archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/fs/npfs/seinfo.c

390 lines
8.5 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. SeInfo.c
  9. Abstract:
  11. This module implements the Security Info routines for NPFS called by the
  12. dispatch driver. There are two entry points NpFsdQueryInformation
  13. and NpFsdSetInformation.
  15. Author:
  17. Gary Kimura [GaryKi] 21-Aug-1990
  19. Revision History:
  21. --*/
  23. #include "NpProcs.h"
  25. //
  26. // The debug trace level
  27. //
  29. #define Dbg (DEBUG_TRACE_SEINFO)
  31. //
  32. // local procedure prototypes
  33. //
  35. NTSTATUS
  36. NpCommonQuerySecurityInfo (
  37. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  38. IN PIRP Irp
  39. );
  42. NTSTATUS
  43. NpCommonSetSecurityInfo (
  44. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  45. IN PIRP Irp
  46. );
  48. #ifdef ALLOC_PRAGMA
  49. #pragma alloc_text(PAGE, NpCommonQuerySecurityInfo)
  50. #pragma alloc_text(PAGE, NpCommonSetSecurityInfo)
  51. #pragma alloc_text(PAGE, NpFsdQuerySecurityInfo)
  52. #pragma alloc_text(PAGE, NpFsdSetSecurityInfo)
  53. #endif
  56. NTSTATUS
  57. NpFsdQuerySecurityInfo (
  58. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  59. IN PIRP Irp
  60. )
  62. /*++
  64. Routine Description:
  66. This routine implements the FSD part of the Query Security Information API
  67. calls.
  69. Arguments:
  71. NpfsDeviceObject - Supplies the device object to use.
  73. Irp - Supplies the Irp being processed
  75. Return Value:
  77. NTSTATUS - The Fsd status for the Irp
  79. --*/
  81. {
  82. NTSTATUS Status;
  84. PAGED_CODE();
  86. DebugTrace(+1, Dbg, "NpFsdQuerySecurityInfo\n", 0);
  88. //
  89. // Call the common Query Information routine.
  90. //
  92. FsRtlEnterFileSystem();
  94. NpAcquireExclusiveVcb();
  96. Status = NpCommonQuerySecurityInfo( NpfsDeviceObject, Irp );
  98. NpReleaseVcb();
  100. FsRtlExitFileSystem();
  102. if (Status != STATUS_PENDING) {
  103. NpCompleteRequest (Irp, Status);
  104. }
  106. //
  107. // And return to our caller
  108. //
  110. DebugTrace(-1, Dbg, "NpFsdQuerySecurityInfo -> %08lx\n", Status );
  112. return Status;
  113. }
  116. NTSTATUS
  117. NpFsdSetSecurityInfo (
  118. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  119. IN PIRP Irp
  120. )
  122. /*++
  124. Routine Description:
  126. This routine implements the FSD part of the Set Security Information API
  127. calls.
  129. Arguments:
  131. NpfsDeviceObject - Supplies the device object to use.
  133. Irp - Supplies the Irp being processed
  135. Return Value:
  137. NTSTATUS - The Fsd status for the Irp
  139. --*/
  141. {
  142. NTSTATUS Status;
  144. PAGED_CODE();
  146. DebugTrace(+1, Dbg, "NpFsdSetSecurityInfo\n", 0);
  148. //
  149. // Call the common Set Information routine.
  150. //
  152. FsRtlEnterFileSystem();
  154. NpAcquireExclusiveVcb();
  156. Status = NpCommonSetSecurityInfo( NpfsDeviceObject, Irp );
  158. NpReleaseVcb();
  160. FsRtlExitFileSystem();
  162. if (Status != STATUS_PENDING) {
  163. NpCompleteRequest (Irp, Status);
  164. }
  165. //
  166. // And return to our caller
  167. //
  169. DebugTrace(-1, Dbg, "NpFsdSetSecurityInfo -> %08lx\n", Status );
  171. return Status;
  172. }
  175. //
  176. // Internal support routine
  177. //
  179. NTSTATUS
  180. NpCommonQuerySecurityInfo (
  181. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  182. IN PIRP Irp
  183. )
  185. /*++
  187. Routine Description:
  189. This is the common routine for querying security information.
  191. Arguments:
  193. Irp - Supplies the Irp to process
  195. Return Value:
  197. NTSTATUS - the return status for the operation
  199. --*/
  201. {
  202. PIO_STACK_LOCATION IrpSp;
  203. NTSTATUS Status;
  205. NODE_TYPE_CODE NodeTypeCode;
  206. PFCB Fcb;
  207. PCCB Ccb;
  208. NAMED_PIPE_END NamedPipeEnd;
  210. PAGED_CODE();
  212. //
  213. // Get the current stack location
  214. //
  216. IrpSp = IoGetCurrentIrpStackLocation( Irp );
  218. DebugTrace(+1, Dbg, "NpCommonQuerySecurityInfo...\n", 0);
  219. DebugTrace( 0, Dbg, " Irp = %08lx\n", Irp);
  220. DebugTrace( 0, Dbg, " ->SecurityInformation = %08lx\n", IrpSp->Parameters.QuerySecurity.SecurityInformation);
  221. DebugTrace( 0, Dbg, " ->Length = %08lx\n", IrpSp->Parameters.QuerySecurity.Length);
  222. DebugTrace( 0, Dbg, " ->UserBuffer = %08lx\n", Irp->UserBuffer);
  224. //
  225. // Get the ccb and figure out who we are, and make sure we're not
  226. // disconnected.
