diff --git a/sdk/xtdk/setypes.h b/sdk/xtdk/setypes.h index 96b3ec0..58e240f 100644 --- a/sdk/xtdk/setypes.h +++ b/sdk/xtdk/setypes.h @@ -54,6 +54,11 @@ /* Default security quota */ #define SE_DEFAULT_SECURITY_QUOTA 2048 +#define SE_INITIAL_PRIVILEGE_COUNT 3 + +/* Token source length */ +#define SE_TOKEN_SOURCE_LENGTH 8 + /* C/C++ specific code */ #ifndef __XTOS_ASSEMBLER__ @@ -66,6 +71,15 @@ typedef enum _SECURITY_IMPERSONATION_LEVEL SecurityDelegation } SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL; +/* Security operation codes */ +typedef enum _SECURITY_OPERATION_CODE +{ + SetSecurityDescriptor, + QuerySecurityDescriptor, + DeleteSecurityDescriptor, + AssignSecurityDescriptor +} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE; + /* Generic security mapping structure definition */ typedef struct _GENERIC_MAPPING { @@ -75,6 +89,45 @@ typedef struct _GENERIC_MAPPING ULONG GenericAll; } GENERIC_MAPPING, *PGENERIC_MAPPING; +/* LUID and attributes structure definition */ +typedef struct _LUID_AND_ATTRIBUTES +{ + LUID Luid; + ULONG Attributes; +} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES; + +/* Initial privilege set structure definition */ +typedef struct _INITIAL_PRIVILEGE_SET +{ + ULONG PrivilegeCount; + ULONG Control; + LUID_AND_ATTRIBUTES Privilege[SE_INITIAL_PRIVILEGE_COUNT]; +} INITIAL_PRIVILEGE_SET, * PINITIAL_PRIVILEGE_SET; + +/* Privilege set structure definition */ +typedef struct _PRIVILEGE_SET +{ + ULONG PrivilegeCount; + ULONG Control; + LUID_AND_ATTRIBUTES Privilege[1]; +} PRIVILEGE_SET, *PPRIVILEGE_SET; + +/* Token source structure definition */ +typedef struct _TOKEN_SOURCE +{ + CHAR SourceName[SE_TOKEN_SOURCE_LENGTH]; + LUID SourceIdentifier; +} TOKEN_SOURCE, *PTOKEN_SOURCE; + +/* Token control structure definition */ +typedef struct _TOKEN_CONTROL +{ + LUID TokenId; + LUID AuthenticationId; + LUID ModifiedId; + TOKEN_SOURCE TokenSource; +} TOKEN_CONTROL, *PTOKEN_CONTROL; + /* Security quality of service structure definition */ typedef struct _SECURITY_QUALITY_OF_SERVICE { @@ -84,5 +137,50 @@ typedef struct _SECURITY_QUALITY_OF_SERVICE BOOLEAN EffectiveOnly; } SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE; +/* Security client context structure definition */ +typedef struct _SECURITY_CLIENT_CONTEXT +{ + SECURITY_QUALITY_OF_SERVICE SecurityQos; + PACCESS_TOKEN ClientToken; + BOOLEAN DirectlyAccessClientToken; + BOOLEAN DirectAccessEffectiveOnly; + BOOLEAN ServerIsRemote; + TOKEN_CONTROL ClientTokenControl; +} SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT; + +/* Security subject context structure definition */ +typedef struct _SECURITY_SUBJECT_CONTEXT +{ + PACCESS_TOKEN ClientToken; + SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; + PACCESS_TOKEN PrimaryToken; + PVOID ProcessAuditId; +} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT; + +/* Access state structure definition */ +typedef struct _ACCESS_STATE +{ + LUID OperationID; + BOOLEAN SecurityEvaluated; + BOOLEAN GenerateAudit; + BOOLEAN GenerateOnClose; + BOOLEAN PrivilegesAllocated; + ULONG Flags; + ACCESS_MASK RemainingDesiredAccess; + ACCESS_MASK PreviouslyGrantedAccess; + ACCESS_MASK OriginalDesiredAccess; + SECURITY_SUBJECT_CONTEXT SubjectSecurityContext; + PSECURITY_DESCRIPTOR SecurityDescriptor; + PVOID AuxData; + union + { + INITIAL_PRIVILEGE_SET InitialPrivilegeSet; + PRIVILEGE_SET PrivilegeSet; + } Privileges; + BOOLEAN AuditPrivileges; + UNICODE_STRING ObjectName; + UNICODE_STRING ObjectTypeName; +} ACCESS_STATE, *PACCESS_STATE; + #endif /* __XTOS_ASSEMBLER__ */ #endif /* __XTDK_SETYPES_H */ diff --git a/sdk/xtdk/xtstruct.h b/sdk/xtdk/xtstruct.h index d1375b7..2acf11f 100644 --- a/sdk/xtdk/xtstruct.h +++ b/sdk/xtdk/xtstruct.h @@ -62,11 +62,13 @@ typedef enum _MODE MODE, *PMODE; typedef enum _RTL_BALANCED_NODE_COLOR RTL_BALANCED_NODE_COLOR, *PRTL_BALANCED_NODE_COLOR; typedef