1 /** 2 * This file has no copyright assigned and is placed in the Public Domain. 3 * This file is part of the mingw-w64 runtime package. 4 * No warranty is given; refer to the file DISCLAIMER.PD within this package. 5 */ 6 #ifndef _WINTERNL_ 7 #define _WINTERNL_ 8 9 #include <windef.h> 10 11 #ifndef NT_SUCCESS 12 #define NT_SUCCESS(status) ((NTSTATUS) (status) >= 0) 13 #endif 14 15 #ifndef NT_INFORMATION 16 #define NT_INFORMATION(Status) ((((ULONG)(Status)) >> 30) == 1) 17 #endif 18 19 #ifndef NT_WARNING 20 #define NT_WARNING(Status) ((((ULONG)(Status)) >> 30) == 2) 21 #endif 22 23 #ifndef NT_ERROR 24 #define NT_ERROR(Status) ((((ULONG)(Status)) >> 30) == 3) 25 #endif 26 27 #ifndef DEVICE_TYPE 28 #define DEVICE_TYPE ULONG 29 #endif 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #ifndef __UNICODE_STRING_DEFINED 36 #define __UNICODE_STRING_DEFINED 37 typedef struct _UNICODE_STRING { 38 USHORT Length; 39 USHORT MaximumLength; 40 PWSTR Buffer; 41 } UNICODE_STRING; 42 #endif 43 44 typedef struct _PEB_LDR_DATA { 45 BYTE Reserved1[8]; 46 PVOID Reserved2[3]; 47 LIST_ENTRY InMemoryOrderModuleList; 48 } PEB_LDR_DATA,*PPEB_LDR_DATA; 49 50 typedef struct _LDR_DATA_TABLE_ENTRY { 51 PVOID Reserved1[2]; 52 LIST_ENTRY InMemoryOrderLinks; 53 PVOID Reserved2[2]; 54 PVOID DllBase; 55 PVOID Reserved3[2]; 56 UNICODE_STRING FullDllName; 57 BYTE Reserved4[8]; 58 PVOID Reserved5[3]; 59 __C89_NAMELESS union { 60 ULONG CheckSum; 61 PVOID Reserved6; 62 }; 63 ULONG TimeDateStamp; 64 } LDR_DATA_TABLE_ENTRY,*PLDR_DATA_TABLE_ENTRY; 65 66 typedef struct _RTL_USER_PROCESS_PARAMETERS { 67 BYTE Reserved1[16]; 68 PVOID Reserved2[10]; 69 UNICODE_STRING ImagePathName; 70 UNICODE_STRING CommandLine; 71 } RTL_USER_PROCESS_PARAMETERS,*PRTL_USER_PROCESS_PARAMETERS; 72 73 /* This function pointer is undocumented and just valid for windows 2000. 74 Therefore I guess. */ 75 typedef VOID (NTAPI *PPS_POST_PROCESS_INIT_ROUTINE)(VOID); 76 77 typedef struct _PEB { 78 BYTE Reserved1[2]; 79 BYTE BeingDebugged; 80 BYTE Reserved2[1]; 81 PVOID Reserved3[2]; 82 PPEB_LDR_DATA Ldr; 83 PRTL_USER_PROCESS_PARAMETERS ProcessParameters; 84 PVOID Reserved4[3]; 85 PVOID AtlThunkSListPtr; 86 PVOID Reserved5; 87 ULONG Reserved6; 88 PVOID Reserved7; 89 ULONG Reserved8; 90 ULONG AtlThunkSListPtr32; 91 PVOID Reserved9[45]; 92 BYTE Reserved10[96]; 93 PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine; 94 BYTE Reserved11[128]; 95 PVOID Reserved12[1]; 96 ULONG SessionId; 97 } PEB,*PPEB; 98 99 typedef struct _TEB { 100 PVOID Reserved1[12]; 101 PPEB ProcessEnvironmentBlock; 102 PVOID Reserved2[399]; 103 BYTE Reserved3[1952]; 104 PVOID TlsSlots[64]; 105 BYTE Reserved4[8]; 106 PVOID Reserved5[26]; 107 PVOID ReservedForOle; 108 PVOID Reserved6[4]; 109 PVOID TlsExpansionSlots; 110 } TEB; 111 112 typedef TEB *PTEB; 113 #if !defined (_NTDEF_) && !defined (_NTSTATUS_PSDK) 114 #define _NTSTATUS_PSDK 115 typedef LONG NTSTATUS, *PNTSTATUS; 116 #endif 117 typedef CONST char *PCSZ; 118 119 #ifndef __STRING_DEFINED 120 #define __STRING_DEFINED 121 typedef struct _STRING { 122 USHORT Length; 123 USHORT MaximumLength; 124 PCHAR Buffer; 125 } STRING; 126 #endif 127 128 typedef STRING *PSTRING; 129 typedef STRING ANSI_STRING; 130 typedef PSTRING PANSI_STRING; 131 typedef PSTRING PCANSI_STRING; 132 typedef STRING OEM_STRING; 133 typedef PSTRING POEM_STRING; 134 typedef CONST STRING *PCOEM_STRING; 135 136 typedef UNICODE_STRING *PUNICODE_STRING; 137 typedef const UNICODE_STRING *PCUNICODE_STRING; 138 139 #ifndef __OBJECT_ATTRIBUTES_DEFINED 140 #define __OBJECT_ATTRIBUTES_DEFINED 141 typedef struct _OBJECT_ATTRIBUTES { 142 ULONG Length; 143 #ifdef _WIN64 144 ULONG pad1; 145 #endif 146 HANDLE RootDirectory; 147 PUNICODE_STRING ObjectName; 148 ULONG Attributes; 149 #ifdef _WIN64 150 ULONG pad2; 151 #endif 152 PVOID SecurityDescriptor; 153 PVOID SecurityQualityOfService; 154 } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES; 155 #endif 156 157 /* Values for the Attributes member */ 158 #define OBJ_INHERIT 0x00000002L 159 #define OBJ_PERMANENT 0x00000010L 160 #define OBJ_EXCLUSIVE 0x00000020L 161 #define OBJ_CASE_INSENSITIVE 0x00000040L 162 #define OBJ_OPENIF 0x00000080L 163 #define OBJ_OPENLINK 0x00000100L 164 #define OBJ_KERNEL_HANDLE 0x00000200L 165 #define OBJ_FORCE_ACCESS_CHECK 0x00000400L 166 #define OBJ_IGNORE_IMPERSONATED_DEVICEMAP 0x00000800L 167 #define OBJ_DONT_REPARSE 0x00001000L 168 #define OBJ_VALID_ATTRIBUTES 0x00001FF2L 169 170 /* Define the create disposition values */ 171 #define FILE_SUPERSEDE 0x00000000 172 #define FILE_OPEN 0x00000001 173 #define FILE_CREATE 0x00000002 174 #define FILE_OPEN_IF 0x00000003 175 #define FILE_OVERWRITE 0x00000004 176 #define FILE_OVERWRITE_IF 0x00000005 177 #define FILE_MAXIMUM_DISPOSITION 0x00000005 178 179 /* Define the create/open option flags */ 180 #define FILE_DIRECTORY_FILE 0x00000001 181 #define FILE_WRITE_THROUGH 0x00000002 182 #define FILE_SEQUENTIAL_ONLY 0x00000004 183 #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008 184 #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010 185 #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020 186 #define FILE_NON_DIRECTORY_FILE 0x00000040 187 #define FILE_CREATE_TREE_CONNECTION 