ReactOS  0.4.15-dev-3324-gda4e15f
priv.c
Go to the documentation of this file.
1 /*
2  * PROJECT: ReactOS Kernel
3  * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4  * PURPOSE: Security privileges support
5  * COPYRIGHT: Copyright Alex Ionescu <alex@relsoft.net>
6  * Copyright Timo Kreuzer <timo.kreuzer@reactos.org>
7  * Copyright Eric Kohl
8  */
9 
10 /* INCLUDES ******************************************************************/
11 
12 #include <ntoskrnl.h>
13 #define NDEBUG
14 #include <debug.h>
15 
16 /* GLOBALS ********************************************************************/
17 
18 #define SE_MAXIMUM_PRIVILEGE_LIMIT 0x3C
19 
20 #define CONST_LUID(x1, x2) {x1, x2}
55 
56 
57 /* PRIVATE FUNCTIONS **********************************************************/
58 
68 CODE_SEG("INIT")
69 VOID
70 NTAPI
72 {
73 
74 }
75 
102 BOOLEAN
103 NTAPI
105  _In_ PTOKEN Token,
107  _In_ ULONG PrivilegeCount,
108  _In_ ULONG PrivilegeControl,
110 {
111  ULONG i;
112  ULONG j;
113  ULONG Required;
114 
115  DPRINT("SepPrivilegeCheck() called\n");
116 
117  PAGED_CODE();
118 
119  if (PreviousMode == KernelMode)
120  return TRUE;
121 
122  /* Get the number of privileges that are required to match */
123  Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
124 
125  /* Acquire a shared token lock */
127 
128  /* Loop all requested privileges until we found the required ones */
129  for (i = 0; i < PrivilegeCount; i++)
130  {
131  /* Loop the privileges of the token */
132  for (j = 0; j < Token->PrivilegeCount; j++)
133  {
134  /* Check if the LUIDs match */
135  if (RtlEqualLuid(&Token->Privileges[j].Luid, &Privileges[i].Luid))
136  {
137  DPRINT("Found privilege. Attributes: %lx\n",
138  Token->Privileges[j].Attributes);
139 
140  /* Check if the privilege is enabled */
141  if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
142  {
144  Required--;
145 
146  /* Check if we have found all privileges */
147  if (Required == 0)
148  {
149  /* We're done! */
151  return TRUE;
152  }
153  }
154 
155  /* Leave the inner loop */
156  break;
157  }
158  }
159  }
160 
161  /* Release the token lock */
163 
164  /* When we reached this point, we did not find all privileges */
165  ASSERT(Required > 0);
166  return FALSE;
167 }
168 
188 BOOLEAN
189 NTAPI
191  _In_ LUID PrivilegeValue,
192  _In_ PTOKEN Token,
194 {
196  PAGED_CODE();
197  ASSERT(!RtlEqualLuid(&PrivilegeValue, &SeTcbPrivilege));
198 
199  Privilege.Luid = PrivilegeValue;
200  Privilege.Attributes = SE_PRIVILEGE_ENABLED;
201  return SepPrivilegeCheck(Token,
202  &Privilege,
203  1,
205  PreviousMode);
206 }
207 
242 NTSTATUS
243 NTAPI
248  _In_ PTOKEN Token,
249  _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet,
251 {
252  SIZE_T PrivilegeSize;
253  PPRIVILEGE_SET PrivilegeSet;
254  ULONG PrivilegeCount = 0, Index = 0;
256  PAGED_CODE();
257 
258  /* Check if we have a security subject context */
259  if (SubjectContext != NULL)
260  {
261  /* Check if there is a client impersonation token */
262  if (SubjectContext->ClientToken != NULL)
263  Token = SubjectContext->ClientToken;
264  else
265  Token = SubjectContext->PrimaryToken;
266  }
267 
268  /* Check if the caller wants ACCESS_SYSTEM_SECURITY access */
270  {
271  /* Do the privilege check */
273  {
274  /* Remember this access flag */
276  PrivilegeCount++;
277  }
278  else
279  {
281  }
282  }
283 
284  /* Check if the caller wants WRITE_OWNER access */
285  if (*DesiredAccess & WRITE_OWNER)
286  {
287  /* Do the privilege check */
289  {
290  /* Remember this access flag */
