sdk/include/ndk/sefuncs.h

   1 /*++ NDK Version: 0098
   2
   3 Copyright (c) Alex Ionescu.  All rights reserved.
   4
   5 Header Name:
   6
   7     sefuncs.h
   8
   9 Abstract:
  10
  11     Function definitions for the security manager.
  12
  13 Author:
  14
  15     Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
  16
  17 --*/
  18
  19 #ifndef _SEFUNCS_H
  20 #define _SEFUNCS_H
  21
  22 //
  23 // Dependencies
  24 //
  25 #include <umtypes.h>
  26
  27 #ifndef NTOS_MODE_USER
  28
  29 //
  30 // Security Descriptors
  31 //
  32 NTKERNELAPI
  33 NTSTATUS
  34 NTAPI
  35 SeCaptureSecurityDescriptor(
  36     _In_ PSECURITY_DESCRIPTOR OriginalSecurityDescriptor,
  37     _In_ KPROCESSOR_MODE CurrentMode,
  38     _In_ POOL_TYPE PoolType,
  39     _In_ BOOLEAN CaptureIfKernel,
  40     _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor
  41 );
  42
  43 NTKERNELAPI
  44 NTSTATUS
  45 NTAPI
  46 SeReleaseSecurityDescriptor(
  47     _In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
  48     _In_ KPROCESSOR_MODE CurrentMode,
  49     _In_ BOOLEAN CaptureIfKernelMode
  50 );
  51
  52 //
  53 // Access States
  54 //
  55 NTKERNELAPI
  56 NTSTATUS
  57 NTAPI
  58 SeCreateAccessState(
  59     PACCESS_STATE AccessState,
  60     PAUX_ACCESS_DATA AuxData,
  61     ACCESS_MASK Access,
  62     PGENERIC_MAPPING GenericMapping
  63 );
  64
  65 NTKERNELAPI
  66 VOID
  67 NTAPI
  68 SeDeleteAccessState(
  69     _In_ PACCESS_STATE AccessState
  70 );
  71
  72 //
  73 // Impersonation
  74 //
  75 NTKERNELAPI
  76 SECURITY_IMPERSONATION_LEVEL
  77 NTAPI
  78 SeTokenImpersonationLevel(
  79     _In_ PACCESS_TOKEN Token
  80 );
  81
  82 #endif
  83
  84 //
  85 // Native Calls
  86 //
  87 NTSYSCALLAPI
  88 NTSTATUS
  89 NTAPI
  90 NtAccessCheck(
  91     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
  92     _In_ HANDLE ClientToken,
  93     _In_ ACCESS_MASK DesiredAccess,
  94     _In_ PGENERIC_MAPPING GenericMapping,
  95     _Out_ PPRIVILEGE_SET PrivilegeSet,
  96     _Out_ PULONG ReturnLength,
  97     _Out_ PACCESS_MASK GrantedAccess,
  98     _Out_ PNTSTATUS AccessStatus
  99 );
 100
 101 NTSTATUS
 102 NTAPI
 103 NtAccessCheckByType(
 104     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 105     _In_ PSID PrincipalSelfSid,
 106     _In_ HANDLE ClientToken,
 107     _In_ ACCESS_MASK DesiredAccess,
 108     _In_ POBJECT_TYPE_LIST ObjectTypeList,
 109     _In_ ULONG ObjectTypeLength,
 110     _In_ PGENERIC_MAPPING GenericMapping,
 111     _In_ PPRIVILEGE_SET PrivilegeSet,
 112     _Inout_ PULONG PrivilegeSetLength,
 113     _Out_ PACCESS_MASK GrantedAccess,
 114     _Out_ PNTSTATUS AccessStatus
 115 );
 116
 117 NTSTATUS
 118 NTAPI
 119 NtAccessCheckByTypeResultList(
 120     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 121     _In_ PSID PrincipalSelfSid,
 122     _In_ HANDLE ClientToken,
 123     _In_ ACCESS_MASK DesiredAccess,
 124     _In_ POBJECT_TYPE_LIST ObjectTypeList,
 125     _In_ ULONG ObjectTypeLength,
 126     _In_ PGENERIC_MAPPING GenericMapping,
 127     _In_ PPRIVILEGE_SET PrivilegeSet,
 128     _Inout_ PULONG PrivilegeSetLength,
 129     _Out_ PACCESS_MASK GrantedAccess,
 130     _Out_ PNTSTATUS AccessStatus
 131 );
 132
 133 _Must_inspect_result_
 134 __kernel_entry NTSYSCALLAPI
 135 NTSTATUS
 136 NTAPI
 137 NtAccessCheckAndAuditAlarm(
 138     _In_ PUNICODE_STRING SubsystemName,
 139     _In_opt_ PVOID HandleId,
