ReactOS  0.4.15-dev-499-g1f31905
audit.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS system libraries
4  * FILE: lib/advapi32/sec/audit.c
5  * PURPOSE: Audit functions
6  * PROGRAMMER: Eric Kohl
7  * UPDATE HISTORY:
8  * Created 07/19/2003
9  */
10 
11 /* INCLUDES *****************************************************************/
12 
13 #include <advapi32.h>
15 
16 /* FUNCTIONS ****************************************************************/
17 
18 /*
19  * @implemented
20  */
23  LPVOID HandleId,
29  BOOL ObjectCreation,
32  LPBOOL pfGenerateOnClose)
33 {
34  UNICODE_STRING SubsystemNameU;
35  UNICODE_STRING ObjectTypeNameU;
36  UNICODE_STRING ObjectNameU;
37  NTSTATUS LocalAccessStatus;
40 
41  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
42  (PCHAR)SubsystemName);
43  RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
46  (PCHAR)ObjectName);
47 
48  Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
49  HandleId,
50  &ObjectTypeNameU,
51  &ObjectNameU,
55  ObjectCreation,
57  &LocalAccessStatus,
59  RtlFreeUnicodeString(&SubsystemNameU);
60  RtlFreeUnicodeString(&ObjectTypeNameU);
61  RtlFreeUnicodeString(&ObjectNameU);
62 
63  *pfGenerateOnClose = (BOOL)GenerateOnClose;
64 
65  if (!NT_SUCCESS(Status))
66  {
68  return FALSE;
69  }
70 
71  if (!NT_SUCCESS (LocalAccessStatus))
72  {
75  return FALSE;
76  }
77 
78  *AccessStatus = TRUE;
79 
80  return TRUE;
81 }
82 
83 
84 /*
85  * @implemented
86  */
89  LPVOID HandleId,
95  BOOL ObjectCreation,
98  LPBOOL pfGenerateOnClose)
99 {
100  UNICODE_STRING SubsystemNameU;
101  UNICODE_STRING ObjectTypeNameU;
102  UNICODE_STRING ObjectNameU;
103  NTSTATUS LocalAccessStatus;
106 
107  RtlInitUnicodeString(&SubsystemNameU,
108  (PWSTR)SubsystemName);
109  RtlInitUnicodeString(&ObjectTypeNameU,
111  RtlInitUnicodeString(&ObjectNameU,
112  (PWSTR)ObjectName);
113 
114  Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
115  HandleId,
116  &ObjectTypeNameU,
117  &ObjectNameU,
121  ObjectCreation,
123  &LocalAccessStatus,
124  &GenerateOnClose);
125 
126  *pfGenerateOnClose = (BOOL)GenerateOnClose;
127 
128  if (!NT_SUCCESS(Status))
129  {
131  return FALSE;
132  }
133 
134  if (!NT_SUCCESS(LocalAccessStatus))
135  {
136  *AccessStatus = FALSE;
138  return FALSE;
139  }
140 
141  *AccessStatus = TRUE;
142 
143  return TRUE;
144 }
145 
146 
147 /*
148  * @implemented
149  */
150 BOOL WINAPI
152  LPVOID HandleId,
154 {
157 
158  if (!RtlCreateUnicodeStringFromAsciiz(&Name, SubsystemName))
159  {
161  return FALSE;
162  }
163 
165  HandleId,
168  if (!NT_SUCCESS (Status))
169  {
171  return FALSE;
172  }
173 
174  return TRUE;
175 }
176 
177 
178 /*
179  * @implemented
180  */
181 BOOL WINAPI
183  LPVOID HandleId,
185 {
188 
190  (PWSTR)SubsystemName);
191 
193  HandleId,
195  if (!NT_SUCCESS(Status))
196  {
198  return FALSE;
199  }
200 
201  return TRUE;
202 }
203 
204 
205 /*
206  * @implemented
207  */
208 BOOL WINAPI
210  LPVOID HandleId,
212 {
215 
216  if (!RtlCreateUnicodeStringFromAsciiz(&Name, SubsystemName))
217  {
219  return FALSE;
220  }
221 
223  HandleId,
226  if (!NT_SUCCESS(Status))
227  {
229  return FALSE;
230  }
231 
232  return TRUE;
233 }
234 
235 
236 /*
237  * @implemented
238  */
239 BOOL WINAPI
241  LPVOID HandleId,
243 {
246 
248  (PWSTR)SubsystemName);
249 
251  HandleId,
253  if (!NT_SUCCESS(Status))
254  {
256  return FALSE;
257  }
258 
259  return TRUE;
260 }
261 
262 
263 /*
264  * @implemented
265  */
266 BOOL WINAPI
268  LPVOID HandleId,
271  PSECURITY_DESCRIPTOR pSecurityDescriptor,
272  HANDLE ClientToken,
276  BOOL ObjectCreation,
279 {
280  UNICODE_STRING SubsystemNameU;
281  UNICODE_STRING ObjectTypeNameU;
282  UNICODE_STRING ObjectNameU;
284 
285  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
286  (PCHAR)SubsystemName);
287  RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
290  (PCHAR)ObjectName);
291 
292  Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
293  HandleId,
294  &ObjectTypeNameU,
295  &ObjectNameU,
296  pSecurityDescriptor,
297  ClientToken,
300  Privileges,
301  ObjectCreation,
304  RtlFreeUnicodeString(&SubsystemNameU);
305  RtlFreeUnicodeString(&ObjectTypeNameU);
306  RtlFreeUnicodeString(&ObjectNameU);
307  if (!NT_SUCCESS(Status))
308  {
310  return FALSE;
311  }
312 
313  return TRUE;
314 }
315 
316 
317 /*
318  * @implemented
319  */
320 BOOL WINAPI
322  LPVOID HandleId,
325  PSECURITY_DESCRIPTOR pSecurityDescriptor,
326  HANDLE ClientToken,
330  BOOL ObjectCreation,
333 {
334  UNICODE_STRING SubsystemNameU;
335  UNICODE_STRING ObjectTypeNameU;
336  UNICODE_STRING ObjectNameU;
338 
339  RtlInitUnicodeString(&SubsystemNameU,
340  (PWSTR)SubsystemName);
341  RtlInitUnicodeString(&ObjectTypeNameU,
343  RtlInitUnicodeString(&ObjectNameU,
344  (PWSTR)ObjectName);
345 
346  Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
347  HandleId,
348  &ObjectTypeNameU,
349  &ObjectNameU,
350  pSecurityDescriptor,
351  ClientToken,
354  Privileges,
355  ObjectCreation,
358  if (!NT_SUCCESS(Status))
359  {
361  return FALSE;
362  }
363 
364  return TRUE;
365 }
366 
367 
368 /*
369  * @implemented
370  */
371 BOOL WINAPI
373  LPVOID HandleId,
374  HANDLE ClientToken,
378 {
379  UNICODE_STRING SubsystemNameU;
381 
382  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
383  (PCHAR)SubsystemName);
384 
385  Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
386  HandleId,
387  ClientToken,
389  Privileges,
390  AccessGranted);
391  RtlFreeUnicodeString (&SubsystemNameU);
392  if (!NT_SUCCESS(Status))
393  {
395  return FALSE;
396  }
397 
398  return TRUE;
399 }
400 
401 
402 /*
403  * @implemented
404  */
405 BOOL WINAPI
407  LPVOID HandleId,
408  HANDLE ClientToken,
412 {
413  UNICODE_STRING SubsystemNameU;
415 
416  RtlInitUnicodeString(&SubsystemNameU,
417  (PWSTR)SubsystemName);
418 
419  Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
420  HandleId,
421  ClientToken,
423  Privileges,
424  AccessGranted);
425  if (!NT_SUCCESS(Status))
426  {
428  return FALSE;
429  }
430 
431  return TRUE;
432 }
433 
434 
435 /*
436  * @implemented
437  */
438 BOOL WINAPI
441  HANDLE ClientToken,
444 {
445  UNICODE_STRING SubsystemNameU;
446  UNICODE_STRING ServiceNameU;
448 
449  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
450  (PCHAR)SubsystemName);
451  RtlCreateUnicodeStringFromAsciiz(&ServiceNameU,
452  (PCHAR)ServiceName);
453 
454  Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
455  &ServiceNameU,
456  ClientToken,
457  Privileges,
458  AccessGranted);
459  RtlFreeUnicodeString(&SubsystemNameU);
460  RtlFreeUnicodeString(&ServiceNameU);
461  if (!NT_SUCCESS(Status))
462  {
464  return FALSE;
465  }
466 
467  return TRUE;
468 }
469 
470 
471 /*
472  * @implemented
473  */
474 BOOL WINAPI
477  HANDLE ClientToken,
480 {
481  UNICODE_STRING SubsystemNameU;
482  UNICODE_STRING ServiceNameU;
484 
485  RtlInitUnicodeString(&SubsystemNameU,
486  (PWSTR)SubsystemName);
487  RtlInitUnicodeString(&ServiceNameU,
488  (PWSTR)ServiceName);
489 
490  Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
491  &ServiceNameU,
492  ClientToken,
493  Privileges,
494  AccessGranted);
495  if (!NT_SUCCESS(Status))
496  {
498  return FALSE;
499  }
500 
501  return TRUE;
502 }
503 
504 
505 /*
506  * @unimplemented
507  */
508 BOOL WINAPI
510  IN LPVOID HandleId,
511  IN HANDLE ClientToken,
514  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
515  IN PSID PrincipalSelfSid,
517  IN AUDIT_EVENT_TYPE AuditType,
518  IN DWORD Flags,
519  IN POBJECT_TYPE_LIST ObjectTypeList,
