static
PSID
AppendRidToSid(PSID SrcSid,
ULONG Rid)
{
PSID DstSid = NULL;
UCHAR RidCount;
RidCount = *RtlSubAuthorityCountSid(SrcSid);
if (RidCount >= 8)
return NULL;
DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
if (DstSid == NULL)
return NULL;
RtlCopyMemory(DstSid,
SrcSid,
RtlLengthRequiredSid(RidCount));
*RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
*RtlSubAuthoritySid(DstSid, RidCount) = Rid;
return DstSid;
}
ULONG
VmDirLengthRequiredSid(
IN UCHAR SubAuthorityCount
)
{
return RtlLengthRequiredSid(SubAuthorityCount);
}
NTSTATUS
NTAPI
ScAllocateAndInitializeSid (
_Out_ PVOID *Sid,
_In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
_In_ ULONG SubAuthorityCount
)
{
NTSTATUS Status;
/* Allocate room for the SID */
*Sid = RtlAllocateHeap(RtlGetProcessHeap(),
0,
RtlLengthRequiredSid(SubAuthorityCount));
if (*Sid)
{
/* Initialize it, we're done */
RtlInitializeSid(*Sid, IdentifierAuthority, SubAuthorityCount);
Status = STATUS_SUCCESS;
}
else
{
/* No memory, we'll fail */
Status = STATUS_NO_MEMORY;
}
/* Return what happened */
return Status;
}
NTSTATUS
LsaSrvSidAppendRid(
PSID *ppOutSid,
PSID pInSid,
DWORD dwRid
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
DWORD dwSidLen = 0;
PSID pSid = NULL;
dwSidLen = RtlLengthRequiredSid(pInSid->SubAuthorityCount + 1);
ntStatus = LsaSrvAllocateMemory((void**)&pSid, dwSidLen);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
ntStatus = RtlCopySid(dwSidLen, pSid, pInSid);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
ntStatus = RtlAppendRidSid(dwSidLen, pSid, dwRid);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
*ppOutSid = pSid;
cleanup:
return ntStatus;
error:
if (pSid) {
LsaSrvFreeMemory(pSid);
}
*ppOutSid = NULL;
goto cleanup;
}
NTSTATUS
RtlAppendRidSid(
IN ULONG SidLength,
IN OUT PSID Sid,
IN ULONG Rid
)
{
NTSTATUS status = STATUS_SUCCESS;
ULONG length = 0;
if (Sid->SubAuthorityCount >= SID_MAX_SUB_AUTHORITIES)
{
status = STATUS_INVALID_PARAMETER;
GOTO_CLEANUP();
}
length = RtlLengthRequiredSid(Sid->SubAuthorityCount + 1);
if (SidLength < length)
{
status = STATUS_BUFFER_TOO_SMALL;
GOTO_CLEANUP();
}
Sid->SubAuthority[Sid->SubAuthorityCount] = Rid;
Sid->SubAuthorityCount++;
cleanup:
return status;
}
BOOLEAN
RtlpIsValidLittleEndianSidBuffer(
IN PVOID Buffer,
IN ULONG BufferSize,
OUT PULONG BufferUsed
)
{
NTSTATUS status = STATUS_SUCCESS;
PSID littleEndianSid = (PSID) Buffer;
ULONG size = 0;
if (BufferSize < SID_MIN_SIZE)
{
status = STATUS_INVALID_SID;
GOTO_CLEANUP();
}
size = RtlLengthRequiredSid(LW_LTOH8(littleEndianSid->SubAuthorityCount));
if (!RtlpIsBufferAvailable(BufferSize, 0, size))
{
status = STATUS_INVALID_SID;
GOTO_CLEANUP();
}
// This is ok since it only looks at 1-byte fields:
status = RtlValidSid(littleEndianSid) ? STATUS_SUCCESS : STATUS_INVALID_SID;
cleanup:
*BufferUsed = NT_SUCCESS(status) ? size : 0;
return NT_SUCCESS(status);
}
ULONG
RtlLengthSid(
IN PSID Sid
)
{
return RtlLengthRequiredSid(Sid->SubAuthorityCount);
}
/*
* @implemented
*/
NTSTATUS NTAPI
RtlAllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
UCHAR SubAuthorityCount,
ULONG SubAuthority0,
ULONG SubAuthority1,
ULONG SubAuthority2,
ULONG SubAuthority3,
ULONG SubAuthority4,
ULONG SubAuthority5,
ULONG SubAuthority6,
ULONG SubAuthority7,
PSID *Sid)
{
PISID pSid;
PAGED_CODE_RTL();
if (SubAuthorityCount > 8)
return STATUS_INVALID_SID;
if (Sid == NULL)
return STATUS_INVALID_PARAMETER;
pSid = RtlpAllocateMemory(RtlLengthRequiredSid(SubAuthorityCount),
TAG_SID);
if (pSid == NULL)
return STATUS_NO_MEMORY;
pSid->Revision = SID_REVISION;
pSid->SubAuthorityCount = SubAuthorityCount;
memcpy(&pSid->IdentifierAuthority,
IdentifierAuthority,
sizeof(SID_IDENTIFIER_AUTHORITY));
switch (SubAuthorityCount)
{
case 8:
pSid->SubAuthority[7] = SubAuthority7;
case 7:
pSid->SubAuthority[6] = SubAuthority6;
case 6:
pSid->SubAuthority[5] = SubAuthority5;
case 5:
pSid->SubAuthority[4] = SubAuthority4;
case 4:
pSid->SubAuthority[3] = SubAuthority3;
case 3:
pSid->SubAuthority[2] = SubAuthority2;
case 2:
pSid->SubAuthority[1] = SubAuthority1;
case 1:
pSid->SubAuthority[0] = SubAuthority0;
break;
}
*Sid = pSid;
return STATUS_SUCCESS;
}
NTSTATUS
NTAPI
SepCaptureSid(IN PSID InputSid,
IN KPROCESSOR_MODE AccessMode,
IN POOL_TYPE PoolType,
IN BOOLEAN CaptureIfKernel,
OUT PSID *CapturedSid)
{
ULONG SidSize = 0;
PISID NewSid, Sid = (PISID)InputSid;
NTSTATUS Status;
PAGED_CODE();
if (AccessMode != KernelMode)
{
_SEH2_TRY
{
ProbeForRead(Sid,
FIELD_OFFSET(SID,
SubAuthority),
sizeof(UCHAR));
SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
ProbeForRead(Sid,
SidSize,
sizeof(UCHAR));
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Return the exception code */
_SEH2_YIELD(return _SEH2_GetExceptionCode());
}
_SEH2_END;
/* allocate a SID and copy it */
NewSid = ExAllocatePool(PoolType,
SidSize);
if (NewSid != NULL)
{
_SEH2_TRY
{
RtlCopyMemory(NewSid,
Sid,
SidSize);
*CapturedSid = NewSid;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Free the SID and return the exception code */
ExFreePoolWithTag(NewSid, TAG_SID);
_SEH2_YIELD(return _SEH2_GetExceptionCode());
}
_SEH2_END;
}
/******************************************************************************
* RtlEqualPrefixSid [NTDLL.@]
*/
BOOL WINAPI RtlEqualPrefixSid (PSID pSid1, PSID pSid2)
{
if (!RtlValidSid(pSid1) || !RtlValidSid(pSid2))
return FALSE;
if (*RtlSubAuthorityCountSid(pSid1) != *RtlSubAuthorityCountSid(pSid2))
return FALSE;
if (memcmp(pSid1, pSid2, RtlLengthRequiredSid(pSid1->SubAuthorityCount - 1)) != 0)
return FALSE;
return TRUE;
}
BOOLEAN
LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
UCHAR SubAuthorityCount,
PULONG SubAuthorities,
PWSTR Name,
PWSTR Domain,
SID_NAME_USE NameUse)
{
PWELL_KNOWN_SID SidEntry;
PULONG p;
ULONG i;
SidEntry = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(WELL_KNOWN_SID));
if (SidEntry == NULL)
return FALSE;
InitializeListHead(&SidEntry->ListEntry);
SidEntry->Sid = RtlAllocateHeap(RtlGetProcessHeap(),
0,
RtlLengthRequiredSid(SubAuthorityCount));
if (SidEntry->Sid == NULL)
{
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry);
return FALSE;
}
RtlInitializeSid(SidEntry->Sid,
IdentifierAuthority,
SubAuthorityCount);
for (i = 0; i < (ULONG)SubAuthorityCount; i++)
{
p = RtlSubAuthoritySid(SidEntry->Sid, i);
*p = SubAuthorities[i];
}
RtlInitUnicodeString(&SidEntry->Name,
Name);
RtlInitUnicodeString(&SidEntry->Domain,
Domain);
SidEntry->NameUse = NameUse;
InsertTailList(&WellKnownSidListHead,
&SidEntry->ListEntry);
return TRUE;
}
NTSTATUS
NTAPI
ScDomainIdToSid (
_In_ PSID SourceSid,
_In_ ULONG DomainId,
_Out_ PSID *DestinationSid
)
{
ULONG sidCount, sidLength;
NTSTATUS status;
/* Get the length of the SID based onthe number of subauthorities */
sidCount = *RtlSubAuthorityCountSid(SourceSid);
sidLength = RtlLengthRequiredSid(sidCount + 1);
/* Allocate it */
*DestinationSid = RtlAllocateHeap(RtlGetProcessHeap(), 0, sidLength);
if (*DestinationSid)
{
/* Make a copy of it */
status = RtlCopySid(sidLength, *DestinationSid, SourceSid);
if (NT_SUCCESS(status))
{
/* Increase the subauthority count */
++*RtlSubAuthorityCountSid(*DestinationSid);
/* And add the specific domain RID we're creating */
*RtlSubAuthoritySid(*DestinationSid, sidCount) = DomainId;
/* Everything worked */
status = STATUS_SUCCESS;
}
else
{
/* The SID copy failed, so free the SID we just allocated */
RtlFreeHeap(RtlGetProcessHeap(), 0, *DestinationSid);
}
}
else
{
/* No space for the SID, bail out */
status = STATUS_NO_MEMORY;
}
/* Return back to the caller */
return status;
}
BOOLEAN
RtlEqualPrefixSid(
IN PSID Sid1,
IN PSID Sid2
)
{
BOOLEAN isEqual = FALSE;
if (Sid1->SubAuthorityCount == Sid2->SubAuthorityCount)
{
UCHAR count = Sid1->SubAuthorityCount;
if (count > 0)
{
count--;
}
isEqual = RtlEqualMemory(Sid1, Sid2, RtlLengthRequiredSid(count));
}
return isEqual;
}
static
NTSTATUS
GetNtAuthorityDomainSid(PRPC_SID *Sid)
{
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
ULONG Length = 0;
Length = RtlLengthRequiredSid(0);
*Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
if (*Sid == NULL)
{
ERR("Failed to allocate SID\n");
return STATUS_INSUFFICIENT_RESOURCES;
}
RtlInitializeSid(*Sid,&NtAuthority, 0);
return STATUS_SUCCESS;
}
/******************************************************************************
