/*********************************************************/
/* toksvc: a framework-native token broker service */
/* Copyright (C) 2020 Z. Gilboa */
/* Released under GPLv2 and GPLv3; see COPYING.TOKSVC. */
/*********************************************************/
#include <psxtypes/psxtypes.h>
#include <ntapi/ntapi.h>
#include <ntapi/nt_termios.h>
#include "toksvc_daemon_impl.h"
#include "toksvc_driver_impl.h"
#include "toksvc_log_impl.h"
static int32_t toks_daemon_ioctl_get_token_count(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg = &dctx->reply;
msg->ttyinfo.exarg = (void *)(intptr_t)toks_get_driver_ntokens(dctx->driver_ctx);
return NT_STATUS_SUCCESS;
}
static int32_t toks_daemon_ioctl_set_token_count(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg;
int ntokens;
msg = &dctx->reply;
ntokens = (int)(intptr_t)msg->ttyinfo.exarg;
if (ntokens < 0)
return NT_STATUS_INVALID_PARAMETER;
else if (ntokens > toks_get_driver_atokens(dctx->driver_ctx))
return NT_STATUS_BUFFER_TOO_SMALL;
toks_set_driver_ntokens(dctx->driver_ctx,ntokens);
dctx->ftokens = (dctx->utokens < ntokens)
? ntokens - dctx->utokens : 0;
return toks_daemon_release(dctx);
}
static int32_t toks_daemon_ioctl_get_log_level(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg = &dctx->reply;
msg->ttyinfo.exarg = (void *)(intptr_t)dctx->driver_ctx->cctx->loglevel;
return NT_STATUS_SUCCESS;
}
static int32_t toks_daemon_ioctl_set_log_level(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg;
int loglevel;
msg = &dctx->reply;
loglevel = (int)(intptr_t)msg->ttyinfo.exarg;
if ((loglevel < 0) || (loglevel > 9))
return NT_STATUS_INVALID_PARAMETER;
toks_set_driver_log_level(dctx->driver_ctx,loglevel);
toks_log_service_info(dctx);
return NT_STATUS_SUCCESS;
}
static int32_t toks_daemon_ioctl_get_service_info(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg = &dctx->reply;
/* uuid */
msg->svcdata.meta[0] = (dctx->driver_ctx->cctx->uuid->data1);
msg->svcdata.meta[1] = (dctx->driver_ctx->cctx->uuid->data2);
msg->svcdata.meta[1] |= (dctx->driver_ctx->cctx->uuid->data3 << 16);
msg->svcdata.meta[2] = (dctx->driver_ctx->cctx->uuid->data4[0]);
msg->svcdata.meta[2] |= (dctx->driver_ctx->cctx->uuid->data4[1] << 8);
msg->svcdata.meta[2] |= (dctx->driver_ctx->cctx->uuid->data4[2] << 16);
msg->svcdata.meta[2] |= (dctx->driver_ctx->cctx->uuid->data4[3] << 24);
msg->svcdata.meta[3] = (dctx->driver_ctx->cctx->uuid->data4[4]);
msg->svcdata.meta[3] |= (dctx->driver_ctx->cctx->uuid->data4[5] << 8);
msg->svcdata.meta[3] |= (dctx->driver_ctx->cctx->uuid->data4[6] << 16);
msg->svcdata.meta[3] |= (dctx->driver_ctx->cctx->uuid->data4[7] << 24);
/* syspid, systid */
msg->svcdata.data[0] = pe_get_current_process_id();
msg->svcdata.data[1] = pe_get_current_thread_id();
/* ctrlpid, csyspid */
msg->svcdata.data[2] = dctx->ctrlpid;
msg->svcdata.data[3] = dctx->csyspid;
/* allocated, available */
msg->svcdata.data[4] = toks_get_driver_atokens(dctx->driver_ctx);
msg->svcdata.data[5] = toks_get_driver_ntokens(dctx->driver_ctx);
/* used, free */
msg->svcdata.data[6] = dctx->utokens;
