archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/ntos/ob/obclose.c

557 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. obclose.c
  9. Abstract:
  11. Object close system service
  13. Author:
  15. Steve Wood (stevewo) 31-Mar-1989
  17. Revision History:
  19. --*/
  21. #include "obp.h"
  23. #ifdef ALLOC_PRAGMA
  24. #pragma alloc_text(PAGE,NtMakeTemporaryObject)
  25. #pragma alloc_text(PAGE,NtClose)
  26. #pragma alloc_text(PAGE,ObMakeTemporaryObject)
  27. #pragma alloc_text(PAGE,ObpCloseHandleTableEntry)
  28. #pragma alloc_text(PAGE,ObCloseHandle)
  29. #pragma alloc_text(PAGE,ObpCloseHandle)
  30. #endif
  32. //
  33. // Indicates if auditing is enabled so we have to close down the object
  34. // audit alarm
  35. //
  37. extern BOOLEAN SepAdtAuditingEnabled;
  39. ObpCloseHandleTableEntry (
  40. IN PHANDLE_TABLE ObjectTable,
  41. IN PHANDLE_TABLE_ENTRY ObjectTableEntry,
  42. IN HANDLE Handle,
  43. IN KPROCESSOR_MODE PreviousMode,
  44. IN BOOLEAN Rundown,
  45. IN BOOLEAN CanNotRaise
  46. )
  47. /*++
  49. Routine Description:
  51. This function is used to close a handle table entry
  53. Arguments:
  55. ObjectTableEntry - Supplies the entry being closed. It must be locked
  56. PreviousMode - Mode of caller
  57. Rundown - Called as part of process rundown, ignore protected handles in this mode
  58. CanNotRaise - Can not raise user exceptions
  60. Return Value:
  62. An appropriate status value
  64. --*/
  65. {
  66. POBJECT_HEADER ObjectHeader;
  67. POBJECT_TYPE ObjectType;
  68. PVOID Object;
  69. ULONG CapturedGrantedAccess;
  70. ULONG CapturedAttributes;
  71. #if DBG
  72. KIRQL SaveIrql;
  73. #endif // DBG
  75. //
  76. // From the object table entry we can grab a pointer to the object
  77. // header, get its type and its body
  78. //
  80. ObjectHeader = (POBJECT_HEADER)(((ULONG_PTR)(ObjectTableEntry->Object)) & ~OBJ_HANDLE_ATTRIBUTES);
  81. ObjectType = ObjectHeader->Type;
  82. Object = &ObjectHeader->Body;
  84. //
  85. // If the object type specifies an okay to close procedure then we
  86. // need to invoke that callback. If the callback doesn't want us to
  87. // close handle then unlock the object table and return the error
  88. // to our caller
  89. //
  91. if (ObjectType->TypeInfo.OkayToCloseProcedure != NULL) {
  93. ObpBeginTypeSpecificCallOut( SaveIrql );
  95. if (!(*ObjectType->TypeInfo.OkayToCloseProcedure)( PsGetCurrentProcess(),
  96. Object,
  97. Handle,
  98. PreviousMode )) {
  100. ObpEndTypeSpecificCallOut( SaveIrql, "NtClose", ObjectType, Object );
  102. ExUnlockHandleTableEntry( ObjectTable, ObjectTableEntry );
  104. return STATUS_HANDLE_NOT_CLOSABLE;
  105. }
  107. ObpEndTypeSpecificCallOut( SaveIrql, "NtClose", ObjectType, Object );
  108. }
  110. CapturedAttributes = ObpGetHandleAttributes(ObjectTableEntry);
  112. //
  113. // If the previous mode was user and the handle is protected from
  114. // being closed, then we'll either raise or return an error depending
  115. // on the global flags and debugger port situation.
