ReactOS  0.4.14-dev-342-gdc047f9
srm.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS kernel
4  * FILE: ntoskrnl/se/srm.c
5  * PURPOSE: Security Reference Monitor Server
6  *
7  * PROGRAMMERS: Timo Kreuzer (timo.kreuzer@reactos.org)
8  * Pierre Schweitzer (pierre@reactos.org)
9  */
10 
11 /* INCLUDES *******************************************************************/
12 
13 #include <ntoskrnl.h>
14 #define NDEBUG
15 #include <debug.h>
16 
19 
20 /* PRIVATE DEFINITIONS ********************************************************/
21 
22 #define SEP_LOGON_SESSION_TAG 'sLeS'
23 #define SEP_LOGON_NOTIFICATION_TAG 'nLeS'
24 
26 {
34 
36 {
40 
41 VOID
42 NTAPI
44  PVOID StartContext);
45 
46 static
49  PLUID LogonLuid);
50 
51 
52 /* GLOBALS ********************************************************************/
53 
56 
60 
62 
66 
67 #define POLICY_AUDIT_EVENT_TYPE_COUNT 9 // (AuditCategoryAccountLogon - AuditCategorySystem + 1)
69 
73 
74 
75 /* PRIVATE FUNCTIONS **********************************************************/
76 
78 NTAPI
85 {
86  UNICODE_STRING ValueNameString;
87  UNICODE_STRING KeyNameString;
91  struct
92  {
94  UCHAR Buffer[64];
95  } KeyValueInformation;
96  NTSTATUS Status, CloseStatus;
97  PAGED_CODE();
98 
99  RtlInitUnicodeString(&KeyNameString, KeyName);
101  &KeyNameString,
103  NULL,
104  NULL);
105 
107  if (!NT_SUCCESS(Status))
108  {
109  return Status;
110  }
111 
112  RtlInitUnicodeString(&ValueNameString, ValueName);
113  Status = ZwQueryValueKey(KeyHandle,
114  &ValueNameString,
116  &KeyValueInformation.Partial,
117  sizeof(KeyValueInformation),
118  &ResultLength);
119  if (!NT_SUCCESS(Status))
120  {
121  goto Cleanup;
122  }
123 
124  if ((KeyValueInformation.Partial.Type != ValueType) ||
125  (KeyValueInformation.Partial.DataLength != DataLength))
126  {
128  goto Cleanup;
129  }
130 
131 
132  if (ValueType == REG_BINARY)
133  {
134  RtlCopyMemory(ValueData, KeyValueInformation.Partial.Data, DataLength);
135  }
136  else if (ValueType == REG_DWORD)
137  {
138  *(PULONG)ValueData = *(PULONG)KeyValueInformation.Partial.Data;
139  }
140  else
141  {
143  }
144 
145 Cleanup:
146  CloseStatus = ZwClose(KeyHandle);
147  ASSERT(NT_SUCCESS( CloseStatus ));
148 
149  return Status;
150 }
151 
152 
153 BOOLEAN
154 NTAPI
156 {
158 
159  /* Initialize the database lock */
161 
162  /* Create the system logon session */
164  if (!NT_VERIFY(NT_SUCCESS(Status)))
165  {
166  return FALSE;
167  }
168 
169  /* Create the anonymous logon session */
171  if (!NT_VERIFY(NT_SUCCESS(Status)))
172  {
173  return FALSE;
174  }
175 
176  return TRUE;
177 }
178 
179 
180 BOOLEAN
181 NTAPI
183 {
186  HANDLE ThreadHandle;
188 
189  /* Create the SeRm command port */
190  RtlInitUnicodeString(&Name, L"\\SeRmCommandPort");
194  sizeof(ULONG),
196  2 * PAGE_SIZE);
197  if (!NT_SUCCESS(Status))
198  {
199  DPRINT1("Security: Rm Create Command Port failed 0x%lx\n", Status);
200  return FALSE;
201  }
202 
203  /* Create SeLsaInitEvent */
204  RtlInitUnicodeString(&Name, L"\\SeLsaInitEvent");
206  Status = ZwCreateEvent(&SeLsaInitEvent,
210  FALSE);
211  if (!NT_VERIFY((NT_SUCCESS(Status))))
212  {
213  DPRINT1("Security: LSA init event creation failed.0x%xl\n", Status);
214  return FALSE;
215  }
216 
217  /* Create the SeRm server thread */
218  Status = PsCreateSystemThread(&ThreadHandle,
220  NULL,
221  NULL,
222  NULL,
224  NULL);
225  if (!NT_SUCCESS(Status))
226  {
227  DPRINT1("Security: Rm Server Thread creation failed 0x%lx\n", Status);
228  return FALSE;
229  }
230 
231  ObCloseHandle(ThreadHandle, KernelMode);
232 
233  return TRUE;
234 }
235 
236 static
237 VOID
239 {
240  struct
241  {
242  ULONG MaxLength;
243  ULONG MinLength;
244  } ListBounds;
246  PAGED_CODE();
247 
248  Status = SepRegQueryHelper(L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa",
249  L"Bounds",
250  REG_BINARY,
251  sizeof(ListBounds),
252  &ListBounds);
253  if (!NT_SUCCESS(Status))
254  {
255  /* No registry values, so keep hardcoded defaults */
256  return;
257  }
258 
259  /* Check if the bounds are valid */
260  if ((ListBounds.MaxLength < ListBounds.MinLength) ||
261  (ListBounds.MinLength < 16) ||
262  (ListBounds.MaxLength - ListBounds.MinLength < 16))
263  {
264  DPRINT1("ListBounds are invalid: %u, %u\n",
265  ListBounds.MinLength, ListBounds.MaxLength);
266  return;
267  }
268 
269  /* Set the new bounds globally */
270  SepAdtMinListLength = ListBounds.MinLength;
271  SepAdtMaxListLength = ListBounds.MaxLength;
272 }
273 
274 
275 static
276 NTSTATUS
