Introduce core security and privilege structures
This commit is contained in:
@@ -54,6 +54,11 @@
|
||||
/* Default security quota */
|
||||
#define SE_DEFAULT_SECURITY_QUOTA 2048
|
||||
|
||||
#define SE_INITIAL_PRIVILEGE_COUNT 3
|
||||
|
||||
/* Token source length */
|
||||
#define SE_TOKEN_SOURCE_LENGTH 8
|
||||
|
||||
/* C/C++ specific code */
|
||||
#ifndef __XTOS_ASSEMBLER__
|
||||
|
||||
@@ -66,6 +71,15 @@ typedef enum _SECURITY_IMPERSONATION_LEVEL
|
||||
SecurityDelegation
|
||||
} SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
|
||||
|
||||
/* Security operation codes */
|
||||
typedef enum _SECURITY_OPERATION_CODE
|
||||
{
|
||||
SetSecurityDescriptor,
|
||||
QuerySecurityDescriptor,
|
||||
DeleteSecurityDescriptor,
|
||||
AssignSecurityDescriptor
|
||||
} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
|
||||
|
||||
/* Generic security mapping structure definition */
|
||||
typedef struct _GENERIC_MAPPING
|
||||
{
|
||||
@@ -75,6 +89,45 @@ typedef struct _GENERIC_MAPPING
|
||||
ULONG GenericAll;
|
||||
} GENERIC_MAPPING, *PGENERIC_MAPPING;
|
||||
|
||||
/* LUID and attributes structure definition */
|
||||
typedef struct _LUID_AND_ATTRIBUTES
|
||||
{
|
||||
LUID Luid;
|
||||
ULONG Attributes;
|
||||
} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
|
||||
|
||||
/* Initial privilege set structure definition */
|
||||
typedef struct _INITIAL_PRIVILEGE_SET
|
||||
{
|
||||
ULONG PrivilegeCount;
|
||||
ULONG Control;
|
||||
LUID_AND_ATTRIBUTES Privilege[SE_INITIAL_PRIVILEGE_COUNT];
|
||||
} INITIAL_PRIVILEGE_SET, * PINITIAL_PRIVILEGE_SET;
|
||||
|
||||
/* Privilege set structure definition */
|
||||
typedef struct _PRIVILEGE_SET
|
||||
{
|
||||
ULONG PrivilegeCount;
|
||||
ULONG Control;
|
||||
LUID_AND_ATTRIBUTES Privilege[1];
|
||||
} PRIVILEGE_SET, *PPRIVILEGE_SET;
|
||||
|
||||
/* Token source structure definition */
|
||||
typedef struct _TOKEN_SOURCE
|
||||
{
|
||||
CHAR SourceName[SE_TOKEN_SOURCE_LENGTH];
|
||||
LUID SourceIdentifier;
|
||||
} TOKEN_SOURCE, *PTOKEN_SOURCE;
|
||||
|
||||
/* Token control structure definition */
|
||||
typedef struct _TOKEN_CONTROL
|
||||
{
|
||||
LUID TokenId;
|
||||
LUID AuthenticationId;
|
||||
LUID ModifiedId;
|
||||
TOKEN_SOURCE TokenSource;
|
||||
} TOKEN_CONTROL, *PTOKEN_CONTROL;
|
||||
|
||||
/* Security quality of service structure definition */
|
||||
typedef struct _SECURITY_QUALITY_OF_SERVICE
|
||||
{
|
||||
@@ -84,5 +137,50 @@ typedef struct _SECURITY_QUALITY_OF_SERVICE
|
||||
BOOLEAN EffectiveOnly;
|
||||
} SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE;
|
||||
|
||||
/* Security client context structure definition */
|
||||
typedef struct _SECURITY_CLIENT_CONTEXT
|
||||
{
|
||||
SECURITY_QUALITY_OF_SERVICE SecurityQos;
|
||||
PACCESS_TOKEN ClientToken;
|
||||
BOOLEAN DirectlyAccessClientToken;
|
||||
BOOLEAN DirectAccessEffectiveOnly;
|
||||
BOOLEAN ServerIsRemote;
|
||||
TOKEN_CONTROL ClientTokenControl;
|
||||
} SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
|
||||
|
||||
/* Security subject context structure definition */
|
||||
typedef struct _SECURITY_SUBJECT_CONTEXT
|
||||
{
|
||||
PACCESS_TOKEN ClientToken;
|
||||
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
||||
PACCESS_TOKEN PrimaryToken;
|
||||
PVOID ProcessAuditId;
|
||||
} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
|
||||
|
||||
/* Access state structure definition */
|
||||
typedef struct _ACCESS_STATE
|
||||
{
|
||||
LUID OperationID;
|
||||
BOOLEAN SecurityEvaluated;
|
||||
BOOLEAN GenerateAudit;
|
||||
BOOLEAN GenerateOnClose;
|
||||
BOOLEAN PrivilegesAllocated;
|
||||
ULONG Flags;
|
||||
ACCESS_MASK RemainingDesiredAccess;
|
||||
ACCESS_MASK PreviouslyGrantedAccess;
|
||||
ACCESS_MASK OriginalDesiredAccess;
|
||||
SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
|
||||
PSECURITY_DESCRIPTOR SecurityDescriptor;
|
||||
PVOID AuxData;
|
||||
union
|
||||
{
|
||||
INITIAL_PRIVILEGE_SET InitialPrivilegeSet;
|
||||
PRIVILEGE_SET PrivilegeSet;
|
||||
} Privileges;
|
||||
BOOLEAN AuditPrivileges;
|
||||
UNICODE_STRING ObjectName;
|
||||
UNICODE_STRING ObjectTypeName;
|
||||
} ACCESS_STATE, *PACCESS_STATE;
|
||||
|
||||
#endif /* __XTOS_ASSEMBLER__ */
|
||||
#endif /* __XTDK_SETYPES_H */
|
||||
|
||||
@@ -62,11 +62,13 @@ typedef enum _MODE MODE, *PMODE;
|
||||
typedef enum _RTL_BALANCED_NODE_COLOR RTL_BALANCED_NODE_COLOR, *PRTL_BALANCED_NODE_COLOR;
|
||||
typedef enum _RTL_VARIABLE_TYPE RTL_VARIABLE_TYPE, *PRTL_VARIABLE_TYPE;
|
||||
typedef enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
|
||||
typedef enum _SECURITY_OPERATION_CODE SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
|
||||
typedef enum _SYSTEM_FIRMWARE_TYPE SYSTEM_FIRMWARE_TYPE, *PSYSTEM_FIRMWARE_TYPE;
|
||||
typedef enum _SYSTEM_RESOURCE_TYPE SYSTEM_RESOURCE_TYPE, *PSYSTEM_RESOURCE_TYPE;
|
||||
typedef enum _WAIT_TYPE WAIT_TYPE, *PWAIT_TYPE;
|
||||
|
||||
/* Structures forward references */
|
||||
typedef struct _ACCESS_STATE ACCESS_STATE, *PACCESS_STATE;
|
||||
typedef struct _ACPI_CACHE_LIST ACPI_CACHE_LIST, *PACPI_CACHE_LIST;
|
||||
typedef struct _ACPI_DESCRIPTION_HEADER ACPI_DESCRIPTION_HEADER, *PACPI_DESCRIPTION_HEADER;
|
||||
typedef struct _ACPI_FADT ACPI_FADT, *PACPI_FADT;
|
||||
@@ -256,6 +258,7 @@ typedef struct _GENERIC_MAPPING GENERIC_MAPPING, *PGENERIC_MAPPING;
|
||||
typedef struct _GUID GUID, *PGUID;
|
||||
typedef struct _HL_FRAMEBUFFER_DATA HL_FRAMEBUFFER_DATA, *PHL_FRAMEBUFFER_DATA;
|
||||
typedef struct _HL_SCROLL_REGION_DATA HL_SCROLL_REGION_DATA, *PHL_SCROLL_REGION_DATA;
|
||||
typedef struct _INITIAL_PRIVILEGE_SET INITIAL_PRIVILEGE_SET, *PINITIAL_PRIVILEGE_SET;
|
||||
typedef struct _KAFFINITY_MAP KAFFINITY_MAP, *PKAFFINITY_MAP;
|
||||
typedef struct _KAPC KAPC, *PKAPC;
|
||||
