Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
ec9244f0
Commit
ec9244f0
authored
Feb 16, 2021
by
Zebediah Figura
Committed by
Alexandre Julliard
Feb 17, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ntdll: Implement NtQueryInformationToken(TokenLinkedToken).
Signed-off-by:
Zebediah Figura
<
z.figura12@gmail.com
>
Signed-off-by:
Alexandre Julliard
<
julliard@winehq.org
>
parent
c9674979
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
96 additions
and
12 deletions
+96
-12
security.c
dlls/advapi32/tests/security.c
+5
-6
security.c
dlls/ntdll/unix/security.c
+13
-1
server_protocol.h
include/wine/server_protocol.h
+18
-1
process.c
server/process.c
+1
-1
protocol.def
server/protocol.def
+8
-0
request.h
server/request.h
+6
-0
security.h
server/security.h
+1
-1
token.c
server/token.c
+31
-2
trace.c
server/trace.c
+13
-0
No files found.
dlls/advapi32/tests/security.c
View file @
ec9244f0
...
...
@@ -8057,8 +8057,7 @@ static void test_elevation(void)
CloseHandle
(
token
);
return
;
}
todo_wine
ok
(
ret
,
"got error %u
\n
"
,
GetLastError
());
if
(
!
ret
)
return
;
ok
(
ret
,
"got error %u
\n
"
,
GetLastError
());
if
(
type
==
TokenElevationTypeDefault
)
{
...
...
@@ -8131,7 +8130,7 @@ static void test_elevation(void)
ok
(
type
==
TokenElevationTypeLimited
,
"got type %#x
\n
"
,
type
);
ret
=
GetTokenInformation
(
linked
.
LinkedToken
,
TokenElevation
,
&
elevation
,
sizeof
(
elevation
),
&
size
);
ok
(
ret
,
"got error %u
\n
"
,
GetLastError
());
ok
(
elevation
.
TokenIsElevated
==
FALSE
,
"got elevation %#x
\n
"
,
elevation
.
TokenIsElevated
);
todo_wine
ok
(
elevation
.
TokenIsElevated
==
FALSE
,
"got elevation %#x
\n
"
,
elevation
.
TokenIsElevated
);
/* Asking for the linked token again gives us a different token. */
ret
=
GetTokenInformation
(
token
,
TokenLinkedToken
,
&
linked2
,
sizeof
(
linked2
),
&
size
);
...
...
@@ -8142,7 +8141,7 @@ static void test_elevation(void)
ok
(
type
==
TokenElevationTypeLimited
,
"got type %#x
\n
"
,
type
);
ret
=
GetTokenInformation
(
linked2
.
LinkedToken
,
TokenElevation
,
&
elevation
,
sizeof
(
elevation
),
&
size
);
ok
(
ret
,
"got error %u
\n
"
,
GetLastError
());
ok
(
elevation
.
TokenIsElevated
==
FALSE
,
"got elevation %#x
\n
"
,
elevation
.
TokenIsElevated
);
todo_wine
ok
(
elevation
.
TokenIsElevated
==
FALSE
,
"got elevation %#x
\n
"
,
elevation
.
TokenIsElevated
);
check_different_token
(
linked
.
LinkedToken
,
linked2
.
LinkedToken
);
...
...
@@ -8168,12 +8167,12 @@ static void test_elevation(void)
type
=
TokenElevationTypeLimited
;
ret
=
SetTokenInformation
(
token
,
TokenElevationType
,
&
type
,
sizeof
(
type
));
ok
(
!
ret
,
"expected failure
\n
"
);
ok
(
GetLastError
()
==
ERROR_INVALID_PARAMETER
,
"got error %u
\n
"
,
GetLastError
());
todo_wine
ok
(
GetLastError
()
==
ERROR_INVALID_PARAMETER
,
"got error %u
\n
"
,
GetLastError
());
elevation
.
