Microsoft/NT4
Microsoft/NT4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ce47f986d8
NT4/private/ntos/se/rmlogon.c

1138 lines
25 KiB
C
Raw Normal View History

First commit
2001-01-01 00:00:00 +01:00
/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
rmlogon.c
Abstract:
This module implements the kernel mode logon tracking performed by the
reference monitor. Logon tracking is performed by keeping a count of
how many tokens exist for each active logon in a system. When a logon
session's reference count drops to zero, the LSA is notified so that
authentication packages can clean up any related context data.
Author:
Jim Kelly (JimK) 21-April-1991
Environment:
Kernel mode only.
Revision History:
--*/
//#define SEP_TRACK_LOGON_SESSION_REFS
#include "rmp.h"
#include <bugcodes.h>
SEP_LOGON_SESSION_TERMINATED_NOTIFICATION
SeFileSystemNotifyRoutinesHead = {0};
////////////////////////////////////////////////////////////////////////////
// //
// Internally defined data types //
// //
////////////////////////////////////////////////////////////////////////////
typedef struct _SEP_FILE_SYSTEM_NOTIFY_CONTEXT {
WORK_QUEUE_ITEM WorkItem;
LUID LogonId;
} SEP_FILE_SYSTEM_NOTIFY_CONTEXT, *PSEP_FILE_SYSTEM_NOTIFY_CONTEXT;
////////////////////////////////////////////////////////////////////////////
// //
// Internally defined routines //
// //
////////////////////////////////////////////////////////////////////////////
NTSTATUS
SepGetLogonSessionTrack(
IN PLUID LogonId
);
VOID
SepInformLsaOfDeletedLogon(
IN PLUID LogonId
);
VOID
SepInformFileSystemsOfDeletedLogon(
IN PLUID LogonId
);
VOID
SepNotifyFileSystems(
IN PVOID Context
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE,SeRegisterLogonSessionTerminatedRoutine)
#pragma alloc_text(PAGE,SeUnregisterLogonSessionTerminatedRoutine)
#pragma alloc_text(PAGE,SeMarkLogonSessionForTerminationNotification)
#pragma alloc_text(PAGE,SepRmCreateLogonSessionWrkr)
#pragma alloc_text(PAGE,SepRmDeleteLogonSessionWrkr)
#pragma alloc_text(PAGE,SepReferenceLogonSession)
#pragma alloc_text(PAGE,SepDeReferenceLogonSession)
#pragma alloc_text(PAGE,SepCreateLogonSessionTrack)
#pragma alloc_text(PAGE,SepDeleteLogonSessionTrack)
#pragma alloc_text(PAGE,SepInformLsaOfDeletedLogon)
#pragma alloc_text(PAGE,SepInformFileSystemsOfDeletedLogon)
#pragma alloc_text(PAGE,SepNotifyFileSystems)
#endif
////////////////////////////////////////////////////////////////////////////
// //
// Local macros //
// //
////////////////////////////////////////////////////////////////////////////
//
// This macro is used to obtain an index into the logon session tracking
// array given a logon session ID (a LUID).
//
#define SepLogonSessionIndex( PLogonId ) ( \
(PLogonId)->LowPart & SEP_LOGON_TRACK_INDEX_MASK \
)
////////////////////////////////////////////////////////////////////////////
// //
// Exported Services //
// //
////////////////////////////////////////////////////////////////////////////
VOID
SepRmCreateLogonSessionWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
)
/*++
Routine Description:
This function is the dispatch routine for the LSA --> RM
"CreateLogonSession" call.
The arguments passed to this routine are defined by the
type SEP_RM_COMMAND_WORKER.
Arguments:
CommandMessage - Points to structure containing RM command message
information consisting of an LPC PORT_MESSAGE structure followed
by the command number (RmComponentTestCommand) and a command-specific
body. The command-specific body of this parameter is a LUID of the
logon session to be created.
ReplyMessage - Pointer to structure containing LSA reply message
information consisting of an LPC PORT_MESSAGE structure followed
by the command ReturnedStatus field in which a status code from the
command will be returned.
Return Value:
VOID
--*/
{
NTSTATUS Status;
LUID LogonId;
PAGED_CODE();
//
// Check that command is expected type
//
ASSERT( CommandMessage->CommandNumber == RmCreateLogonSession );
//
// Typecast the command parameter to what we expect.
//
LogonId = *((LUID UNALIGNED *) CommandMessage->CommandParams);
//
// Try to create the logon session tracking record
//
Status = SepCreateLogonSessionTrack( &LogonId );
//
// Set the reply status
//
ReplyMessage->ReturnedStatus = Status;
return;
}
VOID
SepRmDeleteLogonSessionWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
)
/*++
Routine Description:
This function is the dispatch routine for the LSA --> RM
"DeleteLogonSession" call.
The arguments passed to this routine are defined by the
type SEP_RM_COMMAND_WORKER.
Arguments:
CommandMessage - Points to structure containing RM command message
information consisting of an LPC PORT_MESSAGE structure followed
by the command number (RmComponentTestCommand) and a command-specific
body. The command-specific body of this parameter is a LUID of the
logon session to be created.
ReplyMessage - Pointer to structure containing LSA reply message
information consisting of an LPC PORT_MESSAGE structure followed
by the command ReturnedStatus field in which a status code from the
command will be returned.
Return Value:
VOID
--*/
{
NTSTATUS Status;
LUID LogonId;
PAGED_CODE();
//
// Check that command is expected type
//
ASSERT( CommandMessage->CommandNumber == RmDeleteLogonSession );
//
// Typecast the command parameter to what we expect.
//
LogonId = *((LUID UNALIGNED *) CommandMessage->CommandParams);
//
// Try to create the logon session tracking record
//
Status = SepDeleteLogonSessionTrack( &LogonId );
//
// Set the reply status
//
ReplyMessage->ReturnedStatus = Status;
return;
}
NTSTATUS
SepReferenceLogonSession(
IN PLUID LogonId
)
/*++
Routine Description:
This routine increments the reference count of a logon session
tracking record.
Arguments:
LogonId - Pointer to the logon session ID whose logon track is
to be incremented.
Return Value:
STATUS_SUCCESS - The reference count was successfully incremented.
STATUS_NO_SUCH_LOGON_SESSION - The specified logon session doesn't
exist in the reference monitor's database.
--*/
{
ULONG SessionArrayIndex;
PSEP_LOGON_SESSION_REFERENCES Previous, Current;
#ifdef SEP_TRACK_LOGON_SESSION_REFS
ULONG Refs;
#endif //SEP_TRACK_LOGON_SESSION_REFS
PAGED_CODE();
SessionArrayIndex = SepLogonSessionIndex( LogonId );
//
// Protect modification of reference monitor database
//
SepRmAcquireDbWriteLock();
//
// Now walk the list for our logon session array hash index.
//
Previous = (PSEP_LOGON_SESSION_REFERENCES)
((PVOID)&SepLogonSessions[ SessionArrayIndex ]);
Current = Previous->Next;
while (Current != NULL) {
//
// If we found it, increment the reference count and return
//
if (RtlEqualLuid( LogonId, &Current->LogonId) ) {
#ifdef SEP_TRACK_LOGON_SESSION_REFS
ULONG Refs;
#endif //SEP_TRACK_LOGON_SESSION_REFS
Current->ReferenceCount += 1;
#ifdef SEP_TRACK_LOGON_SESSION_REFS
Refs = Current->ReferenceCount;
#endif //SEP_TRACK_LOGON_SESSION_REFS
SepRmReleaseDbWriteLock();
#ifdef SEP_TRACK_LOGON_SESSION_REFS
DbgPrint("SE (rm): ++ logon session: (%d, %d) to %d by (%d, %d)\n",
LogonId->HighPart, LogonId->LowPart, Refs,
PsGetCurrentThread()->Cid.UniqueProcess,
PsGetCurrentThread()->Cid.UniqueThread);
#endif //SEP_TRACK_LOGON_SESSION_REFS
return STATUS_SUCCESS;
}
Previous = Current;
Current = Current->Next;
}
SepRmReleaseDbWriteLock();
//
// Bad news, someone asked us to increment the reference count of
// a logon session we didn't know existed. This might be a new
// token being created, so return an error status and let the caller
// decide if it warrants a bug check or not.
