Main Page | Class Hierarchy | Class List | File List | Class Members | File Members

arcsec.c

Go to the documentation of this file.
00001 /*++
00002 
00003 Copyright (c) 1989-1993  Microsoft Corporation
00004 
00005 Module Name:
00006 
00007     arcsec.c
00008 
00009 Abstract:
00010 
00011     This module contains subroutines for protecting the system
00012     partition on an ARC system.
00013 
00014 Author:
00015 
00016     Jim Kelly  (JimK) 13-Jan-1993
00017 
00018 Environment:
00019 
00020     Kernel mode - system initialization
00021 
00022 Revision History:
00023 
00024 
00025 --*/
00026 
00027 #include "iop.h"
00028 
00029 //
00030 // Define procedures local to this module.
00031 //
00032 
00033 NTSTATUS
00034 IopApplySystemPartitionProt(
00035     IN PLOADER_PARAMETER_BLOCK LoaderBlock
00036     );
00037 
00038 #ifdef ALLOC_PRAGMA
00039 #pragma alloc_text(INIT,IopProtectSystemPartition)
00040 #pragma alloc_text(INIT,IopApplySystemPartitionProt)
00041 #endif
00042 
00043 //
00044 // This name must match the name use by the DISK MANAGER utility.
00045 // The Disk Manager creates and sets the value of this registry
00046 // key.  We only look at it.
00047 //
00048 
00049 #define IOP_SYSTEM_PART_PROT_KEY    L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa"
00050 #define IOP_SYSTEM_PART_PROT_VALUE  L"Protect System Partition"
00051 
00052 BOOLEAN
00053 IopProtectSystemPartition(
00054     IN PLOADER_PARAMETER_BLOCK LoaderBlock
00055     )
00056 
00057 /*++
00058 
00059 Routine Description:
00060 
00061     This routine assigns protection to the system partition of an
00062     ARC system, if necessary.  If this is not an ARC system, or
00063     the system partition does not need to be protected, then this
00064     routine does nothing.
00065 
00066 
00067 Arguments:
00068 
00069     LoaderBlock - Supplies a pointer to the loader parameter block that was
00070         created by the OS Loader.
00071 
00072 Return Value:
00073 
00074     The function value is a BOOLEAN indicating whether or not protection
00075     has been appropriately applied.   TRUE indicates no errors were
00076     encountered.  FALSE indicates an error was encountered.
00077 
00078 
00079 --*/
00080 
00081 {
00082 
00083     //
00084     // We only entertain the possibility of assigning protection
00085     // to the system partition if we are an ARC system.  For the
00086     // time being, the best way to determine if you are an ARC
00087     // system is to see if you aren't and X86 machine.  DavidRo
00088     // believes that at some point in the future we will have
00089     // ARC compliant X86 machines.  At that point in time, we
00090     // will need to change the following #ifdef's into something
00091     // that does a run-time determination.
00092     //
00093 
00094 #ifdef i386  // if (!ARC-Compliant system)
00095 
00096 
00097     //
00098     // Nothing to do for non-ARC systems
00099     //
00100 
00101     return(TRUE);
00102 
00103 
00104 #else // ARC-COMPLIANT system
00105 
00106     NTSTATUS status;
00107     NTSTATUS tmpStatus;
00108     HANDLE keyHandle;
00109     OBJECT_ATTRIBUTES objectAttributes;
00110     UNICODE_STRING keyName;
00111     UNICODE_STRING valueName;
00112     ULONG resultLength;
00113     ULONG keyBuffer[sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG )];
00114     PKEY_VALUE_PARTIAL_INFORMATION keyValue;
00115 
00116     //
00117     // This is an ARC system.  Attempt to retrieve information from the registry
00118     // indicating whether or not we should protect the system partition.
