archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/base/ntos/ob/obinsert.c

538 lines
15 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. obinsert.c
  9. Abstract:
  11. Object instantiation API
  13. Author:
  15. Steve Wood (stevewo) 31-Mar-1989
  17. Revision History:
  19. --*/
  21. #include "obp.h"
  23. #ifdef ALLOC_PRAGMA
  24. #pragma alloc_text(PAGE,ObInsertObject)
  25. #endif
  28. NTSTATUS
  29. ObInsertObject (
  30. IN PVOID Object,
  31. IN PACCESS_STATE AccessState OPTIONAL,
  32. IN ACCESS_MASK DesiredAccess OPTIONAL,
  33. IN ULONG ObjectPointerBias,
  34. OUT PVOID *NewObject OPTIONAL,
  35. OUT PHANDLE Handle OPTIONAL
  36. )
  38. /*++
  40. Routine Description:
  42. This routine inserts an object into the current processes handle table.
  44. The Object header includes a pointer to a SecurityDescriptor passed in
  45. an object creation call. This SecurityDescriptor is not assumed to have
  46. been captured. This routine is responsible for making an appropriate
  47. SecurityDescriptor and removing the reference in the object header.
  49. Arguments:
  51. Object - Supplies a pointer to the new object body
  53. AccessState - Optionally supplies the access state for the new
  54. handle
  56. DesiredAccess - Optionally supplies the desired access we want for the
  57. new handle
  59. ObjectPointerBias - Supplies a bias to apply for the pointer count for the
  60. object
  62. NewObject - Optionally receives the pointer to the new object that we've
  63. created a handle for
  65. Handle - Receives the new handle, If NULL then no handle is created.
  66. Objects that don't have handles created must be unnamed and
  67. have an object bias of zero.
  69. Return Value:
  71. An appropriate NTSTATUS value.
  73. --*/
  75. {
  76. POBJECT_CREATE_INFORMATION ObjectCreateInfo;
  77. POBJECT_HEADER ObjectHeader;
  78. PUNICODE_STRING ObjectName;
  79. POBJECT_TYPE ObjectType;
  80. POBJECT_HEADER_NAME_INFO NameInfo;
  81. PSECURITY_DESCRIPTOR ParentDescriptor = NULL;
  82. PVOID InsertObject;
  83. HANDLE NewHandle;
  84. OB_OPEN_REASON OpenReason;
  85. NTSTATUS Status = STATUS_SUCCESS;
  86. ACCESS_STATE LocalAccessState;
  87. AUX_ACCESS_DATA AuxData;
  88. BOOLEAN SecurityDescriptorAllocated;
  89. KPROCESSOR_MODE PreviousMode;
  90. NTSTATUS ReturnStatus;
  91. PVOID DirObject = NULL;
  92. OBP_LOOKUP_CONTEXT LookupContext;
  94. PAGED_CODE();
  96. ObpValidateIrql("ObInsertObject");
  98. //
  99. // Get the address of the object header, the object create information,
  100. // the object type, and the address of the object name descriptor, if
  101. // specified.
  102. //
  104. ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
  106. #if DBG
  108. if ((ObjectHeader->Flags & OB_FLAG_NEW_OBJECT) == 0) {
  110. KdPrint(("OB: Attempting to insert existing object %08x\n", Object));
  111. KdBreakPoint();
  113. ObDereferenceObject(Object);
  115. return STATUS_INVALID_PARAMETER;
  116. }
  118. #endif
  120. ObjectCreateInfo = ObjectHeader->ObjectCreateInfo;
  122. ObjectType = ObjectHeader->Type;
  124. NameInfo = ObpReferenceNameInfo( ObjectHeader );
  126. ObjectName = NULL;
  128. if ((NameInfo != NULL) && (NameInfo->Name.Buffer != NULL)) {
  130. ObjectName = &NameInfo->Name;
  131. }
  133. ASSERT (ARGUMENT_PRESENT (Handle) || (ObjectPointerBias == 0 && ObjectName == NULL &&
  134. ObjectType->TypeInfo.SecurityRequired && NewObject == NULL));
  136. //
  137. // If security checks are not required and an object name is not
  138. // specified, insert an unnamed object, biasing the count
  139. // by one, dereference the bias, and return to our caller
  140. //
  142. PreviousMode = KeGetPreviousMode();
  144. if (!ObjectType->TypeInfo.SecurityRequired && (ObjectName == NULL)) {
  146. ObjectHeader->ObjectCreateInfo = NULL;
  148. *Handle = NULL;
  150. Status = ObpCreateUnnamedHandle( Object,
  151. DesiredAccess,
  152. 1 + ObjectPointerBias,
  153. ObjectCreateInfo->Attributes,
  154. PreviousMode,
  155. NewObject,
  156. Handle );
  157. //
  158. // Free the object creation information and dereference the object.