279 {
280  ULONG i;
281  PAGED_CODE();
282 
283  /* First re-initialize the bounds from the registry */
285 
286  /* Make sure we have the right message and clear */
287  ASSERT(Message->ApiNumber == RmAuditSetCommand);
288  Message->ApiNumber = 0;
289 
290  /* Store the enable flag in the global variable */
291  SepAdtAuditingEnabled = Message->u.SetAuditEvent.Enabled;
292 
293  /* Loop all audit event types */
294  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
295  {
296  /* Save the provided flags in the global array */
297  SeAuditingState[i] = (UCHAR)Message->u.SetAuditEvent.Flags[i];
298  }
299 
300  return STATUS_SUCCESS;
301 }
302 
303 
304 static
305 NTSTATUS
307  PLUID LogonLuid)
308 {
309  PSEP_LOGON_SESSION_REFERENCES CurrentSession, NewSession;
311  PAGED_CODE();
312 
313  DPRINT("SepRmCreateLogonSession(%08lx:%08lx)\n",
314  LogonLuid->HighPart, LogonLuid->LowPart);
315 
316  /* Allocate a new session structure */
317  NewSession = ExAllocatePoolWithTag(PagedPool,
320  if (NewSession == NULL)
321  {
323  }
324 
325  /* Initialize it */
326  NewSession->LogonId = *LogonLuid;
327  NewSession->ReferenceCount = 0;
328  NewSession->Flags = 0;
329  NewSession->pDeviceMap = NULL;
330  InitializeListHead(&NewSession->TokenList);
331 
332  /* Acquire the database lock */
334 
335  /* Loop all existing sessions */
336  for (CurrentSession = SepLogonSessions;
337  CurrentSession != NULL;
338  CurrentSession = CurrentSession->Next)
339  {
340  /* Check if the LUID matches the new one */
341  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
342  {
344  goto Leave;
345  }
346  }
347 
348  /* Insert the new session */
349  NewSession->Next = SepLogonSessions;
350  SepLogonSessions = NewSession;
351 
353 
354 Leave:
355  /* Release the database lock */
357 
358  if (!NT_SUCCESS(Status))
359  {
361  }
362 
363  return Status;
364 }
365 
366 static
367 NTSTATUS
369  PLUID LogonLuid)
370 {
371  DPRINT("SepRmDeleteLogonSession(%08lx:%08lx)\n",
372  LogonLuid->HighPart, LogonLuid->LowPart);
373 
375  NT_ASSERT(FALSE);
376  return STATUS_NOT_IMPLEMENTED;
377 }
378 
379 
380 NTSTATUS
382  PLUID LogonLuid)
383 {
384  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
385 
386  PAGED_CODE();
387 
388  DPRINT("SepRmReferenceLogonSession(%08lx:%08lx)\n",
389  LogonLuid->HighPart, LogonLuid->LowPart);
390 
391  /* Acquire the database lock */
393 
394  /* Loop all existing sessions */
395  for (CurrentSession = SepLogonSessions;
396  CurrentSession != NULL;
397  CurrentSession = CurrentSession->Next)
398  {
399  /* Check if the LUID matches the new one */
400  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
401  {
402  /* Reference the session */
403  ++CurrentSession->ReferenceCount;
404  DPRINT("ReferenceCount: %lu\n", CurrentSession->ReferenceCount);
405 
406  /* Release the database lock */
408 
409  return STATUS_SUCCESS;
410  }
411  }
412 
413  /* Release the database lock */
415 
417 }
418 
419 
420 NTSTATUS
422  PLUID LogonLuid)
423 {
424  BOOLEAN UseCurrentProc;
426  WCHAR Buffer[63];
427  UNICODE_STRING DirectoryName;
430  HANDLE DirectoryHandle, LinkHandle;
431  PHANDLE LinksBuffer;
432  POBJECT_DIRECTORY_INFORMATION DirectoryInfo;
433  ULONG LinksCount, LinksSize, DirInfoLength, ReturnLength, Context, CurrentLinks, i;
435 
436  PAGED_CODE();
437 
438  /* We need a logon LUID */
439  if (LogonLuid == NULL)
440  {
442  }
443 
444  /* Use current process */
445  UseCurrentProc = ObReferenceObjectSafe(PsGetCurrentProcess());
446  if (UseCurrentProc)
447  {
449  }
450  /* Unless it's gone, then use system process */
451  else
452  {
454  }
455 
456  /* Initialize our directory name */
458  sizeof(Buffer) / sizeof(WCHAR),
459  L"\\Sessions\\0\\DosDevices\\%08x-%08x",
460  LogonLuid->HighPart,
461  LogonLuid->LowPart);
462  RtlInitUnicodeString(&DirectoryName, Buffer);
463 
464  /* And open it */
466  &DirectoryName,
468  NULL,
469  NULL);
473  if (!NT_SUCCESS(Status))
474  {
475  if (!UseCurrentProc)
476  {
478  }
479 
480  return Status;
481  }
482 
483  /* Some initialization needed for browsing all our links... */
484  Context = 0;
485  DirectoryInfo = NULL;
486  DirInfoLength = 0;
487  /* In our buffer, we'll store at max 100 HANDLE */
488  LinksCount = 100;
489  CurrentLinks = 0;
490  /* Which gives a certain size */
491  LinksSize = LinksCount * sizeof(HANDLE);
492 
493  /*
494  * This label is hit if we need to store more than a hundred
495  * of links. In that case, we jump here after having cleaned
496  * and deleted previous buffer.
