/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */
void PLUGIN_GENERIC_HELP(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    API_LOG(Bypass, _T("Keeps ACE with an InheritedObjectType matching the one specified in the <inhobjtype> plugin option"));
    API_LOG(Bypass, _T("If <inhobjtype> is not specified, keeps Object-ACE with an empty InheritedObjectType"));
    API_LOG(Bypass, _T("<inhobjtype> must be a GUID, enclosed or not in curly braces"));
}
예제 #2
0
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */
void PLUGIN_GENERIC_HELP(
    _In_ PLUGIN_API_TABLE const * const api
) {
    API_LOG(Bypass, _T("Specify the DN or SID of the trustee to be filtered with the <trustee> plugin option (no default)"));
    API_LOG(Bypass, _T("If a SID is specified, it musts start with <%s> to be valid"), SID_STR_PREFIX);
    API_LOG(Bypass, _T("ACE granting permissions to trustees matching the specified values are kept."));
}
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */
void PLUGIN_GENERIC_HELP(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    API_LOG(Bypass, _T("Specify the outfile with the <msrout> plugin option"));
    API_LOG(Bypass, _T("The default outfile is <%s>"), DEFAULT_MSR_OUTFILE);
    API_LOG(Bypass, _T("Some filters does not associate 'relations' (and the corresponding keywords) to ACE they filter,"));
    API_LOG(Bypass, _T("in this case, the generic relation keyword is used in the msr outfile : <%s>"), DEFAULT_MSR_NO_RELATION_KEYWORD);
}
예제 #4
0
/* --- PUBLIC FUNCTIONS ----------------------------------------------------- */
void PLUGIN_GENERIC_HELP(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    API_LOG(Bypass, _T("Keeps ACE allowing control relations on files. Currently checked control relations are :"));
    API_LOG(Bypass, _T("- Generic rights : GENERIC_ALL, GENERIC_WRITE"));
    API_LOG(Bypass, _T("- Standard rights : WRITE_DAC, WRITE_OWNER"));
    API_LOG(Bypass, _T("- Specific rights : FILE_WRITE_DATA/FILE_ADD_FILE, FILE_APPEND_DATA/FILE_ADD_SUBDIRECTORY"));
    API_LOG(Bypass, _T("This filter set 'relations' on the ACE, and must be combined with the MSR writer for these relations to be outputed."));
}
BOOL PLUGIN_GENERIC_INITIALIZE(
	_In_ PLUGIN_API_TABLE const * const api
) {
	BOOL bResult = FALSE;
	PTCHAR pptAttrsListForCsv[MMR_OUTFILE_HEADER_COUNT] = MMR_OUTFILE_HEADER;

	bResult = ApiHeapCreateX(&gs_hHeapMasterSlave, MASTERMAILBOX_HEAP_NAME, NULL);
	if (API_FAILED(bResult)) {
		return ERROR_VALUE;
	}

	gs_outfileName = api->Common.GetPluginOption(_T("mmrout"), FALSE);
	if (!gs_outfileName) {
		gs_outfileName = DEFAULT_MMR_OUTFILE;
	}

	gs_outDenyfileName = ApiHeapAllocX(gs_hHeapMasterSlave, (DWORD)((_tcslen(gs_outfileName) + 10) * sizeof(TCHAR)));
	_stprintf_s(gs_outDenyfileName, _tcslen(gs_outfileName) + 10, _T("%s.deny.csv"), gs_outfileName);
	API_LOG(Info, _T("Outfiles are <%s>/<%s>"), gs_outfileName, gs_outDenyfileName);

	bResult = api->InputCsv.CsvOpenWrite(gs_outfileName, MMR_OUTFILE_HEADER_COUNT, pptAttrsListForCsv, &gs_hOutfile);
	if (!bResult) {
		API_FATAL(_T("Failed to open CSV outfile <%s>: <err:%#08x>"), gs_outfileName, api->InputCsv.CsvGetLastError(gs_hOutfile));
	}
	bResult = api->InputCsv.CsvOpenWrite(gs_outDenyfileName, MMR_OUTFILE_HEADER_COUNT, pptAttrsListForCsv, &gs_hOutDenyfile);
	if (!bResult) {
		API_FATAL(_T("Failed to open CSV outfile <%s>: <err:%#08x>"), gs_outDenyfileName, api->InputCsv.CsvGetLastError(gs_hOutDenyfile));
	}
	return TRUE;
}
BOOL PLUGIN_WRITER_WRITEACE(
	_In_ PLUGIN_API_TABLE const * const api,
	_Inout_ PIMPORTED_ACE ace
) {
	DWORD i = 0;
	DWORD relCount = 0;
	LPTSTR resolvedTrustee = NULL;
	LPTSTR resolvedMail = NULL;

