|
|
/*++
Copyright (c) 1992 Microsoft Corporation
Module Name:
SeInfo.c
Abstract:
This module implements the Security Information routines for MSFS There are two entry points MsFsdQueryInformation and MsFsdSetInformation.
Author:
Manny Weiser [mannyw] 19-Feb-1992
Revision History:
--*/
#include "mailslot.h"
//
// The debug trace level
//
#define Dbg (DEBUG_TRACE_SEINFO)
//
// local procedure prototypes
//
NTSTATUSMsCommonQuerySecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp );
NTSTATUSMsCommonSetSecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp );
#ifdef ALLOC_PRAGMA
#pragma alloc_text( PAGE, MsCommonQuerySecurityInfo )
#pragma alloc_text( PAGE, MsCommonSetSecurityInfo )
#pragma alloc_text( PAGE, MsFsdQuerySecurityInfo )
#pragma alloc_text( PAGE, MsFsdSetSecurityInfo )
#endif
�NTSTATUSMsFsdQuerySecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp )
/*++
Routine Description:
This routine implements the FSD part of the Query Security Information API calls.
Arguments:
MsfsDeviceObject - Supplies the device object to use.
Irp - Supplies the Irp being processed
Return Value:
NTSTATUS - The Fsd status for the Irp
--*/
{ NTSTATUS status;
PAGED_CODE(); DebugTrace(+1, Dbg, "MsFsdQuerySecurityInfo\n", 0);
//
// Call the common Query Information routine.
//
FsRtlEnterFileSystem();
status = MsCommonQuerySecurityInfo( MsfsDeviceObject, Irp );
FsRtlExitFileSystem();
//
// And return to our caller
//
DebugTrace(-1, Dbg, "MsFsdQuerySecurityInfo -> %08lx\n", status );
return status;}
�NTSTATUSMsFsdSetSecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp )
/*++
Routine Description:
This routine implements the FSD part of the Set Security Information API calls.
Arguments:
MsfsDeviceObject - Supplies the device object to use.
Irp - Supplies the Irp being processed
Return Value:
NTSTATUS - The Fsd status for the Irp
--*/
{ NTSTATUS status;
PAGED_CODE(); DebugTrace(+1, Dbg, "MsFsdSetSecurityInfo\n", 0);
//
// Call the common Set Information routine.
//
FsRtlEnterFileSystem();
status = MsCommonSetSecurityInfo( MsfsDeviceObject, Irp );
FsRtlExitFileSystem();
//
// And return to our caller
//
DebugTrace(-1, Dbg, "MsFsdSetSecurityInfo -> %08lx\n", status );
return status;}�//
// Internal support routine
//
NTSTATUSMsCommonQuerySecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp )
/*++
Routine Description:
This is the common routine for querying security information.
Arguments:
Irp - Supplies the Irp to process
Return Value:
NTSTATUS - the return status for the operation
--*/
{ PIO_STACK_LOCATION irpSp; NTSTATUS status;
NODE_TYPE_CODE nodeTypeCode; PFCB fcb; PVOID fsContext2;
PAGED_CODE();
//
// Get the current stack location
//
irpSp = IoGetCurrentIrpStackLocation( Irp );
DebugTrace(+1, Dbg, "MsCommonQuerySecurityInfo...\n", 0); DebugTrace( 0, Dbg, " Irp = %08lx\n", Irp); DebugTrace( 0, Dbg, " ->SecurityInformation = %08lx\n", irpSp->Parameters.QuerySecurity.SecurityInformation); DebugTrace( 0, Dbg, " ->Length = %08lx\n", irpSp->Parameters.QuerySecurity.Length); DebugTrace( 0, Dbg, " ->UserBuffer = %08lx\n", Irp->UserBuffer);
//
// Get the Fcb and figure out who we are, and make sure we're not
// disconnected.
