ReactOS  0.4.15-dev-2704-gd5265b0
se.h File Reference

Go to the source code of this file.

Classes

struct  _KNOWN_ACE
 
struct  _KNOWN_OBJECT_ACE
 
struct  _KNOWN_COMPOUND_ACE
 
struct  _TOKEN_AUDIT_POLICY_INFORMATION
 

Macros

#define SepAcquireTokenLockExclusive(Token)
 
#define SepAcquireTokenLockShared(Token)
 
#define SepReleaseTokenLock(Token)
 

Typedefs

typedef struct _KNOWN_ACE KNOWN_ACE
 
typedef struct _KNOWN_ACEPKNOWN_ACE
 
typedef struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE
 
typedef struct _KNOWN_OBJECT_ACEPKNOWN_OBJECT_ACE
 
typedef struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE
 
typedef struct _KNOWN_COMPOUND_ACEPKNOWN_COMPOUND_ACE
 
typedef struct _TOKEN_AUDIT_POLICY_INFORMATION TOKEN_AUDIT_POLICY_INFORMATION
 
typedef struct _TOKEN_AUDIT_POLICY_INFORMATIONPTOKEN_AUDIT_POLICY_INFORMATION
 

Functions

FORCEINLINE PSID SepGetGroupFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PSID SepGetOwnerFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PACL SepGetDaclFromDescriptor (PVOID _Descriptor)
 
FORCEINLINE PACL SepGetSaclFromDescriptor (PVOID _Descriptor)
 
BOOLEAN NTAPI SepTokenIsOwner (IN PACCESS_TOKEN _Token, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN TokenLocked)
 
BOOLEAN NTAPI SepSidInToken (IN PACCESS_TOKEN _Token, IN PSID Sid)
 
BOOLEAN NTAPI SepSidInTokenEx (IN PACCESS_TOKEN _Token, IN PSID PrincipalSelfSid, IN PSID _Sid, IN BOOLEAN Deny, IN BOOLEAN Restricted)
 
BOOLEAN NTAPI SeTokenCanImpersonate (_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 Ensures that client impersonation can occur by checking if the token we're going to assign as the impersonation token can be actually impersonated in the first place. The routine is used primarily by PsImpersonateClient. More...
 
BOOLEAN NTAPI SeInitSystem (VOID)
 
VOID NTAPI SepInitPrivileges (VOID)
 
BOOLEAN NTAPI SepInitSecurityIDs (VOID)
 
BOOLEAN NTAPI SepInitDACLs (VOID)
 
BOOLEAN NTAPI SepInitSDs (VOID)
 
BOOLEAN NTAPI SeRmInitPhase0 (VOID)
 
BOOLEAN NTAPI SeRmInitPhase1 (VOID)
 
VOID NTAPI SeDeassignPrimaryToken (struct _EPROCESS *Process)
 
NTSTATUS NTAPI SeSubProcessToken (IN PTOKEN Parent, OUT PTOKEN *Token, IN BOOLEAN InUse, IN ULONG SessionId)
 
NTSTATUS NTAPI SeInitializeProcessAuditName (IN PFILE_OBJECT FileObject, IN BOOLEAN DoAudit, OUT POBJECT_NAME_INFORMATION *AuditInfo)
 
NTSTATUS NTAPI SeCreateAccessStateEx (IN PETHREAD Thread, IN PEPROCESS Process, IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeIsTokenChild (IN PTOKEN Token, OUT PBOOLEAN IsChild)
 
NTSTATUS NTAPI SeIsTokenSibling (IN PTOKEN Token, OUT PBOOLEAN IsSibling)
 
NTSTATUS NTAPI SepCreateImpersonationTokenDacl (_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
 
VOID NTAPI SepInitializeTokenImplementation (VOID)
 
PTOKEN NTAPI SepCreateSystemProcessToken (VOID)
 Creates the system process token. More...
 
PTOKEN SepCreateSystemAnonymousLogonToken (VOID)
 Creates the anonymous logon token for the system. The difference between this token and the other one is the inclusion of everyone SID group (being SeWorldSid). The other token lacks such group. More...
 
PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone (VOID)
 Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID group (being SeWorldSid). More...
 
BOOLEAN NTAPI SeDetailedAuditingWithToken (IN PTOKEN Token)
 
VOID NTAPI SeAuditProcessExit (IN PEPROCESS Process)
 
VOID NTAPI SeAuditProcessCreate (IN PEPROCESS Process)
 
NTSTATUS NTAPI SeExchangePrimaryToken (_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
 
VOID NTAPI SeCaptureSubjectContextEx (IN PETHREAD Thread, IN PEPROCESS Process, OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
 
BOOLEAN NTAPI SepPrivilegeCheck (PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckPrivilegedObject (IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SepDuplicateToken (_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
 
NTSTATUS NTAPI SepCaptureSecurityQualityOfService (IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, OUT PBOOLEAN Present)
 
VOID NTAPI SepReleaseSecurityQualityOfService (IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SepCaptureSid (IN PSID InputSid, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSID *CapturedSid)
 
VOID NTAPI SepReleaseSid (IN PSID CapturedSid, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeCaptureSidAndAttributesArray (_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
 
VOID NTAPI SeReleaseSidAndAttributesArray (_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeComputeQuotaInformationSize (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PULONG QuotaInfoSize)
 
NTSTATUS NTAPI SepCaptureAcl (IN PACL InputAcl, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PACL *CapturedAcl)
 
VOID NTAPI SepReleaseAcl (IN PACL CapturedAcl, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
 
NTSTATUS SepPropagateAcl (_Out_writes_bytes_opt_(DaclLength) PACL AclDest, _Inout_ PULONG AclLength, _In_reads_bytes_(AclSource->AclSize) PACL AclSource, _In_ PSID Owner, _In_ PSID Group, _In_ BOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 
PACL SepSelectAcl (_In_opt_ PACL ExplicitAcl, _In_ BOOLEAN ExplicitPresent, _In_ BOOLEAN ExplicitDefaulted, _In_opt_ PACL ParentAcl, _In_opt_ PACL DefaultAcl, _Out_ PULONG AclLength, _In_ PSID Owner, _In_ PSID Group, _Out_ PBOOLEAN AclPresent, _Out_ PBOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeDefaultObjectMethod (PVOID Object, SECURITY_OPERATION_CODE OperationType, PSECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR NewSecurityDescriptor, PULONG ReturnLength, PSECURITY_DESCRIPTOR *OldSecurityDescriptor, POOL_TYPE PoolType, PGENERIC_MAPPING GenericMapping)
 
NTSTATUS NTAPI SeSetWorldSecurityDescriptor (SECURITY_INFORMATION SecurityInformation, PISECURITY_DESCRIPTOR SecurityDescriptor, PULONG BufferLength)
 
NTSTATUS NTAPI SeCopyClientToken (IN PACCESS_TOKEN Token, IN SECURITY_IMPERSONATION_LEVEL Level, IN KPROCESSOR_MODE PreviousMode, OUT PACCESS_TOKEN *NewToken)
 
NTSTATUS NTAPI SepRegQueryHelper (_In_ PCWSTR KeyName, _In_ PCWSTR ValueName, _In_ ULONG ValueType, _In_ ULONG DataLength, _Out_ PVOID ValueData)
 A private registry helper that returns the desired value data based on the specifics requested by the caller. More...
 
VOID NTAPI SeQuerySecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
 
VOID NTAPI SeSetSecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
 
BOOLEAN NTAPI SeFastTraverseCheck (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PACCESS_STATE AccessState, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE AccessMode)
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 
VOID NTAPI SePrivilegedServiceAuditAlarm (_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
 
NTSTATUS SepRmReferenceLogonSession (PLUID LogonLuid)
 
NTSTATUS SepRmDereferenceLogonSession (PLUID LogonLuid)
 
NTSTATUS NTAPI SeGetLogonIdDeviceMap (IN PLUID LogonId, OUT PDEVICE_MAP *DeviceMap)
 

Variables

SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
 
PSID SeNullSid
 
PSID SeWorldSid
 
PSID SeLocalSid
 
PSID SeCreatorOwnerSid
 
PSID SeCreatorGroupSid
 
PSID SeCreatorOwnerServerSid
 
PSID SeCreatorGroupServerSid
 
PSID SeNtAuthoritySid
 
PSID SeDialupSid
 
PSID SeNetworkSid
 
PSID SeBatchSid
 
PSID SeInteractiveSid
 
PSID SeServiceSid
 
PSID SeAnonymousLogonSid
 
PSID SePrincipalSelfSid
 
PSID SeLocalSystemSid
 
PSID SeAuthenticatedUserSid
 
PSID SeRestrictedCodeSid
 
PSID SeAliasAdminsSid
 
PSID SeAliasUsersSid
 
PSID SeAliasGuestsSid
 
PSID SeAliasPowerUsersSid
 
PSID SeAliasAccountOpsSid
 
PSID SeAliasSystemOpsSid
 
PSID SeAliasPrintOpsSid
 
PSID SeAliasBackupOpsSid
 
PSID SeAuthenticatedUsersSid
 
PSID SeRestrictedSid
 
PSID SeLocalServiceSid
 
PSID SeNetworkServiceSid
 
const LUID SeCreateTokenPrivilege
 
const LUID SeAssignPrimaryTokenPrivilege
 
const LUID SeLockMemoryPrivilege
 
const LUID SeIncreaseQuotaPrivilege
 
const LUID SeUnsolicitedInputPrivilege
 
const LUID SeTcbPrivilege
 
const LUID SeSecurityPrivilege
 
const LUID SeTakeOwnershipPrivilege
 
const LUID SeLoadDriverPrivilege
 
const LUID SeSystemProfilePrivilege
 
const LUID SeSystemtimePrivilege
 
const LUID SeProfileSingleProcessPrivilege
 
const LUID SeIncreaseBasePriorityPrivilege
 
const LUID SeCreatePagefilePrivilege
 
const LUID SeCreatePermanentPrivilege
 
const LUID SeBackupPrivilege
 
const LUID SeRestorePrivilege
 
const LUID SeShutdownPrivilege
 
const LUID SeDebugPrivilege
 
const LUID SeAuditPrivilege
 
const LUID SeSystemEnvironmentPrivilege
 
const LUID SeChangeNotifyPrivilege
 
const LUID SeRemoteShutdownPrivilege
 
const LUID SeUndockPrivilege
 
const LUID SeSyncAgentPrivilege
 
const LUID SeEnableDelegationPrivilege
 
const LUID SeManageVolumePrivilege
 
const LUID SeImpersonatePrivilege
 
const LUID SeCreateGlobalPrivilege
 
const LUID SeTrustedCredmanPrivilege
 
const LUID SeRelabelPrivilege
 
const LUID SeIncreaseWorkingSetPrivilege
 
const LUID SeTimeZonePrivilege
 
const LUID SeCreateSymbolicLinkPrivilege
 
PACL SePublicDefaultUnrestrictedDacl
 
PACL SePublicOpenDacl
 
PACL SePublicOpenUnrestrictedDacl
 
PACL SeUnrestrictedDacl
 
PACL SeSystemAnonymousLogonDacl
 
PSECURITY_DESCRIPTOR SePublicDefaultSd
 
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
 
PSECURITY_DESCRIPTOR SePublicOpenSd
 
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
 
PSECURITY_DESCRIPTOR SeSystemDefaultSd
 
PSECURITY_DESCRIPTOR SeUnrestrictedSd
 
PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
 
PTOKEN SeAnonymousLogonToken
 
PTOKEN SeAnonymousLogonTokenNoEveryone
 

Macro Definition Documentation

◆ SepAcquireTokenLockExclusive

#define SepAcquireTokenLockExclusive (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceExclusiveLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
#define TRUE
Definition: types.h:120
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token

Definition at line 216 of file se.h.

