ReactOS  0.4.15-dev-3326-ga91f5e8
sefuncs.h
Go to the documentation of this file.
1 /******************************************************************************
2  * Security Manager Functions *
3  ******************************************************************************/
4 
5 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10 NTAPI
22 
26 NTAPI
27 SeAssignSecurity(
28  _In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
35 
38 NTAPI
40  _In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
45  _In_ ULONG AutoInheritFlags,
49 
53 NTAPI
54 SeDeassignSecurity(
56 
59 BOOLEAN
60 NTAPI
64 
66 ULONG
67 NTAPI
70 
72 VOID
73 NTAPI
76 
78 VOID
79 NTAPI
82 
84 VOID
85 NTAPI
88 
90 VOID
91 NTAPI
95 
96 $if (_NTDDK_)
99 BOOLEAN
100 NTAPI
102  _In_ LUID PrivilegeValue,
104 $endif (_NTDDK_)
105 $if (_NTIFS_)
106 
108 VOID
109 NTAPI
112 
114 BOOLEAN
115 NTAPI
117  _Inout_ PPRIVILEGE_SET RequiredPrivileges,
120 
122 VOID
123 NTAPI
134 
136 VOID
137 NTAPI
148 
150 VOID
151 NTAPI
153  _In_ PVOID Object,
154  _In_ HANDLE Handle);
155 
158 NTAPI
161 
163 BOOLEAN
164 NTAPI
167 
169 BOOLEAN
170 NTAPI
173 
175 NTSTATUS
176 NTAPI
179  _Out_ PLUID AuthenticationId);
180 
182 NTSTATUS
183 NTAPI
187 
189 NTSTATUS
190 NTAPI
193  _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
194  _In_ BOOLEAN RemoteSession,
196 
198 VOID
199 NTAPI
203 
205 NTSTATUS
206 NTAPI
210 
212 NTSTATUS
213 NTAPI
216  _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
217  _In_ BOOLEAN ServerIsRemote,
219 
221 NTSTATUS
222 NTAPI
227  _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
228 
230 NTSTATUS
231 NTAPI
236  _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
239 
241 NTSTATUS
242 NTAPI
246  _In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
247  _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
248  _In_ ULONG AutoInheritFlags,
251 
253 NTSTATUS
254 NTAPI
258 
260 BOOLEAN
261 NTAPI
265 
267 BOOLEAN
268 NTAPI
273 
274 VOID
275 NTAPI
279 
281 NTSTATUS
282 NTAPI
285 
287 NTSTATUS
288 NTAPI
291 
293 NTSTATUS
294 NTAPI
296  _In_ PLUID LogonId);
297 
299 NTSTATUS
300 NTAPI
304  _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation);
305 $endif (_NTIFS_)
306 
307 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
308 $if (_NTIFS_)
309 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
311 BOOLEAN
312 NTAPI
316 #endif
317 
318 #if (NTDDI_VERSION >= NTDDI_WINXP)
319 
321 NTSTATUS
322 NTAPI
324  _In_ PACCESS_TOKEN ExistingToken,
325  _In_ ULONG Flags,
326  _In_opt_ PTOKEN_GROUPS SidsToDisable,
327  _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
328  _In_opt_ PTOKEN_GROUPS RestrictedSids,
329  _Outptr_ PACCESS_TOKEN *FilteredToken);
330 
332 VOID
333 NTAPI
336  _In_ PUNICODE_STRING LinkName,
338 
339 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
340 
341 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
342 
344 BOOLEAN
345 NTAPI
350 
352 BOOLEAN
353 NTAPI
358 
359 #endif
360 $endif (_NTIFS_)
361 
362 $if (_WDMDDK_)
363 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
364 
365 _At_(AuditParameters->ParameterCount, _Const_)
366 NTSTATUS
367 NTAPI
369  _Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
372  _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE"))
373  PVOID Data);
374 
375 NTSTATUS
376 NTAPI
378  _In_ ULONG Flags,
380  _In_opt_ PSID UserSid,
381  _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters);
382 
383 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
385 
386 $if (_WDMDDK_ || _NTIFS_)
387 #if (NTDDI_VERSION >= NTDDI_VISTA)
389 $if (_WDMDDK_)
391 ULONG
392 NTAPI
393 SeComputeAutoInheritByObjectType(
397 
398 #ifdef SE_NTFS_WORLD_CACHE
399 VOID
400 NTAPI
401 SeGetWorldRights(
405 #endif /* SE_NTFS_WORLD_CACHE */
407 $if (_NTIFS_)
408 
410 VOID
411 NTAPI
412 SeOpenObjectAuditAlarmWithTransaction(
423 
425 VOID
426 NTAPI
438 
440 VOID
441 NTAPI
443  _In_ PACL Sacl,
447  _Out_ PBOOLEAN GenerateAudit,
