projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[CONSRV]
[reactos.git] / include / xdk / ntifs.template.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 /* Dependencies */
34 #include <ntddk.h>
35 #include <excpt.h>
36 #include <ntdef.h>
37 #include <ntnls.h>
38 #include <ntstatus.h>
39 #include <bugcodes.h>
40 #include <ntiologc.h>
41
42 $define (_NTIFS_)
43
44 #ifndef FlagOn
45 #define FlagOn(_F,_SF) ((_F) & (_SF))
46 #endif
47
48 #ifndef BooleanFlagOn
49 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
50 #endif
51
52 #ifndef SetFlag
53 #define SetFlag(_F,_SF) ((_F) |= (_SF))
54 #endif
55
56 #ifndef ClearFlag
57 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
58 #endif
59
60 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
61 typedef STRING LSA_STRING, *PLSA_STRING;
62 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
63
64 $include (setypes.h)
65 $include (obtypes.h)
66 $include (rtltypes.h)
67 $include (rtlfuncs.h)
68
69 _IRQL_requires_max_(PASSIVE_LEVEL)
70 __kernel_entry
71 NTSYSCALLAPI
72 NTSTATUS
73 NTAPI
74 NtQueryObject(
75 _In_opt_ HANDLE Handle,
76 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
77 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
78 _In_ ULONG ObjectInformationLength,
79 _Out_opt_ PULONG ReturnLength);
80
81 #if (NTDDI_VERSION >= NTDDI_WIN2K)
82
83 _Must_inspect_result_
84 __kernel_entry
85 NTSYSCALLAPI
86 NTSTATUS
87 NTAPI
88 NtOpenThreadToken(
89 _In_ HANDLE ThreadHandle,
90 _In_ ACCESS_MASK DesiredAccess,
91 _In_ BOOLEAN OpenAsSelf,
92 _Out_ PHANDLE TokenHandle);
93
94 _Must_inspect_result_
95 __kernel_entry
96 NTSYSCALLAPI
97 NTSTATUS
98 NTAPI
99 NtOpenProcessToken(
100 _In_ HANDLE ProcessHandle,
101 _In_ ACCESS_MASK DesiredAccess,
102 _Out_ PHANDLE TokenHandle);
103
104 _When_(TokenInformationClass == TokenAccessInformation,
105 _At_(TokenInformationLength,
106 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
107 _Must_inspect_result_
108 __kernel_entry
109 NTSYSCALLAPI
110 NTSTATUS
111 NTAPI
112 NtQueryInformationToken(
113 _In_ HANDLE TokenHandle,
114 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
115 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
116 _In_ ULONG TokenInformationLength,
117 _Out_ PULONG ReturnLength);
118
119 _Must_inspect_result_
120 __kernel_entry
121 NTSYSCALLAPI
122 NTSTATUS
123 NTAPI
124 NtAdjustPrivilegesToken(
125 _In_ HANDLE TokenHandle,
126 _In_ BOOLEAN DisableAllPrivileges,
127 _In_opt_ PTOKEN_PRIVILEGES NewState,
128 _In_ ULONG BufferLength,
129 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
130 _Out_ _When_(PreviousState == NULL, _Out_opt_) PULONG ReturnLength);
131
132 __kernel_entry
133 NTSYSCALLAPI
134 NTSTATUS
135 NTAPI
136 NtCreateFile(
137 _Out_ PHANDLE FileHandle,
138 _In_ ACCESS_MASK DesiredAccess,
139 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
140 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
141 _In_opt_ PLARGE_INTEGER AllocationSize,
142 _In_ ULONG FileAttributes,
143 _In_ ULONG ShareAccess,
144 _In_ ULONG CreateDisposition,
145 _In_ ULONG CreateOptions,
146 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
147 _In_ ULONG EaLength);
148
149 __kernel_entry
150 NTSYSCALLAPI
151 NTSTATUS
152 NTAPI
153 NtDeviceIoControlFile(
154 _In_ HANDLE FileHandle,
155 _In_opt_ HANDLE Event,
156 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
157 _In_opt_ PVOID ApcContext,
158 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
159 _In_ ULONG IoControlCode,
160 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
161 _In_ ULONG InputBufferLength,
162 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
163 _In_ ULONG OutputBufferLength);
164
165 __kernel_entry
166 NTSYSCALLAPI
167 NTSTATUS
168 NTAPI
169 NtFsControlFile(
170 _In_ HANDLE FileHandle,
171 _In_opt_ HANDLE Event,
172 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
173 _In_opt_ PVOID ApcContext,
174 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
175 _In_ ULONG FsControlCode,
176 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
177 _In_ ULONG InputBufferLength,
178 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
179 _In_ ULONG OutputBufferLength);
180
181 __kernel_entry
182 NTSYSCALLAPI
183 NTSTATUS
184 NTAPI
185 NtLockFile(
186 _In_ HANDLE FileHandle,
187 _In_opt_ HANDLE Event,
188 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
189 _In_opt_ PVOID ApcContext,
190 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
191 _In_ PLARGE_INTEGER ByteOffset,
192 _In_ PLARGE_INTEGER Length,
193 _In_ ULONG Key,
194 _In_ BOOLEAN FailImmediately,
195 _In_ BOOLEAN ExclusiveLock);
196
197 __kernel_entry
198 NTSYSCALLAPI
199 NTSTATUS
200 NTAPI
201 NtOpenFile(
202 _Out_ PHANDLE FileHandle,
203 _In_ ACCESS_MASK DesiredAccess,
204 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
205 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
206 _In_ ULONG ShareAccess,
207 _In_ ULONG OpenOptions);
208
209 __kernel_entry
210 NTSYSCALLAPI
211 NTSTATUS
212 NTAPI
213 NtQueryDirectoryFile(
214 _In_ HANDLE FileHandle,
215 _In_opt_ HANDLE Event,
216 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
217 _In_opt_ PVOID ApcContext,
218 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
219 _Out_writes_bytes_(Length) PVOID FileInformation,
220 _In_ ULONG Length,
221 _In_ FILE_INFORMATION_CLASS FileInformationClass,
222 _In_ BOOLEAN ReturnSingleEntry,
223 _In_opt_ PUNICODE_STRING FileName,
224 _In_ BOOLEAN RestartScan);
225
226 __kernel_entry
227 NTSYSCALLAPI
228 NTSTATUS
229 NTAPI
230 NtQueryInformationFile(
231 _In_ HANDLE FileHandle,
232 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
233 _Out_writes_bytes_(Length) PVOID FileInformation,
234 _In_ ULONG Length,
235 _In_ FILE_INFORMATION_CLASS FileInformationClass);
236
237 __kernel_entry
238 NTSYSCALLAPI
239 NTSTATUS
240 NTAPI
241 NtQueryQuotaInformationFile(
242 _In_ HANDLE FileHandle,
243 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
244 _Out_writes_bytes_(Length) PVOID Buffer,
245 _In_ ULONG Length,
246 _In_ BOOLEAN ReturnSingleEntry,
247 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
248 _In_ ULONG SidListLength,
249 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
250 _In_ BOOLEAN RestartScan);
251
252 __kernel_entry
253 NTSYSCALLAPI
254 NTSTATUS
255 NTAPI
256 NtQueryVolumeInformationFile(
257 _In_ HANDLE FileHandle,
258 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
259 _Out_writes_bytes_(Length) PVOID FsInformation,
260 _In_ ULONG Length,
261 _In_ FS_INFORMATION_CLASS FsInformationClass);
262
263 __kernel_entry
264 NTSYSCALLAPI
265 NTSTATUS
266 NTAPI
267 NtReadFile(
268 _In_ HANDLE FileHandle,
269 _In_opt_ HANDLE Event,
270 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
271 _In_opt_ PVOID ApcContext,
272 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
273 _Out_writes_bytes_(Length) PVOID Buffer,
274 _In_ ULONG Length,
275 _In_opt_ PLARGE_INTEGER ByteOffset,
276 _In_opt_ PULONG Key);
277
278 __kernel_entry
279 NTSYSCALLAPI
280 NTSTATUS
281 NTAPI
282 NtSetInformationFile(
283 _In_ HANDLE FileHandle,
284 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
285 _In_reads_bytes_(Length) PVOID FileInformation,
286 _In_ ULONG Length,
287 _In_ FILE_INFORMATION_CLASS FileInformationClass);
288
289 __kernel_entry
290 NTSYSCALLAPI
291 NTSTATUS
292 NTAPI
293 NtSetQuotaInformationFile(
294 _In_ HANDLE FileHandle,
295 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
