22 Aug
2021
22 Aug
'21
9:08 a.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=8567d8145e54f944f5c5a…
commit 8567d8145e54f944f5c5a146d5ee878ae12cd1b3
Author: George Bișoc <george.bisoc(a)reactos.org>
AuthorDate: Fri Aug 20 11:48:19 2021 +0200
Commit: George Bișoc <george.bisoc(a)reactos.org>
CommitDate: Sun Aug 22 10:29:58 2021 +0200
[NTOS:SE] Annotate the remaining functions with SAL
---
ntoskrnl/include/internal/se.h | 262 +++++++++++++++++++----------------------
ntoskrnl/se/access.c | 124 ++++++++++---------
ntoskrnl/se/accesschk.c | 127 ++++++++++----------
ntoskrnl/se/acl.c | 18 +--
ntoskrnl/se/audit.c | 158 ++++++++++++++-----------
ntoskrnl/se/priv.c | 79 +++++++------
ntoskrnl/se/sd.c | 39 +++---
ntoskrnl/se/semgr.c | 33 +++---
ntoskrnl/se/sid.c | 18 +--
ntoskrnl/se/srm.c | 29 +++--
ntoskrnl/se/token.c | 149 +++++++++++++----------
sdk/include/ndk/sefuncs.h | 136 ++++++++-------------
12 files changed, 604 insertions(+), 568 deletions(-)
diff --git a/ntoskrnl/include/internal/se.h b/ntoskrnl/include/internal/se.h
index 98c1b9e1057..1f8dd8f8534 100644
--- a/ntoskrnl/include/internal/se.h
+++ b/ntoskrnl/include/internal/se.h
@@ -36,7 +36,8 @@ typedef struct _TOKEN_AUDIT_POLICY_INFORMATION
FORCEINLINE
PSID
-SepGetGroupFromDescriptor(PVOID _Descriptor)
+SepGetGroupFromDescriptor(
+ _Inout_ PVOID _Descriptor)
{
PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
PISECURITY_DESCRIPTOR_RELATIVE SdRel;
@@ -55,7 +56,8 @@ SepGetGroupFromDescriptor(PVOID _Descriptor)
FORCEINLINE
PSID
-SepGetOwnerFromDescriptor(PVOID _Descriptor)
+SepGetOwnerFromDescriptor(
+ _Inout_ PVOID _Descriptor)
{
PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
PISECURITY_DESCRIPTOR_RELATIVE SdRel;
@@ -74,7 +76,8 @@ SepGetOwnerFromDescriptor(PVOID _Descriptor)
FORCEINLINE
PACL
-SepGetDaclFromDescriptor(PVOID _Descriptor)
+SepGetDaclFromDescriptor(
+ _Inout_ PVOID _Descriptor)
{
PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
PISECURITY_DESCRIPTOR_RELATIVE SdRel;
@@ -95,7 +98,8 @@ SepGetDaclFromDescriptor(PVOID _Descriptor)
FORCEINLINE
PACL
-SepGetSaclFromDescriptor(PVOID _Descriptor)
+SepGetSaclFromDescriptor(
+ _Inout_ PVOID _Descriptor)
{
PISECURITY_DESCRIPTOR Descriptor = (PISECURITY_DESCRIPTOR)_Descriptor;
PISECURITY_DESCRIPTOR_RELATIVE SdRel;
@@ -236,27 +240,24 @@ extern PTOKEN SeAnonymousLogonTokenNoEveryone;
BOOLEAN
NTAPI
SepTokenIsOwner(
- IN PACCESS_TOKEN _Token,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN BOOLEAN TokenLocked
-);
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ BOOLEAN TokenLocked);
BOOLEAN
NTAPI
SepSidInToken(
- IN PACCESS_TOKEN _Token,
- IN PSID Sid
-);
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSID Sid);
BOOLEAN
NTAPI
SepSidInTokenEx(
- IN PACCESS_TOKEN _Token,
- IN PSID PrincipalSelfSid,
- IN PSID _Sid,
- IN BOOLEAN Deny,
- IN BOOLEAN Restricted
-);
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSID PrincipalSelfSid,
+ _In_ PSID _Sid,
+ _In_ BOOLEAN Deny,
+ _In_ BOOLEAN Restricted);
BOOLEAN
NTAPI
@@ -301,69 +302,62 @@ SeRmInitPhase1(VOID);
VOID
NTAPI
-SeDeassignPrimaryToken(struct _EPROCESS *Process);
+SeDeassignPrimaryToken(
+ _Inout_ PEPROCESS Process);
NTSTATUS
NTAPI
SeSubProcessToken(
- IN PTOKEN Parent,
- OUT PTOKEN *Token,
- IN BOOLEAN InUse,
- IN ULONG SessionId
-);
+ _In_ PTOKEN Parent,
+ _Out_ PTOKEN *Token,
+ _In_ BOOLEAN InUse,
+ _In_ ULONG SessionId);
NTSTATUS
NTAPI
SeInitializeProcessAuditName(
- IN PFILE_OBJECT FileObject,
- IN BOOLEAN DoAudit,
- OUT POBJECT_NAME_INFORMATION *AuditInfo
-);
+ _In_ PFILE_OBJECT FileObject,
+ _In_ BOOLEAN DoAudit,
+ _Out_ POBJECT_NAME_INFORMATION *AuditInfo);
NTSTATUS
NTAPI
SeCreateAccessStateEx(
- IN PETHREAD Thread,
- IN PEPROCESS Process,
- IN OUT PACCESS_STATE AccessState,
- IN PAUX_ACCESS_DATA AuxData,
- IN ACCESS_MASK Access,
- IN PGENERIC_MAPPING GenericMapping
-);
+ _In_ PETHREAD Thread,
+ _In_ PEPROCESS Process,
+ _In_ OUT PACCESS_STATE AccessState,
+ _In_ PAUX_ACCESS_DATA AuxData,
+ _In_ ACCESS_MASK Access,
+ _In_ PGENERIC_MAPPING GenericMapping);
NTSTATUS
NTAPI
SeIsTokenChild(
- IN PTOKEN Token,
- OUT PBOOLEAN IsChild
-);
+ _In_ PTOKEN Token,
+ _Out_ PBOOLEAN IsChild);
NTSTATUS
NTAPI
SeIsTokenSibling(
- IN PTOKEN Token,
- OUT PBOOLEAN IsSibling
-);
+ _In_ PTOKEN Token,
+ _Out_ PBOOLEAN IsSibling);
NTSTATUS
NTAPI
SepCreateImpersonationTokenDacl(
_In_ PTOKEN Token,
_In_ PTOKEN PrimaryToken,
- _Out_ PACL* Dacl
-);
+ _Out_ PACL* Dacl);
NTSTATUS
NTAPI
SepRmInsertLogonSessionIntoToken(
- _Inout_ PTOKEN Token
-);
+ _Inout_ PTOKEN Token);
NTSTATUS
NTAPI
SepRmRemoveLogonSessionFromToken(
- _Inout_ PTOKEN Token
-);
+ _Inout_ PTOKEN Token);
CODE_SEG("INIT")
VOID
@@ -385,63 +379,61 @@ SepCreateSystemAnonymousLogonTokenNoEveryone(VOID);
BOOLEAN
NTAPI
-SeDetailedAuditingWithToken(IN PTOKEN Token);
+SeDetailedAuditingWithToken(
+ _In_ PTOKEN Token);
VOID
NTAPI
-SeAuditProcessExit(IN PEPROCESS Process);
+SeAuditProcessExit(
+ _In_ PEPROCESS Process);
VOID
NTAPI
-SeAuditProcessCreate(IN PEPROCESS Process);
+SeAuditProcessCreate(
+ _In_ PEPROCESS Process);
NTSTATUS
NTAPI
SeExchangePrimaryToken(
_In_ PEPROCESS Process,
_In_ PACCESS_TOKEN NewAccessToken,
- _Out_ PACCESS_TOKEN* OldAccessToken
-);
+ _Out_ PACCESS_TOKEN* OldAccessToken);
VOID
NTAPI
SeCaptureSubjectContextEx(
- IN PETHREAD Thread,
- IN PEPROCESS Process,
- OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
-);
+ _In_ PETHREAD Thread,
+ _In_ PEPROCESS Process,
+ _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
NTSTATUS
NTAPI
SeCaptureLuidAndAttributesArray(
- PLUID_AND_ATTRIBUTES Src,
- ULONG PrivilegeCount,
- KPROCESSOR_MODE PreviousMode,
- PLUID_AND_ATTRIBUTES AllocatedMem,
- ULONG AllocatedLength,
- POOL_TYPE PoolType,
- BOOLEAN CaptureIfKernel,
- PLUID_AND_ATTRIBUTES* Dest,
- PULONG Length
-);
+ _In_ PLUID_AND_ATTRIBUTES Src,
+ _In_ ULONG PrivilegeCount,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _In_ PLUID_AND_ATTRIBUTES AllocatedMem,
+ _In_ ULONG AllocatedLength,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PLUID_AND_ATTRIBUTES* Dest,
+ _Inout_ PULONG Length);
VOID
NTAPI
SeReleaseLuidAndAttributesArray(
- PLUID_AND_ATTRIBUTES Privilege,
- KPROCESSOR_MODE PreviousMode,
- BOOLEAN CaptureIfKernel
-);
+ _In_ PLUID_AND_ATTRIBUTES Privilege,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _In_ BOOLEAN CaptureIfKernel);
BOOLEAN
NTAPI
SepPrivilegeCheck(
- PTOKEN Token,
- PLUID_AND_ATTRIBUTES Privileges,
- ULONG PrivilegeCount,
- ULONG PrivilegeControl,
- KPROCESSOR_MODE PreviousMode
-);
+ _In_ PTOKEN Token,
+ _In_ PLUID_AND_ATTRIBUTES Privileges,
+ _In_ ULONG PrivilegeCount,
+ _In_ ULONG PrivilegeControl,
+ _In_ KPROCESSOR_MODE PreviousMode);
NTSTATUS
NTAPI
@@ -456,11 +448,10 @@ SePrivilegePolicyCheck(
BOOLEAN
NTAPI
SeCheckPrivilegedObject(
- IN LUID PrivilegeValue,
- IN HANDLE ObjectHandle,
- IN ACCESS_MASK DesiredAccess,
- IN KPROCESSOR_MODE PreviousMode
-);
+ _In_ LUID PrivilegeValue,
+ _In_ HANDLE ObjectHandle,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ KPROCESSOR_MODE PreviousMode);
NTSTATUS
NTAPI
@@ -471,8 +462,7 @@ SepDuplicateToken(
_In_ TOKEN_TYPE TokenType,
_In_ SECURITY_IMPERSONATION_LEVEL Level,
_In_ KPROCESSOR_MODE PreviousMode,
- _Out_ PTOKEN* NewAccessToken
-);
+ _Out_ PTOKEN* NewAccessToken);
NTSTATUS
NTAPI
@@ -482,34 +472,30 @@ SepCaptureSecurityQualityOfService(
_In_ POOL_TYPE PoolType,
_In_ BOOLEAN CaptureIfKernel,
_Out_ PSECURITY_QUALITY_OF_SERVICE *CapturedSecurityQualityOfService,
- _Out_ PBOOLEAN Present
-);
+ _Out_ PBOOLEAN Present);
VOID
NTAPI
SepReleaseSecurityQualityOfService(
_In_opt_ PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService,
_In_ KPROCESSOR_MODE AccessMode,
- _In_ BOOLEAN CaptureIfKernel
-);
+ _In_ BOOLEAN CaptureIfKernel);
NTSTATUS
NTAPI
SepCaptureSid(
- IN PSID InputSid,
- IN KPROCESSOR_MODE AccessMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- OUT PSID *CapturedSid
-);
+ _In_ PSID InputSid,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PSID *CapturedSid);
VOID
NTAPI
SepReleaseSid(
- IN PSID CapturedSid,
- IN KPROCESSOR_MODE AccessMode,
