4 * Windows NT Filesystem Driver Developer Kit
6 * This file is part of the w32api package.
9 * Created by Bo Brantén <bosse@acc.umu.se>
11 * THIS SOFTWARE IS NOT COPYRIGHTED
13 * This source code is offered for use in the public domain. You may
14 * use, modify or distribute it freely.
16 * This code is distributed in the hope that it will be useful but
17 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
18 * DISCLAIMED. This includes but is not limited to warranties of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
25 #define _NTIFS_INCLUDED_
28 /* Helper macro to enable gcc's extension. */
29 #ifndef __GNU_EXTENSION
31 #define __GNU_EXTENSION __extension__
33 #define __GNU_EXTENSION
41 #if !defined(_NTHALDLL_) && !defined(_BLDR_)
42 #define NTHALAPI DECLSPEC_IMPORT
48 #if !defined(_NTOSKRNL_) && !defined(_BLDR_)
49 #define NTKERNELAPI DECLSPEC_IMPORT
61 /* FIXME : #include <ntiologc.h> */
64 #define FlagOn(_F,_SF) ((_F) & (_SF))
68 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
72 #define SetFlag(_F,_SF) ((_F) |= (_SF))
76 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
79 #define PsGetCurrentProcess IoGetCurrentProcess
81 #if (NTDDI_VERSION >= NTDDI_VISTA)
82 extern NTSYSAPI
volatile CCHAR KeNumberProcessors
;
83 #elif (NTDDI_VERSION >= NTDDI_WINXP)
84 extern NTSYSAPI CCHAR KeNumberProcessors
;
86 extern PCCHAR KeNumberProcessors
;
89 typedef UNICODE_STRING LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
90 typedef STRING LSA_STRING
, *PLSA_STRING
;
91 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
93 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
94 #define SID_IDENTIFIER_AUTHORITY_DEFINED
95 typedef struct _SID_IDENTIFIER_AUTHORITY
{
97 } SID_IDENTIFIER_AUTHORITY
,*PSID_IDENTIFIER_AUTHORITY
,*LPSID_IDENTIFIER_AUTHORITY
;
102 typedef struct _SID
{
104 UCHAR SubAuthorityCount
;
105 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
;
106 ULONG SubAuthority
[ANYSIZE_ARRAY
];
110 #define SID_REVISION 1
111 #define SID_MAX_SUB_AUTHORITIES 15
112 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
114 typedef enum _SID_NAME_USE
{
119 SidTypeWellKnownGroup
,
120 SidTypeDeletedAccount
,
125 } SID_NAME_USE
, *PSID_NAME_USE
;
127 typedef struct _SID_AND_ATTRIBUTES
{
130 } SID_AND_ATTRIBUTES
, *PSID_AND_ATTRIBUTES
;
131 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
132 typedef SID_AND_ATTRIBUTES_ARRAY
*PSID_AND_ATTRIBUTES_ARRAY
;
134 #define SID_HASH_SIZE 32
135 typedef ULONG_PTR SID_HASH_ENTRY
, *PSID_HASH_ENTRY
;
137 typedef struct _SID_AND_ATTRIBUTES_HASH
{
139 PSID_AND_ATTRIBUTES SidAttr
;
140 SID_HASH_ENTRY Hash
[SID_HASH_SIZE
];
141 } SID_AND_ATTRIBUTES_HASH
, *PSID_AND_ATTRIBUTES_HASH
;
143 /* Universal well-known SIDs */
145 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
146 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
147 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
148 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
149 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
150 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
152 #define SECURITY_NULL_RID (0x00000000L)
153 #define SECURITY_WORLD_RID (0x00000000L)
154 #define SECURITY_LOCAL_RID (0x00000000L)
155 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
157 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
158 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
159 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
160 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
161 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
163 /* NT well-known SIDs */
165 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
167 #define SECURITY_DIALUP_RID (0x00000001L)
168 #define SECURITY_NETWORK_RID (0x00000002L)
169 #define SECURITY_BATCH_RID (0x00000003L)
170 #define SECURITY_INTERACTIVE_RID (0x00000004L)
171 #define SECURITY_LOGON_IDS_RID (0x00000005L)
172 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
173 #define SECURITY_SERVICE_RID (0x00000006L)
174 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
175 #define SECURITY_PROXY_RID (0x00000008L)
176 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
177 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
178 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
179 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
180 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
181 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
182 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
183 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
184 #define SECURITY_IUSER_RID (0x00000011L)
185 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
186 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
187 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
188 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
189 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
190 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
192 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
193 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
196 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
197 #define SECURITY_PACKAGE_RID_COUNT (2L)
198 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
199 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
200 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
202 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
203 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
204 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
206 #define SECURITY_MIN_BASE_RID (0x00000050L)
207 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
208 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
209 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
210 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
211 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
212 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
213 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
214 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
215 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
216 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
217 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
218 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
219 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
220 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
221 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
222 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
223 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
225 #define SECURITY_MAX_BASE_RID (0x0000006FL)
227 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
228 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
230 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
232 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
234 /* Well-known domain relative sub-authority values (RIDs) */
236 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
238 #define FOREST_USER_RID_MAX (0x000001F3L)
240 /* Well-known users */
242 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
243 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
244 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
246 #define DOMAIN_USER_RID_MAX (0x000003E7L)
248 /* Well-known groups */
250 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
251 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
252 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
253 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
254 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
255 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
256 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
257 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
258 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
259 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
261 /* Well-known aliases */
263 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
264 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
265 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
266 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
268 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
269 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
270 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
271 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
273 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
274 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
275 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
276 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
277 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
278 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
280 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
281 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
282 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
283 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
284 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
285 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
286 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
287 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
288 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
289 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
290 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
292 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
293 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
294 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
295 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
296 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
297 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
298 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
300 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
301 can be set by a usermode caller.*/
303 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
305 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
307 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
308 Use #999 here (0x3e7 = 999) */
310 #define SYSTEM_LUID { 0x3e7, 0x0 }
311 #define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
312 #define LOCALSERVICE_LUID { 0x3e5, 0x0 }
313 #define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
314 #define IUSER_LUID { 0x3e3, 0x0 }
316 typedef struct _ACE_HEADER
{
320 } ACE_HEADER
, *PACE_HEADER
;
322 /* also in winnt.h */
323 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
324 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
325 #define ACCESS_DENIED_ACE_TYPE (0x1)
326 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
327 #define SYSTEM_ALARM_ACE_TYPE (0x3)
328 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
329 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
330 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
331 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
332 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
333 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
334 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
335 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
336 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
337 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
338 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
339 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
340 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
341 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
342 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
343 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
344 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
345 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
346 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
347 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
348 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
350 /* The following are the inherit flags that go into the AceFlags field
353 #define OBJECT_INHERIT_ACE (0x1)
354 #define CONTAINER_INHERIT_ACE (0x2)
355 #define NO_PROPAGATE_INHERIT_ACE (0x4)
356 #define INHERIT_ONLY_ACE (0x8)
357 #define INHERITED_ACE (0x10)
358 #define VALID_INHERIT_FLAGS (0x1F)
360 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
361 #define FAILED_ACCESS_ACE_FLAG (0x80)
363 typedef struct _ACCESS_ALLOWED_ACE
{
367 } ACCESS_ALLOWED_ACE
, *PACCESS_ALLOWED_ACE
;
369 typedef struct _ACCESS_DENIED_ACE
{
373 } ACCESS_DENIED_ACE
, *PACCESS_DENIED_ACE
;
375 typedef struct _SYSTEM_AUDIT_ACE
{
379 } SYSTEM_AUDIT_ACE
, *PSYSTEM_AUDIT_ACE
;
381 typedef struct _SYSTEM_ALARM_ACE
{
385 } SYSTEM_ALARM_ACE
, *PSYSTEM_ALARM_ACE
;
387 typedef struct _SYSTEM_MANDATORY_LABEL_ACE
{
391 } SYSTEM_MANDATORY_LABEL_ACE
, *PSYSTEM_MANDATORY_LABEL_ACE
;
393 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
394 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
395 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
396 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
397 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
398 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
400 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
402 typedef USHORT SECURITY_DESCRIPTOR_CONTROL
,*PSECURITY_DESCRIPTOR_CONTROL
;
404 #define SE_OWNER_DEFAULTED 0x0001
405 #define SE_GROUP_DEFAULTED 0x0002
406 #define SE_DACL_PRESENT 0x0004
407 #define SE_DACL_DEFAULTED 0x0008
408 #define SE_SACL_PRESENT 0x0010
409 #define SE_SACL_DEFAULTED 0x0020
410 #define SE_DACL_UNTRUSTED 0x0040
411 #define SE_SERVER_SECURITY 0x0080
412 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
413 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
414 #define SE_DACL_AUTO_INHERITED 0x0400
415 #define SE_SACL_AUTO_INHERITED 0x0800
416 #define SE_DACL_PROTECTED 0x1000
417 #define SE_SACL_PROTECTED 0x2000
418 #define SE_RM_CONTROL_VALID 0x4000
419 #define SE_SELF_RELATIVE 0x8000
421 typedef struct _SECURITY_DESCRIPTOR_RELATIVE
{
424 SECURITY_DESCRIPTOR_CONTROL Control
;
429 } SECURITY_DESCRIPTOR_RELATIVE
, *PISECURITY_DESCRIPTOR_RELATIVE
;
431 typedef struct _SECURITY_DESCRIPTOR
{
434 SECURITY_DESCRIPTOR_CONTROL Control
;
439 } SECURITY_DESCRIPTOR
, *PISECURITY_DESCRIPTOR
;
441 typedef struct _OBJECT_TYPE_LIST
{
445 } OBJECT_TYPE_LIST
, *POBJECT_TYPE_LIST
;
447 #define ACCESS_OBJECT_GUID 0
448 #define ACCESS_PROPERTY_SET_GUID 1
449 #define ACCESS_PROPERTY_GUID 2
450 #define ACCESS_MAX_LEVEL 4
452 typedef enum _AUDIT_EVENT_TYPE
{
453 AuditEventObjectAccess
,
454 AuditEventDirectoryServiceAccess
455 } AUDIT_EVENT_TYPE
, *PAUDIT_EVENT_TYPE
;
457 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
459 #define ACCESS_DS_SOURCE_A "DS"
460 #define ACCESS_DS_SOURCE_W L"DS"
461 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
462 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
464 #define ACCESS_REASON_TYPE_MASK 0xffff0000
465 #define ACCESS_REASON_DATA_MASK 0x0000ffff
467 typedef enum _ACCESS_REASON_TYPE
{
468 AccessReasonNone
= 0x00000000,
469 AccessReasonAllowedAce
= 0x00010000,
470 AccessReasonDeniedAce
= 0x00020000,
471 AccessReasonAllowedParentAce
= 0x00030000,
472 AccessReasonDeniedParentAce
= 0x00040000,
473 AccessReasonMissingPrivilege
= 0x00100000,
474 AccessReasonFromPrivilege
= 0x00200000,
475 AccessReasonIntegrityLevel
= 0x00300000,
476 AccessReasonOwnership
= 0x00400000,
477 AccessReasonNullDacl
= 0x00500000,
478 AccessReasonEmptyDacl
= 0x00600000,
479 AccessReasonNoSD
= 0x00700000,
480 AccessReasonNoGrant
= 0x00800000
481 } ACCESS_REASON_TYPE
;
483 typedef ULONG ACCESS_REASON
;
485 typedef struct _ACCESS_REASONS
{
486 ACCESS_REASON Data
[32];
487 } ACCESS_REASONS
, *PACCESS_REASONS
;
489 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
490 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
491 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
493 typedef struct _SE_SECURITY_DESCRIPTOR
{
496 PSECURITY_DESCRIPTOR SecurityDescriptor
;
497 } SE_SECURITY_DESCRIPTOR
, *PSE_SECURITY_DESCRIPTOR
;
499 typedef struct _SE_ACCESS_REQUEST
{
501 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor
;
502 ACCESS_MASK DesiredAccess
;
503 ACCESS_MASK PreviouslyGrantedAccess
;
504 PSID PrincipalSelfSid
;
505 PGENERIC_MAPPING GenericMapping
;
506 ULONG ObjectTypeListCount
;
507 POBJECT_TYPE_LIST ObjectTypeList
;
508 } SE_ACCESS_REQUEST
, *PSE_ACCESS_REQUEST
;
510 typedef struct _SE_ACCESS_REPLY
{
512 ULONG ResultListCount
;
513 PACCESS_MASK GrantedAccess
;
514 PNTSTATUS AccessStatus
;
515 PACCESS_REASONS AccessReason
;
516 PPRIVILEGE_SET
* Privileges
;
517 } SE_ACCESS_REPLY
, *PSE_ACCESS_REPLY
;
519 typedef enum _SE_AUDIT_OPERATION
{
520 AuditPrivilegeObject
,
521 AuditPrivilegeService
,
524 AuditOpenObjectWithTransaction
,
527 AuditOpenObjectForDelete
,
528 AuditOpenObjectForDeleteWithTransaction
,
531 AuditObjectReference
,
533 } SE_AUDIT_OPERATION
, *PSE_AUDIT_OPERATION
;
535 typedef struct _SE_AUDIT_INFO
{
537 AUDIT_EVENT_TYPE AuditType
;
538 SE_AUDIT_OPERATION AuditOperation
;
540 UNICODE_STRING SubsystemName
;
541 UNICODE_STRING ObjectTypeName
;
542 UNICODE_STRING ObjectName
;
546 BOOLEAN ObjectCreation
;
547 BOOLEAN GenerateOnClose
;
548 } SE_AUDIT_INFO
, *PSE_AUDIT_INFO
;
550 #define TOKEN_ASSIGN_PRIMARY (0x0001)
551 #define TOKEN_DUPLICATE (0x0002)
552 #define TOKEN_IMPERSONATE (0x0004)
553 #define TOKEN_QUERY (0x0008)
554 #define TOKEN_QUERY_SOURCE (0x0010)
555 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
556 #define TOKEN_ADJUST_GROUPS (0x0040)
557 #define TOKEN_ADJUST_DEFAULT (0x0080)
558 #define TOKEN_ADJUST_SESSIONID (0x0100)
560 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
561 TOKEN_ASSIGN_PRIMARY |\
565 TOKEN_QUERY_SOURCE |\
566 TOKEN_ADJUST_PRIVILEGES |\
567 TOKEN_ADJUST_GROUPS |\
568 TOKEN_ADJUST_DEFAULT )
570 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
571 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
572 TOKEN_ADJUST_SESSIONID )
574 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
577 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
580 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
581 TOKEN_ADJUST_PRIVILEGES |\
582 TOKEN_ADJUST_GROUPS |\
583 TOKEN_ADJUST_DEFAULT)
585 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
587 typedef enum _TOKEN_TYPE
{
590 } TOKEN_TYPE
,*PTOKEN_TYPE
;
592 typedef enum _TOKEN_INFORMATION_CLASS
{
601 TokenImpersonationLevel
,
605 TokenGroupsAndPrivileges
,
606 TokenSessionReference
,
613 TokenHasRestrictions
,
614 TokenAccessInformation
,
615 TokenVirtualizationAllowed
,
616 TokenVirtualizationEnabled
,
619 TokenMandatoryPolicy
,
622 } TOKEN_INFORMATION_CLASS
, *PTOKEN_INFORMATION_CLASS
;
624 typedef struct _TOKEN_USER
{
625 SID_AND_ATTRIBUTES User
;
626 } TOKEN_USER
, *PTOKEN_USER
;
628 typedef struct _TOKEN_GROUPS
{
630 SID_AND_ATTRIBUTES Groups
[ANYSIZE_ARRAY
];
631 } TOKEN_GROUPS
,*PTOKEN_GROUPS
,*LPTOKEN_GROUPS
;
633 typedef struct _TOKEN_PRIVILEGES
{
634 ULONG PrivilegeCount
;
635 LUID_AND_ATTRIBUTES Privileges
[ANYSIZE_ARRAY
];
636 } TOKEN_PRIVILEGES
,*PTOKEN_PRIVILEGES
,*LPTOKEN_PRIVILEGES
;
638 typedef struct _TOKEN_OWNER
{
640 } TOKEN_OWNER
,*PTOKEN_OWNER
;
642 typedef struct _TOKEN_PRIMARY_GROUP
{
644 } TOKEN_PRIMARY_GROUP
,*PTOKEN_PRIMARY_GROUP
;
646 typedef struct _TOKEN_DEFAULT_DACL
{
648 } TOKEN_DEFAULT_DACL
,*PTOKEN_DEFAULT_DACL
;
650 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES
{
653 PSID_AND_ATTRIBUTES Sids
;
654 ULONG RestrictedSidCount
;
655 ULONG RestrictedSidLength
;
656 PSID_AND_ATTRIBUTES RestrictedSids
;
657 ULONG PrivilegeCount
;
658 ULONG PrivilegeLength
;
659 PLUID_AND_ATTRIBUTES Privileges
;
660 LUID AuthenticationId
;
661 } TOKEN_GROUPS_AND_PRIVILEGES
, *PTOKEN_GROUPS_AND_PRIVILEGES
;
663 typedef struct _TOKEN_LINKED_TOKEN
{
665 } TOKEN_LINKED_TOKEN
, *PTOKEN_LINKED_TOKEN
;
667 typedef struct _TOKEN_ELEVATION
{
668 ULONG TokenIsElevated
;
669 } TOKEN_ELEVATION
, *PTOKEN_ELEVATION
;
671 typedef struct _TOKEN_MANDATORY_LABEL
{
672 SID_AND_ATTRIBUTES Label
;
673 } TOKEN_MANDATORY_LABEL
, *PTOKEN_MANDATORY_LABEL
;
675 #define TOKEN_MANDATORY_POLICY_OFF 0x0
676 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
677 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
679 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
680 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
682 typedef struct _TOKEN_MANDATORY_POLICY
{
684 } TOKEN_MANDATORY_POLICY
, *PTOKEN_MANDATORY_POLICY
;
686 typedef struct _TOKEN_ACCESS_INFORMATION
{
687 PSID_AND_ATTRIBUTES_HASH SidHash
;
688 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
;
689 PTOKEN_PRIVILEGES Privileges
;
690 LUID AuthenticationId
;
691 TOKEN_TYPE TokenType
;
692 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
693 TOKEN_MANDATORY_POLICY MandatoryPolicy
;
695 } TOKEN_ACCESS_INFORMATION
, *PTOKEN_ACCESS_INFORMATION
;
697 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
699 typedef struct _TOKEN_AUDIT_POLICY
{
700 UCHAR PerUserPolicy
[((POLICY_AUDIT_SUBCATEGORY_COUNT
) >> 1) + 1];
701 } TOKEN_AUDIT_POLICY
, *PTOKEN_AUDIT_POLICY
;
703 #define TOKEN_SOURCE_LENGTH 8
705 typedef struct _TOKEN_SOURCE
{
706 CHAR SourceName
[TOKEN_SOURCE_LENGTH
];
707 LUID SourceIdentifier
;
708 } TOKEN_SOURCE
,*PTOKEN_SOURCE
;
710 typedef struct _TOKEN_STATISTICS
{
712 LUID AuthenticationId
;
713 LARGE_INTEGER ExpirationTime
;
714 TOKEN_TYPE TokenType
;
715 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
716 ULONG DynamicCharged
;
717 ULONG DynamicAvailable
;
719 ULONG PrivilegeCount
;
721 } TOKEN_STATISTICS
, *PTOKEN_STATISTICS
;
723 typedef struct _TOKEN_CONTROL
{
725 LUID AuthenticationId
;
727 TOKEN_SOURCE TokenSource
;
728 } TOKEN_CONTROL
,*PTOKEN_CONTROL
;
730 typedef struct _TOKEN_ORIGIN
{
731 LUID OriginatingLogonSession
;
732 } TOKEN_ORIGIN
, *PTOKEN_ORIGIN
;
734 typedef enum _MANDATORY_LEVEL
{
735 MandatoryLevelUntrusted
= 0,
737 MandatoryLevelMedium
,
739 MandatoryLevelSystem
,
740 MandatoryLevelSecureProcess
,
742 } MANDATORY_LEVEL
, *PMANDATORY_LEVEL
;
744 typedef enum _OBJECT_INFORMATION_CLASS
{
745 ObjectBasicInformation
= 0,
746 ObjectNameInformation
= 1, /* FIXME, not in WDK */
747 ObjectTypeInformation
= 2,
748 ObjectTypesInformation
= 3, /* FIXME, not in WDK */
749 ObjectHandleFlagInformation
= 4, /* FIXME, not in WDK */
750 ObjectSessionInformation
= 5, /* FIXME, not in WDK */
751 MaxObjectInfoClass
/* FIXME, not in WDK */
752 } OBJECT_INFORMATION_CLASS
;
754 #if (NTDDI_VERSION >= NTDDI_NT4)
760 IN HANDLE Handle OPTIONAL
,
761 IN OBJECT_INFORMATION_CLASS ObjectInformationClass
,
762 OUT PVOID ObjectInformation OPTIONAL
,
763 IN ULONG ObjectInformationLength
,
764 OUT PULONG ReturnLength OPTIONAL
);
768 #if (NTDDI_VERSION >= NTDDI_WIN2K)
774 IN HANDLE ThreadHandle
,
775 IN ACCESS_MASK DesiredAccess
,
776 IN BOOLEAN OpenAsSelf
,
777 OUT PHANDLE TokenHandle
);
783 IN HANDLE ProcessHandle
,
784 IN ACCESS_MASK DesiredAccess
,
785 OUT PHANDLE TokenHandle
);
790 NtQueryInformationToken(
791 IN HANDLE TokenHandle
,
792 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
793 OUT PVOID TokenInformation OPTIONAL
,
794 IN ULONG TokenInformationLength
,
795 OUT PULONG ReturnLength
);
800 NtAdjustPrivilegesToken(
801 IN HANDLE TokenHandle
,
802 IN BOOLEAN DisableAllPrivileges
,
803 IN PTOKEN_PRIVILEGES NewState OPTIONAL
,
804 IN ULONG BufferLength
,
805 OUT PTOKEN_PRIVILEGES PreviousState
,
806 OUT PULONG ReturnLength OPTIONAL
);
812 OUT PHANDLE FileHandle
,
813 IN ACCESS_MASK DesiredAccess
,
814 IN POBJECT_ATTRIBUTES ObjectAttributes
,
815 OUT PIO_STATUS_BLOCK IoStatusBlock
,
816 IN PLARGE_INTEGER AllocationSize OPTIONAL
,
817 IN ULONG FileAttributes
,
818 IN ULONG ShareAccess
,
819 IN ULONG CreateDisposition
,
820 IN ULONG CreateOptions
,
827 NtDeviceIoControlFile(
828 IN HANDLE FileHandle
,
829 IN HANDLE Event OPTIONAL
,
830 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
831 IN PVOID ApcContext OPTIONAL
,
832 OUT PIO_STATUS_BLOCK IoStatusBlock
,
833 IN ULONG IoControlCode
,
834 IN PVOID InputBuffer OPTIONAL
,
835 IN ULONG InputBufferLength
,
836 OUT PVOID OutputBuffer OPTIONAL
,
837 IN ULONG OutputBufferLength
);
843 IN HANDLE FileHandle
,
844 IN HANDLE Event OPTIONAL
,
845 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
846 IN PVOID ApcContext OPTIONAL
,
847 OUT PIO_STATUS_BLOCK IoStatusBlock
,
848 IN ULONG FsControlCode
,
849 IN PVOID InputBuffer OPTIONAL
,
850 IN ULONG InputBufferLength
,
851 OUT PVOID OutputBuffer OPTIONAL
,
852 IN ULONG OutputBufferLength
);
858 IN HANDLE FileHandle
,
859 IN HANDLE Event OPTIONAL
,
860 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
861 IN PVOID ApcContext OPTIONAL
,
862 OUT PIO_STATUS_BLOCK IoStatusBlock
,
863 IN PLARGE_INTEGER ByteOffset
,
864 IN PLARGE_INTEGER Length
,
866 IN BOOLEAN FailImmediately
,
867 IN BOOLEAN ExclusiveLock
);
873 OUT PHANDLE FileHandle
,
874 IN ACCESS_MASK DesiredAccess
,
875 IN POBJECT_ATTRIBUTES ObjectAttributes
,
876 OUT PIO_STATUS_BLOCK IoStatusBlock
,
877 IN ULONG ShareAccess
,
878 IN ULONG OpenOptions
);
883 NtQueryDirectoryFile(
884 IN HANDLE FileHandle
,
885 IN HANDLE Event OPTIONAL
,
886 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
887 IN PVOID ApcContext OPTIONAL
,
888 OUT PIO_STATUS_BLOCK IoStatusBlock
,
889 OUT PVOID FileInformation
,
891 IN FILE_INFORMATION_CLASS FileInformationClass
,
892 IN BOOLEAN ReturnSingleEntry
,
893 IN PUNICODE_STRING FileName OPTIONAL
,
894 IN BOOLEAN RestartScan
);
899 NtQueryInformationFile(
900 IN HANDLE FileHandle
,
901 OUT PIO_STATUS_BLOCK IoStatusBlock
,
902 OUT PVOID FileInformation
,
904 IN FILE_INFORMATION_CLASS FileInformationClass
);
909 NtQueryQuotaInformationFile(
910 IN HANDLE FileHandle
,
911 OUT PIO_STATUS_BLOCK IoStatusBlock
,
914 IN BOOLEAN ReturnSingleEntry
,
916 IN ULONG SidListLength
,
917 IN PSID StartSid OPTIONAL
,
918 IN BOOLEAN RestartScan
);
923 NtQueryVolumeInformationFile(
924 IN HANDLE FileHandle
,
925 OUT PIO_STATUS_BLOCK IoStatusBlock
,
926 OUT PVOID FsInformation
,
928 IN FS_INFORMATION_CLASS FsInformationClass
);
934 IN HANDLE FileHandle
,
935 IN HANDLE Event OPTIONAL
,
936 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
937 IN PVOID ApcContext OPTIONAL
,
938 OUT PIO_STATUS_BLOCK IoStatusBlock
,
941 IN PLARGE_INTEGER ByteOffset OPTIONAL
,
942 IN PULONG Key OPTIONAL
);
947 NtSetInformationFile(
948 IN HANDLE FileHandle
,
949 OUT PIO_STATUS_BLOCK IoStatusBlock
,
950 IN PVOID FileInformation
,
952 IN FILE_INFORMATION_CLASS FileInformationClass
);
957 NtSetQuotaInformationFile(
958 IN HANDLE FileHandle
,
959 OUT PIO_STATUS_BLOCK IoStatusBlock
,
966 NtSetVolumeInformationFile(
967 IN HANDLE FileHandle
,
968 OUT PIO_STATUS_BLOCK IoStatusBlock
,
969 IN PVOID FsInformation
,
971 IN FS_INFORMATION_CLASS FsInformationClass
);
977 IN HANDLE FileHandle
,
978 IN HANDLE Event OPTIONAL
,
979 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
980 IN PVOID ApcContext OPTIONAL
,
981 OUT PIO_STATUS_BLOCK IoStatusBlock
,
984 IN PLARGE_INTEGER ByteOffset OPTIONAL
,
985 IN PULONG Key OPTIONAL
);
991 IN HANDLE FileHandle
,
992 OUT PIO_STATUS_BLOCK IoStatusBlock
,
993 IN PLARGE_INTEGER ByteOffset
,
994 IN PLARGE_INTEGER Length
,
1000 NtSetSecurityObject(
1002 IN SECURITY_INFORMATION SecurityInformation
,
1003 IN PSECURITY_DESCRIPTOR SecurityDescriptor
);
1008 NtQuerySecurityObject(
1010 IN SECURITY_INFORMATION SecurityInformation
,
1011 OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
1013 OUT PULONG LengthNeeded
);
1024 NtAllocateVirtualMemory(
1025 IN HANDLE ProcessHandle
,
1026 IN OUT PVOID
*BaseAddress
,
1027 IN ULONG_PTR ZeroBits
,
1028 IN OUT PSIZE_T RegionSize
,
1029 IN ULONG AllocationType
,
1035 NtFreeVirtualMemory(
1036 IN HANDLE ProcessHandle
,
1037 IN OUT PVOID
*BaseAddress
,
1038 IN OUT PSIZE_T RegionSize
,
1043 #if (NTDDI_VERSION >= NTDDI_WINXP)
1048 NtOpenThreadTokenEx(
1049 IN HANDLE ThreadHandle
,
1050 IN ACCESS_MASK DesiredAccess
,
1051 IN BOOLEAN OpenAsSelf
,
1052 IN ULONG HandleAttributes
,
1053 OUT PHANDLE TokenHandle
);
1058 NtOpenProcessTokenEx(
1059 IN HANDLE ProcessHandle
,
1060 IN ACCESS_MASK DesiredAccess
,
1061 IN ULONG HandleAttributes
,
1062 OUT PHANDLE TokenHandle
);
1067 NtOpenJobObjectToken(
1068 IN HANDLE JobHandle
,
1069 IN ACCESS_MASK DesiredAccess
,
1070 OUT PHANDLE TokenHandle
);
1076 IN HANDLE ExistingTokenHandle
,
1077 IN ACCESS_MASK DesiredAccess
,
1078 IN POBJECT_ATTRIBUTES ObjectAttributes
,
1079 IN BOOLEAN EffectiveOnly
,
1080 IN TOKEN_TYPE TokenType
,
1081 OUT PHANDLE NewTokenHandle
);
1087 IN HANDLE ExistingTokenHandle
,
1089 IN PTOKEN_GROUPS SidsToDisable OPTIONAL
,
1090 IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL
,
1091 IN PTOKEN_GROUPS RestrictedSids OPTIONAL
,
1092 OUT PHANDLE NewTokenHandle
);
1097 NtImpersonateAnonymousToken(
1098 IN HANDLE ThreadHandle
);
1103 NtSetInformationToken(
1104 IN HANDLE TokenHandle
,
1105 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
1106 IN PVOID TokenInformation
,
1107 IN ULONG TokenInformationLength
);
1112 NtAdjustGroupsToken(
1113 IN HANDLE TokenHandle
,
1114 IN BOOLEAN ResetToDefault
,
1115 IN PTOKEN_GROUPS NewState OPTIONAL
,
1116 IN ULONG BufferLength OPTIONAL
,
1117 OUT PTOKEN_GROUPS PreviousState
,
1118 OUT PULONG ReturnLength
);
1124 IN HANDLE ClientToken
,
