2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Internal header for the Security Manager
5 * COPYRIGHT: Copyright Eric Kohl
6 * Copyright 2022-2023 George Bișoc <george.bisoc@reactos.org>
12 // Internal ACE type structures
14 typedef struct _KNOWN_ACE
19 } KNOWN_ACE
, *PKNOWN_ACE
;
21 typedef struct _KNOWN_OBJECT_ACE
27 } KNOWN_OBJECT_ACE
, *PKNOWN_OBJECT_ACE
;
29 typedef struct _KNOWN_COMPOUND_ACE
33 USHORT CompoundAceType
;
36 } KNOWN_COMPOUND_ACE
, *PKNOWN_COMPOUND_ACE
;
39 // Access Check Rights
41 typedef struct _ACCESS_CHECK_RIGHTS
43 ACCESS_MASK RemainingAccessRights
;
44 ACCESS_MASK GrantedAccessRights
;
45 ACCESS_MASK DeniedAccessRights
;
46 } ACCESS_CHECK_RIGHTS
, *PACCESS_CHECK_RIGHTS
;
49 // Internal object type list structure
51 typedef struct _OBJECT_TYPE_LIST_INTERNAL
55 ACCESS_CHECK_RIGHTS ObjectAccessRights
;
56 } OBJECT_TYPE_LIST_INTERNAL
, *POBJECT_TYPE_LIST_INTERNAL
;
58 typedef enum _ACCESS_CHECK_RIGHT_TYPE
62 } ACCESS_CHECK_RIGHT_TYPE
;
65 // Token Audit Policy Information structure
67 typedef struct _TOKEN_AUDIT_POLICY_INFORMATION
75 } TOKEN_AUDIT_POLICY_INFORMATION
, *PTOKEN_AUDIT_POLICY_INFORMATION
;
78 // Token creation method defines (for debugging purposes)
80 #define TOKEN_CREATE_METHOD 0xCUL
81 #define TOKEN_DUPLICATE_METHOD 0xDUL
82 #define TOKEN_FILTER_METHOD 0xFUL
85 // Security descriptor internal helpers
89 SepGetGroupFromDescriptor(
90 _Inout_ PSECURITY_DESCRIPTOR _Descriptor
)
92 PISECURITY_DESCRIPTOR Descriptor
= (PISECURITY_DESCRIPTOR
)_Descriptor
;
93 PISECURITY_DESCRIPTOR_RELATIVE SdRel
;
95 if (Descriptor
->Control
& SE_SELF_RELATIVE
)
97 SdRel
= (PISECURITY_DESCRIPTOR_RELATIVE
)Descriptor
;
98 if (!SdRel
->Group
) return NULL
;
99 return (PSID
)((ULONG_PTR
)Descriptor
+ SdRel
->Group
);
103 return Descriptor
->Group
;
109 SepGetOwnerFromDescriptor(
110 _Inout_ PSECURITY_DESCRIPTOR _Descriptor
)
112 PISECURITY_DESCRIPTOR Descriptor
= (PISECURITY_DESCRIPTOR
)_Descriptor
;
113 PISECURITY_DESCRIPTOR_RELATIVE SdRel
;
115 if (Descriptor
->Control
& SE_SELF_RELATIVE
)
117 SdRel
= (PISECURITY_DESCRIPTOR_RELATIVE
)Descriptor
;
118 if (!SdRel
->Owner
) return NULL
;
119 return (PSID
)((ULONG_PTR
)Descriptor
+ SdRel
->Owner
);
123 return Descriptor
->Owner
;
129 SepGetDaclFromDescriptor(
130 _Inout_ PSECURITY_DESCRIPTOR _Descriptor
)
132 PISECURITY_DESCRIPTOR Descriptor
= (PISECURITY_DESCRIPTOR
)_Descriptor
;
133 PISECURITY_DESCRIPTOR_RELATIVE SdRel
;
135 if (!(Descriptor
->Control
& SE_DACL_PRESENT
)) return NULL
;
137 if (Descriptor
->Control
& SE_SELF_RELATIVE
)
139 SdRel
= (PISECURITY_DESCRIPTOR_RELATIVE
)Descriptor
;
140 if (!SdRel
->Dacl
) return NULL
;
141 return (PACL
)((ULONG_PTR
)Descriptor
+ SdRel
->Dacl
);
145 return Descriptor
->Dacl
;
151 SepGetSaclFromDescriptor(
152 _Inout_ PSECURITY_DESCRIPTOR _Descriptor
)
154 PISECURITY_DESCRIPTOR Descriptor
= (PISECURITY_DESCRIPTOR
)_Descriptor
;
155 PISECURITY_DESCRIPTOR_RELATIVE SdRel
;
157 if (!(Descriptor
