3 Copyright (c) Alex Ionescu. All rights reserved.
11 Type definitions for the Object Manager
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
26 #ifndef NTOS_MODE_USER
32 // Definitions for Object Creation
34 #define OBJ_INHERIT 0x00000002L
35 #define OBJ_PERMANENT 0x00000010L
36 #define OBJ_EXCLUSIVE 0x00000020L
37 #define OBJ_CASE_INSENSITIVE 0x00000040L
38 #define OBJ_OPENIF 0x00000080L
39 #define OBJ_OPENLINK 0x00000100L
40 #define OBJ_KERNEL_HANDLE 0x00000200L
41 #define OBJ_FORCE_ACCESS_CHECK 0x00000400L
42 #define OBJ_VALID_ATTRIBUTES 0x000007F2L
44 #define InitializeObjectAttributes(p,n,a,r,s) { \
45 (p)->Length = sizeof(OBJECT_ATTRIBUTES); \
46 (p)->RootDirectory = (r); \
47 (p)->Attributes = (a); \
48 (p)->ObjectName = (n); \
49 (p)->SecurityDescriptor = (s); \
50 (p)->SecurityQualityOfService = NULL; \
54 // Number of custom-defined bits that can be attached to a handle
56 #define OBJ_HANDLE_TAGBITS 0x3
59 // Directory Object Access Rights
61 #define DIRECTORY_QUERY 0x0001
62 #define DIRECTORY_TRAVERSE 0x0002
63 #define DIRECTORY_CREATE_OBJECT 0x0004
64 #define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
65 #define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xF)
68 // Slash separator used in the OB Namespace (and Registry)
70 #define OBJ_NAME_PATH_SEPARATOR L'\\'
73 // Object Information Classes for NtQueryInformationObject
75 typedef enum _OBJECT_INFORMATION_CLASS
77 ObjectBasicInformation
,
78 ObjectNameInformation
,
79 ObjectTypeInformation
,
80 ObjectTypesInformation
,
81 ObjectHandleFlagInformation
,
82 ObjectSessionInformation
,
84 } OBJECT_INFORMATION_CLASS
;
91 #define OB_FLAG_CREATE_INFO 0x01
92 #define OB_FLAG_KERNEL_MODE 0x02
93 #define OB_FLAG_CREATOR_INFO 0x04
94 #define OB_FLAG_EXCLUSIVE 0x08
95 #define OB_FLAG_PERMANENT 0x10
96 #define OB_FLAG_SECURITY 0x20
97 #define OB_FLAG_SINGLE_PROCESS 0x40
98 #define OB_FLAG_DEFER_DELETE 0x80
100 #define OBJECT_TO_OBJECT_HEADER(o) \
101 CONTAINING_RECORD((o), OBJECT_HEADER, Body)
103 #define OBJECT_HEADER_TO_NAME_INFO(h) \
104 ((POBJECT_HEADER_NAME_INFO)(!(h)->NameInfoOffset ? \
105 NULL: ((PCHAR)(h) - (h)->NameInfoOffset)))
107 #define OBJECT_HEADER_TO_HANDLE_INFO(h) \
108 ((POBJECT_HEADER_HANDLE_INFO)(!(h)->HandleInfoOffset ? \
109 NULL: ((PCHAR)(h) - (h)->HandleInfoOffset)))
111 #define OBJECT_HEADER_TO_QUOTA_INFO(h) \
112 ((POBJECT_HEADER_QUOTA_INFO)(!(h)->QuotaInfoOffset ? \
113 NULL: ((PCHAR)(h) - (h)->QuotaInfoOffset)))
115 #define OBJECT_HEADER_TO_CREATOR_INFO(h) \
116 ((POBJECT_HEADER_CREATOR_INFO)(!((h)->Flags & \
117 OB_FLAG_CREATOR_INFO) ? NULL: ((PCHAR)(h) - \
118 sizeof(OBJECT_HEADER_CREATOR_INFO))))
120 #define OBJECT_HEADER_TO_EXCLUSIVE_PROCESS(h) \
121 ((!((h)->Flags & OB_FLAG_EXCLUSIVE)) ? \
122 NULL: (((POBJECT_HEADER_QUOTA_INFO)((PCHAR)(h) - \
