- Implemented RtlAdjustPrivileges().

- Implemented NtAdjustPrivilegesToken() partially. - Fixed declaration of LUID. svn path=/trunk/; revision=4804
2024-12-28 01:55:19 +00:00 · 2003-05-31 11:10:30 +00:00 · 2003-05-31 11:10:30 +00:00 · ba5a26559b
commit ba5a26559b
parent 5f47cf8a2a
10 changed files with 359 additions and 192 deletions
--- a/reactos/include/ntdll/rtl.h
+++ b/reactos/include/ntdll/rtl.h
@ -1,4 +1,4 @@
-/* $Id: rtl.h,v 1.38 2003/04/02 00:05:59 hyperion Exp $
+/* $Id: rtl.h,v 1.39 2003/05/31 11:07:00 ekohl Exp $
 *
 */

@ -518,6 +518,12 @@ RtlIsValidIndexHandle (
 	IN	ULONG			Index
 	);

+NTSTATUS STDCALL
+RtlAdjustPrivilege(IN ULONG Privilege,
+		   IN BOOLEAN Enable,
+		   IN BOOLEAN CurrentThread,
+		   OUT PBOOLEAN Enabled);
+
 NTSTATUS
 STDCALL
 RtlImpersonateSelf (
--- a/reactos/include/ntos/security.h
+++ b/reactos/include/ntos/security.h
@ -239,7 +239,11 @@ typedef enum _ACL_INFORMATION_CLASS

 typedef USHORT SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL;

-typedef LARGE_INTEGER LUID, *PLUID;
+typedef struct _LUID
+{
+  ULONG LowPart;
+  LONG  HighPart;
+} LUID, *PLUID;

 typedef struct _SECURITY_DESCRIPTOR
 {
@ -255,7 +259,7 @@ typedef struct _SECURITY_DESCRIPTOR
 typedef struct _LUID_AND_ATTRIBUTES
 {
  LUID  Luid;
-  DWORD Attributes;
+  ULONG Attributes;
 } LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;

 typedef struct _TOKEN_SOURCE
--- a/reactos/lib/ntdll/def/ntdll.def
+++ b/reactos/lib/ntdll/def/ntdll.def
@ -1,4 +1,4 @@
-; $Id: ntdll.def,v 1.99 2003/05/15 11:02:03 ekohl Exp $
+; $Id: ntdll.def,v 1.100 2003/05/31 11:08:08 ekohl Exp $
 ;
 ; ReactOS Operating System
 ;
@ -286,7 +286,7 @@ RtlAddAtomToAtomTable@12
 ;RtlAddAttributeActionToRXact
 RtlAddAuditAccessAce@24
 ;RtlAddCompoundAce
-;RtlAdjustPrivilege
+RtlAdjustPrivilege@16
 RtlAllocateAndInitializeSid@44
 RtlAllocateHandle@8
 RtlAllocateHeap@12
--- a/reactos/lib/ntdll/def/ntdll.edf
+++ b/reactos/lib/ntdll/def/ntdll.edf
@ -1,4 +1,4 @@
-; $Id: ntdll.edf,v 1.88 2003/05/15 11:02:03 ekohl Exp $
+; $Id: ntdll.edf,v 1.89 2003/05/31 11:08:08 ekohl Exp $
 ;
 ; ReactOS Operating System
 ;
@ -286,7 +286,7 @@ RtlAddAtomToAtomTable=RtlAddAtomToAtomTable@12
 ;RtlAddAttributeActionToRXact
 RtlAddAuditAccessAce=RtlAddAuditAccessAce@24
 ;RtlAddCompoundAce
-;RtlAdjustPrivilege
+RtlAdjustPrivilege=RtlAdjustPrivilege@16
 RtlAllocateAndInitializeSid=RtlAllocateAndInitializeSid@44
 RtlAllocateHandle=RtlAllocateHandle@8
 RtlAllocateHeap=RtlAllocateHeap@12
--- a/reactos/lib/ntdll/rtl/luid.c
+++ b/reactos/lib/ntdll/rtl/luid.c
@ -1,4 +1,4 @@
-/* $Id: luid.c,v 1.5 2002/09/08 10:23:05 chorns Exp $
+/* $Id: luid.c,v 1.6 2003/05/31 11:08:50 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -13,13 +13,15 @@