- IN BOOLEAN CaptureIfKernel
-);
+ _In_ PSID CapturedSid,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ BOOLEAN CaptureIfKernel);
NTSTATUS
NTAPI
@@ -540,20 +526,18 @@ SeComputeQuotaInformationSize(
NTSTATUS
NTAPI
SepCaptureAcl(
- IN PACL InputAcl,
- IN KPROCESSOR_MODE AccessMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- OUT PACL *CapturedAcl
-);
+ _In_ PACL InputAcl,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PACL *CapturedAcl);
VOID
NTAPI
SepReleaseAcl(
- IN PACL CapturedAcl,
- IN KPROCESSOR_MODE AccessMode,
- IN BOOLEAN CaptureIfKernel
-);
+ _In_ PACL CapturedAcl,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ BOOLEAN CaptureIfKernel);
NTSTATUS
SepPropagateAcl(
@@ -584,32 +568,29 @@ SepSelectAcl(
NTSTATUS
NTAPI
SeDefaultObjectMethod(
- PVOID Object,
- SECURITY_OPERATION_CODE OperationType,
- PSECURITY_INFORMATION SecurityInformation,
- PSECURITY_DESCRIPTOR NewSecurityDescriptor,
- PULONG ReturnLength,
- PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
- POOL_TYPE PoolType,
- PGENERIC_MAPPING GenericMapping
-);
+ _In_ PVOID Object,
+ _In_ SECURITY_OPERATION_CODE OperationType,
+ _In_ PSECURITY_INFORMATION SecurityInformation,
+ _Inout_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _Inout_opt_ PULONG ReturnLength,
+ _Inout_opt_ PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
+ _In_ POOL_TYPE PoolType,
+ _In_ PGENERIC_MAPPING GenericMapping);
NTSTATUS
NTAPI
SeSetWorldSecurityDescriptor(
- SECURITY_INFORMATION SecurityInformation,
- PISECURITY_DESCRIPTOR SecurityDescriptor,
- PULONG BufferLength
-);
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _In_ PISECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PULONG BufferLength);
NTSTATUS
NTAPI
SeCopyClientToken(
- IN PACCESS_TOKEN Token,
- IN SECURITY_IMPERSONATION_LEVEL Level,
- IN KPROCESSOR_MODE PreviousMode,
- OUT PACCESS_TOKEN* NewToken
-);
+ _In_ PACCESS_TOKEN Token,
+ _In_ SECURITY_IMPERSONATION_LEVEL Level,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _Out_ PACCESS_TOKEN* NewToken);
NTSTATUS
NTAPI
@@ -620,20 +601,25 @@ SepRegQueryHelper(
_In_ ULONG DataLength,
_Out_ PVOID ValueData);
-VOID NTAPI
-SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
- OUT PACCESS_MASK DesiredAccess);
+VOID
+NTAPI
+SeQuerySecurityAccessMask(
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _Out_ PACCESS_MASK DesiredAccess);
-VOID NTAPI
-SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
- OUT PACCESS_MASK DesiredAccess);
+VOID
+NTAPI
+SeSetSecurityAccessMask(
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _Out_ PACCESS_MASK DesiredAccess);
BOOLEAN
NTAPI
-SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PACCESS_STATE AccessState,
- IN ACCESS_MASK DesiredAccess,
- IN KPROCESSOR_MODE AccessMode);
+SeFastTraverseCheck(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PACCESS_STATE AccessState,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ KPROCESSOR_MODE AccessMode);
BOOLEAN
NTAPI
@@ -651,17 +637,17 @@ SePrivilegedServiceAuditAlarm(
NTSTATUS
SepRmReferenceLogonSession(
- PLUID LogonLuid);
+ _Inout_ PLUID LogonLuid);
NTSTATUS
SepRmDereferenceLogonSession(
- PLUID LogonLuid);
+ _Inout_ PLUID LogonLuid);
NTSTATUS
NTAPI
SeGetLogonIdDeviceMap(
- IN PLUID LogonId,
- OUT PDEVICE_MAP * DeviceMap);
+ _In_ PLUID LogonId,
+ _Out_ PDEVICE_MAP *DeviceMap);
#endif
diff --git a/ntoskrnl/se/access.c b/ntoskrnl/se/access.c
index 42c2ab8d1c8..97a53380779 100644
--- a/ntoskrnl/se/access.c
+++ b/ntoskrnl/se/access.c
@@ -45,11 +45,12 @@ ERESOURCE SepSubjectContextLock;
*/
BOOLEAN
NTAPI
-SepSidInTokenEx(IN PACCESS_TOKEN _Token,
- IN PSID PrincipalSelfSid,
- IN PSID _Sid,
- IN BOOLEAN Deny,
- IN BOOLEAN Restricted)
+SepSidInTokenEx(
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSID PrincipalSelfSid,
+ _In_ PSID _Sid,
+ _In_ BOOLEAN Deny,
+ _In_ BOOLEAN Restricted)
{
ULONG i;
PTOKEN Token = (PTOKEN)_Token;
@@ -145,8 +146,9 @@ SepSidInTokenEx(IN PACCESS_TOKEN _Token,
*/
BOOLEAN
NTAPI
-SepSidInToken(IN PACCESS_TOKEN _Token,
- IN PSID Sid)
+SepSidInToken(
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSID Sid)
{
/* Call extended API */
return SepSidInTokenEx(_Token, NULL, Sid, FALSE, FALSE);
@@ -172,9 +174,10 @@ SepSidInToken(IN PACCESS_TOKEN _Token,
*/
BOOLEAN
NTAPI
-SepTokenIsOwner(IN PACCESS_TOKEN _Token,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN BOOLEAN TokenLocked)
+SepTokenIsOwner(
+ _In_ PACCESS_TOKEN _Token,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ BOOLEAN TokenLocked)
{
PSID Sid;
BOOLEAN Result;
@@ -216,8 +219,9 @@ SepTokenIsOwner(IN PACCESS_TOKEN _Token,
*/
VOID
NTAPI
-SeGetTokenControlInformation(IN PACCESS_TOKEN _Token,
- OUT PTOKEN_CONTROL TokenControl)
+SeGetTokenControlInformation(
+ _In_ PACCESS_TOKEN _Token,
+ _Out_ PTOKEN_CONTROL TokenControl)
{
PTOKEN Token = _Token;
PAGED_CODE();
@@ -274,13 +278,14 @@ SeGetTokenControlInformation(IN PACCESS_TOKEN _Token,
*/
NTSTATUS
NTAPI
-SepCreateClientSecurity(IN PACCESS_TOKEN Token,
- IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
- IN BOOLEAN ServerIsRemote,
- IN TOKEN_TYPE TokenType,
- IN BOOLEAN ThreadEffectiveOnly,
- IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
- OUT PSECURITY_CLIENT_CONTEXT ClientContext)
+SepCreateClientSecurity(
+ _In_ PACCESS_TOKEN Token,
+ _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
+ _In_ BOOLEAN ServerIsRemote,
+ _In_ TOKEN_TYPE TokenType,
+ _In_ BOOLEAN ThreadEffectiveOnly,
+ _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
+ _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
{
NTSTATUS Status;
PACCESS_TOKEN NewToken;
@@ -382,9 +387,10 @@ SepCreateClientSecurity(IN PACCESS_TOKEN Token,
*/
VOID
NTAPI
-SeCaptureSubjectContextEx(IN PETHREAD Thread,
- IN PEPROCESS Process,
- OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
+SeCaptureSubjectContextEx(
+ _In_ PETHREAD Thread,
+ _In_ PEPROCESS Process,
+ _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
BOOLEAN CopyOnOpen, EffectiveOnly;
@@ -425,7 +431,8 @@ SeCaptureSubjectContextEx(IN PETHREAD Thread,
*/
VOID
NTAPI
-SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
+SeCaptureSubjectContext(
+ _Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
/* Call the extended API */
SeCaptureSubjectContextEx(PsGetCurrentThread(),
@@ -446,7 +453,8 @@ SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
*/
VOID
NTAPI
-SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
+SeLockSubjectContext(
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
PTOKEN PrimaryToken, ClientToken;
PAGED_CODE();
@@ -476,7 +484,8 @@ SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
*/
VOID
NTAPI
-SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
+SeUnlockSubjectContext(
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
PTOKEN PrimaryToken, ClientToken;
PAGED_CODE();
@@ -508,7 +517,8 @@ SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
*/
VOID
NTAPI
-SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
+SeReleaseSubjectContext(
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
PAGED_CODE();
@@ -531,7 +541,7 @@ SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
* @param[in] Process
* Valid process object where subject context is to be captured.
*
- * @param[in, out] AccessState
+ * @param[in,out] AccessState
* An initialized returned parameter to an access state.
*
* @param[in] AuxData
@@ -548,12 +558,13 @@ SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT
SubjectContext)
*/
NTSTATUS
NTAPI
-SeCreateAccessStateEx(IN PETHREAD Thread,
- IN PEPROCESS Process,
- IN OUT PACCESS_STATE AccessState,
- IN PAUX_ACCESS_DATA AuxData,
- IN ACCESS_MASK Access,
- IN PGENERIC_MAPPING GenericMapping)
+SeCreateAccessStateEx(
+ _In_ PETHREAD Thread,
+ _In_ PEPROCESS Process,
+ _Inout_ PACCESS_STATE AccessState,
+ _In_ PAUX_ACCESS_DATA AuxData,
+ _In_ ACCESS_MASK Access,
+ _In_ PGENERIC_MAPPING GenericMapping)
{
ACCESS_MASK AccessMask = Access;
PTOKEN Token;
@@ -608,7 +619,7 @@ SeCreateAccessStateEx(IN PETHREAD Thread,
* @brief
* Creates an access state.