0x00000080 188 #define FILE_COMPLETE_IF_OPLOCKED 0x00000100 189 #define FILE_NO_EA_KNOWLEDGE 0x00000200 190 #define FILE_OPEN_REMOTE_INSTANCE 0x00000400 191 #define FILE_RANDOM_ACCESS 0x00000800 192 #define FILE_DELETE_ON_CLOSE 0x00001000 193 #define FILE_OPEN_BY_FILE_ID 0x00002000 194 #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000 195 #define FILE_NO_COMPRESSION 0x00008000 196 #if (_WIN32_WINNT >= _WIN32_WINNT_WIN7) 197 #define FILE_OPEN_REQUIRING_OPLOCK 0x00010000 198 #endif 199 #define FILE_RESERVE_OPFILTER 0x00100000 200 #define FILE_OPEN_REPARSE_POINT 0x00200000 201 #define FILE_OPEN_NO_RECALL 0x00400000 202 #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000 203 #define FILE_VALID_OPTION_FLAGS 0x00ffffff 204 #define FILE_VALID_PIPE_OPTION_FLAGS 0x00000032 205 #define FILE_VALID_MAILSLOT_OPTION_FLAGS 0x00000032 206 #define FILE_VALID_SET_FLAGS 0x00000036 207 208 /* Define the I/O status information return values for NtCreateFile/NtOpenFile */ 209 #define FILE_SUPERSEDED 0x00000000 210 #define FILE_OPENED 0x00000001 211 #define FILE_CREATED 0x00000002 212 #define FILE_OVERWRITTEN 0x00000003 213 #define FILE_EXISTS 0x00000004 214 #define FILE_DOES_NOT_EXIST 0x00000005 215 216 /* Helper Macro */ 217 #ifndef InitializeObjectAttributes 218 #define InitializeObjectAttributes(p,n,a,r,s) { \ 219 (p)->Length = sizeof(OBJECT_ATTRIBUTES); \ 220 (p)->RootDirectory = (r); \ 221 (p)->Attributes = (a); \ 222 (p)->ObjectName = (n); \ 223 (p)->SecurityDescriptor = (s); \ 224 (p)->SecurityQualityOfService = NULL; \ 225 } 226 #endif 227 228 typedef struct _OBJECT_DATA_INFORMATION { 229 BOOLEAN InheritHandle; 230 BOOLEAN ProtectFromClose; 231 } OBJECT_DATA_INFORMATION, *POBJECT_DATA_INFORMATION; 232 233 typedef struct _OBJECT_BASIC_INFORMATION { 234 ULONG Attributes; 235 ACCESS_MASK GrantedAccess; 236 ULONG HandleCount; 237 ULONG PointerCount; 238 ULONG PagedPoolUsage; 239 ULONG NonPagedPoolUsage; 240 ULONG Reserved[3]; 241 ULONG NameInformationLength; 242 ULONG TypeInformationLength; 243 ULONG SecurityDescriptorLength; 244 LARGE_INTEGER CreateTime; 245 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION; 246 247 typedef struct _OBJECT_NAME_INFORMATION { 248 UNICODE_STRING Name; 249 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION; 250 251 typedef struct _OBJECT_TYPE_INFORMATION { 252 UNICODE_STRING TypeName; 253 ULONG TotalNumberOfObjects; 254 ULONG TotalNumberOfHandles; 255 ULONG TotalPagedPoolUsage; 256 ULONG TotalNonPagedPoolUsage; 257 ULONG TotalNamePoolUsage; 258 ULONG TotalHandleTableUsage; 259 ULONG HighWaterNumberOfObjects; 260 ULONG HighWaterNumberOfHandles; 261 ULONG HighWaterPagedPoolUsage; 262 ULONG HighWaterNonPagedPoolUsage; 263 ULONG HighWaterNamePoolUsage; 264 ULONG HighWaterHandleTableUsage; 265 ULONG InvalidAttributes; 266 GENERIC_MAPPING GenericMapping; 267 ULONG ValidAccessMask; 268 BOOLEAN SecurityRequired; 269 BOOLEAN MaintainHandleCount; 270 ULONG PoolType; 271 ULONG DefaultPagedPoolCharge; 272 ULONG DefaultNonPagedPoolCharge; 273 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION; 274 275 typedef struct _OBJECT_ALL_INFORMATION { 276 ULONG NumberOfObjects; 277 OBJECT_TYPE_INFORMATION ObjectTypeInformation[1]; 278 }OBJECT_ALL_INFORMATION, *POBJECT_ALL_INFORMATION; 279 280 typedef enum _FILE_INFORMATION_CLASS { 281 FileDirectoryInformation = 1, 282 FileFullDirectoryInformation, 283 FileBothDirectoryInformation, 284 FileBasicInformation, 285 FileStandardInformation, 286 FileInternalInformation, 287 FileEaInformation, 288 FileAccessInformation, 289 FileNameInformation, 290 FileRenameInformation, 291 FileLinkInformation, 292 FileNamesInformation, 293 FileDispositionInformation, 294 FilePositionInformation, 295 FileFullEaInformation, 296 FileModeInformation, 297 FileAlignmentInformation, 298 FileAllInformation, 299 FileAllocationInformation, 300 FileEndOfFileInformation, 301 FileAlternateNameInformation, 302 FileStreamInformation, 303 FilePipeInformation, 304 FilePipeLocalInformation, 305 FilePipeRemoteInformation, 306 FileMailslotQueryInformation, 307 FileMailslotSetInformation, 308 FileCompressionInformation, 309 FileObjectIdInformation, 310 FileCompletionInformation, 311 FileMoveClusterInformation, 312 FileQuotaInformation, 313 FileReparsePointInformation, 314 FileNetworkOpenInformation, 315 FileAttributeTagInformation, 316 FileTrackingInformation, 317 FileIdBothDirectoryInformation, 318 FileIdFullDirectoryInformation, 319 FileValidDataLengthInformation, 320 FileShortNameInformation = 40, 321 FileSfioReserveInformation = 44, 322 FileSfioVolumeInformation = 45, 323 FileHardLinkInformation = 46, 324 FileNormalizedNameInformation = 48, 325 FileIdGlobalTxDirectoryInformation = 50, 326 FileStandardLinkInformation = 54, 327 FileMaximumInformation 328 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS; 329 330 typedef struct _FILE_DIRECTORY_INFORMATION { 331 ULONG NextEntryOffset; 332 ULONG FileIndex; 333 LARGE_INTEGER CreationTime; 334 LARGE_INTEGER LastAccessTime; 335 LARGE_INTEGER LastWriteTime; 336 LARGE_INTEGER ChangeTime; 337 LARGE_INTEGER EndOfFile; 338 LARGE_INTEGER AllocationSize; 339 ULONG FileAttributes; 340 ULONG FileNameLength; 341 WCHAR FileName[ANYSIZE_ARRAY]; 342 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION; 343 344 typedef struct _FILE_FULL_DIR_INFORMATION { 345 ULONG NextEntryOffset; 346 ULONG FileIndex; 347 LARGE_INTEGER CreationTime; 348 LARGE_INTEGER LastAccessTime; 349 LARGE_INTEGER LastWriteTime; 350 LARGE_INTEGER ChangeTime; 351 LARGE_INTEGER EndOfFile; 352 LARGE_INTEGER AllocationSize; 353 ULONG FileAttributes; 354 ULONG FileNameLength; 355 ULONG EaSize; 356 WCHAR FileName[ANYSIZE_ARRAY]; 357 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION; 358 359 typedef struct _FILE_ID_FULL_DIR_INFORMATION { 360 ULONG NextEntryOffset; 361 ULONG FileIndex; 362 LARGE_INTEGER CreationTime; 363 LARGE_INTEGER LastAccessTime; 364 LARGE_INTEGER LastWriteTime; 365 LARGE_INTEGER ChangeTime; 366 LARGE_INTEGER EndOfFile; 367 LARGE_INTEGER AllocationSize; 368 ULONG FileAttributes; 369 ULONG FileNameLength; 370 ULONG EaSize; 371 LARGE_INTEGER FileId; 372 WCHAR FileName[ANYSIZE_ARRAY]; 373 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION; 374 375 typedef struct _FILE_BOTH_DIR_INFORMATION { 376 ULONG NextEntryOffset; 377 ULONG FileIndex; 378 LARGE_INTEGER CreationTime; 379 LARGE_INTEGER LastAccessTime; 380 LARGE_INTEGER LastWriteTime; 381 LARGE_INTEGER ChangeTime; 382 LARGE_INTEGER EndOfFile; 383 LARGE_INTEGER AllocationSize; 384 ULONG FileAttributes; 385 ULONG FileNameLength; 386 ULONG EaSize; 387 CHAR ShortNameLength; 388 WCHAR ShortName[12]; 389 WCHAR FileName[ANYSIZE_ARRAY]; 390 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION; 391 392 typedef struct _FILE_ID_BOTH_DIR_INFORMATION { 393 ULONG NextEntryOffset; 394 ULONG FileIndex; 395 LARGE_INTEGER CreationTime; 396 LARGE_INTEGER LastAccessTime; 397 LARGE_INTEGER LastWriteTime; 398 LARGE_INTEGER ChangeTime; 399 LARGE_INTEGER EndOfFile; 400 LARGE_INTEGER AllocationSize; 401 ULONG FileAttributes; 402 ULONG FileNameLength; 403 ULONG EaSize; 404 CHAR ShortNameLength; 405 WCHAR ShortName[12]; 406 LARGE_INTEGER FileId; 407 WCHAR FileName[ANYSIZE_ARRAY]; 408 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION; 409 410 /* Old names of dir info structures as (partially) used in Nebbitt's 411 Native API Reference. Keep for backward compatibility. */ 412 typedef struct _FILE_FULL_DIR_INFORMATION 413 FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION; 414 typedef struct _FILE_ID_FULL_DIR_INFORMATION 415 FILE_ID_FULL_DIRECTORY_INFORMATION, *PFILE_ID_FULL_DIRECTORY_INFORMATION; 416 typedef struct _FILE_BOTH_DIR_INFORMATION 417 FILE_BOTH_DIRECTORY_INFORMATION, *PFILE_BOTH_DIRECTORY_INFORMATION; 418 typedef struct _FILE_ID_BOTH_DIR_INFORMATION 419 FILE_ID_BOTH_DIRECTORY_INFORMATION, *PFILE_ID_BOTH_DIRECTORY_INFORMATION; 420 421 typedef struct _FILE_BASIC_INFORMATION { 422 LARGE_INTEGER CreationTime; 423 LARGE_INTEGER LastAccessTime; 424 LARGE_INTEGER LastWriteTime; 425 LARGE_INTEGER ChangeTime; 426 ULONG FileAttributes; 427 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION; 428 429 typedef struct _FILE_STANDARD_INFORMATION { 430 LARGE_INTEGER AllocationSize; 431 LARGE_INTEGER EndOfFile; 432 ULONG NumberOfLinks; 433 BOOLEAN DeletePending; 434 BOOLEAN Directory; 435 } FILE_STANDARD_INFORMATION, *PFILE_STANDARD_INFORMATION; 436 437 typedef struct _FILE_INTERNAL_INFORMATION { 438 LARGE_INTEGER IndexNumber; 439 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION; 440 441 typedef struct _FILE_EA_INFORMATION { 442 ULONG EaSize; 443 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION; 444 445 typedef struct _FILE_ACCESS_INFORMATION { 446 ACCESS_MASK AccessFlags; 447 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION; 448 449 typedef struct _FILE_LINK_INFORMATION { 450 BOOLEAN ReplaceIfExists; 451 HANDLE RootDirectory; 452 ULONG FileNameLength; 453 WCHAR FileName[1]; 454 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION; 455 456 typedef struct _FILE_NAME_INFORMATION { 457 ULONG FileNameLength; 458 WCHAR FileName[1]; 459 } FILE_NAME_INFORMATION, *PFILE_NAME_INFORMATION; 460 461 typedef struct _FILE_RENAME_INFORMATION { 462 BOOLEAN ReplaceIfExists; 463 HANDLE RootDirectory; 464 ULONG FileNameLength; 465 WCHAR FileName[1]; 466 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION; 467 468 typedef struct _FILE_NAMES_INFORMATION { 469 ULONG NextEntryOffset; 470 ULONG FileIndex; 471 ULONG FileNameLength; 472 WCHAR FileName[1]; 473 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION; 474 475 typedef struct _FILE_DISPOSITION_INFORMATION { 476 BOOLEAN DoDeleteFile; 477 } FILE_DISPOSITION_INFORMATION, *PFILE_DISPOSITION_INFORMATION; 478 479 typedef struct _FILE_POSITION_INFORMATION { 480 LARGE_INTEGER CurrentByteOffset; 481 } FILE_POSITION_INFORMATION, *PFILE_POSITION_INFORMATION; 482 483 typedef struct _FILE_ALIGNMENT_INFORMATION { 484 ULONG AlignmentRequirement; 485 } FILE_ALIGNMENT_INFORMATION, *PFILE_ALIGNMENT_INFORMATION; 486 487 typedef struct _FILE_ALLOCATION_INFORMATION { 488 LARGE_INTEGER AllocationSize; 489 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION; 490 491 typedef struct _FILE_END_OF_FILE_INFORMATION { 492 LARGE_INTEGER EndOfFile; 493 } FILE_END_OF_FILE_INFORMATION, *PFILE_END_OF_FILE_INFORMATION; 494 495 typedef struct _FILE_NETWORK_OPEN_INFORMATION { 496 LARGE_INTEGER