296 _In_reads_bytes_(Length) PVOID Buffer,
297 _In_ ULONG Length);
298
299 __kernel_entry
300 NTSYSCALLAPI
301 NTSTATUS
302 NTAPI
303 NtSetVolumeInformationFile(
304 _In_ HANDLE FileHandle,
305 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
306 _In_reads_bytes_(Length) PVOID FsInformation,
307 _In_ ULONG Length,
308 _In_ FS_INFORMATION_CLASS FsInformationClass);
309
310 __kernel_entry
311 NTSYSCALLAPI
312 NTSTATUS
313 NTAPI
314 NtWriteFile(
315 _In_ HANDLE FileHandle,
316 _In_opt_ HANDLE Event,
317 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
318 _In_opt_ PVOID ApcContext,
319 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
320 _In_reads_bytes_(Length) PVOID Buffer,
321 _In_ ULONG Length,
322 _In_opt_ PLARGE_INTEGER ByteOffset,
323 _In_opt_ PULONG Key);
324
325 __kernel_entry
326 NTSYSCALLAPI
327 NTSTATUS
328 NTAPI
329 NtUnlockFile(
330 _In_ HANDLE FileHandle,
331 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
332 _In_ PLARGE_INTEGER ByteOffset,
333 _In_ PLARGE_INTEGER Length,
334 _In_ ULONG Key);
335
336 _IRQL_requires_max_(PASSIVE_LEVEL)
337 __kernel_entry
338 NTSYSCALLAPI
339 NTSTATUS
340 NTAPI
341 NtSetSecurityObject(
342 _In_ HANDLE Handle,
343 _In_ SECURITY_INFORMATION SecurityInformation,
344 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
345
346 _IRQL_requires_max_(PASSIVE_LEVEL)
347 __kernel_entry
348 NTSYSCALLAPI
349 NTSTATUS
350 NTAPI
351 NtQuerySecurityObject(
352 _In_ HANDLE Handle,
353 _In_ SECURITY_INFORMATION SecurityInformation,
354 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
355 _In_ ULONG Length,
356 _Out_ PULONG LengthNeeded);
357
358 _IRQL_requires_max_(PASSIVE_LEVEL)
359 __kernel_entry
360 NTSYSCALLAPI
361 NTSTATUS
362 NTAPI
363 NtClose(
364 _In_ HANDLE Handle);
365
366 _Must_inspect_result_
367 __drv_allocatesMem(Mem)
368 __kernel_entry
369 NTSYSCALLAPI
370 NTSTATUS
371 NTAPI
372 NtAllocateVirtualMemory(
373 _In_ HANDLE ProcessHandle,
374 _Outptr_result_bytebuffer_(*RegionSize) PVOID *BaseAddress,
375 _In_ ULONG_PTR ZeroBits,
376 _Inout_ PSIZE_T RegionSize,
377 _In_ ULONG AllocationType,
378 _In_ ULONG Protect);
379
380 __kernel_entry
381 NTSYSCALLAPI
382 NTSTATUS
383 NTAPI
384 NtFreeVirtualMemory(
385 _In_ HANDLE ProcessHandle,
386 _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
387 _Inout_ PSIZE_T RegionSize,
388 _In_ ULONG FreeType);
389
390 #endif
391
392 #if (NTDDI_VERSION >= NTDDI_WINXP)
393
394 _Must_inspect_result_
395 __kernel_entry
396 NTSYSCALLAPI
397 NTSTATUS
398 NTAPI
399 NtOpenThreadTokenEx(
400 _In_ HANDLE ThreadHandle,
401 _In_ ACCESS_MASK DesiredAccess,
402 _In_ BOOLEAN OpenAsSelf,
403 _In_ ULONG HandleAttributes,
404 _Out_ PHANDLE TokenHandle);
405
406 _Must_inspect_result_
407 __kernel_entry
408 NTSYSCALLAPI
409 NTSTATUS
410 NTAPI
411 NtOpenProcessTokenEx(
412 _In_ HANDLE ProcessHandle,
413 _In_ ACCESS_MASK DesiredAccess,
414 _In_ ULONG HandleAttributes,
415 _Out_ PHANDLE TokenHandle);
416
417 _Must_inspect_result_
418 NTSYSAPI
419 NTSTATUS
420 NTAPI
421 NtOpenJobObjectToken(
422 _In_ HANDLE JobHandle,
423 _In_ ACCESS_MASK DesiredAccess,
424 _Out_ PHANDLE TokenHandle);
425
426 _Must_inspect_result_
427 __kernel_entry
428 NTSYSCALLAPI
429 NTSTATUS
430 NTAPI
431 NtDuplicateToken(
432 _In_ HANDLE ExistingTokenHandle,
433 _In_ ACCESS_MASK DesiredAccess,
434 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
435 _In_ BOOLEAN EffectiveOnly,
436 _In_ TOKEN_TYPE TokenType,
437 _Out_ PHANDLE NewTokenHandle);
438
439 _Must_inspect_result_
440 __kernel_entry
441 NTSYSCALLAPI
442 NTSTATUS
443 NTAPI
444 NtFilterToken(
445 _In_ HANDLE ExistingTokenHandle,
446 _In_ ULONG Flags,
447 _In_opt_ PTOKEN_GROUPS SidsToDisable,
448 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
449 _In_opt_ PTOKEN_GROUPS RestrictedSids,
450 _Out_ PHANDLE NewTokenHandle);
451
452 _Must_inspect_result_
453 __kernel_entry
454 NTSYSCALLAPI
455 NTSTATUS
456 NTAPI
457 NtImpersonateAnonymousToken(
458 _In_ HANDLE ThreadHandle);
459
460 _Must_inspect_result_
461 __kernel_entry
462 NTSYSCALLAPI
463 NTSTATUS
464 NTAPI
465 NtSetInformationToken(
466 _In_ HANDLE TokenHandle,
467 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
468 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
469 _In_ ULONG TokenInformationLength);
470
471 _Must_inspect_result_
472 __kernel_entry
473 NTSYSCALLAPI
474 NTSTATUS
475 NTAPI
476 NtAdjustGroupsToken(
477 _In_ HANDLE TokenHandle,
478 _In_ BOOLEAN ResetToDefault,
479 _In_opt_ PTOKEN_GROUPS NewState,
480 _In_opt_ ULONG BufferLength,
481 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
482 _Out_ PULONG ReturnLength);
483
484 _Must_inspect_result_
485 __kernel_entry
486 NTSYSCALLAPI
487 NTSTATUS
488 NTAPI
489 NtPrivilegeCheck(
490 _In_ HANDLE ClientToken,
491 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
492 _Out_ PBOOLEAN Result);
493
494 _Must_inspect_result_
495 __kernel_entry
496 NTSYSCALLAPI
497 NTSTATUS
498 NTAPI
499 NtAccessCheckAndAuditAlarm(
500 _In_ PUNICODE_STRING SubsystemName,
501 _In_opt_ PVOID HandleId,
502 _In_ PUNICODE_STRING ObjectTypeName,
503 _In_ PUNICODE_STRING ObjectName,
504 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
505 _In_ ACCESS_MASK DesiredAccess,
506 _In_ PGENERIC_MAPPING GenericMapping,
507 _In_ BOOLEAN ObjectCreation,
508 _Out_ PACCESS_MASK GrantedAccess,
509 _Out_ PNTSTATUS AccessStatus,
510 _Out_ PBOOLEAN GenerateOnClose);
511
512 _Must_inspect_result_
513 __kernel_entry
514 NTSYSCALLAPI
515 NTSTATUS
516 NTAPI
517 NtAccessCheckByTypeAndAuditAlarm(
518 _In_ PUNICODE_STRING SubsystemName,
519 _In_opt_ PVOID HandleId,
520 _In_ PUNICODE_STRING ObjectTypeName,
521 _In_ PUNICODE_STRING ObjectName,
522 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
523 _In_opt_ PSID PrincipalSelfSid,
524 _In_ ACCESS_MASK DesiredAccess,
525 _In_ AUDIT_EVENT_TYPE AuditType,
526 _In_ ULONG Flags,
527 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
528 _In_ ULONG ObjectTypeLength,
529 _In_ PGENERIC_MAPPING GenericMapping,
530 _In_ BOOLEAN ObjectCreation,
531 _Out_ PACCESS_MASK GrantedAccess,
532 _Out_ PNTSTATUS AccessStatus,
533 _Out_ PBOOLEAN GenerateOnClose);
534
535 _Must_inspect_result_
536 __kernel_entry
537 NTSYSCALLAPI
538 NTSTATUS
539 NTAPI
540 NtAccessCheckByTypeResultListAndAuditAlarm(
541 _In_ PUNICODE_STRING SubsystemName,
542 _In_opt_ PVOID HandleId,
543 _In_ PUNICODE_STRING ObjectTypeName,
544 _In_ PUNICODE_STRING ObjectName,
545 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
546 _In_opt_ PSID PrincipalSelfSid,
547 _In_ ACCESS_MASK DesiredAccess,
548 _In_ AUDIT_EVENT_TYPE AuditType,
549 _In_ ULONG Flags,
550 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
551 _In_ ULONG ObjectTypeListLength,
552 _In_ PGENERIC_MAPPING GenericMapping,
553 _In_ BOOLEAN ObjectCreation,
554 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
555 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
556 _Out_ PBOOLEAN GenerateOnClose);
557
558 _Must_inspect_result_
559 __kernel_entry
560 NTSYSCALLAPI
561 NTSTATUS
562 NTAPI
563 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
564 _In_ PUNICODE_STRING SubsystemName,
565 _In_opt_ PVOID HandleId,
566 _In_ HANDLE ClientToken,
567 _In_ PUNICODE_STRING ObjectTypeName,
568 _In_ PUNICODE_STRING ObjectName,
569 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
570 _In_opt_ PSID PrincipalSelfSid,
571 _In_ ACCESS_MASK DesiredAccess,
572 _In_ AUDIT_EVENT_TYPE AuditType,
573 _In_ ULONG Flags,
574 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
575 _In_ ULONG ObjectTypeListLength,
576 _In_ PGENERIC_MAPPING GenericMapping,
577 _In_ BOOLEAN ObjectCreation,
578 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
579 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
580 _Out_ PBOOLEAN GenerateOnClose);
581
582 __kernel_entry
583 NTSYSCALLAPI
584 NTSTATUS
585 NTAPI
586 NtOpenObjectAuditAlarm(
587 _In_ PUNICODE_STRING SubsystemName,
588 _In_opt_ PVOID HandleId,
589 _In_ PUNICODE_STRING ObjectTypeName,
590 _In_ PUNICODE_STRING ObjectName,
591 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
592 _In_ HANDLE ClientToken,
593 _In_ ACCESS_MASK DesiredAccess,
594 _In_ ACCESS_MASK GrantedAccess,
595 _In_opt_ PPRIVILEGE_SET Privileges,
596 _In_ BOOLEAN ObjectCreation,
597 _In_ BOOLEAN AccessGranted,
598 _Out_ PBOOLEAN GenerateOnClose);
599
600 __kernel_entry
601 NTSYSCALLAPI
602 NTSTATUS
603 NTAPI
604 NtPrivilegeObjectAuditAlarm(
605 _In_ PUNICODE_STRING SubsystemName,
606 _In_opt_ PVOID HandleId,
607 _In_ HANDLE ClientToken,
608 _In_ ACCESS_MASK DesiredAccess,
609 _In_ PPRIVILEGE_SET Privileges,
610 _In_ BOOLEAN AccessGranted);
611
612 __kernel_entry
613 NTSYSCALLAPI
614 NTSTATUS
615 NTAPI
616 NtCloseObjectAuditAlarm(
617 _In_ PUNICODE_STRING SubsystemName,
618 _In_opt_ PVOID HandleId,
619 _In_ BOOLEAN GenerateOnClose);
620
621 __kernel_entry
622 NTSYSCALLAPI
623 NTSTATUS
624 NTAPI
625 NtDeleteObjectAuditAlarm(
626 _In_ PUNICODE_STRING SubsystemName,
627 _In_opt_ PVOID HandleId,
628 _In_ BOOLEAN GenerateOnClose);
629
630 __kernel_entry
631 NTSYSCALLAPI
632 NTSTATUS
633 NTAPI
634 NtPrivilegedServiceAuditAlarm(
635 _In_ PUNICODE_STRING SubsystemName,
636 _In_ PUNICODE_STRING ServiceName,
637 _In_ HANDLE ClientToken,
638 _In_ PPRIVILEGE_SET Privileges,
639 _In_ BOOLEAN AccessGranted);
640
641 __kernel_entry
642 NTSYSCALLAPI
643 NTSTATUS
644 NTAPI
645 NtSetInformationThread(
646 _In_ HANDLE ThreadHandle,
647 _In_ THREADINFOCLASS ThreadInformationClass,
648 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
649 _In_ ULONG ThreadInformationLength);
650
651 _Must_inspect_result_
652 __kernel_entry
653 NTSYSCALLAPI
654 NTSTATUS
655 NTAPI
656 NtCreateSection(
657 _Out_ PHANDLE SectionHandle,
658 _In_ ACCESS_MASK DesiredAccess,
659 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
660 _In_opt_ PLARGE_INTEGER MaximumSize,
661 _In_ ULONG SectionPageProtection,
662 _In_ ULONG AllocationAttributes,
663 _In_opt_ HANDLE FileHandle);
664
665 #endif
666
667 #define COMPRESSION_FORMAT_NONE (0x0000)
668 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
669 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
670 #define COMPRESSION_ENGINE_STANDARD (0x0000)
671 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
672 #define COMPRESSION_ENGINE_HIBER (0x0200)
673
674 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
675
676 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
677
678 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
679 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
680
681 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
682
683 typedef enum _SECURITY_LOGON_TYPE {
684 UndefinedLogonType = 0,
685 Interactive = 2,
686 Network,
687 Batch,
688 Service,
689 Proxy,
690 Unlock,
691 NetworkCleartext,
692 NewCredentials,
693 #if (_WIN32_WINNT >= 0x0501)
694 RemoteInteractive,
695 CachedInteractive,
696 #endif
697 #if (_WIN32_WINNT >= 0x0502)
698 CachedRemoteInteractive,
699 CachedUnlock
700 #endif
701 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
702
703 #ifndef _NTLSA_AUDIT_
704 #define _NTLSA_AUDIT_
705
706 #ifndef GUID_DEFINED
707 #include <guiddef.h>
708 #endif
709
710 #endif /* _NTLSA_AUDIT_ */
711
712 _IRQL_requires_same_
713 _IRQL_requires_max_(PASSIVE_LEVEL)
714 NTSTATUS
715 NTAPI
716 LsaRegisterLogonProcess(
717 _In_ PLSA_STRING LogonProcessName,
718 _Out_ PHANDLE LsaHandle,
719 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
720
721 _IRQL_requires_same_
722 _IRQL_requires_max_(PASSIVE_LEVEL)
723 NTSTATUS
724 NTAPI
725 LsaLogonUser(
726 _In_ HANDLE LsaHandle,
727 _In_ PLSA_STRING OriginName,
728 _In_ SECURITY_LOGON_TYPE LogonType,
729 _In_ ULONG AuthenticationPackage,
730 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
731 _In_ ULONG AuthenticationInformationLength,
732 _In_opt_ PTOKEN_GROUPS LocalGroups,
733 _In_ PTOKEN_SOURCE SourceContext,
734 _Out_ PVOID *ProfileBuffer,
735 _Out_ PULONG ProfileBufferLength,
736 _Inout_ PLUID LogonId,
737 _Out_ PHANDLE Token,
738 _Out_ PQUOTA_LIMITS Quotas,
739 _Out_ PNTSTATUS SubStatus);
740
741 _IRQL_requires_same_
742 NTSTATUS
743 NTAPI
744 LsaFreeReturnBuffer(
745 _In_ PVOID Buffer);
746
747 #ifndef _NTLSA_IFS_
748 #define _NTLSA_IFS_
749 #endif
750
751 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
752 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
753 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
754
755 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
756 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
757
758 #define MSV1_0_CHALLENGE_LENGTH 8
759 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
760 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
761
762 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
763 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
764 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
765 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
766 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
767 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
768 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
769 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
770 #define MSV1_0_RETURN_PROFILE_PATH 0x200
771 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
772 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
773
774 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
775 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
776
777 #if (_WIN32_WINNT >= 0x0502)
778 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
779 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
780 #endif
781
782 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
783 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
784
785 #if (_WIN32_WINNT >= 0x0600)
786 #define MSV1_0_S4U2SELF 0x00020000
787 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
788 #endif
789
790 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
791 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
792 #define MSV1_0_MNS_LOGON 0x01000000
793
794 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
795 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
796
797 #define LOGON_GUEST 0x01
798 #define LOGON_NOENCRYPTION 0x02
799 #define LOGON_CACHED_ACCOUNT 0x04
800 #define LOGON_USED_LM_PASSWORD 0x08
801 #define LOGON_EXTRA_SIDS 0x20
802 #define LOGON_SUBAUTH_SESSION_KEY 0x40
803 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
804 #define LOGON_NTLMV2_ENABLED 0x100
805 #define LOGON_RESOURCE_GROUPS 0x200
806 #define LOGON_PROFILE_PATH_RETURNED 0x400
807 #define LOGON_NT_V2 0x800
808 #define LOGON_LM_V2 0x1000
809 #define LOGON_NTLM_V2 0x2000
810
811 #if (_WIN32_WINNT >= 0x0600)
812
813 #define LOGON_OPTIMIZED 0x4000
814 #define LOGON_WINLOGON 0x8000
815 #define LOGON_PKINIT 0x10000
816 #define LOGON_NO_OPTIMIZED 0x20000
817
818 #endif
819
