ReactOS  0.4.15-dev-2965-g9a42267
sefuncs.h File Reference

Go to the source code of this file.

Macros

#define SeLengthSid(Sid)   (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
 
#define SeDeleteClientSecurity(C)
 
#define SeStopImpersonatingClient()   PsRevertToSelf()
 
#define SeQuerySubjectContextToken(SubjectContext)
 

Functions

 $if (_WDMDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
 
 _IRQL_requires_max_ (PASSIVE_LEVEL) NTKERNELAPI NTSTATUS NTAPI SeAssignSecurity(_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor
 
NTKERNELAPI NTSTATUS NTAPI SeAssignSecurityEx (_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_opt_ GUID *ObjectType, _In_ BOOLEAN IsDirectoryObject, _In_ ULONG AutoInheritFlags, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PGENERIC_MAPPING GenericMapping, _In_ POOL_TYPE PoolType)
 
 _In_reads_bytes_ (Length) PSECURITY_DESCRIPTOR SecurityDescriptor)
 
NTKERNELAPI ULONG NTAPI SeObjectCreateSaclAccessBits (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
 
NTKERNELAPI VOID NTAPI SeReleaseSubjectContext (_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTKERNELAPI VOID NTAPI SeUnlockSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTKERNELAPI VOID NTAPI SeCaptureSubjectContext (_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTKERNELAPI VOID NTAPI SeLockSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
 $endif (_WDMDDK_) $if(_NTDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue
 
 $endif (_NTDDK_) $if(_NTIFS_) NTKERNELAPI VOID NTAPI SeReleaseSubjectContext(_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
 
NTKERNELAPI BOOLEAN NTAPI SePrivilegeCheck (_Inout_ PPRIVILEGE_SET RequiredPrivileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE AccessMode)
 
NTKERNELAPI VOID NTAPI SeOpenObjectAuditAlarm (_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
 
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarm (_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
 
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarm (_In_ PVOID Object, _In_ HANDLE Handle)
 
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType (_In_ PACCESS_TOKEN Token)
 
NTKERNELAPI BOOLEAN NTAPI SeTokenIsAdmin (_In_ PACCESS_TOKEN Token)
 
NTKERNELAPI BOOLEAN NTAPI SeTokenIsRestricted (_In_ PACCESS_TOKEN Token)
 
NTKERNELAPI NTSTATUS NTAPI SeQueryAuthenticationIdToken (_In_ PACCESS_TOKEN Token, _Out_ PLUID AuthenticationId)
 
NTKERNELAPI NTSTATUS NTAPI SeQuerySessionIdToken (_In_ PACCESS_TOKEN Token, _Out_ PULONG SessionId)
 
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity (_In_ PETHREAD ClientThread, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN RemoteSession, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
 
NTKERNELAPI VOID NTAPI SeImpersonateClient (_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
 
NTKERNELAPI NTSTATUS NTAPI SeImpersonateClientEx (_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
 
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext (_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
 
NTKERNELAPI NTSTATUS NTAPI SeQuerySecurityDescriptorInfo (_In_ PSECURITY_INFORMATION SecurityInformation, _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PULONG Length, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
 
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo (_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
 
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfoEx (_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR ModificationDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ ULONG AutoInheritFlags, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
 
NTKERNELAPI NTSTATUS NTAPI SeAppendPrivileges (_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
 
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEvents (_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
 
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileOrGlobalEvents (_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
 
VOID NTAPI SeSetAccessStateGenericMapping (_Inout_ PACCESS_STATE AccessState, _In_ PGENERIC_MAPPING GenericMapping)
 
NTKERNELAPI NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine (_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
 
NTKERNELAPI NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine (_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
 
NTKERNELAPI NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification (_In_ PLUID LogonId)
 Marks a logon session for future termination, given its logon ID. This triggers a callout (the registered callback) when the logon is no longer used by anyone, that is, no token is still referencing the speciffied logon session. More...
 
NTKERNELAPI NTSTATUS NTAPI SeQueryInformationToken (_In_ PACCESS_TOKEN Token, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation)
 Queries information details about the given token to the call. The difference between NtQueryInformationToken and this routine is that the system call has user mode buffer data probing and additional protection checks whereas this routine doesn't have any of these. The routine is used exclusively in kernel mode. More...
 
 $endif (_NTIFS_) $if(_NTIFS_) NTKERNELAPI BOOLEAN NTAPI SeAuditingHardLinkEvents(_In_ BOOLEAN AccessGranted
 
NTKERNELAPI NTSTATUS NTAPI SeFilterToken (_In_ PACCESS_TOKEN ExistingToken, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Outptr_ PACCESS_TOKEN *FilteredToken)
 
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreation (_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess)
 
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEventsWithContext (_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
 
NTKERNELAPI BOOLEAN NTAPI SeAuditingHardLinkEventsWithContext (_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
 
NTSTATUS NTAPI SeReportSecurityEvent (_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
 
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarmWithTransaction (_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _In_opt_ GUID *TransactionId, _Out_ PBOOLEAN GenerateOnClose)
 
NTKERNELAPI VOID NTAPI SeExamineSacl (_In_ PACL Sacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateAudit, _Out_ PBOOLEAN GenerateAlarm)
 
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarmWithTransaction (_In_ PVOID Object, _In_ HANDLE Handle, _In_opt_ GUID *TransactionId)
 
NTKERNELAPI VOID NTAPI SeQueryTokenIntegrity (_In_ PACCESS_TOKEN Token, _Inout_ PSID_AND_ATTRIBUTES IntegritySA)
 
NTKERNELAPI NTSTATUS NTAPI SeSetSessionIdToken (_In_ PACCESS_TOKEN Token, _In_ ULONG SessionId)
 
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreationWithTransaction (_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess, _In_opt_ GUID *TransactionId)
 
NTKERNELAPI VOID NTAPI SeAuditTransactionStateChange (_In_ GUID *TransactionId, _In_ GUID *ResourceManagerId, _In_ ULONG NewTransactionState)
 
NTKERNELAPI BOOLEAN NTAPI SeAuditingAnyFileEventsWithContext (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _Out_opt_ PBOOLEAN StagingEnabled)
 
NTKERNELAPI VOID NTAPI SeExamineGlobalSacl (_In_ PUNICODE_STRING ObjectType, _In_ PACL ResourceSacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Inout_ PBOOLEAN GenerateAudit, _Inout_opt_ PBOOLEAN GenerateAlarm)
 
NTKERNELAPI VOID NTAPI SeMaximumAuditMaskFromGlobalSacl (_In_opt_ PUNICODE_STRING ObjectTypeName, _In_ ACCESS_MASK GrantedAccess, _In_ PACCESS_TOKEN Token, _Inout_ PACCESS_MASK AuditMask)
 
NTSTATUS NTAPI SeReportSecurityEventWithSubCategory (_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ ULONG AuditSubcategoryId)
 
BOOLEAN NTAPI SeAccessCheckFromState (_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation, _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
 
NTKERNELAPI VOID NTAPI SeFreePrivileges (_In_ PPRIVILEGE_SET Privileges)
 
NTSTATUS NTAPI SeLocateProcessImageName (_Inout_ PEPROCESS Process, _Outptr_ PUNICODE_STRING *pImageFileName)
 

Variables

_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN SubjectContextLocked
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK DesiredAccess
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK PreviouslyGrantedAccess
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SETPrivileges
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING GenericMapping
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE AccessMode
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
 
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
 
_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor
 
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTORNewDescriptor
 
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
 
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
 
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN _In_ PSECURITY_SUBJECT_CONTEXT _In_ PGENERIC_MAPPING _In_ POOL_TYPE PoolType
 
_In_ KPROCESSOR_MODE PreviousMode
 
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
 
_In_opt_ PSECURITY_DESCRIPTOR _In_opt_ PSECURITY_DESCRIPTOR ParentSecurityDescriptor
 
_In_opt_ PVOID Object
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING AbsoluteObjectName
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN ObjectCreated
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUIDTransactionId
 
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
 
NTKERNELAPI PSE_EXPORTS SeExports
 

Macro Definition Documentation

◆ SeDeleteClientSecurity

#define SeDeleteClientSecurity (   C)
Value:
{ \
if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
PsDereferencePrimaryToken( (C)->ClientToken ); \
} else { \
PsDereferenceImpersonationToken( (C)->ClientToken ); \
} \
}
Definition: terminate.cpp:23
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(_In_ PACCESS_TOKEN Token)

Definition at line 573 of file sefuncs.h.

◆ SeLengthSid

#define SeLengthSid (   Sid)    (8 + (4 * ((SID *)Sid)->SubAuthorityCount))

Definition at line 570 of file sefuncs.h.

◆ SeQuerySubjectContextToken

#define SeQuerySubjectContextToken (   SubjectContext)
Value:
) ? \
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: sefuncs.h:29
#define ARGUMENT_PRESENT(ArgumentPointer)
struct _SECURITY_SUBJECT_CONTEXT * PSECURITY_SUBJECT_CONTEXT

Definition at line 583 of file sefuncs.h.

◆ SeStopImpersonatingClient

#define SeStopImpersonatingClient ( )    PsRevertToSelf()

Definition at line 581 of file sefuncs.h.

Function Documentation

◆ $endif() [1/3]

$endif ( _WDMDDK_  )

Definition at line 202 of file ke.h.

226 {
227  ULONGLONG Low;
228  LONGLONG High;
229 } NEON128, *PNEON128;
Definition: strmini.h:380
int64_t LONGLONG
Definition: typedefs.h:68
uint64_t ULONGLONG
Definition: typedefs.h:67
Definition: strmini.h:378
NEON128
Definition: ke.h:229
* PNEON128
Definition: ke.h:229

◆ $endif() [2/3]

$endif ( _NTDDK_  )

Definition at line 2494 of file iofuncs.h.

2502 {
2503  PriorityInfo->Size = sizeof(IO_PRIORITY_INFO);
2504  PriorityInfo->ThreadPriority = 0xffff;
2505  PriorityInfo->IoPriority = IoPriorityNormal;
2506  PriorityInfo->PagePriority = 0;
2507 }
struct _IO_PRIORITY_INFO IO_PRIORITY_INFO
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD _Inout_ PIO_PRIORITY_INFO PriorityInfo
Definition: fltkernel.h:2652

◆ $endif() [3/3]

$endif ( _NTIFS_  )

Definition at line 2825 of file rtlfuncs.h.

2839 {
2841  ret.QuadPart = SignedInteger;
2842  return ret;
2843 }
return ret
Definition: rtlfuncs.h:3090

◆ $if()

$if ( _WDMDDK_  )

Kernel definitions for AMD64

Kernel definitions for ARM

Definition at line 1 of file ke.h.

31 {
32  ULONG Dummy;
struct _KFLOATING_SAVE KFLOATING_SAVE
struct _KFLOATING_SAVE * PKFLOATING_SAVE
unsigned int ULONG
Definition: retypes.h:1

◆ _In_reads_bytes_()

_In_reads_bytes_ ( Length  )

◆ _IRQL_requires_max_()

_IRQL_requires_max_ ( PASSIVE_LEVEL  )

Definition at line 64 of file Messaging.c.

75 {
76  PFLT_SERVER_PORT_OBJECT PortObject;
78 
79  /* The caller must allow at least one connection */
80  if (MaxConnections == 0)
81  {
83  }
84 
85  /* The request must be for a kernel handle */
86  if (!(ObjectAttributes->Attributes & OBJ_KERNEL_HANDLE))
87  {
89  }
90 
91  /*
92  * Get rundown protection on the target to stop the owner
93  * from unloading whilst this port object is open. It gets
94  * removed in the FltpServerPortClose callback
95  */
97  if (!NT_SUCCESS(Status))
98  {
99  return Status;
100  }
101 
102  /* Create the server port object for this filter */
106  KernelMode,
107  NULL,
108  sizeof(FLT_SERVER_PORT_OBJECT),
109  0,
110  0,
111  (PVOID *)&PortObject);
112  if (NT_SUCCESS(Status))
113  {
114  /* Zero out the struct */
115  RtlZeroMemory(PortObject, sizeof(FLT_SERVER_PORT_OBJECT));
116 
117  /* Increment the ref count on the target filter */
119 
120  /* Setup the filter port object */
121  PortObject->Filter = Filter;
122  PortObject->ConnectNotify = ConnectNotifyCallback;
124  PortObject->MessageNotify = MessageNotifyCallback;
125  PortObject->Cookie = ServerPortCookie;
126  PortObject->MaxConnections = MaxConnections;
127 
128  /* Insert the object */
129  Status = ObInsertObject(PortObject,
130  NULL,
132  0,
133  NULL,
135  if (NT_SUCCESS(Status))
136  {
137  /* Lock the connection list */
139 
140  /* Add the new port object to the connection list and increment the count */
143 
144  /* Unlock the connection list*/
146  }
147  }
148 
149  if (!NT_SUCCESS(Status))
150  {
151  /* Allow the filter to be cleaned up */
153  }
154 
155  return Status;
156 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
_Must_inspect_result_ _Outptr_ PFLT_PORT * ServerPort
Definition: fltkernel.h:1872
PFLT_CONNECT_NOTIFY ConnectNotify
Definition: fltmgrint.h:191
VOID FLTAPI FltObjectDereference(_Inout_ PVOID Object)
Definition: Object.c:53
LONG NTSTATUS
Definition: precomp.h:26
#define InsertTailList(ListHead, Entry)
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
VOID FASTCALL ExReleaseFastMutex(IN PFAST_MUTEX FastMutex)
Definition: fmutex.c:31
ULONG FltpObjectPointerReference(_In_ PFLT_OBJECT Object)
Definition: Object.c:322
LIST_ENTRY mList
Definition: fltmgrint.h:56
_Must_inspect_result_ _In_opt_ PFLT_FILTER Filter
Definition: fltkernel.h:1801
#define FILE_READ_DATA
Definition: nt_native.h:628
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:952
Status
Definition: gdiplustypes.h:24
POBJECT_TYPE ServerPortObjectType
Definition: Messaging.c:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_Must_inspect_result_ _Outptr_ PFLT_PORT _In_ POBJECT_ATTRIBUTES _In_opt_ PVOID _In_ PFLT_CONNECT_NOTIFY _In_ PFLT_DISCONNECT_NOTIFY DisconnectNotifyCallback
Definition: fltkernel.h:1872
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
_Must_inspect_result_ _Outptr_ PFLT_PORT _In_ POBJECT_ATTRIBUTES _In_opt_ PVOID _In_ PFLT_CONNECT_NOTIFY ConnectNotifyCallback
Definition: fltkernel.h:1872
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2931
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
VOID FASTCALL ExAcquireFastMutex(IN PFAST_MUTEX FastMutex)
Definition: fmutex.c:23
NTSTATUS FLTAPI FltObjectReference(_Inout_ PVOID Object)
Definition: Object.c:41
_Must_inspect_result_ _Outptr_ PFLT_PORT _In_ POBJECT_ATTRIBUTES _In_opt_ PVOID ServerPortCookie
Definition: fltkernel.h:1872
#define NULL
Definition: types.h:112
FAST_MUTEX mLock
Definition: fltmgrint.h:55
PFLT_MESSAGE_NOTIFY MessageNotify
Definition: fltmgrint.h:193
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
_Must_inspect_result_ _Outptr_ PFLT_PORT _In_ POBJECT_ATTRIBUTES _In_opt_ PVOID _In_ PFLT_CONNECT_NOTIFY _In_ PFLT_DISCONNECT_NOTIFY _In_opt_ PFLT_MESSAGE_NOTIFY _In_ LONG MaxConnections
Definition: fltkernel.h:1872
PFLT_DISCONNECT_NOTIFY DisconnectNotify
Definition: fltmgrint.h:192
_Must_inspect_result_ _Outptr_ PFLT_PORT _In_ POBJECT_ATTRIBUTES _In_opt_ PVOID _In_ PFLT_CONNECT_NOTIFY _In_ PFLT_DISCONNECT_NOTIFY _In_opt_ PFLT_MESSAGE_NOTIFY MessageNotifyCallback
Definition: fltkernel.h:1872
FLT_MUTEX_LIST_HEAD ConnectionList
Definition: fltmgrint.h:121

◆ SeAccessCheckFromState()

BOOLEAN NTAPI SeAccessCheckFromState ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PTOKEN_ACCESS_INFORMATION  PrimaryTokenInformation,
_In_opt_ PTOKEN_ACCESS_INFORMATION  ClientTokenInformation,
_In_ ACCESS_MASK  DesiredAccess,
_In_ ACCESS_MASK  PreviouslyGrantedAccess,
_Outptr_opt_result_maybenull_ PPRIVILEGE_SET Privileges,
_In_ PGENERIC_MAPPING  GenericMapping,
_In_ KPROCESSOR_MODE  AccessMode,
_Out_ PACCESS_MASK  GrantedAccess,
_Out_ PNTSTATUS  AccessStatus 
)

◆ SeAppendPrivileges()

NTKERNELAPI NTSTATUS NTAPI SeAppendPrivileges ( _Inout_ PACCESS_STATE  AccessState,
_In_ PPRIVILEGE_SET  Privileges 
)

◆ SeAssignSecurityEx()

NTKERNELAPI NTSTATUS NTAPI SeAssignSecurityEx ( _In_opt_ PSECURITY_DESCRIPTOR  ParentDescriptor,
_In_opt_ PSECURITY_DESCRIPTOR  ExplicitDescriptor,
_Out_ PSECURITY_DESCRIPTOR NewDescriptor,
_In_opt_ GUID ObjectType,
_In_ BOOLEAN  IsDirectoryObject,
_In_ ULONG  AutoInheritFlags,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PGENERIC_MAPPING  GenericMapping,
_In_ POOL_TYPE  PoolType 
)

◆ SeAuditHardLinkCreation()

NTKERNELAPI VOID NTAPI SeAuditHardLinkCreation ( _In_ PUNICODE_STRING  FileName,
_In_ PUNICODE_STRING  LinkName,
_In_ BOOLEAN  bSuccess 
)

◆ SeAuditHardLinkCreationWithTransaction()

NTKERNELAPI VOID NTAPI SeAuditHardLinkCreationWithTransaction ( _In_ PUNICODE_STRING  FileName,
_In_ PUNICODE_STRING  LinkName,
_In_ BOOLEAN  bSuccess,
_In_opt_ GUID TransactionId 
)

◆ SeAuditingAnyFileEventsWithContext()

NTKERNELAPI BOOLEAN NTAPI SeAuditingAnyFileEventsWithContext ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_opt_ PSECURITY_SUBJECT_CONTEXT  SubjectSecurityContext,
_Out_opt_ PBOOLEAN  StagingEnabled 
)

◆ SeAuditingFileEvents()

NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEvents ( _In_ BOOLEAN  AccessGranted,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor 
)

◆ SeAuditingFileEventsWithContext()

NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEventsWithContext ( _In_ BOOLEAN  AccessGranted,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_opt_ PSECURITY_SUBJECT_CONTEXT  SubjectSecurityContext 
)

◆ SeAuditingFileOrGlobalEvents()

NTKERNELAPI BOOLEAN NTAPI SeAuditingFileOrGlobalEvents ( _In_ BOOLEAN  AccessGranted,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectSecurityContext 
)

◆ SeAuditingHardLinkEventsWithContext()

NTKERNELAPI BOOLEAN NTAPI SeAuditingHardLinkEventsWithContext ( _In_ BOOLEAN  AccessGranted,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_opt_ PSECURITY_SUBJECT_CONTEXT  SubjectSecurityContext 
)

◆ SeAuditTransactionStateChange()

NTKERNELAPI VOID NTAPI SeAuditTransactionStateChange ( _In_ GUID TransactionId,
_In_ GUID ResourceManagerId,
_In_ ULONG  NewTransactionState 
)

◆ SeCaptureSubjectContext()

NTKERNELAPI VOID NTAPI SeCaptureSubjectContext ( _Out_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

◆ SeCreateClientSecurity()

NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity ( _In_ PETHREAD  ClientThread,
_In_ PSECURITY_QUALITY_OF_SERVICE  ClientSecurityQos,
_In_ BOOLEAN  RemoteSession,
_Out_ PSECURITY_CLIENT_CONTEXT  ClientContext 
)

◆ SeCreateClientSecurityFromSubjectContext()

NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ PSECURITY_QUALITY_OF_SERVICE  ClientSecurityQos,
_In_ BOOLEAN  ServerIsRemote,
_Out_ PSECURITY_CLIENT_CONTEXT  ClientContext 
)

◆ SeDeleteObjectAuditAlarm()

NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarm ( _In_ PVOID  Object,
_In_ HANDLE  Handle 
)

◆ SeDeleteObjectAuditAlarmWithTransaction()

NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarmWithTransaction ( _In_ PVOID  Object,
_In_ HANDLE  Handle,
_In_opt_ GUID TransactionId 
)

◆ SeExamineGlobalSacl()

NTKERNELAPI VOID NTAPI SeExamineGlobalSacl ( _In_ PUNICODE_STRING  ObjectType,
_In_ PACL  ResourceSacl,
_In_ PACCESS_TOKEN  Token,
_In_ ACCESS_MASK  DesiredAccess,
_In_ BOOLEAN  AccessGranted,
_Inout_ PBOOLEAN  GenerateAudit,
_Inout_opt_ PBOOLEAN  GenerateAlarm 
)

◆ SeExamineSacl()

NTKERNELAPI VOID NTAPI SeExamineSacl ( _In_ PACL  Sacl,
_In_ PACCESS_TOKEN  Token,
_In_ ACCESS_MASK  DesiredAccess,
_In_ BOOLEAN  AccessGranted,
_Out_ PBOOLEAN  GenerateAudit,
_Out_ PBOOLEAN  GenerateAlarm 
)

◆ SeFilterToken()

NTKERNELAPI NTSTATUS NTAPI SeFilterToken ( _In_ PACCESS_TOKEN  ExistingToken,
_In_ ULONG  Flags,
_In_opt_ PTOKEN_GROUPS  SidsToDisable,
_In_opt_ PTOKEN_PRIVILEGES  PrivilegesToDelete,
_In_opt_ PTOKEN_GROUPS  RestrictedSids,
_Outptr_ PACCESS_TOKEN FilteredToken 
)

◆ SeFreePrivileges()

NTKERNELAPI VOID NTAPI SeFreePrivileges ( _In_ PPRIVILEGE_SET  Privileges)

◆ SeImpersonateClient()

NTKERNELAPI VOID NTAPI SeImpersonateClient ( _In_ PSECURITY_CLIENT_CONTEXT  ClientContext,
_In_opt_ PETHREAD  ServerThread 
)

◆ SeImpersonateClientEx()

NTKERNELAPI NTSTATUS NTAPI SeImpersonateClientEx ( _In_ PSECURITY_CLIENT_CONTEXT  ClientContext,
_In_opt_ PETHREAD  ServerThread 
)

◆ SeLocateProcessImageName()

NTSTATUS NTAPI SeLocateProcessImageName ( _Inout_ PEPROCESS  Process,
_Outptr_ PUNICODE_STRING pImageFileName 
)

◆ SeLockSubjectContext()

NTKERNELAPI VOID NTAPI SeLockSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

◆ SeMarkLogonSessionForTerminationNotification()

NTKERNELAPI NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification ( _In_ PLUID  LogonId)

Marks a logon session for future termination, given its logon ID. This triggers a callout (the registered callback) when the logon is no longer used by anyone, that is, no token is still referencing the speciffied logon session.

Parameters
[in]LogonIdThe ID of the logon session.
Returns
STATUS_SUCCESS if the logon session is marked for termination notification successfully, STATUS_NOT_FOUND if the logon session couldn't be found otherwise.

Definition at line 1246 of file srm.c.

1248 {
1249  PSEP_LOGON_SESSION_REFERENCES SessionToMark;
1250  PAGED_CODE();
1251 
1252  DPRINT("SeMarkLogonSessionForTerminationNotification(%08lx:%08lx)\n",
1253  LogonId->HighPart, LogonId->LowPart);
1254 
1255  /* Acquire the database lock */
1257 
1258  /* Loop over the existing logon sessions */
1259  for (SessionToMark = SepLogonSessions;
1260  SessionToMark != NULL;
1261  SessionToMark = SessionToMark->Next)
1262  {
1263  /* Does the logon with the given ID exist? */
1264  if (RtlEqualLuid(&SessionToMark->LogonId, LogonId))
1265  {
1266  /* We found it */
1267  break;
1268  }
1269  }
1270 
1271  /*
1272  * We've exhausted all the remaining logon sessions and
1273  * couldn't find one with the provided ID.
1274  */
1275  if (SessionToMark == NULL)
1276  {
1277  DPRINT1("SeMarkLogonSessionForTerminationNotification(): Logon session couldn't be found!\n");
1279  return STATUS_NOT_FOUND;
1280  }
1281 
1282  /* Mark the logon session for termination */
1283  SessionToMark->Flags |= SEP_LOGON_SESSION_TERMINATION_NOTIFY;
1284  DPRINT("SeMarkLogonSessionForTerminationNotification(): Logon session marked for termination with success!\n");
1285 
1286  /* Release the database lock */
1288  return STATUS_SUCCESS;
1289 }
#define SEP_LOGON_SESSION_TERMINATION_NOTIFY
Definition: setypes.h:680
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
#define STATUS_NOT_FOUND
Definition: shellext.h:72
struct _SEP_LOGON_SESSION_REFERENCES * Next
Definition: setypes.h:159
PSEP_LOGON_SESSION_REFERENCES SepLogonSessions
Definition: srm.c:66
#define NULL
Definition: types.h:112
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
#define DPRINT1
Definition: precomp.h:8
#define STATUS_SUCCESS
Definition: shellext.h:65
#define DPRINT
Definition: sndvol32.h:71
#define PAGED_CODE()
KGUARDED_MUTEX SepRmDbLock
Definition: srm.c:65

Referenced by LogonMarkTermination().

◆ SeMaximumAuditMaskFromGlobalSacl()

NTKERNELAPI VOID NTAPI SeMaximumAuditMaskFromGlobalSacl ( _In_opt_ PUNICODE_STRING  ObjectTypeName,
_In_ ACCESS_MASK  GrantedAccess,
_In_ PACCESS_TOKEN  Token,
_Inout_ PACCESS_MASK  AuditMask 
)

◆ SeObjectCreateSaclAccessBits()

NTKERNELAPI ULONG NTAPI SeObjectCreateSaclAccessBits ( _In_ PSECURITY_DESCRIPTOR  SecurityDescriptor)

◆ SeOpenObjectAuditAlarm()

NTKERNELAPI VOID NTAPI SeOpenObjectAuditAlarm ( _In_ PUNICODE_STRING  ObjectTypeName,
_In_opt_ PVOID  Object,
_In_opt_ PUNICODE_STRING  AbsoluteObjectName,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PACCESS_STATE  AccessState,
_In_ BOOLEAN  ObjectCreated,
_In_ BOOLEAN  AccessGranted,
_In_ KPROCESSOR_MODE  AccessMode,
_Out_ PBOOLEAN  GenerateOnClose 
)

◆ SeOpenObjectForDeleteAuditAlarm()

NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarm ( _In_ PUNICODE_STRING  ObjectTypeName,
_In_opt_ PVOID  Object,
_In_opt_ PUNICODE_STRING  AbsoluteObjectName,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PACCESS_STATE  AccessState,
_In_ BOOLEAN  ObjectCreated,
_In_ BOOLEAN  AccessGranted,
_In_ KPROCESSOR_MODE  AccessMode,
_Out_ PBOOLEAN  GenerateOnClose 
)

◆ SeOpenObjectForDeleteAuditAlarmWithTransaction()

NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarmWithTransaction ( _In_ PUNICODE_STRING  ObjectTypeName,
_In_opt_ PVOID  Object,
_In_opt_ PUNICODE_STRING  AbsoluteObjectName,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_In_ PACCESS_STATE  AccessState,
_In_ BOOLEAN  ObjectCreated,
_In_ BOOLEAN  AccessGranted,
_In_ KPROCESSOR_MODE  AccessMode,
_In_opt_ GUID TransactionId,
_Out_ PBOOLEAN  GenerateOnClose 
)

◆ SePrivilegeCheck()

NTKERNELAPI BOOLEAN NTAPI SePrivilegeCheck ( _Inout_ PPRIVILEGE_SET  RequiredPrivileges,
_In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext,
_In_ KPROCESSOR_MODE  AccessMode 
)

◆ SeQueryAuthenticationIdToken()

NTKERNELAPI NTSTATUS NTAPI SeQueryAuthenticationIdToken ( _In_ PACCESS_TOKEN  Token,
_Out_ PLUID  AuthenticationId 
)

◆ SeQueryInformationToken()

NTKERNELAPI NTSTATUS NTAPI SeQueryInformationToken ( _In_ PACCESS_TOKEN  AccessToken,
_In_ TOKEN_INFORMATION_CLASS  TokenInformationClass,
_Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID TokenInformation 
)

Queries information details about the given token to the call. The difference between NtQueryInformationToken and this routine is that the system call has user mode buffer data probing and additional protection checks whereas this routine doesn't have any of these. The routine is used exclusively in kernel mode.

Parameters
[in]AccessTokenAn access token to be given.
[in]TokenInformationClassToken information class.
[out]TokenInformationBuffer with retrieved information. Such information is arbitrary, depending on the requested information class.
Returns
Returns STATUS_SUCCESS if the operation to query the desired information has completed successfully. STATUS_INSUFFICIENT_RESOURCES is returned if pool memory allocation has failed to satisfy an operation. Otherwise STATUS_INVALID_INFO_CLASS is returned indicating that the information class provided is not supported by the routine.
Remarks
Only certain information classes are not implemented in this function and these are TokenOrigin, TokenGroupsAndPrivileges, TokenRestrictedSids and TokenSandBoxInert. The following classes are implemented in NtQueryInformationToken only.

Definition at line 1825 of file token.c.

1829 {
1830  NTSTATUS Status;
1831  PTOKEN Token = (PTOKEN)AccessToken;
1833  union
1834  {
1835  PSID PSid;
1836  ULONG Ulong;
1837  } Unused;
1838 
1839  PAGED_CODE();
1840 
1841  /* Lock the token */
1843 
1844  switch (TokenInformationClass)
1845  {
1846  case TokenUser:
1847  {
1848  PTOKEN_USER tu;
1849 
1850  DPRINT("SeQueryInformationToken(TokenUser)\n");
1851  RequiredLength = sizeof(TOKEN_USER) +
1852  RtlLengthSid(Token->UserAndGroups[0].Sid);
1853 
1854  /* Allocate the output buffer */
1856  if (tu == NULL)
1857  {
1859  break;
1860  }
1861 
1863  &Token->UserAndGroups[0],
1864  RequiredLength - sizeof(TOKEN_USER),
1865  &tu->User,
1866  (PSID)(tu + 1),
1867  &Unused.PSid,
1868  &Unused.Ulong);
1869 
1870  /* Return the structure */
1871  *TokenInformation = tu;
1873  break;
1874  }
1875 
1876  case TokenGroups:
1877  {
1878  PTOKEN_GROUPS tg;
1879  ULONG SidLen;
1880  PSID Sid;
1881 
1882  DPRINT("SeQueryInformationToken(TokenGroups)\n");
1883  RequiredLength = sizeof(tg->GroupCount) +
1884  RtlLengthSidAndAttributes(Token->UserAndGroupCount - 1, &Token->UserAndGroups[1]);
1885 
1886  SidLen = RequiredLength - sizeof(tg->GroupCount) -
1887  ((Token->UserAndGroupCount - 1) * sizeof(SID_AND_ATTRIBUTES));
1888 
1889  /* Allocate the output buffer */
1891  if (tg == NULL)
1892  {
1894  break;
1895  }
1896 
1897  Sid = (PSID)((ULONG_PTR)tg + sizeof(tg->GroupCount) +
1898  ((Token->UserAndGroupCount - 1) * sizeof(SID_AND_ATTRIBUTES)));
1899 
1900  tg->GroupCount = Token->UserAndGroupCount - 1;
1901  Status = RtlCopySidAndAttributesArray(Token->UserAndGroupCount - 1,
1902  &Token->UserAndGroups[1],
1903  SidLen,
1904  &tg->Groups[0],
1905  Sid,
1906  &Unused.PSid,
1907  &Unused.Ulong);
1908 
1909  /* Return the structure */
1910  *TokenInformation = tg;
1912  break;
1913  }
1914 
1915  case TokenPrivileges:
1916  {
1918 
1919  DPRINT("SeQueryInformationToken(TokenPrivileges)\n");
1920  RequiredLength = sizeof(tp->PrivilegeCount) +
1921  (Token->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
1922 
1923  /* Allocate the output buffer */
1925  if (tp == NULL)
1926  {
1928  break;
1929  }
1930 
1931  tp->PrivilegeCount = Token->PrivilegeCount;
1932  RtlCopyLuidAndAttributesArray(Token->PrivilegeCount,
1933  Token->Privileges,
1934  &tp->Privileges[0]);
1935 
1936  /* Return the structure */
1937  *TokenInformation = tp;
1939  break;
1940  }
1941 
1942  case TokenOwner:
1943  {
1944  PTOKEN_OWNER to;
1945  ULONG SidLen;
1946 
1947  DPRINT("SeQueryInformationToken(TokenOwner)\n");
1948  SidLen = RtlLengthSid(Token->UserAndGroups[Token->DefaultOwnerIndex].Sid);
1949  RequiredLength = sizeof(TOKEN_OWNER) + SidLen;
1950 
1951  /* Allocate the output buffer */
1953  if (to == NULL)
1954  {
1956  break;
1957  }
1958 
1959  to->Owner = (PSID)(to + 1);
1960  Status = RtlCopySid(SidLen,
1961  to->Owner,
1962  Token->UserAndGroups[Token->DefaultOwnerIndex].Sid);
1963 
1964  /* Return the structure */
1965  *TokenInformation = to;
1967  break;
1968  }
1969 
1970  case TokenPrimaryGroup:
1971  {
1973  ULONG SidLen;
1974 
1975  DPRINT("SeQueryInformationToken(TokenPrimaryGroup)\n");
1976  SidLen = RtlLengthSid(Token->PrimaryGroup);
1977  RequiredLength = sizeof(TOKEN_PRIMARY_GROUP) + SidLen;
1978 
1979  /* Allocate the output buffer */
1981  if (tpg == NULL)
1982  {
1984  break;
1985  }
1986 
1987  tpg->PrimaryGroup = (PSID)(tpg + 1);
1988  Status = RtlCopySid(SidLen,
1989  tpg->PrimaryGroup,
1990  Token->PrimaryGroup);
1991 
1992  /* Return the structure */
1993  *TokenInformation = tpg;
1995  break;
1996  }
1997 
1998  case TokenDefaultDacl:
1999  {
2000  PTOKEN_DEFAULT_DACL tdd;
2001 
2002  DPRINT("SeQueryInformationToken(TokenDefaultDacl)\n");
2004 
2005  if (Token->DefaultDacl != NULL)
2006  RequiredLength += Token->DefaultDacl->AclSize;
2007 
2008  /* Allocate the output buffer */
2010  if (tdd == NULL)
2011  {
2013  break;
2014  }
2015 
2016  if (Token->DefaultDacl != NULL)
2017  {
2018  tdd->DefaultDacl = (PACL)(tdd + 1);
2020  Token->DefaultDacl,
2021  Token->DefaultDacl->AclSize);
2022  }
2023  else
2024  {
2025  tdd->DefaultDacl = NULL;
2026  }
2027 
2028  /* Return the structure */
2029  *TokenInformation = tdd;
2031  break;
2032  }
2033 
2034  case TokenSource:
2035  {
2036  PTOKEN_SOURCE ts;
2037 
2038  DPRINT("SeQueryInformationToken(TokenSource)\n");
2039  RequiredLength = sizeof(TOKEN_SOURCE);
2040 
2041  /* Allocate the output buffer */
2043  if (ts == NULL)
2044  {
2046  break;
2047  }
2048 
2049  *ts = Token->TokenSource;
2050 
2051  /* Return the structure */
2052  *TokenInformation = ts;
2054  break;
2055  }
2056 
2057  case TokenType:
2058  {
2059  PTOKEN_TYPE tt;
2060 
2061  DPRINT("SeQueryInformationToken(TokenType)\n");
2062  RequiredLength = sizeof(TOKEN_TYPE);
2063 
2064  /* Allocate the output buffer */
2066  if (tt == NULL)
2067  {
2069  break;
2070  }
2071 
2072  *tt = Token->TokenType;
2073 
2074  /* Return the structure */
2075  *TokenInformation = tt;
2077  break;
2078  }
2079 
2081  {
2083 
2084  DPRINT("SeQueryInformationToken(TokenImpersonationLevel)\n");
2086 
2087  /* Fail if the token is not an impersonation token */
2088  if (Token->TokenType != TokenImpersonation)
2089  {
2091  break;
2092  }
2093 
2094  /* Allocate the output buffer */
2096  if (sil == NULL)
2097  {
2099  break;
2100  }
2101 
2102  *sil = Token->ImpersonationLevel;
2103 
2104  /* Return the structure */
2105  *TokenInformation = sil;
2107  break;
2108  }
2109 
2110  case TokenStatistics:
2111  {
2112  PTOKEN_STATISTICS ts;
2113 
2114  DPRINT("SeQueryInformationToken(TokenStatistics)\n");
2115  RequiredLength = sizeof(TOKEN_STATISTICS);
2116 
2117  /* Allocate the output buffer */
2119  if (ts == NULL)
2120  {
2122  break;
2123  }
2124 
2125  ts->TokenId = Token->TokenId;
2126  ts->AuthenticationId = Token->AuthenticationId;
2127  ts->ExpirationTime = Token->ExpirationTime;
2128  ts->TokenType = Token->TokenType;
2129  ts->ImpersonationLevel = Token->ImpersonationLevel;
2130  ts->DynamicCharged = Token->DynamicCharged;
2131  ts->DynamicAvailable = Token->DynamicAvailable;
2132  ts->GroupCount = Token->UserAndGroupCount - 1;
2133  ts->PrivilegeCount = Token->PrivilegeCount;
2134  ts->ModifiedId = Token->ModifiedId;
2135 
2136  /* Return the structure */
2137  *TokenInformation = ts;
2139  break;
2140  }
2141 
2142  case TokenSessionId:
2143  {
2144  DPRINT("SeQueryInformationToken(TokenSessionId)\n");
2145  Status = SeQuerySessionIdToken(Token, (PULONG)TokenInformation);
2146  break;
2147  }
2148 
2149  default:
2150  DPRINT1("SeQueryInformationToken(%d) invalid information class\n", TokenInformationClass);
2152  break;
2153  }
2154 
2155  /* Release the lock of the token */
2157 
2158  return Status;
2159 }
LUID AuthenticationId
Definition: setypes.h:1037
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
_Must_inspect_result_ typedef _In_ PVOID Unused
Definition: iotypes.h:1166
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
struct _TOKEN_DEFAULT_DACL TOKEN_DEFAULT_DACL
enum _TOKEN_TYPE * PTOKEN_TYPE
$ULONG GroupCount
Definition: setypes.h:1043
NTSTATUS NTAPI SeQuerySessionIdToken(IN PACCESS_TOKEN Token, IN PULONG pSessionId)
Definition: token.c:2166
$ULONG DynamicCharged
Definition: setypes.h:1041
NTSYSAPI NTSTATUS NTAPI RtlCopySidAndAttributesArray(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src, _In_ ULONG SidAreaSize, _In_ PSID_AND_ATTRIBUTES Dest, _In_ PSID SidArea, _Out_ PSID *RemainingSidArea, _Out_ PULONG RemainingSidAreaSize)
LONG NTSTATUS
Definition: precomp.h:26
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
struct _TOKEN_USER TOKEN_USER
uint32_t ULONG_PTR
Definition: typedefs.h:65
NTSYSAPI VOID NTAPI RtlCopyLuidAndAttributesArray(ULONG Count, PLUID_AND_ATTRIBUTES Src, PLUID_AND_ATTRIBUTES Dest)
Definition: luid.c:33
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
PSID Owner
Definition: setypes.h:978
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
TOKEN_TYPE TokenType
Definition: setypes.h:1039
_In_ uint64_t _In_ uint64_t _In_ uint64_t _In_opt_ traverse_ptr * tp
Definition: btrfs.c:2930
struct _ACL * PACL
Definition: security.c:104
Status
Definition: gdiplustypes.h:24
#define TAG_SE
Definition: tag.h:173
LARGE_INTEGER ExpirationTime
Definition: setypes.h:1038
struct _TOKEN_OWNER TOKEN_OWNER
struct _TOKEN_SOURCE TOKEN_SOURCE
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1040
struct _SID * PSID
Definition: eventlog.c:35
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
#define SepReleaseTokenLock(Token)
Definition: se.h:227
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
enum _TOKEN_TYPE TOKEN_TYPE
$ULONG PrivilegeCount
Definition: setypes.h:1044
struct _TOKEN * PTOKEN
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:968
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
unsigned int * PULONG
Definition: retypes.h:1
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
$ULONG GroupCount
Definition: setypes.h:964
#define SepAcquireTokenLockShared(Token)
Definition: se.h:221
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:960
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
static ULONG RtlLengthSidAndAttributes(ULONG Count, PSID_AND_ATTRIBUTES Src)
Definition: token.c:672
#define STATUS_SUCCESS
Definition: shellext.h:65
#define DPRINT
Definition: sndvol32.h:71
$ULONG DynamicAvailable
Definition: setypes.h:1042
struct _TOKEN_STATISTICS TOKEN_STATISTICS
unsigned long Ulong
Definition: utypes.h:42
struct _TOKEN_PRIMARY_GROUP TOKEN_PRIMARY_GROUP
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: sefuncs.h:318
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417
#define PAGED_CODE()

Referenced by find_gid(), NtSecureConnectPort(), START_TEST(), and TestsSeQueryInformationToken().

