ReactOS  0.4.13-dev-100-gc8611ae
priv.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for priv.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define CONST_LUID(x1, x2)   {x1, x2}
 

Functions

VOID INIT_FUNCTION NTAPI SepInitPrivileges (VOID)
 
BOOLEAN NTAPI SepPrivilegeCheck (PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SepSinglePrivilegeCheck (LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeAppendPrivileges (IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
 
VOID NTAPI SeFreePrivileges (IN PPRIVILEGE_SET Privileges)
 
BOOLEAN NTAPI SePrivilegeCheck (PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeSinglePrivilegeCheck (IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckPrivilegedObject (IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI NtPrivilegeCheck (IN HANDLE ClientToken, IN PPRIVILEGE_SET RequiredPrivileges, OUT PBOOLEAN Result)
 

Variables

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)
 
const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)
 
const LUID SeLockMemoryPrivilege = CONST_LUID(SE_LOCK_MEMORY_PRIVILEGE, 0)
 
const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)
 
const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)
 
const LUID SeTcbPrivilege = CONST_LUID(SE_TCB_PRIVILEGE, 0)
 
const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)
 
const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)
 
const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)
 
const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)
 
const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)
 
const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)
 
const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)
 
const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)
 
const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)
 
const LUID SeBackupPrivilege = CONST_LUID(SE_BACKUP_PRIVILEGE, 0)
 
const LUID SeRestorePrivilege = CONST_LUID(SE_RESTORE_PRIVILEGE, 0)
 
const LUID SeShutdownPrivilege = CONST_LUID(SE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeDebugPrivilege = CONST_LUID(SE_DEBUG_PRIVILEGE, 0)
 
const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)
 
const LUID SeSystemEnvironmentPrivilege = CONST_LUID(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0)
 
const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
 
const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)
 
const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)
 
const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)
 
const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)
 
const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
 
const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
 
const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)
 
const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)
 
const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)
 
const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)
 
const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)
 

Macro Definition Documentation

◆ CONST_LUID

#define CONST_LUID (   x1,
  x2 
)    {x1, x2}

Definition at line 22 of file priv.c.

◆ NDEBUG

#define NDEBUG

Definition at line 13 of file priv.c.

Function Documentation

◆ NtPrivilegeCheck()

NTSTATUS NTAPI NtPrivilegeCheck ( IN HANDLE  ClientToken,
IN PPRIVILEGE_SET  RequiredPrivileges,
OUT PBOOLEAN  Result 
)

Definition at line 600 of file priv.c.

