ReactOS  0.4.13-dev-66-gc714b7f
srm.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS kernel
4  * FILE: ntoskrnl/se/srm.c
5  * PURPOSE: Security Reference Monitor Server
6  *
7  * PROGRAMMERS: Timo Kreuzer (timo.kreuzer@reactos.org)
8  */
9 
10 /* INCLUDES *******************************************************************/
11 
12 #include <ntoskrnl.h>
13 #define NDEBUG
14 #include <debug.h>
15 
18 
19 /* PRIVATE DEFINITIONS ********************************************************/
20 
21 #define SEP_LOGON_SESSION_TAG 'sLeS'
22 
24 {
32 
33 VOID
34 NTAPI
36  PVOID StartContext);
37 
38 static
41  PLUID LogonLuid);
42 
43 
44 /* GLOBALS ********************************************************************/
45 
48 
52 
54 
58 
59 #define POLICY_AUDIT_EVENT_TYPE_COUNT 9 // (AuditCategoryAccountLogon - AuditCategorySystem + 1)
61 
64 
65 
66 /* PRIVATE FUNCTIONS **********************************************************/
67 
69 NTAPI
76 {
77  UNICODE_STRING ValueNameString;
78  UNICODE_STRING KeyNameString;
82  struct
83  {
85  UCHAR Buffer[64];
86  } KeyValueInformation;
87  NTSTATUS Status, CloseStatus;
88  PAGED_CODE();
89 
90  RtlInitUnicodeString(&KeyNameString, KeyName);
92  &KeyNameString,
94  NULL,
95  NULL);
96 
98  if (!NT_SUCCESS(Status))
99  {
100  return Status;
101  }
102 
103  RtlInitUnicodeString(&ValueNameString, ValueName);
104  Status = ZwQueryValueKey(KeyHandle,
105  &ValueNameString,
107  &KeyValueInformation.Partial,
108  sizeof(KeyValueInformation),
109  &ResultLength);
110  if (!NT_SUCCESS(Status))
111  {
112  goto Cleanup;
113  }
114 
115  if ((KeyValueInformation.Partial.Type != ValueType) ||
116  (KeyValueInformation.Partial.DataLength != DataLength))
117  {
119  goto Cleanup;
120  }
121 
122 
123  if (ValueType == REG_BINARY)
124  {
125  RtlCopyMemory(ValueData, KeyValueInformation.Partial.Data, DataLength);
126  }
127  else if (ValueType == REG_DWORD)
128  {
129  *(PULONG)ValueData = *(PULONG)KeyValueInformation.Partial.Data;
130  }
131  else
132  {
134  }
135 
136 Cleanup:
137  CloseStatus = ZwClose(KeyHandle);
138  ASSERT(NT_SUCCESS( CloseStatus ));
139 
140  return Status;
141 }
142 
143 
144 BOOLEAN
145 NTAPI
147 {
149 
150  /* Initialize the database lock */
152 
153  /* Create the system logon session */
155  if (!NT_VERIFY(NT_SUCCESS(Status)))
156  {
157  return FALSE;
158  }
159 
160  /* Create the anonymous logon session */
162  if (!NT_VERIFY(NT_SUCCESS(Status)))
163  {
164  return FALSE;
165  }
166 
167  return TRUE;
168 }
169 
170 
171 BOOLEAN
172 NTAPI
174 {
177  HANDLE ThreadHandle;
179 
180  /* Create the SeRm command port */
181  RtlInitUnicodeString(&Name, L"\\SeRmCommandPort");
185  sizeof(ULONG),
187  2 * PAGE_SIZE);
188  if (!NT_SUCCESS(Status))
189  {
190  DPRINT1("Security: Rm Create Command Port failed 0x%lx\n", Status);
191  return FALSE;
192  }
193 
194  /* Create SeLsaInitEvent */
195  RtlInitUnicodeString(&Name, L"\\SeLsaInitEvent");
197  Status = ZwCreateEvent(&SeLsaInitEvent,
201  FALSE);
202  if (!NT_VERIFY((NT_SUCCESS(Status))))
203  {
204  DPRINT1("Security: LSA init event creation failed.0x%xl\n", Status);
205  return FALSE;
206  }
207 
208  /* Create the SeRm server thread */
209  Status = PsCreateSystemThread(&ThreadHandle,
211  NULL,
212  NULL,
213  NULL,
215  NULL);
216  if (!NT_SUCCESS(Status))
217  {
218  DPRINT1("Security: Rm Server Thread creation failed 0x%lx\n", Status);