820 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
821
822 #define LOGON_GRACE_LOGON 0x01000000
823
824 #define MSV1_0_OWF_PASSWORD_LENGTH 16
825 #define MSV1_0_CRED_LM_PRESENT 0x1
826 #define MSV1_0_CRED_NT_PRESENT 0x2
827 #define MSV1_0_CRED_VERSION 0
828
829 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
830 #define MSV1_0_NTLM3_OWF_LENGTH 16
831
832 #if (_WIN32_WINNT == 0x0500)
833 #define MSV1_0_MAX_NTLM3_LIFE 1800
834 #else
835 #define MSV1_0_MAX_NTLM3_LIFE 129600
836 #endif
837 #define MSV1_0_MAX_AVL_SIZE 64000
838
839 #if (_WIN32_WINNT >= 0x0501)
840
841 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
842
843 #if (_WIN32_WINNT >= 0x0600)
844 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
845 #endif
846
847 #endif
848
849 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
850
851 #if(_WIN32_WINNT >= 0x0502)
852 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
853 #endif
854
855 #define USE_PRIMARY_PASSWORD 0x01
856 #define RETURN_PRIMARY_USERNAME 0x02
857 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
858 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
859 #define GENERATE_CLIENT_CHALLENGE 0x10
860 #define GCR_NTLM3_PARMS 0x20
861 #define GCR_TARGET_INFO 0x40
862 #define RETURN_RESERVED_PARAMETER 0x80
863 #define GCR_ALLOW_NTLM 0x100
864 #define GCR_USE_OEM_SET 0x200
865 #define GCR_MACHINE_CREDENTIAL 0x400
866 #define GCR_USE_OWF_PASSWORD 0x800
867 #define GCR_ALLOW_LM 0x1000
868 #define GCR_ALLOW_NO_TARGET 0x2000
869
870 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
871 MsV1_0InteractiveLogon = 2,
872 MsV1_0Lm20Logon,
873 MsV1_0NetworkLogon,
874 MsV1_0SubAuthLogon,
875 MsV1_0WorkstationUnlockLogon = 7,
876 MsV1_0S4ULogon = 12,
877 MsV1_0VirtualLogon = 82
878 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
879
880 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
881 MsV1_0InteractiveProfile = 2,
882 MsV1_0Lm20LogonProfile,
883 MsV1_0SmartCardProfile
884 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
885
886 typedef struct _MSV1_0_INTERACTIVE_LOGON {
887 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
888 UNICODE_STRING LogonDomainName;
889 UNICODE_STRING UserName;
890 UNICODE_STRING Password;
891 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
892
893 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
894 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
895 USHORT LogonCount;
896 USHORT BadPasswordCount;
897 LARGE_INTEGER LogonTime;
898 LARGE_INTEGER LogoffTime;
899 LARGE_INTEGER KickOffTime;
900 LARGE_INTEGER PasswordLastSet;
901 LARGE_INTEGER PasswordCanChange;
902 LARGE_INTEGER PasswordMustChange;
903 UNICODE_STRING LogonScript;
904 UNICODE_STRING HomeDirectory;
905 UNICODE_STRING FullName;
906 UNICODE_STRING ProfilePath;
907 UNICODE_STRING HomeDirectoryDrive;
908 UNICODE_STRING LogonServer;
909 ULONG UserFlags;
910 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
911
912 typedef struct _MSV1_0_LM20_LOGON {
913 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
914 UNICODE_STRING LogonDomainName;
915 UNICODE_STRING UserName;
916 UNICODE_STRING Workstation;
917 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
918 STRING CaseSensitiveChallengeResponse;
919 STRING CaseInsensitiveChallengeResponse;
920 ULONG ParameterControl;
921 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
922
923 typedef struct _MSV1_0_SUBAUTH_LOGON {
924 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
925 UNICODE_STRING LogonDomainName;
926 UNICODE_STRING UserName;
927 UNICODE_STRING Workstation;
928 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
929 STRING AuthenticationInfo1;
930 STRING AuthenticationInfo2;
931 ULONG ParameterControl;
932 ULONG SubAuthPackageId;
933 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
934
935 #if (_WIN32_WINNT >= 0x0600)
936
937 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
938
939 typedef struct _MSV1_0_S4U_LOGON {
940 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
941 ULONG Flags;
942 UNICODE_STRING UserPrincipalName;
943 UNICODE_STRING DomainName;
944 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
945
946 #endif
947
948 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
949 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
950 LARGE_INTEGER KickOffTime;
951 LARGE_INTEGER LogoffTime;
952 ULONG UserFlags;
953 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
954 UNICODE_STRING LogonDomainName;
955 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
956 UNICODE_STRING LogonServer;
957 UNICODE_STRING UserParameters;
958 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
959
960 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
961 ULONG Version;
962 ULONG Flags;
963 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
964 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
965 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
966
967 typedef struct _MSV1_0_NTLM3_RESPONSE {
968 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
969 UCHAR RespType;
970 UCHAR HiRespType;
971 USHORT Flags;
972 ULONG MsgWord;
973 ULONGLONG TimeStamp;
974 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
975 ULONG AvPairsOff;
976 UCHAR Buffer[1];
977 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
978
979 typedef enum _MSV1_0_AVID {
980 MsvAvEOL,
981 MsvAvNbComputerName,
982 MsvAvNbDomainName,
983 MsvAvDnsComputerName,
984 MsvAvDnsDomainName,
985 #if (_WIN32_WINNT >= 0x0501)
986 MsvAvDnsTreeName,
987 MsvAvFlags,
988 #if (_WIN32_WINNT >= 0x0600)
989 MsvAvTimestamp,
990 MsvAvRestrictions,
991 MsvAvTargetName,
992 MsvAvChannelBindings,
993 #endif
994 #endif
995 } MSV1_0_AVID;
996
997 typedef struct _MSV1_0_AV_PAIR {
998 USHORT AvId;
999 USHORT AvLen;
1000 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
1001
1002 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
1003 MsV1_0Lm20ChallengeRequest = 0,
1004 MsV1_0Lm20GetChallengeResponse,
1005 MsV1_0EnumerateUsers,
1006 MsV1_0GetUserInfo,
1007 MsV1_0ReLogonUsers,
1008 MsV1_0ChangePassword,
1009 MsV1_0ChangeCachedPassword,
1010 MsV1_0GenericPassthrough,
1011 MsV1_0CacheLogon,
1012 MsV1_0SubAuth,
1013 MsV1_0DeriveCredential,
1014 MsV1_0CacheLookup,
1015 #if (_WIN32_WINNT >= 0x0501)
1016 MsV1_0SetProcessOption,
1017 #endif
1018 #if (_WIN32_WINNT >= 0x0600)
1019 MsV1_0ConfigLocalAliases,
1020 MsV1_0ClearCachedCredentials,
1021 #endif
1022 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
1023
1024 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
1025 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1026 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
1027
1028 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
1029 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1030 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1031 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
1032
1033 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
1034 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1035 ULONG ParameterControl;
1036 LUID LogonId;
1037 UNICODE_STRING Password;
1038 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1039 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
1040
1041 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
1042 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1043 ULONG ParameterControl;
1044 LUID LogonId;
1045 UNICODE_STRING Password;
1046 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1047 UNICODE_STRING UserName;
