diff --git a/reactos/include/ddk/obfuncs.h b/reactos/include/ddk/obfuncs.h index 53fc93263b7..3dd9fecf875 100644 --- a/reactos/include/ddk/obfuncs.h +++ b/reactos/include/ddk/obfuncs.h @@ -19,6 +19,9 @@ ObfReferenceObject(IN PVOID Object); #define ObReferenceObject(Object) \ ObfReferenceObject(Object) +ULONG STDCALL +ObGetObjectPointerCount(IN PVOID Object); + NTSTATUS STDCALL ObInsertObject(PVOID Object, PACCESS_STATE PassedAccessState, diff --git a/reactos/include/ddk/sefuncs.h b/reactos/include/ddk/sefuncs.h index f27d8adf6b3..22c49224e6b 100644 --- a/reactos/include/ddk/sefuncs.h +++ b/reactos/include/ddk/sefuncs.h @@ -1,6 +1,6 @@ #ifndef _INCLUDE_DDK_SEFUNCS_H #define _INCLUDE_DDK_SEFUNCS_H -/* $Id: sefuncs.h,v 1.15 2002/02/20 20:09:52 ekohl Exp $ */ +/* $Id: sefuncs.h,v 1.16 2002/02/22 13:34:36 ekohl Exp $ */ BOOLEAN STDCALL SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, @@ -8,24 +8,43 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, - OUT PPRIVILEGE_SET* Privileges, + OUT PPRIVILEGE_SET* Privileges OPTIONAL, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MODE GrantedAccess, OUT PNTSTATUS AccessStatus); NTSTATUS STDCALL -SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor, - PSECURITY_DESCRIPTOR ExplicitDescriptor, - PSECURITY_DESCRIPTOR* NewDescriptor, - BOOLEAN IsDirectoryObject, - PSECURITY_SUBJECT_CONTEXT SubjectContext, - PGENERIC_MAPPING GenericMapping, - POOL_TYPE PoolType); +SeAppendPrivileges(IN PACCESS_STATE AccessState, + IN PPRIVILEGE_SET Privileges); + +NTSTATUS STDCALL +SeAssignSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL, + IN PSECURITY_DESCRIPTOR ExplicitDescriptor, + OUT PSECURITY_DESCRIPTOR* NewDescriptor, + IN BOOLEAN IsDirectoryObject, + IN PSECURITY_SUBJECT_CONTEXT SubjectContext, + IN PGENERIC_MAPPING GenericMapping, + IN POOL_TYPE PoolType); + +BOOLEAN STDCALL +SeAuditingFileEvents(IN BOOLEAN AccessGranted, + IN PSECURITY_DESCRIPTOR SecurityDescriptor); + +BOOLEAN STDCALL +SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN PSECURITY_SUBJECT_CONTEXT SubjectContext); VOID STDCALL SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext); +NTSTATUS STDCALL +SeCreateAccessState(OUT PACCESS_STATE AccessState, + IN PVOID AuxData, + IN ACCESS_MASK AccessMask, + IN PGENERIC_MAPPING Mapping); + NTSTATUS STDCALL SeCreateClientSecurity(IN struct _ETHREAD *Thread, IN PSECURITY_QUALITY_OF_SERVICE Qos, @@ -33,20 +52,98 @@ SeCreateClientSecurity(IN struct _ETHREAD *Thread, OUT PSECURITY_CLIENT_CONTEXT ClientContext); NTSTATUS STDCALL -SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor); +SeDeassignSecurity(IN OUT PSECURITY_DESCRIPTOR* SecurityDescriptor); + +VOID STDCALL +SeDeleteObjectAuditAlarm(IN PVOID Object, + IN HANDLE Handle); + +VOID STDCALL +SeFreePrivileges(IN PPRIVILEGE_SET Privileges); VOID STDCALL SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext, IN struct _ETHREAD *ServerThread OPTIONAL); VOID STDCALL -SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext); +SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext); + +NTSTATUS STDCALL +SeMarkLogonSessionForTerminationNotification(IN PLUID LogonId); + +VOID STDCALL +SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName, + IN PVOID Object OPTIONAL, + IN PUNICODE_STRING AbsoluteObjectName OPTIONAL, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN PACCESS_STATE AccessState, + IN BOOLEAN ObjectCreated, + IN BOOLEAN AccessGranted, + IN KPROCESSOR_MODE AccessMode, + OUT PBOOLEAN GenerateOnClose); + +VOID STDCALL +SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName, + IN PVOID Object OPTIONAL, + IN PUNICODE_STRING AbsoluteObjectName OPTIONAL, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN PACCESS_STATE AccessState, + IN BOOLEAN ObjectCreated, + IN BOOLEAN AccessGranted, + IN KPROCESSOR_MODE AccessMode, + OUT PBOOLEAN GenerateOnClose); BOOLEAN STDCALL -SeSinglePrivilegeCheck(LUID PrivilegeValue, - KPROCESSOR_MODE PreviousMode); +SePrivilegeCheck(IN OUT PPRIVILEGE_SET RequiredPrivileges, + IN PSECURITY_SUBJECT_CONTEXT SubjectContext, + IN KPROCESSOR_MODE AccessMode); + +NTSTATUS STDCALL +SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token, + OUT PLUID LogonId); + +NTSTATUS STDCALL +SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation, + OUT PSECURITY_DESCRIPTOR SecurityDescriptor, + IN OUT PULONG Length, + IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor); + +NTSTATUS STDCALL +SeRegisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine); + +VOID STDCALL +SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext); + +VOID STDCALL +SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState, + IN PGENERIC_MAPPING GenericMapping); + +NTSTATUS STDCALL +SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL, + IN PSECURITY_INFORMATION SecurityInformation, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, + IN POOL_TYPE PoolType, + IN PGENERIC_MAPPING GenericMapping); + +BOOLEAN STDCALL +SeSinglePrivilegeCheck(IN LUID PrivilegeValue, + IN KPROCESSOR_MODE PreviousMode); + +SECURITY_IMPERSONATION_LEVEL STDCALL +SeTokenImpersonationLevel(IN PACCESS_TOKEN Token); TOKEN_TYPE STDCALL SeTokenType(IN PACCESS_TOKEN Token); +VOID STDCALL +SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext); + +NTSTATUS STDCALL +SeUnregisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine); + +BOOLEAN STDCALL +SeValidSecurityDescriptor(IN ULONG Length, + IN PSECURITY_DESCRIPTOR SecurityDescriptor); + #endif /* ndef _INCLUDE_DDK_SEFUNCS_H */ diff --git a/reactos/include/ddk/setypes.h b/reactos/include/ddk/setypes.h index 4688a5e1b2b..4ffe16c78e7 100644 --- a/reactos/include/ddk/setypes.h +++ b/reactos/include/ddk/setypes.h @@ -1,4 +1,4 @@ -/* $Id: setypes.h,v 1.6 2002/02/20 20:09:52 ekohl Exp $ +/* $Id: setypes.h,v 1.7 2002/02/22 13:34:36 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory for details * PROJECT: ReactOS kernel @@ -155,6 +155,10 @@ typedef struct _SE_EXPORTS PSID SeAliasBackupOpsSid; } SE_EXPORTS, *PSE_EXPORTS; + +typedef NTSTATUS STDCALL +(*PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId); + #endif /* EOF */ diff --git a/reactos/ntoskrnl/ob/object.c b/reactos/ntoskrnl/ob/object.c index c77e1cd6cf8..9fed2fc51c0 100644 --- a/reactos/ntoskrnl/ob/object.c +++ b/reactos/ntoskrnl/ob/object.c @@ -1,4 +1,4 @@ -/* $Id: object.c,v 1.42 2002/02/19 00:09:25 ekohl Exp $ +/* $Id: object.c,v 1.43 2002/02/22 13:35:50 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -444,6 +444,7 @@ NTSTATUS ObPerformRetentionChecks(POBJECT_HEADER Header) return(STATUS_SUCCESS); } + ULONG ObGetReferenceCount(PVOID ObjectBody) { POBJECT_HEADER Header = BODY_TO_HEADER(ObjectBody); @@ -520,4 +521,16 @@ VOID FASTCALL ObfDereferenceObject (PVOID Object) ObPerformRetentionChecks(Header); } + +ULONG STDCALL +ObGetObjectPointerCount(PVOID Object) +{ + POBJECT_HEADER Header; + + assert(Object); + Header = BODY_TO_HEADER(Object); + + return(Header->RefCount); +} + /* EOF */ diff --git a/reactos/ntoskrnl/ob/security.c b/reactos/ntoskrnl/ob/security.c index cee86ef9270..5dfff6c6a59 100644 --- a/reactos/ntoskrnl/ob/security.c +++ b/reactos/ntoskrnl/ob/security.c @@ -17,11 +17,12 @@ /* FUNCTIONS ***************************************************************/ -NTSTATUS STDCALL NtQuerySecurityObject(IN HANDLE ObjectHandle, - IN CINT SecurityObjectInformationClass, - OUT PVOID SecurityObjectInformation, - IN ULONG Length, - OUT PULONG ReturnLength) +NTSTATUS STDCALL +NtQuerySecurityObject(IN HANDLE ObjectHandle, + IN CINT SecurityObjectInformationClass, + OUT PVOID SecurityObjectInformation, + IN ULONG Length, + OUT PULONG ReturnLength) { NTSTATUS Status; PVOID Object; @@ -43,10 +44,10 @@ NTSTATUS STDCALL NtQuerySecurityObject(IN HANDLE ObjectHandle, if (Header->ObjectType != NULL && Header->ObjectType->Security != NULL) { - Status = Header->ObjectType->Security(Object, + Status = Header->ObjectType->Security(Object, SecurityObjectInformationClass, SecurityObjectInformation, - &Length); + &Length); *ReturnLength = Length; } else @@ -58,15 +59,12 @@ NTSTATUS STDCALL NtQuerySecurityObject(IN HANDLE ObjectHandle, } -NTSTATUS -STDCALL -NtSetSecurityObject( - IN HANDLE Handle, - IN SECURITY_INFORMATION SecurityInformation, - IN PSECURITY_DESCRIPTOR SecurityDescriptor - ) +NTSTATUS STDCALL +NtSetSecurityObject(IN HANDLE Handle, + IN SECURITY_INFORMATION SecurityInformation, + IN PSECURITY_DESCRIPTOR SecurityDescriptor) { - UNIMPLEMENTED; + UNIMPLEMENTED; } diff --git a/reactos/ntoskrnl/se/priv.c b/reactos/ntoskrnl/se/priv.c index 9fe360e7e06..c74daa86be4 100644 --- a/reactos/ntoskrnl/se/priv.c +++ b/reactos/ntoskrnl/se/priv.c @@ -1,4 +1,4 @@ -/* $Id: priv.c,v 1.2 2002/02/20 20:15:38 ekohl Exp $ +/* $Id: priv.c,v 1.3 2002/02/22 13:36:24 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -274,8 +274,8 @@ SePrivilegeCheck(PPRIVILEGE_SET Privileges, } BOOLEAN STDCALL -SeSinglePrivilegeCheck(LUID PrivilegeValue, - KPROCESSOR_MODE PreviousMode) +SeSinglePrivilegeCheck(IN LUID PrivilegeValue, + IN KPROCESSOR_MODE PreviousMode) { SECURITY_SUBJECT_CONTEXT SubjectContext; BOOLEAN r; diff --git a/reactos/ntoskrnl/se/token.c b/reactos/ntoskrnl/se/token.c index 1ec3390d345..97d0a1d2eb5 100644 --- a/reactos/ntoskrnl/se/token.c +++ b/reactos/ntoskrnl/se/token.c @@ -1,4 +1,4 @@ -/* $Id: token.c,v 1.13 2002/02/20 20:15:38 ekohl Exp $ +/* $Id: token.c,v 1.14 2002/02/22 13:36:24 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -627,6 +627,14 @@ NtCreateToken(OUT PHANDLE TokenHandle, UNIMPLEMENTED; } + +SECURITY_IMPERSONATION_LEVEL STDCALL +SeTokenImpersonationLevel(IN PACCESS_TOKEN Token) +{ + return(Token->ImpersonationLevel); +} + + TOKEN_TYPE STDCALL SeTokenType(IN PACCESS_TOKEN Token) {