00119     //
00120 
00121     RtlInitUnicodeString( &keyName, IOP_SYSTEM_PART_PROT_KEY );
00122     InitializeObjectAttributes( &objectAttributes,
00123                                 &keyName,
00124                                 OBJ_CASE_INSENSITIVE,
00125                                 NULL,
00126                                 NULL );
00127     status = NtOpenKey( &keyHandle, KEY_READ, &objectAttributes);
00128 
00129     if (NT_SUCCESS( status )) {
00130 
00131         keyValue = (PKEY_VALUE_PARTIAL_INFORMATION) &keyBuffer[0];
00132         RtlInitUnicodeString( &valueName, IOP_SYSTEM_PART_PROT_VALUE );
00133         status = NtQueryValueKey( keyHandle,
00134                                   &valueName,
00135                                   KeyValuePartialInformation,
00136                                   keyValue,
00137                                   sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( ULONG ),
00138                                   &resultLength );
00139 
00140         if (NT_SUCCESS( status )) {
00141 
00142             PBOOLEAN applyIt;
00143 
00144             //
00145             // The appropriate information was located in the registry.  Now
00146             // determine whether or not is indicates that protection is to be
00147             // applied.
00148             //
00149 
00150             applyIt = &(keyValue->Data[0]);
00151 
00152             if (*applyIt) {
00153                 status = IopApplySystemPartitionProt( LoaderBlock );
00154             }
00155         }
00156 
00157         tmpStatus = NtClose( keyHandle );
00158         ASSERT(NT_SUCCESS( tmpStatus ));
00159     }
00160 
00161 
00162     return TRUE;
00163 
00164 #endif // ARC-COMPLIANT system
00165 }
00166 
00167 NTSTATUS
00168 IopApplySystemPartitionProt(
00169     IN PLOADER_PARAMETER_BLOCK LoaderBlock
00170     )
00171 
00172 /*++
00173 
00174 Routine Description:
00175 
00176     This routine applies protection to the system partition that
00177     prevents all users except administrators from accessing the
00178     partition.
00179 
00180 
00181     This routine is only used during system initialization.
00182     As such, all memory allocations are expected to succeed.
00183     Success is tested only with assertions.
00184 
00185 
00186 Arguments:
00187 
00188     LoaderBlock - Supplies a pointer to the loader parameter block that was
00189         created by the OS Loader.
00190 
00191 Return Value:
00192 
00193     The function value is the final status from attempting to set the system
00194     partition protection.
00195 
00196 
00197 --*/
00198 
00199 {
00200     NTSTATUS status;
00201     PACL dacl;
00202     SECURITY_DESCRIPTOR securityDescriptor;
00203     OBJECT_ATTRIBUTES objectAttributes;
00204     ULONG length;
00205     CHAR ArcNameFmt[12];
00206 
00207     ArcNameFmt[0] = '\\';
00208     ArcNameFmt[1] = 'A';
00209     ArcNameFmt[2] = 'r';
00210     ArcNameFmt[3] = 'c';
00211     ArcNameFmt[4] = 'N';
00212     ArcNameFmt[5] = 'a';
00213     ArcNameFmt[6] = 'm';
00214     ArcNameFmt[7] = 'e';
00215     ArcNameFmt[8] = '\\';
00216     ArcNameFmt[9] = '%';
00217     ArcNameFmt[10] = 's';
00218     ArcNameFmt[11] = '\0';
00219 
00220     ASSERT( ARGUMENT_PRESENT( LoaderBlock ) );
00221     ASSERT( ARGUMENT_PRESENT( LoaderBlock->ArcHalDeviceName ) );
00222 
00223     //
00224     // Build an appropriate discretionary ACL.