520  IN DWORD ObjectTypeListLength,
522  IN BOOL ObjectCreation,
524  OUT LPDWORD AccessStatusList,
525  OUT LPBOOL pfGenerateOnClose)
526 {
527  FIXME("%s() not implemented!\n", __FUNCTION__);
529  return FALSE;
530 }
531 
532 
533 /*
534  * @unimplemented
535  */
536 BOOL WINAPI
538  IN LPVOID HandleId,
539  IN HANDLE ClientToken,
542  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
543  IN PSID PrincipalSelfSid,
545  IN AUDIT_EVENT_TYPE AuditType,
546  IN DWORD Flags,
547  IN POBJECT_TYPE_LIST ObjectTypeList,
548  IN DWORD ObjectTypeListLength,
550  IN BOOL ObjectCreation,
552  OUT LPDWORD AccessStatusList,
553  OUT LPBOOL pfGenerateOnClose)
554 {
555  FIXME("%s() not implemented!\n", __FUNCTION__);
557  return FALSE;
558 }
559 
560 
561 /*
562  * @unimplemented
563  */
564 BOOL WINAPI
566  IN LPVOID HandleId,
569  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
570  IN PSID PrincipalSelfSid,
572  IN AUDIT_EVENT_TYPE AuditType,
573  IN DWORD Flags,
574  IN POBJECT_TYPE_LIST ObjectTypeList,
575  IN DWORD ObjectTypeListLength,
577  IN BOOL ObjectCreation,
579  OUT LPDWORD AccessStatusList,
580  OUT LPBOOL pfGenerateOnClose)
581 {
582  FIXME("%s() not implemented!\n", __FUNCTION__);
584  return FALSE;
585 }
586 
587 
588 /*
589  * @unimplemented
590  */
591 BOOL WINAPI
593  IN LPVOID HandleId,
596  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
597  IN PSID PrincipalSelfSid,
599  IN AUDIT_EVENT_TYPE AuditType,
600  IN DWORD Flags,
601  IN POBJECT_TYPE_LIST ObjectTypeList,
602  IN DWORD ObjectTypeListLength,
604  IN BOOL ObjectCreation,
606  OUT LPDWORD AccessStatusList,
607  OUT LPBOOL pfGenerateOnClose)
608 {
609  FIXME("%s() not implemented!\n", __FUNCTION__);
611  return FALSE;
612 }
613 
614 
615 /*
616  * @unimplemented
617  */
618 BOOL WINAPI
620  IN LPVOID HandleId,
623  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
624  IN PSID PrincipalSelfSid,
626  IN AUDIT_EVENT_TYPE AuditType,
627  IN DWORD Flags,
628  IN POBJECT_TYPE_LIST ObjectTypeList,
629  IN DWORD ObjectTypeListLength,
631  IN BOOL ObjectCreation,
634  OUT LPBOOL pfGenerateOnClose)
635 {
636  FIXME("%s() not implemented!\n", __FUNCTION__);
638  return FALSE;
639 }
640 
641 
642 /*
643  * @unimplemented
644  */
645 BOOL WINAPI
647  IN LPVOID HandleId,
650  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
651  IN PSID PrincipalSelfSid,
653  IN AUDIT_EVENT_TYPE AuditType,
654  IN DWORD Flags,
655  IN POBJECT_TYPE_LIST ObjectTypeList,
656  IN DWORD ObjectTypeListLength,
658  IN BOOL ObjectCreation,
661  OUT LPBOOL pfGenerateOnClose)
662 {
663  FIXME("%s() not implemented!\n", __FUNCTION__);
665  return FALSE;
666 }
667 
668 /* EOF */
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
signed char * PCHAR
Definition: retypes.h:7
BOOL WINAPI ObjectDeleteAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
Definition: audit.c:209
#define IN
Definition: typedefs.h:39
#define TRUE
Definition: types.h:120
BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName, LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess, PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess, LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
Definition: audit.c:88
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
Definition: audit.c:151
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
uint16_t * PWSTR
Definition: typedefs.h:55
BOOL WINAPI AccessCheckByTypeAndAuditAlarmW(IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:619
BOOL WINAPI ObjectPrivilegeAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken, DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
Definition: audit.c:406
LONG NTSTATUS
Definition: precomp.h:26
BOOL WINAPI ObjectPrivilegeAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken, DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
