blob: 0b9dfe753cdfa0c508d3ab2ba422cf0affe05a75
| 1 | /* GNU GENERAL PUBLIC LICENSE |
| 2 | * Version 2, June 1991 |
| 3 | * |
| 4 | * Copyright (C) 1989, 1991 Free Software Foundation, Inc. |
| 5 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 6 | * Everyone is permitted to copy and distribute verbatim copies |
| 7 | * of this license document, but changing it is not allowed. |
| 8 | * |
| 9 | * Preamble |
| 10 | * |
| 11 | * The licenses for most software are designed to take away your |
| 12 | *freedom to share and change it. By contrast, the GNU General Public |
| 13 | *License is intended to guarantee your freedom to share and change free |
| 14 | *software--to make sure the software is free for all its users. This |
| 15 | *General Public License applies to most of the Free Software |
| 16 | *Foundation's software and to any other program whose authors commit to |
| 17 | *using it. (Some other Free Software Foundation software is covered by |
| 18 | *the GNU Library General Public License instead.) You can apply it to |
| 19 | *your programs, too. |
| 20 | * |
| 21 | * When we speak of free software, we are referring to freedom, not |
| 22 | *price. Our General Public Licenses are designed to make sure that you |
| 23 | *have the freedom to distribute copies of free software (and charge for |
| 24 | *this service if you wish), that you receive source code or can get it |
| 25 | *if you want it, that you can change the software or use pieces of it |
| 26 | *in new free programs; and that you know you can do these things. |
| 27 | * |
| 28 | * To protect your rights, we need to make restrictions that forbid |
| 29 | *anyone to deny you these rights or to ask you to surrender the rights. |
| 30 | *These restrictions translate to certain responsibilities for you if you |
| 31 | *distribute copies of the software, or if you modify it. |
| 32 | * |
| 33 | * For example, if you distribute copies of such a program, whether |
| 34 | *gratis or for a fee, you must give the recipients all the rights that |
| 35 | *you have. You must make sure that they, too, receive or can get the |
| 36 | *source code. And you must show them these terms so they know their |
| 37 | *rights. |
| 38 | * |
| 39 | * We protect your rights with two steps: (1) copyright the software, and |
| 40 | *(2) offer you this license which gives you legal permission to copy, |
| 41 | *distribute and/or modify the software. |
| 42 | * |
| 43 | * Also, for each author's protection and ours, we want to make certain |
| 44 | *that everyone understands that there is no warranty for this free |
| 45 | *software. If the software is modified by someone else and passed on, we |
| 46 | *want its recipients to know that what they have is not the original, so |
| 47 | *that any problems introduced by others will not reflect on the original |
| 48 | *authors' reputations. |
| 49 | * |
| 50 | * Finally, any free program is threatened constantly by software |
| 51 | *patents. We wish to avoid the danger that redistributors of a free |
| 52 | *program will individually obtain patent licenses, in effect making the |
| 53 | *program proprietary. To prevent this, we have made it clear that any |
| 54 | *patent must be licensed for everyone's free use or not licensed at all. |
| 55 | * |
| 56 | * The precise terms and conditions for copying, distribution and |
| 57 | *modification follow. |
| 58 | * |
| 59 | * GNU GENERAL PUBLIC LICENSE |
| 60 | * TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION |
| 61 | * |
| 62 | * 0. This License applies to any program or other work which contains |
| 63 | *a notice placed by the copyright holder saying it may be distributed |
| 64 | *under the terms of this General Public License. The "Program", below, |
| 65 | *refers to any such program or work, and a "work based on the Program" |
| 66 | *means either the Program or any derivative work under copyright law: |
| 67 | *that is to say, a work containing the Program or a portion of it, |
| 68 | *either verbatim or with modifications and/or translated into another |
| 69 | *language. (Hereinafter, translation is included without limitation in |
| 70 | *the term "modification".) Each licensee is addressed as "you". |
| 71 | * |
| 72 | *Activities other than copying, distribution and modification are not |
| 73 | *covered by this License; they are outside its scope. The act of |
| 74 | *running the Program is not restricted, and the output from the Program |
| 75 | *is covered only if its contents constitute a work based on the |
| 76 | *Program (independent of having been made by running the Program). |
| 77 | *Whether that is true depends on what the Program does. |
| 78 | * |
| 79 | * 1. You may copy and distribute verbatim copies of the Program's |
| 80 | *source code as you receive it, in any medium, provided that you |
| 81 | *conspicuously and appropriately publish on each copy an appropriate |
| 82 | *copyright notice and disclaimer of warranty; keep intact all the |
| 83 | *notices that refer to this License and to the absence of any warranty; |
| 84 | *and give any other recipients of the Program a copy of this License |
| 85 | *along with the Program. |
| 86 | * |
| 87 | *You may charge a fee for the physical act of transferring a copy, and |
| 88 | *you may at your option offer warranty protection in exchange for a fee. |
| 89 | * |
| 90 | * 2. You may modify your copy or copies of the Program or any portion |
| 91 | *of it, thus forming a work based on the Program, and copy and |
| 92 | *distribute such modifications or work under the terms of Section 1 |
| 93 | *above, provided that you also meet all of these conditions: |
| 94 | * |
| 95 | * a) You must cause the modified files to carry prominent notices |
| 96 | * stating that you changed the files and the date of any change. |
| 97 | * |
| 98 | * b) You must cause any work that you distribute or publish, that in |
| 99 | * whole or in part contains or is derived from the Program or any |
