ReactOS  0.4.15-dev-3207-ga415bd4
sefuncs.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  sefuncs.h
8 
9 Abstract:
10 
11  Function definitions for the security manager.
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _SEFUNCS_H
20 #define _SEFUNCS_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 
27 #ifndef NTOS_MODE_USER
28 
29 //
30 // Security Descriptors
31 //
34 NTAPI
36  _In_ PSECURITY_DESCRIPTOR OriginalSecurityDescriptor,
37  _In_ KPROCESSOR_MODE CurrentMode,
39  _In_ BOOLEAN CaptureIfKernel,
40  _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor);
41 
44 NTAPI
46  _In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
47  _In_ KPROCESSOR_MODE CurrentMode,
48  _In_ BOOLEAN CaptureIfKernelMode);
49 
50 //
51 // Access States
52 //
55 NTAPI
58  _In_ PAUX_ACCESS_DATA AuxData,
59  _In_ ACCESS_MASK Access,
61 
63 VOID
64 NTAPI
67 
68 //
69 // Impersonation
70 //
73 NTAPI
76 
77 #endif
78 
79 //
80 // Native Calls
81 //
84 NTAPI
87  _In_ HANDLE ClientToken,
90  _Out_ PPRIVILEGE_SET PrivilegeSet,
94 
96 NTAPI
99  _In_ PSID PrincipalSelfSid,
100  _In_ HANDLE ClientToken,
102  _In_ POBJECT_TYPE_LIST ObjectTypeList,
103  _In_ ULONG ObjectTypeLength,
105  _In_ PPRIVILEGE_SET PrivilegeSet,
106  _Inout_ PULONG PrivilegeSetLength,
109 
110 NTSTATUS
111 NTAPI
114  _In_ PSID PrincipalSelfSid,
115  _In_ HANDLE ClientToken,
117  _In_ POBJECT_TYPE_LIST ObjectTypeList,
118  _In_ ULONG ObjectTypeLength,
120  _In_ PPRIVILEGE_SET PrivilegeSet,
121  _Inout_ PULONG PrivilegeSetLength,
124 
127 NTSTATUS
128 NTAPI
130  _In_ PUNICODE_STRING SubsystemName,
131  _In_opt_ PVOID HandleId,
137  _In_ BOOLEAN ObjectCreation,
141 
145 NTSTATUS
146 NTAPI
149  _In_ BOOLEAN ResetToDefault,
150  _In_opt_ PTOKEN_GROUPS NewState,
154 
158 NTSTATUS
159 NTAPI
162  _In_ BOOLEAN DisableAllPrivileges,
163  _In_opt_ PTOKEN_PRIVILEGES NewState,
167 
169 NTSTATUS
170 NTAPI
172  _Out_ LUID *LocallyUniqueId);
173 
175 NTSTATUS
176 NTAPI
180  _Out_ PULONG Sequence,
181  _Out_ PUCHAR Seed);
182 
184 NTSTATUS
185 NTAPI
187  _In_ HANDLE FirstTokenHandle,
188  _In_ HANDLE SecondTokenHandle,
189  _Out_ PBOOLEAN Equal);
190 
193 NTSTATUS
194 NTAPI
200  _In_ PLUID AuthenticationId,
201  _In_ PLARGE_INTEGER ExpirationTime,
209 
213 NTSTATUS
214 NTAPI
216  _In_ HANDLE ExistingTokenHandle,
222 
224 NTSTATUS
225 NTAPI
227  _In_ HANDLE ThreadHandle);
228 
231 NTSTATUS
232 NTAPI
234  _In_ PUNICODE_STRING SubsystemName,
235  _In_opt_ PVOID HandleId,
239  _In_ HANDLE ClientToken,
243  _In_ BOOLEAN ObjectCreation,
246 
248 NTSTATUS
249 NTAPI
255 
259 NTSTATUS
260 NTAPI
262  _In_ HANDLE ClientToken,
263  _Inout_ PPRIVILEGE_SET RequiredPrivileges,
265 
267 NTSTATUS
268 NTAPI
270  _In_ PUNICODE_STRING SubsystemName,
272  _In_ HANDLE ClientToken,
275 
278 NTSTATUS
279 NTAPI
281  _In_ PUNICODE_STRING SubsystemName,
282  _In_opt_ PVOID HandleId,
283  _In_ HANDLE ClientToken,
287 
293 NTSTATUS
294 NTAPI
301 
305 NTSTATUS
306 NTAPI
312 
313 NTSYSAPI
314 NTSTATUS
315 NTAPI
318  _In_ HANDLE ClientToken,
321  _Out_ PPRIVILEGE_SET PrivilegeSet,
325 
326 NTSYSAPI