1125 IN OUT PPRIVILEGE_SET RequiredPrivileges
,
1126 OUT PBOOLEAN Result
);
1131 NtAccessCheckAndAuditAlarm(
1132 IN PUNICODE_STRING SubsystemName
,
1133 IN PVOID HandleId OPTIONAL
,
1134 IN PUNICODE_STRING ObjectTypeName
,
1135 IN PUNICODE_STRING ObjectName
,
1136 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1137 IN ACCESS_MASK DesiredAccess
,
1138 IN PGENERIC_MAPPING GenericMapping
,
1139 IN BOOLEAN ObjectCreation
,
1140 OUT PACCESS_MASK GrantedAccess
,
1141 OUT PNTSTATUS AccessStatus
,
1142 OUT PBOOLEAN GenerateOnClose
);
1147 NtAccessCheckByTypeAndAuditAlarm(
1148 IN PUNICODE_STRING SubsystemName
,
1150 IN PUNICODE_STRING ObjectTypeName
,
1151 IN PUNICODE_STRING ObjectName
,
1152 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1153 IN PSID PrincipalSelfSid OPTIONAL
,
1154 IN ACCESS_MASK DesiredAccess
,
1155 IN AUDIT_EVENT_TYPE AuditType
,
1157 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL
,
1158 IN ULONG ObjectTypeLength
,
1159 IN PGENERIC_MAPPING GenericMapping
,
1160 IN BOOLEAN ObjectCreation
,
1161 OUT PACCESS_MASK GrantedAccess
,
1162 OUT PNTSTATUS AccessStatus
,
1163 OUT PBOOLEAN GenerateOnClose
);
1168 NtAccessCheckByTypeResultListAndAuditAlarm(
1169 IN PUNICODE_STRING SubsystemName
,
1170 IN PVOID HandleId OPTIONAL
,
1171 IN PUNICODE_STRING ObjectTypeName
,
1172 IN PUNICODE_STRING ObjectName
,
1173 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1174 IN PSID PrincipalSelfSid OPTIONAL
,
1175 IN ACCESS_MASK DesiredAccess
,
1176 IN AUDIT_EVENT_TYPE AuditType
,
1178 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL
,
1179 IN ULONG ObjectTypeLength
,
1180 IN PGENERIC_MAPPING GenericMapping
,
1181 IN BOOLEAN ObjectCreation
,
1182 OUT PACCESS_MASK GrantedAccess
,
1183 OUT PNTSTATUS AccessStatus
,
1184 OUT PBOOLEAN GenerateOnClose
);
1188 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
1189 IN PUNICODE_STRING SubsystemName
,
1190 IN PVOID HandleId OPTIONAL
,
1191 IN HANDLE ClientToken
,
1192 IN PUNICODE_STRING ObjectTypeName
,
1193 IN PUNICODE_STRING ObjectName
,
1194 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1195 IN PSID PrincipalSelfSid OPTIONAL
,
1196 IN ACCESS_MASK DesiredAccess
,
1197 IN AUDIT_EVENT_TYPE AuditType
,
1199 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL
,
1200 IN ULONG ObjectTypeLength
,
1201 IN PGENERIC_MAPPING GenericMapping
,
1202 IN BOOLEAN ObjectCreation
,
1203 OUT PACCESS_MASK GrantedAccess
,
1204 OUT PNTSTATUS AccessStatus
,
1205 OUT PBOOLEAN GenerateOnClose
);
1210 NtOpenObjectAuditAlarm(
1211 IN PUNICODE_STRING SubsystemName
,
1212 IN PVOID HandleId OPTIONAL
,
1213 IN PUNICODE_STRING ObjectTypeName
,
1214 IN PUNICODE_STRING ObjectName
,
1215 IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL
,
1216 IN HANDLE ClientToken
,
1217 IN ACCESS_MASK DesiredAccess
,
1218 IN ACCESS_MASK GrantedAccess
,
1219 IN PPRIVILEGE_SET Privileges OPTIONAL
,
1220 IN BOOLEAN ObjectCreation
,
1221 IN BOOLEAN AccessGranted
,
1222 OUT PBOOLEAN GenerateOnClose
);
1227 NtPrivilegeObjectAuditAlarm(
1228 IN PUNICODE_STRING SubsystemName
,
1229 IN PVOID HandleId OPTIONAL
,
1230 IN HANDLE ClientToken
,
1231 IN ACCESS_MASK DesiredAccess
,
1232 IN PPRIVILEGE_SET Privileges
,
1233 IN BOOLEAN AccessGranted
);
1238 NtCloseObjectAuditAlarm(
1239 IN PUNICODE_STRING SubsystemName
,
1240 IN PVOID HandleId OPTIONAL
,
1241 IN BOOLEAN GenerateOnClose
);
1246 NtDeleteObjectAuditAlarm(
1247 IN PUNICODE_STRING SubsystemName
,
1248 IN PVOID HandleId OPTIONAL
,
1249 IN BOOLEAN GenerateOnClose
);
1254 NtPrivilegedServiceAuditAlarm(
1255 IN PUNICODE_STRING SubsystemName
,
1256 IN PUNICODE_STRING ServiceName
,
1257 IN HANDLE ClientToken
,
1258 IN PPRIVILEGE_SET Privileges
,
1259 IN BOOLEAN AccessGranted
);
1264 NtSetInformationThread(
1265 IN HANDLE ThreadHandle
,
1266 IN THREADINFOCLASS ThreadInformationClass
,
1267 IN PVOID ThreadInformation
,
1268 IN ULONG ThreadInformationLength
);
1274 OUT PHANDLE SectionHandle
,
1275 IN ACCESS_MASK DesiredAccess
,
1276 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
1277 IN PLARGE_INTEGER MaximumSize OPTIONAL
,
1278 IN ULONG SectionPageProtection
,
1279 IN ULONG AllocationAttributes
,
1280 IN HANDLE FileHandle OPTIONAL
);
1285 (NTAPI
* PRTL_HEAP_COMMIT_ROUTINE
) (
1287 IN OUT PVOID
*CommitAddress
,
1288 IN OUT PSIZE_T CommitSize
);
1290 typedef struct _RTL_HEAP_PARAMETERS
{
1292 SIZE_T SegmentReserve
;
1293 SIZE_T SegmentCommit
;
1294 SIZE_T DeCommitFreeBlockThreshold
;
1295 SIZE_T DeCommitTotalFreeThreshold
;
1296 SIZE_T MaximumAllocationSize
;
1297 SIZE_T VirtualMemoryThreshold
;
1298 SIZE_T InitialCommit
;
1299 SIZE_T InitialReserve
;
1300 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine
;
1302 } RTL_HEAP_PARAMETERS
, *PRTL_HEAP_PARAMETERS
;
1304 #if (NTDDI_VERSION >= NTDDI_WIN2K)
1310 IN HANDLE HeapHandle
,
1311 IN ULONG Flags OPTIONAL
,
1318 IN PVOID HeapHandle
,
1319 IN ULONG Flags OPTIONAL
,
1320 IN PVOID BaseAddress
);
1326 OUT PCONTEXT ContextRecord
);
1332 IN OUT PULONG Seed
);
1337 RtlCreateUnicodeString(
1338 OUT PUNICODE_STRING DestinationString
,
1339 IN PCWSTR SourceString
);
1344 RtlAppendStringToString(
1345 IN OUT PSTRING Destination
,
1346 IN
const STRING
*Source
);
1351 RtlOemStringToUnicodeString(
1352 IN OUT PUNICODE_STRING DestinationString
,
1353 IN PCOEM_STRING SourceString
,
1354 IN BOOLEAN AllocateDestinationString
);
1359 RtlUnicodeStringToOemString(
1360 IN OUT POEM_STRING DestinationString
,
1361 IN PCUNICODE_STRING SourceString
,
1362 IN BOOLEAN AllocateDestinationString
);
1367 RtlUpcaseUnicodeStringToOemString(
1368 IN OUT POEM_STRING DestinationString
,
1369 IN PCUNICODE_STRING SourceString
,
1370 IN BOOLEAN AllocateDestinationString
);
1375 RtlOemStringToCountedUnicodeString(
1376 IN OUT PUNICODE_STRING DestinationString
,
1377 IN PCOEM_STRING SourceString
,
1378 IN BOOLEAN AllocateDestinationString
);
1383 RtlUnicodeStringToCountedOemString(
1384 IN OUT POEM_STRING DestinationString
,
1385 IN PCUNICODE_STRING SourceString
,
1386 IN BOOLEAN AllocateDestinationString
);
1391 RtlUpcaseUnicodeStringToCountedOemString(
1392 IN OUT POEM_STRING DestinationString
,
1393 IN PCUNICODE_STRING SourceString
,
1394 IN BOOLEAN AllocateDestinationString
);
1399 RtlDowncaseUnicodeString(
1400 IN OUT PUNICODE_STRING UniDest
,
1401 IN PCUNICODE_STRING UniSource
,
1402 IN BOOLEAN AllocateDestinationString
);
1408 IN OUT POEM_STRING OemString
);
1413 RtlxUnicodeStringToOemSize(
1414 IN PCUNICODE_STRING UnicodeString
);
1419 RtlxOemStringToUnicodeSize(
1420 IN PCOEM_STRING OemString
);
1425 RtlMultiByteToUnicodeN(
1426 OUT PWCH UnicodeString
,
1427 IN ULONG MaxBytesInUnicodeString
,
1428 OUT PULONG BytesInUnicodeString OPTIONAL
,
1429 IN
const CHAR
*MultiByteString
,
1430 IN ULONG BytesInMultiByteString
);
1435 RtlMultiByteToUnicodeSize(
1436 OUT PULONG BytesInUnicodeString
,
1437 IN
const CHAR
*MultiByteString
,
1438 IN ULONG BytesInMultiByteString
);
1443 RtlUnicodeToMultiByteSize(
1444 OUT PULONG BytesInMultiByteString
,
1445 IN PCWCH UnicodeString
,
1446 IN ULONG BytesInUnicodeString
);
1451 RtlUnicodeToMultiByteN(
1452 OUT PCHAR MultiByteString
,
1453 IN ULONG MaxBytesInMultiByteString
,
1454 OUT PULONG BytesInMultiByteString OPTIONAL
,
1455 IN PWCH UnicodeString
,
1456 IN ULONG BytesInUnicodeString
);
1461 RtlUpcaseUnicodeToMultiByteN(
1462 OUT PCHAR MultiByteString
,
1463 IN ULONG MaxBytesInMultiByteString
,
1464 OUT PULONG BytesInMultiByteString OPTIONAL
,
1465 IN PCWCH UnicodeString
,
1466 IN ULONG BytesInUnicodeString
);
1472 OUT PWSTR UnicodeString
,
1473 IN ULONG MaxBytesInUnicodeString
,
1474 OUT PULONG BytesInUnicodeString OPTIONAL
,
1476 IN ULONG BytesInOemString
);
1482 OUT PCHAR OemString
,
1483 IN ULONG MaxBytesInOemString
,
1484 OUT PULONG BytesInOemString OPTIONAL
,
1485 IN PCWCH UnicodeString
,
1486 IN ULONG BytesInUnicodeString
);
1491 RtlUpcaseUnicodeToOemN(
1492 OUT PCHAR OemString
,
1493 IN ULONG MaxBytesInOemString
,
1494 OUT PULONG BytesInOemString OPTIONAL
,
1495 IN PCWCH UnicodeString
,
1496 IN ULONG BytesInUnicodeString
);
1498 typedef struct _GENERATE_NAME_CONTEXT
{
1500 BOOLEAN CheckSumInserted
;
1502 WCHAR NameBuffer
[8];
1503 ULONG ExtensionLength
;
1504 WCHAR ExtensionBuffer
[4];
1505 ULONG LastIndexValue
;
1506 } GENERATE_NAME_CONTEXT
, *PGENERATE_NAME_CONTEXT
;
1508 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1512 RtlGenerate8dot3Name(
1513 IN PCUNICODE_STRING Name
,
1514 IN BOOLEAN AllowExtendedCharacters
,
1515 IN OUT PGENERATE_NAME_CONTEXT Context
,
1516 IN OUT PUNICODE_STRING Name8dot3
);
1521 RtlGenerate8dot3Name(
1522 IN PCUNICODE_STRING Name
,
1523 IN BOOLEAN AllowExtendedCharacters
,
1524 IN OUT PGENERATE_NAME_CONTEXT Context
,
1525 IN OUT PUNICODE_STRING Name8dot3
);
1531 RtlIsNameLegalDOS8Dot3(
1532 IN PCUNICODE_STRING Name
,
1533 IN OUT POEM_STRING OemName OPTIONAL
,
1534 IN OUT PBOOLEAN NameContainsSpaces OPTIONAL
);
1539 RtlIsValidOemCharacter(
1540 IN OUT PWCHAR Char
);
1542 typedef struct _PREFIX_TABLE_ENTRY
{
1543 CSHORT NodeTypeCode
;
1545 struct _PREFIX_TABLE_ENTRY
*NextPrefixTree
;
1546 RTL_SPLAY_LINKS Links
;
1548 } PREFIX_TABLE_ENTRY
, *PPREFIX_TABLE_ENTRY
;
1550 typedef struct _PREFIX_TABLE
{
1551 CSHORT NodeTypeCode
;
1553 PPREFIX_TABLE_ENTRY NextPrefixTree
;
1554 } PREFIX_TABLE
, *PPREFIX_TABLE
;
1560 OUT PPREFIX_TABLE PrefixTable
);
1566 IN PPREFIX_TABLE PrefixTable
,
1568 OUT PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1574 IN PPREFIX_TABLE PrefixTable
,
1575 IN PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1581 IN PPREFIX_TABLE PrefixTable
,
1582 IN PSTRING FullName
);
1584 typedef struct _UNICODE_PREFIX_TABLE_ENTRY
{
1585 CSHORT NodeTypeCode
;
1587 struct _UNICODE_PREFIX_TABLE_ENTRY
*NextPrefixTree
;
1588 struct _UNICODE_PREFIX_TABLE_ENTRY
*CaseMatch
;
1589 RTL_SPLAY_LINKS Links
;
1590 PUNICODE_STRING Prefix
;
1591 } UNICODE_PREFIX_TABLE_ENTRY
, *PUNICODE_PREFIX_TABLE_ENTRY
;
1593 typedef struct _UNICODE_PREFIX_TABLE
{
1594 CSHORT NodeTypeCode
;
1596 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree
;
1597 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry
;
1598 } UNICODE_PREFIX_TABLE
, *PUNICODE_PREFIX_TABLE
;
1603 RtlInitializeUnicodePrefix(
1604 OUT PUNICODE_PREFIX_TABLE PrefixTable
);
1609 RtlInsertUnicodePrefix(
1610 IN PUNICODE_PREFIX_TABLE PrefixTable
,
1611 IN PUNICODE_STRING Prefix
,
1612 OUT PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1617 RtlRemoveUnicodePrefix(
1618 IN PUNICODE_PREFIX_TABLE PrefixTable
,
1619 IN PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1622 PUNICODE_PREFIX_TABLE_ENTRY
1624 RtlFindUnicodePrefix(
1625 IN PUNICODE_PREFIX_TABLE PrefixTable
,
1626 IN PUNICODE_STRING FullName
,
1627 IN ULONG CaseInsensitiveIndex
);
1630 PUNICODE_PREFIX_TABLE_ENTRY
1632 RtlNextUnicodePrefix(
1633 IN PUNICODE_PREFIX_TABLE PrefixTable
,
1634 IN BOOLEAN Restart
);
1639 RtlCompareMemoryUlong(
1647 RtlTimeToSecondsSince1980(
1648 IN PLARGE_INTEGER Time
,
1649 OUT PULONG ElapsedSeconds
);
1654 RtlSecondsSince1980ToTime(
1655 IN ULONG ElapsedSeconds
,
1656 OUT PLARGE_INTEGER Time
);
1661 RtlTimeToSecondsSince1970(
1662 IN PLARGE_INTEGER Time
,
1663 OUT PULONG ElapsedSeconds
);
1668 RtlSecondsSince1970ToTime(
1669 IN ULONG ElapsedSeconds
,
1670 OUT PLARGE_INTEGER Time
);
1695 RtlLengthRequiredSid(
1696 IN ULONG SubAuthorityCount
);
1707 RtlAllocateAndInitializeSid(
1708 IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1709 IN UCHAR SubAuthorityCount
,
1710 IN ULONG SubAuthority0
,
1711 IN ULONG SubAuthority1
,
1712 IN ULONG SubAuthority2
,
1713 IN ULONG SubAuthority3
,
1714 IN ULONG SubAuthority4
,
1715 IN ULONG SubAuthority5
,
1716 IN ULONG SubAuthority6
,
1717 IN ULONG SubAuthority7
,
1725 IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1726 IN UCHAR SubAuthorityCount
);
1733 IN ULONG SubAuthority
);
1746 IN PSID Destination
,
1752 RtlConvertSidToUnicodeString(
1753 IN OUT PUNICODE_STRING UnicodeString
,
1755 IN BOOLEAN AllocateDestinationString
);
1761 OUT PLUID DestinationLuid
,
1762 IN PLUID SourceLuid
);
1770 IN ULONG AclRevision
);
1777 IN ULONG AceRevision
,
1778 IN ULONG StartingAceIndex
,
1780 IN ULONG AceListLength
);
1800 RtlAddAccessAllowedAce(
1802 IN ULONG AceRevision
,
1803 IN ACCESS_MASK AccessMask
,
1809 RtlAddAccessAllowedAceEx(
1811 IN ULONG AceRevision
,
1813 IN ACCESS_MASK AccessMask
,
1819 RtlCreateSecurityDescriptorRelative(
1820 OUT PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor
,
1826 RtlGetDaclSecurityDescriptor(
1827 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1828 OUT PBOOLEAN DaclPresent
,
1830 OUT PBOOLEAN DaclDefaulted
);
1835 RtlSetOwnerSecurityDescriptor(
1836 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
1837 IN PSID Owner OPTIONAL
,
1838 IN BOOLEAN OwnerDefaulted
);
1843 RtlGetOwnerSecurityDescriptor(
1844 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
1846 OUT PBOOLEAN OwnerDefaulted
);
1851 RtlNtStatusToDosError(
1852 IN NTSTATUS Status
);
1857 RtlCustomCPToUnicodeN(
1858 IN PCPTABLEINFO CustomCP
,
1859 OUT PWCH UnicodeString
,
1860 IN ULONG MaxBytesInUnicodeString
,
1861 OUT PULONG BytesInUnicodeString OPTIONAL
,
1862 IN PCH CustomCPString
,
1863 IN ULONG BytesInCustomCPString
);
1868 RtlUnicodeToCustomCPN(
1869 IN PCPTABLEINFO CustomCP
,
1870 OUT PCH CustomCPString
,
1871 IN ULONG MaxBytesInCustomCPString
,
1872 OUT PULONG BytesInCustomCPString OPTIONAL
,
1873 IN PWCH UnicodeString
,
1874 IN ULONG BytesInUnicodeString
);
1879 RtlUpcaseUnicodeToCustomCPN(
1880 IN PCPTABLEINFO CustomCP
,
1881 OUT PCH CustomCPString
,
1882 IN ULONG MaxBytesInCustomCPString
,
1883 OUT PULONG BytesInCustomCPString OPTIONAL
,
1884 IN PWCH UnicodeString
,
1885 IN ULONG BytesInUnicodeString
);
1890 RtlInitCodePageTable(
1891 IN PUSHORT TableBase
,
1892 IN OUT PCPTABLEINFO CodePageTable
);
1896 #if (NTDDI_VERSION >= NTDDI_WINXP)
1903 IN PVOID HeapBase OPTIONAL
,
1904 IN SIZE_T ReserveSize OPTIONAL
,
1905 IN SIZE_T CommitSize OPTIONAL
,
1906 IN PVOID Lock OPTIONAL
,
1907 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL
);
1913 IN PVOID HeapHandle
);
1918 RtlCaptureStackBackTrace(
1919 IN ULONG FramesToSkip
,
1920 IN ULONG FramesToCapture
,
1921 OUT PVOID
*BackTrace
,
1922 OUT PULONG BackTraceHash OPTIONAL
);
1928 IN OUT PULONG Seed
);
1933 RtlInitUnicodeStringEx(
1934 OUT PUNICODE_STRING DestinationString
,
1935 IN PCWSTR SourceString OPTIONAL
);
1940 RtlValidateUnicodeString(
1942 IN PCUNICODE_STRING String
);
1947 RtlDuplicateUnicodeString(
1949 IN PCUNICODE_STRING SourceString
,
1950 OUT PUNICODE_STRING DestinationString
);
1955 RtlGetCompressionWorkSpaceSize(
1956 IN USHORT CompressionFormatAndEngine
,
1957 OUT PULONG CompressBufferWorkSpaceSize
,
1958 OUT PULONG CompressFragmentWorkSpaceSize
);
1964 IN USHORT CompressionFormatAndEngine
,
1965 IN PUCHAR UncompressedBuffer
,
1966 IN ULONG UncompressedBufferSize
,
1967 OUT PUCHAR CompressedBuffer
,
1968 IN ULONG CompressedBufferSize
,
1969 IN ULONG UncompressedChunkSize
,
1970 OUT PULONG FinalCompressedSize
,
1971 IN PVOID WorkSpace
);
1976 RtlDecompressBuffer(
1977 IN USHORT CompressionFormat
,
1978 OUT PUCHAR UncompressedBuffer
,
1979 IN ULONG UncompressedBufferSize
,
1980 IN PUCHAR CompressedBuffer
,
1981 IN ULONG CompressedBufferSize
,
1982 OUT PULONG FinalUncompressedSize
);
1987 RtlDecompressFragment(
1988 IN USHORT CompressionFormat
,
1989 OUT PUCHAR UncompressedFragment
,
1990 IN ULONG UncompressedFragmentSize
,
1991 IN PUCHAR CompressedBuffer
,
1992 IN ULONG CompressedBufferSize
,
1993 IN ULONG FragmentOffset
,
1994 OUT PULONG FinalUncompressedSize
,
1995 IN PVOID WorkSpace
);
2001 IN USHORT CompressionFormat
,
2002 IN OUT PUCHAR
*CompressedBuffer
,
2003 IN PUCHAR EndOfCompressedBufferPlus1
,
2004 OUT PUCHAR
*ChunkBuffer
,
2005 OUT PULONG ChunkSize
);
2011 IN USHORT CompressionFormat
,
2012 IN OUT PUCHAR
*CompressedBuffer
,
2013 IN PUCHAR EndOfCompressedBufferPlus1
,
2014 OUT PUCHAR
*ChunkBuffer
,
2015 IN ULONG ChunkSize
);
2017 typedef struct _COMPRESSED_DATA_INFO
{
2018 USHORT CompressionFormatAndEngine
;
2019 UCHAR CompressionUnitShift
;
2023 USHORT NumberOfChunks
;
2024 ULONG CompressedChunkSizes
[ANYSIZE_ARRAY
];
2025 } COMPRESSED_DATA_INFO
, *PCOMPRESSED_DATA_INFO
;
2030 RtlDecompressChunks(
2031 OUT PUCHAR UncompressedBuffer
,
2032 IN ULONG UncompressedBufferSize
,
2033 IN PUCHAR CompressedBuffer
,
2034 IN ULONG CompressedBufferSize
,
2035 IN PUCHAR CompressedTail
,
2036 IN ULONG CompressedTailSize
,
2037 IN PCOMPRESSED_DATA_INFO CompressedDataInfo
);
2043 IN PUCHAR UncompressedBuffer
,
2044 IN ULONG UncompressedBufferSize
,
2045 OUT PUCHAR CompressedBuffer
,
2046 IN ULONG CompressedBufferSize
,
2047 IN OUT PCOMPRESSED_DATA_INFO CompressedDataInfo
,
2048 IN ULONG CompressedDataInfoLength
,
2049 IN PVOID WorkSpace
);
2052 PSID_IDENTIFIER_AUTHORITY
2054 RtlIdentifierAuthoritySid(
2060 RtlSubAuthorityCountSid(
2066 RtlNtStatusToDosErrorNoTeb(
2067 IN NTSTATUS Status
);
2072 RtlCreateSystemVolumeInformationFolder(
2073 IN PCUNICODE_STRING VolumeRootPath
);
2077 #if defined(_M_AMD64)
2081 RtlFillMemoryUlong (
2082 OUT PVOID Destination
,
2086 PULONG Address
= (PULONG
)Destination
;
2087 if ((Length
/= 4) != 0) {
2088 if (((ULONG64
)Address
& 4) != 0) {
2090 if ((Length
-= 1) == 0) {
2095 __stosq((PULONG64
)(Address
), Pattern
| ((ULONG64
)Pattern
<< 32), Length
/ 2);
2096 if ((Length
& 1) != 0) Address
[Length
- 1] = Pattern
;
2101 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
2102 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
2106 #if (NTDDI_VERSION >= NTDDI_WINXP)
2112 OUT PVOID Destination
,
2119 RtlFillMemoryUlonglong(
2120 OUT PVOID Destination
,
2122 IN ULONGLONG Pattern
);
2126 #endif // defined(_M_AMD64)
2128 #if (NTDDI_VERSION >= NTDDI_WS03)
2133 RtlInitAnsiStringEx(
2134 OUT PANSI_STRING DestinationString
,
2135 IN PCSZ SourceString OPTIONAL
);
2139 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
2144 RtlGetSaclSecurityDescriptor(
2145 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
2146 OUT PBOOLEAN SaclPresent
,
2148 OUT PBOOLEAN SaclDefaulted
);
2153 RtlSetGroupSecurityDescriptor(
2154 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
2155 IN PSID Group OPTIONAL
,
2156 IN BOOLEAN GroupDefaulted OPTIONAL
);
2161 RtlGetGroupSecurityDescriptor(
2162 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
2164 OUT PBOOLEAN GroupDefaulted
);
2169 RtlAbsoluteToSelfRelativeSD(
2170 IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor
,
2171 OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor OPTIONAL
,
2172 IN OUT PULONG BufferLength
);
2177 RtlSelfRelativeToAbsoluteSD(
2178 IN PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
,
2179 OUT PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor OPTIONAL
,
2180 IN OUT PULONG AbsoluteSecurityDescriptorSize
,
2181 OUT PACL Dacl OPTIONAL
,
2182 IN OUT PULONG DaclSize
,
2183 OUT PACL Sacl OPTIONAL
,
2184 IN OUT PULONG SaclSize
,
2185 OUT PSID Owner OPTIONAL
,
2186 IN OUT PULONG OwnerSize
,
2187 OUT PSID PrimaryGroup OPTIONAL
,
2188 IN OUT PULONG PrimaryGroupSize
);
2192 #if (NTDDI_VERSION >= NTDDI_VISTA)
2199 IN PCWSTR SourceString
,
2200 IN LONG SourceStringLength
,
2201 OUT PWSTR DestinationString
,
2202 IN OUT PLONG DestinationStringLength
);
2207 RtlIsNormalizedString(
2209 IN PCWSTR SourceString
,
2210 IN LONG SourceStringLength
,
2211 OUT PBOOLEAN Normalized
);
2218 IN PCWSTR SourceString
,
2219 IN LONG SourceStringLength
,
2220 OUT PWSTR DestinationString
,
2221 IN OUT PLONG DestinationStringLength
);
2228 IN PCWSTR SourceString
,
2229 IN LONG SourceStringLength
,
2230 OUT PWSTR DestinationString
,
2231 IN OUT PLONG DestinationStringLength
);
2236 RtlIdnToNameprepUnicode(
2238 IN PCWSTR SourceString
,
2239 IN LONG SourceStringLength
,
2240 OUT PWSTR DestinationString
,
2241 IN OUT PLONG DestinationStringLength
);
2246 RtlCreateServiceSid(
2247 IN PUNICODE_STRING ServiceName
,
2248 OUT PSID ServiceSid
,
2249 IN OUT PULONG ServiceSidLength
);
2254 RtlCompareAltitudes(
2255 IN PCUNICODE_STRING Altitude1
,
2256 IN PCUNICODE_STRING Altitude2
);
2260 #if (NTDDI_VERSION >= NTDDI_WIN7)
2266 OUT PCHAR UTF8StringDestination
,
2267 IN ULONG UTF8StringMaxByteCount
,
2268 OUT PULONG UTF8StringActualByteCount
,
2269 IN PCWCH UnicodeStringSource
,
2270 IN ULONG UnicodeStringByteCount
);
2276 OUT PWSTR UnicodeStringDestination
,
2277 IN ULONG UnicodeStringMaxByteCount
,
2278 OUT PULONG UnicodeStringActualByteCount
,
2279 IN PCCH UTF8StringSource
,
2280 IN ULONG UTF8StringByteCount
);
2286 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
2289 OUT ULONG
*NumChanges
);
2294 RtlCreateVirtualAccountSid(
2295 IN PCUNICODE_STRING Name
,
2296 IN ULONG BaseSubAuthority
,
2298 IN OUT PULONG SidLength
);
2302 #define HEAP_NO_SERIALIZE 0x00000001
2303 #define HEAP_GROWABLE 0x00000002
2304 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
2305 #define HEAP_ZERO_MEMORY 0x00000008
2306 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
2307 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
2308 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
2309 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
2311 #define HEAP_CREATE_ALIGN_16 0x00010000
2312 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
2313 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
2315 #define HEAP_SETTABLE_USER_VALUE 0x00000100
2316 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
2317 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
2318 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
2319 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
2321 #define HEAP_CLASS_0 0x00000000
2322 #define HEAP_CLASS_1 0x00001000
2323 #define HEAP_CLASS_2 0x00002000
2324 #define HEAP_CLASS_3 0x00003000
2325 #define HEAP_CLASS_4 0x00004000
2326 #define HEAP_CLASS_5 0x00005000
2327 #define HEAP_CLASS_6 0x00006000
2328 #define HEAP_CLASS_7 0x00007000
2329 #define HEAP_CLASS_8 0x00008000
2330 #define HEAP_CLASS_MASK 0x0000F000
2332 #define HEAP_MAXIMUM_TAG 0x0FFF
2333 #define HEAP_GLOBAL_TAG 0x0800
2334 #define HEAP_PSEUDO_TAG_FLAG 0x8000
2335 #define HEAP_TAG_SHIFT 18
2336 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
2338 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
2340 HEAP_GENERATE_EXCEPTIONS | \
2341 HEAP_ZERO_MEMORY | \
2342 HEAP_REALLOC_IN_PLACE_ONLY | \
2343 HEAP_TAIL_CHECKING_ENABLED | \
2344 HEAP_FREE_CHECKING_ENABLED | \
2345 HEAP_DISABLE_COALESCE_ON_FREE | \
2347 HEAP_CREATE_ALIGN_16 | \
2348 HEAP_CREATE_ENABLE_TRACING | \
2349 HEAP_CREATE_ENABLE_EXECUTE)
2353 HEAP_MAKE_TAG_FLAGS(
2357 //__assume_bound(TagBase); // FIXME
2358 return ((ULONG
)((TagBase
) + ((Tag
) << HEAP_TAG_SHIFT
)));
2361 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2362 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2364 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2365 RtlxUnicodeStringToOemSize(STRING) : \
2366 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2369 #define RtlOemStringToUnicodeSize(STRING) ( \
2370 NLS_MB_OEM_CODE_PAGE_TAG ? \
2371 RtlxOemStringToUnicodeSize(STRING) : \
2372 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2375 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2376 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2380 (NTAPI
*PRTL_ALLOCATE_STRING_ROUTINE
)(
2381 IN SIZE_T NumberOfBytes
);
2383 #if _WIN32_WINNT >= 0x0600
2386 (NTAPI
*PRTL_REALLOCATE_STRING_ROUTINE
)(
2387 IN SIZE_T NumberOfBytes
,
2393 (NTAPI
*PRTL_FREE_STRING_ROUTINE
)(
2396 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine
;
2397 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine
;
2399 #if _WIN32_WINNT >= 0x0600
2400 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine
;
2403 #define COMPRESSION_FORMAT_NONE (0x0000)
2404 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2405 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2406 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2407 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2408 #define COMPRESSION_ENGINE_HIBER (0x0200)
2410 #define RtlOffsetToPointer(B,O) ((PCHAR)( ((PCHAR)(B)) + ((ULONG_PTR)(O)) ))
2411 #define RtlPointerToOffset(B,P) ((ULONG)( ((PCHAR)(P)) - ((PCHAR)(B)) ))
2413 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2415 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
2417 #define DEVICE_TYPE ULONG
2419 #define FILE_DEVICE_BEEP 0x00000001
2420 #define FILE_DEVICE_CD_ROM 0x00000002
2421 #define FILE_DEVICE_CD_ROM_FILE_SYSTEM 0x00000003
2422 #define FILE_DEVICE_CONTROLLER 0x00000004
2423 #define FILE_DEVICE_DATALINK 0x00000005
2424 #define FILE_DEVICE_DFS 0x00000006
2425 #define FILE_DEVICE_DISK 0x00000007
2426 #define FILE_DEVICE_DISK_FILE_SYSTEM 0x00000008
2427 #define FILE_DEVICE_FILE_SYSTEM 0x00000009
2428 #define FILE_DEVICE_INPORT_PORT 0x0000000a
2429 #define FILE_DEVICE_KEYBOARD 0x0000000b
2430 #define FILE_DEVICE_MAILSLOT 0x0000000c
2431 #define FILE_DEVICE_MIDI_IN 0x0000000d
2432 #define FILE_DEVICE_MIDI_OUT 0x0000000e
2433 #define FILE_DEVICE_MOUSE 0x0000000f
2434 #define FILE_DEVICE_MULTI_UNC_PROVIDER 0x00000010
2435 #define FILE_DEVICE_NAMED_PIPE 0x00000011
2436 #define FILE_DEVICE_NETWORK 0x00000012
2437 #define FILE_DEVICE_NETWORK_BROWSER 0x00000013
2438 #define FILE_DEVICE_NETWORK_FILE_SYSTEM 0x00000014
2439 #define FILE_DEVICE_NULL 0x00000015
2440 #define FILE_DEVICE_PARALLEL_PORT 0x00000016
2441 #define FILE_DEVICE_PHYSICAL_NETCARD 0x00000017
2442 #define FILE_DEVICE_PRINTER 0x00000018
2443 #define FILE_DEVICE_SCANNER 0x00000019
2444 #define FILE_DEVICE_SERIAL_MOUSE_PORT 0x0000001a
2445 #define FILE_DEVICE_SERIAL_PORT 0x0000001b
2446 #define FILE_DEVICE_SCREEN 0x0000001c
2447 #define FILE_DEVICE_SOUND 0x0000001d
2448 #define FILE_DEVICE_STREAMS 0x0000001e
2449 #define FILE_DEVICE_TAPE 0x0000001f
2450 #define FILE_DEVICE_TAPE_FILE_SYSTEM 0x00000020
2451 #define FILE_DEVICE_TRANSPORT 0x00000021
2452 #define FILE_DEVICE_UNKNOWN 0x00000022
2453 #define FILE_DEVICE_VIDEO 0x00000023
2454 #define FILE_DEVICE_VIRTUAL_DISK 0x00000024
2455 #define FILE_DEVICE_WAVE_IN 0x00000025
2456 #define FILE_DEVICE_WAVE_OUT 0x00000026
2457 #define FILE_DEVICE_8042_PORT 0x00000027
2458 #define FILE_DEVICE_NETWORK_REDIRECTOR 0x00000028
2459 #define FILE_DEVICE_BATTERY 0x00000029
2460 #define FILE_DEVICE_BUS_EXTENDER 0x0000002a
2461 #define FILE_DEVICE_MODEM 0x0000002b
2462 #define FILE_DEVICE_VDM 0x0000002c
2463 #define FILE_DEVICE_MASS_STORAGE 0x0000002d
2464 #define FILE_DEVICE_SMB 0x0000002e
2465 #define FILE_DEVICE_KS 0x0000002f
2466 #define FILE_DEVICE_CHANGER 0x00000030
2467 #define FILE_DEVICE_SMARTCARD 0x00000031
2468 #define FILE_DEVICE_ACPI 0x00000032
2469 #define FILE_DEVICE_DVD 0x00000033
2470 #define FILE_DEVICE_FULLSCREEN_VIDEO 0x00000034
2471 #define FILE_DEVICE_DFS_FILE_SYSTEM 0x00000035
2472 #define FILE_DEVICE_DFS_VOLUME 0x00000036
2473 #define FILE_DEVICE_SERENUM 0x00000037
2474 #define FILE_DEVICE_TERMSRV 0x00000038
2475 #define FILE_DEVICE_KSEC 0x00000039
2476 #define FILE_DEVICE_FIPS 0x0000003A
2477 #define FILE_DEVICE_INFINIBAND 0x0000003B
2478 #define FILE_DEVICE_VMBUS 0x0000003E
2479 #define FILE_DEVICE_CRYPT_PROVIDER 0x0000003F
2480 #define FILE_DEVICE_WPD 0x00000040
2481 #define FILE_DEVICE_BLUETOOTH 0x00000041
2482 #define FILE_DEVICE_MT_COMPOSITE 0x00000042
2483 #define FILE_DEVICE_MT_TRANSPORT 0x00000043
2484 #define FILE_DEVICE_BIOMETRIC 0x00000044
2485 #define FILE_DEVICE_PMI 0x00000045
2487 #define CTL_CODE(DeviceType, Function, Method, Access) \
2488 (((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method))
2490 #define DEVICE_TYPE_FROM_CTL_CODE(ctl) (((ULONG) (ctl & 0xffff0000)) >> 16)
2492 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2494 #define METHOD_BUFFERED 0
2495 #define METHOD_IN_DIRECT 1
2496 #define METHOD_OUT_DIRECT 2
2497 #define METHOD_NEITHER 3
2498 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2499 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2501 #define FILE_ANY_ACCESS 0x00000000
2502 #define FILE_SPECIAL_ACCESS FILE_ANY_ACCESS
2503 #define FILE_READ_ACCESS 0x00000001
2504 #define FILE_WRITE_ACCESS 0x00000002
2506 typedef ULONG LSA_OPERATIONAL_MODE
, *PLSA_OPERATIONAL_MODE
;
2508 typedef enum _SECURITY_LOGON_TYPE
{
2509 UndefinedLogonType
= 0,
2518 #if (_WIN32_WINNT >= 0x0501)
2522 #if (_WIN32_WINNT >= 0x0502)
2523 CachedRemoteInteractive
,
2526 } SECURITY_LOGON_TYPE
, *PSECURITY_LOGON_TYPE
;
2528 #ifndef _NTLSA_AUDIT_
2529 #define _NTLSA_AUDIT_
2531 #ifndef GUID_DEFINED
2532 #include <guiddef.h>
2535 #endif /* _NTLSA_AUDIT_ */
2539 LsaRegisterLogonProcess(
2540 IN PLSA_STRING LogonProcessName
,
2541 OUT PHANDLE LsaHandle
,
2542 OUT PLSA_OPERATIONAL_MODE SecurityMode
);
2547 IN HANDLE LsaHandle
,
2548 IN PLSA_STRING OriginName
,
2549 IN SECURITY_LOGON_TYPE LogonType
,
2550 IN ULONG AuthenticationPackage
,
2551 IN PVOID AuthenticationInformation
,
2552 IN ULONG AuthenticationInformationLength
,
2553 IN PTOKEN_GROUPS LocalGroups OPTIONAL
,
2554 IN PTOKEN_SOURCE SourceContext
,
2555 OUT PVOID
*ProfileBuffer
,
2556 OUT PULONG ProfileBufferLength
,
2559 OUT PQUOTA_LIMITS Quotas
,
2560 OUT PNTSTATUS SubStatus
);
2564 LsaFreeReturnBuffer(
