3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * FILE: ntoskrnl/se/sd.c
6 * PURPOSE: Security manager
8 * PROGRAMMERS: David Welch <welch@cwcom.net>
11 /* INCLUDES *****************************************************************/
14 #include <internal/debug.h>
16 /* GLOBALS ******************************************************************/
18 PSECURITY_DESCRIPTOR SePublicDefaultSd
= NULL
;
19 PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
= NULL
;
20 PSECURITY_DESCRIPTOR SePublicOpenSd
= NULL
;
21 PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
= NULL
;
22 PSECURITY_DESCRIPTOR SeSystemDefaultSd
= NULL
;
23 PSECURITY_DESCRIPTOR SeUnrestrictedSd
= NULL
;
25 /* FUNCTIONS ***************************************************************/
30 /* Create PublicDefaultSd */
31 SePublicDefaultSd
= ExAllocatePool(NonPagedPool
,
32 sizeof(SECURITY_DESCRIPTOR
));
33 if (SePublicDefaultSd
== NULL
)
36 RtlCreateSecurityDescriptor(SePublicDefaultSd
,
37 SECURITY_DESCRIPTOR_REVISION
);
38 RtlSetDaclSecurityDescriptor(SePublicDefaultSd
,
43 /* Create PublicDefaultUnrestrictedSd */
44 SePublicDefaultUnrestrictedSd
= ExAllocatePool(NonPagedPool
,
45 sizeof(SECURITY_DESCRIPTOR
));
46 if (SePublicDefaultUnrestrictedSd
== NULL
)
49 RtlCreateSecurityDescriptor(SePublicDefaultUnrestrictedSd
,
50 SECURITY_DESCRIPTOR_REVISION
);
51 RtlSetDaclSecurityDescriptor(SePublicDefaultUnrestrictedSd
,
53 SePublicDefaultUnrestrictedDacl
,
56 /* Create PublicOpenSd */
57 SePublicOpenSd
= ExAllocatePool(NonPagedPool
,
58 sizeof(SECURITY_DESCRIPTOR
));
59 if (SePublicOpenSd
== NULL
)
62 RtlCreateSecurityDescriptor(SePublicOpenSd
,
63 SECURITY_DESCRIPTOR_REVISION
);
64 RtlSetDaclSecurityDescriptor(SePublicOpenSd
,
69 /* Create PublicOpenUnrestrictedSd */
70 SePublicOpenUnrestrictedSd
= ExAllocatePool(NonPagedPool
,
71 sizeof(SECURITY_DESCRIPTOR
));
72 if (SePublicOpenUnrestrictedSd
== NULL
)
75 RtlCreateSecurityDescriptor(SePublicOpenUnrestrictedSd
,
76 SECURITY_DESCRIPTOR_REVISION
);
77 RtlSetDaclSecurityDescriptor(SePublicOpenUnrestrictedSd
,
79 SePublicOpenUnrestrictedDacl
,
82 /* Create SystemDefaultSd */
83 SeSystemDefaultSd
= ExAllocatePool(NonPagedPool
,
84 sizeof(SECURITY_DESCRIPTOR
));
85 if (SeSystemDefaultSd
== NULL
)
88 RtlCreateSecurityDescriptor(SeSystemDefaultSd
,
89 SECURITY_DESCRIPTOR_REVISION
);
90 RtlSetDaclSecurityDescriptor(SeSystemDefaultSd
,
95 /* Create UnrestrictedSd */
96 SeUnrestrictedSd
= ExAllocatePool(NonPagedPool
,
97 sizeof(SECURITY_DESCRIPTOR
));
98 if (SeUnrestrictedSd
== NULL
)
101 RtlCreateSecurityDescriptor(SeUnrestrictedSd
,
102 SECURITY_DESCRIPTOR_REVISION
);
103 RtlSetDaclSecurityDescriptor(SeUnrestrictedSd
,
113 SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
114 IN KPROCESSOR_MODE AccessMode
,
115 IN POOL_TYPE PoolType
,
116 IN BOOLEAN CaptureIfKernel
,
117 OUT PSECURITY_QUALITY_OF_SERVICE
*CapturedSecurityQualityOfService
,
118 OUT PBOOLEAN Present
)
120 PSECURITY_QUALITY_OF_SERVICE CapturedQos
;
121 NTSTATUS Status
= STATUS_SUCCESS
;
125 ASSERT(CapturedSecurityQualityOfService
);
128 if(ObjectAttributes
!= NULL
)
130 if(AccessMode
!= KernelMode
)
132 SECURITY_QUALITY_OF_SERVICE SafeQos
;
136 ProbeForRead(ObjectAttributes
,
137 sizeof(ObjectAttributes
),
139 if(ObjectAttributes
->Length
== sizeof(OBJECT_ATTRIBUTES
))
141 if(ObjectAttributes
->SecurityQualityOfService
!= NULL
)
143 ProbeForRead(ObjectAttributes
->SecurityQualityOfService
,
144 sizeof(SECURITY_QUALITY_OF_SERVICE
),
147 if(((PSECURITY_QUALITY_OF_SERVICE
)ObjectAttributes
->SecurityQualityOfService
)->Length
==
148 sizeof(SECURITY_QUALITY_OF_SERVICE
))
150 /* don't allocate memory here because ExAllocate should bugcheck
151 the system if it's buggy, SEH would catch that! So make a local
152 copy of the qos structure.*/
153 RtlCopyMemory(&SafeQos
,
154 ObjectAttributes
->SecurityQualityOfService
,
155 sizeof(SECURITY_QUALITY_OF_SERVICE
));
160 Status
= STATUS_INVALID_PARAMETER
;
165 *CapturedSecurityQualityOfService
= NULL
;
171 Status
= STATUS_INVALID_PARAMETER
;
176 Status
= _SEH_GetExceptionCode();
180 if(NT_SUCCESS(Status
))
184 CapturedQos
= ExAllocatePool(PoolType
,
185 sizeof(SECURITY_QUALITY_OF_SERVICE
));
186 if(CapturedQos
!= NULL
)
188 RtlCopyMemory(CapturedQos
,
190 sizeof(SECURITY_QUALITY_OF_SERVICE
));
191 *CapturedSecurityQualityOfService
= CapturedQos
;
195 Status
= STATUS_INSUFFICIENT_RESOURCES
;
200 *CapturedSecurityQualityOfService
= NULL
;
206 if(ObjectAttributes
->Length
== sizeof(OBJECT_ATTRIBUTES
))
210 if(ObjectAttributes
->SecurityQualityOfService
!= NULL
)
212 if(((PSECURITY_QUALITY_OF_SERVICE
)ObjectAttributes
->SecurityQualityOfService
)->Length
==
213 sizeof(SECURITY_QUALITY_OF_SERVICE
))
215 CapturedQos
= ExAllocatePool(PoolType
,
216 sizeof(SECURITY_QUALITY_OF_SERVICE
));
217 if(CapturedQos
!= NULL
)
219 RtlCopyMemory(CapturedQos
,
220 ObjectAttributes
->SecurityQualityOfService
,
221 sizeof(SECURITY_QUALITY_OF_SERVICE
));
222 *CapturedSecurityQualityOfService
= CapturedQos
;
227 Status
= STATUS_INSUFFICIENT_RESOURCES
;
232 Status
= STATUS_INVALID_PARAMETER
;
237 *CapturedSecurityQualityOfService
= NULL
;
243 *CapturedSecurityQualityOfService
= (PSECURITY_QUALITY_OF_SERVICE
)ObjectAttributes
->SecurityQualityOfService
;
244 *Present
= (ObjectAttributes
->SecurityQualityOfService
!= NULL
);
249 Status
= STATUS_INVALID_PARAMETER
;
255 *CapturedSecurityQualityOfService
= NULL
;
264 SepReleaseSecurityQualityOfService(IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL
,
265 IN KPROCESSOR_MODE AccessMode
,
266 IN BOOLEAN CaptureIfKernel
)
270 if(CapturedSecurityQualityOfService
!= NULL
&&
271 (AccessMode
== UserMode
||
272 (AccessMode
== KernelMode
&& CaptureIfKernel
)))
274 ExFreePool(CapturedSecurityQualityOfService
);
284 SeCaptureSecurityDescriptor(
285 IN PSECURITY_DESCRIPTOR OriginalSecurityDescriptor
,
286 IN KPROCESSOR_MODE CurrentMode
,
287 IN POOL_TYPE PoolType
,
288 IN BOOLEAN CaptureIfKernel
,
289 OUT PSECURITY_DESCRIPTOR
*CapturedSecurityDescriptor
292 SECURITY_DESCRIPTOR DescriptorCopy
;
293 PSECURITY_DESCRIPTOR NewDescriptor
;
294 ULONG OwnerSAC
= 0, GroupSAC
= 0;
295 ULONG OwnerSize
= 0, GroupSize
= 0;
296 ULONG SaclSize
= 0, DaclSize
= 0;
297 ULONG DescriptorSize
= 0;
298 NTSTATUS Status
= STATUS_SUCCESS
;
300 if(OriginalSecurityDescriptor
!= NULL
)
302 if(CurrentMode
!= KernelMode
)
304 RtlZeroMemory(&DescriptorCopy
, sizeof(DescriptorCopy
));
308 /* first only probe and copy until the control field of the descriptor
309 to determine whether it's a self-relative descriptor */
310 DescriptorSize
= (ULONG
)((ULONG_PTR
)&OriginalSecurityDescriptor
->Control
-
311 (ULONG_PTR
)OriginalSecurityDescriptor
) +
312 sizeof(OriginalSecurityDescriptor
->Control
);
313 ProbeForRead(OriginalSecurityDescriptor
,
317 if(OriginalSecurityDescriptor
->Revision
!= SECURITY_DESCRIPTOR_REVISION1
)
319 Status
= STATUS_UNKNOWN_REVISION
;
323 /* make a copy on the stack */
324 DescriptorCopy
.Revision
= OriginalSecurityDescriptor
->Revision
;
325 DescriptorCopy
.Sbz1
= OriginalSecurityDescriptor
->Sbz1
;
326 DescriptorCopy
.Control
= OriginalSecurityDescriptor
->Control
;
327 DescriptorSize
= ((DescriptorCopy
.Control
& SE_SELF_RELATIVE
) ?
328 sizeof(SECURITY_DESCRIPTOR_RELATIVE
) : sizeof(SECURITY_DESCRIPTOR
));
330 /* probe and copy the entire security descriptor structure. The SIDs
331 and ACLs will be probed and copied later though */
332 ProbeForRead(OriginalSecurityDescriptor
,
335 if(DescriptorCopy
.Control
& SE_SELF_RELATIVE
)
337 PSECURITY_DESCRIPTOR_RELATIVE RelSD
= (PSECURITY_DESCRIPTOR_RELATIVE
)OriginalSecurityDescriptor
;
339 DescriptorCopy
.Owner
= (PSID
)RelSD
->Owner
;
340 DescriptorCopy
.Group
= (PSID
)RelSD
->Group
;
341 DescriptorCopy
.Sacl
= (PACL
)RelSD
->Sacl
;
342 DescriptorCopy
.Dacl
= (PACL
)RelSD
->Dacl
;
346 DescriptorCopy
.Owner
= OriginalSecurityDescriptor
->Owner
;
347 DescriptorCopy
.Group
= OriginalSecurityDescriptor
->Group
;
348 DescriptorCopy
.Sacl
= OriginalSecurityDescriptor
->Sacl
;
349 DescriptorCopy
.Dacl
= OriginalSecurityDescriptor
->Dacl
;
354 Status
= _SEH_GetExceptionCode();
358 if(!NT_SUCCESS(Status
))
363 else if(!CaptureIfKernel
)
365 if(OriginalSecurityDescriptor
->Revision
!= SECURITY_DESCRIPTOR_REVISION1
)
367 return STATUS_UNKNOWN_REVISION
;
370 *CapturedSecurityDescriptor
= OriginalSecurityDescriptor
;
371 return STATUS_SUCCESS
;
375 if(OriginalSecurityDescriptor
->Revision
!= SECURITY_DESCRIPTOR_REVISION1
)
377 return STATUS_UNKNOWN_REVISION
;
380 /* make a copy on the stack */
381 DescriptorCopy
.Revision
= OriginalSecurityDescriptor
->Revision
;
382 DescriptorCopy
.Sbz1
= OriginalSecurityDescriptor
->Sbz1
;
383 DescriptorCopy
.Control
= OriginalSecurityDescriptor
->Control
;
384 DescriptorSize
= ((DescriptorCopy
.Control
& SE_SELF_RELATIVE
) ?
385 sizeof(SECURITY_DESCRIPTOR_RELATIVE
) : sizeof(SECURITY_DESCRIPTOR
));
386 if(DescriptorCopy
.Control
& SE_SELF_RELATIVE
)
388 PSECURITY_DESCRIPTOR_RELATIVE RelSD
= (PSECURITY_DESCRIPTOR_RELATIVE
)OriginalSecurityDescriptor
;
390 DescriptorCopy
.Owner
= (PSID
)RelSD
->Owner
;
391 DescriptorCopy
.Group
= (PSID
)RelSD
->Group
;
392 DescriptorCopy
.Sacl
= (PACL
)RelSD
->Sacl
;
393 DescriptorCopy
.Dacl
= (PACL
)RelSD
->Dacl
;
397 DescriptorCopy
.Owner
= OriginalSecurityDescriptor
->Owner
;
398 DescriptorCopy
.Group
= OriginalSecurityDescriptor
->Group
;
399 DescriptorCopy
.Sacl
= OriginalSecurityDescriptor
->Sacl
;
400 DescriptorCopy
.Dacl
= OriginalSecurityDescriptor
->Dacl
;
404 if(DescriptorCopy
.Control
& SE_SELF_RELATIVE
)
406 /* in case we're dealing with a self-relative descriptor, do a basic convert
407 to an absolute descriptor. We do this so we can simply access the data
408 using the pointers without calculating them again. */
409 DescriptorCopy
.Control
&= ~SE_SELF_RELATIVE
;
410 if(DescriptorCopy
.Owner
!= NULL
)
412 DescriptorCopy
.Owner
= (PSID
)((ULONG_PTR
)OriginalSecurityDescriptor
+ (ULONG_PTR
)DescriptorCopy
.Owner
);
414 if(DescriptorCopy
.Group
!= NULL
)
416 DescriptorCopy
.Group
= (PSID
)((ULONG_PTR
)OriginalSecurityDescriptor
+ (ULONG_PTR
)DescriptorCopy
.Group
);
418 if(DescriptorCopy
.Dacl
!= NULL
)
420 DescriptorCopy
.Dacl
= (PACL
)((ULONG_PTR
)OriginalSecurityDescriptor
+ (ULONG_PTR
)DescriptorCopy
.Dacl
);
422 if(DescriptorCopy
.Sacl
!= NULL
)
424 DescriptorCopy
.Sacl
= (PACL
)((ULONG_PTR
)OriginalSecurityDescriptor
+ (ULONG_PTR
)DescriptorCopy
.Sacl
);
428 /* determine the size of the SIDs */
429 #define DetermineSIDSize(SidType) \
431 if(DescriptorCopy.SidType != NULL) \
433 SID *SidType = (SID*)DescriptorCopy.SidType; \
435 if(CurrentMode != KernelMode) \
437 /* securely access the buffers! */ \
440 ProbeForRead(&SidType->SubAuthorityCount, \
441 sizeof(SidType->SubAuthorityCount), \
443 SidType##SAC = SidType->SubAuthorityCount; \
444 SidType##Size = RtlLengthRequiredSid(SidType##SAC); \
445 DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \
446 ProbeForRead(SidType, \
449 if(!RtlValidSid(SidType)) \
451 Status = STATUS_INVALID_SID; \
456 Status = _SEH_GetExceptionCode(); \
460 if(!NT_SUCCESS(Status)) \
467 SidType##SAC = SidType->SubAuthorityCount; \
468 SidType##Size = RtlLengthRequiredSid(SidType##SAC); \
469 DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \
474 DetermineSIDSize(Owner
);
475 DetermineSIDSize(Group
);
477 /* determine the size of the ACLs */
478 #define DetermineACLSize(AclType, AclFlag) \
480 if((DescriptorCopy.Control & SE_##AclFlag##_PRESENT) && \
481 DescriptorCopy.AclType != NULL) \
483 PACL AclType = (PACL)DescriptorCopy.AclType; \
485 if(CurrentMode != KernelMode) \
487 /* securely access the buffers! */ \
490 ProbeForRead(&AclType->AclSize, \
491 sizeof(AclType->AclSize), \
493 AclType##Size = AclType->AclSize; \
494 DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \
495 ProbeForRead(AclType, \
498 if(!RtlValidAcl(AclType)) \
500 Status = STATUS_INVALID_ACL; \
505 Status = _SEH_GetExceptionCode(); \
509 if(!NT_SUCCESS(Status)) \
516 AclType##Size = AclType->AclSize; \
517 DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \
522 DescriptorCopy.AclType = NULL; \
526 DetermineACLSize(Sacl
, SACL
);
527 DetermineACLSize(Dacl
, DACL
);
529 /* allocate enough memory to store a complete copy of a self-relative
530 security descriptor */
531 NewDescriptor
= ExAllocatePool(PoolType
,
533 if(NewDescriptor
!= NULL
)
535 ULONG_PTR Offset
= sizeof(SECURITY_DESCRIPTOR
);
537 NewDescriptor
->Revision
= DescriptorCopy
.Revision
;
538 NewDescriptor
->Sbz1
= DescriptorCopy
.Sbz1
;
539 NewDescriptor
->Control
= DescriptorCopy
.Control
| SE_SELF_RELATIVE
;
543 /* setup the offsets and copy the SIDs and ACLs to the new
544 self-relative security descriptor. Probing the pointers is not
545 neccessary anymore as we did that when collecting the sizes! */
546 #define CopySIDOrACL(Type) \
548 if(DescriptorCopy.Type != NULL) \
550 NewDescriptor->Type = (PVOID)Offset; \
551 RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + \
552 (ULONG_PTR)NewDescriptor->Type), \
553 DescriptorCopy.Type, \
555 Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \
566 Status
= _SEH_GetExceptionCode();
570 if(NT_SUCCESS(Status
))
572 /* we're finally done! copy the pointer to the captured descriptor to
574 *CapturedSecurityDescriptor
= NewDescriptor
;
575 return STATUS_SUCCESS
;
579 /* we failed to copy the data to the new descriptor */
580 ExFreePool(NewDescriptor
);
585 Status
= STATUS_INSUFFICIENT_RESOURCES
;
590 /* nothing to do... */
591 *CapturedSecurityDescriptor
= NULL
;
601 SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation
,
602 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
603 IN OUT PULONG Length
,
604 IN PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor OPTIONAL
)
606 PSECURITY_DESCRIPTOR ObjectSd
;
607 PSECURITY_DESCRIPTOR_RELATIVE RelSD
;
612 ULONG OwnerLength
= 0;
613 ULONG GroupLength
= 0;
614 ULONG DaclLength
= 0;
615 ULONG SaclLength
= 0;
620 RelSD
= (PSECURITY_DESCRIPTOR_RELATIVE
)SecurityDescriptor
;
622 if (*ObjectsSecurityDescriptor
== NULL
)
624 if (*Length
< sizeof(SECURITY_DESCRIPTOR_RELATIVE
))
626 *Length
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
627 return STATUS_BUFFER_TOO_SMALL
;
630 *Length
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
631 RtlCreateSecurityDescriptorRelative(RelSD
,
632 SECURITY_DESCRIPTOR_REVISION
);
633 return STATUS_SUCCESS
;
636 ObjectSd
= *ObjectsSecurityDescriptor
;
638 /* Calculate the required security descriptor length */
639 Control
= SE_SELF_RELATIVE
;
640 if ((*SecurityInformation
& OWNER_SECURITY_INFORMATION
) &&
641 (ObjectSd
->Owner
!= NULL
))
643 Owner
= (PSID
)((ULONG_PTR
)ObjectSd
->Owner
+ (ULONG_PTR
)ObjectSd
);
644 OwnerLength
= ROUND_UP(RtlLengthSid(Owner
), 4);
645 Control
|= (ObjectSd
->Control
& SE_OWNER_DEFAULTED
);
648 if ((*SecurityInformation
& GROUP_SECURITY_INFORMATION
) &&
649 (ObjectSd
->Group
!= NULL
))
651 Group
= (PSID
)((ULONG_PTR
)ObjectSd
->Group
+ (ULONG_PTR
)ObjectSd
);
652 GroupLength
= ROUND_UP(RtlLengthSid(Group
), 4);
653 Control
|= (ObjectSd
->Control
& SE_GROUP_DEFAULTED
);
656 if ((*SecurityInformation
& DACL_SECURITY_INFORMATION
) &&
657 (ObjectSd
->Control
& SE_DACL_PRESENT
))
659 if (ObjectSd
->Dacl
!= NULL
)
661 Dacl
= (PACL
)((ULONG_PTR
)ObjectSd
->Dacl
+ (ULONG_PTR
)ObjectSd
);
662 DaclLength
= ROUND_UP((ULONG
)Dacl
->AclSize
, 4);
664 Control
|= (ObjectSd
->Control
& (SE_DACL_DEFAULTED
| SE_DACL_PRESENT
));
667 if ((*SecurityInformation
& SACL_SECURITY_INFORMATION
) &&
668 (ObjectSd
->Control
& SE_SACL_PRESENT
))
670 if (ObjectSd
->Sacl
!= NULL
)
672 Sacl
= (PACL
)((ULONG_PTR
)ObjectSd
->Sacl
+ (ULONG_PTR
)ObjectSd
);
673 SaclLength
= ROUND_UP(Sacl
->AclSize
, 4);
675 Control
|= (ObjectSd
->Control
& (SE_SACL_DEFAULTED
| SE_SACL_PRESENT
));
678 SdLength
= OwnerLength
+ GroupLength
+ DaclLength
+
679 SaclLength
+ sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
680 if (*Length
< SdLength
)
683 return STATUS_BUFFER_TOO_SMALL
;
686 /* Build the new security descrtiptor */
687 RtlCreateSecurityDescriptorRelative(RelSD
,
688 SECURITY_DESCRIPTOR_REVISION
);
689 RelSD
->Control
= Control
;
691 Current
= (ULONG_PTR
)(RelSD
+ 1);
693 if (OwnerLength
!= 0)
695 RtlCopyMemory((PVOID
)Current
,
698 RelSD
->Owner
= (ULONG
)(Current
- (ULONG_PTR
)SecurityDescriptor
);
699 Current
+= OwnerLength
;
702 if (GroupLength
!= 0)
704 RtlCopyMemory((PVOID
)Current
,
707 RelSD
->Group
= (ULONG
)(Current
- (ULONG_PTR
)SecurityDescriptor
);
708 Current
+= GroupLength
;
713 RtlCopyMemory((PVOID
)Current
,
716 RelSD
->Dacl
= (ULONG
)(Current
- (ULONG_PTR
)SecurityDescriptor
);
717 Current
+= DaclLength
;
722 RtlCopyMemory((PVOID
)Current
,
725 RelSD
->Sacl
= (ULONG
)(Current
- (ULONG_PTR
)SecurityDescriptor
);
726 Current
+= SaclLength
;
731 return STATUS_SUCCESS
;
739 SeReleaseSecurityDescriptor(
740 IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor
,
741 IN KPROCESSOR_MODE CurrentMode
,
742 IN BOOLEAN CaptureIfKernelMode
747 /* WARNING! You need to call this function with the same value for CurrentMode
748 and CaptureIfKernelMode that you previously passed to
749 SeCaptureSecurityDescriptor() in order to avoid memory leaks! */
750 if(CapturedSecurityDescriptor
!= NULL
&&
751 (CurrentMode
== UserMode
||
752 (CurrentMode
== KernelMode
&& CaptureIfKernelMode
)))
754 /* only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */
755 ExFreePool(CapturedSecurityDescriptor
);
758 return STATUS_SUCCESS
;
765 SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL
,
766 IN PSECURITY_INFORMATION SecurityInformation
,
767 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
768 IN OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
769 IN POOL_TYPE PoolType
,
770 IN PGENERIC_MAPPING GenericMapping
)
773 return STATUS_NOT_IMPLEMENTED
;
781 SeSetSecurityDescriptorInfoEx(
782 IN PVOID Object OPTIONAL
,
783 IN PSECURITY_INFORMATION SecurityInformation
,
784 IN PSECURITY_DESCRIPTOR ModificationDescriptor
,
785 IN OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
786 IN ULONG AutoInheritFlags
,
787 IN POOL_TYPE PoolType
,
788 IN PGENERIC_MAPPING GenericMapping
792 return STATUS_NOT_IMPLEMENTED
;
800 SeValidSecurityDescriptor(IN ULONG Length
,
801 IN PSECURITY_DESCRIPTOR SecurityDescriptor
)
807 if (Length
< SECURITY_DESCRIPTOR_MIN_LENGTH
)
809 DPRINT1("Invalid Security Descriptor revision\n");
813 if (SecurityDescriptor
->Revision
!= SECURITY_DESCRIPTOR_REVISION1
)
815 DPRINT1("Invalid Security Descriptor revision\n");
819 if (!(SecurityDescriptor
->Control
& SE_SELF_RELATIVE
))
821 DPRINT1("No self-relative Security Descriptor\n");
825 SdLength
= sizeof(SECURITY_DESCRIPTOR
);
827 /* Check Owner SID */
828 if (SecurityDescriptor
->Owner
== NULL
)
830 DPRINT1("No Owner SID\n");
834 if ((ULONG_PTR
)SecurityDescriptor
->Owner
% sizeof(ULONG
))
836 DPRINT1("Invalid Owner SID alignment\n");
840 Sid
= (PISID
)((ULONG_PTR
)SecurityDescriptor
+ (ULONG_PTR
)SecurityDescriptor
->Owner
);
841 if (Sid
->Revision
!= SID_REVISION
)
843 DPRINT1("Invalid Owner SID revision\n");
847 SdLength
+= (sizeof(SID
) + (Sid
->SubAuthorityCount
- 1) * sizeof(ULONG
));
848 if (Length
< SdLength
)
850 DPRINT1("Invalid Owner SID size\n");
854 /* Check Group SID */
855 if (SecurityDescriptor
->Group
!= NULL
)
857 if ((ULONG_PTR
)SecurityDescriptor
->Group
% sizeof(ULONG
))
859 DPRINT1("Invalid Group SID alignment\n");
863 Sid
= (PSID
)((ULONG_PTR
)SecurityDescriptor
+ (ULONG_PTR
)SecurityDescriptor
->Group
);
864 if (Sid
->Revision
!= SID_REVISION
)
866 DPRINT1("Invalid Group SID revision\n");
870 SdLength
+= (sizeof(SID
) + (Sid
->SubAuthorityCount
- 1) * sizeof(ULONG
));
871 if (Length
< SdLength
)
873 DPRINT1("Invalid Group SID size\n");
879 if (SecurityDescriptor
->Dacl
!= NULL
)
881 if ((ULONG_PTR
)SecurityDescriptor
->Dacl
% sizeof(ULONG
))
883 DPRINT1("Invalid DACL alignment\n");
887 Acl
= (PACL
)((ULONG_PTR
)SecurityDescriptor
+ (ULONG_PTR
)SecurityDescriptor
->Dacl
);
888 if ((Acl
->AclRevision
< MIN_ACL_REVISION
) &&
889 (Acl
->AclRevision
> MAX_ACL_REVISION
))
891 DPRINT1("Invalid DACL revision\n");
895 SdLength
+= Acl
->AclSize
;
896 if (Length
< SdLength
)
898 DPRINT1("Invalid DACL size\n");
904 if (SecurityDescriptor
->Sacl
!= NULL
)
906 if ((ULONG_PTR
)SecurityDescriptor
->Sacl
% sizeof(ULONG
))
908 DPRINT1("Invalid SACL alignment\n");
912 Acl
= (PACL
)((ULONG_PTR
)SecurityDescriptor
+ (ULONG_PTR
)SecurityDescriptor
->Sacl
);
913 if ((Acl
->AclRevision
< MIN_ACL_REVISION
) ||
914 (Acl
->AclRevision
> MAX_ACL_REVISION
))
916 DPRINT1("Invalid SACL revision\n");
920 SdLength
+= Acl
->AclSize
;
921 if (Length
< SdLength
)
923 DPRINT1("Invalid SACL size\n");