◆ SepAcquireTokenLockShared

#define SepAcquireTokenLockShared (   Token)
Value:
{ \
KeEnterCriticalRegion(); \
ExAcquireResourceSharedLite(((PTOKEN)Token)->TokenLock, TRUE); \
}
#define TRUE
Definition: types.h:120
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token

Definition at line 221 of file se.h.

◆ SepReleaseTokenLock

#define SepReleaseTokenLock (   Token)
Value:
{ \
ExReleaseResourceLite(((PTOKEN)Token)->TokenLock); \
KeLeaveCriticalRegion(); \
}
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token

Definition at line 227 of file se.h.

Typedef Documentation

◆ KNOWN_ACE

◆ KNOWN_COMPOUND_ACE

◆ KNOWN_OBJECT_ACE

◆ PKNOWN_ACE

◆ PKNOWN_COMPOUND_ACE

◆ PKNOWN_OBJECT_ACE

◆ PTOKEN_AUDIT_POLICY_INFORMATION

◆ TOKEN_AUDIT_POLICY_INFORMATION

Function Documentation

◆ SeAuditProcessCreate()

VOID NTAPI SeAuditProcessCreate ( IN PEPROCESS  Process)

Definition at line 33 of file audit.c.

34 {
35  /* FIXME */
36 }

Referenced by PspCreateProcess().

◆ SeAuditProcessExit()

VOID NTAPI SeAuditProcessExit ( IN PEPROCESS  Process)

Definition at line 40 of file audit.c.

41 {
42  /* FIXME */
43 }

Referenced by PspExitThread().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Src,
ULONG  PrivilegeCount,
KPROCESSOR_MODE  PreviousMode,
PLUID_AND_ATTRIBUTES  AllocatedMem,
ULONG  AllocatedLength,
POOL_TYPE  PoolType,
BOOLEAN  CaptureIfKernel,
PLUID_AND_ATTRIBUTES Dest,
PULONG  Length 
)

Definition at line 287 of file priv.c.

296 {
299 
300  PAGED_CODE();
301 
302  if (PrivilegeCount == 0)
303  {
304  *Dest = 0;
305  *Length = 0;
306  return STATUS_SUCCESS;
307  }
308 
309  if (PreviousMode == KernelMode && !CaptureIfKernel)
310  {
311  *Dest = Src;
312  return STATUS_SUCCESS;
313  }
314 
315  /* FIXME - check PrivilegeCount for a valid number so we don't
316  cause an integer overflow or exhaust system resources! */
317 
318  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
319  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
320 
321  /* probe the buffer */
322  if (PreviousMode != KernelMode)
323  {
324  _SEH2_TRY
325  {
326  ProbeForRead(Src,
327  BufferSize,
328  sizeof(ULONG));
329  }
331  {
332  /* Return the exception code */
334  }
335  _SEH2_END;
336  }
337 
338  /* allocate enough memory or check if the provided buffer is
339  large enough to hold the array */
340  if (AllocatedMem != NULL)
341  {
342  if (AllocatedLength < BufferSize)
343  {
345  }
346 
347  *Dest = AllocatedMem;
348  }
349  else
350  {
352  BufferSize,
353  TAG_LUID);
354  if (*Dest == NULL)
355  {
357  }
358  }
359 
360  /* copy the array to the buffer */
361  _SEH2_TRY
362  {
363  RtlCopyMemory(*Dest,
364  Src,
365  BufferSize);
366  }
368  {
370  }
371  _SEH2_END;
372 
373  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
374  {
375  ExFreePoolWithTag(*Dest, TAG_LUID);
376  }
377 
378  return Status;
379 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
LONG NTSTATUS
Definition: precomp.h:26
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
Definition: create.c:4226
Status
Definition: gdiplustypes.h:24
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TAG_LUID
Definition: tag.h:178
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
Definition: create.c:4400
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define BufferSize
Definition: mmc.h:75
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:251
#define PAGED_CODE()

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeCaptureSidAndAttributesArray()

NTSTATUS NTAPI SeCaptureSidAndAttributesArray ( _In_ PSID_AND_ATTRIBUTES  SrcSidAndAttributes,
_In_ ULONG  AttributeCount,
_In_ KPROCESSOR_MODE  PreviousMode,
_In_opt_ PVOID  AllocatedMem,
_In_ ULONG  AllocatedLength,
_In_ POOL_TYPE  PoolType,
_In_ BOOLEAN  CaptureIfKernel,
_Out_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
_Out_ PULONG  ResultLength 
)

Definition at line 354 of file sid.c.

364 {
365  ULONG ArraySize, RequiredLength, SidLength, i;
366  PSID_AND_ATTRIBUTES SidAndAttributes;
367  PUCHAR CurrentDest;
368  PISID Sid;
370  PAGED_CODE();
371 
372  *CapturedSidAndAttributes = NULL;
373  *ResultLength = 0;
374 
375  if (AttributeCount == 0)
376  {
377  return STATUS_SUCCESS;
378  }
379 
380  if (AttributeCount > 0x1000)
381  {
383  }
384 
385  if ((PreviousMode == KernelMode) && !CaptureIfKernel)
386  {
387  *CapturedSidAndAttributes = SrcSidAndAttributes;
388  return STATUS_SUCCESS;
389  }
390 
391  ArraySize = AttributeCount * sizeof(SID_AND_ATTRIBUTES);
392  RequiredLength = ALIGN_UP_BY(ArraySize, sizeof(ULONG));
393 
394  /* Check for user mode data */
395  if (PreviousMode != KernelMode)
396  {
397  _SEH2_TRY
398  {
399  /* First probe the whole array */
400  ProbeForRead(SrcSidAndAttributes, ArraySize, sizeof(ULONG));
401 
402  /* Loop the array elements */
403  for (i = 0; i < AttributeCount; i++)
404  {
405  /* Get the SID and probe the minimal structure */
406  Sid = SrcSidAndAttributes[i].Sid;
407  ProbeForRead(Sid, sizeof(*Sid), sizeof(ULONG));
408 
409  /* Verify that the SID is valid */
410  if (((Sid->Revision & 0xF) != SID_REVISION) ||
412  {
414  }
415 
416  /* Calculate the SID length and probe the full SID */
418  ProbeForRead(Sid, SidLength, sizeof(ULONG));
419 
420  /* Add the aligned length to the required length */
421  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
422  }
423  }
425  {
427  }
428  _SEH2_END;
429  }
430  else
431  {
432  /* Loop the array elements */
433  for (i = 0; i < AttributeCount; i++)
434  {
435  /* Get the SID and it's length */
436  Sid = SrcSidAndAttributes[i].Sid;
438 
439  /* Add the aligned length to the required length */
440  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
441  }
442  }
443 
444  /* Assume success */
447 
448  /* Check if we have no buffer */
449  if (AllocatedMem == NULL)
450  {
451  /* Allocate a new buffer */
452  SidAndAttributes = ExAllocatePoolWithTag(PoolType,
455  if (SidAndAttributes == NULL)
456  {
458  }
459  }
460  /* Otherwise check if the buffer is large enough */
461  else if (AllocatedLength >= RequiredLength)
462  {
463  /* Buffer is large enough, use it */
464  SidAndAttributes = AllocatedMem;
465  }
466  else
467  {
468  /* Buffer is too small, fail */
470  }
471 
472  *CapturedSidAndAttributes = SidAndAttributes;
473 
474  /* Check again for user mode */
475  if (PreviousMode != KernelMode)
476  {
477  _SEH2_TRY
478  {
479  /* The rest of the data starts after the array */
480  CurrentDest = (PUCHAR)SidAndAttributes;
481  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
482 
483  /* Loop the array elements */
484  for (i = 0; i < AttributeCount; i++)
485  {
486  /* Get the SID and it's length */
487  Sid = SrcSidAndAttributes[i].Sid;
489 
490  /* Copy attributes */
491  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
492 
493  /* Copy the SID to the current destination address */
494  SidAndAttributes[i].Sid = (PSID)CurrentDest;
495  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
496 
497  /* Sanity checks */
498  ASSERT(RtlLengthSid(SidAndAttributes[i].Sid) == SidLength);
499  ASSERT(RtlValidSid(SidAndAttributes[i].Sid));
500 
501  /* Update the current destination address */
502  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
503  }
504  }
506  {
508  }
509  _SEH2_END;
510  }
511  else
512  {
513  /* The rest of the data starts after the array */
514  CurrentDest = (PUCHAR)SidAndAttributes;
515  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
516 
517  /* Loop the array elements */
518  for (i = 0; i < AttributeCount; i++)
519  {
520  /* Get the SID and it's length */
521  Sid = SrcSidAndAttributes[i].Sid;
523 
524  /* Copy attributes */
525  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
526 
527  /* Copy the SID to the current destination address */
528  SidAndAttributes[i].Sid = (PSID)CurrentDest;
529  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
530 
531  /* Update the current destination address */
532  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
533  }
534  }
535 
536  /* Check for failure */
537  if (!NT_SUCCESS(Status))
538  {
539  /* Check if we allocated a new array */
540  if (SidAndAttributes != AllocatedMem)
541  {
542  /* Free the array */
543  ExFreePoolWithTag(SidAndAttributes, TAG_SID_AND_ATTRIBUTES);
544  }
545 
546  /* Set returned address to NULL */
547  *CapturedSidAndAttributes = NULL ;
548  }
549 
550  return Status;
551 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
unsigned char * PUCHAR
Definition: retypes.h:3
#define SID_REVISION
Definition: setypes.h:453
LONG NTSTATUS
Definition: precomp.h:26
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
Definition: create.c:4226
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:454
ULONG NTAPI RtlLengthSid(IN PSID Sid_)
Definition: sid.c:150
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define STATUS_INVALID_SID
Definition: ntstatus.h:356
BOOLEAN NTAPI RtlValidSid(IN PSID Sid_)
Definition: sid.c:21
Status
Definition: gdiplustypes.h:24
#define TAG_SID_AND_ATTRIBUTES
Definition: sid.c:16
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
struct _SID * PSID
Definition: eventlog.c:35
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
_SEH2_END
Definition: create.c:4400
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define ALIGN_UP_BY(size, align)
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
BYTE Revision
Definition: ms-dtyp.idl:199
#define STATUS_SUCCESS
Definition: shellext.h:65
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define PAGED_CODE()

Referenced by NtCreateToken().

◆ SeCaptureSubjectContextEx()

VOID NTAPI SeCaptureSubjectContextEx ( IN PETHREAD  Thread,
IN PEPROCESS  Process,
OUT PSECURITY_SUBJECT_CONTEXT  SubjectContext 
)

Definition at line 266 of file access.c.

269 {
271 
272  PAGED_CODE();
273 
274  /* Save the unique ID */
275  SubjectContext->ProcessAuditId = Process->UniqueProcessId;
276 
277  /* Check if we have a thread */
278  if (!Thread)
279  {
280  /* We don't, so no token */
281  SubjectContext->ClientToken = NULL;
282  }
283  else
284  {
285  /* Get the impersonation token */
287  &CopyOnOpen,
288  &EffectiveOnly,
289  &SubjectContext->ImpersonationLevel);
290  }
291 
292  /* Get the primary token */
294 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
unsigned char BOOLEAN
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:417
#define PAGED_CODE()

Referenced by SeCaptureSubjectContext(), and SeCreateAccessStateEx().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 253 of file priv.c.

