projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[DDK]
[reactos.git] / include / ndk / sefuncs.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 sefuncs.h
8
9 Abstract:
10
11 Function definitions for the security manager.
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _SEFUNCS_H
20 #define _SEFUNCS_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26
27 #ifndef NTOS_MODE_USER
28
29 //
30 // Security Descriptors
31 //
32 NTKERNELAPI
33 NTSTATUS
34 NTAPI
35 SeCaptureSecurityDescriptor(
36 IN PSECURITY_DESCRIPTOR OriginalSecurityDescriptor,
37 IN KPROCESSOR_MODE CurrentMode,
38 IN POOL_TYPE PoolType,
39 IN BOOLEAN CaptureIfKernel,
40 OUT PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor
41 );
42
43 NTKERNELAPI
44 NTSTATUS
45 NTAPI
46 SeReleaseSecurityDescriptor(
47 IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
48 IN KPROCESSOR_MODE CurrentMode,
49 IN BOOLEAN CaptureIfKernelMode
50 );
51
52 //
53 // Access States
54 //
55 NTKERNELAPI
56 NTSTATUS
57 NTAPI
58 SeCreateAccessState(
59 PACCESS_STATE AccessState,
60 PAUX_ACCESS_DATA AuxData,
61 ACCESS_MASK Access,
62 PGENERIC_MAPPING GenericMapping
63 );
64
65 NTKERNELAPI
66 VOID
67 NTAPI
68 SeDeleteAccessState(
69 IN PACCESS_STATE AccessState
70 );
71
72 //
73 // Impersonation
74 //
75 NTKERNELAPI
76 SECURITY_IMPERSONATION_LEVEL
77 NTAPI
78 SeTokenImpersonationLevel(
79 IN PACCESS_TOKEN Token
80 );
81
82 #endif
83
84 //
85 // Native Calls
86 //
87 NTSYSCALLAPI
88 NTSTATUS
89 NTAPI
90 NtAccessCheck(
91 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
92 IN HANDLE ClientToken,
93 IN ACCESS_MASK DesiredAccess,
94 IN PGENERIC_MAPPING GenericMapping,
95 OUT PPRIVILEGE_SET PrivilegeSet,
96 OUT PULONG ReturnLength,
97 OUT PACCESS_MASK GrantedAccess,
98 OUT PNTSTATUS AccessStatus
99 );
100
101 NTSTATUS
102 NTAPI
103 NtAccessCheckByType(
104 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
105 IN PSID PrincipalSelfSid,
106 IN HANDLE ClientToken,
107 IN ACCESS_MASK DesiredAccess,
108 IN POBJECT_TYPE_LIST ObjectTypeList,
109 IN ULONG ObjectTypeLength,
110 IN PGENERIC_MAPPING GenericMapping,
111 IN PPRIVILEGE_SET PrivilegeSet,
112 IN ULONG PrivilegeSetLength,
113 OUT PACCESS_MASK GrantedAccess,
114 OUT PNTSTATUS AccessStatus
115 );
116
117 NTSTATUS
118 NTAPI
119 NtAccessCheckByTypeResultList(
120 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
121 IN PSID PrincipalSelfSid,
122 IN HANDLE ClientToken,
123 IN ACCESS_MASK DesiredAccess,
124 IN POBJECT_TYPE_LIST ObjectTypeList,
125 IN ULONG ObjectTypeLength,
126 IN PGENERIC_MAPPING GenericMapping,
127 IN PPRIVILEGE_SET PrivilegeSet,
128 IN ULONG PrivilegeSetLength,
129 OUT PACCESS_MASK GrantedAccess,
130 OUT PNTSTATUS AccessStatus
131 );
132
133 NTSYSCALLAPI
134 NTSTATUS
135 NTAPI
136 NtAccessCheckAndAuditAlarm(
137 IN PUNICODE_STRING SubsystemName,