292  PrivilegeCount++;
293  }
294  }
295 
296  /* Update the access masks */
299 
300  /* Does the caller want a privilege set? */
301  if (OutPrivilegeSet != NULL)
302  {
303  /* Do we have any privileges to report? */
304  if (PrivilegeCount > 0)
305  {
306  /* Calculate size and allocate the structure */
307  PrivilegeSize = FIELD_OFFSET(PRIVILEGE_SET, Privilege[PrivilegeCount]);
308  PrivilegeSet = ExAllocatePoolWithTag(PagedPool, PrivilegeSize, TAG_PRIVILEGE_SET);
309  *OutPrivilegeSet = PrivilegeSet;
310  if (PrivilegeSet == NULL)
311  {
313  }
314 
315  PrivilegeSet->PrivilegeCount = PrivilegeCount;
316  PrivilegeSet->Control = 0;
317 
318  if (AccessMask & WRITE_OWNER)
319  {
320  PrivilegeSet->Privilege[Index].Luid = SeTakeOwnershipPrivilege;
322  Index++;
323  }
324 
326  {
327  PrivilegeSet->Privilege[Index].Luid = SeSecurityPrivilege;
329  }
330  }
331  else
332  {
333  /* No privileges, no structure */
334  *OutPrivilegeSet = NULL;
335  }
336  }
337 
338  return STATUS_SUCCESS;
339 }
340 
358 BOOLEAN
359 NTAPI
363 {
364  PRIVILEGE_SET PrivilegeSet;
365  BOOLEAN Result;
366  PAGED_CODE();
367 
368  /* Initialize the privilege set with the single privilege */
369  PrivilegeSet.PrivilegeCount = 1;
370  PrivilegeSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
371  PrivilegeSet.Privilege[0].Luid = SeAuditPrivilege;
372  PrivilegeSet.Privilege[0].Attributes = 0;
373 
374  /* Check against the primary token! */
375  Result = SepPrivilegeCheck(SubjectContext->PrimaryToken,
376  &PrivilegeSet.Privilege[0],
377  1,
379  PreviousMode);
380 
381  if (PreviousMode != KernelMode)
382  {
385  &PrivilegeSet,
386  Result);
387  }
388 
389  return Result;
390 }
391 
436 NTSTATUS
437 NTAPI
440  _In_ ULONG PrivilegeCount,
442  _In_opt_ PLUID_AND_ATTRIBUTES AllocatedMem,
443  _In_opt_ ULONG AllocatedLength,
445  _In_ BOOLEAN CaptureIfKernel,
448 {
451 
452  PAGED_CODE();
453 
454  if (PrivilegeCount == 0)
455  {
456  *Dest = 0;
457  *Length = 0;
458  return STATUS_SUCCESS;
459  }
460 
461  if (PrivilegeCount > SE_MAXIMUM_PRIVILEGE_LIMIT)
462  {
464  }
465 
466  if (PreviousMode == KernelMode && !CaptureIfKernel)
467  {
468  *Dest = Src;
469  return STATUS_SUCCESS;
470  }
471 
472  BufferSize = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
473  *Length = ROUND_UP(BufferSize, 4); /* round up to a 4 byte alignment */
474 
475  /* probe the buffer */
476  if (PreviousMode != KernelMode)
477  {
478  _SEH2_TRY
479  {
480  ProbeForRead(Src,
481  BufferSize,
482  sizeof(ULONG));
483  }
485  {
486  /* Return the exception code */
488  }
489  _SEH2_END;
490  }
491 
492  /* allocate enough memory or check if the provided buffer is
493  large enough to hold the array */
494  if (AllocatedMem != NULL)
495  {
496  if (AllocatedLength < BufferSize)
497  {
499  }
500 
501  *Dest = AllocatedMem;
502  }
503  else
504  {
506  BufferSize,
507  TAG_LUID);
508  if (*Dest == NULL)
509  {
511  }
512  }
513 
514  /* copy the array to the buffer */
515  _SEH2_TRY
516  {
517  RtlCopyMemory(*Dest,
518  Src,
519  BufferSize);
520  }
522  {
524  }
525  _SEH2_END;
526 
527  if (!NT_SUCCESS(Status) && AllocatedMem == NULL)
528  {
529  ExFreePoolWithTag(*Dest, TAG_LUID);
530  }
531 
532  return Status;
533 }
534 
552 VOID
553 NTAPI
557  _In_ BOOLEAN CaptureIfKernel)
558 {
559  PAGED_CODE();
560 
561  if (Privilege != NULL &&
562  (PreviousMode != KernelMode || CaptureIfKernel))
563  {
565  }
566 }
567 
568 /* PUBLIC FUNCTIONS ***********************************************************/
569 
586 NTSTATUS
587 NTAPI
591 {
592  PAUX_ACCESS_DATA AuxData;
593  ULONG OldPrivilegeSetSize;
594  ULONG NewPrivilegeSetSize;
595  PPRIVILEGE_SET PrivilegeSet;
596 
597  PAGED_CODE();
598 
599  /* Get the Auxiliary Data */
600  AuxData = AccessState->AuxData;
601 
602  /* Calculate the size of the old privilege set */
603  OldPrivilegeSetSize = sizeof(PRIVILEGE_SET) +
604  (AuxData->PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
605 
606  if (AuxData->PrivilegeSet->PrivilegeCount +
607  Privileges->PrivilegeCount > INITIAL_PRIVILEGE_COUNT)
608  {
609  /* Calculate the size of the new privilege set */
610  NewPrivilegeSetSize = OldPrivilegeSetSize +
611  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
612 
613  /* Allocate a new privilege set */
614  PrivilegeSet = ExAllocatePoolWithTag(PagedPool,
615  NewPrivilegeSetSize,
617  if (PrivilegeSet == NULL)
619 
620  /* Copy original privileges from the acess state */
621  RtlCopyMemory(PrivilegeSet,
622  AuxData->PrivilegeSet,
623  OldPrivilegeSetSize);
624 
625  /* Append privileges from the privilege set*/
626  RtlCopyMemory((PVOID)((ULONG_PTR)PrivilegeSet + OldPrivilegeSetSize),
628  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
629 
630  /* Adjust the number of privileges in the new privilege set */
631  PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
632 
633  /* Free the old privilege set if it was allocated */
634  if (AccessState->PrivilegesAllocated != FALSE)
636 
637  /* Now we are using an allocated privilege set */
638  AccessState->PrivilegesAllocated = TRUE;
639 
640  /* Assign the new privileges to the access state */
641  AuxData->PrivilegeSet = PrivilegeSet;
642  }
643  else
644  {
645  /* Append privileges */
646  RtlCopyMemory((PVOID)((ULONG_PTR)AuxData->PrivilegeSet + OldPrivilegeSetSize),
648  Privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
649 
650  /* Adjust the number of privileges in the target privilege set */
651  AuxData->PrivilegeSet->PrivilegeCount += Privileges->PrivilegeCount;
652  }
653 
654  return STATUS_SUCCESS;
655 }
656 
667 VOID
668 NTAPI
671 {
672  PAGED_CODE();
674 }
675 
696 BOOLEAN
697 NTAPI
702 {
704 
705  PAGED_CODE();
706 
707  if (SubjectContext->ClientToken == NULL)
708  {
709  Token = SubjectContext->PrimaryToken;
710  }
711  else
712  {
713  Token = SubjectContext->ClientToken;
714  if (SubjectContext->ImpersonationLevel < 2)
715  {
716  return FALSE;
717  }
718  }
719 
720  return SepPrivilegeCheck(Token,
721  Privileges->Privilege,
722  Privileges->PrivilegeCount,
723  Privileges->Control,
724  PreviousMode);
725 }
726 
742 BOOLEAN
743 NTAPI
745  _In_ LUID PrivilegeValue,
747 {
749  PRIVILEGE_SET Priv;
750  BOOLEAN Result;
751 
752  PAGED_CODE();
753 
755 
756  Priv.PrivilegeCount = 1;
758  Priv.Privilege[0].Luid = PrivilegeValue;
760 
761  Result = SePrivilegeCheck(&Priv,
763  PreviousMode);
764 
765  if (PreviousMode != KernelMode)
766  {
769  &Priv,
770  Result);
771 
772  }
773 
775 
776  return Result;
777 }
778 
801 BOOLEAN
802 NTAPI
804  _In_ LUID PrivilegeValue,
805  _In_ HANDLE ObjectHandle,
808 {
810  PRIVILEGE_SET Priv;
811  BOOLEAN Result;
812 
813  PAGED_CODE();
814 
816 
817  Priv.PrivilegeCount = 1;
819  Priv.Privilege[0].Luid = PrivilegeValue;
821 
823  if (PreviousMode != KernelMode)
824  {
825 #if 0
826  SePrivilegeObjectAuditAlarm(ObjectHandle,
829  &PrivilegeValue,
830  Result,
831  PreviousMode);
832 #endif
833  }
834 
836 
837  return Result;
838 }
839 
840 /* SYSTEM CALLS ***************************************************************/
841 
866 NTSTATUS
867 NTAPI
869  _In_ HANDLE ClientToken,
870  _In_ PPRIVILEGE_SET RequiredPrivileges,
872 {
874  PTOKEN Token;
875  ULONG PrivilegeCount = 0;
876  ULONG PrivilegeControl = 0;
877  ULONG Length;
878  BOOLEAN CheckResult;
881 
882  PAGED_CODE();
883 
885 
886  /* probe the buffers */
887  if (PreviousMode != KernelMode)
888  {
889  _SEH2_TRY
890  {
891  ProbeForWrite(RequiredPrivileges,
893  Privilege),
894  sizeof(ULONG));
895 
896  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
897  PrivilegeControl = RequiredPrivileges->Control;
898 
899  /* Check PrivilegeCount to avoid an integer overflow! */
901  Privilege[PrivilegeCount]) /
902  sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
903  {
905  }
906 
907  /* probe all of the array */
908  ProbeForWrite(RequiredPrivileges,
910  Privilege[PrivilegeCount]),
911  sizeof(ULONG));
912 
914  }
916  {
917  /* Return the exception code */
919  }
920  _SEH2_END;
921  }
922  else
923  {
924  PrivilegeCount = RequiredPrivileges->PrivilegeCount;
925  PrivilegeControl = RequiredPrivileges->Control;
926  }
927 
928  /* reference the token and make sure we're
929  not doing an anonymous impersonation */
930  Status = ObReferenceObjectByHandle(ClientToken,
931  TOKEN_QUERY,
933  PreviousMode,
934  (PVOID*)&Token,
935  NULL);
936  if (!NT_SUCCESS(Status))
937  {
938  return Status;
939  }
940 
941  if (Token->TokenType == TokenImpersonation &&
942  Token->ImpersonationLevel < SecurityIdentification)
943  {
946  }
947 
948  /* capture the privileges */
949  Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
950  PrivilegeCount,
951  PreviousMode,
952  NULL,
953  0,
954  PagedPool,
955  TRUE,
956  &Privileges,
957  &Length);
958  if (!NT_SUCCESS(Status))
959  {
961  return Status;
962  }
963 
964  CheckResult = SepPrivilegeCheck(Token,
965  Privileges,
966  PrivilegeCount,
967  PrivilegeControl,
968  PreviousMode);
969 
971 
972  /* return the array */
973  _SEH2_TRY
974  {
975  RtlCopyMemory(RequiredPrivileges->Privilege,
976  Privileges,
977  PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
978  *Result = CheckResult;
980  }
982  {
984  }
985  _SEH2_END;
986 
988  PreviousMode,
989  TRUE);
990 
991  return Status;
992 }
993 
994 /* EOF */
#define SE_CREATE_PERMANENT_PRIVILEGE
Definition: security.c:670
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:234
const LUID SeLoadDriverPrivilege
Definition: priv.c:29
const LUID SeSyncAgentPrivilege
Definition: priv.c:45
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
const LUID SeCreatePagefilePrivilege
Definition: priv.c:34
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
const LUID SeTimeZonePrivilege
Definition: priv.c:53
#define SE_INC_WORKING_SET_PRIVILEGE
Definition: setypes.h:199
#define ROUND_UP(n, align)
Definition: eventvwr.h:31
#define _In_opt_
Definition: ms_sal.h:309
struct _PRIVILEGE_SET PRIVILEGE_SET
#define _Inout_
Definition: ms_sal.h:378
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
#define SE_CREATE_TOKEN_PRIVILEGE
Definition: security.c:656
#define _Out_
Definition: ms_sal.h:345
#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
Definition: setypes.h:201
#define SE_LOCK_MEMORY_PRIVILEGE
Definition: security.c:658
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
const LUID SeRestorePrivilege
Definition: priv.c:37
BOOLEAN NTAPI SeCheckPrivilegedObject(_In_ LUID PrivilegeValue, _In_ HANDLE ObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE PreviousMode)
Checks a privileged object if such object has the specific privilege submitted by the caller.
Definition: priv.c:803
#define KeGetPreviousMode()
Definition: ketypes.h:1107
LONG NTSTATUS
Definition: precomp.h:26
#define SE_DEBUG_PRIVILEGE
Definition: security.c:674
#define SE_LOAD_DRIVER_PRIVILEGE
Definition: security.c:664
const LUID SeTcbPrivilege
Definition: priv.c:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define SE_RESTORE_PRIVILEGE
Definition: security.c:672
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define SE_SYSTEMTIME_PRIVILEGE
Definition: security.c:666
#define SE_TAKE_OWNERSHIP_PRIVILEGE
Definition: security.c:663
#define SE_SYNC_AGENT_PRIVILEGE
Definition: security.c:680
const LUID SeAuditPrivilege
Definition: priv.c:40
$ULONG Control
Definition: setypes.h:87
#define WRITE_OWNER
Definition: nt_native.h:60
#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE
Definition: setypes.h:197
const LUID SeCreatePermanentPrivilege
Definition: priv.c:35
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_opt_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
Captures a LUID with attributes structure. This function is mainly tied in the context of privileges.
Definition: priv.c:438
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:32
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
Definition: create.c:4226
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define SE_TCB_PRIVILEGE
Definition: security.c:661
const LUID SeImpersonatePrivilege
Definition: priv.c:48
#define FALSE
Definition: types.h:117
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
const LUID SeShutdownPrivilege
Definition: priv.c:38
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83
#define SE_CREATE_GLOBAL_PRIVILEGE
Definition: security.c:684
const LUID SeRemoteShutdownPrivilege
Definition: priv.c:43
unsigned char BOOLEAN
BOOLEAN NTAPI SepPrivilegeCheck(_In_ PTOKEN Token, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_ ULONG PrivilegeCount, _In_ ULONG PrivilegeControl, _In_ KPROCESSOR_MODE PreviousMode)
Checks the privileges pointed by Privileges array argument if they exist and match with the privilege...
Definition: priv.c:104
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
#define SE_RELABEL_PRIVILEGE
Definition: setypes.h:198
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
#define _In_
Definition: ms_sal.h:308
#define SE_TIME_ZONE_PRIVILEGE
Definition: setypes.h:200
const LUID SeUnsolicitedInputPrivilege
Definition: priv.c:25
#define SE_UNDOCK_PRIVILEGE
Definition: security.c:679
#define SE_SHUTDOWN_PRIVILEGE
Definition: security.c:673
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
$ULONG PrivilegeCount
Definition: setypes.h:86
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
const LUID SeBackupPrivilege
Definition: priv.c:36
#define SE_CREATE_PAGEFILE_PRIVILEGE
Definition: security.c:669
Status
Definition: gdiplustypes.h:24
BOOLEAN NTAPI SepSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ PTOKEN Token, _In_ KPROCESSOR_MODE PreviousMode)
Checks only single privilege based upon the privilege pointed by a LUID and if it matches with the on...
Definition: priv.c:190
#define SE_INCREASE_QUOTA_PRIVILEGE
Definition: security.c:659
NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
Checks a client access token if it has the required set of privileges.
Definition: priv.c:868
#define SE_CHANGE_NOTIFY_PRIVILEGE
Definition: security.c:677
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33
#define SE_SECURITY_PRIVILEGE
Definition: security.c:662
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
const LUID SeSecurityPrivilege
Definition: priv.c:27
#define TOKEN_QUERY
Definition: setypes.h:893
NTSTATUS NTAPI SePrivilegePolicyCheck(_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
Checks the security policy and returns a set of privileges based upon the said security policy contex...
