#include "udffs.h"
Include dependency graph for secursup.cpp:
Go to the source code of this file.
Macros | |
| #define | UDF_BUG_CHECK_ID UDF_FILE_SECURITY |
Functions | |
| NTSTATUS | UDFReadSecurity (IN PVCB Vcb, IN PtrUDFFCB Fcb, IN PSECURITY_DESCRIPTOR *SecurityDesc) |
| NTSTATUS | UDFAssignAcl (IN PVCB Vcb, IN PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb, IN PtrUDFNTRequiredFCB NtReqFcb) |
| VOID | UDFDeassignAcl (IN PtrUDFNTRequiredFCB NtReqFcb, IN BOOLEAN AutoInherited) |
| NTSTATUS | UDFWriteSecurity (IN PVCB Vcb, IN PtrUDFFCB Fcb, IN PSECURITY_DESCRIPTOR *SecurityDesc) |
| PSECURITY_DESCRIPTOR | UDFLookUpAcl (IN PVCB Vcb, PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb) |
| NTSTATUS | UDFCheckAccessRights (PFILE_OBJECT FileObject, PACCESS_STATE AccessState, PtrUDFFCB Fcb, PtrUDFCCB Ccb, ACCESS_MASK DesiredAccess, USHORT ShareAccess) |
| NTSTATUS | UDFSetAccessRights (PFILE_OBJECT FileObject, PACCESS_STATE AccessState, PtrUDFFCB Fcb, PtrUDFCCB Ccb, ACCESS_MASK DesiredAccess, USHORT ShareAccess) |
Macro Definition Documentation
◆ UDF_BUG_CHECK_ID
| #define UDF_BUG_CHECK_ID UDF_FILE_SECURITY |
Definition at line 20 of file secursup.cpp.
Function Documentation
◆ UDFAssignAcl()
| NTSTATUS UDFAssignAcl | ( | IN PVCB | Vcb, |
| IN PFILE_OBJECT | FileObject, | ||
| IN PtrUDFFCB | Fcb, | ||
| IN PtrUDFNTRequiredFCB | NtReqFcb | ||
| ) |
Definition at line 706 of file secursup.cpp.
712{
714#ifdef UDF_ENABLE_SECURITY
715// SECURITY_INFORMATION SecurityInformation;
716
717// UDFPrint((" UDFAssignAcl\n"));
719
721
723 // Stream/SDir security
726 } else
728 // Volume security
730 Vcb->RootDirFCB->FileInfo &&
731 Vcb->RootDirFCB->FileInfo->Dloc &&
732 Vcb->RootDirFCB->FileInfo->Dloc->CommonFcb) {
733 RC = UDFInheritAcl(Vcb, &(Vcb->RootDirFCB->FileInfo->Dloc->CommonFcb->SecurityDesc), &ExplicitSecurity);
734 } else {
736 RC = STATUS_NO_SECURITY_ON_OBJECT;
737 }
738 return RC;
739 }
740
744 RC = UDFBuildFullControlAcl(Vcb, &ExplicitSecurity);
745 } else {
746 RC = UDFInheritAcl(Vcb, &(Fcb->FileInfo->ParentFile->Dloc->CommonFcb->SecurityDesc), &ExplicitSecurity);
747 }
748/* if(NT_SUCCESS(RC)) {
749 NtReqFcb->NtReqFCBFlags |= UDF_NTREQ_FCB_SD_MODIFIED;
750 }*/
751 }
753
754// SecurityInformation = FULL_SECURITY_INFORMATION;
755 NtReqFcb->SecurityDesc = ExplicitSecurity;
756
757/* RC = SeSetSecurityDescriptorInfo(FileObject,
758 &SecurityInformation,
759 ExplicitSecurity,
760 &(NtReqFcb->SecurityDesc),
761 NonPagedPool,
762 IoGetFileObjectGenericMapping() );*/
763
764 }
765 }
766#endif //UDF_ENABLE_SECURITY
767 return RC;
768} // end UDFAssignAcl()
#define NtReqFcb
NTSTATUS UDFReadSecurity(IN PVCB Vcb, IN PtrUDFFCB Fcb, IN PSECURITY_DESCRIPTOR *SecurityDesc)
Definition: secursup.cpp:420
Definition: ms-dtyp.idl:301
Referenced by UDFCompleteMount(), and UDFLookUpAcl().
◆ UDFCheckAccessRights()
| NTSTATUS UDFCheckAccessRights | ( | PFILE_OBJECT | FileObject, |
| PACCESS_STATE | AccessState, | ||
| PtrUDFFCB | Fcb, | ||
| PtrUDFCCB | Ccb, | ||
| ACCESS_MASK | DesiredAccess, | ||
| USHORT | ShareAccess | ||
| ) |
Definition at line 927 of file secursup.cpp.
