[NTOS:CM]
authorThomas Faber <thomas.faber@reactos.org>
Tue, 29 Jul 2014 22:21:37 +0000 (22:21 +0000)
committerThomas Faber <thomas.faber@reactos.org>
Tue, 29 Jul 2014 22:21:37 +0000 (22:21 +0000)
- Return a valid security descriptor for keys, even though it's hacked. Based on code removed in r26704.
CORE-8382 #resolve #comment Fixed, now we fail with E_FAIL instead. Hurray.

svn path=/trunk/; revision=63777

reactos/ntoskrnl/config/cmse.c

index 019a14c..7b260b2 100644 (file)
@@ -137,6 +137,74 @@ CmpHiveRootSecurityDescriptor(VOID)
     return SecurityDescriptor;
 }
 
+NTSTATUS
+CmpQuerySecurityDescriptor(IN PCM_KEY_BODY KeyBody,
+                           IN SECURITY_INFORMATION SecurityInformation,
+                           OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
+                           IN OUT PULONG BufferLength)
+{
+    PISECURITY_DESCRIPTOR_RELATIVE RelSd;
+    PUCHAR Current;
+    ULONG SidSize;
+    ULONG SdSize;
+    NTSTATUS Status;
+
+    DBG_UNREFERENCED_PARAMETER(KeyBody);
+
+    if (SecurityInformation == 0)
+    {
+        return STATUS_ACCESS_DENIED;
+    }
+
+    SidSize = RtlLengthSid(SeWorldSid);
+    SdSize = sizeof(*RelSd) + 2 * SidSize;
+    RelSd = SecurityDescriptor;
+
+    if (*BufferLength < SdSize)
+    {
+        *BufferLength = SdSize;
+        return STATUS_BUFFER_TOO_SMALL;
+    }
+
+    *BufferLength = SdSize;
+
+    Status = RtlCreateSecurityDescriptorRelative(RelSd,
+                                                 SECURITY_DESCRIPTOR_REVISION);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    Current = (PUCHAR)(RelSd + 1);
+    ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+
+    if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+    {
+        RtlCopyMemory(Current, SeWorldSid, SidSize);
+        RelSd->Owner = Current - (PUCHAR)RelSd;
+        Current += SidSize;
+        ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+    }
+
+    if (SecurityInformation & GROUP_SECURITY_INFORMATION)
+    {
+        RtlCopyMemory(Current, SeWorldSid, SidSize);
+        RelSd->Group = Current - (PUCHAR)RelSd;
+        Current += SidSize;
+        ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
+    }
+
+    if (SecurityInformation & DACL_SECURITY_INFORMATION)
+    {
+        RelSd->Control |= SE_DACL_PRESENT;
+    }
+
+    if (SecurityInformation & SACL_SECURITY_INFORMATION)
+    {
+        RelSd->Control |= SE_SACL_PRESENT;
+    }
+
+    return STATUS_SUCCESS;
+}
+
 NTSTATUS
 NTAPI
 CmpSecurityMethod(IN PVOID ObjectBody,
@@ -148,6 +216,38 @@ CmpSecurityMethod(IN PVOID ObjectBody,
                   IN POOL_TYPE PoolType,
                   IN PGENERIC_MAPPING GenericMapping)
 {
+    DBG_UNREFERENCED_PARAMETER(OldSecurityDescriptor);
+    DBG_UNREFERENCED_PARAMETER(GenericMapping);
+
+    switch (OperationCode)
+    {
+        case SetSecurityDescriptor:
+            DPRINT("Set security descriptor\n");
+            ASSERT((PoolType == PagedPool) || (PoolType == NonPagedPool));
+            /* HACK */
+            break;
+
+        case QuerySecurityDescriptor:
+            DPRINT("Query security descriptor\n");
+            return CmpQuerySecurityDescriptor(ObjectBody,
+                                              *SecurityInformation,
+                                              SecurityDescriptor,
+                                              BufferLength);
+
+        case DeleteSecurityDescriptor:
+            DPRINT("Delete security descriptor\n");
+            /* HACK */
+            break;
+
+        case AssignSecurityDescriptor:
+            DPRINT("Assign security descriptor\n");
+            /* HACK */
+            break;
+
+        default:
+            KeBugCheckEx(SECURITY_SYSTEM, 0, STATUS_INVALID_PARAMETER, 0, 0);
+    }
+
     /* HACK */
     return STATUS_SUCCESS;
 }