Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2771 lines
74 KiB

  1. /*++
  2. Copyright (c) 1992 Microsoft Corporation
  3. Module Name:
  4. BOOTCFG.CXX
  5. Abstract:
  6. Contains functions used for managing the system control sets in the
  7. system portion of the registry.
  8. ScCheckLastKnownGood
  9. ScRevertToLastKnownGood
  10. NotifyBootConfigStatus
  11. ScGetTopKeys
  12. ScGetCtrlSetIds
  13. ScDeleteRegTree
  14. ScBuildCtrlSetName
  15. ScGetCtrlSetHandle
  16. ScDeleteTree
  17. ScCopyKeyRecursive
  18. ScCopyKeyValues
  19. ScDeleteRegServiceEntry
  20. ScGatherOrphanIds
  21. ScDeleteCtrlSetOrphans
  22. ScMatchInArray
  23. ScStartCtrlSetCleanupThread
  24. ScCleanupThread
  25. ScRunAcceptBootPgm
  26. ScAcceptTheBoot
  27. Author:
  28. Dan Lafferty (danl) 19-Apr-1992
  29. Environment:
  30. User Mode - Win32
  31. Notes:
  32. Revision History:
  33. 24-Aug-1998 Elliot Shmukler (t-ellios)
  34. Most of the LKG related work has now been moved into the Kernel.
  35. The tree copies & clone deletions formerly performed by functions
  36. in this file has now been replaced by calls to NtInitializeRegistry.
  37. 28-Jun-1995 AnirudhS
  38. SetupInProgress: This function is now called from more than one place.
  39. Cache the return value so we only examine the registry once.
  40. 04-Feb-1994 Danl
  41. RevertToLastKnownGood: If the boot has been accepted, then we won't
  42. allow a revert.
  43. 15-Jun-1993 Danl
  44. Ignore LastKnownGood adjustments if setup is still running.
  45. Use the SystemSetupInProgress value in the registry to determine
  46. if is running.
  47. 01-Apr-1993 Danl
  48. Add ability to take ownership if we cannot open one of the keys due
  49. to an access denied error.
  50. 08-Feb-1993 Danl
  51. Changed the clearing of the LKG_ENV_VAR so that it is done whenever
  52. we are booting LKG. Reguardless of whether or not it is the last
  53. boot. Prior to this, it was only cleared when a revert occured, and
  54. not on the first boot.
  55. 04-Feb-1993 Danl
  56. Use NtUnloadKey to delete the clone tree. The clone tree is now
  57. in a separate hive. So this is allowed.
  58. 18-Jan-1993 Danl
  59. Make use of the LastKnownGood Environment Variable. Now we do
  60. not alter the default control set when we need to revert. We
  61. just set the Environment Variable to True, and reboot. Phase2
  62. and ScCheckLastKnownGood do the right thing.
  63. 19-Apr-1992 danl
  64. Created
  65. --*/
  66. //
  67. // INCLUDES
  68. //
  69. #include "precomp.hxx"
  70. #include <stdlib.h> // ultoa
  71. #include "scsec.h" // ScAccessValidate()
  72. #include "bootcfg.h" // ScRegDeleteTree()
  73. #include "scconfig.h" // ScOpenServicesKey()
  74. #include <svcslib.h> // SetupInProgress()
  75. #include <ntsetup.h> // REGSTR_VALUE_OOBEINPROGRESS
  76. #include <bootstatus.h>
  77. //
  78. // DEFINES
  79. //
  80. #define SYSTEM_KEY L"system"
  81. #define SELECT_KEY L"select"
  82. #define SERVICES_KEY L"System\\CurrentControlSet\\Services"
  83. #define ACCEPT_BOOT_KEY L"System\\CurrentControlSet\\Control\\BootVerificationProgram"
  84. #define SETUP_PROG_KEY L"Setup"
  85. #define CURRENT_VALUE_NAME L"Current"
  86. #define DEFAULT_VALUE_NAME L"Default"
  87. #define LKG_VALUE_NAME L"LastKnownGood"
  88. #define FAILED_VALUE_NAME L"Failed"
  89. #define IMAGE_PATH_NAME L"ImagePath"
  90. #define SETUP_PROG_VALUE_NAME L"SystemSetupInProgress"
  91. #define CTRL_SET_NAME_TEMPLATE L"ControlSet000"
  92. #define CTRL_SET_NAME_CHAR_COUNT 13
  93. #define CTRL_SET_NAME_NUM_OFFSET 10
  94. #define CTRL_SET_NAME_BYTES ((CTRL_SET_CHAR_COUNT+1) * sizeof(WCHAR))
  95. #define CLONE_SECURITY_INFORMATION (OWNER_SECURITY_INFORMATION | \
  96. GROUP_SECURITY_INFORMATION | \
  97. DACL_SECURITY_INFORMATION | \
  98. SACL_SECURITY_INFORMATION)
  99. //
  100. // STANDARD access is obtained for the system and select keys.
  101. // We read and write to these keys.
  102. //
  103. #define SC_STANDARD_KEY_ACCESS KEY_READ | \
  104. READ_CONTROL | \
  105. WRITE_OWNER | \
  106. KEY_WRITE
  107. //
  108. // CLONE access is obtained for the top level clone key
  109. // We must be able to copy and delete clone trees.
  110. //
  111. #define SC_CLONE_KEY_ACCESS KEY_READ | \
  112. READ_CONTROL | \
  113. WRITE_OWNER | \
  114. DELETE | \
  115. ACCESS_SYSTEM_SECURITY
  116. //
  117. // CONTROL_SET access is obtained for the top level control sets.
  118. // We must be able to copy and delete control sets.
  119. // NOTE: SE_SECURITY_PRIVILEGE is required to get ACCESS_SYSTEM_SECURITY.
  120. //
  121. #define SC_CONTROL_SET_KEY_ACCESS KEY_READ | \
  122. KEY_WRITE | \
  123. DELETE | \
  124. READ_CONTROL | \
  125. WRITE_OWNER | \
  126. ACCESS_SYSTEM_SECURITY
  127. //
  128. // COPY access is obtained for each subkey in a control set as it is being
  129. // copied.
  130. // NOTE: SE_SECURITY_PRIVILEGE is required to get ACCESS_SYSTEM_SECURITY.
  131. //
  132. #define SC_COPY_KEY_ACCESS KEY_READ | \
  133. READ_CONTROL | \
  134. ACCESS_SYSTEM_SECURITY
  135. //
  136. // DELETE access is obtained for each subkey in a control set that is being
  137. // deleted.
  138. //
  139. #define SC_DELETE_KEY_ACCESS DELETE | \
  140. KEY_READ
  141. //
  142. // CREATE access is the access used for all keys created by this
  143. // process.
  144. //
  145. #define SC_CREATE_KEY_ACCESS KEY_WRITE | \
  146. WRITE_OWNER | \
  147. WRITE_DAC | \
  148. ACCESS_SYSTEM_SECURITY
  149. //
  150. // Control Set IDs are stored in an array of DWORDs. The array has the
  151. // following offsets for each ID:
  152. //
  153. #define CURRENT_ID 0
  154. #define DEFAULT_ID 1
  155. #define LKG_ID 2
  156. #define FAILED_ID 3
  157. #define NUM_IDS 4
  158. //
  159. // Macros
  160. //
  161. #define SET_LKG_ENV_VAR(pString) \
  162. { \
  163. UNICODE_STRING Name,Value; \
  164. \
  165. RtlInitUnicodeString(&Name, L"LastKnownGood"); \
  166. RtlInitUnicodeString(&Value,pString); \
  167. \
  168. status = RtlNtStatusToDosError(NtSetSystemEnvironmentValue(&Name,&Value)); \
  169. }
  170. //
  171. // GLOBALS
  172. //
  173. //
  174. // This flag is set when ScCheckLastKnownGood is called. It is later
  175. // checked when either ScRevertToLastKnownGood or NotifyBootConfigStatus
  176. // is called. TRUE indicates that we know we are booting LastKnownGood.
  177. //
  178. DWORD ScGlobalLastKnownGood;
  179. BOOL ScGlobalBootAccepted = FALSE;
  180. CRITICAL_SECTION ScBootConfigCriticalSection;
  181. LPDWORD ScGlobalOrphanIds = NULL;
  182. //
  183. // LOCAL FUNCTION PROTOTYPES
  184. //
  185. DWORD
  186. ScGetTopKeys(
  187. PHKEY SystemKey,
  188. PHKEY SelectKey
  189. );
  190. DWORD
  191. ScGetCtrlSetIds(
  192. HKEY SelectKey,
  193. LPDWORD IdArray
  194. );
  195. BOOL
  196. ScBuildCtrlSetName(
  197. LPWSTR ControlSetName,
  198. DWORD ControlId
  199. );
  200. HKEY
  201. ScGetCtrlSetHandle(
  202. HKEY SystemKey,
  203. DWORD ControlId,
  204. LPWSTR ControlSetName
  205. );
  206. VOID
  207. ScDeleteTree(
  208. IN HKEY KeyHandle
  209. );
  210. VOID
  211. ScCopyKeyRecursive(
  212. HKEY ParentKey,
  213. PHKEY DestKeyPtr,
  214. HKEY SourceKey,
  215. LPWSTR DestKeyName
  216. );
  217. VOID
  218. ScCopyKeyValues(
  219. HKEY DestKey,
  220. HKEY SourceKey,
  221. DWORD NumberOfValues,
  222. DWORD MaxValueNameLength,
  223. DWORD MaxValueDataLength
  224. );
  225. VOID
  226. ScDeleteRegTree(
  227. HKEY ParentKey,
  228. HKEY KeyToDelete,
  229. LPWSTR NameOfKeyToDelete
  230. );
  231. VOID
  232. ScGatherOrphanIds(
  233. HKEY SystemKey,
  234. LPDWORD *OrphanIdPtr,
  235. LPDWORD idArray
  236. );
  237. BOOL
  238. ScMatchInArray(
  239. DWORD Value,
  240. LPDWORD IdArray
  241. );
  242. VOID
  243. ScStartCtrlSetCleanupThread();
  244. DWORD
  245. ScCleanupThread();
  246. DWORD
  247. ScAcceptTheBoot(
  248. VOID
  249. );
  250. DWORD
  251. ScGetNewCtrlSetId(
  252. LPDWORD IdArray,
  253. LPDWORD NewIdPtr
  254. );
  255. BOOL
  256. ScCheckLastKnownGood(
  257. VOID
  258. )
  259. /*++
  260. Routine Description:
  261. This function is called early in the service controller initialization.
  262. Its purpose is to protect the LastKnownGood control set. If this
  263. function finds that the control set that we are booting is the
  264. LastKnownGood control set, it will save the clone tree to a new
  265. control set and make this LastKnownGood. The clone tree in this case
  266. is an unchanged version of LKG. The Current control is not! Current
  267. may have been modified by drivers that were started before the service
  268. controller was started.
  269. Phase 2 of the boot procedure is always responsible for actually
  270. doing the revert to LastKnownGood. We determine that we have reverted
  271. by noting that Current and LKG will be the same control sets, and
  272. Default will be different. If Default is the same (all three control
  273. sets are the same), then it is the very first boot, and we don't consider
  274. it a failure case. If Phase 2 is causing the boot from LastKnownGood,
  275. then we want to set
  276. Failed to Default and
  277. Current to LKG and
  278. Set the LKG environment variable to FALSE.
  279. The assumption here is that Phase2 is using LastKnownGood because
  280. The Default Control Set was not acceptable.
  281. Arguments:
  282. TRUE - If all the necessary operations were successful.
  283. FALSE - If any of the control set manipulation could not be completed
  284. successfully.
