+++ /dev/null
-/*++ NDK Version: 0098
-
-Copyright (c) Alex Ionescu. All rights reserved.
-
-Header Name:
-
- sefuncs.h
-
-Abstract:
-
- Function definitions for the security manager.
-
-Author:
-
- Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
-
---*/
-
-#ifndef _SEFUNCS_H
-#define _SEFUNCS_H
-
-//
-// Dependencies
-//
-#include <umtypes.h>
-
-#ifndef NTOS_MODE_USER
-
-//
-// Security Descriptors
-//
-NTKERNELAPI
-NTSTATUS
-NTAPI
-SeCaptureSecurityDescriptor(
- _In_ PSECURITY_DESCRIPTOR OriginalSecurityDescriptor,
- _In_ KPROCESSOR_MODE CurrentMode,
- _In_ POOL_TYPE PoolType,
- _In_ BOOLEAN CaptureIfKernel,
- _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor
-);
-
-NTKERNELAPI
-NTSTATUS
-NTAPI
-SeReleaseSecurityDescriptor(
- _In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
- _In_ KPROCESSOR_MODE CurrentMode,
- _In_ BOOLEAN CaptureIfKernelMode
-);
-
-//
-// Access States
-//
-NTKERNELAPI
-NTSTATUS
-NTAPI
-SeCreateAccessState(
- PACCESS_STATE AccessState,
- PAUX_ACCESS_DATA AuxData,
- ACCESS_MASK Access,
- PGENERIC_MAPPING GenericMapping
-);
-
-NTKERNELAPI
-VOID
-NTAPI
-SeDeleteAccessState(
- _In_ PACCESS_STATE AccessState
-);
-
-//
-// Impersonation
-//
-NTKERNELAPI
-SECURITY_IMPERSONATION_LEVEL
-NTAPI
-SeTokenImpersonationLevel(
- _In_ PACCESS_TOKEN Token
-);
-
-#endif
-
-//
-// Native Calls
-//
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAccessCheck(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ PGENERIC_MAPPING GenericMapping,
- _Out_ PPRIVILEGE_SET PrivilegeSet,
- _Out_ PULONG ReturnLength,
- _Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
-
-NTSTATUS
-NTAPI
-NtAccessCheckByType(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ PSID PrincipalSelfSid,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ POBJECT_TYPE_LIST ObjectTypeList,
- _In_ ULONG ObjectTypeLength,
- _In_ PGENERIC_MAPPING GenericMapping,
- _In_ PPRIVILEGE_SET PrivilegeSet,
- _Inout_ PULONG PrivilegeSetLength,
- _Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
-
-NTSTATUS
-NTAPI
-NtAccessCheckByTypeResultList(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ PSID PrincipalSelfSid,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ POBJECT_TYPE_LIST ObjectTypeList,
- _In_ ULONG ObjectTypeLength,
- _In_ PGENERIC_MAPPING GenericMapping,
- _In_ PPRIVILEGE_SET PrivilegeSet,
- _Inout_ PULONG PrivilegeSetLength,
- _Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
-
-_Must_inspect_result_
-__kernel_entry NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAccessCheckAndAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_opt_ PVOID HandleId,
- _In_ PUNICODE_STRING ObjectTypeName,
- _In_ PUNICODE_STRING ObjectName,
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ PGENERIC_MAPPING GenericMapping,
- _In_ BOOLEAN ObjectCreation,
- _Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus,
- _Out_ PBOOLEAN GenerateOnClose
-);
-
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAdjustGroupsToken(
- _In_ HANDLE TokenHandle,
- _In_ BOOLEAN ResetToDefault,
- _In_opt_ PTOKEN_GROUPS NewState,
- _In_opt_ ULONG BufferLength,
- _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
- _Out_ PULONG ReturnLength
-);
-
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAdjustPrivilegesToken(
- _In_ HANDLE TokenHandle,
- _In_ BOOLEAN DisableAllPrivileges,
- _In_opt_ PTOKEN_PRIVILEGES NewState,
- _In_ ULONG BufferLength,
- _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
- _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAllocateLocallyUniqueId(
- _Out_ LUID *LocallyUniqueId
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtAllocateUuids(
- PULARGE_INTEGER Time,
- PULONG Range,
- PULONG Sequence,
- PUCHAR Seed
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtCompareTokens(
- _In_ HANDLE FirstTokenHandle,
- _In_ HANDLE SecondTokenHandle,
- _Out_ PBOOLEAN Equal);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtCreateToken(
- _Out_ PHANDLE TokenHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ POBJECT_ATTRIBUTES ObjectAttributes,
- _In_ TOKEN_TYPE TokenType,
- _In_ PLUID AuthenticationId,
- _In_ PLARGE_INTEGER ExpirationTime,
- _In_ PTOKEN_USER TokenUser,
- _In_ PTOKEN_GROUPS TokenGroups,
- _In_ PTOKEN_PRIVILEGES TokenPrivileges,
- _In_ PTOKEN_OWNER TokenOwner,
- _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
- _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
- _In_ PTOKEN_SOURCE TokenSource
-);
-
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtDuplicateToken(
- _In_ HANDLE ExistingTokenHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
- _In_ BOOLEAN EffectiveOnly,
- _In_ TOKEN_TYPE TokenType,
- _Out_ PHANDLE NewTokenHandle
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtImpersonateAnonymousToken(
- _In_ HANDLE Thread
-);
-
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtOpenObjectAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_opt_ PVOID HandleId,
- _In_ PUNICODE_STRING ObjectTypeName,
- _In_ PUNICODE_STRING ObjectName,
- _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ ACCESS_MASK GrantedAccess,
- _In_opt_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN ObjectCreation,
- _In_ BOOLEAN AccessGranted,
- _Out_ PBOOLEAN GenerateOnClose
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtOpenProcessTokenEx(
