60 if (ImpersonationInfo)
75 PTOKEN NewToken, ParentToken;
142 if ((
Thread == CurrentThread) ||
162 if (
Thread != CurrentThread)
253 if (!IsChildOrSibling)
265 if (!IsChildOrSibling)
659 sizeof(*Impersonation),
672 Impersonation = OldData;
683 ImpersonationToken =
Token;
717 ImpersonationToken = NewToken;
724 Job =
Thread->ThreadsProcess->Job;
765 OldToken = Impersonation->
Token;
777 Impersonation->
Token = ImpersonationToken;
904#undef PsDereferenceImpersonationToken
918#undef PsDereferencePrimaryToken
971 if (Impersonation)
return TRUE;
1037 IN HANDLE ThreadToImpersonateHandle,
1048 "Threads: %p %p\n", ThreadHandle, ThreadToImpersonateHandle);
1062 SafeServiceQoS = *SecurityQualityOfService;
1063 SecurityQualityOfService = &SafeServiceQoS;
1087 (
PVOID*)&ThreadToImpersonate,
1093 SecurityQualityOfService,
#define STATUS_PRIVILEGE_NOT_HELD
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn UINT32 *TableIdx UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
#define NT_SUCCESS(StatCode)
#define ExAllocatePoolWithTag(hernya, size, tag)
#define PsGetCurrentThread()
#define ExReleaseRundownProtection
#define ExGetPreviousMode
#define ExAcquireRundownProtection
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
#define EXCEPTION_EXECUTE_HANDLER
#define PROCESS_TERMINATE
#define CT_ACTIVE_IMPERSONATION_INFO_BIT
#define PROCESS_QUERY_INFORMATION
#define JOB_OBJECT_SECURITY_RESTRICTED_TOKEN
#define THREAD_IMPERSONATE
#define THREAD_DIRECT_IMPERSONATION
#define PROCESS_CREATE_THREAD
#define PROCESS_VM_OPERATION
#define JOB_OBJECT_SECURITY_NO_ADMIN
#define PROCESS_SET_INFORMATION
#define PROCESS_CREATE_PROCESS
#define PROCESS_SET_QUOTA
#define PROCESS_DUP_HANDLE
#define InterlockedCompareExchangePointer
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
#define ExFreePoolWithTag(_P, _T)
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(IN PACCESS_TOKEN Token)
NTKERNELAPI VOID NTAPI SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity(IN PETHREAD Thread, IN PSECURITY_QUALITY_OF_SERVICE QualityOfService, IN BOOLEAN RemoteClient, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
#define PsDereferencePrimaryToken(T)
#define PsDereferenceImpersonationToken(T)
#define KeGetPreviousMode()
_In_ HANDLE ProcessHandle
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
#define STANDARD_RIGHTS_ALL
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
_Out_ PKAPC_STATE ApcState
BOOLEAN NTAPI SeTokenCanImpersonate(_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Determines whether the server is allowed to impersonate on behalf of a client or not....
NTSTATUS NTAPI SeCopyClientToken(_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
Copies an existing access token (technically duplicating a new one).
const LUID SeAssignPrimaryTokenPrivilege
NTSTATUS NTAPI SeSubProcessToken(_In_ PTOKEN Parent, _Out_ PTOKEN *Token, _In_ BOOLEAN InUse, _In_ ULONG SessionId)
Subtracts a token in exchange of duplicating a new one.
NTSTATUS NTAPI SeIsTokenSibling(_In_ PTOKEN Token, _Out_ PBOOLEAN IsSibling)
Checks if the token is a sibling of the other token of the current process that the calling thread is...
NTSTATUS NTAPI SeExchangePrimaryToken(_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new acce...
NTSTATUS NTAPI SeIsTokenChild(_In_ PTOKEN Token, _Out_ PBOOLEAN IsChild)
Checks if the token is a child of the other token of the current process that the calling thread is i...
VOID NTAPI SeDeassignPrimaryToken(_Inout_ PEPROCESS Process)
Removes the primary token of a process.