* RtlAllocateAndInitializeSid [NTDLL.@]
*
*/
BOOLEAN WINAPI RtlAllocateAndInitializeSid (
PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
BYTE nSubAuthorityCount,
DWORD nSubAuthority0, DWORD nSubAuthority1,
DWORD nSubAuthority2, DWORD nSubAuthority3,
DWORD nSubAuthority4, DWORD nSubAuthority5,
DWORD nSubAuthority6, DWORD nSubAuthority7,
PSID *pSid )
{
TRACE("(%p, 0x%04x,0x%08lx,0x%08lx,0x%08lx,0x%08lx,0x%08lx,0x%08lx,0x%08lx,0x%08lx,%p)\n",
pIdentifierAuthority,nSubAuthorityCount,
nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7, pSid);
if (!(*pSid = RtlAllocateHeap( GetProcessHeap(), 0, RtlLengthRequiredSid(nSubAuthorityCount))))
return FALSE;
(*pSid)->Revision = SID_REVISION;
if (pIdentifierAuthority)
memcpy(&(*pSid)->IdentifierAuthority, pIdentifierAuthority, sizeof (SID_IDENTIFIER_AUTHORITY));
*RtlSubAuthorityCountSid(*pSid) = nSubAuthorityCount;
if (nSubAuthorityCount > 0)
*RtlSubAuthoritySid(*pSid, 0) = nSubAuthority0;
if (nSubAuthorityCount > 1)
*RtlSubAuthoritySid(*pSid, 1) = nSubAuthority1;
if (nSubAuthorityCount > 2)
*RtlSubAuthoritySid(*pSid, 2) = nSubAuthority2;
if (nSubAuthorityCount > 3)
*RtlSubAuthoritySid(*pSid, 3) = nSubAuthority3;
if (nSubAuthorityCount > 4)
*RtlSubAuthoritySid(*pSid, 4) = nSubAuthority4;
if (nSubAuthorityCount > 5)
*RtlSubAuthoritySid(*pSid, 5) = nSubAuthority5;
if (nSubAuthorityCount > 6)
*RtlSubAuthoritySid(*pSid, 6) = nSubAuthority6;
if (nSubAuthorityCount > 7)
*RtlSubAuthoritySid(*pSid, 7) = nSubAuthority7;
return STATUS_SUCCESS;
}
static
NTSTATUS
BuildTokenPrimaryGroup(PTOKEN_PRIMARY_GROUP PrimaryGroup,
PSID PrimaryGroupSid)
{
ULONG RidCount;
ULONG Size;
RidCount = *RtlSubAuthorityCountSid(PrimaryGroupSid);
Size = RtlLengthRequiredSid(RidCount);
PrimaryGroup->PrimaryGroup = DispatchTable.AllocateLsaHeap(Size);
if (PrimaryGroup->PrimaryGroup == NULL)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
RtlCopyMemory(PrimaryGroup->PrimaryGroup,
PrimaryGroupSid,
Size);
return STATUS_SUCCESS;
}
static
NTSTATUS
BuildTokenOwner(PTOKEN_OWNER Owner,
PSID OwnerSid)
{
ULONG RidCount;
ULONG Size;
RidCount = *RtlSubAuthorityCountSid(OwnerSid);
Size = RtlLengthRequiredSid(RidCount);
Owner->Owner = DispatchTable.AllocateLsaHeap(Size);
if (Owner->Owner == NULL)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
RtlCopyMemory(Owner->Owner,
OwnerSid,
Size);
return STATUS_SUCCESS;
}
/******************************************************************************
* NtQuerySecurityObject [NTDLL.@]
*
* analogue to GetKernelObjectSecurity
*
* NOTES
* only the lowest 4 bit of SecurityObjectInformationClass are used
* 0x7-0xf returns STATUS_ACCESS_DENIED (even running with system privileges)
*
* FIXME: we are constructing a fake sid
* (Administrators:Full, System:Full, Everyone:Read)
*/
NTSTATUS WINAPI
NtQuerySecurityObject(
IN HANDLE Object,
IN SECURITY_INFORMATION RequestedInformation,
OUT PSECURITY_DESCRIPTOR pSecurityDesriptor,
IN ULONG Length,
OUT PULONG ResultLength)
{
static SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
static SID_IDENTIFIER_AUTHORITY worldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY};
BYTE Buffer[256];
PISECURITY_DESCRIPTOR_RELATIVE psd = (PISECURITY_DESCRIPTOR_RELATIVE)Buffer;
UINT BufferIndex = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
FIXME("(0x%08x,0x%08lx,%p,0x%08lx,%p) stub!\n",
Object, RequestedInformation, pSecurityDesriptor, Length, ResultLength);
RequestedInformation &= 0x0000000f;
if (RequestedInformation & SACL_SECURITY_INFORMATION) return STATUS_ACCESS_DENIED;
ZeroMemory(Buffer, 256);
RtlCreateSecurityDescriptor((PSECURITY_DESCRIPTOR)psd, SECURITY_DESCRIPTOR_REVISION);
psd->Control = SE_SELF_RELATIVE |
((RequestedInformation & DACL_SECURITY_INFORMATION) ? SE_DACL_PRESENT:0);
/* owner: administrator S-1-5-20-220*/
if (OWNER_SECURITY_INFORMATION & RequestedInformation)
{
PSID psid = (PSID)&(Buffer[BufferIndex]);
psd->Owner = BufferIndex;
BufferIndex += RtlLengthRequiredSid(2);
psid->Revision = SID_REVISION;
psid->SubAuthorityCount = 2;
psid->IdentifierAuthority = localSidAuthority;
psid->SubAuthority[0] = SECURITY_BUILTIN_DOMAIN_RID;
psid->SubAuthority[1] = DOMAIN_ALIAS_RID_ADMINS;
}
/* group: built in domain S-1-5-12 */
if (GROUP_SECURITY_INFORMATION & RequestedInformation)
{
PSID psid = (PSID) &(Buffer[BufferIndex]);
psd->Group = BufferIndex;
BufferIndex += RtlLengthRequiredSid(1);
psid->Revision = SID_REVISION;
psid->SubAuthorityCount = 1;
psid->IdentifierAuthority = localSidAuthority;
psid->SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
}
/* discretionary ACL */
if (DACL_SECURITY_INFORMATION & RequestedInformation)
{
/* acl header */
PACL pacl = (PACL)&(Buffer[BufferIndex]);
PACCESS_ALLOWED_ACE pace;
PSID psid;
psd->Dacl = BufferIndex;
pacl->AclRevision = MIN_ACL_REVISION;
pacl->AceCount = 3;
pacl->AclSize = BufferIndex; /* storing the start index temporary */
BufferIndex += sizeof(ACL);
/* ACE System - full access */
pace = (PACCESS_ALLOWED_ACE)&(Buffer[BufferIndex]);
BufferIndex += sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD);
pace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
pace->Header.AceFlags = CONTAINER_INHERIT_ACE;
pace->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD) + RtlLengthRequiredSid(1);
pace->Mask = DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | 0x3f;
pace->SidStart = BufferIndex;
/* SID S-1-5-12 (System) */
psid = (PSID)&(Buffer[BufferIndex]);
BufferIndex += RtlLengthRequiredSid(1);
psid->Revision = SID_REVISION;
psid->SubAuthorityCount = 1;
psid->IdentifierAuthority = localSidAuthority;
psid->SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
/* ACE Administrators - full access*/
pace = (PACCESS_ALLOWED_ACE) &(Buffer[BufferIndex]);
BufferIndex += sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD);
pace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
pace->Header.AceFlags = CONTAINER_INHERIT_ACE;
pace->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD) + RtlLengthRequiredSid(2);
pace->Mask = DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | 0x3f;
pace->SidStart = BufferIndex;
/* S-1-5-12 (Administrators) */
psid = (PSID)&(Buffer[BufferIndex]);
BufferIndex += RtlLengthRequiredSid(2);
psid->Revision = SID_REVISION;
psid->SubAuthorityCount = 2;
psid->IdentifierAuthority = localSidAuthority;
psid->SubAuthority[0] = SECURITY_BUILTIN_DOMAIN_RID;
psid->SubAuthority[1] = DOMAIN_ALIAS_RID_ADMINS;
/* ACE Everyone - read access */
pace = (PACCESS_ALLOWED_ACE)&(Buffer[BufferIndex]);
BufferIndex += sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD);
pace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
pace->Header.AceFlags = CONTAINER_INHERIT_ACE;
pace->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD) + RtlLengthRequiredSid(1);
pace->Mask = READ_CONTROL| 0x19;
pace->SidStart = BufferIndex;
/* SID S-1-1-0 (Everyone) */
psid = (PSID)&(Buffer[BufferIndex]);
BufferIndex += RtlLengthRequiredSid(1);
psid->Revision = SID_REVISION;
psid->SubAuthorityCount = 1;
psid->IdentifierAuthority = worldSidAuthority;
psid->SubAuthority[0] = 0;
/* calculate used bytes */
pacl->AclSize = BufferIndex - pacl->AclSize;
}
*ResultLength = BufferIndex;
TRACE("len=%lu\n", *ResultLength);
if (Length < *ResultLength) return STATUS_BUFFER_TOO_SMALL;
memcpy(pSecurityDesriptor, Buffer, *ResultLength);
return STATUS_SUCCESS;
}
}
};
dwError = LwAllocateWellKnownSid(WinAccountAdministratorSid,
pDomainSid,
&pAdminSid,
NULL);
BAIL_ON_LSA_ERROR(dwError);
dwError = LwAllocateWellKnownSid(WinBuiltinAdministratorsSid,
NULL,
&pBuiltinAdminsSid,
NULL);
BAIL_ON_LSA_ERROR(dwError);
dwAccountSidSize = RtlLengthRequiredSid(
pDomainSid->SubAuthorityCount + 1);
dwError = LwAllocateMemory(dwAccountSidSize,
OUT_PPVOID(&pAccountSid));
BAIL_ON_LSA_ERROR(dwError);
ntStatus = RtlCopySid(dwAccountSidSize,
pAccountSid,
pDomainSid);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlAppendRidSid(dwAccountSidSize,
pAccountSid,
dwRid);
BAIL_ON_NT_STATUS(ntStatus);
dwError = LwAllocateWellKnownSid(WinWorldSid,
BOOLEAN
TSeVariableInitialization()
/*++
Routine Description:
This function initializes the global variables used in security
tests.
Arguments:
None.
Return Value:
TRUE if variables successfully initialized.
FALSE if not successfully initialized.
