projects / reactos.git / blob
? search:


3dc8c062bf9bb6718fe2703155ca5d9328e12de6
[reactos.git] / reactos / ntoskrnl / include / internal / se.h
1 #ifndef __NTOSKRNL_INCLUDE_INTERNAL_SE_H
2 #define __NTOSKRNL_INCLUDE_INTERNAL_SE_H
3
4 extern POBJECT_TYPE SepTokenObjectType;
5
6 /* SID Authorities */
7 extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority;
8 extern SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority;
9 extern SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority;
10 extern SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority;
11 extern SID_IDENTIFIER_AUTHORITY SeNtSidAuthority;
12
13 /* SIDs */
14 extern PSID SeNullSid;
15 extern PSID SeWorldSid;
16 extern PSID SeLocalSid;
17 extern PSID SeCreatorOwnerSid;
18 extern PSID SeCreatorGroupSid;
19 extern PSID SeCreatorOwnerServerSid;
20 extern PSID SeCreatorGroupServerSid;
21 extern PSID SeNtAuthoritySid;
22 extern PSID SeDialupSid;
23 extern PSID SeNetworkSid;
24 extern PSID SeBatchSid;
25 extern PSID SeInteractiveSid;
26 extern PSID SeServiceSid;
27 extern PSID SeAnonymousLogonSid;
28 extern PSID SePrincipalSelfSid;
29 extern PSID SeLocalSystemSid;
30 extern PSID SeAuthenticatedUserSid;
31 extern PSID SeRestrictedCodeSid;
32 extern PSID SeAliasAdminsSid;
33 extern PSID SeAliasUsersSid;
34 extern PSID SeAliasGuestsSid;
35 extern PSID SeAliasPowerUsersSid;
36 extern PSID SeAliasAccountOpsSid;
37 extern PSID SeAliasSystemOpsSid;
38 extern PSID SeAliasPrintOpsSid;
39 extern PSID SeAliasBackupOpsSid;
40 extern PSID SeAuthenticatedUsersSid;
41 extern PSID SeRestrictedSid;
42 extern PSID SeAnonymousLogonSid;
43
44 /* Privileges */
45 extern LUID SeCreateTokenPrivilege;
46 extern LUID SeAssignPrimaryTokenPrivilege;
47 extern LUID SeLockMemoryPrivilege;
48 extern LUID SeIncreaseQuotaPrivilege;
49 extern LUID SeUnsolicitedInputPrivilege;
50 extern LUID SeTcbPrivilege;
51 extern LUID SeSecurityPrivilege;
52 extern LUID SeTakeOwnershipPrivilege;
53 extern LUID SeLoadDriverPrivilege;
54 extern LUID SeCreatePagefilePrivilege;
55 extern LUID SeIncreaseBasePriorityPrivilege;
56 extern LUID SeSystemProfilePrivilege;
57 extern LUID SeSystemtimePrivilege;
58 extern LUID SeProfileSingleProcessPrivilege;
59 extern LUID SeCreatePermanentPrivilege;
60 extern LUID SeBackupPrivilege;
61 extern LUID SeRestorePrivilege;
62 extern LUID SeShutdownPrivilege;
63 extern LUID SeDebugPrivilege;
64 extern LUID SeAuditPrivilege;
65 extern LUID SeSystemEnvironmentPrivilege;
66 extern LUID SeChangeNotifyPrivilege;
67 extern LUID SeRemoteShutdownPrivilege;
68 extern LUID SeUndockPrivilege;
69 extern LUID SeSyncAgentPrivilege;
70 extern LUID SeEnableDelegationPrivilege;
71
72 /* DACLs */
73 extern PACL SePublicDefaultUnrestrictedDacl;
74 extern PACL SePublicOpenDacl;
75 extern PACL SePublicOpenUnrestrictedDacl;
76 extern PACL SeUnrestrictedDacl;
77
78 /* SDs */
79 extern PSECURITY_DESCRIPTOR SePublicDefaultSd;
80 extern PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd;
81 extern PSECURITY_DESCRIPTOR SePublicOpenSd;
82 extern PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd;
83 extern PSECURITY_DESCRIPTOR SeSystemDefaultSd;
84 extern PSECURITY_DESCRIPTOR SeUnrestrictedSd;
85
86 /* Functions */
87 BOOLEAN
88 NTAPI
89 SeInit1(VOID);
90
91 BOOLEAN
92 NTAPI
93 SeInit2(VOID);
94
95 BOOLEAN
96 NTAPI
97 SeInitSRM(VOID);
98
99 VOID
100 NTAPI
101 SepInitLuid(VOID);
102
103 VOID
104 NTAPI
105 SepInitPrivileges(VOID);
106
107 BOOLEAN
108 NTAPI
109 SepInitSecurityIDs(VOID);
110
111 BOOLEAN
112 NTAPI
113 SepInitDACLs(VOID);
114
115 BOOLEAN
116 NTAPI
117 SepInitSDs(VOID);
118
119 VOID
120 NTAPI
121 SeDeassignPrimaryToken(struct _EPROCESS *Process);
122
123 NTSTATUS
124 STDCALL
125 SepCreateImpersonationTokenDacl(
126 PTOKEN Token,
127 PTOKEN PrimaryToken,
128 PACL *Dacl
129 );
130
131 VOID
132 NTAPI
133 SepInitializeTokenImplementation(VOID);
134
135 PTOKEN
136 STDCALL
137 SepCreateSystemProcessToken(VOID);
138
139 NTSTATUS
140 NTAPI
141 SeExchangePrimaryToken(
142 struct _EPROCESS* Process,
143 PACCESS_TOKEN NewToken,
144 PACCESS_TOKEN* OldTokenP
145 );
146
147 NTSTATUS
148 NTAPI
149 SeCaptureLuidAndAttributesArray(
150 PLUID_AND_ATTRIBUTES Src,
151 ULONG PrivilegeCount,
152 KPROCESSOR_MODE PreviousMode,
153 PLUID_AND_ATTRIBUTES AllocatedMem,
154 ULONG AllocatedLength,
155 POOL_TYPE PoolType,
156 BOOLEAN CaptureIfKernel,
157 PLUID_AND_ATTRIBUTES* Dest,
158 PULONG Length
159 );
160
161 VOID
162 NTAPI
163 SeReleaseLuidAndAttributesArray(
164 PLUID_AND_ATTRIBUTES Privilege,
165 KPROCESSOR_MODE PreviousMode,
166 BOOLEAN CaptureIfKernel
167 );
168
169 BOOLEAN
170 NTAPI
171 SepPrivilegeCheck(
172 PTOKEN Token,
173 PLUID_AND_ATTRIBUTES Privileges,
174 ULONG PrivilegeCount,
175 ULONG PrivilegeControl,
176 KPROCESSOR_MODE PreviousMode
177 );
178
179 NTSTATUS
180 STDCALL
181 SepDuplicateToken(
182 PTOKEN Token,
183 POBJECT_ATTRIBUTES ObjectAttributes,
184 BOOLEAN EffectiveOnly,
185 TOKEN_TYPE TokenType,
186 SECURITY_IMPERSONATION_LEVEL Level,
187 KPROCESSOR_MODE PreviousMode,
188 PTOKEN* NewAccessToken
189 );
190
191 NTSTATUS
192 NTAPI
193 SepCaptureSecurityQualityOfService(
194 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
195 IN KPROCESSOR_MODE AccessMode,
196 IN POOL_TYPE PoolType,
197 IN BOOLEAN CaptureIfKernel,
198 OUT PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService,
199 OUT PBOOLEAN Present
200 );
201
202 VOID
203 NTAPI
204 SepReleaseSecurityQualityOfService(
205 IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL,
206 IN KPROCESSOR_MODE AccessMode,
207 IN BOOLEAN CaptureIfKernel
208 );
209
210 NTSTATUS
211 NTAPI
212 SepCaptureSid(
213 IN PSID InputSid,
214 IN KPROCESSOR_MODE AccessMode,
215 IN POOL_TYPE PoolType,
216 IN BOOLEAN CaptureIfKernel,
217 OUT PSID *CapturedSid
218 );
219
220 VOID
221 NTAPI
222 SepReleaseSid(
223 IN PSID CapturedSid,
224 IN KPROCESSOR_MODE AccessMode,
225 IN BOOLEAN CaptureIfKernel
226 );
227
228 NTSTATUS
229 NTAPI
230 SepCaptureAcl(
231 IN PACL InputAcl,
232 IN KPROCESSOR_MODE AccessMode,
233 IN POOL_TYPE PoolType,
234 IN BOOLEAN CaptureIfKernel,
235 OUT PACL *CapturedAcl
236 );
237
238 VOID
239 NTAPI
240 SepReleaseAcl(
241 IN PACL CapturedAcl,
242 IN KPROCESSOR_MODE AccessMode,
243 IN BOOLEAN CaptureIfKernel
244 );
245
246 NTSTATUS
247 STDCALL
248 SeDefaultObjectMethod(
249 PVOID Object,
250 SECURITY_OPERATION_CODE OperationType,
251 SECURITY_INFORMATION SecurityInformation,
252 PSECURITY_DESCRIPTOR NewSecurityDescriptor,
253 PULONG ReturnLength,
254 PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
255 POOL_TYPE PoolType,
256 PGENERIC_MAPPING GenericMapping
257 );
258
259 NTSTATUS
260 NTAPI
261 SeSetWorldSecurityDescriptor(
262 SECURITY_INFORMATION SecurityInformation,
263 PISECURITY_DESCRIPTOR SecurityDescriptor,
264 PULONG BufferLength
265 );
266
267 #define SepAcquireTokenLockExclusive(Token) \
268 do { \
269 KeEnterCriticalRegion(); \
270 ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \
271 while(0)
272
273 #define SepAcquireTokenLockShared(Token) \
274 do { \
275 KeEnterCriticalRegion(); \
276 ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \
277 while(0)
278
279 #define SepReleaseTokenLock(Token) \
280 do { \
281 ExReleaseResource(((PTOKEN)Token)->TokenLock); \
282 KeLeaveCriticalRegion(); \
283 while(0)
284
285 VOID STDCALL
286 SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
287 OUT PACCESS_MASK DesiredAccess);
288
289 VOID STDCALL
290 SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
291 OUT PACCESS_MASK DesiredAccess);
292
293 #endif /* __NTOSKRNL_INCLUDE_INTERNAL_SE_H */
294
295 /* EOF */
A free Windows-compatible Operating System