2005-04-20 20:58:16 +00:00
|
|
|
/*
|
2021-08-11 14:24:45 +00:00
|
|
|
* PROJECT: ReactOS Kernel
|
|
|
|
* LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
|
|
|
|
* PURPOSE: Security access state functions support
|
|
|
|
* COPYRIGHT: Copyright Alex Ionescu <alex@relsoft.net>
|
2000-04-08 19:10:50 +00:00
|
|
|
*/
|
|
|
|
|
2008-04-23 20:38:37 +00:00
|
|
|
/* INCLUDES *******************************************************************/
|
2000-04-08 19:10:50 +00:00
|
|
|
|
2004-08-15 16:39:12 +00:00
|
|
|
#include <ntoskrnl.h>
|
2004-08-03 19:20:39 +00:00
|
|
|
#define NDEBUG
|
2008-04-23 20:38:37 +00:00
|
|
|
#include <debug.h>
|
2000-04-08 19:10:50 +00:00
|
|
|
|
2012-09-10 08:15:43 +00:00
|
|
|
/* PUBLIC FUNCTIONS ***********************************************************/
|
2008-04-23 20:38:37 +00:00
|
|
|
|
2021-08-11 14:24:45 +00:00
|
|
|
/**
|
|
|
|
* @brief
|
|
|
|
* An extended function that creates an access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] Thread
|
|
|
|
* Valid thread object where subject context is to be captured.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] Process
|
|
|
|
* Valid process object where subject context is to be captured.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-20 09:48:19 +00:00
|
|
|
* @param[in,out] AccessState
|
2021-08-11 14:24:45 +00:00
|
|
|
* An initialized returned parameter to an access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] AuxData
|
|
|
|
* Auxiliary security data for access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] Access
|
|
|
|
* Type of access mask to assign.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] GenericMapping
|
|
|
|
* Generic mapping for the access state to assign.
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* Returns STATUS_SUCCESS.
|
2008-04-23 20:38:37 +00:00
|
|
|
*/
|
2004-08-03 19:20:39 +00:00
|
|
|
NTSTATUS
|
2006-07-23 08:20:57 +00:00
|
|
|
NTAPI
|
2021-08-20 09:48:19 +00:00
|
|
|
SeCreateAccessStateEx(
|
|
|
|
_In_ PETHREAD Thread,
|
|
|
|
_In_ PEPROCESS Process,
|
|
|
|
_Inout_ PACCESS_STATE AccessState,
|
|
|
|
_In_ PAUX_ACCESS_DATA AuxData,
|
|
|
|
_In_ ACCESS_MASK Access,
|
|
|
|
_In_ PGENERIC_MAPPING GenericMapping)
|
2004-08-03 19:20:39 +00:00
|
|
|
{
|
2005-05-09 19:57:41 +00:00
|
|
|
ACCESS_MASK AccessMask = Access;
|
|
|
|
PTOKEN Token;
|
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
/* Map the Generic Acess to Specific Access if we have a Mapping */
|
|
|
|
if ((Access & GENERIC_ACCESS) && (GenericMapping))
|
|
|
|
{
|
|
|
|
RtlMapGenericMask(&AccessMask, GenericMapping);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Initialize the Access State */
|
|
|
|
RtlZeroMemory(AccessState, sizeof(ACCESS_STATE));
|
2012-09-10 08:15:43 +00:00
|
|
|
ASSERT(AccessState->SecurityDescriptor == NULL);
|
|
|
|
ASSERT(AccessState->PrivilegesAllocated == FALSE);
|
|
|
|
|
|
|
|
/* Initialize and save aux data */
|
|
|
|
RtlZeroMemory(AuxData, sizeof(AUX_ACCESS_DATA));
|
|
|
|
AccessState->AuxData = AuxData;
|
2005-05-09 19:57:41 +00:00
|
|
|
|
|
|
|
/* Capture the Subject Context */
|
2006-07-23 08:20:57 +00:00
|
|
|
SeCaptureSubjectContextEx(Thread,
|
|
|
|
Process,
|
|
|
|
&AccessState->SubjectSecurityContext);
|
|
|
|
|
2005-05-09 19:57:41 +00:00
|
|
|
/* Set Access State Data */
|
2012-09-10 08:15:43 +00:00
|
|
|
AccessState->RemainingDesiredAccess = AccessMask;
|
2005-06-18 18:32:29 +00:00
|
|
|
AccessState->OriginalDesiredAccess = AccessMask;
|
2015-09-28 07:44:49 +00:00
|
|
|
ExAllocateLocallyUniqueId(&AccessState->OperationID);
|
2005-05-09 19:57:41 +00:00
|
|
|
|
|
|
|
/* Get the Token to use */
|
2012-09-10 08:15:43 +00:00
|
|
|
Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
|
2006-07-23 08:20:57 +00:00
|
|
|
|
2005-05-09 19:57:41 +00:00
|
|
|
/* Check for Travers Privilege */
|
|
|
|
if (Token->TokenFlags & TOKEN_HAS_TRAVERSE_PRIVILEGE)
|
|
|
|
{
|
|
|
|
/* Preserve the Traverse Privilege */
|
|
|
|
AccessState->Flags = TOKEN_HAS_TRAVERSE_PRIVILEGE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Set the Auxiliary Data */
|
|
|
|
AuxData->PrivilegeSet = (PPRIVILEGE_SET)((ULONG_PTR)AccessState +
|
|
|
|
FIELD_OFFSET(ACCESS_STATE,
|
2006-07-23 08:20:57 +00:00
|
|
|
Privileges));
|
2005-05-09 19:57:41 +00:00
|
|
|
if (GenericMapping) AuxData->GenericMapping = *GenericMapping;
|
|
|
|
|
|
|
|
/* Return Sucess */
|
|
|
|
return STATUS_SUCCESS;
|
2004-08-03 19:20:39 +00:00
|
|
|
}
|
|
|
|
|
2021-08-11 14:24:45 +00:00
|
|
|
/**
|
|
|
|
* @brief
|
|
|
|
* Creates an access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-20 09:48:19 +00:00
|
|
|
* @param[in,out] AccessState
|
2021-08-11 14:24:45 +00:00
|
|
|
* An initialized returned parameter to an access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] AuxData
|
|
|
|
* Auxiliary security data for access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] Access
|
|
|
|
* Type of access mask to assign.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] GenericMapping
|
|
|
|
* Generic mapping for the access state to assign.