CreationTime; 497 LARGE_INTEGER LastAccessTime; 498 LARGE_INTEGER LastWriteTime; 499 LARGE_INTEGER ChangeTime; 500 LARGE_INTEGER AllocationSize; 501 LARGE_INTEGER EndOfFile; 502 ULONG FileAttributes; 503 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION; 504 505 typedef struct _FILE_FULL_EA_INFORMATION { 506 ULONG NextEntryOffset; 507 UCHAR Flags; 508 UCHAR EaNameLength; 509 USHORT EaValueLength; 510 CHAR EaName[1]; 511 } FILE_FULL_EA_INFORMATION, *PFILE_FULL_EA_INFORMATION; 512 513 typedef struct _FILE_MODE_INFORMATION { 514 ULONG Mode; 515 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION; 516 517 typedef struct _FILE_STREAM_INFORMATION { 518 ULONG NextEntryOffset; 519 ULONG StreamNameLength; 520 LARGE_INTEGER StreamSize; 521 LARGE_INTEGER StreamAllocationSize; 522 WCHAR StreamName[1]; 523 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION; 524 525 typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION { 526 ULONG FileAttributes; 527 ULONG ReparseTag; 528 } FILE_ATTRIBUTE_TAG_INFORMATION, *PFILE_ATTRIBUTE_TAG_INFORMATION; 529 530 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION { 531 ULONG MaximumMessageSize; 532 ULONG MailslotQuota; 533 ULONG NextMessageSize; 534 ULONG MessagesAvailable; 535 LARGE_INTEGER ReadTimeout; 536 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION; 537 538 typedef struct _FILE_MAILSLOT_SET_INFORMATION { 539 LARGE_INTEGER ReadTimeout; 540 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION; 541 542 typedef struct _FILE_PIPE_LOCAL_INFORMATION { 543 ULONG NamedPipeType; 544 ULONG NamedPipeConfiguration; 545 ULONG MaximumInstances; 546 ULONG CurrentInstances; 547 ULONG InboundQuota; 548 ULONG ReadDataAvailable; 549 ULONG OutboundQuota; 550 ULONG WriteQuotaAvailable; 551 ULONG NamedPipeState; 552 ULONG NamedPipeEnd; 553 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION; 554 555 typedef struct _FILE_ALL_INFORMATION { 556 FILE_BASIC_INFORMATION BasicInformation; 557 FILE_STANDARD_INFORMATION StandardInformation; 558 FILE_INTERNAL_INFORMATION InternalInformation; 559 FILE_EA_INFORMATION EaInformation; 560 FILE_ACCESS_INFORMATION AccessInformation; 561 FILE_POSITION_INFORMATION PositionInformation; 562 FILE_MODE_INFORMATION ModeInformation; 563 FILE_ALIGNMENT_INFORMATION AlignmentInformation; 564 FILE_NAME_INFORMATION NameInformation; 565 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION; 566 567 typedef enum _FSINFOCLASS { 568 FileFsVolumeInformation = 1, 569 FileFsLabelInformation, 570 FileFsSizeInformation, 571 FileFsDeviceInformation, 572 FileFsAttributeInformation, 573 FileFsControlInformation, 574 FileFsFullSizeInformation, 575 FileFsObjectIdInformation, 576 FileFsDriverPathInformation, 577 FileFsVolumeFlagsInformation, 578 FileFsMaximumInformation 579 } FS_INFORMATION_CLASS, *PFS_INFORMATION_CLASS; 580 581 typedef struct _FILE_FS_VOLUME_INFORMATION { 582 LARGE_INTEGER VolumeCreationTime; 583 ULONG VolumeSerialNumber; 584 ULONG VolumeLabelLength; 585 BOOLEAN SupportsObjects; 586 WCHAR VolumeLabel[1]; 587 } FILE_FS_VOLUME_INFORMATION, *PFILE_FS_VOLUME_INFORMATION; 588 589 typedef struct _FILE_FS_LABEL_INFORMATION { 590 ULONG VolumeLabelLength; 591 WCHAR VolumeLabel[1]; 592 } FILE_FS_LABEL_INFORMATION, *PFILE_FS_LABEL_INFORMATION; 593 594 typedef struct _FILE_FS_SIZE_INFORMATION { 595 LARGE_INTEGER TotalAllocationUnits; 596 LARGE_INTEGER AvailableAllocationUnits; 597 ULONG SectorsPerAllocationUnit; 598 ULONG BytesPerSector; 599 } FILE_FS_SIZE_INFORMATION, *PFILE_FS_SIZE_INFORMATION; 600 601 typedef struct _FILE_FS_DEVICE_INFORMATION { 602 DEVICE_TYPE DeviceType; 603 ULONG Characteristics; 604 } FILE_FS_DEVICE_INFORMATION, *PFILE_FS_DEVICE_INFORMATION; 605 606 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION { 607 ULONG FileSystemAttributes; 608 ULONG MaximumComponentNameLength; 609 ULONG FileSystemNameLength; 610 WCHAR FileSystemName[1]; 611 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION; 612 613 typedef struct _FILE_FS_FULL_SIZE_INFORMATION { 614 LARGE_INTEGER TotalAllocationUnits; 615 LARGE_INTEGER CallerAvailableAllocationUnits; 616 LARGE_INTEGER ActualAvailableAllocationUnits; 617 ULONG SectorsPerAllocationUnit; 618 ULONG BytesPerSector; 619 } FILE_FS_FULL_SIZE_INFORMATION, *PFILE_FS_FULL_SIZE_INFORMATION; 620 621 typedef struct _FILE_FS_OBJECTID_INFORMATION { 622 UCHAR ObjectId[16]; 623 UCHAR ExtendedInfo[48]; 624 } FILE_FS_OBJECTID_INFORMATION, *PFILE_FS_OBJECTID_INFORMATION; 625 626 typedef struct _IO_STATUS_BLOCK { 627 __C89_NAMELESS union { 628 NTSTATUS Status; 629 PVOID Pointer; 630 }; 631 ULONG_PTR Information; 632 } IO_STATUS_BLOCK,*PIO_STATUS_BLOCK; 633 634 typedef VOID (NTAPI *PIO_APC_ROUTINE)(PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG Reserved); 635 636 #ifdef __ia64__ 637 typedef struct _FRAME_POINTERS { 638 ULONGLONG MemoryStackFp; 639 ULONGLONG BackingStoreFp; 640 } FRAME_POINTERS,*PFRAME_POINTERS; 641 642 #define UNWIND_HISTORY_TABLE_SIZE 12 643 644 typedef struct _RUNTIME_FUNCTION { 645 ULONG BeginAddress; 646 ULONG EndAddress; 647 ULONG UnwindInfoAddress; 648 } RUNTIME_FUNCTION,*PRUNTIME_FUNCTION; 649 650 typedef struct _UNWIND_HISTORY_TABLE_ENTRY { 651 ULONG64 ImageBase; 652 ULONG64 