sys: IRP_MJ_CREATE

2025-04-22 16:33:02 -05:00 · 2015-12-06 00:37:53 -08:00 · 2015-12-06 00:37:53 -08:00 · 5e17f319c9
commit 5e17f319c9
parent c86c88d15a
2 changed files with 16 additions and 1 deletions
--- a/src/sys/create.c
+++ b/src/sys/create.c
@ -368,6 +368,7 @@ VOID FspFsvolCreateComplete(
    ULONG SecurityDescriptorSize;
    UNICODE_STRING ReparseFileName;
    ACCESS_MASK DesiredAccess = IrpSp->Parameters.Create.SecurityContext->DesiredAccess;
+    PPRIVILEGE_SET Privileges = 0;
    USHORT ShareAccess = IrpSp->Parameters.Create.ShareAccess;
    ULONG Flags = IrpSp->Flags;
    KPROCESSOR_MODE RequestorMode =
@ -458,7 +459,7 @@ VOID FspFsvolCreateComplete(
            FALSE,
            DesiredAccess,
            AccessState->PreviouslyGrantedAccess,
-            0,
+            &Privileges,
            IoGetFileObjectGenericMapping(),
            RequestorMode,
            &GrantedAccess,
@ -468,6 +469,17 @@ VOID FspFsvolCreateComplete(
            FSP_RETURN();
        }

+        if (0 != Privileges)
+        {
+            Result = SeAppendPrivileges(AccessState, Privileges);
+            SeFreePrivileges(Privileges);
+            if (!NT_SUCCESS(Result))
+            {
+                FspFsvolCreateClose(Irp, Response);
+                FSP_RETURN();
+            }
+        }
+
        SetFlag(AccessState->PreviouslyGrantedAccess, GrantedAccess);
        ClearFlag(AccessState->RemainingDesiredAccess, GrantedAccess);
    }
--- a/src/sys/device.c
+++ b/src/sys/device.c
@ -226,6 +226,8 @@ static VOID FspFsvolDeviceFini(PDEVICE_OBJECT DeviceObject)

    FSP_FSVOL_DEVICE_EXTENSION *FsvolDeviceExtension = FspFsvolDeviceExtension(DeviceObject);

+#if 0
+    /* FspFsvolDeviceFreeElement is now a no-op, so this is no longer necessary */
    /*
     * Enumerate and delete all entries in the GenericTable.
     * There is no need to protect accesses to the table as we are in the device destructor.
@ -233,6 +235,7 @@ static VOID FspFsvolDeviceFini(PDEVICE_OBJECT DeviceObject)
    FSP_DEVICE_GENERIC_TABLE_ELEMENT_DATA *Element;
    while (0 != (Element = RtlGetElementGenericTableAvl(&FsvolDeviceExtension->GenericTable, 0)))
        RtlDeleteElementGenericTableAvl(&FsvolDeviceExtension->GenericTable, &Element->Identifier);
+#endif

    /*
     * Dereference the virtual volume device so that it can now go away.