ReactOS 0.4.16-dev-197-g92996da
se.h
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Internal header for the Security Manager
5 * COPYRIGHT: Copyright Eric Kohl
6 * Copyright 2022-2023 George Bișoc <george.bisoc@reactos.org>
7 */
8
9#pragma once
10
11//
12// Internal ACE type structures
13//
14typedef struct _KNOWN_ACE
15{
20
21typedef struct _KNOWN_OBJECT_ACE
22{
28
29typedef struct _KNOWN_COMPOUND_ACE
30{
37
38//
39// Access Check Rights
40//
42{
47
48//
49// Internal object type list structure
50//
52{
57
59{
63
64//
65// Token Audit Policy Information structure
66//
68{
70 struct
71 {
76
77//
78// Token creation method defines (for debugging purposes)
79//
80#define TOKEN_CREATE_METHOD 0xCUL
81#define TOKEN_DUPLICATE_METHOD 0xDUL
82#define TOKEN_FILTER_METHOD 0xFUL
83
84//
85// Security descriptor internal helpers
86//
88PSID
90 _Inout_ PSECURITY_DESCRIPTOR _Descriptor)
91{
94
95 if (Descriptor->Control & SE_SELF_RELATIVE)
96 {
98 if (!SdRel->Group) return NULL;
99 return (PSID)((ULONG_PTR)Descriptor + SdRel->Group);
100 }
101 else
102 {
103 return Descriptor->Group;
104 }
105}
106
108PSID
110 _Inout_ PSECURITY_DESCRIPTOR _Descriptor)
111{
114
115 if (Descriptor->Control & SE_SELF_RELATIVE)
116 {
118 if (!SdRel->Owner) return NULL;
119 return (PSID)((ULONG_PTR)Descriptor + SdRel->Owner);
120 }
121 else
122 {
123 return Descriptor->Owner;
124 }
125}
126
128PACL
130 _Inout_ PSECURITY_DESCRIPTOR _Descriptor)
131{
134
135 if (!(Descriptor->Control & SE_DACL_PRESENT)) return NULL;
136
137 if (Descriptor->Control & SE_SELF_RELATIVE)
138 {
140 if (!SdRel->Dacl) return NULL;
141 return (PACL)((ULONG_PTR)Descriptor + SdRel->Dacl);
142 }
143 else
144 {
145 return Descriptor->Dacl;
146 }
147}
148
150PACL
152 _Inout_ PSECURITY_DESCRIPTOR _Descriptor)
153{
156
157 if (!(Descriptor->Control & SE_SACL_PRESENT)) return NULL;
158
159 if (Descriptor->Control & SE_SELF_RELATIVE)
160 {
162 if (!SdRel->Sacl) return NULL;
163 return (PACL)((ULONG_PTR)Descriptor + SdRel->Sacl);
164 }
165 else
166 {
167 return Descriptor->Sacl;
168 }
169}
170
171#ifndef RTL_H
172
173//
174// SID Authorities
175//
181
182//
183// SIDs
184//
185extern PSID SeNullSid;
186extern PSID SeWorldSid;
187extern PSID SeLocalSid;
193extern PSID SeDialupSid;
194extern PSID SeNetworkSid;
195extern PSID SeBatchSid;
197extern PSID SeServiceSid;
204extern PSID SeAliasUsersSid;
212extern PSID SeRestrictedSid;
216
217//
218// Privileges
219//
220extern const LUID SeCreateTokenPrivilege;
222extern const LUID SeLockMemoryPrivilege;
223extern const LUID SeIncreaseQuotaPrivilege;
225extern const LUID SeTcbPrivilege;
226extern const LUID SeSecurityPrivilege;
227extern const LUID SeTakeOwnershipPrivilege;
228extern const LUID SeLoadDriverPrivilege;
229extern const LUID SeSystemProfilePrivilege;
230extern const LUID SeSystemtimePrivilege;
235extern const LUID SeBackupPrivilege;
236extern const LUID SeRestorePrivilege;
237extern const LUID SeShutdownPrivilege;
238extern const LUID SeDebugPrivilege;
239extern const LUID SeAuditPrivilege;
241extern const LUID SeChangeNotifyPrivilege;
243extern const LUID SeUndockPrivilege;
244extern const LUID SeSyncAgentPrivilege;
246extern const LUID SeManageVolumePrivilege;
247extern const LUID SeImpersonatePrivilege;
248extern const LUID SeCreateGlobalPrivilege;
250extern const LUID SeRelabelPrivilege;
252extern const LUID SeTimeZonePrivilege;
254
255//
256// DACLs
257//
263
264//
265// SDs
266//
274
275//
276// Anonymous Logon Tokens
277//
280
281
282//
283// Token lock management macros
284//
285#define SepAcquireTokenLockExclusive(Token) \
286{ \
287 KeEnterCriticalRegion(); \
288 ExAcquireResourceExclusiveLite(((PTOKEN)Token)->TokenLock, TRUE); \
289}
290#define SepAcquireTokenLockShared(Token) \
291{ \
292 KeEnterCriticalRegion(); \
293 ExAcquireResourceSharedLite(((PTOKEN)Token)->TokenLock, TRUE); \
294}
295
296#define SepReleaseTokenLock(Token) \
297{ \
298 ExReleaseResourceLite(((PTOKEN)Token)->TokenLock); \