| 100 | * part thereof, to be licensed as a whole at no charge to all third |
| 101 | * parties under the terms of this License. |
| 102 | * |
| 103 | * c) If the modified program normally reads commands interactively |
| 104 | * when run, you must cause it, when started running for such |
| 105 | * interactive use in the most ordinary way, to print or display an |
| 106 | * announcement including an appropriate copyright notice and a |
| 107 | * notice that there is no warranty (or else, saying that you provide |
| 108 | * a warranty) and that users may redistribute the program under |
| 109 | * these conditions, and telling the user how to view a copy of this |
| 110 | * License. (Exception: if the Program itself is interactive but |
| 111 | * does not normally print such an announcement, your work based on |
| 112 | * the Program is not required to print an announcement.) |
| 113 | * |
| 114 | *These requirements apply to the modified work as a whole. If |
| 115 | *identifiable sections of that work are not derived from the Program, |
| 116 | *and can be reasonably considered independent and separate works in |
| 117 | *themselves, then this License, and its terms, do not apply to those |
| 118 | *sections when you distribute them as separate works. But when you |
| 119 | *distribute the same sections as part of a whole which is a work based |
| 120 | *on the Program, the distribution of the whole must be on the terms of |
| 121 | *this License, whose permissions for other licensees extend to the |
| 122 | *entire whole, and thus to each and every part regardless of who wrote it. |
| 123 | * |
| 124 | *Thus, it is not the intent of this section to claim rights or contest |
| 125 | *your rights to work written entirely by you; rather, the intent is to |
| 126 | *exercise the right to control the distribution of derivative or |
| 127 | *collective works based on the Program. |
| 128 | * |
| 129 | *In addition, mere aggregation of another work not based on the Program |
| 130 | *with the Program (or with a work based on the Program) on a volume of |
| 131 | *a storage or distribution medium does not bring the other work under |
| 132 | *the scope of this License. |
| 133 | * |
| 134 | * 3. You may copy and distribute the Program (or a work based on it, |
| 135 | *under Section 2) in object code or executable form under the terms of |
| 136 | *Sections 1 and 2 above provided that you also do one of the following: |
| 137 | * |
| 138 | * a) Accompany it with the complete corresponding machine-readable |
| 139 | * source code, which must be distributed under the terms of Sections |
| 140 | * 1 and 2 above on a medium customarily used for software interchange; or, |
| 141 | * |
| 142 | * b) Accompany it with a written offer, valid for at least three |
| 143 | * years, to give any third party, for a charge no more than your |
| 144 | * cost of physically performing source distribution, a complete |
| 145 | * machine-readable copy of the corresponding source code, to be |
| 146 | * distributed under the terms of Sections 1 and 2 above on a medium |
| 147 | * customarily used for software interchange; or, |
| 148 | * |
| 149 | * c) Accompany it with the information you received as to the offer |
| 150 | * to distribute corresponding source code. (This alternative is |
| 151 | * allowed only for noncommercial distribution and only if you |
| 152 | * received the program in object code or executable form with such |
| 153 | * an offer, in accord with Subsection b above.) |
| 154 | |
| 155 | *The source code for a work means the preferred form of the work for |
| 156 | *making modifications to it. For an executable work, complete source |
| 157 | *code means all the source code for all modules it contains, plus any |
| 158 | *associated interface definition files, plus the scripts used to |
| 159 | *control compilation and installation of the executable. However, as a |
| 160 | *special exception, the source code distributed need not include |
| 161 | *anything that is normally distributed (in either source or binary |
| 162 | *form) with the major components (compiler, kernel, and so on) of the |
| 163 | *operating system on which the executable runs, unless that component |
| 164 | *itself accompanies the executable. |
| 165 | * |
| 166 | *If distribution of executable or object code is made by offering |
| 167 | *access to copy from a designated place, then offering equivalent |
| 168 | *access to copy the source code from the same place counts as |
| 169 | *distribution of the source code, even though third parties are not |
| 170 | *compelled to copy the source along with the object code. |
| 171 | * |
| 172 | * 4. You may not copy, modify, sublicense, or distribute the Program |
| 173 | *except as expressly provided under this License. Any attempt |
| 174 | *otherwise to copy, modify, sublicense or distribute the Program is |
| 175 | *void, and will automatically terminate your rights under this License. |
| 176 | *However, parties who have received copies, or rights, from you under |
| 177 | *this License will not have their licenses terminated so long as such |
| 178 | *parties remain in full compliance. |
| 179 | * |
| 180 | * 5. You are not required to accept this License, since you have not |
| 181 | *signed it. However, nothing else grants you permission to modify or |
| 182 | *distribute the Program or its derivative works. These actions are |
| 183 | *prohibited by law if you do not accept this License. Therefore, by |
| 184 | *modifying or distributing the Program (or any work based on the |
| 185 | *Program), you indicate your acceptance of this License to do so, and |
| 186 | *all its terms and conditions for copying, distributing or modifying |
| 187 | *the Program or works based on it. |
| 188 | * |
| 189 | * 6. Each time you redistribute the Program (or any work based on the |
| 190 | *Program), the recipient automatically receives a license from the |
| 191 | *original licensor to copy, distribute or modify the Program subject to |
