2020-09-30 16:53:55 +02:00

235 lines
7.0 KiB
C
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
rmp.h
Abstract:
Security Reference Monitor Private Data Types, Functions and Defines
Author:
Scott Birrell (ScottBi) March 12, 1991
Environment:
Revision History:
--*/
#ifndef _RMP_H_
#define _RMP_H_
#include <nt.h>
#include <ntlsa.h>
#include "sep.h"
///////////////////////////////////////////////////////////////////////////////
// //
// Reference Monitor Private defines //
// //
///////////////////////////////////////////////////////////////////////////////
//
// Used to define the bounds of the array used to track logon session
// reference counts.
//
#define SEP_LOGON_TRACK_INDEX_MASK (0x0000000FL)
#define SEP_LOGON_TRACK_ARRAY_SIZE (0x00000010L)
//
// Used to define the bounds of the locks array used to reference the logon
// sessions. We use a hardcoded index of ZERO for when LogonId is not
// available.
// The number of locks was chosen to be 4 based on performance tests on
// uniproc and 8-proc machines.
//
#define SEP_LOGON_TRACK_LOCK_INDEX_MASK (0x00000003L)
#define SEP_LOGON_TRACK_LOCK_ARRAY_SIZE (0x00000004L)
#define SEP_HARDCODED_LOCK_INDEX (0)
///////////////////////////////////////////////////////////////////////////////
// //
// Reference Monitor Private Macros //
// //
///////////////////////////////////////////////////////////////////////////////
//
// acquire exclusive access to a token
//
#define SepRmAcquireDbReadLock(i) KeEnterCriticalRegion(); \
ExAcquireResourceSharedLite(&(SepRmDbLock[(i) & SEP_LOGON_TRACK_LOCK_INDEX_MASK]), TRUE)
#define SepRmAcquireDbWriteLock(i) KeEnterCriticalRegion(); \
ExAcquireResourceExclusiveLite(&(SepRmDbLock[(i) & SEP_LOGON_TRACK_LOCK_INDEX_MASK]), TRUE)
#define SepRmReleaseDbReadLock(i) ExReleaseResourceLite(&(SepRmDbLock[(i) & SEP_LOGON_TRACK_LOCK_INDEX_MASK])); \
KeLeaveCriticalRegion()
#define SepRmReleaseDbWriteLock(i) ExReleaseResourceLite(&(SepRmDbLock[(i) & SEP_LOGON_TRACK_LOCK_INDEX_MASK])); \
KeLeaveCriticalRegion()
///////////////////////////////////////////////////////////////////////////////
// //
// Reference Monitor Private Data Types //
// //
///////////////////////////////////////////////////////////////////////////////
#define SEP_RM_LSA_SHARED_MEMORY_SIZE ((ULONG) PAGE_SIZE)
//
// Reference Monitor Private Global State Data Structure
//
typedef struct _SEP_RM_STATE {
HANDLE LsaInitEventHandle;
HANDLE LsaCommandPortHandle;
HANDLE SepRmThreadHandle;
HANDLE RmCommandPortHandle;
HANDLE RmCommandServerPortHandle;
ULONG AuditingEnabled;
LSA_OPERATIONAL_MODE OperationalMode;
HANDLE LsaCommandPortSectionHandle;
LARGE_INTEGER LsaCommandPortSectionSize;
PVOID LsaViewPortMemory;
PVOID RmViewPortMemory;
LONG LsaCommandPortMemoryDelta;
// BOOLEAN LsaCommandPortResourceInitialized;
BOOLEAN LsaCommandPortActive;
// ERESOURCE LsaCommandPortResource;
} SEP_RM_STATE, *PSEP_RM_STATE;
//
// Reference Monitor Command Port Connection Info
//
typedef struct _SEP_RM_CONNECT_INFO {
ULONG ConnectInfo;
} SEP_RM_CONNECT_INFO;
typedef struct SEP_RM_CONNECT_INFO *PSEP_RM_CONNECT_INFO;
//
// Reference Monitor Command Table Entry Format
//
#define SEP_RM_COMMAND_MAX 4
typedef VOID (*SEP_RM_COMMAND_WORKER)( PRM_COMMAND_MESSAGE, PRM_REPLY_MESSAGE );
typedef struct _SEP_LOGON_SESSION_TOKEN {
LIST_ENTRY ListEntry;
PTOKEN Token;
} SEP_LOGON_SESSION_TOKEN, *PSEP_LOGON_SESSION_TOKEN;
#define SEP_TERMINATION_NOTIFY 0x1
//
// File systems interested in being notified when a logon session is being
// terminated register a callback routine. The following data structure
// describes the callback routines.
//
// The global list of callback routines is pointed to by SeFileSystemNotifyRoutines.
// This list is protected by the RM database lock.
//
typedef struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION {
struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION *Next;
PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine;
} SEP_LOGON_SESSION_TERMINATED_NOTIFICATION, *PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION;
extern SEP_LOGON_SESSION_TERMINATED_NOTIFICATION
SeFileSystemNotifyRoutinesHead;
///////////////////////////////////////////////////////////////////////////////
// //
// Reference Monitor Private Function Prototypes //
// //
///////////////////////////////////////////////////////////////////////////////
BOOLEAN
SepRmDbInitialization(
VOID
);
VOID
SepRmCommandServerThread(
IN PVOID StartContext
);
BOOLEAN SepRmCommandServerThreadInit(
);
VOID
SepRmComponentTestCommandWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
);
VOID
SepRmSetAuditEventWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
);
VOID
SepRmSendCommandToLsaWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
);
VOID
SepRmCreateLogonSessionWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
);
VOID
SepRmDeleteLogonSessionWrkr(
IN PRM_COMMAND_MESSAGE CommandMessage,
OUT PRM_REPLY_MESSAGE ReplyMessage
) ;
NTSTATUS
SepCreateLogonSessionTrack(
IN PLUID LogonId
);
NTSTATUS
SepDeleteLogonSessionTrack(
IN PLUID LogonId
);
///////////////////////////////////////////////////////////////////////////////
// //
// Reference Monitor Private Variables Declarations //
// These variables are defined in rmvars.c //
// //
///////////////////////////////////////////////////////////////////////////////
extern PEPROCESS SepRmLsaCallProcess;
extern SEP_RM_STATE SepRmState;
extern ERESOURCE SepRmDbLock[];
extern PSEP_LOGON_SESSION_REFERENCES *SepLogonSessions;
#endif // _RMP_H_