 #include <ddk/ntddk.h>

+
 /* FUNCTIONS *****************************************************************/

 VOID STDCALL
 RtlCopyLuid(PLUID LuidDest,
 	    PLUID LuidSrc)
 {
-  LuidDest->QuadPart = LuidSrc->QuadPart;
+  LuidDest->LowPart = LuidSrc->LowPart;
+  LuidDest->HighPart = LuidSrc->HighPart;
 }


@ -43,7 +45,8 @@ BOOLEAN STDCALL
 RtlEqualLuid(PLUID Luid1,
 	     PLUID Luid2)
 {
-  return((Luid1->QuadPart == Luid2->QuadPart) ? TRUE : FALSE);
+  return (Luid1->LowPart == Luid2->LowPart &&
+	  Luid1->HighPart == Luid2->HighPart);
 }

 /* EOF */
--- a/reactos/lib/ntdll/rtl/security.c
+++ b/reactos/lib/ntdll/rtl/security.c
@ -1,4 +1,4 @@
-/* $Id: security.c,v 1.7 2002/09/08 10:23:06 chorns Exp $
+/* $Id: security.c,v 1.8 2003/05/31 11:08:50 ekohl Exp $
 *
 * COPYRIGHT:       See COPYING in the top level directory
 * PROJECT:         ReactOS kernel
@ -12,6 +12,11 @@
 #include <ddk/ntddk.h>
 #include <ntdll/rtl.h>

+#define NDEBUG
+#include <ntdll/ntdll.h>
+
+
+/* FUNCTIONS ****************************************************************/

 NTSTATUS STDCALL
 RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
@ -62,4 +67,76 @@ RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
  return(Status);
 }

+
+NTSTATUS STDCALL
+RtlAdjustPrivilege(IN ULONG Privilege,
+		   IN BOOLEAN Enable,
+		   IN BOOLEAN CurrentThread,
+		   OUT PBOOLEAN Enabled)
+{
+  TOKEN_PRIVILEGES NewState;
+  TOKEN_PRIVILEGES OldState;
+  ULONG ReturnLength;
+  HANDLE TokenHandle;
+  NTSTATUS Status;
+
+  DPRINT1("RtlAdjustPrivilege() called\n");
+
+  if (CurrentThread)
+    {
+      Status = NtOpenThreadToken (NtCurrentThread (),
+				  TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+				  FALSE,
+				  &TokenHandle);
+    }
+  else
+    {
+      Status = NtOpenProcessToken (NtCurrentProcess (),
+				   TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+				   &TokenHandle);
+    }
+
+  if (!NT_SUCCESS (Status))
+    {
+      DPRINT1("Retrieving token handle failed (Status %lx)\n", Status);
+      return Status;
+    }
+
+  NewState.PrivilegeCount = 1;
+  NewState.Privileges[0].Luid.LowPart = Privilege;
+  NewState.Privileges[0].Luid.HighPart = 0;
+  NewState.Privileges[0].Attributes = (Enable) ? SE_PRIVILEGE_ENABLED : 0;
+
+  Status = NtAdjustPrivilegesToken (TokenHandle,
+				    FALSE,
+				    &NewState,
+				    sizeof(TOKEN_PRIVILEGES),
+				    &OldState,
+				    &ReturnLength);
+  NtClose (TokenHandle);
+  if (Status == STATUS_NOT_ALL_ASSIGNED)
+    {
+      DPRINT1("Failed to assign all privileges\n");
+      return STATUS_PRIVILEGE_NOT_HELD;
+    }
+  if (!NT_SUCCESS(Status))
+    {
+      DPRINT1("NtAdjustPrivilegesToken() failed (Status %lx)\n", Status);
+      return Status;
+    }
+
+  if (OldState.PrivilegeCount == 0)
+    {
+      *Enabled = Enable;
+    }
+  else
+    {
+      *Enabled = (OldState.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED);
+    }
+
+  DPRINT1("RtlAdjustPrivilege() done\n");
+
+  return STATUS_SUCCESS;
+}
+
 /* EOF */
--- a/reactos/ntoskrnl/include/internal/se.h
+++ b/reactos/ntoskrnl/include/internal/se.h
@ -120,15 +120,21 @@ NTSTATUS SeExchangePrimaryToken(struct _EPROCESS* Process,
 				PACCESS_TOKEN NewToken,
 				PACCESS_TOKEN* OldTokenP);