| 192 | *these terms and conditions. You may not impose any further |
| 193 | *restrictions on the recipients' exercise of the rights granted herein. |
| 194 | *You are not responsible for enforcing compliance by third parties to |
| 195 | *this License. |
| 196 | * |
| 197 | * 7. If, as a consequence of a court judgment or allegation of patent |
| 198 | *infringement or for any other reason (not limited to patent issues), |
| 199 | *conditions are imposed on you (whether by court order, agreement or |
| 200 | *otherwise) that contradict the conditions of this License, they do not |
| 201 | *excuse you from the conditions of this License. If you cannot |
| 202 | *distribute so as to satisfy simultaneously your obligations under this |
| 203 | *License and any other pertinent obligations, then as a consequence you |
| 204 | *may not distribute the Program at all. For example, if a patent |
| 205 | *license would not permit royalty-free redistribution of the Program by |
| 206 | *all those who receive copies directly or indirectly through you, then |
| 207 | *the only way you could satisfy both it and this License would be to |
| 208 | *refrain entirely from distribution of the Program. |
| 209 | * |
| 210 | *If any portion of this section is held invalid or unenforceable under |
| 211 | *any particular circumstance, the balance of the section is intended to |
| 212 | *apply and the section as a whole is intended to apply in other |
| 213 | *circumstances. |
| 214 | * |
| 215 | *It is not the purpose of this section to induce you to infringe any |
| 216 | *patents or other property right claims or to contest validity of any |
| 217 | *such claims; this section has the sole purpose of protecting the |
| 218 | *integrity of the free software distribution system, which is |
| 219 | *implemented by public license practices. Many people have made |
| 220 | *generous contributions to the wide range of software distributed |
| 221 | *through that system in reliance on consistent application of that |
| 222 | *system; it is up to the author/donor to decide if he or she is willing |
| 223 | *to distribute software through any other system and a licensee cannot |
| 224 | *impose that choice. |
| 225 | * |
| 226 | *This section is intended to make thoroughly clear what is believed to |
| 227 | *be a consequence of the rest of this License. |
| 228 | * |
| 229 | * 8. If the distribution and/or use of the Program is restricted in |
| 230 | *certain countries either by patents or by copyrighted interfaces, the |
| 231 | *original copyright holder who places the Program under this License |
| 232 | *may add an explicit geographical distribution limitation excluding |
| 233 | *those countries, so that distribution is permitted only in or among |
| 234 | *countries not thus excluded. In such case, this License incorporates |
| 235 | *the limitation as if written in the body of this License. |
| 236 | * |
| 237 | * 9. The Free Software Foundation may publish revised and/or new versions |
| 238 | *of the General Public License from time to time. Such new versions will |
| 239 | *be similar in spirit to the present version, but may differ in detail to |
| 240 | *address new problems or concerns. |
| 241 | * |
| 242 | *Each version is given a distinguishing version number. If the Program |
| 243 | *specifies a version number of this License which applies to it and "any |
| 244 | *later version", you have the option of following the terms and conditions |
| 245 | *either of that version or of any later version published by the Free |
| 246 | *Software Foundation. If the Program does not specify a version number of |
| 247 | *this License, you may choose any version ever published by the Free Software |
| 248 | *Foundation. |
| 249 | * |
| 250 | * 10. If you wish to incorporate parts of the Program into other free |
| 251 | *programs whose distribution conditions are different, write to the author |
| 252 | *to ask for permission. For software which is copyrighted by the Free |
| 253 | *Software Foundation, write to the Free Software Foundation; we sometimes |
| 254 | *make exceptions for this. Our decision will be guided by the two goals |
| 255 | *of preserving the free status of all derivatives of our free software and |
| 256 | *of promoting the sharing and reuse of software generally. |
| 257 | * |
| 258 | * NO WARRANTY |
| 259 | * |
| 260 | * 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY |
| 261 | *FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN |
| 262 | *OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES |
| 263 | *PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED |
| 264 | *OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| 265 | *MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS |
| 266 | *TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE |
| 267 | *PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, |
| 268 | *REPAIR OR CORRECTION. |
| 269 | * |
| 270 | * 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
| 271 | *WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR |
| 272 | *REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, |
| 273 | *INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING |
| 274 | *OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED |
| 275 | *TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY |
| 276 | *YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER |
| 277 | *PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE |
| 278 | *POSSIBILITY OF SUCH DAMAGES. |
| 279 | * |
| 280 | * END OF TERMS AND CONDITIONS |
| 281 | * |
| 282 | * How to Apply These Terms to Your New Programs |
| 283 | * |
| 284 | * If you develop a new program, and you want it to be of the greatest |
| 285 | *possible use to the public, the best way to achieve this is to make it |
| 286 | *free software which everyone can redistribute and change under these terms. |
| 287 | * |
| 288 | * To do so, attach the following notices to the program. It is safest |
