ReactOS  0.4.15-dev-1033-gd7d716a
Macros | Functions | Variables
priv.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for priv.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define CONST_LUID(x1, x2)   {x1, x2}
 

Functions

INIT_FUNCTION VOID NTAPI SepInitPrivileges (VOID)
 
BOOLEAN NTAPI SepPrivilegeCheck (PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SepSinglePrivilegeCheck (LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeAppendPrivileges (IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
 
VOID NTAPI SeFreePrivileges (IN PPRIVILEGE_SET Privileges)
 
BOOLEAN NTAPI SePrivilegeCheck (PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeSinglePrivilegeCheck (IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckPrivilegedObject (IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI NtPrivilegeCheck (IN HANDLE ClientToken, IN PPRIVILEGE_SET RequiredPrivileges, OUT PBOOLEAN Result)
 

Variables

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)
 
const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)
 
const LUID SeLockMemoryPrivilege = CONST_LUID(SE_LOCK_MEMORY_PRIVILEGE, 0)
 
const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)
 
const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)
 
const LUID SeTcbPrivilege = CONST_LUID(SE_TCB_PRIVILEGE, 0)
 
const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)
 
const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)
 
const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)
 
const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)
 
const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)
 
const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)
 
const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)
 
const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)
 
const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)
 
const LUID SeBackupPrivilege = CONST_LUID(SE_BACKUP_PRIVILEGE, 0)
 
const LUID SeRestorePrivilege = CONST_LUID(SE_RESTORE_PRIVILEGE, 0)
 
const LUID SeShutdownPrivilege = CONST_LUID(SE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeDebugPrivilege = CONST_LUID(SE_DEBUG_PRIVILEGE, 0)
 
const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)
 
const LUID SeSystemEnvironmentPrivilege = CONST_LUID(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0)
 
const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
 
const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)
 
const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)
 
const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)
 
const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)
 
const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
 
const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
 
const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)
 
const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)
 
const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)
 
const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)
 
const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)
 

Macro Definition Documentation

◆ CONST_LUID

#define CONST_LUID (   x1,
  x2 
)    {x1, x2}

Definition at line 22 of file priv.c.

◆ NDEBUG

#define NDEBUG

Definition at line 13 of file priv.c.

Function Documentation

◆ NtPrivilegeCheck()

NTSTATUS NTAPI NtPrivilegeCheck ( IN HANDLE  ClientToken,
IN PPRIVILEGE_SET  RequiredPrivileges,
OUT PBOOLEAN  Result 
)

Definition at line 600 of file priv.c.