2571 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2572 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2573 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2575 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2576 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2578 #define MSV1_0_CHALLENGE_LENGTH 8
2579 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2580 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2582 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2583 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2584 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2585 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2586 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2587 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2588 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2589 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2590 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2591 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2592 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2594 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2595 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2597 #if (_WIN32_WINNT >= 0x0502)
2598 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2599 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2602 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2603 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2605 #if (_WIN32_WINNT >= 0x0600)
2606 #define MSV1_0_S4U2SELF 0x00020000
2607 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2610 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2611 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2612 #define MSV1_0_MNS_LOGON 0x01000000
2614 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2615 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2617 #define LOGON_GUEST 0x01
2618 #define LOGON_NOENCRYPTION 0x02
2619 #define LOGON_CACHED_ACCOUNT 0x04
2620 #define LOGON_USED_LM_PASSWORD 0x08
2621 #define LOGON_EXTRA_SIDS 0x20
2622 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2623 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2624 #define LOGON_NTLMV2_ENABLED 0x100
2625 #define LOGON_RESOURCE_GROUPS 0x200
2626 #define LOGON_PROFILE_PATH_RETURNED 0x400
2627 #define LOGON_NT_V2 0x800
2628 #define LOGON_LM_V2 0x1000
2629 #define LOGON_NTLM_V2 0x2000
2631 #if (_WIN32_WINNT >= 0x0600)
2633 #define LOGON_OPTIMIZED 0x4000
2634 #define LOGON_WINLOGON 0x8000
2635 #define LOGON_PKINIT 0x10000
2636 #define LOGON_NO_OPTIMIZED 0x20000
2640 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2642 #define LOGON_GRACE_LOGON 0x01000000
2644 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2645 #define MSV1_0_CRED_LM_PRESENT 0x1
2646 #define MSV1_0_CRED_NT_PRESENT 0x2
2647 #define MSV1_0_CRED_VERSION 0
2649 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2650 #define MSV1_0_NTLM3_OWF_LENGTH 16
2652 #if (_WIN32_WINNT == 0x0500)
2653 #define MSV1_0_MAX_NTLM3_LIFE 1800
2655 #define MSV1_0_MAX_NTLM3_LIFE 129600
2657 #define MSV1_0_MAX_AVL_SIZE 64000
2659 #if (_WIN32_WINNT >= 0x0501)
2661 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2663 #if (_WIN32_WINNT >= 0x0600)
2664 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2669 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2671 #if(_WIN32_WINNT >= 0x0502)
2672 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2675 #define USE_PRIMARY_PASSWORD 0x01
2676 #define RETURN_PRIMARY_USERNAME 0x02
2677 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2678 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2679 #define GENERATE_CLIENT_CHALLENGE 0x10
2680 #define GCR_NTLM3_PARMS 0x20
2681 #define GCR_TARGET_INFO 0x40
2682 #define RETURN_RESERVED_PARAMETER 0x80
2683 #define GCR_ALLOW_NTLM 0x100
2684 #define GCR_USE_OEM_SET 0x200
2685 #define GCR_MACHINE_CREDENTIAL 0x400
2686 #define GCR_USE_OWF_PASSWORD 0x800
2687 #define GCR_ALLOW_LM 0x1000
2688 #define GCR_ALLOW_NO_TARGET 0x2000
2690 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE
{
2691 MsV1_0InteractiveLogon
= 2,
2695 MsV1_0WorkstationUnlockLogon
= 7,
2696 MsV1_0S4ULogon
= 12,
2697 MsV1_0VirtualLogon
= 82
2698 } MSV1_0_LOGON_SUBMIT_TYPE
, *PMSV1_0_LOGON_SUBMIT_TYPE
;
2700 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE
{
2701 MsV1_0InteractiveProfile
= 2,
2702 MsV1_0Lm20LogonProfile
,
2703 MsV1_0SmartCardProfile
2704 } MSV1_0_PROFILE_BUFFER_TYPE
, *PMSV1_0_PROFILE_BUFFER_TYPE
;
2706 typedef struct _MSV1_0_INTERACTIVE_LOGON
{
2707 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2708 UNICODE_STRING LogonDomainName
;
2709 UNICODE_STRING UserName
;
2710 UNICODE_STRING Password
;
2711 } MSV1_0_INTERACTIVE_LOGON
, *PMSV1_0_INTERACTIVE_LOGON
;
2713 typedef struct _MSV1_0_INTERACTIVE_PROFILE
{
2714 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2716 USHORT BadPasswordCount
;
2717 LARGE_INTEGER LogonTime
;
2718 LARGE_INTEGER LogoffTime
;
2719 LARGE_INTEGER KickOffTime
;
2720 LARGE_INTEGER PasswordLastSet
;
2721 LARGE_INTEGER PasswordCanChange
;
2722 LARGE_INTEGER PasswordMustChange
;
2723 UNICODE_STRING LogonScript
;
2724 UNICODE_STRING HomeDirectory
;
2725 UNICODE_STRING FullName
;
2726 UNICODE_STRING ProfilePath
;
2727 UNICODE_STRING HomeDirectoryDrive
;
2728 UNICODE_STRING LogonServer
;
2730 } MSV1_0_INTERACTIVE_PROFILE
, *PMSV1_0_INTERACTIVE_PROFILE
;
2732 typedef struct _MSV1_0_LM20_LOGON
{
2733 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2734 UNICODE_STRING LogonDomainName
;
2735 UNICODE_STRING UserName
;
2736 UNICODE_STRING Workstation
;
2737 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2738 STRING CaseSensitiveChallengeResponse
;
2739 STRING CaseInsensitiveChallengeResponse
;
2740 ULONG ParameterControl
;
2741 } MSV1_0_LM20_LOGON
, * PMSV1_0_LM20_LOGON
;
2743 typedef struct _MSV1_0_SUBAUTH_LOGON
{
2744 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2745 UNICODE_STRING LogonDomainName
;
2746 UNICODE_STRING UserName
;
2747 UNICODE_STRING Workstation
;
2748 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2749 STRING AuthenticationInfo1
;
2750 STRING AuthenticationInfo2
;
2751 ULONG ParameterControl
;
2752 ULONG SubAuthPackageId
;
2753 } MSV1_0_SUBAUTH_LOGON
, * PMSV1_0_SUBAUTH_LOGON
;
2755 #if (_WIN32_WINNT >= 0x0600)
2757 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2759 typedef struct _MSV1_0_S4U_LOGON
{
2760 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2762 UNICODE_STRING UserPrincipalName
;
2763 UNICODE_STRING DomainName
;
2764 } MSV1_0_S4U_LOGON
, *PMSV1_0_S4U_LOGON
;
2768 typedef struct _MSV1_0_LM20_LOGON_PROFILE
{
2769 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2770 LARGE_INTEGER KickOffTime
;
2771 LARGE_INTEGER LogoffTime
;
2773 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
2774 UNICODE_STRING LogonDomainName
;
2775 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
2776 UNICODE_STRING LogonServer
;
2777 UNICODE_STRING UserParameters
;
2778 } MSV1_0_LM20_LOGON_PROFILE
, * PMSV1_0_LM20_LOGON_PROFILE
;
2780 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
2783 UCHAR LmPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2784 UCHAR NtPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2785 } MSV1_0_SUPPLEMENTAL_CREDENTIAL
, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
2787 typedef struct _MSV1_0_NTLM3_RESPONSE
{
2788 UCHAR Response
[MSV1_0_NTLM3_RESPONSE_LENGTH
];
2793 ULONGLONG TimeStamp
;
2794 UCHAR ChallengeFromClient
[MSV1_0_CHALLENGE_LENGTH
];
2797 } MSV1_0_NTLM3_RESPONSE
, *PMSV1_0_NTLM3_RESPONSE
;
2799 typedef enum _MSV1_0_AVID
{
2801 MsvAvNbComputerName
,
2803 MsvAvDnsComputerName
,
2805 #if (_WIN32_WINNT >= 0x0501)
2808 #if (_WIN32_WINNT >= 0x0600)
2812 MsvAvChannelBindings
,
2817 typedef struct _MSV1_0_AV_PAIR
{
2820 } MSV1_0_AV_PAIR
, *PMSV1_0_AV_PAIR
;
2822 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE
{
2823 MsV1_0Lm20ChallengeRequest
= 0,
2824 MsV1_0Lm20GetChallengeResponse
,
2825 MsV1_0EnumerateUsers
,
2828 MsV1_0ChangePassword
,
2829 MsV1_0ChangeCachedPassword
,
2830 MsV1_0GenericPassthrough
,
2833 MsV1_0DeriveCredential
,
2835 #if (_WIN32_WINNT >= 0x0501)
2836 MsV1_0SetProcessOption
,
2838 #if (_WIN32_WINNT >= 0x0600)
2839 MsV1_0ConfigLocalAliases
,
2840 MsV1_0ClearCachedCredentials
,
2842 } MSV1_0_PROTOCOL_MESSAGE_TYPE
, *PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
2844 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST
{
2845 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2846 } MSV1_0_LM20_CHALLENGE_REQUEST
, *PMSV1_0_LM20_CHALLENGE_REQUEST
;
2848 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE
{
2849 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2850 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2851 } MSV1_0_LM20_CHALLENGE_RESPONSE
, *PMSV1_0_LM20_CHALLENGE_RESPONSE
;
2853 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1
{
2854 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2855 ULONG ParameterControl
;
2857 UNICODE_STRING Password
;
2858 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2859 } MSV1_0_GETCHALLENRESP_REQUEST_V1
, *PMSV1_0_GETCHALLENRESP_REQUEST_V1
;
2861 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST
{
2862 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2863 ULONG ParameterControl
;
2865 UNICODE_STRING Password
;
2866 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2867 UNICODE_STRING UserName
;
2868 UNICODE_STRING LogonDomainName
;
2869 UNICODE_STRING ServerName
;
2870 } MSV1_0_GETCHALLENRESP_REQUEST
, *PMSV1_0_GETCHALLENRESP_REQUEST
;
2872 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE
{
2873 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2874 STRING CaseSensitiveChallengeResponse
;
2875 STRING CaseInsensitiveChallengeResponse
;
2876 UNICODE_STRING UserName
;
2877 UNICODE_STRING LogonDomainName
;
2878 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
2879 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
2880 } MSV1_0_GETCHALLENRESP_RESPONSE
, *PMSV1_0_GETCHALLENRESP_RESPONSE
;
2882 typedef struct _MSV1_0_ENUMUSERS_REQUEST
{
2883 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2884 } MSV1_0_ENUMUSERS_REQUEST
, *PMSV1_0_ENUMUSERS_REQUEST
;
2886 typedef struct _MSV1_0_ENUMUSERS_RESPONSE
{
2887 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2888 ULONG NumberOfLoggedOnUsers
;
2891 } MSV1_0_ENUMUSERS_RESPONSE
, *PMSV1_0_ENUMUSERS_RESPONSE
;
2893 typedef struct _MSV1_0_GETUSERINFO_REQUEST
{
2894 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2896 } MSV1_0_GETUSERINFO_REQUEST
, *PMSV1_0_GETUSERINFO_REQUEST
;
2898 typedef struct _MSV1_0_GETUSERINFO_RESPONSE
{
2899 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
2901 UNICODE_STRING UserName
;
2902 UNICODE_STRING LogonDomainName
;
2903 UNICODE_STRING LogonServer
;
2904 SECURITY_LOGON_TYPE LogonType
;
2905 } MSV1_0_GETUSERINFO_RESPONSE
, *PMSV1_0_GETUSERINFO_RESPONSE
;
2907 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
2908 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
2909 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
2911 /* also in winnt.h */
2912 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
2913 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
2914 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
2915 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
2916 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
2917 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
2918 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
2919 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
2920 #define FILE_NOTIFY_CHANGE_EA 0x00000080
2921 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
2922 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
2923 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
2924 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
2925 #define FILE_NOTIFY_VALID_MASK 0x00000fff
2927 #define FILE_ACTION_ADDED 0x00000001
2928 #define FILE_ACTION_REMOVED 0x00000002
2929 #define FILE_ACTION_MODIFIED 0x00000003
2930 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
2931 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
2932 #define FILE_ACTION_ADDED_STREAM 0x00000006
2933 #define FILE_ACTION_REMOVED_STREAM 0x00000007
2934 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
2935 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
2936 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
2937 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
2940 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
2941 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
2943 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
2944 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
2946 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
2947 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
2948 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
2950 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
2951 #define FILE_PIPE_MESSAGE_MODE 0x00000001
2953 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
2954 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
2956 #define FILE_PIPE_INBOUND 0x00000000
2957 #define FILE_PIPE_OUTBOUND 0x00000001
2958 #define FILE_PIPE_FULL_DUPLEX 0x00000002
2960 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
2961 #define FILE_PIPE_LISTENING_STATE 0x00000002
2962 #define FILE_PIPE_CONNECTED_STATE 0x00000003
2963 #define FILE_PIPE_CLOSING_STATE 0x00000004
2965 #define FILE_PIPE_CLIENT_END 0x00000000
2966 #define FILE_PIPE_SERVER_END 0x00000001
2968 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
2969 #define FILE_CASE_PRESERVED_NAMES 0x00000002
2970 #define FILE_UNICODE_ON_DISK 0x00000004
2971 #define FILE_PERSISTENT_ACLS 0x00000008
2972 #define FILE_FILE_COMPRESSION 0x00000010
2973 #define FILE_VOLUME_QUOTAS 0x00000020
2974 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
2975 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
2976 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
2977 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
2978 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
2979 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
2980 #define FILE_NAMED_STREAMS 0x00040000
2981 #define FILE_READ_ONLY_VOLUME 0x00080000
2982 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
2983 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
2984 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
2985 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
2986 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
2987 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
2989 #define FILE_NEED_EA 0x00000080
2991 #define FILE_EA_TYPE_BINARY 0xfffe
2992 #define FILE_EA_TYPE_ASCII 0xfffd
2993 #define FILE_EA_TYPE_BITMAP 0xfffb
2994 #define FILE_EA_TYPE_METAFILE 0xfffa
2995 #define FILE_EA_TYPE_ICON 0xfff9
2996 #define FILE_EA_TYPE_EA 0xffee
2997 #define FILE_EA_TYPE_MVMT 0xffdf
2998 #define FILE_EA_TYPE_MVST 0xffde
2999 #define FILE_EA_TYPE_ASN1 0xffdd
3000 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3002 typedef struct _FILE_NOTIFY_INFORMATION
{
3003 ULONG NextEntryOffset
;
3005 ULONG FileNameLength
;
3007 } FILE_NOTIFY_INFORMATION
, *PFILE_NOTIFY_INFORMATION
;
3009 typedef struct _FILE_DIRECTORY_INFORMATION
{
3010 ULONG NextEntryOffset
;
3012 LARGE_INTEGER CreationTime
;
3013 LARGE_INTEGER LastAccessTime
;
3014 LARGE_INTEGER LastWriteTime
;
3015 LARGE_INTEGER ChangeTime
;
3016 LARGE_INTEGER EndOfFile
;
3017 LARGE_INTEGER AllocationSize
;
3018 ULONG FileAttributes
;
3019 ULONG FileNameLength
;
3021 } FILE_DIRECTORY_INFORMATION
, *PFILE_DIRECTORY_INFORMATION
;
3023 typedef struct _FILE_FULL_DIR_INFORMATION
{
3024 ULONG NextEntryOffset
;
3026 LARGE_INTEGER CreationTime
;
3027 LARGE_INTEGER LastAccessTime
;
3028 LARGE_INTEGER LastWriteTime
;
3029 LARGE_INTEGER ChangeTime
;
3030 LARGE_INTEGER EndOfFile
;
3031 LARGE_INTEGER AllocationSize
;
3032 ULONG FileAttributes
;
3033 ULONG FileNameLength
;
3036 } FILE_FULL_DIR_INFORMATION
, *PFILE_FULL_DIR_INFORMATION
;
3038 typedef struct _FILE_ID_FULL_DIR_INFORMATION
{
3039 ULONG NextEntryOffset
;
3041 LARGE_INTEGER CreationTime
;
3042 LARGE_INTEGER LastAccessTime
;
3043 LARGE_INTEGER LastWriteTime
;
3044 LARGE_INTEGER ChangeTime
;
3045 LARGE_INTEGER EndOfFile
;
3046 LARGE_INTEGER AllocationSize
;
3047 ULONG FileAttributes
;
3048 ULONG FileNameLength
;
3050 LARGE_INTEGER FileId
;
3052 } FILE_ID_FULL_DIR_INFORMATION
, *PFILE_ID_FULL_DIR_INFORMATION
;
3054 typedef struct _FILE_BOTH_DIR_INFORMATION
{
3055 ULONG NextEntryOffset
;
3057 LARGE_INTEGER CreationTime
;
3058 LARGE_INTEGER LastAccessTime
;
3059 LARGE_INTEGER LastWriteTime
;
3060 LARGE_INTEGER ChangeTime
;
3061 LARGE_INTEGER EndOfFile
;
3062 LARGE_INTEGER AllocationSize
;
3063 ULONG FileAttributes
;
3064 ULONG FileNameLength
;
3066 CCHAR ShortNameLength
;
3067 WCHAR ShortName
[12];
3069 } FILE_BOTH_DIR_INFORMATION
, *PFILE_BOTH_DIR_INFORMATION
;
3071 typedef struct _FILE_ID_BOTH_DIR_INFORMATION
{
3072 ULONG NextEntryOffset
;
3074 LARGE_INTEGER CreationTime
;
3075 LARGE_INTEGER LastAccessTime
;
3076 LARGE_INTEGER LastWriteTime
;
3077 LARGE_INTEGER ChangeTime
;
3078 LARGE_INTEGER EndOfFile
;
3079 LARGE_INTEGER AllocationSize
;
3080 ULONG FileAttributes
;
3081 ULONG FileNameLength
;
3083 CCHAR ShortNameLength
;
3084 WCHAR ShortName
[12];
3085 LARGE_INTEGER FileId
;
3087 } FILE_ID_BOTH_DIR_INFORMATION
, *PFILE_ID_BOTH_DIR_INFORMATION
;
3089 typedef struct _FILE_NAMES_INFORMATION
{
3090 ULONG NextEntryOffset
;
3092 ULONG FileNameLength
;
3094 } FILE_NAMES_INFORMATION
, *PFILE_NAMES_INFORMATION
;
3096 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION
{
3097 ULONG NextEntryOffset
;
3099 LARGE_INTEGER CreationTime
;
3100 LARGE_INTEGER LastAccessTime
;
3101 LARGE_INTEGER LastWriteTime
;
3102 LARGE_INTEGER ChangeTime
;
3103 LARGE_INTEGER EndOfFile
;
3104 LARGE_INTEGER AllocationSize
;
3105 ULONG FileAttributes
;
3106 ULONG FileNameLength
;
3107 LARGE_INTEGER FileId
;
3108 GUID LockingTransactionId
;
3111 } FILE_ID_GLOBAL_TX_DIR_INFORMATION
, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION
;
3113 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3114 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3115 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3117 typedef struct _FILE_OBJECTID_INFORMATION
{
3118 LONGLONG FileReference
;
3120 _ANONYMOUS_UNION
union {
3121 __GNU_EXTENSION
struct {
3122 UCHAR BirthVolumeId
[16];
3123 UCHAR BirthObjectId
[16];
3126 UCHAR ExtendedInfo
[48];
3128 } FILE_OBJECTID_INFORMATION
, *PFILE_OBJECTID_INFORMATION
;
3130 #define ANSI_DOS_STAR ('<')
3131 #define ANSI_DOS_QM ('>')
3132 #define ANSI_DOS_DOT ('"')
3134 #define DOS_STAR (L'<')
3135 #define DOS_QM (L'>')
3136 #define DOS_DOT (L'"')
3138 typedef struct _FILE_INTERNAL_INFORMATION
{
3139 LARGE_INTEGER IndexNumber
;
3140 } FILE_INTERNAL_INFORMATION
, *PFILE_INTERNAL_INFORMATION
;
3142 typedef struct _FILE_EA_INFORMATION
{
3144 } FILE_EA_INFORMATION
, *PFILE_EA_INFORMATION
;
3146 typedef struct _FILE_ACCESS_INFORMATION
{
3147 ACCESS_MASK AccessFlags
;
3148 } FILE_ACCESS_INFORMATION
, *PFILE_ACCESS_INFORMATION
;
3150 typedef struct _FILE_MODE_INFORMATION
{
3152 } FILE_MODE_INFORMATION
, *PFILE_MODE_INFORMATION
;
3154 typedef struct _FILE_ALL_INFORMATION
{
3155 FILE_BASIC_INFORMATION BasicInformation
;
3156 FILE_STANDARD_INFORMATION StandardInformation
;
3157 FILE_INTERNAL_INFORMATION InternalInformation
;
3158 FILE_EA_INFORMATION EaInformation
;
3159 FILE_ACCESS_INFORMATION AccessInformation
;
3160 FILE_POSITION_INFORMATION PositionInformation
;
3161 FILE_MODE_INFORMATION ModeInformation
;
3162 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
3163 FILE_NAME_INFORMATION NameInformation
;
3164 } FILE_ALL_INFORMATION
, *PFILE_ALL_INFORMATION
;
3166 typedef struct _FILE_ALLOCATION_INFORMATION
{
3167 LARGE_INTEGER AllocationSize
;
3168 } FILE_ALLOCATION_INFORMATION
, *PFILE_ALLOCATION_INFORMATION
;
3170 typedef struct _FILE_COMPRESSION_INFORMATION
{
3171 LARGE_INTEGER CompressedFileSize
;
3172 USHORT CompressionFormat
;
3173 UCHAR CompressionUnitShift
;
3177 } FILE_COMPRESSION_INFORMATION
, *PFILE_COMPRESSION_INFORMATION
;
3179 typedef struct _FILE_LINK_INFORMATION
{
3180 BOOLEAN ReplaceIfExists
;
3181 HANDLE RootDirectory
;
3182 ULONG FileNameLength
;
3184 } FILE_LINK_INFORMATION
, *PFILE_LINK_INFORMATION
;
3186 typedef struct _FILE_MOVE_CLUSTER_INFORMATION
{
3188 HANDLE RootDirectory
;
3189 ULONG FileNameLength
;
3191 } FILE_MOVE_CLUSTER_INFORMATION
, *PFILE_MOVE_CLUSTER_INFORMATION
;
3193 typedef struct _FILE_RENAME_INFORMATION
{
3194 BOOLEAN ReplaceIfExists
;
3195 HANDLE RootDirectory
;
3196 ULONG FileNameLength
;
3198 } FILE_RENAME_INFORMATION
, *PFILE_RENAME_INFORMATION
;
3200 typedef struct _FILE_STREAM_INFORMATION
{
3201 ULONG NextEntryOffset
;
3202 ULONG StreamNameLength
;
3203 LARGE_INTEGER StreamSize
;
3204 LARGE_INTEGER StreamAllocationSize
;
3205 WCHAR StreamName
[1];
3206 } FILE_STREAM_INFORMATION
, *PFILE_STREAM_INFORMATION
;
3208 typedef struct _FILE_TRACKING_INFORMATION
{
3209 HANDLE DestinationFile
;
3210 ULONG ObjectInformationLength
;
3211 CHAR ObjectInformation
[1];
3212 } FILE_TRACKING_INFORMATION
, *PFILE_TRACKING_INFORMATION
;
3214 typedef struct _FILE_COMPLETION_INFORMATION
{
3217 } FILE_COMPLETION_INFORMATION
, *PFILE_COMPLETION_INFORMATION
;
3219 typedef struct _FILE_PIPE_INFORMATION
{
3221 ULONG CompletionMode
;
3222 } FILE_PIPE_INFORMATION
, *PFILE_PIPE_INFORMATION
;
3224 typedef struct _FILE_PIPE_LOCAL_INFORMATION
{
3225 ULONG NamedPipeType
;
3226 ULONG NamedPipeConfiguration
;
3227 ULONG MaximumInstances
;
3228 ULONG CurrentInstances
;
3230 ULONG ReadDataAvailable
;
3231 ULONG OutboundQuota
;
3232 ULONG WriteQuotaAvailable
;
3233 ULONG NamedPipeState
;
3235 } FILE_PIPE_LOCAL_INFORMATION
, *PFILE_PIPE_LOCAL_INFORMATION
;
3237 typedef struct _FILE_PIPE_REMOTE_INFORMATION
{
3238 LARGE_INTEGER CollectDataTime
;
3239 ULONG MaximumCollectionCount
;
3240 } FILE_PIPE_REMOTE_INFORMATION
, *PFILE_PIPE_REMOTE_INFORMATION
;
3242 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION
{
3243 ULONG MaximumMessageSize
;
3244 ULONG MailslotQuota
;
3245 ULONG NextMessageSize
;
3246 ULONG MessagesAvailable
;
3247 LARGE_INTEGER ReadTimeout
;
3248 } FILE_MAILSLOT_QUERY_INFORMATION
, *PFILE_MAILSLOT_QUERY_INFORMATION
;
3250 typedef struct _FILE_MAILSLOT_SET_INFORMATION
{
3251 PLARGE_INTEGER ReadTimeout
;
3252 } FILE_MAILSLOT_SET_INFORMATION
, *PFILE_MAILSLOT_SET_INFORMATION
;
3254 typedef struct _FILE_REPARSE_POINT_INFORMATION
{
3255 LONGLONG FileReference
;
3257 } FILE_REPARSE_POINT_INFORMATION
, *PFILE_REPARSE_POINT_INFORMATION
;
3259 typedef struct _FILE_LINK_ENTRY_INFORMATION
{
3260 ULONG NextEntryOffset
;
3261 LONGLONG ParentFileId
;
3262 ULONG FileNameLength
;
3264 } FILE_LINK_ENTRY_INFORMATION
, *PFILE_LINK_ENTRY_INFORMATION
;
3266 typedef struct _FILE_LINKS_INFORMATION
{
3268 ULONG EntriesReturned
;
3269 FILE_LINK_ENTRY_INFORMATION Entry
;
3270 } FILE_LINKS_INFORMATION
, *PFILE_LINKS_INFORMATION
;
3272 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION
{
3273 ULONG FileNameLength
;
3275 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION
, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION
;
3277 typedef struct _FILE_STANDARD_LINK_INFORMATION
{
3278 ULONG NumberOfAccessibleLinks
;
3279 ULONG TotalNumberOfLinks
;
3280 BOOLEAN DeletePending
;
3282 } FILE_STANDARD_LINK_INFORMATION
, *PFILE_STANDARD_LINK_INFORMATION
;
3284 typedef struct _FILE_GET_EA_INFORMATION
{
3285 ULONG NextEntryOffset
;
3288 } FILE_GET_EA_INFORMATION
, *PFILE_GET_EA_INFORMATION
;
3290 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3291 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3293 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION
{
3294 USHORT StructureVersion
;
3295 USHORT StructureSize
;
3297 USHORT ProtocolMajorVersion
;
3298 USHORT ProtocolMinorVersion
;
3299 USHORT ProtocolRevision
;
3307 } ProtocolSpecificReserved
;
3308 } FILE_REMOTE_PROTOCOL_INFORMATION
, *PFILE_REMOTE_PROTOCOL_INFORMATION
;
3310 typedef struct _FILE_GET_QUOTA_INFORMATION
{
3311 ULONG NextEntryOffset
;
3314 } FILE_GET_QUOTA_INFORMATION
, *PFILE_GET_QUOTA_INFORMATION
;
3316 typedef struct _FILE_QUOTA_INFORMATION
{
3317 ULONG NextEntryOffset
;
3319 LARGE_INTEGER ChangeTime
;
3320 LARGE_INTEGER QuotaUsed
;
3321 LARGE_INTEGER QuotaThreshold
;
3322 LARGE_INTEGER QuotaLimit
;
3324 } FILE_QUOTA_INFORMATION
, *PFILE_QUOTA_INFORMATION
;
3326 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION
{
3327 ULONG FileSystemAttributes
;
3328 ULONG MaximumComponentNameLength
;
3329 ULONG FileSystemNameLength
;
3330 WCHAR FileSystemName
[1];
3331 } FILE_FS_ATTRIBUTE_INFORMATION
, *PFILE_FS_ATTRIBUTE_INFORMATION
;
3333 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION
{
3334 BOOLEAN DriverInPath
;
3335 ULONG DriverNameLength
;
3336 WCHAR DriverName
[1];
3337 } FILE_FS_DRIVER_PATH_INFORMATION
, *PFILE_FS_DRIVER_PATH_INFORMATION
;
3339 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION
{
3341 } FILE_FS_VOLUME_FLAGS_INFORMATION
, *PFILE_FS_VOLUME_FLAGS_INFORMATION
;
3343 #define FILE_VC_QUOTA_NONE 0x00000000
3344 #define FILE_VC_QUOTA_TRACK 0x00000001
3345 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3346 #define FILE_VC_QUOTA_MASK 0x00000003
3347 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3348 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3349 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3350 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3351 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3352 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3353 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3354 #define FILE_VC_VALID_MASK 0x000003ff
3356 typedef struct _FILE_FS_CONTROL_INFORMATION
{
3357 LARGE_INTEGER FreeSpaceStartFiltering
;
3358 LARGE_INTEGER FreeSpaceThreshold
;
3359 LARGE_INTEGER FreeSpaceStopFiltering
;
3360 LARGE_INTEGER DefaultQuotaThreshold
;
3361 LARGE_INTEGER DefaultQuotaLimit
;
3362 ULONG FileSystemControlFlags
;
3363 } FILE_FS_CONTROL_INFORMATION
, *PFILE_FS_CONTROL_INFORMATION
;
3365 #ifndef _FILESYSTEMFSCTL_
3366 #define _FILESYSTEMFSCTL_
3368 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3369 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3370 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3371 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3372 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3373 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3374 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3375 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3376 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3377 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3378 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3379 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3380 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3381 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3382 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3383 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3385 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3386 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3387 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3388 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3389 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3391 #if (_WIN32_WINNT >= 0x0400)
3393 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3394 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3395 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3396 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3397 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
3398 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3399 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3403 #if (_WIN32_WINNT >= 0x0500)
3405 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3406 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
3407 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3408 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
3409 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
3410 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3411 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
3412 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
3413 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3414 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
3415 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
3416 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3417 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
3418 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3419 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3420 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3421 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
3422 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3423 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
3424 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
3425 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
3426 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
3427 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
3428 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3429 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3430 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3431 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3432 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3433 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3434 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3435 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3436 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3440 #if (_WIN32_WINNT >= 0x0600)
3442 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3443 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3444 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3445 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3446 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3447 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3448 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3449 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3450 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3451 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3452 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3453 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3454 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3455 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3456 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3457 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3458 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3459 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3460 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3461 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3462 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3463 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3464 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3465 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3466 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3467 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3468 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3469 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3471 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3472 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3473 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3474 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3475 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3476 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3480 #if (_WIN32_WINNT >= 0x0601)
3482 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3483 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3484 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3485 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3486 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3487 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3488 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3489 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3490 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3492 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3494 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3495 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3497 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3498 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3499 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3500 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3501 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3503 typedef struct _CSV_NAMESPACE_INFO
{
3506 LARGE_INTEGER StartingOffset
;
3508 } CSV_NAMESPACE_INFO
, *PCSV_NAMESPACE_INFO
;
3510 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3511 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3515 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3517 typedef struct _PATHNAME_BUFFER
{
3518 ULONG PathNameLength
;
3520 } PATHNAME_BUFFER
, *PPATHNAME_BUFFER
;
3522 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER
{
3523 UCHAR First0x24BytesOfBootSector
[0x24];
3524 } FSCTL_QUERY_FAT_BPB_BUFFER
, *PFSCTL_QUERY_FAT_BPB_BUFFER
;
3526 #if (_WIN32_WINNT >= 0x0400)
3528 typedef struct _NTFS_VOLUME_DATA_BUFFER
{
3529 LARGE_INTEGER VolumeSerialNumber
;
3530 LARGE_INTEGER NumberSectors
;
3531 LARGE_INTEGER TotalClusters
;
3532 LARGE_INTEGER FreeClusters
;
3533 LARGE_INTEGER TotalReserved
;
3534 ULONG BytesPerSector
;
3535 ULONG BytesPerCluster
;
3536 ULONG BytesPerFileRecordSegment
;
3537 ULONG ClustersPerFileRecordSegment
;
3538 LARGE_INTEGER MftValidDataLength
;
3539 LARGE_INTEGER MftStartLcn
;
3540 LARGE_INTEGER Mft2StartLcn
;
3541 LARGE_INTEGER MftZoneStart
;
3542 LARGE_INTEGER MftZoneEnd
;
3543 } NTFS_VOLUME_DATA_BUFFER
, *PNTFS_VOLUME_DATA_BUFFER
;
3545 typedef struct _NTFS_EXTENDED_VOLUME_DATA
{
3547 USHORT MajorVersion
;
3548 USHORT MinorVersion
;
3549 } NTFS_EXTENDED_VOLUME_DATA
, *PNTFS_EXTENDED_VOLUME_DATA
;
3551 typedef struct _STARTING_LCN_INPUT_BUFFER
{
3552 LARGE_INTEGER StartingLcn
;
3553 } STARTING_LCN_INPUT_BUFFER
, *PSTARTING_LCN_INPUT_BUFFER
;
3555 typedef struct _VOLUME_BITMAP_BUFFER
{
3556 LARGE_INTEGER StartingLcn
;
3557 LARGE_INTEGER BitmapSize
;
3559 } VOLUME_BITMAP_BUFFER
, *PVOLUME_BITMAP_BUFFER
;
3561 typedef struct _STARTING_VCN_INPUT_BUFFER
{
3562 LARGE_INTEGER StartingVcn
;
3563 } STARTING_VCN_INPUT_BUFFER
, *PSTARTING_VCN_INPUT_BUFFER
;
3565 typedef struct _RETRIEVAL_POINTERS_BUFFER
{
3567 LARGE_INTEGER StartingVcn
;
3569 LARGE_INTEGER NextVcn
;
3572 } RETRIEVAL_POINTERS_BUFFER
, *PRETRIEVAL_POINTERS_BUFFER
;
3574 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER
{
3575 LARGE_INTEGER FileReferenceNumber
;
3576 } NTFS_FILE_RECORD_INPUT_BUFFER
, *PNTFS_FILE_RECORD_INPUT_BUFFER
;
3578 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER
{
3579 LARGE_INTEGER FileReferenceNumber
;
3580 ULONG FileRecordLength
;
3581 UCHAR FileRecordBuffer
[1];
3582 } NTFS_FILE_RECORD_OUTPUT_BUFFER
, *PNTFS_FILE_RECORD_OUTPUT_BUFFER
;
3584 typedef struct _MOVE_FILE_DATA
{
3586 LARGE_INTEGER StartingVcn
;
3587 LARGE_INTEGER StartingLcn
;
3589 } MOVE_FILE_DATA
, *PMOVE_FILE_DATA
;
3591 typedef struct _MOVE_FILE_RECORD_DATA
{
3593 LARGE_INTEGER SourceFileRecord
;
3594 LARGE_INTEGER TargetFileRecord
;
3595 } MOVE_FILE_RECORD_DATA
, *PMOVE_FILE_RECORD_DATA
;
3598 typedef struct _MOVE_FILE_DATA32
{
3600 LARGE_INTEGER StartingVcn
;
3601 LARGE_INTEGER StartingLcn
;
3603 } MOVE_FILE_DATA32
, *PMOVE_FILE_DATA32
;
3606 #endif /* (_WIN32_WINNT >= 0x0400) */
3608 #if (_WIN32_WINNT >= 0x0500)
3610 typedef struct _FIND_BY_SID_DATA
{
3613 } FIND_BY_SID_DATA
, *PFIND_BY_SID_DATA
;
3615 typedef struct _FIND_BY_SID_OUTPUT
{
3616 ULONG NextEntryOffset
;
3618 ULONG FileNameLength
;
3620 } FIND_BY_SID_OUTPUT
, *PFIND_BY_SID_OUTPUT
;
3622 typedef struct _MFT_ENUM_DATA
{
3623 ULONGLONG StartFileReferenceNumber
;
3626 } MFT_ENUM_DATA
, *PMFT_ENUM_DATA
;
3628 typedef struct _CREATE_USN_JOURNAL_DATA
{
3629 ULONGLONG MaximumSize
;
3630 ULONGLONG AllocationDelta
;
3631 } CREATE_USN_JOURNAL_DATA
, *PCREATE_USN_JOURNAL_DATA
;
3633 typedef struct _READ_USN_JOURNAL_DATA
{
3636 ULONG ReturnOnlyOnClose
;
3638 ULONGLONG BytesToWaitFor
;
3639 ULONGLONG UsnJournalID
;
3640 } READ_USN_JOURNAL_DATA
, *PREAD_USN_JOURNAL_DATA
;
3642 typedef struct _USN_RECORD
{
3644 USHORT MajorVersion
;
3645 USHORT MinorVersion
;
3646 ULONGLONG FileReferenceNumber
;
3647 ULONGLONG ParentFileReferenceNumber
;
3649 LARGE_INTEGER TimeStamp
;
3653 ULONG FileAttributes
;
3654 USHORT FileNameLength
;
3655 USHORT FileNameOffset
;
3657 } USN_RECORD
, *PUSN_RECORD
;
3659 #define USN_PAGE_SIZE (0x1000)
3661 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3662 #define USN_REASON_DATA_EXTEND (0x00000002)
3663 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3664 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3665 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3666 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3667 #define USN_REASON_FILE_CREATE (0x00000100)
3668 #define USN_REASON_FILE_DELETE (0x00000200)
3669 #define USN_REASON_EA_CHANGE (0x00000400)
3670 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3671 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3672 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3673 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3674 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3675 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3676 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3677 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3678 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3679 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3680 #define USN_REASON_STREAM_CHANGE (0x00200000)
3681 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3682 #define USN_REASON_CLOSE (0x80000000)
3684 typedef struct _USN_JOURNAL_DATA
{
3685 ULONGLONG UsnJournalID
;
3690 ULONGLONG MaximumSize
;
3691 ULONGLONG AllocationDelta
;
3692 } USN_JOURNAL_DATA
, *PUSN_JOURNAL_DATA
;
3694 typedef struct _DELETE_USN_JOURNAL_DATA
{
3695 ULONGLONG UsnJournalID
;
3697 } DELETE_USN_JOURNAL_DATA
, *PDELETE_USN_JOURNAL_DATA
;
3699 #define USN_DELETE_FLAG_DELETE (0x00000001)
3700 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3701 #define USN_DELETE_VALID_FLAGS (0x00000003)
3703 typedef struct _MARK_HANDLE_INFO
{
3704 ULONG UsnSourceInfo
;
3705 HANDLE VolumeHandle
;
3707 } MARK_HANDLE_INFO
, *PMARK_HANDLE_INFO
;
3710 typedef struct _MARK_HANDLE_INFO32
{
3711 ULONG UsnSourceInfo
;
3712 UINT32 VolumeHandle
;
3714 } MARK_HANDLE_INFO32
, *PMARK_HANDLE_INFO32
;
3717 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3718 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3719 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3721 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3722 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3723 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3725 typedef struct _BULK_SECURITY_TEST_DATA
{
3726 ACCESS_MASK DesiredAccess
;
3727 ULONG SecurityIds
[1];
3728 } BULK_SECURITY_TEST_DATA
, *PBULK_SECURITY_TEST_DATA
;
3730 #define VOLUME_IS_DIRTY (0x00000001)
3731 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3732 #define VOLUME_SESSION_OPEN (0x00000004)
3734 typedef struct _FILE_PREFETCH
{
3737 ULONGLONG Prefetch
[1];
3738 } FILE_PREFETCH
, *PFILE_PREFETCH
;
3740 typedef struct _FILE_PREFETCH_EX
{
3744 ULONGLONG Prefetch
[1];
3745 } FILE_PREFETCH_EX
, *PFILE_PREFETCH_EX
;
3747 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3748 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3749 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3750 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3752 #define FILE_PREFETCH_TYPE_MAX 0x4
3754 typedef struct _FILE_OBJECTID_BUFFER
{
3758 UCHAR BirthVolumeId
[16];
3759 UCHAR BirthObjectId
[16];
3762 UCHAR ExtendedInfo
[48];
3764 } FILE_OBJECTID_BUFFER
, *PFILE_OBJECTID_BUFFER
;
3766 typedef struct _FILE_SET_SPARSE_BUFFER
{
3768 } FILE_SET_SPARSE_BUFFER
, *PFILE_SET_SPARSE_BUFFER
;
3770 typedef struct _FILE_ZERO_DATA_INFORMATION
{
3771 LARGE_INTEGER FileOffset
;
3772 LARGE_INTEGER BeyondFinalZero
;
3773 } FILE_ZERO_DATA_INFORMATION
, *PFILE_ZERO_DATA_INFORMATION
;
3775 typedef struct _FILE_ALLOCATED_RANGE_BUFFER
{
3776 LARGE_INTEGER FileOffset
;
3777 LARGE_INTEGER Length
;
3778 } FILE_ALLOCATED_RANGE_BUFFER
, *PFILE_ALLOCATED_RANGE_BUFFER
;
3780 typedef struct _ENCRYPTION_BUFFER
{
3781 ULONG EncryptionOperation
;
3783 } ENCRYPTION_BUFFER
, *PENCRYPTION_BUFFER
;
3785 #define FILE_SET_ENCRYPTION 0x00000001
3786 #define FILE_CLEAR_ENCRYPTION 0x00000002
3787 #define STREAM_SET_ENCRYPTION 0x00000003
3788 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3790 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3792 typedef struct _DECRYPTION_STATUS_BUFFER
{
3793 BOOLEAN NoEncryptedStreams
;
3794 } DECRYPTION_STATUS_BUFFER
, *PDECRYPTION_STATUS_BUFFER
;
3796 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3798 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3800 typedef struct _REQUEST_RAW_ENCRYPTED_DATA
{
3801 LONGLONG FileOffset
;
3803 } REQUEST_RAW_ENCRYPTED_DATA
, *PREQUEST_RAW_ENCRYPTED_DATA
;
3805 typedef struct _ENCRYPTED_DATA_INFO
{
3806 ULONGLONG StartingFileOffset
;
3807 ULONG OutputBufferOffset
;
3808 ULONG BytesWithinFileSize
;
3809 ULONG BytesWithinValidDataLength
;
3810 USHORT CompressionFormat
;
3811 UCHAR DataUnitShift
;
3814 UCHAR EncryptionFormat
;
3815 USHORT NumberOfDataBlocks
;
3816 ULONG DataBlockSize
[ANYSIZE_ARRAY
];
3817 } ENCRYPTED_DATA_INFO
, *PENCRYPTED_DATA_INFO
;
3819 typedef struct _PLEX_READ_DATA_REQUEST
{
3820 LARGE_INTEGER ByteOffset
;
3823 } PLEX_READ_DATA_REQUEST
, *PPLEX_READ_DATA_REQUEST
;
3825 typedef struct _SI_COPYFILE
{
3826 ULONG SourceFileNameLength
;
3827 ULONG DestinationFileNameLength
;
3829 WCHAR FileNameBuffer
[1];
3830 } SI_COPYFILE
, *PSI_COPYFILE
;
3832 #define COPYFILE_SIS_LINK 0x0001
3833 #define COPYFILE_SIS_REPLACE 0x0002
3834 #define COPYFILE_SIS_FLAGS 0x0003
3836 #endif /* (_WIN32_WINNT >= 0x0500) */
3838 #if (_WIN32_WINNT >= 0x0600)
3840 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER
{
3842 } FILE_MAKE_COMPATIBLE_BUFFER
, *PFILE_MAKE_COMPATIBLE_BUFFER
;
3844 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER
{
3846 } FILE_SET_DEFECT_MGMT_BUFFER
, *PFILE_SET_DEFECT_MGMT_BUFFER
;
3848 typedef struct _FILE_QUERY_SPARING_BUFFER
{
3849 ULONG SparingUnitBytes
;
3850 BOOLEAN SoftwareSparing
;
3851 ULONG TotalSpareBlocks
;
3852 ULONG FreeSpareBlocks
;
3853 } FILE_QUERY_SPARING_BUFFER
, *PFILE_QUERY_SPARING_BUFFER
;
3855 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
{
3856 LARGE_INTEGER DirectoryCount
;
3857 LARGE_INTEGER FileCount
;
3858 USHORT FsFormatMajVersion
;
3859 USHORT FsFormatMinVersion
;
3860 WCHAR FsFormatName
[12];
3861 LARGE_INTEGER FormatTime
;
3862 LARGE_INTEGER LastUpdateTime
;
3863 WCHAR CopyrightInfo
[34];
3864 WCHAR AbstractInfo
[34];
3865 WCHAR FormattingImplementationInfo
[34];
3866 WCHAR LastModifyingImplementationInfo
[34];
3867 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER
;
3869 #define SET_REPAIR_ENABLED (0x00000001)
3870 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
3871 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
3872 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
3873 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
3874 #define SET_REPAIR_VALID_MASK (0x0000001F)
3876 typedef enum _SHRINK_VOLUME_REQUEST_TYPES
{
3880 } SHRINK_VOLUME_REQUEST_TYPES
, *PSHRINK_VOLUME_REQUEST_TYPES
;
3882 typedef struct _SHRINK_VOLUME_INFORMATION
{
3883 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType
;
3885 LONGLONG NewNumberOfSectors
;
3886 } SHRINK_VOLUME_INFORMATION
, *PSHRINK_VOLUME_INFORMATION
;
3888 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
3889 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
3890 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
3891 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
3892 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
3893 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
3894 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
3895 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
3896 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
3897 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
3898 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
3899 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
3900 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
3901 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
3902 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
3903 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
3904 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
3906 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
3907 #define TXFS_LOGGING_MODE_FULL (0x0002)
3909 #define TXFS_TRANSACTION_STATE_NONE 0x00
3910 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
3911 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
3912 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
3914 #define TXFS_MODIFY_RM_VALID_FLAGS \
3915 (TXFS_RM_FLAG_LOGGING_MODE | \
3916 TXFS_RM_FLAG_RENAME_RM | \
3917 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
3918 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
3919 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
3920 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
3921 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
3922 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
3923 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
3924 TXFS_RM_FLAG_SHRINK_LOG | \
3925 TXFS_RM_FLAG_GROW_LOG | \
3926 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
3927 TXFS_RM_FLAG_PRESERVE_CHANGES | \
3928 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
3929 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
3930 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
3931 TXFS_RM_FLAG_PREFER_AVAILABILITY)
3933 typedef struct _TXFS_MODIFY_RM
{
3935 ULONG LogContainerCountMax
;
3936 ULONG LogContainerCountMin
;
3937 ULONG LogContainerCount
;
3938 ULONG LogGrowthIncrement
;
3939 ULONG LogAutoShrinkPercentage
;
3942 } TXFS_MODIFY_RM
, *PTXFS_MODIFY_RM
;
3944 #define TXFS_RM_STATE_NOT_STARTED 0
3945 #define TXFS_RM_STATE_STARTING 1
3946 #define TXFS_RM_STATE_ACTIVE 2
3947 #define TXFS_RM_STATE_SHUTTING_DOWN 3
3949 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
3950 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
3951 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
3952 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
3953 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
3954 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
3955 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
3956 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
3957 TXFS_RM_FLAG_PREFER_AVAILABILITY)
3959 typedef struct _TXFS_QUERY_RM_INFORMATION
{
3960 ULONG BytesRequired
;
3962 ULONGLONG CurrentLsn
;
3963 ULONGLONG ArchiveTailLsn
;
3964 ULONGLONG LogContainerSize
;
3965 LARGE_INTEGER HighestVirtualClock
;
3966 ULONG LogContainerCount
;
3967 ULONG LogContainerCountMax
;
3968 ULONG LogContainerCountMin
;
3969 ULONG LogGrowthIncrement
;
3970 ULONG LogAutoShrinkPercentage
;
3975 ULONGLONG LogCapacity
;
3979 ULONGLONG TransactionCount
;
3980 ULONGLONG OnePCCount
;
3981 ULONGLONG TwoPCCount
;
3982 ULONGLONG NumberLogFileFull
;
3983 ULONGLONG OldestTransactionAge
;
3985 ULONG TmLogPathOffset
;
3986 } TXFS_QUERY_RM_INFORMATION
, *PTXFS_QUERY_RM_INFORMATION
;
3988 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
3989 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
3991 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
3992 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
3993 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
3995 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION
{
3996 LARGE_INTEGER LastVirtualClock
;
3997 ULONGLONG LastRedoLsn
;
3998 ULONGLONG HighestRecoveryLsn
;
4000 } TXFS_ROLLFORWARD_REDO_INFORMATION
, *PTXFS_ROLLFORWARD_REDO_INFORMATION
;
4002 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4003 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4004 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4005 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4006 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4007 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4008 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4009 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4011 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4012 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4013 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4015 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4016 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4018 #define TXFS_START_RM_VALID_FLAGS \
4019 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4020 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4021 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4022 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4023 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4024 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4025 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4026 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4027 TXFS_START_RM_FLAG_LOGGING_MODE | \
4028 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4029 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4030 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4032 typedef struct _TXFS_START_RM_INFORMATION
{
4034 ULONGLONG LogContainerSize
;
4035 ULONG LogContainerCountMin
;
4036 ULONG LogContainerCountMax
;
4037 ULONG LogGrowthIncrement
;
4038 ULONG LogAutoShrinkPercentage
;
4039 ULONG TmLogPathOffset
;
4040 USHORT TmLogPathLength
;
4042 USHORT LogPathLength
;
4045 } TXFS_START_RM_INFORMATION
, *PTXFS_START_RM_INFORMATION
;
4047 typedef struct _TXFS_GET_METADATA_INFO_OUT
{
4052 GUID LockingTransaction
;
4054 ULONG TransactionState
;
4055 } TXFS_GET_METADATA_INFO_OUT
, *PTXFS_GET_METADATA_INFO_OUT
;
4057 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4058 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4060 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
{
4068 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
;
4070 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES
{
4071 GUID KtmTransaction
;
4072 ULONGLONG NumberOfFiles
;
4073 ULONGLONG BufferSizeRequired
;
4075 } TXFS_LIST_TRANSACTION_LOCKED_FILES
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES
;
4077 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY
{
4079 ULONG TransactionState
;
4083 } TXFS_LIST_TRANSACTIONS_ENTRY
, *PTXFS_LIST_TRANSACTIONS_ENTRY
;
4085 typedef struct _TXFS_LIST_TRANSACTIONS
{
4086 ULONGLONG NumberOfTransactions
;
4087 ULONGLONG BufferSizeRequired
;
4088 } TXFS_LIST_TRANSACTIONS
, *PTXFS_LIST_TRANSACTIONS
;
4090 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT
{
4095 } TXFS_READ_BACKUP_INFORMATION_OUT
, *PTXFS_READ_BACKUP_INFORMATION_OUT
;
4097 typedef struct _TXFS_WRITE_BACKUP_INFORMATION
{
4099 } TXFS_WRITE_BACKUP_INFORMATION
, *PTXFS_WRITE_BACKUP_INFORMATION
;
4101 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4102 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4104 typedef struct _TXFS_GET_TRANSACTED_VERSION
{
4105 ULONG ThisBaseVersion
;
4106 ULONG LatestVersion
;
4107 USHORT ThisMiniVersion
;
4108 USHORT FirstMiniVersion
;
4109 USHORT LatestMiniVersion
;
4110 } TXFS_GET_TRANSACTED_VERSION
, *PTXFS_GET_TRANSACTED_VERSION
;
4112 #define TXFS_SAVEPOINT_SET 0x00000001
4113 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4114 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4115 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4117 typedef struct _TXFS_SAVEPOINT_INFORMATION
{
4118 HANDLE KtmTransaction
;
4121 } TXFS_SAVEPOINT_INFORMATION
, *PTXFS_SAVEPOINT_INFORMATION
;
4123 typedef struct _TXFS_CREATE_MINIVERSION_INFO
{
4124 USHORT StructureVersion
;
4125 USHORT StructureLength
;
4128 } TXFS_CREATE_MINIVERSION_INFO
, *PTXFS_CREATE_MINIVERSION_INFO
;
4130 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO
{
4131 BOOLEAN TransactionsActiveAtSnapshot
;
4132 } TXFS_TRANSACTION_ACTIVE_INFO
, *PTXFS_TRANSACTION_ACTIVE_INFO
;
4134 #endif /* (_WIN32_WINNT >= 0x0600) */
4136 #if (_WIN32_WINNT >= 0x0601)
4138 #define MARK_HANDLE_REALTIME (0x00000020)
4139 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4141 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4142 #define REMOVED_8DOT3_NAME (0x00000002)
4144 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4146 typedef struct _BOOT_AREA_INFO
{
4147 ULONG BootSectorCount
;
4149 LARGE_INTEGER Offset
;
4151 } BOOT_AREA_INFO
, *PBOOT_AREA_INFO
;
4153 typedef struct _RETRIEVAL_POINTER_BASE
{
4154 LARGE_INTEGER FileAreaOffset
;
4155 } RETRIEVAL_POINTER_BASE
, *PRETRIEVAL_POINTER_BASE
;
4157 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION
{
4162 } FILE_FS_PERSISTENT_VOLUME_INFORMATION
, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION
;
4164 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION
{
4166 } FILE_SYSTEM_RECOGNITION_INFORMATION
, *PFILE_SYSTEM_RECOGNITION_INFORMATION
;
4168 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4169 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4170 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4172 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4173 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4174 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4176 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4178 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER
{
4179 USHORT StructureVersion
;
4180 USHORT StructureLength
;
4181 ULONG RequestedOplockLevel
;
4183 } REQUEST_OPLOCK_INPUT_BUFFER
, *PREQUEST_OPLOCK_INPUT_BUFFER
;
4185 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4186 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4188 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER
{
4189 USHORT StructureVersion
;
4190 USHORT StructureLength
;
4191 ULONG OriginalOplockLevel
;
4192 ULONG NewOplockLevel
;
4194 ACCESS_MASK AccessMode
;
4196 } REQUEST_OPLOCK_OUTPUT_BUFFER
, *PREQUEST_OPLOCK_OUTPUT_BUFFER
;
4198 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4200 typedef struct _SD_CHANGE_MACHINE_SID_INPUT
{
4201 USHORT CurrentMachineSIDOffset
;
4202 USHORT CurrentMachineSIDLength
;
4203 USHORT NewMachineSIDOffset
;
4204 USHORT NewMachineSIDLength
;
4205 } SD_CHANGE_MACHINE_SID_INPUT
, *PSD_CHANGE_MACHINE_SID_INPUT
;
4207 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT
{
4208 ULONGLONG NumSDChangedSuccess
;
4209 ULONGLONG NumSDChangedFail
;
4210 ULONGLONG NumSDUnused
;
4211 ULONGLONG NumSDTotal
;
4212 ULONGLONG NumMftSDChangedSuccess
;
4213 ULONGLONG NumMftSDChangedFail
;
4214 ULONGLONG NumMftSDTotal
;
4215 } SD_CHANGE_MACHINE_SID_OUTPUT
, *PSD_CHANGE_MACHINE_SID_OUTPUT
;
4217 typedef struct _SD_GLOBAL_CHANGE_INPUT
{
4221 SD_CHANGE_MACHINE_SID_INPUT SdChange
;
4223 } SD_GLOBAL_CHANGE_INPUT
, *PSD_GLOBAL_CHANGE_INPUT
;
4225 typedef struct _SD_GLOBAL_CHANGE_OUTPUT
{
4229 SD_CHANGE_MACHINE_SID_OUTPUT SdChange
;
4231 } SD_GLOBAL_CHANGE_OUTPUT
, *PSD_GLOBAL_CHANGE_OUTPUT
;
4233 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4235 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO
{
4240 } EXTENDED_ENCRYPTED_DATA_INFO
, *PEXTENDED_ENCRYPTED_DATA_INFO
;
4242 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT
{
4244 ULONG NumberOfClusters
;
4245 LARGE_INTEGER Cluster
[1];
4246 } LOOKUP_STREAM_FROM_CLUSTER_INPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT
;
4248 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
{
4250 ULONG NumberOfMatches
;
4251 ULONG BufferSizeRequired
;
4252 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT
;
4254 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4255 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4256 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4257 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008
4259 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK 0xff000000
4260 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA 0x01000000
4261 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX 0x02000000
4262 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM 0x03000000
4264 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY
{
4267 LARGE_INTEGER Reserved
;
4268 LARGE_INTEGER Cluster
;
4270 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY
, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY
;
4272 typedef struct _FILE_TYPE_NOTIFICATION_INPUT
{
4274 ULONG NumFileTypeIDs
;
4276 } FILE_TYPE_NOTIFICATION_INPUT
, *PFILE_TYPE_NOTIFICATION_INPUT
;
4278 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN 0x00000001
4279 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END 0x00000002
4281 DEFINE_GUID( FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE
, 0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c );
4282 DEFINE_GUID( FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE
, 0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7 );
4283 DEFINE_GUID( FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE
, 0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9 );
4285 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
4286 #define _VIRTUAL_STORAGE_TYPE_DEFINED
4287 typedef struct _VIRTUAL_STORAGE_TYPE
{
4290 } VIRTUAL_STORAGE_TYPE
, *PVIRTUAL_STORAGE_TYPE
;
4293 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
{
4296 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
;
4298 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES 0x1
4299 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES 0x2
4301 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
{
4303 ULONG DependencyTypeFlags
;
4304 ULONG ProviderSpecificFlags
;
4305 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4306 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