| 289 | *to attach them to the start of each source file to most effectively |
| 290 | *convey the exclusion of warranty; and each file should have at least |
| 291 | *the "copyright" line and a pointer to where the full notice is found. |
| 292 | * |
| 293 | * <one line to give the program's name and a brief idea of what it does.> |
| 294 | * Copyright (C) <year> <name of author> |
| 295 | * |
| 296 | * This program is free software; you can redistribute it and/or modify |
| 297 | * it under the terms of the GNU General Public License as published by |
| 298 | * the Free Software Foundation; either version 2 of the License, or |
| 299 | * (at your option) any later version. |
| 300 | * |
| 301 | * This program is distributed in the hope that it will be useful, |
| 302 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 303 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 304 | * GNU General Public License for more details. |
| 305 | * |
| 306 | * You should have received a copy of the GNU General Public License |
| 307 | * along with this program; if not, write to the Free Software |
| 308 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 309 | * |
| 310 | * |
| 311 | *Also add information on how to contact you by electronic and paper mail. |
| 312 | * |
| 313 | *If the program is interactive, make it output a short notice like this |
| 314 | *when it starts in an interactive mode: |
| 315 | * |
| 316 | * Gnomovision version 69, Copyright (C) year name of author |
| 317 | * Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. |
| 318 | * This is free software, and you are welcome to redistribute it |
| 319 | * under certain conditions; type `show c' for details. |
| 320 | * |
| 321 | *The hypothetical commands `show w' and `show c' should show the appropriate |
| 322 | *parts of the General Public License. Of course, the commands you use may |
| 323 | *be called something other than `show w' and `show c'; they could even be |
| 324 | *mouse-clicks or menu items--whatever suits your program. |
| 325 | * |
| 326 | *You should also get your employer (if you work as a programmer) or your |
| 327 | *school, if any, to sign a "copyright disclaimer" for the program, if |
| 328 | *necessary. Here is a sample; alter the names: |
| 329 | * |
| 330 | * Yoyodyne, Inc., hereby disclaims all copyright interest in the program |
| 331 | * `Gnomovision' (which makes passes at compilers) written by James Hacker. |
| 332 | * |
| 333 | * <signature of Ty Coon>, 1 April 1989 |
| 334 | * Ty Coon, President of Vice |
| 335 | * |
| 336 | *This General Public License does not permit incorporating your program into |
| 337 | *proprietary programs. If your program is a subroutine library, you may |
| 338 | *consider it more useful to permit linking proprietary applications with the |
| 339 | *library. If this is what you want to do, use the GNU Library General |
| 340 | *Public License instead of this License. |
| 341 | */ |
| 342 | |
| 343 | #include "types.h" |
| 344 | #include "layout.h" |
| 345 | #include "sd.h" |
| 346 | |
| 347 | /** |
| 348 | * init_system_file_sd - |
| 349 | * |
| 350 | * NTFS 3.1 - System files security decriptors |
| 351 | * ===================================================== |
| 352 | * |
| 353 | * Create the security descriptor for system file number @sys_file_no and |
| 354 | * return a pointer to the descriptor. |
| 355 | * |
| 356 | * Note the root directory system file (".") is very different and handled by a |
| 357 | * different function. |
| 358 | * |
| 359 | * The sd is returned in *@sd_val and has length *@sd_val_len. |
| 360 | * |
| 361 | * Do NOT free *@sd_val as it is static memory. This also means that you can |
| 362 | * only use *@sd_val until the next call to this function. |
| 363 | */ |
| 364 | void init_system_file_sd(int sys_file_no, u8 **sd_val, int *sd_val_len) |
| 365 | { |
| 366 | static u8 sd_array[0x68]; |
| 367 | SECURITY_DESCRIPTOR_RELATIVE *sd; |
| 368 | ACL *acl; |
| 369 | ACCESS_ALLOWED_ACE *aa_ace; |
| 370 | SID *sid; |
| 371 | le32 *sub_authorities; |
| 372 | |
| 373 | if (sys_file_no < 0) { |
| 374 | *sd_val = NULL; |
| 375 | *sd_val_len = 0; |
| 376 | return; |
| 377 | } |
| 378 | *sd_val = sd_array; |
| 379 | sd = (SECURITY_DESCRIPTOR_RELATIVE*)&sd_array; |
| 380 | sd->revision = 1; |
| 381 | sd->alignment = 0; |
| 382 | sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; |
| 383 | *sd_val_len = 0x64; |
| 384 | sd->owner = const_cpu_to_le32(0x48); |
| 385 | sd->group = const_cpu_to_le32(0x54); |
| 386 | sd->sacl = const_cpu_to_le32(0); |
| 387 | sd->dacl = const_cpu_to_le32(0x14); |
| 388 | /* |
| 389 | * Now at offset 0x14, as specified in the security descriptor, we have |
| 390 | * the DACL. |
| 391 | */ |
| 392 | acl = (ACL*)((char*)sd + le32_to_cpu(sd->dacl)); |
| 393 | acl->revision = 2; |
| 394 | acl->alignment1 = 0; |
| 395 | acl->size = const_cpu_to_le16(0x34); |
| 396 | acl->ace_count = const_cpu_to_le16(2); |
| 397 | acl->alignment2 = const_cpu_to_le16(0); |
| 398 | /* |
| 399 | * Now at offset 0x1c, just after the DACL's ACL, we have the first |
| 400 | * ACE of the DACL. The type of the ACE is access allowed. |
| 401 | */ |
| 402 | aa_ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); |
| 403 | aa_ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 404 | aa_ace->flags = 0; |
| 405 | aa_ace->size = const_cpu_to_le16(0x14); |
| 406 | switch (sys_file_no) { |
| 407 | case FILE_AttrDef: |
| 408 | case FILE_Boot: |
| 409 | aa_ace->mask = SYNCHRONIZE | STANDARD_RIGHTS_READ | |
| 410 | FILE_READ_ATTRIBUTES | FILE_READ_EA | FILE_READ_DATA; |
| 411 | break; |
| 412 | default: |
| 413 | aa_ace->mask = SYNCHRONIZE | STANDARD_RIGHTS_WRITE | |
| 414 | FILE_WRITE_ATTRIBUTES | FILE_READ_ATTRIBUTES | |
| 415 | FILE_WRITE_EA | FILE_READ_EA | FILE_APPEND_DATA | |
| 416 | FILE_WRITE_DATA | FILE_READ_DATA; |
| 417 | break; |
| 418 | } |
| 419 | aa_ace->sid.revision = 1; |
| 420 | aa_ace->sid.sub_authority_count = 1; |
| 421 | aa_ace->sid.identifier_authority.value[0] = 0; |