enum _RTL_VARIABLE_TYPE RTL_VARIABLE_TYPE, *PRTL_VARIABLE_TYPE; typedef enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL; +typedef enum _SECURITY_OPERATION_CODE SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE; typedef enum _SYSTEM_FIRMWARE_TYPE SYSTEM_FIRMWARE_TYPE, *PSYSTEM_FIRMWARE_TYPE; typedef enum _SYSTEM_RESOURCE_TYPE SYSTEM_RESOURCE_TYPE, *PSYSTEM_RESOURCE_TYPE; typedef enum _WAIT_TYPE WAIT_TYPE, *PWAIT_TYPE; /* Structures forward references */ +typedef struct _ACCESS_STATE ACCESS_STATE, *PACCESS_STATE; typedef struct _ACPI_CACHE_LIST ACPI_CACHE_LIST, *PACPI_CACHE_LIST; typedef struct _ACPI_DESCRIPTION_HEADER ACPI_DESCRIPTION_HEADER, *PACPI_DESCRIPTION_HEADER; typedef struct _ACPI_FADT ACPI_FADT, *PACPI_FADT; @@ -256,6 +258,7 @@ typedef struct _GENERIC_MAPPING GENERIC_MAPPING, *PGENERIC_MAPPING; typedef struct _GUID GUID, *PGUID; typedef struct _HL_FRAMEBUFFER_DATA HL_FRAMEBUFFER_DATA, *PHL_FRAMEBUFFER_DATA; typedef struct _HL_SCROLL_REGION_DATA HL_SCROLL_REGION_DATA, *PHL_SCROLL_REGION_DATA; +typedef struct _INITIAL_PRIVILEGE_SET INITIAL_PRIVILEGE_SET, *PINITIAL_PRIVILEGE_SET; typedef struct _KAFFINITY_MAP KAFFINITY_MAP, *PKAFFINITY_MAP; typedef struct _KAPC KAPC, *PKAPC; typedef struct _KAPC_STATE KAPC_STATE, *PKAPC_STATE; @@ -298,6 +301,7 @@ typedef struct _LOADER_MEMORY_DESCRIPTOR LOADER_MEMORY_DESCRIPTOR, *PLOADER_MEMO typedef struct _LOOKASIDE_LIST LOOKASIDE_LIST, *PLOOKASIDE_LIST; typedef struct _LOOKASIDE_LIST_EX LOOKASIDE_LIST_EX, *PLOOKASIDE_LIST_EX; typedef struct _LUID LUID, *PLUID; +typedef struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES; typedef struct _M128 M128, *PM128; typedef struct _MMCOLOR_TABLES MMCOLOR_TABLES, *PMMCOLOR_TABLES; typedef struct _MMFREE_POOL_ENTRY MMFREE_POOL_ENTRY, *PMMFREE_POOL_ENTRY; @@ -341,6 +345,7 @@ typedef struct _PHYSICAL_MEMORY_RUN PHYSICAL_MEMORY_RUN, *PPHYSICAL_MEMORY_RUN; typedef struct _POOL_HEADER POOL_HEADER, *PPOOL_HEADER; typedef struct _POOL_TRACKING_BIG_ALLOCATIONS POOL_TRACKING_BIG_ALLOCATIONS, *PPOOL_TRACKING_BIG_ALLOCATIONS; typedef struct _POOL_TRACKING_TABLE POOL_TRACKING_TABLE, *PPOOL_TRACKING_TABLE; +typedef struct _PRIVILEGE_SET PRIVILEGE_SET, *PPRIVILEGE_SET; typedef struct _PROCESSOR_IDENTITY PROCESSOR_IDENTITY, *PPROCESSOR_IDENTITY; typedef struct _PROCESSOR_POWER_STATE PROCESSOR_POWER_STATE, *PPROCESSOR_POWER_STATE; typedef struct _QUAD QUAD, *PQUAD; @@ -349,7 +354,9 @@ typedef struct _RTL_BITMAP RTL_BITMAP, *PRTL_BITMAP; typedef struct _RTL_PRINT_CONTEXT RTL_PRINT_CONTEXT, *PRTL_PRINT_CONTEXT; typedef struct _RTL_PRINT_FORMAT_PROPERTIES RTL_PRINT_FORMAT_PROPERTIES, *PRTL_PRINT_FORMAT_PROPERTIES; typedef struct _RTL_RB_TREE RTL_RB_TREE, *PRTL_RB_TREE; +typedef struct _SECURITY_CLIENT_CONTEXT SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT; typedef struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE; +typedef struct _SECURITY_SUBJECT_CONTEXT SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT; typedef struct _SINGLE_LIST_ENTRY SINGLE_LIST_ENTRY, *PSINGLE_LIST_ENTRY; typedef struct _SMBIOS_TABLE_HEADER SMBIOS_TABLE_HEADER, *PSMBIOS_TABLE_HEADER; typedef struct _SMBIOS3_TABLE_HEADER SMBIOS3_TABLE_HEADER, *PSMBIOS3_TABLE_HEADER; @@ -359,6 +366,8 @@ typedef struct _STRING64 STRING64, *PSTRING64; typedef struct _THREAD_INFORMATION_BLOCK THREAD_INFORMATION_BLOCK, *PTHREAD_INFORMATION_BLOCK; typedef struct _TIME_FIELDS TIME_FIELDS, *PTIME_FIELDS; typedef struct _TIMER_ROUTINES TIMER_ROUTINES, *PTIMER_ROUTINES; +typedef struct _TOKEN_CONTROL TOKEN_CONTROL, *PTOKEN_CONTROL; +typedef struct _TOKEN_SOURCE TOKEN_SOURCE, *PTOKEN_SOURCE; typedef struct _UEFI_FIRMWARE_INFORMATION UEFI_FIRMWARE_INFORMATION, *PUEFI_FIRMWARE_INFORMATION; typedef struct _UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING; typedef struct _UNICODE_STRING32 UNICODE_STRING32, *PUNICODE_STRING32;