ReactOS 0.4.15-dev-7788-g1ad9096
obsecure.c
Go to the documentation of this file.
1/*
2* PROJECT: ReactOS Kernel
3* LICENSE: GPL - See COPYING in the top level directory
4* FILE: ntoskrnl/ob/obsecure.c
5* PURPOSE: SRM Interface of the Object Manager
6* PROGRAMMERS: Alex Ionescu (alex@relsoft.net)
7* Eric Kohl
8*/
9
10/* INCLUDES *****************************************************************/
11
12#include <ntoskrnl.h>
13#define NDEBUG
14#include <debug.h>
15
16/* PRIVATE FUNCTIONS *********************************************************/
17
23{
24 POBJECT_HEADER ObjectHeader;
27 PEX_FAST_REF FastRef;
28 PAGED_CODE();
29
30 /* Get the object header */
31 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
32 FastRef = (PEX_FAST_REF)&ObjectHeader->SecurityDescriptor;
34 {
35 /* Nothing to assign */
37 return STATUS_SUCCESS;
38 }
39
40 /* Add it to our internal cache */
42 &NewSd,
43 MAX_FAST_REFS + 1);
44 if (NT_SUCCESS(Status))
45 {
46 /* Free the old copy */
48
49 /* Set the new pointer */
50 ASSERT(NewSd);
51 ExInitializeFastReference(FastRef, NewSd);
52 }
53
54 /* Return status */
55 return Status;
56}
57
61{
62 EX_FAST_REF FastRef;
64 PSECURITY_DESCRIPTOR OldSecurityDescriptor;
65
66 /* Get the fast reference and capture it */
68
69 /* Don't free again later */
71
72 /* Get the descriptor and reference count */
73 OldSecurityDescriptor = ExGetObjectFastReference(FastRef);
75
76 /* Dereference the descriptor */
77 ObDereferenceSecurityDescriptor(OldSecurityDescriptor, Count + 1);
78
79 /* All done */
80 return STATUS_SUCCESS;
81}
82
89 IN PSECURITY_DESCRIPTOR *OutputSecurityDescriptor)
90{
91 POBJECT_HEADER ObjectHeader;
93 PSECURITY_DESCRIPTOR ObjectSd;
94 PAGED_CODE();
95
96 /* Get the object header */
97 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
98
99 /* Get the SD */
100 ObjectSd = ObpReferenceSecurityDescriptor(ObjectHeader);
101
102 /* Query the information */
105 Length,
106 &ObjectSd);
107
108 /* Check if we have an object SD and dereference it, if so */
109 if (ObjectSd) ObDereferenceSecurityDescriptor(ObjectSd, 1);
110
111 /* Return status */
112 return Status;
113}
114
116NTAPI
120 IN OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor,
123{
125 POBJECT_HEADER ObjectHeader;
126 PSECURITY_DESCRIPTOR OldDescriptor, NewDescriptor, CachedDescriptor;
127 PEX_FAST_REF FastRef;
128 EX_FAST_REF OldValue;
129 ULONG Count;
130 PAGED_CODE();
131
132 /* Get the object header */
133 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
134 while (TRUE)
135 {
136 /* Reference the old descriptor */
137 OldDescriptor = ObpReferenceSecurityDescriptor(ObjectHeader);
138 NewDescriptor = OldDescriptor;
139
140 /* Set the SD information */
145 PoolType,
147 if (!NT_SUCCESS(Status))
148 {
149 /* We failed, dereference the old one */
150 if (OldDescriptor) ObDereferenceSecurityDescriptor(OldDescriptor, 1);
151 break;
152 }
153
154 /* Now add this to the cache */
156 &CachedDescriptor,
157 MAX_FAST_REFS + 1);
158
159 /* Let go of our uncached copy */
161
162 /* Check for success */
163 if (!NT_SUCCESS(Status))
164 {
165 /* We failed, dereference the old one */
166 ObDereferenceSecurityDescriptor(OldDescriptor, 1);
167 break;
168 }
169
170 /* Do the swap */
171 FastRef = (PEX_FAST_REF)OutputSecurityDescriptor;
172 OldValue = ExCompareSwapFastReference(FastRef,
173 CachedDescriptor,
174 OldDescriptor);
175
176 /* Make sure the swap worked */
177 if (ExGetObjectFastReference(OldValue) == OldDescriptor)
178 {
179 /* Flush waiters */
180 ObpAcquireObjectLock(ObjectHeader);
181 ObpReleaseObjectLock(ObjectHeader);
182
183 /* And dereference the old one */
184 Count = ExGetCountFastReference(OldValue);
185 ObDereferenceSecurityDescriptor(OldDescriptor, Count + 2);
186 break;
187 }
188 else
189 {
190 /* Someone changed it behind our back -- try again */
191 ObDereferenceSecurityDescriptor(OldDescriptor, 1);
192 ObDereferenceSecurityDescriptor(CachedDescriptor,
193 MAX_FAST_REFS + 1);
194 }
195 }
196
197 /* Return status */
