203 lines
5.1 KiB
C
203 lines
5.1 KiB
C
|
/*++
|
|||
|
|
|||
|
Copyright (c) 1989 Microsoft Corporation
|
|||
|
|
|||
|
Module Name:
|
|||
|
|
|||
|
rmvars.c
|
|||
|
|
|||
|
Abstract:
|
|||
|
|
|||
|
This module contains the variables used to implement the run-time
|
|||
|
reference monitor database.
|
|||
|
|
|||
|
Author:
|
|||
|
|
|||
|
Jim Kelly (JimK) 2-Apr-1991
|
|||
|
|
|||
|
Environment:
|
|||
|
|
|||
|
Kernel mode only.
|
|||
|
|
|||
|
Revision History:
|
|||
|
|
|||
|
--*/
|
|||
|
|
|||
|
#include "pch.h"
|
|||
|
|
|||
|
#pragma hdrstop
|
|||
|
|
|||
|
|
|||
|
#ifdef ALLOC_PRAGMA
|
|||
|
#pragma alloc_text(INIT,SepRmDbInitialization)
|
|||
|
#endif
|
|||
|
|
|||
|
|
|||
|
////////////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// Read/Write Reference Monitor Variables //
|
|||
|
// //
|
|||
|
// Access to these variables is protected by the SepRmDbLock. //
|
|||
|
// //
|
|||
|
////////////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// Resource Locks - These locks protect access to the modifiable fields of
|
|||
|
// the reference monitor database. There is one lock for
|
|||
|
// a set of hash buckets.
|
|||
|
//
|
|||
|
|
|||
|
ERESOURCE SepRmDbLock[SEP_LOGON_TRACK_LOCK_ARRAY_SIZE] = {0};
|
|||
|
|
|||
|
#ifdef ALLOC_DATA_PRAGMA
|
|||
|
#pragma data_seg("PAGEDATA")
|
|||
|
#endif
|
|||
|
|
|||
|
|
|||
|
////////////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// Read Only Reference Monitor Variables //
|
|||
|
// //
|
|||
|
////////////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// The process within which the RM --> LSA command LPC port was established.
|
|||
|
// All calls from the reference monitor to the LSA must be made in this
|
|||
|
// process in order for the handle to be valid.
|
|||
|
|
|||
|
PEPROCESS SepRmLsaCallProcess = NULL;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// State of the reference monitor
|
|||
|
//
|
|||
|
|
|||
|
SEP_RM_STATE SepRmState = {0};
|
|||
|
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// The following array is used as a hash bucket for tracking logon sessions.
|
|||
|
// The sequence number of logon LUIDs is ANDed with 0x0F and then used as an
|
|||
|
// index into this array. This entry in the array serves as a listhead of
|
|||
|
// logon session reference count records.
|
|||
|
//
|
|||
|
|
|||
|
PSEP_LOGON_SESSION_REFERENCES *SepLogonSessions = NULL;
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// Variable Initialization Routines //
|
|||
|
// //
|
|||
|
////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
BOOLEAN
|
|||
|
SepRmDbInitialization(
|
|||
|
VOID
|
|||
|
)
|
|||
|
/*++
|
|||
|
|
|||
|
Routine Description:
|
|||
|
|
|||
|
This function initializes the reference monitor in-memory database.
|
|||
|
|
|||
|
Arguments:
|
|||
|
|
|||
|
None.
|
|||
|
|
|||
|
Return Value:
|
|||
|
|
|||
|
TRUE if database successfully initialized.
|
|||
|
FALSE if not successfully initialized.
|
|||
|
|
|||
|
--*/
|
|||
|
{
|
|||
|
NTSTATUS Status;
|
|||
|
ULONG i;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// Create the reference monitor database lock
|
|||
|
//
|
|||
|
// Use SepRmAcquireDbReadLock()
|
|||
|
// SepRmAcquireDbWriteLock()
|
|||
|
// SepRmReleaseDbReadLock()
|
|||
|
// SepRmReleaseDbWriteLock()
|
|||
|
//
|
|||
|
// to gain access to the reference monitor database.
|
|||
|
//
|
|||
|
|
|||
|
for (i=0;i<SEP_LOGON_TRACK_LOCK_ARRAY_SIZE;i++) {
|
|||
|
ExInitializeResourceLite(&(SepRmDbLock[ i ]));
|
|||
|
}
|
|||
|
|
|||
|
//
|
|||
|
// Initialize the Logon Session tracking array.
|
|||
|
//
|
|||
|
|
|||
|
SepLogonSessions = ExAllocatePoolWithTag( PagedPool,
|
|||
|
sizeof( PSEP_LOGON_SESSION_REFERENCES ) * SEP_LOGON_TRACK_ARRAY_SIZE,
|
|||
|
'SLeS'
|
|||
|
);
|
|||
|
|
|||
|
if (SepLogonSessions == NULL) {
|
|||
|
return( FALSE );
|
|||
|
}
|
|||
|
|
|||
|
for (i=0;i<SEP_LOGON_TRACK_ARRAY_SIZE;i++) {
|
|||
|
|
|||
|
SepLogonSessions[ i ] = NULL;
|
|||
|
}
|
|||
|
|
|||
|
//
|
|||
|
// Now add in a record representing the system logon session.
|
|||
|
//
|
|||
|
|
|||
|
Status = SepCreateLogonSessionTrack( (PLUID)&SeSystemAuthenticationId );
|
|||
|
ASSERT( NT_SUCCESS(Status) );
|
|||
|
if ( !NT_SUCCESS(Status)) {
|
|||
|
return FALSE;
|
|||
|
}
|
|||
|
|
|||
|
//
|
|||
|
// Add one for the null session logon session
|
|||
|
//
|
|||
|
|
|||
|
Status = SepCreateLogonSessionTrack( (PLUID)&SeAnonymousAuthenticationId );
|
|||
|
ASSERT( NT_SUCCESS(Status) );
|
|||
|
if ( !NT_SUCCESS(Status)) {
|
|||
|
return FALSE;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// The correct RM state will be set when the local security policy
|
|||
|
// information is retrieved (by the LSA) and subsequently passed to
|
|||
|
// the reference monitor later on in initialization. For now, initialize
|
|||
|
// the state to something that will work for the remainder of
|
|||
|
// system initialization.
|
|||
|
//
|
|||
|
|
|||
|
SepRmState.AuditingEnabled = 0; // auditing state disabled.
|
|||
|
SepRmState.OperationalMode = LSA_MODE_PASSWORD_PROTECTED;
|
|||
|
|
|||
|
|
|||
|
|
|||
|
return TRUE;
|
|||
|
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
#ifdef ALLOC_DATA_PRAGMA
|
|||
|
#pragma data_seg()
|
|||
|
#endif
|
|||
|
|