299 KeLeaveCriticalRegion(); \
300}
301
302#if DBG
303//
304// Security Debug Utility Functions
305//
306VOID
309
310VOID
313
314VOID
316 _In_ PACCESS_CHECK_RIGHTS AccessRights);
317
318VOID
320 _In_ PACCESS_MASK GrantedAccessList,
321 _In_ PNTSTATUS AccessStatusList,
322 _In_ BOOLEAN IsResultList,
323 _In_ POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
324 _In_ ULONG ObjectTypeListLength);
325#endif // DBG
326
327//
328// Token Functions
329//
330CODE_SEG("INIT")
331VOID
332NTAPI
334
335CODE_SEG("INIT")
336PTOKEN
337NTAPI
339
340CODE_SEG("INIT")
341PTOKEN
343
344CODE_SEG("INIT")
345PTOKEN
347
349NTAPI
357 _Out_ PTOKEN* NewAccessToken);
358
360NTAPI
368 _In_ PLUID AuthenticationId,
369 _In_ PLARGE_INTEGER ExpirationTime,
371 _In_ ULONG GroupCount,
373 _In_ ULONG GroupsLength,
374 _In_ ULONG PrivilegeCount,
378 _In_opt_ PACL DefaultDacl,
380 _In_ BOOLEAN SystemToken);
381
383NTAPI
385 _In_ PACCESS_TOKEN _Token,
387 _In_ BOOLEAN TokenLocked);
388
392
393VOID
396
397VOID
400
405 _In_opt_ PSID DefaultOwner,
406 _Out_opt_ PULONG PrimaryGroupIndex,
407 _Out_opt_ PULONG DefaultOwnerIndex);
408
409VOID
413
414VOID
417
418VOID
422
423VOID
427
428ULONG
430 _In_ ULONG DynamicCharged,
432 _In_opt_ PACL DefaultDacl);
433
437 _In_ ULONG NewDynamicPartSize);
438
440NTAPI
442 _In_ PTOKEN ProcessToken,
443 _In_ PTOKEN TokenToImpersonate,
445
446VOID
447NTAPI
449 _In_ PACCESS_TOKEN _Token,
450 _Out_ PTOKEN_CONTROL TokenControl);
451
452VOID
453NTAPI
456
458NTAPI
462 _In_ BOOLEAN InUse,
464
466NTAPI
470
472NTAPI
475 _Out_ PBOOLEAN IsSibling);
476
478NTAPI
481 _In_ PACCESS_TOKEN NewAccessToken,
482 _Out_ PACCESS_TOKEN* OldAccessToken);
483
485NTAPI
490 _Out_ PACCESS_TOKEN* NewToken);
491
493NTAPI
496
497ULONG
501
502//
503// Security Manager (SeMgr) functions
504//
505CODE_SEG("INIT")
507NTAPI
509
511NTAPI
514 _In_ SECURITY_OPERATION_CODE OperationType,
518 _Inout_opt_ PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
521
522VOID
523NTAPI
527
528VOID
529NTAPI
533
534//
535// Privilege functions
536//
537CODE_SEG("INIT")
538VOID
539NTAPI
541
543NTAPI
547 _In_ ULONG PrivilegeCount,
548 _In_ ULONG PrivilegeControl,
550
552NTAPI
558 _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet,
560
562NTAPI
566
568NTAPI
570 _In_ LUID PrivilegeValue,
571 _In_ HANDLE ObjectHandle,
574
576NTAPI
579 _In_ ULONG PrivilegeCount,
581 _In_ PLUID_AND_ATTRIBUTES AllocatedMem,
582 _In_ ULONG AllocatedLength,
584 _In_ BOOLEAN CaptureIfKernel,
587
588VOID
589NTAPI
593 _In_ BOOLEAN CaptureIfKernel);
594
595//
596// SID functions
597//
598CODE_SEG("INIT")
600NTAPI
602
604NTAPI
606 _In_ PSID InputSid,
609 _In_ BOOLEAN CaptureIfKernel,
610 _Out_ PSID *CapturedSid);
611
612VOID
613NTAPI
615 _In_ PSID CapturedSid,
617 _In_ BOOLEAN CaptureIfKernel);
618
620NTAPI
622 _In_ PACCESS_TOKEN _Token,
623 _In_ PSID Sid);
624
626NTAPI
628 _In_ PACCESS_TOKEN _Token,
629 _In_ PSID PrincipalSelfSid,
630 _In_ PSID _Sid,
631 _In_ BOOLEAN Deny,
633
634PSID
635NTAPI
637 _In_ PACE Ace);
638
640NTAPI
642 _In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes,
643 _In_ ULONG AttributeCount,
645 _In_opt_ PVOID AllocatedMem,
646 _In_ ULONG AllocatedLength,
648 _In_ BOOLEAN CaptureIfKernel,
649 _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes,
651
652VOID
653NTAPI
655 _In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
657 _In_ BOOLEAN CaptureIfKernel);
658
659//
660// ACL functions
661//
662CODE_SEG("INIT")
664NTAPI
666
668NTAPI
671 _In_ PTOKEN PrimaryToken,
672 _Out_ PACL* Dacl);
673
675NTAPI
677 _In_ PACL InputAcl,
680 _In_ BOOLEAN CaptureIfKernel,
681 _Out_ PACL *CapturedAcl);
682
683VOID
684NTAPI
686 _In_ PACL CapturedAcl,
688 _In_ BOOLEAN CaptureIfKernel);
689
692 _Out_writes_bytes_opt_(DaclLength) PACL AclDest,
694 _In_reads_bytes_(AclSource->AclSize) PACL AclSource,
697 _In_ BOOLEAN IsInherited,
700
701PACL
703 _In_opt_ PACL ExplicitAcl,
704 _In_ BOOLEAN ExplicitPresent,
705 _In_ BOOLEAN ExplicitDefaulted,
706 _In_opt_ PACL ParentAcl,