;
4308 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
{
4310 ULONG DependencyTypeFlags
;
4311 ULONG ProviderSpecificFlags
;
4312 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4313 ULONG AncestorLevel
;
4314 ULONG HostVolumeNameOffset
;
4315 ULONG HostVolumeNameSize
;
4316 ULONG DependentVolumeNameOffset
;
4317 ULONG DependentVolumeNameSize
;
4318 ULONG RelativePathOffset
;
4319 ULONG RelativePathSize
;
4320 ULONG DependentDeviceNameOffset
;
4321 ULONG DependentDeviceNameSize
;
4322 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
;
4324 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
{
4325 ULONG ResponseLevel
;
4326 ULONG NumberEntries
;
4328 STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends
[];
4329 STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends
[];
4331 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
;
4333 #endif /* (_WIN32_WINNT >= 0x0601) */
4335 typedef struct _FILESYSTEM_STATISTICS
{
4336 USHORT FileSystemType
;
4338 ULONG SizeOfCompleteStructure
;
4339 ULONG UserFileReads
;
4340 ULONG UserFileReadBytes
;
4341 ULONG UserDiskReads
;
4342 ULONG UserFileWrites
;
4343 ULONG UserFileWriteBytes
;
4344 ULONG UserDiskWrites
;
4345 ULONG MetaDataReads
;
4346 ULONG MetaDataReadBytes
;
4347 ULONG MetaDataDiskReads
;
4348 ULONG MetaDataWrites
;
4349 ULONG MetaDataWriteBytes
;
4350 ULONG MetaDataDiskWrites
;
4351 } FILESYSTEM_STATISTICS
, *PFILESYSTEM_STATISTICS
;
4353 #define FILESYSTEM_STATISTICS_TYPE_NTFS 1
4354 #define FILESYSTEM_STATISTICS_TYPE_FAT 2
4355 #define FILESYSTEM_STATISTICS_TYPE_EXFAT 3
4357 typedef struct _FAT_STATISTICS
{
4359 ULONG SuccessfulCreates
;
4360 ULONG FailedCreates
;
4361 ULONG NonCachedReads
;
4362 ULONG NonCachedReadBytes
;
4363 ULONG NonCachedWrites
;
4364 ULONG NonCachedWriteBytes
;
4365 ULONG NonCachedDiskReads
;
4366 ULONG NonCachedDiskWrites
;
4367 } FAT_STATISTICS
, *PFAT_STATISTICS
;
4369 typedef struct _EXFAT_STATISTICS
{
4371 ULONG SuccessfulCreates
;
4372 ULONG FailedCreates
;
4373 ULONG NonCachedReads
;
4374 ULONG NonCachedReadBytes
;
4375 ULONG NonCachedWrites
;
4376 ULONG NonCachedWriteBytes
;
4377 ULONG NonCachedDiskReads
;
4378 ULONG NonCachedDiskWrites
;
4379 } EXFAT_STATISTICS
, *PEXFAT_STATISTICS
;
4381 typedef struct _NTFS_STATISTICS
{
4382 ULONG LogFileFullExceptions
;
4383 ULONG OtherExceptions
;
4387 ULONG MftWriteBytes
;
4393 } MftWritesUserLevel
;
4394 USHORT MftWritesFlushForLogFileFull
;
4395 USHORT MftWritesLazyWriter
;
4396 USHORT MftWritesUserRequest
;
4398 ULONG Mft2WriteBytes
;
4404 } Mft2WritesUserLevel
;
4405 USHORT Mft2WritesFlushForLogFileFull
;
4406 USHORT Mft2WritesLazyWriter
;
4407 USHORT Mft2WritesUserRequest
;
4408 ULONG RootIndexReads
;
4409 ULONG RootIndexReadBytes
;
4410 ULONG RootIndexWrites
;
4411 ULONG RootIndexWriteBytes
;
4413 ULONG BitmapReadBytes
;
4415 ULONG BitmapWriteBytes
;
4416 USHORT BitmapWritesFlushForLogFileFull
;
4417 USHORT BitmapWritesLazyWriter
;
4418 USHORT BitmapWritesUserRequest
;
4423 } BitmapWritesUserLevel
;
4424 ULONG MftBitmapReads
;
4425 ULONG MftBitmapReadBytes
;
4426 ULONG MftBitmapWrites
;
4427 ULONG MftBitmapWriteBytes
;
4428 USHORT MftBitmapWritesFlushForLogFileFull
;
4429 USHORT MftBitmapWritesLazyWriter
;
4430 USHORT MftBitmapWritesUserRequest
;
4436 } MftBitmapWritesUserLevel
;
4437 ULONG UserIndexReads
;
4438 ULONG UserIndexReadBytes
;
4439 ULONG UserIndexWrites
;
4440 ULONG UserIndexWriteBytes
;
4442 ULONG LogFileReadBytes
;
4443 ULONG LogFileWrites
;
4444 ULONG LogFileWriteBytes
;
4451 ULONG HintsClusters
;
4453 ULONG CacheClusters
;
4455 ULONG CacheMissClusters
;
4457 } NTFS_STATISTICS
, *PNTFS_STATISTICS
;
4459 #endif // _FILESYSTEMFSCTL_
4461 #define SYMLINK_FLAG_RELATIVE 1
4463 typedef struct _REPARSE_DATA_BUFFER
{
4465 USHORT ReparseDataLength
;
4467 __GNU_EXTENSION
union {
4469 USHORT SubstituteNameOffset
;
4470 USHORT SubstituteNameLength
;
4471 USHORT PrintNameOffset
;
4472 USHORT PrintNameLength
;
4474 WCHAR PathBuffer
[1];
4475 } SymbolicLinkReparseBuffer
;
4477 USHORT SubstituteNameOffset
;
4478 USHORT SubstituteNameLength
;
4479 USHORT PrintNameOffset
;
4480 USHORT PrintNameLength
;
4481 WCHAR PathBuffer
[1];
4482 } MountPointReparseBuffer
;
4484 UCHAR DataBuffer
[1];
4485 } GenericReparseBuffer
;
4487 } REPARSE_DATA_BUFFER
, *PREPARSE_DATA_BUFFER
;
4489 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
4491 typedef struct _REPARSE_GUID_DATA_BUFFER
{
4493 USHORT ReparseDataLength
;
4497 UCHAR DataBuffer
[1];
4498 } GenericReparseBuffer
;
4499 } REPARSE_GUID_DATA_BUFFER
, *PREPARSE_GUID_DATA_BUFFER
;
4501 #define REPARSE_GUID_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer)
4503 #define MAXIMUM_REPARSE_DATA_BUFFER_SIZE ( 16 * 1024 )
4505 /* Reserved reparse tags */
4506 #define IO_REPARSE_TAG_RESERVED_ZERO (0)
4507 #define IO_REPARSE_TAG_RESERVED_ONE (1)
4508 #define IO_REPARSE_TAG_RESERVED_RANGE IO_REPARSE_TAG_RESERVED_ONE
4510 #define IsReparseTagMicrosoft(_tag) (((_tag) & 0x80000000))
4511 #define IsReparseTagNameSurrogate(_tag) (((_tag) & 0x20000000))
4513 #define IO_REPARSE_TAG_VALID_VALUES (0xF000FFFF)
4515 #define IsReparseTagValid(tag) ( \
4516 !((tag) & ~IO_REPARSE_TAG_VALID_VALUES) && \
4517 ((tag) > IO_REPARSE_TAG_RESERVED_RANGE) \
4520 /* MicroSoft reparse point tags */
4521 #define IO_REPARSE_TAG_MOUNT_POINT (0xA0000003L)
4522 #define IO_REPARSE_TAG_HSM (0xC0000004L)
4523 #define IO_REPARSE_TAG_DRIVE_EXTENDER (0x80000005L)
4524 #define IO_REPARSE_TAG_HSM2 (0x80000006L)
4525 #define IO_REPARSE_TAG_SIS (0x80000007L)
4526 #define IO_REPARSE_TAG_WIM (0x80000008L)
4527 #define IO_REPARSE_TAG_CSV (0x80000009L)
4528 #define IO_REPARSE_TAG_DFS (0x8000000AL)
4529 #define IO_REPARSE_TAG_FILTER_MANAGER (0x8000000BL)
4530 #define IO_REPARSE_TAG_SYMLINK (0xA000000CL)
4531 #define IO_REPARSE_TAG_IIS_CACHE (0xA0000010L)
4532 #define IO_REPARSE_TAG_DFSR (0x80000012L)
4535 typedef struct _REPARSE_INDEX_KEY
{
4536 ULONG FileReparseTag
;
4537 LARGE_INTEGER FileId
;
4538 } REPARSE_INDEX_KEY
, *PREPARSE_INDEX_KEY
;
4541 #define FSCTL_LMR_GET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,58,METHOD_BUFFERED,FILE_ANY_ACCESS)
4542 #define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,59,METHOD_BUFFERED,FILE_ANY_ACCESS)
4543 #define IOCTL_LMR_ARE_FILE_OBJECTS_ON_SAME_SERVER CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,60,METHOD_BUFFERED,FILE_ANY_ACCESS)
4545 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
4546 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
4547 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
4548 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
4549 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
4550 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4551 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
4552 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
4553 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
4554 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
4555 #define FSCTL_PIPE_GET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
4556 #define FSCTL_PIPE_SET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
4557 #define FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
4558 #define FSCTL_PIPE_SET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 13, METHOD_BUFFERED, FILE_ANY_ACCESS)
4559 #define FSCTL_PIPE_GET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 14, METHOD_BUFFERED, FILE_ANY_ACCESS)
4560 #define FSCTL_PIPE_SET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
4561 #define FSCTL_PIPE_FLUSH CTL_CODE(FILE_DEVICE_NAMED_PIPE, 16, METHOD_BUFFERED, FILE_WRITE_DATA)
4563 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
4564 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
4565 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4566 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
4568 #define FILE_PIPE_READ_DATA 0x00000000
4569 #define FILE_PIPE_WRITE_SPACE 0x00000001
4571 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER
{
4574 } FILE_PIPE_ASSIGN_EVENT_BUFFER
, *PFILE_PIPE_ASSIGN_EVENT_BUFFER
;
4576 typedef struct _FILE_PIPE_EVENT_BUFFER
{
4577 ULONG NamedPipeState
;
4581 ULONG NumberRequests
;
4582 } FILE_PIPE_EVENT_BUFFER
, *PFILE_PIPE_EVENT_BUFFER
;
4584 typedef struct _FILE_PIPE_PEEK_BUFFER
{
4585 ULONG NamedPipeState
;
4586 ULONG ReadDataAvailable
;
4587 ULONG NumberOfMessages
;
4588 ULONG MessageLength
;
4590 } FILE_PIPE_PEEK_BUFFER
, *PFILE_PIPE_PEEK_BUFFER
;
4592 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER
{
4593 LARGE_INTEGER Timeout
;
4595 BOOLEAN TimeoutSpecified
;
4597 } FILE_PIPE_WAIT_FOR_BUFFER
, *PFILE_PIPE_WAIT_FOR_BUFFER
;
4599 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER
{
4600 #if !defined(BUILD_WOW6432)
4601 PVOID ClientSession
;
4602 PVOID ClientProcess
;
4604 ULONGLONG ClientSession
;
4605 ULONGLONG ClientProcess
;
4607 } FILE_PIPE_CLIENT_PROCESS_BUFFER
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER
;
4609 #define FILE_PIPE_COMPUTER_NAME_LENGTH 15
4611 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
{
4612 #if !defined(BUILD_WOW6432)
4613 PVOID ClientSession
;
4614 PVOID ClientProcess
;
4616 ULONGLONG ClientSession
;
4617 ULONGLONG ClientProcess
;
4619 USHORT ClientComputerNameLength
;
4620 WCHAR ClientComputerBuffer
[FILE_PIPE_COMPUTER_NAME_LENGTH
+1];
4621 } FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER_EX
;
4623 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
4625 typedef enum _LINK_TRACKING_INFORMATION_TYPE
{
4626 NtfsLinkTrackingInformation
,
4627 DfsLinkTrackingInformation
4628 } LINK_TRACKING_INFORMATION_TYPE
, *PLINK_TRACKING_INFORMATION_TYPE
;
4630 typedef struct _LINK_TRACKING_INFORMATION
{
4631 LINK_TRACKING_INFORMATION_TYPE Type
;
4633 } LINK_TRACKING_INFORMATION
, *PLINK_TRACKING_INFORMATION
;
4635 typedef struct _REMOTE_LINK_TRACKING_INFORMATION
{
4636 PVOID TargetFileObject
;
4637 ULONG TargetLinkTrackingInformationLength
;
4638 UCHAR TargetLinkTrackingInformationBuffer
[1];
4639 } REMOTE_LINK_TRACKING_INFORMATION
, *PREMOTE_LINK_TRACKING_INFORMATION
;
4641 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION
{
4643 ACCESS_MASK GrantedAccess
;
4647 } PUBLIC_OBJECT_BASIC_INFORMATION
, *PPUBLIC_OBJECT_BASIC_INFORMATION
;
4649 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION
{
4650 UNICODE_STRING TypeName
;
4651 ULONG Reserved
[22];
4652 } PUBLIC_OBJECT_TYPE_INFORMATION
, *PPUBLIC_OBJECT_TYPE_INFORMATION
;
4654 typedef struct _SECURITY_CLIENT_CONTEXT
{
4655 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
4656 PACCESS_TOKEN ClientToken
;
4657 BOOLEAN DirectlyAccessClientToken
;
4658 BOOLEAN DirectAccessEffectiveOnly
;
4659 BOOLEAN ServerIsRemote
;
4660 TOKEN_CONTROL ClientTokenControl
;
4661 } SECURITY_CLIENT_CONTEXT
, *PSECURITY_CLIENT_CONTEXT
;
4663 #define SYSTEM_PAGE_PRIORITY_BITS 3
4664 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
4666 typedef struct _KAPC_STATE
{
4667 LIST_ENTRY ApcListHead
[MaximumMode
];
4669 BOOLEAN KernelApcInProgress
;
4670 BOOLEAN KernelApcPending
;
4671 BOOLEAN UserApcPending
;
4672 } KAPC_STATE
, *PKAPC_STATE
, *RESTRICTED_POINTER PRKAPC_STATE
;
4674 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
4676 typedef struct _KQUEUE
{
4677 DISPATCHER_HEADER Header
;
4678 LIST_ENTRY EntryListHead
;
4679 volatile ULONG CurrentCount
;
4681 LIST_ENTRY ThreadListHead
;
4682 } KQUEUE
, *PKQUEUE
, *RESTRICTED_POINTER PRKQUEUE
;
4684 #if (NTDDI_VERSION >= NTDDI_WIN2K)
4690 OUT PRKMUTANT Mutant
,
4691 IN BOOLEAN InitialOwner
);
4697 IN PRKMUTANT Mutant
);
4703 IN OUT PRKMUTANT Mutant
,
4704 IN KPRIORITY Increment
,
4705 IN BOOLEAN Abandoned
,
4725 IN OUT PRKQUEUE Queue
,
4726 IN OUT PLIST_ENTRY Entry
);
4732 IN OUT PRKQUEUE Queue
,
4733 IN OUT PLIST_ENTRY Entry
);
4739 IN OUT PRKQUEUE Queue
,
4740 IN KPROCESSOR_MODE WaitMode
,
4741 IN PLARGE_INTEGER Timeout OPTIONAL
);
4747 IN OUT PKPROCESS Process
);
4759 IN OUT PRKQUEUE Queue
);
4764 KeStackAttachProcess(
4765 IN OUT PKPROCESS Process
,
4766 OUT PKAPC_STATE ApcState
);
4771 KeUnstackDetachProcess(
4772 IN PKAPC_STATE ApcState
);
4777 KeSetIdealProcessorThread(
4778 IN OUT PKTHREAD Thread
,
4779 IN UCHAR Processor
);
4784 KeSetKernelStackSwapEnable(
4791 KeAcquireSpinLockRaiseToSynch(
4792 IN OUT PKSPIN_LOCK SpinLock
);
4796 KeAcquireSpinLockRaiseToSynch(
4797 IN OUT PKSPIN_LOCK SpinLock
);
4800 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
4802 #if (NTDDI_VERSION >= NTDDI_WINXP)
4807 KeAcquireQueuedSpinLock(
4808 IN OUT KSPIN_LOCK_QUEUE_NUMBER Number
);
4813 KeReleaseQueuedSpinLock(
4814 IN OUT KSPIN_LOCK_QUEUE_NUMBER Number
,
4820 KeTryToAcquireQueuedSpinLock(
4821 IN KSPIN_LOCK_QUEUE_NUMBER Number
,
4822 OUT PKIRQL OldIrql
);
4824 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
4826 #if (NTDDI_VERSION >= NTDDI_VISTA)
4832 OUT PCLIENT_ID ClientId
);
4837 IN OUT PKQUEUE Queue
,
4838 IN KPROCESSOR_MODE WaitMode
,
4839 IN BOOLEAN Alertable
,
4840 IN PLARGE_INTEGER Timeout OPTIONAL
,
4841 OUT PLIST_ENTRY
*EntryArray
,
4844 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
4846 #define INVALID_PROCESSOR_INDEX 0xffffffff
4850 KeGetProcessorNumberFromIndex(
4852 OUT PPROCESSOR_NUMBER ProcNumber
);
4856 KeGetProcessorIndexFromNumber(
4857 IN PPROCESSOR_NUMBER ProcNumber
);
4859 #if (NTDDI_VERSION >= NTDDI_WIN2K)
4864 ExQueryPoolBlockSize(
4866 OUT PBOOLEAN QuotaCharged
);
4869 ExAdjustLookasideDepth(
4875 ExDisableResourceBoostLite(
4876 IN PERESOURCE Resource
);
4880 #define ExDisableResourceBoost ExDisableResourceBoostLite
4882 #define EX_PUSH_LOCK ULONG_PTR
4883 #define PEX_PUSH_LOCK PULONG_PTR
4886 ExInitializePushLock (
4887 OUT PEX_PUSH_LOCK PushLock
);
4889 #if (NTDDI_VERSION >= NTDDI_WINXP)
4892 InterlockedPushListSList(
4893 IN OUT PSLIST_HEADER ListHead
,
4894 IN OUT PSLIST_ENTRY List
,
4895 IN OUT PSLIST_ENTRY ListEnd
,
4900 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
4903 C_ASSERT(sizeof(ERESOURCE
) == 0x68);
4904 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x18);
4905 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x1a);
4909 C_ASSERT(sizeof(ERESOURCE
) == 0x38);
4910 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x0c);
4911 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x0e);
4916 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
4917 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
4918 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
4919 #define TOKEN_WRITE_RESTRICTED 0x0008
4920 #define TOKEN_IS_RESTRICTED 0x0010
4921 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
4922 #define TOKEN_SANDBOX_INERT 0x0040
4923 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
4924 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
4925 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
4926 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
4927 #define TOKEN_IS_FILTERED 0x0800
4928 #define TOKEN_UIACCESS 0x1000
4929 #define TOKEN_NOT_LOW 0x2000
4931 typedef struct _SE_EXPORTS
{
4932 LUID SeCreateTokenPrivilege
;
4933 LUID SeAssignPrimaryTokenPrivilege
;
4934 LUID SeLockMemoryPrivilege
;
4935 LUID SeIncreaseQuotaPrivilege
;
4936 LUID SeUnsolicitedInputPrivilege
;
4937 LUID SeTcbPrivilege
;
4938 LUID SeSecurityPrivilege
;
4939 LUID SeTakeOwnershipPrivilege
;
4940 LUID SeLoadDriverPrivilege
;
4941 LUID SeCreatePagefilePrivilege
;
4942 LUID SeIncreaseBasePriorityPrivilege
;
4943 LUID SeSystemProfilePrivilege
;
4944 LUID SeSystemtimePrivilege
;
4945 LUID SeProfileSingleProcessPrivilege
;
4946 LUID SeCreatePermanentPrivilege
;
4947 LUID SeBackupPrivilege
;
4948 LUID SeRestorePrivilege
;
4949 LUID SeShutdownPrivilege
;
4950 LUID SeDebugPrivilege
;
4951 LUID SeAuditPrivilege
;
4952 LUID SeSystemEnvironmentPrivilege
;
4953 LUID SeChangeNotifyPrivilege
;
4954 LUID SeRemoteShutdownPrivilege
;
4958 PSID SeCreatorOwnerSid
;
4959 PSID SeCreatorGroupSid
;
4960 PSID SeNtAuthoritySid
;
4964 PSID SeInteractiveSid
;
4965 PSID SeLocalSystemSid
;
4966 PSID SeAliasAdminsSid
;
4967 PSID SeAliasUsersSid
;
4968 PSID SeAliasGuestsSid
;
4969 PSID SeAliasPowerUsersSid
;
4970 PSID SeAliasAccountOpsSid
;
4971 PSID SeAliasSystemOpsSid
;
4972 PSID SeAliasPrintOpsSid
;
4973 PSID SeAliasBackupOpsSid
;
4974 PSID SeAuthenticatedUsersSid
;
4975 PSID SeRestrictedSid
;
4976 PSID SeAnonymousLogonSid
;
4977 LUID SeUndockPrivilege
;
4978 LUID SeSyncAgentPrivilege
;
4979 LUID SeEnableDelegationPrivilege
;
4980 PSID SeLocalServiceSid
;
4981 PSID SeNetworkServiceSid
;
4982 LUID SeManageVolumePrivilege
;
4983 LUID SeImpersonatePrivilege
;
4984 LUID SeCreateGlobalPrivilege
;
4985 LUID SeTrustedCredManAccessPrivilege
;
4986 LUID SeRelabelPrivilege
;
4987 LUID SeIncreaseWorkingSetPrivilege
;
4988 LUID SeTimeZonePrivilege
;
4989 LUID SeCreateSymbolicLinkPrivilege
;
4991 PSID SeUntrustedMandatorySid
;
4992 PSID SeLowMandatorySid
;
4993 PSID SeMediumMandatorySid
;
4994 PSID SeHighMandatorySid
;
4995 PSID SeSystemMandatorySid
;
4996 PSID SeOwnerRightsSid
;
4997 } SE_EXPORTS
, *PSE_EXPORTS
;
5000 (NTAPI
*PSE_LOGON_SESSION_TERMINATED_ROUTINE
)(
5003 #define SeLengthSid( Sid ) \
5004 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
5006 #define SeDeleteClientSecurity(C) { \
5007 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
5008 PsDereferencePrimaryToken( (C)->ClientToken ); \
5010 PsDereferenceImpersonationToken( (C)->ClientToken ); \
5014 #define SeStopImpersonatingClient() PsRevertToSelf()
5016 #define SeQuerySubjectContextToken( SubjectContext ) \
5017 ( ARGUMENT_PRESENT( \
5018 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
5020 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
5021 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
5023 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5028 SeCaptureSubjectContext(
5029 OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5034 SeLockSubjectContext(
5035 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5040 SeUnlockSubjectContext(
5041 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5046 SeReleaseSubjectContext(
5047 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5053 IN OUT PPRIVILEGE_SET RequiredPrivileges
,
5054 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5055 IN KPROCESSOR_MODE AccessMode
);
5060 SeOpenObjectAuditAlarm(
5061 IN PUNICODE_STRING ObjectTypeName
,
5062 IN PVOID Object OPTIONAL
,
5063 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL
,
5064 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5065 IN PACCESS_STATE AccessState
,
5066 IN BOOLEAN ObjectCreated
,
5067 IN BOOLEAN AccessGranted
,
5068 IN KPROCESSOR_MODE AccessMode
,
5069 OUT PBOOLEAN GenerateOnClose
);
5074 SeOpenObjectForDeleteAuditAlarm(
5075 IN PUNICODE_STRING ObjectTypeName
,
5076 IN PVOID Object OPTIONAL
,
5077 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL
,
5078 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5079 IN PACCESS_STATE AccessState
,
5080 IN BOOLEAN ObjectCreated
,
5081 IN BOOLEAN AccessGranted
,
5082 IN KPROCESSOR_MODE AccessMode
,
5083 OUT PBOOLEAN GenerateOnClose
);
5088 SeDeleteObjectAuditAlarm(
5096 IN PACCESS_TOKEN Token
);
5102 IN PACCESS_TOKEN Token
);
5107 SeTokenIsRestricted(
5108 IN PACCESS_TOKEN Token
);
5113 SeQueryAuthenticationIdToken(
5114 IN PACCESS_TOKEN Token
,
5115 OUT PLUID AuthenticationId
);
5120 SeQuerySessionIdToken(
5121 IN PACCESS_TOKEN Token
,
5122 OUT PULONG SessionId
);
5127 SeCreateClientSecurity(
5128 IN PETHREAD ClientThread
,
5129 IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5130 IN BOOLEAN RemoteSession
,
5131 OUT PSECURITY_CLIENT_CONTEXT ClientContext
);
5136 SeImpersonateClient(
5137 IN PSECURITY_CLIENT_CONTEXT ClientContext
,
5138 IN PETHREAD ServerThread OPTIONAL
);
5143 SeImpersonateClientEx(
5144 IN PSECURITY_CLIENT_CONTEXT ClientContext
,
5145 IN PETHREAD ServerThread OPTIONAL
);
5150 SeCreateClientSecurityFromSubjectContext(
5151 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5152 IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5153 IN BOOLEAN ServerIsRemote
,
5154 OUT PSECURITY_CLIENT_CONTEXT ClientContext
);
5159 SeQuerySecurityDescriptorInfo(
5160 IN PSECURITY_INFORMATION SecurityInformation
,
5161 OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
5162 IN OUT PULONG Length
,
5163 IN OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
);
5168 SeSetSecurityDescriptorInfo(
5169 IN PVOID Object OPTIONAL
,
5170 IN PSECURITY_INFORMATION SecurityInformation
,
5171 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5172 IN OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5173 IN POOL_TYPE PoolType
,
5174 IN PGENERIC_MAPPING GenericMapping
);
5179 SeSetSecurityDescriptorInfoEx(
5180 IN PVOID Object OPTIONAL
,
5181 IN PSECURITY_INFORMATION SecurityInformation
,
5182 IN PSECURITY_DESCRIPTOR ModificationDescriptor
,
5183 IN OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5184 IN ULONG AutoInheritFlags
,
5185 IN POOL_TYPE PoolType
,
5186 IN PGENERIC_MAPPING GenericMapping
);
5192 IN OUT PACCESS_STATE AccessState
,
5193 IN PPRIVILEGE_SET Privileges
);
5198 SeAuditingFileEvents(
5199 IN BOOLEAN AccessGranted
,
5200 IN PSECURITY_DESCRIPTOR SecurityDescriptor
);
5205 SeAuditingFileOrGlobalEvents(
5206 IN BOOLEAN AccessGranted
,
5207 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5208 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5212 SeSetAccessStateGenericMapping(
5213 IN OUT PACCESS_STATE AccessState
,
5214 IN PGENERIC_MAPPING GenericMapping
);
5219 SeRegisterLogonSessionTerminatedRoutine(
5220 IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5225 SeUnregisterLogonSessionTerminatedRoutine(
5226 IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5231 SeMarkLogonSessionForTerminationNotification(
5237 SeQueryInformationToken(
5238 IN PACCESS_TOKEN Token
,
5239 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
5240 OUT PVOID
*TokenInformation
);
5242 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5244 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
5248 SeAuditingHardLinkEvents(
5249 IN BOOLEAN AccessGranted
,
5250 IN PSECURITY_DESCRIPTOR SecurityDescriptor
);
5253 #if (NTDDI_VERSION >= NTDDI_WINXP)
5259 IN PACCESS_TOKEN ExistingToken
,
5261 IN PTOKEN_GROUPS SidsToDisable OPTIONAL
,
5262 IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL
,
5263 IN PTOKEN_GROUPS RestrictedSids OPTIONAL
,
5264 OUT PACCESS_TOKEN
*FilteredToken
);
5269 SeAuditHardLinkCreation(
5270 IN PUNICODE_STRING FileName
,
5271 IN PUNICODE_STRING LinkName
,
5272 IN BOOLEAN bSuccess
);
5274 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5276 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
5281 SeAuditingFileEventsWithContext(
5282 IN BOOLEAN AccessGranted
,
5283 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5284 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL
);
5289 SeAuditingHardLinkEventsWithContext(
5290 IN BOOLEAN AccessGranted
,
5291 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5292 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL
);
5296 #if (NTDDI_VERSION >= NTDDI_VISTA)
5301 SeOpenObjectAuditAlarmWithTransaction(
5302 IN PUNICODE_STRING ObjectTypeName
,
5303 IN PVOID Object OPTIONAL
,
5304 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL
,
5305 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5306 IN PACCESS_STATE AccessState
,
5307 IN BOOLEAN ObjectCreated
,
5308 IN BOOLEAN AccessGranted
,
5309 IN KPROCESSOR_MODE AccessMode
,
5310 IN GUID
*TransactionId OPTIONAL
,
5311 OUT PBOOLEAN GenerateOnClose
);
5316 SeOpenObjectForDeleteAuditAlarmWithTransaction(
5317 IN PUNICODE_STRING ObjectTypeName
,
5318 IN PVOID Object OPTIONAL
,
5319 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL
,
5320 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5321 IN PACCESS_STATE AccessState
,
5322 IN BOOLEAN ObjectCreated
,
5323 IN BOOLEAN AccessGranted
,
5324 IN KPROCESSOR_MODE AccessMode
,
5325 IN GUID
*TransactionId OPTIONAL
,
5326 OUT PBOOLEAN GenerateOnClose
);
5333 IN PACCESS_TOKEN Token
,
5334 IN ACCESS_MASK DesiredAccess
,
5335 IN BOOLEAN AccessGranted
,
5336 OUT PBOOLEAN GenerateAudit
,
5337 OUT PBOOLEAN GenerateAlarm
);
5342 SeDeleteObjectAuditAlarmWithTransaction(
5345 IN GUID
*TransactionId OPTIONAL
);
5350 SeQueryTokenIntegrity(
5351 IN PACCESS_TOKEN Token
,
5352 IN OUT PSID_AND_ATTRIBUTES IntegritySA
);
5357 SeSetSessionIdToken(
5358 IN PACCESS_TOKEN Token
,
5359 IN ULONG SessionId
);
5364 SeAuditHardLinkCreationWithTransaction(
5365 IN PUNICODE_STRING FileName
,
5366 IN PUNICODE_STRING LinkName
,
5367 IN BOOLEAN bSuccess
,
5368 IN GUID
*TransactionId OPTIONAL
);
5373 SeAuditTransactionStateChange(
5374 IN GUID
*TransactionId
,
5375 IN GUID
*ResourceManagerId
,
5376 IN ULONG NewTransactionState
);
5378 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5380 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
5384 SeTokenIsWriteRestricted(
5385 IN PACCESS_TOKEN Token
);
5388 #if (NTDDI_VERSION >= NTDDI_WIN7)
5393 SeAuditingAnyFileEventsWithContext(
5394 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5395 IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL
);
5400 SeExamineGlobalSacl(
5401 IN PUNICODE_STRING ObjectType
,
5402 IN PACCESS_TOKEN Token
,
5403 IN ACCESS_MASK DesiredAccess
,
5404 IN BOOLEAN AccessGranted
,
5405 IN OUT PBOOLEAN GenerateAudit
,
5406 IN OUT PBOOLEAN GenerateAlarm OPTIONAL
);
5411 SeMaximumAuditMaskFromGlobalSacl(
5412 IN PUNICODE_STRING ObjectTypeName OPTIONAL
,
5413 IN ACCESS_MASK GrantedAccess
,
5414 IN PACCESS_TOKEN Token
,
5415 IN OUT PACCESS_MASK AuditMask
);
5421 SeReportSecurityEventWithSubCategory(
5423 IN PUNICODE_STRING SourceName
,
5424 IN PSID UserSid OPTIONAL
,
5425 IN PSE_ADT_PARAMETER_ARRAY AuditParameters
,
5426 IN ULONG AuditSubcategoryId
);
5430 SeAccessCheckFromState(
5431 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
5432 IN PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation
,
5433 IN PTOKEN_ACCESS_INFORMATION ClientTokenInformation OPTIONAL
,
5434 IN ACCESS_MASK DesiredAccess
,
5435 IN ACCESS_MASK PreviouslyGrantedAccess
,
5436 OUT PPRIVILEGE_SET
*Privileges OPTIONAL
,
5437 IN PGENERIC_MAPPING GenericMapping
,
5438 IN KPROCESSOR_MODE AccessMode
,
5439 OUT PACCESS_MASK GrantedAccess
,
5440 OUT PNTSTATUS AccessStatus
);
5446 IN PPRIVILEGE_SET Privileges
);
5450 SeLocateProcessImageName(
5451 IN OUT PEPROCESS Process
,
5452 OUT PUNICODE_STRING
*pImageFileName
);
5454 extern NTKERNELAPI PSE_EXPORTS SeExports
;
5456 #if !defined(_PSGETCURRENTTHREAD_)
5457 #define _PSGETCURRENTTHREAD_
5464 return (PETHREAD
)KeGetCurrentThread();
5468 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5473 PsReferenceImpersonationToken(
5474 IN OUT PETHREAD Thread
,
5475 OUT PBOOLEAN CopyOnOpen
,
5476 OUT PBOOLEAN EffectiveOnly
,
5477 OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5482 PsGetProcessExitTime(
5488 PsIsThreadTerminating(
5489 IN PETHREAD Thread
);
5494 PsImpersonateClient(
5495 IN OUT PETHREAD Thread
,
5496 IN PACCESS_TOKEN Token
,
5497 IN BOOLEAN CopyOnOpen
,
5498 IN BOOLEAN EffectiveOnly
,
5499 IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5504 PsDisableImpersonation(
5505 IN OUT PETHREAD Thread
,
5506 IN OUT PSE_IMPERSONATION_STATE ImpersonationState
);
5511 PsRestoreImpersonation(
5513 IN PSE_IMPERSONATION_STATE ImpersonationState
);
5525 IN PEPROCESS Process
,
5526 IN POOL_TYPE PoolType
,
5527 IN ULONG_PTR Amount
);
5533 IN PEPROCESS Process
,
5534 IN POOL_TYPE PoolType
,
5535 IN ULONG_PTR Amount
);
5539 #if (NTDDI_VERSION >= NTDDI_WINXP)
5544 PsDereferencePrimaryToken(
5545 IN PACCESS_TOKEN PrimaryToken
);
5550 PsDereferenceImpersonationToken(
5551 IN PACCESS_TOKEN ImpersonationToken
);
5556 PsChargeProcessPoolQuota(
5557 IN PEPROCESS Process
,
5558 IN POOL_TYPE PoolType
,
5559 IN ULONG_PTR Amount
);
5565 IN PETHREAD Thread
);
5572 PsLookupProcessByProcessId(
5573 IN HANDLE ProcessId
,
5574 OUT PEPROCESS
*Process
);
5579 PsLookupThreadByThreadId(
5580 IN HANDLE UniqueThreadId
,
5581 OUT PETHREAD
*Thread
);
5583 #define IO_OPEN_PAGING_FILE 0x0002
5584 #define IO_OPEN_TARGET_DIRECTORY 0x0004
5585 #define IO_STOP_ON_SYMLINK 0x0008
5586 #define IO_MM_PAGING_FILE 0x0010
5589 (NTAPI
*PDRIVER_FS_NOTIFICATION
) (
5590 IN PDEVICE_OBJECT DeviceObject
,
5591 IN BOOLEAN FsActive
);
5593 typedef enum _FS_FILTER_SECTION_SYNC_TYPE
{
5595 SyncTypeCreateSection
5596 } FS_FILTER_SECTION_SYNC_TYPE
, *PFS_FILTER_SECTION_SYNC_TYPE
;
5598 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
{
5599 NotifyTypeCreate
= 0,
5601 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE
;
5603 typedef union _FS_FILTER_PARAMETERS
{
5605 PLARGE_INTEGER EndingOffset
;
5606 PERESOURCE
*ResourceToRelease
;
5607 } AcquireForModifiedPageWriter
;
5609 PERESOURCE ResourceToRelease
;
5610 } ReleaseForModifiedPageWriter
;
5612 FS_FILTER_SECTION_SYNC_TYPE SyncType
;
5613 ULONG PageProtection
;
5614 } AcquireForSectionSynchronization
;
5616 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
;
5617 BOOLEAN POINTER_ALIGNMENT SafeToRecurse
;
5618 } NotifyStreamFileObject
;
5626 } FS_FILTER_PARAMETERS
, *PFS_FILTER_PARAMETERS
;
5628 #define FS_FILTER_ACQUIRE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-1