//
return STATUS_NO_SUCH_LOGON_SESSION;
}
VOID
SepDeReferenceLogonSession(
IN PLUID LogonId
)
/*++
Routine Description:
This routine decrements the reference count of a logon session
tracking record.
If the reference count is decremented to zero, then there is no
possibility for any more tokens to exist for the logon session.
In this case, the LSA is notified that a logon session has
terminated.
Arguments:
LogonId - Pointer to the logon session ID whose logon track is
to be decremented.
Return Value:
None.
--*/
{
ULONG SessionArrayIndex;
PSEP_LOGON_SESSION_REFERENCES Previous, Current;
#ifdef SEP_TRACK_LOGON_SESSION_REFS
ULONG Refs;
#endif //SEP_TRACK_LOGON_SESSION_REFS
PAGED_CODE();
SessionArrayIndex = SepLogonSessionIndex( LogonId );
//
// Protect modification of reference monitor database
//
SepRmAcquireDbWriteLock();
//
// Now walk the list for our logon session array hash index.
//
Previous = (PSEP_LOGON_SESSION_REFERENCES)
((PVOID)&SepLogonSessions[ SessionArrayIndex ]);
Current = Previous->Next;
while (Current != NULL) {
//
// If we found it, decrement the reference count and return
//
if (RtlEqualLuid( LogonId, &Current->LogonId) ) {
Current->ReferenceCount -= 1;
if (Current->ReferenceCount == 0) {
//
// Pull it from the list
//
Previous->Next = Current->Next;
//
// No longer need to protect our pointer to this
// record.
//
SepRmReleaseDbWriteLock();
//
// Asynchronoously inform file systems that this logon session
// is going away, if atleast one FS expressed interest in this
// logon session.
//
if (Current->Flags & SEP_TERMINATION_NOTIFY) {
SepInformFileSystemsOfDeletedLogon( LogonId );
}
//
// Deallocate the logon session track record.
//
ExFreePool( (PVOID)Current );
#ifdef SEP_TRACK_LOGON_SESSION_REFS
DbgPrint("SE (rm): -- ** logon session: (%d, %d) to ZERO by (%d, %d)\n",
LogonId->HighPart, LogonId->LowPart,
PsGetCurrentThread()->Cid.UniqueProcess,
PsGetCurrentThread()->Cid.UniqueThread);
#endif //SEP_TRACK_LOGON_SESSION_REFS
//
// Inform the LSA about the deletion of this logon session.
//
SepInformLsaOfDeletedLogon( LogonId );
return;
}
//
// reference count was incremented, but not to zero.
//
#ifdef SEP_TRACK_LOGON_SESSION_REFS
Refs = Current->ReferenceCount;
#endif //SEP_TRACK_LOGON_SESSION_REFS
SepRmReleaseDbWriteLock();
#ifdef SEP_TRACK_LOGON_SESSION_REFS
DbgPrint("SE (rm): -- logon session: (%d, %d) to %d by (%d, %d)\n",
LogonId->HighPart, LogonId->LowPart, Refs,
PsGetCurrentThread()->Cid.UniqueProcess,
PsGetCurrentThread()->Cid.UniqueThread);
#endif //SEP_TRACK_LOGON_SESSION_REFS
return;
}
Previous = Current;
Current = Current->Next;
}
SepRmReleaseDbWriteLock();
//
// Bad news, someone asked us to decrement the reference count of
// a logon session we didn't know existed.
//
KeBugCheck( DEREF_UNKNOWN_LOGON_SESSION );
return;
}
NTSTATUS
SepCreateLogonSessionTrack(
IN PLUID LogonId
)
/*++
Routine Description:
This routine creates a new logon session tracking record.
This should only be called as a dispatch routine for a LSA->RM
call (and once during system initialization).
If the specified logon session already exists, then an error is returned.
