("Device Type %lu for %wZ is not known or unhandled\n",
290  &SymbolicLink->LinkTarget);
292  }
293  }
294 
295  /* Add a new drive entry */
297  ObSystemDeviceMap->DriveType[SymbolicLink->DosDeviceDriveIndex-1] =
298  (UCHAR)DriveType;
300  1 << (SymbolicLink->DosDeviceDriveIndex-1);
302  }
303 
304  /* Cleanup */
305  ObpDereferenceNameInfo(ObjectNameInfo);
306 }
POBJECT_DIRECTORY Directory
Definition: obtypes.h:432
#define FILE_DEVICE_DISK
Definition: winioctl.h:112
#define DOSDEVICE_DRIVE_REMOTE
Definition: obtypes.h:167
#define FILE_DEVICE_NETWORK
Definition: winioctl.h:123
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
#define DOSDEVICE_DRIVE_RAMDISK
Definition: obtypes.h:169
DeviceType
Definition: mmdrv.h:41
#define FILE_DEVICE_FILE_SYSTEM
Definition: winioctl.h:114
LONG NTSTATUS
Definition: precomp.h:26
#define DOSDEVICE_DRIVE_CDROM
Definition: obtypes.h:168
UNICODE_STRING Name
Definition: obtypes.h:433
UINT DriveType
#define FILE_DEVICE_VIRTUAL_DISK
Definition: winioctl.h:141
NTSYSAPI WCHAR NTAPI RtlUpcaseUnicodeChar(WCHAR Source)
POBJECT_DIRECTORY ObpRootDirectoryObject
Definition: obname.c:19
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
#define FILE_DEVICE_CD_ROM
Definition: winioctl.h:107
ULONG DriveMap
Definition: obtypes.h:528
#define DOSDEVICE_DRIVE_REMOVABLE
Definition: obtypes.h:165
#define FILE_REMOVABLE_MEDIA
Definition: nt_native.h:807
#define STATUS_REPARSE_OBJECT
Definition: ntstatus.h:102
#define DOSDEVICE_DRIVE_CALCULATE
Definition: obtypes.h:164
#define DOSDEVICE_DRIVE_UNKNOWN
Definition: obtypes.h:163
smooth NULL
Definition: ftsmooth.c:416
#define FILE_DEVICE_DISK_FILE_SYSTEM
Definition: winioctl.h:113
#define DOSDEVICE_DRIVE_FIXED
Definition: obtypes.h:166
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
FORCEINLINE POBJECT_HEADER_NAME_INFO ObpReferenceNameInfo(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:102
UCHAR DriveType[32]
Definition: obtypes.h:529
static IUnknown Object
Definition: main.c:512
unsigned char UCHAR
Definition: xmlstorage.h:181
static const WCHAR L[]
Definition: oid.c:1250
PDEVICE_MAP ObSystemDeviceMap
Definition: obinit.c:46
Status
Definition: gdiplustypes.h:24
FORCEINLINE VOID ObpReleaseLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:255
FORCEINLINE VOID ObpInitializeLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:221
#define FILE_DEVICE_NETWORK_FILE_SYSTEM
Definition: winioctl.h:125
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define DPRINT1
Definition: precomp.h:8
#define FILE_DEVICE_CD_ROM_FILE_SYSTEM
Definition: winioctl.h:108
struct tagContext Context
Definition: acpixf.h:1012
unsigned int ULONG
Definition: retypes.h:1
base for all directory entries
Definition: entries.h:138
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24
_In_ BOOLEAN _In_ USHORT Directory
Definition: rtlfuncs.h:3718
FORCEINLINE VOID ObpDereferenceNameInfo(IN POBJECT_HEADER_NAME_INFO HeaderNameInfo)
Definition: ob_x.h:143
static const WCHAR SymbolicLink[]
Definition: interface.c:31

Referenced by ObInsertObject().

◆ ObpDeleteEntryDirectory()

BOOLEAN NTAPI ObpDeleteEntryDirectory ( IN POBP_LOOKUP_CONTEXT  Context)

Referenced by ObpDeleteNameCheck().

◆ ObpDeleteNameCheck()

VOID NTAPI ObpDeleteNameCheck ( IN PVOID  Object)

Definition at line 264 of file obname.c.

265 {
266  POBJECT_HEADER ObjectHeader;
268  POBJECT_HEADER_NAME_INFO ObjectNameInfo;
270  PVOID Directory = NULL;
271 
272  /* Get object structures */
273  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
274  ObjectNameInfo = ObpReferenceNameInfo(ObjectHeader);
275  ObjectType = ObjectHeader->Type;
276 
277  /*
278  * Check if the handle count is 0, if the object is named,
279  * and if the object isn't a permanent object.
280  */
281  if (!(ObjectHeader->HandleCount) &&
282  (ObjectNameInfo) &&
283  (ObjectNameInfo->Name.Length) &&
284  (ObjectNameInfo->Directory) &&
285  !(ObjectHeader->Flags & OB_FLAG_PERMANENT))
286  {
287  /* Setup a lookup context */
289 
290  /* Lock the directory */
292 
293  /* Do the lookup */
294  Object = ObpLookupEntryDirectory(ObjectNameInfo->Directory,
295  &ObjectNameInfo->Name,
296  0,
297  FALSE,
298  &Context);
299  if (Object)
300  {
301  /* Lock the object */
302  ObpAcquireObjectLock(ObjectHeader);
303 
304  /* Make sure we can still delete the object */
305  if (!(ObjectHeader->HandleCount) &&
306  !(ObjectHeader->Flags & OB_FLAG_PERMANENT))
307  {
308  /* First delete it from the directory */
310 
311  /* Check if this is a symbolic link */
313  {
314  /* Remove internal name */
316  }
317 
318  /* Check if the kernel exclusive is set */
319  ObjectNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
320  if ((ObjectNameInfo) &&
321  (ObjectNameInfo->QueryReferences & OB_FLAG_KERNEL_EXCLUSIVE))
322  {
323  /* Remove protection flag */
324  InterlockedExchangeAdd((PLONG)&ObjectNameInfo->QueryReferences,
326  }
327 
328  /* Get the directory */
329  Directory = ObjectNameInfo->Directory;
330  }
331 
332  /* Release the lock */
333  ObpReleaseObjectLock(ObjectHeader);
334  }
335 
336  /* Cleanup after lookup */
338 
339  /* Remove another query reference since we added one on top */
340  ObpDereferenceNameInfo(ObjectNameInfo);
341 
342  /* Check if we were inserted in a directory */
343  if (Directory)
344  {
345  /* We were, so first remove the extra reference we had added */
346  ObpDereferenceNameInfo(ObjectNameInfo);
347 
348  /* Now dereference the object as well */
350  }
351  }
352  else
353  {
354  /* Remove the reference we added */
355  ObpDereferenceNameInfo(ObjectNameInfo);
356  }
357 }
POBJECT_DIRECTORY Directory
Definition: obtypes.h:432
ObjectType
Definition: metafile.c:80
FORCEINLINE VOID ObpAcquireObjectLock(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:48
LONG_PTR HandleCount
Definition: obtypes.h:490
FORCEINLINE VOID ObpReleaseObjectLock(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:84
UNICODE_STRING Name
Definition: obtypes.h:433
#define OBJECT_HEADER_TO_NAME_INFO(h)
Definition: obtypes.h:114
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
#define OB_FLAG_PERMANENT
Definition: obtypes.h:101
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
smooth NULL
Definition: ftsmooth.c:416
UCHAR Flags
Definition: obtypes.h:497
#define InterlockedExchangeAdd
Definition: interlocked.h:181
FORCEINLINE POBJECT_HEADER_NAME_INFO ObpReferenceNameInfo(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:102
FORCEINLINE VOID ObpAcquireDirectoryLockExclusive(IN POBJECT_DIRECTORY Directory, IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:190
static IUnknown Object
Definition: main.c:512
PVOID NTAPI ObpLookupEntryDirectory(IN POBJECT_DIRECTORY Directory, IN PUNICODE_STRING Name, IN ULONG Attributes, IN UCHAR SearchShadow, IN POBP_LOOKUP_CONTEXT Context)
Definition: obdir.c:123
FORCEINLINE VOID ObpReleaseLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:255
VOID NTAPI ObpDeleteSymbolicLinkName(IN POBJECT_SYMBOLIC_LINK SymbolicLink)
Definition: oblink.c:24
#define ObpSymbolicLinkObjectType
Definition: ObTypes.c:124
FORCEINLINE VOID ObpInitializeLookupContext(IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:221
struct tagContext Context
Definition: acpixf.h:1012
base for all directory entries
Definition: entries.h:138
POBJECT_TYPE Type
Definition: obtypes.h:493
signed int * PLONG
Definition: retypes.h:5
FORCEINLINE VOID ObpDereferenceNameInfo(IN POBJECT_HEADER_NAME_INFO HeaderNameInfo)
Definition: ob_x.h:143
#define OB_FLAG_KERNEL_EXCLUSIVE
Definition: obtypes.h:109
BOOLEAN NTAPI ObpDeleteEntryDirectory(IN POBP_LOOKUP_CONTEXT Context)

Referenced by ObInsertObject(), ObpDecrementHandleCount(), and ObpSetPermanentObject().

◆ ObpDeleteObject()

VOID NTAPI ObpDeleteObject ( IN PVOID  Object,
IN BOOLEAN  CalledFromWorkerThread 
)

Definition at line 148 of file oblife.c.

150 {
153  POBJECT_HEADER_NAME_INFO NameInfo;
154  POBJECT_HEADER_CREATOR_INFO CreatorInfo;
155  KIRQL CalloutIrql;
156  PAGED_CODE();
157 
158  /* Get the header and type */
160  ObjectType = Header->Type;
161 
162  /* Get creator and name information */
164  CreatorInfo = OBJECT_HEADER_TO_CREATOR_INFO(Header);
165 
166  /* Check if the object is on a type list */
167  if ((CreatorInfo) && !(IsListEmpty(&CreatorInfo->TypeList)))
168  {
169  /* Lock the object type */
171 
172  /* Remove the object from the type list */
173  RemoveEntryList(&CreatorInfo->TypeList);
174 
175  /* Release the lock */
177  }
178 
179  /* Check if we have a name */
180  if ((NameInfo) && (NameInfo->Name.Buffer))
181  {
182  /* Free it */
183  ExFreePool(NameInfo->Name.Buffer);
184  RtlInitEmptyUnicodeString(&NameInfo->Name, NULL, 0);
185  }
186 
187  /* Check if we have a security descriptor */
188  if (Header->SecurityDescriptor)
189  {
190  /* Call the security procedure to delete it */
191  ObpCalloutStart(&CalloutIrql);
192  ObjectType->TypeInfo.SecurityProcedure(Object,
193  DeleteSecurityDescriptor,
194  0,
195  NULL,
196  NULL,
197  &Header->SecurityDescriptor,
198  0,
199  NULL);
200  ObpCalloutEnd(CalloutIrql, "Security", ObjectType, Object);
201  }
202 
203  /* Check if we have a delete procedure */
204  if (ObjectType->TypeInfo.DeleteProcedure)
205  {
206  /* Save whether we were deleted from worker thread or not */
207  if (!CalledFromWorkerThread) Header->Flags |= OB_FLAG_DEFER_DELETE;
208 
209  /* Call it */
210  ObpCalloutStart(&CalloutIrql);
211  ObjectType->TypeInfo.DeleteProcedure(Object);
212  ObpCalloutEnd(CalloutIrql, "Delete", ObjectType, Object);
213  }
214 
215  /* Now de-allocate all object members */
217 }
ObjectType
Definition: metafile.c:80
UNICODE_STRING Name
Definition: obtypes.h:433
#define OBJECT_HEADER_TO_NAME_INFO(h)
Definition: obtypes.h:114
_Must_inspect_result_ FORCEINLINE BOOLEAN IsListEmpty(_In_ const LIST_ENTRY *ListHead)
Definition: rtlfuncs.h:57
#define PAGED_CODE()
Definition: video.h:57
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
UCHAR KIRQL
Definition: env_spec_w32.h:591
Definition: Header.h:8
FORCEINLINE VOID ObpCalloutStart(IN PKIRQL CalloutIrql)
Definition: ob_x.h:429
smooth NULL
Definition: ftsmooth.c:416
FORCEINLINE VOID ObpEnterObjectTypeMutex(IN POBJECT_TYPE ObjectType)
Definition: ob_x.h:272
static IUnknown Object
Definition: main.c:512
FORCEINLINE VOID ObpLeaveObjectTypeMutex(IN POBJECT_TYPE ObjectType)
Definition: ob_x.h:284
FORCEINLINE VOID ObpCalloutEnd(IN KIRQL CalloutIrql, IN PCHAR Procedure, IN POBJECT_TYPE ObjectType, IN PVOID Object)
Definition: ob_x.h:437
VOID FASTCALL ObpDeallocateObject(IN PVOID Object)
Definition: oblife.c:39
#define OB_FLAG_DEFER_DELETE
Definition: obtypes.h:104
#define OBJECT_HEADER_TO_CREATOR_INFO(h)
Definition: obtypes.h:126
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

Referenced by ObfDereferenceObject(), and ObpReapObject().

◆ ObpDeleteObjectType()

VOID NTAPI ObpDeleteObjectType ( IN PVOID  Object)

Definition at line 1329 of file oblife.c.

1330 {
1331  ULONG i;
1333 
1334  /* Loop our locks */
1335  for (i = 0; i < 4; i++)
1336  {
1337  /* Delete each one */
1338  ExDeleteResourceLite(&ObjectType->ObjectLocks[i]);
1339  }
1340 
1341  /* Delete our main mutex */
1343 }
ObjectType
Definition: metafile.c:80
NTSTATUS NTAPI ExDeleteResourceLite(IN PERESOURCE Resource)
Definition: resource.c:1456
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
void * PVOID
Definition: retypes.h:9
static IUnknown Object
Definition: main.c:512
unsigned int ULONG
Definition: retypes.h:1

Referenced by ObInitSystem().

◆ ObpDeleteSymbolicLink()

VOID NTAPI ObpDeleteSymbolicLink ( IN PVOID  ObjectBody)

Referenced by ObInitSystem().

◆ ObpDeleteSymbolicLinkName()

VOID NTAPI ObpDeleteSymbolicLinkName ( IN POBJECT_SYMBOLIC_LINK  SymbolicLink)

Definition at line 24 of file oblink.c.

25 {
26  POBJECT_HEADER ObjectHeader;
27  POBJECT_HEADER_NAME_INFO ObjectNameInfo;
28 
29  /* FIXME: Need to support Device maps */
30 
31  /* Get header data */
32  ObjectHeader = OBJECT_TO_OBJECT_HEADER(SymbolicLink);
33  ObjectNameInfo = ObpReferenceNameInfo(ObjectHeader);
34 
35  /* Check if we are not actually in a directory with a device map */
36  if (!(ObjectNameInfo) ||
37  !(ObjectNameInfo->Directory) /*||
38  !(ObjectNameInfo->Directory->DeviceMap)*/)
39  {
40  ObpDereferenceNameInfo(ObjectNameInfo);
41  return;
42  }
43 
44  /* Check if it's a DOS drive letter, and remove the entry from drive map if needed */
45  if (SymbolicLink->DosDeviceDriveIndex != 0 &&
46  ObjectNameInfo->Name.Length == 2 * sizeof(WCHAR) &&
47  ObjectNameInfo->Name.Buffer[1] == L':' &&
48  ( (ObjectNameInfo->Name.Buffer[0] >= L'A' &&
49  ObjectNameInfo->Name.Buffer[0] <= L'Z') ||
50  (ObjectNameInfo->Name.Buffer[0] >= L'a' &&
51  ObjectNameInfo->Name.Buffer[0] <= L'z') ))
52  {
53  /* Remove the drive entry */
55  ObSystemDeviceMap->DriveType[SymbolicLink->DosDeviceDriveIndex-1] =
58  ~(1 << (SymbolicLink->DosDeviceDriveIndex-1));
60 
61  /* Reset the drive index, valid drive index starts from 1 */
62  SymbolicLink->DosDeviceDriveIndex = 0;
63  }
64 
65  ObpDereferenceNameInfo(ObjectNameInfo);
66 }
POBJECT_DIRECTORY Directory
Definition: obtypes.h:432
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
UNICODE_STRING Name
Definition: obtypes.h:433
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
ULONG DriveMap
Definition: obtypes.h:528
#define DOSDEVICE_DRIVE_UNKNOWN
Definition: obtypes.h:163
__wchar_t WCHAR
Definition: xmlstorage.h:180
FORCEINLINE POBJECT_HEADER_NAME_INFO ObpReferenceNameInfo(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:102
UCHAR DriveType[32]
Definition: obtypes.h:529
static const WCHAR L[]
Definition: oid.c:1250
PDEVICE_MAP ObSystemDeviceMap
Definition: obinit.c:46
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
KGUARDED_MUTEX ObpDeviceMapLock
Definition: oblife.c:24
FORCEINLINE VOID ObpDereferenceNameInfo(IN POBJECT_HEADER_NAME_INFO HeaderNameInfo)
Definition: ob_x.h:143
static const WCHAR SymbolicLink[]
Definition: interface.c:31