256 {
257  PRIVILEGE_SET PrivilegeSet;
258  BOOLEAN Result;
259  PAGED_CODE();
260 
261  /* Initialize the privilege set with the single privilege */
262  PrivilegeSet.PrivilegeCount = 1;
263  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
264  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
265  PrivilegeSet.Privilege[0].Attributes = 0;
266 
267  /* Check against the primary token! */
268  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
269  &PrivilegeSet.Privilege[0],
270  1,
272  PreviousMode);
273 
274  if (PreviousMode != KernelMode)
275  {
278  &PrivilegeSet,
279  Result);
280  }
281 
282  return Result;
283 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
const LUID SeAuditPrivilege
Definition: priv.c:38
$ULONG Control
Definition: setypes.h:87
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
unsigned char BOOLEAN
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:68
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
#define NULL
Definition: types.h:112
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
#define PAGED_CODE()

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( IN LUID  PrivilegeValue,
IN HANDLE  ObjectHandle,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 556 of file priv.c.

560 {
562  PRIVILEGE_SET Priv;
563  BOOLEAN Result;
564 
565  PAGED_CODE();
566 
568 
569  Priv.PrivilegeCount = 1;
571  Priv.Privilege[0].Luid = PrivilegeValue;
573 
575  if (PreviousMode != KernelMode)
576  {
577 #if 0
578  SePrivilegeObjectAuditAlarm(ObjectHandle,
581  &PrivilegeValue,
582  Result,
583  PreviousMode);
584 #endif
585  }
586 
588 
589  return Result;
590 }
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
$ULONG Control
Definition: setypes.h:87
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
unsigned char BOOLEAN
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:487
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
Definition: audit.c:845
#define PAGED_CODE()

Referenced by NtSetInformationProcess(), and NtSetInformationThread().

◆ SeComputeQuotaInformationSize()

NTSTATUS NTAPI SeComputeQuotaInformationSize ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_Out_ PULONG  QuotaInfoSize 
)

◆ SeCopyClientToken()

NTSTATUS NTAPI SeCopyClientToken ( IN PACCESS_TOKEN  Token,
IN SECURITY_IMPERSONATION_LEVEL  Level,
IN KPROCESSOR_MODE  PreviousMode,
OUT PACCESS_TOKEN NewToken 
)

Definition at line 1137 of file token.c.

1141 {
1142  NTSTATUS Status;
1144 
1145  PAGED_CODE();
1146 
1148  NULL,
1149  0,
1150  NULL,
1151  NULL);
1152 
1155  FALSE,
1157  Level,
1158  PreviousMode,
1159  (PTOKEN*)NewToken);
1160 
1161  return Status;
1162 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Definition: token.c:785
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define NULL
Definition: types.h:112
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define PAGED_CODE()

Referenced by PsImpersonateClient(), and SepCreateClientSecurity().

◆ SeCreateAccessStateEx()

NTSTATUS NTAPI SeCreateAccessStateEx ( IN PETHREAD  Thread,
IN PEPROCESS  Process,
IN OUT PACCESS_STATE  AccessState,
IN PAUX_ACCESS_DATA  AuxData,
IN ACCESS_MASK  Access,
IN PGENERIC_MAPPING  GenericMapping 
)

Definition at line 378 of file access.c.

384 {
385  ACCESS_MASK AccessMask = Access;
386  PTOKEN Token;
387  PAGED_CODE();
388 
389  /* Map the Generic Acess to Specific Access if we have a Mapping */
390  if ((Access & GENERIC_ACCESS) && (GenericMapping))
391  {
393  }
394 
395  /* Initialize the Access State */
397  ASSERT(AccessState->SecurityDescriptor == NULL);
398  ASSERT(AccessState->PrivilegesAllocated == FALSE);
399 
400  /* Initialize and save aux data */
401  RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
402  AccessState->AuxData = AuxData;
403 
404  /* Capture the Subject Context */
406  Process,
407  &AccessState->SubjectSecurityContext);
408 
409  /* Set Access State Data */
410  AccessState->RemainingDesiredAccess = AccessMask;
411  AccessState->OriginalDesiredAccess = AccessMask;
412  ExAllocateLocallyUniqueId(&AccessState->OperationID);
413 
414  /* Get the Token to use */
415  Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
416 
417  /* Check for Travers Privilege */
418  if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
419  {
420  /* Preserve the Traverse Privilege */
422  }
423 
424  /* Set the Auxiliary Data */
425  AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
427  Privileges));
428  if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
429 
430  /* Return Sucess */
431  return STATUS_SUCCESS;
432 }
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define GENERIC_ACCESS
Definition: wlx.c:26
#define TOKEN_HAS_TRAVERSE_PRIVILEGE
Definition: setypes.h:1124
VOID NTAPI SeCaptureSubjectContextEx(IN PETHREAD Thread, IN PEPROCESS Process, OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:266
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define FALSE
Definition: types.h:117
#define ASSERT(a)
Definition: mode.c:44
VOID NTAPI RtlMapGenericMask(IN OUT PACCESS_MASK AccessMask, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:50
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
struct _PRIVILEGE_SET * PPRIVILEGE_SET
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define STATUS_SUCCESS
Definition: shellext.h:65
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define PAGED_CODE()

Referenced by PspCreateProcess(), PspCreateThread(), and SeCreateAccessState().

◆ SeDeassignPrimaryToken()

VOID NTAPI SeDeassignPrimaryToken ( struct _EPROCESS Process)

◆ SeDefaultObjectMethod()

NTSTATUS NTAPI SeDefaultObjectMethod ( PVOID  Object,
SECURITY_OPERATION_CODE  OperationType,
PSECURITY_INFORMATION  SecurityInformation,
PSECURITY_DESCRIPTOR  NewSecurityDescriptor,
PULONG  ReturnLength,
PSECURITY_DESCRIPTOR OldSecurityDescriptor,
POOL_TYPE  PoolType,
PGENERIC_MAPPING  GenericMapping 
)

◆ SeDetailedAuditingWithToken()

BOOLEAN NTAPI SeDetailedAuditingWithToken ( IN PTOKEN  Token)

Definition at line 25 of file audit.c.

26 {
27  /* FIXME */
28  return FALSE;
29 }
#define FALSE
Definition: types.h:117

Referenced by ObInitProcess(), PspCreateProcess(), and PspExitThread().

◆ SeExchangePrimaryToken()

NTSTATUS NTAPI SeExchangePrimaryToken ( _In_ PEPROCESS  Process,
_In_ PACCESS_TOKEN  NewAccessToken,
_Out_ PACCESS_TOKEN OldAccessToken 
)

Definition at line 577 of file token.c.

581 {
582  PTOKEN OldToken;
583  PTOKEN NewToken = (PTOKEN)NewAccessToken;
584 
585  PAGED_CODE();
586 
587  if (NewToken->TokenType != TokenPrimary)
588  return STATUS_BAD_TOKEN_TYPE;
589 
590  if (NewToken->TokenInUse)
591  {
594 
595  /* Maybe we're trying to set the same token */
596  OldToken = PsReferencePrimaryToken(Process);
597  if (OldToken == NewToken)
598  {
599  /* So it's a nop. */
600  *OldAccessToken = OldToken;
601  return STATUS_SUCCESS;
602  }
603 
604  Status = SepCompareTokens(OldToken, NewToken, &IsEqual);
605  if (!NT_SUCCESS(Status))
606  {
607  PsDereferencePrimaryToken(OldToken);
608  *OldAccessToken = NULL;
609  return Status;
610  }
611 
612  if (!IsEqual)
613  {
614  PsDereferencePrimaryToken(OldToken);
615  *OldAccessToken = NULL;
617  }
618  /* Silently return STATUS_SUCCESS but do not set the new token,
619  * as it's already in use elsewhere. */
620  *OldAccessToken = OldToken;
621  return STATUS_SUCCESS;
622  }
623 
624  /* Lock the new token */
626 
627  /* Mark new token in use */
628  NewToken->TokenInUse = TRUE;
629 
630  /* Set the session ID for the new token */
631  NewToken->SessionId = MmGetSessionId(Process);
632 
633  /* Unlock the new token */
634  SepReleaseTokenLock(NewToken);
635 
636  /* Reference the new token */
637  ObReferenceObject(NewToken);
638 
639  /* Replace the old with the new */
640  OldToken = ObFastReplaceObject(&Process->Token, NewToken);
641 
642  /* Lock the old token */
644 
645  /* Mark the old token as free */
646  OldToken->TokenInUse = FALSE;
647 
648  /* Unlock the old token */
649  SepReleaseTokenLock(OldToken);
650 
651  *OldAccessToken = (PACCESS_TOKEN)OldToken;
652  return STATUS_SUCCESS;
653 }
TOKEN_TYPE TokenType
Definition: setypes.h:221
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:216
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
PVOID PACCESS_TOKEN
Definition: setypes.h:11
#define FALSE
Definition: types.h:117
unsigned char BOOLEAN
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:404
ULONG SessionId
Definition: setypes.h:207
Status
Definition: gdiplustypes.h:24
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BOOLEAN TokenInUse
Definition: setypes.h:224
static NTSTATUS SepCompareTokens(_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal based on all the following properties. If all of the said conditions...
Definition: token.c:288
#define STATUS_TOKEN_ALREADY_IN_USE
Definition: ntstatus.h:535
#define SepReleaseTokenLock(Token)
Definition: se.h:227
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
struct _TOKEN * PTOKEN
#define NULL
Definition: types.h:112
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:902
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
#define ObReferenceObject
Definition: obfuncs.h:204
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:179
#define STATUS_SUCCESS
Definition: shellext.h:65
#define PAGED_CODE()

Referenced by PspAssignPrimaryToken().

◆ SeFastTraverseCheck()

BOOLEAN NTAPI SeFastTraverseCheck ( IN PSECURITY_DESCRIPTOR  SecurityDescriptor,
IN PACCESS_STATE  AccessState,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  AccessMode 
)

Definition at line 460 of file accesschk.c.

464 {
465  PACL Dacl;
466  ULONG AceIndex;
467  PKNOWN_ACE Ace;
468 
469  PAGED_CODE();
470 
472 
473  if (SecurityDescriptor == NULL)
474  return FALSE;
475 
476  /* Get DACL */
478  /* If no DACL, grant access */
479  if (Dacl == NULL)
480  return TRUE;
481 
482  /* No ACE -> Deny */
483  if (!Dacl->AceCount)
484  return FALSE;
485 
486  /* Can't perform the check on restricted token */
487  if (AccessState->Flags & TOKEN_IS_RESTRICTED)
488  return FALSE;
489 
490  /* Browse the ACEs */
491  for (AceIndex = 0, Ace = (PKNOWN_ACE)((ULONG_PTR)Dacl + sizeof(ACL));
492  AceIndex < Dacl->AceCount;
493  AceIndex++, Ace = (PKNOWN_ACE)((ULONG_PTR)Ace + Ace->Header.AceSize))
494  {
495  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
496  continue;
497 
498  /* If access-allowed ACE */
499  if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
500  {
501  /* Check if all accesses are granted */
502  if (!(Ace->Mask & DesiredAccess))
503  continue;
504 
505  /* Check SID and grant access if matching */
506  if (RtlEqualSid(SeWorldSid, &(Ace->SidStart)))
507  return TRUE;
508  }
509  /* If access-denied ACE */
510  else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
511  {
512  /* Here, only check if it denies any access wanted and deny if so */
513  if (Ace->Mask & DesiredAccess)
514  return FALSE;
515  }
516  }
517 
518  /* Faulty, deny */
519  return FALSE;
520 }
struct _KNOWN_ACE * PKNOWN_ACE
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
Definition: se.h:3
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define FALSE
Definition: types.h:117
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Definition: card.h:12
#define ASSERT(a)
Definition: mode.c:44
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:685
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1864
PSID SeWorldSid
Definition: sid.c:27
FORCEINLINE PACL SepGetDaclFromDescriptor(PVOID _Descriptor)
Definition: se.h:77
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
#define INHERIT_ONLY_ACE
Definition: setypes.h:717
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1129
#define PAGED_CODE()

Referenced by IopParseDevice(), and ObpCheckTraverseAccess().

◆ SeGetLogonIdDeviceMap()

NTSTATUS NTAPI SeGetLogonIdDeviceMap ( IN PLUID  LogonId,
OUT PDEVICE_MAP DeviceMap 
)

Definition at line 1080 of file srm.c.

1084 {
1085  NTSTATUS Status;
1086  WCHAR Buffer[63];
1087  PDEVICE_MAP LocalMap;
1088  HANDLE DirectoryHandle, LinkHandle;
1090  PSEP_LOGON_SESSION_REFERENCES CurrentSession;
1091  UNICODE_STRING DirectoryName, LinkName, TargetName;
1092 
1093  PAGED_CODE();
1094 
1095  if (LogonId == NULL ||
1096  DeviceMap == NULL)
1097  {
1098  return STATUS_INVALID_PARAMETER;
1099  }
1100 
1101  /* Acquire the database lock */
1103 
1104  /* Loop all existing sessions */
1105  for (CurrentSession = SepLogonSessions;
1106  CurrentSession != NULL;
1107  CurrentSession = CurrentSession->Next)
1108  {
1109  /* Check if the LUID matches the provided one */
1110  if (RtlEqualLuid(&CurrentSession->LogonId, LogonId))
1111  {
1112  break;
1113  }
1114  }
1115 
1116  /* No session found, fail */
1117  if (CurrentSession == NULL)
1118  {
1119  /* Release the database lock */
1121 
1123  }
1124 
1125  /* The found session has a device map, return it! */
1126  if (CurrentSession->pDeviceMap != NULL)
1127  {
1128  *DeviceMap = CurrentSession->pDeviceMap;
1129 
1130  /* Release the database lock */
1132 
1133  return STATUS_SUCCESS;
1134  }
1135 
1136  /* At that point, we'll setup a new device map for the session */
1137  LocalMap = NULL;
1138 
1139  /* Reference the session so that it doesn't go away */
1140  CurrentSession->ReferenceCount += 1;
1141 
1142  /* Release the database lock */
1144 
1145  /* Create our object directory given the LUID */
1147  sizeof(Buffer) / sizeof(WCHAR),
1148  L"\\Sessions\\0\\DosDevices\\%08x-%08x",
1149  LogonId->HighPart,
1150  LogonId->LowPart);
1151  RtlInitUnicodeString(&DirectoryName, Buffer);
1152 
1154  &DirectoryName,
1156  NULL,
1157  NULL);
1160  &ObjectAttributes);
1161  if (NT_SUCCESS(Status))
1162  {
1163  /* Create the associated device map */
1165  if (NT_SUCCESS(Status))
1166  {
1167  /* Make Global point to \Global?? in the directory */
1168  RtlInitUnicodeString(&LinkName, L"Global");
1169  RtlInitUnicodeString(&TargetName, L"\\Global??");
1170 
1172  &LinkName,
1175  NULL);
1176  Status = ZwCreateSymbolicLinkObject(&LinkHandle,
1179  &TargetName);
1180  if (!NT_SUCCESS(Status))
1181  {
1182  ObfDereferenceDeviceMap(LocalMap);
1183  }
1184  else
1185  {
1186  ZwClose(LinkHandle);
1187  }
1188  }
1189 
1191  }
1192 
1193  /* Acquire the database lock */
1195 
1196  /* If we succeed... */
1197  if (NT_SUCCESS(Status))
1198  {
1199  /* The session now has a device map? We raced with someone else */
1200  if (CurrentSession->pDeviceMap != NULL)
1201  {
1202  /* Give up on our new device map */
1203  ObfDereferenceDeviceMap(LocalMap);
1204  }
1205  /* Otherwise use our newly allocated device map */
1206  else
1207  {
1208  CurrentSession->pDeviceMap = LocalMap;
1209  }
1210 
1211  /* Return the device map */
1212  *DeviceMap = CurrentSession->pDeviceMap;
1213  }
1214  /* Zero output */
1215  else
1216  {
1217  *DeviceMap = NULL;
1218  }
1219 
1220  /* Release the database lock */
1222 
1223  /* We're done with the session */
1224  SepRmDereferenceLogonSession(&CurrentSession->LogonId);
1225 
1226  return Status;
1227 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:331
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
VOID FASTCALL ObfDereferenceDeviceMap(IN PDEVICE_MAP DeviceMap)
Definition: devicemap.c:477
LONG NTSTATUS
Definition: precomp.h:26
static HANDLE DirectoryHandle
Definition: ObType.c:48
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
#define SYMBOLIC_LINK_ALL_ACCESS
Definition: nt_native.h:1267
#define OBJ_OPENIF
Definition: winternl.h:229
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
NTSTATUS NTAPI ObSetDirectoryDeviceMap(OUT PDEVICE_MAP *DeviceMap, IN HANDLE DirectoryHandle)
Definition: devicemap.c:149
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
Definition: bufpool.h:45
Status
Definition: gdiplustypes.h:24
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSYSAPI NTSTATUS NTAPI ZwCreateSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PUNICODE_STRING Name)
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: setypes.h:159
static const WCHAR L[]
Definition: oid.c:1250
#define OBJ_PERMANENT
Definition: winternl.h:226
WCHAR TargetName[256]
Definition: arping.c:27
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:66
#define NULL
Definition: types.h:112
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define STATUS_SUCCESS
Definition: shellext.h:65
NTSTATUS SepRmDereferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:778
#define PAGED_CODE()
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:65

Referenced by ObpReferenceDeviceMap(), and ObpSetCurrentProcessDeviceMap().

◆ SeInitializeProcessAuditName()

NTSTATUS NTAPI SeInitializeProcessAuditName ( IN PFILE_OBJECT  FileObject,
IN BOOLEAN  DoAudit,
OUT POBJECT_NAME_INFORMATION AuditInfo 
)

Definition at line 47 of file audit.c.

50 {
51  OBJECT_NAME_INFORMATION LocalNameInfo;
52  POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
53  ULONG ReturnLength = 8;
55 
56  PAGED_CODE();
57  ASSERT(AuditInfo);
58 
59  /* Check if we should do auditing */
60  if (DoAudit)
61  {
62  /* FIXME: TODO */
63  }
64 
65  /* Now query the name */
67  &LocalNameInfo,
68  sizeof(LocalNameInfo),
69  &ReturnLength);
70  if (((Status == STATUS_BUFFER_OVERFLOW) ||
73  (ReturnLength != sizeof(LocalNameInfo)))
74  {
75  /* Allocate required size */
76  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
78  TAG_SEPA);
79  if (ObjectNameInfo)
80  {
81  /* Query the name again */
83  ObjectNameInfo,
85  &ReturnLength);
86  }
87  }
88 
89  /* Check if we got here due to failure */
90  if ((ObjectNameInfo) &&
91  (!(NT_SUCCESS(Status)) || (ReturnLength == sizeof(LocalNameInfo))))
92  {
93  /* First, free any buffer we might've allocated */
94  ASSERT(FALSE);
95  if (ObjectNameInfo) ExFreePool(ObjectNameInfo);
96 
97  /* Now allocate a temporary one */
99  ObjectNameInfo = ExAllocatePoolWithTag(NonPagedPool,
100  sizeof(OBJECT_NAME_INFORMATION),
101  TAG_SEPA);
102  if (ObjectNameInfo)
103  {
104  /* Clear it */
105  RtlZeroMemory(ObjectNameInfo, ReturnLength);
107  }
108  }
109 
110  /* Check if memory allocation failed */
111  if (!ObjectNameInfo) Status = STATUS_NO_MEMORY;
112 
113  /* Return the audit name */
114  *AuditInfo = ObjectNameInfo;
115 
116  /* Return status */
117  return Status;
118 }
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
LONG NTSTATUS
Definition: precomp.h:26
NTSTATUS NTAPI ObQueryNameString(IN PVOID Object, OUT POBJECT_NAME_INFORMATION ObjectNameInfo, IN ULONG Length, OUT PULONG ReturnLength)
Definition: obname.c:1209
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
#define FALSE
Definition: types.h:117
struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:547
Status
Definition: gdiplustypes.h:24
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define TAG_SEPA
Definition: tag.h:191
#define STATUS_SUCCESS
Definition: shellext.h:65
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
#define PAGED_CODE()

Referenced by MmInitializeProcessAddressSpace(), and SeLocateProcessImageName().

◆ SeInitSystem()

BOOLEAN NTAPI SeInitSystem ( VOID  )

Definition at line 251 of file semgr.c.

252 {
253  /* Check the initialization phase */
254  switch (ExpInitializationPhase)
255  {
256  case 0:
257 
258  /* Do Phase 0 */
259  return SepInitializationPhase0();
260 
261  case 1:
262 
263  /* Do Phase 1 */
264  return SepInitializationPhase1();
265 
266  default:
267 
268  /* Don't know any other phase! Bugcheck! */
269  KeBugCheckEx(UNEXPECTED_INITIALIZATION_CALL,
270  0,
272  0,
273  0);
274  return FALSE;
275  }
276 }
BOOLEAN NTAPI SepInitializationPhase0(VOID)
Definition: semgr.c:98
#define FALSE
Definition: types.h:117
ULONG ExpInitializationPhase
Definition: init.c:66
BOOLEAN NTAPI SepInitializationPhase1(VOID)
Definition: semgr.c:143
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:108

Referenced by ExpInitializeExecutive(), and Phase1InitializationDiscard().

◆ SeIsTokenChild()

NTSTATUS NTAPI SeIsTokenChild ( IN PTOKEN  Token,
OUT PBOOLEAN  IsChild 
)

Definition at line 1065 of file token.c.

1067 {
1068  PTOKEN ProcessToken;
1069  LUID ProcessTokenId, CallerParentId;
1070 
1071  /* Assume failure */
1072  *IsChild = FALSE;
1073 
1074  /* Reference the process token */
1075  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
1076  if (!ProcessToken)
1077  return STATUS_UNSUCCESSFUL;
1078 
1079  /* Get its token ID */
1080  ProcessTokenId = ProcessToken->TokenId;
1081 
1082  /* Dereference the token */
1084 
1085  /* Get our parent token ID */
1086  CallerParentId = Token->ParentTokenId;
1087 
1088  /* Compare the token IDs */
1089  if (RtlEqualLuid(&CallerParentId, &ProcessTokenId))
1090  *IsChild = TRUE;
1091 
1092  /* Return success */
1093  return STATUS_SUCCESS;
1094 }
#define TRUE
Definition: types.h:120
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define FALSE
Definition: types.h:117
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define PsGetCurrentProcess
Definition: psfuncs.h:17
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
LUID TokenId
Definition: setypes.h:200
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by PspSetPrimaryToken().

◆ SeIsTokenSibling()

NTSTATUS NTAPI SeIsTokenSibling ( IN PTOKEN  Token,
OUT PBOOLEAN  IsSibling 
)

Definition at line 1098 of file token.c.

1100 {
1101  PTOKEN ProcessToken;
1102  LUID ProcessParentId, ProcessAuthId;
1103  LUID CallerParentId, CallerAuthId;
1104 
1105  /* Assume failure */
1106  *IsSibling = FALSE;
1107 
1108  /* Reference the process token */
1109  ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
1110  if (!ProcessToken)
1111  return STATUS_UNSUCCESSFUL;
1112 
1113  /* Get its parent and authentication IDs */
1114  ProcessParentId = ProcessToken->ParentTokenId;
1115  ProcessAuthId = ProcessToken->AuthenticationId;
1116 
1117  /* Dereference the token */
1119 
1120  /* Get our parent and authentication IDs */
1121  CallerParentId = Token->ParentTokenId;
1122  CallerAuthId = Token->AuthenticationId;
1123 
1124  /* Compare the token IDs */
1125  if (RtlEqualLuid(&CallerParentId, &ProcessParentId) &&
1126  RtlEqualLuid(&CallerAuthId, &ProcessAuthId))
1127  {
1128  *IsSibling = TRUE;
1129  }
1130 
1131  /* Return success */
1132  return STATUS_SUCCESS;
1133 }
#define TRUE
Definition: types.h:120
LUID AuthenticationId
Definition: setypes.h:201
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define FALSE
Definition: types.h:117
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define PsGetCurrentProcess
Definition: psfuncs.h:17
LUID ParentTokenId
Definition: setypes.h:202
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by PspSetPrimaryToken().