707 _In_opt_ PACL DefaultAcl,
711 _Out_ PBOOLEAN AclPresent,
712 _Out_ PBOOLEAN IsInherited,
715
716//
717// SD functions
718//
719CODE_SEG("INIT")
721NTAPI
723
725NTAPI
730
732NTAPI
735 _Out_ PULONG QuotaInfoSize);
736
737//
738// Security Reference Monitor (SeRm) functions
739//
741NTAPI
743
745NTAPI
747
749NTAPI
752
754NTAPI
757
760 _Inout_ PLUID LogonLuid);
761
764 _Inout_ PLUID LogonLuid);
765
767NTAPI
774
776NTAPI
779 _Out_ PDEVICE_MAP *DeviceMap);
780
781//
782// Audit functions
783//
785NTAPI
788 _In_ BOOLEAN DoAudit,
790
792NTAPI
795
796VOID
797NTAPI
800
801VOID
802NTAPI
805
806VOID
807NTAPI
811 _In_ PPRIVILEGE_SET PrivilegeSet,
813
814//
815// Subject functions
816//
817VOID
818NTAPI
823
824//
825// Security Quality of Service (SQoS) functions
826//
828NTAPI
833 _In_ BOOLEAN CaptureIfKernel,
834 _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService,
835 _Out_ PBOOLEAN Present);
836
837VOID
838NTAPI
840 _In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
842 _In_ BOOLEAN CaptureIfKernel);
843
844//
845// Object type list functions
846//
847PGUID
849 _In_ PACE Ace,
850 _In_ BOOLEAN IsAceDenied);
851
854 _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST_INTERNAL ObjectTypeList,
855 _In_ ULONG ObjectTypeListLength,
856 _In_ PGUID ObjectTypeGuid,
857 _Out_ PULONG ObjectIndex);
858
861 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
862 _In_ ULONG ObjectTypeListLength,
864 _Out_ POBJECT_TYPE_LIST_INTERNAL *CapturedObjectTypeList);
865
866VOID
868 _In_ _Post_invalid_ POBJECT_TYPE_LIST_INTERNAL CapturedObjectTypeList,
870
871//
872// Access state functions
873//
875NTAPI
880 _In_ PAUX_ACCESS_DATA AuxData,
881 _In_ ACCESS_MASK Access,
883
884//
885// Access check functions
886//
888NTAPI
894
895#endif
896
897/* EOF */
#define CODE_SEG(...)
static OB_SECURITY_METHOD SeDefaultObjectMethod
Definition: ObTypes.c:134
unsigned char BOOLEAN
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn UINT32 *TableIdx UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
Definition: acpixf.h:732
TOKEN_TYPE
Definition: asmpp.cpp:29
LONG NTSTATUS
Definition: precomp.h:26
static WCHAR ServiceName[]
Definition: browser.c:19
@ Ace
Definition: card.h:12
_In_ ULONG _In_opt_ WDFREQUEST _In_opt_ PVOID _In_ size_t _In_ PVOID _In_ size_t _Out_ size_t * DataLength
Definition: cdrom.h:1444
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define NULL
Definition: types.h:112
ULONG SessionId
Definition: dllmain.c:28
UNICODE_STRING Restricted
Definition: utils.c:24
#define ULONG_PTR
Definition: config.h:101
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:312
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
* PNTSTATUS
Definition: strlen.c:14
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
#define _Out_opt_
Definition: ms_sal.h:346
#define _In_reads_bytes_(size)
Definition: ms_sal.h:321
#define _Inout_
Definition: ms_sal.h:378
#define _Post_invalid_
Definition: ms_sal.h:695
#define _Inout_opt_
Definition: ms_sal.h:379
#define _Out_
Definition: ms_sal.h:345
#define _In_reads_opt_(size)
Definition: ms_sal.h:320
#define _In_
Definition: ms_sal.h:308
#define _In_opt_
Definition: ms_sal.h:309
#define _Out_writes_bytes_opt_(size)
Definition: ms_sal.h:351
#define _In_reads_(size)
Definition: ms_sal.h:319
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1605
_In_opt_ PSID Group
Definition: rtlfuncs.h:1658
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1609
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1611
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1145
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:410
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
int Count
Definition: noreturn.cpp:7
ULONG ACCESS_MASK
Definition: nt_native.h:40
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
PSID SeLocalSystemSid
Definition: sid.c:38
NTSTATUS NTAPI SepRmRemoveLogonSessionFromToken(_Inout_ PTOKEN Token)
Removes a logon session from an access token.
