[HEADERS]
[reactos.git] / reactos / include / ddk / ntifs.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the w32api package.
7 *
8 * Contributors:
9 * Created by Bo Brantén <bosse@acc.umu.se>
10 *
11 * THIS SOFTWARE IS NOT COPYRIGHTED
12 *
13 * This source code is offered for use in the public domain. You may
14 * use, modify or distribute it freely.
15 *
16 * This code is distributed in the hope that it will be useful but
17 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
18 * DISCLAIMED. This includes but is not limited to warranties of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 */
22
23 #pragma once
24
25 #define _NTIFS_INCLUDED_
26 #define _GNU_NTIFS_
27
28 /* Helper macro to enable gcc's extension. */
29 #ifndef __GNU_EXTENSION
30 #ifdef __GNUC__
31 #define __GNU_EXTENSION __extension__
32 #else
33 #define __GNU_EXTENSION
34 #endif
35 #endif
36
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40
41 #if !defined(_NTHALDLL_) && !defined(_BLDR_)
42 #define NTHALAPI DECLSPEC_IMPORT
43 #else
44 #define NTHALAPI
45 #endif
46
47 /* For ReactOS */
48 #if !defined(_NTOSKRNL_) && !defined(_BLDR_)
49 #define NTKERNELAPI DECLSPEC_IMPORT
50 #else
51 #define NTKERNELAPI
52 #endif
53
54 /* Dependencies */
55 #include <ntddk.h>
56 #include <excpt.h>
57 #include <ntdef.h>
58 #include <ntnls.h>
59 #include <ntstatus.h>
60 #include <bugcodes.h>
61 /* FIXME : #include <ntiologc.h> */
62
63 #ifndef FlagOn
64 #define FlagOn(_F,_SF) ((_F) & (_SF))
65 #endif
66
67 #ifndef BooleanFlagOn
68 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
69 #endif
70
71 #ifndef SetFlag
72 #define SetFlag(_F,_SF) ((_F) |= (_SF))
73 #endif
74
75 #ifndef ClearFlag
76 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
77 #endif
78
79 #define PsGetCurrentProcess IoGetCurrentProcess
80
81 #if (NTDDI_VERSION >= NTDDI_VISTA)
82 extern NTSYSAPI volatile CCHAR KeNumberProcessors;
83 #elif (NTDDI_VERSION >= NTDDI_WINXP)
84 extern NTSYSAPI CCHAR KeNumberProcessors;
85 #else
86 extern PCCHAR KeNumberProcessors;
87 #endif
88
89 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
90 typedef STRING LSA_STRING, *PLSA_STRING;
91 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
92
93 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
94 #define SID_IDENTIFIER_AUTHORITY_DEFINED
95 typedef struct _SID_IDENTIFIER_AUTHORITY {
96 UCHAR Value[6];
97 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
98 #endif
99
100 #ifndef SID_DEFINED
101 #define SID_DEFINED
102 typedef struct _SID {
103 UCHAR Revision;
104 UCHAR SubAuthorityCount;
105 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
106 ULONG SubAuthority[ANYSIZE_ARRAY];
107 } SID, *PISID;
108 #endif
109
110 #define SID_REVISION 1
111 #define SID_MAX_SUB_AUTHORITIES 15
112 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
113
114 typedef enum _SID_NAME_USE {
115 SidTypeUser = 1,
116 SidTypeGroup,
117 SidTypeDomain,
118 SidTypeAlias,
119 SidTypeWellKnownGroup,
120 SidTypeDeletedAccount,
121 SidTypeInvalid,
122 SidTypeUnknown,
123 SidTypeComputer,
124 SidTypeLabel
125 } SID_NAME_USE, *PSID_NAME_USE;
126
127 typedef struct _SID_AND_ATTRIBUTES {
128 PSID Sid;
129 ULONG Attributes;
130 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
131 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
132 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
133
134 #define SID_HASH_SIZE 32
135 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
136
137 typedef struct _SID_AND_ATTRIBUTES_HASH {
138 ULONG SidCount;
139 PSID_AND_ATTRIBUTES SidAttr;
140 SID_HASH_ENTRY Hash[SID_HASH_SIZE];
141 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
142
143 /* Universal well-known SIDs */
144
145 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
146 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
147 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
148 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
149 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
150 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
151
152 #define SECURITY_NULL_RID (0x00000000L)
153 #define SECURITY_WORLD_RID (0x00000000L)
154 #define SECURITY_LOCAL_RID (0x00000000L)
155 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
156
157 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
158 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
159 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
160 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
161 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
162
163 /* NT well-known SIDs */
164
165 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
166
167 #define SECURITY_DIALUP_RID (0x00000001L)
168 #define SECURITY_NETWORK_RID (0x00000002L)
169 #define SECURITY_BATCH_RID (0x00000003L)
170 #define SECURITY_INTERACTIVE_RID (0x00000004L)
171 #define SECURITY_LOGON_IDS_RID (0x00000005L)
172 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
173 #define SECURITY_SERVICE_RID (0x00000006L)
174 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
175 #define SECURITY_PROXY_RID (0x00000008L)
176 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
177 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
178 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
179 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
180 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
181 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
182 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
183 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
184 #define SECURITY_IUSER_RID (0x00000011L)
185 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
186 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
187 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
188 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
189 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
190 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
191
192 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
193 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
194
195
196 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
197 #define SECURITY_PACKAGE_RID_COUNT (2L)
198 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
199 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
200 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
201
202 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
203 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
204 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
205
206 #define SECURITY_MIN_BASE_RID (0x00000050L)
207 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
208 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
209 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
210 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
211 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
212 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
213 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
214 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
215 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
216 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
217 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
218 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
219 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
220 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
221 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
222 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
223 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
224
225 #define SECURITY_MAX_BASE_RID (0x0000006FL)
226
227 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
228 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
229
230 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
231
232 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
233
234 /* Well-known domain relative sub-authority values (RIDs) */
235
236 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
237
238 #define FOREST_USER_RID_MAX (0x000001F3L)
239
240 /* Well-known users */
241
242 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
243 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
244 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
245
246 #define DOMAIN_USER_RID_MAX (0x000003E7L)
247
248 /* Well-known groups */
249
250 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
251 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
252 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
253 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
254 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
255 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
256 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
257 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
258 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
259 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
260
261 /* Well-known aliases */
262
263 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
264 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
265 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
266 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
267
268 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
269 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
270 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
271 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
272
273 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
274 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
275 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
276 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
277 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
278 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
279
280 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
281 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
282 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
283 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
284 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
285 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
286 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
287 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
288 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
289 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
290 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
291
292 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
293 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
294 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
295 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
296 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
297 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
298 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
299
300 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
301 can be set by a usermode caller.*/
302
303 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
304
305 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
306
307 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
308 Use #999 here (0x3e7 = 999) */
309
310 #define SYSTEM_LUID { 0x3e7, 0x0 }
311 #define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
312 #define LOCALSERVICE_LUID { 0x3e5, 0x0 }
313 #define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
314 #define IUSER_LUID { 0x3e3, 0x0 }
315
316 typedef struct _ACE_HEADER {
317 UCHAR AceType;
318 UCHAR AceFlags;
319 USHORT AceSize;
320 } ACE_HEADER, *PACE_HEADER;
321
322 /* also in winnt.h */
323 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
324 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
325 #define ACCESS_DENIED_ACE_TYPE (0x1)
326 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
327 #define SYSTEM_ALARM_ACE_TYPE (0x3)
328 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
329 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
330 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
331 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
332 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
333 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
334 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
335 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
336 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
337 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
338 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
339 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
340 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
341 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
342 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
343 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
344 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
345 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
346 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
347 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
348 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
349
350 /* The following are the inherit flags that go into the AceFlags field
351 of an Ace header. */
352
353 #define OBJECT_INHERIT_ACE (0x1)
354 #define CONTAINER_INHERIT_ACE (0x2)
355 #define NO_PROPAGATE_INHERIT_ACE (0x4)
356 #define INHERIT_ONLY_ACE (0x8)
357 #define INHERITED_ACE (0x10)
358 #define VALID_INHERIT_FLAGS (0x1F)
359
360 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
361 #define FAILED_ACCESS_ACE_FLAG (0x80)
362
363 typedef struct _ACCESS_ALLOWED_ACE {
364 ACE_HEADER Header;
365 ACCESS_MASK Mask;
366 ULONG SidStart;
367 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
368
369 typedef struct _ACCESS_DENIED_ACE {
370 ACE_HEADER Header;
371 ACCESS_MASK Mask;
372 ULONG SidStart;
373 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
374
375 typedef struct _SYSTEM_AUDIT_ACE {
376 ACE_HEADER Header;
377 ACCESS_MASK Mask;
378 ULONG SidStart;
379 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
380
381 typedef struct _SYSTEM_ALARM_ACE {
382 ACE_HEADER Header;
383 ACCESS_MASK Mask;
384 ULONG SidStart;
385 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
386
387 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
388 ACE_HEADER Header;
389 ACCESS_MASK Mask;
390 ULONG SidStart;
391 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
392
393 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
394 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
395 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
396 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
397 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
398 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
399
400 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
401
402 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
