Development discussion of WireGuard
 help / color / Atom feed
* [PATCH 0/3] misc code cleanup
@ 2020-04-24 18:59 godisgovernment
  2020-04-24 18:59 ` [PATCH 1/3] don't leak TunDispatchSecurityDescriptor if second RtlAbsoluteToSelfRelativeSD fails. practically this can't happen, but from wintun code it's unclear godisgovernment
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: godisgovernment @ 2020-04-24 18:59 UTC (permalink / raw)


misc code cleanup. just getting feet wet.

Shawn Hoffman (3):
  don't leak TunDispatchSecurityDescriptor if second
    RtlAbsoluteToSelfRelativeSD fails. practically this can't happen,
    but from wintun code it's unclear.
  use ExEnterCriticalRegionAndAcquireResourceExclusive and
    ExReleaseResourceAndLeaveCriticalRegion
  use RtlSubAuthoritySid instead of directly poking SID

 wintun.c | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

-- 
2.25.0.windows.1



^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 1/3] don't leak TunDispatchSecurityDescriptor if second RtlAbsoluteToSelfRelativeSD fails. practically this can't happen, but from wintun code it's unclear.
  2020-04-24 18:59 [PATCH 0/3] misc code cleanup godisgovernment
@ 2020-04-24 18:59 ` godisgovernment
  2020-04-24 18:59 ` [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion godisgovernment
  2020-04-24 18:59 ` [PATCH 3/3] use RtlSubAuthoritySid instead of directly poking SID godisgovernment
  2 siblings, 0 replies; 6+ messages in thread
From: godisgovernment @ 2020-04-24 18:59 UTC (permalink / raw)


---
 wintun.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/wintun.c b/wintun.c
index 624de2f..90e7930 100644
--- a/wintun.c
+++ b/wintun.c
@@ -820,6 +820,14 @@ static NTSTATUS TunInitializeDispatchSecurityDescriptor(VOID)
     return STATUS_SUCCESS;
 }
 
+static VOID TunFreeDispatchSecurityDescriptor(VOID)
+{
+    if (!TunDispatchSecurityDescriptor)
+        return;
+    ExFreePoolWithTag(TunDispatchSecurityDescriptor, TUN_MEMORY_TAG);
+    TunDispatchSecurityDescriptor = NULL;
+}
+
 _IRQL_requires_max_(PASSIVE_LEVEL)
 static VOID
 TunProcessNotification(HANDLE ParentId, HANDLE ProcessId, BOOLEAN Create)
@@ -1387,7 +1395,7 @@ TunUnload(PDRIVER_OBJECT DriverObject)
     NdisMDeregisterMiniportDriver(NdisMiniportDriverHandle);
     ExDeleteResourceLite(&TunDispatchCtxGuard);
     ExDeleteResourceLite(&TunDispatchDeviceListLock);
-    ExFreePoolWithTag(TunDispatchSecurityDescriptor, TUN_MEMORY_TAG);
+    TunFreeDispatchSecurityDescriptor();
 }
 
 DRIVER_INITIALIZE DriverEntry;
@@ -1398,7 +1406,7 @@ DriverEntry(DRIVER_OBJECT *DriverObject, UNICODE_STRING *RegistryPath)
     NTSTATUS Status;
 
     if (!NT_SUCCESS(Status = TunInitializeDispatchSecurityDescriptor()))
-        return Status;
+        goto cleanupSD;
 
     NdisVersion = NdisGetVersion();
     if (NdisVersion < NDIS_MINIPORT_VERSION_MIN)
@@ -1461,6 +1469,7 @@ cleanupNotifier:
 cleanupResources:
     ExDeleteResourceLite(&TunDispatchCtxGuard);
     ExDeleteResourceLite(&TunDispatchDeviceListLock);
-    ExFreePoolWithTag(TunDispatchSecurityDescriptor, TUN_MEMORY_TAG);
+cleanupSD:
+    TunFreeDispatchSecurityDescriptor();
     return Status;
 }
-- 
2.25.0.windows.1



^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion
  2020-04-24 18:59 [PATCH 0/3] misc code cleanup godisgovernment
  2020-04-24 18:59 ` [PATCH 1/3] don't leak TunDispatchSecurityDescriptor if second RtlAbsoluteToSelfRelativeSD fails. practically this can't happen, but from wintun code it's unclear godisgovernment
@ 2020-04-24 18:59 ` godisgovernment
  2020-04-24 18:59 ` [PATCH 3/3] use RtlSubAuthoritySid instead of directly poking SID godisgovernment
  2 siblings, 0 replies; 6+ messages in thread
From: godisgovernment @ 2020-04-24 18:59 UTC (permalink / raw)


---
 wintun.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/wintun.c b/wintun.c
index 90e7930..00ac378 100644
--- a/wintun.c
+++ b/wintun.c
@@ -884,15 +884,13 @@ TunDispatchDeviceControl(DEVICE_OBJECT *DeviceObject, IRP *Irp)
     switch (Stack->Parameters.DeviceIoControl.IoControlCode)
     {
     case TUN_IOCTL_REGISTER_RINGS: {
-        KeEnterCriticalRegion();
-        ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
+        ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
 #pragma warning(suppress : 28175)
         TUN_CTX *Ctx = DeviceObject->Reserved;
         Status = NDIS_STATUS_ADAPTER_NOT_READY;
         if (Ctx)
             Status = TunRegisterBuffers(Ctx, Irp);
-        ExReleaseResourceLite(&TunDispatchCtxGuard);
-        KeLeaveCriticalRegion();
+        ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
         break;
     }
     case TUN_IOCTL_FORCE_CLOSE_HANDLES:
@@ -913,14 +911,12 @@ _Use_decl_annotations_
 static NTSTATUS
 TunDispatchClose(DEVICE_OBJECT *DeviceObject, IRP *Irp)
 {
-    KeEnterCriticalRegion();
-    ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
+    ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
 #pragma warning(suppress : 28175)
     TUN_CTX *Ctx = DeviceObject->Reserved;
     if (Ctx)
         TunUnregisterBuffers(Ctx, IoGetCurrentIrpStackLocation(Irp)->FileObject);
-    ExReleaseResourceLite(&TunDispatchCtxGuard);
-    KeLeaveCriticalRegion();
+    ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
     return NdisDispatchClose(DeviceObject, Irp);
 }
 
-- 
2.25.0.windows.1



^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 3/3] use RtlSubAuthoritySid instead of directly poking SID
  2020-04-24 18:59 [PATCH 0/3] misc code cleanup godisgovernment
  2020-04-24 18:59 ` [PATCH 1/3] don't leak TunDispatchSecurityDescriptor if second RtlAbsoluteToSelfRelativeSD fails. practically this can't happen, but from wintun code it's unclear godisgovernment
  2020-04-24 18:59 ` [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion godisgovernment
@ 2020-04-24 18:59 ` godisgovernment
  2 siblings, 0 replies; 6+ messages in thread
From: godisgovernment @ 2020-04-24 18:59 UTC (permalink / raw)


---
 wintun.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wintun.c b/wintun.c
index 00ac378..a6a0e16 100644
--- a/wintun.c
+++ b/wintun.c
@@ -788,7 +788,7 @@ static NTSTATUS TunInitializeDispatchSecurityDescriptor(VOID)
     SID LocalSystem = { 0 };
     if (!NT_SUCCESS(Status = RtlInitializeSid(&LocalSystem, &NtAuthority, 1)))
         return Status;
-    LocalSystem.SubAuthority[0] = 18;
+    *RtlSubAuthoritySid(&LocalSystem, 0) = SECURITY_LOCAL_SYSTEM_RID;
     struct
     {
         ACL Dacl;
-- 
2.25.0.windows.1



^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion
  2020-04-24 23:43 ` [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion godisgovernment
@ 2020-04-26  3:52   ` godisgovernment
  0 siblings, 0 replies; 6+ messages in thread
From: godisgovernment @ 2020-04-26  3:52 UTC (permalink / raw)


Looking back over this, the enter+acquire of the existing code is
shared here, so replacing with exclusive will change behavior.
For now, please ignore this patch.


