From: Timo Kreuzer <timo.kreuzer@reactos.org>
Date: Sun, 16 Feb 2014 09:08:22 +0000 (+0000)
Subject: [NTOSKRNL]
X-Git-Tag: ReactOS-0.3.16-CLT2014~112
X-Git-Url: https://git.reactos.org/?p=reactos.git;a=commitdiff_plain;h=c01564fe182ea022a2d4096f1701187630005370;hp=5c9eeb7616b5ad6a1839fc65fd25ecce8abbe41b;ds=sidebyside

[NTOSKRNL]
- Halfplement SeReportSecurityEvent, stub SeSetAuditParameter and enable both exports, which are SP1!

svn path=/trunk/; revision=62207
---

diff --git a/reactos/ntoskrnl/ntoskrnl.spec b/reactos/ntoskrnl/ntoskrnl.spec
index 51ad5f54880..e5d8eeebdf7 100644
--- a/reactos/ntoskrnl/ntoskrnl.spec
+++ b/reactos/ntoskrnl/ntoskrnl.spec
@@ -1373,9 +1373,9 @@
 @ stdcall SeRegisterLogonSessionTerminatedRoutine(ptr)
 @ stdcall SeReleaseSecurityDescriptor(ptr long long)
 @ stdcall SeReleaseSubjectContext(ptr)
-;@ cdecl -arch=x86_64 SeReportSecurityEvent
+@ stdcall SeReportSecurityEvent(long ptr ptr ptr)
 @ stdcall SeSetAccessStateGenericMapping(ptr ptr)
-;SeSetAuditParameter
+@ stdcall SeSetAuditParameter(ptr long long ptr)
 @ stdcall SeSetSecurityDescriptorInfo(ptr ptr ptr ptr long ptr)
 @ stdcall SeSetSecurityDescriptorInfoEx(ptr ptr ptr ptr long long ptr)
 @ stdcall SeSinglePrivilegeCheck(long long long)
diff --git a/reactos/ntoskrnl/se/semgr.c b/reactos/ntoskrnl/se/semgr.c
index cd693edc276..4d7c776cc5b 100644
--- a/reactos/ntoskrnl/se/semgr.c
+++ b/reactos/ntoskrnl/se/semgr.c
@@ -311,4 +311,86 @@ SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
     }
 }
 
+NTSTATUS
+NTAPI
+SeReportSecurityEvent(
+    _In_ ULONG Flags,
+    _In_ PUNICODE_STRING SourceName,
+    _In_opt_ PSID UserSid,
+    _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
+{
+    SECURITY_SUBJECT_CONTEXT SubjectContext;
+    PTOKEN EffectiveToken;
+    PISID Sid;
+    NTSTATUS Status;
+
+    /* Validate parameters */
+    if ((Flags != 0) ||
+        (SourceName == NULL) ||
+        (SourceName->Buffer == NULL) ||
+        (SourceName->Length == 0) ||
+        (AuditParameters == NULL) ||
+        (AuditParameters->ParameterCount > SE_MAX_AUDIT_PARAMETERS - 4))
+    {
+        return STATUS_INVALID_PARAMETER;
+    }
+
+    /* Validate the source name */
+    Status = RtlValidateUnicodeString(0, SourceName);
+    if (!NT_SUCCESS(Status))
+    {
+        return Status;
+    }
+
+    /* Check if we have a user SID */
+    if (UserSid != NULL)
+    {
+        /* Validate it */
+        if (!RtlValidSid(UserSid))
+        {
+            return STATUS_INVALID_PARAMETER;
+        }
+
+        /* Use the user SID */
+        Sid = UserSid;
+    }
+    else
+    {
+        /* No user SID, capture the security subject context */
+        SeCaptureSubjectContext(&SubjectContext);
+
+        /* Extract the effective token */
+        EffectiveToken = SubjectContext.ClientToken ?
+            SubjectContext.ClientToken : SubjectContext.PrimaryToken;
+
+        /* Use the user-and-groups SID */
+        Sid = EffectiveToken->UserAndGroups->Sid;
+    }
+
+    UNIMPLEMENTED;
+
+    /* Check if we captured the subject context */
+    if (Sid != UserSid)
+    {
+        /* Release it */
+        SeReleaseSubjectContext(&SubjectContext);
+    }
+
+    /* Return success */
+    return STATUS_SUCCESS;
+}
+
+_Const_
+NTSTATUS
+NTAPI
+SeSetAuditParameter(
+    _Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
+    _In_ SE_ADT_PARAMETER_TYPE Type,
+    _In_range_(<, SE_MAX_AUDIT_PARAMETERS) ULONG Index,
+    _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE")) PVOID Data)
+{
+    UNIMPLEMENTED;
+    return STATUS_SUCCESS;
+}
+
 /* EOF */