archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/drivers/sac/driver/data.c

764 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. data.c
  9. Abstract:
  11. This module contains global data for SAC.
  13. Author:
  15. Sean Selitrennikoff (v-seans) - Jan 11, 1999
  17. Revision History:
  19. --*/
  21. #include "sac.h"
  23. NTSTATUS
  24. CreateAdminSecurityDescriptor(
  25. IN PSAC_DEVICE_CONTEXT DeviceContext
  26. );
  28. NTSTATUS
  29. BuildDeviceAcl(
  30. OUT PACL *DeviceAcl
  31. );
  33. VOID
  34. WorkerThreadStartUp(
  35. IN PVOID StartContext
  36. );
  39. #ifdef ALLOC_PRAGMA
  40. #pragma alloc_text( INIT, InitializeGlobalData)
  41. #pragma alloc_text( INIT, CreateAdminSecurityDescriptor )
  42. #pragma alloc_text( INIT, BuildDeviceAcl )
  43. #endif
  45. //
  46. // Globally defined variables are here.
  47. //
  48. BOOLEAN GlobalDataInitialized = FALSE;
  49. UCHAR TmpBuffer[sizeof(PROCESS_PRIORITY_CLASS)];
  50. BOOLEAN IoctlSubmitted;
  51. LONG ProcessingType;
  52. HANDLE SACEventHandle;
  53. PKEVENT SACEvent=NULL;
  54. LONG Attempts;
  56. #if DBG
  57. ULONG SACDebug = 0x0;
  58. #endif
  61. BOOLEAN
  62. InitializeGlobalData(
  63. IN PUNICODE_STRING RegistryPath,
  64. IN PDRIVER_OBJECT DriverObject
  65. )
  67. /*++
  69. Routine Description:
  71. This routine initializes all the driver components that are shared across devices.
  73. Arguments:
  75. RegistryPath - A pointer to the location in the registry to read values from.
  76. DriverObject - pointer to DriverObject
  78. Return Value:
  80. TRUE if successful, else FALSE
  82. --*/
  84. {
  85. NTSTATUS Status;
  86. UNICODE_STRING DosName;
  87. UNICODE_STRING NtName;
  88. UNICODE_STRING UnicodeString;
  90. UNREFERENCED_PARAMETER(RegistryPath);
  92. PAGED_CODE();
  94. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  95. KdPrint(("SAC InitializeGlobalData: Entering.\n")));
  97. if (!GlobalDataInitialized) {
  99. //
  100. // Create a symbolic link from a DosDevice to this device so that a user-mode app can open us.
  101. //
  102. RtlInitUnicodeString(&DosName, SAC_DOSDEVICE_NAME);
  103. RtlInitUnicodeString(&NtName, SAC_DEVICE_NAME);
  104. Status = IoCreateSymbolicLink(&DosName, &NtName);
  106. if (!NT_SUCCESS(Status)) {
  107. return FALSE;
  108. }
  110. //
  111. // Initialize internal memory system
  112. //
  113. if (!InitializeMemoryManagement()) {
  115. IoDeleteSymbolicLink(&DosName);
  117. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  118. KdPrint(("SAC InitializeGlobalData: Exiting with status FALSE\n")));
  120. return FALSE;
  121. }
  123. Status = PreloadGlobalMessageTable(DriverObject->DriverStart);
  124. if (!NT_SUCCESS(Status)) {
  126. IoDeleteSymbolicLink(&DosName);
  128. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  129. KdPrint(( "SAC DriverEntry: unable to pre-load message table: %X\n", Status )));
  130. return FALSE;
  132. }
  134. Utf8ConversionBuffer = (PUCHAR)ALLOCATE_POOL(MEMORY_INCREMENT, GENERAL_POOL_TAG);
  135. if (!Utf8ConversionBuffer) {
  137. TearDownGlobalMessageTable();
  139. IoDeleteSymbolicLink(&DosName);
  141. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  142. KdPrint(( "SAC DriverEntry: unable to allocate memory for UTF8 translation." )));
  144. return FALSE;
  145. }
  147. GlobalDataInitialized = TRUE;
  148. ProcessingType = SAC_NO_OP;
  149. IoctlSubmitted = FALSE;
  150. Attempts = 0;
  152. //
  153. // Setup notification event
  154. //
  155. RtlInitUnicodeString(&UnicodeString, L"\\SACEvent");
  156. SACEvent = IoCreateSynchronizationEvent(&UnicodeString, &SACEventHandle);
  158. if (SACEvent == NULL) {
  159. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  160. KdPrint(("SAC InitializeGlobalData: Exiting with Event NULL\n")));
  162. return FALSE;
  163. }
  165. //
  166. // Retrieve all the machine-specific identification information.
  167. //
  168. InitializeMachineInformation();
  170. }
  172. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  173. KdPrint(("SAC InitializeGlobalData: Exiting with status TRUE\n")));
  175. return TRUE;
  176. } // InitializeGlobalData
  179. VOID
  180. FreeGlobalData(
  181. VOID
  182. )
  184. /*++
  186. Routine Description:
  188. This routine frees all shared components.
  190. Arguments:
  192. None.
  194. Return Value:
  196. None.
  198. --*/
  200. {
  201. UNICODE_STRING DosName;
  203. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeGlobalData: Entering.\n")));
  205. if (GlobalDataInitialized) {
  206. if(SACEvent != NULL){
  207. ZwClose(SACEventHandle);
  208. SACEvent = NULL;
  209. }
  211. TearDownGlobalMessageTable();
  213. RtlInitUnicodeString(&DosName, SAC_DOSDEVICE_NAME);
  214. IoDeleteSymbolicLink(&DosName);
  216. FreeMemoryManagement();
  217. GlobalDataInitialized = FALSE;
  218. }
  220. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeGlobalData: Exiting.\n")));
  222. } // FreeGlobalData
  225. BOOLEAN
  226. InitializeDeviceData(
  227. PDEVICE_OBJECT DeviceObject
  228. )
  230. /*++
  232. Routine Description:
  234. This routine initializes all the parts specific for each device.
  236. Arguments:
  238. DeviceObject - pointer to device object to be initialized.
  240. Return Value:
  242. TRUE if successful, else FALSE
  244. --*/
  246. {
  247. NTSTATUS Status;
  248. LARGE_INTEGER Time;
  249. LONG Priority;
  250. HEADLESS_CMD_ENABLE_TERMINAL Command;
  251. PSAC_DEVICE_CONTEXT DeviceContext;
  253. PAGED_CODE();
  255. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  256. KdPrint(("SAC InitializeDeviceData: Entering.\n")));
  258. DeviceContext = (PSAC_DEVICE_CONTEXT)DeviceObject->DeviceExtension;
  260. if (!DeviceContext->InitializedAndReady) {
  262. DeviceObject->StackSize = DEFAULT_IRP_STACK_SIZE;
  263. DeviceObject->Flags |= DO_DIRECT_IO;
  265. DeviceContext->DeviceObject = DeviceObject;
  266. DeviceContext->PriorityBoost = DEFAULT_PRIORITY_BOOST;
  267. DeviceContext->AdminSecurityDescriptor = NULL;
  268. DeviceContext->UnloadDeferred = FALSE;
  269. DeviceContext->Processing = FALSE;
  271. KeInitializeTimer(&(DeviceContext->Timer));
  273. KeInitializeDpc(&(DeviceContext->Dpc), &TimerDpcRoutine, DeviceContext);
  275. KeInitializeSpinLock(&(DeviceContext->SpinLock));
  277. KeInitializeEvent(&(DeviceContext->ProcessEvent), SynchronizationEvent, FALSE);
  279. //
  280. // Enable the terminal
  281. //
  282. Command.Enable = TRUE;
  283. Status = HeadlessDispatch(HeadlessCmdEnableTerminal,
  284. &Command,
  285. sizeof(HEADLESS_CMD_ENABLE_TERMINAL),
  286. NULL,
  287. NULL
  288. );
  289. if (!NT_SUCCESS(Status)) {
  291. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  292. KdPrint(("SAC InitializeDeviceData: Exiting (1) with status FALSE\n")));
  293. return FALSE;
  294. }
  296. //
  297. // Remember a pointer to the system process. We'll use this pointer
  298. // for KeAttachProcess() calls so that we can open handles in the
  299. // context of the system process.
  300. //
  301. DeviceContext->SystemProcess = (PKPROCESS)IoGetCurrentProcess();
  303. //
  304. // Create the security descriptor used for raw access checks.
  305. //
  306. Status = CreateAdminSecurityDescriptor(DeviceContext);
  308. if (!NT_SUCCESS(Status)) {
  309. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  310. KdPrint(("SAC InitializeDeviceData: Exiting (2) with status FALSE\n")));
  311. Command.Enable = FALSE;
  312. HeadlessDispatch(HeadlessCmdEnableTerminal,
  313. &Command,
  314. sizeof(HEADLESS_CMD_ENABLE_TERMINAL),
  315. NULL,
  316. NULL
  317. );
  318. return FALSE;
  319. }
  321. //
  322. // Start a thread to handle requests
  323. //
  324. Status = PsCreateSystemThread(&(DeviceContext->ThreadHandle),
  325. PROCESS_ALL_ACCESS,
  326. NULL,
  327. NULL,
  328. NULL,
  329. WorkerThreadStartUp,
  330. DeviceContext
  331. );
  333. if (!NT_SUCCESS(Status)) {
  334. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  335. KdPrint(("SAC InitializeDeviceData: Exiting (3) with status FALSE\n")));
  336. Command.Enable = FALSE;
  337. HeadlessDispatch(HeadlessCmdEnableTerminal,
  338. &Command,
  339. sizeof(HEADLESS_CMD_ENABLE_TERMINAL),
  340. NULL,
  341. NULL
  342. );
  343. return FALSE;
  344. }
  346. //
  347. // Set this thread to the real-time highest priority so that it will be
  348. // responsive.
  349. //
  350. Priority = HIGH_PRIORITY;
  351. Status = NtSetInformationThread(DeviceContext->ThreadHandle,
  352. ThreadPriority,
  353. &Priority,
  354. sizeof(Priority)
  355. );
  357. if (!NT_SUCCESS(Status)) {
  358. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  359. KdPrint(("SAC InitializeDeviceData: Exiting (6) with status FALSE\n")));
  361. //
  362. // Tell thread to exit.
  363. //
  364. DeviceContext->UnloadDeferred = TRUE;
  365. KeInitializeEvent(&(DeviceContext->UnloadEvent), SynchronizationEvent, FALSE);
  366. KeSetEvent(&(DeviceContext->ProcessEvent), DeviceContext->PriorityBoost, FALSE);
  367. Status = KeWaitForSingleObject((PVOID)&(DeviceContext->UnloadEvent), Executive, KernelMode, FALSE, NULL);
  368. ASSERT(Status == STATUS_SUCCESS);
  370. Command.Enable = FALSE;
  371. HeadlessDispatch(HeadlessCmdEnableTerminal,
  372. &Command,
  373. sizeof(HEADLESS_CMD_ENABLE_TERMINAL),
  374. NULL,
  375. NULL
  376. );
  377. return FALSE;
  378. }
  380. //
  381. // Start our timer
  382. //
  383. Time.QuadPart = Int32x32To64((LONG)100, -1000); // 100ms from now.
  384. KeSetTimerEx(&(DeviceContext->Timer), Time, (LONG)100, &(DeviceContext->Dpc)); // every 100ms
  386. //
  387. // Display the prompt
  388. //
  389. SacPutSimpleMessage( SAC_ENTER );
  390. SacPutSimpleMessage( SAC_INITIALIZED );
  391. SacPutSimpleMessage( SAC_ENTER );
  392. SacPutSimpleMessage( SAC_PROMPT );
  394. DeviceContext->InitializedAndReady = TRUE;
  397. }
  399. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  400. KdPrint(("SAC InitializeDeviceData: Exiting with status TRUE\n")));
  402. return TRUE;
  403. } // InitializeDeviceData
  406. VOID
  407. FreeDeviceData(
  408. PDEVICE_OBJECT DeviceObject
  409. )
