1 #ifndef __NTDDK_EX__H__
2 #define __NTDDK_EX__H__
6 #define ASSERT(x) ((void)0)
7 // #define ASSERT(x) if (!(x)) { RtlAssert("#x",__FILE__,__LINE__, ""); }
10 #ifndef FILE_CHARACTERISTIC_PNP_DEVICE // DDK 2003
12 #define FILE_CHARACTERISTIC_PNP_DEVICE 0x00000800
14 typedef enum _SYSTEM_INFORMATION_CLASS
{
15 SystemBasicInformation
,
16 SystemProcessorInformation
,
17 SystemPerformanceInformation
,
18 SystemTimeOfDayInformation
,
19 SystemPathInformation
,
20 SystemProcessInformation
,
21 SystemCallCountInformation
,
22 SystemDeviceInformation
,
23 SystemProcessorPerformanceInformation
,
24 SystemFlagsInformation
,
25 SystemCallTimeInformation
,
26 SystemModuleInformation
,
27 SystemLocksInformation
,
28 SystemStackTraceInformation
,
29 SystemPagedPoolInformation
,
30 SystemNonPagedPoolInformation
,
31 SystemHandleInformation
,
32 SystemObjectInformation
,
33 SystemPageFileInformation
,
34 SystemVdmInstemulInformation
,
35 SystemVdmBopInformation
,
36 SystemFileCacheInformation
,
37 SystemPoolTagInformation
,
38 SystemInterruptInformation
,
39 SystemDpcBehaviorInformation
,
40 SystemFullMemoryInformation
,
41 SystemLoadGdiDriverInformation
,
42 SystemUnloadGdiDriverInformation
,
43 SystemTimeAdjustmentInformation
,
44 SystemSummaryMemoryInformation
,
46 SystemNextEventIdInformation
,
47 SystemEventIdsInformation
,
48 SystemCrashDumpInformation
,
50 SystemMirrorMemoryInformation
,
51 SystemPerformanceTraceInformation
,
54 SystemExceptionInformation
,
55 SystemCrashDumpStateInformation
,
56 SystemKernelDebuggerInformation
,
57 SystemContextSwitchInformation
,
58 SystemRegistryQuotaInformation
,
59 SystemExtendServiceTableInformation
,
60 SystemPrioritySeperation
,
61 SystemPlugPlayBusInformation
,
62 SystemDockInformation
,
64 SystemPowerInformationNative
,
65 #elif defined IRP_MN_START_DEVICE
66 SystemPowerInformationInfo
,
68 SystemPowerInformation
,
70 SystemProcessorSpeedInformation
,
71 SystemCurrentTimeZoneInformation
,
72 SystemLookasideInformation
,
74 SystemTimeSlipNotification
,
77 SystemSessionInformation
,
78 SystemRangeStartInformation
,
79 SystemVerifierInformation
,
81 SystemSessionProcessesInformation
,
82 SystemLoadGdiDriverInSystemSpaceInformation
,
83 SystemNumaProcessorMap
,
84 SystemPrefetcherInformation
,
85 SystemExtendedProcessInformation
,
86 SystemRecommendedSharedDataAlignment
,
88 SystemNumaAvailableMemory
,
89 SystemProcessorPowerInformation
,
90 SystemEmulationBasicInformation
,
91 SystemEmulationProcessorInformation
,
92 SystemExtendedHanfleInformation
,
93 SystemLostDelayedWriteInformation
,
94 SystemBigPoolInformation
,
95 SystemSessionPoolTagInformation
,
96 SystemSessionMappedViewInformation
,
97 SystemHotpatchInformation
,
98 SystemObjectSecurityMode
,
99 SystemWatchDogTimerHandler
,
100 SystemWatchDogTimerInformation
,
101 SystemLogicalProcessorInformation
,
102 SystemWo64SharedInformationObosolete
,
103 SystemRegisterFirmwareTableInformationHandler
,
104 SystemFirmwareTableInformation
,
105 SystemModuleInformationEx
,
106 SystemVerifierTriageInformation
,