msg->svcdata.data[7] = dctx->ftokens;
return NT_STATUS_SUCCESS;
}
static int32_t toks_daemon_ioctl_log_service_info(struct toks_daemon_ctx * dctx)
{
toks_log_service_info(dctx);
return NT_STATUS_SUCCESS;
}
static int32_t toks_daemon_ioctl_get_token_info(struct toks_daemon_ctx * dctx)
{
int32_t status;
void * hprocess;
void * hfile;
void * hrfile;
void * addr;
char * mark;
size_t size;
int32_t idx;
nt_oa oa;
nt_sd_common_buffer sd;
nt_iosb iosb;
nt_unicode_string path;
nt_large_integer asize;
struct toks_token * token;
struct toks_token_ctx * tctx;
struct toks_token_info * tinfo;
struct toks_token_sctx stctx;
uint32_t access;
uint32_t access_owner;
uint32_t access_group;
uint32_t access_other;
uint32_t access_admin;
uint32_t keys[4];
wchar16_t name[37];
/* service info */
toks_daemon_ioctl_get_service_info(dctx);
/* hprocess */
oa.len = sizeof(nt_oa);
oa.root_dir = 0;
oa.obj_name = 0;
oa.obj_attr = 0;
oa.sec_desc = 0;
oa.sec_qos = 0;
if ((status = ntapi->zw_open_process(
&hprocess,
NT_PROCESS_SYNCHRONIZE
| NT_PROCESS_DUP_HANDLE
| NT_PROCESS_QUERY_INFORMATION,
&oa,&dctx->request.header.client_id)))
return status;
/* sd */
access_owner = NT_GENERIC_READ | NT_GENERIC_WRITE;
access_group = NT_SEC_READ_CONTROL | NT_FILE_READ_ATTRIBUTES;
access_other = NT_SEC_READ_CONTROL | NT_FILE_READ_ATTRIBUTES;
access_owner |= NT_SEC_STANDARD_RIGHTS_ALL;
access_admin = access_owner;
ntapi->acl_init_common_descriptor(
&sd,0,0,0,0,
access_owner,access_group,access_other,
access_admin,access_owner,
0);
/* name */
toks_query_performance_counters(
dctx->driver_ctx,
&dctx->pcnt);
keys[0] = ntapi->tt_buffer_crc32(
dctx->noise,
&dctx->pcnt,sizeof(dctx->pcnt));
keys[1] = ntapi->tt_buffer_crc32(
keys[0],
&dctx->request.header,sizeof(dctx->request.header));
keys[2] = ntapi->tt_buffer_crc32(
keys[1],
toks_get_driver_tokens(dctx->driver_ctx),
toks_get_driver_ntokens(dctx->driver_ctx)
* sizeof(struct toks_token));
keys[3] = ntapi->tt_buffer_crc32(
keys[2],
dctx,sizeof(*dctx));
name[0] = '.';
name[9] = '.';
name[18] = '.';
name[27] = '.';
name[36] = 0;
ntapi->tt_uint32_to_hex_utf16(keys[0],&name[1]);
ntapi->tt_uint32_to_hex_utf16(keys[1],&name[10]);
ntapi->tt_uint32_to_hex_utf16(keys[2],&name[19]);
ntapi->tt_uint32_to_hex_utf16(keys[3],&name[28]);
/* path */
path.strlen = 36 * sizeof(wchar16_t);
path.maxlen = 0;
path.buffer = name;
/* oa */
oa.len = sizeof(nt_oa);
oa.root_dir = toks_get_driver_tmpfs(dctx->driver_ctx);
oa.obj_name = &path;
oa.obj_attr = 0;
oa.sec_desc = &sd.sd;
oa.sec_qos = 0;
/* access */
access = NT_SEC_SYNCHRONIZE | NT_SEC_DELETE;
access |= NT_FILE_READ_DATA | NT_FILE_READ_ATTRIBUTES;
access |= NT_FILE_WRITE_DATA | NT_FILE_WRITE_ATTRIBUTES;
/* alloc_size */
asize.quad = __offsetof(struct toks_token_ctx,tokens);
asize.quad += sizeof(struct toks_token_info) * dctx->utokens;
/* create temporary file */
status = ntapi->zw_create_file(
&hfile,
access,&oa,&iosb,&asize,
NT_FILE_ATTRIBUTE_NORMAL,
0,NT_FILE_CREATE,
NT_FILE_NON_DIRECTORY_FILE
| NT_FILE_SYNCHRONOUS_IO_ALERT
| NT_FILE_DELETE_ON_CLOSE,
0,0);
if (status) {
ntapi->zw_close(hprocess);
return status;
}
/* buffer */
