a41205f2be75a5ff2e0f3ed0c830ba8e4a872dd9
[reactos.git] / reactos / include / ddk / ntifs.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33
34 /* Dependencies */
35 #include <ntddk.h>
36 #include <excpt.h>
37 #include <ntdef.h>
38 #include <ntnls.h>
39 #include <ntstatus.h>
40 #include <bugcodes.h>
41 #include <ntiologc.h>
42
43
44 #ifndef FlagOn
45 #define FlagOn(_F,_SF) ((_F) & (_SF))
46 #endif
47
48 #ifndef BooleanFlagOn
49 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
50 #endif
51
52 #ifndef SetFlag
53 #define SetFlag(_F,_SF) ((_F) |= (_SF))
54 #endif
55
56 #ifndef ClearFlag
57 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
58 #endif
59
60 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
61 typedef STRING LSA_STRING, *PLSA_STRING;
62 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
63
64 /******************************************************************************
65 * Security Manager Types *
66 ******************************************************************************/
67
68 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
69 #define SID_IDENTIFIER_AUTHORITY_DEFINED
70 typedef struct _SID_IDENTIFIER_AUTHORITY {
71 UCHAR Value[6];
72 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
73 #endif
74
75 #ifndef SID_DEFINED
76 #define SID_DEFINED
77 typedef struct _SID {
78 UCHAR Revision;
79 UCHAR SubAuthorityCount;
80 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
81 #ifdef MIDL_PASS
82 [size_is(SubAuthorityCount)] ULONG SubAuthority[*];
83 #else
84 ULONG SubAuthority[ANYSIZE_ARRAY];
85 #endif
86 } SID, *PISID;
87 #endif
88
89
90 #define SID_REVISION 1
91 #define SID_MAX_SUB_AUTHORITIES 15
92 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
93
94 #ifndef MIDL_PASS
95 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
96 #endif
97
98 typedef enum _SID_NAME_USE {
99 SidTypeUser = 1,
100 SidTypeGroup,
101 SidTypeDomain,
102 SidTypeAlias,
103 SidTypeWellKnownGroup,
104 SidTypeDeletedAccount,
105 SidTypeInvalid,
106 SidTypeUnknown,
107 SidTypeComputer,
108 SidTypeLabel
109 } SID_NAME_USE, *PSID_NAME_USE;
110
111 typedef struct _SID_AND_ATTRIBUTES {
112 #ifdef MIDL_PASS
113 PISID Sid;
114 #else
115 PSID Sid;
116 #endif
117 ULONG Attributes;
118 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
119 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
120 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
121
122 #define SID_HASH_SIZE 32
123 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
124
125 typedef struct _SID_AND_ATTRIBUTES_HASH {
126 ULONG SidCount;
127 PSID_AND_ATTRIBUTES SidAttr;
128 SID_HASH_ENTRY Hash[SID_HASH_SIZE];
129 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
130
131 /* Universal well-known SIDs */
132
133 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
134 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
135 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
136 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
137 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
138 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
139
140 #define SECURITY_NULL_RID (0x00000000L)
141 #define SECURITY_WORLD_RID (0x00000000L)
142 #define SECURITY_LOCAL_RID (0x00000000L)
143 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
144
145 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
146 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
147 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
148 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
149 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
150
151 /* NT well-known SIDs */
152
153 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
154
155 #define SECURITY_DIALUP_RID (0x00000001L)
156 #define SECURITY_NETWORK_RID (0x00000002L)
157 #define SECURITY_BATCH_RID (0x00000003L)
158 #define SECURITY_INTERACTIVE_RID (0x00000004L)
159 #define SECURITY_LOGON_IDS_RID (0x00000005L)
160 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
161 #define SECURITY_SERVICE_RID (0x00000006L)
162 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
163 #define SECURITY_PROXY_RID (0x00000008L)
164 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
165 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
166 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
167 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
168 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
169 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
170 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
171 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
172 #define SECURITY_IUSER_RID (0x00000011L)
173 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
174 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
175 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
176 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
177 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
178 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
179
180 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
181 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
182
183
184 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
185 #define SECURITY_PACKAGE_RID_COUNT (2L)
186 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
187 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
188 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
189
190 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
191 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
192 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
193
194 #define SECURITY_MIN_BASE_RID (0x00000050L)
195 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
196 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
197 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
198 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
199 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
200 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
201 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
202 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
203 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
204 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
205 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
206 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
207 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
208 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
209 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
210 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
211 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
212
213 #define SECURITY_MAX_BASE_RID (0x0000006FL)
214
215 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
216 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
217
218 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
219
220 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
221
222 /* Well-known domain relative sub-authority values (RIDs) */
223
224 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
225
226 #define FOREST_USER_RID_MAX (0x000001F3L)
227
228 /* Well-known users */
229
230 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
231 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
232 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
233
234 #define DOMAIN_USER_RID_MAX (0x000003E7L)
235
236 /* Well-known groups */
237
238 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
239 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
240 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
241 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
242 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
243 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
244 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
245 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
246 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
247 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
248
249 /* Well-known aliases */
250
251 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
252 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
253 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
254 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
255
256 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
257 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
258 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
259 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
260
261 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
262 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
263 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
264 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
265 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
266 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
267
268 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
269 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
270 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
271 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
272 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
273 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
274 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
275 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
276 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
277 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
278 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
279
280 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
281 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
282 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
283 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
284 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
285 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
286 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
287
288 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
289 can be set by a usermode caller.*/
290
291 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
292
293 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
294
295 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
296 Use #999 here (0x3e7 = 999) */
297
298 #define SYSTEM_LUID {0x3e7, 0x0}
299 #define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
300 #define LOCALSERVICE_LUID {0x3e5, 0x0}
301 #define NETWORKSERVICE_LUID {0x3e4, 0x0}
302 #define IUSER_LUID {0x3e3, 0x0}
303
304 typedef struct _ACE_HEADER {
305 UCHAR AceType;
306 UCHAR AceFlags;
307 USHORT AceSize;
308 } ACE_HEADER, *PACE_HEADER;
309
310 /* also in winnt.h */
311 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
312 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
313 #define ACCESS_DENIED_ACE_TYPE (0x1)
314 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
315 #define SYSTEM_ALARM_ACE_TYPE (0x3)
316 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
317 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
318 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
319 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
320 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
321 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
322 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
323 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
324 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
325 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
326 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
327 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
328 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
329 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
330 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
331 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
332 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
333 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
334 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
335 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
336 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
337
338 /* The following are the inherit flags that go into the AceFlags field
339 of an Ace header. */
340
341 #define OBJECT_INHERIT_ACE (0x1)
342 #define CONTAINER_INHERIT_ACE (0x2)
343 #define NO_PROPAGATE_INHERIT_ACE (0x4)
344 #define INHERIT_ONLY_ACE (0x8)
345 #define INHERITED_ACE (0x10)
346 #define VALID_INHERIT_FLAGS (0x1F)
347
348 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
349 #define FAILED_ACCESS_ACE_FLAG (0x80)
350
351 typedef struct _ACCESS_ALLOWED_ACE {
352 ACE_HEADER Header;
353 ACCESS_MASK Mask;
354 ULONG SidStart;
355 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
356
357 typedef struct _ACCESS_DENIED_ACE {
358 ACE_HEADER Header;
359 ACCESS_MASK Mask;
360 ULONG SidStart;
361 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
362
363 typedef struct _SYSTEM_AUDIT_ACE {
364 ACE_HEADER Header;
365 ACCESS_MASK Mask;
366 ULONG SidStart;
367 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
368
369 typedef struct _SYSTEM_ALARM_ACE {
370 ACE_HEADER Header;
371 ACCESS_MASK Mask;
372 ULONG SidStart;
373 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
374
375 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
376 ACE_HEADER Header;
377 ACCESS_MASK Mask;
378 ULONG SidStart;
379 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
380
381 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
382 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
383 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
384 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
385 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
386 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
387
388 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
389
390 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
391
392 #define SE_OWNER_DEFAULTED 0x0001
393 #define SE_GROUP_DEFAULTED 0x0002
394 #define SE_DACL_PRESENT 0x0004
395 #define SE_DACL_DEFAULTED 0x0008
396 #define SE_SACL_PRESENT 0x0010
397 #define SE_SACL_DEFAULTED 0x0020
398 #define SE_DACL_UNTRUSTED 0x0040
399 #define SE_SERVER_SECURITY 0x0080
400 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
401 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
402 #define SE_DACL_AUTO_INHERITED 0x0400
403 #define SE_SACL_AUTO_INHERITED 0x0800
404 #define SE_DACL_PROTECTED 0x1000
405 #define SE_SACL_PROTECTED 0x2000
406 #define SE_RM_CONTROL_VALID 0x4000
407 #define SE_SELF_RELATIVE 0x8000
408
409 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
410 UCHAR Revision;
411 UCHAR Sbz1;
412 SECURITY_DESCRIPTOR_CONTROL Control;
413 ULONG Owner;
414 ULONG Group;
415 ULONG Sacl;
416 ULONG Dacl;
417 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
418
419 typedef struct _SECURITY_DESCRIPTOR {
420 UCHAR Revision;
421 UCHAR Sbz1;
422 SECURITY_DESCRIPTOR_CONTROL Control;
423 PSID Owner;
424 PSID Group;
425 PACL Sacl;
426 PACL Dacl;
427 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
428
429 typedef struct _OBJECT_TYPE_LIST {
430 USHORT Level;
431 USHORT Sbz;
432 GUID *ObjectType;
433 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
434
435 #define ACCESS_OBJECT_GUID 0
436 #define ACCESS_PROPERTY_SET_GUID 1
437 #define ACCESS_PROPERTY_GUID 2
438 #define ACCESS_MAX_LEVEL 4
439
440 typedef enum _AUDIT_EVENT_TYPE {
441 AuditEventObjectAccess,
442 AuditEventDirectoryServiceAccess
443 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
444
445 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
446
447 #define ACCESS_DS_SOURCE_A "DS"
448 #define ACCESS_DS_SOURCE_W L"DS"
449 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
450 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
451
452 #define ACCESS_REASON_TYPE_MASK 0xffff0000
453 #define ACCESS_REASON_DATA_MASK 0x0000ffff
454
455 typedef enum _ACCESS_REASON_TYPE {
456 AccessReasonNone = 0x00000000,
457 AccessReasonAllowedAce = 0x00010000,
458 AccessReasonDeniedAce = 0x00020000,
459 AccessReasonAllowedParentAce = 0x00030000,
460 AccessReasonDeniedParentAce = 0x00040000,
461 AccessReasonMissingPrivilege = 0x00100000,
462 AccessReasonFromPrivilege = 0x00200000,
463 AccessReasonIntegrityLevel = 0x00300000,
464 AccessReasonOwnership = 0x00400000,
465 AccessReasonNullDacl = 0x00500000,
466 AccessReasonEmptyDacl = 0x00600000,
467 AccessReasonNoSD = 0x00700000,
468 AccessReasonNoGrant = 0x00800000
469 } ACCESS_REASON_TYPE;
470
471 typedef ULONG ACCESS_REASON;
472
473 typedef struct _ACCESS_REASONS {
474 ACCESS_REASON Data[32];
475 } ACCESS_REASONS, *PACCESS_REASONS;
476
477 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
478 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
479 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
480
481 typedef struct _SE_SECURITY_DESCRIPTOR {
482 ULONG Size;
483 ULONG Flags;
484 PSECURITY_DESCRIPTOR SecurityDescriptor;
485 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
486
487 typedef struct _SE_ACCESS_REQUEST {
488 ULONG Size;
489 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
490 ACCESS_MASK DesiredAccess;
491 ACCESS_MASK PreviouslyGrantedAccess;
492 PSID PrincipalSelfSid;
493 PGENERIC_MAPPING GenericMapping;
494 ULONG ObjectTypeListCount;
495 POBJECT_TYPE_LIST ObjectTypeList;
496 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
497
498 typedef struct _SE_ACCESS_REPLY {
499 ULONG Size;
500 ULONG ResultListCount;
501 PACCESS_MASK GrantedAccess;
502 PNTSTATUS AccessStatus;
503 PACCESS_REASONS AccessReason;
504 PPRIVILEGE_SET* Privileges;
505 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
506
507 typedef enum _SE_AUDIT_OPERATION {
508 AuditPrivilegeObject,
509 AuditPrivilegeService,
510 AuditAccessCheck,
511 AuditOpenObject,
512 AuditOpenObjectWithTransaction,
513 AuditCloseObject,
514 AuditDeleteObject,
515 AuditOpenObjectForDelete,
516 AuditOpenObjectForDeleteWithTransaction,
517 AuditCloseNonObject,
518 AuditOpenNonObject,
519 AuditObjectReference,
520 AuditHandleCreation,
521 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
522
523 typedef struct _SE_AUDIT_INFO {
524 ULONG Size;
525 AUDIT_EVENT_TYPE AuditType;
526 SE_AUDIT_OPERATION AuditOperation;
527 ULONG AuditFlags;
528 UNICODE_STRING SubsystemName;
529 UNICODE_STRING ObjectTypeName;
530 UNICODE_STRING ObjectName;
531 PVOID HandleId;
532 GUID* TransactionId;
533 LUID* OperationId;
534 BOOLEAN ObjectCreation;
535 BOOLEAN GenerateOnClose;
536 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
537
538 #define TOKEN_ASSIGN_PRIMARY (0x0001)
539 #define TOKEN_DUPLICATE (0x0002)
540 #define TOKEN_IMPERSONATE (0x0004)
541 #define TOKEN_QUERY (0x0008)
542 #define TOKEN_QUERY_SOURCE (0x0010)
543 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
544 #define TOKEN_ADJUST_GROUPS (0x0040)
545 #define TOKEN_ADJUST_DEFAULT (0x0080)
546 #define TOKEN_ADJUST_SESSIONID (0x0100)
547
548 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
549 TOKEN_ASSIGN_PRIMARY |\
550 TOKEN_DUPLICATE |\
551 TOKEN_IMPERSONATE |\
552 TOKEN_QUERY |\
553 TOKEN_QUERY_SOURCE |\
554 TOKEN_ADJUST_PRIVILEGES |\
555 TOKEN_ADJUST_GROUPS |\
556 TOKEN_ADJUST_DEFAULT )
557
558 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
559 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
560 TOKEN_ADJUST_SESSIONID )
561 #else
562 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
563 #endif
564
565 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
566 TOKEN_QUERY)
567
568 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
569 TOKEN_ADJUST_PRIVILEGES |\
570 TOKEN_ADJUST_GROUPS |\
571 TOKEN_ADJUST_DEFAULT)
572
573 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
574
575 typedef enum _TOKEN_TYPE {
576 TokenPrimary = 1,
577 TokenImpersonation
578 } TOKEN_TYPE,*PTOKEN_TYPE;
579
580 typedef enum _TOKEN_INFORMATION_CLASS {
581 TokenUser = 1,
582 TokenGroups,
583 TokenPrivileges,
584 TokenOwner,
585 TokenPrimaryGroup,
586 TokenDefaultDacl,
587 TokenSource,
588 TokenType,
589 TokenImpersonationLevel,
590 TokenStatistics,
591 TokenRestrictedSids,
592 TokenSessionId,
593 TokenGroupsAndPrivileges,
594 TokenSessionReference,
595 TokenSandBoxInert,
596 TokenAuditPolicy,
597 TokenOrigin,
598 TokenElevationType,
599 TokenLinkedToken,
600 TokenElevation,
601 TokenHasRestrictions,
602 TokenAccessInformation,
603 TokenVirtualizationAllowed,
604 TokenVirtualizationEnabled,
605 TokenIntegrityLevel,
606 TokenUIAccess,
607 TokenMandatoryPolicy,
608 TokenLogonSid,
609 MaxTokenInfoClass
610 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
611
612 typedef struct _TOKEN_USER {
613 SID_AND_ATTRIBUTES User;
614 } TOKEN_USER, *PTOKEN_USER;
615
616 typedef struct _TOKEN_GROUPS {
617 ULONG GroupCount;
618 #ifdef MIDL_PASS
619 [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
620 #else
621 SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
622 #endif
623 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
624
625 typedef struct _TOKEN_PRIVILEGES {
626 ULONG PrivilegeCount;
627 LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
628 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
629
630 typedef struct _TOKEN_OWNER {
631 PSID Owner;
632 } TOKEN_OWNER,*PTOKEN_OWNER;
633
634 typedef struct _TOKEN_PRIMARY_GROUP {
635 PSID PrimaryGroup;
636 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
637
638 typedef struct _TOKEN_DEFAULT_DACL {
639 PACL DefaultDacl;
640 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
641
642 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
643 ULONG SidCount;
644 ULONG SidLength;
645 PSID_AND_ATTRIBUTES Sids;
646 ULONG RestrictedSidCount;
647 ULONG RestrictedSidLength;
648 PSID_AND_ATTRIBUTES RestrictedSids;
649 ULONG PrivilegeCount;
650 ULONG PrivilegeLength;
651 PLUID_AND_ATTRIBUTES Privileges;
652 LUID AuthenticationId;
653 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
654
655 typedef struct _TOKEN_LINKED_TOKEN {
656 HANDLE LinkedToken;
657 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
658
659 typedef struct _TOKEN_ELEVATION {
660 ULONG TokenIsElevated;
661 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
662
663 typedef struct _TOKEN_MANDATORY_LABEL {
664 SID_AND_ATTRIBUTES Label;
665 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
666
667 #define TOKEN_MANDATORY_POLICY_OFF 0x0
668 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
669 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
670
671 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
672 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
673
674 typedef struct _TOKEN_MANDATORY_POLICY {
675 ULONG Policy;
676 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
677
678 typedef struct _TOKEN_ACCESS_INFORMATION {
679 PSID_AND_ATTRIBUTES_HASH SidHash;
680 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
681 PTOKEN_PRIVILEGES Privileges;
682 LUID AuthenticationId;
683 TOKEN_TYPE TokenType;
684 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
685 TOKEN_MANDATORY_POLICY MandatoryPolicy;
686 ULONG Flags;
687 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
688
689 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
690
691 typedef struct _TOKEN_AUDIT_POLICY {
692 UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
693 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
694
695 #define TOKEN_SOURCE_LENGTH 8
696
697 typedef struct _TOKEN_SOURCE {
698 CHAR SourceName[TOKEN_SOURCE_LENGTH];
699 LUID SourceIdentifier;
700 } TOKEN_SOURCE,*PTOKEN_SOURCE;
701
702 typedef struct _TOKEN_STATISTICS {
703 LUID TokenId;
704 LUID AuthenticationId;
705 LARGE_INTEGER ExpirationTime;
706 TOKEN_TYPE TokenType;
707 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
708 ULONG DynamicCharged;
709 ULONG DynamicAvailable;
710 ULONG GroupCount;
711 ULONG PrivilegeCount;
712 LUID ModifiedId;
713 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
714
715 typedef struct _TOKEN_CONTROL {
716 LUID TokenId;
717 LUID AuthenticationId;
718 LUID ModifiedId;
719 TOKEN_SOURCE TokenSource;
720 } TOKEN_CONTROL,*PTOKEN_CONTROL;
721
722 typedef struct _TOKEN_ORIGIN {
723 LUID OriginatingLogonSession;
724 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
725
726 typedef enum _MANDATORY_LEVEL {
727 MandatoryLevelUntrusted = 0,
728 MandatoryLevelLow,
729 MandatoryLevelMedium,
730 MandatoryLevelHigh,
731 MandatoryLevelSystem,
732 MandatoryLevelSecureProcess,
733 MandatoryLevelCount
734 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
735
736 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
737 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
738 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
739 #define TOKEN_WRITE_RESTRICTED 0x0008
740 #define TOKEN_IS_RESTRICTED 0x0010
741 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
742 #define TOKEN_SANDBOX_INERT 0x0040
743 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
744 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
745 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
746 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
747 #define TOKEN_IS_FILTERED 0x0800
748 #define TOKEN_UIACCESS 0x1000
749 #define TOKEN_NOT_LOW 0x2000
750
751 typedef struct _SE_EXPORTS {
752 LUID SeCreateTokenPrivilege;
753 LUID SeAssignPrimaryTokenPrivilege;
754 LUID SeLockMemoryPrivilege;
755 LUID SeIncreaseQuotaPrivilege;
756 LUID SeUnsolicitedInputPrivilege;
757 LUID SeTcbPrivilege;
758 LUID SeSecurityPrivilege;
759 LUID SeTakeOwnershipPrivilege;
760 LUID SeLoadDriverPrivilege;
761 LUID SeCreatePagefilePrivilege;
762 LUID SeIncreaseBasePriorityPrivilege;
763 LUID SeSystemProfilePrivilege;
764 LUID SeSystemtimePrivilege;
765 LUID SeProfileSingleProcessPrivilege;
766 LUID SeCreatePermanentPrivilege;
767 LUID SeBackupPrivilege;
768 LUID SeRestorePrivilege;
769 LUID SeShutdownPrivilege;
770 LUID SeDebugPrivilege;
771 LUID SeAuditPrivilege;
772 LUID SeSystemEnvironmentPrivilege;
773 LUID SeChangeNotifyPrivilege;
774 LUID SeRemoteShutdownPrivilege;
775 PSID SeNullSid;
776 PSID SeWorldSid;
777 PSID SeLocalSid;
778 PSID SeCreatorOwnerSid;
779 PSID SeCreatorGroupSid;
780 PSID SeNtAuthoritySid;
781 PSID SeDialupSid;
782 PSID SeNetworkSid;
783 PSID SeBatchSid;
784 PSID SeInteractiveSid;
785 PSID SeLocalSystemSid;
786 PSID SeAliasAdminsSid;
787 PSID SeAliasUsersSid;
788 PSID SeAliasGuestsSid;
789 PSID SeAliasPowerUsersSid;
790 PSID SeAliasAccountOpsSid;
791 PSID SeAliasSystemOpsSid;
792 PSID SeAliasPrintOpsSid;
793 PSID SeAliasBackupOpsSid;
794 PSID SeAuthenticatedUsersSid;
795 PSID SeRestrictedSid;
796 PSID SeAnonymousLogonSid;
797 LUID SeUndockPrivilege;
798 LUID SeSyncAgentPrivilege;
799 LUID SeEnableDelegationPrivilege;
800 PSID SeLocalServiceSid;
801 PSID SeNetworkServiceSid;
802 LUID SeManageVolumePrivilege;
803 LUID SeImpersonatePrivilege;
804 LUID SeCreateGlobalPrivilege;
805 LUID SeTrustedCredManAccessPrivilege;
806 LUID SeRelabelPrivilege;
807 LUID SeIncreaseWorkingSetPrivilege;
808 LUID SeTimeZonePrivilege;
809 LUID SeCreateSymbolicLinkPrivilege;
810 PSID SeIUserSid;
811 PSID SeUntrustedMandatorySid;
812 PSID SeLowMandatorySid;
813 PSID SeMediumMandatorySid;
814 PSID SeHighMandatorySid;
815 PSID SeSystemMandatorySid;
816 PSID SeOwnerRightsSid;
817 } SE_EXPORTS, *PSE_EXPORTS;
818
819 typedef NTSTATUS
820 (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
821 IN PLUID LogonId);
822
823 typedef struct _SECURITY_CLIENT_CONTEXT {
824 SECURITY_QUALITY_OF_SERVICE SecurityQos;
825 PACCESS_TOKEN ClientToken;
826 BOOLEAN DirectlyAccessClientToken;
827 BOOLEAN DirectAccessEffectiveOnly;
828 BOOLEAN ServerIsRemote;
829 TOKEN_CONTROL ClientTokenControl;
830 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
831
832 /******************************************************************************
833 * Object Manager Types *
834 ******************************************************************************/
835
836 typedef enum _OBJECT_INFORMATION_CLASS {
837 ObjectBasicInformation = 0,
838 ObjectTypeInformation = 2,
839 /* Not for public use */
840 ObjectNameInformation = 1,
841 ObjectTypesInformation = 3,
842 ObjectHandleFlagInformation = 4,
843 ObjectSessionInformation = 5,
844 MaxObjectInfoClass
845 } OBJECT_INFORMATION_CLASS;
846
847
848 /******************************************************************************
849 * Runtime Library Types *
850 ******************************************************************************/
851
852
853 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
854
855 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE)
856 _IRQL_requires_max_(PASSIVE_LEVEL)
857 __drv_allocatesMem(Mem)
858 typedef PVOID
859 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
860 _In_ SIZE_T NumberOfBytes);
861
862 #if _WIN32_WINNT >= 0x0600
863 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE)
864 _IRQL_requires_max_(PASSIVE_LEVEL)
865 __drv_allocatesMem(Mem)
866 typedef PVOID
867 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
868 _In_ SIZE_T NumberOfBytes,
869 IN PVOID Buffer);
870 #endif
871
872 typedef VOID
873 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
874 _In_ __drv_freesMem(Mem) _Post_invalid_ PVOID Buffer);
875
876 extern NTKERNELAPI const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
877 extern NTKERNELAPI const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
878
879 #if _WIN32_WINNT >= 0x0600
880 extern NTKERNELAPI const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
881 #endif
882
883 _Function_class_(RTL_HEAP_COMMIT_ROUTINE)
884 _IRQL_requires_same_
885 typedef NTSTATUS
886 (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (
887 _In_ PVOID Base,
888 _Inout_ PVOID *CommitAddress,
889 _Inout_ PSIZE_T CommitSize);
890
891 typedef struct _RTL_HEAP_PARAMETERS {
892 ULONG Length;
893 SIZE_T SegmentReserve;
894 SIZE_T SegmentCommit;
895 SIZE_T DeCommitFreeBlockThreshold;
896 SIZE_T DeCommitTotalFreeThreshold;
897 SIZE_T MaximumAllocationSize;
898 SIZE_T VirtualMemoryThreshold;
899 SIZE_T InitialCommit;
900 SIZE_T InitialReserve;
901 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
902 SIZE_T Reserved[2];
903 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
904
905 #if (NTDDI_VERSION >= NTDDI_WIN2K)
906
907 typedef struct _GENERATE_NAME_CONTEXT {
908 USHORT Checksum;
909 BOOLEAN CheckSumInserted;
910 _Field_range_(<=, 8) UCHAR NameLength;
911 WCHAR NameBuffer[8];
912 _Field_range_(<=, 4) ULONG ExtensionLength;
913 WCHAR ExtensionBuffer[4];
914 ULONG LastIndexValue;
915 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
916
917 typedef struct _PREFIX_TABLE_ENTRY {
918 CSHORT NodeTypeCode;
919 CSHORT NameLength;
920 struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
921 RTL_SPLAY_LINKS Links;
922 PSTRING Prefix;
923 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
924
925 typedef struct _PREFIX_TABLE {
926 CSHORT NodeTypeCode;
927 CSHORT NameLength;
928 PPREFIX_TABLE_ENTRY NextPrefixTree;
929 } PREFIX_TABLE, *PPREFIX_TABLE;
930
931 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
932 CSHORT NodeTypeCode;
933 CSHORT NameLength;
934 struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
935 struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
936 RTL_SPLAY_LINKS Links;
937 PUNICODE_STRING Prefix;
938 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
939
940 typedef struct _UNICODE_PREFIX_TABLE {
941 CSHORT NodeTypeCode;
942 CSHORT NameLength;
943 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
944 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
945 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
946
947 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
948
949 #if (NTDDI_VERSION >= NTDDI_WINXP)
950 typedef struct _COMPRESSED_DATA_INFO {
951 USHORT CompressionFormatAndEngine;
952 UCHAR CompressionUnitShift;
953 UCHAR ChunkShift;
954 UCHAR ClusterShift;
955 UCHAR Reserved;
956 USHORT NumberOfChunks;
957 ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
958 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
959 #endif
960 /******************************************************************************
961 * Runtime Library Functions *
962 ******************************************************************************/
963
964
965 #if (NTDDI_VERSION >= NTDDI_WIN2K)
966
967
968 _Must_inspect_result_
969 _Ret_maybenull_
970 _Post_writable_byte_size_(Size)
971 NTSYSAPI
972 PVOID
973 NTAPI
974 RtlAllocateHeap(
975 _In_ HANDLE HeapHandle,
976 _In_opt_ ULONG Flags,
977 _In_ SIZE_T Size);
978
979 _Success_(return != 0)
980 NTSYSAPI
981 BOOLEAN
982 NTAPI
983 RtlFreeHeap(
984 _In_ PVOID HeapHandle,
985 _In_opt_ ULONG Flags,
986 _In_ _Post_invalid_ PVOID BaseAddress);
987
988 NTSYSAPI
989 VOID
990 NTAPI
991 RtlCaptureContext(
992 _Out_ PCONTEXT ContextRecord);
993
994 _Ret_range_(<, MAXLONG)
995 NTSYSAPI
996 ULONG
997 NTAPI
998 RtlRandom(
999 _Inout_ PULONG Seed);
1000
1001 _IRQL_requires_max_(APC_LEVEL)
1002 _Success_(return != 0)
1003 _Must_inspect_result_
1004 NTSYSAPI
1005 BOOLEAN
1006 NTAPI
1007 RtlCreateUnicodeString(
1008 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem))
1009 PUNICODE_STRING DestinationString,
1010 _In_z_ PCWSTR SourceString);
1011
1012 _IRQL_requires_max_(PASSIVE_LEVEL)
1013 _Must_inspect_result_
1014 NTSYSAPI
1015 BOOLEAN
1016 NTAPI
1017 RtlPrefixString(
1018 _In_ const STRING *String1,
1019 _In_ const STRING *String2,
1020 _In_ BOOLEAN CaseInsensitive);
1021
1022 _IRQL_requires_max_(APC_LEVEL)
1023 NTSYSAPI
1024 NTSTATUS
1025 NTAPI
1026 RtlAppendStringToString(
1027 _Inout_ PSTRING Destination,
1028 _In_ const STRING *Source);
1029
1030 _IRQL_requires_max_(PASSIVE_LEVEL)
1031 _Must_inspect_result_
1032 NTSYSAPI
1033 NTSTATUS
1034 NTAPI
1035 RtlOemStringToUnicodeString(
1036 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1037 _When_(!AllocateDestinationString, _Inout_)
1038 PUNICODE_STRING DestinationString,
1039 _In_ PCOEM_STRING SourceString,
1040 _In_ BOOLEAN AllocateDestinationString);
1041
1042 _IRQL_requires_max_(PASSIVE_LEVEL)
1043 _Must_inspect_result_
1044 NTSYSAPI
1045 NTSTATUS
1046 NTAPI
1047 RtlUnicodeStringToOemString(
1048 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1049 _When_(!AllocateDestinationString, _Inout_)
1050 POEM_STRING DestinationString,
1051 _In_ PCUNICODE_STRING SourceString,
1052 _In_ BOOLEAN AllocateDestinationString);
1053
1054 _IRQL_requires_max_(PASSIVE_LEVEL)
1055 _Must_inspect_result_
1056 NTSYSAPI
1057 NTSTATUS
1058 NTAPI
1059 RtlUpcaseUnicodeStringToOemString(
1060 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1061 _When_(!AllocateDestinationString, _Inout_)
1062 POEM_STRING DestinationString,
1063 _In_ PCUNICODE_STRING SourceString,
1064 _In_ BOOLEAN AllocateDestinationString);
1065
1066 _IRQL_requires_max_(PASSIVE_LEVEL)
1067 _Must_inspect_result_
1068 NTSYSAPI
1069 NTSTATUS
1070 NTAPI
1071 RtlOemStringToCountedUnicodeString(
1072 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1073 _When_(!AllocateDestinationString, _Inout_)
1074 PUNICODE_STRING DestinationString,
1075 _In_ PCOEM_STRING SourceString,
1076 _In_ BOOLEAN AllocateDestinationString);
1077
1078 _IRQL_requires_max_(PASSIVE_LEVEL)
1079 _Must_inspect_result_
1080 NTSYSAPI
1081 NTSTATUS
1082 NTAPI
1083 RtlUnicodeStringToCountedOemString(
1084 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1085 _When_(!AllocateDestinationString, _Inout_)
1086 POEM_STRING DestinationString,
1087 _In_ PCUNICODE_STRING SourceString,
1088 _In_ BOOLEAN AllocateDestinationString);
1089
1090 _IRQL_requires_max_(PASSIVE_LEVEL)
1091 _Must_inspect_result_
1092 NTSYSAPI
1093 NTSTATUS
1094 NTAPI
1095 RtlUpcaseUnicodeStringToCountedOemString(
1096 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1097 _When_(!AllocateDestinationString, _Inout_)
1098 POEM_STRING DestinationString,
1099 _In_ PCUNICODE_STRING SourceString,
1100 _In_ BOOLEAN AllocateDestinationString);
1101
1102 _IRQL_requires_max_(PASSIVE_LEVEL)
1103 _When_(AllocateDestinationString, _Must_inspect_result_)
1104 NTSYSAPI
1105 NTSTATUS
1106 NTAPI
1107 RtlDowncaseUnicodeString(
1108 _When_(AllocateDestinationString, _Out_ _At_(UniDest->Buffer, __drv_allocatesMem(Mem)))
1109 _When_(!AllocateDestinationString, _Inout_)
1110 PUNICODE_STRING UniDest,
1111 _In_ PCUNICODE_STRING UniSource,
1112 _In_ BOOLEAN AllocateDestinationString);
1113
1114 _IRQL_requires_max_(PASSIVE_LEVEL)
1115 NTSYSAPI
1116 VOID
1117 NTAPI
1118 RtlFreeOemString(
1119 _Inout_ _At_(OemString->Buffer, __drv_freesMem(Mem)) POEM_STRING OemString);
1120
1121 _IRQL_requires_max_(PASSIVE_LEVEL)
1122 NTSYSAPI
1123 ULONG