403
404 #define SE_OWNER_DEFAULTED 0x0001
405 #define SE_GROUP_DEFAULTED 0x0002
406 #define SE_DACL_PRESENT 0x0004
407 #define SE_DACL_DEFAULTED 0x0008
408 #define SE_SACL_PRESENT 0x0010
409 #define SE_SACL_DEFAULTED 0x0020
410 #define SE_DACL_UNTRUSTED 0x0040
411 #define SE_SERVER_SECURITY 0x0080
412 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
413 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
414 #define SE_DACL_AUTO_INHERITED 0x0400
415 #define SE_SACL_AUTO_INHERITED 0x0800
416 #define SE_DACL_PROTECTED 0x1000
417 #define SE_SACL_PROTECTED 0x2000
418 #define SE_RM_CONTROL_VALID 0x4000
419 #define SE_SELF_RELATIVE 0x8000
420
421 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
422 UCHAR Revision;
423 UCHAR Sbz1;
424 SECURITY_DESCRIPTOR_CONTROL Control;
425 ULONG Owner;
426 ULONG Group;
427 ULONG Sacl;
428 ULONG Dacl;
429 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
430
431 typedef struct _SECURITY_DESCRIPTOR {
432 UCHAR Revision;
433 UCHAR Sbz1;
434 SECURITY_DESCRIPTOR_CONTROL Control;
435 PSID Owner;
436 PSID Group;
437 PACL Sacl;
438 PACL Dacl;
439 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
440
441 typedef struct _OBJECT_TYPE_LIST {
442 USHORT Level;
443 USHORT Sbz;
444 GUID *ObjectType;
445 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
446
447 #define ACCESS_OBJECT_GUID 0
448 #define ACCESS_PROPERTY_SET_GUID 1
449 #define ACCESS_PROPERTY_GUID 2
450 #define ACCESS_MAX_LEVEL 4
451
452 typedef enum _AUDIT_EVENT_TYPE {
453 AuditEventObjectAccess,
454 AuditEventDirectoryServiceAccess
455 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
456
457 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
458
459 #define ACCESS_DS_SOURCE_A "DS"
460 #define ACCESS_DS_SOURCE_W L"DS"
461 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
462 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
463
464 #define ACCESS_REASON_TYPE_MASK 0xffff0000
465 #define ACCESS_REASON_DATA_MASK 0x0000ffff
466
467 typedef enum _ACCESS_REASON_TYPE {
468 AccessReasonNone = 0x00000000,
469 AccessReasonAllowedAce = 0x00010000,
470 AccessReasonDeniedAce = 0x00020000,
471 AccessReasonAllowedParentAce = 0x00030000,
472 AccessReasonDeniedParentAce = 0x00040000,
473 AccessReasonMissingPrivilege = 0x00100000,
474 AccessReasonFromPrivilege = 0x00200000,
475 AccessReasonIntegrityLevel = 0x00300000,
476 AccessReasonOwnership = 0x00400000,
477 AccessReasonNullDacl = 0x00500000,
478 AccessReasonEmptyDacl = 0x00600000,
479 AccessReasonNoSD = 0x00700000,
480 AccessReasonNoGrant = 0x00800000
481 } ACCESS_REASON_TYPE;
482
483 typedef ULONG ACCESS_REASON;
484
485 typedef struct _ACCESS_REASONS {
486 ACCESS_REASON Data[32];
487 } ACCESS_REASONS, *PACCESS_REASONS;
488
489 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
490 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
491 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
492
493 typedef struct _SE_SECURITY_DESCRIPTOR {
494 ULONG Size;
495 ULONG Flags;
496 PSECURITY_DESCRIPTOR SecurityDescriptor;
497 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
498
499 typedef struct _SE_ACCESS_REQUEST {
500 ULONG Size;
501 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
502 ACCESS_MASK DesiredAccess;
503 ACCESS_MASK PreviouslyGrantedAccess;
504 PSID PrincipalSelfSid;
505 PGENERIC_MAPPING GenericMapping;
506 ULONG ObjectTypeListCount;
507 POBJECT_TYPE_LIST ObjectTypeList;
508 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
509
510 typedef struct _SE_ACCESS_REPLY {
511 ULONG Size;
512 ULONG ResultListCount;
513 PACCESS_MASK GrantedAccess;
514 PNTSTATUS AccessStatus;
515 PACCESS_REASONS AccessReason;
516 PPRIVILEGE_SET* Privileges;
517 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
518
519 typedef enum _SE_AUDIT_OPERATION {
520 AuditPrivilegeObject,
521 AuditPrivilegeService,
522 AuditAccessCheck,
523 AuditOpenObject,
524 AuditOpenObjectWithTransaction,
525 AuditCloseObject,
526 AuditDeleteObject,
527 AuditOpenObjectForDelete,
528 AuditOpenObjectForDeleteWithTransaction,
529 AuditCloseNonObject,
530 AuditOpenNonObject,
531 AuditObjectReference,
532 AuditHandleCreation,
533 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
534
535 typedef struct _SE_AUDIT_INFO {
536 ULONG Size;
537 AUDIT_EVENT_TYPE AuditType;
538 SE_AUDIT_OPERATION AuditOperation;
539 ULONG AuditFlags;
540 UNICODE_STRING SubsystemName;
541 UNICODE_STRING ObjectTypeName;
542 UNICODE_STRING ObjectName;
543 PVOID HandleId;
544 GUID* TransactionId;
545 LUID* OperationId;
546 BOOLEAN ObjectCreation;
547 BOOLEAN GenerateOnClose;
548 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
549
550 #define TOKEN_ASSIGN_PRIMARY (0x0001)
551 #define TOKEN_DUPLICATE (0x0002)
552 #define TOKEN_IMPERSONATE (0x0004)
553 #define TOKEN_QUERY (0x0008)
554 #define TOKEN_QUERY_SOURCE (0x0010)
555 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
556 #define TOKEN_ADJUST_GROUPS (0x0040)
557 #define TOKEN_ADJUST_DEFAULT (0x0080)
558 #define TOKEN_ADJUST_SESSIONID (0x0100)
559
560 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
561 TOKEN_ASSIGN_PRIMARY |\
562 TOKEN_DUPLICATE |\
563 TOKEN_IMPERSONATE |\
564 TOKEN_QUERY |\
565 TOKEN_QUERY_SOURCE |\
566 TOKEN_ADJUST_PRIVILEGES |\
567 TOKEN_ADJUST_GROUPS |\
568 TOKEN_ADJUST_DEFAULT )
569
570 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
571 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
572 TOKEN_ADJUST_SESSIONID )
573 #else
574 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
575 #endif
576
577 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
578 TOKEN_QUERY)
579
580 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
581 TOKEN_ADJUST_PRIVILEGES |\
582 TOKEN_ADJUST_GROUPS |\
583 TOKEN_ADJUST_DEFAULT)
584
585 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
586
587 typedef enum _TOKEN_TYPE {
588 TokenPrimary = 1,
589 TokenImpersonation
590 } TOKEN_TYPE,*PTOKEN_TYPE;
591
592 typedef enum _TOKEN_INFORMATION_CLASS {
593 TokenUser = 1,
594 TokenGroups,
595 TokenPrivileges,
596 TokenOwner,
597 TokenPrimaryGroup,
598 TokenDefaultDacl,
599 TokenSource,
600 TokenType,
601 TokenImpersonationLevel,
602 TokenStatistics,
603 TokenRestrictedSids,
604 TokenSessionId,
605 TokenGroupsAndPrivileges,
606 TokenSessionReference,
607 TokenSandBoxInert,
608 TokenAuditPolicy,
609 TokenOrigin,
610 TokenElevationType,
611 TokenLinkedToken,
612 TokenElevation,
613 TokenHasRestrictions,
614 TokenAccessInformation,
615 TokenVirtualizationAllowed,
616 TokenVirtualizationEnabled,
617 TokenIntegrityLevel,
618 TokenUIAccess,
619 TokenMandatoryPolicy,
620 TokenLogonSid,
621 MaxTokenInfoClass
622 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
623
624 typedef struct _TOKEN_USER {
625 SID_AND_ATTRIBUTES User;
626 } TOKEN_USER, *PTOKEN_USER;
627
628 typedef struct _TOKEN_GROUPS {
629 ULONG GroupCount;
630 SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
631 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
632
633 typedef struct _TOKEN_PRIVILEGES {
634 ULONG PrivilegeCount;
635 LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
636 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
637
638 typedef struct _TOKEN_OWNER {
639 PSID Owner;
640 } TOKEN_OWNER,*PTOKEN_OWNER;
641
642 typedef struct _TOKEN_PRIMARY_GROUP {
643 PSID PrimaryGroup;
644 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
645
646 typedef struct _TOKEN_DEFAULT_DACL {
647 PACL DefaultDacl;
648 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
649
650 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
651 ULONG SidCount;
652 ULONG SidLength;
653 PSID_AND_ATTRIBUTES Sids;
654 ULONG RestrictedSidCount;
655 ULONG RestrictedSidLength;
656 PSID_AND_ATTRIBUTES RestrictedSids;
657 ULONG PrivilegeCount;
658 ULONG PrivilegeLength;
659 PLUID_AND_ATTRIBUTES Privileges;
660 LUID AuthenticationId;
661 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
662
663 typedef struct _TOKEN_LINKED_TOKEN {
664 HANDLE LinkedToken;
665 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
666
667 typedef struct _TOKEN_ELEVATION {
668 ULONG TokenIsElevated;
669 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
670
671 typedef struct _TOKEN_MANDATORY_LABEL {
672 SID_AND_ATTRIBUTES Label;
673 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
674
675 #define TOKEN_MANDATORY_POLICY_OFF 0x0
676 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
677 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
678
679 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
680 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
681
682 typedef struct _TOKEN_MANDATORY_POLICY {
683 ULONG Policy;
684 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
685
686 typedef struct _TOKEN_ACCESS_INFORMATION {
687 PSID_AND_ATTRIBUTES_HASH SidHash;
688 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
689 PTOKEN_PRIVILEGES Privileges;
690 LUID AuthenticationId;
691 TOKEN_TYPE TokenType;
692 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
693 TOKEN_MANDATORY_POLICY MandatoryPolicy;
694 ULONG Flags;
695 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
696
697 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
698
699 typedef struct _TOKEN_AUDIT_POLICY {
700 UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
701 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
702
703 #define TOKEN_SOURCE_LENGTH 8
704
705 typedef struct _TOKEN_SOURCE {
706 CHAR SourceName[TOKEN_SOURCE_LENGTH];
707 LUID SourceIdentifier;
708 } TOKEN_SOURCE,*PTOKEN_SOURCE;
709
710 typedef struct _TOKEN_STATISTICS {
711 LUID TokenId;
712 LUID AuthenticationId;
713 LARGE_INTEGER ExpirationTime;
714 TOKEN_TYPE TokenType;
715 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
716 ULONG DynamicCharged;
717 ULONG DynamicAvailable;
718 ULONG GroupCount;
719 ULONG PrivilegeCount;
720 LUID ModifiedId;
721 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
722
723 typedef struct _TOKEN_CONTROL {
724 LUID TokenId;
725 LUID AuthenticationId;
726 LUID ModifiedId;
727 TOKEN_SOURCE TokenSource;
728 } TOKEN_CONTROL,*PTOKEN_CONTROL;
729
730 typedef struct _TOKEN_ORIGIN {
731 LUID OriginatingLogonSession;
732 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
733
734 typedef enum _MANDATORY_LEVEL {
735 MandatoryLevelUntrusted = 0,
736 MandatoryLevelLow,
737 MandatoryLevelMedium,
738 MandatoryLevelHigh,
739 MandatoryLevelSystem,
740 MandatoryLevelSecureProcess,
741 MandatoryLevelCount
742 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
743
744 typedef enum _OBJECT_INFORMATION_CLASS {
745 ObjectBasicInformation = 0,
746 ObjectNameInformation = 1, /* FIXME, not in WDK */
747 ObjectTypeInformation = 2,
748 ObjectTypesInformation = 3, /* FIXME, not in WDK */
749 ObjectHandleFlagInformation = 4, /* FIXME, not in WDK */
750 ObjectSessionInformation = 5, /* FIXME, not in WDK */
751 MaxObjectInfoClass /* FIXME, not in WDK */
752 } OBJECT_INFORMATION_CLASS;
753
754 #if (NTDDI_VERSION >= NTDDI_NT4)
755
756 NTSYSCALLAPI
757 NTSTATUS
758 NTAPI
759 NtQueryObject(
760 IN HANDLE Handle OPTIONAL,
761 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
762 OUT PVOID ObjectInformation OPTIONAL,
763 IN ULONG ObjectInformationLength,
764 OUT PULONG ReturnLength OPTIONAL);
765
766 #endif
767
768 #if (NTDDI_VERSION >= NTDDI_WIN2K)
769
770 NTSYSCALLAPI
771 NTSTATUS
772 NTAPI
773 NtOpenThreadToken(
774 IN HANDLE ThreadHandle,
775 IN ACCESS_MASK DesiredAccess,
776 IN BOOLEAN OpenAsSelf,
777 OUT PHANDLE TokenHandle);
778
779 NTSYSCALLAPI
780 NTSTATUS
781 NTAPI
782 NtOpenProcessToken(
783 IN HANDLE ProcessHandle,
784 IN ACCESS_MASK DesiredAccess,
785 OUT PHANDLE TokenHandle);
786
787 NTSYSCALLAPI
788 NTSTATUS
789 NTAPI
790 NtQueryInformationToken(
791 IN HANDLE TokenHandle,
792 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
793 OUT PVOID TokenInformation OPTIONAL,
794 IN ULONG TokenInformationLength,
795 OUT PULONG ReturnLength);
796
797 NTSYSCALLAPI
798 NTSTATUS
799 NTAPI
800 NtAdjustPrivilegesToken(
801 IN HANDLE TokenHandle,
802 IN BOOLEAN DisableAllPrivileges,
803 IN PTOKEN_PRIVILEGES NewState OPTIONAL,
804 IN ULONG BufferLength,
805 OUT PTOKEN_PRIVILEGES PreviousState,
806 OUT PULONG ReturnLength OPTIONAL);
807
808 NTSYSCALLAPI
809 NTSTATUS
810 NTAPI
811 NtCreateFile(
812 OUT PHANDLE FileHandle,
813 IN ACCESS_MASK DesiredAccess,
814 IN POBJECT_ATTRIBUTES ObjectAttributes,
815 OUT PIO_STATUS_BLOCK IoStatusBlock,
816 IN PLARGE_INTEGER AllocationSize OPTIONAL,
817 IN ULONG FileAttributes,
818 IN ULONG ShareAccess,
819 IN ULONG CreateDisposition,
820 IN ULONG CreateOptions,
821 IN PVOID EaBuffer,
822 IN ULONG EaLength);
823
824 NTSYSCALLAPI
825 NTSTATUS
826 NTAPI
827 NtDeviceIoControlFile(
828 IN HANDLE FileHandle,
829 IN HANDLE Event OPTIONAL,
830 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
831 IN PVOID ApcContext OPTIONAL,
832 OUT PIO_STATUS_BLOCK IoStatusBlock,
833 IN ULONG IoControlCode,
834 IN PVOID InputBuffer OPTIONAL,
835 IN ULONG InputBufferLength,
836 OUT PVOID OutputBuffer OPTIONAL,
837 IN ULONG OutputBufferLength);
838
839 NTSYSCALLAPI
840 NTSTATUS
841 NTAPI
842 NtFsControlFile(
843 IN HANDLE FileHandle,
844 IN HANDLE Event OPTIONAL,
845 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
846 IN PVOID ApcContext OPTIONAL,
847 OUT PIO_STATUS_BLOCK IoStatusBlock,
848 IN ULONG FsControlCode,
849 IN PVOID InputBuffer OPTIONAL,
850 IN ULONG InputBufferLength,
851 OUT PVOID OutputBuffer OPTIONAL,
852 IN ULONG OutputBufferLength);
853
854 NTSYSCALLAPI
855 NTSTATUS
856 NTAPI
857 NtLockFile(
858 IN HANDLE FileHandle,
859 IN HANDLE Event OPTIONAL,
860 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
861 IN PVOID ApcContext OPTIONAL,
862 OUT PIO_STATUS_BLOCK IoStatusBlock,
863 IN PLARGE_INTEGER ByteOffset,
864 IN PLARGE_INTEGER Length,
865 IN ULONG Key,
866 IN BOOLEAN FailImmediately,
867 IN BOOLEAN ExclusiveLock);
868
869 NTSYSCALLAPI
870 NTSTATUS
871 NTAPI
872 NtOpenFile(
873 OUT PHANDLE FileHandle,
874 IN ACCESS_MASK DesiredAccess,
875 IN POBJECT_ATTRIBUTES ObjectAttributes,
876 OUT PIO_STATUS_BLOCK IoStatusBlock,
877 IN ULONG ShareAccess,
878 IN ULONG OpenOptions);
879
880 NTSYSCALLAPI
881 NTSTATUS
882 NTAPI
883 NtQueryDirectoryFile(
884 IN HANDLE FileHandle,
885 IN HANDLE Event OPTIONAL,
886 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
887 IN PVOID ApcContext OPTIONAL,
888 OUT PIO_STATUS_BLOCK IoStatusBlock,
889 OUT PVOID FileInformation,
890 IN ULONG Length,
891 IN FILE_INFORMATION_CLASS FileInformationClass,
892 IN BOOLEAN ReturnSingleEntry,
893 IN PUNICODE_STRING FileName OPTIONAL,
894 IN BOOLEAN RestartScan);
895
896 NTSYSCALLAPI
897 NTSTATUS
898 NTAPI
899 NtQueryInformationFile(
900 IN HANDLE FileHandle,
901 OUT PIO_STATUS_BLOCK IoStatusBlock,
902 OUT PVOID FileInformation,
903 IN ULONG Length,