219  return FALSE;
220  }
221 
222  ObCloseHandle(ThreadHandle, KernelMode);
223 
224  return TRUE;
225 }
226 
227 static
228 VOID
230 {
231  struct
232  {
233  ULONG MaxLength;
234  ULONG MinLength;
235  } ListBounds;
237  PAGED_CODE();
238 
239  Status = SepRegQueryHelper(L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa",
240  L"Bounds",
241  REG_BINARY,
242  sizeof(ListBounds),
243  &ListBounds);
244  if (!NT_SUCCESS(Status))
245  {
246  /* No registry values, so keep hardcoded defaults */
247  return;
248  }
249 
250  /* Check if the bounds are valid */
251  if ((ListBounds.MaxLength < ListBounds.MinLength) ||
252  (ListBounds.MinLength < 16) ||
253  (ListBounds.MaxLength - ListBounds.MinLength < 16))
254  {
255  DPRINT1("ListBounds are invalid: %u, %u\n",
256  ListBounds.MinLength, ListBounds.MaxLength);
257  return;
258  }
259 
260  /* Set the new bounds globally */
261  SepAdtMinListLength = ListBounds.MinLength;
262  SepAdtMaxListLength = ListBounds.MaxLength;
263 }
264 
265 
266 static
267 NTSTATUS
270 {
271  ULONG i;
272  PAGED_CODE();
273 
274  /* First re-initialize the bounds from the registry */
276 
277  /* Make sure we have the right message and clear */
278  ASSERT(Message->ApiNumber == RmAuditSetCommand);
279  Message->ApiNumber = 0;
280 
281  /* Store the enable flag in the global variable */
282  SepAdtAuditingEnabled = Message->u.SetAuditEvent.Enabled;
283 
284  /* Loop all audit event types */
285  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
286  {
287  /* Save the provided flags in the global array */
288  SeAuditingState[i] = (UCHAR)Message->u.SetAuditEvent.Flags[i];
289  }
290 
291  return STATUS_SUCCESS;
292 }
293 
294 
295 static
296 NTSTATUS
298  PLUID LogonLuid)
299 {
300  PSEP_LOGON_SESSION_REFERENCES CurrentSession, NewSession;
302  PAGED_CODE();
303 
304  DPRINT("SepRmCreateLogonSession(%08lx:%08lx)\n",
305  LogonLuid->HighPart, LogonLuid->LowPart);
306 
307  /* Allocate a new session structure */
308  NewSession = ExAllocatePoolWithTag(PagedPool,
311  if (NewSession == NULL)
312  {
314  }
315 
316  /* Initialize it */
317  NewSession->LogonId = *LogonLuid;
318  NewSession->ReferenceCount = 0;
319  NewSession->Flags = 0;
320  NewSession->pDeviceMap = NULL;
321  InitializeListHead(&NewSession->TokenList);
322 
323  /* Acquire the database lock */
325 
326  /* Loop all existing sessions */
327  for (CurrentSession = SepLogonSessions;
328  CurrentSession != NULL;
329  CurrentSession = CurrentSession->Next)
330  {
331  /* Check if the LUID matches the new one */
332  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
333  {
335  goto Leave;
336  }
337  }
338 
339  /* Insert the new session */
340  NewSession->Next = SepLogonSessions;
341  SepLogonSessions = NewSession;
342 
344 
345 Leave:
346  /* Release the database lock */
348 
349  if (!NT_SUCCESS(Status))
350  {
352  }
353 
354  return Status;
355 }
356 
357 static
358 NTSTATUS
360  PLUID LogonLuid)
361 {
362  DPRINT("SepRmDeleteLogonSession(%08lx:%08lx)\n",
363  LogonLuid->HighPart, LogonLuid->LowPart);
364 
366  NT_ASSERT(FALSE);
367  return STATUS_NOT_IMPLEMENTED;
368 }
369 
370 
371 NTSTATUS
373  PLUID LogonLuid)
374 {
375  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
376 
377  PAGED_CODE();
378 
379  DPRINT("SepRmReferenceLogonSession(%08lx:%08lx)\n",
380  LogonLuid->HighPart, LogonLuid->LowPart);
