update for HEAD-2003091401

[reactos.git] / include / ddk / setypes.h

/* $Id$
 *
 * COPYRIGHT:         See COPYING in the top level directory for details
 * PROJECT:           ReactOS kernel
 * FILE:              include/ddk/setypes.h
 * PURPOSE:           Security manager types
 * REVISION HISTORY:
 *                 ??/??/??:    Created with empty stubs by David Welch
 *                 29/08/98:    ACCESS_TOKEN definition from Boudewijn Dekker
 */

#ifndef __INCLUDE_DDK_SETYPES_H
#define __INCLUDE_DDK_SETYPES_H

#include <ntos/security.h>

/* TOKEN_GROUPS structure */
#define SE_GROUP_MANDATORY      (0x1L)
#define SE_GROUP_ENABLED_BY_DEFAULT     (0x2L)
#define SE_GROUP_ENABLED        (0x4L)
#define SE_GROUP_OWNER  (0x8L)
#define SE_GROUP_LOGON_ID       (0xc0000000L)

/* ACL Defines */
#define ACL_REVISION  (2)

/* ACE_HEADER structure */
#define ACCESS_ALLOWED_ACE_TYPE      (0x0)
#define ACCESS_DENIED_ACE_TYPE       (0x1)
#define SYSTEM_AUDIT_ACE_TYPE        (0x2)
#define SYSTEM_ALARM_ACE_TYPE        (0x3)

/* ACE flags in the ACE_HEADER structure */
#define OBJECT_INHERIT_ACE           (0x1)
#define CONTAINER_INHERIT_ACE        (0x2)
#define NO_PROPAGATE_INHERIT_ACE     (0x4)
#define INHERIT_ONLY_ACE             (0x8)
#define SUCCESSFUL_ACCESS_ACE_FLAG   (0x40)
#define FAILED_ACCESS_ACE_FLAG       (0x80)

/* SECURITY_DESCRIPTOR_CONTROL */
#define SECURITY_DESCRIPTOR_REVISION    (1)
#define SECURITY_DESCRIPTOR_MIN_LENGTH  (20)
#define SE_OWNER_DEFAULTED      (1)
#define SE_GROUP_DEFAULTED      (2)
#define SE_DACL_PRESENT (4)
#define SE_DACL_DEFAULTED       (8)
#define SE_SACL_PRESENT (16)
#define SE_SACL_DEFAULTED       (32)
#define SE_SELF_RELATIVE        (32768)

/* PRIVILEGE_SET */
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L)
#define SE_PRIVILEGE_ENABLED    (0x2L)
#define SE_PRIVILEGE_USED_FOR_ACCESS    (0x80000000L)
#define PRIVILEGE_SET_ALL_NECESSARY     (0x1)

typedef struct _ACCESS_TOKEN
{
  TOKEN_SOURCE                  TokenSource;               /* 0x00 */
  LUID                          TokenId;                   /* 0x10 */
  LUID                          AuthenticationId;          /* 0x18 */
  LARGE_INTEGER                 ExpirationTime;            /* 0x20 */
  LUID                          ModifiedId;                /* 0x28 */
  ULONG                         UserAndGroupCount;         /* 0x30 */
  ULONG                         PrivilegeCount;            /* 0x34 */
  ULONG                         VariableLength;            /* 0x38 */
  ULONG                         DynamicCharged;            /* 0x3C */
  ULONG                         DynamicAvailable;          /* 0x40 */
  ULONG                         DefaultOwnerIndex;         /* 0x44 */
  PSID_AND_ATTRIBUTES           UserAndGroups;             /* 0x48 */
  PSID                          PrimaryGroup;              /* 0x4C */
  PLUID_AND_ATTRIBUTES          Privileges;                /* 0x50 */
  ULONG                         Unknown1;                  /* 0x54 */
  PACL                          DefaultDacl;               /* 0x58 */
  TOKEN_TYPE                    TokenType;                 /* 0x5C */
  SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel;        /* 0x60 */
  UCHAR                         TokenFlags;                /* 0x64 */
  UCHAR                         TokenInUse;                /* 0x65 */
  UCHAR                         Unused[2];                 /* 0x66 */
  PVOID                         ProxyData;                 /* 0x68 */
  PVOID                         AuditData;                 /* 0x6c */
  UCHAR                         VariablePart[0];           /* 0x70 */
} ACCESS_TOKEN, *PACCESS_TOKEN;


typedef struct _SECURITY_SUBJECT_CONTEXT
{
  PACCESS_TOKEN ClientToken;                              /* 0x0 */
  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;        /* 0x4 */
  PACCESS_TOKEN PrimaryToken;                             /* 0x8 */
  PVOID ProcessAuditId;                                   /* 0xC */
} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;


typedef struct _SECURITY_CLIENT_CONTEXT
{
  SECURITY_QUALITY_OF_SERVICE SecurityQos;      /* 0x00 */
  PACCESS_TOKEN Token;                          /* 0x0C */
  BOOLEAN DirectlyAccessClientToken;            /* 0x10 */
  BOOLEAN DirectAccessEffectiveOnly;            /* 0x11 */
  BOOLEAN ServerIsRemote;                       /* 0x12 */
  TOKEN_CONTROL ClientTokenControl;             /* 0x14 */
} SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;


typedef struct _SE_EXPORTS
{
  /* Privilege values */
  LUID SeCreateTokenPrivilege;
  LUID SeAssignPrimaryTokenPrivilege;
  LUID SeLockMemoryPrivilege;
  LUID SeIncreaseQuotaPrivilege;
  LUID SeUnsolicitedInputPrivilege;
  LUID SeTcbPrivilege;
  LUID SeSecurityPrivilege;
  LUID SeTakeOwnershipPrivilege;
  LUID SeLoadDriverPrivilege;
  LUID SeCreatePagefilePrivilege;
  LUID SeIncreaseBasePriorityPrivilege;
  LUID SeSystemProfilePrivilege;
  LUID SeSystemtimePrivilege;
  LUID SeProfileSingleProcessPrivilege;
  LUID SeCreatePermanentPrivilege;
  LUID SeBackupPrivilege;
  LUID SeRestorePrivilege;
  LUID SeShutdownPrivilege;
  LUID SeDebugPrivilege;
  LUID SeAuditPrivilege;
  LUID SeSystemEnvironmentPrivilege;
  LUID SeChangeNotifyPrivilege;
  LUID SeRemoteShutdownPrivilege;

  /* Universally defined SIDs */
  PSID SeNullSid;
  PSID SeWorldSid;
  PSID SeLocalSid;
  PSID SeCreatorOwnerSid;
  PSID SeCreatorGroupSid;

  /* Nt defined SIDs */
  PSID SeNtAuthoritySid;
  PSID SeDialupSid;
  PSID SeNetworkSid;
  PSID SeBatchSid;
  PSID SeInteractiveSid;
  PSID SeLocalSystemSid;
  PSID SeAliasAdminsSid;
  PSID SeAliasUsersSid;
  PSID SeAliasGuestsSid;
  PSID SeAliasPowerUsersSid;
  PSID SeAliasAccountOpsSid;
  PSID SeAliasSystemOpsSid;
  PSID SeAliasPrintOpsSid;
  PSID SeAliasBackupOpsSid;
} SE_EXPORTS, *PSE_EXPORTS;


typedef NTSTATUS STDCALL_FUNC
(*PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId);


typedef enum _SECURITY_OPERATION_CODE
{
  SetSecurityDescriptor,
  QuerySecurityDescriptor,
  DeleteSecurityDescriptor,
  AssignSecurityDescriptor
} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;

#endif

/* EOF */