ReactOS 0.4.15-dev-8116-gf69e256
secursup.cpp
Go to the documentation of this file.
1
2// Copyright (C) Alexander Telyatnikov, Ivan Keliukh, Yegor Anchishkin, SKIF Software, 1999-2013. Kiev, Ukraine
3// All rights reserved
4// This file was released under the GPLv2 on June 2015.
6/*************************************************************************
7*
8* File: SecurSup.cpp
9*
10* Module: UDF File System Driver (Kernel mode execution only)
11*
12* Description:
13* Contains code to handle the "Get/Set Security" dispatch entry points.
14*
15*************************************************************************/
16
17#include "udffs.h"
18
19// define the file specific bug-check id
20#define UDF_BUG_CHECK_ID UDF_FILE_SECURITY
21
22#ifdef UDF_ENABLE_SECURITY
23
24NTSTATUS UDFConvertToSelfRelative(
25 IN OUT PSECURITY_DESCRIPTOR* SecurityDesc);
26
27/*UCHAR FullControlSD[] = {
280x01, 0x00, 0x04, 0x80, 0x4c, 0x00, 0x00, 0x00,
290x58, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300x14, 0x00, 0x00, 0x00, 0x02, 0x00, 0x38, 0x00,
310x02, 0x00, 0x00, 0x00, 0x00, 0x09, 0x18, 0x00,
320x00, 0x00, 0x00, 0x10, 0x01, 0x01, 0x00, 0x00,
330x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
340x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x18, 0x00,
350xff, 0x01, 0x1f, 0x00, 0x01, 0x01, 0x00, 0x00,
360x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
370x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x00, 0x00,
380x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
390x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
400x00, 0x00, 0x00, 0x00
41};*/
42
43/*************************************************************************
44*
45* Function: UDFGetSecurity()
46*
47* Description:
48*
49* Expected Interrupt Level (for execution) :
50*
51* IRQL_PASSIVE_LEVEL
52*
53* Return Value: Irrelevant.
54*
55*************************************************************************/
58 IN PDEVICE_OBJECT DeviceObject, // the logical volume device object
59 IN PIRP Irp) // I/O Request Packet
60{
62 PtrUDFIrpContext PtrIrpContext = NULL;
63 BOOLEAN AreWeTopLevel = FALSE;
64
65 UDFPrint(("UDFGetSecurity\n"));
66// BrutePoint();
67
70 ASSERT(Irp);
71
72 // set the top level context
73 AreWeTopLevel = UDFIsIrpTopLevel(Irp);
74 ASSERT(!UDFIsFSDevObj(DeviceObject));
75 // Call the common Lock Control routine, with blocking allowed if
76 // synchronous
77 _SEH2_TRY {
78
79 // get an IRP context structure and issue the request
80 PtrIrpContext = UDFAllocateIrpContext(Irp, DeviceObject);
81 if(PtrIrpContext) {
82 RC = UDFCommonGetSecurity(PtrIrpContext, Irp);
83 } else {
85 Irp->IoStatus.Status = RC;
86 Irp->IoStatus.Information = 0;
87 // complete the IRP
89 }
90
91 } __except (UDFExceptionFilter(PtrIrpContext, GetExceptionInformation())) {
92
93 RC = UDFExceptionHandler(PtrIrpContext, Irp);
94
96 }
97
98 if (AreWeTopLevel) {
100 }
101
103
104 return(RC);
105} // end UDFGetSecurity()
106
107
108/*************************************************************************
109*
110* Function: UDFCommonGetSecurity()
111*
112* Description:
113* This is the common routine for getting Security (ACL) called
114* by both the fsd and fsp threads
115*
116* Expected Interrupt Level (for execution) :
117*
118* IRQL_PASSIVE_LEVEL
119*
120* Return Value: Irrelevant
121*
122*************************************************************************/
125 IN PtrUDFIrpContext PtrIrpContext,
126 IN PIRP Irp)
127{
130 BOOLEAN PostRequest = FALSE;
131 BOOLEAN CanWait = FALSE;
133 BOOLEAN AcquiredFCB = FALSE;
137 PVOID PtrSystemBuffer = NULL;
139
140 UDFPrint(("UDFCommonGetSecurity\n"));
141
142 _SEH2_TRY {
143
144 // First, get a pointer to the current I/O stack location.
146 ASSERT(IrpSp);
147
150
151 // Get the FCB and CCB pointers.
152 Ccb = (PtrUDFCCB)(FileObject->FsContext2);
153 ASSERT(Ccb);
154 Fcb = Ccb->Fcb;
155 ASSERT(Fcb);
156
157/* if(!Fcb->Vcb->ReadSecurity)
158 try_return(RC = STATUS_NOT_IMPLEMENTED);*/
159
160 NtReqFcb = Fcb->NTRequiredFCB;
161 CanWait = ((PtrIrpContext->IrpContextFlags & UDF_IRP_CONTEXT_CAN_BLOCK) ? TRUE : FALSE);
162
163 // Acquire the FCB resource shared
165 if (!UDFAcquireResourceExclusive(&(NtReqFcb->MainResource), CanWait)) {
166// if (!UDFAcquireResourceShared(&(NtReqFcb->MainResource), CanWait)) {
167 PostRequest = TRUE;
169 }
170 AcquiredFCB = TRUE;
171
172 PtrSystemBuffer = UDFGetCallersBuffer(PtrIrpContext, Irp);
173 if(!PtrSystemBuffer)
176
177 if(!NtReqFcb->SecurityDesc) {
179 if(!NT_SUCCESS(RC))
180 try_return(RC);
181 }
182
183 _SEH2_TRY {
184 RC = SeQuerySecurityDescriptorInfo(&(IrpSp->Parameters.QuerySecurity.SecurityInformation),
185 (PSECURITY_DESCRIPTOR)PtrSystemBuffer,
187 &(NtReqFcb->SecurityDesc) );
190 }
191
192try_exit: NOTHING;
193
194 } _SEH2_FINALLY {
195
196 // Release the FCB resources if acquired.
