1 /*
  2  * Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved.
  3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  4  *
  5  * This code is free software; you can redistribute it and/or modify it
  6  * under the terms of the GNU General Public License version 2 only, as
  7  * published by the Free Software Foundation.  Oracle designates this
  8  * particular file as subject to the "Classpath" exception as provided
  9  * by Oracle in the LICENSE file that accompanied this code.
 10  *
 11  * This code is distributed in the hope that it will be useful, but WITHOUT
 12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 14  * version 2 for more details (a copy is included in the LICENSE file that
 15  * accompanied this code).
 16  *
 17  * You should have received a copy of the GNU General Public License version
 18  * 2 along with this work; if not, write to the Free Software Foundation,
 19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 20  *
 21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 22  * or visit www.oracle.com if you need additional information or have any
 23  * questions.
 24  */
 25 
 26 package sun.nio.fs;
 27 
 28 import jdk.internal.vm.Continuation;
 29 
 30 import static sun.nio.fs.WindowsNativeDispatcher.*;
 31 import static sun.nio.fs.WindowsConstants.*;
 32 
 33 /**
 34  * Security related utility methods.
 35  */
 36 
 37 class WindowsSecurity {
 38     private WindowsSecurity() { }
 39 
 40     // opens process token for given access
 41     private static long openProcessToken(int access) {
 42         try {
 43             return OpenProcessToken(GetCurrentProcess(), access);
 44         } catch (WindowsException x) {
 45             return 0L;
 46         }
 47     }
 48 
 49     /**
 50      * Returns the access token for this process with TOKEN_DUPLICATE access
 51      */
 52     static final long processTokenWithDuplicateAccess =
 53         openProcessToken(TOKEN_DUPLICATE);
 54 
 55     /**
 56      * Returns the access token for this process with TOKEN_QUERY access
 57      */
 58     static final long processTokenWithQueryAccess =
 59         openProcessToken(TOKEN_QUERY);
 60 
 61     /**
 62      * Returned by enablePrivilege when code may require a given privilege.
 63      * The drop method should be invoked after the operation completes so as
 64      * to revert the privilege.
 65      */
 66     static interface Privilege {
 67         void drop();
 68     }
 69 
 70     /**
 71      * Attempts to enable the given privilege for this method.
 72      */
 73     static Privilege enablePrivilege(String priv) {
 74         final long pLuid;
 75         try {
 76             pLuid = LookupPrivilegeValue(priv);
 77         } catch (WindowsException x) {
 78             // indicates bug in caller
 79             throw new AssertionError(x);
 80         }
 81 
 82         long hToken = 0L;
 83         boolean impersontating = false;
 84         boolean elevated = false;
 85         try {
 86             hToken = OpenThreadToken(GetCurrentThread(),
 87                                      TOKEN_ADJUST_PRIVILEGES, false);
 88             if (hToken == 0L && processTokenWithDuplicateAccess != 0L) {
 89                 hToken = DuplicateTokenEx(processTokenWithDuplicateAccess,
 90                     (TOKEN_ADJUST_PRIVILEGES|TOKEN_IMPERSONATE));
 91                 SetThreadToken(0L, hToken);
 92                 impersontating = true;
 93             }
 94 
 95             if (hToken != 0L) {
 96                 AdjustTokenPrivileges(hToken, pLuid, SE_PRIVILEGE_ENABLED);
 97                 elevated = true;
 98             }
 99         } catch (WindowsException x) {
100             // nothing to do, privilege not enabled
101         }
102 
103         final long token = hToken;
104         final boolean stopImpersontating = impersontating;
105         final boolean needToRevert = elevated;
106 
107         // prevent yielding with privileges
108         Continuation.pin();
109 
110         return () -> {
111             try {
112                 if (token != 0L) {
113                     try {
114                         if (stopImpersontating)
115                             SetThreadToken(0L, 0L);
116                         else if (needToRevert)
117                             AdjustTokenPrivileges(token, pLuid, 0);
118                     } catch (WindowsException x) {
119                         // should not happen
120                         throw new AssertionError(x);
121                     } finally {
122                         CloseHandle(token);
123                     }
124                 }
125             } finally {
126                 LocalFree(pLuid);
127                 Continuation.unpin();
128             }
129         };
130     }
131 
132     /**
133      * Check the access right against the securityInfo in the current thread.
134      */
135     static boolean checkAccessMask(long securityInfo, int accessMask,
136         int genericRead, int genericWrite, int genericExecute, int genericAll)
137         throws WindowsException
138     {
139         int privileges = TOKEN_QUERY;
140         long hToken = OpenThreadToken(GetCurrentThread(), privileges, false);
141         if (hToken == 0L && processTokenWithDuplicateAccess != 0L)
142             hToken = DuplicateTokenEx(processTokenWithDuplicateAccess,
143                 privileges);
144 
145         boolean hasRight = false;
146         if (hToken != 0L) {
147             try {
148                 hasRight = AccessCheck(hToken, securityInfo, accessMask,
149                     genericRead, genericWrite, genericExecute, genericAll);
150             } finally {
151                 CloseHandle(hToken);
152             }
153         }
154         return hasRight;
155     }
156 
157 }