[NTOS] Add TAG_DACL in tag.h and use it.

2024-11-23 11:33:31 +08:00 · 2022-11-01 22:06:12 +01:00 · 2022-11-01 22:06:12 +01:00 · ab5fdac922
commit ab5fdac922
parent 33e0a69dad
4 changed files with 21 additions and 20 deletions
--- a/ntoskrnl/include/internal/tag.h
+++ b/ntoskrnl/include/internal/tag.h
@ -165,6 +165,7 @@
 #define TAG_SID_AND_ATTRIBUTES  'aSeS'
 #define TAG_SID_VALIDATE        'vSeS'
 #define TAG_ACCESS_CHECK_RIGHT  'rCeS'
+#define TAG_DACL                'lcaD'

 /* LPC Tags */
 #define TAG_LPC_MESSAGE         'McpL'
--- a/ntoskrnl/mm/ARM3/mminit.c
+++ b/ntoskrnl/mm/ARM3/mminit.c
@ -1264,7 +1264,7 @@ MiCreateMemoryEvent(IN PUNICODE_STRING Name,
                 RtlLengthSid(SeWorldSid);

    /* Allocate space for the DACL */
-    Dacl = ExAllocatePoolWithTag(PagedPool, DaclLength, 'lcaD');
+    Dacl = ExAllocatePoolWithTag(PagedPool, DaclLength, TAG_DACL);
    if (!Dacl) return STATUS_INSUFFICIENT_RESOURCES;

    /* Setup the ACL inside it */
@ -1314,7 +1314,7 @@ MiCreateMemoryEvent(IN PUNICODE_STRING Name,
                           FALSE);
 CleanUp:
    /* Free the DACL */
-    ExFreePoolWithTag(Dacl, 'lcaD');
+    ExFreePoolWithTag(Dacl, TAG_DACL);

    /* Check if this is the success path */
    if (NT_SUCCESS(Status))
--- a/ntoskrnl/mm/pagefile.c
+++ b/ntoskrnl/mm/pagefile.c
@ -476,7 +476,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    /* Create the DACL: we will only allow two SIDs */
    Count = sizeof(ACL) + (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
                          (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
-    Dacl = ExAllocatePoolWithTag(PagedPool, Count, 'lcaD');
+    Dacl = ExAllocatePoolWithTag(PagedPool, Count, TAG_DACL);
    if (Dacl == NULL)
    {
        ExFreePoolWithTag(Buffer, TAG_MM);
@ -487,7 +487,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    Status = RtlCreateAcl(Dacl, Count, ACL_REVISION);
    if (!NT_SUCCESS(Status))
    {
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return Status;
    }
@ -496,7 +496,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    Status = RtlAddAccessAllowedAce(Dacl, ACL_REVISION, FILE_ALL_ACCESS, SeAliasAdminsSid);
    if (!NT_SUCCESS(Status))
    {
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return Status;
    }
@ -505,7 +505,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    Status = RtlAddAccessAllowedAce(Dacl, ACL_REVISION, FILE_ALL_ACCESS, SeLocalSystemSid);
    if (!NT_SUCCESS(Status))
    {
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return Status;
    }
@ -514,7 +514,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    Status = RtlSetDaclSecurityDescriptor(&SecurityDescriptor, TRUE, Dacl, FALSE);
    if (!NT_SUCCESS(Status))
    {
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return Status;
    }
@ -573,7 +573,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
                              SL_OPEN_PAGING_FILE | IO_NO_PARAMETER_CHECKING);
        if (!NT_SUCCESS(Status))
        {
-            ExFreePoolWithTag(Dacl, 'lcaD');
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return Status;
        }
@ -590,7 +590,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
        if (!NT_SUCCESS(Status))
        {
            ZwClose(FileHandle);
-            ExFreePoolWithTag(Dacl, 'lcaD');
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return Status;
        }
@ -625,7 +625,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
            KeReleaseGuardedMutex(&MmPageFileCreationLock);
            ObDereferenceObject(FileObject);
            ZwClose(FileHandle);
-            ExFreePoolWithTag(Dacl, 'lcaD');
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return STATUS_NOT_FOUND;
        }
@ -636,7 +636,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
            KeReleaseGuardedMutex(&MmPageFileCreationLock);
            ObDereferenceObject(FileObject);
            ZwClose(FileHandle);
-            ExFreePoolWithTag(Dacl, 'lcaD');
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return STATUS_INVALID_PARAMETER_2;
        }
@ -646,7 +646,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
            KeReleaseGuardedMutex(&MmPageFileCreationLock);
            ObDereferenceObject(FileObject);
            ZwClose(FileHandle);
-            ExFreePoolWithTag(Dacl, 'lcaD');
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return STATUS_INVALID_PARAMETER_3;
        }
@ -657,7 +657,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
        KeReleaseGuardedMutex(&MmPageFileCreationLock);
        ObDereferenceObject(FileObject);
        ZwClose(FileHandle);
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return STATUS_NOT_IMPLEMENTED;
    }
@ -665,7 +665,7 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("Failed creating page file: %lx\n", Status);
-        ExFreePoolWithTag(Dacl, 'lcaD');
+        ExFreePoolWithTag(Dacl, TAG_DACL);
        ExFreePoolWithTag(Buffer, TAG_MM);
        return Status;
    }
@ -676,17 +676,17 @@ NtCreatePagingFile(IN PUNICODE_STRING FileName,
        Status = ZwSetSecurityObject(FileHandle, DACL_SECURITY_INFORMATION, &SecurityDescriptor);
        if (!NT_SUCCESS(Status))
        {
-            ExFreePoolWithTag(Dacl, 'lcaD');
            ZwClose(FileHandle);
+            ExFreePoolWithTag(Dacl, TAG_DACL);
            ExFreePoolWithTag(Buffer, TAG_MM);
            return Status;
        }
    }

