4 * Windows NT Filesystem Driver Developer Kit
6 * This file is part of the ReactOS DDK package.
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
12 * THIS SOFTWARE IS NOT COPYRIGHTED
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
26 #define _NTIFS_INCLUDED_
45 #define FlagOn(_F,_SF) ((_F) & (_SF))
49 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
53 #define SetFlag(_F,_SF) ((_F) |= (_SF))
57 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
60 typedef UNICODE_STRING LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
61 typedef STRING LSA_STRING
, *PLSA_STRING
;
62 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
64 /******************************************************************************
65 * Security Manager Types *
66 ******************************************************************************/
68 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
69 #define SID_IDENTIFIER_AUTHORITY_DEFINED
70 typedef struct _SID_IDENTIFIER_AUTHORITY
{
72 } SID_IDENTIFIER_AUTHORITY
,*PSID_IDENTIFIER_AUTHORITY
,*LPSID_IDENTIFIER_AUTHORITY
;
79 UCHAR SubAuthorityCount
;
80 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
;
82 [size_is(SubAuthorityCount
)] ULONG SubAuthority
[*];
84 ULONG SubAuthority
[ANYSIZE_ARRAY
];
90 #define SID_REVISION 1
91 #define SID_MAX_SUB_AUTHORITIES 15
92 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
95 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
98 typedef enum _SID_NAME_USE
{
103 SidTypeWellKnownGroup
,
104 SidTypeDeletedAccount
,
109 } SID_NAME_USE
, *PSID_NAME_USE
;
111 typedef struct _SID_AND_ATTRIBUTES
{
118 } SID_AND_ATTRIBUTES
, *PSID_AND_ATTRIBUTES
;
119 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
120 typedef SID_AND_ATTRIBUTES_ARRAY
*PSID_AND_ATTRIBUTES_ARRAY
;
122 #define SID_HASH_SIZE 32
123 typedef ULONG_PTR SID_HASH_ENTRY
, *PSID_HASH_ENTRY
;
125 typedef struct _SID_AND_ATTRIBUTES_HASH
{
127 PSID_AND_ATTRIBUTES SidAttr
;
128 SID_HASH_ENTRY Hash
[SID_HASH_SIZE
];
129 } SID_AND_ATTRIBUTES_HASH
, *PSID_AND_ATTRIBUTES_HASH
;
131 /* Universal well-known SIDs */
133 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
134 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
135 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
136 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
137 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
138 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
140 #define SECURITY_NULL_RID (0x00000000L)
141 #define SECURITY_WORLD_RID (0x00000000L)
142 #define SECURITY_LOCAL_RID (0x00000000L)
143 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
145 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
146 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
147 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
148 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
149 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
151 /* NT well-known SIDs */
153 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
155 #define SECURITY_DIALUP_RID (0x00000001L)
156 #define SECURITY_NETWORK_RID (0x00000002L)
157 #define SECURITY_BATCH_RID (0x00000003L)
158 #define SECURITY_INTERACTIVE_RID (0x00000004L)
159 #define SECURITY_LOGON_IDS_RID (0x00000005L)
160 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
161 #define SECURITY_SERVICE_RID (0x00000006L)
162 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
163 #define SECURITY_PROXY_RID (0x00000008L)
164 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
165 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
166 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
167 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
168 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
169 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
170 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
171 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
172 #define SECURITY_IUSER_RID (0x00000011L)
173 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
174 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
175 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
176 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
177 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
178 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
180 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
181 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
184 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
185 #define SECURITY_PACKAGE_RID_COUNT (2L)
186 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
187 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
188 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
190 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
191 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
192 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
194 #define SECURITY_MIN_BASE_RID (0x00000050L)
195 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
196 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
197 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
198 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
199 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
200 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
201 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
202 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
203 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
204 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
205 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
206 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
207 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
208 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
209 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
210 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
211 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
213 #define SECURITY_MAX_BASE_RID (0x0000006FL)
215 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
216 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
218 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
220 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
222 /* Well-known domain relative sub-authority values (RIDs) */
224 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
226 #define FOREST_USER_RID_MAX (0x000001F3L)
228 /* Well-known users */
230 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
231 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
232 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
234 #define DOMAIN_USER_RID_MAX (0x000003E7L)
236 /* Well-known groups */
238 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
239 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
240 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
241 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
242 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
243 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
244 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
245 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
246 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
247 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
249 /* Well-known aliases */
251 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
252 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
253 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
254 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
256 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
257 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
258 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
259 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
261 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
262 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
263 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
264 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
265 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
266 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
268 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
269 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
270 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
271 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
272 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
273 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
274 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
275 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
276 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
277 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
278 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
280 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
281 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
282 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
283 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
284 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
285 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
286 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
288 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
289 can be set by a usermode caller.*/
291 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
293 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
295 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
296 Use #999 here (0x3e7 = 999) */
298 #define SYSTEM_LUID {0x3e7, 0x0}
299 #define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
300 #define LOCALSERVICE_LUID {0x3e5, 0x0}
301 #define NETWORKSERVICE_LUID {0x3e4, 0x0}
302 #define IUSER_LUID {0x3e3, 0x0}
304 typedef struct _ACE_HEADER
{
308 } ACE_HEADER
, *PACE_HEADER
;
310 /* also in winnt.h */
311 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
312 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
313 #define ACCESS_DENIED_ACE_TYPE (0x1)
314 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
315 #define SYSTEM_ALARM_ACE_TYPE (0x3)
316 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
317 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
318 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
319 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
320 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
321 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
322 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
323 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
324 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
325 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
326 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
327 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
328 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
329 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
330 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
331 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
332 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
333 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
334 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
335 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
336 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
338 /* The following are the inherit flags that go into the AceFlags field
341 #define OBJECT_INHERIT_ACE (0x1)
342 #define CONTAINER_INHERIT_ACE (0x2)
343 #define NO_PROPAGATE_INHERIT_ACE (0x4)
344 #define INHERIT_ONLY_ACE (0x8)
345 #define INHERITED_ACE (0x10)
346 #define VALID_INHERIT_FLAGS (0x1F)
348 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
349 #define FAILED_ACCESS_ACE_FLAG (0x80)
351 typedef struct _ACCESS_ALLOWED_ACE
{
355 } ACCESS_ALLOWED_ACE
, *PACCESS_ALLOWED_ACE
;
357 typedef struct _ACCESS_DENIED_ACE
{
361 } ACCESS_DENIED_ACE
, *PACCESS_DENIED_ACE
;
363 typedef struct _SYSTEM_AUDIT_ACE
{
367 } SYSTEM_AUDIT_ACE
, *PSYSTEM_AUDIT_ACE
;
369 typedef struct _SYSTEM_ALARM_ACE
{
373 } SYSTEM_ALARM_ACE
, *PSYSTEM_ALARM_ACE
;
375 typedef struct _SYSTEM_MANDATORY_LABEL_ACE
{
379 } SYSTEM_MANDATORY_LABEL_ACE
, *PSYSTEM_MANDATORY_LABEL_ACE
;
381 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
382 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
383 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
384 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
385 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
386 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
388 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
390 typedef USHORT SECURITY_DESCRIPTOR_CONTROL
,*PSECURITY_DESCRIPTOR_CONTROL
;
392 #define SE_OWNER_DEFAULTED 0x0001
393 #define SE_GROUP_DEFAULTED 0x0002
394 #define SE_DACL_PRESENT 0x0004
395 #define SE_DACL_DEFAULTED 0x0008
396 #define SE_SACL_PRESENT 0x0010
397 #define SE_SACL_DEFAULTED 0x0020
398 #define SE_DACL_UNTRUSTED 0x0040
399 #define SE_SERVER_SECURITY 0x0080
400 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
401 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
402 #define SE_DACL_AUTO_INHERITED 0x0400
403 #define SE_SACL_AUTO_INHERITED 0x0800
404 #define SE_DACL_PROTECTED 0x1000
405 #define SE_SACL_PROTECTED 0x2000
406 #define SE_RM_CONTROL_VALID 0x4000
407 #define SE_SELF_RELATIVE 0x8000
409 typedef struct _SECURITY_DESCRIPTOR_RELATIVE
{
412 SECURITY_DESCRIPTOR_CONTROL Control
;
417 } SECURITY_DESCRIPTOR_RELATIVE
, *PISECURITY_DESCRIPTOR_RELATIVE
;
419 typedef struct _SECURITY_DESCRIPTOR
{
422 SECURITY_DESCRIPTOR_CONTROL Control
;
427 } SECURITY_DESCRIPTOR
, *PISECURITY_DESCRIPTOR
;
429 typedef struct _OBJECT_TYPE_LIST
{
433 } OBJECT_TYPE_LIST
, *POBJECT_TYPE_LIST
;
435 #define ACCESS_OBJECT_GUID 0
436 #define ACCESS_PROPERTY_SET_GUID 1
437 #define ACCESS_PROPERTY_GUID 2
438 #define ACCESS_MAX_LEVEL 4
440 typedef enum _AUDIT_EVENT_TYPE
{
441 AuditEventObjectAccess
,
442 AuditEventDirectoryServiceAccess
443 } AUDIT_EVENT_TYPE
, *PAUDIT_EVENT_TYPE
;
445 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
447 #define ACCESS_DS_SOURCE_A "DS"
448 #define ACCESS_DS_SOURCE_W L"DS"
449 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
450 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
452 #define ACCESS_REASON_TYPE_MASK 0xffff0000
453 #define ACCESS_REASON_DATA_MASK 0x0000ffff
455 typedef enum _ACCESS_REASON_TYPE
{
456 AccessReasonNone
= 0x00000000,
457 AccessReasonAllowedAce
= 0x00010000,
458 AccessReasonDeniedAce
= 0x00020000,
459 AccessReasonAllowedParentAce
= 0x00030000,
460 AccessReasonDeniedParentAce
= 0x00040000,
461 AccessReasonMissingPrivilege
= 0x00100000,
462 AccessReasonFromPrivilege
= 0x00200000,
463 AccessReasonIntegrityLevel
= 0x00300000,
464 AccessReasonOwnership
= 0x00400000,
465 AccessReasonNullDacl
= 0x00500000,
466 AccessReasonEmptyDacl
= 0x00600000,
467 AccessReasonNoSD
= 0x00700000,
468 AccessReasonNoGrant
= 0x00800000
469 } ACCESS_REASON_TYPE
;
471 typedef ULONG ACCESS_REASON
;
473 typedef struct _ACCESS_REASONS
{
474 ACCESS_REASON Data
[32];
475 } ACCESS_REASONS
, *PACCESS_REASONS
;
477 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
478 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
479 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
481 typedef struct _SE_SECURITY_DESCRIPTOR
{
484 PSECURITY_DESCRIPTOR SecurityDescriptor
;
485 } SE_SECURITY_DESCRIPTOR
, *PSE_SECURITY_DESCRIPTOR
;
487 typedef struct _SE_ACCESS_REQUEST
{
489 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor
;
490 ACCESS_MASK DesiredAccess
;
491 ACCESS_MASK PreviouslyGrantedAccess
;
492 PSID PrincipalSelfSid
;
493 PGENERIC_MAPPING GenericMapping
;
494 ULONG ObjectTypeListCount
;
495 POBJECT_TYPE_LIST ObjectTypeList
;
496 } SE_ACCESS_REQUEST
, *PSE_ACCESS_REQUEST
;
498 typedef struct _SE_ACCESS_REPLY
{
500 ULONG ResultListCount
;
501 PACCESS_MASK GrantedAccess
;
502 PNTSTATUS AccessStatus
;
503 PACCESS_REASONS AccessReason
;
504 PPRIVILEGE_SET
* Privileges
;
505 } SE_ACCESS_REPLY
, *PSE_ACCESS_REPLY
;
507 typedef enum _SE_AUDIT_OPERATION
{
508 AuditPrivilegeObject
,
509 AuditPrivilegeService
,
512 AuditOpenObjectWithTransaction
,
515 AuditOpenObjectForDelete
,
516 AuditOpenObjectForDeleteWithTransaction
,
519 AuditObjectReference
,
521 } SE_AUDIT_OPERATION
, *PSE_AUDIT_OPERATION
;
523 typedef struct _SE_AUDIT_INFO
{
525 AUDIT_EVENT_TYPE AuditType
;
526 SE_AUDIT_OPERATION AuditOperation
;
528 UNICODE_STRING SubsystemName
;
529 UNICODE_STRING ObjectTypeName
;
530 UNICODE_STRING ObjectName
;
534 BOOLEAN ObjectCreation
;
535 BOOLEAN GenerateOnClose
;
536 } SE_AUDIT_INFO
, *PSE_AUDIT_INFO
;
538 #define TOKEN_ASSIGN_PRIMARY (0x0001)
539 #define TOKEN_DUPLICATE (0x0002)
540 #define TOKEN_IMPERSONATE (0x0004)
541 #define TOKEN_QUERY (0x0008)
542 #define TOKEN_QUERY_SOURCE (0x0010)
543 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
544 #define TOKEN_ADJUST_GROUPS (0x0040)
545 #define TOKEN_ADJUST_DEFAULT (0x0080)
546 #define TOKEN_ADJUST_SESSIONID (0x0100)
548 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
549 TOKEN_ASSIGN_PRIMARY |\
553 TOKEN_QUERY_SOURCE |\
554 TOKEN_ADJUST_PRIVILEGES |\
555 TOKEN_ADJUST_GROUPS |\
556 TOKEN_ADJUST_DEFAULT )
558 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
559 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
560 TOKEN_ADJUST_SESSIONID )
562 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
565 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
568 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
569 TOKEN_ADJUST_PRIVILEGES |\
570 TOKEN_ADJUST_GROUPS |\
571 TOKEN_ADJUST_DEFAULT)
573 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
575 typedef enum _TOKEN_TYPE
{
578 } TOKEN_TYPE
,*PTOKEN_TYPE
;
580 typedef enum _TOKEN_INFORMATION_CLASS
{
589 TokenImpersonationLevel
,
593 TokenGroupsAndPrivileges
,
594 TokenSessionReference
,
601 TokenHasRestrictions
,
602 TokenAccessInformation
,
603 TokenVirtualizationAllowed
,
604 TokenVirtualizationEnabled
,
607 TokenMandatoryPolicy
,
610 } TOKEN_INFORMATION_CLASS
, *PTOKEN_INFORMATION_CLASS
;
612 typedef struct _TOKEN_USER
{
613 SID_AND_ATTRIBUTES User
;
614 } TOKEN_USER
, *PTOKEN_USER
;
616 typedef struct _TOKEN_GROUPS
{
619 [size_is(GroupCount
)] SID_AND_ATTRIBUTES Groups
[*];
621 SID_AND_ATTRIBUTES Groups
[ANYSIZE_ARRAY
];
623 } TOKEN_GROUPS
,*PTOKEN_GROUPS
,*LPTOKEN_GROUPS
;
625 typedef struct _TOKEN_PRIVILEGES
{
626 ULONG PrivilegeCount
;
627 LUID_AND_ATTRIBUTES Privileges
[ANYSIZE_ARRAY
];
628 } TOKEN_PRIVILEGES
,*PTOKEN_PRIVILEGES
,*LPTOKEN_PRIVILEGES
;
630 typedef struct _TOKEN_OWNER
{
632 } TOKEN_OWNER
,*PTOKEN_OWNER
;
634 typedef struct _TOKEN_PRIMARY_GROUP
{
636 } TOKEN_PRIMARY_GROUP
,*PTOKEN_PRIMARY_GROUP
;
638 typedef struct _TOKEN_DEFAULT_DACL
{
640 } TOKEN_DEFAULT_DACL
,*PTOKEN_DEFAULT_DACL
;
642 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES
{
645 PSID_AND_ATTRIBUTES Sids
;
646 ULONG RestrictedSidCount
;
647 ULONG RestrictedSidLength
;
648 PSID_AND_ATTRIBUTES RestrictedSids
;
649 ULONG PrivilegeCount
;
650 ULONG PrivilegeLength
;
651 PLUID_AND_ATTRIBUTES Privileges
;
652 LUID AuthenticationId
;
653 } TOKEN_GROUPS_AND_PRIVILEGES
, *PTOKEN_GROUPS_AND_PRIVILEGES
;
655 typedef struct _TOKEN_LINKED_TOKEN
{
657 } TOKEN_LINKED_TOKEN
, *PTOKEN_LINKED_TOKEN
;
659 typedef struct _TOKEN_ELEVATION
{
660 ULONG TokenIsElevated
;
661 } TOKEN_ELEVATION
, *PTOKEN_ELEVATION
;
663 typedef struct _TOKEN_MANDATORY_LABEL
{
664 SID_AND_ATTRIBUTES Label
;
665 } TOKEN_MANDATORY_LABEL
, *PTOKEN_MANDATORY_LABEL
;
667 #define TOKEN_MANDATORY_POLICY_OFF 0x0
668 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
669 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
671 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
672 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
674 typedef struct _TOKEN_MANDATORY_POLICY
{
676 } TOKEN_MANDATORY_POLICY
, *PTOKEN_MANDATORY_POLICY
;
678 typedef struct _TOKEN_ACCESS_INFORMATION
{
679 PSID_AND_ATTRIBUTES_HASH SidHash
;
680 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
;
681 PTOKEN_PRIVILEGES Privileges
;
682 LUID AuthenticationId
;
683 TOKEN_TYPE TokenType
;
684 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
685 TOKEN_MANDATORY_POLICY MandatoryPolicy
;
687 } TOKEN_ACCESS_INFORMATION
, *PTOKEN_ACCESS_INFORMATION
;
689 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
691 typedef struct _TOKEN_AUDIT_POLICY
{
692 UCHAR PerUserPolicy
[((POLICY_AUDIT_SUBCATEGORY_COUNT
) >> 1) + 1];
693 } TOKEN_AUDIT_POLICY
, *PTOKEN_AUDIT_POLICY
;
695 #define TOKEN_SOURCE_LENGTH 8
697 typedef struct _TOKEN_SOURCE
{
698 CHAR SourceName
[TOKEN_SOURCE_LENGTH
];
699 LUID SourceIdentifier
;
700 } TOKEN_SOURCE
,*PTOKEN_SOURCE
;
702 typedef struct _TOKEN_STATISTICS
{
704 LUID AuthenticationId
;
