summaryrefslogblamecommitdiffstats
path: root/private/inc/seopaque.h
blob: b42828f5489ac846acea22b9c4e637036ed315a7 (plain) (tree) 
e611b132f































































































































































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191































































































































































































                                                                                                          
/*++ BUILD Version: 0002    // Increment this if a change has global effects

Copyright (c) 1989  Microsoft Corporation

Module Name:

    seopaque.h

Abstract:

    This module contains definitions of opaque Security data structures.

    These structures are available to user and kernel security routines
    only.

    This file is not included by including "ntos.h".

Author:

    Jim Kelly (Jimk) 23-Mar-1990

Revision History:

--*/

#ifndef _SEOPAQUE_
#define _SEOPAQUE_

///////////////////////////////////////////////////////////////////////////
//                                                                       //
//  Private Structures                                                   //
//                                                                       //
///////////////////////////////////////////////////////////////////////////

//
// Generic ACE structures, to be used for casting ACE's of known types
//

typedef struct _KNOWN_ACE {
    ACE_HEADER Header;
    ACCESS_MASK Mask;
    ULONG SidStart;
} KNOWN_ACE, *PKNOWN_ACE;

typedef struct _KNOWN_COMPOUND_ACE {
    ACE_HEADER Header;
    ACCESS_MASK Mask;
    USHORT CompoundAceType;
    USHORT Reserved;
    ULONG SidStart;
} KNOWN_COMPOUND_ACE, *PKNOWN_COMPOUND_ACE;

//typedef struct _KNOWN_IMPERSONATION_ACE {
//    ACE_HEADER Header;
//    ACCESS_MASK Mask;
//    USHORT DataType;
//    USHORT Argument;
//    ULONG Operands;
//} KNOWN_IMPERSONATION_ACE, *PKNOWN_IMPERSONATION_ACE;



///////////////////////////////////////////////////////////////////////////
//                                                                       //
//  Miscellaneous support macros                                         //
//                                                                       //
///////////////////////////////////////////////////////////////////////////

//
//  Given a pointer return its word aligned equivalent value
//

#define WordAlign(Ptr) (                       \
    (PVOID)((((ULONG)(Ptr)) + 1) & 0xfffffffe) \
    )

//
//  Given a pointer return its longword aligned equivalent value
//

#define LongAlign(Ptr) (                       \
    (PVOID)((((ULONG)(Ptr)) + 3) & 0xfffffffc) \
    )

//
//  Given a pointer return its quadword aligned equivalent value
//

#define QuadAlign(Ptr) (                       \
    (PVOID)((((ULONG)(Ptr)) + 7) & 0xfffffff8) \
    )

//
//  This macro returns TRUE if a flag in a set of flags is on and FALSE
//  otherwise
//

#define FlagOn(Flags,SingleFlag) (               \
    ((Flags) & (SingleFlag)) != 0 ? TRUE : FALSE \
    )

//
//  This macro clears a single flag in a set of flags
//

#define ClearFlag(Flags,SingleFlag) { \
    (Flags) &= ~(SingleFlag);         \
    }

//
//  Get a pointer to the first ace in an acl
//

#define FirstAce(Acl) ((PVOID)((PUCHAR)(Acl) + sizeof(ACL)))

//
//  Get a pointer to the following ace
//

#define NextAce(Ace) ((PVOID)((PUCHAR)(Ace) + ((PACE_HEADER)(Ace))->AceSize))

//
//  Determine if an ace is a standard ace
//

#define IsCompoundAceType(Ace) (                                           \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_ALLOWED_COMPOUND_ACE_TYPE))

//
// A "known" ACE is one of the types that existed before the introduction of
// compound ACEs.  While the name is no longer as accurate as it used to be,
// it's convenient.
//

#define IsKnownAceType(Ace) (                                     \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_ALLOWED_ACE_TYPE) || \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_DENIED_ACE_TYPE)  || \
    (((PACE_HEADER)(Ace))->AceType == SYSTEM_AUDIT_ACE_TYPE)   || \
    (((PACE_HEADER)(Ace))->AceType == SYSTEM_ALARM_ACE_TYPE)      \
    )

//
// Update this macro as new MS-Defined ACE types are added.
//

#define IsMSAceType(Ace) (                                              \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_ALLOWED_ACE_TYPE) ||       \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_DENIED_ACE_TYPE)  ||       \
    (((PACE_HEADER)(Ace))->AceType == SYSTEM_AUDIT_ACE_TYPE)   ||       \
    (((PACE_HEADER)(Ace))->AceType == SYSTEM_ALARM_ACE_TYPE)   ||       \
    (((PACE_HEADER)(Ace))->AceType == ACCESS_ALLOWED_COMPOUND_ACE_TYPE) \
    )

//
// Update this macro as new ACL revisions are defined.
//

#define ValidAclRevision(Acl) ((Acl)->AclRevision == ACL_REVISION2 || (Acl)->AclRevision == ACL_REVISION3)

//
//  Macro to determine if an ace is to be inherited by a subdirectory
//

#define ContainerInherit(Ace) (                      \
    FlagOn((Ace)->AceFlags, CONTAINER_INHERIT_ACE) \
    )

//
//  Macro to determine if an ace is to be proprogate to a subdirectory.
//  It will if it is inheritable by either a container or non-container
//  and is not explicitly marked for no-propagation.
//

#define Propagate(Ace) (                                              \
    !FlagOn((Ace)->AceFlags, NO_PROPAGATE_INHERIT_ACE)  &&            \
    (FlagOn(( Ace )->AceFlags, OBJECT_INHERIT_ACE) ||                 \
     FlagOn(( Ace )->AceFlags, CONTAINER_INHERIT_ACE) )               \
    )

//
//  Macro to determine if an ACE is to be inherited by a sub-object
//

#define ObjectInherit(Ace) (                      \
    FlagOn(( Ace )->AceFlags, OBJECT_INHERIT_ACE) \
    )




#endif // _SEOPAQUE_
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 20:03:37 +0200