df/d26/SeQueryInfoToken_8c_source.html

/*

* PROJECT:         ReactOS kernel-mode tests

* LICENSE:         GPLv2+ - See COPYING in the top level directory

* PURPOSE:         Kernel-Mode Test Suite Process Notification Routines test

* PROGRAMMER:      Constantine Belev (Moscow State Technical University)

*                  Denis Grishin (Moscow State Technical University)

*                  Egor Sinitsyn (Moscow State Technical University)

*/


#include <kmt_test.h>

#include <ntifs.h>


#define NDEBUG

#include <debug.h>


// Copied from PspProcessMapping -- although the values don't matter much for

// the most part.

static GENERIC_MAPPING ProcessGenericMapping =

{

    STANDARD_RIGHTS_READ    | PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,

    STANDARD_RIGHTS_WRITE   | PROCESS_CREATE_PROCESS    | PROCESS_CREATE_THREAD   |

    PROCESS_VM_OPERATION    | PROCESS_VM_WRITE          | PROCESS_DUP_HANDLE      |

    PROCESS_TERMINATE       | PROCESS_SET_QUOTA         | PROCESS_SET_INFORMATION |

    PROCESS_SUSPEND_RESUME,

    STANDARD_RIGHTS_EXECUTE | SYNCHRONIZE,

    PROCESS_ALL_ACCESS

};


//------------------------------------------------------------------------------//

//      Testing Functions                                                       //

//------------------------------------------------------------------------------//


// Testing function for SQIT


void TestsSeQueryInformationToken(PACCESS_TOKEN Token)

{

    NTSTATUS Status;

    PVOID Buffer = NULL;

    PSID sid;

    PTOKEN_OWNER Towner;

    PTOKEN_DEFAULT_DACL TDefDacl;

    PTOKEN_GROUPS TGroups;

    ULONG GroupCount;

    PACL acl;

    PTOKEN_STATISTICS TStats;

    PTOKEN_TYPE TType;

    PTOKEN_USER TUser;

    BOOLEAN Flag;

    ULONG i;


    //----------------------------------------------------------------//

    // Testing SeQueryInformationToken with various args              //

    //----------------------------------------------------------------//


    ok(Token != NULL, "Token is not captured. Testing SQIT interrupted\n\n");


    if (Token == NULL) return;


    Status = SeQueryInformationToken(Token, TokenOwner, &Buffer);

    ok((Status == STATUS_SUCCESS), "SQIT with TokenOwner arg fails with status 0x%08X\n", Status);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenOwner arg. But Buffer == NULL\n");


        if (Buffer)

        {

            Towner = (TOKEN_OWNER *)Buffer;

            sid = Towner->Owner;

            ok((RtlValidSid(sid) == TRUE), "TokenOwner's SID is not a valid SID\n");

            ExFreePool(Buffer);

        }

    }


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenDefaultDacl, &Buffer);

    ok(Status == STATUS_SUCCESS, "SQIT with TokenDefaultDacl fails with status 0x%08X\n", Status);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenDefaultDacl arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TDefDacl = (PTOKEN_DEFAULT_DACL)Buffer;

            acl = TDefDacl->DefaultDacl;

            ok(((acl->AclRevision == ACL_REVISION || acl->AclRevision == ACL_REVISION_DS) == TRUE), "DACL is invalid\n");

            ExFreePool(Buffer);

        }

    }


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenGroups, &Buffer);

    ok(Status == STATUS_SUCCESS, "SQIT with TokenGroups fails with status 0x%08X\n", Status);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenGroups arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TGroups = (PTOKEN_GROUPS)Buffer;

            GroupCount = TGroups->GroupCount;

            Flag = TRUE;

            for (i = 0; i < GroupCount; i++)

            {

                sid = TGroups->Groups[i].Sid;

                if (!RtlValidSid(sid))

                {

                    Flag = FALSE;

                    break;

                }

            }

            ok((Flag == TRUE), "TokenGroup's SIDs are not valid\n");

            ExFreePool(Buffer);

        }

    }


    //----------------------------------------------------------------//


    // Call SQIT with TokenImpersonationLevel argument. Although our token

    // is not an impersonation token, the call will outright fail.