197 if (AcquiredFCB) {
199 UDFReleaseResource(&(NtReqFcb->MainResource));
200 AcquiredFCB = FALSE;
201 }
202
203 if (PostRequest) {
204 // Perform appropriate post related processing here
205 RC = UDFPostRequest(PtrIrpContext, Irp);
206 } else
207 if(!AbnormalTermination()) {
208 Irp->IoStatus.Status = RC;
209 Irp->IoStatus.Information = BufferLength;
210 // Free up the Irp Context
211 UDFReleaseIrpContext(PtrIrpContext);
212 // complete the IRP
214 }
215
216 } // end of "__finally" processing
217
218 return(RC);
219}
220
221#ifndef UDF_READ_ONLY_BUILD
222/*************************************************************************
223*
224* Function: UDFSetSecurity()
225*
226* Description:
227*
228* Expected Interrupt Level (for execution) :
229*
230* IRQL_PASSIVE_LEVEL
231*
232* Return Value: Irrelevant.
233*
234*************************************************************************/
237 IN PDEVICE_OBJECT DeviceObject, // the logical volume device object
238 IN PIRP Irp) // I/O Request Packet
239{
241 PtrUDFIrpContext PtrIrpContext = NULL;
242 BOOLEAN AreWeTopLevel = FALSE;
243
244 UDFPrint(("UDFSetSecurity\n"));
245// BrutePoint();
246
249 ASSERT(Irp);
250
251 // set the top level context
252 AreWeTopLevel = UDFIsIrpTopLevel(Irp);
253 // Call the common Lock Control routine, with blocking allowed if
254 // synchronous
255 _SEH2_TRY {
256
257 // get an IRP context structure and issue the request
258 PtrIrpContext = UDFAllocateIrpContext(Irp, DeviceObject);
259 if(PtrIrpContext) {
260 RC = UDFCommonSetSecurity(PtrIrpContext, Irp);
261 } else {
263 Irp->IoStatus.Status = RC;
264 Irp->IoStatus.Information = 0;
265 // complete the IRP
267 }
268
269 } __except (UDFExceptionFilter(PtrIrpContext, GetExceptionInformation())) {
270
271 RC = UDFExceptionHandler(PtrIrpContext, Irp);
272
274 }
275
276 if (AreWeTopLevel) {
278 }
279
281
282 return(RC);
283} // end UDFSetSecurity()
284
285
286/*************************************************************************
287*
288* Function: UDFCommonSetSecurity()
289*
290* Description:
291* This is the common routine for getting Security (ACL) called
292* by both the fsd and fsp threads
293*
294* Expected Interrupt Level (for execution) :
295*
296* IRQL_PASSIVE_LEVEL
297*
298* Return Value: Irrelevant
299*
300*************************************************************************/
303 IN PtrUDFIrpContext PtrIrpContext,
304 IN PIRP Irp)
305{
308 BOOLEAN PostRequest = FALSE;
309 BOOLEAN CanWait = FALSE;
311 BOOLEAN AcquiredFCB = FALSE;
316
317 UDFPrint(("UDFCommonSetSecurity\n"));
318
319 _SEH2_TRY {
320
321 // First, get a pointer to the current I/O stack location.
323 ASSERT(IrpSp);
324
327
328 // Get the FCB and CCB pointers.
329 Ccb = (PtrUDFCCB)(FileObject->FsContext2);
330 ASSERT(Ccb);
331 Fcb = Ccb->Fcb;
332 ASSERT(Fcb);
333
334 if(!Fcb->Vcb->WriteSecurity)
336
337 NtReqFcb = Fcb->NTRequiredFCB;
338 CanWait = ((PtrIrpContext->IrpContextFlags & UDF_IRP_CONTEXT_CAN_BLOCK) ? TRUE : FALSE);
339
340 // Acquire the FCB resource exclusive
342 if (!UDFAcquireResourceExclusive(&(NtReqFcb->MainResource), CanWait)) {
343 PostRequest = TRUE;
345 }
346 AcquiredFCB = TRUE;
347
348//OWNER_SECURITY_INFORMATION
349 if(IrpSp->Parameters.SetSecurity.SecurityInformation & OWNER_SECURITY_INFORMATION)
351//GROUP_SECURITY_INFORMATION
352 if(IrpSp->Parameters.SetSecurity.SecurityInformation & GROUP_SECURITY_INFORMATION)
354//DACL_SECURITY_INFORMATION
355 if(IrpSp->Parameters.SetSecurity.SecurityInformation & DACL_SECURITY_INFORMATION)
357//SACL_SECURITY_INFORMATION
358 if(IrpSp->Parameters.SetSecurity.SecurityInformation & SACL_SECURITY_INFORMATION)
360
361 _SEH2_TRY {
362 UDFConvertToSelfRelative(&(NtReqFcb->SecurityDesc));
363
364 KdDump(NtReqFcb->SecurityDesc, RtlLengthSecurityDescriptor(NtReqFcb->SecurityDesc));
365 UDFPrint(("\n"));
366
367 RC = SeSetSecurityDescriptorInfo(/*FileObject*/ NULL,
368 &(IrpSp->Parameters.SetSecurity.SecurityInformation),
369 IrpSp->Parameters.SetSecurity.SecurityDescriptor,
370 &(NtReqFcb->SecurityDesc),
373
374 KdDump(NtReqFcb->SecurityDesc, RtlLengthSecurityDescriptor(NtReqFcb->SecurityDesc));
375
378 }
379 if(NT_SUCCESS(RC)) {
380 NtReqFcb->NtReqFCBFlags |= UDF_NTREQ_FCB_SD_MODIFIED;
381
385 }
386
387try_exit: NOTHING;
388
389 } _SEH2_FINALLY {
390
391 // Release the FCB resources if acquired.
