Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-17700

Erroneous token session referencing & no logon session handling

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Fix Version/s: None
    • Component/s: NTCore
    • Labels:

      Description

      The kernel makes no attempts to handle session referencing of a token, or in other words, the TokenSessionReference code case path is never triggered because nobody is actually calling it.

      https://github.com/reactos/reactos/blob/master/ntoskrnl/se/token.c#L3261

      In addition to that the TOKEN internal data structure missed a very important member, the LogonSession, which is now introduced on f5dc1c7. The fact that the token has no logon session reference data and that we don't even handle session referencing of tokens can lead to inconsistencies in the kernel and subtle bugs, whatever they are.

      On Windows the server side API of LSASS (LSASRV) handles the token session reference by doing whatever operation is needed and then calling NtSetInformationToken.

      All in all, the steps necessary to be taken for this kind of ticket is:
      1. Implement add/remove logon sessions on tokens;
      2. Re-evaluate TokenSessionReference code, investigate what Windows does and if we miss something;
      3. Implement token session referencing handling on LSASS side, which will communicate with the kernel;
      4. Do some cleanup when necessary and check that things are working as they should.

        Attachments

          Activity

            People

            • Assignee:
              Fraizeraust George Bișoc
              Reporter:
              Fraizeraust George Bișoc
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: