db/d25/ntoskrnl_2se_2token_8c_source.html

 /*
  * PROJECT:         ReactOS Kernel
  * LICENSE:         GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
  * PURPOSE:         Security access token implementation base support routines
  * COPYRIGHT:       Copyright David Welch <welch@cwcom.net>
  *                  Copyright 2021-2022 George Bișoc <george.bisoc@reactos.org>
  */

 /* INCLUDES *******************************************************************/

 #include <ntoskrnl.h>
 #define NDEBUG
 #include <debug.h>

 /* GLOBALS ********************************************************************/

 POBJECT_TYPE SeTokenObjectType = NULL;

 TOKEN_SOURCE SeSystemTokenSource = {"*SYSTEM*", {0}};
 LUID SeSystemAuthenticationId = SYSTEM_LUID;
 LUID SeAnonymousAuthenticationId = ANONYMOUS_LOGON_LUID;

 static GENERIC_MAPPING SepTokenMapping = {
     TOKEN_READ,
     TOKEN_WRITE,
     TOKEN_EXECUTE,
     TOKEN_ALL_ACCESS
 };

 /* PRIVATE FUNCTIONS *****************************************************************/

 NTSTATUS
 SepCreateTokenLock(
     _Inout_ PTOKEN Token)
 {
     PAGED_CODE();

     Token->TokenLock = ExAllocatePoolWithTag(NonPagedPool,
                                              sizeof(ERESOURCE),
                                              TAG_SE_TOKEN_LOCK);
     if (Token->TokenLock == NULL)
     {
         DPRINT1("SepCreateTokenLock(): Failed to allocate memory!\n");
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     ExInitializeResourceLite(Token->TokenLock);
     return STATUS_SUCCESS;
 }

 VOID
 SepDeleteTokenLock(
     _Inout_ PTOKEN Token)
 {
     PAGED_CODE();

     ExDeleteResourceLite(Token->TokenLock);
     ExFreePoolWithTag(Token->TokenLock, TAG_SE_TOKEN_LOCK);
 }

 static
 BOOLEAN
 SepCompareSidAndAttributesFromTokens(
     _In_ PSID_AND_ATTRIBUTES SidArrayToken1,
     _In_ ULONG CountSidArray1,
     _In_ PSID_AND_ATTRIBUTES SidArrayToken2,
     _In_ ULONG CountSidArray2)
 {
     ULONG FirstCount, SecondCount;
     PSID_AND_ATTRIBUTES FirstSidArray, SecondSidArray;
     PAGED_CODE();

     /* Bail out if index counters provided are not equal */
     if (CountSidArray1 != CountSidArray2)
     {
         DPRINT("SepCompareSidAndAttributesFromTokens(): Index counters are not the same!\n");
         return FALSE;
     }

     /* Loop over the SID arrays and compare them */
     for (FirstCount = 0; FirstCount < CountSidArray1; FirstCount++)
     {
         for (SecondCount = 0; SecondCount < CountSidArray2; SecondCount++)
         {
             FirstSidArray = &SidArrayToken1[FirstCount];
             SecondSidArray = &SidArrayToken2[SecondCount];

             if (RtlEqualSid(FirstSidArray->Sid, SecondSidArray->Sid) &&
                 FirstSidArray->Attributes == SecondSidArray->Attributes)
             {
                 break;
             }
         }

         /* We've exhausted the array of the second token without finding this one */
         if (SecondCount == CountSidArray2)
         {
             DPRINT("SepCompareSidAndAttributesFromTokens(): No matching elements could be found in either token!\n");
             return FALSE;
         }
     }

     return TRUE;
 }

 static
 BOOLEAN
 SepComparePrivilegeAndAttributesFromTokens(
     _In_ PLUID_AND_ATTRIBUTES PrivArrayToken1,
     _In_ ULONG CountPrivArray1,
     _In_ PLUID_AND_ATTRIBUTES PrivArrayToken2,
     _In_ ULONG CountPrivArray2)
 {
     ULONG FirstCount, SecondCount;
     PLUID_AND_ATTRIBUTES FirstPrivArray, SecondPrivArray;
     PAGED_CODE();

     /* Bail out if index counters provided are not equal */
     if (CountPrivArray1 != CountPrivArray2)
     {
         DPRINT("SepComparePrivilegeAndAttributesFromTokens(): Index counters are not the same!\n");
         return FALSE;
     }

     /* Loop over the privilege arrays and compare them */
     for (FirstCount = 0; FirstCount < CountPrivArray1; FirstCount++)
     {
         for (SecondCount = 0; SecondCount < CountPrivArray2; SecondCount++)
         {
             FirstPrivArray = &PrivArrayToken1[FirstCount];
             SecondPrivArray = &PrivArrayToken2[SecondCount];

             if (RtlEqualLuid(&FirstPrivArray->Luid, &SecondPrivArray->Luid) &&
                 FirstPrivArray->Attributes == SecondPrivArray->Attributes)
             {
                 break;
             }
         }

         /* We've exhausted the array of the second token without finding this one */
         if (SecondCount == CountPrivArray2)
         {
             DPRINT("SepComparePrivilegeAndAttributesFromTokens(): No matching elements could be found in either token!\n");
             return FALSE;
         }
     }

     return TRUE;
 }

 static
 NTSTATUS
 SepCompareTokens(
     _In_ PTOKEN FirstToken,
     _In_ PTOKEN SecondToken,
     _Out_ PBOOLEAN Equal)
 {
     BOOLEAN Restricted, IsEqual = FALSE;
     PAGED_CODE();

     ASSERT(FirstToken != SecondToken);

     /* Lock the tokens */
     SepAcquireTokenLockShared(FirstToken);
     SepAcquireTokenLockShared(SecondToken);

     /* Check if every SID that is present in either token is also present in the other one */
     if (!SepCompareSidAndAttributesFromTokens(FirstToken->UserAndGroups,
                                               FirstToken->UserAndGroupCount,
                                               SecondToken->UserAndGroups,
                                               SecondToken->UserAndGroupCount))
     {
         goto Quit;
     }

     /* Is one token restricted but the other isn't? */
     Restricted = SeTokenIsRestricted(FirstToken);
     if (Restricted != SeTokenIsRestricted(SecondToken))
     {
         /* If that's the case then bail out */
         goto Quit;
     }

     /*
      * If both tokens are restricted check if every SID
      * that is restricted in either token is also restricted
      * in the other one.
      */
     if (Restricted)
     {
         if (!SepCompareSidAndAttributesFromTokens(FirstToken->RestrictedSids,
                                                   FirstToken->RestrictedSidCount,
                                                   SecondToken->RestrictedSids,
                                                   SecondToken->RestrictedSidCount))
         {
             goto Quit;
         }
     }

     /* Check if every privilege present in either token is also present in the other one */
     if (!SepComparePrivilegeAndAttributesFromTokens(FirstToken->Privileges,
                                                     FirstToken->PrivilegeCount,
                                                     SecondToken->Privileges,
                                                     SecondToken->PrivilegeCount))
     {
         goto Quit;
     }

     /* If we're here then the tokens are equal */
     IsEqual = TRUE;
     DPRINT("SepCompareTokens(): Tokens are equal!\n");

 Quit:
     /* Unlock the tokens */
     SepReleaseTokenLock(SecondToken);
     SepReleaseTokenLock(FirstToken);

     *Equal = IsEqual;
     return STATUS_SUCCESS;
 }

 static
 NTSTATUS
 SepImpersonateAnonymousToken(
     _In_ PETHREAD Thread,
     _In_ KPROCESSOR_MODE PreviousMode)
 {
     NTSTATUS Status;
     PTOKEN TokenToImpersonate, ProcessToken;
     ULONG IncludeEveryoneValueData;
     PAGED_CODE();

     /*
      * We must check first which kind of token
      * shall we assign for the thread to impersonate,
      * the one with Everyone Group SID or the other
      * without. Invoke the registry helper to
      * return the data value for us.
      */
     Status = SepRegQueryHelper(L"\\Registry\\Machine\\SYSTEM\\CurrentControlSet\\Control\\Lsa",
                                L"EveryoneIncludesAnonymous",
                                REG_DWORD,
                                sizeof(IncludeEveryoneValueData),
                                &IncludeEveryoneValueData);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SepRegQueryHelper(): Failed to query the registry value (Status 0x%lx)\n", Status);
         return Status;
     }

     if (IncludeEveryoneValueData == 0)
     {
         DPRINT("SepImpersonateAnonymousToken(): Assigning the token not including the Everyone Group SID...\n");
         TokenToImpersonate = SeAnonymousLogonTokenNoEveryone;
     }
     else
     {
         DPRINT("SepImpersonateAnonymousToken(): Assigning the token including the Everyone Group SID...\n");
         TokenToImpersonate = SeAnonymousLogonToken;
     }

     /*
      * Tell the object manager that we're going to use this token
      * object now by incrementing the reference count.
     */
     Status = ObReferenceObjectByPointer(TokenToImpersonate,
                                         TOKEN_IMPERSONATE,
                                         SeTokenObjectType,
                                         PreviousMode);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SepImpersonateAnonymousToken(): Couldn't be able to use the token, bail out...\n");
         return Status;
     }

     /*
      * Reference the primary token of the current process that the anonymous
      * logon token impersonation procedure is being performed. We'll be going
      * to use the process' token to figure out if the process is actually
      * restricted or not.
      */
     ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
     if (!ProcessToken)
     {
         DPRINT1("SepImpersonateAnonymousToken(): Couldn't be able to get the process' primary token, bail out...\n");
         ObDereferenceObject(TokenToImpersonate);
         return STATUS_UNSUCCESSFUL;
     }

     /* Now, is the token from the current process restricted? */
     if (SeTokenIsRestricted(ProcessToken))
     {
         DPRINT1("SepImpersonateAnonymousToken(): The process is restricted, can't do anything. Bail out...\n");
         PsDereferencePrimaryToken(ProcessToken);
         ObDereferenceObject(TokenToImpersonate);
         return STATUS_ACCESS_DENIED;
     }

     /*
      * Finally it's time to impersonate! But first, fast dereference the
      * process' primary token as we no longer need it.
      */
     ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);
     Status = PsImpersonateClient(Thread, TokenToImpersonate, TRUE, FALSE, SecurityImpersonation);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("SepImpersonateAnonymousToken(): Failed to impersonate, bail out...\n");
         ObDereferenceObject(TokenToImpersonate);
         return Status;
     }

     return Status;
 }

 VOID
 SepUpdateSinglePrivilegeFlagToken(
     _Inout_ PTOKEN Token,
     _In_ ULONG Index)
 {
     ULONG TokenFlag;
     ASSERT(Index < Token->PrivilegeCount);

     /* The high part of all values we are interested in is 0 */
     if (Token->Privileges[Index].Luid.HighPart != 0)
     {
         return;
     }

     /* Check for certain privileges to update flags */
     if (Token->Privileges[Index].Luid.LowPart == SE_CHANGE_NOTIFY_PRIVILEGE)
     {
         TokenFlag = TOKEN_HAS_TRAVERSE_PRIVILEGE;
     }
     else if (Token->Privileges[Index].Luid.LowPart == SE_BACKUP_PRIVILEGE)
     {
         TokenFlag = TOKEN_HAS_BACKUP_PRIVILEGE;
     }
     else if (Token->Privileges[Index].Luid.LowPart == SE_RESTORE_PRIVILEGE)
     {
         TokenFlag = TOKEN_HAS_RESTORE_PRIVILEGE;
     }
     else if (Token->Privileges[Index].Luid.LowPart == SE_IMPERSONATE_PRIVILEGE)
     {
         TokenFlag = TOKEN_HAS_IMPERSONATE_PRIVILEGE;
     }
     else
     {
         /* Nothing to do */
         return;
     }

     /* Check if the specified privilege is enabled */
     if (Token->Privileges[Index].Attributes & SE_PRIVILEGE_ENABLED)
     {
         /* It is enabled, so set the flag */
         Token->TokenFlags |= TokenFlag;
     }
     else
     {
         /* Is is disabled, so remove the flag */
         Token->TokenFlags &= ~TokenFlag;
     }
 }

 BOOLEAN
 NTAPI
 SepTokenIsOwner(
     _In_ PACCESS_TOKEN _Token,
     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
     _In_ BOOLEAN TokenLocked)
 {
     PSID Sid;
     BOOLEAN Result;
     PTOKEN Token = _Token;

     /* Get the owner SID */
     Sid = SepGetOwnerFromDescriptor(SecurityDescriptor);
     ASSERT(Sid != NULL);

     /* Lock the token if needed */
     if (!TokenLocked) SepAcquireTokenLockShared(Token);

     /* Check if the owner SID is found, handling restricted case as well */
     Result = SepSidInToken(Token, Sid);
     if ((Result) && (Token->TokenFlags & TOKEN_IS_RESTRICTED))
     {
         Result = SepSidInTokenEx(Token, NULL, Sid, FALSE, TRUE);
     }

     /* Release the lock if we had acquired it */
     if (!TokenLocked) SepReleaseTokenLock(Token);

     /* Return the result */
     return Result;
 }

 VOID
 SepUpdatePrivilegeFlagsToken(
     _Inout_ PTOKEN Token)
 {
     ULONG i;

     /* Loop all privileges */
     for (i = 0; i < Token->PrivilegeCount; i++)
     {
         /* Updates the flags for this privilege */
         SepUpdateSinglePrivilegeFlagToken(Token, i);
     }
 }

 VOID
 SepRemovePrivilegeToken(
     _Inout_ PTOKEN Token,
     _In_ ULONG Index)
 {
     ULONG MoveCount;
     ASSERT(Index < Token->PrivilegeCount);

     /* Calculate the number of trailing privileges */
     MoveCount = Token->PrivilegeCount - Index - 1;
     if (MoveCount != 0)
     {
         /* Move them one location ahead */
         RtlMoveMemory(&Token->Privileges[Index],
                       &Token->Privileges[Index + 1],
                       MoveCount * sizeof(LUID_AND_ATTRIBUTES));
     }

     /* Update privilege count */
     Token->PrivilegeCount--;
 }

 VOID
 SepRemoveUserGroupToken(
     _Inout_ PTOKEN Token,
     _In_ ULONG Index)
 {
     ULONG MoveCount;
     ASSERT(Index < Token->UserAndGroupCount);

     /* Calculate the number of trailing groups */
     MoveCount = Token->UserAndGroupCount - Index - 1;
     if (MoveCount != 0)
     {
         /* Time to remove the group by moving one location ahead */
         RtlMoveMemory(&Token->UserAndGroups[Index],
                       &Token->UserAndGroups[Index + 1],
                       MoveCount * sizeof(SID_AND_ATTRIBUTES));
     }

     /* Remove one group count */
     Token->UserAndGroupCount--;
 }

 ULONG
 SepComputeAvailableDynamicSpace(
     _In_ ULONG DynamicCharged,
     _In_ PSID PrimaryGroup,
     _In_opt_ PACL DefaultDacl)
 {
     ULONG DynamicAvailable;

     PAGED_CODE();

     /* A token's dynamic area is always charged */
     ASSERT(DynamicCharged != 0);

     /*
      * Take into account the default DACL if
      * the token has one. Otherwise the occupied
      * space is just the present primary group.
      */
     DynamicAvailable = DynamicCharged - RtlLengthSid(PrimaryGroup);
     if (DefaultDacl)
     {
         DynamicAvailable -= DefaultDacl->AclSize;
     }

     return DynamicAvailable;
 }

 NTSTATUS
 SepRebuildDynamicPartOfToken(
     _Inout_ PTOKEN AccessToken,
     _In_ ULONG NewDynamicPartSize)
 {
     PVOID NewDynamicPart;
     PVOID PreviousDynamicPart;
     ULONG CurrentDynamicLength;

     PAGED_CODE();

     /* Sanity checks */
     ASSERT(AccessToken);
     ASSERT(NewDynamicPartSize != 0);

     /*
      * Compute the exact length of the available
      * dynamic part of the access token.
      */
     CurrentDynamicLength = AccessToken->DynamicAvailable + RtlLengthSid(AccessToken->PrimaryGroup);
     if (AccessToken->DefaultDacl)
     {
         CurrentDynamicLength += AccessToken->DefaultDacl->AclSize;
     }

     /*
      * Figure out if the current dynamic part is too small
      * to fit new contents inside the said dynamic part.
      * Rebuild the dynamic area and expand it if necessary.
      */
     if (CurrentDynamicLength < NewDynamicPartSize)
     {
         NewDynamicPart = ExAllocatePoolWithTag(PagedPool,
                                                NewDynamicPartSize,
                                                TAG_TOKEN_DYNAMIC);
         if (NewDynamicPart == NULL)
         {
             DPRINT1("SepRebuildDynamicPartOfToken(): Insufficient resources to allocate new dynamic part!\n");
             return STATUS_INSUFFICIENT_RESOURCES;
         }

         /* Copy the existing dynamic part */
         PreviousDynamicPart = AccessToken->DynamicPart;
         RtlCopyMemory(NewDynamicPart, PreviousDynamicPart, CurrentDynamicLength);

         /* Update the available dynamic area and assign new dynamic */
         AccessToken->DynamicAvailable += NewDynamicPartSize - CurrentDynamicLength;
         AccessToken->DynamicPart = NewDynamicPart;

         /* Move the contents (primary group and default DACL) addresses as well */
         AccessToken->PrimaryGroup = (PSID)((ULONG_PTR)AccessToken->DynamicPart +
                                     ((ULONG_PTR)AccessToken->PrimaryGroup - (ULONG_PTR)PreviousDynamicPart));
         if (AccessToken->DefaultDacl != NULL)
         {
             AccessToken->DefaultDacl = (PACL)((ULONG_PTR)AccessToken->DynamicPart +
                                        ((ULONG_PTR)AccessToken->DefaultDacl - (ULONG_PTR)PreviousDynamicPart));
         }

         /* And discard the previous dynamic part */
         DPRINT("SepRebuildDynamicPartOfToken(): The dynamic part has been re-built with success!\n");
         ExFreePoolWithTag(PreviousDynamicPart, TAG_TOKEN_DYNAMIC);
     }

     return STATUS_SUCCESS;
 }

 VOID
 NTAPI
 SepFreeProxyData(
     _Inout_ PVOID ProxyData)
 {
     UNIMPLEMENTED;
 }

 NTSTATUS
 NTAPI
 SepCopyProxyData(
     _Out_ PVOID* Dest,
     _In_ PVOID Src)
 {
     UNIMPLEMENTED;
     return STATUS_NOT_IMPLEMENTED;
 }

 NTSTATUS
 NTAPI
 SeExchangePrimaryToken(
     _In_ PEPROCESS Process,
     _In_ PACCESS_TOKEN NewAccessToken,
     _Out_ PACCESS_TOKEN* OldAccessToken)
 {
     PTOKEN OldToken;
     PTOKEN NewToken = (PTOKEN)NewAccessToken;

     PAGED_CODE();

     if (NewToken->TokenType != TokenPrimary)
         return STATUS_BAD_TOKEN_TYPE;

     if (NewToken->TokenInUse)
     {
         BOOLEAN IsEqual;
         NTSTATUS Status;

         /* Maybe we're trying to set the same token */
         OldToken = PsReferencePrimaryToken(Process);
         if (OldToken == NewToken)
         {
             /* So it's a nop. */
             *OldAccessToken = OldToken;
             return STATUS_SUCCESS;
         }

         Status = SepCompareTokens(OldToken, NewToken, &IsEqual);
         if (!NT_SUCCESS(Status))
         {
             PsDereferencePrimaryToken(OldToken);
             *OldAccessToken = NULL;
             return Status;
         }

         if (!IsEqual)
         {
             PsDereferencePrimaryToken(OldToken);
             *OldAccessToken = NULL;
             return STATUS_TOKEN_ALREADY_IN_USE;
         }
         /* Silently return STATUS_SUCCESS but do not set the new token,
          * as it's already in use elsewhere. */
         *OldAccessToken = OldToken;
         return STATUS_SUCCESS;
     }

     /* Lock the new token */
     SepAcquireTokenLockExclusive(NewToken);

     /* Mark new token in use */
     NewToken->TokenInUse = TRUE;

     /* Set the session ID for the new token */
     NewToken->SessionId = MmGetSessionId(Process);

     /* Unlock the new token */
     SepReleaseTokenLock(NewToken);

     /* Reference the new token */
     ObReferenceObject(NewToken);

     /* Replace the old with the new */
     OldToken = ObFastReplaceObject(&Process->Token, NewToken);

     /* Lock the old token */
     SepAcquireTokenLockExclusive(OldToken);

     /* Mark the old token as free */
     OldToken->TokenInUse = FALSE;

     /* Unlock the old token */
     SepReleaseTokenLock(OldToken);

     *OldAccessToken = (PACCESS_TOKEN)OldToken;
     return STATUS_SUCCESS;
 }

 VOID
 NTAPI
 SeDeassignPrimaryToken(
     _Inout_ PEPROCESS Process)
 {
     PTOKEN OldToken;

     /* Remove the Token */
     OldToken = ObFastReplaceObject(&Process->Token, NULL);

     /* Mark the Old Token as free */
     OldToken->TokenInUse = FALSE;

     /* Dereference the Token */
     ObDereferenceObject(OldToken);
 }

 ULONG
 RtlLengthSidAndAttributes(
     _In_ ULONG Count,
     _In_ PSID_AND_ATTRIBUTES Src)
 {
     ULONG i;
     ULONG uLength;

     PAGED_CODE();

     uLength = Count * sizeof(SID_AND_ATTRIBUTES);
     for (i = 0; i < Count; i++)
         uLength += RtlLengthSid(Src[i].Sid);

     return uLength;
 }

 NTSTATUS
 SepFindPrimaryGroupAndDefaultOwner(
     _In_ PTOKEN Token,
     _In_ PSID PrimaryGroup,
     _In_opt_ PSID DefaultOwner,
     _Out_opt_ PULONG PrimaryGroupIndex,
     _Out_opt_ PULONG DefaultOwnerIndex)
 {
     ULONG i;

     /* We should return at least a search result */
     if (!PrimaryGroupIndex && !DefaultOwnerIndex)
         return STATUS_INVALID_PARAMETER;

     if (PrimaryGroupIndex)
     {
         /* Initialize with an invalid index */
         // Token->PrimaryGroup = NULL;
         *PrimaryGroupIndex = Token->UserAndGroupCount;
     }

     if (DefaultOwnerIndex)
     {
         if (DefaultOwner)
         {
             /* An owner is specified: check whether this is actually the user */
             if (RtlEqualSid(Token->UserAndGroups[0].Sid, DefaultOwner))
             {
                 /*
                  * It's the user (first element in array): set it
                  * as the owner and stop the search for it.
                  */
                 *DefaultOwnerIndex = 0;
                 DefaultOwnerIndex = NULL;
             }
             else
             {
                 /* An owner is specified: initialize with an invalid index */
                 *DefaultOwnerIndex = Token->UserAndGroupCount;
             }
         }
         else
         {
             /*
              * No owner specified: set the user (first element in array)
              * as the owner and stop the search for it.
              */
             *DefaultOwnerIndex = 0;
             DefaultOwnerIndex = NULL;
         }
     }

     /* Validate and set the primary group and default owner indices */
     for (i = 0; i < Token->UserAndGroupCount; i++)
     {
         /* Stop the search if we have found what we searched for */
         if (!PrimaryGroupIndex && !DefaultOwnerIndex)
             break;

         if (DefaultOwnerIndex && DefaultOwner &&
             RtlEqualSid(Token->UserAndGroups[i].Sid, DefaultOwner) &&
             (Token->UserAndGroups[i].Attributes & SE_GROUP_OWNER))
         {
             /* Owner is found, stop the search for it */
             *DefaultOwnerIndex = i;
             DefaultOwnerIndex = NULL;
         }

         if (PrimaryGroupIndex &&
             RtlEqualSid(Token->UserAndGroups[i].Sid, PrimaryGroup))
         {
             /* Primary group is found, stop the search for it */
             // Token->PrimaryGroup = Token->UserAndGroups[i].Sid;
             *PrimaryGroupIndex = i;
             PrimaryGroupIndex = NULL;
         }
     }

     if (DefaultOwnerIndex)
     {
         if (*DefaultOwnerIndex == Token->UserAndGroupCount)
             return STATUS_INVALID_OWNER;
     }

     if (PrimaryGroupIndex)
     {
         if (*PrimaryGroupIndex == Token->UserAndGroupCount)
         // if (Token->PrimaryGroup == NULL)
             return STATUS_INVALID_PRIMARY_GROUP;
     }

     return STATUS_SUCCESS;
 }

 NTSTATUS
 NTAPI
 SeSubProcessToken(
     _In_ PTOKEN ParentToken,
     _Out_ PTOKEN *Token,
     _In_ BOOLEAN InUse,
     _In_ ULONG SessionId)
 {
     PTOKEN NewToken;
     OBJECT_ATTRIBUTES ObjectAttributes;
     NTSTATUS Status;

     /* Initialize the attributes and duplicate it */
     InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
     Status = SepDuplicateToken(ParentToken,
                                &ObjectAttributes,
                                FALSE,
                                TokenPrimary,
                                ParentToken->ImpersonationLevel,
                                KernelMode,
                                &NewToken);
     if (NT_SUCCESS(Status))
     {
         /* Insert it */
         Status = ObInsertObject(NewToken,
                                 NULL,
                                 0,
                                 0,
                                 NULL,
                                 NULL);
         if (NT_SUCCESS(Status))
         {
             /* Set the session ID */
             NewToken->SessionId = SessionId;
             NewToken->TokenInUse = InUse;

             /* Return the token */
             *Token = NewToken;
         }
     }

     /* Return status */
     return Status;
 }

 NTSTATUS
 NTAPI
 SeIsTokenChild(
     _In_ PTOKEN Token,
     _Out_ PBOOLEAN IsChild)
 {
     PTOKEN ProcessToken;
     LUID ProcessTokenId, CallerParentId;

     /* Assume failure */
     *IsChild = FALSE;

     /* Reference the process token */
     ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
     if (!ProcessToken)
         return STATUS_UNSUCCESSFUL;

     /* Get its token ID */
     ProcessTokenId = ProcessToken->TokenId;

     /* Dereference the token */
     ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);

     /* Get our parent token ID */
     CallerParentId = Token->ParentTokenId;

     /* Compare the token IDs */
     if (RtlEqualLuid(&CallerParentId, &ProcessTokenId))
         *IsChild = TRUE;

     /* Return success */
     return STATUS_SUCCESS;
 }

 NTSTATUS
 NTAPI
 SeIsTokenSibling(
     _In_ PTOKEN Token,
     _Out_ PBOOLEAN IsSibling)
 {
     PTOKEN ProcessToken;
     LUID ProcessParentId, ProcessAuthId;
     LUID CallerParentId, CallerAuthId;

     /* Assume failure */
     *IsSibling = FALSE;

     /* Reference the process token */
     ProcessToken = PsReferencePrimaryToken(PsGetCurrentProcess());
     if (!ProcessToken)
         return STATUS_UNSUCCESSFUL;

     /* Get its parent and authentication IDs */
     ProcessParentId = ProcessToken->ParentTokenId;
     ProcessAuthId = ProcessToken->AuthenticationId;

     /* Dereference the token */
     ObFastDereferenceObject(&PsGetCurrentProcess()->Token, ProcessToken);

     /* Get our parent and authentication IDs */
     CallerParentId = Token->ParentTokenId;
     CallerAuthId = Token->AuthenticationId;

     /* Compare the token IDs */
     if (RtlEqualLuid(&CallerParentId, &ProcessParentId) &&
         RtlEqualLuid(&CallerAuthId, &ProcessAuthId))
     {
         *IsSibling = TRUE;
     }

     /* Return success */
     return STATUS_SUCCESS;
 }

 NTSTATUS
 NTAPI
 SeCopyClientToken(
     _In_ PACCESS_TOKEN Token,
     _In_ SECURITY_IMPERSONATION_LEVEL Level,
     _In_ KPROCESSOR_MODE PreviousMode,
     _Out_ PACCESS_TOKEN* NewToken)
 {
     NTSTATUS Status;
     OBJECT_ATTRIBUTES ObjectAttributes;

     PAGED_CODE();

     InitializeObjectAttributes(&ObjectAttributes,
                                NULL,
                                0,
                                NULL,
                                NULL);

     Status = SepDuplicateToken(Token,
                                &ObjectAttributes,
                                FALSE,
                                TokenImpersonation,
                                Level,
                                PreviousMode,
                                (PTOKEN*)NewToken);

     return Status;
 }

 BOOLEAN
 NTAPI
 SeTokenIsInert(
     _In_ PTOKEN Token)
 {
     PAGED_CODE();

     return (((PTOKEN)Token)->TokenFlags & TOKEN_SANDBOX_INERT) != 0;
 }

 VOID
 NTAPI
 SepDeleteToken(
     _In_ PVOID ObjectBody)
 {
     NTSTATUS Status;
     PTOKEN AccessToken = (PTOKEN)ObjectBody;

     DPRINT("SepDeleteToken()\n");

     /* Remove the referenced logon session from token */
     if (AccessToken->LogonSession)
     {
         Status = SepRmRemoveLogonSessionFromToken(AccessToken);
         if (!NT_SUCCESS(Status))
         {
             /* Something seriously went wrong */
             DPRINT1("SepDeleteToken(): Failed to remove the logon session from token (Status: 0x%lx)\n", Status);
             return;
         }
     }

     /* Dereference the logon session */
     if ((AccessToken->TokenFlags & TOKEN_SESSION_NOT_REFERENCED) == 0)
         SepRmDereferenceLogonSession(&AccessToken->AuthenticationId);

     /* Delete the token lock */
     if (AccessToken->TokenLock)
         SepDeleteTokenLock(AccessToken);

     /* Delete the dynamic information area */
     if (AccessToken->DynamicPart)
         ExFreePoolWithTag(AccessToken->DynamicPart, TAG_TOKEN_DYNAMIC);
 }

 CODE_SEG("INIT")
 VOID
 NTAPI
 SepInitializeTokenImplementation(VOID)
 {
     UNICODE_STRING Name;
     OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;

     DPRINT("Creating Token Object Type\n");

     /* Initialize the Token type */
     RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
     RtlInitUnicodeString(&Name, L"Token");
     ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
     ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
     ObjectTypeInitializer.SecurityRequired = TRUE;
     ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(TOKEN);
     ObjectTypeInitializer.GenericMapping = SepTokenMapping;
     ObjectTypeInitializer.PoolType = PagedPool;
     ObjectTypeInitializer.ValidAccessMask = TOKEN_ALL_ACCESS;
     ObjectTypeInitializer.UseDefaultObject = TRUE;
     ObjectTypeInitializer.DeleteProcedure = SepDeleteToken;
     ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SeTokenObjectType);
 }

 VOID
 NTAPI
 SeAssignPrimaryToken(
     _In_ PEPROCESS Process,
     _In_ PTOKEN Token)
 {
     PAGED_CODE();

     /* Sanity checks */
     ASSERT(Token->TokenType == TokenPrimary);
     ASSERT(!Token->TokenInUse);

     /* Clean any previous token */
     if (Process->Token.Object) SeDeassignPrimaryToken(Process);

     /* Set the new token */
     ObReferenceObject(Token);
     Token->TokenInUse = TRUE;
     ObInitializeFastReference(&Process->Token, Token);
 }

 VOID
 NTAPI
 SeGetTokenControlInformation(
     _In_ PACCESS_TOKEN _Token,
     _Out_ PTOKEN_CONTROL TokenControl)
 {
     PTOKEN Token = _Token;
     PAGED_CODE();

     /* Capture the main fields */
     TokenControl->AuthenticationId = Token->AuthenticationId;
     TokenControl->TokenId = Token->TokenId;
     TokenControl->TokenSource = Token->TokenSource;

     /* Lock the token */
     SepAcquireTokenLockShared(Token);

     /* Capture the modified ID */
     TokenControl->ModifiedId = Token->ModifiedId;

     /* Unlock it */
     SepReleaseTokenLock(Token);
 }

 CODE_SEG("INIT")
 PTOKEN
 NTAPI
 SepCreateSystemProcessToken(VOID)
 {
     LUID_AND_ATTRIBUTES Privileges[25];
     ULONG GroupAttributes, OwnerAttributes;
     SID_AND_ATTRIBUTES Groups[32];
     LARGE_INTEGER Expiration;
     SID_AND_ATTRIBUTES UserSid;
     ULONG GroupsLength;
     PSID PrimaryGroup;
     OBJECT_ATTRIBUTES ObjectAttributes;
     PSID Owner;
     ULONG i;
     PTOKEN Token;
     NTSTATUS Status;

     /* Don't ever expire */
     Expiration.QuadPart = -1;

     /* All groups mandatory and enabled */
     GroupAttributes = SE_GROUP_ENABLED | SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT;
     OwnerAttributes = SE_GROUP_ENABLED | SE_GROUP_OWNER | SE_GROUP_ENABLED_BY_DEFAULT;

     /* User is Local System */
     UserSid.Sid = SeLocalSystemSid;
     UserSid.Attributes = 0;

     /* Primary group is Local System */
     PrimaryGroup = SeLocalSystemSid;

     /* Owner is Administrators */
     Owner = SeAliasAdminsSid;

     /* Groups are Administrators, World, and Authenticated Users */
     Groups[0].Sid = SeAliasAdminsSid;
     Groups[0].Attributes = OwnerAttributes;
     Groups[1].Sid = SeWorldSid;
     Groups[1].Attributes = GroupAttributes;
     Groups[2].Sid = SeAuthenticatedUsersSid;
     Groups[2].Attributes = GroupAttributes;
     GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
                    SeLengthSid(Groups[0].Sid) +
                    SeLengthSid(Groups[1].Sid) +
                    SeLengthSid(Groups[2].Sid);
     ASSERT(GroupsLength <= sizeof(Groups));

     /* Setup the privileges */
     i = 0;
     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeTcbPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeCreateTokenPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeTakeOwnershipPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeCreatePagefilePrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeLockMemoryPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeAssignPrimaryTokenPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeIncreaseQuotaPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeIncreaseBasePriorityPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeCreatePermanentPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeDebugPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeAuditPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeSecurityPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeSystemEnvironmentPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeChangeNotifyPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeBackupPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeRestorePrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeShutdownPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeLoadDriverPrivilege;

     Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeProfileSingleProcessPrivilege;

     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeSystemtimePrivilege;
     ASSERT(i == 20);

     /* Setup the object attributes */
     InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
     ASSERT(SeSystemDefaultDacl != NULL);

     /* Create the token */
     Status = SepCreateToken((PHANDLE)&Token,
                             KernelMode,
                             0,
                             &ObjectAttributes,
                             TokenPrimary,
                             SecurityAnonymous,
                             &SeSystemAuthenticationId,
                             &Expiration,
                             &UserSid,
                             3,
                             Groups,
                             GroupsLength,
                             20,
                             Privileges,
                             Owner,
                             PrimaryGroup,
                             SeSystemDefaultDacl,
                             &SeSystemTokenSource,
                             TRUE);
     ASSERT(Status == STATUS_SUCCESS);

     /* Return the token */
     return Token;
 }

 CODE_SEG("INIT")
 PTOKEN
 SepCreateSystemAnonymousLogonToken(VOID)
 {
     SID_AND_ATTRIBUTES Groups[32], UserSid;
     PSID PrimaryGroup;
     PTOKEN Token;
     ULONG GroupsLength;
     LARGE_INTEGER Expiration;
     OBJECT_ATTRIBUTES ObjectAttributes;
     NTSTATUS Status;

     /* The token never expires */
     Expiration.QuadPart = -1;

     /* The user is the anonymous logon */
     UserSid.Sid = SeAnonymousLogonSid;
     UserSid.Attributes = 0;

     /* The primary group is also the anonymous logon */
     PrimaryGroup = SeAnonymousLogonSid;

     /* The only group for the token is the World */
     Groups[0].Sid = SeWorldSid;
     Groups[0].Attributes = SE_GROUP_ENABLED | SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT;
     GroupsLength = sizeof(SID_AND_ATTRIBUTES) +
                    SeLengthSid(Groups[0].Sid);
     ASSERT(GroupsLength <= sizeof(Groups));

     /* Initialise the object attributes for the token */
     InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
     ASSERT(SeSystemAnonymousLogonDacl != NULL);

     /* Create token */
     Status = SepCreateToken((PHANDLE)&Token,
                             KernelMode,
                             0,
                             &ObjectAttributes,
                             TokenPrimary,
                             SecurityAnonymous,
                             &SeAnonymousAuthenticationId,
                             &Expiration,
                             &UserSid,
                             1,
                             Groups,
                             GroupsLength,
                             0,
                             NULL,
                             NULL,
                             PrimaryGroup,
                             SeSystemAnonymousLogonDacl,
                             &SeSystemTokenSource,
                             TRUE);
     ASSERT(Status == STATUS_SUCCESS);

     /* Return the anonymous logon token */
     return Token;
 }

 CODE_SEG("INIT")
 PTOKEN
 SepCreateSystemAnonymousLogonTokenNoEveryone(VOID)
 {
     SID_AND_ATTRIBUTES UserSid;
     PSID PrimaryGroup;
     PTOKEN Token;
     LARGE_INTEGER Expiration;
     OBJECT_ATTRIBUTES ObjectAttributes;
     NTSTATUS Status;

     /* The token never expires */
     Expiration.QuadPart = -1;

     /* The user is the anonymous logon */
     UserSid.Sid = SeAnonymousLogonSid;
     UserSid.Attributes = 0;

     /* The primary group is also the anonymous logon */
     PrimaryGroup = SeAnonymousLogonSid;

     /* Initialise the object attributes for the token */
     InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
     ASSERT(SeSystemAnonymousLogonDacl != NULL);

     /* Create token */
     Status = SepCreateToken((PHANDLE)&Token,
                             KernelMode,
                             0,
                             &ObjectAttributes,
                             TokenPrimary,
                             SecurityAnonymous,
                             &SeAnonymousAuthenticationId,
                             &Expiration,
                             &UserSid,
                             0,
                             NULL,
                             0,
                             0,
                             NULL,
                             NULL,
                             PrimaryGroup,
                             SeSystemAnonymousLogonDacl,
                             &SeSystemTokenSource,
                             TRUE);
     ASSERT(Status == STATUS_SUCCESS);

     /* Return the anonymous (not including everyone) logon token */
     return Token;
 }

 /* PUBLIC FUNCTIONS ***********************************************************/

 NTSTATUS
 NTAPI
 SeQuerySessionIdToken(
     _In_ PACCESS_TOKEN Token,
     _Out_ PULONG pSessionId)
 {
     PAGED_CODE();

     /* Lock the token */
     SepAcquireTokenLockShared(Token);

     *pSessionId = ((PTOKEN)Token)->SessionId;

     /* Unlock the token */
     SepReleaseTokenLock(Token);

     return STATUS_SUCCESS;
 }

 NTSTATUS
 NTAPI
 SeQueryAuthenticationIdToken(
     _In_ PACCESS_TOKEN Token,
     _Out_ PLUID LogonId)
 {
     PAGED_CODE();

     *LogonId = ((PTOKEN)Token)->AuthenticationId;

     return STATUS_SUCCESS;
 }

 SECURITY_IMPERSONATION_LEVEL
 NTAPI
 SeTokenImpersonationLevel(
     _In_ PACCESS_TOKEN Token)
 {
     PAGED_CODE();

     return ((PTOKEN)Token)->ImpersonationLevel;
 }

 TOKEN_TYPE
 NTAPI
 SeTokenType(
     _In_ PACCESS_TOKEN Token)
 {
     PAGED_CODE();

     return ((PTOKEN)Token)->TokenType;
 }

 BOOLEAN
 NTAPI
 SeTokenIsAdmin(
     _In_ PACCESS_TOKEN Token)
 {
     PAGED_CODE();

     // NOTE: Win7+ instead really checks the list of groups in the token
     // (since TOKEN_HAS_ADMIN_GROUP == TOKEN_WRITE_RESTRICTED ...)
     return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_ADMIN_GROUP) != 0;
 }

 BOOLEAN
 NTAPI
 SeTokenIsRestricted(
     _In_ PACCESS_TOKEN Token)
 {
     PAGED_CODE();

     return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0;
 }

 BOOLEAN
 NTAPI
 SeTokenIsWriteRestricted(
     _In_ PACCESS_TOKEN Token)
 {
     PAGED_CODE();

     // NOTE: NT 5.1 SP2 x86 checks the SE_BACKUP_PRIVILEGES_CHECKED flag
     // while Vista+ checks the TOKEN_WRITE_RESTRICTED flag as one expects.
     return (((PTOKEN)Token)->TokenFlags & SE_BACKUP_PRIVILEGES_CHECKED) != 0;
 }

 BOOLEAN
 NTAPI
 SeTokenCanImpersonate(
     _In_ PTOKEN ProcessToken,
     _In_ PTOKEN TokenToImpersonate,
     _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 {
     BOOLEAN CanImpersonate;
     PAGED_CODE();

     /*
      * SecurityAnonymous and SecurityIdentification levels do not
      * allow impersonation.
      */
     if (ImpersonationLevel == SecurityAnonymous ||
         ImpersonationLevel == SecurityIdentification)
     {
         return FALSE;
     }

     /* Time to lock our tokens */
     SepAcquireTokenLockShared(ProcessToken);
     SepAcquireTokenLockShared(TokenToImpersonate);

     /* What kind of authentication ID does the token have? */
     if (RtlEqualLuid(&TokenToImpersonate->AuthenticationId,
                      &SeAnonymousAuthenticationId))
     {
         /*
          * OK, it looks like the token has an anonymous
          * authentication. Is that token created by the system?
          */
         if (TokenToImpersonate->TokenSource.SourceName != SeSystemTokenSource.SourceName &&
             !RtlEqualLuid(&TokenToImpersonate->TokenSource.SourceIdentifier, &SeSystemTokenSource.SourceIdentifier))
         {
             /* It isn't, we can't impersonate regular tokens */
             DPRINT("SeTokenCanImpersonate(): Token has an anonymous authentication ID, can't impersonate!\n");
             CanImpersonate = FALSE;
             goto Quit;
         }
     }

     /* Are the SID values from both tokens equal? */
     if (!RtlEqualSid(ProcessToken->UserAndGroups->Sid,
                      TokenToImpersonate->UserAndGroups->Sid))
     {
         /* They aren't, bail out */
         DPRINT("SeTokenCanImpersonate(): Tokens SIDs are not equal!\n");
         CanImpersonate = FALSE;
         goto Quit;
     }

     /*
      * Make sure the tokens aren't diverged in terms of
      * restrictions, that is, one token is restricted
      * but the other one isn't.
      */
     if (SeTokenIsRestricted(ProcessToken) !=
         SeTokenIsRestricted(TokenToImpersonate))
     {
         /*
          * One token is restricted so we cannot
          * continue further at this point, bail out.
          */
         DPRINT("SeTokenCanImpersonate(): One token is restricted, can't continue!\n");
         CanImpersonate = FALSE;
         goto Quit;
     }

     /* If we've reached that far then we can impersonate! */
     DPRINT("SeTokenCanImpersonate(): We can impersonate.\n");
     CanImpersonate = TRUE;

 Quit:
     /* We're done, unlock the tokens now */
     SepReleaseTokenLock(ProcessToken);
     SepReleaseTokenLock(TokenToImpersonate);

     return CanImpersonate;
 }

 /* SYSTEM CALLS ***************************************************************/

 NTSTATUS
 NTAPI
 NtOpenThreadTokenEx(
     _In_ HANDLE ThreadHandle,
     _In_ ACCESS_MASK DesiredAccess,
     _In_ BOOLEAN OpenAsSelf,
     _In_ ULONG HandleAttributes,
     _Out_ PHANDLE TokenHandle)
 {
     PETHREAD Thread;
     HANDLE hToken;
     PTOKEN Token, NewToken = NULL, PrimaryToken;
     BOOLEAN CopyOnOpen, EffectiveOnly;
     SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
     SE_IMPERSONATION_STATE ImpersonationState;
     OBJECT_ATTRIBUTES ObjectAttributes;
     SECURITY_DESCRIPTOR SecurityDescriptor;
     PACL Dacl = NULL;
     KPROCESSOR_MODE PreviousMode;
     NTSTATUS Status;
     BOOLEAN RestoreImpersonation = FALSE;

     PAGED_CODE();

     PreviousMode = ExGetPreviousMode();

     if (PreviousMode != KernelMode)
     {
         _SEH2_TRY
         {
             ProbeForWriteHandle(TokenHandle);
         }
         _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
         {
             /* Return the exception code */
             _SEH2_YIELD(return _SEH2_GetExceptionCode());
         }
         _SEH2_END;
     }

     /* Validate object attributes */
     HandleAttributes = ObpValidateAttributes(HandleAttributes, PreviousMode);

     /*
      * At first open the thread token for information access and verify
      * that the token associated with thread is valid.
      */

     Status = ObReferenceObjectByHandle(ThreadHandle, THREAD_QUERY_INFORMATION,
                                        PsThreadType, PreviousMode, (PVOID*)&Thread,
                                        NULL);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }

     Token = PsReferenceImpersonationToken(Thread, &CopyOnOpen, &EffectiveOnly,
                                           &ImpersonationLevel);
     if (Token == NULL)
     {
         ObDereferenceObject(Thread);
         return STATUS_NO_TOKEN;
     }

     if (ImpersonationLevel == SecurityAnonymous)
     {
         PsDereferenceImpersonationToken(Token);
         ObDereferenceObject(Thread);
         return STATUS_CANT_OPEN_ANONYMOUS;
     }

     /*
      * Revert to self if OpenAsSelf is specified.
      */

     if (OpenAsSelf)
     {
         RestoreImpersonation = PsDisableImpersonation(PsGetCurrentThread(),
                                                       &ImpersonationState);
     }

     if (CopyOnOpen)
     {
         PrimaryToken = PsReferencePrimaryToken(Thread->ThreadsProcess);

         Status = SepCreateImpersonationTokenDacl(Token, PrimaryToken, &Dacl);

         ObFastDereferenceObject(&Thread->ThreadsProcess->Token, PrimaryToken);

         if (NT_SUCCESS(Status))
         {
             if (Dacl)
             {
                 Status = RtlCreateSecurityDescriptor(&SecurityDescriptor,
                                                      SECURITY_DESCRIPTOR_REVISION);
                 if (!NT_SUCCESS(Status))
                 {
                     DPRINT1("NtOpenThreadTokenEx(): Failed to create a security descriptor (Status 0x%lx)\n", Status);
                 }

                 Status = RtlSetDaclSecurityDescriptor(&SecurityDescriptor, TRUE, Dacl,
                                                       FALSE);
                 if (!NT_SUCCESS(Status))
                 {
                     DPRINT1("NtOpenThreadTokenEx(): Failed to set a DACL to the security descriptor (Status 0x%lx)\n", Status);
                 }
             }

             InitializeObjectAttributes(&ObjectAttributes, NULL, HandleAttributes,
                                        NULL, Dacl ? &SecurityDescriptor : NULL);

             Status = SepDuplicateToken(Token, &ObjectAttributes, EffectiveOnly,
                                        TokenImpersonation, ImpersonationLevel,
                                        KernelMode, &NewToken);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("NtOpenThreadTokenEx(): Failed to duplicate the token (Status 0x%lx)\n", Status);
             }

             ObReferenceObject(NewToken);
             Status = ObInsertObject(NewToken, NULL, DesiredAccess, 0, NULL,
                                     &hToken);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("NtOpenThreadTokenEx(): Failed to insert the token object (Status 0x%lx)\n", Status);
             }
         }
         else
         {
             DPRINT1("NtOpenThreadTokenEx(): Failed to impersonate token from DACL (Status 0x%lx)\n", Status);
         }
     }
     else
     {
         Status = ObOpenObjectByPointer(Token, HandleAttributes,
                                        NULL, DesiredAccess, SeTokenObjectType,
                                        PreviousMode, &hToken);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("NtOpenThreadTokenEx(): Failed to open the object (Status 0x%lx)\n", Status);
         }
     }

     if (Dacl) ExFreePoolWithTag(Dacl, TAG_ACL);

     if (RestoreImpersonation)
     {
         PsRestoreImpersonation(PsGetCurrentThread(), &ImpersonationState);
     }

     ObDereferenceObject(Token);

     if (NT_SUCCESS(Status) && CopyOnOpen)
     {
         Status = PsImpersonateClient(Thread, NewToken, FALSE, EffectiveOnly, ImpersonationLevel);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("NtOpenThreadTokenEx(): Failed to impersonate the client (Status 0x%lx)\n", Status);
         }
     }

     if (NewToken) ObDereferenceObject(NewToken);

     ObDereferenceObject(Thread);

     if (NT_SUCCESS(Status))
     {
         _SEH2_TRY
         {
             *TokenHandle = hToken;
         }
         _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
         {
             Status = _SEH2_GetExceptionCode();
         }
         _SEH2_END;
     }

     return Status;
 }

 NTSTATUS
 NTAPI
 NtOpenThreadToken(
     _In_ HANDLE ThreadHandle,
     _In_ ACCESS_MASK DesiredAccess,
     _In_ BOOLEAN OpenAsSelf,
     _Out_ PHANDLE TokenHandle)
 {
     return NtOpenThreadTokenEx(ThreadHandle, DesiredAccess, OpenAsSelf, 0,
                                TokenHandle);
 }

 NTSTATUS
 NTAPI
 NtCompareTokens(
     _In_ HANDLE FirstTokenHandle,
     _In_ HANDLE SecondTokenHandle,
     _Out_ PBOOLEAN Equal)
 {
     KPROCESSOR_MODE PreviousMode;
     PTOKEN FirstToken, SecondToken;
     BOOLEAN IsEqual;
     NTSTATUS Status;

     PAGED_CODE();

     PreviousMode = ExGetPreviousMode();

     if (PreviousMode != KernelMode)
     {
         _SEH2_TRY
         {
             ProbeForWriteBoolean(Equal);
         }
         _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
         {
             /* Return the exception code */
             _SEH2_YIELD(return _SEH2_GetExceptionCode());
         }
         _SEH2_END;
     }

     Status = ObReferenceObjectByHandle(FirstTokenHandle,
                                        TOKEN_QUERY,
                                        SeTokenObjectType,
                                        PreviousMode,
                                        (PVOID*)&FirstToken,
                                        NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("ObReferenceObjectByHandle() failed (Status 0x%lx)\n", Status);
         return Status;
     }

     Status = ObReferenceObjectByHandle(SecondTokenHandle,
                                        TOKEN_QUERY,
                                        SeTokenObjectType,
                                        PreviousMode,
                                        (PVOID*)&SecondToken,
                                        NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("ObReferenceObjectByHandle() failed (Status 0x%lx)\n", Status);
         ObDereferenceObject(FirstToken);
         return Status;
     }

     if (FirstToken != SecondToken)
     {
         Status = SepCompareTokens(FirstToken,
                                   SecondToken,
                                   &IsEqual);
     }
     else
     {
         IsEqual = TRUE;
     }

     ObDereferenceObject(SecondToken);
     ObDereferenceObject(FirstToken);

     if (NT_SUCCESS(Status))
     {
         _SEH2_TRY
         {
             *Equal = IsEqual;
         }
         _SEH2_EXCEPT(ExSystemExceptionFilter())
         {
             Status = _SEH2_GetExceptionCode();
         }
         _SEH2_END;
     }

     return Status;
 }

 NTSTATUS
 NTAPI
 NtImpersonateAnonymousToken(
     _In_ HANDLE ThreadHandle)
 {
     PETHREAD Thread;
     KPROCESSOR_MODE PreviousMode;
     NTSTATUS Status;
     PAGED_CODE();

     PreviousMode = ExGetPreviousMode();

     /* Obtain the thread object from the handle */
     Status = ObReferenceObjectByHandle(ThreadHandle,
                                        THREAD_IMPERSONATE,
                                        PsThreadType,
                                        PreviousMode,
                                        (PVOID*)&Thread,
                                        NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtImpersonateAnonymousToken(): Failed to reference the object (Status 0x%lx)\n", Status);
         return Status;
     }

     /* Call the private routine to impersonate the token */
     Status = SepImpersonateAnonymousToken(Thread, PreviousMode);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtImpersonateAnonymousToken(): Failed to impersonate the token (Status 0x%lx)\n", Status);
     }

     ObDereferenceObject(Thread);
     return Status;
 }

 /* EOF */
SeAnonymousLogonTokenNoEveryone
PTOKEN SeAnonymousLogonTokenNoEveryone
Definition: semgr.c:20

_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301

OBJ_OPENLINK
#define OBJ_OPENLINK
Definition: winternl.h:230

SepDeleteTokenLock
VOID SepDeleteTokenLock(_Inout_ PTOKEN Token)
Deletes a lock of a token.
Definition: token.c:74

_TOKEN::TokenType
TOKEN_TYPE TokenType
Definition: setypes.h:239

SeSystemEnvironmentPrivilege
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:41

SepAcquireTokenLockExclusive
#define SepAcquireTokenLockExclusive(Token)
Definition: se.h:275

NtOpenThreadTokenEx
NTSTATUS NTAPI NtOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2079

_LUID_AND_ATTRIBUTES
Definition: setypes.h:73

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35

PsImpersonateClient
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610

HandleAttributes
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:429

SepRegQueryHelper
NTSTATUS NTAPI SepRegQueryHelper(_In_ PCWSTR KeyName, _In_ PCWSTR ValueName, _In_ ULONG ValueType, _In_ ULONG DataLength, _Out_ PVOID ValueData)
A private registry helper that returns the desired value data based on the specifics requested by the...
Definition: srm.c:93

SecurityImpersonation
Definition: lsa.idl:57

ObCreateObjectType
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1047

DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654

NonPagedPool
Definition: ketypes.h:866

SeSystemtimePrivilege
const LUID SeSystemtimePrivilege
Definition: priv.c:31

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506

_OBJECT_TYPE_INITIALIZER::ValidAccessMask
ULONG ValidAccessMask
Definition: obtypes.h:359

TOKEN_SANDBOX_INERT
#define TOKEN_SANDBOX_INERT
Definition: setypes.h:1181

_OBJECT_TYPE_INITIALIZER::SecurityRequired
BOOLEAN SecurityRequired
Definition: obtypes.h:360

_In_opt_
#define _In_opt_
Definition: ms_sal.h:309

SeTokenCanImpersonate
BOOLEAN NTAPI SeTokenCanImpersonate(_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Ensures that client impersonation can occur by checking if the token we're going to assign as the imp...
Definition: token.c:1969

ImpersonationState
_Inout_ PSE_IMPERSONATION_STATE ImpersonationState
Definition: psfuncs.h:189

_Inout_
#define _Inout_
Definition: ms_sal.h:378

_SID
Definition: ms-dtyp.idl:198

SeIncreaseQuotaPrivilege
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:24

TOKEN_WRITE
#define TOKEN_WRITE
Definition: setypes.h:949

PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81

SepCreateToken
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: tokenlif.c:97

THREAD_IMPERSONATE
#define THREAD_IMPERSONATE
Definition: pstypes.h:151

SeCreateTokenPrivilege
const LUID SeCreateTokenPrivilege
Definition: priv.c:21

_Out_
#define _Out_
Definition: ms_sal.h:345

SeCreatePermanentPrivilege
const LUID SeCreatePermanentPrivilege
Definition: priv.c:35

SepTokenIsOwner
BOOLEAN NTAPI SepTokenIsOwner(_In_ PACCESS_TOKEN _Token, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN TokenLocked)
Checks if a token belongs to the main user, being the owner.
Definition: token.c:511

SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:39

SeBackupPrivilege
const LUID SeBackupPrivilege
Definition: priv.c:36

TRUE
#define TRUE
Definition: types.h:120

_OBJECT_ATTRIBUTES
Definition: umtypes.h:181

SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182

STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

_ACL
Definition: ms-dtyp.idl:293

SeSystemDefaultDacl
PACL SeSystemDefaultDacl
Definition: acl.c:17

_TOKEN::AuthenticationId
LUID AuthenticationId
Definition: setypes.h:219

SessionId
ULONG SessionId
Definition: dllmain.c:28

SepRemovePrivilegeToken
VOID SepRemovePrivilegeToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a privilege from the token.
Definition: token.c:582

STATUS_CANT_OPEN_ANONYMOUS
#define STATUS_CANT_OPEN_ANONYMOUS
Definition: ntstatus.h:402

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711

SE_RESTORE_PRIVILEGE
#define SE_RESTORE_PRIVILEGE
Definition: security.c:672

SepImpersonateAnonymousToken
static NTSTATUS SepImpersonateAnonymousToken(_In_ PETHREAD Thread, _In_ KPROCESSOR_MODE PreviousMode)
Private function that impersonates the system's anonymous logon token. The major bulk of the imperson...
Definition: token.c:334

NtCompareTokens
NTSTATUS NTAPI NtCompareTokens(_In_ HANDLE FirstTokenHandle, _In_ HANDLE SecondTokenHandle, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal or not.
Definition: token.c:2310

SeSystemAuthenticationId
LUID SeSystemAuthenticationId
Definition: token.c:20

CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154

ExInitializeResourceLite
NTSTATUS ExInitializeResourceLite(PULONG res)
Definition: env_spec_w32.h:641

ExDeleteResourceLite
NTSTATUS NTAPI ExDeleteResourceLite(IN PERESOURCE Resource)
Definition: resource.c:1456

PACCESS_TOKEN
PVOID PACCESS_TOKEN
Definition: setypes.h:11

SeAnonymousLogonToken
PTOKEN SeAnonymousLogonToken
Definition: semgr.c:19

TOKEN_HAS_TRAVERSE_PRIVILEGE
#define TOKEN_HAS_TRAVERSE_PRIVILEGE
Definition: setypes.h:1174

ExGetPreviousMode
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
Definition: sysinfo.c:3062

Level
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:55

_EPROCESS
Definition: pstypes.h:1260

_OBJECT_TYPE
Definition: obtypes.h:379

KernelMode
Definition: ketypes.h:11

SeAssignPrimaryTokenPrivilege
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:22

TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:923

RtlCreateSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)

SepGetOwnerFromDescriptor
FORCEINLINE PSID SepGetOwnerFromDescriptor(_Inout_ PVOID _Descriptor)
Definition: se.h:99

SecurityAnonymous
Definition: lsa.idl:55

_OBJECT_TYPE_INITIALIZER
Definition: obtypes.h:352

SeAuthenticatedUsersSid
PSID SeAuthenticatedUsersSid
Definition: sid.c:49

Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895

SeTokenImpersonationLevel
SECURITY_IMPERSONATION_LEVEL NTAPI SeTokenImpersonationLevel(_In_ PACCESS_TOKEN Token)
Gathers the security impersonation level of an access token.
Definition: token.c:1846

ObOpenObjectByPointer
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
Definition: obhandle.c:2742

RtlSetDaclSecurityDescriptor
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)

SeIsTokenSibling
NTSTATUS NTAPI SeIsTokenSibling(_In_ PTOKEN Token, _Out_ PBOOLEAN IsSibling)
Checks if the token is a sibling of the other token of the current process that the calling thread is...
Definition: token.c:1236

_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75

RtlMoveMemory
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264

_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

TokenPrimary
Definition: imports.h:273

SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58

_TOKEN::TokenFlags
ULONG TokenFlags
Definition: setypes.h:241

NtImpersonateAnonymousToken
NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2419

SepRmDereferenceLogonSession
NTSTATUS SepRmDereferenceLogonSession(_Inout_ PLUID LogonLuid)

STATUS_NOT_IMPLEMENTED
return STATUS_NOT_IMPLEMENTED
Definition: fxdriverapium.cpp:241

SE_PRIVILEGE_ENABLED
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63

_TOKEN_SOURCE::SourceIdentifier
LUID SourceIdentifier
Definition: imports.h:279

SecurityIdentification
Definition: lsa.idl:56

SeIsTokenChild
NTSTATUS NTAPI SeIsTokenChild(_In_ PTOKEN Token, _Out_ PBOOLEAN IsChild)
Checks if the token is a child of the other token of the current process that the calling thread is i...
Definition: token.c:1187

L
#define L(x)
Definition: ntvdm.h:50

ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

SE_GROUP_OWNER
#define SE_GROUP_OWNER
Definition: setypes.h:93

FALSE
#define FALSE
Definition: types.h:117

SeAnonymousAuthenticationId
LUID SeAnonymousAuthenticationId
Definition: token.c:21

_LUID
Definition: devicetopology.idl:136

SepCopyProxyData
NTSTATUS NTAPI SepCopyProxyData(_Out_ PVOID *Dest, _In_ PVOID Src)
Copies the proxy data from the source into the destination of a token.
Definition: token.c:815

RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301

SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL

SepCreateTokenLock
NTSTATUS SepCreateTokenLock(_Inout_ PTOKEN Token)
Creates a lock for the token.
Definition: token.c:45

Name
struct NameRec_ * Name
Definition: cdprocs.h:459

PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17

SepCreateSystemProcessToken
PTOKEN NTAPI SepCreateSystemProcessToken(VOID)
Creates the system process token.
Definition: token.c:1507

PsRestoreImpersonation
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:965

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

STATUS_BAD_TOKEN_TYPE
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:404

NameRec_
Definition: apinames.c:48

SepUpdatePrivilegeFlagsToken
VOID SepUpdatePrivilegeFlagsToken(_Inout_ PTOKEN Token)
Updates the token's flags based upon the privilege that the token has been granted....
Definition: token.c:554

SeLoadDriverPrivilege
const LUID SeLoadDriverPrivilege
Definition: priv.c:29

SeTokenObjectType
POBJECT_TYPE SeTokenObjectType
Definition: token.c:17

SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91

SeTakeOwnershipPrivilege
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:28

Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426

_In_
#define _In_
Definition: ms_sal.h:308

_TOKEN::ParentTokenId
LUID ParentTokenId
Definition: setypes.h:220

Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130

TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715

_ETHREAD
Definition: pstypes.h:1101

SepCompareSidAndAttributesFromTokens
static BOOLEAN SepCompareSidAndAttributesFromTokens(_In_ PSID_AND_ATTRIBUTES SidArrayToken1, _In_ ULONG CountSidArray1, _In_ PSID_AND_ATTRIBUTES SidArrayToken2, _In_ ULONG CountSidArray2)
Compares the elements of SID arrays provided by tokens. The elements that are being compared for equa...
Definition: token.c:107

ObReferenceObjectByPointer
NTSTATUS NTAPI ObReferenceObjectByPointer(IN PVOID Object, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode)
Definition: obref.c:381

RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150

SepRebuildDynamicPartOfToken
NTSTATUS SepRebuildDynamicPartOfToken(_Inout_ PTOKEN AccessToken, _In_ ULONG NewDynamicPartSize)
Re-builds the dynamic part area of an access token during an a default DACL or primary group replacem...
Definition: token.c:715

RtlLengthSidAndAttributes
ULONG RtlLengthSidAndAttributes(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src)
Computes the length size of a SID.
Definition: token.c:965

_TOKEN::SessionId
ULONG SessionId
Definition: setypes.h:225

SeTokenIsAdmin
BOOLEAN NTAPI SeTokenIsAdmin(_In_ PACCESS_TOKEN Token)
Determines if a token is either an admin token or not. Such condition is checked based upon TOKEN_HAS...
Definition: token.c:1890

SepUpdateSinglePrivilegeFlagToken
VOID SepUpdateSinglePrivilegeFlagToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Updates the token's flags based upon the privilege that the token has been granted....
Definition: token.c:442

ANONYMOUS_LOGON_LUID
#define ANONYMOUS_LOGON_LUID
Definition: setypes.h:701

PsDisableImpersonation
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:915

PACL
struct _ACL * PACL
Definition: security.c:104

Restricted
UNICODE_STRING Restricted
Definition: utils.c:24

_TOKEN::DynamicPart
PULONG DynamicPart
Definition: setypes.h:237

_OBJECT_TYPE_INITIALIZER::Length
USHORT Length
Definition: obtypes.h:354

Status
Status
Definition: gdiplustypes.h:24

PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1585

SE_CHANGE_NOTIFY_PRIVILEGE
#define SE_CHANGE_NOTIFY_PRIVILEGE
Definition: security.c:677

SE_PRIVILEGE_ENABLED_BY_DEFAULT
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62

PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103

Count
int Count
Definition: noreturn.cpp:7

SeGetTokenControlInformation
VOID NTAPI SeGetTokenControlInformation(_In_ PACCESS_TOKEN _Token, _Out_ PTOKEN_CONTROL TokenControl)
Retrieves token control information.
Definition: token.c:1474

STATUS_INVALID_PRIMARY_GROUP
#define STATUS_INVALID_PRIMARY_GROUP
Definition: ntstatus.h:327

TOKEN_HAS_RESTORE_PRIVILEGE
#define TOKEN_HAS_RESTORE_PRIVILEGE
Definition: setypes.h:1176

SeCreatePagefilePrivilege
const LUID SeCreatePagefilePrivilege
Definition: priv.c:34

NtOpenThreadToken
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2281

TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:924

ASSERT
#define ASSERT(a)
Definition: mode.c:44

_GENERIC_MAPPING
Definition: nt_native.h:564

SeRestorePrivilege
const LUID SeRestorePrivilege
Definition: priv.c:37

ObFastReplaceObject
PVOID FASTCALL ObFastReplaceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92

_TOKEN::TokenInUse
BOOLEAN TokenInUse
Definition: setypes.h:242

Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179

EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85

_SID_AND_ATTRIBUTES
Definition: setypes.h:502

SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES

SepCompareTokens
static NTSTATUS SepCompareTokens(_In_ PTOKEN FirstToken, _In_ PTOKEN SecondToken, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal based on all the following properties. If all of the said conditions...
Definition: token.c:243

ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154

ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203

STATUS_TOKEN_ALREADY_IN_USE
#define STATUS_TOKEN_ALREADY_IN_USE
Definition: ntstatus.h:535

_OBJECT_TYPE_INITIALIZER::PoolType
POOL_TYPE PoolType
Definition: obtypes.h:363

TOKEN_ALL_ACCESS
#define TOKEN_ALL_ACCESS
Definition: setypes.h:942

ProbeForWriteHandle
#define ProbeForWriteHandle(Ptr)
Definition: probe.h:43

Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652

ProbeForWriteBoolean
#define ProbeForWriteBoolean(Ptr)
Definition: probe.h:31

STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

SeChangeNotifyPrivilege
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167

ObInitializeFastReference
VOID FASTCALL ObInitializeFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:107

SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90

STATUS_NO_TOKEN
#define STATUS_NO_TOKEN
Definition: ntstatus.h:360

KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7

SepCreateSystemAnonymousLogonToken
PTOKEN SepCreateSystemAnonymousLogonToken(VOID)
Creates the anonymous logon token for the system. The difference between this token and the other one...
Definition: token.c:1657

_OBJECT_TYPE_INITIALIZER::UseDefaultObject
BOOLEAN UseDefaultObject
Definition: obtypes.h:355

SepInitializeTokenImplementation
VOID NTAPI SepInitializeTokenImplementation(VOID)
Internal function that initializes critical kernel data for access token implementation in SRM.
Definition: token.c:1403

Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13

PSID
struct _SID * PSID
Definition: eventlog.c:35

STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132

ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350

Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1579

PBOOLEAN
char * PBOOLEAN
Definition: retypes.h:11

PsThreadType
POBJECT_TYPE PsThreadType
Definition: thread.c:20

SeTokenIsWriteRestricted
BOOLEAN NTAPI SeTokenIsWriteRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is write restricted, that is, nobody can write anything to it.
Definition: token.c:1938

TAG_SE_TOKEN_LOCK
#define TAG_SE_TOKEN_LOCK
Definition: tag.h:159

SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41

TOKEN_READ
#define TOKEN_READ
Definition: setypes.h:947

SeSystemTokenSource
TOKEN_SOURCE SeSystemTokenSource
Definition: token.c:19

SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:286

PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454

SepTokenMapping
static GENERIC_MAPPING SepTokenMapping
Definition: token.c:23

TAG_TOKEN_DYNAMIC
#define TAG_TOKEN_DYNAMIC
Definition: tag.h:155

SeTokenIsInert
BOOLEAN NTAPI SeTokenIsInert(_In_ PTOKEN Token)
Determines if a token is a sandbox inert token or not, based upon the token flags.
Definition: token.c:1337

SepCreateSystemAnonymousLogonTokenNoEveryone
PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone(VOID)
Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID...
Definition: token.c:1725

SeLockMemoryPrivilege
const LUID SeLockMemoryPrivilege
Definition: priv.c:23

_TOKEN_CONTROL
Definition: imports.h:282

SepComparePrivilegeAndAttributesFromTokens
static BOOLEAN SepComparePrivilegeAndAttributesFromTokens(_In_ PLUID_AND_ATTRIBUTES PrivArrayToken1, _In_ ULONG CountPrivArray1, _In_ PLUID_AND_ATTRIBUTES PrivArrayToken2, _In_ ULONG CountPrivArray2)
Compares the elements of privilege arrays provided by tokens. The elements that are being compared fo...
Definition: token.c:174

SeProfileSingleProcessPrivilege
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:32

PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440

SeWorldSid
PSID SeWorldSid
Definition: sid.c:25

_SE_IMPERSONATION_STATE
Definition: setypes.h:115

_TOKEN::LogonSession
PSEP_LOGON_SESSION_REFERENCES LogonSession
Definition: setypes.h:245

SeIncreaseBasePriorityPrivilege
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33

TOKEN_TYPE
enum _TOKEN_TYPE TOKEN_TYPE

SYSTEM_LUID
#define SYSTEM_LUID
Definition: setypes.h:700

PagedPool
Definition: ketypes.h:867

SepSidInTokenEx
BOOLEAN NTAPI SepSidInTokenEx(_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
Checks if a SID is present in a token.
Definition: sid.c:443

_TOKEN_SOURCE::SourceName
CCHAR SourceName[TOKEN_SOURCE_LENGTH]
Definition: imports.h:278

PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849

SepRmRemoveLogonSessionFromToken
NTSTATUS NTAPI SepRmRemoveLogonSessionFromToken(_Inout_ PTOKEN Token)
Removes a logon session from an access token.
Definition: srm.c:449

_TOKEN_SOURCE
Definition: imports.h:277

SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:26

ObpValidateAttributes
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
Definition: ob_x.h:22

_OBJECT_TYPE_INITIALIZER::DefaultPagedPoolCharge
ULONG DefaultPagedPoolCharge
Definition: obtypes.h:364

TAG_ACL
#define TAG_ACL
Definition: tag.h:148

SE_IMPERSONATE_PRIVILEGE
#define SE_IMPERSONATE_PRIVILEGE
Definition: security.c:683

_UNICODE_STRING
Definition: env_spec_w32.h:368

SeSubProcessToken
NTSTATUS NTAPI SeSubProcessToken(_In_ PTOKEN ParentToken, _Out_ PTOKEN *Token, _In_ BOOLEAN InUse, _In_ ULONG SessionId)
Subtracts a token in exchange of duplicating a new one.
Definition: token.c:1127

SeShutdownPrivilege
const LUID SeShutdownPrivilege
Definition: priv.c:38

_SEH2_END
_SEH2_END
Definition: create.c:4400

_TOKEN::TokenLock
PERESOURCE TokenLock
Definition: setypes.h:222

ObInsertObject
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2935

ExSystemExceptionFilter
LONG NTAPI ExSystemExceptionFilter(VOID)
Definition: harderr.c:349

_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358

TOKEN_HAS_ADMIN_GROUP
#define TOKEN_HAS_ADMIN_GROUP
Definition: setypes.h:1178

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

SeTokenIsRestricted
BOOLEAN NTAPI SeTokenIsRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is restricted or not, based upon the token flags.
Definition: token.c:1913

PTOKEN
struct _TOKEN * PTOKEN

SepComputeAvailableDynamicSpace
ULONG SepComputeAvailableDynamicSpace(_In_ ULONG DynamicCharged, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl)
Computes the exact available dynamic area of an access token whilst querying token statistics.
Definition: token.c:659

SeTokenType
TOKEN_TYPE NTAPI SeTokenType(_In_ PACCESS_TOKEN Token)
Gathers the token type of an access token. A token ca be either a primary token or impersonation toke...
Definition: token.c:1867

_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508

SE_BACKUP_PRIVILEGES_CHECKED
#define SE_BACKUP_PRIVILEGES_CHECKED
Definition: setypes.h:1183

_TOKEN::TokenId
LUID TokenId
Definition: setypes.h:218

_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346

SeQueryAuthenticationIdToken
NTSTATUS NTAPI SeQueryAuthenticationIdToken(_In_ PACCESS_TOKEN Token, _Out_ PLUID LogonId)
Queries the authentication ID of an access token.
Definition: token.c:1823

PULONG
unsigned int * PULONG
Definition: retypes.h:1

Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1583

NULL
#define NULL
Definition: types.h:112

LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711

STATUS_INVALID_OWNER
#define STATUS_INVALID_OWNER
Definition: ntstatus.h:326

_LARGE_INTEGER
Definition: typedefs.h:102

PsDereferencePrimaryToken
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:902

DPRINT1
#define DPRINT1
Definition: precomp.h:8

IsChild
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)

SeSecurityPrivilege
const LUID SeSecurityPrivilege
Definition: priv.c:27

SepFreeProxyData
VOID NTAPI SepFreeProxyData(_Inout_ PVOID ProxyData)
Frees (de-allocates) the proxy data memory block of a token.
Definition: token.c:793

ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167

SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:38

Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219

SepDeleteToken
VOID NTAPI SepDeleteToken(_In_ PVOID ObjectBody)
Internal function that deals with access token object destruction and deletion. The function is used ...
Definition: token.c:1359

SepAcquireTokenLockShared
#define SepAcquireTokenLockShared(Token)
Definition: se.h:280

ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204

SepSidInToken
BOOLEAN NTAPI SepSidInToken(_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
Checks if a SID is present in a token.
Definition: sid.c:547

SepFindPrimaryGroupAndDefaultOwner
NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Finds the primary group and default owner entity based on the submitted primary group instance and an...
Definition: token.c:1011

TokenImpersonation
Definition: imports.h:274

THREAD_QUERY_INFORMATION
#define THREAD_QUERY_INFORMATION
Definition: pstypes.h:149

TOKEN_HAS_IMPERSONATE_PRIVILEGE
#define TOKEN_HAS_IMPERSONATE_PRIVILEGE
Definition: setypes.h:1182

ERESOURCE
ULONG ERESOURCE
Definition: env_spec_w32.h:594

ULONG
unsigned int ULONG
Definition: retypes.h:1

SE_BACKUP_PRIVILEGE
#define SE_BACKUP_PRIVILEGE
Definition: security.c:671

RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262

OpenAsSelf
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:699

ULONG_PTR
#define ULONG_PTR
Definition: config.h:101

InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106

SeCopyClientToken
NTSTATUS NTAPI SeCopyClientToken(_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
Copies an existing access token (technically duplicating a new one).
Definition: token.c:1296

MmGetSessionId
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:179

RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263

SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: se.h:203

SeDeassignPrimaryToken
VOID NTAPI SeDeassignPrimaryToken(_Inout_ PEPROCESS Process)
Removes the primary token of a process.
Definition: token.c:936

_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40

_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165

_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168

TOKEN_HAS_BACKUP_PRIVILEGE
#define TOKEN_HAS_BACKUP_PRIVILEGE
Definition: setypes.h:1175

DPRINT
#define DPRINT
Definition: sndvol32.h:71

SeQuerySessionIdToken
NTSTATUS NTAPI SeQuerySessionIdToken(_In_ PACCESS_TOKEN Token, _Out_ PULONG pSessionId)
Queries the session ID of an access token.
Definition: token.c:1791

void
Definition: nsiface.idl:2306

EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:401

IsEqual
Definition: fatprocs.h:1886

SepRemoveUserGroupToken
VOID SepRemoveUserGroupToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a group from the token.
Definition: token.c:618

_OBJECT_TYPE_INITIALIZER::InvalidAttributes
ULONG InvalidAttributes
Definition: obtypes.h:357

_OBJECT_TYPE_INITIALIZER::DeleteProcedure
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369

SeLengthSid
#define SeLengthSid(Sid)
Definition: sefuncs.h:570

_TOKEN
Definition: setypes.h:215

REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

TOKEN_SESSION_NOT_REFERENCED
#define TOKEN_SESSION_NOT_REFERENCED
Definition: setypes.h:1180

CODE_SEG
static CODE_SEG("PAGE")
Definition: isapnp.c:1482

SepDuplicateToken
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: tokenlif.c:471

TOKEN
struct _TOKEN TOKEN

SeAuditPrivilege
const LUID SeAuditPrivilege
Definition: priv.c:40

SeExchangePrimaryToken
NTSTATUS NTAPI SeExchangePrimaryToken(_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new acce...
Definition: token.c:846

SeSystemAnonymousLogonDacl
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22

ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40

TOKEN_EXECUTE
#define TOKEN_EXECUTE
Definition: setypes.h:954

SeAssignPrimaryToken
VOID NTAPI SeAssignPrimaryToken(_In_ PEPROCESS Process, _In_ PTOKEN Token)
Assigns a primary access token to a given process.
Definition: token.c:1440

SepCreateImpersonationTokenDacl
NTSTATUS NTAPI SepCreateImpersonationTokenDacl(_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
Allocates a discretionary access control list based on certain properties of a regular and primary ac...
Definition: acl.c:277

RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

TOKEN_IS_RESTRICTED
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1179

PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

PsDereferenceImpersonationToken
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:888