Rebase against e01cb2b9156f808acc279a1b4753a48de0fda327.

2024-09-13 09:17:20 -07:00 · 2024-03-27 18:08:14 -05:00 · 2024-03-27 18:08:14 -05:00 · 5d8ef8d881
commit 5d8ef8d881
parent fdd0f9a334
6 changed files with 11 additions and 322 deletions
--- a/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0001-fltmgr.sys-Implement-FltBuildDefaultSecurityDescript.patch
+++ b/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0001-fltmgr.sys-Implement-FltBuildDefaultSecurityDescript.patch
@ -1,153 +0,0 @@
-From 8caf8262a8ae8b5f0275172a62d807240d86968d Mon Sep 17 00:00:00 2001
-From: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
-Date: Sun, 29 Aug 2021 13:26:53 +1000
-Subject: [PATCH 1/3] fltmgr.sys: Implement FltBuildDefaultSecurityDescriptor
-
-Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
---
- dlls/fltmgr.sys/Makefile.in     |  1 +
- dlls/fltmgr.sys/fltmgr.sys.spec |  4 +-
- dlls/fltmgr.sys/main.c          | 75 ++++++++++++++++++++++++++++++++-
- include/ddk/fltkernel.h         |  3 +-
- 4 files changed, 79 insertions(+), 4 deletions(-)
-
-diff --git a/dlls/fltmgr.sys/Makefile.in b/dlls/fltmgr.sys/Makefile.in
-index 6ebd48d9412..ae0e812cb22 100644
--- a/dlls/fltmgr.sys/Makefile.in
-+++ b/dlls/fltmgr.sys/Makefile.in
-@@ -1,5 +1,6 @@
- MODULE    = fltmgr.sys
- EXTRADLLFLAGS = -Wl,--subsystem,native
-+IMPORTS = ntoskrnl
- 
- SOURCES = \
- 	fltmgr.sys.spec \
-diff --git a/dlls/fltmgr.sys/fltmgr.sys.spec b/dlls/fltmgr.sys/fltmgr.sys.spec
-index 39ce6798178..8943b9f85cf 100644
--- a/dlls/fltmgr.sys/fltmgr.sys.spec
-+++ b/dlls/fltmgr.sys/fltmgr.sys.spec
-@@ -10,7 +10,7 @@
- @ stub FltAllocatePoolAlignedWithTag
- @ stub FltAttachVolume
- @ stub FltAttachVolumeAtAltitude
-@ stub FltBuildDefaultSecurityDescriptor
-+@ stdcall FltBuildDefaultSecurityDescriptor(ptr long)
- @ stub FltCancelFileOpen
- @ stub FltCancelIo
- @ stub FltCbdqDisable
-@@ -60,7 +60,7 @@
- @ stub FltFreeFileLock
- @ stub FltFreeGenericWorkItem
- @ stub FltFreePoolAlignedWithTag
-@ stub FltFreeSecurityDescriptor
-+@ stdcall FltFreeSecurityDescriptor(ptr)
- @ stub FltFsControlFile
- @ stub FltGetBottomInstance
- @ stub FltGetContexts
-diff --git a/dlls/fltmgr.sys/main.c b/dlls/fltmgr.sys/main.c
-index e1016a4989c..9a85f4b6c82 100644
--- a/dlls/fltmgr.sys/main.c
-+++ b/dlls/fltmgr.sys/main.c
-@@ -23,7 +23,6 @@
- #include "ntstatus.h"
- #define WIN32_NO_STATUS
- #include "windef.h"
-#include "winbase.h"
- #include "winternl.h"
- #include "ddk/fltkernel.h"
- 
-@@ -93,3 +92,77 @@ void* WINAPI FltGetRoutineAddress(LPCSTR name)
- 
-     return func;
- }
-+
-+NTSTATUS WINAPI FltBuildDefaultSecurityDescriptor(PSECURITY_DESCRIPTOR *descriptor, ACCESS_MASK access)
-+{
-+    PACL dacl;
-+    NTSTATUS ret = STATUS_INSUFFICIENT_RESOURCES;
-+    DWORD sid_len;
-+    SID *sid;
-+    SID *sid_system = NULL;
-+    PSECURITY_DESCRIPTOR sec_desc = NULL;
-+    SID_IDENTIFIER_AUTHORITY auth = { SECURITY_NULL_SID_AUTHORITY };
-+
-+    *descriptor = NULL;
-+
-+    sid_len = RtlLengthRequiredSid(2);
-+    sid = ExAllocatePool(PagedPool, sid_len);
-+    if (!sid)
-+        goto done;
-+    RtlInitializeSid(sid, &auth, 2);
-+    sid->SubAuthority[1] = DOMAIN_GROUP_RID_ADMINS;
-+    sid->SubAuthority[0] = SECURITY_BUILTIN_DOMAIN_RID;
-+
-+    sid_len = RtlLengthRequiredSid(1);
-+    sid_system = ExAllocatePool(PagedPool, sid_len);
-+    if (!sid_system)
-+        goto done;
-+    RtlInitializeSid(sid_system, &auth, 1);
-+    sid_system->SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
-+
-+    sid_len = SECURITY_DESCRIPTOR_MIN_LENGTH + sizeof(ACL) +
-+            sizeof(ACCESS_ALLOWED_ACE) + RtlLengthSid(sid) +
-+            sizeof(ACCESS_ALLOWED_ACE) + RtlLengthSid(sid_system);
-+
-+    sec_desc = ExAllocatePool(PagedPool, sid_len);
-+    if (!sec_desc)
-+    {
-+        ret = STATUS_NO_MEMORY;
-+        goto done;
-+    }
-+
-+    ret = RtlCreateSecurityDescriptor(sec_desc, SECURITY_DESCRIPTOR_REVISION);
-+    if (ret != STATUS_SUCCESS)
-+        goto done;
-+
-+    dacl = (PACL)((char*)sec_desc + SECURITY_DESCRIPTOR_MIN_LENGTH);
-+    ret = RtlCreateAcl(dacl, sid_len - SECURITY_DESCRIPTOR_MIN_LENGTH, ACL_REVISION);
-+    if (ret != STATUS_SUCCESS)
-+        goto done;
-+
-+    ret = RtlAddAccessAllowedAce(dacl, ACL_REVISION, access, sid);
-+    if (ret != STATUS_SUCCESS)
-+        goto done;
-+
-+    ret = RtlAddAccessAllowedAce(dacl, ACL_REVISION, access, sid_system);
-+    if (ret != STATUS_SUCCESS)
-+        goto done;
-+
-+    ret = RtlSetDaclSecurityDescriptor(sec_desc, 1, dacl, 0);
-+    if (ret == STATUS_SUCCESS)
-+        *descriptor = sec_desc;
-+
-+done:
-+    if (ret != STATUS_SUCCESS)
-+        ExFreePool(sec_desc);
-+
-+    ExFreePool(sid);
-+    ExFreePool(sid_system);
-+
-+    return ret;
-+}
-+
-+void WINAPI FltFreeSecurityDescriptor(PSECURITY_DESCRIPTOR descriptor)
-+{
-+    ExFreePool(descriptor);
-+}
-diff --git a/include/ddk/fltkernel.h b/include/ddk/fltkernel.h
-index 49c9d55dbaa..e5483d5a3fa 100644
--- a/include/ddk/fltkernel.h
-+++ b/include/ddk/fltkernel.h
-@@ -653,7 +653,8 @@ typedef struct _FLT_REGISTRATION
-     PFLT_SECTION_CONFLICT_NOTIFICATION_CALLBACK SectionNotificationCallback;
- } FLT_REGISTRATION, *PFLT_REGISTRATION;
- 
-
-+NTSTATUS WINAPI FltBuildDefaultSecurityDescriptor(PSECURITY_DESCRIPTOR *, ACCESS_MASK);
-+void     WINAPI FltFreeSecurityDescriptor(PSECURITY_DESCRIPTOR);
- void*    WINAPI FltGetRoutineAddress(LPCSTR name);
- NTSTATUS WINAPI FltRegisterFilter(PDRIVER_OBJECT, const FLT_REGISTRATION *, PFLT_FILTER *);
- NTSTATUS WINAPI FltStartFiltering(PFLT_FILTER);
-- 
-2.42.0
-
--- a/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0002-fltmgr.sys-Create-import-library.patch
+++ b/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0002-fltmgr.sys-Create-import-library.patch
@ -1,23 +0,0 @@
-From c1af142bac149b296b2dea06cd99c13e0f8814c9 Mon Sep 17 00:00:00 2001
-From: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
-Date: Mon, 30 Aug 2021 15:15:35 +1000
-Subject: [PATCH 2/3] fltmgr.sys: Create import library
-
-Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
---
- dlls/fltmgr.sys/Makefile.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/dlls/fltmgr.sys/Makefile.in b/dlls/fltmgr.sys/Makefile.in
-index ae0e812cb22..ae02da9b5d6 100644
--- a/dlls/fltmgr.sys/Makefile.in
-+++ b/dlls/fltmgr.sys/Makefile.in
-@@ -1,4 +1,5 @@
- MODULE    = fltmgr.sys
-+IMPORTLIB = fltmgr
