arcsec.c File Reference

#include "iop.h"

Go to the source code of this file.

Defines
#define	IOP_SYSTEM_PART_PROT_KEY   L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa"
#define	IOP_SYSTEM_PART_PROT_VALUE   L"Protect System Partition"
Functions
NTSTATUS	IopApplySystemPartitionProt (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
BOOLEAN	IopProtectSystemPartition (IN PLOADER_PARAMETER_BLOCK LoaderBlock)

---

Define Documentation

#define IOP_SYSTEM_PART_PROT_KEY   L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa"

Definition at line 49 of file arcsec.c. Referenced by IopProtectSystemPartition().

#define IOP_SYSTEM_PART_PROT_VALUE   L"Protect System Partition"

Definition at line 50 of file arcsec.c. Referenced by IopProtectSystemPartition().

---

Function Documentation

NTSTATUS IopApplySystemPartitionProt (  IN PLOADER_PARAMETER_BLOCK  LoaderBlock  )

Definition at line 168 of file arcsec.c. References ASSERT, CHAR, ExAllocatePool, ExFreePool(), FALSE, NT_SUCCESS, NtClose(), NTSTATUS(), NULL, PagedPool, RtlAddAccessAllowedAce(), RtlAnsiStringToUnicodeString(), RtlCreateAcl(), RtlCreateSecurityDescriptor(), RtlFreeUnicodeString(), RtlInitAnsiString(), RtlSetDaclSecurityDescriptor(), SeAliasAdminsSid, SeLengthSid, SeLocalSystemSid, sprintf(), TRUE, and ZwOpenFile(). Referenced by IopProtectSystemPartition(). 00174 : 00175 00176 This routine applies protection to the system partition that 00177 prevents all users except administrators from accessing the 00178 partition. 00179 00180 00181 This routine is only used during system initialization. 00182 As such, all memory allocations are expected to succeed. 00183 Success is tested only with assertions. 00184 00185 00186 Arguments: 00187 00188 LoaderBlock - Supplies a pointer to the loader parameter block that was 00189 created by the OS Loader. 00190 00191 Return Value: 00192 00193 The function value is the final status from attempting to set the system 00194 partition protection. 00195 00196 00197 --*/ 00198 00199 { 00200 NTSTATUS status; 00201 PACL dacl; 00202 SECURITY_DESCRIPTOR securityDescriptor; 00203 OBJECT_ATTRIBUTES objectAttributes; 00204 ULONG length; 00205 CHAR ArcNameFmt[12]; 00206 00207 ArcNameFmt[0] = '\\'; 00208 ArcNameFmt[1] = 'A'; 00209 ArcNameFmt[2] = 'r'; 00210 ArcNameFmt[3] = 'c'; 00211 ArcNameFmt[4] = 'N'; 00212 ArcNameFmt[5] = 'a'; 00213 ArcNameFmt[6] = 'm'; 00214 ArcNameFmt[7] = 'e'; 00215 ArcNameFmt[8] = '\\'; 00216 ArcNameFmt[9] = '%'; 00217 ArcNameFmt[10] = 's'; 00218 ArcNameFmt[11] = '\0'; 00219 00220 ASSERT( ARGUMENT_PRESENT( LoaderBlock ) ); 00221 ASSERT( ARGUMENT_PRESENT( LoaderBlock->ArcHalDeviceName ) ); 00222 00223 // 00224 // Build an appropriate discretionary ACL. 00225 // 00226 00227 length = (ULONG) sizeof( ACL ) + 00228 ( 2 * ((ULONG) sizeof( ACCESS_ALLOWED_ACE ))) + 00229 SeLengthSid( SeLocalSystemSid ) + 00230 SeLengthSid( SeAliasAdminsSid ) + 00231 8; // The 8 is just for good measure 00232 00233 dacl = (PACL) ExAllocatePool( PagedPool, length ); 00234 if (!dacl) { 00235 return STATUS_INSUFFICIENT_RESOURCES; 00236 } 00237 00238 status = RtlCreateAcl( dacl, length, ACL_REVISION2 ); 00239 if (NT_SUCCESS( status )) { 00240 00241 status = RtlAddAccessAllowedAce( dacl, 00242 ACL_REVISION2, 00243 GENERIC_ALL, 00244 SeLocalSystemSid ); 00245 if (NT_SUCCESS( status )) { 00246 00247 status = RtlAddAccessAllowedAce( dacl, 00248 ACL_REVISION2, 00249 GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | READ_CONTROL, 00250 SeAliasAdminsSid ); 00251 if (NT_SUCCESS( status )) { 00252 00253 // 00254 // Put it in a security descriptor so that it may be applied to 00255 // the system partition device. 00256 // 00257 00258 status = RtlCreateSecurityDescriptor( &securityDescriptor, 00259 SECURITY_DESCRIPTOR_REVISION ); 00260 if (NT_SUCCESS( status )) { 00261 00262 status = RtlSetDaclSecurityDescriptor( &securityDescriptor, 00263 TRUE, 00264 dacl, 00265 FALSE ); 00266 } 00267 } 00268 } 00269 } 00270 00271 if (!NT_SUCCESS( status )) { 00272 ExFreePool( dacl ); 00273 return status; 00274 } 00275 00276 // 00277 // Open the ARC boot device and apply the ACL. 00278 // 00279 00280 { 00281 NTSTATUS tmpStatus; 00282 UCHAR deviceNameBuffer[256]; 00283 STRING deviceNameString; 00284 UNICODE_STRING deviceNameUnicodeString; 00285 HANDLE deviceHandle; 00286 IO_STATUS_BLOCK ioStatusBlock; 00287 00288 // 00289 // Begin by formulating the ARC name of the boot device in the ARC 00290 // name space. 00291 // 00292 00293 sprintf( deviceNameBuffer, 00294 ArcNameFmt, 00295 LoaderBlock->ArcHalDeviceName ); 00296 00297 RtlInitAnsiString( &deviceNameString, deviceNameBuffer ); 00298 00299 status = RtlAnsiStringToUnicodeString( &deviceNameUnicodeString, 00300 &deviceNameString, 00301 TRUE ); 00302 00303 if (NT_SUCCESS( status )) { 00304 00305 InitializeObjectAttributes( &objectAttributes, 00306 &deviceNameUnicodeString, 00307 OBJ_CASE_INSENSITIVE, 00308 NULL, 00309 NULL ); 00310 00311 status = ZwOpenFile( &deviceHandle, 00312 WRITE_DAC, 00313 &objectAttributes, 00314 &ioStatusBlock, 00315 TRUE, 00316 0 ); 00317 00318 RtlFreeUnicodeString( &deviceNameUnicodeString ); 00319 00320 if (NT_SUCCESS( status )) { 00321 00322 00323 // 00324 // Apply the ACL built above to the system partition device 00325 // object. 00326 // 00327 00328 status = ZwSetSecurityObject( deviceHandle, 00329 DACL_SECURITY_INFORMATION, 00330 &securityDescriptor ); 00331 00332 tmpStatus = NtClose( deviceHandle ); 00333 } 00334 } 00335 } 00336 00337 // 00338 // Free the memory used to hold the ACL. 00339 // 00340 00341 ExFreePool( dacl ); 00342 00343 return status; 00344 } }

