mirrors/fort
1
0
Fork 0
mirror of https://github.com/tnodir/fort synced 2024-11-15 01:47:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove Service SID-s handling

Browse Source
This commit is contained in:
Nodir Temirkhodjaev 2024-10-31 11:32:15 +05:00
parent 1521efccf0
commit 80ca99f1d7
19 changed files with 12 additions and 432 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/driver/common/fortconf.c
View File

@ -317,30 +317,3 @@ FORT_API BOOL fort_conf_app_group_blocked(const FORT_CONF_FLAGS conf_flags, FORT
return conf_flags.group_blocked; return conf_flags.group_blocked;
} }
FORT_API PCWSTR fort_conf_service_sid_name_find(
PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes)
{
if (service_sids == NULL)
return NULL;
const char *data = service_sids->data;
const int services_n = service_sids->services_n;
const int sid_index = fort_conf_blob_index(data, sidBytes, FORT_SERVICE_SID_SIZE, services_n);
if (sid_index < 0)
return NULL;
const UINT16 name_index =
((UINT16 *) (data + FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n)))[sid_index];
const UINT32 name_off =
((UINT32 *) (data + FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n)))[name_index];
const int names_n = service_sids->names_n;
const char *names_data = data + FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n);
PCWSTR name = (PCWSTR) (names_data + name_off);
return name;
}

32
src/driver/common/fortconf.h
View File

@ -77,35 +77,6 @@ typedef struct fort_service_info_list
#define FORT_SERVICE_INFO_LIST_MIN_SIZE \ #define FORT_SERVICE_INFO_LIST_MIN_SIZE \
(FORT_SERVICE_INFO_LIST_DATA_OFF + FORT_SERVICE_INFO_MAX_SIZE) (FORT_SERVICE_INFO_LIST_DATA_OFF + FORT_SERVICE_INFO_MAX_SIZE)
typedef struct fort_service_sid_list
{
UINT16 services_n;
UINT16 names_n;
char data[1];
} FORT_SERVICE_SID_LIST, *PFORT_SERVICE_SID_LIST;
typedef const FORT_SERVICE_SID_LIST *PCFORT_SERVICE_SID_LIST;
#define FORT_SERVICE_SID_LIST_DATA_OFF offsetof(FORT_SERVICE_SID_LIST, data)
#define FORT_SERVICE_SID_SIZE (5 * sizeof(UINT32))
#define FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n) \
((services_n) * FORT_SERVICE_SID_SIZE)
#define FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n) \
(FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n) + (services_n) * sizeof(UINT16))
#define FORT_SERVICE_SID_LIST_NAMES_HEADER_SIZE(names_n) ((names_n) * sizeof(UINT32))
#define FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n) \
(FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n) \
+ FORT_SERVICE_SID_LIST_NAMES_HEADER_SIZE(names_n))
#define FORT_SERVICE_SID_LIST_MAX_SIZE(services_n, names_n) \
(FORT_SERVICE_SID_LIST_DATA_OFF + FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n) \
+ (names_n) * FORT_SERVICE_INFO_NAME_MAX_SIZE)
typedef struct fort_conf_port_list typedef struct fort_conf_port_list
{ {
UINT8 port_n; UINT8 port_n;
@ -388,9 +359,6 @@ FORT_API FORT_APP_DATA fort_conf_app_find(const PFORT_CONF conf, PCFORT_APP_PATH
FORT_API BOOL fort_conf_app_group_blocked(const FORT_CONF_FLAGS conf_flags, FORT_APP_DATA app_data); FORT_API BOOL fort_conf_app_group_blocked(const FORT_CONF_FLAGS conf_flags, FORT_APP_DATA app_data);
FORT_API PCWSTR fort_conf_service_sid_name_find(
PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes);
#ifdef __cplusplus #ifdef __cplusplus
} // extern "C" } // extern "C"
#endif #endif

