include/ddk/setypes.h

   1 /* $Id$
   2  *
   3  * COPYRIGHT:         See COPYING in the top level directory for details
   4  * PROJECT:           ReactOS kernel
   5  * FILE:              include/ddk/setypes.h
   6  * PURPOSE:           Security manager types
   7  * REVISION HISTORY:
   8  *                 ??/??/??:    Created with empty stubs by David Welch
   9  *                 29/08/98:    ACCESS_TOKEN definition from Boudewijn Dekker
  10  */
  11
  12 #ifndef __INCLUDE_DDK_SETYPES_H
  13 #define __INCLUDE_DDK_SETYPES_H
  14
  15 #include <ntos/security.h>
  16
  17 /* TOKEN_GROUPS structure */
  18 #define SE_GROUP_MANDATORY      (0x1L)
  19 #define SE_GROUP_ENABLED_BY_DEFAULT     (0x2L)
  20 #define SE_GROUP_ENABLED        (0x4L)
  21 #define SE_GROUP_OWNER  (0x8L)
  22 #define SE_GROUP_LOGON_ID       (0xc0000000L)
  23
  24 /* ACL Defines */
  25 #define ACL_REVISION  (2)
  26
  27 /* ACE_HEADER structure */
  28 #define ACCESS_ALLOWED_ACE_TYPE      (0x0)
  29 #define ACCESS_DENIED_ACE_TYPE       (0x1)
  30 #define SYSTEM_AUDIT_ACE_TYPE        (0x2)
  31 #define SYSTEM_ALARM_ACE_TYPE        (0x3)
  32
  33 /* ACE flags in the ACE_HEADER structure */
  34 #define OBJECT_INHERIT_ACE           (0x1)
  35 #define CONTAINER_INHERIT_ACE        (0x2)
  36 #define NO_PROPAGATE_INHERIT_ACE     (0x4)
  37 #define INHERIT_ONLY_ACE             (0x8)
  38 #define SUCCESSFUL_ACCESS_ACE_FLAG   (0x40)
  39 #define FAILED_ACCESS_ACE_FLAG       (0x80)
  40
  41 /* SECURITY_DESCRIPTOR_CONTROL */
  42 #define SECURITY_DESCRIPTOR_REVISION    (1)
  43 #define SECURITY_DESCRIPTOR_MIN_LENGTH  (20)
  44 #define SE_OWNER_DEFAULTED      (1)
  45 #define SE_GROUP_DEFAULTED      (2)
  46 #define SE_DACL_PRESENT (4)
  47 #define SE_DACL_DEFAULTED       (8)
  48 #define SE_SACL_PRESENT (16)
  49 #define SE_SACL_DEFAULTED       (32)
  50 #define SE_SELF_RELATIVE        (32768)
  51
  52 /* PRIVILEGE_SET */
  53 #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L)
  54 #define SE_PRIVILEGE_ENABLED    (0x2L)
  55 #define SE_PRIVILEGE_USED_FOR_ACCESS    (0x80000000L)
  56 #define PRIVILEGE_SET_ALL_NECESSARY     (0x1)
  57
  58 typedef struct _ACCESS_TOKEN
  59 {
  60   TOKEN_SOURCE                  TokenSource;               // 0x00
  61   LUID                          TokenId;                   // 0x10
  62   LUID                          AuthenticationId;          // 0x18
  63   LARGE_INTEGER                 ExpirationTime;            // 0x20
  64   LUID                          ModifiedId;                // 0x28
  65   ULONG                         UserAndGroupCount;         // 0x30
  66   ULONG                         PrivilegeCount;            // 0x34
  67   ULONG                         VariableLength;            // 0x38
  68   ULONG                         DynamicCharged;            // 0x3C
  69   ULONG                         DynamicAvailable;          // 0x40
  70   ULONG                         DefaultOwnerIndex;         // 0x44
  71   PSID_AND_ATTRIBUTES           UserAndGroups;             // 0x48
  72   PSID                          PrimaryGroup;              // 0x4C
  73   PLUID_AND_ATTRIBUTES          Privileges;                // 0x50
  74   ULONG                         Unknown1;                  // 0x54
  75   PACL                          DefaultDacl;               // 0x58
  76   TOKEN_TYPE                    TokenType;                 // 0x5C