705 LARGE_INTEGER ExpirationTime
;
706 TOKEN_TYPE TokenType
;
707 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
708 ULONG DynamicCharged
;
709 ULONG DynamicAvailable
;
711 ULONG PrivilegeCount
;
713 } TOKEN_STATISTICS
, *PTOKEN_STATISTICS
;
715 typedef struct _TOKEN_CONTROL
{
717 LUID AuthenticationId
;
719 TOKEN_SOURCE TokenSource
;
720 } TOKEN_CONTROL
,*PTOKEN_CONTROL
;
722 typedef struct _TOKEN_ORIGIN
{
723 LUID OriginatingLogonSession
;
724 } TOKEN_ORIGIN
, *PTOKEN_ORIGIN
;
726 typedef enum _MANDATORY_LEVEL
{
727 MandatoryLevelUntrusted
= 0,
729 MandatoryLevelMedium
,
731 MandatoryLevelSystem
,
732 MandatoryLevelSecureProcess
,
734 } MANDATORY_LEVEL
, *PMANDATORY_LEVEL
;
736 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
737 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
738 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
739 #define TOKEN_WRITE_RESTRICTED 0x0008
740 #define TOKEN_IS_RESTRICTED 0x0010
741 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
742 #define TOKEN_SANDBOX_INERT 0x0040
743 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
744 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
745 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
746 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
747 #define TOKEN_IS_FILTERED 0x0800
748 #define TOKEN_UIACCESS 0x1000
749 #define TOKEN_NOT_LOW 0x2000
751 typedef struct _SE_EXPORTS
{
752 LUID SeCreateTokenPrivilege
;
753 LUID SeAssignPrimaryTokenPrivilege
;
754 LUID SeLockMemoryPrivilege
;
755 LUID SeIncreaseQuotaPrivilege
;
756 LUID SeUnsolicitedInputPrivilege
;
758 LUID SeSecurityPrivilege
;
759 LUID SeTakeOwnershipPrivilege
;
760 LUID SeLoadDriverPrivilege
;
761 LUID SeCreatePagefilePrivilege
;
762 LUID SeIncreaseBasePriorityPrivilege
;
763 LUID SeSystemProfilePrivilege
;
764 LUID SeSystemtimePrivilege
;
765 LUID SeProfileSingleProcessPrivilege
;
766 LUID SeCreatePermanentPrivilege
;
767 LUID SeBackupPrivilege
;
768 LUID SeRestorePrivilege
;
769 LUID SeShutdownPrivilege
;
770 LUID SeDebugPrivilege
;
771 LUID SeAuditPrivilege
;
772 LUID SeSystemEnvironmentPrivilege
;
773 LUID SeChangeNotifyPrivilege
;
774 LUID SeRemoteShutdownPrivilege
;
778 PSID SeCreatorOwnerSid
;
779 PSID SeCreatorGroupSid
;
780 PSID SeNtAuthoritySid
;
784 PSID SeInteractiveSid
;
785 PSID SeLocalSystemSid
;
786 PSID SeAliasAdminsSid
;
787 PSID SeAliasUsersSid
;
788 PSID SeAliasGuestsSid
;
789 PSID SeAliasPowerUsersSid
;
790 PSID SeAliasAccountOpsSid
;
791 PSID SeAliasSystemOpsSid
;
792 PSID SeAliasPrintOpsSid
;
793 PSID SeAliasBackupOpsSid
;
794 PSID SeAuthenticatedUsersSid
;
795 PSID SeRestrictedSid
;
796 PSID SeAnonymousLogonSid
;
797 LUID SeUndockPrivilege
;
798 LUID SeSyncAgentPrivilege
;
799 LUID SeEnableDelegationPrivilege
;
800 PSID SeLocalServiceSid
;
801 PSID SeNetworkServiceSid
;
802 LUID SeManageVolumePrivilege
;
803 LUID SeImpersonatePrivilege
;
804 LUID SeCreateGlobalPrivilege
;
805 LUID SeTrustedCredManAccessPrivilege
;
806 LUID SeRelabelPrivilege
;
807 LUID SeIncreaseWorkingSetPrivilege
;
808 LUID SeTimeZonePrivilege
;
809 LUID SeCreateSymbolicLinkPrivilege
;
811 PSID SeUntrustedMandatorySid
;
812 PSID SeLowMandatorySid
;
813 PSID SeMediumMandatorySid
;
814 PSID SeHighMandatorySid
;
815 PSID SeSystemMandatorySid
;
816 PSID SeOwnerRightsSid
;
817 } SE_EXPORTS
, *PSE_EXPORTS
;
820 (NTAPI
*PSE_LOGON_SESSION_TERMINATED_ROUTINE
)(
823 typedef struct _SECURITY_CLIENT_CONTEXT
{
824 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
825 PACCESS_TOKEN ClientToken
;
826 BOOLEAN DirectlyAccessClientToken
;
827 BOOLEAN DirectAccessEffectiveOnly
;
828 BOOLEAN ServerIsRemote
;
829 TOKEN_CONTROL ClientTokenControl
;
830 } SECURITY_CLIENT_CONTEXT
, *PSECURITY_CLIENT_CONTEXT
;
832 /******************************************************************************
833 * Object Manager Types *
834 ******************************************************************************/
836 typedef enum _OBJECT_INFORMATION_CLASS
{
837 ObjectBasicInformation
= 0,
838 ObjectTypeInformation
= 2,
839 /* Not for public use */
840 ObjectNameInformation
= 1,
841 ObjectTypesInformation
= 3,
842 ObjectHandleFlagInformation
= 4,
843 ObjectSessionInformation
= 5,
845 } OBJECT_INFORMATION_CLASS
;
848 /******************************************************************************
849 * Runtime Library Types *
850 ******************************************************************************/
853 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
855 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE
)
856 _IRQL_requires_max_(PASSIVE_LEVEL
)
857 __drv_allocatesMem(Mem
)
859 (NTAPI
*PRTL_ALLOCATE_STRING_ROUTINE
)(
860 _In_ SIZE_T NumberOfBytes
);
862 #if _WIN32_WINNT >= 0x0600
863 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE
)
864 _IRQL_requires_max_(PASSIVE_LEVEL
)
865 __drv_allocatesMem(Mem
)
867 (NTAPI
*PRTL_REALLOCATE_STRING_ROUTINE
)(
868 _In_ SIZE_T NumberOfBytes
,
873 (NTAPI
*PRTL_FREE_STRING_ROUTINE
)(
874 _In_
__drv_freesMem(Mem
) _Post_invalid_ PVOID Buffer
);
876 extern NTKERNELAPI
const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine
;
877 extern NTKERNELAPI
const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine
;
879 #if _WIN32_WINNT >= 0x0600
880 extern NTKERNELAPI
const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine
;
883 _Function_class_(RTL_HEAP_COMMIT_ROUTINE
)
886 (NTAPI
*PRTL_HEAP_COMMIT_ROUTINE
) (
888 _Inout_ PVOID
*CommitAddress
,
889 _Inout_ PSIZE_T CommitSize
);
891 typedef struct _RTL_HEAP_PARAMETERS
{
893 SIZE_T SegmentReserve
;
894 SIZE_T SegmentCommit
;
895 SIZE_T DeCommitFreeBlockThreshold
;
896 SIZE_T DeCommitTotalFreeThreshold
;
897 SIZE_T MaximumAllocationSize
;
898 SIZE_T VirtualMemoryThreshold
;
899 SIZE_T InitialCommit
;
900 SIZE_T InitialReserve
;
901 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine
;
903 } RTL_HEAP_PARAMETERS
, *PRTL_HEAP_PARAMETERS
;
905 #if (NTDDI_VERSION >= NTDDI_WIN2K)
907 typedef struct _GENERATE_NAME_CONTEXT
{
909 BOOLEAN CheckSumInserted
;
910 _Field_range_(<=, 8) UCHAR NameLength
;
912 _Field_range_(<=, 4) ULONG ExtensionLength
;
913 WCHAR ExtensionBuffer
[4];
914 ULONG LastIndexValue
;
915 } GENERATE_NAME_CONTEXT
, *PGENERATE_NAME_CONTEXT
;
917 typedef struct _PREFIX_TABLE_ENTRY
{
920 struct _PREFIX_TABLE_ENTRY
*NextPrefixTree
;
921 RTL_SPLAY_LINKS Links
;
923 } PREFIX_TABLE_ENTRY
, *PPREFIX_TABLE_ENTRY
;
925 typedef struct _PREFIX_TABLE
{
928 PPREFIX_TABLE_ENTRY NextPrefixTree
;
929 } PREFIX_TABLE
, *PPREFIX_TABLE
;
931 typedef struct _UNICODE_PREFIX_TABLE_ENTRY
{
934 struct _UNICODE_PREFIX_TABLE_ENTRY
*NextPrefixTree
;
935 struct _UNICODE_PREFIX_TABLE_ENTRY
*CaseMatch
;
936 RTL_SPLAY_LINKS Links
;
937 PUNICODE_STRING Prefix
;
938 } UNICODE_PREFIX_TABLE_ENTRY
, *PUNICODE_PREFIX_TABLE_ENTRY
;
940 typedef struct _UNICODE_PREFIX_TABLE
{
943 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree
;
944 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry
;
945 } UNICODE_PREFIX_TABLE
, *PUNICODE_PREFIX_TABLE
;
947 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
949 #if (NTDDI_VERSION >= NTDDI_WINXP)
950 typedef struct _COMPRESSED_DATA_INFO
{
951 USHORT CompressionFormatAndEngine
;
952 UCHAR CompressionUnitShift
;
956 USHORT NumberOfChunks
;
957 ULONG CompressedChunkSizes
[ANYSIZE_ARRAY
];
958 } COMPRESSED_DATA_INFO
, *PCOMPRESSED_DATA_INFO
;
960 /******************************************************************************
961 * Runtime Library Functions *
962 ******************************************************************************/
965 #if (NTDDI_VERSION >= NTDDI_WIN2K)
968 _Must_inspect_result_
970 _Post_writable_byte_size_(Size
)
975 _In_ HANDLE HeapHandle
,
976 _In_opt_ ULONG Flags
,
979 _Success_(return != 0)
984 _In_ PVOID HeapHandle
,
985 _In_opt_ ULONG Flags
,
986 _In_ _Post_invalid_ PVOID BaseAddress
);
992 _Out_ PCONTEXT ContextRecord
);
994 _Ret_range_(<, MAXLONG
)
999 _Inout_ PULONG Seed
);
1001 _IRQL_requires_max_(APC_LEVEL
)
1002 _Success_(return != 0)
1003 _Must_inspect_result_
1007 RtlCreateUnicodeString(
1008 _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
))
1009 PUNICODE_STRING DestinationString
,
1010 _In_z_ PCWSTR SourceString
);
1012 _IRQL_requires_max_(PASSIVE_LEVEL
)
1013 _Must_inspect_result_
1018 _In_
const STRING
*String1
,
1019 _In_
const STRING
*String2
,
1020 _In_ BOOLEAN CaseInsensitive
);
1022 _IRQL_requires_max_(APC_LEVEL
)
1026 RtlAppendStringToString(
1027 _Inout_ PSTRING Destination
,
1028 _In_
const STRING
*Source
);
1030 _IRQL_requires_max_(PASSIVE_LEVEL
)
1031 _Must_inspect_result_
1035 RtlOemStringToUnicodeString(
1036 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1037 _When_(!AllocateDestinationString
, _Inout_
)
1038 PUNICODE_STRING DestinationString
,
1039 _In_ PCOEM_STRING SourceString
,
1040 _In_ BOOLEAN AllocateDestinationString
);
1042 _IRQL_requires_max_(PASSIVE_LEVEL
)
1043 _Must_inspect_result_
1047 RtlUnicodeStringToOemString(
1048 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1049 _When_(!AllocateDestinationString
, _Inout_
)
1050 POEM_STRING DestinationString
,
1051 _In_ PCUNICODE_STRING SourceString
,
1052 _In_ BOOLEAN AllocateDestinationString
);
1054 _IRQL_requires_max_(PASSIVE_LEVEL
)
1055 _Must_inspect_result_
1059 RtlUpcaseUnicodeStringToOemString(
1060 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1061 _When_(!AllocateDestinationString
, _Inout_
)
1062 POEM_STRING DestinationString
,
1063 _In_ PCUNICODE_STRING SourceString
,
1064 _In_ BOOLEAN AllocateDestinationString
);
1066 _IRQL_requires_max_(PASSIVE_LEVEL
)
1067 _Must_inspect_result_
1071 RtlOemStringToCountedUnicodeString(
1072 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1073 _When_(!AllocateDestinationString
, _Inout_
)
1074 PUNICODE_STRING DestinationString
,
1075 _In_ PCOEM_STRING SourceString
,
1076 _In_ BOOLEAN AllocateDestinationString
);
1078 _IRQL_requires_max_(PASSIVE_LEVEL
)
1079 _Must_inspect_result_
1083 RtlUnicodeStringToCountedOemString(
1084 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1085 _When_(!AllocateDestinationString
, _Inout_
)
1086 POEM_STRING DestinationString
,
1087 _In_ PCUNICODE_STRING SourceString
,
1088 _In_ BOOLEAN AllocateDestinationString
);
1090 _IRQL_requires_max_(PASSIVE_LEVEL
)
1091 _Must_inspect_result_
1095 RtlUpcaseUnicodeStringToCountedOemString(
1096 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1097 _When_(!AllocateDestinationString
, _Inout_
)
1098 POEM_STRING DestinationString
,
1099 _In_ PCUNICODE_STRING SourceString
,
1100 _In_ BOOLEAN AllocateDestinationString
);
1102 _IRQL_requires_max_(PASSIVE_LEVEL
)
1103 _When_(AllocateDestinationString
, _Must_inspect_result_
)
1107 RtlDowncaseUnicodeString(
1108 _When_(AllocateDestinationString
, _Out_
_At_(UniDest
->Buffer
, __drv_allocatesMem(Mem
)))
1109 _When_(!AllocateDestinationString
, _Inout_
)
1110 PUNICODE_STRING UniDest
,
1111 _In_ PCUNICODE_STRING UniSource
,
1112 _In_ BOOLEAN AllocateDestinationString
);
1114 _IRQL_requires_max_(PASSIVE_LEVEL
)
1119 _Inout_
_At_(OemString
->Buffer
, __drv_freesMem(Mem
)) POEM_STRING OemString
);
1121 _IRQL_requires_max_(PASSIVE_LEVEL
)
1125 RtlxUnicodeStringToOemSize(
1126 _In_ PCUNICODE_STRING UnicodeString
);
1128 _IRQL_requires_max_(PASSIVE_LEVEL
)
1132 RtlxOemStringToUnicodeSize(
1133 _In_ PCOEM_STRING OemString
);
1135 _IRQL_requires_max_(PASSIVE_LEVEL
)
1139 RtlMultiByteToUnicodeN(
1140 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWCH UnicodeString
,
1141 _In_ ULONG MaxBytesInUnicodeString
,
1142 _Out_opt_ PULONG BytesInUnicodeString
,
1143 _In_reads_bytes_(BytesInMultiByteString
) const CHAR
*MultiByteString
,
1144 _In_ ULONG BytesInMultiByteString
);
1146 _IRQL_requires_max_(PASSIVE_LEVEL
)
1150 RtlMultiByteToUnicodeSize(
1151 _Out_ PULONG BytesInUnicodeString
,
1152 _In_reads_bytes_(BytesInMultiByteString
) const CHAR
*MultiByteString
,
1153 _In_ ULONG BytesInMultiByteString
);
1155 _IRQL_requires_max_(PASSIVE_LEVEL
)
1159 RtlUnicodeToMultiByteSize(
1160 _Out_ PULONG BytesInMultiByteString
,
1161 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1162 _In_ ULONG BytesInUnicodeString
);
1164 _IRQL_requires_max_(PASSIVE_LEVEL
)
1168 RtlUnicodeToMultiByteN(
1169 _Out_writes_bytes_to_(MaxBytesInMultiByteString
, *BytesInMultiByteString
) PCHAR MultiByteString
,
1170 _In_ ULONG MaxBytesInMultiByteString
,
1171 _Out_opt_ PULONG BytesInMultiByteString
,
1172 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1173 _In_ ULONG BytesInUnicodeString
);
1175 _IRQL_requires_max_(PASSIVE_LEVEL
)
1179 RtlUpcaseUnicodeToMultiByteN(
1180 _Out_writes_bytes_to_(MaxBytesInMultiByteString
, *BytesInMultiByteString
) PCHAR MultiByteString
,
1181 _In_ ULONG MaxBytesInMultiByteString
,
1182 _Out_opt_ PULONG BytesInMultiByteString
,
1183 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1184 _In_ ULONG BytesInUnicodeString
);
1186 _IRQL_requires_max_(PASSIVE_LEVEL
)
1191 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWSTR UnicodeString
,
1192 _In_ ULONG MaxBytesInUnicodeString
,
1193 _Out_opt_ PULONG BytesInUnicodeString
,
1194 _In_reads_bytes_(BytesInOemString
) PCCH OemString
,
1195 _In_ ULONG BytesInOemString
);
1197 _IRQL_requires_max_(PASSIVE_LEVEL
)
1202 _Out_writes_bytes_to_(MaxBytesInOemString
, *BytesInOemString
) PCHAR OemString
,
1203 _In_ ULONG MaxBytesInOemString
,
1204 _Out_opt_ PULONG BytesInOemString
,
1205 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1206 _In_ ULONG BytesInUnicodeString
);
1208 _IRQL_requires_max_(PASSIVE_LEVEL
)
1212 RtlUpcaseUnicodeToOemN(
1213 _Out_writes_bytes_to_(MaxBytesInOemString
, *BytesInOemString
) PCHAR OemString
,
1214 _In_ ULONG MaxBytesInOemString
,
1215 _Out_opt_ PULONG BytesInOemString
,
1216 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1217 _In_ ULONG BytesInUnicodeString
);
1219 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1220 _IRQL_requires_max_(PASSIVE_LEVEL
)
1224 RtlGenerate8dot3Name(
1225 _In_ PCUNICODE_STRING Name
,
1226 _In_ BOOLEAN AllowExtendedCharacters
,
1227 _Inout_ PGENERATE_NAME_CONTEXT Context
,
1228 _Inout_ PUNICODE_STRING Name8dot3
);
1230 _IRQL_requires_max_(PASSIVE_LEVEL
)
1234 RtlGenerate8dot3Name(
1235 _In_ PCUNICODE_STRING Name
,
1236 _In_ BOOLEAN AllowExtendedCharacters
,
1237 _Inout_ PGENERATE_NAME_CONTEXT Context
,
1238 _Inout_ PUNICODE_STRING Name8dot3
);
1241 _IRQL_requires_max_(PASSIVE_LEVEL
)
1242 _Must_inspect_result_
1246 RtlIsNameLegalDOS8Dot3(
1247 _In_ PCUNICODE_STRING Name
,
1248 _Inout_opt_ POEM_STRING OemName
,
1249 _Out_opt_ PBOOLEAN NameContainsSpaces
);
1251 _IRQL_requires_max_(PASSIVE_LEVEL
)
1252 _Must_inspect_result_
1256 RtlIsValidOemCharacter(
1257 _Inout_ PWCHAR Char
);
1259 _IRQL_requires_max_(PASSIVE_LEVEL
)
1264 _Out_ PPREFIX_TABLE PrefixTable
);
1266 _IRQL_requires_max_(PASSIVE_LEVEL
)
1271 _In_ PPREFIX_TABLE PrefixTable
,
1272 _In_ __drv_aliasesMem PSTRING Prefix
,
1273 _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1275 _IRQL_requires_max_(PASSIVE_LEVEL
)
1280 _In_ PPREFIX_TABLE PrefixTable
,
1281 _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1283 _IRQL_requires_max_(PASSIVE_LEVEL
)
1284 _Must_inspect_result_
1289 _In_ PPREFIX_TABLE PrefixTable
,
1290 _In_ PSTRING FullName
);
1292 _IRQL_requires_max_(PASSIVE_LEVEL
)
1296 RtlInitializeUnicodePrefix(
1297 _Out_ PUNICODE_PREFIX_TABLE PrefixTable
);
1299 _IRQL_requires_max_(PASSIVE_LEVEL
)
1303 RtlInsertUnicodePrefix(
1304 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1305 _In_ __drv_aliasesMem PUNICODE_STRING Prefix
,
1306 _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1308 _IRQL_requires_max_(PASSIVE_LEVEL
)
1312 RtlRemoveUnicodePrefix(
1313 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1314 _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1316 _IRQL_requires_max_(PASSIVE_LEVEL
)
1317 _Must_inspect_result_
1319 PUNICODE_PREFIX_TABLE_ENTRY
1321 RtlFindUnicodePrefix(
1322 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1323 _In_ PUNICODE_STRING FullName
,
1324 _In_ ULONG CaseInsensitiveIndex
);
1326 _IRQL_requires_max_(PASSIVE_LEVEL
)
1327 _Must_inspect_result_
1329 PUNICODE_PREFIX_TABLE_ENTRY
1331 RtlNextUnicodePrefix(
1332 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1333 _In_ BOOLEAN Restart
);
1335 _Must_inspect_result_
1339 RtlCompareMemoryUlong(
1340 _In_reads_bytes_(Length
) PVOID Source
,
1342 _In_ ULONG Pattern
);
1344 _Success_(return != 0)
1348 RtlTimeToSecondsSince1980(
1349 _In_ PLARGE_INTEGER Time
,
1350 _Out_ PULONG ElapsedSeconds
);
1355 RtlSecondsSince1980ToTime(
1356 _In_ ULONG ElapsedSeconds
,
1357 _Out_ PLARGE_INTEGER Time
);
1359 _Success_(return != 0)
1360 _Must_inspect_result_
1364 RtlTimeToSecondsSince1970(
1365 _In_ PLARGE_INTEGER Time
,
1366 _Out_ PULONG ElapsedSeconds
);
1371 RtlSecondsSince1970ToTime(
1372 _In_ ULONG ElapsedSeconds
,
1373 _Out_ PLARGE_INTEGER Time
);
1375 _IRQL_requires_max_(APC_LEVEL
)
1376 _Must_inspect_result_
1383 _Must_inspect_result_
1391 _IRQL_requires_max_(APC_LEVEL
)
1392 _Must_inspect_result_
1400 _IRQL_requires_max_(APC_LEVEL
)
1404 RtlLengthRequiredSid(
1405 _In_ ULONG SubAuthorityCount
);
1411 _In_ _Post_invalid_ PSID Sid
);
1413 _Must_inspect_result_
1417 RtlAllocateAndInitializeSid(
1418 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1419 _In_ UCHAR SubAuthorityCount
,
1420 _In_ ULONG SubAuthority0
,
1421 _In_ ULONG SubAuthority1
,
1422 _In_ ULONG SubAuthority2
,
1423 _In_ ULONG SubAuthority3
,
1424 _In_ ULONG SubAuthority4
,
1425 _In_ ULONG SubAuthority5
,
1426 _In_ ULONG SubAuthority6
,
1427 _In_ ULONG SubAuthority7
,
1428 _Outptr_ PSID
*Sid
);
1430 _IRQL_requires_max_(APC_LEVEL
)
1436 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1437 _In_ UCHAR SubAuthorityCount
);
1444 _In_ ULONG SubAuthority
);
1446 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE
)
1453 _IRQL_requires_max_(APC_LEVEL
)
1458 _In_ ULONG DestinationSidLength
,
1459 _Out_writes_bytes_(DestinationSidLength
) PSID DestinationSid
,
1460 _In_ PSID SourceSid
);
1462 _IRQL_requires_max_(APC_LEVEL
)
1466 RtlConvertSidToUnicodeString(
1467 _Inout_ PUNICODE_STRING UnicodeString
,
1469 _In_ BOOLEAN AllocateDestinationString
);
1471 _IRQL_requires_max_(APC_LEVEL
)
1476 _Out_ PLUID DestinationLuid
,
1477 _In_ PLUID SourceLuid
);
1479 _IRQL_requires_max_(APC_LEVEL
)
1484 _Out_writes_bytes_(AclLength
) PACL Acl
,
1485 _In_ ULONG AclLength
,
1486 _In_ ULONG AclRevision
);
1488 _IRQL_requires_max_(APC_LEVEL
)
1494 _In_ ULONG AceRevision
,
1495 _In_ ULONG StartingAceIndex
,
1496 _In_reads_bytes_(AceListLength
) PVOID AceList
,
1497 _In_ ULONG AceListLength
);
1499 _IRQL_requires_max_(APC_LEVEL
)
1505 _In_ ULONG AceIndex
);
1512 _In_ ULONG AceIndex
,
1513 _Outptr_ PVOID
*Ace
);
1515 _IRQL_requires_max_(APC_LEVEL
)
1519 RtlAddAccessAllowedAce(
1521 _In_ ULONG AceRevision
,
1522 _In_ ACCESS_MASK AccessMask
,
1525 _IRQL_requires_max_(APC_LEVEL
)
1529 RtlAddAccessAllowedAceEx(
1531 _In_ ULONG AceRevision
,
1532 _In_ ULONG AceFlags
,
1533 _In_ ACCESS_MASK AccessMask
,
1536 _IRQL_requires_max_(APC_LEVEL
)
1540 RtlCreateSecurityDescriptorRelative(
1541 _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor
,
1542 _In_ ULONG Revision
);
1547 RtlGetDaclSecurityDescriptor(
1548 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1549 _Out_ PBOOLEAN DaclPresent
,
1551 _Out_ PBOOLEAN DaclDefaulted
);
1553 _IRQL_requires_max_(APC_LEVEL
)
1557 RtlSetOwnerSecurityDescriptor(
1558 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1559 _In_opt_ PSID Owner
,
1560 _In_opt_ BOOLEAN OwnerDefaulted
);
1562 _IRQL_requires_max_(APC_LEVEL
)
1566 RtlGetOwnerSecurityDescriptor(
1567 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1569 _Out_ PBOOLEAN OwnerDefaulted
);
1571 _IRQL_requires_max_(APC_LEVEL
)
1572 _When_(Status
< 0, _Out_range_(>, 0))
1573 _When_(Status
>= 0, _Out_range_(==, 0))
1577 RtlNtStatusToDosError(
1578 _In_ NTSTATUS Status
);
1580 _IRQL_requires_max_(PASSIVE_LEVEL
)
1584 RtlCustomCPToUnicodeN(
1585 _In_ PCPTABLEINFO CustomCP
,
1586 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWCH UnicodeString
,
1587 _In_ ULONG MaxBytesInUnicodeString
,
1588 _Out_opt_ PULONG BytesInUnicodeString
,
1589 _In_reads_bytes_(BytesInCustomCPString
) PCH CustomCPString
,
1590 _In_ ULONG BytesInCustomCPString
);
1592 _IRQL_requires_max_(PASSIVE_LEVEL
)
1596 RtlUnicodeToCustomCPN(
1597 _In_ PCPTABLEINFO CustomCP
,
1598 _Out_writes_bytes_to_(MaxBytesInCustomCPString
, *BytesInCustomCPString
) PCH CustomCPString
,
1599 _In_ ULONG MaxBytesInCustomCPString
,
1600 _Out_opt_ PULONG BytesInCustomCPString
,
1601 _In_reads_bytes_(BytesInUnicodeString
) PWCH UnicodeString
,
1602 _In_ ULONG BytesInUnicodeString
);
