Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-01 18:24:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
reactos/sdk/include/ndk/setypes.h
George Bișoc 11d9c88c35
[NTOS:SE] Add token debug code 
Implement initial token debug code. For now debug information that is being tracked are: process image file name, process and thread client IDs and token creation method. More specific debug code can be added later only if needed.

As for the token creation method, this follows the same principle as on Windows where the creation method is defined by a value denoting the first letter of the said method of creation. That is, 0xC is for token creation, 0xD is for token duplication and 0xF is for token filtering. The debug field names are taken from Windows PDB symbols for WinDBG debug extension support purposes. The names must not be changed!
2022-04-19 11:04:59 +02:00

271 lines
8.8 KiB
C
Raw Blame History

/*++ NDK Version: 0098
Copyright (c) Alex Ionescu. All rights reserved.
Header Name:
setypes.h
Abstract:
Type definitions for the security manager.
Author:
Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
--*/
#ifndef _SETYPES_H
#define _SETYPES_H
//
// Dependencies
//
#include <umtypes.h>
//
// Well Known SIDs
//
#define SECURITY_INTERNETSITE_AUTHORITY {0,0,0,0,0,7}
#ifdef NTOS_MODE_USER
//
// Privilege constants
//
#define SE_MIN_WELL_KNOWN_PRIVILEGE (2L)
#define SE_CREATE_TOKEN_PRIVILEGE (2L)
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
#define SE_LOCK_MEMORY_PRIVILEGE (4L)
#define SE_INCREASE_QUOTA_PRIVILEGE (5L)
#define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
#define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
#define SE_TCB_PRIVILEGE (7L)
#define SE_SECURITY_PRIVILEGE (8L)
#define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
#define SE_LOAD_DRIVER_PRIVILEGE (10L)
#define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
#define SE_SYSTEMTIME_PRIVILEGE (12L)
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
#define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
#define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
#define SE_CREATE_PERMANENT_PRIVILEGE (16L)
#define SE_BACKUP_PRIVILEGE (17L)
#define SE_RESTORE_PRIVILEGE (18L)
#define SE_SHUTDOWN_PRIVILEGE (19L)
#define SE_DEBUG_PRIVILEGE (20L)
#define SE_AUDIT_PRIVILEGE (21L)
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
#define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
#define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
#define SE_UNDOCK_PRIVILEGE (25L)
#define SE_SYNC_AGENT_PRIVILEGE (26L)
#define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
#define SE_MANAGE_VOLUME_PRIVILEGE (28L)
#define SE_IMPERSONATE_PRIVILEGE (29L)
#define SE_CREATE_GLOBAL_PRIVILEGE (30L)
#define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
typedef struct _TOKEN_MANDATORY_POLICY {
ULONG Policy;
} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
typedef struct _TOKEN_ACCESS_INFORMATION
{
struct _SID_AND_ATTRIBUTES_HASH *SidHash;
struct _SID_AND_ATTRIBUTES_HASH *RestrictedSidHash;
struct _TOKEN_PRIVILEGES *Privileges;
LUID AuthenticationId;
TOKEN_TYPE TokenType;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
TOKEN_MANDATORY_POLICY MandatoryPolicy;
ULONG Flags;
} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
#else
//
// User and Group-related SID Attributes
//
#define SE_GROUP_MANDATORY 0x00000001
#define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002
#define SE_GROUP_ENABLED 0x00000004
#define SE_GROUP_OWNER 0x00000008
#define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010
#define SE_GROUP_INTEGRITY 0x00000020
#define SE_GROUP_INTEGRITY_ENABLED 0x00000040
#define SE_GROUP_RESOURCE 0x20000000
#define SE_GROUP_LOGON_ID 0xC0000000
#define SE_GROUP_VALID_ATTRIBUTES \
(SE_GROUP_MANDATORY | \
SE_GROUP_ENABLED_BY_DEFAULT | \
SE_GROUP_ENABLED | \
SE_GROUP_OWNER | \
SE_GROUP_USE_FOR_DENY_ONLY | \
SE_GROUP_LOGON_ID | \
SE_GROUP_RESOURCE | \
SE_GROUP_INTEGRITY | \
SE_GROUP_INTEGRITY_ENABLED)
