ReactOS  0.4.14-dev-50-g13bb5e2
Classes | Macros | Typedefs | Functions | Variables
se.h File Reference

Go to the source code of this file.

Classes

struct  _KNOWN_ACE
 
struct  _KNOWN_OBJECT_ACE
 
struct  _KNOWN_COMPOUND_ACE
 

Macros

#define SepAcquireTokenLockExclusive(Token)
 
#define SepAcquireTokenLockShared(Token)
 
#define SepReleaseTokenLock(Token)
 

Typedefs

typedef struct _KNOWN_ACE KNOWN_ACE
 
typedef struct _KNOWN_ACEPKNOWN_ACE
 
typedef struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE
 
typedef struct _KNOWN_OBJECT_ACEPKNOWN_OBJECT_ACE
 
typedef struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE
 
typedef struct _KNOWN_COMPOUND_ACEPKNOWN_COMPOUND_ACE
 

Functions

FORCEINLINE PSID SepGetGroupFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PSID SepGetOwnerFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PACL SepGetDaclFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PACL SepGetSaclFromDescriptor (PVOID _Descriptor)
 
BOOLEAN NTAPI SepTokenIsOwner (IN PACCESS_TOKEN _Token, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN TokenLocked)
 
BOOLEAN NTAPI SepSidInToken (IN PACCESS_TOKEN _Token, IN PSID Sid)
 
BOOLEAN NTAPI SepSidInTokenEx (IN PACCESS_TOKEN _Token, IN PSID PrincipalSelfSid, IN PSID _Sid, IN BOOLEAN Deny, IN BOOLEAN Restricted)
 
INIT_FUNCTION BOOLEAN NTAPI SeInitSystem (VOID)
 
INIT_FUNCTION VOID NTAPI SepInitPrivileges (VOID)
 
INIT_FUNCTION BOOLEAN NTAPI SepInitSecurityIDs (VOID)
 
INIT_FUNCTION BOOLEAN NTAPI SepInitDACLs (VOID)
 
INIT_FUNCTION BOOLEAN NTAPI SepInitSDs (VOID)
 
BOOLEAN NTAPI SeRmInitPhase0 (VOID)
 
BOOLEAN NTAPI SeRmInitPhase1 (VOID)
 
VOID NTAPI SeDeassignPrimaryToken (struct _EPROCESS *Process)
 
NTSTATUS NTAPI SeSubProcessToken (IN PTOKEN Parent, OUT PTOKEN *Token, IN BOOLEAN InUse, IN ULONG SessionId)
 
NTSTATUS NTAPI SeInitializeProcessAuditName (IN PFILE_OBJECT FileObject, IN BOOLEAN DoAudit, OUT POBJECT_NAME_INFORMATION *AuditInfo)
 
NTSTATUS NTAPI SeCreateAccessStateEx (IN PETHREAD Thread, IN PEPROCESS Process, IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeIsTokenChild (IN PTOKEN Token, OUT PBOOLEAN IsChild)
 
NTSTATUS NTAPI SeIsTokenSibling (IN PTOKEN Token, OUT PBOOLEAN IsSibling)
 
NTSTATUS NTAPI SepCreateImpersonationTokenDacl (_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
 
INIT_FUNCTION VOID NTAPI SepInitializeTokenImplementation (VOID)
 
PTOKEN NTAPI SepCreateSystemProcessToken (VOID)
 
BOOLEAN NTAPI SeDetailedAuditingWithToken (IN PTOKEN Token)
 
VOID NTAPI SeAuditProcessExit (IN PEPROCESS Process)
 
VOID NTAPI SeAuditProcessCreate (IN PEPROCESS Process)
 
NTSTATUS NTAPI SeExchangePrimaryToken (_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
 
VOID NTAPI SeCaptureSubjectContextEx (IN PETHREAD Thread, IN PEPROCESS Process, OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
 
BOOLEAN NTAPI SepPrivilegeCheck (PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckPrivilegedObject (IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SepDuplicateToken (_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
 
NTSTATUS NTAPI SepCaptureSecurityQualityOfService (IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, OUT PBOOLEAN Present)
 
VOID NTAPI SepReleaseSecurityQualityOfService (IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SepCaptureSid (IN PSID InputSid, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSID *CapturedSid)
 
VOID NTAPI SepReleaseSid (IN PSID CapturedSid, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeCaptureSidAndAttributesArray (_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
 
VOID NTAPI SeReleaseSidAndAttributesArray (_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeComputeQuotaInformationSize (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PULONG QuotaInfoSize)
 
NTSTATUS NTAPI SepCaptureAcl (IN PACL InputAcl, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PACL *CapturedAcl)
 
VOID NTAPI SepReleaseAcl (IN PACL CapturedAcl, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS SepPropagateAcl (_Out_writes_bytes_opt_(DaclLength) PACL AclDest, _Inout_ PULONG AclLength, _In_reads_bytes_(AclSource->AclSize) PACL AclSource, _In_ PSID Owner, _In_ PSID Group, _In_ BOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 
PACL SepSelectAcl (_In_opt_ PACL ExplicitAcl, _In_ BOOLEAN ExplicitPresent, _In_ BOOLEAN ExplicitDefaulted, _In_opt_ PACL ParentAcl, _In_opt_ PACL DefaultAcl, _Out_ PULONG AclLength, _In_ PSID Owner, _In_ PSID Group, _Out_ PBOOLEAN AclPresent, _Out_ PBOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeDefaultObjectMethod (PVOID Object, SECURITY_OPERATION_CODE OperationType, PSECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR NewSecurityDescriptor, PULONG ReturnLength, PSECURITY_DESCRIPTOR *OldSecurityDescriptor, POOL_TYPE PoolType, PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeSetWorldSecurityDescriptor (SECURITY_INFORMATION SecurityInformation, PISECURITY_DESCRIPTOR SecurityDescriptor, PULONG BufferLength)
 
NTSTATUS NTAPI SeCopyClientToken (IN PACCESS_TOKEN Token, IN SECURITY_IMPERSONATION_LEVEL Level, IN KPROCESSOR_MODE PreviousMode, OUT PACCESS_TOKEN *NewToken)
 
VOID NTAPI SeQuerySecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
 
VOID NTAPI SeSetSecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
 
BOOLEAN NTAPI SeFastTraverseCheck (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PACCESS_STATE AccessState, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE AccessMode)
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 
VOID NTAPI SePrivilegedServiceAuditAlarm (_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
 
NTSTATUS SepRmReferenceLogonSession (PLUID LogonLuid)
 
NTSTATUS SepRmDereferenceLogonSession (PLUID LogonLuid)
 
NTSTATUS NTAPI SeGetLogonIdDeviceMap (IN PLUID LogonId, OUT PDEVICE_MAP *DeviceMap)
 

Variables

SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
 
PSID SeNullSid
 
PSID SeWorldSid
 
PSID SeLocalSid
 
PSID SeCreatorOwnerSid
 
PSID SeCreatorGroupSid
 
PSID SeCreatorOwnerServerSid
 
PSID SeCreatorGroupServerSid
 
PSID SeNtAuthoritySid
 
PSID SeDialupSid
 
PSID SeNetworkSid
 
PSID SeBatchSid
 
PSID SeInteractiveSid
 
PSID SeServiceSid
 
PSID SeAnonymousLogonSid
 
PSID SePrincipalSelfSid
 
PSID SeLocalSystemSid
 
PSID SeAuthenticatedUserSid
 
PSID SeRestrictedCodeSid
 
PSID SeAliasAdminsSid
 
PSID SeAliasUsersSid
 
PSID SeAliasGuestsSid
 
PSID SeAliasPowerUsersSid
 
PSID SeAliasAccountOpsSid
 
PSID SeAliasSystemOpsSid
 
PSID SeAliasPrintOpsSid
 
PSID SeAliasBackupOpsSid
 
PSID SeAuthenticatedUsersSid
 
PSID SeRestrictedSid
 
PSID SeLocalServiceSid
 
PSID SeNetworkServiceSid
 
const LUID SeCreateTokenPrivilege
 
const LUID SeAssignPrimaryTokenPrivilege
 
const LUID SeLockMemoryPrivilege
 
const LUID SeIncreaseQuotaPrivilege
 
const LUID SeUnsolicitedInputPrivilege
 
const LUID SeTcbPrivilege
 
const LUID SeSecurityPrivilege
 
const LUID SeTakeOwnershipPrivilege
 
const LUID SeLoadDriverPrivilege
 
const LUID SeSystemProfilePrivilege
 
const LUID SeSystemtimePrivilege
 
const LUID SeProfileSingleProcessPrivilege
 
const LUID SeIncreaseBasePriorityPrivilege
 
const LUID SeCreatePagefilePrivilege
 
const LUID SeCreatePermanentPrivilege
 
const LUID SeBackupPrivilege
 
const LUID SeRestorePrivilege
 
const LUID SeShutdownPrivilege
 
const LUID SeDebugPrivilege
 
const LUID SeAuditPrivilege
 
const LUID SeSystemEnvironmentPrivilege
 
const LUID SeChangeNotifyPrivilege
 
const LUID SeRemoteShutdownPrivilege
 
const LUID SeUndockPrivilege
 
const LUID SeSyncAgentPrivilege
 
const LUID SeEnableDelegationPrivilege
 
const LUID SeManageVolumePrivilege
 
const LUID SeImpersonatePrivilege
 
const LUID SeCreateGlobalPrivilege
 
const LUID SeTrustedCredmanPrivilege
 
const LUID SeRelabelPrivilege
 
const LUID SeIncreaseWorkingSetPrivilege
 
const LUID SeTimeZonePrivilege
 
const LUID SeCreateSymbolicLinkPrivilege
 
PACL SePublicDefaultUnrestrictedDacl
 
PACL SePublicOpenDacl
 
PACL SePublicOpenUnrestrictedDacl
 
PACL SeUnrestrictedDacl
 
PSECURITY_DESCRIPTOR SePublicDefaultSd
 
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
 
PSECURITY_DESCRIPTOR SePublicOpenSd
 
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
 
PSECURITY_DESCRIPTOR SeSystemDefaultSd
 
PSECURITY_DESCRIPTOR SeUnrestrictedSd
 

Macro Definition Documentation

◆ SepAcquireTokenLockExclusive

#define SepAcquireTokenLockExclusive (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceExclusiveLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:151

Definition at line 200 of file se.h.

◆ SepAcquireTokenLockShared

#define SepAcquireTokenLockShared (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceSharedLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:151

Definition at line 205 of file se.h.

◆ SepReleaseTokenLock

#define SepReleaseTokenLock (   Token)
Value:
{ \
ExReleaseResourceLite(((PTOKEN)Token)->TokenLock); \
KeLeaveCriticalRegion(); \
}
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_TOKEN
Definition: setypes.h:151

Definition at line 211 of file se.h.

Typedef Documentation

◆ KNOWN_ACE

typedef struct _KNOWN_ACE KNOWN_ACE

◆ KNOWN_COMPOUND_ACE

typedef struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE

◆ KNOWN_OBJECT_ACE

typedef struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE

◆ PKNOWN_ACE

typedef struct _KNOWN_ACE * PKNOWN_ACE

◆ PKNOWN_COMPOUND_ACE

typedef struct _KNOWN_COMPOUND_ACE * PKNOWN_COMPOUND_ACE

◆ PKNOWN_OBJECT_ACE

typedef struct _KNOWN_OBJECT_ACE * PKNOWN_OBJECT_ACE

Function Documentation

◆ SeAuditProcessCreate()

VOID NTAPI SeAuditProcessCreate ( IN PEPROCESS  Process)

Definition at line 33 of file audit.c.

34 {
35  /* FIXME */
36 }

Referenced by PspCreateProcess().

◆ SeAuditProcessExit()

VOID NTAPI SeAuditProcessExit ( IN PEPROCESS  Process)

Definition at line 40 of file audit.c.

41 {
42  /* FIXME */
43 }

Referenced by PspExitThread().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Src,
ULONG  PrivilegeCount,
KPROCESSOR_MODE  PreviousMode,
PLUID_AND_ATTRIBUTES  AllocatedMem,
ULONG  AllocatedLength,
POOL_TYPE  PoolType,
BOOLEAN  CaptureIfKernel,
PLUID_AND_ATTRIBUTES Dest,
PULONG  Length 
)

Definition at line 291 of file priv.c.

300 {
301  ULONG BufferSize;
302  NTSTATUS Status = STATUS_SUCCESS;
303 
304  PAGED_CODE();
305 
306  if (PrivilegeCount == 0)
307  {
308  *Dest = 0;
309  *Length = 0;
310  return STATUS_SUCCESS;
311  }
312 
313  if (PreviousMode == KernelMode && !CaptureIfKernel)
314  {
315  *Dest = Src;
316  return STATUS_SUCCESS;
317  }
318 
319  /* FIXME - check PrivilegeCount for a valid number so we don't
320  cause an integer overflow or exhaust system resources! */
321 
322  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
323  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
324 
325  /* probe the buffer */
326  if (PreviousMode != KernelMode)
327  {
328  _SEH2_TRY
329  {
330  ProbeForRead(Src,
331  BufferSize,
332  sizeof(ULONG));
333  }
334  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
335  {
336  /* Return the exception code */
337  _SEH2_YIELD(return _SEH2_GetExceptionCode());
338  }
339  _SEH2_END;
340  }
341 
342  /* allocate enough memory or check if the provided buffer is
343  large enough to hold the array */
344  if (AllocatedMem != NULL)
345  {
346  if (AllocatedLength < BufferSize)
347  {
348  return STATUS_BUFFER_TOO_SMALL;
349  }
350 
351  *Dest = AllocatedMem;
352  }
353  else
354  {
355  *Dest = ExAllocatePoolWithTag(PoolType,
356  BufferSize,
357  TAG_LUID);
358  if (*Dest == NULL)
359  {
360  return STATUS_INSUFFICIENT_RESOURCES;
361  }
362  }
363 
364  /* copy the array to the buffer */
365  _SEH2_TRY
366  {
367  RtlCopyMemory(*Dest,
368  Src,
369  BufferSize);
370  }
371  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
372  {
373  Status = _SEH2_GetExceptionCode();
374  }
375  _SEH2_END;
376 
377  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
378  {
379  ExFreePoolWithTag(*Dest, TAG_LUID);
380  }
381 
382  return Status;
383 }
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ROUND_UP
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NULL
smooth NULL
Definition: ftsmooth.c:416
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
TAG_LUID
#define TAG_LUID
Definition: tag.h:178
BufferSize
#define BufferSize
Definition: classpnp.h:419
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Status
Definition: gdiplustypes.h:24
_SEH2_END
_SEH2_END
Definition: create.c:4424
ULONG
unsigned int ULONG
Definition: retypes.h:1
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeCaptureSidAndAttributesArray()

NTSTATUS NTAPI SeCaptureSidAndAttributesArray ( _In_ PSID_AND_ATTRIBUTES  SrcSidAndAttributes,
_In_ ULONG  AttributeCount,
_In_ KPROCESSOR_MODE  PreviousMode,
_In_opt_ PVOID  AllocatedMem,
_In_ ULONG  AllocatedLength,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
_Out_ PULONG  ResultLength 
)

Definition at line 358 of file sid.c.