◆ SepCaptureAcl()

NTSTATUS NTAPI SepCaptureAcl ( IN PACL  InputAcl,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PACL CapturedAcl 
)

Definition at line 299 of file acl.c.

304 {
305  PACL NewAcl;
306  ULONG AclSize = 0;
308 
309  PAGED_CODE();
310 
311  if (AccessMode != KernelMode)
312  {
313  _SEH2_TRY
314  {
315  ProbeForRead(InputAcl,
316  sizeof(ACL),
317  sizeof(ULONG));
318  AclSize = InputAcl->AclSize;
319  ProbeForRead(InputAcl,
320  AclSize,
321  sizeof(ULONG));
322  }
324  {
325  /* Return the exception code */
327  }
328  _SEH2_END;
329 
331  AclSize,
332  TAG_ACL);
333  if (NewAcl != NULL)
334  {
335  _SEH2_TRY
336  {
337  RtlCopyMemory(NewAcl,
338  InputAcl,
339  AclSize);
340 
341  *CapturedAcl = NewAcl;
342  }
344  {
345  /* Free the ACL and return the exception code */
346  ExFreePoolWithTag(NewAcl, TAG_ACL);
348  }
349  _SEH2_END;
350  }
351  else
352  {
354  }
355  }
356  else if (!CaptureIfKernel)
357  {
358  *CapturedAcl = InputAcl;
359  }
360  else
361  {
362  AclSize = InputAcl->AclSize;
363 
365  AclSize,
366  TAG_ACL);
367 
368  if (NewAcl != NULL)
369  {
370  RtlCopyMemory(NewAcl,
371  InputAcl,
372  AclSize);
373 
374  *CapturedAcl = NewAcl;
375  }
376  else
377  {
379  }
380  }
381 
382  return Status;
383 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LONG NTSTATUS
Definition: precomp.h:26
_SEH2_TRY
Definition: create.c:4226
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Status
Definition: gdiplustypes.h:24
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
#define TAG_ACL
Definition: tag.h:174
_SEH2_END
Definition: create.c:4400
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define PAGED_CODE()

Referenced by NtCreateToken(), and NtSetInformationToken().

◆ SepCaptureSecurityQualityOfService()

NTSTATUS NTAPI SepCaptureSecurityQualityOfService ( IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIONAL,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
OUT PBOOLEAN  Present 
)

Definition at line 221 of file sd.c.

227 {
228  PSECURITY_QUALITY_OF_SERVICE CapturedQos;
230 
231  PAGED_CODE();
232 
233  ASSERT(CapturedSecurityQualityOfService);
234  ASSERT(Present);
235 
236  if (ObjectAttributes != NULL)
237  {
238  if (AccessMode != KernelMode)
239  {
241 
242  _SEH2_TRY
243  {
245  sizeof(OBJECT_ATTRIBUTES),
246  sizeof(ULONG));
247  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
248  {
249  if (ObjectAttributes->SecurityQualityOfService != NULL)
250  {
251  ProbeForRead(ObjectAttributes->SecurityQualityOfService,
253  sizeof(ULONG));
254 
255  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
257  {
258  /*
259  * Don't allocate memory here because ExAllocate should bugcheck
260  * the system if it's buggy, SEH would catch that! So make a local
261  * copy of the qos structure.
262  */
263  RtlCopyMemory(&SafeQos,
264  ObjectAttributes->SecurityQualityOfService,
266  *Present = TRUE;
267  }
268  else
269  {
271  }
272  }
273  else
274  {
275  *CapturedSecurityQualityOfService = NULL;
276  *Present = FALSE;
277  }
278  }
279  else
280  {
282  }
283  }
285  {
287  }
288  _SEH2_END;
289 
290  if (NT_SUCCESS(Status))
291  {
292  if (*Present)
293  {
294  CapturedQos = ExAllocatePoolWithTag(PoolType,
296  TAG_QOS);
297  if (CapturedQos != NULL)
298  {
299  RtlCopyMemory(CapturedQos,
300  &SafeQos,
302  *CapturedSecurityQualityOfService = CapturedQos;
303  }
304  else
305  {
307  }
308  }
309  else
310  {
311  *CapturedSecurityQualityOfService = NULL;
312  }
313  }
314  }
315  else
316  {
317  if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
318  {
319  if (CaptureIfKernel)
320  {
321  if (ObjectAttributes->SecurityQualityOfService != NULL)
322  {
323  if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
325  {
326  CapturedQos = ExAllocatePoolWithTag(PoolType,
328  TAG_QOS);
329  if (CapturedQos != NULL)
330  {
331  RtlCopyMemory(CapturedQos,
332  ObjectAttributes->SecurityQualityOfService,
334  *CapturedSecurityQualityOfService = CapturedQos;
335  *Present = TRUE;
336  }
337  else
338  {
340  }
341  }
342  else
343  {
345  }
346  }
347  else
348  {
349  *CapturedSecurityQualityOfService = NULL;
350  *Present = FALSE;
351  }
352  }
353  else
354  {
355  *CapturedSecurityQualityOfService = (PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService;
356  *Present = (ObjectAttributes->SecurityQualityOfService != NULL);
357  }
358  }
359  else
360  {
362  }
363  }
364  }
365  else
366  {
367  *CapturedSecurityQualityOfService = NULL;
368  *Present = FALSE;
369  }
370 
371  return Status;
372 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
_SEH2_TRY
Definition: create.c:4226
#define FALSE
Definition: types.h:117
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
Status
Definition: gdiplustypes.h:24
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
Definition: create.c:4400
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define TAG_QOS
Definition: tag.h:177
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define PAGED_CODE()

Referenced by NtDuplicateToken().

◆ SepCaptureSid()

NTSTATUS NTAPI SepCaptureSid ( IN PSID  InputSid,
IN KPROCESSOR_MODE  AccessMode,
IN POOL_TYPE  PoolType,
IN BOOLEAN  CaptureIfKernel,
OUT PSID CapturedSid 
)

Definition at line 270 of file sid.c.

275 {
276  ULONG SidSize = 0;
277  PISID NewSid, Sid = (PISID)InputSid;
278 
279  PAGED_CODE();
280 
281  if (AccessMode != KernelMode)
282  {
283  _SEH2_TRY
284  {
285  ProbeForRead(Sid, FIELD_OFFSET(SID, SubAuthority), sizeof(UCHAR));
287  ProbeForRead(Sid, SidSize, sizeof(UCHAR));
288  }
290  {
291  /* Return the exception code */
293  }
294  _SEH2_END;
295 
296  /* Allocate a SID and copy it */
298  if (!NewSid)
300 
301  _SEH2_TRY
302  {
303  RtlCopyMemory(NewSid, Sid, SidSize);
304 
305  *CapturedSid = NewSid;
306  }
308  {
309  /* Free the SID and return the exception code */
312  }
313  _SEH2_END;
314  }
315  else if (!CaptureIfKernel)
316  {
317  *CapturedSid = InputSid;
318  }
319  else
320  {
322 
323  /* Allocate a SID and copy it */
325  if (NewSid == NULL)
327 
328  RtlCopyMemory(NewSid, Sid, SidSize);
329 
330  *CapturedSid = NewSid;
331  }
332 
333  return STATUS_SUCCESS;
334 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TAG_SID
Definition: sid.c:15
_SEH2_TRY
Definition: create.c:4226
struct _SID * PISID
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
unsigned char UCHAR
Definition: xmlstorage.h:181
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
_SEH2_END
Definition: create.c:4400
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
_In_ PSID _In_ PSID NewSid
Definition: rtlfuncs.h:2815
#define PAGED_CODE()

Referenced by NtCreateToken(), NtSecureConnectPort(), NtSetInformationToken(), and SepAccessCheckAndAuditAlarm().

◆ SepCreateImpersonationTokenDacl()

NTSTATUS NTAPI SepCreateImpersonationTokenDacl ( _In_ PTOKEN  Token,
_In_ PTOKEN  PrimaryToken,
_Out_ PACL Dacl 
)

Definition at line 251 of file acl.c.

255 {
257  PACL TokenDacl;
258 
259  PAGED_CODE();
260 
261  *Dacl = NULL;
262 
263  AclLength = sizeof(ACL) +
264  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
265  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
266  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid)) +
267  (sizeof(ACE) + RtlLengthSid(Token->UserAndGroups->Sid)) +
268  (sizeof(ACE) + RtlLengthSid(PrimaryToken->UserAndGroups->Sid));
269 
271  if (TokenDacl == NULL)
272  {
274  }
275 
276  RtlCreateAcl(TokenDacl, AclLength, ACL_REVISION);
278  Token->UserAndGroups->Sid);
280  PrimaryToken->UserAndGroups->Sid);
285 
286  if (Token->RestrictedSids != NULL || PrimaryToken->RestrictedSids != NULL)
287  {
290  }
291 
292  *Dacl = TokenDacl;
293 
294  return STATUS_SUCCESS;
295 }
#define GENERIC_ALL
Definition: nt_native.h:92
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PSID SeRestrictedCodeSid
Definition: sid.c:42
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
struct _ACL ACL
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
PSID SeAliasAdminsSid
Definition: sid.c:43
#define TAG_ACL
Definition: tag.h:174
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
#define NULL
Definition: types.h:112
#define ACL_REVISION
Definition: setypes.h:39
PSID SeLocalSystemSid
Definition: sid.c:40
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
Definition: rtltypes.h:990
_In_ ULONG AclLength
Definition: rtlfuncs.h:1844
#define PAGED_CODE()

Referenced by NtOpenThreadTokenEx().

◆ SepCreateSystemAnonymousLogonToken()

PTOKEN SepCreateSystemAnonymousLogonToken ( VOID  )

Creates the anonymous logon token for the system. The difference between this token and the other one is the inclusion of everyone SID group (being SeWorldSid). The other token lacks such group.

Returns
Returns the system's anonymous logon token if the operations have completed successfully.

Definition at line 1658 of file token.c.

1659 {
1660  SID_AND_ATTRIBUTES Groups[32], UserSid;
1662  PTOKEN Token;
1663  ULONG GroupsLength;
1664  LARGE_INTEGER Expiration;
1666  NTSTATUS Status;
1667 
1668  /* The token never expires */
1669  Expiration.QuadPart = -1;
1670 
1671  /* The user is the anonymous logon */
1672  UserSid.Sid = SeAnonymousLogonSid;
1673  UserSid.Attributes = 0;
1674 
1675  /* The primary group is also the anonymous logon */
1677 
1678  /* The only group for the token is the World */
1679  Groups[0].Sid = SeWorldSid;
1681  GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
1682  SeLengthSid(Groups[0].Sid);
1683  ASSERT(GroupsLength <= sizeof(Groups));
1684 
1685  /* Initialise the object attributes for the token */
1688 
1689  /* Create token */
1691  KernelMode,
1692  0,
1694  TokenPrimary,
1697  &Expiration,
1698  &UserSid,
1699  1,
1700  Groups,
1701  GroupsLength,
1702  0,
1703  NULL,
1704  NULL,
1705  PrimaryGroup,
1708  TRUE);
1710 
1711  /* Return the anonymous logon token */
1712  return Token;
1713 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
TOpcodeData Groups[17][8]
LUID SeAnonymousAuthenticationId
Definition: token.c:23
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Definition: token.c:1233
Status
Definition: gdiplustypes.h:24
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
#define ASSERT(a)
Definition: mode.c:44
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
PSID SeWorldSid
Definition: sid.c:27
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PSID SeAnonymousLogonSid
Definition: se.h:155
#define STATUS_SUCCESS
Definition: shellext.h:65
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:24
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepCreateSystemAnonymousLogonTokenNoEveryone()

PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone ( VOID  )

Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID group (being SeWorldSid).