Definition: srm.c:449
NTSTATUS SepPropagateAcl(_Out_writes_bytes_opt_(DaclLength) PACL AclDest, _Inout_ PULONG AclLength, _In_reads_bytes_(AclSource->AclSize) PACL AclSource, _In_ PSID Owner, _In_ PSID Group, _In_ BOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
const LUID SeDebugPrivilege
Definition: priv.c:39
BOOLEAN NTAPI SeTokenCanImpersonate(_In_ PTOKEN ProcessToken, _In_ PTOKEN TokenToImpersonate, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Determines whether the server is allowed to impersonate on behalf of a client or not....
Definition: token.c:2207
VOID NTAPI SepReleaseSid(_In_ PSID CapturedSid, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID.
Definition: sid.c:400
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
Definition: sid.c:21
PTOKEN SeAnonymousLogonToken
Definition: semgr.c:19
NTSTATUS SepRmDereferenceLogonSession(_Inout_ PLUID LogonLuid)
PSECURITY_DESCRIPTOR SeSystemDefaultSd
Definition: sd.c:20
VOID NTAPI SeCaptureSubjectContextEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
An extended function that captures the security subject context based upon the specified thread and p...
Definition: subject.c:41
NTSTATUS NTAPI SepRmInsertLogonSessionIntoToken(_Inout_ PTOKEN Token)
Inserts a logon session into an access token specified by the caller.
Definition: srm.c:368
PSID SeAliasAccountOpsSid
Definition: sid.c:45
VOID SepRemovePrivilegeToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a privilege from the token.
Definition: token.c:582
PGUID SepGetObjectTypeGuidFromAce(_In_ PACE Ace, _In_ BOOLEAN IsAceDenied)
Captures an object type GUID from an object access control entry (ACE).
Definition: objtype.c:180
const LUID SeSyncAgentPrivilege
Definition: priv.c:45
NTSTATUS NTAPI SepCaptureSid(_In_ PSID InputSid, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID *CapturedSid)
Captures a SID.
Definition: sid.c:314
NTSTATUS SepFindPrimaryGroupAndDefaultOwner(_In_ PTOKEN Token, _In_ PSID PrimaryGroup, _In_opt_ PSID DefaultOwner, _Out_opt_ PULONG PrimaryGroupIndex, _Out_opt_ PULONG DefaultOwnerIndex)
Finds the primary group and default owner entity based on the submitted primary group instance and an...
Definition: token.c:1011
BOOLEAN NTAPI SeTokenIsInert(_In_ PTOKEN Token)
Determines if a token is a sandbox inert token or not, based upon the token flags.
Definition: token.c:1583
VOID NTAPI SepInitializeTokenImplementation(VOID)
Internal function that initializes critical kernel data for access token implementation in SRM.
Definition: token.c:1649
VOID SeReleaseObjectTypeList(_In_ _Post_invalid_ POBJECT_TYPE_LIST_INTERNAL CapturedObjectTypeList, _In_ KPROCESSOR_MODE PreviousMode)
Releases a buffer list of object types.
Definition: objtype.c:378
const LUID SeSystemProfilePrivilege
Definition: priv.c:30
PACL SePublicOpenDacl
Definition: acl.c:19
const LUID SeCreateTokenPrivilege
Definition: priv.c:21
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
Definition: sd.c:19
BOOLEAN NTAPI SeInitSystem(VOID)
Main security manager initialization function.
Definition: semgr.c:285
PSID SeRestrictedSid
Definition: sid.c:50
NTSTATUS SeCaptureObjectTypeList(_In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ KPROCESSOR_MODE PreviousMode, _Out_ POBJECT_TYPE_LIST_INTERNAL *CapturedObjectTypeList)
Captures a list of object types and converts it to an internal form for use by the kernel....
Definition: objtype.c:282
struct _KNOWN_COMPOUND_ACE * PKNOWN_COMPOUND_ACE
const LUID SeBackupPrivilege
Definition: priv.c:36
PSECURITY_DESCRIPTOR SePublicOpenSd
Definition: sd.c:18
PTOKEN NTAPI SepCreateSystemProcessToken(VOID)
Creates the system process token.
Definition: token.c:1753
NTSTATUS SepCreateTokenLock(_Inout_ PTOKEN Token)
Creates a lock for the token.
Definition: token.c:45
const LUID SeTrustedCredmanPrivilege
Definition: priv.c:50
NTSTATUS NTAPI SeCopyClientToken(_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
Copies an existing access token (technically duplicating a new one).
Definition: token.c:1542
PACL SePublicDefaultUnrestrictedDacl
Definition: acl.c:18
struct _ACCESS_CHECK_RIGHTS ACCESS_CHECK_RIGHTS
BOOLEAN NTAPI SeCheckPrivilegedObject(_In_ LUID PrivilegeValue, _In_ HANDLE ObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE PreviousMode)
Checks a privileged object if such object has the specific privilege submitted by the caller.
Definition: priv.c:803
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:22
NTSTATUS NTAPI SepRegQueryHelper(_In_ PCWSTR KeyName, _In_ PCWSTR ValueName, _In_ ULONG ValueType, _In_ ULONG DataLength, _Out_ PVOID ValueData)
A private registry helper that returns the desired value data based on the specifics requested by the...
Definition: srm.c:93
FORCEINLINE PSID SepGetOwnerFromDescriptor(_Inout_ PSECURITY_DESCRIPTOR _Descriptor)
Definition: se.h:109
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID with attributes.