5629 #define FS_FILTER_RELEASE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-2
5630 #define FS_FILTER_ACQUIRE_FOR_MOD_WRITE (UCHAR)-3
5631 #define FS_FILTER_RELEASE_FOR_MOD_WRITE (UCHAR)-4
5632 #define FS_FILTER_ACQUIRE_FOR_CC_FLUSH (UCHAR)-5
5633 #define FS_FILTER_RELEASE_FOR_CC_FLUSH (UCHAR)-6
5635 typedef struct _FS_FILTER_CALLBACK_DATA
{
5636 ULONG SizeOfFsFilterCallbackData
;
5639 struct _DEVICE_OBJECT
*DeviceObject
;
5640 struct _FILE_OBJECT
*FileObject
;
5641 FS_FILTER_PARAMETERS Parameters
;
5642 } FS_FILTER_CALLBACK_DATA
, *PFS_FILTER_CALLBACK_DATA
;
5645 (NTAPI
*PFS_FILTER_CALLBACK
) (
5646 IN PFS_FILTER_CALLBACK_DATA Data
,
5647 OUT PVOID
*CompletionContext
);
5650 (NTAPI
*PFS_FILTER_COMPLETION_CALLBACK
) (
5651 IN PFS_FILTER_CALLBACK_DATA Data
,
5652 IN NTSTATUS OperationStatus
,
5653 IN PVOID CompletionContext
);
5655 typedef struct _FS_FILTER_CALLBACKS
{
5656 ULONG SizeOfFsFilterCallbacks
;
5658 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization
;
5659 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization
;
5660 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization
;
5661 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization
;
5662 PFS_FILTER_CALLBACK PreAcquireForCcFlush
;
5663 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush
;
5664 PFS_FILTER_CALLBACK PreReleaseForCcFlush
;
5665 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush
;
5666 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter
;
5667 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter
;
5668 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter
;
5669 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter
;
5670 } FS_FILTER_CALLBACKS
, *PFS_FILTER_CALLBACKS
;
5672 #if (NTDDI_VERSION >= NTDDI_WINXP)
5676 FsRtlRegisterFileSystemFilterCallbacks(
5677 IN
struct _DRIVER_OBJECT
*FilterDriverObject
,
5678 IN PFS_FILTER_CALLBACKS Callbacks
);
5679 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5681 #if (NTDDI_VERSION >= NTDDI_VISTA)
5685 FsRtlNotifyStreamFileObject(
5686 IN
struct _FILE_OBJECT
* StreamFileObject
,
5687 IN
struct _DEVICE_OBJECT
*DeviceObjectHint OPTIONAL
,
5688 IN FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
,
5689 IN BOOLEAN SafeToRecurse
);
5690 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5692 #define DO_VERIFY_VOLUME 0x00000002
5693 #define DO_BUFFERED_IO 0x00000004
5694 #define DO_EXCLUSIVE 0x00000008
5695 #define DO_DIRECT_IO 0x00000010
5696 #define DO_MAP_IO_BUFFER 0x00000020
5697 #define DO_DEVICE_HAS_NAME 0x00000040
5698 #define DO_DEVICE_INITIALIZING 0x00000080
5699 #define DO_SYSTEM_BOOT_PARTITION 0x00000100
5700 #define DO_LONG_TERM_REQUESTS 0x00000200
5701 #define DO_NEVER_LAST_DEVICE 0x00000400
5702 #define DO_SHUTDOWN_REGISTERED 0x00000800
5703 #define DO_BUS_ENUMERATED_DEVICE 0x00001000
5704 #define DO_POWER_PAGABLE 0x00002000
5705 #define DO_POWER_INRUSH 0x00004000
5706 #define DO_LOW_PRIORITY_FILESYSTEM 0x00010000
5707 #define DO_SUPPORTS_TRANSACTIONS 0x00040000
5708 #define DO_FORCE_NEITHER_IO 0x00080000
5709 #define DO_VOLUME_DEVICE_OBJECT 0x00100000
5710 #define DO_SYSTEM_SYSTEM_PARTITION 0x00200000
5711 #define DO_SYSTEM_CRITICAL_PARTITION 0x00400000
5712 #define DO_DISALLOW_EXECUTE 0x00800000
5714 extern KSPIN_LOCK IoStatisticsLock
;
5715 extern ULONG IoReadOperationCount
;
5716 extern ULONG IoWriteOperationCount
;
5717 extern ULONG IoOtherOperationCount
;
5718 extern LARGE_INTEGER IoReadTransferCount
;
5719 extern LARGE_INTEGER IoWriteTransferCount
;
5720 extern LARGE_INTEGER IoOtherTransferCount
;
5722 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
5723 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
5725 #if (NTDDI_VERSION == NTDDI_WIN2K)
5729 IoRegisterFsRegistrationChangeEx(
5730 IN PDRIVER_OBJECT DriverObject
,
5731 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
5734 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5739 IoAcquireVpbSpinLock(
5745 IoCheckDesiredAccess(
5746 IN OUT PACCESS_MASK DesiredAccess
,
5747 IN ACCESS_MASK GrantedAccess
);
5752 IoCheckEaBufferValidity(
5753 IN PFILE_FULL_EA_INFORMATION EaBuffer
,
5755 OUT PULONG ErrorOffset
);
5760 IoCheckFunctionAccess(
5761 IN ACCESS_MASK GrantedAccess
,
5762 IN UCHAR MajorFunction
,
5763 IN UCHAR MinorFunction
,
5764 IN ULONG IoControlCode
,
5765 IN PVOID Argument1 OPTIONAL
,
5766 IN PVOID Argument2 OPTIONAL
);
5771 IoCheckQuerySetFileInformation(
5772 IN FILE_INFORMATION_CLASS FileInformationClass
,
5774 IN BOOLEAN SetOperation
);
5779 IoCheckQuerySetVolumeInformation(
5780 IN FS_INFORMATION_CLASS FsInformationClass
,
5782 IN BOOLEAN SetOperation
);
5787 IoCheckQuotaBufferValidity(
5788 IN PFILE_QUOTA_INFORMATION QuotaBuffer
,
5789 IN ULONG QuotaLength
,
5790 OUT PULONG ErrorOffset
);
5795 IoCreateStreamFileObject(
5796 IN PFILE_OBJECT FileObject OPTIONAL
,
5797 IN PDEVICE_OBJECT DeviceObject OPTIONAL
);
5802 IoCreateStreamFileObjectLite(
5803 IN PFILE_OBJECT FileObject OPTIONAL
,
5804 IN PDEVICE_OBJECT DeviceObject OPTIONAL
);
5809 IoFastQueryNetworkAttributes(
5810 IN POBJECT_ATTRIBUTES ObjectAttributes
,
5811 IN ACCESS_MASK DesiredAccess
,
5812 IN ULONG OpenOptions
,
5813 OUT PIO_STATUS_BLOCK IoStatus
,
5814 OUT PFILE_NETWORK_OPEN_INFORMATION Buffer
);
5820 IN PFILE_OBJECT FileObject
,
5822 IN PLARGE_INTEGER Offset
,
5824 OUT PIO_STATUS_BLOCK IoStatusBlock
);
5829 IoGetAttachedDevice(
5830 IN PDEVICE_OBJECT DeviceObject
);
5835 IoGetAttachedDeviceReference(
5836 IN PDEVICE_OBJECT DeviceObject
);
5841 IoGetBaseFileSystemDeviceObject(
5842 IN PFILE_OBJECT FileObject
);
5845 PCONFIGURATION_INFORMATION
5847 IoGetConfigurationInformation(
5853 IoGetRequestorProcessId(
5859 IoGetRequestorProcess(
5871 IoIsOperationSynchronous(
5878 IN PETHREAD Thread
);
5883 IoIsValidNameGraftingBuffer(
5885 IN PREPARSE_DATA_BUFFER ReparseBuffer
);
5890 IoQueryFileInformation(
5891 IN PFILE_OBJECT FileObject
,
5892 IN FILE_INFORMATION_CLASS FileInformationClass
,
5894 OUT PVOID FileInformation
,
5895 OUT PULONG ReturnedLength
);
5900 IoQueryVolumeInformation(
5901 IN PFILE_OBJECT FileObject
,
5902 IN FS_INFORMATION_CLASS FsInformationClass
,
5904 OUT PVOID FsInformation
,
5905 OUT PULONG ReturnedLength
);
5916 IoRegisterFileSystem(
5917 IN PDEVICE_OBJECT DeviceObject
);
5922 IoRegisterFsRegistrationChange(
5923 IN PDRIVER_OBJECT DriverObject
,
5924 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
5929 IoReleaseVpbSpinLock(
5935 IoSetDeviceToVerify(
5937 IN PDEVICE_OBJECT DeviceObject OPTIONAL
);
5943 IN PFILE_OBJECT FileObject
,
5944 IN FILE_INFORMATION_CLASS FileInformationClass
,
5946 IN PVOID FileInformation
);
5952 IN PIRP Irp OPTIONAL
);
5958 IN PDEVICE_OBJECT DeviceObject
,
5959 IN BOOLEAN Cancelable
);
5964 IoStartNextPacketByKey(
5965 IN PDEVICE_OBJECT DeviceObject
,
5966 IN BOOLEAN Cancelable
,
5973 IN PDEVICE_OBJECT DeviceObject
,
5975 IN PULONG Key OPTIONAL
,
5976 IN PDRIVER_CANCEL CancelFunction OPTIONAL
);
5982 IN PDEVICE_OBJECT DeviceObject
);
5988 IN PDEVICE_OBJECT DeviceObject
);
5993 IoSynchronousPageWrite(
5994 IN PFILE_OBJECT FileObject
,
5996 IN PLARGE_INTEGER FileOffset
,
5998 OUT PIO_STATUS_BLOCK IoStatusBlock
);
6004 IN PETHREAD Thread
);
6009 IoUnregisterFileSystem(
6010 IN PDEVICE_OBJECT DeviceObject
);
6015 IoUnregisterFsRegistrationChange(
6016 IN PDRIVER_OBJECT DriverObject
,
6017 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
6023 IN PDEVICE_OBJECT DeviceObject
,
6024 IN BOOLEAN AllowRawMount
);
6029 IoWriteErrorLogEntry(
6035 IoGetRequestorSessionId(
6037 OUT PULONG pSessionId
);
6039 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6041 #if (NTDDI_VERSION >= NTDDI_WINXP)
6046 IoCreateStreamFileObjectEx(
6047 IN PFILE_OBJECT FileObject OPTIONAL
,
6048 IN PDEVICE_OBJECT DeviceObject OPTIONAL
,
6049 OUT PHANDLE FileObjectHandle OPTIONAL
);
6054 IoQueryFileDosDeviceName(
6055 IN PFILE_OBJECT FileObject
,
6056 OUT POBJECT_NAME_INFORMATION
*ObjectNameInformation
);
6060 IoSetStartIoAttributes(
6061 IN PDEVICE_OBJECT DeviceObject
,
6062 IN BOOLEAN DeferredStartIo
,
6063 IN BOOLEAN NonCancelable
);
6068 IoEnumerateDeviceObjectList(
6069 IN PDRIVER_OBJECT DriverObject
,
6070 OUT PDEVICE_OBJECT
*DeviceObjectList
,
6071 IN ULONG DeviceObjectListSize
,
6072 OUT PULONG ActualNumberDeviceObjects
);
6077 IoGetLowerDeviceObject(
6078 IN PDEVICE_OBJECT DeviceObject
);
6083 IoGetDeviceAttachmentBaseRef(
6084 IN PDEVICE_OBJECT DeviceObject
);
6089 IoGetDiskDeviceObject(
6090 IN PDEVICE_OBJECT FileSystemDeviceObject
,
6091 OUT PDEVICE_OBJECT
*DiskDeviceObject
);
6095 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
6099 IoEnumerateRegisteredFiltersList(
6100 OUT PDRIVER_OBJECT
*DriverObjectList
,
6101 IN ULONG DriverObjectListSize
,
6102 OUT PULONG ActualNumberDriverObjects
);
6105 #if (NTDDI_VERSION >= NTDDI_VISTA)
6109 IoInitializePriorityInfo(
6110 IN PIO_PRIORITY_INFO PriorityInfo
)
6112 PriorityInfo
->Size
= sizeof(IO_PRIORITY_INFO
);
6113 PriorityInfo
->ThreadPriority
= 0xffff;
6114 PriorityInfo
->IoPriority
= IoPriorityNormal
;
6115 PriorityInfo
->PagePriority
= 0;
6119 #if (NTDDI_VERSION >= NTDDI_WIN7)
6124 IoRegisterFsRegistrationChangeMountAware(
6125 IN PDRIVER_OBJECT DriverObject
,
6126 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
,
6127 IN BOOLEAN SynchronizeWithMounts
);
6132 IoReplaceFileObjectName(
6133 IN PFILE_OBJECT FileObject
,
6134 IN PWSTR NewFileName
,
6135 IN USHORT FileNameLength
);
6139 #define IoIsFileOpenedExclusively(FileObject) ( \
6141 (FileObject)->SharedRead || \
6142 (FileObject)->SharedWrite || \
6143 (FileObject)->SharedDelete \
6147 #if (NTDDI_VERSION >= NTDDI_VISTA)
6148 typedef struct _IO_PRIORITY_INFO
{
6150 ULONG ThreadPriority
;
6152 IO_PRIORITY_HINT IoPriority
;
6153 } IO_PRIORITY_INFO
, *PIO_PRIORITY_INFO
;
6156 #define PO_CB_SYSTEM_POWER_POLICY 0
6157 #define PO_CB_AC_STATUS 1
6158 #define PO_CB_BUTTON_COLLISION 2
6159 #define PO_CB_SYSTEM_STATE_LOCK 3
6160 #define PO_CB_LID_SWITCH_STATE 4
6161 #define PO_CB_PROCESSOR_POWER_POLICY 5
6163 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6168 PoRegisterSystemState(
6169 IN OUT PVOID StateHandle OPTIONAL
,
6170 IN EXECUTION_STATE Flags
);
6175 PoUnregisterSystemState(
6176 IN OUT PVOID StateHandle
);
6182 IN PDEVICE_OBJECT DeviceObject
,
6183 IN POWER_STATE_TYPE Type
,
6184 IN POWER_STATE State
);
6190 IN PDEVICE_OBJECT DeviceObject
,
6196 PoStartNextPowerIrp(
6202 PoRegisterDeviceForIdleDetection(
6203 IN PDEVICE_OBJECT DeviceObject
,
6204 IN ULONG ConservationIdleTime
,
6205 IN ULONG PerformanceIdleTime
,
6206 IN DEVICE_POWER_STATE State
);
6208 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6210 #if (NTDDI_VERSION >= NTDDI_WINXP)
6214 PoQueueShutdownWorkItem(
6215 IN OUT PWORK_QUEUE_ITEM WorkItem
);
6218 #if (NTDDI_VERSION >= NTDDI_WIN6SP1)
6223 IN OUT PULONG IdlePointer
);
6226 #if (NTDDI_VERSION >= NTDDI_WIN7)
6231 PoCreatePowerRequest(
6232 OUT PVOID
*PowerRequest
,
6233 IN PDEVICE_OBJECT DeviceObject
,
6234 IN PCOUNTED_REASON_CONTEXT Context
);
6240 IN OUT PVOID PowerRequest
,
6241 IN POWER_REQUEST_TYPE Type
);
6246 PoClearPowerRequest(
6247 IN OUT PVOID PowerRequest
,
6248 IN POWER_REQUEST_TYPE Type
);
6253 PoDeletePowerRequest(
6254 IN OUT PVOID PowerRequest
);
6260 IN OUT PULONG IdlePointer
);
6266 IN OUT PULONG IdlePointer
);
6271 PoQueryWatchdogTime(
6272 IN PDEVICE_OBJECT Pdo
,
6273 OUT PULONG SecondsRemaining
);
6275 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6278 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6279 //DECLSPEC_DEPRECATED_DDK
6283 HalGetDmaAlignmentRequirement(
6288 #if defined(_M_IX86) || defined(_M_AMD64)
6289 #define HalGetDmaAlignmentRequirement() 1L
6292 typedef enum _MMFLUSH_TYPE
{
6297 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6302 MmIsRecursiveIoFault(
6308 MmForceSectionClosed(
6309 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6310 IN BOOLEAN DelayClose
);
6315 MmFlushImageSection(
6316 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6317 IN MMFLUSH_TYPE FlushType
);
6322 MmCanFileBeTruncated(
6323 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6324 IN PLARGE_INTEGER NewFileSize OPTIONAL
);
6329 MmSetAddressRangeModified(
6335 typedef struct _READ_LIST
{
6336 PFILE_OBJECT FileObject
;
6337 ULONG NumberOfEntries
;
6339 FILE_SEGMENT_ELEMENT List
[ANYSIZE_ARRAY
];
6340 } READ_LIST
, *PREAD_LIST
;
6342 #if (NTDDI_VERSION >= NTDDI_WINXP)
6343 typedef union _MM_PREFETCH_FLAGS
{
6345 ULONG Priority
: SYSTEM_PAGE_PRIORITY_BITS
;
6346 ULONG RepurposePriority
: SYSTEM_PAGE_PRIORITY_BITS
;
6349 } MM_PREFETCH_FLAGS
, *PMM_PREFETCH_FLAGS
;
6351 #define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
6357 IN ULONG NumberOfLists
,
6358 IN PREAD_LIST
*ReadLists
);
6361 #if (NTDDI_VERSION >= NTDDI_VISTA)
6365 MmDoesFileHaveUserWritableReferences(
6366 IN PSECTION_OBJECT_POINTERS SectionPointer
);
6369 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6376 IN OUT PACCESS_STATE PassedAccessState OPTIONAL
,
6377 IN ACCESS_MASK DesiredAccess OPTIONAL
,
6378 IN ULONG ObjectPointerBias
,
6379 OUT PVOID
*NewObject OPTIONAL
,
6380 OUT PHANDLE Handle OPTIONAL
);
6385 ObOpenObjectByPointer(
6387 IN ULONG HandleAttributes
,
6388 IN PACCESS_STATE PassedAccessState OPTIONAL
,
6389 IN ACCESS_MASK DesiredAccess OPTIONAL
,
6390 IN POBJECT_TYPE ObjectType OPTIONAL
,
6391 IN KPROCESSOR_MODE AccessMode
,
6392 OUT PHANDLE Handle
);
6397 ObMakeTemporaryObject(
6405 OUT POBJECT_NAME_INFORMATION ObjectNameInfo OPTIONAL
,
6407 OUT PULONG ReturnLength
);
6412 ObQueryObjectAuditingByHandle(
6414 OUT PBOOLEAN GenerateOnClose
);
6418 #if (NTDDI_VERSION >= NTDDI_VISTA)
6426 #if (NTDDI_VERSION >= NTDDI_WIN7)
6430 ObOpenObjectByPointerWithTag(
6432 IN ULONG HandleAttributes
,
6433 IN PACCESS_STATE PassedAccessState OPTIONAL
,
6434 IN ACCESS_MASK DesiredAccess
,
6435 IN POBJECT_TYPE ObjectType OPTIONAL
,
6436 IN KPROCESSOR_MODE AccessMode
,
6438 OUT PHANDLE Handle
);
6447 typedef enum _FAST_IO_POSSIBLE
{
6448 FastIoIsNotPossible
= 0,
6450 FastIoIsQuestionable
6453 typedef struct _FSRTL_COMMON_FCB_HEADER
{
6454 CSHORT NodeTypeCode
;
6455 CSHORT NodeByteSize
;
6457 UCHAR IsFastIoPossible
;
6461 PERESOURCE Resource
;
6462 PERESOURCE PagingIoResource
;
6463 LARGE_INTEGER AllocationSize
;
6464 LARGE_INTEGER FileSize
;
6465 LARGE_INTEGER ValidDataLength
;
6466 } FSRTL_COMMON_FCB_HEADER
, *PFSRTL_COMMON_FCB_HEADER
;
6469 typedef struct _FSRTL_ADVANCED_FCB_HEADER
:FSRTL_COMMON_FCB_HEADER
{
6470 #else /* __cplusplus */
6471 typedef struct _FSRTL_ADVANCED_FCB_HEADER
{
6472 FSRTL_COMMON_FCB_HEADER DUMMYSTRUCTNAME
;
6473 #endif /* __cplusplus */
6474 PFAST_MUTEX FastMutex
;
6475 LIST_ENTRY FilterContexts
;
6476 #if (NTDDI_VERSION >= NTDDI_VISTA)
6477 EX_PUSH_LOCK PushLock
;
6478 PVOID
*FileContextSupportPointer
;
6480 } FSRTL_ADVANCED_FCB_HEADER
, *PFSRTL_ADVANCED_FCB_HEADER
;
6482 #define FSRTL_FCB_HEADER_V0 (0x00)
6483 #define FSRTL_FCB_HEADER_V1 (0x01)
6485 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
6486 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
6487 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
6488 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
6489 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
6490 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
6491 #define FSRTL_FLAG_ADVANCED_HEADER (0x40)
6492 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
6494 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
6495 #define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
6496 #define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
6497 #define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
6499 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
6500 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
6501 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
6502 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
6503 #define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
6504 #define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
6505 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
6507 typedef struct _EOF_WAIT_BLOCK
{
6508 LIST_ENTRY EofWaitLinks
;
6510 } EOF_WAIT_BLOCK
, *PEOF_WAIT_BLOCK
;
6512 typedef struct _FSRTL_AUXILIARY_BUFFER
{
6517 } FSRTL_AUXILIARY_BUFFER
, *PFSRTL_AUXILIARY_BUFFER
;
6519 #define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
6521 typedef struct _FILE_LOCK_INFO
{
6522 LARGE_INTEGER StartingByte
;
6523 LARGE_INTEGER Length
;
6524 BOOLEAN ExclusiveLock
;
6526 PFILE_OBJECT FileObject
;
6528 LARGE_INTEGER EndingByte
;
6529 } FILE_LOCK_INFO
, *PFILE_LOCK_INFO
;
6532 (NTAPI
*PCOMPLETE_LOCK_IRP_ROUTINE
) (
6537 (NTAPI
*PUNLOCK_ROUTINE
) (
6539 IN PFILE_LOCK_INFO FileLockInfo
);
6541 typedef struct _FILE_LOCK
{
6542 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
;
6543 PUNLOCK_ROUTINE UnlockRoutine
;
6544 BOOLEAN FastIoIsQuestionable
;
6546 PVOID LockInformation
;
6547 FILE_LOCK_INFO LastReturnedLockInfo
;
6548 PVOID LastReturnedLock
;
6549 LONG
volatile LockRequestsInProgress
;
6550 } FILE_LOCK
, *PFILE_LOCK
;
6552 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6558 IN PFILE_OBJECT FileObject
,
6559 IN PLARGE_INTEGER FileOffset
,
6564 OUT PIO_STATUS_BLOCK IoStatus
,
6565 IN PDEVICE_OBJECT DeviceObject
);
6571 IN PFILE_OBJECT FileObject
,
6572 IN PLARGE_INTEGER FileOffset
,
6577 OUT PIO_STATUS_BLOCK IoStatus
,
6578 IN PDEVICE_OBJECT DeviceObject
);
6584 IN PFILE_OBJECT FileObject
,
6585 IN PLARGE_INTEGER FileOffset
,
6589 OUT PIO_STATUS_BLOCK IoStatus
,
6590 IN PDEVICE_OBJECT DeviceObject OPTIONAL
);
6595 FsRtlMdlReadCompleteDev(
6596 IN PFILE_OBJECT FileObject
,
6598 IN PDEVICE_OBJECT DeviceObject OPTIONAL
);
6603 FsRtlPrepareMdlWriteDev(
6604 IN PFILE_OBJECT FileObject
,
6605 IN PLARGE_INTEGER FileOffset
,
6609 OUT PIO_STATUS_BLOCK IoStatus
,
6610 IN PDEVICE_OBJECT DeviceObject
);
6615 FsRtlMdlWriteCompleteDev(
6616 IN PFILE_OBJECT FileObject
,
6617 IN PLARGE_INTEGER FileOffset
,
6619 IN PDEVICE_OBJECT DeviceObject
);
6624 FsRtlAcquireFileExclusive(
6625 IN PFILE_OBJECT FileObject
);
6631 IN PFILE_OBJECT FileObject
);
6637 IN PFILE_OBJECT FileObject
,
6638 OUT PLARGE_INTEGER FileSize
);
6643 FsRtlIsTotalDeviceFailure(
6644 IN NTSTATUS Status
);
6649 FsRtlAllocateFileLock(
6650 IN PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine OPTIONAL
,
6651 IN PUNLOCK_ROUTINE UnlockRoutine OPTIONAL
);
6657 IN PFILE_LOCK FileLock
);
6662 FsRtlInitializeFileLock(
6663 IN PFILE_LOCK FileLock
,
6664 IN PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine OPTIONAL
,
6665 IN PUNLOCK_ROUTINE UnlockRoutine OPTIONAL
);
6670 FsRtlUninitializeFileLock(
6671 IN PFILE_LOCK FileLock
);
6674 FsRtlProcessFileLock:
6677 -STATUS_INVALID_DEVICE_REQUEST
6678 -STATUS_RANGE_NOT_LOCKED from unlock routines.
6679 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
6680 (redirected IoStatus->Status).
6683 -switch ( Irp->CurrentStackLocation->MinorFunction )
6684 lock: return FsRtlPrivateLock;
6685 unlocksingle: return FsRtlFastUnlockSingle;
6686 unlockall: return FsRtlFastUnlockAll;
6687 unlockallbykey: return FsRtlFastUnlockAllByKey;
6688 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
6689 return STATUS_INVALID_DEVICE_REQUEST;
6691 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
6692 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
6697 FsRtlProcessFileLock(
6698 IN PFILE_LOCK FileLock
,
6700 IN PVOID Context OPTIONAL
);
6703 FsRtlCheckLockForReadAccess:
6705 All this really does is pick out the lock parameters from the irp (io stack
6706 location?), get IoGetRequestorProcess, and pass values on to
6707 FsRtlFastCheckLockForRead.
6712 FsRtlCheckLockForReadAccess(
6713 IN PFILE_LOCK FileLock
,
6717 FsRtlCheckLockForWriteAccess:
6719 All this really does is pick out the lock parameters from the irp (io stack
6720 location?), get IoGetRequestorProcess, and pass values on to
6721 FsRtlFastCheckLockForWrite.
6726 FsRtlCheckLockForWriteAccess(
6727 IN PFILE_LOCK FileLock
,
6733 FsRtlFastCheckLockForRead(
6734 IN PFILE_LOCK FileLock
,
6735 IN PLARGE_INTEGER FileOffset
,
6736 IN PLARGE_INTEGER Length
,
6738 IN PFILE_OBJECT FileObject
,
6744 FsRtlFastCheckLockForWrite(
6745 IN PFILE_LOCK FileLock
,
6746 IN PLARGE_INTEGER FileOffset
,
6747 IN PLARGE_INTEGER Length
,
6749 IN PFILE_OBJECT FileObject
,
6753 FsRtlGetNextFileLock:
6755 ret: NULL if no more locks
6758 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
6759 FileLock->LastReturnedLock as storage.
6760 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
6761 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
6762 calls with Restart = FALSE.
6767 FsRtlGetNextFileLock(
6768 IN PFILE_LOCK FileLock
,
6769 IN BOOLEAN Restart
);
6774 FsRtlFastUnlockSingle(
6775 IN PFILE_LOCK FileLock
,
6776 IN PFILE_OBJECT FileObject
,
6777 IN PLARGE_INTEGER FileOffset
,
6778 IN PLARGE_INTEGER Length
,
6779 IN PEPROCESS Process
,
6781 IN PVOID Context OPTIONAL
,
6782 IN BOOLEAN AlreadySynchronized
);
6788 IN PFILE_LOCK FileLock
,
6789 IN PFILE_OBJECT FileObject
,
6790 IN PEPROCESS Process
,
6791 IN PVOID Context OPTIONAL
);
6796 FsRtlFastUnlockAllByKey(
6797 IN PFILE_LOCK FileLock
,
6798 IN PFILE_OBJECT FileObject
,
6799 IN PEPROCESS Process
,
6801 IN PVOID Context OPTIONAL
);
6806 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
6809 -Calls IoCompleteRequest if Irp
6810 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
6816 IN PFILE_LOCK FileLock
,
6817 IN PFILE_OBJECT FileObject
,
6818 IN PLARGE_INTEGER FileOffset
,
6819 IN PLARGE_INTEGER Length
,
6820 IN PEPROCESS Process
,
6822 IN BOOLEAN FailImmediately
,
6823 IN BOOLEAN ExclusiveLock
,
6824 OUT PIO_STATUS_BLOCK IoStatus
,
6825 IN PIRP Irp OPTIONAL
,
6827 IN BOOLEAN AlreadySynchronized
);
6832 FsRtlInitializeTunnelCache(
6838 FsRtlAddToTunnelCache(
6840 IN ULONGLONG DirectoryKey
,
6841 IN PUNICODE_STRING ShortName
,
6842 IN PUNICODE_STRING LongName
,
6843 IN BOOLEAN KeyByShortName
,
6844 IN ULONG DataLength
,
6850 FsRtlFindInTunnelCache(
6852 IN ULONGLONG DirectoryKey
,
6853 IN PUNICODE_STRING Name
,
6854 OUT PUNICODE_STRING ShortName
,
6855 OUT PUNICODE_STRING LongName
,
6856 IN OUT PULONG DataLength
,
6862 FsRtlDeleteKeyFromTunnelCache(
6864 IN ULONGLONG DirectoryKey
);
6869 FsRtlDeleteTunnelCache(
6876 IN ANSI_STRING Name
,
6877 OUT PANSI_STRING FirstPart
,
6878 OUT PANSI_STRING RemainingPart
);
6883 FsRtlDoesDbcsContainWildCards(
6884 IN PANSI_STRING Name
);
6889 FsRtlIsDbcsInExpression(
6890 IN PANSI_STRING Expression
,
6891 IN PANSI_STRING Name
);
6896 FsRtlIsFatDbcsLegal(
6897 IN ANSI_STRING DbcsName
,
6898 IN BOOLEAN WildCardsPermissible
,
6899 IN BOOLEAN PathNamePermissible
,
6900 IN BOOLEAN LeadingBackslashPermissible
);
6905 FsRtlIsHpfsDbcsLegal(
6906 IN ANSI_STRING DbcsName
,
6907 IN BOOLEAN WildCardsPermissible
,
6908 IN BOOLEAN PathNamePermissible
,
6909 IN BOOLEAN LeadingBackslashPermissible
);
6914 FsRtlNormalizeNtstatus(
6915 IN NTSTATUS Exception
,
6916 IN NTSTATUS GenericException
);
6921 FsRtlIsNtstatusExpected(
6922 IN NTSTATUS Ntstatus
);
6927 FsRtlAllocateResource(
6933 FsRtlInitializeLargeMcb(
6935 IN POOL_TYPE PoolType
);
6940 FsRtlUninitializeLargeMcb(
6948 IN BOOLEAN SelfSynchronized
);
6953 FsRtlTruncateLargeMcb(
6960 FsRtlAddLargeMcbEntry(
6964 IN LONGLONG SectorCount
);
6969 FsRtlRemoveLargeMcbEntry(
6972 IN LONGLONG SectorCount
);
6977 FsRtlLookupLargeMcbEntry(
6980 OUT PLONGLONG Lbn OPTIONAL
,
6981 OUT PLONGLONG SectorCountFromLbn OPTIONAL
,
6982 OUT PLONGLONG StartingLbn OPTIONAL
,
6983 OUT PLONGLONG SectorCountFromStartingLbn OPTIONAL
,
6984 OUT PULONG Index OPTIONAL
);
6989 FsRtlLookupLastLargeMcbEntry(
6997 FsRtlLookupLastLargeMcbEntryAndIndex(
6998 IN PLARGE_MCB OpaqueMcb
,
6999 OUT PLONGLONG LargeVbn
,
7000 OUT PLONGLONG LargeLbn
,
7006 FsRtlNumberOfRunsInLargeMcb(
7012 FsRtlGetNextLargeMcbEntry(
7017 OUT PLONGLONG SectorCount
);
7025 IN LONGLONG Amount
);
7032 IN POOL_TYPE PoolType
);
7037 FsRtlUninitializeMcb(
7054 IN ULONG SectorCount
);
7059 FsRtlRemoveMcbEntry(
7062 IN ULONG SectorCount
);
7067 FsRtlLookupMcbEntry(
7071 OUT PULONG SectorCount OPTIONAL
,
7077 FsRtlLookupLastMcbEntry(
7085 FsRtlNumberOfRunsInMcb(
7091 FsRtlGetNextMcbEntry(
7096 OUT PULONG SectorCount
);
7102 IN PDEVICE_OBJECT TargetDevice
);
7107 FsRtlInitializeOplock(
7108 IN OUT POPLOCK Oplock
);
7113 FsRtlUninitializeOplock(
7114 IN OUT POPLOCK Oplock
);
7122 IN ULONG OpenCount
);
7131 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL
,
7132 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
);
7137 FsRtlOplockIsFastIoPossible(
7143 FsRtlCurrentBatchOplock(
7149 FsRtlNotifyVolumeEvent(
7150 IN PFILE_OBJECT FileObject
,
7151 IN ULONG EventCode
);
7156 FsRtlNotifyInitializeSync(
7157 IN PNOTIFY_SYNC
*NotifySync
);
7162 FsRtlNotifyUninitializeSync(
7163 IN PNOTIFY_SYNC
*NotifySync
);
7168 FsRtlNotifyFullChangeDirectory(
7169 IN PNOTIFY_SYNC NotifySync
,
7170 IN PLIST_ENTRY NotifyList
,
7172 IN PSTRING FullDirectoryName
,
7173 IN BOOLEAN WatchTree
,
7174 IN BOOLEAN IgnoreBuffer
,
7175 IN ULONG CompletionFilter
,
7176 IN PIRP NotifyIrp OPTIONAL
,
7177 IN PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback OPTIONAL
,
7178 IN PSECURITY_SUBJECT_CONTEXT SubjectContext OPTIONAL
);
7183 FsRtlNotifyFilterReportChange(
7184 IN PNOTIFY_SYNC NotifySync
,
7185 IN PLIST_ENTRY NotifyList
,
7186 IN PSTRING FullTargetName
,
7187 IN USHORT TargetNameOffset
,
7188 IN PSTRING StreamName OPTIONAL
,
7189 IN PSTRING NormalizedParentName OPTIONAL
,
7190 IN ULONG FilterMatch
,
7192 IN PVOID TargetContext OPTIONAL
,
7193 IN PVOID FilterContext OPTIONAL
);
7198 FsRtlNotifyFullReportChange(
7199 IN PNOTIFY_SYNC NotifySync
,
7200 IN PLIST_ENTRY NotifyList
,
7201 IN PSTRING FullTargetName
,
7202 IN USHORT TargetNameOffset
,
7203 IN PSTRING StreamName OPTIONAL
,
7204 IN PSTRING NormalizedParentName OPTIONAL
,
7205 IN ULONG FilterMatch
,
7207 IN PVOID TargetContext OPTIONAL
);
7213 IN PNOTIFY_SYNC NotifySync
,
7214 IN PLIST_ENTRY NotifyList
,
7215 IN PVOID FsContext
);
7221 IN UNICODE_STRING Name
,
7222 OUT PUNICODE_STRING FirstPart
,
7223 OUT PUNICODE_STRING RemainingPart
);
7228 FsRtlDoesNameContainWildCards(
7229 IN PUNICODE_STRING Name
);
7235 IN PCUNICODE_STRING Name1
,
7236 IN PCUNICODE_STRING Name2
,
7237 IN BOOLEAN IgnoreCase
,
7238 IN PCWCH UpcaseTable OPTIONAL
);
7243 FsRtlIsNameInExpression(
7244 IN PUNICODE_STRING Expression
,
7245 IN PUNICODE_STRING Name
,
7246 IN BOOLEAN IgnoreCase
,
7247 IN PWCHAR UpcaseTable OPTIONAL
);
7252 FsRtlPostPagingFileStackOverflow(
7255 IN PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7260 FsRtlPostStackOverflow (
7263 IN PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7268 FsRtlRegisterUncProvider(
7269 OUT PHANDLE MupHandle
,
7270 IN PUNICODE_STRING RedirectorDeviceName
,
7271 IN BOOLEAN MailslotsSupported
);
7276 FsRtlDeregisterUncProvider(
7282 FsRtlTeardownPerStreamContexts(
7283 IN PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
7288 FsRtlCreateSectionForDataScan(
7289 OUT PHANDLE SectionHandle
,
7290 OUT PVOID
*SectionObject
,
7291 OUT PLARGE_INTEGER SectionFileSize OPTIONAL
,
7292 IN PFILE_OBJECT FileObject
,
7293 IN ACCESS_MASK DesiredAccess
,
7294 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
7295 IN PLARGE_INTEGER MaximumSize OPTIONAL
,
7296 IN ULONG SectionPageProtection
,
7297 IN ULONG AllocationAttributes
,
7300 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
7302 #if (NTDDI_VERSION >= NTDDI_WINXP)
7307 FsRtlNotifyFilterChangeDirectory(
7308 IN PNOTIFY_SYNC NotifySync
,
7309 IN PLIST_ENTRY NotifyList
,
7311 IN PSTRING FullDirectoryName
,
7312 IN BOOLEAN WatchTree
,
7313 IN BOOLEAN IgnoreBuffer
,
7314 IN ULONG CompletionFilter
,
7315 IN PIRP NotifyIrp OPTIONAL
,
7316 IN PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback OPTIONAL
,
7317 IN PSECURITY_SUBJECT_CONTEXT SubjectContext OPTIONAL
,
7318 IN PFILTER_REPORT_CHANGE FilterCallback OPTIONAL
);
7323 FsRtlInsertPerStreamContext(
7324 IN PFSRTL_ADVANCED_FCB_HEADER PerStreamContext
,
7325 IN PFSRTL_PER_STREAM_CONTEXT Ptr
);
7328 PFSRTL_PER_STREAM_CONTEXT
7330 FsRtlLookupPerStreamContextInternal(
7331 IN PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7332 IN PVOID OwnerId OPTIONAL
,
7333 IN PVOID InstanceId OPTIONAL
);
7336 PFSRTL_PER_STREAM_CONTEXT
7338 FsRtlRemovePerStreamContext(
7339 IN PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7340 IN PVOID OwnerId OPTIONAL
,
7341 IN PVOID InstanceId OPTIONAL
);
7346 FsRtlIncrementCcFastReadNotPossible(
7352 FsRtlIncrementCcFastReadWait(
7358 FsRtlIncrementCcFastReadNoWait(
7364 FsRtlIncrementCcFastReadResourceMiss(
7371 IN PFILE_OBJECT FileObject
);
7373 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
7375 #if (NTDDI_VERSION >= NTDDI_WS03)
7380 FsRtlInitializeBaseMcb(
7382 IN POOL_TYPE PoolType
);
7387 FsRtlUninitializeBaseMcb(
7399 FsRtlTruncateBaseMcb(
7406 FsRtlAddBaseMcbEntry(
7410 IN LONGLONG SectorCount
);
7415 FsRtlRemoveBaseMcbEntry(
7418 IN LONGLONG SectorCount
);
7423 FsRtlLookupBaseMcbEntry(
7426 OUT PLONGLONG Lbn OPTIONAL
,
7427 OUT PLONGLONG SectorCountFromLbn OPTIONAL
,
7428 OUT PLONGLONG StartingLbn OPTIONAL
,
7429 OUT PLONGLONG SectorCountFromStartingLbn OPTIONAL
,
7430 OUT PULONG Index OPTIONAL
