archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/net/sockets/winsock2/wsp/afdsys/create.c

332 lines
8.8 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. dispatch.c
  9. Abstract:
  11. This module contains code for opening a handle to AFD.
  13. Author:
  15. David Treadwell (davidtr) 21-Feb-1992
  17. Revision History:
  19. --*/
  21. #include "afdp.h"
  23. BOOLEAN
  24. AfdPerformSecurityCheck (
  25. PIRP Irp,
  26. PIO_STACK_LOCATION IrpSp,
  27. PNTSTATUS Status
  28. );
  30. #ifdef ALLOC_PRAGMA
  31. #pragma alloc_text( PAGE, AfdCreate )
  32. #pragma alloc_text( PAGE, AfdPerformSecurityCheck )
  33. #endif
  38. NTSTATUS
  39. FASTCALL
  40. AfdCreate (
  41. IN PIRP Irp,
  42. IN PIO_STACK_LOCATION IrpSp
  43. )
  45. /*++
  47. Routine Description:
  49. This is the routine that handles Create IRPs in AFD. If creates an
  50. AFD_ENDPOINT structure and fills it in with the information
  51. specified in the open packet.
  53. Arguments:
  55. Irp - Pointer to I/O request packet.
  57. IrpSp - pointer to the IO stack location to use for this request.
  59. Return Value:
  61. NTSTATUS -- Indicates whether the request was successfully queued.
  63. --*/
  65. {
  66. PAFD_ENDPOINT endpoint;
  67. PFILE_FULL_EA_INFORMATION eaBuffer;
  68. UNICODE_STRING transportDeviceName;
  69. NTSTATUS status;
  71. PAGED_CODE( );
  73. DEBUG endpoint = NULL;
  75. //
  76. // Find the open packet from the EA buffer in the system buffer of
  77. // the associated IRP. Fail the request if there was no EA
  78. // buffer specified.
  79. //
  81. eaBuffer = Irp->AssociatedIrp.SystemBuffer;
  83. if ( eaBuffer == NULL ) {
  85. //
  86. // Allocate an AFD "helper" endpoint.
  87. //
  89. status = AfdAllocateEndpoint(
  90. &endpoint,
  91. NULL,
  92. 0
  93. );
  95. if( !NT_SUCCESS(status) ) {
  96. return status;
  97. }
  99. } else {
  100. STRING EaName;
  101. STRING CString;
  103. EaName.MaximumLength = eaBuffer->EaNameLength+1;
  104. EaName.Length = eaBuffer->EaNameLength;
  105. EaName.Buffer = eaBuffer->EaName;
  107. if (RtlInitString (&CString, AfdOpenPacket),
  108. RtlEqualString(&CString, &EaName, FALSE)) {
  109. PAFD_OPEN_PACKET openPacket;
  111. openPacket = (PAFD_OPEN_PACKET)(eaBuffer->EaName +
  112. eaBuffer->EaNameLength + 1);
  114. //
  115. // Make sure that the transport address fits within the specified
  116. // EA buffer.
  117. //
  119. if ((eaBuffer->EaValueLength<sizeof (*openPacket)) ||
  120. //
  121. // Check for overflow
  122. //
  123. (FIELD_OFFSET(AFD_OPEN_PACKET,
  124. TransportDeviceName[openPacket->TransportDeviceNameLength/2+1])
  125. <FIELD_OFFSET(AFD_OPEN_PACKET, TransportDeviceName[1])) ||
  126. (eaBuffer->EaValueLength <
  127. FIELD_OFFSET(AFD_OPEN_PACKET,
  128. TransportDeviceName[openPacket->TransportDeviceNameLength/2+1])) ) {
  129. return STATUS_ACCESS_VIOLATION;
  130. }
  131. //
  132. // Validate parameters in the open packet.
  133. //
  135. if (openPacket->afdEndpointFlags&(~AFD_ENDPOINT_VALID_FLAGS)) {
  138. return STATUS_INVALID_PARAMETER;
  139. }
  141. //
  142. // Set up a string that describes the transport device name.
  143. //
  145. transportDeviceName.Buffer = openPacket->TransportDeviceName;
  146. transportDeviceName.Length = (USHORT)openPacket->TransportDeviceNameLength;
  147. transportDeviceName.MaximumLength =
  148. transportDeviceName.Length + sizeof(WCHAR);
  152. //
  153. // Allocate an AFD endpoint.
  154. //
  156. status = AfdAllocateEndpoint(
  157. &endpoint,
  158. &transportDeviceName,
  159. openPacket->GroupID
  160. );
  162. if( !NT_SUCCESS(status) ) {
  163. return status;
  164. }
  165. //
  166. // Store the flags.
  167. //
  168. endpoint->afdEndpointFlags = openPacket->afdEndpointFlags;
  170. //
  171. // Remember the type of endpoint that this is. If this is a datagram
  172. // endpoint, change the block type to reflect this.
  173. //
  176. if (openPacket->afdConnectionLess) {
  178. endpoint->Type = AfdBlockTypeDatagram;
  180. //
  181. // Initialize lists which exist only in datagram endpoints.
  182. //
  184. InitializeListHead( &endpoint->ReceiveDatagramIrpListHead );
  185. InitializeListHead( &endpoint->PeekDatagramIrpListHead );
  186. InitializeListHead( &endpoint->ReceiveDatagramBufferListHead );
  188. endpoint->Common.Datagram.MaxBufferredReceiveBytes = AfdReceiveWindowSize;
  189. endpoint->Common.Datagram.MaxBufferredSendBytes = AfdSendWindowSize;
  190. }
  191. }
  192. else if (RtlInitString (&CString, AfdSwitchOpenPacket),
  193. RtlEqualString(&CString, &EaName, FALSE)) {
  194. status = AfdSanCreateHelper (Irp, eaBuffer, &endpoint);
  195. if (!NT_SUCCESS (status))
  196. return status;
  197. }
  198. else {
  199. IF_DEBUG(OPEN_CLOSE) {
  200. KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
  201. "AfdCreate: Invalid ea name.\n"));
  202. }
  203. return STATUS_INVALID_PARAMETER;
  204. }
  205. }
  207. ASSERT( endpoint != NULL );
  209. //
  210. // Perform security check on caller.
  211. // We need this to know whether to allow exclusive
  212. // address use when allocating transport address in bind
  213. // as well as giving access to raw sockets.
  215. endpoint->AdminAccessGranted = AfdPerformSecurityCheck (Irp, IrpSp, &status);
  218. //
  219. // Set up a pointer to the endpoint in the file object so that we
  220. // can find the endpoint in future calls.
  221. //
  223. IrpSp->FileObject->FsContext = endpoint;
  224. //
  225. // Setting this field to non-NULL value enable fast IO code path
  226. // for reads and writes.
  227. //
  228. IrpSp->FileObject->PrivateCacheMap = (PVOID)-1;
  230. IF_DEBUG(OPEN_CLOSE) {
  231. KdPrintEx(( DPFLTR_WSOCKTRANSPORT_ID, DPFLTR_TRACE_LEVEL,
  232. "AfdCreate: opened file object = %p, endpoint = %p\n",
  233. IrpSp->FileObject, endpoint ));
  235. }
  237. //
  238. // The open worked. Dereference the endpoint and return success.
  239. //
  241. DEREFERENCE_ENDPOINT( endpoint );
  243. return STATUS_SUCCESS;
  245. } // AfdCreate
  248. BOOLEAN
  249. AfdPerformSecurityCheck (
  250. PIRP Irp,
  251. PIO_STACK_LOCATION IrpSp,
  252. PNTSTATUS Status
  253. )
  254. /*++
  256. Routine Description:
  258. Compares security context of the endpoint creator to that
  259. of the administrator and local system.
  261. Arguments:
  263. Irp - Pointer to I/O request packet.
  265. IrpSp - pointer to the IO stack location to use for this request.
  267. Status - returns status generated by access check on failure.
  269. Return Value:
  271. TRUE - the socket creator has admin or local system privilige
  272. FALSE - the socket creator is just a plain user
  274. --*/
  276. {
  277. BOOLEAN accessGranted;
  278. PACCESS_STATE accessState;
  279. PIO_SECURITY_CONTEXT securityContext;
  280. PPRIVILEGE_SET privileges = NULL;
  281. ACCESS_MASK grantedAccess;
  282. PGENERIC_MAPPING GenericMapping;
  283. ACCESS_MASK AccessMask = GENERIC_ALL;
  285. //
  286. // Enable access to all the globally defined SIDs
  287. //
  289. GenericMapping = IoGetFileObjectGenericMapping();
  291. RtlMapGenericMask( &AccessMask, GenericMapping );
  294. securityContext = IrpSp->Parameters.Create.SecurityContext;
  295. accessState = securityContext->AccessState;
  297. SeLockSubjectContext(&accessState->SubjectSecurityContext);
  299. accessGranted = SeAccessCheck(
  300. AfdAdminSecurityDescriptor,
  301. &accessState->SubjectSecurityContext,
  302. TRUE,
  303. AccessMask,
  304. 0,
  305. &privileges,
  306. IoGetFileObjectGenericMapping(),
  307. (KPROCESSOR_MODE)((IrpSp->Flags & SL_FORCE_ACCESS_CHECK)
  308. ? UserMode
  309. : Irp->RequestorMode),
  310. &grantedAccess,
  311. Status
  312. );
  314. if (privileges) {
  315. (VOID) SeAppendPrivileges(
  316. accessState,
  317. privileges
  318. );
  319. SeFreePrivileges(privileges);
  320. }
  322. if (accessGranted) {
  323. accessState->PreviouslyGrantedAccess |= grantedAccess;
  324. accessState->RemainingDesiredAccess &= ~( grantedAccess | MAXIMUM_ALLOWED );
  325. ASSERT (NT_SUCCESS (*Status));
  326. }
  327. else {
  328. ASSERT (!NT_SUCCESS (*Status));
  329. }
  330. SeUnlockSubjectContext(&accessState->SubjectSecurityContext);
  332. return accessGranted;
  333. }