 140     _In_ PUNICODE_STRING ObjectTypeName,
 141     _In_ PUNICODE_STRING ObjectName,
 142     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 143     _In_ ACCESS_MASK DesiredAccess,
 144     _In_ PGENERIC_MAPPING GenericMapping,
 145     _In_ BOOLEAN ObjectCreation,
 146     _Out_ PACCESS_MASK GrantedAccess,
 147     _Out_ PNTSTATUS AccessStatus,
 148     _Out_ PBOOLEAN GenerateOnClose
 149 );
 150
 151 _Must_inspect_result_
 152 __kernel_entry
 153 NTSYSCALLAPI
 154 NTSTATUS
 155 NTAPI
 156 NtAdjustGroupsToken(
 157     _In_ HANDLE TokenHandle,
 158     _In_ BOOLEAN ResetToDefault,
 159     _In_opt_ PTOKEN_GROUPS NewState,
 160     _In_opt_ ULONG BufferLength,
 161     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
 162     _Out_ PULONG ReturnLength
 163 );
 164
 165 _Must_inspect_result_
 166 __kernel_entry
 167 NTSYSCALLAPI
 168 NTSTATUS
 169 NTAPI
 170 NtAdjustPrivilegesToken(
 171     _In_ HANDLE TokenHandle,
 172     _In_ BOOLEAN DisableAllPrivileges,
 173     _In_opt_ PTOKEN_PRIVILEGES NewState,
 174     _In_ ULONG BufferLength,
 175     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
 176     _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
 177 );
 178
 179 NTSYSCALLAPI
 180 NTSTATUS
 181 NTAPI
 182 NtAllocateLocallyUniqueId(
 183     _Out_ LUID *LocallyUniqueId
 184 );
 185
 186 NTSYSCALLAPI
 187 NTSTATUS
 188 NTAPI
 189 NtAllocateUuids(
 190     PULARGE_INTEGER Time,
 191     PULONG Range,
 192     PULONG Sequence,
 193     PUCHAR Seed
 194 );
 195
 196 NTSYSCALLAPI
 197 NTSTATUS
 198 NTAPI
 199 NtCompareTokens(
 200     _In_ HANDLE FirstTokenHandle,
 201     _In_ HANDLE SecondTokenHandle,
 202     _Out_ PBOOLEAN Equal);
 203
 204 NTSYSCALLAPI
 205 NTSTATUS
 206 NTAPI
 207 NtCreateToken(
 208     _Out_ PHANDLE TokenHandle,
 209     _In_ ACCESS_MASK DesiredAccess,
 210     _In_ POBJECT_ATTRIBUTES ObjectAttributes,
 211     _In_ TOKEN_TYPE TokenType,
 212     _In_ PLUID AuthenticationId,
 213     _In_ PLARGE_INTEGER ExpirationTime,
 214     _In_ PTOKEN_USER TokenUser,
 215     _In_ PTOKEN_GROUPS TokenGroups,
 216     _In_ PTOKEN_PRIVILEGES TokenPrivileges,
 217     _In_ PTOKEN_OWNER TokenOwner,
 218     _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
 219     _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
 220     _In_ PTOKEN_SOURCE TokenSource
 221 );
 222
 223 _Must_inspect_result_
 224 __kernel_entry
 225 NTSYSCALLAPI
 226 NTSTATUS
 227 NTAPI
 228 NtDuplicateToken(
 229     _In_ HANDLE ExistingTokenHandle,
 230     _In_ ACCESS_MASK DesiredAccess,
 231     _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
 232     _In_ BOOLEAN EffectiveOnly,
 233     _In_ TOKEN_TYPE TokenType,
 234     _Out_ PHANDLE NewTokenHandle
 235 );
 236
 237 NTSYSCALLAPI
 238 NTSTATUS
 239 NTAPI
 240 NtImpersonateAnonymousToken(
 241     _In_ HANDLE Thread
 242 );
 243
 244 __kernel_entry
 245 NTSYSCALLAPI
 246 NTSTATUS
 247 NTAPI
 248 NtOpenObjectAuditAlarm(
 249     _In_ PUNICODE_STRING SubsystemName,
 250     _In_opt_ PVOID HandleId,
 251     _In_ PUNICODE_STRING ObjectTypeName,
 252     _In_ PUNICODE_STRING ObjectName,
 253     _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 254     _In_ HANDLE ClientToken,
 255     _In_ ACCESS_MASK DesiredAccess,
 256     _In_ ACCESS_MASK GrantedAccess,
 257     _In_opt_ PPRIVILEGE_SET Privileges,
 258     _In_ BOOLEAN ObjectCreation,
 259     _In_ BOOLEAN AccessGranted,
 260     _Out_ PBOOLEAN GenerateOnClose
 261 );
 262
 263 NTSYSCALLAPI