*
- * @param[in, out] AccessState
+ * @param[in,out] AccessState
* An initialized returned parameter to an access state.
*
* @param[in] AuxData
@@ -625,10 +636,11 @@ SeCreateAccessStateEx(IN PETHREAD Thread,
*/
NTSTATUS
NTAPI
-SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
- IN PAUX_ACCESS_DATA AuxData,
- IN ACCESS_MASK Access,
- IN PGENERIC_MAPPING GenericMapping)
+SeCreateAccessState(
+ _Inout_ PACCESS_STATE AccessState,
+ _In_ PAUX_ACCESS_DATA AuxData,
+ _In_ ACCESS_MASK Access,
+ _In_ PGENERIC_MAPPING GenericMapping)
{
PAGED_CODE();
@@ -653,7 +665,8 @@ SeCreateAccessState(IN OUT PACCESS_STATE AccessState,
*/
VOID
NTAPI
-SeDeleteAccessState(IN PACCESS_STATE AccessState)
+SeDeleteAccessState(
+ _In_ PACCESS_STATE AccessState)
{
PAUX_ACCESS_DATA AuxData;
PAGED_CODE();
@@ -695,8 +708,9 @@ SeDeleteAccessState(IN PACCESS_STATE AccessState)
*/
VOID
NTAPI
-SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState,
- IN PGENERIC_MAPPING GenericMapping)
+SeSetAccessStateGenericMapping(
+ _In_ PACCESS_STATE AccessState,
+ _In_ PGENERIC_MAPPING GenericMapping)
{
PAGED_CODE();
@@ -725,10 +739,11 @@ SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState,
*/
NTSTATUS
NTAPI
-SeCreateClientSecurity(IN PETHREAD Thread,
- IN PSECURITY_QUALITY_OF_SERVICE Qos,
- IN BOOLEAN RemoteClient,
- OUT PSECURITY_CLIENT_CONTEXT ClientContext)
+SeCreateClientSecurity(
+ _In_ PETHREAD Thread,
+ _In_ PSECURITY_QUALITY_OF_SERVICE Qos,
+ _In_ BOOLEAN RemoteClient,
+ _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
{
TOKEN_TYPE TokenType;
BOOLEAN ThreadEffectiveOnly;
@@ -786,10 +801,11 @@ SeCreateClientSecurity(IN PETHREAD Thread,
*/
NTSTATUS
NTAPI
-SeCreateClientSecurityFromSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
- IN PSECURITY_QUALITY_OF_SERVICE
ClientSecurityQos,
- IN BOOLEAN ServerIsRemote,
- OUT PSECURITY_CLIENT_CONTEXT ClientContext)
+SeCreateClientSecurityFromSubjectContext(
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
+ _In_ BOOLEAN ServerIsRemote,
+ _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
{
PACCESS_TOKEN Token;
NTSTATUS Status;
@@ -837,8 +853,9 @@ SeCreateClientSecurityFromSubjectContext(IN PSECURITY_SUBJECT_CONTEXT
SubjectCon
*/
NTSTATUS
NTAPI
-SeImpersonateClientEx(IN PSECURITY_CLIENT_CONTEXT ClientContext,
- IN PETHREAD ServerThread OPTIONAL)
+SeImpersonateClientEx(
+ _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
+ _In_opt_ PETHREAD ServerThread)
{
BOOLEAN EffectiveOnly;
PAGED_CODE();
@@ -881,8 +898,9 @@ SeImpersonateClientEx(IN PSECURITY_CLIENT_CONTEXT ClientContext,
*/
VOID
NTAPI
-SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext,
- IN PETHREAD ServerThread OPTIONAL)
+SeImpersonateClient(
+ _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
+ _In_opt_ PETHREAD ServerThread)
{
PAGED_CODE();
diff --git a/ntoskrnl/se/accesschk.c b/ntoskrnl/se/accesschk.c
index 26e5630469b..35e22f2f35d 100644
--- a/ntoskrnl/se/accesschk.c
+++ b/ntoskrnl/se/accesschk.c
@@ -66,18 +66,19 @@
* The function is currently incomplete!
*/
BOOLEAN NTAPI
-SepAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
- IN ACCESS_MASK DesiredAccess,
- IN POBJECT_TYPE_LIST ObjectTypeList,
- IN ULONG ObjectTypeListLength,
- IN ACCESS_MASK PreviouslyGrantedAccess,
- OUT PPRIVILEGE_SET* Privileges,
- IN PGENERIC_MAPPING GenericMapping,
- IN KPROCESSOR_MODE AccessMode,
- OUT PACCESS_MASK GrantedAccessList,
- OUT PNTSTATUS AccessStatusList,
- IN BOOLEAN UseResultList)
+SepAccessCheck(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ POBJECT_TYPE_LIST ObjectTypeList,
+ _In_ ULONG ObjectTypeListLength,
+ _In_ ACCESS_MASK PreviouslyGrantedAccess,
+ _Out_ PPRIVILEGE_SET* Privileges,
+ _In_ PGENERIC_MAPPING GenericMapping,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _Out_ PACCESS_MASK GrantedAccessList,
+ _Out_ PNTSTATUS AccessStatusList,
+ _In_ BOOLEAN UseResultList)
{
ACCESS_MASK RemainingAccess;
ACCESS_MASK TempAccess;
@@ -342,7 +343,8 @@ ReturnCommonStatus:
* Returns a SID that represents the main user (owner).
*/
static PSID
-SepGetSDOwner(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
+SepGetSDOwner(
+ _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
{
PISECURITY_DESCRIPTOR SecurityDescriptor = _SecurityDescriptor;
PSID Owner;
@@ -368,7 +370,8 @@ SepGetSDOwner(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
* Returns a SID that represents a group.
*/
static PSID
-SepGetSDGroup(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
+SepGetSDGroup(
+ _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
{
PISECURITY_DESCRIPTOR SecurityDescriptor = _SecurityDescriptor;
PSID Group;
@@ -394,7 +397,8 @@ SepGetSDGroup(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
*/
static
ULONG
-SepGetPrivilegeSetLength(IN PPRIVILEGE_SET PrivilegeSet)
+SepGetPrivilegeSetLength(
+ _In_ PPRIVILEGE_SET PrivilegeSet)
{
if (PrivilegeSet == NULL)
return 0;
@@ -452,16 +456,17 @@ SepGetPrivilegeSetLength(IN PPRIVILEGE_SET PrivilegeSet)
*/
BOOLEAN
NTAPI
-SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
- IN BOOLEAN SubjectContextLocked,
- IN ACCESS_MASK DesiredAccess,
- IN ACCESS_MASK PreviouslyGrantedAccess,
- OUT PPRIVILEGE_SET* Privileges,
- IN PGENERIC_MAPPING GenericMapping,
- IN KPROCESSOR_MODE AccessMode,
- OUT PACCESS_MASK GrantedAccess,
- OUT PNTSTATUS AccessStatus)
+SeAccessCheck(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
+ _In_ BOOLEAN SubjectContextLocked,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ ACCESS_MASK PreviouslyGrantedAccess,
+ _Out_ PPRIVILEGE_SET* Privileges,
+ _In_ PGENERIC_MAPPING GenericMapping,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _Out_ PACCESS_MASK GrantedAccess,
+ _Out_ PNTSTATUS AccessStatus)
{
BOOLEAN ret;
@@ -593,10 +598,11 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
*/
BOOLEAN
NTAPI
-SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PACCESS_STATE AccessState,
- IN ACCESS_MASK DesiredAccess,
- IN KPROCESSOR_MODE AccessMode)
+SeFastTraverseCheck(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PACCESS_STATE AccessState,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ KPROCESSOR_MODE AccessMode)
{
PACL Dacl;
ULONG AceIndex;
@@ -702,14 +708,15 @@ SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
*/
NTSTATUS
NTAPI
-NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN HANDLE TokenHandle,
- IN ACCESS_MASK DesiredAccess,
- IN PGENERIC_MAPPING GenericMapping,
- OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL,
- IN OUT PULONG PrivilegeSetLength,
- OUT PACCESS_MASK GrantedAccess,
- OUT PNTSTATUS AccessStatus)
+NtAccessCheck(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ HANDLE TokenHandle,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ PGENERIC_MAPPING GenericMapping,
+ _Out_opt_ PPRIVILEGE_SET PrivilegeSet,
+ _Inout_ PULONG PrivilegeSetLength,
+ _Out_ PACCESS_MASK GrantedAccess,
+ _Out_ PNTSTATUS AccessStatus)
{
PSECURITY_DESCRIPTOR CapturedSecurityDescriptor = NULL;
SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
@@ -988,17 +995,18 @@ NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
*/
NTSTATUS
NTAPI
-NtAccessCheckByType(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSID PrincipalSelfSid,
- IN HANDLE ClientToken,
- IN ACCESS_MASK DesiredAccess,
- IN POBJECT_TYPE_LIST ObjectTypeList,
- IN ULONG ObjectTypeLength,
- IN PGENERIC_MAPPING GenericMapping,
- IN PPRIVILEGE_SET PrivilegeSet,
- IN OUT PULONG PrivilegeSetLength,
- OUT PACCESS_MASK GrantedAccess,
- OUT PNTSTATUS AccessStatus)
+NtAccessCheckByType(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PSID PrincipalSelfSid,
+ _In_ HANDLE ClientToken,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ POBJECT_TYPE_LIST ObjectTypeList,
+ _In_ ULONG ObjectTypeLength,
+ _In_ PGENERIC_MAPPING GenericMapping,
+ _In_ PPRIVILEGE_SET PrivilegeSet,
+ _Inout_ PULONG PrivilegeSetLength,
+ _Out_ PACCESS_MASK GrantedAccess,
+ _Out_ PNTSTATUS AccessStatus)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
@@ -1049,17 +1057,18 @@ NtAccessCheckByType(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
*/
NTSTATUS
NTAPI
-NtAccessCheckByTypeResultList(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSID PrincipalSelfSid,
- IN HANDLE ClientToken,
- IN ACCESS_MASK DesiredAccess,
- IN POBJECT_TYPE_LIST ObjectTypeList,
- IN ULONG ObjectTypeLength,
- IN PGENERIC_MAPPING GenericMapping,
- IN PPRIVILEGE_SET PrivilegeSet,
- IN OUT PULONG PrivilegeSetLength,