--*/
{
ULONG SidWithZeroSubAuthorities;
ULONG SidWithOneSubAuthority;
ULONG SidWithThreeSubAuthorities;
ULONG SidWithFourSubAuthorities;
SID_IDENTIFIER_AUTHORITY NullSidAuthority = SECURITY_NULL_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY LocalSidAuthority = SECURITY_LOCAL_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockAuthority = BEDROCK_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockAAuthority = BEDROCKA_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockBAuthority = BEDROCKB_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockCAuthority = BEDROCKC_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockDAuthority = BEDROCKD_AUTHORITY;
SID_IDENTIFIER_AUTHORITY BedrockEAuthority = BEDROCKE_AUTHORITY;
//
// The following SID sizes need to be allocated
//
SidWithZeroSubAuthorities = RtlLengthRequiredSid( 0 );
SidWithOneSubAuthority = RtlLengthRequiredSid( 1 );
SidWithThreeSubAuthorities = RtlLengthRequiredSid( 3 );
SidWithFourSubAuthorities = RtlLengthRequiredSid( 4 );
//
// Allocate and initialize the universal SIDs
//
NullSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
WorldSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
LocalSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
CreatorOwnerSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
CreatorGroupSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
RtlInitializeSid( NullSid, &NullSidAuthority, 1 );
RtlInitializeSid( WorldSid, &WorldSidAuthority, 1 );
RtlInitializeSid( LocalSid, &LocalSidAuthority, 1 );
RtlInitializeSid( CreatorOwnerSid, &CreatorSidAuthority, 1 );
RtlInitializeSid( CreatorGroupSid, &CreatorSidAuthority, 1 );
*(RtlSubAuthoritySid( NullSid, 0 )) = SECURITY_NULL_RID;
*(RtlSubAuthoritySid( WorldSid, 0 )) = SECURITY_WORLD_RID;
*(RtlSubAuthoritySid( LocalSid, 0 )) = SECURITY_LOCAL_RID;
*(RtlSubAuthoritySid( CreatorOwnerSid, 0 )) = SECURITY_CREATOR_OWNER_RID;
*(RtlSubAuthoritySid( CreatorGroupSid, 0 )) = SECURITY_CREATOR_GROUP_RID;
//
// Allocate and initialize the NT defined SIDs
//
NtAuthoritySid = (PSID)TstAllocatePool(PagedPool,SidWithZeroSubAuthorities);
DialupSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
NetworkSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
BatchSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
InteractiveSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
LocalSystemSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
RtlInitializeSid( NtAuthoritySid, &NtAuthority, 0 );
RtlInitializeSid( DialupSid, &NtAuthority, 1 );
RtlInitializeSid( NetworkSid, &NtAuthority, 1 );
RtlInitializeSid( BatchSid, &NtAuthority, 1 );
RtlInitializeSid( InteractiveSid, &NtAuthority, 1 );
RtlInitializeSid( LocalSystemSid, &NtAuthority, 1 );
*(RtlSubAuthoritySid( DialupSid, 0 )) = SECURITY_DIALUP_RID;
*(RtlSubAuthoritySid( NetworkSid, 0 )) = SECURITY_NETWORK_RID;
*(RtlSubAuthoritySid( BatchSid, 0 )) = SECURITY_BATCH_RID;
*(RtlSubAuthoritySid( InteractiveSid, 0 )) = SECURITY_INTERACTIVE_RID;
*(RtlSubAuthoritySid( LocalSystemSid, 0 )) = SECURITY_LOCAL_SYSTEM_RID;
//
// Allocate and initialize the Bedrock SIDs
//
BedrockDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
BedrockADomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
BedrockBDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
BedrockCDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
BedrockDDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
BedrockEDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
FredSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
WilmaSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
PebblesSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
DinoSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
BarneySid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
BettySid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
BambamSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
FlintstoneSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
RubbleSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
AdultSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
ChildSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
NeandertholSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
RtlInitializeSid( BedrockDomainSid, &BedrockAuthority, 3 );
*(RtlSubAuthoritySid( BedrockDomainSid, 0)) = BEDROCK_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockDomainSid, 1)) = BEDROCK_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockDomainSid, 2)) = BEDROCK_SUBAUTHORITY_2;
RtlInitializeSid( BedrockADomainSid, &BedrockAAuthority, 3 );
*(RtlSubAuthoritySid( BedrockADomainSid, 0)) = BEDROCKA_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockADomainSid, 1)) = BEDROCKA_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockADomainSid, 2)) = BEDROCKA_SUBAUTHORITY_2;
RtlInitializeSid( BedrockBDomainSid, &BedrockBAuthority, 3 );
*(RtlSubAuthoritySid( BedrockBDomainSid, 0)) = BEDROCKB_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockBDomainSid, 1)) = BEDROCKB_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockBDomainSid, 2)) = BEDROCKB_SUBAUTHORITY_2;
RtlInitializeSid( BedrockCDomainSid, &BedrockCAuthority, 3 );
*(RtlSubAuthoritySid( BedrockCDomainSid, 0)) = BEDROCKC_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockCDomainSid, 1)) = BEDROCKC_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockCDomainSid, 2)) = BEDROCKC_SUBAUTHORITY_2;
RtlInitializeSid( BedrockDDomainSid, &BedrockDAuthority, 3 );
*(RtlSubAuthoritySid( BedrockDDomainSid, 0)) = BEDROCKD_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockDDomainSid, 1)) = BEDROCKD_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockDDomainSid, 2)) = BEDROCKD_SUBAUTHORITY_2;
RtlInitializeSid( BedrockEDomainSid, &BedrockEAuthority, 3 );
*(RtlSubAuthoritySid( BedrockEDomainSid, 0)) = BEDROCKE_SUBAUTHORITY_0;
*(RtlSubAuthoritySid( BedrockEDomainSid, 1)) = BEDROCKE_SUBAUTHORITY_1;
*(RtlSubAuthoritySid( BedrockEDomainSid, 2)) = BEDROCKE_SUBAUTHORITY_2;
RtlCopySid( SidWithFourSubAuthorities, FredSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( FredSid )) += 1;
*(RtlSubAuthoritySid( FredSid, 3)) = FRED_RID;
RtlCopySid( SidWithFourSubAuthorities, WilmaSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( WilmaSid )) += 1;
*(RtlSubAuthoritySid( WilmaSid, 3)) = WILMA_RID;
RtlCopySid( SidWithFourSubAuthorities, PebblesSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( PebblesSid )) += 1;
*(RtlSubAuthoritySid( PebblesSid, 3)) = PEBBLES_RID;
RtlCopySid( SidWithFourSubAuthorities, DinoSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( DinoSid )) += 1;
*(RtlSubAuthoritySid( DinoSid, 3)) = DINO_RID;
RtlCopySid( SidWithFourSubAuthorities, BarneySid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( BarneySid )) += 1;
*(RtlSubAuthoritySid( BarneySid, 3)) = BARNEY_RID;
RtlCopySid( SidWithFourSubAuthorities, BettySid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( BettySid )) += 1;
*(RtlSubAuthoritySid( BettySid, 3)) = BETTY_RID;
RtlCopySid( SidWithFourSubAuthorities, BambamSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( BambamSid )) += 1;
*(RtlSubAuthoritySid( BambamSid, 3)) = BAMBAM_RID;
RtlCopySid( SidWithFourSubAuthorities, FlintstoneSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( FlintstoneSid )) += 1;
*(RtlSubAuthoritySid( FlintstoneSid, 3)) = FLINTSTONE_RID;
RtlCopySid( SidWithFourSubAuthorities, RubbleSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( RubbleSid )) += 1;
*(RtlSubAuthoritySid( RubbleSid, 3)) = RUBBLE_RID;
RtlCopySid( SidWithFourSubAuthorities, AdultSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( AdultSid )) += 1;
*(RtlSubAuthoritySid( AdultSid, 3)) = ADULT_RID;
RtlCopySid( SidWithFourSubAuthorities, ChildSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( ChildSid )) += 1;
*(RtlSubAuthoritySid( ChildSid, 3)) = CHILD_RID;
RtlCopySid( SidWithFourSubAuthorities, NeandertholSid, BedrockDomainSid);
*(RtlSubAuthorityCountSid( NeandertholSid )) += 1;
*(RtlSubAuthoritySid( NeandertholSid, 3)) = NEANDERTHOL_RID;
CreateTokenPrivilege =
RtlConvertLongToLargeInteger(SE_CREATE_TOKEN_PRIVILEGE);
AssignPrimaryTokenPrivilege =
RtlConvertLongToLargeInteger(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE);
LockMemoryPrivilege =
RtlConvertLongToLargeInteger(SE_LOCK_MEMORY_PRIVILEGE);
IncreaseQuotaPrivilege =
RtlConvertLongToLargeInteger(SE_INCREASE_QUOTA_PRIVILEGE);
UnsolicitedInputPrivilege =
RtlConvertLongToLargeInteger(SE_UNSOLICITED_INPUT_PRIVILEGE);
TcbPrivilege =
RtlConvertLongToLargeInteger(SE_TCB_PRIVILEGE);
SecurityPrivilege =
RtlConvertLongToLargeInteger(SE_SECURITY_PRIVILEGE);
TakeOwnershipPrivilege =
RtlConvertLongToLargeInteger(SE_TAKE_OWNERSHIP_PRIVILEGE);
LpcReplyBoostPrivilege =
RtlConvertLongToLargeInteger(SE_LPC_REPLY_BOOST_PRIVILEGE);
CreatePagefilePrivilege =
RtlConvertLongToLargeInteger(SE_CREATE_PAGEFILE_PRIVILEGE);
IncreaseBasePriorityPrivilege =
RtlConvertLongToLargeInteger(SE_INC_BASE_PRIORITY_PRIVILEGE);
SystemProfilePrivilege =
RtlConvertLongToLargeInteger(SE_SYSTEM_PROFILE_PRIVILEGE);
SystemtimePrivilege =
RtlConvertLongToLargeInteger(SE_SYSTEMTIME_PRIVILEGE);
ProfileSingleProcessPrivilege =
RtlConvertLongToLargeInteger(SE_PROF_SINGLE_PROCESS_PRIVILEGE);
CreatePermanentPrivilege =
RtlConvertLongToLargeInteger(SE_CREATE_PERMANENT_PRIVILEGE);
BackupPrivilege =
RtlConvertLongToLargeInteger(SE_BACKUP_PRIVILEGE);
RestorePrivilege =
RtlConvertLongToLargeInteger(SE_RESTORE_PRIVILEGE);
ShutdownPrivilege =
RtlConvertLongToLargeInteger(SE_SHUTDOWN_PRIVILEGE);
DebugPrivilege =
RtlConvertLongToLargeInteger(SE_DEBUG_PRIVILEGE);
return TRUE;
}
ULONG CreateSecurityDescriptor(
ULONG *pSecurityDescriptor,
PSID *ppWorldSid,
ACCESS_MASK AccessMask)
{
ULONG rc = 0L; /* return code */
PACL pAclBuffer; /* ptr to ACL buffer */
ULONG SidLength; /* length of SID - 1 sub authority */
PSID pWSid; /* ptr to world SID */
SID_IDENTIFIER_AUTHORITY SidAuth = SECURITY_WORLD_SID_AUTHORITY;
/*
* Create World SID.
*/
SidLength = RtlLengthRequiredSid(1);
if ((pWSid = (PSID)RtlAllocateHeap(RtlProcessHeap(),
MAKE_TAG( TMP_TAG ) | HEAP_ZERO_MEMORY,
SidLength)) == NULL)
{
*ppWorldSid = NULL;
KdPrint(("NLSAPI (BaseSrv): Could NOT Allocate SID Buffer.\n"));
return (ERROR_OUTOFMEMORY);
}
*ppWorldSid = pWSid;
RtlInitializeSid(pWSid, &SidAuth, 1);
*(RtlSubAuthoritySid(pWSid, 0)) = SECURITY_WORLD_RID;
/*
* Initialize Security Descriptor.
*/
rc = RtlCreateSecurityDescriptor(pSecurityDescriptor,
SECURITY_DESCRIPTOR_REVISION);
if (!NT_SUCCESS(rc))
{
KdPrint(("NLSAPI (BaseSrv): Could NOT Create Security Descriptor - %lx.\n",
rc));
RtlFreeHeap(RtlProcessHeap(), 0, (PVOID)pWSid);
return (rc);
}
/*
* Initialize ACL.
*/
pAclBuffer = (PACL)((PBYTE)pSecurityDescriptor + SECURITY_DESCRIPTOR_MIN_LENGTH);
rc = RtlCreateAcl((PACL)pAclBuffer,
MAX_PATH_LEN * sizeof(ULONG),
ACL_REVISION2);
if (!NT_SUCCESS(rc))
{
KdPrint(("NLSAPI (BaseSrv): Could NOT Create ACL - %lx.\n", rc));
RtlFreeHeap(RtlProcessHeap(), 0, (PVOID)pWSid);
return (rc);
}
/*
* Add an ACE to the ACL that allows World GENERIC_READ to the
* section object.
*/
rc = RtlAddAccessAllowedAce((PACL)pAclBuffer,
ACL_REVISION2,
AccessMask,
pWSid);
if (!NT_SUCCESS(rc))
{
KdPrint(("NLSAPI (BaseSrv): Could NOT Add Access Allowed ACE - %lx.\n",
rc));
RtlFreeHeap(RtlProcessHeap(), 0, (PVOID)pWSid);
return (rc);
}
/*
* Assign the DACL to the security descriptor.
*/
rc = RtlSetDaclSecurityDescriptor((PSECURITY_DESCRIPTOR)pSecurityDescriptor,
(BOOLEAN)TRUE,
(PACL)pAclBuffer,
(BOOLEAN)FALSE);
if (!NT_SUCCESS(rc))
{
KdPrint(("NLSAPI (BaseSrv): Could NOT Set DACL Security Descriptor - %lx.\n",
rc));
RtlFreeHeap(RtlProcessHeap(), 0, (PVOID)pWSid);
return (rc);
}
/*
* Return success.
*/
return (NO_ERROR);
}
NET_API_STATUS
NetUserGetLocalGroups(
PCWSTR pwszHostname,
PCWSTR pwszUsername,
DWORD dwLevel,
DWORD dwFlags,
PVOID *ppBuffer,
DWORD dwMaxBufferSize,
PDWORD pdwNumEntries,
PDWORD pdwTotalEntries
)
{
const DWORD dwBuiltinDomainAccess = DOMAIN_ACCESS_OPEN_ACCOUNT |
DOMAIN_ACCESS_ENUM_ACCOUNTS;
const DWORD dwUserAccess = USER_ACCESS_GET_GROUP_MEMBERSHIP;
NTSTATUS status = STATUS_SUCCESS;
WINERROR err = ERROR_SUCCESS;
PNET_CONN pConn = NULL;
SAMR_BINDING hSamrBinding = NULL;
DOMAIN_HANDLE hDomain = NULL;
DOMAIN_HANDLE hBtinDomain = NULL;
ACCOUNT_HANDLE hUser = NULL;
PSID pDomainSid = NULL;
PSID pUserSid = NULL;
DWORD dwUserRid = 0;
DWORD dwSidLen = 0;
DWORD i = 0;
PDWORD pdwUserRids = NULL;
PDWORD pdwBuiltinUserRids = NULL;
DWORD dwRidsCount = 0;
DWORD dwBuiltinRidsCount = 0;
DWORD dwInfoLevelSize = 0;
DWORD dwTotalNumEntries = 0;
PWSTR *ppwszAliasNames = NULL;
PWSTR *ppwszBuiltinAliasNames = NULL;
PDWORD pdwAliasTypes = NULL;
PDWORD pdwBuiltinAliasTypes = NULL;
PWSTR *ppwszLocalGroupNames = NULL;
PVOID pSourceBuffer = NULL;
PVOID pBuffer = NULL;
PVOID pBufferCursor = NULL;
DWORD dwSize = 0;
DWORD dwTotalSize = 0;
DWORD dwNumEntries = 0;
DWORD dwSpaceAvailable = 0;
PIO_CREDS pCreds = NULL;
NET_VALIDATION_LEVEL eValidation = NET_VALIDATION_NONE;
BAIL_ON_INVALID_PTR(pwszUsername, err);
BAIL_ON_INVALID_PTR(ppBuffer, err);
BAIL_ON_INVALID_PTR(pdwNumEntries, err);
BAIL_ON_INVALID_PTR(pdwTotalEntries, err);
switch (dwLevel)
{
case 0:
dwInfoLevelSize = sizeof(LOCALGROUP_USERS_INFO_0);
break;
default:
err = ERROR_INVALID_LEVEL;
BAIL_ON_WIN_ERROR(err);
}
status = LwIoGetActiveCreds(NULL, &pCreds);
BAIL_ON_NT_STATUS(status);
status = NetConnectSamr(&pConn,
pwszHostname,
0,
dwBuiltinDomainAccess,
pCreds);
BAIL_ON_NT_STATUS(status);
hSamrBinding = pConn->Rpc.Samr.hBinding;
hDomain = pConn->Rpc.Samr.hDomain;
hBtinDomain = pConn->Rpc.Samr.hBuiltin;
pDomainSid = pConn->Rpc.Samr.pDomainSid;
status = NetOpenUser(pConn,
pwszUsername,
dwUserAccess,
&hUser,
&dwUserRid);
BAIL_ON_NT_STATUS(status);
dwSidLen = RtlLengthRequiredSid(pDomainSid->SubAuthorityCount + 1);
err = LwAllocateMemory(dwSidLen,
OUT_PPVOID(&pUserSid));
BAIL_ON_WIN_ERROR(err);
status = RtlCopySid(dwSidLen,
pUserSid,
pDomainSid);
BAIL_ON_NT_STATUS(status);
status = RtlAppendRidSid(dwSidLen,
pUserSid,
dwUserRid);
BAIL_ON_NT_STATUS(status);
status = SamrGetAliasMembership(hSamrBinding,
hDomain,
&pUserSid,
1,
&pdwUserRids,
&dwRidsCount);
BAIL_ON_NT_STATUS(status);
status = SamrGetAliasMembership(hSamrBinding,
hBtinDomain,
&pUserSid,
1,
&pdwBuiltinUserRids,
&dwBuiltinRidsCount);
BAIL_ON_NT_STATUS(status);
dwTotalNumEntries = dwRidsCount + dwBuiltinRidsCount;
err = LwAllocateMemory(
sizeof(ppwszLocalGroupNames[0]) * dwTotalNumEntries,
OUT_PPVOID(&ppwszLocalGroupNames));
BAIL_ON_WIN_ERROR(err);
if (dwRidsCount > 0)
{
status = SamrLookupRids(hSamrBinding,
hDomain,
dwRidsCount,
pdwUserRids,
&ppwszAliasNames,
&pdwAliasTypes);
BAIL_ON_NT_STATUS(status);
for (i = 0; i < dwRidsCount; i++)
{
ppwszLocalGroupNames[i] = ppwszAliasNames[i];
}
}
if (dwBuiltinRidsCount > 0)
{
status = SamrLookupRids(hSamrBinding,
hBtinDomain,
dwBuiltinRidsCount,
pdwBuiltinUserRids,
&ppwszBuiltinAliasNames,
&pdwBuiltinAliasTypes);
BAIL_ON_NT_STATUS(status);
for (i = 0; i < dwBuiltinRidsCount; i++)
{
ppwszLocalGroupNames[i + dwRidsCount] = ppwszBuiltinAliasNames[i];
}
}
for (i = 0; i < dwTotalNumEntries; i++)
{
pSourceBuffer = ppwszLocalGroupNames[i];
dwSize = 0;
err = NetAllocateLocalGroupUsersInfo(NULL,
NULL,
dwLevel,
pSourceBuffer,
&dwSize,
eValidation);
BAIL_ON_WIN_ERROR(err);
dwTotalSize += dwSize;
dwNumEntries++;
if (dwTotalSize > dwMaxBufferSize)
{
dwTotalSize -= dwSize;
dwNumEntries--;
break;
}
}
if (dwTotalNumEntries > 0 && dwNumEntries == 0)
{
err = ERROR_INSUFFICIENT_BUFFER;
BAIL_ON_WIN_ERROR(err);
}
if (dwTotalSize)
{
status = NetAllocateMemory(OUT_PPVOID(&pBuffer),
dwTotalSize);
BAIL_ON_NT_STATUS(status);
}
dwSize = 0;
pBufferCursor = pBuffer;
dwSpaceAvailable = dwTotalSize;
for (i = 0; i < dwNumEntries; i++)
{
pSourceBuffer = ppwszLocalGroupNames[i];
pBufferCursor = pBuffer + (i * dwInfoLevelSize);
err = NetAllocateLocalGroupUsersInfo(pBufferCursor,
&dwSpaceAvailable,
dwLevel,
pSourceBuffer,
&dwSize,
eValidation);
BAIL_ON_WIN_ERROR(err);
}
if (dwNumEntries < dwTotalNumEntries)
{
err = ERROR_MORE_DATA;
}
status = SamrClose(hSamrBinding, hUser);
BAIL_ON_NT_STATUS(status);
*ppBuffer = pBuffer;
*pdwNumEntries = dwNumEntries;
*pdwTotalEntries = dwTotalNumEntries;
cleanup:
LW_SAFE_FREE_MEMORY(pUserSid);
LW_SAFE_FREE_MEMORY(ppwszLocalGroupNames);
if (pdwUserRids)
{
SamrFreeMemory(pdwUserRids);
}
if (pdwBuiltinUserRids)
{
SamrFreeMemory(pdwBuiltinUserRids);
}
if (ppwszAliasNames)
{
SamrFreeMemory(ppwszAliasNames);
}
if (pdwAliasTypes)
{
SamrFreeMemory(pdwAliasTypes);
}
if (ppwszBuiltinAliasNames)
{
SamrFreeMemory(ppwszBuiltinAliasNames);
}
if (pdwBuiltinAliasTypes)
{
SamrFreeMemory(pdwBuiltinAliasTypes);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
return err;
error:
if (pBuffer)
{
NetFreeMemory(pBuffer);
}
*ppBuffer = NULL;
*pdwNumEntries = 0;
*pdwTotalEntries = 0;
goto cleanup;
}
PSECURITY_DESCRIPTOR
NTAPI
INIT_FUNCTION
CmpHiveRootSecurityDescriptor(VOID)
{
NTSTATUS Status;
PSECURITY_DESCRIPTOR SecurityDescriptor;
PACL Acl, AclCopy;
PSID Sid[4];
SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY};
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
ULONG AceLength, AclLength, SidLength;
PACE_HEADER AceHeader;
ULONG i;
PAGED_CODE();
/* Phase 1: Allocate SIDs */
SidLength = RtlLengthRequiredSid(1);
Sid[0] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
Sid[1] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
Sid[2] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
SidLength = RtlLengthRequiredSid(2);
Sid[3] = ExAllocatePoolWithTag(PagedPool, SidLength, TAG_CM);
/* Make sure all SIDs were allocated */
if (!(Sid[0]) || !(Sid[1]) || !(Sid[2]) || !(Sid[3]))
{
/* Bugcheck */
KeBugCheckEx(REGISTRY_ERROR, 11, 1, 0, 0);
}
/* Phase 2: Initialize all SIDs */
Status = RtlInitializeSid(Sid[0], &WorldAuthority, 1);
Status |= RtlInitializeSid(Sid[1], &NtAuthority, 1);
Status |= RtlInitializeSid(Sid[2], &NtAuthority, 1);
Status |= RtlInitializeSid(Sid[3], &NtAuthority, 2);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 2, 0, 0);
/* Phase 2: Setup SID Sub Authorities */
*RtlSubAuthoritySid(Sid[0], 0) = SECURITY_WORLD_RID;
*RtlSubAuthoritySid(Sid[1], 0) = SECURITY_RESTRICTED_CODE_RID;
*RtlSubAuthoritySid(Sid[2], 0) = SECURITY_LOCAL_SYSTEM_RID;
*RtlSubAuthoritySid(Sid[3], 0) = SECURITY_BUILTIN_DOMAIN_RID;
*RtlSubAuthoritySid(Sid[3], 1) = DOMAIN_ALIAS_RID_ADMINS;
/* Make sure all SIDs are valid */
ASSERT(RtlValidSid(Sid[0]));
ASSERT(RtlValidSid(Sid[1]));
ASSERT(RtlValidSid(Sid[2]));
ASSERT(RtlValidSid(Sid[3]));
/* Phase 3: Calculate ACL Length */
AclLength = sizeof(ACL);
for (i = 0; i < 4; i++)
{
/* This is what MSDN says to do */
AceLength = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart);
AceLength += SeLengthSid(Sid[i]);
AclLength += AceLength;
}
/* Phase 3: Allocate the ACL */
Acl = ExAllocatePoolWithTag(PagedPool, AclLength, TAG_CM);
if (!Acl) KeBugCheckEx(REGISTRY_ERROR, 11, 3, 0, 0);
/* Phase 4: Create the ACL */
Status = RtlCreateAcl(Acl, AclLength, ACL_REVISION);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 4, Status, 0);
/* Phase 5: Build the ACL */
Status = RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[0]);
Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_ALL_ACCESS, Sid[1]);
Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[2]);
Status |= RtlAddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, Sid[3]);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 5, Status, 0);
/* Phase 5: Make the ACEs inheritable */
Status = RtlGetAce(Acl, 0,( PVOID*)&AceHeader);
ASSERT(NT_SUCCESS(Status));
AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
Status = RtlGetAce(Acl, 1, (PVOID*)&AceHeader);
ASSERT(NT_SUCCESS(Status));
AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
Status = RtlGetAce(Acl, 2, (PVOID*)&AceHeader);
ASSERT(NT_SUCCESS(Status));
AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
Status = RtlGetAce(Acl, 3, (PVOID*)&AceHeader);
ASSERT(NT_SUCCESS(Status));
AceHeader->AceFlags |= CONTAINER_INHERIT_ACE;
/* Phase 6: Allocate the security descriptor and make space for the ACL */
SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
sizeof(SECURITY_DESCRIPTOR) +
AclLength,
TAG_CM);
if (!SecurityDescriptor) KeBugCheckEx(REGISTRY_ERROR, 11, 6, 0, 0);
/* Phase 6: Make a copy of the ACL */
AclCopy = (PACL)((PISECURITY_DESCRIPTOR)SecurityDescriptor + 1);
RtlCopyMemory(AclCopy, Acl, AclLength);
/* Phase 7: Create the security descriptor */
Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
SECURITY_DESCRIPTOR_REVISION);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 7, Status, 0);
/* Phase 8: Set the ACL as a DACL */
Status = RtlSetDaclSecurityDescriptor(SecurityDescriptor,
TRUE,
AclCopy,
FALSE);
if (!NT_SUCCESS(Status)) KeBugCheckEx(REGISTRY_ERROR, 11, 8, Status, 0);
/* Free the SIDs and original ACL */
for (i = 0; i < 4; i++) ExFreePoolWithTag(Sid[i], TAG_CM);
ExFreePoolWithTag(Acl, TAG_CM);
/* Return the security descriptor */
return SecurityDescriptor;
}
/**************************************************************************
* RtlLengthSid [NTDLL.@]
*/
DWORD WINAPI RtlLengthSid(PSID pSid)
{
TRACE("sid=%p\n",pSid);
if (!pSid) return 0;
return RtlLengthRequiredSid(*RtlSubAuthorityCountSid(pSid));
}
NTSTATUS
SampFixBug18471 (
IN ULONG Revision
)
/*++
Routine Description:
This routine fixes bug 18471, that SAM does not adjust the protection
on groups that are members of administrative aliases in the builtin
domain. It fixes this by opening a fixed set of known aliases
(Administrators, Account Operators, Backup Operators, Print Operators,
and Server Operators), and enumerating their members. To fix this,
we will remove all the members of these aliases (except the
Administrator user account) and re-add them.