  411. /*++
  413. Routine Description:
  415. This routine frees all components specific to a device..
  417. Arguments:
  419. DeviceContext - The device to work on.
  421. Return Value:
  423. It will stop and wait, if necessary, for any processing to complete.
  425. --*/
  427. {
  428. KIRQL OldIrql;
  429. NTSTATUS Status;
  430. PVOID MemToFree;
  431. PSAC_DEVICE_CONTEXT DeviceContext;
  433. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeDeviceData: Entering.\n")));
  435. DeviceContext = (PSAC_DEVICE_CONTEXT)DeviceObject->DeviceExtension;
  437. if (!GlobalDataInitialized || !DeviceContext->InitializedAndReady) {
  438. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeDeviceData: Exiting.\n")));
  439. return;
  440. }
  442. //
  443. // Wait for all processing to complete
  444. //
  445. KeAcquireSpinLock(&(DeviceContext->SpinLock), &OldIrql);
  447. DeviceContext->UnloadDeferred = TRUE;
  449. while (DeviceContext->Processing) {
  451. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeDeviceData: Waiting....\n")));
  453. KeInitializeEvent(&(DeviceContext->UnloadEvent), SynchronizationEvent, FALSE);
  455. KeReleaseSpinLock(&(DeviceContext->SpinLock), OldIrql);
  457. Status = KeWaitForSingleObject((PVOID)&(DeviceContext->UnloadEvent), Executive, KernelMode, FALSE, NULL);
  459. ASSERT(Status == STATUS_SUCCESS);
  461. KeAcquireSpinLock(&(DeviceContext->SpinLock), &OldIrql);
  463. }
  465. DeviceContext->Processing = TRUE;
  467. KeReleaseSpinLock(&(DeviceContext->SpinLock), OldIrql);
  469. KeCancelTimer(&(DeviceContext->Timer));
  471. KeAcquireSpinLock(&(DeviceContext->SpinLock), &OldIrql);
  473. DeviceContext->Processing = FALSE;
  475. MemToFree = (PVOID)DeviceContext->AdminSecurityDescriptor;
  476. DeviceContext->AdminSecurityDescriptor = NULL;
  479. //
  480. // Signal the thread to exit
  481. //
  482. KeInitializeEvent(&(DeviceContext->UnloadEvent), SynchronizationEvent, FALSE);
  483. KeReleaseSpinLock(&(DeviceContext->SpinLock), OldIrql);
  484. KeSetEvent(&(DeviceContext->ProcessEvent), DeviceContext->PriorityBoost, FALSE);
  486. Status = KeWaitForSingleObject((PVOID)&(DeviceContext->UnloadEvent), Executive, KernelMode, FALSE, NULL);
  487. ASSERT(Status == STATUS_SUCCESS);
  489. //
  490. // Finish up cleaning up.
  491. //
  492. IoUnregisterShutdownNotification(DeviceObject);
  494. KeAcquireSpinLock(&(DeviceContext->SpinLock), &OldIrql);
  496. DeviceContext->InitializedAndReady = FALSE;
  497. DeviceContext->UnloadDeferred = FALSE;
  499. KeReleaseSpinLock(&(DeviceContext->SpinLock), OldIrql);
  501. if (MemToFree != NULL) {
  502. ExFreePool(MemToFree);
  503. }
  505. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC FreeDeviceData: Exiting.\n")));
  506. } // FreeDeviceData
  509. NTSTATUS
  510. BuildDeviceAcl(
  511. OUT PACL *DeviceAcl
  512. )
  514. /*++
  516. Routine Description:
  518. This routine builds an ACL which gives Administrators and LocalSystem
  519. principals full access. All other principals have no access.