198 return Status;
199}
200
202NTAPI
204 IN ACCESS_MASK CreateAccess,
206 IN PUNICODE_STRING ComponentName,
207 IN BOOLEAN LockHeld,
210{
211 POBJECT_HEADER ObjectHeader;
214 BOOLEAN SdAllocated;
219 PAGED_CODE();
220
221 /* Get the header and type */
222 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
223 ObjectType = ObjectHeader->Type;
224
225 /* Get the security descriptor */
227 if (!NT_SUCCESS(Status))
228 {
229 /* We failed */
231 return FALSE;
232 }
233
234 /* Lock the security context */
235 SeLockSubjectContext(&AccessState->SubjectSecurityContext);
236
237 /* Check if we have an SD */
239 {
240 /* Now do the entire access check */
242 &AccessState->SubjectSecurityContext,
243 TRUE,
244 CreateAccess,
245 0,
246 &Privileges,
247 &ObjectType->TypeInfo.GenericMapping,
251 if (Privileges)
252 {
253 /* We got privileges, append them to the access state and free them */
256 }
257 }
258
259 /* We're done, unlock the context and release security */
260 SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
262 return Result;
263}
264
266NTAPI
268 IN ACCESS_MASK TraverseAccess,
270 IN BOOLEAN LockHeld,
273{
274 POBJECT_HEADER ObjectHeader;
277 BOOLEAN SdAllocated;
282 PAGED_CODE();
283
284 /* Get the header and type */
285 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
286 ObjectType = ObjectHeader->Type;
287
288 /* Get the security descriptor */
290 if (!NT_SUCCESS(Status))
291 {
292 /* We failed */
294 return FALSE;
295 }
296
297 /* First try to perform a fast traverse check
298 * If it fails, then the entire access check will
299 * have to be done.
300 */
304 AccessMode);
305 if (Result)
306 {
308 return TRUE;
309 }
310
311 /* Lock the security context */
312 SeLockSubjectContext(&AccessState->SubjectSecurityContext);
313
314 /* Now do the entire access check */
316 &AccessState->SubjectSecurityContext,
317 TRUE,
318 TraverseAccess,
319 0,
320 &Privileges,
321 &ObjectType->TypeInfo.GenericMapping,
325 if (Privileges)
326 {
327 /* We got privileges, append them to the access state and free them */
330 }
331
332 /* We're done, unlock the context and release security */
333 SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
335 return Result;
336}
337
339NTAPI
342 IN BOOLEAN LockHeld,
345{
346 POBJECT_HEADER ObjectHeader;
349 BOOLEAN SdAllocated;
354 PAGED_CODE();
355
356 /* Get the header and type */
357 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
358 ObjectType = ObjectHeader->Type;
359
360 /* Get the security descriptor */
362 if (!NT_SUCCESS(Status))
363 {
364 /* We failed */
366 return FALSE;
367 }
368
369 /* Lock the security context */
370 SeLockSubjectContext(&AccessState->SubjectSecurityContext);
371
372 /* Now do the entire access check */
374 &AccessState->SubjectSecurityContext,
375 TRUE,
376 AccessState->RemainingDesiredAccess,
377 AccessState->PreviouslyGrantedAccess,
378 &Privileges,
379 &ObjectType->TypeInfo.GenericMapping,
383 if (Result)
384 {
385 /* Update the access state */
386 AccessState->RemainingDesiredAccess &= ~GrantedAccess;
387 AccessState->PreviouslyGrantedAccess |= GrantedAccess;
388 }
389
390 /* Check if we have an SD */
392 {
393 /* Do audit alarm */
394#if 0
395 SeObjectReferenceAuditAlarm(&AccessState->OperationID,
396 Object,
398 &AccessState->SubjectSecurityContext,
399 AccessState->RemainingDesiredAccess |
400 AccessState->PreviouslyGrantedAccess,
401 ((PAUX_ACCESS_DATA)(AccessState->AuxData))->
402 PrivilegeSet,
403 Result,
404 AccessMode);
405#endif
406 }
407
408 /* We're done, unlock the context and release security */
409 SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
411 return Result;
412}
413
414/*++
415* @name ObCheckObjectAccess
416*
417* The ObCheckObjectAccess routine <FILLMEIN>
418*
419* @param Object
420* <FILLMEIN>
421*
422* @param AccessState
423* <FILLMEIN>
424*
425* @param LockHeld
426* <FILLMEIN>
427*
428* @param AccessMode
429* <FILLMEIN>
430*
431* @param ReturnedStatus
432* <FILLMEIN>
433*
434* @return TRUE if access was granted, FALSE otherwise.
