Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

371 lines
7.8 KiB

  1. /*++
  2. Copyright (c) 1989 Microsoft Corporation
  3. Module Name:
  4. seinit.c
  5. Abstract:
  6. Executive security components Initialization.
  7. Author:
  8. Jim Kelly (JimK) 10-May-1990
  9. Revision History:
  10. --*/
  11. #include "pch.h"
  12. #pragma hdrstop
  13. #include "adt.h"
  14. #include <string.h>
  15. //
  16. // Security Database Constants
  17. //
  18. #define SEP_INITIAL_KEY_COUNT 15
  19. #define SEP_INITIAL_LEVEL_COUNT 6L
  20. #ifdef ALLOC_PRAGMA
  21. #pragma alloc_text(INIT,SeInitSystem)
  22. #pragma alloc_text(INIT,SepInitializationPhase0)
  23. #pragma alloc_text(INIT,SepInitializationPhase1)
  24. #endif
  25. BOOLEAN
  26. SeInitSystem( VOID )
  27. /*++
  28. Routine Description:
  29. Perform security related system initialization functions.
  30. Arguments:
  31. None.
  32. Return Value:
  33. TRUE - Initialization succeeded.
  34. FALSE - Initialization failed.
  35. --*/
  36. {
  37. PAGED_CODE();
  38. switch ( InitializationPhase ) {
  39. case 0 :
  40. return SepInitializationPhase0();
  41. case 1 :
  42. return SepInitializationPhase1();
  43. default:
  44. KeBugCheckEx(UNEXPECTED_INITIALIZATION_CALL, 0, InitializationPhase, 0, 0);
  45. }
  46. }
  47. VOID
  48. SepInitProcessAuditSd( VOID );
  49. BOOLEAN
  50. SepInitializationPhase0( VOID )
  51. /*++
  52. Routine Description:
  53. Perform phase 0 security initialization.
  54. This includes:
  55. - Initialize LUID allocation
  56. - Initialize security global variables
  57. - initialize the token object.
  58. - Initialize the necessary security components of the boot thread/process
  59. Arguments:
  60. None.
  61. Return Value:
  62. TRUE - Initialization was successful.
  63. FALSE - Initialization Failed.
  64. --*/
  65. {
  66. PAGED_CODE();
  67. //
  68. // LUID allocation services are needed by security prior to phase 0
  69. // Executive initialization. So, LUID initialization is performed
  70. // here
  71. //
  72. if (ExLuidInitialization() == FALSE) {
  73. KdPrint(("Security: Locally Unique ID initialization failed.\n"));
  74. return FALSE;
  75. }
  76. //
  77. // Initialize security global variables
  78. //
  79. if (!SepVariableInitialization()) {
  80. KdPrint(("Security: Global variable initialization failed.\n"));
  81. return FALSE;
  82. }
  83. //
  84. // Perform Phase 0 Reference Monitor Initialization.
  85. //
  86. if (!SepRmInitPhase0()) {
  87. KdPrint(("Security: Ref Mon state initialization failed.\n"));
  88. return FALSE;
  89. }
  90. //
  91. // Initialize the token object type.
  92. //
  93. if (!SepTokenInitialization()) {
  94. KdPrint(("Security: Token object initialization failed.\n"));
  95. return FALSE;
  96. }
  97. // //
  98. // // Initialize auditing structures
  99. // //
  100. //
  101. // if (!SepAdtInitializePhase0()) {
  102. // KdPrint(("Security: Auditing initialization failed.\n"));
  103. // return FALSE;
  104. // }
  105. //
  106. //
  107. // Initialize SpinLock and list for the LSA worker thread
  108. //
  109. //
  110. // Initialize the work queue spinlock, list head, and semaphore
  111. // for each of the work queues.
  112. //
  113. if (!SepInitializeWorkList()) {
  114. KdPrint(("Security: Unable to initialize work queue\n"));
  115. return FALSE;
  116. }
  117. //
  118. // Initialize the security fields of the boot thread.
  119. //
  120. PsGetCurrentThread()->ImpersonationInfo = NULL;
  121. PS_CLEAR_BITS (&PsGetCurrentThread()->CrossThreadFlags, PS_CROSS_THREAD_FLAGS_IMPERSONATING);
  122. ObInitializeFastReference (&PsGetCurrentProcess()->Token, NULL);
  123. ObInitializeFastReference (&PsGetCurrentProcess()->Token, SeMakeSystemToken());
  124. return ( !ExFastRefObjectNull (PsGetCurrentProcess()->Token) );
  125. }
  126. BOOLEAN
  127. SepInitializationPhase1( VOID )
  128. /*++
  129. Routine Description:
  130. Perform phase 1 security initialization.
  131. This includes:
  132. - Create an object directory for security related objects.
  133. (\Security).
  134. - Create an event to be signalled after the LSA has initialized.
