1 #ifndef __NTOSKRNL_INCLUDE_INTERNAL_SE_H
2 #define __NTOSKRNL_INCLUDE_INTERNAL_SE_H
4 extern POBJECT_TYPE SepTokenObjectType
;
7 extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
;
8 extern SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
;
9 extern SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
;
10 extern SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
;
11 extern SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
;
14 extern PSID SeNullSid
;
15 extern PSID SeWorldSid
;
16 extern PSID SeLocalSid
;
17 extern PSID SeCreatorOwnerSid
;
18 extern PSID SeCreatorGroupSid
;
19 extern PSID SeCreatorOwnerServerSid
;
20 extern PSID SeCreatorGroupServerSid
;
21 extern PSID SeNtAuthoritySid
;
22 extern PSID SeDialupSid
;
23 extern PSID SeNetworkSid
;
24 extern PSID SeBatchSid
;
25 extern PSID SeInteractiveSid
;
26 extern PSID SeServiceSid
;
27 extern PSID SeAnonymousLogonSid
;
28 extern PSID SePrincipalSelfSid
;
29 extern PSID SeLocalSystemSid
;
30 extern PSID SeAuthenticatedUserSid
;
31 extern PSID SeRestrictedCodeSid
;
32 extern PSID SeAliasAdminsSid
;
33 extern PSID SeAliasUsersSid
;
34 extern PSID SeAliasGuestsSid
;
35 extern PSID SeAliasPowerUsersSid
;
36 extern PSID SeAliasAccountOpsSid
;
37 extern PSID SeAliasSystemOpsSid
;
38 extern PSID SeAliasPrintOpsSid
;
39 extern PSID SeAliasBackupOpsSid
;
40 extern PSID SeAuthenticatedUsersSid
;
41 extern PSID SeRestrictedSid
;
42 extern PSID SeAnonymousLogonSid
;
45 extern LUID SeCreateTokenPrivilege
;
46 extern LUID SeAssignPrimaryTokenPrivilege
;
47 extern LUID SeLockMemoryPrivilege
;
48 extern LUID SeIncreaseQuotaPrivilege
;
49 extern LUID SeUnsolicitedInputPrivilege
;
50 extern LUID SeTcbPrivilege
;
51 extern LUID SeSecurityPrivilege
;
52 extern LUID SeTakeOwnershipPrivilege
;
53 extern LUID SeLoadDriverPrivilege
;
54 extern LUID SeCreatePagefilePrivilege
;
55 extern LUID SeIncreaseBasePriorityPrivilege
;
56 extern LUID SeSystemProfilePrivilege
;
57 extern LUID SeSystemtimePrivilege
;
58 extern LUID SeProfileSingleProcessPrivilege
;
59 extern LUID SeCreatePermanentPrivilege
;
60 extern LUID SeBackupPrivilege
;
61 extern LUID SeRestorePrivilege
;
62 extern LUID SeShutdownPrivilege
;
63 extern LUID SeDebugPrivilege
;
64 extern LUID SeAuditPrivilege
;
65 extern LUID SeSystemEnvironmentPrivilege
;
66 extern LUID SeChangeNotifyPrivilege
;
67 extern LUID SeRemoteShutdownPrivilege
;
68 extern LUID SeUndockPrivilege
;
69 extern LUID SeSyncAgentPrivilege
;
70 extern LUID SeEnableDelegationPrivilege
;
73 extern PACL SePublicDefaultUnrestrictedDacl
;
74 extern PACL SePublicOpenDacl
;
75 extern PACL SePublicOpenUnrestrictedDacl
;
76 extern PACL SeUnrestrictedDacl
;
79 extern PSECURITY_DESCRIPTOR SePublicDefaultSd
;
80 extern PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
;
81 extern PSECURITY_DESCRIPTOR SePublicOpenSd
;
82 extern PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
;
83 extern PSECURITY_DESCRIPTOR SeSystemDefaultSd
;
84 extern PSECURITY_DESCRIPTOR SeUnrestrictedSd
;
101 SepInitPrivileges(VOID
);
105 SepInitSecurityIDs(VOID
);
117 SeDeassignPrimaryToken(struct _EPROCESS
*Process
);
130 SeInitializeProcessAuditName(
131 IN PFILE_OBJECT FileObject
,
133 OUT POBJECT_NAME_INFORMATION
*AuditInfo