Returns
Returns the system's anonymous logon token if the operations have completed successfully.

Definition at line 1726 of file token.c.

1727 {
1728  SID_AND_ATTRIBUTES UserSid;
1730  PTOKEN Token;
1731  LARGE_INTEGER Expiration;
1733  NTSTATUS Status;
1734 
1735  /* The token never expires */
1736  Expiration.QuadPart = -1;
1737 
1738  /* The user is the anonymous logon */
1739  UserSid.Sid = SeAnonymousLogonSid;
1740  UserSid.Attributes = 0;
1741 
1742  /* The primary group is also the anonymous logon */
1744 
1745  /* Initialise the object attributes for the token */
1748 
1749  /* Create token */
1751  KernelMode,
1752  0,
1754  TokenPrimary,
1757  &Expiration,
1758  &UserSid,
1759  0,
1760  NULL,
1761  0,
1762  0,
1763  NULL,
1764  NULL,
1765  PrimaryGroup,
1768  TRUE);
1770 
1771  /* Return the anonymous (not including everyone) logon token */
1772  return Token;
1773 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
LUID SeAnonymousAuthenticationId
Definition: token.c:23
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Definition: token.c:1233
Status
Definition: gdiplustypes.h:24
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
#define ASSERT(a)
Definition: mode.c:44
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
#define NULL
Definition: types.h:112
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PSID SeAnonymousLogonSid
Definition: se.h:155
#define STATUS_SUCCESS
Definition: shellext.h:65
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:24
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepCreateSystemProcessToken()

PTOKEN NTAPI SepCreateSystemProcessToken ( VOID  )

Creates the system process token.

Returns
Returns the system process token if the operations have completed successfully.

Definition at line 1508 of file token.c.

1509 {
1511  ULONG GroupAttributes, OwnerAttributes;
1513  LARGE_INTEGER Expiration;
1514  SID_AND_ATTRIBUTES UserSid;
1515  ULONG GroupsLength;
1518  PSID Owner;
1519  ULONG i;
1520  PTOKEN Token;
1521  NTSTATUS Status;
1522 
1523  /* Don't ever expire */
1524  Expiration.QuadPart = -1;
1525 
1526  /* All groups mandatory and enabled */
1529 
1530  /* User is Local System */
1531  UserSid.Sid = SeLocalSystemSid;
1532  UserSid.Attributes = 0;
1533 
1534  /* Primary group is Local System */
1536 
1537  /* Owner is Administrators */
1539 
1540  /* Groups are Administrators, World, and Authenticated Users */
1541  Groups[0].Sid = SeAliasAdminsSid;
1542  Groups[0].Attributes = OwnerAttributes;
1543  Groups[1].Sid = SeWorldSid;
1544  Groups[1].Attributes = GroupAttributes;
1546  Groups[2].Attributes = GroupAttributes;
1547  GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
1548  SeLengthSid(Groups[0].Sid) +
1549  SeLengthSid(Groups[1].Sid) +
1550  SeLengthSid(Groups[2].Sid);
1551  ASSERT(GroupsLength <= sizeof(Groups));
1552 
1553  /* Setup the privileges */
1554  i = 0;
1556  Privileges[i++].Luid = SeTcbPrivilege;
1557 
1558  Privileges[i].Attributes = 0;
1560 
1561  Privileges[i].Attributes = 0;
1563 
1566 
1569 
1570  Privileges[i].Attributes = 0;
1572 
1573  Privileges[i].Attributes = 0;
1575 
1578 
1581 
1583  Privileges[i++].Luid = SeDebugPrivilege;
1584 
1586  Privileges[i++].Luid = SeAuditPrivilege;
1587 
1588  Privileges[i].Attributes = 0;
1589  Privileges[i++].Luid = SeSecurityPrivilege;
1590 
1591  Privileges[i].Attributes = 0;
1593 
1596 
1597  Privileges[i].Attributes = 0;
1598  Privileges[i++].Luid = SeBackupPrivilege;
1599 
1600  Privileges[i].Attributes = 0;
1601  Privileges[i++].Luid = SeRestorePrivilege;
1602 
1603  Privileges[i].Attributes = 0;
1604  Privileges[i++].Luid = SeShutdownPrivilege;
1605 
1606  Privileges[i].Attributes = 0;
1608 
1611 
1612  Privileges[i].Attributes = 0;
1614  ASSERT(i == 20);
1615 
1616  /* Setup the object attributes */
1619 
1620  /* Create the token */
1622  KernelMode,
1623  0,
1625  TokenPrimary,
1628  &Expiration,
1629  &UserSid,
1630  3,
1631  Groups,
1632  GroupsLength,
1633  20,
1634  Privileges,
1635  Owner,
1636  PrimaryGroup,
1639  TRUE);
1641 
1642  /* Return the token */
1643  return Token;
1644 }
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:39
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
const LUID SeSystemtimePrivilege
Definition: priv.c:29
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:22
const LUID SeCreateTokenPrivilege
Definition: priv.c:19
const LUID SeCreatePermanentPrivilege
Definition: priv.c:33
const LUID SeDebugPrivilege
Definition: priv.c:37
const LUID SeBackupPrivilege
Definition: priv.c:34
#define TRUE
Definition: types.h:120
PACL SeSystemDefaultDacl
Definition: acl.c:19
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
LUID SeSystemAuthenticationId
Definition: token.c:22
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:20
PSID SeAuthenticatedUsersSid
Definition: sid.c:51
TOpcodeData Groups[17][8]
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define SE_GROUP_OWNER
Definition: setypes.h:93
const LUID SeLoadDriverPrivilege
Definition: priv.c:27
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:26
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Definition: token.c:1233
Status
Definition: gdiplustypes.h:24
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1558
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
const LUID SeCreatePagefilePrivilege
Definition: priv.c:32
#define ASSERT(a)
Definition: mode.c:44
const LUID SeRestorePrivilege
Definition: priv.c:35
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
PSID SeAliasAdminsSid
Definition: sid.c:43
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:21
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
const LUID SeLockMemoryPrivilege
Definition: priv.c:21
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:30
PSID SeWorldSid
Definition: sid.c:27
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:31
const LUID SeTcbPrivilege
Definition: priv.c:24
const LUID SeShutdownPrivilege
Definition: priv.c:36
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1556
#define NULL
Definition: types.h:112
const LUID SeSecurityPrivilege
Definition: priv.c:25
PSID SeLocalSystemSid
Definition: sid.c:40
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define STATUS_SUCCESS
Definition: shellext.h:65
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
const LUID SeAuditPrivilege
Definition: priv.c:38
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by SepInitializationPhase0().

◆ SepDuplicateToken()

NTSTATUS NTAPI SepDuplicateToken ( _In_ PTOKEN  Token,
_In_opt_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ BOOLEAN  EffectiveOnly,
_In_ TOKEN_TYPE  TokenType,
_In_ SECURITY_IMPERSONATION_LEVEL  Level,
_In_ KPROCESSOR_MODE  PreviousMode,
_Out_ PTOKEN NewAccessToken 
)

Definition at line 785 of file token.c.

