ReactOS 0.4.16-dev-1528-g28b3562
cmse.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: ntoskrnl/config/cmse.c
5 * PURPOSE: Configuration Manager - Security Subsystem Interface
6 * PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
7 */
8
9/* INCLUDES ******************************************************************/
10
11#include "ntoskrnl.h"
12#define NDEBUG
13#include "debug.h"
14
15/* GLOBALS *******************************************************************/
16
17/* FUNCTIONS *****************************************************************/
18
19PSECURITY_DESCRIPTOR
20NTAPI
21CmpHiveRootSecurityDescriptor(VOID)
22{
23 NTSTATUS Status;
24 PSECURITY_DESCRIPTOR SecurityDescriptor;
25 PACL Acl, AclCopy;
26 PSID Sid[4];
27 SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY};
28 SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
29 ULONG AceLength, AclLength, SidLength;
30 PACE_HEADER AceHeader;
31 ULONG i;
32 PAGED_CODE();
33
34 /* Phase 1: Allocate SIDs */
35 SidLength = RtlLengthRequiredSid(1);
36 Sid[0] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
37 Sid[1] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
38 Sid[2] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
39 SidLength = RtlLengthRequiredSid(2);
40 Sid[3] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
41
42 /* Make sure all SIDs were allocated */
43 if (!Sid[0] || !Sid[1] || !Sid[2] || !Sid[3])
44 {
45 /* Bugcheck */
46 KeBugCheckEx(REGISTRY_ERROR, 11, 1, 0, 0);
47 }
48
49 /* Phase 2: Initialize all SIDs */
50 Status = RtlInitializeSid(Sid[0], &WorldAuthority, 1);
51 Status |= RtlInitializeSid(Sid[1], &NtAuthority, 1);
52 Status |= RtlInitializeSid(Sid[2], &NtAuthority, 1);
53 Status |= RtlInitializeSid(Sid[3], &NtAuthority, 2);
54 if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 2, 0, 0);
55
56 /* Phase 2: Setup SID Sub Authorities */
57 *RtlSubAuthoritySid(Sid[0], 0) = SECURITY_WORLD_RID;
58 *RtlSubAuthoritySid(Sid[1], 0) = SECURITY_RESTRICTED_CODE_RID;
59 *RtlSubAuthoritySid(Sid[2], 0) = SECURITY_LOCAL_SYSTEM_RID;
60 *RtlSubAuthoritySid(Sid[3], 0) = SECURITY_BUILTIN_DOMAIN_RID;
61 *RtlSubAuthoritySid(Sid[3], 1) = DOMAIN_ALIAS_RID_ADMINS;
62
63 /* Make sure all SIDs are valid */
64 ASSERT(RtlValidSid(Sid[0]));
65 ASSERT(RtlValidSid(Sid[1]));
66 ASSERT(RtlValidSid(Sid[2]));
67 ASSERT(RtlValidSid(Sid[3]));
68
69 /* Phase 3: Calculate ACL Length */
70 AclLength = sizeof(ACL);
71 for (i = 0; i < 4; i++)
72 {
73 /* This is what MSDN says to do */
74 AceLength = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart);
75 AceLength += SeLengthSid(Sid[i]);
76 AclLength += AceLength;
77 }
78
79 /* Phase 3: Allocate the ACL */
80 Acl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_CMSD);
81 if (!Acl) KeBugCheckEx(REGISTRY_ERROR, 11, 3, 0, 0);
82
83 /* Phase 4: Create the ACL */
84 Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION);
85 if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 4, Status, 0);
86
87 /* Phase 5: Build the ACL */
88 Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[2]);
89 Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[3]);
90 Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[0]);
91 Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[1]);
92 if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 5, Status, 0);
93
94 /* Phase 5: Make the ACEs inheritable */