◆ SeQuerySecurityDescriptorInfo()

◆ SeQuerySessionIdToken()

NTKERNELAPI NTSTATUS NTAPI SeQuerySessionIdToken ( _In_ PACCESS_TOKEN  Token,
_Out_ PULONG  SessionId 
)

◆ SeQueryTokenIntegrity()

NTKERNELAPI VOID NTAPI SeQueryTokenIntegrity ( _In_ PACCESS_TOKEN  Token,
_Inout_ PSID_AND_ATTRIBUTES  IntegritySA 
)

◆ SeRegisterLogonSessionTerminatedRoutine()

NTKERNELAPI NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine ( _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE  CallbackRoutine)

◆ SeReleaseSubjectContext()

NTKERNELAPI VOID NTAPI SeReleaseSubjectContext ( _Inout_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

◆ SeReportSecurityEvent()

NTSTATUS NTAPI SeReportSecurityEvent ( _In_ ULONG  Flags,
_In_ PUNICODE_STRING  SourceName,
_In_opt_ PSID  UserSid,
_In_ PSE_ADT_PARAMETER_ARRAY  AuditParameters 
)

Definition at line 383 of file semgr.c.

388 {
390  PTOKEN EffectiveToken;
391  PISID Sid;
393 
394  /* Validate parameters */
395  if ((Flags != 0) ||
396  (SourceName == NULL) ||
397  (SourceName->Buffer == NULL) ||
398  (SourceName->Length == 0) ||
399  (AuditParameters == NULL) ||
400  (AuditParameters->ParameterCount > SE_MAX_AUDIT_PARAMETERS - 4))
401  {
403  }
404 
405  /* Validate the source name */
407  if (!NT_SUCCESS(Status))
408  {
409  return Status;
410  }
411 
412  /* Check if we have a user SID */
413  if (UserSid != NULL)
414  {
415  /* Validate it */
416  if (!RtlValidSid(UserSid))
417  {
419  }
420 
421  /* Use the user SID */
422  Sid = UserSid;
423  }
424  else
425  {
426  /* No user SID, capture the security subject context */
428 
429  /* Extract the effective token */
430  EffectiveToken = SubjectContext.ClientToken ?
431  SubjectContext.ClientToken : SubjectContext.PrimaryToken;
432 
433  /* Use the user-and-groups SID */
434  Sid = EffectiveToken->UserAndGroups->Sid;
435  }
436 
438 
439  /* Check if we captured the subject context */
440  if (Sid != UserSid)
441  {
442  /* Release it */
444  }
445 
446  /* Return success */
447  return STATUS_SUCCESS;
448 }
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2238
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
#define SE_MAX_AUDIT_PARAMETERS
Definition: setypes.h:228
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
Definition: unicode.c:2559
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
Status
Definition: gdiplustypes.h:24
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define NULL
Definition: types.h:112
WCHAR SourceName[256]
Definition: arping.c:28
#define UNIMPLEMENTED
Definition: debug.h:115
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:215
#define STATUS_SUCCESS
Definition: shellext.h:65

◆ SeReportSecurityEventWithSubCategory()

NTSTATUS NTAPI SeReportSecurityEventWithSubCategory ( _In_ ULONG  Flags,
_In_ PUNICODE_STRING  SourceName,
_In_opt_ PSID  UserSid,
_In_ PSE_ADT_PARAMETER_ARRAY  AuditParameters,
_In_ ULONG  AuditSubcategoryId 
)

◆ SeSetAccessStateGenericMapping()

VOID NTAPI SeSetAccessStateGenericMapping ( _Inout_ PACCESS_STATE  AccessState,
_In_ PGENERIC_MAPPING  GenericMapping 
)

◆ SeSetSecurityDescriptorInfo()

NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo ( _In_opt_ PVOID  Object,
_In_ PSECURITY_INFORMATION  SecurityInformation,
_In_ PSECURITY_DESCRIPTOR  SecurityDescriptor,
_Inout_ PSECURITY_DESCRIPTOR ObjectsSecurityDescriptor,
_In_ POOL_TYPE  PoolType,
_In_ PGENERIC_MAPPING  GenericMapping 
)

◆ SeSetSecurityDescriptorInfoEx()

NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfoEx ( _In_opt_ PVOID  Object,
_In_ PSECURITY_INFORMATION  SecurityInformation,
_In_ PSECURITY_DESCRIPTOR  ModificationDescriptor,
_Inout_ PSECURITY_DESCRIPTOR ObjectsSecurityDescriptor,
_In_ ULONG  AutoInheritFlags,
_In_ POOL_TYPE  PoolType,
_In_ PGENERIC_MAPPING  GenericMapping 
)

◆ SeSetSessionIdToken()

NTKERNELAPI NTSTATUS NTAPI SeSetSessionIdToken ( _In_ PACCESS_TOKEN  Token,
_In_ ULONG  SessionId 
)

◆ SeTokenIsAdmin()

NTKERNELAPI BOOLEAN NTAPI SeTokenIsAdmin ( _In_ PACCESS_TOKEN  Token)

◆ SeTokenIsRestricted()

NTKERNELAPI BOOLEAN NTAPI SeTokenIsRestricted ( _In_ PACCESS_TOKEN  Token)

◆ SeTokenType()

NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType ( _In_ PACCESS_TOKEN  Token)

◆ SeUnlockSubjectContext()

NTKERNELAPI VOID NTAPI SeUnlockSubjectContext ( _In_ PSECURITY_SUBJECT_CONTEXT  SubjectContext)

◆ SeUnregisterLogonSessionTerminatedRoutine()

NTKERNELAPI NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine ( _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE  CallbackRoutine)

Variable Documentation

◆ AbsoluteObjectName

_In_opt_ PVOID _In_opt_ PUNICODE_STRING AbsoluteObjectName

Definition at line 414 of file sefuncs.h.

◆ AccessGranted

◆ AccessMode

◆ AccessState

◆ AccessStatus

◆ DesiredAccess

◆ ExplicitDescriptor

_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor

Definition at line 29 of file sefuncs.h.

Referenced by TestSeAssignSecurity().

◆ GenerateOnClose

◆ GenericMapping

◆ GrantedAccess

◆ IsDirectoryObject

◆ NewDescriptor

◆ Object

Definition at line 414 of file sefuncs.h.

◆ ObjectCreated

◆ ParentSecurityDescriptor

Definition at line 395 of file sefuncs.h.

◆ PoolType

◆ PreviouslyGrantedAccess

◆ PreviousMode

_In_ KPROCESSOR_MODE PreviousMode

Definition at line 103 of file sefuncs.h.