  521. Arguments:
  523. DeviceAcl - Output pointer to the new ACL.
  525. Return Value:
  527. STATUS_SUCCESS or an appropriate error code.
  529. --*/
  531. {
  532. PGENERIC_MAPPING GenericMapping;
  533. PSID AdminsSid;
  534. PSID SystemSid;
  535. ULONG AclLength;
  536. NTSTATUS Status;
  537. ACCESS_MASK AccessMask = GENERIC_ALL;
  538. PACL NewAcl;
  540. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE, KdPrint(("SAC BuildDeviceAcl: Entering.\n")));
  542. //
  543. // Enable access to all the globally defined SIDs
  544. //
  546. GenericMapping = IoGetFileObjectGenericMapping();
  548. RtlMapGenericMask(&AccessMask, GenericMapping);
  550. //SeEnableAccessToExports();
  552. AdminsSid = SeExports->SeAliasAdminsSid;
  553. SystemSid = SeExports->SeLocalSystemSid;
  555. AclLength = sizeof(ACL) + (2 * sizeof(ACCESS_ALLOWED_ACE)) +
  556. RtlLengthSid(AdminsSid) + RtlLengthSid(SystemSid) -
  557. (2 * sizeof(ULONG));
  559. NewAcl = ALLOCATE_POOL(AclLength, SECURITY_POOL_TAG);
  561. if (NewAcl == NULL) {
  562. return(STATUS_INSUFFICIENT_RESOURCES);
  563. }
  565. Status = RtlCreateAcl(NewAcl, AclLength, ACL_REVISION);
  567. if (!NT_SUCCESS(Status)) {
  568. FREE_POOL(&NewAcl);
  569. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  570. KdPrint(("SAC BuildDeviceAcl: Exiting with status 0x%x\n", Status)));
  571. return(Status);
  572. }
  574. Status = RtlAddAccessAllowedAce(NewAcl,
  575. ACL_REVISION2,
  576. AccessMask,
  577. AdminsSid
  578. );
  580. ASSERT(NT_SUCCESS(Status));
  582. Status = RtlAddAccessAllowedAce(NewAcl,
  583. ACL_REVISION2,
  584. AccessMask,
  585. SystemSid
  586. );
  588. ASSERT(NT_SUCCESS(Status));
  590. *DeviceAcl = NewAcl;
  592. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  593. KdPrint(("SAC BuildDeviceAcl: Exiting with status 0x%x\n", STATUS_SUCCESS)));
  594. return(STATUS_SUCCESS);
  596. } // BuildDeviceAcl
  599. NTSTATUS
  600. CreateAdminSecurityDescriptor(
  601. PSAC_DEVICE_CONTEXT DeviceContext
  602. )
  604. /*++
  606. Routine Description:
  608. This routine creates a security descriptor which gives access
  609. only to Administrtors and LocalSystem. This descriptor is used
  610. to access check raw endpoint opens and exclisive access to transport
  611. addresses.
  613. Arguments:
  615. DeviceContext - A pointer to the device to work on.
  617. Return Value:
  619. STATUS_SUCCESS or an appropriate error code.
  621. --*/
  623. {
  624. PACL RawAcl = NULL;
  625. NTSTATUS Status;
  626. BOOLEAN MemoryAllocated = FALSE;
  627. PSECURITY_DESCRIPTOR SecurityDescriptor;
  628. ULONG SecurityDescriptorLength;
  629. CHAR Buffer[SECURITY_DESCRIPTOR_MIN_LENGTH];
  630. PSECURITY_DESCRIPTOR LocalSecurityDescriptor = (PSECURITY_DESCRIPTOR) &Buffer;
  631. PSECURITY_DESCRIPTOR LocalAdminSecurityDescriptor;
  632. SECURITY_INFORMATION SecurityInformation = DACL_SECURITY_INFORMATION;
  634. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  635. KdPrint(("SAC CreateAdminSecDesc: Entering.\n")));
  637. //
  638. // Get a pointer to the security descriptor from the device object.