1048 UNICODE_STRING LogonDomainName;
1049 UNICODE_STRING ServerName;
1050 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
1051
1052 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
1053 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1054 STRING CaseSensitiveChallengeResponse;
1055 STRING CaseInsensitiveChallengeResponse;
1056 UNICODE_STRING UserName;
1057 UNICODE_STRING LogonDomainName;
1058 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1059 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1060 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
1061
1062 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
1063 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1064 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
1065
1066 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
1067 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1068 ULONG NumberOfLoggedOnUsers;
1069 PLUID LogonIds;
1070 PULONG EnumHandles;
1071 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
1072
1073 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
1074 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1075 LUID LogonId;
1076 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
1077
1078 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
1079 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1080 PSID UserSid;
1081 UNICODE_STRING UserName;
1082 UNICODE_STRING LogonDomainName;
1083 UNICODE_STRING LogonServer;
1084 SECURITY_LOGON_TYPE LogonType;
1085 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
1086
1087 $include (iotypes.h)
1088
1089 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
1090 ULONG Attributes;
1091 ACCESS_MASK GrantedAccess;
1092 ULONG HandleCount;
1093 ULONG PointerCount;
1094 ULONG Reserved[10];
1095 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
1096
1097 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
1098 UNICODE_STRING TypeName;
1099 ULONG Reserved [22];
1100 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
1101
1102 #define SYSTEM_PAGE_PRIORITY_BITS 3
1103 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
1104
1105 $include (ketypes.h)
1106 $include (kefuncs.h)
1107 $include (extypes.h)
1108 $include (exfuncs.h)
1109 $include (sefuncs.h)
1110 $include (psfuncs.h)
1111 $include (iofuncs.h)
1112 $include (potypes.h)
1113 $include (pofuncs.h)
1114 $include (mmtypes.h)
1115 $include (mmfuncs.h)
1116 $include (obfuncs.h)
1117 $include (fsrtltypes.h)
1118 $include (fsrtlfuncs.h)
1119 $include (cctypes.h)
1120 $include (ccfuncs.h)
1121 $include (zwfuncs.h)
1122 $include (sspi.h)
1123
1124 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
1125 #if defined(_WIN64)
1126 C_ASSERT(sizeof(ERESOURCE) == 0x68);
1127 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
1128 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
1129 #else
1130 C_ASSERT(sizeof(ERESOURCE) == 0x38);
1131 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
1132 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
1133 #endif
1134 /* #endif */
1135
1136 #if defined(_IA64_)
1137 #if (NTDDI_VERSION >= NTDDI_WIN2K)
1138 //DECLSPEC_DEPRECATED_DDK
1139 NTHALAPI
1140 ULONG
1141 NTAPI
1142 HalGetDmaAlignmentRequirement(
1143 VOID);
1144 #endif
1145 #endif
1146
1147 #if defined(_M_IX86) || defined(_M_AMD64)
1148 #define HalGetDmaAlignmentRequirement() 1L
1149 #endif
1150
1151 extern NTKERNELAPI PUSHORT NlsOemLeadByteInfo;
1152 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
1153
1154 #ifdef NLS_MB_CODE_PAGE_TAG
1155 #undef NLS_MB_CODE_PAGE_TAG
1156 #endif
1157 #define NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag
1158
1159 #if (NTDDI_VERSION >= NTDDI_VISTA)
1160
1161 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
1162 NetworkOpenLocationAny,
1163 NetworkOpenLocationRemote,
1164 NetworkOpenLocationLoopback
1165 } NETWORK_OPEN_LOCATION_QUALIFIER;
1166
1167 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
1168 NetworkOpenIntegrityAny,
1169 NetworkOpenIntegrityNone,
1170 NetworkOpenIntegritySigned,
1171 NetworkOpenIntegrityEncrypted,
1172 NetworkOpenIntegrityMaximum
1173 } NETWORK_OPEN_INTEGRITY_QUALIFIER;
1174
1175 #if (NTDDI_VERSION >= NTDDI_WIN7)
1176
1177 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
1178 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
1179 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
1180
1181 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1182 USHORT Size;
1183 USHORT Reserved;
1184 _ANONYMOUS_STRUCT struct {
1185 struct {
1186 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1187 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1188 ULONG Flags;
1189 } in;
1190 struct {
1191 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1192 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1193 ULONG Flags;
1194 } out;
1195 } DUMMYSTRUCTNAME;
1196 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1197
1198 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
1199 USHORT Size;
1200 USHORT Reserved;
1201 _ANONYMOUS_STRUCT struct {
1202 struct {
1203 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1204 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1205 } in;
1206 struct {
1207 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1208 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1209 } out;
1210 } DUMMYSTRUCTNAME;
1211 } NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
1212
1213 #elif (NTDDI_VERSION >= NTDDI_VISTA)
1214 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1215 USHORT Size;
1216 USHORT Reserved;
1217 _ANONYMOUS_STRUCT struct {
1218 struct {
1219 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1220 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1221 } in;
1222 struct {
1223 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1224 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1225 } out;
1226 } DUMMYSTRUCTNAME;
1227 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1228 #endif
1229
1230 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
1231
1232 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1233
1234
1235 #if (NTDDI_VERSION >= NTDDI_VISTA)
1236
1237 typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
1238 PVOID Context;
1239 } PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
1240
1241 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
1242
1243 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1244
1245 #if (NTDDI_VERSION >= NTDDI_WIN7)
1246
1247 DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
1248 DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
1249
1250 typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
1251
1252 typedef struct _NFS_OPEN_ECP_CONTEXT {
1253 PUNICODE_STRING ExportAlias;
1254 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
1255 } NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
1256
1257 typedef struct _SRV_OPEN_ECP_CONTEXT {
1258 PUNICODE_STRING ShareName;
1259 PSOCKADDR_STORAGE_NFS SocketAddress;
1260 BOOLEAN OplockBlockState;
1261 BOOLEAN OplockAppState;
1262 BOOLEAN OplockFinalState;
1263 } SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
1264
1265 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1266
1267 #define PIN_WAIT (1)
1268 #define PIN_EXCLUSIVE (2)
1269 #define PIN_NO_READ (4)
1270 #define PIN_IF_BCB (8)
1271 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
