ReactOS  0.4.15-dev-2972-gda2a567
Macros | Functions | Variables
priv.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for priv.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define CONST_LUID(x1, x2)   {x1, x2}
 

Functions

VOID NTAPI SepInitPrivileges (VOID)
 
BOOLEAN NTAPI SepPrivilegeCheck (PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SepSinglePrivilegeCheck (LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SePrivilegePolicyCheck (_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckAuditPrivilege (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
 
VOID NTAPI SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
 
NTSTATUS NTAPI SeAppendPrivileges (IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
 
VOID NTAPI SeFreePrivileges (IN PPRIVILEGE_SET Privileges)
 
BOOLEAN NTAPI SePrivilegeCheck (PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeSinglePrivilegeCheck (IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
 
BOOLEAN NTAPI SeCheckPrivilegedObject (IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
 
NTSTATUS NTAPI NtPrivilegeCheck (IN HANDLE ClientToken, IN PPRIVILEGE_SET RequiredPrivileges, OUT PBOOLEAN Result)
 

Variables

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)
 
const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)
 
const LUID SeLockMemoryPrivilege = CONST_LUID(SE_LOCK_MEMORY_PRIVILEGE, 0)
 
const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)
 
const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)
 
const LUID SeTcbPrivilege = CONST_LUID(SE_TCB_PRIVILEGE, 0)
 
const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)
 
const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)
 
const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)
 
const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)
 
const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)
 
const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)
 
const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)
 
const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)
 
const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)
 
const LUID SeBackupPrivilege = CONST_LUID(SE_BACKUP_PRIVILEGE, 0)
 
const LUID SeRestorePrivilege = CONST_LUID(SE_RESTORE_PRIVILEGE, 0)
 
const LUID SeShutdownPrivilege = CONST_LUID(SE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeDebugPrivilege = CONST_LUID(SE_DEBUG_PRIVILEGE, 0)
 
const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)
 
const LUID SeSystemEnvironmentPrivilege = CONST_LUID(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0)
 
const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
 
const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)
 
const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)
 
const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)
 
const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)
 
const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)
 
const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
 
const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
 
const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)
 
const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)
 
const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)
 
const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)
 
const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)
 

Macro Definition Documentation

◆ CONST_LUID

#define CONST_LUID (   x1,
  x2 
)    {x1, x2}

Definition at line 18 of file priv.c.

◆ NDEBUG

#define NDEBUG

Definition at line 13 of file priv.c.

Function Documentation

◆ NtPrivilegeCheck()

NTSTATUS NTAPI NtPrivilegeCheck ( IN HANDLE  ClientToken,
IN PPRIVILEGE_SET  RequiredPrivileges,
OUT PBOOLEAN  Result 
)

Definition at line 596 of file priv.c.