  285. Return Value:
  286. Note:
  287. --*/
  288. {
  289. DWORD status;
  290. BOOL retStat;
  291. HKEY systemKey=0;
  292. HKEY selectKey=0;
  293. HKEY failedKey=0;
  294. HKEY newKey=0;
  295. DWORD idArray[NUM_IDS];
  296. WCHAR failedKeyName[CTRL_SET_NAME_CHAR_COUNT+1];
  297. DWORD savedLkgId;
  298. DWORD newId;
  299. ULONG privileges[5];
  300. //
  301. // Initialize the Critical section that will synchronize access to
  302. // these routines. The service controller could call
  303. // ScRevertToLastKnownGood at the same time that someone calls
  304. // NotifyBootConfigStatus(). This could cause the control set pointers
  305. // to get corrupted. So access to these functions is restricted by
  306. // a critical section. It is initialized here because this function
  307. // must be called prior to starting any services, or starting the
  308. // RPC server. Therefore we can't get asynchronous calls to these
  309. // routines at this time.
  310. //
  311. InitializeCriticalSection(&ScBootConfigCriticalSection);
  312. //
  313. // This thread gets SE_SECURITY_PRIVILEGE for copying security
  314. // descriptors and deleting keys.
  315. //
  316. privileges[0] = SE_BACKUP_PRIVILEGE;
  317. privileges[1] = SE_RESTORE_PRIVILEGE;
  318. privileges[2] = SE_SECURITY_PRIVILEGE;
  319. privileges[3] = SE_TAKE_OWNERSHIP_PRIVILEGE;
  320. privileges[4] = SE_SYSTEM_ENVIRONMENT_PRIVILEGE;
  321. status = ScGetPrivilege( 5, privileges);
  322. if (status != NO_ERROR) {
  323. SC_LOG1(ERROR, "ScCheckLastKnownGood: ScGetPrivilege Failed %d\n",
  324. status);
  325. return(FALSE);
  326. }
  327. //
  328. // Get the System, Select, and Clone Keys
  329. //
  330. status = ScGetTopKeys(&systemKey, &selectKey);
  331. if (status != NO_ERROR) {
  332. SC_LOG0(ERROR,"ScCheckLastKnownGood: ScGetTopKeys failed\n");
  333. retStat = FALSE;
  334. goto CleanExit;
  335. }
  336. //
  337. // Get the ControlSetIds stored in the \system\select key.
  338. //
  339. status = ScGetCtrlSetIds(
  340. selectKey,
  341. idArray);
  342. if (status != NO_ERROR) {
  343. ScRegCloseKey(systemKey);
  344. ScRegCloseKey(selectKey);
  345. SC_LOG0(ERROR,"ScCheckLastKnownGood: ScGetCtrlSetIds Failed\n");
  346. retStat = FALSE;
  347. goto CleanExit;
  348. }
  349. //
  350. // Scan for Orphaned Control Sets.
  351. // This is required prior to calling ScGetNewCtrlSetId (which
  352. // avoids the orphaned numbers).
  353. //
  354. ScGatherOrphanIds(systemKey,&ScGlobalOrphanIds,idArray);
  355. if ((SetupInProgress(systemKey, NULL)) ||
  356. (idArray[CURRENT_ID] != idArray[LKG_ID])) {
  357. //
  358. // We are not booting from LastKnownGood, so we don't do
  359. // anything except make sure the LKG_FLAG not set.
  360. //
  361. ScGlobalLastKnownGood = 0;
  362. ScRegCloseKey(systemKey);
  363. ScRegCloseKey(selectKey);
  364. retStat = TRUE;
  365. goto CleanExit;
  366. }
  367. else {
  368. //
  369. // We Must be booting the LastKnownGood configuration.
  370. // Put LkgControlSetId into SavedLkgControlSetId.
  371. //
  372. SC_LOG0(TRACE,"ScCheckLastKnownGood, We are booting LKG\n");
  373. savedLkgId = idArray[LKG_ID];
  374. //
  375. // Set the LKG environment variable to FALSE - so Phase 2
  376. // does not automatically revert again.
  377. //
  378. SET_LKG_ENV_VAR(L"False");
  379. if (status != NO_ERROR) {
  380. SC_LOG1(ERROR,"ScCheckLastKnownGood: Couldn't clear LKG "
  381. "environment variable %d\n",status);
  382. }
  383. //
  384. // Copy the Clone tree into a non-volatile node (new ControlSetId).
  385. //
  386. SC_LOG0(TRACE,"ScCheckLastKnownGood, Copy Clone to new ctrl set\n");
  387. status = ScGetNewCtrlSetId( idArray, &newId);
  388. if(status == NO_ERROR)
  389. {
  390. status = RtlNtStatusToDosError(NtInitializeRegistry(REG_INIT_BOOT_ACCEPTED_BASE +
  391. (USHORT)newId));
  392. }
  393. if (status != NO_ERROR) {
  394. SC_LOG0(ERROR,"ScCheckLastKnownGood: ScGetNewCtrlSetId Failed\n");
  395. SC_LOG0(ERROR,"SERIOUS ERROR - Unable to copy control set that "
  396. "is to be saved as LastKnownGood\n");
  397. }
  398. else {
  399. SC_LOG0(TRACE,"ScCheckLastKnownGood, Copy Clone is complete\n");
  400. //
  401. // Set LkgControlSetId to this new ControlSetId.
  402. //
  403. SC_LOG0(TRACE,"ScCheckLastKnownGood, Set LKG to this new ctrl set\n");
  404. idArray[LKG_ID] = newId;
  405. status = ScRegSetValueExW(
  406. selectKey, // hKey
  407. LKG_VALUE_NAME, // lpValueName
  408. 0, // dwValueTitle (OPTIONAL)
  409. REG_DWORD, // dwType
  410. (LPBYTE)&(idArray[LKG_ID]), // lpData
  411. sizeof(DWORD)); // cbData
  412. ScRegCloseKey(newKey);
  413. if (status != NO_ERROR) {
  414. SC_LOG1(ERROR,"ScCheckLastKnownGood: ScRegSetValueEx (lkgValue) "
  415. "failed %d\n",status);
  416. SC_LOG1(ERROR,"Semi-SERIOUS ERROR - Unable to Set Select Value "
  417. "For LastKnownGood.\nThe new ControlSet%d should "
  418. "be LKG\n",newId);
  419. }
  420. else {
  421. //
  422. // Since we already generated a LKG, we don't want to allow the
  423. // user or the boot verfication program to try to go through the
  424. // motions of generating it again. So we set the global flag that
  425. // indicates that the boot was accepted as LKG.
  426. //
  427. ScGlobalBootAccepted = TRUE;
  428. //
  429. // Set Global LKG_FLAG to indicate that we are running LKG, and
  430. // whether or not we are here because we reverted. The only
  431. // reason we would be here without reverting is because it is the
  432. // very first boot. But in the very first boot, FAILED is 0.
  433. //
  434. ScGlobalLastKnownGood |= RUNNING_LKG;
  435. if (idArray[FAILED_ID] != 0) {
  436. ScGlobalLastKnownGood |= REVERTED_TO_LKG;
  437. }
  438. } //endif - Set LKG Id to NetCtrlSet ID;
  439. } //endif - MakeNewCtrlSet == TRUE;
  440. //
  441. // If the DefaultControlSetId is the same as the original
  442. // LkgControlSetId, then Phase2 of the boot must have reverted
  443. // to Last Known Good.
  444. //
  445. if (idArray[DEFAULT_ID] != savedLkgId) {
  446. //
  447. // We are booting LastKnownGood because it was set that way
  448. // by Phase2 of the boot. In this case, we want to set the
  449. // FailedControlSetId to the DefaultControlSetId. Then we
  450. // want to set the DefaultControlSetId to the CurrentControlSetId.
  451. //
  452. // NOTE: On the very first boot, we don't go through this path
  453. // because current=default=lkg.
  454. //
  455. SC_LOG0(TRACE,"ScCheckLastKnownGood, Phase 2 caused LKG"
  456. " so we delete the failed tree and put\n"
  457. " Default->Failed\n"
  458. " Lkg -> Default\n");
  459. if (idArray[FAILED_ID] != 0) {
  460. SC_LOG0(TRACE,"ScCheckLastKnownGood: Deleting Old Failed Tree\n");
  461. failedKey = ScGetCtrlSetHandle(
  462. systemKey,
  463. idArray[FAILED_ID],
  464. failedKeyName);
  465. ScDeleteRegTree(systemKey, failedKey, failedKeyName);
  466. }
  467. //
  468. // Put the DefaultId into the Failed value.
  469. //
  470. idArray[FAILED_ID] = idArray[DEFAULT_ID];
  471. status = ScRegSetValueExW(
  472. selectKey, // hKey
  473. FAILED_VALUE_NAME, // lpValueName
  474. 0, // dwValueTitle (OPTIONAL)
  475. REG_DWORD, // dwType
  476. (LPBYTE)&(idArray[FAILED_ID]), // lpData
  477. sizeof(DWORD)); // cbData
  478. if (status != NO_ERROR) {
  479. SC_LOG1(ERROR,"ScCheckLastKnownGood: ScRegSetValueEx (failedValue) failed %d\n",
  480. status);
  481. }
  482. //
  483. // Put the CurrentId into the Default Value.
  484. //
  485. idArray[DEFAULT_ID] = idArray[CURRENT_ID];
  486. status = ScRegSetValueExW(
  487. selectKey, // hKey
  488. DEFAULT_VALUE_NAME, // lpValueName
  489. 0, // dwValueTitle (OPTIONAL)
  490. REG_DWORD, // dwType
  491. (LPBYTE)&(idArray[CURRENT_ID]), // lpData
  492. sizeof(DWORD)); // cbData
  493. if (status != NO_ERROR) {
  494. SC_LOG1(ERROR,"ScCheckLastKnownGood: ScRegSetValueEx (DefaultValue) failed %d\n",
  495. status);
  496. ScRegCloseKey(selectKey);
  497. ScRegCloseKey(systemKey);
  498. retStat = FALSE;
  499. goto CleanExit;
  500. }
  501. }
  502. ScRegCloseKey(systemKey);
  503. ScRegCloseKey(selectKey);
  504. }
  505. retStat = TRUE;
  506. CleanExit:
  507. //
  508. // If the code above was successful then mark the boot as having been
  509. // successful.
  510. //
  511. if(retStat) {
  512. HANDLE bootStatusData;
  513. BOOL b = TRUE;
  514. status = RtlLockBootStatusData(&bootStatusData);
  515. if(NT_SUCCESS(status)) {
  516. RtlGetSetBootStatusData(bootStatusData,
  517. FALSE,
  518. RtlBsdItemBootGood,
  519. &b,
  520. sizeof(BOOL),
  521. NULL);
  522. RtlUnlockBootStatusData(bootStatusData);
  523. }
  524. }
  525. //
  526. // Restore privileges for the current thread.
  527. //
  528. (VOID)ScReleasePrivilege();
  529. //
  530. // Remove any control sets that need to be deleted (clone or orphans).
  531. // This is performed by a seperate thread.
  532. //
  533. if (ScGlobalOrphanIds != NULL) {
  534. ScStartCtrlSetCleanupThread();
  535. }
  536. return(retStat);
  537. }
  538. DWORD
  539. ScRevertToLastKnownGood(
  540. VOID
  541. )
  542. /*++
  543. Routine Description:
  544. This function attempts to revert to the last known good control set.
  545. It does this in the following manner:
  546. If not running LastKnownGood:
  547. Set the LKG environment variable so that phase 2 of the boot
  548. procedure will cause the revert to happen. Then shutdown the
  549. system so it will boot again.
  550. Arguments:
  551. Return Value:
  552. Note:
  553. --*/
  554. {
  555. DWORD status;
  556. NTSTATUS ntStatus;
  557. ULONG privileges[6];
  558. //
  559. // If we are not currently running LastKnownGood, then set the tree we
  560. // are booting from (clone) to failed. Set the Default to point to
  561. // LastKnownGood. Then reboot.
  562. //
  563. if (!(ScGlobalLastKnownGood & RUNNING_LKG)) {
  564. EnterCriticalSection(&ScBootConfigCriticalSection);
  565. if (ScGlobalBootAccepted) {
  566. //
  567. // If the boot has already been accepted, then we don't want
  568. // to allow a forced revert.
  569. //
  570. LeaveCriticalSection(&ScBootConfigCriticalSection);
  571. return(ERROR_BOOT_ALREADY_ACCEPTED);
  572. }
  573. SC_LOG0(TRACE,"ScRevertToLastKnownGood: Reverting...\n");
  574. //
  575. // This thread gets SE_SECURITY_PRIVILEGE for copying security
  576. // descriptors and deleting keys.
  577. //
  578. privileges[0] = SE_BACKUP_PRIVILEGE;
  579. privileges[1] = SE_RESTORE_PRIVILEGE;
  580. privileges[2] = SE_SECURITY_PRIVILEGE;
  581. privileges[3] = SE_SHUTDOWN_PRIVILEGE;
  582. privileges[4] = SE_SYSTEM_ENVIRONMENT_PRIVILEGE;
  583. privileges[5] = SE_TAKE_OWNERSHIP_PRIVILEGE;
  584. status = ScGetPrivilege( 6, privileges);
  585. if (status != NO_ERROR) {
  586. SC_LOG1(ERROR, "ScRevertToLastKnownGood: ScGetPrivilege Failed %d\n",
  587. status);
  588. LeaveCriticalSection(&ScBootConfigCriticalSection);
  589. return(status);
  590. }
  591. //
  592. // Set the LKG environment variable to True - so Phase 2
  593. // will automatically revert, or put up the screen asking if the
  594. // user wants to revert.
  595. //
  596. SET_LKG_ENV_VAR(L"True");
  597. if (status != NO_ERROR) {
  598. //
  599. // If we could not set the environment variable that causes
  600. // the revert, there is no reason to reboot. Otherwise, we
  601. // we would reboot continuously.
  602. //
  603. // WE SHOULD LOG AN EVENT HERE - that says that we should
  604. // reboot, but we didn't.
  605. //
  606. SC_LOG1(ERROR,"RevertToLastKnownGood: Couldn't set LKG "
  607. "environment variable %d\n",status);
  608. (VOID)ScReleasePrivilege();
  609. LeaveCriticalSection(&ScBootConfigCriticalSection);
  610. return(NO_ERROR);
  611. }
  612. //
  613. // Re-boot.
  614. //
  615. SC_LOG0(ERROR,"Reverted To LastKnownGood. Now Rebooting...\n");
  616. ScLogEvent(NEVENT_REVERTED_TO_LASTKNOWNGOOD);
  617. //
  618. // Just prior to shutting down, sleep for 5 seconds so that the
  619. // system has time to flush the events to disk.
  620. //
  621. Sleep(5000);
  622. LeaveCriticalSection(&ScBootConfigCriticalSection);
  623. ntStatus = NtShutdownSystem(ShutdownReboot);
  624. if (!NT_SUCCESS(ntStatus)) {
  625. SC_LOG1(ERROR,"NtShutdownSystem Failed 0x%lx\n",ntStatus);
  626. }
  627. //
  628. // Restore privileges for the current thread.
  629. //
  630. (VOID)ScReleasePrivilege();
  631. return(RtlNtStatusToDosError(ntStatus));
  632. }
  633. //
  634. // Otherwise... just return back to the caller.
  635. //
  636. return(ERROR_ALREADY_RUNNING_LKG);
  637. }
  638. DWORD
  639. RNotifyBootConfigStatus(
  640. IN LPWSTR lpMachineName,
  641. IN DWORD BootAcceptable
  642. )
  643. /*++
  644. Routine Description:
  645. If we are not currently booted with Last Known Good, this function
  646. will revert to Last Known Good if the boot is not acceptable. Or it
  647. will save the boot configuration that we last booted from as the
  648. Last Known Good. This is the configuration that we will fall back
  649. to if a future boot fails.
  650. Arguments:
  651. BootAcceptable - This indicates whether or not the boot was acceptable.
  652. Return Value:
  653. TRUE - This is only returned if the boot is acceptable, and we
  654. successfully replaced Last Known Good with the current boot
  655. configuration.
  656. FALSE - This is returned if an error occured when attempting to replace
  657. Last Known Good or if the system is currently booted from Last
  658. Known Good.
  659. Note:
  660. --*/
  661. {
  662. DWORD status=NO_ERROR;
  663. SC_HANDLE_STRUCT scManagerHandle;
  664. UNREFERENCED_PARAMETER(lpMachineName); // This should always be null.
  665. //
  666. // Perform a security check to see if the caller has
  667. // SC_MANAGER_MODIFY_BOOT_CONFIG access.
  668. //
  669. scManagerHandle.Signature = SC_SIGNATURE;
  670. scManagerHandle.Type.ScManagerObject.DatabaseName = NULL;
  671. status = ScAccessValidate(&scManagerHandle,SC_MANAGER_MODIFY_BOOT_CONFIG);
  672. if (status != NO_ERROR) {
  673. return(status);
  674. }
  675. if (ScGlobalLastKnownGood & RUNNING_LKG) {
  676. //
  677. // If we are already booting LastKnownGood, then return false.
  678. //
  679. return(ERROR_ALREADY_RUNNING_LKG);
  680. }
  681. if (BootAcceptable) {
  682. SC_LOG0(TRACE,"NotifyBootConfigStatus: Boot is Acceptable\n");
  683. //
  684. // Must enter critical section before progressing.
  685. //
  686. EnterCriticalSection(&ScBootConfigCriticalSection);
  687. if (ScGlobalBootAccepted) {
  688. LeaveCriticalSection(&ScBootConfigCriticalSection);
  689. return(ERROR_BOOT_ALREADY_ACCEPTED);
  690. }
  691. //
  692. // If Auto-Start is not complete yet, then we just want to mark
  693. // to boot as accepted and operate on it after auto-start completion.
  694. // We also want to set the ScGlobalBootAccepted flag so that
  695. // further requests to accept the boot will be ignored.
  696. //
  697. if (!(ScGlobalLastKnownGood & AUTO_START_DONE)) {
  698. SC_LOG0(BOOT,"RNotifyBootConfigStatus: Boot Accepted, but Auto-start "
  699. "is not complete. Defer acceptance\n");
  700. ScGlobalLastKnownGood |= ACCEPT_DEFERRED;
  701. ScGlobalBootAccepted = TRUE;
  702. }
  703. else {
  704. SC_LOG0(BOOT,"RNotifyBootConfigStatus: Boot Accepted and Auto-start "
  705. "is complete\n");
  706. status = ScAcceptTheBoot();
  707. }
  708. LeaveCriticalSection(&ScBootConfigCriticalSection);
  709. return(status);
  710. }
  711. else {
  712. //
  713. // The Boot was not acceptable.
  714. //
  715. // NOTE: We should never return from the call to
  716. // ScRevertToLastKnownGood.
  717. //
  718. //
  719. SC_LOG0(TRACE,"NotifyBootConfigStatus: Boot is Not Acceptable. Revert!\n");
  720. return(ScRevertToLastKnownGood());
  721. }
  722. }
  723. DWORD
  724. ScGetTopKeys(
  725. PHKEY SystemKey,
  726. PHKEY SelectKey
  727. )
  728. /*++
  729. Routine Description:
  730. This function opens handles to the SystemKey, and the SelectKey.
  731. Arguments:
  732. Return Value:
  733. Note:
  734. --*/
  735. {
  736. DWORD status;
  737. //
  738. // Get the System Key
  739. //
  740. status = ScRegOpenKeyExW(
  741. HKEY_LOCAL_MACHINE, // hKey
  742. SYSTEM_KEY, // lpSubKey
  743. 0L, // ulOptions (reserved)
  744. SC_STANDARD_KEY_ACCESS, // desired access
  745. SystemKey); // Newly Opened Key Handle
  746. if (status != NO_ERROR) {
  747. SC_LOG1(ERROR,"ScGetTopKeys: ScRegOpenKeyEx (system key) failed %d\n",status);
  748. return (status);
  749. }
  750. //
  751. // Get the Select Key
  752. //
  753. status = ScRegOpenKeyExW(
  754. *SystemKey, // hKey
  755. SELECT_KEY, // lpSubKey
  756. 0L, // ulOptions (reserved)
  757. SC_STANDARD_KEY_ACCESS, // desired access
  758. SelectKey); // Newly Opened Key Handle
  759. if (status != NO_ERROR) {
  760. SC_LOG1(ERROR,"ScGetTopKeys: ScRegOpenKeyEx (select key) failed %d\n",status);
  761. ScRegCloseKey(*SystemKey);
  762. return (status);
  763. }
  764. return(NO_ERROR);
  765. }
  766. DWORD
  767. ScGetCtrlSetIds(
  768. HKEY SelectKey,
  769. LPDWORD IdArray
  770. )
  771. /*++
  772. Routine Description:
  773. This function obtains all the important Control Set IDs from the
  774. \system\select portion of the registry. These IDs are in the form
  775. of a DWORD that is used to build the Key name for that control set.
  776. For instance the DWORD=003 is used to build the string
  777. "control_set_003".
  778. If a control set for one of these is not present, a 0 is returned
  779. for that ID.
  780. Arguments:
  781. SelectKey - This is the Key Handle for the \system\select portion of
  782. the registry.