935{
936 NTSTATUS RC;
938#ifdef UDF_ENABLE_SECURITY
939 BOOLEAN SecurityCheck;
940 PSECURITY_DESCRIPTOR SecDesc;
942 ACCESS_MASK LocalAccessMask;
943#endif //UDF_ENABLE_SECURITY
944
945 // Check attr compatibility
948#ifdef UDF_READ_ONLY_BUILD
949 goto treat_as_ro;
950#endif //UDF_READ_ONLY_BUILD
951
953 ROCheck = TRUE;
954 } else
959 ROCheck = TRUE;
960 }
961 if(ROCheck) {
962#ifdef UDF_READ_ONLY_BUILD
963treat_as_ro:
964#endif //UDF_READ_ONLY_BUILD
965 ACCESS_MASK DesiredAccessMask = 0;
966
969 DesiredAccessMask = (FILE_WRITE_EA |
970 DELETE);
971 } else {
972 DesiredAccessMask = (FILE_WRITE_DATA |
973 FILE_APPEND_DATA |
974 FILE_WRITE_EA |
975 DELETE);
976 }
977 } else {
978 DesiredAccessMask = (FILE_WRITE_DATA |
979 FILE_APPEND_DATA |
980 FILE_WRITE_EA |
981 FILE_DELETE_CHILD |
982 FILE_ADD_SUBDIRECTORY |
983 FILE_ADD_FILE |
984 DELETE);
985 }
988 }
989#ifdef UDF_ENABLE_SECURITY
990 // Check Security
991 // NOTE: we should not perform security check if an empty DesiredAccess
992 // was specified. AFAIU, SeAccessCheck() will return FALSE in this case.
996 SecurityCheck =
997 SeAccessCheck(SecDesc,
998 &SubjectContext,
999 FALSE,
1000 DesiredAccess,
1002 NULL,
1003 IoGetFileObjectGenericMapping(),
1004 UserMode,
1006 &RC);
1008
1009 if(!SecurityCheck) {
1010 return RC;
1011 } else
1012#endif //UDF_ENABLE_SECURITY
1017 }
1018#ifdef UDF_ENABLE_SECURITY
1019 }
1020#endif //UDF_ENABLE_SECURITY
1023 // The FCB is currently in use by some thread.
1024 // We must check whether the requested access/share access
1025 // conflicts with the existing open operations.
1028#ifndef UDF_ENABLE_SECURITY
1032#endif //UDF_ENABLE_SECURITY
1033 } else {
1034 IoSetShareAccess(DesiredAccess, ShareAccess, FileObject, &(Fcb->NTRequiredFCB->FCBShareAccess));
1035#ifndef UDF_ENABLE_SECURITY
1038#endif //UDF_ENABLE_SECURITY
1039 RC = STATUS_SUCCESS;
1040 }
1041 } else {
1042 // we get here if given file was opened for internal purposes
1043 RC = STATUS_SUCCESS;
1044 }
1045 return RC;
1046} // end UDFCheckAccessRights()
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK _In_ USHORT ShareAccess
Definition: create.c:4148
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
VOID NTAPI IoSetShareAccess(IN ACCESS_MASK DesiredAccess, IN ULONG DesiredShareAccess, IN PFILE_OBJECT FileObject, OUT PSHARE_ACCESS ShareAccess)
Definition: file.c:3518
NTSTATUS NTAPI IoCheckShareAccess(IN ACCESS_MASK DesiredAccess, IN ULONG DesiredShareAccess, IN PFILE_OBJECT FileObject, IN PSHARE_ACCESS ShareAccess, IN BOOLEAN Update)
Definition: file.c:3391
PGENERIC_MAPPING NTAPI IoGetFileObjectGenericMapping(VOID)
Definition: file.c:3268
VOID NTAPI IoUpdateShareAccess(IN PFILE_OBJECT FileObject, OUT PSHARE_ACCESS ShareAccess)
Definition: file.c:3352
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
PSECURITY_DESCRIPTOR UDFLookUpAcl(IN PVCB Vcb, PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb)
Definition: secursup.cpp:915
Definition: setypes.h:217
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: subject.c:171
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2664
Referenced by UDFCommonCreate(), UDFDoesOSAllowFileToBeTargetForRename__(), UDFSetAccessRights(), and UDFSetDispositionInformation().
