archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
Tree: b4a8d373d8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4a8d373d8'
${ noResults }
windows-nt-4.0/private/ntos/ob/obsdata.c

800 lines
16 KiB
Raw Normal View History

initial commit
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. obsdata.c
  9. Abstract:
  11. Object Manager Security Descriptor Caching
  13. Author:
  15. Robert Reichel (robertre) 12-Oct-1993
  17. Revision History:
  19. --*/
  21. #include "obp.h"
  24. #if DBG
  25. #define OB_DIAGNOSTICS_ENABLED 1
  26. #endif // DBG
  29. //
  30. // These definitions are useful diagnostics aids
  31. //
  33. #if OB_DIAGNOSTICS_ENABLED
  35. ULONG ObDebugFlags = 0;
  37. //
  38. // Test for enabled diagnostic
  39. //
  41. #define IF_OB_GLOBAL( FlagName ) \
  42. if (ObDebugFlags & (OB_DEBUG_##FlagName))
  44. //
  45. // Diagnostics print statement
  46. //
  48. #define ObPrint( FlagName, _Text_ ) \
  49. IF_OB_GLOBAL( FlagName ) \
  50. DbgPrint _Text_
  53. #else
  55. //
  56. // diagnostics not enabled - No diagnostics included in build
  57. //
  59. //
  60. // Test for diagnostics enabled
  61. //
  63. #define IF_OB_GLOBAL( FlagName ) if (FALSE)
  65. //
  66. // Diagnostics print statement (expands to no-op)
  67. //
  69. #define ObPrint( FlagName, _Text_ ) ;
  71. #endif // OB_DIAGNOSTICS_ENABLED
  75. #if OB_DIAGNOSTICS_ENABLED
  77. ULONG TotalCacheEntries = 0;
  79. #endif
  81. //
  82. // The following flags enable or disable various diagnostic
  83. // capabilities within OB code. These flags are set in
  84. // ObGlobalFlag (only available within a DBG system).
  85. //
  86. //
  88. #define OB_DEBUG_ALLOC_TRACKING ((ULONG) 0x00000001L)
  89. #define OB_DEBUG_CACHE_FREES ((ULONG) 0x00000002L)
  90. #define OB_DEBUG_BREAK_ON_INIT ((ULONG) 0x00000004L)
  91. #define OB_DEBUG_SHOW_COLLISIONS ((ULONG) 0x00000008L)
  92. #define OB_DEBUG_SHOW_STATISTICS ((ULONG) 0x00000010L)
  93. #define OB_DEBUG_SHOW_REFERENCES ((ULONG) 0x00000020L)
  94. #define OB_DEBUG_SHOW_DEASSIGN ((ULONG) 0x00000040L)
  95. #define OB_DEBUG_STOP_INVALID_DESCRIPTOR ((ULONG) 0x00000080L)
  96. #define OB_DEBUG_SHOW_HEADER_FREE ((ULONG) 0x00000100L)
  99. //
  100. // Array of pointers to security descriptor entries
  101. //
  103. PLIST_ENTRY *SecurityDescriptorCache = NULL;
  106. //
  107. // Resource used to protect the security descriptor cache
  108. //
  110. ERESOURCE SecurityDescriptorCacheLock;
  113. #if defined (ALLOC_PRAGMA)
  114. #pragma alloc_text(PAGE,ObpDereferenceSecurityDescriptor)
  115. #pragma alloc_text(PAGE,ObpDestroySecurityDescriptorHeader)
  116. #pragma alloc_text(PAGE,ObpHashBuffer)
  117. #pragma alloc_text(PAGE,ObpHashSecurityDescriptor)
  118. #pragma alloc_text(PAGE,ObpInitSecurityDescriptorCache)
  119. #pragma alloc_text(PAGE,ObpLogSecurityDescriptor)
  120. #pragma alloc_text(PAGE,ObpReferenceSecurityDescriptor)
  121. #pragma alloc_text(PAGE,OpbCreateCacheEntry)
  122. #endif
  126. NTSTATUS
  127. ObpInitSecurityDescriptorCache(
  128. VOID
  129. )