16
src/driver/common/fortioctl.h
View File

@ -182,18 +182,16 @@ DEFINE_GUID(FORT_GUID_EMPTY, 0x00000000, 0x0000, 0x0000, 0x00, 0x00, 0x00, 0x00,
#define FORT_IOCTL_INDEX_VALIDATE 0 #define FORT_IOCTL_INDEX_VALIDATE 0
#define FORT_IOCTL_INDEX_SETSERVICES 1 #define FORT_IOCTL_INDEX_SETSERVICES 1
#define FORT_IOCTL_INDEX_SETSERVICE_SIDS 2 #define FORT_IOCTL_INDEX_SETCONF 2
#define FORT_IOCTL_INDEX_SETCONF 3 #define FORT_IOCTL_INDEX_SETFLAGS 3
#define FORT_IOCTL_INDEX_SETFLAGS 4 #define FORT_IOCTL_INDEX_GETLOG 4
#define FORT_IOCTL_INDEX_GETLOG 5 #define FORT_IOCTL_INDEX_ADDAPP 5
#define FORT_IOCTL_INDEX_ADDAPP 6 #define FORT_IOCTL_INDEX_DELAPP 6
#define FORT_IOCTL_INDEX_DELAPP 7 #define FORT_IOCTL_INDEX_SETZONES 7
#define FORT_IOCTL_INDEX_SETZONES 8 #define FORT_IOCTL_INDEX_SETZONEFLAG 8
#define FORT_IOCTL_INDEX_SETZONEFLAG 9
#define FORT_IOCTL_VALIDATE FORT_CTL_CODE(FORT_IOCTL_INDEX_VALIDATE, FILE_WRITE_DATA) #define FORT_IOCTL_VALIDATE FORT_CTL_CODE(FORT_IOCTL_INDEX_VALIDATE, FILE_WRITE_DATA)
#define FORT_IOCTL_SETSERVICES FORT_CTL_CODE(FORT_IOCTL_INDEX_SETSERVICES, FILE_WRITE_DATA) #define FORT_IOCTL_SETSERVICES FORT_CTL_CODE(FORT_IOCTL_INDEX_SETSERVICES, FILE_WRITE_DATA)
#define FORT_IOCTL_SETSERVICE_SIDS FORT_CTL_CODE(FORT_IOCTL_INDEX_SETSERVICE_SIDS, FILE_WRITE_DATA)
#define FORT_IOCTL_SETCONF FORT_CTL_CODE(FORT_IOCTL_INDEX_SETCONF, FILE_WRITE_DATA) #define FORT_IOCTL_SETCONF FORT_CTL_CODE(FORT_IOCTL_INDEX_SETCONF, FILE_WRITE_DATA)
#define FORT_IOCTL_SETFLAGS FORT_CTL_CODE(FORT_IOCTL_INDEX_SETFLAGS, FILE_WRITE_DATA) #define FORT_IOCTL_SETFLAGS FORT_CTL_CODE(FORT_IOCTL_INDEX_SETFLAGS, FILE_WRITE_DATA)
#define FORT_IOCTL_GETLOG FORT_CTL_CODE(FORT_IOCTL_INDEX_GETLOG, FILE_READ_DATA) #define FORT_IOCTL_GETLOG FORT_CTL_CODE(FORT_IOCTL_INDEX_GETLOG, FILE_READ_DATA)

47
src/driver/fortcnf.c
View File

@ -419,53 +419,6 @@ FORT_API FORT_CONF_FLAGS fort_conf_ref_flags_set(
return old_conf_flags; return old_conf_flags;
} }
FORT_API PFORT_SERVICE_SID_LIST fort_conf_service_sids_new(
PCFORT_SERVICE_SID_LIST service_sids, ULONG len)
{
return fort_conf_mem_alloc(service_sids, len);
}
FORT_API void fort_conf_service_sids_set(
PFORT_DEVICE_CONF device_conf, PFORT_SERVICE_SID_LIST service_sids)
{
KIRQL oldIrql = ExAcquireSpinLockExclusive(&device_conf->lock);
{
fort_conf_mem_free(device_conf->service_sids);
device_conf->service_sids = service_sids;
}
ExReleaseSpinLockExclusive(&device_conf->lock, oldIrql);
}
FORT_API BOOL fort_conf_get_service_sid_path(
PFORT_DEVICE_CONF device_conf, const char *sidBytes, PFORT_APP_PATH path)
{
char *buffer = (char *) path->buffer;
path->len = 0;
KIRQL oldIrql = ExAcquireSpinLockExclusive(&device_conf->lock);
{
PCWSTR service_name = fort_conf_service_sid_name_find(device_conf->service_sids, sidBytes);
if (service_name != NULL) {
char *name_buf = buffer + FORT_SVCHOST_PREFIX_SIZE;
const DWORD name_size = (DWORD) (wcslen(service_name) * sizeof(WCHAR));
RtlCopyMemory(
name_buf, service_name, name_size + sizeof(WCHAR)); /* + null terminator */
path->len = (UINT16) (FORT_SVCHOST_PREFIX_SIZE + name_size);
}
}
ExReleaseSpinLockExclusive(&device_conf->lock, oldIrql);
if (path->len == 0)
return FALSE;
RtlCopyMemory(buffer, FORT_SVCHOST_PREFIX, FORT_SVCHOST_PREFIX_SIZE);
return TRUE;
}
FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len) FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len)
{ {
return fort_conf_mem_alloc(zones, len); return fort_conf_mem_alloc(zones, len);