381 
382  /* Acquire the database lock */
384 
385  /* Loop all existing sessions */
386  for (CurrentSession = SepLogonSessions;
387  CurrentSession != NULL;
388  CurrentSession = CurrentSession->Next)
389  {
390  /* Check if the LUID matches the new one */
391  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
392  {
393  /* Reference the session */
394  CurrentSession->ReferenceCount += 1;
395  DPRINT("ReferenceCount: %lu\n", CurrentSession->ReferenceCount);
396 
397  /* Release the database lock */
399 
400  return STATUS_SUCCESS;
401  }
402  }
403 
404  /* Release the database lock */
406 
408 }
409 
410 
411 NTSTATUS
413  PLUID LogonLuid)
414 {
415  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
416 
417  DPRINT("SepRmDereferenceLogonSession(%08lx:%08lx)\n",
418  LogonLuid->HighPart, LogonLuid->LowPart);
419 
420  /* Acquire the database lock */
422 
423  /* Loop all existing sessions */
424  for (CurrentSession = SepLogonSessions;
425  CurrentSession != NULL;
426  CurrentSession = CurrentSession->Next)
427  {
428  /* Check if the LUID matches the new one */
429  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
430  {
431  /* Dereference the session */
432  CurrentSession->ReferenceCount -= 1;
433  DPRINT("ReferenceCount: %lu\n", CurrentSession->ReferenceCount);
434 
435  /* Release the database lock */
437 
438  return STATUS_SUCCESS;
439  }
440  }
441 
442  /* Release the database lock */
444 
446 }
447 
448 
449 BOOLEAN
450 NTAPI
452 {
453  SECURITY_QUALITY_OF_SERVICE SecurityQos;
456  REMOTE_PORT_VIEW RemotePortView;
457  PORT_VIEW PortView;
458  LARGE_INTEGER SectionSize;
459  HANDLE SectionHandle;
460  HANDLE PortHandle;
462  BOOLEAN Result;
463 
464  SectionHandle = NULL;
465  PortHandle = NULL;
466 
467  /* Assume success */
468  Result = TRUE;
469 
470  /* Wait until LSASS is ready */
471  Status = ZwWaitForSingleObject(SeLsaInitEvent, FALSE, NULL);
472  if (!NT_SUCCESS(Status))
473  {
474  DPRINT1("Security Rm Init: Waiting for LSA Init Event failed 0x%lx\n", Status);
475  goto Cleanup;
476  }
477 
478  /* We don't need this event anymore */
480 
481  /* Initialize the connection message */
482  Message.Header.u1.s1.TotalLength = sizeof(Message);
483  Message.Header.u1.s1.DataLength = 0;
484 
485  /* Only LSASS can connect, so handle the connection right now */
487  if (!NT_SUCCESS(Status))
488  {
489  DPRINT1("Security Rm Init: Listen to Command Port failed 0x%lx\n", Status);
490  goto Cleanup;
491  }
492 
493  /* Set the Port View structure length */
494  RemotePortView.Length = sizeof(RemotePortView);
495 
496  /* Accept the connection */
498  NULL,
499  &Message.Header,
500  TRUE,
501  NULL,
502  &RemotePortView);
503  if (!NT_SUCCESS(Status))
504  {
505  DPRINT1("Security Rm Init: Accept Connect to Command Port failed 0x%lx\n", Status);
506  goto Cleanup;
507  }
508 
509  /* Complete the connection */
511  if (!NT_SUCCESS(Status))
512  {
513  DPRINT1("Security Rm Init: Complete Connect to Command Port failed 0x%lx\n", Status);
514  goto Cleanup;
515  }
516 
517  /* Create a section for messages */
518  SectionSize.QuadPart = PAGE_SIZE;
519  Status = ZwCreateSection(&SectionHandle,
521  NULL,
522  &SectionSize,
524  SEC_COMMIT,
525  NULL);
526  if (!NT_SUCCESS(Status))
527  {
528  DPRINT1("Security Rm Init: Create Memory Section for LSA port failed: %X\n", Status);
529  goto Cleanup;