if (dctx->utokens <= 512) {
tctx = 0;
addr = &stctx;
size = asize.quad;
tinfo = stctx.tokens;
stctx.allocated = toks_get_driver_atokens(dctx->driver_ctx);
stctx.available = toks_get_driver_ntokens(dctx->driver_ctx);
stctx.tused = dctx->utokens;
stctx.tfree = dctx->ftokens;
} else {
size = asize.quad;
addr = toks_calloc(1,size);
if (!addr) {
ntapi->zw_close(hfile);
ntapi->zw_close(hprocess);
return NT_STATUS_MEMORY_NOT_ALLOCATED;
}
tctx = (struct toks_token_ctx *)addr;
tinfo = tctx->tokens;
tctx->allocated = toks_get_driver_atokens(dctx->driver_ctx);
tctx->available = toks_get_driver_ntokens(dctx->driver_ctx);
tctx->tused = dctx->utokens;
tctx->tfree = dctx->ftokens;
}
/* token info */
token = toks_get_driver_tokens(dctx->driver_ctx);
for (idx=0; idx<dctx->utokens; token++) {
if (token->self) {
tinfo->tokpid = token->client.tokpid;
tinfo->tsyspid = token->client.cid.process_id;
tinfo->pad = 0;
tinfo->keys[0] = token->keys.key[0];
tinfo->keys[1] = token->keys.key[1];
tinfo->keys[2] = token->keys.key[2];
tinfo->keys[3] = token->keys.key[3];
tinfo->keys[4] = token->keys.key[4];
tinfo->keys[5] = token->keys.key[5];
tinfo->meta[0] = token->meta.key[0];
tinfo->meta[1] = token->meta.key[1];
tinfo->meta[2] = token->meta.key[2];
tinfo->meta[3] = token->meta.key[3];
tinfo->meta[4] = token->meta.key[4];
tinfo->meta[5] = token->meta.key[5];
idx++;
tinfo++;
}
}
/* write */
for (mark=addr; size; size-=iosb.info) {
status = ntapi->zw_write_file(
hfile,0,0,0,
&iosb,addr,size,
0,0);
switch (status) {
case NT_STATUS_SUCCESS:
mark += iosb.info;
addr = mark;
break;
default:
ntapi->zw_close(hfile);
ntapi->zw_close(hprocess);
if (tctx)
toks_free(tctx);
return status;
}
}
/* buffer */
if (tctx)
toks_free(tctx);
/* remote handle */
status = ntapi->zw_duplicate_object(
NT_CURRENT_PROCESS_HANDLE,
hfile,
hprocess,
&hrfile,
0,0,
NT_DUPLICATE_SAME_ACCESS
| NT_DUPLICATE_SAME_ATTRIBUTES);
ntapi->zw_close(hfile);
ntapi->zw_close(hprocess);
switch (status) {
case NT_STATUS_SUCCESS:
dctx->reply.ttyinfo.exarg = hrfile;
return NT_STATUS_SUCCESS;
default:
dctx->reply.ttyinfo.exarg = 0;
return status;
}
}
static int32_t toks_daemon_ioctl_log_token_info(struct toks_daemon_ctx * dctx)
{
toks_log_token_info(dctx);
return NT_STATUS_SUCCESS;
}
int32_t __stdcall toks_daemon_ioctl(struct toks_daemon_ctx * dctx)
{
nt_tty_port_msg * msg;
uint32_t ctlcode;
msg = &dctx->reply;
ctlcode = msg->ttyinfo.opdata;
switch (ctlcode) {
case TOKS_IOCTL_GET_TOKEN_COUNT:
return toks_daemon_ioctl_get_token_count(dctx);
case TOKS_IOCTL_SET_TOKEN_COUNT:
return toks_daemon_ioctl_set_token_count(dctx);
case TOKS_IOCTL_GET_SERVICE_INFO:
return toks_daemon_ioctl_get_service_info(dctx);
case TOKS_IOCTL_LOG_SERVICE_INFO:
return toks_daemon_ioctl_log_service_info(dctx);
case TOKS_IOCTL_GET_TOKEN_INFO:
return toks_daemon_ioctl_get_token_info(dctx);
case TOKS_IOCTL_LOG_TOKEN_INFO:
return toks_daemon_ioctl_log_token_info(dctx);
case TOKS_IOCTL_GET_LOG_LEVEL:
return toks_daemon_ioctl_get_log_level(dctx);
case TOKS_IOCTL_SET_LOG_LEVEL:
return toks_daemon_ioctl_set_log_level(dctx);
default:
return NT_STATUS_NOT_IMPLEMENTED;
}
}