392 if (AcquiredFCB) {
394 UDFReleaseResource(&(NtReqFcb->MainResource));
395 AcquiredFCB = FALSE;
396 }
397
398 if (PostRequest) {
399 // Perform appropriate post related processing here
400 RC = UDFPostRequest(PtrIrpContext, Irp);
401 } else
402 if(!AbnormalTermination()) {
403 Irp->IoStatus.Status = RC;
404 Irp->IoStatus.Information = 0;
405 // Free up the Irp Context
406 UDFReleaseIrpContext(PtrIrpContext);
407 // complete the IRP
409 }
410
411 } // end of "__finally" processing
412
413 return(RC);
414} // ens UDFCommonSetSecurity()
415
416#endif //UDF_READ_ONLY_BUILD
417#endif //UDF_ENABLE_SECURITY
418
421 IN PVCB Vcb,
423 IN PSECURITY_DESCRIPTOR* SecurityDesc
424 )
425{
426#ifdef UDF_ENABLE_SECURITY
428 PUDF_FILE_INFO SDirInfo = NULL;
429 PUDF_FILE_INFO AclInfo = NULL;
430 NTSTATUS RC;
431 ULONG NumberBytesRead;
432 PERESOURCE Res1 = NULL;
433
434 UDFPrint(("UDFReadSecurity\n"));
435
436 _SEH2_TRY {
437
438 FileInfo = Fcb->FileInfo;
440 if(!FileInfo) {
441 UDFPrint((" Volume Security\n"));
443 }
444 if(Vcb->VCBFlags & UDF_VCB_FLAGS_RAW_DISK) {
445 UDFPrint((" No Security on blank volume\n"));
447 }
448
449 // Open Stream Directory
450 RC = UDFOpenStreamDir__(Vcb, FileInfo, &SDirInfo);
451
452 if(RC == STATUS_NOT_FOUND)
454 if(!NT_SUCCESS(RC)) {
455 if(UDFCleanUpFile__(Vcb, SDirInfo)) {
456 if(SDirInfo) MyFreePool__(SDirInfo);
457 }
458 SDirInfo = NULL;
459 try_return(RC);
460 }
461 // Acquire SDir exclusively if Fcb present
462 if(SDirInfo->Fcb) {
463 BrutePoint();
464 UDF_CHECK_PAGING_IO_RESOURCE(SDirInfo->Fcb->NTRequiredFCB);
465 UDFAcquireResourceExclusive(Res1 = &(SDirInfo->Fcb->NTRequiredFCB->MainResource),TRUE);
466 }
467
468 // Open Acl Stream
469 RC = UDFOpenFile__(Vcb,
471 SDirInfo,&AclInfo,NULL);
474 if(!NT_SUCCESS(RC)) {
475 if(UDFCleanUpFile__(Vcb, AclInfo)) {
476 if(AclInfo) MyFreePool__(AclInfo);
477 }
478 AclInfo = NULL;
479 try_return(RC);
480 }
481
482 NumberBytesRead = (ULONG)UDFGetFileSize(AclInfo);
483 (*SecurityDesc) = DbgAllocatePool(NonPagedPool, NumberBytesRead);
484 if(!(*SecurityDesc))
486 RC = UDFReadFile__(Vcb, AclInfo, 0, NumberBytesRead,
487 FALSE, (PCHAR)(*SecurityDesc), &NumberBytesRead);
488 if(!NT_SUCCESS(RC))
489 try_return(RC);
490
491 RC = RtlValidSecurityDescriptor(*SecurityDesc);
492
493try_exit: NOTHING;
494
495 } _SEH2_FINALLY {
496
497 if(AclInfo) {
498 UDFCloseFile__(Vcb, AclInfo);
499 if(UDFCleanUpFile__(Vcb, AclInfo))
500 MyFreePool__(AclInfo);
501 }
502
503 if(SDirInfo) {
504 UDFCloseFile__(Vcb, SDirInfo);
505 if(UDFCleanUpFile__(Vcb, SDirInfo))
506 MyFreePool__(SDirInfo);
507 }
508
509 if(!NT_SUCCESS(RC) && (*SecurityDesc)) {
510 DbgFreePool(*SecurityDesc);
511 (*SecurityDesc) = NULL;
512 }
513 if(Res1)
514 UDFReleaseResource(Res1);
515 }
516
517 return RC;
518#else
520#endif //UDF_ENABLE_SECURITY
521
522} // end UDFReadSecurity()
523
524#ifdef UDF_ENABLE_SECURITY
526UDFConvertToSelfRelative(
527 IN OUT PSECURITY_DESCRIPTOR* SecurityDesc
528 )
529{
530 NTSTATUS RC;
533 ULONG Len;
534
535 UDFPrint((" UDFConvertToSelfRelative\n"));
536
537 if(!(*SecurityDesc))
539
541 Len = RtlLengthSecurityDescriptor(*SecurityDesc);
542 ASSERT(Len <= 1024);
544 if(!NewSD)
546 _SEH2_TRY {
547 RC = SeQuerySecurityDescriptorInfo(&SecurityInformation, NewSD, &Len, SecurityDesc);
550 }
551
552 if(NT_SUCCESS(RC)) {
553 DbgFreePool(*SecurityDesc);
554 *SecurityDesc = NewSD;
555 } else {
556 DbgFreePool(NewSD);
557 }
558 return RC;
559} // end UDFConvertToSelfRelative()
560
562UDFInheritAcl(
563 IN PVCB Vcb,
564 IN PSECURITY_DESCRIPTOR* ParentSecurityDesc,
565 IN OUT PSECURITY_DESCRIPTOR* SecurityDesc
566 )
567{
568 NTSTATUS RC;
570 ULONG Len;
571
572 UDFPrint((" UDFInheritAcl\n"));
573
574 if(!(*ParentSecurityDesc)) {
575 *SecurityDesc = NULL;
576 return STATUS_SUCCESS;
577 }
578
580 Len = RtlLengthSecurityDescriptor(*ParentSecurityDesc);
582 if(!(*SecurityDesc))
584 _SEH2_TRY {
585 RC = SeQuerySecurityDescriptorInfo(&SecurityInformation, *SecurityDesc, &Len, ParentSecurityDesc);
588 }
589
590 if(!NT_SUCCESS(RC)) {
591 DbgFreePool(*SecurityDesc);
592 *SecurityDesc = NULL;
593 }
594 return RC;
595} // end UDFInheritAcl()
596
598UDFBuildEmptyAcl(
599 IN PVCB Vcb,
600 IN PSECURITY_DESCRIPTOR* SecurityDesc
601 )
602{
603 NTSTATUS RC;
