/*++ Copyright (c) 1989 Microsoft Corporation Module Name: rmvars.c Abstract: This module contains the variables used to implement the run-time reference monitor database. Author: Jim Kelly (JimK) 2-Apr-1991 Environment: Kernel mode only. Revision History: --*/ #include "pch.h" #pragma hdrstop #ifdef ALLOC_PRAGMA #pragma alloc_text(INIT,SepRmDbInitialization) #endif //////////////////////////////////////////////////////////////////////////////// // // // Read/Write Reference Monitor Variables // // // // Access to these variables is protected by the SepRmDbLock. // // // //////////////////////////////////////////////////////////////////////////////// // // Resource Lock - This lock protects access to the modifiable fields of // the reference monitor database // ERESOURCE SepRmDbLock = {0}; #ifdef ALLOC_DATA_PRAGMA #pragma data_seg("PAGEDATA") #endif //////////////////////////////////////////////////////////////////////////////// // // // Read Only Reference Monitor Variables // // // //////////////////////////////////////////////////////////////////////////////// // // The process within which the RM --> LSA command LPC port was established. // All calls from the reference monitor to the LSA must be made in this // process in order for the handle to be valid. PEPROCESS SepRmLsaCallProcess = NULL; // // State of the reference monitor // SEP_RM_STATE SepRmState = {0}; // // The following array is used as a hash bucket for tracking logon sessions. // The sequence number of logon LUIDs is ANDed with 0x0F and then used as an // index into this array. This entry in the array serves as a listhead of // logon session reference count records. // PSEP_LOGON_SESSION_REFERENCES *SepLogonSessions = NULL; //////////////////////////////////////////////////////////////////////// // // // Variable Initialization Routines // // // //////////////////////////////////////////////////////////////////////// BOOLEAN SepRmDbInitialization( VOID ) /*++ Routine Description: This function initializes the reference monitor in-memory database. Arguments: None. Return Value: TRUE if database successfully initialized. FALSE if not successfully initialized. --*/ { NTSTATUS Status; ULONG i; // // Create the reference monitor database lock // // Use SepRmAcquireDbReadLock() // SepRmAcquireDbWriteLock() // SepRmReleaseDbReadLock() // SepRmReleaseDbWriteLock() // // to gain access to the reference monitor database. // ExInitializeResourceLite(&SepRmDbLock); // // Initialize the Logon Session tracking array. // SepLogonSessions = ExAllocatePoolWithTag( PagedPool, sizeof( PSEP_LOGON_SESSION_REFERENCES ) * SEP_LOGON_TRACK_ARRAY_SIZE, 'SLeS' ); if (SepLogonSessions == NULL) { return( FALSE ); } for (i=0;i