1124 NTAPI
1125 RtlxUnicodeStringToOemSize(
1126 _In_ PCUNICODE_STRING UnicodeString);
1127
1128 _IRQL_requires_max_(PASSIVE_LEVEL)
1129 NTSYSAPI
1130 ULONG
1131 NTAPI
1132 RtlxOemStringToUnicodeSize(
1133 _In_ PCOEM_STRING OemString);
1134
1135 _IRQL_requires_max_(PASSIVE_LEVEL)
1136 NTSYSAPI
1137 NTSTATUS
1138 NTAPI
1139 RtlMultiByteToUnicodeN(
1140 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1141 _In_ ULONG MaxBytesInUnicodeString,
1142 _Out_opt_ PULONG BytesInUnicodeString,
1143 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1144 _In_ ULONG BytesInMultiByteString);
1145
1146 _IRQL_requires_max_(PASSIVE_LEVEL)
1147 NTSYSAPI
1148 NTSTATUS
1149 NTAPI
1150 RtlMultiByteToUnicodeSize(
1151 _Out_ PULONG BytesInUnicodeString,
1152 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1153 _In_ ULONG BytesInMultiByteString);
1154
1155 _IRQL_requires_max_(PASSIVE_LEVEL)
1156 NTSYSAPI
1157 NTSTATUS
1158 NTAPI
1159 RtlUnicodeToMultiByteSize(
1160 _Out_ PULONG BytesInMultiByteString,
1161 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1162 _In_ ULONG BytesInUnicodeString);
1163
1164 _IRQL_requires_max_(PASSIVE_LEVEL)
1165 NTSYSAPI
1166 NTSTATUS
1167 NTAPI
1168 RtlUnicodeToMultiByteN(
1169 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1170 _In_ ULONG MaxBytesInMultiByteString,
1171 _Out_opt_ PULONG BytesInMultiByteString,
1172 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1173 _In_ ULONG BytesInUnicodeString);
1174
1175 _IRQL_requires_max_(PASSIVE_LEVEL)
1176 NTSYSAPI
1177 NTSTATUS
1178 NTAPI
1179 RtlUpcaseUnicodeToMultiByteN(
1180 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1181 _In_ ULONG MaxBytesInMultiByteString,
1182 _Out_opt_ PULONG BytesInMultiByteString,
1183 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1184 _In_ ULONG BytesInUnicodeString);
1185
1186 _IRQL_requires_max_(PASSIVE_LEVEL)
1187 NTSYSAPI
1188 NTSTATUS
1189 NTAPI
1190 RtlOemToUnicodeN(
1191 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWSTR UnicodeString,
1192 _In_ ULONG MaxBytesInUnicodeString,
1193 _Out_opt_ PULONG BytesInUnicodeString,
1194 _In_reads_bytes_(BytesInOemString) PCCH OemString,
1195 _In_ ULONG BytesInOemString);
1196
1197 _IRQL_requires_max_(PASSIVE_LEVEL)
1198 NTSYSAPI
1199 NTSTATUS
1200 NTAPI
1201 RtlUnicodeToOemN(
1202 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1203 _In_ ULONG MaxBytesInOemString,
1204 _Out_opt_ PULONG BytesInOemString,
1205 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1206 _In_ ULONG BytesInUnicodeString);
1207
1208 _IRQL_requires_max_(PASSIVE_LEVEL)
1209 NTSYSAPI
1210 NTSTATUS
1211 NTAPI
1212 RtlUpcaseUnicodeToOemN(
1213 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1214 _In_ ULONG MaxBytesInOemString,
1215 _Out_opt_ PULONG BytesInOemString,
1216 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1217 _In_ ULONG BytesInUnicodeString);
1218
1219 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1220 _IRQL_requires_max_(PASSIVE_LEVEL)
1221 NTSYSAPI
1222 NTSTATUS
1223 NTAPI
1224 RtlGenerate8dot3Name(
1225 _In_ PCUNICODE_STRING Name,
1226 _In_ BOOLEAN AllowExtendedCharacters,
1227 _Inout_ PGENERATE_NAME_CONTEXT Context,
1228 _Inout_ PUNICODE_STRING Name8dot3);
1229 #else
1230 _IRQL_requires_max_(PASSIVE_LEVEL)
1231 NTSYSAPI
1232 VOID
1233 NTAPI
1234 RtlGenerate8dot3Name(
1235 _In_ PCUNICODE_STRING Name,
1236 _In_ BOOLEAN AllowExtendedCharacters,
1237 _Inout_ PGENERATE_NAME_CONTEXT Context,
1238 _Inout_ PUNICODE_STRING Name8dot3);
1239 #endif
1240
1241 _IRQL_requires_max_(PASSIVE_LEVEL)
1242 _Must_inspect_result_
1243 NTSYSAPI
1244 BOOLEAN
1245 NTAPI
1246 RtlIsNameLegalDOS8Dot3(
1247 _In_ PCUNICODE_STRING Name,
1248 _Inout_opt_ POEM_STRING OemName,
1249 _Out_opt_ PBOOLEAN NameContainsSpaces);
1250
1251 _IRQL_requires_max_(PASSIVE_LEVEL)
1252 _Must_inspect_result_
1253 NTSYSAPI
1254 BOOLEAN
1255 NTAPI
1256 RtlIsValidOemCharacter(
1257 _Inout_ PWCHAR Char);
1258
1259 _IRQL_requires_max_(PASSIVE_LEVEL)
1260 NTSYSAPI
1261 VOID
1262 NTAPI
1263 PfxInitialize(
1264 _Out_ PPREFIX_TABLE PrefixTable);
1265
1266 _IRQL_requires_max_(PASSIVE_LEVEL)
1267 NTSYSAPI
1268 BOOLEAN
1269 NTAPI
1270 PfxInsertPrefix(
1271 _In_ PPREFIX_TABLE PrefixTable,
1272 _In_ __drv_aliasesMem PSTRING Prefix,
1273 _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1274
1275 _IRQL_requires_max_(PASSIVE_LEVEL)
1276 NTSYSAPI
1277 VOID
1278 NTAPI
1279 PfxRemovePrefix(
1280 _In_ PPREFIX_TABLE PrefixTable,
1281 _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1282
1283 _IRQL_requires_max_(PASSIVE_LEVEL)
1284 _Must_inspect_result_
1285 NTSYSAPI
1286 PPREFIX_TABLE_ENTRY
1287 NTAPI
1288 PfxFindPrefix(
1289 _In_ PPREFIX_TABLE PrefixTable,
1290 _In_ PSTRING FullName);
1291
1292 _IRQL_requires_max_(PASSIVE_LEVEL)
1293 NTSYSAPI
1294 VOID
1295 NTAPI
1296 RtlInitializeUnicodePrefix(
1297 _Out_ PUNICODE_PREFIX_TABLE PrefixTable);
1298
1299 _IRQL_requires_max_(PASSIVE_LEVEL)
1300 NTSYSAPI
1301 BOOLEAN
1302 NTAPI
1303 RtlInsertUnicodePrefix(
1304 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1305 _In_ __drv_aliasesMem PUNICODE_STRING Prefix,
1306 _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1307
1308 _IRQL_requires_max_(PASSIVE_LEVEL)
1309 NTSYSAPI
1310 VOID
1311 NTAPI
1312 RtlRemoveUnicodePrefix(
1313 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1314 _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1315
1316 _IRQL_requires_max_(PASSIVE_LEVEL)
1317 _Must_inspect_result_
1318 NTSYSAPI
1319 PUNICODE_PREFIX_TABLE_ENTRY
1320 NTAPI
1321 RtlFindUnicodePrefix(
1322 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1323 _In_ PUNICODE_STRING FullName,
1324 _In_ ULONG CaseInsensitiveIndex);
1325
1326 _IRQL_requires_max_(PASSIVE_LEVEL)
1327 _Must_inspect_result_
1328 NTSYSAPI
1329 PUNICODE_PREFIX_TABLE_ENTRY
1330 NTAPI
1331 RtlNextUnicodePrefix(
1332 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1333 _In_ BOOLEAN Restart);
1334
1335 _Must_inspect_result_
1336 NTSYSAPI
1337 SIZE_T
1338 NTAPI
1339 RtlCompareMemoryUlong(
1340 _In_reads_bytes_(Length) PVOID Source,
1341 _In_ SIZE_T Length,
1342 _In_ ULONG Pattern);
1343
1344 _Success_(return != 0)
1345 NTSYSAPI
1346 BOOLEAN
1347 NTAPI
1348 RtlTimeToSecondsSince1980(
1349 _In_ PLARGE_INTEGER Time,
1350 _Out_ PULONG ElapsedSeconds);
1351
1352 NTSYSAPI
1353 VOID
1354 NTAPI
1355 RtlSecondsSince1980ToTime(
1356 _In_ ULONG ElapsedSeconds,
1357 _Out_ PLARGE_INTEGER Time);
1358
1359 _Success_(return != 0)
1360 _Must_inspect_result_
1361 NTSYSAPI
1362 BOOLEAN
1363 NTAPI
1364 RtlTimeToSecondsSince1970(
1365 _In_ PLARGE_INTEGER Time,
1366 _Out_ PULONG ElapsedSeconds);
1367
1368 NTSYSAPI
1369 VOID
1370 NTAPI
1371 RtlSecondsSince1970ToTime(
1372 _In_ ULONG ElapsedSeconds,
1373 _Out_ PLARGE_INTEGER Time);
1374
1375 _IRQL_requires_max_(APC_LEVEL)
1376 _Must_inspect_result_
1377 NTSYSAPI
1378 BOOLEAN
1379 NTAPI
1380 RtlValidSid(
1381 _In_ PSID Sid);
1382
1383 _Must_inspect_result_
1384 NTSYSAPI
1385 BOOLEAN
1386 NTAPI
1387 RtlEqualSid(
1388 _In_ PSID Sid1,
1389 _In_ PSID Sid2);
1390
1391 _IRQL_requires_max_(APC_LEVEL)
1392 _Must_inspect_result_
1393 NTSYSAPI
1394 BOOLEAN
1395 NTAPI
1396 RtlEqualPrefixSid(
1397 _In_ PSID Sid1,
1398 _In_ PSID Sid2);
1399
1400 _IRQL_requires_max_(APC_LEVEL)
1401 NTSYSAPI
1402 ULONG
1403 NTAPI
1404 RtlLengthRequiredSid(
1405 _In_ ULONG SubAuthorityCount);
1406
1407 NTSYSAPI
1408 PVOID
1409 NTAPI
1410 RtlFreeSid(
1411 _In_ _Post_invalid_ PSID Sid);
1412
1413 _Must_inspect_result_
1414 NTSYSAPI
1415 NTSTATUS
1416 NTAPI
1417 RtlAllocateAndInitializeSid(
1418 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1419 _In_ UCHAR SubAuthorityCount,
1420 _In_ ULONG SubAuthority0,
1421 _In_ ULONG SubAuthority1,
1422 _In_ ULONG SubAuthority2,
1423 _In_ ULONG SubAuthority3,
1424 _In_ ULONG SubAuthority4,
1425 _In_ ULONG SubAuthority5,
1426 _In_ ULONG SubAuthority6,
1427 _In_ ULONG SubAuthority7,
1428 _Outptr_ PSID *Sid);
1429
1430 _IRQL_requires_max_(APC_LEVEL)
1431 NTSYSAPI
1432 NTSTATUS
1433 NTAPI
1434 RtlInitializeSid(
1435 _Out_ PSID Sid,
1436 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1437 _In_ UCHAR SubAuthorityCount);
1438
1439 NTSYSAPI
1440 PULONG
1441 NTAPI
1442 RtlSubAuthoritySid(
1443 _In_ PSID Sid,
1444 _In_ ULONG SubAuthority);
1445
1446 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
1447 NTSYSAPI
1448 ULONG
1449 NTAPI
1450 RtlLengthSid(
1451 _In_ PSID Sid);
1452
1453 _IRQL_requires_max_(APC_LEVEL)
1454 NTSYSAPI
1455 NTSTATUS
1456 NTAPI
1457 RtlCopySid(
1458 _In_ ULONG DestinationSidLength,
1459 _Out_writes_bytes_(DestinationSidLength) PSID DestinationSid,
1460 _In_ PSID SourceSid);
1461
1462 _IRQL_requires_max_(APC_LEVEL)
1463 NTSYSAPI
1464 NTSTATUS
1465 NTAPI
1466 RtlConvertSidToUnicodeString(
1467 _Inout_ PUNICODE_STRING UnicodeString,
1468 _In_ PSID Sid,
1469 _In_ BOOLEAN AllocateDestinationString);
1470
1471 _IRQL_requires_max_(APC_LEVEL)
1472 NTSYSAPI
1473 VOID
1474 NTAPI
1475 RtlCopyLuid(
1476 _Out_ PLUID DestinationLuid,
1477 _In_ PLUID SourceLuid);
1478
1479 _IRQL_requires_max_(APC_LEVEL)
1480 NTSYSAPI
1481 NTSTATUS
1482 NTAPI
1483 RtlCreateAcl(
1484 _Out_writes_bytes_(AclLength) PACL Acl,
1485 _In_ ULONG AclLength,
1486 _In_ ULONG AclRevision);
1487
1488 _IRQL_requires_max_(APC_LEVEL)
1489 NTSYSAPI
1490 NTSTATUS
1491 NTAPI
1492 RtlAddAce(
1493 _Inout_ PACL Acl,
1494 _In_ ULONG AceRevision,
1495 _In_ ULONG StartingAceIndex,
1496 _In_reads_bytes_(AceListLength) PVOID AceList,
1497 _In_ ULONG AceListLength);
1498
1499 _IRQL_requires_max_(APC_LEVEL)
1500 NTSYSAPI
1501 NTSTATUS
1502 NTAPI
1503 RtlDeleteAce(
1504 _Inout_ PACL Acl,
1505 _In_ ULONG AceIndex);
1506
1507 NTSYSAPI
1508 NTSTATUS
1509 NTAPI
1510 RtlGetAce(
1511 _In_ PACL Acl,
1512 _In_ ULONG AceIndex,
1513 _Outptr_ PVOID *Ace);
1514
1515 _IRQL_requires_max_(APC_LEVEL)
1516 NTSYSAPI
1517 NTSTATUS
1518 NTAPI
1519 RtlAddAccessAllowedAce(
1520 _Inout_ PACL Acl,
1521 _In_ ULONG AceRevision,
1522 _In_ ACCESS_MASK AccessMask,
1523 _In_ PSID Sid);
1524
1525 _IRQL_requires_max_(APC_LEVEL)
1526 NTSYSAPI
1527 NTSTATUS
1528 NTAPI
1529 RtlAddAccessAllowedAceEx(
1530 _Inout_ PACL Acl,
1531 _In_ ULONG AceRevision,
1532 _In_ ULONG AceFlags,
1533 _In_ ACCESS_MASK AccessMask,
1534 _In_ PSID Sid);
1535
1536 _IRQL_requires_max_(APC_LEVEL)
1537 NTSYSAPI
1538 NTSTATUS
1539 NTAPI
1540 RtlCreateSecurityDescriptorRelative(
1541 _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
1542 _In_ ULONG Revision);
1543
1544 NTSYSAPI
1545 NTSTATUS
1546 NTAPI
1547 RtlGetDaclSecurityDescriptor(
1548 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1549 _Out_ PBOOLEAN DaclPresent,
1550 _Out_ PACL *Dacl,
1551 _Out_ PBOOLEAN DaclDefaulted);
1552
1553 _IRQL_requires_max_(APC_LEVEL)
1554 NTSYSAPI
1555 NTSTATUS
1556 NTAPI
1557 RtlSetOwnerSecurityDescriptor(
1558 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1559 _In_opt_ PSID Owner,
1560 _In_opt_ BOOLEAN OwnerDefaulted);
1561
1562 _IRQL_requires_max_(APC_LEVEL)
1563 NTSYSAPI
1564 NTSTATUS
1565 NTAPI
1566 RtlGetOwnerSecurityDescriptor(
1567 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1568 _Out_ PSID *Owner,
1569 _Out_ PBOOLEAN OwnerDefaulted);
1570
1571 _IRQL_requires_max_(APC_LEVEL)
1572 _When_(Status < 0, _Out_range_(>, 0))
1573 _When_(Status >= 0, _Out_range_(==, 0))
1574 NTSYSAPI
1575 ULONG
1576 NTAPI
1577 RtlNtStatusToDosError(
1578 _In_ NTSTATUS Status);
1579
1580 _IRQL_requires_max_(PASSIVE_LEVEL)
1581 NTSYSAPI
1582 NTSTATUS
1583 NTAPI
1584 RtlCustomCPToUnicodeN(
1585 _In_ PCPTABLEINFO CustomCP,
1586 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1587 _In_ ULONG MaxBytesInUnicodeString,
1588 _Out_opt_ PULONG BytesInUnicodeString,
1589 _In_reads_bytes_(BytesInCustomCPString) PCH CustomCPString,
1590 _In_ ULONG BytesInCustomCPString);
1591
1592 _IRQL_requires_max_(PASSIVE_LEVEL)
1593 NTSYSAPI
1594 NTSTATUS
1595 NTAPI
1596 RtlUnicodeToCustomCPN(
1597 _In_ PCPTABLEINFO CustomCP,
1598 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1599 _In_ ULONG MaxBytesInCustomCPString,
1600 _Out_opt_ PULONG BytesInCustomCPString,
1601 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1602 _In_ ULONG BytesInUnicodeString);
1603
1604 _IRQL_requires_max_(PASSIVE_LEVEL)
1605 NTSYSAPI
1606 NTSTATUS
1607 NTAPI
1608 RtlUpcaseUnicodeToCustomCPN(
1609 _In_ PCPTABLEINFO CustomCP,
1610 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1611 _In_ ULONG MaxBytesInCustomCPString,
1612 _Out_opt_ PULONG BytesInCustomCPString,
1613 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1614 _In_ ULONG BytesInUnicodeString);
1615
1616 _IRQL_requires_max_(PASSIVE_LEVEL)
1617 NTSYSAPI
1618 VOID
1619 NTAPI
1620 RtlInitCodePageTable(
1621 _In_ PUSHORT TableBase,
1622 _Out_ PCPTABLEINFO CodePageTable);
1623
1624
1625 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
1626
1627
1628 #if (NTDDI_VERSION >= NTDDI_WINXP)
1629
1630
1631
1632 _Must_inspect_result_
1633 NTSYSAPI
1634 PVOID
1635 NTAPI
1636 RtlCreateHeap(
1637 _In_ ULONG Flags,
1638 _In_opt_ PVOID HeapBase,
1639 _In_opt_ SIZE_T ReserveSize,
1640 _In_opt_ SIZE_T CommitSize,
1641 _In_opt_ PVOID Lock,
1642 _In_opt_ PRTL_HEAP_PARAMETERS Parameters);
1643
1644 NTSYSAPI
1645 PVOID
1646 NTAPI
1647 RtlDestroyHeap(
1648 _In_ _Post_invalid_ PVOID HeapHandle);
1649
1650 NTSYSAPI
1651 USHORT
1652 NTAPI
1653 RtlCaptureStackBackTrace(
1654 _In_ ULONG FramesToSkip,
1655 _In_ ULONG FramesToCapture,
1656 _Out_writes_to_(FramesToCapture, return) PVOID *BackTrace,
1657 _Out_opt_ PULONG BackTraceHash);
1658
1659 _Ret_range_(<, MAXLONG)
1660 NTSYSAPI
1661 ULONG
1662 NTAPI
1663 RtlRandomEx(
1664 _Inout_ PULONG Seed);
1665
1666 _IRQL_requires_max_(DISPATCH_LEVEL)
1667 NTSYSAPI
1668 NTSTATUS
1669 NTAPI
1670 RtlInitUnicodeStringEx(
1671 _Out_ PUNICODE_STRING DestinationString,
1672 _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
1673
1674 _Must_inspect_result_
1675 NTSYSAPI
1676 NTSTATUS
1677 NTAPI
1678 RtlValidateUnicodeString(
1679 _In_ ULONG Flags,
1680 _In_ PCUNICODE_STRING String);
1681
1682 _IRQL_requires_max_(PASSIVE_LEVEL)
1683 _Must_inspect_result_
1684 NTSYSAPI
1685 NTSTATUS
1686 NTAPI
1687 RtlDuplicateUnicodeString(
1688 _In_ ULONG Flags,
1689 _In_ PCUNICODE_STRING SourceString,
1690 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)) PUNICODE_STRING DestinationString);
1691
1692 NTSYSAPI
1693 NTSTATUS
1694 NTAPI
1695 RtlGetCompressionWorkSpaceSize(
1696 _In_ USHORT CompressionFormatAndEngine,
1697 _Out_ PULONG CompressBufferWorkSpaceSize,
1698 _Out_ PULONG CompressFragmentWorkSpaceSize);
1699
1700 NTSYSAPI
1701 NTSTATUS
1702 NTAPI
1703 RtlCompressBuffer(
1704 _In_ USHORT CompressionFormatAndEngine,
1705 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1706 _In_ ULONG UncompressedBufferSize,
1707 _Out_writes_bytes_to_(CompressedBufferSize, *FinalCompressedSize) PUCHAR CompressedBuffer,
1708 _In_ ULONG CompressedBufferSize,
1709 _In_ ULONG UncompressedChunkSize,
1710 _Out_ PULONG FinalCompressedSize,
1711 _In_ PVOID WorkSpace);
1712
1713 _IRQL_requires_max_(APC_LEVEL)
1714 NTSYSAPI
1715 NTSTATUS
1716 NTAPI
1717 RtlDecompressBuffer(
1718 _In_ USHORT CompressionFormat,
1719 _Out_writes_bytes_to_(UncompressedBufferSize, *FinalUncompressedSize) PUCHAR UncompressedBuffer,
1720 _In_ ULONG UncompressedBufferSize,
1721 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1722 _In_ ULONG CompressedBufferSize,
1723 _Out_ PULONG FinalUncompressedSize);
1724
1725 _IRQL_requires_max_(APC_LEVEL)
1726 NTSYSAPI
1727 NTSTATUS
1728 NTAPI
1729 RtlDecompressFragment(
1730 _In_ USHORT CompressionFormat,
1731 _Out_writes_bytes_to_(UncompressedFragmentSize, *FinalUncompressedSize) PUCHAR UncompressedFragment,
1732 _In_ ULONG UncompressedFragmentSize,
1733 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1734 _In_ ULONG CompressedBufferSize,
1735 _In_range_(<, CompressedBufferSize) ULONG FragmentOffset,
1736 _Out_ PULONG FinalUncompressedSize,
1737 _In_ PVOID WorkSpace);
1738
1739 _IRQL_requires_max_(APC_LEVEL)
1740 NTSYSAPI
1741 NTSTATUS
1742 NTAPI
1743 RtlDescribeChunk(
1744 _In_ USHORT CompressionFormat,
1745 _Inout_ PUCHAR *CompressedBuffer,
1746 _In_ PUCHAR EndOfCompressedBufferPlus1,
1747 _Out_ PUCHAR *ChunkBuffer,
1748 _Out_ PULONG ChunkSize);
1749
1750 _IRQL_requires_max_(APC_LEVEL)
1751 NTSYSAPI
1752 NTSTATUS
1753 NTAPI
1754 RtlReserveChunk(
1755 _In_ USHORT CompressionFormat,
1756 _Inout_ PUCHAR *CompressedBuffer,
1757 _In_ PUCHAR EndOfCompressedBufferPlus1,
1758 _Out_ PUCHAR *ChunkBuffer,
1759 _In_ ULONG ChunkSize);
1760
1761 _IRQL_requires_max_(APC_LEVEL)
1762 NTSYSAPI
1763 NTSTATUS
1764 NTAPI
1765 RtlDecompressChunks(
1766 _Out_writes_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1767 _In_ ULONG UncompressedBufferSize,
1768 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1769 _In_ ULONG CompressedBufferSize,
1770 _In_reads_bytes_(CompressedTailSize) PUCHAR CompressedTail,
1771 _In_ ULONG CompressedTailSize,
1772 _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo);
1773
1774 _IRQL_requires_max_(APC_LEVEL)
1775 NTSYSAPI
1776 NTSTATUS
1777 NTAPI
1778 RtlCompressChunks(
1779 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1780 _In_ ULONG UncompressedBufferSize,
1781 _Out_writes_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1782 _In_range_(>=, (UncompressedBufferSize - (UncompressedBufferSize / 16))) ULONG CompressedBufferSize,
1783 _Inout_updates_bytes_(CompressedDataInfoLength) PCOMPRESSED_DATA_INFO CompressedDataInfo,
1784 _In_range_(>, sizeof(COMPRESSED_DATA_INFO)) ULONG CompressedDataInfoLength,
1785 _In_ PVOID WorkSpace);
1786
1787 _IRQL_requires_max_(APC_LEVEL)
1788 NTSYSAPI
1789 PSID_IDENTIFIER_AUTHORITY
1790 NTAPI
1791 RtlIdentifierAuthoritySid(
1792 _In_ PSID Sid);
1793
1794 NTSYSAPI
1795 PUCHAR
1796 NTAPI
1797 RtlSubAuthorityCountSid(
1798 _In_ PSID Sid);
1799
1800 _When_(Status < 0, _Out_range_(>, 0))
1801 _When_(Status >= 0, _Out_range_(==, 0))
1802 NTSYSAPI
1803 ULONG
1804 NTAPI
1805 RtlNtStatusToDosErrorNoTeb(
1806 _In_ NTSTATUS Status);
1807
1808 _IRQL_requires_max_(PASSIVE_LEVEL)
1809 NTSYSAPI
1810 NTSTATUS
1811 NTAPI
1812 RtlCreateSystemVolumeInformationFolder(
1813 _In_ PCUNICODE_STRING VolumeRootPath);
1814
1815 #if defined(_M_AMD64)
1816
1817 FORCEINLINE
1818 VOID
1819 RtlFillMemoryUlong(
1820 _Out_writes_bytes_all_(Length) PVOID Destination,
1821 _In_ SIZE_T Length,