Arguments:
Revision - Revision of the Sam server.
Return Value:
Note:
--*/
{
NTSTATUS Status;
ULONG Index, Index2;
PSID BuiltinDomainSid = NULL;
SID_IDENTIFIER_AUTHORITY BuiltinAuthority = SECURITY_NT_AUTHORITY;
PSID AccountDomainSid;
ULONG AccountDomainIndex = 0xffffffff;
ULONG BuiltinDomainIndex = 0xffffffff;
SAMPR_PSID_ARRAY AliasMembership;
ULONG MemberRid;
ULONG SdRevision;
PSECURITY_DESCRIPTOR OldDescriptor;
PSECURITY_DESCRIPTOR SecurityDescriptor;
ULONG SecurityDescriptorLength;
SAMP_OBJECT_TYPE MemberType;
PSAMP_OBJECT MemberContext;
PSAMP_OBJECT AliasContext;
SAMP_V1_0A_FIXED_LENGTH_GROUP GroupV1Fixed;
SAMP_V1_0A_FIXED_LENGTH_USER UserV1Fixed;
//
// Check the revision on the server to see if this upgrade has
// already been performed.
//
if (Revision >= SAMP_SERVER_REVISION) {
//
// This upgrade has already been performed.
//
goto Cleanup;
}
//
// Build a the BuiltIn domain SID.
//
BuiltinDomainSid = RtlAllocateHeap(RtlProcessHeap(), 0,RtlLengthRequiredSid( 1 ));
if ( BuiltinDomainSid == NULL ) {
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Cleanup;
}
RtlInitializeSid( BuiltinDomainSid, &BuiltinAuthority, 1 );
*(RtlSubAuthoritySid( BuiltinDomainSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
//
// Lookup the index of the account domain
//
for (Index = 0;
Index < SampDefinedDomainsCount ;
Index++ ) {
if (RtlEqualSid( BuiltinDomainSid, SampDefinedDomains[Index].Sid)) {
BuiltinDomainIndex = Index;
} else {
AccountDomainIndex = Index;
}
}
ASSERT(AccountDomainIndex < SampDefinedDomainsCount);
ASSERT(BuiltinDomainIndex < SampDefinedDomainsCount);
AccountDomainSid = SampDefinedDomains[AccountDomainIndex].Sid;
//
// Create out transaction log
//
Status = SampCreate18471Key();
if (!NT_SUCCESS(Status)) {
goto Cleanup;
}
//
// Now loop through and open the aliases we are intersted in
//
for (Index = 0;
Index < ADMINISTRATIVE_ALIAS_COUNT ;
Index++ )
{
SampSetTransactionDomain( BuiltinDomainIndex );
SampAcquireReadLock();
Status = SampCreateAccountContext(
SampAliasObjectType,
AdministrativeRids[Index],
TRUE, // Trusted client
TRUE, // Account exists
&AliasContext
);
if ( !NT_SUCCESS(Status) ) {
SampReleaseReadLock();
if (Status == STATUS_NO_SUCH_ALIAS) {
Status = STATUS_SUCCESS;
continue;
} else {
goto Cleanup;
}
}
//
// Get the members in the alias so we can remove and re-add them
//
Status = SampRetrieveAliasMembers(
AliasContext,
&(AliasMembership.Count),
(PSID **)&(AliasMembership.Sids)
);
SampDeleteContext(AliasContext);
SampReleaseReadLock();
if (!NT_SUCCESS(Status)) {
break;
}
//
// Write that we are opening this alias to the log. We don't need
// to do this for administrators, since for them we the update is
// idempotent.
//
if (AdministrativeRids[Index] != DOMAIN_ALIAS_RID_ADMINS) {
Status = SampAddAliasTo18471Key(
AdministrativeRids[Index]
);
if (!NT_SUCCESS(Status)) {
break;
}
}
//
// Loop through the members and split each sid. For every
// member in the account domain , remove it and re-add it from
// this alias.
//
for (Index2 = 0; Index2 < AliasMembership.Count ; Index2++ )
{
//
// Check to see if this account is in the account domain
//
if ( SampMatchDomainPrefix(
(PSID) AliasMembership.Sids[Index2].SidPointer,
AccountDomainSid
) )
{
//
// Get the RID for this member
//
MemberRid = *RtlSubAuthoritySid(
AliasMembership.Sids[Index2].SidPointer,
*RtlSubAuthorityCountSid(
AliasMembership.Sids[Index2].SidPointer
) - 1
);
//
// Now remove and re-add the administratie nature of this
// membership
//
if (AdministrativeRids[Index] == DOMAIN_ALIAS_RID_ADMINS) {
Status = SampAcquireWriteLock();
if (!NT_SUCCESS(Status)) {
break;
}
SampSetTransactionDomain( AccountDomainIndex );
//
// Try to create a context for the account as a group.
//
Status = SampCreateAccountContext(
SampGroupObjectType,
MemberRid,
TRUE, // Trusted client
TRUE, // Account exists
&MemberContext
);
if (!NT_SUCCESS( Status ) ) {
//
// If this ID does not exist as a group, that's fine -
// it might be a user or might have been deleted.
//
SampReleaseWriteLock( FALSE );
if (Status == STATUS_NO_SUCH_GROUP) {
Status = STATUS_SUCCESS;
continue;
}
break;
}
//
// Now set a flag in the group itself,
// so that when users are added and removed
// in the future it is known whether this
// group is in an ADMIN alias or not.
//
Status = SampRetrieveGroupV1Fixed(
MemberContext,
&GroupV1Fixed
);
if ( NT_SUCCESS(Status)) {
GroupV1Fixed.AdminCount = 1;
Status = SampReplaceGroupV1Fixed(
MemberContext,
&GroupV1Fixed
);
//
// Modify the security descriptor to
// prevent account operators from adding
// anybody to this group
//
if ( NT_SUCCESS( Status ) ) {
Status = SampGetAccessAttribute(
MemberContext,
SAMP_GROUP_SECURITY_DESCRIPTOR,
FALSE, // don't make copy
&SdRevision,
&OldDescriptor
);
if (NT_SUCCESS(Status)) {
Status = SampModifyAccountSecurity(
SampGroupObjectType,
TRUE, // this is an admin
OldDescriptor,
&SecurityDescriptor,
&SecurityDescriptorLength
);
}
if ( NT_SUCCESS( Status ) ) {
//
// Write the new security descriptor into the object
//
Status = SampSetAccessAttribute(
MemberContext,
SAMP_USER_SECURITY_DESCRIPTOR,
SecurityDescriptor,
SecurityDescriptorLength
);
MIDL_user_free( SecurityDescriptor );
}
}
if (NT_SUCCESS(Status)) {
//
// Add the modified group to the current transaction
// Don't use the open key handle since we'll be deleting the context.
//
Status = SampStoreObjectAttributes(MemberContext, FALSE);
}
}
//
// Clean up the group context
//
SampDeleteContext(MemberContext);
//
// we don't want the modified count to change
//
SampTransactionWithinDomain = FALSE;
if (NT_SUCCESS(Status)) {
Status = SampReleaseWriteLock( TRUE );
} else {
(VOID) SampReleaseWriteLock( FALSE );
}
}
else
{
//
// Check to see if we've already upgraded this member
//
Status = SampCheckMemberUpgradedFor18471(
AdministrativeRids[Index],
MemberRid);
if (NT_SUCCESS(Status)) {
//
// This member already was upgraded.
//
continue;
} else {
//
// We continue on with the upgrade
//
Status = STATUS_SUCCESS;
}
//
// Change the operator account for the other
// aliases.
//
if (NT_SUCCESS(Status)) {
Status = SampAcquireWriteLock();
if (!NT_SUCCESS(Status)) {
break;
}
SampSetTransactionDomain( AccountDomainIndex );
Status = SampChangeAccountOperatorAccessToMember(
AliasMembership.Sids[Index2].SidPointer,
NoChange,
AddToAdmin
);
//
// If that succeeded, add this member to the log
// as one that was upgraded.
//
if (NT_SUCCESS(Status)) {
Status = SampAddMemberRidTo18471Key(
AdministrativeRids[Index],
MemberRid
);
}
//
// We don't want the modified count to be updated so
// make this not a domain transaction
//
SampTransactionWithinDomain = FALSE;
if (NT_SUCCESS(Status)) {
Status = SampReleaseWriteLock( TRUE );
} else {
(VOID) SampReleaseWriteLock( FALSE );
}
}
if (!NT_SUCCESS(Status)) {
break;
}
}
}
}
SamIFree_SAMPR_PSID_ARRAY(
&AliasMembership
);
AliasMembership.Sids = NULL;
//
// If something up above failed or the upgrade was already done,
// exit now.
//
if (!NT_SUCCESS(Status)) {
break;
}
}
Cleanup:
if (BuiltinDomainSid != NULL) {
RtlFreeHeap(
RtlProcessHeap(),
0,
BuiltinDomainSid
);
}
if (NT_SUCCESS(Status)) {
Status = SampCleanup18471();
}
return(Status);
}
VOID
NtfsInitializeNtfsData (
IN PDRIVER_OBJECT DriverObject
)
/*++
Routine Description:
This routine initializes the global ntfs data record
Arguments:
DriverObject - Supplies the driver object for NTFS
Return Value:
None.
--*/
{
USHORT FileLockMaxDepth;
USHORT IoContextMaxDepth;
USHORT IrpContextMaxDepth;
USHORT KeventMaxDepth;
USHORT ScbNonpagedMaxDepth;
USHORT ScbSnapshotMaxDepth;
USHORT CcbDataMaxDepth;
USHORT CcbMaxDepth;
USHORT DeallocatedRecordsMaxDepth;
USHORT FcbDataMaxDepth;
USHORT FcbIndexMaxDepth;
USHORT IndexContextMaxDepth;
USHORT LcbMaxDepth;
USHORT NukemMaxDepth;
USHORT ScbDataMaxDepth;
PSECURITY_SUBJECT_CONTEXT SubjectContext = NULL;
BOOLEAN CapturedSubjectContext = FALSE;
PACL SystemDacl = NULL;
ULONG SystemDaclLength;
PSID AdminSid = NULL;
PSID SystemSid = NULL;
NTSTATUS Status = STATUS_SUCCESS;
PAGED_CODE();
DebugTrace( +1, Dbg, ("NtfsInitializeNtfsData\n") );
//
// Zero the record and set its node type code and size
//
RtlZeroMemory( &NtfsData, sizeof(NTFS_DATA));
NtfsData.NodeTypeCode = NTFS_NTC_DATA_HEADER;
NtfsData.NodeByteSize = sizeof(NTFS_DATA);
//
// Initialize the queue of mounted Vcbs
//
InitializeListHead(&NtfsData.VcbQueue);
//
// This list head keeps track of closes yet to be done.
//
InitializeListHead( &NtfsData.AsyncCloseList );
InitializeListHead( &NtfsData.DelayedCloseList );
ExInitializeWorkItem( &NtfsData.NtfsCloseItem,
(PWORKER_THREAD_ROUTINE)NtfsFspClose,
NULL );
//
// Set the driver object, device object, and initialize the global
// resource protecting the file system
//
NtfsData.DriverObject = DriverObject;
ExInitializeResource( &NtfsData.Resource );
//
// Now allocate and initialize the s-list structures used as our pool
// of IRP context records. The size of the zone is based on the
// system memory size. We also initialize the spin lock used to protect
// the zone.