904 IN FILE_INFORMATION_CLASS FileInformationClass);
905
906 NTSYSCALLAPI
907 NTSTATUS
908 NTAPI
909 NtQueryQuotaInformationFile(
910 IN HANDLE FileHandle,
911 OUT PIO_STATUS_BLOCK IoStatusBlock,
912 OUT PVOID Buffer,
913 IN ULONG Length,
914 IN BOOLEAN ReturnSingleEntry,
915 IN PVOID SidList,
916 IN ULONG SidListLength,
917 IN PSID StartSid OPTIONAL,
918 IN BOOLEAN RestartScan);
919
920 NTSYSCALLAPI
921 NTSTATUS
922 NTAPI
923 NtQueryVolumeInformationFile(
924 IN HANDLE FileHandle,
925 OUT PIO_STATUS_BLOCK IoStatusBlock,
926 OUT PVOID FsInformation,
927 IN ULONG Length,
928 IN FS_INFORMATION_CLASS FsInformationClass);
929
930 NTSYSCALLAPI
931 NTSTATUS
932 NTAPI
933 NtReadFile(
934 IN HANDLE FileHandle,
935 IN HANDLE Event OPTIONAL,
936 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
937 IN PVOID ApcContext OPTIONAL,
938 OUT PIO_STATUS_BLOCK IoStatusBlock,
939 OUT PVOID Buffer,
940 IN ULONG Length,
941 IN PLARGE_INTEGER ByteOffset OPTIONAL,
942 IN PULONG Key OPTIONAL);
943
944 NTSYSCALLAPI
945 NTSTATUS
946 NTAPI
947 NtSetInformationFile(
948 IN HANDLE FileHandle,
949 OUT PIO_STATUS_BLOCK IoStatusBlock,
950 IN PVOID FileInformation,
951 IN ULONG Length,
952 IN FILE_INFORMATION_CLASS FileInformationClass);
953
954 NTSYSCALLAPI
955 NTSTATUS
956 NTAPI
957 NtSetQuotaInformationFile(
958 IN HANDLE FileHandle,
959 OUT PIO_STATUS_BLOCK IoStatusBlock,
960 IN PVOID Buffer,
961 IN ULONG Length);
962
963 NTSYSCALLAPI
964 NTSTATUS
965 NTAPI
966 NtSetVolumeInformationFile(
967 IN HANDLE FileHandle,
968 OUT PIO_STATUS_BLOCK IoStatusBlock,
969 IN PVOID FsInformation,
970 IN ULONG Length,
971 IN FS_INFORMATION_CLASS FsInformationClass);
972
973 NTSYSCALLAPI
974 NTSTATUS
975 NTAPI
976 NtWriteFile(
977 IN HANDLE FileHandle,
978 IN HANDLE Event OPTIONAL,
979 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
980 IN PVOID ApcContext OPTIONAL,
981 OUT PIO_STATUS_BLOCK IoStatusBlock,
982 IN PVOID Buffer,
983 IN ULONG Length,
984 IN PLARGE_INTEGER ByteOffset OPTIONAL,
985 IN PULONG Key OPTIONAL);
986
987 NTSYSCALLAPI
988 NTSTATUS
989 NTAPI
990 NtUnlockFile(
991 IN HANDLE FileHandle,
992 OUT PIO_STATUS_BLOCK IoStatusBlock,
993 IN PLARGE_INTEGER ByteOffset,
994 IN PLARGE_INTEGER Length,
995 IN ULONG Key);
996
997 NTSYSCALLAPI
998 NTSTATUS
999 NTAPI
1000 NtSetSecurityObject(
1001 IN HANDLE Handle,
1002 IN SECURITY_INFORMATION SecurityInformation,
1003 IN PSECURITY_DESCRIPTOR SecurityDescriptor);
1004
1005 NTSYSCALLAPI
1006 NTSTATUS
1007 NTAPI
1008 NtQuerySecurityObject(
1009 IN HANDLE Handle,
1010 IN SECURITY_INFORMATION SecurityInformation,
1011 OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
1012 IN ULONG Length,
1013 OUT PULONG LengthNeeded);
1014
1015 NTSYSCALLAPI
1016 NTSTATUS
1017 NTAPI
1018 NtClose(
1019 IN HANDLE Handle);
1020
1021 NTSYSCALLAPI
1022 NTSTATUS
1023 NTAPI
1024 NtAllocateVirtualMemory(
1025 IN HANDLE ProcessHandle,
1026 IN OUT PVOID *BaseAddress,
1027 IN ULONG_PTR ZeroBits,
1028 IN OUT PSIZE_T RegionSize,
1029 IN ULONG AllocationType,
1030 IN ULONG Protect);
1031
1032 NTSYSCALLAPI
1033 NTSTATUS
1034 NTAPI
1035 NtFreeVirtualMemory(
1036 IN HANDLE ProcessHandle,
1037 IN OUT PVOID *BaseAddress,
1038 IN OUT PSIZE_T RegionSize,
1039 IN ULONG FreeType);
1040
1041 #endif
1042
1043 #if (NTDDI_VERSION >= NTDDI_WINXP)
1044
1045 NTSYSCALLAPI
1046 NTSTATUS
1047 NTAPI
1048 NtOpenThreadTokenEx(
1049 IN HANDLE ThreadHandle,
1050 IN ACCESS_MASK DesiredAccess,
1051 IN BOOLEAN OpenAsSelf,
1052 IN ULONG HandleAttributes,
1053 OUT PHANDLE TokenHandle);
1054
1055 NTSYSCALLAPI
1056 NTSTATUS
1057 NTAPI
1058 NtOpenProcessTokenEx(
1059 IN HANDLE ProcessHandle,
1060 IN ACCESS_MASK DesiredAccess,
1061 IN ULONG HandleAttributes,
1062 OUT PHANDLE TokenHandle);
1063
1064 NTSYSAPI
1065 NTSTATUS
1066 NTAPI
1067 NtOpenJobObjectToken(
1068 IN HANDLE JobHandle,
1069 IN ACCESS_MASK DesiredAccess,
1070 OUT PHANDLE TokenHandle);
1071
1072 NTSYSCALLAPI
1073 NTSTATUS
1074 NTAPI
1075 NtDuplicateToken(
1076 IN HANDLE ExistingTokenHandle,
1077 IN ACCESS_MASK DesiredAccess,
1078 IN POBJECT_ATTRIBUTES ObjectAttributes,
1079 IN BOOLEAN EffectiveOnly,
1080 IN TOKEN_TYPE TokenType,
1081 OUT PHANDLE NewTokenHandle);
1082
1083 NTSYSCALLAPI
1084 NTSTATUS
1085 NTAPI
1086 NtFilterToken(
1087 IN HANDLE ExistingTokenHandle,
1088 IN ULONG Flags,
1089 IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
1090 IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
1091 IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
1092 OUT PHANDLE NewTokenHandle);
1093
1094 NTSYSCALLAPI
1095 NTSTATUS
1096 NTAPI
1097 NtImpersonateAnonymousToken(
1098 IN HANDLE ThreadHandle);
1099
1100 NTSYSCALLAPI
1101 NTSTATUS
1102 NTAPI
1103 NtSetInformationToken(
1104 IN HANDLE TokenHandle,
1105 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
1106 IN PVOID TokenInformation,
1107 IN ULONG TokenInformationLength);
1108
1109 NTSYSCALLAPI
1110 NTSTATUS
1111 NTAPI
1112 NtAdjustGroupsToken(
1113 IN HANDLE TokenHandle,
1114 IN BOOLEAN ResetToDefault,
1115 IN PTOKEN_GROUPS NewState OPTIONAL,
1116 IN ULONG BufferLength OPTIONAL,
1117 OUT PTOKEN_GROUPS PreviousState,
1118 OUT PULONG ReturnLength);
1119
1120 NTSYSCALLAPI
1121 NTSTATUS
1122 NTAPI
1123 NtPrivilegeCheck(
1124 IN HANDLE ClientToken,
1125 IN OUT PPRIVILEGE_SET RequiredPrivileges,
1126 OUT PBOOLEAN Result);
1127
1128 NTSYSCALLAPI
1129 NTSTATUS
1130 NTAPI
1131 NtAccessCheckAndAuditAlarm(
1132 IN PUNICODE_STRING SubsystemName,
1133 IN PVOID HandleId OPTIONAL,
1134 IN PUNICODE_STRING ObjectTypeName,
1135 IN PUNICODE_STRING ObjectName,
1136 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1137 IN ACCESS_MASK DesiredAccess,
1138 IN PGENERIC_MAPPING GenericMapping,
1139 IN BOOLEAN ObjectCreation,
1140 OUT PACCESS_MASK GrantedAccess,
1141 OUT PNTSTATUS AccessStatus,
1142 OUT PBOOLEAN GenerateOnClose);
1143
1144 NTSYSCALLAPI
1145 NTSTATUS
1146 NTAPI
1147 NtAccessCheckByTypeAndAuditAlarm(
1148 IN PUNICODE_STRING SubsystemName,
1149 IN PVOID HandleId,
1150 IN PUNICODE_STRING ObjectTypeName,
1151 IN PUNICODE_STRING ObjectName,
1152 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1153 IN PSID PrincipalSelfSid OPTIONAL,
1154 IN ACCESS_MASK DesiredAccess,
1155 IN AUDIT_EVENT_TYPE AuditType,
1156 IN ULONG Flags,
1157 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL,
1158 IN ULONG ObjectTypeLength,
1159 IN PGENERIC_MAPPING GenericMapping,
1160 IN BOOLEAN ObjectCreation,
1161 OUT PACCESS_MASK GrantedAccess,
1162 OUT PNTSTATUS AccessStatus,
1163 OUT PBOOLEAN GenerateOnClose);
1164
1165 NTSYSCALLAPI
1166 NTSTATUS
1167 NTAPI
1168 NtAccessCheckByTypeResultListAndAuditAlarm(
1169 IN PUNICODE_STRING SubsystemName,
1170 IN PVOID HandleId OPTIONAL,
1171 IN PUNICODE_STRING ObjectTypeName,
1172 IN PUNICODE_STRING ObjectName,
1173 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1174 IN PSID PrincipalSelfSid OPTIONAL,
1175 IN ACCESS_MASK DesiredAccess,
1176 IN AUDIT_EVENT_TYPE AuditType,
1177 IN ULONG Flags,
1178 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL,
1179 IN ULONG ObjectTypeLength,
1180 IN PGENERIC_MAPPING GenericMapping,
1181 IN BOOLEAN ObjectCreation,
1182 OUT PACCESS_MASK GrantedAccess,
1183 OUT PNTSTATUS AccessStatus,
1184 OUT PBOOLEAN GenerateOnClose);
1185
1186 NTSTATUS
1187 NTAPI
1188 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
1189 IN PUNICODE_STRING SubsystemName,
1190 IN PVOID HandleId OPTIONAL,
1191 IN HANDLE ClientToken,
1192 IN PUNICODE_STRING ObjectTypeName,
1193 IN PUNICODE_STRING ObjectName,
1194 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1195 IN PSID PrincipalSelfSid OPTIONAL,
1196 IN ACCESS_MASK DesiredAccess,
1197 IN AUDIT_EVENT_TYPE AuditType,
1198 IN ULONG Flags,
1199 IN POBJECT_TYPE_LIST ObjectTypeList OPTIONAL,
1200 IN ULONG ObjectTypeLength,
1201 IN PGENERIC_MAPPING GenericMapping,
1202 IN BOOLEAN ObjectCreation,
1203 OUT PACCESS_MASK GrantedAccess,
1204 OUT PNTSTATUS AccessStatus,
1205 OUT PBOOLEAN GenerateOnClose);
1206
1207 NTSYSCALLAPI
1208 NTSTATUS
1209 NTAPI
1210 NtOpenObjectAuditAlarm(
1211 IN PUNICODE_STRING SubsystemName,
1212 IN PVOID HandleId OPTIONAL,
1213 IN PUNICODE_STRING ObjectTypeName,
1214 IN PUNICODE_STRING ObjectName,
1215 IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL,
1216 IN HANDLE ClientToken,
1217 IN ACCESS_MASK DesiredAccess,
1218 IN ACCESS_MASK GrantedAccess,
1219 IN PPRIVILEGE_SET Privileges OPTIONAL,
1220 IN BOOLEAN ObjectCreation,
1221 IN BOOLEAN AccessGranted,
1222 OUT PBOOLEAN GenerateOnClose);
1223
1224 NTSYSCALLAPI
1225 NTSTATUS
1226 NTAPI
1227 NtPrivilegeObjectAuditAlarm(
1228 IN PUNICODE_STRING SubsystemName,
1229 IN PVOID HandleId OPTIONAL,
1230 IN HANDLE ClientToken,
1231 IN ACCESS_MASK DesiredAccess,
1232 IN PPRIVILEGE_SET Privileges,
1233 IN BOOLEAN AccessGranted);
1234
1235 NTSYSCALLAPI
1236 NTSTATUS
1237 NTAPI
1238 NtCloseObjectAuditAlarm(
1239 IN PUNICODE_STRING SubsystemName,
1240 IN PVOID HandleId OPTIONAL,
1241 IN BOOLEAN GenerateOnClose);
1242
1243 NTSYSCALLAPI
1244 NTSTATUS
1245 NTAPI
1246 NtDeleteObjectAuditAlarm(
1247 IN PUNICODE_STRING SubsystemName,
1248 IN PVOID HandleId OPTIONAL,
1249 IN BOOLEAN GenerateOnClose);
1250
1251 NTSYSCALLAPI
1252 NTSTATUS
1253 NTAPI
1254 NtPrivilegedServiceAuditAlarm(
1255 IN PUNICODE_STRING SubsystemName,
1256 IN PUNICODE_STRING ServiceName,
1257 IN HANDLE ClientToken,
1258 IN PPRIVILEGE_SET Privileges,
1259 IN BOOLEAN AccessGranted);
1260
1261 NTSYSCALLAPI
1262 NTSTATUS
1263 NTAPI
1264 NtSetInformationThread(
1265 IN HANDLE ThreadHandle,
1266 IN THREADINFOCLASS ThreadInformationClass,
1267 IN PVOID ThreadInformation,
1268 IN ULONG ThreadInformationLength);
1269
1270 NTSYSCALLAPI
1271 NTSTATUS
1272 NTAPI
1273 NtCreateSection(
1274 OUT PHANDLE SectionHandle,
1275 IN ACCESS_MASK DesiredAccess,
1276 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
1277 IN PLARGE_INTEGER MaximumSize OPTIONAL,
1278 IN ULONG SectionPageProtection,
1279 IN ULONG AllocationAttributes,
1280 IN HANDLE FileHandle OPTIONAL);
1281
1282 #endif
1283
1284 typedef NTSTATUS
1285 (NTAPI * PRTL_HEAP_COMMIT_ROUTINE) (
1286 IN PVOID Base,
1287 IN OUT PVOID *CommitAddress,
1288 IN OUT PSIZE_T CommitSize);
1289
1290 typedef struct _RTL_HEAP_PARAMETERS {
1291 ULONG Length;
1292 SIZE_T SegmentReserve;
1293 SIZE_T SegmentCommit;
1294 SIZE_T DeCommitFreeBlockThreshold;
1295 SIZE_T DeCommitTotalFreeThreshold;
1296 SIZE_T MaximumAllocationSize;
1297 SIZE_T VirtualMemoryThreshold;
1298 SIZE_T InitialCommit;
1299 SIZE_T InitialReserve;
1300 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
1301 SIZE_T Reserved[2];
1302 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
1303
1304 #if (NTDDI_VERSION >= NTDDI_WIN2K)
1305
1306 NTSYSAPI
1307 PVOID
1308 NTAPI
1309 RtlAllocateHeap(
1310 IN HANDLE HeapHandle,
1311 IN ULONG Flags OPTIONAL,
1312 IN SIZE_T Size);
1313
1314 NTSYSAPI
1315 BOOLEAN
1316 NTAPI
1317 RtlFreeHeap(
1318 IN PVOID HeapHandle,
1319 IN ULONG Flags OPTIONAL,
1320 IN PVOID BaseAddress);
1321
1322 NTSYSAPI
1323 VOID
1324 NTAPI
1325 RtlCaptureContext(
1326 OUT PCONTEXT ContextRecord);
1327
1328 NTSYSAPI
1329 ULONG
1330 NTAPI
1331 RtlRandom(
1332 IN OUT PULONG Seed);
1333
1334 NTSYSAPI
1335 BOOLEAN
1336 NTAPI
1337 RtlCreateUnicodeString(
1338 OUT PUNICODE_STRING DestinationString,
1339 IN PCWSTR SourceString);
1340
1341 NTSYSAPI
1342 NTSTATUS
1343 NTAPI
1344 RtlAppendStringToString(
1345 IN OUT PSTRING Destination,
1346 IN const STRING *Source);
1347
1348 NTSYSAPI
1349 NTSTATUS
1350 NTAPI
1351 RtlOemStringToUnicodeString(
1352 IN OUT PUNICODE_STRING DestinationString,
1353 IN PCOEM_STRING SourceString,
1354 IN BOOLEAN AllocateDestinationString);
1355
1356 NTSYSAPI
1357 NTSTATUS
1358 NTAPI
1359 RtlUnicodeStringToOemString(
1360 IN OUT POEM_STRING DestinationString,
1361 IN PCUNICODE_STRING SourceString,
1362 IN BOOLEAN AllocateDestinationString);
1363
1364 NTSYSAPI
1365 NTSTATUS
1366 NTAPI
1367 RtlUpcaseUnicodeStringToOemString(
1368 IN OUT POEM_STRING DestinationString,
1369 IN PCUNICODE_STRING SourceString,
1370 IN BOOLEAN AllocateDestinationString);
1371
1372 NTSYSAPI
1373 NTSTATUS
1374 NTAPI
1375 RtlOemStringToCountedUnicodeString(
1376 IN OUT PUNICODE_STRING DestinationString,
1377 IN PCOEM_STRING SourceString,
1378 IN BOOLEAN AllocateDestinationString);
1379
1380 NTSYSAPI
1381 NTSTATUS
1382 NTAPI
1383 RtlUnicodeStringToCountedOemString(
1384 IN OUT POEM_STRING DestinationString,
1385 IN PCUNICODE_STRING SourceString,
1386 IN BOOLEAN AllocateDestinationString);
1387
1388 NTSYSAPI
1389 NTSTATUS
1390 NTAPI
1391 RtlUpcaseUnicodeStringToCountedOemString(
1392 IN OUT POEM_STRING DestinationString,
1393 IN PCUNICODE_STRING SourceString,
1394 IN BOOLEAN AllocateDestinationString);
1395
1396 NTSYSAPI
1397 NTSTATUS
1398 NTAPI
1399 RtlDowncaseUnicodeString(
1400 IN OUT PUNICODE_STRING UniDest,
1401 IN PCUNICODE_STRING UniSource,
1402 IN BOOLEAN AllocateDestinationString);
1403
1404 NTSYSAPI
1405 VOID
1406 NTAPI
1407 RtlFreeOemString (
1408 IN OUT POEM_STRING OemString);
1409
1410 NTSYSAPI
1411 ULONG
1412 NTAPI
1413 RtlxUnicodeStringToOemSize(
1414 IN PCUNICODE_STRING UnicodeString);
1415
1416 NTSYSAPI
1417 ULONG
1418 NTAPI
1419 RtlxOemStringToUnicodeSize(
1420 IN PCOEM_STRING OemString);
1421
1422 NTSYSAPI
1423 NTSTATUS
1424 NTAPI
1425 RtlMultiByteToUnicodeN(
1426 OUT PWCH UnicodeString,
1427 IN ULONG MaxBytesInUnicodeString,
1428 OUT PULONG BytesInUnicodeString OPTIONAL,
1429 IN const CHAR *MultiByteString,
1430 IN ULONG BytesInMultiByteString);
1431
1432 NTSYSAPI
1433 NTSTATUS
1434 NTAPI
1435 RtlMultiByteToUnicodeSize(
1436 OUT PULONG BytesInUnicodeString,
1437 IN const CHAR *MultiByteString,
1438 IN ULONG BytesInMultiByteString);
1439
1440 NTSYSAPI
1441 NTSTATUS
1442 NTAPI
1443 RtlUnicodeToMultiByteSize(
1444 OUT PULONG BytesInMultiByteString,
1445 IN PCWCH UnicodeString,
1446 IN ULONG BytesInUnicodeString);
1447
1448 NTSYSAPI
1449 NTSTATUS
1450 NTAPI
1451 RtlUnicodeToMultiByteN(
1452 OUT PCHAR MultiByteString,
1453 IN ULONG MaxBytesInMultiByteString,
1454 OUT PULONG BytesInMultiByteString OPTIONAL,
1455 IN PWCH UnicodeString,
1456 IN ULONG BytesInUnicodeString);
1457
1458 NTSYSAPI
1459 NTSTATUS
1460 NTAPI
1461 RtlUpcaseUnicodeToMultiByteN(
1462 OUT PCHAR MultiByteString,
1463 IN ULONG MaxBytesInMultiByteString,
1464 OUT PULONG BytesInMultiByteString OPTIONAL,
1465 IN PCWCH UnicodeString,
1466 IN ULONG BytesInUnicodeString);
1467
1468 NTSYSAPI
1469 NTSTATUS
1470 NTAPI
1471 RtlOemToUnicodeN(
1472 OUT PWSTR UnicodeString,
1473 IN ULONG MaxBytesInUnicodeString,
1474 OUT PULONG BytesInUnicodeString OPTIONAL,
1475 IN PCCH OemString,
1476 IN ULONG BytesInOemString);
1477
1478 NTSYSAPI
1479 NTSTATUS
1480 NTAPI
1481 RtlUnicodeToOemN(
1482 OUT PCHAR OemString,
1483 IN ULONG MaxBytesInOemString,
1484 OUT PULONG BytesInOemString OPTIONAL,
1485 IN PCWCH UnicodeString,
1486 IN ULONG BytesInUnicodeString);
