Convert kernel handle 'PACCESS_TOKEN' into user-mode HANDLE hToken

NTFSD
1

Hello,

I had research in google about how convert a kernel handle ‘PACCESS_TOKEN’ into user-mode HANDLE hToken, I did not find anything
How do i do ?

i developpe a virtual disk file system and i want check security ACL access in IRP_MJ_CREATE

In kernel mode :
I capture PACCESS_TOKEN in SECURITY_SUBJECT_CONTEXT::client token from _IO_STACK_LOCATION::Create::SecurityContext::AccessState::SubjectSecurityContext::ClientToken;

In user mode hToken :
HANDLE hImpersonatedToken = NULL;
if (::DuplicateToken(hToken, SecurityImpersonation, &hImpersonatedToken))
{


mapping.GenericRead = FILE_GENERIC_READ;
mapping.GenericWrite = FILE_GENERIC_WRITE;
mapping.GenericExecute = FILE_GENERIC_EXECUTE;
mapping.GenericAll = FILE_ALL_ACCESS;

		::MapGenericMask(&genericAccessRights, &mapping);

		if (::AccessCheck(pFileSD, hImpersonatedToken, genericAccessRights, &mapping, &privileges, &privilegesLength, &grantedAccess, &result))
		{
			bRet = (result == TRUE);
		}
		::CloseHandle(hImpersonatedToken);
}

Thank.