#define NDEBUG
#include <internal/debug.h>
-#define EX_OBJ_TO_HDR(eob) ((POBJECT_HEADER)((ULONG_PTR)(eob) & \
- ~(EX_HANDLE_ENTRY_PROTECTFROMCLOSE | EX_HANDLE_ENTRY_INHERITABLE | \
- EX_HANDLE_ENTRY_AUDITONCLOSE)))
-#define EX_HTE_TO_HDR(hte) ((POBJECT_HEADER)((ULONG_PTR)((hte)->u1.Object) & \
- ~(EX_HANDLE_ENTRY_PROTECTFROMCLOSE | EX_HANDLE_ENTRY_INHERITABLE | \
- EX_HANDLE_ENTRY_AUDITONCLOSE)))
-
#define GENERIC_ANY (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL)
/* GLOBALS *****************************************************************/
PHANDLE_TABLE ObpKernelHandleTable = NULL;
+/* TEMPORARY HACK. DO NOT REMOVE -- Alex */
+NTSTATUS
+STDCALL
+ExpDesktopCreate(PVOID ObjectBody,
+ PVOID Parent,
+ PWSTR RemainingPath,
+ POBJECT_CREATE_INFORMATION ObjectCreateInformation);
+
/* FUNCTIONS ***************************************************************/
static VOID
{
POBJECT_HEADER ObjectHeader = BODY_TO_HEADER(ObjectBody);
LONG NewHandleCount = InterlockedDecrement(&ObjectHeader->HandleCount);
+ DPRINT("Header: %x\n", ObjectHeader);
+ DPRINT("NewHandleCount: %x\n", NewHandleCount);
+ DPRINT("HEADER_TO_OBJECT_NAME: %x\n", HEADER_TO_OBJECT_NAME(ObjectHeader));
- if ((ObjectHeader->ObjectType != NULL) &&
- (ObjectHeader->ObjectType->Close != NULL))
+ if ((ObjectHeader->Type != NULL) &&
+ (ObjectHeader->Type->TypeInfo.CloseProcedure != NULL))
{
/* the handle count should be decremented but we pass the previous value
to the callback */
- ObjectHeader->ObjectType->Close(ObjectBody, NewHandleCount + 1);
+ ObjectHeader->Type->TypeInfo.CloseProcedure(ObjectBody, NewHandleCount + 1);
}
if(NewHandleCount == 0)
{
- if(ObjectHeader->Parent != NULL && !ObjectHeader->Permanent)
+ if(HEADER_TO_OBJECT_NAME(ObjectHeader) &&
+ HEADER_TO_OBJECT_NAME(ObjectHeader)->Directory != NULL &&
+ !(ObjectHeader->Flags & OB_FLAG_PERMANENT))
{
/* delete the object from the namespace when the last handle got closed.
Only do this if it's actually been inserted into the namespace and
if it's not a permanent object. */
ObpRemoveEntryDirectory(ObjectHeader);
}
-
+
/* remove the keep-alive reference */
ObDereferenceObject(ObjectBody);
}
NTSTATUS
+NTAPI
ObpQueryHandleAttributes(HANDLE Handle,
POBJECT_HANDLE_ATTRIBUTE_INFORMATION HandleInfo)
{
PHANDLE_TABLE HandleTable;
PHANDLE_TABLE_ENTRY HandleTableEntry;
- LONG ExHandle;
-
+
PAGED_CODE();
DPRINT("ObpQueryHandleAttributes(Handle %x)\n", Handle);
-
+
if(ObIsKernelHandle(Handle, ExGetPreviousMode()))
{
HandleTable = ObpKernelHandleTable;
- ExHandle = HANDLE_TO_EX_HANDLE(ObKernelHandleToHandle(Handle));
+ Handle = ObKernelHandleToHandle(Handle);
}
else
{
HandleTable = PsGetCurrentProcess()->ObjectTable;
- ExHandle = HANDLE_TO_EX_HANDLE(Handle);
}
KeEnterCriticalRegion();
HandleTableEntry = ExMapHandleToPointer(HandleTable,
- ExHandle);
+ Handle);
if (HandleTableEntry == NULL)
{
KeLeaveCriticalRegion();
NTSTATUS
+NTAPI
ObpSetHandleAttributes(HANDLE Handle,
POBJECT_HANDLE_ATTRIBUTE_INFORMATION HandleInfo)
{
PHANDLE_TABLE HandleTable;
PHANDLE_TABLE_ENTRY HandleTableEntry;
- LONG ExHandle;
-
+
PAGED_CODE();