Referenced by _IRQL_requires_max_(), DbgkOpenProcessDebugPort(), DefaultQueryInfoBufferCheck(), DefaultSetInfoBufferCheck(), ExpRaiseHardError(), IopCheckBackupRestorePrivilege(), IopDeviceFsIoControl(), IopFinalizeAsynchronousIo(), IopPerformSynchronousRequest(), IopQueryName(), IopQueryNameInternal(), IopUnloadDriver(), KdbEnterDebuggerException(), KdpCommandString(), KdpPrint(), KdpPrintFromUser(), KdpPrompt(), KdpStub(), KdpSymbol(), KdpTrap(), KeContextToTrapFrame(), KeFlushQueueApc(), KiApcInterrupt(), KiContinue(), KiDispatchException(), KiRaiseException(), KiSoftwareInterruptHandler(), LpcpCopyRequestData(), LpcpCreatePort(), LpcRequestPort(), LpcRequestWaitReplyPort(), MiAccessCheck(), MiDoMappedCopy(), MiDoPoolCopy(), MiQueryMemoryBasicInformation(), MiQueryMemorySectionName(), MmCopyVirtualMemory(), MmCreateArm3Section(), NpCreateClientEnd(), NpCreateExistingNamedPipe(), NtAcceptConnectPort(), NtAccessCheck(), NtAddAtom(), NtAdjustPrivilegesToken(), NtAlertResumeThread(), NtAlertThread(), NtAllocateLocallyUniqueId(), NtAllocateUuids(), NtAllocateVirtualMemory(), NtAssignProcessToJobObject(), NtCancelIoFile(), NtCancelTimer(), NtCloseObjectAuditAlarm(), NtCompareTokens(), NtCompleteConnectPort(), NtCreateDebugObject(), NtCreateDirectoryObject(), NtCreateEvent(), NtCreateEventPair(), NtCreateIoCompletion(), NtCreateJobObject(), NtCreateKey(), NtCreateMutant(), NtCreatePagingFile(), NtCreateProcessEx(), NtCreateProfile(), NtCreateSection(), NtCreateSemaphore(), NtCreateSymbolicLinkObject(), NtCreateTimer(), NtCreateToken(), NtDebugActiveProcess(), NtDebugContinue(), NtDelayExecution(), NtDeleteValueKey(), NtDisplayString(), NtDuplicateObject(), NtDuplicateToken(), NtEnumerateKey(), NtEnumerateValueKey(), NtExtendSection(), NtFindAtom(), NtFlushBuffersFile(), NtFlushVirtualMemory(), NtFreeVirtualMemory(), NtGetContextThread(), NtGetWriteWatch(), NtImpersonateAnonymousToken(), NtImpersonateClientOfPort(), NtImpersonateThread(), NtIsProcessInJob(), NtLoadDriver(), NtLoadKeyEx(), NtLockFile(), NtLockProductActivationKeys(), NtLockVirtualMemory(), NtMakePermanentObject(), NtMapViewOfSection(), NtNotifyChangeDirectoryFile(), NtOpenDirectoryObject(), NtOpenEvent(), NtOpenEventPair(), NtOpenIoCompletion(), NtOpenJobObject(), NtOpenKey(), NtOpenMutant(), NtOpenProcess(), NtOpenProcessTokenEx(), NtOpenSection(), NtOpenSemaphore(), NtOpenSymbolicLinkObject(), NtOpenThread(), NtOpenThreadTokenEx(), NtOpenTimer(), NtPowerInformation(), NtPrivilegeCheck(), NtPrivilegedServiceAuditAlarm(), NtProtectVirtualMemory(), NtPulseEvent(), NtQueryDirectoryFile(), NtQueryDirectoryObject(), NtQueryEvent(), NtQueryInformationAtom(), NtQueryInformationFile(), NtQueryInformationJobObject(), NtQueryInformationProcess(), NtQueryInformationThread(), NtQueryInformationToken(), NtQueryIntervalProfile(), NtQueryIoCompletion(), NtQueryKey(), NtQueryMutant(), NtQueryObject(), NtQueryOpenSubKeys(), NtQueryPerformanceCounter(), NtQuerySection(), NtQuerySecurityObject(), NtQuerySemaphore(), NtQuerySymbolicLinkObject(), NtQuerySystemEnvironmentValue(), NtQuerySystemInformation(), NtQuerySystemTime(), NtQueryTimer(), NtQueryTimerResolution(), NtQueryValueKey(), NtQueryVirtualMemory(), NtQueryVolumeInformationFile(), NtRaiseHardError(), NtReadFile(), NtReadVirtualMemory(), NtReleaseMutant(), NtReleaseSemaphore(), NtRemoveIoCompletion(), NtRemoveProcessDebug(), NtReplyPort(), NtReplyWaitReceivePortEx(), NtRequestPort(), NtRequestWaitReplyPort(), NtResetEvent(), NtResetWriteWatch(), NtResumeProcess(), NtResumeThread(), NtSaveKeyEx(), NtSaveMergedKeys(), NtSecureConnectPort(), NtSetContextThread(), NtSetDefaultHardErrorPort(), NtSetEvent(), NtSetHighEventPair(), NtSetHighWaitLowEventPair(), NtSetInformationDebugObject(), NtSetInformationFile(), NtSetInformationJobObject(), NtSetInformationObject(), NtSetInformationProcess(), NtSetInformationThread(), NtSetInformationToken(), NtSetLowEventPair(), NtSetLowWaitHighEventPair(), NtSetSecurityObject(), NtSetSystemEnvironmentValue(), NtSetSystemInformation(), NtSetSystemPowerState(), NtSetSystemTime(), NtSetThreadExecutionState(), NtSetTimer(), NtSetTimerResolution(), NtSetValueKey(), NtSetVolumeInformationFile(), NtSignalAndWaitForSingleObject(), NtStartProfile(), NtStopProfile(), NtSuspendProcess(), NtSuspendThread(), NtTerminateJobObject(), NtUnloadKey2(), NtUnlockFile(), NtUnlockVirtualMemory(), NtUnmapViewOfSection(), NtWaitForDebugEvent(), NtWaitForMultipleObjects(), NtWaitForSingleObject(), NtWaitHighEventPair(), NtWaitLowEventPair(), NtWriteFile(), NtWriteVirtualMemory(), ObDuplicateObject(), ObInsertObject(), ObpAllocateObject(), ObpValidateAttributes(), ObSetHandleAttributes(), OpenRemoteDatabase(), PsGetContextThread(), PspCreateProcess(), PspCreateThread(), PspSetPrimaryToken(), PspSetQuotaLimits(), PsSetContextThread(), QSI_DEF(), SeCaptureLuidAndAttributesArray(), SeCaptureObjectTypeList(), SeCaptureSidAndAttributesArray(), SeCheckAuditPrivilege(), SeCheckPrivilegedObject(), SeCopyClientToken(), SepCreateToken(), SepDuplicateToken(), SepImpersonateAnonymousToken(), SepPrivilegeCheck(), SePrivilegeCheck(), SePrivilegePolicyCheck(), SepSinglePrivilegeCheck(), SeReleaseLuidAndAttributesArray(), SeReleaseObjectTypeList(), SeSinglePrivilegeCheck(), SSI_DEF(), WmipOpenGuidForEvents(), and WmipRegisterGuids().

◆ Privileges

◆ SecurityDescriptor

◆ SeExports

◆ SubjectContext

◆ SubjectContextLocked

Definition at line 13 of file sefuncs.h.

Referenced by SeAccessCheck().

◆ SubjectSecurityContext

◆ TransactionId