- OUT PACCESS_MASK GrantedAccess,
- OUT PNTSTATUS AccessStatus)
+NtAccessCheckByTypeResultList(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PSID PrincipalSelfSid,
+ _In_ HANDLE ClientToken,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ POBJECT_TYPE_LIST ObjectTypeList,
+ _In_ ULONG ObjectTypeLength,
+ _In_ PGENERIC_MAPPING GenericMapping,
+ _In_ PPRIVILEGE_SET PrivilegeSet,
+ _Inout_ PULONG PrivilegeSetLength,
+ _Out_ PACCESS_MASK GrantedAccess,
+ _Out_ PNTSTATUS AccessStatus)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
diff --git a/ntoskrnl/se/acl.c b/ntoskrnl/se/acl.c
index f68cc40695e..5f73602e373 100644
--- a/ntoskrnl/se/acl.c
+++ b/ntoskrnl/se/acl.c
@@ -349,11 +349,12 @@ SepCreateImpersonationTokenDacl(
*/
NTSTATUS
NTAPI
-SepCaptureAcl(IN PACL InputAcl,
- IN KPROCESSOR_MODE AccessMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- OUT PACL *CapturedAcl)
+SepCaptureAcl(
+ _In_ PACL InputAcl,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PACL *CapturedAcl)
{
PACL NewAcl;
ULONG AclSize = 0;
@@ -455,9 +456,10 @@ SepCaptureAcl(IN PACL InputAcl,
*/
VOID
NTAPI
-SepReleaseAcl(IN PACL CapturedAcl,
- IN KPROCESSOR_MODE AccessMode,
- IN BOOLEAN CaptureIfKernel)
+SepReleaseAcl(
+ _In_ PACL CapturedAcl,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ BOOLEAN CaptureIfKernel)
{
PAGED_CODE();
diff --git a/ntoskrnl/se/audit.c b/ntoskrnl/se/audit.c
index a7123d0a19b..2bd18e8fa20 100644
--- a/ntoskrnl/se/audit.c
+++ b/ntoskrnl/se/audit.c
@@ -31,7 +31,8 @@ UNICODE_STRING SeSubsystemName =
RTL_CONSTANT_STRING(L"Security");
*/
BOOLEAN
NTAPI
-SeDetailedAuditingWithToken(IN PTOKEN Token)
+SeDetailedAuditingWithToken(
+ _In_ PTOKEN Token)
{
/* FIXME */
return FALSE;
@@ -52,7 +53,8 @@ SeDetailedAuditingWithToken(IN PTOKEN Token)
*/
VOID
NTAPI
-SeAuditProcessCreate(IN PEPROCESS Process)
+SeAuditProcessCreate(
+ _In_ PEPROCESS Process)
{
/* FIXME */
}
@@ -72,7 +74,8 @@ SeAuditProcessCreate(IN PEPROCESS Process)
*/
VOID
NTAPI
-SeAuditProcessExit(IN PEPROCESS Process)
+SeAuditProcessExit(
+ _In_ PEPROCESS Process)
{
/* FIXME */
}
@@ -99,9 +102,10 @@ SeAuditProcessExit(IN PEPROCESS Process)
*/
NTSTATUS
NTAPI
-SeInitializeProcessAuditName(IN PFILE_OBJECT FileObject,
- IN BOOLEAN DoAudit,
- OUT POBJECT_NAME_INFORMATION *AuditInfo)
+SeInitializeProcessAuditName(
+ _In_ PFILE_OBJECT FileObject,
+ _In_ BOOLEAN DoAudit,
+ _Out_ POBJECT_NAME_INFORMATION *AuditInfo)
{
OBJECT_NAME_INFORMATION LocalNameInfo;
POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
@@ -192,8 +196,9 @@ SeInitializeProcessAuditName(IN PFILE_OBJECT FileObject,
*/
NTSTATUS
NTAPI
-SeLocateProcessImageName(IN PEPROCESS Process,
- OUT PUNICODE_STRING *ProcessImageName)
+SeLocateProcessImageName(
+ _In_ PEPROCESS Process,
+ _Out_ PUNICODE_STRING *ProcessImageName)
{
POBJECT_NAME_INFORMATION AuditName;
PUNICODE_STRING ImageName;
@@ -280,9 +285,9 @@ SeLocateProcessImageName(IN PEPROCESS Process,
VOID
NTAPI
SepAdtCloseObjectAuditAlarm(
- PUNICODE_STRING SubsystemName,
- PVOID HandleId,
- PSID Sid)
+ _In_ PUNICODE_STRING SubsystemName,
+ _In_ PVOID HandleId,
+ _In_ PSID Sid)
{
UNIMPLEMENTED;
}
@@ -325,7 +330,7 @@ SepAdtCloseObjectAuditAlarm(
VOID
NTAPI
SepAdtPrivilegedServiceAuditAlarm(
- PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
_In_opt_ PUNICODE_STRING SubsystemName,
_In_opt_ PUNICODE_STRING ServiceName,
_In_ PTOKEN Token,
@@ -1060,9 +1065,10 @@ Cleanup:
*/
VOID
NTAPI
-SeAuditHardLinkCreation(IN PUNICODE_STRING FileName,
- IN PUNICODE_STRING LinkName,
- IN BOOLEAN bSuccess)
+SeAuditHardLinkCreation(
+ _In_ PUNICODE_STRING FileName,
+ _In_ PUNICODE_STRING LinkName,
+ _In_ BOOLEAN bSuccess)
{
UNIMPLEMENTED;
}
@@ -1085,8 +1091,9 @@ SeAuditHardLinkCreation(IN PUNICODE_STRING FileName,
*/
BOOLEAN
NTAPI
-SeAuditingFileEvents(IN BOOLEAN AccessGranted,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor)
+SeAuditingFileEvents(
+ _In_ BOOLEAN AccessGranted,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
{
UNIMPLEMENTED;
return FALSE;
@@ -1114,9 +1121,10 @@ SeAuditingFileEvents(IN BOOLEAN AccessGranted,
*/
BOOLEAN
NTAPI
-SeAuditingFileEventsWithContext(IN BOOLEAN AccessGranted,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
OPTIONAL)
+SeAuditingFileEventsWithContext(
+ _In_ BOOLEAN AccessGranted,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
{
UNIMPLEMENTED_ONCE;
return FALSE;
@@ -1140,8 +1148,9 @@ SeAuditingFileEventsWithContext(IN BOOLEAN AccessGranted,
*/
BOOLEAN
NTAPI
-SeAuditingHardLinkEvents(IN BOOLEAN AccessGranted,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor)
+SeAuditingHardLinkEvents(
+ _In_ BOOLEAN AccessGranted,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
{
UNIMPLEMENTED;
return FALSE;
@@ -1169,9 +1178,10 @@ SeAuditingHardLinkEvents(IN BOOLEAN AccessGranted,
*/
BOOLEAN
NTAPI
-SeAuditingHardLinkEventsWithContext(IN BOOLEAN AccessGranted,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
OPTIONAL)
+SeAuditingHardLinkEventsWithContext(
+ _In_ BOOLEAN AccessGranted,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
{
UNIMPLEMENTED;
return FALSE;
@@ -1199,9 +1209,10 @@ SeAuditingHardLinkEventsWithContext(IN BOOLEAN AccessGranted,
*/
BOOLEAN
NTAPI
-SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
+SeAuditingFileOrGlobalEvents(
+ _In_ BOOLEAN AccessGranted,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext)
{
UNIMPLEMENTED;
return FALSE;
@@ -1227,9 +1238,10 @@ SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted,
*/
VOID
NTAPI
-SeCloseObjectAuditAlarm(IN PVOID Object,
- IN HANDLE Handle,
- IN BOOLEAN PerformAction)
+SeCloseObjectAuditAlarm(
+ _In_ PVOID Object,
+ _In_ HANDLE Handle,
+ _In_ BOOLEAN PerformAction)
{
UNIMPLEMENTED;
}
@@ -1249,8 +1261,9 @@ SeCloseObjectAuditAlarm(IN PVOID Object,
* Nothing.
*/
VOID NTAPI
-SeDeleteObjectAuditAlarm(IN PVOID Object,
- IN HANDLE Handle)
+SeDeleteObjectAuditAlarm(
+ _In_ PVOID Object,
+ _In_ HANDLE Handle)
{
UNIMPLEMENTED;
}
@@ -1298,15 +1311,16 @@ SeDeleteObjectAuditAlarm(IN PVOID Object,
*/
VOID
NTAPI
-SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
- IN PVOID Object OPTIONAL,
- IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PACCESS_STATE AccessState,
- IN BOOLEAN ObjectCreated,
- IN BOOLEAN AccessGranted,
- IN KPROCESSOR_MODE AccessMode,
- OUT PBOOLEAN GenerateOnClose)
+SeOpenObjectAuditAlarm(
+ _In_ PUNICODE_STRING ObjectTypeName,
+ _In_opt_ PVOID Object,
+ _In_opt_ PUNICODE_STRING AbsoluteObjectName,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PACCESS_STATE AccessState,
+ _In_ BOOLEAN ObjectCreated,
+ _In_ BOOLEAN AccessGranted,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _Out_ PBOOLEAN GenerateOnClose)
{
PAGED_CODE();
@@ -1360,15 +1374,16 @@ SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
* Nothing.
*/
VOID NTAPI
-SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
- IN PVOID Object OPTIONAL,
- IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN PACCESS_STATE AccessState,
- IN BOOLEAN ObjectCreated,
- IN BOOLEAN AccessGranted,
- IN KPROCESSOR_MODE AccessMode,
- OUT PBOOLEAN GenerateOnClose)
+SeOpenObjectForDeleteAuditAlarm(
+ _In_ PUNICODE_STRING ObjectTypeName,
+ _In_opt_ PVOID Object,
+ _In_opt_ PUNICODE_STRING AbsoluteObjectName,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PACCESS_STATE AccessState,
+ _In_ BOOLEAN ObjectCreated,
+ _In_ BOOLEAN AccessGranted,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _Out_ PBOOLEAN GenerateOnClose)
{
UNIMPLEMENTED;
}
@@ -1404,12 +1419,13 @@ SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING
ObjectTypeName,
*/
VOID
NTAPI
-SePrivilegeObjectAuditAlarm(IN HANDLE Handle,
- IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
- IN ACCESS_MASK DesiredAccess,
- IN PPRIVILEGE_SET Privileges,
- IN BOOLEAN AccessGranted,
- IN KPROCESSOR_MODE CurrentMode)
+SePrivilegeObjectAuditAlarm(
+ _In_ HANDLE Handle,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ PPRIVILEGE_SET Privileges,
+ _In_ BOOLEAN AccessGranted,
+ _In_ KPROCESSOR_MODE CurrentMode)
{
UNIMPLEMENTED;
}
@@ -1441,9 +1457,9 @@ SePrivilegeObjectAuditAlarm(IN HANDLE Handle,
NTSTATUS
NTAPI
NtCloseObjectAuditAlarm(
- PUNICODE_STRING SubsystemName,
- PVOID HandleId,
- BOOLEAN GenerateOnClose)
+ _In_ PUNICODE_STRING SubsystemName,
+ _In_ PVOID HandleId,
+ _In_ BOOLEAN GenerateOnClose)
{
SECURITY_SUBJECT_CONTEXT SubjectContext;
UNICODE_STRING CapturedSubsystemName;
@@ -1557,9 +1573,10 @@ Cleanup:
* To be added...
