de/dc4/ntoskrnl_2se_2access_8c_source.html

 /*
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
  * FILE:            ntoskrnl/se/access.c
  * PURPOSE:         Access state functions
  *
  * PROGRAMMERS:     Alex Ionescu (alex@relsoft.net) -
  *                               Based on patch by Javier M. Mellid
  */

 /* INCLUDES *******************************************************************/

 #include <ntoskrnl.h>
 #define NDEBUG
 #include <debug.h>

 /* GLOBALS ********************************************************************/

 ERESOURCE SepSubjectContextLock;

 /* PRIVATE FUNCTIONS **********************************************************/

 BOOLEAN
 NTAPI
 SepSidInTokenEx(IN PACCESS_TOKEN _Token,
                 IN PSID PrincipalSelfSid,
                 IN PSID _Sid,
                 IN BOOLEAN Deny,
                 IN BOOLEAN Restricted)
 {
     ULONG i;
     PTOKEN Token = (PTOKEN)_Token;
     PISID TokenSid, Sid = (PISID)_Sid;
     PSID_AND_ATTRIBUTES SidAndAttributes;
     ULONG SidCount, SidLength;
     USHORT SidMetadata;
     PAGED_CODE();

     /* Not yet supported */
     ASSERT(PrincipalSelfSid == NULL);
     ASSERT(Restricted == FALSE);

     /* Check if a principal SID was given, and this is our current SID already */
     if ((PrincipalSelfSid) && (RtlEqualSid(SePrincipalSelfSid, Sid)))
     {
         /* Just use the principal SID in this case */
         Sid = PrincipalSelfSid;
     }

     /* Check if this is a restricted token or not */
     if (Restricted)
     {
         /* Use the restricted SIDs and count */
         SidAndAttributes = Token->RestrictedSids;
         SidCount = Token->RestrictedSidCount;
     }
     else
     {
         /* Use the normal SIDs and count */
         SidAndAttributes = Token->UserAndGroups;
         SidCount = Token->UserAndGroupCount;
     }

     /* Do checks here by hand instead of the usual 4 function calls */
     SidLength = FIELD_OFFSET(SID,
                              SubAuthority[Sid->SubAuthorityCount]);
     SidMetadata = *(PUSHORT)&Sid->Revision;

     /* Loop every SID */
     for (i = 0; i < SidCount; i++)
     {
         TokenSid = (PISID)SidAndAttributes->Sid;
 #if SE_SID_DEBUG
         UNICODE_STRING sidString;
         RtlConvertSidToUnicodeString(&sidString, TokenSid, TRUE);
         DPRINT1("SID in Token: %wZ\n", &sidString);
         RtlFreeUnicodeString(&sidString);
 #endif
         /* Check if the SID metadata matches */
         if (*(PUSHORT)&TokenSid->Revision == SidMetadata)
         {
             /* Check if the SID data matches */
             if (RtlEqualMemory(Sid, TokenSid, SidLength))
             {
                 /* Check if the group is enabled, or used for deny only */
                 if ((!(i) && !(SidAndAttributes->Attributes & SE_GROUP_USE_FOR_DENY_ONLY)) ||
                     (SidAndAttributes->Attributes & SE_GROUP_ENABLED) ||
                     ((Deny) && (SidAndAttributes->Attributes & SE_GROUP_USE_FOR_DENY_ONLY)))
                 {
                     /* SID is present */
                     return TRUE;
                 }
                 else
                 {
                     /* SID is not present */
                     return FALSE;
                 }
             }
         }

         /* Move to the next SID */
         SidAndAttributes++;
     }

     /* SID is not present */
     return FALSE;
 }

 BOOLEAN
 NTAPI
 SepSidInToken(IN PACCESS_TOKEN _Token,
               IN PSID Sid)
 {
     /* Call extended API */
     return SepSidInTokenEx(_Token, NULL, Sid, FALSE, FALSE);
 }

 BOOLEAN
 NTAPI
 SepTokenIsOwner(IN PACCESS_TOKEN _Token,
                 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
                 IN BOOLEAN TokenLocked)
 {
     PSID Sid;
     BOOLEAN Result;
     PTOKEN Token = _Token;

     /* Get the owner SID */
     Sid = SepGetOwnerFromDescriptor(SecurityDescriptor);
     ASSERT(Sid != NULL);

     /* Lock the token if needed */
     if (!TokenLocked) SepAcquireTokenLockShared(Token);

     /* Check if the owner SID is found, handling restricted case as well */
     Result = SepSidInToken(Token, Sid);
     if ((Result) && (Token->TokenFlags & TOKEN_IS_RESTRICTED))
     {
         Result = SepSidInTokenEx(Token, NULL, Sid, FALSE, TRUE);
     }

     /* Release the lock if we had acquired it */
     if (!TokenLocked) SepReleaseTokenLock(Token);

     /* Return the result */
     return Result;
 }

 VOID
 NTAPI
 SeGetTokenControlInformation(IN PACCESS_TOKEN _Token,
                              OUT PTOKEN_CONTROL TokenControl)
 {
     PTOKEN Token = _Token;
     PAGED_CODE();

     /* Capture the main fields */
     TokenControl->AuthenticationId = Token->AuthenticationId;
     TokenControl->TokenId = Token->TokenId;
     TokenControl->TokenSource = Token->TokenSource;

     /* Lock the token */
     SepAcquireTokenLockShared(Token);

     /* Capture the modified ID */
     TokenControl->ModifiedId = Token->ModifiedId;

     /* Unlock it */
     SepReleaseTokenLock(Token);
 }

 NTSTATUS
 NTAPI
 SepCreateClientSecurity(IN PACCESS_TOKEN Token,
                         IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
                         IN BOOLEAN ServerIsRemote,
                         IN TOKEN_TYPE TokenType,
                         IN BOOLEAN ThreadEffectiveOnly,
                         IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
                         OUT PSECURITY_CLIENT_CONTEXT ClientContext)
 {
     NTSTATUS Status;
     PACCESS_TOKEN NewToken;
     PAGED_CODE();

     /* Check for bogus impersonation level */
     if (!VALID_IMPERSONATION_LEVEL(ClientSecurityQos->ImpersonationLevel))
     {
         /* Fail the call */
         return STATUS_INVALID_PARAMETER;
     }

     /* Check what kind of token this is */
     if (TokenType != TokenImpersonation)
     {
         /* On a primary token, if we do direct access, copy the flag from the QOS */
         ClientContext->DirectAccessEffectiveOnly = ClientSecurityQos->EffectiveOnly;
     }
     else
     {
         /* This is an impersonation token, is the level ok? */
         if (ClientSecurityQos->ImpersonationLevel > ImpersonationLevel)
         {
             /* Nope, fail */
             return STATUS_BAD_IMPERSONATION_LEVEL;
         }

         /* Is the level too low, or are we doing something other than delegation remotely */
         if ((ImpersonationLevel == SecurityAnonymous) ||
             (ImpersonationLevel == SecurityIdentification) ||
             ((ServerIsRemote) && (ImpersonationLevel != SecurityDelegation)))
         {
             /* Fail the call */
             return STATUS_BAD_IMPERSONATION_LEVEL;
         }

         /* Pick either the thread setting or the QOS setting */
         ClientContext->DirectAccessEffectiveOnly =
             ((ThreadEffectiveOnly) || (ClientSecurityQos->EffectiveOnly)) ? TRUE : FALSE;
     }

     /* Is this static tracking */
     if (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING)
     {
         /* Do not use direct access and make a copy */
         ClientContext->DirectlyAccessClientToken = FALSE;
         Status = SeCopyClientToken(Token,
                                    ClientSecurityQos->ImpersonationLevel,
                                    KernelMode,
                                    &NewToken);
         if (!NT_SUCCESS(Status))
             return Status;
     }
     else
     {
         /* Use direct access and check if this is local */
         ClientContext->DirectlyAccessClientToken = TRUE;
         if (ServerIsRemote)
         {
             /* We are doing delegation, so make a copy of the control data */
             SeGetTokenControlInformation(Token,
                                          &ClientContext->ClientTokenControl);
         }

         /* Keep the same token */
         NewToken = Token;
     }

     /* Fill out the context and return success */
     ClientContext->SecurityQos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
     ClientContext->SecurityQos.ImpersonationLevel = ClientSecurityQos->ImpersonationLevel;
     ClientContext->SecurityQos.ContextTrackingMode = ClientSecurityQos->ContextTrackingMode;
     ClientContext->SecurityQos.EffectiveOnly = ClientSecurityQos->EffectiveOnly;
     ClientContext->ServerIsRemote = ServerIsRemote;
     ClientContext->ClientToken = NewToken;
     return STATUS_SUCCESS;
 }

 /* PUBLIC FUNCTIONS ***********************************************************/

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeCaptureSubjectContextEx(IN PETHREAD Thread,
                           IN PEPROCESS Process,
                           OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
     BOOLEAN CopyOnOpen, EffectiveOnly;

     PAGED_CODE();

     /* Save the unique ID */
     SubjectContext->ProcessAuditId = Process->UniqueProcessId;

     /* Check if we have a thread */
     if (!Thread)
     {
         /* We don't, so no token */
         SubjectContext->ClientToken = NULL;
     }
     else
     {
         /* Get the impersonation token */
         SubjectContext->ClientToken = PsReferenceImpersonationToken(Thread,
                                                                     &CopyOnOpen,
                                                                     &EffectiveOnly,
                                                                     &SubjectContext->ImpersonationLevel);
     }

     /* Get the primary token */
     SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
     /* Call the extended API */
     SeCaptureSubjectContextEx(PsGetCurrentThread(),
                               PsGetCurrentProcess(),
                               SubjectContext);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
     PTOKEN PrimaryToken, ClientToken;
     PAGED_CODE();

     /* Read both tokens */
     PrimaryToken = SubjectContext->PrimaryToken;
     ClientToken = SubjectContext->ClientToken;

     /* Always lock the primary */
     SepAcquireTokenLockShared(PrimaryToken);

     /* Lock the impersonation one if it's there */
     if (!ClientToken) return;
     SepAcquireTokenLockShared(ClientToken);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
     PTOKEN PrimaryToken, ClientToken;
     PAGED_CODE();

     /* Read both tokens */
     PrimaryToken = SubjectContext->PrimaryToken;
     ClientToken = SubjectContext->ClientToken;

     /* Unlock the impersonation one if it's there */
     if (ClientToken)
     {
         SepReleaseTokenLock(ClientToken);
     }

     /* Always unlock the primary one */
     SepReleaseTokenLock(PrimaryToken);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
     PAGED_CODE();

     /* Drop reference on the primary */
     ObFastDereferenceObject(&PsGetCurrentProcess()->Token, SubjectContext->PrimaryToken);
     SubjectContext->PrimaryToken = NULL;

     /* Drop reference on the impersonation, if there was one */
     PsDereferenceImpersonationToken(SubjectContext->ClientToken);
     SubjectContext->ClientToken = NULL;
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 SeCreateAccessStateEx(IN PETHREAD Thread,
                       IN PEPROCESS Process,
                       IN OUT PACCESS_STATE AccessState,
                       IN PAUX_ACCESS_DATA AuxData,
                       IN ACCESS_MASK Access,
                       IN PGENERIC_MAPPING GenericMapping)
 {
     ACCESS_MASK AccessMask = Access;
     PTOKEN Token;
     PAGED_CODE();

     /* Map the Generic Acess to Specific Access if we have a Mapping */
     if ((Access & GENERIC_ACCESS) && (GenericMapping))
     {
         RtlMapGenericMask(&AccessMask, GenericMapping);
     }

     /* Initialize the Access State */
     RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
     ASSERT(AccessState->SecurityDescriptor == NULL);
     ASSERT(AccessState->PrivilegesAllocated == FALSE);

     /* Initialize and save aux data */
     RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
     AccessState->AuxData = AuxData;

     /* Capture the Subject Context */
     SeCaptureSubjectContextEx(Thread,
                               Process,
                               &AccessState->SubjectSecurityContext);

     /* Set Access State Data */
     AccessState->RemainingDesiredAccess = AccessMask;
     AccessState->OriginalDesiredAccess = AccessMask;
     ExAllocateLocallyUniqueId(&AccessState->OperationID);

     /* Get the Token to use */
     Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);

     /* Check for Travers Privilege */
     if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
     {
         /* Preserve the Traverse Privilege */
         AccessState->Flags = TOKEN_HAS_TRAVERSE_PRIVILEGE;
     }

     /* Set the Auxiliary Data */
     AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
                                              FIELD_OFFSET(ACCESS_STATE,
                                                           Privileges));
     if (GenericMapping) AuxData->GenericMapping = *GenericMapping;