);
7435 FsRtlLookupLastBaseMcbEntry(
7443 FsRtlLookupLastBaseMcbEntryAndIndex(
7444 IN PBASE_MCB OpaqueMcb
,
7445 IN OUT PLONGLONG LargeVbn
,
7446 IN OUT PLONGLONG LargeLbn
,
7447 IN OUT PULONG Index
);
7452 FsRtlNumberOfRunsInBaseMcb(
7458 FsRtlGetNextBaseMcbEntry(
7463 OUT PLONGLONG SectorCount
);
7471 IN LONGLONG Amount
);
7473 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
7475 #if (NTDDI_VERSION >= NTDDI_VISTA)
7479 FsRtlInitializeBaseMcbEx(
7481 IN POOL_TYPE PoolType
,
7486 FsRtlAddBaseMcbEntryEx(
7490 IN LONGLONG SectorCount
);
7501 FsRtlOplockBreakToNone(
7502 IN OUT POPLOCK Oplock
,
7503 IN PIO_STACK_LOCATION IrpSp OPTIONAL
,
7505 IN PVOID Context OPTIONAL
,
7506 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL
,
7507 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
);
7512 FsRtlNotifyVolumeEventEx(
7513 IN PFILE_OBJECT FileObject
,
7515 IN PTARGET_DEVICE_CUSTOM_NOTIFICATION Event
);
7520 FsRtlNotifyCleanupAll(
7521 IN PNOTIFY_SYNC NotifySync
,
7522 IN PLIST_ENTRY NotifyList
);
7526 FsRtlRegisterUncProviderEx(
7527 OUT PHANDLE MupHandle
,
7528 IN PUNICODE_STRING RedirDevName
,
7529 IN PDEVICE_OBJECT DeviceObject
,
7535 FsRtlCancellableWaitForSingleObject(
7537 IN PLARGE_INTEGER Timeout OPTIONAL
,
7538 IN PIRP Irp OPTIONAL
);
7543 FsRtlCancellableWaitForMultipleObjects(
7545 IN PVOID ObjectArray
[],
7546 IN WAIT_TYPE WaitType
,
7547 IN PLARGE_INTEGER Timeout OPTIONAL
,
7548 IN PKWAIT_BLOCK WaitBlockArray OPTIONAL
,
7549 IN PIRP Irp OPTIONAL
);
7554 FsRtlMupGetProviderInfoFromFileObject(
7555 IN PFILE_OBJECT pFileObject
,
7558 IN OUT PULONG pBufferSize
);
7563 FsRtlMupGetProviderIdFromName(
7564 IN PUNICODE_STRING pProviderName
,
7565 OUT PULONG32 pProviderId
);
7570 FsRtlIncrementCcFastMdlReadWait(
7576 FsRtlValidateReparsePointBuffer(
7577 IN ULONG BufferLength
,
7578 IN PREPARSE_DATA_BUFFER ReparseBuffer
);
7583 FsRtlRemoveDotsFromPath(
7584 IN OUT PWSTR OriginalString
,
7585 IN USHORT PathLength
,
7586 OUT USHORT
*NewLength
);
7591 FsRtlAllocateExtraCreateParameterList(
7592 IN FSRTL_ALLOCATE_ECPLIST_FLAGS Flags
,
7593 OUT PECP_LIST
*EcpList
);
7598 FsRtlFreeExtraCreateParameterList(
7599 IN PECP_LIST EcpList
);
7604 FsRtlAllocateExtraCreateParameter(
7606 IN ULONG SizeOfContext
,
7607 IN FSRTL_ALLOCATE_ECP_FLAGS Flags
,
7608 IN PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback OPTIONAL
,
7610 OUT PVOID
*EcpContext
);
7615 FsRtlFreeExtraCreateParameter(
7616 IN PVOID EcpContext
);
7621 FsRtlInitExtraCreateParameterLookasideList(
7622 IN OUT PVOID Lookaside
,
7623 IN FSRTL_ECP_LOOKASIDE_FLAGS Flags
,
7629 FsRtlDeleteExtraCreateParameterLookasideList(
7630 IN OUT PVOID Lookaside
,
7631 IN FSRTL_ECP_LOOKASIDE_FLAGS Flags
);
7636 FsRtlAllocateExtraCreateParameterFromLookasideList(
7638 IN ULONG SizeOfContext
,
7639 IN FSRTL_ALLOCATE_ECP_FLAGS Flags
,
7640 IN PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback OPTIONAL
,
7641 IN OUT PVOID LookasideList
,
7642 OUT PVOID
*EcpContext
);
7647 FsRtlInsertExtraCreateParameter(
7648 IN OUT PECP_LIST EcpList
,
7649 IN OUT PVOID EcpContext
);
7654 FsRtlFindExtraCreateParameter(
7655 IN PECP_LIST EcpList
,
7657 OUT PVOID
*EcpContext OPTIONAL
,
7658 OUT ULONG
*EcpContextSize OPTIONAL
);
7663 FsRtlRemoveExtraCreateParameter(
7664 IN OUT PECP_LIST EcpList
,
7666 OUT PVOID
*EcpContext
,
7667 OUT ULONG
*EcpContextSize OPTIONAL
);
7672 FsRtlGetEcpListFromIrp(
7674 OUT PECP_LIST
*EcpList OPTIONAL
);
7679 FsRtlSetEcpListIntoIrp(
7681 IN PECP_LIST EcpList
);
7686 FsRtlGetNextExtraCreateParameter(
7687 IN PECP_LIST EcpList
,
7688 IN PVOID CurrentEcpContext OPTIONAL
,
7689 OUT LPGUID NextEcpType OPTIONAL
,
7690 OUT PVOID
*NextEcpContext OPTIONAL
,
7691 OUT ULONG
*NextEcpContextSize OPTIONAL
);
7696 FsRtlAcknowledgeEcp(
7697 IN PVOID EcpContext
);
7702 FsRtlIsEcpAcknowledged(
7703 IN PVOID EcpContext
);
7708 FsRtlIsEcpFromUserMode(
7709 IN PVOID EcpContext
);
7714 FsRtlChangeBackingFileObject(
7715 IN PFILE_OBJECT CurrentFileObject OPTIONAL
,
7716 IN PFILE_OBJECT NewFileObject
,
7717 IN FSRTL_CHANGE_BACKING_TYPE ChangeBackingType
,
7723 FsRtlLogCcFlushError(
7724 IN PUNICODE_STRING FileName
,
7725 IN PDEVICE_OBJECT DeviceObject
,
7726 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
7727 IN NTSTATUS FlushError
,
7733 FsRtlAreVolumeStartupApplicationsComplete(
7739 FsRtlQueryMaximumVirtualDiskNestingLevel(
7745 FsRtlGetVirtualDiskNestingLevel(
7746 IN PDEVICE_OBJECT DeviceObject
,
7747 OUT PULONG NestingLevel
,
7748 OUT PULONG NestingFlags OPTIONAL
);
7750 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
7752 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
7760 IN PVOID Context OPTIONAL
,
7761 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL
,
7762 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
);
7766 #if (NTDDI_VERSION >= NTDDI_WIN7)
7771 FsRtlAreThereCurrentOrInProgressFileLocks(
7772 IN PFILE_LOCK FileLock
);
7777 FsRtlOplockIsSharedRequest(
7787 IN PVOID Context OPTIONAL
,
7788 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL
,
7789 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
);
7794 FsRtlCurrentOplockH(
7800 FsRtlOplockBreakToNoneEx(
7801 IN OUT POPLOCK Oplock
,
7804 IN PVOID Context OPTIONAL
,
7805 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL
,
7806 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
);
7811 FsRtlOplockFsctrlEx(
7820 FsRtlOplockKeysEqual(
7821 IN PFILE_OBJECT Fo1 OPTIONAL
,
7822 IN PFILE_OBJECT Fo2 OPTIONAL
);
7827 FsRtlInitializeExtraCreateParameterList(
7828 IN OUT PECP_LIST EcpList
);
7833 FsRtlInitializeExtraCreateParameter(
7836 IN PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback OPTIONAL
,
7839 IN PVOID ListAllocatedFrom OPTIONAL
);
7841 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
7846 FsRtlInsertPerFileContext(
7847 IN PVOID
* PerFileContextPointer
,
7848 IN PFSRTL_PER_FILE_CONTEXT Ptr
);
7851 PFSRTL_PER_FILE_CONTEXT
7853 FsRtlLookupPerFileContext(
7854 IN PVOID
* PerFileContextPointer
,
7855 IN PVOID OwnerId OPTIONAL
,
7856 IN PVOID InstanceId OPTIONAL
);
7859 PFSRTL_PER_FILE_CONTEXT
7861 FsRtlRemovePerFileContext(
7862 IN PVOID
* PerFileContextPointer
,
7863 IN PVOID OwnerId OPTIONAL
,
7864 IN PVOID InstanceId OPTIONAL
);
7869 FsRtlTeardownPerFileContexts(
7870 IN PVOID
* PerFileContextPointer
);
7875 FsRtlInsertPerFileObjectContext(
7876 IN PFILE_OBJECT FileObject
,
7877 IN PFSRTL_PER_FILEOBJECT_CONTEXT Ptr
);
7880 PFSRTL_PER_FILEOBJECT_CONTEXT
7882 FsRtlLookupPerFileObjectContext(
7883 IN PFILE_OBJECT FileObject
,
7884 IN PVOID OwnerId OPTIONAL
,
7885 IN PVOID InstanceId OPTIONAL
);
7888 PFSRTL_PER_FILEOBJECT_CONTEXT
7890 FsRtlRemovePerFileObjectContext(
7891 IN PFILE_OBJECT FileObject
,
7892 IN PVOID OwnerId OPTIONAL
,
7893 IN PVOID InstanceId OPTIONAL
);
7895 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) ( \
7896 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11) \
7899 #define FsRtlAreThereCurrentFileLocks(FL) ( \
7900 ((FL)->FastIoIsQuestionable) \
7903 #define FsRtlIncrementLockRequestsInProgress(FL) { \
7904 ASSERT( (FL)->LockRequestsInProgress >= 0 ); \
7906 (InterlockedIncrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
7909 #define FsRtlDecrementLockRequestsInProgress(FL) { \
7910 ASSERT( (FL)->LockRequestsInProgress > 0 ); \
7912 (InterlockedDecrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
7915 typedef struct _TUNNEL
{
7917 PRTL_SPLAY_LINKS Cache
;
7918 LIST_ENTRY TimerQueue
;
7922 typedef enum _FSRTL_COMPARISON_RESULT
{
7926 } FSRTL_COMPARISON_RESULT
;
7928 #ifdef NLS_MB_CODE_PAGE_TAG
7929 #undef NLS_MB_CODE_PAGE_TAG
7932 #define LEGAL_ANSI_CHARACTER_ARRAY FsRtlLegalAnsiCharacterArray
7933 #define NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag
7934 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
7936 extern UCHAR
const* const LEGAL_ANSI_CHARACTER_ARRAY
;
7937 extern PUSHORT NLS_OEM_LEAD_BYTE_INFO
;
7939 #define FSRTL_FAT_LEGAL 0x01
7940 #define FSRTL_HPFS_LEGAL 0x02
7941 #define FSRTL_NTFS_LEGAL 0x04
7942 #define FSRTL_WILD_CHARACTER 0x08
7943 #define FSRTL_OLE_LEGAL 0x10
7944 #define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
7946 #define FsRtlIsAnsiCharacterWild(C) ( \
7947 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], FSRTL_WILD_CHARACTER ) \
7950 #define FsRtlIsAnsiCharacterLegalFat(C, WILD) ( \
7951 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_FAT_LEGAL) | \
7952 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
7955 #define FsRtlIsAnsiCharacterLegalHpfs(C, WILD) ( \
7956 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_HPFS_LEGAL) | \
7957 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
7960 #define FsRtlIsAnsiCharacterLegalNtfs(C, WILD) ( \
7961 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_NTFS_LEGAL) | \
7962 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
7965 #define FsRtlIsAnsiCharacterLegalNtfsStream(C,WILD_OK) ( \
7966 FsRtlTestAnsiCharacter((C), TRUE, (WILD_OK), FSRTL_NTFS_STREAM_LEGAL) \
7969 #define FsRtlIsAnsiCharacterLegal(C,FLAGS) ( \
7970 FsRtlTestAnsiCharacter((C), TRUE, FALSE, (FLAGS)) \
7973 #define FsRtlTestAnsiCharacter(C, DEFAULT_RET, WILD_OK, FLAGS) ( \
7974 ((SCHAR)(C) < 0) ? DEFAULT_RET : \
7975 FlagOn( LEGAL_ANSI_CHARACTER_ARRAY[(C)], \
7977 ((WILD_OK) ? FSRTL_WILD_CHARACTER : 0) ) \
7980 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) ( \
7981 (BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
7982 (NLS_MB_CODE_PAGE_TAG && \
7983 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))) \
7986 typedef struct _BASE_MCB
{
7987 ULONG MaximumPairCount
;
7992 } BASE_MCB
, *PBASE_MCB
;
7994 typedef struct _LARGE_MCB
{
7995 PKGUARDED_MUTEX GuardedMutex
;
7997 } LARGE_MCB
, *PLARGE_MCB
;
7999 #define MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE 1
8001 typedef struct _MCB
{
8002 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly
;
8005 typedef PVOID OPLOCK
, *POPLOCK
;
8008 (NTAPI
*POPLOCK_WAIT_COMPLETE_ROUTINE
) (
8013 (NTAPI
*POPLOCK_FS_PREPOST_IRP
) (
8017 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
8018 #define OPLOCK_FLAG_COMPLETE_IF_OPLOCKED 0x00000001
8021 #if (NTDDI_VERSION >= NTDDI_WIN7)
8022 #define OPLOCK_FLAG_OPLOCK_KEY_CHECK_ONLY 0x00000002
8023 #define OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK 0x00000004
8024 #define OPLOCK_FLAG_IGNORE_OPLOCK_KEYS 0x00000008
8025 #define OPLOCK_FSCTRL_FLAG_ALL_KEYS_MATCH 0x00000001
8028 #if (NTDDI_VERSION >= NTDDI_WIN7)
8030 typedef struct _OPLOCK_KEY_ECP_CONTEXT
{
8033 } OPLOCK_KEY_ECP_CONTEXT
, *POPLOCK_KEY_ECP_CONTEXT
;
8035 DEFINE_GUID( GUID_ECP_OPLOCK_KEY
, 0x48850596, 0x3050, 0x4be7, 0x98, 0x63, 0xfe, 0xc3, 0x50, 0xce, 0x8d, 0x7f );
8039 #define FSRTL_VOLUME_DISMOUNT 1
8040 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
8041 #define FSRTL_VOLUME_LOCK 3
8042 #define FSRTL_VOLUME_LOCK_FAILED 4
8043 #define FSRTL_VOLUME_UNLOCK 5
8044 #define FSRTL_VOLUME_MOUNT 6
8045 #define FSRTL_VOLUME_NEEDS_CHKDSK 7
8046 #define FSRTL_VOLUME_WORM_NEAR_FULL 8
8047 #define FSRTL_VOLUME_WEARING_OUT 9
8048 #define FSRTL_VOLUME_FORCED_CLOSED 10
8049 #define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
8050 #define FSRTL_VOLUME_PREPARING_EJECT 12
8051 #define FSRTL_VOLUME_CHANGE_SIZE 13
8052 #define FSRTL_VOLUME_BACKGROUND_FORMAT 14
8054 typedef PVOID PNOTIFY_SYNC
;
8057 (NTAPI
*PCHECK_FOR_TRAVERSE_ACCESS
) (
8058 IN PVOID NotifyContext
,
8059 IN PVOID TargetContext OPTIONAL
,
8060 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
);
8063 (NTAPI
*PFILTER_REPORT_CHANGE
) (
8064 IN PVOID NotifyContext
,
8065 IN PVOID FilterContext
);
8067 #define FsRtlIsUnicodeCharacterWild(C) ( \
8070 FlagOn(FsRtlLegalAnsiCharacterArray[(C)], FSRTL_WILD_CHARACTER )) \
8074 (NTAPI
*PFSRTL_STACK_OVERFLOW_ROUTINE
) (
8078 #if (NTDDI_VERSION >= NTDDI_VISTA)
8080 #define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
8081 #define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
8082 #define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
8084 #define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
8086 #define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
8087 #define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
8089 #define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
8091 #define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
8092 #define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
8094 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1
{
8096 } FSRTL_MUP_PROVIDER_INFO_LEVEL_1
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1
;
8098 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2
{
8100 UNICODE_STRING ProviderName
;
8101 } FSRTL_MUP_PROVIDER_INFO_LEVEL_2
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2
;
8104 (*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK
) (
8105 IN OUT PVOID EcpContext
,
8106 IN LPCGUID EcpType
);
8108 typedef struct _ECP_LIST ECP_LIST
, *PECP_LIST
;
8110 typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS
;
8111 typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS
;
8112 typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS
;
8114 typedef enum _FSRTL_CHANGE_BACKING_TYPE
{
8115 ChangeDataControlArea
,
8116 ChangeImageControlArea
,
8117 ChangeSharedCacheMap
8118 } FSRTL_CHANGE_BACKING_TYPE
, *PFSRTL_CHANGE_BACKING_TYPE
;
8120 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8122 typedef struct _FSRTL_PER_FILE_CONTEXT
{
8126 PFREE_FUNCTION FreeCallback
;
8127 } FSRTL_PER_FILE_CONTEXT
, *PFSRTL_PER_FILE_CONTEXT
;
8129 #define FsRtlInitPerFileContext( _fc, _owner, _inst, _cb) \
8130 ((_fc)->OwnerId = (_owner), \
8131 (_fc)->InstanceId = (_inst), \
8132 (_fc)->FreeCallback = (_cb))
8134 #define FsRtlGetPerFileContextPointer(_fo) \
8135 (FsRtlSupportsPerFileContexts(_fo) ? \
8136 FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer : \
8139 #define FsRtlSupportsPerFileContexts(_fo) \
8140 ((FsRtlGetPerStreamContextPointer(_fo) != NULL) && \
8141 (FsRtlGetPerStreamContextPointer(_fo)->Version >= FSRTL_FCB_HEADER_V1) && \
8142 (FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer != NULL))
8144 #define FsRtlSetupAdvancedHeaderEx( _advhdr, _fmutx, _fctxptr ) \
8146 FsRtlSetupAdvancedHeader( _advhdr, _fmutx ); \
8147 if ((_fctxptr) != NULL) { \
8148 (_advhdr)->FileContextSupportPointer = (_fctxptr); \
8152 typedef struct _FSRTL_PER_STREAM_CONTEXT
{
8156 PFREE_FUNCTION FreeCallback
;
8157 } FSRTL_PER_STREAM_CONTEXT
, *PFSRTL_PER_STREAM_CONTEXT
;
8159 #define FsRtlGetPerStreamContextPointer(FO) ( \
8160 (PFSRTL_ADVANCED_FCB_HEADER)(FO)->FsContext \
8163 #define FsRtlInitPerStreamContext(PSC, O, I, FC) ( \
8164 (PSC)->OwnerId = (O), \
8165 (PSC)->InstanceId = (I), \
8166 (PSC)->FreeCallback = (FC) \
8169 #define FsRtlSupportsPerStreamContexts(FO) ( \
8170 (BOOLEAN)((NULL != FsRtlGetPerStreamContextPointer(FO) && \
8171 FlagOn(FsRtlGetPerStreamContextPointer(FO)->Flags2, \
8172 FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS)) \
8175 #define FsRtlLookupPerStreamContext(_sc, _oid, _iid) \
8176 (((NULL != (_sc)) && \
8177 FlagOn((_sc)->Flags2,FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS) && \
8178 !IsListEmpty(&(_sc)->FilterContexts)) ? \
8179 FsRtlLookupPerStreamContextInternal((_sc), (_oid), (_iid)) : \
8185 FsRtlSetupAdvancedHeader(
8187 IN PFAST_MUTEX FMutex
)
8189 PFSRTL_ADVANCED_FCB_HEADER localAdvHdr
= (PFSRTL_ADVANCED_FCB_HEADER
)AdvHdr
;
8191 localAdvHdr
->Flags
|= FSRTL_FLAG_ADVANCED_HEADER
;
8192 localAdvHdr
->Flags2
|= FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS
;
8193 #if (NTDDI_VERSION >= NTDDI_VISTA)
8194 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V1
;
8196 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V0
;
8198 InitializeListHead( &localAdvHdr
->FilterContexts
);
8199 if (FMutex
!= NULL
) {
8200 localAdvHdr
->FastMutex
= FMutex
;
8202 #if (NTDDI_VERSION >= NTDDI_VISTA)
8203 *((PULONG_PTR
)(&localAdvHdr
->PushLock
)) = 0;
8204 localAdvHdr
->FileContextSupportPointer
= NULL
;
8208 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8210 (*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS
) (
8211 IN PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
8214 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT
{
8218 } FSRTL_PER_FILEOBJECT_CONTEXT
, *PFSRTL_PER_FILEOBJECT_CONTEXT
;
8220 #define FsRtlInitPerFileObjectContext(_fc, _owner, _inst) \
8221 ((_fc)->OwnerId = (_owner), (_fc)->InstanceId = (_inst))
8223 #define FsRtlCompleteRequest(IRP,STATUS) { \
8224 (IRP)->IoStatus.Status = (STATUS); \
8225 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
8228 #define FsRtlEnterFileSystem KeEnterCriticalRegion
8229 #define FsRtlExitFileSystem KeLeaveCriticalRegion
8231 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
8232 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
8234 #if (NTDDI_VERSION >= NTDDI_WIN7)
8235 typedef struct _ECP_HEADER ECP_HEADER
, *PECP_HEADER
;
8238 #if (NTDDI_VERSION >= NTDDI_VISTA)
8240 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER
{
8241 NetworkOpenLocationAny
,
8242 NetworkOpenLocationRemote
,
8243 NetworkOpenLocationLoopback
8244 } NETWORK_OPEN_LOCATION_QUALIFIER
;
8246 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER
{
8247 NetworkOpenIntegrityAny
,
8248 NetworkOpenIntegrityNone
,
8249 NetworkOpenIntegritySigned
,
8250 NetworkOpenIntegrityEncrypted
,
8251 NetworkOpenIntegrityMaximum
8252 } NETWORK_OPEN_INTEGRITY_QUALIFIER
;
8254 #if (NTDDI_VERSION >= NTDDI_WIN7)
8256 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
8257 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
8258 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
8260 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
8265 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8266 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8270 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8271 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8275 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
8277 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0
{
8282 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8283 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8286 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8287 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8290 } NETWORK_OPEN_ECP_CONTEXT_V0
, *PNETWORK_OPEN_ECP_CONTEXT_V0
;
8292 #elif (NTDDI_VERSION >= NTDDI_VISTA)
8293 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
8298 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8299 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8302 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
8303 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
8306 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
8309 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT
, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8 );
8311 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8314 #if (NTDDI_VERSION >= NTDDI_VISTA)
8316 typedef struct _PREFETCH_OPEN_ECP_CONTEXT
{
8318 } PREFETCH_OPEN_ECP_CONTEXT
, *PPREFETCH_OPEN_ECP_CONTEXT
;
8320 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN
, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55 );
8322 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8324 #if (NTDDI_VERSION >= NTDDI_WIN7)
8326 DEFINE_GUID (GUID_ECP_NFS_OPEN
, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
8327 DEFINE_GUID(GUID_ECP_SRV_OPEN
, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53 );
8329 typedef struct sockaddr_storage
*PSOCKADDR_STORAGE_NFS
;
8331 typedef struct _NFS_OPEN_ECP_CONTEXT
{
8332 PUNICODE_STRING ExportAlias
;
8333 PSOCKADDR_STORAGE_NFS ClientSocketAddress
;
8334 } NFS_OPEN_ECP_CONTEXT
, *PNFS_OPEN_ECP_CONTEXT
, **PPNFS_OPEN_ECP_CONTEXT
;
8336 typedef struct _SRV_OPEN_ECP_CONTEXT
{
8337 PUNICODE_STRING ShareName
;
8338 PSOCKADDR_STORAGE_NFS SocketAddress
;
8339 BOOLEAN OplockBlockState
;
8340 BOOLEAN OplockAppState
;
8341 BOOLEAN OplockFinalState
;
8342 } SRV_OPEN_ECP_CONTEXT
, *PSRV_OPEN_ECP_CONTEXT
;
8344 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
8346 #define VACB_MAPPING_GRANULARITY (0x40000)
8347 #define VACB_OFFSET_SHIFT (18)
8349 typedef struct _PUBLIC_BCB
{
8350 CSHORT NodeTypeCode
;
8351 CSHORT NodeByteSize
;
8353 LARGE_INTEGER MappedFileOffset
;
8354 } PUBLIC_BCB
, *PPUBLIC_BCB
;
8356 typedef struct _CC_FILE_SIZES
{
8357 LARGE_INTEGER AllocationSize
;
8358 LARGE_INTEGER FileSize
;
8359 LARGE_INTEGER ValidDataLength
;
8360 } CC_FILE_SIZES
, *PCC_FILE_SIZES
;
8363 (NTAPI
*PACQUIRE_FOR_LAZY_WRITE
) (
8368 (NTAPI
*PRELEASE_FROM_LAZY_WRITE
) (
8372 (NTAPI
*PACQUIRE_FOR_READ_AHEAD
) (
8377 (NTAPI
*PRELEASE_FROM_READ_AHEAD
) (
8380 typedef struct _CACHE_MANAGER_CALLBACKS
{
8381 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite
;
8382 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite
;
8383 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead
;
8384 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead
;
8385 } CACHE_MANAGER_CALLBACKS
, *PCACHE_MANAGER_CALLBACKS
;
8387 typedef struct _CACHE_UNINITIALIZE_EVENT
{
8388 struct _CACHE_UNINITIALIZE_EVENT
*Next
;
8390 } CACHE_UNINITIALIZE_EVENT
, *PCACHE_UNINITIALIZE_EVENT
;
8393 (NTAPI
*PDIRTY_PAGE_ROUTINE
) (
8394 IN PFILE_OBJECT FileObject
,
8395 IN PLARGE_INTEGER FileOffset
,
8397 IN PLARGE_INTEGER OldestLsn
,
8398 IN PLARGE_INTEGER NewestLsn
,
8403 (NTAPI
*PFLUSH_TO_LSN
) (
8405 IN LARGE_INTEGER Lsn
);
8408 (NTAPI
*PCC_POST_DEFERRED_WRITE
) (
8412 #define CcIsFileCached(FO) ( \
8413 ((FO)->SectionObjectPointer != NULL) && \
8414 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
8417 extern ULONG CcFastMdlReadWait
;
8419 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8424 CcInitializeCacheMap(
8425 IN PFILE_OBJECT FileObject
,
8426 IN PCC_FILE_SIZES FileSizes
,
8427 IN BOOLEAN PinAccess
,
8428 IN PCACHE_MANAGER_CALLBACKS Callbacks
,
8429 IN PVOID LazyWriteContext
);
8434 CcUninitializeCacheMap(
8435 IN PFILE_OBJECT FileObject
,
8436 IN PLARGE_INTEGER TruncateSize OPTIONAL
,
8437 IN PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent OPTIONAL
);
8443 IN PFILE_OBJECT FileObject
,
8444 IN PCC_FILE_SIZES FileSizes
);
8449 CcSetDirtyPageThreshold(
8450 IN PFILE_OBJECT FileObject
,
8451 IN ULONG DirtyPageThreshold
);
8457 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8458 IN PLARGE_INTEGER FileOffset OPTIONAL
,
8460 OUT PIO_STATUS_BLOCK IoStatus OPTIONAL
);
8465 CcGetFlushedValidData(
8466 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8467 IN BOOLEAN BcbListHeld
);
8473 IN PFILE_OBJECT FileObject
,
8474 IN PLARGE_INTEGER StartOffset
,
8475 IN PLARGE_INTEGER EndOffset
,
8495 IN BOOLEAN WriteThrough
,
8496 OUT PIO_STATUS_BLOCK IoStatus
);
8501 CcGetFileObjectFromSectionPtrs(
8502 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8507 CcGetFileObjectFromBcb(
8514 IN PFILE_OBJECT FileObject
,
8515 IN ULONG BytesToWrite
,
8517 IN BOOLEAN Retrying
);
8523 IN PFILE_OBJECT FileObject
,
8524 IN PCC_POST_DEFERRED_WRITE PostRoutine
,
8527 IN ULONG BytesToWrite
,
8528 IN BOOLEAN Retrying
);
8534 IN PFILE_OBJECT FileObject
,
8535 IN PLARGE_INTEGER FileOffset
,
8539 OUT PIO_STATUS_BLOCK IoStatus
);
8545 IN PFILE_OBJECT FileObject
,
8546 IN ULONG FileOffset
,
8550 OUT PIO_STATUS_BLOCK IoStatus
);
8556 IN PFILE_OBJECT FileObject
,
8557 IN PLARGE_INTEGER FileOffset
,
8566 IN PFILE_OBJECT FileObject
,
8567 IN ULONG FileOffset
,
8575 IN PFILE_OBJECT FileObject
,
8576 IN PLARGE_INTEGER FileOffset
,
8579 OUT PIO_STATUS_BLOCK IoStatus
);
8585 IN PFILE_OBJECT FileObject
,
8592 IN PFILE_OBJECT FileObject
,
8593 IN PLARGE_INTEGER FileOffset
,
8596 OUT PIO_STATUS_BLOCK IoStatus
);
8602 IN PFILE_OBJECT FileObject
,
8603 IN PLARGE_INTEGER FileOffset
,
8609 CcScheduleReadAhead(
8610 IN PFILE_OBJECT FileObject
,
8611 IN PLARGE_INTEGER FileOffset
,
8617 CcWaitForCurrentLazyWriterActivity(
8623 CcSetReadAheadGranularity(
8624 IN PFILE_OBJECT FileObject
,
8625 IN ULONG Granularity
);
8631 IN PFILE_OBJECT FileObject
,
8632 IN PLARGE_INTEGER FileOffset
,
8642 IN PFILE_OBJECT FileObject
,
8643 IN PLARGE_INTEGER FileOffset
,
8652 IN PFILE_OBJECT FileObject
,
8653 IN PLARGE_INTEGER FileOffset
,
8663 CcSetDirtyPinnedData(
8665 IN PLARGE_INTEGER Lsn OPTIONAL
);
8676 CcSetBcbOwnerPointer(
8678 IN PVOID OwnerPointer
);
8683 CcUnpinDataForThread(
8685 IN ERESOURCE_THREAD ResourceThreadId
);
8690 CcSetAdditionalCacheAttributes(
8691 IN PFILE_OBJECT FileObject
,
8692 IN BOOLEAN DisableReadAhead
,
8693 IN BOOLEAN DisableWriteBehind
);
8701 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
8703 #if (NTDDI_VERSION >= NTDDI_WINXP)
8709 IN PFILE_OBJECT FileObject
,
8715 CcSetLogHandleForFile(
8716 IN PFILE_OBJECT FileObject
,
8718 IN PFLUSH_TO_LSN FlushToLsnRoutine
);
8725 IN PDIRTY_PAGE_ROUTINE DirtyPageRoutine
,
8731 #if (NTDDI_VERSION >= NTDDI_WINXP)
8736 IN PFILE_OBJECT FileObject
,
8737 IN PLARGE_INTEGER FileOffset
,
8742 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8747 IN PFILE_OBJECT FileObject
,
8748 IN PLARGE_INTEGER FileOffset
,
8755 #if (NTDDI_VERSION >= NTDDI_VISTA)
8761 IN PFILE_OBJECT FileObject
,
8762 IN PCC_FILE_SIZES FileSizes
);
8767 CcGetFileObjectFromSectionPtrsRef(
8768 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8773 CcSetParallelFlushFile(
8774 IN PFILE_OBJECT FileObject
,
8775 IN BOOLEAN EnableParallelFlush
);
8779 CcIsThereDirtyDataEx(
8781 IN PULONG NumberOfDirtyPages OPTIONAL
);
8785 #if (NTDDI_VERSION >= NTDDI_WIN7)
8789 CcCoherencyFlushAndPurgeCache(
8790 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8791 IN PLARGE_INTEGER FileOffset OPTIONAL
,
8793 OUT PIO_STATUS_BLOCK IoStatus
,
8794 IN ULONG Flags OPTIONAL
);
8797 #define CcGetFileSizePointer(FO) ( \
8798 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
8801 #define UNINITIALIZE_CACHE_MAPS (1)
8802 #define DO_NOT_RETRY_PURGE (2)
8803 #define DO_NOT_PURGE_DIRTY_PAGES (0x4)
8805 #define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
8807 #if (NTDDI_VERSION >= NTDDI_VISTA)
8811 CcPurgeCacheSection(
8812 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8813 IN PLARGE_INTEGER FileOffset OPTIONAL
,
8816 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8820 CcPurgeCacheSection(
8821 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8822 IN PLARGE_INTEGER FileOffset OPTIONAL
,
8824 IN BOOLEAN UninitializeCacheMaps
);
8827 #if (NTDDI_VERSION >= NTDDI_WIN7)
8831 CcCopyWriteWontFlush(
8832 IN PFILE_OBJECT FileObject
,
8833 IN PLARGE_INTEGER FileOffset
,
8836 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
8839 #define CcReadAhead(FO, FOFF, LEN) ( \
8840 if ((LEN) >= 256) { \
8841 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
8845 #define PIN_WAIT (1)
8846 #define PIN_EXCLUSIVE (2)
8847 #define PIN_NO_READ (4)
8848 #define PIN_IF_BCB (8)
8849 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
8850 #define PIN_HIGH_PRIORITY (64)
8853 #define MAP_NO_READ (16)
8854 #define MAP_HIGH_PRIORITY (64)
8856 #pragma pack(push,4)
8858 #ifndef VER_PRODUCTBUILD
8859 #define VER_PRODUCTBUILD 10000
8865 extern PUCHAR FsRtlLegalAnsiCharacterArray
;
8867 extern DECLSPEC_IMPORT PUCHAR FsRtlLegalAnsiCharacterArray
;
8869 extern PACL SePublicDefaultDacl
;
8870 extern PACL SeSystemDefaultDacl
;
8872 #define FS_LFN_APIS 0x00004000
8874 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
8875 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
8876 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
8877 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
8878 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
8879 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
8880 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
8881 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
8882 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
8883 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
8884 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
8885 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
8886 #define FILE_STORAGE_TYPE_MASK 0x000f0000
8887 #define FILE_STORAGE_TYPE_SHIFT 16
8889 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
8891 #define FSRTL_WILD_CHARACTER 0x08
8894 #define HARDWARE_PTE HARDWARE_PTE_X86
8895 #define PHARDWARE_PTE PHARDWARE_PTE_X86
8898 #define IO_CHECK_CREATE_PARAMETERS 0x0200
8899 #define IO_ATTACH_DEVICE 0x0400
8901 #define IO_ATTACH_DEVICE_API 0x80000000
8903 #define IO_TYPE_APC 18
8904 #define IO_TYPE_DPC 19
8905 #define IO_TYPE_DEVICE_QUEUE 20
8906 #define IO_TYPE_EVENT_PAIR 21
8907 #define IO_TYPE_INTERRUPT 22
8908 #define IO_TYPE_PROFILE 23
8910 #define IRP_BEING_VERIFIED 0x10
8912 #define MAILSLOT_CLASS_FIRSTCLASS 1
8913 #define MAILSLOT_CLASS_SECONDCLASS 2
8915 #define MAILSLOT_SIZE_AUTO 0
8917 #define MEM_DOS_LIM 0x40000000
8919 #define OB_TYPE_TYPE 1
8920 #define OB_TYPE_DIRECTORY 2
8921 #define OB_TYPE_SYMBOLIC_LINK 3
8922 #define OB_TYPE_TOKEN 4
8923 #define OB_TYPE_PROCESS 5
8924 #define OB_TYPE_THREAD 6
8925 #define OB_TYPE_EVENT 7
8926 #define OB_TYPE_EVENT_PAIR 8
8927 #define OB_TYPE_MUTANT 9
8928 #define OB_TYPE_SEMAPHORE 10
8929 #define OB_TYPE_TIMER 11
8930 #define OB_TYPE_PROFILE 12