Definition: sid.c:976
BOOLEAN NTAPI SepSidInToken(_In_ PACCESS_TOKEN _Token, _In_ PSID Sid)
Checks if a SID is present in a token.
Definition: sid.c:547
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
Definition: sid.c:19
const LUID SeTimeZonePrivilege
Definition: priv.c:53
PSECURITY_DESCRIPTOR SeUnrestrictedSd
Definition: sd.c:21
PSID SeNetworkServiceSid
Definition: sid.c:53
PACL SeSystemAnonymousLogonDacl
Definition: acl.c:22
NTSTATUS NTAPI SeSubProcessToken(_In_ PTOKEN Parent, _Out_ PTOKEN *Token, _In_ BOOLEAN InUse, _In_ ULONG SessionId)
Subtracts a token in exchange of duplicating a new one.
Definition: token.c:1373
struct _KNOWN_COMPOUND_ACE KNOWN_COMPOUND_ACE
_ACCESS_CHECK_RIGHT_TYPE
Definition: se.h:59
@ AccessCheckMaximum
Definition: se.h:60
@ AccessCheckRegular
Definition: se.h:61
struct _ACCESS_CHECK_RIGHTS * PACCESS_CHECK_RIGHTS
NTSTATUS NTAPI SeIsTokenSibling(_In_ PTOKEN Token, _Out_ PBOOLEAN IsSibling)
Checks if the token is a sibling of the other token of the current process that the calling thread is...
Definition: token.c:1482
enum _ACCESS_CHECK_RIGHT_TYPE ACCESS_CHECK_RIGHT_TYPE
VOID NTAPI SepReleaseAcl(_In_ PACL CapturedAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases (frees) a captured ACL from the memory pool.
Definition: acl.c:464
NTSTATUS NTAPI SePrivilegePolicyCheck(_Inout_ PACCESS_MASK DesiredAccess, _Inout_ PACCESS_MASK GrantedAccess, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PTOKEN Token, _Out_opt_ PPRIVILEGE_SET *OutPrivilegeSet, _In_ KPROCESSOR_MODE PreviousMode)
Checks the security policy and returns a set of privileges based upon the said security policy contex...
Definition: priv.c:244
struct _OBJECT_TYPE_LIST_INTERNAL * POBJECT_TYPE_LIST_INTERNAL
struct _TOKEN_AUDIT_POLICY_INFORMATION TOKEN_AUDIT_POLICY_INFORMATION
PSID SeBatchSid
Definition: sid.c:34
BOOLEAN NTAPI SeCheckAuditPrivilege(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks a single privilege and performs an audit against a privileged service based on a security subj...
Definition: priv.c:360
VOID NTAPI SeReleaseLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Privilege, _In_ KPROCESSOR_MODE PreviousMode, _In_ BOOLEAN CaptureIfKernel)
Releases a LUID with attributes structure.
Definition: priv.c:554
VOID NTAPI SeAuditProcessExit(_In_ PEPROCESS Process)
Peforms a security auditing against a process that is about to be terminated.
Definition: audit.c:77
const LUID SeSystemtimePrivilege
Definition: priv.c:31
struct _KNOWN_OBJECT_ACE KNOWN_OBJECT_ACE
PACL SePublicOpenUnrestrictedDacl
Definition: acl.c:20
BOOLEAN NTAPI SepPrivilegeCheck(_In_ PTOKEN Token, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_ ULONG PrivilegeCount, _In_ ULONG PrivilegeControl, _In_ KPROCESSOR_MODE PreviousMode)
Checks the privileges pointed by Privileges array argument if they exist and match with the privilege...
Definition: priv.c:104
NTSTATUS NTAPI SepDuplicateToken(_In_ PTOKEN Token, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PTOKEN *NewAccessToken)
Duplicates an access token, from an existing valid token.
Definition: tokenlif.c:471
PSID SeCreatorOwnerServerSid
Definition: sid.c:29
const LUID SeCreateGlobalPrivilege
Definition: priv.c:49
PSID SeAliasAdminsSid
Definition: sid.c:41
const LUID SeChangeNotifyPrivilege
Definition: priv.c:42
NTSTATUS NTAPI SepCreateImpersonationTokenDacl(_In_ PTOKEN Token, _In_ PTOKEN PrimaryToken, _Out_ PACL *Dacl)
Allocates a discretionary access control list based on certain properties of a regular and primary ac...
Definition: acl.c:277
PSID SeAnonymousLogonSid
Definition: se.h:213
PSID SeRestrictedCodeSid
Definition: sid.c:40
BOOLEAN NTAPI SeRmInitPhase0(VOID)
Manages the phase 0 initialization of the security reference monitoring module of the kernel.
Definition: srm.c:176
const LUID SeImpersonatePrivilege
Definition: priv.c:48
PACL SeUnrestrictedDacl
Definition: acl.c:21
const LUID SeTcbPrivilege
Definition: priv.c:26
PSECURITY_DESCRIPTOR SePublicDefaultSd
Definition: sd.c:16
PSID SeAliasPowerUsersSid
Definition: sid.c:44
PACL SepSelectAcl(_In_opt_ PACL ExplicitAcl, _In_ BOOLEAN ExplicitPresent, _In_ BOOLEAN ExplicitDefaulted, _In_opt_ PACL ParentAcl, _In_opt_ PACL DefaultAcl, _Out_ PULONG AclLength, _In_ PSID Owner, _In_ PSID Group, _Out_ PBOOLEAN AclPresent, _Out_ PBOOLEAN IsInherited, _In_ BOOLEAN IsDirectoryObject, _In_ PGENERIC_MAPPING GenericMapping)
Selects an ACL and returns it to the caller.