	resolvedTrustee = api->Resolver.ResolverGetAceTrusteeStr(ace);
	resolvedMail = api->Resolver.ResolverGetAceObjectMail(ace);
	if (!resolvedMail) {
		API_LOG(Dbg, _T("Object has mbx sd without mail address : <%s>"), ace->imported.objectDn);
		return TRUE;
	}

	for (i = 0; i < ACE_REL_COUNT; i++) {
		if (HAS_RELATION(ace, i)) {
			relCount++;
			if (IS_ALLOWED_ACE(ace->imported.raw))
				WriteRelation(api, resolvedTrustee, resolvedMail, api->Ace.GetAceRelationStr(i), gs_hOutfile);
			else
				WriteRelation(api, resolvedTrustee, resolvedMail, api->Ace.GetAceRelationStr(i), gs_hOutDenyfile);
		}
	}
	return TRUE;
}
BOOL PLUGIN_GENERIC_FINALIZE(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    if (!CloseHandle(gs_hOutfile)) {
        API_LOG(Err, _T("Failed to close outfile handle : <%u>"), GetLastError());
        return FALSE;
    }
    return TRUE;
}
예제 #8
0
BOOL PLUGIN_GENERIC_INITIALIZE(
    _In_ PLUGIN_API_TABLE const * const api
) {
    BOOL bResult = FALSE;
    LPTSTR trustee = api->Common.GetPluginOption(_T("trustee"), TRUE);

    if (_tcsncmp(SID_STR_PREFIX, trustee, strlen(SID_STR_PREFIX)) == 0) {
        bResult = ConvertStringSidToSid(trustee, &gs_TrusteeFilter);
        if (!bResult) {
            API_FATAL(_T("Failed to convert SID <%s> to its binary form : <%u>"), trustee, GetLastError());
        }
        API_LOG(Info, _T("Filtering trustee by SID <%s>"), trustee);
    }
    else {
        // Resolution will take place later since resolver has not been activated yet
        gs_TrusteeDnFilter = trustee;
        API_LOG(Info, _T("Filtering trustee by DN <%s>"), trustee);
    }

    return TRUE;
}
static void camrea_flash_set_enable(struct camera_flash_dev *dev, int value)
{
    API_LOG("%s(%d) \n", __func__, value);

    if( value == 1 )
    {
        camera_flash_test_mode_led_trigger(MSM_CAMERA_LED_LOW);
    }
    else
    {
        camera_flash_test_mode_led_trigger(MSM_CAMERA_LED_OFF);
    }
}
/* --- PRIVATE FUNCTIONS ---------------------------------------------------- */
static void WriteRelation(
    _In_ PLUGIN_API_TABLE const * const api,
    _In_ LPTSTR master,
    _In_ LPTSTR slave,
    _In_ LPTSTR relationKeyword
    ) {
    TCHAR outline[MAX_LINE] = { 0 };
    DWORD dwWritten = 0;
    BOOL bResult = FALSE;
    int size = 0;

    size = _stprintf_s(outline, _countof(outline)-1, MSR_OUTFILE_FORMAT, master, slave, relationKeyword);
    if (size == -1) {
        API_LOG(Err, _T("Failed to format outline <%s : %s>"), master, slave);
        return;
    }
    else {
        bResult = WriteFile(gs_hOutfile, outline, size, &dwWritten, NULL);
        if (!bResult) {
            API_LOG(Err, _T("Failed to write outline <%s : %s>"), master, slave);
        }
    }
}
BOOL PLUGIN_GENERIC_INITIALIZE(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    BOOL bResult = FALSE;
    LPTSTR inhobjty = api->Common.GetPluginOption(_T("inhobjtype"), FALSE);
    // TODO : guid resolution from resolved str form could be nice here

    if (!inhobjty) {
        API_LOG(Info, _T("Filtering empty inheritedObjectType"));
        gs_EmptyInhObjType = TRUE;
    }
    else {
		bResult = api->Common.ConvertStrGuidToGuid(inhobjty, &gs_InhObjectTypeFilter);
        gs_EmptyInhObjType = FALSE;
        if (bResult != NOERROR) {
            API_FATAL(_T("Error while converting inherited object type guid <%s> to its binary form : <%#08x)"), inhobjty, bResult);
        }
        else {
            API_LOG(Info, _T("Filtering inheritedObjectType <%s>"), inhobjty);
        }
    }

    return TRUE;
}
BOOL PLUGIN_GENERIC_FINALIZE(
	_In_ PLUGIN_API_TABLE const * const api
) {
	BOOL bResult = FALSE;