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenImpersonationLevel, &Buffer);

    ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenImpersonationLevel must return STATUS_INVALID_INFO_CLASS but got 0x%08X\n", Status);

    ok(Buffer == NULL, "SQIT has failed to query the impersonation level but buffer is not NULL!\n");


    //----------------------------------------------------------------//


    // Call SQIT with the 4 classes (TokenOrigin, TokenGroupsAndPrivileges,

    // TokenRestrictedSids and TokenSandBoxInert) are not supported by

    // SeQueryInformationToken (only NtQueryInformationToken supports them).

    //


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenOrigin, &Buffer);

    ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenOrigin failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);

    ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenGroupsAndPrivileges, &Buffer);

    ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenGroupsAndPrivileges failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);

    ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenRestrictedSids, &Buffer);

    ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenRestrictedSids failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);

    ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenSandBoxInert, &Buffer);

    ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenSandBoxInert failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);

    ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenStatistics, &Buffer);

    ok(Status == STATUS_SUCCESS, "SQIT with TokenStatistics fails with status 0x%08X\n", Status);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenStatistics arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TStats = (PTOKEN_STATISTICS)Buffer;

            // just put 0 into 1st arg or use trace to print TokenStatistics

            ok(1, "print statistics:\n\tTokenID = %u_%d\n\tSecurityImperLevel = %d\n\tPrivCount = %d\n\tGroupCount = %d\n\n", TStats->TokenId.LowPart,

                TStats->TokenId.HighPart,

                TStats->ImpersonationLevel,

                TStats->PrivilegeCount,

                TStats->GroupCount

                );

            ExFreePool(Buffer);

        }

    } else {

        ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");

    }


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenType, &Buffer);

    ok(Status == STATUS_SUCCESS, "SQIT with TokenType fails with status 0x%08X\n", Status);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenType arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TType = (PTOKEN_TYPE)Buffer;

            ok((*TType == TokenPrimary || *TType == TokenImpersonation), "TokenType in not a primary nor impersonation. FAILED\n");

            ExFreePool(Buffer);

        }

    }


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenUser, &Buffer);

    ok(Status == STATUS_SUCCESS, "SQIT with TokenUser fails\n");

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenUser arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TUser = (PTOKEN_USER)Buffer;

            ok(RtlValidSid(TUser->User.Sid), "TokenUser has an invalid Sid\n");

            ExFreePool(Buffer);

        }

    }


    //----------------------------------------------------------------//


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenSandBoxInert, &Buffer);

    ok(Status != STATUS_SUCCESS, "SQIT must fail with wrong TOKEN_INFORMATION_CLASS arg\n");

}


//------------------------------------------------------------------------------//


//------------------------------------------------------------------------------//

//      Body of the main test                                                   //

//------------------------------------------------------------------------------//


START_TEST(SeQueryInfoToken)

{

    PACCESS_STATE AccessState;

    ACCESS_MASK AccessMask = MAXIMUM_ALLOWED;

    ACCESS_MASK DesiredAccess = MAXIMUM_ALLOWED;

    NTSTATUS Status = STATUS_SUCCESS;

    PAUX_ACCESS_DATA AuxData = NULL;

    PPRIVILEGE_SET NewPrivilegeSet;

    ULONG InitialPrivilegeCount;

    BOOLEAN Checker;

    PPRIVILEGE_SET Privileges = NULL;

    PSECURITY_SUBJECT_CONTEXT SubjectContext = NULL;

    PACCESS_TOKEN Token = NULL;

    PTOKEN_PRIVILEGES TPrivileges;

    PVOID Buffer;

    ULONG i;


    SubjectContext = ExAllocatePool(PagedPool, sizeof(SECURITY_SUBJECT_CONTEXT));


    SeCaptureSubjectContext(SubjectContext);

    SeLockSubjectContext(SubjectContext);

    Token = SeQuerySubjectContextToken(SubjectContext);


    // Testing SQIT with current Token

    TestsSeQueryInformationToken(Token);


    //----------------------------------------------------------------//

    //      Creating an ACCESS_STATE structure                        //

    //----------------------------------------------------------------//


    AccessState = ExAllocatePool(PagedPool, sizeof(ACCESS_STATE));

    // AUX_ACCESS_DATA gets larger in newer Windows version.