1487
1488 NTSYSAPI
1489 NTSTATUS
1490 NTAPI
1491 RtlUpcaseUnicodeToOemN(
1492 OUT PCHAR OemString,
1493 IN ULONG MaxBytesInOemString,
1494 OUT PULONG BytesInOemString OPTIONAL,
1495 IN PCWCH UnicodeString,
1496 IN ULONG BytesInUnicodeString);
1497
1498 typedef struct _GENERATE_NAME_CONTEXT {
1499 USHORT Checksum;
1500 BOOLEAN CheckSumInserted;
1501 UCHAR NameLength;
1502 WCHAR NameBuffer[8];
1503 ULONG ExtensionLength;
1504 WCHAR ExtensionBuffer[4];
1505 ULONG LastIndexValue;
1506 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
1507
1508 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1509 NTSYSAPI
1510 NTSTATUS
1511 NTAPI
1512 RtlGenerate8dot3Name(
1513 IN PCUNICODE_STRING Name,
1514 IN BOOLEAN AllowExtendedCharacters,
1515 IN OUT PGENERATE_NAME_CONTEXT Context,
1516 IN OUT PUNICODE_STRING Name8dot3);
1517 #else
1518 NTSYSAPI
1519 VOID
1520 NTAPI
1521 RtlGenerate8dot3Name(
1522 IN PCUNICODE_STRING Name,
1523 IN BOOLEAN AllowExtendedCharacters,
1524 IN OUT PGENERATE_NAME_CONTEXT Context,
1525 IN OUT PUNICODE_STRING Name8dot3);
1526 #endif
1527
1528 NTSYSAPI
1529 BOOLEAN
1530 NTAPI
1531 RtlIsNameLegalDOS8Dot3(
1532 IN PCUNICODE_STRING Name,
1533 IN OUT POEM_STRING OemName OPTIONAL,
1534 IN OUT PBOOLEAN NameContainsSpaces OPTIONAL);
1535
1536 NTSYSAPI
1537 BOOLEAN
1538 NTAPI
1539 RtlIsValidOemCharacter(
1540 IN OUT PWCHAR Char);
1541
1542 typedef struct _PREFIX_TABLE_ENTRY {
1543 CSHORT NodeTypeCode;
1544 CSHORT NameLength;
1545 struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
1546 RTL_SPLAY_LINKS Links;
1547 PSTRING Prefix;
1548 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
1549
1550 typedef struct _PREFIX_TABLE {
1551 CSHORT NodeTypeCode;
1552 CSHORT NameLength;
1553 PPREFIX_TABLE_ENTRY NextPrefixTree;
1554 } PREFIX_TABLE, *PPREFIX_TABLE;
1555
1556 NTSYSAPI
1557 VOID
1558 NTAPI
1559 PfxInitialize(
1560 OUT PPREFIX_TABLE PrefixTable);
1561
1562 NTSYSAPI
1563 BOOLEAN
1564 NTAPI
1565 PfxInsertPrefix(
1566 IN PPREFIX_TABLE PrefixTable,
1567 IN PSTRING Prefix,
1568 OUT PPREFIX_TABLE_ENTRY PrefixTableEntry);
1569
1570 NTSYSAPI
1571 VOID
1572 NTAPI
1573 PfxRemovePrefix(
1574 IN PPREFIX_TABLE PrefixTable,
1575 IN PPREFIX_TABLE_ENTRY PrefixTableEntry);
1576
1577 NTSYSAPI
1578 PPREFIX_TABLE_ENTRY
1579 NTAPI
1580 PfxFindPrefix(
1581 IN PPREFIX_TABLE PrefixTable,
1582 IN PSTRING FullName);
1583
1584 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
1585 CSHORT NodeTypeCode;
1586 CSHORT NameLength;
1587 struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
1588 struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
1589 RTL_SPLAY_LINKS Links;
1590 PUNICODE_STRING Prefix;
1591 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
1592
1593 typedef struct _UNICODE_PREFIX_TABLE {
1594 CSHORT NodeTypeCode;
1595 CSHORT NameLength;
1596 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
1597 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
1598 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
1599
1600 NTSYSAPI
1601 VOID
1602 NTAPI
1603 RtlInitializeUnicodePrefix(
1604 OUT PUNICODE_PREFIX_TABLE PrefixTable);
1605
1606 NTSYSAPI
1607 BOOLEAN
1608 NTAPI
1609 RtlInsertUnicodePrefix(
1610 IN PUNICODE_PREFIX_TABLE PrefixTable,
1611 IN PUNICODE_STRING Prefix,
1612 OUT PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1613
1614 NTSYSAPI
1615 VOID
1616 NTAPI
1617 RtlRemoveUnicodePrefix(
1618 IN PUNICODE_PREFIX_TABLE PrefixTable,
1619 IN PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1620
1621 NTSYSAPI
1622 PUNICODE_PREFIX_TABLE_ENTRY
1623 NTAPI
1624 RtlFindUnicodePrefix(
1625 IN PUNICODE_PREFIX_TABLE PrefixTable,
1626 IN PUNICODE_STRING FullName,
1627 IN ULONG CaseInsensitiveIndex);
1628
1629 NTSYSAPI
1630 PUNICODE_PREFIX_TABLE_ENTRY
1631 NTAPI
1632 RtlNextUnicodePrefix(
1633 IN PUNICODE_PREFIX_TABLE PrefixTable,
1634 IN BOOLEAN Restart);
1635
1636 NTSYSAPI
1637 SIZE_T
1638 NTAPI
1639 RtlCompareMemoryUlong(
1640 IN PVOID Source,
1641 IN SIZE_T Length,
1642 IN ULONG Pattern);
1643
1644 NTSYSAPI
1645 BOOLEAN
1646 NTAPI
1647 RtlTimeToSecondsSince1980(
1648 IN PLARGE_INTEGER Time,
1649 OUT PULONG ElapsedSeconds);
1650
1651 NTSYSAPI
1652 VOID
1653 NTAPI
1654 RtlSecondsSince1980ToTime(
1655 IN ULONG ElapsedSeconds,
1656 OUT PLARGE_INTEGER Time);
1657
1658 NTSYSAPI
1659 BOOLEAN
1660 NTAPI
1661 RtlTimeToSecondsSince1970(
1662 IN PLARGE_INTEGER Time,
1663 OUT PULONG ElapsedSeconds);
1664
1665 NTSYSAPI
1666 VOID
1667 NTAPI
1668 RtlSecondsSince1970ToTime(
1669 IN ULONG ElapsedSeconds,
1670 OUT PLARGE_INTEGER Time);
1671
1672 NTSYSAPI
1673 BOOLEAN
1674 NTAPI
1675 RtlValidSid(
1676 IN PSID Sid);
1677
1678 NTSYSAPI
1679 BOOLEAN
1680 NTAPI
1681 RtlEqualSid(
1682 IN PSID Sid1,
1683 IN PSID Sid2);
1684
1685 NTSYSAPI
1686 BOOLEAN
1687 NTAPI
1688 RtlEqualPrefixSid(
1689 IN PSID Sid1,
1690 IN PSID Sid2);
1691
1692 NTSYSAPI
1693 ULONG
1694 NTAPI
1695 RtlLengthRequiredSid(
1696 IN ULONG SubAuthorityCount);
1697
1698 NTSYSAPI
1699 PVOID
1700 NTAPI
1701 RtlFreeSid(
1702 IN PSID Sid);
1703
1704 NTSYSAPI
1705 NTSTATUS
1706 NTAPI
1707 RtlAllocateAndInitializeSid(
1708 IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1709 IN UCHAR SubAuthorityCount,
1710 IN ULONG SubAuthority0,
1711 IN ULONG SubAuthority1,
1712 IN ULONG SubAuthority2,
1713 IN ULONG SubAuthority3,
1714 IN ULONG SubAuthority4,
1715 IN ULONG SubAuthority5,
1716 IN ULONG SubAuthority6,
1717 IN ULONG SubAuthority7,
1718 OUT PSID *Sid);
1719
1720 NTSYSAPI
1721 NTSTATUS
1722 NTAPI
1723 RtlInitializeSid(
1724 OUT PSID Sid,
1725 IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1726 IN UCHAR SubAuthorityCount);
1727
1728 NTSYSAPI
1729 PULONG
1730 NTAPI
1731 RtlSubAuthoritySid(
1732 IN PSID Sid,
1733 IN ULONG SubAuthority);
1734
1735 NTSYSAPI
1736 ULONG
1737 NTAPI
1738 RtlLengthSid(
1739 IN PSID Sid);
1740
1741 NTSYSAPI
1742 NTSTATUS
1743 NTAPI
1744 RtlCopySid(
1745 IN ULONG Length,
1746 IN PSID Destination,
1747 IN PSID Source);
1748
1749 NTSYSAPI
1750 NTSTATUS
1751 NTAPI
1752 RtlConvertSidToUnicodeString(
1753 IN OUT PUNICODE_STRING UnicodeString,
1754 IN PSID Sid,
1755 IN BOOLEAN AllocateDestinationString);
1756
1757 NTSYSAPI
1758 VOID
1759 NTAPI
1760 RtlCopyLuid(
1761 OUT PLUID DestinationLuid,
1762 IN PLUID SourceLuid);
1763
1764 NTSYSAPI
1765 NTSTATUS
1766 NTAPI
1767 RtlCreateAcl(
1768 OUT PACL Acl,
1769 IN ULONG AclLength,
1770 IN ULONG AclRevision);
1771
1772 NTSYSAPI
1773 NTSTATUS
1774 NTAPI
1775 RtlAddAce(
1776 IN OUT PACL Acl,
1777 IN ULONG AceRevision,
1778 IN ULONG StartingAceIndex,
1779 IN PVOID AceList,
1780 IN ULONG AceListLength);
1781
1782 NTSYSAPI
1783 NTSTATUS
1784 NTAPI
1785 RtlDeleteAce(
1786 IN OUT PACL Acl,
1787 IN ULONG AceIndex);
1788
1789 NTSYSAPI
1790 NTSTATUS
1791 NTAPI
1792 RtlGetAce(
1793 IN PACL Acl,
1794 IN ULONG AceIndex,
1795 OUT PVOID *Ace);
1796
1797 NTSYSAPI
1798 NTSTATUS
1799 NTAPI
1800 RtlAddAccessAllowedAce(
1801 IN OUT PACL Acl,
1802 IN ULONG AceRevision,
1803 IN ACCESS_MASK AccessMask,
1804 IN PSID Sid);
1805
1806 NTSYSAPI
1807 NTSTATUS
1808 NTAPI
1809 RtlAddAccessAllowedAceEx(
1810 IN OUT PACL Acl,
1811 IN ULONG AceRevision,
1812 IN ULONG AceFlags,
1813 IN ACCESS_MASK AccessMask,
1814 IN PSID Sid);
1815
1816 NTSYSAPI
1817 NTSTATUS
1818 NTAPI
1819 RtlCreateSecurityDescriptorRelative(
1820 OUT PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
1821 IN ULONG Revision);
1822
1823 NTSYSAPI
1824 NTSTATUS
1825 NTAPI
1826 RtlGetDaclSecurityDescriptor(
1827 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1828 OUT PBOOLEAN DaclPresent,
1829 OUT PACL *Dacl,
1830 OUT PBOOLEAN DaclDefaulted);
1831
1832 NTSYSAPI
1833 NTSTATUS
1834 NTAPI
1835 RtlSetOwnerSecurityDescriptor(
1836 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
1837 IN PSID Owner OPTIONAL,
1838 IN BOOLEAN OwnerDefaulted);
1839
1840 NTSYSAPI
1841 NTSTATUS
1842 NTAPI
1843 RtlGetOwnerSecurityDescriptor(
1844 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
1845 OUT PSID *Owner,
1846 OUT PBOOLEAN OwnerDefaulted);
1847
1848 NTSYSAPI
1849 ULONG
1850 NTAPI
1851 RtlNtStatusToDosError(
1852 IN NTSTATUS Status);
1853
1854 NTSYSAPI
1855 NTSTATUS
1856 NTAPI
1857 RtlCustomCPToUnicodeN(
1858 IN PCPTABLEINFO CustomCP,
1859 OUT PWCH UnicodeString,
1860 IN ULONG MaxBytesInUnicodeString,
1861 OUT PULONG BytesInUnicodeString OPTIONAL,
1862 IN PCH CustomCPString,
1863 IN ULONG BytesInCustomCPString);
1864
1865 NTSYSAPI
1866 NTSTATUS
1867 NTAPI
1868 RtlUnicodeToCustomCPN(
1869 IN PCPTABLEINFO CustomCP,
1870 OUT PCH CustomCPString,
1871 IN ULONG MaxBytesInCustomCPString,
1872 OUT PULONG BytesInCustomCPString OPTIONAL,
1873 IN PWCH UnicodeString,
1874 IN ULONG BytesInUnicodeString);
1875
1876 NTSYSAPI
1877 NTSTATUS
1878 NTAPI
1879 RtlUpcaseUnicodeToCustomCPN(
1880 IN PCPTABLEINFO CustomCP,
1881 OUT PCH CustomCPString,
1882 IN ULONG MaxBytesInCustomCPString,
1883 OUT PULONG BytesInCustomCPString OPTIONAL,
1884 IN PWCH UnicodeString,
1885 IN ULONG BytesInUnicodeString);
1886
1887 NTSYSAPI
1888 VOID
1889 NTAPI
1890 RtlInitCodePageTable(
1891 IN PUSHORT TableBase,
1892 IN OUT PCPTABLEINFO CodePageTable);
1893
1894 #endif
1895
1896 #if (NTDDI_VERSION >= NTDDI_WINXP)
1897
1898 NTSYSAPI
1899 PVOID
1900 NTAPI
1901 RtlCreateHeap(
1902 IN ULONG Flags,
1903 IN PVOID HeapBase OPTIONAL,
1904 IN SIZE_T ReserveSize OPTIONAL,
1905 IN SIZE_T CommitSize OPTIONAL,
1906 IN PVOID Lock OPTIONAL,
1907 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL);
1908
1909 NTSYSAPI
1910 PVOID
1911 NTAPI
1912 RtlDestroyHeap(
1913 IN PVOID HeapHandle);
1914
1915 NTSYSAPI
1916 USHORT
1917 NTAPI
1918 RtlCaptureStackBackTrace(
1919 IN ULONG FramesToSkip,
1920 IN ULONG FramesToCapture,
1921 OUT PVOID *BackTrace,
1922 OUT PULONG BackTraceHash OPTIONAL);
1923
1924 NTSYSAPI
1925 ULONG
1926 NTAPI
1927 RtlRandomEx(
1928 IN OUT PULONG Seed);
1929
1930 NTSYSAPI
1931 NTSTATUS
1932 NTAPI
1933 RtlInitUnicodeStringEx(
1934 OUT PUNICODE_STRING DestinationString,
1935 IN PCWSTR SourceString OPTIONAL);
1936
1937 NTSYSAPI
1938 NTSTATUS
1939 NTAPI
1940 RtlValidateUnicodeString(
1941 IN ULONG Flags,
1942 IN PCUNICODE_STRING String);
1943
1944 NTSYSAPI
1945 NTSTATUS
1946 NTAPI
1947 RtlDuplicateUnicodeString(
1948 IN ULONG Flags,
1949 IN PCUNICODE_STRING SourceString,
1950 OUT PUNICODE_STRING DestinationString);
1951
1952 NTSYSAPI
1953 NTSTATUS
1954 NTAPI
1955 RtlGetCompressionWorkSpaceSize(
1956 IN USHORT CompressionFormatAndEngine,
1957 OUT PULONG CompressBufferWorkSpaceSize,
1958 OUT PULONG CompressFragmentWorkSpaceSize);
1959
1960 NTSYSAPI
1961 NTSTATUS
1962 NTAPI
1963 RtlCompressBuffer(
1964 IN USHORT CompressionFormatAndEngine,
1965 IN PUCHAR UncompressedBuffer,
1966 IN ULONG UncompressedBufferSize,
1967 OUT PUCHAR CompressedBuffer,
1968 IN ULONG CompressedBufferSize,
1969 IN ULONG UncompressedChunkSize,
1970 OUT PULONG FinalCompressedSize,
1971 IN PVOID WorkSpace);
1972
1973 NTSYSAPI
1974 NTSTATUS
1975 NTAPI
1976 RtlDecompressBuffer(
1977 IN USHORT CompressionFormat,
1978 OUT PUCHAR UncompressedBuffer,
1979 IN ULONG UncompressedBufferSize,
1980 IN PUCHAR CompressedBuffer,
1981 IN ULONG CompressedBufferSize,
1982 OUT PULONG FinalUncompressedSize);
1983
1984 NTSYSAPI
1985 NTSTATUS
1986 NTAPI
1987 RtlDecompressFragment(
1988 IN USHORT CompressionFormat,
1989 OUT PUCHAR UncompressedFragment,
1990 IN ULONG UncompressedFragmentSize,
1991 IN PUCHAR CompressedBuffer,
1992 IN ULONG CompressedBufferSize,
1993 IN ULONG FragmentOffset,
1994 OUT PULONG FinalUncompressedSize,
1995 IN PVOID WorkSpace);
1996
1997 NTSYSAPI
1998 NTSTATUS
1999 NTAPI
2000 RtlDescribeChunk(
2001 IN USHORT CompressionFormat,
2002 IN OUT PUCHAR *CompressedBuffer,
2003 IN PUCHAR EndOfCompressedBufferPlus1,
2004 OUT PUCHAR *ChunkBuffer,
2005 OUT PULONG ChunkSize);
2006
2007 NTSYSAPI
2008 NTSTATUS
2009 NTAPI
2010 RtlReserveChunk(
2011 IN USHORT CompressionFormat,
2012 IN OUT PUCHAR *CompressedBuffer,
2013 IN PUCHAR EndOfCompressedBufferPlus1,
2014 OUT PUCHAR *ChunkBuffer,
2015 IN ULONG ChunkSize);
2016
2017 typedef struct _COMPRESSED_DATA_INFO {
2018 USHORT CompressionFormatAndEngine;
2019 UCHAR CompressionUnitShift;
2020 UCHAR ChunkShift;
2021 UCHAR ClusterShift;
2022 UCHAR Reserved;
2023 USHORT NumberOfChunks;
2024 ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
2025 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
2026
2027 NTSYSAPI
2028 NTSTATUS
2029 NTAPI
2030 RtlDecompressChunks(
2031 OUT PUCHAR UncompressedBuffer,
2032 IN ULONG UncompressedBufferSize,
2033 IN PUCHAR CompressedBuffer,
2034 IN ULONG CompressedBufferSize,
2035 IN PUCHAR CompressedTail,
2036 IN ULONG CompressedTailSize,
2037 IN PCOMPRESSED_DATA_INFO CompressedDataInfo);
2038
2039 NTSYSAPI
2040 NTSTATUS
2041 NTAPI
2042 RtlCompressChunks(
2043 IN PUCHAR UncompressedBuffer,
2044 IN ULONG UncompressedBufferSize,
2045 OUT PUCHAR CompressedBuffer,
2046 IN ULONG CompressedBufferSize,
2047 IN OUT PCOMPRESSED_DATA_INFO CompressedDataInfo,
2048 IN ULONG CompressedDataInfoLength,
2049 IN PVOID WorkSpace);
2050
2051 NTSYSAPI
2052 PSID_IDENTIFIER_AUTHORITY
2053 NTAPI
2054 RtlIdentifierAuthoritySid(
2055 IN PSID Sid);
2056
2057 NTSYSAPI
2058 PUCHAR
2059 NTAPI
2060 RtlSubAuthorityCountSid(
2061 IN PSID Sid);
2062
2063 NTSYSAPI
2064 ULONG
2065 NTAPI
2066 RtlNtStatusToDosErrorNoTeb(
2067 IN NTSTATUS Status);
2068
2069 NTSYSAPI
2070 NTSTATUS
2071 NTAPI
2072 RtlCreateSystemVolumeInformationFolder(
2073 IN PCUNICODE_STRING VolumeRootPath);
2074
2075 #endif
2076
2077 #if defined(_M_AMD64)
2078
2079 FORCEINLINE
2080 VOID
2081 RtlFillMemoryUlong (
2082 OUT PVOID Destination,
2083 IN SIZE_T Length,
2084 IN ULONG Pattern)
2085 {
2086 PULONG Address = (PULONG)Destination;
2087 if ((Length /= 4) != 0) {
2088 if (((ULONG64)Address & 4) != 0) {
2089 *Address = Pattern;
2090 if ((Length -= 1) == 0) {
2091 return;
2092 }
2093 Address += 1;
2094 }
2095 __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
2096 if ((Length & 1) != 0) Address[Length - 1] = Pattern;
2097 }
2098 return;
2099 }
2100
2101 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
2102 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
2103
2104 #else
2105
2106 #if (NTDDI_VERSION >= NTDDI_WINXP)
2107
2108 NTSYSAPI
2109 VOID
2110 NTAPI
2111 RtlFillMemoryUlong(
2112 OUT PVOID Destination,
2113 IN SIZE_T Length,
2114 IN ULONG Pattern);
2115
2116 NTSYSAPI
2117 VOID
2118 NTAPI
2119 RtlFillMemoryUlonglong(
2120 OUT PVOID Destination,
2121 IN SIZE_T Length,
2122 IN ULONGLONG Pattern);
2123
2124 #endif
2125
2126 #endif // defined(_M_AMD64)
2127
2128 #if (NTDDI_VERSION >= NTDDI_WS03)
2129
2130 NTSYSAPI
2131 NTSTATUS
2132 NTAPI
2133 RtlInitAnsiStringEx(
2134 OUT PANSI_STRING DestinationString,
2135 IN PCSZ SourceString OPTIONAL);
2136
2137 #endif
2138
2139 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
2140
2141 NTSYSAPI
2142 NTSTATUS
2143 NTAPI
2144 RtlGetSaclSecurityDescriptor(
2145 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
2146 OUT PBOOLEAN SaclPresent,
2147 OUT PACL *Sacl,
2148 OUT PBOOLEAN SaclDefaulted);
2149
2150 NTSYSAPI
2151 NTSTATUS
2152 NTAPI
2153 RtlSetGroupSecurityDescriptor(
2154 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
2155 IN PSID Group OPTIONAL,
2156 IN BOOLEAN GroupDefaulted OPTIONAL);
2157
2158 NTSYSAPI
2159 NTSTATUS
2160 NTAPI
2161 RtlGetGroupSecurityDescriptor(
2162 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
2163 OUT PSID *Group,
2164 OUT PBOOLEAN GroupDefaulted);
2165
2166 NTSYSAPI
2167 NTSTATUS
2168 NTAPI
2169 RtlAbsoluteToSelfRelativeSD(
2170 IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
2171 OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor OPTIONAL,
2172 IN OUT PULONG BufferLength);
2173
2174 NTSYSAPI
2175 NTSTATUS
2176 NTAPI
2177 RtlSelfRelativeToAbsoluteSD(
2178 IN PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
2179 OUT PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor OPTIONAL,
2180 IN OUT PULONG AbsoluteSecurityDescriptorSize,
2181 OUT PACL Dacl OPTIONAL,
2182 IN OUT PULONG DaclSize,
2183 OUT PACL Sacl OPTIONAL,
2184 IN OUT PULONG SaclSize,
2185 OUT PSID Owner OPTIONAL,
2186 IN OUT PULONG OwnerSize,
2187 OUT PSID PrimaryGroup OPTIONAL,
2188 IN OUT PULONG PrimaryGroupSize);
2189
2190 #endif
2191
2192 #if (NTDDI_VERSION >= NTDDI_VISTA)
2193
2194 NTSYSAPI
2195 NTSTATUS
2196 NTAPI
2197 RtlNormalizeString(
2198 IN ULONG NormForm,
2199 IN PCWSTR SourceString,
2200 IN LONG SourceStringLength,
2201 OUT PWSTR DestinationString,
2202 IN OUT PLONG DestinationStringLength);
2203
2204 NTSYSAPI
2205 NTSTATUS
2206 NTAPI
2207 RtlIsNormalizedString(
2208 IN ULONG NormForm,
2209 IN PCWSTR SourceString,
2210 IN LONG SourceStringLength,
2211 OUT PBOOLEAN Normalized);
2212
2213 NTSYSAPI
2214 NTSTATUS
2215 NTAPI
2216 RtlIdnToAscii(
2217 IN ULONG Flags,
2218 IN PCWSTR SourceString,
2219 IN LONG SourceStringLength,
2220 OUT PWSTR DestinationString,
2221 IN OUT PLONG DestinationStringLength);
2222
2223 NTSYSAPI
2224 NTSTATUS
2225 NTAPI
2226 RtlIdnToUnicode(
2227 IN ULONG Flags,
2228 IN PCWSTR SourceString,
2229 IN LONG SourceStringLength,
2230 OUT PWSTR DestinationString,
2231 IN OUT PLONG DestinationStringLength);
2232
2233 NTSYSAPI
2234 NTSTATUS
2235 NTAPI
2236 RtlIdnToNameprepUnicode(
2237 IN ULONG Flags,
2238 IN PCWSTR SourceString,
2239 IN LONG SourceStringLength,
2240 OUT PWSTR DestinationString,
2241 IN OUT PLONG DestinationStringLength);
2242
2243 NTSYSAPI
2244 NTSTATUS
2245 NTAPI
2246 RtlCreateServiceSid(
2247 IN PUNICODE_STRING ServiceName,
2248 OUT PSID ServiceSid,
2249 IN OUT PULONG ServiceSidLength);
2250
2251 NTSYSAPI
2252 LONG
2253 NTAPI
2254 RtlCompareAltitudes(
2255 IN PCUNICODE_STRING Altitude1,
2256 IN PCUNICODE_STRING Altitude2);
2257
2258 #endif
2259
2260 #if (NTDDI_VERSION >= NTDDI_WIN7)
2261
2262 NTSYSAPI
2263 NTSTATUS
2264 NTAPI
2265 RtlUnicodeToUTF8N(
2266 OUT PCHAR UTF8StringDestination,
2267 IN ULONG UTF8StringMaxByteCount,
2268 OUT PULONG UTF8StringActualByteCount,
2269 IN PCWCH UnicodeStringSource,
2270 IN ULONG UnicodeStringByteCount);
2271
2272 NTSYSAPI
2273 NTSTATUS
2274 NTAPI
2275 RtlUTF8ToUnicodeN(
2276 OUT PWSTR UnicodeStringDestination,
2277 IN ULONG UnicodeStringMaxByteCount,
2278 OUT PULONG UnicodeStringActualByteCount,
2279 IN PCCH UTF8StringSource,
2280 IN ULONG UTF8StringByteCount);
2281
2282 NTSYSAPI
2283 NTSTATUS
2284 NTAPI
2285 RtlReplaceSidInSd(
2286 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
2287 IN PSID OldSid,
2288 IN PSID NewSid,
2289 OUT ULONG *NumChanges);
2290
2291 NTSYSAPI
2292 NTSTATUS
2293 NTAPI
2294 RtlCreateVirtualAccountSid(
2295 IN PCUNICODE_STRING Name,
2296 IN ULONG BaseSubAuthority,
2297 OUT PSID Sid,
2298 IN OUT PULONG SidLength);
2299
2300 #endif
2301
2302 #define HEAP_NO_SERIALIZE 0x00000001
2303 #define HEAP_GROWABLE 0x00000002
2304 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
2305 #define HEAP_ZERO_MEMORY 0x00000008
2306 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
2307 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
2308 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
2309 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
2310
2311 #define HEAP_CREATE_ALIGN_16 0x00010000
2312 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
2313 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
2314
2315 #define HEAP_SETTABLE_USER_VALUE 0x00000100
2316 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
2317 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
2318 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
2319 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
2320
2321 #define HEAP_CLASS_0 0x00000000
2322 #define HEAP_CLASS_1 0x00001000
2323 #define HEAP_CLASS_2 0x00002000
2324 #define HEAP_CLASS_3 0x00003000
2325 #define HEAP_CLASS_4 0x00004000
2326 #define HEAP_CLASS_5 0x00005000
2327 #define HEAP_CLASS_6 0x00006000
2328 #define HEAP_CLASS_7 0x00007000
2329 #define HEAP_CLASS_8 0x00008000
2330 #define HEAP_CLASS_MASK 0x0000F000
2331
2332 #define HEAP_MAXIMUM_TAG 0x0FFF
2333 #define HEAP_GLOBAL_TAG 0x0800
2334 #define HEAP_PSEUDO_TAG_FLAG 0x8000
2335 #define HEAP_TAG_SHIFT 18
2336 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
2337
2338 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
2339 HEAP_GROWABLE | \
2340 HEAP_GENERATE_EXCEPTIONS | \
2341 HEAP_ZERO_MEMORY | \
2342 HEAP_REALLOC_IN_PLACE_ONLY | \
2343 HEAP_TAIL_CHECKING_ENABLED | \
2344 HEAP_FREE_CHECKING_ENABLED | \
2345 HEAP_DISABLE_COALESCE_ON_FREE | \
2346 HEAP_CLASS_MASK | \
2347 HEAP_CREATE_ALIGN_16 | \
2348 HEAP_CREATE_ENABLE_TRACING | \
2349 HEAP_CREATE_ENABLE_EXECUTE)
2350
2351 FORCEINLINE
2352 ULONG
2353 HEAP_MAKE_TAG_FLAGS(
2354 IN ULONG TagBase,
2355 IN ULONG Tag)
2356 {
2357 //__assume_bound(TagBase); // FIXME
2358 return ((ULONG)((TagBase) + ((Tag) << HEAP_TAG_SHIFT)));
2359 }
2360
2361 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2362 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2363
2364 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2365 RtlxUnicodeStringToOemSize(STRING) : \
2366 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2367 )
2368
2369 #define RtlOemStringToUnicodeSize(STRING) ( \
2370 NLS_MB_OEM_CODE_PAGE_TAG ? \
2371 RtlxOemStringToUnicodeSize(STRING) : \
2372 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2373 )
2374
2375 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2376 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2377 )
2378
2379 typedef PVOID
2380 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
2381 IN SIZE_T NumberOfBytes);
2382
2383 #if _WIN32_WINNT >= 0x0600
2384
2385 typedef PVOID
2386 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
2387 IN SIZE_T NumberOfBytes,
2388 IN PVOID Buffer);
2389
2390 #endif
2391
2392 typedef VOID
2393 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
2394 IN PVOID Buffer);
2395
2396 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
2397 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
2398
2399 #if _WIN32_WINNT >= 0x0600
2400 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
2401 #endif
2402
2403 #define COMPRESSION_FORMAT_NONE (0x0000)
2404 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2405 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2406 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2407 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2408 #define COMPRESSION_ENGINE_HIBER (0x0200)
2409
2410 #define RtlOffsetToPointer(B,O) ((PCHAR)( ((PCHAR)(B)) + ((ULONG_PTR)(O)) ))
2411 #define RtlPointerToOffset(B,P) ((ULONG)( ((PCHAR)(P)) - ((PCHAR)(B)) ))
2412
2413 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2414
2415 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
2416
2417 #define DEVICE_TYPE ULONG
2418
2419 #define FILE_DEVICE_BEEP 0x00000001
2420 #define FILE_DEVICE_CD_ROM 0x00000002
2421 #define FILE_DEVICE_CD_ROM_FILE_SYSTEM 0x00000003
2422 #define FILE_DEVICE_CONTROLLER 0x00000004
2423 #define FILE_DEVICE_DATALINK 0x00000005
2424 #define FILE_DEVICE_DFS 0x00000006
2425 #define FILE_DEVICE_DISK 0x00000007
2426 #define FILE_DEVICE_DISK_FILE_SYSTEM 0x00000008
2427 #define FILE_DEVICE_FILE_SYSTEM 0x00000009
2428 #define FILE_DEVICE_INPORT_PORT 0x0000000a
2429 #define FILE_DEVICE_KEYBOARD 0x0000000b
2430 #define FILE_DEVICE_MAILSLOT 0x0000000c
2431 #define FILE_DEVICE_MIDI_IN 0x0000000d
2432 #define FILE_DEVICE_MIDI_OUT 0x0000000e
2433 #define FILE_DEVICE_MOUSE 0x0000000f
2434 #define FILE_DEVICE_MULTI_UNC_PROVIDER 0x00000010
2435 #define FILE_DEVICE_NAMED_PIPE 0x00000011
2436 #define FILE_DEVICE_NETWORK 0x00000012
2437 #define FILE_DEVICE_NETWORK_BROWSER 0x00000013
2438 #define FILE_DEVICE_NETWORK_FILE_SYSTEM 0x00000014
2439 #define FILE_DEVICE_NULL 0x00000015
2440 #define FILE_DEVICE_PARALLEL_PORT 0x00000016
2441 #define FILE_DEVICE_PHYSICAL_NETCARD 0x00000017
2442 #define FILE_DEVICE_PRINTER 0x00000018
2443 #define FILE_DEVICE_SCANNER 0x00000019
2444 #define FILE_DEVICE_SERIAL_MOUSE_PORT 0x0000001a
2445 #define FILE_DEVICE_SERIAL_PORT 0x0000001b
2446 #define FILE_DEVICE_SCREEN 0x0000001c
2447 #define FILE_DEVICE_SOUND 0x0000001d
2448 #define FILE_DEVICE_STREAMS 0x0000001e
2449 #define FILE_DEVICE_TAPE 0x0000001f
2450 #define FILE_DEVICE_TAPE_FILE_SYSTEM 0x00000020
2451 #define FILE_DEVICE_TRANSPORT 0x00000021
2452 #define FILE_DEVICE_UNKNOWN 0x00000022
2453 #define FILE_DEVICE_VIDEO 0x00000023
2454 #define FILE_DEVICE_VIRTUAL_DISK 0x00000024
2455 #define FILE_DEVICE_WAVE_IN 0x00000025
2456 #define FILE_DEVICE_WAVE_OUT 0x00000026
2457 #define FILE_DEVICE_8042_PORT 0x00000027
2458 #define FILE_DEVICE_NETWORK_REDIRECTOR 0x00000028
2459 #define FILE_DEVICE_BATTERY 0x00000029
2460 #define FILE_DEVICE_BUS_EXTENDER 0x0000002a
2461 #define FILE_DEVICE_MODEM 0x0000002b
2462 #define FILE_DEVICE_VDM 0x0000002c
2463 #define FILE_DEVICE_MASS_STORAGE 0x0000002d
2464 #define FILE_DEVICE_SMB 0x0000002e
2465 #define FILE_DEVICE_KS 0x0000002f
2466 #define FILE_DEVICE_CHANGER 0x00000030
2467 #define FILE_DEVICE_SMARTCARD 0x00000031
2468 #define FILE_DEVICE_ACPI 0x00000032
2469 #define FILE_DEVICE_DVD 0x00000033
2470 #define FILE_DEVICE_FULLSCREEN_VIDEO 0x00000034
2471 #define FILE_DEVICE_DFS_FILE_SYSTEM 0x00000035
2472 #define FILE_DEVICE_DFS_VOLUME 0x00000036
2473 #define FILE_DEVICE_SERENUM 0x00000037
2474 #define FILE_DEVICE_TERMSRV 0x00000038
2475 #define FILE_DEVICE_KSEC 0x00000039
2476 #define FILE_DEVICE_FIPS 0x0000003A
2477 #define FILE_DEVICE_INFINIBAND 0x0000003B
2478 #define FILE_DEVICE_VMBUS 0x0000003E
2479 #define FILE_DEVICE_CRYPT_PROVIDER 0x0000003F
2480 #define FILE_DEVICE_WPD 0x00000040
2481 #define FILE_DEVICE_BLUETOOTH 0x00000041
2482 #define FILE_DEVICE_MT_COMPOSITE 0x00000042
2483 #define FILE_DEVICE_MT_TRANSPORT 0x00000043
2484 #define FILE_DEVICE_BIOMETRIC 0x00000044
2485 #define FILE_DEVICE_PMI 0x00000045
2486
2487 #define CTL_CODE(DeviceType, Function, Method, Access) \
2488 (((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method))
2489
2490 #define DEVICE_TYPE_FROM_CTL_CODE(ctl) (((ULONG) (ctl & 0xffff0000)) >> 16)
2491
2492 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2493
2494 #define METHOD_BUFFERED 0
2495 #define METHOD_IN_DIRECT 1
2496 #define METHOD_OUT_DIRECT 2
2497 #define METHOD_NEITHER 3
2498 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2499 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2500
2501 #define FILE_ANY_ACCESS 0x00000000
2502 #define FILE_SPECIAL_ACCESS FILE_ANY_ACCESS
2503 #define FILE_READ_ACCESS 0x00000001
2504 #define FILE_WRITE_ACCESS 0x00000002
2505
2506 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
2507
2508 typedef enum _SECURITY_LOGON_TYPE {
2509 UndefinedLogonType = 0,
2510 Interactive = 2,
2511 Network,
2512 Batch,
2513 Service,
2514 Proxy,
2515 Unlock,
2516 NetworkCleartext,
2517 NewCredentials,
2518 #if (_WIN32_WINNT >= 0x0501)
2519 RemoteInteractive,
2520 CachedInteractive,
2521 #endif
2522 #if (_WIN32_WINNT >= 0x0502)
2523 CachedRemoteInteractive,
2524 CachedUnlock
2525 #endif
2526 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
2527
2528 #ifndef _NTLSA_AUDIT_
2529 #define _NTLSA_AUDIT_
2530
2531 #ifndef GUID_DEFINED
2532 #include <guiddef.h>
2533 #endif
2534
2535 #endif /* _NTLSA_AUDIT_ */
2536
2537 NTSTATUS
2538 NTAPI
2539 LsaRegisterLogonProcess(
2540 IN PLSA_STRING LogonProcessName,
2541 OUT PHANDLE LsaHandle,
2542 OUT PLSA_OPERATIONAL_MODE SecurityMode);
2543
2544 NTSTATUS
2545 NTAPI
2546 LsaLogonUser(
2547 IN HANDLE LsaHandle,
2548 IN PLSA_STRING OriginName,
2549 IN SECURITY_LOGON_TYPE LogonType,
2550 IN ULONG AuthenticationPackage,
2551 IN PVOID AuthenticationInformation,
2552 IN ULONG AuthenticationInformationLength,
2553 IN PTOKEN_GROUPS LocalGroups OPTIONAL,
2554 IN PTOKEN_SOURCE SourceContext,
2555 OUT PVOID *ProfileBuffer,
2556 OUT PULONG ProfileBufferLength,
2557 OUT PLUID LogonId,
2558 OUT PHANDLE Token,
2559 OUT PQUOTA_LIMITS Quotas,
2560 OUT PNTSTATUS SubStatus);
2561
2562 NTSTATUS
2563 NTAPI
2564 LsaFreeReturnBuffer(
2565 IN PVOID Buffer);
2566
2567 #ifndef _NTLSA_IFS_
2568 #define _NTLSA_IFS_
2569 #endif
2570
2571 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2572 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2573 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2574
2575 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2576 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2577
2578 #define MSV1_0_CHALLENGE_LENGTH 8
2579 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2580 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2581
2582 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2583 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2584 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2585 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2586 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2587 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2588 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2589 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2590 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2591 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2592 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2593
2594 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2595 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2596
2597 #if (_WIN32_WINNT >= 0x0502)
2598 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2599 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2600 #endif
2601
2602 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2603 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2604
2605 #if (_WIN32_WINNT >= 0x0600)
2606 #define MSV1_0_S4U2SELF 0x00020000
2607 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2608 #endif
2609
2610 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2611 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2612 #define MSV1_0_MNS_LOGON 0x01000000
2613
2614 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2615 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2616
2617 #define LOGON_GUEST 0x01
2618 #define LOGON_NOENCRYPTION 0x02
2619 #define LOGON_CACHED_ACCOUNT 0x04
2620 #define LOGON_USED_LM_PASSWORD 0x08
2621 #define LOGON_EXTRA_SIDS 0x20
2622 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2623 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2624 #define LOGON_NTLMV2_ENABLED 0x100
2625 #define LOGON_RESOURCE_GROUPS 0x200
2626 #define LOGON_PROFILE_PATH_RETURNED 0x400
2627 #define LOGON_NT_V2 0x800
2628 #define LOGON_LM_V2 0x1000
2629 #define LOGON_NTLM_V2 0x2000
2630
2631 #if (_WIN32_WINNT >= 0x0600)
2632
2633 #define LOGON_OPTIMIZED 0x4000
2634 #define LOGON_WINLOGON 0x8000
2635 #define LOGON_PKINIT 0x10000
2636 #define LOGON_NO_OPTIMIZED 0x20000
2637
2638 #endif
2639
2640 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2641
2642 #define LOGON_GRACE_LOGON 0x01000000
2643
2644 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2645 #define MSV1_0_CRED_LM_PRESENT 0x1
2646 #define MSV1_0_CRED_NT_PRESENT 0x2
2647 #define MSV1_0_CRED_VERSION 0
2648
2649 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2650 #define MSV1_0_NTLM3_OWF_LENGTH 16
2651
2652 #if (_WIN32_WINNT == 0x0500)
2653 #define MSV1_0_MAX_NTLM3_LIFE 1800
2654 #else
2655 #define MSV1_0_MAX_NTLM3_LIFE 129600
2656 #endif
2657 #define MSV1_0_MAX_AVL_SIZE 64000
2658
2659 #if (_WIN32_WINNT >= 0x0501)
2660
2661 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2662
2663 #if (_WIN32_WINNT >= 0x0600)
2664 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2665 #endif
2666
2667 #endif
2668
2669 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2670
2671 #if(_WIN32_WINNT >= 0x0502)
2672 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2673 #endif
2674
2675 #define USE_PRIMARY_PASSWORD 0x01
2676 #define RETURN_PRIMARY_USERNAME 0x02
2677 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2678 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2679 #define GENERATE_CLIENT_CHALLENGE 0x10
2680 #define GCR_NTLM3_PARMS 0x20
2681 #define GCR_TARGET_INFO 0x40
2682 #define RETURN_RESERVED_PARAMETER 0x80
2683 #define GCR_ALLOW_NTLM 0x100
2684 #define GCR_USE_OEM_SET 0x200
2685 #define GCR_MACHINE_CREDENTIAL 0x400
2686 #define GCR_USE_OWF_PASSWORD 0x800
2687 #define GCR_ALLOW_LM 0x1000
2688 #define GCR_ALLOW_NO_TARGET 0x2000
2689
2690 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
2691 MsV1_0InteractiveLogon = 2,
2692 MsV1_0Lm20Logon,
2693 MsV1_0NetworkLogon,
2694 MsV1_0SubAuthLogon,
2695 MsV1_0WorkstationUnlockLogon = 7,
2696 MsV1_0S4ULogon = 12,
2697 MsV1_0VirtualLogon = 82
2698 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
2699
2700 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
2701 MsV1_0InteractiveProfile = 2,
2702 MsV1_0Lm20LogonProfile,
2703 MsV1_0SmartCardProfile
2704 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
2705
2706 typedef struct _MSV1_0_INTERACTIVE_LOGON {
2707 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2708 UNICODE_STRING LogonDomainName;
2709 UNICODE_STRING UserName;
2710 UNICODE_STRING Password;
2711 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
2712
2713 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
2714 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2715 USHORT LogonCount;
2716 USHORT BadPasswordCount;
2717 LARGE_INTEGER LogonTime;
2718 LARGE_INTEGER LogoffTime;
2719 LARGE_INTEGER KickOffTime;
2720 LARGE_INTEGER PasswordLastSet;
2721 LARGE_INTEGER PasswordCanChange;
2722 LARGE_INTEGER PasswordMustChange;
2723 UNICODE_STRING LogonScript;
2724 UNICODE_STRING HomeDirectory;
2725 UNICODE_STRING FullName;
2726 UNICODE_STRING ProfilePath;
2727 UNICODE_STRING HomeDirectoryDrive;
2728 UNICODE_STRING LogonServer;
2729 ULONG UserFlags;
2730 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
2731
2732 typedef struct _MSV1_0_LM20_LOGON {
2733 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2734 UNICODE_STRING LogonDomainName;
2735 UNICODE_STRING UserName;
2736 UNICODE_STRING Workstation;
2737 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2738 STRING CaseSensitiveChallengeResponse;
2739 STRING CaseInsensitiveChallengeResponse;
2740 ULONG ParameterControl;
2741 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
2742
2743 typedef struct _MSV1_0_SUBAUTH_LOGON {
2744 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2745 UNICODE_STRING LogonDomainName;
2746 UNICODE_STRING UserName;
2747 UNICODE_STRING Workstation;
2748 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2749 STRING AuthenticationInfo1;
2750 STRING AuthenticationInfo2;
2751 ULONG ParameterControl;
2752 ULONG SubAuthPackageId;
2753 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
2754
2755 #if (_WIN32_WINNT >= 0x0600)
2756
2757 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2758
2759 typedef struct _MSV1_0_S4U_LOGON {
2760 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2761 ULONG Flags;
2762 UNICODE_STRING UserPrincipalName;
2763 UNICODE_STRING DomainName;
2764 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
2765
2766 #endif
2767
2768 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
2769 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2770 LARGE_INTEGER KickOffTime;
2771 LARGE_INTEGER LogoffTime;
2772 ULONG UserFlags;
2773 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
2774 UNICODE_STRING LogonDomainName;
2775 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
2776 UNICODE_STRING LogonServer;
2777 UNICODE_STRING UserParameters;
2778 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
2779
2780 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
2781 ULONG Version;
2782 ULONG Flags;
2783 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2784 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2785 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
2786
2787 typedef struct _MSV1_0_NTLM3_RESPONSE {
2788 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
2789 UCHAR RespType;
2790 UCHAR HiRespType;
2791 USHORT Flags;
2792 ULONG MsgWord;
2793 ULONGLONG TimeStamp;
2794 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
2795 ULONG AvPairsOff;
2796 UCHAR Buffer[1];
2797 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
2798
2799 typedef enum _MSV1_0_AVID {
2800 MsvAvEOL,
2801 MsvAvNbComputerName,
2802 MsvAvNbDomainName,
2803 MsvAvDnsComputerName,
2804 MsvAvDnsDomainName,
2805 #if (_WIN32_WINNT >= 0x0501)
2806 MsvAvDnsTreeName,
2807 MsvAvFlags,
2808 #if (_WIN32_WINNT >= 0x0600)
2809 MsvAvTimestamp,
2810 MsvAvRestrictions,
2811 MsvAvTargetName,
2812 MsvAvChannelBindings,
2813 #endif
2814 #endif
2815 } MSV1_0_AVID;
2816
2817 typedef struct _MSV1_0_AV_PAIR {
2818 USHORT AvId;
2819 USHORT AvLen;
2820 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
2821
2822 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
2823 MsV1_0Lm20ChallengeRequest = 0,
2824 MsV1_0Lm20GetChallengeResponse,
2825 MsV1_0EnumerateUsers,
2826 MsV1_0GetUserInfo,
2827 MsV1_0ReLogonUsers,
2828 MsV1_0ChangePassword,
2829 MsV1_0ChangeCachedPassword,
2830 MsV1_0GenericPassthrough,
2831 MsV1_0CacheLogon,
2832 MsV1_0SubAuth,
2833 MsV1_0DeriveCredential,
2834 MsV1_0CacheLookup,
2835 #if (_WIN32_WINNT >= 0x0501)
2836 MsV1_0SetProcessOption,
2837 #endif
2838 #if (_WIN32_WINNT >= 0x0600)
2839 MsV1_0ConfigLocalAliases,
2840 MsV1_0ClearCachedCredentials,
2841 #endif
2842 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
2843
2844 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
2845 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2846 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
2847
2848 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
2849 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2850 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2851 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
2852
2853 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
2854 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2855 ULONG ParameterControl;
2856 LUID LogonId;
2857 UNICODE_STRING Password;
2858 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2859 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
2860
2861 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
2862 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2863 ULONG ParameterControl;
2864 LUID LogonId;
2865 UNICODE_STRING Password;
2866 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2867 UNICODE_STRING UserName;
2868 UNICODE_STRING LogonDomainName;
2869 UNICODE_STRING ServerName;
2870 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
2871
2872 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
2873 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2874 STRING CaseSensitiveChallengeResponse;
2875 STRING CaseInsensitiveChallengeResponse;
2876 UNICODE_STRING UserName;
2877 UNICODE_STRING LogonDomainName;
2878 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
2879 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
2880 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
2881
2882 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
2883 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2884 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
2885
2886 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
2887 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2888 ULONG NumberOfLoggedOnUsers;
2889 PLUID LogonIds;
2890 PULONG EnumHandles;
2891 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
2892
2893 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
2894 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2895 LUID LogonId;
2896 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
2897
2898 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
2899 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2900 PSID UserSid;
2901 UNICODE_STRING UserName;
2902 UNICODE_STRING LogonDomainName;
2903 UNICODE_STRING LogonServer;
2904 SECURITY_LOGON_TYPE LogonType;
2905 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
2906
2907 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
2908 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
2909 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
2910
2911 /* also in winnt.h */
2912 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
2913 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
2914 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
2915 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
2916 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
2917 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
2918 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
2919 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
2920 #define FILE_NOTIFY_CHANGE_EA 0x00000080
2921 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
2922 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
2923 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
2924 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
2925 #define FILE_NOTIFY_VALID_MASK 0x00000fff
2926
2927 #define FILE_ACTION_ADDED 0x00000001
2928 #define FILE_ACTION_REMOVED 0x00000002
2929 #define FILE_ACTION_MODIFIED 0x00000003
2930 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
2931 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
2932 #define FILE_ACTION_ADDED_STREAM 0x00000006
2933 #define FILE_ACTION_REMOVED_STREAM 0x00000007
2934 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
2935 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
2936 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
2937 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
2938 /* end winnt.h */
2939
2940 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
2941 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
2942
2943 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
2944 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
2945
2946 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
2947 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
2948 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
2949
2950 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
2951 #define FILE_PIPE_MESSAGE_MODE 0x00000001
2952
2953 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
2954 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
2955
2956 #define FILE_PIPE_INBOUND 0x00000000
2957 #define FILE_PIPE_OUTBOUND 0x00000001
2958 #define FILE_PIPE_FULL_DUPLEX 0x00000002
2959
2960 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
2961 #define FILE_PIPE_LISTENING_STATE 0x00000002
2962 #define FILE_PIPE_CONNECTED_STATE 0x00000003
2963 #define FILE_PIPE_CLOSING_STATE 0x00000004
2964
2965 #define FILE_PIPE_CLIENT_END 0x00000000
2966 #define FILE_PIPE_SERVER_END 0x00000001
2967
2968 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
2969 #define FILE_CASE_PRESERVED_NAMES 0x00000002
2970 #define FILE_UNICODE_ON_DISK 0x00000004
2971 #define FILE_PERSISTENT_ACLS 0x00000008
2972 #define FILE_FILE_COMPRESSION 0x00000010
2973 #define FILE_VOLUME_QUOTAS 0x00000020
2974 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
2975 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
2976 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
2977 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
2978 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
2979 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
2980 #define FILE_NAMED_STREAMS 0x00040000
2981 #define FILE_READ_ONLY_VOLUME 0x00080000
2982 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
2983 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
2984 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
2985 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
2986 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
2987 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
2988
2989 #define FILE_NEED_EA 0x00000080
2990
2991 #define FILE_EA_TYPE_BINARY 0xfffe
2992 #define FILE_EA_TYPE_ASCII 0xfffd
2993 #define FILE_EA_TYPE_BITMAP 0xfffb
2994 #define FILE_EA_TYPE_METAFILE 0xfffa
2995 #define FILE_EA_TYPE_ICON 0xfff9
2996 #define FILE_EA_TYPE_EA 0xffee
2997 #define FILE_EA_TYPE_MVMT 0xffdf
2998 #define FILE_EA_TYPE_MVST 0xffde
2999 #define FILE_EA_TYPE_ASN1 0xffdd
3000 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3001
3002 typedef struct _FILE_NOTIFY_INFORMATION {
3003 ULONG NextEntryOffset;
3004 ULONG Action;
3005 ULONG FileNameLength;
3006 WCHAR FileName[1];
3007 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
3008