On Fri, Apr 24, 2020 at 4:44 PM Shawn Hoffman <godisgovernment at gmail.com> wrote:
>
> Signed-off-by: Shawn Hoffman <godisgovernment at gmail.com>
> ---
>  wintun.c | 12 ++++--------
>  1 file changed, 4 insertions(+), 8 deletions(-)
>
> diff --git a/wintun.c b/wintun.c
> index 90e7930..00ac378 100644
> --- a/wintun.c
> +++ b/wintun.c
> @@ -884,15 +884,13 @@ TunDispatchDeviceControl(DEVICE_OBJECT *DeviceObject, IRP *Irp)
>      switch (Stack->Parameters.DeviceIoControl.IoControlCode)
>      {
>      case TUN_IOCTL_REGISTER_RINGS: {
> -        KeEnterCriticalRegion();
> -        ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
> +        ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
>  #pragma warning(suppress : 28175)
>          TUN_CTX *Ctx = DeviceObject->Reserved;
>          Status = NDIS_STATUS_ADAPTER_NOT_READY;
>          if (Ctx)
>              Status = TunRegisterBuffers(Ctx, Irp);
> -        ExReleaseResourceLite(&TunDispatchCtxGuard);
> -        KeLeaveCriticalRegion();
> +        ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
>          break;
>      }
>      case TUN_IOCTL_FORCE_CLOSE_HANDLES:
> @@ -913,14 +911,12 @@ _Use_decl_annotations_
>  static NTSTATUS
>  TunDispatchClose(DEVICE_OBJECT *DeviceObject, IRP *Irp)
>  {
> -    KeEnterCriticalRegion();
> -    ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
> +    ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
>  #pragma warning(suppress : 28175)
>      TUN_CTX *Ctx = DeviceObject->Reserved;
>      if (Ctx)
>          TunUnregisterBuffers(Ctx, IoGetCurrentIrpStackLocation(Irp)->FileObject);
> -    ExReleaseResourceLite(&TunDispatchCtxGuard);
> -    KeLeaveCriticalRegion();
> +    ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
>      return NdisDispatchClose(DeviceObject, Irp);
>  }
>
> --
> 2.26.2.windows.1
>


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion
  2020-04-24 23:43 [PATCH 1/3] fix possible TunDispatchSecurityDescriptor leak godisgovernment
@ 2020-04-24 23:43 ` godisgovernment
  2020-04-26  3:52   ` godisgovernment
  0 siblings, 1 reply; 6+ messages in thread
From: godisgovernment @ 2020-04-24 23:43 UTC (permalink / raw)


Signed-off-by: Shawn Hoffman <godisgovernment at gmail.com>
---
 wintun.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/wintun.c b/wintun.c
index 90e7930..00ac378 100644
--- a/wintun.c
+++ b/wintun.c
@@ -884,15 +884,13 @@ TunDispatchDeviceControl(DEVICE_OBJECT *DeviceObject, IRP *Irp)
     switch (Stack->Parameters.DeviceIoControl.IoControlCode)
     {
     case TUN_IOCTL_REGISTER_RINGS: {
-        KeEnterCriticalRegion();
-        ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
+        ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
 #pragma warning(suppress : 28175)
         TUN_CTX *Ctx = DeviceObject->Reserved;
         Status = NDIS_STATUS_ADAPTER_NOT_READY;
         if (Ctx)
             Status = TunRegisterBuffers(Ctx, Irp);
-        ExReleaseResourceLite(&TunDispatchCtxGuard);
-        KeLeaveCriticalRegion();
+        ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
         break;
     }
     case TUN_IOCTL_FORCE_CLOSE_HANDLES:
@@ -913,14 +911,12 @@ _Use_decl_annotations_
 static NTSTATUS
 TunDispatchClose(DEVICE_OBJECT *DeviceObject, IRP *Irp)
 {
-    KeEnterCriticalRegion();
-    ExAcquireResourceSharedLite(&TunDispatchCtxGuard, TRUE);
+    ExEnterCriticalRegionAndAcquireResourceExclusive(&TunDispatchCtxGuard);
 #pragma warning(suppress : 28175)
     TUN_CTX *Ctx = DeviceObject->Reserved;
     if (Ctx)
         TunUnregisterBuffers(Ctx, IoGetCurrentIrpStackLocation(Irp)->FileObject);
-    ExReleaseResourceLite(&TunDispatchCtxGuard);
-    KeLeaveCriticalRegion();
+    ExReleaseResourceAndLeaveCriticalRegion(&TunDispatchCtxGuard);
     return NdisDispatchClose(DeviceObject, Irp);
 }
 
-- 
2.26.2.windows.1



^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-24 18:59 [PATCH 0/3] misc code cleanup godisgovernment
2020-04-24 18:59 ` [PATCH 1/3] don't leak TunDispatchSecurityDescriptor if second RtlAbsoluteToSelfRelativeSD fails. practically this can't happen, but from wintun code it's unclear godisgovernment
2020-04-24 18:59 ` [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion godisgovernment
2020-04-24 18:59 ` [PATCH 3/3] use RtlSubAuthoritySid instead of directly poking SID godisgovernment
2020-04-24 23:43 [PATCH 1/3] fix possible TunDispatchSecurityDescriptor leak godisgovernment
2020-04-24 23:43 ` [PATCH 2/3] use ExEnterCriticalRegionAndAcquireResourceExclusive and ExReleaseResourceAndLeaveCriticalRegion godisgovernment
2020-04-26  3:52   ` godisgovernment

Development discussion of WireGuard

Archives are clonable: git clone --mirror http://inbox.vuxu.org/wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git