Referenced by ObpDeleteNameCheck().

◆ ObpFreeObjectNameBuffer()

VOID NTAPI ObpFreeObjectNameBuffer ( IN PUNICODE_STRING  Name)

Definition at line 347 of file oblife.c.

348 {
349  PVOID Buffer = Name->Buffer;
350 
351  /* We know this is a pool-allocation if the size doesn't match */
352  if (Name->MaximumLength != OBP_NAME_LOOKASIDE_MAX_SIZE)
353  {
354  /*
355  * Free it from the pool.
356  *
357  * We cannot use here ExFreePoolWithTag(..., OB_NAME_TAG); , because
358  * the object name may have been massaged during operation by different
359  * object parse routines. If the latter ones have to resolve a symbolic
360  * link (e.g. as is done by CmpParseKey() and CmpGetSymbolicLink()),
361  * the original object name is freed and re-allocated from the pool,
362  * possibly with a different pool tag. At the end of the day, the new
363  * object name can be reallocated and completely different, but we
364  * should still be able to free it!
365  */
367  }
368  else
369  {
370  /* Otherwise, free from the lookaside */
372  }
373 }
FORCEINLINE VOID ObpFreeCapturedAttributes(IN PVOID Buffer, IN PP_NPAGED_LOOKASIDE_NUMBER Type)
Definition: ob_x.h:348
Definition: bufpool.h:45
#define OBP_NAME_LOOKASIDE_MAX_SIZE
Definition: ob_x.h:18
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

Referenced by ObCreateObject(), ObOpenObjectByName(), ObpCaptureObjectName(), and ObReferenceObjectByName().

◆ ObpInitSdCache()

INIT_FUNCTION NTSTATUS NTAPI ObpInitSdCache ( VOID  )

Definition at line 61 of file obsdcach.c.

62 {
63  ULONG i;
64 
65  /* Loop each cache entry */
66  for (i = 0; i < SD_CACHE_ENTRIES; i++)
67  {
68  /* Initialize the lock and the list */
71  }
72 
73  /* Return success */
74  return STATUS_SUCCESS;
75 }
OB_SD_CACHE_LIST ObsSecurityDescriptorCache[SD_CACHE_ENTRIES]
Definition: obsdcach.c:18
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define SD_CACHE_ENTRIES
Definition: obsdcach.c:17
#define ExInitializePushLock
Definition: ex.h:999
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2745

Referenced by ObInitSystem().

◆ ObpInsertEntryDirectory()

BOOLEAN NTAPI ObpInsertEntryDirectory ( IN POBJECT_DIRECTORY  Parent,
IN POBP_LOOKUP_CONTEXT  Context,
IN POBJECT_HEADER  ObjectHeader 
)

Definition at line 46 of file obdir.c.

49 {
50  POBJECT_DIRECTORY_ENTRY *AllocatedEntry;
51  POBJECT_DIRECTORY_ENTRY NewEntry;
52  POBJECT_HEADER_NAME_INFO HeaderNameInfo;
53 
54  /* Make sure we have a name */
55  ASSERT(ObjectHeader->NameInfoOffset != 0);
56 
57  /* Validate the context */
58  if ((Context->Object) ||
59  !(Context->DirectoryLocked) ||
60  (Parent != Context->Directory))
61  {
62  /* Invalid context */
63  DPRINT1("OB: ObpInsertEntryDirectory - invalid context %p %u\n",
64  Context, Context->DirectoryLocked);
65  ASSERT(FALSE);
66  return FALSE;
67  }
68 
69  /* Allocate a new Directory Entry */
71  sizeof(OBJECT_DIRECTORY_ENTRY),
72  OB_DIR_TAG);
73  if (!NewEntry) return FALSE;
74 
75  /* Save the hash */
76  NewEntry->HashValue = Context->HashValue;
77 
78  /* Get the Object Name Information */
79  HeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
80 
81  /* Get the Allocated entry */
82  AllocatedEntry = &Parent->HashBuckets[Context->HashIndex];
83 
84  /* Set it */
85  NewEntry->ChainLink = *AllocatedEntry;
86  *AllocatedEntry = NewEntry;
87 
88  /* Associate the Object */
89  NewEntry->Object = &ObjectHeader->Body;
90 
91  /* Associate the Directory */
92  HeaderNameInfo->Directory = Parent;
93  return TRUE;
94 }
POBJECT_DIRECTORY Directory
Definition: obtypes.h:432
#define TRUE
Definition: types.h:120
#define OBJECT_HEADER_TO_NAME_INFO(h)
Definition: obtypes.h:114
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn BOOLEAN Physical UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
Definition: acpixf.h:716
PVOID Object
Definition: obtypes.h:401
#define OB_DIR_TAG
Definition: tag.h:152
ULONG HashValue
Definition: obtypes.h:403
Definition: obtypes.h:398
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
struct _OBJECT_DIRECTORY_ENTRY * ChainLink
Definition: obtypes.h:400
#define DPRINT1
Definition: precomp.h:8

Referenced by ObCreateObjectType(), ObInitSystem(), and ObpLookupObjectName().

