ReactOS  0.4.14-dev-317-g96040ec
sid.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS kernel
4  * FILE: ntoskrnl/se/sid.c
5  * PURPOSE: Security manager
6  *
7  * PROGRAMMERS: David Welch <welch@cwcom.net>
8  */
9 
10 /* INCLUDES *******************************************************************/
11 
12 #include <ntoskrnl.h>
13 #define NDEBUG
14 #include <debug.h>
15 
16 #define TAG_SID_AND_ATTRIBUTES 'aSeS'
17 
18 #if defined (ALLOC_PRAGMA)
19 #pragma alloc_text(INIT, SepInitSecurityIDs)
20 #endif
21 
22 /* GLOBALS ********************************************************************/
23 
29 
60 
61 /* FUNCTIONS ******************************************************************/
62 
63 VOID
64 NTAPI
66 {
95 }
96 
97 BOOLEAN
98 INIT_FUNCTION
99 NTAPI
101 {
102  ULONG SidLength0;
103  ULONG SidLength1;
104  ULONG SidLength2;
105  PULONG SubAuthority;
106 
107  SidLength0 = RtlLengthRequiredSid(0);
108  SidLength1 = RtlLengthRequiredSid(1);
109  SidLength2 = RtlLengthRequiredSid(2);
110 
111  /* create NullSid */
142 
143  if (SeNullSid == NULL || SeWorldSid == NULL ||
147  SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
158  {
160  return FALSE;
161  }
162 
193 
194  SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
195  *SubAuthority = SECURITY_NULL_RID;
196  SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
197  *SubAuthority = SECURITY_WORLD_RID;
198  SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
199  *SubAuthority = SECURITY_LOCAL_RID;
200  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
201  *SubAuthority = SECURITY_CREATOR_OWNER_RID;
202  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
203  *SubAuthority = SECURITY_CREATOR_GROUP_RID;
204  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
205  *SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
206  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
207  *SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
208  SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
209  *SubAuthority = SECURITY_DIALUP_RID;
210  SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
211  *SubAuthority = SECURITY_NETWORK_RID;
212  SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
213  *SubAuthority = SECURITY_BATCH_RID;
214  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
215  *SubAuthority = SECURITY_INTERACTIVE_RID;
216  SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
217  *SubAuthority = SECURITY_SERVICE_RID;
218  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
219  *SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
220  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
221  *SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
222  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
223  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
224  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
225  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
226  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
227  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
228  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
229  *SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
230  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
231  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
232  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
233  *SubAuthority = DOMAIN_ALIAS_RID_USERS;
234  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
235  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
236  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
237  *SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
238  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
239  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
240  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
241  *SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
242  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
243  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
244  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
245  *SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
246  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
247  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
248  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
249  *SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
250  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
251  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
252  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
253  *SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
254  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
255  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
256  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
257  *SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
258  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
259  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
260  SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
261  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
262  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
263  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
264  SubAuthority = RtlSubAuthoritySid(SeLocalServiceSid, 0);
265  *SubAuthority = SECURITY_LOCAL_SERVICE_RID;
266  SubAuthority = RtlSubAuthoritySid(SeNetworkServiceSid, 0);
267  *SubAuthority = SECURITY_NETWORK_SERVICE_RID;
268 
269  return TRUE;
270 }
271 
272 NTSTATUS
273 NTAPI
277  IN BOOLEAN CaptureIfKernel,
278  OUT PSID *CapturedSid)
279 {
280  ULONG SidSize = 0;
281  PISID NewSid, Sid = (PISID)InputSid;
282 
283  PAGED_CODE();
284 
285  if (AccessMode != KernelMode)
286  {
287  _SEH2_TRY
288  {
289  ProbeForRead(Sid, FIELD_OFFSET(SID, SubAuthority), sizeof(UCHAR));
291  ProbeForRead(Sid, SidSize, sizeof(UCHAR));
292  }
294  {
295  /* Return the exception code */
297  }
298  _SEH2_END;
299 
300  /* Allocate a SID and copy it */
302  if (!NewSid)
304 
305  _SEH2_TRY
306  {
307  RtlCopyMemory(NewSid, Sid, SidSize);
308 
309  *CapturedSid = NewSid;
310  }
312  {
313  /* Free the SID and return the exception code */
316  }
317  _SEH2_END;
318  }
319  else if (!CaptureIfKernel)
320  {
321  *CapturedSid = InputSid;
322  }
323  else
324  {
326 
327  /* Allocate a SID and copy it */
329  if (NewSid == NULL)
331 
332  RtlCopyMemory(NewSid, Sid, SidSize);
333 
334  *CapturedSid = NewSid;
335  }
336 
337  return STATUS_SUCCESS;
338 }
339 
340 VOID
341 NTAPI
342 SepReleaseSid(IN PSID CapturedSid,
344  IN BOOLEAN CaptureIfKernel)
345 {
346  PAGED_CODE();
347 
348  if (CapturedSid != NULL &&
349  (AccessMode != KernelMode ||
350  (AccessMode == KernelMode && CaptureIfKernel)))
351  {
352  ExFreePoolWithTag(CapturedSid, TAG_SID);
353  }
354 }
355 
356 NTSTATUS
357 NTAPI
359  _In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes,
360  _In_ ULONG AttributeCount,
362  _In_opt_ PVOID AllocatedMem,
363  _In_ ULONG AllocatedLength,
365  _In_ BOOLEAN CaptureIfKernel,
366  _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes,
368 {
369  ULONG ArraySize, RequiredLength, SidLength, i;
370  PSID_AND_ATTRIBUTES SidAndAttributes;
371  PUCHAR CurrentDest;
372  PISID Sid;
374  PAGED_CODE();
375 
376  *CapturedSidAndAttributes = NULL;
377  *ResultLength = 0;
378 
379  if (AttributeCount == 0)
380  {
381  return STATUS_SUCCESS;
382  }
383 
384  if (AttributeCount > 0x1000)
385  {
387  }
388 
389  if ((PreviousMode == KernelMode) && !CaptureIfKernel)
390  {
391  *CapturedSidAndAttributes = SrcSidAndAttributes;
392  return STATUS_SUCCESS;
393  }
394 
395  ArraySize = AttributeCount * sizeof(SID_AND_ATTRIBUTES);
396  RequiredLength = ALIGN_UP_BY(ArraySize, sizeof(ULONG));
397 
398  /* Check for user mode data */
399  if (PreviousMode != KernelMode)
400  {
401  _SEH2_TRY
402  {
403  /* First probe the whole array */
404  ProbeForRead(SrcSidAndAttributes, ArraySize, sizeof(ULONG));
405 
406  /* Loop the array elements */
407  for (i = 0; i < AttributeCount; i++)
408  {
409  /* Get the SID and probe the minimal structure */
410  Sid = SrcSidAndAttributes[i].Sid;
411  ProbeForRead(Sid, sizeof(*Sid), sizeof(ULONG));
412 
413  /* Verify that the SID is valid */
414  if (((Sid->Revision & 0xF) != SID_REVISION) ||
416  {
418  }
419 
420  /* Calculate the SID length and probe the full SID */
422  ProbeForRead(Sid, SidLength, sizeof(ULONG));
423 
424  /* Add the aligned length to the required length */
425  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
426  }
427  }
429  {
431  }
432  _SEH2_END;
433  }
434  else
435  {
436  /* Loop the array elements */
437  for (i = 0; i < AttributeCount; i++)
438  {
439  /* Get the SID and it's length */
440  Sid = SrcSidAndAttributes[i].Sid;
442 
443  /* Add the aligned length to the required length */
444  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
445  }
446  }
447 
448  /* Assume success */
451 
452  /* Check if we have no buffer */
453  if (AllocatedMem == NULL)
454  {
455  /* Allocate a new buffer */
456  SidAndAttributes = ExAllocatePoolWithTag(PoolType,
459  if (SidAndAttributes == NULL)
460  {
462  }
463  }
464  /* Otherwise check if the buffer is large enough */
465  else if (AllocatedLength >= RequiredLength)
466  {
467  /* Buffer is large enough, use it */
468  SidAndAttributes = AllocatedMem;
469  }
470  else
471  {
472  /* Buffer is too small, fail */
474  }
475 
476  *CapturedSidAndAttributes = SidAndAttributes;
477 
478  /* Check again for user mode */
479  if (PreviousMode != KernelMode)
480  {
481  _SEH2_TRY
482  {
483  /* The rest of the data starts after the array */
484  CurrentDest = (PUCHAR)SidAndAttributes;
485  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
486 
487  /* Loop the array elements */
488  for (i = 0; i < AttributeCount; i++)
489  {
490  /* Get the SID and it's length */
491  Sid = SrcSidAndAttributes[i].Sid;
493 
494  /* Copy attributes */
495  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
496 
497  /* Copy the SID to the current destination address */
498  SidAndAttributes[i].Sid = (PSID)CurrentDest;
499  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
500 
501  /* Sanity checks */
502  ASSERT(RtlLengthSid(SidAndAttributes[i].Sid) == SidLength);
503  ASSERT(RtlValidSid(SidAndAttributes[i].Sid));
504 
505  /* Update the current destination address */
506  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
507  }
508  }
510  {
512  }
513  _SEH2_END;
514  }
515  else
516  {
517  /* The rest of the data starts after the array */
518  CurrentDest = (PUCHAR)SidAndAttributes;
519  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
520 
521  /* Loop the array elements */
522  for (i = 0; i < AttributeCount; i++)
523  {
524  /* Get the SID and it's length */
525  Sid = SrcSidAndAttributes[i].Sid;
527 
528  /* Copy attributes */
529  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
530 
531  /* Copy the SID to the current destination address */
532  SidAndAttributes[i].Sid = (PSID)CurrentDest;
533  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
534 
535  /* Update the current destination address */
536  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
537  }
538  }
539 
540  /* Check for failure */
541  if (!NT_SUCCESS(Status))
542  {
543  /* Check if we allocated a new array */
544  if (SidAndAttributes != AllocatedMem)
545  {
546  /* Free the array */
547  ExFreePoolWithTag(SidAndAttributes, TAG_SID_AND_ATTRIBUTES);
548  }
549 
550  /* Set returned address to NULL */
551  *CapturedSidAndAttributes = NULL ;
552  }
553 
554  return Status;
555 }
556 
557 VOID
558 NTAPI
560  _In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
562  _In_ BOOLEAN CaptureIfKernel)
563 {
564  PAGED_CODE();
565 
566  if ((CapturedSidAndAttributes != NULL) &&
567  ((AccessMode != KernelMode) || CaptureIfKernel))
568  {
569  ExFreePoolWithTag(CapturedSidAndAttributes, TAG_SID_AND_ATTRIBUTES);
570  }
571 }
572 
573 
574 /* EOF */
PSID SeLocalServiceSid
Definition: sid.c:58
IN CINT OUT PVOID IN ULONG OUT PULONG ResultLength
Definition: conport.c:47
#define SECURITY_BATCH_RID
Definition: setypes.h:530
#define IN
Definition: typedefs.h:38
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:626
PSID SeAliasPrintOpsSid
Definition: sid.c:53
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define _Post_invalid_
Definition: no_sal2.h:457
VOID NTAPI FreeInitializedSids(VOID)
Definition: sid.c:65
PSID SeAnonymousLogonSid
Definition: sid.c:57
PSID SeBatchSid
Definition: sid.c:40
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PSID SeLocalSystemSid
Definition: sid.c:44
PSID SeAliasAdminsSid
Definition: sid.c:47
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:629
PSID SeDialupSid
Definition: sid.c:38
#define SECURITY_DIALUP_RID
Definition: setypes.h:528
unsigned char * PUCHAR
Definition: retypes.h:3
#define SID_REVISION
Definition: setypes.h:453
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Definition: sid.c:559
#define SECURITY_NETWORK_RID
Definition: setypes.h:529
#define TAG_SID
Definition: sid.c:15
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:627
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:531
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:496
PSID SeAliasBackupOpsSid
Definition: sid.c:54
#define PAGED_CODE()
Definition: video.h:57
#define _In_opt_
Definition: no_sal2.h:213
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
Definition: create.c:4250
PSID SePrincipalSelfSid
Definition: sid.c:43
PULONG NTAPI RtlSubAuthoritySid(IN PSID Sid_, IN ULONG SubAuthority)
Definition: sid.c:89
NTSTATUS NTAPI SepCaptureSid(IN PSID InputSid, IN KPROCESSOR_MODE AccessMode, IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PSID *CapturedSid)
Definition: sid.c:274
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:539
PSID SeCreatorOwnerServerSid
Definition: sid.c:35
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
Definition: sid.c:27
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:502
struct _SID * PISID
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
unsigned char BOOLEAN
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:454
smooth NULL
Definition: ftsmooth.c:416
ULONG NTAPI RtlLengthSid(IN PSID Sid_)
Definition: sid.c:150
#define _Out_
Definition: no_sal2.h:323
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
#define STATUS_INVALID_SID
Definition: ntstatus.h:342
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
VOID NTAPI SepReleaseSid(IN PSID CapturedSid, IN KPROCESSOR_MODE AccessMode, IN BOOLEAN CaptureIfKernel)
Definition: sid.c:342
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
BOOLEAN NTAPI RtlValidSid(IN PSID Sid_)
Definition: sid.c:21
#define TAG_SID_AND_ATTRIBUTES
Definition: sid.c:16
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:520
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:632
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:499
INT POOL_TYPE
Definition: typedefs.h:76
PSID SeServiceSid
Definition: sid.c:42
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:630
#define SECURITY_LOCAL_RID
Definition: setypes.h:514
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
Definition: sid.c:25
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
#define SECURITY_WORLD_RID
Definition: setypes.h:513
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Definition: sid.c:358
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:535
PSID SeAliasUsersSid
Definition: sid.c:48
PSID SeAliasGuestsSid
Definition: sid.c:49
struct _SID * PSID
Definition: eventlog.c:35
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:517
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define SECURITY_NULL_RID
Definition: setypes.h:512
unsigned char UCHAR
Definition: xmlstorage.h:181
PSID SeAuthenticatedUserSid
Definition: sid.c:45
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
PSID SeWorldSid
Definition: sid.c:31
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
PSID SeLocalSid
Definition: sid.c:32
PSID SeAuthenticatedUsersSid
Definition: sid.c:55
PSID SeAliasPowerUsersSid
Definition: sid.c:50
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
Status
Definition: gdiplustypes.h:24
#define _In_
Definition: no_sal2.h:204
PSID SeNetworkSid
Definition: sid.c:39
SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
Definition: sid.c:24
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:518
_SEH2_END
Definition: create.c:4424
NTSTATUS NTAPI RtlInitializeSid(IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
Definition: sid.c:68
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
unsigned int * PULONG
Definition: retypes.h:1
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:541
PSID SeCreatorGroupSid
Definition: sid.c:34
PSID SeRestrictedSid
Definition: sid.c:56
PSID SeCreatorGroupServerSid
Definition: sid.c:36
PSID SeNetworkServiceSid
Definition: sid.c:59
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:519
PSID SeRestrictedCodeSid
Definition: sid.c:46
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:631
#define OUT
Definition: typedefs.h:39
#define SECURITY_SERVICE_RID
Definition: setypes.h:534
unsigned int ULONG
Definition: retypes.h:1
#define ALIGN_UP_BY(size, align)
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
Definition: sid.c:26
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
BYTE Revision
Definition: ms-dtyp.idl:199
PSID SeCreatorOwnerSid
Definition: sid.c:33
PSID SeAliasSystemOpsSid
Definition: sid.c:52
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
PSID SeInteractiveSid
Definition: sid.c:41
PSID SeNullSid
Definition: sid.c:30
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
Definition: sid.c:28
return STATUS_SUCCESS
Definition: btrfs.c:2938
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444
_In_ PSID _In_ PSID NewSid
Definition: rtlfuncs.h:2815
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
BOOLEAN INIT_FUNCTION NTAPI SepInitSecurityIDs(VOID)
Definition: sid.c:100
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:505
PSID SeNtAuthoritySid
Definition: sid.c:37
PSID SeAliasAccountOpsSid
Definition: sid.c:51