    // This is the largest known size, found in Windows 10/11.

    AuxData = ExAllocatePoolZero(PagedPool, 0xE0, 'QSmK');


    Status = SeCreateAccessState(AccessState,

                                 AuxData,

                                 DesiredAccess,

                                 &ProcessGenericMapping

                                );


    ok((Status == STATUS_SUCCESS), "SeCreateAccessState failed with Status 0x%08X\n", Status);


    SeCaptureSubjectContext(&AccessState->SubjectSecurityContext);

    SeLockSubjectContext(&AccessState->SubjectSecurityContext);

    Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);


    // Testing SQIT with AccessState Token

    TestsSeQueryInformationToken(Token);


    //----------------------------------------------------------------//

    //      Testing other functions                                   //

    //----------------------------------------------------------------//


    //----------------------------------------------------------------//

    //      Testing SeAppendPrivileges                                //

    //----------------------------------------------------------------//


    InitialPrivilegeCount = AuxData->PrivilegesUsed->PrivilegeCount;

    trace("Initial privilege count = %lu\n", InitialPrivilegeCount);


    //  Testing SeAppendPrivileges. Must change PrivilegeCount to 2 (1 + 1)


    NewPrivilegeSet = ExAllocatePoolZero(PagedPool,

                                         FIELD_OFFSET(PRIVILEGE_SET, Privilege[1]),

                                         'QSmK');

    NewPrivilegeSet->PrivilegeCount = 1;


    Status = SeAppendPrivileges(AccessState, NewPrivilegeSet);

    ok(Status == STATUS_SUCCESS, "SeAppendPrivileges failed\n");

    ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 1);

    ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');


    //----------------------------------------------------------------//


    // Testing SeAppendPrivileges. Must change PrivilegeCount to 6 (2 + 4)


    NewPrivilegeSet = ExAllocatePoolZero(PagedPool,

                                         FIELD_OFFSET(PRIVILEGE_SET, Privilege[4]),

                                         'QSmK');

    NewPrivilegeSet->PrivilegeCount = 4;


    Status = SeAppendPrivileges(AccessState, NewPrivilegeSet);

    ok(Status == STATUS_SUCCESS, "SeAppendPrivileges failed\n");

    ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 5);

    ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');


    //----------------------------------------------------------------//

    //      Testing SePrivilegeCheck                                  //

    //----------------------------------------------------------------//


    // KPROCESSOR_MODE is set to KernelMode ===> Always return TRUE

    ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), KernelMode), "SePrivilegeCheck failed with KernelMode mode arg\n");

    // and call it again

    ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), KernelMode), "SePrivilegeCheck failed with KernelMode mode arg\n");


    //----------------------------------------------------------------//


    // KPROCESSOR_MODE is set to UserMode. Expect false

    ok(!SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), UserMode), "SePrivilegeCheck unexpected success with UserMode arg\n");


    //----------------------------------------------------------------//


    //----------------------------------------------------------------//

    //      Testing SeFreePrivileges                                  //

    //----------------------------------------------------------------//


    // FIXME: KernelMode will automatically get all access granted without

    // getting Privileges filled in. For UserMode, Privileges will only get

    // filled if either WRITE_OWNER or ACCESS_SYSTEM_SECURITY is requested

    // and granted. So this doesn't really test SeFreePrivileges.