603 {
605  PTOKEN Token;
606  ULONG PrivilegeCount = 0;
607  ULONG PrivilegeControl = 0;
608  ULONG Length;
609  BOOLEAN CheckResult;
612 
613  PAGED_CODE();
614 
616 
617  /* probe the buffers */
618  if (PreviousMode != KernelMode)
619  {
620  _SEH2_TRY
621  {
622  ProbeForWrite(RequiredPrivileges,
624  Privilege),
625  sizeof(ULONG));
626 
627  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
628  PrivilegeControl = RequiredPrivileges->Control;
629 
630  /* Check PrivilegeCount to avoid an integer overflow! */
632  Privilege[PrivilegeCount]) /
633  sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
634  {
636  }
637 
638  /* probe all of the array */
639  ProbeForWrite(RequiredPrivileges,
641  Privilege[PrivilegeCount]),
642  sizeof(ULONG));
643 
645  }
647  {
648  /* Return the exception code */
650  }
651  _SEH2_END;
652  }
653  else
654  {
655  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
656  PrivilegeControl = RequiredPrivileges->Control;
657  }
658 
659  /* reference the token and make sure we're
660  not doing an anonymous impersonation */
661  Status = ObReferenceObjectByHandle(ClientToken,
662  TOKEN_QUERY,
664  PreviousMode,
665  (PVOID*)&Token,
666  NULL);
667  if (!NT_SUCCESS(Status))
668  {
669  return Status;
670  }
671 
672  if (Token->TokenType == TokenImpersonation &&
673  Token->ImpersonationLevel < SecurityIdentification)
674  {
677  }
678 
679  /* capture the privileges */
680  Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
681  PrivilegeCount,
682  PreviousMode,
683  NULL,
684  0,
685  PagedPool,
686  TRUE,
687  &Privileges,
688  &Length);
689  if (!NT_SUCCESS(Status))
690  {
692  return Status;
693  }
694 
695  CheckResult = SepPrivilegeCheck(Token,
696  Privileges,
697  PrivilegeCount,
698  PrivilegeControl,
699  PreviousMode);
700 
702 
703  /* return the array */
704  _SEH2_TRY
705  {
706  RtlCopyMemory(RequiredPrivileges->Privilege,
707  Privileges,
708  PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
709  *Result = CheckResult;
711  }
713  {
715  }
716  _SEH2_END;
717 
719  PreviousMode,
720  TRUE);
721 
722  return Status;
723 }
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:387
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define KeGetPreviousMode()
Definition: ketypes.h:1081
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
#define PAGED_CODE()
Definition: video.h:57
_SEH2_TRY
Definition: create.c:4250
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
POBJECT_TYPE SeTokenObjectType
Definition: token.c:34
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define TOKEN_QUERY
Definition: setypes.h:874
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
_SEH2_END
Definition: create.c:4424
VOID NTAPI SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
Definition: priv.c:387
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
Definition: priv.c:291
unsigned int ULONG
Definition: retypes.h:1
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by PrivilegeCheck().

◆ SeAppendPrivileges()

NTSTATUS NTAPI SeAppendPrivileges ( IN OUT PACCESS_STATE  AccessState,
IN PPRIVILEGE_SET  Privileges 
)

Definition at line 407 of file priv.c.

409 {
410  PAUX_ACCESS_DATA AuxData;
411  ULONG OldPrivilegeSetSize;
412  ULONG NewPrivilegeSetSize;
413  PPRIVILEGE_SET PrivilegeSet;
414 
415  PAGED_CODE();
416 
417  /* Get the Auxiliary Data */
418  AuxData = AccessState->AuxData;
419 
420  /* Calculate the size of the old privilege set */
421  OldPrivilegeSetSize = sizeof(PRIVILEGE_SET) +
422  (AuxData->PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
423 
424  if (AuxData->PrivilegeSet->PrivilegeCount +
425  Privileges->PrivilegeCount > INITIAL_PRIVILEGE_COUNT)
426  {
427  /* Calculate the size of the new privilege set */
428  NewPrivilegeSetSize = OldPrivilegeSetSize +
429  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
430 
431  /* Allocate a new privilege set */
432  PrivilegeSet = ExAllocatePoolWithTag(PagedPool,
433  NewPrivilegeSetSize,
435  if (PrivilegeSet == NULL)
437 
438  /* Copy original privileges from the acess state */
439  RtlCopyMemory(PrivilegeSet,
440  AuxData->PrivilegeSet,
441  OldPrivilegeSetSize);
442 
443  /* Append privileges from the privilege set*/
444  RtlCopyMemory((PVOID)((ULONG_PTR)PrivilegeSet + OldPrivilegeSetSize),
446  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
447 
448  /* Adjust the number of privileges in the new privilege set */
449  PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
450 
451  /* Free the old privilege set if it was allocated */
452  if (AccessState->PrivilegesAllocated != FALSE)
454 
455  /* Now we are using an allocated privilege set */
456  AccessState->PrivilegesAllocated = TRUE;
457 
458  /* Assign the new privileges to the access state */
459  AuxData->PrivilegeSet = PrivilegeSet;
460  }
461  else
462  {
463  /* Append privileges */
464  RtlCopyMemory((PVOID)((ULONG_PTR)AuxData->PrivilegeSet + OldPrivilegeSetSize),
466  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
467 
468  /* Adjust the number of privileges in the target privilege set */
469  AuxData->PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
470  }
471 
472  return STATUS_SUCCESS;
473 }
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:187
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
struct _PRIVILEGE_SET PRIVILEGE_SET
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define PAGED_CODE()
Definition: video.h:57
uint32_t ULONG_PTR
Definition: typedefs.h:63
smooth NULL
Definition: ftsmooth.c:416
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:144
unsigned int ULONG
Definition: retypes.h:1
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by IopCheckBackupRestorePrivilege(), IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Src,
ULONG  PrivilegeCount,
KPROCESSOR_MODE  PreviousMode,
PLUID_AND_ATTRIBUTES  AllocatedMem,
ULONG  AllocatedLength,
POOL_TYPE  PoolType,
BOOLEAN  CaptureIfKernel,
PLUID_AND_ATTRIBUTES Dest,
PULONG  Length 
)