604 ULONG Len = 2 * (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(ULONG)*4 /*RtlLengthSid(SeExports->SeWorldSid)*/);
605
606 UDFPrint((" UDFBuildEmptyAcl\n"));
607 // Create Security Descriptor
609 sizeof(SECURITY_DESCRIPTOR) + Len);
610 if(!(*SecurityDesc))
612
614
615 if(!NT_SUCCESS(RC)) {
616 DbgFreePool(*SecurityDesc);
617 *((PULONG)SecurityDesc) = NULL;
618 }
619 return RC;
620} // end UDFBuildEmptyAcl()
621
623UDFBuildFullControlAcl(
624 IN PVCB Vcb,
625 IN PSECURITY_DESCRIPTOR* SecurityDesc
626 )
627{
628 NTSTATUS RC;
629 PACL Acl;
630 ULONG Len = sizeof(ACL) + 2*(sizeof(ACCESS_ALLOWED_ACE) + sizeof(ULONG)*4 /*- sizeof(ULONG)*/ /*+ RtlLengthSid(SeExports->SeWorldSid)*/);
631
632 UDFPrint((" UDFBuildFullControlAcl\n"));
633 // Create Security Descriptor
634 RC = UDFBuildEmptyAcl(Vcb, SecurityDesc);
635 if(!NT_SUCCESS(RC))
636 return RC;
637
638 // Set Owner
640 if(!NT_SUCCESS(RC)) {
641 DbgFreePool(*SecurityDesc);
642 *((PULONG)SecurityDesc) = NULL;
643 return RC;
644 }
645
646 // Set Group
648 if(!NT_SUCCESS(RC)) {
649 DbgFreePool(*SecurityDesc);
650 *((PULONG)SecurityDesc) = NULL;
651 return RC;
652 }
653
654 // Create empty Acl
656 if(!Acl) {
657 DbgFreePool(*SecurityDesc);
658 *((PULONG)SecurityDesc) = NULL;
659 return RC;
660 }
661 RtlZeroMemory(Acl, Len);
662
663 RC = RtlCreateAcl(Acl, Len, ACL_REVISION);
664 if(!NT_SUCCESS(RC)) {
665 DbgFreePool(Acl);
666 DbgFreePool(*SecurityDesc);
667 *((PULONG)SecurityDesc) = NULL;
668 return RC;
669 }
670
671 // Add (All)(All) access for Everyone
672/* RC = RtlAddAccessAllowedAce(Acl, ACL_REVISION,
673 GENERIC_ALL,
674 SeExports->SeWorldSid);*/
675
679
680 if(!NT_SUCCESS(RC)) {
681 DbgFreePool(Acl);
682 DbgFreePool(*SecurityDesc);
683 *((PULONG)SecurityDesc) = NULL;
684 return RC;
685 }
686
687 // Add Acl to Security Descriptor
688 RC = RtlSetDaclSecurityDescriptor(*SecurityDesc, TRUE, Acl, FALSE);
689 if(!NT_SUCCESS(RC)) {
690 DbgFreePool(Acl);
691 DbgFreePool(*SecurityDesc);
692 *((PULONG)SecurityDesc) = NULL;
693 return RC;
694 }
695
696 RC = UDFConvertToSelfRelative(SecurityDesc);
697
698 DbgFreePool(Acl);
699
700 return RC;
701} // end UDFBuildFullControlAcl()
702
703#endif // UDF_ENABLE_SECURITY
704
707 IN PVCB Vcb,
708 IN PFILE_OBJECT FileObject, // OPTIONAL
711 )
712{
714#ifdef UDF_ENABLE_SECURITY
715// SECURITY_INFORMATION SecurityInformation;
716
717// UDFPrint((" UDFAssignAcl\n"));
718 if(!NtReqFcb->SecurityDesc) {
719
720 PSECURITY_DESCRIPTOR ExplicitSecurity = NULL;
721
722 if(UDFIsAStreamDir(Fcb->FileInfo) || UDFIsAStream(Fcb->FileInfo)) {
723 // Stream/SDir security
724 NtReqFcb->SecurityDesc = Fcb->FileInfo->ParentFile->Dloc->CommonFcb->SecurityDesc;
725 return STATUS_SUCCESS;
726 } else
727 if(!Fcb->FileInfo) {
728 // Volume security
729 if(Vcb->RootDirFCB &&
730 Vcb->RootDirFCB->FileInfo &&
731 Vcb->RootDirFCB->FileInfo->Dloc &&
732 Vcb->RootDirFCB->FileInfo->Dloc->CommonFcb) {
733 RC = UDFInheritAcl(Vcb, &(Vcb->RootDirFCB->FileInfo->Dloc->CommonFcb->SecurityDesc), &ExplicitSecurity);
734 } else {
735 NtReqFcb->SecurityDesc = NULL;
737 }
738 return RC;
739 }
740
741 RC = UDFReadSecurity(Vcb, Fcb, &ExplicitSecurity);
743 if(!Fcb->FileInfo->ParentFile) {
744 RC = UDFBuildFullControlAcl(Vcb, &ExplicitSecurity);
745 } else {
746 RC = UDFInheritAcl(Vcb, &(Fcb->FileInfo->ParentFile->Dloc->CommonFcb->SecurityDesc), &ExplicitSecurity);
747 }
748/* if(NT_SUCCESS(RC)) {
749 NtReqFcb->NtReqFCBFlags |= UDF_NTREQ_FCB_SD_MODIFIED;
750 }*/
751 }
752 if(NT_SUCCESS(RC)) {
753
754// SecurityInformation = FULL_SECURITY_INFORMATION;
755 NtReqFcb->SecurityDesc = ExplicitSecurity;
756
757/* RC = SeSetSecurityDescriptorInfo(FileObject,
758 &SecurityInformation,
759 ExplicitSecurity,
760 &(NtReqFcb->SecurityDesc),
761 NonPagedPool,
762 IoGetFileObjectGenericMapping() );*/
763
764 }
765 }
766#endif //UDF_ENABLE_SECURITY
767 return RC;
768} // end UDFAssignAcl()
769
770
771VOID
774 IN BOOLEAN AutoInherited
775 )
776{
777#ifdef UDF_ENABLE_SECURITY
778// NTSTATUS RC = STATUS_SUCCESS;
779
780// UDFPrint((" UDFDeassignAcl\n"));
781 if(!NtReqFcb->SecurityDesc)
782 return;
783
784 if(AutoInherited) {
785 NtReqFcb->SecurityDesc = NULL;
786 return;
787 }
788
789 SeDeassignSecurity(&(NtReqFcb->SecurityDesc));
790 NtReqFcb->SecurityDesc = NULL; // HA BCRK CLU4