603 {
604  PLUID_AND_ATTRIBUTES Privileges;
605  PTOKEN Token;
606  ULONG PrivilegeCount = 0;
607  ULONG PrivilegeControl = 0;
608  ULONG Length;
609  BOOLEAN CheckResult;
610  KPROCESSOR_MODE PreviousMode;
611  NTSTATUS Status;
612 
613  PAGED_CODE();
614 
615  PreviousMode = KeGetPreviousMode();
616 
617  /* probe the buffers */
618  if (PreviousMode != KernelMode)
619  {
620  _SEH2_TRY
621  {
622  ProbeForWrite(RequiredPrivileges,
623  FIELD_OFFSET(PRIVILEGE_SET,
624  Privilege),
625  sizeof(ULONG));
626 
627  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
628  PrivilegeControl = RequiredPrivileges->Control;
629 
630  /* Check PrivilegeCount to avoid an integer overflow! */
631  if (FIELD_OFFSET(PRIVILEGE_SET,
632  Privilege[PrivilegeCount]) /
633  sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
634  {
635  _SEH2_YIELD(return STATUS_INVALID_PARAMETER);
636  }
637 
638  /* probe all of the array */
639  ProbeForWrite(RequiredPrivileges,
640  FIELD_OFFSET(PRIVILEGE_SET,
641  Privilege[PrivilegeCount]),
642  sizeof(ULONG));
643 
644  ProbeForWriteBoolean(Result);
645  }
646  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
647  {
648  /* Return the exception code */
649  _SEH2_YIELD(return _SEH2_GetExceptionCode());
650  }
651  _SEH2_END;
652  }
653  else
654  {
655  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
656  PrivilegeControl = RequiredPrivileges->Control;
657  }
658 
659  /* reference the token and make sure we're
660  not doing an anonymous impersonation */
661  Status = ObReferenceObjectByHandle(ClientToken,
662  TOKEN_QUERY,
663  SeTokenObjectType,
664  PreviousMode,
665  (PVOID*)&Token,
666  NULL);
667  if (!NT_SUCCESS(Status))
668  {
669  return Status;
670  }
671 
672  if (Token->TokenType == TokenImpersonation &&
673  Token->ImpersonationLevel < SecurityIdentification)
674  {
675  ObDereferenceObject(Token);
676  return STATUS_BAD_IMPERSONATION_LEVEL;
677  }
678 
679  /* capture the privileges */
680  Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
681  PrivilegeCount,
682  PreviousMode,
683  NULL,
684  0,
685  PagedPool,
686  TRUE,
687  &Privileges,
688  &Length);
689  if (!NT_SUCCESS(Status))
690  {
691  ObDereferenceObject (Token);
692  return Status;
693  }
694 
695  CheckResult = SepPrivilegeCheck(Token,
696  Privileges,
697  PrivilegeCount,
698  PrivilegeControl,
699  PreviousMode);
700 
701  ObDereferenceObject(Token);
702 
703  /* return the array */
704  _SEH2_TRY
705  {
706  RtlCopyMemory(RequiredPrivileges->Privilege,
707  Privileges,
708  PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
709  *Result = CheckResult;
710  Status = STATUS_SUCCESS;
711  }
712  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
713  {
714  Status = _SEH2_GetExceptionCode();
715  }
716  _SEH2_END;
717 
718  SeReleaseLuidAndAttributesArray(Privileges,
719  PreviousMode,
720  TRUE);
721 
722  return Status;
723 }
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_BAD_IMPERSONATION_LEVEL
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
TRUE
#define TRUE
Definition: types.h:120
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
KeGetPreviousMode
#define KeGetPreviousMode()
Definition: ketypes.h:1107
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_PRIVILEGE_SET
Definition: setypes.h:85
ObDereferenceObject
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:34
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:874
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ProbeForWriteBoolean
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Status
Definition: gdiplustypes.h:24
_SEH2_END
_SEH2_END
Definition: create.c:4400
SeReleaseLuidAndAttributesArray
VOID NTAPI SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
Definition: priv.c:387
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
SeCaptureLuidAndAttributesArray
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
Definition: priv.c:291
ULONG
unsigned int ULONG
Definition: retypes.h:1
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
_TOKEN
Definition: setypes.h:151
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by PrivilegeCheck().

◆ SeAppendPrivileges()

NTSTATUS NTAPI SeAppendPrivileges ( IN OUT PACCESS_STATE  AccessState,
IN PPRIVILEGE_SET  Privileges 
)

Definition at line 407 of file priv.c.

