3 Copyright (c) Alex Ionescu. All rights reserved.
11 Function definitions for the security manager.
15 Alex Ionescu (alex.ionescu@reactos.com) 06-Oct-2004
27 #ifndef NTOS_MODE_USER
30 // Security Descriptors
34 SeCaptureSecurityDescriptor(
35 IN PSECURITY_DESCRIPTOR OriginalSecurityDescriptor
,
36 IN KPROCESSOR_MODE CurrentMode
,
37 IN POOL_TYPE PoolType
,
38 IN BOOLEAN CaptureIfKernel
,
39 OUT PSECURITY_DESCRIPTOR
*CapturedSecurityDescriptor
44 SeReleaseSecurityDescriptor(
45 IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor
,
46 IN KPROCESSOR_MODE CurrentMode
,
47 IN BOOLEAN CaptureIfKernelMode
56 PACCESS_STATE AccessState
,
59 PGENERIC_MAPPING GenericMapping
65 IN PACCESS_STATE AccessState
71 SECURITY_IMPERSONATION_LEVEL
73 SeTokenImpersonationLevel(
74 IN PACCESS_TOKEN Token
85 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
86 IN HANDLE ClientToken
,
87 IN ACCESS_MASK DesiredAccess
,
88 IN PGENERIC_MAPPING GenericMapping
,
89 OUT PPRIVILEGE_SET PrivilegeSet
,
90 OUT PULONG ReturnLength
,
91 OUT PACCESS_MASK GrantedAccess
,
92 OUT PNTSTATUS AccessStatus
98 NtAccessCheckAndAuditAlarm(
99 IN PUNICODE_STRING SubsystemName
,
101 IN PUNICODE_STRING ObjectTypeName
,
102 IN PUNICODE_STRING ObjectName
,
103 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
104 IN ACCESS_MASK DesiredAccess
,
105 IN PGENERIC_MAPPING GenericMapping
,
106 IN BOOLEAN ObjectCreation
,
107 OUT PACCESS_MASK GrantedAccess
,
108 OUT PNTSTATUS AccessStatus
,
109 OUT PBOOLEAN GenerateOnClose
116 IN HANDLE TokenHandle
,
117 IN BOOLEAN ResetToDefault
,
118 IN PTOKEN_GROUPS NewState
,
119 IN ULONG BufferLength
,
120 OUT PTOKEN_GROUPS PreviousState OPTIONAL
,
121 OUT PULONG ReturnLength
127 NtAdjustPrivilegesToken(
128 IN HANDLE TokenHandle
,
129 IN BOOLEAN DisableAllPrivileges
,
130 IN PTOKEN_PRIVILEGES NewState
,
131 IN ULONG BufferLength
,
132 OUT PTOKEN_PRIVILEGES PreviousState
,
133 OUT PULONG ReturnLength
138 NtAllocateLocallyUniqueId(
139 OUT LUID
*LocallyUniqueId
145 PULARGE_INTEGER Time
,
154 OUT PHANDLE TokenHandle
,
155 IN ACCESS_MASK DesiredAccess
,
156 IN POBJECT_ATTRIBUTES ObjectAttributes
,
157 IN TOKEN_TYPE TokenType
,
158 IN PLUID AuthenticationId
,
159 IN PLARGE_INTEGER ExpirationTime
,
160 IN PTOKEN_USER TokenUser
,
161 IN PTOKEN_GROUPS TokenGroups
,
162 IN PTOKEN_PRIVILEGES TokenPrivileges
,
163 IN PTOKEN_OWNER TokenOwner
,
164 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup
,
165 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl
,
166 IN PTOKEN_SOURCE TokenSource
173 IN HANDLE ExistingTokenHandle
,
174 IN ACCESS_MASK DesiredAccess
,
175 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
176 IN BOOLEAN EffectiveOnly
,
177 IN TOKEN_TYPE TokenType
,
178 OUT PHANDLE NewTokenHandle
184 NtImpersonateAnonymousToken(
191 NtOpenObjectAuditAlarm(
192 IN PUNICODE_STRING SubsystemName
,
194 IN PUNICODE_STRING ObjectTypeName
,
195 IN PUNICODE_STRING ObjectName
,
196 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
197 IN HANDLE ClientToken
,
198 IN ULONG DesiredAccess
,
199 IN ULONG GrantedAccess
,
200 IN PPRIVILEGE_SET Privileges
,
201 IN BOOLEAN ObjectCreation
,
202 IN BOOLEAN AccessGranted
,
203 OUT PBOOLEAN GenerateOnClose
210 IN HANDLE ProcessHandle
,
211 IN ACCESS_MASK DesiredAccess
,
212 OUT PHANDLE TokenHandle
218 NtOpenProcessTokenEx(
219 IN HANDLE ProcessHandle
,
220 IN ACCESS_MASK DesiredAccess
,
221 IN ULONG HandleAttributes
,
222 OUT PHANDLE TokenHandle
229 IN HANDLE ClientToken
,
230 IN PPRIVILEGE_SET RequiredPrivileges
,
237 NtPrivilegedServiceAuditAlarm(
238 IN PUNICODE_STRING SubsystemName
,
239 IN PUNICODE_STRING ServiceName
,
240 IN HANDLE ClientToken
,
241 IN PPRIVILEGE_SET Privileges
,
242 IN BOOLEAN AccessGranted
248 NtPrivilegeObjectAuditAlarm(
249 IN PUNICODE_STRING SubsystemName
,
251 IN HANDLE ClientToken
,
252 IN ULONG DesiredAccess
,
253 IN PPRIVILEGE_SET Privileges
,
254 IN BOOLEAN AccessGranted
260 NtQueryInformationToken(
261 IN HANDLE TokenHandle
,
262 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
263 OUT PVOID TokenInformation
,
264 IN ULONG TokenInformationLength
,
265 OUT PULONG ReturnLength
271 NtSetInformationToken(
272 IN HANDLE TokenHandle
,
273 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
274 OUT PVOID TokenInformation
,
275 IN ULONG TokenInformationLength
281 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
282 IN HANDLE ClientToken
,
283 IN ACCESS_MASK DesiredAccess
,
284 IN PGENERIC_MAPPING GenericMapping
,
285 OUT PPRIVILEGE_SET PrivilegeSet
,
286 OUT PULONG ReturnLength
,
287 OUT PACCESS_MASK GrantedAccess
,
288 OUT PNTSTATUS AccessStatus
295 IN HANDLE TokenHandle
,
296 IN BOOLEAN ResetToDefault
,
297 IN PTOKEN_GROUPS NewState
,
298 IN ULONG BufferLength
,
299 OUT PTOKEN_GROUPS PreviousState OPTIONAL
,
300 OUT PULONG ReturnLength
306 ZwAdjustPrivilegesToken(
307 IN HANDLE TokenHandle
,
308 IN BOOLEAN DisableAllPrivileges
,
309 IN PTOKEN_PRIVILEGES NewState
,
310 IN ULONG BufferLength
,
311 OUT PTOKEN_PRIVILEGES PreviousState
,
312 OUT PULONG ReturnLength
317 ZwAllocateLocallyUniqueId(
318 OUT LUID
*LocallyUniqueId
324 PULARGE_INTEGER Time
,
333 OUT PHANDLE TokenHandle
,
334 IN ACCESS_MASK DesiredAccess
,
335 IN POBJECT_ATTRIBUTES ObjectAttributes
,
336 IN TOKEN_TYPE TokenType
,
337 IN PLUID AuthenticationId
,
338 IN PLARGE_INTEGER ExpirationTime
,
339 IN PTOKEN_USER TokenUser
,
340 IN PTOKEN_GROUPS TokenGroups
,
341 IN PTOKEN_PRIVILEGES TokenPrivileges
,
342 IN PTOKEN_OWNER TokenOwner
,
343 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup
,
344 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl
,
345 IN PTOKEN_SOURCE TokenSource
352 IN HANDLE ExistingTokenHandle
,
353 IN ACCESS_MASK DesiredAccess
,
354 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
355 IN BOOLEAN EffectiveOnly
,
356 IN TOKEN_TYPE TokenType
,
357 OUT PHANDLE NewTokenHandle
363 ZwImpersonateAnonymousToken(
370 ZwOpenObjectAuditAlarm(
371 IN PUNICODE_STRING SubsystemName
,
373 IN PUNICODE_STRING ObjectTypeName
,
374 IN PUNICODE_STRING ObjectName
,
375 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
376 IN HANDLE ClientToken
,
377 IN ULONG DesiredAccess
,
378 IN ULONG GrantedAccess
,
379 IN PPRIVILEGE_SET Privileges
,
380 IN BOOLEAN ObjectCreation
,
381 IN BOOLEAN AccessGranted
,
382 OUT PBOOLEAN GenerateOnClose
389 IN HANDLE ProcessHandle
,
390 IN ACCESS_MASK DesiredAccess
,
391 OUT PHANDLE TokenHandle
397 ZwOpenProcessTokenEx(
398 IN HANDLE ProcessHandle
,
399 IN ACCESS_MASK DesiredAccess
,
400 IN ULONG HandleAttributes
,
401 OUT PHANDLE TokenHandle
408 IN HANDLE ClientToken
,
409 IN PPRIVILEGE_SET RequiredPrivileges
,
416 ZwPrivilegedServiceAuditAlarm(
417 IN PUNICODE_STRING SubsystemName
,
418 IN PUNICODE_STRING ServiceName
,
419 IN HANDLE ClientToken
,
420 IN PPRIVILEGE_SET Privileges
,
421 IN BOOLEAN AccessGranted
427 ZwPrivilegeObjectAuditAlarm(
428 IN PUNICODE_STRING SubsystemName
,
430 IN HANDLE ClientToken
,
431 IN ULONG DesiredAccess
,
432 IN PPRIVILEGE_SET Privileges
,
433 IN BOOLEAN AccessGranted
439 ZwQueryInformationToken(
440 IN HANDLE TokenHandle
,
441 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
442 OUT PVOID TokenInformation
,
443 IN ULONG TokenInformationLength
,
444 OUT PULONG ReturnLength
450 ZwSetInformationToken(
451 IN HANDLE TokenHandle
,
452 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
453 OUT PVOID TokenInformation
,
454 IN ULONG TokenInformationLength