599 {
600  PLUID_AND_ATTRIBUTES Privileges;
601  PTOKEN Token;
602  ULONG PrivilegeCount = 0;
603  ULONG PrivilegeControl = 0;
604  ULONG Length;
605  BOOLEAN CheckResult;
606  KPROCESSOR_MODE PreviousMode;
607  NTSTATUS Status;
608 
609  PAGED_CODE();
610 
611  PreviousMode = KeGetPreviousMode();
612 
613  /* probe the buffers */
614  if (PreviousMode != KernelMode)
615  {
616  _SEH2_TRY
617  {
618  ProbeForWrite(RequiredPrivileges,
619  FIELD_OFFSET(PRIVILEGE_SET,
620  Privilege),
621  sizeof(ULONG));
622 
623  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
624  PrivilegeControl = RequiredPrivileges->Control;
625 
626  /* Check PrivilegeCount to avoid an integer overflow! */
627  if (FIELD_OFFSET(PRIVILEGE_SET,
628  Privilege[PrivilegeCount]) /
629  sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
630  {
631  _SEH2_YIELD(return STATUS_INVALID_PARAMETER);
632  }
633 
634  /* probe all of the array */
635  ProbeForWrite(RequiredPrivileges,
636  FIELD_OFFSET(PRIVILEGE_SET,
637  Privilege[PrivilegeCount]),
638  sizeof(ULONG));
639 
640  ProbeForWriteBoolean(Result);
641  }
642  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
643  {
644  /* Return the exception code */
645  _SEH2_YIELD(return _SEH2_GetExceptionCode());
646  }
647  _SEH2_END;
648  }
649  else
650  {
651  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
652  PrivilegeControl = RequiredPrivileges->Control;
653  }
654 
655  /* reference the token and make sure we're
656  not doing an anonymous impersonation */
657  Status = ObReferenceObjectByHandle(ClientToken,
658  TOKEN_QUERY,
659  SeTokenObjectType,
660  PreviousMode,
661  (PVOID*)&Token,
662  NULL);
663  if (!NT_SUCCESS(Status))
664  {
665  return Status;
666  }
667 
668  if (Token->TokenType == TokenImpersonation &&
669  Token->ImpersonationLevel < SecurityIdentification)
670  {
671  ObDereferenceObject(Token);
672  return STATUS_BAD_IMPERSONATION_LEVEL;
673  }
674 
675  /* capture the privileges */
676  Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
677  PrivilegeCount,
678  PreviousMode,
679  NULL,
680  0,
681  PagedPool,
682  TRUE,
683  &Privileges,
684  &Length);
685  if (!NT_SUCCESS(Status))
686  {
687  ObDereferenceObject (Token);
688  return Status;
689  }
690 
691  CheckResult = SepPrivilegeCheck(Token,
692  Privileges,
693  PrivilegeCount,
694  PrivilegeControl,
695  PreviousMode);
696 
697  ObDereferenceObject(Token);
698 
699  /* return the array */
700  _SEH2_TRY
701  {
702  RtlCopyMemory(RequiredPrivileges->Privilege,
703  Privileges,
704  PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
705  *Result = CheckResult;
706  Status = STATUS_SUCCESS;
707  }
708  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
709  {
710  Status = _SEH2_GetExceptionCode();
711  }
712  _SEH2_END;
713 
714  SeReleaseLuidAndAttributesArray(Privileges,
715  PreviousMode,
716  TRUE);
717 
718  return Status;
719 }
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
STATUS_BAD_IMPERSONATION_LEVEL
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
TRUE
#define TRUE
Definition: types.h:120
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
KeGetPreviousMode
#define KeGetPreviousMode()
Definition: ketypes.h:1107
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_PRIVILEGE_SET
Definition: setypes.h:85
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:878
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:68
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
ProbeForWriteBoolean
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_SEH2_END
_SEH2_END
Definition: create.c:4400
SeReleaseLuidAndAttributesArray
VOID NTAPI SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
Definition: priv.c:383
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
NULL
#define NULL
Definition: types.h:112
SeCaptureLuidAndAttributesArray
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
Definition: priv.c:287
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
_TOKEN
Definition: setypes.h:197
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by PrivilegeCheck().

◆ SeAppendPrivileges()

NTSTATUS NTAPI SeAppendPrivileges ( IN OUT PACCESS_STATE  AccessState,
IN PPRIVILEGE_SET  Privileges 
)

Definition at line 403 of file priv.c.

405 {
406  PAUX_ACCESS_DATA AuxData;
407  ULONG OldPrivilegeSetSize;
408  ULONG NewPrivilegeSetSize;
409  PPRIVILEGE_SET PrivilegeSet;
410 
411  PAGED_CODE();
412 
413  /* Get the Auxiliary Data */
414  AuxData = AccessState->AuxData;
415 
416  /* Calculate the size of the old privilege set */
417  OldPrivilegeSetSize = sizeof(PRIVILEGE_SET) +
418  (AuxData->PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
419 
420  if (AuxData->PrivilegeSet->PrivilegeCount +
421  Privileges->PrivilegeCount > INITIAL_PRIVILEGE_COUNT)
422  {
423  /* Calculate the size of the new privilege set */
424  NewPrivilegeSetSize = OldPrivilegeSetSize +
425  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
426 
427  /* Allocate a new privilege set */
428  PrivilegeSet = ExAllocatePoolWithTag(PagedPool,
429  NewPrivilegeSetSize,
430  TAG_PRIVILEGE_SET);
431  if (PrivilegeSet == NULL)
432  return STATUS_INSUFFICIENT_RESOURCES;
433 
434  /* Copy original privileges from the acess state */
435  RtlCopyMemory(PrivilegeSet,
436  AuxData->PrivilegeSet,
437  OldPrivilegeSetSize);
438 
439  /* Append privileges from the privilege set*/
440  RtlCopyMemory((PVOID)((ULONG_PTR)PrivilegeSet + OldPrivilegeSetSize),
441  (PVOID)((ULONG_PTR)Privileges + sizeof(PRIVILEGE_SET) - sizeof(LUID_AND_ATTRIBUTES)),
442  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
443 
444  /* Adjust the number of privileges in the new privilege set */
445  PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
446 
447  /* Free the old privilege set if it was allocated */
448  if (AccessState->PrivilegesAllocated != FALSE)
449  ExFreePoolWithTag(AuxData->PrivilegeSet, TAG_PRIVILEGE_SET);
450 
451  /* Now we are using an allocated privilege set */
452  AccessState->PrivilegesAllocated = TRUE;
453 
454  /* Assign the new privileges to the access state */
455  AuxData->PrivilegeSet = PrivilegeSet;
456  }
457  else
458  {
459  /* Append privileges */
460  RtlCopyMemory((PVOID)((ULONG_PTR)AuxData->PrivilegeSet + OldPrivilegeSetSize),
461  (PVOID)((ULONG_PTR)Privileges + sizeof(PRIVILEGE_SET) - sizeof(LUID_AND_ATTRIBUTES)),
462  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
463 
464  /* Adjust the number of privileges in the target privilege set */
465  AuxData->PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
466  }
467 
468  return STATUS_SUCCESS;
469 }
_AUX_ACCESS_DATA::PrivilegeSet
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:234
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PRIVILEGE_SET
struct _PRIVILEGE_SET PRIVILEGE_SET
TRUE
#define TRUE
Definition: types.h:120
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
_PRIVILEGE_SET
Definition: setypes.h:85
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
FALSE
#define FALSE
Definition: types.h:117
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_AUX_ACCESS_DATA
Definition: setypes.h:232
NULL
#define NULL
Definition: types.h:112
INITIAL_PRIVILEGE_COUNT
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:144
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by IopCheckBackupRestorePrivilege(), IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SeCaptureLuidAndAttributesArray()