1604 _IRQL_requires_max_(PASSIVE_LEVEL
)
1608 RtlUpcaseUnicodeToCustomCPN(
1609 _In_ PCPTABLEINFO CustomCP
,
1610 _Out_writes_bytes_to_(MaxBytesInCustomCPString
, *BytesInCustomCPString
) PCH CustomCPString
,
1611 _In_ ULONG MaxBytesInCustomCPString
,
1612 _Out_opt_ PULONG BytesInCustomCPString
,
1613 _In_reads_bytes_(BytesInUnicodeString
) PWCH UnicodeString
,
1614 _In_ ULONG BytesInUnicodeString
);
1616 _IRQL_requires_max_(PASSIVE_LEVEL
)
1620 RtlInitCodePageTable(
1621 _In_ PUSHORT TableBase
,
1622 _Out_ PCPTABLEINFO CodePageTable
);
1625 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
1628 #if (NTDDI_VERSION >= NTDDI_WINXP)
1632 _Must_inspect_result_
1638 _In_opt_ PVOID HeapBase
,
1639 _In_opt_ SIZE_T ReserveSize
,
1640 _In_opt_ SIZE_T CommitSize
,
1641 _In_opt_ PVOID Lock
,
1642 _In_opt_ PRTL_HEAP_PARAMETERS Parameters
);
1648 _In_ _Post_invalid_ PVOID HeapHandle
);
1653 RtlCaptureStackBackTrace(
1654 _In_ ULONG FramesToSkip
,
1655 _In_ ULONG FramesToCapture
,
1656 _Out_writes_to_(FramesToCapture
, return) PVOID
*BackTrace
,
1657 _Out_opt_ PULONG BackTraceHash
);
1659 _Ret_range_(<, MAXLONG
)
1664 _Inout_ PULONG Seed
);
1666 _IRQL_requires_max_(DISPATCH_LEVEL
)
1670 RtlInitUnicodeStringEx(
1671 _Out_ PUNICODE_STRING DestinationString
,
1672 _In_opt_z_ __drv_aliasesMem PCWSTR SourceString
);
1674 _Must_inspect_result_
1678 RtlValidateUnicodeString(
1680 _In_ PCUNICODE_STRING String
);
1682 _IRQL_requires_max_(PASSIVE_LEVEL
)
1683 _Must_inspect_result_
1687 RtlDuplicateUnicodeString(
1689 _In_ PCUNICODE_STRING SourceString
,
1690 _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)) PUNICODE_STRING DestinationString
);
1695 RtlGetCompressionWorkSpaceSize(
1696 _In_ USHORT CompressionFormatAndEngine
,
1697 _Out_ PULONG CompressBufferWorkSpaceSize
,
1698 _Out_ PULONG CompressFragmentWorkSpaceSize
);
1704 _In_ USHORT CompressionFormatAndEngine
,
1705 _In_reads_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1706 _In_ ULONG UncompressedBufferSize
,
1707 _Out_writes_bytes_to_(CompressedBufferSize
, *FinalCompressedSize
) PUCHAR CompressedBuffer
,
1708 _In_ ULONG CompressedBufferSize
,
1709 _In_ ULONG UncompressedChunkSize
,
1710 _Out_ PULONG FinalCompressedSize
,
1711 _In_ PVOID WorkSpace
);
1713 _IRQL_requires_max_(APC_LEVEL
)
1717 RtlDecompressBuffer(
1718 _In_ USHORT CompressionFormat
,
1719 _Out_writes_bytes_to_(UncompressedBufferSize
, *FinalUncompressedSize
) PUCHAR UncompressedBuffer
,
1720 _In_ ULONG UncompressedBufferSize
,
1721 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1722 _In_ ULONG CompressedBufferSize
,
1723 _Out_ PULONG FinalUncompressedSize
);
1725 _IRQL_requires_max_(APC_LEVEL
)
1729 RtlDecompressFragment(
1730 _In_ USHORT CompressionFormat
,
1731 _Out_writes_bytes_to_(UncompressedFragmentSize
, *FinalUncompressedSize
) PUCHAR UncompressedFragment
,
1732 _In_ ULONG UncompressedFragmentSize
,
1733 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1734 _In_ ULONG CompressedBufferSize
,
1735 _In_range_(<, CompressedBufferSize
) ULONG FragmentOffset
,
1736 _Out_ PULONG FinalUncompressedSize
,
1737 _In_ PVOID WorkSpace
);
1739 _IRQL_requires_max_(APC_LEVEL
)
1744 _In_ USHORT CompressionFormat
,
1745 _Inout_ PUCHAR
*CompressedBuffer
,
1746 _In_ PUCHAR EndOfCompressedBufferPlus1
,
1747 _Out_ PUCHAR
*ChunkBuffer
,
1748 _Out_ PULONG ChunkSize
);
1750 _IRQL_requires_max_(APC_LEVEL
)
1755 _In_ USHORT CompressionFormat
,
1756 _Inout_ PUCHAR
*CompressedBuffer
,
1757 _In_ PUCHAR EndOfCompressedBufferPlus1
,
1758 _Out_ PUCHAR
*ChunkBuffer
,
1759 _In_ ULONG ChunkSize
);
1761 _IRQL_requires_max_(APC_LEVEL
)
1765 RtlDecompressChunks(
1766 _Out_writes_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1767 _In_ ULONG UncompressedBufferSize
,
1768 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1769 _In_ ULONG CompressedBufferSize
,
1770 _In_reads_bytes_(CompressedTailSize
) PUCHAR CompressedTail
,
1771 _In_ ULONG CompressedTailSize
,
1772 _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo
);
1774 _IRQL_requires_max_(APC_LEVEL
)
1779 _In_reads_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1780 _In_ ULONG UncompressedBufferSize
,
1781 _Out_writes_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1782 _In_range_(>=, (UncompressedBufferSize
- (UncompressedBufferSize
/ 16))) ULONG CompressedBufferSize
,
1783 _Inout_updates_bytes_(CompressedDataInfoLength
) PCOMPRESSED_DATA_INFO CompressedDataInfo
,
1784 _In_range_(>, sizeof(COMPRESSED_DATA_INFO
)) ULONG CompressedDataInfoLength
,
1785 _In_ PVOID WorkSpace
);
1787 _IRQL_requires_max_(APC_LEVEL
)
1789 PSID_IDENTIFIER_AUTHORITY
1791 RtlIdentifierAuthoritySid(
1797 RtlSubAuthorityCountSid(
1800 _When_(Status
< 0, _Out_range_(>, 0))
1801 _When_(Status
>= 0, _Out_range_(==, 0))
1805 RtlNtStatusToDosErrorNoTeb(
1806 _In_ NTSTATUS Status
);
1808 _IRQL_requires_max_(PASSIVE_LEVEL
)
1812 RtlCreateSystemVolumeInformationFolder(
1813 _In_ PCUNICODE_STRING VolumeRootPath
);
1815 #if defined(_M_AMD64)
1820 _Out_writes_bytes_all_(Length
) PVOID Destination
,
1824 PULONG Address
= (PULONG
)Destination
;
1825 if ((Length
/= 4) != 0) {
1826 if (((ULONG64
)Address
& 4) != 0) {
1828 if ((Length
-= 1) == 0) {
1833 __stosq((PULONG64
)(Address
), Pattern
| ((ULONG64
)Pattern
<< 32), Length
/ 2);
1834 if ((Length
& 1) != 0) Address
[Length
- 1] = Pattern
;
1839 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
1840 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
1848 OUT PVOID Destination
,
1855 RtlFillMemoryUlonglong(
1856 _Out_writes_bytes_all_(Length
) PVOID Destination
,
1858 _In_ ULONGLONG Pattern
);
1860 #endif /* defined(_M_AMD64) */
1862 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
1864 #if (NTDDI_VERSION >= NTDDI_WS03)
1865 _IRQL_requires_max_(DISPATCH_LEVEL
)
1869 RtlInitAnsiStringEx(
1870 _Out_ PANSI_STRING DestinationString
,
1871 _In_opt_z_ __drv_aliasesMem PCSZ SourceString
);
1874 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
1876 _IRQL_requires_max_(APC_LEVEL
)
1880 RtlGetSaclSecurityDescriptor(
1881 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1882 _Out_ PBOOLEAN SaclPresent
,
1884 _Out_ PBOOLEAN SaclDefaulted
);
1886 _IRQL_requires_max_(APC_LEVEL
)
1890 RtlSetGroupSecurityDescriptor(
1891 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1892 _In_opt_ PSID Group
,
1893 _In_opt_ BOOLEAN GroupDefaulted
);
1895 _IRQL_requires_max_(APC_LEVEL
)
1899 RtlGetGroupSecurityDescriptor(
1900 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1902 _Out_ PBOOLEAN GroupDefaulted
);
1904 _IRQL_requires_max_(APC_LEVEL
)
1908 RtlAbsoluteToSelfRelativeSD(
1909 _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor
,
1910 _Out_writes_bytes_to_opt_(*BufferLength
, *BufferLength
) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
,
1911 _Inout_ PULONG BufferLength
);
1913 _IRQL_requires_max_(APC_LEVEL
)
1917 RtlSelfRelativeToAbsoluteSD(
1918 _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
,
1919 _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize
, *AbsoluteSecurityDescriptorSize
) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor
,
1920 _Inout_ PULONG AbsoluteSecurityDescriptorSize
,
1921 _Out_writes_bytes_to_opt_(*DaclSize
, *DaclSize
) PACL Dacl
,
1922 _Inout_ PULONG DaclSize
,
1923 _Out_writes_bytes_to_opt_(*SaclSize
, *SaclSize
) PACL Sacl
,
1924 _Inout_ PULONG SaclSize
,
1925 _Out_writes_bytes_to_opt_(*OwnerSize
, *OwnerSize
) PSID Owner
,
1926 _Inout_ PULONG OwnerSize
,
1927 _Out_writes_bytes_to_opt_(*PrimaryGroupSize
, *PrimaryGroupSize
) PSID PrimaryGroup
,
1928 _Inout_ PULONG PrimaryGroupSize
);
1930 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
1932 #if (NTDDI_VERSION >= NTDDI_VISTA)
1938 _In_ ULONG NormForm
,
1939 _In_ PCWSTR SourceString
,
1940 _In_ LONG SourceStringLength
,
1941 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1942 _Inout_ PLONG DestinationStringLength
);
1947 RtlIsNormalizedString(
1948 _In_ ULONG NormForm
,
1949 _In_ PCWSTR SourceString
,
1950 _In_ LONG SourceStringLength
,
1951 _Out_ PBOOLEAN Normalized
);
1958 _In_ PCWSTR SourceString
,
1959 _In_ LONG SourceStringLength
,
1960 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1961 _Inout_ PLONG DestinationStringLength
);
1968 IN PCWSTR SourceString
,
1969 IN LONG SourceStringLength
,
1970 OUT PWSTR DestinationString
,
1971 IN OUT PLONG DestinationStringLength
);
1976 RtlIdnToNameprepUnicode(
1978 _In_ PCWSTR SourceString
,
1979 _In_ LONG SourceStringLength
,
1980 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1981 _Inout_ PLONG DestinationStringLength
);
1986 RtlCreateServiceSid(
1987 _In_ PUNICODE_STRING ServiceName
,
1988 _Out_writes_bytes_opt_(*ServiceSidLength
) PSID ServiceSid
,
1989 _Inout_ PULONG ServiceSidLength
);
1994 RtlCompareAltitudes(
1995 _In_ PCUNICODE_STRING Altitude1
,
1996 _In_ PCUNICODE_STRING Altitude2
);
1999 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
2001 #if (NTDDI_VERSION >= NTDDI_WIN7)
2003 _IRQL_requires_max_(PASSIVE_LEVEL
)
2004 _Must_inspect_result_
2009 _Out_writes_bytes_to_(UTF8StringMaxByteCount
, *UTF8StringActualByteCount
) PCHAR UTF8StringDestination
,
2010 _In_ ULONG UTF8StringMaxByteCount
,
2011 _Out_ PULONG UTF8StringActualByteCount
,
2012 _In_reads_bytes_(UnicodeStringByteCount
) PCWCH UnicodeStringSource
,
2013 _In_ ULONG UnicodeStringByteCount
);
2015 _IRQL_requires_max_(PASSIVE_LEVEL
)
2016 _Must_inspect_result_
2021 _Out_writes_bytes_to_(UnicodeStringMaxByteCount
, *UnicodeStringActualByteCount
) PWSTR UnicodeStringDestination
,
2022 _In_ ULONG UnicodeStringMaxByteCount
,
2023 _Out_ PULONG UnicodeStringActualByteCount
,
2024 _In_reads_bytes_(UTF8StringByteCount
) PCCH UTF8StringSource
,
2025 _In_ ULONG UTF8StringByteCount
);
2027 _IRQL_requires_max_(APC_LEVEL
)
2032 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2035 _Out_ ULONG
*NumChanges
);
2040 RtlCreateVirtualAccountSid(
2041 _In_ PCUNICODE_STRING Name
,
2042 _In_ ULONG BaseSubAuthority
,
2043 _Out_writes_bytes_(*SidLength
) PSID Sid
,
2044 _Inout_ PULONG SidLength
);
2046 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
2049 #if defined(_AMD64_) || defined(_IA64_)
2053 #endif /* defined(_AMD64_) || defined(_IA64_) */
2057 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2058 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2060 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2061 RtlxUnicodeStringToOemSize(STRING) : \
2062 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2065 #define RtlOemStringToUnicodeSize(STRING) ( \
2066 NLS_MB_OEM_CODE_PAGE_TAG ? \
2067 RtlxOemStringToUnicodeSize(STRING) : \
2068 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2071 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2072 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2075 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
2076 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
2078 _IRQL_requires_max_(PASSIVE_LEVEL
)
2084 _In_opt_ HANDLE Handle
,
2085 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
,
2086 _Out_writes_bytes_opt_(ObjectInformationLength
) PVOID ObjectInformation
,
2087 _In_ ULONG ObjectInformationLength
,
2088 _Out_opt_ PULONG ReturnLength
);
2090 #if (NTDDI_VERSION >= NTDDI_WIN2K)
2092 _Must_inspect_result_
2098 _In_ HANDLE ThreadHandle
,
2099 _In_ ACCESS_MASK DesiredAccess
,
2100 _In_ BOOLEAN OpenAsSelf
,
2101 _Out_ PHANDLE TokenHandle
);
2103 _Must_inspect_result_
2109 _In_ HANDLE ProcessHandle
,
2110 _In_ ACCESS_MASK DesiredAccess
,
2111 _Out_ PHANDLE TokenHandle
);
2113 _When_(TokenInformationClass
== TokenAccessInformation
,
2114 _At_(TokenInformationLength
,
2115 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION
))))
2116 _Must_inspect_result_
2121 NtQueryInformationToken(
2122 _In_ HANDLE TokenHandle
,
2123 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
2124 _Out_writes_bytes_to_opt_(TokenInformationLength
, *ReturnLength
) PVOID TokenInformation
,
2125 _In_ ULONG TokenInformationLength
,
2126 _Out_ PULONG ReturnLength
);
2128 _Must_inspect_result_
2133 NtAdjustPrivilegesToken(
2134 _In_ HANDLE TokenHandle
,
2135 _In_ BOOLEAN DisableAllPrivileges
,
2136 _In_opt_ PTOKEN_PRIVILEGES NewState
,
2137 _In_ ULONG BufferLength
,
2138 _Out_writes_bytes_to_opt_(BufferLength
, *ReturnLength
) PTOKEN_PRIVILEGES PreviousState
,
2139 _When_(PreviousState
!= NULL
, _Out_
) PULONG ReturnLength
);
2146 _Out_ PHANDLE FileHandle
,
2147 _In_ ACCESS_MASK DesiredAccess
,
2148 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
2149 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2150 _In_opt_ PLARGE_INTEGER AllocationSize
,
2151 _In_ ULONG FileAttributes
,
2152 _In_ ULONG ShareAccess
,
2153 _In_ ULONG CreateDisposition
,
2154 _In_ ULONG CreateOptions
,
2155 _In_reads_bytes_opt_(EaLength
) PVOID EaBuffer
,
2156 _In_ ULONG EaLength
);
2162 NtDeviceIoControlFile(
2163 _In_ HANDLE FileHandle
,
2164 _In_opt_ HANDLE Event
,
2165 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2166 _In_opt_ PVOID ApcContext
,
2167 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2168 _In_ ULONG IoControlCode
,
2169 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
2170 _In_ ULONG InputBufferLength
,
2171 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
2172 _In_ ULONG OutputBufferLength
);
2179 _In_ HANDLE FileHandle
,
2180 _In_opt_ HANDLE Event
,
2181 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2182 _In_opt_ PVOID ApcContext
,
2183 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2184 _In_ ULONG FsControlCode
,
2185 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
2186 _In_ ULONG InputBufferLength
,
2187 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
2188 _In_ ULONG OutputBufferLength
);
2195 _In_ HANDLE FileHandle
,
2196 _In_opt_ HANDLE Event
,
2197 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2198 _In_opt_ PVOID ApcContext
,
2199 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2200 _In_ PLARGE_INTEGER ByteOffset
,
2201 _In_ PLARGE_INTEGER Length
,
2203 _In_ BOOLEAN FailImmediately
,
2204 _In_ BOOLEAN ExclusiveLock
);
2211 _Out_ PHANDLE FileHandle
,
2212 _In_ ACCESS_MASK DesiredAccess
,
2213 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
2214 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2215 _In_ ULONG ShareAccess
,
2216 _In_ ULONG OpenOptions
);
2222 NtQueryDirectoryFile(
2223 _In_ HANDLE FileHandle
,
2224 _In_opt_ HANDLE Event
,
2225 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2226 _In_opt_ PVOID ApcContext
,
2227 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2228 _Out_writes_bytes_(Length
) PVOID FileInformation
,
2230 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
2231 _In_ BOOLEAN ReturnSingleEntry
,
2232 _In_opt_ PUNICODE_STRING FileName
,
2233 _In_ BOOLEAN RestartScan
);
2239 NtQueryInformationFile(
2240 _In_ HANDLE FileHandle
,
2241 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2242 _Out_writes_bytes_(Length
) PVOID FileInformation
,
2244 _In_ FILE_INFORMATION_CLASS FileInformationClass
);
2250 NtQueryQuotaInformationFile(
2251 _In_ HANDLE FileHandle
,
2252 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2253 _Out_writes_bytes_(Length
) PVOID Buffer
,
2255 _In_ BOOLEAN ReturnSingleEntry
,
2256 _In_reads_bytes_opt_(SidListLength
) PVOID SidList
,
2257 _In_ ULONG SidListLength
,
2258 _In_reads_bytes_opt_((8 + (4 * ((SID
*)StartSid
)->SubAuthorityCount
))) PSID StartSid
,
2259 _In_ BOOLEAN RestartScan
);
2265 NtQueryVolumeInformationFile(
2266 _In_ HANDLE FileHandle
,
2267 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2268 _Out_writes_bytes_(Length
) PVOID FsInformation
,
2270 _In_ FS_INFORMATION_CLASS FsInformationClass
);
2277 _In_ HANDLE FileHandle
,
2278 _In_opt_ HANDLE Event
,
2279 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2280 _In_opt_ PVOID ApcContext
,
2281 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2282 _Out_writes_bytes_(Length
) PVOID Buffer
,
2284 _In_opt_ PLARGE_INTEGER ByteOffset
,
2285 _In_opt_ PULONG Key
);
2291 NtSetInformationFile(
2292 _In_ HANDLE FileHandle
,
2293 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2294 _In_reads_bytes_(Length
) PVOID FileInformation
,
2296 _In_ FILE_INFORMATION_CLASS FileInformationClass
);
2302 NtSetQuotaInformationFile(
2303 _In_ HANDLE FileHandle
,
2304 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2305 _In_reads_bytes_(Length
) PVOID Buffer
,
2312 NtSetVolumeInformationFile(
2313 _In_ HANDLE FileHandle
,
2314 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2315 _In_reads_bytes_(Length
) PVOID FsInformation
,
2317 _In_ FS_INFORMATION_CLASS FsInformationClass
);
2324 _In_ HANDLE FileHandle
,
2325 _In_opt_ HANDLE Event
,
2326 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2327 _In_opt_ PVOID ApcContext
,
2328 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2329 _In_reads_bytes_(Length
) PVOID Buffer
,
2331 _In_opt_ PLARGE_INTEGER ByteOffset
,
2332 _In_opt_ PULONG Key
);
2339 _In_ HANDLE FileHandle
,
2340 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2341 _In_ PLARGE_INTEGER ByteOffset
,
2342 _In_ PLARGE_INTEGER Length
,
2345 _IRQL_requires_max_(PASSIVE_LEVEL
)
2350 NtSetSecurityObject(
2352 _In_ SECURITY_INFORMATION SecurityInformation
,
2353 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
2355 _IRQL_requires_max_(PASSIVE_LEVEL
)
2360 NtQuerySecurityObject(
2362 _In_ SECURITY_INFORMATION SecurityInformation
,
2363 _Out_writes_bytes_opt_(Length
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
2365 _Out_ PULONG LengthNeeded
);
2367 _IRQL_requires_max_(PASSIVE_LEVEL
)
2373 _In_ HANDLE Handle
);
2377 #if (NTDDI_VERSION >= NTDDI_WINXP)
2379 _Must_inspect_result_
2384 NtOpenThreadTokenEx(
2385 _In_ HANDLE ThreadHandle
,
2386 _In_ ACCESS_MASK DesiredAccess
,
2387 _In_ BOOLEAN OpenAsSelf
,
2388 _In_ ULONG HandleAttributes
,
2389 _Out_ PHANDLE TokenHandle
);
2391 _Must_inspect_result_
2396 NtOpenProcessTokenEx(
2397 _In_ HANDLE ProcessHandle
,
2398 _In_ ACCESS_MASK DesiredAccess
,
2399 _In_ ULONG HandleAttributes
,
2400 _Out_ PHANDLE TokenHandle
);
2402 _Must_inspect_result_
2406 NtOpenJobObjectToken(
2407 _In_ HANDLE JobHandle
,
2408 _In_ ACCESS_MASK DesiredAccess
,
2409 _Out_ PHANDLE TokenHandle
);
2411 _Must_inspect_result_
2417 _In_ HANDLE ExistingTokenHandle
,
2418 _In_ ACCESS_MASK DesiredAccess
,
2419 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
2420 _In_ BOOLEAN EffectiveOnly
,
2421 _In_ TOKEN_TYPE TokenType
,
2422 _Out_ PHANDLE NewTokenHandle
);
2424 _Must_inspect_result_
2430 _In_ HANDLE ExistingTokenHandle
,
2432 _In_opt_ PTOKEN_GROUPS SidsToDisable
,
2433 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete
,
2434 _In_opt_ PTOKEN_GROUPS RestrictedSids
,
2435 _Out_ PHANDLE NewTokenHandle
);
2437 _Must_inspect_result_
2442 NtImpersonateAnonymousToken(
2443 _In_ HANDLE ThreadHandle
);
2445 _Must_inspect_result_
2450 NtSetInformationToken(
2451 _In_ HANDLE TokenHandle
,
2452 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
2453 _In_reads_bytes_(TokenInformationLength
) PVOID TokenInformation
,
2454 _In_ ULONG TokenInformationLength
);
2456 _Must_inspect_result_
2461 NtAdjustGroupsToken(
2462 _In_ HANDLE TokenHandle
,
2463 _In_ BOOLEAN ResetToDefault
,
2464 _In_opt_ PTOKEN_GROUPS NewState
,
2465 _In_opt_ ULONG BufferLength
,
2466 _Out_writes_bytes_to_opt_(BufferLength
, *ReturnLength
) PTOKEN_GROUPS PreviousState
,
2467 _Out_ PULONG ReturnLength
);
2469 _Must_inspect_result_
2475 _In_ HANDLE ClientToken
,
2476 _Inout_ PPRIVILEGE_SET RequiredPrivileges
,
2477 _Out_ PBOOLEAN Result
);
2479 _Must_inspect_result_
2484 NtAccessCheckAndAuditAlarm(
2485 _In_ PUNICODE_STRING SubsystemName
,
2486 _In_opt_ PVOID HandleId
,
2487 _In_ PUNICODE_STRING ObjectTypeName
,
2488 _In_ PUNICODE_STRING ObjectName
,
2489 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2490 _In_ ACCESS_MASK DesiredAccess
,
2491 _In_ PGENERIC_MAPPING GenericMapping
,
2492 _In_ BOOLEAN ObjectCreation
,
2493 _Out_ PACCESS_MASK GrantedAccess
,
2494 _Out_ PNTSTATUS AccessStatus
,
2495 _Out_ PBOOLEAN GenerateOnClose
);
2497 _Must_inspect_result_
2502 NtAccessCheckByTypeAndAuditAlarm(
2503 _In_ PUNICODE_STRING SubsystemName
,
2504 _In_opt_ PVOID HandleId
,
2505 _In_ PUNICODE_STRING ObjectTypeName
,
2506 _In_ PUNICODE_STRING ObjectName
,
2507 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2508 _In_opt_ PSID PrincipalSelfSid
,
2509 _In_ ACCESS_MASK DesiredAccess
,
2510 _In_ AUDIT_EVENT_TYPE AuditType
,
2512 _In_reads_opt_(ObjectTypeLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2513 _In_ ULONG ObjectTypeLength
,
2514 _In_ PGENERIC_MAPPING GenericMapping
,
2515 _In_ BOOLEAN ObjectCreation
,
2516 _Out_ PACCESS_MASK GrantedAccess
