Add initial security subsystem
This commit is contained in:
@@ -113,7 +113,9 @@ list(APPEND XTOSKRNL_SOURCE
|
||||
${XTOSKRNL_SOURCE_DIR}/rtl/string.cc
|
||||
${XTOSKRNL_SOURCE_DIR}/rtl/time.cc
|
||||
${XTOSKRNL_SOURCE_DIR}/rtl/unicode.cc
|
||||
${XTOSKRNL_SOURCE_DIR}/rtl/widestr.cc)
|
||||
${XTOSKRNL_SOURCE_DIR}/rtl/widestr.cc
|
||||
${XTOSKRNL_SOURCE_DIR}/se/descript.cc
|
||||
${XTOSKRNL_SOURCE_DIR}/se/privileg.cc)
|
||||
|
||||
# Set module definition SPEC file
|
||||
set_specfile(xtoskrnl.spec xtoskrnl.exe)
|
||||
|
||||
18
xtoskrnl/includes/se.hh
Normal file
18
xtoskrnl/includes/se.hh
Normal file
@@ -0,0 +1,18 @@
|
||||
/**
|
||||
* PROJECT: ExectOS
|
||||
* COPYRIGHT: See COPYING.md in the top level directory
|
||||
* FILE: xtoskrnl/includes/se.hh
|
||||
* DESCRIPTION: Kernel Security
|
||||
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
|
||||
*/
|
||||
|
||||
#ifndef __XTOSKRNL_SE_HH
|
||||
#define __XTOSKRNL_SE_HH
|
||||
|
||||
#include <xtos.hh>
|
||||
|
||||
#include <se/descript.hh>
|
||||
#include <se/privileg.hh>
|
||||
|
||||
|
||||
#endif /* __XTOSKRNL_SE_HH */
|
||||
35
xtoskrnl/includes/se/descript.hh
Normal file
35
xtoskrnl/includes/se/descript.hh
Normal file
@@ -0,0 +1,35 @@
|
||||
/**
|
||||
* PROJECT: ExectOS
|
||||
* COPYRIGHT: See COPYING.md in the top level directory
|
||||
* FILE: xtoskrnl/includes/se/descript.hh
|
||||
* DESCRIPTION: Security Descriptors
|
||||
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
|
||||
*/
|
||||
|
||||
#ifndef __XTOSKRNL_SE_DESCRIPT_HH
|
||||
#define __XTOSKRNL_SE_DESCRIPT_HH
|
||||
|
||||
#include <xtos.hh>
|
||||
|
||||
|
||||
/* Kernel Security */
|
||||
namespace SE
|
||||
{
|
||||
class Descriptor
|
||||
{
|
||||
public:
|
||||
STATIC XTAPI XTSTATUS CaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputDescriptor,
|
||||
IN KPROCESSOR_MODE ProcessorMode,
|
||||
IN MMPOOL_TYPE PoolType,
|
||||
IN BOOLEAN ForceCapture,
|
||||
OUT PSECURITY_DESCRIPTOR *OutputDescriptor);
|
||||
STATIC XTFASTCALL ULONG ComputeSecurityQuota(IN ULONG Size);
|
||||
STATIC XTAPI XTSTATUS ComputeQuotaInformationSize(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
OUT PULONG QuotaSize);
|
||||
STATIC XTAPI VOID ReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR Descriptor,
|
||||
IN KPROCESSOR_MODE ProcessorMode,
|
||||
IN BOOLEAN ForceRelease);
|
||||
};
|
||||
}
|
||||
|
||||
#endif /* __XTOSKRNL_SE_DESCRIPT_HH */
|
||||
27
xtoskrnl/includes/se/privileg.hh
Normal file
27
xtoskrnl/includes/se/privileg.hh
Normal file
@@ -0,0 +1,27 @@
|
||||
/**
|
||||
* PROJECT: ExectOS
|
||||
* COPYRIGHT: See COPYING.md in the top level directory
|
||||
* FILE: xtoskrnl/includes/se/privileg.hh
|
||||
* DESCRIPTION: Privileges Management
|
||||
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
|
||||
*/
|
||||
|
||||
#ifndef __XTOSKRNL_SE_PRIVILEG_HH
|
||||
#define __XTOSKRNL_SE_PRIVILEG_HH
|
||||
|
||||
#include <xtos.hh>
|
||||
|
||||
|
||||
/* Kernel Security */
|
||||
namespace SE
|
||||
{
|
||||
class Privileges
|
||||
{
|
||||
|
||||
public:
|
||||
STATIC XTAPI BOOLEAN CheckSinglePrivilege(LUID PrivilegeValue,
|
||||
KPROCESSOR_MODE ProcessorMode);
|
||||
};
|
||||
}
|
||||
|
||||
#endif /* __XTOSKRNL_SE_PRIVILEG_HH */
|
||||
@@ -26,3 +26,4 @@
|
||||
#include <po.hh>
|
||||
#include <ps.hh>
|
||||
#include <rtl.hh>
|
||||
#include <se.hh>
|
||||
|
||||
127
xtoskrnl/se/descript.cc
Normal file
127
xtoskrnl/se/descript.cc
Normal file
@@ -0,0 +1,127 @@
|
||||
/**
|
||||
* PROJECT: ExectOS
|
||||
* COPYRIGHT: See COPYING.md in the top level directory
|
||||
* FILE: xtoskrnl/se/descript.cc
|
||||
* DESCRIPTION: Security Descriptors
|
||||
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
|
||||
*/
|
||||
|
||||
#include <xtos.hh>
|
||||
|
||||
|
||||
/**
|
||||
* Creates a safe kernel-space copy of a security descriptor to prevent TOC/TOU vulnerabilities.
