[SDK][NDK][XDK] Add the privilege flags needed for token filtering

These are needed for CreateRestrictedToken, NtFilterToken and SeFilterToken respectively. See the link down below for more information.
https://docs.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-createrestrictedtoken

sdk/include/ndk/setypes.h

@@ -108,6 +108,16 @@ typedef struct _TOKEN_ACCESS_INFORMATION
      SE_GROUP_INTEGRITY                                 |   \
      SE_GROUP_INTEGRITY_ENABLED)
 
+//
+// Privilege token filtering flags
+//
+#define DISABLE_MAX_PRIVILEGE 0x1
+#define SANDBOX_INERT         0x2
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+#define LUA_TOKEN             0x4
+#define WRITE_RESTRICTED      0x8
+#endif
+
 //
 // Proxy Class enumeration
 //

sdk/include/xdk/setypes.h

@@ -147,6 +147,19 @@ typedef struct _SE_IMPERSONATION_STATE {
 #define SEF_MACL_VALID_FLAGS (SEF_MACL_NO_WRITE_UP | SEF_MACL_NO_READ_UP | SEF_MACL_NO_EXECUTE_UP)
 
 $endif (_WDMDDK_ || _WINNT_)
+
+$if (_WINNT_)
+
+/* Privilege token filtering flags */
+#define DISABLE_MAX_PRIVILEGE 0x1
+#define SANDBOX_INERT         0x2
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+#define LUA_TOKEN             0x4
+#define WRITE_RESTRICTED      0x8
+#endif
+
+$endif (_WINNT_)
+
 $if (_WDMDDK_)
 
 typedef enum _SECURITY_OPERATION_CODE {