10
src/driver/fortcnf.h
View File

@ -42,7 +42,6 @@ typedef struct fort_device_conf
PFORT_CONF_REF volatile ref; PFORT_CONF_REF volatile ref;
KSPIN_LOCK ref_lock; KSPIN_LOCK ref_lock;
PFORT_SERVICE_SID_LIST service_sids;
PFORT_CONF_ZONES zones; PFORT_CONF_ZONES zones;
EX_SPIN_LOCK lock; EX_SPIN_LOCK lock;
@ -80,15 +79,6 @@ FORT_API FORT_CONF_FLAGS fort_conf_ref_set(PFORT_DEVICE_CONF device_conf, PFORT_
FORT_API FORT_CONF_FLAGS fort_conf_ref_flags_set( FORT_API FORT_CONF_FLAGS fort_conf_ref_flags_set(
PFORT_DEVICE_CONF device_conf, const FORT_CONF_FLAGS conf_flags); PFORT_DEVICE_CONF device_conf, const FORT_CONF_FLAGS conf_flags);
FORT_API PFORT_SERVICE_SID_LIST fort_conf_service_sids_new(
PCFORT_SERVICE_SID_LIST service_sids, ULONG len);
FORT_API void fort_conf_service_sids_set(
PFORT_DEVICE_CONF device_conf, PFORT_SERVICE_SID_LIST service_sids);
FORT_API BOOL fort_conf_get_service_sid_path(
PFORT_DEVICE_CONF device_conf, const char *sidBytes, PFORT_APP_PATH path);
FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len); FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len);
FORT_API void fort_conf_zones_set(PFORT_DEVICE_CONF device_conf, PFORT_CONF_ZONES zones); FORT_API void fort_conf_zones_set(PFORT_DEVICE_CONF device_conf, PFORT_CONF_ZONES zones);

66
src/driver/fortcout.c
View File

@ -365,72 +365,14 @@ inline static void fort_callout_ale_classify_action(PCFORT_CALLOUT_ARG ca,
} }
} }
inline static PSID_AND_ATTRIBUTES_HASH fort_callout_ale_get_sid(PCFORT_CALLOUT_ARG ca) inline static BOOL fort_callout_ale_fill_path_tag(
{
const FWP_VALUE0 userIdField = ca->inFixedValues->incomingValue[ca->fi->userId].value;
if (userIdField.type != FWP_TOKEN_ACCESS_INFORMATION_TYPE)
return NULL;
const PTOKEN_ACCESS_INFORMATION tokenInfo =
(PTOKEN_ACCESS_INFORMATION) userIdField.tokenAccessInformation->data;
if (tokenInfo == NULL)
return NULL;
return tokenInfo->SidHash;
}
inline static const char *fort_callout_ale_get_service_sid(const SID *sid)
{
if (sid == NULL)
return NULL;
if (sid->Revision != 1)
return NULL;
if (sid->SubAuthorityCount != 6)
return NULL; // not "Service SID"'s sub-auth count
const DWORD *subAuth = &sid->SubAuthority[0];
if (*subAuth != 80)
return NULL; // not "Service SID"'s prefix
const BYTE *idAuth = &sid->IdentifierAuthority.Value[0];
if (idAuth[5] != 5)
return NULL; // not "NT Authority"
if (idAuth[4] != 0 || *((PUINT32) &idAuth[0]) != 0)
return NULL; // not "NT Authority"
return (const char *) &subAuth[1];
}
inline static BOOL fort_callout_ale_fill_path_sid(
PCFORT_CALLOUT_ARG ca, PFORT_CALLOUT_ALE_EXTRA cx, BOOL isSvcHost) PCFORT_CALLOUT_ARG ca, PFORT_CALLOUT_ALE_EXTRA cx, BOOL isSvcHost)
{ {
if (!isSvcHost) if (!isSvcHost)
return FALSE; return FALSE;
const PSID_AND_ATTRIBUTES_HASH sidHash = fort_callout_ale_get_sid(ca); // TODO
if (sidHash == NULL) // PCWSTR tag = (PCWSTR) ca->inMetaValues->subProcessTag;
return FALSE;
const int sidCount = sidHash->SidCount;
for (int i = 0; i < sidCount; ++i) {
const SID *sid = sidHash->SidAttr[i].Sid;
// Get Service Name by SID
const char *sidBytes = fort_callout_ale_get_service_sid(sid);
if (sidBytes == NULL)
continue;
cx->path.buffer = cx->svchost_name;
if (fort_conf_get_service_sid_path(&fort_device()->conf, sidBytes, &cx->path))
return TRUE;
break;
}
return FALSE; return FALSE;
} }
@ -449,7 +391,7 @@ inline static void fort_callout_ale_fill_path(PCFORT_CALLOUT_ARG ca, PFORT_CALLO
if (fort_pstree_get_proc_name( if (fort_pstree_get_proc_name(
&fort_device()->ps_tree, cx->process_id, path, &isSvcHost, &inherited) &fort_device()->ps_tree, cx->process_id, path, &isSvcHost, &inherited)
|| fort_callout_ale_fill_path_sid(ca, cx, isSvcHost)) { || fort_callout_ale_fill_path_tag(ca, cx, isSvcHost)) {
if (!inherited) { if (!inherited) {
*real_path = *path; *real_path = *path;

