3 Copyright (c) Alex Ionescu. All rights reserved.
11 Function definitions for the security manager.
15 Alex Ionescu (alex.ionescu@reactos.com) 06-Oct-2004
27 #ifndef NTOS_MODE_USER
30 // Security Descriptors
34 SeCaptureSecurityDescriptor(
35 IN PSECURITY_DESCRIPTOR OriginalSecurityDescriptor
,
36 IN KPROCESSOR_MODE CurrentMode
,
37 IN POOL_TYPE PoolType
,
38 IN BOOLEAN CaptureIfKernel
,
39 OUT PSECURITY_DESCRIPTOR
*CapturedSecurityDescriptor
44 SeReleaseSecurityDescriptor(
45 IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor
,
46 IN KPROCESSOR_MODE CurrentMode
,
47 IN BOOLEAN CaptureIfKernelMode
56 PACCESS_STATE AccessState
,
59 PGENERIC_MAPPING GenericMapping
65 IN PACCESS_STATE AccessState
71 SECURITY_IMPERSONATION_LEVEL
73 SeTokenImpersonationLevel(
74 IN PACCESS_TOKEN Token
85 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
86 IN HANDLE ClientToken
,
87 IN ACCESS_MASK DesiredAccess
,
88 IN PGENERIC_MAPPING GenericMapping
,
89 OUT PPRIVILEGE_SET PrivilegeSet
,
90 OUT PULONG ReturnLength
,
91 OUT PACCESS_MASK GrantedAccess
,
92 OUT PNTSTATUS AccessStatus
98 NtAccessCheckAndAuditAlarm(
99 IN PUNICODE_STRING SubsystemName
,
101 IN PUNICODE_STRING ObjectTypeName
,
102 IN PUNICODE_STRING ObjectName
,
103 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
104 IN ACCESS_MASK DesiredAccess
,
105 IN PGENERIC_MAPPING GenericMapping
,
106 IN BOOLEAN ObjectCreation
,
107 OUT PACCESS_MASK GrantedAccess
,
108 OUT PNTSTATUS AccessStatus
,
109 OUT PBOOLEAN GenerateOnClose
116 IN HANDLE TokenHandle
,
117 IN BOOLEAN ResetToDefault
,
118 IN PTOKEN_GROUPS NewState
,
119 IN ULONG BufferLength
,
120 OUT PTOKEN_GROUPS PreviousState OPTIONAL
,
121 OUT PULONG ReturnLength
127 NtAdjustPrivilegesToken(
128 IN HANDLE TokenHandle
,
129 IN BOOLEAN DisableAllPrivileges
,
130 IN PTOKEN_PRIVILEGES NewState
,
131 IN ULONG BufferLength
,
132 OUT PTOKEN_PRIVILEGES PreviousState
,
133 OUT PULONG ReturnLength
138 NtAllocateLocallyUniqueId(
139 OUT LUID
*LocallyUniqueId
145 PULARGE_INTEGER Time
,
154 OUT PHANDLE TokenHandle
,
155 IN ACCESS_MASK DesiredAccess
,
156 IN POBJECT_ATTRIBUTES ObjectAttributes
,
157 IN TOKEN_TYPE TokenType
,
158 IN PLUID AuthenticationId
,
159 IN PLARGE_INTEGER ExpirationTime
,
160 IN PTOKEN_USER TokenUser
,
161 IN PTOKEN_GROUPS TokenGroups
,
162 IN PTOKEN_PRIVILEGES TokenPrivileges
,
163 IN PTOKEN_OWNER TokenOwner
,
164 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup
,
165 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl
,
166 IN PTOKEN_SOURCE TokenSource
173 IN HANDLE ExistingTokenHandle
,
174 IN ACCESS_MASK DesiredAccess
,
175 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
176 IN BOOLEAN EffectiveOnly
,
177 IN TOKEN_TYPE TokenType
,
178 OUT PHANDLE NewTokenHandle
184 NtOpenObjectAuditAlarm(
185 IN PUNICODE_STRING SubsystemName
,
187 IN PUNICODE_STRING ObjectTypeName
,
188 IN PUNICODE_STRING ObjectName
,
189 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
190 IN HANDLE ClientToken
,
191 IN ULONG DesiredAccess
,
192 IN ULONG GrantedAccess
,
193 IN PPRIVILEGE_SET Privileges
,
194 IN BOOLEAN ObjectCreation
,
195 IN BOOLEAN AccessGranted
,
196 OUT PBOOLEAN GenerateOnClose
203 IN HANDLE ProcessHandle
,
204 IN ACCESS_MASK DesiredAccess
,
205 OUT PHANDLE TokenHandle
211 NtOpenProcessTokenEx(
212 IN HANDLE ProcessHandle
,
213 IN ACCESS_MASK DesiredAccess
,
214 IN ULONG HandleAttributes
,
215 OUT PHANDLE TokenHandle
222 IN HANDLE ClientToken
,
223 IN PPRIVILEGE_SET RequiredPrivileges
,
230 NtPrivilegedServiceAuditAlarm(
231 IN PUNICODE_STRING SubsystemName
,
232 IN PUNICODE_STRING ServiceName
,
233 IN HANDLE ClientToken
,
234 IN PPRIVILEGE_SET Privileges
,
235 IN BOOLEAN AccessGranted
241 NtPrivilegeObjectAuditAlarm(
242 IN PUNICODE_STRING SubsystemName
,
244 IN HANDLE ClientToken
,
245 IN ULONG DesiredAccess
,
246 IN PPRIVILEGE_SET Privileges
,
247 IN BOOLEAN AccessGranted
253 NtQueryInformationToken(
254 IN HANDLE TokenHandle
,
255 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
256 OUT PVOID TokenInformation
,
257 IN ULONG TokenInformationLength
,
258 OUT PULONG ReturnLength
264 NtSetInformationToken(
265 IN HANDLE TokenHandle
,
266 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
267 OUT PVOID TokenInformation
,
268 IN ULONG TokenInformationLength
274 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
275 IN HANDLE ClientToken
,
276 IN ACCESS_MASK DesiredAccess
,
277 IN PGENERIC_MAPPING GenericMapping
,
278 OUT PPRIVILEGE_SET PrivilegeSet
,
279 OUT PULONG ReturnLength
,
280 OUT PACCESS_MASK GrantedAccess
,
281 OUT PNTSTATUS AccessStatus
288 IN HANDLE TokenHandle
,
289 IN BOOLEAN ResetToDefault
,
290 IN PTOKEN_GROUPS NewState
,
291 IN ULONG BufferLength
,
292 OUT PTOKEN_GROUPS PreviousState OPTIONAL
,
293 OUT PULONG ReturnLength
299 ZwAdjustPrivilegesToken(
300 IN HANDLE TokenHandle
,
301 IN BOOLEAN DisableAllPrivileges
,
302 IN PTOKEN_PRIVILEGES NewState
,
303 IN ULONG BufferLength
,
304 OUT PTOKEN_PRIVILEGES PreviousState
,
305 OUT PULONG ReturnLength
310 ZwAllocateLocallyUniqueId(
311 OUT LUID
*LocallyUniqueId
317 PULARGE_INTEGER Time
,
326 OUT PHANDLE TokenHandle
,
327 IN ACCESS_MASK DesiredAccess
,
328 IN POBJECT_ATTRIBUTES ObjectAttributes
,
329 IN TOKEN_TYPE TokenType
,
330 IN PLUID AuthenticationId
,
331 IN PLARGE_INTEGER ExpirationTime
,
332 IN PTOKEN_USER TokenUser
,
333 IN PTOKEN_GROUPS TokenGroups
,
334 IN PTOKEN_PRIVILEGES TokenPrivileges
,
335 IN PTOKEN_OWNER TokenOwner
,
336 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup
,
337 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl
,
338 IN PTOKEN_SOURCE TokenSource
345 IN HANDLE ExistingTokenHandle
,
346 IN ACCESS_MASK DesiredAccess
,
347 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
348 IN BOOLEAN EffectiveOnly
,
349 IN TOKEN_TYPE TokenType
,
350 OUT PHANDLE NewTokenHandle
356 ZwOpenObjectAuditAlarm(
357 IN PUNICODE_STRING SubsystemName
,
359 IN PUNICODE_STRING ObjectTypeName
,
360 IN PUNICODE_STRING ObjectName
,
361 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
362 IN HANDLE ClientToken
,
363 IN ULONG DesiredAccess
,
364 IN ULONG GrantedAccess
,
365 IN PPRIVILEGE_SET Privileges
,
366 IN BOOLEAN ObjectCreation
,
367 IN BOOLEAN AccessGranted
,
368 OUT PBOOLEAN GenerateOnClose
375 IN HANDLE ProcessHandle
,
376 IN ACCESS_MASK DesiredAccess
,
377 OUT PHANDLE TokenHandle
383 ZwOpenProcessTokenEx(
384 IN HANDLE ProcessHandle
,
385 IN ACCESS_MASK DesiredAccess
,
386 IN ULONG HandleAttributes
,
387 OUT PHANDLE TokenHandle
394 IN HANDLE ClientToken
,
395 IN PPRIVILEGE_SET RequiredPrivileges
,
402 ZwPrivilegedServiceAuditAlarm(
403 IN PUNICODE_STRING SubsystemName
,
404 IN PUNICODE_STRING ServiceName
,
405 IN HANDLE ClientToken
,
406 IN PPRIVILEGE_SET Privileges
,
407 IN BOOLEAN AccessGranted
413 ZwPrivilegeObjectAuditAlarm(
414 IN PUNICODE_STRING SubsystemName
,
416 IN HANDLE ClientToken
,
417 IN ULONG DesiredAccess
,
418 IN PPRIVILEGE_SET Privileges
,
419 IN BOOLEAN AccessGranted
425 ZwQueryInformationToken(
426 IN HANDLE TokenHandle
,
427 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
428 OUT PVOID TokenInformation
,
429 IN ULONG TokenInformationLength
,
430 OUT PULONG ReturnLength
436 ZwSetInformationToken(
437 IN HANDLE TokenHandle
,
438 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
439 OUT PVOID TokenInformation
,
440 IN ULONG TokenInformationLength