//
KeInitializeSpinLock( &NtfsData.StrucSupSpinLock );
{
switch ( MmQuerySystemSize() ) {
case MmSmallSystem:
NtfsData.FreeEresourceTotal = 14;
//
// Nonpaged Lookaside list maximum depths
//
FileLockMaxDepth = 8;
IoContextMaxDepth = 8;
IrpContextMaxDepth = 4;
KeventMaxDepth = 8;
ScbNonpagedMaxDepth = 8;
ScbSnapshotMaxDepth = 8;
//
// Paged Lookaside list maximum depths
//
CcbDataMaxDepth = 4;
CcbMaxDepth = 4;
DeallocatedRecordsMaxDepth = 8;
FcbDataMaxDepth = 8;
FcbIndexMaxDepth = 4;
IndexContextMaxDepth = 8;
LcbMaxDepth = 4;
NukemMaxDepth = 8;
ScbDataMaxDepth = 4;
SetFlag( NtfsData.Flags, NTFS_FLAGS_SMALL_SYSTEM );
NtfsMaxDelayedCloseCount = MAX_DELAYED_CLOSE_COUNT;
break;
case MmMediumSystem:
NtfsData.FreeEresourceTotal = 30;
//
// Nonpaged Lookaside list maximum depths
//
FileLockMaxDepth = 8;
IoContextMaxDepth = 8;
IrpContextMaxDepth = 8;
KeventMaxDepth = 8;
ScbNonpagedMaxDepth = 30;
ScbSnapshotMaxDepth = 8;
//
// Paged Lookaside list maximum depths
//
CcbDataMaxDepth = 12;
CcbMaxDepth = 6;
DeallocatedRecordsMaxDepth = 8;
FcbDataMaxDepth = 30;
FcbIndexMaxDepth = 12;
IndexContextMaxDepth = 8;
LcbMaxDepth = 12;
NukemMaxDepth = 8;
ScbDataMaxDepth = 12;
SetFlag( NtfsData.Flags, NTFS_FLAGS_MEDIUM_SYSTEM );
NtfsMaxDelayedCloseCount = 4 * MAX_DELAYED_CLOSE_COUNT;
break;
case MmLargeSystem:
SetFlag( NtfsData.Flags, NTFS_FLAGS_LARGE_SYSTEM );
NtfsMaxDelayedCloseCount = 16 * MAX_DELAYED_CLOSE_COUNT;
if (MmIsThisAnNtAsSystem()) {
NtfsData.FreeEresourceTotal = 256;
//
// Nonpaged Lookaside list maximum depths
//
FileLockMaxDepth = 8;
IoContextMaxDepth = 8;
IrpContextMaxDepth = 256;
KeventMaxDepth = 8;
ScbNonpagedMaxDepth = 128;
ScbSnapshotMaxDepth = 8;
//
// Paged Lookaside list maximum depths
//
CcbDataMaxDepth = 40;
CcbMaxDepth = 20;
DeallocatedRecordsMaxDepth = 8;
FcbDataMaxDepth = 128;
FcbIndexMaxDepth = 40;
IndexContextMaxDepth = 8;
LcbMaxDepth = 40;
NukemMaxDepth = 8;
ScbDataMaxDepth = 40;
} else {
NtfsData.FreeEresourceTotal = 128;
//
// Nonpaged Lookaside list maximum depths
//
FileLockMaxDepth = 8;
IoContextMaxDepth = 8;
IrpContextMaxDepth = 64;
KeventMaxDepth = 8;
ScbNonpagedMaxDepth = 64;
ScbSnapshotMaxDepth = 8;
//
// Paged Lookaside list maximum depths
//
CcbDataMaxDepth = 20;
CcbMaxDepth = 10;
DeallocatedRecordsMaxDepth = 8;
FcbDataMaxDepth = 64;
FcbIndexMaxDepth = 20;
IndexContextMaxDepth = 8;
LcbMaxDepth = 20;
NukemMaxDepth = 8;
ScbDataMaxDepth = 20;
}
break;
}
NtfsMinDelayedCloseCount = NtfsMaxDelayedCloseCount * 4 / 5;
}
//
// Initialize our various lookaside lists. To make it a bit more readable we'll
// define two quick macros to do the initialization
//
#if DBG && i386 && defined (NTFSPOOLCHECK)
#define NPagedInit(L,S,T,D) { ExInitializeNPagedLookasideList( (L), NtfsDebugAllocatePoolWithTag, NtfsDebugFreePool, POOL_RAISE_IF_ALLOCATION_FAILURE, S, T, D); }
#define PagedInit(L,S,T,D) { ExInitializePagedLookasideList( (L), NtfsDebugAllocatePoolWithTag, NtfsDebugFreePool, POOL_RAISE_IF_ALLOCATION_FAILURE, S, T, D); }
#else // DBG && i386
#define NPagedInit(L,S,T,D) { ExInitializeNPagedLookasideList( (L), NULL, NULL, POOL_RAISE_IF_ALLOCATION_FAILURE, S, T, D); }
#define PagedInit(L,S,T,D) { ExInitializePagedLookasideList( (L), NULL, NULL, POOL_RAISE_IF_ALLOCATION_FAILURE, S, T, D); }
#endif // DBG && i386
NPagedInit( &NtfsFileLockLookasideList, sizeof(FILE_LOCK), 'kftN', FileLockMaxDepth );
NPagedInit( &NtfsIoContextLookasideList, sizeof(NTFS_IO_CONTEXT), 'IftN', IoContextMaxDepth );
NPagedInit( &NtfsIrpContextLookasideList, sizeof(IRP_CONTEXT), 'iftN', IrpContextMaxDepth );
NPagedInit( &NtfsKeventLookasideList, sizeof(KEVENT), 'KftN', KeventMaxDepth );
NPagedInit( &NtfsScbNonpagedLookasideList, sizeof(SCB_NONPAGED), 'nftN', ScbNonpagedMaxDepth );
NPagedInit( &NtfsScbSnapshotLookasideList, sizeof(SCB_SNAPSHOT), 'TftN', ScbSnapshotMaxDepth );
PagedInit( &NtfsCcbLookasideList, sizeof(CCB), 'CftN', CcbMaxDepth );
PagedInit( &NtfsCcbDataLookasideList, sizeof(CCB_DATA), 'cftN', CcbDataMaxDepth );
PagedInit( &NtfsDeallocatedRecordsLookasideList, sizeof(DEALLOCATED_RECORDS), 'DftN', DeallocatedRecordsMaxDepth );
PagedInit( &NtfsFcbDataLookasideList, sizeof(FCB_DATA), 'fftN', FcbDataMaxDepth );
PagedInit( &NtfsFcbIndexLookasideList, sizeof(FCB_INDEX), 'FftN', FcbIndexMaxDepth );
PagedInit( &NtfsIndexContextLookasideList, sizeof(INDEX_CONTEXT), 'EftN', IndexContextMaxDepth );
PagedInit( &NtfsLcbLookasideList, sizeof(LCB), 'lftN', LcbMaxDepth );
PagedInit( &NtfsNukemLookasideList, sizeof(NUKEM), 'NftN', NukemMaxDepth );
PagedInit( &NtfsScbDataLookasideList, SIZEOF_SCB_DATA, 'sftN', ScbDataMaxDepth );
//
// Initialize the cache manager callback routines, First are the routines
// for normal file manipulations, followed by the routines for
// volume manipulations.
//
{
PCACHE_MANAGER_CALLBACKS Callbacks = &NtfsData.CacheManagerCallbacks;
Callbacks->AcquireForLazyWrite = &NtfsAcquireScbForLazyWrite;
Callbacks->ReleaseFromLazyWrite = &NtfsReleaseScbFromLazyWrite;
Callbacks->AcquireForReadAhead = &NtfsAcquireScbForReadAhead;
Callbacks->ReleaseFromReadAhead = &NtfsReleaseScbFromReadAhead;
}
{
PCACHE_MANAGER_CALLBACKS Callbacks = &NtfsData.CacheManagerVolumeCallbacks;
Callbacks->AcquireForLazyWrite = &NtfsAcquireVolumeFileForLazyWrite;
Callbacks->ReleaseFromLazyWrite = &NtfsReleaseVolumeFileFromLazyWrite;
Callbacks->AcquireForReadAhead = NULL;
Callbacks->ReleaseFromReadAhead = NULL;
}
//
// Initialize the queue of read ahead threads
//
InitializeListHead(&NtfsData.ReadAheadThreads);
//
// Set up global pointer to our process.
//
NtfsData.OurProcess = PsGetCurrentProcess();
//
// Use a try-finally to cleanup on errors.
//
try {
SECURITY_DESCRIPTOR NewDescriptor;
SID_IDENTIFIER_AUTHORITY Authority = SECURITY_NT_AUTHORITY;
SubjectContext = NtfsAllocatePool( PagedPool, sizeof( SECURITY_SUBJECT_CONTEXT ));
SeCaptureSubjectContext( SubjectContext );
CapturedSubjectContext = TRUE;
//
// Build the default security descriptor which gives full access to
// system and administrator.
//
AdminSid = (PSID) NtfsAllocatePool( PagedPool, RtlLengthRequiredSid( 2 ));
RtlInitializeSid( AdminSid, &Authority, 2 );
*(RtlSubAuthoritySid( AdminSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( AdminSid, 1 )) = DOMAIN_ALIAS_RID_ADMINS;
SystemSid = (PSID) NtfsAllocatePool( PagedPool, RtlLengthRequiredSid( 1 ));
RtlInitializeSid( SystemSid, &Authority, 1 );
*(RtlSubAuthoritySid( SystemSid, 0 )) = SECURITY_LOCAL_SYSTEM_RID;
SystemDaclLength = sizeof( ACL ) +
(2 * sizeof( ACCESS_ALLOWED_ACE )) +
SeLengthSid( AdminSid ) +
SeLengthSid( SystemSid ) +
8; // The 8 is just for good measure
SystemDacl = NtfsAllocatePool( PagedPool, SystemDaclLength );
Status = RtlCreateAcl( SystemDacl, SystemDaclLength, ACL_REVISION2 );
if (!NT_SUCCESS( Status )) { leave; }
Status = RtlAddAccessAllowedAce( SystemDacl,
ACL_REVISION2,
GENERIC_ALL,
SystemSid );
if (!NT_SUCCESS( Status )) { leave; }
Status = RtlAddAccessAllowedAce( SystemDacl,
ACL_REVISION2,
GENERIC_ALL,
AdminSid );
if (!NT_SUCCESS( Status )) { leave; }
Status = RtlCreateSecurityDescriptor( &NewDescriptor,
SECURITY_DESCRIPTOR_REVISION1 );
if (!NT_SUCCESS( Status )) { leave; }
Status = RtlSetDaclSecurityDescriptor( &NewDescriptor,
TRUE,
SystemDacl,
FALSE );
if (!NT_SUCCESS( Status )) { leave; }
Status = SeAssignSecurity( NULL,
&NewDescriptor,
&NtfsData.DefaultDescriptor,
FALSE,
SubjectContext,
IoGetFileObjectGenericMapping(),
PagedPool );
if (!NT_SUCCESS( Status )) { leave; }
NtfsData.DefaultDescriptorLength = RtlLengthSecurityDescriptor( NtfsData.DefaultDescriptor );
ASSERT( SeValidSecurityDescriptor( NtfsData.DefaultDescriptorLength,
NtfsData.DefaultDescriptor ));
} finally {
if (CapturedSubjectContext) {
SeReleaseSubjectContext( SubjectContext );
}
if (SubjectContext != NULL) { NtfsFreePool( SubjectContext ); }
if (SystemDacl != NULL) { NtfsFreePool( SystemDacl ); }
if (AdminSid != NULL) { NtfsFreePool( AdminSid ); }
if (SystemSid != NULL) { NtfsFreePool( SystemSid ); }
}
//
// Raise if we hit an error building the security descriptor.
//
if (!NT_SUCCESS( Status )) { ExRaiseStatus( Status ); }
//
// And return to our caller
//
DebugTrace( -1, Dbg, ("NtfsInitializeNtfsData -> VOID\n") );
return;
}
BOOLEAN
INIT_FUNCTION
NTAPI
SepInitSecurityIDs(VOID)
{
ULONG SidLength0;
ULONG SidLength1;
ULONG SidLength2;
PULONG SubAuthority;
SidLength0 = RtlLengthRequiredSid(0);
SidLength1 = RtlLengthRequiredSid(1);
SidLength2 = RtlLengthRequiredSid(2);
/* create NullSid */
SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0, TAG_SID);
SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeLocalServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeNetworkServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
if (SeNullSid == NULL || SeWorldSid == NULL ||
SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
SeInteractiveSid == NULL || SeServiceSid == NULL ||
SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
SeAnonymousLogonSid == NULL || SeLocalServiceSid == NULL ||
SeNetworkServiceSid == NULL)
{
FreeInitializedSids();
return FALSE;
}
RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeLocalServiceSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeNetworkServiceSid, &SeNtSidAuthority, 1);
SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
*SubAuthority = SECURITY_NULL_RID;
SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
*SubAuthority = SECURITY_WORLD_RID;
SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
*SubAuthority = SECURITY_LOCAL_RID;
SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
*SubAuthority = SECURITY_CREATOR_OWNER_RID;
SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
*SubAuthority = SECURITY_CREATOR_GROUP_RID;
SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
*SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
*SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
*SubAuthority = SECURITY_DIALUP_RID;
SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
*SubAuthority = SECURITY_NETWORK_RID;
SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
*SubAuthority = SECURITY_BATCH_RID;
SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
*SubAuthority = SECURITY_INTERACTIVE_RID;
SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
*SubAuthority = SECURITY_SERVICE_RID;
SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
*SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
*SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
*SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
*SubAuthority = SECURITY_RESTRICTED_CODE_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_USERS;
SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
*SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
*SubAuthority = SECURITY_RESTRICTED_CODE_RID;
SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
*SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
SubAuthority = RtlSubAuthoritySid(SeLocalServiceSid, 0);
*SubAuthority = SECURITY_LOCAL_SERVICE_RID;
SubAuthority = RtlSubAuthoritySid(SeNetworkServiceSid, 0);
*SubAuthority = SECURITY_NETWORK_SERVICE_RID;
return TRUE;
}
BOOLEAN
SepVariableInitialization()
/*++
Routine Description:
This function initializes the global variables used by and exposed
by security.
Arguments:
None.
Return Value:
TRUE if variables successfully initialized.
FALSE if not successfully initialized.
--*/
{
ULONG SidWithZeroSubAuthorities;
ULONG SidWithOneSubAuthority;
ULONG SidWithTwoSubAuthorities;
ULONG SidWithThreeSubAuthorities;
SID_IDENTIFIER_AUTHORITY NullSidAuthority;
SID_IDENTIFIER_AUTHORITY WorldSidAuthority;
SID_IDENTIFIER_AUTHORITY LocalSidAuthority;
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority;
SID_IDENTIFIER_AUTHORITY SeNtAuthority;
PAGED_CODE();
NullSidAuthority = SepNullSidAuthority;
WorldSidAuthority = SepWorldSidAuthority;
LocalSidAuthority = SepLocalSidAuthority;
CreatorSidAuthority = SepCreatorSidAuthority;
SeNtAuthority = SepNtAuthority;
//
// The following SID sizes need to be allocated
//
SidWithZeroSubAuthorities = RtlLengthRequiredSid( 0 );
SidWithOneSubAuthority = RtlLengthRequiredSid( 1 );
SidWithTwoSubAuthorities = RtlLengthRequiredSid( 2 );
SidWithThreeSubAuthorities = RtlLengthRequiredSid( 3 );
//
// Allocate and initialize the universal SIDs
//
SeNullSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeWorldSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeLocalSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeCreatorOwnerSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeCreatorGroupSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeCreatorOwnerServerSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeCreatorGroupServerSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
//
// Fail initialization if we didn't get enough memory for the universal
// SIDs.
//
if ( (SeNullSid == NULL) ||
(SeWorldSid == NULL) ||
(SeLocalSid == NULL) ||
(SeCreatorOwnerSid == NULL) ||
(SeCreatorGroupSid == NULL) ||
(SeCreatorOwnerServerSid == NULL ) ||
(SeCreatorGroupServerSid == NULL )
) {
return( FALSE );
}
RtlInitializeSid( SeNullSid, &NullSidAuthority, 1 );
RtlInitializeSid( SeWorldSid, &WorldSidAuthority, 1 );
RtlInitializeSid( SeLocalSid, &LocalSidAuthority, 1 );
RtlInitializeSid( SeCreatorOwnerSid, &CreatorSidAuthority, 1 );
RtlInitializeSid( SeCreatorGroupSid, &CreatorSidAuthority, 1 );
RtlInitializeSid( SeCreatorOwnerServerSid, &CreatorSidAuthority, 1 );
RtlInitializeSid( SeCreatorGroupServerSid, &CreatorSidAuthority, 1 );
*(RtlSubAuthoritySid( SeNullSid, 0 )) = SECURITY_NULL_RID;
*(RtlSubAuthoritySid( SeWorldSid, 0 )) = SECURITY_WORLD_RID;
*(RtlSubAuthoritySid( SeLocalSid, 0 )) = SECURITY_LOCAL_RID;
*(RtlSubAuthoritySid( SeCreatorOwnerSid, 0 )) = SECURITY_CREATOR_OWNER_RID;
*(RtlSubAuthoritySid( SeCreatorGroupSid, 0 )) = SECURITY_CREATOR_GROUP_RID;
*(RtlSubAuthoritySid( SeCreatorOwnerServerSid, 0 )) = SECURITY_CREATOR_OWNER_SERVER_RID;
*(RtlSubAuthoritySid( SeCreatorGroupServerSid, 0 )) = SECURITY_CREATOR_GROUP_SERVER_RID;
//
// Allocate and initialize the NT defined SIDs
//
SeNtAuthoritySid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithZeroSubAuthorities,'iSeS');
SeDialupSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeNetworkSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeBatchSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeInteractiveSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeServiceSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SePrincipalSelfSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeLocalSystemSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeAuthenticatedUsersSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeRestrictedSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeAnonymousLogonSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeLocalServiceSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeNetworkServiceSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithOneSubAuthority,'iSeS');
SeAliasAdminsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasUsersSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasGuestsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasPowerUsersSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasAccountOpsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasSystemOpsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasPrintOpsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
SeAliasBackupOpsSid = (PSID)ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE,SidWithTwoSubAuthorities,'iSeS');
//
// Fail initialization if we didn't get enough memory for the NT SIDs.
//
if ( (SeNtAuthoritySid == NULL) ||
(SeDialupSid == NULL) ||
(SeNetworkSid == NULL) ||
(SeBatchSid == NULL) ||
(SeInteractiveSid == NULL) ||
(SeServiceSid == NULL) ||
(SePrincipalSelfSid == NULL) ||
(SeLocalSystemSid == NULL) ||
(SeAuthenticatedUsersSid == NULL) ||
(SeRestrictedSid == NULL) ||
(SeAnonymousLogonSid == NULL) ||
(SeLocalServiceSid == NULL) ||
(SeNetworkServiceSid == NULL) ||
(SeAliasAdminsSid == NULL) ||
(SeAliasUsersSid == NULL) ||
(SeAliasGuestsSid == NULL) ||
(SeAliasPowerUsersSid == NULL) ||
(SeAliasAccountOpsSid == NULL) ||
(SeAliasSystemOpsSid == NULL) ||
(SeAliasPrintOpsSid == NULL) ||
(SeAliasBackupOpsSid == NULL)
) {
return( FALSE );
}
RtlInitializeSid( SeNtAuthoritySid, &SeNtAuthority, 0 );
RtlInitializeSid( SeDialupSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeNetworkSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeBatchSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeInteractiveSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeServiceSid, &SeNtAuthority, 1 );
RtlInitializeSid( SePrincipalSelfSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeLocalSystemSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeAuthenticatedUsersSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeRestrictedSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeAnonymousLogonSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeLocalServiceSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeNetworkServiceSid, &SeNtAuthority, 1 );
RtlInitializeSid( SeAliasAdminsSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasUsersSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasGuestsSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasPowerUsersSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasAccountOpsSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasSystemOpsSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasPrintOpsSid, &SeNtAuthority, 2);
RtlInitializeSid( SeAliasBackupOpsSid, &SeNtAuthority, 2);
*(RtlSubAuthoritySid( SeDialupSid, 0 )) = SECURITY_DIALUP_RID;
*(RtlSubAuthoritySid( SeNetworkSid, 0 )) = SECURITY_NETWORK_RID;
*(RtlSubAuthoritySid( SeBatchSid, 0 )) = SECURITY_BATCH_RID;
*(RtlSubAuthoritySid( SeInteractiveSid, 0 )) = SECURITY_INTERACTIVE_RID;
*(RtlSubAuthoritySid( SeServiceSid, 0 )) = SECURITY_SERVICE_RID;
*(RtlSubAuthoritySid( SePrincipalSelfSid, 0 )) = SECURITY_PRINCIPAL_SELF_RID;
*(RtlSubAuthoritySid( SeLocalSystemSid, 0 )) = SECURITY_LOCAL_SYSTEM_RID;
*(RtlSubAuthoritySid( SeAuthenticatedUsersSid, 0 )) = SECURITY_AUTHENTICATED_USER_RID;
*(RtlSubAuthoritySid( SeRestrictedSid, 0 )) = SECURITY_RESTRICTED_CODE_RID;
*(RtlSubAuthoritySid( SeAnonymousLogonSid, 0 )) = SECURITY_ANONYMOUS_LOGON_RID;
*(RtlSubAuthoritySid( SeLocalServiceSid, 0 )) = SECURITY_LOCAL_SERVICE_RID;
*(RtlSubAuthoritySid( SeNetworkServiceSid, 0 )) = SECURITY_NETWORK_SERVICE_RID;
*(RtlSubAuthoritySid( SeAliasAdminsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasUsersSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasGuestsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasPowerUsersSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasAccountOpsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasSystemOpsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasPrintOpsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasBackupOpsSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID;
*(RtlSubAuthoritySid( SeAliasAdminsSid, 1 )) = DOMAIN_ALIAS_RID_ADMINS;
*(RtlSubAuthoritySid( SeAliasUsersSid, 1 )) = DOMAIN_ALIAS_RID_USERS;
*(RtlSubAuthoritySid( SeAliasGuestsSid, 1 )) = DOMAIN_ALIAS_RID_GUESTS;
*(RtlSubAuthoritySid( SeAliasPowerUsersSid, 1 )) = DOMAIN_ALIAS_RID_POWER_USERS;
*(RtlSubAuthoritySid( SeAliasAccountOpsSid, 1 )) = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
*(RtlSubAuthoritySid( SeAliasSystemOpsSid, 1 )) = DOMAIN_ALIAS_RID_SYSTEM_OPS;
*(RtlSubAuthoritySid( SeAliasPrintOpsSid, 1 )) = DOMAIN_ALIAS_RID_PRINT_OPS;
*(RtlSubAuthoritySid( SeAliasBackupOpsSid, 1 )) = DOMAIN_ALIAS_RID_BACKUP_OPS;
//
// Initialize system default dacl
//
SepInitSystemDacls();
//
// Initialize the well known privilege values
//
SeCreateTokenPrivilege =
RtlConvertLongToLuid(SE_CREATE_TOKEN_PRIVILEGE);
SeAssignPrimaryTokenPrivilege =
RtlConvertLongToLuid(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE);
SeLockMemoryPrivilege =
RtlConvertLongToLuid(SE_LOCK_MEMORY_PRIVILEGE);
SeIncreaseQuotaPrivilege =
RtlConvertLongToLuid(SE_INCREASE_QUOTA_PRIVILEGE);
SeUnsolicitedInputPrivilege =
RtlConvertLongToLuid(SE_UNSOLICITED_INPUT_PRIVILEGE);
SeTcbPrivilege =
RtlConvertLongToLuid(SE_TCB_PRIVILEGE);
SeSecurityPrivilege =
RtlConvertLongToLuid(SE_SECURITY_PRIVILEGE);
SeTakeOwnershipPrivilege =
RtlConvertLongToLuid(SE_TAKE_OWNERSHIP_PRIVILEGE);
SeLoadDriverPrivilege =
RtlConvertLongToLuid(SE_LOAD_DRIVER_PRIVILEGE);
SeCreatePagefilePrivilege =
RtlConvertLongToLuid(SE_CREATE_PAGEFILE_PRIVILEGE);
SeIncreaseBasePriorityPrivilege =
RtlConvertLongToLuid(SE_INC_BASE_PRIORITY_PRIVILEGE);
SeSystemProfilePrivilege =
RtlConvertLongToLuid(SE_SYSTEM_PROFILE_PRIVILEGE);
SeSystemtimePrivilege =
RtlConvertLongToLuid(SE_SYSTEMTIME_PRIVILEGE);
SeProfileSingleProcessPrivilege =
RtlConvertLongToLuid(SE_PROF_SINGLE_PROCESS_PRIVILEGE);
SeCreatePermanentPrivilege =
RtlConvertLongToLuid(SE_CREATE_PERMANENT_PRIVILEGE);
SeBackupPrivilege =
RtlConvertLongToLuid(SE_BACKUP_PRIVILEGE);
SeRestorePrivilege =
RtlConvertLongToLuid(SE_RESTORE_PRIVILEGE);
SeShutdownPrivilege =
RtlConvertLongToLuid(SE_SHUTDOWN_PRIVILEGE);
SeDebugPrivilege =
RtlConvertLongToLuid(SE_DEBUG_PRIVILEGE);
SeAuditPrivilege =
RtlConvertLongToLuid(SE_AUDIT_PRIVILEGE);
SeSystemEnvironmentPrivilege =
RtlConvertLongToLuid(SE_SYSTEM_ENVIRONMENT_PRIVILEGE);
SeChangeNotifyPrivilege =
RtlConvertLongToLuid(SE_CHANGE_NOTIFY_PRIVILEGE);
SeRemoteShutdownPrivilege =
RtlConvertLongToLuid(SE_REMOTE_SHUTDOWN_PRIVILEGE);
SeUndockPrivilege =
RtlConvertLongToLuid(SE_UNDOCK_PRIVILEGE);
SeSyncAgentPrivilege =
RtlConvertLongToLuid(SE_SYNC_AGENT_PRIVILEGE);
SeEnableDelegationPrivilege =
RtlConvertLongToLuid(SE_ENABLE_DELEGATION_PRIVILEGE);
SeManageVolumePrivilege =
RtlConvertLongToLuid(SE_MANAGE_VOLUME_PRIVILEGE);
SeImpersonatePrivilege =
RtlConvertLongToLuid(SE_IMPERSONATE_PRIVILEGE);
SeCreateGlobalPrivilege =
RtlConvertLongToLuid(SE_CREATE_GLOBAL_PRIVILEGE);
//
// Initialize the SeExports structure for exporting all
// of the information we've created out of the kernel.