    /* DACL is no longer needed, free it */
-    ExFreePoolWithTag(Dacl, 'lcaD');
+    ExFreePoolWithTag(Dacl, TAG_DACL);

-    /* FIXME: To enable once page file managment is moved to ARM3 */
+    /* FIXME: To enable once page file management is moved to ARM3 */
 #if 0
    /* Check we won't overflow commit limit with the page file */
    if (MmTotalCommitLimitMaximum + (SafeMaximumSize.QuadPart >> PAGE_SHIFT) <= MmTotalCommitLimitMaximum)
--- a/ntoskrnl/ob/obname.c
+++ b/ntoskrnl/ob/obname.c
@ -58,7 +58,7 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
                  sizeof(ACE) + RtlLengthSid(SeCreatorOwnerSid);

        /* Allocate the ACL */
-        Dacl = ExAllocatePoolWithTag(PagedPool, AclSize, 'lcaD');
+        Dacl = ExAllocatePoolWithTag(PagedPool, AclSize, TAG_DACL);
        if (Dacl == NULL)
        {
            return STATUS_INSUFFICIENT_RESOURCES;
@ -117,7 +117,7 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
                  sizeof(ACE) + RtlLengthSid(SeLocalSystemSid);

        /* Allocate the ACL */
-        Dacl = ExAllocatePoolWithTag(PagedPool, AclSize, 'lcaD');
+        Dacl = ExAllocatePoolWithTag(PagedPool, AclSize, TAG_DACL);
        if (Dacl == NULL)
        {
            return STATUS_INSUFFICIENT_RESOURCES;
@ -168,7 +168,7 @@ ObpFreeDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
    ASSERT(NT_SUCCESS(Status));
    ASSERT(DaclPresent);
    ASSERT(Dacl != NULL);
-    ExFreePoolWithTag(Dacl, 'lcaD');
+    ExFreePoolWithTag(Dacl, TAG_DACL);
 }

 CODE_SEG("INIT")