Main Page | Class Hierarchy | Class List | File List | Class Members | File Members

rmvars.c

Go to the documentation of this file.
00001 /*++
00002 
00003 Copyright (c) 1989  Microsoft Corporation
00004 
00005 Module Name:
00006 
00007     rmvars.c
00008 
00009 Abstract:
00010 
00011    This module contains the variables used to implement the run-time
00012    reference monitor database.
00013 
00014 Author:
00015 
00016     Jim Kelly (JimK) 2-Apr-1991
00017 
00018 Environment:
00019 
00020     Kernel mode only.
00021 
00022 Revision History:
00023 
00024 --*/
00025 
00026 #include "rmp.h"
00027 
00028 #ifdef ALLOC_PRAGMA
00029 #pragma alloc_text(INIT,SepRmDbInitialization)
00030 #endif
00031 
00032 
00033 
00035 //                                                                            //
00036 //  Read Only Reference Monitor Variables                                     //
00037 //                                                                            //
00039 
00040 
00041 //
00042 // The process within which the RM --> LSA command LPC port was established.
00043 // All calls from the reference monitor to the LSA must be made in this
00044 // process in order for the handle to be valid.
00045 
00046 PEPROCESS SepRmLsaCallProcess;
00047 
00048 
00049 
00051 //                                                                            //
00052 //  Read/Write Reference Monitor Variables                                    //
00053 //                                                                            //
00054 //  Access to these variables is protected by the SepRmDbLock.                //
00055 //                                                                            //
00057 
00058 
00059 //
00060 //  Resource Lock  - This lock protects access to the modifiable fields of
00061 //                   the reference monitor database
00062 //
00063 
00064 ERESOURCE SepRmDbLock;
00065 
00066 
00067 //
00068 // State of the reference monitor
00069 //
00070 
00071 SEP_RM_STATE SepRmState;
00072 
00073 
00074 
00075 //
00076 // The following array is used as a hash bucket for tracking logon sessions.
00077 // The sequence number of logon LUIDs is ANDed with 0x0F and then used as an
00078 // index into this array.  This entry in the array serves as a listhead of
00079 // logon session reference count records.
00080 //
00081 
00082 PSEP_LOGON_SESSION_REFERENCES *SepLogonSessions = NULL;
00083 
00084 
00085 
00086 
00087 
00089 //                                                                    //
00090 //           Variable Initialization Routines                         //
00091 //                                                                    //
00093 
00094 BOOLEAN
00095 SepRmDbInitialization(
00096     VOID
00097     )
00098 /*++
00099 
00100 Routine Description:
00101 
00102     This function initializes the reference monitor in-memory database.
00103 
00104 Arguments:
00105 
00106     None.
00107 
00108 Return Value:
00109 
00110     TRUE if database successfully initialized.
00111     FALSE if not successfully initialized.
00112 
00113 --*/
00114 {
00115     NTSTATUS Status;
00116     ULONG i;
00117 
00118 
00119     //
00120     // Create the reference monitor database lock
00121     //
00122     // Use SepRmAcquireDbReadLock()
00123     //     SepRmAcquireDbWriteLock()
00124     //     SepRmReleaseDbReadLock()
00125     //     SepRmReleaseDbWriteLock()
00126     //
00127     // to gain access to the reference monitor database.
00128     //
00129 
00130     ExInitializeResource(&SepRmDbLock);
00131 
00132     //
00133     // Initialize the Logon Session tracking array.
00134     //
00135 
00136     SepLogonSessions = ExAllocatePoolWithTag( PagedPool,
00137                                               sizeof( PSEP_LOGON_SESSION_REFERENCES ) * SEP_LOGON_TRACK_ARRAY_SIZE,
00138                                               'SLeS'
00139                                               );
00140 
00141     if (SepLogonSessions == NULL) {
00142         return( FALSE );
00143     }
00144 
00145     for (i=0;i<SEP_LOGON_TRACK_ARRAY_SIZE;i++) {
00146 
00147         SepLogonSessions[ i ] = NULL;
00148     }
00149 
00150     //
00151     // Now add in a record representing the system logon session.
00152     //
00153 
00154     Status = SepCreateLogonSessionTrack( &SeSystemAuthenticationId );
00155     ASSERT( NT_SUCCESS(Status) );
00156     if ( !NT_SUCCESS(Status)) {
00157         return FALSE;
00158     }
00159 
00160     //
00161     // Add one for the null session logon session
00162     //
00163 
00164     Status = SepCreateLogonSessionTrack( &SeAnonymousAuthenticationId );
00165     ASSERT( NT_SUCCESS(Status) );
00166     if ( !NT_SUCCESS(Status)) {
00167         return FALSE;
00168     }
00169 
00170 
00171 
00172 
00173     //
00174     // The correct RM state will be set when the local security policy
00175     // information is retrieved (by the LSA) and subsequently passed to
00176     // the reference monitor later on in initialization.  For now, initialize
00177     // the state to something that will work for the remainder of
00178     // system initialization.
00179     //
00180 
00181     SepRmState.AuditingEnabled = 0;    // auditing state disabled.
00182     SepRmState.OperationalMode = LSA_MODE_PASSWORD_PROTECTED;
00183 
00184 
00185 
00186     return TRUE;
00187 
00188 
00189 }
Generated on Sat May 15 19:41:40 2004 for test by doxygen 1.3.7