DPRINT("ObpSetHandleAttributes(Handle %x)\n", Handle);
if(ObIsKernelHandle(Handle, ExGetPreviousMode()))
{
HandleTable = ObpKernelHandleTable;
- ExHandle = HANDLE_TO_EX_HANDLE(ObKernelHandleToHandle(Handle));
+ Handle = ObKernelHandleToHandle(Handle);
}
else
{
HandleTable = PsGetCurrentProcess()->ObjectTable;
- ExHandle = HANDLE_TO_EX_HANDLE(Handle);
}
-
+
KeEnterCriticalRegion();
HandleTableEntry = ExMapHandleToPointer(HandleTable,
- ExHandle);
+ Handle);
if (HandleTableEntry == NULL)
{
KeLeaveCriticalRegion();
PHANDLE_TABLE_ENTRY HandleEntry;
PVOID Body;
POBJECT_HEADER ObjectHeader;
- LONG ExHandle = HANDLE_TO_EX_HANDLE(Handle);
PAGED_CODE();
KeEnterCriticalRegion();
HandleEntry = ExMapHandleToPointer(HandleTable,
- ExHandle);
+ Handle);
if(HandleEntry != NULL)
{
if(HandleEntry->u1.ObAttributes & EX_HANDLE_ENTRY_PROTECTFROMCLOSE)
}
ObjectHeader = EX_HTE_TO_HDR(HandleEntry);
- Body = HEADER_TO_BODY(ObjectHeader);
+ Body = &ObjectHeader->Body;
ObpDecrementHandleCount(Body);
/* destroy and unlock the handle entry */
ExDestroyHandleByEntry(HandleTable,
HandleEntry,
- ExHandle);
+ Handle);
KeLeaveCriticalRegion();
NTSTATUS
+NTAPI
ObDuplicateObject(PEPROCESS SourceProcess,
PEPROCESS TargetProcess,
HANDLE SourceHandle,
HANDLE_TABLE_ENTRY NewHandleEntry;
PVOID ObjectBody;
POBJECT_HEADER ObjectHeader;
- LONG ExTargetHandle;
- LONG ExSourceHandle;
ULONG NewHandleCount;
-
+ HANDLE NewTargetHandle;
+
PAGED_CODE();
-
+
if(ObIsKernelHandle(SourceHandle, ExGetPreviousMode()))
{
SourceHandleTable = ObpKernelHandleTable;
{
SourceHandleTable = SourceProcess->ObjectTable;
}
-
- ExSourceHandle = HANDLE_TO_EX_HANDLE(SourceHandle);
-
+
KeEnterCriticalRegion();
-
+
SourceHandleEntry = ExMapHandleToPointer(SourceHandleTable,
- ExSourceHandle);
+ SourceHandle);
if (SourceHandleEntry == NULL)
{
KeLeaveCriticalRegion();
}
ObjectHeader = EX_HTE_TO_HDR(SourceHandleEntry);
- ObjectBody = HEADER_TO_BODY(ObjectHeader);
+ ObjectBody = &ObjectHeader->Body;
NewHandleEntry.u1.Object = SourceHandleEntry->u1.Object;
if(InheritHandle)
if (DesiredAccess & GENERIC_ANY)
{
RtlMapGenericMask(&DesiredAccess,
- ObjectHeader->ObjectType->Mapping);
+ &ObjectHeader->Type->TypeInfo.GenericMapping);
}
NewHandleEntry.u2.GrantedAccess = DesiredAccess;
}
-
+
/* reference the object so it doesn't get deleted after releasing the lock
and before creating a new handle for it */
ObReferenceObject(ObjectBody);
-
+
/* increment the handle count of the object, it should always be >= 2 because
we're holding a handle lock to this object! if the new handle count was
1 here, we're in big trouble... it would've been safe to increment and
entry is locked, which means the handle count can't change. */
NewHandleCount = InterlockedIncrement(&ObjectHeader->HandleCount);
ASSERT(NewHandleCount >= 2);
-
+
ExUnlockHandleTableEntry(SourceHandleTable,
SourceHandleEntry);
KeLeaveCriticalRegion();
/* attempt to create the new handle */
- ExTargetHandle = ExCreateHandle(TargetProcess->ObjectTable,
- &NewHandleEntry);
- if (ExTargetHandle != EX_INVALID_HANDLE)
+ NewTargetHandle = ExCreateHandle(TargetProcess->ObjectTable,
