BOOLEAN NTAPI IopConnectLogPort(VOID) { UNICODE_STRING PortName = RTL_CONSTANT_STRING(L"\\ErrorLogPort"); NTSTATUS Status; /* Make sure we're not already connected */ if (IopLogPortConnected) return TRUE; /* Connect the port */ Status = ZwConnectPort(&IopLogPort, &PortName, NULL, NULL, NULL, NULL, NULL, NULL); if (NT_SUCCESS(Status)) { /* Remember we're connected */ IopLogPortConnected = TRUE; return TRUE; } /* We failed, try again */ IopRestartLogWorker(); return FALSE; }
BOOLEAN NTAPI IopConnectLogPort(VOID) { NTSTATUS Status; UNICODE_STRING PortName = RTL_CONSTANT_STRING(ELF_PORT_NAME); SECURITY_QUALITY_OF_SERVICE SecurityQos; /* Make sure we're not already connected */ if (IopLogPortConnected) return TRUE; /* Setup the QoS structure */ SecurityQos.Length = sizeof(SecurityQos); SecurityQos.ImpersonationLevel = SecurityIdentification; SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING; SecurityQos.EffectiveOnly = TRUE; /* Connect the port */ Status = ZwConnectPort(&IopLogPort, &PortName, &SecurityQos, NULL, NULL, NULL, NULL, NULL); if (NT_SUCCESS(Status)) { /* Remember we're connected */ IopLogPortConnected = TRUE; return TRUE; } /* We failed, try again */ IopRestartLogWorker(); return FALSE; }
BOOLEAN SepRmCommandServerThreadInit( VOID ) /*++ Routine Description: This function performs initialization of the Reference Monitor Server thread. The following steps are performed. o Wait on the LSA signalling the event. When the event is signalled, the LSA has already created the LSA Command Server LPC Port o Close the LSA Init Event Handle. The event is not used again. o Listen for the LSA to connect to the Port o Accept the connection. o Connect to the LSA Command Server LPC Port Arguments: None. Return Value: --*/ { NTSTATUS Status; UNICODE_STRING LsaCommandPortName; PORT_MESSAGE ConnectionRequest; SECURITY_QUALITY_OF_SERVICE DynamicQos; OBJECT_ATTRIBUTES ObjectAttributes; PORT_VIEW ClientView; REMOTE_PORT_VIEW LsaClientView; BOOLEAN BooleanStatus = TRUE; PAGED_CODE(); // // Save a pointer to our process so we can get back into this process // to send commands to the LSA (using a handle to an LPC port created // below). // SepRmLsaCallProcess = PsGetCurrentProcess(); ObReferenceObject(SepRmLsaCallProcess); // // Wait on the LSA signalling the event. This means that the LSA // has created its command port, not that LSA initialization is // complete. // Status = ZwWaitForSingleObject( SepRmState.LsaInitEventHandle, FALSE, NULL); if ( !NT_SUCCESS(Status) ) { KdPrint(("Security Rm Init: Waiting for LSA Init Event failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Close the LSA Init Event Handle. The event is not used again. // ZwClose(SepRmState.LsaInitEventHandle); // // Listen for a connection to be made by the LSA to the Reference Monitor // Command Port. This connection will be made by the LSA process. // ConnectionRequest.u1.s1.TotalLength = sizeof(ConnectionRequest); ConnectionRequest.u1.s1.DataLength = (CSHORT)0; Status = ZwListenPort( SepRmState.RmCommandPortHandle, &ConnectionRequest ); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Listen to Command Port failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Obtain a handle to the LSA process for use when auditing. // InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL ); Status = ZwOpenProcess( &SepLsaHandle, PROCESS_VM_OPERATION | PROCESS_VM_WRITE, &ObjectAttributes, &ConnectionRequest.ClientId ); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Open Listen to Command Port failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Accept the connection made by the LSA process. // LsaClientView.Length = sizeof(LsaClientView); Status = ZwAcceptConnectPort( &SepRmState.RmCommandPortHandle, NULL, &ConnectionRequest, TRUE, NULL, &LsaClientView ); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Accept Connect to Command Port failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Complete the connection. // Status = ZwCompleteConnectPort(SepRmState.RmCommandPortHandle); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Complete Connect to Command Port failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Set up the security quality of service parameters to use over the // Lsa Command LPC port. Use the most efficient (least overhead) - which // is dynamic rather than static tracking. // DynamicQos.ImpersonationLevel = SecurityImpersonation; DynamicQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING; DynamicQos.EffectiveOnly = TRUE; // // Create the section to be used as unnamed shared memory for // communication between the RM and LSA. // SepRmState.LsaCommandPortSectionSize.LowPart = PAGE_SIZE; SepRmState.LsaCommandPortSectionSize.HighPart = 0; Status = ZwCreateSection( &SepRmState.LsaCommandPortSectionHandle, SECTION_ALL_ACCESS, NULL, // ObjectAttributes &SepRmState.LsaCommandPortSectionSize, PAGE_READWRITE, SEC_COMMIT, NULL // FileHandle ); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Create Memory Section for LSA port failed: %X\n", Status)); goto RmCommandServerThreadInitError; } // // Set up for a call to NtConnectPort and connect to the LSA port. // This setup includes a description of the port memory section so that // the LPC connection logic can make the section visible to both the // client and server processes. // ClientView.Length = sizeof(ClientView); ClientView.SectionHandle = SepRmState.LsaCommandPortSectionHandle; ClientView.SectionOffset = 0; ClientView.ViewSize = SepRmState.LsaCommandPortSectionSize.LowPart; ClientView.ViewBase = 0; ClientView.ViewRemoteBase = 0; // // Set up the security quality of service parameters to use over the // port. Use dynamic tracking so that XACTSRV will impersonate the // user that we are impersonating when we call NtRequestWaitReplyPort. // If we used static tracking, XACTSRV would impersonate the context // when the connection is made. // DynamicQos.ImpersonationLevel = SecurityImpersonation; DynamicQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING; DynamicQos.EffectiveOnly = TRUE; // // Connect to the Lsa Command LPC Port. This port is used to send // commands from the RM to the LSA. // RtlInitUnicodeString( &LsaCommandPortName, L"\\SeLsaCommandPort" ); Status = ZwConnectPort( &SepRmState.LsaCommandPortHandle, &LsaCommandPortName, &DynamicQos, &ClientView, NULL, // ServerView NULL, // MaxMessageLength NULL, // ConnectionInformation NULL // ConnectionInformationLength ); if (!NT_SUCCESS(Status)) { KdPrint(("Security Rm Init: Connect to LSA Port failed 0x%lx\n", Status)); goto RmCommandServerThreadInitError; } // // Store information about the section so that we can create pointers // meaningful to LSA. // SepRmState.RmViewPortMemory = ClientView.ViewBase; SepRmState.LsaCommandPortMemoryDelta = (LONG)((ULONG_PTR)ClientView.ViewRemoteBase - (ULONG_PTR) ClientView.ViewBase ); SepRmState.LsaViewPortMemory = ClientView.ViewRemoteBase; /* BugWarning - ScottBi - probably don't need the resource // // Create the resource serializing access to the port. This // resource prevents the port and the shared memory from being // deleted while worker threads are processing requests. // if ( !SepRmState.LsaCommandPortResourceInitialized ) { ExInitializeResource( &SepRmState.LsaCommandPortResource ); SepRmState.LsaCommandPortResourceInitialized = TRUE; } SepRmState.LsaCommandPortActive = TRUE; */ RmCommandServerThreadInitFinish: // // Dont need this section handle any more, even if returning // success. // if ( SepRmState.LsaCommandPortSectionHandle != NULL ) { NtClose( SepRmState.LsaCommandPortSectionHandle ); SepRmState.LsaCommandPortSectionHandle = NULL; } // // The Reference Monitor Thread has successfully initialized. // return BooleanStatus; RmCommandServerThreadInitError: if ( SepRmState.LsaCommandPortHandle != NULL ) { NtClose( SepRmState.LsaCommandPortHandle ); SepRmState.LsaCommandPortHandle = NULL; } BooleanStatus = FALSE; goto RmCommandServerThreadInitFinish; }