->Control
& SE_SACL_PRESENT
)) return NULL
;
159 if (Descriptor
->Control
& SE_SELF_RELATIVE
)
161 SdRel
= (PISECURITY_DESCRIPTOR_RELATIVE
)Descriptor
;
162 if (!SdRel
->Sacl
) return NULL
;
163 return (PACL
)((ULONG_PTR
)Descriptor
+ SdRel
->Sacl
);
167 return Descriptor
->Sacl
;
176 extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
;
177 extern SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
;
178 extern SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
;
179 extern SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
;
180 extern SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
;
185 extern PSID SeNullSid
;
186 extern PSID SeWorldSid
;
187 extern PSID SeLocalSid
;
188 extern PSID SeCreatorOwnerSid
;
189 extern PSID SeCreatorGroupSid
;
190 extern PSID SeCreatorOwnerServerSid
;
191 extern PSID SeCreatorGroupServerSid
;
192 extern PSID SeNtAuthoritySid
;
193 extern PSID SeDialupSid
;
194 extern PSID SeNetworkSid
;
195 extern PSID SeBatchSid
;
196 extern PSID SeInteractiveSid
;
197 extern PSID SeServiceSid
;
198 extern PSID SeAnonymousLogonSid
;
199 extern PSID SePrincipalSelfSid
;
200 extern PSID SeLocalSystemSid
;
201 extern PSID SeAuthenticatedUserSid
;
202 extern PSID SeRestrictedCodeSid
;
203 extern PSID SeAliasAdminsSid
;
204 extern PSID SeAliasUsersSid
;
205 extern PSID SeAliasGuestsSid
;
206 extern PSID SeAliasPowerUsersSid
;
207 extern PSID SeAliasAccountOpsSid
;
208 extern PSID SeAliasSystemOpsSid
;
209 extern PSID SeAliasPrintOpsSid
;
210 extern PSID SeAliasBackupOpsSid
;
211 extern PSID SeAuthenticatedUsersSid
;
212 extern PSID SeRestrictedSid
;
213 extern PSID SeAnonymousLogonSid
;
214 extern PSID SeLocalServiceSid
;
215 extern PSID SeNetworkServiceSid
;
220 extern const LUID SeCreateTokenPrivilege
;
221 extern const LUID SeAssignPrimaryTokenPrivilege
;
222 extern const LUID SeLockMemoryPrivilege
;
223 extern const LUID SeIncreaseQuotaPrivilege
;
224 extern const LUID SeUnsolicitedInputPrivilege
;
225 extern const LUID SeTcbPrivilege
;
226 extern const LUID SeSecurityPrivilege
;
227 extern const LUID SeTakeOwnershipPrivilege
;
228 extern const LUID SeLoadDriverPrivilege
;
229 extern const LUID SeSystemProfilePrivilege
;
230 extern const LUID SeSystemtimePrivilege
;
231 extern const LUID SeProfileSingleProcessPrivilege
;
232 extern const LUID SeIncreaseBasePriorityPrivilege
;
233 extern const LUID SeCreatePagefilePrivilege
;
234 extern const LUID SeCreatePermanentPrivilege
;
235 extern const LUID SeBackupPrivilege
;
236 extern const LUID SeRestorePrivilege
;
237 extern const LUID SeShutdownPrivilege
;
238 extern const LUID SeDebugPrivilege
;
239 extern const LUID SeAuditPrivilege
;
240 extern const LUID SeSystemEnvironmentPrivilege
;
241 extern const LUID SeChangeNotifyPrivilege
;
242 extern const LUID SeRemoteShutdownPrivilege
;
243 extern const LUID SeUndockPrivilege
;
244 extern const LUID SeSyncAgentPrivilege
;
245 extern const LUID SeEnableDelegationPrivilege