  130. /*++
  132. Routine Description:
  134. Allocates and initializes the Security Descriptor Cache
  136. Arguments:
  138. None
  140. Return Value:
  142. STATUS_SUCCESS on success, NTSTATUS on failure.
  144. --*/
  145. {
  146. ULONG Size;
  147. NTSTATUS Status;
  149. IF_OB_GLOBAL( BREAK_ON_INIT ) {
  150. DbgBreakPoint();
  151. }
  153. Size = SECURITY_DESCRIPTOR_CACHE_ENTRIES * sizeof(PLIST_ENTRY);
  154. SecurityDescriptorCache = ExAllocatePoolWithTag( PagedPool, Size, 'cCdS' );
  156. if (SecurityDescriptorCache == NULL ) {
  157. return( STATUS_INSUFFICIENT_RESOURCES );
  158. }
  160. RtlZeroMemory( SecurityDescriptorCache, Size );
  162. Status = ExInitializeResource ( &SecurityDescriptorCacheLock );
  164. if ( !NT_SUCCESS(Status) ) {
  165. ExFreePool( SecurityDescriptorCache );
  166. return( Status );
  167. }
  169. return( STATUS_SUCCESS );
  170. }
  174. ULONG
  175. ObpHashSecurityDescriptor(
  176. PSECURITY_DESCRIPTOR SecurityDescriptor
  177. )
  179. /*++
  181. Routine Description:
  183. Hashes a security descriptor to a 32 bit value
  185. Arguments:
  187. SecurityDescriptor - Provides the security descriptor to be hashed
  189. Return Value:
  191. ULONG - a 32 bit hash value.
  193. --*/
  195. {
  196. PSID Owner = NULL;
  197. PSID Group = NULL;
  199. PACL Dacl;
  200. PACL Sacl;
  202. ULONG Hash = 0;
  203. BOOLEAN Junk;
  204. NTSTATUS Status;
  205. BOOLEAN DaclPresent = FALSE;
  206. BOOLEAN SaclPresent = FALSE;
  207. PISECURITY_DESCRIPTOR sd;
  209. sd = (PISECURITY_DESCRIPTOR)SecurityDescriptor;
  211. Status = RtlGetOwnerSecurityDescriptor ( sd, &Owner, &Junk );
  212. Status = RtlGetGroupSecurityDescriptor( sd, &Group, &Junk );
  213. Status = RtlGetDaclSecurityDescriptor ( sd, &DaclPresent, &Dacl, &Junk );
  214. Status = RtlGetSaclSecurityDescriptor ( sd, &SaclPresent, &Sacl, &Junk );
  216. if ( Owner != NULL ) {
  217. Hash = ObpHashBuffer( Owner, RtlLengthSid( Owner ));
  218. }
  220. if ( Group != NULL ) {
  221. Hash += ObpHashBuffer( Group, RtlLengthSid( Group));
  222. }
  224. if ( DaclPresent && (Dacl != NULL)) {
  225. Hash += ObpHashBuffer( Dacl, Dacl->AclSize);
  226. }
  228. if ( SaclPresent && (Sacl != NULL)) {
  229. Hash += ObpHashBuffer( Sacl, Sacl->AclSize);
  230. }
  232. return( Hash );
  233. }
  237. ULONG
  238. ObpHashBuffer(
  239. PVOID Data,
  240. ULONG Length
  241. )
  242. /*++
  244. Routine Description:
  246. Hashes a buffer into a 32 bit value
  248. Arguments:
  250. Data - Buffer containing the data to be hashed.
  252. Length - The length in bytes of the buffer
  255. Return Value:
  257. ULONG - a 32 bit hash value.
  259. --*/
  260. {
  261. PCHAR Buffer;
  262. ULONG Result = 0;
  263. LONG i;
  265. Buffer = (PCHAR)Data;
  267. for (i=0 ; i<=(LONG)((Length-3)-sizeof(ULONG)) ; i++) {
  269. ULONG Tmp;
  271. Tmp = *((ULONG UNALIGNED *)(Buffer + i));
  272. Result += Tmp;
  273. }
  275. return( Result );
  276. }
  280. NTSTATUS
  281. ObpLogSecurityDescriptor(
  282. IN PSECURITY_DESCRIPTOR InputSecurityDescriptor,
  283. OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor
  284. )
  286. /*++
  288. Routine Description:
  290. Takes a passed security descriptor and registers it into the
  291. security descriptor database.
  293. Arguments:
  295. InputSecurityDescriptor - The new security descriptor to be logged into the database.
  297. OutputSecurityDescriptor - Output security descriptor to be used by the caller.
  300. Return Value:
  302. NT_STATUS
  304. --*/
  306. {
  307. ULONG FullHash;
  308. UCHAR SmallHash;
  309. PSECURITY_DESCRIPTOR_HEADER NewDescriptor;
  310. PLIST_ENTRY Front;
  311. PLIST_ENTRY Back;
  312. PSECURITY_DESCRIPTOR_HEADER Header;
  313. BOOLEAN Match;
  316. FullHash = ObpHashSecurityDescriptor( InputSecurityDescriptor );
  317. SmallHash = (UCHAR)FullHash;
  319. //
  320. // See if the entry matching SmallHash is in use.
  321. // Lock the table first, unlock if if we don't need it.
  322. //
  324. ObpAcquireDescriptorCacheWriteLock();
  326. Front = SecurityDescriptorCache[SmallHash];
  327. Back = NULL;
  328. Match = FALSE;
  330. while ( Front != NULL ) {
  332. Header = LINK_TO_SD_HEADER( Front );
  334. if ( Header->FullHash > FullHash ) {
  335. break;
  336. }
  338. if ( Header->FullHash == FullHash ) {
  340. Match = ObpCompareSecurityDescriptors( InputSecurityDescriptor,
  341. &Header->SecurityDescriptor
  342. );
  344. if ( Match ) {
  345. break;
  346. }
  348. ObPrint( SHOW_COLLISIONS,("Got a collision on %d, no match\n",SmallHash));
  349. }
  351. Back = Front;
  352. Front = Front->Flink;
  353. }
  355. if ( Match ) {
  357. Header->RefCount++;
  359. ObPrint( SHOW_REFERENCES, ("Reference Index = %d, New RefCount = %d\n",Header->Index,Header->RefCount));
  361. *OutputSecurityDescriptor = &Header->SecurityDescriptor;
  362. ExFreePool( InputSecurityDescriptor );
  363. ObpReleaseDescriptorCacheLock();
  364. return( STATUS_SUCCESS );
  365. }
  367. //
  368. // Can't use an existing one, create a new entry
  369. // and insert it into the list.
  370. //
  372. NewDescriptor = OpbCreateCacheEntry( InputSecurityDescriptor,
  373. FullHash,
  374. SmallHash
  375. );
  377. if ( NewDescriptor == NULL ) {
  378. ObpReleaseDescriptorCacheLock();
  379. return( STATUS_INSUFFICIENT_RESOURCES );
  380. }
  382. #if OB_DIAGNOSTICS_ENABLED
  384. TotalCacheEntries++;
  386. #endif
  388. ObPrint( SHOW_STATISTICS, ("TotalCacheEntries = %d \n",TotalCacheEntries));
  389. ObPrint( SHOW_COLLISIONS, ("Adding new entry for index #%d \n",SmallHash));
  391. //
  392. // We don't need the old security descriptor any more.
  393. //
  395. ExFreePool( InputSecurityDescriptor );
  397. if ( Back == NULL ) {
  399. //
  400. // We're inserting at the beginning of the list for this
  401. // minor index
  402. //
  404. NewDescriptor->Link.Flink = SecurityDescriptorCache[SmallHash];
  405. SecurityDescriptorCache[SmallHash] = &NewDescriptor->Link;
  407. if ( NewDescriptor->Link.Flink != NULL ) {
  408. NewDescriptor->Link.Flink->Blink = &NewDescriptor->Link;
  409. }
  411. } else {
  413. //
  414. // Hook new descriptor entry into list.
  415. //
  417. NewDescriptor->Link.Flink = Front;
  419. NewDescriptor->Link.Blink = Back;
  421. Back->Flink = &NewDescriptor->Link;
  423. if (Front != NULL) {
  424. Front->Blink = &NewDescriptor->Link;
  425. }
  426. }
  428. *OutputSecurityDescriptor = &NewDescriptor->SecurityDescriptor;
  429. ObpReleaseDescriptorCacheLock();
  430. return( STATUS_SUCCESS );
  431. }
  435. PSECURITY_DESCRIPTOR_HEADER
  436. OpbCreateCacheEntry(
  437. PSECURITY_DESCRIPTOR InputSecurityDescriptor,
  438. ULONG FullHash,
  439. UCHAR SmallHash
  440. )