Definition at line 291 of file priv.c.

300 {
303 
304  PAGED_CODE();
305 
306  if (PrivilegeCount == 0)
307  {
308  *Dest = 0;
309  *Length = 0;
310  return STATUS_SUCCESS;
311  }
312 
313  if (PreviousMode == KernelMode && !CaptureIfKernel)
314  {
315  *Dest = Src;
316  return STATUS_SUCCESS;
317  }
318 
319  /* FIXME - check PrivilegeCount for a valid number so we don't
320  cause an integer overflow or exhaust system resources! */
321 
322  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
323  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
324 
325  /* probe the buffer */
326  if (PreviousMode != KernelMode)
327  {
328  _SEH2_TRY
329  {
330  ProbeForRead(Src,
331  BufferSize,
332  sizeof(ULONG));
333  }
335  {
336  /* Return the exception code */
338  }
339  _SEH2_END;
340  }
341 
342  /* allocate enough memory or check if the provided buffer is
343  large enough to hold the array */
344  if (AllocatedMem != NULL)
345  {
346  if (AllocatedLength < BufferSize)
347  {
349  }
350 
351  *Dest = AllocatedMem;
352  }
353  else
354  {
356  BufferSize,
357  TAG_LUID);
358  if (*Dest == NULL)
359  {
361  }
362  }
363 
364  /* copy the array to the buffer */
365  _SEH2_TRY
366  {
367  RtlCopyMemory(*Dest,
368  Src,
369  BufferSize);
370  }
372  {
374  }
375  _SEH2_END;
376 
377  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
378  {
379  ExFreePoolWithTag(*Dest, TAG_LUID);
380  }
381 
382  return Status;
383 }
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
LONG NTSTATUS
Definition: precomp.h:26
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define PAGED_CODE()
Definition: video.h:57
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
_SEH2_TRY
Definition: create.c:4250
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
smooth NULL
Definition: ftsmooth.c:416
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TAG_LUID
Definition: tag.h:178
#define BufferSize
Definition: classpnp.h:419
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Status
Definition: gdiplustypes.h:24
_SEH2_END
Definition: create.c:4424
unsigned int ULONG
Definition: retypes.h:1
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
return STATUS_SUCCESS
Definition: btrfs.c:2725
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 257 of file priv.c.

260 {
261  PRIVILEGE_SET PrivilegeSet;
262  BOOLEAN Result;
263  PAGED_CODE();
264 
265  /* Initialize the privilege set with the single privilege */
266  PrivilegeSet.PrivilegeCount = 1;
267  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
268  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
269  PrivilegeSet.Privilege[0].Attributes = 0;
270 
271  /* Check against the primary token! */
272  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
273  &PrivilegeSet.Privilege[0],
274  1,
276  PreviousMode);
277 
278  if (PreviousMode != KernelMode)
279  {
282  &PrivilegeSet,
283  Result);
284  }
285 
286  return Result;
287 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
const LUID SeAuditPrivilege
Definition: priv.c:42
$ULONG Control
Definition: setypes.h:87
#define PAGED_CODE()
Definition: video.h:57
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( IN LUID  PrivilegeValue,
IN HANDLE  ObjectHandle,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 560 of file priv.c.