◆ ObpLookupEntryDirectory()

PVOID NTAPI ObpLookupEntryDirectory ( IN POBJECT_DIRECTORY  Directory,
IN PUNICODE_STRING  Name,
IN ULONG  Attributes,
IN UCHAR  SearchShadow,
IN POBP_LOOKUP_CONTEXT  Context 
)

Definition at line 123 of file obdir.c.

128 {
130  POBJECT_HEADER_NAME_INFO HeaderNameInfo;
131  POBJECT_HEADER ObjectHeader;
133  ULONG HashIndex;
134  LONG TotalChars;
135  WCHAR CurrentChar;
136  POBJECT_DIRECTORY_ENTRY *AllocatedEntry;
137  POBJECT_DIRECTORY_ENTRY *LookupBucket;
138  POBJECT_DIRECTORY_ENTRY CurrentEntry;
139  PVOID FoundObject = NULL;
140  PWSTR Buffer;
141  PAGED_CODE();
142 
143  /* Check if we should search the shadow directory */
144  if (!ObpLUIDDeviceMapsEnabled) SearchShadow = FALSE;
145 
146  /* Fail if we don't have a directory or name */
147  if (!(Directory) || !(Name)) goto Quickie;
148 
149  /* Get name information */
150  TotalChars = Name->Length / sizeof(WCHAR);
151  Buffer = Name->Buffer;
152 
153  /* Set up case-sensitivity */
155 
156  /* Fail if the name is empty */
157  if (!(Buffer) || !(TotalChars)) goto Quickie;
158 
159  /* Create the Hash */
160  for (HashValue = 0; TotalChars; TotalChars--)
161  {
162  /* Go to the next Character */
163  CurrentChar = *Buffer++;
164 
165  /* Prepare the Hash */
166  HashValue += (HashValue << 1) + (HashValue >> 1);
167 
168  /* Create the rest based on the name */
169  if (CurrentChar < 'a') HashValue += CurrentChar;
170  else if (CurrentChar > 'z') HashValue += RtlUpcaseUnicodeChar(CurrentChar);
171  else HashValue += (CurrentChar - ('a'-'A'));
172  }
173 
174  /* Merge it with our number of hash buckets */
175  HashIndex = HashValue % 37;
176 
177  /* Save the result */
178  Context->HashValue = HashValue;
179  Context->HashIndex = (USHORT)HashIndex;
180 
181  /* Get the root entry and set it as our lookup bucket */
182  AllocatedEntry = &Directory->HashBuckets[HashIndex];
183  LookupBucket = AllocatedEntry;
184 
185  /* Check if the directory is already locked */
186  if (!Context->DirectoryLocked)
187  {
188  /* Lock it */
190  }
191 
192  /* Start looping */
193  while ((CurrentEntry = *AllocatedEntry))
194  {
195  /* Do the hashes match? */
196  if (CurrentEntry->HashValue == HashValue)
197  {
198  /* Make sure that it has a name */
199  ObjectHeader = OBJECT_TO_OBJECT_HEADER(CurrentEntry->Object);
200 
201  /* Get the name information */
202  ASSERT(ObjectHeader->NameInfoOffset != 0);
203  HeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
204 
205  /* Do the names match? */
206  if ((Name->Length == HeaderNameInfo->Name.Length) &&
207  (RtlEqualUnicodeString(Name, &HeaderNameInfo->Name, CaseInsensitive)))
208  {
209  break;
210  }
211  }
212 
213  /* Move to the next entry */
214  AllocatedEntry = &CurrentEntry->ChainLink;
215  }
216 
217  /* Check if we still have an entry */
218  if (CurrentEntry)
219  {
220  /* Set this entry as the first, to speed up incoming insertion */
221  if (AllocatedEntry != LookupBucket)
222  {
223  /* Check if the directory was locked or convert the lock */
224  if ((Context->DirectoryLocked) ||
226  {
227  /* Set the Current Entry */
228  *AllocatedEntry = CurrentEntry->ChainLink;
229 
230  /* Link to the old Hash Entry */
231  CurrentEntry->ChainLink = *LookupBucket;
232 
233  /* Set the new Hash Entry */
234  *LookupBucket = CurrentEntry;
235  }
236  }
237 
238  /* Save the found object */
239  FoundObject = CurrentEntry->Object;
240  goto Quickie;
241  }
242  else
243  {
244  /* Check if the directory was locked */
245  if (!Context->DirectoryLocked)
246  {
247  /* Release the lock */
249  }
250 
251  /* Check if we should scan the shadow directory */
252  if ((SearchShadow) && (Directory->DeviceMap))
253  {
254  /* FIXME: We don't support this yet */
255  ASSERT(FALSE);
256  }
257  }
258 
259 Quickie:
260  /* Check if we inserted an object */
261  if (FoundObject)
262  {
263  /* Get the object name information */
264  ObjectHeader = OBJECT_TO_OBJECT_HEADER(FoundObject);
265  ObpReferenceNameInfo(ObjectHeader);
266 
267  /* Reference the object being looked up */
268  ObReferenceObject(FoundObject);
269 
270  /* Check if the directory was locked */
271  if (!Context->DirectoryLocked)
272  {
273  /* Release the lock */
275  }
276  }
277 
278  /* Check if we found an object already */
279  if (Context->Object)
280  {
281  /* We already did a lookup, so remove this object's query reference */
282  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Context->Object);
283  HeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
284  ObpDereferenceNameInfo(HeaderNameInfo);
285 
286  /* Also dereference the object itself */
287  ObDereferenceObject(Context->Object);
288  }
289 
290  /* Return the object we found */
291  Context->Object = FoundObject;
292  return FoundObject;
293 }
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
UNICODE_STRING Name
Definition: obtypes.h:433
_In_ BOOLEAN _In_ ULONG _Out_ PULONG HashValue
Definition: rtlfuncs.h:2039
#define OBJECT_HEADER_TO_NAME_INFO(h)
Definition: obtypes.h:114
UCHAR NameInfoOffset
Definition: obtypes.h:494
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
NTSYSAPI WCHAR NTAPI RtlUpcaseUnicodeChar(WCHAR Source)
PVOID Object
Definition: obtypes.h:401
#define PAGED_CODE()
Definition: video.h:57
FORCEINLINE VOID ObpReleaseDirectoryLock(IN POBJECT_DIRECTORY Directory, IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:210
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
long LONG
Definition: pedump.c:60
FORCEINLINE VOID ObpAcquireDirectoryLockShared(IN POBJECT_DIRECTORY Directory, IN POBP_LOOKUP_CONTEXT Context)
Definition: ob_x.h:174
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_In_ const STRING _In_ BOOLEAN CaseInsensitive
Definition: rtlfuncs.h:2245
Definition: bufpool.h:45
BOOLEAN ObpLUIDDeviceMapsEnabled
Definition: obdir.c:20
__wchar_t WCHAR
Definition: xmlstorage.h:180
FORCEINLINE POBJECT_HEADER_NAME_INFO ObpReferenceNameInfo(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:102
ULONG HashValue
Definition: obtypes.h:403
Definition: obtypes.h:398
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
_Must_inspect_result_ _In_ USHORT _In_ PHIDP_PREPARSED_DATA _Out_writes_to_ LengthAttributes PHIDP_EXTENDED_ATTRIBUTES Attributes
Definition: hidpi.h:348
unsigned short USHORT
Definition: pedump.c:61
FORCEINLINE BOOLEAN ExConvertPushLockSharedToExclusive(IN PEX_PUSH_LOCK PushLock)
Definition: ex.h:1125
struct _OBJECT_DIRECTORY_ENTRY * ChainLink
Definition: obtypes.h:400
#define ObReferenceObject
Definition: obfuncs.h:204
unsigned int ULONG
Definition: retypes.h:1
base for all directory entries
Definition: entries.h:138
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34
FORCEINLINE VOID ObpDereferenceNameInfo(IN POBJECT_HEADER_NAME_INFO HeaderNameInfo)
Definition: ob_x.h:143
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)

