ReactOS  0.4.15-dev-3723-g8d70159
Classes | Macros | Typedefs | Functions | Variables
se.h File Reference

Go to the source code of this file.

Classes

struct  _KNOWN_ACE
 
struct  _KNOWN_OBJECT_ACE
 
struct  _KNOWN_COMPOUND_ACE
 
struct  _TOKEN_AUDIT_POLICY_INFORMATION
 

Macros

#define SepAcquireTokenLockExclusive(Token)
 
#define SepAcquireTokenLockShared(Token)
 
#define SepReleaseTokenLock(Token)
 

Typedefs

typedef struct _KNOWN_ACE KNOWN_ACE
 
typedef struct _KNOWN_ACEPKNOWN_ACE
 
typedef struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE
 
typedef struct _KNOWN_OBJECT_ACEPKNOWN_OBJECT_ACE
 
typedef struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE
 
typedef struct _KNOWN_COMPOUND_ACEPKNOWN_COMPOUND_ACE
 
typedef struct _TOKEN_AUDIT_POLICY_INFORMATION TOKEN_AUDIT_POLICY_INFORMATION
 
typedef struct _TOKEN_AUDIT_POLICY_INFORMATIONPTOKEN_AUDIT_POLICY_INFORMATION
 

Functions

FORCEINLINE PSID SepGetGroupFromDescriptor (_Inout_ PVOID _Descriptor)
 
FORCEINLINE PSID SepGetOwnerFromDescriptor (_Inout_ PVOID _Descriptor)
 
FORCEINLINE PACL SepGetDaclFromDescriptor (_Inout_ PVOID _Descriptor)
 
FORCEINLINE PACL SepGetSaclFromDescriptor (_Inout_ PVOID _Descriptor)
 
BOOLEAN NTAPI SepTokenIsOwner (_In_ PACCESS_TOKEN _Token, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN TokenLocked)
 Checks if a token belongs to the main user, being the owner. More...
 
BOOLEAN NTAPI SepSidInToken (_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
 Checks if a SID is present in a token. More...
 
BOOLEAN NTAPI SepSidInTokenEx (_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
 Checks if a SID is present in a token. More...
 
BOOLEAN NTAPI SeTokenCanImpersonate (_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 Ensures that client impersonation can occur by checking if the token we're going to assign as the impersonation token can be actually impersonated in the first place. The routine is used primarily by PsImpersonateClient. More...
 
BOOLEAN NTAPI SeInitSystem (VOID)
 Main security manager initialization function. More...
 
VOID NTAPI SepInitPrivileges (VOID)
 Initializes the privileges during the startup phase of the security manager module. This function serves as a placeholder as it currently does nothing. More...
 
BOOLEAN NTAPI SepInitSecurityIDs (VOID)
 Initializes all the SIDs known in the system. More...
 
BOOLEAN NTAPI SepInitDACLs (VOID)
 Initializes known discretionary access control lists in the system upon kernel and Executive initialization procedure. More...
 
BOOLEAN NTAPI SepInitSDs (VOID)
 Initializes the known security descriptors in the system. More...
 
BOOLEAN NTAPI SeRmInitPhase0 (VOID)
 Manages the phase 0 initialization of the security reference monitoring module of the kernel. More...
 
BOOLEAN NTAPI SeRmInitPhase1 (VOID)
 Manages the phase 1 initialization of the security reference monitoring module of the kernel. More...
 
VOID NTAPI SeDeassignPrimaryToken (_Inout_ PEPROCESS Process)
 Removes the primary token of a process. More...
 
NTSTATUS NTAPI SeSubProcessToken (_In_ PTOKEN Parent, _Out_ PTOKEN *Token, _In_ BOOLEAN InUse, _In_ ULONG SessionId)
 Subtracts a token in exchange of duplicating a new one. More...
 
NTSTATUS NTAPI SeInitializeProcessAuditName (_In_ PFILE_OBJECT FileObject, _In_ BOOLEAN DoAudit, _Out_ POBJECT_NAME_INFORMATION *AuditInfo)
 Initializes a process audit name and returns it to the caller. More...
 
NTSTATUS NTAPI SeCreateAccessStateEx (_In_ PETHREAD Thread, _In_ PEPROCESS Process, _In_ OUT PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeIsTokenChild (_In_ PTOKEN Token, _Out_ PBOOLEAN IsChild)
 Checks if the token is a child of the other token of the current process that the calling thread is invoking this function. More...
 
NTSTATUS NTAPI SeIsTokenSibling (_In_ PTOKEN Token, _Out_ PBOOLEAN IsSibling)
 Checks if the token is a sibling of the other token of the current process that the calling thread is invoking this function. More...
 
NTSTATUS NTAPI SepCreateImpersonationTokenDacl (_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
 Allocates a discretionary access control list based on certain properties of a regular and primary access tokens. More...
 
NTSTATUS NTAPI SepRmInsertLogonSessionIntoToken (_Inout_ PTOKEN Token)
 Inserts a logon session into an access token specified by the caller. More...
 
NTSTATUS NTAPI SepRmRemoveLogonSessionFromToken (_Inout_ PTOKEN Token)
 Removes a logon session from an access token. More...
 
VOID NTAPI SepInitializeTokenImplementation (VOID)
 Internal function that initializes critical kernel data for access token implementation in SRM. More...
 
PTOKEN NTAPI SepCreateSystemProcessToken (VOID)
 Creates the system process token. More...
 
PTOKEN SepCreateSystemAnonymousLogonToken (VOID)
 Creates the anonymous logon token for the system. The difference between this token and the other one is the inclusion of everyone SID group (being SeWorldSid). The other token lacks such group. More...
 
PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone (VOID)
 Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID group (being SeWorldSid). More...
 
BOOLEAN NTAPI SeDetailedAuditingWithToken (_In_ PTOKEN Token)
 Peforms a detailed security auditing with an access token. More...
 
VOID NTAPI SeAuditProcessExit (_In_ PEPROCESS Process)
 Peforms a security auditing against a process that is about to be terminated. More...
 
VOID NTAPI SeAuditProcessCreate (_In_ PEPROCESS Process)
 Peforms a security auditing against a process that is about to be created. More...
 
NTSTATUS NTAPI SeExchangePrimaryToken (_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
 Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new access token. The new access token must be a primary token for use. More...
 
VOID NTAPI SeCaptureSubjectContextEx (_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 An extended function that captures the security subject context based upon the specified thread and process. More...
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
 Releases a LUID with attributes structure. More...
 
BOOLEAN NTAPI SepPrivilegeCheck (_In_ PTOKEN Token, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_ ULONG PrivilegeCount, _In_ ULONG PrivilegeControl, _In_ KPROCESSOR_MODE PreviousMode)
 Checks the privileges pointed by Privileges array argument if they exist and match with the privileges from an access token. More...
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 Checks the security policy and returns a set of privileges based upon the said security policy context. More...
 
BOOLEAN NTAPI SeCheckPrivilegedObject (_In_ LUID PrivilegeValue, _In_ HANDLE ObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE PreviousMode)
 Checks a privileged object if such object has the specific privilege submitted by the caller. More...
 
NTSTATUS NTAPI SepDuplicateToken (_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
 Duplicates an access token, from an existing valid token. More...
 
NTSTATUS NTAPI SepCaptureSecurityQualityOfService (_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
 Captures the security quality of service data given the object attributes from an object. More...
 
VOID NTAPI SepReleaseSecurityQualityOfService (_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases (frees) the captured SQOS data from an object in the memory pool. More...
 
NTSTATUS NTAPI SepCaptureSid (_In_ PSID InputSid, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID *CapturedSid)
 Captures a SID. More...
 
VOID NTAPI SepReleaseSid (_In_ PSID CapturedSid, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases a captured SID. More...
 
NTSTATUS NTAPI SeCaptureSidAndAttributesArray (_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
 Captures a SID with attributes. More...
 
VOID NTAPI SeReleaseSidAndAttributesArray (_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases a captured SID with attributes. More...
 
NTSTATUS NTAPI SeComputeQuotaInformationSize (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PULONG QuotaInfoSize)
 
NTSTATUS NTAPI SepCaptureAcl (_In_ PACL InputAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PACL *CapturedAcl)
 Captures an access control list from an already valid input ACL. More...
 
VOID NTAPI SepReleaseAcl (_In_ PACL CapturedAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 Releases (frees) a captured ACL from the memory pool. More...
 
NTSTATUS SepPropagateAcl (_Out_writes_bytes_opt_(DaclLength) PACL AclDest, _Inout_ PULONG AclLength, _In_reads_bytes_(AclSource->AclSize) PACL AclSource, _In_ PSID Owner, _In_ PSID Group, _In_ BOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 
PACL SepSelectAcl (_In_opt_ PACL ExplicitAcl, _In_ BOOLEAN ExplicitPresent, _In_ BOOLEAN ExplicitDefaulted, _In_opt_ PACL ParentAcl, _In_opt_ PACL DefaultAcl, _Out_ PULONG AclLength, _In_ PSID Owner, _In_ PSID Group, _Out_ PBOOLEAN AclPresent, _Out_ PBOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 Selects an ACL and returns it to the caller. More...
 
NTSTATUS NTAPI SeDefaultObjectMethod (_In_ PVOID Object, _In_ SECURITY_OPERATION_CODE OperationType, _In_ PSECURITY_INFORMATION SecurityInformation, _Inout_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_opt_ PULONG ReturnLength, _Inout_opt_ PSECURITY_DESCRIPTOR *OldSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeSetWorldSecurityDescriptor (_In_ SECURITY_INFORMATION SecurityInformation, _In_ PISECURITY_DESCRIPTOR SecurityDescriptor, _In_ PULONG BufferLength)
 Sets a "World" security descriptor. More...
 
NTSTATUS NTAPI SeCopyClientToken (_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
 Copies an existing access token (technically duplicating a new one). More...
 
NTSTATUS NTAPI SepRegQueryHelper (_In_ PCWSTR KeyName, _In_ PCWSTR ValueName, _In_ ULONG ValueType, _In_ ULONG DataLength, _Out_ PVOID ValueData)
 A private registry helper that returns the desired value data based on the specifics requested by the caller. More...
 
VOID NTAPI SeQuerySecurityAccessMask (_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
 Queries the access mask from a security information context. More...
 
VOID NTAPI SeSetSecurityAccessMask (_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
 Sets the access mask for a security information context. More...
 
BOOLEAN NTAPI SeFastTraverseCheck (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE AccessMode)
 Determines whether security access rights can be given to an object depending on the security descriptor. Unlike the regular access check procedure in the NT kernel, the fast traverse check is a faster way to quickly check if access can be made into an object. More...
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 Checks a single privilege and performs an audit against a privileged service based on a security subject context. More...
 
VOID NTAPI SePrivilegedServiceAuditAlarm (_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
 Performs an audit alarm to a privileged service request. More...
 
NTSTATUS SepRmReferenceLogonSession (_Inout_ PLUID LogonLuid)
 
NTSTATUS SepRmDereferenceLogonSession (_Inout_ PLUID LogonLuid)
 
NTSTATUS NTAPI SeGetLogonIdDeviceMap (_In_ PLUID LogonId, _Out_ PDEVICE_MAP *DeviceMap)
 Retrieves the DOS device map from a logon session. More...
 

Variables

SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
 
PSID SeNullSid
 
PSID SeWorldSid
 
PSID SeLocalSid
 
PSID SeCreatorOwnerSid
 
PSID SeCreatorGroupSid
 
PSID SeCreatorOwnerServerSid
 
PSID SeCreatorGroupServerSid
 
PSID SeNtAuthoritySid
 
PSID SeDialupSid
 
PSID SeNetworkSid
 
PSID SeBatchSid
 
PSID SeInteractiveSid
 
PSID SeServiceSid
 
PSID SeAnonymousLogonSid
 
PSID SePrincipalSelfSid
 
PSID SeLocalSystemSid
 
PSID SeAuthenticatedUserSid
 
PSID SeRestrictedCodeSid
 
PSID SeAliasAdminsSid
 
PSID SeAliasUsersSid
 
PSID SeAliasGuestsSid
 
PSID SeAliasPowerUsersSid
 
PSID SeAliasAccountOpsSid
 
PSID SeAliasSystemOpsSid
 
PSID SeAliasPrintOpsSid
 
PSID SeAliasBackupOpsSid
 
PSID SeAuthenticatedUsersSid
 
PSID SeRestrictedSid
 
PSID SeLocalServiceSid
 
PSID SeNetworkServiceSid
 
const LUID SeCreateTokenPrivilege
 
const LUID SeAssignPrimaryTokenPrivilege
 
const LUID SeLockMemoryPrivilege
 
const LUID SeIncreaseQuotaPrivilege
 
const LUID SeUnsolicitedInputPrivilege
 
const LUID SeTcbPrivilege
 
const LUID SeSecurityPrivilege
 
const LUID SeTakeOwnershipPrivilege
 
const LUID SeLoadDriverPrivilege
 
const LUID SeSystemProfilePrivilege
 
const LUID SeSystemtimePrivilege
 
const LUID SeProfileSingleProcessPrivilege
 
const LUID SeIncreaseBasePriorityPrivilege
 
const LUID SeCreatePagefilePrivilege
 
const LUID SeCreatePermanentPrivilege
 
const LUID SeBackupPrivilege
 
const LUID SeRestorePrivilege
 
const LUID SeShutdownPrivilege
 
const LUID SeDebugPrivilege
 
const LUID SeAuditPrivilege
 
const LUID SeSystemEnvironmentPrivilege
 
const LUID SeChangeNotifyPrivilege
 
const LUID SeRemoteShutdownPrivilege
 
const LUID SeUndockPrivilege
 
const LUID SeSyncAgentPrivilege
 
const LUID SeEnableDelegationPrivilege
 
const LUID SeManageVolumePrivilege
 
const LUID SeImpersonatePrivilege
 
const LUID SeCreateGlobalPrivilege
 
const LUID SeTrustedCredmanPrivilege
 
const LUID SeRelabelPrivilege
 
const LUID SeIncreaseWorkingSetPrivilege
 
const LUID SeTimeZonePrivilege
 
const LUID SeCreateSymbolicLinkPrivilege
 
PACL SePublicDefaultUnrestrictedDacl
 
PACL SePublicOpenDacl
 
PACL SePublicOpenUnrestrictedDacl
 
PACL SeUnrestrictedDacl
 
PACL SeSystemAnonymousLogonDacl
 
PSECURITY_DESCRIPTOR SePublicDefaultSd
 
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
 
PSECURITY_DESCRIPTOR SePublicOpenSd
 
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
 
PSECURITY_DESCRIPTOR SeSystemDefaultSd
 
PSECURITY_DESCRIPTOR SeUnrestrictedSd
 
PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
 
PTOKEN SeAnonymousLogonToken
 
PTOKEN SeAnonymousLogonTokenNoEveryone
 

Macro Definition Documentation

◆ SepAcquireTokenLockExclusive

#define SepAcquireTokenLockExclusive (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceExclusiveLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:207

Definition at line 220 of file se.h.

◆ SepAcquireTokenLockShared

#define SepAcquireTokenLockShared (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceSharedLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:207

Definition at line 225 of file se.h.

◆ SepReleaseTokenLock

#define SepReleaseTokenLock (   Token)
Value:
{ \
ExReleaseResourceLite(((PTOKEN)Token)->TokenLock); \
KeLeaveCriticalRegion(); \
}
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:207

Definition at line 231 of file se.h.

Typedef Documentation

◆ KNOWN_ACE

typedef struct _KNOWN_ACE KNOWN_ACE

◆ KNOWN_COMPOUND_ACE

typedef struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE

◆ KNOWN_OBJECT_ACE

typedef struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE

◆ PKNOWN_ACE

typedef struct _KNOWN_ACE * PKNOWN_ACE

◆ PKNOWN_COMPOUND_ACE

typedef struct _KNOWN_COMPOUND_ACE * PKNOWN_COMPOUND_ACE

◆ PKNOWN_OBJECT_ACE

typedef struct _KNOWN_OBJECT_ACE * PKNOWN_OBJECT_ACE

◆ PTOKEN_AUDIT_POLICY_INFORMATION

typedef struct _TOKEN_AUDIT_POLICY_INFORMATION * PTOKEN_AUDIT_POLICY_INFORMATION

◆ TOKEN_AUDIT_POLICY_INFORMATION

typedef struct _TOKEN_AUDIT_POLICY_INFORMATION TOKEN_AUDIT_POLICY_INFORMATION

Function Documentation

◆ SeAuditProcessCreate()

VOID NTAPI SeAuditProcessCreate ( _In_ PEPROCESS  Process)

Peforms a security auditing against a process that is about to be created.

@unimplemented

Parameters
[in]ProcessAn object that points to a process which is in process of creation.
Returns
Nothing.

Definition at line 56 of file audit.c.

58 {
59  /* FIXME */
60 }

Referenced by PspCreateProcess().

◆ SeAuditProcessExit()

VOID NTAPI SeAuditProcessExit ( _In_ PEPROCESS  Process)

Peforms a security auditing against a process that is about to be terminated.

@unimplemented

Parameters
[in]ProcessAn object that points to a process which is in process of termination.
Returns
Nothing.

Definition at line 77 of file audit.c.

79 {
80  /* FIXME */
81 }

Referenced by PspExitThread().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( _In_ PLUID_AND_ATTRIBUTES  Src,
_In_ ULONG  PrivilegeCount,
_In_ KPROCESSOR_MODE  PreviousMode,
_In_ PLUID_AND_ATTRIBUTES  AllocatedMem,
_In_ ULONG  AllocatedLength,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PLUID_AND_ATTRIBUTES Dest,
_Inout_ PULONG  Length 
)

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtFilterToken().

◆ SeCaptureSidAndAttributesArray()

NTSTATUS NTAPI SeCaptureSidAndAttributesArray ( _In_ PSID_AND_ATTRIBUTES  SrcSidAndAttributes,
_In_ ULONG  AttributeCount,
_In_ KPROCESSOR_MODE  PreviousMode,
_In_opt_ PVOID  AllocatedMem,
_In_ ULONG  AllocatedLength,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
_Out_ PULONG  ResultLength 
)

Captures a SID with attributes.

Parameters
[in]SrcSidAndAttributesSource of the SID with attributes to be captured.
[in]AttributeCountThe number count of attributes, in total.
[in]PreviousModeProcessor access level mode.
[in]AllocatedMemThe allocated memory buffer for the captured SID. If the caller supplies no allocated block of memory then the function will allocate some buffer block of memory for the captured SID automatically.
[in]AllocatedLengthThe length of the buffer that points to the allocated memory, in bytes.
[in]PoolTypeThe pool type for the captured SID and attributes to assign.
[in]CaptureIfKernelIf set to TRUE, the capturing is done within the kernel. Otherwise the capturing is done in a kernel mode driver.
[out]CapturedSidAndAttributesThe captured SID and attributes.
[out]ResultLengthThe length of the captured SID and attributes, in bytes.
Returns
Returns STATUS_SUCCESS if SID and attributes capturing has been completed successfully. STATUS_INVALID_PARAMETER is returned if the count of attributes exceeds the maximum threshold that the kernel can permit, with the purpose of avoiding integer overflows. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the captured SID has failed. STATUS_BUFFER_TOO_SMALL is returned if the length of the allocated buffer is less than the required size. STATUS_INVALID_SID is returned if a SID doesn't meet certain requirements to be considered a valid SID by the security manager. A failure NTSTATUS code is returned otherwise.
Remarks
A security identifier (SID) is a variable-length data structure that can change in size over time, depending on the factors that influence this effect in question. An attacker can take advantage of this fact and can potentially modify certain properties of a SID making it different in size than it was originally before. This is what we'd call, a TOCTOU vulnerability.

For this reason, the logic of copying the SIDs and their attributes into a new buffer goes like this: first, allocate a buffer array that just holds the lengths and subauthority count of each SID. Such information is copied in the first loop. Then in a second loop, iterate over the array with SID provided and copy them into the final array. The moment we're doing this, validate the lengths of each SID basing upon the captured lengths we've got before. In this way we ensure that the SIDs have remained intact. The validation checks are done in user mode as a general rule that we just cannot trust UM and whatever data is coming from it.

Definition at line 485 of file sid.c.

495 {
496  ULONG ArraySize, RequiredLength, SidLength, i;
497  ULONG TempArrayValidate, TempLengthValidate;
498  PSID_AND_ATTRIBUTES SidAndAttributes;
499  _SEH2_VOLATILE PSID_VALIDATE ValidateArray;
500  PUCHAR CurrentDest;
501  PISID Sid;
502  NTSTATUS Status;
503  PAGED_CODE();
504 
505  ValidateArray = NULL;
506  SidAndAttributes = NULL;
507  *CapturedSidAndAttributes = NULL;
508  *ResultLength = 0;
509 
510  if (AttributeCount == 0)
511  {
512  return STATUS_SUCCESS;
513  }
514 
515  if (AttributeCount > SE_MAXIMUM_GROUP_LIMIT)
516  {
517  DPRINT1("SeCaptureSidAndAttributesArray(): Maximum group limit exceeded!\n");
518  return STATUS_INVALID_PARAMETER;
519  }
520 
521  if ((PreviousMode == KernelMode) && !CaptureIfKernel)
522  {
523  *CapturedSidAndAttributes = SrcSidAndAttributes;
524  return STATUS_SUCCESS;
525  }
526 
527  ArraySize = AttributeCount * sizeof(SID_AND_ATTRIBUTES);
528  RequiredLength = ALIGN_UP_BY(ArraySize, sizeof(ULONG));
529 
530  if (PreviousMode != KernelMode)
531  {
532  /* Check for user mode data */
533  _SEH2_TRY
534  {
535  /* First probe the whole array */
536  ProbeForRead(SrcSidAndAttributes, ArraySize, sizeof(ULONG));
537 
538  /* We're in user mode, set up the size for the temporary array */
539  TempArrayValidate = AttributeCount * sizeof(SID_VALIDATE);
540  TempLengthValidate = ALIGN_UP_BY(TempArrayValidate, sizeof(ULONG));
541 
542  /*
543  * Allocate a buffer for the array that we're going to
544  * temporarily hold the subauthority count and the SID
545  * elements. We'll be going to use this array to perform
546  * validation checks later.
547  */
548  ValidateArray = ExAllocatePoolWithTag(PoolType | POOL_RAISE_IF_ALLOCATION_FAILURE,
549  TempLengthValidate,
550  TAG_SID_VALIDATE);
551 
552  /* Loop the array elements */
553  for (i = 0; i < AttributeCount; i++)
554  {
555  /* Get the SID and probe the minimal structure */
556  Sid = SrcSidAndAttributes[i].Sid;
557  ProbeForRead(Sid, sizeof(*Sid), sizeof(ULONG));
558 
559  /*
560  * Capture the subauthority count and hold it
561  * into the temporary array for later validation.
562  * This way we ensure that the said count of each
563  * SID has remained the same.
564  */
565  ValidateArray[i].SubAuthorityCount = Sid->SubAuthorityCount;
566 
567  /* Capture the SID */
568  ValidateArray[i].ProbeSid = Sid;
569 
570  /* Calculate the SID length and probe the full SID */
571  SidLength = RtlLengthRequiredSid(ValidateArray[i].SubAuthorityCount);
572  ProbeForRead(ValidateArray[i].ProbeSid, SidLength, sizeof(ULONG));
573 
574  /* Add the aligned length to the required length */
575  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
576  }
577  }
578  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
579  {
580  Status = _SEH2_GetExceptionCode();
581  _SEH2_YIELD(goto Cleanup);
582  }
583  _SEH2_END;
584  }
585  else
586  {
587  /* Loop the array elements */
588  for (i = 0; i < AttributeCount; i++)
589  {
590  /* Get the SID and it's length */
591  Sid = SrcSidAndAttributes[i].Sid;
592  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
593 
594  /* Add the aligned length to the required length */
595  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
596  }
597  }
598 
599  /* Assume success */
600  Status = STATUS_SUCCESS;
601  *ResultLength = RequiredLength;
602 
603  /* Check if we have no buffer */
604  if (AllocatedMem == NULL)
605  {
606  /* Allocate a new buffer */
607  SidAndAttributes = ExAllocatePoolWithTag(PoolType,
608  RequiredLength,
609  TAG_SID_AND_ATTRIBUTES);
610  if (SidAndAttributes == NULL)
611  {
612  DPRINT1("SeCaptureSidAndAttributesArray(): Failed to allocate memory for SID and attributes array (requested size -> %lu)!\n", RequiredLength);
613  Status = STATUS_INSUFFICIENT_RESOURCES;
614  goto Cleanup;
615  }
616  }
617  /* Otherwise check if the buffer is large enough */
618  else if (AllocatedLength >= RequiredLength)
619  {
620  /* Buffer is large enough, use it */
621  SidAndAttributes = AllocatedMem;
622  }
623  else
624  {
625  /* Buffer is too small, fail */
626  DPRINT1("SeCaptureSidAndAttributesArray(): The provided buffer is small (expected size -> %lu || current size -> %lu)!\n", RequiredLength, AllocatedLength);
627  Status = STATUS_BUFFER_TOO_SMALL;
628  goto Cleanup;
629  }
630 
631  *CapturedSidAndAttributes = SidAndAttributes;
632 
633  /* Check again for user mode */
634  if (PreviousMode != KernelMode)
635  {
636  _SEH2_TRY
637  {
638  /* The rest of the data starts after the array */
639  CurrentDest = (PUCHAR)SidAndAttributes;
640  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
641 
642  /* Loop the array elements */
643  for (i = 0; i < AttributeCount; i++)
644  {
645  /*
646  * Get the SID length from the subauthority
647  * count we've captured before.
648  */
649  SidLength = RtlLengthRequiredSid(ValidateArray[i].SubAuthorityCount);
650 
651  /* Copy attributes */
652  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
653 
654  /* Copy the SID to the current destination address */
655  SidAndAttributes[i].Sid = (PSID)CurrentDest;
656  RtlCopyMemory(CurrentDest, ValidateArray[i].ProbeSid, SidLength);
657 
658  /* Obtain the SID we've captured before for validation */
659  Sid = SidAndAttributes[i].Sid;
660 
661  /* Validate that the subauthority count hasn't changed */
662  if (ValidateArray[i].SubAuthorityCount !=
663  Sid->SubAuthorityCount)
664  {
665  /* It's changed, bail out */
666  DPRINT1("SeCaptureSidAndAttributesArray(): The subauthority counts have changed (captured count -> %u || current count -> %u)\n",
667  ValidateArray[i].SubAuthorityCount, Sid->SubAuthorityCount);
668  Status = STATUS_INVALID_SID;
669  goto Cleanup;
670  }
671 
672  /* Validate that the SID length is the same */
673  if (SidLength != RtlLengthSid(Sid))
674  {
675  /* They're no longer the same, bail out */
676  DPRINT1("SeCaptureSidAndAttributesArray(): The SID lengths have changed (captured length -> %lu || current length -> %lu)\n",
677  SidLength, RtlLengthSid(Sid));
678  Status = STATUS_INVALID_SID;
679  goto Cleanup;
680  }
681 
682  /* Check that the SID is valid */
683  if (!RtlValidSid(Sid))
684  {
685  DPRINT1("SeCaptureSidAndAttributesArray(): The SID is not valid!\n");
686  Status = STATUS_INVALID_SID;
687  goto Cleanup;
688  }
689 
690  /* Update the current destination address */
691  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
692  }
693  }
694  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
695  {
696  Status = _SEH2_GetExceptionCode();
697  }
698  _SEH2_END;
699  }
700  else
701  {
702  /* The rest of the data starts after the array */
703  CurrentDest = (PUCHAR)SidAndAttributes;
704  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
705 
706  /* Loop the array elements */
707  for (i = 0; i < AttributeCount; i++)
708  {
709  /* Get the SID and it's length */
710  Sid = SrcSidAndAttributes[i].Sid;
711  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
712 
713  /* Copy attributes */
714  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
715 
716  /* Copy the SID to the current destination address */
717  SidAndAttributes[i].Sid = (PSID)CurrentDest;
718  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
719 
720  /* Update the current destination address */
721  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
722  }
723  }
724 
725 Cleanup:
726  /* Check for failure */
727  if (!NT_SUCCESS(Status))
728  {
729  /* Check if we allocated a new array */
730  if ((SidAndAttributes != AllocatedMem) && (SidAndAttributes != NULL))
731  {
732  /* Free the array */
733  ExFreePoolWithTag(SidAndAttributes, TAG_SID_AND_ATTRIBUTES);
734  }
735 
736  /* Set returned address to NULL */
737  *CapturedSidAndAttributes = NULL;
738  }
739 
740  /* Free the temporary validation array */
741  if ((PreviousMode != KernelMode) && (ValidateArray != NULL))
742  {
743  ExFreePoolWithTag(ValidateArray, TAG_SID_VALIDATE);
744  }
745 
746  return Status;
747 }
SE_MAXIMUM_GROUP_LIMIT
#define SE_MAXIMUM_GROUP_LIMIT
Definition: sid.c:16
TAG_SID_AND_ATTRIBUTES
#define TAG_SID_AND_ATTRIBUTES
Definition: tag.h:160
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID
Definition: ms-dtyp.idl:198
_SID_VALIDATE
Definition: sid.c:55
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
SID_VALIDATE
struct _SID_VALIDATE SID_VALIDATE
RtlLengthSid
ULONG NTAPI RtlLengthSid(IN PSID Sid_)
Definition: sid.c:150
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
STATUS_INVALID_SID
#define STATUS_INVALID_SID
Definition: ntstatus.h:356
RtlValidSid
BOOLEAN NTAPI RtlValidSid(IN PSID Sid_)
Definition: sid.c:21
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
TAG_SID_VALIDATE
#define TAG_SID_VALIDATE
Definition: tag.h:161
PSID
struct _SID * PSID
Definition: eventlog.c:35
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
SubAuthorityCount
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1486
Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80
_SEH2_VOLATILE
#define _SEH2_VOLATILE
Definition: pseh2_64.h:169
_SEH2_END
_SEH2_END
Definition: create.c:4400
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
RequiredLength
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
NULL
#define NULL
Definition: types.h:112
DPRINT1
#define DPRINT1
Definition: precomp.h:8
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
ALIGN_UP_BY
#define ALIGN_UP_BY(size, align)
Definition: GetWindowPlacement.c:13
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ResultLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
POOL_RAISE_IF_ALLOCATION_FAILURE
#define POOL_RAISE_IF_ALLOCATION_FAILURE
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAdjustGroupsToken(), NtCreateToken(), and NtFilterToken().

◆ SeCaptureSubjectContextEx()

VOID NTAPI SeCaptureSubjectContextEx ( _In_ PETHREAD  Thread,
_In_ PEPROCESS  Process,
_Out_ PSECURITY_SUBJECT_CONTEXT  SubjectContext 
)

An extended function that captures the security subject context based upon the specified thread and process.

Parameters
[in]ThreadA thread where the calling thread's token is to be referenced for the security context.
[in]ProcessA process where the main process' token is to be referenced for the security context.
[out]SubjectContextThe returned security subject context.
Returns
Nothing.

Definition at line 390 of file access.c.

394 {
395  BOOLEAN CopyOnOpen, EffectiveOnly;
396 
397  PAGED_CODE();
398 
399  /* Save the unique ID */
400  SubjectContext->ProcessAuditId = Process->UniqueProcessId;
401 
402  /* Check if we have a thread */
403  if (!Thread)
404  {
405  /* We don't, so no token */
406  SubjectContext->ClientToken = NULL;
407  }
408  else
409  {
410  /* Get the impersonation token */
411  SubjectContext->ClientToken = PsReferenceImpersonationToken(Thread,
412  &CopyOnOpen,
413  &EffectiveOnly,
414  &SubjectContext->ImpersonationLevel);
415  }
416 
417  /* Get the primary token */
418  SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
419 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849
NULL
#define NULL
Definition: types.h:112
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:401
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by SeCaptureSubjectContext(), and SeCreateAccessStateEx().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Checks a single privilege and performs an audit against a privileged service based on a security subject context.

Parameters
[in]DesiredAccessSecurity subject context used for privileged service auditing.
[in]PreviousModeProcessor level access mode.
Returns
Returns TRUE if service auditing and privilege checking tests have succeeded, FALSE otherwise.

Definition at line 360 of file priv.c.

363 {
364  PRIVILEGE_SET PrivilegeSet;
365  BOOLEAN Result;
366  PAGED_CODE();
367 
368  /* Initialize the privilege set with the single privilege */
369  PrivilegeSet.PrivilegeCount = 1;
370  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
371  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
372  PrivilegeSet.Privilege[0].Attributes = 0;
373 
374  /* Check against the primary token! */
375  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
376  &PrivilegeSet.Privilege[0],
377  1,
378  PRIVILEGE_SET_ALL_NECESSARY,
379  PreviousMode);
380 
381  if (PreviousMode != KernelMode)
382  {
383  SePrivilegedServiceAuditAlarm(NULL,
384  SubjectContext,
385  &PrivilegeSet,
386  Result);
387  }
388 
389  return Result;
390 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
_PRIVILEGE_SET
Definition: setypes.h:85
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:40
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(_In_ PTOKEN Token, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_ ULONG PrivilegeCount, _In_ ULONG PrivilegeControl, _In_ KPROCESSOR_MODE PreviousMode)
Checks the privileges pointed by Privileges array argument if they exist and match with the privilege...
Definition: priv.c:104
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Performs an audit alarm to a privileged service request.
Definition: audit.c:369
NULL
#define NULL
Definition: types.h:112
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( _In_ LUID  PrivilegeValue,
_In_ HANDLE  ObjectHandle,
_In_ ACCESS_MASK  DesiredAccess,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Checks a privileged object if such object has the specific privilege submitted by the caller.

Parameters
[in]PrivilegeValueA privilege to be checked against the one from the object.
[in]ObjectHandleA handle to any kind of object.
[in]DesiredAccessDesired access right mask requested by the caller.
[in]PreviousModeProcessor level access mode.
Returns
Returns TRUE if the privilege is present, FALSE otherwise.

Definition at line 803 of file priv.c.

808 {
809  SECURITY_SUBJECT_CONTEXT SubjectContext;
810  PRIVILEGE_SET Priv;
811  BOOLEAN Result;
812 
813  PAGED_CODE();
814 
815  SeCaptureSubjectContext(&SubjectContext);
816 
817  Priv.PrivilegeCount = 1;
818  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
819  Priv.Privilege[0].Luid = PrivilegeValue;
820  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
821 
822  Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
823  if (PreviousMode != KernelMode)
824  {
825 #if 0
826  SePrivilegeObjectAuditAlarm(ObjectHandle,
827  &SubjectContext,
828  DesiredAccess,
829  &PrivilegeValue,
830  Result,
831  PreviousMode);
832 #endif
833  }
834 
835  SeReleaseSubjectContext(&SubjectContext);
836 
837  return Result;
838 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: access.c:434
SePrivilegeObjectAuditAlarm
VOID NTAPI SePrivilegeObjectAuditAlarm(_In_ HANDLE Handle, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE CurrentMode)
Raises an audit with alarm notification message when an object tries to acquire this privilege.
Definition: audit.c:1422
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: access.c:520
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(_In_ PPRIVILEGE_SET Privileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a set of privileges exist and match within a security subject context.
Definition: priv.c:698
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:217
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtSetInformationProcess(), and NtSetInformationThread().

◆ SeComputeQuotaInformationSize()

NTSTATUS NTAPI SeComputeQuotaInformationSize ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_Out_ PULONG  QuotaInfoSize 
)

Referenced by ObpCaptureObjectCreateInformation().

◆ SeCopyClientToken()

NTSTATUS NTAPI SeCopyClientToken ( _In_ PACCESS_TOKEN  Token,
_In_ SECURITY_IMPERSONATION_LEVEL  Level,
_In_ KPROCESSOR_MODE  PreviousMode,
_Out_ PACCESS_TOKEN NewToken 
)

Copies an existing access token (technically duplicating a new one).

Parameters
[in]TokenToken to copy.
[in]LevelImpersonation security level to assign to the newly copied token.
[in]PreviousModeProcessor request level mode.
[out]NewTokenThe newly copied token.
Returns
Returns STATUS_SUCCESS when token copying has finished successfully. A failure NTSTATUS code is returned otherwise.

Definition at line 1490 of file token.c.

1495 {
1496  NTSTATUS Status;
1497  OBJECT_ATTRIBUTES ObjectAttributes;
1498 
1499  PAGED_CODE();
1500 
1501  InitializeObjectAttributes(&ObjectAttributes,
1502  NULL,
1503  0,
1504  NULL,
1505  NULL);
1506 
1507  Status = SepDuplicateToken(Token,
1508  &ObjectAttributes,
1509  FALSE,
1510  TokenImpersonation,
1511  Level,
1512  PreviousMode,
1513  (PTOKEN*)NewToken);
1514 
1515  return Status;
1516 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Level
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
SepDuplicateToken
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: token.c:995
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
NULL
#define NULL
Definition: types.h:112
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_TOKEN
Definition: setypes.h:207
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by PsImpersonateClient(), and SepCreateClientSecurity().

◆ SeCreateAccessStateEx()

NTSTATUS NTAPI SeCreateAccessStateEx ( _In_ PETHREAD  Thread,
_In_ PEPROCESS  Process,
_In_ OUT PACCESS_STATE  AccessState,
_In_ PAUX_ACCESS_DATA  AuxData,
_In_ ACCESS_MASK  Access,
_In_ PGENERIC_MAPPING  GenericMapping 
)

Referenced by PspCreateProcess(), and PspCreateThread().

◆ SeDeassignPrimaryToken()

VOID NTAPI SeDeassignPrimaryToken ( _Inout_ PEPROCESS  Process)

Removes the primary token of a process.

Parameters
[in,out]ProcessThe process instance with the access token to be removed.
Returns
Nothing.

Definition at line 794 of file token.c.

796 {
797  PTOKEN OldToken;
798 
799  /* Remove the Token */
800  OldToken = ObFastReplaceObject(&Process->Token, NULL);
801 
802  /* Mark the Old Token as free */
803  OldToken->TokenInUse = FALSE;
804 
805  /* Dereference the Token */
806  ObDereferenceObject(OldToken);
807 }
FALSE
#define FALSE
Definition: types.h:117
ObFastReplaceObject
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
_TOKEN::TokenInUse
BOOLEAN TokenInUse
Definition: setypes.h:234
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
NULL
#define NULL
Definition: types.h:112
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_TOKEN
Definition: setypes.h:207

Referenced by PspDeleteProcessSecurity(), and SeAssignPrimaryToken().

◆ SeDefaultObjectMethod()

NTSTATUS NTAPI SeDefaultObjectMethod ( _In_ PVOID  Object,
_In_ SECURITY_OPERATION_CODE  OperationType,
_In_ PSECURITY_INFORMATION  SecurityInformation,
_Inout_opt_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_Inout_opt_ PULONG  ReturnLength,
_Inout_opt_ PSECURITY_DESCRIPTOR OldSecurityDescriptor,
_In_ POOL_TYPE  PoolType,
_In_ PGENERIC_MAPPING  GenericMapping 
)

◆ SeDetailedAuditingWithToken()

BOOLEAN NTAPI SeDetailedAuditingWithToken ( _In_ PTOKEN  Token)

Peforms a detailed security auditing with an access token.

@unimplemented

Parameters
[in]TokenA valid token object.
Returns
To be added...

Definition at line 34 of file audit.c.

36 {
37  /* FIXME */
38  return FALSE;
39 }
FALSE
#define FALSE
Definition: types.h:117

Referenced by ObInitProcess(), PspCreateProcess(), and PspExitThread().

◆ SeExchangePrimaryToken()

NTSTATUS NTAPI SeExchangePrimaryToken ( _In_ PEPROCESS  Process,
_In_ PACCESS_TOKEN  NewAccessToken,
_Out_ PACCESS_TOKEN OldAccessToken 
)

Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new access token. The new access token must be a primary token for use.

Parameters
[in]ProcessThe process instance where its access token is about to be replaced.
[in]NewAccessTokenThe new token that it's going to replace the old one.
[out]OldAccessTokenThe returned old token that's been replaced, which the caller can do anything.
Returns
Returns STATUS_SUCCESS if the exchange operation between tokens has completed successfully. STATUS_BAD_TOKEN_TYPE is returned if the new token is not a primary one so that we cannot exchange it with the old one from the process. STATUS_TOKEN_ALREADY_IN_USE is returned if both tokens aren't equal which means one of them has different properties (groups, privileges, etc.) and as such one of them is currently in use. A failure NTSTATUS code is returned otherwise.

Definition at line 704 of file token.c.

708 {
709  PTOKEN OldToken;
710  PTOKEN NewToken = (PTOKEN)NewAccessToken;
711 
712  PAGED_CODE();
713 
714  if (NewToken->TokenType != TokenPrimary)
715  return STATUS_BAD_TOKEN_TYPE;
716 
717  if (NewToken->TokenInUse)
718  {
719  BOOLEAN IsEqual;
720  NTSTATUS Status;
721 
722  /* Maybe we're trying to set the same token */
723  OldToken = PsReferencePrimaryToken(Process);
724  if (OldToken == NewToken)
725  {
726  /* So it's a nop. */
727  *OldAccessToken = OldToken;
728  return STATUS_SUCCESS;
729  }
730 
731  Status = SepCompareTokens(OldToken, NewToken, &IsEqual);
732  if (!NT_SUCCESS(Status))
733  {
734  PsDereferencePrimaryToken(OldToken);
735  *OldAccessToken = NULL;
736  return Status;
737  }
738 
739  if (!IsEqual)
740  {
741  PsDereferencePrimaryToken(OldToken);
742  *OldAccessToken = NULL;
743  return STATUS_TOKEN_ALREADY_IN_USE;
744  }
745  /* Silently return STATUS_SUCCESS but do not set the new token,
746  * as it's already in use elsewhere. */
747  *OldAccessToken = OldToken;
748  return STATUS_SUCCESS;
749  }
750 
751  /* Lock the new token */
752  SepAcquireTokenLockExclusive(NewToken);
753 
754  /* Mark new token in use */
755  NewToken->TokenInUse = TRUE;
756 
757  /* Set the session ID for the new token */
758  NewToken->SessionId = MmGetSessionId(Process);
759 
760  /* Unlock the new token */
761  SepReleaseTokenLock(NewToken);
762 
763  /* Reference the new token */
764  ObReferenceObject(NewToken);
765 
766  /* Replace the old with the new */
767  OldToken = ObFastReplaceObject(&Process->Token, NewToken);
768 
769  /* Lock the old token */
770  SepAcquireTokenLockExclusive(OldToken);
771 
772  /* Mark the old token as free */
773  OldToken->TokenInUse = FALSE;
774 
775  /* Unlock the old token */
776  SepReleaseTokenLock(OldToken);
777 
778  *OldAccessToken = (PACCESS_TOKEN)OldToken;
779  return STATUS_SUCCESS;
780 }
_TOKEN::TokenType
TOKEN_TYPE TokenType
Definition: setypes.h:231
SepAcquireTokenLockExclusive
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:220
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
PACCESS_TOKEN
PVOID PACCESS_TOKEN
Definition: setypes.h:11
FALSE
#define FALSE
Definition: types.h:117
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
STATUS_BAD_TOKEN_TYPE
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:404
_TOKEN::SessionId
ULONG SessionId
Definition: setypes.h:217
Status
Status
Definition: gdiplustypes.h:24
ObFastReplaceObject
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_TOKEN::TokenInUse
BOOLEAN TokenInUse
Definition: setypes.h:234
SepCompareTokens
static NTSTATUS SepCompareTokens(_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal based on all the following properties. If all of the said conditions...
Definition: token.c:288
STATUS_TOKEN_ALREADY_IN_USE
#define STATUS_TOKEN_ALREADY_IN_USE
Definition: ntstatus.h:535
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:231
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PTOKEN
struct _TOKEN * PTOKEN
NULL
#define NULL
Definition: types.h:112
PsDereferencePrimaryToken
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:902
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
MmGetSessionId
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:179
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_TOKEN
Definition: setypes.h:207
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by PspAssignPrimaryToken().

◆ SeFastTraverseCheck()

BOOLEAN NTAPI SeFastTraverseCheck ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PACCESS_STATE  AccessState,
_In_ ACCESS_MASK  DesiredAccess,
_In_ KPROCESSOR_MODE  AccessMode 
)

Determines whether security access rights can be given to an object depending on the security descriptor. Unlike the regular access check procedure in the NT kernel, the fast traverse check is a faster way to quickly check if access can be made into an object.

Parameters
[in]SecurityDescriptorSecurity descriptor of the object that is being accessed.
[in]AccessStateAn access state to determine if the access token in the current security context of the object is an restricted token.
[in]DesiredAccessThe access right bitmask where the calling thread wants to acquire.
[in]AccessModeProcess level request mode.
Returns
Returns TRUE if access onto the specific object is allowed, FALSE otherwise.

Definition at line 601 of file accesschk.c.

606 {
607  PACL Dacl;
608  ULONG AceIndex;
609  PKNOWN_ACE Ace;
610 
611  PAGED_CODE();
612 
613  ASSERT(AccessMode != KernelMode);
614 
615  if (SecurityDescriptor == NULL)
616  return FALSE;
617 
618  /* Get DACL */
619  Dacl = SepGetDaclFromDescriptor(SecurityDescriptor);
620  /* If no DACL, grant access */
621  if (Dacl == NULL)
622  return TRUE;
623 
624  /* No ACE -> Deny */
625  if (!Dacl->AceCount)
626  return FALSE;
627 
628  /* Can't perform the check on restricted token */
629  if (AccessState->Flags & TOKEN_IS_RESTRICTED)
630  return FALSE;
631 
632  /* Browse the ACEs */
633  for (AceIndex = 0, Ace = (PKNOWN_ACE)((ULONG_PTR)Dacl + sizeof(ACL));
634  AceIndex < Dacl->AceCount;
635  AceIndex++, Ace = (PKNOWN_ACE)((ULONG_PTR)Ace + Ace->Header.AceSize))
636  {
637  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
638  continue;
639 
640  /* If access-allowed ACE */
641  if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
642  {
643  /* Check if all accesses are granted */
644  if (!(Ace->Mask & DesiredAccess))
645  continue;
646 
647  /* Check SID and grant access if matching */
648  if (RtlEqualSid(SeWorldSid, &(Ace->SidStart)))
649  return TRUE;
650  }
651  /* If access-denied ACE */
652  else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
653  {
654  /* Here, only check if it denies any access wanted and deny if so */
655  if (Ace->Mask & DesiredAccess)
656  return FALSE;
657  }
658  }
659 
660  /* Faulty, deny */
661  return FALSE;
662 }
PKNOWN_ACE
struct _KNOWN_ACE * PKNOWN_ACE
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
_KNOWN_ACE
Definition: se.h:3
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
FALSE
#define FALSE
Definition: types.h:117
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Ace
Definition: card.h:12
ASSERT
#define ASSERT(a)
Definition: mode.c:44
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1862
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
NULL
#define NULL
Definition: types.h:112
ULONG
unsigned int ULONG
Definition: retypes.h:1
SepGetDaclFromDescriptor
FORCEINLINE PACL SepGetDaclFromDescriptor(_Inout_ PVOID _Descriptor)
Definition: se.h:79
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
TOKEN_IS_RESTRICTED
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1161
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by IopParseDevice(), and ObpCheckTraverseAccess().

◆ SeGetLogonIdDeviceMap()

NTSTATUS NTAPI SeGetLogonIdDeviceMap ( _In_ PLUID  LogonId,
_Out_ PDEVICE_MAP DeviceMap 
)

Retrieves the DOS device map from a logon session.

Parameters
[in]LogonIdA valid logon session ID.
[out]DeviceMapThe returned device map buffer from the logon session.
Returns
Returns STATUS_SUCCESS if the device map could be gathered from the logon session. STATUS_INVALID_PARAMETER is returned if one of the parameters aren't initialized (that is, the caller has submitted a NULL pointer variable). STATUS_NO_SUCH_LOGON_SESSION is returned if no such session could be found. A failure NTSTATUS code is returned otherwise.

Definition at line 1347 of file srm.c.

1350 {
1351  NTSTATUS Status;
1352  WCHAR Buffer[63];
1353  PDEVICE_MAP LocalMap;
1354  HANDLE DirectoryHandle, LinkHandle;
1355  OBJECT_ATTRIBUTES ObjectAttributes;
1356  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
1357  UNICODE_STRING DirectoryName, LinkName, TargetName;
1358 
1359  PAGED_CODE();
1360 
1361  if (LogonId == NULL ||
1362  DeviceMap == NULL)
1363  {
1364  return STATUS_INVALID_PARAMETER;
1365  }
1366 
1367  /* Acquire the database lock */
1368  KeAcquireGuardedMutex(&SepRmDbLock);
1369 
1370  /* Loop all existing sessions */
1371  for (CurrentSession = SepLogonSessions;
1372  CurrentSession != NULL;
1373  CurrentSession = CurrentSession->Next)
1374  {
1375  /* Check if the LUID matches the provided one */
1376  if (RtlEqualLuid(&CurrentSession->LogonId, LogonId))
1377  {
1378  break;
1379  }
1380  }
1381 
1382  /* No session found, fail */
1383  if (CurrentSession == NULL)
1384  {
1385  /* Release the database lock */
1386  KeReleaseGuardedMutex(&SepRmDbLock);
1387 
1388  return STATUS_NO_SUCH_LOGON_SESSION;
1389  }
1390 
1391  /* The found session has a device map, return it! */
1392  if (CurrentSession->pDeviceMap != NULL)
1393  {
1394  *DeviceMap = CurrentSession->pDeviceMap;
1395 
1396  /* Release the database lock */
1397  KeReleaseGuardedMutex(&SepRmDbLock);
1398 
1399  return STATUS_SUCCESS;
1400  }
1401 
1402  /* At that point, we'll setup a new device map for the session */
1403  LocalMap = NULL;
1404 
1405  /* Reference the session so that it doesn't go away */
1406  CurrentSession->ReferenceCount += 1;
1407 
1408  /* Release the database lock */
1409  KeReleaseGuardedMutex(&SepRmDbLock);
1410 
1411  /* Create our object directory given the LUID */
1412  _snwprintf(Buffer,
1413  sizeof(Buffer) / sizeof(WCHAR),
1414  L"\\Sessions\\0\\DosDevices\\%08x-%08x",
1415  LogonId->HighPart,
1416  LogonId->LowPart);
1417  RtlInitUnicodeString(&DirectoryName, Buffer);
1418 
1419  InitializeObjectAttributes(&ObjectAttributes,
1420  &DirectoryName,
1421  OBJ_KERNEL_HANDLE | OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
1422  NULL,
1423  NULL);
1424  Status = ZwCreateDirectoryObject(&DirectoryHandle,
1425  DIRECTORY_ALL_ACCESS,
1426  &ObjectAttributes);
1427  if (NT_SUCCESS(Status))
1428  {
1429  /* Create the associated device map */
1430  Status = ObSetDirectoryDeviceMap(&LocalMap, DirectoryHandle);
1431  if (NT_SUCCESS(Status))
1432  {
1433  /* Make Global point to \Global?? in the directory */
1434  RtlInitUnicodeString(&LinkName, L"Global");
1435  RtlInitUnicodeString(&TargetName, L"\\Global??");
1436 
1437  InitializeObjectAttributes(&ObjectAttributes,
1438  &LinkName,
1439  OBJ_KERNEL_HANDLE | OBJ_OPENIF | OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
1440  DirectoryHandle,
1441  NULL);
1442  Status = ZwCreateSymbolicLinkObject(&LinkHandle,
1443  SYMBOLIC_LINK_ALL_ACCESS,
1444  &ObjectAttributes,
1445  &TargetName);
1446  if (!NT_SUCCESS(Status))
1447  {
1448  ObfDereferenceDeviceMap(LocalMap);
1449  }
1450  else
1451  {
1452  ZwClose(LinkHandle);
1453  }
1454  }
1455 
1456  ZwClose(DirectoryHandle);
1457  }
1458 
1459  /* Acquire the database lock */
1460  KeAcquireGuardedMutex(&SepRmDbLock);
1461 
1462  /* If we succeed... */
1463  if (NT_SUCCESS(Status))
1464  {
1465  /* The session now has a device map? We raced with someone else */
1466  if (CurrentSession->pDeviceMap != NULL)
1467  {
1468  /* Give up on our new device map */
1469  ObfDereferenceDeviceMap(LocalMap);
1470  }
1471  /* Otherwise use our newly allocated device map */
1472  else
1473  {
1474  CurrentSession->pDeviceMap = LocalMap;
1475  }
1476 
1477  /* Return the device map */
1478  *DeviceMap = CurrentSession->pDeviceMap;
1479  }
1480  /* Zero output */
1481  else
1482  {
1483  *DeviceMap = NULL;
1484  }
1485 
1486  /* Release the database lock */
1487  KeReleaseGuardedMutex(&SepRmDbLock);
1488 
1489  /* We're done with the session */
1490  SepRmDereferenceLogonSession(&CurrentSession->LogonId);
1491 
1492  return Status;
1493 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
KeAcquireGuardedMutex
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
STATUS_NO_SUCH_LOGON_SESSION
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:331
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
ZwClose
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
ObfDereferenceDeviceMap
VOID FASTCALL ObfDereferenceDeviceMap(IN PDEVICE_MAP DeviceMap)
Definition: devicemap.c:477
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DirectoryHandle
static HANDLE DirectoryHandle
Definition: ObType.c:48
OBJ_KERNEL_HANDLE
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
SYMBOLIC_LINK_ALL_ACCESS
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
OBJ_OPENIF
#define OBJ_OPENIF
Definition: winternl.h:229
L
#define L(x)
Definition: ntvdm.h:50
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
ObSetDirectoryDeviceMap
NTSTATUS NTAPI ObSetDirectoryDeviceMap(OUT PDEVICE_MAP *DeviceMap, IN HANDLE DirectoryHandle)
Definition: devicemap.c:149
_SEP_LOGON_SESSION_REFERENCES::LogonId
LUID LogonId
Definition: setypes.h:170
ZwCreateDirectoryObject
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
_snwprintf
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
_DEVICE_MAP
Definition: obtypes.h:523
Buffer
Definition: bufpool.h:45
Status
Status
Definition: gdiplustypes.h:24
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ZwCreateSymbolicLinkObject
NTSYSAPI NTSTATUS NTAPI ZwCreateSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PUNICODE_STRING Name)
_SEP_LOGON_SESSION_REFERENCES::Next
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: setypes.h:169
OBJ_PERMANENT
#define OBJ_PERMANENT
Definition: winternl.h:226
TargetName
WCHAR TargetName[256]
Definition: arping.c:27
_SEP_LOGON_SESSION_REFERENCES::pDeviceMap
PDEVICE_MAP pDeviceMap
Definition: setypes.h:173
_UNICODE_STRING
Definition: env_spec_w32.h:368
_SEP_LOGON_SESSION_REFERENCES
Definition: setypes.h:167
DIRECTORY_ALL_ACCESS
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
SepLogonSessions
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:62
_SEP_LOGON_SESSION_REFERENCES::ReferenceCount
ULONG ReferenceCount
Definition: setypes.h:171
NULL
#define NULL
Definition: types.h:112
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711
KeReleaseGuardedMutex
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
SepRmDereferenceLogonSession
NTSTATUS SepRmDereferenceLogonSession(_In_ PLUID LogonLuid)
De-references a logon session. If the session has a reference count of 0 by the time the function has...
Definition: srm.c:1008
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89
SepRmDbLock
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:61

Referenced by ObpReferenceDeviceMap(), and ObpSetCurrentProcessDeviceMap().

◆ SeInitializeProcessAuditName()

NTSTATUS NTAPI SeInitializeProcessAuditName ( _In_ PFILE_OBJECT  FileObject,
_In_ BOOLEAN  DoAudit,
_Out_ POBJECT_NAME_INFORMATION AuditInfo 
)

Initializes a process audit name and returns it to the caller.

Parameters
[in]FileObjectFile object that points to a name to be queried.
[in]DoAuditIf set to TRUE, the function will perform various security auditing onto the audit name.
[out]AuditInfoThe returned audit info data.
Returns
Returns STATUS_SUCCESS if process audit name initialization has completed successfully. STATUS_NO_MEMORY is returned if pool allocation for object name info has failed. A failure NTSTATUS code is returned otherwise.

Definition at line 105 of file audit.c.

109 {
110  OBJECT_NAME_INFORMATION LocalNameInfo;
111  POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
112  ULONG ReturnLength = 8;
113  NTSTATUS Status;
114 
115  PAGED_CODE();
116  ASSERT(AuditInfo);
117 
118  /* Check if we should do auditing */
119  if (DoAudit)
120  {
121  /* FIXME: TODO */
122  }
123 
124  /* Now query the name */
125  Status = ObQueryNameString(FileObject,
126  &LocalNameInfo,
127  sizeof(LocalNameInfo),
128  &ReturnLength);
129  if (((Status == STATUS_BUFFER_OVERFLOW) ||
130  (Status == STATUS_BUFFER_TOO_SMALL) ||
131  (Status == STATUS_INFO_LENGTH_MISMATCH)) &&
132  (ReturnLength != sizeof(LocalNameInfo)))
133  {
134  /* Allocate required size */
135  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
136  ReturnLength,
137  TAG_SEPA);
138  if (ObjectNameInfo)
139  {
140  /* Query the name again */
141  Status = ObQueryNameString(FileObject,
142  ObjectNameInfo,
143  ReturnLength,
144  &ReturnLength);
145  }
146  }
147 
148  /* Check if we got here due to failure */
149  if ((ObjectNameInfo) &&
150  (!(NT_SUCCESS(Status)) || (ReturnLength == sizeof(LocalNameInfo))))
151  {
152  /* First, free any buffer we might've allocated */
153  ASSERT(FALSE);
154  if (ObjectNameInfo) ExFreePool(ObjectNameInfo);
155 
156  /* Now allocate a temporary one */
157  ReturnLength = sizeof(OBJECT_NAME_INFORMATION);
158  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
159  sizeof(OBJECT_NAME_INFORMATION),
160  TAG_SEPA);
161  if (ObjectNameInfo)
162  {
163  /* Clear it */
164  RtlZeroMemory(ObjectNameInfo, ReturnLength);
165  Status = STATUS_SUCCESS;
166  }
167  }
168 
169  /* Check if memory allocation failed */
170  if (!ObjectNameInfo) Status = STATUS_NO_MEMORY;
171 
172  /* Return the audit name */
173  *AuditInfo = ObjectNameInfo;
174 
175  /* Return status */
176  return Status;
177 }
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObQueryNameString
NTSTATUS NTAPI ObQueryNameString(IN PVOID Object, OUT POBJECT_NAME_INFORMATION ObjectNameInfo, IN ULONG Length, OUT PULONG ReturnLength)
Definition: obname.c:1207
_OBJECT_NAME_INFORMATION
Definition: nt_native.h:1269
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
FALSE
#define FALSE
Definition: types.h:117
OBJECT_NAME_INFORMATION
struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION
FileObject
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:547
Status
Status
Definition: gdiplustypes.h:24
ASSERT
#define ASSERT(a)
Definition: mode.c:44
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NULL
#define NULL
Definition: types.h:112
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
TAG_SEPA
#define TAG_SEPA
Definition: tag.h:151
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by MmInitializeProcessAddressSpace(), and SeLocateProcessImageName().

◆ SeInitSystem()

BOOLEAN NTAPI SeInitSystem ( VOID  )

Main security manager initialization function.

Returns
Returns a boolean value according to the phase initialization routine that handles it. If TRUE, the routine deems the initialization phase as complete, FALSE otherwise.

Definition at line 285 of file semgr.c.

286 {
287  /* Check the initialization phase */
288  switch (ExpInitializationPhase)
289  {
290  case 0:
291 
292  /* Do Phase 0 */
293  return SepInitializationPhase0();
294 
295  case 1:
296 
297  /* Do Phase 1 */
298  return SepInitializationPhase1();
299 
300  default:
301 
302  /* Don't know any other phase! Bugcheck! */
303  KeBugCheckEx(UNEXPECTED_INITIALIZATION_CALL,
304  0,
305  ExpInitializationPhase,
306  0,
307  0);
308  return FALSE;
309  }
310 }
SepInitializationPhase0
BOOLEAN NTAPI SepInitializationPhase0(VOID)
Handles the phase 0 procedure of the SRM initialization.
Definition: semgr.c:115
FALSE
#define FALSE
Definition: types.h:117
ExpInitializationPhase
ULONG ExpInitializationPhase
Definition: init.c:66
SepInitializationPhase1
BOOLEAN NTAPI SepInitializationPhase1(VOID)
Handles the phase 1 procedure of the SRM initialization.
Definition: semgr.c:168
KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:108

Referenced by ExpInitializeExecutive(), and Phase1InitializationDiscard().

◆ SeIsTokenChild()

NTSTATUS NTAPI SeIsTokenChild ( _In_ PTOKEN  Token,
_Out_ PBOOLEAN  IsChild 
)

Checks if the token is a child of the other token of the current process that the calling thread is invoking this function.

Parameters
[in]TokenAn access token to determine if it's a child or not.
[out]IsChildThe returned boolean result.
Returns
Returns STATUS_SUCCESS when the function finishes its operation. STATUS_UNSUCCESSFUL is returned if primary token of the current calling process couldn't be referenced otherwise.

Definition at line 1381 of file token.c.

1384 {
1385  PTOKEN ProcessToken;
1386  LUID ProcessTokenId, CallerParentId;
1387 
1388  /* Assume failure */
1389  *IsChild = FALSE;
1390 
1391  /* Reference the process token */
1392  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
1393  if (!ProcessToken)
1394  return STATUS_UNSUCCESSFUL;
1395 
1396  /* Get its token ID */
1397  ProcessTokenId = ProcessToken->TokenId;
1398 
1399  /* Dereference the token */
1400  ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);
1401 
1402  /* Get our parent token ID */
1403  CallerParentId = Token->ParentTokenId;
1404 
1405  /* Compare the token IDs */
1406  if (RtlEqualLuid(&CallerParentId, &ProcessTokenId))
1407  *IsChild = TRUE;
1408 
1409  /* Return success */
1410  return STATUS_SUCCESS;
1411 }
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
FALSE
#define FALSE
Definition: types.h:117
_LUID
Definition: devicetopology.idl:136
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
_TOKEN::TokenId
LUID TokenId
Definition: setypes.h:210
IsChild
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_TOKEN
Definition: setypes.h:207

Referenced by PspSetPrimaryToken().

◆ SeIsTokenSibling()

NTSTATUS NTAPI SeIsTokenSibling ( _In_ PTOKEN  Token,
_Out_ PBOOLEAN  IsSibling 
)

Checks if the token is a sibling of the other token of the current process that the calling thread is invoking this function.

Parameters
[in]TokenAn access token to determine if it's a sibling or not.
[out]IsSiblingThe returned boolean result.
Returns
Returns STATUS_SUCCESS when the function finishes its operation. STATUS_UNSUCCESSFUL is returned if primary token of the current calling process couldn't be referenced otherwise.

Definition at line 1430 of file token.c.

1433 {
1434  PTOKEN ProcessToken;
1435  LUID ProcessParentId, ProcessAuthId;
1436  LUID CallerParentId, CallerAuthId;
1437 
1438  /* Assume failure */
1439  *IsSibling = FALSE;
1440 
1441  /* Reference the process token */
1442  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
1443  if (!ProcessToken)
1444  return STATUS_UNSUCCESSFUL;
1445 
1446  /* Get its parent and authentication IDs */
1447  ProcessParentId = ProcessToken->ParentTokenId;
1448  ProcessAuthId = ProcessToken->AuthenticationId;
1449 
1450  /* Dereference the token */
1451  ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);
1452 
1453  /* Get our parent and authentication IDs */
1454  CallerParentId = Token->ParentTokenId;
1455  CallerAuthId = Token->AuthenticationId;
1456 
1457  /* Compare the token IDs */
1458  if (RtlEqualLuid(&CallerParentId, &ProcessParentId) &&
1459  RtlEqualLuid(&CallerAuthId, &ProcessAuthId))
1460  {
1461  *IsSibling = TRUE;
1462  }
1463 
1464  /* Return success */
1465  return STATUS_SUCCESS;
1466 }
TRUE
#define TRUE
Definition: types.h:120
_TOKEN::AuthenticationId
LUID AuthenticationId
Definition: setypes.h:211
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
FALSE
#define FALSE
Definition: types.h:117
_LUID
Definition: devicetopology.idl:136
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
_TOKEN::ParentTokenId
LUID ParentTokenId
Definition: setypes.h:212
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_TOKEN
Definition: setypes.h:207

Referenced by PspSetPrimaryToken().

◆ SepCaptureAcl()

NTSTATUS NTAPI SepCaptureAcl ( _In_ PACL  InputAcl,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PACL CapturedAcl 
)

Captures an access control list from an already valid input ACL.

Parameters
[in]InputAclA valid ACL.
[in]AccessModeProcessor level access mode. The processor mode determines how are the input arguments probed.
[in]PoolTypePool type for new captured ACL for creation. The pool type determines how the ACL data should reside in the pool memory.
[in]CaptureIfKernelIf set to TRUE and the processor access mode being KernelMode, we're capturing an ACL directly in the kernel. Otherwise we're capturing within a kernel mode driver.
[out]CapturedAclThe returned and allocated captured ACL.
Returns
Returns STATUS_SUCCESS if the ACL has been successfully captured. STATUS_INSUFFICIENT_RESOURCES is returned otherwise.

Definition at line 352 of file acl.c.

358 {
359  PACL NewAcl;
360  ULONG AclSize = 0;
361  NTSTATUS Status = STATUS_SUCCESS;
362 
363  PAGED_CODE();
364 
365  if (AccessMode != KernelMode)
366  {
367  _SEH2_TRY
368  {
369  ProbeForRead(InputAcl,
370  sizeof(ACL),
371  sizeof(ULONG));
372  AclSize = InputAcl->AclSize;
373  ProbeForRead(InputAcl,
374  AclSize,
375  sizeof(ULONG));
376  }
377  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
378  {
379  /* Return the exception code */
380  _SEH2_YIELD(return _SEH2_GetExceptionCode());
381  }
382  _SEH2_END;
383 
384  NewAcl = ExAllocatePoolWithTag(PoolType,
385  AclSize,
386  TAG_ACL);
387  if (NewAcl != NULL)
388  {
389  _SEH2_TRY
390  {
391  RtlCopyMemory(NewAcl,
392  InputAcl,
393  AclSize);
394 
395  *CapturedAcl = NewAcl;
396  }
397  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
398  {
399  /* Free the ACL and return the exception code */
400  ExFreePoolWithTag(NewAcl, TAG_ACL);
401  _SEH2_YIELD(return _SEH2_GetExceptionCode());
402  }
403  _SEH2_END;
404  }
405  else
406  {
407  Status = STATUS_INSUFFICIENT_RESOURCES;
408  }
409  }
410  else if (!CaptureIfKernel)
411  {
412  *CapturedAcl = InputAcl;
413  }
414  else
415  {
416  AclSize = InputAcl->AclSize;
417 
418  NewAcl = ExAllocatePoolWithTag(PoolType,
419  AclSize,
420  TAG_ACL);
421 
422  if (NewAcl != NULL)
423  {
424  RtlCopyMemory(NewAcl,
425  InputAcl,
426  AclSize);
427 
428  *CapturedAcl = NewAcl;
429  }
430  else
431  {
432  Status = STATUS_INSUFFICIENT_RESOURCES;
433  }
434  }
435 
436  return Status;
437 }
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_ACL
Definition: ms-dtyp.idl:293
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Status
Status
Definition: gdiplustypes.h:24
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
TAG_ACL
#define TAG_ACL
Definition: tag.h:146
_SEH2_END
_SEH2_END
Definition: create.c:4400
NULL
#define NULL
Definition: types.h:112
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtCreateToken(), and NtSetInformationToken().

◆ SepCaptureSecurityQualityOfService()

NTSTATUS NTAPI SepCaptureSecurityQualityOfService ( _In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
_Out_ PBOOLEAN  Present 
)

Captures the security quality of service data given the object attributes from an object.

Parameters
[in]ObjectAttributesAttributes of an object where SQOS is to be retrieved. If the caller doesn't fill object attributes to the function, it automatically assumes SQOS is not present, or if, there's no SQOS present in the object attributes list of the object itself.
[in]AccessModeProcessor access mode.
[in]PoolTypeThe pool type for the captured SQOS to be used for allocation.
[in]CaptureIfKernelCapture access condition. To be set to TRUE if the capture is done within the kernel, FALSE if the capture is done in a kernel mode driver or user mode otherwise.
[out]CapturedSecurityQualityOfServiceThe captured SQOS data from the object.
[out]PresentReturns TRUE if SQOS is present in an object, FALSE otherwise. FALSE is also immediately returned if no object attributes is given to the call.
Returns
STATUS_SUCCESS if SQOS from the object has been fully and successfully captured. STATUS_INVALID_PARAMETER if the caller submits an invalid object attributes list. STATUS_INSUFFICIENT_RESOURCES if the function has failed to allocate some resources in the pool for the captured SQOS. A failure NTSTATUS code is returned otherwise.

Definition at line 52 of file sqos.c.

59 {
60  PSECURITY_QUALITY_OF_SERVICE CapturedQos;
61  NTSTATUS Status = STATUS_SUCCESS;
62 
63  PAGED_CODE();
64 
65  ASSERT(CapturedSecurityQualityOfService);
66  ASSERT(Present);
67 
68  if (ObjectAttributes != NULL)
69  {
70  if (AccessMode != KernelMode)
71  {
72  SECURITY_QUALITY_OF_SERVICE SafeQos;
73 
74  _SEH2_TRY
75  {
76  ProbeForRead(ObjectAttributes,
77  sizeof(OBJECT_ATTRIBUTES),
78  sizeof(ULONG));
79  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
80  {
81  if (ObjectAttributes->SecurityQualityOfService != NULL)
82  {
83  ProbeForRead(ObjectAttributes->SecurityQualityOfService,
84  sizeof(SECURITY_QUALITY_OF_SERVICE),
85  sizeof(ULONG));
86 
87  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
88  sizeof(SECURITY_QUALITY_OF_SERVICE))
89  {
90  /*
91  * Don't allocate memory here because ExAllocate should bugcheck
92  * the system if it's buggy, SEH would catch that! So make a local
93  * copy of the qos structure.
94  */
95  RtlCopyMemory(&SafeQos,
96  ObjectAttributes->SecurityQualityOfService,
97  sizeof(SECURITY_QUALITY_OF_SERVICE));
98  *Present = TRUE;
99  }
100  else
101  {
102  Status = STATUS_INVALID_PARAMETER;
103  }
104  }
105  else
106  {
107  *CapturedSecurityQualityOfService = NULL;
108  *Present = FALSE;
109  }
110  }
111  else
112  {
113  Status = STATUS_INVALID_PARAMETER;
114  }
115  }
116  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
117  {
118  Status = _SEH2_GetExceptionCode();
119  }
120  _SEH2_END;
121 
122  if (NT_SUCCESS(Status))
123  {
124  if (*Present)
125  {
126  CapturedQos = ExAllocatePoolWithTag(PoolType,
127  sizeof(SECURITY_QUALITY_OF_SERVICE),
128  TAG_QOS);
129  if (CapturedQos != NULL)
130  {
131  RtlCopyMemory(CapturedQos,
132  &SafeQos,
133  sizeof(SECURITY_QUALITY_OF_SERVICE));
134  *CapturedSecurityQualityOfService = CapturedQos;
135  }
136  else
137  {
138  Status = STATUS_INSUFFICIENT_RESOURCES;
139  }
140  }
141  else
142  {
143  *CapturedSecurityQualityOfService = NULL;
144  }
145  }
146  }
147  else
148  {
149  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
150  {
151  if (CaptureIfKernel)
152  {
153  if (ObjectAttributes->SecurityQualityOfService != NULL)
154  {
155  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
156  sizeof(SECURITY_QUALITY_OF_SERVICE))
157  {
158  CapturedQos = ExAllocatePoolWithTag(PoolType,
159  sizeof(SECURITY_QUALITY_OF_SERVICE),
160  TAG_QOS);
161  if (CapturedQos != NULL)
162  {
163  RtlCopyMemory(CapturedQos,
164  ObjectAttributes->SecurityQualityOfService,
165  sizeof(SECURITY_QUALITY_OF_SERVICE));
166  *CapturedSecurityQualityOfService = CapturedQos;
167  *Present = TRUE;
168  }
169  else
170  {
171  Status = STATUS_INSUFFICIENT_RESOURCES;
172  }
173  }
174  else
175  {
176  Status = STATUS_INVALID_PARAMETER;
177  }
178  }
179  else
180  {
181  *CapturedSecurityQualityOfService = NULL;
182  *Present = FALSE;
183  }
184  }
185  else
186  {
187  *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
188  *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
189  }
190  }
191  else
192  {
193  Status = STATUS_INVALID_PARAMETER;
194  }
195  }
196  }
197  else
198  {
199  *CapturedSecurityQualityOfService = NULL;
200  *Present = FALSE;
201  }
202 
203  return Status;
204 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
PSECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
FALSE
#define FALSE
Definition: types.h:117
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Status
Status
Definition: gdiplustypes.h:24
ASSERT
#define ASSERT(a)
Definition: mode.c:44
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
_SEH2_END
Definition: create.c:4400
NULL
#define NULL
Definition: types.h:112
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
TAG_QOS
#define TAG_QOS
Definition: tag.h:149
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtDuplicateToken().

◆ SepCaptureSid()

NTSTATUS NTAPI SepCaptureSid ( _In_ PSID  InputSid,
_In_ KPROCESSOR_MODE  AccessMode,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSID CapturedSid 
)

Captures a SID.

Parameters
[in]InputSidA valid security identifier to be captured.
[in]AccessModeProcessor level access mode.
[in]PoolTypePool memory type for the captured SID to assign upon allocation.
[in]CaptureIfKernelIf set to TRUE, the capturing is done within the kernel. Otherwise the capturing is done in a kernel mode driver.
[out]CapturedSidThe captured security identifier, returned to the caller.
Returns
Returns STATUS_SUCCESS if the SID was captured. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the captured SID has failed.

Definition at line 314 of file sid.c.

320 {
321  ULONG SidSize = 0;
322  PISID NewSid, Sid = (PISID)InputSid;
323 
324  PAGED_CODE();
325 
326  if (AccessMode != KernelMode)
327  {
328  _SEH2_TRY
329  {
330  ProbeForRead(Sid, FIELD_OFFSET(SID, SubAuthority), sizeof(UCHAR));
331  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
332  ProbeForRead(Sid, SidSize, sizeof(UCHAR));
333  }
334  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
335  {
336  /* Return the exception code */
337  _SEH2_YIELD(return _SEH2_GetExceptionCode());
338  }
339  _SEH2_END;
340 
341  /* Allocate a SID and copy it */
342  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
343  if (!NewSid)
344  return STATUS_INSUFFICIENT_RESOURCES;
345 
346  _SEH2_TRY
347  {
348  RtlCopyMemory(NewSid, Sid, SidSize);
349 
350  *CapturedSid = NewSid;
351  }
352  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
353  {
354  /* Free the SID and return the exception code */
355  ExFreePoolWithTag(NewSid, TAG_SID);
356  _SEH2_YIELD(return _SEH2_GetExceptionCode());
357  }
358  _SEH2_END;
359  }
360  else if (!CaptureIfKernel)
361  {
362  *CapturedSid = InputSid;
363  }
364  else
365  {
366  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
367 
368  /* Allocate a SID and copy it */
369  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
370  if (NewSid == NULL)
371  return STATUS_INSUFFICIENT_RESOURCES;
372 
373  RtlCopyMemory(NewSid, Sid, SidSize);
374 
375  *CapturedSid = NewSid;
376  }
377 
378  return STATUS_SUCCESS;
379 }
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID
Definition: ms-dtyp.idl:198
TAG_SID
#define TAG_SID
Definition: sid.c:15
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
PISID
struct _SID * PISID
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
_SEH2_END
_SEH2_END
Definition: create.c:4400
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
NULL
#define NULL
Definition: types.h:112
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
NewSid
_In_ PSID _In_ PSID NewSid
Definition: rtlfuncs.h:2813
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtCreateToken(), NtSecureConnectPort(), NtSetInformationToken(), and SepAccessCheckAndAuditAlarm().

◆ SepCreateImpersonationTokenDacl()

NTSTATUS NTAPI SepCreateImpersonationTokenDacl ( _In_ PTOKEN  Token,
_In_ PTOKEN  PrimaryToken,
_Out_ PACL Dacl 
)

Allocates a discretionary access control list based on certain properties of a regular and primary access tokens.

Parameters
[in]TokenAn access token.
[in]PrimaryTokenA primary access token.
[out]DaclThe returned allocated DACL.
Returns
Returns STATUS_SUCCESS if DACL creation from tokens has completed successfully. STATUS_INSUFFICIENT_RESOURCES is returned if DACL allocation from memory pool fails otherwise.

Definition at line 277 of file acl.c.

281 {
282  ULONG AclLength;
283  PACL TokenDacl;
284 
285  PAGED_CODE();
286 
287  *Dacl = NULL;
288 
289  AclLength = sizeof(ACL) +
290  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
291  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
292  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid)) +
293  (sizeof(ACE) + RtlLengthSid(Token->UserAndGroups->Sid)) +
294  (sizeof(ACE) + RtlLengthSid(PrimaryToken->UserAndGroups->Sid));
295 
296  TokenDacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_ACL);
297  if (TokenDacl == NULL)
298  {
299  return STATUS_INSUFFICIENT_RESOURCES;
300  }
301 
302  RtlCreateAcl(TokenDacl, AclLength, ACL_REVISION);
303  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
304  Token->UserAndGroups->Sid);
305  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
306  PrimaryToken->UserAndGroups->Sid);
307  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
308  SeAliasAdminsSid);
309  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
310  SeLocalSystemSid);
311 
312  if (Token->RestrictedSids != NULL || PrimaryToken->RestrictedSids != NULL)
313  {
314  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
315  SeRestrictedCodeSid);
316  }
317 
318  *Dacl = TokenDacl;
319 
320  return STATUS_SUCCESS;
321 }
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:40
_ACL
Definition: ms-dtyp.idl:293
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
ACL
struct _ACL ACL
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41
TAG_ACL
#define TAG_ACL
Definition: tag.h:146
RtlAddAccessAllowedAce
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
RtlCreateAcl
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
NULL
#define NULL
Definition: types.h:112
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:38
ULONG
unsigned int ULONG
Definition: retypes.h:1
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_ACE
Definition: rtltypes.h:990
AclLength
_In_ ULONG AclLength
Definition: rtlfuncs.h:1842
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtOpenThreadTokenEx().

◆ SepCreateSystemAnonymousLogonToken()

PTOKEN SepCreateSystemAnonymousLogonToken ( VOID  )

Creates the anonymous logon token for the system. The difference between this token and the other one is the inclusion of everyone SID group (being SeWorldSid). The other token lacks such group.

Returns
Returns the system's anonymous logon token if the operations have completed successfully.

Definition at line 2787 of file token.c.

2788 {
2789  SID_AND_ATTRIBUTES Groups[32], UserSid;
2790  PSID PrimaryGroup;
2791  PTOKEN Token;
2792  ULONG GroupsLength;
2793  LARGE_INTEGER Expiration;
2794  OBJECT_ATTRIBUTES ObjectAttributes;
2795  NTSTATUS Status;
2796 
2797  /* The token never expires */
2798  Expiration.QuadPart = -1;
2799 
2800  /* The user is the anonymous logon */
2801  UserSid.Sid = SeAnonymousLogonSid;
2802  UserSid.Attributes = 0;
2803 
2804  /* The primary group is also the anonymous logon */
2805  PrimaryGroup = SeAnonymousLogonSid;
2806 
2807  /* The only group for the token is the World */
2808  Groups[0].Sid = SeWorldSid;
2809  Groups[0].Attributes = SE_GROUP_ENABLED | SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT;
2810  GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
2811  SeLengthSid(Groups[0].Sid);
2812  ASSERT(GroupsLength <= sizeof(Groups));
2813 
2814  /* Initialise the object attributes for the token */
2815  InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
2816  ASSERT(SeSystemAnonymousLogonDacl != NULL);
2817 
2818  /* Create token */
2819  Status = SepCreateToken((PHANDLE)&Token,
2820  KernelMode,
2821  0,
2822  &ObjectAttributes,
2823  TokenPrimary,
2824  SecurityAnonymous,
2825  &SeAnonymousAuthenticationId,
2826  &Expiration,
2827  &UserSid,
2828  1,
2829  Groups,
2830  GroupsLength,
2831  0,
2832  NULL,
2833  NULL,
2834  PrimaryGroup,
2835  SeSystemAnonymousLogonDacl,
2836  &SeSystemTokenSource,
2837  TRUE);
2838  ASSERT(Status == STATUS_SUCCESS);
2839 
2840  /* Return the anonymous logon token */
2841  return Token;
2842 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895
SeAnonymousAuthenticationId
LUID SeAnonymousAuthenticationId
Definition: token.c:23
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
SepCreateToken
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: token.c:1708
Status
Status
Definition: gdiplustypes.h:24
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
SeSystemTokenSource
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
NULL
#define NULL
Definition: types.h:112
_LARGE_INTEGER
Definition: typedefs.h:102
ULONG
unsigned int ULONG
Definition: retypes.h:1
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: se.h:159
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
SeLengthSid
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
_TOKEN
Definition: setypes.h:207
SeSystemAnonymousLogonDacl
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepCreateSystemAnonymousLogonTokenNoEveryone()

PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone ( VOID  )

Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID group (being SeWorldSid).

Returns
Returns the system's anonymous logon token if the operations have completed successfully.

Definition at line 2855 of file token.c.

2856 {
2857  SID_AND_ATTRIBUTES UserSid;
2858  PSID PrimaryGroup;
2859  PTOKEN Token;
2860  LARGE_INTEGER Expiration;
2861  OBJECT_ATTRIBUTES ObjectAttributes;
2862  NTSTATUS Status;
2863 
2864  /* The token never expires */
2865  Expiration.QuadPart = -1;
2866 
2867  /* The user is the anonymous logon */
2868  UserSid.Sid = SeAnonymousLogonSid;
2869  UserSid.Attributes = 0;
2870 
2871  /* The primary group is also the anonymous logon */
2872  PrimaryGroup = SeAnonymousLogonSid;
2873 
2874  /* Initialise the object attributes for the token */
2875  InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
2876  ASSERT(SeSystemAnonymousLogonDacl != NULL);
2877 
2878  /* Create token */
2879  Status = SepCreateToken((PHANDLE)&Token,
2880  KernelMode,
2881  0,
2882  &ObjectAttributes,
2883  TokenPrimary,
2884  SecurityAnonymous,
2885  &SeAnonymousAuthenticationId,
2886  &Expiration,
2887  &UserSid,
2888  0,
2889  NULL,
2890  0,
2891  0,
2892  NULL,
2893  NULL,
2894  PrimaryGroup,
2895  SeSystemAnonymousLogonDacl,
2896  &SeSystemTokenSource,
2897  TRUE);
2898  ASSERT(Status == STATUS_SUCCESS);
2899 
2900  /* Return the anonymous (not including everyone) logon token */
2901  return Token;
2902 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SeAnonymousAuthenticationId
LUID SeAnonymousAuthenticationId
Definition: token.c:23
SepCreateToken
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: token.c:1708
Status
Status
Definition: gdiplustypes.h:24
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
ASSERT
#define ASSERT(a)
Definition: mode.c:44
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
SeSystemTokenSource
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
NULL
#define NULL
Definition: types.h:112
_LARGE_INTEGER
Definition: typedefs.h:102
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: se.h:159
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_TOKEN
Definition: setypes.h:207
SeSystemAnonymousLogonDacl
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepCreateSystemProcessToken()

PTOKEN NTAPI SepCreateSystemProcessToken ( VOID  )

Creates the system process token.

Returns
Returns the system process token if the operations have completed successfully.

Definition at line 2637 of file token.c.

2638 {
2639  LUID_AND_ATTRIBUTES Privileges[25];
2640  ULONG GroupAttributes, OwnerAttributes;
2641  SID_AND_ATTRIBUTES Groups[32];
2642  LARGE_INTEGER Expiration;
2643  SID_AND_ATTRIBUTES UserSid;
2644  ULONG GroupsLength;
2645  PSID PrimaryGroup;
2646  OBJECT_ATTRIBUTES ObjectAttributes;
2647  PSID Owner;
2648  ULONG i;
2649  PTOKEN Token;
2650  NTSTATUS Status;
2651 
2652  /* Don't ever expire */
2653  Expiration.QuadPart = -1;
2654 
2655  /* All groups mandatory and enabled */
2656  GroupAttributes = SE_GROUP_ENABLED | SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT;
2657  OwnerAttributes = SE_GROUP_ENABLED | SE_GROUP_OWNER | SE_GROUP_ENABLED_BY_DEFAULT;
2658 
2659  /* User is Local System */
2660  UserSid.Sid = SeLocalSystemSid;
2661  UserSid.Attributes = 0;
2662 
2663  /* Primary group is Local System */
2664  PrimaryGroup = SeLocalSystemSid;
2665 
2666  /* Owner is Administrators */
2667  Owner = SeAliasAdminsSid;
2668 
2669  /* Groups are Administrators, World, and Authenticated Users */
2670  Groups[0].Sid = SeAliasAdminsSid;
2671  Groups[0].Attributes = OwnerAttributes;
2672  Groups[1].Sid = SeWorldSid;
2673  Groups[1].Attributes = GroupAttributes;
2674  Groups[2].Sid = SeAuthenticatedUsersSid;
2675  Groups[2].Attributes = GroupAttributes;
2676  GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
2677  SeLengthSid(Groups[0].Sid) +
2678  SeLengthSid(Groups[1].Sid) +
2679  SeLengthSid(Groups[2].Sid);
2680  ASSERT(GroupsLength <= sizeof(Groups));
2681 
2682  /* Setup the privileges */
2683  i = 0;
2684  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2685  Privileges[i++].Luid = SeTcbPrivilege;
2686 
2687  Privileges[i].Attributes = 0;
2688  Privileges[i++].Luid = SeCreateTokenPrivilege;
2689 
2690  Privileges[i].Attributes = 0;
2691  Privileges[i++].Luid = SeTakeOwnershipPrivilege;
2692 
2693  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2694  Privileges[i++].Luid = SeCreatePagefilePrivilege;
2695 
2696  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2697  Privileges[i++].Luid = SeLockMemoryPrivilege;
2698 
2699  Privileges[i].Attributes = 0;
2700  Privileges[i++].Luid = SeAssignPrimaryTokenPrivilege;
2701 
2702  Privileges[i].Attributes = 0;
2703  Privileges[i++].Luid = SeIncreaseQuotaPrivilege;
2704 
2705  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2706  Privileges[i++].Luid = SeIncreaseBasePriorityPrivilege;
2707 
2708  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2709  Privileges[i++].Luid = SeCreatePermanentPrivilege;
2710 
2711  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2712  Privileges[i++].Luid = SeDebugPrivilege;
2713 
2714  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2715  Privileges[i++].Luid = SeAuditPrivilege;
2716 
2717  Privileges[i].Attributes = 0;
2718  Privileges[i++].Luid = SeSecurityPrivilege;
2719 
2720  Privileges[i].Attributes = 0;
2721  Privileges[i++].Luid = SeSystemEnvironmentPrivilege;
2722 
2723  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2724  Privileges[i++].Luid = SeChangeNotifyPrivilege;
2725 
2726  Privileges[i].Attributes = 0;
2727  Privileges[i++].Luid = SeBackupPrivilege;
2728 
2729  Privileges[i].Attributes = 0;
2730  Privileges[i++].Luid = SeRestorePrivilege;
2731 
2732  Privileges[i].Attributes = 0;
2733  Privileges[i++].Luid = SeShutdownPrivilege;
2734 
2735  Privileges[i].Attributes = 0;
2736  Privileges[i++].Luid = SeLoadDriverPrivilege;
2737 
2738  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
2739  Privileges[i++].Luid = SeProfileSingleProcessPrivilege;
2740 
2741  Privileges[i].Attributes = 0;
2742  Privileges[i++].Luid = SeSystemtimePrivilege;
2743  ASSERT(i == 20);
2744 
2745  /* Setup the object attributes */
2746  InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
2747  ASSERT(SeSystemDefaultDacl != NULL);
2748 
2749  /* Create the token */
2750  Status = SepCreateToken((PHANDLE)&Token,
2751  KernelMode,
2752  0,
2753  &ObjectAttributes,
2754  TokenPrimary,
2755  SecurityAnonymous,
2756  &SeSystemAuthenticationId,
2757  &Expiration,
2758  &UserSid,
2759  3,
2760  Groups,
2761  GroupsLength,
2762  20,
2763  Privileges,
2764  Owner,
2765  PrimaryGroup,
2766  SeSystemDefaultDacl,
2767  &SeSystemTokenSource,
2768  TRUE);
2769  ASSERT(Status == STATUS_SUCCESS);
2770 
2771  /* Return the token */
2772  return Token;
2773 }
SeSystemEnvironmentPrivilege
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:41
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
SeSystemtimePrivilege
const LUID SeSystemtimePrivilege
Definition: priv.c:31
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID
Definition: ms-dtyp.idl:198
SeIncreaseQuotaPrivilege
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:24
SeCreateTokenPrivilege
const LUID SeCreateTokenPrivilege
Definition: priv.c:21
SeCreatePermanentPrivilege
const LUID SeCreatePermanentPrivilege
Definition: priv.c:35
SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:39
SeBackupPrivilege
const LUID SeBackupPrivilege
Definition: priv.c:36
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:17
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SeSystemAuthenticationId
LUID SeSystemAuthenticationId
Definition: token.c:22
SeAssignPrimaryTokenPrivilege
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:22
SeAuthenticatedUsersSid
PSID SeAuthenticatedUsersSid
Definition: sid.c:49
Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
SE_GROUP_OWNER
#define SE_GROUP_OWNER
Definition: setypes.h:93
SeLoadDriverPrivilege
const LUID SeLoadDriverPrivilege
Definition: priv.c:29
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
SeTakeOwnershipPrivilege
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:28
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
SepCreateToken
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: token.c:1708
Status
Status
Definition: gdiplustypes.h:24
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
SE_PRIVILEGE_ENABLED_BY_DEFAULT
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
SeCreatePagefilePrivilege
const LUID SeCreatePagefilePrivilege
Definition: priv.c:34
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SeRestorePrivilege
const LUID SeRestorePrivilege
Definition: priv.c:37
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
SeChangeNotifyPrivilege
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41
SeSystemTokenSource
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
SeLockMemoryPrivilege
const LUID SeLockMemoryPrivilege
Definition: priv.c:23
SeProfileSingleProcessPrivilege
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:32
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
SeIncreaseBasePriorityPrivilege
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33
SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:26
SeShutdownPrivilege
const LUID SeShutdownPrivilege
Definition: priv.c:38
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1556
NULL
#define NULL
Definition: types.h:112
_LARGE_INTEGER
Definition: typedefs.h:102
SeSecurityPrivilege
const LUID SeSecurityPrivilege
Definition: priv.c:27
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:38
ULONG
unsigned int ULONG
Definition: retypes.h:1
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
SeLengthSid
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
_TOKEN
Definition: setypes.h:207
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:40
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepDuplicateToken()

NTSTATUS NTAPI SepDuplicateToken ( _In_ PTOKEN  Token,
_In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ BOOLEAN  EffectiveOnly,
_In_ TOKEN_TYPE  TokenType,
_In_ SECURITY_IMPERSONATION_LEVEL  Level,
_In_ KPROCESSOR_MODE  PreviousMode,
_Out_ PTOKEN NewAccessToken 
)

Duplicates an access token, from an existing valid token.

Parameters
[in]TokenAccess token to duplicate.
[in]ObjectAttributesObject attributes for the new token.
[in]EffectiveOnlyIf set to TRUE, the function removes all the disabled privileges and groups of the token to duplicate.
[in]TokenTypeType of token.
[in]LevelSecurity impersonation level of a token.
[in]PreviousModeThe processor request level mode.
[out]NewAccessTokenThe duplicated token.
Returns
Returns STATUS_SUCCESS if the token has been duplicated. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation of the dynamic part of the token for duplication has failed due to the lack of memory resources. A failure NTSTATUS code is returned otherwise.

Definition at line 995 of file token.c.

1003 {
1004  NTSTATUS Status;
1005  PTOKEN AccessToken;
1006  PVOID EndMem;
1007  ULONG PrimaryGroupIndex;
1008  ULONG VariableLength;
1009  ULONG TotalSize;
1010  ULONG PrivilegesIndex, GroupsIndex;
1011 
1012  PAGED_CODE();
1013 
1014  /* Compute how much size we need to allocate for the token */
1015  VariableLength = Token->VariableLength;
1016  TotalSize = FIELD_OFFSET(TOKEN, VariablePart) + VariableLength;
1017 
1018  Status = ObCreateObject(PreviousMode,
1019  SeTokenObjectType,
1020  ObjectAttributes,
1021  PreviousMode,
1022  NULL,
1023  TotalSize,
1024  0,
1025  0,
1026  (PVOID*)&AccessToken);
1027  if (!NT_SUCCESS(Status))
1028  {
1029  DPRINT1("ObCreateObject() failed (Status 0x%lx)\n", Status);
1030  return Status;
1031  }
1032 
1033  /* Zero out the buffer and initialize the token */
1034  RtlZeroMemory(AccessToken, TotalSize);
1035 
1036  ExAllocateLocallyUniqueId(&AccessToken->TokenId);
1037 
1038  AccessToken->TokenType = TokenType;
1039  AccessToken->ImpersonationLevel = Level;
1040 
1041  /* Initialise the lock for the access token */
1042  Status = SepCreateTokenLock(AccessToken);
1043  if (!NT_SUCCESS(Status))
1044  {
1045  ObDereferenceObject(AccessToken);
1046  return Status;
1047  }
1048 
1049  /* Copy the immutable fields */
1050  RtlCopyLuid(&AccessToken->TokenSource.SourceIdentifier,
1051  &Token->TokenSource.SourceIdentifier);
1052  RtlCopyMemory(AccessToken->TokenSource.SourceName,
1053  Token->TokenSource.SourceName,
1054  sizeof(Token->TokenSource.SourceName));
1055 
1056  AccessToken->AuthenticationId = Token->AuthenticationId;
1057  AccessToken->ParentTokenId = Token->ParentTokenId;
1058  AccessToken->ExpirationTime = Token->ExpirationTime;
1059  AccessToken->OriginatingLogonSession = Token->OriginatingLogonSession;
1060 
1061  /* Lock the source token and copy the mutable fields */
1062  SepAcquireTokenLockExclusive(Token);
1063 
1064  AccessToken->SessionId = Token->SessionId;
1065  RtlCopyLuid(&AccessToken->ModifiedId, &Token->ModifiedId);
1066 
1067  AccessToken->TokenFlags = Token->TokenFlags & ~TOKEN_SESSION_NOT_REFERENCED;
1068 
1069  /* Reference the logon session */
1070  Status = SepRmReferenceLogonSession(&AccessToken->AuthenticationId);
1071  if (!NT_SUCCESS(Status))
1072  {
1073  /* No logon session could be found, bail out */
1074  DPRINT1("SepRmReferenceLogonSession() failed (Status 0x%lx)\n", Status);
1075  /* Set the flag for proper cleanup by the delete procedure */
1076  AccessToken->TokenFlags |= TOKEN_SESSION_NOT_REFERENCED;
1077  goto Quit;
1078  }
1079 
1080  /* Insert the referenced logon session into the token */
1081  Status = SepRmInsertLogonSessionIntoToken(AccessToken);
1082  if (!NT_SUCCESS(Status))
1083  {
1084  /* Failed to insert the logon session into the token, bail out */
1085  DPRINT1("SepRmInsertLogonSessionIntoToken() failed (Status 0x%lx)\n", Status);
1086  goto Quit;
1087  }
1088 
1089  /* Assign the data that reside in the TOKEN's variable information area */
1090  AccessToken->VariableLength = VariableLength;
1091  EndMem = (PVOID)&AccessToken->VariablePart;
1092 
1093  /* Copy the privileges */
1094  AccessToken->PrivilegeCount = 0;
1095  AccessToken->Privileges = NULL;
1096  if (Token->Privileges && (Token->PrivilegeCount > 0))
1097  {
1098  ULONG PrivilegesLength = Token->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
1099  PrivilegesLength = ALIGN_UP_BY(PrivilegesLength, sizeof(PVOID));
1100 
1101  ASSERT(VariableLength >= PrivilegesLength);
1102 
1103  AccessToken->PrivilegeCount = Token->PrivilegeCount;
1104  AccessToken->Privileges = EndMem;
1105  EndMem = (PVOID)((ULONG_PTR)EndMem + PrivilegesLength);
1106  VariableLength -= PrivilegesLength;
1107 
1108  RtlCopyMemory(AccessToken->Privileges,
1109  Token->Privileges,
1110  AccessToken->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
1111  }
1112 
1113  /* Copy the user and groups */
1114  AccessToken->UserAndGroupCount = 0;
1115  AccessToken->UserAndGroups = NULL;
1116  if (Token->UserAndGroups && (Token->UserAndGroupCount > 0))
1117  {
1118  AccessToken->UserAndGroupCount = Token->UserAndGroupCount;
1119  AccessToken->UserAndGroups = EndMem;
1120  EndMem = &AccessToken->UserAndGroups[AccessToken->UserAndGroupCount];
1121  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->UserAndGroups);
1122 
1123  Status = RtlCopySidAndAttributesArray(AccessToken->UserAndGroupCount,
1124  Token->UserAndGroups,
1125  VariableLength,
1126  AccessToken->UserAndGroups,
1127  EndMem,
1128  &EndMem,
1129  &VariableLength);
1130  if (!NT_SUCCESS(Status))
1131  {
1132  DPRINT1("RtlCopySidAndAttributesArray(UserAndGroups) failed (Status 0x%lx)\n", Status);
1133  goto Quit;
1134  }
1135  }
1136 
1137  /* Find the token primary group */
1138  Status = SepFindPrimaryGroupAndDefaultOwner(AccessToken,
1139  Token->PrimaryGroup,
1140  NULL,
1141  &PrimaryGroupIndex,
1142  NULL);
1143  if (!NT_SUCCESS(Status))
1144  {
1145  DPRINT1("SepFindPrimaryGroupAndDefaultOwner failed (Status 0x%lx)\n", Status);
1146  goto Quit;
1147  }
1148 
1149  AccessToken->PrimaryGroup = AccessToken->UserAndGroups[PrimaryGroupIndex].Sid;
1150  AccessToken->DefaultOwnerIndex = Token->DefaultOwnerIndex;
1151 
1152  /* Copy the restricted SIDs */
1153  AccessToken->RestrictedSidCount = 0;
1154  AccessToken->RestrictedSids = NULL;
1155  if (Token->RestrictedSids && (Token->RestrictedSidCount > 0))
1156  {
1157  AccessToken->RestrictedSidCount = Token->RestrictedSidCount;
1158  AccessToken->RestrictedSids = EndMem;
1159  EndMem = &AccessToken->RestrictedSids[AccessToken->RestrictedSidCount];
1160  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->RestrictedSids);
1161 
1162  Status = RtlCopySidAndAttributesArray(AccessToken->RestrictedSidCount,
1163  Token->RestrictedSids,
1164  VariableLength,
1165  AccessToken->RestrictedSids,
1166  EndMem,
1167  &EndMem,
1168  &VariableLength);
1169  if (!NT_SUCCESS(Status))
1170  {
1171  DPRINT1("RtlCopySidAndAttributesArray(RestrictedSids) failed (Status 0x%lx)\n", Status);
1172  goto Quit;
1173  }
1174  }
1175 
1176  /*
1177  * Filter the token by removing the disabled privileges
1178  * and groups if the caller wants to duplicate an access
1179  * token as effective only.
1180  */
1181  if (EffectiveOnly)
1182  {
1183  /* Begin querying the groups and search for disabled ones */
1184  for (GroupsIndex = 0; GroupsIndex < AccessToken->UserAndGroupCount; GroupsIndex++)
1185  {
1186  /*
1187  * A group or user is considered disabled if its attributes is either
1188  * 0 or SE_GROUP_ENABLED is not included in the attributes flags list.
1189  * That is because a certain user and/or group can have several attributes
1190  * that bear no influence on whether a user/group is enabled or not
1191  * (SE_GROUP_ENABLED_BY_DEFAULT for example which is a mere indicator
1192  * that the group has just been enabled by default). A mandatory
1193  * group (that is, the group has SE_GROUP_MANDATORY attribute)
1194  * by standards it's always enabled and no one can disable it.
1195  */
1196  if (AccessToken->UserAndGroups[GroupsIndex].Attributes == 0 ||
1197  (AccessToken->UserAndGroups[GroupsIndex].Attributes & SE_GROUP_ENABLED) == 0)
1198  {
1199  /*
1200  * If this group is an administrators group
1201  * and the token belongs to such group,
1202  * we've to take away TOKEN_HAS_ADMIN_GROUP
1203  * for the fact that's not enabled and as
1204  * such the token no longer belongs to
1205  * this group.
1206  */
1207  if (RtlEqualSid(SeAliasAdminsSid,
1208  &AccessToken->UserAndGroups[GroupsIndex].Sid))
1209  {
1210  AccessToken->TokenFlags &= ~TOKEN_HAS_ADMIN_GROUP;
1211  }
1212 
1213  /*
1214  * A group is not enabled, it's time to remove
1215  * from the token and update the groups index
1216  * accordingly and continue with the next group.
1217  */
1218  SepRemoveUserGroupToken(AccessToken, GroupsIndex);
1219  GroupsIndex--;
1220  }
1221  }
1222 
1223  /* Begin querying the privileges and search for disabled ones */
1224  for (PrivilegesIndex = 0; PrivilegesIndex < AccessToken->PrivilegeCount; PrivilegesIndex++)
1225  {
1226  /*
1227  * A privilege is considered disabled if its attributes is either
1228  * 0 or SE_PRIVILEGE_ENABLED is not included in the attributes flags list.
1229  * That is because a certain privilege can have several attributes
1230  * that bear no influence on whether a privilege is enabled or not
1231  * (SE_PRIVILEGE_ENABLED_BY_DEFAULT for example which is a mere indicator
1232  * that the privilege has just been enabled by default).
1233  */
1234  if (AccessToken->Privileges[PrivilegesIndex].Attributes == 0 ||
1235  (AccessToken->Privileges[PrivilegesIndex].Attributes & SE_PRIVILEGE_ENABLED) == 0)
1236  {
1237  /*
1238  * A privilege is not enabled, therefor it's time
1239  * to strip it from the token and continue with the next
1240  * privilege. Of course we must also want to update the
1241  * privileges index accordingly.
1242  */
1243  SepRemovePrivilegeToken(AccessToken, PrivilegesIndex);
1244  PrivilegesIndex--;
1245  }
1246  }
1247  }
1248 
1249  //
1250  // NOTE: So far our dynamic area only contains
1251  // the default dacl, so this makes the following
1252  // code pretty simple. The day where it stores
1253  // other data, the code will require adaptations.
1254  //
1255 
1256  /* Now allocate the TOKEN's dynamic information area and set the data */
1257  AccessToken->DynamicAvailable = 0; // Unused memory in the dynamic area.
1258  AccessToken->DynamicPart = NULL;
1259  if (Token->DynamicPart && Token->DefaultDacl)
1260  {
1261  AccessToken->DynamicPart = ExAllocatePoolWithTag(PagedPool,
1262  Token->DefaultDacl->AclSize,
1263  TAG_TOKEN_DYNAMIC);
1264  if (AccessToken->DynamicPart == NULL)
1265  {
1266  Status = STATUS_INSUFFICIENT_RESOURCES;
1267  goto Quit;
1268  }
1269  EndMem = (PVOID)AccessToken->DynamicPart;
1270 
1271  AccessToken->DefaultDacl = EndMem;
1272 
1273  RtlCopyMemory(AccessToken->DefaultDacl,
1274  Token->DefaultDacl,
1275  Token->DefaultDacl->AclSize);
1276  }
1277 
1278  /* Unlock the source token */
1279  SepReleaseTokenLock(Token);
1280 
1281  /* Return the token */
1282  *NewAccessToken = AccessToken;
1283  Status = STATUS_SUCCESS;
1284 
1285 Quit:
1286  if (!NT_SUCCESS(Status))
1287  {
1288  /* Unlock the source token */
1289  SepReleaseTokenLock(Token);
1290 
1291  /* Dereference the token, the delete procedure will clean it up */
1292  ObDereferenceObject(AccessToken);
1293  }
1294 
1295  return Status;
1296 }
_TOKEN::TokenType
TOKEN_TYPE TokenType
Definition: setypes.h:231
SepAcquireTokenLockExclusive
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:220
SepFindPrimaryGroupAndDefaultOwner
static NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Finds the primary group and default owner entity based on the submitted primary group instance and an...
Definition: token.c:869
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
SepRmInsertLogonSessionIntoToken
NTSTATUS NTAPI SepRmInsertLogonSessionIntoToken(_Inout_ PTOKEN Token)
Inserts a logon session into an access token specified by the caller.
Definition: srm.c:368
_TOKEN::AuthenticationId
LUID AuthenticationId
Definition: setypes.h:211
_TOKEN::VariablePart
ULONG VariablePart
Definition: setypes.h:239
RtlCopySidAndAttributesArray
NTSYSAPI NTSTATUS NTAPI RtlCopySidAndAttributesArray(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src, _In_ ULONG SidAreaSize, _In_ PSID_AND_ATTRIBUTES Dest, _In_ PSID SidArea, _Out_ PSID *RemainingSidArea, _Out_ PULONG RemainingSidAreaSize)
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
Level
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
_TOKEN::PrivilegeCount
ULONG PrivilegeCount
Definition: setypes.h:220
if
if(dx==0 &&dy==0)
Definition: linetemp.h:174
_TOKEN::Privileges
PLUID_AND_ATTRIBUTES Privileges
Definition: setypes.h:228
_TOKEN::ModifiedId
LUID ModifiedId
Definition: setypes.h:216
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
_TOKEN::TokenFlags
ULONG TokenFlags
Definition: setypes.h:233
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
_TOKEN_SOURCE::SourceIdentifier
LUID SourceIdentifier
Definition: imports.h:279
_TOKEN::DynamicAvailable
ULONG DynamicAvailable
Definition: setypes.h:223
_TOKEN::DefaultDacl
PACL DefaultDacl
Definition: setypes.h:230
SepRmReferenceLogonSession
NTSTATUS SepRmReferenceLogonSession(_Inout_ PLUID LogonLuid)
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
_TOKEN::ParentTokenId
LUID ParentTokenId
Definition: setypes.h:212
_TOKEN::DefaultOwnerIndex
ULONG DefaultOwnerIndex
Definition: setypes.h:224
_TOKEN::VariableLength
ULONG VariableLength
Definition: setypes.h:221
PVOID
void * PVOID
Definition: retypes.h:9
_TOKEN::SessionId
ULONG SessionId
Definition: setypes.h:217
ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:951
_TOKEN::RestrictedSidCount
ULONG RestrictedSidCount
Definition: setypes.h:219
_TOKEN::DynamicPart
PULONG DynamicPart
Definition: setypes.h:229
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_TOKEN::PrimaryGroup
PSID PrimaryGroup
Definition: setypes.h:227
_TOKEN::ExpirationTime
LARGE_INTEGER ExpirationTime
Definition: setypes.h:213
ASSERT
#define ASSERT(a)
Definition: mode.c:44
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_TOKEN::RestrictedSids
PSID_AND_ATTRIBUTES RestrictedSids
Definition: setypes.h:226
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:231
TAG_TOKEN_DYNAMIC
#define TAG_TOKEN_DYNAMIC
Definition: tag.h:153
_TOKEN_SOURCE::SourceName
CCHAR SourceName[TOKEN_SOURCE_LENGTH]
Definition: imports.h:278
SepRemovePrivilegeToken
static VOID SepRemovePrivilegeToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a privilege from the token.
Definition: token.c:580
TOKEN_HAS_ADMIN_GROUP
#define TOKEN_HAS_ADMIN_GROUP
Definition: setypes.h:1160
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
_TOKEN::UserAndGroupCount
ULONG UserAndGroupCount
Definition: setypes.h:218
ExAllocateLocallyUniqueId
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_TOKEN::TokenId
LUID TokenId
Definition: setypes.h:210
NULL
#define NULL
Definition: types.h:112
DPRINT1
#define DPRINT1
Definition: precomp.h:8
RtlCopyLuid
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
_TOKEN::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:232
SepCreateTokenLock
static NTSTATUS SepCreateTokenLock(_Inout_ PTOKEN Token)
Creates a lock for the token.
Definition: token.c:89
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
ALIGN_UP_BY
#define ALIGN_UP_BY(size, align)
Definition: GetWindowPlacement.c:13
_TOKEN::UserAndGroups
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:225
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_TOKEN::TokenSource
TOKEN_SOURCE TokenSource
Definition: setypes.h:209
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:401
_TOKEN
Definition: setypes.h:207
TOKEN_SESSION_NOT_REFERENCED
#define TOKEN_SESSION_NOT_REFERENCED
Definition: setypes.h:1162
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89
SepRemoveUserGroupToken
static VOID SepRemoveUserGroupToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a group from the token.
Definition: token.c:617
_TOKEN::OriginatingLogonSession
LUID OriginatingLogonSession
Definition: setypes.h:238

Referenced by NtDuplicateToken(), NtOpenThreadTokenEx(), SeCopyClientToken(), and SeSubProcessToken().

◆ SepGetDaclFromDescriptor()

FORCEINLINE PACL SepGetDaclFromDescriptor ( _Inout_ PVOID  _Descriptor)

Definition at line 79 of file se.h.

81 {
82  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
83  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
84 
85  if (!(Descriptor->Control & SE_DACL_PRESENT)) return NULL;
86 
87  if (Descriptor->Control & SE_SELF_RELATIVE)
88  {
89  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
90  if (!SdRel->Dacl) return NULL;
91  return (PACL)((ULONG_PTR)Descriptor + SdRel->Dacl);
92  }
93  else
94  {
95  return Descriptor->Dacl;
96  }
97 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
Descriptor
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:812
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:814
_ACL
Definition: ms-dtyp.idl:293
_SECURITY_DESCRIPTOR_RELATIVE::Dacl
$ULONG Dacl
Definition: setypes.h:821
SE_DACL_PRESENT
#define SE_DACL_PRESENT
Definition: setypes.h:799
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
#define NULL
Definition: types.h:112
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetDaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SeFastTraverseCheck().

◆ SepGetGroupFromDescriptor()

FORCEINLINE PSID SepGetGroupFromDescriptor ( _Inout_ PVOID  _Descriptor)

Definition at line 39 of file se.h.

41 {
42  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
43  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
44 
45  if (Descriptor->Control & SE_SELF_RELATIVE)
46  {
47  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
48  if (!SdRel->Group) return NULL;
49  return (PSID)((ULONG_PTR)Descriptor + SdRel->Group);
50  }
51  else
52  {
53  return Descriptor->Group;
54  }
55 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
Descriptor
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:812
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:814
_SECURITY_DESCRIPTOR_RELATIVE::Group
$ULONG Group
Definition: setypes.h:819
_SID
Definition: ms-dtyp.idl:198
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
#define NULL
Definition: types.h:112
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetGroupSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SepAccessCheckAndAuditAlarm().

◆ SepGetOwnerFromDescriptor()

FORCEINLINE PSID SepGetOwnerFromDescriptor ( _Inout_ PVOID  _Descriptor)

Definition at line 59 of file se.h.

61 {
62  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
63  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
64 
65  if (Descriptor->Control & SE_SELF_RELATIVE)
66  {
67  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
68  if (!SdRel->Owner) return NULL;
69  return (PSID)((ULONG_PTR)Descriptor + SdRel->Owner);
70  }
71  else
72  {
73  return Descriptor->Owner;
74  }
75 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
Descriptor
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:812
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:814
_SID
Definition: ms-dtyp.idl:198
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
_SECURITY_DESCRIPTOR_RELATIVE::Owner
$ULONG Owner
Definition: setypes.h:818
NULL
#define NULL
Definition: types.h:112
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetOwnerSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), SepAccessCheckAndAuditAlarm(), and SepTokenIsOwner().

◆ SepGetSaclFromDescriptor()

FORCEINLINE PACL SepGetSaclFromDescriptor ( _Inout_ PVOID  _Descriptor)

Definition at line 101 of file se.h.

103 {
104  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
105  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
106 
107  if (!(Descriptor->Control & SE_SACL_PRESENT)) return NULL;
108 
109  if (Descriptor->Control & SE_SELF_RELATIVE)
110  {
111  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
112  if (!SdRel->Sacl) return NULL;
113  return (PACL)((ULONG_PTR)Descriptor + SdRel->Sacl);
114  }
115  else
116  {
117  return Descriptor->Sacl;
118  }
119 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SE_SACL_PRESENT
#define SE_SACL_PRESENT
Definition: setypes.h:801
_SECURITY_DESCRIPTOR_RELATIVE::Sacl
$ULONG Sacl
Definition: setypes.h:820
Descriptor
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:812
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:814
_ACL
Definition: ms-dtyp.idl:293
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
#define NULL
Definition: types.h:112
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetSaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), and SeCaptureSecurityDescriptor().

◆ SepInitDACLs()

BOOLEAN NTAPI SepInitDACLs ( VOID  )

Initializes known discretionary access control lists in the system upon kernel and Executive initialization procedure.

Returns
Returns TRUE if all the DACLs have been successfully initialized, FALSE otherwise.

Definition at line 38 of file acl.c.

39 {
40  ULONG AclLength;
41 
42  /* create PublicDefaultDacl */
43  AclLength = sizeof(ACL) +
44  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
45  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
46  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
47 
48  SePublicDefaultDacl = ExAllocatePoolWithTag(PagedPool,
49  AclLength,
50  TAG_ACL);
51  if (SePublicDefaultDacl == NULL)
52  return FALSE;
53 
54  RtlCreateAcl(SePublicDefaultDacl,
55  AclLength,
56  ACL_REVISION);
57 
58  RtlAddAccessAllowedAce(SePublicDefaultDacl,
59  ACL_REVISION,
60  GENERIC_EXECUTE,
61  SeWorldSid);
62 
63  RtlAddAccessAllowedAce(SePublicDefaultDacl,
64  ACL_REVISION,
65  GENERIC_ALL,
66  SeLocalSystemSid);
67 
68  RtlAddAccessAllowedAce(SePublicDefaultDacl,
69  ACL_REVISION,
70  GENERIC_ALL,
71  SeAliasAdminsSid);
72 
73  /* create PublicDefaultUnrestrictedDacl */
74  AclLength = sizeof(ACL) +
75  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
76  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
77  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
78  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
79 
80  SePublicDefaultUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
81  AclLength,
82  TAG_ACL);
83  if (SePublicDefaultUnrestrictedDacl == NULL)
84  return FALSE;
85 
86  RtlCreateAcl(SePublicDefaultUnrestrictedDacl,
87  AclLength,
88  ACL_REVISION);
89 
90  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
91  ACL_REVISION,
92  GENERIC_EXECUTE,
93  SeWorldSid);
94 
95  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
96  ACL_REVISION,
97  GENERIC_ALL,
98  SeLocalSystemSid);
99 
100  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
101  ACL_REVISION,
102  GENERIC_ALL,
103  SeAliasAdminsSid);
104 
105  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
106  ACL_REVISION,
107  GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
108  SeRestrictedCodeSid);
109 
110  /* create PublicOpenDacl */
111  AclLength = sizeof(ACL) +
112  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
113  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
114  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
115 
116  SePublicOpenDacl = ExAllocatePoolWithTag(PagedPool,
117  AclLength,
118  TAG_ACL);
119  if (SePublicOpenDacl == NULL)
120  return FALSE;
121 
122  RtlCreateAcl(SePublicOpenDacl,
123  AclLength,
124  ACL_REVISION);
125 
126  RtlAddAccessAllowedAce(SePublicOpenDacl,
127  ACL_REVISION,
128  GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE,
129  SeWorldSid);
130 
131  RtlAddAccessAllowedAce(SePublicOpenDacl,
132  ACL_REVISION,
133  GENERIC_ALL,
134  SeLocalSystemSid);
135 
136  RtlAddAccessAllowedAce(SePublicOpenDacl,
137  ACL_REVISION,
138  GENERIC_ALL,
139  SeAliasAdminsSid);
140 
141  /* create PublicOpenUnrestrictedDacl */
142  AclLength = sizeof(ACL) +
143  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
144  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
145  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
146  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
147 
148  SePublicOpenUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
149  AclLength,
150  TAG_ACL);
151  if (SePublicOpenUnrestrictedDacl == NULL)
152  return FALSE;
153 
154  RtlCreateAcl(SePublicOpenUnrestrictedDacl,
155  AclLength,
156  ACL_REVISION);
157 
158  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
159  ACL_REVISION,
160  GENERIC_ALL,
161  SeWorldSid);
162 
163  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
164  ACL_REVISION,
165  GENERIC_ALL,
166  SeLocalSystemSid);
167 
168  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
169  ACL_REVISION,
170  GENERIC_ALL,
171  SeAliasAdminsSid);
172 
173  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
174  ACL_REVISION,
175  GENERIC_READ | GENERIC_EXECUTE,
176  SeRestrictedCodeSid);
177 
178  /* create SystemDefaultDacl */
179  AclLength = sizeof(ACL) +
180  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
181  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
182 
183  SeSystemDefaultDacl = ExAllocatePoolWithTag(PagedPool,
184  AclLength,
185  TAG_ACL);
186  if (SeSystemDefaultDacl == NULL)
187  return FALSE;
188 
189  RtlCreateAcl(SeSystemDefaultDacl,
190  AclLength,
191  ACL_REVISION);
192 
193  RtlAddAccessAllowedAce(SeSystemDefaultDacl,
194  ACL_REVISION,
195  GENERIC_ALL,
196  SeLocalSystemSid);
197 
198  RtlAddAccessAllowedAce(SeSystemDefaultDacl,
199  ACL_REVISION,
200  GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
201  SeAliasAdminsSid);
202 
203  /* create UnrestrictedDacl */
204  AclLength = sizeof(ACL) +
205  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
206  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
207 
208  SeUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
209  AclLength,
210  TAG_ACL);
211  if (SeUnrestrictedDacl == NULL)
212  return FALSE;
213 
214  RtlCreateAcl(SeUnrestrictedDacl,
215  AclLength,
216  ACL_REVISION);
217 
218  RtlAddAccessAllowedAce(SeUnrestrictedDacl,
219  ACL_REVISION,
220  GENERIC_ALL,
221  SeWorldSid);
222 
223  RtlAddAccessAllowedAce(SeUnrestrictedDacl,
224  ACL_REVISION,
225  GENERIC_READ | GENERIC_EXECUTE,
226  SeRestrictedCodeSid);
227 
228  /* create SystemAnonymousLogonDacl */
229  AclLength = sizeof(ACL) +
230  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
231  (sizeof(ACE) + RtlLengthSid(SeAnonymousLogonSid));
232 
233  SeSystemAnonymousLogonDacl = ExAllocatePoolWithTag(PagedPool,
234  AclLength,
235  TAG_ACL);
236  if (SeSystemAnonymousLogonDacl == NULL)
237  return FALSE;
238 
239  RtlCreateAcl(SeSystemAnonymousLogonDacl,
240  AclLength,
241  ACL_REVISION);
242 
243  RtlAddAccessAllowedAce(SeSystemAnonymousLogonDacl,
244  ACL_REVISION,
245  GENERIC_ALL,
246  SeWorldSid);
247 
248  RtlAddAccessAllowedAce(SeSystemAnonymousLogonDacl,
249  ACL_REVISION,
250  GENERIC_ALL,
251  SeAnonymousLogonSid);
252 
253  return TRUE;
254 }
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:40
TRUE
#define TRUE
Definition: types.h:120
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:17
SePublicOpenDacl
PACL SePublicOpenDacl
Definition: acl.c:19
SeSystemAnonymousLogonDacl
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22
SePublicOpenUnrestrictedDacl
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:20
FALSE
#define FALSE
Definition: types.h:117
SeUnrestrictedDacl
PACL SeUnrestrictedDacl
Definition: acl.c:21
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
ACL
struct _ACL ACL
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41
SePublicDefaultUnrestrictedDacl
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:18
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
TAG_ACL
#define TAG_ACL
Definition: tag.h:146
SePublicDefaultDacl
PACL SePublicDefaultDacl
Definition: acl.c:16
RtlAddAccessAllowedAce
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
RtlCreateAcl
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
NULL
#define NULL
Definition: types.h:112
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:38
ULONG
unsigned int ULONG
Definition: retypes.h:1
SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: se.h:159
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
_ACE
Definition: rtltypes.h:990
AclLength
_In_ ULONG AclLength
Definition: rtlfuncs.h:1842

Referenced by SepInitializationPhase0().

◆ SepInitializeTokenImplementation()

VOID NTAPI SepInitializeTokenImplementation ( VOID  )

Internal function that initializes critical kernel data for access token implementation in SRM.

Returns
Nothing.

Definition at line 1576 of file token.c.

1577 {
1578  UNICODE_STRING Name;
1579  OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
1580 
1581  DPRINT("Creating Token Object Type\n");
1582 
1583  /* Initialize the Token type */
1584  RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
1585  RtlInitUnicodeString(&Name, L"Token");
1586  ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
1587  ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
1588  ObjectTypeInitializer.SecurityRequired = TRUE;
1589  ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(TOKEN);
1590  ObjectTypeInitializer.GenericMapping = SepTokenMapping;
1591  ObjectTypeInitializer.PoolType = PagedPool;
1592  ObjectTypeInitializer.ValidAccessMask = TOKEN_ALL_ACCESS;
1593  ObjectTypeInitializer.UseDefaultObject = TRUE;
1594  ObjectTypeInitializer.DeleteProcedure = SepDeleteToken;
1595  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SeTokenObjectType);
1596 }
OBJ_OPENLINK
#define OBJ_OPENLINK
Definition: winternl.h:230
ObCreateObjectType
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1047
_OBJECT_TYPE_INITIALIZER::ValidAccessMask
ULONG ValidAccessMask
Definition: obtypes.h:359
_OBJECT_TYPE_INITIALIZER::SecurityRequired
BOOLEAN SecurityRequired
Definition: obtypes.h:360
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_TYPE_INITIALIZER
Definition: obtypes.h:352
L
#define L(x)
Definition: ntvdm.h:50
Name
struct NameRec_ * Name
Definition: cdprocs.h:459
NameRec_
Definition: apinames.c:48
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
_OBJECT_TYPE_INITIALIZER::Length
USHORT Length
Definition: obtypes.h:354
_OBJECT_TYPE_INITIALIZER::PoolType
POOL_TYPE PoolType
Definition: obtypes.h:363
TOKEN_ALL_ACCESS
#define TOKEN_ALL_ACCESS
Definition: setypes.h:924
_OBJECT_TYPE_INITIALIZER::UseDefaultObject
BOOLEAN UseDefaultObject
Definition: obtypes.h:355
SepTokenMapping
static GENERIC_MAPPING SepTokenMapping
Definition: token.c:25
_OBJECT_TYPE_INITIALIZER::DefaultPagedPoolCharge
ULONG DefaultPagedPoolCharge
Definition: obtypes.h:364
_UNICODE_STRING
Definition: env_spec_w32.h:368
_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
NULL
#define NULL
Definition: types.h:112
SepDeleteToken
VOID NTAPI SepDeleteToken(_In_ PVOID ObjectBody)
Internal function that deals with access token object destruction and deletion. The function is used ...
Definition: token.c:1532
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
DPRINT
#define DPRINT
Definition: sndvol32.h:71
_OBJECT_TYPE_INITIALIZER::InvalidAttributes
ULONG InvalidAttributes
Definition: obtypes.h:357
_OBJECT_TYPE_INITIALIZER::DeleteProcedure
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
TOKEN
struct _TOKEN TOKEN

Referenced by SepInitializationPhase0().

◆ SepInitPrivileges()

VOID NTAPI SepInitPrivileges ( VOID  )

Initializes the privileges during the startup phase of the security manager module. This function serves as a placeholder as it currently does nothing.

Returns
Nothing.

Definition at line 71 of file priv.c.

72 {
73 
74 }

Referenced by SepInitializationPhase0().

◆ SepInitSDs()

BOOLEAN NTAPI SepInitSDs ( VOID  )

Initializes the known security descriptors in the system.

Returns
Returns TRUE if all the security descriptors have been initialized, FALSE otherwise.

Definition at line 37 of file sd.c.

38 {
39  /* Create PublicDefaultSd */
40  SePublicDefaultSd = ExAllocatePoolWithTag(PagedPool,
41  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
42  if (SePublicDefaultSd == NULL)
43  return FALSE;
44 
45  RtlCreateSecurityDescriptor(SePublicDefaultSd,
46  SECURITY_DESCRIPTOR_REVISION);
47  RtlSetDaclSecurityDescriptor(SePublicDefaultSd,
48  TRUE,
49  SePublicDefaultDacl,
50  FALSE);
51 
52  /* Create PublicDefaultUnrestrictedSd */
53  SePublicDefaultUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
54  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
55  if (SePublicDefaultUnrestrictedSd == NULL)
56  return FALSE;
57 
58  RtlCreateSecurityDescriptor(SePublicDefaultUnrestrictedSd,
59  SECURITY_DESCRIPTOR_REVISION);
60  RtlSetDaclSecurityDescriptor(SePublicDefaultUnrestrictedSd,
61  TRUE,
62  SePublicDefaultUnrestrictedDacl,
63  FALSE);
64 
65  /* Create PublicOpenSd */
66  SePublicOpenSd = ExAllocatePoolWithTag(PagedPool,
67  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
68  if (SePublicOpenSd == NULL)
69  return FALSE;
70 
71  RtlCreateSecurityDescriptor(SePublicOpenSd,
72  SECURITY_DESCRIPTOR_REVISION);
73  RtlSetDaclSecurityDescriptor(SePublicOpenSd,
74  TRUE,
75  SePublicOpenDacl,
76  FALSE);
77 
78  /* Create PublicOpenUnrestrictedSd */
79  SePublicOpenUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
80  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
81  if (SePublicOpenUnrestrictedSd == NULL)
82  return FALSE;
83 
84  RtlCreateSecurityDescriptor(SePublicOpenUnrestrictedSd,
85  SECURITY_DESCRIPTOR_REVISION);
86  RtlSetDaclSecurityDescriptor(SePublicOpenUnrestrictedSd,
87  TRUE,
88  SePublicOpenUnrestrictedDacl,
89  FALSE);
90 
91  /* Create SystemDefaultSd */
92  SeSystemDefaultSd = ExAllocatePoolWithTag(PagedPool,
93  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
94  if (SeSystemDefaultSd == NULL)
95  return FALSE;
96 
97  RtlCreateSecurityDescriptor(SeSystemDefaultSd,
98  SECURITY_DESCRIPTOR_REVISION);
99  RtlSetDaclSecurityDescriptor(SeSystemDefaultSd,
100  TRUE,
101  SeSystemDefaultDacl,
102  FALSE);
103 
104  /* Create UnrestrictedSd */
105  SeUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
106  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
107  if (SeUnrestrictedSd == NULL)
108  return FALSE;
109 
110  RtlCreateSecurityDescriptor(SeUnrestrictedSd,
111  SECURITY_DESCRIPTOR_REVISION);
112  RtlSetDaclSecurityDescriptor(SeUnrestrictedSd,
113  TRUE,
114  SeUnrestrictedDacl,
115  FALSE);
116 
117  /* Create SystemAnonymousLogonSd */
118  SeSystemAnonymousLogonSd = ExAllocatePoolWithTag(PagedPool,
119  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
120  if (SeSystemAnonymousLogonSd == NULL)
121  return FALSE;
122 
123  RtlCreateSecurityDescriptor(SeSystemAnonymousLogonSd,
124  SECURITY_DESCRIPTOR_REVISION);
125  RtlSetDaclSecurityDescriptor(SeSystemAnonymousLogonSd,
126  TRUE,
127  SeSystemAnonymousLogonDacl,
128  FALSE);
129 
130  return TRUE;
131 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SePublicDefaultUnrestrictedDacl
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:18
TRUE
#define TRUE
Definition: types.h:120
SePublicDefaultSd
PSECURITY_DESCRIPTOR SePublicDefaultSd
Definition: sd.c:16
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:17
SeUnrestrictedSd
PSECURITY_DESCRIPTOR SeUnrestrictedSd
Definition: sd.c:21
RtlCreateSecurityDescriptor
NTSTATUS NTAPI RtlCreateSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Revision)
Definition: sd.c:117
SePublicOpenSd
PSECURITY_DESCRIPTOR SePublicOpenSd
Definition: sd.c:18
RtlSetDaclSecurityDescriptor
NTSTATUS NTAPI RtlSetDaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN DaclPresent, IN PACL Dacl, IN BOOLEAN DaclDefaulted)
Definition: sd.c:303
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
SePublicOpenDacl
PACL SePublicOpenDacl
Definition: acl.c:19
TAG_SD
#define TAG_SD
Definition: tag.h:148
SePublicOpenUnrestrictedSd
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
Definition: sd.c:19
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SePublicDefaultUnrestrictedSd
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
Definition: sd.c:17
SePublicDefaultDacl
PACL SePublicDefaultDacl
Definition: acl.c:16
NULL
#define NULL
Definition: types.h:112
SeUnrestrictedDacl
PACL SeUnrestrictedDacl
Definition: acl.c:21
SePublicOpenUnrestrictedDacl
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:20
SeSystemAnonymousLogonSd
PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
Definition: sd.c:22
SeSystemDefaultSd
PSECURITY_DESCRIPTOR SeSystemDefaultSd
Definition: sd.c:20
SeSystemAnonymousLogonDacl
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22

Referenced by SepInitializationPhase0().

◆ SepInitSecurityIDs()

BOOLEAN NTAPI SepInitSecurityIDs ( VOID  )

Initializes all the SIDs known in the system.

Returns
Returns TRUE if all the SIDs have been initialized, FALSE otherwise.

Definition at line 115 of file sid.c.

116 {
117  ULONG SidLength0;
118  ULONG SidLength1;
119  ULONG SidLength2;
120  PULONG SubAuthority;
121 
122  SidLength0 = RtlLengthRequiredSid(0);
123  SidLength1 = RtlLengthRequiredSid(1);
124  SidLength2 = RtlLengthRequiredSid(2);
125 
126  /* create NullSid */
127  SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
128  SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
129  SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
130  SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
131  SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
132  SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
133  SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
134  SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0, TAG_SID);
135  SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
136  SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
137  SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
138  SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
139  SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
140  SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
141  SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
142  SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
143  SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
144  SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
145  SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
146  SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
147  SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
148  SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
149  SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
150  SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
151  SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
152  SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
153  SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
154  SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
155  SeLocalServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
156  SeNetworkServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
157 
158  if (SeNullSid == NULL || SeWorldSid == NULL ||
159  SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
160  SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
161  SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
162  SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
163  SeInteractiveSid == NULL || SeServiceSid == NULL ||
164  SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
165  SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
166  SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
167  SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
168  SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
169  SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
170  SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
171  SeAnonymousLogonSid == NULL || SeLocalServiceSid == NULL ||
172  SeNetworkServiceSid == NULL)
173  {
174  FreeInitializedSids();
175  return FALSE;
176  }
177 
178  RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
179  RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
180  RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
181  RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
182  RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
183  RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
184  RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
185  RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
186  RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
187  RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
188  RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
189  RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
190  RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
191  RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
192  RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
193  RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
194  RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
195  RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
196  RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
197  RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
198  RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
199  RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
200  RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
201  RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
202  RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
203  RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
204  RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
205  RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
206  RtlInitializeSid(SeLocalServiceSid, &SeNtSidAuthority, 1);
207  RtlInitializeSid(SeNetworkServiceSid, &SeNtSidAuthority, 1);
208 
209