RtlAddAce - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTRTL_H

NTSYSAPI
NTSTATUS
NTAPI
RtlAddAce(
    _Inout_ PACL Acl,
    _In_ ULONG AceRevision,
    _In_ ULONG StartingAceIndex,
    _In_reads_bytes_(AceListLength) PVOID AceList,
    _In_ ULONG AceListLength
    );

#endif

View code on GitHub
// ntifs.h

NTSYSAPI NTSTATUS RtlAddAce(
  [in, out] PACL  Acl,
  [in]      ULONG AceRevision,
  [in]      ULONG StartingAceIndex,
  [in]      PVOID AceList,
  [in]      ULONG AceListLength
);
View the official Windows Driver Kit DDI reference

NtDoc

This function is documented in Windows Driver Kit.

Edit description on GitHub

Windows Driver Kit DDI reference (nf-ntifs-rtladdace)

RtlAddAce function

Description

The RtlAddAce routine adds one or more access control entries (ACEs) to a specified access control list (ACL).

Parameters

Acl [in, out]

Pointer to the ACL to be modified. RtlAddAce adds the specified ACEs to this ACL.

AceRevision [in]

ACL revision level of the ACE to be added. Windows version requirements are the following:

Value Meaning
ACL_REVISION The revision level valid on all Windows versions.
ACL_REVISION_DS The revision level valid starting with Windows 2000.

AceRevision must be ACL_REVISION_DS if the ACL in Acl contains an object-specific ACE.

StartingAceIndex [in]

Specifies the position in the ACL's list of ACEs at which to add new ACEs. A value of zero inserts the ACEs at the beginning of the list. A value of MAXULONG appends the ACEs to the end of the list.

AceList [in]

Pointer to a buffer containing a list of one or more ACEs to be added to the specified ACL. The ACEs in the list must be stored contiguously.

AceListLength [in]

Size, in bytes, of the input buffer pointed to by the AceList parameter.

Return value

RtlAddAce returns STATUS_SUCCESS or an appropriate NTSTATUS value such as one of the following:

Return code Description
STATUS_BUFFER_TOO_SMALL The new ACEs do not fit into the ACL. A larger ACL buffer is required. STATUS_BUFFER_TOO_SMALL is an error code.
STATUS_INVALID_PARAMETER One of the parameter values was invalid. Possible reasons include that the specified ACL is invalid or the specified revision is unknown, is not compatible with revisions in the ACE list, or is not compatible with the revision of the ACL. STATUS_INVALID_PARAMETER is an error code.

Remarks

For information about calculating the size of an ACL, see the Remarks section of the reference entry for RtlCreateAcl.

To obtain a pointer to an ACE in an ACL, use RtlGetAce.

To delete an ACE from an ACL, use RtlDeleteAce.

To add an access-allowed ACE to an ACL, use RtlAddAccessAllowedAce.

For more information about security and access control, see Windows security model for driver developers and the documentation on these topics in the Windows SDK.

See also

ACE

ACL

RtlAddAccessAllowedAce

RtlCreateAcl

RtlDeleteAce

RtlGetAce

View the official Windows Driver Kit DDI reference

Edit description on GitHub