26
src/driver/fortdev.c
View File

@ -107,7 +107,6 @@ FORT_API NTSTATUS fort_device_cleanup(PDEVICE_OBJECT device, PIRP irp)
const FORT_CONF_FLAGS old_conf_flags = fort_conf_ref_set(&fort_device()->conf, NULL); const FORT_CONF_FLAGS old_conf_flags = fort_conf_ref_set(&fort_device()->conf, NULL);
const FORT_CONF_FLAGS conf_flags = fort_device()->conf.conf_flags; const FORT_CONF_FLAGS conf_flags = fort_device()->conf.conf_flags;
fort_conf_service_sids_set(&fort_device()->conf, NULL);
fort_conf_zones_set(&fort_device()->conf, NULL); fort_conf_zones_set(&fort_device()->conf, NULL);
fort_stat_conf_flags_update(&fort_device()->stat, conf_flags); fort_stat_conf_flags_update(&fort_device()->stat, conf_flags);
@ -156,30 +155,6 @@ static NTSTATUS fort_device_control_setservices(PFORT_DEVICE_CONTROL_ARG dca)
return STATUS_UNSUCCESSFUL; return STATUS_UNSUCCESSFUL;
} }
static NTSTATUS fort_device_control_setservice_sids(PFORT_DEVICE_CONTROL_ARG dca)
{
const PCFORT_SERVICE_SID_LIST service_sids = dca->buffer;
const ULONG len = dca->in_len;
if (len > sizeof(FORT_SERVICE_SID_LIST)) {
PFORT_SERVICE_SID_LIST sids = fort_conf_service_sids_new(service_sids, len);
if (sids == NULL) {
return STATUS_INSUFFICIENT_RESOURCES;
} else {
fort_conf_service_sids_set(&fort_device()->conf, sids);
fort_device_reauth_queue();
return STATUS_SUCCESS;
}
return STATUS_SUCCESS;
}
return STATUS_UNSUCCESSFUL;
}
inline static NTSTATUS fort_device_control_setconf_ref( inline static NTSTATUS fort_device_control_setconf_ref(
const PFORT_CONF_IO conf_io, PFORT_CONF_REF conf_ref) const PFORT_CONF_IO conf_io, PFORT_CONF_REF conf_ref)
{ {
@ -354,7 +329,6 @@ typedef FORT_DEVICE_CONTROL_PROCESS_FUNC *PFORT_DEVICE_CONTROL_PROCESS_FUNC;
static PFORT_DEVICE_CONTROL_PROCESS_FUNC fortDeviceControlProcess_funcList[] = { static PFORT_DEVICE_CONTROL_PROCESS_FUNC fortDeviceControlProcess_funcList[] = {
&fort_device_control_validate, &fort_device_control_validate,
&fort_device_control_setservices, &fort_device_control_setservices,
&fort_device_control_setservice_sids,
&fort_device_control_setconf, &fort_device_control_setconf,
&fort_device_control_setflags, &fort_device_control_setflags,
&fort_device_control_getlog, &fort_device_control_getlog,

78
src/tests/UtilTest/tst_confutil.h
View File

@ -139,81 +139,3 @@ TEST_F(ConfUtilTest, checkEnvManager)
ASSERT_NE(envManager.expandString("%HOME%"), QString()); ASSERT_NE(envManager.expandString("%HOME%"), QString());
} }
TEST_F(ConfUtilTest, serviceSidsWriteRead)
{
const auto SVC = [](const char *name) -> ServiceInfo {
ServiceInfo si;
si.serviceName = si.realServiceName = name;
return si;
};
const QVector<ServiceInfo> services = { SVC("AppIDSvc"), SVC("Appinfo"), SVC("AppMgmt"),
SVC("AppReadiness"), SVC("AppXSvc"), SVC("AudioEndpointBuilder"), SVC("AxInstSV"),
SVC("BFE"), SVC("BITS"), SVC("BrokerInfrastructure"), SVC("BTAGService"),
SVC("BthAvctpSvc"), SVC("bthserv"), SVC("camsvc"), SVC("CDPSvc"), SVC("CertPropSvc"),
SVC("ClipSVC"), SVC("CoreMessagingRegistrar"), SVC("DcomLaunch"),
SVC("DeviceAssociationService"), SVC("DeviceInstall"), SVC("DevQueryBroker"), SVC("Dhcp"),
SVC("DialogBlockingService"), SVC("DispBrokerDesktopSvc"), SVC("DisplayEnhancementService"),
SVC("dot3svc"), SVC("DPS"), SVC("DsmSvc"), SVC("DsSvc"), SVC("EapHost"),
SVC("embeddedmode"), SVC("EntAppSvc"), SVC("EventLog"), SVC("EventSystem"), SVC("fdPHost"),
SVC("FDResPub"), SVC("fhsvc"), SVC("FontCache"), SVC("FrameServer"), SVC("hidserv"),
SVC("icssvc"), SVC("IKEEXT"), SVC("iphlpsvc"), SVC("IpxlatCfgSvc"), SVC("KtmRm"),
SVC("LanmanServer"), SVC("LanmanWorkstation"), SVC("lfsvc"), SVC("LicenseManager"),
SVC("lltdsvc"), SVC("lmhosts"), SVC("LSM"), SVC("LxpSvc"), SVC("mpssvc"), SVC("MSiSCSI"),
SVC("MsKeyboardFilter"), SVC("NaturalAuthentication"), SVC("NcaSvc"), SVC("NcbService"),
SVC("NcdAutoSetup"), SVC("Netman"), SVC("netprofm"), SVC("NetSetupSvc"), SVC("NgcCtnrSvc"),
SVC("NgcSvc"), SVC("NlaSvc"), SVC("nsi"), SVC("PcaSvc"), SVC("PhoneSvc"), SVC("pla"),
SVC("PlugPlay"), SVC("PolicyAgent"), SVC("Power"), SVC("PrintDeviceConfigurationService"),
SVC("PrintScanBrokerService"), SVC("ProfSvc"), SVC("PushToInstall"), SVC("QWAVE"),
SVC("RasAuto"), SVC("RasMan"), SVC("RemoteAccess"), SVC("RemoteRegistry"), SVC("RmSvc"),
SVC("RpcEptMapper"), SVC("RpcSs"), SVC("SCardSvr"), SVC("ScDeviceEnum"), SVC("Schedule"),
SVC("SCPolicySvc"), SVC("seclogon"), SVC("SENS"), SVC("SensorService"), SVC("SensrSvc"),
SVC("SessionEnv"), SVC("SharedAccess"), SVC("ShellHWDetection"), SVC("shpamsvc"),
SVC("SmsRouter"), SVC("SSDPSRV"), SVC("SstpSvc"), SVC("StateRepository"), SVC("StorSvc"),
SVC("svsvc"), SVC("SysMain"), SVC("SystemEventsBroker"), SVC("TapiSrv"), SVC("TermService"),
SVC("TextInputManagementService"), SVC("Themes"), SVC("TimeBrokerSvc"), SVC("TokenBroker"),
SVC("TrkWks"), SVC("TroubleshootingSvc"), SVC("tzautoupdate"), SVC("UmRdpService"),
SVC("upnphost"), SVC("UserManager"), SVC("UsoSvc"), SVC("vmicguestinterface"),
SVC("vmicheartbeat"), SVC("vmickvpexchange"), SVC("vmicrdv"), SVC("vmicshutdown"),
SVC("vmictimesync"), SVC("vmicvmsession"), SVC("W32Time"), SVC("WaaSMedicSvc"),
SVC("WbioSrvc"), SVC("wcncsvc"), SVC("WdiServiceHost"), SVC("WdiSystemHost"),
SVC("WebClient"), SVC("webthreatdefsvc"), SVC("Wecsvc"), SVC("WEPHOSTSVC"),
SVC("wercplsupport"), SVC("WFDSConMgrSvc"), SVC("WiaRpc"), SVC("WinHttpAutoProxySvc"),
SVC("Winmgmt"), SVC("WinRM"), SVC("wisvc"), SVC("wlidsvc"), SVC("wlpasvc"), SVC("WManSvc"),
SVC("WPDBusEnum"), SVC("WpnService"), SVC("wuauserv"), SVC("WwanSvc"),
SVC("XblAuthManager"), SVC("XblGameSave"), SVC("XboxGipSvc"), SVC("XboxNetApiSvc"),
SVC("AarSvc"), SVC("BcastDVRUserService"), SVC("CaptureService"), SVC("cbdhsvc"),
SVC("CDPUserSvc"), SVC("ConsentUxUserSvc"), SVC("DeviceAssociationBrokerSvc"),
SVC("DevicePickerUserSvc"), SVC("DevicesFlowUserSvc"), SVC("MessagingService"),
SVC("NPSMSvc"), SVC("PimIndexMaintenanceSvc"), SVC("PrintWorkflowUserSvc"),
SVC("UdkUserSvc"), SVC("UnistoreSvc"), SVC("UserDataSvc"), SVC("webthreatdefusersvc"),
SVC("WpnUserService") };
ConfBuffer confBuf;
confBuf.writeServiceSids(services);
// Check the buffer
const auto buffer = confBuf.buffer();
ASSERT_NE(buffer.size(), 0);
PCFORT_SERVICE_SID_LIST service_sids = PCFORT_SERVICE_SID_LIST(buffer.data());
// Find Service Name by SID
for (const auto &si : services) {
const auto sid = StringUtil::serviceSid(si.realServiceName);
const auto name = DriverCommon::confServiceSidNameFind(service_sids, sid);
ASSERT_EQ(name, si.serviceName.toLower());
}
// Find Invalid Service Name by SID
{
const auto sid = StringUtil::serviceSid("Bad");
ASSERT_EQ(sid.size(), FORT_SERVICE_SID_SIZE);
ASSERT_EQ(DriverCommon::confServiceSidNameFind(service_sids, sid), QString());
}
}

