ReactOS  0.4.15-dev-3326-ga91f5e8
accesschk.c
Go to the documentation of this file.
1 /*
2  * PROJECT: ReactOS Kernel
3  * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4  * PURPOSE: Security access check control implementation
5  * COPYRIGHT: Copyright Timo Kreuzer <timo.kreuzer@reactos.org>
6  * Copyright Eric Kohl
7  */
8 
9 /* INCLUDES *******************************************************************/
10 
11 #include <ntoskrnl.h>
12 #define NDEBUG
13 #include <debug.h>
14 
15 /* GLOBALS ********************************************************************/
16 
17 
18 /* PRIVATE FUNCTIONS **********************************************************/
19 
73  _In_ POBJECT_TYPE_LIST ObjectTypeList,
74  _In_ ULONG ObjectTypeListLength,
79  _Out_ PACCESS_MASK GrantedAccessList,
80  _Out_ PNTSTATUS AccessStatusList,
81  _In_ BOOLEAN UseResultList)
82 {
83  ACCESS_MASK RemainingAccess;
84  ACCESS_MASK TempAccess;
85  ACCESS_MASK TempGrantedAccess = 0;
86  ACCESS_MASK TempDeniedAccess = 0;
88  ULONG i, ResultListLength;
89  PACL Dacl;
90  BOOLEAN Present;
91  BOOLEAN Defaulted;
92  PACE CurrentAce;
93  PSID Sid;
95  PAGED_CODE();
96 
97  DPRINT("SepAccessCheck()\n");
98 
99  /* Check for no access desired */
100  if (!DesiredAccess)
101  {
102  /* Check if we had no previous access */
104  {
105  /* Then there's nothing to give */
107  goto ReturnCommonStatus;
108  }
109 
110  /* Return the previous access only */
112  *Privileges = NULL;
113  goto ReturnCommonStatus;
114  }
115 
116  /* Map given accesses */
120 
121  /* Initialize remaining access rights */
122  RemainingAccess = DesiredAccess;
123 
126 
127  /* Check for ACCESS_SYSTEM_SECURITY and WRITE_OWNER access */
128  Status = SePrivilegePolicyCheck(&RemainingAccess,
130  NULL,
131  Token,
132  NULL,
133  UserMode);
134  if (!NT_SUCCESS(Status))
135  {
136  goto ReturnCommonStatus;
137  }
138 
139  /* Succeed if there are no more rights to grant */
140  if (RemainingAccess == 0)
141  {
143  goto ReturnCommonStatus;
144  }
145 
146  /* Get the DACL */
148  &Present,
149  &Dacl,
150  &Defaulted);
151  if (!NT_SUCCESS(Status))
152  {
153  goto ReturnCommonStatus;
154  }
155 
156  /* RULE 1: Grant desired access if the object is unprotected */
157  if (Present == FALSE || Dacl == NULL)
158  {
159  PreviouslyGrantedAccess |= RemainingAccess;
160  if (RemainingAccess & MAXIMUM_ALLOWED)
161  {
164  }
165 
167  goto ReturnCommonStatus;
168  }
169 
170  /* Deny access if the DACL is empty */
171  if (Dacl->AceCount == 0)
172  {
173  if (RemainingAccess == MAXIMUM_ALLOWED && PreviouslyGrantedAccess != 0)
174  {
176  }
177  else
178  {
181  }
182  goto ReturnCommonStatus;
183  }
184 
185  /* Determine the MAXIMUM_ALLOWED access rights according to the DACL */
187  {
188  CurrentAce = (PACE)(Dacl + 1);
189  for (i = 0; i < Dacl->AceCount; i++)
190  {
191  if (!(CurrentAce->Header.AceFlags & INHERIT_ONLY_ACE))
192  {
193  Sid = (PSID)(CurrentAce + 1);
194  if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
195  {
196  if (SepSidInToken(Token, Sid))
197  {
198  /* Map access rights from the ACE */
199  TempAccess = CurrentAce->AccessMask;
200  RtlMapGenericMask(&TempAccess, GenericMapping);
201 
202  /* Deny access rights that have not been granted yet */
203  TempDeniedAccess |= (TempAccess & ~TempGrantedAccess);
204  }
205  }
206  else if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
207  {
208  if (SepSidInToken(Token, Sid))
209  {
210  /* Map access rights from the ACE */
211  TempAccess = CurrentAce->AccessMask;