,
2517 _Out_ PNTSTATUS AccessStatus
,
2518 _Out_ PBOOLEAN GenerateOnClose
);
2520 _Must_inspect_result_
2525 NtAccessCheckByTypeResultListAndAuditAlarm(
2526 _In_ PUNICODE_STRING SubsystemName
,
2527 _In_opt_ PVOID HandleId
,
2528 _In_ PUNICODE_STRING ObjectTypeName
,
2529 _In_ PUNICODE_STRING ObjectName
,
2530 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2531 _In_opt_ PSID PrincipalSelfSid
,
2532 _In_ ACCESS_MASK DesiredAccess
,
2533 _In_ AUDIT_EVENT_TYPE AuditType
,
2535 _In_reads_opt_(ObjectTypeListLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2536 _In_ ULONG ObjectTypeListLength
,
2537 _In_ PGENERIC_MAPPING GenericMapping
,
2538 _In_ BOOLEAN ObjectCreation
,
2539 _Out_writes_(ObjectTypeListLength
) PACCESS_MASK GrantedAccess
,
2540 _Out_writes_(ObjectTypeListLength
) PNTSTATUS AccessStatus
,
2541 _Out_ PBOOLEAN GenerateOnClose
);
2543 _Must_inspect_result_
2548 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
2549 _In_ PUNICODE_STRING SubsystemName
,
2550 _In_opt_ PVOID HandleId
,
2551 _In_ HANDLE ClientToken
,
2552 _In_ PUNICODE_STRING ObjectTypeName
,
2553 _In_ PUNICODE_STRING ObjectName
,
2554 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2555 _In_opt_ PSID PrincipalSelfSid
,
2556 _In_ ACCESS_MASK DesiredAccess
,
2557 _In_ AUDIT_EVENT_TYPE AuditType
,
2559 _In_reads_opt_(ObjectTypeListLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2560 _In_ ULONG ObjectTypeListLength
,
2561 _In_ PGENERIC_MAPPING GenericMapping
,
2562 _In_ BOOLEAN ObjectCreation
,
2563 _Out_writes_(ObjectTypeListLength
) PACCESS_MASK GrantedAccess
,
2564 _Out_writes_(ObjectTypeListLength
) PNTSTATUS AccessStatus
,
2565 _Out_ PBOOLEAN GenerateOnClose
);
2571 NtOpenObjectAuditAlarm(
2572 _In_ PUNICODE_STRING SubsystemName
,
2573 _In_opt_ PVOID HandleId
,
2574 _In_ PUNICODE_STRING ObjectTypeName
,
2575 _In_ PUNICODE_STRING ObjectName
,
2576 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2577 _In_ HANDLE ClientToken
,
2578 _In_ ACCESS_MASK DesiredAccess
,
2579 _In_ ACCESS_MASK GrantedAccess
,
2580 _In_opt_ PPRIVILEGE_SET Privileges
,
2581 _In_ BOOLEAN ObjectCreation
,
2582 _In_ BOOLEAN AccessGranted
,
2583 _Out_ PBOOLEAN GenerateOnClose
);
2589 NtPrivilegeObjectAuditAlarm(
2590 _In_ PUNICODE_STRING SubsystemName
,
2591 _In_opt_ PVOID HandleId
,
2592 _In_ HANDLE ClientToken
,
2593 _In_ ACCESS_MASK DesiredAccess
,
2594 _In_ PPRIVILEGE_SET Privileges
,
2595 _In_ BOOLEAN AccessGranted
);
2601 NtCloseObjectAuditAlarm(
2602 _In_ PUNICODE_STRING SubsystemName
,
2603 _In_opt_ PVOID HandleId
,
2604 _In_ BOOLEAN GenerateOnClose
);
2610 NtDeleteObjectAuditAlarm(
2611 _In_ PUNICODE_STRING SubsystemName
,
2612 _In_opt_ PVOID HandleId
,
2613 _In_ BOOLEAN GenerateOnClose
);
2619 NtPrivilegedServiceAuditAlarm(
2620 _In_ PUNICODE_STRING SubsystemName
,
2621 _In_ PUNICODE_STRING ServiceName
,
2622 _In_ HANDLE ClientToken
,
2623 _In_ PPRIVILEGE_SET Privileges
,
2624 _In_ BOOLEAN AccessGranted
);
2630 NtSetInformationThread(
2631 _In_ HANDLE ThreadHandle
,
2632 _In_ THREADINFOCLASS ThreadInformationClass
,
2633 _In_reads_bytes_(ThreadInformationLength
) PVOID ThreadInformation
,
2634 _In_ ULONG ThreadInformationLength
);
2636 _Must_inspect_result_
2642 _Out_ PHANDLE SectionHandle
,
2643 _In_ ACCESS_MASK DesiredAccess
,
2644 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
2645 _In_opt_ PLARGE_INTEGER MaximumSize
,
2646 _In_ ULONG SectionPageProtection
,
2647 _In_ ULONG AllocationAttributes
,
2648 _In_opt_ HANDLE FileHandle
);
2652 #define COMPRESSION_FORMAT_NONE (0x0000)
2653 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2654 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2655 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2656 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2657 #define COMPRESSION_ENGINE_HIBER (0x0200)
2659 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2661 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2663 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2664 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2666 typedef ULONG LSA_OPERATIONAL_MODE
, *PLSA_OPERATIONAL_MODE
;
2668 typedef enum _SECURITY_LOGON_TYPE
{
2669 UndefinedLogonType
= 0,
2678 #if (_WIN32_WINNT >= 0x0501)
2682 #if (_WIN32_WINNT >= 0x0502)
2683 CachedRemoteInteractive
,
2686 } SECURITY_LOGON_TYPE
, *PSECURITY_LOGON_TYPE
;
2688 #ifndef _NTLSA_AUDIT_
2689 #define _NTLSA_AUDIT_
2691 #ifndef GUID_DEFINED
2692 #include <guiddef.h>
2695 #endif /* _NTLSA_AUDIT_ */
2697 _IRQL_requires_same_
2698 _IRQL_requires_max_(PASSIVE_LEVEL
)
2701 LsaRegisterLogonProcess(
2702 _In_ PLSA_STRING LogonProcessName
,
2703 _Out_ PHANDLE LsaHandle
,
2704 _Out_ PLSA_OPERATIONAL_MODE SecurityMode
);
2706 _IRQL_requires_same_
2707 _IRQL_requires_max_(PASSIVE_LEVEL
)
2711 _In_ HANDLE LsaHandle
,
2712 _In_ PLSA_STRING OriginName
,
2713 _In_ SECURITY_LOGON_TYPE LogonType
,
2714 _In_ ULONG AuthenticationPackage
,
2715 _In_reads_bytes_(AuthenticationInformationLength
) PVOID AuthenticationInformation
,
2716 _In_ ULONG AuthenticationInformationLength
,
2717 _In_opt_ PTOKEN_GROUPS LocalGroups
,
2718 _In_ PTOKEN_SOURCE SourceContext
,
2719 _Out_ PVOID
*ProfileBuffer
,
2720 _Out_ PULONG ProfileBufferLength
,
2721 _Inout_ PLUID LogonId
,
2722 _Out_ PHANDLE Token
,
2723 _Out_ PQUOTA_LIMITS Quotas
,
2724 _Out_ PNTSTATUS SubStatus
);
2726 _IRQL_requires_same_
2729 LsaFreeReturnBuffer(
2736 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2737 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2738 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2740 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2741 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2743 #define MSV1_0_CHALLENGE_LENGTH 8
2744 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2745 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2747 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2748 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2749 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2750 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2751 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2752 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2753 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2754 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2755 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2756 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2757 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2759 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2760 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2762 #if (_WIN32_WINNT >= 0x0502)
2763 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2764 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2767 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2768 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2770 #if (_WIN32_WINNT >= 0x0600)
2771 #define MSV1_0_S4U2SELF 0x00020000
2772 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2775 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2776 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2777 #define MSV1_0_MNS_LOGON 0x01000000
2779 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2780 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2782 #define LOGON_GUEST 0x01
2783 #define LOGON_NOENCRYPTION 0x02
2784 #define LOGON_CACHED_ACCOUNT 0x04
2785 #define LOGON_USED_LM_PASSWORD 0x08
2786 #define LOGON_EXTRA_SIDS 0x20
2787 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2788 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2789 #define LOGON_NTLMV2_ENABLED 0x100
2790 #define LOGON_RESOURCE_GROUPS 0x200
2791 #define LOGON_PROFILE_PATH_RETURNED 0x400
2792 #define LOGON_NT_V2 0x800
2793 #define LOGON_LM_V2 0x1000
2794 #define LOGON_NTLM_V2 0x2000
2796 #if (_WIN32_WINNT >= 0x0600)
2798 #define LOGON_OPTIMIZED 0x4000
2799 #define LOGON_WINLOGON 0x8000
2800 #define LOGON_PKINIT 0x10000
2801 #define LOGON_NO_OPTIMIZED 0x20000
2805 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2807 #define LOGON_GRACE_LOGON 0x01000000
2809 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2810 #define MSV1_0_CRED_LM_PRESENT 0x1
2811 #define MSV1_0_CRED_NT_PRESENT 0x2
2812 #define MSV1_0_CRED_VERSION 0
2814 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2815 #define MSV1_0_NTLM3_OWF_LENGTH 16
2817 #if (_WIN32_WINNT == 0x0500)
2818 #define MSV1_0_MAX_NTLM3_LIFE 1800
2820 #define MSV1_0_MAX_NTLM3_LIFE 129600
2822 #define MSV1_0_MAX_AVL_SIZE 64000
2824 #if (_WIN32_WINNT >= 0x0501)
2826 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2828 #if (_WIN32_WINNT >= 0x0600)
2829 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2834 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2836 #if(_WIN32_WINNT >= 0x0502)
2837 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2840 #define USE_PRIMARY_PASSWORD 0x01
2841 #define RETURN_PRIMARY_USERNAME 0x02
2842 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2843 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2844 #define GENERATE_CLIENT_CHALLENGE 0x10
2845 #define GCR_NTLM3_PARMS 0x20
2846 #define GCR_TARGET_INFO 0x40
2847 #define RETURN_RESERVED_PARAMETER 0x80
2848 #define GCR_ALLOW_NTLM 0x100
2849 #define GCR_USE_OEM_SET 0x200
2850 #define GCR_MACHINE_CREDENTIAL 0x400
2851 #define GCR_USE_OWF_PASSWORD 0x800
2852 #define GCR_ALLOW_LM 0x1000
2853 #define GCR_ALLOW_NO_TARGET 0x2000
2855 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE
{
2856 MsV1_0InteractiveLogon
= 2,
2860 MsV1_0WorkstationUnlockLogon
= 7,
2861 MsV1_0S4ULogon
= 12,
2862 MsV1_0VirtualLogon
= 82
2863 } MSV1_0_LOGON_SUBMIT_TYPE
, *PMSV1_0_LOGON_SUBMIT_TYPE
;
2865 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE
{
2866 MsV1_0InteractiveProfile
= 2,
2867 MsV1_0Lm20LogonProfile
,
2868 MsV1_0SmartCardProfile
2869 } MSV1_0_PROFILE_BUFFER_TYPE
, *PMSV1_0_PROFILE_BUFFER_TYPE
;
2871 typedef struct _MSV1_0_INTERACTIVE_LOGON
{
2872 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2873 UNICODE_STRING LogonDomainName
;
2874 UNICODE_STRING UserName
;
2875 UNICODE_STRING Password
;
2876 } MSV1_0_INTERACTIVE_LOGON
, *PMSV1_0_INTERACTIVE_LOGON
;
2878 typedef struct _MSV1_0_INTERACTIVE_PROFILE
{
2879 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2881 USHORT BadPasswordCount
;
2882 LARGE_INTEGER LogonTime
;
2883 LARGE_INTEGER LogoffTime
;
2884 LARGE_INTEGER KickOffTime
;
2885 LARGE_INTEGER PasswordLastSet
;
2886 LARGE_INTEGER PasswordCanChange
;
2887 LARGE_INTEGER PasswordMustChange
;
2888 UNICODE_STRING LogonScript
;
2889 UNICODE_STRING HomeDirectory
;
2890 UNICODE_STRING FullName
;
2891 UNICODE_STRING ProfilePath
;
2892 UNICODE_STRING HomeDirectoryDrive
;
2893 UNICODE_STRING LogonServer
;
2895 } MSV1_0_INTERACTIVE_PROFILE
, *PMSV1_0_INTERACTIVE_PROFILE
;
2897 typedef struct _MSV1_0_LM20_LOGON
{
2898 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2899 UNICODE_STRING LogonDomainName
;
2900 UNICODE_STRING UserName
;
2901 UNICODE_STRING Workstation
;
2902 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2903 STRING CaseSensitiveChallengeResponse
;
2904 STRING CaseInsensitiveChallengeResponse
;
2905 ULONG ParameterControl
;
2906 } MSV1_0_LM20_LOGON
, * PMSV1_0_LM20_LOGON
;
2908 typedef struct _MSV1_0_SUBAUTH_LOGON
{
2909 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2910 UNICODE_STRING LogonDomainName
;
2911 UNICODE_STRING UserName
;
2912 UNICODE_STRING Workstation
;
2913 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2914 STRING AuthenticationInfo1
;
2915 STRING AuthenticationInfo2
;
2916 ULONG ParameterControl
;
2917 ULONG SubAuthPackageId
;
2918 } MSV1_0_SUBAUTH_LOGON
, * PMSV1_0_SUBAUTH_LOGON
;
2920 #if (_WIN32_WINNT >= 0x0600)
2922 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2924 typedef struct _MSV1_0_S4U_LOGON
{
2925 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2927 UNICODE_STRING UserPrincipalName
;
2928 UNICODE_STRING DomainName
;
2929 } MSV1_0_S4U_LOGON
, *PMSV1_0_S4U_LOGON
;
2933 typedef struct _MSV1_0_LM20_LOGON_PROFILE
{
2934 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2935 LARGE_INTEGER KickOffTime
;
2936 LARGE_INTEGER LogoffTime
;
2938 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
2939 UNICODE_STRING LogonDomainName
;
2940 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
2941 UNICODE_STRING LogonServer
;
2942 UNICODE_STRING UserParameters
;
2943 } MSV1_0_LM20_LOGON_PROFILE
, * PMSV1_0_LM20_LOGON_PROFILE
;
2945 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
2948 UCHAR LmPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2949 UCHAR NtPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2950 } MSV1_0_SUPPLEMENTAL_CREDENTIAL
, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
2952 typedef struct _MSV1_0_NTLM3_RESPONSE
{
2953 UCHAR Response
[MSV1_0_NTLM3_RESPONSE_LENGTH
];
2958 ULONGLONG TimeStamp
;
2959 UCHAR ChallengeFromClient
[MSV1_0_CHALLENGE_LENGTH
];
2962 } MSV1_0_NTLM3_RESPONSE
, *PMSV1_0_NTLM3_RESPONSE
;
2964 typedef enum _MSV1_0_AVID
{
2966 MsvAvNbComputerName
,
2968 MsvAvDnsComputerName
,
2970 #if (_WIN32_WINNT >= 0x0501)
2973 #if (_WIN32_WINNT >= 0x0600)
2977 MsvAvChannelBindings
,
2982 typedef struct _MSV1_0_AV_PAIR
{
2985 } MSV1_0_AV_PAIR
, *PMSV1_0_AV_PAIR
;
2987 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE
{
2988 MsV1_0Lm20ChallengeRequest
= 0,
2989 MsV1_0Lm20GetChallengeResponse
,
2990 MsV1_0EnumerateUsers
,
2993 MsV1_0ChangePassword
,
2994 MsV1_0ChangeCachedPassword
,
2995 MsV1_0GenericPassthrough
,
2998 MsV1_0DeriveCredential
,
3000 #if (_WIN32_WINNT >= 0x0501)
3001 MsV1_0SetProcessOption
,
3003 #if (_WIN32_WINNT >= 0x0600)
3004 MsV1_0ConfigLocalAliases
,
3005 MsV1_0ClearCachedCredentials
,
3007 } MSV1_0_PROTOCOL_MESSAGE_TYPE
, *PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
3009 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST
{
3010 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3011 } MSV1_0_LM20_CHALLENGE_REQUEST
, *PMSV1_0_LM20_CHALLENGE_REQUEST
;
3013 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE
{
3014 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3015 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3016 } MSV1_0_LM20_CHALLENGE_RESPONSE
, *PMSV1_0_LM20_CHALLENGE_RESPONSE
;
3018 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1
{
3019 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3020 ULONG ParameterControl
;
3022 UNICODE_STRING Password
;
3023 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3024 } MSV1_0_GETCHALLENRESP_REQUEST_V1
, *PMSV1_0_GETCHALLENRESP_REQUEST_V1
;
3026 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST
{
3027 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3028 ULONG ParameterControl
;
3030 UNICODE_STRING Password
;
3031 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3032 UNICODE_STRING UserName
;
3033 UNICODE_STRING LogonDomainName
;
3034 UNICODE_STRING ServerName
;
3035 } MSV1_0_GETCHALLENRESP_REQUEST
, *PMSV1_0_GETCHALLENRESP_REQUEST
;
3037 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE
{
3038 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3039 STRING CaseSensitiveChallengeResponse
;
3040 STRING CaseInsensitiveChallengeResponse
;
3041 UNICODE_STRING UserName
;
3042 UNICODE_STRING LogonDomainName
;
3043 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
3044 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
3045 } MSV1_0_GETCHALLENRESP_RESPONSE
, *PMSV1_0_GETCHALLENRESP_RESPONSE
;
3047 typedef struct _MSV1_0_ENUMUSERS_REQUEST
{
3048 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3049 } MSV1_0_ENUMUSERS_REQUEST
, *PMSV1_0_ENUMUSERS_REQUEST
;
3051 typedef struct _MSV1_0_ENUMUSERS_RESPONSE
{
3052 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3053 ULONG NumberOfLoggedOnUsers
;
3056 } MSV1_0_ENUMUSERS_RESPONSE
, *PMSV1_0_ENUMUSERS_RESPONSE
;
3058 typedef struct _MSV1_0_GETUSERINFO_REQUEST
{
3059 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3061 } MSV1_0_GETUSERINFO_REQUEST
, *PMSV1_0_GETUSERINFO_REQUEST
;
3063 typedef struct _MSV1_0_GETUSERINFO_RESPONSE
{
3064 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3066 UNICODE_STRING UserName
;
3067 UNICODE_STRING LogonDomainName
;
3068 UNICODE_STRING LogonServer
;
3069 SECURITY_LOGON_TYPE LogonType
;
3070 } MSV1_0_GETUSERINFO_RESPONSE
, *PMSV1_0_GETUSERINFO_RESPONSE
;
3074 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
3075 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
3076 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
3078 /* also in winnt.h */
3079 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
3080 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
3081 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
3082 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
3083 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
3084 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
3085 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
3086 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
3087 #define FILE_NOTIFY_CHANGE_EA 0x00000080
3088 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
3089 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
3090 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
3091 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
3092 #define FILE_NOTIFY_VALID_MASK 0x00000fff
3094 #define FILE_ACTION_ADDED 0x00000001
3095 #define FILE_ACTION_REMOVED 0x00000002
3096 #define FILE_ACTION_MODIFIED 0x00000003
3097 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
3098 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
3099 #define FILE_ACTION_ADDED_STREAM 0x00000006
3100 #define FILE_ACTION_REMOVED_STREAM 0x00000007
3101 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
3102 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
3103 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
3104 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
3107 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
3108 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
3110 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3111 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3113 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3114 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3115 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
3117 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
3118 #define FILE_PIPE_MESSAGE_MODE 0x00000001
3120 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
3121 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
3123 #define FILE_PIPE_INBOUND 0x00000000
3124 #define FILE_PIPE_OUTBOUND 0x00000001
3125 #define FILE_PIPE_FULL_DUPLEX 0x00000002
3127 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
3128 #define FILE_PIPE_LISTENING_STATE 0x00000002
3129 #define FILE_PIPE_CONNECTED_STATE 0x00000003
3130 #define FILE_PIPE_CLOSING_STATE 0x00000004
3132 #define FILE_PIPE_CLIENT_END 0x00000000
3133 #define FILE_PIPE_SERVER_END 0x00000001
3135 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
3136 #define FILE_CASE_PRESERVED_NAMES 0x00000002
3137 #define FILE_UNICODE_ON_DISK 0x00000004
3138 #define FILE_PERSISTENT_ACLS 0x00000008
3139 #define FILE_FILE_COMPRESSION 0x00000010
3140 #define FILE_VOLUME_QUOTAS 0x00000020
3141 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
3142 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
3143 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
3144 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
3145 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
3146 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
3147 #define FILE_NAMED_STREAMS 0x00040000
3148 #define FILE_READ_ONLY_VOLUME 0x00080000
3149 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
3150 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
3151 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
3152 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
3153 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
3154 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
3156 #define FILE_NEED_EA 0x00000080
3158 #define FILE_EA_TYPE_BINARY 0xfffe
3159 #define FILE_EA_TYPE_ASCII 0xfffd
3160 #define FILE_EA_TYPE_BITMAP 0xfffb
3161 #define FILE_EA_TYPE_METAFILE 0xfffa
3162 #define FILE_EA_TYPE_ICON 0xfff9
3163 #define FILE_EA_TYPE_EA 0xffee
3164 #define FILE_EA_TYPE_MVMT 0xffdf
3165 #define FILE_EA_TYPE_MVST 0xffde
3166 #define FILE_EA_TYPE_ASN1 0xffdd
3167 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3169 typedef struct _FILE_NOTIFY_INFORMATION
{
3170 ULONG NextEntryOffset
;
3172 ULONG FileNameLength
;
3174 } FILE_NOTIFY_INFORMATION
, *PFILE_NOTIFY_INFORMATION