Definition: priv.c:244
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
const LUID SeSystemProfilePrivilege
Definition: priv.c:30
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Performs an audit alarm to a privileged service request.
Definition: audit.c:369
#define TAG_LUID
Definition: tag.h:178
INT POOL_TYPE
Definition: typedefs.h:78
_In_ WDFCOLLECTION _In_ ULONG Index
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: access.c:434
#define ObDereferenceObject
Definition: obfuncs.h:203
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
#define SE_REMOTE_SHUTDOWN_PRIVILEGE
Definition: security.c:678
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:22
const LUID SeChangeNotifyPrivilege
Definition: priv.c:42
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
#define CONST_LUID(x1, x2)
Definition: priv.c:20
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
const LUID SeSystemtimePrivilege
Definition: priv.c:31
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
const LUID SeCreateSymbolicLinkPrivilege
Definition: priv.c:54
BOOLEAN NTAPI SeCheckAuditPrivilege(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks a single privilege and performs an audit against a privileged service based on a security subj...
Definition: priv.c:360
char * PBOOLEAN
Definition: retypes.h:11
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
const LUID SeCreateGlobalPrivilege
Definition: priv.c:49
#define SepReleaseTokenLock(Token)
Definition: se.h:231
const LUID SeLockMemoryPrivilege
Definition: priv.c:23
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:24
#define SE_INC_BASE_PRIORITY_PRIVILEGE
Definition: security.c:668
VOID NTAPI SePrivilegeObjectAuditAlarm(_In_ HANDLE Handle, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE CurrentMode)
Raises an audit with alarm notification message when an object tries to acquire this privilege.
Definition: audit.c:1422
const LUID SeUndockPrivilege
Definition: priv.c:44
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
#define SE_ENABLE_DELEGATION_PRIVILEGE
Definition: security.c:681
const LUID SeIncreaseWorkingSetPrivilege
Definition: priv.c:52
const LUID SeDebugPrivilege
Definition: priv.c:39
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define SE_IMPERSONATE_PRIVILEGE
Definition: security.c:683
_SEH2_END
Definition: create.c:4400
#define SE_MANAGE_VOLUME_PRIVILEGE
Definition: security.c:682
const LUID SeCreateTokenPrivilege
Definition: priv.c:21
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:28
#define SE_MAXIMUM_PRIVILEGE_LIMIT
Definition: priv.c:18
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define _Out_opt_
Definition: ms_sal.h:346
#define SE_SYSTEM_PROFILE_PRIVILEGE
Definition: security.c:665
const LUID SeManageVolumePrivilege
Definition: priv.c:47
unsigned int * PULONG
Definition: retypes.h:1
#define NULL
Definition: types.h:112
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:159
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE
Definition: security.c:667
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: access.c:520
BOOLEAN NTAPI SePrivilegeCheck(_In_ PPRIVILEGE_SET Privileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a set of privileges exist and match within a security subject context.
Definition: priv.c:698
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
#define SepAcquireTokenLockShared(Token)
Definition: se.h:225
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE
Definition: security.c:676
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
Definition: security.c:657
unsigned int ULONG
Definition: retypes.h:1
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define SE_BACKUP_PRIVILEGE
Definition: security.c:671
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
const LUID SeEnableDelegationPrivilege
Definition: priv.c:46
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define TAG_PRIVILEGE_SET
Definition: tag.h:180
#define STATUS_SUCCESS
Definition: shellext.h:65
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
const LUID SeRelabelPrivilege
Definition: priv.c:51
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
Definition: newmm.h:38
#define DPRINT
Definition: sndvol32.h:71
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:41
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
VOID NTAPI SepInitPrivileges(VOID)
Initializes the privileges during the startup phase of the security manager module....
Definition: priv.c:71
#define SE_AUDIT_PRIVILEGE
Definition: security.c:675
static CODE_SEG("PAGE")
Definition: isapnp.c:1482
NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define BufferSize
Definition: mmc.h:75
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:251
const LUID SeTrustedCredmanPrivilege
Definition: priv.c:50
#define PAGED_CODE()