ReactOS 0.4.16-dev-197-g92996da
priv.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Security privileges support
5 * COPYRIGHT: Copyright Alex Ionescu <alex@relsoft.net>
6 * Copyright Timo Kreuzer <timo.kreuzer@reactos.org>
7 * Copyright Eric Kohl
8 */
9
10/* INCLUDES ******************************************************************/
11
12#include <ntoskrnl.h>
13#define NDEBUG
14#include <debug.h>
15
16/* GLOBALS ********************************************************************/
17
18#define SE_MAXIMUM_PRIVILEGE_LIMIT 0x3C
19
20#define CONST_LUID(x1, x2) {x1, x2}
55
56
57/* PRIVATE FUNCTIONS **********************************************************/
58
68CODE_SEG("INIT")
69VOID
72{
73
74}
75
103NTAPI
107 _In_ ULONG PrivilegeCount,
108 _In_ ULONG PrivilegeControl,
110{
111 ULONG i;
112 ULONG j;
114
115 DPRINT("SepPrivilegeCheck() called\n");
116
117 PAGED_CODE();
118
120 return TRUE;
121
122 /* Get the number of privileges that are required to match */
123 Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
124
125 /* Acquire a shared token lock */
127
128 /* Loop all requested privileges until we found the required ones */
129 for (i = 0; i < PrivilegeCount; i++)
130 {
131 /* Loop the privileges of the token */
132 for (j = 0; j < Token->PrivilegeCount; j++)
133 {
134 /* Check if the LUIDs match */
135 if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
136 {
137 DPRINT("Found privilege. Attributes: %lx\n",
138 Token->Privileges[j].Attributes);
139
140 /* Check if the privilege is enabled */
141 if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
142 {
144 Required--;
145
146 /* Check if we have found all privileges */
147 if (Required == 0)
148 {
149 /* We're done! */
151 return TRUE;
152 }
153 }
154
155 /* Leave the inner loop */
156 break;
157 }
158 }
159 }
160
161 /* Release the token lock */
163
164 /* When we reached this point, we did not find all privileges */
165 ASSERT(Required > 0);
166 return FALSE;
167}
168
189NTAPI
191 _In_ LUID PrivilegeValue,
194{
196 PAGED_CODE();
197 ASSERT(!RtlEqualLuid(&PrivilegeValue, &SeTcbPrivilege));
198
199 Privilege.Luid = PrivilegeValue;
200 Privilege.Attributes = SE_PRIVILEGE_ENABLED;
202 &Privilege,
203 1,
206}
207
243NTAPI
249 _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet,
251{
252 SIZE_T PrivilegeSize;
253 PPRIVILEGE_SET PrivilegeSet;
254 ULONG PrivilegeCount = 0, Index = 0;
256 PAGED_CODE();
257
258 /* Check if we have a security subject context */
259 if (SubjectContext != NULL)
260 {
261 /* Check if there is a client impersonation token */
262 if (SubjectContext->ClientToken != NULL)
263 Token = SubjectContext->ClientToken;
264 else
265 Token = SubjectContext->PrimaryToken;
266 }
267
268 /* Check if the caller wants ACCESS_SYSTEM_SECURITY access */
270 {
271 /* Do the privilege check */
273 {
274 /* Remember this access flag */
276 PrivilegeCount++;
277 }
278 else
279 {
281 }
282 }
283
284 /* Check if the caller wants WRITE_OWNER access */
286 {
287 /* Do the privilege check */
289 {
290 /* Remember this access flag */
292 PrivilegeCount++;
293 }
294 }
295
296 /* Update the access masks */
298 *DesiredAccess &= ~AccessMask;
299
300 /* Does the caller want a privilege set? */
301 if (OutPrivilegeSet != NULL)
302 {
303 /* Do we have any privileges to report? */
304 if (PrivilegeCount > 0)
305 {
306 /* Calculate size and allocate the structure */
307 PrivilegeSize = FIELD_OFFSET(PRIVILEGE_SET, Privilege[PrivilegeCount]);
308 PrivilegeSet = ExAllocatePoolWithTag(PagedPool, PrivilegeSize, TAG_PRIVILEGE_SET);
309 *OutPrivilegeSet = PrivilegeSet;
310 if (PrivilegeSet == NULL)
311 {
313 }
314
315 PrivilegeSet->PrivilegeCount = PrivilegeCount;
