Files
exectos/sdk/xtdk/setypes.h
Aiken Harris 9fcd81a507
Some checks failed
Builds / ExectOS (amd64, debug) (push) Failing after 22s
Builds / ExectOS (amd64, release) (push) Failing after 35s
Builds / ExectOS (i686, release) (push) Failing after 24s
Builds / ExectOS (i686, debug) (push) Failing after 32s
Add I/O, power, and configuration manager type definitions
2026-07-03 21:43:02 +02:00

202 lines
7.1 KiB
C

/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: sdk/xtdk/setypes.h
* DESCRIPTION: Kernel Security structures and definitions
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#ifndef __XTDK_SETYPES_H
#define __XTDK_SETYPES_H
#include <xttypes.h>
#include <xtstruct.h>
#include <xtbase.h>
/* Privilege LUIDs */
#define SE_LUID_MIN_WELL_KNOWN_PRIVILEGE (LUID){2, 0}
#define SE_LUID_CREATE_TOKEN_PRIVILEGE (LUID){2, 0}
#define SE_LUID_ASSIGNPRIMARYTOKEN_PRIVILEGE (LUID){3, 0}
#define SE_LUID_LOCK_MEMORY_PRIVILEGE (LUID){4, 0}
#define SE_LUID_INCREASE_QUOTA_PRIVILEGE (LUID){5, 0}
#define SE_LUID_MACHINE_ACCOUNT_PRIVILEGE (LUID){6, 0}
#define SE_LUID_TCB_PRIVILEGE (LUID){7, 0}
#define SE_LUID_SECURITY_PRIVILEGE (LUID){8, 0}
#define SE_LUID_TAKE_OWNERSHIP_PRIVILEGE (LUID){9, 0}
#define SE_LUID_LOAD_DRIVER_PRIVILEGE (LUID){10, 0}
#define SE_LUID_SYSTEM_PROFILE_PRIVILEGE (LUID){11, 0}
#define SE_LUID_SYSTEMTIME_PRIVILEGE (LUID){12, 0}
#define SE_LUID_PROF_SINGLE_PROCESS_PRIVILEGE (LUID){13, 0}
#define SE_LUID_INC_BASE_PRIORITY_PRIVILEGE (LUID){14, 0}
#define SE_LUID_CREATE_PAGEFILE_PRIVILEGE (LUID){15, 0}
#define SE_LUID_CREATE_PERMANENT_PRIVILEGE (LUID){16, 0}
#define SE_LUID_BACKUP_PRIVILEGE (LUID){17, 0}
#define SE_LUID_RESTORE_PRIVILEGE (LUID){18, 0}
#define SE_LUID_SHUTDOWN_PRIVILEGE (LUID){19, 0}
#define SE_LUID_DEBUG_PRIVILEGE (LUID){20, 0}
#define SE_LUID_AUDIT_PRIVILEGE (LUID){21, 0}
#define SE_LUID_SYSTEM_ENVIRONMENT_PRIVILEGE (LUID){22, 0}
#define SE_LUID_CHANGE_NOTIFY_PRIVILEGE (LUID){23, 0}
#define SE_LUID_REMOTE_SHUTDOWN_PRIVILEGE (LUID){24, 0}
#define SE_LUID_UNDOCK_PRIVILEGE (LUID){25, 0}
#define SE_LUID_SYNC_AGENT_PRIVILEGE (LUID){26, 0}
#define SE_LUID_ENABLE_DELEGATION_PRIVILEGE (LUID){27, 0}
#define SE_LUID_MANAGE_VOLUME_PRIVILEGE (LUID){28, 0}
#define SE_LUID_IMPERSONATE_PRIVILEGE (LUID){29, 0}
#define SE_LUID_CREATE_GLOBAL_PRIVILEGE (LUID){30, 0}
#define SE_LUID_TRUSTED_CREDMAN_ACCESS_PRIVILEGE (LUID){31, 0}
#define SE_LUID_RELABEL_PRIVILEGE (LUID){32, 0}
#define SE_LUID_INC_WORKING_SET_PRIVILEGE (LUID){33, 0}
#define SE_LUID_TIME_ZONE_PRIVILEGE (LUID){34, 0}
#define SE_LUID_CREATE_SYMBOLIC_LINK_PRIVILEGE (LUID){35, 0}
/* Default security quota */
#define SE_DEFAULT_SECURITY_QUOTA 2048
#define SE_INITIAL_PRIVILEGE_COUNT 3
/* Token source length */
#define SE_TOKEN_SOURCE_LENGTH 8
/* C/C++ specific code */
#ifndef __XTOS_ASSEMBLER__
/* Security impersonation levels */
typedef enum _SECURITY_IMPERSONATION_LEVEL
{
SecurityAnonymous,
SecurityIdentification,
SecurityImpersonation,
SecurityDelegation
} SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
/* Security operation codes */
typedef enum _SECURITY_OPERATION_CODE
{
SetSecurityDescriptor,
QuerySecurityDescriptor,
