mirrors/fort
1
0
Fork 0
mirror of https://github.com/tnodir/fort synced 2024-11-15 04:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Driver: Set max weight to Sublayer

Browse Source
This commit is contained in:
Nodir Temirkhodjaev 2024-10-24 12:00:26 +05:00
parent ee4a369257
commit 31549f5987
6 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/driver/common/fortprov.c
View File

@ -279,7 +279,7 @@ static void fort_prov_init_provider(void)
boot_provider->flags = FWPM_PROVIDER_FLAG_PERSISTENT; boot_provider->flags = FWPM_PROVIDER_FLAG_PERSISTENT;
} }
static void fort_prov_init_sublayer(void) static void fort_prov_init_sublayer(const FORT_PROV_INIT_CONF init_conf)
{ {
FWPM_SUBLAYER0 *sublayer = &g_provGlobal.sublayer; FWPM_SUBLAYER0 *sublayer = &g_provGlobal.sublayer;
sublayer->flags = 0; sublayer->flags = 0;
@ -287,18 +287,19 @@ static void fort_prov_init_sublayer(void)
sublayer->displayData.name = (PWCHAR) L"FortSublayer"; sublayer->displayData.name = (PWCHAR) L"FortSublayer";
sublayer->displayData.description = (PWCHAR) L"Fort Firewall Sublayer"; sublayer->displayData.description = (PWCHAR) L"Fort Firewall Sublayer";
sublayer->providerKey = (GUID *) &FORT_GUID_PROVIDER; sublayer->providerKey = (GUID *) &FORT_GUID_PROVIDER;
sublayer->weight = init_conf.sublayer_weight;
FWPM_SUBLAYER0 *boot_sublayer = &g_provGlobal.boot_sublayer; FWPM_SUBLAYER0 *boot_sublayer = &g_provGlobal.boot_sublayer;
*boot_sublayer = *sublayer; *boot_sublayer = *sublayer;
boot_sublayer->flags = FWPM_SUBLAYER_FLAG_PERSISTENT; boot_sublayer->flags = FWPM_SUBLAYER_FLAG_PERSISTENT;
} }
FORT_API void fort_prov_init() FORT_API void fort_prov_init(const FORT_PROV_INIT_CONF init_conf)
{ {
RtlZeroMemory(&g_provGlobal, sizeof(g_provGlobal)); RtlZeroMemory(&g_provGlobal, sizeof(g_provGlobal));
fort_prov_init_provider(); fort_prov_init_provider();
fort_prov_init_sublayer(); fort_prov_init_sublayer(init_conf);
fort_prov_init_callouts(); fort_prov_init_callouts();

9
src/driver/common/fortprov.h
View File

@ -3,6 +3,13 @@
#include "common.h" #include "common.h"
#define FORT_SUBLAYER_MAX_WEIGHT 0xFFFF
typedef struct fort_prov_init_conf
{
UINT16 sublayer_weight;
} FORT_PROV_INIT_CONF, *PFORT_PROV_INIT_CONF;
typedef struct fort_prov_boot_conf typedef struct fort_prov_boot_conf
{ {
union { union {
@ -26,7 +33,7 @@ typedef struct fort_prov_boot_conf
extern "C" { extern "C" {
#endif #endif
FORT_API void fort_prov_init(void); FORT_API void fort_prov_init(const FORT_PROV_INIT_CONF init_conf);
FORT_API DWORD fort_prov_trans_open(HANDLE *engine); FORT_API DWORD fort_prov_trans_open(HANDLE *engine);