◆ UDFDeassignAcl()
| VOID UDFDeassignAcl | ( | IN PtrUDFNTRequiredFCB | NtReqFcb, |
| IN BOOLEAN | AutoInherited | ||
| ) |
Definition at line 772 of file secursup.cpp.
776{
777#ifdef UDF_ENABLE_SECURITY
778// NTSTATUS RC = STATUS_SUCCESS;
779
780// UDFPrint((" UDFDeassignAcl\n"));
782 return;
783
784 if(AutoInherited) {
786 return;
787 }
788
789 SeDeassignSecurity(&(NtReqFcb->SecurityDesc));
791#endif //UDF_ENABLE_SECURITY
792 return;
793} // end UDFDeassignAcl()
Referenced by UDFCleanUpFcbChain(), and UDFSetAccessRights().
◆ UDFLookUpAcl()
| PSECURITY_DESCRIPTOR UDFLookUpAcl | ( | IN PVCB | Vcb, |
| PFILE_OBJECT | FileObject, | ||
| IN PtrUDFFCB | Fcb | ||
| ) |
Definition at line 915 of file secursup.cpp.
920{
923} // end UDFLookUpAcl()
NTSTATUS UDFAssignAcl(IN PVCB Vcb, IN PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb, IN PtrUDFNTRequiredFCB NtReqFcb)
Definition: secursup.cpp:706
Referenced by UDFCheckAccessRights(), and UDFSetAccessRights().
◆ UDFReadSecurity()
Definition at line 420 of file secursup.cpp.
425{
426#ifdef UDF_ENABLE_SECURITY
430 NTSTATUS RC;
431 ULONG NumberBytesRead;
433
435
436 _SEH2_TRY {
437
443 }
447 }
448
449 // Open Stream Directory
451
457 }
458 SDirInfo = NULL;
459 try_return(RC);
460 }
461 // Acquire SDir exclusively if Fcb present
463 BrutePoint();
466 }
467
468 // Open Acl Stream
471 SDirInfo,&AclInfo,NULL);
477 }
478 AclInfo = NULL;
479 try_return(RC);
480 }
481
484 if(!(*SecurityDesc))
489 try_return(RC);
490
491 RC = RtlValidSecurityDescriptor(*SecurityDesc);
492
493try_exit: NOTHING;
494
495 } _SEH2_FINALLY {
496
497 if(AclInfo) {
500 MyFreePool__(AclInfo);
501 }
502
503 if(SDirInfo) {
506 MyFreePool__(SDirInfo);
507 }
508
510 DbgFreePool(*SecurityDesc);
511 (*SecurityDesc) = NULL;
512 }
513 if(Res1)
514 UDFReleaseResource(Res1);
515 }
516
517 return RC;
518#else
520#endif //UDF_ENABLE_SECURITY
521
522} // end UDFReadSecurity()
#define UDFAcquireResourceExclusive(Resource, CanWait)
Definition: env_spec_w32.h:656
NTSYSAPI BOOLEAN NTAPI RtlValidSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sd.c:1054
Definition: DriveVolume.h:53
Definition: udf_rel.h:346
OSSTATUS UDFCloseFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo)
Definition: udf_info.cpp:2994
uint32 UDFCleanUpFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo)
Definition: udf_info.cpp:2276
OSSTATUS UDFOpenStreamDir__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, OUT PUDF_FILE_INFO *_SDirInfo)
Definition: udf_info.cpp:4965
OSSTATUS UDFOpenFile__(IN PVCB Vcb, IN BOOLEAN IgnoreCase, IN BOOLEAN NotDeleted, IN PUNICODE_STRING fn, IN PUDF_FILE_INFO DirInfo, OUT PUDF_FILE_INFO *_FileInfo, IN uint_di *IndexToOpen)
Definition: udf_info.cpp:2004
__inline OSSTATUS UDFReadFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN int64 Offset, IN SIZE_T Length, IN BOOLEAN Direct, OUT int8 *Buffer, OUT PSIZE_T ReadBytes)
Definition: udf_info.h:666
Referenced by UDFAssignAcl().
◆ UDFSetAccessRights()
| NTSTATUS UDFSetAccessRights | ( | PFILE_OBJECT | FileObject, |
| PACCESS_STATE | AccessState, | ||
| PtrUDFFCB | Fcb, | ||
| PtrUDFCCB | Ccb, | ||
| ACCESS_MASK | DesiredAccess, | ||
| USHORT | ShareAccess | ||
| ) |
Definition at line 1049 of file secursup.cpp.
1057{
1058#ifndef UDF_ENABLE_SECURITY
1061
1063
1064#else //UDF_ENABLE_SECURITY
1065
1066 NTSTATUS RC;
1067 // Set Security on Object
1068 PSECURITY_DESCRIPTOR SecDesc;
1070 BOOLEAN AutoInherit;
1071
1074
1077
1078 if(SecDesc && !AutoInherit) {
1079 // Get caller's User/Primary Group info
1081 RC = SeAssignSecurity(
1082 Fcb->FileInfo->ParentFile->Dloc->CommonFcb->SecurityDesc,
1083// NULL,
1084 AccessState->SecurityDescriptor,
1085 &(Fcb->NTRequiredFCB->SecurityDesc),
1087 &SubjectContext,
1088 IoGetFileObjectGenericMapping(),
1089 NonPagedPool);
1091 UDFConvertToSelfRelative(&(Fcb->NTRequiredFCB->SecurityDesc));
1092
1094Clean_Up_SD:
1096 return RC;
1097 }
1098 }
1099
1102 goto Clean_Up_SD;
1103 return RC;
1104
1105#endif //UDF_ENABLE_SECURITY
1106
1107} // end UDFSetAccessRights()
VOID UDFDeassignAcl(IN PtrUDFNTRequiredFCB NtReqFcb, IN BOOLEAN AutoInherited)
Definition: secursup.cpp:772
NTSTATUS UDFCheckAccessRights(PFILE_OBJECT FileObject, PACCESS_STATE AccessState, PtrUDFFCB Fcb, PtrUDFCCB Ccb, ACCESS_MASK DesiredAccess, USHORT ShareAccess)
Definition: secursup.cpp:927
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
Referenced by UDFCommonCreate().
◆ UDFWriteSecurity()
Definition at line 796 of file secursup.cpp.
801{
802#ifdef UDF_ENABLE_SECURITY
807 NTSTATUS RC;
808 ULONG NumberBytesRead;
809
810// UDFPrint(("UDFWriteSecurity\n"));
811
812#if !defined(UDF_READ_ONLY_BUILD)
813
817
818#endif
819
821
822#if !defined(UDF_READ_ONLY_BUILD)
823
824 _SEH2_TRY {
825
831 }
832
835
836 // Open Stream Directory
838
841 }
845 }
846 SDirInfo = NULL;
847 try_return(RC);
848 }
849 // Acquire SDir exclusively if Fcb present
851 BrutePoint();
854 }
855
856 // Open Acl Stream
859 SDirInfo,&AclInfo,NULL);
863 }
867 }
868 AclInfo = NULL;
869 try_return(RC);
870 }
871
872 if(!(*SecurityDesc)) {
875 try_return(RC);
876 }
877 NumberBytesRead = RtlLengthSecurityDescriptor(*SecurityDesc);
878
882 try_return(RC);
883
884 Fcb->NTRequiredFCB->NtReqFCBFlags &= ~UDF_NTREQ_FCB_SD_MODIFIED;
885
886try_exit: NOTHING;
887
888 } _SEH2_FINALLY {
889
890 if(AclInfo) {
893 MyFreePool__(AclInfo);
894 }
895
896 if(SDirInfo) {
899 MyFreePool__(SDirInfo);
900 }
901 if(Res1)
902 UDFReleaseResource(Res1);
903 }
904
905 return RC;
906
907#endif
908#endif //UDF_ENABLE_SECURITY
909
911
912} // end UDFWriteSecurity()
NTSYSAPI ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR)
OSSTATUS UDFWriteFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN int64 Offset, IN SIZE_T Length, IN BOOLEAN Direct, IN int8 *Buffer, OUT PSIZE_T WrittenBytes)
Definition: udf_info.cpp:1605
OSSTATUS UDFFlushFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN ULONG FlushFlags)
Definition: udf_info.cpp:4119
OSSTATUS UDFUnlinkFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN BOOLEAN FreeSpace)
Definition: udf_info.cpp:1766
OSSTATUS UDFCreateFile__(IN PVCB Vcb, IN BOOLEAN IgnoreCase, IN PUNICODE_STRING _fn, IN uint32 ExtAttrSz, IN uint32 ImpUseLen, IN BOOLEAN Extended, IN BOOLEAN CreateNew, IN OUT PUDF_FILE_INFO DirInfo, OUT PUDF_FILE_INFO *_FileInfo)
Definition: udf_info.cpp:2577
OSSTATUS UDFCreateStreamDir__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, OUT PUDF_FILE_INFO *_SDirInfo)
Definition: udf_info.cpp:4888
Referenced by UDFCloseFileInfoChain(), UDFFlushADirectory(), and UDFFlushAFile().