316 PrivilegeSet->Control = 0;
317
319 {
322 Index++;
323 }
324
326 {
327 PrivilegeSet->Privilege[Index].Luid = SeSecurityPrivilege;
329 }
330 }
331 else
332 {
333 /* No privileges, no structure */
334 *OutPrivilegeSet = NULL;
335 }
336 }
337
338 return STATUS_SUCCESS;
339}
340
359NTAPI
363{
364 PRIVILEGE_SET PrivilegeSet;
366 PAGED_CODE();
367
368 /* Initialize the privilege set with the single privilege */
369 PrivilegeSet.PrivilegeCount = 1;
371 PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
372 PrivilegeSet.Privilege[0].Attributes = 0;
373
374 /* Check against the primary token! */
376 &PrivilegeSet.Privilege[0],
377 1,
380
382 {
385 &PrivilegeSet,
386 Result);
387 }
388
389 return Result;
390}
391
437NTAPI
440 _In_ ULONG PrivilegeCount,
442 _In_opt_ PLUID_AND_ATTRIBUTES AllocatedMem,
443 _In_opt_ ULONG AllocatedLength,
445 _In_ BOOLEAN CaptureIfKernel,
448{
451
452 PAGED_CODE();
453
454 if (PrivilegeCount == 0)
455 {
456 *Dest = 0;
457 *Length = 0;
458 return STATUS_SUCCESS;
459 }
460
461 if (PrivilegeCount > SE_MAXIMUM_PRIVILEGE_LIMIT)
462 {
464 }
465
466 if (PreviousMode == KernelMode && !CaptureIfKernel)
467 {
468 *Dest = Src;
469 return STATUS_SUCCESS;
470 }
471
472 BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
473 *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
474
475 /* probe the buffer */
477 {
479 {
480 ProbeForRead(Src,
482 sizeof(ULONG));
483 }
485 {
486 /* Return the exception code */
488 }
489 _SEH2_END;
490 }
491
492 /* allocate enough memory or check if the provided buffer is
493 large enough to hold the array */
494 if (AllocatedMem != NULL)
495 {
496 if (AllocatedLength < BufferSize)
497 {
499 }
500
501 *Dest = AllocatedMem;
502 }
503 else
504 {
507 TAG_LUID);
508 if (*Dest == NULL)
509 {
511 }
512 }
513
514 /* copy the array to the buffer */
516 {
517 RtlCopyMemory(*Dest,
518 Src,
519 BufferSize);
520 }
522 {
524 }
525 _SEH2_END;
526
527 if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
528 {
530 }
531
532 return Status;
533}
534
552VOID
553NTAPI
557 _In_ BOOLEAN CaptureIfKernel)
558{
559 PAGED_CODE();
560
561 if (Privilege != NULL &&
562 (PreviousMode != KernelMode || CaptureIfKernel))
563 {
565 }
566}
567
568/* PUBLIC FUNCTIONS ***********************************************************/
569
587NTAPI
591{
592 PAUX_ACCESS_DATA AuxData;
593 ULONG OldPrivilegeSetSize;
594 ULONG NewPrivilegeSetSize;
595 PPRIVILEGE_SET PrivilegeSet;
596
597 PAGED_CODE();
598
599 /* Get the Auxiliary Data */
600 AuxData = AccessState->AuxData;
601
602 /* Calculate the size of the old privilege set */
603 OldPrivilegeSetSize = sizeof(PRIVILEGE_SET) +
604 (AuxData->PrivilegesUsed->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
605
606 if (AuxData->PrivilegesUsed->PrivilegeCount +
607 Privileges->PrivilegeCount > INITIAL_PRIVILEGE_COUNT)
608 {
609 /* Calculate the size of the new privilege set */
610 NewPrivilegeSetSize = OldPrivilegeSetSize +
611 Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
612
613 /* Allocate a new privilege set */
614 PrivilegeSet = ExAllocatePoolWithTag(PagedPool,
615 NewPrivilegeSetSize,
617 if (PrivilegeSet == NULL)
619
620 /* Copy original privileges from the acess state */
621 RtlCopyMemory(PrivilegeSet,
622 AuxData->PrivilegesUsed,
623 OldPrivilegeSetSize);
624
625 /* Append privileges from the privilege set*/
626 RtlCopyMemory((PVOID)((ULONG_PTR)PrivilegeSet + OldPrivilegeSetSize),
628 Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
629
630 /* Adjust the number of privileges in the new privilege set */
631 PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
632
633 /* Free the old privilege set if it was allocated */
634 if (AccessState->PrivilegesAllocated != FALSE)