00225     //
00226 
00227     length = (ULONG) sizeof( ACL ) +
00228              ( 2 * ((ULONG) sizeof( ACCESS_ALLOWED_ACE ))) +
00229              SeLengthSid( SeLocalSystemSid ) +
00230              SeLengthSid( SeAliasAdminsSid ) +
00231              8; // The 8 is just for good measure
00232 
00233     dacl = (PACL) ExAllocatePool( PagedPool, length );
00234     if (!dacl) {
00235         return STATUS_INSUFFICIENT_RESOURCES;
00236     }
00237 
00238     status = RtlCreateAcl( dacl, length, ACL_REVISION2 );
00239     if (NT_SUCCESS( status )) {
00240 
00241         status = RtlAddAccessAllowedAce( dacl,
00242                                          ACL_REVISION2,
00243                                          GENERIC_ALL,
00244                                          SeLocalSystemSid );
00245         if (NT_SUCCESS( status )) {
00246 
00247             status = RtlAddAccessAllowedAce( dacl,
00248                                              ACL_REVISION2,
00249                                              GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | READ_CONTROL,
00250                                              SeAliasAdminsSid );
00251             if (NT_SUCCESS( status )) {
00252 
00253                 //
00254                 // Put it in a security descriptor so that it may be applied to
00255                 // the system partition device.
00256                 //
00257 
00258                 status = RtlCreateSecurityDescriptor( &securityDescriptor,
00259                                                       SECURITY_DESCRIPTOR_REVISION );
00260                 if (NT_SUCCESS( status )) {
00261 
00262                     status = RtlSetDaclSecurityDescriptor( &securityDescriptor,
00263                                                            TRUE,
00264                                                            dacl,
00265                                                            FALSE );
00266                 }
00267             }
00268         }
00269     }
00270 
00271     if (!NT_SUCCESS( status )) {
00272         ExFreePool( dacl );
00273         return status;
00274     }
00275 
00276     //
00277     // Open the ARC boot device and apply the ACL.
00278     //
00279 
00280     {
00281         NTSTATUS tmpStatus;
00282         UCHAR deviceNameBuffer[256];
00283         STRING deviceNameString;
00284         UNICODE_STRING deviceNameUnicodeString;
00285         HANDLE deviceHandle;
00286         IO_STATUS_BLOCK ioStatusBlock;
00287 
00288         //
00289         // Begin by formulating the ARC name of the boot device in the ARC
00290         // name space.
00291         //
00292 
00293         sprintf( deviceNameBuffer,
00294                  ArcNameFmt,
00295                  LoaderBlock->ArcHalDeviceName );
00296 
00297         RtlInitAnsiString( &deviceNameString, deviceNameBuffer );
00298 
00299         status = RtlAnsiStringToUnicodeString( &deviceNameUnicodeString,
00300                                                &deviceNameString,
00301                                                TRUE );
00302 
00303         if (NT_SUCCESS( status )) {
00304 
00305             InitializeObjectAttributes( &objectAttributes,
00306                                         &deviceNameUnicodeString,
00307                                         OBJ_CASE_INSENSITIVE,
00308                                         NULL,
00309                                         NULL );
00310 
00311             status = ZwOpenFile( &deviceHandle,
00312                                  WRITE_DAC,
00313                                  &objectAttributes,
00314                                  &ioStatusBlock,
00315                                  TRUE,
00316                                  0 );
00317 
00318             RtlFreeUnicodeString( &deviceNameUnicodeString );
00319 
00320             if (NT_SUCCESS( status )) {
00321 
00322 
00323                 //
00324                 // Apply the ACL built above to the system partition device
00325                 // object.
00326                 //
00327 
00328                 status = ZwSetSecurityObject( deviceHandle,
00329                                               DACL_SECURITY_INFORMATION,
00330                                               &securityDescriptor );
00331 
00332                 tmpStatus = NtClose( deviceHandle );
00333             }
00334         }
00335     }
00336 
00337     //
00338     // Free the memory used to hold the ACL.
00339     //
00340 
00341     ExFreePool( dacl );
00342 
00343     return status;
00344 }
Generated on Sat May 15 19:39:16 2004 for test by doxygen 1.3.7