Author: ion
Date: Sat Feb 18 23:59:31 2012
New Revision: 55688
URL: http://svn.reactos.org/svn/reactos?rev=55688&view=rev
Log:
[NTOSKRNL]: Implement SeCheckPrivilegedObject and call it in the two cases
where it's needed (when changing process priority) instead of spamming the
debug log that we're not doing the check.
[NTOSKRNL]: Implement ProcessUserModeIOPL info level (and implement
Ke386SetIopl) instead of spamming we can't do this.
[NTOSKRNL]: Implement ProcessExecuteOptions info level (and implement
MmSetExecuteOptions) instead of spamming we can't do this.
[NDK]: Add NoExecute Flags based on ProcessHacker.
No longer spammed to death for every process all the time.
Modified:
trunk/reactos/include/ndk/mmtypes.h
trunk/reactos/ntoskrnl/include/internal/ke.h
trunk/reactos/ntoskrnl/include/internal/mm.h
trunk/reactos/ntoskrnl/include/internal/se.h
trunk/reactos/ntoskrnl/ke/i386/v86vdm.c
trunk/reactos/ntoskrnl/mm/ARM3/pagfault.c
trunk/reactos/ntoskrnl/ps/query.c
trunk/reactos/ntoskrnl/se/priv.c
Modified: trunk/reactos/include/ndk/mmtypes.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/mmtypes.h?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/include/ndk/mmtypes.h [iso-8859-1] (original)
+++ trunk/reactos/include/ndk/mmtypes.h [iso-8859-1] Sat Feb 18 23:59:31 2012
@@ -63,8 +63,18 @@
#define MAP_PROCESS 1
#define MAP_SYSTEM 2
+//
+// Flags for ProcessExecutionOptions
+//
+#define MEM_EXECUTE_OPTION_DISABLE 0x1
+#define MEM_EXECUTE_OPTION_ENABLE 0x2
+#define MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION 0x4
+#define MEM_EXECUTE_OPTION_PERMANENT 0x8
+#define MEM_EXECUTE_OPTION_EXECUTE_DISPATCH_ENABLE 0x10
+#define MEM_EXECUTE_OPTION_IMAGE_DISPATCH_ENABLE 0x20
+#define MEM_EXECUTE_OPTION_VALID_FLAGS 0x3F
+
#ifndef NTOS_MODE_USER
-
//
// Virtual Memory Flags
//
Modified: trunk/reactos/ntoskrnl/include/internal/ke.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/ke.h?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/ke.h [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/include/internal/ke.h [iso-8859-1] Sat Feb 18
23:59:31 2012
@@ -729,6 +729,10 @@
VOID
NTAPI
+Ke386SetIOPL(VOID);
+
+VOID
+NTAPI
KiCheckForKernelApcDelivery(VOID);
LONG
Modified: trunk/reactos/ntoskrnl/include/internal/mm.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/mm.h?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/mm.h [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/include/internal/mm.h [iso-8859-1] Sat Feb 18
23:59:31 2012
@@ -1503,6 +1503,10 @@
NTAPI
MmReleaseMmInfo(struct _EPROCESS *Process);
+NTSTATUS
+NTAPI
+MmSetExecuteOptions(IN ULONG ExecuteOptions);
+
VOID
NTAPI
MmDeleteProcessPageDirectory(struct _EPROCESS *Process);
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/se.h?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/include/internal/se.h [iso-8859-1] Sat Feb 18
23:59:31 2012
@@ -226,6 +226,15 @@
KPROCESSOR_MODE PreviousMode
);
+BOOLEAN
+NTAPI
+SeCheckPrivilegedObject(
+ IN LUID PrivilegeValue,
+ IN HANDLE ObjectHandle,
+ IN ACCESS_MASK DesiredAccess,
+ IN KPROCESSOR_MODE PreviousMode
+);
+
NTSTATUS
NTAPI
SepDuplicateToken(
Modified: trunk/reactos/ntoskrnl/ke/i386/v86vdm.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/v86vdm.c?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/v86vdm.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ke/i386/v86vdm.c [iso-8859-1] Sat Feb 18 23:59:31
2012
@@ -563,6 +563,34 @@
/* Exit to V86 mode */
KiEoiHelper(TrapFrame);
}
+
+VOID
+NTAPI
+Ke386SetIOPL(VOID)
+{
+
+ PKTHREAD Thread = KeGetCurrentThread();
+ PKPROCESS Process = Thread->ApcState.Process;
+ PKTRAP_FRAME TrapFrame;