Gp; 653 PRUNTIME_FUNCTION FunctionEntry; 654 } UNWIND_HISTORY_TABLE_ENTRY,*PUNWIND_HISTORY_TABLE_ENTRY; 655 656 typedef struct _UNWIND_HISTORY_TABLE { 657 ULONG Count; 658 UCHAR Search; 659 ULONG64 LowAddress; 660 ULONG64 HighAddress; 661 UNWIND_HISTORY_TABLE_ENTRY Entry[UNWIND_HISTORY_TABLE_SIZE]; 662 } UNWIND_HISTORY_TABLE,*PUNWIND_HISTORY_TABLE; 663 #endif 664 665 typedef struct _VM_COUNTERS { 666 SIZE_T PeakVirtualSize; 667 SIZE_T VirtualSize; 668 ULONG PageFaultCount; 669 SIZE_T PeakWorkingSetSize; 670 SIZE_T WorkingSetSize; 671 SIZE_T QuotaPeakPagedPoolUsage; 672 SIZE_T QuotaPagedPoolUsage; 673 SIZE_T QuotaPeakNonPagedPoolUsage; 674 SIZE_T QuotaNonPagedPoolUsage; 675 SIZE_T PagefileUsage; 676 SIZE_T PeakPagefileUsage; 677 } VM_COUNTERS, *PVM_COUNTERS; 678 679 typedef enum _THREAD_STATE { 680 StateInitialized = 0, 681 StateReady, StateRunning, StateStandby, StateTerminated, 682 StateWait, StateTransition, 683 StateUnknown 684 } THREAD_STATE; 685 686 typedef struct _CLIENT_ID { 687 HANDLE UniqueProcess; 688 HANDLE UniqueThread; 689 } CLIENT_ID, *PCLIENT_ID; 690 691 typedef LONG KPRIORITY; 692 693 typedef enum _KWAIT_REASON { 694 Executive = 0, 695 FreePage, PageIn, PoolAllocation, DelayExecution, 696 Suspended, UserRequest, WrExecutive, WrFreePage, WrPageIn, 697 WrPoolAllocation, WrDelayExecution, WrSuspended, 698 WrUserRequest, WrEventPair, WrQueue, WrLpcReceive, 699 WrLpcReply, WrVirtualMemory, WrPageOut, WrRendezvous, 700 Spare2, Spare3, Spare4, Spare5, Spare6, WrKernel, 701 MaximumWaitReason 702 } KWAIT_REASON; 703 704 typedef struct _SYSTEM_THREADS 705 { 706 LARGE_INTEGER KernelTime; 707 LARGE_INTEGER UserTime; 708 LARGE_INTEGER CreateTime; 709 ULONG WaitTime; 710 PVOID StartAddress; 711 CLIENT_ID ClientId; 712 KPRIORITY Priority; 713 KPRIORITY BasePriority; 714 ULONG ContextSwitchCount; 715 THREAD_STATE State; 716 KWAIT_REASON WaitReason; 717 } SYSTEM_THREADS, *PSYSTEM_THREADS; 718 719 typedef struct _PROCESS_BASIC_INFORMATION { 720 NTSTATUS ExitStatus; 721 PPEB PebBaseAddress; 722 KAFFINITY AffinityMask; 723 KPRIORITY BasePriority; 724 ULONG_PTR UniqueProcessId; 725 ULONG_PTR InheritedFromUniqueProcessId; 726 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION; 727 728 typedef struct _KERNEL_USER_TIMES { 729 FILETIME CreateTime; 730 FILETIME ExitTime; 731 LARGE_INTEGER KernelTime; 732 LARGE_INTEGER UserTime; 733 } KERNEL_USER_TIMES, *PKERNEL_USER_TIMES; 734 735 typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION { 736 LARGE_INTEGER IdleTime; 737 LARGE_INTEGER KernelTime; 738 LARGE_INTEGER UserTime; 739 LARGE_INTEGER Reserved1[2]; 740 ULONG Reserved2; 741 } SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION,*PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION; 742 743 typedef struct _SYSTEM_PROCESS_INFORMATION { 744 ULONG NextEntryOffset; 745 ULONG NumberOfThreads; 746 LARGE_INTEGER Reserved[3]; 747 LARGE_INTEGER CreateTime; 748 LARGE_INTEGER UserTime; 749 LARGE_INTEGER KernelTime; 750 UNICODE_STRING ImageName; 751 KPRIORITY BasePriority; 752 HANDLE UniqueProcessId; 753 HANDLE InheritedFromUniqueProcessId; 754 ULONG HandleCount; 755 ULONG SessionId; 756 ULONG PageDirectoryBase; 757 VM_COUNTERS VirtualMemoryCounters; 758 SIZE_T PrivatePageCount; 759 IO_COUNTERS IoCounters; 760 } SYSTEM_PROCESS_INFORMATION,*PSYSTEM_PROCESS_INFORMATION; 761 762 typedef struct _SYSTEM_THREAD_INFORMATION { 763 LARGE_INTEGER Reserved1[3]; 764 ULONG Reserved2; 765 PVOID StartAddress; 766 CLIENT_ID ClientId; 767 KPRIORITY Priority; 768 LONG BasePriority; 769 ULONG Reserved3; 770 ULONG ThreadState; 771 ULONG WaitReason; 772 } SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION; 773 774 typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION { 775 ULONG RegistryQuotaAllowed; 776 ULONG RegistryQuotaUsed; 777 PVOID Reserved1; 778 } SYSTEM_REGISTRY_QUOTA_INFORMATION,*PSYSTEM_REGISTRY_QUOTA_INFORMATION; 779 780 typedef struct _SYSTEM_BASIC_INFORMATION { 781 BYTE Reserved1[4]; 782 ULONG MaximumIncrement; 783 ULONG PhysicalPageSize; 784 ULONG NumberOfPhysicalPages; 785 ULONG LowestPhysicalPage; 786 ULONG HighestPhysicalPage; 787 ULONG AllocationGranularity; 788 ULONG_PTR LowestUserAddress; 789 ULONG_PTR HighestUserAddress; 790 ULONG_PTR ActiveProcessors; 791 CCHAR NumberOfProcessors; 792 } SYSTEM_BASIC_INFORMATION,*PSYSTEM_BASIC_INFORMATION; 793 794 typedef struct _SYSTEM_PROCESSOR_INFORMATION { 795 USHORT ProcessorArchitecture; 796 USHORT ProcessorLevel; 797 USHORT ProcessorRevision; 798 USHORT Unknown; 799 ULONG FeatureBits; 800 } SYSTEM_PROCESSOR_INFORMATION, *PSYSTEM_PROCESSOR_INFORMATION; 801 802 typedef struct _SYSTEM_TIMEOFDAY_INFORMATION { 803 LARGE_INTEGER BootTime; 804 LARGE_INTEGER CurrentTime; 805 LARGE_INTEGER TimeZoneBias; 806 ULONG CurrentTimeZoneId; 807 BYTE Reserved1[20]; 808 } SYSTEM_TIMEOFDAY_INFORMATION,*PSYSTEM_TIMEOFDAY_INFORMATION; 809 810 typedef struct _SYSTEM_PERFORMANCE_INFORMATION { 811 LARGE_INTEGER IdleTime; 812 LARGE_INTEGER ReadTransferCount; 813 LARGE_INTEGER WriteTransferCount; 814 LARGE_INTEGER OtherTransferCount; 815 ULONG ReadOperationCount; 816 ULONG WriteOperationCount; 817 ULONG OtherOperationCount; 818 ULONG AvailablePages; 819 ULONG TotalCommittedPages; 820 ULONG TotalCommitLimit; 821 ULONG PeakCommitment; 822 ULONG PageFaults; 823 ULONG WriteCopyFaults; 824 ULONG TransitionFaults; 825 ULONG CacheTransitionFaults; 826 ULONG DemandZeroFaults; 827 ULONG PagesRead; 828 ULONG PageReadIos; 829 ULONG CacheReads; 830 ULONG CacheIos; 831 ULONG PagefilePagesWritten; 832 ULONG PagefilePageWriteIos; 833 ULONG MappedFilePagesWritten; 834 ULONG MappedFilePageWriteIos; 835 ULONG PagedPoolUsage; 836 ULONG NonPagedPoolUsage; 837 ULONG PagedPoolAllocs; 838 ULONG PagedPoolFrees; 839 ULONG NonPagedPoolAllocs; 840 ULONG NonPagedPoolFrees; 841 ULONG TotalFreeSystemPtes; 842 ULONG SystemCodePage; 843 ULONG TotalSystemDriverPages; 844 ULONG TotalSystemCodePages; 845 ULONG SmallNonPagedLookasideListAllocateHits; 846 ULONG SmallPagedLookasideListAllocateHits; 847 ULONG Reserved3; 848 ULONG MmSystemCachePage; 849 ULONG PagedPoolPage; 850 ULONG SystemDriverPage; 851 ULONG FastReadNoWait; 852 ULONG FastReadWait; 853 ULONG FastReadResourceMiss; 854 ULONG FastReadNotPossible; 855 ULONG FastMdlReadNoWait; 856 ULONG FastMdlReadWait; 857 ULONG FastMdlReadResourceMiss; 858 ULONG FastMdlReadNotPossible; 859 ULONG MapDataNoWait; 860 ULONG MapDataWait; 861 ULONG MapDataNoWaitMiss; 862 ULONG MapDataWaitMiss; 863 ULONG PinMappedDataCount; 864 ULONG PinReadNoWait; 865 ULONG PinReadWait; 866 ULONG PinReadNoWaitMiss; 867 ULONG PinReadWaitMiss; 868 ULONG CopyReadNoWait; 869 ULONG CopyReadWait; 870 ULONG CopyReadNoWaitMiss; 871 ULONG CopyReadWaitMiss; 872 ULONG MdlReadNoWait; 873 ULONG MdlReadWait; 874 ULONG MdlReadNoWaitMiss; 875 ULONG MdlReadWaitMiss; 876 ULONG ReadAheadIos; 877 ULONG LazyWriteIos; 878 ULONG LazyWritePages; 879 ULONG DataFlushes; 880 ULONG DataPages; 881 ULONG ContextSwitches; 882 ULONG FirstLevelTbFills; 883 ULONG SecondLevelTbFills; 884 ULONG SystemCalls; 885 } SYSTEM_PERFORMANCE_INFORMATION, *PSYSTEM_PERFORMANCE_INFORMATION; 886 887 typedef struct _SYSTEM_EXCEPTION_INFORMATION { 888 BYTE Reserved1[16]; 889 } SYSTEM_EXCEPTION_INFORMATION,*PSYSTEM_EXCEPTION_INFORMATION; 890 891 typedef struct _SYSTEM_LOOKASIDE_INFORMATION { 892 BYTE Reserved1[32]; 893 } SYSTEM_LOOKASIDE_INFORMATION,*PSYSTEM_LOOKASIDE_INFORMATION; 894 895 typedef struct _SYSTEM_INTERRUPT_INFORMATION { 896 BYTE Reserved1[24]; 897 } SYSTEM_INTERRUPT_INFORMATION,*PSYSTEM_INTERRUPT_INFORMATION; 898 899 typedef struct _SYSTEM_POLICY_INFORMATION { 900 PVOID Reserved1[2]; 901 ULONG Reserved2[3]; 902 } SYSTEM_POLICY_INFORMATION, *PSYSTEM_POLICY_INFORMATION; 903 904 typedef struct _SYSTEM_HANDLE_ENTRY { 905 ULONG OwnerPid; 906 BYTE ObjectType; 907 BYTE HandleFlags; 908 USHORT HandleValue; 909 PVOID ObjectPointer; 910 ULONG AccessMask; 911 } SYSTEM_HANDLE_ENTRY, *PSYSTEM_HANDLE_ENTRY; 912 913 typedef struct _SYSTEM_HANDLE_INFORMATION { 914 ULONG Count; 915 SYSTEM_HANDLE_ENTRY Handle[1]; 916 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION; 917 918 typedef struct _SYSTEM_PAGEFILE_INFORMATION { 919 ULONG NextEntryOffset; 920 ULONG CurrentSize; 921 ULONG TotalUsed; 922 ULONG PeakUsed; 923 UNICODE_STRING FileName; 924 } SYSTEM_PAGEFILE_INFORMATION, *PSYSTEM_PAGEFILE_INFORMATION; 925 926 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION { 927 ULONG Attributes; 928 ACCESS_MASK GrantedAccess; 929 ULONG HandleCount; 930 ULONG PointerCount; 931 ULONG Reserved[10]; 932 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION; 933 934 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION { 935 UNICODE_STRING TypeName; 936 ULONG Reserved[22]; 937 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION; 938 939 typedef enum _PROCESSINFOCLASS { 940 ProcessBasicInformation, 941 ProcessQuotaLimits, 942 ProcessIoCounters, 943 ProcessVmCounters, 944 ProcessTimes, 945 ProcessBasePriority, 946 ProcessRaisePriority, 947 ProcessDebugPort, 948 ProcessExceptionPort, 949 ProcessAccessToken, 950 ProcessLdtInformation, 951 ProcessLdtSize, 952 ProcessDefaultHardErrorMode, 953 ProcessIoPortHandlers, 954 ProcessPooledUsageAndLimits, 955 ProcessWorkingSetWatch, 956 ProcessUserModeIOPL, 957 ProcessEnableAlignmentFaultFixup, 958 ProcessPriorityClass, 959 ProcessWx86Information, 960 ProcessHandleCount, 961 ProcessAffinityMask, 962 ProcessPriorityBoost, 963 ProcessDeviceMap, 964 ProcessSessionInformation, 965 ProcessForegroundInformation, 966 ProcessWow64Information, 967 ProcessImageFileName, 968 ProcessLUIDDeviceMapsEnabled, 969 ProcessBreakOnTermination, 970 ProcessDebugObjectHandle, 971 ProcessDebugFlags, 972 ProcessHandleTracing, 973 ProcessIoPriority, 974 ProcessExecuteFlags, 975 ProcessTlsInformation, 976 ProcessCookie, 977 ProcessImageInformation, 978 ProcessCycleTime, 979 ProcessPagePriority, 980 ProcessInstrumentationCallback, 981 ProcessThreadStackAllocation, 982 ProcessWorkingSetWatchEx, 983 ProcessImageFileNameWin32, 984 ProcessImageFileMapping, 985 ProcessAffinityUpdateMode, 986 ProcessMemoryAllocationMode, 987 ProcessGroupInformation, 988 ProcessTokenVirtualizationEnabled, 989 ProcessConsoleHostProcess, 990 ProcessWindowInformation, 991 MaxProcessInfoClass 992 } PROCESSINFOCLASS; 993 994 typedef enum _THREADINFOCLASS { 995 ThreadBasicInformation, 996 ThreadTimes, 997 ThreadPriority, 998 ThreadBasePriority, 999 ThreadAffinityMask, 1000 