Definition: audit.c:372
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted, LPBOOL GenerateOnClose)
Definition: audit.c:267
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
char * LPSTR
Definition: xmlstorage.h:182
#define BOOL
Definition: nt_native.h:43
NTSTATUS NTAPI NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN BOOLEAN GenerateOnClose)
Definition: audit.c:957
BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName, LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted, LPBOOL GenerateOnClose)
Definition: audit.c:321
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
enum _AUDIT_EVENT_TYPE AUDIT_EVENT_TYPE
unsigned int BOOL
Definition: ntddk_ex.h:94
#define FIXME(fmt,...)
Definition: debug.h:111
struct NameRec_ * Name
Definition: cdprocs.h:459
unsigned char BOOLEAN
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
const char * LPCSTR
Definition: xmlstorage.h:183
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmW(IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:565
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1406
__kernel_entry NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING SubsystemName, _In_opt_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientTokenHandle, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
Definition: audit.c:1232
LPTSTR ServiceName
Definition: ServiceMain.c:15
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define WINAPI
Definition: msvc.h:6
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
BOOL WINAPI PrivilegedServiceAuditAlarmA(LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
Definition: audit.c:439
unsigned long DWORD
Definition: ntddk_ex.h:95
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:418
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleA(IN LPCSTR SubsystemName, IN LPVOID HandleId, IN HANDLE ClientToken, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:537
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
BOOL WINAPI AccessCheckByTypeAndAuditAlarmA(IN LPCSTR SubsystemName, IN LPVOID HandleId, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:646
char * PBOOLEAN
Definition: retypes.h:11
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleW(IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN HANDLE ClientToken, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:509
BOOL WINAPI PrivilegedServiceAuditAlarmW(LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
Definition: audit.c:475
Status
Definition: gdiplustypes.h:24
__kernel_entry NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1001
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
Definition: audit.c:182
BOOL * LPBOOL
Definition: windef.h:162
NTSTATUS NTAPI NtCloseObjectAuditAlarm(PUNICODE_STRING SubsystemName, PVOID HandleId, BOOLEAN GenerateOnClose)
Definition: audit.c:859
WINE_DEFAULT_DEBUG_CHANNEL(advapi)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4137
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmA(IN LPCSTR SubsystemName, IN LPVOID HandleId, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
Definition: audit.c:592
#define OUT
Definition: typedefs.h:40
uint32_t * LPDWORD
Definition: typedefs.h:58
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess, PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess, LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
Definition: audit.c:22
WCHAR * LPWSTR
Definition: xmlstorage.h:184
BOOL WINAPI ObjectDeleteAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
Definition: audit.c:240
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN HANDLE ClientToken, IN ULONG DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted)
Definition: audit.c:1390
#define __FUNCTION__
Definition: types.h:112