636
637 /* Now we are using an allocated privilege set */
638 AccessState->PrivilegesAllocated = TRUE;
639
640 /* Assign the new privileges to the access state */
641 AuxData->PrivilegesUsed = PrivilegeSet;
642 }
643 else
644 {
645 /* Append privileges */
646 RtlCopyMemory((PVOID)((ULONG_PTR)AuxData->PrivilegesUsed + OldPrivilegeSetSize),
648 Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
649
650 /* Adjust the number of privileges in the target privilege set */
651 AuxData->PrivilegesUsed->PrivilegeCount += Privileges->PrivilegeCount;
652 }
653
654 return STATUS_SUCCESS;
655}
656
667VOID
668NTAPI
671{
672 PAGED_CODE();
674}
675
697NTAPI
702{
704
705 PAGED_CODE();
706
707 if (SubjectContext->ClientToken == NULL)
708 {
709 Token = SubjectContext->PrimaryToken;
710 }
711 else
712 {
713 Token = SubjectContext->ClientToken;
714 if (SubjectContext->ImpersonationLevel < 2)
715 {
716 return FALSE;
717 }
718 }
719
721 Privileges->Privilege,
722 Privileges->PrivilegeCount,
723 Privileges->Control,
725}
726
743NTAPI
745 _In_ LUID PrivilegeValue,
747{
749 PRIVILEGE_SET Priv;
751
752 PAGED_CODE();
753
755
756 Priv.PrivilegeCount = 1;
758 Priv.Privilege[0].Luid = PrivilegeValue;
760
761 Result = SePrivilegeCheck(&Priv,
764
766 {
769 &Priv,
770 Result);
771
772 }
773
775
776 return Result;
777}
778
802NTAPI
804 _In_ LUID PrivilegeValue,
805 _In_ HANDLE ObjectHandle,
808{
810 PRIVILEGE_SET Priv;
812
813 PAGED_CODE();
814
816
817 Priv.PrivilegeCount = 1;
819 Priv.Privilege[0].Luid = PrivilegeValue;
821
824 {
825#if 0
826 SePrivilegeObjectAuditAlarm(ObjectHandle,
829 &PrivilegeValue,
830 Result,
832#endif
833 }
834
836
837 return Result;
838}
839
840/* SYSTEM CALLS ***************************************************************/
841
867NTAPI
869 _In_ HANDLE ClientToken,
870 _In_ PPRIVILEGE_SET RequiredPrivileges,
872{
875 ULONG PrivilegeCount = 0;
876 ULONG PrivilegeControl = 0;
878 BOOLEAN CheckResult;
881
882 PAGED_CODE();
883
885
886 /* probe the buffers */
888 {
890 {
891 ProbeForWrite(RequiredPrivileges,
893 Privilege),
894 sizeof(ULONG));
895
896 PrivilegeCount = RequiredPrivileges->PrivilegeCount;
897 PrivilegeControl = RequiredPrivileges->Control;
898
899 /* Check PrivilegeCount to avoid an integer overflow! */
901 Privilege[PrivilegeCount]) /
902 sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
903 {
905 }
906
907 /* probe all of the array */
908 ProbeForWrite(RequiredPrivileges,
910 Privilege[PrivilegeCount]),
911 sizeof(ULONG));
912
914 }
916 {
917 /* Return the exception code */
919 }
920 _SEH2_END;
921 }
922 else
923 {
924 PrivilegeCount = RequiredPrivileges->PrivilegeCount;
925 PrivilegeControl = RequiredPrivileges->Control;
926 }
927
928 /* reference the token and make sure we're
929 not doing an anonymous impersonation */
930 Status = ObReferenceObjectByHandle(ClientToken,
934 (PVOID*)&Token,
935 NULL);
936 if (!NT_SUCCESS(Status))
937 {
938 return Status;
939 }
940
941 if (Token->TokenType == TokenImpersonation &&
942 Token->ImpersonationLevel < SecurityIdentification)
943 {
946 }
947
948 /* capture the privileges */
949 Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
950 PrivilegeCount,
952 NULL,
953 0,
954 PagedPool,
955 TRUE,
956 &Privileges,
957 &Length);
958 if (!NT_SUCCESS(Status))
959 {
961 return Status;
962 }
963
964 CheckResult = SepPrivilegeCheck(Token,
966 PrivilegeCount,
967 PrivilegeControl,
969
971
972 /* return the array */
974 {
975 RtlCopyMemory(RequiredPrivileges->Privilege,
977 PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
978 *Result = CheckResult;
980 }
982 {
984 }
985 _SEH2_END;
986
989 TRUE);
990
991 return Status;
992}
993
994/* EOF */
#define PAGED_CODE()
#define CODE_SEG(...)
