mirror of
https://github.com/reactos/reactos.git
synced 2024-11-06 06:33:08 +00:00
527f2f9057
* Create a branch for some evul shell experiments. svn path=/branches/shell-experiments/; revision=61927
591 lines
14 KiB
C
591 lines
14 KiB
C
/******************************************************************************
|
|
* Security Manager Functions *
|
|
******************************************************************************/
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WIN2K)
|
|
$if (_WDMDDK_)
|
|
_IRQL_requires_max_(PASSIVE_LEVEL)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAccessCheck(
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
|
|
_In_ BOOLEAN SubjectContextLocked,
|
|
_In_ ACCESS_MASK DesiredAccess,
|
|
_In_ ACCESS_MASK PreviouslyGrantedAccess,
|
|
_Outptr_opt_ PPRIVILEGE_SET *Privileges,
|
|
_In_ PGENERIC_MAPPING GenericMapping,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_Out_ PACCESS_MASK GrantedAccess,
|
|
_Out_ PNTSTATUS AccessStatus);
|
|
|
|
_IRQL_requires_max_(PASSIVE_LEVEL)
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAssignSecurity(
|
|
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
|
|
_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor,
|
|
_Out_ PSECURITY_DESCRIPTOR *NewDescriptor,
|
|
_In_ BOOLEAN IsDirectoryObject,
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
_In_ PGENERIC_MAPPING GenericMapping,
|
|
_In_ POOL_TYPE PoolType);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAssignSecurityEx(
|
|
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
|
|
_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor,
|
|
_Out_ PSECURITY_DESCRIPTOR *NewDescriptor,
|
|
_In_opt_ GUID *ObjectType,
|
|
_In_ BOOLEAN IsDirectoryObject,
|
|
_In_ ULONG AutoInheritFlags,
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
_In_ PGENERIC_MAPPING GenericMapping,
|
|
_In_ POOL_TYPE PoolType);
|
|
|
|
_IRQL_requires_max_(PASSIVE_LEVEL)
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeDeassignSecurity(
|
|
_Inout_ PSECURITY_DESCRIPTOR *SecurityDescriptor);
|
|
|
|
_IRQL_requires_max_(PASSIVE_LEVEL)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeValidSecurityDescriptor(
|
|
_In_ ULONG Length,
|
|
_In_reads_bytes_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
ULONG
|
|
NTAPI
|
|
SeObjectCreateSaclAccessBits(
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeReleaseSubjectContext(
|
|
_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeUnlockSubjectContext(
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeCaptureSubjectContext(
|
|
_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeLockSubjectContext(
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
$endif (_WDMDDK_)
|
|
|
|
$if (_NTDDK_)
|
|
_IRQL_requires_max_(PASSIVE_LEVEL)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeSinglePrivilegeCheck(
|
|
_In_ LUID PrivilegeValue,
|
|
_In_ KPROCESSOR_MODE PreviousMode);
|
|
$endif (_NTDDK_)
|
|
$if (_NTIFS_)
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeReleaseSubjectContext(
|
|
_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SePrivilegeCheck(
|
|
_Inout_ PPRIVILEGE_SET RequiredPrivileges,
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
_In_ KPROCESSOR_MODE AccessMode);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectAuditAlarm(
|
|
_In_ PUNICODE_STRING ObjectTypeName,
|
|
_In_opt_ PVOID Object,
|
|
_In_opt_ PUNICODE_STRING AbsoluteObjectName,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PACCESS_STATE AccessState,
|
|
_In_ BOOLEAN ObjectCreated,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_Out_ PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectForDeleteAuditAlarm(
|
|
_In_ PUNICODE_STRING ObjectTypeName,
|
|
_In_opt_ PVOID Object,
|
|
_In_opt_ PUNICODE_STRING AbsoluteObjectName,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PACCESS_STATE AccessState,
|
|
_In_ BOOLEAN ObjectCreated,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_Out_ PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeDeleteObjectAuditAlarm(
|
|
_In_ PVOID Object,
|
|
_In_ HANDLE Handle);
|
|
|
|
NTKERNELAPI
|
|
TOKEN_TYPE
|
|
NTAPI
|
|
SeTokenType(
|
|
_In_ PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsAdmin(
|
|
_In_ PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsRestricted(
|
|
_In_ PACCESS_TOKEN Token);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQueryAuthenticationIdToken(
|
|
_In_ PACCESS_TOKEN Token,
|
|
_Out_ PLUID AuthenticationId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQuerySessionIdToken(
|
|
_In_ PACCESS_TOKEN Token,
|
|
_Out_ PULONG SessionId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeCreateClientSecurity(
|
|
_In_ PETHREAD ClientThread,
|
|
_In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
|
|
_In_ BOOLEAN RemoteSession,
|
|
_Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeImpersonateClient(
|
|
_In_ PSECURITY_CLIENT_CONTEXT ClientContext,
|
|
_In_opt_ PETHREAD ServerThread);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeImpersonateClientEx(
|
|
_In_ PSECURITY_CLIENT_CONTEXT ClientContext,
|
|
_In_opt_ PETHREAD ServerThread);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeCreateClientSecurityFromSubjectContext(
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
|
_In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
|
|
_In_ BOOLEAN ServerIsRemote,
|
|
_Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQuerySecurityDescriptorInfo(
|
|
_In_ PSECURITY_INFORMATION SecurityInformation,
|
|
_Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_Inout_ PULONG Length,
|
|
_Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSecurityDescriptorInfo(
|
|
_In_opt_ PVOID Object,
|
|
_In_ PSECURITY_INFORMATION SecurityInformation,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
|
|
_In_ POOL_TYPE PoolType,
|
|
_In_ PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSecurityDescriptorInfoEx(
|
|
_In_opt_ PVOID Object,
|
|
_In_ PSECURITY_INFORMATION SecurityInformation,
|
|
_In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
|
|
_Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
|
|
_In_ ULONG AutoInheritFlags,
|
|
_In_ POOL_TYPE PoolType,
|
|
_In_ PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeAppendPrivileges(
|
|
_Inout_ PACCESS_STATE AccessState,
|
|
_In_ PPRIVILEGE_SET Privileges);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileEvents(
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileOrGlobalEvents(
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
|
|
|
|
VOID
|
|
NTAPI
|
|
SeSetAccessStateGenericMapping(
|
|
_Inout_ PACCESS_STATE AccessState,
|
|
_In_ PGENERIC_MAPPING GenericMapping);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeRegisterLogonSessionTerminatedRoutine(
|
|
_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeUnregisterLogonSessionTerminatedRoutine(
|
|
_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeMarkLogonSessionForTerminationNotification(
|
|
_In_ PLUID LogonId);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeQueryInformationToken(
|
|
_In_ PACCESS_TOKEN Token,
|
|
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
|
|
_Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation);
|
|
$endif (_NTIFS_)
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
|
|
$if (_NTIFS_)
|
|
#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingHardLinkEvents(
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
|
|
#endif
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WINXP)
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeFilterToken(
|
|
_In_ PACCESS_TOKEN ExistingToken,
|
|
_In_ ULONG Flags,
|
|
_In_opt_ PTOKEN_GROUPS SidsToDisable,
|
|
_In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
|
|
_In_opt_ PTOKEN_GROUPS RestrictedSids,
|
|
_Outptr_ PACCESS_TOKEN *FilteredToken);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditHardLinkCreation(
|
|
_In_ PUNICODE_STRING FileName,
|
|
_In_ PUNICODE_STRING LinkName,
|
|
_In_ BOOLEAN bSuccess);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingFileEventsWithContext(
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingHardLinkEventsWithContext(
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
|
|
|
|
#endif
|
|
$endif (_NTIFS_)
|
|
|
|
$if (_WDMDDK_)
|
|
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
|
|
|
|
_At_(AuditParameters->ParameterCount, _Const_)
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetAuditParameter(
|
|
_Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
|
|
_In_ SE_ADT_PARAMETER_TYPE Type,
|
|
_In_range_(<,SE_MAX_AUDIT_PARAMETERS) ULONG Index,
|
|
_In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE"))
|
|
PVOID Data);
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeReportSecurityEvent(
|
|
_In_ ULONG Flags,
|
|
_In_ PUNICODE_STRING SourceName,
|
|
_In_opt_ PSID UserSid,
|
|
_In_ PSE_ADT_PARAMETER_ARRAY AuditParameters);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
|
|
$endif (_WDMDDK_)
|
|
|
|
$if (_WDMDDK_ || _NTIFS_)
|
|
#if (NTDDI_VERSION >= NTDDI_VISTA)
|
|
$endif (_WDMDDK_ || _NTIFS_)
|
|
$if (_WDMDDK_)
|
|
NTKERNELAPI
|
|
ULONG
|
|
NTAPI
|
|
SeComputeAutoInheritByObjectType(
|
|
_In_ PVOID ObjectType,
|
|
_In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_opt_ PSECURITY_DESCRIPTOR ParentSecurityDescriptor);
|
|
|
|
#ifdef SE_NTFS_WORLD_CACHE
|
|
VOID
|
|
NTAPI
|
|
SeGetWorldRights(
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PGENERIC_MAPPING GenericMapping,
|
|
_Out_ PACCESS_MASK GrantedAccess);
|
|
#endif /* SE_NTFS_WORLD_CACHE */
|
|
$endif (_WDMDDK_)
|
|
$if (_NTIFS_)
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectAuditAlarmWithTransaction(
|
|
_In_ PUNICODE_STRING ObjectTypeName,
|
|
_In_opt_ PVOID Object,
|
|
_In_opt_ PUNICODE_STRING AbsoluteObjectName,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PACCESS_STATE AccessState,
|
|
_In_ BOOLEAN ObjectCreated,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_In_opt_ GUID *TransactionId,
|
|
_Out_ PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeOpenObjectForDeleteAuditAlarmWithTransaction(
|
|
_In_ PUNICODE_STRING ObjectTypeName,
|
|
_In_opt_ PVOID Object,
|
|
_In_opt_ PUNICODE_STRING AbsoluteObjectName,
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PACCESS_STATE AccessState,
|
|
_In_ BOOLEAN ObjectCreated,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_In_opt_ GUID *TransactionId,
|
|
_Out_ PBOOLEAN GenerateOnClose);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeExamineSacl(
|
|
_In_ PACL Sacl,
|
|
_In_ PACCESS_TOKEN Token,
|
|
_In_ ACCESS_MASK DesiredAccess,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_Out_ PBOOLEAN GenerateAudit,
|
|
_Out_ PBOOLEAN GenerateAlarm);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeDeleteObjectAuditAlarmWithTransaction(
|
|
_In_ PVOID Object,
|
|
_In_ HANDLE Handle,
|
|
_In_opt_ GUID *TransactionId);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeQueryTokenIntegrity(
|
|
_In_ PACCESS_TOKEN Token,
|
|
_Inout_ PSID_AND_ATTRIBUTES IntegritySA);
|
|
|
|
NTKERNELAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
SeSetSessionIdToken(
|
|
_In_ PACCESS_TOKEN Token,
|
|
_In_ ULONG SessionId);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditHardLinkCreationWithTransaction(
|
|
_In_ PUNICODE_STRING FileName,
|
|
_In_ PUNICODE_STRING LinkName,
|
|
_In_ BOOLEAN bSuccess,
|
|
_In_opt_ GUID *TransactionId);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeAuditTransactionStateChange(
|
|
_In_ GUID *TransactionId,
|
|
_In_ GUID *ResourceManagerId,
|
|
_In_ ULONG NewTransactionState);
|
|
$endif (_NTIFS_)
|
|
$if (_WDMDDK_ || _NTIFS_)
|
|
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
|
|
$endif (_WDMDDK_ || _NTIFS_)
|
|
$if (_NTIFS_)
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeTokenIsWriteRestricted(
|
|
_In_ PACCESS_TOKEN Token);
|
|
#endif
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WIN7)
|
|
|
|
NTKERNELAPI
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAuditingAnyFileEventsWithContext(
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
|
|
_Out_opt_ PBOOLEAN StagingEnabled);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeExamineGlobalSacl(
|
|
_In_ PUNICODE_STRING ObjectType,
|
|
_In_ PACL ResourceSacl,
|
|
_In_ PACCESS_TOKEN Token,
|
|
_In_ ACCESS_MASK DesiredAccess,
|
|
_In_ BOOLEAN AccessGranted,
|
|
_Inout_ PBOOLEAN GenerateAudit,
|
|
_Inout_opt_ PBOOLEAN GenerateAlarm);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeMaximumAuditMaskFromGlobalSacl(
|
|
_In_opt_ PUNICODE_STRING ObjectTypeName,
|
|
_In_ ACCESS_MASK GrantedAccess,
|
|
_In_ PACCESS_TOKEN Token,
|
|
_Inout_ PACCESS_MASK AuditMask);
|
|
|
|
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeReportSecurityEventWithSubCategory(
|
|
_In_ ULONG Flags,
|
|
_In_ PUNICODE_STRING SourceName,
|
|
_In_opt_ PSID UserSid,
|
|
_In_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
|
|
_In_ ULONG AuditSubcategoryId);
|
|
|
|
BOOLEAN
|
|
NTAPI
|
|
SeAccessCheckFromState(
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
_In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
|
|
_In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation,
|
|
_In_ ACCESS_MASK DesiredAccess,
|
|
_In_ ACCESS_MASK PreviouslyGrantedAccess,
|
|
_Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges,
|
|
_In_ PGENERIC_MAPPING GenericMapping,
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
_Out_ PACCESS_MASK GrantedAccess,
|
|
_Out_ PNTSTATUS AccessStatus);
|
|
|
|
NTKERNELAPI
|
|
VOID
|
|
NTAPI
|
|
SeFreePrivileges(
|
|
_In_ PPRIVILEGE_SET Privileges);
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
SeLocateProcessImageName(
|
|
_Inout_ PEPROCESS Process,
|
|
_Outptr_ PUNICODE_STRING *pImageFileName);
|
|
|
|
#define SeLengthSid( Sid ) \
|
|
(8 + (4 * ((SID *)Sid)->SubAuthorityCount))
|
|
|
|
#define SeDeleteClientSecurity(C) { \
|
|
if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
|
|
PsDereferencePrimaryToken( (C)->ClientToken ); \
|
|
} else { \
|
|
PsDereferenceImpersonationToken( (C)->ClientToken ); \
|
|
} \
|
|
}
|
|
|
|
#define SeStopImpersonatingClient() PsRevertToSelf()
|
|
|
|
#define SeQuerySubjectContextToken( SubjectContext ) \
|
|
( ARGUMENT_PRESENT( \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
|
|
) ? \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
|
|
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
|
|
|
|
extern NTKERNELAPI PSE_EXPORTS SeExports;
|
|
$endif (_NTIFS_)
|