| 422 | aa_ace->sid.identifier_authority.value[1] = 0; |
| 423 | aa_ace->sid.identifier_authority.value[2] = 0; |
| 424 | aa_ace->sid.identifier_authority.value[3] = 0; |
| 425 | aa_ace->sid.identifier_authority.value[4] = 0; |
| 426 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 427 | aa_ace->sid.identifier_authority.value[5] = 5; |
| 428 | aa_ace->sid.sub_authority[0] = |
| 429 | const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 430 | /* |
| 431 | * Now at offset 0x30 within security descriptor, just after the first |
| 432 | * ACE of the DACL. All system files, except the root directory, have |
| 433 | * a second ACE. |
| 434 | */ |
| 435 | /* The second ACE of the DACL. Type is access allowed. */ |
| 436 | aa_ace = (ACCESS_ALLOWED_ACE*)((char*)aa_ace + |
| 437 | le16_to_cpu(aa_ace->size)); |
| 438 | aa_ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 439 | aa_ace->flags = 0; |
| 440 | aa_ace->size = const_cpu_to_le16(0x18); |
| 441 | /* Only $AttrDef and $Boot behave differently to everything else. */ |
| 442 | switch (sys_file_no) { |
| 443 | case FILE_AttrDef: |
| 444 | case FILE_Boot: |
| 445 | aa_ace->mask = SYNCHRONIZE | STANDARD_RIGHTS_READ | |
| 446 | FILE_READ_ATTRIBUTES | FILE_READ_EA | |
| 447 | FILE_READ_DATA; |
| 448 | break; |
| 449 | default: |
| 450 | aa_ace->mask = SYNCHRONIZE | STANDARD_RIGHTS_READ | |
| 451 | FILE_WRITE_ATTRIBUTES | |
| 452 | FILE_READ_ATTRIBUTES | FILE_WRITE_EA | |
| 453 | FILE_READ_EA | FILE_APPEND_DATA | |
| 454 | FILE_WRITE_DATA | FILE_READ_DATA; |
| 455 | break; |
| 456 | } |
| 457 | aa_ace->sid.revision = 1; |
| 458 | aa_ace->sid.sub_authority_count = 2; |
| 459 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 460 | aa_ace->sid.identifier_authority.value[0] = 0; |
| 461 | aa_ace->sid.identifier_authority.value[1] = 0; |
| 462 | aa_ace->sid.identifier_authority.value[2] = 0; |
| 463 | aa_ace->sid.identifier_authority.value[3] = 0; |
| 464 | aa_ace->sid.identifier_authority.value[4] = 0; |
| 465 | aa_ace->sid.identifier_authority.value[5] = 5; |
| 466 | sub_authorities = aa_ace->sid.sub_authority; |
| 467 | *sub_authorities++ = |
| 468 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 469 | *sub_authorities = |
| 470 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 471 | /* |
| 472 | * Now at offset 0x48 into the security descriptor, as specified in the |
| 473 | * security descriptor, we now have the owner SID. |
| 474 | */ |
| 475 | sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); |
| 476 | sid->revision = 1; |
| 477 | sid->sub_authority_count = 1; |
| 478 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 479 | sid->identifier_authority.value[0] = 0; |
| 480 | sid->identifier_authority.value[1] = 0; |
| 481 | sid->identifier_authority.value[2] = 0; |
| 482 | sid->identifier_authority.value[3] = 0; |
| 483 | sid->identifier_authority.value[4] = 0; |
| 484 | sid->identifier_authority.value[5] = 5; |
| 485 | sid->sub_authority[0] = const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 486 | /* |
| 487 | * Now at offset 0x54 into the security descriptor, as specified in the |
| 488 | * security descriptor, we have the group SID. |
| 489 | */ |
| 490 | sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); |
| 491 | sid->revision = 1; |
| 492 | sid->sub_authority_count = 2; |
| 493 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 494 | sid->identifier_authority.value[0] = 0; |
| 495 | sid->identifier_authority.value[1] = 0; |
| 496 | sid->identifier_authority.value[2] = 0; |
| 497 | sid->identifier_authority.value[3] = 0; |
| 498 | sid->identifier_authority.value[4] = 0; |
| 499 | sid->identifier_authority.value[5] = 5; |
| 500 | sub_authorities = sid->sub_authority; |
| 501 | *sub_authorities++ = const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 502 | *sub_authorities = const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 503 | } |
| 504 | |
| 505 | /** |
| 506 | * init_root_sd - |
| 507 | * |
| 508 | * Creates the security_descriptor for the root folder on ntfs 3.1 as created |
| 509 | * by Windows Vista (when the format is done from the disk management MMC |
| 510 | * snap-in, note this is different from the format done from the disk |
| 511 | * properties in Windows Explorer). |
| 512 | */ |
| 513 | void init_root_sd(u8 **sd_val, int *sd_val_len) |
| 514 | { |
| 515 | SECURITY_DESCRIPTOR_RELATIVE *sd; |
| 516 | ACL *acl; |
| 517 | ACCESS_ALLOWED_ACE *ace; |
| 518 | SID *sid; |
| 519 | le32 *sub_authorities; |
| 520 | |
| 521 | static char sd_array[0x102c]; |
| 522 | *sd_val_len = 0x102c; |
| 523 | *sd_val = (u8*)&sd_array; |
| 524 | |
| 525 | //security descriptor relative |
| 526 | sd = (SECURITY_DESCRIPTOR_RELATIVE*)sd_array; |
| 527 | sd->revision = SECURITY_DESCRIPTOR_REVISION; |
| 528 | sd->alignment = 0; |
| 529 | sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; |
| 530 | sd->owner = const_cpu_to_le32(0x1014); |
| 531 | sd->group = const_cpu_to_le32(0x1020); |
| 532 | sd->sacl = 0; |
| 533 | sd->dacl = const_cpu_to_le32(sizeof(SECURITY_DESCRIPTOR_RELATIVE)); |
| 534 | |
| 535 | //acl |
| 536 | acl = (ACL*)((u8*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); |
| 537 | acl->revision = ACL_REVISION; |
| 538 | acl->alignment1 = 0; |
| 539 | acl->size = const_cpu_to_le16(0x1000); |
| 540 | acl->ace_count = const_cpu_to_le16(0x08); |
| 541 | acl->alignment2 = 0; |
| 542 | |
| 543 | //ace1 |
| 544 | ace = (ACCESS_ALLOWED_ACE*)((u8*)acl + sizeof(ACL)); |
| 545 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 546 | ace->flags = 0; |
| 547 | ace->size = const_cpu_to_le16(0x18); |
| 548 | ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | |
| 549 | FILE_LIST_DIRECTORY | FILE_WRITE_DATA | |
| 550 | FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | |
| 551 | FILE_TRAVERSE | FILE_DELETE_CHILD | |
| 552 | FILE_READ_ATTRIBUTES; |
| 553 | ace->sid.revision = SID_REVISION; |
| 554 | ace->sid.sub_authority_count = 0x02; |