  135. (\Security\LSA_Initialized)
  136. Arguments:
  137. None.
  138. Return Value:
  139. TRUE - Initialization was successful.
  140. FALSE - Initialization Failed.
  141. --*/
  142. {
  143. NTSTATUS Status;
  144. STRING Name;
  145. UNICODE_STRING UnicodeName;
  146. OBJECT_ATTRIBUTES ObjectAttributes;
  147. HANDLE SecurityRoot, TemporaryHandle;
  148. PSECURITY_DESCRIPTOR SD ;
  149. UCHAR SDBuffer[ SECURITY_DESCRIPTOR_MIN_LENGTH ];
  150. PACL Dacl ;
  151. PAGED_CODE();
  152. //
  153. // Insert the system token
  154. //
  155. Status = ObInsertObject( ExFastRefGetObject (PsGetCurrentProcess()->Token),
  156. NULL,
  157. 0,
  158. 0,
  159. NULL,
  160. NULL );
  161. ASSERT( NT_SUCCESS(Status) );
  162. SeAnonymousLogonToken = SeMakeAnonymousLogonToken();
  163. ASSERT(SeAnonymousLogonToken != NULL);
  164. SeAnonymousLogonTokenNoEveryone = SeMakeAnonymousLogonTokenNoEveryone();
  165. ASSERT(SeAnonymousLogonTokenNoEveryone != NULL);
  166. //
  167. // Create the security object directory.
  168. //
  169. RtlInitString( &Name, "\\Security" );
  170. Status = RtlAnsiStringToUnicodeString(
  171. &UnicodeName,
  172. &Name,
  173. TRUE );
  174. ASSERT( NT_SUCCESS(Status) );
  175. //
  176. // Build up the security descriptor
  177. //
  178. SD = (PSECURITY_DESCRIPTOR) SDBuffer ;
  179. RtlCreateSecurityDescriptor( SD,
  180. SECURITY_DESCRIPTOR_REVISION );
  181. Dacl = ExAllocatePool(
  182. NonPagedPool,
  183. 256 );
  184. if ( !Dacl )
  185. {
  186. return FALSE ;
  187. }
  188. RtlCreateAcl( Dacl, 256, ACL_REVISION );
  189. RtlAddAccessAllowedAce( Dacl,
  190. ACL_REVISION,
  191. DIRECTORY_ALL_ACCESS,
  192. SeLocalSystemSid );
  193. RtlAddAccessAllowedAce( Dacl,
  194. ACL_REVISION,
  195. DIRECTORY_QUERY | DIRECTORY_TRAVERSE |
  196. READ_CONTROL,
  197. SeAliasAdminsSid );
  198. RtlAddAccessAllowedAce( Dacl,
  199. ACL_REVISION,
  200. DIRECTORY_TRAVERSE,
  201. SeWorldSid );
  202. RtlSetDaclSecurityDescriptor(
  203. SD,
  204. TRUE,
  205. Dacl,
  206. FALSE );
  207. InitializeObjectAttributes(
  208. &ObjectAttributes,
  209. &UnicodeName,
  210. (OBJ_PERMANENT | OBJ_CASE_INSENSITIVE),
  211. NULL,
  212. SD
  213. );
  214. Status = NtCreateDirectoryObject(
  215. &SecurityRoot,
  216. DIRECTORY_ALL_ACCESS,
  217. &ObjectAttributes
  218. );
  219. RtlFreeUnicodeString( &UnicodeName );
  220. ASSERTMSG("Security root object directory creation failed.",NT_SUCCESS(Status));
  221. ExFreePool( Dacl );
  222. //
  223. // Create an event in the security directory
  224. //
  225. RtlInitString( &Name, "LSA_AUTHENTICATION_INITIALIZED" );
  226. Status = RtlAnsiStringToUnicodeString(
  227. &UnicodeName,
  228. &Name,
  229. TRUE ); ASSERT( NT_SUCCESS(Status) );
  230. InitializeObjectAttributes(
  231. &ObjectAttributes,
  232. &UnicodeName,
  233. (OBJ_PERMANENT | OBJ_CASE_INSENSITIVE),
  234. SecurityRoot,
  235. SePublicDefaultSd
  236. );
  237. Status = NtCreateEvent(
  238. &TemporaryHandle,
  239. GENERIC_WRITE,
  240. &ObjectAttributes,
  241. NotificationEvent,
  242. FALSE
  243. );
  244. RtlFreeUnicodeString( &UnicodeName );
  245. ASSERTMSG("LSA Initialization Event Creation Failed.",NT_SUCCESS(Status));
  246. Status = NtClose( SecurityRoot );
  247. ASSERTMSG("Security object directory handle closure Failed.",NT_SUCCESS(Status));
  248. Status = NtClose( TemporaryHandle );
  249. ASSERTMSG("LSA Initialization Event handle closure Failed.",NT_SUCCESS(Status));
  250. //
  251. // Initialize the default SACL to use for auditing
  252. // accesses to system processes. This initializes SepProcessSacl
  253. //
  254. SepInitProcessAuditSd();
  255. #ifndef SETEST
  256. return TRUE;
  257. #else
  258. return SepDevelopmentTest();
  259. #endif //SETEST
  260. }