1 /*++ NDK Version: 0098 2 3 Copyright (c) Alex Ionescu. All rights reserved. 4 5 Header Name: 6 7 setypes.h 8 9 Abstract: 10 11 Type definitions for the security manager. 12 13 Author: 14 15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006 16 17 --*/ 18 19 #ifndef _SETYPES_H 20 #define _SETYPES_H 21 22 // 23 // Dependencies 24 // 25 #include <umtypes.h> 26 27 // 28 // Well Known SIDs 29 // 30 #define SECURITY_INTERNETSITE_AUTHORITY {0,0,0,0,0,7} 31 32 #ifdef NTOS_MODE_USER 33 // 34 // Privilege constants 35 // 36 #define SE_MIN_WELL_KNOWN_PRIVILEGE (2L) 37 #define SE_CREATE_TOKEN_PRIVILEGE (2L) 38 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L) 39 #define SE_LOCK_MEMORY_PRIVILEGE (4L) 40 #define SE_INCREASE_QUOTA_PRIVILEGE (5L) 41 #define SE_UNSOLICITED_INPUT_PRIVILEGE (6L) 42 #define SE_MACHINE_ACCOUNT_PRIVILEGE (6L) 43 #define SE_TCB_PRIVILEGE (7L) 44 #define SE_SECURITY_PRIVILEGE (8L) 45 #define SE_TAKE_OWNERSHIP_PRIVILEGE (9L) 46 #define SE_LOAD_DRIVER_PRIVILEGE (10L) 47 #define SE_SYSTEM_PROFILE_PRIVILEGE (11L) 48 #define SE_SYSTEMTIME_PRIVILEGE (12L) 49 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L) 50 #define SE_INC_BASE_PRIORITY_PRIVILEGE (14L) 51 #define SE_CREATE_PAGEFILE_PRIVILEGE (15L) 52 #define SE_CREATE_PERMANENT_PRIVILEGE (16L) 53 #define SE_BACKUP_PRIVILEGE (17L) 54 #define SE_RESTORE_PRIVILEGE (18L) 55 #define SE_SHUTDOWN_PRIVILEGE (19L) 56 #define SE_DEBUG_PRIVILEGE (20L) 57 #define SE_AUDIT_PRIVILEGE (21L) 58 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L) 59 #define SE_CHANGE_NOTIFY_PRIVILEGE (23L) 60 #define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L) 61 #define SE_UNDOCK_PRIVILEGE (25L) 62 #define SE_SYNC_AGENT_PRIVILEGE (26L) 63 #define SE_ENABLE_DELEGATION_PRIVILEGE (27L) 64 #define SE_MANAGE_VOLUME_PRIVILEGE (28L) 65 #define SE_IMPERSONATE_PRIVILEGE (29L) 66 #define SE_CREATE_GLOBAL_PRIVILEGE (30L) 67 #define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE) 68 69 typedef struct _TOKEN_MANDATORY_POLICY { 70 ULONG Policy; 71 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY; 72 73 typedef struct _TOKEN_ACCESS_INFORMATION 74 { 75 struct _SID_AND_ATTRIBUTES_HASH *SidHash; 76 struct _SID_AND_ATTRIBUTES_HASH *RestrictedSidHash; 77 struct _TOKEN_PRIVILEGES *Privileges; 78 LUID AuthenticationId; 79 TOKEN_TYPE TokenType; 80 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 81 TOKEN_MANDATORY_POLICY MandatoryPolicy; 82 ULONG Flags; 83 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION; 84 85 #else 86 87 // 88 // User and Group-related SID Attributes 89 // 90 #define SE_GROUP_MANDATORY 0x00000001 91 #define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002 92 #define SE_GROUP_ENABLED 0x00000004 93 #define SE_GROUP_OWNER 0x00000008 94 #define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010 95 #define SE_GROUP_INTEGRITY 0x00000020 96 #define SE_GROUP_INTEGRITY_ENABLED 0x00000040 97 #define SE_GROUP_RESOURCE 0x20000000 