From 9a06fb6a0d296c53a9e7b692a8789031841fbe6e Mon Sep 17 00:00:00 2001 From: Amine Khaldi Date: Fri, 5 Mar 2010 23:11:56 +0000 Subject: [PATCH] [NTIFS] - Group related definitions - Correct ACCESS_MAX_MS_V5_ACE_TYPE definition - Add SYSTEM_MANDATORY_LABEL_ACE_TYPE, SUCCESSFUL_ACCESS_ACE_FLAG, FAILED_ACCESS_ACE_FLAG, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP, SYSTEM_MANDATORY_LABEL_NO_READ_UP, SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP and SYSTEM_MANDATORY_LABEL_VALID_MASK definitions svn path=/branches/header-work/; revision=45902 --- include/ddk/ntifs.h | 400 ++++++++++++++++++++++---------------------- 1 file changed, 199 insertions(+), 201 deletions(-) diff --git a/include/ddk/ntifs.h b/include/ddk/ntifs.h index a33e1051af2..9849a5a0cb3 100644 --- a/include/ddk/ntifs.h +++ b/include/ddk/ntifs.h @@ -231,6 +231,203 @@ typedef struct _SID_AND_ATTRIBUTES_HASH { #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L) +/* Well-known domain relative sub-authority values (RIDs) */ + +#define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L) + +#define FOREST_USER_RID_MAX (0x000001F3L) + +/* Well-known users */ + +#define DOMAIN_USER_RID_ADMIN (0x000001F4L) +#define DOMAIN_USER_RID_GUEST (0x000001F5L) +#define DOMAIN_USER_RID_KRBTGT (0x000001F6L) + +#define DOMAIN_USER_RID_MAX (0x000003E7L) + +/* Well-known groups */ + +#define DOMAIN_GROUP_RID_ADMINS (0x00000200L) +#define DOMAIN_GROUP_RID_USERS (0x00000201L) +#define DOMAIN_GROUP_RID_GUESTS (0x00000202L) +#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L) +#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L) +#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L) +#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L) +#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L) +#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L) +#define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L) + +/* Well-known aliases */ + +#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L) +#define DOMAIN_ALIAS_RID_USERS (0x00000221L) +#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L) +#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L) + +#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L) +#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L) +#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L) +#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L) + +#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L) +#define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L) +#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL) +#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL) +#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL) +#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL) + +#define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL) +#define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL) +#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L) +#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L) +#define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L) +#define DOMAIN_ALIAS_RID_IUSERS (0x00000238L) +#define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L) +#define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL) +#define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL) +#define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL) +#define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL) + +#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16} +#define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L) +#define SECURITY_MANDATORY_LOW_RID (0x00001000L) +#define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L) +#define SECURITY_MANDATORY_HIGH_RID (0x00003000L) +#define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L) +#define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L) + +/* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that + can be set by a usermode caller.*/ + +#define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID + +#define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000) + +/* Allocate the System Luid. The first 1000 LUIDs are reserved. + Use #999 here (0x3e7 = 999) */ + +#define SYSTEM_LUID { 0x3e7, 0x0 } +#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 } +#define LOCALSERVICE_LUID { 0x3e5, 0x0 } +#define NETWORKSERVICE_LUID { 0x3e4, 0x0 } +#define IUSER_LUID { 0x3e3, 0x0 } + +typedef struct _ACE_HEADER { + UCHAR AceType; + UCHAR AceFlags; + USHORT AceSize; +} ACE_HEADER, *PACE_HEADER; + +/* also in winnt.h */ +#define ACCESS_MIN_MS_ACE_TYPE (0x0) +#define ACCESS_ALLOWED_ACE_TYPE (0x0) +#define ACCESS_DENIED_ACE_TYPE (0x1) +#define SYSTEM_AUDIT_ACE_TYPE (0x2) +#define SYSTEM_ALARM_ACE_TYPE (0x3) +#define ACCESS_MAX_MS_V2_ACE_TYPE (0x3) +#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4) +#define ACCESS_MAX_MS_V3_ACE_TYPE (0x4) +#define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5) +#define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5) +#define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6) +#define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7) +#define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8) +#define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8) +#define ACCESS_MAX_MS_V4_ACE_TYPE (0x8) +#define ACCESS_MAX_MS_ACE_TYPE (0x8) +#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9) +#define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA) +#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB) +#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC) +#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD) +#define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE) +#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF) +#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10) +#define ACCESS_MAX_MS_V5_ACE_TYPE (0x11) +#define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11) + +/* The following are the inherit flags that go into the AceFlags field + of an Ace header. */ + +#define OBJECT_INHERIT_ACE (0x1) +#define CONTAINER_INHERIT_ACE (0x2) +#define NO_PROPAGATE_INHERIT_ACE (0x4) +#define INHERIT_ONLY_ACE (0x8) +#define INHERITED_ACE (0x10) +#define VALID_INHERIT_FLAGS (0x1F) + +#define SUCCESSFUL_ACCESS_ACE_FLAG (0x40) +#define FAILED_ACCESS_ACE_FLAG (0x80) + +typedef struct _ACCESS_ALLOWED_ACE { + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE; + +typedef struct _ACCESS_DENIED_ACE { + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE; + +typedef struct _SYSTEM_AUDIT_ACE { + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE; + +typedef struct _SYSTEM_ALARM_ACE { + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE; + +typedef struct _SYSTEM_MANDATORY_LABEL_ACE { + ACE_HEADER Header; + ACCESS_MASK Mask; + ULONG SidStart; +} SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE; + +#define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1 +#define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2 +#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4 +#define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \ + SYSTEM_MANDATORY_LABEL_NO_READ_UP | \ + SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP) + +#define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR)) + +typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL; + +#define SE_OWNER_DEFAULTED 0x0001 +#define SE_GROUP_DEFAULTED 0x0002 +#define SE_DACL_PRESENT 0x0004 +#define SE_DACL_DEFAULTED 0x0008 +#define SE_SACL_PRESENT 0x0010 +#define SE_SACL_DEFAULTED 0x0020 +#define SE_DACL_UNTRUSTED 0x0040 +#define SE_SERVER_SECURITY 0x0080 +#define SE_DACL_AUTO_INHERIT_REQ 0x0100 +#define SE_SACL_AUTO_INHERIT_REQ 0x0200 +#define SE_DACL_AUTO_INHERITED 0x0400 +#define SE_SACL_AUTO_INHERITED 0x0800 +#define SE_DACL_PROTECTED 0x1000 +#define SE_SACL_PROTECTED 0x2000 +#define SE_RM_CONTROL_VALID 0x4000 +#define SE_SELF_RELATIVE 0x8000 + +typedef struct _SECURITY_DESCRIPTOR_RELATIVE { + UCHAR Revision; + UCHAR Sbz1; + SECURITY_DESCRIPTOR_CONTROL Control; + ULONG Owner; + ULONG Group; + ULONG Sacl; + ULONG Dacl; +} SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE; + #pragma pack(push,4) #ifndef VER_PRODUCTBUILD @@ -289,33 +486,6 @@ typedef enum _SECURITY_LOGON_TYPE #define DOS_QM (L'>') #define DOS_DOT (L'"') -/* also in winnt.h */ -#define ACCESS_MIN_MS_ACE_TYPE (0x0) -#define ACCESS_ALLOWED_ACE_TYPE (0x0) -#define ACCESS_DENIED_ACE_TYPE (0x1) -#define SYSTEM_AUDIT_ACE_TYPE (0x2) -#define SYSTEM_ALARM_ACE_TYPE (0x3) -#define ACCESS_MAX_MS_V2_ACE_TYPE (0x3) -#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4) -#define ACCESS_MAX_MS_V3_ACE_TYPE (0x4) -#define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5) -#define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5) -#define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6) -#define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7) -#define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8) -#define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8) -#define ACCESS_MAX_MS_V4_ACE_TYPE (0x8) -#define ACCESS_MAX_MS_ACE_TYPE (0x8) -#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9) -#define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA) -#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB) -#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC) -#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD) -#define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE) -#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF) -#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10) -#define ACCESS_MAX_MS_V5_ACE_TYPE (0x10) - #define COMPRESSION_FORMAT_NONE (0x0000) #define COMPRESSION_FORMAT_DEFAULT (0x0001) #define COMPRESSION_FORMAT_LZNT1 (0x0002) @@ -595,23 +765,6 @@ typedef enum _SECURITY_LOGON_TYPE #define VACB_MAPPING_GRANULARITY (0x40000) #define VACB_OFFSET_SHIFT (18) -#define SE_OWNER_DEFAULTED 0x0001 -#define SE_GROUP_DEFAULTED 0x0002 -#define SE_DACL_PRESENT 0x0004 -#define SE_DACL_DEFAULTED 0x0008 -#define SE_SACL_PRESENT 0x0010 -#define SE_SACL_DEFAULTED 0x0020 -#define SE_DACL_UNTRUSTED 0x0040 -#define SE_SERVER_SECURITY 0x0080 -#define SE_DACL_AUTO_INHERIT_REQ 0x0100 -#define SE_SACL_AUTO_INHERIT_REQ 0x0200 -#define SE_DACL_AUTO_INHERITED 0x0400 -#define SE_SACL_AUTO_INHERITED 0x0800 -#define SE_DACL_PROTECTED 0x1000 -#define SE_SACL_PROTECTED 0x2000 -#define SE_RM_CONTROL_VALID 0x4000 -#define SE_SELF_RELATIVE 0x8000 - #ifndef _WINNT_H #define _AUDIT_EVENT_TYPE_HACK 0 #endif @@ -837,97 +990,6 @@ typedef struct _COMPRESSED_DATA_INFO { ULONG CompressedChunkSizes[ANYSIZE_ARRAY]; } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO; -// -// Well-known domain relative sub-authority values (RIDs) -// -#define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L) - -#define FOREST_USER_RID_MAX (0x000001F3L) - -// -// Well-known users -// -#define DOMAIN_USER_RID_ADMIN (0x000001F4L) -#define DOMAIN_USER_RID_GUEST (0x000001F5L) -#define DOMAIN_USER_RID_KRBTGT (0x000001F6L) - -#define DOMAIN_USER_RID_MAX (0x000003E7L) - -// -// Well-known groups -// -#define DOMAIN_GROUP_RID_ADMINS (0x00000200L) -#define DOMAIN_GROUP_RID_USERS (0x00000201L) -#define DOMAIN_GROUP_RID_GUESTS (0x00000202L) -#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L) -#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L) -#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L) -#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L) -#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L) -#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L) -#define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L) - -// -// Well-known aliases -// -#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L) -#define DOMAIN_ALIAS_RID_USERS (0x00000221L) -#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L) -#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L) - -#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L) -#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L) -#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L) -#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L) - -#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L) -#define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L) -#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL) -#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL) -#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL) -#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL) - -#define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL) -#define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL) -#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L) -#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L) -#define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L) -#define DOMAIN_ALIAS_RID_IUSERS (0x00000238L) -#define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L) -#define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL) -#define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL) -#define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL) -#define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL) - - -#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16} -#define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L) -#define SECURITY_MANDATORY_LOW_RID (0x00001000L) -#define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L) -#define SECURITY_MANDATORY_HIGH_RID (0x00003000L) -#define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L) -#define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L) - -// -// SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that -// can be set by a usermode caller. -// -#define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID - -#define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000) - -// -// Allocate the System Luid. The first 1000 LUIDs are reserved. -// Use #999 here (0x3e7 = 999) -// -#define SYSTEM_LUID { 0x3e7, 0x0 } -#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 } -#define LOCALSERVICE_LUID { 0x3e5, 0x0 } -#define NETWORKSERVICE_LUID { 0x3e4, 0x0 } -#define IUSER_LUID { 0x3e3, 0x0 } - - - typedef struct _TOKEN_SOURCE { CHAR SourceName[TOKEN_SOURCE_LENGTH]; LUID SourceIdentifier; @@ -989,7 +1051,7 @@ typedef struct _TOKEN_STATISTICS { typedef struct _TOKEN_USER { SID_AND_ATTRIBUTES User; } TOKEN_USER, *PTOKEN_USER; -typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL; + typedef struct _SECURITY_DESCRIPTOR { UCHAR Revision; UCHAR Sbz1; @@ -1000,23 +1062,12 @@ typedef struct _SECURITY_DESCRIPTOR { PACL Dacl; } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR; -#define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR)) - typedef struct _OBJECT_TYPE_LIST { USHORT Level; USHORT Sbz; GUID *ObjectType; } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST; - -typedef struct _SECURITY_DESCRIPTOR_RELATIVE { - UCHAR Revision; - UCHAR Sbz1; - SECURITY_DESCRIPTOR_CONTROL Control; - ULONG Owner; - ULONG Group; - ULONG Sacl; - ULONG Dacl; -} SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE; + typedef enum _TOKEN_INFORMATION_CLASS { TokenUser=1,TokenGroups,TokenPrivileges,TokenOwner, TokenPrimaryGroup,TokenDefaultDacl,TokenSource,TokenType, @@ -2168,59 +2219,6 @@ typedef struct _SECURITY_CLIENT_CONTEXT { TOKEN_CONTROL ClientTokenControl; } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT; -// -// The following are the inherit flags that go into the AceFlags field -// of an Ace header. -// -#define OBJECT_INHERIT_ACE (0x1) -#define CONTAINER_INHERIT_ACE (0x2) -#define NO_PROPAGATE_INHERIT_ACE (0x4) -#define INHERIT_ONLY_ACE (0x8) -#define INHERITED_ACE (0x10) -#define VALID_INHERIT_FLAGS (0x1F) - -typedef struct _ACE_HEADER -{ - UCHAR AceType; - UCHAR AceFlags; - USHORT AceSize; -} ACE_HEADER, *PACE_HEADER; - -typedef struct _ACCESS_ALLOWED_ACE -{ - ACE_HEADER Header; - ACCESS_MASK Mask; - ULONG SidStart; -} ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE; - -typedef struct _ACCESS_DENIED_ACE -{ - ACE_HEADER Header; - ACCESS_MASK Mask; - ULONG SidStart; -} ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE; - -typedef struct _SYSTEM_AUDIT_ACE -{ - ACE_HEADER Header; - ACCESS_MASK Mask; - ULONG SidStart; -} SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE; - -typedef struct _SYSTEM_ALARM_ACE -{ - ACE_HEADER Header; - ACCESS_MASK Mask; - ULONG SidStart; -} SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE; - -typedef struct _SYSTEM_MANDATORY_LABEL_ACE -{ - ACE_HEADER Header; - ACCESS_MASK Mask; - ULONG SidStart; -} SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE; - typedef struct _TUNNEL { FAST_MUTEX Mutex; PRTL_SPLAY_LINKS Cache; -- 2.17.1