- EXTRADLLFLAGS = -Wl,--subsystem,native
- IMPORTS = ntoskrnl
- 
-- 
-2.42.0
-
--- a/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0003-ntoskrnl.exe-Add-FltBuildDefaultSecurityDescriptor-t.patch
+++ b/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/0003-ntoskrnl.exe-Add-FltBuildDefaultSecurityDescriptor-t.patch
@ -1,133 +0,0 @@
-From c69247afcbd83af223f471342c67bc06deeffda0 Mon Sep 17 00:00:00 2001
-From: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
-Date: Mon, 30 Aug 2021 15:16:06 +1000
-Subject: [PATCH] ntoskrnl.exe: Add FltBuildDefaultSecurityDescriptor test
-
-Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
---
- dlls/ntoskrnl.exe/tests/Makefile.in |  2 +-
- dlls/ntoskrnl.exe/tests/driver.c    | 81 +++++++++++++++++++++++++++++
- 2 files changed, 82 insertions(+), 1 deletion(-)
-
-diff --git a/dlls/ntoskrnl.exe/tests/Makefile.in b/dlls/ntoskrnl.exe/tests/Makefile.in
-index f610df6a947..97dee8b25cf 100644
--- a/dlls/ntoskrnl.exe/tests/Makefile.in
-+++ b/dlls/ntoskrnl.exe/tests/Makefile.in
-@@ -1,7 +1,7 @@
- TESTDLL   = ntoskrnl.exe
- IMPORTS   = advapi32 crypt32 newdev setupapi user32 wintrust ws2_32 hid
- 
-driver_IMPORTS = winecrt0 ntoskrnl hal
-+driver_IMPORTS = winecrt0 ntoskrnl hal fltmgr
- driver_EXTRADLLFLAGS = -nodefaultlibs -nostartfiles -Wl,--subsystem,native
- driver2_IMPORTS = winecrt0 ntoskrnl hal
- driver2_EXTRADLLFLAGS = -nodefaultlibs -nostartfiles -Wl,--subsystem,native
-diff --git a/dlls/ntoskrnl.exe/tests/driver.c b/dlls/ntoskrnl.exe/tests/driver.c
-index ea4bd03ee44..844a181472c 100644
--- a/dlls/ntoskrnl.exe/tests/driver.c
-+++ b/dlls/ntoskrnl.exe/tests/driver.c
-@@ -36,6 +36,7 @@
- #include "ddk/ntddk.h"
- #include "ddk/ntifs.h"
- #include "ddk/wdm.h"
-+#include "ddk/fltkernel.h"
- 
- #include "driver.h"
- 
-@@ -2393,6 +2394,85 @@ static void test_default_modules(void)
-     ok(dxgmms1, "Failed to find dxgmms1.sys\n");
- }
- 
-+static void test_default_security(void)
-+{
-+    PSECURITY_DESCRIPTOR sd = NULL;
-+    NTSTATUS status;
-+    PSID group = NULL, owner = NULL;
-+    BOOLEAN isdefault, present;
-+    PACL acl = NULL;
-+    PACCESS_ALLOWED_ACE ace;
-+    SID_IDENTIFIER_AUTHORITY auth = { SECURITY_NULL_SID_AUTHORITY };
-+    SID_IDENTIFIER_AUTHORITY authwine7 = { SECURITY_NT_AUTHORITY };
-+    PSID sid1, sid2, sidwin7;
-+    BOOL ret;
-+
-+    status = FltBuildDefaultSecurityDescriptor(&sd, STANDARD_RIGHTS_ALL);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    if (status != STATUS_SUCCESS)
-+    {
-+        win_skip("Skipping FltBuildDefaultSecurityDescriptor tests\n");
-+        return;
-+    }
-+    ok(sd != NULL, "Failed to return descriptor\n");
-+
-+    status = RtlGetGroupSecurityDescriptor(sd, &group, &isdefault);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    ok(group == NULL, "group isn't NULL\n");
-+
-+    status = RtlGetOwnerSecurityDescriptor(sd, &owner, &isdefault);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    ok(owner == NULL, "owner isn't NULL\n");
-+
-+    status = RtlGetDaclSecurityDescriptor(sd, &present, &acl, &isdefault);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    ok(acl != NULL, "acl is NULL\n");
