/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */ void PLUGIN_GENERIC_HELP( _In_ PLUGIN_API_TABLE const * const api ) { API_LOG(Bypass, _T("Keeps ACE with an InheritedObjectType matching the one specified in the <inhobjtype> plugin option")); API_LOG(Bypass, _T("If <inhobjtype> is not specified, keeps Object-ACE with an empty InheritedObjectType")); API_LOG(Bypass, _T("<inhobjtype> must be a GUID, enclosed or not in curly braces")); }
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */ void PLUGIN_GENERIC_HELP( _In_ PLUGIN_API_TABLE const * const api ) { API_LOG(Bypass, _T("Specify the DN or SID of the trustee to be filtered with the <trustee> plugin option (no default)")); API_LOG(Bypass, _T("If a SID is specified, it musts start with <%s> to be valid"), SID_STR_PREFIX); API_LOG(Bypass, _T("ACE granting permissions to trustees matching the specified values are kept.")); }
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */ void PLUGIN_GENERIC_HELP( _In_ PLUGIN_API_TABLE const * const api ) { API_LOG(Bypass, _T("Specify the outfile with the <msrout> plugin option")); API_LOG(Bypass, _T("The default outfile is <%s>"), DEFAULT_MSR_OUTFILE); API_LOG(Bypass, _T("Some filters does not associate 'relations' (and the corresponding keywords) to ACE they filter,")); API_LOG(Bypass, _T("in this case, the generic relation keyword is used in the msr outfile : <%s>"), DEFAULT_MSR_NO_RELATION_KEYWORD); }
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */ void PLUGIN_GENERIC_HELP( _In_ PLUGIN_API_TABLE const * const api ) { API_LOG(Bypass, _T("Keeps ACE allowing control relations on files. Currently checked control relations are :")); API_LOG(Bypass, _T("- Generic rights : GENERIC_ALL, GENERIC_WRITE")); API_LOG(Bypass, _T("- Standard rights : WRITE_DAC, WRITE_OWNER")); API_LOG(Bypass, _T("- Specific rights : FILE_WRITE_DATA/FILE_ADD_FILE, FILE_APPEND_DATA/FILE_ADD_SUBDIRECTORY")); API_LOG(Bypass, _T("This filter set 'relations' on the ACE, and must be combined with the MSR writer for these relations to be outputed.")); }
BOOL PLUGIN_GENERIC_INITIALIZE( _In_ PLUGIN_API_TABLE const * const api ) { BOOL bResult = FALSE; PTCHAR pptAttrsListForCsv[MMR_OUTFILE_HEADER_COUNT] = MMR_OUTFILE_HEADER; bResult = ApiHeapCreateX(&gs_hHeapMasterSlave, MASTERMAILBOX_HEAP_NAME, NULL); if (API_FAILED(bResult)) { return ERROR_VALUE; } gs_outfileName = api->Common.GetPluginOption(_T("mmrout"), FALSE); if (!gs_outfileName) { gs_outfileName = DEFAULT_MMR_OUTFILE; } gs_outDenyfileName = ApiHeapAllocX(gs_hHeapMasterSlave, (DWORD)((_tcslen(gs_outfileName) + 10) * sizeof(TCHAR))); _stprintf_s(gs_outDenyfileName, _tcslen(gs_outfileName) + 10, _T("%s.deny.csv"), gs_outfileName); API_LOG(Info, _T("Outfiles are <%s>/<%s>"), gs_outfileName, gs_outDenyfileName); bResult = api->InputCsv.CsvOpenWrite(gs_outfileName, MMR_OUTFILE_HEADER_COUNT, pptAttrsListForCsv, &gs_hOutfile); if (!bResult) { API_FATAL(_T("Failed to open CSV outfile <%s>: <err:%#08x>"), gs_outfileName, api->InputCsv.CsvGetLastError(gs_hOutfile)); } bResult = api->InputCsv.CsvOpenWrite(gs_outDenyfileName, MMR_OUTFILE_HEADER_COUNT, pptAttrsListForCsv, &gs_hOutDenyfile); if (!bResult) { API_FATAL(_T("Failed to open CSV outfile <%s>: <err:%#08x>"), gs_outDenyfileName, api->InputCsv.CsvGetLastError(gs_hOutDenyfile)); } return TRUE; }