 264 NTSTATUS
 265 NTAPI
 266 NtOpenProcessTokenEx(
 267     _In_ HANDLE ProcessHandle,
 268     _In_ ACCESS_MASK DesiredAccess,
 269     _In_ ULONG HandleAttributes,
 270     _Out_ PHANDLE TokenHandle
 271 );
 272
 273 _Must_inspect_result_
 274 __kernel_entry
 275 NTSYSCALLAPI
 276 NTSTATUS
 277 NTAPI
 278 NtPrivilegeCheck(
 279     _In_ HANDLE ClientToken,
 280     _Inout_ PPRIVILEGE_SET RequiredPrivileges,
 281     _Out_ PBOOLEAN Result
 282 );
 283
 284 NTSYSCALLAPI
 285 NTSTATUS
 286 NTAPI
 287 NtPrivilegedServiceAuditAlarm(
 288     _In_ PUNICODE_STRING SubsystemName,
 289     _In_ PUNICODE_STRING ServiceName,
 290     _In_ HANDLE ClientToken,
 291     _In_ PPRIVILEGE_SET Privileges,
 292     _In_ BOOLEAN AccessGranted
 293 );
 294
 295 __kernel_entry
 296 NTSYSCALLAPI
 297 NTSTATUS
 298 NTAPI
 299 NtPrivilegeObjectAuditAlarm(
 300     _In_ PUNICODE_STRING SubsystemName,
 301     _In_opt_ PVOID HandleId,
 302     _In_ HANDLE ClientToken,
 303     _In_ ACCESS_MASK DesiredAccess,
 304     _In_ PPRIVILEGE_SET Privileges,
 305     _In_ BOOLEAN AccessGranted
 306 );
 307
 308 _When_(TokenInformationClass == TokenAccessInformation,
 309     _At_(TokenInformationLength, _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
 310 _Must_inspect_result_
 311 __kernel_entry
 312 NTSYSCALLAPI
 313 NTSTATUS
 314 NTAPI
 315 NtQueryInformationToken(
 316     _In_ HANDLE TokenHandle,
 317     _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
 318     _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
 319     _In_ ULONG TokenInformationLength,
 320     _Out_ PULONG ReturnLength
 321 );
 322
 323 _Must_inspect_result_
 324 __kernel_entry
 325 NTSYSCALLAPI
 326 NTSTATUS
 327 NTAPI
 328 NtSetInformationToken(
 329     _In_ HANDLE TokenHandle,
 330     _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
 331     _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
 332     _In_ ULONG TokenInformationLength
 333 );
 334
 335 NTSYSAPI
 336 NTSTATUS
 337 NTAPI
 338 ZwAccessCheck(
 339     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 340     _In_ HANDLE ClientToken,
 341     _In_ ACCESS_MASK DesiredAccess,
 342     _In_ PGENERIC_MAPPING GenericMapping,
 343     _Out_ PPRIVILEGE_SET PrivilegeSet,
 344     _Out_ PULONG ReturnLength,
 345     _Out_ PACCESS_MASK GrantedAccess,
 346     _Out_ PNTSTATUS AccessStatus
 347 );
 348
 349 NTSYSAPI
 350 NTSTATUS
 351 NTAPI
 352 ZwAdjustGroupsToken(
 353     _In_ HANDLE TokenHandle,
 354     _In_ BOOLEAN ResetToDefault,
 355     _In_ PTOKEN_GROUPS NewState,
 356     _In_ ULONG BufferLength,
 357     _Out_opt_ PTOKEN_GROUPS PreviousState,
 358     _Out_ PULONG ReturnLength
 359 );
 360
 361 _Must_inspect_result_
 362 NTSYSAPI
 363 NTSTATUS
 364 NTAPI
 365 ZwAdjustPrivilegesToken(
 366     _In_ HANDLE TokenHandle,
 367     _In_ BOOLEAN DisableAllPrivileges,
 368     _In_opt_ PTOKEN_PRIVILEGES NewState,
 369     _In_ ULONG BufferLength,
 370     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
 371     _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
 372 );
 373
 374 NTSYSAPI
 375 NTSTATUS
 376 NTAPI
 377 ZwAllocateLocallyUniqueId(
 378     _Out_ LUID *LocallyUniqueId
 379 );
 380
 381 NTSYSAPI
 382 NTSTATUS
 383 NTAPI
 384 ZwAllocateUuids(
 385     PULARGE_INTEGER Time,
 386     PULONG Range,
 387     PULONG Sequence,
 388     PUCHAR Seed
 389 );
 390
 391 NTSYSAPI
 392 NTSTATUS
 393 NTAPI
 394 ZwCreateToken(
 395     _Out_ PHANDLE TokenHandle,
