d8cc88ca | 30-Oct-2022 |
Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org> |
[KERNEL32][BASESRV] Fix interoperability with Win2k3 regarding NLS section security. (#4828)
Partially revert some aspects of commits 5696e4ba4 and bf40c7a31. (See PR #4340.)
In order for Win2k3 ke
[KERNEL32][BASESRV] Fix interoperability with Win2k3 regarding NLS section security. (#4828)
Partially revert some aspects of commits 5696e4ba4 and bf40c7a31. (See PR #4340.)
In order for Win2k3 kernel32.dll to operate with our basesrv.dll (or our kernel32.dll to operate with Win2k3 basesrv.dll), we need in particular to have the CreateNlsSecurityDescriptor() helper to exactly take the expected parameters. Namely, a pointer to a **user-allocated** SECURITY_DESCRIPTOR buffer, its size (and an access mask).
The function expects its caller to provide all this, and the caller expects the function to initialize the security descriptor buffer. Note that the function does *NOT* allocate a new descriptor buffer to be returned!
Indeed, with the way it currently is in master, using Win2k3 kernel32 with our basesrv is now failing with the errors: ``` NLSAPI: Could NOT Create ACL - c0000023. (subsystems/win/basesrv/nls.c:279) NLS: CreateNlsSecurityDescriptor FAILED!: c0000023 NLSAPI: Could NOT initialize Server - c0000023. (dll/ntdll/ldr/ldrinit.c:867) LDR: DLL_PROCESS_ATTACH for dll "kernel32.dll" (InitRoutine: 77E40D95) failed ``` (and, if we ever attempted to increase the so-claimed "dummy parameter" descriptor size in the basesrv call, we would end up with its stack corrupted and a crash). Conversely, using our kernel32 with Win2k3 basesrv, would end up with basesrv receiving a wrongly-initialized descriptor that would not work (the buffer not being initialized with the contents of a descriptor, but instead receiving some address to a descriptor allocated somewhere else).
show more ...
|
ff293a18 | 20-Apr-2022 |
Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org> |
[CSRSRV] Acquire the necessary SE_INC_BASE_PRIORITY_PRIVILEGE at shutdown (#4461)
When increasing the base priority at shutdown, acquire the necessary SE_INC_BASE_PRIORITY_PRIVILEGE in CsrSetToShutd
[CSRSRV] Acquire the necessary SE_INC_BASE_PRIORITY_PRIVILEGE at shutdown (#4461)
When increasing the base priority at shutdown, acquire the necessary SE_INC_BASE_PRIORITY_PRIVILEGE in CsrSetToShutdownPriority(), called by CsrShutdownProcesses(), which is necessary due to the increase of process base priority (i.e. increase of scheduling) being done.
Dedicated to George Bișoc :)
The Shutdown privilege is however unnecessary (or unwanted) since this has been already dealt with by the shutdown caller. Also, it will be needed only by the caller of NtShutdownSystem() -- that we don't call at all here.
show more ...
|