- Return a default security descriptor when someone wants to retrieve the key security.
authorEric Kohl <eric.kohl@reactos.org>
Mon, 13 Sep 2004 11:46:07 +0000 (11:46 +0000)
committerEric Kohl <eric.kohl@reactos.org>
Mon, 13 Sep 2004 11:46:07 +0000 (11:46 +0000)
- Disable debug messages.

svn path=/trunk/; revision=10839

reactos/ntoskrnl/cm/registry.c
reactos/ntoskrnl/cm/regobj.c

index dcc1dc5..eef3247 100644 (file)
@@ -1,4 +1,4 @@
-/* $Id: registry.c,v 1.125 2004/08/15 16:39:00 chorns Exp $
+/* $Id: registry.c,v 1.126 2004/09/13 11:46:07 ekohl Exp $
  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
@@ -245,6 +245,9 @@ CmInitializeRegistry(VOID)
   OBJECT_ATTRIBUTES ObjectAttributes;
   UNICODE_STRING KeyName;
   PKEY_OBJECT RootKey;
+#if 0
+  PSECURITY_CELL RootSecurityCell;
+#endif
   HANDLE RootKeyHandle;
   HANDLE KeyHandle;
   NTSTATUS Status;
@@ -313,6 +316,18 @@ CmInitializeRegistry(VOID)
   Status = RtlCreateUnicodeString(&RootKey->Name, L"Registry");
   assert(NT_SUCCESS(Status));
 
+#if 0
+  Status = CmiAllocateCell(CmiVolatileHive,
+                          0x10, //LONG CellSize,
+                          (PVOID *)&RootSecurityCell,
+                          &RootKey->KeyCell->SecurityKeyOffset);
+  assert(NT_SUCCESS(Status));
+
+  /* Copy the security descriptor */
+
+  CmiVolatileHive->RootSecurityCell = RootSecurityCell;
+#endif
+
   KeInitializeSpinLock(&CmiKeyListLock);
 
   /* Create '\Registry\Machine' key. */
@@ -355,7 +370,7 @@ VOID INIT_FUNCTION
 CmInit2(PCHAR CommandLine)
 {
   ULONG PiceStart = 4;
-  BOOL MiniNT = FALSE;
+  BOOLEAN MiniNT = FALSE;
   PWCHAR SystemBootDevice;
   PWCHAR SystemStartOptions;
   ULONG Position;
@@ -370,9 +385,13 @@ CmInit2(PCHAR CommandLine)
    * Parse the system boot device.
    */
   Position = 0;
-  SystemBootDevice = ExAllocatePool(PagedPool, (strlen(CommandLine) + 1) * sizeof(WCHAR));
+  SystemBootDevice = ExAllocatePool(PagedPool,
+                                   (strlen(CommandLine) + 1) * sizeof(WCHAR));
   if (SystemBootDevice == NULL)
+  {
     KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }
+
   while (*CommandLine != 0 && *CommandLine != ' ')
     SystemBootDevice[Position++] = *(CommandLine++);
   SystemBootDevice[Position++] = 0;
@@ -380,15 +399,16 @@ CmInit2(PCHAR CommandLine)
   /*
    * Write the system boot device to registry.
    */
-  Status = RtlWriteRegistryValue(
-    RTL_REGISTRY_ABSOLUTE,
-    L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
-    L"SystemBootDevice",
-    REG_SZ,
-    SystemBootDevice,
-    Position * sizeof(WCHAR));
+  Status = RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,
+                                L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
+                                L"SystemBootDevice",
+                                REG_SZ,
+                                SystemBootDevice,
+                                Position * sizeof(WCHAR));
   if (!NT_SUCCESS(Status))
+  {
     KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }
 
   /*
    * Parse the system start options.
@@ -419,15 +439,16 @@ CmInit2(PCHAR CommandLine)
   /*
    * Write the system start options to registry.
    */
-  Status = RtlWriteRegistryValue(
-    RTL_REGISTRY_ABSOLUTE,
-    L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
-    L"SystemStartOptions",
-    REG_SZ,
-    SystemStartOptions,
-    Position * sizeof(WCHAR));
+  Status = RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,
+                                L"\\Registry\\Machine\\System\\CurrentControlSet\\Control",
+                                L"SystemStartOptions",
+                                REG_SZ,
+                                SystemStartOptions,
+                                Position * sizeof(WCHAR));
   if (!NT_SUCCESS(Status))
+  {
     KEBUGCHECK(CONFIG_INITIALIZATION_FAILED);
+  }
 
   /*
    * Create a CurrentControlSet\Control\MiniNT key that is used
@@ -1032,7 +1053,7 @@ CmShutdownRegistry(VOID)
   PREGISTRY_HIVE Hive;
   PLIST_ENTRY Entry;
 
-  DPRINT1("CmShutdownRegistry() called\n");
+  DPRINT("CmShutdownRegistry() called\n");
 
   /* Stop automatic hive synchronization */
   CmiHiveSyncEnabled = FALSE;
@@ -1073,7 +1094,7 @@ CmShutdownRegistry(VOID)
   ExReleaseResourceLite(&CmiHiveListLock);
   KeLeaveCriticalRegion();
 
-  DPRINT1("CmShutdownRegistry() done\n");
+  DPRINT("CmShutdownRegistry() done\n");
 }
 
 
index bd124d6..f4de497 100644 (file)
@@ -312,6 +312,118 @@ CmiObjectDelete(PVOID DeletedObject)
 }
 
 
+static NTSTATUS
+CmiQuerySecurityDescriptor(PKEY_OBJECT KeyObject,
+                          SECURITY_INFORMATION SecurityInformation,
+                          PSECURITY_DESCRIPTOR SecurityDescriptor,
+                          PULONG BufferLength)
+{
+  ULONG_PTR Current;
+  ULONG SidSize;
+  ULONG SdSize;
+  NTSTATUS Status;
+
+  DPRINT("CmiQuerySecurityDescriptor() called\n");
+
+  /*
+   * FIXME:
+   * This is a big hack!!
+   * We need to retrieve the security descriptor from the keys security cell!
+   */
+
+  if (SecurityInformation == 0)
+    {
+      return STATUS_ACCESS_DENIED;
+    }
+
+  SidSize = RtlLengthSid(SeWorldSid);
+  SdSize = sizeof(SECURITY_DESCRIPTOR) + (2 * SidSize);
+
+  if (*BufferLength < SdSize)
+    {
+      *BufferLength = SdSize;
+      return STATUS_BUFFER_TOO_SMALL;
+    }
+
+  *BufferLength = SdSize;
+
+  Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
+                                      SECURITY_DESCRIPTOR_REVISION);
+  if (!NT_SUCCESS(Status))
+    {
+      return Status;
+    }
+
+  SecurityDescriptor->Control |= SE_SELF_RELATIVE;
+  Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
+
+  if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+    {
+      RtlCopyMemory((PVOID)Current,
+                   SeWorldSid,
+                   SidSize);
+      SecurityDescriptor->Owner = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
+      Current += SidSize;
+    }
+
+  if (SecurityInformation & GROUP_SECURITY_INFORMATION)
+    {
+      RtlCopyMemory((PVOID)Current,
+                   SeWorldSid,
+                   SidSize);
+      SecurityDescriptor->Group = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
+      Current += SidSize;
+    }
+
+  if (SecurityInformation & DACL_SECURITY_INFORMATION)
+    {
+      SecurityDescriptor->Control |= SE_DACL_PRESENT;
+    }
+
+  if (SecurityInformation & SACL_SECURITY_INFORMATION)
+    {
+      SecurityDescriptor->Control |= SE_SACL_PRESENT;
+    }
+
+  return STATUS_SUCCESS;
+}
+
+
+static NTSTATUS
+CmiAssignSecurityDescriptor(PKEY_OBJECT KeyObject,
+                           PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+#if 0
+  PREGISTRY_HIVE Hive;
+
+  DPRINT1("CmiAssignSecurityDescriptor() callled\n");
+
+  DPRINT1("KeyObject %p\n", KeyObject);
+  DPRINT1("KeyObject->RegistryHive %p\n", KeyObject->RegistryHive);
+
+  Hive = KeyObject->RegistryHive;
+  if (Hive == NULL)
+    {
+      DPRINT1("Create new root security cell\n");
+      return STATUS_SUCCESS;
+    }
+
+  if (Hive->RootSecurityCell == NULL)
+    {
+      DPRINT1("Create new root security cell\n");
+
+    }
+  else
+    {
+      DPRINT1("Search for security cell\n");
+
+    }
+#endif
+
+  return STATUS_SUCCESS;
+}
+
+
 NTSTATUS STDCALL
 CmiObjectSecurity(PVOID ObjectBody,
                  SECURITY_OPERATION_CODE OperationCode,
@@ -329,7 +441,10 @@ CmiObjectSecurity(PVOID ObjectBody,
 
       case QuerySecurityDescriptor:
         DPRINT("Query security descriptor\n");
-        return STATUS_UNSUCCESSFUL;
+        return CmiQuerySecurityDescriptor((PKEY_OBJECT)ObjectBody,
+                                         SecurityInformation,
+                                         SecurityDescriptor,
+                                         BufferLength);
 
       case DeleteSecurityDescriptor:
         DPRINT("Delete security descriptor\n");
@@ -337,7 +452,8 @@ CmiObjectSecurity(PVOID ObjectBody,
 
       case AssignSecurityDescriptor:
         DPRINT("Assign security descriptor\n");
-        return STATUS_SUCCESS;
+        return CmiAssignSecurityDescriptor((PKEY_OBJECT)ObjectBody,
+                                          SecurityDescriptor);
     }
 
   return STATUS_UNSUCCESSFUL;