NTSTATUS NTAPI SeCaptureLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Src,
ULONG  PrivilegeCount,
KPROCESSOR_MODE  PreviousMode,
PLUID_AND_ATTRIBUTES  AllocatedMem,
ULONG  AllocatedLength,
POOL_TYPE  PoolType,
BOOLEAN  CaptureIfKernel,
PLUID_AND_ATTRIBUTES Dest,
PULONG  Length 
)

Definition at line 287 of file priv.c.

296 {
297  ULONG BufferSize;
298  NTSTATUS Status = STATUS_SUCCESS;
299 
300  PAGED_CODE();
301 
302  if (PrivilegeCount == 0)
303  {
304  *Dest = 0;
305  *Length = 0;
306  return STATUS_SUCCESS;
307  }
308 
309  if (PreviousMode == KernelMode && !CaptureIfKernel)
310  {
311  *Dest = Src;
312  return STATUS_SUCCESS;
313  }
314 
315  /* FIXME - check PrivilegeCount for a valid number so we don't
316  cause an integer overflow or exhaust system resources! */
317 
318  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
319  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
320 
321  /* probe the buffer */
322  if (PreviousMode != KernelMode)
323  {
324  _SEH2_TRY
325  {
326  ProbeForRead(Src,
327  BufferSize,
328  sizeof(ULONG));
329  }
330  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
331  {
332  /* Return the exception code */
333  _SEH2_YIELD(return _SEH2_GetExceptionCode());
334  }
335  _SEH2_END;
336  }
337 
338  /* allocate enough memory or check if the provided buffer is
339  large enough to hold the array */
340  if (AllocatedMem != NULL)
341  {
342  if (AllocatedLength < BufferSize)
343  {
344  return STATUS_BUFFER_TOO_SMALL;
345  }
346 
347  *Dest = AllocatedMem;
348  }
349  else
350  {
351  *Dest = ExAllocatePoolWithTag(PoolType,
352  BufferSize,
353  TAG_LUID);
354  if (*Dest == NULL)
355  {
356  return STATUS_INSUFFICIENT_RESOURCES;
357  }
358  }
359 
360  /* copy the array to the buffer */
361  _SEH2_TRY
362  {
363  RtlCopyMemory(*Dest,
364  Src,
365  BufferSize);
366  }
367  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
368  {
369  Status = _SEH2_GetExceptionCode();
370  }
371  _SEH2_END;
372 
373  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
374  {
375  ExFreePoolWithTag(*Dest, TAG_LUID);
376  }
377 
378  return Status;
379 }
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
ROUND_UP
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
LUID_AND_ATTRIBUTES
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
TAG_LUID
#define TAG_LUID
Definition: tag.h:178
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
_SEH2_END
_SEH2_END
Definition: create.c:4400
NULL
#define NULL
Definition: types.h:112
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
BufferSize
#define BufferSize
Definition: mmc.h:75
BufferSize
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:251
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeCheckAuditPrivilege()

BOOLEAN NTAPI SeCheckAuditPrivilege ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 253 of file priv.c.

256 {
257  PRIVILEGE_SET PrivilegeSet;
258  BOOLEAN Result;
259  PAGED_CODE();
260 
261  /* Initialize the privilege set with the single privilege */
262  PrivilegeSet.PrivilegeCount = 1;
263  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
264  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
265  PrivilegeSet.Privilege[0].Attributes = 0;
266 
267  /* Check against the primary token! */
268  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
269  &PrivilegeSet.Privilege[0],
270  1,
271  PRIVILEGE_SET_ALL_NECESSARY,
272  PreviousMode);
273 
274  if (PreviousMode != KernelMode)
275  {
276  SePrivilegedServiceAuditAlarm(NULL,
277  SubjectContext,
278  &PrivilegeSet,
279  Result);
280  }
281 
282  return Result;
283 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
_PRIVILEGE_SET
Definition: setypes.h:85
SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:38
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:68
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
NULL
#define NULL
Definition: types.h:112
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), and SepAccessCheckAndAuditAlarm().

