Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

304 lines
6.7 KiB

  1. /*++
  2. Copyright (c) 1997-2000 Microsoft Corporation
  3. Module Name:
  4. safepol.c (SAFER Code Authorization Policy)
  5. Abstract:
  6. This module implements the WinSAFER APIs
  7. Author:
  8. Jeffrey Lawson (JLawson) - Apr 1999
  9. Environment:
  10. User mode only.
  11. Exported Functions:
  12. CodeAuthzpGetInformationCodeAuthzPolicy
  13. CodeAuthzpSetInformationCodeAuthzPolicy
  14. SaferGetPolicyInformation (public win32)
  15. SaferSetPolicyInformation (public win32)
  16. Revision History:
  17. Created - Apr 1999
  18. --*/
  19. #include "pch.h"
  20. #pragma hdrstop
  21. #include <winsafer.h>
  22. #include <winsaferp.h>
  23. #include "saferp.h"
  24. NTSTATUS NTAPI
  25. CodeAuthzpGetInformationCodeAuthzPolicy (
  26. IN DWORD dwScopeId,
  27. IN SAFER_POLICY_INFO_CLASS CodeAuthzPolicyInfoClass,
  28. IN DWORD InfoBufferSize,
  29. IN OUT PVOID InfoBuffer,
  30. OUT PDWORD InfoBufferRetSize
  31. )
  32. /*++
  33. Routine Description:
  34. Arguments:
  35. dwScopeId -
  36. CodeAuthzPolicyInfoClass -
  37. InfoBufferSize -
  38. InfoBuffer -
  39. InfoBufferRetSize -
  40. Return Value:
  41. Returns STATUS_SUCCESS if no error occurs, otherwise returns the
  42. status code indicating the nature of the failure.
  43. --*/
  44. {
  45. NTSTATUS Status;
  46. //
  47. // Handle the specific information type as appropriate.
  48. //
  49. switch (CodeAuthzPolicyInfoClass)
  50. {
  51. case SaferPolicyLevelList:
  52. // scope is only primary.
  53. Status = CodeAuthzPol_GetInfoCached_LevelListRaw(
  54. dwScopeId,
  55. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  56. break;
  57. case SaferPolicyDefaultLevel:
  58. // scope is primary or secondary for non-registry case.
  59. Status = CodeAuthzPol_GetInfoCached_DefaultLevel(
  60. dwScopeId,
  61. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  62. break;
  63. case SaferPolicyEnableTransparentEnforcement:
  64. // scope is only primary.
  65. Status = CodeAuthzPol_GetInfoRegistry_TransparentEnabled(
  66. dwScopeId,
  67. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  68. break;
  69. case SaferPolicyEvaluateUserScope:
  70. // scope is only primary.
  71. Status = CodeAuthzPol_GetInfoCached_HonorUserIdentities(
  72. dwScopeId,
  73. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  74. break;
  75. case SaferPolicyScopeFlags:
  76. // scope is only primary.
  77. Status = CodeAuthzPol_GetInfoRegistry_ScopeFlags(
  78. dwScopeId,
  79. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  80. break;
  81. default:
  82. Status = STATUS_INVALID_INFO_CLASS;
  83. break;
  84. }
  85. return Status;
  86. }
  87. NTSTATUS NTAPI
  88. CodeAuthzpSetInformationCodeAuthzPolicy (
  89. IN DWORD dwScopeId,
  90. IN SAFER_POLICY_INFO_CLASS CodeAuthzPolicyInfoClass,
  91. IN DWORD InfoBufferSize,
  92. OUT PVOID InfoBuffer
  93. )
  94. /*++
  95. Routine Description:
  96. Arguments:
  97. dwScopeId -
  98. CodeAuthzPolicyInfoClass -
  99. InfoBufferSize -
  100. InfoBuffer -
  101. Return Value:
  102. Returns STATUS_SUCCESS if no error occurs, otherwise returns the
  103. status code indicating the nature of the failure.
  104. --*/
  105. {
  106. NTSTATUS Status;
  107. //
  108. // Handle the specific information type as appropriate.