ThreadImpersonationToken, 1001 ThreadDescriptorTableEntry, 1002 ThreadEnableAlignmentFaultFixup, 1003 ThreadEventPair, 1004 ThreadQuerySetWin32StartAddress, 1005 ThreadZeroTlsCell, 1006 ThreadPerformanceCount, 1007 ThreadAmILastThread, 1008 ThreadIdealProcessor, 1009 ThreadPriorityBoost, 1010 ThreadSetTlsArrayAddress, 1011 ThreadIsIoPending, 1012 ThreadHideFromDebugger 1013 } THREADINFOCLASS; 1014 1015 #define CODEINTEGRITY_OPTION_ENABLED 0x01 1016 #define CODEINTEGRITY_OPTION_TESTSIGN 0x02 1017 #define CODEINTEGRITY_OPTION_UMCI_ENABLED 0x04 1018 #define CODEINTEGRITY_OPTION_UMCI_AUDITMODE_ENABLED 0x08 1019 #define CODEINTEGRITY_OPTION_UMCI_EXCLUSIONPATHS_ENABLED 0x10 1020 #define CODEINTEGRITY_OPTION_TEST_BUILD 0x20 1021 #define CODEINTEGRITY_OPTION_PREPRODUCTION_BUILD 0x40 1022 #define CODEINTEGRITY_OPTION_DEBUGMODE_ENABLED 0x80 1023 #define CODEINTEGRITY_OPTION_FLIGHT_BUILD 0x100 1024 #define CODEINTEGRITY_OPTION_FLIGHTING_ENABLED 0x200 1025 #define CODEINTEGRITY_OPTION_HVCI_KMCI_ENABLED 0x400 1026 #define CODEINTEGRITY_OPTION_HVCI_KMCI_AUDITMODE_ENABLED 0x800 1027 #define CODEINTEGRITY_OPTION_HVCI_KMCI_STRICTMODE_ENABLED 0x1000 1028 #define CODEINTEGRITY_OPTION_HVCI_IUM_ENABLED 0x2000 1029 1030 typedef struct _SYSTEM_CODEINTEGRITY_INFORMATION { 1031 ULONG Length; 1032 ULONG CodeIntegrityOptions; 1033 } SYSTEM_CODEINTEGRITY_INFORMATION, *PSYSTEM_CODEINTEGRITY_INFORMATION; 1034 1035 typedef enum _SYSTEM_INFORMATION_CLASS { 1036 SystemBasicInformation = 0, 1037 SystemProcessorInformation = 1, 1038 SystemPerformanceInformation = 2, 1039 SystemTimeOfDayInformation = 3, 1040 SystemProcessInformation = 5, 1041 SystemProcessorPerformanceInformation = 8, 1042 SystemHandleInformation = 16, 1043 SystemPagefileInformation = 18, 1044 SystemInterruptInformation = 23, 1045 SystemExceptionInformation = 33, 1046 SystemRegistryQuotaInformation = 37, 1047 SystemLookasideInformation = 45 1048 } SYSTEM_INFORMATION_CLASS; 1049 1050 typedef enum _OBJECT_INFORMATION_CLASS { 1051 ObjectBasicInformation, 1052 ObjectNameInformation, 1053 ObjectTypeInformation, 1054 ObjectAllInformation, 1055 ObjectDataInformation 1056 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS; 1057 1058 #if (_WIN32_WINNT >= 0x0501) 1059 #define INTERNAL_TS_ACTIVE_CONSOLE_ID (*((volatile ULONG*)(0x7ffe02d8))) 1060 #endif 1061 1062 #define RtlMoveMemory(Destination,Source,Length) memmove((Destination),(Source),(Length)) 1063 #define RtlFillMemory(Destination,Length,Fill) memset((Destination),(Fill),(Length)) 1064 #define RtlZeroMemory(Destination,Length) memset((Destination),0,(Length)) 1065 1066 typedef struct _KEY_VALUE_ENTRY { 1067 PUNICODE_STRING ValueName; 1068 ULONG DataLength; 1069 ULONG DataOffset; 1070 ULONG Type; 1071 } KEY_VALUE_ENTRY, *PKEY_VALUE_ENTRY; 1072 1073 typedef enum _KEY_SET_INFORMATION_CLASS { 1074 KeyWriteTimeInformation, 1075 KeyWow64FlagsInformation, 1076 KeyControlFlagsInformation, 1077 KeySetVirtualizationInformation, 1078 KeySetDebugInformation, 1079 KeySetHandleTagsInformation, 1080 MaxKeySetInfoClass 1081 } KEY_SET_INFORMATION_CLASS; 1082 1083 NTSTATUS NTAPI NtClose(HANDLE Handle); 1084 NTSTATUS NTAPI NtCreateFile(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PIO_STATUS_BLOCK IoStatusBlock,PLARGE_INTEGER AllocationSize,ULONG FileAttributes,ULONG ShareAccess,ULONG CreateDisposition,ULONG CreateOptions,PVOID EaBuffer,ULONG EaLength); 1085 NTSTATUS NTAPI NtOpenFile(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PIO_STATUS_BLOCK IoStatusBlock,ULONG ShareAccess,ULONG OpenOptions); 1086 NTSTATUS NTAPI NtRenameKey(HANDLE KeyHandle, PUNICODE_STRING NewName); 1087 NTSTATUS NTAPI NtNotifyChangeMultipleKeys(HANDLE MasterKeyHandle, ULONG Count, OBJECT_ATTRIBUTES SubordinateObjects[], HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, ULONG CompletionFilter, BOOLEAN WatchTree, PVOID Buffer, ULONG BufferSize, BOOLEAN Asynchronous); 1088 NTSTATUS NTAPI NtQueryMultipleValueKey(HANDLE KeyHandle, PKEY_VALUE_ENTRY ValueEntries, ULONG EntryCount, PVOID ValueBuffer, PULONG BufferLength, PULONG RequiredBufferLength); 1089 NTSTATUS NTAPI NtSetInformationKey(HANDLE KeyHandle, KEY_SET_INFORMATION_CLASS KeySetInformationClass, PVOID KeySetInformation, ULONG KeySetInformationLength); 1090 NTSTATUS NTAPI NtFsControlFile(HANDLE FileHandle,HANDLE Event,PIO_APC_ROUTINE ApcRoutine,PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG IoControlCode,PVOID InputBuffer,ULONG InputBufferLength,PVOID OutputBuffer,ULONG OutputBufferLength); 1091 NTSTATUS NTAPI NtDeviceIoControlFile(HANDLE FileHandle,HANDLE Event,PIO_APC_ROUTINE ApcRoutine,PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG IoControlCode,PVOID InputBuffer,ULONG InputBufferLength,PVOID OutputBuffer,ULONG OutputBufferLength); 1092 NTSTATUS NTAPI NtWaitForSingleObject(HANDLE Handle,BOOLEAN Alertable,PLARGE_INTEGER Timeout); 1093 BOOLEAN NTAPI RtlIsNameLegalDOS8Dot3(PUNICODE_STRING Name,POEM_STRING OemName,PBOOLEAN NameContainsSpaces); 1094 ULONG NTAPI RtlNtStatusToDosError (NTSTATUS Status); 1095 NTSTATUS NTAPI NtQueryInformationProcess(HANDLE ProcessHandle,PROCESSINFOCLASS ProcessInformationClass,PVOID ProcessInformation,ULONG ProcessInformationLength,PULONG ReturnLength); 1096 NTSTATUS NTAPI