BOOLEAN IopProtectSystemPartition (  IN PLOADER_PARAMETER_BLOCK  LoaderBlock  )

Definition at line 53 of file arcsec.c. References ASSERT, IOP_SYSTEM_PART_PROT_KEY, IOP_SYSTEM_PART_PROT_VALUE, IopApplySystemPartitionProt(), NT_SUCCESS, NtClose(), NtOpenKey(), NtQueryValueKey(), NTSTATUS(), NULL, RtlInitUnicodeString(), and TRUE. Referenced by IoInitSystem(). 00059 : 00060 00061 This routine assigns protection to the system partition of an 00062 ARC system, if necessary. If this is not an ARC system, or 00063 the system partition does not need to be protected, then this 00064 routine does nothing. 00065 00066 00067 Arguments: 00068 00069 LoaderBlock - Supplies a pointer to the loader parameter block that was 00070 created by the OS Loader. 00071 00072 Return Value: 00073 00074 The function value is a BOOLEAN indicating whether or not protection 00075 has been appropriately applied. TRUE indicates no errors were 00076 encountered. FALSE indicates an error was encountered. 00077 00078 00079 --*/ 00080 00081 { 00082 00083 // 00084 // We only entertain the possibility of assigning protection 00085 // to the system partition if we are an ARC system. For the 00086 // time being, the best way to determine if you are an ARC 00087 // system is to see if you aren't and X86 machine. DavidRo 00088 // believes that at some point in the future we will have 00089 // ARC compliant X86 machines. At that point in time, we 00090 // will need to change the following #ifdef's into something 00091 // that does a run-time determination. 00092 // 00093 00094 #ifdef i386 // if (!ARC-Compliant system) 00095 00096 00097 // 00098 // Nothing to do for non-ARC systems 00099 // 00100 00101 return(TRUE); 00102 00103 00104 #else // ARC-COMPLIANT system 00105 00106 NTSTATUS status; 00107 NTSTATUS tmpStatus; 00108 HANDLE keyHandle; 00109 OBJECT_ATTRIBUTES objectAttributes; 00110 UNICODE_STRING keyName; 00111 UNICODE_STRING valueName; 00112 ULONG resultLength; 00113 ULONG keyBuffer[sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG )]; 00114 PKEY_VALUE_PARTIAL_INFORMATION keyValue; 00115 00116 // 00117 // This is an ARC system. Attempt to retrieve information from the registry 00118 // indicating whether or not we should protect the system partition. 00119 // 00120 00121 RtlInitUnicodeString( &keyName, IOP_SYSTEM_PART_PROT_KEY ); 00122 InitializeObjectAttributes( &objectAttributes, 00123 &keyName, 00124 OBJ_CASE_INSENSITIVE, 00125 NULL, 00126 NULL ); 00127 status = NtOpenKey( &keyHandle, KEY_READ, &objectAttributes); 00128 00129 if (NT_SUCCESS( status )) { 00130 00131 keyValue = (PKEY_VALUE_PARTIAL_INFORMATION) &keyBuffer[0]; 00132 RtlInitUnicodeString( &valueName, IOP_SYSTEM_PART_PROT_VALUE ); 00133 status = NtQueryValueKey( keyHandle, 00134 &valueName, 00135 KeyValuePartialInformation, 00136 keyValue, 00137 sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG ), 00138 &resultLength ); 00139 00140 if (NT_SUCCESS( status )) { 00141 00142 PBOOLEAN applyIt; 00143 00144 // 00145 // The appropriate information was located in the registry. Now 00146 // determine whether or not is indicates that protection is to be 00147 // applied. 00148 // 00149 00150 applyIt = &(keyValue->Data[0]); 00151 00152 if (*applyIt) { 00153 status = IopApplySystemPartitionProt( LoaderBlock ); 00154 } 00155 } 00156 00157 tmpStatus = NtClose( keyHandle ); 00158 ASSERT(NT_SUCCESS( tmpStatus )); 00159 } 00160 00161 00162 return TRUE; 00163 00164 #endif // ARC-COMPLIANT system 00165 }

---