1822 _In_ ULONG Pattern)
1823 {
1824 PULONG Address = (PULONG)Destination;
1825 if ((Length /= 4) != 0) {
1826 if (((ULONG64)Address & 4) != 0) {
1827 *Address = Pattern;
1828 if ((Length -= 1) == 0) {
1829 return;
1830 }
1831 Address += 1;
1832 }
1833 __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
1834 if ((Length & 1) != 0) Address[Length - 1] = Pattern;
1835 }
1836 return;
1837 }
1838
1839 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
1840 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
1841
1842 #else
1843
1844 NTSYSAPI
1845 VOID
1846 NTAPI
1847 RtlFillMemoryUlong(
1848 OUT PVOID Destination,
1849 IN SIZE_T Length,
1850 IN ULONG Pattern);
1851
1852 NTSYSAPI
1853 VOID
1854 NTAPI
1855 RtlFillMemoryUlonglong(
1856 _Out_writes_bytes_all_(Length) PVOID Destination,
1857 _In_ SIZE_T Length,
1858 _In_ ULONGLONG Pattern);
1859
1860 #endif /* defined(_M_AMD64) */
1861
1862 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
1863
1864 #if (NTDDI_VERSION >= NTDDI_WS03)
1865 _IRQL_requires_max_(DISPATCH_LEVEL)
1866 NTSYSAPI
1867 NTSTATUS
1868 NTAPI
1869 RtlInitAnsiStringEx(
1870 _Out_ PANSI_STRING DestinationString,
1871 _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
1872 #endif
1873
1874 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
1875
1876 _IRQL_requires_max_(APC_LEVEL)
1877 NTSYSAPI
1878 NTSTATUS
1879 NTAPI
1880 RtlGetSaclSecurityDescriptor(
1881 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1882 _Out_ PBOOLEAN SaclPresent,
1883 _Out_ PACL *Sacl,
1884 _Out_ PBOOLEAN SaclDefaulted);
1885
1886 _IRQL_requires_max_(APC_LEVEL)
1887 NTSYSAPI
1888 NTSTATUS
1889 NTAPI
1890 RtlSetGroupSecurityDescriptor(
1891 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1892 _In_opt_ PSID Group,
1893 _In_opt_ BOOLEAN GroupDefaulted);
1894
1895 _IRQL_requires_max_(APC_LEVEL)
1896 NTSYSAPI
1897 NTSTATUS
1898 NTAPI
1899 RtlGetGroupSecurityDescriptor(
1900 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1901 _Out_ PSID *Group,
1902 _Out_ PBOOLEAN GroupDefaulted);
1903
1904 _IRQL_requires_max_(APC_LEVEL)
1905 NTSYSAPI
1906 NTSTATUS
1907 NTAPI
1908 RtlAbsoluteToSelfRelativeSD(
1909 _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1910 _Out_writes_bytes_to_opt_(*BufferLength, *BufferLength) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1911 _Inout_ PULONG BufferLength);
1912
1913 _IRQL_requires_max_(APC_LEVEL)
1914 NTSYSAPI
1915 NTSTATUS
1916 NTAPI
1917 RtlSelfRelativeToAbsoluteSD(
1918 _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1919 _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize, *AbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1920 _Inout_ PULONG AbsoluteSecurityDescriptorSize,
1921 _Out_writes_bytes_to_opt_(*DaclSize, *DaclSize) PACL Dacl,
1922 _Inout_ PULONG DaclSize,
1923 _Out_writes_bytes_to_opt_(*SaclSize, *SaclSize) PACL Sacl,
1924 _Inout_ PULONG SaclSize,
1925 _Out_writes_bytes_to_opt_(*OwnerSize, *OwnerSize) PSID Owner,
1926 _Inout_ PULONG OwnerSize,
1927 _Out_writes_bytes_to_opt_(*PrimaryGroupSize, *PrimaryGroupSize) PSID PrimaryGroup,
1928 _Inout_ PULONG PrimaryGroupSize);
1929
1930 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
1931
1932 #if (NTDDI_VERSION >= NTDDI_VISTA)
1933
1934 NTSYSAPI
1935 NTSTATUS
1936 NTAPI
1937 RtlNormalizeString(
1938 _In_ ULONG NormForm,
1939 _In_ PCWSTR SourceString,
1940 _In_ LONG SourceStringLength,
1941 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1942 _Inout_ PLONG DestinationStringLength);
1943
1944 NTSYSAPI
1945 NTSTATUS
1946 NTAPI
1947 RtlIsNormalizedString(
1948 _In_ ULONG NormForm,
1949 _In_ PCWSTR SourceString,
1950 _In_ LONG SourceStringLength,
1951 _Out_ PBOOLEAN Normalized);
1952
1953 NTSYSAPI
1954 NTSTATUS
1955 NTAPI
1956 RtlIdnToAscii(
1957 _In_ ULONG Flags,
1958 _In_ PCWSTR SourceString,
1959 _In_ LONG SourceStringLength,
1960 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1961 _Inout_ PLONG DestinationStringLength);
1962
1963 NTSYSAPI
1964 NTSTATUS
1965 NTAPI
1966 RtlIdnToUnicode(
1967 IN ULONG Flags,
1968 IN PCWSTR SourceString,
1969 IN LONG SourceStringLength,
1970 OUT PWSTR DestinationString,
1971 IN OUT PLONG DestinationStringLength);
1972
1973 NTSYSAPI
1974 NTSTATUS
1975 NTAPI
1976 RtlIdnToNameprepUnicode(
1977 _In_ ULONG Flags,
1978 _In_ PCWSTR SourceString,
1979 _In_ LONG SourceStringLength,
1980 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1981 _Inout_ PLONG DestinationStringLength);
1982
1983 NTSYSAPI
1984 NTSTATUS
1985 NTAPI
1986 RtlCreateServiceSid(
1987 _In_ PUNICODE_STRING ServiceName,
1988 _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
1989 _Inout_ PULONG ServiceSidLength);
1990
1991 NTSYSAPI
1992 LONG
1993 NTAPI
1994 RtlCompareAltitudes(
1995 _In_ PCUNICODE_STRING Altitude1,
1996 _In_ PCUNICODE_STRING Altitude2);
1997
1998
1999 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
2000
2001 #if (NTDDI_VERSION >= NTDDI_WIN7)
2002
2003 _IRQL_requires_max_(PASSIVE_LEVEL)
2004 _Must_inspect_result_
2005 NTSYSAPI
2006 NTSTATUS
2007 NTAPI
2008 RtlUnicodeToUTF8N(
2009 _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount) PCHAR UTF8StringDestination,
2010 _In_ ULONG UTF8StringMaxByteCount,
2011 _Out_ PULONG UTF8StringActualByteCount,
2012 _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
2013 _In_ ULONG UnicodeStringByteCount);
2014
2015 _IRQL_requires_max_(PASSIVE_LEVEL)
2016 _Must_inspect_result_
2017 NTSYSAPI
2018 NTSTATUS
2019 NTAPI
2020 RtlUTF8ToUnicodeN(
2021 _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount) PWSTR UnicodeStringDestination,
2022 _In_ ULONG UnicodeStringMaxByteCount,
2023 _Out_ PULONG UnicodeStringActualByteCount,
2024 _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
2025 _In_ ULONG UTF8StringByteCount);
2026
2027 _IRQL_requires_max_(APC_LEVEL)
2028 NTSYSAPI
2029 NTSTATUS
2030 NTAPI
2031 RtlReplaceSidInSd(
2032 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2033 _In_ PSID OldSid,
2034 _In_ PSID NewSid,
2035 _Out_ ULONG *NumChanges);
2036
2037 NTSYSAPI
2038 NTSTATUS
2039 NTAPI
2040 RtlCreateVirtualAccountSid(
2041 _In_ PCUNICODE_STRING Name,
2042 _In_ ULONG BaseSubAuthority,
2043 _Out_writes_bytes_(*SidLength) PSID Sid,
2044 _Inout_ PULONG SidLength);
2045
2046 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
2047
2048
2049 #if defined(_AMD64_) || defined(_IA64_)
2050
2051
2052
2053 #endif /* defined(_AMD64_) || defined(_IA64_) */
2054
2055
2056
2057 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2058 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2059
2060 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2061 RtlxUnicodeStringToOemSize(STRING) : \
2062 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2063 )
2064
2065 #define RtlOemStringToUnicodeSize(STRING) ( \
2066 NLS_MB_OEM_CODE_PAGE_TAG ? \
2067 RtlxOemStringToUnicodeSize(STRING) : \
2068 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2069 )
2070
2071 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2072 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2073 )
2074
2075 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
2076 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
2077
2078 _IRQL_requires_max_(PASSIVE_LEVEL)
2079 __kernel_entry
2080 NTSYSCALLAPI
2081 NTSTATUS
2082 NTAPI
2083 NtQueryObject(
2084 _In_opt_ HANDLE Handle,
2085 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
2086 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
2087 _In_ ULONG ObjectInformationLength,
2088 _Out_opt_ PULONG ReturnLength);
2089
2090 #if (NTDDI_VERSION >= NTDDI_WIN2K)
2091
2092 _Must_inspect_result_
2093 __kernel_entry
2094 NTSYSCALLAPI
2095 NTSTATUS
2096 NTAPI
2097 NtOpenThreadToken(
2098 _In_ HANDLE ThreadHandle,
2099 _In_ ACCESS_MASK DesiredAccess,
2100 _In_ BOOLEAN OpenAsSelf,
2101 _Out_ PHANDLE TokenHandle);
2102
2103 _Must_inspect_result_
2104 __kernel_entry
2105 NTSYSCALLAPI
2106 NTSTATUS
2107 NTAPI
2108 NtOpenProcessToken(
2109 _In_ HANDLE ProcessHandle,
2110 _In_ ACCESS_MASK DesiredAccess,
2111 _Out_ PHANDLE TokenHandle);
2112
2113 _When_(TokenInformationClass == TokenAccessInformation,
2114 _At_(TokenInformationLength,
2115 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
2116 _Must_inspect_result_
2117 __kernel_entry
2118 NTSYSCALLAPI
2119 NTSTATUS
2120 NTAPI
2121 NtQueryInformationToken(
2122 _In_ HANDLE TokenHandle,
2123 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2124 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
2125 _In_ ULONG TokenInformationLength,
2126 _Out_ PULONG ReturnLength);
2127
2128 _Must_inspect_result_
2129 __kernel_entry
2130 NTSYSCALLAPI
2131 NTSTATUS
2132 NTAPI
2133 NtAdjustPrivilegesToken(
2134 _In_ HANDLE TokenHandle,
2135 _In_ BOOLEAN DisableAllPrivileges,
2136 _In_opt_ PTOKEN_PRIVILEGES NewState,
2137 _In_ ULONG BufferLength,
2138 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
2139 _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
2140
2141 __kernel_entry
2142 NTSYSCALLAPI
2143 NTSTATUS
2144 NTAPI
2145 NtCreateFile(
2146 _Out_ PHANDLE FileHandle,
2147 _In_ ACCESS_MASK DesiredAccess,
2148 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2149 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2150 _In_opt_ PLARGE_INTEGER AllocationSize,
2151 _In_ ULONG FileAttributes,
2152 _In_ ULONG ShareAccess,
2153 _In_ ULONG CreateDisposition,
2154 _In_ ULONG CreateOptions,
2155 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
2156 _In_ ULONG EaLength);
2157
2158 __kernel_entry
2159 NTSYSCALLAPI
2160 NTSTATUS
2161 NTAPI
2162 NtDeviceIoControlFile(
2163 _In_ HANDLE FileHandle,
2164 _In_opt_ HANDLE Event,
2165 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2166 _In_opt_ PVOID ApcContext,
2167 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2168 _In_ ULONG IoControlCode,
2169 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2170 _In_ ULONG InputBufferLength,
2171 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2172 _In_ ULONG OutputBufferLength);
2173
2174 __kernel_entry
2175 NTSYSCALLAPI
2176 NTSTATUS
2177 NTAPI
2178 NtFsControlFile(
2179 _In_ HANDLE FileHandle,
2180 _In_opt_ HANDLE Event,
2181 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2182 _In_opt_ PVOID ApcContext,
2183 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2184 _In_ ULONG FsControlCode,
2185 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2186 _In_ ULONG InputBufferLength,
2187 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2188 _In_ ULONG OutputBufferLength);
2189
2190 __kernel_entry
2191 NTSYSCALLAPI
2192 NTSTATUS
2193 NTAPI
2194 NtLockFile(
2195 _In_ HANDLE FileHandle,
2196 _In_opt_ HANDLE Event,
2197 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2198 _In_opt_ PVOID ApcContext,
2199 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2200 _In_ PLARGE_INTEGER ByteOffset,
2201 _In_ PLARGE_INTEGER Length,
2202 _In_ ULONG Key,
2203 _In_ BOOLEAN FailImmediately,
2204 _In_ BOOLEAN ExclusiveLock);
2205
2206 __kernel_entry
2207 NTSYSCALLAPI
2208 NTSTATUS
2209 NTAPI
2210 NtOpenFile(
2211 _Out_ PHANDLE FileHandle,
2212 _In_ ACCESS_MASK DesiredAccess,
2213 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2214 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2215 _In_ ULONG ShareAccess,
2216 _In_ ULONG OpenOptions);
2217
2218 __kernel_entry
2219 NTSYSCALLAPI
2220 NTSTATUS
2221 NTAPI
2222 NtQueryDirectoryFile(
2223 _In_ HANDLE FileHandle,
2224 _In_opt_ HANDLE Event,
2225 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2226 _In_opt_ PVOID ApcContext,
2227 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2228 _Out_writes_bytes_(Length) PVOID FileInformation,
2229 _In_ ULONG Length,
2230 _In_ FILE_INFORMATION_CLASS FileInformationClass,
2231 _In_ BOOLEAN ReturnSingleEntry,
2232 _In_opt_ PUNICODE_STRING FileName,
2233 _In_ BOOLEAN RestartScan);
2234
2235 __kernel_entry
2236 NTSYSCALLAPI
2237 NTSTATUS
2238 NTAPI
2239 NtQueryInformationFile(
2240 _In_ HANDLE FileHandle,
2241 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2242 _Out_writes_bytes_(Length) PVOID FileInformation,
2243 _In_ ULONG Length,
2244 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2245
2246 __kernel_entry
2247 NTSYSCALLAPI
2248 NTSTATUS
2249 NTAPI
2250 NtQueryQuotaInformationFile(
2251 _In_ HANDLE FileHandle,
2252 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2253 _Out_writes_bytes_(Length) PVOID Buffer,
2254 _In_ ULONG Length,
2255 _In_ BOOLEAN ReturnSingleEntry,
2256 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
2257 _In_ ULONG SidListLength,
2258 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
2259 _In_ BOOLEAN RestartScan);
2260
2261 __kernel_entry
2262 NTSYSCALLAPI
2263 NTSTATUS
2264 NTAPI
2265 NtQueryVolumeInformationFile(
2266 _In_ HANDLE FileHandle,
2267 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2268 _Out_writes_bytes_(Length) PVOID FsInformation,
2269 _In_ ULONG Length,
2270 _In_ FS_INFORMATION_CLASS FsInformationClass);
2271
2272 __kernel_entry
2273 NTSYSCALLAPI
2274 NTSTATUS
2275 NTAPI
2276 NtReadFile(
2277 _In_ HANDLE FileHandle,
2278 _In_opt_ HANDLE Event,
2279 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2280 _In_opt_ PVOID ApcContext,
2281 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2282 _Out_writes_bytes_(Length) PVOID Buffer,
2283 _In_ ULONG Length,
2284 _In_opt_ PLARGE_INTEGER ByteOffset,
2285 _In_opt_ PULONG Key);
2286
2287 __kernel_entry
2288 NTSYSCALLAPI
2289 NTSTATUS
2290 NTAPI
2291 NtSetInformationFile(
2292 _In_ HANDLE FileHandle,
2293 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2294 _In_reads_bytes_(Length) PVOID FileInformation,
2295 _In_ ULONG Length,
2296 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2297
2298 __kernel_entry
2299 NTSYSCALLAPI
2300 NTSTATUS
2301 NTAPI
2302 NtSetQuotaInformationFile(
2303 _In_ HANDLE FileHandle,
2304 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2305 _In_reads_bytes_(Length) PVOID Buffer,
2306 _In_ ULONG Length);
2307
2308 __kernel_entry
2309 NTSYSCALLAPI
2310 NTSTATUS
2311 NTAPI
2312 NtSetVolumeInformationFile(
2313 _In_ HANDLE FileHandle,
2314 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2315 _In_reads_bytes_(Length) PVOID FsInformation,
2316 _In_ ULONG Length,
2317 _In_ FS_INFORMATION_CLASS FsInformationClass);
2318
2319 __kernel_entry
2320 NTSYSCALLAPI
2321 NTSTATUS
2322 NTAPI
2323 NtWriteFile(
2324 _In_ HANDLE FileHandle,
2325 _In_opt_ HANDLE Event,
2326 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2327 _In_opt_ PVOID ApcContext,
2328 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2329 _In_reads_bytes_(Length) PVOID Buffer,
2330 _In_ ULONG Length,
2331 _In_opt_ PLARGE_INTEGER ByteOffset,
2332 _In_opt_ PULONG Key);
2333
2334 __kernel_entry
2335 NTSYSCALLAPI
2336 NTSTATUS
2337 NTAPI
2338 NtUnlockFile(
2339 _In_ HANDLE FileHandle,
2340 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2341 _In_ PLARGE_INTEGER ByteOffset,
2342 _In_ PLARGE_INTEGER Length,
2343 _In_ ULONG Key);
2344
2345 _IRQL_requires_max_(PASSIVE_LEVEL)
2346 __kernel_entry
2347 NTSYSCALLAPI
2348 NTSTATUS
2349 NTAPI
2350 NtSetSecurityObject(
2351 _In_ HANDLE Handle,
2352 _In_ SECURITY_INFORMATION SecurityInformation,
2353 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
2354
2355 _IRQL_requires_max_(PASSIVE_LEVEL)
2356 __kernel_entry
2357 NTSYSCALLAPI
2358 NTSTATUS
2359 NTAPI
2360 NtQuerySecurityObject(
2361 _In_ HANDLE Handle,
2362 _In_ SECURITY_INFORMATION SecurityInformation,
2363 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
2364 _In_ ULONG Length,
2365 _Out_ PULONG LengthNeeded);
2366
2367 _IRQL_requires_max_(PASSIVE_LEVEL)
2368 __kernel_entry
2369 NTSYSCALLAPI
2370 NTSTATUS
2371 NTAPI
2372 NtClose(
2373 _In_ HANDLE Handle);
2374
2375 #endif
2376
2377 #if (NTDDI_VERSION >= NTDDI_WINXP)
2378
2379 _Must_inspect_result_
2380 __kernel_entry
2381 NTSYSCALLAPI
2382 NTSTATUS
2383 NTAPI
2384 NtOpenThreadTokenEx(
2385 _In_ HANDLE ThreadHandle,
2386 _In_ ACCESS_MASK DesiredAccess,
2387 _In_ BOOLEAN OpenAsSelf,
2388 _In_ ULONG HandleAttributes,
2389 _Out_ PHANDLE TokenHandle);
2390
2391 _Must_inspect_result_
2392 __kernel_entry
2393 NTSYSCALLAPI
2394 NTSTATUS
2395 NTAPI
2396 NtOpenProcessTokenEx(
2397 _In_ HANDLE ProcessHandle,
2398 _In_ ACCESS_MASK DesiredAccess,
2399 _In_ ULONG HandleAttributes,
2400 _Out_ PHANDLE TokenHandle);
2401
2402 _Must_inspect_result_
2403 NTSYSAPI
2404 NTSTATUS
2405 NTAPI
2406 NtOpenJobObjectToken(
2407 _In_ HANDLE JobHandle,
2408 _In_ ACCESS_MASK DesiredAccess,
2409 _Out_ PHANDLE TokenHandle);
2410
2411 _Must_inspect_result_
2412 __kernel_entry
2413 NTSYSCALLAPI
2414 NTSTATUS
2415 NTAPI
2416 NtDuplicateToken(
2417 _In_ HANDLE ExistingTokenHandle,
2418 _In_ ACCESS_MASK DesiredAccess,
2419 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2420 _In_ BOOLEAN EffectiveOnly,
2421 _In_ TOKEN_TYPE TokenType,
2422 _Out_ PHANDLE NewTokenHandle);
2423
2424 _Must_inspect_result_
2425 __kernel_entry
2426 NTSYSCALLAPI
2427 NTSTATUS
2428 NTAPI
2429 NtFilterToken(
2430 _In_ HANDLE ExistingTokenHandle,
2431 _In_ ULONG Flags,
2432 _In_opt_ PTOKEN_GROUPS SidsToDisable,
2433 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
2434 _In_opt_ PTOKEN_GROUPS RestrictedSids,
2435 _Out_ PHANDLE NewTokenHandle);
2436
2437 _Must_inspect_result_
2438 __kernel_entry
2439 NTSYSCALLAPI
2440 NTSTATUS
2441 NTAPI
2442 NtImpersonateAnonymousToken(
2443 _In_ HANDLE ThreadHandle);
2444
2445 _Must_inspect_result_
2446 __kernel_entry
2447 NTSYSCALLAPI
2448 NTSTATUS
2449 NTAPI
2450 NtSetInformationToken(
2451 _In_ HANDLE TokenHandle,
2452 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2453 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
2454 _In_ ULONG TokenInformationLength);
2455
2456 _Must_inspect_result_
2457 __kernel_entry
2458 NTSYSCALLAPI
2459 NTSTATUS
2460 NTAPI
2461 NtAdjustGroupsToken(
2462 _In_ HANDLE TokenHandle,
2463 _In_ BOOLEAN ResetToDefault,
2464 _In_opt_ PTOKEN_GROUPS NewState,
2465 _In_opt_ ULONG BufferLength,
2466 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
2467 _Out_ PULONG ReturnLength);
2468
2469 _Must_inspect_result_
2470 __kernel_entry
2471 NTSYSCALLAPI
2472 NTSTATUS
2473 NTAPI
2474 NtPrivilegeCheck(
2475 _In_ HANDLE ClientToken,
2476 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
2477 _Out_ PBOOLEAN Result);
2478
2479 _Must_inspect_result_
2480 __kernel_entry
2481 NTSYSCALLAPI
2482 NTSTATUS
2483 NTAPI
2484 NtAccessCheckAndAuditAlarm(
2485 _In_ PUNICODE_STRING SubsystemName,
2486 _In_opt_ PVOID HandleId,
2487 _In_ PUNICODE_STRING ObjectTypeName,
2488 _In_ PUNICODE_STRING ObjectName,
2489 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2490 _In_ ACCESS_MASK DesiredAccess,
2491 _In_ PGENERIC_MAPPING GenericMapping,
2492 _In_ BOOLEAN ObjectCreation,
2493 _Out_ PACCESS_MASK GrantedAccess,
2494 _Out_ PNTSTATUS AccessStatus,
2495 _Out_ PBOOLEAN GenerateOnClose);
2496
2497 _Must_inspect_result_
2498 __kernel_entry
2499 NTSYSCALLAPI
2500 NTSTATUS
2501 NTAPI
2502 NtAccessCheckByTypeAndAuditAlarm(
2503 _In_ PUNICODE_STRING SubsystemName,
2504 _In_opt_ PVOID HandleId,
2505 _In_ PUNICODE_STRING ObjectTypeName,
2506 _In_ PUNICODE_STRING ObjectName,
2507 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2508 _In_opt_ PSID PrincipalSelfSid,
2509 _In_ ACCESS_MASK DesiredAccess,
2510 _In_ AUDIT_EVENT_TYPE AuditType,
2511 _In_ ULONG Flags,
2512 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
2513 _In_ ULONG ObjectTypeLength,
2514 _In_ PGENERIC_MAPPING GenericMapping,
2515 _In_ BOOLEAN ObjectCreation,
2516 _Out_ PACCESS_MASK GrantedAccess,
2517 _Out_ PNTSTATUS AccessStatus,
2518 _Out_ PBOOLEAN GenerateOnClose);
2519
2520 _Must_inspect_result_
2521 __kernel_entry
2522 NTSYSCALLAPI
2523 NTSTATUS
2524 NTAPI
2525 NtAccessCheckByTypeResultListAndAuditAlarm(
2526 _In_ PUNICODE_STRING SubsystemName,
2527 _In_opt_ PVOID HandleId,
2528 _In_ PUNICODE_STRING ObjectTypeName,
2529 _In_ PUNICODE_STRING ObjectName,
2530 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2531 _In_opt_ PSID PrincipalSelfSid,
2532 _In_ ACCESS_MASK DesiredAccess,
2533 _In_ AUDIT_EVENT_TYPE AuditType,
2534 _In_ ULONG Flags,
2535 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2536 _In_ ULONG ObjectTypeListLength,
2537 _In_ PGENERIC_MAPPING GenericMapping,
2538 _In_ BOOLEAN ObjectCreation,
2539 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2540 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2541 _Out_ PBOOLEAN GenerateOnClose);
2542
2543 _Must_inspect_result_
2544 __kernel_entry
2545 NTSYSCALLAPI
2546 NTSTATUS
2547 NTAPI
2548 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
2549 _In_ PUNICODE_STRING SubsystemName,
2550 _In_opt_ PVOID HandleId,
2551 _In_ HANDLE ClientToken,
2552 _In_ PUNICODE_STRING ObjectTypeName,
2553 _In_ PUNICODE_STRING ObjectName,
2554 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2555 _In_opt_ PSID PrincipalSelfSid,
2556 _In_ ACCESS_MASK DesiredAccess,
2557 _In_ AUDIT_EVENT_TYPE AuditType,
2558 _In_ ULONG Flags,
2559 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2560 _In_ ULONG ObjectTypeListLength,
2561 _In_ PGENERIC_MAPPING GenericMapping,
2562 _In_ BOOLEAN ObjectCreation,
2563 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2564 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2565 _Out_ PBOOLEAN GenerateOnClose);
2566
2567 __kernel_entry
2568 NTSYSCALLAPI
2569 NTSTATUS
2570 NTAPI
2571 NtOpenObjectAuditAlarm(
2572 _In_ PUNICODE_STRING SubsystemName,
2573 _In_opt_ PVOID HandleId,
2574 _In_ PUNICODE_STRING ObjectTypeName,
2575 _In_ PUNICODE_STRING ObjectName,
2576 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2577 _In_ HANDLE ClientToken,
2578 _In_ ACCESS_MASK DesiredAccess,
2579 _In_ ACCESS_MASK GrantedAccess,
2580 _In_opt_ PPRIVILEGE_SET Privileges,
2581 _In_ BOOLEAN ObjectCreation,
2582 _In_ BOOLEAN AccessGranted,
2583 _Out_ PBOOLEAN GenerateOnClose);
2584
2585 __kernel_entry
2586 NTSYSCALLAPI
2587 NTSTATUS
2588 NTAPI
2589 NtPrivilegeObjectAuditAlarm(
2590 _In_ PUNICODE_STRING SubsystemName,
2591 _In_opt_ PVOID HandleId,
2592 _In_ HANDLE ClientToken,
2593 _In_ ACCESS_MASK DesiredAccess,
2594 _In_ PPRIVILEGE_SET Privileges,
2595 _In_ BOOLEAN AccessGranted);
2596
2597 __kernel_entry
2598 NTSYSCALLAPI
2599 NTSTATUS
2600 NTAPI
2601 NtCloseObjectAuditAlarm(
2602 _In_ PUNICODE_STRING SubsystemName,
2603 _In_opt_ PVOID HandleId,
2604 _In_ BOOLEAN GenerateOnClose);
2605
2606 __kernel_entry
2607 NTSYSCALLAPI
2608 NTSTATUS
2609 NTAPI
2610 NtDeleteObjectAuditAlarm(
2611 _In_ PUNICODE_STRING SubsystemName,
2612 _In_opt_ PVOID HandleId,
2613 _In_ BOOLEAN GenerateOnClose);
2614
2615 __kernel_entry
2616 NTSYSCALLAPI
2617 NTSTATUS
2618 NTAPI
2619 NtPrivilegedServiceAuditAlarm(
2620 _In_ PUNICODE_STRING SubsystemName,
2621 _In_ PUNICODE_STRING ServiceName,
2622 _In_ HANDLE ClientToken,
2623 _In_ PPRIVILEGE_SET Privileges,
2624 _In_ BOOLEAN AccessGranted);
2625
2626 __kernel_entry
2627 NTSYSCALLAPI
2628 NTSTATUS
2629 NTAPI
2630 NtSetInformationThread(
2631 _In_ HANDLE ThreadHandle,
2632 _In_ THREADINFOCLASS ThreadInformationClass,
2633 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
2634 _In_ ULONG ThreadInformationLength);
2635
2636 _Must_inspect_result_
2637 __kernel_entry
2638 NTSYSCALLAPI
2639 NTSTATUS
2640 NTAPI
2641 NtCreateSection(
2642 _Out_ PHANDLE SectionHandle,
2643 _In_ ACCESS_MASK DesiredAccess,
2644 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2645 _In_opt_ PLARGE_INTEGER MaximumSize,
2646 _In_ ULONG SectionPageProtection,
2647 _In_ ULONG AllocationAttributes,
2648 _In_opt_ HANDLE FileHandle);
2649
2650 #endif
2651
2652 #define COMPRESSION_FORMAT_NONE (0x0000)
2653 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2654 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2655 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2656 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2657 #define COMPRESSION_ENGINE_HIBER (0x0200)
2658
2659 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2660
2661 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2662
2663 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2664 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2665
2666 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
2667
2668 typedef enum _SECURITY_LOGON_TYPE {
2669 UndefinedLogonType = 0,
2670 Interactive = 2,
2671 Network,
2672 Batch,
2673 Service,
2674 Proxy,
2675 Unlock,
2676 NetworkCleartext,
2677 NewCredentials,
2678 #if (_WIN32_WINNT >= 0x0501)
2679 RemoteInteractive,
2680 CachedInteractive,
2681 #endif
2682 #if (_WIN32_WINNT >= 0x0502)
2683 CachedRemoteInteractive,
2684 CachedUnlock
2685 #endif
2686 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
2687
2688 #ifndef _NTLSA_AUDIT_
2689 #define _NTLSA_AUDIT_
2690
2691 #ifndef GUID_DEFINED
2692 #include <guiddef.h>
2693 #endif
2694
2695 #endif /* _NTLSA_AUDIT_ */
2696
2697 _IRQL_requires_same_
2698 _IRQL_requires_max_(PASSIVE_LEVEL)
2699 NTSTATUS
2700 NTAPI
2701 LsaRegisterLogonProcess(
2702 _In_ PLSA_STRING LogonProcessName,
2703 _Out_ PHANDLE LsaHandle,
2704 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
2705
2706 _IRQL_requires_same_
2707 _IRQL_requires_max_(PASSIVE_LEVEL)
2708 NTSTATUS
2709 NTAPI
2710 LsaLogonUser(
2711 _In_ HANDLE LsaHandle,
2712 _In_ PLSA_STRING OriginName,
2713 _In_ SECURITY_LOGON_TYPE LogonType,
2714 _In_ ULONG AuthenticationPackage,
2715 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
2716 _In_ ULONG AuthenticationInformationLength,
2717 _In_opt_ PTOKEN_GROUPS LocalGroups,
2718 _In_ PTOKEN_SOURCE SourceContext,
2719 _Out_ PVOID *ProfileBuffer,
2720 _Out_ PULONG ProfileBufferLength,
2721 _Inout_ PLUID LogonId,
2722 _Out_ PHANDLE Token,
2723 _Out_ PQUOTA_LIMITS Quotas,
2724 _Out_ PNTSTATUS SubStatus);
2725
2726 _IRQL_requires_same_
2727 NTSTATUS
2728 NTAPI
2729 LsaFreeReturnBuffer(
2730 _In_ PVOID Buffer);
2731
2732 #ifndef _NTLSA_IFS_
2733 #define _NTLSA_IFS_
2734 #endif
2735
2736 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2737 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2738 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2739
2740 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2741 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2742
2743 #define MSV1_0_CHALLENGE_LENGTH 8
2744 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2745 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2746
2747 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2748 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2749 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2750 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2751 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2752 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2753 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2754 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2755 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2756 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2757 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2758
2759 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2760 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2761
2762 #if (_WIN32_WINNT >= 0x0502)
2763 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2764 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2765 #endif
2766
2767 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2768 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2769
2770 #if (_WIN32_WINNT >= 0x0600)
2771 #define MSV1_0_S4U2SELF 0x00020000
2772 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2773 #endif
2774
2775 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2776 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2777 #define MSV1_0_MNS_LOGON 0x01000000
2778
2779 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2780 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2781
2782 #define LOGON_GUEST 0x01
2783 #define LOGON_NOENCRYPTION 0x02
2784 #define LOGON_CACHED_ACCOUNT 0x04
2785 #define LOGON_USED_LM_PASSWORD 0x08
2786 #define LOGON_EXTRA_SIDS 0x20
2787 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2788 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2789 #define LOGON_NTLMV2_ENABLED 0x100
2790 #define LOGON_RESOURCE_GROUPS 0x200
2791 #define LOGON_PROFILE_PATH_RETURNED 0x400
2792 #define LOGON_NT_V2 0x800
2793 #define LOGON_LM_V2 0x1000
2794 #define LOGON_NTLM_V2 0x2000
2795
2796 #if (_WIN32_WINNT >= 0x0600)
2797
2798 #define LOGON_OPTIMIZED 0x4000
2799 #define LOGON_WINLOGON 0x8000
2800 #define LOGON_PKINIT 0x10000
2801 #define LOGON_NO_OPTIMIZED 0x20000
2802
2803 #endif
2804
2805 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2806
2807 #define LOGON_GRACE_LOGON 0x01000000
2808
2809 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2810 #define MSV1_0_CRED_LM_PRESENT 0x1
2811 #define MSV1_0_CRED_NT_PRESENT 0x2
2812 #define MSV1_0_CRED_VERSION 0
2813
2814 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2815 #define MSV1_0_NTLM3_OWF_LENGTH 16
2816
2817 #if (_WIN32_WINNT == 0x0500)
2818 #define MSV1_0_MAX_NTLM3_LIFE 1800
2819 #else
2820 #define MSV1_0_MAX_NTLM3_LIFE 129600
2821 #endif
2822 #define MSV1_0_MAX_AVL_SIZE 64000
2823
2824 #if (_WIN32_WINNT >= 0x0501)
2825
2826 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2827
2828 #if (_WIN32_WINNT >= 0x0600)
2829 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2830 #endif
2831
2832 #endif
2833
2834 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2835
2836 #if(_WIN32_WINNT >= 0x0502)
2837 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2838 #endif
2839
2840 #define USE_PRIMARY_PASSWORD 0x01
2841 #define RETURN_PRIMARY_USERNAME 0x02
2842 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2843 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2844 #define GENERATE_CLIENT_CHALLENGE 0x10
2845 #define GCR_NTLM3_PARMS 0x20
2846 #define GCR_TARGET_INFO 0x40
2847 #define RETURN_RESERVED_PARAMETER 0x80
2848 #define GCR_ALLOW_NTLM 0x100
2849 #define GCR_USE_OEM_SET 0x200
2850 #define GCR_MACHINE_CREDENTIAL 0x400
2851 #define GCR_USE_OWF_PASSWORD 0x800
2852 #define GCR_ALLOW_LM 0x1000
2853 #define GCR_ALLOW_NO_TARGET 0x2000
2854
2855 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
2856 MsV1_0InteractiveLogon = 2,
2857 MsV1_0Lm20Logon,
2858 MsV1_0NetworkLogon,
2859 MsV1_0SubAuthLogon,
2860 MsV1_0WorkstationUnlockLogon = 7,
2861 MsV1_0S4ULogon = 12,
2862 MsV1_0VirtualLogon = 82
2863 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
2864
2865 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
2866 MsV1_0InteractiveProfile = 2,
2867 MsV1_0Lm20LogonProfile,
2868 MsV1_0SmartCardProfile
2869 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
2870
2871 typedef struct _MSV1_0_INTERACTIVE_LOGON {
2872 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2873 UNICODE_STRING LogonDomainName;
2874 UNICODE_STRING UserName;
2875 UNICODE_STRING Password;
2876 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
2877
2878 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
2879 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2880 USHORT LogonCount;
2881 USHORT BadPasswordCount;
2882 LARGE_INTEGER LogonTime;
2883 LARGE_INTEGER LogoffTime;
2884 LARGE_INTEGER KickOffTime;
2885 LARGE_INTEGER PasswordLastSet;
2886 LARGE_INTEGER PasswordCanChange;
2887 LARGE_INTEGER PasswordMustChange;
2888 UNICODE_STRING LogonScript;
2889 UNICODE_STRING HomeDirectory;
2890 UNICODE_STRING FullName;
2891 UNICODE_STRING ProfilePath;
2892 UNICODE_STRING HomeDirectoryDrive;
2893 UNICODE_STRING LogonServer;
2894 ULONG UserFlags;
2895 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
2896
2897 typedef struct _MSV1_0_LM20_LOGON {
2898 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2899 UNICODE_STRING LogonDomainName;
2900 UNICODE_STRING UserName;
2901 UNICODE_STRING Workstation;
2902 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2903 STRING CaseSensitiveChallengeResponse;
2904 STRING CaseInsensitiveChallengeResponse;
2905 ULONG ParameterControl;
2906 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
2907
2908 typedef struct _MSV1_0_SUBAUTH_LOGON {
2909 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2910 UNICODE_STRING LogonDomainName;
2911 UNICODE_STRING UserName;
2912 UNICODE_STRING Workstation;
2913 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2914 STRING AuthenticationInfo1;
2915 STRING AuthenticationInfo2;
2916 ULONG ParameterControl;
2917 ULONG SubAuthPackageId;
2918 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
2919
2920 #if (_WIN32_WINNT >= 0x0600)
2921
2922 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2923
2924 typedef struct _MSV1_0_S4U_LOGON {
2925 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2926 ULONG Flags;
2927 UNICODE_STRING UserPrincipalName;
2928 UNICODE_STRING DomainName;
2929 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
2930
2931 #endif
2932
2933 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
2934 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2935 LARGE_INTEGER KickOffTime;
2936 LARGE_INTEGER LogoffTime;
2937 ULONG UserFlags;
2938 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
2939 UNICODE_STRING LogonDomainName;
2940 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
2941 UNICODE_STRING LogonServer;
2942 UNICODE_STRING UserParameters;
2943 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
2944
2945 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
2946 ULONG Version;
2947 ULONG Flags;
2948 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2949 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2950 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
2951
2952 typedef struct _MSV1_0_NTLM3_RESPONSE {
2953 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
2954 UCHAR RespType;
2955 UCHAR HiRespType;
2956 USHORT Flags;
2957 ULONG MsgWord;
2958 ULONGLONG TimeStamp;
2959 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
2960 ULONG AvPairsOff;
2961 UCHAR Buffer[1];
2962 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
2963
2964 typedef enum _MSV1_0_AVID {
2965 MsvAvEOL,
2966 MsvAvNbComputerName,
2967 MsvAvNbDomainName,
2968 MsvAvDnsComputerName,
2969 MsvAvDnsDomainName,
2970 #if (_WIN32_WINNT >= 0x0501)
2971 MsvAvDnsTreeName,
2972 MsvAvFlags,
2973 #if (_WIN32_WINNT >= 0x0600)
2974 MsvAvTimestamp,
2975 MsvAvRestrictions,
2976 MsvAvTargetName,
2977 MsvAvChannelBindings,
2978 #endif
2979 #endif
2980 } MSV1_0_AVID;
2981
2982 typedef struct _MSV1_0_AV_PAIR {
2983 USHORT AvId;
2984 USHORT AvLen;
2985 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
2986
2987 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
2988 MsV1_0Lm20ChallengeRequest = 0,
2989 MsV1_0Lm20GetChallengeResponse,
2990 MsV1_0EnumerateUsers,
2991 MsV1_0GetUserInfo,
2992 MsV1_0ReLogonUsers,
2993 MsV1_0ChangePassword,
2994 MsV1_0ChangeCachedPassword,
2995 MsV1_0GenericPassthrough,
2996 MsV1_0CacheLogon,
2997 MsV1_0SubAuth,
2998 MsV1_0DeriveCredential,
2999 MsV1_0CacheLookup,
3000 #if (_WIN32_WINNT >= 0x0501)
3001 MsV1_0SetProcessOption,
3002 #endif
3003 #if (_WIN32_WINNT >= 0x0600)
3004 MsV1_0ConfigLocalAliases,
3005 MsV1_0ClearCachedCredentials,
3006 #endif
3007 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
3008
3009 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
3010 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3011 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
3012
3013 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
3014 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3015 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3016 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
3017
3018 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
3019 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3020 ULONG ParameterControl;
3021 LUID LogonId;
3022 UNICODE_STRING Password;
3023 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3024 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
3025
3026 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
3027 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3028 ULONG ParameterControl;
3029 LUID LogonId;
3030 UNICODE_STRING Password;
3031 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3032 UNICODE_STRING UserName;
3033 UNICODE_STRING LogonDomainName;
3034 UNICODE_STRING ServerName;
3035 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
3036
3037 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
3038 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3039 STRING CaseSensitiveChallengeResponse;
3040 STRING CaseInsensitiveChallengeResponse;