-+    ok(acl->AceCount == 2, "got %d\n", acl->AceCount);
-+
-+    sid1 = ExAllocatePool(NonPagedPool, RtlLengthRequiredSid(2));
-+    status = RtlInitializeSid(sid1, &auth, 2);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    *RtlSubAuthoritySid(sid1, 0)  = SECURITY_BUILTIN_DOMAIN_RID;
-+    *RtlSubAuthoritySid(sid1, 1) = DOMAIN_GROUP_RID_ADMINS;
-+
-+    sidwin7 = ExAllocatePool(NonPagedPool, RtlLengthRequiredSid(2));
-+    status = RtlInitializeSid(sidwin7, &authwine7, 2);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+    *RtlSubAuthoritySid(sidwin7, 0)  = SECURITY_BUILTIN_DOMAIN_RID;
-+    *RtlSubAuthoritySid(sidwin7, 1) = DOMAIN_ALIAS_RID_ADMINS;
-+
-+    sid2 = ExAllocatePool(NonPagedPool, RtlLengthRequiredSid(1));
-+    RtlInitializeSid(sid2, &auth, 1);
-+    *RtlSubAuthoritySid(sid2, 0)  = SECURITY_LOCAL_SYSTEM_RID;
-+
-+    /* SECURITY_BUILTIN_DOMAIN_RID */
-+    status = RtlGetAce(acl, 0, (void**)&ace);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+
-+    ok(ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE, "got %#x\n", ace->Header.AceType);
-+    ok(ace->Header.AceFlags == 0, "got %#x\n", ace->Header.AceFlags);
-+    ok(ace->Mask == STANDARD_RIGHTS_ALL, "got %#lx\n", ace->Mask);
-+
-+    ret = RtlEqualSid(sid1, (PSID)&ace->SidStart) || RtlEqualSid(sidwin7, (PSID)&ace->SidStart);
-+    ok(ret, "SID not equal\n");
-+
-+    /* SECURITY_LOCAL_SYSTEM_RID */
-+    status = RtlGetAce(acl, 1, (void**)&ace);
-+    ok(status == STATUS_SUCCESS, "got %#lx\n", status);
-+
-+    ok(ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE, "got %#x\n", ace->Header.AceType);
-+    ok(ace->Header.AceFlags == 0, "got %#x\n", ace->Header.AceFlags);
-+    ok(ace->Mask == STANDARD_RIGHTS_ALL, "got %#lx\n", ace->Mask);
-+
-+    ret = RtlEqualSid(sid2, (PSID)&ace->SidStart) || RtlEqualSid(sidwin7, (PSID)&ace->SidStart);
-+    ok(ret, "SID not equal\n");
-+
-+    ExFreePool(sid1);
-+    ExFreePool(sid2);
-+
-+    FltFreeSecurityDescriptor(sd);
-+}
-+
- static NTSTATUS main_test(DEVICE_OBJECT *device, IRP *irp, IO_STACK_LOCATION *stack)
- {
-     void *buffer = irp->AssociatedIrp.SystemBuffer;
-@@ -2438,6 +2518,7 @@ static NTSTATUS main_test(DEVICE_OBJECT *device, IRP *irp, IO_STACK_LOCATION *st
-     test_process_memory(test_input);
-     test_permanence();
-     test_driver_object_extension();
-+    test_default_security();
- 
-     IoMarkIrpPending(irp);
-     IoQueueWorkItem(work_item, main_test_task, DelayedWorkQueue, irp);
-- 
-2.42.0
-
--- a/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/definition
+++ b/patches/fltmgr.sys-FltBuildDefaultSecurityDescriptor/definition
@ -1,2 +0,0 @@
-Fixes: [49089] fltmgr.sys: Implement FltBuildDefaultSecurityDescriptor
-Depends: winedevice-Default_Drivers
--- a/patches/winedevice-Default_Drivers/0004-programs-winedevice-Load-some-common-drivers-and-fix.patch
+++ b/patches/winedevice-Default_Drivers/0004-programs-winedevice-Load-some-common-drivers-and-fix.patch
@ -1,4 +1,4 @@
-From 951d65cf18b7950d1aadaaf63c02c6a2a6fce073 Mon Sep 17 00:00:00 2001
+From 555187b5ebdae9e7aa8a3edf7a74997c86fe0016 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Thu, 8 Jun 2017 23:50:03 +0200