  639. //
  640. Status = ObGetObjectSecurity(DeviceContext->DeviceObject,
  641. &SecurityDescriptor,
  642. &MemoryAllocated
  643. );
  645. if (!NT_SUCCESS(Status)) {
  646. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  647. KdPrint(("SAC: Unable to get security descriptor, error: %x\n", Status)));
  648. ASSERT(MemoryAllocated == FALSE);
  649. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  650. KdPrint(("SAC CreateAdminSecDesc: Exiting with status 0x%x\n", Status)));
  651. return(Status);
  652. }
  654. //
  655. // Build a local security descriptor with an ACL giving only
  656. // administrators and system access.
  657. //
  658. Status = BuildDeviceAcl(&RawAcl);
  660. if (!NT_SUCCESS(Status)) {
  661. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  662. KdPrint(("SAC CreateAdminSecDesc: Unable to create Raw ACL, error: %x\n", Status)));
  663. goto ErrorExit;
  664. }
  666. (VOID)RtlCreateSecurityDescriptor(LocalSecurityDescriptor,
  667. SECURITY_DESCRIPTOR_REVISION
  668. );
  670. (VOID)RtlSetDaclSecurityDescriptor(LocalSecurityDescriptor,
  671. TRUE,
  672. RawAcl,
  673. FALSE
  674. );
  676. //
  677. // Make a copy of the security descriptor. This copy will be the raw descriptor.
  678. //
  679. SecurityDescriptorLength = RtlLengthSecurityDescriptor(SecurityDescriptor);
  681. LocalAdminSecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
  682. SecurityDescriptorLength,
  683. SECURITY_POOL_TAG
  684. );
  686. if (LocalAdminSecurityDescriptor == NULL) {
  687. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  688. KdPrint(("SAC CreateAdminSecDesc: couldn't allocate security descriptor\n")));
  689. goto ErrorExit;
  690. }
  692. RtlMoveMemory(LocalAdminSecurityDescriptor,
  693. SecurityDescriptor,
  694. SecurityDescriptorLength
  695. );
  697. DeviceContext->AdminSecurityDescriptor = LocalAdminSecurityDescriptor;
  699. //
  700. // Now apply the local descriptor to the raw descriptor.
  701. //
  702. Status = SeSetSecurityDescriptorInfo(NULL,
  703. &SecurityInformation,
  704. LocalSecurityDescriptor,
  705. &(DeviceContext->AdminSecurityDescriptor),
  706. NonPagedPool,
  707. IoGetFileObjectGenericMapping()
  708. );
  710. if (!NT_SUCCESS(Status)) {
  711. IF_SAC_DEBUG(SAC_DEBUG_FAILS,
  712. KdPrint(("SAC CreateAdminSecDesc: SeSetSecurity failed, %lx\n", Status)));
  713. ASSERT(DeviceContext->AdminSecurityDescriptor == LocalAdminSecurityDescriptor);
  714. ExFreePool(DeviceContext->AdminSecurityDescriptor);
  715. DeviceContext->AdminSecurityDescriptor = NULL;
  716. goto ErrorExit;
  717. }
  719. if (DeviceContext->AdminSecurityDescriptor != LocalAdminSecurityDescriptor) {
  720. ExFreePool(LocalAdminSecurityDescriptor);
  721. }
  723. Status = STATUS_SUCCESS;
  725. ErrorExit:
  727. ObReleaseObjectSecurity(SecurityDescriptor, MemoryAllocated);
  729. if (RawAcl != NULL) {
  730. FREE_POOL(&RawAcl);
  731. }
  733. IF_SAC_DEBUG(SAC_DEBUG_FUNC_TRACE,
  734. KdPrint(("SAC CreateAdminSecDesc: Exiting with status 0x%x\n", Status)));
  736. return(Status);
  737. }
  739. VOID
  740. WorkerThreadStartUp(
  741. IN PVOID StartContext
  742. )
  744. /*++
  746. Routine Description:
  748. This routine is the start up routine for the worker thread. It justn
  749. sends the worker thread to the processing routine.
  751. Arguments:
  753. StartContext - A pointer to the device to work on.
  755. Return Value:
  757. None.
  759. --*/
  761. {
  762. WorkerProcessEvents((PSAC_DEVICE_CONTEXT)StartContext);
  763. }