ReactOS  0.4.15-dev-3187-ge372f2b
access.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for access.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

BOOLEAN NTAPI SepSidInTokenEx (_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
 Checks if a SID is present in a token. More...
 
BOOLEAN NTAPI SepSidInToken (_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
 Checks if a SID is present in a token. More...
 
BOOLEAN NTAPI SepTokenIsOwner (_In_ PACCESS_TOKEN _Token, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN TokenLocked)
 Checks if a token belongs to the main user, being the owner. More...
 
VOID NTAPI SeGetTokenControlInformation (_In_ PACCESS_TOKEN _Token, _Out_ PTOKEN_CONTROL TokenControl)
 Retrieves token control information. More...
 
NTSTATUS NTAPI SepCreateClientSecurity (_In_ PACCESS_TOKEN Token, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _In_ TOKEN_TYPE TokenType, _In_ BOOLEAN ThreadEffectiveOnly, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
 Creates a client security context based upon an access token. More...
 
VOID NTAPI SeCaptureSubjectContextEx (_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 An extended function that captures the security subject context based upon the specified thread and process. More...
 
VOID NTAPI SeCaptureSubjectContext (_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 Captures the security subject context of the calling thread and calling process. More...
 
VOID NTAPI SeLockSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 Locks both the referenced primary and client access tokens of a security subject context. More...
 
VOID NTAPI SeUnlockSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 Unlocks both the referenced primary and client access tokens of a security subject context. More...
 
VOID NTAPI SeReleaseSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 Releases both the primary and client tokens of a security subject context. More...
 
NTSTATUS NTAPI SeCreateAccessStateEx (_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Inout_ PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
 An extended function that creates an access state. More...
 
NTSTATUS NTAPI SeCreateAccessState (_Inout_ PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
 Creates an access state. More...
 
VOID NTAPI SeDeleteAccessState (_In_ PACCESS_STATE AccessState)
 Deletes an allocated access state from the memory. More...
 
VOID NTAPI SeSetAccessStateGenericMapping (_In_ PACCESS_STATE AccessState, _In_ PGENERIC_MAPPING GenericMapping)
 Sets a new generic mapping for an allocated access state. More...
 
NTSTATUS NTAPI SeCreateClientSecurity (_In_ PETHREAD Thread, _In_ PSECURITY_QUALITY_OF_SERVICE Qos, _In_ BOOLEAN RemoteClient, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
 Creates a client security context. More...
 
NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
 Creates a client security context based upon the captured security subject context. More...
 
NTSTATUS NTAPI SeImpersonateClientEx (_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
 Extended function that impersonates a client. More...
 
VOID NTAPI SeImpersonateClient (_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
 Impersonates a client user. More...
 

Variables

ERESOURCE SepSubjectContextLock
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 11 of file access.c.

Function Documentation

◆ SeCaptureSubjectContext()

VOID NTAPI SeCaptureSubjectContext ( _Out_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

Captures the security subject context of the calling thread and calling process.

Parameters
[out]SubjectContextThe returned security subject context.
Returns
Nothing.

Definition at line 434 of file access.c.

436 {
437  /* Call the extended API */
441 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
VOID NTAPI SeCaptureSubjectContextEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
An extended function that captures the security subject context based upon the specified thread and p...
Definition: access.c:390
#define PsGetCurrentProcess
Definition: psfuncs.h:17

Referenced by create_directory_fcb(), create_subvol(), fcb_get_sd(), HasPrivilege(), KsCreateDefaultSecurity(), mknod(), nfs41_get_sec_ctx(), nfs41_GetLUID(), nfs41_UpcallCreate(), NtAccessCheck(), NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), NtSetUuidSeed(), RxStartMinirdr(), SeCheckPrivilegedObject(), SepAccessCheckAndAuditAlarm(), SeReportSecurityEvent(), SeSinglePrivilegeCheck(), set_link_information(), set_rename_information(), START_TEST(), SystemThread(), UDFCheckAccessRights(), and UDFSetAccessRights().

◆ SeCaptureSubjectContextEx()

VOID NTAPI SeCaptureSubjectContextEx ( _In_ PETHREAD  Thread,
_In_ PEPROCESS  Process,
_Out_ PSECURITY_SUBJECT_CONTEXT  SubjectContext 
)

An extended function that captures the security subject context based upon the specified thread and process.

Parameters
[in]ThreadA thread where the calling thread's token is to be referenced for the security context.
[in]ProcessA process where the main process' token is to be referenced for the security context.
[out]SubjectContextThe returned security subject context.
Returns
Nothing.

