|
|
68ab59 |
/*********************************************************/
|
|
|
68ab59 |
/* toksvc: a framework-native token broker service */
|
|
|
d91fa0 |
/* Copyright (C) 2020 SysDeer Technologies, LLC */
|
|
|
68ab59 |
/* Released under GPLv2 and GPLv3; see COPYING.TOKSVC. */
|
|
|
68ab59 |
/*********************************************************/
|
|
|
68ab59 |
|
|
|
68ab59 |
#include <psxtypes/psxtypes.h>
|
|
|
68ab59 |
#include <ntapi/ntapi.h>
|
|
|
68ab59 |
|
|
|
68ab59 |
#include <toksvc/toksvc.h>
|
|
|
68ab59 |
#include "toksvc_driver_impl.h"
|
|
|
68ab59 |
#include "toksvc_daemon_impl.h"
|
|
|
68ab59 |
|
|
|
68ab59 |
int32_t toks_get_server_snapshot(
|
|
|
68ab59 |
struct toks_driver_ctx * dctx,
|
|
|
68ab59 |
struct toks_server_snapshot ** snapshot)
|
|
|
68ab59 |
{
|
|
|
68ab59 |
int32_t status;
|
|
|
68ab59 |
void * hport;
|
|
|
68ab59 |
void * hfile;
|
|
|
68ab59 |
void * hsection;
|
|
|
68ab59 |
void * addr;
|
|
|
68ab59 |
size_t size;
|
|
|
68ab59 |
nt_oa oa;
|
|
|
68ab59 |
nt_large_integer ssize;
|
|
|
68ab59 |
nt_sd_common_buffer sd;
|
|
|
68ab59 |
struct _nt_tty_port_msg msg;
|
|
|
68ab59 |
struct toks_server_snapshot * ctx;
|
|
|
68ab59 |
struct toks_service_info * svcinfo;
|
|
|
68ab59 |
uint32_t access_owner;
|
|
|
68ab59 |
uint32_t access_group;
|
|
|
68ab59 |
uint32_t access_other;
|
|
|
68ab59 |
uint32_t access_admin;
|
|
|
68ab59 |
|
|
|
68ab59 |
hport = toks_get_driver_hservice(dctx);
|
|
|
68ab59 |
|
|
|
68ab59 |
ntapi->tt_aligned_block_memset(
|
|
|
68ab59 |
&msg,0,sizeof(msg));
|
|
|
68ab59 |
|
|
|
68ab59 |
msg.header.msg_type = NT_LPC_NEW_MESSAGE;
|
|
|
68ab59 |
msg.header.data_size = sizeof(msg.ttyinfo) + sizeof(msg.svcdata);
|
|
|
68ab59 |
msg.header.msg_size = sizeof(msg);
|
|
|
68ab59 |
msg.ttyinfo.opcode = TOKS_DAEMON_IOCTL;
|
|
|
68ab59 |
msg.ttyinfo.opdata = TOKS_IOCTL_GET_TOKEN_INFO;
|
|
|
68ab59 |
|
|
|
68ab59 |
if ((status = ntapi->zw_request_wait_reply_port(hport,&msg,&msg)))
|
|
|
68ab59 |
return status;
|
|
|
68ab59 |
|
|
|
68ab59 |
else if (msg.ttyinfo.status)
|
|
|
68ab59 |
return msg.ttyinfo.status;
|
|
|
68ab59 |
|
|
|
68ab59 |
/* token info */
|
|
|
68ab59 |
hfile = msg.ttyinfo.exarg;
|
|
|
68ab59 |
|
|
|
68ab59 |
/* snapshot context */
|
|
|
68ab59 |
if (!(addr = toks_calloc(1,sizeof(*ctx)))) {
|
|
|
68ab59 |
ntapi->zw_close(hfile);
|
|
|
68ab59 |
return NT_STATUS_MEMORY_NOT_ALLOCATED;
|
|
|
68ab59 |
}
|
|
|
68ab59 |
|
|
|
68ab59 |
ctx = (struct toks_server_snapshot *)addr;
|
|
|
68ab59 |
svcinfo = (struct toks_service_info *)addr;
|
|
|
68ab59 |
|
|
|
68ab59 |
/* uuid */
|
|
|
68ab59 |
svcinfo->uuid.data1 = (msg.svcdata.meta[0]);
|
|
|
68ab59 |
|
|
|
68ab59 |
svcinfo->uuid.data2 = (msg.svcdata.meta[1] & 0xffff);
|
|
|
68ab59 |
svcinfo->uuid.data3 = (msg.svcdata.meta[1] >> 16);
|
|
|
68ab59 |
|
|
|
68ab59 |
svcinfo->uuid.data4[0] = (msg.svcdata.meta[2] & 0xff);
|
|
|
68ab59 |
svcinfo->uuid.data4[1] = (msg.svcdata.meta[2] & 0xff00) >> 8;
|
|
|
68ab59 |
svcinfo->uuid.data4[2] = (msg.svcdata.meta[2] & 0xff0000) >> 16;
|
|
|
68ab59 |
svcinfo->uuid.data4[3] = (msg.svcdata.meta[2] & 0xff000000) >> 24;
|
|
|
68ab59 |
|
|
|
68ab59 |
svcinfo->uuid.data4[4] = (msg.svcdata.meta[3] & 0xff);
|
|
|
68ab59 |
svcinfo->uuid.data4[5] = (msg.svcdata.meta[3] & 0xff00) >> 8;
|
|
|
68ab59 |