+ CONTEXT Context;
+
+ /* IOPL was enabled for this process/thread */
+ Process->Iopl = TRUE;
+ Thread->Iopl = TRUE;
+
+ /* Get the trap frame on exit */
+ TrapFrame = KeGetTrapFrame(Thread);
+
+ /* Convert to a context */
+ Context.ContextFlags = CONTEXT_CONTROL;
+ KeTrapFrameToContext(TrapFrame, NULL, &Context);
+
+ /* Set the IOPL flag */
+ Context.EFlags |= EFLAGS_IOPL;
+
+ /* Convert back to a trap frame */
+ KeContextToTrapFrame(&Context, NULL, TrapFrame, CONTEXT_CONTROL, UserMode);
+}
/* PUBLIC FUNCTIONS
***********************************************************/
Modified: trunk/reactos/ntoskrnl/mm/ARM3/pagfault.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/pagfault.c?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/mm/ARM3/pagfault.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/mm/ARM3/pagfault.c [iso-8859-1] Sat Feb 18 23:59:31
2012
@@ -1094,4 +1094,73 @@
return Status;
}
+NTSTATUS
+NTAPI
+MmSetExecuteOptions(IN ULONG ExecuteOptions)
+{
+
+ PKPROCESS CurrentProcess = &PsGetCurrentProcess()->Pcb;
+ KLOCK_QUEUE_HANDLE ProcessLock;
+ NTSTATUS Status = STATUS_ACCESS_DENIED;
+ ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
+
+ /* Only accept valid flags */
+ if (ExecuteOptions & ~MEM_EXECUTE_OPTION_VALID_FLAGS)
+ {
+ /* Fail */
+ DPRINT1("Invalid no-execute options\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ /* Change the NX state in the process lock */
+ KiAcquireProcessLock(CurrentProcess, &ProcessLock);
+
+ /* Don't change anything if the permanent flag was set */
+ if (!CurrentProcess->Flags.Permanent)
+ {
+ /* Start by assuming it's not disabled */
+ CurrentProcess->Flags.ExecuteDisable = FALSE;
+
+ /* Now process each flag and turn the equivalent bit on */
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_DISABLE)
+ {
+ CurrentProcess->Flags.ExecuteDisable = TRUE;
+ }
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_ENABLE)
+ {
+ CurrentProcess->Flags.ExecuteEnable = TRUE;
+ }
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION)
+ {
+ CurrentProcess->Flags.DisableThunkEmulation = TRUE;
+ }
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_PERMANENT)
+ {
+ CurrentProcess->Flags.Permanent = TRUE;
+ }
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_EXECUTE_DISPATCH_ENABLE)
+ {
+ CurrentProcess->Flags.ExecuteDispatchEnable = TRUE;
+ }
+ if (ExecuteOptions & MEM_EXECUTE_OPTION_IMAGE_DISPATCH_ENABLE)
+ {
+ CurrentProcess->Flags.ImageDispatchEnable = TRUE;
+ }
+
+ /* These are turned on by default if no-execution is also eanbled */
+ if (CurrentProcess->Flags.ExecuteEnable)
+ {
+ CurrentProcess->Flags.ExecuteDispatchEnable = TRUE;
+ CurrentProcess->Flags.ImageDispatchEnable = TRUE;
+ }
+
+ /* All good */
+ Status = STATUS_SUCCESS;
+ }
+
+ /* Release the lock and return status */
+ KiReleaseProcessLock(&ProcessLock);
+ return Status;
+}
+
/* EOF */
Modified: trunk/reactos/ntoskrnl/ps/query.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/query.c?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] Sat Feb 18 23:59:31 2012
@@ -928,6 +928,8 @@
KAFFINITY ValidAffinity, Affinity = 0;
ULONG DefaultHardErrorMode = 0, BasePriority = 0, MemoryPriority = 0;
ULONG DisableBoost = 0, DebugFlags = 0, EnableFixup = 0, Boost = 0;
+ ULONG NoExecute = 0;
+ BOOLEAN HasPrivilege;
PLIST_ENTRY Next;
PETHREAD Thread;
PAGED_CODE();
@@ -1189,8 +1191,17 @@
if ((PriorityClass.PriorityClass != Process->PriorityClass) &&
(PriorityClass.PriorityClass ==
PROCESS_PRIORITY_CLASS_REALTIME))
{
- /* TODO: Check privileges */
- DPRINT1("Should check privilege\n");
+ /* Check the privilege */
+ HasPrivilege =
SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
+ ProcessHandle,
+ PROCESS_SET_INFORMATION,
+ PreviousMode);
+ if (!HasPrivilege)
+ {
+ ObDereferenceObject(Process);
+ DPRINT1("Privilege to change priority to realtime
lacking\n");
+ return STATUS_PRIVILEGE_NOT_HELD;
+ }
}
/* Check if we have a job */
@@ -1284,7 +1295,16 @@
/* Check if the new base is higher */
if (BasePriority > Process->Pcb.BasePriority)
{
- DPRINT1("Should check privilege\n");
+ HasPrivilege =
SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
+ ProcessHandle,
+ PROCESS_SET_INFORMATION,
+ PreviousMode);
+ if (!HasPrivilege)
+ {
+ ObDereferenceObject(Process);
+ DPRINT1("Privilege to change priority from %lx to %lx
lacking\n", BasePriority, Process->Pcb.BasePriority);
+ return STATUS_PRIVILEGE_NOT_HELD;
+ }
}
/* Call Ke */
@@ -1595,12 +1615,61 @@
KeSetAutoAlignmentProcess(&Process->Pcb, FALSE);
Status = STATUS_SUCCESS;
break;
-
+
+ case ProcessUserModeIOPL:
+
+ /* Only TCB can do this */
+ if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
+ {
+ /* Fail */
+ DPRINT1("Need TCB to set IOPL\n");
+ Status = STATUS_PRIVILEGE_NOT_HELD;
+ break;
+ }
+
+ /* Only supported on x86 */
+#if defined (_X86_)
+ Ke386SetIOPL();
+#endif
+ /* Done */
+ break;
+
+ case ProcessExecuteFlags:
+
+ /* Check buffer length */
+ if (ProcessInformationLength != sizeof(ULONG))
+ {
+ Status = STATUS_INFO_LENGTH_MISMATCH;
+ break;
+ }
+
+ if (ProcessHandle != NtCurrentProcess())
+ {
+ Status = STATUS_INVALID_PARAMETER;
+ break;
+ }
+
+ /* Enter SEH for direct buffer read */
+ _SEH2_TRY
+ {
+ NoExecute = *(PULONG)ProcessInformation;
+ }
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ /* Get exception code */
+ Status = _SEH2_GetExceptionCode();
+ _SEH2_YIELD(break);
+ }
+ _SEH2_END;
+
+ /* Call Mm for the update */
+ Status = MmSetExecuteOptions(NoExecute);
+ break;
+
/* We currently don't implement any of these */
case ProcessLdtInformation:
case ProcessLdtSize:
case ProcessIoPortHandlers:
- case ProcessUserModeIOPL:
case ProcessWx86Information:
DPRINT1("VDM/16-bit Request not implemented: %lx\n",
ProcessInformationClass);
Status = STATUS_NOT_IMPLEMENTED;
@@ -1623,11 +1692,6 @@
case ProcessHandleTracing:
DPRINT1("Handle tracing not implemented\n");
- Status = STATUS_NOT_IMPLEMENTED;
- break;
-
- case ProcessExecuteFlags:
- DPRINT1("No execute support not implemented\n");
Status = STATUS_NOT_IMPLEMENTED;
break;
Modified: trunk/reactos/ntoskrnl/se/priv.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/priv.c?rev=55688&r1=55687&r2=55688&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/se/priv.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/se/priv.c [iso-8859-1] Sat Feb 18 23:59:31 2012
@@ -426,6 +426,44 @@
return Result;
}
+BOOLEAN
+NTAPI
+SeCheckPrivilegedObject(IN LUID PrivilegeValue,
+ IN HANDLE ObjectHandle,
+ IN ACCESS_MASK DesiredAccess,
+ IN KPROCESSOR_MODE PreviousMode)
+{
+ SECURITY_SUBJECT_CONTEXT SubjectContext;
+ PRIVILEGE_SET Priv;
+ BOOLEAN Result;
+
+ PAGED_CODE();
+
+ SeCaptureSubjectContext(&SubjectContext);
+
+ Priv.PrivilegeCount = 1;
+ Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
+ Priv.Privilege[0].Luid = PrivilegeValue;
+ Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
+
+ Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
+ if (PreviousMode != KernelMode)
+ {
+#if 0
+ SePrivilegeObjectAuditAlarm(ObjectHandle,
+ &SubjectContext,
+ DesiredAccess,
+ &PrivilegeValue,
+ Result,
+ PreviousMode);
+#endif
+ }
+
+ SeReleaseSubjectContext(&SubjectContext);
+
+ return Result;
+}
+
/* SYSTEM CALLS
***************************************************************/
NTSTATUS
