3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * PURPOSE: Security manager
6 * FILE: kernel/se/semgr.c
9 * 26/07/98: Added stubs for security functions
12 /* INCLUDES *****************************************************************/
14 #include <ddk/ntddk.h>
15 #include <internal/ps.h>
16 #include <internal/se.h>
18 #include <internal/debug.h>
20 #define TAG_SXPT TAG('S', 'X', 'P', 'T')
23 /* GLOBALS ******************************************************************/
25 PSE_EXPORTS EXPORTED SeExports = NULL;
28 /* PROTOTYPES ***************************************************************/
30 static BOOLEAN SepInitExports(VOID);
32 /* FUNCTIONS ****************************************************************/
39 if (!SepInitSecurityIDs())
45 #endif /* LIBCAPTIVE */
52 if (!SepInitExports())
62 SepInitializeTokenImplementation();
71 SeExports = ExAllocatePoolWithTag(NonPagedPool,
74 if (SeExports == NULL)
77 SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege;
78 SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
79 SeExports->SeLockMemoryPrivilege = SeLockMemoryPrivilege;
80 SeExports->SeIncreaseQuotaPrivilege = SeIncreaseQuotaPrivilege;
81 SeExports->SeUnsolicitedInputPrivilege = SeUnsolicitedInputPrivilege;
82 SeExports->SeTcbPrivilege = SeTcbPrivilege;
83 SeExports->SeSecurityPrivilege = SeSecurityPrivilege;
84 SeExports->SeTakeOwnershipPrivilege = SeTakeOwnershipPrivilege;
85 SeExports->SeLoadDriverPrivilege = SeLoadDriverPrivilege;
86 SeExports->SeCreatePagefilePrivilege = SeCreatePagefilePrivilege;
87 SeExports->SeIncreaseBasePriorityPrivilege = SeIncreaseBasePriorityPrivilege;
88 SeExports->SeSystemProfilePrivilege = SeSystemProfilePrivilege;
89 SeExports->SeSystemtimePrivilege = SeSystemtimePrivilege;
90 SeExports->SeProfileSingleProcessPrivilege = SeProfileSingleProcessPrivilege;
91 SeExports->SeCreatePermanentPrivilege = SeCreatePermanentPrivilege;
92 SeExports->SeBackupPrivilege = SeBackupPrivilege;
93 SeExports->SeRestorePrivilege = SeRestorePrivilege;
94 SeExports->SeShutdownPrivilege = SeShutdownPrivilege;
95 SeExports->SeDebugPrivilege = SeDebugPrivilege;
96 SeExports->SeAuditPrivilege = SeAuditPrivilege;
97 SeExports->SeSystemEnvironmentPrivilege = SeSystemEnvironmentPrivilege;
98 SeExports->SeChangeNotifyPrivilege = SeChangeNotifyPrivilege;
99 SeExports->SeRemoteShutdownPrivilege = SeRemoteShutdownPrivilege;
101 SeExports->SeNullSid = SeNullSid;
102 SeExports->SeWorldSid = SeWorldSid;
103 SeExports->SeLocalSid = SeLocalSid;
104 SeExports->SeCreatorOwnerSid = SeCreatorOwnerSid;
105 SeExports->SeCreatorGroupSid = SeCreatorGroupSid;
106 SeExports->SeNtAuthoritySid = SeNtAuthoritySid;
107 SeExports->SeDialupSid = SeDialupSid;
108 SeExports->SeNetworkSid = SeNetworkSid;
109 SeExports->SeBatchSid = SeBatchSid;
110 SeExports->SeInteractiveSid = SeInteractiveSid;
111 SeExports->SeLocalSystemSid = SeLocalSystemSid;
112 SeExports->SeAliasAdminsSid = SeAliasAdminsSid;
113 SeExports->SeAliasUsersSid = SeAliasUsersSid;
114 SeExports->SeAliasGuestsSid = SeAliasGuestsSid;
115 SeExports->SeAliasPowerUsersSid = SeAliasPowerUsersSid;
116 SeExports->SeAliasAccountOpsSid = SeAliasAccountOpsSid;
117 SeExports->SeAliasSystemOpsSid = SeAliasSystemOpsSid;
118 SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid;
