mirror of
https://github.com/reactos/reactos.git
synced 2025-05-29 14:08:22 +00:00
[NTOS:SE] Declare function prototypes & add OBJECT_TYPE_LIST_INTERNAL
OBJECT_TYPE_LIST_INTERNAL will serve as an internal kernel data structure to hold validated object type contents that are copied from UM. The difference between the public and the internal one is that the internal structure has an additional member for access check rights that have been granted on each object element in the list.
This commit is contained in:
George Bișoc
unknown
parent
edcf3f5363
commit
5654ce7b9a
2 changed files with 35 additions and 5 deletions
|
|
@ -3,7 +3,7 @@
|
|||
* LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
|
||||
* PURPOSE: Internal header for the Security Manager
|
||||
* COPYRIGHT: Copyright Eric Kohl
|
||||
* Copyright 2022 George Bișoc <george.bisoc@reactos.org>
|
||||
* Copyright 2022-2023 George Bișoc <george.bisoc@reactos.org>
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
|
@ -45,6 +45,16 @@ typedef struct _ACCESS_CHECK_RIGHTS
|
|||
ACCESS_MASK DeniedAccessRights;
|
||||
} ACCESS_CHECK_RIGHTS, *PACCESS_CHECK_RIGHTS;
|
||||
|
||||
//
|
||||
// Internal object type list structure
|
||||
//
|
||||
typedef struct _OBJECT_TYPE_LIST_INTERNAL
|
||||
{
|
||||
GUID ObjectTypeGuid;
|
||||
USHORT Level;
|
||||
ACCESS_CHECK_RIGHTS ObjectAccessRights;
|
||||
} OBJECT_TYPE_LIST_INTERNAL, *POBJECT_TYPE_LIST_INTERNAL;
|
||||
|
||||
typedef enum _ACCESS_CHECK_RIGHT_TYPE
|
||||
{
|
||||
AccessCheckMaximum,
|
||||
|
|
@ -304,6 +314,14 @@ SepDumpTokenDebugInfo(
|
|||
VOID
|
||||
SepDumpAccessRightsStats(
|
||||
_In_ PACCESS_CHECK_RIGHTS AccessRights);
|
||||
|
||||
VOID
|
||||
SepDumpAccessAndStatusList(
|
||||
_In_ PACCESS_MASK GrantedAccessList,
|
||||
_In_ PNTSTATUS AccessStatusList,
|
||||
_In_ BOOLEAN IsResultList,
|
||||
_In_ POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
|
||||
_In_ ULONG ObjectTypeListLength);
|
||||
#endif // DBG
|
||||
|
||||
//
|
||||
|
|
@ -827,16 +845,28 @@ SepReleaseSecurityQualityOfService(
|
|||
//
|
||||
// Object type list functions
|
||||
//
|
||||
PGUID
|
||||
SepGetObjectTypeGuidFromAce(
|
||||
_In_ PACE Ace,
|
||||
_In_ BOOLEAN IsAceDenied);
|
||||
|
||||
BOOLEAN
|
||||
SepObjectTypeGuidInList(
|
||||
_In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
|
||||
_In_ ULONG ObjectTypeListLength,
|
||||
_In_ PGUID ObjectTypeGuid,
|
||||
_Out_ PULONG ObjectIndex);
|
||||
|
||||
NTSTATUS
|
||||
SeCaptureObjectTypeList(
|
||||
_In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
|
||||
_In_ ULONG ObjectTypeListLength,
|
||||
_In_ KPROCESSOR_MODE PreviousMode,
|
||||
_Out_ POBJECT_TYPE_LIST *CapturedObjectTypeList);
|
||||
_Out_ POBJECT_TYPE_LIST_INTERNAL *CapturedObjectTypeList);
|
||||
|
||||
VOID
|
||||
SeReleaseObjectTypeList(
|
||||
_In_ _Post_invalid_ POBJECT_TYPE_LIST CapturedObjectTypeList,
|
||||
_In_ _Post_invalid_ POBJECT_TYPE_LIST_INTERNAL CapturedObjectTypeList,
|
||||
_In_ KPROCESSOR_MODE PreviousMode);
|
||||
|
||||
//
|
||||
|
|
|
|||
|
|
@ -497,7 +497,7 @@ SepAccessCheckAndAuditAlarmWorker(
|
|||
_In_ ACCESS_MASK DesiredAccess,
|
||||
_In_ AUDIT_EVENT_TYPE AuditType,
|
||||
_In_ BOOLEAN HaveAuditPrivilege,
|
||||
_In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
|
||||
_In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
|
||||
_In_ ULONG ObjectTypeListLength,
|
||||
_In_ PGENERIC_MAPPING GenericMapping,
|
||||
_Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccessList,
|
||||
|
|
@ -641,7 +641,7 @@ SepAccessCheckAndAuditAlarm(
|
|||
ACCESS_MASK GrantedAccess, *SafeGrantedAccessList;
|
||||
NTSTATUS AccessStatus, *SafeAccessStatusList;
|
||||
PSID CapturedPrincipalSelfSid;
|
||||
POBJECT_TYPE_LIST CapturedObjectTypeList;
|
||||
POBJECT_TYPE_LIST_INTERNAL CapturedObjectTypeList;
|
||||
ULONG i;
|
||||
BOOLEAN LocalGenerateOnClose;
|
||||
NTSTATUS Status;
|
||||
|
|
|
|||
Loading…
Reference in a new issue