;
246 extern const LUID SeManageVolumePrivilege
;
247 extern const LUID SeImpersonatePrivilege
;
248 extern const LUID SeCreateGlobalPrivilege
;
249 extern const LUID SeTrustedCredmanPrivilege
;
250 extern const LUID SeRelabelPrivilege
;
251 extern const LUID SeIncreaseWorkingSetPrivilege
;
252 extern const LUID SeTimeZonePrivilege
;
253 extern const LUID SeCreateSymbolicLinkPrivilege
;
258 extern PACL SePublicDefaultUnrestrictedDacl
;
259 extern PACL SePublicOpenDacl
;
260 extern PACL SePublicOpenUnrestrictedDacl
;
261 extern PACL SeUnrestrictedDacl
;
262 extern PACL SeSystemAnonymousLogonDacl
;
267 extern PSECURITY_DESCRIPTOR SePublicDefaultSd
;
268 extern PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
;
269 extern PSECURITY_DESCRIPTOR SePublicOpenSd
;
270 extern PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
;
271 extern PSECURITY_DESCRIPTOR SeSystemDefaultSd
;
272 extern PSECURITY_DESCRIPTOR SeUnrestrictedSd
;
273 extern PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
;
276 // Anonymous Logon Tokens
278 extern PTOKEN SeAnonymousLogonToken
;
279 extern PTOKEN SeAnonymousLogonTokenNoEveryone
;
283 // Token lock management macros
285 #define SepAcquireTokenLockExclusive(Token) \
287 KeEnterCriticalRegion(); \
288 ExAcquireResourceExclusiveLite(((PTOKEN)Token)->TokenLock, TRUE); \
290 #define SepAcquireTokenLockShared(Token) \
292 KeEnterCriticalRegion(); \
293 ExAcquireResourceSharedLite(((PTOKEN)Token)->TokenLock, TRUE); \
296 #define SepReleaseTokenLock(Token) \
298 ExReleaseResourceLite(((PTOKEN)Token)->TokenLock); \
299 KeLeaveCriticalRegion(); \
304 // Security Debug Utility Functions
308 _In_opt_ PISECURITY_DESCRIPTOR SecurityDescriptor
);
311 SepDumpTokenDebugInfo(
312 _In_opt_ PTOKEN Token
);
315 SepDumpAccessRightsStats(
316 _In_ PACCESS_CHECK_RIGHTS AccessRights
);
319 SepDumpAccessAndStatusList(
320 _In_ PACCESS_MASK GrantedAccessList
,
321 _In_ PNTSTATUS AccessStatusList
,
322 _In_ BOOLEAN IsResultList
,
323 _In_ POBJECT_TYPE_LIST_INTERNAL ObjectTypeList
,
324 _In_ ULONG ObjectTypeListLength
);
333 SepInitializeTokenImplementation(VOID
);
338 SepCreateSystemProcessToken(VOID
);
342 SepCreateSystemAnonymousLogonToken(VOID
);
346 SepCreateSystemAnonymousLogonTokenNoEveryone(VOID
);
352 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
353 _In_ BOOLEAN EffectiveOnly
,
354 _In_ TOKEN_TYPE TokenType
,
355 _In_ SECURITY_IMPERSONATION_LEVEL Level
,
356 _In_ KPROCESSOR_MODE PreviousMode
,
357 _Out_ PTOKEN
* NewAccessToken
);
362 _Out_ PHANDLE TokenHandle
,
363 _In_ KPROCESSOR_MODE PreviousMode
,
364 _In_ ACCESS_MASK DesiredAccess
,
365 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
366 _In_ TOKEN_TYPE TokenType
,
367 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
,
368 _In_ PLUID AuthenticationId
,
369 _In_ PLARGE_INTEGER ExpirationTime
,
370 _In_ PSID_AND_ATTRIBUTES User
,
371 _In_ ULONG GroupCount
,
372 _In_ PSID_AND_ATTRIBUTES Groups
,
373 _In_ ULONG GroupsLength
,
374 _In_ ULONG PrivilegeCount
,
375 _In_ PLUID_AND_ATTRIBUTES Privileges
,
377 _In_ PSID PrimaryGroup
,
378 _In_opt_ PACL DefaultDacl
,
379 _In_ PTOKEN_SOURCE TokenSource
,
380 _In_ BOOLEAN SystemToken
);
385 _In_ PACCESS_TOKEN _Token
,
386 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
387 _In_ BOOLEAN TokenLocked
);
391 _Inout_ PTOKEN Token
);
395 _Inout_ PTOKEN Token
);
398 SepUpdatePrivilegeFlagsToken(
399 _Inout_ PTOKEN Token
);
402 SepFindPrimaryGroupAndDefaultOwner(
404 _In_ PSID PrimaryGroup
,
405 _In_opt_ PSID DefaultOwner
,
406 _Out_opt_ PULONG PrimaryGroupIndex
,
407 _Out_opt_ PULONG DefaultOwnerIndex
);
410 SepUpdateSinglePrivilegeFlagToken(
411 _Inout_ PTOKEN Token
,
415 SepUpdatePrivilegeFlagsToken(
416 _Inout_ PTOKEN Token
);
419 SepRemovePrivilegeToken(
420 _Inout_ PTOKEN Token
,
424 SepRemoveUserGroupToken(
425 _Inout_ PTOKEN Token
,
429 SepComputeAvailableDynamicSpace(
430 _In_ ULONG DynamicCharged
,
431 _In_ PSID PrimaryGroup
,
432 _In_opt_ PACL DefaultDacl
);
435 SepRebuildDynamicPartOfToken(
437 _In_ ULONG NewDynamicPartSize
);
441 SeTokenCanImpersonate(
442 _In_ PTOKEN ProcessToken
,
443 _In_ PTOKEN TokenToImpersonate
,
444 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
448 SeGetTokenControlInformation(
449 _In_ PACCESS_TOKEN _Token
,
450 _Out_ PTOKEN_CONTROL TokenControl
);
454 SeDeassignPrimaryToken(
455 _Inout_ PEPROCESS Process
);
463 _In_ ULONG SessionId
);
469 _Out_ PBOOLEAN IsChild
);
475 _Out_ PBOOLEAN IsSibling
);
479 SeExchangePrimaryToken(
480 _In_ PEPROCESS Process
,
481 _In_ PACCESS_TOKEN NewAccessToken
,
482 _Out_ PACCESS_TOKEN
* OldAccessToken
);
487 _In_ PACCESS_TOKEN Token
,
488 _In_ SECURITY_IMPERSONATION_LEVEL Level
,
489 _In_ KPROCESSOR_MODE PreviousMode
,
490 _Out_ PACCESS_TOKEN
* NewToken
);
498 RtlLengthSidAndAttributes(
500 _In_ PSID_AND_ATTRIBUTES Src
);
503 // Security Manager (SeMgr) functions
512 SeDefaultObjectMethod(
514 _In_ SECURITY_OPERATION_CODE OperationType
,
515 _In_ PSECURITY_INFORMATION SecurityInformation
,
516 _Inout_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
517 _Inout_opt_ PULONG ReturnLength
,
518 _Inout_opt_ PSECURITY_DESCRIPTOR
*OldSecurityDescriptor
,
519 _In_ POOL_TYPE PoolType
,
520 _In_ PGENERIC_MAPPING GenericMapping
);
524 SeQuerySecurityAccessMask(
525 _In_ SECURITY_INFORMATION SecurityInformation
,
526 _Out_ PACCESS_MASK DesiredAccess
);
530 SeSetSecurityAccessMask(
531 _In_ SECURITY_INFORMATION SecurityInformation
,
532 _Out_ PACCESS_MASK DesiredAccess
);
535 // Privilege functions
540 SepInitPrivileges(VOID
);
546 _In_ PLUID_AND_ATTRIBUTES Privileges
,
547 _In_ ULONG PrivilegeCount
,
548 _In_ ULONG PrivilegeControl
,
549 _In_ KPROCESSOR_MODE PreviousMode
);
553 SePrivilegePolicyCheck(
554 _Inout_ PACCESS_MASK DesiredAccess
,
555 _Inout_ PACCESS_MASK GrantedAccess
,
556 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
558 _Out_opt_ PPRIVILEGE_SET
*OutPrivilegeSet