8931 #define OB_TYPE_WINDOW_STATION 13
8932 #define OB_TYPE_DESKTOP 14
8933 #define OB_TYPE_SECTION 15
8934 #define OB_TYPE_KEY 16
8935 #define OB_TYPE_PORT 17
8936 #define OB_TYPE_ADAPTER 18
8937 #define OB_TYPE_CONTROLLER 19
8938 #define OB_TYPE_DEVICE 20
8939 #define OB_TYPE_DRIVER 21
8940 #define OB_TYPE_IO_COMPLETION 22
8941 #define OB_TYPE_FILE 23
8943 #define SEC_BASED 0x00200000
8945 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
8946 #define SECURITY_WORLD_RID (0x00000000L)
8950 #define TOKEN_HAS_ADMIN_GROUP 0x08
8952 #if (VER_PRODUCTBUILD >= 1381)
8953 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
8954 #endif /* (VER_PRODUCTBUILD >= 1381) */
8956 #if (VER_PRODUCTBUILD >= 2195)
8958 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
8959 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
8961 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
8963 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
8964 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
8965 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
8966 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
8967 #endif /* (VER_PRODUCTBUILD >= 2195) */
8969 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
8970 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
8971 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
8972 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
8973 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
8974 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
8975 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
8976 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
8978 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
8983 struct _RTL_AVL_TABLE
;
8984 struct _RTL_GENERIC_TABLE
;
8986 typedef enum _FILE_STORAGE_TYPE
{
8987 StorageTypeDefault
= 1,
8988 StorageTypeDirectory
,
8990 StorageTypeJunctionPoint
,
8992 StorageTypeStructuredStorage
,
8993 StorageTypeEmbedding
,
8995 } FILE_STORAGE_TYPE
;
8997 typedef struct _OBJECT_BASIC_INFORMATION
9000 ACCESS_MASK GrantedAccess
;
9003 ULONG PagedPoolCharge
;
9004 ULONG NonPagedPoolCharge
;
9005 ULONG Reserved
[ 3 ];
9008 ULONG SecurityDescriptorSize
;
9009 LARGE_INTEGER CreationTime
;
9010 } OBJECT_BASIC_INFORMATION
, *POBJECT_BASIC_INFORMATION
;
9012 typedef struct _BITMAP_RANGE
{
9015 ULONG FirstDirtyPage
;
9016 ULONG LastDirtyPage
;
9019 } BITMAP_RANGE
, *PBITMAP_RANGE
;
9021 typedef struct _FILE_COPY_ON_WRITE_INFORMATION
{
9022 BOOLEAN ReplaceIfExists
;
9023 HANDLE RootDirectory
;
9024 ULONG FileNameLength
;
9026 } FILE_COPY_ON_WRITE_INFORMATION
, *PFILE_COPY_ON_WRITE_INFORMATION
;
9028 typedef struct _FILE_FULL_DIRECTORY_INFORMATION
{
9029 ULONG NextEntryOffset
;
9031 LARGE_INTEGER CreationTime
;
9032 LARGE_INTEGER LastAccessTime
;
9033 LARGE_INTEGER LastWriteTime
;
9034 LARGE_INTEGER ChangeTime
;
9035 LARGE_INTEGER EndOfFile
;
9036 LARGE_INTEGER AllocationSize
;
9037 ULONG FileAttributes
;
9038 ULONG FileNameLength
;
9040 WCHAR FileName
[ANYSIZE_ARRAY
];
9041 } FILE_FULL_DIRECTORY_INFORMATION
, *PFILE_FULL_DIRECTORY_INFORMATION
;
9043 typedef struct _FILE_FS_FULL_SIZE_INFORMATION
{
9044 LARGE_INTEGER TotalAllocationUnits
;
9045 LARGE_INTEGER CallerAvailableAllocationUnits
;
9046 LARGE_INTEGER ActualAvailableAllocationUnits
;
9047 ULONG SectorsPerAllocationUnit
;
9048 ULONG BytesPerSector
;
9049 } FILE_FS_FULL_SIZE_INFORMATION
, *PFILE_FS_FULL_SIZE_INFORMATION
;
9051 typedef struct _FILE_FS_LABEL_INFORMATION
{
9052 ULONG VolumeLabelLength
;
9053 WCHAR VolumeLabel
[1];
9054 } FILE_FS_LABEL_INFORMATION
, *PFILE_FS_LABEL_INFORMATION
;
9056 #if (VER_PRODUCTBUILD >= 2195)
9058 typedef struct _FILE_FS_OBJECT_ID_INFORMATION
{
9060 UCHAR ExtendedInfo
[48];
9061 } FILE_FS_OBJECT_ID_INFORMATION
, *PFILE_FS_OBJECT_ID_INFORMATION
;
9063 #endif /* (VER_PRODUCTBUILD >= 2195) */
9065 typedef struct _FILE_FS_SIZE_INFORMATION
{
9066 LARGE_INTEGER TotalAllocationUnits
;
9067 LARGE_INTEGER AvailableAllocationUnits
;
9068 ULONG SectorsPerAllocationUnit
;
9069 ULONG BytesPerSector
;
9070 } FILE_FS_SIZE_INFORMATION
, *PFILE_FS_SIZE_INFORMATION
;
9072 typedef struct _FILE_FS_VOLUME_INFORMATION
{
9073 LARGE_INTEGER VolumeCreationTime
;
9074 ULONG VolumeSerialNumber
;
9075 ULONG VolumeLabelLength
;
9076 BOOLEAN SupportsObjects
;
9077 WCHAR VolumeLabel
[1];
9078 } FILE_FS_VOLUME_INFORMATION
, *PFILE_FS_VOLUME_INFORMATION
;
9080 typedef struct _FILE_FS_OBJECTID_INFORMATION
9083 UCHAR ExtendedInfo
[48];
9084 } FILE_FS_OBJECTID_INFORMATION
, *PFILE_FS_OBJECTID_INFORMATION
;
9086 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
9087 typedef struct _FILE_SHARED_LOCK_ENTRY
{
9090 FILE_LOCK_INFO FileLock
;
9091 } FILE_SHARED_LOCK_ENTRY
, *PFILE_SHARED_LOCK_ENTRY
;
9093 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
9094 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY
{
9095 LIST_ENTRY ListEntry
;
9098 FILE_LOCK_INFO FileLock
;
9099 } FILE_EXCLUSIVE_LOCK_ENTRY
, *PFILE_EXCLUSIVE_LOCK_ENTRY
;
9101 typedef struct _FILE_MAILSLOT_PEEK_BUFFER
{
9102 ULONG ReadDataAvailable
;
9103 ULONG NumberOfMessages
;
9104 ULONG MessageLength
;
9105 } FILE_MAILSLOT_PEEK_BUFFER
, *PFILE_MAILSLOT_PEEK_BUFFER
;
9107 typedef struct _FILE_OLE_CLASSID_INFORMATION
{
9109 } FILE_OLE_CLASSID_INFORMATION
, *PFILE_OLE_CLASSID_INFORMATION
;
9111 typedef struct _FILE_OLE_ALL_INFORMATION
{
9112 FILE_BASIC_INFORMATION BasicInformation
;
9113 FILE_STANDARD_INFORMATION StandardInformation
;
9114 FILE_INTERNAL_INFORMATION InternalInformation
;
9115 FILE_EA_INFORMATION EaInformation
;
9116 FILE_ACCESS_INFORMATION AccessInformation
;
9117 FILE_POSITION_INFORMATION PositionInformation
;
9118 FILE_MODE_INFORMATION ModeInformation
;
9119 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
9122 LARGE_INTEGER SecurityChangeTime
;
9123 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
9124 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
9125 FILE_STORAGE_TYPE StorageType
;
9128 ULONG NumberOfStreamReferences
;
9131 BOOLEAN ContentIndexDisable
;
9132 BOOLEAN InheritContentIndexDisable
;
9133 FILE_NAME_INFORMATION NameInformation
;
9134 } FILE_OLE_ALL_INFORMATION
, *PFILE_OLE_ALL_INFORMATION
;
9136 typedef struct _FILE_OLE_DIR_INFORMATION
{
9137 ULONG NextEntryOffset
;
9139 LARGE_INTEGER CreationTime
;
9140 LARGE_INTEGER LastAccessTime
;
9141 LARGE_INTEGER LastWriteTime
;
9142 LARGE_INTEGER ChangeTime
;
9143 LARGE_INTEGER EndOfFile
;
9144 LARGE_INTEGER AllocationSize
;
9145 ULONG FileAttributes
;
9146 ULONG FileNameLength
;
9147 FILE_STORAGE_TYPE StorageType
;
9150 BOOLEAN ContentIndexDisable
;
9151 BOOLEAN InheritContentIndexDisable
;
9153 } FILE_OLE_DIR_INFORMATION
, *PFILE_OLE_DIR_INFORMATION
;
9155 typedef struct _FILE_OLE_INFORMATION
{
9156 LARGE_INTEGER SecurityChangeTime
;
9157 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
9158 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
9159 FILE_STORAGE_TYPE StorageType
;
9161 BOOLEAN ContentIndexDisable
;
9162 BOOLEAN InheritContentIndexDisable
;
9163 } FILE_OLE_INFORMATION
, *PFILE_OLE_INFORMATION
;
9165 typedef struct _FILE_OLE_STATE_BITS_INFORMATION
{
9167 ULONG StateBitsMask
;
9168 } FILE_OLE_STATE_BITS_INFORMATION
, *PFILE_OLE_STATE_BITS_INFORMATION
;
9170 typedef struct _MAPPING_PAIR
{
9173 } MAPPING_PAIR
, *PMAPPING_PAIR
;
9175 typedef struct _GET_RETRIEVAL_DESCRIPTOR
{
9176 ULONG NumberOfPairs
;
9178 MAPPING_PAIR Pair
[1];
9179 } GET_RETRIEVAL_DESCRIPTOR
, *PGET_RETRIEVAL_DESCRIPTOR
;
9181 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
9183 typedef struct _MBCB
{
9184 CSHORT NodeTypeCode
;
9185 CSHORT NodeIsInZone
;
9189 LIST_ENTRY BitmapRanges
;
9190 LONGLONG ResumeWritePage
;
9191 BITMAP_RANGE BitmapRange1
;
9192 BITMAP_RANGE BitmapRange2
;
9193 BITMAP_RANGE BitmapRange3
;
9196 typedef struct _MOVEFILE_DESCRIPTOR
{
9199 LARGE_INTEGER StartVcn
;
9200 LARGE_INTEGER TargetLcn
;
9203 } MOVEFILE_DESCRIPTOR
, *PMOVEFILE_DESCRIPTOR
;
9205 typedef struct _OBJECT_BASIC_INFO
{
9207 ACCESS_MASK GrantedAccess
;
9209 ULONG ReferenceCount
;
9210 ULONG PagedPoolUsage
;
9211 ULONG NonPagedPoolUsage
;
9213 ULONG NameInformationLength
;
9214 ULONG TypeInformationLength
;
9215 ULONG SecurityDescriptorLength
;
9216 LARGE_INTEGER CreateTime
;
9217 } OBJECT_BASIC_INFO
, *POBJECT_BASIC_INFO
;
9219 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO
{
9221 BOOLEAN ProtectFromClose
;
9222 } OBJECT_HANDLE_ATTRIBUTE_INFO
, *POBJECT_HANDLE_ATTRIBUTE_INFO
;
9224 typedef struct _OBJECT_NAME_INFO
{
9225 UNICODE_STRING ObjectName
;
9226 WCHAR ObjectNameBuffer
[1];
9227 } OBJECT_NAME_INFO
, *POBJECT_NAME_INFO
;
9229 typedef struct _OBJECT_PROTECTION_INFO
{
9231 BOOLEAN ProtectHandle
;
9232 } OBJECT_PROTECTION_INFO
, *POBJECT_PROTECTION_INFO
;
9234 typedef struct _OBJECT_TYPE_INFO
{
9235 UNICODE_STRING ObjectTypeName
;
9236 UCHAR Unknown
[0x58];
9237 WCHAR ObjectTypeNameBuffer
[1];
9238 } OBJECT_TYPE_INFO
, *POBJECT_TYPE_INFO
;
9240 typedef struct _OBJECT_ALL_TYPES_INFO
{
9241 ULONG NumberOfObjectTypes
;
9242 OBJECT_TYPE_INFO ObjectsTypeInfo
[1];
9243 } OBJECT_ALL_TYPES_INFO
, *POBJECT_ALL_TYPES_INFO
;
9245 typedef enum _RTL_GENERIC_COMPARE_RESULTS
9250 } RTL_GENERIC_COMPARE_RESULTS
;
9252 typedef enum _TABLE_SEARCH_RESULT
9258 } TABLE_SEARCH_RESULT
;
9261 (NTAPI
*PRTL_AVL_MATCH_FUNCTION
)(
9262 struct _RTL_AVL_TABLE
*Table
,
9267 typedef RTL_GENERIC_COMPARE_RESULTS
9268 (NTAPI
*PRTL_AVL_COMPARE_ROUTINE
) (
9269 struct _RTL_AVL_TABLE
*Table
,
9274 typedef RTL_GENERIC_COMPARE_RESULTS
9275 (NTAPI
*PRTL_GENERIC_COMPARE_ROUTINE
) (
9276 struct _RTL_GENERIC_TABLE
*Table
,
9282 (NTAPI
*PRTL_GENERIC_ALLOCATE_ROUTINE
) (
9283 struct _RTL_GENERIC_TABLE
*Table
,
9288 (NTAPI
*PRTL_GENERIC_FREE_ROUTINE
) (
9289 struct _RTL_GENERIC_TABLE
*Table
,
9294 (NTAPI
*PRTL_AVL_ALLOCATE_ROUTINE
) (
9295 struct _RTL_AVL_TABLE
*Table
,
9300 (NTAPI
*PRTL_AVL_FREE_ROUTINE
) (
9301 struct _RTL_AVL_TABLE
*Table
,
9305 typedef struct _QUERY_PATH_REQUEST
{
9306 ULONG PathNameLength
;
9307 PIO_SECURITY_CONTEXT SecurityContext
;
9308 WCHAR FilePathName
[1];
9309 } QUERY_PATH_REQUEST
, *PQUERY_PATH_REQUEST
;
9311 typedef struct _QUERY_PATH_RESPONSE
{
9312 ULONG LengthAccepted
;
9313 } QUERY_PATH_RESPONSE
, *PQUERY_PATH_RESPONSE
;
9315 typedef struct _RTL_BALANCED_LINKS
9317 struct _RTL_BALANCED_LINKS
*Parent
;
9318 struct _RTL_BALANCED_LINKS
*LeftChild
;
9319 struct _RTL_BALANCED_LINKS
*RightChild
;
9322 } RTL_BALANCED_LINKS
, *PRTL_BALANCED_LINKS
;
9324 typedef struct _RTL_GENERIC_TABLE
9326 PRTL_SPLAY_LINKS TableRoot
;
9327 LIST_ENTRY InsertOrderList
;
9328 PLIST_ENTRY OrderedPointer
;
9329 ULONG WhichOrderedElement
;
9330 ULONG NumberGenericTableElements
;
9331 PRTL_GENERIC_COMPARE_ROUTINE CompareRoutine
;
9332 PRTL_GENERIC_ALLOCATE_ROUTINE AllocateRoutine
;
9333 PRTL_GENERIC_FREE_ROUTINE FreeRoutine
;
9335 } RTL_GENERIC_TABLE
, *PRTL_GENERIC_TABLE
;
9337 #undef PRTL_GENERIC_COMPARE_ROUTINE
9338 #undef PRTL_GENERIC_ALLOCATE_ROUTINE
9339 #undef PRTL_GENERIC_FREE_ROUTINE
9340 #undef RTL_GENERIC_TABLE
9341 #undef PRTL_GENERIC_TABLE
9343 #define PRTL_GENERIC_COMPARE_ROUTINE PRTL_AVL_COMPARE_ROUTINE
9344 #define PRTL_GENERIC_ALLOCATE_ROUTINE PRTL_AVL_ALLOCATE_ROUTINE
9345 #define PRTL_GENERIC_FREE_ROUTINE PRTL_AVL_FREE_ROUTINE
9346 #define RTL_GENERIC_TABLE RTL_AVL_TABLE
9347 #define PRTL_GENERIC_TABLE PRTL_AVL_TABLE
9349 #define RtlInitializeGenericTable RtlInitializeGenericTableAvl
9350 #define RtlInsertElementGenericTable RtlInsertElementGenericTableAvl
9351 #define RtlInsertElementGenericTableFull RtlInsertElementGenericTableFullAvl
9352 #define RtlDeleteElementGenericTable RtlDeleteElementGenericTableAvl
9353 #define RtlLookupElementGenericTable RtlLookupElementGenericTableAvl
9354 #define RtlLookupElementGenericTableFull RtlLookupElementGenericTableFullAvl
9355 #define RtlEnumerateGenericTable RtlEnumerateGenericTableAvl
9356 #define RtlEnumerateGenericTableWithoutSplaying RtlEnumerateGenericTableWithoutSplayingAvl
9357 #define RtlGetElementGenericTable RtlGetElementGenericTableAvl
9358 #define RtlNumberGenericTableElements RtlNumberGenericTableElementsAvl
9359 #define RtlIsGenericTableEmpty RtlIsGenericTableEmptyAvl
9361 typedef struct _RTL_AVL_TABLE
9363 RTL_BALANCED_LINKS BalancedRoot
;
9364 PVOID OrderedPointer
;
9365 ULONG WhichOrderedElement
;
9366 ULONG NumberGenericTableElements
;
9368 PRTL_BALANCED_LINKS RestartKey
;
9370 PRTL_AVL_COMPARE_ROUTINE CompareRoutine
;
9371 PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine
;
9372 PRTL_AVL_FREE_ROUTINE FreeRoutine
;
9374 } RTL_AVL_TABLE
, *PRTL_AVL_TABLE
;
9379 RtlInitializeGenericTableAvl(
9380 PRTL_AVL_TABLE Table
,
9381 PRTL_AVL_COMPARE_ROUTINE CompareRoutine
,
9382 PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine
,
9383 PRTL_AVL_FREE_ROUTINE FreeRoutine
,
9390 RtlInsertElementGenericTableAvl (
9391 PRTL_AVL_TABLE Table
,
9394 PBOOLEAN NewElement OPTIONAL
9400 RtlDeleteElementGenericTableAvl (
9401 PRTL_AVL_TABLE Table
,
9408 RtlLookupElementGenericTableAvl (
9409 PRTL_AVL_TABLE Table
,
9416 RtlEnumerateGenericTableWithoutSplayingAvl (
9417 PRTL_AVL_TABLE Table
,
9421 #if defined(USE_LPC6432)
9422 #define LPC_CLIENT_ID CLIENT_ID64
9423 #define LPC_SIZE_T ULONGLONG
9424 #define LPC_PVOID ULONGLONG
9425 #define LPC_HANDLE ULONGLONG
9427 #define LPC_CLIENT_ID CLIENT_ID
9428 #define LPC_SIZE_T SIZE_T
9429 #define LPC_PVOID PVOID
9430 #define LPC_HANDLE HANDLE
9433 typedef struct _PORT_MESSAGE
9449 CSHORT DataInfoOffset
;
9453 __GNU_EXTENSION
union
9455 LPC_CLIENT_ID ClientId
;
9456 double DoNotUseThisField
;
9459 __GNU_EXTENSION
union
9461 LPC_SIZE_T ClientViewSize
;
9464 } PORT_MESSAGE
, *PPORT_MESSAGE
;
9466 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
9468 typedef struct _PORT_VIEW
9471 LPC_HANDLE SectionHandle
;
9472 ULONG SectionOffset
;
9473 LPC_SIZE_T ViewSize
;
9475 LPC_PVOID ViewRemoteBase
;
9476 } PORT_VIEW
, *PPORT_VIEW
;
9478 typedef struct _REMOTE_PORT_VIEW
9481 LPC_SIZE_T ViewSize
;
9483 } REMOTE_PORT_VIEW
, *PREMOTE_PORT_VIEW
;
9485 typedef struct _VAD_HEADER
{
9488 struct _VAD_HEADER
* ParentLink
;
9489 struct _VAD_HEADER
* LeftLink
;
9490 struct _VAD_HEADER
* RightLink
;
9491 ULONG Flags
; /* LSB = CommitCharge */
9493 PVOID FirstProtoPte
;
9497 } VAD_HEADER
, *PVAD_HEADER
;
9502 CcGetLsnForFileObject (
9503 IN PFILE_OBJECT FileObject
,
9504 OUT PLARGE_INTEGER OldestLsn OPTIONAL
9507 #if (VER_PRODUCTBUILD >= 2600)
9509 #ifndef __NTOSKRNL__
9513 ExInitializeRundownProtection (
9514 IN PEX_RUNDOWN_REF RunRef
9520 ExReInitializeRundownProtection (
9521 IN PEX_RUNDOWN_REF RunRef
9527 ExAcquireRundownProtection (
9528 IN PEX_RUNDOWN_REF RunRef
9534 ExAcquireRundownProtectionEx (
9535 IN PEX_RUNDOWN_REF RunRef
,
9542 ExReleaseRundownProtection (
9543 IN PEX_RUNDOWN_REF RunRef
9549 ExReleaseRundownProtectionEx (
9550 IN PEX_RUNDOWN_REF RunRef
,
9557 ExRundownCompleted (
9558 IN PEX_RUNDOWN_REF RunRef
9564 ExWaitForRundownProtectionRelease (
9565 IN PEX_RUNDOWN_REF RunRef
9569 #endif /* (VER_PRODUCTBUILD >= 2600) */
9575 IN POOL_TYPE PoolType
,
9576 IN ULONG NumberOfBytes
9582 FsRtlAllocatePoolWithQuota (
9583 IN POOL_TYPE PoolType
,
9584 IN ULONG NumberOfBytes
9590 FsRtlAllocatePoolWithQuotaTag (
9591 IN POOL_TYPE PoolType
,
9592 IN ULONG NumberOfBytes
,
9599 FsRtlAllocatePoolWithTag (
9600 IN POOL_TYPE PoolType
,
9601 IN ULONG NumberOfBytes
,
9608 FsRtlIsFatDbcsLegal (
9609 IN ANSI_STRING DbcsName
,
9610 IN BOOLEAN WildCardsPermissible
,
9611 IN BOOLEAN PathNamePermissible
,
9612 IN BOOLEAN LeadingBackslashPermissible
9615 extern PUSHORT NlsOemLeadByteInfo
;
9620 FsRtlMdlReadComplete (
9621 IN PFILE_OBJECT FileObject
,
9628 FsRtlMdlWriteComplete (
9629 IN PFILE_OBJECT FileObject
,
9630 IN PLARGE_INTEGER FileOffset
,
9637 FsRtlNotifyChangeDirectory (
9638 IN PNOTIFY_SYNC NotifySync
,
9640 IN PSTRING FullDirectoryName
,
9641 IN PLIST_ENTRY NotifyList
,
9642 IN BOOLEAN WatchTree
,
9643 IN ULONG CompletionFilter
,
9650 IoAttachDeviceToDeviceStackSafe(
9651 IN PDEVICE_OBJECT SourceDevice
,
9652 IN PDEVICE_OBJECT TargetDevice
,
9653 OUT PDEVICE_OBJECT
*AttachedToDeviceObject
9660 IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL
,
9661 IN POBJECT_TYPE ObjectType
,
9662 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
9663 IN KPROCESSOR_MODE AccessMode
,
9664 IN OUT PVOID ParseContext OPTIONAL
,
9665 IN ULONG ObjectSize
,
9666 IN ULONG PagedPoolCharge OPTIONAL
,
9667 IN ULONG NonPagedPoolCharge OPTIONAL
,
9674 ObGetObjectPointerCount (
9681 ObReferenceObjectByName (
9682 IN PUNICODE_STRING ObjectName
,
9683 IN ULONG Attributes
,
9684 IN PACCESS_STATE PassedAccessState OPTIONAL
,
9685 IN ACCESS_MASK DesiredAccess OPTIONAL
,
9686 IN POBJECT_TYPE ObjectType
,
9687 IN KPROCESSOR_MODE AccessMode
,
9688 IN OUT PVOID ParseContext OPTIONAL
,
9692 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9697 PsAssignImpersonationToken(
9699 IN HANDLE Token OPTIONAL
);
9704 PsReferencePrimaryToken(
9705 IN OUT PEPROCESS Process
);
9709 #define PsDereferenceImpersonationToken(T) \
9710 {if (ARGUMENT_PRESENT(T)) { \
9711 (ObDereferenceObject((T))); \
9720 PsLookupProcessThreadByCid (
9722 OUT PEPROCESS
*Process OPTIONAL
,
9723 OUT PETHREAD
*Thread
9729 RtlSecondsSince1970ToTime (
9730 IN ULONG SecondsSince1970
,
9731 OUT PLARGE_INTEGER Time
9737 RtlSetSaclSecurityDescriptor (
9738 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
9739 IN BOOLEAN SaclPresent
,
9741 IN BOOLEAN SaclDefaulted
9747 RtlUnicodeStringToCountedOemString (
9748 IN OUT POEM_STRING DestinationString
,
9749 IN PCUNICODE_STRING SourceString
,
9750 IN BOOLEAN AllocateDestinationString
9753 /* RTL Splay Tree Functions */
9757 RtlSplay(PRTL_SPLAY_LINKS Links
);
9762 RtlDelete(PRTL_SPLAY_LINKS Links
);
9768 PRTL_SPLAY_LINKS Links
,
9769 PRTL_SPLAY_LINKS
*Root
9775 RtlSubtreeSuccessor(PRTL_SPLAY_LINKS Links
);
9780 RtlSubtreePredecessor(PRTL_SPLAY_LINKS Links
);
9785 RtlRealSuccessor(PRTL_SPLAY_LINKS Links
);
9790 RtlRealPredecessor(PRTL_SPLAY_LINKS Links
);
9792 #define RtlIsLeftChild(Links) \
9793 (RtlLeftChild(RtlParent(Links)) == (PRTL_SPLAY_LINKS)(Links))
9795 #define RtlIsRightChild(Links) \
9796 (RtlRightChild(RtlParent(Links)) == (PRTL_SPLAY_LINKS)(Links))
9798 #define RtlRightChild(Links) \
9799 ((PRTL_SPLAY_LINKS)(Links))->RightChild
9801 #define RtlIsRoot(Links) \
9802 (RtlParent(Links) == (PRTL_SPLAY_LINKS)(Links))
9804 #define RtlLeftChild(Links) \
9805 ((PRTL_SPLAY_LINKS)(Links))->LeftChild
9807 #define RtlParent(Links) \
9808 ((PRTL_SPLAY_LINKS)(Links))->Parent
9810 #define RtlInitializeSplayLinks(Links) \
9812 PRTL_SPLAY_LINKS _SplayLinks; \
9813 _SplayLinks = (PRTL_SPLAY_LINKS)(Links); \
9814 _SplayLinks->Parent = _SplayLinks; \
9815 _SplayLinks->LeftChild = NULL; \
9816 _SplayLinks->RightChild = NULL; \
9819 #define RtlInsertAsLeftChild(ParentLinks,ChildLinks) \
9821 PRTL_SPLAY_LINKS _SplayParent; \
9822 PRTL_SPLAY_LINKS _SplayChild; \
9823 _SplayParent = (PRTL_SPLAY_LINKS)(ParentLinks); \
9824 _SplayChild = (PRTL_SPLAY_LINKS)(ChildLinks); \
9825 _SplayParent->LeftChild = _SplayChild; \
9826 _SplayChild->Parent = _SplayParent; \
9829 #define RtlInsertAsRightChild(ParentLinks,ChildLinks) \
9831 PRTL_SPLAY_LINKS _SplayParent; \
9832 PRTL_SPLAY_LINKS _SplayChild; \
9833 _SplayParent = (PRTL_SPLAY_LINKS)(ParentLinks); \
9834 _SplayChild = (PRTL_SPLAY_LINKS)(ChildLinks); \
9835 _SplayParent->RightChild = _SplayChild; \
9836 _SplayChild->Parent = _SplayParent; \
9840 // RTL time functions
9843 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
9845 #if (VER_PRODUCTBUILD >= 2195)
9850 ZwAdjustPrivilegesToken (
9851 IN HANDLE TokenHandle
,
9852 IN BOOLEAN DisableAllPrivileges
,
9853 IN PTOKEN_PRIVILEGES NewState
,
9854 IN ULONG BufferLength
,
9855 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL
,
9856 OUT PULONG ReturnLength
9859 #endif /* (VER_PRODUCTBUILD >= 2195) */
9865 IN HANDLE ThreadHandle
9871 ZwAllocateVirtualMemory (
9872 IN HANDLE ProcessHandle
,
9873 IN OUT PVOID
*BaseAddress
,
9874 IN ULONG_PTR ZeroBits
,
9875 IN OUT PSIZE_T RegionSize
,
9876 IN ULONG AllocationType
,
9883 ZwAccessCheckAndAuditAlarm (
9884 IN PUNICODE_STRING SubsystemName
,
9886 IN PUNICODE_STRING ObjectTypeName
,
9887 IN PUNICODE_STRING ObjectName
,
9888 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
9889 IN ACCESS_MASK DesiredAccess
,
9890 IN PGENERIC_MAPPING GenericMapping
,
9891 IN BOOLEAN ObjectCreation
,
9892 OUT PACCESS_MASK GrantedAccess
,
9893 OUT PBOOLEAN AccessStatus
,
9894 OUT PBOOLEAN GenerateOnClose
9897 #if (VER_PRODUCTBUILD >= 2195)
9903 IN HANDLE FileHandle
,
9904 OUT PIO_STATUS_BLOCK IoStatusBlock
9907 #endif /* (VER_PRODUCTBUILD >= 2195) */
9913 IN HANDLE EventHandle
9919 ZwCloseObjectAuditAlarm (
9920 IN PUNICODE_STRING SubsystemName
,
9922 IN BOOLEAN GenerateOnClose
9929 OUT PHANDLE SectionHandle
,
9930 IN ACCESS_MASK DesiredAccess
,
9931 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
9932 IN PLARGE_INTEGER MaximumSize OPTIONAL
,
9933 IN ULONG SectionPageProtection
,
9934 IN ULONG AllocationAttributes
,
9935 IN HANDLE FileHandle OPTIONAL
9941 ZwCreateSymbolicLinkObject (
9942 OUT PHANDLE SymbolicLinkHandle
,
9943 IN ACCESS_MASK DesiredAccess
,
9944 IN POBJECT_ATTRIBUTES ObjectAttributes
,
9945 IN PUNICODE_STRING TargetName
9952 IN POBJECT_ATTRIBUTES ObjectAttributes
9960 IN PUNICODE_STRING Name
9964 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9968 ZwDeviceIoControlFile (
9969 IN HANDLE FileHandle
,
9970 IN HANDLE Event OPTIONAL
,
9971 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
9972 IN PVOID ApcContext OPTIONAL
,
9973 OUT PIO_STATUS_BLOCK IoStatusBlock
,
9974 IN ULONG IoControlCode
,
9975 IN PVOID InputBuffer OPTIONAL
,
9976 IN ULONG InputBufferLength
,
9977 OUT PVOID OutputBuffer OPTIONAL
,
9978 IN ULONG OutputBufferLength
);
9985 IN PUNICODE_STRING String
9992 IN HANDLE SourceProcessHandle
,
9993 IN HANDLE SourceHandle
,
9994 IN HANDLE TargetProcessHandle OPTIONAL
,
9995 OUT PHANDLE TargetHandle OPTIONAL
,
9996 IN ACCESS_MASK DesiredAccess
,
9997 IN ULONG HandleAttributes
,
10005 IN HANDLE ExistingTokenHandle
,
10006 IN ACCESS_MASK DesiredAccess
,
10007 IN POBJECT_ATTRIBUTES ObjectAttributes
,
10008 IN BOOLEAN EffectiveOnly
,
10009 IN TOKEN_TYPE TokenType
,
10010 OUT PHANDLE NewTokenHandle
10016 ZwFlushInstructionCache (
10017 IN HANDLE ProcessHandle
,
10018 IN PVOID BaseAddress OPTIONAL
,
10025 ZwFlushBuffersFile(
10026 IN HANDLE FileHandle
,
10027 OUT PIO_STATUS_BLOCK IoStatusBlock
10030 #if (VER_PRODUCTBUILD >= 2195)
10035 ZwFlushVirtualMemory (
10036 IN HANDLE ProcessHandle
,
10037 IN OUT PVOID
*BaseAddress
,
10038 IN OUT PULONG FlushSize
,
10039 OUT PIO_STATUS_BLOCK IoStatusBlock
10042 #endif /* (VER_PRODUCTBUILD >= 2195) */
10047 ZwFreeVirtualMemory (
10048 IN HANDLE ProcessHandle
,
10049 IN OUT PVOID
*BaseAddress
,
10050 IN OUT PSIZE_T RegionSize
,
10058 IN HANDLE FileHandle
,
10059 IN HANDLE Event OPTIONAL
,
10060 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
10061 IN PVOID ApcContext OPTIONAL
,
10062 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10063 IN ULONG FsControlCode
,
10064 IN PVOID InputBuffer OPTIONAL
,
10065 IN ULONG InputBufferLength
,
10066 OUT PVOID OutputBuffer OPTIONAL
,
10067 IN ULONG OutputBufferLength
10070 #if (VER_PRODUCTBUILD >= 2195)
10075 ZwInitiatePowerAction (
10076 IN POWER_ACTION SystemAction
,
10077 IN SYSTEM_POWER_STATE MinSystemState
,
10079 IN BOOLEAN Asynchronous
10082 #endif /* (VER_PRODUCTBUILD >= 2195) */
10088 /* "\\Registry\\Machine\\System\\CurrentControlSet\\Services\\<DriverName>" */
10089 IN PUNICODE_STRING RegistryPath
10096 IN POBJECT_ATTRIBUTES KeyObjectAttributes
,
10097 IN POBJECT_ATTRIBUTES FileObjectAttributes
10103 ZwNotifyChangeKey (
10104 IN HANDLE KeyHandle
,
10105 IN HANDLE EventHandle OPTIONAL
,
10106 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
10107 IN PVOID ApcContext OPTIONAL
,
10108 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10109 IN ULONG NotifyFilter
,
10110 IN BOOLEAN WatchSubtree
,
10112 IN ULONG BufferLength
,
10113 IN BOOLEAN Asynchronous
10119 ZwOpenDirectoryObject (
10120 OUT PHANDLE DirectoryHandle
,
10121 IN ACCESS_MASK DesiredAccess
,
10122 IN POBJECT_ATTRIBUTES ObjectAttributes
10129 OUT PHANDLE ProcessHandle
,
10130 IN ACCESS_MASK DesiredAccess
,
10131 IN POBJECT_ATTRIBUTES ObjectAttributes
,
10132 IN PCLIENT_ID ClientId OPTIONAL
10138 ZwOpenProcessToken (
10139 IN HANDLE ProcessHandle
,
10140 IN ACCESS_MASK DesiredAccess
,
10141 OUT PHANDLE TokenHandle
10148 OUT PHANDLE ThreadHandle
,
10149 IN ACCESS_MASK DesiredAccess
,
10150 IN POBJECT_ATTRIBUTES ObjectAttributes
,
10151 IN PCLIENT_ID ClientId
10157 ZwOpenThreadToken (
10158 IN HANDLE ThreadHandle
,
10159 IN ACCESS_MASK DesiredAccess
,
10160 IN BOOLEAN OpenAsSelf
,
10161 OUT PHANDLE TokenHandle
10164 #if (VER_PRODUCTBUILD >= 2195)
10169 ZwPowerInformation (
10170 IN POWER_INFORMATION_LEVEL PowerInformationLevel
,
10171 IN PVOID InputBuffer OPTIONAL
,
10172 IN ULONG InputBufferLength
,
10173 OUT PVOID OutputBuffer OPTIONAL
,
10174 IN ULONG OutputBufferLength
10177 #endif /* (VER_PRODUCTBUILD >= 2195) */
10183 IN HANDLE EventHandle
,
10184 OUT PLONG PreviousState OPTIONAL
10190 ZwQueryDefaultLocale (
10191 IN BOOLEAN ThreadOrSystem
,
10198 ZwQueryDirectoryFile (
10199 IN HANDLE FileHandle
,
10200 IN HANDLE Event OPTIONAL
,
10201 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL
,
10202 IN PVOID ApcContext OPTIONAL
,
10203 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10204 OUT PVOID FileInformation
,
10206 IN FILE_INFORMATION_CLASS FileInformationClass
,
10207 IN BOOLEAN ReturnSingleEntry
,
10208 IN PUNICODE_STRING FileName OPTIONAL
,
10209 IN BOOLEAN RestartScan
10212 #if (VER_PRODUCTBUILD >= 2195)
10217 ZwQueryDirectoryObject (
10218 IN HANDLE DirectoryHandle
,
10221 IN BOOLEAN ReturnSingleEntry
,
10222 IN BOOLEAN RestartScan
,
10223 IN OUT PULONG Context
,
10224 OUT PULONG ReturnLength OPTIONAL
10231 IN HANDLE FileHandle
,
10232 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10235 IN BOOLEAN ReturnSingleEntry
,
10236 IN PVOID EaList OPTIONAL
,
10237 IN ULONG EaListLength
,
10238 IN PULONG EaIndex OPTIONAL
,
10239 IN BOOLEAN RestartScan
10242 #endif /* (VER_PRODUCTBUILD >= 2195) */
10247 ZwQueryInformationProcess (
10248 IN HANDLE ProcessHandle
,
10249 IN PROCESSINFOCLASS ProcessInformationClass
,
10250 OUT PVOID ProcessInformation
,
10251 IN ULONG ProcessInformationLength
,
10252 OUT PULONG ReturnLength OPTIONAL
10258 ZwQueryInformationToken (
10259 IN HANDLE TokenHandle
,
10260 IN TOKEN_INFORMATION_CLASS TokenInformationClass
,
10261 OUT PVOID TokenInformation
,
10263 OUT PULONG ResultLength
10269 ZwQuerySecurityObject (
10270 IN HANDLE FileHandle
,
10271 IN SECURITY_INFORMATION SecurityInformation
,
10272 OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
10274 OUT PULONG ResultLength
10280 ZwQueryVolumeInformationFile (
10281 IN HANDLE FileHandle
,
10282 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10283 OUT PVOID FsInformation
,
10285 IN FS_INFORMATION_CLASS FsInformationClass
10292 IN POBJECT_ATTRIBUTES NewFileObjectAttributes
,
10293 IN HANDLE KeyHandle
,
10294 IN POBJECT_ATTRIBUTES OldFileObjectAttributes
10301 IN HANDLE EventHandle
,
10302 OUT PLONG PreviousState OPTIONAL
10305 #if (VER_PRODUCTBUILD >= 2195)
10311 IN HANDLE KeyHandle
,
10312 IN HANDLE FileHandle
,
10316 #endif /* (VER_PRODUCTBUILD >= 2195) */
10322 IN HANDLE KeyHandle
,
10323 IN HANDLE FileHandle
10329 ZwSetDefaultLocale (
10330 IN BOOLEAN ThreadOrSystem
,
10334 #if (VER_PRODUCTBUILD >= 2195)
10339 ZwSetDefaultUILanguage (
10340 IN LANGID LanguageId
10347 IN HANDLE FileHandle
,
10348 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10353 #endif /* (VER_PRODUCTBUILD >= 2195) */
10359 IN HANDLE EventHandle
,
10360 OUT PLONG PreviousState OPTIONAL
10366 ZwSetInformationProcess (
10367 IN HANDLE ProcessHandle
,
10368 IN PROCESSINFOCLASS ProcessInformationClass
,
10369 IN PVOID ProcessInformation
,
10370 IN ULONG ProcessInformationLength
10373 #if (VER_PRODUCTBUILD >= 2195)
10378 ZwSetSecurityObject (
10380 IN SECURITY_INFORMATION SecurityInformation
,
10381 IN PSECURITY_DESCRIPTOR SecurityDescriptor
10384 #endif /* (VER_PRODUCTBUILD >= 2195) */
10390 IN PLARGE_INTEGER NewTime
,
10391 OUT PLARGE_INTEGER OldTime OPTIONAL
10394 #if (VER_PRODUCTBUILD >= 2195)
10399 ZwSetVolumeInformationFile (
10400 IN HANDLE FileHandle
,
10401 OUT PIO_STATUS_BLOCK IoStatusBlock
,
10402 IN PVOID FsInformation
,
10404 IN FS_INFORMATION_CLASS FsInformationClass
10407 #endif /* (VER_PRODUCTBUILD >= 2195) */
10412 ZwTerminateProcess (
10413 IN HANDLE ProcessHandle OPTIONAL
,
10414 IN NTSTATUS ExitStatus
10421 /* "\\Registry\\Machine\\System\\CurrentControlSet\\Services\\<DriverName>" */
10422 IN PUNICODE_STRING RegistryPath
10429 IN POBJECT_ATTRIBUTES KeyObjectAttributes
10432 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10436 ZwWaitForSingleObject (
10438 IN BOOLEAN Alertable
,
10439 IN PLARGE_INTEGER Timeout OPTIONAL
);
10445 ZwWaitForMultipleObjects (
10446 IN ULONG HandleCount
,
10447 IN PHANDLE Handles
,
10448 IN WAIT_TYPE WaitType
,
10449 IN BOOLEAN Alertable
,
10450 IN PLARGE_INTEGER Timeout OPTIONAL
projects / reactos.git / blob