NtQueryInformationThread(HANDLE ThreadHandle,THREADINFOCLASS ThreadInformationClass,PVOID ThreadInformation,ULONG ThreadInformationLength,PULONG ReturnLength); 1097 NTSTATUS NTAPI NtQueryInformationFile(HANDLE hFile,PIO_STATUS_BLOCK io,PVOID ptr,ULONG len,FILE_INFORMATION_CLASS FileInformationClass); 1098 NTSTATUS NTAPI NtQueryObject(HANDLE Handle,OBJECT_INFORMATION_CLASS ObjectInformationClass,PVOID ObjectInformation,ULONG ObjectInformationLength,PULONG ReturnLength); 1099 NTSTATUS NTAPI NtQuerySystemInformation(SYSTEM_INFORMATION_CLASS SystemInformationClass,PVOID SystemInformation,ULONG SystemInformationLength,PULONG ReturnLength); 1100 NTSTATUS NTAPI NtQuerySystemTime(PLARGE_INTEGER SystemTime); 1101 NTSTATUS NTAPI NtQueryVolumeInformationFile(HANDLE hFile,PIO_STATUS_BLOCK io,PVOID ptr,ULONG len,FS_INFORMATION_CLASS FsInformationClass); 1102 NTSTATUS NTAPI NtSetInformationFile(HANDLE hFile,PIO_STATUS_BLOCK io,PVOID ptr,ULONG len,FILE_INFORMATION_CLASS FileInformationClass); 1103 NTSTATUS NTAPI NtSetInformationProcess(HANDLE ProcessHandle, PROCESSINFOCLASS ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength); 1104 NTSTATUS NTAPI NtSetVolumeInformationFile(HANDLE hFile,PIO_STATUS_BLOCK io,PVOID ptr,ULONG len,FILE_INFORMATION_CLASS FileInformationClass); 1105 NTSTATUS NTAPI RtlLocalTimeToSystemTime(PLARGE_INTEGER LocalTime,PLARGE_INTEGER SystemTime); 1106 BOOLEAN NTAPI RtlTimeToSecondsSince1970(PLARGE_INTEGER Time,PULONG ElapsedSeconds); 1107 VOID NTAPI RtlFreeAnsiString(PANSI_STRING AnsiString); 1108 VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString); 1109 VOID NTAPI RtlFreeOemString(POEM_STRING OemString); 1110 VOID NTAPI RtlInitString (PSTRING DestinationString,PCSZ SourceString); 1111 NTSTATUS NTAPI RtlInitStringEx(PSTRING DestinationString, PCSZ SourceString); 1112 VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString,PCSZ SourceString); 1113 NTSTATUS NTAPI RtlInitAnsiStringEx(PANSI_STRING DestinationString, PCSZ SourceString); 1114 VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString,PCWSTR SourceString); 1115 NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString,PCANSI_STRING SourceString,BOOLEAN AllocateDestinationString); 1116 NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString,PCUNICODE_STRING SourceString,BOOLEAN AllocateDestinationString); 1117 NTSTATUS NTAPI RtlUnicodeStringToOemString(POEM_STRING DestinationString,PCUNICODE_STRING SourceString,BOOLEAN AllocateDestinationString); 1118 NTSTATUS NTAPI RtlUnicodeToMultiByteSize(PULONG BytesInMultiByteString,PWCH UnicodeString,ULONG BytesInUnicodeString); 1119 NTSTATUS NTAPI RtlCharToInteger (PCSZ String,ULONG Base,PULONG Value); 1120 NTSTATUS NTAPI RtlConvertSidToUnicodeString(PUNICODE_STRING UnicodeString,PSID Sid,BOOLEAN AllocateDestinationString); 1121 ULONG NTAPI RtlUniform(PULONG Seed); 1122 VOID NTAPI RtlUnwind (PVOID TargetFrame,PVOID TargetIp,PEXCEPTION_RECORD ExceptionRecord,PVOID ReturnValue); 1123 BOOL NTAPI RtlDosPathNameToNtPathName_U(PCWSTR DosPathName, PUNICODE_STRING NtPathName, PCWSTR *NtFileNamePart, VOID *DirectoryInfo); 1124 BOOLEAN NTAPI RtlPrefixUnicodeString(PCUNICODE_STRING String1, PCUNICODE_STRING String2, BOOLEAN CaseInSensitive); 1125 BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(PUNICODE_STRING target, LPCSTR src); 1126 #ifdef __ia64__ 1127 VOID RtlUnwind2(FRAME_POINTERS TargetFrame,PVOID TargetIp,PEXCEPTION_RECORD ExceptionRecord,PVOID ReturnValue,PCONTEXT ContextRecord); 1128 VOID RtlUnwindEx(FRAME_POINTERS TargetFrame,PVOID TargetIp,PEXCEPTION_RECORD ExceptionRecord,PVOID ReturnValue,PCONTEXT ContextRecord,PUNWIND_HISTORY_TABLE HistoryTable); 1129 #endif 1130 1131 typedef NTSTATUS (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (PVOID Base, PVOID *CommitAddress, PSIZE_T CommitSize); 1132 1133 typedef struct _RTL_HEAP_PARAMETERS { 1134 ULONG Length; 1135 SIZE_T SegmentReserve; 1136 SIZE_T SegmentCommit; 1137 SIZE_T DeCommitFreeBlockThreshold; 1138 SIZE_T DeCommitTotalFreeThreshold; 1139 SIZE_T MaximumAllocationSize; 1140 SIZE_T VirtualMemoryThreshold; 1141 SIZE_T InitialCommit; 1142 SIZE_T InitialReserve; 1143 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine; 1144 SIZE_T Reserved[ 2 ]; 1145 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS; 1146 1147 BOOLEAN NTAPI RtlFreeHeap(PVOID HeapHandle, ULONG Flags, PVOID HeapBase); 1148 PVOID NTAPI RtlAllocateHeap(PVOID HeapHandle, ULONG Flags, SIZE_T Size); 1149 PVOID NTAPI RtlCreateHeap(ULONG Flags, PVOID HeapBase, SIZE_T ReserveSize, SIZE_T CommitSize, PVOID Lock, PRTL_HEAP_PARAMETERS Parameters); 1150 PVOID NTAPI RtlDestroyHeap(PVOID HeapHandle); 1151 1152 #define LOGONID_CURRENT ((ULONG)-1) 1153 #define SERVERNAME_CURRENT ((HANDLE)NULL) 1154 1155 typedef enum _WINSTATIONINFOCLASS { 1156 WinStationInformation = 8 1157 } WINSTATIONINFOCLASS; 1158 1159 typedef struct _WINSTATIONINFORMATIONW { 1160 BYTE Reserved2[70]; 1161 ULONG LogonId; 1162 BYTE Reserved3[1140]; 1163 } WINSTATIONINFORMATIONW,*PWINSTATIONINFORMATIONW; 1164 1165 typedef BOOLEAN (NTAPI *PWINSTATIONQUERYINFORMATIONW)(HANDLE,ULONG,WINSTATIONINFOCLASS,PVOID,ULONG,PULONG); 1166 1167 #ifdef __cplusplus 1168 } 1169 #endif 1170 1171 #endif 1172 1173