[NTIFS]

- Group related definitions - Add NtSetInformationThread function declaration - Add SE_ADT_PARAMETER_TYPE enum - Add SE_ADT_OBJECT_TYPE, SE_ADT_PARAMETER_ARRAY_ENTRY, SE_ADT_ACCESS_REASON and SE_ADT_PARAMETER_ARRAY structures - Add SE_MAX_AUDIT_PARAMETERS, SE_MAX_GENERIC_AUDIT_PARAMETERS, SE_ADT_PARAMETERS_* and SE_ADT_PARAMETER_* definitions - Add LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE macro svn path=/branches/header-work/; revision=46019
2025-07-31 05:51:44 +00:00 · 2010-03-08 23:02:39 +00:00 · 2010-03-08 23:02:39 +00:00 · eb68457183
commit eb68457183
parent 79a0a4193d
1 changed files with 121 additions and 23 deletions
--- a/include/ddk/ntifs.h
+++ b/include/ddk/ntifs.h
@ -1000,6 +1000,15 @@ NtPrivilegedServiceAuditAlarm(
  IN PPRIVILEGE_SET Privileges,
  IN BOOLEAN AccessGranted);

+NTSYSCALLAPI
+NTSTATUS
+NTAPI
+NtSetInformationThread(
+  IN HANDLE ThreadHandle,
+  IN THREADINFOCLASS ThreadInformationClass,
+  IN PVOID ThreadInformation,
+  IN ULONG ThreadInformationLength);
+
 #endif

 typedef NTSTATUS
@ -2223,6 +2232,118 @@ typedef struct _COMPRESSED_DATA_INFO {
 #define FILE_READ_ACCESS                ( 0x0001 )
 #define FILE_WRITE_ACCESS               ( 0x0002 )

+typedef ULONG  LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
+
+typedef enum _SECURITY_LOGON_TYPE {
+  UndefinedLogonType = 0,
+  Interactive = 2,
+  Network,
+  Batch,
+  Service,
+  Proxy,
+  Unlock,
+  NetworkCleartext,
+  NewCredentials,
+#if (_WIN32_WINNT >= 0x0501)
+  RemoteInteractive,
+  CachedInteractive,
+#endif
+#if (_WIN32_WINNT >= 0x0502)
+  CachedRemoteInteractive,
+  CachedUnlock
+#endif
+} SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
+
+#ifndef _NTLSA_AUDIT_
+#define _NTLSA_AUDIT_
+
+typedef enum _SE_ADT_PARAMETER_TYPE {
+  SeAdtParmTypeNone = 0,
+  SeAdtParmTypeString,
+  SeAdtParmTypeFileSpec,
+  SeAdtParmTypeUlong,
+  SeAdtParmTypeSid,
+  SeAdtParmTypeLogonId,
+  SeAdtParmTypeNoLogonId,
+  SeAdtParmTypeAccessMask,
+  SeAdtParmTypePrivs,
+  SeAdtParmTypeObjectTypes,
+  SeAdtParmTypeHexUlong,
+  SeAdtParmTypePtr,
+  SeAdtParmTypeTime,
+  SeAdtParmTypeGuid,
+  SeAdtParmTypeLuid,
+  SeAdtParmTypeHexInt64,
+  SeAdtParmTypeStringList,
+  SeAdtParmTypeSidList,
+  SeAdtParmTypeDuration,
+  SeAdtParmTypeUserAccountControl,
+  SeAdtParmTypeNoUac,
+  SeAdtParmTypeMessage,
+  SeAdtParmTypeDateTime,
+  SeAdtParmTypeSockAddr,
+  SeAdtParmTypeSD,
+  SeAdtParmTypeLogonHours,
+  SeAdtParmTypeLogonIdNoSid,
+  SeAdtParmTypeUlongNoConv,
+  SeAdtParmTypeSockAddrNoPort,
+  SeAdtParmTypeAccessReason
+} SE_ADT_PARAMETER_TYPE, *PSE_ADT_PARAMETER_TYPE;
+
+#ifndef GUID_DEFINED
+#include <guiddef.h>
+#endif
+
+typedef struct _SE_ADT_OBJECT_TYPE {
+  GUID ObjectType;
+  USHORT Flags;
+#define SE_ADT_OBJECT_ONLY 0x1
+  USHORT Level;
+  ACCESS_MASK AccessMask;
+} SE_ADT_OBJECT_TYPE, *PSE_ADT_OBJECT_TYPE;
+
+typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY {
+  SE_ADT_PARAMETER_TYPE Type;
+  ULONG Length;
+  ULONG_PTR Data[2];
+  PVOID Address;
+} SE_ADT_PARAMETER_ARRAY_ENTRY, *PSE_ADT_PARAMETER_ARRAY_ENTRY;
+
+typedef struct _SE_ADT_ACCESS_REASON {
+  ACCESS_MASK AccessMask;
+  ULONG  AccessReasons[32];
+  ULONG  ObjectTypeIndex;
+  ULONG AccessGranted;
+  PSECURITY_DESCRIPTOR SecurityDescriptor;
+} SE_ADT_ACCESS_REASON, *PSE_ADT_ACCESS_REASON;
+
+#define SE_MAX_AUDIT_PARAMETERS 32
+#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
+
+typedef struct _SE_ADT_PARAMETER_ARRAY {
+  ULONG CategoryId;
+  ULONG AuditId;
+  ULONG ParameterCount;
+  ULONG Length;
+  USHORT FlatSubCategoryId;
+  USHORT Type;
+  ULONG Flags;
+  SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[ SE_MAX_AUDIT_PARAMETERS ];
+} SE_ADT_PARAMETER_ARRAY, *PSE_ADT_PARAMETER_ARRAY;
+
+#define SE_ADT_PARAMETERS_SELF_RELATIVE     0x00000001
+#define SE_ADT_PARAMETERS_SEND_TO_LSA       0x00000002
+#define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT   0x00000004
+#define SE_ADT_PARAMETER_GENERIC_AUDIT      0x00000008
+#define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS  0x00000010
+
+#define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(AuditParameters)    \
+     ( sizeof(SE_ADT_PARAMETER_ARRAY) -                           \
+       sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) *                     \
+       (SE_MAX_AUDIT_PARAMETERS - AuditParameters->ParameterCount) )
+
+#endif /* _NTLSA_AUDIT_ */
+
 #pragma pack(push,4)

 #ifndef VER_PRODUCTBUILD
@ -2250,29 +2371,6 @@ extern LARGE_INTEGER                IoReadTransferCount;
 extern LARGE_INTEGER                IoWriteTransferCount;
 extern LARGE_INTEGER                IoOtherTransferCount;

-typedef ULONG  LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
-
-typedef enum _SECURITY_LOGON_TYPE
-{
-    UndefinedLogonType = 0,
-    Interactive = 2,
-    Network,
-    Batch,
-    Service,
-    Proxy,
-    Unlock,
-    NetworkCleartext,
-    NewCredentials,
-#if (_WIN32_WINNT >= 0x0501)
-    RemoteInteractive,
-    CachedInteractive,
-#endif
-#if (_WIN32_WINNT >= 0x0502)
-    CachedRemoteInteractive,
-    CachedUnlock
-#endif
-} SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
-
 #define ANSI_DOS_STAR                   ('<')
 #define ANSI_DOS_QM                     ('>')
 #define ANSI_DOS_DOT                    ('"')