212  RtlMapGenericMask(&TempAccess, GenericMapping);
213 
214  /* Grant access rights that have not been denied yet */
215  TempGrantedAccess |= (TempAccess & ~TempDeniedAccess);
216  }
217  }
218  else
219  {
220  DPRINT1("Unsupported ACE type 0x%lx\n", CurrentAce->Header.AceType);
221  }
222  }
223 
224  /* Get the next ACE */
225  CurrentAce = (PACE)((ULONG_PTR)CurrentAce + CurrentAce->Header.AceSize);
226  }
227 
228  /* Fail if some rights have not been granted */
229  RemainingAccess &= ~(MAXIMUM_ALLOWED | TempGrantedAccess);
230  if (RemainingAccess != 0)
231  {
234  goto ReturnCommonStatus;
235  }
236 
237  /* Set granted access right and access status */
238  PreviouslyGrantedAccess |= TempGrantedAccess;
239  if (PreviouslyGrantedAccess != 0)
240  {
242  }
243  else
244  {
246  }
247  goto ReturnCommonStatus;
248  }
249 
250  /* RULE 4: Grant rights according to the DACL */
251  CurrentAce = (PACE)(Dacl + 1);
252  for (i = 0; i < Dacl->AceCount; i++)
253  {
254  if (!(CurrentAce->Header.AceFlags & INHERIT_ONLY_ACE))
255  {
256  Sid = (PSID)(CurrentAce + 1);
257  if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
258  {
259  if (SepSidInToken(Token, Sid))
260  {
261  /* Map access rights from the ACE */
262  TempAccess = CurrentAce->AccessMask;
263  RtlMapGenericMask(&TempAccess, GenericMapping);
264 
265  /* Leave if a remaining right must be denied */
266  if (RemainingAccess & TempAccess)
267  break;
268  }
269  }
270  else if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
271  {
272  if (SepSidInToken(Token, Sid))
273  {
274  /* Map access rights from the ACE */
275  TempAccess = CurrentAce->AccessMask;
276  DPRINT("TempAccess 0x%08lx\n", TempAccess);
277  RtlMapGenericMask(&TempAccess, GenericMapping);
278 
279  /* Remove granted rights */
280  DPRINT("RemainingAccess 0x%08lx TempAccess 0x%08lx\n", RemainingAccess, TempAccess);
281  RemainingAccess &= ~TempAccess;
282  DPRINT("RemainingAccess 0x%08lx\n", RemainingAccess);
283  }
284  }
285  else
286  {
287  DPRINT1("Unsupported ACE type 0x%lx\n", CurrentAce->Header.AceType);
288  }
289  }
290 
291  /* Get the next ACE */
292  CurrentAce = (PACE)((ULONG_PTR)CurrentAce + CurrentAce->Header.AceSize);
293  }
294 
295  DPRINT("DesiredAccess %08lx\nPreviouslyGrantedAccess %08lx\nRemainingAccess %08lx\n",
296  DesiredAccess, PreviouslyGrantedAccess, RemainingAccess);
297 
298  /* Fail if some rights have not been granted */
299  if (RemainingAccess != 0)
300  {
301  DPRINT("HACK: RemainingAccess = 0x%08lx DesiredAccess = 0x%08lx\n", RemainingAccess, DesiredAccess);
302 #if 0
303  /* HACK HACK HACK */
305  goto ReturnCommonStatus;
306 #endif
307  }
308 
309  /* Set granted access rights */
311 
312  /* Fail if no rights have been granted */
313  if (PreviouslyGrantedAccess == 0)
314  {
315  DPRINT1("PreviouslyGrantedAccess == 0 DesiredAccess = %08lx\n", DesiredAccess);
317  goto ReturnCommonStatus;
318  }
319 
321  goto ReturnCommonStatus;
322 
323 ReturnCommonStatus:
324  ResultListLength = UseResultList ? ObjectTypeListLength : 1;
325  for (i = 0; i < ResultListLength; i++)
326  {
327  GrantedAccessList[i] = PreviouslyGrantedAccess;
328  AccessStatusList[i] = Status;
329  }
330 
331  return NT_SUCCESS(Status);
332 }
333 
345 static PSID
347  _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
348 {
349  PISECURITY_DESCRIPTOR SecurityDescriptor = _SecurityDescriptor;
350  PSID Owner;
351 
352  if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
353  Owner = (PSID)((ULONG_PTR)SecurityDescriptor->Owner +
355  else
357 
358  return Owner;
359 }
360 
372 static PSID
374  _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
375 {
376  PISECURITY_DESCRIPTOR SecurityDescriptor = _SecurityDescriptor;
377  PSID Group;
378 
379  if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
380  Group = (PSID)((ULONG_PTR)SecurityDescriptor->Group +
382  else
383  Group = (PSID)SecurityDescriptor->Group;
384 
385  return Group;
386 }
387 
398 static
399 ULONG
401  _In_ PPRIVILEGE_SET PrivilegeSet)
402 {
403  if (PrivilegeSet == NULL)
404  return 0;
405 
406  if (PrivilegeSet->PrivilegeCount == 0)
407  return (ULONG)(sizeof(PRIVILEGE_SET) - sizeof(LUID_AND_ATTRIBUTES));
408 
409  return (ULONG)(sizeof(PRIVILEGE_SET) +
410  (PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES));
411 }
412 
413 /* PUBLIC FUNCTIONS ***********************************************************/
414 
457 BOOLEAN
458 NTAPI
470 {
471  BOOLEAN ret;
472 
473  PAGED_CODE();
474 
475  /* Check if this is kernel mode */
476  if (AccessMode == KernelMode)
477  {
478  /* Check if kernel wants everything */
480  {
481  /* Give it */
485  }
486  else
487  {
488  /* Give the desired and previous access */
490  }
491 
492  /* Success */
494  return TRUE;
495  }
496 
497  /* Check if we didn't get an SD */
498  if (!SecurityDescriptor)
499  {
500  /* Automatic failure */
502  return FALSE;
503  }
504 
505  /* Check for invalid impersonation */
508  {
510  return FALSE;
511  }
512 
513  /* Acquire the lock if needed */
516 
517  /* Check if the token is the owner and grant WRITE_DAC and READ_CONTROL rights */
519  {
522 
525  FALSE))
526  {
529  else
531 
533  }
534  }
535 
536  if (DesiredAccess == 0)
537  {
539  if (PreviouslyGrantedAccess == 0)
540  {
541  DPRINT1("Request for zero access to an object. Denying.\n");
543  ret = FALSE;
544  }
545  else
546  {
548  ret = TRUE;
549  }
550  }
551  else
552  {
553  /* Call the internal function */
557  NULL,
558  0,
560  Privileges,
562  AccessMode,
564  AccessStatus,
565  FALSE);
566  }
567 
568  /* Release the lock if needed */
571 
572  return ret;
573 }
574 
599 BOOLEAN
600 NTAPI
606 {
607  PACL Dacl;
608  ULONG AceIndex;
609  PKNOWN_ACE Ace;
610 
611  PAGED_CODE();
612 
614 
615  if (SecurityDescriptor == NULL)
616  return FALSE;
617 
618  /* Get DACL */
620  /* If no DACL, grant access */
621  if (Dacl == NULL)
622  return TRUE;
623 
624  /* No ACE -> Deny */
625  if (!Dacl->AceCount)
626  return FALSE;
627 
628  /* Can't perform the check on restricted token */
629  if (AccessState->Flags & TOKEN_IS_RESTRICTED)
630  return FALSE;
631 
632  /* Browse the ACEs */
633  for (AceIndex = 0, Ace = (PKNOWN_ACE)((ULONG_PTR)Dacl + sizeof(ACL));
634  AceIndex < Dacl->AceCount;
635  AceIndex++, Ace = (PKNOWN_ACE)((ULONG_PTR)Ace + Ace->Header.AceSize))
636  {
637  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
638  continue;
639 
640  /* If access-allowed ACE */
641  if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
642  {
643  /* Check if all accesses are granted */
644  if (!(Ace->Mask & DesiredAccess))
645  continue;
646 
647  /* Check SID and grant access if matching */
648  if (RtlEqualSid(SeWorldSid, &(Ace->SidStart)))
649  return TRUE;
650  }
651  /* If access-denied ACE */
652  else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
653  {
654  /* Here, only check if it denies any access wanted and deny if so */
655  if (Ace->Mask & DesiredAccess)
656  return FALSE;
657  }
658  }
659 
660  /* Faulty, deny */
661  return FALSE;
662 }
663 
664 /* SYSTEM CALLS ***************************************************************/
665 
709 NTSTATUS
710 NTAPI
716  _Out_opt_ PPRIVILEGE_SET PrivilegeSet,
717  _Inout_ PULONG PrivilegeSetLength,
720 {
721  PSECURITY_DESCRIPTOR CapturedSecurityDescriptor = NULL;
726  ULONG CapturedPrivilegeSetLength, RequiredPrivilegeSetLength;
727  PTOKEN Token;
729  PAGED_CODE();
730 
731  /* Check if this is kernel mode */
732  if (PreviousMode == KernelMode)
733  {
734  /* Check if kernel wants everything */
736  {
737  /* Give it */
740  }
741  else
742  {
743  /* Just give the desired access */
745  }
746 
747  /* Success */
749  return STATUS_SUCCESS;
750  }
751 
752  /* Protect probe in SEH */
753  _SEH2_TRY
754  {
755  /* Probe all pointers */
757  ProbeForRead(PrivilegeSetLength, sizeof(ULONG), sizeof(ULONG));
758  ProbeForWrite(PrivilegeSet, *PrivilegeSetLength, sizeof(ULONG));
759  ProbeForWrite(GrantedAccess, sizeof(ACCESS_MASK), sizeof(ULONG));
760  ProbeForWrite(AccessStatus, sizeof(NTSTATUS), sizeof(ULONG));
761 
762  /* Capture the privilege set length and the mapping */
763  CapturedPrivilegeSetLength = *PrivilegeSetLength;
764  }
766  {
767  /* Return the exception code */
769  }
770  _SEH2_END;
771 
772  /* Check for unmapped access rights */
775 
776  /* Reference the token */
778  TOKEN_QUERY,
780  PreviousMode,
781  (PVOID*)&Token,
782  NULL);
783  if (!NT_SUCCESS(Status))
784  {
785  DPRINT("Failed to reference token (Status %lx)\n", Status);
786  return Status;
787  }
788 
789  /* Check token type */
790  if (Token->TokenType != TokenImpersonation)
791  {
792  DPRINT("No impersonation token\n");
795  }
796 
797  /* Check the impersonation level */
798  if (Token->ImpersonationLevel < SecurityIdentification)
799  {
800  DPRINT("Impersonation level < SecurityIdentification\n");
803  }
804 
805  /* Check for ACCESS_SYSTEM_SECURITY and WRITE_OWNER access */
808  NULL,
809  Token,
810  &Privileges,
811  PreviousMode);
812  if (!NT_SUCCESS(Status))
813  {
814  DPRINT("SePrivilegePolicyCheck failed (Status 0x%08lx)\n", Status);
816  *AccessStatus = Status;
817  *GrantedAccess = 0;
818  return STATUS_SUCCESS;
819  }
820 
821  /* Check the size of the privilege set and return the privileges */
822  if (Privileges != NULL)
823  {
824  DPRINT("Privileges != NULL\n");
825 
826  /* Calculate the required privilege set buffer size */
827  RequiredPrivilegeSetLength = SepGetPrivilegeSetLength(Privileges);
828 
829  /* Fail if the privilege set buffer is too small */
830  if (CapturedPrivilegeSetLength < RequiredPrivilegeSetLength)
831  {
834  *PrivilegeSetLength = RequiredPrivilegeSetLength;
836  }
837 
838  /* Copy the privilege set to the caller */
839  RtlCopyMemory(PrivilegeSet,
840  Privileges,
841  RequiredPrivilegeSetLength);
842 
843  /* Free the local privilege set */
845  }
846  else
847  {
848  DPRINT("Privileges == NULL\n");
849 
850  /* Fail if the privilege set buffer is too small */
851  if (CapturedPrivilegeSetLength < sizeof(PRIVILEGE_SET))
852  {
854  *PrivilegeSetLength = sizeof(PRIVILEGE_SET);
856  }
857 
858  /* Initialize the privilege set */
859  PrivilegeSet->PrivilegeCount = 0;
860  PrivilegeSet->Control = 0;
861  }
862 
863  /* Capture the security descriptor */
865  PreviousMode,
866  PagedPool,
867  FALSE,
868  &CapturedSecurityDescriptor);
869  if (!NT_SUCCESS(Status))
870  {
871  DPRINT("Failed to capture the Security Descriptor\n");
873  return Status;
874  }
875 
876  /* Check the captured security descriptor */
877  if (CapturedSecurityDescriptor == NULL)
878  {
879  DPRINT("Security Descriptor is NULL\n");
882  }
883 
884  /* Check security descriptor for valid owner and group */
885  if (SepGetSDOwner(CapturedSecurityDescriptor) == NULL ||
886  SepGetSDGroup(CapturedSecurityDescriptor) == NULL)
887  {
888  DPRINT("Security Descriptor does not have a valid group or owner\n");
889  SeReleaseSecurityDescriptor(CapturedSecurityDescriptor,
890  PreviousMode,
891  FALSE);
894  }
895 
896  /* Set up the subject context, and lock it */
898 
899  /* Lock the token */
901 
902  /* Check if the token is the owner and grant WRITE_DAC and READ_CONTROL rights */
904  {
905  if (SepTokenIsOwner(Token, CapturedSecurityDescriptor, FALSE))
906  {
909  else
911 
913  }
914  }
915 
916  if (DesiredAccess == 0)
917  {
920  }
921  else
922  {
923  /* Now perform the access check */
924  SepAccessCheck(CapturedSecurityDescriptor,
927  NULL,
928  0,
930  &PrivilegeSet, //FIXME
932  PreviousMode,
934  AccessStatus,
935  FALSE);
936  }
937 
938  /* Release subject context and unlock the token */
941 
942  /* Release the captured security descriptor */
943  SeReleaseSecurityDescriptor(CapturedSecurityDescriptor,
944  PreviousMode,
945  FALSE);
946 
947  /* Dereference the token */
949 
950  /* Check succeeded */
951  return STATUS_SUCCESS;
952 }
953 
996 NTSTATUS
997 NTAPI
1000  _In_ PSID PrincipalSelfSid,
1001  _In_ HANDLE ClientToken,
1003  _In_ POBJECT_TYPE_LIST ObjectTypeList,
1004  _In_ ULONG ObjectTypeLength,
1006  _In_ PPRIVILEGE_SET PrivilegeSet,
1007  _Inout_ PULONG PrivilegeSetLength,
1010 {
1011  UNIMPLEMENTED;
1012  return STATUS_NOT_IMPLEMENTED;
1013 }
1014 
1058 NTSTATUS
1059 NTAPI
1062  _In_ PSID PrincipalSelfSid,
1063  _In_ HANDLE ClientToken,
1065  _In_ POBJECT_TYPE_LIST ObjectTypeList,
1066  _In_ ULONG ObjectTypeLength,
1068  _In_ PPRIVILEGE_SET PrivilegeSet,
1069  _Inout_ PULONG PrivilegeSetLength,
1072 {
1073  UNIMPLEMENTED;
1074  return STATUS_NOT_IMPLEMENTED;
1075 }
1076 
1077 /* EOF */
struct _KNOWN_ACE * PKNOWN_ACE
* PNTSTATUS
Definition: strlen.c:14
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
#define GENERIC_ALL
Definition: nt_native.h:92
UCHAR AceFlags
Definition: ms-dtyp.idl:211
#define STATUS_INVALID_SECURITY_DESCR
Definition: ntstatus.h:357
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
static ULONG SepGetPrivilegeSetLength(_In_ PPRIVILEGE_SET PrivilegeSet)
Retrieves the length size of a set list of privileges structure.
Definition: accesschk.c:400
#define SE_SELF_RELATIVE
Definition: setypes.h:799
struct _PRIVILEGE_SET PRIVILEGE_SET
#define _Inout_
Definition: ms_sal.h:378
Definition: se.h:3
#define _Out_
Definition: ms_sal.h:345
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_In_opt_ PSID Group
Definition: rtlfuncs.h:1605
struct _ACE * PACE
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
Definition: sysinfo.c:3070
ACCESS_MASK AccessMask
Definition: rtltypes.h:993
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
Definition: create.c:4226
uint32_t ULONG_PTR
Definition: typedefs.h:65
return STATUS_NOT_IMPLEMENTED
USHORT AceSize
Definition: ms-dtyp.idl:212
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: access.c:456
#define FALSE
Definition: types.h:117
#define GENERIC_WRITE
Definition: nt_native.h:90
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
#define STATUS_GENERIC_NOT_MAPPED
Definition: ntstatus.h:466
Definition: card.h:12
unsigned char BOOLEAN
POBJECT_TYPE SeTokenObjectType
Definition: token.c:19
NTSTATUS NTAPI NtAccessCheckByType(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access could be granted or not on an object by the requestor who wants su...
Definition: accesschk.c:998
#define _In_
Definition: ms_sal.h:308
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: access.c:487
#define STATUS_NO_IMPERSONATION_TOKEN
Definition: ntstatus.h:328
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN SubjectContextLocked
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
PACCESS_TOKEN PrimaryToken
Definition: setypes.h:207
NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_opt_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:711
#define TOKEN_QUERY
Definition: setypes.h:893
#define ASSERT(a)
Definition: mode.c:44
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: access.c:434
static PSID SepGetSDGroup(_In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
Retrieves the group from a security descriptor.
Definition: accesschk.c:373
NTSTATUS NTAPI SeCaptureSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
Captures a security descriptor.
Definition: sd.c:386
#define ObDereferenceObject
Definition: obfuncs.h:203
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:704
#define WRITE_DAC
Definition: nt_native.h:59
BOOLEAN NTAPI SepAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccessList, _Out_ PNTSTATUS AccessStatusList, _In_ BOOLEAN UseResultList)
Private function that determines whether security access rights can be given to an object depending o...
Definition: accesschk.c:69
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:705
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
struct _SID * PSID
Definition: eventlog.c:35
#define READ_CONTROL
Definition: nt_native.h:58
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
int ret
UCHAR AceType
Definition: ms-dtyp.idl:210
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
#define SepReleaseTokenLock(Token)
Definition: se.h:231
NTSTATUS NTAPI SePrivilegePolicyCheck(_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
Checks the security policy and returns a set of privileges based upon the said security policy contex...
Definition: priv.c:244
#define GENERIC_READ
Definition: compat.h:135
NTSTATUS NTAPI SeReleaseSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ BOOLEAN CaptureIfKernelMode)
Releases a captured security descriptor buffer.
Definition: sd.c:760
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1862
PSID SeWorldSid
Definition: sid.c:25
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:459
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
_SEH2_END
Definition: create.c:4400
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
static PSID SepGetSDOwner(_In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
Retrieves the main user from a security descriptor.
Definition: accesschk.c:346
#define _Out_opt_
Definition: ms_sal.h:346
unsigned int * PULONG
Definition: retypes.h:1
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1556
#define NULL
Definition: types.h:112
NTSTATUS NTAPI NtAccessCheckByTypeResultList(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access could be granted or not on an object by the requestor who wants su...
Definition: accesschk.c:1060
VOID NTAPI SeReleaseSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Releases both the primary and client tokens of a security subject context.
Definition: access.c:520
#define DPRINT1
Definition: precomp.h:8
BOOLEAN NTAPI SepTokenIsOwner(_In_ PACCESS_TOKEN _Token, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN TokenLocked)
Checks if a token belongs to the main user, being the owner.
Definition: access.c:177
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:206
#define SepAcquireTokenLockShared(Token)
Definition: se.h:225
BOOLEAN NTAPI SepSidInToken(_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
Checks if a SID is present in a token.
Definition: access.c:149
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK PreviouslyGrantedAccess
Definition: sefuncs.h:13
unsigned int ULONG
Definition: retypes.h:1
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define UNIMPLEMENTED
Definition: debug.h:115
#define ULONG_PTR
Definition: config.h:101
FORCEINLINE PACL SepGetDaclFromDescriptor(_Inout_ PVOID _Descriptor)
Definition: se.h:79
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define INHERIT_ONLY_ACE
Definition: setypes.h:736
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
ACCESS_MASK GenericAll
Definition: nt_native.h:568
#define DPRINT
Definition: sndvol32.h:71
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
#define GENERIC_EXECUTE
Definition: nt_native.h:91
PACCESS_TOKEN ClientToken
Definition: setypes.h:205
BOOLEAN NTAPI SeFastTraverseCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE AccessMode)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:601
Definition: rtltypes.h:990
ACE_HEADER Header
Definition: rtltypes.h:992
ULONG ACCESS_MASK
Definition: nt_native.h:40
NTSYSAPI VOID NTAPI RtlMapGenericMask(PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping)
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
#define TOKEN_IS_RESTRICTED
Definition: setypes.h:1148
#define PAGED_CODE()
_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
Definition: sefuncs.h:13