1272 #define PIN_HIGH_PRIORITY (64)
1273
1274 #define MAP_WAIT 1
1275 #define MAP_NO_READ (16)
1276 #define MAP_HIGH_PRIORITY (64)
1277
1278 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
1279 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
1280
1281 typedef struct _QUERY_PATH_REQUEST {
1282 ULONG PathNameLength;
1283 PIO_SECURITY_CONTEXT SecurityContext;
1284 WCHAR FilePathName[1];
1285 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
1286
1287 typedef struct _QUERY_PATH_REQUEST_EX {
1288 PIO_SECURITY_CONTEXT pSecurityContext;
1289 ULONG EaLength;
1290 PVOID pEaBuffer;
1291 UNICODE_STRING PathName;
1292 UNICODE_STRING DomainServiceName;
1293 ULONG_PTR Reserved[ 3 ];
1294 } QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
1295
1296 typedef struct _QUERY_PATH_RESPONSE {
1297 ULONG LengthAccepted;
1298 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
1299
1300 #define VOLSNAPCONTROLTYPE 0x00000053
1301 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
1302
1303 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
1304 #pragma pack(push,4)
1305
1306 #ifndef VER_PRODUCTBUILD
1307 #define VER_PRODUCTBUILD 10000
1308 #endif
1309
1310 #include "csq.h"
1311
1312 #define FS_LFN_APIS 0x00004000
1313
1314 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
1315 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
1316 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
1317 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
1318 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
1319 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
1320 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
1321 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
1322 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
1323 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
1324 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
1325 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
1326 #define FILE_STORAGE_TYPE_MASK 0x000f0000
1327 #define FILE_STORAGE_TYPE_SHIFT 16
1328
1329 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
1330
1331 #ifdef _X86_
1332 #define HARDWARE_PTE HARDWARE_PTE_X86
1333 #define PHARDWARE_PTE PHARDWARE_PTE_X86
1334 #endif
1335
1336 #define IO_ATTACH_DEVICE_API 0x80000000
1337
1338 #define IO_TYPE_APC 18
1339 #define IO_TYPE_DPC 19
1340 #define IO_TYPE_DEVICE_QUEUE 20
1341 #define IO_TYPE_EVENT_PAIR 21
1342 #define IO_TYPE_INTERRUPT 22
1343 #define IO_TYPE_PROFILE 23
1344
1345 #define IRP_BEING_VERIFIED 0x10
1346
1347 #define MAILSLOT_CLASS_FIRSTCLASS 1
1348 #define MAILSLOT_CLASS_SECONDCLASS 2
1349
1350 #define MAILSLOT_SIZE_AUTO 0
1351
1352 #define MEM_DOS_LIM 0x40000000
1353
1354 #define OB_TYPE_TYPE 1
1355 #define OB_TYPE_DIRECTORY 2
1356 #define OB_TYPE_SYMBOLIC_LINK 3
1357 #define OB_TYPE_TOKEN 4
1358 #define OB_TYPE_PROCESS 5
1359 #define OB_TYPE_THREAD 6
1360 #define OB_TYPE_EVENT 7
1361 #define OB_TYPE_EVENT_PAIR 8
1362 #define OB_TYPE_MUTANT 9
1363 #define OB_TYPE_SEMAPHORE 10
1364 #define OB_TYPE_TIMER 11
1365 #define OB_TYPE_PROFILE 12
1366 #define OB_TYPE_WINDOW_STATION 13
1367 #define OB_TYPE_DESKTOP 14
1368 #define OB_TYPE_SECTION 15
1369 #define OB_TYPE_KEY 16
1370 #define OB_TYPE_PORT 17
1371 #define OB_TYPE_ADAPTER 18
1372 #define OB_TYPE_CONTROLLER 19
1373 #define OB_TYPE_DEVICE 20
1374 #define OB_TYPE_DRIVER 21
1375 #define OB_TYPE_IO_COMPLETION 22
1376 #define OB_TYPE_FILE 23
1377
1378 #define SEC_BASED 0x00200000
1379
1380 /* end winnt.h */
1381
1382 #define TOKEN_HAS_ADMIN_GROUP 0x08
1383
1384 #if (VER_PRODUCTBUILD >= 1381)
1385 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
1386 #endif /* (VER_PRODUCTBUILD >= 1381) */
1387
1388 #if (VER_PRODUCTBUILD >= 2195)
1389
1390 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
1391 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
1392
1393 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
1394
1395 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
1396 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
1397 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
1398 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
1399 #endif /* (VER_PRODUCTBUILD >= 2195) */
1400
1401 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
1402 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
1403 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
1404 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
1405 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
1406 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
1407 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
1408 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
1409
1410 typedef enum _FILE_STORAGE_TYPE {
1411 StorageTypeDefault = 1,
1412 StorageTypeDirectory,
1413 StorageTypeFile,
1414 StorageTypeJunctionPoint,
1415 StorageTypeCatalog,
1416 StorageTypeStructuredStorage,
1417 StorageTypeEmbedding,
1418 StorageTypeStream
1419 } FILE_STORAGE_TYPE;
1420
1421 typedef struct _OBJECT_BASIC_INFORMATION
1422 {
1423 ULONG Attributes;
1424 ACCESS_MASK GrantedAccess;
1425 ULONG HandleCount;
1426 ULONG PointerCount;
1427 ULONG PagedPoolCharge;
1428 ULONG NonPagedPoolCharge;
1429 ULONG Reserved[ 3 ];
1430 ULONG NameInfoSize;
1431 ULONG TypeInfoSize;
1432 ULONG SecurityDescriptorSize;
1433 LARGE_INTEGER CreationTime;
1434 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
1435
1436 typedef struct _BITMAP_RANGE {
1437 LIST_ENTRY Links;
1438 LONGLONG BasePage;
1439 ULONG FirstDirtyPage;
1440 ULONG LastDirtyPage;
1441 ULONG DirtyPages;
1442 PULONG Bitmap;
1443 } BITMAP_RANGE, *PBITMAP_RANGE;
1444
1445 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
1446 BOOLEAN ReplaceIfExists;
1447 HANDLE RootDirectory;
1448 ULONG FileNameLength;
1449 WCHAR FileName[1];
1450 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
1451
1452 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
1453 ULONG NextEntryOffset;
1454 ULONG FileIndex;
1455 LARGE_INTEGER CreationTime;
1456 LARGE_INTEGER LastAccessTime;
1457 LARGE_INTEGER LastWriteTime;
1458 LARGE_INTEGER ChangeTime;
1459 LARGE_INTEGER EndOfFile;
1460 LARGE_INTEGER AllocationSize;
1461 ULONG FileAttributes;
1462 ULONG FileNameLength;
1463 ULONG EaSize;
1464 WCHAR FileName[ANYSIZE_ARRAY];
1465 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
1466
1467 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1468 typedef struct _FILE_SHARED_LOCK_ENTRY {
1469 PVOID Unknown1;
1470 PVOID Unknown2;
1471 FILE_LOCK_INFO FileLock;
1472 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
1473
1474 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1475 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
1476 LIST_ENTRY ListEntry;
1477 PVOID Unknown1;
1478 PVOID Unknown2;
1479 FILE_LOCK_INFO FileLock;
1480 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
1481
1482 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
1483 ULONG ReadDataAvailable;
1484 ULONG NumberOfMessages;
1485 ULONG MessageLength;
1486 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
1487
1488 typedef struct _FILE_OLE_CLASSID_INFORMATION {
1489 GUID ClassId;
1490 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
1491
1492 typedef struct _FILE_OLE_ALL_INFORMATION {
1493 FILE_BASIC_INFORMATION BasicInformation;
1494 FILE_STANDARD_INFORMATION StandardInformation;
1495 FILE_INTERNAL_INFORMATION InternalInformation;
