3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * PURPOSE: Security manager
6 * FILE: kernel/se/semgr.c
9 * 26/07/98: Added stubs for security functions
12 /* INCLUDES *****************************************************************/
14 #include <ddk/ntddk.h>
15 #include <internal/ps.h>
16 #include <internal/se.h>
18 #include <internal/debug.h>
20 #define TAG_SXPT TAG('S', 'X', 'P', 'T')
23 /* GLOBALS ******************************************************************/
25 PSE_EXPORTS EXPORTED SeExports = NULL;
28 /* PROTOTYPES ***************************************************************/
30 static BOOLEAN SepInitExports(VOID);
32 /* FUNCTIONS ****************************************************************/
40 if (!SepInitSecurityIDs())
51 if (!SepInitExports())
61 SepInitializeTokenImplementation();
70 SeExports = ExAllocatePoolWithTag(NonPagedPool,
73 if (SeExports == NULL)
76 SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege;
77 SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
78 SeExports->SeLockMemoryPrivilege = SeLockMemoryPrivilege;
79 SeExports->SeIncreaseQuotaPrivilege = SeIncreaseQuotaPrivilege;
80 SeExports->SeUnsolicitedInputPrivilege = SeUnsolicitedInputPrivilege;
81 SeExports->SeTcbPrivilege = SeTcbPrivilege;
82 SeExports->SeSecurityPrivilege = SeSecurityPrivilege;
83 SeExports->SeTakeOwnershipPrivilege = SeTakeOwnershipPrivilege;
84 SeExports->SeLoadDriverPrivilege = SeLoadDriverPrivilege;
85 SeExports->SeCreatePagefilePrivilege = SeCreatePagefilePrivilege;
86 SeExports->SeIncreaseBasePriorityPrivilege = SeIncreaseBasePriorityPrivilege;
87 SeExports->SeSystemProfilePrivilege = SeSystemProfilePrivilege;
88 SeExports->SeSystemtimePrivilege = SeSystemtimePrivilege;
89 SeExports->SeProfileSingleProcessPrivilege = SeProfileSingleProcessPrivilege;
90 SeExports->SeCreatePermanentPrivilege = SeCreatePermanentPrivilege;
91 SeExports->SeBackupPrivilege = SeBackupPrivilege;
92 SeExports->SeRestorePrivilege = SeRestorePrivilege;
93 SeExports->SeShutdownPrivilege = SeShutdownPrivilege;
94 SeExports->SeDebugPrivilege = SeDebugPrivilege;
95 SeExports->SeAuditPrivilege = SeAuditPrivilege;
96 SeExports->SeSystemEnvironmentPrivilege = SeSystemEnvironmentPrivilege;
97 SeExports->SeChangeNotifyPrivilege = SeChangeNotifyPrivilege;
98 SeExports->SeRemoteShutdownPrivilege = SeRemoteShutdownPrivilege;
100 SeExports->SeNullSid = SeNullSid;
101 SeExports->SeWorldSid = SeWorldSid;
102 SeExports->SeLocalSid = SeLocalSid;
103 SeExports->SeCreatorOwnerSid = SeCreatorOwnerSid;
104 SeExports->SeCreatorGroupSid = SeCreatorGroupSid;
105 SeExports->SeNtAuthoritySid = SeNtAuthoritySid;
106 SeExports->SeDialupSid = SeDialupSid;
107 SeExports->SeNetworkSid = SeNetworkSid;
108 SeExports->SeBatchSid = SeBatchSid;
109 SeExports->SeInteractiveSid = SeInteractiveSid;
110 SeExports->SeLocalSystemSid = SeLocalSystemSid;
111 SeExports->SeAliasAdminsSid = SeAliasAdminsSid;
112 SeExports->SeAliasUsersSid = SeAliasUsersSid;
113 SeExports->SeAliasGuestsSid = SeAliasGuestsSid;
114 SeExports->SeAliasPowerUsersSid = SeAliasPowerUsersSid;
115 SeExports->SeAliasAccountOpsSid = SeAliasAccountOpsSid;
116 SeExports->SeAliasSystemOpsSid = SeAliasSystemOpsSid;
117 SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid;
118 SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid;
