ReactOS  0.4.13-dev-100-gc8611ae
semgr.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS kernel
4  * FILE: ntoskrnl/se/semgr.c
5  * PURPOSE: Security manager
6  *
7  * PROGRAMMERS: No programmer listed.
8  */
9 
10 /* INCLUDES *******************************************************************/
11 
12 #include <ntoskrnl.h>
13 #define NDEBUG
14 #include <debug.h>
15 
16 /* GLOBALS ********************************************************************/
17 
21 
24 
25 /* PRIVATE FUNCTIONS **********************************************************/
26 
27 static
28 INIT_FUNCTION
29 BOOLEAN
31 {
55 
80 
87 
89  return TRUE;
90 }
91 
92 
93 INIT_FUNCTION
94 BOOLEAN
95 NTAPI
97 {
98  PAGED_CODE();
99 
100  if (!ExLuidInitialization()) return FALSE;
101  if (!SepInitSecurityIDs()) return FALSE;
102  if (!SepInitDACLs()) return FALSE;
103  if (!SepInitSDs()) return FALSE;
105  if (!SepInitExports()) return FALSE;
106 
107  /* Initialize the subject context lock */
109 
110  /* Initialize token objects */
112 
113  /* Initialize logon sessions */
114  if (!SeRmInitPhase0()) return FALSE;
115 
116  /* Clear impersonation info for the idle thread */
117  PsGetCurrentThread()->ImpersonationInfo = NULL;
120 
121  /* Initialize the boot token */
125  return TRUE;
126 }
127 
128 INIT_FUNCTION
129 BOOLEAN
130 NTAPI
132 {
135  HANDLE SecurityHandle;
139  PACL Dacl;
140  ULONG DaclLength;
141 
142  PAGED_CODE();
143 
144  /* Insert the system token into the tree */
146  ~MAX_FAST_REFS),
147  NULL,
148  0,
149  0,
150  NULL,
151  NULL);
153 
154  /* Create a security descriptor for the directory */
156 
157  /* Setup the ACL */
158  DaclLength = sizeof(ACL) + 3 * sizeof(ACCESS_ALLOWED_ACE) +
163  if (Dacl == NULL)
164  {
165  return FALSE;
166  }
167 
168  Status = RtlCreateAcl(Dacl, DaclLength, ACL_REVISION);
170 
171  /* Grant full access to SYSTEM */
173  ACL_REVISION,
177 
178  /* Allow admins to traverse and query */
180  ACL_REVISION,
184 
185  /* Allow anyone to traverse */
187  ACL_REVISION,
189  SeWorldSid);
191 
192  /* And link ACL and SD */
195 
196  /* Create '\Security' directory */
197  RtlInitUnicodeString(&Name, L"\\Security");
199  &Name,
201  0,
203 
204  Status = ZwCreateDirectoryObject(&SecurityHandle,
208 
209  /* Free the DACL */
211 
212  /* Create 'LSA_AUTHENTICATION_INITIALIZED' event */
213  RtlInitUnicodeString(&Name, L"LSA_AUTHENTICATION_INITIALIZED");
215  &Name,
217  SecurityHandle,
219 
220  Status = ZwCreateEvent(&EventHandle,
224  FALSE);
226 
229 
230  Status = ZwClose(SecurityHandle);
232 
233  return TRUE;
234 }
235 
236 INIT_FUNCTION
237 BOOLEAN
238 NTAPI
240 {
241  /* Check the initialization phase */
242  switch (ExpInitializationPhase)
243  {
244  case 0:
245 
246  /* Do Phase 0 */
247  return SepInitializationPhase0();
248 
249  case 1:
250 
251  /* Do Phase 1 */
252  return SepInitializationPhase1();
253 
254  default:
255 
256  /* Don't know any other phase! Bugcheck! */
257  KeBugCheckEx(UNEXPECTED_INITIALIZATION_CALL,
258  0,
260  0,
261  0);
262  return FALSE;
263  }
264 }
265 
266 NTSTATUS
267 NTAPI
269  IN SECURITY_OPERATION_CODE OperationType,
273  IN OUT PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
276 {
277  PAGED_CODE();
278 
279  /* Select the operation type */
280  switch (OperationType)
281  {
282  /* Setting a new descriptor */
283  case SetSecurityDescriptor:
284 
285  /* Sanity check */
287 
288  /* Set the information */
292  OldSecurityDescriptor,
293  PoolType,
295 
296  case QuerySecurityDescriptor:
297 
298  /* Query the information */
302  ReturnLength,
303  OldSecurityDescriptor);
304 
305  case DeleteSecurityDescriptor:
306 
307  /* De-assign it */
308  return ObDeassignSecurity(OldSecurityDescriptor);
309 
310  case AssignSecurityDescriptor:
311 
312  /* Assign it */
314  return STATUS_SUCCESS;
315 
316  default:
317 
318  /* Bug check */
319  KeBugCheckEx(SECURITY_SYSTEM, 0, STATUS_INVALID_PARAMETER, 0, 0);
320  }
321 
322  /* Should never reach here */
323  ASSERT(FALSE);
324  return STATUS_SUCCESS;
325 }
326 
327 VOID
328 NTAPI
331 {
332  *DesiredAccess = 0;
333 
336  {
338  }
339 
341  {
343  }
344 }
345 
346 VOID
347 NTAPI
350 {
351  *DesiredAccess = 0;
352 
354  {
356  }
357 
359  {
361  }
362 
364  {
366  }
367 }
368 
369 NTSTATUS
370 NTAPI
372  _In_ ULONG Flags,
374  _In_opt_ PSID UserSid,
375  _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
376 {
378  PTOKEN EffectiveToken;
379  PISID Sid;
381 
382  /* Validate parameters */
383  if ((Flags != 0) ||
384  (SourceName == NULL) ||
385  (SourceName->Buffer == NULL) ||
386  (SourceName->Length == 0) ||
387  (AuditParameters == NULL) ||
388  (AuditParameters->ParameterCount > SE_MAX_AUDIT_PARAMETERS - 4))
389  {
391  }
392 
393  /* Validate the source name */
395  if (!NT_SUCCESS(Status))
396  {
397  return Status;
398  }
399 
400  /* Check if we have a user SID */
401  if (UserSid != NULL)
402  {
403  /* Validate it */
404  if (!RtlValidSid(UserSid))
405  {
407  }
408 
409  /* Use the user SID */
410  Sid = UserSid;
411  }
412  else
413  {
414  /* No user SID, capture the security subject context */
416 
417  /* Extract the effective token */
418  EffectiveToken = SubjectContext.ClientToken ?
419  SubjectContext.ClientToken : SubjectContext.PrimaryToken;
420 
421  /* Use the user-and-groups SID */
422  Sid = EffectiveToken->UserAndGroups->Sid;
423  }
424 
426 
427  /* Check if we captured the subject context */
428  if (Sid != UserSid)
429  {
430  /* Release it */
432  }
433 
434  /* Return success */
435  return STATUS_SUCCESS;
436 }
437 
438 _Const_
439 NTSTATUS
440 NTAPI
442  _Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
445  _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE")) PVOID Data)
446 {
448  return STATUS_SUCCESS;
449 }
450 
451 /* EOF */
PSID SeAliasBackupOpsSid
Definition: setypes.h:1182
INIT_FUNCTION BOOLEAN NTAPI SepInitSDs(VOID)
Definition: sd.c:34
PSID SeAliasAdminsSid
Definition: setypes.h:1175
const LUID SeSystemEnvironmentPrivilege
Definition: priv.c:43
enum _SE_ADT_PARAMETER_TYPE SE_ADT_PARAMETER_TYPE
const LUID SeRemoteShutdownPrivilege
Definition: priv.c:45
VOID NTAPI SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:301
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
LUID SeEnableDelegationPrivilege
Definition: setypes.h:1188
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
#define IN
Definition: typedefs.h:38
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
INIT_FUNCTION BOOLEAN NTAPI SeInitSystem(VOID)
Definition: semgr.c:239
VOID NTAPI SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
Definition: access.c:360
LUID SeShutdownPrivilege
Definition: setypes.h:1158
#define TRUE
Definition: types.h:120
LUID SeManageVolumePrivilege
Definition: setypes.h:1191
#define ExInitializeResource
Definition: exfuncs.h:346
const LUID SeSystemtimePrivilege
Definition: priv.c:33
Type
Definition: Type.h:6
const LUID SeIncreaseQuotaPrivilege
Definition: priv.c:26
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define PspClearCrossThreadFlag(Thread, Flag)
Definition: ps_x.h:27
PTOKEN NTAPI SepCreateSystemProcessToken(VOID)
Definition: token.c:1145
const LUID SeCreateTokenPrivilege
Definition: priv.c:23
#define SE_MAX_AUDIT_PARAMETERS
Definition: setypes.h:228
const LUID SeCreatePermanentPrivilege
Definition: priv.c:37
const LUID SeDebugPrivilege