497  * All handles have been already closed
498  */
499 AllocateLinksAgain:
500  LinksBuffer = ExAllocatePoolWithTag(PagedPool,
501  LinksSize,
503  if (LinksBuffer == NULL)
504  {
505  /*
506  * Failure path: no need to clear handles:
507  * already closed and the buffer is already gone
508  */
510 
511  /*
512  * On the first round, DirectoryInfo is NULL,
513  * if we grow LinksBuffer, it has been allocated
514  */
515  if (DirectoryInfo != NULL)
516  {
517  ExFreePoolWithTag(DirectoryInfo, TAG_SE_DIR_BUFFER);
518  }
519 
520  if (!UseCurrentProc)
521  {
523  }
524 
525  return STATUS_NO_MEMORY;
526  }
527 
528  /*
529  * We always restart scan, but on the first loop
530  * if we couldn't fit everything in our buffer,
531  * then, we continue scan.
532  * But we restart if link buffer was too small
533  */
534  for (RestartScan = TRUE; ; RestartScan = FALSE)
535  {
536  /*
537  * Loop until our buffer is big enough to store
538  * one entry
539  */
540  while (TRUE)
541  {
542  Status = ZwQueryDirectoryObject(DirectoryHandle,
543  DirectoryInfo,
544  DirInfoLength,
545  TRUE,
546  RestartScan,
547  &Context,
548  &ReturnLength);
549  /* Only handle buffer growth in that loop */
551  {
552  break;
553  }
554 
555  /* Get output length as new length */
556  DirInfoLength = ReturnLength;
557  /* Delete old buffer if any */
558  if (DirectoryInfo != NULL)
559  {
560  ExFreePoolWithTag(DirectoryInfo, 'bDeS');
561  }
562 
563  /* And reallocate a bigger one */
564  DirectoryInfo = ExAllocatePoolWithTag(PagedPool,
565  DirInfoLength,
567  /* Fail if we cannot allocate */
568  if (DirectoryInfo == NULL)
569  {
571  break;
572  }
573  }
574 
575  /* If querying the entry failed, quit */
576  if (!NT_SUCCESS(Status))
577  {
578  break;
579  }
580 
581  /* We only look for symbolic links, the rest, we ignore */
582  if (wcscmp(DirectoryInfo->TypeName.Buffer, L"SymbolicLink"))
583  {
584  continue;
585  }
586 
587  /* If our link buffer is out of space, reallocate */
588  if (CurrentLinks >= LinksCount)
589  {
590  /* First, close the links */
591  for (i = 0; i < CurrentLinks; ++i)
592  {
593  ZwClose(LinksBuffer[i]);
594  }
595 
596  /* Allow 20 more HANDLEs */
597  LinksCount += 20;
598  CurrentLinks = 0;
600  LinksSize = LinksCount * sizeof(HANDLE);
601 
602  /* And reloop again */
603  goto AllocateLinksAgain;
604  }
605 
606  /* Open the found link */
608  &DirectoryInfo->Name,
611  NULL);
612  if (NT_SUCCESS(ZwOpenSymbolicLinkObject(&LinkHandle,
614  &ObjectAttributes)))
615  {
616  /* If we cannot make it temporary, just close the link handle */
617  if (!NT_SUCCESS(ZwMakeTemporaryObject(LinkHandle)))
618  {
619  ZwClose(LinkHandle);
620  }
621  /* Otherwise, store it to defer deletion */
622  else
623  {
624  LinksBuffer[CurrentLinks] = LinkHandle;
625  ++CurrentLinks;
626  }
627  }
628  }
629 
630  /* No more entries means we handled all links, that's not a failure */
632  {
634  }
635 
636  /* Close all the links we stored, this will like cause their deletion */
637  for (i = 0; i < CurrentLinks; ++i)
638  {
639  ZwClose(LinksBuffer[i]);
640  }
641  /* And free our links buffer */
643 
644  /* Free our directory info buffer - it might be NULL if we failed realloc */
645  if (DirectoryInfo != NULL)
646  {
647  ExFreePoolWithTag(DirectoryInfo, TAG_SE_DIR_BUFFER);
648  }
649 
650  /* Close our session directory */
652 
653  /* And detach from system */
654  if (!UseCurrentProc)
655  {
657  }
658 
659  return Status;
660 }
661 
662 
663 NTSTATUS
665  PLUID LogonLuid)
666 {
667  ULONG RefCount;
668  PDEVICE_MAP DeviceMap;
669  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
670 
671  DPRINT("SepRmDereferenceLogonSession(%08lx:%08lx)\n",
672  LogonLuid->HighPart, LogonLuid->LowPart);
673 
674  /* Acquire the database lock */
676 
677  /* Loop all existing sessions */
678  for (CurrentSession = SepLogonSessions;
679  CurrentSession != NULL;
680  CurrentSession = CurrentSession->Next)
681  {
682  /* Check if the LUID matches the new one */
683  if (RtlEqualLuid(&CurrentSession->LogonId, LogonLuid))
684  {
685  /* Dereference the session */
686  RefCount = --CurrentSession->ReferenceCount;
687  DPRINT("ReferenceCount: %lu\n", CurrentSession->ReferenceCount);
688 
689  /* Release the database lock */
691 
692  /* We're done with the session */
693  if (RefCount == 0)
694  {
695  /* Get rid of the LUID device map */
696  DeviceMap = CurrentSession->pDeviceMap;
697  if (DeviceMap != NULL)
698  {
699  CurrentSession->pDeviceMap = NULL;
701  ObfDereferenceDeviceMap(DeviceMap);
702  }
703  }
704 
705  return STATUS_SUCCESS;
706  }
707  }
708 
709  /* Release the database lock */
711 
713 }
714 
715 
716 BOOLEAN
717 NTAPI
719 {
720  SECURITY_QUALITY_OF_SERVICE SecurityQos;
723  REMOTE_PORT_VIEW RemotePortView;
724  PORT_VIEW PortView;
725  LARGE_INTEGER SectionSize;
726  HANDLE SectionHandle;
727  HANDLE PortHandle;
729  BOOLEAN Result;
730 
731  SectionHandle = NULL;
732  PortHandle = NULL;
733 
734  /* Assume success */
735  Result = TRUE;
736 
737  /* Wait until LSASS is ready */
738  Status = ZwWaitForSingleObject(SeLsaInitEvent, FALSE, NULL);
739  if (!NT_SUCCESS(Status))
740  {
741  DPRINT1("Security Rm Init: Waiting for LSA Init Event failed 0x%lx\n", Status);
742  goto Cleanup;
743  }
744 
745  /* We don't need this event anymore */
747 
748  /* Initialize the connection message */
749  Message.Header.u1.s1.TotalLength = sizeof(Message);
750  Message.Header.u1.s1.DataLength = 0;
751 
752  /* Only LSASS can connect, so handle the connection right now */
754  if (!NT_SUCCESS(Status))
755  {
756  DPRINT1("Security Rm Init: Listen to Command Port failed 0x%lx\n", Status);
757  goto Cleanup;
758  }
759 
760  /* Set the Port View structure length */
761  RemotePortView.Length = sizeof(RemotePortView);
762 
763  /* Accept the connection */
765  NULL,
766  &Message.Header,
767  TRUE,
768  NULL,
769  &RemotePortView);
770  if (!NT_SUCCESS(Status))
771  {
772  DPRINT1("Security Rm Init: Accept Connect to Command Port failed 0x%lx\n", Status);
773  goto Cleanup;
774  }
775 
776  /* Complete the connection */
778  if (!NT_SUCCESS(Status))
779  {
780  DPRINT1("Security Rm Init: Complete Connect to Command Port failed 0x%lx\n", Status);
781  goto Cleanup;
782  }
783 
784  /* Create a section for messages */
785  SectionSize.QuadPart = PAGE_SIZE;
786  Status = ZwCreateSection(&SectionHandle,
788  NULL,
789  &SectionSize,
791  SEC_COMMIT,
792  NULL);
793  if (!NT_SUCCESS(Status))
794  {
795  DPRINT1("Security Rm Init: Create Memory Section for LSA port failed: %X\n", Status);
796  goto Cleanup;
797  }
798 
799  /* Setup the PORT_VIEW structure */
800  PortView.Length = sizeof(PortView);
801  PortView.SectionHandle = SectionHandle;
802  PortView.SectionOffset = 0;
803  PortView.ViewSize = SectionSize.LowPart;
804  PortView.ViewBase = NULL;
805  PortView.ViewRemoteBase = NULL;
806 
807  /* Setup security QOS */
808  SecurityQos.Length = sizeof(SecurityQos);
811  SecurityQos.EffectiveOnly = TRUE;
812 
813  /* Connect to LSASS */
814  RtlInitUnicodeString(&PortName, L"\\SeLsaCommandPort");
815  Status = ZwConnectPort(&PortHandle,
816  &PortName,
817  &SecurityQos,
818  &PortView,
819  NULL,
820  0,
821  0,
822  0);
823  if (!NT_SUCCESS(Status))
824  {
825  DPRINT1("Security Rm Init: Connect to LSA Port failed 0x%lx\n", Status);
826  goto Cleanup;
827  }
828 
829  /* Remember section base and view offset */
830  SepCommandPortViewBase = PortView.ViewBase;
834 
835  DPRINT("SepRmCommandServerThreadInit: done\n");
836 
837 Cleanup:
838  /* Check for failure */
839  if (!NT_SUCCESS(Status))
840  {
841  if (PortHandle != NULL)
842  {
843  ObCloseHandle(PortHandle, KernelMode);
844  }
845 
846  Result = FALSE;
847  }
848 
849  /* Did we create a section? */
850  if (SectionHandle != NULL)
851  {
852  ObCloseHandle(SectionHandle, KernelMode);
853  }
854 
855  return Result;
856 }
857 
858 VOID
859 NTAPI
861  PVOID StartContext)
862 {
865  HANDLE DummyPortHandle;
867 
868  /* Initialize the server thread */
870  {
871  DPRINT1("Security: Terminating Rm Command Server Thread\n");
872  return;
873  }
874 
875  /* No reply yet */
876  ReplyMessage = NULL;
877 
878  /* Start looping */
879  while (TRUE)
880  {
881  /* Wait for a message */
883  NULL,
884  ReplyMessage,
885  &Message.Header);
886  if (!NT_SUCCESS(Status))
887  {
888  DPRINT1("Failed to get message: 0x%lx", Status);
889  ReplyMessage = NULL;
890  continue;
891  }
892 
893  /* Check if this is a connection request */
894  if (Message.Header.u2.s2.Type == LPC_CONNECTION_REQUEST)
895  {
896  /* Reject connection request */
897  ZwAcceptConnectPort(&DummyPortHandle,
898  NULL,
899  &Message.Header,
900  FALSE,
901  NULL,
902  NULL);
903 
904  /* Start over */
905  ReplyMessage = NULL;
906  continue;
907  }
908 
909  /* Check if the port died */
910  if ((Message.Header.u2.s2.Type == LPC_PORT_CLOSED) ||
911  (Message.Header.u2.s2.Type == LPC_CLIENT_DIED))
912  {
913  /* LSASS is dead, so let's quit as well */
914  break;
915  }
916 
917  /* Check if this is an actual request */
918  if (Message.Header.u2.s2.Type != LPC_REQUEST)
919  {
920  DPRINT1("SepRmCommandServerThread: unexpected message type: 0x%lx\n",
921  Message.Header.u2.s2.Type);
922 
923  /* Restart without replying */
924  ReplyMessage = NULL;
925  continue;
926  }
927 
928  ReplyMessage = &Message.Header;
929 
930  switch (Message.ApiNumber)
931  {
932  case RmAuditSetCommand:
934  break;
935 
937  Status = SepRmCreateLogonSession(&Message.u.LogonLuid);
938  break;
939 
941  Status = SepRmDeleteLogonSession(&Message.u.LogonLuid);
942  break;
943 
944  default:
945  DPRINT1("SepRmDispatchRequest: invalid API number: 0x%lx\n",
946  Message.ApiNumber);
947  ReplyMessage = NULL;
948  }
949 
950  Message.u.ResultStatus = Status;
951  }
952 
953  /* Close the port handles */
956 }
957 
958 
959 /* PUBLIC FUNCTIONS ***********************************************************/
960 
961 /*
962  * @unimplemented
963  */
964 NTSTATUS
965 NTAPI
967  IN PLUID LogonId,
968  OUT PDEVICE_MAP * DeviceMap
969  )
970 {
972  WCHAR Buffer[63];
973  PDEVICE_MAP LocalMap;
974  HANDLE DirectoryHandle, LinkHandle;
976  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
977  UNICODE_STRING DirectoryName, LinkName, TargetName;
978 
979  PAGED_CODE();
980 
981  if (LogonId == NULL ||
982  DeviceMap == NULL)
983  {
985  }
986 
987  /* Acquire the database lock */
989 
990  /* Loop all existing sessions */
991  for (CurrentSession = SepLogonSessions;
992  CurrentSession != NULL;
993  CurrentSession = CurrentSession->Next)
994  {
995  /* Check if the LUID matches the provided one */
996  if (RtlEqualLuid(&CurrentSession->LogonId, LogonId))
997  {
998  break;
999  }
1000  }
1001 
1002  /* No session found, fail */
1003  if (CurrentSession == NULL)
1004  {
1005  /* Release the database lock */
1007 
1009  }
1010 
1011  /* The found session has a device map, return it! */
1012  if (CurrentSession->pDeviceMap != NULL)
1013  {
1014  *DeviceMap = CurrentSession->pDeviceMap;
1015 
1016  /* Release the database lock */
1018 
1019  return STATUS_SUCCESS;
1020  }
1021 
1022  /* At that point, we'll setup a new device map for the session */
1023  LocalMap = NULL;
1024 
1025  /* Reference the session so that it doesn't go away */
1026  CurrentSession->ReferenceCount += 1;
1027 
1028  /* Release the database lock */
1030 
1031  /* Create our object directory given the LUID */
1033  sizeof(Buffer) / sizeof(WCHAR),
1034  L"\\Sessions\\0\\DosDevices\\%08x-%08x",
1035  LogonId->HighPart,
1036  LogonId->LowPart);
1037  RtlInitUnicodeString(&DirectoryName, Buffer);
1038 
1040  &DirectoryName,
1042  NULL,
1043  NULL);
1046  &ObjectAttributes);
1047  if (NT_SUCCESS(Status))
1048  {
1049  /* Create the associated device map */
1051  if (NT_SUCCESS(Status))
1052  {
1053  /* Make Global point to \Global?? in the directory */
1054  RtlInitUnicodeString(&LinkName, L"Global");
1055  RtlInitUnicodeString(&TargetName, L"\\Global??");
1056 
1058  &LinkName,
1061  NULL);
1062  Status = ZwCreateSymbolicLinkObject(&LinkHandle,
1065  &TargetName);
1066  if (!NT_SUCCESS(Status))
1067  {
1068  ObfDereferenceDeviceMap(LocalMap);
1069  }
1070  else
1071  {
1072  ZwClose(LinkHandle);
1073  }
1074  }
1075 
1077  }
1078 
1079  /* Acquire the database lock */
1081 
1082  /* If we succeed... */
1083  if (NT_SUCCESS(Status))
1084  {
1085  /* The session now has a device map? We raced with someone else */
1086  if (CurrentSession->pDeviceMap != NULL)
1087  {
1088  /* Give up on our new device map */
1089  ObfDereferenceDeviceMap(LocalMap);
1090  }
1091  /* Otherwise use our newly allocated device map */
1092  else
1093  {
1094  CurrentSession->pDeviceMap = LocalMap;
1095  }
1096 
1097  /* Return the device map */
1098  *DeviceMap = CurrentSession->pDeviceMap;
1099  }
1100  /* Zero output */
1101  else
1102  {
1103  *DeviceMap = NULL;
1104  }
1105 
1106  /* Release the database lock */
1108 
1109  /* We're done with the session */
1110  SepRmDereferenceLogonSession(&CurrentSession->LogonId);
1111 
1112  return Status;
1113 }
1114 
1115 /*
1116  * @unimplemented
1117  */
1118 NTSTATUS
1119 NTAPI
1121  IN PLUID LogonId)
1122 {
1123  UNIMPLEMENTED;
1124  return STATUS_NOT_IMPLEMENTED;
1125 }
1126 
1127 
1128 /*
1129  * @implemented
1130  */
1131 NTSTATUS
1132 NTAPI
1135 {
1137  PAGED_CODE();
1138 
1139  /* Fail, if we don not have a callback routine */
1140  if (CallbackRoutine == NULL)
1141  return STATUS_INVALID_PARAMETER;
1142 
1143  /* Allocate a new notification item */
1144  Notification = ExAllocatePoolWithTag(PagedPool,
1147  if (Notification == NULL)
1149 
1150  /* Acquire the database lock */
1152 
1153  /* Set the callback routine */
1154  Notification->CallbackRoutine = CallbackRoutine;
1155 
1156  /* Insert the new notification item into the list */
1157  Notification->Next = SepLogonNotifications;
1158  SepLogonNotifications = Notification;
1159 
1160  /* Release the database lock */
1162 
1163  return STATUS_SUCCESS;
1164 }
1165 
1166 
1167 /*
1168  * @implemented
1169  */
1170 NTSTATUS
1171 NTAPI
1174 {
1176  NTSTATUS Status;
1177  PAGED_CODE();
1178 
1179  /* Fail, if we don not have a callback routine */
1180  if (CallbackRoutine == NULL)
1181  return STATUS_INVALID_PARAMETER;
1182 
1183  /* Acquire the database lock */
1185 
1186  /* Loop all registered notification items */
1187  for (Current = SepLogonNotifications;
1188  Current != NULL;
1189  Current = Current->Next)
1190  {
1191  /* Check if the callback routine matches the provided one */
1192  if (Current->CallbackRoutine == CallbackRoutine)
1193  break;
1194 
1195  Previous = Current;
1196  }
1197 
1198  if (Current == NULL)
1199  {
1201  }
1202  else
1203  {
1204  /* Remove the current notification item from the list */
1205  if (Previous == NULL)
1206  SepLogonNotifications = Current->Next;
1207  else
1208  Previous->Next = Current->Next;
1209 
1210  /* Free the current notification item */
1211  ExFreePoolWithTag(Current,
1213 
1215  }
1216 
1217  /* Release the database lock */
1219 
1220  return Status;
1221 }
IN CINT OUT PVOID IN ULONG OUT PULONG ResultLength
Definition: conport.c:47
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
const uint16_t * PCWSTR
Definition: typedefs.h:55
#define IN
Definition: typedefs.h:38
NTSYSAPI NTSTATUS NTAPI ZwListenPort(_In_ HANDLE PortHandle, _In_ PPORT_MESSAGE ConnectionRequest)
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
HANDLE SeRmCommandPort
Definition: srm.c:18
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION SEP_LOGON_SESSION_TERMINATED_NOTIFICATION
KAPC_STATE
Definition: ketypes.h:1273
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOLEAN NTAPI SeRmInitPhase0(VOID)
Definition: srm.c:155
BOOLEAN SepAdtAuditingEnabled
Definition: srm.c:63
NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification(IN PLUID LogonId)
Definition: srm.c:1120
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:193
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PULONG _In_ BOOLEAN RestartScan
Definition: fltkernel.h:2298
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
NTSTATUS NTAPI SepRegQueryHelper(PCWSTR KeyName, PCWSTR ValueName, ULONG ValueType, ULONG DataLength, PVOID ValueData)
Definition: srm.c:79
NTSYSAPI NTSTATUS NTAPI ZwCompleteConnectPort(_In_ HANDLE PortHandle)
#define REG_BINARY
Definition: nt_native.h:1496
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:317
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
VOID FASTCALL ObfDereferenceDeviceMap(IN PDEVICE_MAP DeviceMap)
Definition: devicemap.c:477
NTSTATUS NTAPI SeGetLogonIdDeviceMap(IN PLUID LogonId, OUT PDEVICE_MAP *DeviceMap)
Definition: srm.c:966
NTSYSAPI NTSTATUS NTAPI ZwAcceptConnectPort(_Out_ PHANDLE PortHandle, _In_opt_ PVOID PortContext, _In_ PPORT_MESSAGE ConnectionRequest, _In_ BOOLEAN AcceptConnection, _In_opt_ PPORT_VIEW ServerView, _In_opt_ PREMOTE_PORT_VIEW ClientView)
_In_ PCWSTR _In_z_ PCWSTR _In_ ULONG ValueType
Definition: rtlfuncs.h:4016
ULONG SepAdtMinListLength
Definition: srm.c:64
LONG NTSTATUS
Definition: precomp.h:26
static HANDLE DirectoryHandle
Definition: ObType.c:48
NTSYSAPI NTSTATUS NTAPI ZwOpenDirectoryObject(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
static NTSTATUS SepRmCreateLogonSession(PLUID LogonLuid)
Definition: srm.c:306
#define OBJ_PERMANENT
Definition: winternl.h:226
ULONG SectionOffset
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
#define NT_VERIFY(exp)
Definition: rtlfuncs.h:3289
NTSTATUS SepRmReferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:381
PVOID SepCommandPortViewRemoteBase
Definition: srm.c:58
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
#define PAGED_CODE()
Definition: video.h:57
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
BOOLEAN FASTCALL ObReferenceObjectSafe(IN PVOID Object)
Definition: obref.c:24
struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION * PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION
uint32_t ULONG_PTR
Definition: typedefs.h:63
PVOID SepCommandPortViewBase
Definition: srm.c:57
_Must_inspect_result_ _In_ PFLT_GET_OPERATION_STATUS_CALLBACK CallbackRoutine
Definition: fltkernel.h:1035
#define OBJ_OPENIF
Definition: winternl.h:229
_In_ PUNICODE_STRING ValueName
Definition: cmfuncs.h:264
#define SECTION_ALL_ACCESS
Definition: nt_native.h:1293
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
VOID NTAPI SepRmCommandServerThread(PVOID StartContext)
Definition: srm.c:860
ULONG SepAdtMaxListLength
Definition: srm.c:65
#define TAG_SE_DIR_BUFFER
Definition: tag.h:182
ULONG_PTR SepCommandPortViewBaseOffset
Definition: srm.c:59
static HANDLE SepRmCommandMessagePort
Definition: srm.c:61
#define SEC_COMMIT
Definition: mmtypes.h:99
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
PEPROCESS PsInitialSystemProcess
Definition: psmgr.c:50
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
Definition: procobj.c:701
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
NTSTATUS NTAPI ObSetDirectoryDeviceMap(OUT PDEVICE_MAP *DeviceMap, IN HANDLE DirectoryHandle)
Definition: devicemap.c:149
#define GENERIC_WRITE
Definition: nt_native.h:90
PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
Definition: srm.c:38
struct NameRec_ * Name
Definition: cdprocs.h:464
#define PsGetCurrentProcess
Definition: psfuncs.h:17
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
unsigned char BOOLEAN
LPC_PVOID ViewRemoteBase
UCHAR SeAuditingState[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: srm.c:68
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
smooth NULL
Definition: ftsmooth.c:416
#define STATUS_LOGON_SESSION_EXISTS
Definition: ntstatus.h:460
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
void DPRINT(...)
Definition: polytest.cpp:61
static NTSTATUS SepRmSetAuditEvent(PSEP_RM_API_MESSAGE Message)
Definition: srm.c:277
Definition: bufpool.h:45
BOOL WINAPI ReplyMessage(_In_ LRESULT)
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: srm.c:67
BOOLEAN NTAPI SepRmCommandServerThreadInit(VOID)
Definition: srm.c:718
NTSYSAPI NTSTATUS NTAPI ZwConnectPort(_Out_ PHANDLE PortHandle, _In_ PUNICODE_STRING PortName, _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQos, _In_opt_ PPORT_VIEW ClientView, _In_opt_ PREMOTE_PORT_VIEW ServerView, _In_opt_ PULONG MaxMessageLength, _In_opt_ PVOID ConnectionInformation, _In_opt_ PULONG ConnectionInformationLength)
#define STATUS_NOT_FOUND
Definition: shellext.h:72
#define STATUS_OBJECT_TYPE_MISMATCH
Definition: ntstatus.h:259
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define SEP_LOGON_NOTIFICATION_TAG
Definition: srm.c:23
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
DWORD LowPart
LPC_SIZE_T ViewSize
NTSYSAPI NTSTATUS NTAPI ZwCreateSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PUNICODE_STRING Name)
NTSTATUS(NTAPI * PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId)
Definition: setypes.h:1209
LUID SeAnonymousAuthenticationId
Definition: token.c:39
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:311
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: srm.c:27
PVOID HANDLE
Definition: typedefs.h:71
LUID SeSystemAuthenticationId
Definition: token.c:38
#define TAG_SE_HANDLES_TAB
Definition: tag.h:181
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
CHAR Message[80]
Definition: alive.c:5
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
unsigned char UCHAR
Definition: xmlstorage.h:181
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3376
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION SepLogonNotifications
Definition: srm.c:72
static const WCHAR L[]
Definition: oid.c:1250
LONG HighPart
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
NTSTATUS SepCleanupLUIDDeviceMapDirectory(PLUID LogonLuid)
Definition: srm.c:421
ULONG LowPart
Definition: typedefs.h:104
WCHAR TargetName[256]
Definition: arping.c:27
#define PAGE_SIZE
Definition: env_spec_w32.h:49
HANDLE SeLsaInitEvent
Definition: srm.c:55
NTSYSAPI NTSTATUS NTAPI ZwReplyWaitReceivePort(_In_ HANDLE PortHandle, _Out_opt_ PVOID *PortContext, _In_opt_ PPORT_MESSAGE ReplyMessage, _Out_ PPORT_MESSAGE ReceiveMessage)
Definition: typedefs.h:117
KPROCESS Pcb
Definition: pstypes.h:1193
static const WCHAR Cleanup[]
Definition: register.c:80
PDEVICE_MAP pDeviceMap
Definition: srm.c:31
Status
Definition: gdiplustypes.h:24
struct _SEP_LOGON_SESSION_REFERENCES SEP_LOGON_SESSION_REFERENCES
static NTSTATUS SepRmDeleteLogonSession(PLUID LogonLuid)
Definition: srm.c:368
_Check_return_ _CRTIMP int __cdecl wcscmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
static VOID SepAdtInitializeBounds(VOID)
Definition: srm.c:238
LPC_PVOID ViewBase
VOID FASTCALL KeInitializeGuardedMutex(OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:31
#define SEP_LOGON_SESSION_TAG
Definition: srm.c:22
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
Definition: procobj.c:753
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION * Next
Definition: srm.c:37
#define PORT_MAXIMUM_MESSAGE_LENGTH
Definition: iotypes.h:1986
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:71
NTSTATUS NTAPI PsCreateSystemThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:602
_Out_ PKAPC_STATE ApcState
Definition: mm.h:1492
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
unsigned int * PULONG
Definition: retypes.h:1
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define DPRINT1
Definition: precomp.h:8
#define OUT
Definition: typedefs.h:39
LIST_ENTRY TokenList
Definition: srm.c:32
BOOLEAN NTAPI SeRmInitPhase1(VOID)
Definition: srm.c:182
struct tagContext Context
Definition: acpixf.h:1030
unsigned int ULONG
Definition: retypes.h:1
#define DIRECTORY_QUERY
Definition: nt_native.h:1254
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNIMPLEMENTED
Definition: debug.h:114
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Definition: srm.c:1172
NTSYSAPI NTSTATUS NTAPI ZwCreatePort(_Out_ PHANDLE PortHandle, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ ULONG MaxConnectionInfoLength, _In_ ULONG MaxMessageLength, _In_ ULONG MaxPoolUsage)
LPC_HANDLE SectionHandle
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Definition: srm.c:1133
_Must_inspect_result_ _Out_writes_to_ DataLength PHIDP_DATA _Inout_ PULONG DataLength
Definition: hidpi.h:333
NTSTATUS SepRmDereferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:664
return STATUS_SUCCESS
Definition: btrfs.c:2938
#define REG_DWORD
Definition: sdbapi.c:596
NTSYSAPI NTSTATUS NTAPI ZwMakeTemporaryObject(_In_ HANDLE Handle)
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
NTSYSAPI NTSTATUS NTAPI ZwOpenSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
LONGLONG QuadPart
Definition: typedefs.h:112
UNICODE_STRING TypeName
Definition: obtypes.h:279
struct _SEP_LOGON_SESSION_REFERENCES * PSEP_LOGON_SESSION_REFERENCES
#define PAGE_READWRITE
Definition: nt_native.h:1304
IN PUNICODE_STRING PortName
Definition: conport.c:35
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:70
#define NT_ASSERT
Definition: rtlfuncs.h:3312