//
if ((nodeTypeCode = MsDecodeFileObject( irpSp->FileObject, &fcb, &fsContext2 )) != MSFS_NTC_FCB) {
DebugTrace(0, Dbg, "Mailslot is disconnected from us\n", 0);
if (nodeTypeCode != NTC_UNDEFINED) { MsDereferenceNode( &fcb->Header ); }
MsCompleteRequest( Irp, STATUS_FILE_FORCED_CLOSED ); status = STATUS_FILE_FORCED_CLOSED;
DebugTrace(-1, Dbg, "MsCommonQueryInformation -> %08lx\n", status ); return status; }
//
// Acquire exclusive access to the FCB.
//
MsAcquireSharedFcb( fcb );
//
// Call the security routine to do the actual query
//
status = SeQuerySecurityDescriptorInfo( &irpSp->Parameters.QuerySecurity.SecurityInformation, Irp->UserBuffer, &irpSp->Parameters.QuerySecurity.Length, &fcb->SecurityDescriptor );
MsReleaseFcb( fcb );
MsDereferenceFcb( fcb ); //
// Finish up the IRP.
//
MsCompleteRequest( Irp, status );
DebugTrace(-1, Dbg, "MsCommonQuerySecurityInfo -> %08lx\n", status );
return status;}
�NTSTATUSMsCommonSetSecurityInfo ( IN PMSFS_DEVICE_OBJECT MsfsDeviceObject, IN PIRP Irp )
/*++
Routine Description:
This is the common routine for Setting security information.
Arguments:
Irp - Supplies the Irp to process
Return Value:
NTSTATUS - the return status for the operation
--*/
{ PIO_STACK_LOCATION irpSp; NTSTATUS status;
NODE_TYPE_CODE nodeTypeCode; PFCB fcb; PVOID fsContext2; PSECURITY_DESCRIPTOR OldSecurityDescriptor;
PAGED_CODE();
//
// Get the current stack location
//
irpSp = IoGetCurrentIrpStackLocation( Irp );
DebugTrace(+1, Dbg, "MsCommonSetSecurityInfo...\n", 0); DebugTrace( 0, Dbg, " Irp = %08lx\n", Irp); DebugTrace( 0, Dbg, " ->SecurityInformation = %08lx\n", irpSp->Parameters.SetSecurity.SecurityInformation); DebugTrace( 0, Dbg, " ->SecurityDescriptor = %08lx\n", irpSp->Parameters.SetSecurity.SecurityDescriptor);
//
// Get the FCB and figure out who we are, and make sure we're not
// disconnected.
//
if ((nodeTypeCode = MsDecodeFileObject( irpSp->FileObject, &fcb, &fsContext2 )) != MSFS_NTC_FCB) {
DebugTrace(0, Dbg, "Invalid handle\n", 0);
if (nodeTypeCode != NTC_UNDEFINED) { MsDereferenceNode( &fcb->Header ); } MsCompleteRequest( Irp, STATUS_INVALID_HANDLE ); status = STATUS_INVALID_HANDLE;
DebugTrace(-1, Dbg, "MsCommonQueryInformation -> %08lx\n", status ); return status; }
//
// Acquire exclusive access to the FCB
//
MsAcquireExclusiveFcb( fcb );
//
// Call the security routine to do the actual set
//
OldSecurityDescriptor = fcb->SecurityDescriptor;
status = SeSetSecurityDescriptorInfo( NULL, &irpSp->Parameters.SetSecurity.SecurityInformation, irpSp->Parameters.SetSecurity.SecurityDescriptor, &fcb->SecurityDescriptor, PagedPool, IoGetFileObjectGenericMapping() );
if (NT_SUCCESS(status)) { ExFreePool( OldSecurityDescriptor ); }
MsReleaseFcb( fcb ); MsDereferenceFcb( fcb );
//
// Finish up the IRP.
//
MsCompleteRequest( Irp, status );
DebugTrace(-1, Dbg, "MsCommonSetSecurityInfo -> %08lx\n", status );
return status;}
|