435*
436* @remarks None.
437*
438*--*/
440NTAPI
443 IN BOOLEAN LockHeld,
445 OUT PNTSTATUS ReturnedStatus)
446{
447 POBJECT_HEADER ObjectHeader;
450 BOOLEAN SdAllocated;
455 PAGED_CODE();
456
457 /* Get the object header and type */
458 ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
459 ObjectType = ObjectHeader->Type;
460
461 /* Get security information */
463 if (!NT_SUCCESS(Status))
464 {
465 /* Return failure */
466 *ReturnedStatus = Status;
467 return FALSE;
468 }
469 else if (!SecurityDescriptor)
470 {
471 /* Otherwise, if we don't actually have an SD, return success */
472 *ReturnedStatus = Status;
473 return TRUE;
474 }
475
476 /* Lock the security context */
477 SeLockSubjectContext(&AccessState->SubjectSecurityContext);
478
479 /* Now do the entire access check */
481 &AccessState->SubjectSecurityContext,
482 TRUE,
483 AccessState->RemainingDesiredAccess,
484 AccessState->PreviouslyGrantedAccess,
485 &Privileges,
486 &ObjectType->TypeInfo.GenericMapping,
489 ReturnedStatus);
490 if (Privileges)
491 {
492 /* We got privileges, append them to the access state and free them */
495 }
496
497 /* Check if access was granted */
498 if (Result)
499 {
500 /* Update the access state */
501 AccessState->RemainingDesiredAccess &= ~(GrantedAccess |
503 AccessState->PreviouslyGrantedAccess |= GrantedAccess;
504 }
505
506 /* Do audit alarm */
508 Object,
509 NULL,
512 FALSE,
513 Result,
515 &AccessState->GenerateOnClose);
516
517 /* We're done, unlock the context and release security */
518 SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
520 return Result;
521}
522
523/* PUBLIC FUNCTIONS **********************************************************/
524
525/*++
526* @name ObAssignSecurity
527* @implemented NT4
528*
529* The ObAssignSecurity routine <FILLMEIN>
530*
531* @param AccessState
532* <FILLMEIN>
533*
534* @param SecurityDescriptor
535* <FILLMEIN>
536*
537* @param Object
538* <FILLMEIN>
539*
540* @param Type
541* <FILLMEIN>
542*
543* @return STATUS_SUCCESS or appropriate error value.
544*
545* @remarks None.
546*
547*--*/
549NTAPI
554{
557 KIRQL CalloutIrql;
558 PAGED_CODE();
559
560 /* Build the new security descriptor */
561 Status = SeAssignSecurity(SecurityDescriptor,
562 AccessState->SecurityDescriptor,
565 &AccessState->SubjectSecurityContext,
566 &Type->TypeInfo.GenericMapping,
567 PagedPool);
568 if (!NT_SUCCESS(Status)) return Status;
569
570 /* Call the security method */
571 ObpCalloutStart(&CalloutIrql);
572 Status = Type->TypeInfo.SecurityProcedure(Object,
573 AssignSecurityDescriptor,
574 NULL,
576 NULL,
577 NULL,
578 PagedPool,
579 &Type->TypeInfo.GenericMapping);
580 ObpCalloutEnd(CalloutIrql, "Security", Type, Object);
581
582 /* Check for failure and deassign security if so */
583 if (!NT_SUCCESS(Status)) SeDeassignSecurity(&NewDescriptor);
584
585 /* Return to caller */
586 return Status;
587}
588
589/*++
590* @name ObGetObjectSecurity
591* @implemented NT4
592*
593* The ObGetObjectSecurity routine <FILLMEIN>
594*
595* @param Object
596* <FILLMEIN>
597*
598* @param SecurityDescriptor
599* <FILLMEIN>
600*
601* @param MemoryAllocated
602* <FILLMEIN>
603*
604* @return STATUS_SUCCESS or appropriate error value.