//
// Privilege token filtering flags
//
#define DISABLE_MAX_PRIVILEGE 0x1
#define SANDBOX_INERT 0x2
#if (NTDDI_VERSION >= NTDDI_LONGHORN)
#define LUA_TOKEN 0x4
#define WRITE_RESTRICTED 0x8
#endif
//
// Proxy Class enumeration
//
typedef enum _PROXY_CLASS
{
ProxyFull = 0,
ProxyService,
ProxyTree,
ProxyDirectory
} PROXY_CLASS;
//
// Audit and Policy Structures
//
typedef struct _SEP_AUDIT_POLICY_CATEGORIES
{
UCHAR System:4;
UCHAR Logon:4;
UCHAR ObjectAccess:4;
UCHAR PrivilegeUse:4;
UCHAR DetailedTracking:4;
UCHAR PolicyChange:4;
UCHAR AccountManagement:4;
UCHAR DirectoryServiceAccess:4;
UCHAR AccountLogon:4;
} SEP_AUDIT_POLICY_CATEGORIES, *PSEP_AUDIT_POLICY_CATEGORIES;
typedef struct _SEP_AUDIT_POLICY_OVERLAY
{
ULONGLONG PolicyBits:36;
ULONGLONG SetBit:1;
} SEP_AUDIT_POLICY_OVERLAY, *PSEP_AUDIT_POLICY_OVERLAY;
typedef struct _SEP_AUDIT_POLICY
{
union
{
SEP_AUDIT_POLICY_CATEGORIES PolicyElements;
SEP_AUDIT_POLICY_OVERLAY PolicyOverlay;
ULONGLONG Overlay;
};
} SEP_AUDIT_POLICY, *PSEP_AUDIT_POLICY;
//
// Security Logon Session References
//
typedef struct _SEP_LOGON_SESSION_REFERENCES
{
struct _SEP_LOGON_SESSION_REFERENCES *Next;
LUID LogonId;
ULONG ReferenceCount;
ULONG Flags;
PDEVICE_MAP pDeviceMap;
LIST_ENTRY TokenList;
} SEP_LOGON_SESSION_REFERENCES, *PSEP_LOGON_SESSION_REFERENCES;
typedef struct _SE_AUDIT_PROCESS_CREATION_INFO
{
POBJECT_NAME_INFORMATION ImageFileName;
} SE_AUDIT_PROCESS_CREATION_INFO, *PSE_AUDIT_PROCESS_CREATION_INFO;
//
// Token Audit Data
//
typedef struct _SECURITY_TOKEN_AUDIT_DATA
{
ULONG Length;
ULONG GrantMask;
ULONG DenyMask;
} SECURITY_TOKEN_AUDIT_DATA, *PSECURITY_TOKEN_AUDIT_DATA;
//
// Token Proxy Data
//
typedef struct _SECURITY_TOKEN_PROXY_DATA
{
ULONG Length;
PROXY_CLASS ProxyClass;
UNICODE_STRING PathInfo;
ULONG ContainerMask;
ULONG ObjectMask;
} SECURITY_TOKEN_PROXY_DATA, *PSECURITY_TOKEN_PROXY_DATA;
//
// Token and auxiliary data
//
// ===================!!!IMPORTANT NOTE!!!=====================
// ImageFileName, ProcessCid, ThreadCid and CreateMethod field
// names are taken from Windows Server 2003 SP2 checked build
// WinDBG debug extensions command purposes (such as !logonsession
// command respectively). As such names are hardcoded, we have
// to be compatible with them. THESE FIELD NAMES MUST NOT BE
// CHANGED!!!
// ============================================================
typedef struct _TOKEN
{
TOKEN_SOURCE TokenSource; /* 0x00 */
LUID TokenId; /* 0x10 */
LUID AuthenticationId; /* 0x18 */
LUID ParentTokenId; /* 0x20 */
LARGE_INTEGER ExpirationTime; /* 0x28 */
PERESOURCE TokenLock; /* 0x30 */
SEP_AUDIT_POLICY AuditPolicy; /* 0x38 */
LUID ModifiedId; /* 0x40 */
ULONG SessionId; /* 0x48 */
ULONG UserAndGroupCount; /* 0x4C */
ULONG RestrictedSidCount; /* 0x50 */
ULONG PrivilegeCount; /* 0x54 */
ULONG VariableLength; /* 0x58 */
ULONG DynamicCharged; /* 0x5C */
ULONG DynamicAvailable; /* 0x60 */
ULONG DefaultOwnerIndex; /* 0x64 */
PSID_AND_ATTRIBUTES UserAndGroups; /* 0x68 */
PSID_AND_ATTRIBUTES RestrictedSids; /* 0x6C */
PSID PrimaryGroup; /* 0x70 */
PLUID_AND_ATTRIBUTES Privileges; /* 0x74 */
PULONG DynamicPart; /* 0x78 */
PACL DefaultDacl; /* 0x7C */
TOKEN_TYPE TokenType; /* 0x80 */
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* 0x84 */
ULONG TokenFlags; /* 0x88 */
BOOLEAN TokenInUse; /* 0x8C */
PSECURITY_TOKEN_PROXY_DATA ProxyData; /* 0x90 */
PSECURITY_TOKEN_AUDIT_DATA AuditData; /* 0x94 */
PSEP_LOGON_SESSION_REFERENCES LogonSession; /* 0x98 */
LUID OriginatingLogonSession; /* 0x9C */
#if DBG
UCHAR ImageFileName[16]; /* 0xA4 */
HANDLE ProcessCid; /* 0xB4 */
HANDLE ThreadCid; /* 0xB8 */
ULONG CreateMethod; /* 0xBC */
#endif
ULONG VariablePart; /* 0xC0 */
} TOKEN, *PTOKEN;
typedef struct _AUX_ACCESS_DATA
{
PPRIVILEGE_SET PrivilegeSet;
GENERIC_MAPPING GenericMapping;
ULONG Reserved;
} AUX_ACCESS_DATA, *PAUX_ACCESS_DATA;
//
// External SRM Data
//
extern PACL NTSYSAPI SePublicDefaultDacl;
extern PACL NTSYSAPI SeSystemDefaultDacl;
#endif
#endif
Reference in a new issue View git blame Copy permalink