107 SystemSuperfetchInformation
,
108 SystemMemoryListInformation
,
109 SystemFileCacheInformationEx
,
110 SystemThreadPriorityClientIdInformation
,
111 SystemProcessorIdleCycleTimeInformation
,
112 SystemVerifierCancellationInformation
,
113 SystemProcessorPowerInformationEx
,
114 SystemRefTraceInformation
,
115 SystemSpecialPoolInformation
,
116 SystemProcessIdInformation
,
117 SystemErrorPortInformation
,
118 SystemBootEnvironmentInformation
,
119 SystemHypervisorInformation
,
120 SystemVerifierInformationEx
,
121 SystemTimeZoneInformation
,
122 SystemImageFileExecutionOptionsInformation
,
123 SystemCoverageInformation
,
124 SystemPrefetchPathInformation
,
125 SystemVerifierFaultsInformation
,
128 } SYSTEM_INFORMATION_CLASS
;
130 #endif // !FILE_CHARACTERISTIC_PNP_DEVICE
136 ZwQuerySystemInformation(
137 IN SYSTEM_INFORMATION_CLASS SystemInfoClass
,
138 OUT PVOID SystemInfoBuffer
,
139 IN ULONG SystemInfoBufferSize
,
140 OUT PULONG BytesReturned OPTIONAL
146 NtQuerySystemInformation(
147 IN SYSTEM_INFORMATION_CLASS SystemInfoClass
,
148 OUT PVOID SystemInfoBuffer
,
149 IN ULONG SystemInfoBufferSize
,
150 OUT PULONG BytesReturned OPTIONAL
153 typedef struct _SYSTEM_BASIC_INFORMATION
{
155 ULONG TimerResolution
;
157 ULONG NumberOfPhysicalPages
;
158 ULONG LowestPhysicalPageNumber
;
159 ULONG HighestPhysicalPageNumber
;
160 ULONG AllocationGranularity
;
161 ULONG MinimumUserModeAddress
;
162 ULONG MaximumUserModeAddress
;
163 KAFFINITY ActiveProcessorsAffinityMask
;
164 CCHAR NumberOfProcessors
;
165 } SYSTEM_BASIC_INFORMATION
, *PSYSTEM_BASIC_INFORMATION
;
167 typedef struct _SYSTEM_MODULE_ENTRY
171 PVOID ModuleBaseAddress
;
174 ULONG ModuleEntryIndex
;
175 USHORT ModuleNameLength
;
176 USHORT ModuleNameOffset
;
177 CHAR ModuleName
[256];
178 } SYSTEM_MODULE_ENTRY
, * PSYSTEM_MODULE_ENTRY
;
180 typedef struct _SYSTEM_MODULE_INFORMATION
183 SYSTEM_MODULE_ENTRY Module
[1];
184 } SYSTEM_MODULE_INFORMATION
, *PSYSTEM_MODULE_INFORMATION
;
186 typedef unsigned short WORD
;
188 typedef unsigned int BOOL
;
190 typedef unsigned long DWORD
;
191 typedef unsigned char BYTE
;
194 typedef struct _LDR_DATA_TABLE_ENTRY
{
195 LIST_ENTRY LoadOrder
;
196 LIST_ENTRY MemoryOrder
;
197 LIST_ENTRY InitializationOrder
;
198 PVOID ModuleBaseAddress
;
201 UNICODE_STRING FullModuleName
;
202 UNICODE_STRING ModuleName
;
209 PVOID SectionPointer
;
214 } LDR_DATA_TABLE_ENTRY
, *PLDR_DATA_TABLE_ENTRY
;
216 typedef struct _PEB_LDR_DATA
{
220 LIST_ENTRY LoadOrder
;
221 LIST_ENTRY MemoryOrder
;
222 LIST_ENTRY InitializationOrder
;
223 } PEB_LDR_DATA
, *PPEB_LDR_DATA
;
225 typedef struct _PEB_FREE_BLOCK
{
226 struct _PEB_FREE_BLOCK
*Next
;
228 } PEB_FREE_BLOCK
, *PPEB_FREE_BLOCK
;
230 #define GDI_HANDLE_BUFFER_SIZE 34
232 #define TLS_MINIMUM_AVAILABLE 64 // winnt
234 typedef struct _PEB
{
235 BOOLEAN InheritedAddressSpace
; // These four fields cannot change unless the
236 BOOLEAN ReadImageFileExecOptions
; //
237 BOOLEAN BeingDebugged
; //
238 BOOLEAN SpareBool
; //
239 HANDLE Mutant
; // INITIAL_PEB structure is also updated.
241 PVOID ImageBaseAddress
;
243 struct _RTL_USER_PROCESS_PARAMETERS
*ProcessParameters
;
247 PVOID FastPebLockRoutine
;
248 PVOID FastPebUnlockRoutine
;
249 ULONG EnvironmentUpdateCount
;
250 PVOID KernelCallbackTable
;
251 HANDLE EventLogSection
;
253 PPEB_FREE_BLOCK FreeList
;
254 ULONG TlsExpansionCounter
;
256 ULONG TlsBitmapBits
[2]; // relates to TLS_MINIMUM_AVAILABLE
257 PVOID ReadOnlySharedMemoryBase
;
258 PVOID ReadOnlySharedMemoryHeap
;
259 PVOID
*ReadOnlyStaticServerData
;
260 PVOID AnsiCodePageData
;
261 PVOID OemCodePageData
;
262 PVOID UnicodeCaseTableData
;
264 // Useful information for LdrpInitialize
265 ULONG NumberOfProcessors
;
268 // Passed up from MmCreatePeb from Session Manager registry key
270 LARGE_INTEGER CriticalSectionTimeout
;
271 ULONG HeapSegmentReserve
;
272 ULONG HeapSegmentCommit
;
273 ULONG HeapDeCommitTotalFreeThreshold
;
274 ULONG HeapDeCommitFreeBlockThreshold
;
276 // Where heap manager keeps track of all heaps created for a process
277 // Fields initialized by MmCreatePeb. ProcessHeaps is initialized
278 // to point to the first free byte after the PEB and MaximumNumberOfHeaps
279 // is computed from the page size used to hold the PEB, less the fixed
280 // size of this data structure.
283 ULONG MaximumNumberOfHeaps
;
288 PVOID GdiSharedHandleTable
;
289 PVOID ProcessStarterHelper
;
290 PVOID GdiDCAttributeList
;
293 // Following fields filled in by MmCreatePeb from system values and/or
296 ULONG OSMajorVersion
;
297 ULONG OSMinorVersion
;
300 ULONG ImageSubsystem
;
301 ULONG ImageSubsystemMajorVersion
;
302 ULONG ImageSubsystemMinorVersion
;
303 ULONG ImageProcessAffinityMask
;
304 ULONG GdiHandleBuffer
[GDI_HANDLE_BUFFER_SIZE
];
308 // Gdi command batching
311 #define GDI_BATCH_BUFFER_SIZE 310
313 typedef struct _GDI_TEB_BATCH
{
316 ULONG Buffer
[GDI_BATCH_BUFFER_SIZE
];
317 } GDI_TEB_BATCH
,*PGDI_TEB_BATCH
;
320 // TEB - The thread environment block
323 #define STATIC_UNICODE_BUFFER_LENGTH 261
324 #define WIN32_CLIENT_INFO_LENGTH 31
325 #define WIN32_CLIENT_INFO_SPIN_COUNT 1
327 typedef struct _TEB
{
329 PVOID EnvironmentPointer
;
331 PVOID ActiveRpcHandle
;
332 PVOID ThreadLocalStoragePointer
;
333 PPEB ProcessEnvironmentBlock
;
334 ULONG LastErrorValue
;
335 ULONG CountOfOwnedCriticalSections
;
336 PVOID CsrClientThread
;
337 PVOID Win32ThreadInfo
; // PtiCurrent
338 ULONG Win32ClientInfo
[WIN32_CLIENT_INFO_LENGTH
]; // User32 Client Info
339 PVOID WOW32Reserved
; // used by WOW
341 ULONG FpSoftwareStatusRegister
;
342 PVOID SystemReserved1
[54]; // Used by FP emulator
343 PVOID Spare1
; // unused
344 NTSTATUS ExceptionCode
; // for RaiseUserException
345 UCHAR SpareBytes1
[40];
346 PVOID SystemReserved2
[10]; // Used by user/console for temp obja
347 GDI_TEB_BATCH GdiTebBatch
; // Gdi batching
351 CLIENT_ID RealClientId
;
352 HANDLE GdiCachedProcessHandle
;
355 PVOID GdiThreadLocalInfo
