From f8a4d31da489660d48975a685da49fb1f4748685 Mon Sep 17 00:00:00 2001
From: Pierre Schweitzer <pierre@reactos.org>
Date: Sun, 2 Jun 2019 09:50:05 +0200
Subject: [PATCH 1/1] [NTOSKRNL] On process primary token change, dereference
 device map

---
 ntoskrnl/ps/security.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ntoskrnl/ps/security.c b/ntoskrnl/ps/security.c
index e245dde563f..619ff56d247 100644
--- a/ntoskrnl/ps/security.c
+++ b/ntoskrnl/ps/security.c
@@ -325,6 +325,14 @@ PspSetPrimaryToken(IN PEPROCESS Process,
                                        STANDARD_RIGHTS_ALL |
                                        PROCESS_SET_QUOTA);
         }
+
+        /*
+         * In case LUID device maps are enable, we may not be using
+         * system device map for this process, but a logon LUID based
+         * device map. Because we change primary token, this usage is
+         * no longer valid, so dereference the process device map
+         */
+        if (ObIsLUIDDeviceMapsEnabled()) ObDereferenceDeviceMap(Process);
     }
 
     /* Dereference the token */
-- 
2.17.1