2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: ntoskrnl/se/access.c
5 * PURPOSE: Access state functions
7 * PROGRAMMERS: Alex Ionescu (alex@relsoft.net) -
8 * Based on patch by Javier M. Mellid
11 /* INCLUDES *****************************************************************/
15 #include <internal/debug.h>
17 /* FUNCTIONS ***************************************************************/
21 SeCreateAccessStateEx(IN PETHREAD Thread
,
23 IN OUT PACCESS_STATE AccessState
,
25 IN ACCESS_MASK Access
,
26 IN PGENERIC_MAPPING GenericMapping
)
28 ACCESS_MASK AccessMask
= Access
;
32 /* Map the Generic Acess to Specific Access if we have a Mapping */
33 if ((Access
& GENERIC_ACCESS
) && (GenericMapping
))
35 RtlMapGenericMask(&AccessMask
, GenericMapping
);
38 /* Initialize the Access State */
39 RtlZeroMemory(AccessState
, sizeof(ACCESS_STATE
));
41 /* Capture the Subject Context */
42 SeCaptureSubjectContextEx(Thread
,
44 &AccessState
->SubjectSecurityContext
);
46 /* Set Access State Data */
47 AccessState
->AuxData
= AuxData
;
48 AccessState
->RemainingDesiredAccess
= AccessMask
;
49 AccessState
->OriginalDesiredAccess
= AccessMask
;
50 ExpAllocateLocallyUniqueId(&AccessState
->OperationID
);
52 /* Get the Token to use */
53 Token
= AccessState
->SubjectSecurityContext
.ClientToken
?
54 (PTOKEN
)&AccessState
->SubjectSecurityContext
.ClientToken
:
55 (PTOKEN
)&AccessState
->SubjectSecurityContext
.PrimaryToken
;
57 /* Check for Travers Privilege */
58 if (Token
->TokenFlags
& TOKEN_HAS_TRAVERSE_PRIVILEGE
)
60 /* Preserve the Traverse Privilege */
61 AccessState
->Flags
= TOKEN_HAS_TRAVERSE_PRIVILEGE
;
64 /* Set the Auxiliary Data */
65 AuxData
->PrivilegeSet
= (PPRIVILEGE_SET
)((ULONG_PTR
)AccessState
+
66 FIELD_OFFSET(ACCESS_STATE
,
68 if (GenericMapping
) AuxData
->GenericMapping
= *GenericMapping
;
71 return STATUS_SUCCESS
;
79 SeCreateAccessState(IN OUT PACCESS_STATE AccessState
,
81 IN ACCESS_MASK Access
,
82 IN PGENERIC_MAPPING GenericMapping
)
86 /* Call the internal API */
87 return SeCreateAccessStateEx(PsGetCurrentThread(),
88 PsGetCurrentProcess(),
100 SeDeleteAccessState(IN PACCESS_STATE AccessState
)
105 /* Get the Auxiliary Data */
106 AuxData
= AccessState
->AuxData
;
108 /* Deallocate Privileges */
109 if (AccessState
->PrivilegesAllocated
) ExFreePool(AuxData
->PrivilegeSet
);
111 /* Deallocate Name and Type Name */
112 if (AccessState
->ObjectName
.Buffer
)
114 ExFreePool(AccessState
->ObjectName
.Buffer
);
116 if (AccessState
->ObjectTypeName
.Buffer
)
118 ExFreePool(AccessState
->ObjectTypeName
.Buffer
);
121 /* Release the Subject Context */
122 SeReleaseSubjectContext(&AccessState
->SubjectSecurityContext
);
130 SeSetAccessStateGenericMapping(PACCESS_STATE AccessState
,
131 PGENERIC_MAPPING GenericMapping
)
135 /* Set the Generic Mapping */
136 ((PAUX_DATA
)AccessState
->AuxData
)->GenericMapping
= *GenericMapping
;