◆ SeCheckPrivilegedObject()

BOOLEAN NTAPI SeCheckPrivilegedObject ( IN LUID  PrivilegeValue,
IN HANDLE  ObjectHandle,
IN ACCESS_MASK  DesiredAccess,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 556 of file priv.c.

560 {
561  SECURITY_SUBJECT_CONTEXT SubjectContext;
562  PRIVILEGE_SET Priv;
563  BOOLEAN Result;
564 
565  PAGED_CODE();
566 
567  SeCaptureSubjectContext(&SubjectContext);
568 
569  Priv.PrivilegeCount = 1;
570  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
571  Priv.Privilege[0].Luid = PrivilegeValue;
572  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
573 
574  Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
575  if (PreviousMode != KernelMode)
576  {
577 #if 0
578  SePrivilegeObjectAuditAlarm(ObjectHandle,
579  &SubjectContext,
580  DesiredAccess,
581  &PrivilegeValue,
582  Result,
583  PreviousMode);
584 #endif
585  }
586 
587  SeReleaseSubjectContext(&SubjectContext);
588 
589  return Result;
590 }
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:487
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
SePrivilegeObjectAuditAlarm
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
Definition: audit.c:847
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtSetInformationProcess(), and NtSetInformationThread().

◆ SeFreePrivileges()

VOID NTAPI SeFreePrivileges ( IN PPRIVILEGE_SET  Privileges)

Definition at line 476 of file priv.c.

477 {
478  PAGED_CODE();
479  ExFreePoolWithTag(Privileges, TAG_PRIVILEGE_SET);
480 }
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NtAccessCheck(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckTraverseAccess(), and START_TEST().

◆ SepInitPrivileges()

VOID NTAPI SepInitPrivileges ( VOID  )

Definition at line 60 of file priv.c.

61 {
62 
63 }

Referenced by SepInitializationPhase0().

◆ SepPrivilegeCheck()

BOOLEAN NTAPI SepPrivilegeCheck ( PTOKEN  Token,
PLUID_AND_ATTRIBUTES  Privileges,
ULONG  PrivilegeCount,
ULONG  PrivilegeControl,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 68 of file priv.c.

73 {
74  ULONG i;
75  ULONG j;
76  ULONG Required;
77 
78  DPRINT("SepPrivilegeCheck() called\n");
79 
80  PAGED_CODE();
81 
82  if (PreviousMode == KernelMode)
83  return TRUE;
84 
85  /* Get the number of privileges that are required to match */
86  Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
87 
88  /* Acquire a shared token lock */
89  SepAcquireTokenLockShared(Token);
90 
91  /* Loop all requested privileges until we found the required ones */
92  for (i = 0; i < PrivilegeCount; i++)
93  {
94  /* Loop the privileges of the token */
95  for (j = 0; j < Token->PrivilegeCount; j++)
96  {
97  /* Check if the LUIDs match */
98  if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
99  {
100  DPRINT("Found privilege. Attributes: %lx\n",
101  Token->Privileges[j].Attributes);
102 
103  /* Check if the privilege is enabled */
104  if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
105  {
106  Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
107  Required--;
108 
109  /* Check if we have found all privileges */
110  if (Required == 0)
111  {
112  /* We're done! */
113  SepReleaseTokenLock(Token);
114  return TRUE;
115  }
116  }
117 
118  /* Leave the inner loop */
119  break;
120  }
121  }
122  }
123 
124  /* Release the token lock */
125  SepReleaseTokenLock(Token);
126 
127  /* When we reached this point, we did not find all privileges */
128  ASSERT(Required > 0);
129  return FALSE;
130 }
TRUE
#define TRUE
Definition: types.h:120
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
FALSE
#define FALSE
Definition: types.h:117
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
SE_PRIVILEGE_USED_FOR_ACCESS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
j
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
ASSERT
#define ASSERT(a)
Definition: mode.c:44
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:227
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SepAcquireTokenLockShared
#define SepAcquireTokenLockShared(Token)
Definition: se.h:221
ULONG
unsigned int ULONG
Definition: retypes.h:1
Required
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
Definition: newmm.h:38
DPRINT
#define DPRINT
Definition: sndvol32.h:71
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtPrivilegeCheck(), SeCheckAuditPrivilege(), SePrivilegeCheck(), and SepSinglePrivilegeCheck().