typedef struct _KAPC_STATE KAPC_STATE, *PKAPC_STATE;
|
||||
@@ -298,6 +301,7 @@ typedef struct _LOADER_MEMORY_DESCRIPTOR LOADER_MEMORY_DESCRIPTOR, *PLOADER_MEMO
|
||||
typedef struct _LOOKASIDE_LIST LOOKASIDE_LIST, *PLOOKASIDE_LIST;
|
||||
typedef struct _LOOKASIDE_LIST_EX LOOKASIDE_LIST_EX, *PLOOKASIDE_LIST_EX;
|
||||
typedef struct _LUID LUID, *PLUID;
|
||||
typedef struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
|
||||
typedef struct _M128 M128, *PM128;
|
||||
typedef struct _MMCOLOR_TABLES MMCOLOR_TABLES, *PMMCOLOR_TABLES;
|
||||
typedef struct _MMFREE_POOL_ENTRY MMFREE_POOL_ENTRY, *PMMFREE_POOL_ENTRY;
|
||||
@@ -341,6 +345,7 @@ typedef struct _PHYSICAL_MEMORY_RUN PHYSICAL_MEMORY_RUN, *PPHYSICAL_MEMORY_RUN;
|
||||
typedef struct _POOL_HEADER POOL_HEADER, *PPOOL_HEADER;
|
||||
typedef struct _POOL_TRACKING_BIG_ALLOCATIONS POOL_TRACKING_BIG_ALLOCATIONS, *PPOOL_TRACKING_BIG_ALLOCATIONS;
|
||||
typedef struct _POOL_TRACKING_TABLE POOL_TRACKING_TABLE, *PPOOL_TRACKING_TABLE;
|
||||
typedef struct _PRIVILEGE_SET PRIVILEGE_SET, *PPRIVILEGE_SET;
|
||||
typedef struct _PROCESSOR_IDENTITY PROCESSOR_IDENTITY, *PPROCESSOR_IDENTITY;
|
||||
typedef struct _PROCESSOR_POWER_STATE PROCESSOR_POWER_STATE, *PPROCESSOR_POWER_STATE;
|
||||
typedef struct _QUAD QUAD, *PQUAD;
|
||||
@@ -349,7 +354,9 @@ typedef struct _RTL_BITMAP RTL_BITMAP, *PRTL_BITMAP;
|
||||
typedef struct _RTL_PRINT_CONTEXT RTL_PRINT_CONTEXT, *PRTL_PRINT_CONTEXT;
|
||||
typedef struct _RTL_PRINT_FORMAT_PROPERTIES RTL_PRINT_FORMAT_PROPERTIES, *PRTL_PRINT_FORMAT_PROPERTIES;
|
||||
typedef struct _RTL_RB_TREE RTL_RB_TREE, *PRTL_RB_TREE;
|
||||
typedef struct _SECURITY_CLIENT_CONTEXT SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
|
||||
typedef struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE;
|
||||
typedef struct _SECURITY_SUBJECT_CONTEXT SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
|
||||
typedef struct _SINGLE_LIST_ENTRY SINGLE_LIST_ENTRY, *PSINGLE_LIST_ENTRY;
|
||||
typedef struct _SMBIOS_TABLE_HEADER SMBIOS_TABLE_HEADER, *PSMBIOS_TABLE_HEADER;
|
||||
typedef struct _SMBIOS3_TABLE_HEADER SMBIOS3_TABLE_HEADER, *PSMBIOS3_TABLE_HEADER;
|
||||
@@ -359,6 +366,8 @@ typedef struct _STRING64 STRING64, *PSTRING64;
|
||||
typedef struct _THREAD_INFORMATION_BLOCK THREAD_INFORMATION_BLOCK, *PTHREAD_INFORMATION_BLOCK;
|
||||
typedef struct _TIME_FIELDS TIME_FIELDS, *PTIME_FIELDS;
|
||||
typedef struct _TIMER_ROUTINES TIMER_ROUTINES, *PTIMER_ROUTINES;
|
||||
typedef struct _TOKEN_CONTROL TOKEN_CONTROL, *PTOKEN_CONTROL;
|
||||
typedef struct _TOKEN_SOURCE TOKEN_SOURCE, *PTOKEN_SOURCE;
|
||||
typedef struct _UEFI_FIRMWARE_INFORMATION UEFI_FIRMWARE_INFORMATION, *PUEFI_FIRMWARE_INFORMATION;
|
||||
typedef struct _UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
|
||||
typedef struct _UNICODE_STRING32 UNICODE_STRING32, *PUNICODE_STRING32;
|
||||
|
||||
Reference in New Issue
Block a user