2006-05-10 17:47:44 +00:00
|
|
|
/*++ NDK Version: 0098
|
2005-11-22 04:57:45 +00:00
|
|
|
|
|
|
|
|
Copyright (c) Alex Ionescu. All rights reserved.
|
|
|
|
|
|
|
|
|
|
Header Name:
|
|
|
|
|
|
|
|
|
|
setypes.h
|
|
|
|
|
|
|
|
|
|
Abstract:
|
|
|
|
|
|
|
|
|
|
Type definitions for the security manager.
|
|
|
|
|
|
|
|
|
|
Author:
|
|
|
|
|
|
2006-05-10 17:47:44 +00:00
|
|
|
Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
|
2005-11-22 04:57:45 +00:00
|
|
|
|
|
|
|
|
--*/
|
|
|
|
|
|
2005-06-18 23:33:40 +00:00
|
|
|
#ifndef _SETYPES_H
|
|
|
|
|
#define _SETYPES_H
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Dependencies
|
|
|
|
|
//
|
2005-11-25 00:17:40 +00:00
|
|
|
#include <umtypes.h>
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2006-08-29 15:22:53 +00:00
|
|
|
//
|
|
|
|
|
// Well Known SIDs
|
|
|
|
|
//
|
|
|
|
|
#define SECURITY_INTERNETSITE_AUTHORITY {0,0,0,0,0,7}
|
2005-11-28 21:40:21 +00:00
|
|
|
|
2006-08-29 15:22:53 +00:00
|
|
|
#ifdef NTOS_MODE_USER
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Privilege constants
|
|
|
|
|
//
|
2005-09-04 18:00:59 +00:00
|
|
|
#define SE_MIN_WELL_KNOWN_PRIVILEGE (2L)
|
|
|
|
|
#define SE_CREATE_TOKEN_PRIVILEGE (2L)
|
|
|
|
|
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
|
|
|
|
|
#define SE_LOCK_MEMORY_PRIVILEGE (4L)
|
|
|
|
|
#define SE_INCREASE_QUOTA_PRIVILEGE (5L)
|
|
|
|
|
#define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
|
|
|
|
|
#define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
|
|
|
|
|
#define SE_TCB_PRIVILEGE (7L)
|
|
|
|
|
#define SE_SECURITY_PRIVILEGE (8L)
|
|
|
|
|
#define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
|
|
|
|
|
#define SE_LOAD_DRIVER_PRIVILEGE (10L)
|
|
|
|
|
#define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
|
|
|
|
|
#define SE_SYSTEMTIME_PRIVILEGE (12L)
|
|
|
|
|
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
|
|
|
|
|
#define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
|
|
|
|
|
#define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
|
|
|
|
|
#define SE_CREATE_PERMANENT_PRIVILEGE (16L)
|
|
|
|
|
#define SE_BACKUP_PRIVILEGE (17L)
|
|
|
|
|
#define SE_RESTORE_PRIVILEGE (18L)
|
|
|
|
|
#define SE_SHUTDOWN_PRIVILEGE (19L)
|
|
|
|
|
#define SE_DEBUG_PRIVILEGE (20L)
|
|
|
|
|
#define SE_AUDIT_PRIVILEGE (21L)
|
|
|
|
|
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
|
|
|
|
|
#define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
|
|
|
|
|
#define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
|
2008-11-10 14:23:57 +00:00
|
|
|
#define SE_UNDOCK_PRIVILEGE (25L)
|
|
|
|
|
#define SE_SYNC_AGENT_PRIVILEGE (26L)
|
|
|
|
|
#define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
|
|
|
|
|
#define SE_MANAGE_VOLUME_PRIVILEGE (28L)
|
|
|
|
|
#define SE_IMPERSONATE_PRIVILEGE (29L)
|
|
|
|
|