  442. /*++
  444. Routine Description:
  446. Allocates and initializes a new cache entry.
  448. Arguments:
  450. InputSecurityDescriptor - The security descriptor to be cached.
  452. FullHash - Full 32 bit hash of the security descriptor.
  454. SmallHash - Index into the cache table.
  456. Return Value:
  458. A pointer to the newly allocated cache entry, or NULL
  460. --*/
  462. {
  464. ULONG SecurityDescriptorLength;
  465. ULONG CacheEntrySize;
  466. PSECURITY_DESCRIPTOR_HEADER NewDescriptor;
  468. SecurityDescriptorLength = RtlLengthSecurityDescriptor ( InputSecurityDescriptor );
  469. CacheEntrySize = SecurityDescriptorLength + (sizeof(SECURITY_DESCRIPTOR_HEADER) - sizeof( QUAD ));
  471. NewDescriptor = ExAllocatePoolWithTag( PagedPool, CacheEntrySize, 'dSeS');
  473. if ( NewDescriptor == NULL ) {
  474. return( NULL );
  475. }
  477. NewDescriptor->Index = SmallHash;
  478. NewDescriptor->RefCount = 1;
  479. NewDescriptor->FullHash = FullHash;
  480. NewDescriptor->Link.Flink = NULL;
  481. NewDescriptor->Link.Blink = NULL;
  483. RtlCopyMemory( &NewDescriptor->SecurityDescriptor, InputSecurityDescriptor, SecurityDescriptorLength );
  485. return( NewDescriptor );
  487. }
  490. PSECURITY_DESCRIPTOR
  491. ObpReferenceSecurityDescriptor(
  492. PVOID Object
  493. )
  494. /*++
  496. Routine Description:
  498. References the security descriptor of the passed object.
  500. Arguments:
  502. Object - Object being access validated.
  504. Return Value:
  506. The security descriptor of the object.
  508. --*/
  510. {
  511. PSECURITY_DESCRIPTOR_HEADER SecurityDescriptorHeader;
  512. POBJECT_HEADER ObjectHeader;
  513. POBJECT_TYPE ObjectType;
  514. PSECURITY_DESCRIPTOR SecurityDescriptor;
  516. ObjectHeader = OBJECT_TO_OBJECT_HEADER( Object );
  517. ObjectType = ObjectHeader->Type;
  518. ASSERT( ObpCentralizedSecurity(ObjectType) );
  520. ObpAcquireDescriptorCacheWriteLock();
  522. SecurityDescriptor = OBJECT_TO_OBJECT_HEADER( Object )->SecurityDescriptor;
  524. IF_OB_GLOBAL( STOP_INVALID_DESCRIPTOR ) {
  525. if( !RtlValidSecurityDescriptor ( SecurityDescriptor )) {
  526. DbgBreakPoint();
  527. }
  528. }
  530. if ( SecurityDescriptor != NULL ) {
  532. SecurityDescriptorHeader = SD_TO_SD_HEADER( SecurityDescriptor );
  533. ObPrint( SHOW_REFERENCES, ("Referencing index #%d, Refcount = %d \n",SecurityDescriptorHeader->Index,SecurityDescriptorHeader->RefCount));
  534. SecurityDescriptorHeader->RefCount++;
  535. }
  537. ObpReleaseDescriptorCacheLock();
  539. return( SecurityDescriptor );
  540. }
  543. NTSTATUS
  544. ObDeassignSecurity (
  545. IN OUT PSECURITY_DESCRIPTOR *SecurityDescriptor
  546. )
  547. {
  548. PSECURITY_DESCRIPTOR_HEADER Header;
  550. Header = SD_TO_SD_HEADER( *SecurityDescriptor );
  551. ObPrint( SHOW_DEASSIGN,("Deassigning security descriptor %x, Index = %d\n",*SecurityDescriptor, Header->Index));
  553. ObpDereferenceSecurityDescriptor( *SecurityDescriptor );
  555. //
  556. // NULL out the SecurityDescriptor in the object's
  557. // header so we don't try to free it again.
  558. //
  560. *SecurityDescriptor = NULL;
  562. return( STATUS_SUCCESS );
  563. }
  567. VOID
  568. ObpDereferenceSecurityDescriptor(
  569. PSECURITY_DESCRIPTOR SecurityDescriptor
  570. )
