60 if (ImpersonationInfo)
75 PTOKEN NewToken, ParentToken;
142 if ((
Thread == CurrentThread) ||
162 if (
Thread != CurrentThread)
253 if (!IsChildOrSibling)
265 if (!IsChildOrSibling)
656 sizeof(*Impersonation),
669 Impersonation = OldData;
676 Job =
Thread->ThreadsProcess->Job;
707 OldToken = Impersonation->
Token;
841 #undef PsDereferenceImpersonationToken 855 #undef PsDereferencePrimaryToken 908 if (Impersonation)
return TRUE;
974 IN HANDLE ThreadToImpersonateHandle,
985 "Threads: %p %p\n", ThreadHandle, ThreadToImpersonateHandle);
999 SafeServiceQoS = *SecurityQualityOfService;
1000 SecurityQualityOfService = &SafeServiceQoS;
1024 (
PVOID*)&ThreadToImpersonate,
1030 SecurityQualityOfService,
NTSTATUS NTAPI NtImpersonateThread(IN HANDLE ThreadHandle, IN HANDLE ThreadToImpersonateHandle, IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
#define STATUS_PRIVILEGE_NOT_HELD
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
NTSTATUS NTAPI PspSetPrimaryToken(IN PEPROCESS Process, IN HANDLE TokenHandle OPTIONAL, IN PACCESS_TOKEN Token OPTIONAL)
#define STATUS_INSUFFICIENT_RESOURCES
NTSTATUS NTAPI SeIsTokenSibling(IN PTOKEN Token, OUT PBOOLEAN IsSibling)
FORCEINLINE VOID PspUnlockThreadSecurityExclusive(IN PETHREAD Thread)
_Inout_ PSE_IMPERSONATION_STATE ImpersonationState
FORCEINLINE VOID PspLockThreadSecurityShared(IN PETHREAD Thread)
NTSTATUS NTAPI NtOpenProcessTokenEx(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, OUT PHANDLE TokenHandle)
#define PsGetCurrentThread()
#define PspClearCrossThreadFlag(Thread, Flag)
#define PROCESS_QUERY_INFORMATION
#define THREAD_IMPERSONATE
FORCEINLINE VOID PspLockProcessSecurityExclusive(IN PEPROCESS Process)
PTOKEN PspBootAccessToken
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
NTSTATUS NTAPI SeIsTokenChild(IN PTOKEN Token, OUT PBOOLEAN IsChild)
VOID NTAPI PsRevertThreadToSelf(IN PETHREAD Thread)
enum _TOKEN_TYPE * PTOKEN_TYPE
NTSTATUS NTAPI PspInitializeProcessSecurity(IN PEPROCESS Process, IN PEPROCESS Parent OPTIONAL)
VOID NTAPI SeDeassignPrimaryToken(struct _EPROCESS *Process)
#define JOB_OBJECT_SECURITY_RESTRICTED_TOKEN
#define KeGetPreviousMode()
ULONG ImpersonationLocale
EX_RUNDOWN_REF RundownProtect
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define ExAcquireRundownProtection
PVOID FASTCALL ObFastReferenceObject(IN PEX_FAST_REF FastRef)
_Out_ PBOOLEAN CopyOnOpen
#define TOKEN_ASSIGN_PRIMARY
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
const LUID SeAssignPrimaryTokenPrivilege
#define TOKEN_IMPERSONATE
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn BOOLEAN Physical UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
NTSTATUS NTAPI SeExchangePrimaryToken(_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
#define JOB_OBJECT_SECURITY_NO_ADMIN
BOOLEAN NTAPI SeTokenIsRestricted(IN PACCESS_TOKEN Token)
#define PROCESS_CREATE_THREAD
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
PPS_IMPERSONATION_INFORMATION ImpersonationInfo
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
#define PROCESS_DUP_HANDLE
NTSTATUS NTAPI PsOpenTokenOfProcess(IN HANDLE ProcessHandle, OUT PACCESS_TOKEN *Token)
#define InterlockedCompareExchangePointer
FORCEINLINE VOID PspUnlockProcessSecurityShared(IN PEPROCESS Process)
#define EXCEPTION_EXECUTE_HANDLER
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
#define STATUS_BAD_TOKEN_TYPE