95 Status = RtlGetAce(Acl, 0, (PVOID*)&AceHeader);
96 ASSERT(NT_SUCCESS(Status));
97 AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
98 Status = RtlGetAce(Acl, 1, (PVOID*)&AceHeader);
99 ASSERT(NT_SUCCESS(Status));
100 AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
101 Status = RtlGetAce(Acl, 2, (PVOID*)&AceHeader);
102 ASSERT(NT_SUCCESS(Status));
103 AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
104 Status = RtlGetAce(Acl, 3, (PVOID*)&AceHeader);
105 ASSERT(NT_SUCCESS(Status));
106 AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
107
108 /* Phase 6: Allocate the security descriptor and make space for the ACL */
109 SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
110 sizeof(SECURITY_DESCRIPTOR) +
111 AclLength,
112 TAG_CMSD);
113 if (!SecurityDescriptor) KeBugCheckEx(REGISTRY_ERROR, 11, 6, 0, 0);
114
115 /* Phase 6: Make a copy of the ACL */
116 AclCopy = (PACL)((PISECURITY_DESCRIPTOR)SecurityDescriptor + 1);
117 RtlCopyMemory(AclCopy, Acl, AclLength);
118
119 /* Phase 7: Create the security descriptor */
120 Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
121 SECURITY_DESCRIPTOR_REVISION);
122 if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 7, Status, 0);
123
124 /* Phase 8: Set the ACL as a DACL */
125 Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor,
126 TRUE,
127 AclCopy,
128 FALSE);
129 if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 8, Status, 0);
130
131 /* Free the SIDs and original ACL */
132 for (i = 0; i < 4; i++) ExFreePoolWithTag(Sid[i], TAG_CMSD);
133 ExFreePoolWithTag(Acl, TAG_CMSD);
134
135 /* Return the security descriptor */
136 return SecurityDescriptor;
137}
138
139NTSTATUS
140CmpQuerySecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb,
141 IN SECURITY_INFORMATION SecurityInformation,
142 OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
143 IN OUT PULONG BufferLength)
144{
145 PISECURITY_DESCRIPTOR_RELATIVE RelSd;
146 ULONG SidSize;
147 ULONG AclSize;
148 ULONG SdSize;
149 NTSTATUS Status;
150 SECURITY_DESCRIPTOR_CONTROL Control = 0;
151 ULONG Owner = 0;
152 ULONG Group = 0;
153 ULONG Dacl = 0;
154
155 DBG_UNREFERENCED_PARAMETER(Kcb);
156
157 DPRINT("CmpQuerySecurityDescriptor()\n");
158
159 if (SecurityInformation == 0)
160 {
161 return STATUS_ACCESS_DENIED;
162 }
163
164 SidSize = RtlLengthSid(SeWorldSid);
165 RelSd = SecurityDescriptor;
166 SdSize = sizeof(*RelSd);
167
168 if (SecurityInformation & OWNER_SECURITY_INFORMATION)
169 {
170 Owner = SdSize;
171 SdSize += SidSize;
172 }
173
174 if (SecurityInformation & GROUP_SECURITY_INFORMATION)
175 {
176 Group = SdSize;
177 SdSize += SidSize;
178 }
179
180 if (SecurityInformation & DACL_SECURITY_INFORMATION)
181 {
182 Control |= SE_DACL_PRESENT;
183 Dacl = SdSize;
184 AclSize = sizeof(ACL) + sizeof(ACE) + SidSize;
185 SdSize += AclSize;
186 }
187
188 if (SecurityInformation & SACL_SECURITY_INFORMATION)
189 {
190 Control |= SE_SACL_PRESENT;
191 }
192
193 if (*BufferLength < SdSize)
194 {
195 *BufferLength = SdSize;
196 return STATUS_BUFFER_TOO_SMALL;
197 }
198
199 *BufferLength = SdSize;
200
201 Status = RtlCreateSecurityDescriptorRelative(RelSd,
202 SECURITY_DESCRIPTOR_REVISION);
203 if (!NT_SUCCESS(Status))
204 return Status;
205
206 RelSd->Control |= Control;
207 RelSd->Owner = Owner;
208 RelSd->Group = Group;
209 RelSd->Dacl = Dacl;
210
211 if (Owner)
