https://git.reactos.org/?p=reactos.git;a=commitdiff;h=5b5b814af8a9c5e5e7a54… commit 5b5b814af8a9c5e5e7a54b7a05baaf38bf8bb06f Author: George Bișoc <george.bisoc(a)reactos.org> AuthorDate: Sat Mar 13 20:32:18 2021 +0100 Commit: Victor Perevertkin <victor(a)perevertkin.ru> CommitDate: Thu Mar 25 02:30:46 2021 +0300 [NTOS:SE] Create the anonymous logon tokens on Security initialisation phase --- ntoskrnl/include/internal/se.h | 4 ++++ ntoskrnl/se/semgr.c | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/ntoskrnl/include/internal/se.h b/ntoskrnl/include/internal/se.h index 8f73dce719c..ed5989c7054 100644 --- a/ntoskrnl/include/internal/se.h +++ b/ntoskrnl/include/internal/se.h @@ -198,6 +198,10 @@ extern PSECURITY_DESCRIPTOR SeSystemDefaultSd; extern PSECURITY_DESCRIPTOR SeUnrestrictedSd; extern PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd; +/* Anonymous Logon Tokens */ +extern PTOKEN SeAnonymousLogonToken; +extern PTOKEN SeAnonymousLogonTokenNoEveryone; + #define SepAcquireTokenLockExclusive(Token) \ { \ diff --git a/ntoskrnl/se/semgr.c b/ntoskrnl/se/semgr.c index 56b9d5093be..4e217c8a982 100644 --- a/ntoskrnl/se/semgr.c +++ b/ntoskrnl/se/semgr.c @@ -15,6 +15,8 @@ /* GLOBALS ********************************************************************/ +PTOKEN SeAnonymousLogonToken = NULL; +PTOKEN SeAnonymousLogonTokenNoEveryone = NULL; PSE_EXPORTS SeExports = NULL; SE_EXPORTS SepExports; ULONG SidInTokenCalls = 0; @@ -122,6 +124,16 @@ SepInitializationPhase0(VOID) ObInitializeFastReference(&PsGetCurrentProcess()->Token, NULL); ObInitializeFastReference(&PsGetCurrentProcess()->Token, SepCreateSystemProcessToken()); + + /* Initialise the anonymous logon tokens */ + SeAnonymousLogonToken = SepCreateSystemAnonymousLogonToken(); + if (!SeAnonymousLogonToken) + return FALSE; + + SeAnonymousLogonTokenNoEveryone = SepCreateSystemAnonymousLogonTokenNoEveryone(); + if (!SeAnonymousLogonTokenNoEveryone) + return FALSE; + return TRUE; }