*/
NTSTATUS NTAPI
-NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
- IN PVOID HandleId,
- IN BOOLEAN GenerateOnClose)
+NtDeleteObjectAuditAlarm(
+ _In_ PUNICODE_STRING SubsystemName,
+ _In_ PVOID HandleId,
+ _In_ BOOLEAN GenerateOnClose)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
@@ -1969,7 +1986,7 @@ NtPrivilegedServiceAuditAlarm(
_In_opt_ PUNICODE_STRING ServiceName,
_In_ HANDLE ClientTokenHandle,
_In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted )
+ _In_ BOOLEAN AccessGranted)
{
KPROCESSOR_MODE PreviousMode;
PTOKEN ClientToken;
@@ -2147,12 +2164,13 @@ Cleanup:
* To be added...
*/
NTSTATUS NTAPI
-NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
- IN PVOID HandleId,
- IN HANDLE ClientToken,
- IN ULONG DesiredAccess,
- IN PPRIVILEGE_SET Privileges,
- IN BOOLEAN AccessGranted)
+NtPrivilegeObjectAuditAlarm(
+ _In_ PUNICODE_STRING SubsystemName,
+ _In_ PVOID HandleId,
+ _In_ HANDLE ClientToken,
+ _In_ ULONG DesiredAccess,
+ _In_ PPRIVILEGE_SET Privileges,
+ _In_ BOOLEAN AccessGranted)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
diff --git a/ntoskrnl/se/priv.c b/ntoskrnl/se/priv.c
index 42f69c5e84a..0a1e83a89e5 100644
--- a/ntoskrnl/se/priv.c
+++ b/ntoskrnl/se/priv.c
@@ -99,11 +99,12 @@ SepInitPrivileges(VOID)
*/
BOOLEAN
NTAPI
-SepPrivilegeCheck(PTOKEN Token,
- PLUID_AND_ATTRIBUTES Privileges,
- ULONG PrivilegeCount,
- ULONG PrivilegeControl,
- KPROCESSOR_MODE PreviousMode)
+SepPrivilegeCheck(
+ _In_ PTOKEN Token,
+ _In_ PLUID_AND_ATTRIBUTES Privileges,
+ _In_ ULONG PrivilegeCount,
+ _In_ ULONG PrivilegeControl,
+ _In_ KPROCESSOR_MODE PreviousMode)
{
ULONG i;
ULONG j;
@@ -185,9 +186,9 @@ SepPrivilegeCheck(PTOKEN Token,
NTSTATUS
NTAPI
SepSinglePrivilegeCheck(
- LUID PrivilegeValue,
- PTOKEN Token,
- KPROCESSOR_MODE PreviousMode)
+ _In_ LUID PrivilegeValue,
+ _In_ PTOKEN Token,
+ _In_ KPROCESSOR_MODE PreviousMode)
{
LUID_AND_ATTRIBUTES Privilege;
PAGED_CODE();
@@ -430,15 +431,16 @@ SeCheckAuditPrivilege(
*/
NTSTATUS
NTAPI
-SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
- ULONG PrivilegeCount,
- KPROCESSOR_MODE PreviousMode,
- PLUID_AND_ATTRIBUTES AllocatedMem,
- ULONG AllocatedLength,
- POOL_TYPE PoolType,
- BOOLEAN CaptureIfKernel,
- PLUID_AND_ATTRIBUTES *Dest,
- PULONG Length)
+SeCaptureLuidAndAttributesArray(
+ _In_ PLUID_AND_ATTRIBUTES Src,
+ _In_ ULONG PrivilegeCount,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _In_opt_ PLUID_AND_ATTRIBUTES AllocatedMem,
+ _In_opt_ ULONG AllocatedLength,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PLUID_AND_ATTRIBUTES *Dest,
+ _Inout_ PULONG Length)
{
ULONG BufferSize;
NTSTATUS Status = STATUS_SUCCESS;
@@ -543,9 +545,10 @@ SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
*/
VOID
NTAPI
-SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege,
- KPROCESSOR_MODE PreviousMode,
- BOOLEAN CaptureIfKernel)
+SeReleaseLuidAndAttributesArray(
+ _In_ PLUID_AND_ATTRIBUTES Privilege,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _In_ BOOLEAN CaptureIfKernel)
{
PAGED_CODE();
@@ -576,8 +579,9 @@ SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege,
*/
NTSTATUS
NTAPI
-SeAppendPrivileges(IN OUT PACCESS_STATE AccessState,
- IN PPRIVILEGE_SET Privileges)
+SeAppendPrivileges(
+ _Inout_ PACCESS_STATE AccessState,
+ _In_ PPRIVILEGE_SET Privileges)
{
PAUX_ACCESS_DATA AuxData;
ULONG OldPrivilegeSetSize;
@@ -656,7 +660,8 @@ SeAppendPrivileges(IN OUT PACCESS_STATE AccessState,
*/
VOID
NTAPI
-SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
+SeFreePrivileges(
+ _In_ PPRIVILEGE_SET Privileges)
{
PAGED_CODE();
ExFreePoolWithTag(Privileges, TAG_PRIVILEGE_SET);
@@ -684,9 +689,10 @@ SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
*/
BOOLEAN
NTAPI
-SePrivilegeCheck(PPRIVILEGE_SET Privileges,
- PSECURITY_SUBJECT_CONTEXT SubjectContext,
- KPROCESSOR_MODE PreviousMode)
+SePrivilegeCheck(
+ _In_ PPRIVILEGE_SET Privileges,
+ _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ _In_ KPROCESSOR_MODE PreviousMode)
{
PACCESS_TOKEN Token = NULL;
@@ -729,8 +735,9 @@ SePrivilegeCheck(PPRIVILEGE_SET Privileges,
*/
BOOLEAN
NTAPI
-SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
- IN KPROCESSOR_MODE PreviousMode)
+SeSinglePrivilegeCheck(
+ _In_ LUID PrivilegeValue,
+ _In_ KPROCESSOR_MODE PreviousMode)
{
SECURITY_SUBJECT_CONTEXT SubjectContext;
PRIVILEGE_SET Priv;
@@ -787,10 +794,11 @@ SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
*/
BOOLEAN
NTAPI
-SeCheckPrivilegedObject(IN LUID PrivilegeValue,
- IN HANDLE ObjectHandle,
- IN ACCESS_MASK DesiredAccess,
- IN KPROCESSOR_MODE PreviousMode)
+SeCheckPrivilegedObject(
+ _In_ LUID PrivilegeValue,
+ _In_ HANDLE ObjectHandle,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ KPROCESSOR_MODE PreviousMode)
{
SECURITY_SUBJECT_CONTEXT SubjectContext;
PRIVILEGE_SET Priv;
@@ -851,9 +859,10 @@ SeCheckPrivilegedObject(IN LUID PrivilegeValue,
*/
NTSTATUS
NTAPI
-NtPrivilegeCheck(IN HANDLE ClientToken,
- IN PPRIVILEGE_SET RequiredPrivileges,
- OUT PBOOLEAN Result)
+NtPrivilegeCheck(
+ _In_ HANDLE ClientToken,
+ _In_ PPRIVILEGE_SET RequiredPrivileges,
+ _Out_ PBOOLEAN Result)
{
PLUID_AND_ATTRIBUTES Privileges;
PTOKEN Token;
diff --git a/ntoskrnl/se/sd.c b/ntoskrnl/se/sd.c
index fc9369d1808..c3be55a677c 100644
--- a/ntoskrnl/se/sd.c
+++ b/ntoskrnl/se/sd.c
@@ -152,9 +152,10 @@ SepInitSDs(VOID)
*/
NTSTATUS
NTAPI
-SeSetWorldSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
- PISECURITY_DESCRIPTOR SecurityDescriptor,
- PULONG BufferLength)
+SeSetWorldSecurityDescriptor(
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _In_ PISECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ PULONG BufferLength)
{
ULONG Current;
ULONG SidSize;
@@ -263,9 +264,9 @@ SeSetWorldSecurityDescriptor(SECURITY_INFORMATION
SecurityInformation,
static
ULONG
DetermineSIDSize(
- PISID Sid,
- PULONG OutSAC,
- KPROCESSOR_MODE ProcessorMode)
+ _In_ PISID Sid,
+ _Inout_ PULONG OutSAC,
+ _In_ KPROCESSOR_MODE ProcessorMode)
{
ULONG Size;
@@ -309,8 +310,8 @@ DetermineSIDSize(
static
ULONG
DetermineACLSize(
- PACL Acl,
- KPROCESSOR_MODE ProcessorMode)
+ _In_ PACL Acl,
+ _In_ KPROCESSOR_MODE ProcessorMode)
{
ULONG Size;
@@ -359,11 +360,11 @@ DetermineACLSize(
NTSTATUS
NTAPI
SeCaptureSecurityDescriptor(
- IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
- IN KPROCESSOR_MODE CurrentMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- OUT PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
+ _In_ PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
+ _In_ KPROCESSOR_MODE CurrentMode,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor)
{
PISECURITY_DESCRIPTOR OriginalDescriptor = _OriginalSecurityDescriptor;
SECURITY_DESCRIPTOR DescriptorCopy;
@@ -732,9 +733,10 @@ SeQuerySecurityDescriptorInfo(
*/
NTSTATUS
NTAPI
-SeReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
- IN KPROCESSOR_MODE CurrentMode,
- IN BOOLEAN CaptureIfKernelMode)
+SeReleaseSecurityDescriptor(
+ _In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
+ _In_ KPROCESSOR_MODE CurrentMode,
+ _In_ BOOLEAN CaptureIfKernelMode)
{
PAGED_CODE();
@@ -998,8 +1000,9 @@ SeSetSecurityDescriptorInfoEx(
* FALSE otherwise.
*/
BOOLEAN NTAPI
-SeValidSecurityDescriptor(IN ULONG Length,
- IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
+SeValidSecurityDescriptor(
+ _In_ ULONG Length,
+ _In_ PSECURITY_DESCRIPTOR _SecurityDescriptor)
{
ULONG SdLength;
PISID Sid;
diff --git a/ntoskrnl/se/semgr.c b/ntoskrnl/se/semgr.c
index 961177eaa87..f16d7b1121d 100644
--- a/ntoskrnl/se/semgr.c
+++ b/ntoskrnl/se/semgr.c
@@ -325,14 +325,14 @@ SeInitSystem(VOID)
* @param[in] SecurityInformation
* Auxiliary security information of the object.
*
- * @param[in] SecurityDescriptor
+ * @param[in,out] SecurityDescriptor
* A security descriptor. This SD is used accordingly to the operation type
* requested by the caller.
*
- * @param[in] ReturnLength
+ * @param[in,out] ReturnLength
* The length size of the queried security descriptor, in bytes.
*
- * @param[in] OldSecurityDescriptor
+ * @param[in,out] OldSecurityDescriptor
* The old SD that belonged to the object, in case we're either deleting
* or replacing it.
*
@@ -348,14 +348,15 @@ SeInitSystem(VOID)
*/
NTSTATUS
NTAPI
-SeDefaultObjectMethod(IN PVOID Object,
- IN SECURITY_OPERATION_CODE OperationType,
- IN PSECURITY_INFORMATION SecurityInformation,
- IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
- IN OUT PULONG ReturnLength OPTIONAL,
- IN OUT PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
- IN POOL_TYPE PoolType,
- IN PGENERIC_MAPPING GenericMapping)
+SeDefaultObjectMethod(
+ _In_ PVOID Object,
+ _In_ SECURITY_OPERATION_CODE OperationType,
+ _In_ PSECURITY_INFORMATION SecurityInformation,
+ _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _Inout_opt_ PULONG ReturnLength,
+ _Inout_ PSECURITY_DESCRIPTOR *OldSecurityDescriptor,
+ _In_ POOL_TYPE PoolType,
+ _In_ PGENERIC_MAPPING GenericMapping)
{
PAGED_CODE();
@@ -423,8 +424,9 @@ SeDefaultObjectMethod(IN PVOID Object,
*/
VOID
NTAPI
-SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
- OUT PACCESS_MASK DesiredAccess)
+SeQuerySecurityAccessMask(
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _Out_ PACCESS_MASK DesiredAccess)
{
*DesiredAccess = 0;
@@ -455,8 +457,9 @@ SeQuerySecurityAccessMask(IN SECURITY_INFORMATION
SecurityInformation,
*/
VOID
NTAPI
-SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
- OUT PACCESS_MASK DesiredAccess)
+SeSetSecurityAccessMask(
+ _In_ SECURITY_INFORMATION SecurityInformation,
+ _Out_ PACCESS_MASK DesiredAccess)
{
*DesiredAccess = 0;
diff --git a/ntoskrnl/se/sid.c b/ntoskrnl/se/sid.c
index 89fd380648c..397f614fea8 100644
--- a/ntoskrnl/se/sid.c
+++ b/ntoskrnl/se/sid.c
@@ -303,11 +303,12 @@ SepInitSecurityIDs(VOID)
*/
NTSTATUS
NTAPI
-SepCaptureSid(IN PSID InputSid,
- IN KPROCESSOR_MODE AccessMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- OUT PSID *CapturedSid)
+SepCaptureSid(
+ _In_ PSID InputSid,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ POOL_TYPE PoolType,
+ _In_ BOOLEAN CaptureIfKernel,
+ _Out_ PSID *CapturedSid)
{
ULONG SidSize = 0;
PISID NewSid, Sid = (PISID)InputSid;
@@ -388,9 +389,10 @@ SepCaptureSid(IN PSID InputSid,
*/
VOID
NTAPI
-SepReleaseSid(IN PSID CapturedSid,
- IN KPROCESSOR_MODE AccessMode,
- IN BOOLEAN CaptureIfKernel)
+SepReleaseSid(
+ _In_ PSID CapturedSid,
+ _In_ KPROCESSOR_MODE AccessMode,
+ _In_ BOOLEAN CaptureIfKernel)
{
PAGED_CODE();
diff --git a/ntoskrnl/se/srm.c b/ntoskrnl/se/srm.c
index abdb7ee2fb7..a011f51954d 100644
--- a/ntoskrnl/se/srm.c
+++ b/ntoskrnl/se/srm.c
@@ -24,7 +24,7 @@ typedef struct _SEP_LOGON_SESSION_TERMINATED_NOTIFICATION
VOID
NTAPI
SepRmCommandServerThread(
- PVOID StartContext);
+ _In_ PVOID StartContext);
static
NTSTATUS
@@ -34,7 +34,7 @@ SepCleanupLUIDDeviceMapDirectory(
static
NTSTATUS
SepRmCreateLogonSession(
- PLUID LogonLuid);
+ _In_ PLUID LogonLuid);
/* GLOBALS ********************************************************************/
@@ -322,7 +322,7 @@ SepAdtInitializeBounds(VOID)
static
NTSTATUS
SepRmSetAuditEvent(
- PSEP_RM_API_MESSAGE Message)
+ _Inout_ PSEP_RM_API_MESSAGE Message)
{
ULONG i;
PAGED_CODE();
@@ -496,7 +496,7 @@ SepRmRemoveLogonSessionFromToken(
* respective logon sessions management within the kernel,
* as in form of a SEP_LOGON_SESSION_REFERENCES data structure.
*
- * @param[in,out] LogonLuid
+ * @param[in] LogonLuid
* A logon ID represented as a LUID. This LUID is used to create
* our logon session and add it to the sessions database.
*
@@ -510,7 +510,7 @@ SepRmRemoveLogonSessionFromToken(
static
NTSTATUS
SepRmCreateLogonSession(
- PLUID LogonLuid)
+ _In_ PLUID LogonLuid)
{
PSEP_LOGON_SESSION_REFERENCES CurrentSession, NewSession;
NTSTATUS Status;
@@ -682,7 +682,7 @@ Leave:
* @brief
* References a logon session.
*
- * @param[in,out] LogonLuid
+ * @param[in] LogonLuid
* A valid LUID that points to the logon session in the database that
* we're going to reference it.
*
@@ -693,7 +693,7 @@ Leave:
*/
NTSTATUS
SepRmReferenceLogonSession(
- PLUID LogonLuid)
+ _In_ PLUID LogonLuid)
{
PSEP_LOGON_SESSION_REFERENCES CurrentSession;
@@ -996,7 +996,7 @@ AllocateLinksAgain:
* that means the session is no longer used and can be safely deleted
* from the logon sessions database.
*
- * @param[in,out] LogonLuid
+ * @param[in] LogonLuid
* A logon session ID to de-reference.
*
* @return
@@ -1006,7 +1006,7 @@ AllocateLinksAgain:
*/
NTSTATUS
SepRmDereferenceLogonSession(
- PLUID LogonLuid)
+ _In_ PLUID LogonLuid)
{
ULONG RefCount;
PDEVICE_MAP DeviceMap;
@@ -1224,7 +1224,7 @@ Cleanup:
VOID
NTAPI
SepRmCommandServerThread(
- PVOID StartContext)
+ _In_ PVOID StartContext)
{
SEP_RM_API_MESSAGE Message;
PPORT_MESSAGE ReplyMessage;
@@ -1345,9 +1345,8 @@ SepRmCommandServerThread(
NTSTATUS
NTAPI
SeGetLogonIdDeviceMap(
- IN PLUID LogonId,
- OUT PDEVICE_MAP * DeviceMap
- )
+ _In_ PLUID LogonId,
+ _Out_ PDEVICE_MAP *DeviceMap)
{
NTSTATUS Status;
WCHAR Buffer[63];
@@ -1571,7 +1570,7 @@ SeMarkLogonSessionForTerminationNotification(
NTSTATUS
NTAPI
SeRegisterLogonSessionTerminatedRoutine(
- IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
+ _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
{
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION Notification;
PAGED_CODE();
@@ -1620,7 +1619,7 @@ SeRegisterLogonSessionTerminatedRoutine(
NTSTATUS
NTAPI
SeUnregisterLogonSessionTerminatedRoutine(
- IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
+ _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine)
{
PSEP_LOGON_SESSION_TERMINATED_NOTIFICATION Current, Previous = NULL;
NTSTATUS Status;
diff --git a/ntoskrnl/se/token.c b/ntoskrnl/se/token.c
index 3dd0cb0fd6e..bef3d5a2bcf 100644
--- a/ntoskrnl/se/token.c
+++ b/ntoskrnl/se/token.c
@@ -611,7 +611,8 @@ SepRemovePrivilegeToken(
*/
VOID
NTAPI
-SepFreeProxyData(PVOID ProxyData)
+SepFreeProxyData(
+ _Inout_ PVOID ProxyData)
{
UNIMPLEMENTED;
}
@@ -624,7 +625,7 @@ SepFreeProxyData(PVOID ProxyData)
* @param[out] Dest
* The destination path where the proxy data is to be copied to.
*
- * @param[out] Src
+ * @param[in] Src
* The source path where the proxy data is be copied from.
*
* @return
@@ -632,8 +633,9 @@ SepFreeProxyData(PVOID ProxyData)
*/
NTSTATUS
NTAPI
-SepCopyProxyData(PVOID* Dest,
- PVOID Src)
+SepCopyProxyData(
+ _Out_ PVOID* Dest,
+ _In_ PVOID Src)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
@@ -744,7 +746,7 @@ SeExchangePrimaryToken(
* @brief
* Removes the primary token of a process.
*
- * @param[in, out] Process
+ * @param[in,out] Process
* The process instance with the access token to be removed.
*
* @return
@@ -752,7 +754,8 @@ SeExchangePrimaryToken(
*/
VOID
NTAPI
-SeDeassignPrimaryToken(PEPROCESS Process)
+SeDeassignPrimaryToken(
+ _Inout_ PEPROCESS Process)
{
PTOKEN OldToken;
@@ -780,8 +783,9 @@ SeDeassignPrimaryToken(PEPROCESS Process)
* Returns the total length of a SID size.