Definition at line 390 of file access.c.

394 {
396 
397  PAGED_CODE();
398 
399  /* Save the unique ID */
400  SubjectContext->ProcessAuditId = Process->UniqueProcessId;
401 
402  /* Check if we have a thread */
403  if (!Thread)
404  {
405  /* We don't, so no token */
406  SubjectContext->ClientToken = NULL;
407  }
408  else
409  {
410  /* Get the impersonation token */
412  &CopyOnOpen,
413  &EffectiveOnly,
414  &SubjectContext->ImpersonationLevel);
415  }
416 
417  /* Get the primary token */
419 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
unsigned char BOOLEAN
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:388
#define PAGED_CODE()

Referenced by SeCaptureSubjectContext(), and SeCreateAccessStateEx().

◆ SeCreateAccessState()

NTSTATUS NTAPI SeCreateAccessState ( _Inout_ PACCESS_STATE  AccessState,
_In_ PAUX_ACCESS_DATA  AuxData,
_In_ ACCESS_MASK  Access,
_In_ PGENERIC_MAPPING  GenericMapping 
)

Creates an access state.

Parameters
[in,out]AccessStateAn initialized returned parameter to an access state.
[in]AuxDataAuxiliary security data for access state.
[in]AccessType of access mask to assign.
[in]GenericMappingGeneric mapping for the access state to assign.
Returns
See SeCreateAccessStateEx.

Definition at line 639 of file access.c.

644 {
645  PAGED_CODE();
646 
647  /* Call the extended API */
650  AccessState,
651  AuxData,
652  Access,
654 }
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define PsGetCurrentProcess
Definition: psfuncs.h:17
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
NTSTATUS NTAPI SeCreateAccessStateEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Inout_ PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
An extended function that creates an access state.
Definition: access.c:561
#define PAGED_CODE()

Referenced by NtOpenProcess(), NtOpenThread(), ObDuplicateObject(), ObInsertObject(), ObOpenObjectByName(), ObOpenObjectByPointer(), ObReferenceObjectByName(), and START_TEST().

◆ SeCreateAccessStateEx()

NTSTATUS NTAPI SeCreateAccessStateEx ( _In_ PETHREAD  Thread,
_In_ PEPROCESS  Process,
_Inout_ PACCESS_STATE  AccessState,
_In_ PAUX_ACCESS_DATA  AuxData,
_In_ ACCESS_MASK  Access,
_In_ PGENERIC_MAPPING  GenericMapping 
)

An extended function that creates an access state.

Parameters
[in]ThreadValid thread object where subject context is to be captured.
[in]ProcessValid process object where subject context is to be captured.
[in,out]AccessStateAn initialized returned parameter to an access state.
[in]AuxDataAuxiliary security data for access state.
[in]AccessType of access mask to assign.
[in]GenericMappingGeneric mapping for the access state to assign.
Returns
Returns STATUS_SUCCESS.

Definition at line 561 of file access.c.

568 {
569  ACCESS_MASK AccessMask = Access;
570  PTOKEN Token;
571  PAGED_CODE();
572 
573  /* Map the Generic Acess to Specific Access if we have a Mapping */
574  if ((Access & GENERIC_ACCESS) && (GenericMapping))
575  {
577  }
578 
579  /* Initialize the Access State */
581  ASSERT(AccessState->SecurityDescriptor == NULL);
582  ASSERT(AccessState->PrivilegesAllocated == FALSE);
583 
584  /* Initialize and save aux data */
585  RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
586  AccessState->AuxData = AuxData;
587 
588  /* Capture the Subject Context */
590  Process,
591  &AccessState->SubjectSecurityContext);
592 
593  /* Set Access State Data */
594  AccessState->RemainingDesiredAccess = AccessMask;
595  AccessState->OriginalDesiredAccess = AccessMask;
596  ExAllocateLocallyUniqueId(&AccessState->OperationID);
597 
598  /* Get the Token to use */
599  Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
600 
601  /* Check for Travers Privilege */
602  if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
603  {
604  /* Preserve the Traverse Privilege */
606  }
607 
608  /* Set the Auxiliary Data */
609  AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
611  Privileges));
612  if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
613 
614  /* Return Sucess */
615  return STATUS_SUCCESS;
616 }
VOID NTAPI SeCaptureSubjectContextEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
An extended function that captures the security subject context based upon the specified thread and p...
Definition: access.c:390
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define GENERIC_ACCESS
Definition: wlx.c:26
#define TOKEN_HAS_TRAVERSE_PRIVILEGE
Definition: setypes.h:1143
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define FALSE
Definition: types.h:117
#define ASSERT(a)
Definition: mode.c:44
VOID NTAPI RtlMapGenericMask(IN OUT PACCESS_MASK AccessMask, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:50
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
struct _PRIVILEGE_SET * PPRIVILEGE_SET
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:335
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define NULL
Definition: types.h:112
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define STATUS_SUCCESS
Definition: shellext.h:65
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define PAGED_CODE()

Referenced by SeCreateAccessState().