    Privileges = NULL;

    Checker = SeAccessCheck(

        AccessState->SecurityDescriptor,

        &AccessState->SubjectSecurityContext,

        FALSE,

        AccessState->OriginalDesiredAccess,

        AccessState->PreviouslyGrantedAccess,

        &Privileges,

        &ProcessGenericMapping,

        KernelMode,

        &AccessMask,

        &Status

        );

    ok(Checker, "Checker is NULL\n");

    ok(Privileges == NULL, "Privileges is not NULL\n");

    if (Privileges)

    {

        trace("AuxData->PrivilegesUsed->PrivilegeCount = %d ; Privileges->PrivilegeCount = %d\n",

              AuxData->PrivilegesUsed->PrivilegeCount, Privileges->PrivilegeCount);

    }

    if (Privileges) SeFreePrivileges(Privileges);


    //----------------------------------------------------------------//

    //      Testing SePrivilegeCheck                                  //

    //----------------------------------------------------------------//

    // I'm trying to make success call of SePrivilegeCheck from UserMode

    // If we sets Privileges properly, can we expect true from SePrivilegeCheck?

    // answer: yes

    // This test demonstrates it


    Buffer = NULL;

    Status = SeQueryInformationToken(Token, TokenPrivileges, &Buffer);

    if (Status == STATUS_SUCCESS)

    {

        ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenPrivileges arg. But Buffer == NULL\n");

        if (Buffer)

        {

            TPrivileges = (PTOKEN_PRIVILEGES)(Buffer);

            //trace("TPCount = %u\n\n", TPrivileges->PrivilegeCount);


            NewPrivilegeSet = ExAllocatePoolZero(PagedPool,

                                                 FIELD_OFFSET(PRIVILEGE_SET, Privilege[14]),

                                                 'QSmK');

            NewPrivilegeSet->PrivilegeCount = 14;


            ok((SeAppendPrivileges(AccessState, NewPrivilegeSet)) == STATUS_SUCCESS, "SeAppendPrivileges failed\n");

            ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 19);

            ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');

            for (i = 0; i < AuxData->PrivilegesUsed->PrivilegeCount; i++)

            {

                AuxData->PrivilegesUsed->Privilege[i].Attributes = TPrivileges->Privileges[i].Attributes;

                AuxData->PrivilegesUsed->Privilege[i].Luid = TPrivileges->Privileges[i].Luid;

            }

            //trace("AccessState->privCount = %u\n\n", ((PAUX_ACCESS_DATA)(AccessState->AuxData))->PrivilegesUsed->PrivilegeCount);


            ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), UserMode), "SePrivilegeCheck fails in UserMode, but I wish it will success\n");

        }

    }


    // Call SeFreePrivileges again


    // FIXME: See other SeAccessCheck call above, we're not really testing

    // SeFreePrivileges here.

    Privileges = NULL;

    Checker = SeAccessCheck(

        AccessState->SecurityDescriptor,

        &AccessState->SubjectSecurityContext,

        TRUE,

        AccessState->OriginalDesiredAccess,

        AccessState->PreviouslyGrantedAccess,

        &Privileges,

        &ProcessGenericMapping,

        KernelMode,

        &AccessMask,

        &Status

        );

    ok(Checker, "Checker is NULL\n");

    ok(Privileges == NULL, "Privileges is not NULL\n");

    if (Privileges)

    {

        trace("AuxData->PrivilegesUsed->PrivilegeCount = %d ; Privileges->PrivilegeCount = %d\n",

              AuxData->PrivilegesUsed->PrivilegeCount, Privileges->PrivilegeCount);

    }

    if (Privileges) SeFreePrivileges(Privileges);


    //----------------------------------------------------------------//

    //      Missing for now                                           //

    //----------------------------------------------------------------//


    SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);

    SeUnlockSubjectContext(SubjectContext);


    SeDeleteAccessState(AccessState);


    if (SubjectContext) ExFreePool(SubjectContext);

    if (AuxData) ExFreePoolWithTag(AuxData, 'QSmK');

    if (AccessState) ExFreePool(AccessState);

}

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

TestsSeQueryInformationToken
void TestsSeQueryInformationToken(PACCESS_TOKEN Token)
Definition: SeQueryInfoToken.c:35