  116. //
  118. if ((CapturedAttributes & OBJ_PROTECT_CLOSE) != 0 && Rundown == FALSE) {
  120. if (PreviousMode != KernelMode) {
  121. PETHREAD CurrentThread;
  123. ExUnlockHandleTableEntry( ObjectTable, ObjectTableEntry );
  125. CurrentThread = PsGetCurrentThread ();
  127. if (!CanNotRaise && !KeIsAttachedProcess() &&
  128. !PsIsThreadTerminating (CurrentThread) &&
  129. !CurrentThread->Tcb.ApcState.KernelApcInProgress &&
  130. ((NtGlobalFlag & FLG_ENABLE_CLOSE_EXCEPTIONS) ||
  131. (PsGetCurrentProcess()->DebugPort != NULL))) {
  133. //
  134. // Raise and exception in user mode
  135. //
  136. return KeRaiseUserException(STATUS_HANDLE_NOT_CLOSABLE);
  138. } else {
  140. return STATUS_HANDLE_NOT_CLOSABLE;
  141. }
  143. } else {
  144. KeBugCheckEx(INVALID_KERNEL_HANDLE, (ULONG_PTR)Handle, 0, 0, 0);
  145. }
  146. }
  148. //
  149. // Get the granted access for the handle
  150. //
  152. #if i386
  154. if (NtGlobalFlag & FLG_KERNEL_STACK_TRACE_DB) {
  156. CapturedGrantedAccess = ObpTranslateGrantedAccessIndex( ObjectTableEntry->GrantedAccessIndex );
  158. } else {
  160. CapturedGrantedAccess = ObpDecodeGrantedAccess(ObjectTableEntry->GrantedAccess);
  161. }
  163. #else
  165. CapturedGrantedAccess = ObpDecodeGrantedAccess(ObjectTableEntry->GrantedAccess);
  167. #endif // i386
  169. //
  170. // Now remove the handle from the handle table
  171. //
  173. ExDestroyHandle( ObjectTable,
  174. Handle,
  175. ObjectTableEntry );
  177. //
  178. // perform any auditing required
  179. //
  181. //
  182. // Extract the value of the GenerateOnClose bit stored
  183. // after object open auditing is performed. This value
  184. // was stored by a call to ObSetGenerateOnClosed.
  185. //
  187. if (CapturedAttributes & OBJ_AUDIT_OBJECT_CLOSE) {
  189. if ( SepAdtAuditingEnabled ) {
  191. SeCloseObjectAuditAlarm( Object,
  192. (HANDLE)((ULONG_PTR)Handle & ~OBJ_HANDLE_TAGBITS), // Mask off the tagbits defined for OB objects.
  193. TRUE );
  194. }
  195. }
  197. //
  198. // Since we took the handle away we need to decrement the objects
  199. // handle count, and remove a reference
  200. //
  202. ObpDecrementHandleCount( PsGetCurrentProcess(),
  203. ObjectHeader,
  204. ObjectType,
  205. CapturedGrantedAccess );
  207. ObDereferenceObject( Object );
  209. //
  210. // And return to our caller
  211. //
  213. return STATUS_SUCCESS;
  214. }
  217. NTSTATUS
  218. ObpCloseHandle (
  219. IN HANDLE Handle,
  220. IN KPROCESSOR_MODE PreviousMode,
  221. IN BOOLEAN CanNotRaise
  222. )
  223. /*++
  225. Routine Description:
  227. This function is used to close access to the specified handle with the given mode
  229. Arguments:
  231. Handle - Supplies the handle being closed
  232. PreviousMode - Processor mode to be used in the handle access checks.
  233. CanNotRaise - We are not allowed to do a user mode raise.
  235. Return Value:
  237. An appropriate status value
  239. --*/
  240. {
  241. PHANDLE_TABLE ObjectTable;
  242. PHANDLE_TABLE_ENTRY ObjectTableEntry;
  243. NTSTATUS Status;
  244. BOOLEAN AttachedToProcess = FALSE;
  245. KAPC_STATE ApcState;
  246. PETHREAD CurrentThread;
  247. PEPROCESS CurrentProcess;
  250. ObpValidateIrql( "NtClose" );
  252. CurrentThread = PsGetCurrentThread ();
  253. CurrentProcess = PsGetCurrentProcessByThread (CurrentThread);
  254. //
  255. // For the current process we will grab its handle/object table and
  256. // translate the handle to its corresponding table entry. If the
  257. // call is successful it also lock down the handle table. But first
  258. // check for a kernel handle and attach and use that table if so.