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* See SeCreateAccessStateEx.
|
2006-07-23 08:20:57 +00:00
|
|
|
*/
|
|
|
|
NTSTATUS
|
2008-11-29 20:47:48 +00:00
|
|
|
NTAPI
|
2021-08-20 09:48:19 +00:00
|
|
|
SeCreateAccessState(
|
|
|
|
_Inout_ PACCESS_STATE AccessState,
|
|
|
|
_In_ PAUX_ACCESS_DATA AuxData,
|
|
|
|
_In_ ACCESS_MASK Access,
|
|
|
|
_In_ PGENERIC_MAPPING GenericMapping)
|
2006-07-23 08:20:57 +00:00
|
|
|
{
|
|
|
|
PAGED_CODE();
|
|
|
|
|
2008-04-23 20:38:37 +00:00
|
|
|
/* Call the extended API */
|
2006-07-23 08:20:57 +00:00
|
|
|
return SeCreateAccessStateEx(PsGetCurrentThread(),
|
|
|
|
PsGetCurrentProcess(),
|
|
|
|
AccessState,
|
|
|
|
AuxData,
|
|
|
|
Access,
|
|
|
|
GenericMapping);
|
|
|
|
}
|
|
|
|
|
2021-08-11 14:24:45 +00:00
|
|
|
/**
|
|
|
|
* @brief
|
|
|
|
* Deletes an allocated access state from the memory.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] AccessState
|
|
|
|
* A valid access state.
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* Nothing.
|
2004-08-03 19:20:39 +00:00
|
|
|
*/
|
|
|
|
VOID
|
2008-11-29 20:47:48 +00:00
|
|
|
NTAPI
|
2021-08-20 09:48:19 +00:00
|
|
|
SeDeleteAccessState(
|
|
|
|
_In_ PACCESS_STATE AccessState)
|
2004-08-03 19:20:39 +00:00
|
|
|
{
|
2008-06-16 08:54:21 +00:00
|
|
|
PAUX_ACCESS_DATA AuxData;
|
2005-05-09 19:57:41 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
/* Get the Auxiliary Data */
|
|
|
|
AuxData = AccessState->AuxData;
|
|
|
|
|
|
|
|
/* Deallocate Privileges */
|
2015-03-29 06:04:19 +00:00
|
|
|
if (AccessState->PrivilegesAllocated)
|
|
|
|
ExFreePoolWithTag(AuxData->PrivilegeSet, TAG_PRIVILEGE_SET);
|
2006-07-23 08:20:57 +00:00
|
|
|
|
2005-05-09 19:57:41 +00:00
|
|
|
/* Deallocate Name and Type Name */
|
|
|
|
if (AccessState->ObjectName.Buffer)
|
|
|
|
{
|
|
|
|
ExFreePool(AccessState->ObjectName.Buffer);
|
|
|
|
}
|
2010-05-28 16:28:27 +00:00
|
|
|
|
|
|
|
if (AccessState->ObjectTypeName.Buffer)
|
2005-05-09 19:57:41 +00:00
|
|
|
{
|
|
|
|
ExFreePool(AccessState->ObjectTypeName.Buffer);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Release the Subject Context */
|
|
|
|
SeReleaseSubjectContext(&AccessState->SubjectSecurityContext);
|
2004-08-03 19:20:39 +00:00
|
|
|
}
|
|
|
|
|
2021-08-11 14:24:45 +00:00
|
|
|
/**
|
|
|
|
* @brief
|
|
|
|
* Sets a new generic mapping for an allocated access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] AccessState
|
|
|
|
* A valid access state.
|
2021-09-13 01:33:14 +00:00
|
|
|
*
|
2021-08-11 14:24:45 +00:00
|
|
|
* @param[in] GenericMapping
|
|
|
|
* New generic mapping to assign.
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* Nothing.
|
2004-08-03 19:20:39 +00:00
|
|
|
*/
|
|
|
|
VOID
|
2008-11-29 20:47:48 +00:00
|
|
|
NTAPI
|
2021-08-20 09:48:19 +00:00
|
|
|
SeSetAccessStateGenericMapping(
|
|
|
|
_In_ PACCESS_STATE AccessState,
|
|
|
|
_In_ PGENERIC_MAPPING GenericMapping)
|
2004-08-03 19:20:39 +00:00
|
|
|
{
|
2005-05-09 19:57:41 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
/* Set the Generic Mapping */
|
2008-06-16 08:54:21 +00:00
|
|
|
((PAUX_ACCESS_DATA)AccessState->AuxData)->GenericMapping = *GenericMapping;
|
2004-08-03 19:20:39 +00:00
|
|
|
}
|
|
|
|
|
2000-04-08 19:10:50 +00:00
|
|
|
/* EOF */
|