reactos/include/ddk/setypes.h

   1 /* $Id: setypes.h,v 1.13 2004/02/02 12:03:43 ekohl Exp $
   2  *
   3  * COPYRIGHT:         See COPYING in the top level directory for details
   4  * PROJECT:           ReactOS kernel
   5  * FILE:              include/ddk/setypes.h
   6  * PURPOSE:           Security manager types
   7  * REVISION HISTORY:
   8  *                 ??/??/??:    Created with empty stubs by David Welch
   9  *                 29/08/98:    ACCESS_TOKEN definition from Boudewijn Dekker
  10  */
  11
  12 #ifndef __INCLUDE_DDK_SETYPES_H
  13 #define __INCLUDE_DDK_SETYPES_H
  14
  15 #include <ntos/security.h>
  16
  17 /* TOKEN_GROUPS structure */
  18 #define SE_GROUP_MANDATORY                (0x1L)
  19 #define SE_GROUP_ENABLED_BY_DEFAULT       (0x2L)
  20 #define SE_GROUP_ENABLED                  (0x4L)
  21 #define SE_GROUP_OWNER                    (0x8L)
  22 #define SE_GROUP_LOGON_ID                 (0xC0000000L)
  23
  24 /* ACL Defines */
  25 #define ACL_REVISION1     (1)
  26 #define ACL_REVISION2     (2)
  27 #define ACL_REVISION3     (3)
  28 #define MIN_ACL_REVISION  ACL_REVISION2
  29 #define MAX_ACL_REVISION  ACL_REVISION3
  30
  31 #define ACL_REVISION    (2)
  32
  33 /* ACE_HEADER structure */
  34 #define ACCESS_MIN_MS_ACE_TYPE            (0x0)
  35 #define ACCESS_ALLOWED_ACE_TYPE           (0x0)
  36 #define ACCESS_DENIED_ACE_TYPE            (0x1)
  37 #define SYSTEM_AUDIT_ACE_TYPE             (0x2)
  38 #define SYSTEM_ALARM_ACE_TYPE             (0x3)
  39 #define ACCESS_MAX_MS_V2_ACE_TYPE         (0x3)
  40 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE  (0x4)
  41 #define ACCESS_MAX_MS_V3_ACE_TYPE         (0x4)
  42 #define ACCESS_MAX_MS_ACE_TYPE            (0x4)
  43
  44 /* ACE flags in the ACE_HEADER structure */
  45 #define OBJECT_INHERIT_ACE           (0x1)
  46 #define CONTAINER_INHERIT_ACE        (0x2)
  47 #define NO_PROPAGATE_INHERIT_ACE     (0x4)
  48 #define INHERIT_ONLY_ACE             (0x8)
  49 #define SUCCESSFUL_ACCESS_ACE_FLAG   (0x40)
  50 #define FAILED_ACCESS_ACE_FLAG       (0x80)
  51
  52 /* SECURITY_DESCRIPTOR_CONTROL */
  53 #define SECURITY_DESCRIPTOR_REVISION    (1)
  54 #define SECURITY_DESCRIPTOR_MIN_LENGTH  (20)
  55 #define SE_OWNER_DEFAULTED      (1)
  56 #define SE_GROUP_DEFAULTED      (2)
  57 #define SE_DACL_PRESENT (4)
  58 #define SE_DACL_DEFAULTED       (8)
  59 #define SE_SACL_PRESENT (16)
  60 #define SE_SACL_DEFAULTED       (32)
  61 #define SE_SELF_RELATIVE        (32768)
  62
  63 /* PRIVILEGE_SET */
  64 #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L)
  65 #define SE_PRIVILEGE_ENABLED    (0x2L)
  66 #define SE_PRIVILEGE_USED_FOR_ACCESS    (0x80000000L)
  67 #define PRIVILEGE_SET_ALL_NECESSARY     (0x1)
  68
  69 typedef struct _ACCESS_TOKEN
  70 {
  71   TOKEN_SOURCE                  TokenSource;               /* 0x00 */
  72   LUID                          TokenId;                   /* 0x10 */
  73   LUID                          AuthenticationId;          /* 0x18 */
  74   LARGE_INTEGER                 ExpirationTime;            /* 0x20 */
  75   LUID                          ModifiedId;                /* 0x28 */
  76   ULONG                         UserAndGroupCount;         /* 0x30 */
  77   ULONG                         PrivilegeCount;            /* 0x34 */
  78   ULONG                         VariableLength;            /* 0x38 */
  79   ULONG                         DynamicCharged;            /* 0x3C */
  80   ULONG                         DynamicAvailable;          /* 0x40 */
  81   ULONG                         DefaultOwnerIndex;         /* 0x44 */
  82   PSID_AND_ATTRIBUTES           UserAndGroups;             /* 0x48 */
  83   PSID                          PrimaryGroup;              /* 0x4C */