*/
static ULONG
-RtlLengthSidAndAttributes(ULONG Count,
- PSID_AND_ATTRIBUTES Src)
+RtlLengthSidAndAttributes(
+ _In_ ULONG Count,
+ _In_ PSID_AND_ATTRIBUTES Src)
{
ULONG i;
ULONG uLength;
@@ -1216,10 +1220,11 @@ Quit:
*/
NTSTATUS
NTAPI
-SeSubProcessToken(IN PTOKEN ParentToken,
- OUT PTOKEN *Token,
- IN BOOLEAN InUse,
- IN ULONG SessionId)
+SeSubProcessToken(
+ _In_ PTOKEN ParentToken,
+ _Out_ PTOKEN *Token,
+ _In_ BOOLEAN InUse,
+ _In_ ULONG SessionId)
{
PTOKEN NewToken;
OBJECT_ATTRIBUTES ObjectAttributes;
@@ -1275,8 +1280,9 @@ SeSubProcessToken(IN PTOKEN ParentToken,
*/
NTSTATUS
NTAPI
-SeIsTokenChild(IN PTOKEN Token,
- OUT PBOOLEAN IsChild)
+SeIsTokenChild(
+ _In_ PTOKEN Token,
+ _Out_ PBOOLEAN IsChild)
{
PTOKEN ProcessToken;
LUID ProcessTokenId, CallerParentId;
@@ -1323,8 +1329,9 @@ SeIsTokenChild(IN PTOKEN Token,
*/
NTSTATUS
NTAPI
-SeIsTokenSibling(IN PTOKEN Token,
- OUT PBOOLEAN IsSibling)
+SeIsTokenSibling(
+ _In_ PTOKEN Token,
+ _Out_ PBOOLEAN IsSibling)
{
PTOKEN ProcessToken;
LUID ProcessParentId, ProcessAuthId;
@@ -1382,10 +1389,11 @@ SeIsTokenSibling(IN PTOKEN Token,
*/
NTSTATUS
NTAPI
-SeCopyClientToken(IN PACCESS_TOKEN Token,
- IN SECURITY_IMPERSONATION_LEVEL Level,
- IN KPROCESSOR_MODE PreviousMode,
- OUT PACCESS_TOKEN* NewToken)
+SeCopyClientToken(
+ _In_ PACCESS_TOKEN Token,
+ _In_ SECURITY_IMPERSONATION_LEVEL Level,
+ _In_ KPROCESSOR_MODE PreviousMode,
+ _Out_ PACCESS_TOKEN* NewToken)
{
NTSTATUS Status;
OBJECT_ATTRIBUTES ObjectAttributes;
@@ -1423,7 +1431,8 @@ SeCopyClientToken(IN PACCESS_TOKEN Token,
*/
VOID
NTAPI
-SepDeleteToken(PVOID ObjectBody)
+SepDeleteToken(
+ _In_ PVOID ObjectBody)
{
NTSTATUS Status;
PTOKEN AccessToken = (PTOKEN)ObjectBody;
@@ -1503,8 +1512,9 @@ SepInitializeTokenImplementation(VOID)
*/
VOID
NTAPI
-SeAssignPrimaryToken(IN PEPROCESS Process,
- IN PTOKEN Token)
+SeAssignPrimaryToken(
+ _In_ PEPROCESS Process,
+ _In_ PTOKEN Token)
{
PAGED_CODE();
@@ -2180,12 +2190,13 @@ SepCreateSystemAnonymousLogonTokenNoEveryone(VOID)
*/
NTSTATUS
NTAPI
-SeFilterToken(IN PACCESS_TOKEN ExistingToken,
- IN ULONG Flags,
- IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
- IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
- IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
- OUT PACCESS_TOKEN * FilteredToken)
+SeFilterToken(
+ _In_ PACCESS_TOKEN ExistingToken,
+ _In_ ULONG Flags,
+ _In_opt_ PTOKEN_GROUPS SidsToDisable,
+ _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
+ _In_opt_ PTOKEN_GROUPS RestrictedSids,
+ _Out_ PACCESS_TOKEN * FilteredToken)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
@@ -2575,8 +2586,9 @@ SeQueryInformationToken(
*/
NTSTATUS
NTAPI
-SeQuerySessionIdToken(IN PACCESS_TOKEN Token,
- IN PULONG pSessionId)
+SeQuerySessionIdToken(
+ _In_ PACCESS_TOKEN Token,
+ _Out_ PULONG pSessionId)
{
PAGED_CODE();
@@ -2606,8 +2618,9 @@ SeQuerySessionIdToken(IN PACCESS_TOKEN Token,
*/
NTSTATUS
NTAPI
-SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token,
- OUT PLUID LogonId)
+SeQueryAuthenticationIdToken(
+ _In_ PACCESS_TOKEN Token,
+ _Out_ PLUID LogonId)
{
PAGED_CODE();
@@ -2628,7 +2641,8 @@ SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token,
*/
SECURITY_IMPERSONATION_LEVEL
NTAPI
-SeTokenImpersonationLevel(IN PACCESS_TOKEN Token)
+SeTokenImpersonationLevel(
+ _In_ PACCESS_TOKEN Token)
{
PAGED_CODE();
@@ -2646,8 +2660,10 @@ SeTokenImpersonationLevel(IN PACCESS_TOKEN Token)
* @return
* Returns the token type from a valid token.
*/
-TOKEN_TYPE NTAPI
-SeTokenType(IN PACCESS_TOKEN Token)
+TOKEN_TYPE
+NTAPI
+SeTokenType(
+ _In_ PACCESS_TOKEN Token)
{
PAGED_CODE();
@@ -2669,7 +2685,8 @@ SeTokenType(IN PACCESS_TOKEN Token)
*/
BOOLEAN
NTAPI
-SeTokenIsAdmin(IN PACCESS_TOKEN Token)
+SeTokenIsAdmin(
+ _In_ PACCESS_TOKEN Token)
{
PAGED_CODE();
@@ -2691,7 +2708,8 @@ SeTokenIsAdmin(IN PACCESS_TOKEN Token)
*/
BOOLEAN
NTAPI
-SeTokenIsRestricted(IN PACCESS_TOKEN Token)
+SeTokenIsRestricted(
+ _In_ PACCESS_TOKEN Token)
{
PAGED_CODE();
@@ -2715,7 +2733,8 @@ SeTokenIsRestricted(IN PACCESS_TOKEN Token)
*/
BOOLEAN
NTAPI
-SeTokenIsWriteRestricted(IN PACCESS_TOKEN Token)
+SeTokenIsWriteRestricted(
+ _In_ PACCESS_TOKEN Token)
{
PAGED_CODE();
@@ -4192,13 +4211,15 @@ NtDuplicateToken(
* @return
* To be added...
*/
-NTSTATUS NTAPI
-NtAdjustGroupsToken(IN HANDLE TokenHandle,
- IN BOOLEAN ResetToDefault,
- IN PTOKEN_GROUPS NewState,
- IN ULONG BufferLength,
- OUT PTOKEN_GROUPS PreviousState OPTIONAL,
- OUT PULONG ReturnLength)
+NTSTATUS
+NTAPI
+NtAdjustGroupsToken(
+ _In_ HANDLE TokenHandle,
+ _In_ BOOLEAN ResetToDefault,
+ _In_ PTOKEN_GROUPS NewState,
+ _In_ ULONG BufferLength,
+ _Out_opt_ PTOKEN_GROUPS PreviousState,
+ _Out_ PULONG ReturnLength)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
@@ -4946,11 +4967,12 @@ Cleanup:
*/
NTSTATUS
NTAPI
-NtOpenThreadTokenEx(IN HANDLE ThreadHandle,
- IN ACCESS_MASK DesiredAccess,
- IN BOOLEAN OpenAsSelf,
- IN ULONG HandleAttributes,
- OUT PHANDLE TokenHandle)
+NtOpenThreadTokenEx(
+ _In_ HANDLE ThreadHandle,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ BOOLEAN OpenAsSelf,
+ _In_ ULONG HandleAttributes,
+ _Out_ PHANDLE TokenHandle)
{
PETHREAD Thread;
HANDLE hToken;
@@ -5145,11 +5167,13 @@ NtOpenThreadTokenEx(IN HANDLE ThreadHandle,
* @return
* See NtOpenThreadTokenEx.