530  }
531 
532  /* Setup the PORT_VIEW structure */
533  PortView.Length = sizeof(PortView);
534  PortView.SectionHandle = SectionHandle;
535  PortView.SectionOffset = 0;
536  PortView.ViewSize = SectionSize.LowPart;
537  PortView.ViewBase = NULL;
538  PortView.ViewRemoteBase = NULL;
539 
540  /* Setup security QOS */
541  SecurityQos.Length = sizeof(SecurityQos);
544  SecurityQos.EffectiveOnly = TRUE;
545 
546  /* Connect to LSASS */
547  RtlInitUnicodeString(&PortName, L"\\SeLsaCommandPort");
548  Status = ZwConnectPort(&PortHandle,
549  &PortName,
550  &SecurityQos,
551  &PortView,
552  NULL,
553  0,
554  0,
555  0);
556  if (!NT_SUCCESS(Status))
557  {
558  DPRINT1("Security Rm Init: Connect to LSA Port failed 0x%lx\n", Status);
559  goto Cleanup;
560  }
561 
562  /* Remember section base and view offset */
563  SepCommandPortViewBase = PortView.ViewBase;
567 
568  DPRINT("SepRmCommandServerThreadInit: done\n");
569 
570 Cleanup:
571  /* Check for failure */
572  if (!NT_SUCCESS(Status))
573  {
574  if (PortHandle != NULL)
575  {
576  ObCloseHandle(PortHandle, KernelMode);
577  }
578 
579  Result = FALSE;
580  }
581 
582  /* Did we create a section? */
583  if (SectionHandle != NULL)
584  {
585  ObCloseHandle(SectionHandle, KernelMode);
586  }
587 
588  return Result;
589 }
590 
591 VOID
592 NTAPI
594  PVOID StartContext)
595 {
598  HANDLE DummyPortHandle;
600 
601  /* Initialize the server thread */
603  {
604  DPRINT1("Security: Terminating Rm Command Server Thread\n");
605  return;
606  }
607 
608  /* No reply yet */
609  ReplyMessage = NULL;
610 
611  /* Start looping */
612  while (TRUE)
613  {
614  /* Wait for a message */
616  NULL,
617  ReplyMessage,
618  &Message.Header);
619  if (!NT_SUCCESS(Status))
620  {
621  DPRINT1("Failed to get message: 0x%lx", Status);
622  ReplyMessage = NULL;
623  continue;
624  }
625 
626  /* Check if this is a connection request */
627  if (Message.Header.u2.s2.Type == LPC_CONNECTION_REQUEST)
628  {
629  /* Reject connection request */
630  ZwAcceptConnectPort(&DummyPortHandle,
631  NULL,
632  &Message.Header,
633  FALSE,
634  NULL,
635  NULL);
636 
637  /* Start over */
638  ReplyMessage = NULL;
639  continue;
640  }
641 
642  /* Check if the port died */
643  if ((Message.Header.u2.s2.Type == LPC_PORT_CLOSED) ||
644  (Message.Header.u2.s2.Type == LPC_CLIENT_DIED))
645  {
646  /* LSASS is dead, so let's quit as well */
647  break;
648  }
649 
650  /* Check if this is an actual request */
651  if (Message.Header.u2.s2.Type != LPC_REQUEST)
652  {
653  DPRINT1("SepRmCommandServerThread: unexpected message type: 0x%lx\n",
654  Message.Header.u2.s2.Type);
655 
656  /* Restart without replying */
657  ReplyMessage = NULL;
658  continue;
659  }
660 
661  ReplyMessage = &Message.Header;
662 
663  switch (Message.ApiNumber)
664  {
665  case RmAuditSetCommand:
667  break;
668 
670  Status = SepRmCreateLogonSession(&Message.u.LogonLuid);
671  break;
672 
674  Status = SepRmDeleteLogonSession(&Message.u.LogonLuid);
675  break;
676 
677  default:
678  DPRINT1("SepRmDispatchRequest: invalid API number: 0x%lx\n",
679  Message.ApiNumber);
680  ReplyMessage = NULL;
681  }
682 
683  Message.u.ResultStatus = Status;
684  }
685 
686  /* Close the port handles */
689 }
690 
691 
692 /* PUBLIC FUNCTIONS ***********************************************************/
693 
694 /*
695  * @unimplemented
696  */
697 NTSTATUS
698 NTAPI
700  IN PLUID LogonId)
701 {
703  return STATUS_NOT_IMPLEMENTED;
704 }
705 
706 
707 /*
708  * @unimplemented
709  */
710 NTSTATUS
711 NTAPI
714 {
716  return STATUS_NOT_IMPLEMENTED;
717 }
718 
719 
720 /*
721  * @unimplemented
722  */
723 NTSTATUS
724 NTAPI
727 {
729  return STATUS_NOT_IMPLEMENTED;
730 }
IN CINT OUT PVOID IN ULONG OUT PULONG ResultLength
Definition: conport.c:47
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4693
const uint16_t * PCWSTR
Definition: typedefs.h:55
#define IN
Definition: typedefs.h:38
NTSYSAPI NTSTATUS NTAPI ZwListenPort(_In_ HANDLE PortHandle, _In_ PPORT_MESSAGE ConnectionRequest)
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
HANDLE SeRmCommandPort
Definition: srm.c:18
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOLEAN NTAPI SeRmInitPhase0(VOID)
Definition: srm.c:146
BOOLEAN SepAdtAuditingEnabled
Definition: srm.c:55
NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification(IN PLUID LogonId)
Definition: srm.c:699
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4693
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
NTSTATUS NTAPI SepRegQueryHelper(PCWSTR KeyName, PCWSTR ValueName, ULONG ValueType, ULONG DataLength, PVOID ValueData)
Definition: srm.c:70
NTSYSAPI NTSTATUS NTAPI ZwCompleteConnectPort(_In_ HANDLE PortHandle)
#define REG_BINARY
Definition: nt_native.h:1496
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:317
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
NTSYSAPI NTSTATUS NTAPI ZwAcceptConnectPort(_Out_ PHANDLE PortHandle, _In_opt_ PVOID PortContext, _In_ PPORT_MESSAGE ConnectionRequest, _In_ BOOLEAN AcceptConnection, _In_opt_ PPORT_VIEW ServerView, _In_opt_ PREMOTE_PORT_VIEW ClientView)
_In_ PCWSTR _In_z_ PCWSTR _In_ ULONG ValueType
Definition: rtlfuncs.h:4000
ULONG SepAdtMinListLength
Definition: srm.c:56
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS SepRmCreateLogonSession(PLUID LogonLuid)
Definition: srm.c:297
ULONG SectionOffset
#define NT_VERIFY(exp)
Definition: rtlfuncs.h:3289
NTSTATUS SepRmReferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:372
PVOID SepCommandPortViewRemoteBase
Definition: srm.c:50
#define PAGED_CODE()
Definition: video.h:57
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
uint32_t ULONG_PTR
Definition: typedefs.h:63
PVOID SepCommandPortViewBase
Definition: srm.c:49
_Must_inspect_result_ _In_ PFLT_GET_OPERATION_STATUS_CALLBACK CallbackRoutine
Definition: fltkernel.h:1035
_In_ PUNICODE_STRING ValueName
Definition: cmfuncs.h:264
#define SECTION_ALL_ACCESS
Definition: nt_native.h:1293
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
VOID NTAPI SepRmCommandServerThread(PVOID StartContext)
Definition: srm.c:593
ULONG SepAdtMaxListLength
Definition: srm.c:57
ULONG_PTR SepCommandPortViewBaseOffset
Definition: srm.c:51
static HANDLE SepRmCommandMessagePort
Definition: srm.c:53
#define SEC_COMMIT
Definition: mmtypes.h:99
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define GENERIC_WRITE
Definition: nt_native.h:90
struct NameRec_ * Name
Definition: cdprocs.h:464
unsigned char BOOLEAN
LPC_PVOID ViewRemoteBase
UCHAR SeAuditingState[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: srm.c:60
smooth NULL
Definition: ftsmooth.c:416
#define STATUS_LOGON_SESSION_EXISTS
Definition: ntstatus.h:460
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
void DPRINT(...)
Definition: polytest.cpp:61
static NTSTATUS SepRmSetAuditEvent(PSEP_RM_API_MESSAGE Message)
Definition: srm.c:268
Definition: bufpool.h:45
BOOL WINAPI ReplyMessage(_In_ LRESULT)
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: srm.c:59
BOOLEAN NTAPI SepRmCommandServerThreadInit(VOID)
Definition: srm.c:451
NTSYSAPI NTSTATUS NTAPI ZwConnectPort(_Out_ PHANDLE PortHandle, _In_ PUNICODE_STRING PortName, _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQos, _In_opt_ PPORT_VIEW ClientView, _In_opt_ PREMOTE_PORT_VIEW ServerView, _In_opt_ PULONG MaxMessageLength, _In_opt_ PVOID ConnectionInformation, _In_opt_ PULONG ConnectionInformationLength)
#define STATUS_OBJECT_TYPE_MISMATCH
Definition: ntstatus.h:259
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
DWORD LowPart
LPC_SIZE_T ViewSize
NTSTATUS(NTAPI * PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId)
Definition: setypes.h:1209
LUID SeAnonymousAuthenticationId
Definition: token.c:39
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:311
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: srm.c:25
LUID SeSystemAuthenticationId
Definition: token.c:38
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
CHAR Message[80]
Definition: alive.c:5
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
unsigned char UCHAR
Definition: xmlstorage.h:181
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3376
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
static const WCHAR L[]
Definition: oid.c:1250
LONG HighPart
ULONG LowPart
Definition: typedefs.h:104
#define PAGE_SIZE
Definition: env_spec_w32.h:49
HANDLE SeLsaInitEvent
Definition: srm.c:47
NTSYSAPI NTSTATUS NTAPI ZwReplyWaitReceivePort(_In_ HANDLE PortHandle, _Out_opt_ PVOID *PortContext, _In_opt_ PPORT_MESSAGE ReplyMessage, _Out_ PPORT_MESSAGE ReceiveMessage)
Definition: typedefs.h:117
static const WCHAR Cleanup[]
Definition: register.c:80
PDEVICE_MAP pDeviceMap
Definition: srm.c:29
Status
Definition: gdiplustypes.h:24
struct _SEP_LOGON_SESSION_REFERENCES SEP_LOGON_SESSION_REFERENCES
static NTSTATUS SepRmDeleteLogonSession(PLUID LogonLuid)
Definition: srm.c:359
static VOID SepAdtInitializeBounds(VOID)
Definition: srm.c:229
LPC_PVOID ViewBase
VOID FASTCALL KeInitializeGuardedMutex(OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:31
#define SEP_LOGON_SESSION_TAG
Definition: srm.c:21
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define PORT_MAXIMUM_MESSAGE_LENGTH
Definition: iotypes.h:1985
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:63
NTSTATUS NTAPI PsCreateSystemThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:602
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
unsigned int * PULONG
Definition: retypes.h:1
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define DPRINT1
Definition: precomp.h:8
LIST_ENTRY TokenList
Definition: srm.c:30
BOOLEAN NTAPI SeRmInitPhase1(VOID)
Definition: srm.c:173
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNIMPLEMENTED
Definition: debug.h:114
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Definition: srm.c:725
NTSYSAPI NTSTATUS NTAPI ZwCreatePort(_Out_ PHANDLE PortHandle, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ ULONG MaxConnectionInfoLength, _In_ ULONG MaxMessageLength, _In_ ULONG MaxPoolUsage)
LPC_HANDLE SectionHandle
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Definition: srm.c:712
_Must_inspect_result_ _Out_writes_to_ DataLength PHIDP_DATA _Inout_ PULONG DataLength
Definition: hidpi.h:333
NTSTATUS SepRmDereferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:412
return STATUS_SUCCESS
Definition: btrfs.c:2725
#define REG_DWORD
Definition: sdbapi.c:596
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
LONGLONG QuadPart
Definition: typedefs.h:112
struct _SEP_LOGON_SESSION_REFERENCES * PSEP_LOGON_SESSION_REFERENCES
#define PAGE_READWRITE
Definition: nt_native.h:1304
IN PUNICODE_STRING PortName
Definition: conport.c:35
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:62
#define NT_ASSERT
Definition: rtlfuncs.h:3312