  159. //
  161. ObpFreeObjectCreateInformation(ObjectCreateInfo);
  163. ObpDereferenceNameInfo( NameInfo );
  164. ObDereferenceObject(Object);
  166. return Status;
  167. }
  169. //
  170. // The object is either named or requires full security checks. If the
  171. // caller hasn't specified an access state then dummy up a local one
  172. // using the requested desired access
  173. //
  175. if (!ARGUMENT_PRESENT(AccessState)) {
  177. AccessState = &LocalAccessState;
  179. Status = SeCreateAccessState( &LocalAccessState,
  180. &AuxData,
  181. DesiredAccess,
  182. &ObjectType->TypeInfo.GenericMapping );
  184. if (!NT_SUCCESS(Status)) {
  186. ObpDereferenceNameInfo( NameInfo );
  187. ObDereferenceObject(Object);
  189. return Status;
  190. }
  191. }
  193. AccessState->SecurityDescriptor = ObjectCreateInfo->SecurityDescriptor;
  195. //
  196. // Check the desired access mask against the security descriptor
  197. //
  199. Status = ObpValidateAccessMask( AccessState );
  201. if (!NT_SUCCESS( Status )) {
  203. if (AccessState == &LocalAccessState) {
  205. SeDeleteAccessState( AccessState );
  206. }
  208. ObpDereferenceNameInfo( NameInfo );
  209. ObDereferenceObject(Object);
  211. if (AccessState == &LocalAccessState) {
  213. SeDeleteAccessState( AccessState );
  214. }
  216. return( Status );
  217. }
  219. //
  220. // Set some local state variables
  221. //
  223. ObpInitializeLookupContext(&LookupContext);
  225. InsertObject = Object;
  226. OpenReason = ObCreateHandle;
  228. //
  229. // Check if we have an object name. If so then
  230. // lookup the name
  231. //
  233. if (ObjectName != NULL) {
  235. Status = ObpLookupObjectName( ObjectCreateInfo->RootDirectory,
  236. ObjectName,
  237. ObjectCreateInfo->Attributes,
  238. ObjectType,
  239. (KPROCESSOR_MODE)(ObjectHeader->Flags & OB_FLAG_KERNEL_OBJECT
  240. ? KernelMode : UserMode),
  241. ObjectCreateInfo->ParseContext,
  242. ObjectCreateInfo->SecurityQos,
  243. Object,
  244. AccessState,
  245. &LookupContext,
  246. &InsertObject );
  248. //
  249. // We found the name and it is not the object we have as our input.
  250. // So we cannot insert the object again so we'll return an
  251. // appropriate status
  252. //
  254. if (NT_SUCCESS(Status) &&
  255. (InsertObject != NULL) &&
  256. (InsertObject != Object)) {
  258. OpenReason = ObOpenHandle;
  260. if (ObjectCreateInfo->Attributes & OBJ_OPENIF) {
  262. if (ObjectType != OBJECT_TO_OBJECT_HEADER(InsertObject)->Type) {
  264. Status = STATUS_OBJECT_TYPE_MISMATCH;
  266. } else {
  268. Status = STATUS_OBJECT_NAME_EXISTS; // Warning only
  269. }
  271. } else {
  273. Status = STATUS_OBJECT_NAME_COLLISION;
  274. }
  275. }
  277. //
  278. // We did not find the name so we'll cleanup after ourselves
  279. // and return to our caller
  280. //
  282. if (!NT_SUCCESS( Status )) {
  284. ObpReleaseLookupContext( &LookupContext );
  286. ObpDereferenceNameInfo( NameInfo );
  287. ObDereferenceObject( Object );
  289. //
  290. // Free security information if we allocated it
  291. //
  293. if (AccessState == &LocalAccessState) {
  295. SeDeleteAccessState( AccessState );
  296. }
  298. return( Status );
  300. } else {
  302. //
  303. // Otherwise we did locate the object name
  304. //
  305. // If we just created a named symbolic link then call out to
  306. // handle any Dos Device name semanatics.
  307. //
  309. if (ObjectType == ObpSymbolicLinkObjectType) {
  311. ObpCreateSymbolicLinkName( (POBJECT_SYMBOLIC_LINK)InsertObject );
  312. }
  313. }
  314. }
  316. //
  317. // If we are creating a new object, then we need assign security
  318. // to it. A pointer to the captured caller-proposed security
  319. // descriptor is contained in the AccessState structure. The
  320. // SecurityDescriptor field in the object header must point to
  321. // the final security descriptor, or to NULL if no security is
  322. // to be assigned to the object.
  323. //
  325. if (InsertObject == Object) {
  327. //
  328. // Only the following objects have security descriptors:
  329. //
  330. // - Named Objects
  331. // - Unnamed objects whose object-type information explicitly
  332. // indicates a security descriptor is required.
  333. //
  335. if ((ObjectName != NULL) || ObjectType->TypeInfo.SecurityRequired) {
  337. //
  338. // Get the parent's descriptor, if there is one...
  339. //
  341. if ((NameInfo != NULL) && (NameInfo->Directory != NULL)) {
  343. //
  344. // This will allocate a block of memory and copy
  345. // the parent's security descriptor into it, and
  346. // return the pointer to the block.