Definition: acl.c:804
VOID NTAPI SePrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING ServiceName, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN AccessGranted)
Performs an audit alarm to a privileged service request.
Definition: audit.c:369
ULONG RtlLengthSidAndAttributes(_In_ ULONG Count, _In_ PSID_AND_ATTRIBUTES Src)
Computes the length size of a SID.
Definition: token.c:965
PSID SeInteractiveSid
Definition: sid.c:35
PSID SeWorldSid
Definition: sid.c:25
PSECURITY_DESCRIPTOR SeSystemAnonymousLogonSd
Definition: sd.c:22
PTOKEN SepCreateSystemAnonymousLogonTokenNoEveryone(VOID)
Creates the anonymous logon token for the system. This kind of token doesn't include the everyone SID...
Definition: token.c:1938
PSID SeAuthenticatedUserSid
Definition: sid.c:39
ULONG SepComputeAvailableDynamicSpace(_In_ ULONG DynamicCharged, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl)
Computes the exact available dynamic area of an access token whilst querying token statistics.
Definition: token.c:659
VOID SepUpdatePrivilegeFlagsToken(_Inout_ PTOKEN Token)
Updates the token's flags based upon the privilege that the token has been granted....
Definition: token.c:554
const LUID SeManageVolumePrivilege
Definition: priv.c:47
FORCEINLINE PSID SepGetGroupFromDescriptor(_Inout_ PSECURITY_DESCRIPTOR _Descriptor)
Definition: se.h:89
PSID SeServiceSid
Definition: sid.c:36
const LUID SeRestorePrivilege
Definition: priv.c:37
NTSTATUS NTAPI SeGetLogonIdDeviceMap(_In_ PLUID LogonId, _Out_ PDEVICE_MAP *DeviceMap)
Retrieves the DOS device map from a logon session.
Definition: srm.c:1347
PSID SeNetworkSid
Definition: sid.c:33
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
Definition: sd.c:17
BOOLEAN NTAPI SepInitSecurityIDs(VOID)
Initializes all the SIDs known in the system.
Definition: sid.c:115
struct _KNOWN_OBJECT_ACE * PKNOWN_OBJECT_ACE
VOID NTAPI SeSetSecurityAccessMask(_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
Sets the access mask for a security information context.
Definition: semgr.c:460
PSID SeCreatorGroupSid
Definition: sid.c:28
NTSTATUS SepRmReferenceLogonSession(_Inout_ PLUID LogonLuid)
PSID NTAPI SepGetSidFromAce(_In_ PACE Ace)
Captures a security identifier from a given access control entry. This identifier is valid for the wh...
Definition: sid.c:572
NTSTATUS NTAPI SeExchangePrimaryToken(_In_ PEPROCESS Process, _In_ PACCESS_TOKEN NewAccessToken, _Out_ PACCESS_TOKEN *OldAccessToken)
Replaces the old access token of a process (pointed by the EPROCESS kernel structure) with a new acce...
Definition: token.c:846
PSID SeNtAuthoritySid
Definition: sid.c:31
PTOKEN SeAnonymousLogonTokenNoEveryone
Definition: semgr.c:20
VOID NTAPI SeGetTokenControlInformation(_In_ PACCESS_TOKEN _Token, _Out_ PTOKEN_CONTROL TokenControl)
Retrieves token control information.
Definition: token.c:1720
const LUID SeRemoteShutdownPrivilege
Definition: priv.c:43
const LUID SeLoadDriverPrivilege
Definition: priv.c:29
NTSTATUS NTAPI SepCreateToken(_Out_ PHANDLE TokenHandle, _In_ KPROCESSOR_MODE PreviousMode, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PSID_AND_ATTRIBUTES User, _In_ ULONG GroupCount, _In_ PSID_AND_ATTRIBUTES Groups, _In_ ULONG GroupsLength, _In_ ULONG PrivilegeCount, _In_ PLUID_AND_ATTRIBUTES Privileges, _In_opt_ PSID Owner, _In_ PSID PrimaryGroup, _In_opt_ PACL DefaultDacl, _In_ PTOKEN_SOURCE TokenSource, _In_ BOOLEAN SystemToken)
Internal function responsible for access token object creation in the kernel. A fully created token o...
Definition: tokenlif.c:97
NTSTATUS NTAPI SeIsTokenChild(_In_ PTOKEN Token, _Out_ PBOOLEAN IsChild)
Checks if the token is a child of the other token of the current process that the calling thread is i...
Definition: token.c:1433
VOID NTAPI SeDeassignPrimaryToken(_Inout_ PEPROCESS Process)
Removes the primary token of a process.
Definition: token.c:936
BOOLEAN NTAPI SepInitDACLs(VOID)
Initializes known discretionary access control lists in the system upon kernel and Executive initiali...
