ReactOS 0.4.15-dev-8241-g63935f8
sefuncs.h
Go to the documentation of this file.
1/******************************************************************************
2 * Security Manager Functions *
3 ******************************************************************************/
4
5#if (NTDDI_VERSION >= NTDDI_WIN2K)
22
27SeAssignSecurity(
28 _In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
35
40 _In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
45 _In_ ULONG AutoInheritFlags,
49
54SeDeassignSecurity(
56
64
70
72VOID
76
78VOID
82
84VOID
88
90VOID
95
100NTAPI
102 _In_ LUID PrivilegeValue,
105$if (_NTIFS_)
106
108VOID
109NTAPI
112
115NTAPI
117 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
120
122VOID
123NTAPI
134
136VOID
137NTAPI
148
150VOID
151NTAPI
155
158NTAPI
161
164NTAPI
167
170NTAPI
173
176NTAPI
179 _Out_ PLUID AuthenticationId);
180
183NTAPI
187
190NTAPI
193 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
194 _In_ BOOLEAN RemoteSession,
196
198VOID
199NTAPI
203
206NTAPI
210
213NTAPI
216 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
217 _In_ BOOLEAN ServerIsRemote,
219
222NTAPI
227 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
228
231NTAPI
236 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
239
242NTAPI
246 _In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
247 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
248 _In_ ULONG AutoInheritFlags,
251
254NTAPI
258
261NTAPI
265
268NTAPI
273
274VOID
275NTAPI
279
282NTAPI
285
288NTAPI
291
294NTAPI
297
300NTAPI
304 _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation);
306
307#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
308$if (_NTIFS_)
309#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
312NTAPI
316#endif
317
318#if (NTDDI_VERSION >= NTDDI_WINXP)
319
322NTAPI
324 _In_ PACCESS_TOKEN ExistingToken,
326 _In_opt_ PTOKEN_GROUPS SidsToDisable,
327 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
328 _In_opt_ PTOKEN_GROUPS RestrictedSids,
329 _Outptr_ PACCESS_TOKEN *FilteredToken);
330
332VOID
333NTAPI
336 _In_ PUNICODE_STRING LinkName,
338
339#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
340
341#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
342
345NTAPI
350
353NTAPI
358
359#endif
361
363#if (NTDDI_VERSION >= NTDDI_WS03SP1)
364
365_At_(AuditParameters->ParameterCount, _Const_)
367NTAPI
369 _Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
372 _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE"))
373 PVOID Data);
374
376NTAPI
380 _In_opt_ PSID UserSid,
381 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters);
382
383#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
385
387#if (NTDDI_VERSION >= NTDDI_VISTA)
391ULONG
392NTAPI
393SeComputeAutoInheritByObjectType(
397
398#ifdef SE_NTFS_WORLD_CACHE
399VOID
400NTAPI
401SeGetWorldRights(
405#endif /* SE_NTFS_WORLD_CACHE */
407$if (_NTIFS_)
408
410VOID
411NTAPI
412SeOpenObjectAuditAlarmWithTransaction(
423
425VOID
426NTAPI
438
440VOID
441NTAPI
443 _In_ PACL Sacl,
447 _Out_ PBOOLEAN GenerateAudit,
448 _Out_ PBOOLEAN GenerateAlarm);
449
451VOID
452NTAPI
457
459VOID
460NTAPI
463 _Inout_ PSID_AND_ATTRIBUTES IntegritySA);
464
467NTAPI
471
473VOID
474NTAPI
477 _In_ PUNICODE_STRING LinkName,
480
482VOID
483NTAPI
486 _In_ GUID *ResourceManagerId,
487 _In_ ULONG NewTransactionState);
490#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
492$if (_NTIFS_)
493
494#if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
497NTAPI
500#endif
501
502#if (NTDDI_VERSION >= NTDDI_WIN7)
503
506NTAPI
510 _Out_opt_ PBOOLEAN StagingEnabled);
511
513VOID
514NTAPI
517 _In_ PACL ResourceSacl,
521 _Inout_ PBOOLEAN GenerateAudit,
522 _Inout_opt_ PBOOLEAN GenerateAlarm);
523
525VOID
526NTAPI
531 _Inout_ PACCESS_MASK AuditMask);
532
533#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
534
536NTAPI
540 _In_opt_ PSID UserSid,
541 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
542 _In_ ULONG AuditSubcategoryId);
543
545NTAPI
548 _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
549 _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation,
557
559VOID
560NTAPI
563
565NTAPI
568 _Outptr_ PUNICODE_STRING *pImageFileName);
569
570#define SeLengthSid( Sid ) \
571 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
572
573#define SeDeleteClientSecurity(C) { \
574 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
575 PsDereferencePrimaryToken( (C)->ClientToken ); \
576 } else { \
577 PsDereferenceImpersonationToken( (C)->ClientToken ); \
578 } \
579}
580
