diff options
| author | midipix <writeonce@midipix.org> | 2015-07-27 04:01:18 -0400 |
|---|---|---|
| committer | midipix <writeonce@midipix.org> | 2015-07-27 04:01:18 -0400 |
| commit | dd89bb8ad4fe184a34b5dbdda237e640fc82121b (patch) | |
| tree | 5e80d2da35f5892f92be29f57982b2708e6bd99b /include/ntapi/nt_security.h | |
| parent | dcdadc2702712fa750ed255ed1dfa354522797a0 (diff) | |
| download | ntapi-dd89bb8ad4fe184a34b5dbdda237e640fc82121b.tar.bz2 ntapi-dd89bb8ad4fe184a34b5dbdda237e640fc82121b.tar.xz | |
entered advanced internal development stage.
Diffstat (limited to 'include/ntapi/nt_security.h')
| -rw-r--r-- | include/ntapi/nt_security.h | 190 |
1 files changed, 190 insertions, 0 deletions
diff --git a/include/ntapi/nt_security.h b/include/ntapi/nt_security.h new file mode 100644 index 0000000..20fa956 --- /dev/null +++ b/include/ntapi/nt_security.h @@ -0,0 +1,190 @@ +#ifndef _NT_SECURITY_H_ +#define _NT_SECURITY_H_ + +#include <psxtypes/psxtypes.h> +#include "nt_object.h" + +typedef enum _nt_audit_event_type { + NT_AUDIT_EVENT_OBJECT_ACCESS, + NT_AUDIT_EVENT_DIRECTORY_SERVICE_ACCESS +} nt_audit_event_type; + + +/* audit flag bits */ +#define NT_AUDIT_ALLOW_NO_PRIVILEGE 0x01 + + +typedef struct _nt_privilege_set { + uint32_t privilege_count; + uint32_t control; + nt_luid_and_attributes privilege[]; +} nt_privilege_set; + + +typedef struct _nt_object_type_list { + int32_t level; + int32_t sbz; + nt_guid * object_type; +} nt_object_type_list; + + +typedef int32_t __stdcall ntapi_zw_privilege_check( + __in void * htoken, + __in nt_privilege_set * required_privileges, + __out unsigned char * result); + + +typedef int32_t __stdcall ntapi_zw_privilege_object_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __in void * htoken, + __in uint32_t desired_access, + __in nt_privilege_set * privileges, + __in unsigned char access_granted); + + +typedef int32_t __stdcall ntapi_zw_privileged_service_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in nt_unicode_string * service_name, + __in void * htoken, + __in nt_privilege_set * privileges, + __in unsigned char access_granted); + + +typedef int32_t __stdcall ntapi_zw_access_check( + __in nt_security_descriptor * sec_desc, + __in void * htoken, + __in uint32_t desired_access, + __in nt_generic_mapping * generic_mapping, + __in nt_privilege_set * privilege_set, + __in uint32_t * privilege_set_length, + __out uint32_t * granted_access, + __out unsigned char * access_status); + + +typedef int32_t __stdcall ntapi_zw_access_check_and_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __in nt_unicode_string * object_type_name, + __in nt_unicode_string * object_name, + __in nt_security_descriptor * sec_desc, + __in uint32_t desired_access, + __in nt_generic_mapping * generic_mapping, + __in unsigned char object_creation, + __out uint32_t * granted_access, + __out unsigned char * access_status, + __out unsigned char * generate_on_close); + + +typedef int32_t __stdcall ntapi_zw_access_check_by_type( + __in nt_security_descriptor * sec_desc, + __in nt_sid * principal_self_sid, + __in void * htoken, + __in uint32_t desired_access, + __in nt_object_type_list * obj_type_list, + __in uint32_t obj_type_list_length, + __in nt_generic_mapping * generic_mapping, + __in nt_privilege_set * privilege_set, + __in uint32_t * privilege_set_length, + __out uint32_t * granted_access, + __out unsigned char * access_status); + + +typedef int32_t __stdcall ntapi_zw_access_check_by_type_and_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __in nt_unicode_string * object_type_name, + __in nt_unicode_string * object_name, + __in nt_security_descriptor * sec_desc, + __in nt_sid * principal_self_sid, + __in uint32_t desired_access, + __in nt_audit_event_type audit_type, + __in uint32_t augid_flags, + __in nt_object_type_list * obj_type_list, + __in uint32_t obj_type_list_length, + __in nt_generic_mapping * generic_mapping, + __in unsigned char object_creation, + __out uint32_t * granted_access, + __out uint32_t * access_status, + __out unsigned char * generate_on_close); + + +typedef int32_t __stdcall ntapi_zw_access_check_by_type_result_list( + __in nt_security_descriptor * sec_desc, + __in nt_sid * principal_self_sid, + __in void * htoken, + __in uint32_t desired_access, + __in nt_object_type_list * obj_type_list, + __in uint32_t obj_type_list_length, + __in nt_generic_mapping * generic_mapping, + __in nt_privilege_set * privilege_set, + __in uint32_t * privilege_set_length, + __out uint32_t * granted_access_list, + __out uint32_t * access_status_list); + + +typedef int32_t __stdcall ntapi_zw_access_check_by_type_result_list_and_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __in nt_unicode_string * object_type_name, + __in nt_unicode_string * object_name, + __in nt_security_descriptor * sec_desc, + __in nt_sid * principal_self_sid, + __in uint32_t desired_access, + __in nt_audit_event_type audit_type, + __in uint32_t augid_flags, + __in nt_object_type_list * obj_type_list, + __in uint32_t obj_type_list_length, + __in nt_generic_mapping * generic_mapping, + __in unsigned char object_creation, + __out uint32_t * granted_access_list, + __out uint32_t * access_status_list, + __out uint32_t * generate_on_close); + + +typedef int32_t __stdcall ntapi_zw_access_check_by_type_result_list_and_audit_alarm_by_handle( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __in void * htoken, + __in nt_unicode_string * object_type_name, + __in nt_unicode_string * object_name, + __in nt_security_descriptor * sec_desc, + __in nt_sid * principal_self_sid, + __in uint32_t desired_access, + __in nt_audit_event_type audit_type, + __in uint32_t augid_flags, + __in nt_object_type_list * obj_type_list, + __in uint32_t obj_type_list_length, + __in nt_generic_mapping * generic_mapping, + __in unsigned char object_creation, + __out uint32_t * granted_access_list, + __out uint32_t * access_status_list, + __out uint32_t * generate_on_close); + + +typedef int32_t __stdcall ntapi_zw_open_object_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void ** handle_id, + __in nt_unicode_string * object_type_name, + __in nt_unicode_string * object_name, + __in nt_security_descriptor * sec_desc, + __in void * htoken, + __in uint32_t desired_access, + __in uint32_t granted_access, + __in nt_privilege_set * privileges __optional, + __in unsigned char object_creation, + __in unsigned char access_granted, + __out unsigned char * generate_on_close); + +typedef int32_t __stdcall ntapi_zw_close_object_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __out unsigned char * generate_on_close); + + +typedef int32_t __stdcall ntapi_zw_delete_object_audit_alarm( + __in nt_unicode_string * subsystem_name, + __in void * handle_id, + __out unsigned char * generate_on_close); + +#endif |