◆ SeCreateClientSecurity()

NTSTATUS NTAPI SeCreateClientSecurity ( _In_ PETHREAD  Thread,
_In_ PSECURITY_QUALITY_OF_SERVICE  Qos,
_In_ BOOLEAN  RemoteClient,
_Out_ PSECURITY_CLIENT_CONTEXT  ClientContext 
)

Creates a client security context.

Parameters
[in]ThreadThread object of the client where impersonation has to begin.
[in]QosQuality of service to specify what kind of impersonation to be done.
[in]RemoteClientIf set to TRUE, the client that we're going to impersonate is remote.
[out]ClientContextThe returned security client context.
Returns
See SepCreateClientSecurity.

Definition at line 742 of file access.c.

747 {
749  BOOLEAN ThreadEffectiveOnly;
753  PAGED_CODE();
754 
755  /* Reference the correct token */
757  &TokenType,
758  &ThreadEffectiveOnly,
760 
761  /* Create client security from it */
763  Qos,
764  RemoteClient,
765  TokenType,
766  ThreadEffectiveOnly,
768  ClientContext);
769 
770  /* Check if we failed or static tracking was used */
771  if (!(NT_SUCCESS(Status)) || (Qos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
772  {
773  /* Dereference our copy since it's not being used */
775  }
776 
777  /* Return status */
778  return Status;
779 }
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
NTSTATUS NTAPI SepCreateClientSecurity(_In_ PACCESS_TOKEN Token, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _In_ TOKEN_TYPE TokenType, _In_ BOOLEAN ThreadEffectiveOnly, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon an access token.
Definition: access.c:281
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
unsigned char BOOLEAN
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ PVOID ClientContext
Definition: netioddk.h:55
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
#define ObDereferenceObject
Definition: obfuncs.h:203
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652
PACCESS_TOKEN NTAPI PsReferenceEffectiveToken(IN PETHREAD Thread, OUT IN PTOKEN_TYPE TokenType, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:780
enum _TOKEN_TYPE TOKEN_TYPE
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:388
#define PAGED_CODE()

◆ SeCreateClientSecurityFromSubjectContext()

NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PSECURITY_QUALITY_OF_SERVICE  ClientSecurityQos,
_In_ BOOLEAN  ServerIsRemote,
_Out_ PSECURITY_CLIENT_CONTEXT  ClientContext 
)

Creates a client security context based upon the captured security subject context.

Parameters
[in]SubjectContextThe captured subject context where client security is to be created from.
[in]ClientSecurityQosQuality of service to specify what kind of impersonation to be done.
[in]ServerIsRemoteIf set to TRUE, the client that we're going to impersonate is remote.
[out]ClientContextThe returned security client context.
Returns
See SepCreateClientSecurity.

Definition at line 804 of file access.c.

809 {
812  PAGED_CODE();
813 
814  /* Get the right token and reference it */
817 
818  /* Create the context */
820  ClientSecurityQos,
821  ServerIsRemote,
822  SubjectContext->ClientToken ?
824  FALSE,
825  SubjectContext->ImpersonationLevel,
826  ClientContext);
827 
828  /* Check if we failed or static tracking was used */
829  if (!(NT_SUCCESS(Status)) ||
830  (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
831  {
832  /* Dereference our copy since it's not being used */
834  }
835 
836  /* Return status */
837  return Status;
838 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
NTSTATUS NTAPI SepCreateClientSecurity(_In_ PACCESS_TOKEN Token, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _In_ TOKEN_TYPE TokenType, _In_ BOOLEAN ThreadEffectiveOnly, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon an access token.
Definition: access.c:281
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ PVOID ClientContext
Definition: netioddk.h:55
#define ObDereferenceObject
Definition: obfuncs.h:203
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
#define ObReferenceObject
Definition: obfuncs.h:204
#define PAGED_CODE()

Referenced by nfs41_get_sec_ctx(), nfs41_GetLUID(), and nfs41_UpcallCreate().