Definition: acl.c:38
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33
const LUID SeLockMemoryPrivilege
Definition: priv.c:23
const LUID SeCreatePermanentPrivilege
Definition: priv.c:35
PTOKEN SepCreateSystemAnonymousLogonToken(VOID)
Creates the anonymous logon token for the system. The difference between this token and the other one...
Definition: token.c:1868
BOOLEAN SepObjectTypeGuidInList(_In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST_INTERNAL ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGUID ObjectTypeGuid, _Out_ PULONG ObjectIndex)
Searches for an object type GUID if it exists on an object type list.
Definition: objtype.c:223
SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
Definition: sid.c:18
VOID SepRemoveUserGroupToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Removes a group from the token.
Definition: token.c:618
PSID SeCreatorGroupServerSid
Definition: sid.c:30
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
Definition: sid.c:22
NTSTATUS NTAPI SepCaptureSecurityQualityOfService(_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService, _Out_ PBOOLEAN Present)
Captures the security quality of service data given the object attributes from an object.
Definition: sqos.c:52
PSID SeLocalSid
Definition: sid.c:26
VOID SepUpdateSinglePrivilegeFlagToken(_Inout_ PTOKEN Token, _In_ ULONG Index)
Updates the token's flags based upon the privilege that the token has been granted....
Definition: token.c:442
PSID SeDialupSid
Definition: sid.c:32
const LUID SeUndockPrivilege
Definition: priv.c:44
const LUID SeCreatePagefilePrivilege
Definition: priv.c:34
NTSTATUS NTAPI SeSetWorldSecurityDescriptor(_In_ SECURITY_INFORMATION SecurityInformation, _In_ PISECURITY_DESCRIPTOR SecurityDescriptor, _In_ PULONG BufferLength)
Sets a "World" security descriptor.
Definition: sd.c:155
FORCEINLINE PACL SepGetDaclFromDescriptor(_Inout_ PSECURITY_DESCRIPTOR _Descriptor)
Definition: se.h:129
BOOLEAN NTAPI SepTokenIsOwner(_In_ PACCESS_TOKEN _Token, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN TokenLocked)
Checks if a token belongs to the main user, being the owner.
Definition: token.c:511
NTSTATUS NTAPI SepCaptureAcl(_In_ PACL InputAcl, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PACL *CapturedAcl)
Captures an access control list from an already valid input ACL.
Definition: acl.c:352
PSID SeCreatorOwnerSid
Definition: sid.c:27
struct _TOKEN_AUDIT_POLICY_INFORMATION * PTOKEN_AUDIT_POLICY_INFORMATION
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
Definition: sid.c:20
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:28
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:32
const LUID SeShutdownPrivilege
Definition: priv.c:38
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:41
PSID SeAliasUsersSid
Definition: sid.c:42
NTSTATUS NTAPI SeCreateAccessStateEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _In_ OUT PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Captures a SID with attributes.
Definition: sid.c:693
const LUID SeSecurityPrivilege
Definition: priv.c:27
const LUID SeUnsolicitedInputPrivilege
Definition: priv.c:25
NTSTATUS NTAPI SeComputeQuotaInformationSize(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PULONG QuotaInfoSize)
const LUID SeCreateSymbolicLinkPrivilege
Definition: priv.c:54
BOOLEAN NTAPI SeDetailedAuditingWithToken(_In_ PTOKEN Token)
Peforms a detailed security auditing with an access token.
Definition: audit.c:34
PSID SeAliasBackupOpsSid
Definition: sid.c:48
const LUID SeEnableDelegationPrivilege
Definition: priv.c:46
BOOLEAN NTAPI SepInitSDs(VOID)
Initializes the known security descriptors in the system.
Definition: sd.c:37
VOID NTAPI SeQuerySecurityAccessMask(_In_ SECURITY_INFORMATION SecurityInformation, _Out_ PACCESS_MASK DesiredAccess)
Queries the access mask from a security information context.
Definition: semgr.c:427
VOID SepDeleteTokenLock(_Inout_ PTOKEN Token)
Deletes a lock of a token.
Definition: token.c:74
PSID SeAuthenticatedUsersSid
Definition: sid.c:49
VOID NTAPI SepReleaseSecurityQualityOfService(_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases (frees) the captured SQOS data from an object in the memory pool.
Definition: sqos.c:225
PSID SeAliasGuestsSid
Definition: sid.c:43
PSID SeAliasSystemOpsSid
Definition: sid.c:46
struct _KNOWN_ACE * PKNOWN_ACE
const LUID SeRelabelPrivilege
Definition: priv.c:51
const LUID SeIncreaseWorkingSetPrivilege
Definition: priv.c:52
BOOLEAN NTAPI SeFastTraverseCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PACCESS_STATE AccessState, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE AccessMode)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:2138
NTSTATUS NTAPI SeCaptureLuidAndAttributesArray(_In_ PLUID_AND_ATTRIBUTES Src, _In_ ULONG PrivilegeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_ PLUID_AND_ATTRIBUTES AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PLUID_AND_ATTRIBUTES *Dest, _Inout_ PULONG Length)
BOOLEAN NTAPI SeRmInitPhase1(VOID)
Manages the phase 1 initialization of the security reference monitoring module of the kernel.