791#endif //UDF_ENABLE_SECURITY
792 return;
793} // end UDFDeassignAcl()
794
797 IN PVCB Vcb,
799 IN PSECURITY_DESCRIPTOR* SecurityDesc
800 )
801{
802#ifdef UDF_ENABLE_SECURITY
804 PUDF_FILE_INFO SDirInfo = NULL;
805 PUDF_FILE_INFO AclInfo = NULL;
806 PERESOURCE Res1 = NULL;
807 NTSTATUS RC;
808 ULONG NumberBytesRead;
809
810// UDFPrint(("UDFWriteSecurity\n"));
811
812#if !defined(UDF_READ_ONLY_BUILD)
813
814 if(!Vcb->WriteSecurity ||
815 (Vcb->VCBFlags & (UDF_VCB_FLAGS_VOLUME_READ_ONLY |
817
818#endif
819
820 return STATUS_SUCCESS;
821
822#if !defined(UDF_READ_ONLY_BUILD)
823
824 _SEH2_TRY {
825
826 FileInfo = Fcb->FileInfo;
828 if(!FileInfo) {
829 UDFPrint((" Volume Security\n"));
831 }
832
833 if(!(Fcb->NTRequiredFCB->NtReqFCBFlags & UDF_NTREQ_FCB_SD_MODIFIED))
835
836 // Open Stream Directory
837 RC = UDFOpenStreamDir__(Vcb, FileInfo, &SDirInfo);
838
839 if(RC == STATUS_NOT_FOUND) {
840 RC = UDFCreateStreamDir__(Vcb, FileInfo, &SDirInfo);
841 }
842 if(!NT_SUCCESS(RC)) {
843 if(UDFCleanUpFile__(Vcb, SDirInfo)) {
844 if(SDirInfo) MyFreePool__(SDirInfo);
845 }
846 SDirInfo = NULL;
847 try_return(RC);
848 }
849 // Acquire SDir exclusively if Fcb present
850 if(SDirInfo->Fcb) {
851 BrutePoint();
852 UDF_CHECK_PAGING_IO_RESOURCE(SDirInfo->Fcb->NTRequiredFCB);
853 UDFAcquireResourceExclusive(Res1 = &(SDirInfo->Fcb->NTRequiredFCB->MainResource),TRUE);
854 }
855
856 // Open Acl Stream
857 RC = UDFOpenFile__(Vcb,
859 SDirInfo,&AclInfo,NULL);
862 0, 0, FALSE, FALSE, SDirInfo, &AclInfo);
863 }
864 if(!NT_SUCCESS(RC)) {
865 if(UDFCleanUpFile__(Vcb, AclInfo)) {
866 if(AclInfo) MyFreePool__(AclInfo);
867 }
868 AclInfo = NULL;
869 try_return(RC);
870 }
871
872 if(!(*SecurityDesc)) {
873 UDFFlushFile__(Vcb, AclInfo);
874 RC = UDFUnlinkFile__(Vcb, AclInfo, TRUE);
875 try_return(RC);
876 }
877 NumberBytesRead = RtlLengthSecurityDescriptor(*SecurityDesc);
878
879 RC = UDFWriteFile__(Vcb, AclInfo, 0, NumberBytesRead,
880 FALSE, (PCHAR)(*SecurityDesc), &NumberBytesRead);
881 if(!NT_SUCCESS(RC))
882 try_return(RC);
883
884 Fcb->NTRequiredFCB->NtReqFCBFlags &= ~UDF_NTREQ_FCB_SD_MODIFIED;
885
886try_exit: NOTHING;
887
888 } _SEH2_FINALLY {
889
890 if(AclInfo) {
891 UDFCloseFile__(Vcb, AclInfo);
892 if(UDFCleanUpFile__(Vcb, AclInfo))
893 MyFreePool__(AclInfo);
894 }
895
896 if(SDirInfo) {
897 UDFCloseFile__(Vcb, SDirInfo);
898 if(UDFCleanUpFile__(Vcb, SDirInfo))
899 MyFreePool__(SDirInfo);
900 }
901 if(Res1)
902 UDFReleaseResource(Res1);
903 }
904
905 return RC;
906
907#endif
908#endif //UDF_ENABLE_SECURITY
909
910 return STATUS_SUCCESS;
911
912} // end UDFWriteSecurity()
913
916 IN PVCB Vcb,
917 PFILE_OBJECT FileObject, // OPTIONAL
919 )
920{
921 UDFAssignAcl(Vcb, FileObject, Fcb, Fcb->NTRequiredFCB);
922 return (Fcb->NTRequiredFCB->SecurityDesc);
923} // end UDFLookUpAcl()
924
925
928 PFILE_OBJECT FileObject, // OPTIONAL
931 PtrUDFCCB Ccb, // OPTIONAL
934 )
935{
936 NTSTATUS RC;
937 BOOLEAN ROCheck = FALSE;
938#ifdef UDF_ENABLE_SECURITY
939 BOOLEAN SecurityCheck;
940 PSECURITY_DESCRIPTOR SecDesc;
942 ACCESS_MASK LocalAccessMask;
943#endif //UDF_ENABLE_SECURITY
944
945 // Check attr compatibility
946 ASSERT(Fcb);
947 ASSERT(Fcb->Vcb);
948#ifdef UDF_READ_ONLY_BUILD
949 goto treat_as_ro;
950#endif //UDF_READ_ONLY_BUILD
951
952 if(Fcb->FCBFlags & UDF_FCB_READ_ONLY) {
953 ROCheck = TRUE;
954 } else
955 if((Fcb->Vcb->origIntegrityType == INTEGRITY_TYPE_OPEN) &&
956 Ccb && !(Ccb->CCBFlags & UDF_CCB_VOLUME_OPEN) &&
957 (Fcb->Vcb->CompatFlags & UDF_VCB_IC_DIRTY_RO)) {
958 AdPrint(("force R/O on dirty\n"));
959 ROCheck = TRUE;
960 }
961 if(ROCheck) {
962#ifdef UDF_READ_ONLY_BUILD
963treat_as_ro:
964#endif //UDF_READ_ONLY_BUILD
965 ACCESS_MASK DesiredAccessMask = 0;
966
967 if(Fcb->Vcb->CompatFlags & UDF_VCB_IC_WRITE_IN_RO_DIR) {
968 if(Fcb->FCBFlags & UDF_FCB_DIRECTORY) {
969 DesiredAccessMask = (FILE_WRITE_EA |
970 DELETE);
971 } else {
972 DesiredAccessMask = (FILE_WRITE_DATA |
975 DELETE);
976 }
977 } else {
978 DesiredAccessMask = (FILE_WRITE_DATA |
984 DELETE);
985 }
986 if(DesiredAccess & DesiredAccessMask)
988 }
989#ifdef UDF_ENABLE_SECURITY
990 // Check Security
991 // NOTE: we should not perform security check if an empty DesiredAccess
992 // was specified. AFAIU, SeAccessCheck() will return FALSE in this case.