*/
-NTSTATUS NTAPI
-NtOpenThreadToken(IN HANDLE ThreadHandle,
- IN ACCESS_MASK DesiredAccess,
- IN BOOLEAN OpenAsSelf,
- OUT PHANDLE TokenHandle)
+NTSTATUS
+NTAPI
+NtOpenThreadToken(
+ _In_ HANDLE ThreadHandle,
+ _In_ ACCESS_MASK DesiredAccess,
+ _In_ BOOLEAN OpenAsSelf,
+ _Out_ PHANDLE TokenHandle)
{
return NtOpenThreadTokenEx(ThreadHandle, DesiredAccess, OpenAsSelf, 0,
TokenHandle);
@@ -5286,12 +5310,13 @@ NtCompareTokens(
*/
NTSTATUS
NTAPI
-NtFilterToken(IN HANDLE ExistingTokenHandle,
- IN ULONG Flags,
- IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
- IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
- IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
- OUT PHANDLE NewTokenHandle)
+NtFilterToken(
+ _In_ HANDLE ExistingTokenHandle,
+ _In_ ULONG Flags,
+ _In_opt_ PTOKEN_GROUPS SidsToDisable,
+ _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
+ _In_opt_ PTOKEN_GROUPS RestrictedSids,
+ _Out_ PHANDLE NewTokenHandle)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
diff --git a/sdk/include/ndk/sefuncs.h b/sdk/include/ndk/sefuncs.h
index 8907bbc4e51..6fcc96e7fe6 100644
--- a/sdk/include/ndk/sefuncs.h
+++ b/sdk/include/ndk/sefuncs.h
@@ -37,8 +37,7 @@ SeCaptureSecurityDescriptor(
_In_ KPROCESSOR_MODE CurrentMode,
_In_ POOL_TYPE PoolType,
_In_ BOOLEAN CaptureIfKernel,
- _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor
-);
+ _Out_ PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor);
NTKERNELAPI
NTSTATUS
@@ -46,8 +45,7 @@ NTAPI
SeReleaseSecurityDescriptor(
_In_ PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
_In_ KPROCESSOR_MODE CurrentMode,
- _In_ BOOLEAN CaptureIfKernelMode
-);
+ _In_ BOOLEAN CaptureIfKernelMode);
//
// Access States
@@ -56,18 +54,16 @@ NTKERNELAPI
NTSTATUS
NTAPI
SeCreateAccessState(
- PACCESS_STATE AccessState,
- PAUX_ACCESS_DATA AuxData,
- ACCESS_MASK Access,
- PGENERIC_MAPPING GenericMapping
-);
+ _In_ PACCESS_STATE AccessState,
+ _In_ PAUX_ACCESS_DATA AuxData,
+ _In_ ACCESS_MASK Access,
+ _In_ PGENERIC_MAPPING GenericMapping);
NTKERNELAPI
VOID
NTAPI
SeDeleteAccessState(
- _In_ PACCESS_STATE AccessState
-);
+ _In_ PACCESS_STATE AccessState);
//
// Impersonation
@@ -76,8 +72,7 @@ NTKERNELAPI
SECURITY_IMPERSONATION_LEVEL
NTAPI
SeTokenImpersonationLevel(
- _In_ PACCESS_TOKEN Token
-);
+ _In_ PACCESS_TOKEN Token);
#endif
@@ -95,8 +90,7 @@ NtAccessCheck(
_Out_ PPRIVILEGE_SET PrivilegeSet,
_Out_ PULONG ReturnLength,
_Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
+ _Out_ PNTSTATUS AccessStatus);
NTSTATUS
NTAPI
@@ -111,8 +105,7 @@ NtAccessCheckByType(
_In_ PPRIVILEGE_SET PrivilegeSet,
_Inout_ PULONG PrivilegeSetLength,
_Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
+ _Out_ PNTSTATUS AccessStatus);
NTSTATUS
NTAPI
@@ -127,8 +120,7 @@ NtAccessCheckByTypeResultList(
_In_ PPRIVILEGE_SET PrivilegeSet,
_Inout_ PULONG PrivilegeSetLength,
_Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
+ _Out_ PNTSTATUS AccessStatus);
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
@@ -145,8 +137,7 @@ NtAccessCheckAndAuditAlarm(
_In_ BOOLEAN ObjectCreation,
_Out_ PACCESS_MASK GrantedAccess,
_Out_ PNTSTATUS AccessStatus,
- _Out_ PBOOLEAN GenerateOnClose
-);
+ _Out_ PBOOLEAN GenerateOnClose);
_Must_inspect_result_
__kernel_entry
@@ -159,8 +150,7 @@ NtAdjustGroupsToken(
_In_opt_ PTOKEN_GROUPS NewState,
_In_opt_ ULONG BufferLength,
_Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
- _Out_ PULONG ReturnLength
-);
+ _Out_ PULONG ReturnLength);
_Must_inspect_result_
__kernel_entry
@@ -173,25 +163,22 @@ NtAdjustPrivilegesToken(
_In_opt_ PTOKEN_PRIVILEGES NewState,
_In_ ULONG BufferLength,
_Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES
PreviousState,
- _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
-);
+ _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
NTSYSCALLAPI
NTSTATUS
NTAPI
NtAllocateLocallyUniqueId(
- _Out_ LUID *LocallyUniqueId
-);
+ _Out_ LUID *LocallyUniqueId);
NTSYSCALLAPI
NTSTATUS
NTAPI
NtAllocateUuids(
- PULARGE_INTEGER Time,
- PULONG Range,
- PULONG Sequence,
- PUCHAR Seed
-);
+ _Out_ PULARGE_INTEGER Time,
+ _Out_ PULONG Range,
+ _Out_ PULONG Sequence,
+ _Out_ PUCHAR Seed);
NTSYSCALLAPI
NTSTATUS
@@ -218,8 +205,7 @@ NtCreateToken(
_In_opt_ PTOKEN_OWNER TokenOwner,
_In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
_In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
- _In_ PTOKEN_SOURCE TokenSource
-);
+ _In_ PTOKEN_SOURCE TokenSource);
_Must_inspect_result_
__kernel_entry
@@ -232,15 +218,13 @@ NtDuplicateToken(
_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
_In_ BOOLEAN EffectiveOnly,
_In_ TOKEN_TYPE TokenType,
- _Out_ PHANDLE NewTokenHandle
-);
+ _Out_ PHANDLE NewTokenHandle);
NTSYSCALLAPI
NTSTATUS
NTAPI
NtImpersonateAnonymousToken(
- _In_ HANDLE ThreadHandle
-);
+ _In_ HANDLE ThreadHandle);
__kernel_entry
NTSYSCALLAPI
@@ -258,8 +242,7 @@ NtOpenObjectAuditAlarm(
_In_opt_ PPRIVILEGE_SET Privileges,
_In_ BOOLEAN ObjectCreation,
_In_ BOOLEAN AccessGranted,
- _Out_ PBOOLEAN GenerateOnClose
-);
+ _Out_ PBOOLEAN GenerateOnClose);
NTSYSCALLAPI
NTSTATUS
@@ -268,8 +251,7 @@ NtOpenProcessTokenEx(
_In_ HANDLE ProcessHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ ULONG HandleAttributes,
- _Out_ PHANDLE TokenHandle
-);
+ _Out_ PHANDLE TokenHandle);
_Must_inspect_result_
__kernel_entry
@@ -279,8 +261,7 @@ NTAPI
NtPrivilegeCheck(
_In_ HANDLE ClientToken,
_Inout_ PPRIVILEGE_SET RequiredPrivileges,
- _Out_ PBOOLEAN Result
-);
+ _Out_ PBOOLEAN Result);
NTSYSCALLAPI
NTSTATUS
@@ -290,8 +271,7 @@ NtPrivilegedServiceAuditAlarm(
_In_ PUNICODE_STRING ServiceName,
_In_ HANDLE ClientToken,
_In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
+ _In_ BOOLEAN AccessGranted);
__kernel_entry
NTSYSCALLAPI
@@ -303,8 +283,7 @@ NtPrivilegeObjectAuditAlarm(
_In_ HANDLE ClientToken,
_In_ ACCESS_MASK DesiredAccess,
_In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
+ _In_ BOOLEAN AccessGranted);
_When_(TokenInformationClass == TokenAccessInformation,
_At_(TokenInformationLength, _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
@@ -318,8 +297,7 @@ NtQueryInformationToken(
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID
TokenInformation,
_In_ ULONG TokenInformationLength,
- _Out_ PULONG ReturnLength
-);
+ _Out_ PULONG ReturnLength);
_Must_inspect_result_
__kernel_entry
@@ -330,8 +308,7 @@ NtSetInformationToken(
_In_ HANDLE TokenHandle,
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
- _In_ ULONG TokenInformationLength
-);
+ _In_ ULONG TokenInformationLength);
NTSYSAPI
NTSTATUS
@@ -344,8 +321,7 @@ ZwAccessCheck(
_Out_ PPRIVILEGE_SET PrivilegeSet,
_Out_ PULONG ReturnLength,
_Out_ PACCESS_MASK GrantedAccess,
- _Out_ PNTSTATUS AccessStatus
-);
+ _Out_ PNTSTATUS AccessStatus);
NTSYSAPI
NTSTATUS
@@ -356,8 +332,7 @@ ZwAdjustGroupsToken(
_In_ PTOKEN_GROUPS NewState,
_In_ ULONG BufferLength,
_Out_opt_ PTOKEN_GROUPS PreviousState,
- _Out_ PULONG ReturnLength
-);
+ _Out_ PULONG ReturnLength);
_Must_inspect_result_
NTSYSAPI
@@ -369,25 +344,22 @@ ZwAdjustPrivilegesToken(
_In_opt_ PTOKEN_PRIVILEGES NewState,
_In_ ULONG BufferLength,
_Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES
PreviousState,
- _When_(PreviousState != NULL, _Out_) PULONG ReturnLength
-);
+ _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
NTSYSAPI
NTSTATUS
NTAPI
ZwAllocateLocallyUniqueId(
- _Out_ LUID *LocallyUniqueId
-);
+ _Out_ LUID *LocallyUniqueId);
NTSYSAPI
NTSTATUS
NTAPI
ZwAllocateUuids(
- PULARGE_INTEGER Time,
- PULONG Range,
- PULONG Sequence,
- PUCHAR Seed
-);
+ _Out_ PULARGE_INTEGER Time,
+ _Out_ PULONG Range,
+ _Out_ PULONG Sequence,
+ _Out_ PUCHAR Seed);
NTSYSAPI
NTSTATUS
@@ -405,8 +377,7 @@ ZwCreateToken(
_In_ PTOKEN_OWNER TokenOwner,
_In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
_In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl,
- _In_ PTOKEN_SOURCE TokenSource
-);
+ _In_ PTOKEN_SOURCE TokenSource);
_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
@@ -418,15 +389,13 @@ ZwDuplicateToken(
_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
_In_ BOOLEAN EffectiveOnly,
_In_ TOKEN_TYPE TokenType,
- _Out_ PHANDLE NewTokenHandle
-);
+ _Out_ PHANDLE NewTokenHandle);
NTSYSAPI
NTSTATUS
NTAPI
ZwImpersonateAnonymousToken(
- _In_ HANDLE Thread
-);
+ _In_ HANDLE Thread);
NTSYSAPI
NTSTATUS
@@ -443,8 +412,7 @@ ZwOpenObjectAuditAlarm(
_In_ PPRIVILEGE_SET Privileges,
_In_ BOOLEAN ObjectCreation,
_In_ BOOLEAN AccessGranted,
- _Out_ PBOOLEAN GenerateOnClose
-);
+ _Out_ PBOOLEAN GenerateOnClose);
_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
@@ -453,8 +421,7 @@ NTAPI
ZwOpenProcessToken(
_In_ HANDLE ProcessHandle,
_In_ ACCESS_MASK DesiredAccess,
- _Out_ PHANDLE TokenHandle
-);
+ _Out_ PHANDLE TokenHandle);
NTSYSAPI
NTSTATUS
@@ -463,8 +430,7 @@ ZwOpenProcessTokenEx(
_In_ HANDLE ProcessHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ ULONG HandleAttributes,
- _Out_ PHANDLE TokenHandle
-);
+ _Out_ PHANDLE TokenHandle);
NTSYSAPI
NTSTATUS
@@ -472,8 +438,7 @@ NTAPI
ZwPrivilegeCheck(
_In_ HANDLE ClientToken,
_In_ PPRIVILEGE_SET RequiredPrivileges,
- _In_ PBOOLEAN Result
-);
+ _In_ PBOOLEAN Result);
NTSYSAPI
NTSTATUS
@@ -483,8 +448,7 @@ ZwPrivilegedServiceAuditAlarm(
_In_ PUNICODE_STRING ServiceName,
_In_ HANDLE ClientToken,
_In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
+ _In_ BOOLEAN AccessGranted);
NTSYSAPI
NTSTATUS
@@ -495,8 +459,7 @@ ZwPrivilegeObjectAuditAlarm(
_In_ HANDLE ClientToken,
_In_ ULONG DesiredAccess,
_In_ PPRIVILEGE_SET Privileges,
- _In_ BOOLEAN AccessGranted
-);
+ _In_ BOOLEAN AccessGranted);
_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
@@ -507,8 +470,7 @@ ZwQueryInformationToken(
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
_In_ ULONG Length,
- _Out_ PULONG ResultLength
-);
+ _Out_ PULONG ResultLength);
NTSYSAPI
NTSTATUS
@@ -517,6 +479,6 @@ ZwSetInformationToken(
_In_ HANDLE TokenHandle,
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_Out_ PVOID TokenInformation,
- _In_ ULONG TokenInformationLength
-);
+ _In_ ULONG TokenInformationLength);
+
#endif