Referenced by ObCreateObjectType(), ObInitSystem(), ObpDeleteNameCheck(), ObpLookupObjectName(), and ObpParseSymbolicLinkToIoDeviceObject().

◆ ObpLookupObjectName()

NTSTATUS NTAPI ObpLookupObjectName ( IN HANDLE RootHandle  OPTIONAL,
IN OUT PUNICODE_STRING  ObjectName,
IN ULONG  Attributes,
IN POBJECT_TYPE  ObjectType,
IN KPROCESSOR_MODE  AccessMode,
IN OUT PVOID  ParseContext,
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos  OPTIONAL,
IN PVOID InsertObject  OPTIONAL,
IN OUT PACCESS_STATE  AccessState,
OUT POBP_LOOKUP_CONTEXT  LookupContext,
OUT PVOID FoundObject 
)

Definition at line 411 of file obname.c.

422 {
423  PVOID Object;
424  POBJECT_HEADER ObjectHeader;
425  UNICODE_STRING ComponentName, RemainingName;
426  BOOLEAN Reparse = FALSE, SymLink = FALSE;
428  POBJECT_DIRECTORY ReferencedDirectory = NULL, ReferencedParentDirectory = NULL;
429  KIRQL CalloutIrql;
430  OB_PARSE_METHOD ParseRoutine;
432  KPROCESSOR_MODE AccessCheckMode;
433  PWCHAR NewName;
434  POBJECT_HEADER_NAME_INFO ObjectNameInfo;
435  ULONG MaxReparse = 30;
436  PAGED_CODE();
438  "%s - Finding Object: %wZ. Expecting: %p\n",
439  __FUNCTION__,
440  ObjectName,
441  InsertObject);
442 
443  /* Initialize starting state */
444  ObpInitializeLookupContext(LookupContext);
445  *FoundObject = NULL;
447  Object = NULL;
448 
449  /* Check if case-insensitivity is checked */
450  if (ObpCaseInsensitive)
451  {
452  /* Check if the object type requests this */
453  if (!(ObjectType) || (ObjectType->TypeInfo.CaseInsensitive))
454  {
455  /* Add the flag to disable case sensitivity */
457  }
458  }
459 
460  /* Check if this is a access checks are being forced */
461  AccessCheckMode = (Attributes & OBJ_FORCE_ACCESS_CHECK) ?
463 
464  /* Check if we got a Root Directory */
465  if (RootHandle)
466  {
467  /* We did. Reference it */
468  Status = ObReferenceObjectByHandle(RootHandle,
469  0,
470  NULL,
471  AccessMode,
472  (PVOID*)&RootDirectory,
473  NULL);
474  if (!NT_SUCCESS(Status)) return Status;
475 
476  /* Get the header */
477  ObjectHeader = OBJECT_TO_OBJECT_HEADER(RootDirectory);
478 
479  /* The name cannot start with a separator, unless this is a file */
480  if ((ObjectName->Buffer) &&
481  (ObjectName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR) &&
482  (ObjectHeader->Type != IoFileObjectType))
483  {
484  /* The syntax is bad, so fail this request */
487  }
488 
489  /* Don't parse a Directory */
490  if (ObjectHeader->Type != ObpDirectoryObjectType)
491  {
492  /* Make sure the Object Type has a parse routine */
493  ParseRoutine = ObjectHeader->Type->TypeInfo.ParseProcedure;
494  if (!ParseRoutine)
495  {
496  /* We can't parse a name if we don't have a parse routine */
498  return STATUS_INVALID_HANDLE;
499  }
500 
501  /* Set default parse count */
502  MaxReparse = 30;
503 
504  /* Now parse */
505  while (TRUE)
506  {
507  /* Start with the full name */
509 
510  /* Call the Parse Procedure */
511  ObpCalloutStart(&CalloutIrql);
512  Status = ParseRoutine(RootDirectory,
513  ObjectType,
514  AccessState,
515  AccessCheckMode,
516  Attributes,
517  ObjectName,
518  &RemainingName,
519  ParseContext,
520  SecurityQos,
521  &Object);
522  ObpCalloutEnd(CalloutIrql, "Parse", ObjectHeader->Type, Object);
523 
524  /* Check for success or failure, so not reparse */
525  if ((Status != STATUS_REPARSE) &&
527  {
528  /* Check for failure */
529  if (!NT_SUCCESS(Status))
530  {
531  /* Parse routine might not have cleared this, do it */
532  Object = NULL;
533  }
534  else if (!Object)
535  {
536  /* Modify status to reflect failure inside Ob */
538  }
539 
540  /* We're done, return the status and object */
541  *FoundObject = Object;
543  return Status;
544  }
545  else if ((!ObjectName->Length) ||
546  (!ObjectName->Buffer) ||
547  (ObjectName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR))
548  {
549  /* Reparsed to the root directory, so start over */
552 
553  /* Don't use this anymore, since we're starting at root */