409 {
410  PAUX_ACCESS_DATA AuxData;
411  ULONG OldPrivilegeSetSize;
412  ULONG NewPrivilegeSetSize;
413  PPRIVILEGE_SET PrivilegeSet;
414 
415  PAGED_CODE();
416 
417  /* Get the Auxiliary Data */
418  AuxData = AccessState->AuxData;
419 
420  /* Calculate the size of the old privilege set */
421  OldPrivilegeSetSize = sizeof(PRIVILEGE_SET) +
422  (AuxData->PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
423 
424  if (AuxData->PrivilegeSet->PrivilegeCount +
425  Privileges->PrivilegeCount > INITIAL_PRIVILEGE_COUNT)
426  {
427  /* Calculate the size of the new privilege set */
428  NewPrivilegeSetSize = OldPrivilegeSetSize +
429  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
430 
431  /* Allocate a new privilege set */
432  PrivilegeSet = ExAllocatePoolWithTag(PagedPool,
433  NewPrivilegeSetSize,
434  TAG_PRIVILEGE_SET);
435  if (PrivilegeSet == NULL)
436  return STATUS_INSUFFICIENT_RESOURCES;
437 
438  /* Copy original privileges from the acess state */
439  RtlCopyMemory(PrivilegeSet,
440  AuxData->PrivilegeSet,
441  OldPrivilegeSetSize);
442 
443  /* Append privileges from the privilege set*/
444  RtlCopyMemory((PVOID)((ULONG_PTR)PrivilegeSet + OldPrivilegeSetSize),
445  (PVOID)((ULONG_PTR)Privileges + sizeof(PRIVILEGE_SET) - sizeof(LUID_AND_ATTRIBUTES)),
446  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
447 
448  /* Adjust the number of privileges in the new privilege set */
449  PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
450 
451  /* Free the old privilege set if it was allocated */
452  if (AccessState->PrivilegesAllocated != FALSE)
453  ExFreePoolWithTag(AuxData->PrivilegeSet, TAG_PRIVILEGE_SET);
454 
455  /* Now we are using an allocated privilege set */
456  AccessState->PrivilegesAllocated = TRUE;
457 
458  /* Assign the new privileges to the access state */
459  AuxData->PrivilegeSet = PrivilegeSet;
460  }
461  else
462  {
463  /* Append privileges */
464  RtlCopyMemory((PVOID)((ULONG_PTR)AuxData->PrivilegeSet + OldPrivilegeSetSize),
465  (PVOID)((ULONG_PTR)Privileges + sizeof(PRIVILEGE_SET) - sizeof(LUID_AND_ATTRIBUTES)),
466  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
467 
468  /* Adjust the number of privileges in the target privilege set */
469  AuxData->PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
470  }
471 
472  return STATUS_SUCCESS;
473 }
_AUX_ACCESS_DATA::PrivilegeSet
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:187
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PRIVILEGE_SET
struct _PRIVILEGE_SET PRIVILEGE_SET
TRUE
#define TRUE
Definition: types.h:120
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
_PRIVILEGE_SET
Definition: setypes.h:85
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
FALSE
#define FALSE
Definition: types.h:117
NULL
smooth NULL
Definition: ftsmooth.c:416
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_AUX_ACCESS_DATA
Definition: setypes.h:185
INITIAL_PRIVILEGE_COUNT
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:144
ULONG
unsigned int ULONG
Definition: retypes.h:1
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by IopCheckBackupRestorePrivilege(), IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Src,
ULONG  PrivilegeCount,
KPROCESSOR_MODE  PreviousMode,
PLUID_AND_ATTRIBUTES  AllocatedMem,
ULONG  AllocatedLength,
POOL_TYPE  PoolType,
BOOLEAN  CaptureIfKernel,
PLUID_AND_ATTRIBUTES Dest,
PULONG  Length 
)

Definition at line 291 of file priv.c.

300 {
301  ULONG BufferSize;
302  NTSTATUS Status = STATUS_SUCCESS;
303 
304  PAGED_CODE();
305 
306  if (PrivilegeCount == 0)
307  {
308  *Dest = 0;
309  *Length = 0;
310  return STATUS_SUCCESS;
311  }
312 
313  if (PreviousMode == KernelMode && !CaptureIfKernel)
314  {
315  *Dest = Src;
316  return STATUS_SUCCESS;
317  }
318 
319  /* FIXME - check PrivilegeCount for a valid number so we don't
320  cause an integer overflow or exhaust system resources! */
321 
322  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
323  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
324 
325  /* probe the buffer */
326  if (PreviousMode != KernelMode)
327  {
328  _SEH2_TRY
329  {
330  ProbeForRead(Src,
331  BufferSize,
332  sizeof(ULONG));
333  }
334  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
335  {
336  /* Return the exception code */
337  _SEH2_YIELD(return _SEH2_GetExceptionCode());
338  }
339  _SEH2_END;
340  }
341 
342  /* allocate enough memory or check if the provided buffer is
343  large enough to hold the array */
344  if (AllocatedMem != NULL)
345  {
346  if (AllocatedLength < BufferSize)
347  {
348  return STATUS_BUFFER_TOO_SMALL;
349  }
350 
351  *Dest = AllocatedMem;
352  }
353  else
354  {
355  *Dest = ExAllocatePoolWithTag(PoolType,
356  BufferSize,
357  TAG_LUID);
358  if (*Dest == NULL)
359  {
360  return STATUS_INSUFFICIENT_RESOURCES;
361  }
362  }
363 
364  /* copy the array to the buffer */
365  _SEH2_TRY
366  {
367  RtlCopyMemory(*Dest,
368  Src,
369  BufferSize);
370  }
371  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
372  {
373  Status = _SEH2_GetExceptionCode();
374  }
375  _SEH2_END;
376 
377  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
378  {
379  ExFreePoolWithTag(*Dest, TAG_LUID);
380  }
381 
382  return Status;
383 }
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ROUND_UP
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NULL
smooth NULL
Definition: ftsmooth.c:416
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
TAG_LUID
#define TAG_LUID
Definition: tag.h:178
BufferSize
#define BufferSize
Definition: classpnp.h:436
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
Status
Status
Definition: gdiplustypes.h:24
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
_SEH2_END
Definition: create.c:4400
ULONG
unsigned int ULONG
Definition: retypes.h:1
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
PoolType
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 257 of file priv.c.