BOOL PLUGIN_WRITER_WRITEACE( _In_ PLUGIN_API_TABLE const * const api, _Inout_ PIMPORTED_ACE ace ) { DWORD i = 0; DWORD relCount = 0; LPTSTR resolvedTrustee = NULL; LPTSTR resolvedMail = NULL; resolvedTrustee = api->Resolver.ResolverGetAceTrusteeStr(ace); resolvedMail = api->Resolver.ResolverGetAceObjectMail(ace); if (!resolvedMail) { API_LOG(Dbg, _T("Object has mbx sd without mail address : <%s>"), ace->imported.objectDn); return TRUE; } for (i = 0; i < ACE_REL_COUNT; i++) { if (HAS_RELATION(ace, i)) { relCount++; if (IS_ALLOWED_ACE(ace->imported.raw)) WriteRelation(api, resolvedTrustee, resolvedMail, api->Ace.GetAceRelationStr(i), gs_hOutfile); else WriteRelation(api, resolvedTrustee, resolvedMail, api->Ace.GetAceRelationStr(i), gs_hOutDenyfile); } } return TRUE; }
BOOL PLUGIN_GENERIC_FINALIZE( _In_ PLUGIN_API_TABLE const * const api ) { if (!CloseHandle(gs_hOutfile)) { API_LOG(Err, _T("Failed to close outfile handle : <%u>"), GetLastError()); return FALSE; } return TRUE; }
BOOL PLUGIN_GENERIC_INITIALIZE( _In_ PLUGIN_API_TABLE const * const api ) { BOOL bResult = FALSE; LPTSTR trustee = api->Common.GetPluginOption(_T("trustee"), TRUE); if (_tcsncmp(SID_STR_PREFIX, trustee, strlen(SID_STR_PREFIX)) == 0) { bResult = ConvertStringSidToSid(trustee, &gs_TrusteeFilter); if (!bResult) { API_FATAL(_T("Failed to convert SID <%s> to its binary form : <%u>"), trustee, GetLastError()); } API_LOG(Info, _T("Filtering trustee by SID <%s>"), trustee); } else { // Resolution will take place later since resolver has not been activated yet gs_TrusteeDnFilter = trustee; API_LOG(Info, _T("Filtering trustee by DN <%s>"), trustee); } return TRUE; }
static void camrea_flash_set_enable(struct camera_flash_dev *dev, int value) { API_LOG("%s(%d) \n", __func__, value); if( value == 1 ) { camera_flash_test_mode_led_trigger(MSM_CAMERA_LED_LOW); } else { camera_flash_test_mode_led_trigger(MSM_CAMERA_LED_OFF); } }
/* --- PRIVATE FUNCTIONS ---------------------------------------------------- */ static void WriteRelation( _In_ PLUGIN_API_TABLE const * const api, _In_ LPTSTR master, _In_ LPTSTR slave, _In_ LPTSTR relationKeyword ) { TCHAR outline[MAX_LINE] = { 0 }; DWORD dwWritten = 0; BOOL bResult = FALSE; int size = 0; size = _stprintf_s(outline, _countof(outline)-1, MSR_OUTFILE_FORMAT, master, slave, relationKeyword); if (size == -1) { API_LOG(Err, _T("Failed to format outline <%s : %s>"), master, slave); return; } else { bResult = WriteFile(gs_hOutfile, outline, size, &dwWritten, NULL); if (!bResult) { API_LOG(Err, _T("Failed to write outline <%s : %s>"), master, slave); } } }
BOOL PLUGIN_GENERIC_INITIALIZE( _In_ PLUGIN_API_TABLE const * const api ) { BOOL bResult = FALSE; LPTSTR inhobjty = api->Common.GetPluginOption(_T("inhobjtype"), FALSE); // TODO : guid resolution from resolved str form could be nice here if (!inhobjty) { API_LOG(Info, _T("Filtering empty inheritedObjectType")); gs_EmptyInhObjType = TRUE; } else { bResult = api->Common.ConvertStrGuidToGuid(inhobjty, &gs_InhObjectTypeFilter); gs_EmptyInhObjType = FALSE; if (bResult != NOERROR) { API_FATAL(_T("Error while converting inherited object type guid <%s> to its binary form : <%#08x)"), inhobjty, bResult); } else { API_LOG(Info, _T("Filtering inheritedObjectType <%s>"), inhobjty); } } return TRUE; }