1496 FILE_EA_INFORMATION EaInformation;
1497 FILE_ACCESS_INFORMATION AccessInformation;
1498 FILE_POSITION_INFORMATION PositionInformation;
1499 FILE_MODE_INFORMATION ModeInformation;
1500 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1501 USN LastChangeUsn;
1502 USN ReplicationUsn;
1503 LARGE_INTEGER SecurityChangeTime;
1504 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1505 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1506 FILE_STORAGE_TYPE StorageType;
1507 ULONG OleStateBits;
1508 ULONG OleId;
1509 ULONG NumberOfStreamReferences;
1510 ULONG StreamIndex;
1511 ULONG SecurityId;
1512 BOOLEAN ContentIndexDisable;
1513 BOOLEAN InheritContentIndexDisable;
1514 FILE_NAME_INFORMATION NameInformation;
1515 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
1516
1517 typedef struct _FILE_OLE_DIR_INFORMATION {
1518 ULONG NextEntryOffset;
1519 ULONG FileIndex;
1520 LARGE_INTEGER CreationTime;
1521 LARGE_INTEGER LastAccessTime;
1522 LARGE_INTEGER LastWriteTime;
1523 LARGE_INTEGER ChangeTime;
1524 LARGE_INTEGER EndOfFile;
1525 LARGE_INTEGER AllocationSize;
1526 ULONG FileAttributes;
1527 ULONG FileNameLength;
1528 FILE_STORAGE_TYPE StorageType;
1529 GUID OleClassId;
1530 ULONG OleStateBits;
1531 BOOLEAN ContentIndexDisable;
1532 BOOLEAN InheritContentIndexDisable;
1533 WCHAR FileName[1];
1534 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
1535
1536 typedef struct _FILE_OLE_INFORMATION {
1537 LARGE_INTEGER SecurityChangeTime;
1538 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1539 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1540 FILE_STORAGE_TYPE StorageType;
1541 ULONG OleStateBits;
1542 BOOLEAN ContentIndexDisable;
1543 BOOLEAN InheritContentIndexDisable;
1544 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
1545
1546 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
1547 ULONG StateBits;
1548 ULONG StateBitsMask;
1549 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
1550
1551 typedef struct _MAPPING_PAIR {
1552 ULONGLONG Vcn;
1553 ULONGLONG Lcn;
1554 } MAPPING_PAIR, *PMAPPING_PAIR;
1555
1556 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
1557 ULONG NumberOfPairs;
1558 ULONGLONG StartVcn;
1559 MAPPING_PAIR Pair[1];
1560 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
1561
1562 typedef struct _MBCB {
1563 CSHORT NodeTypeCode;
1564 CSHORT NodeIsInZone;
1565 ULONG PagesToWrite;
1566 ULONG DirtyPages;
1567 ULONG Reserved;
1568 LIST_ENTRY BitmapRanges;
1569 LONGLONG ResumeWritePage;
1570 BITMAP_RANGE BitmapRange1;
1571 BITMAP_RANGE BitmapRange2;
1572 BITMAP_RANGE BitmapRange3;
1573 } MBCB, *PMBCB;
1574
1575 typedef struct _MOVEFILE_DESCRIPTOR {
1576 HANDLE FileHandle;
1577 ULONG Reserved;
1578 LARGE_INTEGER StartVcn;
1579 LARGE_INTEGER TargetLcn;
1580 ULONG NumVcns;
1581 ULONG Reserved1;
1582 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
1583
1584 typedef struct _OBJECT_BASIC_INFO {
1585 ULONG Attributes;
1586 ACCESS_MASK GrantedAccess;
1587 ULONG HandleCount;
1588 ULONG ReferenceCount;
1589 ULONG PagedPoolUsage;
1590 ULONG NonPagedPoolUsage;
1591 ULONG Reserved[3];
1592 ULONG NameInformationLength;
1593 ULONG TypeInformationLength;
1594 ULONG SecurityDescriptorLength;
1595 LARGE_INTEGER CreateTime;
1596 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
1597
1598 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
1599 BOOLEAN Inherit;
1600 BOOLEAN ProtectFromClose;
1601 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
1602
1603 typedef struct _OBJECT_NAME_INFO {
1604 UNICODE_STRING ObjectName;
1605 WCHAR ObjectNameBuffer[1];
1606 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
1607
1608 typedef struct _OBJECT_PROTECTION_INFO {
1609 BOOLEAN Inherit;
1610 BOOLEAN ProtectHandle;
1611 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
1612
1613 typedef struct _OBJECT_TYPE_INFO {
1614 UNICODE_STRING ObjectTypeName;
1615 UCHAR Unknown[0x58];
1616 WCHAR ObjectTypeNameBuffer[1];
1617 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
1618
1619 typedef struct _OBJECT_ALL_TYPES_INFO {
1620 ULONG NumberOfObjectTypes;
1621 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
1622 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
1623
1624 #if defined(USE_LPC6432)
1625 #define LPC_CLIENT_ID CLIENT_ID64
1626 #define LPC_SIZE_T ULONGLONG
1627 #define LPC_PVOID ULONGLONG
1628 #define LPC_HANDLE ULONGLONG
1629 #else
1630 #define LPC_CLIENT_ID CLIENT_ID
1631 #define LPC_SIZE_T SIZE_T
1632 #define LPC_PVOID PVOID
1633 #define LPC_HANDLE HANDLE
1634 #endif
1635
1636 typedef struct _PORT_MESSAGE
1637 {
1638 union
1639 {
1640 struct
1641 {
1642 CSHORT DataLength;
1643 CSHORT TotalLength;
1644 } s1;
1645 ULONG Length;
1646 } u1;
1647 union
1648 {
1649 struct
1650 {
1651 CSHORT Type;
1652 CSHORT DataInfoOffset;
1653 } s2;
1654 ULONG ZeroInit;
1655 } u2;
1656 __GNU_EXTENSION union
1657 {
1658 LPC_CLIENT_ID ClientId;
1659 double DoNotUseThisField;
1660 };
1661 ULONG MessageId;
1662 __GNU_EXTENSION union
1663 {
1664 LPC_SIZE_T ClientViewSize;
1665 ULONG CallbackId;
1666 };
1667 } PORT_MESSAGE, *PPORT_MESSAGE;
1668
1669 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1670
1671 typedef struct _PORT_VIEW
1672 {
1673 ULONG Length;
1674 LPC_HANDLE SectionHandle;
1675 ULONG SectionOffset;
1676 LPC_SIZE_T ViewSize;
1677 LPC_PVOID ViewBase;
1678 LPC_PVOID ViewRemoteBase;
1679 } PORT_VIEW, *PPORT_VIEW;
1680
1681 typedef struct _REMOTE_PORT_VIEW
1682 {
1683 ULONG Length;
1684 LPC_SIZE_T ViewSize;
1685 LPC_PVOID ViewBase;
1686 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
1687
1688 typedef struct _VAD_HEADER {
1689 PVOID StartVPN;
1690 PVOID EndVPN;
1691 struct _VAD_HEADER* ParentLink;
1692 struct _VAD_HEADER* LeftLink;
1693 struct _VAD_HEADER* RightLink;
1694 ULONG Flags; /* LSB = CommitCharge */
1695 PVOID ControlArea;
1696 PVOID FirstProtoPte;
1697 PVOID LastPTE;
1698 ULONG Unknown;
1699 LIST_ENTRY Secured;
1700 } VAD_HEADER, *PVAD_HEADER;
1701
1702 NTKERNELAPI
1703 LARGE_INTEGER
1704 NTAPI
1705 CcGetLsnForFileObject (
1706 IN PFILE_OBJECT FileObject,
1707 OUT PLARGE_INTEGER OldestLsn OPTIONAL
1708 );
1709
1710 NTKERNELAPI
1711 PVOID
1712 NTAPI
1713 FsRtlAllocatePool (
1714 IN POOL_TYPE PoolType,
1715 IN ULONG NumberOfBytes
1716 );
1717
1718 NTKERNELAPI
1719 PVOID
1720 NTAPI
1721 FsRtlAllocatePoolWithQuota (
1722 IN POOL_TYPE PoolType,
1723 IN ULONG NumberOfBytes
1724 );
1725
1726 NTKERNELAPI
1727 PVOID
1728 NTAPI
1729 FsRtlAllocatePoolWithQuotaTag (
1730 IN POOL_TYPE PoolType,
1731 IN ULONG NumberOfBytes,
1732 IN ULONG Tag
1733 );
1734
1735 NTKERNELAPI
1736 PVOID
1737 NTAPI
1738 FsRtlAllocatePoolWithTag (
1739 IN POOL_TYPE PoolType,
1740 IN ULONG NumberOfBytes,
1741 IN ULONG Tag
1742 );
1743
1744 NTKERNELAPI
1745 BOOLEAN
1746 NTAPI
1747 FsRtlMdlReadComplete (
1748 IN PFILE_OBJECT FileObject,
1749 IN PMDL MdlChain
1750 );
1751
1752 NTKERNELAPI
1753 BOOLEAN
1754 NTAPI
1755 FsRtlMdlWriteComplete (
1756 IN PFILE_OBJECT FileObject,
1757 IN PLARGE_INTEGER FileOffset,
1758 IN PMDL MdlChain
1759 );
1760
1761 NTKERNELAPI
1762 VOID
1763 NTAPI
1764 FsRtlNotifyChangeDirectory (
1765 IN PNOTIFY_SYNC NotifySync,
1766 IN PVOID FsContext,
1767 IN PSTRING FullDirectoryName,
1768 IN PLIST_ENTRY NotifyList,
1769 IN BOOLEAN WatchTree,
1770 IN ULONG CompletionFilter,
1771 IN PIRP NotifyIrp
1772 );
1773
1774 NTKERNELAPI
1775 NTSTATUS
1776 NTAPI
1777 ObCreateObject (
1778 IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL,