212 RtlCopyMemory((PUCHAR)RelSd + Owner,
213 SeWorldSid,
214 SidSize);
215
216 if (Group)
217 RtlCopyMemory((PUCHAR)RelSd + Group,
218 SeWorldSid,
219 SidSize);
220
221 if (Dacl)
222 {
223 Status = RtlCreateAcl((PACL)((PUCHAR)RelSd + Dacl),
224 AclSize,
225 ACL_REVISION);
226 if (NT_SUCCESS(Status))
227 {
228 Status = RtlAddAccessAllowedAce((PACL)((PUCHAR)RelSd + Dacl),
229 ACL_REVISION,
230 GENERIC_ALL,
231 SeWorldSid);
232 }
233 }
234
235 ASSERT(Status == STATUS_SUCCESS);
236 return Status;
237}
238
239NTSTATUS
240CmpSetSecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb,
241 IN PSECURITY_INFORMATION SecurityInformation,
242 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
243 IN POOL_TYPE PoolType,
244 IN PGENERIC_MAPPING GenericMapping)
245{
246 DPRINT("CmpSetSecurityDescriptor()\n");
247 return STATUS_SUCCESS;
248}
249
250NTSTATUS
251CmpAssignSecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb,
252 IN PSECURITY_DESCRIPTOR SecurityDescriptor)
253{
254 DPRINT("CmpAssignSecurityDescriptor(%p %p)\n",
255 Kcb, SecurityDescriptor);
256 return STATUS_SUCCESS;
257}
258
259NTSTATUS
260NTAPI
261CmpSecurityMethod(IN PVOID ObjectBody,
262 IN SECURITY_OPERATION_CODE OperationCode,
263 IN PSECURITY_INFORMATION SecurityInformation,
264 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
265 IN OUT PULONG BufferLength,
266 IN OUT PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
267 IN POOL_TYPE PoolType,
268 IN PGENERIC_MAPPING GenericMapping)
269{
270 PCM_KEY_CONTROL_BLOCK Kcb;
271 NTSTATUS Status = STATUS_SUCCESS;
272
273 DBG_UNREFERENCED_PARAMETER(OldSecurityDescriptor);
274 DBG_UNREFERENCED_PARAMETER(GenericMapping);
275
276 Kcb = ((PCM_KEY_BODY)ObjectBody)->KeyControlBlock;
277
278 /* Acquire the hive lock */
279 CmpLockRegistry();
280
281 /* Acquire the KCB lock */
282 if (OperationCode == QuerySecurityDescriptor)
283 {
284 /* Avoid recursive locking if somebody already holds it */
285 if (!((PCM_KEY_BODY)ObjectBody)->KcbLocked)
286 {
287 CmpAcquireKcbLockShared(Kcb);
288 }
289 }
290 else
291 {
292 ASSERT(!((PCM_KEY_BODY)ObjectBody)->KcbLocked);
293 CmpAcquireKcbLockExclusive(Kcb);
294 }
295
296 /* Don't touch deleted keys */
297 if (Kcb->Delete)
298 {
299 /* Release the KCB lock */
300 CmpReleaseKcbLock(Kcb);
301
302 /* Release the hive lock */
303 CmpUnlockRegistry();
304 return STATUS_KEY_DELETED;
305 }
306
307 switch (OperationCode)
308 {
309 case SetSecurityDescriptor:
310 DPRINT("Set security descriptor\n");
311 ASSERT((PoolType == PagedPool) || (PoolType == NonPagedPool));
312 Status = CmpSetSecurityDescriptor(Kcb,
313 SecurityInformation,
314 SecurityDescriptor,
315 PoolType,
316 GenericMapping);
317 break;
318
319 case QuerySecurityDescriptor:
320 DPRINT("Query security descriptor\n");
321 Status = CmpQuerySecurityDescriptor(Kcb,
322 *SecurityInformation,
323 SecurityDescriptor,
324 BufferLength);
325 break;
326
327 case DeleteSecurityDescriptor:
328 DPRINT("Delete security descriptor\n");
329 /* HACK */
330 break;
331
332 case AssignSecurityDescriptor:
333 DPRINT("Assign security descriptor\n");
334 Status = CmpAssignSecurityDescriptor(Kcb,
335 SecurityDescriptor);
336 break;
337
338 default:
339 KeBugCheckEx(SECURITY_SYSTEM, 0, STATUS_INVALID_PARAMETER, 0, 0);
340 }
341
342 /*
343 * Release the KCB lock, but only if we locked it ourselves and
344 * nobody else was locking it by themselves.