605*
606* @remarks None.
607*
608*--*/
610NTAPI
614{
617 ULONG Length = 0;
620 KIRQL CalloutIrql;
621 PAGED_CODE();
622
623 /* Get the object header and type */
625 Type = Header->Type;
626
627 /* Tell the caller that we didn't have to allocate anything yet */
629
630 /* Check if the object uses default security */
631 if (Type->TypeInfo.SecurityProcedure == SeDefaultObjectMethod)
632 {
633 /* Reference the descriptor */
635 return STATUS_SUCCESS;
636 }
637
638 /* Set mask to query */
643
644 /* Get the security descriptor size */
645 ObpCalloutStart(&CalloutIrql);
646 Status = Type->TypeInfo.SecurityProcedure(Object,
647 QuerySecurityDescriptor,
650 &Length,
651 &Header->SecurityDescriptor,
652 Type->TypeInfo.PoolType,
653 &Type->TypeInfo.GenericMapping);
654 ObpCalloutEnd(CalloutIrql, "Security", Type, Object);
655
656 /* Check for failure */
658
659 /* Allocate security descriptor */
661 Length,
665
666 /* Query security descriptor */
667 ObpCalloutStart(&CalloutIrql);
668 Status = Type->TypeInfo.SecurityProcedure(Object,
669 QuerySecurityDescriptor,
672 &Length,
673 &Header->SecurityDescriptor,
674 Type->TypeInfo.PoolType,
675 &Type->TypeInfo.GenericMapping);
676 ObpCalloutEnd(CalloutIrql, "Security", Type, Object);
677
678 /* Check for failure */
679 if (!NT_SUCCESS(Status))
680 {
681 /* Free the descriptor and tell the caller we failed */
684 }
685
686 /* Return status */
687 return Status;
688}
689
690/*++
691* @name ObReleaseObjectSecurity
692* @implemented NT4
693*
694* The ObReleaseObjectSecurity routine <FILLMEIN>
695*
696* @param SecurityDescriptor
697* <FILLMEIN>
698*
699* @param MemoryAllocated
700* <FILLMEIN>
701*
702* @return STATUS_SUCCESS or appropriate error value.
703*
704* @remarks None.
705*
706*--*/
707VOID
708NTAPI
711{
712 PAGED_CODE();
713
714 /* Nothing to do in this case */
715 if (!SecurityDescriptor) return;
716
717 /* Check if we had allocated it from memory */
718 if (MemoryAllocated)
719 {
720 /* Free it */
722 }
723 else
724 {
725 /* Otherwise this means we used an internal descriptor */
727 }
728}
729
730/*++
731* @name ObSetSecurityObjectByPointer
732* @implemented NT5.1
733*
734* The ObSetSecurityObjectByPointer routine <FILLMEIN>
735*
736* @param SecurityDescriptor
737* <FILLMEIN>
738*
739* @param MemoryAllocated
740* <FILLMEIN>
741*
742* @return STATUS_SUCCESS or appropriate error value.
743*
744* @remarks None.
745*
746*--*/
748NTAPI
752{
755 PAGED_CODE();
756
757 /* Get the header and type */
759 Type = Header->Type;
760
761 /* Sanity check */
763
764 /* Call the security procedure */
765 return Type->TypeInfo.SecurityProcedure(Object,
766 SetSecurityDescriptor,
769 NULL,
770 &Header->SecurityDescriptor,
771 Type->TypeInfo.PoolType,
772 &Type->TypeInfo.GenericMapping);
773}
774
775/*++
776* @name NtQuerySecurityObject
777* @implemented NT4
778*
779* The NtQuerySecurityObject routine <FILLMEIN>
780*
781* @param Handle
782* <FILLMEIN>
783*
784* @param SecurityInformation
785* <FILLMEIN>
786*
787* @param SecurityDescriptor
788* <FILLMEIN>
789*
790* @param Length
791* <FILLMEIN>
792*
793* @param ResultLength
794* <FILLMEIN>
795*
796* @return STATUS_SUCCESS or appropriate error value.
