2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * PURPOSE: Security manager
5 * FILE: kernel/se/semgr.c
8 * 26/07/98: Added stubs for security functions
11 /* INCLUDES *****************************************************************/
13 #include <ddk/ntddk.h>
15 #include <internal/debug.h>
17 /* FUNCTIONS ***************************************************************/
19 NTSTATUS STDCALL
NtQueryInformationToken(VOID
)
23 NTSTATUS STDCALL
NtQuerySecurityObject(VOID
)
27 NTSTATUS STDCALL
NtSetSecurityObject(VOID
)
31 NTSTATUS STDCALL
NtSetInformationToken(VOID
)
35 NTSTATUS STDCALL
NtPrivilegeCheck(VOID
)
39 NTSTATUS STDCALL
NtPrivilegedServiceAuditAlarm(VOID
)
43 NTSTATUS STDCALL
NtPrivilegeObjectAuditAlarm(VOID
)
47 NTSTATUS STDCALL
NtOpenObjectAuditAlarm(VOID
)
51 NTSTATUS STDCALL
NtOpenProcessToken(VOID
)
55 NTSTATUS STDCALL
NtOpenThreadToken(VOID
)
59 NTSTATUS STDCALL
NtDuplicateToken(VOID
)
63 NTSTATUS STDCALL
NtImpersonateClientOfPort(VOID
)
67 NTSTATUS STDCALL
NtImpersonateThread(VOID
)
71 NTSTATUS STDCALL
NtCreateToken(VOID
)
75 NTSTATUS STDCALL
NtDeleteObjectAuditAlarm(VOID
)
82 NtAllocateLocallyUniqueId(
83 OUT PVOID LocallyUniqueId
90 ZwAllocateLocallyUniqueId(
91 OUT PVOID LocallyUniqueId
96 NTSTATUS STDCALL
NtAccessCheckAndAuditAlarm(VOID
)
100 NTSTATUS STDCALL
NtAdjustGroupsToken(VOID
)
104 NTSTATUS STDCALL
NtAdjustPrivilegesToken(VOID
)
108 NTSTATUS STDCALL
NtAllocateUuids(VOID
)
112 NTSTATUS STDCALL
NtCloseObjectAuditAlarm(VOID
)
119 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
120 IN HANDLE ClientToken
,
121 IN ULONG DesiredAcces
,
122 IN PGENERIC_MAPPING GenericMapping
,
123 OUT PRIVILEGE_SET PrivilegeSet
,
124 OUT PULONG ReturnLength
,
125 OUT PULONG GrantedAccess
,
126 OUT PULONG AccessStatus
134 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
135 IN HANDLE ClientToken
,
136 IN ULONG DesiredAcces
,
137 IN PGENERIC_MAPPING GenericMapping
,
138 OUT PRIVILEGE_SET PrivilegeSet
,
139 OUT PULONG ReturnLength
,
140 OUT PULONG GrantedAccess
,
141 OUT PULONG AccessStatus
146 NTSTATUS
RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
,
152 ULONG
RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
)
157 NTSTATUS
RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
,
160 BOOLEAN DaclDefaulted
)
165 BOOLEAN
RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
)
170 BOOLEAN
SeSinglePrivilegeCheck(LUID PrivilegeValue
,
171 KPROCESSOR_MODE PreviousMode
)
176 NTSTATUS
SeDeassignSecurity(PSECURITY_DESCRIPTOR
* SecurityDescriptor
)
181 NTSTATUS
SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor
,
182 PSECURITY_DESCRIPTOR ExplicitDescriptor
,
183 BOOLEAN IsDirectoryObject
,
184 PSECURITY_SUBJECT_CONTEXT SubjectContext
,
185 PGENERIC_MAPPING GenericMapping
,
191 BOOLEAN
SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
192 IN PSECURITY_DESCRIPTOR_CONTEXT SubjectSecurityContext
,
193 IN BOOLEAN SubjectContextLocked
,
194 IN ACCESS_MASK DesiredAccess
,
195 IN ACCESS_MASK PreviouslyGrantedAccess
,
196 OUT PPRIVILEGE_SET
* Privileges
,
197 IN PGENERIC_MAPPING GenericMapping
,
198 IN KPROCESSOR_MODE AccessMode
,
199 OUT PACCESS_MODE GrantedAccess
,
200 OUT PNTSTATUS AccessStatus
)
202 * FUNCTION: Determines whether the requested access rights can be granted
203 * to an object protected by a security descriptor and an object owner
205 * SecurityDescriptor = Security descriptor protected the object
206 * SubjectSecurityContext = Subject's captured security context
207 * SubjectContextLocked = Indicates the user's subject context is locked
208 * DesiredAccess = Access rights the caller is trying to acquire
209 * PreviouslyGrantedAccess = Specified the access rights already granted
211 * GenericMapping = Generic mapping associated with the object
212 * AccessMode = Access mode used for the check
213 * GrantedAccess (OUT) = On return specifies the access granted
214 * AccessStatus (OUT) = Status indicating why access was denied
215 * RETURNS: If access was granted, returns TRUE