581#define SeStopImpersonatingClient() PsRevertToSelf()
582
583#define SeQuerySubjectContextToken( SubjectContext ) \
584 ( ARGUMENT_PRESENT( \
585 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
586 ) ? \
587 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
588 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
589
591
UINT CALLBACK ClientThread(_Inout_ PVOID Parameter)
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
unsigned char BOOLEAN
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
Type
Definition: Type.h:7
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
WCHAR SourceName[256]
Definition: arping.c:28
TOKEN_TYPE
Definition: asmpp.cpp:29
LONG NTSTATUS
Definition: precomp.h:26
ULONG SessionId
Definition: dllmain.c:28
static BOOLEAN bSuccess
Definition: drive.cpp:433
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
_Must_inspect_result_ _In_ PFLT_GET_OPERATION_STATUS_CALLBACK CallbackRoutine
Definition: fltkernel.h:1035
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
ULONG Handle
Definition: gdb_input.c:15
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
#define _NTIFS_
Definition: ifssupp.h:20
* PNTSTATUS
Definition: strlen.c:14
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:79
ObjectType
Definition: metafile.c:81
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
#define _Out_opt_
Definition: ms_sal.h:346
#define _In_reads_bytes_(size)
Definition: ms_sal.h:321
#define _Inout_
Definition: ms_sal.h:378
#define _Out_writes_bytes_(size)
Definition: ms_sal.h:350
#define _Outptr_opt_
Definition: ms_sal.h:429
#define _Outptr_
Definition: ms_sal.h:427
#define _Outptr_opt_result_maybenull_
Definition: ms_sal.h:430
#define _At_(target, annos)
Definition: ms_sal.h:244
#define _Inout_opt_
Definition: ms_sal.h:379
#define _Out_
Definition: ms_sal.h:345
#define _In_
Definition: ms_sal.h:308
#define _In_opt_
Definition: ms_sal.h:309
#define _Const_
Definition: ms_sal.h:299
#define _Outptr_result_buffer_(size)
Definition: ms_sal.h:456
#define _In_range_(lb, ub)
Definition: ms_sal.h:571
#define _In_reads_(size)
Definition: ms_sal.h:319
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1595
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: sefuncs.h:317
_In_ PVOID ClientContext
Definition: netioddk.h:55
ULONG ACCESS_MASK
Definition: nt_native.h:40
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define _NTDDK_
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
BOOLEAN NTAPI SeAuditingHardLinkEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
Determines whether auditing against hard links events is being done or not.
Definition: audit.c:1050
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
BOOLEAN NTAPI SeValidSecurityDescriptor(_In_ ULONG Length, _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
Determines if a security descriptor is valid according to the general security requirements and condi...
Definition: sd.c:1027
BOOLEAN NTAPI SeTokenIsWriteRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is write restricted, that is, nobody can write anything to it.
Definition: token.c:2151
_Const_ NTSTATUS NTAPI SeSetAuditParameter(_Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ SE_ADT_PARAMETER_TYPE Type, _In_range_(<, SE_MAX_AUDIT_PARAMETERS) ULONG Index, _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE")) PVOID Data)
Sets an array of audit parameters for later security auditing use.
Definition: semgr.c:600
uint32_t * PULONG
Definition: typedefs.h:59
unsigned char * PBOOLEAN
Definition: typedefs.h:53
INT POOL_TYPE
Definition: typedefs.h:78
#define NTAPI
Definition: typedefs.h:36
uint32_t ULONG
Definition: typedefs.h:59
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
_In_ WDFCOLLECTION _In_ ULONG Index
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
#define _WDMDDK_
Definition: wdm.template.h:26
#define NTKERNELAPI
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
NTKERNELAPI VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:107
_In_opt_ PVOID _In_opt_ PUNICODE_STRING AbsoluteObjectName
Definition: sefuncs.h:415
NTKERNELAPI NTSTATUS NTAPI SeQueryInformationToken(_In_ PACCESS_TOKEN Token, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation)
Queries information details about the given token to the call. The difference between NtQueryInformat...
Definition: tokencls.c:95
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreation(_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess)
Performs an audit against a hard link creation.
