Revert "try fix start ti process on Windows11 22623.1250"

This reverts commit 306f50f.

Author: fcharlie

lib/exec/elevator.cc

@@ -100,11 +100,11 @@ inline auto IsSystemProcessName(std::wstring_view name) {
 }
 
 constexpr DWORD INVALID_PROCESS_ID = 0xFFFFFFFF;
-bool SearchSystemProcess(std::vector<DWORD> &pss) {
+DWORD LookupSystemProcess() {
   PWTS_PROCESS_INFOW pi{nullptr};
   DWORD count{0};
   if (::WTSEnumerateProcessesW(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pi, &count) != TRUE) {
-    return false;
+    return INVALID_PROCESS_ID;
   }
   auto closer = bela::finally([&] {
     if (pi != nullptr) {
@@ -115,10 +115,10 @@ bool SearchSystemProcess(std::vector<DWORD> &pss) {
   for (auto it = pi; it != end; it++) {
     if (it->SessionId == 0 && IsSystemProcessName(it->pProcessName) &&
         IsWellKnownSid(it->pUserSid, WinLocalSystemSid) == TRUE) {
-      pss.emplace_back(it->ProcessId);
+      return it->ProcessId;
     }
   }
-  return !pss.empty();
+  return INVALID_PROCESS_ID;
 }
 
 // Get Current Process SessionID and Enable SeDebugPrivilege
@@ -214,24 +214,24 @@ bool privileges_view_enabled(HANDLE hToken, const privilege_entries *pv) {
   return true;
 }
 
-bool Elavator::impersonation_system_token(DWORD systemProcessId, bela::error_code &ec) {
+bool Elavator::impersonation_system_token(bela::error_code &ec) {
   HANDLE hExistingToken = INVALID_HANDLE_VALUE;
   auto hProcess = ::OpenProcess(MAXIMUM_ALLOWED, FALSE, systemProcessId);
   if (hProcess == INVALID_HANDLE_VALUE) {
     ec = bela::make_system_error_code(
-        bela::StringCat(L"impersonation_system_token<OpenProcess> ", systemProcessId, L" "));
+        bela::StringCat(L"Elavator::impersonation_system_token<OpenProcess> ", systemProcessId, L" "));
     return false;
   }
   auto hpdeleter = bela::finally([&] { CloseHandle(hProcess); });
   if (OpenProcessToken(hProcess, MAXIMUM_ALLOWED, &hExistingToken) != TRUE) {
     ec = bela::make_system_error_code(
-        bela::StringCat(L"impersonation_system_token<OpenProcessToken> ", systemProcessId, L" "));
+        bela::StringCat(L"Elavator::impersonation_system_token<OpenProcessToken> ", systemProcessId, L" "));
     return false;
   }
   auto htdeleter = bela::finally([&] { CloseHandle(hExistingToken); });
   if (DuplicateTokenEx(hExistingToken, MAXIMUM_ALLOWED, nullptr, SecurityImpersonation, TokenImpersonation, &hToken) !=
       TRUE) {
-    ec = bela::make_system_error_code(L"impersonation_system_token<DuplicateTokenEx> ");
+    ec = bela::make_system_error_code(L"Elavator::impersonation_system_token<DuplicateTokenEx> ");
     return false;
   }
   return true;
@@ -242,31 +242,20 @@ bool Elavator::ImpersonationSystemPrivilege(const privilege_entries *pv, bela::e
   if (!EnableSeDebugPrivilege(currentSessionId, ec)) {
     return false;
   }
-  if (!SearchSystemProcess(systemProcesses)) {
-    ec = bela::make_error_code(1, L"ImpersonationSystemPrivilege search system process error");
+  if (systemProcessId = LookupSystemProcess(); systemProcessId == INVALID_PROCESS_ID) {
+    ec = bela::make_error_code(1, L"Elevator::ImpersonationSystemPrivilege unable lookup system process pid");
     return false;
   }
-
-  auto impersonation_system_token_all = [&]() -> bool {
-    for (auto pid : systemProcesses) {
-      if (impersonation_system_token(pid, ec)) {
-        return true;
-      }
-    }
-    return false;
-  };
-
-  if (!impersonation_system_token_all()) {
+  if (!impersonation_system_token(ec)) {
     return false;
   }
-
   if (!privileges_view_enabled(hToken, pv)) {
-    ec = bela::make_error_code(1, L"ImpersonationSystemPrivilegeunable enable privileges: ",
+    ec = bela::make_error_code(1, L"Elevator::ImpersonationSystemPrivilege unable enable privileges: ",
                                pv == nullptr ? L"all" : pv->format());
     return false;
   }
   if (SetThreadToken(nullptr, hToken) != TRUE) {
-    ec = bela::make_error_code(1, L"ImpersonationSystemPrivilege<SetThreadToken> ");
+    ec = bela::make_error_code(1, L"Elevator::ImpersonationSystemPrivilege<SetThreadToken> ");
     return false;
   }
   return true;