123 (h)->QuotaInfoOffset))->ExclusiveProcess))
126 // Reasons for Open Callback
128 typedef enum _OB_OPEN_REASON
140 // Object Duplication Flags
142 #define DUPLICATE_SAME_ATTRIBUTES 0x00000004
145 // Number of hash entries in an Object Directory
147 #define NUMBER_HASH_BUCKETS 37
150 // Types for DosDeviceDriveType
152 #define DOSDEVICE_DRIVE_UNKNOWN 0
153 #define DOSDEVICE_DRIVE_CALCULATE 1
154 #define DOSDEVICE_DRIVE_REMOVABLE 2
155 #define DOSDEVICE_DRIVE_FIXED 3
156 #define DOSDEVICE_DRIVE_REMOTE 4
157 #define DOSDEVICE_DRIVE_CDROM 5
158 #define DOSDEVICE_DRIVE_RAMDISK 6
161 // Dump Control Structure for Object Debugging
163 typedef struct _OB_DUMP_CONTROL
167 } OB_DUMP_CONTROL
, *POB_DUMP_CONTROL
;
169 #ifndef NTOS_MODE_USER
172 // Object Type Callbacks
175 (NTAPI
*OB_DUMP_METHOD
)(
177 _In_opt_ POB_DUMP_CONTROL Control
181 (NTAPI
*OB_OPEN_METHOD
)(
182 _In_ OB_OPEN_REASON Reason
,
183 _In_opt_ PEPROCESS Process
,
184 _In_ PVOID ObjectBody
,
185 _In_ ACCESS_MASK GrantedAccess
,
186 _In_ ULONG HandleCount
190 (NTAPI
*OB_CLOSE_METHOD
)(
191 _In_opt_ PEPROCESS Process
,
193 _In_ ACCESS_MASK GrantedAccess
,
194 _In_ ULONG ProcessHandleCount
,
195 _In_ ULONG SystemHandleCount
199 (NTAPI
*OB_DELETE_METHOD
)(
204 (NTAPI
*OB_PARSE_METHOD
)(
205 _In_ PVOID ParseObject
,
206 _In_ PVOID ObjectType
,
207 _Inout_ PACCESS_STATE AccessState
,
208 _In_ KPROCESSOR_MODE AccessMode
,
209 _In_ ULONG Attributes
,
210 _Inout_ PUNICODE_STRING CompleteName
,
211 _Inout_ PUNICODE_STRING RemainingName
,
212 _Inout_opt_ PVOID Context
,
213 _In_opt_ PSECURITY_QUALITY_OF_SERVICE SecurityQos
,
218 (NTAPI
*OB_SECURITY_METHOD
)(
220 _In_ SECURITY_OPERATION_CODE OperationType
,
221 _In_ PSECURITY_INFORMATION SecurityInformation
,
222 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
223 _Inout_ PULONG CapturedLength
,
224 _Inout_ PSECURITY_DESCRIPTOR
*ObjectSecurityDescriptor
,
225 _In_ POOL_TYPE PoolType
,
226 _In_ PGENERIC_MAPPING GenericMapping
230 (NTAPI
*OB_QUERYNAME_METHOD
)(
232 _In_ BOOLEAN HasObjectName
,
233 _Out_ POBJECT_NAME_INFORMATION ObjectNameInfo
,
235 _Out_ PULONG ReturnLength
,
236 _In_ KPROCESSOR_MODE AccessMode
240 (NTAPI
*OB_OKAYTOCLOSE_METHOD
)(
241 _In_opt_ PEPROCESS Process
,
244 _In_ KPROCESSOR_MODE AccessMode
250 // Object Information Types for NtQueryInformationObject
252 typedef struct _OBJECT_NAME_INFORMATION
255 } OBJECT_NAME_INFORMATION
, *POBJECT_NAME_INFORMATION
;
259 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFORMATION
262 BOOLEAN ProtectFromClose
;
263 } OBJECT_HANDLE_ATTRIBUTE_INFORMATION
, *POBJECT_HANDLE_ATTRIBUTE_INFORMATION
;
265 typedef struct _OBJECT_DIRECTORY_INFORMATION
268 UNICODE_STRING TypeName
;
269 } OBJECT_DIRECTORY_INFORMATION
, *POBJECT_DIRECTORY_INFORMATION
;
272 // Object Type Information
274 typedef struct _OBJECT_TYPE_INFORMATION
276 UNICODE_STRING TypeName
