archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/ntos/config/cmchek2.c

287 lines
9.1 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1991 Microsoft Corporation
  5. Module Name:
  7. cmchek2.c
  9. Abstract:
  11. This module implements consistency checking for the registry.
  14. Author:
  16. Bryan M. Willman (bryanwi) 27-Jan-92
  18. Environment:
  21. Revision History:
  23. --*/
  25. #include "cmp.h"
  27. #ifdef ALLOC_PRAGMA
  28. #pragma alloc_text(PAGE,CmpValidateHiveSecurityDescriptors)
  29. #endif
  31. extern ULONG CmpUsedStorage;
  33. #ifdef HIVE_SECURITY_STATS
  34. ULONG
  35. CmpCheckForSecurityDuplicates(
  36. IN OUT PCMHIVE CmHive
  37. );
  38. #endif
  40. BOOLEAN
  41. CmpValidateHiveSecurityDescriptors(
  42. IN PHHIVE Hive,
  43. OUT PBOOLEAN ResetSD
  44. )
  45. /*++
  47. Routine Description:
  49. Walks the list of security descriptors present in the hive and passes
  50. each security descriptor to RtlValidSecurityDescriptor.
  52. Only applies to descriptors in Stable store. Those in Volatile store
  53. cannot have come from disk and therefore do not need this treatment
  54. anyway.
  56. Arguments:
  58. Hive - Supplies pointer to the hive control structure
  60. Return Value:
  62. TRUE - All security descriptors are valid
  63. FALSE - At least one security descriptor is invalid
  65. --*/
  67. {
  68. PCM_KEY_NODE RootNode;
  69. PCM_KEY_SECURITY SecurityCell;
  70. HCELL_INDEX ListAnchor;
  71. HCELL_INDEX NextCell;
  72. HCELL_INDEX LastCell;
  73. BOOLEAN BuildSecurityCache;
  75. #ifdef HIVE_SECURITY_STATS
  76. UNICODE_STRING HiveName;
  77. ULONG NoOfCells = 0;
  78. ULONG SmallestSize = 0;
  79. ULONG BiggestSize = 0;
  80. ULONG TotalSecuritySize = 0;
  82. RtlInitUnicodeString(&HiveName, (PCWSTR)Hive->BaseBlock->FileName);
  83. #ifndef _CM_LDR_
  84. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"Security stats for hive (%lx) (%.*S):\n",Hive,HiveName.Length / sizeof(WCHAR),HiveName.Buffer);
  85. #endif //_CM_LDR_
  87. #endif
  89. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC,"CmpValidateHiveSecurityDescriptor: Hive = %p\n",(ULONG_PTR)Hive));
  91. ASSERT( Hive->ReleaseCellRoutine == NULL );
  93. *ResetSD = FALSE;
  95. if( ((PCMHIVE)Hive)->SecurityCount == 0 ) {
  96. BuildSecurityCache = TRUE;
  97. } else {
  98. BuildSecurityCache = FALSE;
  99. }
  100. if (!HvIsCellAllocated(Hive,Hive->BaseBlock->RootCell)) {
  101. //
  102. // root cell HCELL_INDEX is bogus
  103. //
  104. return(FALSE);
  105. }
  106. RootNode = (PCM_KEY_NODE) HvGetCell(Hive, Hive->BaseBlock->RootCell);
  107. if( RootNode == NULL ) {
  108. //
  109. // we couldn't map a view for the bin containing this cell
  110. //
  111. return FALSE;
  112. }
  114. if( FALSE ) {
  115. YankSD:
  116. if( CmDoSelfHeal() ) {
  117. //
  118. // reset all security for the entire hive to the root security. There is no reliable way to
  119. // patch the security list
  120. //
  121. SecurityCell = (PCM_KEY_SECURITY) HvGetCell(Hive, RootNode->Security);
  122. if( SecurityCell == NULL ) {
  123. return FALSE;
  124. }
  126. if( HvMarkCellDirty(Hive, RootNode->Security) ) {
  127. SecurityCell->Flink = SecurityCell->Blink = RootNode->Security;
  128. } else {
  129. return FALSE;
  130. }
  131. //
  132. // destroy existing cache and set up an empty one
  133. //
  134. CmpDestroySecurityCache((PCMHIVE)Hive);
  135. CmpInitSecurityCache((PCMHIVE)Hive);
  136. CmMarkSelfHeal(Hive);
  137. *ResetSD = TRUE;
  139. #if 0
  140. //
  141. // remove this security cell from the list and restart iteration
  142. //
  143. if(HvIsCellAllocated(Hive, NextCell)) {
  144. //
  145. // we come this path when the SD is invalid; we need to free the cell so
  146. // cmpcheckregistry2 detects and fixes it
  147. //
  148. if( HvMarkCellDirty(Hive, NextCell) ) {
  149. HvFreeCell(Hive, NextCell);
  150. } else {
  151. return FALSE;
  152. }
  153. }
  154. LastCell = SecurityCell->Blink;
  155. NextCell = SecurityCell->Flink;
  156. SecurityCell = (PCM_KEY_SECURITY) HvGetCell(Hive, LastCell);
  157. if( SecurityCell == NULL ) {
  158. return FALSE;
  159. }
  160. if( HvMarkCellDirty(Hive, LastCell) ) {
  161. SecurityCell->Flink = NextCell;
  162. } else {
  163. return FALSE;
  164. }
  166. SecurityCell = (PCM_KEY_SECURITY) HvGetCell(Hive, NextCell);
  167. if( SecurityCell == NULL ) {
  168. return FALSE;