  783. IdArray - This is an array of DWORDs where each element is an ID.
  784. This array contains elements for Current, Default, LKG, and Failed.
  785. Return Value:
  786. NO_ERROR - If the operation was successful.
  787. OTHER - Any error that can be returned from RegQueryValueEx could be
  788. returned here if we fail to get an ID for Current, Default, or
  789. LKG. We expect Failed To be empty to start with.
  790. Note:
  791. --*/
  792. {
  793. DWORD status;
  794. DWORD bufferSize;
  795. //
  796. // Get the Current Id
  797. //
  798. bufferSize = sizeof(DWORD);
  799. status = ScRegQueryValueExW (
  800. SelectKey, // hKey
  801. CURRENT_VALUE_NAME, // lpValueName
  802. NULL, // lpTitleIndex
  803. NULL, // lpType
  804. (LPBYTE)&IdArray[CURRENT_ID], // lpData
  805. &bufferSize); // lpcbData
  806. if (status != NO_ERROR) {
  807. SC_LOG1(ERROR,"ScGetCtrlSetIds,ScRegQueryValueEx(current) failed %d\n",status);
  808. IdArray[CURRENT_ID] = 0;
  809. return(status);
  810. }
  811. //
  812. // Get the DefaultID
  813. //
  814. bufferSize = sizeof(DWORD);
  815. status = ScRegQueryValueExW (
  816. SelectKey, // hKey
  817. DEFAULT_VALUE_NAME, // lpValueName
  818. NULL, // lpTitleIndex
  819. NULL, // lpType
  820. (LPBYTE)&IdArray[DEFAULT_ID], // lpData
  821. &bufferSize); // lpcbData
  822. if (status != NO_ERROR) {
  823. SC_LOG1(ERROR,"ScGetCtrlSetIds,ScRegQueryValueEx(default) failed %d\n",status);
  824. IdArray[DEFAULT_ID] = 0;
  825. return(status);
  826. }
  827. //
  828. // Get the LKG Id
  829. //
  830. bufferSize = sizeof(DWORD);
  831. status = ScRegQueryValueExW (
  832. SelectKey, // hKey
  833. LKG_VALUE_NAME, // lpValueName
  834. NULL, // lpTitleIndex
  835. NULL, // lpType
  836. (LPBYTE)&IdArray[LKG_ID], // lpData
  837. &bufferSize); // lpcbData
  838. if (status != NO_ERROR) {
  839. SC_LOG1(ERROR,"ScGetCtrlSetIds,ScRegQueryValueEx(LKG) failed %d\n",status);
  840. IdArray[LKG_ID] = 0;
  841. return(status);
  842. }
  843. //
  844. // Get the Failed Id
  845. //
  846. bufferSize = sizeof(DWORD);
  847. status = ScRegQueryValueExW (
  848. SelectKey, // hKey
  849. FAILED_VALUE_NAME, // lpValueName
  850. NULL, // lpTitleIndex
  851. NULL, // lpType
  852. (LPBYTE)&IdArray[FAILED_ID], // lpData
  853. &bufferSize); // lpcbData
  854. if (status != NO_ERROR) {
  855. SC_LOG1(ERROR,"ScGetCtrlSetIds,ScRegQueryValueEx(Failed) failed %d\n",status);
  856. IdArray[FAILED_ID] = 0;
  857. }
  858. return(NO_ERROR);
  859. }
  860. VOID
  861. ScDeleteRegTree(
  862. HKEY ParentKey,
  863. HKEY KeyToDelete,
  864. LPWSTR NameOfKeyToDelete
  865. )
  866. /*++
  867. Routine Description:
  868. This function walks through a Key Tree and deletes all the sub-keys
  869. contained within. It then closes the top level Key Handle, and deletes
  870. that key (which is a subkey of the parent).
  871. This function also closes the handle for the key being deleted.
  872. Arguments:
  873. ParentKey - This is the handle to the parent key whose sub-key is being
  874. deleted.
  875. KeyToDelete - A handle to the key that is to be deleted.
  876. NameOfKeyToDelete - This is a pointer to a string that Identifies the
  877. name of the key that is to be deleted.
  878. Return Value:
  879. none.
  880. Note:
  881. --*/
  882. {
  883. DWORD status;
  884. if (KeyToDelete == NULL)
  885. {
  886. return;
  887. }
  888. //
  889. // Delete the tree.
  890. //
  891. ScDeleteTree(KeyToDelete);
  892. ScRegCloseKey(KeyToDelete);
  893. status = ScRegDeleteKeyW(ParentKey, NameOfKeyToDelete);
  894. if (status != NO_ERROR) {
  895. SC_LOG1(ERROR,"ScDeleteRegTree, ScRegDeleteKey failed %d\n",status);
  896. }
  897. return;
  898. }
  899. BOOL
  900. ScBuildCtrlSetName(
  901. LPWSTR ControlSetName,
  902. DWORD ControlId
  903. )
  904. /*++
  905. Routine Description:
  906. Arguments:
  907. Return Value:
  908. Note:
  909. --*/
  910. {
  911. DWORD NumOffset = CTRL_SET_NAME_NUM_OFFSET;
  912. //
  913. // Build the name. NumOffset is the array offset of where the
  914. // number portion of the name is to be stored. The number initially
  915. // contains 000. And the offset points to the first zero. If only
  916. // two digits are to be stored, the offset is first incremented to
  917. // point to where the last two digits go.
  918. //
  919. if (ControlId > 999) {
  920. SC_LOG1(ERROR, "ScBuildCtrlSetName,ControlId Too Large -- %d\n",ControlId);
  921. return(FALSE);
  922. }
  923. if (ControlId < 100) {
  924. NumOffset++;
  925. }
  926. if (ControlId < 10) {
  927. NumOffset++;
  928. }
  929. wcscpy(ControlSetName, CTRL_SET_NAME_TEMPLATE);
  930. //
  931. // The above checks should assure that the _ultow call will not
  932. // overflow the buffer.
  933. //
  934. _ultow(ControlId, &(ControlSetName[NumOffset]), 10);
  935. return(TRUE);
  936. }
  937. HKEY
  938. ScGetCtrlSetHandle(
  939. HKEY SystemKey,
  940. DWORD ControlId,
  941. LPWSTR ControlSetName
  942. )
  943. /*++
  944. Routine Description:
  945. This function uses the ControlId to create the name of the control set
  946. to open. Then it opens a Key (handle) to this control set.
  947. Then name was well as the key handle are returned.
  948. Arguments:
  949. SystemKey - This is the handle for the System Key. The Control Sets
  950. are sub-keys for this key.
  951. ControlId - This is the ID for the Control Set for which we are
  952. desiring a handle (key).
  953. KeyName - This is a pointer to a location where the name of the key
  954. is to be placed.
  955. Return Value:
  956. HKEY - This is the Key handle for the control set in question. If the
  957. control set does not exist, a NULL is returned.
  958. Note:
  959. --*/
  960. {
  961. DWORD status;
  962. HKEY ctrlSetKey;
  963. //
  964. // Build the Control Set Name
  965. //
  966. if (!ScBuildCtrlSetName(ControlSetName, ControlId)) {
  967. return(NULL);
  968. }
  969. //
  970. // Open the Key for this name.
  971. //
  972. SC_LOG1(TRACE,"ScGetCtrlSetHandle: ControlSetName = "FORMAT_LPWSTR"\n",
  973. ControlSetName);
  974. //
  975. // Get the ControlSetName
  976. //
  977. status = ScRegOpenKeyExW(
  978. SystemKey, // hKey
  979. ControlSetName, // lpSubKey
  980. 0L, // ulOptions (reserved)
  981. SC_CONTROL_SET_KEY_ACCESS, // desired access
  982. &ctrlSetKey); // Newly Opened Key Handle
  983. if (status != NO_ERROR) {
  984. SC_LOG2(ERROR,"ScGetCtrlSetHandle: ScRegOpenKeyEx (%ws) failed %d\n",
  985. ControlSetName,
  986. status);
  987. return (NULL);
  988. }
  989. return(ctrlSetKey);
  990. }
  991. DWORD
  992. ScGetNewCtrlSetId(
  993. LPDWORD IdArray,
  994. LPDWORD NewIdPtr
  995. )
  996. /*++
  997. Routine Description:
  998. This routine computes the new control set ID to be used for
  999. the LKG control set
  1000. Arguments:
  1001. IdArray - Supplies the ID array filled in by ScGetCtrlSetIds
  1002. NewIdPtr - Returns a free ID to be used for the LKG control set
  1003. Return Value:
  1004. Either NO_ERROR if successful or ERROR_NO_MORE_ITEMS if there
  1005. are no more free IDs (should never happen)
  1006. --*/
  1007. {
  1008. DWORD newId, i;
  1009. BOOL inArray;
  1010. for(newId = 1; newId < 1000; newId++)
  1011. {
  1012. inArray = FALSE;
  1013. for(i = 0; i < NUM_IDS; i++)
  1014. {
  1015. if(IdArray[i] == newId)
  1016. {
  1017. inArray = TRUE;
  1018. break;
  1019. }
  1020. }
  1021. if (!inArray && !ScMatchInArray(newId, ScGlobalOrphanIds))
  1022. {
  1023. *NewIdPtr = newId;
  1024. return NO_ERROR;
  1025. }
  1026. }
  1027. return ERROR_NO_MORE_ITEMS;
  1028. }
  1029. VOID
  1030. ScDeleteTree(
  1031. IN HKEY KeyHandle
  1032. )
  1033. /*++
  1034. Routine Description:
  1035. This function recursively deletes all keys under the key handle that
  1036. is passed in.
  1037. Arguments:
  1038. KeyHandle - This is the handle for the Key Tree that is being deleted.
  1039. Return Value:
  1040. none.
  1041. Note:
  1042. This was cut & pasted from ..\..\winreg\tools\crdel\crdel.c
  1043. The only modifications were changing TSTR to WSTR and calling the
  1044. UNICODE version of the functions.
  1045. --*/
  1046. {
  1047. DWORD status;
  1048. DWORD Index;
  1049. HKEY ChildHandle;
  1050. DWORD bytesReturned;
  1051. BYTE buffer[ sizeof( KEY_FULL_INFORMATION) + sizeof( WCHAR) * MAX_PATH];
  1052. DWORD NumberOfSubKeys;
  1053. PWCHAR KeyName;
  1054. status = NtQueryKey(
  1055. (HANDLE)KeyHandle,
  1056. KeyFullInformation,
  1057. (PVOID)buffer,
  1058. sizeof( buffer),
  1059. &bytesReturned
  1060. );
  1061. if ( status != STATUS_SUCCESS) {
  1062. SC_LOG1(ERROR, "ScDeleteTree: NtQueryKey Failed 0x%x\n",status);
  1063. return;
  1064. }
  1065. NumberOfSubKeys = ((PKEY_FULL_INFORMATION)buffer)->SubKeys;
  1066. KeyName = (PWCHAR)buffer;
  1067. for( Index = 0; Index < NumberOfSubKeys; Index++ ) {
  1068. status = ScRegEnumKeyW(
  1069. KeyHandle,
  1070. 0,
  1071. KeyName,
  1072. sizeof( buffer)
  1073. );
  1074. if (status != NO_ERROR) {
  1075. SC_LOG1(ERROR, "ScDeleteTree: ScRegEnumKeyW Failed %d\n",status);
  1076. return;
  1077. }
  1078. status = ScRegOpenKeyExW(
  1079. KeyHandle,
  1080. KeyName,
  1081. REG_OPTION_RESERVED,
  1082. SC_DELETE_KEY_ACCESS,
  1083. &ChildHandle
  1084. );
  1085. if (status != NO_ERROR) {
  1086. SC_LOG2(ERROR, "ScDeleteTree: ScRegOpenKeyExW (%ws) Failed %d\n",
  1087. KeyName,
  1088. status);
  1089. return;
  1090. }
  1091. ScDeleteTree( ChildHandle );
  1092. status = ScRegDeleteKeyW(
  1093. KeyHandle,
  1094. KeyName);
  1095. NtClose( (HANDLE)ChildHandle);
  1096. if ( status != NO_ERROR) {
  1097. SC_LOG1(ERROR, "ScDeleteTree: ScRegDeleteKeyW Failed 0x%x\n", status);
  1098. return;
  1099. }
  1100. }
  1101. }
  1102. #if 0
  1103. VOID
  1104. ScCopyKeyRecursive(
  1105. HKEY ParentKey,
  1106. PHKEY DestKeyPtr,
  1107. HKEY SourceKey,
  1108. LPWSTR DestKeyName
  1109. )
  1110. /*++
  1111. Routine Description:
  1112. This function copies the values from the source key to the destination
  1113. key. Then it goes through each subkey of the source key and
  1114. creates subkeys for the dest key. This function is then called
  1115. to copy info for those subkeys.