260 {
261  PRIVILEGE_SET PrivilegeSet;
262  BOOLEAN Result;
263  PAGED_CODE();
264 
265  /* Initialize the privilege set with the single privilege */
266  PrivilegeSet.PrivilegeCount = 1;
267  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
268  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
269  PrivilegeSet.Privilege[0].Attributes = 0;
270 
271  /* Check against the primary token! */
272  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
273  &PrivilegeSet.Privilege[0],
274  1,
275  PRIVILEGE_SET_ALL_NECESSARY,
276  PreviousMode);
277 
278  if (PreviousMode != KernelMode)
279  {
280  SePrivilegedServiceAuditAlarm(NULL,
281  SubjectContext,
282  &PrivilegeSet,
283  Result);
284  }
285 
286  return Result;
287 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
_PRIVILEGE_SET
Definition: setypes.h:85
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:42
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( IN LUID  PrivilegeValue,
IN HANDLE  ObjectHandle,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 560 of file priv.c.

564 {
565  SECURITY_SUBJECT_CONTEXT SubjectContext;
566  PRIVILEGE_SET Priv;
567  BOOLEAN Result;
568 
569  PAGED_CODE();
570 
571  SeCaptureSubjectContext(&SubjectContext);
572 
573  Priv.PrivilegeCount = 1;
574  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
575  Priv.Privilege[0].Luid = PrivilegeValue;
576  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
577 
578  Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
579  if (PreviousMode != KernelMode)
580  {
581 #if 0
582  SePrivilegeObjectAuditAlarm(ObjectHandle,
583  &SubjectContext,
584  DesiredAccess,
585  &PrivilegeValue,
586  Result,
587  PreviousMode);
588 #endif
589  }
590 
591  SeReleaseSubjectContext(&SubjectContext);
592 
593  return Result;
594 }
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:491
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4137
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
SePrivilegeObjectAuditAlarm
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
Definition: audit.c:845
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtSetInformationProcess().

◆ SeFreePrivileges()

VOID NTAPI SeFreePrivileges ( IN PPRIVILEGE_SET  Privileges)

Definition at line 480 of file priv.c.

481 {
482  PAGED_CODE();
483  ExFreePoolWithTag(Privileges, TAG_PRIVILEGE_SET);
484 }
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NtAccessCheck(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SepInitPrivileges()

INIT_FUNCTION VOID NTAPI SepInitPrivileges ( VOID  )

Definition at line 64 of file priv.c.

65 {
66 
67 }

Referenced by SepInitializationPhase0().

◆ SepPrivilegeCheck()

BOOLEAN NTAPI SepPrivilegeCheck ( PTOKEN  Token,
PLUID_AND_ATTRIBUTES  Privileges,
ULONG  PrivilegeCount,
ULONG  PrivilegeControl,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 72 of file priv.c.