◆ SePrivilegeCheck()

BOOLEAN NTAPI SePrivilegeCheck ( PPRIVILEGE_SET  Privileges,
PSECURITY_SUBJECT_CONTEXT  SubjectContext,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 487 of file priv.c.

490 {
491  PACCESS_TOKEN Token = NULL;
492 
493  PAGED_CODE();
494 
495  if (SubjectContext->ClientToken == NULL)
496  {
497  Token = SubjectContext->PrimaryToken;
498  }
499  else
500  {
501  Token = SubjectContext->ClientToken;
502  if (SubjectContext->ImpersonationLevel < 2)
503  {
504  return FALSE;
505  }
506  }
507 
508  return SepPrivilegeCheck(Token,
509  Privileges->Privilege,
510  Privileges->PrivilegeCount,
511  Privileges->Control,
512  PreviousMode);
513 }
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
FALSE
#define FALSE
Definition: types.h:117
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:68
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
NULL
#define NULL
Definition: types.h:112
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by FatCheckManageVolumeAccess(), has_manage_volume_privilege(), HasPrivilege(), IopCheckBackupRestorePrivilege(), SeCheckPrivilegedObject(), SeSinglePrivilegeCheck(), and START_TEST().

◆ SePrivilegePolicyCheck()

NTSTATUS NTAPI SePrivilegePolicyCheck ( _Inout_ PACCESS_MASK  DesiredAccess,
_Inout_ PACCESS_MASK  GrantedAccess,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PTOKEN  Token,
_Out_opt_ PPRIVILEGE_SET OutPrivilegeSet,
_In_ KPROCESSOR_MODE  PreviousMode 
)

Definition at line 154 of file priv.c.

161 {
162  SIZE_T PrivilegeSize;
163  PPRIVILEGE_SET PrivilegeSet;
164  ULONG PrivilegeCount = 0, Index = 0;
165  ACCESS_MASK AccessMask = 0;
166  PAGED_CODE();
167 
168  /* Check if we have a security subject context */
169  if (SubjectContext != NULL)
170  {
171  /* Check if there is a client impersonation token */
172  if (SubjectContext->ClientToken != NULL)
173  Token = SubjectContext->ClientToken;
174  else
175  Token = SubjectContext->PrimaryToken;
176  }
177 
178  /* Check if the caller wants ACCESS_SYSTEM_SECURITY access */
179  if (*DesiredAccess & ACCESS_SYSTEM_SECURITY)
180  {
181  /* Do the privilege check */
182  if (SepSinglePrivilegeCheck(SeSecurityPrivilege, Token, PreviousMode))
183  {
184  /* Remember this access flag */
185  AccessMask |= ACCESS_SYSTEM_SECURITY;
186  PrivilegeCount++;
187  }
188  else
189  {
190  return STATUS_PRIVILEGE_NOT_HELD;
191  }
192  }
193 
194  /* Check if the caller wants WRITE_OWNER access */
195  if (*DesiredAccess & WRITE_OWNER)
196  {
197  /* Do the privilege check */
198  if (SepSinglePrivilegeCheck(SeTakeOwnershipPrivilege, Token, PreviousMode))
199  {
200  /* Remember this access flag */
201  AccessMask |= WRITE_OWNER;
202  PrivilegeCount++;
203  }
204  }
205 
206  /* Update the access masks */
207  *GrantedAccess |= AccessMask;
208  *DesiredAccess &= ~AccessMask;
209 
210  /* Does the caller want a privilege set? */
211  if (OutPrivilegeSet != NULL)
212  {
213  /* Do we have any privileges to report? */
214  if (PrivilegeCount > 0)
215  {
216  /* Calculate size and allocate the structure */
217  PrivilegeSize = FIELD_OFFSET(PRIVILEGE_SET, Privilege[PrivilegeCount]);
218  PrivilegeSet = ExAllocatePoolWithTag(PagedPool, PrivilegeSize, TAG_PRIVILEGE_SET);
219  *OutPrivilegeSet = PrivilegeSet;
220  if (PrivilegeSet == NULL)
221  {
222  return STATUS_INSUFFICIENT_RESOURCES;
223  }
224 
225  PrivilegeSet->PrivilegeCount = PrivilegeCount;
226  PrivilegeSet->Control = 0;
227 
228  if (AccessMask & WRITE_OWNER)
229  {
230  PrivilegeSet->Privilege[Index].Luid = SeTakeOwnershipPrivilege;
231  PrivilegeSet->Privilege[Index].Attributes = SE_PRIVILEGE_USED_FOR_ACCESS;
232  Index++;
233  }
234 
235  if (AccessMask & ACCESS_SYSTEM_SECURITY)
236  {
237  PrivilegeSet->Privilege[Index].Luid = SeSecurityPrivilege;
238  PrivilegeSet->Privilege[Index].Attributes = SE_PRIVILEGE_USED_FOR_ACCESS;
239  }
240  }
241  else
242  {
243  /* No privileges, no structure */
244  *OutPrivilegeSet = NULL;
245  }
246  }
247 
248  return STATUS_SUCCESS;
249 }
STATUS_PRIVILEGE_NOT_HELD
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_USED_FOR_ACCESS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
SepSinglePrivilegeCheck
NTSTATUS NTAPI SepSinglePrivilegeCheck(LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:134
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SeSecurityPrivilege
const LUID SeSecurityPrivilege
Definition: priv.c:25
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
SeTakeOwnershipPrivilege
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:26
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
NULL
#define NULL
Definition: types.h:112
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
ULONG
unsigned int ULONG
Definition: retypes.h:1
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAccessCheck(), and SepAccessCheck().