BOOL PLUGIN_GENERIC_FINALIZE( _In_ PLUGIN_API_TABLE const * const api ) { BOOL bResult = FALSE; if (!api->InputCsv.CsvClose(&gs_hOutfile) || !api->InputCsv.CsvClose(&gs_hOutDenyfile)) { API_LOG(Err, _T("Failed to close outfiles handles : <%u>"), GetLastError()); return FALSE; } bResult = ApiHeapDestroyX(&gs_hHeapMasterSlave); if (API_FAILED(bResult)) { return ERROR_VALUE; } return TRUE; }
BOOL PLUGIN_GENERIC_INITIALIZE( _In_ PLUGIN_API_TABLE const * const api ) { DWORD dwWritten = 0; BOOL bResult = FALSE; gs_outfileName = api->Common.GetPluginOption(_T("msrout"), FALSE); if (!gs_outfileName) { gs_outfileName = DEFAULT_MSR_OUTFILE; } API_LOG(Info, _T("Outfile is <%s>"), gs_outfileName); gs_hOutfile = CreateFile(gs_outfileName, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_TEMPORARY, NULL); if (gs_hOutfile == INVALID_HANDLE_VALUE) { API_FATAL(_T("Failed to create outfile <%s> : <%u>"), gs_outfileName, GetLastError()); } bResult = WriteFile(gs_hOutfile, MSR_OUTFILE_HEADER, (DWORD)_tcslen(MSR_OUTFILE_HEADER), &dwWritten, NULL); if (!bResult) { API_FATAL(_T("Failed to write header to outfile <%s> : <%u>"), gs_outfileName, GetLastError()); } return TRUE; }
static int camrea_flash_get_select(struct camera_flash_dev *dev) { API_LOG("%s() \n", __func__); return(cabl_mode); }
BOOL PLUGIN_FILTER_FILTERACE( _In_ PLUGIN_API_TABLE const * const api, _Inout_ PIMPORTED_ACE ace ) { /* - Generic rights : --- GENERIC_WRITE --- GENERIC_ALL - Standards rights : --- WRITE_DAC --- WRITE_OWNER - Files Specific rights (file/dir) : --- FILE_WRITE_DATA / FILE_ADD_FILE --- FILE_APPEND_DATA / FILE_ADD_SUBDIRECTORY */ DWORD dwAccessMask = 0; DWORD i = 0; // // Get properties // dwAccessMask = api->Ace.GetAccessMask(ace); // // Control case : Generic right GENERIC_WRITE // if (dwAccessMask & ADS_RIGHT_GENERIC_WRITE) SET_RELATION(ace, GEN_RIGHT_WRITE); // // Control case : Generic right GENERIC_ALL // if (dwAccessMask & ADS_RIGHT_GENERIC_ALL) SET_RELATION(ace, GEN_RIGHT_ALL); // // Control case : Standard right WRITE_DAC // if (dwAccessMask & ADS_RIGHT_WRITE_DAC) SET_RELATION(ace, STAND_RIGHT_WRITE_DAC); // // Control case : Standard right WRITE_OWNER // if (dwAccessMask & ADS_RIGHT_WRITE_OWNER) SET_RELATION(ace, STAND_RIGHT_WRITE_OWNER); // // Control case : Specific right FILE_WRITE_DATA / FILE_ADD_FILE // if (dwAccessMask & FILE_WRITEDATA_ADDFILE) SET_RELATION(ace, FS_RIGHT_WRITEDATA_ADDFILE); // // Control case : Specific right FILE_APPEND_DATA / FILE_ADD_SUBDIRECTORY // if (dwAccessMask & FILE_APPENDDATA_ADDSUBDIR) SET_RELATION(ace, FS_RIGHT_APPENDDATA_ADDSUBDIR); // // Only "*_ALLOWED_*" ace types can allow control // But DENY ace on control parameters cannot be processed on a per-ace model in the control paths approach // if (!IS_ALLOWED_ACE(ace->imported.raw)) { for (i = 0; i < ACE_REL_COUNT; i++) { if (HAS_RELATION(ace, i)) { API_LOG(Succ, _T("<%s> control is limited by a DENY %s ACE on object <%s>"), api->Resolver.ResolverGetAceTrusteeStr(ace), api->Ace.GetAceRelationStr(i), api->Resolver.ResolverGetAceObject(ace)->imported.dn); } } return FALSE; } for (i = 0; i < ACE_REL_COUNT; i++) { if (HAS_RELATION(ace, i)) { return TRUE; } } return FALSE; }