  572. /*++
  574. Routine Description:
  576. Decrements the refcount of a cached security descriptor
  578. Arguments:
  580. SecurityDescriptor - Points to a cached security descriptor
  582. Return Value:
  584. None.
  586. --*/
  588. {
  589. PSECURITY_DESCRIPTOR_HEADER SecurityDescriptorHeader;
  592. ObpAcquireDescriptorCacheWriteLock();
  594. SecurityDescriptorHeader = SD_TO_SD_HEADER( SecurityDescriptor );
  596. ObPrint( SHOW_REFERENCES, ("Dereferencing SecurityDescriptor %x, index #%d, refcount = %d \n", SecurityDescriptor, SecurityDescriptorHeader->Index,SecurityDescriptorHeader->RefCount));
  598. // DbgPrint("Dereferencing SecurityDescriptor %x, index #%d, refcount = %d \n", SecurityDescriptor, SecurityDescriptorHeader->Index,SecurityDescriptorHeader->RefCount);
  600. ASSERT(SecurityDescriptorHeader->RefCount != 0);
  602. if (--SecurityDescriptorHeader->RefCount == 0) {
  603. ObpDestroySecurityDescriptorHeader( SecurityDescriptorHeader );
  604. }
  606. ObpReleaseDescriptorCacheLock();
  607. }
  612. VOID
  613. ObpDestroySecurityDescriptorHeader(
  614. IN PSECURITY_DESCRIPTOR_HEADER Header
  615. )
  617. /*++
  619. Routine Description:
  621. Frees a cached security descriptor and unlinks it from the chain.
  622. Does nothing if it's being reused.
  624. Arguments:
  626. Header - Pointer to a security descriptor header (cached security descriptor)
  628. Return Value:
  630. None.
  632. --*/
  634. {
  635. PLIST_ENTRY Forward;
  636. PLIST_ENTRY Rear;
  637. UCHAR Index;
  639. ASSERT ( Header->RefCount == 0 );
  641. #if OB_DIAGNOSTICS_ENABLED
  643. TotalCacheEntries--;
  645. #endif
  647. ObPrint( SHOW_STATISTICS, ("TotalCacheEntries = %d \n",TotalCacheEntries));
  649. Index = Header->Index;
  651. Forward = Header->Link.Flink;
  652. Rear = Header->Link.Blink;
  654. if ( Forward != NULL ) {
  655. Forward->Blink = Rear;
  656. }
  658. if ( Rear != NULL ) {
  659. Rear->Flink = Forward;
  661. } else {
  663. //
  664. // if Rear is NULL, we're deleting the head of the list
  665. //
  667. SecurityDescriptorCache[Index] = Forward;
  668. }
  670. ObPrint( SHOW_HEADER_FREE, ("Freeing memory at %x \n",Header));
  672. ExFreePool( Header );
  674. return;
  675. }
  678. BOOLEAN
  679. ObpCompareSecurityDescriptors(
  680. IN PSECURITY_DESCRIPTOR SD1,
  681. IN PSECURITY_DESCRIPTOR SD2
  682. )
  684. /*++
  686. Routine Description:
  688. Performs a byte by byte comparison of two self relative security descriptors
  689. to determine if they are identical.
  691. Arguments:
  693. SD1, SD2 - Security descriptors to be compared.
  695. Return Value:
  697. TRUE - They are the same.
  699. FALSE - They are different.
  701. --*/
  703. {
  704. ULONG Length1;
  705. ULONG Length2;
  706. ULONG Compare;
  708. //
  709. // Calculating the lenght is pretty fast, see if we
  710. // can get away with doing only that.
  711. //
  713. Length1 = RtlLengthSecurityDescriptor ( SD1 );
  714. Length2 = RtlLengthSecurityDescriptor ( SD2 );
  716. if (Length1 != Length2) {
  717. return( FALSE );
  718. }
  720. return (BOOLEAN)RtlEqualMemory ( SD1, SD2, Length1 );
  721. }
  724. VOID
  725. ObpAcquireDescriptorCacheWriteLock(
  726. VOID
  727. )
  729. /*++
  731. Routine Description:
  733. Takes a write lock on the security descriptor cache.
  735. Arguments:
  737. none
  739. Return Value:
  741. None.
  743. --*/
  745. {
  746. KeEnterCriticalRegion();
  747. (VOID) ExAcquireResourceExclusive( &SecurityDescriptorCacheLock, TRUE );
  748. return;
  749. }
  751. VOID
  752. ObpAcquireDescriptorCacheReadLock(
  753. VOID
  754. )
  756. /*++
  758. Routine Description:
  760. Takes a read lock on the security descriptor cache.
  762. Arguments:
  764. none
  766. Return Value:
  768. None.
  770. --*/
  771. {
  772. KeEnterCriticalRegion();
  773. (VOID)ExAcquireResourceShared( &SecurityDescriptorCacheLock,TRUE);
  774. return;
  775. }
  777. VOID
  778. ObpReleaseDescriptorCacheLock(
  779. VOID
  780. )
  781. /*++
  783. Routine Description:
  785. Releases a lock on the security descriptor cache.
  787. Arguments:
  789. none
  791. Return Value:
  793. None.
  795. --*/
  796. {
  797. (VOID) ExReleaseResource( &SecurityDescriptorCacheLock );
  798. KeLeaveCriticalRegion ();
  799. return;
  800. }