  1116. Arguments:
  1117. ParentKey - This is the Key Handle for the parent key of the
  1118. destination key.
  1119. DestKeyPtr - This is the Key Handle for the destination key.
  1120. SourceKey - This is the key handle for the source key.
  1121. DestKeyName - This is the name that the new dest should have.
  1122. Return Value:
  1123. none - If this operation fails anywhere along the tree, it will simply
  1124. stop. The tree will be truncated at that point.
  1125. --*/
  1126. {
  1127. DWORD status;
  1128. DWORD i;
  1129. HKEY SourceChildKey;
  1130. HKEY DestChildKey;
  1131. WCHAR KeyName[ MAX_PATH ];
  1132. DWORD KeyNameLength;
  1133. WCHAR ClassName[ MAX_PATH ];
  1134. DWORD ClassNameLength;
  1135. DWORD NumberOfSubKeys;
  1136. DWORD MaxSubKeyLength;
  1137. DWORD MaxClassLength;
  1138. DWORD NumberOfValues;
  1139. DWORD MaxValueNameLength;
  1140. DWORD MaxValueDataLength;
  1141. DWORD SecurityDescriptorLength;
  1142. LPBYTE SecurityDescriptor = NULL;
  1143. FILETIME LastWriteTime;
  1144. DWORD disposition;
  1145. SECURITY_ATTRIBUTES securityAttributes;
  1146. ClassNameLength = MAX_PATH;
  1147. //
  1148. // Find out how many subKeys and values there are in the source key.
  1149. //
  1150. status = ScRegQueryInfoKeyW(
  1151. SourceKey,
  1152. ClassName,
  1153. &ClassNameLength,
  1154. NULL,
  1155. &NumberOfSubKeys,
  1156. &MaxSubKeyLength,
  1157. &MaxClassLength,
  1158. &NumberOfValues,
  1159. &MaxValueNameLength,
  1160. &MaxValueDataLength,
  1161. &SecurityDescriptorLength,
  1162. &LastWriteTime
  1163. );
  1164. if (status != NO_ERROR) {
  1165. SC_LOG1(ERROR, "ScCopyKeyRecursive: ScRegQueryInfoKey Failed %d\n",status);
  1166. return;
  1167. }
  1168. //
  1169. // If there is a security descriptor, attempt to copy it.
  1170. //
  1171. if (SecurityDescriptorLength != 0) {
  1172. SC_LOG2(BOOT,"ScCopyKeyRecursive: %ws Key Has Security Desc %d bytes\n",
  1173. DestKeyName,
  1174. SecurityDescriptorLength);
  1175. SecurityDescriptor = (LPBYTE)LocalAlloc(
  1176. LMEM_ZEROINIT,
  1177. SecurityDescriptorLength);
  1178. if (SecurityDescriptor == NULL) {
  1179. SC_LOG0(ERROR, "ScCopyKeyRecursive: Couldn't alloc memory for "
  1180. "Security Descriptor.\n");
  1181. }
  1182. else {
  1183. status = ScRegGetKeySecurity(
  1184. SourceKey,
  1185. CLONE_SECURITY_INFORMATION,
  1186. (PSECURITY_DESCRIPTOR)SecurityDescriptor,
  1187. &SecurityDescriptorLength);
  1188. if (status != NO_ERROR) {
  1189. SC_LOG1(ERROR, "ScCopyKeyRecursive: ScRegGetKeySecurity failed %d\n",
  1190. status);
  1191. LocalFree(SecurityDescriptor);
  1192. SecurityDescriptor = NULL;
  1193. }
  1194. else {
  1195. if (!IsValidSecurityDescriptor(SecurityDescriptor)) {
  1196. SC_LOG1(ERROR,"SecurityDescriptor for %ws is invalid\n",
  1197. DestKeyName);
  1198. LocalFree(SecurityDescriptor);
  1199. SecurityDescriptor = NULL;
  1200. }
  1201. }
  1202. }
  1203. }
  1204. securityAttributes.nLength = sizeof(SECURITY_ATTRIBUTES);
  1205. securityAttributes.lpSecurityDescriptor = SecurityDescriptor;
  1206. securityAttributes.bInheritHandle = FALSE;
  1207. //
  1208. // Create the Destination Key.
  1209. //
  1210. status = ScRegCreateKeyExW(
  1211. ParentKey, // hKey
  1212. DestKeyName, // lpSubKey
  1213. 0L, // dwTitleIndex
  1214. ClassName, // lpClass
  1215. 0, // ulOptions
  1216. SC_CREATE_KEY_ACCESS, // desired access
  1217. &securityAttributes, // lpSecurityAttributes (Secur Desc)
  1218. DestKeyPtr, // phkResult
  1219. &disposition); // lpulDisposition
  1220. LocalFree(SecurityDescriptor);
  1221. SecurityDescriptor = NULL;
  1222. if (status != NO_ERROR) {
  1223. SC_LOG1(ERROR,"ScCopyKeyRecursive, ScRegCreateKeyEx failed %d\n",status);
  1224. return;
  1225. }
  1226. //
  1227. // If there are values in the key and we have
  1228. // enough information to copy them, then do so
  1229. //
  1230. if (NumberOfValues > 0) {
  1231. //
  1232. // Copy Values to Dest Key
  1233. //
  1234. ScCopyKeyValues(
  1235. *DestKeyPtr,
  1236. SourceKey,
  1237. NumberOfValues,
  1238. MaxValueNameLength,
  1239. MaxValueDataLength);
  1240. }
  1241. //
  1242. // For each child key, create a new key in the destination tree.
  1243. // Then call ScCopyKeyRecursive (this routine) again with the two
  1244. // key handles.
  1245. //
  1246. for (i = 0; i < NumberOfSubKeys; i++) {
  1247. KeyNameLength = MAX_PATH;
  1248. status = ScRegEnumKeyW(
  1249. SourceKey,
  1250. i,
  1251. KeyName,
  1252. KeyNameLength);
  1253. if (status != NO_ERROR) {
  1254. SC_LOG1(ERROR,"ScCopyKeyRecursive, ScRegEnumKey failed %d\n",status);
  1255. return;
  1256. }
  1257. status = ScRegOpenKeyExW(
  1258. SourceKey,
  1259. KeyName,
  1260. REG_OPTION_RESERVED,
  1261. SC_COPY_KEY_ACCESS,
  1262. &SourceChildKey);
  1263. if (status != NO_ERROR) {
  1264. SC_LOG2(ERROR,"ScCopyKeyRecursive, ScRegOpenKeyEx (%ws) failed %d\n",
  1265. KeyName,
  1266. status);
  1267. return;
  1268. }
  1269. ScCopyKeyRecursive(*DestKeyPtr, &DestChildKey, SourceChildKey, KeyName);
  1270. ScRegCloseKey(DestChildKey);
  1271. ScRegCloseKey(SourceChildKey);
  1272. } // end-for
  1273. return;
  1274. }
  1275. VOID
  1276. ScCopyKeyValues(
  1277. HKEY DestKey,
  1278. HKEY SourceKey,
  1279. DWORD NumberOfValues,
  1280. DWORD MaxValueNameLength,
  1281. DWORD MaxValueDataLength
  1282. )
  1283. /*++
  1284. Routine Description:
  1285. This function copies all the values stored in the source key to
  1286. the destination key.
  1287. Arguments:
  1288. DestKey - This is the key handle for the destination key.
  1289. SourceKey - This is the key handle for the source key.
  1290. NumberOfValues - This is the number of values stored in the source
  1291. key.
  1292. MaxValueNameLength - This is the number of bytes of the largest name
  1293. for a data value.
  1294. MaxValueDataLength - This is the number of bytes in the largest data
  1295. value.
  1296. Return Value:
  1297. none - If it fails, the rest of the values will not get stored for
  1298. this key.
  1299. Note:
  1300. --*/
  1301. {
  1302. DWORD status;
  1303. DWORD i;
  1304. LPBYTE DataPtr = NULL;
  1305. LPWSTR ValueName = NULL;
  1306. DWORD ValueNameLength;
  1307. DWORD Type;
  1308. DWORD DataLength;
  1309. //
  1310. // Add extra onto the lengths because these lengths don't allow
  1311. // for the NULL terminator.
  1312. //
  1313. MaxValueNameLength += sizeof(TCHAR);
  1314. MaxValueDataLength += sizeof(TCHAR);
  1315. DataPtr = (LPBYTE)LocalAlloc(LMEM_FIXED, MaxValueDataLength);
  1316. if (DataPtr == NULL) {
  1317. SC_LOG1(ERROR,"ScCopyKeyValues, LocalAlloc Failed %d\n",GetLastError());
  1318. return;
  1319. }
  1320. ValueName = (LPWSTR)LocalAlloc(LMEM_FIXED, MaxValueNameLength);
  1321. if (ValueName == NULL) {
  1322. SC_LOG1(ERROR,"ScCopyKeyValues, LocalAlloc Failed %d\n",GetLastError());
  1323. LocalFree(DataPtr);
  1324. return;
  1325. }
  1326. for (i=0; i<NumberOfValues; i++) {
  1327. ValueNameLength = MaxValueNameLength;
  1328. DataLength = MaxValueDataLength;
  1329. status = ScRegEnumValueW (
  1330. SourceKey,
  1331. i,
  1332. ValueName,
  1333. &ValueNameLength,
  1334. NULL,
  1335. &Type,
  1336. DataPtr,
  1337. &DataLength);
  1338. if (status != NO_ERROR) {
  1339. SC_LOG1(ERROR,"ScCopyKeyValues,ScRegEnumValue Failed %d\n",status);
  1340. break;
  1341. }
  1342. status = ScRegSetValueExW (
  1343. DestKey,
  1344. ValueName,
  1345. 0L,
  1346. Type,
  1347. DataPtr,
  1348. DataLength);
  1349. if (status != NO_ERROR) {
  1350. SC_LOG1(ERROR,"ScCopyKeyValues,ScRegSetValueEx Failed %d\n",status);
  1351. break;
  1352. }
  1353. } // end-for
  1354. LocalFree(DataPtr);
  1355. LocalFree(ValueName);
  1356. return;
  1357. }
  1358. #endif
  1359. VOID
  1360. ScDeleteRegServiceEntry(
  1361. LPWSTR ServiceName
  1362. )
  1363. /*++
  1364. Routine Description:
  1365. Arguments:
  1366. Return Value:
  1367. --*/
  1368. {
  1369. DWORD status;
  1370. HKEY parentKey;
  1371. HKEY keyToDelete;
  1372. ULONG privileges[4];
  1373. LPWSTR ServicesKeyPath = SERVICES_KEY;
  1374. //*******************************
  1375. // Delete the registry node for
  1376. // This service.
