3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * FILE: ntoskrnl/se/priv.c
6 * PURPOSE: Security manager
8 * PROGRAMMERS: No programmer listed.
11 /* INCLUDES *****************************************************************/
15 #include <internal/debug.h>
18 /* GLOBALS *******************************************************************/
20 LUID SeCreateTokenPrivilege
;
21 LUID SeAssignPrimaryTokenPrivilege
;
22 LUID SeLockMemoryPrivilege
;
23 LUID SeIncreaseQuotaPrivilege
;
24 LUID SeUnsolicitedInputPrivilege
;
26 LUID SeSecurityPrivilege
;
27 LUID SeTakeOwnershipPrivilege
;
28 LUID SeLoadDriverPrivilege
;
29 LUID SeCreatePagefilePrivilege
;
30 LUID SeIncreaseBasePriorityPrivilege
;
31 LUID SeSystemProfilePrivilege
;
32 LUID SeSystemtimePrivilege
;
33 LUID SeProfileSingleProcessPrivilege
;
34 LUID SeCreatePermanentPrivilege
;
35 LUID SeBackupPrivilege
;
36 LUID SeRestorePrivilege
;
37 LUID SeShutdownPrivilege
;
38 LUID SeDebugPrivilege
;
39 LUID SeAuditPrivilege
;
40 LUID SeSystemEnvironmentPrivilege
;
41 LUID SeChangeNotifyPrivilege
;
42 LUID SeRemoteShutdownPrivilege
;
45 /* FUNCTIONS ***************************************************************/
48 SepInitPrivileges (VOID
)
50 SeCreateTokenPrivilege
.LowPart
= SE_CREATE_TOKEN_PRIVILEGE
;
51 SeCreateTokenPrivilege
.HighPart
= 0;
52 SeAssignPrimaryTokenPrivilege
.LowPart
= SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
;
53 SeAssignPrimaryTokenPrivilege
.HighPart
= 0;
54 SeLockMemoryPrivilege
.LowPart
= SE_LOCK_MEMORY_PRIVILEGE
;
55 SeLockMemoryPrivilege
.HighPart
= 0;
56 SeIncreaseQuotaPrivilege
.LowPart
= SE_INCREASE_QUOTA_PRIVILEGE
;
57 SeIncreaseQuotaPrivilege
.HighPart
= 0;
58 SeUnsolicitedInputPrivilege
.LowPart
= SE_UNSOLICITED_INPUT_PRIVILEGE
;
59 SeUnsolicitedInputPrivilege
.HighPart
= 0;
60 SeTcbPrivilege
.LowPart
= SE_TCB_PRIVILEGE
;
61 SeTcbPrivilege
.HighPart
= 0;
62 SeSecurityPrivilege
.LowPart
= SE_SECURITY_PRIVILEGE
;
63 SeSecurityPrivilege
.HighPart
= 0;
64 SeTakeOwnershipPrivilege
.LowPart
= SE_TAKE_OWNERSHIP_PRIVILEGE
;
65 SeTakeOwnershipPrivilege
.HighPart
= 0;
66 SeLoadDriverPrivilege
.LowPart
= SE_LOAD_DRIVER_PRIVILEGE
;
67 SeLoadDriverPrivilege
.HighPart
= 0;
68 SeSystemProfilePrivilege
.LowPart
= SE_SYSTEM_PROFILE_PRIVILEGE
;
69 SeSystemProfilePrivilege
.HighPart
= 0;
70 SeSystemtimePrivilege
.LowPart
= SE_SYSTEMTIME_PRIVILEGE
;
71 SeSystemtimePrivilege
.HighPart
= 0;
72 SeProfileSingleProcessPrivilege
.LowPart
= SE_PROF_SINGLE_PROCESS_PRIVILEGE
;
73 SeProfileSingleProcessPrivilege
.HighPart
= 0;
74 SeIncreaseBasePriorityPrivilege
.LowPart
= SE_INC_BASE_PRIORITY_PRIVILEGE
;
75 SeIncreaseBasePriorityPrivilege
.HighPart
= 0;
76 SeCreatePagefilePrivilege
.LowPart
= SE_CREATE_PAGEFILE_PRIVILEGE
;
77 SeCreatePagefilePrivilege
.HighPart
= 0;
78 SeCreatePermanentPrivilege
.LowPart
= SE_CREATE_PERMANENT_PRIVILEGE
;
79 SeCreatePermanentPrivilege
.HighPart
= 0;
80 SeBackupPrivilege
.LowPart
= SE_BACKUP_PRIVILEGE
;
81 SeBackupPrivilege
.HighPart
= 0;
82 SeRestorePrivilege
.LowPart
= SE_RESTORE_PRIVILEGE
;
83 SeRestorePrivilege
.HighPart
= 0;
84 SeShutdownPrivilege
.LowPart
= SE_SHUTDOWN_PRIVILEGE
;
85 SeShutdownPrivilege
.HighPart
= 0;
86 SeDebugPrivilege
.LowPart
= SE_DEBUG_PRIVILEGE
;
87 SeDebugPrivilege
.HighPart
= 0;
88 SeAuditPrivilege
.LowPart
= SE_AUDIT_PRIVILEGE
;
89 SeAuditPrivilege
.HighPart
= 0;
90 SeSystemEnvironmentPrivilege
.LowPart
= SE_SYSTEM_ENVIRONMENT_PRIVILEGE
;
91 SeSystemEnvironmentPrivilege
.HighPart
= 0;
92 SeChangeNotifyPrivilege
.LowPart
= SE_CHANGE_NOTIFY_PRIVILEGE
;
93 SeChangeNotifyPrivilege
.HighPart
= 0;
94 SeRemoteShutdownPrivilege
.LowPart
= SE_REMOTE_SHUTDOWN_PRIVILEGE
;
95 SeRemoteShutdownPrivilege
.HighPart
= 0;
100 SepPrivilegeCheck (PTOKEN Token
,
101 PLUID_AND_ATTRIBUTES Privileges
,
102 ULONG PrivilegeCount
,
103 ULONG PrivilegeControl
,
104 KPROCESSOR_MODE PreviousMode
)
110 DPRINT ("SepPrivilegeCheck() called\n");
114 if (PreviousMode
== KernelMode
)
120 if (PrivilegeCount
> 0)
122 for (i
= 0; i
< Token
->PrivilegeCount
; i
++)
124 for (j
= 0; j
< PrivilegeCount
; j
++)
126 if (Token
->Privileges
[i
].Luid
.LowPart
== Privileges
[j
].Luid
.LowPart
&&
127 Token
->Privileges
[i
].Luid
.HighPart
== Privileges
[j
].Luid
.HighPart
)
129 DPRINT ("Found privilege\n");
130 DPRINT ("Privilege attributes %lx\n",
131 Token
->Privileges
[i
].Attributes
);
133 if (Token
->Privileges
[i
].Attributes
& SE_PRIVILEGE_ENABLED
)
135 Privileges
[j
].Attributes
|= SE_PRIVILEGE_USED_FOR_ACCESS
;
143 if ((PrivilegeControl
& PRIVILEGE_SET_ALL_NECESSARY
) &&
150 !(PrivilegeControl
& PRIVILEGE_SET_ALL_NECESSARY
))
160 SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src
,
161 ULONG PrivilegeCount
,
162 KPROCESSOR_MODE PreviousMode
,
163 PLUID_AND_ATTRIBUTES AllocatedMem
,
164 ULONG AllocatedLength
,
167 PLUID_AND_ATTRIBUTES
* Dest
,
170 PLUID_AND_ATTRIBUTES
* NewMem
;
175 if (PrivilegeCount
== 0)
179 return STATUS_SUCCESS
;
182 if (PreviousMode
== KernelMode
&& d
== 0)
185 return STATUS_SUCCESS
;
188 SrcLength
= ((PrivilegeCount
* sizeof(LUID_AND_ATTRIBUTES
)) + 3) & 0xfc;
190 if (AllocatedMem
== NULL
)
192 NewMem
= ExAllocatePool (PoolType
,
194 *Dest
= (PLUID_AND_ATTRIBUTES
)NewMem
;
197 return STATUS_UNSUCCESSFUL
;
202 if (SrcLength
> AllocatedLength
)
204 return STATUS_UNSUCCESSFUL
;
206 *Dest
= AllocatedMem
;
208 memmove (*Dest
, Src
, SrcLength
);
210 return STATUS_SUCCESS
;
215 SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege
,
216 KPROCESSOR_MODE PreviousMode
,
221 ExFreePool (Privilege
);
226 NtPrivilegeCheck (IN HANDLE ClientToken
,
227 IN PPRIVILEGE_SET RequiredPrivileges
,
230 PLUID_AND_ATTRIBUTES Privilege
;
232 ULONG PrivilegeCount
;
233 ULONG PrivilegeControl
;
239 Status
= ObReferenceObjectByHandle (ClientToken
,
245 if (!NT_SUCCESS(Status
))
250 if (Token
->TokenType
== TokenImpersonation
&&
251 Token
->ImpersonationLevel
< SecurityAnonymous
)
253 ObDereferenceObject (Token
);
254 return STATUS_UNSUCCESSFUL
;
257 PrivilegeCount
= RequiredPrivileges
->PrivilegeCount
;
258 PrivilegeControl
= RequiredPrivileges
->Control
;
260 Status
= SeCaptureLuidAndAttributesArray (RequiredPrivileges
->Privilege
,
269 if (!NT_SUCCESS(Status
))
271 ObDereferenceObject (Token
);
272 return STATUS_UNSUCCESSFUL
;
275 *Result
= SepPrivilegeCheck (Token
,
281 memmove (RequiredPrivileges
->Privilege
,
285 SeReleaseLuidAndAttributesArray (Privilege
,
289 return STATUS_SUCCESS
;
297 SePrivilegeCheck (PPRIVILEGE_SET Privileges
,
298 PSECURITY_SUBJECT_CONTEXT SubjectContext
,
299 KPROCESSOR_MODE PreviousMode
)
301 PACCESS_TOKEN Token
= NULL
;
305 if (SubjectContext
->ClientToken
== NULL
)
307 Token
= SubjectContext
->PrimaryToken
;
311 Token
= SubjectContext
->ClientToken
;
312 if (SubjectContext
->ImpersonationLevel
< 2)
318 return SepPrivilegeCheck (Token
,
319 Privileges
->Privilege
,
320 Privileges
->PrivilegeCount
,
330 SeSinglePrivilegeCheck (IN LUID PrivilegeValue
,
331 IN KPROCESSOR_MODE PreviousMode
)
333 SECURITY_SUBJECT_CONTEXT SubjectContext
;
339 SeCaptureSubjectContext (&SubjectContext
);
341 Priv
.PrivilegeCount
= 1;
342 Priv
.Control
= PRIVILEGE_SET_ALL_NECESSARY
;
343 Priv
.Privilege
[0].Luid
= PrivilegeValue
;
344 Priv
.Privilege
[0].Attributes
= SE_PRIVILEGE_ENABLED
;
346 Result
= SePrivilegeCheck (&Priv
,
350 if (PreviousMode
!= KernelMode
)
353 SePrivilegedServiceAuditAlarm (0,
359 SeReleaseSubjectContext (&SubjectContext
);