  347. //
  348. // Call ObReleaseObjectSecurity to free up this
  349. // memory.
  350. //
  352. ObGetObjectSecurity( NameInfo->Directory,
  353. &ParentDescriptor,
  354. &SecurityDescriptorAllocated );
  355. }
  356. else {
  357. SecurityDescriptorAllocated = FALSE;
  358. }
  360. //
  361. // Take the captured security descriptor in the AccessState,
  362. // put it into the proper format, and call the object's
  363. // security method to assign the new security descriptor to
  364. // the new object.
  365. //
  367. Status = ObAssignSecurity( AccessState,
  368. ParentDescriptor,
  369. Object,
  370. ObjectType );
  372. if (ParentDescriptor != NULL) {
  374. ObReleaseObjectSecurity( ParentDescriptor,
  375. SecurityDescriptorAllocated );
  377. } else if (NT_SUCCESS( Status )) {
  379. SeReleaseSecurityDescriptor( ObjectCreateInfo->SecurityDescriptor,
  380. ObjectCreateInfo->ProbeMode,
  381. TRUE );
  383. ObjectCreateInfo->SecurityDescriptor = NULL;
  384. AccessState->SecurityDescriptor = NULL;
  385. }
  386. }
  388. if (!NT_SUCCESS( Status )) {
  390. //
  391. // The attempt to assign the security descriptor to
  392. // the object failed.
  393. //
  395. if (LookupContext.DirectoryLocked) {
  397. //
  398. // If ObpLookupObjectName already inserted the
  399. // object into the directory we have to backup this
  400. //
  402. //
  403. // Capture the object Directory
  404. //
  406. DirObject = NameInfo->Directory;
  408. ObpDeleteDirectoryEntry( &LookupContext );
  409. }
  411. ObpReleaseLookupContext( &LookupContext );
  413. //
  414. // If ObpLookupObjectName inserted the object into the directory
  415. // it added a reference to the object and to its directory
  416. // object. We should remove the extra-references
  417. //
  419. if (DirObject) {
  421. ObDereferenceObject( Object );
  422. ObDereferenceObject( DirObject );
  423. }
  425. //
  426. // The first backout logic used ObpDeleteNameCheck
  427. // which is wrong because the security descriptor for
  428. // the object is not initialized. Actually ObpDeleteNameCheck
  429. // had no effect because the object was removed before from
  430. // the directory
  431. //
  433. ObpDereferenceNameInfo( NameInfo );
  434. ObDereferenceObject( Object );
  436. //
  437. // Free security information if we allocated it
  438. //
  440. if (AccessState == &LocalAccessState) {
  442. SeDeleteAccessState( AccessState );
  443. }
  445. return( Status );
  446. }
  447. }
  449. ReturnStatus = Status;
  451. ObjectHeader->ObjectCreateInfo = NULL;
  453. //
  454. // Create a named handle for the object with a pointer bias
  455. // This call also will unlock the directory lock is necessary
  456. // on return
  457. //
  459. if (ARGUMENT_PRESENT (Handle)) {
  461. Status = ObpCreateHandle( OpenReason,
  462. InsertObject,
  463. NULL,
  464. AccessState,
  465. 1 + ObjectPointerBias,
  466. ObjectCreateInfo->Attributes,
  467. &LookupContext,
  468. PreviousMode,
  469. NewObject,
  470. &NewHandle );
  472. //
  473. // If the insertion failed, the following dereference will cause
  474. // the newly created object to be deallocated.
  475. //
  477. if (!NT_SUCCESS( Status )) {
  479. //
  480. // Make the name reference go away if an error.
  481. //
  483. if (ObjectName != NULL) {
  485. ObpDeleteNameCheck( Object );
  486. }
  488. *Handle = NULL;
  490. ReturnStatus = Status;
  492. } else {
  493. *Handle = NewHandle;
  494. }
  496. ObpDereferenceNameInfo( NameInfo );
  498. ObDereferenceObject( Object );
  501. } else {
  503. BOOLEAN IsNewObject;
  505. //
  506. // Charge the user quota for the object.
  507. //
  509. ObpLockObject( ObjectHeader );
  511. ReturnStatus = ObpChargeQuotaForObject( ObjectHeader, ObjectType, &IsNewObject );
  513. ObpUnlockObject( ObjectHeader );
  515. if (!NT_SUCCESS (ReturnStatus)) {
  516. ObDereferenceObject( Object );
  517. }
  519. //
  520. // N.B. An object cannot be named if no Handle parameter is specified.
  521. // The calls to ObpDereferenceNameInfo and ObpReleaseLookupContext are
  522. // not necessary in this path then.
  523. //
  524. }
  526. ObpFreeObjectCreateInformation( ObjectCreateInfo );
  528. //
  529. // Free security information if we allocated it
  530. //
  532. if (AccessState == &LocalAccessState) {
  534. SeDeleteAccessState( AccessState );
  535. }
  537. return( ReturnStatus );
  538. }