◆ SepSinglePrivilegeCheck()

NTSTATUS NTAPI SepSinglePrivilegeCheck ( LUID  PrivilegeValue,
PTOKEN  Token,
KPROCESSOR_MODE  PreviousMode 
)

Definition at line 134 of file priv.c.

138 {
139  LUID_AND_ATTRIBUTES Privilege;
140  PAGED_CODE();
141  ASSERT(!RtlEqualLuid(&PrivilegeValue, &SeTcbPrivilege));
142 
143  Privilege.Luid = PrivilegeValue;
144  Privilege.Attributes = SE_PRIVILEGE_ENABLED;
145  return SepPrivilegeCheck(Token,
146  &Privilege,
147  1,
148  PRIVILEGE_SET_ALL_NECESSARY,
149  PreviousMode);
150 }
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:24
Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SepPrivilegeCheck
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:68
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by SePrivilegePolicyCheck().

◆ SeReleaseLuidAndAttributesArray()

VOID NTAPI SeReleaseLuidAndAttributesArray ( PLUID_AND_ATTRIBUTES  Privilege,
KPROCESSOR_MODE  PreviousMode,
BOOLEAN  CaptureIfKernel 
)

Definition at line 383 of file priv.c.

386 {
387  PAGED_CODE();
388 
389  if (Privilege != NULL &&
390  (PreviousMode != KernelMode || CaptureIfKernel))
391  {
392  ExFreePoolWithTag(Privilege, TAG_LUID);
393  }
394 }
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
TAG_LUID
#define TAG_LUID
Definition: tag.h:178
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
NULL
#define NULL
Definition: types.h:112
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by NtAdjustPrivilegesToken(), NtCreateToken(), and NtPrivilegeCheck().

◆ SeSinglePrivilegeCheck()

BOOLEAN NTAPI SeSinglePrivilegeCheck ( IN LUID  PrivilegeValue,
IN KPROCESSOR_MODE  PreviousMode 
)

Definition at line 520 of file priv.c.

522 {
523  SECURITY_SUBJECT_CONTEXT SubjectContext;
524  PRIVILEGE_SET Priv;
525  BOOLEAN Result;
526 
527  PAGED_CODE();
528 
529  SeCaptureSubjectContext(&SubjectContext);
530 
531  Priv.PrivilegeCount = 1;
532  Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
533  Priv.Privilege[0].Luid = PrivilegeValue;
534  Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
535 
536  Result = SePrivilegeCheck(&Priv,
537  &SubjectContext,
538  PreviousMode);
539 
540  if (PreviousMode != KernelMode)
541  {
542  SePrivilegedServiceAuditAlarm(NULL,
543  &SubjectContext,
544  &Priv,
545  Result);
546 
547  }
548 
549  SeReleaseSubjectContext(&SubjectContext);
550 
551  return Result;
552 }
SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SePrivilegedServiceAuditAlarm
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Definition: audit.c:214
SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
Definition: priv.c:487
NULL
#define NULL
Definition: types.h:112
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