lib/exec/execinternal.hpp

@@ -44,17 +44,18 @@ class Elavator {
   Elavator(const Elavator &) = delete;
   Elavator &operator=(const Elavator &) = delete;
   ~Elavator() { FreeToken(hToken); }
+  // System Process PID
+  DWORD SystemPID() const { return systemProcessId; }
   // Session ID
   DWORD SessionID() const { return currentSessionId; }
-  const auto &SystemProcesses() const { return systemProcesses; }
   bool ImpersonationSystemPrivilege(const privilege_entries *pv, bela::error_code &ec);
 
 private:
-  bool impersonation_system_token(DWORD systemProcessId, bela::error_code &ec);
+  bool impersonation_system_token(bela::error_code &ec);
   HANDLE hToken{nullptr};
   DWORD currentSessionId{0};
-  // system process list
-  std::vector<DWORD> systemProcesses;
+  // system process id
+  DWORD systemProcessId{0};
 };
 bool execute_basic(command &cmd, bela::error_code &ec);
 bool execute_with_ti(command &cmd, bela::error_code &ec);

lib/exec/system.cc

@@ -122,26 +122,16 @@ bool execute_with_system(command &cmd, bela::error_code &ec) {
     FreeToken(hToken);
     FreeToken(hPrimary);
   });
-
-  auto impersonation_system_token_all = [&]() -> bool {
-    for (auto pid : eo.SystemProcesses()) {
-      if ((hProcess = OpenProcess(MAXIMUM_ALLOWED, FALSE, pid)) == nullptr) {
-        ec = bela::make_system_error_code(L"execute_with_system<OpenProcess> ");
-        continue;
-      }
-      if (OpenProcessToken(hProcess, MAXIMUM_ALLOWED, &hToken) != TRUE) {
-        ec = bela::make_system_error_code(L"execute_with_system<OpenProcessToken> ");
-        continue;
-      }
-      if (DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS, nullptr, SecurityImpersonation, TokenPrimary, &hPrimary) != TRUE) {
-        ec = bela::make_system_error_code(L"execute_with_system<DuplicateTokenEx> ");
-        continue;
-      }
-      return true;
-    }
+  if ((hProcess = OpenProcess(MAXIMUM_ALLOWED, FALSE, eo.SystemPID())) == nullptr) {
+    ec = bela::make_system_error_code(L"execute_with_system<OpenProcess> ");
+    return false;
+  }
+  if (OpenProcessToken(hProcess, MAXIMUM_ALLOWED, &hToken) != TRUE) {
+    ec = bela::make_system_error_code(L"execute_with_system<OpenProcessToken> ");
     return false;
-  };
-  if (!impersonation_system_token_all()) {
+  }
+  if (DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS, nullptr, SecurityImpersonation, TokenPrimary, &hPrimary) != TRUE) {
+    ec = bela::make_system_error_code(L"execute_with_system<DuplicateTokenEx> ");
     return false;
   }
   auto session = eo.SessionID();