  1377. //*******************************
  1378. privileges[0] = SE_BACKUP_PRIVILEGE;
  1379. privileges[1] = SE_RESTORE_PRIVILEGE;
  1380. privileges[2] = SE_SECURITY_PRIVILEGE;
  1381. privileges[3] = SE_TAKE_OWNERSHIP_PRIVILEGE;
  1382. status = ScGetPrivilege( 4, privileges);
  1383. if (status != NO_ERROR) {
  1384. SC_LOG1(ERROR, "ScDeleteRegServiceEntry: ScGetPrivilege Failed %d\n",
  1385. status);
  1386. return;
  1387. }
  1388. //
  1389. // Open the "services" section of the CurrentControlSet.
  1390. //
  1391. status = ScRegOpenKeyExW(
  1392. HKEY_LOCAL_MACHINE, // hKey
  1393. ServicesKeyPath, // lpSubKey
  1394. 0L, // ulOptions (reserved)
  1395. SC_DELETE_KEY_ACCESS, // desired access
  1396. &parentKey); // Newly Opened Key Handle
  1397. if (status != NO_ERROR) {
  1398. SC_LOG2(ERROR,"ScDeleteRegServiceEntry: "
  1399. "ScRegOpenKeyEx (%ws) failed %d\n",ServicesKeyPath,
  1400. status);
  1401. //
  1402. // Restore privileges for the current thread.
  1403. //
  1404. (VOID)ScReleasePrivilege();
  1405. return;
  1406. }
  1407. //
  1408. // Get Key for the Tree we are to delete
  1409. //
  1410. status = ScRegOpenKeyExW(
  1411. parentKey, // hKey
  1412. ServiceName, // lpSubKey
  1413. 0L, // ulOptions (reserved)
  1414. SC_DELETE_KEY_ACCESS, // desired access
  1415. &keyToDelete); // Newly Opened Key Handle
  1416. if (status != NO_ERROR) {
  1417. SC_LOG2(ERROR,"ScDeleteRegServiceEntry: "
  1418. "ScRegOpenKeyEx (%ws) failed %d\n",ServiceName,
  1419. status);
  1420. ScRegCloseKey(parentKey);
  1421. //
  1422. // Restore privileges for the current thread.
  1423. //
  1424. (VOID)ScReleasePrivilege();
  1425. return;
  1426. }
  1427. //
  1428. // Delete the Key.
  1429. // NOTE: ScDeleteRegTree will also close the handle to the keyToDelete.
  1430. //
  1431. ScDeleteRegTree(parentKey, keyToDelete, ServiceName);
  1432. ScRegCloseKey(parentKey);
  1433. //
  1434. // Restore privileges for the current thread.
  1435. //
  1436. (VOID)ScReleasePrivilege();
  1437. return;
  1438. }
  1439. VOID
  1440. ScGatherOrphanIds(
  1441. HKEY SystemKey,
  1442. LPDWORD *OrphanIdPtr,
  1443. LPDWORD idArray
  1444. )
  1445. /*++
  1446. Routine Description:
  1447. This function searches through the system key to find any orphan control
  1448. set ids. If any are found, they are packed into an array of ids that
  1449. are passed back to the caller.
  1450. NOTE: This function allocates memory for *OrphanIdPtr if orphans
  1451. exist. It is the responsibility of the caller to free this memory.
  1452. Arguments:
  1453. SystemKey - This is an open handle to the system key.
  1454. OrphanIdPtr - This is a pointer to a location for the pointer to
  1455. the array of Orphan IDs. If there are no orphans, then this pointer
  1456. is NULL on return from this routine.
  1457. idArray - This is the array of IDs that are used in the select key.
  1458. Return Value:
  1459. Note:
  1460. --*/
  1461. {
  1462. DWORD enumStatus;
  1463. DWORD status;
  1464. WCHAR KeyName[ MAX_PATH ];
  1465. DWORD KeyNameLength = MAX_PATH;
  1466. DWORD i=0;
  1467. DWORD j=0;
  1468. DWORD numOrphans=0;
  1469. DWORD num;
  1470. LPDWORD tempIdArray;
  1471. DWORD matchInArray;
  1472. WCHAR ClassName[ MAX_PATH ];
  1473. DWORD ClassNameLength=MAX_PATH;
  1474. DWORD NumberOfSubKeys;
  1475. DWORD MaxSubKeyLength;
  1476. DWORD MaxClassLength;
  1477. DWORD NumberOfValues;
  1478. DWORD MaxValueNameLength;
  1479. DWORD MaxValueDataLength;
  1480. DWORD SecurityDescriptorLength;
  1481. FILETIME LastWriteTime;
  1482. //
  1483. // If the pointer points to something - free it. and make the pointer
  1484. // NULL.
  1485. //
  1486. LocalFree(*OrphanIdPtr);
  1487. *OrphanIdPtr = NULL;
  1488. //
  1489. // Find out how many subkeys there are in the system key.
  1490. // This will tell us the maximum size of array required to store
  1491. // potential orphan control set IDs.
  1492. //
  1493. status = ScRegQueryInfoKeyW(
  1494. SystemKey,
  1495. ClassName,
  1496. &ClassNameLength,
  1497. NULL,
  1498. &NumberOfSubKeys,
  1499. &MaxSubKeyLength,
  1500. &MaxClassLength,
  1501. &NumberOfValues,
  1502. &MaxValueNameLength,
  1503. &MaxValueDataLength,
  1504. &SecurityDescriptorLength,
  1505. &LastWriteTime
  1506. );
  1507. if (status != NO_ERROR) {
  1508. SC_LOG1(ERROR, "ScGatherOrphanIds: ScRegQueryInfoKey Failed %d\n",status);
  1509. return;
  1510. }
  1511. //
  1512. // Allocate a buffer for the orphan control set IDs. This buffer is
  1513. // initialized to 0 to guanantee that the array if IDs will be terminated
  1514. // by a 0.
  1515. //
  1516. tempIdArray = (LPDWORD)LocalAlloc(LMEM_ZEROINIT, sizeof(DWORD) * (NumberOfSubKeys+1));
  1517. if (tempIdArray == NULL) {
  1518. SC_LOG0(ERROR, "ScGatherOrphanIds:LocalAlloc Failed\n");
  1519. }
  1520. do {
  1521. enumStatus = ScRegEnumKeyW(
  1522. SystemKey,
  1523. i,
  1524. KeyName,
  1525. KeyNameLength);
  1526. if (enumStatus == NO_ERROR) {
  1527. //
  1528. // We have a key name, is it a control set?
  1529. //
  1530. if ((wcslen(KeyName) == (CTRL_SET_NAME_CHAR_COUNT)) &&
  1531. (!wcsncmp(
  1532. CTRL_SET_NAME_TEMPLATE,
  1533. KeyName,
  1534. CTRL_SET_NAME_NUM_OFFSET))) {
  1535. //
  1536. // It appears to be a control set, now get the number
  1537. // and see if it is in the array of ids from the select
  1538. // key.
  1539. //
  1540. num = (DWORD)_wtol(KeyName+CTRL_SET_NAME_NUM_OFFSET);
  1541. matchInArray = FALSE;
  1542. for (j=0; j<NUM_IDS; j++) {
  1543. if (num == idArray[j]) {
  1544. matchInArray = TRUE;
  1545. break;
  1546. }
  1547. }
  1548. //
  1549. // It's not in the array of ids from the select key.
  1550. // Add it to the number of orphans.
  1551. //
  1552. if ((matchInArray == FALSE) && (num < 1000)) {
  1553. if (numOrphans < NumberOfSubKeys) {
  1554. tempIdArray[numOrphans] = num;
  1555. numOrphans++;
  1556. }
  1557. }
  1558. }
  1559. }
  1560. i++;
  1561. }
  1562. while (enumStatus == NO_ERROR);
  1563. if (numOrphans > 0) {
  1564. *OrphanIdPtr = tempIdArray;
  1565. }
  1566. else {
  1567. *OrphanIdPtr = NULL;
  1568. LocalFree(tempIdArray);
  1569. }
  1570. return;
  1571. }
  1572. VOID
  1573. ScDeleteCtrlSetOrphans(
  1574. VOID
  1575. )
  1576. /*++
  1577. Routine Description:
  1578. This function deletes orphaned control sets if any exist. The control
  1579. set numbers for these orphaned sets are pointed to by a global
  1580. memory pointer. If this pointer is non-null, then there are control sets
  1581. to delete. After deletion, the memory pointed to by this pointer is
  1582. freed.
  1583. NOTE: The necessary privileges are expected to be held prior to calling
  1584. this function.
  1585. Arguments:
  1586. none
  1587. Return Value:
  1588. none
  1589. --*/
  1590. {
  1591. DWORD status;
  1592. DWORD i;
  1593. HKEY systemKey;
  1594. HKEY keyToDelete;
  1595. LPWSTR SystemKeyPath = SYSTEM_KEY;
  1596. WCHAR nameOfKeyToDelete[CTRL_SET_NAME_CHAR_COUNT+1];
  1597. if (ScGlobalOrphanIds != NULL) {
  1598. //
  1599. // Open the SYSTEM key in the registry.
  1600. //
  1601. status = ScRegOpenKeyExW(
  1602. HKEY_LOCAL_MACHINE, // hKey
  1603. SystemKeyPath, // lpSubKey
  1604. 0L, // ulOptions (reserved)
  1605. SC_DELETE_KEY_ACCESS, // desired access
  1606. &systemKey); // Newly Opened Key Handle
  1607. if (status != NO_ERROR) {
  1608. SC_LOG2(ERROR,"ScDeleteCtrlSetOrphans: "
  1609. "ScRegOpenKeyEx (%ws) failed %d\n",SystemKeyPath,
  1610. status);
  1611. return;
  1612. }
  1613. for (i=0; ScGlobalOrphanIds[i]!=0; i++) {
  1614. //
  1615. // Use the ID number to get the name and key handle for the
  1616. // KeyToDelete.
  1617. //
  1618. keyToDelete = ScGetCtrlSetHandle(
  1619. systemKey,
  1620. ScGlobalOrphanIds[i],
  1621. nameOfKeyToDelete);
  1622. //
  1623. // Delete the entire tree. Then go onto the next ID.
  1624. //
  1625. SC_LOG1(TRACE,
  1626. "ScDeleteCtrlSetOrphans, Delete orphan control set %d\n",
  1627. ScGlobalOrphanIds[i]);
  1628. ScDeleteRegTree(systemKey, keyToDelete, nameOfKeyToDelete);
  1629. SC_LOG0(TRACE,"ScDeleteCtrlSetOrphans, Finished Deleting orphan control set\n");
  1630. }
  1631. //
  1632. // Free memory for IDs, and set the global pointer to NULL.
  1633. //
  1634. LocalFree(ScGlobalOrphanIds);
  1635. ScGlobalOrphanIds = NULL;
  1636. }
  1637. return;
  1638. }
  1639. BOOL
  1640. ScMatchInArray(
  1641. DWORD Value,
  1642. LPDWORD Array
  1643. )
  1644. /*++
  1645. Routine Description:
  1646. This function scans through a null terminated array of DWORDs looking
  1647. for a match with the DWORD value that is passed in.
  1648. Arguments:
  1649. Value - The DWORD value that we are looking for.
  1650. Array - The pointer to the Array of DWORDs that we are scanning through.
  1651. Return Value:
  1652. TRUE - If a the Value is found in the Array.
  1653. FALSE - If it is not found.
  1654. --*/
  1655. {
  1656. DWORD i;
  1657. if (Array != NULL) {
  1658. for(i=0; Array[i] != 0; i++) {
  1659. if (Value == Array[i]) {
  1660. return(TRUE);
  1661. }
  1662. }
  1663. }
  1664. return(FALSE);
  1665. }
  1666. VOID
  1667. ScStartCtrlSetCleanupThread(
  1668. )
  1669. /*++
  1670. Routine Description:
  1671. This function starts a thread that will delete delete any orphaned control sets.
  1672. Arguments:
  1673. NONE.
  1674. Return Value:
  1675. none
  1676. --*/
  1677. {
  1678. DWORD status;
  1679. HANDLE threadHandle;
  1680. DWORD threadId;
  1681. threadHandle = CreateThread (
  1682. NULL, // Thread Attributes.
  1683. 0L, // Stack Size
  1684. (LPTHREAD_START_ROUTINE)ScCleanupThread,// lpStartAddress
  1685. (LPVOID)0L, // lpParameter
  1686. 0L, // Creation Flags
  1687. &threadId); // lpThreadId
  1688. if (threadHandle == (HANDLE) NULL) {
  1689. SC_LOG1(ERROR,"ScStartCtrlSetCleanupThread:CreateThread failed %d\n",
  1690. GetLastError());
  1691. //
  1692. // If we couldn't create the thread for some reason, then just
  1693. // go ahead and to the cleanup with this thread. This may make
  1694. // booting the system slow, but it's the best I can do.
  1695. //
  1696. status = ScCleanupThread();
  1697. }
  1698. else {
  1699. CloseHandle(threadHandle);
  1700. }
  1701. }
  1702. DWORD
  1703. ScCleanupThread(
  1704. )
  1705. /*++
  1706. Routine Description:
  1707. This functions looks through the system key to see if
  1708. there are any orphan control sets to delete. If found, the orphans
  1709. are deleted. Orphaned control sets are control sets that exist in
  1710. the system key, but are not referenced in the \system\select key.
  1711. NOTE: This function should only be called when no other threads are
  1712. creating control sets. Otherwise, this function may see a new control
  1713. set that is not yet in the select key, and attempt to delete it.
  1714. Arguments:
  1715. NONE.
  1716. Return Value:
  1717. none.
  1718. --*/
  1719. {
  1720. DWORD status;
  1721. HKEY systemKey=0;
  1722. HKEY selectKey=0;
  1723. DWORD idArray[NUM_IDS];
  1724. ULONG privileges[4];
  1725. //
  1726. // This thread gets SE_SECURITY_PRIVILEGE for copying security
  1727. // descriptors and deleting keys.
  1728. //
  1729. privileges[0] = SE_BACKUP_PRIVILEGE;
  1730. privileges[1] = SE_RESTORE_PRIVILEGE;
  1731. privileges[2] = SE_SECURITY_PRIVILEGE;
  1732. privileges[3] = SE_TAKE_OWNERSHIP_PRIVILEGE;
  1733. status = ScGetPrivilege( 4, privileges);
  1734. if (status != NO_ERROR) {
  1735. SC_LOG1(ERROR, "ScCheckLastKnownGood: ScGetPrivilege Failed %d\n",
  1736. status);
  1737. return(FALSE);
  1738. }
  1739. EnterCriticalSection(&ScBootConfigCriticalSection);
  1740. //
  1741. // Get the System, Select, and Clone Keys
  1742. //
  1743. status = ScGetTopKeys(&systemKey, &selectKey);
  1744. if (status != NO_ERROR) {
  1745. SC_LOG0(ERROR,"ScCleanupThread: ScGetTopKeys failed\n");
  1746. LeaveCriticalSection(&ScBootConfigCriticalSection);
  1747. goto CleanExit;
  1748. }
  1749. //
  1750. // Get the ControlSetIds stored in the \system\select key.
  1751. //
  1752. status = ScGetCtrlSetIds(
  1753. selectKey,
  1754. idArray);
  1755. if (status != NO_ERROR) {
  1756. SC_LOG0(ERROR,"ScCleanupThread: ScGetCtrlSetIds Failed\n");
  1757. LeaveCriticalSection(&ScBootConfigCriticalSection);
  1758. goto CleanExit;
  1759. }
  1760. //
  1761. // Scan for Orphaned Control Sets.
  1762. //
  1763. ScGatherOrphanIds(systemKey,&ScGlobalOrphanIds,idArray);
  1764. LeaveCriticalSection(&ScBootConfigCriticalSection);
  1765. if (ScGlobalOrphanIds != NULL) {
  1766. ScDeleteCtrlSetOrphans();
  1767. }
  1768. CleanExit:
  1769. if (systemKey != 0) {
  1770. ScRegCloseKey(systemKey);
  1771. }
  1772. if (selectKey != 0) {
  1773. ScRegCloseKey(selectKey);
  1774. }
  1775. (VOID)ScReleasePrivilege();
  1776. return(0);
  1777. }
  1778. VOID
  1779. ScRunAcceptBootPgm(
  1780. VOID
  1781. )
  1782. /*++
  1783. Routine Description:
  1784. This function is called after the Service Controller has finished
  1785. auto-starting all the auto-start services. If the boot has already
  1786. been accepted (for instance, WinLogon already called
  1787. NotifyBootConfigStatus()), then at this point we can accept the boot.
  1788. If the boot has not yet been accepted, this function looks in the
  1789. ACCEPT_BOOT_KEY portion of the registry to
  1790. see if there is a value containing the image path of the boot verify
  1791. program to execute. The program can have any name or path. If it
  1792. is in the registry, this function will run it.
  1793. This function is called when the service controller thinks that the
  1794. boot has completed successfully. It is up to the exec'd program
  1795. to decide if this is true or not, and take appropriate action if
  1796. necessary. The default boot verify program will simply accept the
  1797. boot as is.
  1798. Arguments:
  1799. none
  1800. Return Value:
  1801. none
  1802. --*/
  1803. {
  1804. DWORD status;
  1805. LPWSTR AcceptBootKeyPath = ACCEPT_BOOT_KEY;
  1806. HKEY AcceptBootKey;
  1807. DWORD ValueType;
  1808. LPWSTR pTempImagePath;
  1809. LPWSTR pImagePath;
  1810. PROCESS_INFORMATION processInfo;
  1811. STARTUPINFOW StartupInfo;
  1812. DWORD bufferSize;
  1813. DWORD charCount;
  1814. //
  1815. // Check to see if the boot has already been accepted.
  1816. //
  1817. EnterCriticalSection(&ScBootConfigCriticalSection);
  1818. ScGlobalLastKnownGood |= AUTO_START_DONE;
  1819. if (ScGlobalLastKnownGood & ACCEPT_DEFERRED) {
  1820. SC_LOG0(BOOT,"ScRunAcceptBootPgm: Boot Acceptance was deferred. Accept "
  1821. "it now\n");
  1822. ScAcceptTheBoot();
  1823. LeaveCriticalSection(&ScBootConfigCriticalSection);
  1824. return;
  1825. }
  1826. LeaveCriticalSection(&ScBootConfigCriticalSection);
  1827. //
  1828. // Open the \CurrentControlSet\Control\AcceptBootPgm Key
  1829. //
  1830. //
  1831. // Get the System Key
  1832. //
  1833. status = ScRegOpenKeyExW(
  1834. HKEY_LOCAL_MACHINE, // hKey
  1835. AcceptBootKeyPath, // lpSubKey
  1836. 0L, // ulOptions (reserved)
  1837. KEY_READ, // desired access
  1838. &AcceptBootKey); // Newly Opened Key Handle
  1839. if (status != NO_ERROR) {
  1840. SC_LOG2(TRACE,"ScRunAcceptBootPgm: ScRegOpenKeyEx (%ws) failed %d\n",
  1841. AcceptBootKeyPath, status);
  1842. return;
  1843. }
  1844. //
  1845. // If the ImagePath value is there, then run the specified
  1846. // program.
  1847. //
  1848. bufferSize = MAX_PATH * sizeof(WCHAR);
  1849. pTempImagePath = (LPWSTR)LocalAlloc(LMEM_FIXED, bufferSize*2);
  1850. if (pTempImagePath == NULL) {
  1851. SC_LOG0(TRACE,"ScRunAcceptBootPgm,LocalAlloc failed \n");
  1852. return;
  1853. }
  1854. pImagePath = pTempImagePath + MAX_PATH;
  1855. status = ScRegQueryValueExW (
  1856. AcceptBootKey, // hKey
  1857. IMAGE_PATH_NAME, // lpValueName
  1858. NULL, // lpTitleIndex
  1859. &ValueType, // lpType
  1860. (LPBYTE)pTempImagePath, // lpData
  1861. &bufferSize); // lpcbData
  1862. if (status != NO_ERROR) {
  1863. SC_LOG1(TRACE,"ScRunAcceptBootPgm,ScRegQueryValueEx failed %d\n",status);
  1864. ScRegCloseKey(AcceptBootKey);
  1865. LocalFree(pTempImagePath);
  1866. return;
  1867. }
  1868. SC_LOG1(TRACE,"ScRunAcceptBootPgm:Executing the %ws program\n",pTempImagePath);
  1869. if ((ValueType == REG_SZ) ||
  1870. (ValueType == REG_EXPAND_SZ)) {
  1871. if (ValueType == REG_EXPAND_SZ) {
  1872. charCount = ExpandEnvironmentStringsW (
  1873. pTempImagePath,
  1874. pImagePath,
  1875. MAX_PATH);
  1876. if (charCount > MAX_PATH) {
  1877. SC_LOG0(ERROR,"ScRunAcceptBootPgm: ImagePath is too big\n");
  1878. LocalFree(pTempImagePath);
  1879. return;
  1880. }
  1881. }
  1882. else {
  1883. pImagePath = pTempImagePath;
  1884. }
  1885. //
  1886. // Exec the program.