	if (!api->InputCsv.CsvClose(&gs_hOutfile) || !api->InputCsv.CsvClose(&gs_hOutDenyfile)) {
		API_LOG(Err, _T("Failed to close outfiles handles : <%u>"), GetLastError());
		return FALSE;
	}
	bResult = ApiHeapDestroyX(&gs_hHeapMasterSlave);
	if (API_FAILED(bResult)) {
		return ERROR_VALUE;
	}
	return TRUE;
}
BOOL PLUGIN_GENERIC_INITIALIZE(
    _In_ PLUGIN_API_TABLE const * const api
    ) {
    DWORD dwWritten = 0;
    BOOL bResult = FALSE;

    gs_outfileName = api->Common.GetPluginOption(_T("msrout"), FALSE);
    if (!gs_outfileName) {
        gs_outfileName = DEFAULT_MSR_OUTFILE;
    }
    API_LOG(Info, _T("Outfile is <%s>"), gs_outfileName);


    gs_hOutfile = CreateFile(gs_outfileName, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_TEMPORARY, NULL);
    if (gs_hOutfile == INVALID_HANDLE_VALUE) {
        API_FATAL(_T("Failed to create outfile <%s> : <%u>"), gs_outfileName, GetLastError());
    }
    bResult = WriteFile(gs_hOutfile, MSR_OUTFILE_HEADER, (DWORD)_tcslen(MSR_OUTFILE_HEADER), &dwWritten, NULL);
    if (!bResult) {
        API_FATAL(_T("Failed to write header to outfile <%s> : <%u>"), gs_outfileName, GetLastError());
    }

    return TRUE;
}
static int camrea_flash_get_select(struct camera_flash_dev *dev)
{
  API_LOG("%s() \n", __func__);
  return(cabl_mode);
}
예제 #15
0
BOOL PLUGIN_FILTER_FILTERACE(
    _In_ PLUGIN_API_TABLE const * const api,
    _Inout_ PIMPORTED_ACE ace
    ) {
    /*
    - Generic rights :
    --- GENERIC_WRITE
    --- GENERIC_ALL
    - Standards rights :
    --- WRITE_DAC
    --- WRITE_OWNER
    - Files Specific rights (file/dir) :
    --- FILE_WRITE_DATA / FILE_ADD_FILE
    --- FILE_APPEND_DATA / FILE_ADD_SUBDIRECTORY
    */

    DWORD dwAccessMask = 0;
    DWORD i = 0;

    //
    // Get properties
    //
    dwAccessMask = api->Ace.GetAccessMask(ace);

    //
    // Control case : Generic right GENERIC_WRITE
    //
    if (dwAccessMask & ADS_RIGHT_GENERIC_WRITE)
        SET_RELATION(ace, GEN_RIGHT_WRITE);

    //
    // Control case : Generic right GENERIC_ALL
    //
    if (dwAccessMask & ADS_RIGHT_GENERIC_ALL)
        SET_RELATION(ace, GEN_RIGHT_ALL);

    //
    // Control case : Standard right WRITE_DAC
    //
    if (dwAccessMask & ADS_RIGHT_WRITE_DAC)
        SET_RELATION(ace, STAND_RIGHT_WRITE_DAC);

    //
    // Control case : Standard right WRITE_OWNER
    //
    if (dwAccessMask & ADS_RIGHT_WRITE_OWNER)
        SET_RELATION(ace, STAND_RIGHT_WRITE_OWNER);

    //
    // Control case : Specific right FILE_WRITE_DATA / FILE_ADD_FILE
    //
    if (dwAccessMask & FILE_WRITEDATA_ADDFILE)
        SET_RELATION(ace, FS_RIGHT_WRITEDATA_ADDFILE);

    //
    // Control case : Specific right FILE_APPEND_DATA / FILE_ADD_SUBDIRECTORY
    //
    if (dwAccessMask & FILE_APPENDDATA_ADDSUBDIR)
        SET_RELATION(ace, FS_RIGHT_APPENDDATA_ADDSUBDIR);

	//
	// Only "*_ALLOWED_*" ace types can allow control
	// But DENY ace on control parameters cannot be processed on a per-ace model in the control paths approach
	//
	if (!IS_ALLOWED_ACE(ace->imported.raw)) {
		for (i = 0; i < ACE_REL_COUNT; i++) {
			if (HAS_RELATION(ace, i)) {
				API_LOG(Succ, _T("<%s> control is limited by a DENY %s ACE on object <%s>"), api->Resolver.ResolverGetAceTrusteeStr(ace), api->Ace.GetAceRelationStr(i), api->Resolver.ResolverGetAceObject(ace)->imported.dn);
			}
		}
		return FALSE;
	}

    for (i = 0; i < ACE_REL_COUNT; i++) {
        if (HAS_RELATION(ace, i)) {
            return TRUE;
        }
    }

    return FALSE;
}