     /* Return Sucess */
     return STATUS_SUCCESS;
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
                     IN PAUX_ACCESS_DATA AuxData,
                     IN ACCESS_MASK Access,
                     IN PGENERIC_MAPPING GenericMapping)
 {
     PAGED_CODE();

     /* Call the extended API */
     return SeCreateAccessStateEx(PsGetCurrentThread(),
                                  PsGetCurrentProcess(),
                                  AccessState,
                                  AuxData,
                                  Access,
                                  GenericMapping);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeDeleteAccessState(IN PACCESS_STATE AccessState)
 {
     PAUX_ACCESS_DATA AuxData;
     PAGED_CODE();

     /* Get the Auxiliary Data */
     AuxData = AccessState->AuxData;

     /* Deallocate Privileges */
     if (AccessState->PrivilegesAllocated)
         ExFreePoolWithTag(AuxData->PrivilegeSet, TAG_PRIVILEGE_SET);

     /* Deallocate Name and Type Name */
     if (AccessState->ObjectName.Buffer)
     {
         ExFreePool(AccessState->ObjectName.Buffer);
     }

     if (AccessState->ObjectTypeName.Buffer)
     {
         ExFreePool(AccessState->ObjectTypeName.Buffer);
     }

     /* Release the Subject Context */
     SeReleaseSubjectContext(&AccessState->SubjectSecurityContext);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState,
                                IN PGENERIC_MAPPING GenericMapping)
 {
     PAGED_CODE();

     /* Set the Generic Mapping */
     ((PAUX_ACCESS_DATA)AccessState->AuxData)->GenericMapping = *GenericMapping;
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 SeCreateClientSecurity(IN PETHREAD Thread,
                        IN PSECURITY_QUALITY_OF_SERVICE Qos,
                        IN BOOLEAN RemoteClient,
                        OUT PSECURITY_CLIENT_CONTEXT ClientContext)
 {
     TOKEN_TYPE TokenType;
     BOOLEAN ThreadEffectiveOnly;
     SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
     PACCESS_TOKEN Token;
     NTSTATUS Status;
     PAGED_CODE();

     /* Reference the correct token */
     Token = PsReferenceEffectiveToken(Thread,
                                       &TokenType,
                                       &ThreadEffectiveOnly,
                                       &ImpersonationLevel);

     /* Create client security from it */
     Status = SepCreateClientSecurity(Token,
                                      Qos,
                                      RemoteClient,
                                      TokenType,
                                      ThreadEffectiveOnly,
                                      ImpersonationLevel,
                                      ClientContext);

     /* Check if we failed or static tracking was used */
     if (!(NT_SUCCESS(Status)) || (Qos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
     {
         /* Dereference our copy since it's not being used */
         ObDereferenceObject(Token);
     }

     /* Return status */
     return Status;
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 SeCreateClientSecurityFromSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
                                          IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
                                          IN BOOLEAN ServerIsRemote,
                                          OUT PSECURITY_CLIENT_CONTEXT ClientContext)
 {
     PACCESS_TOKEN Token;
     NTSTATUS Status;
     PAGED_CODE();

     /* Get the right token and reference it */
     Token = SeQuerySubjectContextToken(SubjectContext);
     ObReferenceObject(Token);

     /* Create the context */
     Status = SepCreateClientSecurity(Token,
                                      ClientSecurityQos,
                                      ServerIsRemote,
                                      SubjectContext->ClientToken ?
                                      TokenImpersonation : TokenPrimary,
                                      FALSE,
                                      SubjectContext->ImpersonationLevel,
                                      ClientContext);

     /* Check if we failed or static tracking was used */
     if (!(NT_SUCCESS(Status)) ||
         (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
     {
         /* Dereference our copy since it's not being used */
         ObDereferenceObject(Token);
     }

     /* Return status */
     return Status;
 }

 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 SeImpersonateClientEx(IN PSECURITY_CLIENT_CONTEXT ClientContext,
                       IN PETHREAD ServerThread OPTIONAL)
 {
     BOOLEAN EffectiveOnly;
     PAGED_CODE();

     /* Check if direct access is requested */
     if (!ClientContext->DirectlyAccessClientToken)
     {
         /* No, so get the flag from QOS */
         EffectiveOnly = ClientContext->SecurityQos.EffectiveOnly;
     }
     else
     {
         /* Yes, so see if direct access should be effective only */
         EffectiveOnly = ClientContext->DirectAccessEffectiveOnly;
     }

     /* Use the current thread if one was not passed */
     if (!ServerThread) ServerThread = PsGetCurrentThread();

     /* Call the lower layer routine */
     return PsImpersonateClient(ServerThread,
                                ClientContext->ClientToken,
                                TRUE,
                                EffectiveOnly,
                                ClientContext->SecurityQos.ImpersonationLevel);
 }

 /*
  * @implemented
  */
 VOID
 NTAPI
 SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext,
                     IN PETHREAD ServerThread OPTIONAL)
 {
     PAGED_CODE();

     /* Call the new API */
     SeImpersonateClientEx(ClientContext, ServerThread);
 }

 /* EOF */
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301

_AUX_ACCESS_DATA::PrivilegeSet
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:187

SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301

PsImpersonateClient
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610

SeCopyClientToken
NTSTATUS NTAPI SeCopyClientToken(IN PACCESS_TOKEN Token, IN SECURITY_IMPERSONATION_LEVEL Level, IN KPROCESSOR_MODE PreviousMode, OUT PACCESS_TOKEN *NewToken)
Definition: token.c:788

IN
#define IN
Definition: typedefs.h:39

SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239

SeReleaseSubjectContext
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360

SepTokenIsOwner
BOOLEAN NTAPI SepTokenIsOwner(IN PACCESS_TOKEN _Token, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN TokenLocked)
Definition: access.c:120

SeCreateAccessState
NTSTATUS NTAPI SeCreateAccessState(IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:439

STATUS_BAD_IMPERSONATION_LEVEL
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401

_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478

VALID_IMPERSONATION_LEVEL
#define VALID_IMPERSONATION_LEVEL(Level)
Definition: setypes.h:101

SeCreateClientSecurity
NTSTATUS NTAPI SeCreateClientSecurity(IN PETHREAD Thread, IN PSECURITY_QUALITY_OF_SERVICE Qos, IN BOOLEAN RemoteClient, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
Definition: access.c:506

SeUnlockSubjectContext
VOID NTAPI SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:336

_SID
Definition: ms-dtyp.idl:198

PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81

TRUE
#define TRUE
Definition: types.h:120

SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182

STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

Token
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711

SeLockSubjectContext
VOID NTAPI SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:314

GENERIC_ACCESS
#define GENERIC_ACCESS
Definition: wlx.c:26

CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154

TOKEN_HAS_TRAVERSE_PRIVILEGE
#define TOKEN_HAS_TRAVERSE_PRIVILEGE
Definition: setypes.h:1124

_EPROCESS
Definition: pstypes.h:1202

ObDereferenceObject
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375

KernelMode
Definition: ketypes.h:11

SepCreateClientSecurity
NTSTATUS NTAPI SepCreateClientSecurity(IN PACCESS_TOKEN Token, IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, IN BOOLEAN ServerIsRemote, IN TOKEN_TYPE TokenType, IN BOOLEAN ThreadEffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
Definition: access.c:174

SecurityAnonymous
Definition: lsa.idl:55

SeCaptureSubjectContextEx
VOID NTAPI SeCaptureSubjectContextEx(IN PETHREAD Thread, IN PEPROCESS Process, OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:266

SepSubjectContextLock
ERESOURCE SepSubjectContextLock
Definition: access.c:19

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

TokenPrimary
Definition: imports.h:273

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

SecurityIdentification
Definition: lsa.idl:56

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

FALSE
#define FALSE
Definition: types.h:117

_SECURITY_CLIENT_CONTEXT
Definition: imports.h:289

SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL

SePrincipalSelfSid
PSID SePrincipalSelfSid
Definition: sid.c:43

PISID
struct _SID * PISID

PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

ServerThread
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
Definition: NtAcceptConnectPort.c:33

NULL
smooth NULL
Definition: ftsmooth.c:416

Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426

Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103

SeImpersonateClient
VOID NTAPI SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
Definition: access.c:623

_ETHREAD
Definition: pstypes.h:1043

SeCreateClientSecurityFromSubjectContext
NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, IN BOOLEAN ServerIsRemote, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
Definition: access.c:549

Restricted
UNICODE_STRING Restricted
Definition: utils.c:24

SepGetOwnerFromDescriptor
FORCEINLINE PSID SepGetOwnerFromDescriptor(PVOID _Descriptor)
Definition: se.h:48

_ACCESS_STATE
Definition: setypes.h:196

RtlEqualMemory
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)

_GENERIC_MAPPING
Definition: nt_native.h:564

RtlMapGenericMask
VOID NTAPI RtlMapGenericMask(IN OUT PACCESS_MASK AccessMask, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:50

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92

ClientContext
_In_ PVOID ClientContext
Definition: netioddk.h:55

_SID_AND_ATTRIBUTES
Definition: setypes.h:474

_LSA_STRING::Length
USHORT Length
Definition: ntsecapi.h:172

ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154

AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186

for
#define for
Definition: utility.h:88

Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653

RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)

_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63

Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13

RtlConvertSidToUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)

ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)

AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414

Status
Status
Definition: gdiplustypes.h:24

SepReleaseTokenLock
#define SepReleaseTokenLock(Token)
Definition: se.h:211

SE_GROUP_USE_FOR_DENY_ONLY
#define SE_GROUP_USE_FOR_DENY_ONLY
Definition: setypes.h:94

_TOKEN_CONTROL
Definition: imports.h:282

PsReferenceEffectiveToken
PACCESS_TOKEN NTAPI PsReferenceEffectiveToken(IN PETHREAD Thread, OUT IN PTOKEN_TYPE TokenType, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:739

PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440

SeQuerySubjectContextToken
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583

TOKEN_TYPE
enum _TOKEN_TYPE TOKEN_TYPE

SeImpersonateClientEx
NTSTATUS NTAPI SeImpersonateClientEx(IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
Definition: access.c:589

PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:808

GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11

_UNICODE_STRING
Definition: env_spec_w32.h:368

_AUX_ACCESS_DATA
Definition: setypes.h:185

SeCreateAccessStateEx
NTSTATUS NTAPI SeCreateAccessStateEx(IN PETHREAD Thread, IN PEPROCESS Process, IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:378

USHORT
unsigned short USHORT
Definition: pedump.c:61

PTOKEN
struct _TOKEN * PTOKEN

_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:480

PPRIVILEGE_SET
struct _PRIVILEGE_SET * PPRIVILEGE_SET

ExAllocateLocallyUniqueId
VOID NTAPI ExAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:340

SECURITY_STATIC_TRACKING
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104

FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255

SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE

SeDeleteAccessState
VOID NTAPI SeDeleteAccessState(IN PACCESS_STATE AccessState)
Definition: access.c:460

_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200

_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189

PAUX_ACCESS_DATA
struct _AUX_ACCESS_DATA * PAUX_ACCESS_DATA

DPRINT1
#define DPRINT1
Definition: precomp.h:8

SecurityDelegation
Definition: lsa.idl:58

ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:169

Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219

SepAcquireTokenLockShared
#define SepAcquireTokenLockShared(Token)
Definition: se.h:205

OUT
#define OUT
Definition: typedefs.h:40

ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204

TokenImpersonation
Definition: imports.h:274

ERESOURCE
ULONG ERESOURCE
Definition: env_spec_w32.h:594

ULONG
unsigned int ULONG
Definition: retypes.h:1

SeSetAccessStateGenericMapping
VOID NTAPI SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:492

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262

SepSidInToken
BOOLEAN NTAPI SepSidInToken(IN PACCESS_TOKEN _Token, IN PSID Sid)
Definition: access.c:111

_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199

TAG_PRIVILEGE_SET
#define TAG_PRIVILEGE_SET
Definition: tag.h:179

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

void
Definition: nsiface.idl:2306

EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:417

STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014

_TOKEN
Definition: setypes.h:151

PUSHORT
unsigned short * PUSHORT
Definition: retypes.h:2

ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40

ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

SeGetTokenControlInformation
VOID NTAPI SeGetTokenControlInformation(IN PACCESS_TOKEN _Token, OUT PTOKEN_CONTROL TokenControl)
Definition: access.c:151

RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417

TOKEN_IS_RESTRICTED
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1129

PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

SepSidInTokenEx
BOOLEAN NTAPI SepSidInTokenEx(IN PACCESS_TOKEN _Token, IN PSID PrincipalSelfSid, IN PSID _Sid, IN BOOLEAN Deny, IN BOOLEAN Restricted)
Definition: access.c:25

OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68

PsDereferenceImpersonationToken
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:847