368 {
369  ULONG ArraySize, RequiredLength, SidLength, i;
370  PSID_AND_ATTRIBUTES SidAndAttributes;
371  PUCHAR CurrentDest;
372  PISID Sid;
373  NTSTATUS Status;
374  PAGED_CODE();
375 
376  *CapturedSidAndAttributes = NULL;
377  *ResultLength = 0;
378 
379  if (AttributeCount == 0)
380  {
381  return STATUS_SUCCESS;
382  }
383 
384  if (AttributeCount > 0x1000)
385  {
386  return STATUS_INVALID_PARAMETER;
387  }
388 
389  if ((PreviousMode == KernelMode) && !CaptureIfKernel)
390  {
391  *CapturedSidAndAttributes = SrcSidAndAttributes;
392  return STATUS_SUCCESS;
393  }
394 
395  ArraySize = AttributeCount * sizeof(SID_AND_ATTRIBUTES);
396  RequiredLength = ALIGN_UP_BY(ArraySize, sizeof(ULONG));
397 
398  /* Check for user mode data */
399  if (PreviousMode != KernelMode)
400  {
401  _SEH2_TRY
402  {
403  /* First probe the whole array */
404  ProbeForRead(SrcSidAndAttributes, ArraySize, sizeof(ULONG));
405 
406  /* Loop the array elements */
407  for (i = 0; i < AttributeCount; i++)
408  {
409  /* Get the SID and probe the minimal structure */
410  Sid = SrcSidAndAttributes[i].Sid;
411  ProbeForRead(Sid, sizeof(*Sid), sizeof(ULONG));
412 
413  /* Verify that the SID is valid */
414  if (((Sid->Revision & 0xF) != SID_REVISION) ||
415  (Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES))
416  {
417  _SEH2_YIELD(return STATUS_INVALID_SID);
418  }
419 
420  /* Calculate the SID length and probe the full SID */
421  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
422  ProbeForRead(Sid, SidLength, sizeof(ULONG));
423 
424  /* Add the aligned length to the required length */
425  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
426  }
427  }
428  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
429  {
430  _SEH2_YIELD(return _SEH2_GetExceptionCode());
431  }
432  _SEH2_END;
433  }
434  else
435  {
436  /* Loop the array elements */
437  for (i = 0; i < AttributeCount; i++)
438  {
439  /* Get the SID and it's length */
440  Sid = SrcSidAndAttributes[i].Sid;
441  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
442 
443  /* Add the aligned length to the required length */
444  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
445  }
446  }
447 
448  /* Assume success */
449  Status = STATUS_SUCCESS;
450  *ResultLength = RequiredLength;
451 
452  /* Check if we have no buffer */
453  if (AllocatedMem == NULL)
454  {
455  /* Allocate a new buffer */
456  SidAndAttributes = ExAllocatePoolWithTag(PoolType,
457  RequiredLength,
458  TAG_SID_AND_ATTRIBUTES);
459  if (SidAndAttributes == NULL)
460  {
461  return STATUS_INSUFFICIENT_RESOURCES;
462  }
463  }
464  /* Otherwise check if the buffer is large enough */
465  else if (AllocatedLength >= RequiredLength)
466  {
467  /* Buffer is large enough, use it */
468  SidAndAttributes = AllocatedMem;
469  }
470  else
471  {
472  /* Buffer is too small, fail */
473  return STATUS_BUFFER_TOO_SMALL;
474  }
475 
476  *CapturedSidAndAttributes = SidAndAttributes;
477 
478  /* Check again for user mode */
479  if (PreviousMode != KernelMode)
480  {
481  _SEH2_TRY
482  {
483  /* The rest of the data starts after the array */
484  CurrentDest = (PUCHAR)SidAndAttributes;
485  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
486 
487  /* Loop the array elements */
488  for (i = 0; i < AttributeCount; i++)
489  {
490  /* Get the SID and it's length */
491  Sid = SrcSidAndAttributes[i].Sid;
492  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
493 
494  /* Copy attributes */
495  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
496 
497  /* Copy the SID to the current destination address */
498  SidAndAttributes[i].Sid = (PSID)CurrentDest;
499  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
500 
501  /* Sanity checks */
502  ASSERT(RtlLengthSid(SidAndAttributes[i].Sid) == SidLength);
503  ASSERT(RtlValidSid(SidAndAttributes[i].Sid));
504 
505  /* Update the current destination address */
506  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
507  }
508  }
509  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
510  {
511  Status = _SEH2_GetExceptionCode();
512  }
513  _SEH2_END;
514  }
515  else
516  {
517  /* The rest of the data starts after the array */
518  CurrentDest = (PUCHAR)SidAndAttributes;
519  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
520 
521  /* Loop the array elements */
522  for (i = 0; i < AttributeCount; i++)
523  {
524  /* Get the SID and it's length */
525  Sid = SrcSidAndAttributes[i].Sid;
526  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
527 
528  /* Copy attributes */
529  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
530 
531  /* Copy the SID to the current destination address */
532  SidAndAttributes[i].Sid = (PSID)CurrentDest;
533  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
534 
535  /* Update the current destination address */
536  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
537  }
538  }
539 
540  /* Check for failure */
541  if (!NT_SUCCESS(Status))
542  {
543  /* Check if we allocated a new array */
544  if (SidAndAttributes != AllocatedMem)
545  {
546  /* Free the array */
547  ExFreePoolWithTag(SidAndAttributes, TAG_SID_AND_ATTRIBUTES);
548  }
549 
550  /* Set returned address to NULL */
551  *CapturedSidAndAttributes = NULL ;
552  }
553 
554  return Status;
555 }
ResultLength
IN CINT OUT PVOID IN ULONG OUT PULONG ResultLength
Definition: conport.c:47
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478
_SID
Definition: ms-dtyp.idl:198
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
SID_REVISION
#define SID_REVISION
Definition: setypes.h:453
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
SID_MAX_SUB_AUTHORITIES
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:454
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlLengthSid
ULONG NTAPI RtlLengthSid(IN PSID Sid_)
Definition: sid.c:150
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
STATUS_INVALID_SID
#define STATUS_INVALID_SID
Definition: ntstatus.h:342
RtlValidSid
BOOLEAN NTAPI RtlValidSid(IN PSID Sid_)
Definition: sid.c:21
TAG_SID_AND_ATTRIBUTES
#define TAG_SID_AND_ATTRIBUTES
Definition: sid.c:16
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_SID_AND_ATTRIBUTES
Definition: setypes.h:474
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
PSID
struct _SID * PSID
Definition: eventlog.c:35
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
Status
Status
Definition: gdiplustypes.h:24
_SEH2_END
_SEH2_END
Definition: create.c:4424
RequiredLength
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:480
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
ULONG
unsigned int ULONG
Definition: retypes.h:1
ALIGN_UP_BY
#define ALIGN_UP_BY(size, align)
Definition: GetWindowPlacement.c:13
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444

Referenced by NtCreateToken().

◆ SeCaptureSubjectContextEx()

VOID NTAPI SeCaptureSubjectContextEx ( IN PETHREAD  Thread,
IN PEPROCESS  Process,
OUT PSECURITY_SUBJECT_CONTEXT  SubjectContext 
)

Definition at line 266 of file access.c.

269 {
270  BOOLEAN CopyOnOpen, EffectiveOnly;
271 
272  PAGED_CODE();
273 
274  /* Save the unique ID */
275  SubjectContext->ProcessAuditId = Process->UniqueProcessId;
276 
277  /* Check if we have a thread */
278  if (!Thread)
279  {
280  /* We don't, so no token */
281  SubjectContext->ClientToken = NULL;
282  }
283  else
284  {
285  /* Get the impersonation token */
286  SubjectContext->ClientToken = PsReferenceImpersonationToken(Thread,
287  &CopyOnOpen,
288  &EffectiveOnly,
289  &SubjectContext->ImpersonationLevel);
290  }
291 
292  /* Get the primary token */
293  SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
294 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:782
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:417

Referenced by SeCaptureSubjectContext(), and SeCreateAccessStateEx().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 257 of file priv.c.

260 {
261  PRIVILEGE_SET PrivilegeSet;
262  BOOLEAN Result;
263  PAGED_CODE();
264 
265  /* Initialize the privilege set with the single privilege */
266  PrivilegeSet.PrivilegeCount = 1;
267  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
268  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
269  PrivilegeSet.Privilege[0].Attributes = 0;
270 
271  /* Check against the primary token! */
272  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
273  &PrivilegeSet.Privilege[0],
274  1,
275  PRIVILEGE_SET_ALL_NECESSARY,
276  PreviousMode);
277 
278  if (PreviousMode != KernelMode)
279  {
280  SePrivilegedServiceAuditAlarm(NULL,
281  SubjectContext,
282  &PrivilegeSet,
283  Result);
284  }
285 
286  return Result;
287 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_PRIVILEGE_SET
Definition: setypes.h:85
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:42
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( IN LUID  PrivilegeValue,
IN HANDLE  ObjectHandle,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 560 of file priv.c.

564 {
565  SECURITY_SUBJECT_CONTEXT SubjectContext;
566  PRIVILEGE_SET Priv;
567  BOOLEAN Result;
568 
569  PAGED_CODE();
570 
571  SeCaptureSubjectContext(&SubjectContext);
572 
573  Priv.PrivilegeCount = 1;
574  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
575  Priv.Privilege[0].Luid = PrivilegeValue;
576  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
577 
578  Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
579  if (PreviousMode != KernelMode)
580  {
581 #if 0
582  SePrivilegeObjectAuditAlarm(ObjectHandle,
583  &SubjectContext,
584  DesiredAccess,
585  &PrivilegeValue,
586  Result,
587  PreviousMode);
588 #endif
589  }
590 
591  SeReleaseSubjectContext(&SubjectContext);
592 
593  return Result;
594 }
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:491
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
SePrivilegeObjectAuditAlarm
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
Definition: audit.c:845
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74

Referenced by NtSetInformationProcess().

◆ SeComputeQuotaInformationSize()

NTSTATUS NTAPI SeComputeQuotaInformationSize ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_Out_ PULONG  QuotaInfoSize 
)

Referenced by ObpCaptureObjectCreateInformation().

◆ SeCopyClientToken()

NTSTATUS NTAPI SeCopyClientToken ( IN PACCESS_TOKEN  Token,
IN SECURITY_IMPERSONATION_LEVEL  Level,
IN KPROCESSOR_MODE  PreviousMode,
OUT PACCESS_TOKEN NewToken 
)

Definition at line 788 of file token.c.

792 {
793  NTSTATUS Status;
794  OBJECT_ATTRIBUTES ObjectAttributes;
795 
796  PAGED_CODE();
797 
798  InitializeObjectAttributes(&ObjectAttributes,
799  NULL,
800  0,
801  NULL,
802  NULL);
803 
804  Status = SepDuplicateToken(Token,
805  &ObjectAttributes,
806  FALSE,
807  TokenImpersonation,
808  Level,
809  PreviousMode,
810  (PTOKEN*)NewToken);
811 
812  return Status;
813 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Level
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
SepDuplicateToken
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Definition: token.c:441
NULL
smooth NULL
Definition: ftsmooth.c:416
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
Status
Status
Definition: gdiplustypes.h:24
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_TOKEN
Definition: setypes.h:151

Referenced by SepCreateClientSecurity().

◆ SeCreateAccessStateEx()

NTSTATUS NTAPI SeCreateAccessStateEx ( IN PETHREAD  Thread,
IN PEPROCESS  Process,
IN OUT PACCESS_STATE  AccessState,
IN PAUX_ACCESS_DATA  AuxData,
IN ACCESS_MASK  Access,
IN PGENERIC_MAPPING  GenericMapping 
)

Definition at line 378 of file access.c.

384 {
385  ACCESS_MASK AccessMask = Access;
386  PTOKEN Token;
387  PAGED_CODE();
388 
389  /* Map the Generic Acess to Specific Access if we have a Mapping */
390  if ((Access & GENERIC_ACCESS) && (GenericMapping))
391  {
392  RtlMapGenericMask(&AccessMask, GenericMapping);
393  }
394 
395  /* Initialize the Access State */
396  RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
397  ASSERT(AccessState->SecurityDescriptor == NULL);
398  ASSERT(AccessState->PrivilegesAllocated == FALSE);
399 
400  /* Initialize and save aux data */
401  RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
402  AccessState->AuxData = AuxData;
403 
404  /* Capture the Subject Context */
405  SeCaptureSubjectContextEx(Thread,
406  Process,
407  &AccessState->SubjectSecurityContext);
408 
409  /* Set Access State Data */
410  AccessState->RemainingDesiredAccess = AccessMask;
411  AccessState->OriginalDesiredAccess = AccessMask;
412  ExAllocateLocallyUniqueId(&AccessState->OperationID);
413 
414  /* Get the Token to use */
415  Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
416 
417  /* Check for Travers Privilege */
418  if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
419  {
420  /* Preserve the Traverse Privilege */
421  AccessState->Flags = TOKEN_HAS_TRAVERSE_PRIVILEGE;
422  }
423 
424  /* Set the Auxiliary Data */
425  AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
426  FIELD_OFFSET(ACCESS_STATE,
427  Privileges));
428  if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
429 
430  /* Return Sucess */
431  return STATUS_SUCCESS;
432 }
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
GENERIC_ACCESS
#define GENERIC_ACCESS
Definition: wlx.c:26
TOKEN_HAS_TRAVERSE_PRIVILEGE
#define TOKEN_HAS_TRAVERSE_PRIVILEGE
Definition: setypes.h:1124
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
SeCaptureSubjectContextEx
VOID NTAPI SeCaptureSubjectContextEx(IN PETHREAD Thread, IN PEPROCESS Process, OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:266
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
NULL
smooth NULL
Definition: ftsmooth.c:416
_ACCESS_STATE
Definition: setypes.h:196
RtlMapGenericMask
VOID NTAPI RtlMapGenericMask(IN OUT PACCESS_MASK AccessMask, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:50
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
SeQuerySubjectContextToken
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
_AUX_ACCESS_DATA
Definition: setypes.h:185
PPRIVILEGE_SET
struct _PRIVILEGE_SET * PPRIVILEGE_SET
ExAllocateLocallyUniqueId
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:340
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_TOKEN
Definition: setypes.h:151
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by PspCreateProcess(), PspCreateThread(), and SeCreateAccessState().

◆ SeDeassignPrimaryToken()

VOID NTAPI SeDeassignPrimaryToken ( struct _EPROCESS Process)

Referenced by PspDeleteProcessSecurity().

◆ SeDefaultObjectMethod()

NTSTATUS NTAPI SeDefaultObjectMethod ( PVOID  Object,
SECURITY_OPERATION_CODE  OperationType,
PSECURITY_INFORMATION  SecurityInformation,
PSECURITY_DESCRIPTOR  NewSecurityDescriptor,
PULONG  ReturnLength,
PSECURITY_DESCRIPTOR OldSecurityDescriptor,
POOL_TYPE  PoolType,
PGENERIC_MAPPING  GenericMapping 
)

◆ SeDetailedAuditingWithToken()

BOOLEAN NTAPI SeDetailedAuditingWithToken ( IN PTOKEN  Token)

Definition at line 25 of file audit.c.