138 SeCreateAccessStateEx(
140 IN PEPROCESS Process
,
141 IN OUT PACCESS_STATE AccessState
,
142 IN PAUX_DATA AuxData
,
143 IN ACCESS_MASK Access
,
144 IN PGENERIC_MAPPING GenericMapping
156 SepCreateImpersonationTokenDacl(
164 SepInitializeTokenImplementation(VOID
);
168 SepCreateSystemProcessToken(VOID
);
172 SeDetailedAuditingWithToken(IN PTOKEN Token
);
176 SeAuditProcessExit(IN PEPROCESS Process
);
180 SeAuditProcessCreate(IN PEPROCESS Process
);
184 SeExchangePrimaryToken(
185 struct _EPROCESS
* Process
,
186 PACCESS_TOKEN NewToken
,
187 PACCESS_TOKEN
* OldTokenP
192 SeCaptureSubjectContextEx(
194 IN PEPROCESS Process
,
195 OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
200 SeCaptureLuidAndAttributesArray(
201 PLUID_AND_ATTRIBUTES Src
,
202 ULONG PrivilegeCount
,
203 KPROCESSOR_MODE PreviousMode
,
204 PLUID_AND_ATTRIBUTES AllocatedMem
,
205 ULONG AllocatedLength
,
207 BOOLEAN CaptureIfKernel
,
208 PLUID_AND_ATTRIBUTES
* Dest
,
214 SeReleaseLuidAndAttributesArray(
215 PLUID_AND_ATTRIBUTES Privilege
,
216 KPROCESSOR_MODE PreviousMode
,
217 BOOLEAN CaptureIfKernel
224 PLUID_AND_ATTRIBUTES Privileges
,
225 ULONG PrivilegeCount
,
226 ULONG PrivilegeControl
,
227 KPROCESSOR_MODE PreviousMode
234 POBJECT_ATTRIBUTES ObjectAttributes
,
235 BOOLEAN EffectiveOnly
,
236 TOKEN_TYPE TokenType
,
237 SECURITY_IMPERSONATION_LEVEL Level
,
238 KPROCESSOR_MODE PreviousMode
,
239 PTOKEN
* NewAccessToken
244 SepCaptureSecurityQualityOfService(
245 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
246 IN KPROCESSOR_MODE AccessMode
,
247 IN POOL_TYPE PoolType
,
248 IN BOOLEAN CaptureIfKernel
,
249 OUT PSECURITY_QUALITY_OF_SERVICE
*CapturedSecurityQualityOfService
,
255 SepReleaseSecurityQualityOfService(
256 IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL
,
257 IN KPROCESSOR_MODE AccessMode
,
258 IN BOOLEAN CaptureIfKernel
265 IN KPROCESSOR_MODE AccessMode
,
266 IN POOL_TYPE PoolType
,
267 IN BOOLEAN CaptureIfKernel
,
268 OUT PSID
*CapturedSid
275 IN KPROCESSOR_MODE AccessMode
,
276 IN BOOLEAN CaptureIfKernel
283 IN KPROCESSOR_MODE AccessMode
,
284 IN POOL_TYPE PoolType
,
285 IN BOOLEAN CaptureIfKernel
,
286 OUT PACL
*CapturedAcl
293 IN KPROCESSOR_MODE AccessMode
,
294 IN BOOLEAN CaptureIfKernel
299 SeDefaultObjectMethod(
301 SECURITY_OPERATION_CODE OperationType
,
302 PSECURITY_INFORMATION SecurityInformation
,
303 PSECURITY_DESCRIPTOR NewSecurityDescriptor
,
305 PSECURITY_DESCRIPTOR
*OldSecurityDescriptor
,
307 PGENERIC_MAPPING GenericMapping
312 SeSetWorldSecurityDescriptor(
313 SECURITY_INFORMATION SecurityInformation
,
314 PISECURITY_DESCRIPTOR SecurityDescriptor
,
318 #define SepAcquireTokenLockExclusive(Token) \
320 KeEnterCriticalRegion(); \
321 ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \
324 #define SepAcquireTokenLockShared(Token) \
326 KeEnterCriticalRegion(); \
327 ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \
330 #define SepReleaseTokenLock(Token) \
332 ExReleaseResource(((PTOKEN)Token)->TokenLock); \
333 KeLeaveCriticalRegion(); \
337 SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
338 OUT PACCESS_MASK DesiredAccess
);
341 SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
342 OUT PACCESS_MASK DesiredAccess
);
344 #endif /* __NTOSKRNL_INCLUDE_INTERNAL_SE_H */