ProcessGenericMapping
static GENERIC_MAPPING ProcessGenericMapping
Definition: SeQueryInfoToken.c:18

SeAccessCheck
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994

ok_eq_ulong
#define ok_eq_ulong(value, expected)
Definition: apitest.h:44

trace
#define trace
Definition: atltest.h:70

ok
#define ok(value,...)
Definition: atltest.h:57

START_TEST
#define START_TEST(x)
Definition: atltest.h:75

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

sid
FT_UInt sid
Definition: cffcmap.c:139

Buffer
Definition: bufpool.h:45

Token
Definition: tokenizer.hpp:28

NULL
#define NULL
Definition: types.h:112

TRUE
#define TRUE
Definition: types.h:120

FALSE
#define FALSE
Definition: types.h:117

ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352

PagedPool
#define PagedPool
Definition: env_spec_w32.h:308

ExAllocatePool
#define ExAllocatePool(type, size)
Definition: fbtusb.h:44

SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246

Status
Status
Definition: gdiplustypes.h:25

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

PROCESS_SUSPEND_RESUME
#define PROCESS_SUSPEND_RESUME
Definition: pstypes.h:168

PROCESS_TERMINATE
#define PROCESS_TERMINATE
Definition: pstypes.h:158

PROCESS_VM_READ
#define PROCESS_VM_READ
Definition: pstypes.h:162

PROCESS_QUERY_INFORMATION
#define PROCESS_QUERY_INFORMATION
Definition: pstypes.h:167

PROCESS_VM_WRITE
#define PROCESS_VM_WRITE
Definition: pstypes.h:163

PROCESS_CREATE_THREAD
#define PROCESS_CREATE_THREAD
Definition: pstypes.h:159

PROCESS_VM_OPERATION
#define PROCESS_VM_OPERATION
Definition: pstypes.h:161

PROCESS_SET_INFORMATION
#define PROCESS_SET_INFORMATION
Definition: pstypes.h:166

PROCESS_CREATE_PROCESS
#define PROCESS_CREATE_PROCESS
Definition: pstypes.h:164

PROCESS_SET_QUOTA
#define PROCESS_SET_QUOTA
Definition: pstypes.h:165

PROCESS_DUP_HANDLE
#define PROCESS_DUP_HANDLE

void
Definition: nsiface.idl:2307

kmt_test.h

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109

TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274

TokenPrimary
@ TokenPrimary
Definition: imports.h:273

ExAllocatePoolZero
FORCEINLINE PVOID ExAllocatePoolZero(ULONG PoolType, SIZE_T NumberOfBytes, ULONG Tag)
Definition: precomp.h:45

AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186

KernelMode
#define KernelMode
Definition: asm.h:38

UserMode
#define UserMode
Definition: asm.h:39

RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21

TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411

SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61

ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40

PROCESS_ALL_ACCESS
#define PROCESS_ALL_ACCESS
Definition: nt_native.h:1324

STANDARD_RIGHTS_READ
#define STANDARD_RIGHTS_READ
Definition: nt_native.h:65

STANDARD_RIGHTS_WRITE
#define STANDARD_RIGHTS_WRITE
Definition: nt_native.h:66

STANDARD_RIGHTS_EXECUTE
#define STANDARD_RIGHTS_EXECUTE
Definition: nt_native.h:67

MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83

SeDeleteAccessState
VOID NTAPI SeDeleteAccessState(_In_ PACCESS_STATE AccessState)
Deletes an allocated access state from the memory.
Definition: access.c:150

SeCreateAccessState
NTSTATUS NTAPI SeCreateAccessState(_Out_ PACCESS_STATE AccessState, _Out_ __drv_aliasesMem PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
Creates an access state.
Definition: access.c:121

SePrivilegeCheck
BOOLEAN NTAPI SePrivilegeCheck(_In_ PPRIVILEGE_SET Privileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a set of privileges exist and match within a security subject context.
Definition: priv.c:698

SeFreePrivileges
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669

SeAppendPrivileges
NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588

STATUS_INVALID_INFO_CLASS
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Flag
Definition: xml2sdb.h:80

_ACCESS_STATE
Definition: setypes.h:224

_ACL
Definition: ms-dtyp.idl:293

_ACL::AclRevision
UCHAR AclRevision
Definition: ms-dtyp.idl:294

_AUX_ACCESS_DATA
Definition: setypes.h:257

_AUX_ACCESS_DATA::PrivilegesUsed
PPRIVILEGE_SET PrivilegesUsed
Definition: setypes.h:258

_GENERIC_MAPPING
Definition: nt_native.h:564

_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75

_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74

_LUID::HighPart
LONG HighPart
Definition: devicetopology.idl:139

_LUID::LowPart
DWORD LowPart
Definition: devicetopology.idl:138

_PRIVILEGE_SET
Definition: setypes.h:85

_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88

_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86

_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:217

_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506

_SID
Definition: ms-dtyp.idl:198

_TOKEN_DEFAULT_DACL
Definition: setypes.h:1047

_TOKEN_DEFAULT_DACL::DefaultDacl
PACL DefaultDacl
Definition: setypes.h:1048

_TOKEN_GROUPS
Definition: setypes.h:1025

_TOKEN_GROUPS::Groups
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1030

_TOKEN_GROUPS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1026

_TOKEN_OWNER
Definition: setypes.h:1039

_TOKEN_OWNER::Owner
PSID Owner
Definition: setypes.h:1040

_TOKEN_PRIVILEGES
Definition: setypes.h:1034

_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1036

_TOKEN_STATISTICS
Definition: setypes.h:1097

_TOKEN_STATISTICS::TokenId
LUID TokenId
Definition: setypes.h:1098

_TOKEN_STATISTICS::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1102

_TOKEN_STATISTICS::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1106

_TOKEN_STATISTICS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1105

_TOKEN_USER
Definition: setypes.h:1021

_TOKEN_USER::User
SID_AND_ATTRIBUTES User
Definition: setypes.h:1022

SeLockSubjectContext
VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:107

SeUnlockSubjectContext
VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:138

SeCaptureSubjectContext
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85

SeQueryInformationToken
NTSTATUS NTAPI SeQueryInformationToken(_In_ PACCESS_TOKEN AccessToken, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation)
Queries information details about the given token to the call. The difference between NtQueryInformat...
Definition: tokencls.c:95

FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255

ULONG
uint32_t ULONG
Definition: typedefs.h:59

Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531

DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658

Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17

SeQuerySubjectContextToken
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583

AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417

ACL_REVISION_DS
#define ACL_REVISION_DS
Definition: setypes.h:40

PTOKEN_GROUPS
struct _TOKEN_GROUPS * PTOKEN_GROUPS

PTOKEN_STATISTICS
struct _TOKEN_STATISTICS * PTOKEN_STATISTICS

PTOKEN_DEFAULT_DACL
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL

PTOKEN_USER
struct _TOKEN_USER * PTOKEN_USER

TokenDefaultDacl
@ TokenDefaultDacl
Definition: setypes.h:983

TokenGroupsAndPrivileges
@ TokenGroupsAndPrivileges
Definition: setypes.h:990

TokenStatistics
@ TokenStatistics
Definition: setypes.h:987

TokenImpersonationLevel
@ TokenImpersonationLevel
Definition: setypes.h:986

TokenSandBoxInert
@ TokenSandBoxInert
Definition: setypes.h:992

TokenRestrictedSids
@ TokenRestrictedSids
Definition: setypes.h:988

TokenGroups
@ TokenGroups
Definition: setypes.h:979

TokenPrivileges
@ TokenPrivileges
Definition: setypes.h:980

TokenUser
@ TokenUser
Definition: setypes.h:978

TokenOrigin
@ TokenOrigin
Definition: setypes.h:994

TokenOwner
@ TokenOwner
Definition: setypes.h:981

PTOKEN_PRIVILEGES
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES

ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39

PTOKEN_TYPE
enum _TOKEN_TYPE * PTOKEN_TYPE