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
unsigned char BOOLEAN
LONG NTSTATUS
Definition: precomp.h:26
#define BufferSize
Definition: mmc.h:75
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define PagedPool
Definition: env_spec_w32.h:308
#define ROUND_UP(n, align)
Definition: eventvwr.h:34
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
@ SecurityIdentification
Definition: lsa.idl:56
#define ASSERT(a)
Definition: mode.c:44
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
@ TokenImpersonation
Definition: imports.h:274
#define SE_TAKE_OWNERSHIP_PRIVILEGE
Definition: security.c:663
#define SE_SYSTEM_PROFILE_PRIVILEGE
Definition: security.c:665
#define SE_SYNC_AGENT_PRIVILEGE
Definition: security.c:680
#define SE_REMOTE_SHUTDOWN_PRIVILEGE
Definition: security.c:678
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
Definition: security.c:657
#define SE_IMPERSONATE_PRIVILEGE
Definition: security.c:683
#define SE_DEBUG_PRIVILEGE
Definition: security.c:674
#define SE_CREATE_TOKEN_PRIVILEGE
Definition: security.c:656
#define SE_SYSTEMTIME_PRIVILEGE
Definition: security.c:666
#define SE_CREATE_PERMANENT_PRIVILEGE
Definition: security.c:670
#define SE_SECURITY_PRIVILEGE
Definition: security.c:662
#define SE_AUDIT_PRIVILEGE
Definition: security.c:675
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE
Definition: security.c:676
#define SE_MANAGE_VOLUME_PRIVILEGE
Definition: security.c:682
#define SE_INC_BASE_PRIORITY_PRIVILEGE
Definition: security.c:668
#define SE_UNDOCK_PRIVILEGE
Definition: security.c:679
#define SE_SHUTDOWN_PRIVILEGE
Definition: security.c:673
#define SE_LOCK_MEMORY_PRIVILEGE
Definition: security.c:658
#define SE_BACKUP_PRIVILEGE
Definition: security.c:671
#define SE_RESTORE_PRIVILEGE
Definition: security.c:672
#define SE_TCB_PRIVILEGE
Definition: security.c:661
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE
Definition: security.c:667
#define SE_CHANGE_NOTIFY_PRIVILEGE
Definition: security.c:677
#define SE_ENABLE_DELEGATION_PRIVILEGE
Definition: security.c:681
#define SE_INCREASE_QUOTA_PRIVILEGE
Definition: security.c:659
#define SE_LOAD_DRIVER_PRIVILEGE
Definition: security.c:664
#define SE_CREATE_GLOBAL_PRIVILEGE
Definition: security.c:684
#define SE_CREATE_PAGEFILE_PRIVILEGE
Definition: security.c:669
#define _Out_opt_
Definition: ms_sal.h:346
#define _Inout_
Definition: ms_sal.h:378
#define _Out_
Definition: ms_sal.h:345
#define _In_
Definition: ms_sal.h:308
#define _In_opt_
Definition: ms_sal.h:309
#define KernelMode
Definition: asm.h:34
#define KeGetPreviousMode()
Definition: ketypes.h:1115
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
_In_ PMEMORY_AREA _In_ PVOID _In_ BOOLEAN _Inout_ PMM_REQUIRED_RESOURCES Required
Definition: newmm.h:210
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define WRITE_OWNER
Definition: nt_native.h:60
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define SepAcquireTokenLockShared(Token)
Definition: se.h:290
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Performs an audit alarm to a privileged service request.
Definition: audit.c:369
#define SepReleaseTokenLock(Token)
Definition: se.h:296
VOID NTAPI SePrivilegeObjectAuditAlarm(_In_ HANDLE Handle, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE CurrentMode)
Raises an audit with alarm notification message when an object tries to acquire this privilege.
Definition: audit.c:1321
const LUID SeDebugPrivilege
Definition: priv.c:39
BOOLEAN NTAPI SePrivilegeCheck(_In_ PPRIVILEGE_SET Privileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a set of privileges exist and match within a security subject context.
Definition: priv.c:698
const LUID SeSyncAgentPrivilege
Definition: priv.c:45
const LUID SeSystemProfilePrivilege
Definition: priv.c:30
const LUID SeCreateTokenPrivilege
Definition: priv.c:21
const LUID SeBackupPrivilege
Definition: priv.c:36
const LUID SeTrustedCredmanPrivilege
Definition: priv.c:50
BOOLEAN NTAPI SepSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ PTOKEN Token, _In_ KPROCESSOR_MODE PreviousMode)
Checks only single privilege based upon the privilege pointed by a LUID and if it matches with the on...
