mirror of
https://github.com/reactos/reactos.git
synced 2024-11-02 12:53:33 +00:00
583 lines
13 KiB
C
583 lines
13 KiB
C
/******************************************************************************
|
|
* Security Manager Functions *
|
|
******************************************************************************/
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WIN2K)
|
|
$if (_WDMDDK_)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAccessCheck(
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
|
|
IN BOOLEAN SubjectContextLocked,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN ACCESS_MASK PreviouslyGrantedAccess,
|
|
OUT PPRIVILEGE_SET *Privileges OPTIONAL,
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
OUT PACCESS_MASK GrantedAccess,
|
|
OUT PNTSTATUS AccessStatus);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAssignSecurity(
|
|
IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR ExplicitDescriptor OPTIONAL,
|
|
OUT PSECURITY_DESCRIPTOR *NewDescriptor,
|
|
IN BOOLEAN IsDirectoryObject,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
IN POOL_TYPE PoolType);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAssignSecurityEx(
|
|
IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR ExplicitDescriptor OPTIONAL,
|
|
OUT PSECURITY_DESCRIPTOR *NewDescriptor,
|
|
IN GUID *ObjectType OPTIONAL,
|
|
IN BOOLEAN IsDirectoryObject,
|
|
IN ULONG AutoInheritFlags,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
IN POOL_TYPE PoolType);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeDeassignSecurity(
|
|
IN OUT PSECURITY_DESCRIPTOR *SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeValidSecurityDescriptor(
|
|
IN ULONG Length,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
ULONG
|
|
NTAPI
|
|
SeObjectCreateSaclAccessBits(
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeReleaseSubjectContext(
|
|
IN OUT PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeUnlockSubjectContext(
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeCaptureSubjectContext(
|
|
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeLockSubjectContext(
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
$endif (_WDMDDK_)
|
|
|
|
$if (_NTDDK_)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeSinglePrivilegeCheck(
|
|
IN LUID PrivilegeValue,
|
|
IN KPROCESSOR_MODE PreviousMode);
|
|
$endif (_NTDDK_)
|
|
$if (_NTIFS_)
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeReleaseSubjectContext(
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SePrivilegeCheck(
|
|
IN OUT PPRIVILEGE_SET RequiredPrivileges,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
IN KPROCESSOR_MODE AccessMode);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectAuditAlarm(
|
|
IN PUNICODE_STRING ObjectTypeName,
|
|
IN PVOID Object OPTIONAL,
|
|
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PACCESS_STATE AccessState,
|
|
IN BOOLEAN ObjectCreated,
|
|
IN BOOLEAN AccessGranted,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
OUT PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectForDeleteAuditAlarm(
|
|
IN PUNICODE_STRING ObjectTypeName,
|
|
IN PVOID Object OPTIONAL,
|
|
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PACCESS_STATE AccessState,
|
|
IN BOOLEAN ObjectCreated,
|
|
IN BOOLEAN AccessGranted,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
OUT PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeDeleteObjectAuditAlarm(
|
|
IN PVOID Object,
|
|
IN HANDLE Handle);
|
|
|
|
NTKERNELAPI
|
|
TOKEN_TYPE
|
|
NTAPI
|
|
SeTokenType(
|
|
IN PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsAdmin(
|
|
IN PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsRestricted(
|
|
IN PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQueryAuthenticationIdToken(
|
|
IN PACCESS_TOKEN Token,
|
|
OUT PLUID AuthenticationId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQuerySessionIdToken(
|
|
IN PACCESS_TOKEN Token,
|
|
OUT PULONG SessionId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeCreateClientSecurity(
|
|
IN PETHREAD ClientThread,
|
|
IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
|
|
IN BOOLEAN RemoteSession,
|
|
OUT PSECURITY_CLIENT_CONTEXT ClientContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeImpersonateClient(
|
|
IN PSECURITY_CLIENT_CONTEXT ClientContext,
|
|
IN PETHREAD ServerThread OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeImpersonateClientEx(
|
|
IN PSECURITY_CLIENT_CONTEXT ClientContext,
|
|
IN PETHREAD ServerThread OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeCreateClientSecurityFromSubjectContext(
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
|
|
IN BOOLEAN ServerIsRemote,
|
|
OUT PSECURITY_CLIENT_CONTEXT ClientContext);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQuerySecurityDescriptorInfo(
|
|
IN PSECURITY_INFORMATION SecurityInformation,
|
|
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN OUT PULONG Length,
|
|
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSecurityDescriptorInfo(
|
|
IN PVOID Object OPTIONAL,
|
|
IN PSECURITY_INFORMATION SecurityInformation,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
|
|
IN POOL_TYPE PoolType,
|
|
IN PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSecurityDescriptorInfoEx(
|
|
IN PVOID Object OPTIONAL,
|
|
IN PSECURITY_INFORMATION SecurityInformation,
|
|
IN PSECURITY_DESCRIPTOR ModificationDescriptor,
|
|
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
|
|
IN ULONG AutoInheritFlags,
|
|
IN POOL_TYPE PoolType,
|
|
IN PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAppendPrivileges(
|
|
IN OUT PACCESS_STATE AccessState,
|
|
IN PPRIVILEGE_SET Privileges);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileEvents(
|
|
IN BOOLEAN AccessGranted,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileOrGlobalEvents(
|
|
IN BOOLEAN AccessGranted,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
|
|
|
|
VOID
|
|
NTAPI
|
|
SeSetAccessStateGenericMapping(
|
|
IN OUT PACCESS_STATE AccessState,
|
|
IN PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeRegisterLogonSessionTerminatedRoutine(
|
|
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeUnregisterLogonSessionTerminatedRoutine(
|
|
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeMarkLogonSessionForTerminationNotification(
|
|
IN PLUID LogonId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQueryInformationToken(
|
|
IN PACCESS_TOKEN Token,
|
|
IN TOKEN_INFORMATION_CLASS TokenInformationClass,
|
|
OUT PVOID *TokenInformation);
|
|
$endif (_NTIFS_)
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
|
|
$if (_NTIFS_)
|
|
#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingHardLinkEvents(
|
|
IN BOOLEAN AccessGranted,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
#endif
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WINXP)
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeFilterToken(
|
|
IN PACCESS_TOKEN ExistingToken,
|
|
IN ULONG Flags,
|
|
IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
|
|
IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
|
|
IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
|
|
OUT PACCESS_TOKEN *FilteredToken);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditHardLinkCreation(
|
|
IN PUNICODE_STRING FileName,
|
|
IN PUNICODE_STRING LinkName,
|
|
IN BOOLEAN bSuccess);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileEventsWithContext(
|
|
IN BOOLEAN AccessGranted,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingHardLinkEventsWithContext(
|
|
IN BOOLEAN AccessGranted,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
|
|
|
|
#endif
|
|
$endif (_NTIFS_)
|
|
|
|
$if (_WDMDDK_)
|
|
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetAuditParameter(
|
|
IN OUT PSE_ADT_PARAMETER_ARRAY AuditParameters,
|
|
IN SE_ADT_PARAMETER_TYPE Type,
|
|
IN ULONG Index,
|
|
IN PVOID Data);
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeReportSecurityEvent(
|
|
IN ULONG Flags,
|
|
IN PUNICODE_STRING SourceName,
|
|
IN PSID UserSid OPTIONAL,
|
|
IN PSE_ADT_PARAMETER_ARRAY AuditParameters);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
|
|
$endif (_WDMDDK_)
|
|
|
|
$if (_WDMDDK_ || _NTIFS_)
|
|
#if (NTDDI_VERSION >= NTDDI_VISTA)
|
|
$endif
|
|
$if (_WDMDDK_)
|
|
NTKERNELAPI
|
|
ULONG
|
|
NTAPI
|
|
SeComputeAutoInheritByObjectType(
|
|
IN PVOID ObjectType,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR ParentSecurityDescriptor OPTIONAL);
|
|
|
|
#ifdef SE_NTFS_WORLD_CACHE
|
|
VOID
|
|
NTAPI
|
|
SeGetWorldRights(
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
OUT PACCESS_MASK GrantedAccess);
|
|
#endif /* SE_NTFS_WORLD_CACHE */
|
|
$endif (_WDMDDK_)
|
|
$if (_NTIFS_)
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectAuditAlarmWithTransaction(
|
|