138 IN PVOID HandleId,
139 IN PUNICODE_STRING ObjectTypeName,
140 IN PUNICODE_STRING ObjectName,
141 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
142 IN ACCESS_MASK DesiredAccess,
143 IN PGENERIC_MAPPING GenericMapping,
144 IN BOOLEAN ObjectCreation,
145 OUT PACCESS_MASK GrantedAccess,
146 OUT PNTSTATUS AccessStatus,
147 OUT PBOOLEAN GenerateOnClose
148 );
149
150 NTSYSCALLAPI
151 NTSTATUS
152 NTAPI
153 NtAdjustGroupsToken(
154 IN HANDLE TokenHandle,
155 IN BOOLEAN ResetToDefault,
156 IN PTOKEN_GROUPS NewState,
157 IN ULONG BufferLength,
158 OUT PTOKEN_GROUPS PreviousState OPTIONAL,
159 OUT PULONG ReturnLength
160 );
161
162 NTSYSCALLAPI
163 NTSTATUS
164 NTAPI
165 NtAdjustPrivilegesToken(
166 IN HANDLE TokenHandle,
167 IN BOOLEAN DisableAllPrivileges,
168 IN PTOKEN_PRIVILEGES NewState,
169 IN ULONG BufferLength,
170 OUT PTOKEN_PRIVILEGES PreviousState,
171 OUT PULONG ReturnLength
172 );
173
174 NTSYSCALLAPI
175 NTSTATUS
176 NTAPI
177 NtAllocateLocallyUniqueId(
178 OUT LUID *LocallyUniqueId
179 );
180
181 NTSYSCALLAPI
182 NTSTATUS
183 NTAPI
184 NtAllocateUuids(
185 PULARGE_INTEGER Time,
186 PULONG Range,
187 PULONG Sequence,
188 PUCHAR Seed
189 );
190
191 NTSYSCALLAPI
192 NTSTATUS
193 NTAPI
194 NtCompareTokens(
195 IN HANDLE FirstTokenHandle,
196 IN HANDLE SecondTokenHandle,
197 OUT PBOOLEAN Equal);
198
199 NTSYSCALLAPI
200 NTSTATUS
201 NTAPI
202 NtCreateToken(
203 OUT PHANDLE TokenHandle,
204 IN ACCESS_MASK DesiredAccess,
205 IN POBJECT_ATTRIBUTES ObjectAttributes,
206 IN TOKEN_TYPE TokenType,
207 IN PLUID AuthenticationId,
208 IN PLARGE_INTEGER ExpirationTime,
209 IN PTOKEN_USER TokenUser,
210 IN PTOKEN_GROUPS TokenGroups,
211 IN PTOKEN_PRIVILEGES TokenPrivileges,
212 IN PTOKEN_OWNER TokenOwner,
213 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
214 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
215 IN PTOKEN_SOURCE TokenSource
216 );
217
218 NTSYSCALLAPI
219 NTSTATUS
220 NTAPI
221 NtDuplicateToken(
222 IN HANDLE ExistingTokenHandle,
223 IN ACCESS_MASK DesiredAccess,
224 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
225 IN BOOLEAN EffectiveOnly,
226 IN TOKEN_TYPE TokenType,
227 OUT PHANDLE NewTokenHandle
228 );
229
230 NTSYSCALLAPI
231 NTSTATUS
232 NTAPI
233 NtImpersonateAnonymousToken(
234 IN HANDLE Thread
235 );
236
237 NTSYSCALLAPI
238 NTSTATUS
239 NTAPI
240 NtOpenObjectAuditAlarm(
241 IN PUNICODE_STRING SubsystemName,
242 IN PVOID HandleId,
243 IN PUNICODE_STRING ObjectTypeName,
244 IN PUNICODE_STRING ObjectName,
245 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
246 IN HANDLE ClientToken,
247 IN ULONG DesiredAccess,
248 IN ULONG GrantedAccess,
249 IN PPRIVILEGE_SET Privileges,
250 IN BOOLEAN ObjectCreation,
251 IN BOOLEAN AccessGranted,
252 OUT PBOOLEAN GenerateOnClose
253 );
254
255 NTSYSCALLAPI
256 NTSTATUS