+ &NewHandleEntry);
+ if (NewTargetHandle != NULL)
{
if (Options & DUPLICATE_CLOSE_SOURCE)
{
ObpDeleteHandle(SourceHandleTable,
SourceHandle);
}
-
+
ObDereferenceObject(ObjectBody);
- *TargetHandle = EX_HANDLE_TO_HANDLE(ExTargetHandle);
-
+ *TargetHandle = NewTargetHandle;
+
return STATUS_SUCCESS;
}
else
{
ObDereferenceObject(ObjectBody);
}
-
+
ObDereferenceObject(ObjectBody);
return STATUS_UNSUCCESSFUL;
}
/*
* @implemented
*/
-NTSTATUS STDCALL
+NTSTATUS STDCALL
NtDuplicateObject (IN HANDLE SourceProcessHandle,
IN HANDLE SourceHandle,
IN HANDLE TargetProcessHandle,
OUT PHANDLE TargetHandle OPTIONAL,
IN ACCESS_MASK DesiredAccess,
- IN BOOLEAN InheritHandle,
- ULONG Options)
+ IN ULONG InheritHandle,
+ IN ULONG Options)
/*
* FUNCTION: Copies a handle from one process space to another
* ARGUMENTS:
- * SourceProcessHandle = The source process owning the handle. The
+ * SourceProcessHandle = The source process owning the handle. The
* source process should have opened
- * the SourceHandle with PROCESS_DUP_HANDLE
+ * the SourceHandle with PROCESS_DUP_HANDLE
* access.
* SourceHandle = The handle to the object.
- * TargetProcessHandle = The destination process owning the handle
- * TargetHandle (OUT) = Caller should supply storage for the
- * duplicated handle.
+ * TargetProcessHandle = The destination process owning the handle
+ * TargetHandle (OUT) = Caller should supply storage for the
+ * duplicated handle.
* DesiredAccess = The desired access to the handle.
* InheritHandle = Indicates wheter the new handle will be inheritable
* or not.
- * Options = Specifies special actions upon duplicating the handle.
- * Can be one of the values DUPLICATE_CLOSE_SOURCE |
- * DUPLICATE_SAME_ACCESS. DUPLICATE_CLOSE_SOURCE specifies
- * that the source handle should be closed after duplicating.
- * DUPLICATE_SAME_ACCESS specifies to ignore the
- * DesiredAccess paramter and just grant the same access to
+ * Options = Specifies special actions upon duplicating the handle.
+ * Can be one of the values DUPLICATE_CLOSE_SOURCE |
+ * DUPLICATE_SAME_ACCESS. DUPLICATE_CLOSE_SOURCE specifies
+ * that the source handle should be closed after duplicating.
+ * DUPLICATE_SAME_ACCESS specifies to ignore the
+ * DesiredAccess paramter and just grant the same access to
* the new handle.
* RETURNS: Status
* REMARKS: This function maps to the win32 DuplicateHandle.
HANDLE hTarget;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status = STATUS_SUCCESS;
-
+
PAGED_CODE();
-
+
PreviousMode = ExGetPreviousMode();
-
+
if(TargetHandle != NULL && PreviousMode != KernelMode)
{
_SEH_TRY
{
- ProbeForWrite(TargetHandle,
- sizeof(HANDLE),
- sizeof(ULONG));
+ ProbeForWriteHandle(TargetHandle);
}
_SEH_HANDLE
{
Status = _SEH_GetExceptionCode();
}
_SEH_END;
-
+
if(!NT_SUCCESS(Status))
{
return Status;
}
}
-
+
Status = ObReferenceObjectByHandle(SourceProcessHandle,
PROCESS_DUP_HANDLE,
NULL,
{
PVOID ObjectBody;
POBJECT_TYPE ObjectType;
-
+
ObjectType = (SourceHandle == NtCurrentThread()) ? PsThreadType : PsProcessType;
Status = ObReferenceObjectByHandle(SourceHandle,