Definition: priv.c:41
const LUID SeBackupPrivilege
Definition: priv.c:38
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
INIT_FUNCTION BOOLEAN NTAPI SepInitDACLs(VOID)
Definition: acl.c:34
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
LUID SeDebugPrivilege
Definition: setypes.h:1159
PSID SeAuthenticatedUsersSid
Definition: setypes.h:1183
LUID SeChangeNotifyPrivilege
Definition: setypes.h:1162
LUID SeLockMemoryPrivilege
Definition: setypes.h:1143
#define _In_reads_(size)
Definition: no_sal2.h:228
LONG NTSTATUS
Definition: precomp.h:26
const LUID SeEnableDelegationPrivilege
Definition: priv.c:48
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
PSID SeAliasBackupOpsSid
Definition: sid.c:54
PSID SeAnonymousLogonSid
Definition: setypes.h:1185
#define _Const_
Definition: no_sal2.h:18
#define OBJ_PERMANENT
Definition: winternl.h:226
PSID SeAliasGuestsSid
Definition: setypes.h:1177
PSID SeRestrictedSid
Definition: sid.c:56
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
VOID NTAPI SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
Definition: semgr.c:329
const LUID SeAssignPrimaryTokenPrivilege
Definition: priv.c:24
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
const LUID SeSystemProfilePrivilege
Definition: priv.c:32
#define WRITE_OWNER
Definition: nt_native.h:60
PSID SeAuthenticatedUsersSid
Definition: sid.c:55
BOOLEAN INIT_FUNCTION NTAPI ExLuidInitialization(VOID)
Definition: uuid.c:330
PSID SeAliasPrintOpsSid
Definition: sid.c:53
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
PSID SeAliasAccountOpsSid
Definition: sid.c:51
#define PAGED_CODE()
Definition: video.h:57
const LUID SeSyncAgentPrivilege
Definition: priv.c:47
#define _In_opt_
Definition: no_sal2.h:213
LUID SeUnsolicitedInputPrivilege
Definition: setypes.h:1145
PSID SeAliasSystemOpsSid
Definition: setypes.h:1180
LUID SeSecurityPrivilege
Definition: setypes.h:1147
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
PSID SeBatchSid
Definition: setypes.h:1172
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
SE_EXPORTS SepExports
Definition: semgr.c:19
PSECURITY_DESCRIPTOR SePublicDefaultSd
Definition: sd.c:22
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
PSID SeNullSid
Definition: setypes.h:1164
PSE_EXPORTS SeExports
Definition: semgr.c:18
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
PSID SeCreatorGroupSid
Definition: sid.c:34
PSID SeNtAuthoritySid
Definition: sid.c:37
#define GENERIC_WRITE
Definition: nt_native.h:90
LUID SeLoadDriverPrivilege
Definition: setypes.h:1149
LUID SeUndockPrivilege
Definition: setypes.h:1186
struct NameRec_ * Name
Definition: cdprocs.h:464
#define PsGetCurrentProcess
Definition: psfuncs.h:17
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
INIT_FUNCTION BOOLEAN NTAPI SepInitSecurityIDs(VOID)
Definition: sid.c:100
NTSTATUS NTAPI ObSetSecurityDescriptorInfo(IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
Definition: obsecure.c:117
unsigned char BOOLEAN
PSID SeNetworkServiceSid
Definition: sid.c:59
PSID SeNetworkServiceSid
Definition: setypes.h:1190
struct _ACL ACL
smooth NULL
Definition: ftsmooth.c:416
const LUID SeLoadDriverPrivilege
Definition: priv.c:31
const LUID SeManageVolumePrivilege
Definition: priv.c:49
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
const LUID SeTakeOwnershipPrivilege
Definition: priv.c:30
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
PSID SeAliasPowerUsersSid
Definition: setypes.h:1178
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1339
LUID SeSystemEnvironmentPrivilege
Definition: setypes.h:1161
LUID SeProfileSingleProcessPrivilege
Definition: setypes.h:1154
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PSID SeDialupSid