◆ SeDeleteAccessState()

VOID NTAPI SeDeleteAccessState ( _In_ PACCESS_STATE  AccessState)

Deletes an allocated access state from the memory.

Parameters
[in]AccessStateA valid access state.
Returns
Nothing.

Definition at line 668 of file access.c.

670 {
671  PAUX_ACCESS_DATA AuxData;
672  PAGED_CODE();
673 
674  /* Get the Auxiliary Data */
675  AuxData = AccessState->AuxData;
676 
677  /* Deallocate Privileges */
678  if (AccessState->PrivilegesAllocated)
680 
681  /* Deallocate Name and Type Name */
682  if (AccessState->ObjectName.Buffer)
683  {
684  ExFreePool(AccessState->ObjectName.Buffer);
685  }
686 
687  if (AccessState->ObjectTypeName.Buffer)
688  {
689  ExFreePool(AccessState->ObjectTypeName.Buffer);
690  }
691 
692  /* Release the Subject Context */
693  SeReleaseSubjectContext(&AccessState->SubjectSecurityContext);
694 }
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:234
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: access.c:520
#define TAG_PRIVILEGE_SET
Definition: tag.h:180
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
#define PAGED_CODE()

Referenced by NtOpenProcess(), NtOpenThread(), ObDuplicateObject(), ObInsertObject(), ObOpenObjectByName(), ObOpenObjectByPointer(), ObReferenceObjectByName(), PspCreateProcess(), PspCreateThread(), and START_TEST().

◆ SeGetTokenControlInformation()

VOID NTAPI SeGetTokenControlInformation ( _In_ PACCESS_TOKEN  _Token,
_Out_ PTOKEN_CONTROL  TokenControl 
)

Retrieves token control information.

Parameters
[in]_TokenA valid token object.
[out]SecurityDescriptorThe returned token control information.
Returns
Nothing.

Definition at line 222 of file access.c.

225 {
226  PTOKEN Token = _Token;
227  PAGED_CODE();
228 
229  /* Capture the main fields */
230  TokenControl->AuthenticationId = Token->AuthenticationId;
231  TokenControl->TokenId = Token->TokenId;
232  TokenControl->TokenSource = Token->TokenSource;
233 
234  /* Lock the token */
236 
237  /* Capture the modified ID */
238  TokenControl->ModifiedId = Token->ModifiedId;
239 
240  /* Unlock it */
242 }
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define SepReleaseTokenLock(Token)
Definition: se.h:231
#define SepAcquireTokenLockShared(Token)
Definition: se.h:225
#define PAGED_CODE()

Referenced by SepCreateClientSecurity().

◆ SeImpersonateClient()

VOID NTAPI SeImpersonateClient ( _In_ PSECURITY_CLIENT_CONTEXT  ClientContext,
_In_opt_ PETHREAD  ServerThread 
)

Impersonates a client user.

Parameters
[in]ClientContextA valid client context.
[in]ServerThreadThe thread where impersonation is to be done.
Returns
Nothing.

Definition at line 901 of file access.c.

904 {
905  PAGED_CODE();
906 
907  /* Call the new API */
909 }
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
_In_ PVOID ClientContext
Definition: netioddk.h:55
NTSTATUS NTAPI SeImpersonateClientEx(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Extended function that impersonates a client.
Definition: access.c:856
#define PAGED_CODE()

◆ SeImpersonateClientEx()

NTSTATUS NTAPI SeImpersonateClientEx ( _In_ PSECURITY_CLIENT_CONTEXT  ClientContext,
_In_opt_ PETHREAD  ServerThread 
)

Extended function that impersonates a client.

Parameters
[in]ClientContextA valid client context.
[in]ServerThreadThe thread where impersonation is to be done.
Returns
STATUS_SUCCESS is returned if the calling thread successfully impersonates the client. A failure NTSTATUS code is returned otherwise.

Definition at line 856 of file access.c.

859 {
861  PAGED_CODE();
862 
863  /* Check if direct access is requested */
864  if (!ClientContext->DirectlyAccessClientToken)
865  {
866  /* No, so get the flag from QOS */
867  EffectiveOnly = ClientContext->SecurityQos.EffectiveOnly;
868  }
869  else
870  {
871  /* Yes, so see if direct access should be effective only */
872  EffectiveOnly = ClientContext->DirectAccessEffectiveOnly;
873  }
874 
875  /* Use the current thread if one was not passed */
877 
878  /* Call the lower layer routine */
880  ClientContext->ClientToken,
881  TRUE,
883  ClientContext->SecurityQos.ImpersonationLevel);
884 }
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define TRUE
Definition: types.h:120
unsigned char BOOLEAN
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
_In_ PVOID ClientContext
Definition: netioddk.h:55
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:388
#define PAGED_CODE()

Referenced by CmpCmdHiveOpen(), handle_upcall(), NpImpersonateClientContext(), NtImpersonateClientOfPort(), and SeImpersonateClient().

