From dfe247c7ccb9b87b998aed9de19485f6f0efebc1 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Tue, 4 Jun 2019 15:56:15 +0200
Subject: tunnel: retain SeLoadDriverPrivilege

This is a big loss. We'll need to revisit this.
---
 services/tokens.go | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'services/tokens.go')

diff --git a/services/tokens.go b/services/tokens.go
index ae89a185..bca75475 100644
--- a/services/tokens.go
+++ b/services/tokens.go
@@ -29,11 +29,18 @@ func TokenIsMemberOfBuiltInAdministrator(token windows.Token) bool {
 	return isAdmin
 }
 
-func DropAllPrivileges() error {
+func DropAllPrivileges(retainDriverLoading bool) error {
 	processHandle, err := windows.GetCurrentProcess()
 	if err != nil {
 		return err
 	}
+	var luid windows.LUID
+	if retainDriverLoading {
+		err = windows.LookupPrivilegeValue(nil, windows.StringToUTF16Ptr("SeLoadDriverPrivilege"), &luid)
+		if err != nil {
+			return err
+		}
+	}
 	var processToken windows.Token
 	err = windows.OpenProcessToken(processHandle, windows.TOKEN_READ|windows.TOKEN_WRITE, &processToken)
 	if err != nil {
@@ -57,7 +64,11 @@ func DropAllPrivileges() error {
 	}
 	tokenPrivileges := (*windows.Tokenprivileges)(unsafe.Pointer(&buffer[0]))
 	for i := uint32(0); i < tokenPrivileges.PrivilegeCount; i++ {
-		(*windows.LUIDAndAttributes)(unsafe.Pointer(uintptr(unsafe.Pointer(&tokenPrivileges.Privileges[0])) + unsafe.Sizeof(tokenPrivileges.Privileges[0])*uintptr(i))).Attributes = windows.SE_PRIVILEGE_REMOVED
+		item := (*windows.LUIDAndAttributes)(unsafe.Pointer(uintptr(unsafe.Pointer(&tokenPrivileges.Privileges[0])) + unsafe.Sizeof(tokenPrivileges.Privileges[0])*uintptr(i)))
+		if retainDriverLoading && item.Luid == luid {
+			continue
+		}
+		item.Attributes = windows.SE_PRIVILEGE_REMOVED
 	}
 	err = windows.AdjustTokenPrivileges(processToken, false, tokenPrivileges, 0, nil, nil)
 	runtime.KeepAlive(buffer)
-- 
cgit v1.2.3-59-g8ed1b