3009 typedef struct _FILE_DIRECTORY_INFORMATION {
3010 ULONG NextEntryOffset;
3011 ULONG FileIndex;
3012 LARGE_INTEGER CreationTime;
3013 LARGE_INTEGER LastAccessTime;
3014 LARGE_INTEGER LastWriteTime;
3015 LARGE_INTEGER ChangeTime;
3016 LARGE_INTEGER EndOfFile;
3017 LARGE_INTEGER AllocationSize;
3018 ULONG FileAttributes;
3019 ULONG FileNameLength;
3020 WCHAR FileName[1];
3021 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
3022
3023 typedef struct _FILE_FULL_DIR_INFORMATION {
3024 ULONG NextEntryOffset;
3025 ULONG FileIndex;
3026 LARGE_INTEGER CreationTime;
3027 LARGE_INTEGER LastAccessTime;
3028 LARGE_INTEGER LastWriteTime;
3029 LARGE_INTEGER ChangeTime;
3030 LARGE_INTEGER EndOfFile;
3031 LARGE_INTEGER AllocationSize;
3032 ULONG FileAttributes;
3033 ULONG FileNameLength;
3034 ULONG EaSize;
3035 WCHAR FileName[1];
3036 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
3037
3038 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
3039 ULONG NextEntryOffset;
3040 ULONG FileIndex;
3041 LARGE_INTEGER CreationTime;
3042 LARGE_INTEGER LastAccessTime;
3043 LARGE_INTEGER LastWriteTime;
3044 LARGE_INTEGER ChangeTime;
3045 LARGE_INTEGER EndOfFile;
3046 LARGE_INTEGER AllocationSize;
3047 ULONG FileAttributes;
3048 ULONG FileNameLength;
3049 ULONG EaSize;
3050 LARGE_INTEGER FileId;
3051 WCHAR FileName[1];
3052 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
3053
3054 typedef struct _FILE_BOTH_DIR_INFORMATION {
3055 ULONG NextEntryOffset;
3056 ULONG FileIndex;
3057 LARGE_INTEGER CreationTime;
3058 LARGE_INTEGER LastAccessTime;
3059 LARGE_INTEGER LastWriteTime;
3060 LARGE_INTEGER ChangeTime;
3061 LARGE_INTEGER EndOfFile;
3062 LARGE_INTEGER AllocationSize;
3063 ULONG FileAttributes;
3064 ULONG FileNameLength;
3065 ULONG EaSize;
3066 CCHAR ShortNameLength;
3067 WCHAR ShortName[12];
3068 WCHAR FileName[1];
3069 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
3070
3071 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
3072 ULONG NextEntryOffset;
3073 ULONG FileIndex;
3074 LARGE_INTEGER CreationTime;
3075 LARGE_INTEGER LastAccessTime;
3076 LARGE_INTEGER LastWriteTime;
3077 LARGE_INTEGER ChangeTime;
3078 LARGE_INTEGER EndOfFile;
3079 LARGE_INTEGER AllocationSize;
3080 ULONG FileAttributes;
3081 ULONG FileNameLength;
3082 ULONG EaSize;
3083 CCHAR ShortNameLength;
3084 WCHAR ShortName[12];
3085 LARGE_INTEGER FileId;
3086 WCHAR FileName[1];
3087 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
3088
3089 typedef struct _FILE_NAMES_INFORMATION {
3090 ULONG NextEntryOffset;
3091 ULONG FileIndex;
3092 ULONG FileNameLength;
3093 WCHAR FileName[1];
3094 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
3095
3096 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
3097 ULONG NextEntryOffset;
3098 ULONG FileIndex;
3099 LARGE_INTEGER CreationTime;
3100 LARGE_INTEGER LastAccessTime;
3101 LARGE_INTEGER LastWriteTime;
3102 LARGE_INTEGER ChangeTime;
3103 LARGE_INTEGER EndOfFile;
3104 LARGE_INTEGER AllocationSize;
3105 ULONG FileAttributes;
3106 ULONG FileNameLength;
3107 LARGE_INTEGER FileId;
3108 GUID LockingTransactionId;
3109 ULONG TxInfoFlags;
3110 WCHAR FileName[1];
3111 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
3112
3113 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3114 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3115 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3116
3117 typedef struct _FILE_OBJECTID_INFORMATION {
3118 LONGLONG FileReference;
3119 UCHAR ObjectId[16];
3120 _ANONYMOUS_UNION union {
3121 __GNU_EXTENSION struct {
3122 UCHAR BirthVolumeId[16];
3123 UCHAR BirthObjectId[16];
3124 UCHAR DomainId[16];
3125 };
3126 UCHAR ExtendedInfo[48];
3127 } DUMMYUNIONNAME;
3128 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
3129
3130 #define ANSI_DOS_STAR ('<')
3131 #define ANSI_DOS_QM ('>')
3132 #define ANSI_DOS_DOT ('"')
3133
3134 #define DOS_STAR (L'<')
3135 #define DOS_QM (L'>')
3136 #define DOS_DOT (L'"')
3137
3138 typedef struct _FILE_INTERNAL_INFORMATION {
3139 LARGE_INTEGER IndexNumber;
3140 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
3141
3142 typedef struct _FILE_EA_INFORMATION {
3143 ULONG EaSize;
3144 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
3145
3146 typedef struct _FILE_ACCESS_INFORMATION {
3147 ACCESS_MASK AccessFlags;
3148 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
3149
3150 typedef struct _FILE_MODE_INFORMATION {
3151 ULONG Mode;
3152 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
3153
3154 typedef struct _FILE_ALL_INFORMATION {
3155 FILE_BASIC_INFORMATION BasicInformation;
3156 FILE_STANDARD_INFORMATION StandardInformation;
3157 FILE_INTERNAL_INFORMATION InternalInformation;
3158 FILE_EA_INFORMATION EaInformation;
3159 FILE_ACCESS_INFORMATION AccessInformation;
3160 FILE_POSITION_INFORMATION PositionInformation;
3161 FILE_MODE_INFORMATION ModeInformation;
3162 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
3163 FILE_NAME_INFORMATION NameInformation;
3164 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
3165
3166 typedef struct _FILE_ALLOCATION_INFORMATION {
3167 LARGE_INTEGER AllocationSize;
3168 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
3169
3170 typedef struct _FILE_COMPRESSION_INFORMATION {
3171 LARGE_INTEGER CompressedFileSize;
3172 USHORT CompressionFormat;
3173 UCHAR CompressionUnitShift;
3174 UCHAR ChunkShift;
3175 UCHAR ClusterShift;
3176 UCHAR Reserved[3];
3177 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
3178
3179 typedef struct _FILE_LINK_INFORMATION {
3180 BOOLEAN ReplaceIfExists;
3181 HANDLE RootDirectory;
3182 ULONG FileNameLength;
3183 WCHAR FileName[1];
3184 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
3185
3186 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
3187 ULONG ClusterCount;
3188 HANDLE RootDirectory;
3189 ULONG FileNameLength;
3190 WCHAR FileName[1];
3191 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
3192
3193 typedef struct _FILE_RENAME_INFORMATION {
3194 BOOLEAN ReplaceIfExists;
3195 HANDLE RootDirectory;
3196 ULONG FileNameLength;
3197 WCHAR FileName[1];
3198 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
3199
3200 typedef struct _FILE_STREAM_INFORMATION {
3201 ULONG NextEntryOffset;
3202 ULONG StreamNameLength;
3203 LARGE_INTEGER StreamSize;
3204 LARGE_INTEGER StreamAllocationSize;
3205 WCHAR StreamName[1];
3206 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
3207
3208 typedef struct _FILE_TRACKING_INFORMATION {
3209 HANDLE DestinationFile;
3210 ULONG ObjectInformationLength;
3211 CHAR ObjectInformation[1];
3212 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
3213
3214 typedef struct _FILE_COMPLETION_INFORMATION {
3215 HANDLE Port;
3216 PVOID Key;
3217 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
3218
3219 typedef struct _FILE_PIPE_INFORMATION {
3220 ULONG ReadMode;
3221 ULONG CompletionMode;
3222 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
3223
3224 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
3225 ULONG NamedPipeType;
3226 ULONG NamedPipeConfiguration;
3227 ULONG MaximumInstances;
3228 ULONG CurrentInstances;
3229 ULONG InboundQuota;
3230 ULONG ReadDataAvailable;
3231 ULONG OutboundQuota;
3232 ULONG WriteQuotaAvailable;
3233 ULONG NamedPipeState;
3234 ULONG NamedPipeEnd;
3235 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
3236
3237 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
3238 LARGE_INTEGER CollectDataTime;
3239 ULONG MaximumCollectionCount;
3240 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
3241
3242 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
3243 ULONG MaximumMessageSize;
3244 ULONG MailslotQuota;
3245 ULONG NextMessageSize;
3246 ULONG MessagesAvailable;
3247 LARGE_INTEGER ReadTimeout;
3248 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
3249
3250 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
3251 PLARGE_INTEGER ReadTimeout;
3252 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
3253
3254 typedef struct _FILE_REPARSE_POINT_INFORMATION {
3255 LONGLONG FileReference;
3256 ULONG Tag;
3257 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
3258
3259 typedef struct _FILE_LINK_ENTRY_INFORMATION {
3260 ULONG NextEntryOffset;
3261 LONGLONG ParentFileId;
3262 ULONG FileNameLength;
3263 WCHAR FileName[1];
3264 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
3265
3266 typedef struct _FILE_LINKS_INFORMATION {
3267 ULONG BytesNeeded;
3268 ULONG EntriesReturned;
3269 FILE_LINK_ENTRY_INFORMATION Entry;
3270 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
3271
3272 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
3273 ULONG FileNameLength;
3274 WCHAR FileName[1];
3275 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
3276
3277 typedef struct _FILE_STANDARD_LINK_INFORMATION {
3278 ULONG NumberOfAccessibleLinks;
3279 ULONG TotalNumberOfLinks;
3280 BOOLEAN DeletePending;
3281 BOOLEAN Directory;
3282 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
3283
3284 typedef struct _FILE_GET_EA_INFORMATION {
3285 ULONG NextEntryOffset;
3286 UCHAR EaNameLength;
3287 CHAR EaName[1];
3288 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
3289
3290 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3291 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3292
3293 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
3294 USHORT StructureVersion;
3295 USHORT StructureSize;
3296 ULONG Protocol;
3297 USHORT ProtocolMajorVersion;
3298 USHORT ProtocolMinorVersion;
3299 USHORT ProtocolRevision;
3300 USHORT Reserved;
3301 ULONG Flags;
3302 struct {
3303 ULONG Reserved[8];
3304 } GenericReserved;
3305 struct {
3306 ULONG Reserved[16];
3307 } ProtocolSpecificReserved;
3308 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
3309
3310 typedef struct _FILE_GET_QUOTA_INFORMATION {
3311 ULONG NextEntryOffset;
3312 ULONG SidLength;
3313 SID Sid;
3314 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
3315
3316 typedef struct _FILE_QUOTA_INFORMATION {
3317 ULONG NextEntryOffset;
3318 ULONG SidLength;
3319 LARGE_INTEGER ChangeTime;
3320 LARGE_INTEGER QuotaUsed;
3321 LARGE_INTEGER QuotaThreshold;
3322 LARGE_INTEGER QuotaLimit;
3323 SID Sid;
3324 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
3325
3326 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
3327 ULONG FileSystemAttributes;
3328 ULONG MaximumComponentNameLength;
3329 ULONG FileSystemNameLength;
3330 WCHAR FileSystemName[1];
3331 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
3332
3333 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
3334 BOOLEAN DriverInPath;
3335 ULONG DriverNameLength;
3336 WCHAR DriverName[1];
3337 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
3338
3339 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
3340 ULONG Flags;
3341 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
3342
3343 #define FILE_VC_QUOTA_NONE 0x00000000
3344 #define FILE_VC_QUOTA_TRACK 0x00000001
3345 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3346 #define FILE_VC_QUOTA_MASK 0x00000003
3347 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3348 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3349 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3350 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3351 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3352 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3353 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3354 #define FILE_VC_VALID_MASK 0x000003ff
3355
3356 typedef struct _FILE_FS_CONTROL_INFORMATION {
3357 LARGE_INTEGER FreeSpaceStartFiltering;
3358 LARGE_INTEGER FreeSpaceThreshold;
3359 LARGE_INTEGER FreeSpaceStopFiltering;
3360 LARGE_INTEGER DefaultQuotaThreshold;
3361 LARGE_INTEGER DefaultQuotaLimit;
3362 ULONG FileSystemControlFlags;
3363 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
3364
3365 #ifndef _FILESYSTEMFSCTL_
3366 #define _FILESYSTEMFSCTL_
3367
3368 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3369 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3370 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3371 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3372 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3373 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3374 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3375 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3376 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3377 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3378 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3379 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3380 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3381 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3382 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3383 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3384
3385 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3386 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3387 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3388 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3389 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3390
3391 #if (_WIN32_WINNT >= 0x0400)
3392
3393 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3394 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3395 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3396 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3397 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
3398 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3399 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3400
3401 #endif
3402
3403 #if (_WIN32_WINNT >= 0x0500)
3404
3405 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3406 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
3407 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3408 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
3409 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
3410 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3411 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
3412 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
3413 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3414 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
3415 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
3416 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3417 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
3418 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3419 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3420 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3421 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
3422 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3423 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
3424 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