564 {
566  PRIVILEGE_SET Priv;
567  BOOLEAN Result;
568 
569  PAGED_CODE();
570 
572 
573  Priv.PrivilegeCount = 1;
575  Priv.Privilege[0].Luid = PrivilegeValue;
577 
579  if (PreviousMode != KernelMode)
580  {
581 #if 0
582  SePrivilegeObjectAuditAlarm(ObjectHandle,
585  &PrivilegeValue,
586  Result,
587  PreviousMode);
588 #endif
589  }
590 
592 
593  return Result;
594 }
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
$ULONG Control
Definition: setypes.h:87
#define PAGED_CODE()
Definition: video.h:57
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
unsigned char BOOLEAN
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:491
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
Definition: audit.c:845

Referenced by NtSetInformationProcess().

◆ SeFreePrivileges()

VOID NTAPI SeFreePrivileges ( IN PPRIVILEGE_SET  Privileges)

Definition at line 480 of file priv.c.

481 {
482  PAGED_CODE();
484 }
#define PAGED_CODE()
Definition: video.h:57
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NtAccessCheck(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SepInitPrivileges()

VOID INIT_FUNCTION NTAPI SepInitPrivileges ( VOID  )

Definition at line 64 of file priv.c.

65 {
66 
67 }

Referenced by SepInitializationPhase0().

◆ SepPrivilegeCheck()

BOOLEAN NTAPI SepPrivilegeCheck ( PTOKEN  Token,
PLUID_AND_ATTRIBUTES  Privileges,
ULONG  PrivilegeCount,
ULONG  PrivilegeControl,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 72 of file priv.c.

77 {
78  ULONG i;
79  ULONG j;
81 
82  DPRINT("SepPrivilegeCheck() called\n");
83 
84  PAGED_CODE();
85 
86  if (PreviousMode == KernelMode)
87  return TRUE;
88 
89  /* Get the number of privileges that are required to match */
90  Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
91 
92  /* Acquire a shared token lock */
94 
95  /* Loop all requested privileges until we found the required ones */
96  for (i = 0; i < PrivilegeCount; i++)
97  {
98  /* Loop the privileges of the token */
99  for (j = 0; j < Token->PrivilegeCount; j++)
100  {
101  /* Check if the LUIDs match */
102  if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
103  {
104  DPRINT("Found privilege. Attributes: %lx\n",
105  Token->Privileges[j].Attributes);
106 
107  /* Check if the privilege is enabled */
108  if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
109  {
111  Required--;
112 
113  /* Check if we have found all privileges */
114  if (Required == 0)
115  {
116  /* We're done! */
118  return TRUE;
119  }
120  }
121 
122  /* Leave the inner loop */
123  break;
124  }
125  }
126  }
127 
128  /* Release the token lock */
130 
131  /* When we reached this point, we did not find all privileges */
132  ASSERT(Required > 0);
133  return FALSE;
134 }
#define TRUE
Definition: types.h:120
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define PAGED_CODE()
Definition: video.h:57
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
void DPRINT(...)
Definition: polytest.cpp:61
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define SepReleaseTokenLock(Token)
Definition: se.h:211
#define SepAcquireTokenLockShared(Token)
Definition: se.h:205
unsigned int ULONG
Definition: retypes.h:1
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
Definition: newmm.h:66

Referenced by NtPrivilegeCheck(), SeCheckAuditPrivilege(), SePrivilegeCheck(), and SepSinglePrivilegeCheck().

◆ SePrivilegeCheck()

BOOLEAN NTAPI SePrivilegeCheck ( PPRIVILEGE_SET  Privileges,
PSECURITY_SUBJECT_CONTEXT  SubjectContext,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 491 of file priv.c.