21
src/ui/conf/confmanager.cpp
View File

@ -925,7 +925,6 @@ void ConfManager::updateServices()
auto serviceInfoManager = IoC<ServiceInfoManager>(); auto serviceInfoManager = IoC<ServiceInfoManager>();
updateOwnProcessServices(serviceInfoManager); updateOwnProcessServices(serviceInfoManager);
updateShareProcessServices(serviceInfoManager);
} }
void ConfManager::updateDriverServices( void ConfManager::updateDriverServices(
@ -938,15 +937,6 @@ void ConfManager::updateDriverServices(
IoC<DriverManager>()->writeServices(confBuf.buffer()); IoC<DriverManager>()->writeServices(confBuf.buffer());
} }
void ConfManager::updateDriverServiceSids(const QVector<ServiceInfo> &services)
{
ConfBuffer confBuf;
confBuf.writeServiceSids(services);
IoC<DriverManager>()->writeServiceSids(confBuf.buffer());
}
void ConfManager::updateOwnProcessServices(ServiceInfoManager *serviceInfoManager) void ConfManager::updateOwnProcessServices(ServiceInfoManager *serviceInfoManager)
{ {
int runningServicesCount = 0; int runningServicesCount = 0;
@ -961,17 +951,6 @@ void ConfManager::updateOwnProcessServices(ServiceInfoManager *serviceInfoManage
} }
} }
void ConfManager::updateShareProcessServices(ServiceInfoManager *serviceInfoManager)
{
const QVector<ServiceInfo> services = serviceInfoManager->loadServiceInfoList(
ServiceInfo::TypeWin32ShareProcess, ServiceInfo::StateAll,
/*displayName=*/false);
if (!services.isEmpty()) {
updateDriverServiceSids(services);
}
}
bool ConfManager::loadFromDb(FirewallConf &conf, bool &isNew) bool ConfManager::loadFromDb(FirewallConf &conf, bool &isNew)
{ {
// Load Address Groups // Load Address Groups

3
src/ui/conf/confmanager.h
View File

@ -97,10 +97,7 @@ private:
bool validateConf(const FirewallConf &newConf); bool validateConf(const FirewallConf &newConf);
void updateDriverServiceSids(const QVector<ServiceInfo> &services);
void updateOwnProcessServices(ServiceInfoManager *serviceInfoManager); void updateOwnProcessServices(ServiceInfoManager *serviceInfoManager);
void updateShareProcessServices(ServiceInfoManager *serviceInfoManager);
bool loadFromDb(FirewallConf &conf, bool &isNew); bool loadFromDb(FirewallConf &conf, bool &isNew);
bool saveToDb(const FirewallConf &conf); bool saveToDb(const FirewallConf &conf);