TokenIsElevated
=
FALSE
;
ret
=
SetTokenInformation
(
token
,
TokenElevation
,
&
elevation
,
sizeof
(
elevation
));
ok
(
!
ret
,
"expected failure
\n
"
);
ok
(
GetLastError
()
==
ERROR_INVALID_PARAMETER
,
"got error %u
\n
"
,
GetLastError
());
todo_wine
ok
(
GetLastError
()
==
ERROR_INVALID_PARAMETER
,
"got error %u
\n
"
,
GetLastError
());
}
ret
=
DuplicateTokenEx
(
token
,
TOKEN_ALL_ACCESS
,
NULL
,
SecurityAnonymous
,
TokenPrimary
,
&
token2
);
...
...
dlls/ntdll/unix/security.c
View file @
ec9244f0
...
...
@@ -167,7 +167,7 @@ NTSTATUS WINAPI NtQueryInformationToken( HANDLE token, TOKEN_INFORMATION_CLASS c
0
,
/* TokenAuditPolicy */
0
,
/* TokenOrigin */
sizeof
(
TOKEN_ELEVATION_TYPE
),
/* TokenElevationType */
0
,
/* TokenLinkedToken */
sizeof
(
TOKEN_LINKED_TOKEN
),
/* TokenLinkedToken */
sizeof
(
TOKEN_ELEVATION
),
/* TokenElevation */
0
,
/* TokenHasRestrictions */
0
,
/* TokenAccessInformation */
...
...
@@ -476,6 +476,18 @@ NTSTATUS WINAPI NtQueryInformationToken( HANDLE token, TOKEN_INFORMATION_CLASS c
SERVER_END_REQ
;
break
;
case
TokenLinkedToken
:
SERVER_START_REQ
(
create_linked_token
)
{
TOKEN_LINKED_TOKEN
*
linked
=
info
;
req
->
handle
=
wine_server_obj_handle
(
token
);
status
=
wine_server_call
(
req
);
if
(
!
status
)
linked
->
LinkedToken
=
wine_server_ptr_handle
(
reply
->
linked
);
}
SERVER_END_REQ
;
break
;
default:
ERR
(
"Unhandled token information class %u
\n
"
,
class
);
return
STATUS_NOT_IMPLEMENTED
;
...
...
include/wine/server_protocol.h
View file @
ec9244f0
...
...
@@ -4950,6 +4950,20 @@ struct get_token_elevation_reply
struct
create_linked_token_request
{
struct
request_header
__header
;
obj_handle_t
handle
;
};
struct
create_linked_token_reply
{
struct
reply_header
__header
;
obj_handle_t
linked
;
char
__pad_12
[
4
];
};
struct
create_completion_request
{
struct
request_header
__header
;
...
...
@@ -5642,6 +5656,7 @@ enum request
REQ_make_process_system
,
REQ_get_token_statistics
,
REQ_get_token_elevation
,
REQ_create_linked_token
,
REQ_create_completion
,
REQ_open_completion
,
REQ_add_completion
,
...
...
@@ -5924,6 +5939,7 @@ union generic_request
struct
make_process_system_request
make_process_system_request
;
struct
get_token_statistics_request
get_token_statistics_request
;
struct
get_token_elevation_request
get_token_elevation_request
;
struct
create_linked_token_request
create_linked_token_request
;
struct
create_completion_request
create_completion_request
;
struct
open_completion_request
open_completion_request
;
struct
add_completion_request
add_completion_request
;
...
...
@@ -6204,6 +6220,7 @@ union generic_reply
struct
make_process_system_reply
make_process_system_reply
;
struct
get_token_statistics_reply
get_token_statistics_reply
;
struct
get_token_elevation_reply
get_token_elevation_reply
;
struct
create_linked_token_reply
create_linked_token_reply
;
struct
create_completion_reply
create_completion_reply
;
struct
open_completion_reply
open_completion_reply
;
struct
add_completion_reply
add_completion_reply
;
...
...
@@ -6237,7 +6254,7 @@ union generic_reply
/* ### protocol_version begin ### */
#define SERVER_PROTOCOL_VERSION 6
79
#define SERVER_PROTOCOL_VERSION 6
80
/* ### protocol_version end ### */
...