if (DesiredAccess & GENERIC_ANY)
{
RtlMapGenericMask(&DesiredAccess,
- ObjectType->Mapping);
+ &ObjectType->TypeInfo.GenericMapping);
}
}
- Status = ObCreateHandle(TargetProcess,
- ObjectBody,
- DesiredAccess,
- InheritHandle,
- &hTarget);
+ Status = ObpCreateHandle(TargetProcess,
+ ObjectBody,
+ DesiredAccess,
+ InheritHandle,
+ &hTarget);
ObDereferenceObject(ObjectBody);
}
static VOID STDCALL
-DeleteHandleCallback(PHANDLE_TABLE HandleTable,
- PVOID Object,
- ULONG GrantedAccess,
- PVOID Context)
+SweepHandleCallback(PHANDLE_TABLE HandleTable,
+ PVOID Object,
+ ULONG GrantedAccess,
+ PVOID Context)
{
POBJECT_HEADER ObjectHeader;
PVOID ObjectBody;
-
+
PAGED_CODE();
ObjectHeader = EX_OBJ_TO_HDR(Object);
- ObjectBody = HEADER_TO_BODY(ObjectHeader);
-
+ ObjectBody = &ObjectHeader->Body;
+
ObpDecrementHandleCount(ObjectBody);
}
{
POBJECT_HEADER ObjectHeader;
BOOLEAN Ret = FALSE;
-
+
PAGED_CODE();
-
+
Ret = (HandleTableEntry->u1.ObAttributes & EX_HANDLE_ENTRY_INHERITABLE) != 0;
if(Ret)
{
ObjectHeader = EX_HTE_TO_HDR(HandleTableEntry);
if(InterlockedIncrement(&ObjectHeader->HandleCount) == 1)
{
- ObReferenceObject(HEADER_TO_BODY(ObjectHeader));
+ ObReferenceObject(&ObjectHeader->Body);
}
}
-
+
return Ret;
}
-VOID ObCreateHandleTable(PEPROCESS Parent,
+VOID
+NTAPI
+ObCreateHandleTable(PEPROCESS Parent,
BOOLEAN Inherit,
PEPROCESS Process)
/*
*/
{
PAGED_CODE();
-
+
DPRINT("ObCreateHandleTable(Parent %x, Inherit %d, Process %x)\n",
Parent,Inherit,Process);
if(Parent != NULL)
{
PAGED_CODE();
- ExDestroyHandleTable(Process->ObjectTable,
- DeleteHandleCallback,
- Process);
+ /* FIXME - Temporary hack: sweep and destroy here, needs to be fixed!!! */
+ ExSweepHandleTable(Process->ObjectTable,
+ SweepHandleCallback,
+ Process);
+ ExDestroyHandleTable(Process->ObjectTable);
+ Process->ObjectTable = NULL;
}
NTSTATUS
-ObCreateHandle(PEPROCESS Process,
+NTAPI
+ObpCreateHandle(PEPROCESS Process,
PVOID ObjectBody,
ACCESS_MASK GrantedAccess,
BOOLEAN Inherit,
{
HANDLE_TABLE_ENTRY NewEntry;
POBJECT_HEADER ObjectHeader;
- LONG ExHandle;
-
+ HANDLE Handle;
+
PAGED_CODE();
- DPRINT("ObCreateHandle(Process %x, obj %x)\n",Process,ObjectBody);
+ DPRINT("ObpCreateHandle(Process %x, obj %x)\n",Process,ObjectBody);
ASSERT(Process);
ASSERT(ObjectBody);
ObjectHeader = BODY_TO_HEADER(ObjectBody);
ASSERT((ULONG_PTR)ObjectHeader & EX_HANDLE_ENTRY_LOCKED);
-
+
if (GrantedAccess & MAXIMUM_ALLOWED)
{
GrantedAccess &= ~MAXIMUM_ALLOWED;
if (GrantedAccess & GENERIC_ANY)
{
RtlMapGenericMask(&GrantedAccess,
- ObjectHeader->ObjectType->Mapping);
+ &ObjectHeader->Type->TypeInfo.GenericMapping);
}
NewEntry.u1.Object = ObjectHeader;
else
NewEntry.u1.ObAttributes &= ~EX_HANDLE_ENTRY_INHERITABLE;
NewEntry.u2.GrantedAccess = GrantedAccess;
-
- ExHandle = ExCreateHandle(Process->ObjectTable,
- &NewEntry);
- DPRINT("ObCreateHandle(0x%x)==0x%x [HT:0x%x]\n", ObjectHeader, *HandleReturn, Process->ObjectTable);
- if(ExHandle != EX_INVALID_HANDLE)
+
+ Handle = ExCreateHandle(Process->ObjectTable,
+ &NewEntry);
+ DPRINT("ObCreateHandle(0x%x)==0x%x [HT:0x%x]\n", ObjectHeader, Handle, Process->ObjectTable);