797*
798* @remarks None.
799*
800*--*/
802NTAPI
808{
815 PAGED_CODE();
816
817 /* Check if we came from user mode */
819 {
820 /* Enter SEH */
822 {
823 /* Probe the SD and the length pointer */
826 }
828 {
829 /* Return the exception code */
831 }
832 _SEH2_END;
833 }
834
835 /* Get the required access rights for the operation */
837
838 /* Reference the object */
841 NULL,
843 &Object,
844 NULL);
845 if (!NT_SUCCESS(Status)) return Status;
846
847 /* Get the Object Header and Type */
849 Type = Header->Type;
850
851 /* Call the security procedure's query function */
852 Status = Type->TypeInfo.SecurityProcedure(Object,
853 QuerySecurityDescriptor,
856 &Length,
857 &Header->SecurityDescriptor,
858 Type->TypeInfo.PoolType,
859 &Type->TypeInfo.GenericMapping);
860
861 /* Dereference the object */
863
864 /* Protect write with SEH */
866 {
867 /* Return the needed length */
869 }
871 {
872 /* Get the exception code */
874 }
875 _SEH2_END;
876
877 /* Return status */
878 return Status;
879}
880
881/*++
882* @name NtSetSecurityObject
883* @implemented NT4
884*
885* The NtSetSecurityObject routine <FILLMEIN>
886*
887* @param Handle
888* <FILLMEIN>
889*
890* @param SecurityInformation
891* <FILLMEIN>
892*
893* @param SecurityDescriptor
894* <FILLMEIN>
895*
896* @return STATUS_SUCCESS or appropriate error value.
897*
898* @remarks None.
899*
900*--*/
902NTAPI
906{
909 SECURITY_DESCRIPTOR_RELATIVE *CapturedDescriptor;
912 PAGED_CODE();
913
914 /* Make sure the caller doesn't pass a NULL security descriptor! */
916
917 /* Set the required access rights for the operation */
919
920 /* Reference the object */
923 NULL,
925 &Object,
926 NULL);
927 if (NT_SUCCESS(Status))
928 {
929 /* Capture and make a copy of the security descriptor */
932 PagedPool,
933 TRUE,
935 &CapturedDescriptor);
936 if (!NT_SUCCESS(Status))
937 {
938 /* Fail */
940 return Status;
941 }
942
943 /* Sanity check */
944 ASSERT(CapturedDescriptor->Control & SE_SELF_RELATIVE);
945
946 /*
947 * Make sure the security descriptor passed by the caller
948 * is valid for the operation we're about to perform
949 */
951 !(CapturedDescriptor->Owner)) ||
953 !(CapturedDescriptor->Group)))
954 {
955 /* Set the failure status */
957 }
958 else
959 {
960 /* Set security */
963 CapturedDescriptor);
964 }
965
966 /* Release the descriptor and return status */
969 TRUE);
970
971 /* Now we can dereference the object */
973 }
974
975 return Status;
976}
977
978/*++
979* @name ObQueryObjectAuditingByHandle
980* @implemented NT5
981*
982* The ObDereferenceSecurityDescriptor routine <FILLMEIN>
983*
984* @param SecurityDescriptor
985* <FILLMEIN>
986*
987* @param Count
988* <FILLMEIN>
989*
990* @return STATUS_SUCCESS or appropriate error value.
991*
992* @remarks None.