...
server/process.c
View file @
ec9244f0
...
...
@@ -578,7 +578,7 @@ struct process *create_process( int fd, struct process *parent, int inherit_all,
if
(
!
parent
)
{
process
->
handles
=
alloc_handle_table
(
process
,
0
);
process
->
token
=
token_create_admin
();
process
->
token
=
token_create_admin
(
TokenElevationTypeFull
);
process
->
affinity
=
~
0
;
}
else
...
...
server/protocol.def
View file @
ec9244f0
...
...
@@ -3441,6 +3441,14 @@ struct handle_info
@END
/* Create a token which is an elevation counterpart to this token */
@REQ(create_linked_token)
obj_handle_t handle; /* handle to the token */
@REPLY
obj_handle_t linked; /* handle to the linked token */
@END
/* Create I/O completion port */
@REQ(create_completion)
unsigned int access; /* desired access to a port */
...
...
server/request.h
View file @
ec9244f0
...
...
@@ -365,6 +365,7 @@ DECL_HANDLER(get_kernel_object_handle);
DECL_HANDLER
(
make_process_system
);
DECL_HANDLER
(
get_token_statistics
);
DECL_HANDLER
(
get_token_elevation
);
DECL_HANDLER
(
create_linked_token
);
DECL_HANDLER
(
create_completion
);
DECL_HANDLER
(
open_completion
);
DECL_HANDLER
(
add_completion
);
...
...
@@ -646,6 +647,7 @@ static const req_handler req_handlers[REQ_NB_REQUESTS] =
(
req_handler
)
req_make_process_system
,
(
req_handler
)
req_get_token_statistics
,
(
req_handler
)
req_get_token_elevation
,
(
req_handler
)
req_create_linked_token
,
(
req_handler
)
req_create_completion
,
(
req_handler
)
req_open_completion
,
(
req_handler
)
req_add_completion
,
...
...
@@ -2111,6 +2113,10 @@ C_ASSERT( FIELD_OFFSET(struct get_token_elevation_request, handle) == 12 );
C_ASSERT
(
sizeof
(
struct
get_token_elevation_request
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_elevation_reply
,
elevation
)
==
8
);
C_ASSERT
(
sizeof
(
struct
get_token_elevation_reply
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
create_linked_token_request
,
handle
)
==
12
);
C_ASSERT
(
sizeof
(
struct
create_linked_token_request
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
create_linked_token_reply
,
linked
)
==
8
);
C_ASSERT
(
sizeof
(
struct
create_linked_token_reply
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
create_completion_request
,
access
)
==
12
);
C_ASSERT
(
FIELD_OFFSET
(
struct
create_completion_request
,
concurrent
)
==
16
);
C_ASSERT
(
sizeof
(
struct
create_completion_request
)
==
24
);
...
...
server/security.h
View file @
ec9244f0
...
...
@@ -54,7 +54,7 @@ extern const PSID security_high_label_sid;
/* token functions */
extern
struct
token
*
get_token_obj
(
struct
process
*
process
,
obj_handle_t
handle
,
unsigned
int
access
);
extern
struct
token
*
token_create_admin
(
void
);
extern
struct
token
*
token_create_admin
(
int
elevation
);
extern
int
token_assign_label
(
struct
token
*
token
,
PSID
label
);
extern
struct
token
*
token_duplicate
(
struct
token
*
src_token
,
unsigned
primary
,
int
impersonation_level
,
const
struct
security_descriptor
*
sd
,
...
...
server/token.c
View file @
ec9244f0
...
...
@@ -830,7 +830,7 @@ struct token *get_token_obj( struct process *process, obj_handle_t handle, unsig
return
(
struct
token
*
)
get_handle_obj
(
process
,
handle
,
access
,
&
token_ops
);
}
struct
token
*
token_create_admin
(
void
)
struct
token
*
token_create_admin
(
int
elevation
)
{
struct
token
*
token
=
NULL
;
static
const
SID_IDENTIFIER_AUTHORITY
nt_authority
=
{
SECURITY_NT_AUTHORITY
};
...
