[akhaldi] 46120: [NTIFS] - Group related definitions - Add ExInitializePushLock, SeReportSecurityEventWithSubCategory, SeAccessCheckFromState, SeStopImpersonatingClient and TOKEN_* definitions - Update SE_EXPORTS - Ros-diffs

11 Mar 2010

Author: akhaldi
Date: Thu Mar 11 23:33:08 2010
New Revision: 46120
URL: http://svn.reactos.org/svn/reactos?rev=46120&view=rev
Log:
[NTIFS]
- Group related definitions
- Add ExInitializePushLock, SeReportSecurityEventWithSubCategory, SeAccessCheckFromState, SeStopImpersonatingClient and TOKEN_* definitions
- Update SE_EXPORTS
Modified:
    branches/header-work/include/ddk/ntifs.h
Modified: branches/header-work/include/ddk/ntifs.h
URL: http://svn.reactos.org/svn/reactos/branches/header-work/include/ddk/ntifs.h?...
==============================================================================

--- branches/header-work/include/ddk/ntifs.h [iso-8859-1] (original)
+++ branches/header-work/include/ddk/ntifs.h [iso-8859-1] Thu Mar 11 23:33:08 2010
@@ -4972,6 +4972,10 @@
 #define EX_PUSH_LOCK ULONG_PTR
 #define PEX_PUSH_LOCK PULONG_PTR
+VOID
+ExInitializePushLock (
+  OUT PEX_PUSH_LOCK PushLock);
+
 #if (NTDDI_VERSION >= NTDDI_WINXP)
 PSLIST_ENTRY
 FASTCALL
@@ -4999,6 +5003,176 @@
 #endif
 /* #endif */
+#define TOKEN_HAS_TRAVERSE_PRIVILEGE    0x0001
+#define TOKEN_HAS_BACKUP_PRIVILEGE      0x0002
+#define TOKEN_HAS_RESTORE_PRIVILEGE     0x0004
+#define TOKEN_WRITE_RESTRICTED          0x0008
+#define TOKEN_IS_RESTRICTED             0x0010
+#define TOKEN_SESSION_NOT_REFERENCED    0x0020
+#define TOKEN_SANDBOX_INERT             0x0040
+#define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
+#define SE_BACKUP_PRIVILEGES_CHECKED    0x0100
+#define TOKEN_VIRTUALIZE_ALLOWED        0x0200
+#define TOKEN_VIRTUALIZE_ENABLED        0x0400
+#define TOKEN_IS_FILTERED               0x0800
+#define TOKEN_UIACCESS                  0x1000
+#define TOKEN_NOT_LOW                   0x2000
+
+typedef struct _SE_EXPORTS {
+  LUID SeCreateTokenPrivilege;
+  LUID SeAssignPrimaryTokenPrivilege;
+  LUID SeLockMemoryPrivilege;
+  LUID SeIncreaseQuotaPrivilege;
+  LUID SeUnsolicitedInputPrivilege;
+  LUID SeTcbPrivilege;
+  LUID SeSecurityPrivilege;
+  LUID SeTakeOwnershipPrivilege;
+  LUID SeLoadDriverPrivilege;
+  LUID SeCreatePagefilePrivilege;
+  LUID SeIncreaseBasePriorityPrivilege;
+  LUID SeSystemProfilePrivilege;
+  LUID SeSystemtimePrivilege;
+  LUID SeProfileSingleProcessPrivilege;
+  LUID SeCreatePermanentPrivilege;
+  LUID SeBackupPrivilege;
+  LUID SeRestorePrivilege;
+  LUID SeShutdownPrivilege;
+  LUID SeDebugPrivilege;
+  LUID SeAuditPrivilege;
+  LUID SeSystemEnvironmentPrivilege;
+  LUID SeChangeNotifyPrivilege;
+  LUID SeRemoteShutdownPrivilege;
+  PSID SeNullSid;
+  PSID SeWorldSid;
+  PSID SeLocalSid;
+  PSID SeCreatorOwnerSid;
+  PSID SeCreatorGroupSid;
+  PSID SeNtAuthoritySid;
+  PSID SeDialupSid;
+  PSID SeNetworkSid;
+  PSID SeBatchSid;
+  PSID SeInteractiveSid;
+  PSID SeLocalSystemSid;
+  PSID SeAliasAdminsSid;
+  PSID SeAliasUsersSid;
+  PSID SeAliasGuestsSid;
+  PSID SeAliasPowerUsersSid;
+  PSID SeAliasAccountOpsSid;
+  PSID SeAliasSystemOpsSid;
+  PSID SeAliasPrintOpsSid;
+  PSID SeAliasBackupOpsSid;
+  PSID SeAuthenticatedUsersSid;
+  PSID SeRestrictedSid;
+  PSID SeAnonymousLogonSid;
+  LUID SeUndockPrivilege;
+  LUID SeSyncAgentPrivilege;
+  LUID SeEnableDelegationPrivilege;
+  PSID SeLocalServiceSid;
+  PSID SeNetworkServiceSid;
+  LUID SeManageVolumePrivilege;
+  LUID SeImpersonatePrivilege;
+  LUID SeCreateGlobalPrivilege;
+  LUID SeTrustedCredManAccessPrivilege;
+  LUID SeRelabelPrivilege;
+  LUID SeIncreaseWorkingSetPrivilege;
+  LUID SeTimeZonePrivilege;
+  LUID SeCreateSymbolicLinkPrivilege;
+  PSID SeIUserSid;
+  PSID SeUntrustedMandatorySid;
+  PSID SeLowMandatorySid;
+  PSID SeMediumMandatorySid;
+  PSID SeHighMandatorySid;
