//+----------------------------------------------------------------------- // // Microsoft Windows // // Copyright (c) Microsoft Corporation 1991 - 1992 // // File: SPMGR.H // // Contents: Common structures and functions for the SPMgr // // // History: 20 May 92 RichardW Documented existing stuff // 22 Jul 93 RichardW Revised to be the one include file // for the spm directory // //------------------------------------------------------------------------ #ifndef __SPMGR_H__ #define __SPMGR_H__ #define SECURITY_WIN32 #define SECURITY_PACKAGE #include #include #include #include // event log events // SPM-wide structure definitions: // This is the function table for a security package. All functions are // dispatched through this table. struct _DLL_BINDING; // This is the Security Package Control structure. All control information // relating to packages is stored here. typedef struct _LSAP_SECURITY_PACKAGE { ULONG_PTR dwPackageID; // Assigned package ID DWORD PackageIndex; // Package Index in DLL DWORD fPackage; // Flags about the package DWORD fCapabilities; // Capabilities that the package reported DWORD dwRPCID; // RPC ID DWORD Version; DWORD TokenSize; DWORD ContextHandles ; // Number of outstanding contexts DWORD CredentialHandles ; // ditto for credentials LONG CallsInProgress ; // Number of calls to this package SECURITY_STRING Name; // Name of the package SECURITY_STRING Comment; struct _DLL_BINDING * pBinding; // Binding of DLL PSECPKG_EXTENDED_INFORMATION Thunks ; // Thunked Context levels LIST_ENTRY ScavengerList ; SECURITY_STRING WowClientDll ; SECPKG_FUNCTION_TABLE FunctionTable; // Dispatch table } LSAP_SECURITY_PACKAGE, * PLSAP_SECURITY_PACKAGE; #define SP_INVALID 0x00000001 // Package is now invalid for use #define SP_PREFERRED 0x00000002 // The preferred package #define SP_INFO 0x00000004 // Supports Extended Info #define SP_SHUTDOWN 0x00000008 // Shutdown has completed #define SP_WOW_SUPPORT 0x00000010 // Package can support WOW6432 clients #define StartCallToPackage( p ) \ InterlockedIncrement( &((PLSAP_SECURITY_PACKAGE)(p))->CallsInProgress ) #define EndCallToPackage( p ) \ InterlockedDecrement( &((PLSAP_SECURITY_PACKAGE)(p))->CallsInProgress ) typedef struct _DLL_BINDING { DWORD Flags; // Flags about the DLL HANDLE hInstance; // Instance Handle SECURITY_STRING Filename; // Full path name DWORD RefCount; // Reference Count DWORD PackageCount; // Number of Packages in DLL LSAP_SECURITY_PACKAGE Packages[1]; } DLL_BINDING, * PDLL_BINDING; #define DLL_BUILTIN 0x00000001 // DLL is really built-in code #define DLL_SIGNED 0x00000002 // DLL is signed // // Ordinals to the function pointers, for validating calls // #define SP_ORDINAL_LSA_INIT 0 #define SP_ORDINAL_LOGONUSER 1 #define SP_ORDINAL_CALLPACKAGE 2 #define SP_ORDINAL_LOGONTERMINATED 3 #define SP_ORDINAL_CALLPACKAGEUNTRUSTED 4 #define SP_ORDINAL_CALLPACKAGEPASSTHROUGH 5 #define SP_ORDINAL_LOGONUSEREX 6 #define SP_ORDINAL_LOGONUSEREX2 7 #define SP_ORDINAL_INITIALIZE 8 #define SP_ORDINAL_SHUTDOWN 9 #define SP_ORDINAL_GETINFO 10 #define SP_ORDINAL_ACCEPTCREDS 11 #define SP_ORDINAL_ACQUIRECREDHANDLE 12 #define SP_ORDINAL_QUERYCREDATTR 13 #define SP_ORDINAL_FREECREDHANDLE 14 #define SP_ORDINAL_SAVECRED 15 #define SP_ORDINAL_GETCRED 16 #define SP_ORDINAL_DELETECRED 17 #define SP_ORDINAL_INITLSAMODECTXT 18 #define SP_ORDINAL_ACCEPTLSAMODECTXT 19 #define SP_ORDINAL_DELETECTXT 20 #define SP_ORDINAL_APPLYCONTROLTOKEN 21 #define SP_ORDINAL_GETUSERINFO 22 #define SP_ORDINAL_GETEXTENDEDINFORMATION 23 #define SP_ORDINAL_QUERYCONTEXTATTRIBUTES 24 #define SP_ORDINAL_ADDCREDENTIALS 25 #define SP_ORDINAL_SETEXTENDEDINFORMATION 26 #define SP_ORDINAL_SETCONTEXTATTRIBUTES 27 #define SP_MAX_TABLE_ORDINAL (SP_ORDINAL_SETCONTEXTATTRIBUTES + 1) #define SP_MAX_AUTHPKG_ORDINAL (SP_ORDINAL_LOGONUSEREX) #define SP_ORDINAL_MASK 0x0000FFFF #define SP_ITERATE_FILTER_WOW 0x00010000 typedef struct _LsaState { DWORD cPackages ; DWORD cNewPackages ; } LsaState ; typedef enum _SECHANDLE_OPS { HandleSet, // Just set the new handle HandleReplace, // Replace the existing one HandleRemoveReplace // Remove provided, replace with provided } SECHANDLE_OPS ; typedef struct _LSA_TUNING_PARAMETERS { ULONG ThreadLifespan ; // lifespan for threads in gen. pool ULONG SubQueueLifespan ; // lifespan for dedicated threads ULONG Options ; // Option flags ULONG CritSecSpinCount ; // spin count of critical sections } LSA_TUNING_PARAMETERS, * PLSA_TUNING_PARAMETERS ; #define TUNE_SRV_HIGH_PRIORITY 0x00000001 #define TUNE_TRIM_WORKING_SET 0x00000002 #define TUNE_PRIVATE_HEAP 0x00000010 // // Redefine IsOkayToExec // #define IsOkayToExec(x) // For some tracking purposes, the package ID for the SPMgr is a well known // constant: #define SPMGR_ID ((LSA_SEC_HANDLE) INVALID_HANDLE_VALUE) #define SPMGR_PKG_ID ((LSA_SEC_HANDLE) INVALID_HANDLE_VALUE) // // Value to pass to shutdown handler // #define SPM_SHUTDOWN_VALUE 0xD0 // // Creating process name for LSA sessions // #define LSA_PROCESS_NAME L"LSA Server" // // ID of the primary package // #define PRIMARY_ID 0 typedef struct _SpmExceptDbg { DWORD ThreadId; PVOID pInstruction; PVOID pMemory; ULONG_PTR Access; } SpmExceptDbg, * PSpmExceptDbg; // // Internal Exception Handling: // // If we hit an exception in a debug build, we store away some useful stuff // otherwise, we go to the default case: // LONG SpExceptionFilter(PVOID, EXCEPTION_POINTERS *); #define SP_EXCEPTION SpExceptionFilter(GetCurrentSession(), GetExceptionInformation()) // // Include other component header files // #ifdef __cplusplus extern "C" { #endif #include "sesmgr.h" // Session manager support #include "sphelp.h" // Internal helper functions #include "protos.h" // Internal Prototypes #include "debug.h" // Debugging Support: #ifdef __cplusplus } #endif typedef struct _LSAP_DBG_LOG_CONTEXT { PSession Session ; // Session used SecHandle Handle ; // Handle used } LSAP_DBG_LOG_CONTEXT, *PLSAP_DBG_LOG_CONTEXT ; typedef struct _LSAP_API_LOG_ENTRY { ULONG MessageId ; // LPC Message ID ULONG ThreadId ; // Thread ID handling call PVOID pvMessage ; // LPC Message PVOID WorkItem ; // Work item for API LARGE_INTEGER QueueTime ; // Time Queued LARGE_INTEGER WorkTime ; // Work Time PVOID Reserved ; // Alignment LSAP_DBG_LOG_CONTEXT Context ; // Context } LSAP_API_LOG_ENTRY, * PLSAP_API_LOG_ENTRY ; typedef struct _LSAP_API_LOG { ULONG TotalSize ; ULONG Current ; ULONG ModSize ; ULONG Align ; LSAP_API_LOG_ENTRY Entries[ 1 ]; } LSAP_API_LOG, * PLSAP_API_LOG ; PLSAP_API_LOG ApiLogCreate( ULONG Entries ); PLSAP_API_LOG_ENTRY ApiLogAlloc( PLSAP_API_LOG Log ); PLSAP_API_LOG_ENTRY ApiLogLocate( PLSAP_API_LOG Log, ULONG MessageId ); #define DEFAULT_LOG_SIZE 32 //#if DBG #define DBG_TRACK_API 1 //#endif #if DBG_TRACK_API #define DBG_DISPATCH_PROLOGUE_EX( Entry, pMessage, CallInfo ) \ if ( Entry ) \ { \ Entry->ThreadId = GetCurrentThreadId() ; \ CallInfo.LogContext = & Entry->Context ; \ GetSystemTimeAsFileTime( (LPFILETIME) &Entry->WorkTime ) ; \ } \ else \ { \ CallInfo.LogContext = NULL ; \ } #define DBG_DISPATCH_PROLOGUE( Table, pMessage, CallInfo ) \ PLSAP_API_LOG_ENTRY Entry ; \ \ Entry = ApiLogLocate( Table, ((PPORT_MESSAGE) pMessage)->MessageId ); \ DBG_DISPATCH_PROLOGUE_EX( Entry, pMessage, CallInfo ) \ #define DBG_DISPATCH_POSTLOGUE( Status, ApiCode ) \ if ( Entry ) \ { \ LARGE_INTEGER EndTime ; \ GetSystemTimeAsFileTime( (LPFILETIME) & EndTime ); \ Entry->Reserved = ULongToPtr(Entry->ThreadId); \ Entry->ThreadId = (DWORD) 0xFFFFFFFF ; \ Entry->WorkItem = (PVOID) Status ; \ Entry->pvMessage = (PVOID) ApiCode ; \ Entry->QueueTime.QuadPart = EndTime.QuadPart ; \ Entry->WorkTime.QuadPart = EndTime.QuadPart - Entry->WorkTime.QuadPart ; \ } #else #define DBG_DISPATCH_PROLOGUE_EX( Entry, pMessage, CallInfo ) CallInfo.LogContext = NULL #define DBG_DISPATCH_PROLOGUE( Table, pApi, CallInfo ) CallInfo.LogContext = NULL #define DBG_DISPATCH_POSTLOGUE( Status, ApiCode ) #endif typedef struct _LSA_CALL_INFO { PSPM_LPC_MESSAGE Message ; struct _LSA_CALL_INFO * PreviousCall ; PSession Session ; PLSAP_DBG_LOG_CONTEXT LogContext ; SECPKG_CALL_INFO CallInfo ; // // LogonId, ImpersonationLevel, Impersonating, Restricted // are considered valid CachedTokenInfo is TRUE // LUID LogonId ; SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; BOOLEAN Impersonating; BOOLEAN Restricted; BOOLEAN CachedTokenInfo; HANDLE InProcToken ; BOOL InProcCall ; ULONG Flags ; ULONG Allocs ; PKSEC_LSA_MEMORY_HEADER KMap ; PVOID Buffers[ MAX_BUFFERS_IN_CALL ]; BYTE IpAddress[ LSAP_ADDRESS_LENGTH ]; } LSA_CALL_INFO, * PLSA_CALL_INFO ; #define LsapGetCurrentCall() ((PLSA_CALL_INFO) TlsGetValue( dwCallInfo )) #define LsapSetCurrentCall(x) TlsSetValue( dwCallInfo, x ) #define CALL_FLAG_IMPERSONATING 0x00000001 #define CALL_FLAG_IN_PROC_CALL 0x00000002 #define CALL_FLAG_SUPRESS_AUDIT 0x00000004 #define CALL_FLAG_NO_HANDLE_CHK 0x00000008 #define CALL_FLAG_KERNEL_POOL 0x00000010 // Kernel mode call, using pool #define CALL_FLAG_KMAP_USED 0x00000020 // KMap is valid // //BOOL //LsapIsBlockInKMap( KMap, Block ) // #define LsapIsBlockInKMap( KMap, Block ) \ ( KMap ? (((ULONG_PTR) KMap ^ (ULONG_PTR) Block ) < (ULONG_PTR) KMap->Commit) : FALSE ) NTSTATUS InitializeDirectDispatcher( VOID ); VOID LsapInitializeCallInfo( PLSA_CALL_INFO CallInfo, BOOL InProcess ); NTSTATUS LsapBuildCallInfo( PSPM_LPC_MESSAGE pApiMessage, PLSA_CALL_INFO CallInfo, PHANDLE Impersonated, PSession * NewSession, PSession * OldSession ); VOID LsapInternalBreak( VOID ); #define LsapLogCallInfo( CallInfo, pSession, cHandle ) \ if ( CallInfo && ( CallInfo->LogContext ) ) \ { \ CallInfo->LogContext->Session = pSession ; \ CallInfo->LogContext->Handle = cHandle; \ } \ // // Global variables // extern LSA_SECPKG_FUNCTION_TABLE LsapSecpkgFunctionTable; // Dispatch table of helper functions extern LUID SystemLogonId; // System LogonID for packages. extern SECURITY_STRING MachineName; // Computer name extern HANDLE hStateChangeEvent; // Event set when the system state is changed extern HANDLE hShutdownEvent; extern LSA_CALL_INFO LsapDefaultCallInfo ; extern ULONG LsapPageSize ; // Set to the page size during init extern ULONG_PTR LsapUserModeLimit ; // Set the to max user mode address // // Thread Local Storage variables // // These are actually all indices into the tls area, accessed through the // TlsXxx functions. These are all initialized by the InitThreadData() // function // extern DWORD dwSession; // Session pointer extern DWORD dwExceptionInfo; // Gets a pointer to exception info extern DWORD dwThreadPackage; // Package ID for thread extern DWORD dwCallInfo ; // CallInfo pointer extern DWORD dwThreadHeap; // Heap assigned to current thread. // Last known workstation status: extern BOOLEAN SetupPhase; // If true, setup is running extern BOOL ShutdownBegun ; // when true, shutdown is running extern LSA_TUNING_PARAMETERS LsaTuningParameters ; extern LsaState lsState ; extern PWSTR * ppszPackages; // Contains a null terminated array of dll names extern PWSTR * ppszOldPkgs; // Contains a null terminated array of old pkgs // // Maximum size of a buffer that can be passed across an LPC call // #define LSAP_MAX_LPC_BUFFER_LENGTH (1024 * 1024) #endif // __SPMGR_H__