...
@@ -892,7 +892,7 @@ struct token *token_create_admin( void )
static
const
TOKEN_SOURCE
admin_source
=
{
"SeMgr"
,
{
0
,
0
}};
token
=
create_token
(
TRUE
,
user_sid
,
admin_groups
,
ARRAY_SIZE
(
admin_groups
),
admin_privs
,
ARRAY_SIZE
(
admin_privs
),
default_dacl
,
admin_source
,
NULL
,
-
1
,
TokenElevationTypeFull
);
admin_source
,
NULL
,
-
1
,
elevation
);
/* we really need a primary group */
assert
(
token
->
primary_group
);
}
...
...
@@ -1679,3 +1679,32 @@ DECL_HANDLER(get_token_elevation)
release_object
(
token
);
}
}
DECL_HANDLER
(
create_linked_token
)
{
struct
token
*
token
,
*
linked
;
int
elevation
;
if
((
token
=
(
struct
token
*
)
get_handle_obj
(
current
->
process
,
req
->
handle
,
TOKEN_QUERY
,
&
token_ops
)))
{
switch
(
token
->
elevation
)
{
case
TokenElevationTypeFull
:
elevation
=
TokenElevationTypeLimited
;
break
;
case
TokenElevationTypeLimited
:
elevation
=
TokenElevationTypeFull
;
break
;
default
:
release_object
(
token
);
return
;
}
if
((
linked
=
token_create_admin
(
elevation
)))
{
reply
->
linked
=
alloc_handle
(
current
->
process
,
linked
,
TOKEN_ALL_ACCESS
,
0
);
release_object
(
linked
);
}
release_object
(
token
);
}
}
server/trace.c
View file @
ec9244f0
...
...
@@ -4194,6 +4194,16 @@ static void dump_get_token_elevation_reply( const struct get_token_elevation_rep
fprintf
(
stderr
,
" elevation=%d"
,
req
->
elevation
);
}
static
void
dump_create_linked_token_request
(
const
struct
create_linked_token_request
*
req
)
{
fprintf
(
stderr
,
" handle=%04x"
,
req
->
handle
);
}
static
void
dump_create_linked_token_reply
(
const
struct
create_linked_token_reply
*
req
)
{
fprintf
(
stderr
,
" linked=%04x"
,
req
->
linked
);
}
static
void
dump_create_completion_request
(
const
struct
create_completion_request
*
req
)
{
fprintf
(
stderr
,
" access=%08x"
,
req
->
access
);
...
...
@@ -4707,6 +4717,7 @@ static const dump_func req_dumpers[REQ_NB_REQUESTS] = {
(
dump_func
)
dump_make_process_system_request
,
(
dump_func
)
dump_get_token_statistics_request
,
(
dump_func
)
dump_get_token_elevation_request
,
(
dump_func
)
dump_create_linked_token_request
,
(
dump_func
)
dump_create_completion_request
,
(
dump_func
)
dump_open_completion_request
,
(
dump_func
)
dump_add_completion_request
,
...
...
@@ -4985,6 +4996,7 @@ static const dump_func reply_dumpers[REQ_NB_REQUESTS] = {
(
dump_func
)
dump_make_process_system_reply
,
(
dump_func
)
dump_get_token_statistics_reply
,
(
dump_func
)
dump_get_token_elevation_reply
,
(
dump_func
)
dump_create_linked_token_reply
,
(
dump_func
)
dump_create_completion_reply
,
(
dump_func
)
dump_open_completion_reply
,
NULL
,
...
...
@@ -5263,6 +5275,7 @@ static const char * const req_names[REQ_NB_REQUESTS] = {
"make_process_system"
,
"get_token_statistics"
,
"get_token_elevation"
,
"create_linked_token"
,
"create_completion"
,
"open_completion"
,
"add_completion"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment