ReactOS 0.4.15-dev-5669-g09dde2c
sysvol.c File Reference
#include <rtl.h>
#include <debug.h>
Include dependency graph for sysvol.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

static NTSTATUS RtlpSysVolCreateSecurityDescriptor (OUT PISECURITY_DESCRIPTOR *SecurityDescriptor, OUT PSID *SystemSid)
 
static NTSTATUS RtlpSysVolCheckOwnerAndSecurity (IN HANDLE DirectoryHandle, IN PISECURITY_DESCRIPTOR SecurityDescriptor)
 
static _Must_inspect_result_ NTSTATUS RtlpSysVolTakeOwnership (IN PUNICODE_STRING DirectoryPath, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
 
NTSTATUS NTAPI RtlCreateSystemVolumeInformationFolder (IN PUNICODE_STRING VolumeRootPath)
 

Variables

static SID_IDENTIFIER_AUTHORITY LocalSystemAuthority = {SECURITY_NT_AUTHORITY}
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 12 of file sysvol.c.

Function Documentation

◆ RtlCreateSystemVolumeInformationFolder()

NTSTATUS NTAPI RtlCreateSystemVolumeInformationFolder ( IN PUNICODE_STRING  VolumeRootPath)

Definition at line 551 of file sysvol.c.

552{
555 HANDLE hDirectory;
556 UNICODE_STRING DirectoryName, NewPath;
557 ULONG PathLen;
559 PSID SystemSid = NULL;
560 BOOLEAN AddSep = FALSE;
562
564
565 RtlInitUnicodeString(&DirectoryName,
566 L"System Volume Information");
567
568 PathLen = VolumeRootPath->Length + DirectoryName.Length;
569
570 /* make sure we don't overflow while appending the strings */
571 if (PathLen > 0xFFFC)
572 {
574 }
575
576 if (VolumeRootPath->Buffer[(VolumeRootPath->Length / sizeof(WCHAR)) - 1] != L'\\')
577 {
578 AddSep = TRUE;
579 PathLen += sizeof(WCHAR);
580 }
581
582 /* allocate the new string */
583 NewPath.MaximumLength = (USHORT)PathLen + sizeof(WCHAR);
585 TAG_USTR);
586 if (NewPath.Buffer == NULL)
587 {
589 }
590
591 /* create the new path string */
592 NewPath.Length = VolumeRootPath->Length;
593 RtlCopyMemory(NewPath.Buffer,
594 VolumeRootPath->Buffer,
595 NewPath.Length);
596 if (AddSep)
597 {
598 NewPath.Buffer[NewPath.Length / sizeof(WCHAR)] = L'\\';
599 NewPath.Length += sizeof(WCHAR);
600 }
601 RtlCopyMemory(NewPath.Buffer + (NewPath.Length / sizeof(WCHAR)),
602 DirectoryName.Buffer,
603 DirectoryName.Length);
604 NewPath.Length += DirectoryName.Length;
605 NewPath.Buffer[NewPath.Length / sizeof(WCHAR)] = L'\0';
606
607 ASSERT(NewPath.Length == PathLen);
608 ASSERT(NewPath.Length == NewPath.MaximumLength - sizeof(WCHAR));
609
610 /* create the security descriptor for the new directory */
612 &SystemSid);
613 if (NT_SUCCESS(Status))
614 {
615 /* create or open the directory */
617 &NewPath,
618 0,
619 NULL,
621
622 Status = ZwCreateFile(&hDirectory,
626 NULL,
631 NULL,
632 0);
633 if (!NT_SUCCESS(Status))
634 {
637
638 if (NT_SUCCESS(Status))
639 {
640 /* successfully took ownership, attempt to open it */
641 Status = ZwCreateFile(&hDirectory,
645 NULL,
650 NULL,
651 0);
652 }
653 }
654
655 if (NT_SUCCESS(Status))
656 {
657 /* check security now and adjust it if neccessary */
660 ZwClose(hDirectory);
661 }
662
663 /* free allocated memory */
666
668 'cAeS');
670 'dSeS');
671
672 RtlFreeSid(SystemSid);
673 }
674
676 TAG_USTR);
677 return Status;
678}
unsigned char BOOLEAN
LONG NTSTATUS
Definition: precomp.h:26
#define FILE_DIRECTORY_FILE
Definition: constants.h:491
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define FILE_SHARE_READ
Definition: compat.h:136
#define FILE_SYNCHRONOUS_IO_NONALERT
Definition: from_kernel.h:31
#define FILE_OPEN_IF
Definition: from_kernel.h:56
Status
Definition: gdiplustypes.h:25
#define ASSERT(a)
Definition: mode.c:44
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:75
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
#define FILE_SHARE_WRITE
Definition: nt_native.h:681
#define SYNCHRONIZE
Definition: nt_native.h:61
#define WRITE_DAC
Definition: nt_native.h:59
#define FILE_ATTRIBUTE_HIDDEN
Definition: nt_native.h:703
#define FILE_ATTRIBUTE_SYSTEM
Definition: nt_native.h:704
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
#define READ_CONTROL
Definition: nt_native.h:58
#define WRITE_OWNER
Definition: nt_native.h:60
#define L(x)
Definition: ntvdm.h:50
unsigned short USHORT
Definition: pedump.c:61
VOID NTAPI RtlpFreeMemory(_In_ PVOID Mem, _In_ ULONG Tag)
Definition: rtlcompat.c:45
#define RtlpFreeStringMemory
Definition: rtlp.h:156
#define RtlpAllocateStringMemory
Definition: rtlp.h:155
#define PAGED_CODE_RTL()
Definition: rtlp.h:16
USHORT MaximumLength
Definition: env_spec_w32.h:370
static NTSTATUS RtlpSysVolCreateSecurityDescriptor(OUT PISECURITY_DESCRIPTOR *SecurityDescriptor, OUT PSID *SystemSid)
Definition: sysvol.c:20
static _Must_inspect_result_ NTSTATUS RtlpSysVolTakeOwnership(IN PUNICODE_STRING DirectoryPath, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sysvol.c:418
static NTSTATUS RtlpSysVolCheckOwnerAndSecurity(IN HANDLE DirectoryHandle, IN PISECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sysvol.c:128
#define TAG_USTR
Definition: tag.h:145
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by CreateRemoteDatabaseWorker().

◆ RtlpSysVolCheckOwnerAndSecurity()

static NTSTATUS RtlpSysVolCheckOwnerAndSecurity ( IN HANDLE  DirectoryHandle,
IN PISECURITY_DESCRIPTOR  SecurityDescriptor 
)
static

Definition at line 128 of file sysvol.c.

130{
132 PSECURITY_DESCRIPTOR NewRelSD = NULL;
134#ifdef _WIN64
135 BOOLEAN AbsSDAllocated = FALSE;
136#endif
140 ULONG AbsSDSize, RelSDSize = 0;
141 PACL Dacl;
143 PSID OwnerSid;
146 PACE Ace = NULL;
148
149 /* find out how much memory we need to allocate for the self-relative
150 descriptor we're querying */
151 Status = ZwQuerySecurityObject(DirectoryHandle,
153 NULL,
154 0,
157 {
158 /* looks like the FS doesn't support security... return success */
160 goto Cleanup;
161 }
162
163 /* allocate enough memory for the security descriptor */
165 'dSeS');
166 if (RelSD == NULL)
167 {
169 goto Cleanup;
170 }
171
172 /* query the self-relative security descriptor */
173 Status = ZwQuerySecurityObject(DirectoryHandle,
175 RelSD,
178 if (!NT_SUCCESS(Status))
179 {
180 /* FIXME - handle the case where someone else modified the owner and/or
181 DACL while we allocated memory. But that should be *very*
182 unlikely.... */
183 goto Cleanup;
184 }
185
186 /* query the owner and DACL from the descriptor */
188 &OwnerSid,
190 if (!NT_SUCCESS(Status))
191 {
192 goto Cleanup;
193 }
194
197 &Dacl,
199 if (!NT_SUCCESS(Status))
200 {
201 goto Cleanup;
202 }
203
204 /* create the Administrators SID */
206 2,
209 0,
210 0,
211 0,
212 0,
213 0,
214 0,
215 &AdminSid);
216 if (!NT_SUCCESS(Status))
217 {
218 goto Cleanup;
219 }
220
221 /* create the local SYSTEM SID */
223 1,
225 0,
226 0,
227 0,
228 0,
229 0,
230 0,
231 0,
233 if (!NT_SUCCESS(Status))
234 {
235 goto Cleanup;
236 }
237
238 /* check if the Administrators are the owner and at least a not-NULL DACL
239 is present */
240 if (OwnerSid != NULL &&
241 RtlEqualSid(OwnerSid,
242 AdminSid) &&
243 DaclPresent && Dacl != NULL)
244 {
245 /* check the DACL for an Allowed ACE for the SYSTEM account */
246 AceIndex = 0;
247 do
248 {
250 AceIndex++,
251 (PVOID*)&Ace);
252 if (!NT_SUCCESS(Status))
253 {
254 Ace = NULL;
255 }
256 else if (Ace != NULL && Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
257 {
258 /* check if the the ACE is a set of allowed permissions for the
259 local SYSTEM account */
260 if (RtlEqualSid((PSID)(Ace + 1),
262 {
263 /* check if the ACE is inherited by noncontainer and
264 container objects, if not attempt to change that */
265 if (!(Ace->Header.AceFlags & OBJECT_INHERIT_ACE) ||
266 !(Ace->Header.AceFlags & CONTAINER_INHERIT_ACE))
267 {
268 Ace->Header.AceFlags |= OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE;
269 Status = ZwSetSecurityObject(DirectoryHandle,
271 RelSD);
272 }
273 else
274 {
275 /* all done, we have access */
277 }
278
279 goto Cleanup;
280 }
281 }
282 } while (Ace != NULL);
283 }
284
285 AbsSDSize = DescriptorSize;
286
287 /* because we need to change any existing data we need to convert it to
288 an absolute security descriptor first */
290 &AbsSDSize);
291#ifdef _WIN64
293 {
294 /* this error code can only be returned on 64 bit builds because
295 the size of an absolute security descriptor is greater than the
296 size of a self-relative security descriptor */
297 ASSERT(AbsSDSize > DescriptorSize);
298
300 'dSeS');
301 if (AbsSD == NULL)
302 {
304 goto Cleanup;
305 }
306
307 AbsSDAllocated = TRUE;
308
309 /* make a raw copy of the self-relative descriptor */
310 RtlCopyMemory(AbsSD,
311 RelSD,
313
314 /* finally convert it */
316 &AbsSDSize);
317 }
318 else
319#endif
320 {
321 AbsSD = RelSD;
322 }
323
324 if (!NT_SUCCESS(Status))
325 {
326 goto Cleanup;
327 }
328
329 /* set the owner SID */
331 AdminSid,
332 FALSE);
333 if (!NT_SUCCESS(Status))
334 {
335 goto Cleanup;
336 }
337
338 /* set the DACL in the security descriptor */
340 TRUE,
341 SecurityDescriptor->Dacl,
342 FALSE);
343 if (!NT_SUCCESS(Status))
344 {
345 goto Cleanup;
346 }
347
348 /* convert it back to a self-relative descriptor, find out how much
349 memory we need */
351 NULL,
352 &RelSDSize);
354 {
355 goto Cleanup;
356 }
357
358 /* allocate enough memory for the new self-relative descriptor */
359 NewRelSD = RtlpAllocateMemory(RelSDSize,
360 'dSeS');
361 if (NewRelSD == NULL)
362 {
364 goto Cleanup;
365 }
366
367 /* convert the security descriptor to self-relative format */
369 NewRelSD,
370 &RelSDSize);
372 {
373 goto Cleanup;
374 }
375
376 /* finally attempt to change the security information */
377 Status = ZwSetSecurityObject(DirectoryHandle,
379 NewRelSD);
380
381Cleanup:
382 if (AdminSid != NULL)
383 {
385 }
386
387 if (LocalSystemSid != NULL)
388 {
390 }
391
392 if (RelSD != NULL)
393 {
394 RtlpFreeMemory(RelSD,
395 'dSeS');
396 }
397
398 if (NewRelSD != NULL)
399 {
400 RtlpFreeMemory(NewRelSD,
401 'dSeS');
402 }
403
404#ifdef _WIN64
405 if (AbsSDAllocated)
406 {
407 RtlpFreeMemory(AbsSD,
408 'dSeS');
409 }
410#endif
411
412 return Status;
413}
static HANDLE DirectoryHandle
Definition: ObType.c:48
PSID LocalSystemSid
Definition: globals.c:16
@ Ace
Definition: card.h:12
static const WCHAR Cleanup[]
Definition: register.c:80
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
static PSID AdminSid
Definition: msgina.c:39
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1593
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
NTSYSAPI NTSTATUS NTAPI RtlSelfRelativeToAbsoluteSD2(_Inout_ PSECURITY_DESCRIPTOR SelfRelativeSD, _Out_ PULONG BufferSize)
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1635
_In_opt_ PSID _In_opt_ BOOLEAN OwnerDefaulted
Definition: rtlfuncs.h:1672
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1638
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
PVOID NTAPI RtlpAllocateMemory(_In_ ULONG Bytes, _In_ ULONG Tag)
Definition: rtlcompat.c:34
#define STATUS_SUCCESS
Definition: shellext.h:65
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
Definition: rtltypes.h:993
_In_ SIZE_T DescriptorSize
Definition: nls.c:40
static SID_IDENTIFIER_AUTHORITY LocalSystemAuthority
Definition: sysvol.c:17
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1862
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652

Referenced by RtlCreateSystemVolumeInformationFolder().

◆ RtlpSysVolCreateSecurityDescriptor()

static NTSTATUS RtlpSysVolCreateSecurityDescriptor ( OUT PISECURITY_DESCRIPTOR SecurityDescriptor,
OUT PSID SystemSid 
)
static

Definition at line 20 of file sysvol.c.

22{
25 PACL Dacl = NULL;
28
29 /* create the local SYSTEM SID */
31 1,
33 0,
34 0,
35 0,
36 0,
37 0,
38 0,
39 0,
41 if (!NT_SUCCESS(Status))
42 {
43 return Status;
44 }
45
46 /* allocate and initialize the security descriptor */
48 'dSeS');
49 if (AbsSD == NULL)
50 {
52 goto Cleanup;
53 }
54
57 if (!NT_SUCCESS(Status))
58 {
59 goto Cleanup;
60 }
61
62 /* allocate and create the DACL */
63 DaclSize = sizeof(ACL) + sizeof(ACE) +
66 'cAeS');
67 if (Dacl == NULL)
68 {
70 goto Cleanup;
71 }
72
76 if (!NT_SUCCESS(Status))
77 {
78 goto Cleanup;
79 }
80
86 if (!NT_SUCCESS(Status))
87 {
88 goto Cleanup;
89 }
90
91 /* set the DACL in the security descriptor */
93 TRUE,
94 Dacl,
95 FALSE);
96
97 /* all done */
98 if (NT_SUCCESS(Status))
99 {
100 *SecurityDescriptor = AbsSD;
101 *SystemSid = LocalSystemSid;
102 }
103 else
104 {
105Cleanup:
106 if (LocalSystemSid != NULL)
107 {
109 }
110
111 if (Dacl != NULL)
112 {
114 'cAeS');
115 }
116
117 if (AbsSD != NULL)
118 {
119 RtlpFreeMemory(AbsSD,
120 'dSeS');
121 }
122 }
123
124 return Status;
125}
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
struct _ACL ACL
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1594
#define SPECIFIC_RIGHTS_ALL
Definition: nt_native.h:71
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
#define ACL_REVISION
Definition: setypes.h:39

Referenced by RtlCreateSystemVolumeInformationFolder().

◆ RtlpSysVolTakeOwnership()

static _Must_inspect_result_ NTSTATUS RtlpSysVolTakeOwnership ( IN PUNICODE_STRING  DirectoryPath,
IN PSECURITY_DESCRIPTOR  SecurityDescriptor 
)
static

Definition at line 418 of file sysvol.c.

420{
426 BOOLEAN TokenEnabled = FALSE;
427 HANDLE hToken = NULL;
428 HANDLE hDirectory = NULL;
431
434 &hToken);
435 if (!NT_SUCCESS(Status))
436 {
437 goto Cleanup;
438 }
439
440 /* attempt to enable the SE_TAKE_OWNERSHIP_PRIVILEGE privilege */
441 TokenPrivileges.PrivilegeCount = 1;
442 TokenPrivileges.Privileges[0].Luid.LowPart = SE_TAKE_OWNERSHIP_PRIVILEGE;
443 TokenPrivileges.Privileges[0].Luid.HighPart = 0;
444 TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
446 FALSE,
448 sizeof(TokenPrivileges),
450 &ReturnLength);
451 if (!NT_SUCCESS(Status))
452 {
453 goto Cleanup;
454 }
455 TokenEnabled = (TokenPrivileges.PrivilegeCount != 0);
456
457 /* open the directory */
459 DirectoryPath,
460 0,
461 NULL,
463
464 Status = ZwOpenFile(&hDirectory,
470 if (!NT_SUCCESS(Status))
471 {
472 goto Cleanup;
473 }
474
475 /* create the Administrators SID */
477 2,
480 0,
481 0,
482 0,
483 0,
484 0,
485 0,
486 &AdminSid);
487 if (!NT_SUCCESS(Status))
488 {
489 goto Cleanup;
490 }
491
492 /* create the security descriptor */
495 if (!NT_SUCCESS(Status))
496 {
497 goto Cleanup;
498 }
499
501 AdminSid,
502 FALSE);
503 if (!NT_SUCCESS(Status))
504 {
505 goto Cleanup;
506 }
507
508 /* attempt to take ownership */
509 Status = ZwSetSecurityObject(hDirectory,
511 &AbsSD);
512
513Cleanup:
514 if (TokenEnabled)
515 {
516 /* Disable privileges that we had to enable, whetever the result was. */
517 NTSTATUS Status2 = ZwAdjustPrivilegesToken(hToken,
518 FALSE,
520 0,
521 NULL,
522 NULL);
523 /* This must succeed */
524 ASSERT(NT_SUCCESS(Status2));
525 (void)Status2;
526 }
527
528 if (AdminSid != NULL)
529 {
531 }
532
533 if (hDirectory != NULL)
534 {
535 ZwClose(hDirectory);
536 }
537
538 if (hToken != NULL)
539 {
540 ZwClose(hToken);
541 }
542
543 return Status;
544}
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43
#define SE_TAKE_OWNERSHIP_PRIVILEGE
Definition: security.c:663
NTSYSAPI NTSTATUS NTAPI ZwOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
_Must_inspect_result_ NTSYSAPI NTSTATUS NTAPI ZwAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
#define NtCurrentProcess()
Definition: nt_native.h:1657
#define TOKEN_ADJUST_PRIVILEGES
Definition: setypes.h:926
#define TOKEN_QUERY
Definition: setypes.h:924
@ TokenPrivileges
Definition: setypes.h:964
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)

Referenced by RtlCreateSystemVolumeInformationFolder().

Variable Documentation

◆ LocalSystemAuthority