  169. }
  170. if( HvMarkCellDirty(Hive, NextCell) ) {
  171. SecurityCell->Blink = LastCell;
  172. } else {
  173. return FALSE;
  174. }
  175. CmMarkSelfHeal(Hive);
  176. #endif
  177. } else {
  178. return FALSE;
  179. }
  181. }
  183. LastCell = 0;
  184. ListAnchor = NextCell = RootNode->Security;
  186. do {
  187. if (!HvIsCellAllocated(Hive, NextCell)) {
  188. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC,"CM: CmpValidateHiveSecurityDescriptors\n"));
  189. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC," NextCell: %08lx is invalid HCELL_INDEX\n",NextCell));
  190. goto YankSD;
  191. }
  192. SecurityCell = (PCM_KEY_SECURITY) HvGetCell(Hive, NextCell);
  193. if( SecurityCell == NULL ) {
  194. //
  195. // we couldn't map a view for the bin containing this cell
  196. //
  197. return FALSE;
  198. }
  199. #ifdef HIVE_SECURITY_STATS
  200. NoOfCells++;
  201. if( (SmallestSize == 0) || ((SecurityCell->DescriptorLength + FIELD_OFFSET(CM_KEY_SECURITY, Descriptor)) < SmallestSize) ) {
  202. SmallestSize = SecurityCell->DescriptorLength + FIELD_OFFSET(CM_KEY_SECURITY, Descriptor);
  203. }
  204. if( (BiggestSize == 0) || ((SecurityCell->DescriptorLength + FIELD_OFFSET(CM_KEY_SECURITY, Descriptor)) > BiggestSize) ) {
  205. BiggestSize = SecurityCell->DescriptorLength + FIELD_OFFSET(CM_KEY_SECURITY, Descriptor);
  206. }
  207. TotalSecuritySize += (SecurityCell->DescriptorLength + FIELD_OFFSET(CM_KEY_SECURITY, Descriptor));
  209. #endif
  211. if (NextCell != ListAnchor) {
  212. //
  213. // Check to make sure that our Blink points to where we just
  214. // came from.
  215. //
  216. if (SecurityCell->Blink != LastCell) {
  217. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC," Invalid Blink (%08lx) on security cell %08lx\n",SecurityCell->Blink, NextCell));
  218. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC," should point to %08lx\n", LastCell));
  219. return(FALSE);
  220. }
  221. }
  223. CmKdPrintEx((DPFLTR_CONFIG_ID,CML_SEC,"CmpValidSD: SD shared by %d nodes\n",SecurityCell->ReferenceCount));
  224. if (!SeValidSecurityDescriptor(SecurityCell->DescriptorLength, &SecurityCell->Descriptor)) {
  225. #if DBG
  226. CmpDumpSecurityDescriptor(&SecurityCell->Descriptor,"INVALID DESCRIPTOR");
  227. #endif
  228. goto YankSD;
  229. }
  230. //
  231. // cache this security cell; now that we know it is valid
  232. //
  233. if( BuildSecurityCache == TRUE ) {
  234. if( !NT_SUCCESS(CmpAddSecurityCellToCache ( (PCMHIVE)Hive,NextCell,TRUE,NULL) ) ) {
  235. return FALSE;
  236. }
  237. } else {
  238. //
  239. // just check this cell is there
  240. //
  241. ULONG Index;
  242. if( CmpFindSecurityCellCacheIndex ((PCMHIVE)Hive,NextCell,&Index) == FALSE ) {
  243. //
  244. // bad things happened; maybe an error in our caching code?
  245. //
  246. return FALSE;
  247. }
  249. }
  251. LastCell = NextCell;
  252. NextCell = SecurityCell->Flink;
  253. } while ( NextCell != ListAnchor );
  254. #ifdef HIVE_SECURITY_STATS
  256. #ifndef _CM_LDR_
  257. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\t NumberOfCells \t = %20lu (%8lx) \n",NoOfCells,NoOfCells);
  258. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\t SmallestCellSize \t = %20lu (%8lx) \n",SmallestSize,SmallestSize);
  259. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\t BiggestCellSize \t = %20lu (%8lx) \n",BiggestSize,BiggestSize);
  260. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\t TotalSecuritySize\t = %20lu (%8lx) \n",TotalSecuritySize,TotalSecuritySize);
  261. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\t HiveLength \t = %20lu (%8lx) \n",Hive->BaseBlock->Length,Hive->BaseBlock->Length);
  262. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"\n");
  263. #endif //_CM_LDR_
  265. #endif
  267. if( BuildSecurityCache == TRUE ) {
  268. //
  269. // adjust the size of the cache in case we allocated too much
  270. //
  271. CmpAdjustSecurityCacheSize ( (PCMHIVE)Hive );
  272. #ifdef HIVE_SECURITY_STATS
  273. {
  274. ULONG Duplicates;
  276. Duplicates = CmpCheckForSecurityDuplicates((PCMHIVE)Hive);
  277. if( Duplicates ) {
  278. #ifndef _CM_LDR_
  279. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"Hive %p %lu security cells duplicated !!!\n",Hive,Duplicates);
  280. #endif //_CM_LDR_
  281. }
  282. }
  283. #endif
  284. }
  286. return(TRUE);
  287. }