77 {
78  ULONG i;
79  ULONG j;
80  ULONG Required;
81 
82  DPRINT("SepPrivilegeCheck() called\n");
83 
84  PAGED_CODE();
85 
86  if (PreviousMode == KernelMode)
87  return TRUE;
88 
89  /* Get the number of privileges that are required to match */
90  Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
91 
92  /* Acquire a shared token lock */
93  SepAcquireTokenLockShared(Token);
94 
95  /* Loop all requested privileges until we found the required ones */
96  for (i = 0; i < PrivilegeCount; i++)
97  {
98  /* Loop the privileges of the token */
99  for (j = 0; j < Token->PrivilegeCount; j++)
100  {
101  /* Check if the LUIDs match */
102  if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
103  {
104  DPRINT("Found privilege. Attributes: %lx\n",
105  Token->Privileges[j].Attributes);
106 
107  /* Check if the privilege is enabled */
108  if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
109  {
110  Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
111  Required--;
112 
113  /* Check if we have found all privileges */
114  if (Required == 0)
115  {
116  /* We're done! */
117  SepReleaseTokenLock(Token);
118  return TRUE;
119  }
120  }
121 
122  /* Leave the inner loop */
123  break;
124  }
125  }
126  }
127 
128  /* Release the token lock */
129  SepReleaseTokenLock(Token);
130 
131  /* When we reached this point, we did not find all privileges */
132  ASSERT(Required > 0);
133  return FALSE;
134 }
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
FALSE
#define FALSE
Definition: types.h:117
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
DPRINT
void DPRINT(...)
Definition: polytest.cpp:61
SE_PRIVILEGE_USED_FOR_ACCESS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
j
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:211
SepAcquireTokenLockShared
#define SepAcquireTokenLockShared(Token)
Definition: se.h:205
ULONG
unsigned int ULONG
Definition: retypes.h:1
Required
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
Definition: newmm.h:66
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtPrivilegeCheck(), SeCheckAuditPrivilege(), SePrivilegeCheck(), and SepSinglePrivilegeCheck().

◆ SePrivilegeCheck()

BOOLEAN NTAPI SePrivilegeCheck ( PPRIVILEGE_SET  Privileges,
PSECURITY_SUBJECT_CONTEXT  SubjectContext,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 491 of file priv.c.

494 {
495  PACCESS_TOKEN Token = NULL;
496 
497  PAGED_CODE();
498 
499  if (SubjectContext->ClientToken == NULL)
500  {
501  Token = SubjectContext->PrimaryToken;
502  }
503  else
504  {
505  Token = SubjectContext->ClientToken;
506  if (SubjectContext->ImpersonationLevel < 2)
507  {
508  return FALSE;
509  }
510  }
511 
512  return SepPrivilegeCheck(Token,
513  Privileges->Privilege,
514  Privileges->PrivilegeCount,
515  Privileges->Control,
516  PreviousMode);
517 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
FALSE
#define FALSE
Definition: types.h:117
NULL
smooth NULL
Definition: ftsmooth.c:416
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by FatCheckManageVolumeAccess(), has_manage_volume_privilege(), HasPrivilege(), IopCheckBackupRestorePrivilege(), SeCheckPrivilegedObject(), SeSinglePrivilegeCheck(), and START_TEST().

◆ SePrivilegePolicyCheck()

NTSTATUS NTAPI SePrivilegePolicyCheck ( _Inout_ PACCESS_MASK  DesiredAccess,
_Inout_ PACCESS_MASK  GrantedAccess,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PTOKEN  Token,
_Out_opt_ PPRIVILEGE_SET OutPrivilegeSet,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 158 of file priv.c.