993 SecDesc = UDFLookUpAcl(Fcb->Vcb, FileObject, Fcb);
994 if(SecDesc && DesiredAccess) {
996 SecurityCheck =
997 SeAccessCheck(SecDesc,
999 FALSE,
1001 Ccb ? Ccb->PreviouslyGrantedAccess : 0,
1002 NULL,
1004 UserMode,
1005 Ccb ? &(Ccb->PreviouslyGrantedAccess) : &LocalAccessMask,
1006 &RC);
1008
1009 if(!SecurityCheck) {
1010 return RC;
1011 } else
1012#endif //UDF_ENABLE_SECURITY
1015 return STATUS_ACCESS_DENIED;
1016 Ccb->PreviouslyGrantedAccess |= ACCESS_SYSTEM_SECURITY;
1017 }
1018#ifdef UDF_ENABLE_SECURITY
1019 }
1020#endif //UDF_ENABLE_SECURITY
1021 if(FileObject) {
1022 if (Fcb->OpenHandleCount) {
1023 // The FCB is currently in use by some thread.
1024 // We must check whether the requested access/share access
1025 // conflicts with the existing open operations.
1027 &(Fcb->NTRequiredFCB->FCBShareAccess), TRUE);
1028#ifndef UDF_ENABLE_SECURITY
1029 if(Ccb)
1030 Ccb->PreviouslyGrantedAccess |= DesiredAccess;
1031 IoUpdateShareAccess(FileObject, &(Fcb->NTRequiredFCB->FCBShareAccess));
1032#endif //UDF_ENABLE_SECURITY
1033 } else {
1034 IoSetShareAccess(DesiredAccess, ShareAccess, FileObject, &(Fcb->NTRequiredFCB->FCBShareAccess));
1035#ifndef UDF_ENABLE_SECURITY
1036 if(Ccb)
1037 Ccb->PreviouslyGrantedAccess = DesiredAccess;
1038#endif //UDF_ENABLE_SECURITY
1039 RC = STATUS_SUCCESS;
1040 }
1041 } else {
1042 // we get here if given file was opened for internal purposes
1043 RC = STATUS_SUCCESS;
1044 }
1045 return RC;
1046} // end UDFCheckAccessRights()
1047
1052 PtrUDFFCB Fcb,
1053 PtrUDFCCB Ccb,
1056 )
1057{
1058#ifndef UDF_ENABLE_SECURITY
1059 ASSERT(Ccb);
1060 ASSERT(Fcb->FileInfo);
1061
1063
1064#else //UDF_ENABLE_SECURITY
1065
1066 NTSTATUS RC;
1067 // Set Security on Object
1068 PSECURITY_DESCRIPTOR SecDesc;
1070 BOOLEAN AutoInherit;
1071
1072 ASSERT(Ccb);
1073 ASSERT(Fcb->FileInfo);
1074
1075 SecDesc = UDFLookUpAcl(Fcb->Vcb, FileObject, Fcb);
1076 AutoInherit = UDFIsAStreamDir(Fcb->FileInfo) || UDFIsAStream(Fcb->FileInfo);
1077
1078 if(SecDesc && !AutoInherit) {
1079 // Get caller's User/Primary Group info
1081 RC = SeAssignSecurity(
1082 Fcb->FileInfo->ParentFile->Dloc->CommonFcb->SecurityDesc,
1083// NULL,
1084 AccessState->SecurityDescriptor,
1085 &(Fcb->NTRequiredFCB->SecurityDesc),
1086 UDFIsADirectory(Fcb->FileInfo),
1089 NonPagedPool);
1091 UDFConvertToSelfRelative(&(Fcb->NTRequiredFCB->SecurityDesc));
1092
1093 if(!NT_SUCCESS(RC)) {
1094Clean_Up_SD:
1095 UDFDeassignAcl(Fcb->NTRequiredFCB, AutoInherit);
1096 return RC;
1097 }
1098 }
1099
1101 if(!NT_SUCCESS(RC))
1102 goto Clean_Up_SD;
1103 return RC;
1104
1105#endif //UDF_ENABLE_SECURITY
1106
1107} // end UDFSetAccessRights()
1108
static PIO_STACK_LOCATION IoGetCurrentIrpStackLocation(PIRP Irp)
unsigned char BOOLEAN
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
LONG NTSTATUS
Definition: precomp.h:26
_In_ PFCB Fcb
Definition: cdprocs.h:159
_Inout_ PFILE_OBJECT _In_ TYPE_OF_OPEN PFCB _In_opt_ PCCB Ccb
Definition: cdprocs.h:592
#define try_return(S)
Definition: cdprocs.h:2179
_In_ PIRP Irp
Definition: csq.h:116
#define Len
Definition: deflate.h:82
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ PIO_STACK_LOCATION IrpSp
Definition: create.c:4137
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK _In_ USHORT ShareAccess
Definition: create.c:4147
NTSTATUS UDFExceptionHandler(PtrUDFIrpContext PtrIrpContext, PIRP Irp)
Definition: misc.cpp:358
BOOLEAN __fastcall UDFIsIrpTopLevel(PIRP Irp)
Definition: misc.cpp:228
VOID UDFLogEvent(NTSTATUS UDFEventLogId, NTSTATUS RC)
Definition: misc.cpp:575
NTSTATUS UDFPostRequest(IN PtrUDFIrpContext PtrIrpContext, IN PIRP Irp)
Definition: misc.cpp:1128
PtrUDFIrpContext UDFAllocateIrpContext(PIRP Irp, PDEVICE_OBJECT PtrTargetDeviceObject)
Definition: misc.cpp:985
VOID UDFReleaseIrpContext(PtrUDFIrpContext PtrIrpContext)
Definition: misc.cpp:1086
long UDFExceptionFilter(PtrUDFIrpContext PtrIrpContext, PEXCEPTION_POINTERS PtrExceptionPointers)
Definition: misc.cpp:265
#define INTEGRITY_TYPE_OPEN
Definition: ecma_167.h:357
__inline VOID UDFNotifyFullReportChange(PVCB V, PUDF_FILE_INFO FI, ULONG E, ULONG A)
Definition: env_spec.h:99
#define UDFReleaseResource(Resource)
Definition: env_spec_w32.h:661
#define KdDump(a, b)
Definition: env_spec_w32.h:312
#define UDFAcquireResourceExclusive(Resource, CanWait)
Definition: env_spec_w32.h:656
#define DbgFreePool
Definition: env_spec_w32.h:334
#define DbgAllocatePool
Definition: env_spec_w32.h:332