8
src/driver/fortdev.c
View File

@ -407,7 +407,11 @@ static NTSTATUS fort_device_register_provider(void)
{ {
NTSTATUS status; NTSTATUS status;
fort_prov_init(); const FORT_PROV_INIT_CONF init_conf = {
.sublayer_weight = (UINT16) fort_reg_value(L"sublayerWeight", FORT_SUBLAYER_MAX_WEIGHT),
};
fort_prov_init(init_conf);
HANDLE engine; HANDLE engine;
status = fort_prov_trans_open(&engine); status = fort_prov_trans_open(&engine);
@ -418,7 +422,7 @@ static NTSTATUS fort_device_register_provider(void)
if (!fort_prov_get_boot_conf(engine, &boot_conf)) { if (!fort_prov_get_boot_conf(engine, &boot_conf)) {
// Default flags from Registry // Default flags from Registry
boot_conf.boot_filter = fort_reg_flag(L"bootFilter"); boot_conf.boot_filter = fort_reg_value(L"bootFilter", 0);
} }
fort_device_flag_set(&fort_device()->conf, FORT_DEVICE_BOOT_FILTER, boot_conf.boot_filter); fort_device_flag_set(&fort_device()->conf, FORT_DEVICE_BOOT_FILTER, boot_conf.boot_filter);

2
src/driver/fortdrv.c
View File

@ -33,7 +33,7 @@ static NTSTATUS fort_driver_create_device(PDRIVER_OBJECT driver)
UNICODE_STRING device_name; UNICODE_STRING device_name;
RtlInitUnicodeString(&device_name, FORT_NT_DEVICE_NAME); RtlInitUnicodeString(&device_name, FORT_NT_DEVICE_NAME);
const BOOL isDriverNonAdmin = fort_reg_flag(L"isDriverNonAdmin") != 0; const BOOL isDriverNonAdmin = fort_reg_value(L"isDriverNonAdmin", 0) != 0;
const PCUNICODE_STRING sddl = (isDriverNonAdmin ? &SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RWX_RES_RWX const PCUNICODE_STRING sddl = (isDriverNonAdmin ? &SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RWX_RES_RWX
: &SDDL_DEVOBJ_SYS_ALL_ADM_ALL); : &SDDL_DEVOBJ_SYS_ALL_ADM_ALL);

8
src/driver/fortutl.c
View File

@ -121,7 +121,7 @@ FORT_API NTSTATUS fort_driver_path(
return status; return status;
} }
FORT_API DWORD fort_reg_flag(PCWSTR name) FORT_API DWORD fort_reg_value(PCWSTR name, DWORD defaultValue)
{ {
NTSTATUS status; NTSTATUS status;
@ -134,19 +134,19 @@ FORT_API DWORD fort_reg_flag(PCWSTR name)
InitializeObjectAttributes( InitializeObjectAttributes(
&objectAttr, &regPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); &objectAttr, &regPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
DWORD flagValue = 0; DWORD value = 0;
status = ZwOpenKey(&regKey, KEY_READ, &objectAttr); status = ZwOpenKey(&regKey, KEY_READ, &objectAttr);
if (NT_SUCCESS(status)) { if (NT_SUCCESS(status)) {
UNICODE_STRING valueName; UNICODE_STRING valueName;
RtlInitUnicodeString(&valueName, name); RtlInitUnicodeString(&valueName, name);
status = fort_reg_value_dword(regKey, &valueName, &flagValue); status = fort_reg_value_dword(regKey, &valueName, &value);
ZwClose(regKey); ZwClose(regKey);
} }
return NT_SUCCESS(status) ? flagValue : 0; return NT_SUCCESS(status) ? value : defaultValue;
} }
static void fort_system_drive_init(PCUNICODE_STRING path) static void fort_system_drive_init(PCUNICODE_STRING path)

2
src/driver/fortutl.h
View File

@ -12,7 +12,7 @@ extern "C" {
FORT_API NTSTATUS fort_driver_path( FORT_API NTSTATUS fort_driver_path(
PDRIVER_OBJECT driver, PUNICODE_STRING regPath, PUNICODE_STRING outPath); PDRIVER_OBJECT driver, PUNICODE_STRING regPath, PUNICODE_STRING outPath);
FORT_API DWORD fort_reg_flag(PCWSTR name); FORT_API DWORD fort_reg_value(PCWSTR name, DWORD defaultValue);
FORT_API void fort_path_prefix_adjust(PUNICODE_STRING path); FORT_API void fort_path_prefix_adjust(PUNICODE_STRING path);