165 {
166  SIZE_T PrivilegeSize;
167  PPRIVILEGE_SET PrivilegeSet;
168  ULONG PrivilegeCount = 0, Index = 0;
169  ACCESS_MASK AccessMask = 0;
170  PAGED_CODE();
171 
172  /* Check if we have a security subject context */
173  if (SubjectContext != NULL)
174  {
175  /* Check if there is a client impersonation token */
176  if (SubjectContext->ClientToken != NULL)
177  Token = SubjectContext->ClientToken;
178  else
179  Token = SubjectContext->PrimaryToken;
180  }
181 
182  /* Check if the caller wants ACCESS_SYSTEM_SECURITY access */
183  if (*DesiredAccess & ACCESS_SYSTEM_SECURITY)
184  {
185  /* Do the privilege check */
186  if (SepSinglePrivilegeCheck(SeSecurityPrivilege, Token, PreviousMode))
187  {
188  /* Remember this access flag */
189  AccessMask |= ACCESS_SYSTEM_SECURITY;
190  PrivilegeCount++;
191  }
192  else
193  {
194  return STATUS_PRIVILEGE_NOT_HELD;
195  }
196  }
197 
198  /* Check if the caller wants WRITE_OWNER access */
199  if (*DesiredAccess & WRITE_OWNER)
200  {
201  /* Do the privilege check */
202  if (SepSinglePrivilegeCheck(SeTakeOwnershipPrivilege, Token, PreviousMode))
203  {
204  /* Remember this access flag */
205  AccessMask |= WRITE_OWNER;
206  PrivilegeCount++;
207  }
208  }
209 
210  /* Update the access masks */
211  *GrantedAccess |= AccessMask;
212  *DesiredAccess &= ~AccessMask;
213 
214  /* Does the caller want a privilege set? */
215  if (OutPrivilegeSet != NULL)
216  {
217  /* Do we have any privileges to report? */
218  if (PrivilegeCount > 0)
219  {
220  /* Calculate size and allocate the structure */
221  PrivilegeSize = FIELD_OFFSET(PRIVILEGE_SET, Privilege[PrivilegeCount]);
222  PrivilegeSet = ExAllocatePoolWithTag(PagedPool, PrivilegeSize, TAG_PRIVILEGE_SET);
223  *OutPrivilegeSet = PrivilegeSet;
224  if (PrivilegeSet == NULL)
225  {
226  return STATUS_INSUFFICIENT_RESOURCES;
227  }
228 
229  PrivilegeSet->PrivilegeCount = PrivilegeCount;
230  PrivilegeSet->Control = 0;
231 
232  if (AccessMask & WRITE_OWNER)
233  {
234  PrivilegeSet->Privilege[Index].Luid = SeTakeOwnershipPrivilege;
235  PrivilegeSet->Privilege[Index].Attributes = SE_PRIVILEGE_USED_FOR_ACCESS;
236  Index++;
237  }
238 
239  if (AccessMask & ACCESS_SYSTEM_SECURITY)
240  {
241  PrivilegeSet->Privilege[Index].Luid = SeSecurityPrivilege;
242  PrivilegeSet->Privilege[Index].Attributes = SE_PRIVILEGE_USED_FOR_ACCESS;
243  }
244  }
245  else
246  {
247  /* No privileges, no structure */
248  *OutPrivilegeSet = NULL;
249  }
250  }
251 
252  return STATUS_SUCCESS;
253 }
STATUS_PRIVILEGE_NOT_HELD
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
NULL
smooth NULL
Definition: ftsmooth.c:416
SE_PRIVILEGE_USED_FOR_ACCESS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
SepSinglePrivilegeCheck
NTSTATUS NTAPI SepSinglePrivilegeCheck(LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:138
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SeSecurityPrivilege
const LUID SeSecurityPrivilege
Definition: priv.c:29
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
Index
static const UCHAR Index[8]
Definition: usbohci.c:18
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
SeTakeOwnershipPrivilege
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:30
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4137
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
ULONG
unsigned int ULONG
Definition: retypes.h:1
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAccessCheck(), and SepAccessCheck().

◆ SepSinglePrivilegeCheck()

NTSTATUS NTAPI SepSinglePrivilegeCheck ( LUID  PrivilegeValue,
PTOKEN  Token,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 138 of file priv.c.

142 {
143  LUID_AND_ATTRIBUTES Privilege;
144  PAGED_CODE();
145  ASSERT(!RtlEqualLuid(&PrivilegeValue, &SeTcbPrivilege));
146 
147  Privilege.Luid = PrivilegeValue;
148  Privilege.Attributes = SE_PRIVILEGE_ENABLED;
149  return SepPrivilegeCheck(Token,
150  &Privilege,
151  1,
152  PRIVILEGE_SET_ALL_NECESSARY,
153  PreviousMode);
154 }
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:28
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:72
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by SePrivilegePolicyCheck().

◆ SeReleaseLuidAndAttributesArray()

VOID NTAPI SeReleaseLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Privilege,
KPROCESSOR_MODE  PreviousMode,
BOOLEAN  CaptureIfKernel 
)

Definition at line 387 of file priv.c.