  109. //
  110. switch (CodeAuthzPolicyInfoClass)
  111. {
  112. case SaferPolicyLevelList:
  113. // not valid for setting.
  114. Status = STATUS_INVALID_INFO_CLASS;
  115. break;
  116. case SaferPolicyDefaultLevel:
  117. // scope is primary or secondary for non-registry case.
  118. Status = CodeAuthzPol_SetInfoDual_DefaultLevel(
  119. dwScopeId, InfoBufferSize, InfoBuffer);
  120. break;
  121. case SaferPolicyEnableTransparentEnforcement:
  122. // scope is only primary.
  123. Status = CodeAuthzPol_SetInfoRegistry_TransparentEnabled(
  124. dwScopeId, InfoBufferSize, InfoBuffer);
  125. break;
  126. case SaferPolicyScopeFlags:
  127. // scope is only primary.
  128. Status = CodeAuthzPol_SetInfoRegistry_ScopeFlags(
  129. dwScopeId, InfoBufferSize, InfoBuffer);
  130. break;
  131. case SaferPolicyEvaluateUserScope:
  132. // scope is only primary.
  133. Status = CodeAuthzPol_SetInfoDual_HonorUserIdentities(
  134. dwScopeId, InfoBufferSize, InfoBuffer);
  135. break;
  136. default:
  137. Status = STATUS_INVALID_INFO_CLASS;
  138. break;
  139. }
  140. return Status;
  141. }
  142. BOOL WINAPI
  143. SaferGetPolicyInformation(
  144. IN DWORD dwScopeId,
  145. IN SAFER_POLICY_INFO_CLASS CodeAuthzPolicyInfoClass,
  146. IN DWORD InfoBufferSize,
  147. IN OUT PVOID InfoBuffer,
  148. IN OUT PDWORD InfoBufferRetSize,
  149. IN LPVOID lpReserved
  150. )
  151. /*++
  152. Routine Description:
  153. Arguments:
  154. dwScopeId -
  155. CodeAuthzPolicyInfoClass -
  156. InfoBufferSize -
  157. InfoBuffer -
  158. InfoBufferRetSize -
  159. lpReserved - unused, must be zero.
  160. Return Value:
  161. Returns TRUE if successful, otherwise returns FALSE and sets
  162. the value returned by GetLastError() to be the specific cause.
  163. --*/
  164. {
  165. NTSTATUS Status;
  166. Status = CodeAuthzpGetInformationCodeAuthzPolicy(
  167. dwScopeId, CodeAuthzPolicyInfoClass,
  168. InfoBufferSize, InfoBuffer, InfoBufferRetSize);
  169. if (NT_SUCCESS(Status))
  170. return TRUE;
  171. BaseSetLastNTError(Status);
  172. UNREFERENCED_PARAMETER(lpReserved);
  173. return FALSE;
  174. }
  175. BOOL WINAPI
  176. SaferSetPolicyInformation(
  177. IN DWORD dwScopeId,
  178. IN SAFER_POLICY_INFO_CLASS CodeAuthzPolicyInfoClass,
  179. IN DWORD InfoBufferSize,
  180. IN PVOID InfoBuffer,
  181. IN LPVOID lpReserved
  182. )
  183. /*++
  184. Routine Description:
  185. Arguments:
  186. dwScopeId -
  187. CodeAuthzPolicyInfoClass -
  188. InfoBufferSize -
  189. InfoBuffer -
  190. lpReserved - unused, must be zero.
  191. Return Value:
  192. Returns TRUE if successful, otherwise returns FALSE and sets
  193. the value returned by GetLastError() to be the specific cause.
  194. --*/
  195. {
  196. NTSTATUS Status;
  197. Status = CodeAuthzpSetInformationCodeAuthzPolicy (
  198. dwScopeId, CodeAuthzPolicyInfoClass,
  199. InfoBufferSize, InfoBuffer);
  200. if (NT_SUCCESS(Status))
  201. return TRUE;
  202. BaseSetLastNTError(Status);
  203. UNREFERENCED_PARAMETER(lpReserved);
  204. return FALSE;
  205. }