#define SE_CREATE_GLOBAL_PRIVILEGE (30L)
|
|
|
|
|
#define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
|
2006-09-07 21:36:15 +00:00
|
|
|
|
2013-01-19 21:49:12 +00:00
|
|
|
typedef struct _TOKEN_MANDATORY_POLICY {
|
|
|
|
|
ULONG Policy;
|
|
|
|
|
} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
|
|
|
|
|
|
|
|
|
|
typedef struct _TOKEN_ACCESS_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
struct _SID_AND_ATTRIBUTES_HASH *SidHash;
|
|
|
|
|
struct _SID_AND_ATTRIBUTES_HASH *RestrictedSidHash;
|
|
|
|
|
struct _TOKEN_PRIVILEGES *Privileges;
|
|
|
|
|
LUID AuthenticationId;
|
|
|
|
|
TOKEN_TYPE TokenType;
|
|
|
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
|
|
|
|
TOKEN_MANDATORY_POLICY MandatoryPolicy;
|
|
|
|
|
ULONG Flags;
|
|
|
|
|
} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
|
|
|
|
|
|
2005-11-28 21:40:21 +00:00
|
|
|
#else
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2006-09-07 21:36:15 +00:00
|
|
|
//
|
|
|
|
|
// User and Group-related SID Attributes
|
|
|
|
|
//
|
|
|
|
|
#define SE_GROUP_MANDATORY 0x00000001
|
|
|
|
|
#define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002
|
|
|
|
|
#define SE_GROUP_ENABLED 0x00000004
|
|
|
|
|
#define SE_GROUP_OWNER 0x00000008
|
|
|
|
|
#define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010
|
|
|
|
|
#define SE_GROUP_INTEGRITY 0x00000020
|
|
|
|
|
#define SE_GROUP_INTEGRITY_ENABLED 0x00000040
|
|
|
|
|
#define SE_GROUP_RESOURCE 0x20000000
|
|
|
|
|
#define SE_GROUP_LOGON_ID 0xC0000000
|
|
|
|
|
|
|
|
|
|
#define SE_GROUP_VALID_ATTRIBUTES \
|
|
|
|
|
(SE_GROUP_MANDATORY | \
|
|
|
|
|
SE_GROUP_ENABLED_BY_DEFAULT | \
|
|
|
|
|
SE_GROUP_ENABLED | \
|
|
|
|
|
SE_GROUP_OWNER | \
|
|
|
|
|
SE_GROUP_USE_FOR_DENY_ONLY | \
|
|
|
|
|
SE_GROUP_LOGON_ID | \
|
|
|
|
|
SE_GROUP_RESOURCE | \
|
|
|
|
|
SE_GROUP_INTEGRITY | \
|
|
|
|
|
SE_GROUP_INTEGRITY_ENABLED)
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
2005-11-28 21:40:21 +00:00
|
|
|
// Audit and Policy Structures
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _SEP_AUDIT_POLICY_CATEGORIES
|
2005-06-18 23:33:40 +00:00
|
|
|
{
|
|
|
|
|
UCHAR System:4;
|
|
|
|
|
UCHAR Logon:4;
|
|
|
|
|
UCHAR ObjectAccess:4;
|
|
|
|
|
UCHAR PrivilegeUse:4;
|
|
|
|
|
UCHAR DetailedTracking:4;
|
|
|
|
|
UCHAR PolicyChange:4;
|
|
|
|
|
UCHAR AccountManagement:4;
|
|
|
|
|
UCHAR DirectoryServiceAccess:4;
|
|
|
|
|
UCHAR AccountLogon:4;
|
|
|
|
|
} SEP_AUDIT_POLICY_CATEGORIES, *PSEP_AUDIT_POLICY_CATEGORIES;
|
|
|
|
|
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _SEP_AUDIT_POLICY_OVERLAY
|
2005-06-18 23:33:40 +00:00
|
|
|
{
|
|
|
|
|
ULONGLONG PolicyBits:36;
|
2014-02-10 17:29:50 +00:00
|
|
|
ULONGLONG SetBit:1;
|
2005-06-18 23:33:40 +00:00
|
|
|
} SEP_AUDIT_POLICY_OVERLAY, *PSEP_AUDIT_POLICY_OVERLAY;
|
|
|
|
|
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _SEP_AUDIT_POLICY
