Include dependency graph for token.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
Functions | |
| static NTSTATUS | SepCreateTokenLock (_Inout_ PTOKEN Token) |
| Creates a lock for the token. More... | |
| static VOID | SepDeleteTokenLock (_Inout_ PTOKEN Token) |
| Deletes a lock of a token. More... | |
| static BOOLEAN | SepCompareSidAndAttributesFromTokens (_In_ PSID_AND_ATTRIBUTES SidArrayToken1, _In_ ULONG CountSidArray1, _In_ PSID_AND_ATTRIBUTES SidArrayToken2, _In_ ULONG CountSidArray2) |
| Compares the elements of SID arrays provided by tokens. The elements that are being compared for equality are the SIDs and their attributes. More... | |
| static BOOLEAN | SepComparePrivilegeAndAttributesFromTokens (_In_ PLUID_AND_ATTRIBUTES PrivArrayToken1, _In_ ULONG CountPrivArray1, _In_ PLUID_AND_ATTRIBUTES PrivArrayToken2, _In_ ULONG CountPrivArray2) |
| Compares the elements of privilege arrays provided by tokens. The elements that are being compared for equality are the privileges and their attributes. More... | |
| static NTSTATUS | SepCompareTokens (_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal) |
| Compares tokens if they're equal based on all the following properties. If all of the said conditions are met then the tokens are deemed as equal. More... | |
| static NTSTATUS | SepImpersonateAnonymousToken (_In_ PETHREAD Thread, _In_ KPROCESSOR_MODE PreviousMode) |
| Private function that impersonates the system's anonymous logon token. The major bulk of the impersonation procedure is done here. More... | |
| static VOID | SepUpdateSinglePrivilegeFlagToken (_Inout_ PTOKEN Token, _In_ ULONG Index) |
| Updates the token's flags based upon the privilege that the token has been granted. The flag can either be taken out or given to the token if the attributes of the specified privilege is enabled or not. More... | |
| static VOID | SepUpdatePrivilegeFlagsToken (_Inout_ PTOKEN Token) |
| Updates the token's flags based upon the privilege that the token has been granted. The function uses the private helper, SepUpdateSinglePrivilegeFlagToken, in order to update the flags of a token. More... | |
| static VOID | SepRemovePrivilegeToken (_Inout_ PTOKEN Token, _In_ ULONG Index) |
| Removes a privilege from the token. More... | |
| static VOID | SepRemoveUserGroupToken (_Inout_ PTOKEN Token, _In_ ULONG Index) |
| Removes a group from the token. More... | |
| VOID NTAPI | SepFreeProxyData (_Inout_ PVOID ProxyData) |
| Frees (de-allocates) the proxy data memory block of a token. More... | |
| NTSTATUS NTAPI | SepCopyProxyData (_Out_ PVOID *Dest, _In_ PVOID Src) |
| Copies the proxy data from the source into the destination of a token. More... | |
| NTSTATUS NTAPI | SeExchangePrimaryToken (_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken) |
| Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new access token. The new access token must be a primary token for use. More... | |
| VOID NTAPI | SeDeassignPrimaryToken (_Inout_ PEPROCESS Process) |
| Removes the primary token of a process. More... | |
| static ULONG | RtlLengthSidAndAttributes (_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src) |
| Computes the length size of a SID. More... | |
| static NTSTATUS | SepFindPrimaryGroupAndDefaultOwner (_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex) |
| Finds the primary group and default owner entity based on the submitted primary group instance and an access token. More... | |
| NTSTATUS NTAPI | SepDuplicateToken (_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken) |
| Duplicates an access token, from an existing valid token. More... | |
| NTSTATUS NTAPI | SeSubProcessToken (_In_ PTOKEN ParentToken, _Out_ PTOKEN *Token, _In_ BOOLEAN InUse, _In_ ULONG SessionId) |
| Subtracts a token in exchange of duplicating a new one. More... | |
| NTSTATUS NTAPI | SeIsTokenChild (_In_ PTOKEN Token, _Out_ PBOOLEAN IsChild) |
| Checks if the token is a child of the other token of the current process that the calling thread is invoking this function. More... | |
| NTSTATUS NTAPI | SeIsTokenSibling (_In_ PTOKEN Token, _Out_ PBOOLEAN IsSibling) |
| Checks if the token is a sibling of the other token of the current process that the calling thread is invoking this function. More... | |
| NTSTATUS NTAPI | SeCopyClientToken (_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken) |
| Copies an existing access token (technically duplicating a new one). More... | |
| VOID NTAPI | SepDeleteToken (_In_ PVOID ObjectBody) |
| Internal function that deals with access token object destruction and deletion. The function is used solely by the object manager mechanism that handles the life management of a token object. More... | |
| VOID NTAPI | SepInitializeTokenImplementation (VOID) |
| Internal function that initializes critical kernel data for access token implementation in SRM. More... | |
| VOID NTAPI | SeAssignPrimaryToken (_In_ PEPROCESS Process, _In_ PTOKEN Token) |
| Assigns a primary access token to a given process. More... | |
| NTSTATUS NTAPI | SepCreateToken (_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken) |
| Internal function responsible for access token object creation in the kernel. A fully created token objected is inserted into the token handle, thus the handle becoming a valid handle to an access token object and ready for use. More... | |
| static NTSTATUS | SepPerformTokenFiltering (_In_ PTOKEN Token, _In_opt_ PLUID_AND_ATTRIBUTES PrivilegesToBeDeleted, _In_opt_ PSID_AND_ATTRIBUTES SidsToBeDisabled, _In_opt_ PSID_AND_ATTRIBUTES RestrictedSidsIntoToken, _When_(PrivilegesToBeDeleted !=NULL, _In_) ULONG PrivilegesCount, _When_(SidsToBeDisabled !=NULL, _In_) ULONG RegularGroupsSidCount, _When_(RestrictedSidsIntoToken !=NULL, _In_) ULONG RestrictedSidsCount, _In_ ULONG PrivilegeFlags, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *FilteredToken) |
| Private helper function responsible for creating a restricted access token, that is, a filtered token from privileges and groups and with restricted SIDs added into the token on demand by the caller. More... | |
| PTOKEN NTAPI | SepCreateSystemProcessToken (VOID) |
| Creates the system process token. More... | |
| PTOKEN | SepCreateSystemAnonymousLogonToken (VOID) |
| Creates the anonymous logon token for the system. The difference between this token and the other one is the inclusion of everyone SID group (being SeWorldSid). The other token lacks such group. More... | |
| PTOKEN | SepCreateSystemAnonymousLogonTokenNoEveryone (VOID) |
| Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID group (being SeWorldSid). More... | |
| NTSTATUS NTAPI | SeFilterToken (_In_ PACCESS_TOKEN ExistingToken, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PACCESS_TOKEN *FilteredToken) |
| Filters an access token from an existing token, making it more restricted than the previous one. More... | |
| NTSTATUS NTAPI | SeQueryInformationToken (_In_ PACCESS_TOKEN AccessToken, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation) |
| Queries information details about the given token to the call. The difference between NtQueryInformationToken and this routine is that the system call has user mode buffer data probing and additional protection checks whereas this routine doesn't have any of these. The routine is used exclusively in kernel mode. More... | |
| NTSTATUS NTAPI | SeQuerySessionIdToken (_In_ PACCESS_TOKEN Token, _Out_ PULONG pSessionId) |
| Queries the session ID of an access token. More... | |
| NTSTATUS NTAPI | SeQueryAuthenticationIdToken (_In_ PACCESS_TOKEN Token, _Out_ PLUID LogonId) |
| Queries the authentication ID of an access token. More... | |
| SECURITY_IMPERSONATION_LEVEL NTAPI | SeTokenImpersonationLevel (_In_ PACCESS_TOKEN Token) |
| Gathers the security impersonation level of an access token. More... | |
| TOKEN_TYPE NTAPI | SeTokenType (_In_ PACCESS_TOKEN Token) |
| Gathers the token type of an access token. A token ca be either a primary token or impersonation token. More... | |
| BOOLEAN NTAPI | SeTokenIsAdmin (_In_ PACCESS_TOKEN Token) |
| Determines if a token is either an admin token or not. Such condition is checked based upon TOKEN_HAS_ADMIN_GROUP flag, which means if the respective access token belongs to an administrator group or not. More... | |
| BOOLEAN NTAPI | SeTokenIsRestricted (_In_ PACCESS_TOKEN Token) |
| Determines if a token is restricted or not, based upon the token flags. More... | |
| BOOLEAN NTAPI | SeTokenIsWriteRestricted (_In_ PACCESS_TOKEN Token) |
| Determines if a token is write restricted, that is, nobody can write anything to it. More... | |
| BOOLEAN NTAPI | SeTokenCanImpersonate (_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel) |
| Ensures that client impersonation can occur by checking if the token we're going to assign as the impersonation token can be actually impersonated in the first place. The routine is used primarily by PsImpersonateClient. More... | |
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI | NtQueryInformationToken (_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength) |
| Queries a specific type of information in regard of an access token based upon the information class. The calling thread must have specific access rights in order to obtain specific information about the token. More... | |
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI | NtSetInformationToken (_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength) |
| Sets (modifies) some specific information in regard of an access token. The calling thread must have specific access rights in order to modify token's information data. More... | |
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI | NtDuplicateToken (_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle) |
| Duplicates a token. More... | |
| static NTSTATUS | SepAdjustGroups (_In_ PTOKEN Token, _In_opt_ PSID_AND_ATTRIBUTES NewState, _In_ ULONG NewStateCount, _In_ BOOLEAN ApplyChanges, _In_ BOOLEAN ResetToDefaultStates, _Out_ PBOOLEAN ChangesMade, _Out_opt_ PTOKEN_GROUPS PreviousGroupsState, _Out_ PULONG ChangedGroups) |
| Private routine that iterates over the groups of an access token to be adjusted as per on request by the caller, where a group can be enabled or disabled. More... | |
| NTSTATUS NTAPI | NtAdjustGroupsToken (_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength) |
| Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilegesToken, this API routine does not remove groups. More... | |
| static NTSTATUS | SepAdjustPrivileges (_Inout_ PTOKEN Token, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PLUID_AND_ATTRIBUTES NewState, _In_ ULONG NewStateCount, _Out_opt_ PTOKEN_PRIVILEGES PreviousState, _In_ BOOLEAN ApplyChanges, _Out_ PULONG ChangedPrivileges, _Out_ PBOOLEAN ChangesMade) |
| Removes a certain amount of privileges of a token based upon the request by the caller. More... | |
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI | NtAdjustPrivilegesToken (_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength) |
| Removes a certain amount of privileges of a token based upon the request by the caller. More... | |
| __kernel_entry NTSTATUS NTAPI | NtCreateToken (_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource) |
| Creates an access token. More... | |
| NTSTATUS NTAPI | NtOpenThreadTokenEx (_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle) |
| Opens a token that is tied to a thread handle. More... | |
| NTSTATUS NTAPI | NtOpenThreadToken (_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle) |
| Opens a token that is tied to a thread handle. More... | |
| NTSTATUS NTAPI | NtCompareTokens (_In_ HANDLE FirstTokenHandle, _In_ HANDLE SecondTokenHandle, _Out_ PBOOLEAN Equal) |
| Compares tokens if they're equal or not. More... | |
| NTSTATUS NTAPI | NtFilterToken (_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle) |
| Creates an access token in a restricted form from the original existing token, that is, such action is called filtering. More... | |
| NTSTATUS NTAPI | NtImpersonateAnonymousToken (_In_ HANDLE ThreadHandle) |
| Allows the calling thread to impersonate the system's anonymous logon token. More... | |
Variables | |
| POBJECT_TYPE | SeTokenObjectType = NULL |
| TOKEN_SOURCE | SeSystemTokenSource = {"*SYSTEM*", {0}} |
| LUID | SeSystemAuthenticationId = SYSTEM_LUID |
| LUID | SeAnonymousAuthenticationId = ANONYMOUS_LOGON_LUID |
| static GENERIC_MAPPING | SepTokenMapping |
| static const INFORMATION_CLASS_INFO | SeTokenInformationClass [] |
Macro Definition Documentation
◆ NDEBUG
Function Documentation
◆ NtAdjustGroupsToken()
| NTSTATUS NTAPI NtAdjustGroupsToken | ( | _In_ HANDLE | TokenHandle, |
| _In_ BOOLEAN | ResetToDefault, | ||
| _In_ PTOKEN_GROUPS | NewState, | ||
| _In_ ULONG | BufferLength, | ||
| _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS | PreviousState, | ||
| _When_(PreviousState !=NULL, _Out_) PULONG | ReturnLength | ||
| ) |
Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilegesToken, this API routine does not remove groups.