;
277 ULONG TotalNumberOfObjects
;
278 ULONG TotalNumberOfHandles
;
279 ULONG TotalPagedPoolUsage
;
280 ULONG TotalNonPagedPoolUsage
;
281 ULONG TotalNamePoolUsage
;
282 ULONG TotalHandleTableUsage
;
283 ULONG HighWaterNumberOfObjects
;
284 ULONG HighWaterNumberOfHandles
;
285 ULONG HighWaterPagedPoolUsage
;
286 ULONG HighWaterNonPagedPoolUsage
;
287 ULONG HighWaterNamePoolUsage
;
288 ULONG HighWaterHandleTableUsage
;
289 ULONG InvalidAttributes
;
290 GENERIC_MAPPING GenericMapping
;
291 ULONG ValidAccessMask
;
292 BOOLEAN SecurityRequired
;
293 BOOLEAN MaintainHandleCount
;
295 ULONG DefaultPagedPoolCharge
;
296 ULONG DefaultNonPagedPoolCharge
;
297 } OBJECT_TYPE_INFORMATION
, *POBJECT_TYPE_INFORMATION
;
299 typedef struct _OBJECT_ALL_TYPES_INFORMATION
302 //OBJECT_TYPE_INFORMATION TypeInformation[1];
303 } OBJECT_ALL_TYPES_INFORMATION
, *POBJECT_ALL_TYPES_INFORMATION
;
305 #ifdef NTOS_MODE_USER
307 typedef struct _OBJECT_BASIC_INFORMATION
310 ACCESS_MASK GrantedAccess
;
313 ULONG PagedPoolUsage
;
314 ULONG NonPagedPoolUsage
;
316 ULONG NameInformationLength
;
317 ULONG TypeInformationLength
;
318 ULONG SecurityDescriptorLength
;
319 LARGE_INTEGER CreateTime
;
320 } OBJECT_BASIC_INFORMATION
, *POBJECT_BASIC_INFORMATION
;
324 typedef struct _OBJECT_CREATE_INFORMATION
327 HANDLE RootDirectory
;
329 KPROCESSOR_MODE ProbeMode
;
330 ULONG PagedPoolCharge
;
331 ULONG NonPagedPoolCharge
;
332 ULONG SecurityDescriptorCharge
;
333 PSECURITY_DESCRIPTOR SecurityDescriptor
;
334 PSECURITY_QUALITY_OF_SERVICE SecurityQos
;
335 SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
;
336 } OBJECT_CREATE_INFORMATION
, *POBJECT_CREATE_INFORMATION
;
339 // Object Type Initialize for ObCreateObjectType
341 typedef struct _OBJECT_TYPE_INITIALIZER
344 BOOLEAN UseDefaultObject
;
345 BOOLEAN CaseInsensitive
;
346 ULONG InvalidAttributes
;
347 GENERIC_MAPPING GenericMapping
;
348 ULONG ValidAccessMask
;
349 BOOLEAN SecurityRequired
;
350 BOOLEAN MaintainHandleCount
;
351 BOOLEAN MaintainTypeList
;
353 ULONG DefaultPagedPoolCharge
;
354 ULONG DefaultNonPagedPoolCharge
;
355 OB_DUMP_METHOD DumpProcedure
;
356 OB_OPEN_METHOD OpenProcedure
;
357 OB_CLOSE_METHOD CloseProcedure
;
358 OB_DELETE_METHOD DeleteProcedure
;
359 OB_PARSE_METHOD ParseProcedure
;
360 OB_SECURITY_METHOD SecurityProcedure
;
361 OB_QUERYNAME_METHOD QueryNameProcedure
;
362 OB_OKAYTOCLOSE_METHOD OkayToCloseProcedure
;
363 } OBJECT_TYPE_INITIALIZER
, *POBJECT_TYPE_INITIALIZER
;
366 // Object Type Object
368 typedef struct _OBJECT_TYPE
375 ULONG TotalNumberOfObjects
;
376 ULONG TotalNumberOfHandles
;
377 ULONG HighWaterNumberOfObjects
;
378 ULONG HighWaterNumberOfHandles
;
379 OBJECT_TYPE_INITIALIZER TypeInfo
;
381 ERESOURCE ObjectLocks
[4];
385 // Object Directory Structures
387 typedef struct _OBJECT_DIRECTORY_ENTRY