  227. //
  229. if ((NodeTypeCode = NpDecodeFileObject( IrpSp->FileObject,
  230. &Fcb,
  231. &Ccb,
  232. &NamedPipeEnd )) == NTC_UNDEFINED) {
  234. DebugTrace(0, Dbg, "Pipe is disconnected from us\n", 0);
  236. Status = STATUS_PIPE_DISCONNECTED;
  238. DebugTrace(-1, Dbg, "NpCommonQueryInformation -> %08lx\n", Status );
  239. return Status;
  240. }
  242. //
  243. // Now we only will allow write operations on the pipe and not a directory
  244. // or the device
  245. //
  247. if (NodeTypeCode != NPFS_NTC_CCB) {
  249. DebugTrace(0, Dbg, "FileObject is not for a named pipe\n", 0);
  251. Status = STATUS_INVALID_PARAMETER;
  253. DebugTrace(-1, Dbg, "NpCommonQueryInformation -> %08lx\n", Status );
  254. return Status;
  255. }
  257. //
  258. // Call the security routine to do the actual query
  259. //
  261. Status = SeQuerySecurityDescriptorInfo( &IrpSp->Parameters.QuerySecurity.SecurityInformation,
  262. Irp->UserBuffer,
  263. &IrpSp->Parameters.QuerySecurity.Length,
  264. &Fcb->SecurityDescriptor );
  266. if ( Status == STATUS_BUFFER_TOO_SMALL ) {
  268. Irp->IoStatus.Information = IrpSp->Parameters.QuerySecurity.Length;
  270. Status = STATUS_BUFFER_OVERFLOW;
  271. }
  275. DebugTrace(-1, Dbg, "NpCommonQuerySecurityInfo -> %08lx\n", Status );
  276. return Status;
  277. }
  280. //
  281. // Internal support routine
  282. //
  284. NTSTATUS
  285. NpCommonSetSecurityInfo (
  286. IN PNPFS_DEVICE_OBJECT NpfsDeviceObject,
  287. IN PIRP Irp
  288. )
  290. /*++
  292. Routine Description:
  294. This is the common routine for Setting security information.
  296. Arguments:
  298. Irp - Supplies the Irp to process
  300. Return Value:
  302. NTSTATUS - the return status for the operation
  304. --*/
  306. {
  307. PIO_STACK_LOCATION IrpSp;
  308. NTSTATUS Status;
  310. NODE_TYPE_CODE NodeTypeCode;
  311. PFCB Fcb;
  312. PCCB Ccb;
  313. NAMED_PIPE_END NamedPipeEnd;
  315. PSECURITY_DESCRIPTOR OldSecurityDescriptor, NewSecurityDescriptor, CachedSecurityDescriptor;
  317. PAGED_CODE();
  319. //
  320. // Get the current stack location
  321. //
  323. IrpSp = IoGetCurrentIrpStackLocation( Irp );
  325. DebugTrace(+1, Dbg, "NpCommonSetSecurityInfo...\n", 0);
  326. DebugTrace( 0, Dbg, " Irp = %08lx\n", Irp);
  327. DebugTrace( 0, Dbg, " ->SecurityInformation = %08lx\n", IrpSp->Parameters.SetSecurity.SecurityInformation);
  328. DebugTrace( 0, Dbg, " ->SecurityDescriptor = %08lx\n", IrpSp->Parameters.SetSecurity.SecurityDescriptor);
  330. //
  331. // Get the ccb and figure out who we are, and make sure we're not
  332. // disconnected.
  333. //
  335. if ((NodeTypeCode = NpDecodeFileObject( IrpSp->FileObject,
  336. &Fcb,
  337. &Ccb,
  338. &NamedPipeEnd )) == NTC_UNDEFINED) {
  340. DebugTrace(0, Dbg, "Pipe is disconnected from us\n", 0);
  342. Status = STATUS_PIPE_DISCONNECTED;
  344. DebugTrace(-1, Dbg, "NpCommonQueryInformation -> %08lx\n", Status );
  345. return Status;
  346. }
  348. //
  349. // Now we only will allow write operations on the pipe and not a directory
  350. // or the device
  351. //
  353. if (NodeTypeCode != NPFS_NTC_CCB) {
  355. DebugTrace(0, Dbg, "FileObject is not for a named pipe\n", 0);
  357. Status = STATUS_INVALID_PARAMETER;
  359. DebugTrace(-1, Dbg, "NpCommonQueryInformation -> %08lx\n", Status );
  360. return Status;
  361. }
  363. //
  364. // Call the security routine to do the actual set
  365. //
  367. NewSecurityDescriptor = OldSecurityDescriptor = Fcb->SecurityDescriptor;
  369. Status = SeSetSecurityDescriptorInfo( NULL,
  370. &IrpSp->Parameters.SetSecurity.SecurityInformation,
  371. IrpSp->Parameters.SetSecurity.SecurityDescriptor,
  372. &NewSecurityDescriptor,
  373. PagedPool,
  374. IoGetFileObjectGenericMapping() );
  376. if (NT_SUCCESS(Status)) {
  377. Status = ObLogSecurityDescriptor (NewSecurityDescriptor,
  378. &CachedSecurityDescriptor,
  379. 1);
  380. NpFreePool (NewSecurityDescriptor);
  381. if (NT_SUCCESS(Status)) {
  382. Fcb->SecurityDescriptor = CachedSecurityDescriptor;
  383. ObDereferenceSecurityDescriptor( OldSecurityDescriptor, 1 );
  384. }
  386. }
  388. DebugTrace(-1, Dbg, "NpCommonSetSecurityInfo -> %08lx\n", Status );
  389. return Status;
  390. }