Definition: setypes.h:1170
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
PSID SeAliasUsersSid
Definition: sid.c:48
PSID SeNetworkSid
Definition: setypes.h:1171
#define DIRECTORY_TRAVERSE
Definition: nt_native.h:1255
INIT_FUNCTION BOOLEAN NTAPI SepInitializationPhase1(VOID)
Definition: semgr.c:131
#define TAG_SE
Definition: tag.h:173
PSID SeAliasAccountOpsSid
Definition: setypes.h:1179
ULONG ExpInitializationPhase
Definition: init.c:65
LUID SeTcbPrivilege
Definition: setypes.h:1146
const LUID SeCreatePagefilePrivilege
Definition: priv.c:36
LUID SeImpersonatePrivilege
Definition: setypes.h:1192
LUID SeRemoteShutdownPrivilege
Definition: setypes.h:1163
const LUID SeRestorePrivilege
Definition: priv.c:39
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
DWORD * PSECURITY_INFORMATION
Definition: ms-dtyp.idl:311
INT POOL_TYPE
Definition: typedefs.h:76
NTSTATUS NTAPI SeDefaultObjectMethod(IN PVOID Object, IN SECURITY_OPERATION_CODE OperationType, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG ReturnLength OPTIONAL, IN OUT PSECURITY_DESCRIPTOR *OldSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
Definition: semgr.c:268
LUID SeCreatePermanentPrivilege
Definition: setypes.h:1155
static const UCHAR Index[8]
Definition: usbohci.c:18
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
#define WRITE_DAC
Definition: nt_native.h:59
PSID SeLocalServiceSid
Definition: sid.c:58
#define _Inout_
Definition: no_sal2.h:244
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
VOID FASTCALL ObInitializeFastReference(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:109
INIT_FUNCTION BOOLEAN NTAPI SepInitializationPhase0(VOID)
Definition: semgr.c:96
static IUnknown Object
Definition: main.c:512
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
static const LUID SeCreateGlobalPrivilege
Definition: authpackage.c:168
#define READ_CONTROL
Definition: nt_native.h:58
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
VOID NTAPI SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
Definition: semgr.c:348
BOOLEAN NTAPI SeRmInitPhase0(VOID)
Definition: srm.c:146
PSID SeAliasAdminsSid
Definition: sid.c:47
static const WCHAR L[]
Definition: oid.c:1250
PSID SeLocalServiceSid
Definition: setypes.h:1189
PSID SeCreatorOwnerSid
Definition: sid.c:33
NTSTATUS NTAPI ObQuerySecurityDescriptorInfo(IN PVOID Object, IN PSECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG Length, IN PSECURITY_DESCRIPTOR *OutputSecurityDescriptor)
Definition: obsecure.c:85
ULONG SidInTokenCalls
Definition: semgr.c:20
const LUID SeLockMemoryPrivilege
Definition: priv.c:25
const LUID SeProfileSingleProcessPrivilege
Definition: priv.c:34
PSID SeWorldSid
Definition: sid.c:31
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:35
NTSTATUS NTAPI SeReportSecurityEvent(_In_ ULONG Flags, _In_ PUNICODE_STRING SourceName, _In_opt_ PSID UserSid, _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters)
Definition: semgr.c:371
PSID SeLocalSid
Definition: sid.c:32
PSID SeAliasGuestsSid
Definition: sid.c:49
Status
Definition: gdiplustypes.h:24
const LUID SeTcbPrivilege
Definition: priv.c:28
NTSTATUS NTAPI ObDeassignSecurity(IN OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
Definition: obsecure.c:60
#define _In_
Definition: no_sal2.h:204
LUID SeCreateGlobalPrivilege
Definition: setypes.h:1193
LUID SeBackupPrivilege
Definition: setypes.h:1156
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
LUID SeIncreaseBasePriorityPrivilege
Definition: setypes.h:1151
PSID SeAliasUsersSid
Definition: setypes.h:1176
const LUID SeShutdownPrivilege
Definition: priv.c:40
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2932