3425 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
3426 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
3427 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
3428 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3429 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3430 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3431 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3432 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3433 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3434 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3435 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3436 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3437
3438 #endif
3439
3440 #if (_WIN32_WINNT >= 0x0600)
3441
3442 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3443 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3444 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3445 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3446 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3447 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3448 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3449 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3450 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3451 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3452 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3453 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3454 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3455 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3456 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3457 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3458 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3459 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3460 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3461 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3462 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3463 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3464 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3465 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3466 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3467 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3468 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3469 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3470
3471 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3472 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3473 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3474 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3475 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3476 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3477
3478 #endif
3479
3480 #if (_WIN32_WINNT >= 0x0601)
3481
3482 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3483 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3484 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3485 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3486 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3487 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3488 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3489 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3490 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3491
3492 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3493
3494 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3495 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3496
3497 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3498 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3499 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3500 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3501 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3502
3503 typedef struct _CSV_NAMESPACE_INFO {
3504 ULONG Version;
3505 ULONG DeviceNumber;
3506 LARGE_INTEGER StartingOffset;
3507 ULONG SectorSize;
3508 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
3509
3510 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3511 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3512
3513 #endif
3514
3515 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3516
3517 typedef struct _PATHNAME_BUFFER {
3518 ULONG PathNameLength;
3519 WCHAR Name[1];
3520 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
3521
3522 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
3523 UCHAR First0x24BytesOfBootSector[0x24];
3524 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
3525
3526 #if (_WIN32_WINNT >= 0x0400)
3527
3528 typedef struct _NTFS_VOLUME_DATA_BUFFER {
3529 LARGE_INTEGER VolumeSerialNumber;
3530 LARGE_INTEGER NumberSectors;
3531 LARGE_INTEGER TotalClusters;
3532 LARGE_INTEGER FreeClusters;
3533 LARGE_INTEGER TotalReserved;
3534 ULONG BytesPerSector;
3535 ULONG BytesPerCluster;
3536 ULONG BytesPerFileRecordSegment;
3537 ULONG ClustersPerFileRecordSegment;
3538 LARGE_INTEGER MftValidDataLength;
3539 LARGE_INTEGER MftStartLcn;
3540 LARGE_INTEGER Mft2StartLcn;
3541 LARGE_INTEGER MftZoneStart;
3542 LARGE_INTEGER MftZoneEnd;
3543 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
3544
3545 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
3546 ULONG ByteCount;
3547 USHORT MajorVersion;
3548 USHORT MinorVersion;
3549 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
3550
3551 typedef struct _STARTING_LCN_INPUT_BUFFER {
3552 LARGE_INTEGER StartingLcn;
3553 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
3554
3555 typedef struct _VOLUME_BITMAP_BUFFER {
3556 LARGE_INTEGER StartingLcn;
3557 LARGE_INTEGER BitmapSize;
3558 UCHAR Buffer[1];
3559 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
3560
3561 typedef struct _STARTING_VCN_INPUT_BUFFER {
3562 LARGE_INTEGER StartingVcn;
3563 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
3564
3565 typedef struct _RETRIEVAL_POINTERS_BUFFER {
3566 ULONG ExtentCount;
3567 LARGE_INTEGER StartingVcn;
3568 struct {
3569 LARGE_INTEGER NextVcn;
3570 LARGE_INTEGER Lcn;
3571 } Extents[1];
3572 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
3573
3574 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
3575 LARGE_INTEGER FileReferenceNumber;
3576 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
3577
3578 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
3579 LARGE_INTEGER FileReferenceNumber;
3580 ULONG FileRecordLength;
3581 UCHAR FileRecordBuffer[1];
3582 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
3583
3584 typedef struct _MOVE_FILE_DATA {
3585 HANDLE FileHandle;
3586 LARGE_INTEGER StartingVcn;
3587 LARGE_INTEGER StartingLcn;
3588 ULONG ClusterCount;
3589 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
3590
3591 typedef struct _MOVE_FILE_RECORD_DATA {
3592 HANDLE FileHandle;
3593 LARGE_INTEGER SourceFileRecord;
3594 LARGE_INTEGER TargetFileRecord;
3595 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
3596
3597 #if defined(_WIN64)
3598 typedef struct _MOVE_FILE_DATA32 {
3599 UINT32 FileHandle;
3600 LARGE_INTEGER StartingVcn;
3601 LARGE_INTEGER StartingLcn;
3602 ULONG ClusterCount;
3603 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
3604 #endif
3605
3606 #endif /* (_WIN32_WINNT >= 0x0400) */
3607
3608 #if (_WIN32_WINNT >= 0x0500)
3609
3610 typedef struct _FIND_BY_SID_DATA {
3611 ULONG Restart;
3612 SID Sid;
3613 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
3614
3615 typedef struct _FIND_BY_SID_OUTPUT {
3616 ULONG NextEntryOffset;
3617 ULONG FileIndex;
3618 ULONG FileNameLength;
3619 WCHAR FileName[1];
3620 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
3621
3622 typedef struct _MFT_ENUM_DATA {
3623 ULONGLONG StartFileReferenceNumber;
3624 USN LowUsn;
3625 USN HighUsn;
3626 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
3627
3628 typedef struct _CREATE_USN_JOURNAL_DATA {
3629 ULONGLONG MaximumSize;
3630 ULONGLONG AllocationDelta;
3631 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
3632
3633 typedef struct _READ_USN_JOURNAL_DATA {
3634 USN StartUsn;
3635 ULONG ReasonMask;
3636 ULONG ReturnOnlyOnClose;
3637 ULONGLONG Timeout;
3638 ULONGLONG BytesToWaitFor;
3639 ULONGLONG UsnJournalID;
3640 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
3641
3642 typedef struct _USN_RECORD {
3643 ULONG RecordLength;
3644 USHORT MajorVersion;
3645 USHORT MinorVersion;
3646 ULONGLONG FileReferenceNumber;
3647 ULONGLONG ParentFileReferenceNumber;
3648 USN Usn;
3649 LARGE_INTEGER TimeStamp;
3650 ULONG Reason;
3651 ULONG SourceInfo;
3652 ULONG SecurityId;
3653 ULONG FileAttributes;
3654 USHORT FileNameLength;
3655 USHORT FileNameOffset;
3656 WCHAR FileName[1];
3657 } USN_RECORD, *PUSN_RECORD;
3658
3659 #define USN_PAGE_SIZE (0x1000)
3660
3661 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3662 #define USN_REASON_DATA_EXTEND (0x00000002)
3663 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3664 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3665 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3666 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3667 #define USN_REASON_FILE_CREATE (0x00000100)
3668 #define USN_REASON_FILE_DELETE (0x00000200)
3669 #define USN_REASON_EA_CHANGE (0x00000400)
3670 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3671 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3672 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3673 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3674 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3675 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3676 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3677 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3678 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3679 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3680 #define USN_REASON_STREAM_CHANGE (0x00200000)
3681 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3682 #define USN_REASON_CLOSE (0x80000000)
3683
3684 typedef struct _USN_JOURNAL_DATA {
3685 ULONGLONG UsnJournalID;
3686 USN FirstUsn;
3687 USN NextUsn;
3688 USN LowestValidUsn;
3689 USN MaxUsn;
3690 ULONGLONG MaximumSize;
3691 ULONGLONG AllocationDelta;
3692 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
3693
3694 typedef struct _DELETE_USN_JOURNAL_DATA {
3695 ULONGLONG UsnJournalID;
3696 ULONG DeleteFlags;
3697 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
3698
3699 #define USN_DELETE_FLAG_DELETE (0x00000001)
3700 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3701 #define USN_DELETE_VALID_FLAGS (0x00000003)
3702
3703 typedef struct _MARK_HANDLE_INFO {
3704 ULONG UsnSourceInfo;
3705 HANDLE VolumeHandle;
3706 ULONG HandleInfo;
3707 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
3708
3709 #if defined(_WIN64)
3710 typedef struct _MARK_HANDLE_INFO32 {
3711 ULONG UsnSourceInfo;
3712 UINT32 VolumeHandle;
3713 ULONG HandleInfo;
3714 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
3715 #endif
3716
3717 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3718 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3719 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3720
3721 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3722 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3723 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3724
3725 typedef struct _BULK_SECURITY_TEST_DATA {
3726 ACCESS_MASK DesiredAccess;
3727 ULONG SecurityIds[1];
3728 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
3729
3730 #define VOLUME_IS_DIRTY (0x00000001)
3731 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3732 #define VOLUME_SESSION_OPEN (0x00000004)
3733
3734 typedef struct _FILE_PREFETCH {
3735 ULONG Type;
3736 ULONG Count;
3737 ULONGLONG Prefetch[1];
3738 } FILE_PREFETCH, *PFILE_PREFETCH;
3739
3740 typedef struct _FILE_PREFETCH_EX {
3741 ULONG Type;
3742 ULONG Count;
3743 PVOID Context;
3744 ULONGLONG Prefetch[1];
3745 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
3746
3747 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3748 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3749 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3750 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3751
3752 #define FILE_PREFETCH_TYPE_MAX 0x4
3753
3754 typedef struct _FILE_OBJECTID_BUFFER {
3755 UCHAR ObjectId[16];
3756 union {
3757 struct {
3758 UCHAR BirthVolumeId[16];
3759 UCHAR BirthObjectId[16];
3760 UCHAR DomainId[16];
3761 } DUMMYSTRUCTNAME;
3762 UCHAR ExtendedInfo[48];
3763 } DUMMYUNIONNAME;
3764 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
3765
3766 typedef struct _FILE_SET_SPARSE_BUFFER {
3767 BOOLEAN SetSparse;
3768 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
3769
3770 typedef struct _FILE_ZERO_DATA_INFORMATION {
3771 LARGE_INTEGER FileOffset;
3772 LARGE_INTEGER BeyondFinalZero;
3773 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
3774
3775 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
3776 LARGE_INTEGER FileOffset;
3777 LARGE_INTEGER Length;
3778 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
3779
3780 typedef struct _ENCRYPTION_BUFFER {
3781 ULONG EncryptionOperation;
3782 UCHAR Private[1];
3783 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
3784
3785 #define FILE_SET_ENCRYPTION 0x00000001
3786 #define FILE_CLEAR_ENCRYPTION 0x00000002
3787 #define STREAM_SET_ENCRYPTION 0x00000003
3788 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3789
3790 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3791
3792 typedef struct _DECRYPTION_STATUS_BUFFER {
3793 BOOLEAN NoEncryptedStreams;
3794 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
3795
3796 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3797
3798 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3799
3800 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
3801 LONGLONG FileOffset;
3802 ULONG Length;
3803 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
3804
3805 typedef struct _ENCRYPTED_DATA_INFO {
3806 ULONGLONG StartingFileOffset;
3807 ULONG OutputBufferOffset;
3808 ULONG BytesWithinFileSize;
3809 ULONG BytesWithinValidDataLength;
3810 USHORT CompressionFormat;
3811 UCHAR DataUnitShift;
3812 UCHAR ChunkShift;
3813 UCHAR ClusterShift;
3814 UCHAR EncryptionFormat;
3815 USHORT NumberOfDataBlocks;
3816 ULONG DataBlockSize[ANYSIZE_ARRAY];
3817 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
3818
3819 typedef struct _PLEX_READ_DATA_REQUEST {
3820 LARGE_INTEGER ByteOffset;
3821 ULONG ByteLength;
3822 ULONG PlexNumber;
3823 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
3824
3825 typedef struct _SI_COPYFILE {
3826 ULONG SourceFileNameLength;
3827 ULONG DestinationFileNameLength;
3828 ULONG Flags;
3829 WCHAR FileNameBuffer[1];
3830 } SI_COPYFILE, *PSI_COPYFILE;
3831
3832 #define COPYFILE_SIS_LINK 0x0001
3833 #define COPYFILE_SIS_REPLACE 0x0002