98 #define SE_GROUP_LOGON_ID 0xC0000000 99 100 #define SE_GROUP_VALID_ATTRIBUTES \ 101 (SE_GROUP_MANDATORY | \ 102 SE_GROUP_ENABLED_BY_DEFAULT | \ 103 SE_GROUP_ENABLED | \ 104 SE_GROUP_OWNER | \ 105 SE_GROUP_USE_FOR_DENY_ONLY | \ 106 SE_GROUP_LOGON_ID | \ 107 SE_GROUP_RESOURCE | \ 108 SE_GROUP_INTEGRITY | \ 109 SE_GROUP_INTEGRITY_ENABLED) 110 111 // 112 // Audit and Policy Structures 113 // 114 typedef struct _SEP_AUDIT_POLICY_CATEGORIES 115 { 116 UCHAR System:4; 117 UCHAR Logon:4; 118 UCHAR ObjectAccess:4; 119 UCHAR PrivilegeUse:4; 120 UCHAR DetailedTracking:4; 121 UCHAR PolicyChange:4; 122 UCHAR AccountManagement:4; 123 UCHAR DirectoryServiceAccess:4; 124 UCHAR AccountLogon:4; 125 } SEP_AUDIT_POLICY_CATEGORIES, *PSEP_AUDIT_POLICY_CATEGORIES; 126 127 typedef struct _SEP_AUDIT_POLICY_OVERLAY 128 { 129 ULONGLONG PolicyBits:36; 130 ULONGLONG SetBit:1; 131 } SEP_AUDIT_POLICY_OVERLAY, *PSEP_AUDIT_POLICY_OVERLAY; 132 133 typedef struct _SEP_AUDIT_POLICY 134 { 135 union 136 { 137 SEP_AUDIT_POLICY_CATEGORIES PolicyElements; 138 SEP_AUDIT_POLICY_OVERLAY PolicyOverlay; 139 ULONGLONG Overlay; 140 }; 141 } SEP_AUDIT_POLICY, *PSEP_AUDIT_POLICY; 142 143 typedef struct _SE_AUDIT_PROCESS_CREATION_INFO 144 { 145 POBJECT_NAME_INFORMATION ImageFileName; 146 } SE_AUDIT_PROCESS_CREATION_INFO, *PSE_AUDIT_PROCESS_CREATION_INFO; 147 148 // 149 // Token and auxiliary data 150 // 151 typedef struct _TOKEN 152 { 153 TOKEN_SOURCE TokenSource; /* 0x00 */ 154 LUID TokenId; /* 0x10 */ 155 LUID AuthenticationId; /* 0x18 */ 156 LUID ParentTokenId; /* 0x20 */ 157 LARGE_INTEGER ExpirationTime; /* 0x28 */ 158 struct _ERESOURCE *TokenLock; /* 0x30 */ 159 SEP_AUDIT_POLICY AuditPolicy; /* 0x38 */ 160 LUID ModifiedId; /* 0x40 */ 161 ULONG SessionId; /* 0x48 */ 162 ULONG UserAndGroupCount; /* 0x4C */ 163 ULONG RestrictedSidCount; /* 0x50 */ 164 ULONG PrivilegeCount; /* 0x54 */ 165 ULONG VariableLength; /* 0x58 */ 166 ULONG DynamicCharged; /* 0x5C */ 167 ULONG DynamicAvailable; /* 0x60 */ 168 ULONG DefaultOwnerIndex; /* 0x64 */ 169 PSID_AND_ATTRIBUTES UserAndGroups; /* 0x68 */ 170 PSID_AND_ATTRIBUTES RestrictedSids; /* 0x6C */ 171 PSID PrimaryGroup; /* 0x70 */ 172 PLUID_AND_ATTRIBUTES Privileges; /* 0x74 */ 173 PULONG DynamicPart; /* 0x78 */ 174 PACL DefaultDacl; /* 0x7C */ 175 TOKEN_TYPE TokenType; /* 0x80 */ 176 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* 0x84 */ 177 ULONG TokenFlags; /* 0x88 */ 178 BOOLEAN TokenInUse; /* 0x8C */ 179 PVOID ProxyData; /* 0x90 */ 180 PVOID AuditData; /* 0x94 */ 181 LUID OriginatingLogonSession; /* 0x98 */ 182 ULONG VariablePart; /* 0xA0 */ 183 } TOKEN, *PTOKEN; 184 185 typedef struct _AUX_ACCESS_DATA 186 { 187 PPRIVILEGE_SET PrivilegeSet; 188 GENERIC_MAPPING GenericMapping; 189 ULONG Reserved; 190 } AUX_ACCESS_DATA, *PAUX_ACCESS_DATA; 191 192 // 193 // External SRM Data 194 // 195 extern PACL NTSYSAPI SePublicDefaultDacl; 196 extern PACL NTSYSAPI SeSystemDefaultDacl; 197 198 #endif 199 #endif 200