Referenced by add_device(), ApphelpCacheAccessCheck(), ExpRaiseHardError(), Ext2InvalidateVolumes(), FatCheckSystemSecurityAccess(), FFSInvalidateVolumes(), find_subvol(), fsctl_set_xattr(), invalidate_volumes(), ioctl_unload(), IopUnloadDriver(), KsInstallBusEnumInterface(), KsRemoveBusEnumInterface(), mknod(), NtAllocateVirtualMemory(), NtCreatePagingFile(), NtCreateProfile(), NtCreateToken(), NtDisplayString(), NtGetPlugPlayEvent(), NtLoadDriver(), NtLoadKeyEx(), NtLockVirtualMemory(), NtMakePermanentObject(), NtOpenProcess(), NtOpenThread(), NtPlugPlayControl(), NtQuerySystemEnvironmentValue(), NtSaveKeyEx(), NtSaveMergedKeys(), NtSetDebugFilterState(), NtSetDefaultHardErrorPort(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationThread(), NtSetInformationToken(), NtSetSystemEnvironmentValue(), NtSetSystemPowerState(), NtSetSystemTime(), NtUnloadKey2(), NtUnlockVirtualMemory(), ObCreateObject(), ObpLookupObjectName(), pause_balance(), pause_scrub(), probe_volume(), PspSetPrimaryToken(), PspSetQuotaLimits(), query_scrub(), read_send_buffer(), recvd_subvol(), remove_device(), reserve_subvol(), reset_stats(), resize_device(), resume_balance(), resume_scrub(), RfsdInvalidateVolumes(), send_subvol(), SSI_DEF(), start_balance(), start_scrub(), stop_balance(), stop_scrub(), UDFCheckAccessRights(), UDFCommonCreate(), and UDFInvalidateVolumes().

Variable Documentation

◆ SeAssignPrimaryTokenPrivilege

const LUID SeAssignPrimaryTokenPrivilege = CONST_LUID(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0)

Definition at line 20 of file priv.c.

Referenced by PspSetPrimaryToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeAuditPrivilege

const LUID SeAuditPrivilege = CONST_LUID(SE_AUDIT_PRIVILEGE, 0)

Definition at line 38 of file priv.c.

Referenced by SeCheckAuditPrivilege(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeBackupPrivilege

const LUID SeBackupPrivilege = CONST_LUID(SE_BACKUP_PRIVILEGE, 0)

Definition at line 34 of file priv.c.

Referenced by IopCheckBackupRestorePrivilege(), NtSaveKeyEx(), NtSaveMergedKeys(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeChangeNotifyPrivilege

const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)

Definition at line 40 of file priv.c.

◆ SeCreateGlobalPrivilege

const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)

Definition at line 47 of file priv.c.

◆ SeCreatePagefilePrivilege

const LUID SeCreatePagefilePrivilege = CONST_LUID(SE_CREATE_PAGEFILE_PRIVILEGE, 0)

Definition at line 32 of file priv.c.

Referenced by NtCreatePagingFile(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreatePermanentPrivilege

const LUID SeCreatePermanentPrivilege = CONST_LUID(SE_CREATE_PERMANENT_PRIVILEGE, 0)

Definition at line 33 of file priv.c.

Referenced by NtMakePermanentObject(), ObCreateObject(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreateSymbolicLinkPrivilege

const LUID SeCreateSymbolicLinkPrivilege = CONST_LUID(SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, 0)

Definition at line 52 of file priv.c.

◆ SeCreateTokenPrivilege

const LUID SeCreateTokenPrivilege = CONST_LUID(SE_CREATE_TOKEN_PRIVILEGE, 0)

Definition at line 19 of file priv.c.

Referenced by NtCreateToken(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeDebugPrivilege

const LUID SeDebugPrivilege = CONST_LUID(SE_DEBUG_PRIVILEGE, 0)

Definition at line 37 of file priv.c.

Referenced by NtOpenProcess(), NtOpenThread(), NtSetDebugFilterState(), NtSetInformationProcess(), NtSetInformationThread(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeEnableDelegationPrivilege

const LUID SeEnableDelegationPrivilege = CONST_LUID(SE_ENABLE_DELEGATION_PRIVILEGE, 0)

Definition at line 44 of file priv.c.

Referenced by SepInitExports().

◆ SeImpersonatePrivilege

const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)

Definition at line 46 of file priv.c.

◆ SeIncreaseBasePriorityPrivilege

const LUID SeIncreaseBasePriorityPrivilege = CONST_LUID(SE_INC_BASE_PRIORITY_PRIVILEGE, 0)

Definition at line 31 of file priv.c.

Referenced by NtSetInformationProcess(), NtSetInformationThread(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseQuotaPrivilege

const LUID SeIncreaseQuotaPrivilege = CONST_LUID(SE_INCREASE_QUOTA_PRIVILEGE, 0)

Definition at line 22 of file priv.c.

Referenced by PspSetQuotaLimits(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeIncreaseWorkingSetPrivilege

const LUID SeIncreaseWorkingSetPrivilege = CONST_LUID(SE_INC_WORKING_SET_PRIVILEGE, 0)

Definition at line 50 of file priv.c.

◆ SeLoadDriverPrivilege

const LUID SeLoadDriverPrivilege = CONST_LUID(SE_LOAD_DRIVER_PRIVILEGE, 0)

Definition at line 27 of file priv.c.

Referenced by IopUnloadDriver(), NtLoadDriver(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeLockMemoryPrivilege

const LUID SeLockMemoryPrivilege = CONST_LUID(SE_LOCK_MEMORY_PRIVILEGE, 0)

Definition at line 21 of file priv.c.