-NTSTATUS SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
-					 ULONG PrivilegeCount,
-					 KPROCESSOR_MODE PreviousMode,
-					 PLUID_AND_ATTRIBUTES AllocatedMem,
-					 ULONG AllocatedLength,
-					 POOL_TYPE PoolType,
-					 ULONG d,
-					 PLUID_AND_ATTRIBUTES* Dest,
-					 PULONG Length);
+NTSTATUS
+SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
+				ULONG PrivilegeCount,
+				KPROCESSOR_MODE PreviousMode,
+				PLUID_AND_ATTRIBUTES AllocatedMem,
+				ULONG AllocatedLength,
+				POOL_TYPE PoolType,
+				ULONG d,
+				PLUID_AND_ATTRIBUTES* Dest,
+				PULONG Length);
+
+VOID
+SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege,
+				KPROCESSOR_MODE PreviousMode,
+				ULONG a);


 #endif /* __NTOSKRNL_INCLUDE_INTERNAL_SE_H */
--- a/reactos/ntoskrnl/se/luid.c
+++ b/reactos/ntoskrnl/se/luid.c
@ -1,4 +1,4 @@
-/* $Id: luid.c,v 1.6 2002/09/08 10:23:43 chorns Exp $
+/* $Id: luid.c,v 1.7 2003/05/31 11:10:30 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -19,7 +19,9 @@

 static KSPIN_LOCK LuidLock;
 static LARGE_INTEGER LuidIncrement;
-static LUID Luid;
+static LARGE_INTEGER LuidValue;
+
+#define SYSTEM_LUID   0x3E7;

 /* FUNCTIONS *****************************************************************/

@ -27,25 +29,27 @@ VOID
 SepInitLuid(VOID)
 {
  KeInitializeSpinLock(&LuidLock);
-  Luid.QuadPart = 999;   /* SYSTEM_LUID */
+  LuidValue.QuadPart = SYSTEM_LUID;
  LuidIncrement.QuadPart = 1;
 }


 NTSTATUS STDCALL
-NtAllocateLocallyUniqueId(OUT LUID* LocallyUniqueId)
+NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
 {
-  KIRQL oldIrql;
-  LUID ReturnedLuid;
+  LARGE_INTEGER ReturnedLuid;
+  KIRQL Irql;

  KeAcquireSpinLock(&LuidLock,
-		    &oldIrql);
-  ReturnedLuid = Luid;
-  Luid = RtlLargeIntegerAdd(Luid,
-			    LuidIncrement);
+		    &Irql);
+  ReturnedLuid = LuidValue;
+  LuidValue = RtlLargeIntegerAdd(LuidValue,
+				 LuidIncrement);
  KeReleaseSpinLock(&LuidLock,
-		    oldIrql);
-  *LocallyUniqueId = ReturnedLuid;
+		    Irql);
+
+  LocallyUniqueId->LowPart = ReturnedLuid.u.LowPart;
+  LocallyUniqueId->HighPart = ReturnedLuid.u.HighPart;

  return(STATUS_SUCCESS);
 }
@ -55,7 +59,8 @@ VOID STDCALL
 RtlCopyLuid(IN PLUID LuidDest,
 	    IN PLUID LuidSrc)
 {
-  LuidDest->QuadPart = LuidSrc->QuadPart;
+  LuidDest->LowPart = LuidSrc->LowPart;
+  LuidDest->HighPart = LuidSrc->HighPart;
 }


@ -63,7 +68,8 @@ BOOLEAN STDCALL
 RtlEqualLuid(IN PLUID Luid1,
 	     IN PLUID Luid2)
 {
-  return((Luid1->QuadPart == Luid2->QuadPart) ? TRUE : FALSE);
+  return (Luid1->LowPart == Luid2->LowPart &&
+	  Luid1->HighPart == Luid2->HighPart);
 }