389 struct _OBJECT_DIRECTORY_ENTRY
*ChainLink
;
391 #if (NTDDI_VERSION >= NTDDI_WS03)
394 } OBJECT_DIRECTORY_ENTRY
, *POBJECT_DIRECTORY_ENTRY
;
396 typedef struct _OBJECT_DIRECTORY
398 struct _OBJECT_DIRECTORY_ENTRY
*HashBuckets
[NUMBER_HASH_BUCKETS
];
399 #if (NTDDI_VERSION < NTDDI_WINXP)
404 #if (NTDDI_VERSION < NTDDI_WINXP)
405 BOOLEAN CurrentEntryValid
;
407 struct _DEVICE_MAP
*DeviceMap
;
410 #if (NTDDI_VERSION == NTDDI_WINXP)
412 USHORT SymbolicLinkUsageCount
;
414 } OBJECT_DIRECTORY
, *POBJECT_DIRECTORY
;
417 // Object Header Addon Information
419 typedef struct _OBJECT_HEADER_NAME_INFO
421 POBJECT_DIRECTORY Directory
;
423 ULONG QueryReferences
;
425 ULONG DbgReferenceCount
;
426 } OBJECT_HEADER_NAME_INFO
, *POBJECT_HEADER_NAME_INFO
;
428 typedef struct _OBJECT_HANDLE_COUNT_ENTRY
430 struct _EPROCESS
*Process
;
432 } OBJECT_HANDLE_COUNT_ENTRY
, *POBJECT_HANDLE_COUNT_ENTRY
;
434 typedef struct _OBJECT_HANDLE_COUNT_DATABASE
437 OBJECT_HANDLE_COUNT_ENTRY HandleCountEntries
[1];
438 } OBJECT_HANDLE_COUNT_DATABASE
, *POBJECT_HANDLE_COUNT_DATABASE
;
440 typedef struct _OBJECT_HEADER_HANDLE_INFO
444 POBJECT_HANDLE_COUNT_DATABASE HandleCountDatabase
;
445 OBJECT_HANDLE_COUNT_ENTRY SingleEntry
;
447 } OBJECT_HEADER_HANDLE_INFO
, *POBJECT_HEADER_HANDLE_INFO
;
449 typedef struct _OBJECT_HEADER_CREATOR_INFO
452 PVOID CreatorUniqueProcess
;
453 USHORT CreatorBackTraceIndex
;
455 } OBJECT_HEADER_CREATOR_INFO
, *POBJECT_HEADER_CREATOR_INFO
;
457 typedef struct _OBJECT_HEADER_QUOTA_INFO
459 ULONG PagedPoolCharge
;
460 ULONG NonPagedPoolCharge
;
461 ULONG SecurityDescriptorCharge
;
462 PEPROCESS ExclusiveProcess
;
463 } OBJECT_HEADER_QUOTA_INFO
, *POBJECT_HEADER_QUOTA_INFO
;
468 typedef struct _OBJECT_HEADER
474 volatile PVOID NextToFree
;
477 UCHAR NameInfoOffset
;
478 UCHAR HandleInfoOffset
;
479 UCHAR QuotaInfoOffset
;
483 POBJECT_CREATE_INFORMATION ObjectCreateInfo
;
484 PVOID QuotaBlockCharged
;
486 PSECURITY_DESCRIPTOR SecurityDescriptor
;
488 } OBJECT_HEADER
, *POBJECT_HEADER
;
491 // Object Lookup Context
493 typedef struct _OBP_LOOKUP_CONTEXT
495 POBJECT_DIRECTORY Directory
;
499 BOOLEAN DirectoryLocked
;
500 ULONG LockStateSignature
;
501 } OBP_LOOKUP_CONTEXT
, *POBP_LOOKUP_CONTEXT
;
506 typedef struct _DEVICE_MAP
508 POBJECT_DIRECTORY DosDevicesDirectory
;
509 POBJECT_DIRECTORY GlobalDosDevicesDirectory
;
510 ULONG ReferenceCount
;
513 } DEVICE_MAP
, *PDEVICE_MAP
;
516 // Symbolic Link Object
518 typedef struct _OBJECT_SYMBOLIC_LINK
520 LARGE_INTEGER CreationTime
;
521 UNICODE_STRING LinkTarget
;
522 UNICODE_STRING LinkTargetRemaining
;
523 PVOID LinkTargetObject
;
524 ULONG DosDeviceDriveIndex
;
525 } OBJECT_SYMBOLIC_LINK
, *POBJECT_SYMBOLIC_LINK
;
530 extern POBJECT_TYPE NTSYSAPI ObDirectoryType
;
531 extern PDEVICE_MAP NTSYSAPI ObSystemDeviceMap
;
533 #endif // !NTOS_MODE_USER