+  PSID SeSystemMandatorySid;
+  PSID SeOwnerRightsSid;
+} SE_EXPORTS, *PSE_EXPORTS;
+
+typedef NTSTATUS
+(NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
+  IN PLUID LogonId);
+
+#define SeLengthSid( Sid ) \
+    (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
+
+#define SeDeleteClientSecurity(C)  {                                           \
+            if (SeTokenType((C)->ClientToken) == TokenPrimary) {               \
+                PsDereferencePrimaryToken( (C)->ClientToken );                 \
+            } else {                                                           \
+                PsDereferenceImpersonationToken( (C)->ClientToken );           \
+            }                                                                  \
+}
+
+#define SeStopImpersonatingClient() PsRevertToSelf()
+
+#define SeQuerySubjectContextToken( SubjectContext )                \
+    ( ARGUMENT_PRESENT(                                             \
+        ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken   \
+        ) ?                                                         \
+    ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken :     \
+    ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
+
+#if (NTDDI_VERSION >= NTDDI_WIN2K)
+
+NTKERNELAPI
+VOID
+NTAPI
+SeCaptureSubjectContext(
+  OUT PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTKERNELAPI
+VOID
+NTAPI
+SeLockSubjectContext(
+  IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTKERNELAPI
+VOID
+NTAPI
+SeUnlockSubjectContext(
+  IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTKERNELAPI
+VOID
+NTAPI
+SeReleaseSubjectContext(
+  IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTKERNELAPI
+BOOLEAN
+NTAPI
+SePrivilegeCheck(
+  IN OUT PPRIVILEGE_SET RequiredPrivileges,
+  IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
+  IN KPROCESSOR_MODE AccessMode);
+
+#endif
+
+NTSTATUS
+NTAPI
+SeReportSecurityEventWithSubCategory(
+  IN ULONG Flags,
+  IN PUNICODE_STRING SourceName,
+  IN PSID UserSid OPTIONAL,
+  IN PSE_ADT_PARAMETER_ARRAY AuditParameters,
+  IN ULONG AuditSubcategoryId);
+
+BOOLEAN
+SeAccessCheckFromState(
+  IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+  IN PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
+  IN PTOKEN_ACCESS_INFORMATION ClientTokenInformation OPTIONAL,
+  IN ACCESS_MASK DesiredAccess,
+  IN ACCESS_MASK PreviouslyGrantedAccess,
+  OUT PPRIVILEGE_SET *Privileges OPTIONAL,
+  IN PGENERIC_MAPPING GenericMapping,
+  IN KPROCESSOR_MODE AccessMode,
+  OUT PACCESS_MASK GrantedAccess,
+  OUT PNTSTATUS AccessStatus);
+
+NTKERNELAPI
+VOID
+NTAPI
+SeFreePrivileges(
+  IN PPRIVILEGE_SET Privileges);
#pragma pack(push,4)
@@ -5147,13 +5321,7 @@
/* end winnt.h */
-#define TOKEN_HAS_TRAVERSE_PRIVILEGE    0x01
-#define TOKEN_HAS_BACKUP_PRIVILEGE      0x02
-#define TOKEN_HAS_RESTORE_PRIVILEGE     0x04
 #define TOKEN_HAS_ADMIN_GROUP           0x08
-#define TOKEN_WRITE_RESTRICTED          0x08
-#define TOKEN_IS_RESTRICTED             0x10
-#define SE_BACKUP_PRIVILEGES_CHECKED    0x0100
#define VACB_MAPPING_GRANULARITY        (0x40000)
 #define VACB_OFFSET_SHIFT               (18)
@@ -5845,64 +6013,6 @@
     LPC_PVOID ViewBase;
 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
-typedef struct _SE_EXPORTS {
-
-    LUID    SeCreateTokenPrivilege;
-    LUID    SeAssignPrimaryTokenPrivilege;
-    LUID    SeLockMemoryPrivilege;
-    LUID    SeIncreaseQuotaPrivilege;
-    LUID    SeUnsolicitedInputPrivilege;
-    LUID    SeTcbPrivilege;
-    LUID    SeSecurityPrivilege;
-    LUID    SeTakeOwnershipPrivilege;
-    LUID    SeLoadDriverPrivilege;
-    LUID    SeCreatePagefilePrivilege;
-    LUID    SeIncreaseBasePriorityPrivilege;
-    LUID    SeSystemProfilePrivilege;
-    LUID    SeSystemtimePrivilege;
-    LUID    SeProfileSingleProcessPrivilege;
-    LUID    SeCreatePermanentPrivilege;