554  RootHandle = NULL;
555  goto ParseFromRoot;
556  }
557  else if (--MaxReparse)
558  {
559  /* Try reparsing again */
560  continue;
561  }
562  else
563  {
564  /* Reparsed too many times */
566 
567  /* Return the object and normalized status */
568  *FoundObject = Object;
570  return Status;
571  }
572  }
573  }
574  else if (!(ObjectName->Length) || !(ObjectName->Buffer))
575  {
576  /* Just return the Root Directory if we didn't get a name */
578  0,
579  ObjectType,
580  AccessMode);
582 
583  /* Remove the first reference we added and return the object */
585  *FoundObject = Object;
586  return Status;
587  }
588  }
589  else
590  {
591  /* We did not get a Root Directory, so use the root */
593 
594  /* It must start with a path separator */
595  if (!(ObjectName->Length) ||
596  !(ObjectName->Buffer) ||
597  (ObjectName->Buffer[0] != OBJ_NAME_PATH_SEPARATOR))
598  {
599  /* This name is invalid, so fail */
601  }
602 
603  /* Check if the name is only the path separator */
604  if (ObjectName->Length == sizeof(OBJ_NAME_PATH_SEPARATOR))
605  {
606  /* So the caller only wants the root directory; do we have one? */
607  if (!RootDirectory)
608  {
609  /* This must be the first time we're creating it... right? */
610  if (InsertObject)
611  {
612  /* Yes, so return it to ObInsert so that it can create it */
613  Status = ObReferenceObjectByPointer(InsertObject,
614  0,
615  ObjectType,
616  AccessMode);
617  if (NT_SUCCESS(Status)) *FoundObject = InsertObject;
618  return Status;
619  }
620  else
621  {
622  /* This should never really happen */
623  ASSERT(FALSE);
625  }
626  }
627  else
628  {
629  /* We do have the root directory, so just return it */
631  0,
632  ObjectType,
633  AccessMode);
634  if (NT_SUCCESS(Status)) *FoundObject = RootDirectory;
635  return Status;
636  }
637  }
638  else
639  {
640 ParseFromRoot:
641  /* FIXME: Check if we have a device map */
642 
643  /* Check if this is a possible DOS name */
644  if (!((ULONG_PTR)(ObjectName->Buffer) & 7))
645  {
646  /*
647  * This could be one. Does it match the prefix?
648  * Note that as an optimization, the match is done as 64-bit
649  * compare since the prefix is "\??\" which is exactly 8 bytes.
650  *
651  * In the second branch, we test for "\??" which is also valid.
652  * This time, we use a 32-bit compare followed by a Unicode
653  * character compare (16-bit), since the sum is 6 bytes.
654  */
655  if ((ObjectName->Length >= ObpDosDevicesShortName.Length) &&
656  (*(PULONGLONG)(ObjectName->Buffer) ==
658  {
659  /* FIXME! */
660  }
661  else if ((ObjectName->Length == ObpDosDevicesShortName.Length -
662  sizeof(WCHAR)) &&
663  (*(PULONG)(ObjectName->Buffer) ==
665  (*((PWCHAR)(ObjectName->Buffer) + 2) ==
667  {
668  /* FIXME! */
669  }
670  }
671  }
672  }
673 
674  /* Check if we were reparsing a symbolic link */
675  if (!SymLink)
676  {
677  /* Allow reparse */
678  Reparse = TRUE;
679  MaxReparse = 30;
680  }
681 
682  /* Reparse */
683  while (Reparse && MaxReparse)
684  {
685  /* Get the name */
687 
688  /* Disable reparsing again */
689  Reparse = FALSE;
690 
691  /* Start parse loop */
692  while (TRUE)
693  {
694  /* Clear object */
695  Object = NULL;
696 
697  /* Check if the name starts with a path separator */
698  if ((RemainingName.Length) &&
699  (RemainingName.Buffer[0] == OBJ_NAME_PATH_SEPARATOR))
700  {
701  /* Skip the path separator */
702  RemainingName.Buffer++;
703  RemainingName.Length -= sizeof(OBJ_NAME_PATH_SEPARATOR);
704  }
705 
706  /* Find the next Part Name */
707  ComponentName = RemainingName;
708  while (RemainingName.Length)
709  {
710  /* Break if we found the \ ending */
711  if (RemainingName.Buffer[0] == OBJ_NAME_PATH_SEPARATOR) break;
712 
713  /* Move on */
714  RemainingName.Buffer++;
715  RemainingName.Length -= sizeof(OBJ_NAME_PATH_SEPARATOR);
716  }
717 
718  /* Get its size and make sure it's valid */
719  ComponentName.Length -= RemainingName.Length;
720  if (!ComponentName.Length)
721  {
722  /* Invalid size, fail */