- Parameters
-
[in] TokenHandle Token handle where the list of groups SID are to be adjusted. The access token must have TOKEN_ADJUST_GROUPS access right in order to change the groups in a token. The token must also have TOKEN_QUERY access right if the caller requests the previous states of groups list, that is, PreviousState is not NULL. [in] ResetToDefault If set to TRUE, the function resets the list of groups to default enabled and disabled states. NewState is ignored in this case. Otherwise if the parameter is set to FALSE, the function expects a new list of groups from NewState to be adjusted within the token. [in] NewState A new list of groups SID that the function will use it accordingly to modify the current list of groups SID of a token. [in] BufferLength The length size of the buffer that is pointed by the NewState parameter argument, in bytes. [out] PreviousState If specified, the function will return to the caller the old list of groups SID. If this parameter is NULL, ReturnLength must also be NULL. [out] ReturnLength If specified, the function will return the total size length of the old list of groups SIDs, in bytes.
- Returns
- STATUS_SUCCESS is returned if the function has successfully adjusted the token's groups. STATUS_INVALID_PARAMETER is returned if the caller has submitted one or more invalid parameters, that is, the caller didn't want to reset the groups to default state but no NewState argument list has been provided. STATUS_BUFFER_TOO_SMALL is returned if the buffer length given by the caller is smaller than the required length size. A failure NTSTATUS code is returned otherwise.
Definition at line 5276 of file token.c.
5377 DPRINT1("NtAdjustGroupsToken(): Failed to capture the NewState list of groups (Status 0x%lx)\n", Status);
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
Definition: setypes.h:991
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID with attributes.
Definition: sid.c:768
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: ketypes.h:11
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
Definition: setypes.h:502
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Captures a SID with attributes.
Definition: sid.c:485
Definition: ketypes.h:867
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
static NTSTATUS SepAdjustGroups(_In_ PTOKEN Token, _In_opt_ PSID_AND_ATTRIBUTES NewState, _In_ ULONG NewStateCount, _In_ BOOLEAN ApplyChanges, _In_ BOOLEAN ResetToDefaultStates, _Out_ PBOOLEAN ChangesMade, _Out_opt_ PTOKEN_GROUPS PreviousGroupsState, _Out_ PULONG ChangedGroups)
Private routine that iterates over the groups of an access token to be adjusted as per on request by ...
Definition: token.c:5068
Definition: nsiface.idl:2306
Definition: setypes.h:207
Referenced by AdjustTokenGroups(), and START_TEST().
◆ NtAdjustPrivilegesToken()
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken | ( | _In_ HANDLE | TokenHandle, |
| _In_ BOOLEAN | DisableAllPrivileges, | ||
| _In_opt_ PTOKEN_PRIVILEGES | NewState, | ||
| _In_ ULONG | BufferLength, | ||
| _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES | PreviousState, | ||
| _When_(PreviousState!=NULL, _Out_) PULONG | ReturnLength | ||
| ) |
Removes a certain amount of privileges of a token based upon the request by the caller.
- Parameters
-
[in,out] Token Token handle where the privileges are about to be modified. [in] DisableAllPrivileges If set to TRUE, the function disables all the privileges. [in] NewState A new list of privileges that the function will use it accordingly to either disable or enable the said privileges and change them. [in] NewStateCount The new total number count of privileges. [out] PreviousState If specified, the function will return the previous state list of privileges. [in] ApplyChanges If set to TRUE, the function will immediatelly apply the changes onto the token's privileges. [out] ChangedPrivileges The returned count number of changed privileges. [out] ChangesMade If TRUE, the function has made changes to the token's privileges. FALSE otherwise.
- Returns
- Returns STATUS_SUCCESS if the function has successfully changed the list of privileges. STATUS_NOT_ALL_ASSIGNED is returned if not every privilege has been changed.
Definition at line 5695 of file token.c.
Definition: setypes.h:73
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
Definition: setypes.h:1000
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: ketypes.h:11
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
static NTSTATUS SepAdjustPrivileges(_Inout_ PTOKEN Token, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PLUID_AND_ATTRIBUTES NewState, _In_ ULONG NewStateCount, _Out_opt_ PTOKEN_PRIVILEGES PreviousState, _In_ BOOLEAN ApplyChanges, _Out_ PULONG ChangedPrivileges, _Out_ PBOOLEAN ChangesMade)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: token.c:5538
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Definition: ketypes.h:867
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
Definition: nsiface.idl:2306
Definition: setypes.h:207
Referenced by AdjustEnableDefaultPriv(), AdjustTokenPrivileges(), SmpAcquirePrivilege(), and SmpReleasePrivilege().
◆ NtCompareTokens()
| NTSTATUS NTAPI NtCompareTokens | ( | _In_ HANDLE | FirstTokenHandle, |
| _In_ HANDLE | SecondTokenHandle, | ||
| _Out_ PBOOLEAN | Equal | ||
| ) |
Compares tokens if they're equal or not.
- Parameters
-
[in] FirstToken The first token. [in] SecondToken The second token. [out] Equal The retrieved value which determines if the tokens are equal or not.
- Returns
- Returns STATUS_SUCCESS, otherwise it returns a failure NTSTATUS code.
Definition at line 6474 of file token.c.
Definition: ketypes.h:11
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
static NTSTATUS SepCompareTokens(_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal based on all the following properties. If all of the said conditions...
Definition: token.c:288
Definition: nsiface.idl:2306
Definition: fatprocs.h:1886
Definition: setypes.h:207
Referenced by START_TEST().
◆ NtCreateToken()
| __kernel_entry NTSTATUS NTAPI NtCreateToken | ( | _Out_ PHANDLE | TokenHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ TOKEN_TYPE | TokenType, | ||
| _In_ PLUID | AuthenticationId, | ||
| _In_ PLARGE_INTEGER | ExpirationTime, | ||
| _In_ PTOKEN_USER | TokenUser, | ||
| _In_ PTOKEN_GROUPS | TokenGroups, | ||
| _In_ PTOKEN_PRIVILEGES | TokenPrivileges, | ||
| _In_opt_ PTOKEN_OWNER | TokenOwner, | ||
| _In_ PTOKEN_PRIMARY_GROUP | TokenPrimaryGroup, | ||
| _In_opt_ PTOKEN_DEFAULT_DACL | TokenDefaultDacl, | ||
| _In_ PTOKEN_SOURCE | TokenSource | ||
| ) |
Creates an access token.
- Parameters
-
[out] TokenHandle The returned created token handle to the caller. [in] DesiredAccess The desired access rights for the token that we're creating. [in] ObjectAttributes The object attributes for the token object that we're creating. [in] TokenType The type of token to assign for the newly created token. [in] AuthenticationId Authentication ID that represents the token's identity. [in] ExpirationTime Expiration time for the token. If set to -1, the token never expires. [in] TokenUser The main user entity for the token to assign. [in] TokenGroups Group list of SIDs for the token to assign. [in] TokenPrivileges Privileges for the token. [in] TokenOwner The main user that owns the newly created token. [in] TokenPrimaryGroup The primary group that represents as the main group of the token. [in] TokenDefaultDacl Discretionary access control list for the token. This limits on how the token can be used, accessed and used by whom. [in] TokenSource The source origin of the token who creates it.
- Returns
- Returns STATUS_SUCCESS if the function has successfully created the token. A failure NTSTATUS code is returned otherwise.
Definition at line 5944 of file token.c.
Definition: setypes.h:944
Definition: setypes.h:73
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
Definition: setypes.h:1013
Definition: ketypes.h:866
Definition: setypes.h:991
Definition: ms-dtyp.idl:198
VOID NTAPI SepReleaseAcl(_In_ PACL CapturedAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases (frees) a captured ACL from the memory pool.
Definition: acl.c:459
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID with attributes.
Definition: sid.c:768
Definition: setypes.h:950
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
Definition: setypes.h:1000
Definition: umtypes.h:181
Definition: ms-dtyp.idl:293
NTSTATUS NTAPI SepCaptureSid(_In_ PSID InputSid, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID *CapturedSid)
Captures a SID.
Definition: sid.c:314
Definition: setypes.h:1009
Definition: ketypes.h:11
VOID NTAPI SepReleaseSid(_In_ PSID CapturedSid, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID.
Definition: sid.c:400
Definition: imports.h:273
Definition: devicetopology.idl:136
NTSTATUS NTAPI SepCaptureAcl(_In_ PACL InputAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PACL *CapturedAcl)
Captures an access control list from an already valid input ACL.
Definition: acl.c:352
Definition: setypes.h:948
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: token.c:1708
Definition: setypes.h:945
Definition: setypes.h:1005
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
Definition: setypes.h:502
Definition: lsa.idl:63
Definition: setypes.h:947
Definition: setypes.h:946
Definition: setypes.h:987
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Captures a SID with attributes.
Definition: sid.c:485
Definition: ketypes.h:867
Definition: imports.h:277
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
Definition: typedefs.h:102
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
Definition: setypes.h:949
Definition: imports.h:274
Definition: nsiface.idl:2306
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401
Referenced by LsapLogonUser().
◆ NtDuplicateToken()
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken | ( | _In_ HANDLE | ExistingTokenHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ BOOLEAN | EffectiveOnly, | ||
| _In_ TOKEN_TYPE | TokenType, | ||
| _Out_ PHANDLE | NewTokenHandle | ||
| ) |
Duplicates a token.
- Parameters
-
[in] ExistingTokenHandle An existing token to duplicate. [in] DesiredAccess The desired access rights for the new duplicated token. [in] ObjectAttributes Object attributes for the new duplicated token. [in] EffectiveOnly If set to TRUE, the function removes all the disabled privileges and groups of the token to duplicate. [in] TokenType Type of token to assign to the duplicated token. [out] NewTokenHandle The returned duplicated token handle.
- Returns
- STATUS_SUCCESS is returned if token duplication has completed successfully. STATUS_BAD_IMPERSONATION_LEVEL is returned if the caller erroneously wants to raise the impersonation level even though the conditions do not permit it. A failure NTSTATUS code is returned otherwise.
- Remarks
- Some sources claim 4th param is ImpersonationLevel, but on W2K this is certainly NOT true, although I can't say for sure that EffectiveOnly is correct either. -Gunnar This is true. EffectiveOnly overrides SQOS.EffectiveOnly. - IAI NOTE for readers: http://hex.pp.ua/nt/NtDuplicateToken.php is therefore wrong in that regard, while MSDN documentation is correct.
Definition at line 4853 of file token.c.
Definition: lsa.idl:57
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
Definition: iotypes.h:179
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: ketypes.h:11
Definition: lsa.idl:55
Definition: imports.h:273
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: token.c:995
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:401
_In_ ACCESS_MASK _In_opt_ POBJECT_TYPE _In_ KPROCESSOR_MODE _Out_ PVOID _Out_opt_ POBJECT_HANDLE_INFORMATION HandleInformation
Definition: obfuncs.h:40
Definition: lsa.idl:63
VOID NTAPI SepReleaseSecurityQualityOfService(_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases (frees) the captured SQOS data from an object in the memory pool.
Definition: sqos.c:225
Definition: ketypes.h:867
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2934
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
Definition: imports.h:274
Definition: nsiface.idl:2306
NTSTATUS NTAPI SepCaptureSecurityQualityOfService(_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
Captures the security quality of service data given the object attributes from an object.
Definition: sqos.c:52
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:401
Definition: setypes.h:207
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401
Referenced by CreateProcessAsUserCommon(), DuplicateTokenAsEffective(), DuplicateTokenEx(), and ImpersonateLoggedOnUser().
◆ NtFilterToken()
| NTSTATUS NTAPI NtFilterToken | ( | _In_ HANDLE | ExistingTokenHandle, |
| _In_ ULONG | Flags, | ||
| _In_opt_ PTOKEN_GROUPS | SidsToDisable, | ||
| _In_opt_ PTOKEN_PRIVILEGES | PrivilegesToDelete, | ||
| _In_opt_ PTOKEN_GROUPS | RestrictedSids, | ||
| _Out_ PHANDLE | NewTokenHandle | ||
| ) |
Creates an access token in a restricted form from the original existing token, that is, such action is called filtering.
- Parameters
-
[in] ExistingTokenHandle A handle to an access token which is to be filtered. [in] Flags Privilege flag options. This parameter argument influences how the token's privileges are filtered. For further details see remarks. [in] SidsToDisable Array of SIDs to disable. The action of doing so assigns the SE_GROUP_USE_FOR_DENY_ONLY attribute to the respective group SID and takes away SE_GROUP_ENABLED and SE_GROUP_ENABLED_BY_DEFAULT. This parameter can be NULL. This can be a UM pointer. [in] PrivilegesToDelete Array of privileges to delete. The function will walk within this array to determine if the specified privileges do exist in the access token. Any missing privileges gets ignored. This parameter can be NULL. This can be a UM pointer. [in] RestrictedSids An array list of restricted groups SID to be added in the access token. A token that is already restricted the newly added restricted SIDs are redundant information in addition to the existing restricted SIDs in the token. This parameter can be NULL. This can be a UM pointer. [out] NewTokenHandle A new handle to the restricted (filtered) access token. This can be a UM pointer.
- Returns
- Returns STATUS_SUCCESS if the routine has successfully filtered the access token. STATUS_INVALID_PARAMETER is returned if one or more parameters are not valid (see SepPerformTokenFiltering routine call for more information). A failure NTSTATUS code is returned otherwise.
- Remarks
- The Flags parameter determines the final outcome of how the privileges in an access token are filtered. This parameter can take these supported values (these can be combined):
0 – Filter the token's privileges in the usual way. The function expects that the caller MUST PROVIDE a valid array list of privileges to be deleted (that is, PrivilegesToDelete MUSTN'T BE NULL).
DISABLE_MAX_PRIVILEGE – Disables (deletes) all the privileges except SeChangeNotifyPrivilege in the new access token. Bear in mind if this flag is specified the routine ignores PrivilegesToDelete.
SANDBOX_INERT – Stores the TOKEN_SANDBOX_INERT token flag within the access token.
LUA_TOKEN – The newly filtered access token is a LUA token. This flag is not supported in Windows Server 2003.
WRITE_RESTRICTED – The newly filtered token has the restricted SIDs that are considered only when evaluating write access onto the token. This value is not supported in Windows Server 2003.
Definition at line 6622 of file token.c.
6795 DPRINT1("NtFilterToken(): Failed to insert the filtered token object into the handle (Status 0x%lx)\n", Status);
Definition: setypes.h:73
Definition: setypes.h:991
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID with attributes.
Definition: sid.c:768
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
Definition: setypes.h:1000
Definition: iotypes.h:179
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:401
static NTSTATUS SepPerformTokenFiltering(_In_ PTOKEN Token, _In_opt_ PLUID_AND_ATTRIBUTES PrivilegesToBeDeleted, _In_opt_ PSID_AND_ATTRIBUTES SidsToBeDisabled, _In_opt_ PSID_AND_ATTRIBUTES RestrictedSidsIntoToken, _When_(PrivilegesToBeDeleted !=NULL, _In_) ULONG PrivilegesCount, _When_(SidsToBeDisabled !=NULL, _In_) ULONG RegularGroupsSidCount, _When_(RestrictedSidsIntoToken !=NULL, _In_) ULONG RestrictedSidsCount, _In_ ULONG PrivilegeFlags, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *FilteredToken)
Private helper function responsible for creating a restricted access token, that is,...
Definition: token.c:2040
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
Definition: setypes.h:502
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Captures a SID with attributes.
Definition: sid.c:485
Definition: ketypes.h:867
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2934
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
Definition: nsiface.idl:2306
Definition: setypes.h:207
Referenced by CreateRestrictedToken(), and START_TEST().
◆ NtImpersonateAnonymousToken()
Allows the calling thread to impersonate the system's anonymous logon token.
- Parameters
-
[in] ThreadHandle A handle to the thread to start the procedure of logon token impersonation. The thread must have the THREAD_IMPERSONATE access right.
- Returns
- Returns STATUS_SUCCESS if the thread has successfully impersonated the anonymous logon token, otherwise a failure NTSTATUS code is returned.
- Remarks
- By default the system gives the opportunity to the caller to impersonate the anonymous logon token without including the Everyone Group SID. In cases where the caller wants to impersonate the token including such group, the EveryoneIncludesAnonymous registry value setting has to be set to 1, from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry path. The calling thread must invoke PsRevertToSelf when impersonation is no longer needed or RevertToSelf if the calling execution is done in user mode.
Definition at line 6873 of file token.c.
6892 DPRINT1("NtImpersonateAnonymousToken(): Failed to reference the object (Status 0x%lx)\n", Status);
6900 DPRINT1("NtImpersonateAnonymousToken(): Failed to impersonate the token (Status 0x%lx)\n", Status);
static NTSTATUS SepImpersonateAnonymousToken(_In_ PETHREAD Thread, _In_ KPROCESSOR_MODE PreviousMode)
Private function that impersonates the system's anonymous logon token. The major bulk of the imperson...
Definition: token.c:379
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
Definition: pstypes.h:1101
Definition: nsiface.idl:2306
Referenced by ImpersonateAnonymousToken(), and START_TEST().
◆ NtOpenThreadToken()
| NTSTATUS NTAPI NtOpenThreadToken | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Opens a token that is tied to a thread handle.
- Parameters
-
[out] ThreadHandle Thread handle where the token is about to be opened. [in] DesiredAccess The request access right for the token. [in] OpenAsSelf If set to TRUE, the access check will be made with the security context of the process of the calling thread (opening as self). Otherwise the access check will be made with the security context of the calling thread instead. [out] TokenHandle The opened token handle returned to the caller for use.
- Returns
- See NtOpenThreadTokenEx.
Definition at line 6445 of file token.c.
NTSTATUS NTAPI NtOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:6243
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
Referenced by BaseGetNamedObjectDirectory(), CheckTokenMembership(), CsrGetProcessLuid(), GetCallerLuid(), LsarSetSecurityObject(), NpGetUserNamep(), OpenThreadToken(), RSetServiceObjectSecurity(), RtlDefaultNpAcl(), RtlNewSecurityGrantedAccess(), RtlpGetImpersonationToken(), and START_TEST().
◆ NtOpenThreadTokenEx()
| NTSTATUS NTAPI NtOpenThreadTokenEx | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _In_ ULONG | HandleAttributes, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Opens a token that is tied to a thread handle.
- Parameters
-
[out] ThreadHandle Thread handle where the token is about to be opened. [in] DesiredAccess The request access right for the token. [in] OpenAsSelf If set to TRUE, the access check will be made with the security context of the process of the calling thread (opening as self). Otherwise the access check will be made with the security context of the calling thread instead. [in] HandleAttributes Handle attributes for the opened thread token handle. [out] TokenHandle The opened token handle returned to the caller for use.
- Returns
- Returns STATUS_SUCCESS if the function has successfully opened the thread token. STATUS_CANT_OPEN_ANONYMOUS is returned if a token has SecurityAnonymous as impersonation level and we cannot open it. A failure NTSTATUS code is returned otherwise.
Definition at line 6243 of file token.c.
6338 DPRINT1("NtOpenThreadTokenEx(): Failed to create a security descriptor (Status 0x%lx)\n", Status);
6345 DPRINT1("NtOpenThreadTokenEx(): Failed to set a DACL to the security descriptor (Status 0x%lx)\n", Status);
6370 DPRINT1("NtOpenThreadTokenEx(): Failed to impersonate token from DACL (Status 0x%lx)\n", Status);
Definition: ms-dtyp.idl:301
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:429
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
Definition: umtypes.h:181
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
Definition: ms-dtyp.idl:293
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: ketypes.h:11
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
Definition: lsa.idl:55
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
Definition: obhandle.c:2741
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: token.c:995
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:965
Definition: pstypes.h:1101
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:915
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
Definition: setypes.h:115
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
Definition: ob_x.h:22
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2934
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
Definition: imports.h:274
Definition: nsiface.idl:2306
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:401
Definition: setypes.h:207
NTSTATUS NTAPI SepCreateImpersonationTokenDacl(_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
Allocates a discretionary access control list based on certain properties of a regular and primary ac...