494 {
496 
497  PAGED_CODE();
498 
499  if (SubjectContext->ClientToken == NULL)
500  {
501  Token = SubjectContext->PrimaryToken;
502  }
503  else
504  {
505  Token = SubjectContext->ClientToken;
506  if (SubjectContext->ImpersonationLevel < 2)
507  {
508  return FALSE;
509  }
510  }
511 
512  return SepPrivilegeCheck(Token,
513  Privileges->Privilege,
514  Privileges->PrivilegeCount,
515  Privileges->Control,
516  PreviousMode);
517 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define PAGED_CODE()
Definition: video.h:57
smooth NULL
Definition: ftsmooth.c:416
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13

Referenced by FatCheckManageVolumeAccess(), has_manage_volume_privilege(), HasPrivilege(), IopCheckBackupRestorePrivilege(), SeCheckPrivilegedObject(), SeSinglePrivilegeCheck(), and START_TEST().

◆ SePrivilegePolicyCheck()

NTSTATUS NTAPI SePrivilegePolicyCheck ( _Inout_ PACCESS_MASK  DesiredAccess,
_Inout_ PACCESS_MASK  GrantedAccess,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PTOKEN  Token,
_Out_opt_ PPRIVILEGE_SET OutPrivilegeSet,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 158 of file priv.c.

165 {
166  SIZE_T PrivilegeSize;
167  PPRIVILEGE_SET PrivilegeSet;
168  ULONG PrivilegeCount = 0, Index = 0;
170  PAGED_CODE();
171 
172  /* Check if we have a security subject context */
173  if (SubjectContext != NULL)
174  {
175  /* Check if there is a client impersonation token */
176  if (SubjectContext->ClientToken != NULL)
177  Token = SubjectContext->ClientToken;
178  else
179  Token = SubjectContext->PrimaryToken;
180  }
181 
182  /* Check if the caller wants ACCESS_SYSTEM_SECURITY access */
184  {
185  /* Do the privilege check */
187  {
188  /* Remember this access flag */
190  PrivilegeCount++;
191  }
192  else
193  {
195  }
196  }
197 
198  /* Check if the caller wants WRITE_OWNER access */
199  if (*DesiredAccess & WRITE_OWNER)
200  {
201  /* Do the privilege check */
203  {
204  /* Remember this access flag */
206  PrivilegeCount++;
207  }
208  }
209 
210  /* Update the access masks */
213 
214  /* Does the caller want a privilege set? */
215  if (OutPrivilegeSet != NULL)
216  {
217  /* Do we have any privileges to report? */
218  if (PrivilegeCount > 0)
219  {
220  /* Calculate size and allocate the structure */
221  PrivilegeSize = FIELD_OFFSET(PRIVILEGE_SET, Privilege[PrivilegeCount]);
222  PrivilegeSet = ExAllocatePoolWithTag(PagedPool, PrivilegeSize, TAG_PRIVILEGE_SET);
223  *OutPrivilegeSet = PrivilegeSet;
224  if (PrivilegeSet == NULL)
225  {
227  }
228 
229  PrivilegeSet->PrivilegeCount = PrivilegeCount;
230  PrivilegeSet->Control = 0;
231 
232  if (AccessMask & WRITE_OWNER)
233  {
234  PrivilegeSet->Privilege[Index].Luid = SeTakeOwnershipPrivilege;
236  Index++;
237  }
238 
240  {
241  PrivilegeSet->Privilege[Index].Luid = SeSecurityPrivilege;
243  }
244  }
245  else
246  {
247  /* No privileges, no structure */
248  *OutPrivilegeSet = NULL;
249  }
250  }
251 
252  return STATUS_SUCCESS;
253 }
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
$ULONG Control
Definition: setypes.h:87
#define WRITE_OWNER
Definition: nt_native.h:60
#define PAGED_CODE()
Definition: video.h:57
smooth NULL
Definition: ftsmooth.c:416
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
$ULONG PrivilegeCount
Definition: setypes.h:86
NTSTATUS NTAPI SepSinglePrivilegeCheck(LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:138
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
const LUID SeSecurityPrivilege
Definition: priv.c:29
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
static const UCHAR Index[8]
Definition: usbohci.c:18
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ULONG_PTR SIZE_T
Definition: typedefs.h:78
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:30
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
unsigned int ULONG
Definition: retypes.h:1
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
return STATUS_SUCCESS
Definition: btrfs.c:2725
ULONG ACCESS_MASK
Definition: nt_native.h:40

Referenced by NtAccessCheck(), and SepAccessCheck().

◆ SepSinglePrivilegeCheck()

NTSTATUS NTAPI SepSinglePrivilegeCheck ( LUID  PrivilegeValue,
PTOKEN  Token,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 138 of file priv.c.

142 {
144  PAGED_CODE();
145  ASSERT(!RtlEqualLuid(&PrivilegeValue, &SeTcbPrivilege));
146 
147  Privilege.Luid = PrivilegeValue;
148  Privilege.Attributes = SE_PRIVILEGE_ENABLED;
149  return SepPrivilegeCheck(Token,
150  &Privilege,
151  1,
153  PreviousMode);
154 }
const LUID SeTcbPrivilege
Definition: priv.c:28
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define PAGED_CODE()
Definition: video.h:57
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)

Referenced by SePrivilegePolicyCheck().

◆ SeReleaseLuidAndAttributesArray()

VOID NTAPI SeReleaseLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Privilege,
KPROCESSOR_MODE  PreviousMode,
BOOLEAN  CaptureIfKernel 
)

Definition at line 387 of file priv.c.

390 {
391  PAGED_CODE();
392 
393  if (Privilege != NULL &&
394  (PreviousMode != KernelMode || CaptureIfKernel))
395  {
397  }
398 }
#define PAGED_CODE()
Definition: video.h:57
smooth NULL
Definition: ftsmooth.c:416
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define TAG_LUID
Definition: tag.h:178
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeSinglePrivilegeCheck()

BOOLEAN NTAPI SeSinglePrivilegeCheck ( IN LUID  PrivilegeValue,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 524 of file priv.c.

526 {
528  PRIVILEGE_SET Priv;
529  BOOLEAN Result;
530 
531  PAGED_CODE();
532 
534 
535  Priv.PrivilegeCount = 1;
537  Priv.Privilege[0].Luid = PrivilegeValue;
539 
540  Result = SePrivilegeCheck(&Priv,
542  PreviousMode);
543 
544  if (PreviousMode != KernelMode)
545  {
548  &Priv,
549  Result);
550 
551  }
552 
554 
555  return Result;
556 }
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
$ULONG Control
Definition: setypes.h:87
#define PAGED_CODE()
Definition: video.h:57
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
$ULONG PrivilegeCount
Definition: setypes.h:86
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:491
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88

Referenced by add_device(), ApphelpCacheAccessCheck(), ExpRaiseHardError(), Ext2InvalidateVolumes(), FatCheckSystemSecurityAccess(), FFSInvalidateVolumes(), find_subvol(), fsctl_set_xattr(), invalidate_volumes(), IopUnloadDriver(), KsInstallBusEnumInterface(), KsRemoveBusEnumInterface(), mknod(), NtAllocateVirtualMemory(), NtCreatePagingFile(), NtCreateProfile(), NtCreateToken(), NtDisplayString(), NtGetPlugPlayEvent(), NtLoadDriver(), NtLoadKeyEx(), NtLockVirtualMemory(), NtMakePermanentObject(), NtOpenProcess(), NtOpenThread(), NtPlugPlayControl(), NtQuerySystemEnvironmentValue(), NtSaveKeyEx(), NtSaveMergedKeys(), NtSetDebugFilterState(), NtSetDefaultHardErrorPort(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationThread(), NtSetInformationToken(), NtSetSystemEnvironmentValue(), NtSetSystemPowerState(), NtSetSystemTime(), NtUnloadKey2(), NtUnlockVirtualMemory(), ObCreateObject(), ObpLookupObjectName(), pause_balance(), pause_scrub(), probe_volume(), PspSetPrimaryToken(), PspSetQuotaLimits(), query_scrub(), read_send_buffer(), recvd_subvol(), remove_device(), reserve_subvol(), reset_stats(), resize_device(), resume_balance(), resume_scrub(), RfsdInvalidateVolumes(), send_subvol(), SSI_DEF(), start_balance(), start_scrub(), stop_balance(), stop_scrub(), UDFCheckAccessRights(), UDFCommonCreate(), and UDFInvalidateVolumes().