,
559 _In_ KPROCESSOR_MODE PreviousMode
);
563 SeCheckAuditPrivilege(
564 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
565 _In_ KPROCESSOR_MODE PreviousMode
);
569 SeCheckPrivilegedObject(
570 _In_ LUID PrivilegeValue
,
571 _In_ HANDLE ObjectHandle
,
572 _In_ ACCESS_MASK DesiredAccess
,
573 _In_ KPROCESSOR_MODE PreviousMode
);
577 SeCaptureLuidAndAttributesArray(
578 _In_ PLUID_AND_ATTRIBUTES Src
,
579 _In_ ULONG PrivilegeCount
,
580 _In_ KPROCESSOR_MODE PreviousMode
,
581 _In_ PLUID_AND_ATTRIBUTES AllocatedMem
,
582 _In_ ULONG AllocatedLength
,
583 _In_ POOL_TYPE PoolType
,
584 _In_ BOOLEAN CaptureIfKernel
,
585 _Out_ PLUID_AND_ATTRIBUTES
* Dest
,
586 _Inout_ PULONG Length
);
590 SeReleaseLuidAndAttributesArray(
591 _In_ PLUID_AND_ATTRIBUTES Privilege
,
592 _In_ KPROCESSOR_MODE PreviousMode
,
593 _In_ BOOLEAN CaptureIfKernel
);
601 SepInitSecurityIDs(VOID
);
607 _In_ KPROCESSOR_MODE AccessMode
,
608 _In_ POOL_TYPE PoolType
,
609 _In_ BOOLEAN CaptureIfKernel
,
610 _Out_ PSID
*CapturedSid
);
615 _In_ PSID CapturedSid
,
616 _In_ KPROCESSOR_MODE AccessMode
,
617 _In_ BOOLEAN CaptureIfKernel
);
622 _In_ PACCESS_TOKEN _Token
,
628 _In_ PACCESS_TOKEN _Token
,
629 _In_ PSID PrincipalSelfSid
,
632 _In_ BOOLEAN Restricted
);
641 SeCaptureSidAndAttributesArray(
642 _In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes
,
643 _In_ ULONG AttributeCount
,
644 _In_ KPROCESSOR_MODE PreviousMode
,
645 _In_opt_ PVOID AllocatedMem
,
646 _In_ ULONG AllocatedLength
,
647 _In_ POOL_TYPE PoolType
,
648 _In_ BOOLEAN CaptureIfKernel
,
649 _Out_ PSID_AND_ATTRIBUTES
*CapturedSidAndAttributes
,
650 _Out_ PULONG ResultLength
);
654 SeReleaseSidAndAttributesArray(
655 _In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes
,
656 _In_ KPROCESSOR_MODE AccessMode
,
657 _In_ BOOLEAN CaptureIfKernel
);
669 SepCreateImpersonationTokenDacl(
671 _In_ PTOKEN PrimaryToken
,
678 _In_ KPROCESSOR_MODE AccessMode
,
679 _In_ POOL_TYPE PoolType
,
680 _In_ BOOLEAN CaptureIfKernel
,
681 _Out_ PACL
*CapturedAcl
);
686 _In_ PACL CapturedAcl
,
687 _In_ KPROCESSOR_MODE AccessMode
,
688 _In_ BOOLEAN CaptureIfKernel
);
692 _Out_writes_bytes_opt_(DaclLength
) PACL AclDest
,
693 _Inout_ PULONG AclLength
,
694 _In_reads_bytes_(AclSource
->AclSize
) PACL AclSource
,
697 _In_ BOOLEAN IsInherited
,
698 _In_ BOOLEAN IsDirectoryObject
,
699 _In_ PGENERIC_MAPPING GenericMapping
);
703 _In_opt_ PACL ExplicitAcl
,
704 _In_ BOOLEAN ExplicitPresent
,
705 _In_ BOOLEAN ExplicitDefaulted
,
706 _In_opt_ PACL ParentAcl
,
707 _In_opt_ PACL DefaultAcl
,
708 _Out_ PULONG AclLength
,
711 _Out_ PBOOLEAN AclPresent
,
712 _Out_ PBOOLEAN IsInherited
,
713 _In_ BOOLEAN IsDirectoryObject
,
714 _In_ PGENERIC_MAPPING GenericMapping
);
726 SeSetWorldSecurityDescriptor(
727 _In_ SECURITY_INFORMATION SecurityInformation
,
728 _In_ PISECURITY_DESCRIPTOR SecurityDescriptor
,
729 _In_ PULONG BufferLength
);
733 SeComputeQuotaInformationSize(