119 SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid;
126 VOID SepReferenceLogonSession(PLUID AuthenticationId)
131 VOID SepDeReferenceLogonSession(PLUID AuthenticationId)
137 NtPrivilegedServiceAuditAlarm(IN PUNICODE_STRING SubsystemName,
138 IN PUNICODE_STRING ServiceName,
139 IN HANDLE ClientToken,
140 IN PPRIVILEGE_SET Privileges,
141 IN BOOLEAN AccessGranted)
148 NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
150 IN HANDLE ClientToken,
151 IN ULONG DesiredAccess,
152 IN PPRIVILEGE_SET Privileges,
153 IN BOOLEAN AccessGranted)
160 NtOpenObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
162 IN POBJECT_ATTRIBUTES ObjectAttributes,
163 IN HANDLE ClientToken,
164 IN ULONG DesiredAccess,
165 IN ULONG GrantedAccess,
166 IN PPRIVILEGE_SET Privileges,
167 IN BOOLEAN ObjectCreation,
168 IN BOOLEAN AccessGranted,
169 OUT PBOOLEAN GenerateOnClose)
176 NtAccessCheckAndAuditAlarm(IN PUNICODE_STRING SubsystemName,
177 IN PHANDLE ObjectHandle,
178 IN POBJECT_ATTRIBUTES ObjectAttributes,
179 IN ACCESS_MASK DesiredAccess,
180 IN PGENERIC_MAPPING GenericMapping,
181 IN BOOLEAN ObjectCreation,
182 OUT PULONG GrantedAccess,
183 OUT PBOOLEAN AccessStatus,
184 OUT PBOOLEAN GenerateOnClose
192 NtAllocateUuids(PULARGE_INTEGER Time,
201 NtCloseObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
203 IN BOOLEAN GenerateOnClose)
210 NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
211 IN HANDLE ClientToken,
212 IN ACCESS_MASK DesiredAccess,
213 IN PGENERIC_MAPPING GenericMapping,
214 OUT PPRIVILEGE_SET PrivilegeSet,
215 OUT PULONG ReturnLength,
216 OUT PULONG GrantedAccess,
217 OUT PBOOLEAN AccessStatus)
224 NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
226 IN BOOLEAN GenerateOnClose)
232 #endif /* LIBCAPTIVE */
234 VOID STDCALL SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
236 ObDereferenceObject(SubjectContext->PrimaryToken);
237 if (SubjectContext->ClientToken != NULL)
239 ObDereferenceObject(SubjectContext->ClientToken);
244 VOID STDCALL SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
250 Process = PsGetCurrentThread()->ThreadsProcess;
252 SubjectContext->ProcessAuditId = Process;
253 SubjectContext->ClientToken =
254 PsReferenceImpersonationToken(PsGetCurrentThread(),
257 &SubjectContext->ImpersonationLevel);
258 SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
264 SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor)
266 if ((*SecurityDescriptor) != NULL)
268 ExFreePool(*SecurityDescriptor);
269 (*SecurityDescriptor) = NULL;
271 return(STATUS_SUCCESS);
276 VOID SepGetDefaultsSubjectContext(PSECURITY_SUBJECT_CONTEXT SubjectContext,
280 PSID* ProcessPrimaryGroup,
285 if (SubjectContext->ClientToken != NULL)
287 Token = SubjectContext->ClientToken;
291 Token = SubjectContext->PrimaryToken;
293 *Owner = Token->UserAndGroups[Token->DefaultOwnerIndex].Sid;
294 *PrimaryGroup = Token->PrimaryGroup;
295 *DefaultDacl = Token->DefaultDacl;
296 *ProcessOwner = SubjectContext->PrimaryToken->
297 UserAndGroups[Token->DefaultOwnerIndex].Sid;
298 *ProcessPrimaryGroup = SubjectContext->PrimaryToken->PrimaryGroup;
301 NTSTATUS SepInheritAcl(PACL Acl,
302 BOOLEAN IsDirectoryObject,
308 PGENERIC_MAPPING GenericMapping)
312 return(STATUS_UNSUCCESSFUL);
314 if (Acl->AclRevision != 2 &&
315 Acl->AclRevision != 3 )
317 return(STATUS_UNSUCCESSFUL);