3041 UNICODE_STRING UserName;
3042 UNICODE_STRING LogonDomainName;
3043 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
3044 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
3045 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
3046
3047 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
3048 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3049 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
3050
3051 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
3052 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3053 ULONG NumberOfLoggedOnUsers;
3054 PLUID LogonIds;
3055 PULONG EnumHandles;
3056 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
3057
3058 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
3059 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3060 LUID LogonId;
3061 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
3062
3063 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
3064 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3065 PSID UserSid;
3066 UNICODE_STRING UserName;
3067 UNICODE_STRING LogonDomainName;
3068 UNICODE_STRING LogonServer;
3069 SECURITY_LOGON_TYPE LogonType;
3070 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
3071
3072
3073
3074 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
3075 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
3076 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
3077
3078 /* also in winnt.h */
3079 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
3080 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
3081 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
3082 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
3083 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
3084 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
3085 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
3086 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
3087 #define FILE_NOTIFY_CHANGE_EA 0x00000080
3088 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
3089 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
3090 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
3091 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
3092 #define FILE_NOTIFY_VALID_MASK 0x00000fff
3093
3094 #define FILE_ACTION_ADDED 0x00000001
3095 #define FILE_ACTION_REMOVED 0x00000002
3096 #define FILE_ACTION_MODIFIED 0x00000003
3097 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
3098 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
3099 #define FILE_ACTION_ADDED_STREAM 0x00000006
3100 #define FILE_ACTION_REMOVED_STREAM 0x00000007
3101 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
3102 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
3103 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
3104 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
3105 /* end winnt.h */
3106
3107 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
3108 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
3109
3110 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3111 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3112
3113 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3114 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3115 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
3116
3117 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
3118 #define FILE_PIPE_MESSAGE_MODE 0x00000001
3119
3120 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
3121 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
3122
3123 #define FILE_PIPE_INBOUND 0x00000000
3124 #define FILE_PIPE_OUTBOUND 0x00000001
3125 #define FILE_PIPE_FULL_DUPLEX 0x00000002
3126
3127 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
3128 #define FILE_PIPE_LISTENING_STATE 0x00000002
3129 #define FILE_PIPE_CONNECTED_STATE 0x00000003
3130 #define FILE_PIPE_CLOSING_STATE 0x00000004
3131
3132 #define FILE_PIPE_CLIENT_END 0x00000000
3133 #define FILE_PIPE_SERVER_END 0x00000001
3134
3135 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
3136 #define FILE_CASE_PRESERVED_NAMES 0x00000002
3137 #define FILE_UNICODE_ON_DISK 0x00000004
3138 #define FILE_PERSISTENT_ACLS 0x00000008
3139 #define FILE_FILE_COMPRESSION 0x00000010
3140 #define FILE_VOLUME_QUOTAS 0x00000020
3141 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
3142 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
3143 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
3144 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
3145 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
3146 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
3147 #define FILE_NAMED_STREAMS 0x00040000
3148 #define FILE_READ_ONLY_VOLUME 0x00080000
3149 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
3150 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
3151 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
3152 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
3153 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
3154 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
3155
3156 #define FILE_NEED_EA 0x00000080
3157
3158 #define FILE_EA_TYPE_BINARY 0xfffe
3159 #define FILE_EA_TYPE_ASCII 0xfffd
3160 #define FILE_EA_TYPE_BITMAP 0xfffb
3161 #define FILE_EA_TYPE_METAFILE 0xfffa
3162 #define FILE_EA_TYPE_ICON 0xfff9
3163 #define FILE_EA_TYPE_EA 0xffee
3164 #define FILE_EA_TYPE_MVMT 0xffdf
3165 #define FILE_EA_TYPE_MVST 0xffde
3166 #define FILE_EA_TYPE_ASN1 0xffdd
3167 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3168
3169 typedef struct _FILE_NOTIFY_INFORMATION {
3170 ULONG NextEntryOffset;
3171 ULONG Action;
3172 ULONG FileNameLength;
3173 WCHAR FileName[1];
3174 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
3175
3176 typedef struct _FILE_DIRECTORY_INFORMATION {
3177 ULONG NextEntryOffset;
3178 ULONG FileIndex;
3179 LARGE_INTEGER CreationTime;
3180 LARGE_INTEGER LastAccessTime;
3181 LARGE_INTEGER LastWriteTime;
3182 LARGE_INTEGER ChangeTime;
3183 LARGE_INTEGER EndOfFile;
3184 LARGE_INTEGER AllocationSize;
3185 ULONG FileAttributes;
3186 ULONG FileNameLength;
3187 WCHAR FileName[1];
3188 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
3189
3190 typedef struct _FILE_FULL_DIR_INFORMATION {
3191 ULONG NextEntryOffset;
3192 ULONG FileIndex;
3193 LARGE_INTEGER CreationTime;
3194 LARGE_INTEGER LastAccessTime;
3195 LARGE_INTEGER LastWriteTime;
3196 LARGE_INTEGER ChangeTime;
3197 LARGE_INTEGER EndOfFile;
3198 LARGE_INTEGER AllocationSize;
3199 ULONG FileAttributes;
3200 ULONG FileNameLength;
3201 ULONG EaSize;
3202 WCHAR FileName[1];
3203 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
3204
3205 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
3206 ULONG NextEntryOffset;
3207 ULONG FileIndex;
3208 LARGE_INTEGER CreationTime;
3209 LARGE_INTEGER LastAccessTime;
3210 LARGE_INTEGER LastWriteTime;
3211 LARGE_INTEGER ChangeTime;
3212 LARGE_INTEGER EndOfFile;
3213 LARGE_INTEGER AllocationSize;
3214 ULONG FileAttributes;
3215 ULONG FileNameLength;
3216 ULONG EaSize;
3217 LARGE_INTEGER FileId;
3218 WCHAR FileName[1];
3219 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
3220
3221 typedef struct _FILE_BOTH_DIR_INFORMATION {
3222 ULONG NextEntryOffset;
3223 ULONG FileIndex;
3224 LARGE_INTEGER CreationTime;
3225 LARGE_INTEGER LastAccessTime;
3226 LARGE_INTEGER LastWriteTime;
3227 LARGE_INTEGER ChangeTime;
3228 LARGE_INTEGER EndOfFile;
3229 LARGE_INTEGER AllocationSize;
3230 ULONG FileAttributes;
3231 ULONG FileNameLength;
3232 ULONG EaSize;
3233 CCHAR ShortNameLength;
3234 WCHAR ShortName[12];
3235 WCHAR FileName[1];
3236 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
3237
3238 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
3239 ULONG NextEntryOffset;
3240 ULONG FileIndex;
3241 LARGE_INTEGER CreationTime;
3242 LARGE_INTEGER LastAccessTime;
3243 LARGE_INTEGER LastWriteTime;
3244 LARGE_INTEGER ChangeTime;
3245 LARGE_INTEGER EndOfFile;
3246 LARGE_INTEGER AllocationSize;
3247 ULONG FileAttributes;
3248 ULONG FileNameLength;
3249 ULONG EaSize;
3250 CCHAR ShortNameLength;
3251 WCHAR ShortName[12];
3252 LARGE_INTEGER FileId;
3253 WCHAR FileName[1];
3254 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
3255
3256 typedef struct _FILE_NAMES_INFORMATION {
3257 ULONG NextEntryOffset;
3258 ULONG FileIndex;
3259 ULONG FileNameLength;
3260 WCHAR FileName[1];
3261 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
3262
3263 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
3264 ULONG NextEntryOffset;
3265 ULONG FileIndex;
3266 LARGE_INTEGER CreationTime;
3267 LARGE_INTEGER LastAccessTime;
3268 LARGE_INTEGER LastWriteTime;
3269 LARGE_INTEGER ChangeTime;
3270 LARGE_INTEGER EndOfFile;
3271 LARGE_INTEGER AllocationSize;
3272 ULONG FileAttributes;
3273 ULONG FileNameLength;
3274 LARGE_INTEGER FileId;
3275 GUID LockingTransactionId;
3276 ULONG TxInfoFlags;
3277 WCHAR FileName[1];
3278 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
3279
3280 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3281 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3282 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3283
3284 typedef struct _FILE_OBJECTID_INFORMATION {
3285 LONGLONG FileReference;
3286 UCHAR ObjectId[16];
3287 _ANONYMOUS_UNION union {
3288 _ANONYMOUS_STRUCT struct {
3289 UCHAR BirthVolumeId[16];
3290 UCHAR BirthObjectId[16];
3291 UCHAR DomainId[16];
3292 } DUMMYSTRUCTNAME;
3293 UCHAR ExtendedInfo[48];
3294 } DUMMYUNIONNAME;
3295 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
3296
3297 #define ANSI_DOS_STAR ('<')
3298 #define ANSI_DOS_QM ('>')
3299 #define ANSI_DOS_DOT ('"')
3300
3301 #define DOS_STAR (L'<')
3302 #define DOS_QM (L'>')
3303 #define DOS_DOT (L'"')
3304
3305 typedef struct _FILE_INTERNAL_INFORMATION {
3306 LARGE_INTEGER IndexNumber;
3307 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
3308
3309 typedef struct _FILE_EA_INFORMATION {
3310 ULONG EaSize;
3311 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
3312
3313 typedef struct _FILE_ACCESS_INFORMATION {
3314 ACCESS_MASK AccessFlags;
3315 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
3316
3317 typedef struct _FILE_MODE_INFORMATION {
3318 ULONG Mode;
3319 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
3320
3321 typedef struct _FILE_ALL_INFORMATION {
3322 FILE_BASIC_INFORMATION BasicInformation;
3323 FILE_STANDARD_INFORMATION StandardInformation;
3324 FILE_INTERNAL_INFORMATION InternalInformation;
3325 FILE_EA_INFORMATION EaInformation;
3326 FILE_ACCESS_INFORMATION AccessInformation;
3327 FILE_POSITION_INFORMATION PositionInformation;
3328 FILE_MODE_INFORMATION ModeInformation;
3329 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
3330 FILE_NAME_INFORMATION NameInformation;
3331 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
3332
3333 typedef struct _FILE_ALLOCATION_INFORMATION {
3334 LARGE_INTEGER AllocationSize;
3335 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
3336
3337 typedef struct _FILE_COMPRESSION_INFORMATION {
3338 LARGE_INTEGER CompressedFileSize;
3339 USHORT CompressionFormat;
3340 UCHAR CompressionUnitShift;
3341 UCHAR ChunkShift;
3342 UCHAR ClusterShift;
3343 UCHAR Reserved[3];
3344 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
3345
3346 typedef struct _FILE_LINK_INFORMATION {
3347 BOOLEAN ReplaceIfExists;
3348 HANDLE RootDirectory;
3349 ULONG FileNameLength;
3350 WCHAR FileName[1];
3351 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
3352
3353 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
3354 ULONG ClusterCount;
3355 HANDLE RootDirectory;
3356 ULONG FileNameLength;
3357 WCHAR FileName[1];
3358 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
3359
3360 typedef struct _FILE_RENAME_INFORMATION {
3361 BOOLEAN ReplaceIfExists;
3362 HANDLE RootDirectory;
3363 ULONG FileNameLength;
3364 WCHAR FileName[1];
3365 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
3366
3367 typedef struct _FILE_STREAM_INFORMATION {
3368 ULONG NextEntryOffset;
3369 ULONG StreamNameLength;
3370 LARGE_INTEGER StreamSize;
3371 LARGE_INTEGER StreamAllocationSize;
3372 WCHAR StreamName[1];
3373 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
3374
3375 typedef struct _FILE_TRACKING_INFORMATION {
3376 HANDLE DestinationFile;
3377 ULONG ObjectInformationLength;
3378 CHAR ObjectInformation[1];
3379 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
3380
3381 typedef struct _FILE_COMPLETION_INFORMATION {
3382 HANDLE Port;
3383 PVOID Key;
3384 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
3385
3386 typedef struct _FILE_PIPE_INFORMATION {
3387 ULONG ReadMode;
3388 ULONG CompletionMode;
3389 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
3390
3391 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
3392 ULONG NamedPipeType;
3393 ULONG NamedPipeConfiguration;
3394 ULONG MaximumInstances;
3395 ULONG CurrentInstances;
3396 ULONG InboundQuota;
3397 ULONG ReadDataAvailable;
3398 ULONG OutboundQuota;
3399 ULONG WriteQuotaAvailable;
3400 ULONG NamedPipeState;
3401 ULONG NamedPipeEnd;
3402 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
3403
3404 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
3405 LARGE_INTEGER CollectDataTime;
3406 ULONG MaximumCollectionCount;
3407 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
3408
3409 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
3410 ULONG MaximumMessageSize;
3411 ULONG MailslotQuota;
3412 ULONG NextMessageSize;
3413 ULONG MessagesAvailable;
3414 LARGE_INTEGER ReadTimeout;
3415 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
3416
3417 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
3418 PLARGE_INTEGER ReadTimeout;
3419 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
3420
3421 typedef struct _FILE_REPARSE_POINT_INFORMATION {
3422 LONGLONG FileReference;
3423 ULONG Tag;
3424 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
3425
3426 typedef struct _FILE_LINK_ENTRY_INFORMATION {
3427 ULONG NextEntryOffset;
3428 LONGLONG ParentFileId;
3429 ULONG FileNameLength;
3430 WCHAR FileName[1];
3431 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
3432
3433 typedef struct _FILE_LINKS_INFORMATION {
3434 ULONG BytesNeeded;
3435 ULONG EntriesReturned;
3436 FILE_LINK_ENTRY_INFORMATION Entry;
3437 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
3438
3439 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
3440 ULONG FileNameLength;
3441 WCHAR FileName[1];
3442 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
3443
3444 typedef struct _FILE_STANDARD_LINK_INFORMATION {
3445 ULONG NumberOfAccessibleLinks;
3446 ULONG TotalNumberOfLinks;
3447 BOOLEAN DeletePending;
3448 BOOLEAN Directory;
3449 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
3450
3451 typedef struct _FILE_GET_EA_INFORMATION {
3452 ULONG NextEntryOffset;
3453 UCHAR EaNameLength;
3454 CHAR EaName[1];
3455 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
3456
3457 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3458 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3459
3460 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
3461 USHORT StructureVersion;
3462 USHORT StructureSize;
3463 ULONG Protocol;
3464 USHORT ProtocolMajorVersion;
3465 USHORT ProtocolMinorVersion;
3466 USHORT ProtocolRevision;
3467 USHORT Reserved;
3468 ULONG Flags;
3469 struct {
3470 ULONG Reserved[8];
3471 } GenericReserved;
3472 struct {
3473 ULONG Reserved[16];
3474 } ProtocolSpecificReserved;
3475 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
3476
3477 typedef struct _FILE_GET_QUOTA_INFORMATION {
3478 ULONG NextEntryOffset;
3479 ULONG SidLength;
3480 SID Sid;
3481 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
3482
3483 typedef struct _FILE_QUOTA_INFORMATION {
3484 ULONG NextEntryOffset;
3485 ULONG SidLength;
3486 LARGE_INTEGER ChangeTime;
3487 LARGE_INTEGER QuotaUsed;
3488 LARGE_INTEGER QuotaThreshold;
3489 LARGE_INTEGER QuotaLimit;
3490 SID Sid;
3491 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
3492
3493 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
3494 ULONG FileSystemAttributes;
3495 ULONG MaximumComponentNameLength;
3496 ULONG FileSystemNameLength;
3497 WCHAR FileSystemName[1];
3498 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
3499
3500 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
3501 BOOLEAN DriverInPath;
3502 ULONG DriverNameLength;
3503 WCHAR DriverName[1];
3504 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
3505
3506 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
3507 ULONG Flags;
3508 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
3509
3510 #define FILE_VC_QUOTA_NONE 0x00000000
3511 #define FILE_VC_QUOTA_TRACK 0x00000001
3512 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3513 #define FILE_VC_QUOTA_MASK 0x00000003
3514 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3515 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3516 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3517 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3518 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3519 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3520 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3521 #define FILE_VC_VALID_MASK 0x000003ff
3522
3523 typedef struct _FILE_FS_CONTROL_INFORMATION {
3524 LARGE_INTEGER FreeSpaceStartFiltering;
3525 LARGE_INTEGER FreeSpaceThreshold;
3526 LARGE_INTEGER FreeSpaceStopFiltering;
3527 LARGE_INTEGER DefaultQuotaThreshold;
3528 LARGE_INTEGER DefaultQuotaLimit;
3529 ULONG FileSystemControlFlags;
3530 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
3531
3532 #ifndef _FILESYSTEMFSCTL_
3533 #define _FILESYSTEMFSCTL_
3534
3535 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3536 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3537 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3538 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3539 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3540 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3541 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3542 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3543 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3544 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3545 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3546 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3547 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3548 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3549 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3550 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3551