993*
994*--*/
996NTAPI
999{
1000 PHANDLE_TABLE_ENTRY HandleEntry;
1003 PAGED_CODE();
1004
1005 /* Check if we're dealing with a kernel handle */
1007 {
1008 /* Use the kernel table and convert the handle */
1011 }
1012 else
1013 {
1014 /* Use the process's handle table */
1015 HandleTable = PsGetCurrentProcess()->ObjectTable;
1016 }
1017
1018 /* Enter a critical region while we touch the handle table */
1020
1021 /* Map the handle */
1022 HandleEntry = ExMapHandleToPointer(HandleTable, Handle);
1023 if(HandleEntry)
1024 {
1025 /* Check if the flag is set */
1027
1028 /* Unlock the entry */
1030 }
1031 else
1032 {
1033 /* Otherwise, fail */
1035 }
1036
1037 /* Leave the critical region and return the status */
1039 return Status;
1040}
1041
1042/* EOF */
#define PAGED_CODE()
#define ObpDirectoryObjectType
Definition: ObTypes.c:118
static OB_SECURITY_METHOD SeDefaultObjectMethod
Definition: ObTypes.c:134
unsigned char BOOLEAN
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
Type
Definition: Type.h:7
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
LONG NTSTATUS
Definition: precomp.h:26
Definition: Header.h:9
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
UCHAR KIRQL
Definition: env_spec_w32.h:591
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
#define PagedPool
Definition: env_spec_w32.h:308
#define MAX_FAST_REFS
Definition: ex.h:133
FORCEINLINE ULONG ExGetCountFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:588
#define ExGetPreviousMode
Definition: ex.h:140
FORCEINLINE EX_FAST_REF ExCompareSwapFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object, IN PVOID OldObject)
Definition: ex.h:747
FORCEINLINE VOID ExInitializeFastReference(OUT PEX_FAST_REF FastRef, IN OPTIONAL PVOID Object)
Definition: ex.h:596
FORCEINLINE PVOID ExGetObjectFastReference(IN EX_FAST_REF FastRef)
Definition: ex.h:580
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
ULONG Handle
Definition: gdb_input.c:15
Status
Definition: gdiplustypes.h:25
LONG NTAPI ExSystemExceptionFilter(VOID)
Definition: harderr.c:349
static XMS_HANDLE HandleTable[XMS_MAX_HANDLES]
Definition: himem.c:83
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define KeLeaveCriticalRegion()
Definition: ke_x.h:119
#define KeEnterCriticalRegion()
Definition: ke_x.h:88
if(dx< 0)
Definition: linetemp.h:194
#define ASSERT(a)
Definition: mode.c:44
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
* PNTSTATUS
Definition: strlen.c:14
ObjectType
Definition: metafile.c:81
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
#define KernelMode
Definition: asm.h:34
struct _EX_FAST_REF * PEX_FAST_REF
#define OBJECT_TO_OBJECT_HEADER(o)
Definition: obtypes.h:111
int Count
Definition: noreturn.cpp:7
#define FILE_WRITE_DATA
Definition: nt_native.h:631
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
PHANDLE_TABLE_ENTRY NTAPI ExMapHandleToPointer(IN PHANDLE_TABLE HandleTable, IN HANDLE Handle)
Definition: handle.c:1046
VOID NTAPI ExUnlockHandleTableEntry(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:923
VOID NTAPI SeSetSecurityAccessMask(_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
Sets the access mask for a security information context.
Definition: semgr.c:460
VOID NTAPI SeQuerySecurityAccessMask(_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
Queries the access mask from a security information context.
Definition: semgr.c:427
BOOLEAN NTAPI SeFastTraverseCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE AccessMode)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:2138
VOID NTAPI SeOpenObjectAuditAlarm(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
Creates an audit with alarm notification of an object that is being opened.
Definition: audit.c:1213
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
NTSTATUS NTAPI SeCaptureSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
Captures a security descriptor.
Definition: sd.c:386
NTSTATUS NTAPI SeReleaseSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ BOOLEAN CaptureIfKernelMode)
Releases a captured security descriptor buffer.