Definition: audit.c:967
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:422
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfoEx(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR ModificationDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ ULONG AutoInheritFlags, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
NTKERNELAPI NTSTATUS NTAPI SeQuerySessionIdToken(_In_ PACCESS_TOKEN Token, _Out_ PULONG SessionId)
Queries the session ID of an access token.
Definition: token.c:2004
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN ObjectCreated
Definition: sefuncs.h:418
$endif(_WDMDDK_) $if(_NTDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue
Definition: ke.h:202
_In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor
Definition: sefuncs.h:29
NTKERNELAPI BOOLEAN NTAPI SeAuditingAnyFileEventsWithContext(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _Out_opt_ PBOOLEAN StagingEnabled)
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEventsWithContext(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against file events with subject context is being done or not.
Definition: audit.c:1023
$if(_WDMDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTKERNELAPI BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: ke.h:1
NTKERNELAPI VOID NTAPI SeImpersonateClient(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Impersonates a client user.
Definition: client.c:321
NTKERNELAPI PSE_EXPORTS SeExports
Definition: semgr.c:21
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileOrGlobalEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against files or global events with subject context is being done or not.
Definition: audit.c:1111
NTSTATUS NTAPI SeReportSecurityEvent(_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
Report a security event to the security manager.
Definition: semgr.c:508
NTSTATUS NTAPI SeLocateProcessImageName(_Inout_ PEPROCESS Process, _Outptr_ PUNICODE_STRING *pImageFileName)
NTKERNELAPI NTSTATUS NTAPI SeAssignSecurityEx(_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_opt_ PSECURITY_DESCRIPTOR ExplicitDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_opt_ GUID *ObjectType, _In_ BOOLEAN IsDirectoryObject, _In_ ULONG AutoInheritFlags, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PGENERIC_MAPPING GenericMapping, _In_ POOL_TYPE PoolType)
NTKERNELAPI NTSTATUS NTAPI SeSetSecurityDescriptorInfo(_In_opt_ PVOID Object, _In_ PSECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ POOL_TYPE PoolType, _In_ PGENERIC_MAPPING GenericMapping)
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarm(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
Creates an audit with alarm notification of an object that is being opened for deletion.
Definition: audit.c:1276
NTKERNELAPI VOID NTAPI SeExamineSacl(_In_ PACL Sacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateAudit, _Out_ PBOOLEAN GenerateAlarm)
NTKERNELAPI ULONG NTAPI SeObjectCreateSaclAccessBits(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN SubjectContextLocked
Definition: sefuncs.h:14
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity(_In_ PETHREAD ClientThread, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN RemoteSession, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context.
Definition: client.c:162
NTKERNELAPI VOID NTAPI SeAuditHardLinkCreationWithTransaction(_In_ PUNICODE_STRING FileName, _In_ PUNICODE_STRING LinkName, _In_ BOOLEAN bSuccess, _In_opt_ GUID *TransactionId)
NTKERNELAPI NTSTATUS NTAPI SeUnregisterLogonSessionTerminatedRoutine(_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Un-registers a callback routine, previously registered by SeRegisterLogonSessionTerminatedRoutine fun...
Definition: srm.c:1621
NTKERNELAPI NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
NTKERNELAPI NTSTATUS NTAPI SeImpersonateClientEx(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Extended function that impersonates a client.
Definition: client.c:276
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:419
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarmWithTransaction(_In_ PVOID Object, _In_ HANDLE Handle, _In_opt_ GUID *TransactionId)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK PreviouslyGrantedAccess
Definition: sefuncs.h:16
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID * TransactionId
Definition: sefuncs.h:421
NTKERNELAPI NTSTATUS NTAPI SeQuerySecurityDescriptorInfo(_In_ PSECURITY_INFORMATION SecurityInformation, _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor, _Inout_ PULONG Length, _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
NTKERNELAPI VOID NTAPI SeReleaseSubjectContext(_Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
NTKERNELAPI VOID NTAPI SeOpenObjectForDeleteAuditAlarmWithTransaction(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _In_opt_ GUID *TransactionId, _Out_ PBOOLEAN GenerateOnClose)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE AccessMode
Definition: sefuncs.h:19
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(_In_ PACCESS_TOKEN Token)
Gathers the token type of an access token. A token ca be either a primary token or impersonation toke...
Definition: token.c:2080
NTKERNELAPI VOID NTAPI SeQueryTokenIntegrity(_In_ PACCESS_TOKEN Token, _Inout_ PSID_AND_ATTRIBUTES IntegritySA)
NTKERNELAPI VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:138
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
NTKERNELAPI VOID NTAPI SeOpenObjectAuditAlarm(_In_ PUNICODE_STRING ObjectTypeName, _In_opt_ PVOID Object, _In_opt_ PUNICODE_STRING AbsoluteObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ BOOLEAN ObjectCreated, _In_ BOOLEAN AccessGranted, _In_ KPROCESSOR_MODE AccessMode, _Out_ PBOOLEAN GenerateOnClose)
Creates an audit with alarm notification of an object that is being opened.