|
2005-06-18 23:33:40 +00:00
|
|
|
{
|
2005-06-26 01:08:55 +00:00
|
|
|
union
|
2005-06-18 23:33:40 +00:00
|
|
|
{
|
|
|
|
|
SEP_AUDIT_POLICY_CATEGORIES PolicyElements;
|
|
|
|
|
SEP_AUDIT_POLICY_OVERLAY PolicyOverlay;
|
|
|
|
|
ULONGLONG Overlay;
|
|
|
|
|
};
|
|
|
|
|
} SEP_AUDIT_POLICY, *PSEP_AUDIT_POLICY;
|
2005-06-26 01:08:55 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
typedef struct _SE_AUDIT_PROCESS_CREATION_INFO
|
|
|
|
|
{
|
|
|
|
|
POBJECT_NAME_INFORMATION ImageFileName;
|
|
|
|
|
} SE_AUDIT_PROCESS_CREATION_INFO, *PSE_AUDIT_PROCESS_CREATION_INFO;
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// Token and auxiliary data
|
|
|
|
|
//
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _TOKEN
|
|
|
|
|
{
|
|
|
|
|
TOKEN_SOURCE TokenSource; /* 0x00 */
|
|
|
|
|
LUID TokenId; /* 0x10 */
|
|
|
|
|
LUID AuthenticationId; /* 0x18 */
|
|
|
|
|
LUID ParentTokenId; /* 0x20 */
|
|
|
|
|
LARGE_INTEGER ExpirationTime; /* 0x28 */
|
|
|
|
|
struct _ERESOURCE *TokenLock; /* 0x30 */
|
|
|
|
|
SEP_AUDIT_POLICY AuditPolicy; /* 0x38 */
|
|
|
|
|
LUID ModifiedId; /* 0x40 */
|
|
|
|
|
ULONG SessionId; /* 0x48 */
|
|
|
|
|
ULONG UserAndGroupCount; /* 0x4C */
|
|
|
|
|
ULONG RestrictedSidCount; /* 0x50 */
|
|
|
|
|
ULONG PrivilegeCount; /* 0x54 */
|
|
|
|
|
ULONG VariableLength; /* 0x58 */
|
|
|
|
|
ULONG DynamicCharged; /* 0x5C */
|
|
|
|
|
ULONG DynamicAvailable; /* 0x60 */
|
|
|
|
|
ULONG DefaultOwnerIndex; /* 0x64 */
|
|
|
|
|
PSID_AND_ATTRIBUTES UserAndGroups; /* 0x68 */
|
|
|
|
|
PSID_AND_ATTRIBUTES RestrictedSids; /* 0x6C */
|
|
|
|
|
PSID PrimaryGroup; /* 0x70 */
|
|
|
|
|
PLUID_AND_ATTRIBUTES Privileges; /* 0x74 */
|
|
|
|
|
PULONG DynamicPart; /* 0x78 */
|
|
|
|
|
PACL DefaultDacl; /* 0x7C */
|
|
|
|
|
TOKEN_TYPE TokenType; /* 0x80 */
|
|
|
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* 0x84 */
|
|
|
|
|
ULONG TokenFlags; /* 0x88 */
|
|
|
|
|
BOOLEAN TokenInUse; /* 0x8C */
|
|
|
|
|
PVOID ProxyData; /* 0x90 */
|
|
|
|
|
PVOID AuditData; /* 0x94 */
|
|
|
|
|
LUID OriginatingLogonSession; /* 0x98 */
|
|
|
|
|
ULONG VariablePart; /* 0xA0 */
|
2005-06-18 23:33:40 +00:00
|
|
|
} TOKEN, *PTOKEN;
|
|
|
|
|
|
2008-06-16 08:54:21 +00:00
|
|
|
typedef struct _AUX_ACCESS_DATA
|
2005-06-25 05:01:29 +00:00
|
|
|
{
|
|
|
|
|
PPRIVILEGE_SET PrivilegeSet;
|
|
|
|
|
GENERIC_MAPPING GenericMapping;
|
|
|
|
|
ULONG Reserved;
|
2008-06-16 08:54:21 +00:00
|
|
|
} AUX_ACCESS_DATA, *PAUX_ACCESS_DATA;
|
2005-06-25 18:08:47 +00:00
|
|
|
|
2006-09-07 21:36:15 +00:00
|
|
|
//
|
|
|
|
|
// External SRM Data
|
|
|
|
|
//
|
2011-09-23 11:24:15 +00:00
|
|
|
extern PACL NTSYSAPI SePublicDefaultDacl;
|
|
|
|
|
extern PACL NTSYSAPI SeSystemDefaultDacl;
|
2006-09-07 21:36:15 +00:00
|
|
|
|
2005-06-18 23:33:40 +00:00
|
|
|
#endif
|
2005-09-04 18:00:59 +00:00
|
|
|
#endif
|