124 VOID SepReferenceLogonSession(PLUID AuthenticationId)
129 VOID SepDeReferenceLogonSession(PLUID AuthenticationId)
135 NtPrivilegedServiceAuditAlarm(IN PUNICODE_STRING SubsystemName,
136 IN PUNICODE_STRING ServiceName,
137 IN HANDLE ClientToken,
138 IN PPRIVILEGE_SET Privileges,
139 IN BOOLEAN AccessGranted)
146 NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
148 IN HANDLE ClientToken,
149 IN ULONG DesiredAccess,
150 IN PPRIVILEGE_SET Privileges,
151 IN BOOLEAN AccessGranted)
158 NtOpenObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
160 IN POBJECT_ATTRIBUTES ObjectAttributes,
161 IN HANDLE ClientToken,
162 IN ULONG DesiredAccess,
163 IN ULONG GrantedAccess,
164 IN PPRIVILEGE_SET Privileges,
165 IN BOOLEAN ObjectCreation,
166 IN BOOLEAN AccessGranted,
167 OUT PBOOLEAN GenerateOnClose)
174 NtAccessCheckAndAuditAlarm(IN PUNICODE_STRING SubsystemName,
175 IN PHANDLE ObjectHandle,
176 IN POBJECT_ATTRIBUTES ObjectAttributes,
177 IN ACCESS_MASK DesiredAccess,
178 IN PGENERIC_MAPPING GenericMapping,
179 IN BOOLEAN ObjectCreation,
180 OUT PULONG GrantedAccess,
181 OUT PBOOLEAN AccessStatus,
182 OUT PBOOLEAN GenerateOnClose
190 NtAllocateUuids(PULARGE_INTEGER Time,
199 NtCloseObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
201 IN BOOLEAN GenerateOnClose)
208 NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
209 IN HANDLE ClientToken,
210 IN ACCESS_MASK DesiredAccess,
211 IN PGENERIC_MAPPING GenericMapping,
212 OUT PPRIVILEGE_SET PrivilegeSet,
213 OUT PULONG ReturnLength,
214 OUT PULONG GrantedAccess,
215 OUT PBOOLEAN AccessStatus)
222 NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
224 IN BOOLEAN GenerateOnClose)
231 VOID STDCALL SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
233 ObDereferenceObject(SubjectContext->PrimaryToken);
234 if (SubjectContext->ClientToken != NULL)
236 ObDereferenceObject(SubjectContext->ClientToken);
240 VOID STDCALL SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
246 Process = PsGetCurrentThread()->ThreadsProcess;
248 SubjectContext->ProcessAuditId = Process;
249 SubjectContext->ClientToken =
250 PsReferenceImpersonationToken(PsGetCurrentThread(),
253 &SubjectContext->ImpersonationLevel);
254 SubjectContext->PrimaryToken = PsReferencePrimaryToken(Process);
259 SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor)
261 if ((*SecurityDescriptor) != NULL)
263 ExFreePool(*SecurityDescriptor);
264 (*SecurityDescriptor) = NULL;
266 return(STATUS_SUCCESS);
271 VOID SepGetDefaultsSubjectContext(PSECURITY_SUBJECT_CONTEXT SubjectContext,
275 PSID* ProcessPrimaryGroup,
280 if (SubjectContext->ClientToken != NULL)
282 Token = SubjectContext->ClientToken;
286 Token = SubjectContext->PrimaryToken;
288 *Owner = Token->UserAndGroups[Token->DefaultOwnerIndex].Sid;
289 *PrimaryGroup = Token->PrimaryGroup;
290 *DefaultDacl = Token->DefaultDacl;
291 *ProcessOwner = SubjectContext->PrimaryToken->
292 UserAndGroups[Token->DefaultOwnerIndex].Sid;
293 *ProcessPrimaryGroup = SubjectContext->PrimaryToken->PrimaryGroup;
296 NTSTATUS SepInheritAcl(PACL Acl,
297 BOOLEAN IsDirectoryObject,
303 PGENERIC_MAPPING GenericMapping)
307 return(STATUS_UNSUCCESSFUL);
309 if (Acl->AclRevision != 2 &&
310 Acl->AclRevision != 3 )
312 return(STATUS_UNSUCCESSFUL);