Definition: audit.c:1213
NTKERNELAPI BOOLEAN NTAPI SeTokenIsRestricted(_In_ PACCESS_TOKEN Token)
Determines if a token is restricted or not, based upon the token flags.
Definition: token.c:2126
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon the captured security subject context.
Definition: client.c:224
NTSTATUS NTAPI SeReportSecurityEventWithSubCategory(_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ ULONG AuditSubcategoryId)
NTKERNELAPI VOID NTAPI SeMaximumAuditMaskFromGlobalSacl(_In_opt_ PUNICODE_STRING ObjectTypeName, _In_ ACCESS_MASK GrantedAccess, _In_ PACCESS_TOKEN Token, _Inout_ PACCESS_MASK AuditMask)
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: sefuncs.h:32
NTKERNELAPI VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85
NTKERNELAPI NTSTATUS NTAPI SeFilterToken(_In_ PACCESS_TOKEN ExistingToken, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Outptr_ PACCESS_TOKEN *FilteredToken)
BOOLEAN NTAPI SeAccessCheckFromState(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation, _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
NTKERNELAPI NTSTATUS NTAPI SeSetSessionIdToken(_In_ PACCESS_TOKEN Token, _In_ ULONG SessionId)
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:31
NTKERNELAPI VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
VOID NTAPI SeSetAccessStateGenericMapping(_Inout_ PACCESS_STATE AccessState, _In_ PGENERIC_MAPPING GenericMapping)
NTKERNELAPI BOOLEAN NTAPI SePrivilegeCheck(_Inout_ PPRIVILEGE_SET RequiredPrivileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE AccessMode)
NTKERNELAPI BOOLEAN NTAPI SeTokenIsAdmin(_In_ PACCESS_TOKEN Token)
Determines if a token is either an admin token or not. Such condition is checked based upon TOKEN_HAS...
Definition: token.c:2103
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
_In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
Definition: sefuncs.h:13
NTKERNELAPI VOID NTAPI SeExamineGlobalSacl(_In_ PUNICODE_STRING ObjectType, _In_ PACL ResourceSacl, _In_ PACCESS_TOKEN Token, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN AccessGranted, _Inout_ PBOOLEAN GenerateAudit, _Inout_opt_ PBOOLEAN GenerateAlarm)
NTKERNELAPI BOOLEAN NTAPI SeAuditingHardLinkEventsWithContext(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
Determines whether auditing against hard links events with subject context is being done or not.
Definition: audit.c:1080
NTKERNELAPI NTSTATUS NTAPI SeQueryAuthenticationIdToken(_In_ PACCESS_TOKEN Token, _Out_ PLUID AuthenticationId)
Queries the authentication ID of an access token.
Definition: token.c:2036
NTKERNELAPI BOOLEAN NTAPI SeAuditingFileEvents(_In_ BOOLEAN AccessGranted, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
Determines whether auditing against file events is being done or not.
Definition: audit.c:993
NTKERNELAPI NTSTATUS NTAPI SeMarkLogonSessionForTerminationNotification(_In_ PLUID LogonId)
Marks a logon session for future termination, given its logon ID. This triggers a callout (the regist...
Definition: srm.c:1510
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:30
NTKERNELAPI NTSTATUS NTAPI SeRegisterLogonSessionTerminatedRoutine(_In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
Registers a callback that will be called once a logon session terminates.
Definition: srm.c:1572
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
_In_opt_ PSECURITY_DESCRIPTOR _In_opt_ PSECURITY_DESCRIPTOR ParentSecurityDescriptor
Definition: sefuncs.h:396
NTKERNELAPI VOID NTAPI SeDeleteObjectAuditAlarm(_In_ PVOID Object, _In_ HANDLE Handle)
Deletes an alarm audit of an object.
Definition: audit.c:1163
NTKERNELAPI VOID NTAPI SeAuditTransactionStateChange(_In_ GUID *TransactionId, _In_ GUID *ResourceManagerId, _In_ ULONG NewTransactionState)
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
NTSTATUS(NTAPI * PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId)
Definition: setypes.h:1263
enum _SE_ADT_PARAMETER_TYPE SE_ADT_PARAMETER_TYPE
#define SE_MAX_AUDIT_PARAMETERS
Definition: setypes.h:256