2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: ntoskrnl/se/access.c
5 * PURPOSE: Access state functions
7 * PROGRAMMERS: Alex Ionescu (alex@relsoft.net) -
8 * Based on patch by Javier M. Mellid
11 /* INCLUDES *****************************************************************/
15 #include <internal/debug.h>
17 #define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | \
20 /* FUNCTIONS ***************************************************************/
27 SeCreateAccessState(PACCESS_STATE AccessState
,
30 PGENERIC_MAPPING GenericMapping
)
32 ACCESS_MASK AccessMask
= Access
;
37 /* Map the Generic Acess to Specific Access if we have a Mapping */
38 if ((Access
& GENERIC_ACCESS
) && (GenericMapping
))
40 RtlMapGenericMask(&AccessMask
, GenericMapping
);
43 /* Initialize the Access State */
44 RtlZeroMemory(AccessState
, sizeof(ACCESS_STATE
));
46 /* Capture the Subject Context */
47 SeCaptureSubjectContext(&AccessState
->SubjectSecurityContext
);
49 /* Set Access State Data */
50 AccessState
->AuxData
= AuxData
;
51 AccessState
->RemainingDesiredAccess
= AccessMask
;
52 AccessState
->OriginalDesiredAccess
= AccessMask
;
53 ExpAllocateLocallyUniqueId(&AccessState
->OperationID
);
55 /* Get the Token to use */
56 Token
= AccessState
->SubjectSecurityContext
.ClientToken
?
57 (PTOKEN
)&AccessState
->SubjectSecurityContext
.ClientToken
:
58 (PTOKEN
)&AccessState
->SubjectSecurityContext
.PrimaryToken
;
60 /* Check for Travers Privilege */
61 if (Token
->TokenFlags
& TOKEN_HAS_TRAVERSE_PRIVILEGE
)
63 /* Preserve the Traverse Privilege */
64 AccessState
->Flags
= TOKEN_HAS_TRAVERSE_PRIVILEGE
;
67 /* Set the Auxiliary Data */
68 AuxData
->PrivilegeSet
= (PPRIVILEGE_SET
)((ULONG_PTR
)AccessState
+
69 FIELD_OFFSET(ACCESS_STATE
,
71 if (GenericMapping
) AuxData
->GenericMapping
= *GenericMapping
;
74 return STATUS_SUCCESS
;
82 SeDeleteAccessState(IN PACCESS_STATE AccessState
)
87 /* Get the Auxiliary Data */
88 AuxData
= AccessState
->AuxData
;
90 /* Deallocate Privileges */
91 if (AccessState
->PrivilegesAllocated
) ExFreePool(AuxData
->PrivilegeSet
);
93 /* Deallocate Name and Type Name */
94 if (AccessState
->ObjectName
.Buffer
)
96 ExFreePool(AccessState
->ObjectName
.Buffer
);
98 if (AccessState
->ObjectTypeName
.Buffer
)
100 ExFreePool(AccessState
->ObjectTypeName
.Buffer
);
103 /* Release the Subject Context */
104 SeReleaseSubjectContext(&AccessState
->SubjectSecurityContext
);
112 SeSetAccessStateGenericMapping(PACCESS_STATE AccessState
,
113 PGENERIC_MAPPING GenericMapping
)
117 /* Set the Generic Mapping */
118 ((PAUX_DATA
)AccessState
->AuxData
)->GenericMapping
= *GenericMapping
;