/*---------------------------------------------------------------------- WriteStructureSchema ecrit le schema de structure pointe' par pSS dans le fichier de nom fileName. Si code est nul, ecrit le schema avec un nouveau code d'identification, sinon avec code comme code d'identification. ----------------------------------------------------------------------*/ ThotBool WriteStructureSchema (Name fileName, PtrSSchema pSS, int code) { PtrTtAttribute pAttr; int i, j; /* ouvre le fichier */ outfile = TtaWriteOpen (fileName); if (outfile == 0) return False; /* ecrit la partie fixe du schema de structure */ WriteName (pSS->SsName); if (code == 0) /* alloue un nouveau code d'identification au schema compile' */ WriteShort (UniqueIdent ()); else /* le schema compile' a le code d'identification code */ WriteShort (code); WriteName (pSS->SsDefaultPSchema); WriteBoolean (pSS->SsExtension); WriteShort (pSS->SsDocument); WriteShort (pSS->SsRootElem); WriteShort (pSS->SsNAttributes); WriteShort (pSS->SsNRules); WriteBoolean (pSS->SsExport); WriteShort (pSS->SsNExceptions); for (i = 0; i < pSS->SsNExceptions; i++) WriteShort (pSS->SsException[i]); /* ecrit le texte des constantes */ i = 0; do TtaWriteByte (outfile, pSS->SsConstBuffer[i++]); while (pSS->SsConstBuffer[i - 1] != '\0' || pSS->SsConstBuffer[i] != '\0'); /* SsFirstDynNature */ TtaWriteByte (outfile, '\0'); /* ecrit les attributs */ for (i = 0; i < pSS->SsNAttributes; i++) { pAttr = pSS->SsAttribute->TtAttr[i]; WriteName (pAttr->AttrName); WriteBoolean (pAttr->AttrGlobal); WriteShort (pAttr->AttrFirstExcept); WriteShort (pAttr->AttrLastExcept); WriteAttributeType (pAttr->AttrType); switch (pAttr->AttrType) { case AtNumAttr: case AtTextAttr: break; case AtReferenceAttr: WriteShort (pAttr->AttrTypeRef); WriteName (pAttr->AttrTypeRefNature); break; case AtEnumAttr: WriteShort (pAttr->AttrNEnumValues); for (j = 0; j < pAttr->AttrNEnumValues; j++) WriteName (pAttr->AttrEnumValue[j]); break; } } /* ecrit les regles de structure */ for (i = 0; i < pSS->SsNRules; i++) WriteRule (pSS->SsRule->SrElem[i]); /* ecrit les regles d'extension */ if (pSS->SsExtension) { WriteShort (pSS->SsNExtensRules); for (i = 0; i < pSS->SsNExtensRules; i++) WriteRule (&pSS->SsExtensBlock->EbExtensRule[i]); } TtaWriteClose (outfile); return True; }
void FlushPolicy() { PPOLICY_RULE r; KIRQL irql; char buffer[MAX_PATH*2]; UCHAR i; BOOLEAN ValidRule; // cannot write to files while holding spinlock (irql != PASSIVE_LEVEL) // KeAcquireSpinLock(&NewPolicy.SpinLock, &irql); sprintf(buffer, "\r\n# %S Default Process Policy\r\n", ProcessToMonitor); WriteRule(buffer); sprintf(buffer, "policy_default: %s\r\n", DecodeAction(NewPolicy.DefaultPolicyAction)); WriteRule(buffer); if (! IS_OVERFLOW_PROTECTION_ON(NewPolicy)) WriteRule("protection_overflow: off"); if (! IS_USERLAND_PROTECTION_ON(NewPolicy)) WriteRule("protection_userland: off"); if (! IS_EXTENSION_PROTECTION_ON(NewPolicy)) WriteRule("protection_extension: off"); if (! IS_DEBUGGING_PROTECTION_ON(NewPolicy)) WriteRule("protection_debugging: off"); if (! IS_VDM_PROTECTION_ON(NewPolicy)) WriteRule("protection_dos16: off"); // KdPrint(("%s process\n", IsGuiThread ? "GUI" : "NON GUI")); for (i = 0; i < RULE_LASTONE; i++) { r = NewPolicy.RuleList[i]; if (r) { WritePolicyFile("\r\n\r\n# "); WritePolicyFile(RuleTypeData[i].Prefix); WritePolicyFile(" related operations\r\n\r\n"); } while (r) { if (i != RULE_SYSCALL) ValidRule = CreateRule(i, r, buffer); else ValidRule = CreateServiceRule(r, buffer); if (ValidRule == TRUE) WriteRule(buffer); r = (PPOLICY_RULE) r->Next; } } // KeReleaseSpinLock(&NewPolicy.SpinLock, irql); }