Improvements to management of file security dokan-dev#210

Author: Keith Newton

dokan/access.c

@@ -22,32 +22,40 @@ with this program. If not, see <http://www.gnu.org/licenses/>.
 #include "dokani.h"
 #include "fileinfo.h"
 
-HANDLE DOKANAPI DokanOpenRequestorToken(PDOKAN_CREATE_FILE_EVENT FileInfo) {
+HANDLE DOKANAPI DokanOpenRequestorToken(PDOKAN_FILE_INFO FileInfo) {
 
-  PDOKAN_IO_EVENT ioEvent = (PDOKAN_IO_EVENT)FileInfo;
+  PDOKAN_IO_EVENT ioEvent = (PDOKAN_IO_EVENT)FileInfo->DokanContext;
   BOOL status;
   ULONG returnedLength;
   PEVENT_INFORMATION eventInfo;
   HANDLE handle = INVALID_HANDLE_VALUE;
   ULONG eventInfoSize;
   WCHAR rawDeviceName[MAX_PATH];
 
-  if (ioEvent->DokanOpenInfo == NULL) {
-    return INVALID_HANDLE_VALUE;
-  }
+  if (ioEvent->DokanOpenInfo == NULL
+	  || ioEvent->DokanInstance == NULL
+	  || ioEvent->DokanFileInfo.DokanContext != (PVOID)ioEvent) {
+
+    SetLastError(ERROR_INVALID_PARAMETER);
 
-  if (ioEvent->DokanInstance == NULL) {
     return INVALID_HANDLE_VALUE;
   }
 
-  if (ioEvent->KernelInfo.EventContext.MajorFunction != IRP_MJ_CREATE) {
+  if (ioEvent->KernelInfo.EventContext.MajorFunction != IRP_MJ_CREATE
+	  && ioEvent->KernelInfo.EventContext.MajorFunction != IRP_MJ_SET_SECURITY) {
+
+	SetLastError(ERROR_INVALID_PARAMETER);
+
     return INVALID_HANDLE_VALUE;
   }
 
   eventInfoSize = sizeof(EVENT_INFORMATION);
   eventInfo = (PEVENT_INFORMATION)DokanMalloc(eventInfoSize);
 
   if (eventInfo == NULL) {
+
+	SetLastError(ERROR_OUTOFMEMORY);
+
     return INVALID_HANDLE_VALUE;
   }
 
@@ -61,8 +69,11 @@ HANDLE DOKANAPI DokanOpenRequestorToken(PDOKAN_CREATE_FILE_EVENT FileInfo) {
       eventInfoSize, &returnedLength);
 
   if (status) {
+
     handle = eventInfo->Operation.AccessToken.Handle;
-  } else {
+  }
+  else {
+
     DbgPrintW(L"IOCTL_GET_ACCESS_TOKEN failed\n");
   }
 

dokan/create.c

@@ -113,7 +113,6 @@ void BeginDispatchCreate(DOKAN_IO_EVENT *EventInfo) {
   createFileEvent->CreateDisposition = (EventInfo->KernelInfo.EventContext.Operation.Create.CreateOptions >> 24) & 0x000000ff;
   createFileEvent->FileAttributes = EventInfo->KernelInfo.EventContext.Operation.Create.FileAttributes;
   createFileEvent->ShareAccess = EventInfo->KernelInfo.EventContext.Operation.Create.ShareAccess;
-  createFileEvent->AccessToken = EventInfo->KernelInfo.EventContext.Operation.Create.AccessToken;
 
   if((createFileEvent->CreateOptions & FILE_NON_DIRECTORY_FILE) && (createFileEvent->CreateOptions & FILE_DIRECTORY_FILE)) {
 

dokan/dokan.c

@@ -1681,37 +1681,86 @@ BOOL WINAPI DllMain(HINSTANCE Instance, DWORD Reason, LPVOID Reserved) {
   return TRUE;
 }
 
+// https://msdn.microsoft.com/en-us/library/windows/hardware/bb530716(v=vs.85).aspx
+BOOL DokanIsBackupName(DOKAN_CREATE_FILE_EVENT *EventInfo) {
+
+	// mask for SE_BACKUP_NAME privilege
+	DWORD mask =
+		READ_CONTROL
+		| FILE_READ_ATTRIBUTES
+		| STANDARD_RIGHTS_READ;
+
+	if((EventInfo->DesiredAccess & mask) == mask
+		&& (EventInfo->SecurityContext.AccessState.Flags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
+		&& (EventInfo->SecurityContext.AccessState.Flags & (TOKEN_HAS_BACKUP_PRIVILEGE | SE_BACKUP_PRIVILEGES_CHECKED))) {
+
+		return TRUE;
+	}
+
+	return FALSE;
+}
+
+// https://msdn.microsoft.com/en-us/library/windows/hardware/bb530716(v=vs.85).aspx
+BOOL DokanIsRestoreName(DOKAN_CREATE_FILE_EVENT *EventInfo) {
+
+	// mask for SE_RESTORE_NAME privilege
+	DWORD mask =
+		WRITE_DAC
+		| WRITE_OWNER
+		//| ACCESS_SYSTEM_SECURITY
+		| STANDARD_RIGHTS_WRITE;
+		//| FILE_ADD_FILE
+		//| FILE_ADD_SUBDIRECTORY
+		//| DELETE;
+
+	if((EventInfo->DesiredAccess & mask) == mask
+		&& (EventInfo->SecurityContext.AccessState.Flags & (TOKEN_HAS_RESTORE_PRIVILEGE | SE_BACKUP_PRIVILEGES_CHECKED))) {
+
+		return TRUE;
+	}
+
+	return FALSE;
+}
+
 VOID DOKANAPI DokanMapKernelToUserCreateFileFlags(
-    ULONG FileAttributes, ULONG CreateOptions, ULONG CreateDisposition,
-    DWORD *outFileAttributesAndFlags, DWORD *outCreationDisposition) {
+	DOKAN_CREATE_FILE_EVENT *EventInfo,
+    DWORD *outFileAttributesAndFlags,
+	DWORD *outCreationDisposition) {
+
   if (outFileAttributesAndFlags) {
 
-    *outFileAttributesAndFlags = FileAttributes;
+    *outFileAttributesAndFlags = EventInfo->FileAttributes;
 
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_WRITE_THROUGH, FILE_WRITE_THROUGH);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_SEQUENTIAL_SCAN, FILE_SEQUENTIAL_ONLY);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_RANDOM_ACCESS, FILE_RANDOM_ACCESS);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_NO_BUFFERING, FILE_NO_INTERMEDIATE_BUFFERING);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_OPEN_REPARSE_POINT, FILE_OPEN_REPARSE_POINT);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_DELETE_ON_CLOSE, FILE_DELETE_ON_CLOSE);
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_BACKUP_SEMANTICS, FILE_OPEN_FOR_BACKUP_INTENT);
 
 #if (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
-    DokanMapKernelBit(*outFileAttributesAndFlags, CreateOptions,
+    DokanMapKernelBit(*outFileAttributesAndFlags, EventInfo->CreateOptions,
                       FILE_FLAG_SESSION_AWARE, FILE_SESSION_AWARE);
 #endif
+
+	if(DokanIsBackupName(EventInfo)
+		|| DokanIsRestoreName(EventInfo)) {
+
+		*outFileAttributesAndFlags |= FILE_FLAG_BACKUP_SEMANTICS;
+	}
   }
 
   if (outCreationDisposition) {
 
-    switch (CreateDisposition) {
+    switch (EventInfo->CreateDisposition) {
     case FILE_CREATE:
       *outCreationDisposition = CREATE_NEW;
       break;

dokan/dokan.h

@@ -162,7 +162,6 @@ typedef struct _DOKAN_CREATE_FILE_EVENT {
 	PDOKAN_FILE_INFO				DokanFileInfo;
 	LPCWSTR							FileName;
 	LPCWSTR							OriginalFileName;
-	HANDLE							AccessToken;
 	DOKAN_IO_SECURITY_CONTEXT		SecurityContext; // https://msdn.microsoft.com/en-us/library/windows/hardware/ff550613(v=vs.85).aspx
 
 	ACCESS_MASK						DesiredAccess;
@@ -273,18 +272,17 @@ typedef struct _DOKAN_GET_VOLUME_ATTRIBUTES_EVENT {
 typedef struct _DOKAN_GET_FILE_SECURITY_EVENT {
 	PDOKAN_FILE_INFO				DokanFileInfo;
 	LPWSTR							FileName;
-	PSECURITY_INFORMATION			SecurityInformation; // A pointer to SECURITY_INFORMATION value being requested
 	PSECURITY_DESCRIPTOR			SecurityDescriptor; // A pointer to SECURITY_DESCRIPTOR buffer to be filled
+	SECURITY_INFORMATION			SecurityInformation; // The types of security information being requested
 	ULONG							SecurityDescriptorSize; // length of Security descriptor buffer
 	ULONG							LengthNeeded;
 } DOKAN_GET_FILE_SECURITY_EVENT, *PDOKAN_GET_FILE_SECURITY_EVENT;
 
 typedef struct _DOKAN_SET_FILE_SECURITY_EVENT {
 	PDOKAN_FILE_INFO				DokanFileInfo;
 	LPWSTR							FileName;
-	HANDLE							AccessToken;
-	PSECURITY_INFORMATION			SecurityInformation;
 	PSECURITY_DESCRIPTOR			SecurityDescriptor; // A pointer to SECURITY_DESCRIPTOR buffer to be filled
+	SECURITY_INFORMATION			SecurityInformation;
 	ULONG							SecurityDescriptorSize; // length of Security descriptor buffer
 } DOKAN_SET_FILE_SECURITY_EVENT, *PDOKAN_SET_FILE_SECURITY_EVENT;
 
@@ -458,14 +456,15 @@ BOOL DOKANAPI DokanResetTimeout(ULONG Timeout, // timeout in millisecond
 // Get the handle to Access Token
 // This method needs be called in CreateFile callback.
 // The caller must call CloseHandle for the returned handle.
-HANDLE DOKANAPI DokanOpenRequestorToken(PDOKAN_CREATE_FILE_EVENT DokanFileInfo);
+HANDLE DOKANAPI DokanOpenRequestorToken(PDOKAN_FILE_INFO DokanFileInfo);
 
 BOOL DOKANAPI DokanGetMountPointList(PDOKAN_CONTROL list, ULONG length,
                                      BOOL uncOnly, PULONG nbRead);
 
 VOID DOKANAPI DokanMapKernelToUserCreateFileFlags(
-    ULONG FileAttributes, ULONG CreateOptions, ULONG CreateDisposition,
-    DWORD *outFileAttributesAndFlags, DWORD *outCreationDisposition);
+	DOKAN_CREATE_FILE_EVENT *EventInfo,
+    DWORD *outFileAttributesAndFlags,
+	DWORD *outCreationDisposition);
 
 // Translate Win32 Error code to the NtStatus code's corresponding
 NTSTATUS DOKANAPI DokanNtStatusFromWin32(DWORD Error);

dokan/fileinfo.h

@@ -510,4 +510,33 @@ typedef struct _UNICODE_STRING {
   PWSTR Buffer;
 } UNICODE_STRING, *PUNICODE_STRING;
 
+//
+// Token Flags
+//
+// Flags that may be defined in the TokenFlags field of the token object,
+// or in an ACCESS_STATE structure
+//
+
+#define TOKEN_HAS_TRAVERSE_PRIVILEGE    0x0001
+#define TOKEN_HAS_BACKUP_PRIVILEGE      0x0002
+#define TOKEN_HAS_RESTORE_PRIVILEGE     0x0004
+#define TOKEN_WRITE_RESTRICTED          0x0008
+#define TOKEN_IS_RESTRICTED             0x0010
+#define TOKEN_SESSION_NOT_REFERENCED    0x0020
+#define TOKEN_SANDBOX_INERT             0x0040
+#define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
+#define SE_BACKUP_PRIVILEGES_CHECKED    0x0100
+#define TOKEN_VIRTUALIZE_ALLOWED        0x0200
+#define TOKEN_VIRTUALIZE_ENABLED        0x0400
+#define TOKEN_IS_FILTERED               0x0800
+#define TOKEN_UIACCESS                  0x1000
+#define TOKEN_NOT_LOW                   0x2000
+#define TOKEN_LOWBOX                    0x4000
+#define TOKEN_HAS_OWN_CLAIM_ATTRIBUTES  0x8000
+
+#define TOKEN_PRIVATE_NAMESPACE                     0x00010000
+#define TOKEN_DO_NOT_USE_GLOBAL_ATTRIBS_FOR_QUERY   0x00020000
+#define SPECIAL_ENCRYPTED_OPEN                      0x00040000
+#define TOKEN_NO_CHILD_PROCESS                      0x00080000
+
 #endif // FILEINFO_H_