448  _Out_ PBOOLEAN GenerateAlarm);
449 
451 VOID
452 NTAPI
454  _In_ PVOID Object,
457 
459 VOID
460 NTAPI
463  _Inout_ PSID_AND_ATTRIBUTES IntegritySA);
464 
466 NTSTATUS
467 NTAPI
471 
473 VOID
474 NTAPI
477  _In_ PUNICODE_STRING LinkName,
480 
482 VOID
483 NTAPI
486  _In_ GUID *ResourceManagerId,
487  _In_ ULONG NewTransactionState);
488 $endif (_NTIFS_)
489 $if (_WDMDDK_ || _NTIFS_)
490 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
492 $if (_NTIFS_)
493 
494 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
496 BOOLEAN
497 NTAPI
500 #endif
501 
502 #if (NTDDI_VERSION >= NTDDI_WIN7)
503 
505 BOOLEAN
506 NTAPI
510  _Out_opt_ PBOOLEAN StagingEnabled);
511 
513 VOID
514 NTAPI
517  _In_ PACL ResourceSacl,
521  _Inout_ PBOOLEAN GenerateAudit,
522  _Inout_opt_ PBOOLEAN GenerateAlarm);
523 
525 VOID
526 NTAPI
531  _Inout_ PACCESS_MASK AuditMask);
532 
533 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
534 
535 NTSTATUS
536 NTAPI
538  _In_ ULONG Flags,
540  _In_opt_ PSID UserSid,
541  _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
542  _In_ ULONG AuditSubcategoryId);
543 
544 BOOLEAN
545 NTAPI
548  _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
549  _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation,
557 
559 VOID
560 NTAPI
563 
564 NTSTATUS
565 NTAPI
568  _Outptr_ PUNICODE_STRING *pImageFileName);
569 
570 #define SeLengthSid( Sid ) \
571  (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
572 
573 #define SeDeleteClientSecurity(C) { \
574  if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
575  PsDereferencePrimaryToken( (C)->ClientToken ); \
576  } else { \
577  PsDereferenceImpersonationToken( (C)->ClientToken ); \
578  } \
579 }
580 
581 #define SeStopImpersonatingClient() PsRevertToSelf()
582 
583 #define SeQuerySubjectContextToken( SubjectContext ) \
584  ( ARGUMENT_PRESENT( \
585  ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
586  ) ? \
587  ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
588  ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
589 
591 
592 $endif (_NTIFS_)
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
* PNTSTATUS
Definition: strlen.c:14
enum _SE_ADT_PARAMETER_TYPE SE_ADT_PARAMETER_TYPE
NTKERNELAPI VOID NTAPI SeQueryTokenIntegrity(_In_ PACCESS_TOKEN Token, _Inout_ PSID_AND_ATTRIBUTES IntegritySA)
NTKERNELAPI NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
NTKERNELAPI NTSTATUS NTAPI SeAssignSecurityEx(_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_opt_ GUID *ObjectType, _In_ BOOLEAN IsDirectoryObject, _In_ ULONG AutoInheritFlags, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PGENERIC_MAPPING GenericMapping, _In_ POOL_TYPE PoolType)
ObjectType
Definition: metafile.c:80
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEventsWithContext(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against file events with subject context is being done or not.
Definition: audit.c:1124
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTKERNELAPI VOID NTAPI SeOpenObjectAuditAlarm(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
Creates an audit with alarm notification of an object that is being opened.
Definition: audit.c:1314
BOOLEAN NTAPI SeValidSecurityDescriptor(_In_ ULONG Length, _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
Determines if a security descriptor is valid according to the general security requirements and condi...
Definition: sd.c:1027
#define _In_range_(lb, ub)
Definition: ms_sal.h:571
#define _In_opt_
Definition: ms_sal.h:309
_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor
Definition: sefuncs.h:29
#define _Inout_
Definition: ms_sal.h:378
NTKERNELAPI VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: access.c:487
#define SE_MAX_AUDIT_PARAMETERS
Definition: setypes.h:243
BOOLEAN NTAPI SeAuditingHardLinkEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
Determines whether auditing against hard links events is being done or not.
Definition: audit.c:1151
#define _Out_
Definition: ms_sal.h:345
#define _At_(target, annos)
Definition: ms_sal.h:244
NTKERNELAPI VOID NTAPI SeExamineGlobalSacl(_In_ PUNICODE_STRING ObjectType, _In_ PACL ResourceSacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Inout_ PBOOLEAN GenerateAudit, _Inout_opt_ PBOOLEAN GenerateAlarm)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
NTKERNELAPI VOID NTAPI SeMaximumAuditMaskFromGlobalSacl(_In_opt_ PUNICODE_STRING ObjectTypeName, _In_ ACCESS_MASK GrantedAccess, _In_ PACCESS_TOKEN Token, _Inout_ PACCESS_MASK AuditMask)
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:29
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN ObjectCreated
Definition: sefuncs.h:414
ULONG SessionId
Definition: dllmain.c:28
#define _Outptr_
Definition: ms_sal.h:427
LONG NTSTATUS
Definition: precomp.h:26
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarm(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
Creates an audit with alarm notification of an object that is being opened for deletion.
Definition: audit.c:1377
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
#define _NTIFS_
Definition: ifssupp.h:20
NTKERNELAPI NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification(_In_ PLUID LogonId)
Marks a logon session for future termination, given its logon ID. This triggers a callout (the regist...
Definition: srm.c:1510
#define _WDMDDK_
Definition: wdm.template.h:26
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: sefuncs.h:29
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:29
static BOOLEAN bSuccess
Definition: drive.cpp:432
NTKERNELAPI VOID NTAPI SeExamineSacl(_In_ PACL Sacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateAudit, _Out_ PBOOLEAN GenerateAlarm)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING GenericMapping
Definition: sefuncs.h:13
NTKERNELAPI NTSTATUS NTAPI SeImpersonateClientEx(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Extended function that impersonates a client.
Definition: access.c:856
_Must_inspect_result_ _In_ PFLT_GET_OPERATION_STATUS_CALLBACK CallbackRoutine
Definition: fltkernel.h:1035
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon the captured security subject context.
Definition: access.c:804
NTKERNELAPI ULONG NTAPI SeObjectCreateSaclAccessBits(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity(_In_ PETHREAD ClientThread, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN RemoteSession, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context.
Definition: access.c:742
_In_reads_bytes_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
NTKERNELAPI VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: access.c:456
unsigned char BOOLEAN
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
UINT CALLBACK ClientThread(_Inout_ PVOID Parameter)
#define _In_
Definition: ms_sal.h:308
_In_opt_ PSECURITY_DESCRIPTOR _In_opt_ PSECURITY_DESCRIPTOR ParentSecurityDescriptor
Definition: sefuncs.h:395
#define NTKERNELAPI
NTKERNELAPI NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine(_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Registers a callback that will be called once a logon session terminates.
Definition: srm.c:1572
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1339
BOOLEAN NTAPI SeAccessCheckFromState(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation, _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
NTKERNELAPI NTSTATUS NTAPI SeQuerySessionIdToken(_In_ PACCESS_TOKEN Token, _Out_ PULONG SessionId)
Queries the session ID of an access token.
Definition: token.c:2673
NTKERNELAPI BOOLEAN NTAPI SeTokenIsRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is restricted or not, based upon the token flags.
Definition: token.c:2795
NTKERNELAPI BOOLEAN NTAPI SePrivilegeCheck(_Inout_ PPRIVILEGE_SET RequiredPrivileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE AccessMode)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN SubjectContextLocked
Definition: sefuncs.h:13
NTKERNELAPI NTSTATUS NTAPI SeFilterToken(_In_ PACCESS_TOKEN ExistingToken, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Outptr_ PACCESS_TOKEN *FilteredToken)
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(_In_ PACCESS_TOKEN Token)
Gathers the token type of an access token. A token ca be either a primary token or impersonation toke...
Definition: token.c:2749
NTKERNELAPI VOID NTAPI SeReleaseSubjectContext(_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
NTKERNELAPI VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
INT POOL_TYPE
Definition: typedefs.h:78
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID * TransactionId
Definition: sefuncs.h:414
_In_ WDFCOLLECTION _In_ ULONG Index
_In_ PVOID ClientContext
Definition: netioddk.h:55
NTSTATUS(NTAPI * PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId)
Definition: setypes.h:1228
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
Determines whether auditing against file events is being done or not.
Definition: audit.c:1094
Type
Definition: Type.h:6
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
NTKERNELAPI VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: access.c:434
NTKERNELAPI NTSTATUS NTAPI SeQueryAuthenticationIdToken(_In_ PACCESS_TOKEN Token, _Out_ PLUID AuthenticationId)
Queries the authentication ID of an access token.
Definition: token.c:2705
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE AccessMode
Definition: sefuncs.h:13
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING AbsoluteObjectName
Definition: sefuncs.h:414
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
char * PBOOLEAN
Definition: retypes.h:11
BOOLEAN NTAPI SeTokenIsWriteRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is write restricted, that is, nobody can write anything to it.