324 SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
325 PSECURITY_DESCRIPTOR ExplicitDescriptor OPTIONAL,
326 PSECURITY_DESCRIPTOR* NewDescriptor,
327 BOOLEAN IsDirectoryObject,
328 PSECURITY_SUBJECT_CONTEXT SubjectContext,
329 PGENERIC_MAPPING GenericMapping,
333 PSECURITY_DESCRIPTOR Descriptor;
338 PSID ProcessPrimaryGroup;
341 if (ExplicitDescriptor == NULL)
343 RtlCreateSecurityDescriptor(&Descriptor, 1);
347 Descriptor = ExplicitDescriptor;
349 SeLockSubjectContext(SubjectContext);
350 SepGetDefaultsSubjectContext(SubjectContext,
355 &ProcessPrimaryGroup);
356 if (Descriptor->Control & SE_SACL_PRESENT ||
357 Descriptor->Control & SE_SACL_DEFAULTED)
359 if (ParentDescriptor == NULL)
362 if (Descriptor->Control & SE_SACL_PRESENT ||
363 Descriptor->Sacl == NULL ||)
369 Sacl = Descriptor->Sacl;
370 if (Descriptor->Control & SE_SELF_RELATIVE)
372 Sacl = (PACL)(((PVOID)Sacl) + (PVOID)Descriptor);
388 BOOLEAN SepSidInToken(PACCESS_TOKEN Token,
393 if (Token->UserAndGroupCount == 0)
398 for (i=0; i<Token->UserAndGroupCount; i++)
400 if (RtlEqualSid(Sid, Token->UserAndGroups[i].Sid))
403 (!(Token->UserAndGroups[i].Attributes & SE_GROUP_ENABLED)))
415 SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
416 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
417 IN BOOLEAN SubjectContextLocked,
418 IN ACCESS_MASK DesiredAccess,
419 IN ACCESS_MASK PreviouslyGrantedAccess,
420 OUT PPRIVILEGE_SET* Privileges,
421 IN PGENERIC_MAPPING GenericMapping,
422 IN KPROCESSOR_MODE AccessMode,
423 OUT PACCESS_MODE GrantedAccess,
424 OUT PNTSTATUS AccessStatus)
426 * FUNCTION: Determines whether the requested access rights can be granted
427 * to an object protected by a security descriptor and an object owner
429 * SecurityDescriptor = Security descriptor protecting the object
430 * SubjectSecurityContext = Subject's captured security context
431 * SubjectContextLocked = Indicates the user's subject context is locked
432 * DesiredAccess = Access rights the caller is trying to acquire
433 * PreviouslyGrantedAccess = Specified the access rights already granted
435 * GenericMapping = Generic mapping associated with the object
436 * AccessMode = Access mode used for the check
437 * GrantedAccess (OUT) = On return specifies the access granted
438 * AccessStatus (OUT) = Status indicating why access was denied
439 * RETURNS: If access was granted, returns TRUE
449 ACCESS_MASK CurrentAccess;
451 CurrentAccess = PreviouslyGrantedAccess;
454 * Ignore the SACL for now
460 Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
464 if (!NT_SUCCESS(Status))
469 CurrentAce = (PACE)(Dacl + 1);
470 for (i = 0; i < Dacl->AceCount; i++)
472 Sid = (PSID)(CurrentAce + 1);
473 if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
475 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
477 *AccessStatus = STATUS_ACCESS_DENIED;
479 return(STATUS_SUCCESS);
482 if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
484 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
486 CurrentAccess = CurrentAccess |
487 CurrentAce->AccessMask;
491 if (!(CurrentAccess & DesiredAccess) &&
492 !((~CurrentAccess) & DesiredAccess))
494 *AccessStatus = STATUS_ACCESS_DENIED;
498 *AccessStatus = STATUS_SUCCESS;
500 *GrantedAccess = CurrentAccess;
502 return(STATUS_SUCCESS);
505 #endif /* LIBCAPTIVE */