 396     _In_ ACCESS_MASK DesiredAccess,
 397     _In_ POBJECT_ATTRIBUTES ObjectAttributes,
 398     _In_ TOKEN_TYPE TokenType,
 399     _In_ PLUID AuthenticationId,
 400     _In_ PLARGE_INTEGER ExpirationTime,
 401     _In_ PTOKEN_USER TokenUser,
 402     _In_ PTOKEN_GROUPS TokenGroups,
 403     _In_ PTOKEN_PRIVILEGES TokenPrivileges,
 404     _In_ PTOKEN_OWNER TokenOwner,
 405     _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
 406     _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
 407     _In_ PTOKEN_SOURCE TokenSource
 408 );
 409
 410 _IRQL_requires_max_(PASSIVE_LEVEL)
 411 NTSYSAPI
 412 NTSTATUS
 413 NTAPI
 414 ZwDuplicateToken(
 415     _In_ HANDLE ExistingTokenHandle,
 416     _In_ ACCESS_MASK DesiredAccess,
 417     _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
 418     _In_ BOOLEAN EffectiveOnly,
 419     _In_ TOKEN_TYPE TokenType,
 420     _Out_ PHANDLE NewTokenHandle
 421 );
 422
 423 NTSYSAPI
 424 NTSTATUS
 425 NTAPI
 426 ZwImpersonateAnonymousToken(
 427     _In_ HANDLE Thread
 428 );
 429
 430 NTSYSAPI
 431 NTSTATUS
 432 NTAPI
 433 ZwOpenObjectAuditAlarm(
 434     _In_ PUNICODE_STRING SubsystemName,
 435     _In_ PVOID HandleId,
 436     _In_ PUNICODE_STRING ObjectTypeName,
 437     _In_ PUNICODE_STRING ObjectName,
 438     _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 439     _In_ HANDLE ClientToken,
 440     _In_ ULONG DesiredAccess,
 441     _In_ ULONG GrantedAccess,
 442     _In_ PPRIVILEGE_SET Privileges,
 443     _In_ BOOLEAN ObjectCreation,
 444     _In_ BOOLEAN AccessGranted,
 445     _Out_ PBOOLEAN GenerateOnClose
 446 );
 447
 448 _IRQL_requires_max_(PASSIVE_LEVEL)
 449 NTSYSAPI
 450 NTSTATUS
 451 NTAPI
 452 ZwOpenProcessToken(
 453     _In_ HANDLE ProcessHandle,
 454     _In_ ACCESS_MASK DesiredAccess,
 455     _Out_ PHANDLE TokenHandle
 456 );
 457
 458 NTSYSAPI
 459 NTSTATUS
 460 NTAPI
 461 ZwOpenProcessTokenEx(
 462     _In_ HANDLE ProcessHandle,
 463     _In_ ACCESS_MASK DesiredAccess,
 464     _In_ ULONG HandleAttributes,
 465     _Out_ PHANDLE TokenHandle
 466 );
 467
 468 NTSYSAPI
 469 NTSTATUS
 470 NTAPI
 471 ZwPrivilegeCheck(
 472     _In_ HANDLE ClientToken,
 473     _In_ PPRIVILEGE_SET RequiredPrivileges,
 474     _In_ PBOOLEAN Result
 475 );
 476
 477 NTSYSAPI
 478 NTSTATUS
 479 NTAPI
 480 ZwPrivilegedServiceAuditAlarm(
 481     _In_ PUNICODE_STRING SubsystemName,
 482     _In_ PUNICODE_STRING ServiceName,
 483     _In_ HANDLE ClientToken,
 484     _In_ PPRIVILEGE_SET Privileges,
 485     _In_ BOOLEAN AccessGranted
 486 );
 487
 488 NTSYSAPI
 489 NTSTATUS
 490 NTAPI
 491 ZwPrivilegeObjectAuditAlarm(
 492     _In_ PUNICODE_STRING SubsystemName,
 493     _In_ PVOID HandleId,
 494     _In_ HANDLE ClientToken,
 495     _In_ ULONG DesiredAccess,
 496     _In_ PPRIVILEGE_SET Privileges,
 497     _In_ BOOLEAN AccessGranted
 498 );
 499
 500 _IRQL_requires_max_(PASSIVE_LEVEL)
 501 NTSYSAPI
 502 NTSTATUS
 503 NTAPI
 504 ZwQueryInformationToken(
 505     _In_ HANDLE TokenHandle,
 506     _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
 507     _Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
 508     _In_ ULONG Length,
 509     _Out_ PULONG ResultLength
 510 );
 511
 512 NTSYSAPI
 513 NTSTATUS
 514 NTAPI
 515 ZwSetInformationToken(
 516     _In_ HANDLE TokenHandle,
 517     _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
 518     _Out_ PVOID TokenInformation,
 519     _In_ ULONG TokenInformationLength
 520 );
 521 #endif