DeleteSecurityDescriptor,
AssignSecurityDescriptor
} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
/* Generic security mapping structure definition */
typedef struct _GENERIC_MAPPING
{
ULONG GenericRead;
ULONG GenericWrite;
ULONG GenericExecute;
ULONG GenericAll;
} GENERIC_MAPPING, *PGENERIC_MAPPING;
/* LUID and attributes structure definition */
typedef struct _LUID_AND_ATTRIBUTES
{
LUID Luid;
ULONG Attributes;
} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
/* Initial privilege set structure definition */
typedef struct _INITIAL_PRIVILEGE_SET
{
ULONG PrivilegeCount;
ULONG Control;
LUID_AND_ATTRIBUTES Privilege[SE_INITIAL_PRIVILEGE_COUNT];
} INITIAL_PRIVILEGE_SET, * PINITIAL_PRIVILEGE_SET;
/* Privilege set structure definition */
typedef struct _PRIVILEGE_SET
{
ULONG PrivilegeCount;
ULONG Control;
LUID_AND_ATTRIBUTES Privilege[1];
} PRIVILEGE_SET, *PPRIVILEGE_SET;
/* Identifier authority structure definition */
typedef struct _SID_IDENTIFIER_AUTHORITY
{
UCHAR Value[6];
} SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY;
/* Security identifier structure definition */
typedef struct _SID
{
UCHAR Revision;
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
ULONG SubAuthority[1];
} SID, *PSID;
/* Token source structure definition */
typedef struct _TOKEN_SOURCE
{
CHAR SourceName[SE_TOKEN_SOURCE_LENGTH];
LUID SourceIdentifier;
} TOKEN_SOURCE, *PTOKEN_SOURCE;
/* Token control structure definition */
typedef struct _TOKEN_CONTROL
{
LUID TokenId;
LUID AuthenticationId;
LUID ModifiedId;
TOKEN_SOURCE TokenSource;
} TOKEN_CONTROL, *PTOKEN_CONTROL;
/* Security quality of service structure definition */
typedef struct _SECURITY_QUALITY_OF_SERVICE
{
ULONG Length;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode;
BOOLEAN EffectiveOnly;
} SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE;
/* Security client context structure definition */
typedef struct _SECURITY_CLIENT_CONTEXT
{
SECURITY_QUALITY_OF_SERVICE SecurityQos;
PACCESS_TOKEN ClientToken;
BOOLEAN DirectlyAccessClientToken;
BOOLEAN DirectAccessEffectiveOnly;
BOOLEAN ServerIsRemote;
TOKEN_CONTROL ClientTokenControl;
} SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
/* Security subject context structure definition */
typedef struct _SECURITY_SUBJECT_CONTEXT
{
PACCESS_TOKEN ClientToken;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
PACCESS_TOKEN PrimaryToken;
PVOID ProcessAuditId;
} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
/* Access state structure definition */
typedef struct _ACCESS_STATE
{
LUID OperationID;
BOOLEAN SecurityEvaluated;
BOOLEAN GenerateAudit;
BOOLEAN GenerateOnClose;
BOOLEAN PrivilegesAllocated;
ULONG Flags;
ACCESS_MASK RemainingDesiredAccess;
ACCESS_MASK PreviouslyGrantedAccess;
ACCESS_MASK OriginalDesiredAccess;
SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
PSECURITY_DESCRIPTOR SecurityDescriptor;
PVOID AuxData;
union
{
INITIAL_PRIVILEGE_SET InitialPrivilegeSet;
PRIVILEGE_SET PrivilegeSet;
} Privileges;
BOOLEAN AuditPrivileges;
UNICODE_STRING ObjectName;
UNICODE_STRING ObjectTypeName;
} ACCESS_STATE, *PACCESS_STATE;
#endif /* __XTOS_ASSEMBLER__ */
#endif /* __XTDK_SETYPES_H */