Definition: priv.c:190
BOOLEAN NTAPI SeCheckPrivilegedObject(_In_ LUID PrivilegeValue, _In_ HANDLE ObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE PreviousMode)
Checks a privileged object if such object has the specific privilege submitted by the caller.
Definition: priv.c:803
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:22
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_opt_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
Captures a LUID with attributes structure. This function is mainly tied in the context of privileges.
Definition: priv.c:438
const LUID SeTimeZonePrivilege
Definition: priv.c:53
NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
Checks a client access token if it has the required set of privileges.
Definition: priv.c:868
NTSTATUS NTAPI SePrivilegePolicyCheck(_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
Checks the security policy and returns a set of privileges based upon the said security policy contex...
Definition: priv.c:244
BOOLEAN NTAPI SeCheckAuditPrivilege(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks a single privilege and performs an audit against a privileged service based on a security subj...
Definition: priv.c:360
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
const LUID SeSystemtimePrivilege
Definition: priv.c:31
BOOLEAN NTAPI SepPrivilegeCheck(_In_ PTOKEN Token, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_ ULONG PrivilegeCount, _In_ ULONG PrivilegeControl, _In_ KPROCESSOR_MODE PreviousMode)
Checks the privileges pointed by Privileges array argument if they exist and match with the privilege...
Definition: priv.c:104
const LUID SeCreateGlobalPrivilege
Definition: priv.c:49
const LUID SeChangeNotifyPrivilege
Definition: priv.c:42
const LUID SeImpersonatePrivilege
Definition: priv.c:48
const LUID SeTcbPrivilege
Definition: priv.c:26
const LUID SeManageVolumePrivilege
Definition: priv.c:47
const LUID SeRestorePrivilege
Definition: priv.c:37
const LUID SeRemoteShutdownPrivilege
Definition: priv.c:43
const LUID SeLoadDriverPrivilege
Definition: priv.c:29
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33
const LUID SeLockMemoryPrivilege
Definition: priv.c:23
const LUID SeCreatePermanentPrivilege
Definition: priv.c:35
#define CONST_LUID(x1, x2)
Definition: priv.c:20
const LUID SeUndockPrivilege
Definition: priv.c:44
const LUID SeCreatePagefilePrivilege
Definition: priv.c:34
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:28
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:32
const LUID SeShutdownPrivilege
Definition: priv.c:38
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:41
const LUID SeSecurityPrivilege
Definition: priv.c:27
const LUID SeUnsolicitedInputPrivilege
Definition: priv.c:25
const LUID SeCreateSymbolicLinkPrivilege
Definition: priv.c:54
const LUID SeEnableDelegationPrivilege
Definition: priv.c:46
const LUID SeRelabelPrivilege
Definition: priv.c:51
const LUID SeIncreaseWorkingSetPrivilege
Definition: priv.c:52
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
const LUID SeAuditPrivilege
Definition: priv.c:40
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:24
NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
#define SE_MAXIMUM_PRIVILEGE_LIMIT
Definition: priv.c:18
VOID NTAPI SepInitPrivileges(VOID)
Initializes the privileges during the startup phase of the security manager module....
Definition: priv.c:71
POBJECT_TYPE SeTokenObjectType
Definition: token.c:17
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:66
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31
#define STATUS_SUCCESS
Definition: shellext.h:65
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
#define DPRINT
Definition: sndvol32.h:73
PPRIVILEGE_SET PrivilegesUsed
Definition: setypes.h:258
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
$ULONG Control
Definition: setypes.h:87
$ULONG PrivilegeCount
Definition: setypes.h:86
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: subject.c:171
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85
#define TAG_LUID
Definition: tag.h:155
#define TAG_PRIVILEGE_SET
Definition: tag.h:157
uint32_t * PULONG
Definition: typedefs.h:59
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
unsigned char * PBOOLEAN
Definition: typedefs.h:53
INT POOL_TYPE
Definition: typedefs.h:78
#define NTAPI
Definition: typedefs.h:36
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
_In_ WDFCOLLECTION _In_ ULONG Index
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:254
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
#define ObDereferenceObject
Definition: obfuncs.h:203
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
#define TOKEN_QUERY
Definition: setypes.h:928
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
#define SE_INC_WORKING_SET_PRIVILEGE
Definition: setypes.h:212
#define SE_RELABEL_PRIVILEGE
Definition: setypes.h:211
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
#define SE_TIME_ZONE_PRIVILEGE
Definition: setypes.h:213
#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
Definition: setypes.h:214
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:172
struct _PRIVILEGE_SET PRIVILEGE_SET
#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE
Definition: setypes.h:210