  77   SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel;        // 0x60
  78   UCHAR                         TokenFlags;                // 0x64
  79   UCHAR                         TokenInUse;                // 0x65
  80   UCHAR                         Unused[2];                 // 0x66
  81   PVOID                         ProxyData;                 // 0x68
  82   PVOID                         AuditData;                 // 0x6c
  83   UCHAR                         VariablePart[0];           // 0x70
  84 } ACCESS_TOKEN, *PACCESS_TOKEN;
  85
  86
  87 typedef struct _SECURITY_SUBJECT_CONTEXT
  88 {
  89   PACCESS_TOKEN ClientToken;                              // 0x0
  90   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;        // 0x4
  91   PACCESS_TOKEN PrimaryToken;                             // 0x8
  92   PVOID ProcessAuditId;                                   // 0xC
  93 } SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
  94
  95
  96 typedef struct _SECURITY_CLIENT_CONTEXT
  97 {
  98   SECURITY_QUALITY_OF_SERVICE SecurityQos;      // 0x00
  99   PACCESS_TOKEN Token;                          // 0x0C
 100   BOOLEAN DirectlyAccessClientToken;            // 0x10
 101   BOOLEAN DirectAccessEffectiveOnly;            // 0x11
 102   BOOLEAN ServerIsRemote;                       // 0x12
 103   TOKEN_CONTROL ClientTokenControl;             // 0x14
 104 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
 105
 106
 107 typedef struct _SE_EXPORTS
 108 {
 109   /* Privilege values */
 110   LUID SeCreateTokenPrivilege;
 111   LUID SeAssignPrimaryTokenPrivilege;
 112   LUID SeLockMemoryPrivilege;
 113   LUID SeIncreaseQuotaPrivilege;
 114   LUID SeUnsolicitedInputPrivilege;
 115   LUID SeTcbPrivilege;
 116   LUID SeSecurityPrivilege;
 117   LUID SeTakeOwnershipPrivilege;
 118   LUID SeLoadDriverPrivilege;
 119   LUID SeCreatePagefilePrivilege;
 120   LUID SeIncreaseBasePriorityPrivilege;
 121   LUID SeSystemProfilePrivilege;
 122   LUID SeSystemtimePrivilege;
 123   LUID SeProfileSingleProcessPrivilege;
 124   LUID SeCreatePermanentPrivilege;
 125   LUID SeBackupPrivilege;
 126   LUID SeRestorePrivilege;
 127   LUID SeShutdownPrivilege;
 128   LUID SeDebugPrivilege;
 129   LUID SeAuditPrivilege;
 130   LUID SeSystemEnvironmentPrivilege;
 131   LUID SeChangeNotifyPrivilege;
 132   LUID SeRemoteShutdownPrivilege;
 133
 134   /* Universally defined SIDs */
 135   PSID SeNullSid;
 136   PSID SeWorldSid;
 137   PSID SeLocalSid;
 138   PSID SeCreatorOwnerSid;
 139   PSID SeCreatorGroupSid;
 140
 141   /* Nt defined SIDs */
 142   PSID SeNtAuthoritySid;
 143   PSID SeDialupSid;
 144   PSID SeNetworkSid;
 145   PSID SeBatchSid;
 146   PSID SeInteractiveSid;
 147   PSID SeLocalSystemSid;
 148   PSID SeAliasAdminsSid;
 149   PSID SeAliasUsersSid;
 150   PSID SeAliasGuestsSid;
 151   PSID SeAliasPowerUsersSid;
 152   PSID SeAliasAccountOpsSid;
 153   PSID SeAliasSystemOpsSid;
 154   PSID SeAliasPrintOpsSid;
 155   PSID SeAliasBackupOpsSid;
 156 } SE_EXPORTS, *PSE_EXPORTS;
 157
 158 #define INITIAL_PRIVILEGE_COUNT         3
 159
 160 typedef struct _INITIAL_PRIVILEGE_SET
 161 {
 162   ULONG PrivilegeCount;
 163   ULONG Control;
 164   LUID_AND_ATTRIBUTES Privilege[INITIAL_PRIVILEGE_COUNT];
 165 } INITIAL_PRIVILEGE_SET, *PINITIAL_PRIVILEGE_SET;
 166
 167
 168 typedef NTSTATUS STDCALL
 169 (*PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId);
 170
 171 #endif
 172
 173 /* EOF */