;
3176 typedef struct _FILE_DIRECTORY_INFORMATION
{
3177 ULONG NextEntryOffset
;
3179 LARGE_INTEGER CreationTime
;
3180 LARGE_INTEGER LastAccessTime
;
3181 LARGE_INTEGER LastWriteTime
;
3182 LARGE_INTEGER ChangeTime
;
3183 LARGE_INTEGER EndOfFile
;
3184 LARGE_INTEGER AllocationSize
;
3185 ULONG FileAttributes
;
3186 ULONG FileNameLength
;
3188 } FILE_DIRECTORY_INFORMATION
, *PFILE_DIRECTORY_INFORMATION
;
3190 typedef struct _FILE_FULL_DIR_INFORMATION
{
3191 ULONG NextEntryOffset
;
3193 LARGE_INTEGER CreationTime
;
3194 LARGE_INTEGER LastAccessTime
;
3195 LARGE_INTEGER LastWriteTime
;
3196 LARGE_INTEGER ChangeTime
;
3197 LARGE_INTEGER EndOfFile
;
3198 LARGE_INTEGER AllocationSize
;
3199 ULONG FileAttributes
;
3200 ULONG FileNameLength
;
3203 } FILE_FULL_DIR_INFORMATION
, *PFILE_FULL_DIR_INFORMATION
;
3205 typedef struct _FILE_ID_FULL_DIR_INFORMATION
{
3206 ULONG NextEntryOffset
;
3208 LARGE_INTEGER CreationTime
;
3209 LARGE_INTEGER LastAccessTime
;
3210 LARGE_INTEGER LastWriteTime
;
3211 LARGE_INTEGER ChangeTime
;
3212 LARGE_INTEGER EndOfFile
;
3213 LARGE_INTEGER AllocationSize
;
3214 ULONG FileAttributes
;
3215 ULONG FileNameLength
;
3217 LARGE_INTEGER FileId
;
3219 } FILE_ID_FULL_DIR_INFORMATION
, *PFILE_ID_FULL_DIR_INFORMATION
;
3221 typedef struct _FILE_BOTH_DIR_INFORMATION
{
3222 ULONG NextEntryOffset
;
3224 LARGE_INTEGER CreationTime
;
3225 LARGE_INTEGER LastAccessTime
;
3226 LARGE_INTEGER LastWriteTime
;
3227 LARGE_INTEGER ChangeTime
;
3228 LARGE_INTEGER EndOfFile
;
3229 LARGE_INTEGER AllocationSize
;
3230 ULONG FileAttributes
;
3231 ULONG FileNameLength
;
3233 CCHAR ShortNameLength
;
3234 WCHAR ShortName
[12];
3236 } FILE_BOTH_DIR_INFORMATION
, *PFILE_BOTH_DIR_INFORMATION
;
3238 typedef struct _FILE_ID_BOTH_DIR_INFORMATION
{
3239 ULONG NextEntryOffset
;
3241 LARGE_INTEGER CreationTime
;
3242 LARGE_INTEGER LastAccessTime
;
3243 LARGE_INTEGER LastWriteTime
;
3244 LARGE_INTEGER ChangeTime
;
3245 LARGE_INTEGER EndOfFile
;
3246 LARGE_INTEGER AllocationSize
;
3247 ULONG FileAttributes
;
3248 ULONG FileNameLength
;
3250 CCHAR ShortNameLength
;
3251 WCHAR ShortName
[12];
3252 LARGE_INTEGER FileId
;
3254 } FILE_ID_BOTH_DIR_INFORMATION
, *PFILE_ID_BOTH_DIR_INFORMATION
;
3256 typedef struct _FILE_NAMES_INFORMATION
{
3257 ULONG NextEntryOffset
;
3259 ULONG FileNameLength
;
3261 } FILE_NAMES_INFORMATION
, *PFILE_NAMES_INFORMATION
;
3263 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION
{
3264 ULONG NextEntryOffset
;
3266 LARGE_INTEGER CreationTime
;
3267 LARGE_INTEGER LastAccessTime
;
3268 LARGE_INTEGER LastWriteTime
;
3269 LARGE_INTEGER ChangeTime
;
3270 LARGE_INTEGER EndOfFile
;
3271 LARGE_INTEGER AllocationSize
;
3272 ULONG FileAttributes
;
3273 ULONG FileNameLength
;
3274 LARGE_INTEGER FileId
;
3275 GUID LockingTransactionId
;
3278 } FILE_ID_GLOBAL_TX_DIR_INFORMATION
, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION
;
3280 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3281 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3282 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3284 typedef struct _FILE_OBJECTID_INFORMATION
{
3285 LONGLONG FileReference
;
3287 _ANONYMOUS_UNION
union {
3288 _ANONYMOUS_STRUCT
struct {
3289 UCHAR BirthVolumeId
[16];
3290 UCHAR BirthObjectId
[16];
3293 UCHAR ExtendedInfo
[48];
3295 } FILE_OBJECTID_INFORMATION
, *PFILE_OBJECTID_INFORMATION
;
3297 #define ANSI_DOS_STAR ('<')
3298 #define ANSI_DOS_QM ('>')
3299 #define ANSI_DOS_DOT ('"')
3301 #define DOS_STAR (L'<')
3302 #define DOS_QM (L'>')
3303 #define DOS_DOT (L'"')
3305 typedef struct _FILE_INTERNAL_INFORMATION
{
3306 LARGE_INTEGER IndexNumber
;
3307 } FILE_INTERNAL_INFORMATION
, *PFILE_INTERNAL_INFORMATION
;
3309 typedef struct _FILE_EA_INFORMATION
{
3311 } FILE_EA_INFORMATION
, *PFILE_EA_INFORMATION
;
3313 typedef struct _FILE_ACCESS_INFORMATION
{
3314 ACCESS_MASK AccessFlags
;
3315 } FILE_ACCESS_INFORMATION
, *PFILE_ACCESS_INFORMATION
;
3317 typedef struct _FILE_MODE_INFORMATION
{
3319 } FILE_MODE_INFORMATION
, *PFILE_MODE_INFORMATION
;
3321 typedef struct _FILE_ALL_INFORMATION
{
3322 FILE_BASIC_INFORMATION BasicInformation
;
3323 FILE_STANDARD_INFORMATION StandardInformation
;
3324 FILE_INTERNAL_INFORMATION InternalInformation
;
3325 FILE_EA_INFORMATION EaInformation
;
3326 FILE_ACCESS_INFORMATION AccessInformation
;
3327 FILE_POSITION_INFORMATION PositionInformation
;
3328 FILE_MODE_INFORMATION ModeInformation
;
3329 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
3330 FILE_NAME_INFORMATION NameInformation
;
3331 } FILE_ALL_INFORMATION
, *PFILE_ALL_INFORMATION
;
3333 typedef struct _FILE_ALLOCATION_INFORMATION
{
3334 LARGE_INTEGER AllocationSize
;
3335 } FILE_ALLOCATION_INFORMATION
, *PFILE_ALLOCATION_INFORMATION
;
3337 typedef struct _FILE_COMPRESSION_INFORMATION
{
3338 LARGE_INTEGER CompressedFileSize
;
3339 USHORT CompressionFormat
;
3340 UCHAR CompressionUnitShift
;
3344 } FILE_COMPRESSION_INFORMATION
, *PFILE_COMPRESSION_INFORMATION
;
3346 typedef struct _FILE_LINK_INFORMATION
{
3347 BOOLEAN ReplaceIfExists
;
3348 HANDLE RootDirectory
;
3349 ULONG FileNameLength
;
3351 } FILE_LINK_INFORMATION
, *PFILE_LINK_INFORMATION
;
3353 typedef struct _FILE_MOVE_CLUSTER_INFORMATION
{
3355 HANDLE RootDirectory
;
3356 ULONG FileNameLength
;
3358 } FILE_MOVE_CLUSTER_INFORMATION
, *PFILE_MOVE_CLUSTER_INFORMATION
;
3360 typedef struct _FILE_RENAME_INFORMATION
{
3361 BOOLEAN ReplaceIfExists
;
3362 HANDLE RootDirectory
;
3363 ULONG FileNameLength
;
3365 } FILE_RENAME_INFORMATION
, *PFILE_RENAME_INFORMATION
;
3367 typedef struct _FILE_STREAM_INFORMATION
{
3368 ULONG NextEntryOffset
;
3369 ULONG StreamNameLength
;
3370 LARGE_INTEGER StreamSize
;
3371 LARGE_INTEGER StreamAllocationSize
;
3372 WCHAR StreamName
[1];
3373 } FILE_STREAM_INFORMATION
, *PFILE_STREAM_INFORMATION
;
3375 typedef struct _FILE_TRACKING_INFORMATION
{
3376 HANDLE DestinationFile
;
3377 ULONG ObjectInformationLength
;
3378 CHAR ObjectInformation
[1];
3379 } FILE_TRACKING_INFORMATION
, *PFILE_TRACKING_INFORMATION
;
3381 typedef struct _FILE_COMPLETION_INFORMATION
{
3384 } FILE_COMPLETION_INFORMATION
, *PFILE_COMPLETION_INFORMATION
;
3386 typedef struct _FILE_PIPE_INFORMATION
{
3388 ULONG CompletionMode
;
3389 } FILE_PIPE_INFORMATION
, *PFILE_PIPE_INFORMATION
;
3391 typedef struct _FILE_PIPE_LOCAL_INFORMATION
{
3392 ULONG NamedPipeType
;
3393 ULONG NamedPipeConfiguration
;
3394 ULONG MaximumInstances
;
3395 ULONG CurrentInstances
;
3397 ULONG ReadDataAvailable
;
3398 ULONG OutboundQuota
;
3399 ULONG WriteQuotaAvailable
;
3400 ULONG NamedPipeState
;
3402 } FILE_PIPE_LOCAL_INFORMATION
, *PFILE_PIPE_LOCAL_INFORMATION
;
3404 typedef struct _FILE_PIPE_REMOTE_INFORMATION
{
3405 LARGE_INTEGER CollectDataTime
;
3406 ULONG MaximumCollectionCount
;
3407 } FILE_PIPE_REMOTE_INFORMATION
, *PFILE_PIPE_REMOTE_INFORMATION
;
3409 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION
{
3410 ULONG MaximumMessageSize
;
3411 ULONG MailslotQuota
;
3412 ULONG NextMessageSize
;
3413 ULONG MessagesAvailable
;
3414 LARGE_INTEGER ReadTimeout
;
3415 } FILE_MAILSLOT_QUERY_INFORMATION
, *PFILE_MAILSLOT_QUERY_INFORMATION
;
3417 typedef struct _FILE_MAILSLOT_SET_INFORMATION
{
3418 PLARGE_INTEGER ReadTimeout
;
3419 } FILE_MAILSLOT_SET_INFORMATION
, *PFILE_MAILSLOT_SET_INFORMATION
;
3421 typedef struct _FILE_REPARSE_POINT_INFORMATION
{
3422 LONGLONG FileReference
;
3424 } FILE_REPARSE_POINT_INFORMATION
, *PFILE_REPARSE_POINT_INFORMATION
;
3426 typedef struct _FILE_LINK_ENTRY_INFORMATION
{
3427 ULONG NextEntryOffset
;
3428 LONGLONG ParentFileId
;
3429 ULONG FileNameLength
;
3431 } FILE_LINK_ENTRY_INFORMATION
, *PFILE_LINK_ENTRY_INFORMATION
;
3433 typedef struct _FILE_LINKS_INFORMATION
{
3435 ULONG EntriesReturned
;
3436 FILE_LINK_ENTRY_INFORMATION Entry
;
3437 } FILE_LINKS_INFORMATION
, *PFILE_LINKS_INFORMATION
;
3439 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION
{
3440 ULONG FileNameLength
;
3442 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION
, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION
;
3444 typedef struct _FILE_STANDARD_LINK_INFORMATION
{
3445 ULONG NumberOfAccessibleLinks
;
3446 ULONG TotalNumberOfLinks
;
3447 BOOLEAN DeletePending
;
3449 } FILE_STANDARD_LINK_INFORMATION
, *PFILE_STANDARD_LINK_INFORMATION
;
3451 typedef struct _FILE_GET_EA_INFORMATION
{
3452 ULONG NextEntryOffset
;
3455 } FILE_GET_EA_INFORMATION
, *PFILE_GET_EA_INFORMATION
;
3457 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3458 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3460 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION
{
3461 USHORT StructureVersion
;
3462 USHORT StructureSize
;
3464 USHORT ProtocolMajorVersion
;
3465 USHORT ProtocolMinorVersion
;
3466 USHORT ProtocolRevision
;
3474 } ProtocolSpecificReserved
;
3475 } FILE_REMOTE_PROTOCOL_INFORMATION
, *PFILE_REMOTE_PROTOCOL_INFORMATION
;
3477 typedef struct _FILE_GET_QUOTA_INFORMATION
{
3478 ULONG NextEntryOffset
;
3481 } FILE_GET_QUOTA_INFORMATION
, *PFILE_GET_QUOTA_INFORMATION
;
3483 typedef struct _FILE_QUOTA_INFORMATION
{
3484 ULONG NextEntryOffset
;
3486 LARGE_INTEGER ChangeTime
;
3487 LARGE_INTEGER QuotaUsed
;
3488 LARGE_INTEGER QuotaThreshold
;
3489 LARGE_INTEGER QuotaLimit
;
3491 } FILE_QUOTA_INFORMATION
, *PFILE_QUOTA_INFORMATION
;
3493 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION
{
3494 ULONG FileSystemAttributes
;
3495 ULONG MaximumComponentNameLength
;
3496 ULONG FileSystemNameLength
;
3497 WCHAR FileSystemName
[1];
3498 } FILE_FS_ATTRIBUTE_INFORMATION
, *PFILE_FS_ATTRIBUTE_INFORMATION
;
3500 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION
{
3501 BOOLEAN DriverInPath
;
3502 ULONG DriverNameLength
;
3503 WCHAR DriverName
[1];
3504 } FILE_FS_DRIVER_PATH_INFORMATION
, *PFILE_FS_DRIVER_PATH_INFORMATION
;
3506 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION
{
3508 } FILE_FS_VOLUME_FLAGS_INFORMATION
, *PFILE_FS_VOLUME_FLAGS_INFORMATION
;
3510 #define FILE_VC_QUOTA_NONE 0x00000000
3511 #define FILE_VC_QUOTA_TRACK 0x00000001
3512 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3513 #define FILE_VC_QUOTA_MASK 0x00000003
3514 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3515 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3516 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3517 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3518 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3519 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3520 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3521 #define FILE_VC_VALID_MASK 0x000003ff
3523 typedef struct _FILE_FS_CONTROL_INFORMATION
{
3524 LARGE_INTEGER FreeSpaceStartFiltering
;
3525 LARGE_INTEGER FreeSpaceThreshold
;
3526 LARGE_INTEGER FreeSpaceStopFiltering
;
3527 LARGE_INTEGER DefaultQuotaThreshold
;
3528 LARGE_INTEGER DefaultQuotaLimit
;
3529 ULONG FileSystemControlFlags
;
3530 } FILE_FS_CONTROL_INFORMATION
, *PFILE_FS_CONTROL_INFORMATION
;
3532 #ifndef _FILESYSTEMFSCTL_
3533 #define _FILESYSTEMFSCTL_
3535 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3536 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3537 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3538 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3539 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3540 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3541 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3542 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3543 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3544 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3545 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3546 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3547 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3548 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3549 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3550 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3552 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3553 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3554 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3555 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3556 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3558 #if (_WIN32_WINNT >= 0x0400)
3560 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3561 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3562 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3563 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3564 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3565 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3566 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3570 #if (_WIN32_WINNT >= 0x0500)
3572 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3573 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3574 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3575 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3576 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3577 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3578 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3579 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_ANY_ACCESS)
3580 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3581 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_ANY_ACCESS)
3582 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3583 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3584 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3585 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3586 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3587 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3588 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_NEITHER, FILE_ANY_ACCESS)
3589 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3590 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_SPECIAL_ACCESS)
3591 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_SPECIAL_ACCESS)
3592 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_ANY_ACCESS)
3593 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_ANY_ACCESS)
3594 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_ANY_ACCESS)
3595 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3596 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3597 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3598 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3599 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3600 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3601 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3602 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3603 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3607 #if (_WIN32_WINNT >= 0x0600)
3609 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3610 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3611 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3612 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3613 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3614 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3615 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3616 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3617 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3618 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3619 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3620 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3621 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3622 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3623 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3624 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3625 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3626 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3627 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3628 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3629 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3630 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3631 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3632 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3633 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3634 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3635 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3636 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3637 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3638 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3639 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3640 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3641 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3642 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3646 #if (_WIN32_WINNT >= 0x0601)
3648 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3649 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3650 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3651 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3652 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3653 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3654 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3655 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3656 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3657 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3658 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3659 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3660 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3661 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3662 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3663 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3664 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3665 #define FSCTL_CSV_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 155, METHOD_BUFFERED, FILE_ANY_ACCESS)
3667 typedef struct _CSV_NAMESPACE_INFO
{
3670 LARGE_INTEGER StartingOffset
;
3672 } CSV_NAMESPACE_INFO
, *PCSV_NAMESPACE_INFO
;
3674 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3675 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3679 #if (_WIN32_WINNT >= 0x0602)
3681 #define FSCTL_FILE_LEVEL_TRIM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 130, METHOD_BUFFERED, FILE_WRITE_DATA)
3682 #define FSCTL_CORRUPTION_HANDLING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 152, METHOD_BUFFERED, FILE_ANY_ACCESS)
3683 #define FSCTL_OFFLOAD_READ CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 153, METHOD_BUFFERED, FILE_READ_ACCESS)
3684 #define FSCTL_OFFLOAD_WRITE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 154, METHOD_BUFFERED, FILE_WRITE_ACCESS)
3685 #define FSCTL_SET_PURGE_FAILURE_MODE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 156, METHOD_BUFFERED, FILE_ANY_ACCESS)
3686 #define FSCTL_QUERY_FILE_LAYOUT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 157, METHOD_NEITHER, FILE_ANY_ACCESS)
3687 #define FSCTL_IS_VOLUME_OWNED_BYCSVFS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 158, METHOD_BUFFERED, FILE_ANY_ACCESS)
3688 #define FSCTL_GET_INTEGRITY_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 159, METHOD_BUFFERED, FILE_ANY_ACCESS)
3689 #define FSCTL_SET_INTEGRITY_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 160, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3690 #define FSCTL_QUERY_FILE_REGIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 161, METHOD_BUFFERED, FILE_ANY_ACCESS)
3691 #define FSCTL_DEDUP_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 165, METHOD_BUFFERED, FILE_ANY_ACCESS)
3692 #define FSCTL_DEDUP_QUERY_FILE_HASHES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 166, METHOD_NEITHER, FILE_READ_DATA)
3693 #define FSCTL_RKF_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 171, METHOD_NEITHER, FILE_ANY_ACCESS)
3694 #define FSCTL_SCRUB_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 172, METHOD_BUFFERED, FILE_ANY_ACCESS)
3695 #define FSCTL_REPAIR_COPIES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 173, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3696 #define FSCTL_DISABLE_LOCAL_BUFFERING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 174, METHOD_BUFFERED, FILE_ANY_ACCESS)
3697 #define FSCTL_CSV_MGMT_LOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 175, METHOD_BUFFERED, FILE_ANY_ACCESS)
3698 #define FSCTL_CSV_QUERY_DOWN_LEVEL_FILE_SYSTEM_CHARACTERISTICS \
3699 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 176, METHOD_BUFFERED, FILE_ANY_ACCESS)
3700 #define FSCTL_ADVANCE_FILE_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 177, METHOD_BUFFERED, FILE_ANY_ACCESS)
3701 #define FSCTL_CSV_SYNC_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 178, METHOD_BUFFERED, FILE_ANY_ACCESS)