Definition: acl.c:277
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:888
Referenced by NtOpenThreadToken(), and START_TEST().
◆ NtQueryInformationToken()
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken | ( | _In_ HANDLE | TokenHandle, |
| _In_ TOKEN_INFORMATION_CLASS | TokenInformationClass, | ||
| _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID | TokenInformation, | ||
| _In_ ULONG | TokenInformationLength, | ||
| _Out_ PULONG | ReturnLength | ||
| ) |
Queries a specific type of information in regard of an access token based upon the information class. The calling thread must have specific access rights in order to obtain specific information about the token.
- Parameters
-
[in] TokenHandle A handle of a token where information is to be gathered. [in] TokenInformationClass Token information class. [out] TokenInformation A returned output buffer with token information, which information is arbitrarily upon the information class chosen. [in] TokenInformationLength Length of the token information buffer, in bytes. [out] ReturnLength If specified in the call, the function returns the total length size of the token information buffer..
- Returns
- Returns STATUS_SUCCESS if information querying has completed successfully. STATUS_BUFFER_TOO_SMALL is returned if the information length that represents the token information buffer is not greater than the required length. STATUS_INVALID_HANDLE is returned if the token handle is not a valid one. STATUS_INVALID_INFO_CLASS is returned if the information class is not a valid one (that is, the class doesn't belong to TOKEN_INFORMATION_CLASS). A failure NTSTATUS code is returned otherwise.
Definition at line 3692 of file token.c.
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
Definition: setypes.h:944
Definition: setypes.h:73
Definition: setypes.h:1013
Definition: setypes.h:991
Definition: ms-dtyp.idl:198
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
Definition: setypes.h:950
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: sefuncs.h:312
Definition: setypes.h:1000
struct _TOKEN_DEFAULT_DACL TOKEN_DEFAULT_DACL
enum _TOKEN_TYPE * PTOKEN_TYPE
Definition: setypes.h:1009
NTSYSAPI NTSTATUS NTAPI RtlCopySidAndAttributesArray(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src, _In_ ULONG SidAreaSize, _In_ PSID_AND_ATTRIBUTES Dest, _In_ PSID SidArea, _Out_ PSID *RemainingSidArea, _Out_ PULONG RemainingSidAreaSize)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: setypes.h:1063
struct _TOKEN_USER TOKEN_USER
static __inline NTSTATUS DefaultQueryInfoBufferCheck(ULONG Class, const INFORMATION_CLASS_INFO *ClassList, ULONG ClassListEntries, PVOID Buffer, ULONG BufferLength, PULONG ReturnLength, PULONG_PTR ReturnLengthPtr, KPROCESSOR_MODE PreviousMode, BOOLEAN CompleteProbing)
Definition: probe.h:59
static ULONG RtlLengthSidAndAttributes(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src)
Computes the length size of a SID.
Definition: token.c:823
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
NTSYSAPI VOID NTAPI RtlCopyLuidAndAttributesArray(ULONG Count, PLUID_AND_ATTRIBUTES Src, PLUID_AND_ATTRIBUTES Dest)
Definition: luid.c:33
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
Definition: setypes.h:952
struct _TOKEN_ORIGIN * PTOKEN_ORIGIN
Definition: setypes.h:948
struct _TOKEN_GROUPS * PTOKEN_GROUPS
Definition: setypes.h:945
Definition: setypes.h:1005
struct _TOKEN_SOURCE * PTOKEN_SOURCE
struct _TOKEN_OWNER TOKEN_OWNER
struct _TOKEN_SOURCE TOKEN_SOURCE
Definition: setypes.h:502
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
Definition: setypes.h:1084
Definition: setypes.h:956
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1068
Definition: setypes.h:947
Definition: setypes.h:946
Definition: setypes.h:987
Definition: setypes.h:958
Definition: setypes.h:954
struct _TOKEN_OWNER * PTOKEN_OWNER
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
struct _TOKEN_STATISTICS * PTOKEN_STATISTICS
Definition: setypes.h:960
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
enum _TOKEN_TYPE TOKEN_TYPE
Definition: imports.h:277
Definition: setypes.h:953
Definition: setypes.h:955
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
Definition: setypes.h:949
Definition: imports.h:274
struct _TOKEN_USER * PTOKEN_USER
static const INFORMATION_CLASS_INFO SeTokenInformationClass[]
Definition: token.c:32
NTSTATUS NTAPI SeQuerySessionIdToken(_In_ PACCESS_TOKEN Token, _Out_ PULONG pSessionId)
Queries the session ID of an access token.
Definition: token.c:3397
Definition: nsiface.idl:2306
struct _TOKEN_STATISTICS TOKEN_STATISTICS
Definition: setypes.h:207
struct _TOKEN_PRIMARY_GROUP TOKEN_PRIMARY_GROUP
struct _TOKEN_ORIGIN TOKEN_ORIGIN
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401
Referenced by CreateProcessAsUserCommon(), CsrGetProcessLuid(), CsrSetProcessSecurity(), DoAdminUnlock(), DuplicateTokenAsEffective(), GetCallerLuid(), GetSiteSidFromToken(), GetTokenInformation(), GetUserSid(), GetUserSidStringFromToken(), ImpersonateLoggedOnUser(), IsTokenRestricted(), LsapIsTrustedClient(), PlayLogonSoundThread(), RegOpenUserClassesRoot(), RtlDefaultNpAcl(), RtlNewInstanceSecurityObject(), RtlNewSecurityGrantedAccess(), and START_TEST().
◆ NtSetInformationToken()
| _Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtSetInformationToken | ( | _In_ HANDLE | TokenHandle, |
| _In_ TOKEN_INFORMATION_CLASS | TokenInformationClass, | ||
| _In_reads_bytes_(TokenInformationLength) PVOID | TokenInformation, | ||
| _In_ ULONG | TokenInformationLength | ||
| ) |
Sets (modifies) some specific information in regard of an access token. The calling thread must have specific access rights in order to modify token's information data.
@unimplemented
- Parameters
-
[in] TokenHandle A handle of a token where information is to be modified. [in] TokenInformationClass Token information class. [in] TokenInformation An arbitrary pointer to a buffer with token information to set. Such arbitrary buffer depends on the information class chosen that the caller wants to modify such information data of a token. [in] TokenInformationLength Length of the token information buffer, in bytes.
- Returns
- Returns STATUS_SUCCESS if information setting has completed successfully. STATUS_INFO_LENGTH_MISMATCH is returned if the information length of the buffer is less than the required length. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation has failed. STATUS_PRIVILEGE_NOT_HELD is returned if the calling thread hasn't the required privileges to perform the operation in question. A failure NTSTATUS code is returned otherwise.
- Remarks
- The function is partly implemented, mainly TokenOrigin and TokenDefaultDacl.
Definition at line 4294 of file token.c.
Definition: ntsecapi.h:264
static NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Finds the primary group and default owner entity based on the submitted primary group instance and an...
Definition: token.c:869
Definition: setypes.h:1013
Definition: ntsecapi.h:263
UCHAR DirectoryServiceAccess
Definition: setypes.h:144
Definition: ms-dtyp.idl:198
Definition: ntsecapi.h:260
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: sefuncs.h:312
Definition: ms-dtyp.idl:293
NTSTATUS NTAPI SepCaptureSid(_In_ PSID InputSid, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID *CapturedSid)
Captures a SID.
Definition: sid.c:314
Definition: setypes.h:1009
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
static __inline NTSTATUS DefaultSetInfoBufferCheck(ULONG Class, const INFORMATION_CLASS_INFO *ClassList, ULONG ClassListEntries, PVOID Buffer, ULONG BufferLength, KPROCESSOR_MODE PreviousMode)
Definition: probe.h:8
VOID NTAPI SepReleaseSid(_In_ PSID CapturedSid, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID.
Definition: sid.c:400
NTSTATUS SepRmDereferenceLogonSession(_Inout_ PLUID LogonLuid)
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
Definition: ntsecapi.h:262
Definition: ntsecapi.h:268
struct _TOKEN_ORIGIN * PTOKEN_ORIGIN
NTSTATUS NTAPI SepCaptureAcl(_In_ PACL InputAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PACL *CapturedAcl)
Captures an access control list from an already valid input ACL.
Definition: acl.c:352
Definition: setypes.h:948
Definition: setypes.h:154
Definition: setypes.h:1005
Definition: se.h:27
Definition: setypes.h:1084
SEP_AUDIT_POLICY_CATEGORIES PolicyElements
Definition: setypes.h:158
Definition: setypes.h:947
struct _TOKEN_OWNER * PTOKEN_OWNER
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Definition: setypes.h:959
Definition: setypes.h:960
Definition: ketypes.h:867
NTSTATUS NTAPI SepRmRemoveLogonSessionFromToken(_Inout_ PTOKEN Token)
Removes a logon session from an access token.
Definition: srm.c:449
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
Definition: setypes.h:955
Definition: ntsecapi.h:266
struct _TOKEN_AUDIT_POLICY_INFORMATION * PTOKEN_AUDIT_POLICY_INFORMATION
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
Definition: setypes.h:949
static const INFORMATION_CLASS_INFO SeTokenInformationClass[]
Definition: token.c:32
Definition: ntsecapi.h:265
Definition: setypes.h:957
Definition: nsiface.idl:2306
Definition: setypes.h:207
Definition: ntsecapi.h:261
struct _TOKEN_AUDIT_POLICY_INFORMATION::@1757 Policies[1]
Referenced by SetTokenInformation().
◆ RtlLengthSidAndAttributes()
|
static |
Computes the length size of a SID.
- Parameters
-
[in] Count Total count of entries that have SIDs in them (that being PSID_AND_ATTRIBUTES in this context). [in] Src Source that points to the attributes and SID entry structure.
- Returns
- Returns the total length of a SID size.
Definition at line 823 of file token.c.
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
Referenced by NtQueryInformationToken(), SepPerformTokenFiltering(), and SeQueryInformationToken().
◆ SeAssignPrimaryToken()
Assigns a primary access token to a given process.
- Parameters
-
[in] Process Process where the token is about to be assigned. [in] Token The token to be assigned.
- Returns
- Nothing.
Definition at line 1613 of file token.c.
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: imports.h:273
VOID FASTCALL ObInitializeFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:107
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
VOID NTAPI SeDeassignPrimaryToken(_Inout_ PEPROCESS Process)
Removes the primary token of a process.
Definition: token.c:794
◆ SeCopyClientToken()
| NTSTATUS NTAPI SeCopyClientToken | ( | _In_ PACCESS_TOKEN | Token, |
| _In_ SECURITY_IMPERSONATION_LEVEL | Level, | ||
| _In_ KPROCESSOR_MODE | PreviousMode, | ||
| _Out_ PACCESS_TOKEN * | NewToken | ||
| ) |
Copies an existing access token (technically duplicating a new one).
- Parameters
-
[in] Token Token to copy. [in] Level Impersonation security level to assign to the newly copied token. [in] PreviousMode Processor request level mode. [out] NewToken The newly copied token.
- Returns
- Returns STATUS_SUCCESS when token copying has finished successfully. A failure NTSTATUS code is returned otherwise.
Definition at line 1490 of file token.c.
Definition: umtypes.h:181
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: token.c:995
Definition: imports.h:274
Definition: setypes.h:207
Referenced by PsImpersonateClient(), and SepCreateClientSecurity().
◆ SeDeassignPrimaryToken()
Removes the primary token of a process.
- Parameters
-
[in,out] Process The process instance with the access token to be removed.
- Returns
- Nothing.
Definition at line 794 of file token.c.
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
Definition: setypes.h:207
Referenced by PspDeleteProcessSecurity(), and SeAssignPrimaryToken().
◆ SeExchangePrimaryToken()
| NTSTATUS NTAPI SeExchangePrimaryToken | ( | _In_ PEPROCESS | Process, |
| _In_ PACCESS_TOKEN | NewAccessToken, | ||
| _Out_ PACCESS_TOKEN * | OldAccessToken | ||
| ) |
Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new access token. The new access token must be a primary token for use.
- Parameters
-
[in] Process The process instance where its access token is about to be replaced. [in] NewAccessToken The new token that it's going to replace the old one. [out] OldAccessToken The returned old token that's been replaced, which the caller can do anything.
- Returns
- Returns STATUS_SUCCESS if the exchange operation between tokens has completed successfully. STATUS_BAD_TOKEN_TYPE is returned if the new token is not a primary one so that we cannot exchange it with the old one from the process. STATUS_TOKEN_ALREADY_IN_USE is returned if both tokens aren't equal which means one of them has different properties (groups, privileges, etc.) and as such one of them is currently in use. A failure NTSTATUS code is returned otherwise.
Definition at line 704 of file token.c.
Definition: imports.h:273
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
static NTSTATUS SepCompareTokens(_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal based on all the following properties. If all of the said conditions...
Definition: token.c:288
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
struct _TOKEN * PTOKEN
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:902
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
Definition: fatprocs.h:1886
Definition: setypes.h:207
Referenced by PspAssignPrimaryToken().
◆ SeFilterToken()
| NTSTATUS NTAPI SeFilterToken | ( | _In_ PACCESS_TOKEN | ExistingToken, |
| _In_ ULONG | Flags, | ||
| _In_opt_ PTOKEN_GROUPS | SidsToDisable, | ||
| _In_opt_ PTOKEN_PRIVILEGES | PrivilegesToDelete, | ||
| _In_opt_ PTOKEN_GROUPS | RestrictedSids, | ||
| _Out_ PACCESS_TOKEN * | FilteredToken | ||
| ) |
Filters an access token from an existing token, making it more restricted than the previous one.
- Parameters
-
[in] ExistingToken An existing token for filtering. [in] Flags Privilege flag options. This parameter argument influences how the token is filtered. Such parameter can be 0. See NtFilterToken syscall for more information. [in] SidsToDisable Array of SIDs to disable. Such parameter can be NULL. [in] PrivilegesToDelete Array of privileges to delete. If DISABLE_MAX_PRIVILEGE flag is specified in the Flags parameter, PrivilegesToDelete is ignored. [in] RestrictedSids An array of restricted SIDs for the new filtered token. Such parameter can be NULL. [out] FilteredToken The newly filtered token, returned to the caller.
- Returns
- Returns STATUS_SUCCESS if the function has successfully completed its operations and that the access token has been filtered. STATUS_INVALID_PARAMETER is returned if one or more of the parameter are not valid. A failure NTSTATUS code is returned otherwise.
- Remarks
- WARNING – The caller IS RESPONSIBLE for locking the existing access token before attempting to do any kind of filtering operation into the token. The lock MUST BE RELEASED after this kernel routine has finished doing its work.
Definition at line 2947 of file token.c.
Definition: ketypes.h:11
static NTSTATUS SepPerformTokenFiltering(_In_ PTOKEN Token, _In_opt_ PLUID_AND_ATTRIBUTES PrivilegesToBeDeleted, _In_opt_ PSID_AND_ATTRIBUTES SidsToBeDisabled, _In_opt_ PSID_AND_ATTRIBUTES RestrictedSidsIntoToken, _When_(PrivilegesToBeDeleted !=NULL, _In_) ULONG PrivilegesCount, _When_(SidsToBeDisabled !=NULL, _In_) ULONG RegularGroupsSidCount, _When_(RestrictedSidsIntoToken !=NULL, _In_) ULONG RestrictedSidsCount, _In_ ULONG PrivilegeFlags, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *FilteredToken)
Private helper function responsible for creating a restricted access token, that is,...
Definition: token.c:2040
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2934
Definition: setypes.h:207
Referenced by FatCreateRestrictEveryoneToken(), and FilterToken().
◆ SeIsTokenChild()
Checks if the token is a child of the other token of the current process that the calling thread is invoking this function.
- Parameters
-
[in] Token An access token to determine if it's a child or not. [out] IsChild The returned boolean result.
- Returns
- Returns STATUS_SUCCESS when the function finishes its operation. STATUS_UNSUCCESSFUL is returned if primary token of the current calling process couldn't be referenced otherwise.
Definition at line 1381 of file token.c.
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: devicetopology.idl:136
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
Definition: setypes.h:207
Referenced by PspSetPrimaryToken().
◆ SeIsTokenSibling()
Checks if the token is a sibling of the other token of the current process that the calling thread is invoking this function.
- Parameters
-
[in] Token An access token to determine if it's a sibling or not. [out] IsSibling The returned boolean result.
- Returns
- Returns STATUS_SUCCESS when the function finishes its operation. STATUS_UNSUCCESSFUL is returned if primary token of the current calling process couldn't be referenced otherwise.
Definition at line 1430 of file token.c.
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: devicetopology.idl:136
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
Definition: setypes.h:207
Referenced by PspSetPrimaryToken().
◆ SepAdjustGroups()
|
static |
Private routine that iterates over the groups of an access token to be adjusted as per on request by the caller, where a group can be enabled or disabled.
- Parameters
-
[in] Token Access token where its groups are to be enabled or disabled. [in] NewState A list of groups with new state attributes to be assigned to the token. [in] NewStateCount The captured count number of groups in the list. [in] ApplyChanges If set to FALSE, the function will only iterate over the token's groups without performing any kind of modification. If set to TRUE, the changes will be applied immediately when the function has done looping the groups. [in] ResetToDefaultStates The function will reset the groups in an access token to default states if set to TRUE. In such scenario the function ignores NewState outright. Otherwise if set to FALSE, the function will use NewState to assign the newly attributes to adjust the token's groups. SE_GROUP_ENABLED_BY_DEFAULT is a flag indicator that is used for such purpose. [out] ChangesMade Returns TRUE if changes to token's groups have been made, otherwise FALSE is returned. Bear in mind such changes aren't always deterministic. See remarks for further details. [out] PreviousGroupsState If requested by the caller, the function will return the previous state of groups in an access token prior taking action on adjusting the token. This is a UM (user mode) pointer and it's prone to raise exceptions if such pointer address is not valid. [out] ChangedGroups Returns the total number of changed groups in an access token. This argument could also indicate the number of groups to be changed if the calling thread hasn't chosen to apply the changes yet. A number of 0 indicates no groups have been or to be changed because the groups' attributes in a token are the same as the ones from NewState given by the caller.
- Returns
- STATUS_SUCCESS is returned if the function has successfully completed the operation of adjusting groups in a token. STATUS_CANT_DISABLE_MANDATORY is returned if there was an attempt to disable a mandatory group which is not possible. STATUS_CANT_ENABLE_DENY_ONLY is returned if there was an attempt to enable a "use for Deny only" group which is not allowed, that is, a restricted group. STATUS_NOT_ALL_ASSIGNED is returned if not all the groups are actually assigned to the token.
- Remarks
- Token groups adjusting can be judged to be deterministic or not based on the NT status code value. That is, STATUS_SUCCESS indicates the function not only has iterated over the whole groups in a token, it also has applied the changes thoroughly without impediment and the results perfectly match with the request desired by the caller. In this situation the condition is deemed deterministic. In a different situation however, if the status code was STATUS_NOT_ALL_ASSIGNED, the function would still continue looping the groups in a token and apply the changes whenever possible where the respective groups actually exist in the token. This kind of situation is deemed as indeterministic. For STATUS_CANT_DISABLE_MANDATORY and STATUS_CANT_ENABLE_DENY_ONLY the scenario is even more indeterministic as the iteration of groups comes to a halt thus leaving all other possible groups to be adjusted.
Definition at line 5068 of file token.c.