327 NTSTATUS
328 NTAPI
331  _In_ BOOLEAN ResetToDefault,
332  _In_ PTOKEN_GROUPS NewState,
336 
338 NTSYSAPI
339 NTSTATUS
340 NTAPI
343  _In_ BOOLEAN DisableAllPrivileges,
344  _In_opt_ PTOKEN_PRIVILEGES NewState,
348 
349 NTSYSAPI
350 NTSTATUS
351 NTAPI
353  _Out_ LUID *LocallyUniqueId);
354 
355 NTSYSAPI
356 NTSTATUS
357 NTAPI
361  _Out_ PULONG Sequence,
362  _Out_ PUCHAR Seed);
363 
364 NTSYSAPI
365 NTSTATUS
366 NTAPI
372  _In_ PLUID AuthenticationId,
373  _In_ PLARGE_INTEGER ExpirationTime,
381 
383 NTSYSAPI
384 NTSTATUS
385 NTAPI
386 ZwDuplicateToken(
387  _In_ HANDLE ExistingTokenHandle,
393 
394 NTSYSAPI
395 NTSTATUS
396 NTAPI
398  _In_ HANDLE Thread);
399 
400 NTSYSAPI
401 NTSTATUS
402 NTAPI
404  _In_ PUNICODE_STRING SubsystemName,
405  _In_ PVOID HandleId,
409  _In_ HANDLE ClientToken,
413  _In_ BOOLEAN ObjectCreation,
416 
418 NTSYSAPI
419 NTSTATUS
420 NTAPI
425 
426 NTSYSAPI
427 NTSTATUS
428 NTAPI
434 
435 NTSYSAPI
436 NTSTATUS
437 NTAPI
439  _In_ HANDLE ClientToken,
440  _In_ PPRIVILEGE_SET RequiredPrivileges,
442 
443 NTSYSAPI
444 NTSTATUS
445 NTAPI
447  _In_ PUNICODE_STRING SubsystemName,
449  _In_ HANDLE ClientToken,
452 
453 NTSYSAPI
454 NTSTATUS
455 NTAPI
457  _In_ PUNICODE_STRING SubsystemName,
458  _In_ PVOID HandleId,
459  _In_ HANDLE ClientToken,
463 
465 NTSYSAPI
466 NTSTATUS
467 NTAPI
468 ZwQueryInformationToken(
474 
475 NTSYSAPI
476 NTSTATUS
477 NTAPI
481  _Out_ PVOID TokenInformation,
483 
484 #endif
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
* PNTSTATUS
Definition: strlen.c:14
NTSYSAPI NTSTATUS NTAPI ZwAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_ PPRIVILEGE_SET PrivilegeSet, _Out_ PULONG ReturnLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:429
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define _In_range_(lb, ub)
Definition: ms_sal.h:571
#define _In_opt_
Definition: ms_sal.h:309
#define _Inout_
Definition: ms_sal.h:378
#define _Out_
Definition: ms_sal.h:345
#define _At_(target, annos)
Definition: ms_sal.h:244
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: sefuncs.h:299
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
unsigned char * PUCHAR
Definition: retypes.h:3
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessTokenEx(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
NTKERNELAPI VOID NTAPI SeDeleteAccessState(_In_ PACCESS_STATE AccessState)
Deletes an allocated access state from the memory.
Definition: access.c:668
#define NTSYSCALLAPI
Definition: ntbasedef.h:204
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
#define NTSYSAPI
Definition: ntoskrnl.h:14
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING GenericMapping
Definition: sefuncs.h:13
NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Creates an access token.
Definition: token.c:5224
NTSYSAPI NTSTATUS NTAPI ZwAllocateUuids(_Out_ PULARGE_INTEGER Time, _Out_ PULONG Range, _Out_ PULONG Sequence, _Out_ PUCHAR Seed)
NTKERNELAPI SECURITY_IMPERSONATION_LEVEL NTAPI SeTokenImpersonationLevel(_In_ PACCESS_TOKEN Token)
Gathers the security impersonation level of an access token.