  84   PLUID_AND_ATTRIBUTES          Privileges;                /* 0x50 */
  85   ULONG                         Unknown1;                  /* 0x54 */
  86   PACL                          DefaultDacl;               /* 0x58 */
  87   TOKEN_TYPE                    TokenType;                 /* 0x5C */
  88   SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel;        /* 0x60 */
  89   UCHAR                         TokenFlags;                /* 0x64 */
  90   UCHAR                         TokenInUse;                /* 0x65 */
  91   UCHAR                         Unused[2];                 /* 0x66 */
  92   PVOID                         ProxyData;                 /* 0x68 */
  93   PVOID                         AuditData;                 /* 0x6c */
  94   UCHAR                         VariablePart[0];           /* 0x70 */
  95 } ACCESS_TOKEN, *PACCESS_TOKEN;
  96
  97
  98 typedef struct _SECURITY_SUBJECT_CONTEXT
  99 {
 100   PACCESS_TOKEN ClientToken;                              /* 0x0 */
 101   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;        /* 0x4 */
 102   PACCESS_TOKEN PrimaryToken;                             /* 0x8 */
 103   PVOID ProcessAuditId;                                   /* 0xC */
 104 } SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
 105
 106
 107 typedef struct _SECURITY_CLIENT_CONTEXT
 108 {
 109   SECURITY_QUALITY_OF_SERVICE SecurityQos;      /* 0x00 */
 110   PACCESS_TOKEN Token;                          /* 0x0C */
 111   BOOLEAN DirectlyAccessClientToken;            /* 0x10 */
 112   BOOLEAN DirectAccessEffectiveOnly;            /* 0x11 */
 113   BOOLEAN ServerIsRemote;                       /* 0x12 */
 114   TOKEN_CONTROL ClientTokenControl;             /* 0x14 */
 115 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
 116
 117
 118 typedef struct _SE_EXPORTS
 119 {
 120   /* Privilege values */
 121   LUID SeCreateTokenPrivilege;
 122   LUID SeAssignPrimaryTokenPrivilege;
 123   LUID SeLockMemoryPrivilege;
 124   LUID SeIncreaseQuotaPrivilege;
 125   LUID SeUnsolicitedInputPrivilege;
 126   LUID SeTcbPrivilege;
 127   LUID SeSecurityPrivilege;
 128   LUID SeTakeOwnershipPrivilege;
 129   LUID SeLoadDriverPrivilege;
 130   LUID SeCreatePagefilePrivilege;
 131   LUID SeIncreaseBasePriorityPrivilege;
 132   LUID SeSystemProfilePrivilege;
 133   LUID SeSystemtimePrivilege;
 134   LUID SeProfileSingleProcessPrivilege;
 135   LUID SeCreatePermanentPrivilege;
 136   LUID SeBackupPrivilege;
 137   LUID SeRestorePrivilege;
 138   LUID SeShutdownPrivilege;
 139   LUID SeDebugPrivilege;
 140   LUID SeAuditPrivilege;
 141   LUID SeSystemEnvironmentPrivilege;
 142   LUID SeChangeNotifyPrivilege;
 143   LUID SeRemoteShutdownPrivilege;
 144
 145   /* Universally defined SIDs */
 146   PSID SeNullSid;
 147   PSID SeWorldSid;
 148   PSID SeLocalSid;
 149   PSID SeCreatorOwnerSid;
 150   PSID SeCreatorGroupSid;
 151
 152   /* Nt defined SIDs */
 153   PSID SeNtAuthoritySid;
 154   PSID SeDialupSid;
 155   PSID SeNetworkSid;
 156   PSID SeBatchSid;
 157   PSID SeInteractiveSid;
 158   PSID SeLocalSystemSid;
 159   PSID SeAliasAdminsSid;
 160   PSID SeAliasUsersSid;
 161   PSID SeAliasGuestsSid;
 162   PSID SeAliasPowerUsersSid;
 163   PSID SeAliasAccountOpsSid;
 164   PSID SeAliasSystemOpsSid;
 165   PSID SeAliasPrintOpsSid;
 166   PSID SeAliasBackupOpsSid;
 167 } SE_EXPORTS, *PSE_EXPORTS;
 168
 169
 170 typedef NTSTATUS STDCALL_FUNC
 171 (*PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId);
 172
 173
 174 typedef enum _SECURITY_OPERATION_CODE
 175 {
 176   SetSecurityDescriptor,
 177   QuerySecurityDescriptor,
 178   DeleteSecurityDescriptor,
 179   AssignSecurityDescriptor
 180 } SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
 181
 182 #endif
 183
 184 /* EOF */