dokan/security.c

@@ -44,8 +44,8 @@ void BeginDispatchQuerySecurity(DOKAN_IO_EVENT *EventInfo) {
 
 		getFileSecurity->DokanFileInfo = &EventInfo->DokanFileInfo;
 		getFileSecurity->FileName = EventInfo->KernelInfo.EventContext.Operation.Security.FileName;
-		getFileSecurity->SecurityInformation = &EventInfo->KernelInfo.EventContext.Operation.Security.SecurityInformation;
 		getFileSecurity->SecurityDescriptor = (PSECURITY_DESCRIPTOR)&EventInfo->EventResult->Buffer[0];
+		getFileSecurity->SecurityInformation = EventInfo->KernelInfo.EventContext.Operation.Security.SecurityInformation;
 		getFileSecurity->SecurityDescriptorSize = IoEventResultBufferSize(EventInfo);
 
 		assert(getFileSecurity->LengthNeeded == 0);
@@ -112,9 +112,8 @@ void BeginDispatchSetSecurity(DOKAN_IO_EVENT *EventInfo) {
 
 		setFileSecurity->DokanFileInfo = &EventInfo->DokanFileInfo;
 		setFileSecurity->FileName = EventInfo->KernelInfo.EventContext.Operation.SetSecurity.FileName;
-		setFileSecurity->AccessToken = EventInfo->KernelInfo.EventContext.Operation.SetSecurity.AccessToken;
-		setFileSecurity->SecurityInformation = &EventInfo->KernelInfo.EventContext.Operation.SetSecurity.SecurityInformation;
 		setFileSecurity->SecurityDescriptor = (PCHAR)&EventInfo->KernelInfo.EventContext + EventInfo->KernelInfo.EventContext.Operation.SetSecurity.BufferOffset;
+		setFileSecurity->SecurityInformation = EventInfo->KernelInfo.EventContext.Operation.SetSecurity.SecurityInformation;
 		setFileSecurity->SecurityDescriptorSize = EventInfo->KernelInfo.EventContext.Operation.SetSecurity.BufferLength;
 
 		status = EventInfo->DokanInstance->DokanOperations->SetFileSecurityW(setFileSecurity);

dokan_fuse/src/dokanfuse.cpp

@@ -522,7 +522,7 @@ FuseGetFileSecurity(DOKAN_GET_FILE_SECURITY_EVENT *EventInfo) {
   impl_fuse_context *impl = the_impl;
 
   if (impl->debug())
-    FPRINTF(stderr, "GetFileSecurity: %x\n", *EventInfo->SecurityInformation);
+    FPRINTF(stderr, "GetFileSecurity: %x\n", EventInfo->SecurityInformation);
 
   BY_HANDLE_FILE_INFORMATION byHandleFileInfo;
   ZeroMemory(&byHandleFileInfo, sizeof(BY_HANDLE_FILE_INFORMATION));
@@ -551,7 +551,7 @@ FuseGetFileSecurity(DOKAN_GET_FILE_SECURITY_EVENT *EventInfo) {
 
     LPTSTR pStringBuffer = NULL;
     if (!ConvertSecurityDescriptorToStringSecurityDescriptor(
-            EventInfo->SecurityDescriptor, SDDL_REVISION_1, *EventInfo->SecurityInformation,
+            EventInfo->SecurityDescriptor, SDDL_REVISION_1, EventInfo->SecurityInformation,
             &pStringBuffer, NULL)) {
       return STATUS_NOT_IMPLEMENTED;
     }