  1887. //
  1888. StartupInfo.cb = sizeof(STARTUPINFOW); // size
  1889. StartupInfo.lpReserved = NULL; // lpReserved
  1890. StartupInfo.lpDesktop = NULL; // DeskTop
  1891. StartupInfo.lpTitle = NULL; // Title
  1892. StartupInfo.dwX = 0; // X (position)
  1893. StartupInfo.dwY = 0; // Y (position)
  1894. StartupInfo.dwXSize = 0; // XSize (dimension)
  1895. StartupInfo.dwYSize = 0; // YSize (dimension)
  1896. StartupInfo.dwXCountChars = 0; // XCountChars
  1897. StartupInfo.dwYCountChars = 0; // YCountChars
  1898. StartupInfo.dwFillAttribute = 0; // FillAttributes
  1899. StartupInfo.dwFlags = STARTF_FORCEOFFFEEDBACK;
  1900. // Flags - should be STARTF_TASKNOTCLOSABLE
  1901. StartupInfo.wShowWindow = SW_HIDE; // ShowWindow
  1902. StartupInfo.cbReserved2 = 0L; // cbReserved
  1903. StartupInfo.lpReserved2 = NULL; // lpReserved
  1904. if (!CreateProcessW (
  1905. pImagePath, // Fully qualified image name
  1906. L"", // Command Line
  1907. NULL, // Process Attributes
  1908. NULL, // Thread Attributes
  1909. FALSE, // Inherit Handles
  1910. DETACHED_PROCESS, // Creation Flags
  1911. NULL, // Pointer to Environment block
  1912. NULL, // Pointer to Current Directory
  1913. &StartupInfo, // Startup Info
  1914. &processInfo)) // ProcessInformation
  1915. {
  1916. status = GetLastError();
  1917. SC_LOG1(ERROR,
  1918. "ScRunAcceptBootPgm: CreateProcess failed " FORMAT_DWORD "\n",
  1919. status);
  1920. }
  1921. }
  1922. LocalFree(pTempImagePath);
  1923. ScRegCloseKey(AcceptBootKey);
  1924. return;
  1925. }
  1926. DWORD
  1927. ScAcceptTheBoot(
  1928. VOID
  1929. )
  1930. /*++
  1931. Routine Description:
  1932. This function does the actual work of accepting the current boot as
  1933. the LKG configuration.
  1934. NOTE: Before the function is called, the ScBootConfigCriticalSection
  1935. is expected to be entered.
  1936. Arguments:
  1937. Return Value:
  1938. --*/
  1939. {
  1940. DWORD status;
  1941. HKEY systemKey=0;
  1942. HKEY selectKey=0;
  1943. DWORD idArray[NUM_IDS];
  1944. DWORD newId;
  1945. ULONG privileges[4];
  1946. //
  1947. // This thread gets SE_SECURITY_PRIVILEGE for copying security
  1948. // descriptors and deleting keys.
  1949. //
  1950. privileges[0] = SE_BACKUP_PRIVILEGE;
  1951. privileges[1] = SE_RESTORE_PRIVILEGE;
  1952. privileges[2] = SE_SECURITY_PRIVILEGE;
  1953. privileges[3] = SE_TAKE_OWNERSHIP_PRIVILEGE;
  1954. status = ScGetPrivilege( 4, privileges);
  1955. if (status != NO_ERROR) {
  1956. SC_LOG1(ERROR, "RNotifyBootConfigStatus: ScGetPrivilege Failed %d\n",
  1957. status);
  1958. return(status);
  1959. }
  1960. //
  1961. // Get the System, Select, and Clone Keys
  1962. //
  1963. status = ScGetTopKeys(&systemKey, &selectKey);
  1964. if (status != NO_ERROR) {
  1965. SC_LOG0(ERROR,"ScAcceptTheBoot: ScGetTopKeys failed\n");
  1966. SetLastError(status);
  1967. //
  1968. // Restore privileges for the current thread.
  1969. //
  1970. (VOID)ScReleasePrivilege();
  1971. return(status);
  1972. }
  1973. //
  1974. // Get the ControlSetIds stored in the \system\select key.
  1975. //
  1976. status = ScGetCtrlSetIds(
  1977. selectKey,
  1978. idArray);
  1979. if (status != NO_ERROR) {
  1980. SC_LOG0(ERROR,"ScAcceptTheBoot: ScGetCtrlSetIds Failed\n");
  1981. goto CleanExit;
  1982. }
  1983. //
  1984. // Don't commit the LKG profile if this is safe mode, unless we actually
  1985. // booted into the LKG profile.
  1986. //
  1987. if (g_SafeBootEnabled) {
  1988. if (idArray[LKG_ID] != idArray[CURRENT_ID]) {
  1989. ScGlobalBootAccepted = TRUE;
  1990. status = NO_ERROR;
  1991. SC_LOG0(TRACE,"ScAcceptTheBoot: Safe mode boot, not committing LKG\n");
  1992. goto CleanExit;
  1993. }
  1994. }
  1995. //
  1996. // Scan for Orphaned Control Sets.
  1997. // This is required prior to calling ScMakeNewCtrlSet (which
  1998. // avoids the orphaned numbers).
  1999. //
  2000. ScGatherOrphanIds(systemKey,&ScGlobalOrphanIds,idArray);
  2001. //
  2002. // Delete the LastKnownGood ControlSet if there are no other
  2003. // references to that control set.
  2004. //
  2005. SC_LOG0(TRACE,"ScAcceptTheBoot: Delete LKG ControlSet if no ref\n");
  2006. if ( (idArray[LKG_ID] != idArray[FAILED_ID]) &&
  2007. (idArray[LKG_ID] != idArray[DEFAULT_ID]) &&
  2008. (idArray[LKG_ID] != idArray[CURRENT_ID])) {
  2009. newId = idArray[LKG_ID];
  2010. }
  2011. else
  2012. {
  2013. status = ScGetNewCtrlSetId(idArray, &newId);
  2014. if(status != NO_ERROR)
  2015. {
  2016. SC_LOG0(ERROR, "ScAcceptTheBoot: Could Not Get New Control Set Id.\n");
  2017. goto CleanExit;
  2018. }
  2019. }
  2020. //
  2021. // Accept the boot and save the boot configuration as LKG.
  2022. //
  2023. status = RtlNtStatusToDosError(NtInitializeRegistry(REG_INIT_BOOT_ACCEPTED_BASE +
  2024. (USHORT)newId));
  2025. if(status != NO_ERROR)
  2026. {
  2027. SC_LOG1(ERROR, "ScAcceptTheBoot: NtInitializeRegistry Failed with %d",
  2028. status);
  2029. goto CleanExit;
  2030. }
  2031. //
  2032. // Make this control set the LastKnownGood Control Set.
  2033. // This is the ControlSet that we last booted from.
  2034. //
  2035. if(newId != idArray[LKG_ID])
  2036. {
  2037. //
  2038. // We only need to do anything if we did not overwrite the old LKG
  2039. // with NtInitializeRegistry.
  2040. //
  2041. idArray[LKG_ID] = newId;
  2042. status = ScRegSetValueExW(
  2043. selectKey, // hKey
  2044. LKG_VALUE_NAME, // lpValueName
  2045. 0, // dwValueTitle (OPTIONAL)
  2046. REG_DWORD, // dwType
  2047. (LPBYTE)&(idArray[LKG_ID]), // lpData
  2048. sizeof(DWORD)); // cbData
  2049. if (status != NO_ERROR) {
  2050. SC_LOG1(ERROR,"ScAcceptTheBoot: ScRegSetValueEx (LkgValue) failed %d\n",
  2051. status);
  2052. goto CleanExit;
  2053. }
  2054. }
  2055. //
  2056. // Commit this boot by deleting anything we would undo since previous boot.
  2057. //
  2058. status = ScLastGoodFileCleanup();
  2059. if (status != NO_ERROR) {
  2060. SC_LOG1(ERROR,"ScAcceptTheBoot: LastGoodFileCleanup failed %d\n",
  2061. status);
  2062. goto CleanExit;
  2063. }
  2064. ScGlobalBootAccepted = TRUE;
  2065. status = NO_ERROR;
  2066. SC_LOG0(TRACE,"ScAcceptTheBoot: Done\n");
  2067. CleanExit:
  2068. if (systemKey != 0) {
  2069. ScRegCloseKey(systemKey);
  2070. }
  2071. if (selectKey != 0) {
  2072. ScRegCloseKey(selectKey);
  2073. }
  2074. //
  2075. // Restore privileges for the current thread.
  2076. //
  2077. (VOID)ScReleasePrivilege();
  2078. return(status);
  2079. }
  2080. BOOL
  2081. SetupInProgress(
  2082. HKEY SystemKey,
  2083. PBOOL pfIsOOBESetup OPTIONAL
  2084. )
  2085. /*++
  2086. Routine Description:
  2087. Checks a registry location to determine if Setup is in Progress.
  2088. \HKEY_LOCAL_MACHINE\System\Setup
  2089. value=DWORD SystemSetupInProgress
  2090. The value is cached so that the registry is examined only on the
  2091. first call to this function.
  2092. Arguments:
  2093. SystemKey - open handle to HKEY_LOCAL_MACHINE\System.
  2094. This is ignored in all except the first call to this function.
  2095. Return Value:
  2096. TRUE - If Setup is in progress
  2097. FALSE - If Setup isn't in progress
  2098. --*/
  2099. {
  2100. static DWORD TheValue=0xffffffff; // 0=false, 1=true,
  2101. // 0xffffffff=uninitialized
  2102. static DWORD IsOOBE;
  2103. DWORD status=NO_ERROR;
  2104. DWORD BytesRequired = sizeof(TheValue);
  2105. HKEY KeyHandle;
  2106. if (TheValue == 0xffffffff)
  2107. {
  2108. //
  2109. // First call
  2110. //
  2111. SC_ASSERT(SystemKey != NULL);
  2112. TheValue = 0;
  2113. IsOOBE = 0;
  2114. status = ScRegOpenKeyExW(
  2115. SystemKey,
  2116. SETUP_PROG_KEY,
  2117. 0L,
  2118. KEY_READ,
  2119. &KeyHandle);
  2120. if (status == NO_ERROR)
  2121. {
  2122. //
  2123. // There are two registry values that may be set here:
  2124. //
  2125. // 1. OobeInProgress -- if it exists and is non-zero,
  2126. // this is an OOBE boot.
  2127. //
  2128. // 2. SystemSetupInProgress -- if it exists and is
  2129. // non-zero AND it's not an OOBE boot, it's
  2130. // GUI-mode setup. If OOBE's in progress,
  2131. // don't even bother checking this one (it may
  2132. // or may not be set depending on whether we're
  2133. // in retail OOBE or mini-setup OOBE) and return
  2134. // FALSE from SetupInProgress (along with the
  2135. // appropriate OOBE value).
  2136. //
  2137. status = ScRegQueryValueExW(
  2138. KeyHandle,
  2139. REGSTR_VALUE_OOBEINPROGRESS,
  2140. NULL,
  2141. NULL,
  2142. (LPBYTE) &IsOOBE,
  2143. &BytesRequired);
  2144. if (IsOOBE != 0)
  2145. {
  2146. SC_ASSERT(status == NO_ERROR);
  2147. IsOOBE = 1;
  2148. }
  2149. if (IsOOBE == 0)
  2150. {
  2151. status = ScRegQueryValueExW(
  2152. KeyHandle,
  2153. SETUP_PROG_VALUE_NAME,
  2154. NULL,
  2155. NULL,
  2156. (LPBYTE) &TheValue,
  2157. &BytesRequired);
  2158. if (TheValue != 0)
  2159. {
  2160. SC_ASSERT(status == NO_ERROR);
  2161. TheValue = 1;
  2162. }
  2163. }
  2164. ScRegCloseKey(KeyHandle);
  2165. }
  2166. }
  2167. SC_LOG(TRACE,"SetupInProgress = %d (0=FALSE,else TRUE)\n",TheValue);
  2168. if (pfIsOOBESetup)
  2169. {
  2170. SC_LOG(TRACE, "SetupInProgress: IsOOBE = %d (0=FALSE,else TRUE)\n", IsOOBE);
  2171. *pfIsOOBESetup = IsOOBE;
  2172. }
  2173. return TheValue;
  2174. }