Definition: srm.c:211
BOOLEAN NTAPI SepSidInTokenEx(_In_ PACCESS_TOKEN _Token, _In_ PSID PrincipalSelfSid, _In_ PSID _Sid, _In_ BOOLEAN Deny, _In_ BOOLEAN Restricted)
Checks if a SID is present in a token.
Definition: sid.c:443
NTSTATUS SepRebuildDynamicPartOfToken(_In_ PTOKEN Token, _In_ ULONG NewDynamicPartSize)
const LUID SeAuditPrivilege
Definition: priv.c:40
VOID NTAPI SeAuditProcessCreate(_In_ PEPROCESS Process)
Peforms a security auditing against a process that is about to be created.
Definition: audit.c:56
PSID SeAliasPrintOpsSid
Definition: sid.c:47
struct _KNOWN_ACE KNOWN_ACE
NTSTATUS NTAPI SeInitializeProcessAuditName(_In_ PFILE_OBJECT FileObject, _In_ BOOLEAN DoAudit, _Out_ POBJECT_NAME_INFORMATION *AuditInfo)
Initializes a process audit name and returns it to the caller.
Definition: audit.c:105
struct _OBJECT_TYPE_LIST_INTERNAL OBJECT_TYPE_LIST_INTERNAL
PSID SePrincipalSelfSid
Definition: sid.c:37
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:24
FORCEINLINE PACL SepGetSaclFromDescriptor(_Inout_ PSECURITY_DESCRIPTOR _Descriptor)
Definition: se.h:151
PSID SeLocalServiceSid
Definition: sid.c:52
VOID NTAPI SepInitPrivileges(VOID)
Initializes the privileges during the startup phase of the security manager module....
Definition: priv.c:71
PSID SeNullSid
Definition: sid.c:24
VOID SepDumpTokenDebugInfo(_In_opt_ PTOKEN Token)
Dumps debug information of an access token to the debugger.
Definition: debug.c:280
VOID SepDumpAccessAndStatusList(_In_ PACCESS_MASK GrantedAccessList, _In_ PNTSTATUS AccessStatusList, _In_ BOOLEAN IsResultList, _In_ POBJECT_TYPE_LIST_INTERNAL ObjectTypeList, _In_ ULONG ObjectTypeListLength)
Dumps access and status values of each object type in the result list.
Definition: debug.c:353
VOID SepDumpAccessRightsStats(_In_ PACCESS_CHECK_RIGHTS AccessRights)
Dumps security access rights to the debugger.
Definition: debug.c:325
VOID SepDumpSdDebugInfo(_In_opt_ PISECURITY_DESCRIPTOR SecurityDescriptor)
Dumps debug information of a security descriptor to the debugger.
Definition: debug.c:217
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
unsigned short USHORT
Definition: pedump.c:61
ACCESS_MASK RemainingAccessRights
Definition: se.h:43
ACCESS_MASK DeniedAccessRights
Definition: se.h:45
ACCESS_MASK GrantedAccessRights
Definition: se.h:44
Definition: rtltypes.h:993
Definition: se.h:15
ACE_HEADER Header
Definition: se.h:16
ULONG SidStart
Definition: se.h:18
ACCESS_MASK Mask
Definition: se.h:17
ACE_HEADER Header
Definition: se.h:31
USHORT Reserved
Definition: se.h:34
USHORT CompoundAceType
Definition: se.h:33
ULONG SidStart
Definition: se.h:35
ACCESS_MASK Mask
Definition: se.h:32
ULONG SidStart
Definition: se.h:26
ACE_HEADER Header
Definition: se.h:23
ACCESS_MASK Mask
Definition: se.h:24
ULONG Flags
Definition: se.h:25
ACCESS_CHECK_RIGHTS ObjectAccessRights
Definition: se.h:55
struct _TOKEN_AUDIT_POLICY_INFORMATION::@1810 Policies[1]
uint32_t * PULONG
Definition: typedefs.h:59
const uint16_t * PCWSTR
Definition: typedefs.h:57
unsigned char * PBOOLEAN
Definition: typedefs.h:53
INT POOL_TYPE
Definition: typedefs.h:78
#define NTAPI
Definition: typedefs.h:36
uint32_t ULONG
Definition: typedefs.h:59
#define OUT
Definition: typedefs.h:40
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
_In_ WDFCOLLECTION _In_ ULONG Index
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _In_ ULONG _Out_opt_ PULONG _Out_opt_ PULONG ValueType
Definition: wdfregistry.h:282
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
_Must_inspect_result_ _In_ WDFIORESLIST _In_ PIO_RESOURCE_DESCRIPTOR Descriptor
Definition: wdfresource.h:342
#define FORCEINLINE
Definition: wdftypes.h:67
BOOL WINAPI IsChild(_In_ HWND, _In_ HWND)
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
Definition: wmitypes.h:56
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
* PFILE_OBJECT
Definition: iotypes.h:1998
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:156
_In_ ULONG AclLength
Definition: rtlfuncs.h:1856
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:419
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:31
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
SECURITY_OPERATION_CODE
Definition: setypes.h:170
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
#define SE_SELF_RELATIVE
Definition: setypes.h:834
@ TokenSource
Definition: setypes.h:972
#define SE_SACL_PRESENT
Definition: setypes.h:823
#define SE_DACL_PRESENT
Definition: setypes.h:821
unsigned char UCHAR
Definition: xmlstorage.h:181