ERESOURCE * PERESOURCE
Definition: env_spec_w32.h:595
#define NonPagedPool
Definition: env_spec_w32.h:307
#define BrutePoint()
Definition: env_spec_w32.h:504
#define AdPrint(_x_)
Definition: env_spec_w32.h:292
#define UDF_ERROR_INTERNAL_ERROR
Definition: errmsg.h:71
#define NtReqFcb
#define _SEH2_FINALLY
Definition: filesup.c:21
#define _SEH2_TRY
Definition: filesup.c:19
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
#define FsRtlEnterFileSystem
#define FsRtlExitFileSystem
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NTSYSAPI ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
#define NOTHING
Definition: input_list.c:10
#define MyFreePool__(addr)
Definition: mem_tools.h:152
#define ASSERT(a)
Definition: mode.c:44
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: security.c:98
struct _ACL ACL
struct _ACL * PACL
Definition: security.c:105
#define UserMode
Definition: asm.h:35
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI BOOLEAN NTAPI RtlValidSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sd.c:1054
#define FILE_WRITE_DATA
Definition: nt_native.h:631
#define WRITE_DAC
Definition: nt_native.h:59
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
#define FILE_DELETE_CHILD
Definition: nt_native.h:645
#define FILE_APPEND_DATA
Definition: nt_native.h:634
#define DELETE
Definition: nt_native.h:57
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
#define WRITE_OWNER
Definition: nt_native.h:60
#define FILE_ADD_SUBDIRECTORY
Definition: nt_native.h:635
#define FILE_ADD_FILE
Definition: nt_native.h:632
#define FILE_WRITE_EA
Definition: nt_native.h:640
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define FULL_SECURITY_INFORMATION
Definition: ntifs_ex.h:118
VOID NTAPI IoSetShareAccess(IN ACCESS_MASK DesiredAccess, IN ULONG DesiredShareAccess, IN PFILE_OBJECT FileObject, OUT PSHARE_ACCESS ShareAccess)
Definition: file.c:3517
NTSTATUS NTAPI IoCheckShareAccess(IN ACCESS_MASK DesiredAccess, IN ULONG DesiredShareAccess, IN PFILE_OBJECT FileObject, IN PSHARE_ACCESS ShareAccess, IN BOOLEAN Update)
Definition: file.c:3390
PGENERIC_MAPPING NTAPI IoGetFileObjectGenericMapping(VOID)
Definition: file.c:3267
VOID NTAPI IoUpdateShareAccess(IN PFILE_OBJECT FileObject, OUT PSHARE_ACCESS ShareAccess)
Definition: file.c:3351
#define IoCompleteRequest
Definition: irp.c:1240
VOID NTAPI IoSetTopLevelIrp(IN PIRP Irp)
Definition: irp.c:2000
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
#define STATUS_PENDING
Definition: ntstatus.h:82
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239
#define STATUS_NO_SECURITY_ON_OBJECT
Definition: ntstatus.h:451
unsigned short USHORT
Definition: pedump.c:61
#define Vcb
Definition: cdprocs.h:1415
PVOID UDFGetCallersBuffer(PtrUDFIrpContext PtrIrpContext, PIRP Irp)
Definition: read.cpp:871
NTSTATUS UDFSetSecurity(PDEVICE_OBJECT DeviceObject, PIRP Irp)
NTSTATUS UDFGetSecurity(PDEVICE_OBJECT DeviceObject, PIRP Irp)
NTSTATUS UDFCommonSetSecurity(PtrUDFIrpContext PtrIrpContext, PIRP Irp)
NTSTATUS UDFCommonGetSecurity(PtrUDFIrpContext PtrIrpContext, PIRP Irp)
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:66
VOID UDFDeassignAcl(IN PtrUDFNTRequiredFCB NtReqFcb, IN BOOLEAN AutoInherited)
Definition: secursup.cpp:772
NTSTATUS UDFReadSecurity(IN PVCB Vcb, IN PtrUDFFCB Fcb, IN PSECURITY_DESCRIPTOR *SecurityDesc)
Definition: secursup.cpp:420
NTSTATUS UDFWriteSecurity(IN PVCB Vcb, IN PtrUDFFCB Fcb, IN PSECURITY_DESCRIPTOR *SecurityDesc)
Definition: secursup.cpp:796
NTSTATUS UDFSetAccessRights(PFILE_OBJECT FileObject, PACCESS_STATE AccessState, PtrUDFFCB Fcb, PtrUDFCCB Ccb, ACCESS_MASK DesiredAccess, USHORT ShareAccess)
Definition: secursup.cpp:1049
NTSTATUS UDFCheckAccessRights(PFILE_OBJECT FileObject, PACCESS_STATE AccessState, PtrUDFFCB Fcb, PtrUDFCCB Ccb, ACCESS_MASK DesiredAccess, USHORT ShareAccess)
Definition: secursup.cpp:927
PSECURITY_DESCRIPTOR UDFLookUpAcl(IN PVCB Vcb, PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb)
Definition: secursup.cpp:915
NTSTATUS UDFAssignAcl(IN PVCB Vcb, IN PFILE_OBJECT FileObject, IN PtrUDFFCB Fcb, IN PtrUDFNTRequiredFCB NtReqFcb)
Definition: secursup.cpp:706
#define AbnormalTermination()
Definition: seh.h:28
#define GetExceptionInformation()
Definition: seh.h:26
PSE_EXPORTS SeExports
Definition: semgr.c:21
#define STATUS_SUCCESS
Definition: shellext.h:65
#define STATUS_NOT_FOUND
Definition: shellext.h:72
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
#define UDF_FCB_READ_ONLY