Referenced by NtAllocateVirtualMemory(), NtLockVirtualMemory(), NtUnlockVirtualMemory(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeManageVolumePrivilege

const LUID SeManageVolumePrivilege = CONST_LUID(SE_MANAGE_VOLUME_PRIVILEGE, 0)

Definition at line 45 of file priv.c.

Referenced by SepInitExports().

◆ SeProfileSingleProcessPrivilege

const LUID SeProfileSingleProcessPrivilege = CONST_LUID(SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0)

Definition at line 30 of file priv.c.

Referenced by SepCreateSystemProcessToken(), and SepInitExports().

◆ SeRelabelPrivilege

const LUID SeRelabelPrivilege = CONST_LUID(SE_RELABEL_PRIVILEGE, 0)

Definition at line 49 of file priv.c.

◆ SeRemoteShutdownPrivilege

const LUID SeRemoteShutdownPrivilege = CONST_LUID(SE_REMOTE_SHUTDOWN_PRIVILEGE, 0)

Definition at line 41 of file priv.c.

Referenced by SepInitExports().

◆ SeRestorePrivilege

const LUID SeRestorePrivilege = CONST_LUID(SE_RESTORE_PRIVILEGE, 0)

Definition at line 35 of file priv.c.

Referenced by IopCheckBackupRestorePrivilege(), NtLoadKeyEx(), NtUnloadKey2(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSecurityPrivilege

const LUID SeSecurityPrivilege = CONST_LUID(SE_SECURITY_PRIVILEGE, 0)

Definition at line 25 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeShutdownPrivilege

const LUID SeShutdownPrivilege = CONST_LUID(SE_SHUTDOWN_PRIVILEGE, 0)

Definition at line 36 of file priv.c.

Referenced by ExpRaiseHardError(), NtSetSystemPowerState(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSyncAgentPrivilege

const LUID SeSyncAgentPrivilege = CONST_LUID(SE_SYNC_AGENT_PRIVILEGE, 0)

Definition at line 43 of file priv.c.

Referenced by SepInitExports().

◆ SeSystemEnvironmentPrivilege

const LUID SeSystemEnvironmentPrivilege = CONST_LUID(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0)

Definition at line 39 of file priv.c.

Referenced by NtQuerySystemEnvironmentValue(), NtSetSystemEnvironmentValue(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeSystemProfilePrivilege

const LUID SeSystemProfilePrivilege = CONST_LUID(SE_SYSTEM_PROFILE_PRIVILEGE, 0)

Definition at line 28 of file priv.c.

Referenced by NtCreateProfile(), and SepInitExports().

◆ SeSystemtimePrivilege

const LUID SeSystemtimePrivilege = CONST_LUID(SE_SYSTEMTIME_PRIVILEGE, 0)

Definition at line 29 of file priv.c.

Referenced by NtSetSystemTime(), SepCreateSystemProcessToken(), SepInitExports(), and SSI_DEF().

◆ SeTakeOwnershipPrivilege

const LUID SeTakeOwnershipPrivilege = CONST_LUID(SE_TAKE_OWNERSHIP_PRIVILEGE, 0)

Definition at line 26 of file priv.c.

Referenced by SepCreateSystemProcessToken(), SepInitExports(), and SePrivilegePolicyCheck().

◆ SeTcbPrivilege

const LUID SeTcbPrivilege = CONST_LUID(SE_TCB_PRIVILEGE, 0)

Definition at line 24 of file priv.c.

Referenced by ApphelpCacheAccessCheck(), ExpRaiseHardError(), NtDisplayString(), NtGetPlugPlayEvent(), NtPlugPlayControl(), NtSetDefaultHardErrorPort(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationToken(), SepCreateSystemProcessToken(), SepInitExports(), SepSinglePrivilegeCheck(), and SSI_DEF().

◆ SeTimeZonePrivilege

const LUID SeTimeZonePrivilege = CONST_LUID(SE_TIME_ZONE_PRIVILEGE, 0)

Definition at line 51 of file priv.c.

◆ SeTrustedCredmanPrivilege

const LUID SeTrustedCredmanPrivilege = CONST_LUID(SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE, 0)

Definition at line 48 of file priv.c.

◆ SeUndockPrivilege

const LUID SeUndockPrivilege = CONST_LUID(SE_UNDOCK_PRIVILEGE, 0)

Definition at line 42 of file priv.c.

Referenced by SepInitExports().

◆ SeUnsolicitedInputPrivilege

const LUID SeUnsolicitedInputPrivilege = CONST_LUID(6, 0)

Definition at line 23 of file priv.c.

Referenced by SepInitExports().