◆ SeLockSubjectContext()

VOID NTAPI SeLockSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

Locks both the referenced primary and client access tokens of a security subject context.

Parameters
[in]SubjectContextA valid security context with both referenced tokens.
Returns
Nothing.

Definition at line 456 of file access.c.

458 {
459  PTOKEN PrimaryToken, ClientToken;
460  PAGED_CODE();
461 
462  /* Read both tokens */
463  PrimaryToken = SubjectContext->PrimaryToken;
464  ClientToken = SubjectContext->ClientToken;
465 
466  /* Always lock the primary */
467  SepAcquireTokenLockShared(PrimaryToken);
468 
469  /* Lock the impersonation one if it's there */
470  if (!ClientToken) return;
471  SepAcquireTokenLockShared(ClientToken);
472 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
#define SepAcquireTokenLockShared(Token)
Definition: se.h:225
#define PAGED_CODE()

Referenced by create_stream(), FatExplicitDeviceAccessGranted(), file_create(), HasPrivilege(), IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NpCreateNewNamedPipe(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckObjectReference(), ObpCheckTraverseAccess(), open_file2(), SeAccessCheck(), and START_TEST().

◆ SepCreateClientSecurity()

NTSTATUS NTAPI SepCreateClientSecurity ( _In_ PACCESS_TOKEN  Token,
_In_ PSECURITY_QUALITY_OF_SERVICE  ClientSecurityQos,
_In_ BOOLEAN  ServerIsRemote,
_In_ TOKEN_TYPE  TokenType,
_In_ BOOLEAN  ThreadEffectiveOnly,
_In_ SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel,
_Out_ PSECURITY_CLIENT_CONTEXT  ClientContext 
)

Creates a client security context based upon an access token.

Parameters
[in]TokenA valid token object.
[in]ClientSecurityQosThe Quality of Service (QoS) of a client security context.
[in]ServerIsRemoteIf the client is a remote server (TRUE), the function will retrieve the control information of an access token, that is, we're doing delegation and that the server isn't local.
[in]TokenTypeType of token.
[in]ThreadEffectiveOnlyIf set to TRUE, the client wants that the current thread wants to modify (enable or disable) privileges and groups.
[in]ImpersonationLevelSecurity impersonation level filled in the QoS context.
[out]ClientContextThe returned security client context.
Returns
Returns STATUS_SUCCESS if client security creation has completed successfully. STATUS_INVALID_PARAMETER is returned if one or more of the parameters are bogus. STATUS_BAD_IMPERSONATION_LEVEL is returned if the current impersonation level within QoS context doesn't meet with the conditions required. A failure NTSTATUS code is returned otherwise.

Definition at line 281 of file access.c.

289 {
291  PACCESS_TOKEN NewToken;
292  PAGED_CODE();
293 
294  /* Check for bogus impersonation level */
295  if (!VALID_IMPERSONATION_LEVEL(ClientSecurityQos->ImpersonationLevel))
296  {
297  /* Fail the call */
299  }
300 
301  /* Check what kind of token this is */
303  {
304  /* On a primary token, if we do direct access, copy the flag from the QOS */
305  ClientContext->DirectAccessEffectiveOnly = ClientSecurityQos->EffectiveOnly;
306  }
307  else
308  {
309  /* This is an impersonation token, is the level ok? */
310  if (ClientSecurityQos->ImpersonationLevel > ImpersonationLevel)
311  {
312  /* Nope, fail */
314  }
315 
316  /* Is the level too low, or are we doing something other than delegation remotely */
319  ((ServerIsRemote) && (ImpersonationLevel != SecurityDelegation)))
320  {
321  /* Fail the call */
323  }
324 
325  /* Pick either the thread setting or the QOS setting */
326  ClientContext->DirectAccessEffectiveOnly =
327  ((ThreadEffectiveOnly) || (ClientSecurityQos->EffectiveOnly)) ? TRUE : FALSE;
328  }
329 
330  /* Is this static tracking */
331  if (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING)
332  {
333  /* Do not use direct access and make a copy */
334  ClientContext->DirectlyAccessClientToken = FALSE;
336  ClientSecurityQos->ImpersonationLevel,
337  KernelMode,
338  &NewToken);
339  if (!NT_SUCCESS(Status))
340  return Status;
341  }
342  else
343  {
344  /* Use direct access and check if this is local */
345  ClientContext->DirectlyAccessClientToken = TRUE;
346  if (ServerIsRemote)
347  {
348  /* We are doing delegation, so make a copy of the control data */
350  &ClientContext->ClientTokenControl);
351  }
352 
353  /* Keep the same token */
354  NewToken = Token;
355  }
356 
357  /* Fill out the context and return success */
358  ClientContext->SecurityQos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
359  ClientContext->SecurityQos.ImpersonationLevel = ClientSecurityQos->ImpersonationLevel;
360  ClientContext->SecurityQos.ContextTrackingMode = ClientSecurityQos->ContextTrackingMode;
361  ClientContext->SecurityQos.EffectiveOnly = ClientSecurityQos->EffectiveOnly;
362  ClientContext->ServerIsRemote = ServerIsRemote;
363  ClientContext->ClientToken = NewToken;
364  return STATUS_SUCCESS;
365 }
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
#define VALID_IMPERSONATION_LEVEL(Level)
Definition: setypes.h:101
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
VOID NTAPI SeGetTokenControlInformation(_In_ PACCESS_TOKEN _Token, _Out_ PTOKEN_CONTROL TokenControl)
Retrieves token control information.
Definition: access.c:222
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ PVOID ClientContext
Definition: netioddk.h:55
USHORT Length
Definition: ntsecapi.h:172
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
NTSTATUS NTAPI SeCopyClientToken(_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
Copies an existing access token (technically duplicating a new one).
Definition: token.c:1482
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
#define STATUS_SUCCESS
Definition: shellext.h:65
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:388
#define PAGED_CODE()

Referenced by SeCreateClientSecurity(), and SeCreateClientSecurityFromSubjectContext().

◆ SepSidInToken()

BOOLEAN NTAPI SepSidInToken ( _In_ PACCESS_TOKEN  _Token,
_In_ PSID  Sid 
)

Checks if a SID is present in a token.

Parameters
[in]_TokenA valid token object.
[in]_SidA regular SID.
Returns
Returns TRUE if the specified SID in the call is present in the token, FALSE otherwise.

Definition at line 149 of file access.c.

152 {
153  /* Call extended API */
154  return SepSidInTokenEx(_Token, NULL, Sid, FALSE, FALSE);
155 }
BOOLEAN NTAPI SepSidInTokenEx(_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
Checks if a SID is present in a token.
Definition: access.c:48
#define FALSE
Definition: types.h:117
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define NULL
Definition: types.h:112

Referenced by SepAccessCheck(), and SepTokenIsOwner().

◆ SepSidInTokenEx()

BOOLEAN NTAPI SepSidInTokenEx ( _In_ PACCESS_TOKEN  _Token,
_In_ PSID  PrincipalSelfSid,
_In_ PSID  _Sid,
_In_ BOOLEAN  Deny,
_In_ BOOLEAN  Restricted 
)

Checks if a SID is present in a token.

Parameters
[in]_TokenA valid token object.
[in]PrincipalSelfSidA principal self SID.
[in]_SidA regular SID.
[in]DenyIf set to TRUE, the caller expected that a SID in a token must be a deny-only SID, that is, access checks are performed only for deny-only ACEs of the said SID.
[in]RestrictedIf set to TRUE, the caller expects that a SID in a token is restricted.
Returns
Returns TRUE if the specified SID in the call is present in the token, FALSE otherwise.

Definition at line 48 of file access.c.

54 {
55  ULONG i;
56  PTOKEN Token = (PTOKEN)_Token;
57  PISID TokenSid, Sid = (PISID)_Sid;
58  PSID_AND_ATTRIBUTES SidAndAttributes;
59  ULONG SidCount, SidLength;
60  USHORT SidMetadata;
61  PAGED_CODE();
62 
63  /* Not yet supported */
64  ASSERT(PrincipalSelfSid == NULL);
66 
67  /* Check if a principal SID was given, and this is our current SID already */
68  if ((PrincipalSelfSid) && (RtlEqualSid(SePrincipalSelfSid, Sid)))
69  {
70  /* Just use the principal SID in this case */
71  Sid = PrincipalSelfSid;
72  }
73 
74  /* Check if this is a restricted token or not */
75  if (Restricted)
76  {
77  /* Use the restricted SIDs and count */
78  SidAndAttributes = Token->RestrictedSids;
79  SidCount = Token->RestrictedSidCount;
80  }
81  else
82  {
83  /* Use the normal SIDs and count */
84  SidAndAttributes = Token->UserAndGroups;
85  SidCount = Token->UserAndGroupCount;
86  }
87 
88  /* Do checks here by hand instead of the usual 4 function calls */
89  SidLength = FIELD_OFFSET(SID,
90  SubAuthority[Sid->SubAuthorityCount]);
91  SidMetadata = *(PUSHORT)&Sid->Revision;
92 
93  /* Loop every SID */
94  for (i = 0; i < SidCount; i++)
95  {
96  TokenSid = (PISID)SidAndAttributes->Sid;
97 #if SE_SID_DEBUG
98  UNICODE_STRING sidString;
99  RtlConvertSidToUnicodeString(&sidString, TokenSid, TRUE);
100  DPRINT1("SID in Token: %wZ\n", &sidString);
101  RtlFreeUnicodeString(&sidString);
102 #endif
103  /* Check if the SID metadata matches */
104  if (*(PUSHORT)&TokenSid->Revision == SidMetadata)
105  {
106  /* Check if the SID data matches */
107  if (RtlEqualMemory(Sid, TokenSid, SidLength))
108  {
109  /* Check if the group is enabled, or used for deny only */
110  if ((!(i) && !(SidAndAttributes->Attributes & SE_GROUP_USE_FOR_DENY_ONLY)) ||
111  (SidAndAttributes->Attributes & SE_GROUP_ENABLED) ||
112  ((Deny) && (SidAndAttributes->Attributes & SE_GROUP_USE_FOR_DENY_ONLY)))
113  {
114  /* SID is present */
115  return TRUE;
116  }
117  else
118  {
119  /* SID is not present */
120  return FALSE;
121  }
122  }
123  }
124 
125  /* Move to the next SID */
126  SidAndAttributes++;
127  }
128 
129  /* SID is not present */
130  return FALSE;
131 }
#define TRUE
Definition: types.h:120
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define FALSE
Definition: types.h:117
PSID SePrincipalSelfSid
Definition: sid.c:35
struct _SID * PISID
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
UNICODE_STRING Restricted
Definition: utils.c:24
#define ASSERT(a)
Definition: mode.c:44
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)
#define SE_GROUP_ENABLED
Definition: setypes.h:92
#define for
Definition: utility.h:88
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
#define SE_GROUP_USE_FOR_DENY_ONLY
Definition: setypes.h:94
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
unsigned short USHORT
Definition: pedump.c:61
struct _TOKEN * PTOKEN
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
unsigned int ULONG
Definition: retypes.h:1
BYTE Revision
Definition: ms-dtyp.idl:199
unsigned short * PUSHORT
Definition: retypes.h:2
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
#define PAGED_CODE()

Referenced by SepSidInToken(), and SepTokenIsOwner().

◆ SepTokenIsOwner()

BOOLEAN NTAPI SepTokenIsOwner ( _In_ PACCESS_TOKEN  _Token,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ BOOLEAN  TokenLocked 
)

Checks if a token belongs to the main user, being the owner.

Parameters
[in]_TokenA valid token object.
[in]SecurityDescriptorA security descriptor where the owner is to be found.
[in]TokenLockedIf set to TRUE, the token has been already locked and there's no need to lock it again. Otherwise the function will acquire the lock.
Returns
Returns TRUE if the token belongs to a owner, FALSE otherwise.

Definition at line 177 of file access.c.

181 {
182  PSID Sid;
183  BOOLEAN Result;
184  PTOKEN Token = _Token;
185 
186  /* Get the owner SID */
188  ASSERT(Sid != NULL);
189 
190  /* Lock the token if needed */
191  if (!TokenLocked) SepAcquireTokenLockShared(Token);
192 
193  /* Check if the owner SID is found, handling restricted case as well */
195  if ((Result) && (Token->TokenFlags & TOKEN_IS_RESTRICTED))
196  {
198  }
199 
200  /* Release the lock if we had acquired it */
201  if (!TokenLocked) SepReleaseTokenLock(Token);
202 
203  /* Return the result */
204  return Result;
205 }
BOOLEAN NTAPI SepSidInTokenEx(_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
Checks if a SID is present in a token.
Definition: access.c:48
BOOLEAN NTAPI SepSidInToken(_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
Checks if a SID is present in a token.
Definition: access.c:149
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
FORCEINLINE PSID SepGetOwnerFromDescriptor(_Inout_ PVOID _Descriptor)
Definition: se.h:59
#define FALSE
Definition: types.h:117
unsigned char BOOLEAN
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define ASSERT(a)
Definition: mode.c:44
#define SepReleaseTokenLock(Token)
Definition: se.h:231
#define NULL
Definition: types.h:112
#define SepAcquireTokenLockShared(Token)
Definition: se.h:225
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1148

Referenced by NtAccessCheck(), and SeAccessCheck().

◆ SeReleaseSubjectContext()

VOID NTAPI SeReleaseSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

Releases both the primary and client tokens of a security subject context.

Parameters
[in]SubjectContextThe captured security context.
Returns
Nothing.

Definition at line 520 of file access.c.

522 {
523  PAGED_CODE();
524 
525  /* Drop reference on the primary */
527  SubjectContext->PrimaryToken = NULL;
528 
529  /* Drop reference on the impersonation, if there was one */
531  SubjectContext->ClientToken = NULL;
532 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define PsGetCurrentProcess
Definition: psfuncs.h:17
#define NULL
Definition: types.h:112
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
#define PAGED_CODE()
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:888

Referenced by FatExplicitDeviceAccessGranted(), FsRtlCancelNotify(), FsRtlNotifyCleanup(), FsRtlNotifyFilterChangeDirectory(), HasPrivilege(), KsCreateDefaultSecurity(), nfs41_get_sec_ctx(), nfs41_GetLUID(), nfs41_UpcallCreate(), NtAccessCheck(), NtCloseObjectAuditAlarm(), NtOpenObjectAuditAlarm(), NtPrivilegedServiceAuditAlarm(), NtSetUuidSeed(), RxStartMinirdr(), SeCheckPrivilegedObject(), SeDeleteAccessState(), SepAccessCheckAndAuditAlarm(), SeReportSecurityEvent(), SeSinglePrivilegeCheck(), set_link_information(), set_rename_information(), SystemThread(), UDFCheckAccessRights(), and UDFSetAccessRights().

◆ SeSetAccessStateGenericMapping()

VOID NTAPI SeSetAccessStateGenericMapping ( _In_ PACCESS_STATE  AccessState,
_In_ PGENERIC_MAPPING  GenericMapping 
)

Sets a new generic mapping for an allocated access state.

Parameters
[in]AccessStateA valid access state.
[in]GenericMappingNew generic mapping to assign.
Returns
Nothing.

Definition at line 711 of file access.c.

714 {
715  PAGED_CODE();
716 
717  /* Set the Generic Mapping */
718  ((PAUX_ACCESS_DATA)AccessState->AuxData)->GenericMapping = *GenericMapping;
719 }
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
struct _AUX_ACCESS_DATA * PAUX_ACCESS_DATA
#define PAGED_CODE()

Referenced by IopParseDevice().

◆ SeUnlockSubjectContext()

VOID NTAPI SeUnlockSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

Unlocks both the referenced primary and client access tokens of a security subject context.

Parameters
[in]SubjectContextA valid security context with both referenced tokens.
Returns
Nothing.

Definition at line 487 of file access.c.

489 {
490  PTOKEN PrimaryToken, ClientToken;
491  PAGED_CODE();
492 
493  /* Read both tokens */
494  PrimaryToken = SubjectContext->PrimaryToken;
495  ClientToken = SubjectContext->ClientToken;
496 
497  /* Unlock the impersonation one if it's there */
498  if (ClientToken)
499  {
500  SepReleaseTokenLock(ClientToken);
501  }
502 
503  /* Always unlock the primary one */
504  SepReleaseTokenLock(PrimaryToken);
505 }
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
#define SepReleaseTokenLock(Token)
Definition: se.h:231
#define PAGED_CODE()

Referenced by create_stream(), FatExplicitDeviceAccessGranted(), file_create(), HasPrivilege(), IopParseDevice(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NpCreateNewNamedPipe(), ObCheckCreateObjectAccess(), ObCheckObjectAccess(), ObpCheckObjectReference(), ObpCheckTraverseAccess(), open_file2(), SeAccessCheck(), START_TEST(), and TestSeAssignSecurity().

Variable Documentation

◆ SepSubjectContextLock

ERESOURCE SepSubjectContextLock

Definition at line 16 of file access.c.

Referenced by SepInitializationPhase0().