The ACE types defined in layout.h were significantly out of date, as
Microsoft has defined a number of new ACE types over the years.
None of the new ACEs uses a new base structure, though it seems that
some can have (or usually have) additional data after the SID.
More information about the new ACEs can be found in the public
documentation on MSDN.
Signed-off-by: Eric Biggers <ebigge...@gmail.com>
---
include/ntfs-3g/layout.h | 90 +++++++++++++++++++++++++++++++++---------------
1 file changed, 62 insertions(+), 28 deletions(-)
diff --git a/include/ntfs-3g/layout.h b/include/ntfs-3g/layout.h
index 98380de..564167c 100644
--- a/include/ntfs-3g/layout.h
+++ b/include/ntfs-3g/layout.h
@@ -1406,28 +1406,52 @@ typedef enum {
* enum ACE_TYPES - The predefined ACE types (8-bit, see below).
*/
typedef enum {
- ACCESS_MIN_MS_ACE_TYPE = 0,
- ACCESS_ALLOWED_ACE_TYPE = 0,
- ACCESS_DENIED_ACE_TYPE = 1,
- SYSTEM_AUDIT_ACE_TYPE = 2,
- SYSTEM_ALARM_ACE_TYPE = 3, /* Not implemented as of Win2k. */
- ACCESS_MAX_MS_V2_ACE_TYPE = 3,
-
- ACCESS_ALLOWED_COMPOUND_ACE_TYPE= 4,
- ACCESS_MAX_MS_V3_ACE_TYPE = 4,
-
- /* The following are Win2k only. */
- ACCESS_MIN_MS_OBJECT_ACE_TYPE = 5,
- ACCESS_ALLOWED_OBJECT_ACE_TYPE = 5,
- ACCESS_DENIED_OBJECT_ACE_TYPE = 6,
- SYSTEM_AUDIT_OBJECT_ACE_TYPE = 7,
- SYSTEM_ALARM_OBJECT_ACE_TYPE = 8,
- ACCESS_MAX_MS_OBJECT_ACE_TYPE = 8,
-
- ACCESS_MAX_MS_V4_ACE_TYPE = 8,
-
- /* This one is for WinNT&2k. */
- ACCESS_MAX_MS_ACE_TYPE = 8,
+ ACCESS_MIN_MS_ACE_TYPE = 0,
+ ACCESS_ALLOWED_ACE_TYPE = 0,
+ ACCESS_DENIED_ACE_TYPE = 1,
+ SYSTEM_AUDIT_ACE_TYPE = 2,
+ SYSTEM_ALARM_ACE_TYPE = 3, /* reserved */
+ ACCESS_MAX_MS_V2_ACE_TYPE = 3,
+
+ ACCESS_ALLOWED_COMPOUND_ACE_TYPE = 4, /* reserved */
+ ACCESS_MAX_MS_V3_ACE_TYPE = 4,
+
+ /* Win2k and later */
+ ACCESS_MIN_MS_OBJECT_ACE_TYPE = 5,
+ ACCESS_ALLOWED_OBJECT_ACE_TYPE = 5,
+ ACCESS_DENIED_OBJECT_ACE_TYPE = 6,
+ SYSTEM_AUDIT_OBJECT_ACE_TYPE = 7,
+ SYSTEM_ALARM_OBJECT_ACE_TYPE = 8, /* reserved */
+ ACCESS_MAX_MS_OBJECT_ACE_TYPE = 8,
+
+ ACCESS_MAX_MS_V4_ACE_TYPE = 8,
+
+ /* Apparently, this was the max type in Win2k, but for some reason MS
+ * chose not to update this constant in later Windows versions */
+ ACCESS_MAX_MS_ACE_TYPE = 8,
+
+ /* Windows XP and later */
+ ACCESS_ALLOWED_CALLBACK_ACE_TYPE = 9,
+ ACCESS_DENIED_CALLBACK_ACE_TYPE = 10,
+ ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = 11,
+ ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = 12,
+ SYSTEM_AUDIT_CALLBACK_ACE_TYPE = 13,
+ SYSTEM_ALARM_CALLBACK_ACE_TYPE = 14, /* reserved */
+ SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = 15,
+ SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = 16, /* reserved */
+
+ /* Windows Vista and later */
+ SYSTEM_MANDATORY_LABEL_ACE_TYPE = 17,
+
+ /* Windows 8 and later */
+ SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE = 18,
+ SYSTEM_SCOPED_POLICY_ID_ACE_TYPE = 19,
+
+ /* Windows 10 and later */
+ SYSTEM_PROCESS_TRUST_LABEL_ACE_TYPE = 20,
+
+ ACCESS_MAX_MS_V5_ACE_TYPE = 20,
+
} __attribute__((__packed__)) ACE_TYPES;
/**
@@ -1628,9 +1652,7 @@ typedef struct {
*/
/**
- * struct ACCESS_DENIED_ACE -
- *
- * ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE, SYSTEM_AUDIT_ACE, SYSTEM_ALARM_ACE
+ * struct ACCESS_ALLOWED_ACE, etc. - Base structure for all regular ACEs
*/
typedef struct {
/* 0 ACE_HEADER; -- Unfolded here as gcc doesn't like unnamed structs. */
@@ -1641,7 +1663,15 @@ typedef struct {
/* 4*/ ACCESS_MASK mask; /* Access mask associated with the ACE.
*/
/* 8*/ SID sid; /* The SID associated with the ACE. */
} __attribute__((__packed__)) ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE,
- SYSTEM_AUDIT_ACE, SYSTEM_ALARM_ACE;
+ SYSTEM_AUDIT_ACE, SYSTEM_ALARM_ACE,
+ ACCESS_ALLOWED_CALLBACK_ACE,
+ ACCESS_DENIED_CALLBACK_ACE,
+ SYSTEM_AUDIT_CALLBACK_ACE,
+ SYSTEM_ALARM_CALLBACK_ACE,
+ SYSTEM_MANDATORY_LABEL_ACE,
+ SYSTEM_RESOURCE_ATTRIBUTE_ACE,
+ SYSTEM_SCOPED_POLICY_ID_ACE,
+ SYSTEM_PROCESS_TRUST_LABEL_ACE;
/**
* enum OBJECT_ACE_FLAGS - The object ACE flags (32-bit).
@@ -1652,7 +1682,7 @@ typedef enum {
} OBJECT_ACE_FLAGS;
/**
- * struct ACCESS_ALLOWED_OBJECT_ACE -
+ * struct ACCESS_ALLOWED_OBJECT_ACE, etc. - Base structure for all object ACEs
*/
typedef struct {
/* 0 ACE_HEADER; -- Unfolded here as gcc doesn't like unnamed structs. */
@@ -1668,7 +1698,11 @@ typedef struct {
} __attribute__((__packed__)) ACCESS_ALLOWED_OBJECT_ACE,
ACCESS_DENIED_OBJECT_ACE,
SYSTEM_AUDIT_OBJECT_ACE,
- SYSTEM_ALARM_OBJECT_ACE;
+ SYSTEM_ALARM_OBJECT_ACE,
+ ACCESS_ALLOWED_CALLBACK_OBJECT_ACE,
+ ACCESS_DENIED_CALLBACK_OBJECT_ACE,
+ SYSTEM_AUDIT_CALLBACK_OBJECT_ACE,
+ SYSTEM_ALARM_CALLBACK_OBJECT_ACE;
/**
* struct ACL - An ACL is an access-control list (ACL).
--
2.9.3
------------------------------------------------------------------------------
_______________________________________________
ntfs-3g-devel mailing list
ntfs-3g-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel
