/* Phase 1: Allocate SIDs */
SidLength = RtlLengthRequiredSid(1);
- Sid[0] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
- Sid[1] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
- Sid[2] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
+ Sid[0] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
+ Sid[1] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
+ Sid[2] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
SidLength = RtlLengthRequiredSid(2);
- Sid[3] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
+ Sid[3] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CMSD);
/* Make sure all SIDs were allocated */
if (!(Sid[0]) || !(Sid[1]) || !(Sid[2]) || !(Sid[3]))
}
/* Phase 3: Allocate the ACL */
- Acl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_CM);
+ Acl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_CMSD);
if (!Acl) KeBugCheckEx(REGISTRY_ERROR, 11, 3, 0, 0);
/* Phase 4: Create the ACL */
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 4, Status, 0);
/* Phase 5: Build the ACL */
- Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[0]);
- Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[1]);
- Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[2]);
- Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[3]);
+ Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[2]);
+ Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[3]);
+ Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[0]);
+ Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[1]);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 5, Status, 0);
/* Phase 5: Make the ACEs inheritable */
- Status = RtlGetAce(Acl, 0,( PVOID*)&AceHeader);
+ Status = RtlGetAce(Acl, 0, (PVOID*)&AceHeader);
ASSERT(NT_SUCCESS(Status));
AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
Status = RtlGetAce(Acl, 1, (PVOID*)&AceHeader);
SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
sizeof(SECURITY_DESCRIPTOR) +
AclLength,
- TAG_CM);
+ TAG_CMSD);
if (!SecurityDescriptor) KeBugCheckEx(REGISTRY_ERROR, 11, 6, 0, 0);
/* Phase 6: Make a copy of the ACL */
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 8, Status, 0);
/* Free the SIDs and original ACL */
- for (i = 0; i < 4; i++) ExFreePoolWithTag(Sid[i], TAG_CM);
- ExFreePoolWithTag(Acl, TAG_CM);
+ for (i = 0; i < 4; i++) ExFreePoolWithTag(Sid[i], TAG_CMSD);
+ ExFreePoolWithTag(Acl, TAG_CMSD);
/* Return the security descriptor */
return SecurityDescriptor;