access.c File Reference

#include <ntoskrnl.h>
#include <debug.h>

Include dependency graph for access.c:

Go to the source code of this file.

Macros
#define	NDEBUG

Functions
NTSTATUS NTAPI	SeCreateAccessStateEx (_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PACCESS_STATE AccessState, _Out_ __drv_aliasesMem PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
	An extended function that creates an access state.
NTSTATUS NTAPI	SeCreateAccessState (_Out_ PACCESS_STATE AccessState, _Out_ __drv_aliasesMem PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
	Creates an access state.
VOID NTAPI	SeDeleteAccessState (_In_ PACCESS_STATE AccessState)
	Deletes an allocated access state from the memory.
VOID NTAPI	SeSetAccessStateGenericMapping (_In_ PACCESS_STATE AccessState, _In_ PGENERIC_MAPPING GenericMapping)
	Sets a new generic mapping for an allocated access state.

Macro Definition Documentation

NDEBUG

#define NDEBUG

Definition at line 11 of file access.c.

Function Documentation

SeCreateAccessState()

NTSTATUS NTAPI SeCreateAccessState	(	_Out_ PACCESS_STATE	AccessState,
		_Out_ __drv_aliasesMem PAUX_ACCESS_DATA	AuxData,
		_In_ ACCESS_MASK	Access,
		_In_ PGENERIC_MAPPING	GenericMapping
	)

Creates an access state.

Parameters

[out]	AccessState	An initialized returned parameter to an access state.
[out]	AuxData	Auxiliary security data for access state.
[in]	Access	Type of access mask to assign.
[in]	GenericMapping	Generic mapping for the access state to assign.

Returns

See SeCreateAccessStateEx.

Definition at line 121 of file access.c.

{
    PAGED_CODE();
 
    /* Call the extended API */
    return SeCreateAccessStateEx(PsGetCurrentThread(),
                                 PsGetCurrentProcess(),
                                 AccessState,
                                 AuxData,
                                 Access,
                                 GenericMapping);
}

Referenced by NtOpenProcess(), NtOpenThread(), ObDuplicateObject(), ObInsertObject(), ObOpenObjectByName(), ObOpenObjectByPointer(), ObReferenceObjectByName(), and START_TEST().

SeCreateAccessStateEx()

NTSTATUS NTAPI SeCreateAccessStateEx	(	_In_ PETHREAD	Thread,
		_In_ PEPROCESS	Process,
		_Out_ PACCESS_STATE	AccessState,
		_Out_ __drv_aliasesMem PAUX_ACCESS_DATA	AuxData,
		_In_ ACCESS_MASK	Access,
		_In_ PGENERIC_MAPPING	GenericMapping
	)

An extended function that creates an access state.

Parameters

[in]	Thread	Valid thread object where subject context is to be captured.
[in]	Process	Valid process object where subject context is to be captured.
[out]	AccessState	An initialized returned parameter to an access state.
[out]	AuxData	Auxiliary security data for access state.
[in]	Access	Type of access mask to assign.
[in]	GenericMapping	Generic mapping for the access state to assign.

Returns

Returns STATUS_SUCCESS.

Definition at line 43 of file access.c.

{
    ACCESS_MASK AccessMask = Access;
    PTOKEN Token;
    PAGED_CODE();
 
    /* Map the Generic Acess to Specific Access if we have a Mapping */
    if ((Access & GENERIC_ACCESS) && (GenericMapping))
    {
        RtlMapGenericMask(&AccessMask, GenericMapping);
    }
 
    /* Initialize the Access State */
    RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
    ASSERT(AccessState->SecurityDescriptor == NULL);
    ASSERT(AccessState->PrivilegesAllocated == FALSE);
 
    /* Initialize and save aux data */
    RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
    AccessState->AuxData = AuxData;
 
    /* Capture the Subject Context */
    SeCaptureSubjectContextEx(Thread,
                              Process,
                              &AccessState->SubjectSecurityContext);
 
    /* Set Access State Data */
    AccessState->RemainingDesiredAccess = AccessMask;
    AccessState->OriginalDesiredAccess = AccessMask;
    ExAllocateLocallyUniqueId(&AccessState->OperationID);
 
    /* Get the Token to use */
    Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
 
    /* Check for Travers Privilege */
    if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
    {
        /* Preserve the Traverse Privilege */
        AccessState->Flags = TOKEN_HAS_TRAVERSE_PRIVILEGE;
    }
 
    /* Set the Auxiliary Data */
    AuxData->PrivilegesUsed = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
                                             FIELD_OFFSET(ACCESS_STATE,
                                                          Privileges));
    if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
 
    /* Return Sucess */
    return STATUS_SUCCESS;
}

Referenced by SeCreateAccessState().

SeDeleteAccessState()

VOID NTAPI SeDeleteAccessState

(

_In_ PACCESS_STATE

AccessState

)

Deletes an allocated access state from the memory.

Parameters

[in]

AccessState

A valid access state.

Returns

Nothing.

Definition at line 150 of file access.c.

{
    PAUX_ACCESS_DATA AuxData;
    PAGED_CODE();
 
    /* Get the Auxiliary Data */
    AuxData = AccessState->AuxData;
 
    /* Deallocate Privileges */
    if (AccessState->PrivilegesAllocated)
        ExFreePoolWithTag(AuxData->PrivilegesUsed, TAG_PRIVILEGE_SET);
 
    /* Deallocate Name and Type Name */
    if (AccessState->ObjectName.Buffer)
    {
        ExFreePool(AccessState->ObjectName.Buffer);
    }
 
    if (AccessState->ObjectTypeName.Buffer)
    {
        ExFreePool(AccessState->ObjectTypeName.Buffer);
    }
 
    /* Release the Subject Context */
    SeReleaseSubjectContext(&AccessState->SubjectSecurityContext);
}

Referenced by NtOpenProcess(), NtOpenThread(), ObDuplicateObject(), ObInsertObject(), ObOpenObjectByName(), ObOpenObjectByPointer(), ObReferenceObjectByName(), PspCreateProcess(), PspCreateThread(), and START_TEST().

SeSetAccessStateGenericMapping()

VOID NTAPI SeSetAccessStateGenericMapping	(	_In_ PACCESS_STATE	AccessState,
		_In_ PGENERIC_MAPPING	GenericMapping
	)

Sets a new generic mapping for an allocated access state.

Parameters

[in]	AccessState	A valid access state.
[in]	GenericMapping	New generic mapping to assign.

Returns

Nothing.

Definition at line 193 of file access.c.

{
    PAGED_CODE();
 
    /* Set the Generic Mapping */
    ((PAUX_ACCESS_DATA)AccessState->AuxData)->GenericMapping = *GenericMapping;
}

Referenced by IopParseDevice().