345 */
346 if (!((PCM_KEY_BODY)ObjectBody)->KcbLocked)
347 {
348 CmpReleaseKcbLock(Kcb);
349 }
350
351 /* Release the hive lock */
352 CmpUnlockRegistry();
353
354 return Status;
355}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
PCM_KEY_BODY
struct _CM_KEY_BODY * PCM_KEY_BODY
CmpAcquireKcbLockExclusive
FORCEINLINE VOID CmpAcquireKcbLockExclusive(PCM_KEY_CONTROL_BLOCK Kcb)
Definition: cm_x.h:133
CmpAcquireKcbLockShared
#define CmpAcquireKcbLockShared(k)
Definition: cm_x.h:162
CmpReleaseKcbLock
FORCEINLINE VOID CmpReleaseKcbLock(PCM_KEY_CONTROL_BLOCK Kcb)
Definition: cm_x.h:202
TAG_CMSD
#define TAG_CMSD
Definition: cmlib.h:215
CmpUnlockRegistry
VOID NTAPI CmpUnlockRegistry(VOID)
Definition: cmsysini.c:2060
CmpLockRegistry
VOID NTAPI CmpLockRegistry(VOID)
Definition: cmsysini.c:1974
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
WorldAuthority
static SID_IDENTIFIER_AUTHORITY WorldAuthority
Definition: security.c:14
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
NonPagedPool
#define NonPagedPool
Definition: env_spec_w32.h:307
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
Status
Status
Definition: gdiplustypes.h:25
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
RtlAddAccessAllowedAce
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
RtlSetDaclSecurityDescriptor
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
SECURITY_DESCRIPTOR_CONTROL
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
ASSERT
#define ASSERT(a)
Definition: mode.c:44
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
ACL
struct _ACL ACL
PACL
struct _ACL * PACL
Definition: security.c:105
PSECURITY_INFORMATION
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1617
Group
_In_opt_ PSID Group
Definition: rtlfuncs.h:1670
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1621
RtlCreateAcl
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
RtlGetAce
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
RtlCreateSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1157
RtlCreateSecurityDescriptorRelative
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptorRelative(_Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor, _In_ ULONG Revision)
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
DBG_UNREFERENCED_PARAMETER
#define DBG_UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:330
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
CmpAssignSecurityDescriptor
NTSTATUS CmpAssignSecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: cmse.c:251
CmpHiveRootSecurityDescriptor
PSECURITY_DESCRIPTOR NTAPI CmpHiveRootSecurityDescriptor(VOID)
Definition: cmse.c:21
CmpSecurityMethod
NTSTATUS NTAPI CmpSecurityMethod(IN PVOID ObjectBody, IN SECURITY_OPERATION_CODE OperationCode, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG BufferLength, IN OUT PSECURITY_DESCRIPTOR *OldSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
Definition: cmse.c:261
CmpSetSecurityDescriptor
NTSTATUS CmpSetSecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb, IN PSECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
Definition: cmse.c:240
CmpQuerySecurityDescriptor
NTSTATUS CmpQuerySecurityDescriptor(IN PCM_KEY_CONTROL_BLOCK Kcb, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG BufferLength)
Definition: cmse.c:140
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
STATUS_KEY_DELETED
#define STATUS_KEY_DELETED
Definition: ntstatus.h:613
KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:108
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
DPRINT
#define DPRINT
Definition: sndvol32.h:73
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
_ACE_HEADER
Definition: ms-dtyp.idl:209
_ACE_HEADER::AceFlags
UCHAR AceFlags
Definition: ms-dtyp.idl:211
_ACE
Definition: rtltypes.h:987
_ACL
Definition: ms-dtyp.idl:293
_CM_KEY_BODY
Definition: cm.h:235
_CM_KEY_CONTROL_BLOCK
Definition: cm.h:270
_CM_KEY_CONTROL_BLOCK::Delete
ULONG Delete
Definition: cm.h:277
_GENERIC_MAPPING
Definition: nt_native.h:564
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:848
_SECURITY_DESCRIPTOR_RELATIVE::Control
SECURITY_DESCRIPTOR_CONTROL Control
Definition: setypes.h:851
_SECURITY_DESCRIPTOR_RELATIVE::Group
$ULONG Group
Definition: setypes.h:853
_SECURITY_DESCRIPTOR_RELATIVE::Owner
$ULONG Owner
Definition: setypes.h:852
_SECURITY_DESCRIPTOR_RELATIVE::Dacl
$ULONG Dacl
Definition: setypes.h:855
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_SID
Definition: ms-dtyp.idl:198
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
NTAPI
#define NTAPI
Definition: typedefs.h:36
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
IN
#define IN
Definition: typedefs.h:39
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
Control
_In_ WDF_WMI_PROVIDER_CONTROL Control
Definition: wdfwmi.h:166
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
AclLength
_In_ ULONG AclLength
Definition: rtlfuncs.h:1859
SeLengthSid
#define SeLengthSid(Sid)
Definition: sefuncs.h:570
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:527
SECURITY_OPERATION_CODE
SECURITY_OPERATION_CODE
Definition: setypes.h:170
SECURITY_WORLD_RID
#define SECURITY_WORLD_RID
Definition: setypes.h:541
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
SECURITY_RESTRICTED_CODE_RID
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:569
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
SE_SACL_PRESENT
#define SE_SACL_PRESENT
Definition: setypes.h:835
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
SE_DACL_PRESENT
#define SE_DACL_PRESENT
Definition: setypes.h:833