;
356 PVOID UserReserved
[5]; // unused
357 PVOID glDispatchTable
[280]; // OpenGL
358 ULONG glReserved1
[26]; // OpenGL
359 PVOID glReserved2
; // OpenGL
360 PVOID glSectionInfo
; // OpenGL
361 PVOID glSection
; // OpenGL
362 PVOID glTable
; // OpenGL
363 PVOID glCurrentRC
; // OpenGL
364 PVOID glContext
; // OpenGL
365 ULONG LastStatusValue
;
366 UNICODE_STRING StaticUnicodeString
;
367 WCHAR StaticUnicodeBuffer
[STATIC_UNICODE_BUFFER_LENGTH
];
368 PVOID DeallocationStack
;
369 PVOID TlsSlots
[TLS_MINIMUM_AVAILABLE
];
372 PVOID ReservedForNtRpc
;
373 PVOID DbgSsReserved
[2];
374 ULONG HardErrorsAreDisabled
;
375 PVOID Instrumentation
[16];
376 PVOID WinSockData
; // WinSock
381 PVOID ReservedForOle
;
382 ULONG WaitingOnLoaderLock
;
386 typedef struct _KTHREAD_HDR
{
389 // The dispatcher header and mutant listhead are faifly infrequently
390 // referenced, but pad the thread to a 32-byte boundary (assumption
391 // that pool allocation is in units of 32-bytes).
394 DISPATCHER_HEADER Header
;
395 LIST_ENTRY MutantListHead
;
398 // The following fields are referenced during trap, interrupts, or
401 // N.B. The Teb address and TlsArray are loaded as a quadword quantity
402 // on MIPS and therefore must to on a quadword boundary.
412 BOOLEAN Alerted
[MaximumMode
];
417 /* KAPC_STATE ApcState;
418 ULONG ContextSwitches;
421 // The following fields are referenced during wait operations.
426 KPROCESSOR_MODE WaitMode;
429 PRKWAIT_BLOCK WaitBlockList;
430 LIST_ENTRY WaitListEntry;
433 UCHAR DecrementCount;
434 SCHAR PriorityDecrement;
436 KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
438 ULONG KernelApcDisable;
439 KAFFINITY UserAffinity;
440 BOOLEAN SystemAffinityActive;
443 // struct _ECHANNEL *Channel;
445 // PCHANNEL_MESSAGE SystemView;
446 // PCHANNEL_MESSAGE ThreadView;
449 // The following fields are referenced during queue operations.
453 KSPIN_LOCK ApcQueueLock;
455 LIST_ENTRY QueueListEntry;
458 // The following fields are referenced during read and find ready
464 BOOLEAN ProcessReadyQueue;
465 BOOLEAN KernelStackResident;
469 // The following fields are referenced suring system calls.
474 PKTRAP_FRAME TrapFrame;
475 PKAPC_STATE ApcStatePointer[2];
476 UCHAR EnableStackSwap;
482 // The following entries are reference during clock interrupts.
489 // The following fileds are referenced during APC queuing and process
493 KAPC_STATE SavedApcState;
496 BOOLEAN ApcQueueable;
497 BOOLEAN AutoAlignment;
500 // The following fields are referenced when the thread is initialized
501 // and very infrequently thereafter.
506 KSEMAPHORE SuspendSemaphore;
507 LIST_ENTRY ThreadListEntry;
510 // N.B. The below four UCHARs share the same DWORD and are modified
511 // by other threads. Therefore, they must ALWAYS be modified
512 // under the dispatcher lock to prevent granularity problems
513 // on Alpha machines.
