projects / reactos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 931c72f)
[NTOSKRNL] Disable LUID mapping until it's properly implemented
authorPierre Schweitzer <pierre@reactos.org>
Sat, 1 Jun 2019 12:40:24 +0000 (14:40 +0200)
committerPierre Schweitzer <pierre@reactos.org>
Sat, 1 Jun 2019 12:40:54 +0000 (14:40 +0200)
boot/bootdata/hivesys.inf patch | blob | history
ntoskrnl/config/cmdata.c patch | blob | history
ntoskrnl/include/internal/ob.h patch | blob | history
ntoskrnl/ob/obname.c patch | blob | history

diff --git a/boot/bootdata/hivesys.inf b/boot/bootdata/hivesys.inf
index 0f2fc93..d1e1f7d 100644 (file)
--- a/boot/bootdata/hivesys.inf
+++ b/boot/bootdata/hivesys.inf
@@ -1445,6 +1445,7 @@ HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","ObjectDirectories",0x00
  "\Windows", \
  "\RPC Control"
 HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","ProtectionMode", 0x00010003, 0x00000001
+HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","LUIDDeviceMapsDisabled", 0x00010003, 0x00000001
 
 ; DOS devices
 HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager\DOS Devices","AUX",0x00000002,"\DosDevices\COM1"
diff --git a/ntoskrnl/config/cmdata.c b/ntoskrnl/config/cmdata.c
index 816dfd2..7a2c6af 100644 (file)
--- a/ntoskrnl/config/cmdata.c
+++ b/ntoskrnl/config/cmdata.c
@@ -157,7 +157,7 @@ INIT_SECTION CM_SYSTEM_CONTROL_VECTOR CmControlVector[] =
     {
         L"Session Manager",
         L"LUIDDeviceMapsDisabled",
-        &DummyData,
+        &ObpLUIDDeviceMapsDisabled,
         NULL,
         NULL
     },
diff --git a/ntoskrnl/include/internal/ob.h b/ntoskrnl/include/internal/ob.h
index b2d7037..ddbfeb4 100644 (file)
--- a/ntoskrnl/include/internal/ob.h
+++ b/ntoskrnl/include/internal/ob.h
@@ -620,6 +620,7 @@ extern WCHAR ObpUnsecureGlobalNamesBuffer[128];
 extern ULONG ObpUnsecureGlobalNamesLength;
 extern ULONG ObpObjectSecurityMode;
 extern ULONG ObpProtectionMode;
+extern ULONG ObpLUIDDeviceMapsDisabled;
 
 //
 // Inlined Functions
diff --git a/ntoskrnl/ob/obname.c b/ntoskrnl/ob/obname.c
index d76ed10..f05a068 100644 (file)
--- a/ntoskrnl/ob/obname.c
+++ b/ntoskrnl/ob/obname.c
@@ -32,6 +32,9 @@ UNICODE_STRING ObpDosDevicesShortName =
 WCHAR ObpUnsecureGlobalNamesBuffer[128] = {0};
 ULONG ObpUnsecureGlobalNamesLength = sizeof(ObpUnsecureGlobalNamesBuffer);
 
+ULONG ObpLUIDDeviceMapsDisabled;
+ULONG ObpLUIDDeviceMapsEnabled;
+
 /* PRIVATE FUNCTIONS *********************************************************/
 
 INIT_FUNCTION
@@ -182,6 +185,13 @@ ObpCreateDosDevicesDirectory(VOID)
     SECURITY_DESCRIPTOR DosDevicesSD;
     NTSTATUS Status;
 
+    /*
+     * Enable LUID mappings only if not explicitely disabled
+     * and if protection mode is set
+     */
+    if (ObpProtectionMode == 0 || ObpLUIDDeviceMapsDisabled != 0)
+        ObpLUIDDeviceMapsEnabled = 0;
+
     /* Create a custom security descriptor for the global DosDevices directory */
     Status = ObpGetDosDevicesProtection(&DosDevicesSD);
     if (!NT_SUCCESS(Status))
A free Windows-compatible Operating System