Definition: token.c:2734
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:388
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
NTSYSCALLAPI NTSTATUS NTAPI NtCompareTokens(_In_ HANDLE FirstTokenHandle, _In_ HANDLE SecondTokenHandle, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal or not.
Definition: token.c:5754
_Must_inspect_result_ NTSYSAPI NTSTATUS NTAPI ZwAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
_In_reads_bytes_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor)
NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_ PPRIVILEGE_SET PrivilegeSet, _Out_ PULONG ReturnLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
NTSYSAPI NTSTATUS NTAPI ZwOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ULONG DesiredAccess, _In_ ULONG GrantedAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
NTSYSAPI NTSTATUS NTAPI ZwSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_ PVOID TokenInformation, _In_ ULONG TokenInformationLength)
NTSTATUS NTAPI NtAccessCheckByType(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access could be granted or not on an object by the requestor who wants su...
Definition: accesschk.c:998
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessTokenEx(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
unsigned char BOOLEAN
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: token.c:2972
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
Definition: sefuncs.h:388
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
#define _In_
Definition: ms_sal.h:308
#define NTKERNELAPI
NTSYSCALLAPI NTSTATUS NTAPI NtAllocateUuids(_Out_ PULARGE_INTEGER Time, _Out_ PULONG Range, _Out_ PULONG Sequence, _Out_ PUCHAR Seed)
_When_(TokenInformationClass==TokenAccessInformation, _At_(TokenInformationLength, _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION)))) _Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle
NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: token.c:4133
NTSYSCALLAPI NTSTATUS NTAPI NtAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
_In_ ACCESS_MASK _Out_ PHANDLE TokenHandle
Definition: sefuncs.h:423
LPTSTR ServiceName
Definition: ServiceMain.c:15
#define __kernel_entry
Definition: specstrings.h:355
INT POOL_TYPE
Definition: typedefs.h:78
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2652
NTKERNELAPI NTSTATUS NTAPI SeCreateAccessState(_In_ PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
NTSYSAPI NTSTATUS NTAPI ZwPrivilegedServiceAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_opt_ PTOKEN_GROUPS NewState, _In_opt_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
char * PBOOLEAN
Definition: retypes.h:11
_IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwDuplicateToken(_In_ HANDLE ExistingTokenHandle
Queries information details about a security descriptor.
Definition: Messaging.c:64
_In_ TOKEN_INFORMATION_CLASS _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
NTSYSAPI NTSTATUS NTAPI ZwPrivilegeObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ ULONG DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
NTKERNELAPI NTSTATUS NTAPI SeReleaseSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ BOOLEAN CaptureIfKernelMode)
Releases a captured security descriptor buffer.
Definition: sd.c:760
NTKERNELAPI NTSTATUS NTAPI SeCaptureSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR OriginalSecurityDescriptor, _In_ KPROCESSOR_MODE CurrentMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
Captures a security descriptor.
Definition: sd.c:386
NTSYSAPI NTSTATUS NTAPI ZwPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _In_ PBOOLEAN Result)
Definition: range.c:39
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
#define _Must_inspect_result_
Definition: ms_sal.h:558
enum _TOKEN_TYPE TOKEN_TYPE
NTSYSAPI NTSTATUS NTAPI ZwAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_opt_ PTOKEN_GROUPS PreviousState, _Out_ PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI ZwImpersonateAnonymousToken(_In_ HANDLE Thread)
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _Inout_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: token.c:3574
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG _Out_ PULONG ReturnLength
Definition: sefuncs.h:299
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
NTSTATUS NTAPI NtAccessCheckByTypeResultList(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access could be granted or not on an object by the requestor who wants su...
Definition: accesschk.c:1060
#define _Out_opt_
Definition: ms_sal.h:346
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2226
unsigned int * PULONG
Definition: retypes.h:1
#define NULL
Definition: types.h:112
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when an object is about to be opened.
Definition: audit.c:1723
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
unsigned int ULONG
Definition: retypes.h:1
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:388
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
NTSYSAPI NTSTATUS NTAPI ZwCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
ULONG ACCESS_MASK
Definition: nt_native.h:40
static PLARGE_INTEGER Time
Definition: time.c:105
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: sefuncs.h:297
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:388
NTSYSCALLAPI NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:5904