Arguments:
LogonId - Pointer to the logon session ID for which a new logon track is
to be created.
Return Value:
STATUS_SUCCESS - The logon session track was created successfully.
STATUS_LOGON_SESSION_EXISTS - The logon session already exists.
A new one has not been created.
--*/
{
ULONG SessionArrayIndex;
PSEP_LOGON_SESSION_REFERENCES Previous, Current;
PSEP_LOGON_SESSION_REFERENCES LogonSessionTrack;
PAGED_CODE();
//
// Make sure we can allocate a new logon session track record
//
LogonSessionTrack = (PSEP_LOGON_SESSION_REFERENCES)
ExAllocatePoolWithTag(
PagedPool,
sizeof(SEP_LOGON_SESSION_REFERENCES),
'sLeS'
);
if (LogonSessionTrack == NULL) {
return STATUS_INSUFFICIENT_RESOURCES;
}
LogonSessionTrack->LogonId = (*LogonId);
LogonSessionTrack->ReferenceCount = 0;
SessionArrayIndex = SepLogonSessionIndex( LogonId );
//
// Protect modification of reference monitor database
//
SepRmAcquireDbWriteLock();
//
// Now walk the list for our logon session array hash index
// looking for a duplicate logon session ID.
//
Previous = (PSEP_LOGON_SESSION_REFERENCES)
((PVOID)&SepLogonSessions[ SessionArrayIndex ]);
Current = Previous->Next;
while (Current != NULL) {
if (RtlEqualLuid( LogonId, &Current->LogonId) ) {
//
// One already exists. Hmmm.
//
SepRmReleaseDbWriteLock();
ExFreePool(LogonSessionTrack);
return STATUS_LOGON_SESSION_EXISTS;
}
Previous = Current;
Current = Current->Next;
}
//
// Reached the end of the list without finding a duplicate.
// Add the new one.
//
LogonSessionTrack->Next = SepLogonSessions[ SessionArrayIndex ];
SepLogonSessions[ SessionArrayIndex ] = LogonSessionTrack;
SepRmReleaseDbWriteLock();
return STATUS_SUCCESS;
}
NTSTATUS
SepDeleteLogonSessionTrack(
IN PLUID LogonId
)
/*++
Routine Description:
This routine creates a new logon session tracking record.
This should only be called as a dispatch routine for a LSA->RM
call (and once during system initialization).
If the specified logon session already exists, then an error is returned.
Arguments:
LogonId - Pointer to the logon session ID whose logon track is
to be deleted.
Return Value:
STATUS_SUCCESS - The logon session track was deleted successfully.
STATUS_BAD_LOGON_SESSION_STATE - The logon session has a non-zero
reference count and can not be deleted.
STATUS_NO_SUCH_LOGON_SESSION - The specified logon session does not
exist.
--*/
{
ULONG SessionArrayIndex;
PSEP_LOGON_SESSION_REFERENCES Previous, Current;
PAGED_CODE();
SessionArrayIndex = SepLogonSessionIndex( LogonId );
//
// Protect modification of reference monitor database
//
SepRmAcquireDbWriteLock();
//
// Now walk the list for our logon session array hash index.
//
Previous = (PSEP_LOGON_SESSION_REFERENCES)
((PVOID)&SepLogonSessions[ SessionArrayIndex ]);
Current = Previous->Next;
while (Current != NULL) {
//
// If we found it, make sure reference count is zero
//
if (RtlEqualLuid( LogonId, &Current->LogonId) ) {
if (Current->ReferenceCount == 0) {
//
// Pull it from the list
//
Previous->Next = Current->Next;
//
// No longer need to protect our pointer to this
// record.
//
SepRmReleaseDbWriteLock();
//
// Deallocate the logon session track record.
//
ExFreePool( (PVOID)Current );
return STATUS_SUCCESS;
}
//
// reference count was not zero. This is not considered
// a healthy situation. Return an error and let someone
// else declare the bug check.
//
SepRmReleaseDbWriteLock();
return STATUS_BAD_LOGON_SESSION_STATE;
}
Previous = Current;
Current = Current->Next;
}
SepRmReleaseDbWriteLock();
//
// Someone asked us to delete a logon session that isn't
// in the database.