26 {
27  /* FIXME */
28  return FALSE;
29 }

Referenced by ObInitProcess(), PspCreateProcess(), and PspExitThread().

◆ SeExchangePrimaryToken()

NTSTATUS NTAPI SeExchangePrimaryToken ( _In_ PEPROCESS  Process,
_In_ PACCESS_TOKEN  NewAccessToken,
_Out_ PACCESS_TOKEN OldAccessToken 
)

Definition at line 234 of file token.c.

238 {
239  PTOKEN OldToken;
240  PTOKEN NewToken = (PTOKEN)NewAccessToken;
241 
242  PAGED_CODE();
243 
244  if (NewToken->TokenType != TokenPrimary)
245  return STATUS_BAD_TOKEN_TYPE;
246 
247  if (NewToken->TokenInUse)
248  {
249  BOOLEAN IsEqual;
250  NTSTATUS Status;
251 
252  /* Maybe we're trying to set the same token */
253  OldToken = PsReferencePrimaryToken(Process);
254  if (OldToken == NewToken)
255  {
256  /* So it's a nop. */
257  *OldAccessToken = OldToken;
258  return STATUS_SUCCESS;
259  }
260 
261  Status = SepCompareTokens(OldToken, NewToken, &IsEqual);
262  if (!NT_SUCCESS(Status))
263  {
264  PsDereferencePrimaryToken(OldToken);
265  *OldAccessToken = NULL;
266  return Status;
267  }
268 
269  if (!IsEqual)
270  {
271  PsDereferencePrimaryToken(OldToken);
272  *OldAccessToken = NULL;
273  return STATUS_TOKEN_ALREADY_IN_USE;
274  }
275  /* Silently return STATUS_SUCCESS but do not set the new token,
276  * as it's already in use elsewhere. */
277  *OldAccessToken = OldToken;
278  return STATUS_SUCCESS;
279  }
280 
281  /* Lock the new token */
282  SepAcquireTokenLockExclusive(NewToken);
283 
284  /* Mark new token in use */
285  NewToken->TokenInUse = TRUE;
286 
287  // TODO: Set a correct SessionId for NewToken
288 
289  /* Unlock the new token */
290  SepReleaseTokenLock(NewToken);
291 
292  /* Reference the new token */
293  ObReferenceObject(NewToken);
294 
295  /* Replace the old with the new */
296  OldToken = ObFastReplaceObject(&Process->Token, NewToken);
297 
298  /* Lock the old token */
299  SepAcquireTokenLockExclusive(OldToken);
300 
301  /* Mark the old token as free */
302  OldToken->TokenInUse = FALSE;
303 
304  /* Unlock the old token */
305  SepReleaseTokenLock(OldToken);
306 
307  *OldAccessToken = (PACCESS_TOKEN)OldToken;
308  return STATUS_SUCCESS;
309 }
_TOKEN::TokenType
TOKEN_TYPE TokenType
Definition: setypes.h:175
SepAcquireTokenLockExclusive
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:200
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
PACCESS_TOKEN
PVOID PACCESS_TOKEN
Definition: setypes.h:11
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
STATUS_BAD_TOKEN_TYPE
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:390
NULL
smooth NULL
Definition: ftsmooth.c:416
ObFastReplaceObject
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_TOKEN::TokenInUse
BOOLEAN TokenInUse
Definition: setypes.h:178
STATUS_TOKEN_ALREADY_IN_USE
#define STATUS_TOKEN_ALREADY_IN_USE
Definition: ntstatus.h:521
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:211
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
Status
Status
Definition: gdiplustypes.h:24
PTOKEN
struct _TOKEN * PTOKEN
PsDereferencePrimaryToken
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:835
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
SepCompareTokens
static NTSTATUS SepCompareTokens(IN PTOKEN FirstToken, IN PTOKEN SecondToken, OUT PBOOLEAN Equal)
Definition: token.c:92
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_TOKEN
Definition: setypes.h:151

Referenced by PspAssignPrimaryToken().

◆ SeFastTraverseCheck()

BOOLEAN NTAPI SeFastTraverseCheck ( IN PSECURITY_DESCRIPTOR  SecurityDescriptor,
IN PACCESS_STATE  AccessState,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  AccessMode 
)

Definition at line 460 of file accesschk.c.

464 {
465  PACL Dacl;
466  ULONG AceIndex;
467  PKNOWN_ACE Ace;
468 
469  PAGED_CODE();
470 
471  ASSERT(AccessMode != KernelMode);
472 
473  if (SecurityDescriptor == NULL)
474  return FALSE;
475 
476  /* Get DACL */
477  Dacl = SepGetDaclFromDescriptor(SecurityDescriptor);
478  /* If no DACL, grant access */
479  if (Dacl == NULL)
480  return TRUE;
481 
482  /* No ACE -> Deny */
483  if (!Dacl->AceCount)
484  return FALSE;
485 
486  /* Can't perform the check on restricted token */
487  if (AccessState->Flags & TOKEN_IS_RESTRICTED)
488  return FALSE;
489 
490  /* Browse the ACEs */
491  for (AceIndex = 0, Ace = (PKNOWN_ACE)((ULONG_PTR)Dacl + sizeof(ACL));
492  AceIndex < Dacl->AceCount;
493  AceIndex++, Ace = (PKNOWN_ACE)((ULONG_PTR)Ace + Ace->Header.AceSize))
494  {
495  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
496  continue;
497 
498  /* If access-allowed ACE */
499  if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
500  {
501  /* Check if all accesses are granted */
502  if (!(Ace->Mask & DesiredAccess))
503  continue;
504 
505  /* Check SID and grant access if matching */
506  if (RtlEqualSid(SeWorldSid, &(Ace->SidStart)))
507  return TRUE;
508  }
509  /* If access-denied ACE */
510  else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
511  {
512  /* Here, only check if it denies any access wanted and deny if so */
513  if (Ace->Mask & DesiredAccess)
514  return FALSE;
515  }
516  }
517 
518  /* Faulty, deny */
519  return FALSE;
520 }
PKNOWN_ACE
struct _KNOWN_ACE * PKNOWN_ACE
TRUE
#define TRUE
Definition: types.h:120
_KNOWN_ACE
Definition: se.h:3
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
Ace
Definition: card.h:12
NULL
smooth NULL
Definition: ftsmooth.c:416
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:685
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1864
SeWorldSid
PSID SeWorldSid
Definition: sid.c:31
SepGetDaclFromDescriptor
FORCEINLINE PACL SepGetDaclFromDescriptor(PVOID _Descriptor)
Definition: se.h:67
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
ULONG
unsigned int ULONG
Definition: retypes.h:1
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:717
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
TOKEN_IS_RESTRICTED
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1129

Referenced by IopParseDevice(), and ObpCheckTraverseAccess().

◆ SeGetLogonIdDeviceMap()

NTSTATUS NTAPI SeGetLogonIdDeviceMap ( IN PLUID  LogonId,
OUT PDEVICE_MAP DeviceMap 
)

Definition at line 966 of file srm.c.

970 {
971  NTSTATUS Status;
972  WCHAR Buffer[63];
973  PDEVICE_MAP LocalMap;
974  HANDLE DirectoryHandle, LinkHandle;
975  OBJECT_ATTRIBUTES ObjectAttributes;
976  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
977  UNICODE_STRING DirectoryName, LinkName, TargetName;
978 
979  PAGED_CODE();
980 
981  if (LogonId == NULL ||
982  DeviceMap == NULL)
983  {
984  return STATUS_INVALID_PARAMETER;
985  }
986 
987  /* Acquire the database lock */
988  KeAcquireGuardedMutex(&SepRmDbLock);
989 
990  /* Loop all existing sessions */
991  for (CurrentSession = SepLogonSessions;
992  CurrentSession != NULL;
993  CurrentSession = CurrentSession->Next)
994  {
995  /* Check if the LUID matches the provided one */
996  if (RtlEqualLuid(&CurrentSession->LogonId, LogonId))
997  {
998  break;
999  }
1000  }
1001 
1002  /* No session found, fail */
1003  if (CurrentSession == NULL)
1004  {
1005  /* Release the database lock */
1006  KeReleaseGuardedMutex(&SepRmDbLock);
1007 
1008  return STATUS_NO_SUCH_LOGON_SESSION;
1009  }
1010 
1011  /* The found session has a device map, return it! */
1012  if (CurrentSession->pDeviceMap != NULL)
1013  {
1014  *DeviceMap = CurrentSession->pDeviceMap;
1015 
1016  /* Release the database lock */
1017  KeReleaseGuardedMutex(&SepRmDbLock);
1018 
1019  return STATUS_SUCCESS;
1020  }
1021 
1022  /* At that point, we'll setup a new device map for the session */
1023  LocalMap = NULL;
1024 
1025  /* Reference the session so that it doesn't go away */
1026  CurrentSession->ReferenceCount += 1;
1027 
1028  /* Release the database lock */
1029  KeReleaseGuardedMutex(&SepRmDbLock);
1030 
1031  /* Create our object directory given the LUID */
1032  _snwprintf(Buffer,
1033  sizeof(Buffer) / sizeof(WCHAR),
1034  L"\\Sessions\\0\\DosDevices\\%08x-%08x",
1035  LogonId->HighPart,
1036  LogonId->LowPart);
1037  RtlInitUnicodeString(&DirectoryName, Buffer);
1038 
1039  InitializeObjectAttributes(&ObjectAttributes,
1040  &DirectoryName,
1041  OBJ_KERNEL_HANDLE | OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
1042  NULL,
1043  NULL);
1044  Status = ZwCreateDirectoryObject(&DirectoryHandle,
1045  DIRECTORY_ALL_ACCESS,
1046  &ObjectAttributes);
1047  if (NT_SUCCESS(Status))
1048  {
1049  /* Create the associated device map */
1050  Status = ObSetDirectoryDeviceMap(&LocalMap, DirectoryHandle);
1051  if (NT_SUCCESS(Status))
1052  {
1053  /* Make Global point to \Global?? in the directory */
1054  RtlInitUnicodeString(&LinkName, L"Global");
1055  RtlInitUnicodeString(&TargetName, L"\\Global??");
1056 
1057  InitializeObjectAttributes(&ObjectAttributes,
1058  &LinkName,
1059  OBJ_KERNEL_HANDLE | OBJ_OPENIF | OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
1060  DirectoryHandle,
1061  NULL);
1062  Status = ZwCreateSymbolicLinkObject(&LinkHandle,
1063  SYMBOLIC_LINK_ALL_ACCESS,
1064  &ObjectAttributes,
1065  &TargetName);
1066  if (!NT_SUCCESS(Status))
1067  {
1068  ObfDereferenceDeviceMap(LocalMap);
1069  }
1070  else
1071  {
1072  ZwClose(LinkHandle);
1073  }
1074  }
1075 
1076  ZwClose(DirectoryHandle);
1077  }
1078 
1079  /* Acquire the database lock */
1080  KeAcquireGuardedMutex(&SepRmDbLock);
1081 
1082  /* If we succeed... */
1083  if (NT_SUCCESS(Status))
1084  {
1085  /* The session now has a device map? We raced with someone else */
1086  if (CurrentSession->pDeviceMap != NULL)
1087  {
1088  /* Give up on our new device map */
1089  ObfDereferenceDeviceMap(LocalMap);
1090  }
1091  /* Otherwise use our newly allocated device map */
1092  else
1093  {
1094  CurrentSession->pDeviceMap = LocalMap;
1095  }
1096 
1097  /* Return the device map */
1098  *DeviceMap = CurrentSession->pDeviceMap;
1099  }
1100  /* Zero output */
1101  else
1102  {
1103  *DeviceMap = NULL;
1104  }
1105 
1106  /* Release the database lock */
1107  KeReleaseGuardedMutex(&SepRmDbLock);
1108 
1109  /* We're done with the session */
1110  SepRmDereferenceLogonSession(&CurrentSession->LogonId);
1111 
1112  return Status;
1113 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeAcquireGuardedMutex
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
STATUS_NO_SUCH_LOGON_SESSION
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:317
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
ZwClose
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
ObfDereferenceDeviceMap
VOID FASTCALL ObfDereferenceDeviceMap(IN PDEVICE_MAP DeviceMap)
Definition: devicemap.c:477
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DirectoryHandle
static HANDLE DirectoryHandle
Definition: ObType.c:48
OBJ_PERMANENT
#define OBJ_PERMANENT
Definition: winternl.h:226
SYMBOLIC_LINK_ALL_ACCESS
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
OBJ_OPENIF
#define OBJ_OPENIF
Definition: winternl.h:229
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
ObSetDirectoryDeviceMap
NTSTATUS NTAPI ObSetDirectoryDeviceMap(OUT PDEVICE_MAP *DeviceMap, IN HANDLE DirectoryHandle)
Definition: devicemap.c:149
_SEP_LOGON_SESSION_REFERENCES::LogonId
LUID LogonId
Definition: srm.c:28
ZwCreateDirectoryObject
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
_snwprintf
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
NULL
smooth NULL
Definition: ftsmooth.c:416
_DEVICE_MAP
Definition: obtypes.h:523
Buffer
Definition: bufpool.h:45
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ZwCreateSymbolicLinkObject
NTSYSAPI NTSTATUS NTAPI ZwCreateSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PUNICODE_STRING Name)
_SEP_LOGON_SESSION_REFERENCES::Next
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: srm.c:27
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
L
static const WCHAR L[]
Definition: oid.c:1250
TargetName
WCHAR TargetName[256]
Definition: arping.c:27
_SEP_LOGON_SESSION_REFERENCES::pDeviceMap
PDEVICE_MAP pDeviceMap
Definition: srm.c:31
Status
Status
Definition: gdiplustypes.h:24
_UNICODE_STRING
Definition: env_spec_w32.h:368
_SEP_LOGON_SESSION_REFERENCES
Definition: srm.c:25
DIRECTORY_ALL_ACCESS
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
SepLogonSessions
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:71
_SEP_LOGON_SESSION_REFERENCES::ReferenceCount
ULONG ReferenceCount
Definition: srm.c:29
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711
KeReleaseGuardedMutex
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
SepRmDereferenceLogonSession
NTSTATUS SepRmDereferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:664
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
OBJ_KERNEL_HANDLE
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
SepRmDbLock
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:70

Referenced by ObpReferenceDeviceMap(), and ObpSetCurrentProcessDeviceMap().

◆ SeInitializeProcessAuditName()

NTSTATUS NTAPI SeInitializeProcessAuditName ( IN PFILE_OBJECT  FileObject,
IN BOOLEAN  DoAudit,
OUT POBJECT_NAME_INFORMATION AuditInfo 
)

Definition at line 47 of file audit.c.