Definition: struct.h:312
#define UDF_IRP_CONTEXT_CAN_BLOCK
Definition: struct.h:385
#define UDF_CCB_VOLUME_OPEN
Definition: struct.h:166
#define UDF_NTREQ_FCB_SD_MODIFIED
Definition: struct.h:233
struct _UDFContextControlBlock * PtrUDFCCB
#define UDF_FCB_DIRECTORY
Definition: struct.h:303
PVCB Vcb
Definition: cdstruc.h:933
struct _FCB::@724::@727 Fcb
ULONG OpenHandleCount
Definition: ntfs.h:537
struct _IO_STACK_LOCATION::@3983::@4002 SetSecurity
PFILE_OBJECT FileObject
Definition: iotypes.h:3169
struct _IO_STACK_LOCATION::@3983::@4001 QuerySecurity
union _IO_STACK_LOCATION::@1568 Parameters
LUID SeSecurityPrivilege
Definition: setypes.h:1201
PSID SeWorldSid
Definition: setypes.h:1219
UNICODE_STRING AclName
Definition: udf_common.h:618
struct _UDFFileControlBlock * Fcb
Definition: udf_rel.h:362
Definition: cdstruc.h:498
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: subject.c:171
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85
uint32_t * PULONG
Definition: typedefs.h:59
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define IN
Definition: typedefs.h:39
uint32_t ULONG
Definition: typedefs.h:59
#define OUT
Definition: typedefs.h:40
char * PCHAR
Definition: typedefs.h:51
#define UDF_VCB_IC_DIRTY_RO
Definition: udf_common.h:516
#define UDF_VCB_FLAGS_VOLUME_READ_ONLY
Definition: udf_common.h:463
#define UDF_VCB_FLAGS_RAW_DISK
Definition: udf_common.h:476
#define UDF_VCB_FLAGS_MEDIA_READ_ONLY
Definition: udf_common.h:481
#define UDF_VCB_IC_WRITE_IN_RO_DIR
Definition: udf_common.h:499
OSSTATUS UDFWriteFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN int64 Offset, IN SIZE_T Length, IN BOOLEAN Direct, IN int8 *Buffer, OUT PSIZE_T WrittenBytes)
Definition: udf_info.cpp:1605
int64 UDFGetFileSize(IN PUDF_FILE_INFO FileInfo)
Definition: udf_info.cpp:1236
OSSTATUS UDFCloseFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo)
Definition: udf_info.cpp:2994
OSSTATUS UDFFlushFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN ULONG FlushFlags)
Definition: udf_info.cpp:4119
uint32 UDFCleanUpFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo)
Definition: udf_info.cpp:2276
OSSTATUS UDFUnlinkFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN BOOLEAN FreeSpace)
Definition: udf_info.cpp:1766
OSSTATUS UDFOpenStreamDir__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, OUT PUDF_FILE_INFO *_SDirInfo)
Definition: udf_info.cpp:4965
OSSTATUS UDFCreateFile__(IN PVCB Vcb, IN BOOLEAN IgnoreCase, IN PUNICODE_STRING _fn, IN uint32 ExtAttrSz, IN uint32 ImpUseLen, IN BOOLEAN Extended, IN BOOLEAN CreateNew, IN OUT PUDF_FILE_INFO DirInfo, OUT PUDF_FILE_INFO *_FileInfo)
Definition: udf_info.cpp:2577
OSSTATUS UDFCreateStreamDir__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, OUT PUDF_FILE_INFO *_SDirInfo)
Definition: udf_info.cpp:4888
OSSTATUS UDFOpenFile__(IN PVCB Vcb, IN BOOLEAN IgnoreCase, IN BOOLEAN NotDeleted, IN PUNICODE_STRING fn, IN PUDF_FILE_INFO DirInfo, OUT PUDF_FILE_INFO *_FileInfo, IN uint_di *IndexToOpen)
Definition: udf_info.cpp:2004
#define UDFIsAStreamDir(FI)
Definition: udf_info.h:998
#define UDFIsADirectory(FileInfo)
Definition: udf_info.h:792
__inline OSSTATUS UDFReadFile__(IN PVCB Vcb, IN PUDF_FILE_INFO FileInfo, IN int64 Offset, IN SIZE_T Length, IN BOOLEAN Direct, OUT int8 *Buffer, OUT PSIZE_T ReadBytes)
Definition: udf_info.h:666
#define UDFIsAStream(FI)
Definition: udf_info.h:1002
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define STATUS_INVALID_USER_BUFFER
Definition: udferr_usr.h:166
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_OBJECT_NAME_NOT_FOUND
Definition: udferr_usr.h:149
UDFData UDFGlobalData
Definition: udfinit.cpp:25
#define UDF_CHECK_PAGING_IO_RESOURCE(NTReqFCB)
Definition: udffs.h:260
#define UDFPrint(Args)
Definition: udffs.h:223
_In_ PDEVICE_OBJECT DeviceObject
Definition: wdfdevice.h:2055
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
#define FILE_ACTION_MODIFIED
#define FILE_NOTIFY_CHANGE_SECURITY
* PFILE_OBJECT
Definition: iotypes.h:1998
#define IO_DISK_INCREMENT
Definition: iotypes.h:600
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
NTKERNELAPI NTSTATUS NTAPI SeQuerySecurityDescriptorInfo(_In_ PSECURITY_INFORMATION SecurityInformation, _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PULONG Length, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
#define ACL_REVISION
Definition: setypes.h:39
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126