12
src/ui/driver/drivercommon.cpp
View File

@ -22,11 +22,6 @@ quint32 ioctlSetServices()
return FORT_IOCTL_SETSERVICES; return FORT_IOCTL_SETSERVICES;
} }
quint32 ioctlSetServiceSids()
{
return FORT_IOCTL_SETSERVICE_SIDS;
}
quint32 ioctlSetConf() quint32 ioctlSetConf()
{ {
return FORT_IOCTL_SETCONF; return FORT_IOCTL_SETCONF;
@ -231,13 +226,6 @@ FORT_APP_DATA confAppFind(const void *drvConf, const QString &kernelPath)
return app_data; return app_data;
} }
QString confServiceSidNameFind(PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes)
{
PCWSTR name = fort_conf_service_sid_name_find(service_sids, sidBytes);
return name ? QString::fromWCharArray(name) : QString();
}
bool provRegister(bool bootFilter) bool provRegister(bool bootFilter)
{ {
const FORT_PROV_BOOT_CONF boot_conf = { const FORT_PROV_BOOT_CONF boot_conf = {

3
src/ui/driver/drivercommon.h
View File

@ -11,7 +11,6 @@ QString deviceName();
quint32 ioctlValidate(); quint32 ioctlValidate();
quint32 ioctlSetServices(); quint32 ioctlSetServices();
quint32 ioctlSetServiceSids();
quint32 ioctlSetConf(); quint32 ioctlSetConf();
quint32 ioctlSetFlags(); quint32 ioctlSetFlags();
quint32 ioctlGetLog(); quint32 ioctlGetLog();
@ -71,8 +70,6 @@ bool confIp6InRange(
FORT_APP_DATA confAppFind(const void *drvConf, const QString &kernelPath); FORT_APP_DATA confAppFind(const void *drvConf, const QString &kernelPath);
QString confServiceSidNameFind(PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes);
bool provRegister(bool bootFilter); bool provRegister(bool bootFilter);
void provUnregister(); void provUnregister();

5
src/ui/driver/drivermanager.cpp
View File

@ -108,11 +108,6 @@ bool DriverManager::writeServices(QByteArray &buf)
return writeData(DriverCommon::ioctlSetServices(), buf); return writeData(DriverCommon::ioctlSetServices(), buf);
} }
bool DriverManager::writeServiceSids(QByteArray &buf)
{
return writeData(DriverCommon::ioctlSetServiceSids(), buf);
}
bool DriverManager::writeConf(QByteArray &buf, bool onlyFlags) bool DriverManager::writeConf(QByteArray &buf, bool onlyFlags)
{ {
return writeData(onlyFlags ? DriverCommon::ioctlSetFlags() : DriverCommon::ioctlSetConf(), buf); return writeData(onlyFlags ? DriverCommon::ioctlSetFlags() : DriverCommon::ioctlSetConf(), buf);

1
src/ui/driver/drivermanager.h
View File

@ -44,7 +44,6 @@ public slots:
bool validate(QByteArray &buf); bool validate(QByteArray &buf);
bool writeServices(QByteArray &buf); bool writeServices(QByteArray &buf);
bool writeServiceSids(QByteArray &buf);
bool writeConf(QByteArray &buf, bool onlyFlags = false); bool writeConf(QByteArray &buf, bool onlyFlags = false);
bool writeApp(QByteArray &buf, bool remove = false); bool writeApp(QByteArray &buf, bool remove = false);
bool writeZones(QByteArray &buf, bool onlyFlags = false); bool writeZones(QByteArray &buf, bool onlyFlags = false);

41
src/ui/util/conf/confbuffer.cpp
View File

@ -54,25 +54,6 @@ int writeServiceInfo(char *data, const ServiceInfo &serviceInfo)
return FORT_SERVICE_INFO_NAME_OFF + FORT_CONF_STR_DATA_SIZE(nameLen); return FORT_SERVICE_INFO_NAME_OFF + FORT_CONF_STR_DATA_SIZE(nameLen);
} }
void collectServiceSidsNames(const QVector<ServiceInfo> &services, WriteServiceSidsArgs &wssa)
{
QHash<QString, int> nameIndexMap;
for (const ServiceInfo &info : services) {
const auto sid = StringUtil::serviceSid(info.realServiceName);
const auto name = info.serviceName;
int nameIndex = nameIndexMap.value(name, -1);
if (nameIndex == -1) {
nameIndex = wssa.namesList.size();
wssa.namesList.append(name);
}
wssa.sidNameIndexMap.insert(sid, nameIndex);
}
}
void writeAppGroupFlags(PFORT_CONF_GROUP out, const FirewallConf &conf) void writeAppGroupFlags(PFORT_CONF_GROUP out, const FirewallConf &conf)
{ {
out->group_bits = 0; out->group_bits = 0;
@ -195,28 +176,6 @@ void ConfBuffer::writeServices(const QVector<ServiceInfo> &services, int running
buffer().resize(outSize); // shrink to actual size buffer().resize(outSize); // shrink to actual size
} }
void ConfBuffer::writeServiceSids(const QVector<ServiceInfo> &services)
{
WriteServiceSidsArgs wssa;
collectServiceSidsNames(services, wssa);
// Resize the buffer to max size
{
const int servicesCount = wssa.sidNameIndexMap.size();
const int namesCount = wssa.namesList.size();
buffer().resize(FORT_SERVICE_SID_LIST_MAX_SIZE(servicesCount, namesCount));
}
// Fill the buffer
char *data = buffer().data();
const int outSize = ConfUtil::writeServiceSids(&data, wssa);
buffer().resize(outSize); // shrink to actual size
}
bool ConfBuffer::write( bool ConfBuffer::write(
const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager) const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager)
{ {