+ if(Handle != NULL)
{
if(InterlockedIncrement(&ObjectHeader->HandleCount) == 1)
{
NULL,
UserMode);
}
-
- *HandleReturn = EX_HANDLE_TO_HANDLE(ExHandle);
+
+ *HandleReturn = Handle;
return STATUS_SUCCESS;
}
{
PHANDLE_TABLE_ENTRY HandleEntry;
PEPROCESS Process;
- LONG ExHandle = HANDLE_TO_EX_HANDLE(Handle);
-
+
PAGED_CODE();
DPRINT("ObQueryObjectAuditingByHandle(Handle %x)\n", Handle);
Process = PsGetCurrentProcess();
-
+
KeEnterCriticalRegion();
HandleEntry = ExMapHandleToPointer(Process->ObjectTable,
- ExHandle);
+ Handle);
if(HandleEntry != NULL)
{
*GenerateOnClose = (HandleEntry->u1.ObAttributes & EX_HANDLE_ENTRY_AUDITONCLOSE) != 0;
-
+
ExUnlockHandleTableEntry(Process->ObjectTable,
HandleEntry);
KeLeaveCriticalRegion();
-
+
return STATUS_SUCCESS;
}
-
+
KeLeaveCriticalRegion();
-
+
return STATUS_INVALID_HANDLE;
}
/*
- * FUNCTION: Increments the reference count for an object and returns a
+ * FUNCTION: Increments the reference count for an object and returns a
* pointer to its body
* ARGUMENTS:
* Handle = Handle for the object
* DesiredAccess = Desired access to the object
* ObjectType
- * AccessMode
+ * AccessMode
* Object (OUT) = Points to the object body on return
- * HandleInformation (OUT) = Contains information about the handle
+ * HandleInformation (OUT) = Contains information about the handle
* on return
* RETURNS: Status
*
PVOID ObjectBody;
ACCESS_MASK GrantedAccess;
ULONG Attributes;
- LONG ExHandle;
-
+
PAGED_CODE();
-
+
DPRINT("ObReferenceObjectByHandle(Handle %x, DesiredAccess %x, "
"ObjectType %x, AccessMode %d, Object %x)\n",Handle,DesiredAccess,
ObjectType,AccessMode,Object);
+ if (Handle == NULL)
+ {
+ return STATUS_INVALID_HANDLE;
+ }
/*
* Handle special handle names
*/
- if (Handle == NtCurrentProcess() &&
+ if (Handle == NtCurrentProcess() &&
(ObjectType == PsProcessType || ObjectType == NULL))
{
PEPROCESS CurrentProcess = PsGetCurrentProcess();
-
+
ObReferenceObject(CurrentProcess);
if (HandleInformation != NULL)
return(STATUS_OBJECT_TYPE_MISMATCH);
}
- if (Handle == NtCurrentThread() &&
+ if (Handle == NtCurrentThread() &&
(ObjectType == PsThreadType || ObjectType == NULL))
{
PETHREAD CurrentThread = PsGetCurrentThread();
-
+
ObReferenceObject(CurrentThread);
if (HandleInformation != NULL)
CHECKPOINT;
return(STATUS_OBJECT_TYPE_MISMATCH);
}
-
+
/* desire as much access rights as possible */
if (DesiredAccess & MAXIMUM_ALLOWED)
{
DesiredAccess &= ~MAXIMUM_ALLOWED;
DesiredAccess |= GENERIC_ALL;
}
-
+
if(ObIsKernelHandle(Handle, AccessMode))
{
HandleTable = ObpKernelHandleTable;
- ExHandle = HANDLE_TO_EX_HANDLE(ObKernelHandleToHandle(Handle));
+ Handle = ObKernelHandleToHandle(Handle);
}
else
{
HandleTable = PsGetCurrentProcess()->ObjectTable;
- ExHandle = HANDLE_TO_EX_HANDLE(Handle);
}
KeEnterCriticalRegion();
-
+
HandleEntry = ExMapHandleToPointer(HandleTable,
- ExHandle);
+ Handle);
if (HandleEntry == NULL)
{
KeLeaveCriticalRegion();
}
ObjectHeader = EX_HTE_TO_HDR(HandleEntry);
- ObjectBody = HEADER_TO_BODY(ObjectHeader);
-
+ ObjectBody = &ObjectHeader->Body;
+
DPRINT("locked1: ObjectHeader: 0x%x [HT:0x%x]\n", ObjectHeader, HandleTable);
-
- if (ObjectType != NULL && ObjectType != ObjectHeader->ObjectType)
+
+ if (ObjectType != NULL && ObjectType != ObjectHeader->Type)
{
- DPRINT("ObjectType mismatch: %wZ vs %wZ (handle 0x%x)\n", &ObjectType->TypeName, ObjectHeader->ObjectType ? &ObjectHeader->ObjectType->TypeName : NULL, Handle);
+ DPRINT("ObjectType mismatch: %wZ vs %wZ (handle 0x%x)\n", &ObjectType->Name, ObjectHeader->Type ? &ObjectHeader->Type->Name : NULL, Handle);
ExUnlockHandleTableEntry(HandleTable,
HandleEntry);
if (DesiredAccess & GENERIC_ANY)
{
RtlMapGenericMask(&DesiredAccess,
- BODY_TO_HEADER(ObjectBody)->ObjectType->Mapping);
+ &BODY_TO_HEADER(ObjectBody)->Type->TypeInfo.GenericMapping);
}
-
+
GrantedAccess = HandleEntry->u2.GrantedAccess;
-
+
/* Unless running as KernelMode, deny access if caller desires more access
rights than the handle can grant */
if(AccessMode != KernelMode && (~GrantedAccess & DesiredAccess))
HandleEntry);
KeLeaveCriticalRegion();
-
+
DPRINT1("GrantedAccess: 0x%x, ~GrantedAccess: 0x%x, DesiredAccess: 0x%x, denied: 0x%x\n", GrantedAccess, ~GrantedAccess, DesiredAccess, ~GrantedAccess & DesiredAccess);
return(STATUS_ACCESS_DENIED);
}
ObReferenceObject(ObjectBody);
-
+
Attributes = HandleEntry->u1.ObAttributes & (EX_HANDLE_ENTRY_PROTECTFROMCLOSE |
EX_HANDLE_ENTRY_INHERITABLE |
EX_HANDLE_ENTRY_AUDITONCLOSE);
ExUnlockHandleTableEntry(HandleTable,
HandleEntry);
-
+
KeLeaveCriticalRegion();
if (HandleInformation != NULL)
}
*Object = ObjectBody;
-
+
return(STATUS_SUCCESS);
}
/**********************************************************************
* NAME EXPORTED
* NtClose
- *
+ *
* DESCRIPTION
* Closes a handle reference to an object.
- *
+ *
* ARGUMENTS
* Handle
* Handle to close.
- *
+ *
* RETURN VALUE
* Status.
*
{
PHANDLE_TABLE HandleTable;
NTSTATUS Status;
-
+
PAGED_CODE();
-
+
if(ObIsKernelHandle(Handle, ExGetPreviousMode()))
{
HandleTable = ObpKernelHandleTable;
{
HandleTable = PsGetCurrentProcess()->ObjectTable;
}
-
+
Status = ObpDeleteHandle(HandleTable,
Handle);
if (!NT_SUCCESS(Status))
}
return Status;
}
-
+
return(STATUS_SUCCESS);
}
/*
* @implemented
*/
-NTSTATUS STDCALL
+NTSTATUS
+STDCALL
ObInsertObject(IN PVOID Object,
- IN PACCESS_STATE PassedAccessState OPTIONAL,
- IN ACCESS_MASK DesiredAccess,
- IN ULONG AdditionalReferences,
- OUT PVOID* ReferencedObject OPTIONAL,
- OUT PHANDLE Handle)
+ IN PACCESS_STATE PassedAccessState OPTIONAL,
+ IN ACCESS_MASK DesiredAccess,
+ IN ULONG AdditionalReferences,
+ OUT PVOID* ReferencedObject OPTIONAL,
+ OUT PHANDLE Handle)
{
- POBJECT_HEADER ObjectHeader;
- ACCESS_MASK Access;
+ POBJECT_CREATE_INFORMATION ObjectCreateInfo;
+ POBJECT_HEADER Header;
+ POBJECT_HEADER_NAME_INFO ObjectNameInfo;
+ PVOID FoundObject = NULL;
+ POBJECT_HEADER FoundHeader = NULL;
+ NTSTATUS Status = STATUS_SUCCESS;
+ UNICODE_STRING RemainingPath;
+ BOOLEAN ObjectAttached = FALSE;
+ PSECURITY_DESCRIPTOR NewSecurityDescriptor = NULL;
+ SECURITY_SUBJECT_CONTEXT SubjectContext;
+
+ PAGED_CODE();
+
+ /* Get the Header and Create Info */
+ DPRINT("ObInsertObject: %x\n", Object);
+ Header = BODY_TO_HEADER(Object);
+ ObjectCreateInfo = Header->ObjectCreateInfo;
+ ObjectNameInfo = HEADER_TO_OBJECT_NAME(Header);
+
+ /* First try to find the Object */
+ if (ObjectNameInfo && ObjectNameInfo->Name.Buffer)
+ {
+ DPRINT("Object has a name. Trying to find it: %wZ.\n", &ObjectNameInfo->Name);
+ Status = ObFindObject(ObjectCreateInfo,
+ &ObjectNameInfo->Name,
+ &FoundObject,
+ &RemainingPath,
+ NULL);
+ DPRINT("FoundObject: %x, Path: %wZ\n", FoundObject, &RemainingPath);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ObFindObject() failed! (Status 0x%x)\n", Status);
+ return Status;
+ }
+
+ if (FoundObject)
+ {
+ DPRINT("Getting header: %x\n", FoundObject);
+ FoundHeader = BODY_TO_HEADER(FoundObject);
+ }
+
+ if (FoundHeader && RemainingPath.Buffer == NULL)
+ {
+ DPRINT("Object exists\n");
+ ObDereferenceObject(FoundObject);
+ return STATUS_OBJECT_NAME_COLLISION;
+ }
+ }
+ else
+ {
+ DPRINT("No name, empty remaining path\n");
+ RtlInitUnicodeString(&RemainingPath, NULL);
+ }
+
+ if (FoundHeader && FoundHeader->Type == ObDirectoryType &&
+ RemainingPath.Buffer)
+ {
+ /* The name was changed so let's update it */
+ /* FIXME: TEMPORARY HACK This will go in ObFindObject in the next commit */
+ PVOID NewName;
+ PWSTR BufferPos = RemainingPath.Buffer;
+ ULONG Delta = 0;
+
+ ObpAddEntryDirectory(FoundObject, Header, NULL);
+ ObjectAttached = TRUE;
+
+ ObjectNameInfo = HEADER_TO_OBJECT_NAME(Header);
+
+ if (BufferPos[0] == L'\\')
+ {
+ BufferPos++;
+ Delta = sizeof(WCHAR);
+ }
+ NewName = ExAllocatePool(NonPagedPool, RemainingPath.MaximumLength - Delta);
+ RtlMoveMemory(NewName, BufferPos, RemainingPath.MaximumLength - Delta);
+ if (ObjectNameInfo->Name.Buffer) ExFreePool(ObjectNameInfo->Name.Buffer);
+ ObjectNameInfo->Name.Buffer = NewName;
+ ObjectNameInfo->Name.Length = RemainingPath.Length - Delta;
+ ObjectNameInfo->Name.MaximumLength = RemainingPath.MaximumLength - Delta;
+ DPRINT("Name: %S\n", ObjectNameInfo->Name.Buffer);
+ }
+
+ if ((Header->Type == IoFileObjectType) ||
+ (Header->Type == ExDesktopObjectType) ||
+ (Header->Type->TypeInfo.OpenProcedure != NULL))
+ {
+ DPRINT("About to call Open Routine\n");
+ if (Header->Type == IoFileObjectType)
+ {
+ /* TEMPORARY HACK. DO NOT TOUCH -- Alex */
+ DPRINT("Calling IopCreateFile: %x\n", FoundObject);
+ Status = IopCreateFile(&Header->Body,
+ FoundObject,
+ RemainingPath.Buffer,
+ ObjectCreateInfo);
+ DPRINT("Called IopCreateFile: %x\n", Status);
+
+ }
+ else if (Header->Type == ExDesktopObjectType)
+ {
+ /* TEMPORARY HACK. DO NOT TOUCH -- Alex */
+ DPRINT("Calling ExpDesktopCreate\n");
+ Status = ExpDesktopCreate(&Header->Body,
+ FoundObject,
+ RemainingPath.Buffer,
+ ObjectCreateInfo);
+ }
+ else if (Header->Type->TypeInfo.OpenProcedure != NULL)
+ {
+ DPRINT("Calling %x\n", Header->Type->TypeInfo.OpenProcedure);
+ Status = Header->Type->TypeInfo.OpenProcedure(ObCreateHandle,
+ &Header->Body,
+ NULL,
+ 0,
+ 0);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT("Create Failed\n");
+ if (ObjectAttached == TRUE)
+ {
+ ObpRemoveEntryDirectory(Header);
+ }
+ if (FoundObject)
+ {
+ ObDereferenceObject(FoundObject);
+ }
+ RtlFreeUnicodeString(&RemainingPath);
+ return Status;
+ }
+ }
+
+ RtlFreeUnicodeString(&RemainingPath);
- PAGED_CODE();
+ DPRINT("Security Assignment in progress\n");
+ SeCaptureSubjectContext(&SubjectContext);
+
+ /* Build the new security descriptor */
+ Status = SeAssignSecurity((FoundHeader != NULL) ? FoundHeader->SecurityDescriptor : NULL,
+ (ObjectCreateInfo != NULL) ? ObjectCreateInfo->SecurityDescriptor : NULL,
+ &NewSecurityDescriptor,
+ (Header->Type == ObDirectoryType),
+ &SubjectContext,
+ &Header->Type->TypeInfo.GenericMapping,
+ PagedPool);
+
+ if (NT_SUCCESS(Status))
+ {
+ DPRINT("NewSecurityDescriptor %p\n", NewSecurityDescriptor);
- Access = DesiredAccess;
- ObjectHeader = BODY_TO_HEADER(Object);
+ if (Header->Type->TypeInfo.SecurityProcedure != NULL)
+ {
+ /* Call the security method */
+ Status = Header->Type->TypeInfo.SecurityProcedure(&Header->Body,
+ AssignSecurityDescriptor,
+ 0,
+ NewSecurityDescriptor,
+ NULL,
+ NULL,
+ NonPagedPool,
+ NULL);
+ }
+ else
+ {
+ /* Assign the security descriptor to the object header */
+ Status = ObpAddSecurityDescriptor(NewSecurityDescriptor,
+ &Header->SecurityDescriptor);
+ DPRINT("Object security descriptor %p\n", Header->SecurityDescriptor);
+ }
- return(ObCreateHandle(PsGetCurrentProcess(),
- Object,
- Access,
- ObjectHeader->Inherit,
- Handle));
+ /* Release the new security descriptor */
+ SeDeassignSecurity(&NewSecurityDescriptor);
+ }
+
+ DPRINT("Security Complete\n");
+ SeReleaseSubjectContext(&SubjectContext);
+
+ /* Create the Handle */
+ /* HACKHACK: Because of ROS's incorrect startup, this can be called
+ * without a valid Process until I finalize the startup patch,
+ * so don't create a handle if this is the case. We also don't create
+ * a handle if Handle is NULL when the Registry Code calls it, because
+ * the registry code totally bastardizes the Ob and needs to be fixed
+ */
+ DPRINT("Creating handle\n");
+ if (Handle != NULL)
+ {
+ Status = ObpCreateHandle(PsGetCurrentProcess(),
+ &Header->Body,
+ DesiredAccess,
+ ObjectCreateInfo->Attributes & OBJ_INHERIT,
+ Handle);
+ DPRINT("handle Created: %d. refcount. handlecount %d %d\n",
+ *Handle, Header->PointerCount, Header->HandleCount);
+ }
+
+ /* We can delete the Create Info now */
+ Header->ObjectCreateInfo = NULL;
+ ObpReleaseCapturedAttributes(ObjectCreateInfo);
+ ExFreePool(ObjectCreateInfo);
+
+ DPRINT("Status %x\n", Status);
+ return Status;
}
ULONG
+NTAPI
ObpGetHandleCountByHandleTable(PHANDLE_TABLE HandleTable)
{
return HandleTable->HandleCount;
IN POBJECT_HANDLE_INFORMATION HandleInformation,
OUT PHANDLE HandleReturn)
{
- UNIMPLEMENTED;
+ DPRINT("ObFindHandleForObject is unimplemented!\n");
return STATUS_UNSUCCESSFUL;
}
// pshi->HandleValue;
-/*
+/*
This will never work with ROS! M$, I guess uses 0 -> 65535.
Ros uses 0 -> 4294967295!
*/
// pshi->GrantedAccess;
// pshi->Object;
-// pshi->ObjectTypeIndex;
+// pshi->TypeIndex;
// pshi->HandleAttributes;
// KeReleaseSpinLock( &Process->HandleTable.ListLock, oldIrql );