 Subject: [PATCH] programs/winedevice: Load some common drivers and fix ldr
@ -10,10 +10,10 @@ Subject: [PATCH] programs/winedevice: Load some common drivers and fix ldr
 2 files changed, 76 insertions(+)

 diff --git a/dlls/ntoskrnl.exe/tests/driver.c b/dlls/ntoskrnl.exe/tests/driver.c
-index a80bef78fab..18f2920759d 100644
+index 751f2acff96..1af19c6f9ba 100644
 --- a/dlls/ntoskrnl.exe/tests/driver.c
 +++ b/dlls/ntoskrnl.exe/tests/driver.c
-@@ -52,6 +52,7 @@ static int kmemcmp( const void *ptr1, const void *ptr2, size_t n )
+@@ -57,6 +57,7 @@ static int kmemcmp( const void *ptr1, const void *ptr2, size_t n )
 
 static DRIVER_OBJECT *driver_obj;
 static DEVICE_OBJECT *lower_device, *upper_device;
@ -21,7 +21,7 @@ index a80bef78fab..18f2920759d 100644
 
 static POBJECT_TYPE *pExEventObjectType, *pIoFileObjectType, *pPsThreadType, *pIoDriverObjectType;
 static PEPROCESS *pPsInitialSystemProcess;
-@@ -1713,6 +1714,7 @@ static void test_resource(void)
+@@ -1716,6 +1717,7 @@ static void test_resource(void)
     ok(status == STATUS_SUCCESS, "got status %#lx\n", status);
 }
 
@ -29,8 +29,8 @@ index a80bef78fab..18f2920759d 100644
 static void test_lookup_thread(void)
 {
     NTSTATUS status;
-@@ -2326,6 +2328,52 @@ static void test_driver_object_extension(void)
-     ok(get_obj_ext == NULL, "got %p\n", get_obj_ext);
+@@ -2425,6 +2427,52 @@ static void test_default_security(void)
+     FltFreeSecurityDescriptor(sd);
 }
 
 +static void test_default_modules(void)
@ -82,7 +82,7 @@ index a80bef78fab..18f2920759d 100644
 static NTSTATUS main_test(DEVICE_OBJECT *device, IRP *irp, IO_STACK_LOCATION *stack)
 {
     void *buffer = irp->AssociatedIrp.SystemBuffer;
-@@ -2358,6 +2406,7 @@ static NTSTATUS main_test(DEVICE_OBJECT *device, IRP *irp, IO_STACK_LOCATION *st
+@@ -2457,6 +2505,7 @@ static NTSTATUS main_test(DEVICE_OBJECT *device, IRP *irp, IO_STACK_LOCATION *st
     test_stack_callout();
     test_lookaside_list();
     test_ob_reference();
@ -90,7 +90,7 @@ index a80bef78fab..18f2920759d 100644
     test_resource();
     test_lookup_thread();
     test_IoAttachDeviceToDeviceStack();
-@@ -2838,6 +2887,7 @@ NTSTATUS WINAPI DriverEntry(DRIVER_OBJECT *driver, PUNICODE_STRING registry)
+@@ -2938,6 +2987,7 @@ NTSTATUS WINAPI DriverEntry(DRIVER_OBJECT *driver, PUNICODE_STRING registry)
     DbgPrint("loading driver\n");
 
     driver_obj = driver;
@ -99,7 +99,7 @@ index a80bef78fab..18f2920759d 100644
     /* Allow unloading of the driver */
     driver->DriverUnload = driver_Unload;
 diff --git a/programs/winedevice/device.c b/programs/winedevice/device.c
-index 0a96307a017..abcb7b20679 100644
+index bb585087230..9b4395ff098 100644
 --- a/programs/winedevice/device.c
 +++ b/programs/winedevice/device.c
@@ -122,8 +122,16 @@ static DWORD WINAPI service_handler( DWORD ctrl, DWORD event_type, LPVOID event_
@ -145,5 +145,5 @@ index 0a96307a017..abcb7b20679 100644
     set_service_status( service_handle, SERVICE_RUNNING,
                         SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_SHUTDOWN );
 -- 
-2.39.2
+2.43.0

--- a/staging/upstream-commit
+++ b/staging/upstream-commit
@ -1 +1 @@
-4573910acc2783a3f678a428aa313377b09a04e8
+e01cb2b9156f808acc279a1b4753a48de0fda327