Definition: token.c:2820
VOID NTAPI SeSetAccessStateGenericMapping(_Inout_ PACCESS_STATE AccessState, _In_ PGENERIC_MAPPING GenericMapping)
_IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwDuplicateToken(_In_ HANDLE ExistingTokenHandle
Queries information details about a security descriptor.
Definition: Messaging.c:64
#define _Inout_opt_
Definition: ms_sal.h:379
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileOrGlobalEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against files or global events with subject context is being done or not.
Definition: audit.c:1212
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
#define _In_reads_(size)
Definition: ms_sal.h:319
enum _TOKEN_TYPE TOKEN_TYPE
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:459
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfoEx(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR ModificationDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ ULONG AutoInheritFlags, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
#define _Outptr_opt_result_maybenull_
Definition: ms_sal.h:430
$if(_WDMDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: ke.h:1
NTSTATUS NTAPI SeLocateProcessImageName(_Inout_ PEPROCESS Process, _Outptr_ PUNICODE_STRING *pImageFileName)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
#define _Out_opt_
Definition: ms_sal.h:346
unsigned int * PULONG
Definition: retypes.h:1
NTKERNELAPI NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine(_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Un-registers a callback routine, previously registered by SeRegisterLogonSessionTerminatedRoutine fun...
Definition: srm.c:1621
WCHAR SourceName[256]
Definition: arping.c:28
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define _Outptr_opt_
Definition: ms_sal.h:429
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarm(_In_ PVOID Object, _In_ HANDLE Handle)
Deletes an alarm audit of an object.
Definition: audit.c:1264
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_In_ HANDLE Handle
Definition: extypes.h:390
NTKERNELAPI NTSTATUS NTAPI SeQueryInformationToken(_In_ PACCESS_TOKEN Token, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation)
Queries information details about the given token to the call. The difference between NtQueryInformat...
Definition: token.c:2322
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK PreviouslyGrantedAccess
Definition: sefuncs.h:13
unsigned int ULONG
Definition: retypes.h:1
_Const_ NTSTATUS NTAPI SeSetAuditParameter(_Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ SE_ADT_PARAMETER_TYPE Type, _In_range_(<, SE_MAX_AUDIT_PARAMETERS) ULONG Index, _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE")) PVOID Data)
Sets an array of audit parameters for later security auditing use.
Definition: semgr.c:600
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
NTKERNELAPI BOOLEAN NTAPI SeAuditingHardLinkEventsWithContext(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against hard links events with subject context is being done or not.
Definition: audit.c:1181
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1554
$endif(_WDMDDK_) $if(_NTDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue
Definition: ke.h:202
NTKERNELAPI NTSTATUS NTAPI SeQuerySecurityDescriptorInfo(_In_ PSECURITY_INFORMATION SecurityInformation, _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PULONG Length, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
NTKERNELAPI BOOLEAN NTAPI SeAuditingAnyFileEventsWithContext(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _Out_opt_ PBOOLEAN StagingEnabled)
#define _Outptr_result_buffer_(size)
Definition: ms_sal.h:456
NTKERNELAPI VOID NTAPI SeImpersonateClient(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Impersonates a client user.
Definition: access.c:901
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreationWithTransaction(_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess, _In_opt_ GUID *TransactionId)
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarmWithTransaction(_In_ PVOID Object, _In_ HANDLE Handle, _In_opt_ GUID *TransactionId)
NTKERNELAPI VOID NTAPI SeAuditTransactionStateChange(_In_ GUID *TransactionId, _In_ GUID *ResourceManagerId, _In_ ULONG NewTransactionState)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
NTKERNELAPI BOOLEAN NTAPI SeTokenIsAdmin(_In_ PACCESS_TOKEN Token)
Determines if a token is either an admin token or not. Such condition is checked based upon TOKEN_HAS...
Definition: token.c:2772
#define _Out_writes_bytes_(size)
Definition: ms_sal.h:350
ULONG ACCESS_MASK
Definition: nt_native.h:40
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarmWithTransaction(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _In_opt_ GUID *TransactionId, _Out_ PBOOLEAN GenerateOnClose)
#define _NTDDK_
NTKERNELAPI NTSTATUS NTAPI SeSetSessionIdToken(_In_ PACCESS_TOKEN Token, _In_ ULONG SessionId)
#define _Const_
Definition: ms_sal.h:299
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreation(_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess)
Performs an audit against a hard link creation.
Definition: audit.c:1068
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: sefuncs.h:297
NTSTATUS NTAPI SeReportSecurityEventWithSubCategory(_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ ULONG AuditSubcategoryId)
NTKERNELAPI PSE_EXPORTS SeExports
Definition: semgr.c:21
_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
Definition: sefuncs.h:13
NTSTATUS NTAPI SeReportSecurityEvent(_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
Report a security event to the security manager.
Definition: semgr.c:508