257 NTAPI
258 NtOpenProcessToken(
259 IN HANDLE ProcessHandle,
260 IN ACCESS_MASK DesiredAccess,
261 OUT PHANDLE TokenHandle
262 );
263
264 NTSYSCALLAPI
265 NTSTATUS
266 NTAPI
267 NtOpenProcessTokenEx(
268 IN HANDLE ProcessHandle,
269 IN ACCESS_MASK DesiredAccess,
270 IN ULONG HandleAttributes,
271 OUT PHANDLE TokenHandle
272 );
273
274 NTSYSCALLAPI
275 NTSTATUS
276 NTAPI
277 NtPrivilegeCheck(
278 IN HANDLE ClientToken,
279 IN PPRIVILEGE_SET RequiredPrivileges,
280 IN PBOOLEAN Result
281 );
282
283 NTSYSCALLAPI
284 NTSTATUS
285 NTAPI
286 NtPrivilegedServiceAuditAlarm(
287 IN PUNICODE_STRING SubsystemName,
288 IN PUNICODE_STRING ServiceName,
289 IN HANDLE ClientToken,
290 IN PPRIVILEGE_SET Privileges,
291 IN BOOLEAN AccessGranted
292 );
293
294 NTSYSCALLAPI
295 NTSTATUS
296 NTAPI
297 NtPrivilegeObjectAuditAlarm(
298 IN PUNICODE_STRING SubsystemName,
299 IN PVOID HandleId,
300 IN HANDLE ClientToken,
301 IN ULONG DesiredAccess,
302 IN PPRIVILEGE_SET Privileges,
303 IN BOOLEAN AccessGranted
304 );
305
306 NTSYSCALLAPI
307 NTSTATUS
308 NTAPI
309 NtQueryInformationToken(
310 IN HANDLE TokenHandle,
311 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
312 OUT PVOID TokenInformation,
313 IN ULONG TokenInformationLength,
314 OUT PULONG ReturnLength
315 );
316
317 NTSYSCALLAPI
318 NTSTATUS
319 NTAPI
320 NtSetInformationToken(
321 IN HANDLE TokenHandle,
322 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
323 OUT PVOID TokenInformation,
324 IN ULONG TokenInformationLength
325 );
326
327 NTSYSAPI
328 NTSTATUS
329 NTAPI
330 ZwAccessCheck(
331 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
332 IN HANDLE ClientToken,
333 IN ACCESS_MASK DesiredAccess,
334 IN PGENERIC_MAPPING GenericMapping,
335 OUT PPRIVILEGE_SET PrivilegeSet,
336 OUT PULONG ReturnLength,
337 OUT PACCESS_MASK GrantedAccess,
338 OUT PNTSTATUS AccessStatus
339 );
340
341 NTSYSAPI
342 NTSTATUS
343 NTAPI
344 ZwAdjustGroupsToken(
345 IN HANDLE TokenHandle,
346 IN BOOLEAN ResetToDefault,
347 IN PTOKEN_GROUPS NewState,
348 IN ULONG BufferLength,
349 OUT PTOKEN_GROUPS PreviousState OPTIONAL,
350 OUT PULONG ReturnLength
351 );
352
353 NTSYSAPI
354 NTSTATUS
355 NTAPI
356 ZwAdjustPrivilegesToken(
357 IN HANDLE TokenHandle,
358 IN BOOLEAN DisableAllPrivileges,
359 IN PTOKEN_PRIVILEGES NewState,
360 IN ULONG BufferLength,
361 OUT PTOKEN_PRIVILEGES PreviousState,
362 OUT PULONG ReturnLength
363 );
364
365 NTSYSAPI
366 NTSTATUS
367 NTAPI
368 ZwAllocateLocallyUniqueId(
369 OUT LUID *LocallyUniqueId
370 );
371
372 NTSYSAPI
373 NTSTATUS
374 NTAPI
375 ZwAllocateUuids(
376 PULARGE_INTEGER Time,
377 PULONG Range,
378 PULONG Sequence,
379 PUCHAR Seed
380 );
381
382 NTSYSAPI
383 NTSTATUS
384 NTAPI
385 ZwCreateToken(
386 OUT PHANDLE TokenHandle,
387 IN ACCESS_MASK DesiredAccess,
388 IN POBJECT_ATTRIBUTES ObjectAttributes,
389 IN TOKEN_TYPE TokenType,
390 IN PLUID AuthenticationId,
391 IN PLARGE_INTEGER ExpirationTime,
392 IN PTOKEN_USER TokenUser,
393 IN PTOKEN_GROUPS TokenGroups,
394 IN PTOKEN_PRIVILEGES TokenPrivileges,
395 IN PTOKEN_OWNER TokenOwner,
396 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
397 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
398 IN PTOKEN_SOURCE TokenSource
399 );
400
401 NTSYSAPI
402 NTSTATUS
403 NTAPI
404 ZwDuplicateToken(
405 IN HANDLE ExistingTokenHandle,
406 IN ACCESS_MASK DesiredAccess,
407 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
408 IN BOOLEAN EffectiveOnly,
409 IN TOKEN_TYPE TokenType,
410 OUT PHANDLE NewTokenHandle
411 );
412
413 NTSYSAPI
414 NTSTATUS
415 NTAPI
416 ZwImpersonateAnonymousToken(
417 IN HANDLE Thread
418 );
419
420 NTSYSAPI
421 NTSTATUS
422 NTAPI
423 ZwOpenObjectAuditAlarm(
424 IN PUNICODE_STRING SubsystemName,
425 IN PVOID HandleId,
426 IN PUNICODE_STRING ObjectTypeName,
427 IN PUNICODE_STRING ObjectName,
428 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
429 IN HANDLE ClientToken,
430 IN ULONG DesiredAccess,
431 IN ULONG GrantedAccess,
432 IN PPRIVILEGE_SET Privileges,
433 IN BOOLEAN ObjectCreation,
434 IN BOOLEAN AccessGranted,
435 OUT PBOOLEAN GenerateOnClose
436 );
437
438 NTSYSAPI
439 NTSTATUS
440 NTAPI
441 ZwOpenProcessToken(
442 IN HANDLE ProcessHandle,
443 IN ACCESS_MASK DesiredAccess,
444 OUT PHANDLE TokenHandle
445 );
446
447 NTSYSAPI
448 NTSTATUS
449 NTAPI
450 ZwOpenProcessTokenEx(
451 IN HANDLE ProcessHandle,
452 IN ACCESS_MASK DesiredAccess,
453 IN ULONG HandleAttributes,
454 OUT PHANDLE TokenHandle
455 );
456
457 NTSYSAPI
458 NTSTATUS
459 NTAPI
460 ZwPrivilegeCheck(
461 IN HANDLE ClientToken,
462 IN PPRIVILEGE_SET RequiredPrivileges,
463 IN PBOOLEAN Result
464 );
465
466 NTSYSAPI
467 NTSTATUS
468 NTAPI
469 ZwPrivilegedServiceAuditAlarm(
470 IN PUNICODE_STRING SubsystemName,
471 IN PUNICODE_STRING ServiceName,
472 IN HANDLE ClientToken,
473 IN PPRIVILEGE_SET Privileges,
474 IN BOOLEAN AccessGranted
475 );
476
477 NTSYSAPI
478 NTSTATUS
479 NTAPI
480 ZwPrivilegeObjectAuditAlarm(
481 IN PUNICODE_STRING SubsystemName,
482 IN PVOID HandleId,
483 IN HANDLE ClientToken,
484 IN ULONG DesiredAccess,
485 IN PPRIVILEGE_SET Privileges,
486 IN BOOLEAN AccessGranted
487 );
488
489 NTSYSAPI
490 NTSTATUS
491 NTAPI
492 ZwQueryInformationToken(
493 IN HANDLE TokenHandle,
494 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
495 OUT PVOID TokenInformation,
496 IN ULONG TokenInformationLength,
497 OUT PULONG ReturnLength
498 );
499
500 NTSYSAPI
501 NTSTATUS
502 NTAPI
503 ZwSetInformationToken(
504 IN HANDLE TokenHandle,
505 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
506 OUT PVOID TokenInformation,
507 IN ULONG TokenInformationLength
508 );
509 #endif
A free Windows-compatible Operating System