  259. //
  261. if (IsKernelHandle( Handle, PreviousMode )) {
  263. Handle = DecodeKernelHandle( Handle );
  265. ObjectTable = ObpKernelHandleTable;
  267. //
  268. // Go to the system process if we have to
  269. //
  270. if (CurrentProcess != PsInitialSystemProcess) {
  271. KeStackAttachProcess (&PsInitialSystemProcess->Pcb, &ApcState);
  272. AttachedToProcess = TRUE;
  273. }
  275. } else {
  277. ObjectTable = CurrentProcess->ObjectTable;
  278. }
  280. //
  281. // Protect ourselves from being interrupted while we hold a handle table
  282. // entry lock
  283. //
  285. KeEnterCriticalRegionThread(&CurrentThread->Tcb);
  287. ObjectTableEntry = ExMapHandleToPointer( ObjectTable,
  288. Handle );
  290. //
  291. // Check that the specified handle is legitimate otherwise we can
  292. // assume the caller just passed in some bogus handle value
  293. //
  295. if (ObjectTableEntry != NULL) {
  297. Status = ObpCloseHandleTableEntry (ObjectTable, ObjectTableEntry, Handle, PreviousMode, FALSE, CanNotRaise);
  299. KeLeaveCriticalRegionThread(&CurrentThread->Tcb);
  300. //
  301. // If we are attached to the system process then detach
  302. //
  303. if (AttachedToProcess) {
  305. KeUnstackDetachProcess(&ApcState);
  306. AttachedToProcess = FALSE;
  307. }
  310. } else {
  312. KeLeaveCriticalRegionThread(&CurrentThread->Tcb);
  314. //
  315. // At this point the input handle did not translate to a valid
  316. // object table entry
  317. //
  319. //
  320. // If we are attached to the system process then return
  321. // back to our caller
  322. //
  324. if (AttachedToProcess) {
  325. KeUnstackDetachProcess(&ApcState);
  326. AttachedToProcess = FALSE;
  327. }
  329. //
  330. // Now if the handle is not null and it does not represent the
  331. // current thread or process then if we're user mode we either raise
  332. // or return an error
  333. //
  335. if ((Handle != NULL) &&
  336. (Handle != NtCurrentThread()) &&
  337. (Handle != NtCurrentProcess())) {
  339. if (PreviousMode != KernelMode) {
  341. if ((NtGlobalFlag & FLG_ENABLE_CLOSE_EXCEPTIONS) ||
  342. (CurrentProcess->DebugPort != NULL)) {
  344. if (!CanNotRaise && !KeIsAttachedProcess() &&
  345. !PsIsThreadTerminating (CurrentThread) &&
  346. !CurrentThread->Tcb.ApcState.KernelApcInProgress) {
  347. return KeRaiseUserException (STATUS_INVALID_HANDLE);
  348. } else {
  349. return STATUS_INVALID_HANDLE;
  350. }
  352. }
  354. } else {
  356. //
  357. // bugcheck here if kernel debugger is enabled and if kernel mode code is
  358. // closing a bogus handle and process is not exiting. Ignore
  359. // if no PEB as this occurs if process is killed before
  360. // really starting.