3552 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3553 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3554 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3555 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3556 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3557
3558 #if (_WIN32_WINNT >= 0x0400)
3559
3560 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3561 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3562 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3563 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3564 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3565 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3566 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3567
3568 #endif
3569
3570 #if (_WIN32_WINNT >= 0x0500)
3571
3572 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3573 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3574 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3575 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3576 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3577 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3578 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3579 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_ANY_ACCESS)
3580 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3581 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_ANY_ACCESS)
3582 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3583 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3584 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3585 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3586 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3587 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3588 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_NEITHER, FILE_ANY_ACCESS)
3589 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3590 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_SPECIAL_ACCESS)
3591 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_SPECIAL_ACCESS)
3592 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_ANY_ACCESS)
3593 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_ANY_ACCESS)
3594 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_ANY_ACCESS)
3595 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3596 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3597 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3598 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3599 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3600 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3601 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3602 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3603 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3604
3605 #endif
3606
3607 #if (_WIN32_WINNT >= 0x0600)
3608
3609 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3610 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3611 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3612 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3613 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3614 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3615 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3616 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3617 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3618 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3619 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3620 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3621 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3622 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3623 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3624 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3625 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3626 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3627 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3628 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3629 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3630 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3631 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3632 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3633 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3634 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3635 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3636 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3637 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3638 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3639 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3640 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3641 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3642 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3643
3644 #endif
3645
3646 #if (_WIN32_WINNT >= 0x0601)
3647
3648 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3649 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3650 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3651 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3652 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3653 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3654 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3655 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3656 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3657 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3658 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3659 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3660 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3661 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3662 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3663 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3664 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3665 #define FSCTL_CSV_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 155, METHOD_BUFFERED, FILE_ANY_ACCESS)
3666
3667 typedef struct _CSV_NAMESPACE_INFO {
3668 ULONG Version;
3669 ULONG DeviceNumber;
3670 LARGE_INTEGER StartingOffset;
3671 ULONG SectorSize;
3672 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
3673
3674 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3675 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3676
3677 #endif
3678
3679 #if (_WIN32_WINNT >= 0x0602)
3680
3681 #define FSCTL_FILE_LEVEL_TRIM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 130, METHOD_BUFFERED, FILE_WRITE_DATA)
3682 #define FSCTL_CORRUPTION_HANDLING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 152, METHOD_BUFFERED, FILE_ANY_ACCESS)
3683 #define FSCTL_OFFLOAD_READ CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 153, METHOD_BUFFERED, FILE_READ_ACCESS)
3684 #define FSCTL_OFFLOAD_WRITE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 154, METHOD_BUFFERED, FILE_WRITE_ACCESS)
3685 #define FSCTL_SET_PURGE_FAILURE_MODE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 156, METHOD_BUFFERED, FILE_ANY_ACCESS)
3686 #define FSCTL_QUERY_FILE_LAYOUT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 157, METHOD_NEITHER, FILE_ANY_ACCESS)
3687 #define FSCTL_IS_VOLUME_OWNED_BYCSVFS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 158, METHOD_BUFFERED, FILE_ANY_ACCESS)
3688 #define FSCTL_GET_INTEGRITY_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 159, METHOD_BUFFERED, FILE_ANY_ACCESS)
3689 #define FSCTL_SET_INTEGRITY_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 160, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3690 #define FSCTL_QUERY_FILE_REGIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 161, METHOD_BUFFERED, FILE_ANY_ACCESS)
3691 #define FSCTL_DEDUP_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 165, METHOD_BUFFERED, FILE_ANY_ACCESS)
3692 #define FSCTL_DEDUP_QUERY_FILE_HASHES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 166, METHOD_NEITHER, FILE_READ_DATA)
3693 #define FSCTL_RKF_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 171, METHOD_NEITHER, FILE_ANY_ACCESS)
3694 #define FSCTL_SCRUB_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 172, METHOD_BUFFERED, FILE_ANY_ACCESS)
3695 #define FSCTL_REPAIR_COPIES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 173, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3696 #define FSCTL_DISABLE_LOCAL_BUFFERING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 174, METHOD_BUFFERED, FILE_ANY_ACCESS)
3697 #define FSCTL_CSV_MGMT_LOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 175, METHOD_BUFFERED, FILE_ANY_ACCESS)
3698 #define FSCTL_CSV_QUERY_DOWN_LEVEL_FILE_SYSTEM_CHARACTERISTICS \
3699 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 176, METHOD_BUFFERED, FILE_ANY_ACCESS)
3700 #define FSCTL_ADVANCE_FILE_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 177, METHOD_BUFFERED, FILE_ANY_ACCESS)
3701 #define FSCTL_CSV_SYNC_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 178, METHOD_BUFFERED, FILE_ANY_ACCESS)
3702 #define FSCTL_CSV_QUERY_VETO_FILE_DIRECT_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 179, METHOD_BUFFERED, FILE_ANY_ACCESS)
3703 #define FSCTL_WRITE_USN_REASON CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 180, METHOD_BUFFERED, FILE_ANY_ACCESS)
3704 #define FSCTL_CSV_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 181, METHOD_BUFFERED, FILE_ANY_ACCESS)
3705 #define FSCTL_GET_REFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 182, METHOD_BUFFERED, FILE_ANY_ACCESS)
3706
3707 #endif
3708
3709 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3710
3711 typedef struct _PATHNAME_BUFFER {
3712 ULONG PathNameLength;
3713 WCHAR Name[1];
3714 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
3715
3716 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
3717 UCHAR First0x24BytesOfBootSector[0x24];
3718 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
3719
3720 #if (_WIN32_WINNT >= 0x0400)
3721
3722 typedef struct _NTFS_VOLUME_DATA_BUFFER {
3723 LARGE_INTEGER VolumeSerialNumber;
3724 LARGE_INTEGER NumberSectors;
3725 LARGE_INTEGER TotalClusters;
3726 LARGE_INTEGER FreeClusters;
3727 LARGE_INTEGER TotalReserved;
3728 ULONG BytesPerSector;
3729 ULONG BytesPerCluster;
3730 ULONG BytesPerFileRecordSegment;
3731 ULONG ClustersPerFileRecordSegment;
3732 LARGE_INTEGER MftValidDataLength;
3733 LARGE_INTEGER MftStartLcn;
3734 LARGE_INTEGER Mft2StartLcn;
3735 LARGE_INTEGER MftZoneStart;
3736 LARGE_INTEGER MftZoneEnd;
3737 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
3738
3739 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
3740 ULONG ByteCount;
3741 USHORT MajorVersion;
3742 USHORT MinorVersion;
3743 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
3744
3745 typedef struct _STARTING_LCN_INPUT_BUFFER {
3746 LARGE_INTEGER StartingLcn;
3747 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
3748
3749 typedef struct _VOLUME_BITMAP_BUFFER {
3750 LARGE_INTEGER StartingLcn;
3751 LARGE_INTEGER BitmapSize;
3752 UCHAR Buffer[1];
3753 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
3754
3755 typedef struct _STARTING_VCN_INPUT_BUFFER {
3756 LARGE_INTEGER StartingVcn;
3757 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
3758
3759 typedef struct _RETRIEVAL_POINTERS_BUFFER {
3760 ULONG ExtentCount;
3761 LARGE_INTEGER StartingVcn;
3762 struct {
3763 LARGE_INTEGER NextVcn;
3764 LARGE_INTEGER Lcn;
3765 } Extents[1];
3766 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
3767
3768 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
3769 LARGE_INTEGER FileReferenceNumber;
3770 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
3771
3772 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
3773 LARGE_INTEGER FileReferenceNumber;
3774 ULONG FileRecordLength;
3775 UCHAR FileRecordBuffer[1];
3776 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
3777
3778 typedef struct _MOVE_FILE_DATA {
3779 HANDLE FileHandle;
3780 LARGE_INTEGER StartingVcn;
3781 LARGE_INTEGER StartingLcn;
3782 ULONG ClusterCount;
3783 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
3784
3785 typedef struct _MOVE_FILE_RECORD_DATA {
3786 HANDLE FileHandle;
3787 LARGE_INTEGER SourceFileRecord;
3788 LARGE_INTEGER TargetFileRecord;
3789 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
3790
3791 #if defined(_WIN64)
3792 typedef struct _MOVE_FILE_DATA32 {
3793 UINT32 FileHandle;
3794 LARGE_INTEGER StartingVcn;
3795 LARGE_INTEGER StartingLcn;
3796 ULONG ClusterCount;
3797 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
3798 #endif
3799
3800 #endif /* (_WIN32_WINNT >= 0x0400) */
3801
3802 #if (_WIN32_WINNT >= 0x0500)
3803
3804 typedef struct _FIND_BY_SID_DATA {
3805 ULONG Restart;
3806 SID Sid;
3807 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
3808
3809 typedef struct _FIND_BY_SID_OUTPUT {
3810 ULONG NextEntryOffset;
3811 ULONG FileIndex;
3812 ULONG FileNameLength;
3813 WCHAR FileName[1];
3814 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
3815
3816 typedef struct _MFT_ENUM_DATA {
3817 ULONGLONG StartFileReferenceNumber;
3818 USN LowUsn;
3819 USN HighUsn;
3820 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
3821
3822 typedef struct _CREATE_USN_JOURNAL_DATA {
3823 ULONGLONG MaximumSize;
3824 ULONGLONG AllocationDelta;
3825 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
3826
3827 typedef struct _READ_USN_JOURNAL_DATA {
3828 USN StartUsn;
3829 ULONG ReasonMask;
3830 ULONG ReturnOnlyOnClose;
3831 ULONGLONG Timeout;
3832 ULONGLONG BytesToWaitFor;
3833 ULONGLONG UsnJournalID;
3834 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
3835
3836 typedef struct _USN_RECORD {
3837 ULONG RecordLength;
3838 USHORT MajorVersion;
3839 USHORT MinorVersion;
3840 ULONGLONG FileReferenceNumber;
3841 ULONGLONG ParentFileReferenceNumber;
3842 USN Usn;
3843 LARGE_INTEGER TimeStamp;
3844 ULONG Reason;
3845 ULONG SourceInfo;
3846 ULONG SecurityId;
3847 ULONG FileAttributes;
3848 USHORT FileNameLength;
3849 USHORT FileNameOffset;
3850 WCHAR FileName[1];
3851 } USN_RECORD, *PUSN_RECORD;
3852
3853 #define USN_PAGE_SIZE (0x1000)
3854
3855 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3856 #define USN_REASON_DATA_EXTEND (0x00000002)
3857 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3858 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3859 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3860 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3861 #define USN_REASON_FILE_CREATE (0x00000100)
3862 #define USN_REASON_FILE_DELETE (0x00000200)
3863 #define USN_REASON_EA_CHANGE (0x00000400)
3864 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3865 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3866 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3867 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3868 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3869 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3870 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3871 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3872 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3873 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3874 #define USN_REASON_STREAM_CHANGE (0x00200000)
3875 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3876 #define USN_REASON_CLOSE (0x80000000)
3877
3878 typedef struct _USN_JOURNAL_DATA {
3879 ULONGLONG UsnJournalID;
3880 USN FirstUsn;
3881 USN NextUsn;
3882 USN LowestValidUsn;
3883 USN MaxUsn;
3884 ULONGLONG MaximumSize;
3885 ULONGLONG AllocationDelta;
3886 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
3887
3888 typedef struct _DELETE_USN_JOURNAL_DATA {
3889 ULONGLONG UsnJournalID;
3890 ULONG DeleteFlags;
3891 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
3892
3893 #define USN_DELETE_FLAG_DELETE (0x00000001)
3894 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3895 #define USN_DELETE_VALID_FLAGS (0x00000003)
3896
3897 typedef struct _MARK_HANDLE_INFO {
3898 ULONG UsnSourceInfo;
3899 HANDLE VolumeHandle;
3900 ULONG HandleInfo;
3901 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
3902
3903 #if defined(_WIN64)
3904 typedef struct _MARK_HANDLE_INFO32 {
3905 ULONG UsnSourceInfo;
3906 UINT32 VolumeHandle;
3907 ULONG HandleInfo;
3908 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
3909 #endif
3910
3911 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3912 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3913 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3914
3915 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3916 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3917 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3918
3919 typedef struct _BULK_SECURITY_TEST_DATA {
3920 ACCESS_MASK DesiredAccess;
3921 ULONG SecurityIds[1];
3922 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
3923
3924 #define VOLUME_IS_DIRTY (0x00000001)
3925 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3926 #define VOLUME_SESSION_OPEN (0x00000004)
3927
3928 typedef struct _FILE_PREFETCH {
3929 ULONG Type;
3930 ULONG Count;
3931 ULONGLONG Prefetch[1];
3932 } FILE_PREFETCH, *PFILE_PREFETCH;
3933
3934 typedef struct _FILE_PREFETCH_EX {
3935 ULONG Type;
3936 ULONG Count;
3937 PVOID Context;
3938 ULONGLONG Prefetch[1];
3939 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
3940
3941 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3942 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3943 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3944 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3945
3946 #define FILE_PREFETCH_TYPE_MAX 0x4
3947
3948 typedef struct _FILE_OBJECTID_BUFFER {
3949 UCHAR ObjectId[16];
3950 _ANONYMOUS_UNION union {
3951 _ANONYMOUS_STRUCT struct {
3952 UCHAR BirthVolumeId[16];
3953 UCHAR BirthObjectId[16];
3954 UCHAR DomainId[16];
3955 } DUMMYSTRUCTNAME;
3956 UCHAR ExtendedInfo[48];
3957 } DUMMYUNIONNAME;
3958 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