svcinfo->uuid.data4[6] = (msg.svcdata.meta[3] & 0xff0000) >> 16;
|
|
|
68ab59 |
svcinfo->uuid.data4[7] = (msg.svcdata.meta[3] & 0xff000000) >> 24;
|
|
|
68ab59 |
|
|
|
68ab59 |
/* syspid, systid */
|
|
|
68ab59 |
svcinfo->syspid = msg.svcdata.data[0];
|
|
|
68ab59 |
svcinfo->systid = msg.svcdata.data[1];
|
|
|
68ab59 |
|
|
|
68ab59 |
/* ctrlpid, csyspid */
|
|
|
68ab59 |
svcinfo->ctrlpid = msg.svcdata.data[2];
|
|
|
68ab59 |
svcinfo->csyspid = msg.svcdata.data[3];
|
|
|
68ab59 |
|
|
|
91a57a |
/* allocated, available, pending */
|
|
|
68ab59 |
svcinfo->allocated = msg.svcdata.data[4];
|
|
|
68ab59 |
svcinfo->available = msg.svcdata.data[5];
|
|
|
91a57a |
svcinfo->pending = msg.svcdata.data[6];
|
|
|
68ab59 |
|
|
|
68ab59 |
/* used, free */
|
|
|
91a57a |
svcinfo->tused = msg.svcdata.data[7];
|
|
|
91a57a |
svcinfo->tfree = msg.svcdata.data[8];
|
|
|
68ab59 |
|
|
|
68ab59 |
/* sd */
|
|
|
68ab59 |
access_owner = NT_GENERIC_READ;
|
|
|
68ab59 |
access_group = NT_SEC_READ_CONTROL | NT_FILE_READ_ATTRIBUTES;
|
|
|
68ab59 |
access_other = NT_SEC_READ_CONTROL | NT_FILE_READ_ATTRIBUTES;
|
|
|
68ab59 |
|
|
|
68ab59 |
access_owner |= NT_SEC_STANDARD_RIGHTS_ALL;
|
|
|
68ab59 |
access_admin = access_owner;
|
|
|
68ab59 |
|
|
|
68ab59 |
ntapi->acl_init_common_descriptor(
|
|
|
68ab59 |
&sd,0,0,0,0,
|
|
|
68ab59 |
access_owner,access_group,access_other,
|
|
|
68ab59 |
access_admin,access_owner,
|
|
|
68ab59 |
0);
|
|
|
68ab59 |
|
|
|
68ab59 |
/* section */
|
|
|
68ab59 |
oa.len = sizeof(oa);
|
|
|
68ab59 |
oa.root_dir = 0;
|
|
|
68ab59 |
oa.obj_name = 0;
|
|
|
68ab59 |
oa.obj_attr = 0;
|
|
|
68ab59 |
oa.sec_desc = &sd.sd;
|
|
|
68ab59 |
oa.sec_qos = 0;
|
|
|
68ab59 |
|
|
|
68ab59 |
addr = 0;
|
|
|
68ab59 |
ssize.quad = 0;
|
|
|
68ab59 |
|
|
|
f90166 |
size = __offsetof(struct toks_token_ctx,tokens);
|
|
|
68ab59 |
size += svcinfo->tused * sizeof(struct toks_token_info);
|
|
|
68ab59 |
|
|
|
68ab59 |
status = ntapi->zw_create_section(
|
|
|
68ab59 |
&hsection,
|
|
|
68ab59 |
NT_SECTION_QUERY|NT_SECTION_MAP_READ,
|
|
|
68ab59 |
&oa,&ssize,
|
|
|
68ab59 |
NT_PAGE_READONLY,
|
|
|
68ab59 |
NT_SEC_COMMIT,
|
|
|
68ab59 |
hfile);
|
|
|
68ab59 |
|
|
|
68ab59 |
if (status) {
|
|
|
68ab59 |
ntapi->zw_close(hfile);
|
|
|
68ab59 |
toks_free(ctx);
|
|
|
68ab59 |
return status;
|
|
|
68ab59 |
};
|
|
|
68ab59 |
|
|
|
68ab59 |
/* section mapping */
|
|
|
68ab59 |
status = ntapi->zw_map_view_of_section(
|
|
|
68ab59 |
hsection,
|
|
|
68ab59 |
NT_CURRENT_PROCESS_HANDLE,
|
|
|
68ab59 |
&addr,0,0,0,
|
|
|
68ab59 |
&size,NT_VIEW_UNMAP,
|
|
|
68ab59 |
0,NT_PAGE_READONLY);
|
|
|
68ab59 |
|
|
|
68ab59 |
ntapi->zw_close(hfile);
|
|
|
68ab59 |
ntapi->zw_close(hsection);
|
|
|
68ab59 |
|
|
|
68ab59 |
if (status) {
|
|
|
68ab59 |
toks_free(ctx);
|
|
|
68ab59 |
return status;
|
|
|
68ab59 |
};
|
|
|
68ab59 |
|
|
|
68ab59 |
/* all done */
|
|
|
68ab59 |
ctx->tokctx = addr;
|
|
|
68ab59 |
*snapshot = ctx;
|
|
|
68ab59 |
|
|
|
68ab59 |
return NT_STATUS_SUCCESS;
|
|
|
68ab59 |
}
|
|
|
68ab59 |
|
|
|
68ab59 |
void toks_free_server_snapshot(struct toks_server_snapshot * snapshot)
|
|
|
68ab59 |
{
|
|
|
68ab59 |
ntapi->zw_unmap_view_of_section(
|
|
|
68ab59 |
NT_CURRENT_PROCESS_HANDLE,
|
|
|
68ab59 |
(void *)snapshot->tokctx);
|
|
|
68ab59 |
|
|
|
68ab59 |
toks_free(snapshot);
|
|
|
68ab59 |
}
|