2 * Copyright (c) 2008, 2009, 2010, 2011 Kernel Drivers, LLC.
3 * Copyright (c) 2009, 2010, 2011 Your File System, Inc.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * - Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 * - Redistributions in binary form must reproduce the above copyright
14 * this list of conditions and the following disclaimer in the
16 * and/or other materials provided with the distribution.
17 * - Neither the names of Kernel Drivers, LLC and Your File System, Inc.
18 * nor the names of their contributors may be used to endorse or promote
19 * products derived from this software without specific prior written
20 * permission from Kernel Drivers, LLC and Your File System, Inc.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
25 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
26 * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
27 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
29 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
31 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
32 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 // File: AFSSecurity.cpp
39 #include "AFSCommon.h"
42 AFSSetSecurity( IN PDEVICE_OBJECT LibDeviceObject,
46 UNREFERENCED_PARAMETER(LibDeviceObject);
47 NTSTATUS ntStatus = STATUS_SUCCESS;
48 IO_STACK_LOCATION *pIrpSp;
50 pIrpSp = IoGetCurrentIrpStackLocation( Irp);
55 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
56 AFS_TRACE_LEVEL_ERROR,
57 "AFSSetSecurity Entry for FO %p\n",
60 AFSCompleteRequest( Irp,
63 __except( AFSExceptionFilter( __FUNCTION__, GetExceptionCode(), GetExceptionInformation()) )
68 "EXCEPTION - AFSSetSecurity\n");
70 AFSDumpTraceFilesFnc();
77 AFSQuerySecurity( IN PDEVICE_OBJECT LibDeviceObject,
81 UNREFERENCED_PARAMETER(LibDeviceObject);
82 NTSTATUS ntStatus = STATUS_SUCCESS;
83 PIO_STACK_LOCATION pIrpSp;
84 PMDL pUserBufferMdl = NULL;
85 void *pLockedUserBuffer = NULL;
87 SECURITY_INFORMATION SecurityInformation;
88 PFILE_OBJECT pFileObject;
95 pIrpSp = IoGetCurrentIrpStackLocation( Irp);
97 SecurityInformation = pIrpSp->Parameters.QuerySecurity.SecurityInformation;
99 pFileObject = pIrpSp->FileObject;
101 pFcb = (AFSFcb *)pFileObject->FsContext;
103 pCcb = (AFSCcb *)pFileObject->FsContext2;
105 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
106 AFS_TRACE_LEVEL_VERBOSE,
107 "AFSQuerySecurity (%p) Entry for FO %p SI %08lX\n",
110 SecurityInformation);
115 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
116 AFS_TRACE_LEVEL_ERROR,
117 "AFSQuerySecurity Attempted access (%p) when pFcb == NULL\n",
120 try_return( ntStatus = STATUS_INVALID_DEVICE_REQUEST);
123 if ( SecurityInformation & SACL_SECURITY_INFORMATION)
126 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
127 AFS_TRACE_LEVEL_ERROR,
128 "AFSQuerySecurity Attempted access (%p) SACL\n",
131 try_return( ntStatus = STATUS_ACCESS_DENIED);
134 if( AFSDefaultSD == NULL)
137 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
138 AFS_TRACE_LEVEL_ERROR,
139 "AFSQuerySecurity No default SD allocated\n");
141 try_return( ntStatus = STATUS_INSUFFICIENT_RESOURCES);
144 ulSDLength = RtlLengthSecurityDescriptor( AFSDefaultSD);
146 if( pIrpSp->Parameters.QuerySecurity.Length < ulSDLength ||
147 Irp->UserBuffer == NULL)
150 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
151 AFS_TRACE_LEVEL_VERBOSE,
152 "AFSQuerySecurity Buffer too small\n");
154 Irp->IoStatus.Information = (ULONG_PTR)ulSDLength;
156 try_return( ntStatus = STATUS_BUFFER_OVERFLOW);
159 pLockedUserBuffer = AFSLockUserBuffer( Irp->UserBuffer,
160 pIrpSp->Parameters.QuerySecurity.Length,
163 if( pLockedUserBuffer == NULL)
166 AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING,
167 AFS_TRACE_LEVEL_ERROR,
168 "AFSQuerySecurity Failed to lock user buffer\n");
170 try_return( ntStatus = STATUS_INSUFFICIENT_RESOURCES);
173 RtlCopyMemory( pLockedUserBuffer,
177 Irp->IoStatus.Information = (ULONG_PTR)ulSDLength;
181 if( pUserBufferMdl != NULL)
183 MmUnlockPages( pUserBufferMdl);
184 IoFreeMdl( pUserBufferMdl);
187 __except( AFSExceptionFilter( __FUNCTION__, GetExceptionCode(), GetExceptionInformation()) )
192 "EXCEPTION - AFSQuerySecurity\n");
194 AFSDumpTraceFilesFnc();
197 AFSCompleteRequest( Irp,