| 555 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 556 | ace->sid.identifier_authority.value[0] = 0; |
| 557 | ace->sid.identifier_authority.value[1] = 0; |
| 558 | ace->sid.identifier_authority.value[2] = 0; |
| 559 | ace->sid.identifier_authority.value[3] = 0; |
| 560 | ace->sid.identifier_authority.value[4] = 0; |
| 561 | ace->sid.identifier_authority.value[5] = 5; |
| 562 | sub_authorities = ace->sid.sub_authority; |
| 563 | *sub_authorities++ = |
| 564 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 565 | *sub_authorities = const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 566 | |
| 567 | //ace2 |
| 568 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 569 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 570 | ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | |
| 571 | INHERIT_ONLY_ACE; |
| 572 | ace->size = const_cpu_to_le16(0x18); |
| 573 | ace->mask = GENERIC_ALL; |
| 574 | ace->sid.revision = SID_REVISION; |
| 575 | ace->sid.sub_authority_count = 0x02; |
| 576 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 577 | ace->sid.identifier_authority.value[0] = 0; |
| 578 | ace->sid.identifier_authority.value[1] = 0; |
| 579 | ace->sid.identifier_authority.value[2] = 0; |
| 580 | ace->sid.identifier_authority.value[3] = 0; |
| 581 | ace->sid.identifier_authority.value[4] = 0; |
| 582 | ace->sid.identifier_authority.value[5] = 5; |
| 583 | sub_authorities = ace->sid.sub_authority; |
| 584 | *sub_authorities++ = |
| 585 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 586 | *sub_authorities = const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 587 | |
| 588 | //ace3 |
| 589 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 590 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 591 | ace->flags = 0; |
| 592 | ace->size = const_cpu_to_le16(0x14); |
| 593 | ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | |
| 594 | FILE_LIST_DIRECTORY | FILE_WRITE_DATA | |
| 595 | FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | |
| 596 | FILE_TRAVERSE | FILE_DELETE_CHILD | |
| 597 | FILE_READ_ATTRIBUTES; |
| 598 | ace->sid.revision = SID_REVISION; |
| 599 | ace->sid.sub_authority_count = 0x01; |
| 600 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 601 | ace->sid.identifier_authority.value[0] = 0; |
| 602 | ace->sid.identifier_authority.value[1] = 0; |
| 603 | ace->sid.identifier_authority.value[2] = 0; |
| 604 | ace->sid.identifier_authority.value[3] = 0; |
| 605 | ace->sid.identifier_authority.value[4] = 0; |
| 606 | ace->sid.identifier_authority.value[5] = 5; |
| 607 | ace->sid.sub_authority[0] = |
| 608 | const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 609 | |
| 610 | //ace4 |
| 611 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 612 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 613 | ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | |
| 614 | INHERIT_ONLY_ACE; |
| 615 | ace->size = const_cpu_to_le16(0x14); |
| 616 | ace->mask = GENERIC_ALL; |
| 617 | ace->sid.revision = SID_REVISION; |
| 618 | ace->sid.sub_authority_count = 0x01; |
| 619 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 620 | ace->sid.identifier_authority.value[0] = 0; |
| 621 | ace->sid.identifier_authority.value[1] = 0; |
| 622 | ace->sid.identifier_authority.value[2] = 0; |
| 623 | ace->sid.identifier_authority.value[3] = 0; |
| 624 | ace->sid.identifier_authority.value[4] = 0; |
| 625 | ace->sid.identifier_authority.value[5] = 5; |
| 626 | ace->sid.sub_authority[0] = |
| 627 | const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 628 | |
| 629 | //ace5 |
| 630 | ace = (ACCESS_ALLOWED_ACE*)((char*)ace + le16_to_cpu(ace->size)); |
| 631 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 632 | ace->flags = 0; |
| 633 | ace->size = const_cpu_to_le16(0x14); |
| 634 | ace->mask = SYNCHRONIZE | READ_CONTROL | DELETE | |
| 635 | FILE_WRITE_ATTRIBUTES | FILE_READ_ATTRIBUTES | |
| 636 | FILE_TRAVERSE | FILE_WRITE_EA | FILE_READ_EA | |
| 637 | FILE_ADD_SUBDIRECTORY | FILE_ADD_FILE | |
| 638 | FILE_LIST_DIRECTORY; |
| 639 | ace->sid.revision = SID_REVISION; |
| 640 | ace->sid.sub_authority_count = 0x01; |
| 641 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 642 | ace->sid.identifier_authority.value[0] = 0; |
| 643 | ace->sid.identifier_authority.value[1] = 0; |
| 644 | ace->sid.identifier_authority.value[2] = 0; |
| 645 | ace->sid.identifier_authority.value[3] = 0; |
| 646 | ace->sid.identifier_authority.value[4] = 0; |
| 647 | ace->sid.identifier_authority.value[5] = 5; |
| 648 | ace->sid.sub_authority[0] = |
| 649 | const_cpu_to_le32(SECURITY_AUTHENTICATED_USER_RID); |
| 650 | |
| 651 | //ace6 |
| 652 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 653 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 654 | ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | |
| 655 | INHERIT_ONLY_ACE; |
| 656 | ace->size = const_cpu_to_le16(0x14); |
| 657 | ace->mask = GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | DELETE; |
| 658 | ace->sid.revision = SID_REVISION; |
| 659 | ace->sid.sub_authority_count = 0x01; |
| 660 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 661 | ace->sid.identifier_authority.value[0] = 0; |
| 662 | ace->sid.identifier_authority.value[1] = 0; |
| 663 | ace->sid.identifier_authority.value[2] = 0; |
| 664 | ace->sid.identifier_authority.value[3] = 0; |
| 665 | ace->sid.identifier_authority.value[4] = 0; |
| 666 | ace->sid.identifier_authority.value[5] = 5; |
| 667 | ace->sid.sub_authority[0] = |
| 668 | const_cpu_to_le32(SECURITY_AUTHENTICATED_USER_RID); |
| 669 | |
| 670 | //ace7 |
| 671 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 672 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 673 | ace->flags = 0; |
| 674 | ace->size = const_cpu_to_le16(0x18); |
| 675 | ace->mask = SYNCHRONIZE | READ_CONTROL | FILE_READ_ATTRIBUTES | |
| 676 | FILE_TRAVERSE | FILE_READ_EA | FILE_LIST_DIRECTORY; |
| 677 | ace->sid.revision = SID_REVISION; |
| 678 | ace->sid.sub_authority_count = 0x02; |