319 SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
320 PSECURITY_DESCRIPTOR ExplicitDescriptor,
321 PSECURITY_DESCRIPTOR* NewDescriptor,
322 BOOLEAN IsDirectoryObject,
323 PSECURITY_SUBJECT_CONTEXT SubjectContext,
324 PGENERIC_MAPPING GenericMapping,
328 PSECURITY_DESCRIPTOR Descriptor;
333 PSID ProcessPrimaryGroup;
336 if (ExplicitDescriptor == NULL)
338 RtlCreateSecurityDescriptor(&Descriptor, 1);
342 Descriptor = ExplicitDescriptor;
344 SeLockSubjectContext(SubjectContext);
345 SepGetDefaultsSubjectContext(SubjectContext,
350 &ProcessPrimaryGroup);
351 if (Descriptor->Control & SE_SACL_PRESENT ||
352 Descriptor->Control & SE_SACL_DEFAULTED)
354 if (ParentDescriptor == NULL)
357 if (Descriptor->Control & SE_SACL_PRESENT ||
358 Descriptor->Sacl == NULL ||)
364 Sacl = Descriptor->Sacl;
365 if (Descriptor->Control & SE_SELF_RELATIVE)
367 Sacl = (PACL)(((PVOID)Sacl) + (PVOID)Descriptor);
383 BOOLEAN SepSidInToken(PACCESS_TOKEN Token,
388 if (Token->UserAndGroupCount == 0)
393 for (i=0; i<Token->UserAndGroupCount; i++)
395 if (RtlEqualSid(Sid, Token->UserAndGroups[i].Sid))
398 (!(Token->UserAndGroups[i].Attributes & SE_GROUP_ENABLED)))
410 SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
411 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
412 IN BOOLEAN SubjectContextLocked,
413 IN ACCESS_MASK DesiredAccess,
414 IN ACCESS_MASK PreviouslyGrantedAccess,
415 OUT PPRIVILEGE_SET* Privileges,
416 IN PGENERIC_MAPPING GenericMapping,
417 IN KPROCESSOR_MODE AccessMode,
418 OUT PACCESS_MODE GrantedAccess,
419 OUT PNTSTATUS AccessStatus)
421 * FUNCTION: Determines whether the requested access rights can be granted
422 * to an object protected by a security descriptor and an object owner
424 * SecurityDescriptor = Security descriptor protecting the object
425 * SubjectSecurityContext = Subject's captured security context
426 * SubjectContextLocked = Indicates the user's subject context is locked
427 * DesiredAccess = Access rights the caller is trying to acquire
428 * PreviouslyGrantedAccess = Specified the access rights already granted
430 * GenericMapping = Generic mapping associated with the object
431 * AccessMode = Access mode used for the check
432 * GrantedAccess (OUT) = On return specifies the access granted
433 * AccessStatus (OUT) = Status indicating why access was denied
434 * RETURNS: If access was granted, returns TRUE
444 ACCESS_MASK CurrentAccess;
446 CurrentAccess = PreviouslyGrantedAccess;
449 * Ignore the SACL for now
455 Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
459 if (!NT_SUCCESS(Status))
464 CurrentAce = (PACE)(Dacl + 1);
465 for (i = 0; i < Dacl->AceCount; i++)
467 Sid = (PSID)(CurrentAce + 1);
468 if (CurrentAce->Header.AceType == ACCESS_DENIED_ACE_TYPE)
470 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
472 *AccessStatus = STATUS_ACCESS_DENIED;
474 return(STATUS_SUCCESS);
477 if (CurrentAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
479 if (SepSidInToken(SubjectSecurityContext->ClientToken, Sid))
481 CurrentAccess = CurrentAccess |
482 CurrentAce->AccessMask;
486 if (!(CurrentAccess & DesiredAccess) &&
487 !((~CurrentAccess) & DesiredAccess))
489 *AccessStatus = STATUS_ACCESS_DENIED;
493 *AccessStatus = STATUS_SUCCESS;
495 *GrantedAccess = CurrentAccess;
497 return(STATUS_SUCCESS);