3702 #define FSCTL_CSV_QUERY_VETO_FILE_DIRECT_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 179, METHOD_BUFFERED, FILE_ANY_ACCESS)
3703 #define FSCTL_WRITE_USN_REASON CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 180, METHOD_BUFFERED, FILE_ANY_ACCESS)
3704 #define FSCTL_CSV_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 181, METHOD_BUFFERED, FILE_ANY_ACCESS)
3705 #define FSCTL_GET_REFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 182, METHOD_BUFFERED, FILE_ANY_ACCESS)
3709 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3711 typedef struct _PATHNAME_BUFFER
{
3712 ULONG PathNameLength
;
3714 } PATHNAME_BUFFER
, *PPATHNAME_BUFFER
;
3716 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER
{
3717 UCHAR First0x24BytesOfBootSector
[0x24];
3718 } FSCTL_QUERY_FAT_BPB_BUFFER
, *PFSCTL_QUERY_FAT_BPB_BUFFER
;
3720 #if (_WIN32_WINNT >= 0x0400)
3722 typedef struct _NTFS_VOLUME_DATA_BUFFER
{
3723 LARGE_INTEGER VolumeSerialNumber
;
3724 LARGE_INTEGER NumberSectors
;
3725 LARGE_INTEGER TotalClusters
;
3726 LARGE_INTEGER FreeClusters
;
3727 LARGE_INTEGER TotalReserved
;
3728 ULONG BytesPerSector
;
3729 ULONG BytesPerCluster
;
3730 ULONG BytesPerFileRecordSegment
;
3731 ULONG ClustersPerFileRecordSegment
;
3732 LARGE_INTEGER MftValidDataLength
;
3733 LARGE_INTEGER MftStartLcn
;
3734 LARGE_INTEGER Mft2StartLcn
;
3735 LARGE_INTEGER MftZoneStart
;
3736 LARGE_INTEGER MftZoneEnd
;
3737 } NTFS_VOLUME_DATA_BUFFER
, *PNTFS_VOLUME_DATA_BUFFER
;
3739 typedef struct _NTFS_EXTENDED_VOLUME_DATA
{
3741 USHORT MajorVersion
;
3742 USHORT MinorVersion
;
3743 } NTFS_EXTENDED_VOLUME_DATA
, *PNTFS_EXTENDED_VOLUME_DATA
;
3745 typedef struct _STARTING_LCN_INPUT_BUFFER
{
3746 LARGE_INTEGER StartingLcn
;
3747 } STARTING_LCN_INPUT_BUFFER
, *PSTARTING_LCN_INPUT_BUFFER
;
3749 typedef struct _VOLUME_BITMAP_BUFFER
{
3750 LARGE_INTEGER StartingLcn
;
3751 LARGE_INTEGER BitmapSize
;
3753 } VOLUME_BITMAP_BUFFER
, *PVOLUME_BITMAP_BUFFER
;
3755 typedef struct _STARTING_VCN_INPUT_BUFFER
{
3756 LARGE_INTEGER StartingVcn
;
3757 } STARTING_VCN_INPUT_BUFFER
, *PSTARTING_VCN_INPUT_BUFFER
;
3759 typedef struct _RETRIEVAL_POINTERS_BUFFER
{
3761 LARGE_INTEGER StartingVcn
;
3763 LARGE_INTEGER NextVcn
;
3766 } RETRIEVAL_POINTERS_BUFFER
, *PRETRIEVAL_POINTERS_BUFFER
;
3768 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER
{
3769 LARGE_INTEGER FileReferenceNumber
;
3770 } NTFS_FILE_RECORD_INPUT_BUFFER
, *PNTFS_FILE_RECORD_INPUT_BUFFER
;
3772 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER
{
3773 LARGE_INTEGER FileReferenceNumber
;
3774 ULONG FileRecordLength
;
3775 UCHAR FileRecordBuffer
[1];
3776 } NTFS_FILE_RECORD_OUTPUT_BUFFER
, *PNTFS_FILE_RECORD_OUTPUT_BUFFER
;
3778 typedef struct _MOVE_FILE_DATA
{
3780 LARGE_INTEGER StartingVcn
;
3781 LARGE_INTEGER StartingLcn
;
3783 } MOVE_FILE_DATA
, *PMOVE_FILE_DATA
;
3785 typedef struct _MOVE_FILE_RECORD_DATA
{
3787 LARGE_INTEGER SourceFileRecord
;
3788 LARGE_INTEGER TargetFileRecord
;
3789 } MOVE_FILE_RECORD_DATA
, *PMOVE_FILE_RECORD_DATA
;
3792 typedef struct _MOVE_FILE_DATA32
{
3794 LARGE_INTEGER StartingVcn
;
3795 LARGE_INTEGER StartingLcn
;
3797 } MOVE_FILE_DATA32
, *PMOVE_FILE_DATA32
;
3800 #endif /* (_WIN32_WINNT >= 0x0400) */
3802 #if (_WIN32_WINNT >= 0x0500)
3804 typedef struct _FIND_BY_SID_DATA
{
3807 } FIND_BY_SID_DATA
, *PFIND_BY_SID_DATA
;
3809 typedef struct _FIND_BY_SID_OUTPUT
{
3810 ULONG NextEntryOffset
;
3812 ULONG FileNameLength
;
3814 } FIND_BY_SID_OUTPUT
, *PFIND_BY_SID_OUTPUT
;
3816 typedef struct _MFT_ENUM_DATA
{
3817 ULONGLONG StartFileReferenceNumber
;
3820 } MFT_ENUM_DATA
, *PMFT_ENUM_DATA
;
3822 typedef struct _CREATE_USN_JOURNAL_DATA
{
3823 ULONGLONG MaximumSize
;
3824 ULONGLONG AllocationDelta
;
3825 } CREATE_USN_JOURNAL_DATA
, *PCREATE_USN_JOURNAL_DATA
;
3827 typedef struct _READ_USN_JOURNAL_DATA
{
3830 ULONG ReturnOnlyOnClose
;
3832 ULONGLONG BytesToWaitFor
;
3833 ULONGLONG UsnJournalID
;
3834 } READ_USN_JOURNAL_DATA
, *PREAD_USN_JOURNAL_DATA
;
3836 typedef struct _USN_RECORD
{
3838 USHORT MajorVersion
;
3839 USHORT MinorVersion
;
3840 ULONGLONG FileReferenceNumber
;
3841 ULONGLONG ParentFileReferenceNumber
;
3843 LARGE_INTEGER TimeStamp
;
3847 ULONG FileAttributes
;
3848 USHORT FileNameLength
;
3849 USHORT FileNameOffset
;
3851 } USN_RECORD
, *PUSN_RECORD
;
3853 #define USN_PAGE_SIZE (0x1000)
3855 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3856 #define USN_REASON_DATA_EXTEND (0x00000002)
3857 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3858 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3859 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3860 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3861 #define USN_REASON_FILE_CREATE (0x00000100)
3862 #define USN_REASON_FILE_DELETE (0x00000200)
3863 #define USN_REASON_EA_CHANGE (0x00000400)
3864 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3865 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3866 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3867 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3868 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3869 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3870 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3871 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3872 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3873 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3874 #define USN_REASON_STREAM_CHANGE (0x00200000)
3875 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3876 #define USN_REASON_CLOSE (0x80000000)
3878 typedef struct _USN_JOURNAL_DATA
{
3879 ULONGLONG UsnJournalID
;
3884 ULONGLONG MaximumSize
;
3885 ULONGLONG AllocationDelta
;
3886 } USN_JOURNAL_DATA
, *PUSN_JOURNAL_DATA
;
3888 typedef struct _DELETE_USN_JOURNAL_DATA
{
3889 ULONGLONG UsnJournalID
;
3891 } DELETE_USN_JOURNAL_DATA
, *PDELETE_USN_JOURNAL_DATA
;
3893 #define USN_DELETE_FLAG_DELETE (0x00000001)
3894 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3895 #define USN_DELETE_VALID_FLAGS (0x00000003)
3897 typedef struct _MARK_HANDLE_INFO
{
3898 ULONG UsnSourceInfo
;
3899 HANDLE VolumeHandle
;
3901 } MARK_HANDLE_INFO
, *PMARK_HANDLE_INFO
;
3904 typedef struct _MARK_HANDLE_INFO32
{
3905 ULONG UsnSourceInfo
;
3906 UINT32 VolumeHandle
;
3908 } MARK_HANDLE_INFO32
, *PMARK_HANDLE_INFO32
;
3911 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3912 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3913 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3915 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3916 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3917 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3919 typedef struct _BULK_SECURITY_TEST_DATA
{
3920 ACCESS_MASK DesiredAccess
;
3921 ULONG SecurityIds
[1];
3922 } BULK_SECURITY_TEST_DATA
, *PBULK_SECURITY_TEST_DATA
;
3924 #define VOLUME_IS_DIRTY (0x00000001)
3925 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3926 #define VOLUME_SESSION_OPEN (0x00000004)
3928 typedef struct _FILE_PREFETCH
{
3931 ULONGLONG Prefetch
[1];
3932 } FILE_PREFETCH
, *PFILE_PREFETCH
;
3934 typedef struct _FILE_PREFETCH_EX
{
3938 ULONGLONG Prefetch
[1];
3939 } FILE_PREFETCH_EX
, *PFILE_PREFETCH_EX
;
3941 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3942 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3943 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3944 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3946 #define FILE_PREFETCH_TYPE_MAX 0x4
3948 typedef struct _FILE_OBJECTID_BUFFER
{
3950 _ANONYMOUS_UNION
union {
3951 _ANONYMOUS_STRUCT
struct {
3952 UCHAR BirthVolumeId
[16];
3953 UCHAR BirthObjectId
[16];
3956 UCHAR ExtendedInfo
[48];
3958 } FILE_OBJECTID_BUFFER
, *PFILE_OBJECTID_BUFFER
;
3960 typedef struct _FILE_SET_SPARSE_BUFFER
{
3962 } FILE_SET_SPARSE_BUFFER
, *PFILE_SET_SPARSE_BUFFER
;
3964 typedef struct _FILE_ZERO_DATA_INFORMATION
{
3965 LARGE_INTEGER FileOffset
;
3966 LARGE_INTEGER BeyondFinalZero
;
3967 } FILE_ZERO_DATA_INFORMATION
, *PFILE_ZERO_DATA_INFORMATION
;
3969 typedef struct _FILE_ALLOCATED_RANGE_BUFFER
{
3970 LARGE_INTEGER FileOffset
;
3971 LARGE_INTEGER Length
;
3972 } FILE_ALLOCATED_RANGE_BUFFER
, *PFILE_ALLOCATED_RANGE_BUFFER
;
3974 typedef struct _ENCRYPTION_BUFFER
{
3975 ULONG EncryptionOperation
;
3977 } ENCRYPTION_BUFFER
, *PENCRYPTION_BUFFER
;
3979 #define FILE_SET_ENCRYPTION 0x00000001
3980 #define FILE_CLEAR_ENCRYPTION 0x00000002
3981 #define STREAM_SET_ENCRYPTION 0x00000003
3982 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3984 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3986 typedef struct _DECRYPTION_STATUS_BUFFER
{
3987 BOOLEAN NoEncryptedStreams
;
3988 } DECRYPTION_STATUS_BUFFER
, *PDECRYPTION_STATUS_BUFFER
;
3990 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3992 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3994 typedef struct _REQUEST_RAW_ENCRYPTED_DATA
{
3995 LONGLONG FileOffset
;
3997 } REQUEST_RAW_ENCRYPTED_DATA
, *PREQUEST_RAW_ENCRYPTED_DATA
;
3999 typedef struct _ENCRYPTED_DATA_INFO
{
4000 ULONGLONG StartingFileOffset
;
4001 ULONG OutputBufferOffset
;
4002 ULONG BytesWithinFileSize
;
4003 ULONG BytesWithinValidDataLength
;
4004 USHORT CompressionFormat
;
4005 UCHAR DataUnitShift
;
4008 UCHAR EncryptionFormat
;
4009 USHORT NumberOfDataBlocks
;
4010 ULONG DataBlockSize
[ANYSIZE_ARRAY
];
4011 } ENCRYPTED_DATA_INFO
, *PENCRYPTED_DATA_INFO
;
4013 typedef struct _PLEX_READ_DATA_REQUEST
{
4014 LARGE_INTEGER ByteOffset
;
4017 } PLEX_READ_DATA_REQUEST
, *PPLEX_READ_DATA_REQUEST
;
4019 typedef struct _SI_COPYFILE
{
4020 ULONG SourceFileNameLength
;
4021 ULONG DestinationFileNameLength
;
4023 WCHAR FileNameBuffer
[1];
4024 } SI_COPYFILE
, *PSI_COPYFILE
;
4026 #define COPYFILE_SIS_LINK 0x0001
4027 #define COPYFILE_SIS_REPLACE 0x0002
4028 #define COPYFILE_SIS_FLAGS 0x0003
4030 #endif /* (_WIN32_WINNT >= 0x0500) */
4032 #if (_WIN32_WINNT >= 0x0600)
4034 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER
{
4036 } FILE_MAKE_COMPATIBLE_BUFFER
, *PFILE_MAKE_COMPATIBLE_BUFFER
;
4038 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER
{
4040 } FILE_SET_DEFECT_MGMT_BUFFER
, *PFILE_SET_DEFECT_MGMT_BUFFER
;
4042 typedef struct _FILE_QUERY_SPARING_BUFFER
{
4043 ULONG SparingUnitBytes
;
4044 BOOLEAN SoftwareSparing
;
4045 ULONG TotalSpareBlocks
;
4046 ULONG FreeSpareBlocks
;
4047 } FILE_QUERY_SPARING_BUFFER
, *PFILE_QUERY_SPARING_BUFFER
;
4049 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
{
4050 LARGE_INTEGER DirectoryCount
;
4051 LARGE_INTEGER FileCount
;
4052 USHORT FsFormatMajVersion
;
4053 USHORT FsFormatMinVersion
;
4054 WCHAR FsFormatName
[12];
4055 LARGE_INTEGER FormatTime
;
4056 LARGE_INTEGER LastUpdateTime
;
4057 WCHAR CopyrightInfo
[34];
4058 WCHAR AbstractInfo
[34];
4059 WCHAR FormattingImplementationInfo
[34];
4060 WCHAR LastModifyingImplementationInfo
[34];
4061 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER
;
4063 #define SET_REPAIR_ENABLED (0x00000001)
4064 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
4065 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
4066 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
4067 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
4068 #define SET_REPAIR_VALID_MASK (0x0000001F)
4070 typedef enum _SHRINK_VOLUME_REQUEST_TYPES
{
4074 } SHRINK_VOLUME_REQUEST_TYPES
, *PSHRINK_VOLUME_REQUEST_TYPES
;
4076 typedef struct _SHRINK_VOLUME_INFORMATION
{
4077 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType
;
4079 LONGLONG NewNumberOfSectors
;
4080 } SHRINK_VOLUME_INFORMATION
, *PSHRINK_VOLUME_INFORMATION
;
4082 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
4083 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
4084 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
4085 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
4086 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
4087 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
4088 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
4089 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
4090 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
4091 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
4092 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
4093 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
4094 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
4095 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
4096 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
4097 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
4098 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
4100 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
4101 #define TXFS_LOGGING_MODE_FULL (0x0002)
4103 #define TXFS_TRANSACTION_STATE_NONE 0x00
4104 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
4105 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
4106 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
4108 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE | \
4109 TXFS_RM_FLAG_RENAME_RM | \
4110 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4111 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4112 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4113 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4114 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4115 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4116 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4117 TXFS_RM_FLAG_SHRINK_LOG | \
4118 TXFS_RM_FLAG_GROW_LOG | \
4119 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
4120 TXFS_RM_FLAG_PRESERVE_CHANGES | \
4121 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4122 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4123 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4124 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4126 typedef struct _TXFS_MODIFY_RM
{
4128 ULONG LogContainerCountMax
;
4129 ULONG LogContainerCountMin
;
4130 ULONG LogContainerCount
;
4131 ULONG LogGrowthIncrement
;
4132 ULONG LogAutoShrinkPercentage
;
4135 } TXFS_MODIFY_RM
, *PTXFS_MODIFY_RM
;
4137 #define TXFS_RM_STATE_NOT_STARTED 0
4138 #define TXFS_RM_STATE_STARTING 1
4139 #define TXFS_RM_STATE_ACTIVE 2
4140 #define TXFS_RM_STATE_SHUTTING_DOWN 3
4142 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
4143 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4144 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4145 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4146 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4147 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4148 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4149 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4150 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4152 typedef struct _TXFS_QUERY_RM_INFORMATION
{
4153 ULONG BytesRequired
;
4155 ULONGLONG CurrentLsn
;
4156 ULONGLONG ArchiveTailLsn
;
4157 ULONGLONG LogContainerSize
;
4158 LARGE_INTEGER HighestVirtualClock
;
4159 ULONG LogContainerCount
;
4160 ULONG LogContainerCountMax
;
4161 ULONG LogContainerCountMin
;
4162 ULONG LogGrowthIncrement
;
4163 ULONG LogAutoShrinkPercentage
;
4168 ULONGLONG LogCapacity
;
4172 ULONGLONG TransactionCount
;
4173 ULONGLONG OnePCCount
;
4174 ULONGLONG TwoPCCount
;
4175 ULONGLONG NumberLogFileFull
;
4176 ULONGLONG OldestTransactionAge
;
4178 ULONG TmLogPathOffset
;
4179 } TXFS_QUERY_RM_INFORMATION
, *PTXFS_QUERY_RM_INFORMATION
;
4181 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
4182 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
4184 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
4185 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
4186 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
4188 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION
{
4189 LARGE_INTEGER LastVirtualClock
;
4190 ULONGLONG LastRedoLsn
;
4191 ULONGLONG HighestRecoveryLsn
;
4193 } TXFS_ROLLFORWARD_REDO_INFORMATION
, *PTXFS_ROLLFORWARD_REDO_INFORMATION
;
4195 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4196 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4197 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4198 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4199 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4200 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4201 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4202 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4204 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4205 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4206 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4208 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4209 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4211 #define TXFS_START_RM_VALID_FLAGS \
4212 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4213 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4214 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4215 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4216 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4217 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4218 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4219 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4220 TXFS_START_RM_FLAG_LOGGING_MODE | \
4221 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4222 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4223 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4225 typedef struct _TXFS_START_RM_INFORMATION
{
4227 ULONGLONG LogContainerSize
;
4228 ULONG LogContainerCountMin
;
4229 ULONG LogContainerCountMax
;
4230 ULONG LogGrowthIncrement
;
4231 ULONG LogAutoShrinkPercentage
;
4232 ULONG TmLogPathOffset
;
4233 USHORT TmLogPathLength
;
4235 USHORT LogPathLength
;
4238 } TXFS_START_RM_INFORMATION
, *PTXFS_START_RM_INFORMATION
;
4240 typedef struct _TXFS_GET_METADATA_INFO_OUT
{
4245 GUID LockingTransaction
;
4247 ULONG TransactionState
;
4248 } TXFS_GET_METADATA_INFO_OUT
, *PTXFS_GET_METADATA_INFO_OUT
;
4250 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4251 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4253 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
{
4261 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
;
4263 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES
{
4264 GUID KtmTransaction
;
4265 ULONGLONG NumberOfFiles
;
4266 ULONGLONG BufferSizeRequired
;
4268 } TXFS_LIST_TRANSACTION_LOCKED_FILES
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES
;
4270 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY
{
4272 ULONG TransactionState
;
4276 } TXFS_LIST_TRANSACTIONS_ENTRY
, *PTXFS_LIST_TRANSACTIONS_ENTRY
;
4278 typedef struct _TXFS_LIST_TRANSACTIONS
{
4279 ULONGLONG NumberOfTransactions
;
4280 ULONGLONG BufferSizeRequired
;
4281 } TXFS_LIST_TRANSACTIONS
, *PTXFS_LIST_TRANSACTIONS
;
4283 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT
{
4284 _ANONYMOUS_UNION
union {
4288 } TXFS_READ_BACKUP_INFORMATION_OUT
, *PTXFS_READ_BACKUP_INFORMATION_OUT
;
4290 typedef struct _TXFS_WRITE_BACKUP_INFORMATION
{
4292 } TXFS_WRITE_BACKUP_INFORMATION
, *PTXFS_WRITE_BACKUP_INFORMATION
;
4294 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4295 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4297 typedef struct _TXFS_GET_TRANSACTED_VERSION
{
4298 ULONG ThisBaseVersion
;
4299 ULONG LatestVersion
;
4300 USHORT ThisMiniVersion
;
4301 USHORT FirstMiniVersion
;
4302 USHORT LatestMiniVersion
;
4303 } TXFS_GET_TRANSACTED_VERSION
, *PTXFS_GET_TRANSACTED_VERSION
;
4305 #define TXFS_SAVEPOINT_SET 0x00000001
4306 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4307 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4308 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4310 typedef struct _TXFS_SAVEPOINT_INFORMATION
{
4311 HANDLE KtmTransaction
;
4314 } TXFS_SAVEPOINT_INFORMATION
, *PTXFS_SAVEPOINT_INFORMATION
;
4316 typedef struct _TXFS_CREATE_MINIVERSION_INFO
{
4317 USHORT StructureVersion
;
4318 USHORT StructureLength
;
4321 } TXFS_CREATE_MINIVERSION_INFO
, *PTXFS_CREATE_MINIVERSION_INFO
;
4323 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO
{
4324 BOOLEAN TransactionsActiveAtSnapshot
;
4325 } TXFS_TRANSACTION_ACTIVE_INFO
, *PTXFS_TRANSACTION_ACTIVE_INFO
;
4327 #endif /* (_WIN32_WINNT >= 0x0600) */
4329 #if (_WIN32_WINNT >= 0x0601)
4331 #define MARK_HANDLE_REALTIME (0x00000020)
4332 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4334 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4335 #define REMOVED_8DOT3_NAME (0x00000002)
4337 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4339 typedef struct _BOOT_AREA_INFO
{