PSID SeAliasPowerUsersSid
Definition: sid.c:50
LUID SeSystemtimePrivilege
Definition: setypes.h:1153
PSID SeDialupSid
Definition: sid.c:38
PSID SeCreatorOwnerSid
Definition: setypes.h:1167
PSID SeAliasSystemOpsSid
Definition: sid.c:52
#define DIRECTORY_ALL_ACCESS
Definition: nt_native.h:1259
LUID SeSyncAgentPrivilege
Definition: setypes.h:1187
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
unsigned int * PULONG
Definition: retypes.h:1
WCHAR SourceName[256]
Definition: arping.c:28
NTSTATUS NTAPI ObAssignObjectSecurityDescriptor(IN PVOID Object, IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, IN POOL_TYPE PoolType)
Definition: obsecure.c:20
const LUID SeSecurityPrivilege
Definition: priv.c:29
INIT_FUNCTION VOID NTAPI SepInitPrivileges(VOID)
Definition: priv.c:64
PSID SeNtAuthoritySid
Definition: setypes.h:1169
#define ACL_REVISION
Definition: setypes.h:39
#define CT_ACTIVE_IMPERSONATION_INFO_BIT
Definition: pstypes.h:225
LUID SeAuditPrivilege
Definition: setypes.h:1160
PSID SeLocalSystemSid
Definition: sid.c:44
PSID SeRestrictedSid
Definition: setypes.h:1184
#define OUT
Definition: typedefs.h:39
ULONG ERESOURCE
Definition: env_spec_w32.h:594
PSID SeNetworkSid
Definition: sid.c:39
unsigned int ULONG
Definition: retypes.h:1
_Const_ NTSTATUS NTAPI SeSetAuditParameter(_Inout_ PSE_ADT_PARAMETER_ARRAY AuditParameters, _In_ SE_ADT_PARAMETER_TYPE Type, _In_range_(<, SE_MAX_AUDIT_PARAMETERS) ULONG Index, _In_reads_(_Inexpressible_("depends on SE_ADT_PARAMETER_TYPE")) PVOID Data)
Definition: semgr.c:441
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define DIRECTORY_QUERY
Definition: nt_native.h:1254
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNIMPLEMENTED
Definition: debug.h:114
INIT_FUNCTION VOID NTAPI SepInitializeTokenImplementation(VOID)
Definition: token.c:836
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:169
const LUID SeUnsolicitedInputPrivilege
Definition: priv.c:27
#define MAX_FAST_REFS
Definition: ex.h:128
LUID SeIncreaseQuotaPrivilege
Definition: setypes.h:1144
LUID SeTakeOwnershipPrivilege
Definition: setypes.h:1148
PSID SeInteractiveSid
Definition: sid.c:41
PSID SeBatchSid
Definition: sid.c:40
PSID SeAnonymousLogonSid
Definition: se.h:145
LUID SeAssignPrimaryTokenPrivilege
Definition: setypes.h:1142
PSID SeWorldSid
Definition: setypes.h:1165
LUID SeRestorePrivilege
Definition: setypes.h:1157
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
PSID SeLocalSid
Definition: setypes.h:1166
const LUID SeUndockPrivilege
Definition: priv.c:46
#define _In_range_(lb, ub)
Definition: no_sal2.h:227
return STATUS_SUCCESS
Definition: btrfs.c:2725
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE _In_ SIZE_T _In_ POOL_TYPE PoolType
Definition: fltkernel.h:1444
ERESOURCE SepSubjectContextLock
Definition: access.c:19
PSID SeCreatorGroupSid
Definition: setypes.h:1168
PSID SeNullSid
Definition: sid.c:30
const LUID SeAuditPrivilege
Definition: priv.c:42
LUID SeSystemProfilePrivilege
Definition: setypes.h:1152
LUID SeCreatePagefilePrivilege
Definition: setypes.h:1150
SECURITY_OPERATION_CODE
Definition: setypes.h:142
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:107
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
static INIT_FUNCTION BOOLEAN SepInitExports(VOID)
Definition: semgr.c:30
PSID SeAliasPrintOpsSid
Definition: setypes.h:1181
PSID SeLocalSystemSid
Definition: setypes.h:1174
static const LUID SeImpersonatePrivilege
Definition: authpackage.c:169
PSID SeInteractiveSid
Definition: setypes.h:1173
LUID SeCreateTokenPrivilege
Definition: setypes.h:1141
_Out_ PHANDLE EventHandle
Definition: iofuncs.h:855
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68