IN PUNICODE_STRING ObjectTypeName,
|
|
IN PVOID Object OPTIONAL,
|
|
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PACCESS_STATE AccessState,
|
|
IN BOOLEAN ObjectCreated,
|
|
IN BOOLEAN AccessGranted,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
IN GUID *TransactionId OPTIONAL,
|
|
OUT PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectForDeleteAuditAlarmWithTransaction(
|
|
IN PUNICODE_STRING ObjectTypeName,
|
|
IN PVOID Object OPTIONAL,
|
|
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PACCESS_STATE AccessState,
|
|
IN BOOLEAN ObjectCreated,
|
|
IN BOOLEAN AccessGranted,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
IN GUID *TransactionId OPTIONAL,
|
|
OUT PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeExamineSacl(
|
|
IN PACL Sacl,
|
|
IN PACCESS_TOKEN Token,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN BOOLEAN AccessGranted,
|
|
OUT PBOOLEAN GenerateAudit,
|
|
OUT PBOOLEAN GenerateAlarm);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeDeleteObjectAuditAlarmWithTransaction(
|
|
IN PVOID Object,
|
|
IN HANDLE Handle,
|
|
IN GUID *TransactionId OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeQueryTokenIntegrity(
|
|
IN PACCESS_TOKEN Token,
|
|
IN OUT PSID_AND_ATTRIBUTES IntegritySA);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSessionIdToken(
|
|
IN PACCESS_TOKEN Token,
|
|
IN ULONG SessionId);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditHardLinkCreationWithTransaction(
|
|
IN PUNICODE_STRING FileName,
|
|
IN PUNICODE_STRING LinkName,
|
|
IN BOOLEAN bSuccess,
|
|
IN GUID *TransactionId OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditTransactionStateChange(
|
|
IN GUID *TransactionId,
|
|
IN GUID *ResourceManagerId,
|
|
IN ULONG NewTransactionState);
|
|
$endif (_NTIFS_)
|
|
$if (_WDMDDK_ || _NTIFS_)
|
|
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
|
|
$endif
|
|
$if (_NTIFS_)
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsWriteRestricted(
|
|
IN PACCESS_TOKEN Token);
|
|
#endif
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WIN7)
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingAnyFileEventsWithContext(
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeExamineGlobalSacl(
|
|
IN PUNICODE_STRING ObjectType,
|
|
IN PACCESS_TOKEN Token,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN BOOLEAN AccessGranted,
|
|
IN OUT PBOOLEAN GenerateAudit,
|
|
IN OUT PBOOLEAN GenerateAlarm OPTIONAL);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeMaximumAuditMaskFromGlobalSacl(
|
|
IN PUNICODE_STRING ObjectTypeName OPTIONAL,
|
|
IN ACCESS_MASK GrantedAccess,
|
|
IN PACCESS_TOKEN Token,
|
|
IN OUT PACCESS_MASK AuditMask);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeReportSecurityEventWithSubCategory(
|
|
IN ULONG Flags,
|
|
IN PUNICODE_STRING SourceName,
|
|
IN PSID UserSid OPTIONAL,
|
|
IN PSE_ADT_PARAMETER_ARRAY AuditParameters,
|
|
IN ULONG AuditSubcategoryId);
|
|
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAccessCheckFromState(
|
|
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
IN PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
|
|
IN PTOKEN_ACCESS_INFORMATION ClientTokenInformation OPTIONAL,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN ACCESS_MASK PreviouslyGrantedAccess,
|
|
OUT PPRIVILEGE_SET *Privileges OPTIONAL,
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
IN KPROCESSOR_MODE AccessMode,
|
|
OUT PACCESS_MASK GrantedAccess,
|
|
OUT PNTSTATUS AccessStatus);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeFreePrivileges(
|
|
IN PPRIVILEGE_SET Privileges);
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeLocateProcessImageName(
|
|
IN OUT PEPROCESS Process,
|
|
OUT PUNICODE_STRING *pImageFileName);
|
|
|
|
#define SeLengthSid( Sid ) \
|
|
(8 + (4 * ((SID *)Sid)->SubAuthorityCount))
|
|
|
|
#define SeDeleteClientSecurity(C) { \
|
|
if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
|
|
PsDereferencePrimaryToken( (C)->ClientToken ); \
|
|
} else { \
|
|
PsDereferenceImpersonationToken( (C)->ClientToken ); \
|
|
} \
|
|
}
|
|
|
|
#define SeStopImpersonatingClient() PsRevertToSelf()
|
|
|
|
#define SeQuerySubjectContextToken( SubjectContext ) \
|
|
( ARGUMENT_PRESENT( \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
|
|
) ? \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
|
|
|
|
extern NTKERNELAPI PSE_EXPORTS SeExports;
|
|
$endif (_NTIFS_)
|