//
return STATUS_NO_SUCH_LOGON_SESSION;
}
VOID
SepInformLsaOfDeletedLogon(
IN PLUID LogonId
)
/*++
Routine Description:
This routine informs the LSA about the deletion of a logon session.
Note that we can not be guaranteed that we are in a whole (or wholesome)
thread, since we may be in the middle of process deletion and object
rundown. Therefore, we must queue the work off to a worker thread which
can then make an LPC call to the LSA.
Arguments:
LogonId - Pointer to the logon session ID which has been deleted.
Return Value:
None.
--*/
{
PSEP_LSA_WORK_ITEM DeleteLogonItem;
PAGED_CODE();
//
// Pass the LUID value along with the work queue item.
// Note that the worker thread is responsible for freeing the WorkItem data
// structure.
//
DeleteLogonItem = ExAllocatePoolWithTag( PagedPool, sizeof(SEP_LSA_WORK_ITEM), 'wLeS' );
if (DeleteLogonItem == NULL) {
//
// I don't know what to do here... we loose track of a logon session,
// but the system isn't really harmed in any way.
//
return;
}
DeleteLogonItem->CommandParams.LogonId = (*LogonId);
DeleteLogonItem->CommandNumber = LsapLogonSessionDeletedCommand;
DeleteLogonItem->CommandParamsLength = sizeof( LUID );
DeleteLogonItem->ReplyBuffer = NULL;
DeleteLogonItem->ReplyBufferLength = 0;
DeleteLogonItem->CleanupFunction = NULL;
DeleteLogonItem->CleanupParameter = 0;
DeleteLogonItem->Tag = SepDeleteLogon;
DeleteLogonItem->CommandParamsMemoryType = SepRmImmediateMemory;
if (!SepQueueWorkItem( DeleteLogonItem, TRUE )) {
ExFreePool( DeleteLogonItem );
}
return;
}
NTSTATUS
SeRegisterLogonSessionTerminatedRoutine(
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
)
/*++
Routine Description:
This routine is called by file systems that are interested in being
notified when a logon session is being deleted.
Arguments:
CallbackRoutine - Address of routine to call back when a logon session
is being deleted.
Return Value:
STATUS_SUCCESS - Successfully registered routine
STATUS_INVALID_PARAMETER - CallbackRoutine is NULL
STATUS_INSUFFICIENT_RESOURCE - Unable to allocate list entry.
--*/
{
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION NewCallback;
PAGED_CODE();
if (CallbackRoutine == NULL) {
return( STATUS_INVALID_PARAMETER );
}
NewCallback = ExAllocatePoolWithTag(
PagedPool,
sizeof(SEP_LOGON_SESSION_TERMINATED_NOTIFICATION),
'SFeS');
if (NewCallback == NULL) {
return( STATUS_INSUFFICIENT_RESOURCES );
}
SepRmAcquireDbWriteLock();
NewCallback->Next = SeFileSystemNotifyRoutinesHead.Next;
NewCallback->CallbackRoutine = CallbackRoutine;
SeFileSystemNotifyRoutinesHead.Next = NewCallback;
SepRmReleaseDbWriteLock();
return( STATUS_SUCCESS );
}
NTSTATUS
SeUnregisterLogonSessionTerminatedRoutine(
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
)
/*++
Routine Description:
This is the dual of SeRegisterLogonSessionTerminatedRoutine. A File System
*MUST* call this before it is unloaded.
Arguments:
CallbackRoutine - Address of routine that was originally passed in to
SeRegisterLogonSessionTerminatedRoutine.