1
src/ui/util/conf/confbuffer.h
View File

@ -35,7 +35,6 @@ public slots:
void writeVersion(); void writeVersion();
void writeServices(const QVector<ServiceInfo> &services, int runningServicesCount); void writeServices(const QVector<ServiceInfo> &services, int runningServicesCount);
void writeServiceSids(const QVector<ServiceInfo> &services);
bool write( bool write(
const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager); const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager);

45
src/ui/util/conf/confutil.cpp
View File

@ -119,51 +119,6 @@ QRegularExpressionMatch ConfUtil::matchWildcard(const QStringView &path)
return StringUtil::match(wildMatcher, path); return StringUtil::match(wildMatcher, path);
} }
int ConfUtil::writeServiceSids(char **data, const WriteServiceSidsArgs &wssa)
{
PFORT_SERVICE_SID_LIST serviceSids = PFORT_SERVICE_SID_LIST(*data);
const int servicesCount = wssa.sidNameIndexMap.size();
const int namesCount = wssa.namesList.size();
serviceSids->services_n = servicesCount;
serviceSids->names_n = namesCount;
// Write Service SID-s and Name Indexes
char *sid = serviceSids->data;
quint16 *nameIndex = (quint16 *) (sid + servicesCount * FORT_SERVICE_SID_SIZE);
#if QT_VERSION >= QT_VERSION_CHECK(6, 6, 0)
for (const auto &[sidData, index] : wssa.sidNameIndexMap.asKeyValueRange()) {
#else
auto it = wssa.sidNameIndexMap.constBegin();
for (; it != wssa.sidNameIndexMap.constEnd(); ++it) {
const auto &sidData = it.key();
const auto index = it.value();
#endif
writeArray(&sid, sidData);
*nameIndex++ = index;
}
// Write Service Names: Offsets and Texts
quint32 *nameOffset = (quint32 *) nameIndex;
char *nameData = (char *) (nameOffset + namesCount);
char *nameText = nameData;
for (const auto &name : wssa.namesList) {
const quint32 off = nameText - nameData;
*nameOffset++ = off;
writeString(&nameText, name.toLower());
}
return (nameText - *data);
}
QString ConfUtil::parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix) QString ConfUtil::parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix)
{ {
auto path = line; auto path = line;

8
src/ui/util/conf/confutil.h
View File

@ -17,12 +17,6 @@ using longs_arr_t = QVector<quint32>;
using shorts_arr_t = QVector<quint16>; using shorts_arr_t = QVector<quint16>;
using chars_arr_t = QVector<qint8>; using chars_arr_t = QVector<qint8>;
struct WriteServiceSidsArgs
{
QMap<QByteArray, int> sidNameIndexMap;
QStringList namesList;
};
struct ParseAddressGroupsArgs struct ParseAddressGroupsArgs
{ {
addrranges_arr_t addressRanges; addrranges_arr_t addressRanges;
@ -48,8 +42,6 @@ public:
static QRegularExpressionMatch matchWildcard(const QStringView &path); static QRegularExpressionMatch matchWildcard(const QStringView &path);
static int writeServiceSids(char **data, const WriteServiceSidsArgs &wssa);
static QString parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix); static QString parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix);
static void writeConf(char **data, const WriteConfArgs &wca, AppParseOptions &opt); static void writeConf(char **data, const WriteConfArgs &wca, AppParseOptions &opt);

2
src/version/fort_version.h
View File

@ -16,6 +16,6 @@
#define APP_UPDATES_URL "https://github.com/tnodir/fort/releases" #define APP_UPDATES_URL "https://github.com/tnodir/fort/releases"
#define APP_UPDATES_API_URL "https://api.github.com/repos/tnodir/fort/releases/latest" #define APP_UPDATES_API_URL "https://api.github.com/repos/tnodir/fort/releases/latest"
#define DRIVER_VERSION 40 #define DRIVER_VERSION 41
#endif // FORT_VERSION_H #endif // FORT_VERSION_H