50 {
51  OBJECT_NAME_INFORMATION LocalNameInfo;
52  POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
53  ULONG ReturnLength = 8;
54  NTSTATUS Status;
55 
56  PAGED_CODE();
57  ASSERT(AuditInfo);
58 
59  /* Check if we should do auditing */
60  if (DoAudit)
61  {
62  /* FIXME: TODO */
63  }
64 
65  /* Now query the name */
66  Status = ObQueryNameString(FileObject,
67  &LocalNameInfo,
68  sizeof(LocalNameInfo),
69  &ReturnLength);
70  if (((Status == STATUS_BUFFER_OVERFLOW) ||
71  (Status == STATUS_BUFFER_TOO_SMALL) ||
72  (Status == STATUS_INFO_LENGTH_MISMATCH)) &&
73  (ReturnLength != sizeof(LocalNameInfo)))
74  {
75  /* Allocate required size */
76  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
77  ReturnLength,
78  TAG_SEPA);
79  if (ObjectNameInfo)
80  {
81  /* Query the name again */
82  Status = ObQueryNameString(FileObject,
83  ObjectNameInfo,
84  ReturnLength,
85  &ReturnLength);
86  }
87  }
88 
89  /* Check if we got here due to failure */
90  if ((ObjectNameInfo) &&
91  (!(NT_SUCCESS(Status)) || (ReturnLength == sizeof(LocalNameInfo))))
92  {
93  /* First, free any buffer we might've allocated */
94  ASSERT(FALSE);
95  if (ObjectNameInfo) ExFreePool(ObjectNameInfo);
96 
97  /* Now allocate a temporary one */
98  ReturnLength = sizeof(OBJECT_NAME_INFORMATION);
99  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
100  sizeof(OBJECT_NAME_INFORMATION),
101  TAG_SEPA);
102  if (ObjectNameInfo)
103  {
104  /* Clear it */
105  RtlZeroMemory(ObjectNameInfo, ReturnLength);
106  Status = STATUS_SUCCESS;
107  }
108  }
109 
110  /* Check if memory allocation failed */
111  if (!ObjectNameInfo) Status = STATUS_NO_MEMORY;
112 
113  /* Return the audit name */
114  *AuditInfo = ObjectNameInfo;
115 
116  /* Return status */
117  return Status;
118 }
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObQueryNameString
NTSTATUS NTAPI ObQueryNameString(IN PVOID Object, OUT POBJECT_NAME_INFORMATION ObjectNameInfo, IN ULONG Length, OUT PULONG ReturnLength)
Definition: obname.c:1209
_OBJECT_NAME_INFORMATION
Definition: nt_native.h:1269
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
OBJECT_NAME_INFORMATION
struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION
NULL
smooth NULL
Definition: ftsmooth.c:416
FileObject
_Inout_ PFILE_OBJECT FileObject
Definition: cdprocs.h:593
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
Status
Status
Definition: gdiplustypes.h:24
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:61
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
TAG_SEPA
#define TAG_SEPA
Definition: tag.h:189
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

Referenced by MmInitializeProcessAddressSpace(), and SeLocateProcessImageName().

◆ SeInitSystem()

INIT_FUNCTION BOOLEAN NTAPI SeInitSystem ( VOID  )

Definition at line 239 of file semgr.c.

240 {
241  /* Check the initialization phase */
242  switch (ExpInitializationPhase)
243  {
244  case 0:
245 
246  /* Do Phase 0 */
247  return SepInitializationPhase0();
248 
249  case 1:
250 
251  /* Do Phase 1 */
252  return SepInitializationPhase1();
253 
254  default:
255 
256  /* Don't know any other phase! Bugcheck! */
257  KeBugCheckEx(UNEXPECTED_INITIALIZATION_CALL,
258  0,
259  ExpInitializationPhase,
260  0,
261  0);
262  return FALSE;
263  }
264 }
SepInitializationPhase1
INIT_FUNCTION BOOLEAN NTAPI SepInitializationPhase1(VOID)
Definition: semgr.c:131
ExpInitializationPhase
ULONG ExpInitializationPhase
Definition: init.c:65
SepInitializationPhase0
INIT_FUNCTION BOOLEAN NTAPI SepInitializationPhase0(VOID)
Definition: semgr.c:96
KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:107

Referenced by ExpInitializeExecutive(), and Phase1InitializationDiscard().

◆ SeIsTokenChild()

NTSTATUS NTAPI SeIsTokenChild ( IN PTOKEN  Token,
OUT PBOOLEAN  IsChild 
)

Definition at line 716 of file token.c.

718 {
719  PTOKEN ProcessToken;
720  LUID ProcessTokenId, CallerParentId;
721 
722  /* Assume failure */
723  *IsChild = FALSE;
724 
725  /* Reference the process token */
726  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
727  if (!ProcessToken)
728  return STATUS_UNSUCCESSFUL;
729 
730  /* Get its token ID */
731  ProcessTokenId = ProcessToken->TokenId;
732 
733  /* Dereference the token */
734  ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);
735 
736  /* Get our parent token ID */
737  CallerParentId = Token->ParentTokenId;
738 
739  /* Compare the token IDs */
740  if (RtlEqualLuid(&CallerParentId, &ProcessTokenId))
741  *IsChild = TRUE;
742 
743  /* Return success */
744  return STATUS_SUCCESS;
745 }
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_LUID
Definition: devicetopology.idl:136
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
_TOKEN::TokenId
LUID TokenId
Definition: setypes.h:154
IsChild
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:169
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_TOKEN
Definition: setypes.h:151

Referenced by PspSetPrimaryToken().

◆ SeIsTokenSibling()

NTSTATUS NTAPI SeIsTokenSibling ( IN PTOKEN  Token,
OUT PBOOLEAN  IsSibling 
)

Definition at line 749 of file token.c.

751 {
752  PTOKEN ProcessToken;
753  LUID ProcessParentId, ProcessAuthId;
754  LUID CallerParentId, CallerAuthId;
755 
756  /* Assume failure */
757  *IsSibling = FALSE;
758 
759  /* Reference the process token */
760  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
761  if (!ProcessToken)
762  return STATUS_UNSUCCESSFUL;
763 
764  /* Get its parent and authentication IDs */
765  ProcessParentId = ProcessToken->ParentTokenId;
766  ProcessAuthId = ProcessToken->AuthenticationId;
767 
768  /* Dereference the token */
769  ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);
770 
771  /* Get our parent and authentication IDs */
772  CallerParentId = Token->ParentTokenId;
773  CallerAuthId = Token->AuthenticationId;
774 
775  /* Compare the token IDs */
776  if (RtlEqualLuid(&CallerParentId, &ProcessParentId) &&
777  RtlEqualLuid(&CallerAuthId, &ProcessAuthId))
778  {
779  *IsSibling = TRUE;
780  }
781 
782  /* Return success */
783  return STATUS_SUCCESS;
784 }
TRUE
#define TRUE
Definition: types.h:120
_TOKEN::AuthenticationId
LUID AuthenticationId
Definition: setypes.h:155
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_LUID
Definition: devicetopology.idl:136
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
_TOKEN::ParentTokenId
LUID ParentTokenId
Definition: setypes.h:156
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:169
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_TOKEN
Definition: setypes.h:151

Referenced by PspSetPrimaryToken().

◆ SepCaptureAcl()

NTSTATUS NTAPI SepCaptureAcl ( IN PACL  InputAcl,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PACL CapturedAcl 
)

Definition at line 277 of file acl.c.

282 {
283  PACL NewAcl;
284  ULONG AclSize = 0;
285  NTSTATUS Status = STATUS_SUCCESS;
286 
287  PAGED_CODE();
288 
289  if (AccessMode != KernelMode)
290  {
291  _SEH2_TRY
292  {
293  ProbeForRead(InputAcl,
294  sizeof(ACL),
295  sizeof(ULONG));
296  AclSize = InputAcl->AclSize;
297  ProbeForRead(InputAcl,
298  AclSize,
299  sizeof(ULONG));
300  }
301  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
302  {
303  /* Return the exception code */
304  _SEH2_YIELD(return _SEH2_GetExceptionCode());
305  }
306  _SEH2_END;
307 
308  NewAcl = ExAllocatePoolWithTag(PoolType,
309  AclSize,
310  TAG_ACL);
311  if (NewAcl != NULL)
312  {
313  _SEH2_TRY
314  {
315  RtlCopyMemory(NewAcl,
316  InputAcl,
317  AclSize);
318 
319  *CapturedAcl = NewAcl;
320  }
321  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
322  {
323  /* Free the ACL and return the exception code */
324  ExFreePoolWithTag(NewAcl, TAG_ACL);
325  _SEH2_YIELD(return _SEH2_GetExceptionCode());
326  }
327  _SEH2_END;
328  }
329  else
330  {
331  Status = STATUS_INSUFFICIENT_RESOURCES;
332  }
333  }
334  else if (!CaptureIfKernel)
335  {
336  *CapturedAcl = InputAcl;
337  }
338  else
339  {
340  AclSize = InputAcl->AclSize;
341 
342  NewAcl = ExAllocatePoolWithTag(PoolType,
343  AclSize,
344  TAG_ACL);
345 
346  if (NewAcl != NULL)
347  {
348  RtlCopyMemory(NewAcl,
349  InputAcl,
350  AclSize);
351 
352  *CapturedAcl = NewAcl;
353  }
354  else
355  {
356  Status = STATUS_INSUFFICIENT_RESOURCES;
357  }
358  }
359 
360  return Status;
361 }
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_ACL
Definition: ms-dtyp.idl:293
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NULL
smooth NULL
Definition: ftsmooth.c:416
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Status
Definition: gdiplustypes.h:24
TAG_ACL
#define TAG_ACL
Definition: tag.h:174
_SEH2_END
_SEH2_END
Definition: create.c:4424
ULONG
unsigned int ULONG
Definition: retypes.h:1
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444

Referenced by NtCreateToken(), and NtSetInformationToken().

◆ SepCaptureSecurityQualityOfService()

NTSTATUS NTAPI SepCaptureSecurityQualityOfService ( IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIONAL,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
OUT PBOOLEAN  Present 
)

Definition at line 211 of file sd.c.

217 {
218  PSECURITY_QUALITY_OF_SERVICE CapturedQos;
219  NTSTATUS Status = STATUS_SUCCESS;
220 
221  PAGED_CODE();
222 
223  ASSERT(CapturedSecurityQualityOfService);
224  ASSERT(Present);
225 
226  if (ObjectAttributes != NULL)
227  {
228  if (AccessMode != KernelMode)
229  {
230  SECURITY_QUALITY_OF_SERVICE SafeQos;
231 
232  _SEH2_TRY
233  {
234  ProbeForRead(ObjectAttributes,
235  sizeof(OBJECT_ATTRIBUTES),
236  sizeof(ULONG));
237  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
238  {
239  if (ObjectAttributes->SecurityQualityOfService != NULL)
240  {
241  ProbeForRead(ObjectAttributes->SecurityQualityOfService,
242  sizeof(SECURITY_QUALITY_OF_SERVICE),
243  sizeof(ULONG));
244 
245  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
246  sizeof(SECURITY_QUALITY_OF_SERVICE))
247  {
248  /*
249  * Don't allocate memory here because ExAllocate should bugcheck
250  * the system if it's buggy, SEH would catch that! So make a local
251  * copy of the qos structure.
252  */
253  RtlCopyMemory(&SafeQos,
254  ObjectAttributes->SecurityQualityOfService,
255  sizeof(SECURITY_QUALITY_OF_SERVICE));
256  *Present = TRUE;
257  }
258  else
259  {
260  Status = STATUS_INVALID_PARAMETER;
261  }
262  }
263  else
264  {
265  *CapturedSecurityQualityOfService = NULL;
266  *Present = FALSE;
267  }
268  }
269  else
270  {
271  Status = STATUS_INVALID_PARAMETER;
272  }
273  }
274  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
275  {
276  Status = _SEH2_GetExceptionCode();
277  }
278  _SEH2_END;
279 
280  if (NT_SUCCESS(Status))
281  {
282  if (*Present)
283  {
284  CapturedQos = ExAllocatePoolWithTag(PoolType,
285  sizeof(SECURITY_QUALITY_OF_SERVICE),
286  TAG_QOS);
287  if (CapturedQos != NULL)
288  {
289  RtlCopyMemory(CapturedQos,
290  &SafeQos,
291  sizeof(SECURITY_QUALITY_OF_SERVICE));
292  *CapturedSecurityQualityOfService = CapturedQos;
293  }
294  else
295  {
296  Status = STATUS_INSUFFICIENT_RESOURCES;
297  }
298  }
299  else
300  {
301  *CapturedSecurityQualityOfService = NULL;
302  }
303  }
304  }
305  else
306  {
307  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
308  {
309  if (CaptureIfKernel)
310  {
311  if (ObjectAttributes->SecurityQualityOfService != NULL)
312  {
313  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
314  sizeof(SECURITY_QUALITY_OF_SERVICE))
315  {
316  CapturedQos = ExAllocatePoolWithTag(PoolType,
317  sizeof(SECURITY_QUALITY_OF_SERVICE),
318  TAG_QOS);
319  if (CapturedQos != NULL)
320  {
321  RtlCopyMemory(CapturedQos,
322  ObjectAttributes->SecurityQualityOfService,
323  sizeof(SECURITY_QUALITY_OF_SERVICE));
324  *CapturedSecurityQualityOfService = CapturedQos;
325  *Present = TRUE;
326  }
327  else
328  {
329  Status = STATUS_INSUFFICIENT_RESOURCES;
330  }
331  }
332  else
333  {
334  Status = STATUS_INVALID_PARAMETER;
335  }
336  }
337  else
338  {
339  *CapturedSecurityQualityOfService = NULL;
340  *Present = FALSE;
341  }
342  }
343  else
344  {
345  *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
346  *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
347  }
348  }
349  else
350  {
351  Status = STATUS_INVALID_PARAMETER;
352  }
353  }
354  }
355  else
356  {
357  *CapturedSecurityQualityOfService = NULL;
358  *Present = FALSE;
359  }
360 
361  return Status;
362 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
TRUE
#define TRUE
Definition: types.h:120
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
PSECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NULL
smooth NULL
Definition: ftsmooth.c:416
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Status
Definition: gdiplustypes.h:24
_SEH2_END
_SEH2_END
Definition: create.c:4424
ULONG
unsigned int ULONG
Definition: retypes.h:1
TAG_QOS
#define TAG_QOS
Definition: tag.h:177
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444

Referenced by NtDuplicateToken().

◆ SepCaptureSid()

NTSTATUS NTAPI SepCaptureSid ( IN PSID  InputSid,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PSID CapturedSid 
)

Definition at line 274 of file sid.c.

279 {
280  ULONG SidSize = 0;
281  PISID NewSid, Sid = (PISID)InputSid;
282 
283  PAGED_CODE();
284 
285  if (AccessMode != KernelMode)
286  {
287  _SEH2_TRY
288  {
289  ProbeForRead(Sid, FIELD_OFFSET(SID, SubAuthority), sizeof(UCHAR));
290  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
291  ProbeForRead(Sid, SidSize, sizeof(UCHAR));
292  }
293  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
294  {
295  /* Return the exception code */
296  _SEH2_YIELD(return _SEH2_GetExceptionCode());
297  }
298  _SEH2_END;
299 
300  /* Allocate a SID and copy it */
301  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
302  if (!NewSid)
303  return STATUS_INSUFFICIENT_RESOURCES;
304 
305  _SEH2_TRY
306  {
307  RtlCopyMemory(NewSid, Sid, SidSize);
308 
309  *CapturedSid = NewSid;
310  }
311  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
312  {
313  /* Free the SID and return the exception code */
314  ExFreePoolWithTag(NewSid, TAG_SID);
315  _SEH2_YIELD(return _SEH2_GetExceptionCode());
316  }
317  _SEH2_END;
318  }
319  else if (!CaptureIfKernel)
320  {
321  *CapturedSid = InputSid;
322  }
323  else
324  {
325  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
326 
327  /* Allocate a SID and copy it */
328  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
329  if (NewSid == NULL)
330  return STATUS_INSUFFICIENT_RESOURCES;
331 
332  RtlCopyMemory(NewSid, Sid, SidSize);
333 
334  *CapturedSid = NewSid;
335  }
336 
337  return STATUS_SUCCESS;
338 }
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID
Definition: ms-dtyp.idl:198
TAG_SID
#define TAG_SID
Definition: sid.c:15
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
PISID
struct _SID * PISID
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NULL
smooth NULL
Definition: ftsmooth.c:416
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
_SEH2_END
_SEH2_END
Definition: create.c:4424
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
ULONG
unsigned int ULONG
Definition: retypes.h:1
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444
NewSid
_In_ PSID _In_ PSID NewSid
Definition: rtlfuncs.h:2815

Referenced by NtCreateToken(), NtSecureConnectPort(), NtSetInformationToken(), and SepAccessCheckAndAuditAlarm().

◆ SepCreateImpersonationTokenDacl()

NTSTATUS NTAPI SepCreateImpersonationTokenDacl ( _In_ PTOKEN  Token,
_In_ PTOKEN  PrimaryToken,
_Out_ PACL Dacl 
)

Definition at line 229 of file acl.c.

233 {
234  ULONG AclLength;
235  PACL TokenDacl;
236 
237  PAGED_CODE();
238 
239  *Dacl = NULL;
240 
241  AclLength = sizeof(ACL) +
242  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
243  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
244  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid)) +
245  (sizeof(ACE) + RtlLengthSid(Token->UserAndGroups->Sid)) +
246  (sizeof(ACE) + RtlLengthSid(PrimaryToken->UserAndGroups->Sid));
247 
248  TokenDacl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_ACL);
249  if (TokenDacl == NULL)
250  {
251  return STATUS_INSUFFICIENT_RESOURCES;
252  }
253 
254  RtlCreateAcl(TokenDacl, AclLength, ACL_REVISION);
255  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
256  Token->UserAndGroups->Sid);
257  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
258  PrimaryToken->UserAndGroups->Sid);
259  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
260  SeAliasAdminsSid);
261  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
262  SeLocalSystemSid);
263 
264  if (Token->RestrictedSids != NULL || PrimaryToken->RestrictedSids != NULL)
265  {
266  RtlAddAccessAllowedAce(TokenDacl, ACL_REVISION, GENERIC_ALL,
267  SeRestrictedCodeSid);
268  }
269 
270  *Dacl = TokenDacl;
271 
272  return STATUS_SUCCESS;
273 }
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:46
_ACL
Definition: ms-dtyp.idl:293
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
ACL
struct _ACL ACL
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:47
TAG_ACL
#define TAG_ACL
Definition: tag.h:174
RtlAddAccessAllowedAce
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
RtlCreateAcl
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:44
ULONG
unsigned int ULONG
Definition: retypes.h:1
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_ACE
Definition: rtltypes.h:988
AclLength
_In_ ULONG AclLength
Definition: rtlfuncs.h:1844

Referenced by NtOpenThreadTokenEx().

◆ SepCreateSystemProcessToken()

PTOKEN NTAPI SepCreateSystemProcessToken ( VOID  )

Definition at line 1145 of file token.c.

1146 {
1147  LUID_AND_ATTRIBUTES Privileges[25];
1148  ULONG GroupAttributes, OwnerAttributes;
1149  SID_AND_ATTRIBUTES Groups[32];
1150  LARGE_INTEGER Expiration;
1151  SID_AND_ATTRIBUTES UserSid;
1152  ULONG GroupsLength;
1153  PSID PrimaryGroup;
1154  OBJECT_ATTRIBUTES ObjectAttributes;
1155  PSID Owner;
1156  ULONG i;
1157  PTOKEN Token;
1158  NTSTATUS Status;
1159 
1160  /* Don't ever expire */
1161  Expiration.QuadPart = -1;
1162 
1163  /* All groups mandatory and enabled */
1164  GroupAttributes = SE_GROUP_ENABLED | SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT;
1165  OwnerAttributes = SE_GROUP_ENABLED | SE_GROUP_OWNER | SE_GROUP_ENABLED_BY_DEFAULT;
1166 
1167  /* User is Local System */
1168  UserSid.Sid = SeLocalSystemSid;
1169  UserSid.Attributes = 0;
1170 
1171  /* Primary group is Local System */
1172  PrimaryGroup = SeLocalSystemSid;
1173 
1174  /* Owner is Administrators */
1175  Owner = SeAliasAdminsSid;
1176 
1177  /* Groups are Administrators, World, and Authenticated Users */
1178  Groups[0].Sid = SeAliasAdminsSid;
1179  Groups[0].Attributes = OwnerAttributes;
1180  Groups[1].Sid = SeWorldSid;
1181  Groups[1].Attributes = GroupAttributes;
1182  Groups[2].Sid = SeAuthenticatedUsersSid;
1183  Groups[2].Attributes = GroupAttributes;
1184  GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
1185  SeLengthSid(Groups[0].Sid) +
1186  SeLengthSid(Groups[1].Sid) +
1187  SeLengthSid(Groups[2].Sid);
1188  ASSERT(GroupsLength <= sizeof(Groups));
1189 
1190  /* Setup the privileges */
1191  i = 0;
1192  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1193  Privileges[i++].Luid = SeTcbPrivilege;
1194 
1195  Privileges[i].Attributes = 0;
1196  Privileges[i++].Luid = SeCreateTokenPrivilege;
1197 
1198  Privileges[i].Attributes = 0;
1199  Privileges[i++].Luid = SeTakeOwnershipPrivilege;
1200 
1201  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1202  Privileges[i++].Luid = SeCreatePagefilePrivilege;
1203 
1204  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1205  Privileges[i++].Luid = SeLockMemoryPrivilege;
1206 
1207  Privileges[i].Attributes = 0;
1208  Privileges[i++].Luid = SeAssignPrimaryTokenPrivilege;
1209 
1210  Privileges[i].Attributes = 0;
1211  Privileges[i++].Luid = SeIncreaseQuotaPrivilege;
1212 
1213  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1214  Privileges[i++].Luid = SeIncreaseBasePriorityPrivilege;
1215 
1216  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1217  Privileges[i++].Luid = SeCreatePermanentPrivilege;
1218 
1219  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1220  Privileges[i++].Luid = SeDebugPrivilege;
1221 
1222  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1223  Privileges[i++].Luid = SeAuditPrivilege;
1224 
1225  Privileges[i].Attributes = 0;
1226  Privileges[i++].Luid = SeSecurityPrivilege;
1227 
1228  Privileges[i].Attributes = 0;
1229  Privileges[i++].Luid = SeSystemEnvironmentPrivilege;
1230 
1231  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1232  Privileges[i++].Luid = SeChangeNotifyPrivilege;
1233 
1234  Privileges[i].Attributes = 0;
1235  Privileges[i++].Luid = SeBackupPrivilege;
1236 
1237  Privileges[i].Attributes = 0;
1238  Privileges[i++].Luid = SeRestorePrivilege;
1239 
1240  Privileges[i].Attributes = 0;
1241  Privileges[i++].Luid = SeShutdownPrivilege;
1242 
1243  Privileges[i].Attributes = 0;
1244  Privileges[i++].Luid = SeLoadDriverPrivilege;
1245 
1246  Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
1247  Privileges[i++].Luid = SeProfileSingleProcessPrivilege;
1248 
1249  Privileges[i].Attributes = 0;
1250  Privileges[i++].Luid = SeSystemtimePrivilege;
1251  ASSERT(i == 20);
1252 
1253  /* Setup the object attributes */
1254  InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
1255  ASSERT(SeSystemDefaultDacl != NULL);
1256 
1257  /* Create the token */
1258  Status = SepCreateToken((PHANDLE)&Token,
1259  KernelMode,
1260  0,
1261  &ObjectAttributes,
1262  TokenPrimary,
1263  SecurityAnonymous,
1264  &SeSystemAuthenticationId,
1265  &Expiration,
1266  &UserSid,
1267  3,
1268  Groups,
1269  GroupsLength,
1270  20,
1271  Privileges,
1272  Owner,
1273  PrimaryGroup,
1274  SeSystemDefaultDacl,
1275  &SeSystemTokenSource,
1276  TRUE);
1277  ASSERT(Status == STATUS_SUCCESS);
1278 
1279  /* Return the token */
1280  return Token;
1281 }
SeSystemEnvironmentPrivilege
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:43
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
TRUE
#define TRUE
Definition: types.h:120
SeSystemtimePrivilege
const LUID SeSystemtimePrivilege
Definition: priv.c:33
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478
_SID
Definition: ms-dtyp.idl:198
SeIncreaseQuotaPrivilege
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:26
SeCreateTokenPrivilege
const LUID SeCreateTokenPrivilege
Definition: priv.c:23
SeCreatePermanentPrivilege
const LUID SeCreatePermanentPrivilege
Definition: priv.c:37
SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:41
SeBackupPrivilege
const LUID SeBackupPrivilege
Definition: priv.c:38
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:23
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SeSystemAuthenticationId
LUID SeSystemAuthenticationId
Definition: token.c:38
SeAssignPrimaryTokenPrivilege
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:24
SeAuthenticatedUsersSid
PSID SeAuthenticatedUsersSid
Definition: sid.c:55
Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SE_GROUP_OWNER
#define SE_GROUP_OWNER
Definition: setypes.h:93
NULL
smooth NULL
Definition: ftsmooth.c:416
SeLoadDriverPrivilege
const LUID SeLoadDriverPrivilege
Definition: priv.c:31
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
SeTakeOwnershipPrivilege
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:30
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
SepCreateToken
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Definition: token.c:882
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1559
SE_PRIVILEGE_ENABLED_BY_DEFAULT
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
SeCreatePagefilePrivilege
const LUID SeCreatePagefilePrivilege
Definition: priv.c:36
SeRestorePrivilege
const LUID SeRestorePrivilege
Definition: priv.c:39
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
_SID_AND_ATTRIBUTES
Definition: setypes.h:474
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
SeChangeNotifyPrivilege
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:47
SeSystemTokenSource
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:37
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
SeLockMemoryPrivilege
const LUID SeLockMemoryPrivilege
Definition: priv.c:25
SeProfileSingleProcessPrivilege
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:34
SeWorldSid
PSID SeWorldSid
Definition: sid.c:31
SeIncreaseBasePriorityPrivilege
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:35
Status
Status
Definition: gdiplustypes.h:24
SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:28
SeShutdownPrivilege
const LUID SeShutdownPrivilege
Definition: priv.c:40
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:480
Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1557
_LARGE_INTEGER
Definition: typedefs.h:100
SeSecurityPrivilege
const LUID SeSecurityPrivilege
Definition: priv.c:29
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:44
ULONG
unsigned int ULONG
Definition: retypes.h:1
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
SeLengthSid
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
_TOKEN
Definition: setypes.h:151
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:42
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:112

Referenced by SepInitializationPhase0().

◆ SepDuplicateToken()

NTSTATUS NTAPI SepDuplicateToken ( _In_ PTOKEN  Token,
_In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ BOOLEAN  EffectiveOnly,
_In_ TOKEN_TYPE  TokenType,
_In_ SECURITY_IMPERSONATION_LEVEL  Level,
_In_ KPROCESSOR_MODE  PreviousMode,
_Out_ PTOKEN NewAccessToken 
)

Definition at line 441 of file token.c.

449 {
450  NTSTATUS Status;
451  PTOKEN AccessToken;
452  PVOID EndMem;
453  ULONG VariableLength;
454  ULONG TotalSize;
455 
456  PAGED_CODE();
457 
458  /* Compute how much size we need to allocate for the token */
459  VariableLength = Token->VariableLength;
460  TotalSize = FIELD_OFFSET(TOKEN, VariablePart) + VariableLength;
461 
462  Status = ObCreateObject(PreviousMode,
463  SeTokenObjectType,
464  ObjectAttributes,
465  PreviousMode,
466  NULL,
467  TotalSize,
468  0,
469  0,
470  (PVOID*)&AccessToken);
471  if (!NT_SUCCESS(Status))
472  {
473  DPRINT1("ObCreateObject() failed (Status 0x%lx)\n", Status);
474  return Status;
475  }
476 
477  /* Zero out the buffer and initialize the token */
478  RtlZeroMemory(AccessToken, TotalSize);
479 
480  ExAllocateLocallyUniqueId(&AccessToken->TokenId);
481 
482  AccessToken->TokenType = TokenType;
483  AccessToken->ImpersonationLevel = Level;
484 
485  AccessToken->TokenLock = &SepTokenLock; // FIXME: Global lock!
486 
487  /* Copy the immutable fields */
488  RtlCopyLuid(&AccessToken->TokenSource.SourceIdentifier,
489  &Token->TokenSource.SourceIdentifier);
490  RtlCopyMemory(AccessToken->TokenSource.SourceName,
491  Token->TokenSource.SourceName,
492  sizeof(Token->TokenSource.SourceName));
493 
494  AccessToken->AuthenticationId = Token->AuthenticationId;
495  AccessToken->ParentTokenId = Token->ParentTokenId;
496  AccessToken->ExpirationTime = Token->ExpirationTime;
497  AccessToken->OriginatingLogonSession = Token->OriginatingLogonSession;
498 
499 
500  /* Lock the source token and copy the mutable fields */
501  SepAcquireTokenLockExclusive(Token);
502 
503  AccessToken->SessionId = Token->SessionId;
504  RtlCopyLuid(&AccessToken->ModifiedId, &Token->ModifiedId);
505 
506  AccessToken->TokenFlags = Token->TokenFlags & ~TOKEN_SESSION_NOT_REFERENCED;
507 
508  /* Copy and reference the logon session */
509  // RtlCopyLuid(&AccessToken->AuthenticationId, &Token->AuthenticationId);
510  Status = SepRmReferenceLogonSession(&AccessToken->AuthenticationId);
511  if (!NT_SUCCESS(Status))
512  {
513  /* No logon session could be found, bail out */
514  DPRINT1("SepRmReferenceLogonSession() failed (Status 0x%lx)\n", Status);
515  /* Set the flag for proper cleanup by the delete procedure */
516  AccessToken->TokenFlags |= TOKEN_SESSION_NOT_REFERENCED;
517  goto Quit;
518  }
519 
520  /* Assign the data that reside in the TOKEN's variable information area */
521  AccessToken->VariableLength = VariableLength;
522  EndMem = (PVOID)&AccessToken->VariablePart;
523 
524  /* Copy the privileges */
525  AccessToken->PrivilegeCount = 0;
526  AccessToken->Privileges = NULL;
527  if (Token->Privileges && (Token->PrivilegeCount > 0))
528  {
529  ULONG PrivilegesLength = Token->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
530  PrivilegesLength = ALIGN_UP_BY(PrivilegesLength, sizeof(PVOID));
531 
532  ASSERT(VariableLength >= PrivilegesLength);
533 
534  AccessToken->PrivilegeCount = Token->PrivilegeCount;
535  AccessToken->Privileges = EndMem;
536  EndMem = (PVOID)((ULONG_PTR)EndMem + PrivilegesLength);
537  VariableLength -= PrivilegesLength;
538 
539  RtlCopyMemory(AccessToken->Privileges,
540  Token->Privileges,
541  AccessToken->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
542  }
543 
544  /* Copy the user and groups */
545  AccessToken->UserAndGroupCount = 0;
546  AccessToken->UserAndGroups = NULL;
547  if (Token->UserAndGroups && (Token->UserAndGroupCount > 0))
548  {
549  AccessToken->UserAndGroupCount = Token->UserAndGroupCount;
550  AccessToken->UserAndGroups = EndMem;
551  EndMem = &AccessToken->UserAndGroups[AccessToken->UserAndGroupCount];
552  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->UserAndGroups);
553 
554  Status = RtlCopySidAndAttributesArray(AccessToken->UserAndGroupCount,
555  Token->UserAndGroups,
556  VariableLength,
557  AccessToken->UserAndGroups,
558  EndMem,
559  &EndMem,
560  &VariableLength);
561  if (!NT_SUCCESS(Status))
562  {
563  DPRINT1("RtlCopySidAndAttributesArray(UserAndGroups) failed (Status 0x%lx)\n", Status);
564  goto Quit;
565  }
566  }
567 
568 #if 1
569  {
570  ULONG PrimaryGroupIndex;
571 
572  /* Find the token primary group */
573  Status = SepFindPrimaryGroupAndDefaultOwner(AccessToken,
574  Token->PrimaryGroup,
575  NULL,
576  &PrimaryGroupIndex,
577  NULL);
578  if (!NT_SUCCESS(Status))
579  {
580  DPRINT1("SepFindPrimaryGroupAndDefaultOwner failed (Status 0x%lx)\n", Status);
581  goto Quit;
582  }
583  AccessToken->PrimaryGroup = AccessToken->UserAndGroups[PrimaryGroupIndex].Sid;
584  }
585 #else
586  AccessToken->PrimaryGroup = (PVOID)((ULONG_PTR)AccessToken + (ULONG_PTR)Token->PrimaryGroup - (ULONG_PTR)Token->UserAndGroups);
587 #endif
588  AccessToken->DefaultOwnerIndex = Token->DefaultOwnerIndex;
589 
590  /* Copy the restricted SIDs */
591  AccessToken->RestrictedSidCount = 0;
592  AccessToken->RestrictedSids = NULL;
593  if (Token->RestrictedSids && (Token->RestrictedSidCount > 0))
594  {
595  AccessToken->RestrictedSidCount = Token->RestrictedSidCount;
596  AccessToken->RestrictedSids = EndMem;
597  EndMem = &AccessToken->RestrictedSids[AccessToken->RestrictedSidCount];
598  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->RestrictedSids);
599 
600  Status = RtlCopySidAndAttributesArray(AccessToken->RestrictedSidCount,
601  Token->RestrictedSids,
602  VariableLength,
603  AccessToken->RestrictedSids,
604  EndMem,
605  &EndMem,
606  &VariableLength);
607  if (!NT_SUCCESS(Status))
608  {
609  DPRINT1("RtlCopySidAndAttributesArray(RestrictedSids) failed (Status 0x%lx)\n", Status);
610  goto Quit;
611  }
612  }
613 
614 
615  //
616  // FIXME: Implement the "EffectiveOnly" option, that removes all
617  // the disabled parts (privileges and groups) of the token.
618  //
619 
620 
621  //
622  // NOTE: So far our dynamic area only contains
623  // the default dacl, so this makes the following
624  // code pretty simple. The day where it stores
625  // other data, the code will require adaptations.
626  //
627 
628  /* Now allocate the TOKEN's dynamic information area and set the data */
629  AccessToken->DynamicAvailable = 0; // Unused memory in the dynamic area.
630  AccessToken->DynamicPart = NULL;
631  if (Token->DynamicPart && Token->DefaultDacl)
632  {
633  AccessToken->DynamicPart = ExAllocatePoolWithTag(PagedPool,
634  Token->DefaultDacl->AclSize,
635  TAG_TOKEN_DYNAMIC);
636  if (AccessToken->DynamicPart == NULL)
637  {
638  Status = STATUS_INSUFFICIENT_RESOURCES;
639  goto Quit;
640  }
641  EndMem = (PVOID)AccessToken->DynamicPart;
642 
643  AccessToken->DefaultDacl = EndMem;
644 
645  RtlCopyMemory(AccessToken->DefaultDacl,
646  Token->DefaultDacl,
647  Token->DefaultDacl->AclSize);
648  }
649 
650  /* Unlock the source token */
651  SepReleaseTokenLock(Token);
652 
653  /* Return the token */
654  *NewAccessToken = AccessToken;
655  Status = STATUS_SUCCESS;
656 
657 Quit:
658  if (!NT_SUCCESS(Status))
659  {
660  /* Unlock the source token */
661  SepReleaseTokenLock(Token);
662 
663  /* Dereference the token, the delete procedure will clean it up */
664  ObDereferenceObject(AccessToken);
665  }
666 
667  return Status;
668 }
_TOKEN::TokenType
TOKEN_TYPE TokenType
Definition: setypes.h:175
SepAcquireTokenLockExclusive
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:200
SepFindPrimaryGroupAndDefaultOwner
static NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Definition: token.c:345
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478
SepTokenLock
ERESOURCE SepTokenLock
Definition: token.c:35
_TOKEN::AuthenticationId
LUID AuthenticationId
Definition: setypes.h:155
_TOKEN::VariablePart
ULONG VariablePart
Definition: setypes.h:182
RtlCopySidAndAttributesArray
NTSYSAPI NTSTATUS NTAPI RtlCopySidAndAttributesArray(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src, _In_ ULONG SidAreaSize, _In_ PSID_AND_ATTRIBUTES Dest, _In_ PSID SidArea, _Out_ PSID *RemainingSidArea, _Out_ PULONG RemainingSidAreaSize)
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
Level
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
ObDereferenceObject
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
_TOKEN::PrivilegeCount
ULONG PrivilegeCount
Definition: setypes.h:164
RtlCopyLuid
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
_TOKEN::Privileges
PLUID_AND_ATTRIBUTES Privileges
Definition: setypes.h:172
_TOKEN::ModifiedId
LUID ModifiedId
Definition: setypes.h:160
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
_TOKEN::TokenFlags
ULONG TokenFlags
Definition: setypes.h:177
_TOKEN_SOURCE::SourceIdentifier
LUID SourceIdentifier
Definition: imports.h:279
_TOKEN::TokenLock
struct _ERESOURCE * TokenLock
Definition: setypes.h:158
_TOKEN::DynamicAvailable
ULONG DynamicAvailable
Definition: setypes.h:167
_TOKEN::DefaultDacl
PACL DefaultDacl
Definition: setypes.h:174
NULL
smooth NULL
Definition: ftsmooth.c:416
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:34
_TOKEN::ParentTokenId
LUID ParentTokenId
Definition: setypes.h:156
_TOKEN::DefaultOwnerIndex
ULONG DefaultOwnerIndex
Definition: setypes.h:168
_TOKEN::VariableLength
ULONG VariableLength
Definition: setypes.h:165
PVOID
void * PVOID
Definition: retypes.h:9
_TOKEN::SessionId
ULONG SessionId
Definition: setypes.h:161
ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:952
SepRmReferenceLogonSession
NTSTATUS SepRmReferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:381
_TOKEN::RestrictedSidCount
ULONG RestrictedSidCount
Definition: setypes.h:163
_TOKEN::DynamicPart
PULONG DynamicPart
Definition: setypes.h:173
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_TOKEN::PrimaryGroup
PSID PrimaryGroup
Definition: setypes.h:171
_TOKEN::ExpirationTime
LARGE_INTEGER ExpirationTime
Definition: setypes.h:157
if
if(!(yy_init))
Definition: macro.lex.yy.c:714
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_TOKEN::RestrictedSids
PSID_AND_ATTRIBUTES RestrictedSids
Definition: setypes.h:170
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:211
TAG_TOKEN_DYNAMIC
#define TAG_TOKEN_DYNAMIC
Definition: tag.h:180
_TOKEN_SOURCE::SourceName
CCHAR SourceName[TOKEN_SOURCE_LENGTH]
Definition: imports.h:278
Status
Status
Definition: gdiplustypes.h:24
_TOKEN::UserAndGroupCount
ULONG UserAndGroupCount
Definition: setypes.h:162
ExAllocateLocallyUniqueId
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:340
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
_TOKEN::TokenId
LUID TokenId
Definition: setypes.h:154
DPRINT1
#define DPRINT1
Definition: precomp.h:8
_TOKEN::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:176
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
ALIGN_UP_BY
#define ALIGN_UP_BY(size, align)
Definition: GetWindowPlacement.c:13
_TOKEN::UserAndGroups
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:169
_TOKEN::TokenSource
TOKEN_SOURCE TokenSource
Definition: setypes.h:153
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
_TOKEN
Definition: setypes.h:151
TOKEN_SESSION_NOT_REFERENCED
#define TOKEN_SESSION_NOT_REFERENCED
Definition: setypes.h:1130
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417
_TOKEN::OriginatingLogonSession
LUID OriginatingLogonSession
Definition: setypes.h:181

Referenced by NtDuplicateToken(), NtOpenThreadTokenEx(), SeCopyClientToken(), and SeSubProcessToken().

◆ SepGetDaclFromDescriptor()

FORCEINLINE PACL SepGetDaclFromDescriptor ( PVOID  _Descriptor)

Definition at line 67 of file se.h.

68 {
69  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
70  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
71 
72  if (!(Descriptor->Control & SE_DACL_PRESENT)) return NULL;
73 
74  if (Descriptor->Control & SE_SELF_RELATIVE)
75  {
76  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
77  if (!SdRel->Dacl) return NULL;
78  return (PACL)((ULONG_PTR)Descriptor + SdRel->Dacl);
79  }
80  else
81  {
82  return Descriptor->Dacl;
83  }
84 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:780
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:782
_ACL
Definition: ms-dtyp.idl:293
_SECURITY_DESCRIPTOR_RELATIVE::Dacl
$ULONG Dacl
Definition: setypes.h:789
SE_DACL_PRESENT
#define SE_DACL_PRESENT
Definition: setypes.h:767
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
smooth NULL
Definition: ftsmooth.c:416
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
Descriptor
_In_ PSTORAGE_PROPERTY_ID _Outptr_ PSTORAGE_DESCRIPTOR_HEADER * Descriptor
Definition: classpnp.h:966

Referenced by RtlGetDaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SeFastTraverseCheck().

◆ SepGetGroupFromDescriptor()

FORCEINLINE PSID SepGetGroupFromDescriptor ( PVOID  _Descriptor)

Definition at line 29 of file se.h.

30 {
31  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
32  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
33 
34  if (Descriptor->Control & SE_SELF_RELATIVE)
35  {
36  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
37  if (!SdRel->Group) return NULL;
38  return (PSID)((ULONG_PTR)Descriptor + SdRel->Group);
39  }
40  else
41  {
42  return Descriptor->Group;
43  }
44 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:780
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:782
_SECURITY_DESCRIPTOR_RELATIVE::Group
$ULONG Group
Definition: setypes.h:787
_SID
Definition: ms-dtyp.idl:198
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
smooth NULL
Definition: ftsmooth.c:416
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
Descriptor
_In_ PSTORAGE_PROPERTY_ID _Outptr_ PSTORAGE_DESCRIPTOR_HEADER * Descriptor
Definition: classpnp.h:966

Referenced by RtlGetGroupSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SepAccessCheckAndAuditAlarm().

◆ SepGetOwnerFromDescriptor()

FORCEINLINE PSID SepGetOwnerFromDescriptor ( PVOID  _Descriptor)

Definition at line 48 of file se.h.

49 {
50  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
51  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
52 
53  if (Descriptor->Control & SE_SELF_RELATIVE)
54  {
55  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
56  if (!SdRel->Owner) return NULL;
57  return (PSID)((ULONG_PTR)Descriptor + SdRel->Owner);
58  }
59  else
60  {
61  return Descriptor->Owner;
62  }
63 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:780
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:782
_SID
Definition: ms-dtyp.idl:198
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
smooth NULL
Definition: ftsmooth.c:416
_SECURITY_DESCRIPTOR_RELATIVE::Owner
$ULONG Owner
Definition: setypes.h:786
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
Descriptor
_In_ PSTORAGE_PROPERTY_ID _Outptr_ PSTORAGE_DESCRIPTOR_HEADER * Descriptor
Definition: classpnp.h:966

Referenced by RtlGetOwnerSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), SepAccessCheckAndAuditAlarm(), and SepTokenIsOwner().

◆ SepGetSaclFromDescriptor()

FORCEINLINE PACL SepGetSaclFromDescriptor ( PVOID  _Descriptor)

Definition at line 88 of file se.h.

89 {
90  PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
91  PISECURITY_DESCRIPTOR_RELATIVE SdRel;
92 
93  if (!(Descriptor->Control & SE_SACL_PRESENT)) return NULL;
94 
95  if (Descriptor->Control & SE_SELF_RELATIVE)
96  {
97  SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)Descriptor;
98  if (!SdRel->Sacl) return NULL;
99  return (PACL)((ULONG_PTR)Descriptor + SdRel->Sacl);
100  }
101  else
102  {
103  return Descriptor->Sacl;
104  }
105 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SE_SACL_PRESENT
#define SE_SACL_PRESENT
Definition: setypes.h:769
_SECURITY_DESCRIPTOR_RELATIVE::Sacl
$ULONG Sacl
Definition: setypes.h:788
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:780
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:782
_ACL
Definition: ms-dtyp.idl:293
PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
NULL
smooth NULL
Definition: ftsmooth.c:416
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PISECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
Descriptor
_In_ PSTORAGE_PROPERTY_ID _Outptr_ PSTORAGE_DESCRIPTOR_HEADER * Descriptor
Definition: classpnp.h:966

Referenced by RtlGetSaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), and SeCaptureSecurityDescriptor().

◆ SepInitDACLs()

INIT_FUNCTION BOOLEAN NTAPI SepInitDACLs ( VOID  )

Definition at line 34 of file acl.c.

35 {
36  ULONG AclLength;
37 
38  /* create PublicDefaultDacl */
39  AclLength = sizeof(ACL) +
40  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
41  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
42  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
43 
44  SePublicDefaultDacl = ExAllocatePoolWithTag(PagedPool,
45  AclLength,
46  TAG_ACL);
47  if (SePublicDefaultDacl == NULL)
48  return FALSE;
49 
50  RtlCreateAcl(SePublicDefaultDacl,
51  AclLength,
52  ACL_REVISION);
53 
54  RtlAddAccessAllowedAce(SePublicDefaultDacl,
55  ACL_REVISION,
56  GENERIC_EXECUTE,
57  SeWorldSid);
58 
59  RtlAddAccessAllowedAce(SePublicDefaultDacl,
60  ACL_REVISION,
61  GENERIC_ALL,
62  SeLocalSystemSid);
63 
64  RtlAddAccessAllowedAce(SePublicDefaultDacl,
65  ACL_REVISION,
66  GENERIC_ALL,
67  SeAliasAdminsSid);
68 
69  /* create PublicDefaultUnrestrictedDacl */
70  AclLength = sizeof(ACL) +
71  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
72  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
73  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
74  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
75 
76  SePublicDefaultUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
77  AclLength,
78  TAG_ACL);
79  if (SePublicDefaultUnrestrictedDacl == NULL)
80  return FALSE;
81 
82  RtlCreateAcl(SePublicDefaultUnrestrictedDacl,
83  AclLength,
84  ACL_REVISION);
85 
86  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
87  ACL_REVISION,
88  GENERIC_EXECUTE,
89  SeWorldSid);
90 
91  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
92  ACL_REVISION,
93  GENERIC_ALL,
94  SeLocalSystemSid);
95 
96  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
97  ACL_REVISION,
98  GENERIC_ALL,
99  SeAliasAdminsSid);
100 
101  RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
102  ACL_REVISION,
103  GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
104  SeRestrictedCodeSid);
105 
106  /* create PublicOpenDacl */
107  AclLength = sizeof(ACL) +
108  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
109  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
110  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
111 
112  SePublicOpenDacl = ExAllocatePoolWithTag(PagedPool,
113  AclLength,
114  TAG_ACL);
115  if (SePublicOpenDacl == NULL)
116  return FALSE;
117 
118  RtlCreateAcl(SePublicOpenDacl,
119  AclLength,
120  ACL_REVISION);
121 
122  RtlAddAccessAllowedAce(SePublicOpenDacl,
123  ACL_REVISION,
124  GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE,
125  SeWorldSid);
126 
127  RtlAddAccessAllowedAce(SePublicOpenDacl,
128  ACL_REVISION,
129  GENERIC_ALL,
130  SeLocalSystemSid);
131 
132  RtlAddAccessAllowedAce(SePublicOpenDacl,
133  ACL_REVISION,
134  GENERIC_ALL,
135  SeAliasAdminsSid);
136 
137  /* create PublicOpenUnrestrictedDacl */
138  AclLength = sizeof(ACL) +
139  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
140  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
141  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
142  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
143 
144  SePublicOpenUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
145  AclLength,
146  TAG_ACL);
147  if (SePublicOpenUnrestrictedDacl == NULL)
148  return FALSE;
149 
150  RtlCreateAcl(SePublicOpenUnrestrictedDacl,
151  AclLength,
152  ACL_REVISION);
153 
154  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
155  ACL_REVISION,
156  GENERIC_ALL,
157  SeWorldSid);
158 
159  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
160  ACL_REVISION,
161  GENERIC_ALL,
162  SeLocalSystemSid);
163 
164  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
165  ACL_REVISION,
166  GENERIC_ALL,
167  SeAliasAdminsSid);
168 
169  RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
170  ACL_REVISION,
171  GENERIC_READ | GENERIC_EXECUTE,
172  SeRestrictedCodeSid);
173 
174  /* create SystemDefaultDacl */
175  AclLength = sizeof(ACL) +
176  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
177  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
178 
179  SeSystemDefaultDacl = ExAllocatePoolWithTag(PagedPool,
180  AclLength,
181  TAG_ACL);
182  if (SeSystemDefaultDacl == NULL)
183  return FALSE;
184 
185  RtlCreateAcl(SeSystemDefaultDacl,
186  AclLength,
187  ACL_REVISION);
188 
189  RtlAddAccessAllowedAce(SeSystemDefaultDacl,
190  ACL_REVISION,
191  GENERIC_ALL,
192  SeLocalSystemSid);
193 
194  RtlAddAccessAllowedAce(SeSystemDefaultDacl,
195  ACL_REVISION,
196  GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
197  SeAliasAdminsSid);
198 
199  /* create UnrestrictedDacl */
200  AclLength = sizeof(ACL) +
201  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
202  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
203 
204  SeUnrestrictedDacl = ExAllocatePoolWithTag(PagedPool,
205  AclLength,
206  TAG_ACL);
207  if (SeUnrestrictedDacl == NULL)
208  return FALSE;
209 
210  RtlCreateAcl(SeUnrestrictedDacl,
211  AclLength,
212  ACL_REVISION);
213 
214  RtlAddAccessAllowedAce(SeUnrestrictedDacl,
215  ACL_REVISION,
216  GENERIC_ALL,
217  SeWorldSid);
218 
219  RtlAddAccessAllowedAce(SeUnrestrictedDacl,
220  ACL_REVISION,
221  GENERIC_READ | GENERIC_EXECUTE,
222  SeRestrictedCodeSid);
223 
224  return TRUE;
225 }
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
TRUE
#define TRUE
Definition: types.h:120
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:46
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:23
SePublicOpenDacl
PACL SePublicOpenDacl
Definition: acl.c:25
SePublicOpenUnrestrictedDacl
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:26
SeUnrestrictedDacl
PACL SeUnrestrictedDacl
Definition: acl.c:27
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
ACL
struct _ACL ACL
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:47
SePublicDefaultUnrestrictedDacl
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:24
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:124
SeWorldSid
PSID SeWorldSid
Definition: sid.c:31
TAG_ACL
#define TAG_ACL
Definition: tag.h:174
SePublicDefaultDacl
PACL SePublicDefaultDacl
Definition: acl.c:22
RtlAddAccessAllowedAce
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
RtlCreateAcl
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:44
ULONG
unsigned int ULONG
Definition: retypes.h:1
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
_ACE
Definition: rtltypes.h:988
AclLength
_In_ ULONG AclLength
Definition: rtlfuncs.h:1844

Referenced by SepInitializationPhase0().

◆ SepInitializeTokenImplementation()

INIT_FUNCTION VOID NTAPI SepInitializeTokenImplementation ( VOID  )

Definition at line 836 of file token.c.

837 {
838  UNICODE_STRING Name;
839  OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
840 
841  ExInitializeResource(&SepTokenLock); // FIXME: Global lock!
842 
843  DPRINT("Creating Token Object Type\n");
844 
845  /* Initialize the Token type */
846  RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
847  RtlInitUnicodeString(&Name, L"Token");
848  ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
849  ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
850  ObjectTypeInitializer.SecurityRequired = TRUE;
851  ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(TOKEN);
852  ObjectTypeInitializer.GenericMapping = SepTokenMapping;
853  ObjectTypeInitializer.PoolType = PagedPool;
854  ObjectTypeInitializer.ValidAccessMask = TOKEN_ALL_ACCESS;
855  ObjectTypeInitializer.UseDefaultObject = TRUE;
856  ObjectTypeInitializer.DeleteProcedure = SepDeleteToken;
857  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SeTokenObjectType);
858 }
ObCreateObjectType
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1048
TRUE
#define TRUE
Definition: types.h:120
ExInitializeResource
#define ExInitializeResource
Definition: exfuncs.h:346
_OBJECT_TYPE_INITIALIZER::ValidAccessMask
ULONG ValidAccessMask
Definition: obtypes.h:359
_OBJECT_TYPE_INITIALIZER::SecurityRequired
BOOLEAN SecurityRequired
Definition: obtypes.h:360
SepTokenLock
ERESOURCE SepTokenLock
Definition: token.c:35
OBJ_OPENLINK
#define OBJ_OPENLINK
Definition: winternl.h:230
_OBJECT_TYPE_INITIALIZER
Definition: obtypes.h:352
Name
struct NameRec_ * Name
Definition: cdprocs.h:464
NULL
smooth NULL
Definition: ftsmooth.c:416
NameRec_
Definition: apinames.c:48
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:34
DPRINT
void DPRINT(...)
Definition: polytest.cpp:61
_OBJECT_TYPE_INITIALIZER::Length
USHORT Length
Definition: obtypes.h:354
_OBJECT_TYPE_INITIALIZER::PoolType
POOL_TYPE PoolType
Definition: obtypes.h:363
TOKEN_ALL_ACCESS
#define TOKEN_ALL_ACCESS
Definition: setypes.h:892
_OBJECT_TYPE_INITIALIZER::UseDefaultObject
BOOLEAN UseDefaultObject
Definition: obtypes.h:355
L
static const WCHAR L[]
Definition: oid.c:1250
SepTokenMapping
static GENERIC_MAPPING SepTokenMapping
Definition: token.c:41
_OBJECT_TYPE_INITIALIZER::DefaultPagedPoolCharge
ULONG DefaultPagedPoolCharge
Definition: obtypes.h:364
_UNICODE_STRING
Definition: env_spec_w32.h:368
_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
SepDeleteToken
VOID NTAPI SepDeleteToken(PVOID ObjectBody)
Definition: token.c:817
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
_OBJECT_TYPE_INITIALIZER::InvalidAttributes
ULONG InvalidAttributes
Definition: obtypes.h:357
_OBJECT_TYPE_INITIALIZER::DeleteProcedure
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
TOKEN
struct _TOKEN TOKEN

Referenced by SepInitializationPhase0().

◆ SepInitPrivileges()

INIT_FUNCTION VOID NTAPI SepInitPrivileges ( VOID  )

Definition at line 64 of file priv.c.

65 {
66 
67 }

Referenced by SepInitializationPhase0().

◆ SepInitSDs()

INIT_FUNCTION BOOLEAN NTAPI SepInitSDs ( VOID  )

Definition at line 34 of file sd.c.

35 {
36  /* Create PublicDefaultSd */
37  SePublicDefaultSd = ExAllocatePoolWithTag(PagedPool,
38  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
39  if (SePublicDefaultSd == NULL)
40  return FALSE;
41 
42  RtlCreateSecurityDescriptor(SePublicDefaultSd,
43  SECURITY_DESCRIPTOR_REVISION);
44  RtlSetDaclSecurityDescriptor(SePublicDefaultSd,
45  TRUE,
46  SePublicDefaultDacl,
47  FALSE);
48 
49  /* Create PublicDefaultUnrestrictedSd */
50  SePublicDefaultUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
51  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
52  if (SePublicDefaultUnrestrictedSd == NULL)
53  return FALSE;
54 
55  RtlCreateSecurityDescriptor(SePublicDefaultUnrestrictedSd,
56  SECURITY_DESCRIPTOR_REVISION);
57  RtlSetDaclSecurityDescriptor(SePublicDefaultUnrestrictedSd,
58  TRUE,
59  SePublicDefaultUnrestrictedDacl,
60  FALSE);
61 
62  /* Create PublicOpenSd */
63  SePublicOpenSd = ExAllocatePoolWithTag(PagedPool,
64  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
65  if (SePublicOpenSd == NULL)
66  return FALSE;
67 
68  RtlCreateSecurityDescriptor(SePublicOpenSd,
69  SECURITY_DESCRIPTOR_REVISION);
70  RtlSetDaclSecurityDescriptor(SePublicOpenSd,
71  TRUE,
72  SePublicOpenDacl,
73  FALSE);
74 
75  /* Create PublicOpenUnrestrictedSd */
76  SePublicOpenUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
77  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
78  if (SePublicOpenUnrestrictedSd == NULL)
79  return FALSE;
80 
81  RtlCreateSecurityDescriptor(SePublicOpenUnrestrictedSd,
82  SECURITY_DESCRIPTOR_REVISION);
83  RtlSetDaclSecurityDescriptor(SePublicOpenUnrestrictedSd,
84  TRUE,
85  SePublicOpenUnrestrictedDacl,
86  FALSE);
87 
88  /* Create SystemDefaultSd */
89  SeSystemDefaultSd = ExAllocatePoolWithTag(PagedPool,
90  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
91  if (SeSystemDefaultSd == NULL)
92  return FALSE;
93 
94  RtlCreateSecurityDescriptor(SeSystemDefaultSd,
95  SECURITY_DESCRIPTOR_REVISION);
96  RtlSetDaclSecurityDescriptor(SeSystemDefaultSd,
97  TRUE,
98  SeSystemDefaultDacl,
99  FALSE);
100 
101  /* Create UnrestrictedSd */
102  SeUnrestrictedSd = ExAllocatePoolWithTag(PagedPool,
103  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
104  if (SeUnrestrictedSd == NULL)
105  return FALSE;
106 
107  RtlCreateSecurityDescriptor(SeUnrestrictedSd,
108  SECURITY_DESCRIPTOR_REVISION);
109  RtlSetDaclSecurityDescriptor(SeUnrestrictedSd,
110  TRUE,
111  SeUnrestrictedDacl,
112  FALSE);
113 
114  return TRUE;
115 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
TRUE
#define TRUE
Definition: types.h:120
SePublicDefaultUnrestrictedDacl
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:24
SePublicDefaultSd
PSECURITY_DESCRIPTOR SePublicDefaultSd
Definition: sd.c:22
SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:23
SeUnrestrictedSd
PSECURITY_DESCRIPTOR SeUnrestrictedSd
Definition: sd.c:27
RtlCreateSecurityDescriptor
NTSTATUS NTAPI RtlCreateSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Revision)
Definition: sd.c:117
SePublicOpenSd
PSECURITY_DESCRIPTOR SePublicOpenSd
Definition: sd.c:24
RtlSetDaclSecurityDescriptor
NTSTATUS NTAPI RtlSetDaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN DaclPresent, IN PACL Dacl, IN BOOLEAN DaclDefaulted)
Definition: sd.c:303
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
SePublicOpenDacl
PACL SePublicOpenDacl
Definition: acl.c:25
NULL
smooth NULL
Definition: ftsmooth.c:416
TAG_SD
#define TAG_SD
Definition: tag.h:176
SePublicOpenUnrestrictedSd
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
Definition: sd.c:25
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SePublicDefaultUnrestrictedSd
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
Definition: sd.c:23
SePublicDefaultDacl
PACL SePublicDefaultDacl
Definition: acl.c:22
SeUnrestrictedDacl
PACL SeUnrestrictedDacl
Definition: acl.c:27
SePublicOpenUnrestrictedDacl
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:26
SeSystemDefaultSd
PSECURITY_DESCRIPTOR SeSystemDefaultSd
Definition: sd.c:26

Referenced by SepInitializationPhase0().

◆ SepInitSecurityIDs()

INIT_FUNCTION BOOLEAN NTAPI SepInitSecurityIDs ( VOID  )

Definition at line 100 of file sid.c.

101 {
102  ULONG SidLength0;
103  ULONG SidLength1;
104  ULONG SidLength2;
105  PULONG SubAuthority;
106 
107  SidLength0 = RtlLengthRequiredSid(0);
108  SidLength1 = RtlLengthRequiredSid(1);
109  SidLength2 = RtlLengthRequiredSid(2);
110 
111  /* create NullSid */
112  SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
113  SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
114  SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
115  SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
116  SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
117  SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
118  SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
119  SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0, TAG_SID);
120  SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
121  SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
122  SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
123  SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
124  SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
125  SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
126  SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
127  SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
128  SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
129  SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
130  SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
131  SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
132  SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
133  SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
134  SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
135  SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
136  SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
137  SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
138  SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
139  SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
140  SeLocalServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
141  SeNetworkServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
142 
143  if (SeNullSid == NULL || SeWorldSid == NULL ||
144  SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
145  SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
146  SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
147  SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
148  SeInteractiveSid == NULL || SeServiceSid == NULL ||
149  SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
150  SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
151  SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
152  SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
153  SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
154  SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
155  SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
156  SeAnonymousLogonSid == NULL || SeLocalServiceSid == NULL ||
157  SeNetworkServiceSid == NULL)
158  {
159  FreeInitializedSids();
160  return FALSE;
161  }
162 
163  RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
164  RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
165  RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
166  RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
167  RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
168  RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
169  RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
170  RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
171  RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
172  RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
173  RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
174  RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
175  RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
176  RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
177  RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
178  RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
179  RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
180  RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
181  RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
182  RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
183  RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
184  RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
185  RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
186  RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
187  RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
188  RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
189  RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
190  RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
191  RtlInitializeSid(SeLocalServiceSid, &SeNtSidAuthority, 1);
192  RtlInitializeSid(SeNetworkServiceSid, &SeNtSidAuthority, 1);
193 
194  SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
195  *SubAuthority = SECURITY_NULL_RID;
196  SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
197  *SubAuthority = SECURITY_WORLD_RID;
198  SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
199  *SubAuthority = SECURITY_LOCAL_RID;
200  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
201  *SubAuthority = SECURITY_CREATOR_OWNER_RID;
202  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
203  *SubAuthority = SECURITY_CREATOR_GROUP_RID;
204  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
205  *SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
206  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
207  *SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
208  SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
209  *SubAuthority = SECURITY_DIALUP_RID;
210  SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
211  *SubAuthority = SECURITY_NETWORK_RID;
212  SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
213  *SubAuthority = SECURITY_BATCH_RID;
214  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
215  *SubAuthority = SECURITY_INTERACTIVE_RID;
216  SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
217  *SubAuthority = SECURITY_SERVICE_RID;
218  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
219  *SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
220  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
221  *SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
222  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
223  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
224  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
225  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
226  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
227  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
228  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
229  *SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
230  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
231  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
232  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
233  *SubAuthority = DOMAIN_ALIAS_RID_USERS;
234  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
235  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
236  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
237  *SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
238  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
239  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
240  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
241  *SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
242  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
243  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
244  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
245  *SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
246  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
247  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
248  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
249  *SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
250  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
251  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
252  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
253  *SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
254  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
255  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
256  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
257  *SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
258  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
259  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
260  SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
261  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
262  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
263  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
264  SubAuthority = RtlSubAuthoritySid(SeLocalServiceSid, 0);
265  *SubAuthority = SECURITY_LOCAL_SERVICE_RID;
266  SubAuthority = RtlSubAuthoritySid(SeNetworkServiceSid, 0);
267  *SubAuthority = SECURITY_NETWORK_SERVICE_RID;
268 
269  return TRUE;
270 }
SeLocalServiceSid
PSID SeLocalServiceSid
Definition: sid.c:58
SECURITY_BATCH_RID
#define SECURITY_BATCH_RID
Definition: setypes.h:530
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
TRUE
#define TRUE
Definition: types.h:120
DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:626
SeAliasPrintOpsSid
PSID SeAliasPrintOpsSid
Definition: sid.c:53
FreeInitializedSids
VOID NTAPI FreeInitializedSids(VOID)
Definition: sid.c:65
SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: sid.c:57
SeBatchSid
PSID SeBatchSid
Definition: sid.c:40
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:44
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:47
DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:629
SeDialupSid
PSID SeDialupSid
Definition: sid.c:38
SECURITY_DIALUP_RID
#define SECURITY_DIALUP_RID
Definition: setypes.h:528
SECURITY_NETWORK_RID
#define SECURITY_NETWORK_RID
Definition: setypes.h:529
TAG_SID
#define TAG_SID
Definition: sid.c:15
DOMAIN_ALIAS_RID_POWER_USERS
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:627
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:531
SeAliasBackupOpsSid
PSID SeAliasBackupOpsSid
Definition: sid.c:54
SePrincipalSelfSid
PSID SePrincipalSelfSid
Definition: sid.c:43
RtlSubAuthoritySid
PULONG NTAPI RtlSubAuthoritySid(IN PSID Sid_, IN ULONG SubAuthority)
Definition: sid.c:89
SECURITY_PRINCIPAL_SELF_RID
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:539
SeCreatorOwnerServerSid
PSID SeCreatorOwnerServerSid
Definition: sid.c:35
SeCreatorSidAuthority
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
Definition: sid.c:27
NULL
smooth NULL
Definition: ftsmooth.c:416
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
SECURITY_CREATOR_GROUP_SERVER_RID
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:520
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
DOMAIN_ALIAS_RID_BACKUP_OPS
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:632
SeServiceSid
PSID SeServiceSid
Definition: sid.c:42
DOMAIN_ALIAS_RID_SYSTEM_OPS
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:630
SECURITY_LOCAL_RID
#define SECURITY_LOCAL_RID
Definition: setypes.h:514
SeWorldSidAuthority
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
Definition: sid.c:25
SECURITY_WORLD_RID
#define SECURITY_WORLD_RID
Definition: setypes.h:513
SECURITY_ANONYMOUS_LOGON_RID
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:535
SeAliasUsersSid
PSID SeAliasUsersSid
Definition: sid.c:48
SeAliasGuestsSid
PSID SeAliasGuestsSid
Definition: sid.c:49
SECURITY_CREATOR_OWNER_RID
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:517
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512
SeAuthenticatedUserSid
PSID SeAuthenticatedUserSid
Definition: sid.c:45
SeWorldSid
PSID SeWorldSid
Definition: sid.c:31
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
SeLocalSid
PSID SeLocalSid
Definition: sid.c:32
SeAuthenticatedUsersSid
PSID SeAuthenticatedUsersSid
Definition: sid.c:55
SeAliasPowerUsersSid
PSID SeAliasPowerUsersSid
Definition: sid.c:50
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
SeNetworkSid
PSID SeNetworkSid
Definition: sid.c:39
SeNullSidAuthority
SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
Definition: sid.c:24
SECURITY_CREATOR_GROUP_RID
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:518
RtlInitializeSid
NTSTATUS NTAPI RtlInitializeSid(IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
Definition: sid.c:68
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
PULONG
unsigned int * PULONG
Definition: retypes.h:1
SECURITY_RESTRICTED_CODE_RID
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:541
SeCreatorGroupSid
PSID SeCreatorGroupSid
Definition: sid.c:34
SeRestrictedSid
PSID SeRestrictedSid
Definition: sid.c:56
SeCreatorGroupServerSid
PSID SeCreatorGroupServerSid
Definition: sid.c:36
SeNetworkServiceSid
PSID SeNetworkServiceSid
Definition: sid.c:59
SECURITY_CREATOR_OWNER_SERVER_RID
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:519
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:46
DOMAIN_ALIAS_RID_PRINT_OPS
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:631
SECURITY_SERVICE_RID
#define SECURITY_SERVICE_RID
Definition: setypes.h:534
ULONG
unsigned int ULONG
Definition: retypes.h:1
SeLocalSidAuthority
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
Definition: sid.c:26
SeCreatorOwnerSid
PSID SeCreatorOwnerSid
Definition: sid.c:33
SeAliasSystemOpsSid
PSID SeAliasSystemOpsSid
Definition: sid.c:52
SeInteractiveSid
PSID SeInteractiveSid
Definition: sid.c:41
SeNullSid
PSID SeNullSid
Definition: sid.c:30
SeNtSidAuthority
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
Definition: sid.c:28
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
SeNtAuthoritySid
PSID SeNtAuthoritySid
Definition: sid.c:37
SeAliasAccountOpsSid
PSID SeAliasAccountOpsSid
Definition: sid.c:51

Referenced by SepInitializationPhase0().

◆ SepPrivilegeCheck()

BOOLEAN NTAPI SepPrivilegeCheck ( PTOKEN  Token,
PLUID_AND_ATTRIBUTES  Privileges,
ULONG  PrivilegeCount,
ULONG  PrivilegeControl,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 72 of file priv.c.

77 {
78  ULONG i;
79  ULONG j;
80  ULONG Required;
81 
82  DPRINT("SepPrivilegeCheck() called\n");
83 
84  PAGED_CODE();
85 
86  if (PreviousMode == KernelMode)
87  return TRUE;
88 
89  /* Get the number of privileges that are required to match */
90  Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
91 
92  /* Acquire a shared token lock */
93  SepAcquireTokenLockShared(Token);
94 
95  /* Loop all requested privileges until we found the required ones */
96  for (i = 0; i < PrivilegeCount; i++)
97  {
98  /* Loop the privileges of the token */
99  for (j = 0; j < Token->PrivilegeCount; j++)
100  {
101  /* Check if the LUIDs match */
102  if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
103  {
104  DPRINT("Found privilege. Attributes: %lx\n",
105  Token->Privileges[j].Attributes);
106 
107  /* Check if the privilege is enabled */
108  if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
109  {
110  Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
111  Required--;
112 
113  /* Check if we have found all privileges */
114  if (Required == 0)
115  {
116  /* We're done! */
117  SepReleaseTokenLock(Token);
118  return TRUE;
119  }
120  }
121 
122  /* Leave the inner loop */
123  break;
124  }
125  }
126  }
127 
128  /* Release the token lock */
129  SepReleaseTokenLock(Token);
130 
131  /* When we reached this point, we did not find all privileges */
132  ASSERT(Required > 0);
133  return FALSE;
134 }
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
DPRINT
void DPRINT(...)
Definition: polytest.cpp:61
SE_PRIVILEGE_USED_FOR_ACCESS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
j
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:211
SepAcquireTokenLockShared
#define SepAcquireTokenLockShared(Token)
Definition: se.h:205
ULONG
unsigned int ULONG
Definition: retypes.h:1
Required
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
Definition: newmm.h:66

Referenced by NtPrivilegeCheck(), SeCheckAuditPrivilege(), SePrivilegeCheck(), and SepSinglePrivilegeCheck().

◆ SepPropagateAcl()

NTSTATUS SepPropagateAcl ( _Out_writes_bytes_opt_(DaclLength) PACL  AclDest,
_Inout_ PULONG  AclLength,
_In_reads_bytes_(AclSource->AclSize) PACL  AclSource,
_In_ PSID  Owner,
_In_ PSID  Group,
_In_ BOOLEAN  IsInherited,
_In_ BOOLEAN  IsDirectoryObject,
_In_ PGENERIC_MAPPING  GenericMapping 
)

◆ SepReleaseAcl()

VOID NTAPI SepReleaseAcl ( IN PACL  CapturedAcl,
IN KPROCESSOR_MODE  AccessMode,
IN BOOLEAN  CaptureIfKernel 
)

Definition at line 365 of file acl.c.

368 {
369  PAGED_CODE();
370 
371  if (CapturedAcl != NULL &&
372  (AccessMode != KernelMode ||
373  (AccessMode == KernelMode && CaptureIfKernel)))
374  {
375  ExFreePoolWithTag(CapturedAcl, TAG_ACL);
376  }
377 }
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NULL
smooth NULL
Definition: ftsmooth.c:416
TAG_ACL
#define TAG_ACL
Definition: tag.h:174
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by NtCreateToken().

◆ SepReleaseSecurityQualityOfService()

VOID NTAPI SepReleaseSecurityQualityOfService ( IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService  OPTIONAL,
IN KPROCESSOR_MODE  AccessMode,
IN BOOLEAN  CaptureIfKernel 
)

Definition at line 367 of file sd.c.

370 {
371  PAGED_CODE();
372 
373  if (CapturedSecurityQualityOfService != NULL &&
374  (AccessMode != KernelMode || CaptureIfKernel))
375  {
376  ExFreePoolWithTag(CapturedSecurityQualityOfService, TAG_QOS);
377  }
378 }
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NULL
smooth NULL
Definition: ftsmooth.c:416
TAG_QOS
#define TAG_QOS
Definition: tag.h:177
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by NtDuplicateToken().

◆ SepReleaseSid()

VOID NTAPI SepReleaseSid ( IN PSID  CapturedSid,
IN KPROCESSOR_MODE  AccessMode,
IN BOOLEAN  CaptureIfKernel 
)

Definition at line 342 of file sid.c.

345 {
346  PAGED_CODE();
347 
348  if (CapturedSid != NULL &&
349  (AccessMode != KernelMode ||
350  (AccessMode == KernelMode && CaptureIfKernel)))
351  {
352  ExFreePoolWithTag(CapturedSid, TAG_SID);
353  }
354 }
TAG_SID
#define TAG_SID
Definition: sid.c:15
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
NULL
smooth NULL
Definition: ftsmooth.c:416
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by NtCreateToken(), NtSecureConnectPort(), NtSetInformationToken(), and SepAccessCheckAndAuditAlarm().

◆ SePrivilegedServiceAuditAlarm()

VOID NTAPI SePrivilegedServiceAuditAlarm ( _In_opt_ PUNICODE_STRING  ServiceName,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PPRIVILEGE_SET  PrivilegeSet,
_In_ BOOLEAN  AccessGranted 
)

Definition at line 214 of file audit.c.

219 {
220  PTOKEN EffectiveToken;
221  PSID UserSid;
222  PAGED_CODE();
223 
224  /* Get the effective token */
225  if (SubjectContext->ClientToken != NULL)
226  EffectiveToken = SubjectContext->ClientToken;
227  else
228  EffectiveToken = SubjectContext->PrimaryToken;
229 
230  /* Get the user SID */
231  UserSid = EffectiveToken->UserAndGroups->Sid;
232 
233  /* Check if this is the local system SID */
234  if (RtlEqualSid(UserSid, SeLocalSystemSid))
235  {
236  /* Nothing to do */
237  return;
238  }
239 
240  /* Check if this is the network service or local service SID */
241  if (RtlEqualSid(UserSid, SeExports->SeNetworkServiceSid) ||
242  RtlEqualSid(UserSid, SeExports->SeLocalServiceSid))
243  {
244  // FIXME: should continue for a certain set of privileges
245  return;
246  }
247 
248  /* Call the worker function */
249  SepAdtPrivilegedServiceAuditAlarm(SubjectContext,
250  &SeSubsystemName,
251  ServiceName,
252  SubjectContext->ClientToken,
253  SubjectContext->PrimaryToken,
254  PrivilegeSet,
255  AccessGranted);
256 
257 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478
_SID
Definition: ms-dtyp.idl:198
SepAdtPrivilegedServiceAuditAlarm
VOID NTAPI SepAdtPrivilegedServiceAuditAlarm(PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_opt_ PUNICODE_STRING SubsystemName, _In_opt_ PUNICODE_STRING ServiceName, _In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
Definition: audit.c:200
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
SeExports
PSE_EXPORTS SeExports
Definition: semgr.c:18
_SE_EXPORTS::SeNetworkServiceSid
PSID SeNetworkServiceSid
Definition: setypes.h:1190
NULL
smooth NULL
Definition: ftsmooth.c:416
ServiceName
LPTSTR ServiceName
Definition: ServiceMain.c:15
_SE_EXPORTS::SeLocalServiceSid
PSID SeLocalServiceSid
Definition: setypes.h:1189
AccessGranted
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
SeSubsystemName
UNICODE_STRING SeSubsystemName
Definition: audit.c:19
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:44
_TOKEN::UserAndGroups
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:169
_TOKEN
Definition: setypes.h:151
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

Referenced by SeCheckAuditPrivilege(), and SeSinglePrivilegeCheck().

◆ SePrivilegePolicyCheck()