|
||||
*
|
||||
* @param InputDescriptor
|
||||
* Supplies a pointer to the original security descriptor to be captured.
|
||||
*
|
||||
* @param ProcessorMode
|
||||
* Supplies the processor mode from which the request originated.
|
||||
*
|
||||
* @param PoolType
|
||||
* Supplies the type of memory pool to allocate the captured copy from.
|
||||
*
|
||||
* @param ForceCapture
|
||||
* Supplies a boolean value indicating whether to force the capture in kernel mode.
|
||||
*
|
||||
* @param OutputDescriptor
|
||||
* Supplies a pointer to a variable that receives the safely captured security descriptor.
|
||||
*
|
||||
* @return This routine returns a status code indicating the success or failure of the operation.
|
||||
*
|
||||
* @since XT 1.0
|
||||
*/
|
||||
XTAPI
|
||||
XTSTATUS
|
||||
SE::Descriptor::CaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputDescriptor,
|
||||
IN KPROCESSOR_MODE ProcessorMode,
|
||||
IN MMPOOL_TYPE PoolType,
|
||||
IN BOOLEAN ForceCapture,
|
||||
OUT PSECURITY_DESCRIPTOR *OutputDescriptor)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
|
||||
/* Return success */
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* Computes the memory quota required for a security descriptor.
|
||||
*
|
||||
* @param Size
|
||||
* Supplies the base size of the security information in bytes.
|
||||
*
|
||||
* @return This routine returns the computed security quota in bytes.
|
||||
*
|
||||
* @since XT 1.0
|
||||
*/
|
||||
XTFASTCALL
|
||||
ULONG
|
||||
SE::Descriptor::ComputeSecurityQuota(IN ULONG Size)
|
||||
{
|
||||
ULONG ComputedSize;
|
||||
|
||||
/* Calculate double the base size */
|
||||
ComputedSize = Size * 2;
|
||||
|
||||
/* Ensure the allocated quota meets the minimum default system threshold */
|
||||
return (ComputedSize > SE_DEFAULT_SECURITY_QUOTA) ? ComputedSize : SE_DEFAULT_SECURITY_QUOTA;
|
||||
}
|
||||
|
||||
/**
|
||||
* Calculates the exact memory footprint of a security descriptor for quota accounting.
|
||||
*
|
||||
* @param SecurityDescriptor
|
||||
* Supplies a pointer to a valid, captured security descriptor.
|
||||
*
|
||||
* @param QuotaSize
|
||||
* Supplies a pointer to a variable that receives the calculated quota size in bytes.
|
||||
*
|
||||
* @return This routine returns a status code indicating the success or failure of the operation.
|
||||
*
|
||||
* @since XT 1.0
|
||||
*/
|
||||
XTAPI
|
||||
XTSTATUS
|
||||
SE::Descriptor::ComputeQuotaInformationSize(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
OUT PULONG QuotaSize)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
|
||||
/* Return success */
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* Frees the memory of a captured security descriptor.
|
||||
*
|
||||
* @param Descriptor
|
||||
* Supplies a pointer to the captured security descriptor to be released.
|
||||
*
|
||||
* @param ProcessorMode
|
||||
* Supplies the processor mode that was originally used to capture the descriptor.
|
||||
*
|
||||
* @param ForceRelease
|
||||
* Supplies a boolean value indicating whether to force the deallocation.
|
||||
*
|
||||
* @return This routine does not return any value.
|
||||
*
|
||||
* @since XT 1.0
|
||||
*/
|
||||
XTAPI
|
||||
VOID
|
||||
SE::Descriptor::ReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR Descriptor,
|
||||
IN KPROCESSOR_MODE ProcessorMode,
|
||||
IN BOOLEAN ForceRelease)
|
||||
{
|
||||
/* Check if the descriptor should be released */
|
||||
if(((ProcessorMode == KernelMode) && (ForceRelease == TRUE)) || (ProcessorMode == UserMode))
|
||||
{
|
||||
/* Ensure the descriptor is valid */
|
||||
if(Descriptor)
|
||||
{
|
||||
/* Free the descriptor */
|
||||
MM::Allocator::FreePool(Descriptor, TAG_SE_DESCRIPTOR);
|
||||
}
|
||||
}
|
||||
}
|
||||
34
xtoskrnl/se/privileg.cc
Normal file
34
xtoskrnl/se/privileg.cc
Normal file
@@ -0,0 +1,34 @@
|
||||
/**
|
||||
* PROJECT: ExectOS
|
||||
* COPYRIGHT: See COPYING.md in the top level directory
|
||||
* FILE: xtoskrnl/se/privileg.cc
|
||||
* DESCRIPTION: Privileges Management
|
||||
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
|
||||
*/
|
||||
|
||||
#include <xtos.hh>
|
||||
|
||||
|
||||
/**
|
||||
* Checks if the current thread's access token holds a specific privilege.
|
||||
*
|
||||
* @param PrivilegeValue
|
||||
* Supplies the locally unique identifier (LUID) of the privilege to check.
|
||||
*
|
||||
* @param ProcessorMode
|
||||
* Supplies the processor mode from which the request originated.
|
||||
*
|
||||
* @return This routine returns TRUE if the privilege is held, or FALSE otherwise.
|
||||
*
|
||||
* @since XT 1.0
|
||||
*/
|
||||
XTAPI
|
||||
BOOLEAN
|
||||
SE::Privileges::CheckSinglePrivilege(LUID PrivilegeValue,
|
||||
KPROCESSOR_MODE ProcessorMode)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
|
||||
/* Return TRUE */
|
||||
return TRUE;
|
||||
}
|
||||
Reference in New Issue
Block a user