793 {
795  PTOKEN AccessToken;
796  PVOID EndMem;
797  ULONG VariableLength;
798  ULONG TotalSize;
799 
800  PAGED_CODE();
801 
802  /* Compute how much size we need to allocate for the token */
803  VariableLength = Token->VariableLength;
804  TotalSize = FIELD_OFFSET(TOKEN, VariablePart) + VariableLength;
805 
809  PreviousMode,
810  NULL,
811  TotalSize,
812  0,
813  0,
814  (PVOID*)&AccessToken);
815  if (!NT_SUCCESS(Status))
816  {
817  DPRINT1("ObCreateObject() failed (Status 0x%lx)\n", Status);
818  return Status;
819  }
820 
821  /* Zero out the buffer and initialize the token */
822  RtlZeroMemory(AccessToken, TotalSize);
823 
824  ExAllocateLocallyUniqueId(&AccessToken->TokenId);
825 
826  AccessToken->TokenType = TokenType;
827  AccessToken->ImpersonationLevel = Level;
828 
829  /* Initialise the lock for the access token */
830  Status = SepCreateTokenLock(AccessToken);
831  if (!NT_SUCCESS(Status))
832  {
833  ObDereferenceObject(AccessToken);
834  return Status;
835  }
836 
837  /* Copy the immutable fields */
839  &Token->TokenSource.SourceIdentifier);
840  RtlCopyMemory(AccessToken->TokenSource.SourceName,
841  Token->TokenSource.SourceName,
842  sizeof(Token->TokenSource.SourceName));
843 
844  AccessToken->AuthenticationId = Token->AuthenticationId;
845  AccessToken->ParentTokenId = Token->ParentTokenId;
846  AccessToken->ExpirationTime = Token->ExpirationTime;
847  AccessToken->OriginatingLogonSession = Token->OriginatingLogonSession;
848 
849  /* Lock the source token and copy the mutable fields */
851 
852  AccessToken->SessionId = Token->SessionId;
853  RtlCopyLuid(&AccessToken->ModifiedId, &Token->ModifiedId);
854 
855  AccessToken->TokenFlags = Token->TokenFlags & ~TOKEN_SESSION_NOT_REFERENCED;
856 
857  /* Copy and reference the logon session */
858  // RtlCopyLuid(&AccessToken->AuthenticationId, &Token->AuthenticationId);
860  if (!NT_SUCCESS(Status))
861  {
862  /* No logon session could be found, bail out */
863  DPRINT1("SepRmReferenceLogonSession() failed (Status 0x%lx)\n", Status);
864  /* Set the flag for proper cleanup by the delete procedure */
866  goto Quit;
867  }
868 
869  /* Assign the data that reside in the TOKEN's variable information area */
870  AccessToken->VariableLength = VariableLength;
871  EndMem = (PVOID)&AccessToken->VariablePart;
872 
873  /* Copy the privileges */
874  AccessToken->PrivilegeCount = 0;
875  AccessToken->Privileges = NULL;
876  if (Token->Privileges && (Token->PrivilegeCount > 0))
877  {
878  ULONG PrivilegesLength = Token->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
879  PrivilegesLength = ALIGN_UP_BY(PrivilegesLength, sizeof(PVOID));
880 
881  ASSERT(VariableLength >= PrivilegesLength);
882 
883  AccessToken->PrivilegeCount = Token->PrivilegeCount;
884  AccessToken->Privileges = EndMem;
885  EndMem = (PVOID)((ULONG_PTR)EndMem + PrivilegesLength);
886  VariableLength -= PrivilegesLength;
887 
888  RtlCopyMemory(AccessToken->Privileges,
889  Token->Privileges,
890  AccessToken->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
891  }
892 
893  /* Copy the user and groups */
894  AccessToken->UserAndGroupCount = 0;
895  AccessToken->UserAndGroups = NULL;
896  if (Token->UserAndGroups && (Token->UserAndGroupCount > 0))
897  {
898  AccessToken->UserAndGroupCount = Token->UserAndGroupCount;
899  AccessToken->UserAndGroups = EndMem;
900  EndMem = &AccessToken->UserAndGroups[AccessToken->UserAndGroupCount];
901  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->UserAndGroups);
902 
904  Token->UserAndGroups,
905  VariableLength,
906  AccessToken->UserAndGroups,
907  EndMem,
908  &EndMem,
909  &VariableLength);
910  if (!NT_SUCCESS(Status))
911  {
912  DPRINT1("RtlCopySidAndAttributesArray(UserAndGroups) failed (Status 0x%lx)\n", Status);
913  goto Quit;
914  }
915  }
916 
917 #if 1
918  {
919  ULONG PrimaryGroupIndex;
920 
921  /* Find the token primary group */
923  Token->PrimaryGroup,
924  NULL,
925  &PrimaryGroupIndex,
926  NULL);
927  if (!NT_SUCCESS(Status))
928  {
929  DPRINT1("SepFindPrimaryGroupAndDefaultOwner failed (Status 0x%lx)\n", Status);
930  goto Quit;
931  }
932  AccessToken->PrimaryGroup = AccessToken->UserAndGroups[PrimaryGroupIndex].Sid;
933  }
934 #else
935  AccessToken->PrimaryGroup = (PVOID)((ULONG_PTR)AccessToken + (ULONG_PTR)Token->PrimaryGroup - (ULONG_PTR)Token->UserAndGroups);
936 #endif
937  AccessToken->DefaultOwnerIndex = Token->DefaultOwnerIndex;
938 
939  /* Copy the restricted SIDs */
940  AccessToken->RestrictedSidCount = 0;
941  AccessToken->RestrictedSids = NULL;
942  if (Token->RestrictedSids && (Token->RestrictedSidCount > 0))
943  {
944  AccessToken->RestrictedSidCount = Token->RestrictedSidCount;
945  AccessToken->RestrictedSids = EndMem;
946  EndMem = &AccessToken->RestrictedSids[AccessToken->RestrictedSidCount];
947  VariableLength -= ((ULONG_PTR)EndMem - (ULONG_PTR)AccessToken->RestrictedSids);
948 
950  Token->RestrictedSids,
951  VariableLength,
952  AccessToken->RestrictedSids,
953  EndMem,
954  &EndMem,
955  &VariableLength);
956  if (!NT_SUCCESS(Status))
957  {
958  DPRINT1("RtlCopySidAndAttributesArray(RestrictedSids) failed (Status 0x%lx)\n", Status);
959  goto Quit;
960  }
961  }
962 
963 
964  //
965  // FIXME: Implement the "EffectiveOnly" option, that removes all
966  // the disabled parts (privileges and groups) of the token.
967  //
968 
969 
970  //
971  // NOTE: So far our dynamic area only contains
972  // the default dacl, so this makes the following
973  // code pretty simple. The day where it stores
974  // other data, the code will require adaptations.
975  //
976 
977  /* Now allocate the TOKEN's dynamic information area and set the data */
978  AccessToken->DynamicAvailable = 0; // Unused memory in the dynamic area.
979  AccessToken->DynamicPart = NULL;
980  if (Token->DynamicPart && Token->DefaultDacl)
981  {
983  Token->DefaultDacl->AclSize,
985  if (AccessToken->DynamicPart == NULL)
986  {
988  goto Quit;
989  }
990  EndMem = (PVOID)AccessToken->DynamicPart;
991 
992  AccessToken->DefaultDacl = EndMem;
993 
994  RtlCopyMemory(AccessToken->DefaultDacl,
995  Token->DefaultDacl,
996  Token->DefaultDacl->AclSize);
997  }
998 
999  /* Unlock the source token */
1001 
1002  /* Return the token */
1003  *NewAccessToken = AccessToken;
1005 
1006 Quit:
1007  if (!NT_SUCCESS(Status))
1008  {
1009  /* Unlock the source token */
1011 
1012  /* Dereference the token, the delete procedure will clean it up */
1013  ObDereferenceObject(AccessToken);
1014  }
1015 
1016  return Status;
1017 }
TOKEN_TYPE TokenType
Definition: setypes.h:221
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:216
static NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Definition: token.c:689
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LUID AuthenticationId
Definition: setypes.h:201
ULONG VariablePart
Definition: setypes.h:229
NTSYSAPI NTSTATUS NTAPI RtlCopySidAndAttributesArray(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src, _In_ ULONG SidAreaSize, _In_ PSID_AND_ATTRIBUTES Dest, _In_ PSID SidArea, _Out_ PSID *RemainingSidArea, _Out_ PULONG RemainingSidAreaSize)
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55
ULONG PrivilegeCount
Definition: setypes.h:210
if(dx==0 &&dy==0)
Definition: linetemp.h:174
PLUID_AND_ATTRIBUTES Privileges
Definition: setypes.h:218
LUID ModifiedId
Definition: setypes.h:206
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG TokenFlags
Definition: setypes.h:223
LUID SourceIdentifier
Definition: imports.h:279
ULONG DynamicAvailable
Definition: setypes.h:213
PACL DefaultDacl
Definition: setypes.h:220
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
LUID ParentTokenId
Definition: setypes.h:202
ULONG DefaultOwnerIndex
Definition: setypes.h:214
ULONG VariableLength
Definition: setypes.h:211
void * PVOID
Definition: retypes.h:9
ULONG SessionId
Definition: setypes.h:207
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:952
NTSTATUS SepRmReferenceLogonSession(PLUID LogonLuid)
Definition: srm.c:495
ULONG RestrictedSidCount
Definition: setypes.h:209
PULONG DynamicPart
Definition: setypes.h:219
Status
Definition: gdiplustypes.h:24
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
PSID PrimaryGroup
Definition: setypes.h:217
LARGE_INTEGER ExpirationTime
Definition: setypes.h:203
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ObDereferenceObject
Definition: obfuncs.h:203
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PSID_AND_ATTRIBUTES RestrictedSids
Definition: setypes.h:216
#define SepReleaseTokenLock(Token)
Definition: se.h:227
#define TAG_TOKEN_DYNAMIC
Definition: tag.h:180
CCHAR SourceName[TOKEN_SOURCE_LENGTH]
Definition: imports.h:278
ULONG UserAndGroupCount
Definition: setypes.h:208
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
LUID TokenId
Definition: setypes.h:200
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:222
static NTSTATUS SepCreateTokenLock(_Inout_ PTOKEN Token)
Creates a lock for the token.
Definition: token.c:89
unsigned int ULONG
Definition: retypes.h:1
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define ULONG_PTR
Definition: config.h:101
#define ALIGN_UP_BY(size, align)
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:215
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define STATUS_SUCCESS
Definition: shellext.h:65
TOKEN_SOURCE TokenSource
Definition: setypes.h:199
#define TOKEN_SESSION_NOT_REFERENCED
Definition: setypes.h:1130
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417
#define PAGED_CODE()
LUID OriginatingLogonSession
Definition: setypes.h:228

Referenced by NtDuplicateToken(), NtOpenThreadTokenEx(), SeCopyClientToken(), and SeSubProcessToken().

◆ SepGetDaclFromDescriptor()

FORCEINLINE PACL SepGetDaclFromDescriptor ( PVOID  _Descriptor)

Definition at line 77 of file se.h.

78 {
81 
82  if (!(Descriptor->Control & SE_DACL_PRESENT)) return NULL;
83 
84  if (Descriptor->Control & SE_SELF_RELATIVE)
85  {
87  if (!SdRel->Dacl) return NULL;
88  return (PACL)((ULONG_PTR)Descriptor + SdRel->Dacl);
89  }
90  else
91  {
92  return Descriptor->Dacl;
93  }
94 }
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
#define SE_SELF_RELATIVE
Definition: setypes.h:780
#define SE_DACL_PRESENT
Definition: setypes.h:767
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
#define NULL
Definition: types.h:112
#define ULONG_PTR
Definition: config.h:101
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetDaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SeFastTraverseCheck().

◆ SepGetGroupFromDescriptor()

FORCEINLINE PSID SepGetGroupFromDescriptor ( PVOID  _Descriptor)

Definition at line 39 of file se.h.

40 {
43 
44  if (Descriptor->Control & SE_SELF_RELATIVE)
45  {
47  if (!SdRel->Group) return NULL;
48  return (PSID)((ULONG_PTR)Descriptor + SdRel->Group);
49  }
50  else
51  {
52  return Descriptor->Group;
53  }
54 }
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
#define SE_SELF_RELATIVE
Definition: setypes.h:780
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
#define NULL
Definition: types.h:112
#define ULONG_PTR
Definition: config.h:101
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetGroupSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), and SepAccessCheckAndAuditAlarm().

◆ SepGetOwnerFromDescriptor()

FORCEINLINE PSID SepGetOwnerFromDescriptor ( PVOID  _Descriptor)

Definition at line 58 of file se.h.

59 {
62 
63  if (Descriptor->Control & SE_SELF_RELATIVE)
64  {
66  if (!SdRel->Owner) return NULL;
67  return (PSID)((ULONG_PTR)Descriptor + SdRel->Owner);
68  }
69  else
70  {
71  return Descriptor->Owner;
72  }
73 }
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
#define SE_SELF_RELATIVE
Definition: setypes.h:780
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
#define NULL
Definition: types.h:112
#define ULONG_PTR
Definition: config.h:101
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetOwnerSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), SepAccessCheckAndAuditAlarm(), and SepTokenIsOwner().

◆ SepGetSaclFromDescriptor()

FORCEINLINE PACL SepGetSaclFromDescriptor ( PVOID  _Descriptor)

Definition at line 98 of file se.h.

99 {
102 
103  if (!(Descriptor->Control & SE_SACL_PRESENT)) return NULL;
104 
105  if (Descriptor->Control & SE_SELF_RELATIVE)
106  {
108  if (!SdRel->Sacl) return NULL;
109  return (PACL)((ULONG_PTR)Descriptor + SdRel->Sacl);
110  }
111  else
112  {
113  return Descriptor->Sacl;
114  }
115 }
#define SE_SACL_PRESENT
Definition: setypes.h:769
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:339
#define SE_SELF_RELATIVE
Definition: setypes.h:780
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
#define NULL
Definition: types.h:112
#define ULONG_PTR
Definition: config.h:101
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR

Referenced by _IRQL_requires_max_(), RtlGetSaclSecurityDescriptor(), RtlLengthSecurityDescriptor(), RtlpQuerySecurityDescriptor(), RtlValidSecurityDescriptor(), and SeCaptureSecurityDescriptor().

◆ SepInitDACLs()

BOOLEAN NTAPI SepInitDACLs ( VOID  )

Definition at line 31 of file acl.c.

32 {
34 
35  /* create PublicDefaultDacl */
36  AclLength = sizeof(ACL) +
37  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
38  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
39  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
40 
42  AclLength,
43  TAG_ACL);
45  return FALSE;
46 
48  AclLength,
49  ACL_REVISION);
50 
54  SeWorldSid);
55 
60 
65 
66  /* create PublicDefaultUnrestrictedDacl */
67  AclLength = sizeof(ACL) +
68  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
69  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
70  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
72 
74  AclLength,
75  TAG_ACL);
77  return FALSE;
78 
80  AclLength,
81  ACL_REVISION);
82 
86  SeWorldSid);
87 
92 
97 
102 
103  /* create PublicOpenDacl */
104  AclLength = sizeof(ACL) +
105  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
106  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
107  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
108 
110  AclLength,
111  TAG_ACL);
112  if (SePublicOpenDacl == NULL)
113  return FALSE;
114 
116  AclLength,
117  ACL_REVISION);
118 
120  ACL_REVISION,
122  SeWorldSid);
123 
125  ACL_REVISION,
126  GENERIC_ALL,
128 
130  ACL_REVISION,
131  GENERIC_ALL,
133 
134  /* create PublicOpenUnrestrictedDacl */
135  AclLength = sizeof(ACL) +
136  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
137  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
138  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
139  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
140 
142  AclLength,
143  TAG_ACL);
145  return FALSE;
146 
148  AclLength,
149  ACL_REVISION);
150 
152  ACL_REVISION,
153  GENERIC_ALL,
154  SeWorldSid);
155 
157  ACL_REVISION,
158  GENERIC_ALL,
160 
162  ACL_REVISION,
163  GENERIC_ALL,
165 
167  ACL_REVISION,
170 
171  /* create SystemDefaultDacl */
172  AclLength = sizeof(ACL) +
173  (sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
174  (sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
175 
177  AclLength,
178  TAG_ACL);
179  if (SeSystemDefaultDacl == NULL)
180  return FALSE;
181 
183  AclLength,
184  ACL_REVISION);
185 
187  ACL_REVISION,
188  GENERIC_ALL,
190 
192  ACL_REVISION,
195 
196  /* create UnrestrictedDacl */
197  AclLength = sizeof(ACL) +
198  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
199  (sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
200 
202  AclLength,
203  TAG_ACL);
204  if (SeUnrestrictedDacl == NULL)
205  return FALSE;
206 
208  AclLength,
209  ACL_REVISION);
210 
212  ACL_REVISION,
213  GENERIC_ALL,
214  SeWorldSid);
215 
217  ACL_REVISION,
220 
221  /* create SystemAnonymousLogonDacl */
222  AclLength = sizeof(ACL) +
223  (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
224  (sizeof(ACE) + RtlLengthSid(SeAnonymousLogonSid));
225 
227  AclLength,
228  TAG_ACL);
230  return FALSE;
231 
233  AclLength,
234  ACL_REVISION);
235 
237  ACL_REVISION,
238  GENERIC_ALL,
239  SeWorldSid);
240 
242  ACL_REVISION,
243  GENERIC_ALL,
245 
246  return TRUE;
247 }
#define GENERIC_ALL
Definition: nt_native.h:92
PSID SeRestrictedCodeSid
Definition: sid.c:42
#define TRUE
Definition: types.h:120
PACL SeSystemDefaultDacl
Definition: acl.c:19
PACL SePublicOpenDacl
Definition: acl.c:21
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:24
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:22
#define FALSE
Definition: types.h:117
PACL SeUnrestrictedDacl
Definition: acl.c:23
#define GENERIC_WRITE
Definition: nt_native.h:90
struct _ACL ACL
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define READ_CONTROL
Definition: nt_native.h:58
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PSID SeAliasAdminsSid
Definition: sid.c:43
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:20
#define GENERIC_READ
Definition: compat.h:135
PSID SeWorldSid
Definition: sid.c:27
#define TAG_ACL
Definition: tag.h:174
PACL SePublicDefaultDacl
Definition: acl.c:18
NTSTATUS NTAPI RtlAddAccessAllowedAce(IN OUT PACL Acl, IN ULONG Revision, IN ACCESS_MASK AccessMask, IN PSID Sid)
Definition: acl.c:262
NTSTATUS NTAPI RtlCreateAcl(IN PACL Acl, IN ULONG AclSize, IN ULONG AclRevision)
Definition: acl.c:677
#define NULL
Definition: types.h:112
#define ACL_REVISION
Definition: setypes.h:39
PSID SeLocalSystemSid
Definition: sid.c:40
unsigned int ULONG
Definition: retypes.h:1
PSID SeAnonymousLogonSid
Definition: se.h:155
#define GENERIC_EXECUTE
Definition: nt_native.h:91
Definition: rtltypes.h:990
_In_ ULONG AclLength
Definition: rtlfuncs.h:1844

Referenced by SepInitializationPhase0().

◆ SepInitializeTokenImplementation()

VOID NTAPI SepInitializeTokenImplementation ( VOID  )

Definition at line 1189 of file token.c.

1190 {
1192  OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
1193 
1194  DPRINT("Creating Token Object Type\n");
1195 
1196  /* Initialize the Token type */
1197  RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
1198  RtlInitUnicodeString(&Name, L"Token");
1199  ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
1200  ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
1201  ObjectTypeInitializer.SecurityRequired = TRUE;
1202  ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(TOKEN);
1203  ObjectTypeInitializer.GenericMapping = SepTokenMapping;
1204  ObjectTypeInitializer.PoolType = PagedPool;
1205  ObjectTypeInitializer.ValidAccessMask = TOKEN_ALL_ACCESS;
1206  ObjectTypeInitializer.UseDefaultObject = TRUE;
1207  ObjectTypeInitializer.DeleteProcedure = SepDeleteToken;
1208  ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SeTokenObjectType);
1209 }
#define OBJ_OPENLINK
Definition: winternl.h:230
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1048
#define TRUE
Definition: types.h:120
struct NameRec_ * Name
Definition: cdprocs.h:459
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
#define TOKEN_ALL_ACCESS
Definition: setypes.h:892
static const WCHAR L[]
Definition: oid.c:1250
static GENERIC_MAPPING SepTokenMapping
Definition: token.c:25
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
VOID NTAPI SepDeleteToken(PVOID ObjectBody)
Definition: token.c:1166
#define NULL
Definition: types.h:112
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define DPRINT
Definition: sndvol32.h:71
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
struct _TOKEN TOKEN

Referenced by SepInitializationPhase0().

◆ SepInitPrivileges()

VOID NTAPI SepInitPrivileges ( VOID  )

Definition at line 60 of file priv.c.

61 {
62 
63 }

Referenced by SepInitializationPhase0().

◆ SepInitSDs()

BOOLEAN NTAPI SepInitSDs ( VOID  )

Definition at line 31 of file sd.c.

32 {
33  /* Create PublicDefaultSd */
35  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
36  if (SePublicDefaultSd == NULL)
37  return FALSE;
38 
42  TRUE,
44  FALSE);
45 
46  /* Create PublicDefaultUnrestrictedSd */
48  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
50  return FALSE;
51 
55  TRUE,
57  FALSE);
58 
59  /* Create PublicOpenSd */
61  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
62  if (SePublicOpenSd == NULL)
63  return FALSE;
64 
68  TRUE,
70  FALSE);
71 
72  /* Create PublicOpenUnrestrictedSd */
74  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
76  return FALSE;
77 
81  TRUE,
83  FALSE);
84 
85  /* Create SystemDefaultSd */
87  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
88  if (SeSystemDefaultSd == NULL)
89  return FALSE;
90 
94  TRUE,
96  FALSE);
97 
98  /* Create UnrestrictedSd */
100  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
101  if (SeUnrestrictedSd == NULL)
102  return FALSE;
103 
107  TRUE,
109  FALSE);
110 
111  /* Create SystemAnonymousLogonSd */
113  sizeof(SECURITY_DESCRIPTOR), TAG_SD);
115  return FALSE;
116 
120  TRUE,
122  FALSE);
123 
124  return TRUE;
125 }
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:20
#define TRUE
Definition: types.h:120
PSECURITY_DESCRIPTOR SePublicDefaultSd
Definition: sd.c:18
PACL SeSystemDefaultDacl
Definition: acl.c:19
PSECURITY_DESCRIPTOR SeUnrestrictedSd
Definition: sd.c:23
NTSTATUS NTAPI RtlCreateSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Revision)
Definition: sd.c:117
PSECURITY_DESCRIPTOR SePublicOpenSd
Definition: sd.c:20
NTSTATUS NTAPI RtlSetDaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN DaclPresent, IN PACL Dacl, IN BOOLEAN DaclDefaulted)
Definition: sd.c:303
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
#define FALSE
Definition: types.h:117
PACL SePublicOpenDacl
Definition: acl.c:21
#define TAG_SD
Definition: tag.h:176
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
Definition: sd.c:21
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
Definition: sd.c:19
PACL SePublicDefaultDacl
Definition: acl.c:18
#define NULL
Definition: types.h:112
PACL SeUnrestrictedDacl
Definition: acl.c:23
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:22
PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
Definition: sd.c:24
PSECURITY_DESCRIPTOR SeSystemDefaultSd
Definition: sd.c:22
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:24

Referenced by SepInitializationPhase0().

◆ SepInitSecurityIDs()

BOOLEAN NTAPI SepInitSecurityIDs ( VOID  )

Definition at line 96 of file sid.c.

97 {
98  ULONG SidLength0;
99  ULONG SidLength1;
100  ULONG SidLength2;
101  PULONG SubAuthority;
102 
103  SidLength0 = RtlLengthRequiredSid(0);
104  SidLength1 = RtlLengthRequiredSid(1);
105  SidLength2 = RtlLengthRequiredSid(2);
106 
107  /* create NullSid */
138 
139  if (SeNullSid == NULL || SeWorldSid == NULL ||
143  SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
154  {
156  return FALSE;
157  }
158 
189 
190  SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
191  *SubAuthority = SECURITY_NULL_RID;
192  SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
193  *SubAuthority = SECURITY_WORLD_RID;
194  SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
195  *SubAuthority = SECURITY_LOCAL_RID;
196  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
197  *SubAuthority = SECURITY_CREATOR_OWNER_RID;
198  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
199  *SubAuthority = SECURITY_CREATOR_GROUP_RID;
200  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
201  *SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
202  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
203  *SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
204  SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
205  *SubAuthority = SECURITY_DIALUP_RID;
206  SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
207  *SubAuthority = SECURITY_NETWORK_RID;
208  SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
209  *SubAuthority = SECURITY_BATCH_RID;
210  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
211  *SubAuthority = SECURITY_INTERACTIVE_RID;
212  SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
213  *SubAuthority = SECURITY_SERVICE_RID;
214  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
215  *SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
216  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
217  *SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
218  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
219  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
220  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
221  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
222  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
223  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
224  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
225  *SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
226  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
227  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
228  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
229  *SubAuthority = DOMAIN_ALIAS_RID_USERS;
230  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
231  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
232  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
233  *SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
234  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
235  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
236  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
237  *SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
238  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
239  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
240  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
241  *SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
242  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
243  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
244  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
245  *SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
246  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
247  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
248  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
249  *SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
250  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
251  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
252  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
253  *SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
254  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
255  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
256  SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
257  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
258  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
259  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
260  SubAuthority = RtlSubAuthoritySid(SeLocalServiceSid, 0);
261  *SubAuthority = SECURITY_LOCAL_SERVICE_RID;
262  SubAuthority = RtlSubAuthoritySid(SeNetworkServiceSid, 0);
263  *SubAuthority = SECURITY_NETWORK_SERVICE_RID;
264 
265  return TRUE;
266 }
PSID SeLocalServiceSid
Definition: sid.c:54
#define SECURITY_BATCH_RID
Definition: setypes.h:530
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:626
PSID SeAliasPrintOpsSid
Definition: sid.c:49
VOID NTAPI FreeInitializedSids(VOID)
Definition: sid.c:61
PSID SeAnonymousLogonSid
Definition: sid.c:53
PSID SeBatchSid
Definition: sid.c:36
#define TRUE
Definition: types.h:120
PSID SeLocalSystemSid
Definition: sid.c:40
PSID SeAliasAdminsSid
Definition: sid.c:43
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:629
PSID SeDialupSid
Definition: sid.c:34
#define SECURITY_DIALUP_RID
Definition: setypes.h:528
#define SECURITY_NETWORK_RID
Definition: setypes.h:529
#define TAG_SID
Definition: sid.c:15
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:627
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:531
PSID SeAliasBackupOpsSid
Definition: sid.c:50
PSID SePrincipalSelfSid
Definition: sid.c:39
PULONG NTAPI RtlSubAuthoritySid(IN PSID Sid_, IN ULONG SubAuthority)
Definition: sid.c:89
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:539
PSID SeCreatorOwnerServerSid
Definition: sid.c:31
#define FALSE
Definition: types.h:117
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
Definition: sid.c:23
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:520
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:632