POBJECT_TYPE SeTokenObjectType
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity(IN PETHREAD Thread, IN PSECURITY_QUALITY_OF_SERVICE QualityOfService, IN BOOLEAN RemoteClient, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
SECURITY_IMPERSONATION_LEVEL NTAPI SeTokenImpersonationLevel(IN PACCESS_TOKEN Token)
#define PROCESS_SET_QUOTA
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(IN PACCESS_TOKEN Token)
_In_ KPROCESSOR_MODE PreviousMode
#define _SEH2_YIELD(STMT_)
#define NT_SUCCESS(StatCode)
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
#define ObDereferenceObject
#define ProbeForWriteHandle(Ptr)
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
#define STATUS_ACCESS_DENIED
VOID FASTCALL ObInitializeFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
#define PS_SECURITY_DEBUG
#define PROCESS_CREATE_PROCESS
ULONG ActiveImpersonationInfo
#define ExAllocatePoolWithTag(hernya, size, tag)
NTSTATUS NTAPI PspAssignPrimaryToken(IN PEPROCESS Process, IN HANDLE Token, IN PACCESS_TOKEN AccessToken OPTIONAL)
POBJECT_TYPE PsThreadType
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
#define PspSetCrossThreadFlag(Thread, Flag)
PPS_JOB_TOKEN_FILTER Filter
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
FORCEINLINE VOID PspUnlockThreadSecurityShared(IN PETHREAD Thread)
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
OBJECT_TYPE_INITIALIZER TypeInfo
VOID NTAPI ObDereferenceDeviceMap(IN PEPROCESS Process)
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
NTSTATUS NTAPI SeSubProcessToken(IN PTOKEN Parent, OUT PTOKEN *Token, IN BOOLEAN InUse, IN ULONG SessionId)
NTKERNELAPI VOID NTAPI SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
GENERIC_MAPPING GenericMapping
#define STANDARD_RIGHTS_ALL
#define PROCESS_TERMINATE
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
_Out_ PKAPC_STATE ApcState
BOOLEAN NTAPI SeTokenIsAdmin(IN PACCESS_TOKEN Token)
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
VOID NTAPI PspDeleteProcessSecurity(IN PEPROCESS Process)
FORCEINLINE VOID PspLockProcessSecurityShared(IN PEPROCESS Process)
#define CT_ACTIVE_IMPERSONATION_INFO_BIT
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
#define ObReferenceObject
VOID NTAPI SeAssignPrimaryToken(IN PEPROCESS Process, IN PTOKEN Token)
PVOID FASTCALL ObFastReferenceObjectLocked(IN PEX_FAST_REF FastRef)
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
#define PROCESS_VM_OPERATION
FORCEINLINE VOID PspUnlockProcessSecurityExclusive(IN PEPROCESS Process)
#define PROCESS_SET_INFORMATION
#define THREAD_DIRECT_IMPERSONATION
#define PSTRACE(x, fmt,...)
#define _SEH2_EXCEPT(...)
FORCEINLINE VOID PspLockThreadSecurityExclusive(IN PETHREAD Thread)
#define ExFreePoolWithTag(_P, _T)
#define _SEH2_GetExceptionCode()
PACCESS_TOKEN NTAPI PsReferenceEffectiveToken(IN PETHREAD Thread, OUT IN PTOKEN_TYPE TokenType, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
#define TAG_PS_IMPERSONATION
_In_ HANDLE ProcessHandle
NTSTATUS NTAPI PspWriteTebImpersonationInfo(IN PETHREAD Thread, IN PETHREAD CurrentThread)
ULONG NTAPI ObIsLUIDDeviceMapsEnabled(VOID)
POBJECT_TYPE PsProcessType
VOID NTAPI PspDeleteThreadSecurity(IN PETHREAD Thread)
VOID NTAPI PsRevertToSelf(VOID)
SECURITY_IMPERSONATION_LEVEL Level
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
PULONG MinorVersion OPTIONAL
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)