724  break;
725  }
726 
727  /* Check if we're in the root */
729 
730  /* Check if this is a user-mode call that needs to traverse */
731  if ((AccessCheckMode != KernelMode) &&
733  {
734  /* We shouldn't have referenced a directory yet */
735  ASSERT(ReferencedDirectory == NULL);
736 
737  /* Reference the directory */
739  ReferencedDirectory = Directory;
740 
741  /* Check if we have a parent directory */
742  if (ParentDirectory)
743  {
744  /* Check for traverse access */
747  AccessState,
748  FALSE,
749  AccessCheckMode,
750  &Status))
751  {
752  /* We don't have it, fail */
753  break;
754  }
755  }
756  }
757 
758  /* Check if we don't have a remaining name yet */
759  if (!RemainingName.Length)
760  {
761  /* Check if we don't have a referenced directory yet */
762  if (!ReferencedDirectory)
763  {
764  /* Reference it */
766  ReferencedDirectory = Directory;
767  }
768 
769  /* Check if we are inserting an object */
770  if (InsertObject)
771  {
772  /* Lock the directory */
774  }
775  }
776 
777  /* Do the lookup */
779  &ComponentName,
780  Attributes,
781  InsertObject ? FALSE : TRUE,
782  LookupContext);
783  if (!Object)
784  {
785  /* We didn't find it... do we still have a path? */
786  if (RemainingName.Length)
787  {
788  /* Then tell the caller the path wasn't found */
790  break;
791  }
792  else if (!InsertObject)
793  {
794  /* Otherwise, we have a path, but the name isn't valid */
796  break;
797  }
798 
799  /* Check create access for the object */
804  AccessState,
805  &ComponentName,
806  FALSE,
807  AccessCheckMode,
808  &Status))
809  {
810  /* We don't have create access, fail */
811  break;
812  }
813 
814  /* Get the object header */
815  ObjectHeader = OBJECT_TO_OBJECT_HEADER(InsertObject);
816 
817  /*
818  * Deny object creation if:
819  * That's a section object or a symbolic link
820  * Which isn't in the same section that root directory
821  * That doesn't have the SeCreateGlobalPrivilege
822  * And that is not a known unsecure name
823  */
824  if (RootDirectory->SessionId != -1)
825  {
826  if (ObjectHeader->Type == MmSectionObjectType ||
827  ObjectHeader->Type == ObpSymbolicLinkObjectType)
828  {
829  if (RootDirectory->SessionId != PsGetCurrentProcessSessionId() &&
830  !SeSinglePrivilegeCheck(SeCreateGlobalPrivilege, AccessCheckMode) &&
832  {
834  break;
835  }
836  }
837  }
838 
839  /* Create Object Name */
841  ComponentName.Length,
842  OB_NAME_TAG);
843  if (!(NewName) ||
845  LookupContext,
846  ObjectHeader)))
847  {
848  /* Either couldn't allocate the name, or insert failed */
850 
851  /* Fail due to memory reasons */
853  break;
854  }
855 
856  /* Reference newly to be inserted object */
857  ObReferenceObject(InsertObject);
858 
859  /* Get the name information */
860  ObjectNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
861 
862  /* Reference the directory */
864 
865  /* Copy the Name */
867  ComponentName.Buffer,
868  ComponentName.Length);
869 
870  /* Check if we had an old name */
871  if (ObjectNameInfo->Name.Buffer)
872  {
873  /* Free it */
874  ExFreePoolWithTag(ObjectNameInfo->Name.Buffer, OB_NAME_TAG);
875  }
876 
877  /* Write new one */
878  ObjectNameInfo->Name.Buffer = NewName;
879  ObjectNameInfo->Name.Length = ComponentName.Length;
880  ObjectNameInfo->Name.MaximumLength = ComponentName.Length;
881 
882  /* Return Status and the Expected Object */
884  Object = InsertObject;
885 
886  /* Get out of here */
887  break;
888  }
889 
890 ReparseObject:
891  /* We found it, so now get its header */
892  ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
893 
894  /*
895  * Check for a parse Procedure, but don't bother to parse for an insert
896  * unless it's a Symbolic Link, in which case we MUST parse
897  */
898  ParseRoutine = ObjectHeader->Type->TypeInfo.ParseProcedure;
899  if ((ParseRoutine) &&
900  (!(InsertObject) || (ParseRoutine == ObpParseSymbolicLink)))
901  {
902  /* Use the Root Directory next time */
903  Directory = NU