diff --git a/src/WINNT/afsrdr/kernel/fs/AFSCleanup.cpp b/src/WINNT/afsrdr/kernel/fs/AFSCleanup.cpp index 0ea29c464f..8ead4b57d8 100644 --- a/src/WINNT/afsrdr/kernel/fs/AFSCleanup.cpp +++ b/src/WINNT/afsrdr/kernel/fs/AFSCleanup.cpp @@ -76,6 +76,12 @@ AFSCleanup( IN PDEVICE_OBJECT DeviceObject, // AFSCleanupIrpPool(); + + // + // And reset the Service PID + // + AFSDeregisterService(); + } if( FlagOn( (ULONG_PTR)pIrpSp->FileObject->FsContext, AFS_REDIRECTOR_INSTANCE)) diff --git a/src/WINNT/afsrdr/kernel/fs/AFSCommSupport.cpp b/src/WINNT/afsrdr/kernel/fs/AFSCommSupport.cpp index 9e4694936e..210c7a2f3a 100644 --- a/src/WINNT/afsrdr/kernel/fs/AFSCommSupport.cpp +++ b/src/WINNT/afsrdr/kernel/fs/AFSCommSupport.cpp @@ -438,6 +438,8 @@ AFSProcessControlRequest( IN PIRP Irp) pIrpSp->FileObject->FsContext = (void *)((ULONG_PTR)pIrpSp->FileObject->FsContext | AFS_CONTROL_INSTANCE); + AFSRegisterService(); + break; } @@ -446,6 +448,14 @@ AFSProcessControlRequest( IN PIRP Irp) AFSRedirectorInitInfo *pRedirInitInfo = (AFSRedirectorInitInfo *)Irp->AssociatedIrp.SystemBuffer; + if ( !AFSIsService()) + { + + ntStatus = STATUS_ACCESS_DENIED; + + break; + } + // // Extract off the passed in information which contains the // cache file parameters @@ -485,6 +495,14 @@ AFSProcessControlRequest( IN PIRP Irp) case IOCTL_AFS_PROCESS_IRP_REQUEST: { + if ( !AFSIsService()) + { + + ntStatus = STATUS_ACCESS_DENIED; + + break; + } + ntStatus = AFSProcessIrpRequest( Irp); break; @@ -493,6 +511,14 @@ AFSProcessControlRequest( IN PIRP Irp) case IOCTL_AFS_PROCESS_IRP_RESULT: { + if ( !AFSIsService()) + { + + ntStatus = STATUS_ACCESS_DENIED; + + break; + } + ntStatus = AFSProcessIrpResult( Irp); break; @@ -503,6 +529,14 @@ AFSProcessControlRequest( IN PIRP Irp) AFSSysNameNotificationCB *pSysNameInfo = (AFSSysNameNotificationCB *)Irp->AssociatedIrp.SystemBuffer; + if ( !AFSIsService()) + { + + ntStatus = STATUS_ACCESS_DENIED; + + break; + } + if( pSysNameInfo == NULL || pIrpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof( AFSSysNameNotificationCB)) { @@ -634,6 +668,14 @@ AFSProcessControlRequest( IN PIRP Irp) case IOCTL_AFS_SHUTDOWN: { + if ( !AFSIsService()) + { + + ntStatus = STATUS_ACCESS_DENIED; + + break; + } + ntStatus = AFSShutdownRedirector(); break; @@ -642,7 +684,6 @@ AFSProcessControlRequest( IN PIRP Irp) case IOCTL_AFS_AUTHGROUP_CREATE_AND_SET: { - AFSAuthGroupRequestCB *pAuthGroupRequestCB = (AFSAuthGroupRequestCB *)Irp->AssociatedIrp.SystemBuffer; if( pAuthGroupRequestCB == NULL || @@ -1050,6 +1091,7 @@ AFSCleanupIrpPool() // AFSReleaseResource( &pCommSrvc->ResultPoolLock); + } return; diff --git a/src/WINNT/afsrdr/kernel/fs/AFSProcessSupport.cpp b/src/WINNT/afsrdr/kernel/fs/AFSProcessSupport.cpp index a81572423c..b8b57977e7 100644 --- a/src/WINNT/afsrdr/kernel/fs/AFSProcessSupport.cpp +++ b/src/WINNT/afsrdr/kernel/fs/AFSProcessSupport.cpp @@ -38,6 +38,8 @@ #include "AFSCommon.h" +static HANDLE AFSServicePid = NULL; + void AFSProcessNotify( IN HANDLE ParentId, IN HANDLE ProcessId, @@ -966,3 +968,21 @@ AFSIsUser( IN PSID Sid) SeReleaseSubjectContext( &subjectContext); return retVal; } + +VOID +AFSRegisterService( void) +{ + AFSServicePid = PsGetCurrentProcessId(); +} + +VOID +AFSDeregisterService( void) +{ + AFSServicePid = NULL; +} + +BOOLEAN +AFSIsService( void) +{ + return PsGetCurrentProcessId() == AFSServicePid; +} diff --git a/src/WINNT/afsrdr/kernel/fs/Include/AFSCommon.h b/src/WINNT/afsrdr/kernel/fs/Include/AFSCommon.h index 5ccb7e1e85..4673732e20 100644 --- a/src/WINNT/afsrdr/kernel/fs/Include/AFSCommon.h +++ b/src/WINNT/afsrdr/kernel/fs/Include/AFSCommon.h @@ -832,6 +832,15 @@ AFSInitializeThreadCB( IN AFSProcessCB *ProcessCB, BOOLEAN AFSIsUser( IN PSID Sid); +VOID +AFSRegisterService( void); + +VOID +AFSDeregisterService( void); + +BOOLEAN +AFSIsService( void); + }; #endif /* _AFS_COMMON_H */