From da413e0a390ad73f427e07c4db594d2e90cee9b4 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Wed, 18 Mar 2009 13:47:18 +0000
Subject: [PATCH] 	* winnt.h: Add Vista token security extensions. 
 (SID_HASH_SIZE): Define. 	(TOKEN_MANDATORY_POLICY_OFF,
 TOKEN_MANDATORY_POLICY_NO_WRITE_UP, 
 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN, 
 TOKEN_MANDATORY_POLICY_VALID_MASK): Define. 	(SID_HASH_ENTRY): Define. 
 (struct _SID_AND_ATTRIBUTES_HASH): Define. 	(struct _TOKEN_LINKED_TOKEN):
 Define. 	(struct _TOKEN_MANDATORY_LABEL): Define. 	(struct
 _TOKEN_MANDATORY_POLICY): Define. 	(struct _TOKEN_ELEVATION): Define. 
 (struct _TOKEN_ACCESS_INFORMATION): Define. 	(enum
 _TOKEN_INFORMATION_CLASS): Conditionally define new Vista token 
 information enumeration values.

---
 winsup/w32api/ChangeLog       | 17 +++++++++++
 winsup/w32api/include/winnt.h | 57 ++++++++++++++++++++++++++++++++++-
 2 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/winsup/w32api/ChangeLog b/winsup/w32api/ChangeLog
index eb5b3d3af..893134c5b 100644
--- a/winsup/w32api/ChangeLog
+++ b/winsup/w32api/ChangeLog
@@ -1,3 +1,20 @@
+2009-02-18  Corinna Vinschen  <corinna@vinschen.de>
+
+	* winnt.h: Add Vista token security extensions.
+	(SID_HASH_SIZE): Define.
+	(TOKEN_MANDATORY_POLICY_OFF, TOKEN_MANDATORY_POLICY_NO_WRITE_UP,
+	TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN,
+	TOKEN_MANDATORY_POLICY_VALID_MASK): Define.
+	(SID_HASH_ENTRY): Define.
+	(struct _SID_AND_ATTRIBUTES_HASH): Define.
+	(struct _TOKEN_LINKED_TOKEN): Define.
+	(struct _TOKEN_MANDATORY_LABEL): Define.
+	(struct _TOKEN_MANDATORY_POLICY): Define.
+	(struct _TOKEN_ELEVATION): Define.
+	(struct _TOKEN_ACCESS_INFORMATION): Define.
+	(enum _TOKEN_INFORMATION_CLASS): Conditionally define new Vista token
+	information enumeration values.
+
 2009-02-09  Corinna Vinschen  <corinna@vinschen.de>
 
 	* include/winioctl.h (FSCTL_ALLOW_EXTENDED_DASD_IO): Copy definition
diff --git a/winsup/w32api/include/winnt.h b/winsup/w32api/include/winnt.h
index 1744650c8..a84462f90 100644
--- a/winsup/w32api/include/winnt.h
+++ b/winsup/w32api/include/winnt.h
@@ -465,6 +465,9 @@ typedef DWORD FLONG;
 #define SECURITY_RESTRICTED_CODE_RID 0xC
 #define SECURITY_NT_NON_UNIQUE_RID 0x15
 #define SID_REVISION 1
+#if (_WIN32_WINNT >= 0x0600)
+#define SID_HASH_SIZE 32
+#endif
 #define DOMAIN_USER_RID_ADMIN 0x1F4L
 #define DOMAIN_USER_RID_GUEST 0x1F5L
 #define DOMAIN_GROUP_RID_ADMINS	0x200L
@@ -1576,6 +1579,12 @@ typedef DWORD FLONG;
 
 #define TOKEN_EXECUTE    (STANDARD_RIGHTS_EXECUTE)
 #define TOKEN_SOURCE_LENGTH 8
+#if (_WIN32_WINNT >= 0x0600)
+#define TOKEN_MANDATORY_POLICY_OFF 0
+#define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 1
+#define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 2
+#define TOKEN_MANDATORY_POLICY_VALID_MASK 3
+#endif
 /* end ddk/ntifs.h */
 #define DLL_PROCESS_DETACH	0
 #define DLL_PROCESS_ATTACH	1
@@ -2473,6 +2482,14 @@ typedef struct _SID_AND_ATTRIBUTES {
 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
+#if (_WIN32_WINNT >= 0x0600)
+typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
+typedef struct _SID_AND_ATTRIBUTES_HASH {
+	DWORD SidCount;
+	PSID_AND_ATTRIBUTES SidAttr;
+	SID_HASH_ENTRY Hash[SID_HASH_SIZE];
+} SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
+#endif
 typedef struct _TOKEN_SOURCE {
 	CHAR SourceName[TOKEN_SOURCE_LENGTH];
 	LUID SourceIdentifier;
@@ -2519,6 +2536,30 @@ typedef struct _TOKEN_STATISTICS {
 typedef struct _TOKEN_USER {
 	SID_AND_ATTRIBUTES User;
 } TOKEN_USER, *PTOKEN_USER;
+#if (_WIN32_WINNT >= 0x0600)
+typedef struct _TOKEN_LINKED_TOKEN {
+	HANDLE LinkedToken;
+} TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
+typedef struct _TOKEN_MANDATORY_LABEL {
+	SID_AND_ATTRIBUTES Label;
+} TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
+typedef struct _TOKEN_MANDATORY_POLICY {
+	DWORD Policy;
+} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
+typedef struct _TOKEN_ELEVATION {
+	DWORD TokenIsElevated;
+} TOKEN_ELEVATION, *PTOKEN_ELEVATION;
+typedef struct _TOKEN_ACCESS_INFORMATION {
+	PSID_AND_ATTRIBUTES_HASH SidHash;
+	PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
+	PTOKEN_PRIVILEGES Privileges;
+	LUID AuthenticationId;
+	TOKEN_TYPE TokenType;
+	SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+	TOKEN_MANDATORY_POLICY MandatoryPolicy;
+	DWORD Flags;
+} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
+#endif
 typedef DWORD SECURITY_INFORMATION,*PSECURITY_INFORMATION;
 typedef WORD SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
 typedef struct _SECURITY_DESCRIPTOR {
@@ -2547,7 +2588,21 @@ typedef enum _TOKEN_INFORMATION_CLASS {
 	TokenSessionReference,
 	TokenSandBoxInert,
 	TokenAuditPolicy,
-	TokenOrigin  
+	TokenOrigin,
+#if (_WIN32_WINNT >= 0x0600)
+	TokenElevationType,
+	TokenLinkedToken,
+	TokenElevation,
+	TokenHasRestrictions,
+	TokenAccessInformation,
+	TokenVirtualizationAllowed,
+	TokenVirtualizationEnabled,
+	TokenIntegrityLevel,
+	TokenUIAccess,
+	TokenMandatoryPolicy,
+	TokenLogonSid,
+#endif
+	MaxTokenInfoClass
 } TOKEN_INFORMATION_CLASS;
 typedef enum _SID_NAME_USE {
 	SidTypeUser=1,