3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * PURPOSE: Security manager
6 * FILE: kernel/se/semgr.c
9 * 26/07/98: Added stubs for security functions
12 /* INCLUDES *****************************************************************/
14 #include <ddk/ntddk.h>
15 #include <internal/ps.h>
16 #include <internal/se.h>
18 #include <internal/debug.h>
20 #define TAG_SXPT TAG('S', 'X', 'P', 'T')
23 /* GLOBALS ******************************************************************/
25 PSE_EXPORTS EXPORTED SeExports = NULL;
28 /* PROTOTYPES ***************************************************************/
30 static BOOLEAN SepInitExports(VOID);
32 /* FUNCTIONS ****************************************************************/
39 if (!SepInitSecurityIDs())
45 #endif /* LIBCAPTIVE */
52 if (!SepInitExports())
62 SepInitializeTokenImplementation();
71 OBJECT_ATTRIBUTES ObjectAttributes;
73 HANDLE DirectoryHandle;
76 #endif /* LIBCAPTIVE */
79 /* Create '\Security' directory */
80 RtlInitUnicodeString(&Name,
81 REACTOS_UCS2(L"\\Security"));
82 InitializeObjectAttributes(&ObjectAttributes,
87 Status = NtCreateDirectoryObject(&DirectoryHandle,
90 if (!NT_SUCCESS(Status))
92 DPRINT1("Failed to create 'Security' directory!\n");
97 /* Create 'LSA_AUTHENTICATION_INITALIZED' event */
98 RtlInitUnicodeString(&Name,
99 REACTOS_UCS2(L"\\LSA_AUTHENTICATION_INITALIZED"));
100 InitializeObjectAttributes(&ObjectAttributes,
105 Status = NtCreateEvent(&EventHandle,
110 if (!NT_SUCCESS(Status))
112 DPRINT1("Failed to create 'Security' directory!\n");
113 NtClose(DirectoryHandle);
117 NtClose(EventHandle);
118 NtClose(DirectoryHandle);
119 #endif /* LIBCAPTIVE */
121 /* FIXME: Create SRM port and listener thread */
130 SeExports = ExAllocatePoolWithTag(NonPagedPool,
133 if (SeExports == NULL)
136 SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege;
137 SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
138 SeExports->SeLockMemoryPrivilege = SeLockMemoryPrivilege;
139 SeExports->SeIncreaseQuotaPrivilege = SeIncreaseQuotaPrivilege;
140 SeExports->SeUnsolicitedInputPrivilege = SeUnsolicitedInputPrivilege;
141 SeExports->SeTcbPrivilege = SeTcbPrivilege;
142 SeExports->SeSecurityPrivilege = SeSecurityPrivilege;
143 SeExports->SeTakeOwnershipPrivilege = SeTakeOwnershipPrivilege;
144 SeExports->SeLoadDriverPrivilege = SeLoadDriverPrivilege;
145 SeExports->SeCreatePagefilePrivilege = SeCreatePagefilePrivilege;
146 SeExports->SeIncreaseBasePriorityPrivilege = SeIncreaseBasePriorityPrivilege;
147 SeExports->SeSystemProfilePrivilege = SeSystemProfilePrivilege;
148 SeExports->SeSystemtimePrivilege = SeSystemtimePrivilege;
149 SeExports->SeProfileSingleProcessPrivilege = SeProfileSingleProcessPrivilege;
150 SeExports->SeCreatePermanentPrivilege = SeCreatePermanentPrivilege;
151 SeExports->SeBackupPrivilege = SeBackupPrivilege;
152 SeExports->SeRestorePrivilege = SeRestorePrivilege;
153 SeExports->SeShutdownPrivilege = SeShutdownPrivilege;
154 SeExports->SeDebugPrivilege = SeDebugPrivilege;
155 SeExports->SeAuditPrivilege = SeAuditPrivilege;
156 SeExports->SeSystemEnvironmentPrivilege = SeSystemEnvironmentPrivilege;
157 SeExports->SeChangeNotifyPrivilege = SeChangeNotifyPrivilege;
158 SeExports->SeRemoteShutdownPrivilege = SeRemoteShutdownPrivilege;
160 SeExports->SeNullSid = SeNullSid;
161 SeExports->SeWorldSid = SeWorldSid;
162 SeExports->SeLocalSid = SeLocalSid;
163 SeExports->SeCreatorOwnerSid = SeCreatorOwnerSid;
164 SeExports->SeCreatorGroupSid = SeCreatorGroupSid;
165 SeExports->SeNtAuthoritySid = SeNtAuthoritySid;
166 SeExports->SeDialupSid = SeDialupSid;
167 SeExports->SeNetworkSid = SeNetworkSid;
168 SeExports->SeBatchSid = SeBatchSid;
169 SeExports->SeInteractiveSid = SeInteractiveSid;
170 SeExports->SeLocalSystemSid = SeLocalSystemSid;
171 SeExports->SeAliasAdminsSid = SeAliasAdminsSid;
172 SeExports->SeAliasUsersSid = SeAliasUsersSid;
173 SeExports->SeAliasGuestsSid = SeAliasGuestsSid;
174 SeExports->SeAliasPowerUsersSid = SeAliasPowerUsersSid;
175 SeExports->SeAliasAccountOpsSid = SeAliasAccountOpsSid;
176 SeExports->SeAliasSystemOpsSid = SeAliasSystemOpsSid;
177 SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid;
178 SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid;
185 VOID SepReferenceLogonSession(PLUID AuthenticationId)
190 VOID SepDeReferenceLogonSession(PLUID AuthenticationId)
196 NtPrivilegedServiceAuditAlarm(IN PUNICODE_STRING SubsystemName,
197 IN PUNICODE_STRING ServiceName,
198 IN HANDLE ClientToken,
199 IN PPRIVILEGE_SET Privileges,
200 IN BOOLEAN AccessGranted)
207 NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
209 IN HANDLE ClientToken,
210 IN ULONG DesiredAccess,
211 IN PPRIVILEGE_SET Privileges,
212 IN BOOLEAN AccessGranted)
219 NtOpenObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
221 IN POBJECT_ATTRIBUTES ObjectAttributes,
222 IN HANDLE ClientToken,
223 IN ULONG DesiredAccess,
224 IN ULONG GrantedAccess,
225 IN PPRIVILEGE_SET Privileges,
226 IN BOOLEAN ObjectCreation,
227 IN BOOLEAN AccessGranted,
228 OUT PBOOLEAN GenerateOnClose)
235 NtAccessCheckAndAuditAlarm(IN PUNICODE_STRING SubsystemName,
236 IN PHANDLE ObjectHandle,
237 IN POBJECT_ATTRIBUTES ObjectAttributes,
238 IN ACCESS_MASK DesiredAccess,
239 IN PGENERIC_MAPPING GenericMapping,
240 IN BOOLEAN ObjectCreation,
241 OUT PULONG GrantedAccess,
242 OUT PBOOLEAN AccessStatus,
243 OUT PBOOLEAN GenerateOnClose
251 NtAllocateUuids(PULARGE_INTEGER Time,
260 NtCloseObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
262 IN BOOLEAN GenerateOnClose)
269 NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
270 IN HANDLE ClientToken,
271 IN ACCESS_MASK DesiredAccess,
272 IN PGENERIC_MAPPING GenericMapping,
273 OUT PPRIVILEGE_SET PrivilegeSet,
274 OUT PULONG ReturnLength,
275 OUT PULONG GrantedAccess,
276 OUT PBOOLEAN AccessStatus)
283 NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
285 IN BOOLEAN GenerateOnClose)
291 #endif /* LIBCAPTIVE */
293 VOID STDCALL SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
295 ObDereferenceObject(SubjectContext->PrimaryToken);
296 if (SubjectContext->ClientToken != NULL)
298 ObDereferenceObject(SubjectContext->ClientToken);
303 VOID STDCALL SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
309 Process = PsGetCurrentThread()->ThreadsProcess;
311 SubjectContext->ProcessAuditId = Process;
312 SubjectContext->ClientToken =
313 PsReferenceImpersonationToken(PsGetCurrentThread(),
316 &SubjectContext->ImpersonationLevel);
317 SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
322 SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor)
324 if ((*SecurityDescriptor) != NULL)
326 ExFreePool(*SecurityDescriptor);
327 (*SecurityDescriptor) = NULL;
329 return(STATUS_SUCCESS);
335 VOID SepGetDefaultsSubjectContext(PSECURITY_SUBJECT_CONTEXT SubjectContext,
339 PSID* ProcessPrimaryGroup,
344 if (SubjectContext->ClientToken != NULL)
346 Token = SubjectContext->ClientToken;
350 Token = SubjectContext->PrimaryToken;
352 *Owner = Token->UserAndGroups[Token->DefaultOwnerIndex].Sid;
353 *PrimaryGroup = Token->PrimaryGroup;
354 *DefaultDacl = Token->DefaultDacl;
355 *ProcessOwner = SubjectContext->PrimaryToken->
356 UserAndGroups[Token->DefaultOwnerIndex].Sid;
357 *ProcessPrimaryGroup = SubjectContext->PrimaryToken->PrimaryGroup;
360 NTSTATUS SepInheritAcl(PACL Acl,
361 BOOLEAN IsDirectoryObject,
367 PGENERIC_MAPPING GenericMapping)
371 return(STATUS_UNSUCCESSFUL);
373 if (Acl->AclRevision != 2 &&
374 Acl->AclRevision != 3 )
376 return(STATUS_UNSUCCESSFUL);
383 SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
384 PSECURITY_DESCRIPTOR ExplicitDescriptor OPTIONAL,
385 PSECURITY_DESCRIPTOR* NewDescriptor,
386 BOOLEAN IsDirectoryObject,
387 PSECURITY_SUBJECT_CONTEXT SubjectContext,
388 PGENERIC_MAPPING GenericMapping,
392 PSECURITY_DESCRIPTOR Descriptor;
397 PSID ProcessPrimaryGroup;
400 if (ExplicitDescriptor == NULL)
402 RtlCreateSecurityDescriptor(&Descriptor, 1);
406 Descriptor = ExplicitDescriptor;
408 SeLockSubjectContext(SubjectContext);
409 SepGetDefaultsSubjectContext(SubjectContext,
414 &ProcessPrimaryGroup);
415 if (Descriptor->Control & SE_SACL_PRESENT ||
416 Descriptor->Control & SE_SACL_DEFAULTED)
418 if (ParentDescriptor == NULL)
421 if (Descriptor->Control & SE_SACL_PRESENT ||
422 Descriptor->Sacl == NULL ||)
428 Sacl = Descriptor->Sacl;
429 if (Descriptor->Control & SE_SELF_RELATIVE)
431 Sacl = (PACL)(((PVOID)Sacl) + (PVOID)Descriptor);
447 BOOLEAN SepSidInToken(PACCESS_TOKEN Token,
452 if (Token->UserAndGroupCount == 0)
457 for (i=0; i<Token->UserAndGroupCount; i++)
459 if (RtlEqualSid(Sid, Token->UserAndGroups[i].Sid))
462 (!(Token->UserAndGroups[i].Attributes & SE_GROUP_ENABLED)))
474 SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
475 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
476 IN BOOLEAN SubjectContextLocked,
477 IN ACCESS_MASK DesiredAccess,
478 IN ACCESS_MASK PreviouslyGrantedAccess,
479 OUT PPRIVILEGE_SET* Privileges,
480 IN PGENERIC_MAPPING GenericMapping,
481 IN KPROCESSOR_MODE AccessMode,
482 OUT PACCESS_MODE GrantedAccess,
483 OUT PNTSTATUS AccessStatus)
485 * FUNCTION: Determines whether the requested access rights can be granted
486 * to an object protected by a security descriptor and an object owner
488 * SecurityDescriptor = Security descriptor protecting the object
489 * SubjectSecurityContext = Subject's captured security context
490 * SubjectContextLocked = Indicates the user's subject context is locked
491 * DesiredAccess = Access rights the caller is trying to acquire
492 * PreviouslyGrantedAccess = Specified the access rights already granted
494 * GenericMapping = Generic mapping associated with the object
495 * AccessMode = Access mode used for the check
496 * GrantedAccess (OUT) = On return specifies the access granted
497 * AccessStatus (OUT) = Status indicating why access was denied
498 * RETURNS: If access was granted, returns TRUE
508 ACCESS_MASK CurrentAccess;
510 CurrentAccess = PreviouslyGrantedAccess;
513 * Ignore the SACL for now
519 Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
523 if (!NT_SUCCESS(Status))
528 CurrentAce = (PACE)(Dacl + 1);
529 for (i = 0; i < Dacl->AceCount; i++)
531 Sid = (PSID)(CurrentAce + 1);
532 if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
534 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
536 *AccessStatus = STATUS_ACCESS_DENIED;
538 return(STATUS_SUCCESS);
541 if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
543 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
545 CurrentAccess = CurrentAccess |
546 CurrentAce->AccessMask;
550 if (!(CurrentAccess & DesiredAccess) &&
551 !((~CurrentAccess) & DesiredAccess))
553 *AccessStatus = STATUS_ACCESS_DENIED;
557 *AccessStatus = STATUS_SUCCESS;
559 *GrantedAccess = CurrentAccess;
561 return(STATUS_SUCCESS);
564 #endif /* LIBCAPTIVE */