390 {
391  PAGED_CODE();
392 
393  if (Privilege != NULL &&
394  (PreviousMode != KernelMode || CaptureIfKernel))
395  {
396  ExFreePoolWithTag(Privilege, TAG_LUID);
397  }
398 }
NULL
smooth NULL
Definition: ftsmooth.c:416
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
TAG_LUID
#define TAG_LUID
Definition: tag.h:178
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeSinglePrivilegeCheck()

BOOLEAN NTAPI SeSinglePrivilegeCheck ( IN LUID  PrivilegeValue,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 524 of file priv.c.

526 {
527  SECURITY_SUBJECT_CONTEXT SubjectContext;
528  PRIVILEGE_SET Priv;
529  BOOLEAN Result;
530 
531  PAGED_CODE();
532 
533  SeCaptureSubjectContext(&SubjectContext);
534 
535  Priv.PrivilegeCount = 1;
536  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
537  Priv.Privilege[0].Luid = PrivilegeValue;
538  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
539 
540  Result = SePrivilegeCheck(&Priv,
541  &SubjectContext,
542  PreviousMode);
543 
544  if (PreviousMode != KernelMode)
545  {
546  SePrivilegedServiceAuditAlarm(NULL,
547  &SubjectContext,
548  &Priv,
549  Result);
550 
551  }
552 
553  SeReleaseSubjectContext(&SubjectContext);
554 
555  return Result;
556 }
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:491
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by add_device(), ApphelpCacheAccessCheck(), ExpRaiseHardError(), Ext2InvalidateVolumes(), FatCheckSystemSecurityAccess(), FFSInvalidateVolumes(), find_subvol(), fsctl_set_xattr(), invalidate_volumes(), ioctl_unload(), IopUnloadDriver(), KsInstallBusEnumInterface(), KsRemoveBusEnumInterface(), mknod(), NtAllocateVirtualMemory(), NtCreatePagingFile(), NtCreateProfile(), NtCreateToken(), NtDisplayString(), NtGetPlugPlayEvent(), NtLoadDriver(), NtLoadKeyEx(), NtLockVirtualMemory(), NtMakePermanentObject(), NtOpenProcess(), NtOpenThread(), NtPlugPlayControl(), NtQuerySystemEnvironmentValue(), NtSaveKeyEx(), NtSaveMergedKeys(), NtSetDebugFilterState(), NtSetDefaultHardErrorPort(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationThread(), NtSetInformationToken(), NtSetSystemEnvironmentValue(), NtSetSystemPowerState(), NtSetSystemTime(), NtUnloadKey2(), NtUnlockVirtualMemory(), ObCreateObject(), ObpLookupObjectName(), pause_balance(), pause_scrub(), probe_volume(), PspSetPrimaryToken(), PspSetQuotaLimits(), query_scrub(), read_send_buffer(), recvd_subvol(), remove_device(), reserve_subvol(), reset_stats(), resize_device(), resume_balance(), resume_scrub(), RfsdInvalidateVolumes(), send_subvol(), SSI_DEF(), start_balance(), start_scrub(), stop_balance(), stop_scrub(), UDFCheckAccessRights(), UDFCommonCreate(), and UDFInvalidateVolumes().

Variable Documentation

◆ SeAssignPrimaryTokenPrivilege

const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)

Definition at line 24 of file priv.c.

Referenced by PspSetPrimaryToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeAuditPrivilege

const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)

Definition at line 42 of file priv.c.

Referenced by SeCheckAuditPrivilege(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeBackupPrivilege

const LUID SeBackupPrivilege = CONST_LUID(SE_BACKUP_PRIVILEGE, 0)

Definition at line 38 of file priv.c.

Referenced by IopCheckBackupRestorePrivilege(), NtSaveKeyEx(), NtSaveMergedKeys(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeChangeNotifyPrivilege

const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)

Definition at line 44 of file priv.c.

◆ SeCreateGlobalPrivilege

const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)

Definition at line 51 of file priv.c.

◆ SeCreatePagefilePrivilege

const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)

Definition at line 36 of file priv.c.

Referenced by NtCreatePagingFile(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreatePermanentPrivilege

const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)

Definition at line 37 of file priv.c.

Referenced by NtMakePermanentObject(), ObCreateObject(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreateSymbolicLinkPrivilege

const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)

Definition at line 56 of file priv.c.

◆ SeCreateTokenPrivilege

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)

Definition at line 23 of file priv.c.