1779 IN POBJECT_TYPE ObjectType,
1780 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
1781 IN KPROCESSOR_MODE AccessMode,
1782 IN OUT PVOID ParseContext OPTIONAL,
1783 IN ULONG ObjectSize,
1784 IN ULONG PagedPoolCharge OPTIONAL,
1785 IN ULONG NonPagedPoolCharge OPTIONAL,
1786 OUT PVOID *Object
1787 );
1788
1789 NTKERNELAPI
1790 ULONG
1791 NTAPI
1792 ObGetObjectPointerCount (
1793 IN PVOID Object
1794 );
1795
1796 NTKERNELAPI
1797 NTSTATUS
1798 NTAPI
1799 ObReferenceObjectByName (
1800 IN PUNICODE_STRING ObjectName,
1801 IN ULONG Attributes,
1802 IN PACCESS_STATE PassedAccessState OPTIONAL,
1803 IN ACCESS_MASK DesiredAccess OPTIONAL,
1804 IN POBJECT_TYPE ObjectType,
1805 IN KPROCESSOR_MODE AccessMode,
1806 IN OUT PVOID ParseContext OPTIONAL,
1807 OUT PVOID *Object
1808 );
1809
1810 #define PsDereferenceImpersonationToken(T) \
1811 {if (ARGUMENT_PRESENT(T)) { \
1812 (ObDereferenceObject((T))); \
1813 } else { \
1814 ; \
1815 } \
1816 }
1817
1818 NTKERNELAPI
1819 NTSTATUS
1820 NTAPI
1821 PsLookupProcessThreadByCid (
1822 IN PCLIENT_ID Cid,
1823 OUT PEPROCESS *Process OPTIONAL,
1824 OUT PETHREAD *Thread
1825 );
1826
1827 NTSYSAPI
1828 NTSTATUS
1829 NTAPI
1830 RtlSetSaclSecurityDescriptor (
1831 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
1832 IN BOOLEAN SaclPresent,
1833 IN PACL Sacl,
1834 IN BOOLEAN SaclDefaulted
1835 );
1836
1837 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
1838
1839 #if (VER_PRODUCTBUILD >= 2195)
1840
1841 NTSYSAPI
1842 NTSTATUS
1843 NTAPI
1844 ZwAdjustPrivilegesToken (
1845 IN HANDLE TokenHandle,
1846 IN BOOLEAN DisableAllPrivileges,
1847 IN PTOKEN_PRIVILEGES NewState,
1848 IN ULONG BufferLength,
1849 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
1850 OUT PULONG ReturnLength
1851 );
1852
1853 #endif /* (VER_PRODUCTBUILD >= 2195) */
1854
1855 NTSYSAPI
1856 NTSTATUS
1857 NTAPI
1858 ZwAlertThread (
1859 IN HANDLE ThreadHandle
1860 );
1861
1862 NTSYSAPI
1863 NTSTATUS
1864 NTAPI
1865 ZwAccessCheckAndAuditAlarm (
1866 IN PUNICODE_STRING SubsystemName,
1867 IN PVOID HandleId,
1868 IN PUNICODE_STRING ObjectTypeName,
1869 IN PUNICODE_STRING ObjectName,
1870 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1871 IN ACCESS_MASK DesiredAccess,
1872 IN PGENERIC_MAPPING GenericMapping,
1873 IN BOOLEAN ObjectCreation,
1874 OUT PACCESS_MASK GrantedAccess,
1875 OUT PBOOLEAN AccessStatus,
1876 OUT PBOOLEAN GenerateOnClose
1877 );
1878
1879 #if (VER_PRODUCTBUILD >= 2195)
1880
1881 NTSYSAPI
1882 NTSTATUS
1883 NTAPI
1884 ZwCancelIoFile (
1885 IN HANDLE FileHandle,
1886 OUT PIO_STATUS_BLOCK IoStatusBlock
1887 );
1888
1889 #endif /* (VER_PRODUCTBUILD >= 2195) */
1890
1891 NTSYSAPI
1892 NTSTATUS
1893 NTAPI
1894 ZwClearEvent (
1895 IN HANDLE EventHandle
1896 );
1897
1898 NTSYSAPI
1899 NTSTATUS
1900 NTAPI
1901 ZwCloseObjectAuditAlarm (
1902 IN PUNICODE_STRING SubsystemName,
1903 IN PVOID HandleId,
1904 IN BOOLEAN GenerateOnClose
1905 );
1906
1907 NTSYSAPI
1908 NTSTATUS
1909 NTAPI
1910 ZwCreateSymbolicLinkObject (
1911 OUT PHANDLE SymbolicLinkHandle,
1912 IN ACCESS_MASK DesiredAccess,
1913 IN POBJECT_ATTRIBUTES ObjectAttributes,
1914 IN PUNICODE_STRING TargetName
1915 );
1916
1917 NTSYSAPI
1918 NTSTATUS
1919 NTAPI
1920 ZwFlushInstructionCache (
1921 IN HANDLE ProcessHandle,
1922 IN PVOID BaseAddress OPTIONAL,
1923 IN ULONG FlushSize
1924 );
1925
1926 NTSYSAPI
1927 NTSTATUS
1928 NTAPI
1929 ZwFlushBuffersFile(
1930 IN HANDLE FileHandle,
1931 OUT PIO_STATUS_BLOCK IoStatusBlock
1932 );
1933
1934 #if (VER_PRODUCTBUILD >= 2195)
1935
1936 NTSYSAPI
1937 NTSTATUS
1938 NTAPI
1939 ZwInitiatePowerAction (
1940 IN POWER_ACTION SystemAction,
1941 IN SYSTEM_POWER_STATE MinSystemState,
1942 IN ULONG Flags,
1943 IN BOOLEAN Asynchronous
1944 );
1945
1946 #endif /* (VER_PRODUCTBUILD >= 2195) */
1947
1948 NTSYSAPI
1949 NTSTATUS
1950 NTAPI
1951 ZwLoadKey (
1952 IN POBJECT_ATTRIBUTES KeyObjectAttributes,
1953 IN POBJECT_ATTRIBUTES FileObjectAttributes
1954 );
1955
1956 NTSYSAPI
1957 NTSTATUS
1958 NTAPI
1959 ZwOpenProcessToken (
1960 IN HANDLE ProcessHandle,
1961 IN ACCESS_MASK DesiredAccess,
1962 OUT PHANDLE TokenHandle
1963 );
1964
1965 NTSYSAPI
1966 NTSTATUS
1967 NTAPI
1968 ZwOpenThread (
1969 OUT PHANDLE ThreadHandle,
1970 IN ACCESS_MASK DesiredAccess,
1971 IN POBJECT_ATTRIBUTES ObjectAttributes,
1972 IN PCLIENT_ID ClientId
1973 );
1974
1975 NTSYSAPI
1976 NTSTATUS
1977 NTAPI
1978 ZwOpenThreadToken (
1979 IN HANDLE ThreadHandle,
1980 IN ACCESS_MASK DesiredAccess,
1981 IN BOOLEAN OpenAsSelf,
1982 OUT PHANDLE TokenHandle
1983 );
1984
1985 NTSYSAPI
1986 NTSTATUS
1987 NTAPI
1988 ZwPulseEvent (
1989 IN HANDLE EventHandle,
1990 OUT PLONG PreviousState OPTIONAL
1991 );
1992
1993 NTSYSAPI
1994 NTSTATUS
1995 NTAPI
1996 ZwQueryDefaultLocale (
1997 IN BOOLEAN ThreadOrSystem,
1998 OUT PLCID Locale
1999 );
2000
2001 #if (VER_PRODUCTBUILD >= 2195)
2002
2003 NTSYSAPI
2004 NTSTATUS
2005 NTAPI
2006 ZwQueryDirectoryObject (
2007 IN HANDLE DirectoryHandle,
2008 OUT PVOID Buffer,
2009 IN ULONG Length,
2010 IN BOOLEAN ReturnSingleEntry,
2011 IN BOOLEAN RestartScan,
2012 IN OUT PULONG Context,
2013 OUT PULONG ReturnLength OPTIONAL
2014 );
2015
2016 #endif /* (VER_PRODUCTBUILD >= 2195) */
2017
2018 NTSYSAPI
2019 NTSTATUS
2020 NTAPI
2021 ZwQueryInformationProcess (
2022 IN HANDLE ProcessHandle,
2023 IN PROCESSINFOCLASS ProcessInformationClass,
2024 OUT PVOID ProcessInformation,
2025 IN ULONG ProcessInformationLength,
2026 OUT PULONG ReturnLength OPTIONAL
2027 );
2028
2029 NTSYSAPI
2030 NTSTATUS
2031 NTAPI
2032 ZwReplaceKey (
2033 IN POBJECT_ATTRIBUTES NewFileObjectAttributes,
2034 IN HANDLE KeyHandle,
2035 IN POBJECT_ATTRIBUTES OldFileObjectAttributes
2036 );
2037
2038 NTSYSAPI
2039 NTSTATUS
2040 NTAPI
2041 ZwResetEvent (
2042 IN HANDLE EventHandle,
2043 OUT PLONG PreviousState OPTIONAL
2044 );
2045
2046 #if (VER_PRODUCTBUILD >= 2195)
2047
2048 NTSYSAPI
2049 NTSTATUS
2050 NTAPI
2051 ZwRestoreKey (
2052 IN HANDLE KeyHandle,
2053 IN HANDLE FileHandle,
2054 IN ULONG Flags
2055 );
2056
2057 #endif /* (VER_PRODUCTBUILD >= 2195) */
2058
2059 NTSYSAPI
2060 NTSTATUS
2061 NTAPI
2062 ZwSaveKey (
2063 IN HANDLE KeyHandle,
2064 IN HANDLE FileHandle
2065 );
2066
2067 NTSYSAPI
2068 NTSTATUS
2069 NTAPI
2070 ZwSetDefaultLocale (
2071 IN BOOLEAN ThreadOrSystem,
2072 IN LCID Locale
2073 );
2074
2075 #if (VER_PRODUCTBUILD >= 2195)
2076
2077 NTSYSAPI
2078 NTSTATUS
2079 NTAPI
2080 ZwSetDefaultUILanguage (
2081 IN LANGID LanguageId
2082 );
2083
2084 #endif /* (VER_PRODUCTBUILD >= 2195) */
2085
2086 NTSYSAPI
2087 NTSTATUS
2088 NTAPI
2089 ZwSetInformationProcess (
2090 IN HANDLE ProcessHandle,
2091 IN PROCESSINFOCLASS ProcessInformationClass,
2092 IN PVOID ProcessInformation,
2093 IN ULONG ProcessInformationLength
2094 );
2095
2096 NTSYSAPI
2097 NTSTATUS
2098 NTAPI
2099 ZwSetSystemTime (
2100 IN PLARGE_INTEGER NewTime,
2101 OUT PLARGE_INTEGER OldTime OPTIONAL
2102 );
2103
2104 NTSYSAPI
2105 NTSTATUS
2106 NTAPI
2107 ZwUnloadKey (
2108 IN POBJECT_ATTRIBUTES KeyObjectAttributes
2109 );
2110
2111 NTSYSAPI
2112 NTSTATUS
2113 NTAPI
2114 ZwWaitForMultipleObjects (
2115 IN ULONG HandleCount,
2116 IN PHANDLE Handles,
2117 IN WAIT_TYPE WaitType,
2118 IN BOOLEAN Alertable,
2119 IN PLARGE_INTEGER Timeout OPTIONAL
2120 );
2121
2122 NTSYSAPI
2123 NTSTATUS
2124 NTAPI
2125 ZwYieldExecution (
2126 VOID
2127 );
2128
2129 #pragma pack(pop)
2130
2131 #ifdef __cplusplus
2132 }
2133 #endif
A free Windows-compatible Operating System