Queries information details about a security descriptor.
Computes the quota size of a security descriptor.
Assigns a security descriptor for a new object.
An extended function that assigns a security descriptor for a new object.
Frees a security descriptor.
An extended function that sets new information data to a security descriptor.
Modifies some information data about a security descriptor.
- Parameters
-
[in] | SecurityInformation | Security information details to be queried from a security descriptor. |
[out] | SecurityDescriptor | The returned security descriptor with security information data. |
[in,out] | Length | The returned length of a security descriptor. |
[in,out] | ObjectsSecurityDescriptor | The returned object security descriptor. |
- Returns
- Returns STATUS_SUCCESS if the operations have been completed successfully and that the specific information about the security descriptor has been queried. STATUS_BUFFER_TOO_SMALL is returned if the buffer size is too small to contain the queried info about the security descriptor.
- Parameters
-
[in] | Object | If specified, the function will use this arbitrary object that points to an object security descriptor. |
[in] | SecurityInformation | Security information details to be set. |
[in] | SecurityDescriptor | A security descriptor where its info is to be changed. |
[in,out] | ObjectsSecurityDescriptor | The returned pointer to security descriptor objects. |
[in] | PoolType | Pool type for the new security descriptor to allocate. |
[in] | GenericMapping | The generic mapping of access rights masks. |
- Returns
- See SeSetSecurityDescriptorInfoEx.
- Parameters
-
[in] | Object | If specified, the function will use this arbitrary object that points to an object security descriptor. |
[in] | SecurityInformation | Security information details to be set. |
[in] | SecurityDescriptor | A security descriptor where its info is to be changed. |
[in,out] | ObjectsSecurityDescriptor | The returned pointer to security descriptor objects. |
[in] | AutoInheritFlags | Flags bitmask inheritation, influencing how the security descriptor can be inherited and if it can be in the first place. |
[in] | PoolType | Pool type for the new security descriptor to allocate. |
[in] | GenericMapping | The generic mapping of access rights masks. |
- Returns
- Returns STATUS_SUCCESS if the operations have been completed without problems and that new info has been set to the security descriptor. STATUS_NO_SECURITY_ON_OBJECT is returned if the object does not have a security descriptor. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the new security descriptor with new info set has failed.
- Parameters
-
[in] | SecurityDescriptor | A security descriptor to be freed from memory. |
- Returns
- Returns STATUS_SUCCESS.
- Parameters
-
[in] | _ParentDescriptor | A security descriptor of the parent object that is being created. |
[in] | _ExplicitDescriptor | An explicit security descriptor that is applied to a new object. |
[out] | NewDescriptor | The new allocated security descriptor. |
[in] | ObjectType | The type of the new object. |
[in] | IsDirectoryObject | Set this to TRUE if the newly created object is a directory object, otherwise set this to FALSE. |
[in] | AutoInheritFlags | Automatic inheritance flags that influence how access control entries within ACLs from security descriptors are inherited. |
[in] | SubjectContext | Security subject context of the new object. |
[in] | GenericMapping | Generic mapping of access mask rights. |
[in] | PoolType | This parameter is unused. |
- Returns
- Returns STATUS_SUCCESS if the operations have been completed successfully and that the security descriptor has been assigned to the new object. STATUS_NO_TOKEN is returned if the caller hasn't supplied a valid argument to a security subject context. STATUS_INVALID_OWNER is returned if the caller hasn't supplied a parent descriptor that belongs to the main user (owner). STATUS_INVALID_PRIMARY_GROUP is returned by the same reason as with the previous NTSTATUS code. The two NTSTATUS codes are returned if the calling thread stated that the owner and/or group is defaulted to the parent descriptor (SEF_DEFAULT_OWNER_FROM_PARENT and/or SEF_DEFAULT_GROUP_FROM_PARENT respectively). STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the descriptor buffer has failed. A failure NTSTATUS is returned otherwise.
- Parameters
-
[in] | ParentDescriptor | A security descriptor of the parent object that is being created. |
[in] | ExplicitDescriptor | An explicit security descriptor that is applied to a new object. |
[out] | NewDescriptor | The new allocated security descriptor. |
[in] | IsDirectoryObject | Set this to TRUE if the newly created object is a directory object, otherwise set this to FALSE. |
[in] | SubjectContext | Security subject context of the new object. |
[in] | GenericMapping | Generic mapping of access mask rights. |
[in] | PoolType | This parameter is unused. |
- Returns
- See SeAssignSecurityEx.
- Parameters
-
[in] | SecurityDescriptor | A security descriptor. |
[out] | QuotaInfoSize | The returned quota size of the given security descriptor to the caller. The function may return 0 to this parameter if the descriptor doesn't have a group or a discretionary access control list (DACL) even. |
- Returns
- Returns STATUS_SUCCESS if the quota size of a security descriptor has been computed successfully. STATUS_UNKNOWN_REVISION is returned if the security descriptor has an invalid revision.
Definition at line 749 of file wdfio.h.
756{
758}
@ WdfIoQueueStopSynchronouslyTableIndex