3959
3960 typedef struct _FILE_SET_SPARSE_BUFFER {
3961 BOOLEAN SetSparse;
3962 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
3963
3964 typedef struct _FILE_ZERO_DATA_INFORMATION {
3965 LARGE_INTEGER FileOffset;
3966 LARGE_INTEGER BeyondFinalZero;
3967 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
3968
3969 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
3970 LARGE_INTEGER FileOffset;
3971 LARGE_INTEGER Length;
3972 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
3973
3974 typedef struct _ENCRYPTION_BUFFER {
3975 ULONG EncryptionOperation;
3976 UCHAR Private[1];
3977 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
3978
3979 #define FILE_SET_ENCRYPTION 0x00000001
3980 #define FILE_CLEAR_ENCRYPTION 0x00000002
3981 #define STREAM_SET_ENCRYPTION 0x00000003
3982 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3983
3984 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3985
3986 typedef struct _DECRYPTION_STATUS_BUFFER {
3987 BOOLEAN NoEncryptedStreams;
3988 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
3989
3990 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3991
3992 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3993
3994 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
3995 LONGLONG FileOffset;
3996 ULONG Length;
3997 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
3998
3999 typedef struct _ENCRYPTED_DATA_INFO {
4000 ULONGLONG StartingFileOffset;
4001 ULONG OutputBufferOffset;
4002 ULONG BytesWithinFileSize;
4003 ULONG BytesWithinValidDataLength;
4004 USHORT CompressionFormat;
4005 UCHAR DataUnitShift;
4006 UCHAR ChunkShift;
4007 UCHAR ClusterShift;
4008 UCHAR EncryptionFormat;
4009 USHORT NumberOfDataBlocks;
4010 ULONG DataBlockSize[ANYSIZE_ARRAY];
4011 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
4012
4013 typedef struct _PLEX_READ_DATA_REQUEST {
4014 LARGE_INTEGER ByteOffset;
4015 ULONG ByteLength;
4016 ULONG PlexNumber;
4017 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
4018
4019 typedef struct _SI_COPYFILE {
4020 ULONG SourceFileNameLength;
4021 ULONG DestinationFileNameLength;
4022 ULONG Flags;
4023 WCHAR FileNameBuffer[1];
4024 } SI_COPYFILE, *PSI_COPYFILE;
4025
4026 #define COPYFILE_SIS_LINK 0x0001
4027 #define COPYFILE_SIS_REPLACE 0x0002
4028 #define COPYFILE_SIS_FLAGS 0x0003
4029
4030 #endif /* (_WIN32_WINNT >= 0x0500) */
4031
4032 #if (_WIN32_WINNT >= 0x0600)
4033
4034 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER {
4035 BOOLEAN CloseDisc;
4036 } FILE_MAKE_COMPATIBLE_BUFFER, *PFILE_MAKE_COMPATIBLE_BUFFER;
4037
4038 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER {
4039 BOOLEAN Disable;
4040 } FILE_SET_DEFECT_MGMT_BUFFER, *PFILE_SET_DEFECT_MGMT_BUFFER;
4041
4042 typedef struct _FILE_QUERY_SPARING_BUFFER {
4043 ULONG SparingUnitBytes;
4044 BOOLEAN SoftwareSparing;
4045 ULONG TotalSpareBlocks;
4046 ULONG FreeSpareBlocks;
4047 } FILE_QUERY_SPARING_BUFFER, *PFILE_QUERY_SPARING_BUFFER;
4048
4049 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER {
4050 LARGE_INTEGER DirectoryCount;
4051 LARGE_INTEGER FileCount;
4052 USHORT FsFormatMajVersion;
4053 USHORT FsFormatMinVersion;
4054 WCHAR FsFormatName[12];
4055 LARGE_INTEGER FormatTime;
4056 LARGE_INTEGER LastUpdateTime;
4057 WCHAR CopyrightInfo[34];
4058 WCHAR AbstractInfo[34];
4059 WCHAR FormattingImplementationInfo[34];
4060 WCHAR LastModifyingImplementationInfo[34];
4061 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER;
4062
4063 #define SET_REPAIR_ENABLED (0x00000001)
4064 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
4065 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
4066 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
4067 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
4068 #define SET_REPAIR_VALID_MASK (0x0000001F)
4069
4070 typedef enum _SHRINK_VOLUME_REQUEST_TYPES {
4071 ShrinkPrepare = 1,
4072 ShrinkCommit,
4073 ShrinkAbort
4074 } SHRINK_VOLUME_REQUEST_TYPES, *PSHRINK_VOLUME_REQUEST_TYPES;
4075
4076 typedef struct _SHRINK_VOLUME_INFORMATION {
4077 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType;
4078 ULONGLONG Flags;
4079 LONGLONG NewNumberOfSectors;
4080 } SHRINK_VOLUME_INFORMATION, *PSHRINK_VOLUME_INFORMATION;
4081
4082 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
4083 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
4084 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
4085 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
4086 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
4087 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
4088 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
4089 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
4090 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
4091 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
4092 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
4093 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
4094 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
4095 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
4096 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
4097 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
4098 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
4099
4100 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
4101 #define TXFS_LOGGING_MODE_FULL (0x0002)
4102
4103 #define TXFS_TRANSACTION_STATE_NONE 0x00
4104 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
4105 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
4106 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
4107
4108 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE | \
4109 TXFS_RM_FLAG_RENAME_RM | \
4110 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4111 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4112 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4113 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4114 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4115 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4116 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4117 TXFS_RM_FLAG_SHRINK_LOG | \
4118 TXFS_RM_FLAG_GROW_LOG | \
4119 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
4120 TXFS_RM_FLAG_PRESERVE_CHANGES | \
4121 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4122 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4123 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4124 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4125
4126 typedef struct _TXFS_MODIFY_RM {
4127 ULONG Flags;
4128 ULONG LogContainerCountMax;
4129 ULONG LogContainerCountMin;
4130 ULONG LogContainerCount;
4131 ULONG LogGrowthIncrement;
4132 ULONG LogAutoShrinkPercentage;
4133 ULONGLONG Reserved;
4134 USHORT LoggingMode;
4135 } TXFS_MODIFY_RM, *PTXFS_MODIFY_RM;
4136
4137 #define TXFS_RM_STATE_NOT_STARTED 0
4138 #define TXFS_RM_STATE_STARTING 1
4139 #define TXFS_RM_STATE_ACTIVE 2
4140 #define TXFS_RM_STATE_SHUTTING_DOWN 3
4141
4142 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
4143 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4144 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4145 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4146 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4147 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4148 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4149 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4150 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4151
4152 typedef struct _TXFS_QUERY_RM_INFORMATION {
4153 ULONG BytesRequired;
4154 ULONGLONG TailLsn;
4155 ULONGLONG CurrentLsn;
4156 ULONGLONG ArchiveTailLsn;
4157 ULONGLONG LogContainerSize;
4158 LARGE_INTEGER HighestVirtualClock;
4159 ULONG LogContainerCount;
4160 ULONG LogContainerCountMax;
4161 ULONG LogContainerCountMin;
4162 ULONG LogGrowthIncrement;
4163 ULONG LogAutoShrinkPercentage;
4164 ULONG Flags;
4165 USHORT LoggingMode;
4166 USHORT Reserved;
4167 ULONG RmState;
4168 ULONGLONG LogCapacity;
4169 ULONGLONG LogFree;
4170 ULONGLONG TopsSize;
4171 ULONGLONG TopsUsed;
4172 ULONGLONG TransactionCount;
4173 ULONGLONG OnePCCount;
4174 ULONGLONG TwoPCCount;
4175 ULONGLONG NumberLogFileFull;
4176 ULONGLONG OldestTransactionAge;
4177 GUID RMName;
4178 ULONG TmLogPathOffset;
4179 } TXFS_QUERY_RM_INFORMATION, *PTXFS_QUERY_RM_INFORMATION;
4180
4181 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
4182 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
4183
4184 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
4185 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
4186 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
4187
4188 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION {
4189 LARGE_INTEGER LastVirtualClock;
4190 ULONGLONG LastRedoLsn;
4191 ULONGLONG HighestRecoveryLsn;
4192 ULONG Flags;
4193 } TXFS_ROLLFORWARD_REDO_INFORMATION, *PTXFS_ROLLFORWARD_REDO_INFORMATION;
4194
4195 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4196 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4197 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4198 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4199 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4200 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4201 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4202 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4203
4204 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4205 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4206 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4207
4208 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4209 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4210
4211 #define TXFS_START_RM_VALID_FLAGS \
4212 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4213 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4214 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4215 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4216 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4217 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4218 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4219 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4220 TXFS_START_RM_FLAG_LOGGING_MODE | \
4221 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4222 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4223 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4224
4225 typedef struct _TXFS_START_RM_INFORMATION {
4226 ULONG Flags;
4227 ULONGLONG LogContainerSize;
4228 ULONG LogContainerCountMin;
4229 ULONG LogContainerCountMax;
4230 ULONG LogGrowthIncrement;
4231 ULONG LogAutoShrinkPercentage;
4232 ULONG TmLogPathOffset;
4233 USHORT TmLogPathLength;
4234 USHORT LoggingMode;
4235 USHORT LogPathLength;
4236 USHORT Reserved;
4237 WCHAR LogPath[1];
4238 } TXFS_START_RM_INFORMATION, *PTXFS_START_RM_INFORMATION;
4239
4240 typedef struct _TXFS_GET_METADATA_INFO_OUT {
4241 struct {
4242 LONGLONG LowPart;
4243 LONGLONG HighPart;
4244 } TxfFileId;
4245 GUID LockingTransaction;
4246 ULONGLONG LastLsn;
4247 ULONG TransactionState;
4248 } TXFS_GET_METADATA_INFO_OUT, *PTXFS_GET_METADATA_INFO_OUT;
4249
4250 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4251 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4252
4253 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY {
4254 ULONGLONG Offset;
4255 ULONG NameFlags;
4256 LONGLONG FileId;
4257 ULONG Reserved1;
4258 ULONG Reserved2;
4259 LONGLONG Reserved3;
4260 WCHAR FileName[1];
4261 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY;
4262
4263 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES {
4264 GUID KtmTransaction;
4265 ULONGLONG NumberOfFiles;
4266 ULONGLONG BufferSizeRequired;
4267 ULONGLONG Offset;
4268 } TXFS_LIST_TRANSACTION_LOCKED_FILES, *PTXFS_LIST_TRANSACTION_LOCKED_FILES;
4269
4270 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY {
4271 GUID TransactionId;
4272 ULONG TransactionState;
4273 ULONG Reserved1;
4274 ULONG Reserved2;
4275 LONGLONG Reserved3;
4276 } TXFS_LIST_TRANSACTIONS_ENTRY, *PTXFS_LIST_TRANSACTIONS_ENTRY;
4277
4278 typedef struct _TXFS_LIST_TRANSACTIONS {
4279 ULONGLONG NumberOfTransactions;
4280 ULONGLONG BufferSizeRequired;
4281 } TXFS_LIST_TRANSACTIONS, *PTXFS_LIST_TRANSACTIONS;
4282
4283 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT {
4284 _ANONYMOUS_UNION union {
4285 ULONG BufferLength;
4286 UCHAR Buffer[1];
4287 } DUMMYUNIONNAME;
4288 } TXFS_READ_BACKUP_INFORMATION_OUT, *PTXFS_READ_BACKUP_INFORMATION_OUT;
4289
4290 typedef struct _TXFS_WRITE_BACKUP_INFORMATION {
4291 UCHAR Buffer[1];
4292 } TXFS_WRITE_BACKUP_INFORMATION, *PTXFS_WRITE_BACKUP_INFORMATION;
4293
4294 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4295 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4296
4297 typedef struct _TXFS_GET_TRANSACTED_VERSION {
4298 ULONG ThisBaseVersion;
4299 ULONG LatestVersion;
4300 USHORT ThisMiniVersion;
4301 USHORT FirstMiniVersion;
4302 USHORT LatestMiniVersion;
4303 } TXFS_GET_TRANSACTED_VERSION, *PTXFS_GET_TRANSACTED_VERSION;
4304
4305 #define TXFS_SAVEPOINT_SET 0x00000001
4306 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4307 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4308 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4309
4310 typedef struct _TXFS_SAVEPOINT_INFORMATION {
4311 HANDLE KtmTransaction;
4312 ULONG ActionCode;
4313 ULONG SavepointId;
4314 } TXFS_SAVEPOINT_INFORMATION, *PTXFS_SAVEPOINT_INFORMATION;
4315
4316 typedef struct _TXFS_CREATE_MINIVERSION_INFO {
4317 USHORT StructureVersion;
4318 USHORT StructureLength;
4319 ULONG BaseVersion;
4320 USHORT MiniVersion;
4321 } TXFS_CREATE_MINIVERSION_INFO, *PTXFS_CREATE_MINIVERSION_INFO;
4322
4323 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO {
4324 BOOLEAN TransactionsActiveAtSnapshot;
4325 } TXFS_TRANSACTION_ACTIVE_INFO, *PTXFS_TRANSACTION_ACTIVE_INFO;
4326
4327 #endif /* (_WIN32_WINNT >= 0x0600) */
4328
4329 #if (_WIN32_WINNT >= 0x0601)
4330
4331 #define MARK_HANDLE_REALTIME (0x00000020)
4332 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4333
4334 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4335 #define REMOVED_8DOT3_NAME (0x00000002)
4336
4337 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4338
4339 typedef struct _BOOT_AREA_INFO {
4340 ULONG BootSectorCount;
4341 struct {
4342 LARGE_INTEGER Offset;
4343 } BootSectors[2];
4344 } BOOT_AREA_INFO, *PBOOT_AREA_INFO;
4345
4346 typedef struct _RETRIEVAL_POINTER_BASE {
4347 LARGE_INTEGER FileAreaOffset;
4348 } RETRIEVAL_POINTER_BASE, *PRETRIEVAL_POINTER_BASE;
4349
4350 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION {
4351 ULONG VolumeFlags;
4352 ULONG FlagMask;
4353 ULONG Version;
4354 ULONG Reserved;
4355 } FILE_FS_PERSISTENT_VOLUME_INFORMATION, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION;
4356
4357 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION {
4358 CHAR FileSystem[9];
4359 } FILE_SYSTEM_RECOGNITION_INFORMATION, *PFILE_SYSTEM_RECOGNITION_INFORMATION;
4360
4361 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4362 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4363 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4364
4365 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4366 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4367 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4368
4369 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4370
4371 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
4372 USHORT StructureVersion;
4373 USHORT StructureLength;
4374 ULONG RequestedOplockLevel;
4375 ULONG Flags;
4376 } REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;
4377
4378 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4379 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4380
4381 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
4382 USHORT StructureVersion;
4383 USHORT StructureLength;
4384 ULONG OriginalOplockLevel;
4385 ULONG NewOplockLevel;
4386 ULONG Flags;
4387 ACCESS_MASK AccessMode;
4388 USHORT ShareMode;
4389 } REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;
4390
4391 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4392
4393 typedef struct _SD_CHANGE_MACHINE_SID_INPUT {
4394 USHORT CurrentMachineSIDOffset;
4395 USHORT CurrentMachineSIDLength;
4396 USHORT NewMachineSIDOffset;
4397 USHORT NewMachineSIDLength;
4398 } SD_CHANGE_MACHINE_SID_INPUT, *PSD_CHANGE_MACHINE_SID_INPUT;
4399
4400 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT {
4401 ULONGLONG NumSDChangedSuccess;
4402 ULONGLONG NumSDChangedFail;
4403 ULONGLONG NumSDUnused;
4404 ULONGLONG NumSDTotal;
4405 ULONGLONG NumMftSDChangedSuccess;
4406 ULONGLONG NumMftSDChangedFail;
4407 ULONGLONG NumMftSDTotal;
4408 } SD_CHANGE_MACHINE_SID_OUTPUT, *PSD_CHANGE_MACHINE_SID_OUTPUT;
4409
4410 typedef struct _SD_GLOBAL_CHANGE_INPUT {
4411 ULONG Flags;
4412 ULONG ChangeType;
4413 _ANONYMOUS_UNION union {
4414 SD_CHANGE_MACHINE_SID_INPUT SdChange;
4415 } DUMMYUNIONNAME;
4416 } SD_GLOBAL_CHANGE_INPUT, *PSD_GLOBAL_CHANGE_INPUT;
4417
4418 typedef struct _SD_GLOBAL_CHANGE_OUTPUT {
4419 ULONG Flags;
4420 ULONG ChangeType;
4421 _ANONYMOUS_UNION union {
4422 SD_CHANGE_MACHINE_SID_OUTPUT SdChange;
4423 } DUMMYUNIONNAME;
4424 } SD_GLOBAL_CHANGE_OUTPUT, *PSD_GLOBAL_CHANGE_OUTPUT;
4425
4426 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4427
4428 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO {
4429 ULONG ExtendedCode;
4430 ULONG Length;
4431 ULONG Flags;
4432 ULONG Reserved;
4433 } EXTENDED_ENCRYPTED_DATA_INFO, *PEXTENDED_ENCRYPTED_DATA_INFO;
4434
4435 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT {
4436 ULONG Flags;
4437 ULONG NumberOfClusters;
4438 LARGE_INTEGER Cluster[1];
4439 } LOOKUP_STREAM_FROM_CLUSTER_INPUT, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT;
4440
4441 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT {
4442 ULONG Offset;
4443 ULONG NumberOfMatches;
4444 ULONG BufferSizeRequired;
4445 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT;
4446
4447 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4448 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4449 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4450 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008