Variable Documentation

◆ SeAssignPrimaryTokenPrivilege

const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)

Definition at line 24 of file priv.c.

Referenced by PspSetPrimaryToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeAuditPrivilege

const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)

Definition at line 42 of file priv.c.

Referenced by SeCheckAuditPrivilege(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeBackupPrivilege

◆ SeChangeNotifyPrivilege

const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)

Definition at line 44 of file priv.c.

◆ SeCreateGlobalPrivilege

const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)

Definition at line 51 of file priv.c.

◆ SeCreatePagefilePrivilege

const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)

Definition at line 36 of file priv.c.

Referenced by NtCreatePagingFile(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreatePermanentPrivilege

const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)

◆ SeCreateSymbolicLinkPrivilege

const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)

Definition at line 56 of file priv.c.

◆ SeCreateTokenPrivilege

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)

Definition at line 23 of file priv.c.

Referenced by NtCreateToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeDebugPrivilege

◆ SeEnableDelegationPrivilege

const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)

Definition at line 48 of file priv.c.

Referenced by SepInitExports().

◆ SeImpersonatePrivilege

const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)

Definition at line 50 of file priv.c.

◆ SeIncreaseBasePriorityPrivilege

const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)

Definition at line 35 of file priv.c.

Referenced by NtSetInformationProcess(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseQuotaPrivilege

const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)

Definition at line 26 of file priv.c.

Referenced by PspSetQuotaLimits(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseWorkingSetPrivilege

const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)

Definition at line 54 of file priv.c.

◆ SeLoadDriverPrivilege

const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)

◆ SeLockMemoryPrivilege

◆ SeManageVolumePrivilege

const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)

Definition at line 49 of file priv.c.

Referenced by SepInitExports().

◆ SeProfileSingleProcessPrivilege

const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)

Definition at line 34 of file priv.c.

Referenced by SepCreateSystemProcessToken(), and SepInitExports().

◆ SeRelabelPrivilege

const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)

Definition at line 53 of file priv.c.

◆ SeRemoteShutdownPrivilege

const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)

Definition at line 45 of file priv.c.

Referenced by SepInitExports().

◆ SeRestorePrivilege

◆ SeSecurityPrivilege

const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)

Definition at line 29 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeShutdownPrivilege

◆ SeSyncAgentPrivilege

const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)

Definition at line 47 of file priv.c.

Referenced by SepInitExports().

◆ SeSystemEnvironmentPrivilege

◆ SeSystemProfilePrivilege

const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)

Definition at line 32 of file priv.c.

Referenced by NtCreateProfile(), and SepInitExports().

◆ SeSystemtimePrivilege

const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)

Definition at line 33 of file priv.c.

Referenced by NtSetSystemTime(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeTakeOwnershipPrivilege

const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)

Definition at line 30 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeTcbPrivilege

◆ SeTimeZonePrivilege

const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)

Definition at line 55 of file priv.c.

◆ SeTrustedCredmanPrivilege

const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)

Definition at line 52 of file priv.c.

◆ SeUndockPrivilege

const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)

Definition at line 46 of file priv.c.

Referenced by SepInitExports().

◆ SeUnsolicitedInputPrivilege

const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)

Definition at line 27 of file priv.c.

Referenced by SepInitExports().