18 #define CONST_LUID(x1, x2) {x1, x2} 71 ULONG PrivilegeControl,
78 DPRINT(
"SepPrivilegeCheck() called\n");
92 for (
i = 0;
i < PrivilegeCount;
i++)
95 for (
j = 0;
j <
Token->PrivilegeCount;
j++)
100 DPRINT(
"Found privilege. Attributes: %lx\n",
101 Token->Privileges[
j].Attributes);
211 if (OutPrivilegeSet !=
NULL)
214 if (PrivilegeCount > 0)
219 *OutPrivilegeSet = PrivilegeSet;
220 if (PrivilegeSet ==
NULL)
244 *OutPrivilegeSet =
NULL;
288 ULONG PrivilegeCount,
291 ULONG AllocatedLength,
302 if (PrivilegeCount == 0)
340 if (AllocatedMem !=
NULL)
347 *Dest = AllocatedMem;
407 ULONG OldPrivilegeSetSize;
408 ULONG NewPrivilegeSetSize;
424 NewPrivilegeSetSize = OldPrivilegeSetSize +
431 if (PrivilegeSet ==
NULL)
437 OldPrivilegeSetSize);
602 ULONG PrivilegeCount = 0;
603 ULONG PrivilegeControl = 0;
623 PrivilegeCount = RequiredPrivileges->PrivilegeCount;
624 PrivilegeControl = RequiredPrivileges->Control;
629 sizeof(RequiredPrivileges->Privilege[0]) != PrivilegeCount)
651 PrivilegeCount = RequiredPrivileges->PrivilegeCount;
652 PrivilegeControl = RequiredPrivileges->Control;
#define SE_CREATE_PERMANENT_PRIVILEGE
PPRIVILEGE_SET PrivilegeSet
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
const LUID SeLoadDriverPrivilege
const LUID SeSyncAgentPrivilege
#define STATUS_PRIVILEGE_NOT_HELD
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
#define STATUS_BAD_IMPERSONATION_LEVEL
const LUID SeCreatePagefilePrivilege
#define STATUS_INSUFFICIENT_RESOURCES
NTSTATUS NTAPI NtPrivilegeCheck(IN HANDLE ClientToken, IN PPRIVILEGE_SET RequiredPrivileges, OUT PBOOLEAN Result)
_In_ ULONG _In_ ULONG _In_ ULONG Length
const LUID SeTimeZonePrivilege
#define SE_INC_WORKING_SET_PRIVILEGE
#define ROUND_UP(n, align)
struct _PRIVILEGE_SET PRIVILEGE_SET
#define ACCESS_SYSTEM_SECURITY
#define SE_CREATE_TOKEN_PRIVILEGE
#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
#define SE_LOCK_MEMORY_PRIVILEGE
#define STATUS_INVALID_PARAMETER
const LUID SeRestorePrivilege
#define KeGetPreviousMode()
#define SE_DEBUG_PRIVILEGE
#define SE_LOAD_DRIVER_PRIVILEGE
const LUID SeTcbPrivilege
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define SE_RESTORE_PRIVILEGE
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define SE_SYSTEMTIME_PRIVILEGE
#define SE_TAKE_OWNERSHIP_PRIVILEGE
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
#define SE_SYNC_AGENT_PRIVILEGE
const LUID SeAuditPrivilege
#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE
const LUID SeCreatePermanentPrivilege
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
const LUID SeProfileSingleProcessPrivilege
#define STATUS_BUFFER_TOO_SMALL
BOOLEAN NTAPI SeCheckPrivilegedObject(IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
#define SE_PRIVILEGE_ENABLED
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
const LUID SeImpersonatePrivilege
#define RtlEqualLuid(Luid1, Luid2)
const LUID SeShutdownPrivilege
#define PRIVILEGE_SET_ALL_NECESSARY
#define SE_CREATE_GLOBAL_PRIVILEGE
#define EXCEPTION_EXECUTE_HANDLER
NTSTATUS NTAPI SeAppendPrivileges(IN OUT PACCESS_STATE AccessState, IN PPRIVILEGE_SET Privileges)
const LUID SeRemoteShutdownPrivilege
POBJECT_TYPE SeTokenObjectType
#define SE_RELABEL_PRIVILEGE
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
#define SE_TIME_ZONE_PRIVILEGE
const LUID SeUnsolicitedInputPrivilege
#define SE_UNDOCK_PRIVILEGE
#define SE_SHUTDOWN_PRIVILEGE
#define SE_PRIVILEGE_USED_FOR_ACCESS
NTSTATUS NTAPI SepSinglePrivilegeCheck(LUID PrivilegeValue, PTOKEN Token, KPROCESSOR_MODE PreviousMode)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
const LUID SeBackupPrivilege
#define SE_CREATE_PAGEFILE_PRIVILEGE
#define SE_INCREASE_QUOTA_PRIVILEGE
#define SE_CHANGE_NOTIFY_PRIVILEGE
const LUID SeIncreaseBasePriorityPrivilege
#define SE_SECURITY_PRIVILEGE
_In_ KPROCESSOR_MODE PreviousMode
const LUID SeSecurityPrivilege
#define _SEH2_YIELD(STMT_)
NTSTATUS NTAPI SePrivilegePolicyCheck(_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
BOOLEAN NTAPI SepPrivilegeCheck(PTOKEN Token, PLUID_AND_ATTRIBUTES Privileges, ULONG PrivilegeCount, ULONG PrivilegeControl, KPROCESSOR_MODE PreviousMode)
#define NT_SUCCESS(StatCode)
const LUID SeSystemProfilePrivilege
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
_In_ WDFCOLLECTION _In_ ULONG Index
#define ObDereferenceObject
_In_ ACCESS_MASK AccessMask
#define SE_REMOTE_SHUTDOWN_PRIVILEGE
#define ProbeForWriteBoolean(Ptr)
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
const LUID SeAssignPrimaryTokenPrivilege
const LUID SeChangeNotifyPrivilege
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
#define CONST_LUID(x1, x2)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
const LUID SeSystemtimePrivilege
#define ExAllocatePoolWithTag(hernya, size, tag)
const LUID SeCreateSymbolicLinkPrivilege
BOOLEAN NTAPI SeCheckAuditPrivilege(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
const LUID SeCreateGlobalPrivilege
#define SepReleaseTokenLock(Token)
const LUID SeLockMemoryPrivilege
const LUID SeIncreaseQuotaPrivilege
#define SE_INC_BASE_PRIORITY_PRIVILEGE
const LUID SeUndockPrivilege
BOOLEAN NTAPI SePrivilegeCheck(PPRIVILEGE_SET Privileges, PSECURITY_SUBJECT_CONTEXT SubjectContext, KPROCESSOR_MODE PreviousMode)
#define SE_ENABLE_DELEGATION_PRIVILEGE
const LUID SeIncreaseWorkingSetPrivilege
const LUID SeDebugPrivilege
#define SE_IMPERSONATE_PRIVILEGE
#define SE_MANAGE_VOLUME_PRIVILEGE
const LUID SeCreateTokenPrivilege
VOID NTAPI SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
const LUID SeTakeOwnershipPrivilege
VOID NTAPI SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege, KPROCESSOR_MODE PreviousMode, BOOLEAN CaptureIfKernel)
#define FIELD_OFFSET(t, f)
#define SE_SYSTEM_PROFILE_PRIVILEGE
const LUID SeManageVolumePrivilege
#define INITIAL_PRIVILEGE_COUNT
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src, ULONG PrivilegeCount, KPROCESSOR_MODE PreviousMode, PLUID_AND_ATTRIBUTES AllocatedMem, ULONG AllocatedLength, POOL_TYPE PoolType, BOOLEAN CaptureIfKernel, PLUID_AND_ATTRIBUTES *Dest, PULONG Length)
#define SepAcquireTokenLockShared(Token)
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
VOID NTAPI SePrivilegeObjectAuditAlarm(IN HANDLE Handle, IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN ACCESS_MASK DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted, IN KPROCESSOR_MODE CurrentMode)
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
ACCESS_MASK * PACCESS_MASK
#define SE_BACKUP_PRIVILEGE
#define RtlCopyMemory(Destination, Source, Length)
const LUID SeEnableDelegationPrivilege
#define _SEH2_EXCEPT(...)
#define TAG_PRIVILEGE_SET
#define ExFreePoolWithTag(_P, _T)
#define _SEH2_GetExceptionCode()
const LUID SeRelabelPrivilege
struct _MEMORY_AREA struct _MM_REQUIRED_RESOURCES * Required
const LUID SeSystemEnvironmentPrivilege
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
VOID NTAPI SepInitPrivileges(VOID)
#define SE_AUDIT_PRIVILEGE
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
const LUID SeTrustedCredmanPrivilege