4340 ULONG BootSectorCount
;
4342 LARGE_INTEGER Offset
;
4344 } BOOT_AREA_INFO
, *PBOOT_AREA_INFO
;
4346 typedef struct _RETRIEVAL_POINTER_BASE
{
4347 LARGE_INTEGER FileAreaOffset
;
4348 } RETRIEVAL_POINTER_BASE
, *PRETRIEVAL_POINTER_BASE
;
4350 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION
{
4355 } FILE_FS_PERSISTENT_VOLUME_INFORMATION
, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION
;
4357 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION
{
4359 } FILE_SYSTEM_RECOGNITION_INFORMATION
, *PFILE_SYSTEM_RECOGNITION_INFORMATION
;
4361 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4362 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4363 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4365 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4366 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4367 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4369 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4371 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER
{
4372 USHORT StructureVersion
;
4373 USHORT StructureLength
;
4374 ULONG RequestedOplockLevel
;
4376 } REQUEST_OPLOCK_INPUT_BUFFER
, *PREQUEST_OPLOCK_INPUT_BUFFER
;
4378 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4379 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4381 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER
{
4382 USHORT StructureVersion
;
4383 USHORT StructureLength
;
4384 ULONG OriginalOplockLevel
;
4385 ULONG NewOplockLevel
;
4387 ACCESS_MASK AccessMode
;
4389 } REQUEST_OPLOCK_OUTPUT_BUFFER
, *PREQUEST_OPLOCK_OUTPUT_BUFFER
;
4391 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4393 typedef struct _SD_CHANGE_MACHINE_SID_INPUT
{
4394 USHORT CurrentMachineSIDOffset
;
4395 USHORT CurrentMachineSIDLength
;
4396 USHORT NewMachineSIDOffset
;
4397 USHORT NewMachineSIDLength
;
4398 } SD_CHANGE_MACHINE_SID_INPUT
, *PSD_CHANGE_MACHINE_SID_INPUT
;
4400 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT
{
4401 ULONGLONG NumSDChangedSuccess
;
4402 ULONGLONG NumSDChangedFail
;
4403 ULONGLONG NumSDUnused
;
4404 ULONGLONG NumSDTotal
;
4405 ULONGLONG NumMftSDChangedSuccess
;
4406 ULONGLONG NumMftSDChangedFail
;
4407 ULONGLONG NumMftSDTotal
;
4408 } SD_CHANGE_MACHINE_SID_OUTPUT
, *PSD_CHANGE_MACHINE_SID_OUTPUT
;
4410 typedef struct _SD_GLOBAL_CHANGE_INPUT
{
4413 _ANONYMOUS_UNION
union {
4414 SD_CHANGE_MACHINE_SID_INPUT SdChange
;
4416 } SD_GLOBAL_CHANGE_INPUT
, *PSD_GLOBAL_CHANGE_INPUT
;
4418 typedef struct _SD_GLOBAL_CHANGE_OUTPUT
{
4421 _ANONYMOUS_UNION
union {
4422 SD_CHANGE_MACHINE_SID_OUTPUT SdChange
;
4424 } SD_GLOBAL_CHANGE_OUTPUT
, *PSD_GLOBAL_CHANGE_OUTPUT
;
4426 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4428 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO
{
4433 } EXTENDED_ENCRYPTED_DATA_INFO
, *PEXTENDED_ENCRYPTED_DATA_INFO
;
4435 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT
{
4437 ULONG NumberOfClusters
;
4438 LARGE_INTEGER Cluster
[1];
4439 } LOOKUP_STREAM_FROM_CLUSTER_INPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT
;
4441 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
{
4443 ULONG NumberOfMatches
;
4444 ULONG BufferSizeRequired
;
4445 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT
;
4447 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4448 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4449 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4450 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008
4452 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK 0xff000000
4453 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA 0x01000000
4454 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX 0x02000000
4455 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM 0x03000000
4457 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY
{
4460 LARGE_INTEGER Reserved
;
4461 LARGE_INTEGER Cluster
;
4463 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY
, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY
;
4465 typedef struct _FILE_TYPE_NOTIFICATION_INPUT
{
4467 ULONG NumFileTypeIDs
;
4469 } FILE_TYPE_NOTIFICATION_INPUT
, *PFILE_TYPE_NOTIFICATION_INPUT
;
4471 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN 0x00000001
4472 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END 0x00000002
4474 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE
, 0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
4475 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE
, 0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
4476 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE
, 0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
4478 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
4479 #define _VIRTUAL_STORAGE_TYPE_DEFINED
4480 typedef struct _VIRTUAL_STORAGE_TYPE
{
4483 } VIRTUAL_STORAGE_TYPE
, *PVIRTUAL_STORAGE_TYPE
;
4486 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
{
4489 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
;
4491 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES 0x1
4492 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES 0x2
4494 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
{
4496 ULONG DependencyTypeFlags
;
4497 ULONG ProviderSpecificFlags
;
4498 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4499 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
;
4501 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
{
4503 ULONG DependencyTypeFlags
;
4504 ULONG ProviderSpecificFlags
;
4505 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4506 ULONG AncestorLevel
;
4507 ULONG HostVolumeNameOffset
;
4508 ULONG HostVolumeNameSize
;
4509 ULONG DependentVolumeNameOffset
;
4510 ULONG DependentVolumeNameSize
;
4511 ULONG RelativePathOffset
;
4512 ULONG RelativePathSize
;
4513 ULONG DependentDeviceNameOffset
;
4514 ULONG DependentDeviceNameSize
;
4515 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
;
4517 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
{
4518 ULONG ResponseLevel
;
4519 ULONG NumberEntries
;
4520 _ANONYMOUS_UNION
union {
4521 STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends
[0];
4522 STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends
[0];
4524 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
;
4526 #endif /* (_WIN32_WINNT >= 0x0601) */
4528 typedef struct _FILESYSTEM_STATISTICS
{
4529 USHORT FileSystemType
;
4531 ULONG SizeOfCompleteStructure
;
4532 ULONG UserFileReads
;
4533 ULONG UserFileReadBytes
;
4534 ULONG UserDiskReads
;
4535 ULONG UserFileWrites
;
4536 ULONG UserFileWriteBytes
;
4537 ULONG UserDiskWrites
;
4538 ULONG MetaDataReads
;
4539 ULONG MetaDataReadBytes
;
4540 ULONG MetaDataDiskReads
;
4541 ULONG MetaDataWrites
;
4542 ULONG MetaDataWriteBytes
;
4543 ULONG MetaDataDiskWrites
;
4544 } FILESYSTEM_STATISTICS
, *PFILESYSTEM_STATISTICS
;
4546 #define FILESYSTEM_STATISTICS_TYPE_NTFS 1
4547 #define FILESYSTEM_STATISTICS_TYPE_FAT 2
4548 #define FILESYSTEM_STATISTICS_TYPE_EXFAT 3
4550 typedef struct _FAT_STATISTICS
{
4552 ULONG SuccessfulCreates
;
4553 ULONG FailedCreates
;
4554 ULONG NonCachedReads
;
4555 ULONG NonCachedReadBytes
;
4556 ULONG NonCachedWrites
;
4557 ULONG NonCachedWriteBytes
;
4558 ULONG NonCachedDiskReads
;
4559 ULONG NonCachedDiskWrites
;
4560 } FAT_STATISTICS
, *PFAT_STATISTICS
;
4562 typedef struct _EXFAT_STATISTICS
{
4564 ULONG SuccessfulCreates
;
4565 ULONG FailedCreates
;
4566 ULONG NonCachedReads
;
4567 ULONG NonCachedReadBytes
;
4568 ULONG NonCachedWrites
;
4569 ULONG NonCachedWriteBytes
;
4570 ULONG NonCachedDiskReads
;
4571 ULONG NonCachedDiskWrites
;
4572 } EXFAT_STATISTICS
, *PEXFAT_STATISTICS
;
4574 typedef struct _NTFS_STATISTICS
{
4575 ULONG LogFileFullExceptions
;
4576 ULONG OtherExceptions
;
4580 ULONG MftWriteBytes
;
4586 } MftWritesUserLevel
;
4587 USHORT MftWritesFlushForLogFileFull
;
4588 USHORT MftWritesLazyWriter
;
4589 USHORT MftWritesUserRequest
;
4591 ULONG Mft2WriteBytes
;
4597 } Mft2WritesUserLevel
;
4598 USHORT Mft2WritesFlushForLogFileFull
;
4599 USHORT Mft2WritesLazyWriter
;
4600 USHORT Mft2WritesUserRequest
;
4601 ULONG RootIndexReads
;
4602 ULONG RootIndexReadBytes
;
4603 ULONG RootIndexWrites
;
4604 ULONG RootIndexWriteBytes
;
4606 ULONG BitmapReadBytes
;
4608 ULONG BitmapWriteBytes
;
4609 USHORT BitmapWritesFlushForLogFileFull
;
4610 USHORT BitmapWritesLazyWriter
;
4611 USHORT BitmapWritesUserRequest
;
4616 } BitmapWritesUserLevel
;
4617 ULONG MftBitmapReads
;
4618 ULONG MftBitmapReadBytes
;
4619 ULONG MftBitmapWrites
;
4620 ULONG MftBitmapWriteBytes
;
4621 USHORT MftBitmapWritesFlushForLogFileFull
;
4622 USHORT MftBitmapWritesLazyWriter
;
4623 USHORT MftBitmapWritesUserRequest
;
4629 } MftBitmapWritesUserLevel
;
4630 ULONG UserIndexReads
;
4631 ULONG UserIndexReadBytes
;
4632 ULONG UserIndexWrites
;
4633 ULONG UserIndexWriteBytes
;
4635 ULONG LogFileReadBytes
;
4636 ULONG LogFileWrites
;
4637 ULONG LogFileWriteBytes
;
4644 ULONG HintsClusters
;
4646 ULONG CacheClusters
;
4648 ULONG CacheMissClusters
;
4650 } NTFS_STATISTICS
, *PNTFS_STATISTICS
;
4652 #endif /* _FILESYSTEMFSCTL_ */
4654 #define SYMLINK_FLAG_RELATIVE 1
4656 typedef struct _REPARSE_DATA_BUFFER
{
4658 USHORT ReparseDataLength
;
4660 _ANONYMOUS_UNION
union {
4662 USHORT SubstituteNameOffset
;
4663 USHORT SubstituteNameLength
;
4664 USHORT PrintNameOffset
;
4665 USHORT PrintNameLength
;
4667 WCHAR PathBuffer
[1];
4668 } SymbolicLinkReparseBuffer
;
4670 USHORT SubstituteNameOffset
;
4671 USHORT SubstituteNameLength
;
4672 USHORT PrintNameOffset
;
4673 USHORT PrintNameLength
;
4674 WCHAR PathBuffer
[1];
4675 } MountPointReparseBuffer
;
4677 UCHAR DataBuffer
[1];
4678 } GenericReparseBuffer
;
4680 } REPARSE_DATA_BUFFER
, *PREPARSE_DATA_BUFFER
;
4682 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
4684 typedef struct _REPARSE_GUID_DATA_BUFFER
{
4686 USHORT ReparseDataLength
;
4690 UCHAR DataBuffer
[1];
4691 } GenericReparseBuffer
;
4692 } REPARSE_GUID_DATA_BUFFER
, *PREPARSE_GUID_DATA_BUFFER
;
4694 #define REPARSE_GUID_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer)
4696 #define MAXIMUM_REPARSE_DATA_BUFFER_SIZE ( 16 * 1024 )
4698 /* Reserved reparse tags */
4699 #define IO_REPARSE_TAG_RESERVED_ZERO (0)
4700 #define IO_REPARSE_TAG_RESERVED_ONE (1)
4701 #define IO_REPARSE_TAG_RESERVED_RANGE IO_REPARSE_TAG_RESERVED_ONE
4703 #define IsReparseTagMicrosoft(_tag) (((_tag) & 0x80000000))
4704 #define IsReparseTagNameSurrogate(_tag) (((_tag) & 0x20000000))
4706 #define IO_REPARSE_TAG_VALID_VALUES (0xF000FFFF)
4708 #define IsReparseTagValid(tag) ( \
4709 !((tag) & ~IO_REPARSE_TAG_VALID_VALUES) && \
4710 ((tag) > IO_REPARSE_TAG_RESERVED_RANGE) \
4713 /* MicroSoft reparse point tags */
4714 #define IO_REPARSE_TAG_MOUNT_POINT (0xA0000003L)
4715 #define IO_REPARSE_TAG_HSM (0xC0000004L)
4716 #define IO_REPARSE_TAG_DRIVE_EXTENDER (0x80000005L)
4717 #define IO_REPARSE_TAG_HSM2 (0x80000006L)
4718 #define IO_REPARSE_TAG_SIS (0x80000007L)
4719 #define IO_REPARSE_TAG_WIM (0x80000008L)
4720 #define IO_REPARSE_TAG_CSV (0x80000009L)
4721 #define IO_REPARSE_TAG_DFS (0x8000000AL)
4722 #define IO_REPARSE_TAG_FILTER_MANAGER (0x8000000BL)
4723 #define IO_REPARSE_TAG_SYMLINK (0xA000000CL)
4724 #define IO_REPARSE_TAG_IIS_CACHE (0xA0000010L)
4725 #define IO_REPARSE_TAG_DFSR (0x80000012L)
4728 typedef struct _REPARSE_INDEX_KEY
{
4729 ULONG FileReparseTag
;
4730 LARGE_INTEGER FileId
;
4731 } REPARSE_INDEX_KEY
, *PREPARSE_INDEX_KEY
;
4734 #define FSCTL_LMR_GET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,58,METHOD_BUFFERED,FILE_ANY_ACCESS)
4735 #define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,59,METHOD_BUFFERED,FILE_ANY_ACCESS)
4736 #define IOCTL_LMR_ARE_FILE_OBJECTS_ON_SAME_SERVER CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,60,METHOD_BUFFERED,FILE_ANY_ACCESS)
4738 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
4739 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
4740 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
4741 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
4742 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
4743 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4744 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
4745 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
4746 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
4747 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
4748 #define FSCTL_PIPE_GET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
4749 #define FSCTL_PIPE_SET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
4750 #define FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
4751 #define FSCTL_PIPE_SET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 13, METHOD_BUFFERED, FILE_ANY_ACCESS)
4752 #define FSCTL_PIPE_GET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 14, METHOD_BUFFERED, FILE_ANY_ACCESS)
4753 #define FSCTL_PIPE_SET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
4754 #define FSCTL_PIPE_FLUSH CTL_CODE(FILE_DEVICE_NAMED_PIPE, 16, METHOD_BUFFERED, FILE_WRITE_DATA)
4756 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
4757 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
4758 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4759 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
4761 #define FILE_PIPE_READ_DATA 0x00000000
4762 #define FILE_PIPE_WRITE_SPACE 0x00000001
4764 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER
{
4767 } FILE_PIPE_ASSIGN_EVENT_BUFFER
, *PFILE_PIPE_ASSIGN_EVENT_BUFFER
;
4769 typedef struct _FILE_PIPE_EVENT_BUFFER
{
4770 ULONG NamedPipeState
;
4774 ULONG NumberRequests
;
4775 } FILE_PIPE_EVENT_BUFFER
, *PFILE_PIPE_EVENT_BUFFER
;
4777 typedef struct _FILE_PIPE_PEEK_BUFFER
{
4778 ULONG NamedPipeState
;
4779 ULONG ReadDataAvailable
;
4780 ULONG NumberOfMessages
;
4781 ULONG MessageLength
;
4783 } FILE_PIPE_PEEK_BUFFER
, *PFILE_PIPE_PEEK_BUFFER
;
4785 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER
{
4786 LARGE_INTEGER Timeout
;
4788 BOOLEAN TimeoutSpecified
;
4790 } FILE_PIPE_WAIT_FOR_BUFFER
, *PFILE_PIPE_WAIT_FOR_BUFFER
;
4792 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER
{
4793 #if !defined(BUILD_WOW6432)
4794 PVOID ClientSession
;
4795 PVOID ClientProcess
;
4797 ULONGLONG ClientSession
;
4798 ULONGLONG ClientProcess
;
4800 } FILE_PIPE_CLIENT_PROCESS_BUFFER
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER
;
4802 #define FILE_PIPE_COMPUTER_NAME_LENGTH 15
4804 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
{
4805 #if !defined(BUILD_WOW6432)
4806 PVOID ClientSession
;
4807 PVOID ClientProcess
;
4809 ULONGLONG ClientSession
;
4810 ULONGLONG ClientProcess
;
4812 USHORT ClientComputerNameLength
;
4813 WCHAR ClientComputerBuffer
[FILE_PIPE_COMPUTER_NAME_LENGTH
+1];
4814 } FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER_EX
;
4816 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
4818 typedef enum _LINK_TRACKING_INFORMATION_TYPE
{
4819 NtfsLinkTrackingInformation
,
4820 DfsLinkTrackingInformation
4821 } LINK_TRACKING_INFORMATION_TYPE
, *PLINK_TRACKING_INFORMATION_TYPE
;
4823 typedef struct _LINK_TRACKING_INFORMATION
{
4824 LINK_TRACKING_INFORMATION_TYPE Type
;
4826 } LINK_TRACKING_INFORMATION
, *PLINK_TRACKING_INFORMATION
;
4828 typedef struct _REMOTE_LINK_TRACKING_INFORMATION
{
4829 PVOID TargetFileObject
;
4830 ULONG TargetLinkTrackingInformationLength
;
4831 UCHAR TargetLinkTrackingInformationBuffer
[1];
4832 } REMOTE_LINK_TRACKING_INFORMATION
, *PREMOTE_LINK_TRACKING_INFORMATION
;
4834 #define IO_OPEN_PAGING_FILE 0x0002
4835 #define IO_OPEN_TARGET_DIRECTORY 0x0004
4836 #define IO_STOP_ON_SYMLINK 0x0008
4837 #define IO_MM_PAGING_FILE 0x0010
4840 (NTAPI
*PDRIVER_FS_NOTIFICATION
) (
4841 _In_ PDEVICE_OBJECT DeviceObject
,
4842 _In_ BOOLEAN FsActive
);
4844 typedef enum _FS_FILTER_SECTION_SYNC_TYPE
{
4846 SyncTypeCreateSection
4847 } FS_FILTER_SECTION_SYNC_TYPE
, *PFS_FILTER_SECTION_SYNC_TYPE
;
4849 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
{
4850 NotifyTypeCreate
= 0,
4852 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE
;
4854 typedef union _FS_FILTER_PARAMETERS
{
4856 PLARGE_INTEGER EndingOffset
;
4857 PERESOURCE
*ResourceToRelease
;
4858 } AcquireForModifiedPageWriter
;
4860 PERESOURCE ResourceToRelease
;
4861 } ReleaseForModifiedPageWriter
;
4863 FS_FILTER_SECTION_SYNC_TYPE SyncType
;
4864 ULONG PageProtection
;
4865 } AcquireForSectionSynchronization
;
4867 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
;
4868 BOOLEAN POINTER_ALIGNMENT SafeToRecurse
;
4869 } NotifyStreamFileObject
;
4877 } FS_FILTER_PARAMETERS
, *PFS_FILTER_PARAMETERS
;
4879 #define FS_FILTER_ACQUIRE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-1
4880 #define FS_FILTER_RELEASE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-2
4881 #define FS_FILTER_ACQUIRE_FOR_MOD_WRITE (UCHAR)-3
4882 #define FS_FILTER_RELEASE_FOR_MOD_WRITE (UCHAR)-4
4883 #define FS_FILTER_ACQUIRE_FOR_CC_FLUSH (UCHAR)-5
4884 #define FS_FILTER_RELEASE_FOR_CC_FLUSH (UCHAR)-6
4886 typedef struct _FS_FILTER_CALLBACK_DATA
{
4887 ULONG SizeOfFsFilterCallbackData
;
4890 struct _DEVICE_OBJECT
*DeviceObject
;
4891 struct _FILE_OBJECT
*FileObject
;
4892 FS_FILTER_PARAMETERS Parameters
;
4893 } FS_FILTER_CALLBACK_DATA
, *PFS_FILTER_CALLBACK_DATA
;
4896 (NTAPI
*PFS_FILTER_CALLBACK
) (
4897 _In_ PFS_FILTER_CALLBACK_DATA Data
,
4898 _Out_ PVOID
*CompletionContext
);
4901 (NTAPI
*PFS_FILTER_COMPLETION_CALLBACK
) (
4902 _In_ PFS_FILTER_CALLBACK_DATA Data
,
4903 _In_ NTSTATUS OperationStatus
,
4904 _In_ PVOID CompletionContext
);
4906 typedef struct _FS_FILTER_CALLBACKS
{
4907 ULONG SizeOfFsFilterCallbacks
;
4909 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization
;
4910 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization
;
4911 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization
;
4912 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization
;
4913 PFS_FILTER_CALLBACK PreAcquireForCcFlush
;
4914 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush
;
4915 PFS_FILTER_CALLBACK PreReleaseForCcFlush
;
4916 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush
;
4917 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter
;
4918 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter
;
4919 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter
;
4920 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter
;
4921 } FS_FILTER_CALLBACKS
, *PFS_FILTER_CALLBACKS
;
4923 extern NTKERNELAPI KSPIN_LOCK IoStatisticsLock
;
4924 extern NTKERNELAPI ULONG IoReadOperationCount
;
4925 extern NTKERNELAPI ULONG IoWriteOperationCount
;
4926 extern NTKERNELAPI ULONG IoOtherOperationCount
;
4927 extern NTKERNELAPI LARGE_INTEGER IoReadTransferCount
;
4928 extern NTKERNELAPI LARGE_INTEGER IoWriteTransferCount
;
4929 extern NTKERNELAPI LARGE_INTEGER IoOtherTransferCount
;
4931 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
4932 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
4934 #if (NTDDI_VERSION >= NTDDI_VISTA)
4935 typedef struct _IO_PRIORITY_INFO
{
4937 ULONG ThreadPriority
;
4939 IO_PRIORITY_HINT IoPriority
;
4940 } IO_PRIORITY_INFO
, *PIO_PRIORITY_INFO
;
4943 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION
{
4945 ACCESS_MASK GrantedAccess
;
4949 } PUBLIC_OBJECT_BASIC_INFORMATION
, *PPUBLIC_OBJECT_BASIC_INFORMATION
;
4951 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION
{
4952 UNICODE_STRING TypeName
;
4953 ULONG Reserved
[22];
4954 } PUBLIC_OBJECT_TYPE_INFORMATION
, *PPUBLIC_OBJECT_TYPE_INFORMATION
;
4956 #define SYSTEM_PAGE_PRIORITY_BITS 3
4957 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
4959 /******************************************************************************
4961 ******************************************************************************/
4962 typedef struct _KAPC_STATE
{
4963 LIST_ENTRY ApcListHead
[MaximumMode
];
4965 BOOLEAN KernelApcInProgress
;
4966 BOOLEAN KernelApcPending
;
4967 BOOLEAN UserApcPending
;
4968 } KAPC_STATE
, *PKAPC_STATE
, *RESTRICTED_POINTER PRKAPC_STATE
;
4970 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
4972 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
4974 typedef struct _KQUEUE
{
4975 DISPATCHER_HEADER Header
;
4976 LIST_ENTRY EntryListHead
;
4977 volatile ULONG CurrentCount
;
4979 LIST_ENTRY ThreadListHead
;
4980 } KQUEUE
, *PKQUEUE
, *RESTRICTED_POINTER PRKQUEUE
;
4983 /******************************************************************************
4984 * Kernel Functions *
4985 ******************************************************************************/
4989 KeGetProcessorNumberFromIndex(
4990 _In_ ULONG ProcIndex
,
4991 _Out_ PPROCESSOR_NUMBER ProcNumber
);