POBJECT_TYPE PsProcessType
NTSTATUS NTAPI PsOpenTokenOfProcess(IN HANDLE ProcessHandle, OUT PACCESS_TOKEN *Token)
NTSTATUS NTAPI PspSetPrimaryToken(IN PEPROCESS Process, IN HANDLE TokenHandle OPTIONAL, IN PACCESS_TOKEN Token OPTIONAL)
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
PACCESS_TOKEN NTAPI PsReferenceEffectiveToken(IN PETHREAD Thread, OUT IN PTOKEN_TYPE TokenType, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
VOID NTAPI PsRevertToSelf(VOID)
NTSTATUS NTAPI PspWriteTebImpersonationInfo(IN PETHREAD Thread, IN PETHREAD CurrentThread)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
NTSTATUS NTAPI PspInitializeProcessSecurity(IN PEPROCESS Process, IN PEPROCESS Parent OPTIONAL)
NTSTATUS NTAPI PspAssignPrimaryToken(IN PEPROCESS Process, IN HANDLE Token, IN PACCESS_TOKEN AccessToken OPTIONAL)
VOID NTAPI PsRevertThreadToSelf(IN PETHREAD Thread)
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
VOID NTAPI SeAssignPrimaryToken(IN PEPROCESS Process, IN PTOKEN Token)
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
VOID NTAPI PspDeleteProcessSecurity(IN PEPROCESS Process)
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
NTSTATUS NTAPI NtImpersonateThread(IN HANDLE ThreadHandle, IN HANDLE ThreadToImpersonateHandle, IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
NTSTATUS NTAPI NtOpenProcessTokenEx(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, OUT PHANDLE TokenHandle)
PTOKEN PspBootAccessToken
VOID NTAPI PspDeleteThreadSecurity(IN PETHREAD Thread)
POBJECT_TYPE PsThreadType
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
SECURITY_IMPERSONATION_LEVEL NTAPI SeTokenImpersonationLevel(_In_ PACCESS_TOKEN Token)
Gathers the security impersonation level of an access token.
BOOLEAN NTAPI SeTokenIsAdmin(_In_ PACCESS_TOKEN Token)
Determines if a token is either an admin token or not. Such condition is checked based upon TOKEN_HAS...
POBJECT_TYPE SeTokenObjectType
BOOLEAN NTAPI SeTokenIsRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is restricted or not, based upon the token flags.
#define STATUS_BAD_TOKEN_TYPE
PVOID FASTCALL ObFastReferenceObject(IN PEX_FAST_REF FastRef)
VOID NTAPI ObDereferenceDeviceMap(IN PEPROCESS Process)
VOID FASTCALL ObInitializeFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
ULONG NTAPI ObIsLUIDDeviceMapsEnabled(VOID)
PVOID FASTCALL ObFastReferenceObjectLocked(IN PEX_FAST_REF FastRef)
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
#define PSTRACE(x, fmt,...)
#define PS_SECURITY_DEBUG
FORCEINLINE VOID PspUnlockProcessSecurityExclusive(IN PEPROCESS Process)
FORCEINLINE VOID PspUnlockThreadSecurityShared(IN PETHREAD Thread)
FORCEINLINE VOID PspLockThreadSecurityExclusive(IN PETHREAD Thread)
#define PspSetCrossThreadFlag(Thread, Flag)
FORCEINLINE VOID PspUnlockProcessSecurityShared(IN PEPROCESS Process)
FORCEINLINE VOID PspUnlockThreadSecurityExclusive(IN PETHREAD Thread)
#define PspClearCrossThreadFlag(Thread, Flag)
FORCEINLINE VOID PspLockProcessSecurityExclusive(IN PEPROCESS Process)
FORCEINLINE VOID PspLockThreadSecurityShared(IN PETHREAD Thread)
FORCEINLINE VOID PspLockProcessSecurityShared(IN PEPROCESS Process)
#define _SEH2_GetExceptionCode()
#define _SEH2_EXCEPT(...)
#define _SEH2_YIELD(__stmt)
#define ProbeForWriteHandle(Ptr)
PULONG MinorVersion OPTIONAL
PPS_JOB_TOKEN_FILTER Filter
PPS_IMPERSONATION_INFORMATION ImpersonationInfo
EX_RUNDOWN_REF RundownProtect
ULONG ActiveImpersonationInfo
GENERIC_MAPPING GenericMapping
OBJECT_TYPE_INITIALIZER TypeInfo
SECURITY_IMPERSONATION_LEVEL Level
ULONG ImpersonationLocale
#define TAG_PS_IMPERSONATION
#define STATUS_ACCESS_DENIED
#define STATUS_UNSUCCESSFUL
#define STATUS_INSUFFICIENT_RESOURCES
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
#define ObDereferenceObject
#define ObReferenceObject
_Out_ PBOOLEAN CopyOnOpen
_Inout_ PSE_IMPERSONATION_STATE ImpersonationState
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
_In_ KPROCESSOR_MODE PreviousMode
#define TOKEN_ASSIGN_PRIMARY
#define TOKEN_IMPERSONATE
enum _TOKEN_TYPE * PTOKEN_TYPE