//
//
// Package these together for export
//
SepExports.SeNullSid = SeNullSid;
SepExports.SeWorldSid = SeWorldSid;
SepExports.SeLocalSid = SeLocalSid;
SepExports.SeCreatorOwnerSid = SeCreatorOwnerSid;
SepExports.SeCreatorGroupSid = SeCreatorGroupSid;
SepExports.SeNtAuthoritySid = SeNtAuthoritySid;
SepExports.SeDialupSid = SeDialupSid;
SepExports.SeNetworkSid = SeNetworkSid;
SepExports.SeBatchSid = SeBatchSid;
SepExports.SeInteractiveSid = SeInteractiveSid;
SepExports.SeLocalSystemSid = SeLocalSystemSid;
SepExports.SeAuthenticatedUsersSid = SeAuthenticatedUsersSid;
SepExports.SeRestrictedSid = SeRestrictedSid;
SepExports.SeAnonymousLogonSid = SeAnonymousLogonSid;
SepExports.SeLocalServiceSid = SeLocalServiceSid;
SepExports.SeNetworkServiceSid = SeNetworkServiceSid;
SepExports.SeAliasAdminsSid = SeAliasAdminsSid;
SepExports.SeAliasUsersSid = SeAliasUsersSid;
SepExports.SeAliasGuestsSid = SeAliasGuestsSid;
SepExports.SeAliasPowerUsersSid = SeAliasPowerUsersSid;
SepExports.SeAliasAccountOpsSid = SeAliasAccountOpsSid;
SepExports.SeAliasSystemOpsSid = SeAliasSystemOpsSid;
SepExports.SeAliasPrintOpsSid = SeAliasPrintOpsSid;
SepExports.SeAliasBackupOpsSid = SeAliasBackupOpsSid;
SepExports.SeCreateTokenPrivilege = SeCreateTokenPrivilege;
SepExports.SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
SepExports.SeLockMemoryPrivilege = SeLockMemoryPrivilege;
SepExports.SeIncreaseQuotaPrivilege = SeIncreaseQuotaPrivilege;
SepExports.SeUnsolicitedInputPrivilege = SeUnsolicitedInputPrivilege;
SepExports.SeTcbPrivilege = SeTcbPrivilege;
SepExports.SeSecurityPrivilege = SeSecurityPrivilege;
SepExports.SeTakeOwnershipPrivilege = SeTakeOwnershipPrivilege;
SepExports.SeLoadDriverPrivilege = SeLoadDriverPrivilege;
SepExports.SeCreatePagefilePrivilege = SeCreatePagefilePrivilege;
SepExports.SeIncreaseBasePriorityPrivilege = SeIncreaseBasePriorityPrivilege;
SepExports.SeSystemProfilePrivilege = SeSystemProfilePrivilege;
SepExports.SeSystemtimePrivilege = SeSystemtimePrivilege;
SepExports.SeProfileSingleProcessPrivilege = SeProfileSingleProcessPrivilege;
SepExports.SeCreatePermanentPrivilege = SeCreatePermanentPrivilege;
SepExports.SeBackupPrivilege = SeBackupPrivilege;
SepExports.SeRestorePrivilege = SeRestorePrivilege;
SepExports.SeShutdownPrivilege = SeShutdownPrivilege;
SepExports.SeDebugPrivilege = SeDebugPrivilege;
SepExports.SeAuditPrivilege = SeAuditPrivilege;
SepExports.SeSystemEnvironmentPrivilege = SeSystemEnvironmentPrivilege;
SepExports.SeChangeNotifyPrivilege = SeChangeNotifyPrivilege;
SepExports.SeRemoteShutdownPrivilege = SeRemoteShutdownPrivilege;
SepExports.SeUndockPrivilege = SeUndockPrivilege;
SepExports.SeSyncAgentPrivilege = SeSyncAgentPrivilege;
SepExports.SeEnableDelegationPrivilege = SeEnableDelegationPrivilege;
SepExports.SeManageVolumePrivilege = SeManageVolumePrivilege;
SepExports.SeImpersonatePrivilege = SeImpersonatePrivilege ;
SepExports.SeCreateGlobalPrivilege = SeCreateGlobalPrivilege;
SeExports = &SepExports;
//
// Initialize frequently used privilege sets to speed up access
// validation.
//
SepInitializePrivilegeSets();
return TRUE;
}
//----------------------------------------------------------------------
//
// NTIRemoveWorldAce
//
// Scans the passed security descriptor's DACL, looking for
// the World SID's ACE (its first because the of the way device object
// security descriptors are created) and removes it.
//
// If successful, the original security descriptor is deallocated
// and a new one is returned.
//
//----------------------------------------------------------------------
NTSTATUS NTIRemoveWorldAce( PSECURITY_DESCRIPTOR SecurityDescriptor,
PSECURITY_DESCRIPTOR *NewSecurityDescriptor )
{
PSECURITY_DESCRIPTOR absSecurityDescriptor;
PSECURITY_DESCRIPTOR relSecurityDescriptor;
PACE_HEADER aceHeader;
NTSTATUS status;
PACL Dacl;
BOOLEAN DaclPresent, DaclDefaulted;
USHORT aceIndex;
ULONG worldSidLength;
SID_IDENTIFIER_AUTHORITY worldSidAuthority = SECURITY_WORLD_SID_AUTHORITY;
PULONG worldSidSubAuthority;
ULONG relLength;
PSID worldSid;
PSID aceSid;
//
// First, get an absolute version of the self-relative descriptor
//
relLength = RtlLengthSecurityDescriptor( SecurityDescriptor );
status = NTIMakeAbsoluteSD( SecurityDescriptor,
&absSecurityDescriptor );
if( !NT_SUCCESS( status )) {
return status;
}
//
// Pull the DACL out so that we can scan it
//
status = RtlGetDaclSecurityDescriptor( absSecurityDescriptor,
&DaclPresent,
&Dacl,
&DaclDefaulted );
if( !NT_SUCCESS( status ) || !DaclPresent ) {
DbgPrint(("Secsys: strange - couldn't get DACL from our absolute SD: %x\n",
status ));
ExFreePool( absSecurityDescriptor );
return status;
}
//
// Initialize a SID that identifies the world-authority so
// that we can recognize it in the ACL
//
worldSidLength = RtlLengthRequiredSid( 1 );
worldSid = (PSID) ExAllocatePool( PagedPool, worldSidLength );
RtlInitializeSid( worldSid, &worldSidAuthority, 1 );
worldSidSubAuthority = RtlSubAuthoritySid( worldSid, 0 );
*worldSidSubAuthority = SECURITY_WORLD_RID;
//
// Now march through the ACEs looking for the World ace. We could
// do one of two things:
//
// - remove the ACE
// - convert it into a grant-nothing ACE
//
// For demonstration purposes I'll remove the ACE. In addition,
// this requires that I implement kernel-mode GetAce and DeleteAce functions,
// since they are not implemented by the NT kernel.
//
DbgPrint(("Secsys: %d ACEs in DACL\n", Dacl->AceCount ));
for( aceIndex = 0; aceIndex < Dacl->AceCount; aceIndex++ ) {
aceHeader = NTIGetAce( Dacl, aceIndex );
DbgPrint((" ACE: type: %s mask: %x\n",
(aceHeader->AceType & ACCESS_DENIED_ACE_TYPE ? "Deny" : "Allow"),
*(PULONG) ((PUCHAR) aceHeader + sizeof(ACE_HEADER))));
//
// Get the SID in this ACE and see if its the WORLD (Everyone) SID
//
aceSid = (PSID) ((PUCHAR) aceHeader + sizeof(ACE_HEADER) + sizeof(ULONG));
if( RtlEqualSid( worldSid, aceSid )) {
//
// We found it: remove it.
//
DbgPrint(("Secsys: Deleting ace %d\n", aceIndex ));
NTIDeleteAce( Dacl, aceIndex );
break;
}
}
//
// Write new DACL back to security descriptor
//
status = RtlSetDaclSecurityDescriptor( absSecurityDescriptor,
TRUE,
Dacl,
FALSE );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Could not update SD Dacl: %x\n", status ));
goto cleanup;
}
//
// Make sure its valid
//
if( !RtlValidSecurityDescriptor( absSecurityDescriptor )) {
DbgPrint(("Secsys: SD after remove is invalid!\n"));
status = STATUS_UNSUCCESSFUL;
goto cleanup;
}
//
// Now convert the security descriptor back to
// self-relative
//
relSecurityDescriptor = ExAllocatePool( PagedPool, relLength );
status = RtlAbsoluteToSelfRelativeSD( absSecurityDescriptor,
relSecurityDescriptor, &relLength );
if( !NT_SUCCESS( status )) {
DbgPrint(("Could not convert absolute SD to relative: %x\n", status ));
}
//
// Final step, free the original security descriptor and return the new one
//
ExFreePool( SecurityDescriptor );
*NewSecurityDescriptor = relSecurityDescriptor;
cleanup:
ExFreePool( worldSid );
ExFreePool( absSecurityDescriptor );
return status;
}
/******************************************************************************
* GetSidLengthRequired [ADVAPI32.@]
*
* PARAMS
* nSubAuthorityCount []
*/
DWORD WINAPI
GetSidLengthRequired( BYTE nSubAuthorityCount )
{
return RtlLengthRequiredSid(nSubAuthorityCount);
}