Referenced by NtCreateToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeDebugPrivilege

const LUID SeDebugPrivilege = CONST_LUID(SE_DEBUG_PRIVILEGE, 0)

Definition at line 41 of file priv.c.

Referenced by NtOpenProcess(), NtOpenThread(), NtSetDebugFilterState(), NtSetInformationProcess(), NtSetInformationThread(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeEnableDelegationPrivilege

const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)

Definition at line 48 of file priv.c.

Referenced by SepInitExports().

◆ SeImpersonatePrivilege

const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)

Definition at line 50 of file priv.c.

◆ SeIncreaseBasePriorityPrivilege

const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)

Definition at line 35 of file priv.c.

Referenced by NtSetInformationProcess(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseQuotaPrivilege

const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)

Definition at line 26 of file priv.c.

Referenced by PspSetQuotaLimits(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseWorkingSetPrivilege

const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)

Definition at line 54 of file priv.c.

◆ SeLoadDriverPrivilege

const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)

Definition at line 31 of file priv.c.

Referenced by IopUnloadDriver(), NtLoadDriver(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeLockMemoryPrivilege

const LUID SeLockMemoryPrivilege = CONST_LUID(SE_LOCK_MEMORY_PRIVILEGE, 0)

Definition at line 25 of file priv.c.

Referenced by NtAllocateVirtualMemory(), NtLockVirtualMemory(), NtUnlockVirtualMemory(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeManageVolumePrivilege

const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)

Definition at line 49 of file priv.c.

Referenced by SepInitExports().

◆ SeProfileSingleProcessPrivilege

const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)

Definition at line 34 of file priv.c.

Referenced by SepCreateSystemProcessToken(), and SepInitExports().

◆ SeRelabelPrivilege

const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)

Definition at line 53 of file priv.c.

◆ SeRemoteShutdownPrivilege

const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)

Definition at line 45 of file priv.c.

Referenced by SepInitExports().

◆ SeRestorePrivilege

const LUID SeRestorePrivilege = CONST_LUID(SE_RESTORE_PRIVILEGE, 0)

Definition at line 39 of file priv.c.

Referenced by IopCheckBackupRestorePrivilege(), NtLoadKeyEx(), NtUnloadKey2(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSecurityPrivilege

const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)

Definition at line 29 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeShutdownPrivilege

const LUID SeShutdownPrivilege = CONST_LUID(SE_SHUTDOWN_PRIVILEGE, 0)

Definition at line 40 of file priv.c.

Referenced by ExpRaiseHardError(), NtSetSystemPowerState(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSyncAgentPrivilege

const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)

Definition at line 47 of file priv.c.

Referenced by SepInitExports().

◆ SeSystemEnvironmentPrivilege

const LUID SeSystemEnvironmentPrivilege = CONST_LUID(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0)

Definition at line 43 of file priv.c.

Referenced by NtQuerySystemEnvironmentValue(), NtSetSystemEnvironmentValue(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSystemProfilePrivilege

const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)

Definition at line 32 of file priv.c.

Referenced by NtCreateProfile(), and SepInitExports().

◆ SeSystemtimePrivilege

const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)

Definition at line 33 of file priv.c.

Referenced by NtSetSystemTime(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeTakeOwnershipPrivilege

const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)

Definition at line 30 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeTcbPrivilege

const LUID SeTcbPrivilege = CONST_LUID(SE_TCB_PRIVILEGE, 0)

Definition at line 28 of file priv.c.

Referenced by ApphelpCacheAccessCheck(), ExpRaiseHardError(), NtDisplayString(), NtGetPlugPlayEvent(), NtPlugPlayControl(), NtSetDefaultHardErrorPort(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationToken(), SepCreateSystemProcessToken(), SepInitExports(), SepSinglePrivilegeCheck(), and SSI_DEF().

◆ SeTimeZonePrivilege

const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)

Definition at line 55 of file priv.c.

◆ SeTrustedCredmanPrivilege

const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)

Definition at line 52 of file priv.c.

◆ SeUndockPrivilege

const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)

Definition at line 46 of file priv.c.

Referenced by SepInitExports().

◆ SeUnsolicitedInputPrivilege

const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)

Definition at line 27 of file priv.c.

Referenced by SepInitExports().