-    LUID    SeBackupPrivilege;
-    LUID    SeRestorePrivilege;
-    LUID    SeShutdownPrivilege;
-    LUID    SeDebugPrivilege;
-    LUID    SeAuditPrivilege;
-    LUID    SeSystemEnvironmentPrivilege;
-    LUID    SeChangeNotifyPrivilege;
-    LUID    SeRemoteShutdownPrivilege;
-
-    PSID    SeNullSid;
-    PSID    SeWorldSid;
-    PSID    SeLocalSid;
-    PSID    SeCreatorOwnerSid;
-    PSID    SeCreatorGroupSid;
-
-    PSID    SeNtAuthoritySid;
-    PSID    SeDialupSid;
-    PSID    SeNetworkSid;
-    PSID    SeBatchSid;
-    PSID    SeInteractiveSid;
-    PSID    SeLocalSystemSid;
-    PSID    SeAliasAdminsSid;
-    PSID    SeAliasUsersSid;
-    PSID    SeAliasGuestsSid;
-    PSID    SeAliasPowerUsersSid;
-    PSID    SeAliasAccountOpsSid;
-    PSID    SeAliasSystemOpsSid;
-    PSID    SeAliasPrintOpsSid;
-    PSID    SeAliasBackupOpsSid;
-
-    PSID    SeAuthenticatedUsersSid;
-
-    PSID    SeRestrictedSid;
-    PSID    SeAnonymousLogonSid;
-
-    LUID    SeUndockPrivilege;
-    LUID    SeSyncAgentPrivilege;
-    LUID    SeEnableDelegationPrivilege;
-
-} SE_EXPORTS, *PSE_EXPORTS;
-
 extern PSE_EXPORTS SeExports;
typedef struct _TUNNEL {
@@ -8387,13 +8497,6 @@
 );
NTKERNELAPI
-VOID
-NTAPI
-SeCaptureSubjectContext (
-    OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
-);
-
-NTKERNELAPI
 NTSTATUS
 NTAPI
 SeCreateClientSecurity (
@@ -8417,18 +8520,6 @@
#endif /* (VER_PRODUCTBUILD >= 2195) */
-
-#define SeLengthSid( Sid ) \
-    (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
-
-#define SeDeleteClientSecurity(C)  {                                           \
-            if (SeTokenType((C)->ClientToken) == TokenPrimary) {               \
-                PsDereferencePrimaryToken( (C)->ClientToken );                 \
-            } else {                                                           \
-                PsDereferenceImpersonationToken( (C)->ClientToken );           \
-            }                                                                  \
-}
-
 NTKERNELAPI
 VOID
 NTAPI
@@ -8442,13 +8533,6 @@
 NTKERNELAPI
 VOID
 NTAPI
-SeFreePrivileges (
-    IN PPRIVILEGE_SET Privileges
-);
-
-NTKERNELAPI
-VOID
-NTAPI
 SeImpersonateClient (
     IN PSECURITY_CLIENT_CONTEXT ClientContext,
     IN PETHREAD                 ServerThread OPTIONAL
@@ -8465,13 +8549,6 @@
 );
#endif /* (VER_PRODUCTBUILD >= 2195) */
-
-NTKERNELAPI
-VOID
-NTAPI
-SeLockSubjectContext (
-    IN PSECURITY_SUBJECT_CONTEXT SubjectContext
-);
NTKERNELAPI
 NTSTATUS
@@ -8511,15 +8588,6 @@
 );
NTKERNELAPI
-BOOLEAN
-NTAPI
-SePrivilegeCheck (
-    IN OUT PPRIVILEGE_SET           RequiredPrivileges,
-    IN PSECURITY_SUBJECT_CONTEXT    SubjectContext,
-    IN KPROCESSOR_MODE              AccessMode
-);
-
-NTKERNELAPI
 NTSTATUS
 NTAPI
 SeQueryAuthenticationIdToken (
@@ -8562,29 +8630,11 @@
#endif /* (VER_PRODUCTBUILD >= 2195) */
-#define SeQuerySubjectContextToken( SubjectContext )                \
-    ( ARGUMENT_PRESENT(                                             \
-        ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken   \
-        ) ?                                                         \
-    ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken :     \
-    ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
-
-typedef NTSTATUS (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE) (
-    IN PLUID LogonId
-);
-
 NTKERNELAPI
 NTSTATUS
 NTAPI
 SeRegisterLogonSessionTerminatedRoutine (
     IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
-);
-
-NTKERNELAPI
-VOID
-NTAPI
-SeReleaseSubjectContext (
-    IN PSECURITY_SUBJECT_CONTEXT SubjectContext
 );
NTKERNELAPI
@@ -8651,13 +8701,6 @@
 NTAPI
 SeTokenType (
     IN PACCESS_TOKEN Token
-);
-
-NTKERNELAPI
-VOID
-NTAPI
-SeUnlockSubjectContext (
-    IN PSECURITY_SUBJECT_CONTEXT SubjectContext
 );
NTKERNELAPI

    