  361. //
  363. if (( !PsIsThreadTerminating(CurrentThread)) &&
  364. (CurrentProcess->Peb != NULL)) {
  366. if (KdDebuggerEnabled) {
  367. KeBugCheckEx(INVALID_KERNEL_HANDLE, (ULONG_PTR)Handle, 1, 0, 0);
  368. }
  369. }
  371. }
  372. }
  374. Status = STATUS_INVALID_HANDLE;
  375. }
  378. return Status;
  379. }
  381. NTSTATUS
  382. ObCloseHandle (
  383. IN HANDLE Handle,
  384. IN KPROCESSOR_MODE PreviousMode
  385. )
  386. /*++
  388. Routine Description:
  390. This function is used to close access to the specified handle with the given mode
  392. Arguments:
  394. Handle - Supplies the handle being closed
  395. PreviousMode - Processor mode to be used in the handle access checks.
  397. Return Value:
  399. An appropriate status value
  401. --*/
  402. {
  403. return ObpCloseHandle (Handle,
  404. PreviousMode,
  405. TRUE);
  406. }
  409. NTSTATUS
  410. NtClose (
  411. IN HANDLE Handle
  412. )
  414. /*++
  416. Routine Description:
  418. This function is used to close access to the specified handle
  420. Arguments:
  422. Handle - Supplies the handle being closed
  424. Return Value:
  426. An appropriate status value
  428. --*/
  430. {
  431. return ObpCloseHandle (Handle,
  432. KeGetPreviousMode (),
  433. FALSE);
  434. }
  437. NTSTATUS
  438. NtMakeTemporaryObject (
  439. IN HANDLE Handle
  440. )
  442. /*++
  444. Routine Description:
  446. This routine makes the specified object non permanent.
  448. Arguments:
  450. Handle - Supplies a handle to the object being modified
  452. Return Value:
  454. An appropriate status value.
  456. --*/
  458. {
  459. KPROCESSOR_MODE PreviousMode;
  460. NTSTATUS Status;
  461. PVOID Object;
  462. OBJECT_HANDLE_INFORMATION HandleInformation;
  464. PAGED_CODE();
  466. //
  467. // Get previous processor mode and probe output argument if necessary.
  468. //
  470. PreviousMode = KeGetPreviousMode();
  472. Status = ObReferenceObjectByHandle( Handle,
  473. DELETE,
  474. (POBJECT_TYPE)NULL,
  475. PreviousMode,
  476. &Object,
  477. &HandleInformation );
  478. if (!NT_SUCCESS( Status )) {
  480. return( Status );
  481. }
  483. //
  484. // Make the object temporary. Note that the object should still
  485. // have a name and directory entry because its handle count is not
  486. // zero
  487. //
  489. ObMakeTemporaryObject( Object );
  491. //
  492. // Check if we need to generate a delete object audit/alarm
  493. //
  495. if (HandleInformation.HandleAttributes & OBJ_AUDIT_OBJECT_CLOSE) {
  497. SeDeleteObjectAuditAlarm( Object,
  498. Handle );
  499. }
  501. ObDereferenceObject( Object );
  503. return( Status );
  504. }
  507. VOID
  508. ObMakeTemporaryObject (
  509. IN PVOID Object
  510. )
  512. /*++
  514. Routine Description:
  516. This routine removes the name of the object from its parent
  517. directory. The object is only removed if it has a non zero
  518. handle count and a name. Otherwise the object is simply
  519. made non permanent
  521. Arguments:
  523. Object - Supplies the object being modified
  525. Return Value:
  527. None.
  529. --*/
  531. {
  532. POBJECT_HEADER ObjectHeader;
  533. POBJECT_TYPE ObjectType;
  535. PAGED_CODE();
  538. ObjectHeader = OBJECT_TO_OBJECT_HEADER( Object );
  539. ObjectType = ObjectHeader->Type;
  541. //
  542. // Other bits are set in this flags field by the handle database code. Synchronise with that.
  543. //
  544. ObpLockObject( ObjectHeader );
  546. ObjectHeader->Flags &= ~OB_FLAG_PERMANENT_OBJECT;
  548. ObpUnlockObject( ObjectHeader );
  550. //
  551. // Now delete the object name if no more handles are present.
  552. //
  553. ObpDeleteNameCheck( Object );
  555. return;
  556. }