Return Value:
STATUS_SUCCESS - Successfully removed callback routine
STATUS_INVALID_PARAMETER - CallbackRoutine is NULL
STATUS_NOT_FOUND - Didn't find and entry for CallbackRoutine
--*/
{
NTSTATUS Status;
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION PreviousEntry;
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION NotifyEntry;
PAGED_CODE();
if (CallbackRoutine == NULL) {
return( STATUS_INVALID_PARAMETER );
}
SepRmAcquireDbWriteLock();
for (PreviousEntry = &SeFileSystemNotifyRoutinesHead,
NotifyEntry = SeFileSystemNotifyRoutinesHead.Next;
NotifyEntry != NULL;
PreviousEntry = NotifyEntry,
NotifyEntry = NotifyEntry->Next) {
if (NotifyEntry->CallbackRoutine == CallbackRoutine)
break;
}
if (NotifyEntry != NULL) {
PreviousEntry->Next = NotifyEntry->Next;
ExFreePool( NotifyEntry );
Status = STATUS_SUCCESS;
} else {
Status = STATUS_NOT_FOUND;
}
SepRmReleaseDbWriteLock();
return( Status );
}
NTSTATUS
SeMarkLogonSessionForTerminationNotification(
IN PLUID LogonId
)
/*++
Routine Description:
File systems that have registered for logon-termination notification
can mark logon sessions they are interested in for callback by calling
this routine.
Arguments:
LogonId - The logon id for which the file system should be notified
when the logon session is terminated.
Returns:
Nothing.
--*/
{
ULONG SessionArrayIndex;
PSEP_LOGON_SESSION_REFERENCES Previous, Current;
PAGED_CODE();
SessionArrayIndex = SepLogonSessionIndex( LogonId );
//
// Protect modification of reference monitor database
//
SepRmAcquireDbWriteLock();
//
// Now walk the list for our logon session array hash index.
//
Previous = (PSEP_LOGON_SESSION_REFERENCES)
((PVOID)&SepLogonSessions[ SessionArrayIndex ]);
Current = Previous->Next;
while (Current != NULL) {
//
// If we found it, decrement the reference count and return
//
if (RtlEqualLuid( LogonId, &Current->LogonId) ) {
Current->Flags |= SEP_TERMINATION_NOTIFY;
break;
}
Previous = Current;
Current = Current->Next;
}
SepRmReleaseDbWriteLock();
return( (Current != NULL) ? STATUS_SUCCESS : STATUS_NOT_FOUND );
}
VOID
SepInformFileSystemsOfDeletedLogon(
IN PLUID LogonId
)
/*++
Routine Description:
This routine informs interested file systems of a deleted logon.
Note that we can not be guaranteed that we are in a whole (or wholesome)
thread, since we may be in the middle of process deletion and object
rundown. Therefore, we must queue the work off to a worker thread.
Arguments:
LogonId - Pointer to the logon session ID which has been deleted.
Return Value:
None.
--*/
{
PSEP_FILE_SYSTEM_NOTIFY_CONTEXT FSNotifyContext;
PAGED_CODE();
FSNotifyContext = ExAllocatePoolWithTag(
NonPagedPool,
sizeof(SEP_FILE_SYSTEM_NOTIFY_CONTEXT),
'SFeS');
if (FSNotifyContext == NULL) {
//
// I don't know what to do here... file systems will loose track of a
// logon session, but the system isn't really harmed in any way.
//
return;
}
FSNotifyContext->LogonId = *LogonId;
ExInitializeWorkItem( &FSNotifyContext->WorkItem,
(PWORKER_THREAD_ROUTINE) SepNotifyFileSystems,
(PVOID) FSNotifyContext);
ExQueueWorkItem( &FSNotifyContext->WorkItem, DelayedWorkQueue );
}
VOID
SepNotifyFileSystems(
IN PVOID Context
)
{
PSEP_FILE_SYSTEM_NOTIFY_CONTEXT FSNotifyContext =
(PSEP_FILE_SYSTEM_NOTIFY_CONTEXT) Context;
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION NextCallback;
PAGED_CODE();
//
// Protect modification of the list of FS callbacks.
//
SepRmAcquireDbReadLock();
NextCallback = SeFileSystemNotifyRoutinesHead.Next;
while (NextCallback != NULL) {
NextCallback->CallbackRoutine( &FSNotifyContext->LogonId );
NextCallback = NextCallback->Next;
}
SepRmReleaseDbReadLock();
ExFreePool( FSNotifyContext );
}
Reference in New Issue Copy Permalink