 /* EOF */
--- a/reactos/ntoskrnl/se/priv.c
+++ b/reactos/ntoskrnl/se/priv.c
@ -1,4 +1,4 @@
-/* $Id: priv.c,v 1.5 2002/09/08 10:23:43 chorns Exp $
+/* $Id: priv.c,v 1.6 2003/05/31 11:10:30 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -47,102 +47,124 @@ LUID SeRemoteShutdownPrivilege;
 /* FUNCTIONS ***************************************************************/

 VOID
-SepInitPrivileges(VOID)
+SepInitPrivileges (VOID)
 {
-  SeCreateTokenPrivilege.QuadPart = SE_CREATE_TOKEN_PRIVILEGE;
-  SeAssignPrimaryTokenPrivilege.QuadPart = SE_ASSIGNPRIMARYTOKEN_PRIVILEGE;
-  SeLockMemoryPrivilege.QuadPart = SE_LOCK_MEMORY_PRIVILEGE;
-  SeIncreaseQuotaPrivilege.QuadPart = SE_INCREASE_QUOTA_PRIVILEGE;
-  SeUnsolicitedInputPrivilege.QuadPart = SE_UNSOLICITED_INPUT_PRIVILEGE;
-  SeTcbPrivilege.QuadPart = SE_TCB_PRIVILEGE;
-  SeSecurityPrivilege.QuadPart = SE_SECURITY_PRIVILEGE;
-  SeTakeOwnershipPrivilege.QuadPart = SE_TAKE_OWNERSHIP_PRIVILEGE;
-  SeLoadDriverPrivilege.QuadPart = SE_LOAD_DRIVER_PRIVILEGE;
-  SeSystemProfilePrivilege.QuadPart = SE_SYSTEM_PROFILE_PRIVILEGE;
-  SeSystemtimePrivilege.QuadPart = SE_SYSTEMTIME_PRIVILEGE;
-  SeProfileSingleProcessPrivilege.QuadPart = SE_PROF_SINGLE_PROCESS_PRIVILEGE;
-  SeIncreaseBasePriorityPrivilege.QuadPart = SE_INC_BASE_PRIORITY_PRIVILEGE;
-  SeCreatePagefilePrivilege.QuadPart = SE_CREATE_PAGEFILE_PRIVILEGE;
-  SeCreatePermanentPrivilege.QuadPart = SE_CREATE_PERMANENT_PRIVILEGE;
-  SeBackupPrivilege.QuadPart = SE_BACKUP_PRIVILEGE;
-  SeRestorePrivilege.QuadPart = SE_RESTORE_PRIVILEGE;
-  SeShutdownPrivilege.QuadPart = SE_SHUTDOWN_PRIVILEGE;
-  SeDebugPrivilege.QuadPart = SE_DEBUG_PRIVILEGE;
-  SeAuditPrivilege.QuadPart = SE_AUDIT_PRIVILEGE;
-  SeSystemEnvironmentPrivilege.QuadPart = SE_SYSTEM_ENVIRONMENT_PRIVILEGE;
-  SeChangeNotifyPrivilege.QuadPart = SE_CHANGE_NOTIFY_PRIVILEGE;
-  SeRemoteShutdownPrivilege.QuadPart = SE_REMOTE_SHUTDOWN_PRIVILEGE;
+  SeCreateTokenPrivilege.LowPart = SE_CREATE_TOKEN_PRIVILEGE;
+  SeCreateTokenPrivilege.HighPart = 0;
+  SeAssignPrimaryTokenPrivilege.LowPart = SE_ASSIGNPRIMARYTOKEN_PRIVILEGE;
+  SeAssignPrimaryTokenPrivilege.HighPart = 0;