- _In_ HANDLE ProcessHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ ULONG HandleAttributes,
- _Out_ PHANDLE TokenHandle
-);
-
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtPrivilegeCheck(
- _In_ HANDLE ClientToken,
- _Inout_ PPRIVILEGE_SET RequiredPrivileges,
- _Out_ PBOOLEAN Result
-);
-
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtPrivilegedServiceAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_ PUNICODE_STRING ServiceName,
- _In_ HANDLE ClientToken,
- _In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
-
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtPrivilegeObjectAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_opt_ PVOID HandleId,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
-
-_When_(TokenInformationClass == TokenAccessInformation,
- _At_(TokenInformationLength, _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtQueryInformationToken(
- _In_ HANDLE TokenHandle,
- _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
- _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
- _In_ ULONG TokenInformationLength,
- _Out_ PULONG ReturnLength
-);
-
-_Must_inspect_result_
-__kernel_entry
-NTSYSCALLAPI
-NTSTATUS
-NTAPI
-NtSetInformationToken(
- _In_ HANDLE TokenHandle,
- _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
- _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
- _In_ ULONG TokenInformationLength
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwAccessCheck(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ HANDLE ClientToken,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ PGENERIC_MAPPING GenericMapping,
- _Out_ PPRIVILEGE_SET PrivilegeSet,
- _Out_ PULONG ReturnLength,
- _Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwAdjustGroupsToken(
- _In_ HANDLE TokenHandle,
- _In_ BOOLEAN ResetToDefault,
- _In_ PTOKEN_GROUPS NewState,
- _In_ ULONG BufferLength,
- _Out_opt_ PTOKEN_GROUPS PreviousState,
- _Out_ PULONG ReturnLength
-);
-
-_Must_inspect_result_
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwAdjustPrivilegesToken(
- _In_ HANDLE TokenHandle,
- _In_ BOOLEAN DisableAllPrivileges,
- _In_opt_ PTOKEN_PRIVILEGES NewState,
- _In_ ULONG BufferLength,
- _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
- _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwAllocateLocallyUniqueId(
- _Out_ LUID *LocallyUniqueId
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwAllocateUuids(
- PULARGE_INTEGER Time,
- PULONG Range,
- PULONG Sequence,
- PUCHAR Seed
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwCreateToken(
- _Out_ PHANDLE TokenHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ POBJECT_ATTRIBUTES ObjectAttributes,
- _In_ TOKEN_TYPE TokenType,
- _In_ PLUID AuthenticationId,
- _In_ PLARGE_INTEGER ExpirationTime,
- _In_ PTOKEN_USER TokenUser,
- _In_ PTOKEN_GROUPS TokenGroups,
- _In_ PTOKEN_PRIVILEGES TokenPrivileges,
- _In_ PTOKEN_OWNER TokenOwner,
- _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
- _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
- _In_ PTOKEN_SOURCE TokenSource
-);
-
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwDuplicateToken(
- _In_ HANDLE ExistingTokenHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
- _In_ BOOLEAN EffectiveOnly,
- _In_ TOKEN_TYPE TokenType,
- _Out_ PHANDLE NewTokenHandle
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwImpersonateAnonymousToken(
- _In_ HANDLE Thread
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwOpenObjectAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_ PVOID HandleId,
- _In_ PUNICODE_STRING ObjectTypeName,
- _In_ PUNICODE_STRING ObjectName,
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ HANDLE ClientToken,
- _In_ ULONG DesiredAccess,
- _In_ ULONG GrantedAccess,
- _In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN ObjectCreation,
- _In_ BOOLEAN AccessGranted,
- _Out_ PBOOLEAN GenerateOnClose
-);
-
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwOpenProcessToken(
- _In_ HANDLE ProcessHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _Out_ PHANDLE TokenHandle
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwOpenProcessTokenEx(
- _In_ HANDLE ProcessHandle,
- _In_ ACCESS_MASK DesiredAccess,
- _In_ ULONG HandleAttributes,
- _Out_ PHANDLE TokenHandle
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwPrivilegeCheck(
- _In_ HANDLE ClientToken,
- _In_ PPRIVILEGE_SET RequiredPrivileges,
- _In_ PBOOLEAN Result
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwPrivilegedServiceAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_ PUNICODE_STRING ServiceName,
- _In_ HANDLE ClientToken,
- _In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwPrivilegeObjectAuditAlarm(
- _In_ PUNICODE_STRING SubsystemName,
- _In_ PVOID HandleId,
- _In_ HANDLE ClientToken,
- _In_ ULONG DesiredAccess,
- _In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
-
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwQueryInformationToken(
- _In_ HANDLE TokenHandle,
- _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
- _Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
- _In_ ULONG Length,
- _Out_ PULONG ResultLength
-);
-
-NTSYSAPI
-NTSTATUS
-NTAPI
-ZwSetInformationToken(
- _In_ HANDLE TokenHandle,
- _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
- _Out_ PVOID TokenInformation,
- _In_ ULONG TokenInformationLength
-);
-#endif