517 UCHAR IdealProcessor;
520 } KTHREAD_HDR
, *PKTHREAD_HDR
;
523 typedef struct _IMAGE_DOS_HEADER
{ // DOS .EXE header
524 WORD e_magic
; // Magic number
525 WORD e_cblp
; // Bytes on last page of file
526 WORD e_cp
; // Pages in file
527 WORD e_crlc
; // Relocations
528 WORD e_cparhdr
; // Size of header in paragraphs
529 WORD e_minalloc
; // Minimum extra paragraphs needed
530 WORD e_maxalloc
; // Maximum extra paragraphs needed
531 WORD e_ss
; // Initial (relative) SS value
532 WORD e_sp
; // Initial SP value
533 WORD e_csum
; // Checksum
534 WORD e_ip
; // Initial IP value
535 WORD e_cs
; // Initial (relative) CS value
536 WORD e_lfarlc
; // File address of relocation table
537 WORD e_ovno
; // Overlay number
538 WORD e_res
[4]; // Reserved words
539 WORD e_oemid
; // OEM identifier (for e_oeminfo)
540 WORD e_oeminfo
; // OEM information; e_oemid specific
541 WORD e_res2
[10]; // Reserved words
542 LONG e_lfanew
; // File address of new exe header
543 } IMAGE_DOS_HEADER
, *PIMAGE_DOS_HEADER
;
545 typedef struct _IMAGE_FILE_HEADER
{
547 WORD NumberOfSections
;
549 DWORD PointerToSymbolTable
;
550 DWORD NumberOfSymbols
;
551 WORD SizeOfOptionalHeader
;
552 WORD Characteristics
;
553 } IMAGE_FILE_HEADER
, *PIMAGE_FILE_HEADER
;
555 typedef struct _IMAGE_DATA_DIRECTORY
{
556 DWORD VirtualAddress
;
558 } IMAGE_DATA_DIRECTORY
, *PIMAGE_DATA_DIRECTORY
;
559 #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
562 typedef struct _IMAGE_OPTIONAL_HEADER
{
568 BYTE MajorLinkerVersion
;
569 BYTE MinorLinkerVersion
;
571 DWORD SizeOfInitializedData
;
572 DWORD SizeOfUninitializedData
;
573 DWORD AddressOfEntryPoint
;
578 // NT additional fields.
582 DWORD SectionAlignment
;
584 WORD MajorOperatingSystemVersion
;
585 WORD MinorOperatingSystemVersion
;
586 WORD MajorImageVersion
;
587 WORD MinorImageVersion
;
588 WORD MajorSubsystemVersion
;
589 WORD MinorSubsystemVersion
;
590 DWORD Win32VersionValue
;
595 WORD DllCharacteristics
;
596 DWORD SizeOfStackReserve
;
597 DWORD SizeOfStackCommit
;
598 DWORD SizeOfHeapReserve
;
599 DWORD SizeOfHeapCommit
;
601 DWORD NumberOfRvaAndSizes
;
602 IMAGE_DATA_DIRECTORY DataDirectory
[IMAGE_NUMBEROF_DIRECTORY_ENTRIES
];
603 } IMAGE_OPTIONAL_HEADER32
, *PIMAGE_OPTIONAL_HEADER32
;
605 typedef struct _IMAGE_NT_HEADERS
{
607 IMAGE_FILE_HEADER FileHeader
;
608 IMAGE_OPTIONAL_HEADER32 OptionalHeader
;
609 } IMAGE_NT_HEADERS32
, *PIMAGE_NT_HEADERS32
;
610 typedef IMAGE_NT_HEADERS32 IMAGE_NT_HEADERS
;
611 typedef PIMAGE_NT_HEADERS32 PIMAGE_NT_HEADERS
;
613 #define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory
615 typedef struct _IMAGE_EXPORT_DIRECTORY
{
616 DWORD Characteristics
;
622 DWORD NumberOfFunctions
;
624 DWORD AddressOfFunctions
; // RVA from base of image
625 DWORD AddressOfNames
; // RVA from base of image
626 DWORD AddressOfNameOrdinals
; // RVA from base of image
627 } IMAGE_EXPORT_DIRECTORY
, *PIMAGE_EXPORT_DIRECTORY
;
640 HalQueryDisplayParameters (
641 OUT PULONG WidthInCharacters
,
642 OUT PULONG HeightInLines
,
643 OUT PULONG CursorColumn
,
650 HalSetDisplayParameters (
651 IN ULONG CursorColumn
,
655 extern ULONG NtBuildNumber
;
657 #endif //__NTDDK_EX__H__