archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/ntos/io/iomgr/arcsec.c

345 lines
9.5 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989-1993 Microsoft Corporation
  5. Module Name:
  7. arcsec.c
  9. Abstract:
  11. This module contains subroutines for protecting the system
  12. partition on an ARC system.
  14. Author:
  16. Jim Kelly (JimK) 13-Jan-1993
  18. Environment:
  20. Kernel mode - system initialization
  22. Revision History:
  25. --*/
  27. #include "iomgr.h"
  29. //
  30. // Define procedures local to this module.
  31. //
  33. NTSTATUS
  34. IopApplySystemPartitionProt(
  35. IN PLOADER_PARAMETER_BLOCK LoaderBlock
  36. );
  38. #ifdef ALLOC_PRAGMA
  39. #pragma alloc_text(INIT,IopProtectSystemPartition)
  40. #pragma alloc_text(INIT,IopApplySystemPartitionProt)
  41. #endif
  43. //
  44. // This name must match the name use by the DISK MANAGER utility.
  45. // The Disk Manager creates and sets the value of this registry
  46. // key. We only look at it.
  47. //
  49. #define IOP_SYSTEM_PART_PROT_KEY L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa"
  50. #define IOP_SYSTEM_PART_PROT_VALUE L"Protect System Partition"
  52. BOOLEAN
  53. IopProtectSystemPartition(
  54. IN PLOADER_PARAMETER_BLOCK LoaderBlock
  55. )
  57. /*++
  59. Routine Description:
  61. This routine assigns protection to the system partition of an
  62. ARC system, if necessary. If this is not an ARC system, or
  63. the system partition does not need to be protected, then this
  64. routine does nothing.
  67. Arguments:
  69. LoaderBlock - Supplies a pointer to the loader parameter block that was
  70. created by the OS Loader.
  72. Return Value:
  74. The function value is a BOOLEAN indicating whether or not protection
  75. has been appropriately applied. TRUE indicates no errors were
  76. encountered. FALSE indicates an error was encountered.
  79. --*/
  81. {
  83. //
  84. // We only entertain the possibility of assigning protection
  85. // to the system partition if we are an ARC system. For the
  86. // time being, the best way to determine if you are an ARC
  87. // system is to see if you aren't and X86 machine. DavidRo
  88. // believes that at some point in the future we will have
  89. // ARC compliant X86 machines. At that point in time, we
  90. // will need to change the following #ifdef's into something
  91. // that does a run-time determination.
  92. //
  94. #ifdef i386 // if (!ARC-Compliant system)
  96. UNREFERENCED_PARAMETER (LoaderBlock);
  98. //
  99. // Nothing to do for non-ARC systems
  100. //
  102. return(TRUE);
  105. #else // ARC-COMPLIANT system
  107. NTSTATUS status;
  108. NTSTATUS tmpStatus;
  109. HANDLE keyHandle;
  110. OBJECT_ATTRIBUTES objectAttributes;
  111. UNICODE_STRING keyName;
  112. UNICODE_STRING valueName;
  113. ULONG resultLength;
  114. ULONG keyBuffer[sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG )];
  115. PKEY_VALUE_PARTIAL_INFORMATION keyValue;
  117. //
  118. // This is an ARC system. Attempt to retrieve information from the registry
  119. // indicating whether or not we should protect the system partition.
  120. //
  122. RtlInitUnicodeString( &keyName, IOP_SYSTEM_PART_PROT_KEY );
  123. InitializeObjectAttributes( &objectAttributes,
  124. &keyName,
  125. OBJ_CASE_INSENSITIVE,
  126. NULL,
  127. NULL );
  128. status = NtOpenKey( &keyHandle, KEY_READ, &objectAttributes);
  130. if (NT_SUCCESS( status )) {
  132. keyValue = (PKEY_VALUE_PARTIAL_INFORMATION) &keyBuffer[0];
  133. RtlInitUnicodeString( &valueName, IOP_SYSTEM_PART_PROT_VALUE );
  134. status = NtQueryValueKey( keyHandle,
  135. &valueName,
  136. KeyValuePartialInformation,
  137. keyValue,
  138. sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG ),
  139. &resultLength );
  141. if (NT_SUCCESS( status )) {
  143. PBOOLEAN applyIt;
  145. //
  146. // The appropriate information was located in the registry. Now
  147. // determine whether or not is indicates that protection is to be
  148. // applied.
  149. //
  151. applyIt = &(keyValue->Data[0]);
  153. if (*applyIt) {
  154. status = IopApplySystemPartitionProt( LoaderBlock );
  155. }
  156. }
  158. tmpStatus = NtClose( keyHandle );
  159. ASSERT(NT_SUCCESS( tmpStatus ));
  160. }
  163. return TRUE;
  165. #endif // ARC-COMPLIANT system
  166. }
  168. NTSTATUS
  169. IopApplySystemPartitionProt(
  170. IN PLOADER_PARAMETER_BLOCK LoaderBlock
  171. )
  173. /*++
  175. Routine Description:
  177. This routine applies protection to the system partition that
  178. prevents all users except administrators from accessing the
  179. partition.
  182. This routine is only used during system initialization.
  183. As such, all memory allocations are expected to succeed.
  184. Success is tested only with assertions.
  187. Arguments:
  189. LoaderBlock - Supplies a pointer to the loader parameter block that was
  190. created by the OS Loader.
  192. Return Value:
  194. The function value is the final status from attempting to set the system
  195. partition protection.
  198. --*/
  200. {
  201. NTSTATUS status;
  202. PACL dacl;
  203. SECURITY_DESCRIPTOR securityDescriptor;
  204. OBJECT_ATTRIBUTES objectAttributes;
  205. ULONG length;
  206. CHAR ArcNameFmt[12];
  208. ArcNameFmt[0] = '\\';
  209. ArcNameFmt[1] = 'A';
  210. ArcNameFmt[2] = 'r';
  211. ArcNameFmt[3] = 'c';
  212. ArcNameFmt[4] = 'N';
  213. ArcNameFmt[5] = 'a';
  214. ArcNameFmt[6] = 'm';
  215. ArcNameFmt[7] = 'e';
  216. ArcNameFmt[8] = '\\';
  217. ArcNameFmt[9] = '%';
  218. ArcNameFmt[10] = 's';
  219. ArcNameFmt[11] = '\0';
  221. ASSERT( ARGUMENT_PRESENT( LoaderBlock ) );
  222. ASSERT( ARGUMENT_PRESENT( LoaderBlock->ArcHalDeviceName ) );
  224. //
  225. // Build an appropriate discretionary ACL.
  226. //
  228. length = (ULONG) sizeof( ACL ) +
  229. ( 2 * ((ULONG) sizeof( ACCESS_ALLOWED_ACE ))) +
  230. SeLengthSid( SeLocalSystemSid ) +
  231. SeLengthSid( SeAliasAdminsSid ) +
  232. 8; // The 8 is just for good measure
  234. dacl = (PACL) ExAllocatePool( PagedPool, length );
  235. if (!dacl) {
  236. return STATUS_INSUFFICIENT_RESOURCES;
  237. }
  239. status = RtlCreateAcl( dacl, length, ACL_REVISION2 );
  240. if (NT_SUCCESS( status )) {
  242. status = RtlAddAccessAllowedAce( dacl,
  243. ACL_REVISION2,
  244. GENERIC_ALL,
  245. SeLocalSystemSid );
  246. if (NT_SUCCESS( status )) {
  248. status = RtlAddAccessAllowedAce( dacl,
  249. ACL_REVISION2,
  250. GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | READ_CONTROL,
  251. SeAliasAdminsSid );
  252. if (NT_SUCCESS( status )) {
  254. //
  255. // Put it in a security descriptor so that it may be applied to
  256. // the system partition device.
  257. //
  259. status = RtlCreateSecurityDescriptor( &securityDescriptor,
  260. SECURITY_DESCRIPTOR_REVISION );
  261. if (NT_SUCCESS( status )) {
  263. status = RtlSetDaclSecurityDescriptor( &securityDescriptor,
  264. TRUE,
  265. dacl,
  266. FALSE );
  267. }
  268. }
  269. }
  270. }
  272. if (!NT_SUCCESS( status )) {
  273. ExFreePool( dacl );
  274. return status;
  275. }
  277. //
  278. // Open the ARC boot device and apply the ACL.
  279. //
  281. {
  282. NTSTATUS tmpStatus;
  283. CHAR deviceNameBuffer[256];
  284. STRING deviceNameString;
  285. UNICODE_STRING deviceNameUnicodeString;
  286. HANDLE deviceHandle;
  287. IO_STATUS_BLOCK ioStatusBlock;
  289. //
  290. // Begin by formulating the ARC name of the boot device in the ARC
  291. // name space.
  292. //
  294. sprintf( deviceNameBuffer,
  295. ArcNameFmt,
  296. LoaderBlock->ArcHalDeviceName );
  298. RtlInitAnsiString( &deviceNameString, deviceNameBuffer );
  300. status = RtlAnsiStringToUnicodeString( &deviceNameUnicodeString,
  301. &deviceNameString,
  302. TRUE );
  304. if (NT_SUCCESS( status )) {
  306. InitializeObjectAttributes( &objectAttributes,
  307. &deviceNameUnicodeString,
  308. OBJ_CASE_INSENSITIVE,
  309. NULL,
  310. NULL );
  312. status = ZwOpenFile( &deviceHandle,
  313. WRITE_DAC,
  314. &objectAttributes,
  315. &ioStatusBlock,
  316. TRUE,
  317. 0 );
  319. RtlFreeUnicodeString( &deviceNameUnicodeString );
  321. if (NT_SUCCESS( status )) {
  324. //
  325. // Apply the ACL built above to the system partition device
  326. // object.
  327. //
  329. status = ZwSetSecurityObject( deviceHandle,
  330. DACL_SECURITY_INFORMATION,
  331. &securityDescriptor );
  333. tmpStatus = NtClose( deviceHandle );
  334. }
  335. }
  336. }
  338. //
  339. // Free the memory used to hold the ACL.
  340. //
  342. ExFreePool( dacl );
  344. return status;
  345. }