734 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
735 _Out_ PULONG QuotaInfoSize
);
738 // Security Reference Monitor (SeRm) functions
742 SeRmInitPhase0(VOID
);
746 SeRmInitPhase1(VOID
);
750 SepRmInsertLogonSessionIntoToken(
751 _Inout_ PTOKEN Token
);
755 SepRmRemoveLogonSessionFromToken(
756 _Inout_ PTOKEN Token
);
759 SepRmReferenceLogonSession(
760 _Inout_ PLUID LogonLuid
);
763 SepRmDereferenceLogonSession(
764 _Inout_ PLUID LogonLuid
);
770 _In_ PCWSTR ValueName
,
771 _In_ ULONG ValueType
,
772 _In_ ULONG DataLength
,
773 _Out_ PVOID ValueData
);
777 SeGetLogonIdDeviceMap(
779 _Out_ PDEVICE_MAP
*DeviceMap
);
786 SeInitializeProcessAuditName(
787 _In_ PFILE_OBJECT FileObject
,
788 _In_ BOOLEAN DoAudit
,
789 _Out_ POBJECT_NAME_INFORMATION
*AuditInfo
);
793 SeDetailedAuditingWithToken(
799 _In_ PEPROCESS Process
);
803 SeAuditProcessCreate(
804 _In_ PEPROCESS Process
);
808 SePrivilegedServiceAuditAlarm(
809 _In_opt_ PUNICODE_STRING ServiceName
,
810 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
811 _In_ PPRIVILEGE_SET PrivilegeSet
,
812 _In_ BOOLEAN AccessGranted
);
819 SeCaptureSubjectContextEx(
820 _In_ PETHREAD Thread
,
821 _In_ PEPROCESS Process
,
822 _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
825 // Security Quality of Service (SQoS) functions
829 SepCaptureSecurityQualityOfService(
830 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
831 _In_ KPROCESSOR_MODE AccessMode
,
832 _In_ POOL_TYPE PoolType
,
833 _In_ BOOLEAN CaptureIfKernel
,
834 _Out_ PSECURITY_QUALITY_OF_SERVICE
*CapturedSecurityQualityOfService
,
835 _Out_ PBOOLEAN Present
);
839 SepReleaseSecurityQualityOfService(
840 _In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService
,
841 _In_ KPROCESSOR_MODE AccessMode
,
842 _In_ BOOLEAN CaptureIfKernel
);
845 // Object type list functions
848 SepGetObjectTypeGuidFromAce(
850 _In_ BOOLEAN IsAceDenied
);
853 SepObjectTypeGuidInList(
854 _In_reads_(ObjectTypeListLength
) POBJECT_TYPE_LIST_INTERNAL ObjectTypeList
,
855 _In_ ULONG ObjectTypeListLength
,
856 _In_ PGUID ObjectTypeGuid
,
857 _Out_ PULONG ObjectIndex
);
860 SeCaptureObjectTypeList(
861 _In_reads_opt_(ObjectTypeListLength
) POBJECT_TYPE_LIST ObjectTypeList
,
862 _In_ ULONG ObjectTypeListLength
,
863 _In_ KPROCESSOR_MODE PreviousMode
,
864 _Out_ POBJECT_TYPE_LIST_INTERNAL
*CapturedObjectTypeList
);
867 SeReleaseObjectTypeList(
868 _In_ _Post_invalid_ POBJECT_TYPE_LIST_INTERNAL CapturedObjectTypeList
,
869 _In_ KPROCESSOR_MODE PreviousMode
);
872 // Access state functions
876 SeCreateAccessStateEx(
877 _In_ PETHREAD Thread
,
878 _In_ PEPROCESS Process
,
879 _In_ OUT PACCESS_STATE AccessState
,
880 _In_ PAUX_ACCESS_DATA AuxData
,
881 _In_ ACCESS_MASK Access
,
882 _In_ PGENERIC_MAPPING GenericMapping
);
885 // Access check functions
890 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
891 _In_ PACCESS_STATE AccessState
,
892 _In_ ACCESS_MASK DesiredAccess
,
893 _In_ KPROCESSOR_MODE AccessMode
);