+  SeLockMemoryPrivilege.LowPart = SE_LOCK_MEMORY_PRIVILEGE;
+  SeLockMemoryPrivilege.HighPart = 0;
+  SeIncreaseQuotaPrivilege.LowPart = SE_INCREASE_QUOTA_PRIVILEGE;
+  SeIncreaseQuotaPrivilege.HighPart = 0;
+  SeUnsolicitedInputPrivilege.LowPart = SE_UNSOLICITED_INPUT_PRIVILEGE;
+  SeUnsolicitedInputPrivilege.HighPart = 0;
+  SeTcbPrivilege.LowPart = SE_TCB_PRIVILEGE;
+  SeTcbPrivilege.HighPart = 0;
+  SeSecurityPrivilege.LowPart = SE_SECURITY_PRIVILEGE;
+  SeSecurityPrivilege.HighPart = 0;
+  SeTakeOwnershipPrivilege.LowPart = SE_TAKE_OWNERSHIP_PRIVILEGE;
+  SeTakeOwnershipPrivilege.HighPart = 0;
+  SeLoadDriverPrivilege.LowPart = SE_LOAD_DRIVER_PRIVILEGE;
+  SeLoadDriverPrivilege.HighPart = 0;
+  SeSystemProfilePrivilege.LowPart = SE_SYSTEM_PROFILE_PRIVILEGE;
+  SeSystemProfilePrivilege.HighPart = 0;
+  SeSystemtimePrivilege.LowPart = SE_SYSTEMTIME_PRIVILEGE;
+  SeSystemtimePrivilege.HighPart = 0;
+  SeProfileSingleProcessPrivilege.LowPart = SE_PROF_SINGLE_PROCESS_PRIVILEGE;
+  SeProfileSingleProcessPrivilege.HighPart = 0;
+  SeIncreaseBasePriorityPrivilege.LowPart = SE_INC_BASE_PRIORITY_PRIVILEGE;
+  SeIncreaseBasePriorityPrivilege.HighPart = 0;
+  SeCreatePagefilePrivilege.LowPart = SE_CREATE_PAGEFILE_PRIVILEGE;
+  SeCreatePagefilePrivilege.HighPart = 0;
+  SeCreatePermanentPrivilege.LowPart = SE_CREATE_PERMANENT_PRIVILEGE;
+  SeCreatePermanentPrivilege.HighPart = 0;
+  SeBackupPrivilege.LowPart = SE_BACKUP_PRIVILEGE;
+  SeBackupPrivilege.HighPart = 0;
+  SeRestorePrivilege.LowPart = SE_RESTORE_PRIVILEGE;
+  SeRestorePrivilege.HighPart = 0;
+  SeShutdownPrivilege.LowPart = SE_SHUTDOWN_PRIVILEGE;
+  SeShutdownPrivilege.HighPart = 0;
+  SeDebugPrivilege.LowPart = SE_DEBUG_PRIVILEGE;
+  SeDebugPrivilege.HighPart = 0;
+  SeAuditPrivilege.LowPart = SE_AUDIT_PRIVILEGE;
+  SeAuditPrivilege.HighPart = 0;
+  SeSystemEnvironmentPrivilege.LowPart = SE_SYSTEM_ENVIRONMENT_PRIVILEGE;
+  SeSystemEnvironmentPrivilege.HighPart = 0;
+  SeChangeNotifyPrivilege.LowPart = SE_CHANGE_NOTIFY_PRIVILEGE;
+  SeChangeNotifyPrivilege.HighPart = 0;
+  SeRemoteShutdownPrivilege.LowPart = SE_REMOTE_SHUTDOWN_PRIVILEGE;
+  SeRemoteShutdownPrivilege.HighPart = 0;
 }


-BOOLEAN SepPrivilegeCheck(PACCESS_TOKEN Token,
-			  PLUID_AND_ATTRIBUTES Privileges,
-			  ULONG PrivilegeCount,
-			  ULONG PrivilegeControl,
-			  KPROCESSOR_MODE PreviousMode)
+BOOLEAN
+SepPrivilegeCheck (PACCESS_TOKEN Token,
+		   PLUID_AND_ATTRIBUTES Privileges,
+		   ULONG PrivilegeCount,
+		   ULONG PrivilegeControl,
+		   KPROCESSOR_MODE PreviousMode)
 {
-   ULONG i;
-   PLUID_AND_ATTRIBUTES Current;
-   ULONG j;
-   ULONG k;
+  PLUID_AND_ATTRIBUTES Current;
+  ULONG i;
+  ULONG j;
+  ULONG k;

-   if (PreviousMode == KernelMode)
-     {
-	return(TRUE);
-     }
+  if (PreviousMode == KernelMode)
+    {
+      return TRUE;
+    }

-   j = 0;
-   if (PrivilegeCount != 0)
-     {
-	k = PrivilegeCount;
-	do
-	  {
-	     i = Token->PrivilegeCount;
-	     Current = Token->Privileges;
-	     for (i = 0; i < Token->PrivilegeCount; i++)
-	       {
-		  if (!(Current[i].Attributes & SE_PRIVILEGE_ENABLED) &&
-		      Privileges[i].Luid.u.LowPart == 
-		      Current[i].Luid.u.LowPart &&
-		      Privileges[i].Luid.u.HighPart == 
-		      Current[i].Luid.u.HighPart)
-		    {
-		       Privileges[i].Attributes = 
-			 Privileges[i].Attributes | 
-			 SE_PRIVILEGE_USED_FOR_ACCESS;
-		       j++;
-		       break;
-		    }
-	       }
-	     k--;
-	  } while (k > 0);
-     }
+  j = 0;
+  if (PrivilegeCount != 0)
+    {
+      k = PrivilegeCount;
+      do
+	{
+	  i = Token->PrivilegeCount;
+	  Current = Token->Privileges;
+	  for (i = 0; i < Token->PrivilegeCount; i++)
+	    {
+	      if (!(Current[i].Attributes & SE_PRIVILEGE_ENABLED) &&
+		  Privileges[i].Luid.LowPart == Current[i].Luid.LowPart &&
+		  Privileges[i].Luid.HighPart == Current[i].Luid.HighPart)
+		{
+		  Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
+		  j++;
+		  break;
+		}
+	    }
+	  k--;
+	}
+      while (k > 0);
+    }

-   if ((PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) && 
-       PrivilegeCount == j)       
-     {
-	return(TRUE);
-     }
+  if ((PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) &&
+      PrivilegeCount == j)
+    {
+      return TRUE;
+    }

-   if (j > 0 && 
-       !(PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY))
-     {
-	return(TRUE);
-     }
+  if (j > 0 &&
+      !(PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY))
+    {
+      return TRUE;
+    }

-   return(FALSE);
+  return FALSE;
 }


-NTSTATUS SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
-					 ULONG PrivilegeCount,
-					 KPROCESSOR_MODE PreviousMode,
-					 PLUID_AND_ATTRIBUTES AllocatedMem,
-					 ULONG AllocatedLength,
-					 POOL_TYPE PoolType,
-					 ULONG d,
-					 PLUID_AND_ATTRIBUTES* Dest,
-					 PULONG Length)
+NTSTATUS
+SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src,
+				 ULONG PrivilegeCount,
+				 KPROCESSOR_MODE PreviousMode,
+				 PLUID_AND_ATTRIBUTES AllocatedMem,
+				 ULONG AllocatedLength,
+				 POOL_TYPE PoolType,
+				 ULONG d,
+				 PLUID_AND_ATTRIBUTES* Dest,
+				 PULONG Length)
 {
   PLUID_AND_ATTRIBUTES* NewMem;
   ULONG SrcLength;
@ -181,14 +203,16 @@ NTSTATUS SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
   return(STATUS_SUCCESS);
 }

+
 VOID
 SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege,
 				KPROCESSOR_MODE PreviousMode,
 				ULONG a)
 {
-   ExFreePool(Privilege);
+  ExFreePool(Privilege);
 }

+
 NTSTATUS STDCALL
 NtPrivilegeCheck(IN HANDLE ClientToken,
 		 IN PPRIVILEGE_SET RequiredPrivileges,
@ -246,6 +270,7 @@ NtPrivilegeCheck(IN HANDLE ClientToken,
   return(STATUS_SUCCESS);
 }

+
 BOOLEAN STDCALL
 SePrivilegeCheck(PPRIVILEGE_SET Privileges,
 		 PSECURITY_SUBJECT_CONTEXT SubjectContext,
@ -273,6 +298,7 @@ SePrivilegeCheck(PPRIVILEGE_SET Privileges,
 			    PreviousMode));
 }

+
 BOOLEAN STDCALL
 SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
 		       IN KPROCESSOR_MODE PreviousMode)
@ -304,3 +330,4 @@ SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
   return(r);
 }

+/* EOF */
--- a/reactos/ntoskrnl/se/token.c
+++ b/reactos/ntoskrnl/se/token.c
@ -1,4 +1,4 @@
-/* $Id: token.c,v 1.22 2002/10/25 21:48:00 chorns Exp $
+/* $Id: token.c,v 1.23 2003/05/31 11:10:30 ekohl Exp $
 *
 * COPYRIGHT:         See COPYING in the top level directory
 * PROJECT:           ReactOS kernel
@ -172,10 +172,14 @@ SepDuplicateToken(PACCESS_TOKEN Token,
  AccessToken->TokenInUse = 0;
  AccessToken->TokenType  = TokenType;
  AccessToken->ImpersonationLevel = Level;
-  AccessToken->AuthenticationId.QuadPart = SYSTEM_LUID;
+  AccessToken->AuthenticationId.LowPart = SYSTEM_LUID;
+  AccessToken->AuthenticationId.HighPart = 0;

-  AccessToken->TokenSource.SourceIdentifier.QuadPart = Token->TokenSource.SourceIdentifier.QuadPart;
-  memcpy(AccessToken->TokenSource.SourceName, Token->TokenSource.SourceName, sizeof(Token->TokenSource.SourceName));
+  AccessToken->TokenSource.SourceIdentifier.LowPart = Token->TokenSource.SourceIdentifier.LowPart;
+  AccessToken->TokenSource.SourceIdentifier.HighPart = Token->TokenSource.SourceIdentifier.HighPart;
+  memcpy(AccessToken->TokenSource.SourceName,
+	 Token->TokenSource.SourceName,
+	 sizeof(Token->TokenSource.SourceName));
  AccessToken->ExpirationTime.QuadPart = Token->ExpirationTime.QuadPart;
  AccessToken->UserAndGroupCount = Token->UserAndGroupCount;
  AccessToken->DefaultOwnerIndex = Token->DefaultOwnerIndex;
@ -820,54 +824,53 @@ NtAdjustGroupsToken(IN HANDLE TokenHandle,


 #if 0
-NTSTATUS SepAdjustPrivileges(PACCESS_TOKEN Token,           // 0x8
-			     ULONG a,                       // 0xC
-			     KPROCESSOR_MODE PreviousMode,  // 0x10
-			     ULONG PrivilegeCount,          // 0x14
-			     PLUID_AND_ATTRIBUTES Privileges, // 0x18
-			     PTOKEN_PRIVILEGES* PreviousState, // 0x1C
-			     PULONG b, // 0x20
-			     PULONG c, // 0x24
-			     PULONG d) // 0x28
+NTSTATUS
+SepAdjustPrivileges(PACCESS_TOKEN Token,
+		    ULONG a,
+		    KPROCESSOR_MODE PreviousMode,
+		    ULONG PrivilegeCount,
+		    PLUID_AND_ATTRIBUTES Privileges,
+		    PTOKEN_PRIVILEGES* PreviousState,
+		    PULONG b,
+		    PULONG c,
+		    PULONG d)
 {
-   ULONG i;
+  ULONG i;

-   *c = 0;
-   if (Token->PrivilegeCount > 0)
-     {
-	for (i=0; i<Token->PrivilegeCount; i++)
-	  {
-	     if (PreviousMode != 0)
-	       {
-		  if (!(Token->Privileges[i]->Attributes & 
-			SE_PRIVILEGE_ENABLED))
+  *c = 0;
+
+  if (Token->PrivilegeCount > 0)
+    {
+      for (i = 0; i < Token->PrivilegeCount; i++)
+	{
+	  if (PreviousMode != KernelMode)
+	    {
+	      if (Token->Privileges[i]->Attributes & SE_PRIVILEGE_ENABLED == 0)
+		{
+		  if (a != 0)
 		    {
-		       if (a != 0)
-			 {
-			    if (PreviousState != NULL)
-			      {
-				 memcpy(&PreviousState[i],
-					&Token->Privileges[i],
-					sizeof(LUID_AND_ATTRIBUTES));
-			      }
-			    Token->Privileges[i].Attributes = 
-			      Token->Privileges[i].Attributes & 
-			      (~SE_PRIVILEGE_ENABLED);
-			 }
+		      if (PreviousState != NULL)
+			{
+			  memcpy(&PreviousState[i],
+				 &Token->Privileges[i],
+				 sizeof(LUID_AND_ATTRIBUTES));
+			}
+		      Token->Privileges[i].Attributes &= (~SE_PRIVILEGE_ENABLED);
 		    }
-	       }
-	  }
-     }
-   if (PreviousMode != 0)
-     {
-	Token->TokenFlags = Token->TokenFlags & (~1);
-     }
-   else
-     {
-	if (PrivilegeCount <= ?)
-	  {
+		}
+	    }
+	}
+    }

-	  }
+  if (PreviousMode != KernelMode)
+    {
+      Token->TokenFlags = Token->TokenFlags & (~1);
+    }
+  else
+    {
+      if (PrivilegeCount <= ?)
+	{
+	}
     }
   if (
 }
@ -882,37 +885,69 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
 			OUT PTOKEN_PRIVILEGES PreviousState,
 			OUT PULONG ReturnLength)
 {
+  PLUID_AND_ATTRIBUTES Privileges;
+  KPROCESSOR_MODE PreviousMode;
+  ULONG PrivilegeCount;
+  PACCESS_TOKEN Token;
+  ULONG Length;
 #if 0
-   ULONG PrivilegeCount;
-   ULONG Length;
-   PSID_AND_ATTRIBUTES Privileges;
   ULONG a;
   ULONG b;
   ULONG c;
+#endif
+  NTSTATUS Status;

-   PrivilegeCount = NewState->PrivilegeCount;
+  DPRINT1("NtAdjustPrivilegesToken() called\n");

-   SeCaptureLuidAndAttributesArray(NewState->Privileges,
-				   &PrivilegeCount,
-				   KeGetPreviousMode(),
-				   NULL,
-				   0,
-				   NonPagedPool,
-				   1,
-				   &Privileges.
-				   &Length);
+  PrivilegeCount = NewState->PrivilegeCount;
+  PreviousMode = KeGetPreviousMode();
+  SeCaptureLuidAndAttributesArray(NewState->Privileges,
+				  PrivilegeCount,
+				  PreviousMode,
+				  NULL,
+				  0,
+				  NonPagedPool,
+				  1,
+				  &Privileges,
+				  &Length);
+
+  Status = ObReferenceObjectByHandle(TokenHandle,
+				     TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+				     SepTokenObjectType,
+				     PreviousMode,
+				     (PVOID*)&Token,
+				     NULL);
+  if (!NT_SUCCESS(Status))
+    {
+      DPRINT1("Failed to reference token (Status %lx)\n", Status);
+      SeReleaseLuidAndAttributesArray(Privileges,
+				      PreviousMode,
+				      0);
+      return(Status);
+    }
+
+
+#if 0
   SepAdjustPrivileges(Token,
 		       0,
-		       KeGetPreviousMode(),
+		       PreviousMode,
 		       PrivilegeCount,
 		       Privileges,
 		       PreviousState,
 		       &a,
 		       &b,
 		       &c);
-#else
-   UNIMPLEMENTED;
 #endif
+
+  ObDereferenceObject(Token);
+
+  SeReleaseLuidAndAttributesArray(Privileges,
+				  PreviousMode,
+				  0);
+
+  DPRINT1("NtAdjustPrivilegesToken() done\n");
+
+  return STATUS_SUCCESS;
 }


@ -955,11 +990,13 @@ SepCreateSystemProcessToken(struct _EPROCESS* Process)
      return(Status);
    }

-  AccessToken->AuthenticationId.QuadPart = SYSTEM_LUID;
+  AccessToken->AuthenticationId.LowPart = SYSTEM_LUID;
+  AccessToken->AuthenticationId.HighPart = 0;

  AccessToken->TokenType = TokenPrimary;
  AccessToken->ImpersonationLevel = SecurityDelegation;
-  AccessToken->TokenSource.SourceIdentifier.QuadPart = 0;
+  AccessToken->TokenSource.SourceIdentifier.LowPart = 0;
+  AccessToken->TokenSource.SourceIdentifier.HighPart = 0;
  memcpy(AccessToken->TokenSource.SourceName, "SeMgr\0\0\0", 8);
  AccessToken->ExpirationTime.QuadPart = -1;
  AccessToken->UserAndGroupCount = 4;
@ -1106,6 +1143,7 @@ SepCreateSystemProcessToken(struct _EPROCESS* Process)
  return(STATUS_SUCCESS);
 }

+
 NTSTATUS STDCALL
 NtCreateToken(OUT PHANDLE UnsafeTokenHandle,
 	      IN ACCESS_MASK DesiredAccess,