Definition: sd.c:760
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
#define STATUS_INVALID_SECURITY_DESCR
Definition: ntstatus.h:357
#define STATUS_ACCESS_VIOLATION
Definition: ntstatus.h:242
PSECURITY_DESCRIPTOR NTAPI ObpReferenceSecurityDescriptor(IN POBJECT_HEADER ObjectHeader)
Definition: obsdcach.c:181
PHANDLE_TABLE ObpKernelHandleTable
Definition: obhandle.c:20
#define ObpIsKernelHandle(Handle, ProcessorMode)
Definition: ob.h:74
#define ObKernelHandleToHandle(Handle)
Definition: ob.h:83
#define OBJ_AUDIT_OBJECT_CLOSE
Definition: ob.h:51
FORCEINLINE VOID ObpAcquireObjectLock(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:48
FORCEINLINE VOID ObpReleaseObjectLock(IN POBJECT_HEADER ObjectHeader)
Definition: ob_x.h:84
FORCEINLINE VOID ObpCalloutStart(IN PKIRQL CalloutIrql)
Definition: ob_x.h:497
FORCEINLINE VOID ObpCalloutEnd(IN KIRQL CalloutIrql, IN PCHAR Procedure, IN POBJECT_TYPE ObjectType, IN PVOID Object)
Definition: ob_x.h:505
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
NTSTATUS NTAPI ObLogSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor, IN ULONG RefBias)
Definition: obsdcach.c:364
VOID NTAPI ObDereferenceSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Count)
Definition: obsdcach.c:287
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
NTSTATUS NTAPI ObDeassignSecurity(IN OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
Definition: obsecure.c:60
BOOLEAN NTAPI ObpCheckTraverseAccess(IN PVOID Object, IN ACCESS_MASK TraverseAccess, IN PACCESS_STATE AccessState OPTIONAL, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
Definition: obsecure.c:267
NTSTATUS NTAPI ObAssignObjectSecurityDescriptor(IN PVOID Object, IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, IN POOL_TYPE PoolType)
Definition: obsecure.c:20
NTSTATUS NTAPI NtSetSecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: obsecure.c:903
NTSTATUS NTAPI ObSetSecurityObjectByPointer(IN PVOID Object, IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: obsecure.c:749
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
Definition: obsecure.c:803
NTSTATUS NTAPI ObQueryObjectAuditingByHandle(IN HANDLE Handle, OUT PBOOLEAN GenerateOnClose)
Definition: obsecure.c:997
BOOLEAN NTAPI ObpCheckObjectReference(IN PVOID Object, IN OUT PACCESS_STATE AccessState, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
Definition: obsecure.c:340
NTSTATUS NTAPI ObSetSecurityDescriptorInfo(IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
Definition: obsecure.c:117
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
BOOLEAN NTAPI ObCheckObjectAccess(IN PVOID Object, IN OUT PACCESS_STATE AccessState, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS ReturnedStatus)
Definition: obsecure.c:441
BOOLEAN NTAPI ObCheckCreateObjectAccess(IN PVOID Object, IN ACCESS_MASK CreateAccess, IN PACCESS_STATE AccessState, IN PUNICODE_STRING ComponentName, IN BOOLEAN LockHeld, IN KPROCESSOR_MODE AccessMode, OUT PNTSTATUS AccessStatus)
Definition: obsecure.c:203
NTSTATUS NTAPI ObAssignSecurity(IN PACCESS_STATE AccessState, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PVOID Object, IN POBJECT_TYPE Type)
Definition: obsecure.c:550
NTSTATUS NTAPI ObQuerySecurityDescriptorInfo(IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG Length, IN PSECURITY_DESCRIPTOR *OutputSecurityDescriptor)
Definition: obsecure.c:85
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:159
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:162
#define ProbeForWriteUlong(Ptr)
Definition: probe.h:36
#define STATUS_SUCCESS
Definition: shellext.h:65
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
Definition: extypes.h:596
ULONG_PTR ObAttributes
Definition: extypes.h:600
PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: obtypes.h:503
POBJECT_TYPE Type
Definition: obtypes.h:493
VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:107
VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:138
#define TAG_SEC_QUERY
Definition: tag.h:121
#define TAG_SD
Definition: tag.h:153
uint32_t * PULONG
Definition: typedefs.h:59
unsigned char * PBOOLEAN
Definition: typedefs.h:53
INT POOL_TYPE
Definition: typedefs.h:78
#define NTAPI
Definition: typedefs.h:36
#define IN
Definition: typedefs.h:39
uint32_t ULONG
Definition: typedefs.h:59
#define OUT
Definition: typedefs.h:40
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
#define ObDereferenceObject
Definition: obfuncs.h:203
_Out_ PSECURITY_DESCRIPTOR _Out_ PBOOLEAN MemoryAllocated
Definition: obfuncs.h:24
#define PsGetCurrentProcess
Definition: psfuncs.h:17
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:422
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
NTKERNELAPI NTSTATUS NTAPI SeQuerySecurityDescriptorInfo(_In_ PSECURITY_INFORMATION SecurityInformation, _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PULONG Length, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:30
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
#define SE_SELF_RELATIVE
Definition: setypes.h:834
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126