| 679 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 680 | ace->sid.identifier_authority.value[0] = 0; |
| 681 | ace->sid.identifier_authority.value[1] = 0; |
| 682 | ace->sid.identifier_authority.value[2] = 0; |
| 683 | ace->sid.identifier_authority.value[3] = 0; |
| 684 | ace->sid.identifier_authority.value[4] = 0; |
| 685 | ace->sid.identifier_authority.value[5] = 5; |
| 686 | sub_authorities = ace->sid.sub_authority; |
| 687 | *sub_authorities++ = |
| 688 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 689 | *sub_authorities = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); |
| 690 | |
| 691 | //ace8 |
| 692 | ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); |
| 693 | ace->type = ACCESS_ALLOWED_ACE_TYPE; |
| 694 | ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | |
| 695 | INHERIT_ONLY_ACE; |
| 696 | ace->size = const_cpu_to_le16(0x18); |
| 697 | ace->mask = GENERIC_READ | GENERIC_EXECUTE; |
| 698 | ace->sid.revision = SID_REVISION; |
| 699 | ace->sid.sub_authority_count = 0x02; |
| 700 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 701 | ace->sid.identifier_authority.value[0] = 0; |
| 702 | ace->sid.identifier_authority.value[1] = 0; |
| 703 | ace->sid.identifier_authority.value[2] = 0; |
| 704 | ace->sid.identifier_authority.value[3] = 0; |
| 705 | ace->sid.identifier_authority.value[4] = 0; |
| 706 | ace->sid.identifier_authority.value[5] = 5; |
| 707 | sub_authorities = ace->sid.sub_authority; |
| 708 | *sub_authorities++ = |
| 709 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 710 | *sub_authorities = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); |
| 711 | |
| 712 | //owner sid |
| 713 | sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); |
| 714 | sid->revision = 0x01; |
| 715 | sid->sub_authority_count = 0x01; |
| 716 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 717 | sid->identifier_authority.value[0] = 0; |
| 718 | sid->identifier_authority.value[1] = 0; |
| 719 | sid->identifier_authority.value[2] = 0; |
| 720 | sid->identifier_authority.value[3] = 0; |
| 721 | sid->identifier_authority.value[4] = 0; |
| 722 | sid->identifier_authority.value[5] = 5; |
| 723 | sid->sub_authority[0] = const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 724 | |
| 725 | //group sid |
| 726 | sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); |
| 727 | sid->revision = 0x01; |
| 728 | sid->sub_authority_count = 0x01; |
| 729 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 730 | sid->identifier_authority.value[0] = 0; |
| 731 | sid->identifier_authority.value[1] = 0; |
| 732 | sid->identifier_authority.value[2] = 0; |
| 733 | sid->identifier_authority.value[3] = 0; |
| 734 | sid->identifier_authority.value[4] = 0; |
| 735 | sid->identifier_authority.value[5] = 5; |
| 736 | sid->sub_authority[0] = const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 737 | } |
| 738 | |
| 739 | /** |
| 740 | * init_secure_sds - |
| 741 | * |
| 742 | * NTFS 3.1 - System files security decriptors |
| 743 | * =========================================== |
| 744 | * Create the security descriptor entries in $SDS data stream like they |
| 745 | * are in a partition, newly formatted with windows 2003 |
| 746 | */ |
| 747 | void init_secure_sds(char *sd_val) |
| 748 | { |
| 749 | SECURITY_DESCRIPTOR_HEADER *sds; |
| 750 | SECURITY_DESCRIPTOR_RELATIVE *sd; |
| 751 | ACL *acl; |
| 752 | ACCESS_ALLOWED_ACE *ace; |
| 753 | SID *sid; |
| 754 | |
| 755 | /* |
| 756 | * security descriptor #1 |
| 757 | */ |
| 758 | //header |
| 759 | sds = (SECURITY_DESCRIPTOR_HEADER*)((char*)sd_val); |
| 760 | sds->hash = const_cpu_to_le32(0xF80312F0); |
| 761 | sds->security_id = const_cpu_to_le32(0x0100); |
| 762 | sds->offset = const_cpu_to_le64(0x00); |
| 763 | sds->length = const_cpu_to_le32(0x7C); |
| 764 | //security descriptor relative |
| 765 | sd = (SECURITY_DESCRIPTOR_RELATIVE*)((char*)sds + |
| 766 | sizeof(SECURITY_DESCRIPTOR_HEADER)); |
| 767 | sd->revision = 0x01; |
| 768 | sd->alignment = 0x00; |
| 769 | sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; |
| 770 | sd->owner = const_cpu_to_le32(0x48); |
| 771 | sd->group = const_cpu_to_le32(0x58); |
| 772 | sd->sacl = const_cpu_to_le32(0x00); |
| 773 | sd->dacl = const_cpu_to_le32(0x14); |
| 774 | |
| 775 | //acl |
| 776 | acl = (ACL*)((char*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); |
| 777 | acl->revision = 0x02; |
| 778 | acl->alignment1 = 0x00; |
| 779 | acl->size = const_cpu_to_le16(0x34); |
| 780 | acl->ace_count = const_cpu_to_le16(0x02); |
| 781 | acl->alignment2 = 0x00; |
| 782 | |
| 783 | //ace1 |
| 784 | ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); |
| 785 | ace->type = 0x00; |
| 786 | ace->flags = 0x00; |
| 787 | ace->size = const_cpu_to_le16(0x14); |
| 788 | ace->mask = const_cpu_to_le32(0x120089); |
| 789 | ace->sid.revision = 0x01; |
| 790 | ace->sid.sub_authority_count = 0x01; |
| 791 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 792 | ace->sid.identifier_authority.value[0] = 0; |
| 793 | ace->sid.identifier_authority.value[1] = 0; |
| 794 | ace->sid.identifier_authority.value[2] = 0; |
| 795 | ace->sid.identifier_authority.value[3] = 0; |
| 796 | ace->sid.identifier_authority.value[4] = 0; |
| 797 | ace->sid.identifier_authority.value[5] = 5; |
| 798 | ace->sid.sub_authority[0] = |
| 799 | const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 800 | //ace2 |
| 801 | ace = (ACCESS_ALLOWED_ACE*)((char*)ace + le16_to_cpu(ace->size)); |
| 802 | ace->type = 0x00; |
| 803 | ace->flags = 0x00; |
| 804 | ace->size = const_cpu_to_le16(0x18); |
| 805 | ace->mask = const_cpu_to_le32(0x120089); |
| 806 | ace->sid.revision = 0x01; |
| 807 | ace->sid.sub_authority_count = 0x02; |
| 808 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 809 | ace->sid.identifier_authority.value[0] = 0; |
| 810 | ace->sid.identifier_authority.value[1] = 0; |
| 811 | ace->sid.identifier_authority.value[2] = 0; |
| 812 | ace->sid.identifier_authority.value[3] = 0; |
| 813 | ace->sid.identifier_authority.value[4] = 0; |
| 814 | ace->sid.identifier_authority.value[5] = 5; |
| 815 | ace->sid.sub_authority[0] = |
| 816 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 817 | ace->sid.sub_authority[1] = |
| 818 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 819 | |
| 820 | //owner sid |
| 821 | sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); |
| 822 | sid->revision = 0x01; |
| 823 | sid->sub_authority_count = 0x02; |
| 824 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 825 | sid->identifier_authority.value[0] = 0; |
| 826 | sid->identifier_authority.value[1] = 0; |
| 827 | sid->identifier_authority.value[2] = 0; |
| 828 | sid->identifier_authority.value[3] = 0; |
| 829 | sid->identifier_authority.value[4] = 0; |
| 830 | sid->identifier_authority.value[5] = 5; |
| 831 | sid->sub_authority[0] = |
| 832 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 833 | sid->sub_authority[1] = |
| 834 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 835 | //group sid |
| 836 | sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); |
| 837 | sid->revision = 0x01; |
| 838 | sid->sub_authority_count = 0x02; |
| 839 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 840 | sid->identifier_authority.value[0] = 0; |
| 841 | sid->identifier_authority.value[1] = 0; |
| 842 | sid->identifier_authority.value[2] = 0; |
| 843 | sid->identifier_authority.value[3] = 0; |
| 844 | sid->identifier_authority.value[4] = 0; |
| 845 | sid->identifier_authority.value[5] = 5; |
| 846 | sid->sub_authority[0] = |
| 847 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 848 | sid->sub_authority[1] = |
| 849 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 850 | /* |
| 851 | * security descriptor #2 |
| 852 | */ |
| 853 | //header |
| 854 | sds = (SECURITY_DESCRIPTOR_HEADER*)((char*)sd_val + 0x80); |
| 855 | sds->hash = const_cpu_to_le32(0xB32451); |
| 856 | sds->security_id = const_cpu_to_le32(0x0101); |
| 857 | sds->offset = const_cpu_to_le64(0x80); |
| 858 | sds->length = const_cpu_to_le32(0x7C); |
| 859 | |
| 860 | //security descriptor relative |
| 861 | sd = (SECURITY_DESCRIPTOR_RELATIVE*)((char*)sds + |
| 862 | sizeof(SECURITY_DESCRIPTOR_HEADER)); |
| 863 | sd->revision = 0x01; |
| 864 | sd->alignment = 0x00; |
| 865 | sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; |
| 866 | sd->owner = const_cpu_to_le32(0x48); |
| 867 | sd->group = const_cpu_to_le32(0x58); |
| 868 | sd->sacl = const_cpu_to_le32(0x00); |
| 869 | sd->dacl = const_cpu_to_le32(0x14); |
| 870 | |
| 871 | //acl |
| 872 | acl = (ACL*)((char*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); |
| 873 | acl->revision = 0x02; |
| 874 | acl->alignment1 = 0x00; |
| 875 | acl->size = const_cpu_to_le16(0x34); |
| 876 | acl->ace_count = const_cpu_to_le16(0x02); |
| 877 | acl->alignment2 = 0x00; |
| 878 | |
| 879 | //ace1 |
| 880 | ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); |
| 881 | ace->type = 0x00; |
| 882 | ace->flags = 0x00; |
| 883 | ace->size = const_cpu_to_le16(0x14); |
| 884 | ace->mask = const_cpu_to_le32(0x12019F); |
| 885 | ace->sid.revision = 0x01; |
| 886 | ace->sid.sub_authority_count = 0x01; |
| 887 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 888 | ace->sid.identifier_authority.value[0] = 0; |
| 889 | ace->sid.identifier_authority.value[1] = 0; |
| 890 | ace->sid.identifier_authority.value[2] = 0; |
| 891 | ace->sid.identifier_authority.value[3] = 0; |
| 892 | ace->sid.identifier_authority.value[4] = 0; |
| 893 | ace->sid.identifier_authority.value[5] = 5; |
| 894 | ace->sid.sub_authority[0] = |
| 895 | const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); |
| 896 | //ace2 |
| 897 | ace = (ACCESS_ALLOWED_ACE*)((char*)ace + le16_to_cpu(ace->size)); |
| 898 | ace->type = 0x00; |
| 899 | ace->flags = 0x00; |
| 900 | ace->size = const_cpu_to_le16(0x18); |
| 901 | ace->mask = const_cpu_to_le32(0x12019F); |
| 902 | ace->sid.revision = 0x01; |
| 903 | ace->sid.sub_authority_count = 0x02; |
| 904 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 905 | ace->sid.identifier_authority.value[0] = 0; |
| 906 | ace->sid.identifier_authority.value[1] = 0; |
| 907 | ace->sid.identifier_authority.value[2] = 0; |
| 908 | ace->sid.identifier_authority.value[3] = 0; |
| 909 | ace->sid.identifier_authority.value[4] = 0; |
| 910 | ace->sid.identifier_authority.value[5] = 5; |
| 911 | ace->sid.sub_authority[0] = |
| 912 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 913 | ace->sid.sub_authority[1] = |
| 914 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 915 | |
| 916 | //owner sid |
| 917 | sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); |
| 918 | sid->revision = 0x01; |
| 919 | sid->sub_authority_count = 0x02; |
| 920 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 921 | sid->identifier_authority.value[0] = 0; |
| 922 | sid->identifier_authority.value[1] = 0; |
| 923 | sid->identifier_authority.value[2] = 0; |
| 924 | sid->identifier_authority.value[3] = 0; |
| 925 | sid->identifier_authority.value[4] = 0; |
| 926 | sid->identifier_authority.value[5] = 5; |
| 927 | sid->sub_authority[0] = |
| 928 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 929 | sid->sub_authority[1] = |
| 930 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 931 | |
| 932 | //group sid |
| 933 | sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); |
| 934 | sid->revision = 0x01; |
| 935 | sid->sub_authority_count = 0x02; |
| 936 | /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ |
| 937 | sid->identifier_authority.value[0] = 0; |
| 938 | sid->identifier_authority.value[1] = 0; |
| 939 | sid->identifier_authority.value[2] = 0; |
| 940 | sid->identifier_authority.value[3] = 0; |
| 941 | sid->identifier_authority.value[4] = 0; |
| 942 | sid->identifier_authority.value[5] = 5; |
| 943 | sid->sub_authority[0] = |
| 944 | const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); |
| 945 | sid->sub_authority[1] = |
| 946 | const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); |
| 947 | |
| 948 | return; |
| 949 | } |
| 950 |