4995 KeGetProcessorIndexFromNumber(
4996 _In_ PPROCESSOR_NUMBER ProcNumber
);
4998 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5007 _Out_ PRKMUTANT Mutant
,
5008 _In_ BOOLEAN InitialOwner
);
5010 _IRQL_requires_max_(DISPATCH_LEVEL
)
5015 _In_ PRKMUTANT Mutant
);
5017 _When_(Wait
==0, _IRQL_requires_max_(DISPATCH_LEVEL
))
5018 _When_(Wait
==1, _IRQL_requires_max_(APC_LEVEL
))
5023 _Inout_ PRKMUTANT Mutant
,
5024 _In_ KPRIORITY Increment
,
5025 _In_ BOOLEAN Abandoned
,
5032 _Out_ PRKQUEUE Queue
,
5035 _IRQL_requires_max_(DISPATCH_LEVEL
)
5040 _In_ PRKQUEUE Queue
);
5042 _IRQL_requires_min_(PASSIVE_LEVEL
)
5043 _IRQL_requires_max_(DISPATCH_LEVEL
)
5048 _Inout_ PRKQUEUE Queue
,
5049 _Inout_ PLIST_ENTRY Entry
);
5051 _IRQL_requires_min_(PASSIVE_LEVEL
)
5052 _IRQL_requires_max_(DISPATCH_LEVEL
)
5057 _Inout_ PRKQUEUE Queue
,
5058 _Inout_ PLIST_ENTRY Entry
);
5060 _IRQL_requires_min_(PASSIVE_LEVEL
)
5061 _When_((Timeout
==NULL
|| Timeout
->QuadPart
!=0), _IRQL_requires_max_(APC_LEVEL
))
5062 _When_((Timeout
!=NULL
&& Timeout
->QuadPart
==0), _IRQL_requires_max_(DISPATCH_LEVEL
))
5067 _Inout_ PRKQUEUE Queue
,
5068 _In_ KPROCESSOR_MODE WaitMode
,
5069 _In_opt_ PLARGE_INTEGER Timeout
);
5071 _IRQL_requires_max_(APC_LEVEL
)
5076 _Inout_ PKPROCESS Process
);
5078 _IRQL_requires_max_(APC_LEVEL
)
5082 KeDetachProcess(VOID
);
5084 _IRQL_requires_max_(DISPATCH_LEVEL
)
5089 _Inout_ PRKQUEUE Queue
);
5091 _IRQL_requires_max_(APC_LEVEL
)
5095 KeStackAttachProcess(
5096 _Inout_ PKPROCESS Process
,
5097 _Out_ PKAPC_STATE ApcState
);
5099 _IRQL_requires_max_(APC_LEVEL
)
5103 KeUnstackDetachProcess(
5104 _In_ PKAPC_STATE ApcState
);
5106 _IRQL_requires_min_(PASSIVE_LEVEL
)
5107 _IRQL_requires_max_(DISPATCH_LEVEL
)
5111 KeSetIdealProcessorThread(
5112 _Inout_ PKTHREAD Thread
,
5113 _In_ UCHAR Processor
);
5115 _IRQL_requires_max_(APC_LEVEL
)
5119 KeSetKernelStackSwapEnable(
5120 _In_ BOOLEAN Enable
);
5123 _Requires_lock_not_held_(*SpinLock
)
5124 _Acquires_lock_(*SpinLock
)
5125 _IRQL_raises_(SYNCH_LEVEL
)
5130 KeAcquireSpinLockRaiseToSynch(
5131 _Inout_ PKSPIN_LOCK SpinLock
);
5133 _Requires_lock_not_held_(*SpinLock
)
5134 _Acquires_lock_(*SpinLock
)
5135 _IRQL_raises_(SYNCH_LEVEL
)
5139 KeAcquireSpinLockRaiseToSynch(
5140 _Inout_ PKSPIN_LOCK SpinLock
);
5143 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5145 #if (NTDDI_VERSION >= NTDDI_WINXP)
5148 _Requires_lock_not_held_(Number
)
5149 _Acquires_lock_(Number
)
5150 _IRQL_raises_(DISPATCH_LEVEL
)
5154 KeAcquireQueuedSpinLock(
5155 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
);
5157 _Requires_lock_held_(Number
)
5158 _Releases_lock_(Number
)
5162 KeReleaseQueuedSpinLock(
5163 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
,
5164 _In_ KIRQL OldIrql
);
5166 _Must_inspect_result_
5167 _Post_satisfies_(return == 1 || return == 0)
5171 KeTryToAcquireQueuedSpinLock(
5172 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
,
5173 _Out_
_At_(*OldIrql
, _IRQL_saves_
) PKIRQL OldIrql
);
5175 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5181 #if (NTDDI_VERSION >= NTDDI_VISTA)
5183 _IRQL_requires_max_(DISPATCH_LEVEL
)
5187 _In_ PKMUTANT Mutant
,
5188 _Out_ PCLIENT_ID ClientId
);
5190 _IRQL_requires_min_(PASSIVE_LEVEL
)
5191 _When_((Timeout
==NULL
|| *Timeout
!=0), _IRQL_requires_max_(APC_LEVEL
))
5192 _When_((Timeout
!=NULL
&& *Timeout
==0), _IRQL_requires_max_(DISPATCH_LEVEL
))
5197 _Inout_ PKQUEUE Queue
,
5198 _In_ KPROCESSOR_MODE WaitMode
,
5199 _In_ BOOLEAN Alertable
,
5200 _In_opt_ PLARGE_INTEGER Timeout
,
5201 _Out_writes_to_(Count
, return) PLIST_ENTRY
*EntryArray
,
5204 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5207 #define INVALID_PROCESSOR_INDEX 0xffffffff
5209 #define EX_PUSH_LOCK ULONG_PTR
5210 #define PEX_PUSH_LOCK PULONG_PTR
5211 /******************************************************************************
5212 * Executive Functions *
5213 ******************************************************************************/
5216 #define ExDisableResourceBoost ExDisableResourceBoostLite
5220 ExInitializePushLock(
5221 _Out_ PEX_PUSH_LOCK PushLock
);
5223 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5225 _IRQL_requires_max_(DISPATCH_LEVEL
)
5229 ExQueryPoolBlockSize(
5230 _In_ PVOID PoolBlock
,
5231 _Out_ PBOOLEAN QuotaCharged
);
5233 _IRQL_requires_max_(DISPATCH_LEVEL
)
5235 ExAdjustLookasideDepth(VOID
);
5237 _IRQL_requires_max_(DISPATCH_LEVEL
)
5241 ExDisableResourceBoostLite(
5242 _In_ PERESOURCE Resource
);
5243 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5245 #if (NTDDI_VERSION >= NTDDI_WINXP)
5249 InterlockedPushListSList(
5250 _Inout_ PSLIST_HEADER ListHead
,
5251 _Inout_ __drv_aliasesMem PSLIST_ENTRY List
,
5252 _Inout_ PSLIST_ENTRY ListEnd
,
5254 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5256 /******************************************************************************
5257 * Security Manager Functions *
5258 ******************************************************************************/
5260 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5266 SeReleaseSubjectContext(
5267 _Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5273 _Inout_ PPRIVILEGE_SET RequiredPrivileges
,
5274 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5275 _In_ KPROCESSOR_MODE AccessMode
);
5280 SeOpenObjectAuditAlarm(
5281 _In_ PUNICODE_STRING ObjectTypeName
,
5282 _In_opt_ PVOID Object
,
5283 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5284 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5285 _In_ PACCESS_STATE AccessState
,
5286 _In_ BOOLEAN ObjectCreated
,
5287 _In_ BOOLEAN AccessGranted
,
5288 _In_ KPROCESSOR_MODE AccessMode
,
5289 _Out_ PBOOLEAN GenerateOnClose
);
5294 SeOpenObjectForDeleteAuditAlarm(
5295 _In_ PUNICODE_STRING ObjectTypeName
,
5296 _In_opt_ PVOID Object
,
5297 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5298 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5299 _In_ PACCESS_STATE AccessState
,
5300 _In_ BOOLEAN ObjectCreated
,
5301 _In_ BOOLEAN AccessGranted
,
5302 _In_ KPROCESSOR_MODE AccessMode
,
5303 _Out_ PBOOLEAN GenerateOnClose
);
5308 SeDeleteObjectAuditAlarm(
5310 _In_ HANDLE Handle
);
5316 _In_ PACCESS_TOKEN Token
);
5322 _In_ PACCESS_TOKEN Token
);
5327 SeTokenIsRestricted(
5328 _In_ PACCESS_TOKEN Token
);
5333 SeQueryAuthenticationIdToken(
5334 _In_ PACCESS_TOKEN Token
,
5335 _Out_ PLUID AuthenticationId
);
5340 SeQuerySessionIdToken(
5341 _In_ PACCESS_TOKEN Token
,
5342 _Out_ PULONG SessionId
);
5347 SeCreateClientSecurity(
5348 _In_ PETHREAD ClientThread
,
5349 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5350 _In_ BOOLEAN RemoteSession
,
5351 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext
);
5356 SeImpersonateClient(
5357 _In_ PSECURITY_CLIENT_CONTEXT ClientContext
,
5358 _In_opt_ PETHREAD ServerThread
);
5363 SeImpersonateClientEx(
5364 _In_ PSECURITY_CLIENT_CONTEXT ClientContext
,
5365 _In_opt_ PETHREAD ServerThread
);
5370 SeCreateClientSecurityFromSubjectContext(
5371 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5372 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5373 _In_ BOOLEAN ServerIsRemote
,
5374 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext
);
5379 SeQuerySecurityDescriptorInfo(
5380 _In_ PSECURITY_INFORMATION SecurityInformation
,
5381 _Out_writes_bytes_(*Length
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
5382 _Inout_ PULONG Length
,
5383 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
);
5388 SeSetSecurityDescriptorInfo(
5389 _In_opt_ PVOID Object
,
5390 _In_ PSECURITY_INFORMATION SecurityInformation
,
5391 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5392 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5393 _In_ POOL_TYPE PoolType
,
5394 _In_ PGENERIC_MAPPING GenericMapping
);
5399 SeSetSecurityDescriptorInfoEx(
5400 _In_opt_ PVOID Object
,
5401 _In_ PSECURITY_INFORMATION SecurityInformation
,
5402 _In_ PSECURITY_DESCRIPTOR ModificationDescriptor
,
5403 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5404 _In_ ULONG AutoInheritFlags
,
5405 _In_ POOL_TYPE PoolType
,
5406 _In_ PGENERIC_MAPPING GenericMapping
);
5412 _Inout_ PACCESS_STATE AccessState
,
5413 _In_ PPRIVILEGE_SET Privileges
);
5418 SeAuditingFileEvents(
5419 _In_ BOOLEAN AccessGranted
,
5420 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
5425 SeAuditingFileOrGlobalEvents(
5426 _In_ BOOLEAN AccessGranted
,
5427 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5428 _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5432 SeSetAccessStateGenericMapping(
5433 _Inout_ PACCESS_STATE AccessState
,
5434 _In_ PGENERIC_MAPPING GenericMapping
);
5439 SeRegisterLogonSessionTerminatedRoutine(
5440 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5445 SeUnregisterLogonSessionTerminatedRoutine(
5446 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5451 SeMarkLogonSessionForTerminationNotification(
5452 _In_ PLUID LogonId
);
5457 SeQueryInformationToken(
5458 _In_ PACCESS_TOKEN Token
,
5459 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
5460 _Outptr_result_buffer_(_Inexpressible_(token
-dependent
)) PVOID
*TokenInformation
);
5462 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5463 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
5467 SeAuditingHardLinkEvents(
5468 _In_ BOOLEAN AccessGranted
,
5469 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
5472 #if (NTDDI_VERSION >= NTDDI_WINXP)
5478 _In_ PACCESS_TOKEN ExistingToken
,
5480 _In_opt_ PTOKEN_GROUPS SidsToDisable
,
5481 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete
,
5482 _In_opt_ PTOKEN_GROUPS RestrictedSids
,
5483 _Outptr_ PACCESS_TOKEN
*FilteredToken
);
5488 SeAuditHardLinkCreation(
5489 _In_ PUNICODE_STRING FileName
,
5490 _In_ PUNICODE_STRING LinkName
,
5491 _In_ BOOLEAN bSuccess
);
5493 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5495 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
5500 SeAuditingFileEventsWithContext(
5501 _In_ BOOLEAN AccessGranted
,
5502 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5503 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5508 SeAuditingHardLinkEventsWithContext(
5509 _In_ BOOLEAN AccessGranted
,
5510 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5511 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5516 #if (NTDDI_VERSION >= NTDDI_VISTA)
5521 SeOpenObjectAuditAlarmWithTransaction(
5522 _In_ PUNICODE_STRING ObjectTypeName
,
5523 _In_opt_ PVOID Object
,
5524 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5525 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5526 _In_ PACCESS_STATE AccessState
,
5527 _In_ BOOLEAN ObjectCreated
,
5528 _In_ BOOLEAN AccessGranted
,
5529 _In_ KPROCESSOR_MODE AccessMode
,
5530 _In_opt_ GUID
*TransactionId
,
5531 _Out_ PBOOLEAN GenerateOnClose
);
5536 SeOpenObjectForDeleteAuditAlarmWithTransaction(
5537 _In_ PUNICODE_STRING ObjectTypeName
,
5538 _In_opt_ PVOID Object
,
5539 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5540 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5541 _In_ PACCESS_STATE AccessState
,
5542 _In_ BOOLEAN ObjectCreated
,
5543 _In_ BOOLEAN AccessGranted
,
5544 _In_ KPROCESSOR_MODE AccessMode
,
5545 _In_opt_ GUID
*TransactionId
,
5546 _Out_ PBOOLEAN GenerateOnClose
);
5553 _In_ PACCESS_TOKEN Token
,
5554 _In_ ACCESS_MASK DesiredAccess
,
5555 _In_ BOOLEAN AccessGranted
,
5556 _Out_ PBOOLEAN GenerateAudit
,
5557 _Out_ PBOOLEAN GenerateAlarm
);
5562 SeDeleteObjectAuditAlarmWithTransaction(
5565 _In_opt_ GUID
*TransactionId
);
5570 SeQueryTokenIntegrity(
5571 _In_ PACCESS_TOKEN Token
,
5572 _Inout_ PSID_AND_ATTRIBUTES IntegritySA
);
5577 SeSetSessionIdToken(
5578 _In_ PACCESS_TOKEN Token
,
5579 _In_ ULONG SessionId
);
5584 SeAuditHardLinkCreationWithTransaction(
5585 _In_ PUNICODE_STRING FileName
,
5586 _In_ PUNICODE_STRING LinkName
,
5587 _In_ BOOLEAN bSuccess
,
5588 _In_opt_ GUID
*TransactionId
);
5593 SeAuditTransactionStateChange(
5594 _In_ GUID
*TransactionId
,
5595 _In_ GUID
*ResourceManagerId
,
5596 _In_ ULONG NewTransactionState
);
5597 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5599 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
5603 SeTokenIsWriteRestricted(
5604 _In_ PACCESS_TOKEN Token
);
5607 #if (NTDDI_VERSION >= NTDDI_WIN7)
5612 SeAuditingAnyFileEventsWithContext(
5613 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5614 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
,
5615 _Out_opt_ PBOOLEAN StagingEnabled
);
5620 SeExamineGlobalSacl(
5621 _In_ PUNICODE_STRING ObjectType
,
5622 _In_ PACL ResourceSacl
,
5623 _In_ PACCESS_TOKEN Token
,
5624 _In_ ACCESS_MASK DesiredAccess
,
5625 _In_ BOOLEAN AccessGranted
,
5626 _Inout_ PBOOLEAN GenerateAudit
,
5627 _Inout_opt_ PBOOLEAN GenerateAlarm
);
5632 SeMaximumAuditMaskFromGlobalSacl(
5633 _In_opt_ PUNICODE_STRING ObjectTypeName
,
5634 _In_ ACCESS_MASK GrantedAccess
,
5635 _In_ PACCESS_TOKEN Token
,
5636 _Inout_ PACCESS_MASK AuditMask
);
5638 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
5642 SeReportSecurityEventWithSubCategory(
5644 _In_ PUNICODE_STRING SourceName
,
5645 _In_opt_ PSID UserSid
,
5646 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters
,
5647 _In_ ULONG AuditSubcategoryId
);
5651 SeAccessCheckFromState(
5652 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5653 _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation
,
5654 _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation
,
5655 _In_ ACCESS_MASK DesiredAccess
,
5656 _In_ ACCESS_MASK PreviouslyGrantedAccess
,
5657 _Outptr_opt_result_maybenull_ PPRIVILEGE_SET
*Privileges
,
5658 _In_ PGENERIC_MAPPING GenericMapping
,
5659 _In_ KPROCESSOR_MODE AccessMode
,
5660 _Out_ PACCESS_MASK GrantedAccess
,
5661 _Out_ PNTSTATUS AccessStatus
);
5667 _In_ PPRIVILEGE_SET Privileges
);
5671 SeLocateProcessImageName(
5672 _Inout_ PEPROCESS Process
,
5673 _Outptr_ PUNICODE_STRING
*pImageFileName
);
5675 #define SeLengthSid( Sid ) \
5676 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
5678 #define SeDeleteClientSecurity(C) { \
5679 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
5680 PsDereferencePrimaryToken( (C)->ClientToken ); \
5682 PsDereferenceImpersonationToken( (C)->ClientToken ); \
5686 #define SeStopImpersonatingClient() PsRevertToSelf()
5688 #define SeQuerySubjectContextToken( SubjectContext ) \
5689 ( ARGUMENT_PRESENT( \
5690 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
5692 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
5693 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
5695 extern NTKERNELAPI PSE_EXPORTS SeExports
;
5697 /******************************************************************************
5698 * Process Manager Functions *
5699 ******************************************************************************/
5701 _Must_inspect_result_
5702 _IRQL_requires_max_(APC_LEVEL
)
5706 PsLookupProcessByProcessId(
5707 _In_ HANDLE ProcessId
,
5708 _Outptr_ PEPROCESS
*Process
);
5710 _Must_inspect_result_
5711 _IRQL_requires_max_(APC_LEVEL
)
5715 PsLookupThreadByThreadId(
5716 _In_ HANDLE UniqueThreadId
,
5717 _Outptr_ PETHREAD
*Thread
);
5719 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5722 _IRQL_requires_max_(APC_LEVEL
)
5726 PsReferenceImpersonationToken(
5727 _Inout_ PETHREAD Thread
,
5728 _Out_ PBOOLEAN CopyOnOpen
,
5729 _Out_ PBOOLEAN EffectiveOnly
,
5730 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5732 _IRQL_requires_max_(APC_LEVEL
)
5736 PsGetProcessExitTime(VOID
);
5738 _IRQL_requires_max_(DISPATCH_LEVEL
)
5742 PsIsThreadTerminating(
5743 _In_ PETHREAD Thread
);
5745 _Must_inspect_result_
5746 _IRQL_requires_max_(PASSIVE_LEVEL
)
5750 PsImpersonateClient(
5751 _Inout_ PETHREAD Thread
,
5752 _In_opt_ PACCESS_TOKEN Token
,
5753 _In_ BOOLEAN CopyOnOpen
,
5754 _In_ BOOLEAN EffectiveOnly
,
5755 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5757 _IRQL_requires_max_(PASSIVE_LEVEL
)
5761 PsDisableImpersonation(
5762 _Inout_ PETHREAD Thread
,
5763 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState
);
5765 _IRQL_requires_max_(PASSIVE_LEVEL
)
5769 PsRestoreImpersonation(
5770 _Inout_ PETHREAD Thread
,
5771 _In_ PSE_IMPERSONATION_STATE ImpersonationState
);
5773 _IRQL_requires_max_(PASSIVE_LEVEL
)
5777 PsRevertToSelf(VOID
);
5779 _IRQL_requires_max_(APC_LEVEL
)
5784 _In_ PEPROCESS Process
,
5785 _In_ POOL_TYPE PoolType
,
5786 _In_ ULONG_PTR Amount
);
5788 _IRQL_requires_max_(APC_LEVEL
)
5793 _In_ PEPROCESS Process
,
5794 _In_ POOL_TYPE PoolType
,
5795 _In_ ULONG_PTR Amount
);
5797 _IRQL_requires_max_(PASSIVE_LEVEL
)
5801 PsAssignImpersonationToken(
5802 _In_ PETHREAD Thread
,
5803 _In_opt_ HANDLE Token
);
5805 _IRQL_requires_max_(PASSIVE_LEVEL
)
5809 PsReferencePrimaryToken(
5810 _Inout_ PEPROCESS Process
);
5811 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5812 #if (NTDDI_VERSION >= NTDDI_WINXP)
5815 _IRQL_requires_max_(PASSIVE_LEVEL
)
5819 PsDereferencePrimaryToken(
5820 _In_ PACCESS_TOKEN PrimaryToken
);
5822 _IRQL_requires_max_(PASSIVE_LEVEL
)
5826 PsDereferenceImpersonationToken(
5827 _In_ PACCESS_TOKEN ImpersonationToken
);
5829 _Must_inspect_result_
5830 _IRQL_requires_max_(APC_LEVEL
)
5834 PsChargeProcessPoolQuota(
5835 _In_ PEPROCESS Process
,
5836 _In_ POOL_TYPE PoolType
,
5837 _In_ ULONG_PTR Amount
);
5843 _In_ PETHREAD Thread
);
5844 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5846 /******************************************************************************
5847 * I/O Manager Functions *
5848 ******************************************************************************/
5850 #define IoIsFileOpenedExclusively(FileObject) ( \
5852 (FileObject)->SharedRead || \
5853 (FileObject)->SharedWrite || \
5854 (FileObject)->SharedDelete \
5858 #if (NTDDI_VERSION == NTDDI_WIN2K)
5862 IoRegisterFsRegistrationChangeEx(
5863 _In_ PDRIVER_OBJECT DriverObject
,
5864 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
5866 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5872 IoAcquireVpbSpinLock(
5878 IoCheckDesiredAccess(
5879 _Inout_ PACCESS_MASK DesiredAccess
,
5880 _In_ ACCESS_MASK GrantedAccess
);
5885 IoCheckEaBufferValidity(
5886 _In_ PFILE_FULL_EA_INFORMATION EaBuffer
,
5887 _In_ ULONG EaLength
,
5888 _Out_ PULONG ErrorOffset
);
5893 IoCheckFunctionAccess(
5894 _In_ ACCESS_MASK GrantedAccess
,
5895 _In_ UCHAR MajorFunction
,
5896 _In_ UCHAR MinorFunction
,
5897 _In_ ULONG IoControlCode
,
5898 _In_opt_ PVOID Argument1
,
5899 _In_opt_ PVOID Argument2
);
5904 IoCheckQuerySetFileInformation(
5905 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
5907 _In_ BOOLEAN SetOperation
);
5912 IoCheckQuerySetVolumeInformation(
5913 _In_ FS_INFORMATION_CLASS FsInformationClass
,
5915 _In_ BOOLEAN SetOperation
);
5920 IoCheckQuotaBufferValidity(
5921 _In_ PFILE_QUOTA_INFORMATION QuotaBuffer
,
5922 _In_ ULONG QuotaLength
,
5923 _Out_ PULONG ErrorOffset
);
5928 IoCreateStreamFileObject(
5929 _In_opt_ PFILE_OBJECT FileObject
,
5930 _In_opt_ PDEVICE_OBJECT DeviceObject
);
5935 IoCreateStreamFileObjectLite(
5936 _In_opt_ PFILE_OBJECT FileObject
,
5937 _In_opt_ PDEVICE_OBJECT DeviceObject
);
5942 IoFastQueryNetworkAttributes(
5943 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
5944 _In_ ACCESS_MASK DesiredAccess
,
5945 _In_ ULONG OpenOptions
,
5946 _Out_ PIO_STATUS_BLOCK IoStatus
,
5947 _Out_ PFILE_NETWORK_OPEN_INFORMATION Buffer
);
5953 _In_ PFILE_OBJECT FileObject
,
5955 _In_ PLARGE_INTEGER Offset
,
5957 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
5962 IoGetBaseFileSystemDeviceObject(
5963 _In_ PFILE_OBJECT FileObject
);
5965 _IRQL_requires_max_(PASSIVE_LEVEL
)
5967 PCONFIGURATION_INFORMATION
5969 IoGetConfigurationInformation(VOID
);
5974 IoGetRequestorProcessId(
5980 IoGetRequestorProcess(
5986 IoGetTopLevelIrp(VOID
);
5991 IoIsOperationSynchronous(
5998 _In_ PETHREAD Thread
);
6003 IoIsValidNameGraftingBuffer(
6005 _In_ PREPARSE_DATA_BUFFER ReparseBuffer
);
6010 IoQueryFileInformation(
6011 _In_ PFILE_OBJECT FileObject
,
6012 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
6014 _Out_ PVOID FileInformation
,
6015 _Out_ PULONG ReturnedLength
);
6020 IoQueryVolumeInformation(
6021 _In_ PFILE_OBJECT FileObject
,
6022 _In_ FS_INFORMATION_CLASS FsInformationClass
,
6024 _Out_ PVOID FsInformation
,
6025 _Out_ PULONG ReturnedLength
);
6036 IoRegisterFileSystem(
6037 _In_ __drv_aliasesMem PDEVICE_OBJECT DeviceObject
);
6042 IoRegisterFsRegistrationChange(
6043 _In_ PDRIVER_OBJECT DriverObject
,
6044 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
6049 IoReleaseVpbSpinLock(
6055 IoSetDeviceToVerify(
6056 _In_ PETHREAD Thread
,
6057 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6063 _In_ PFILE_OBJECT FileObject
,
6064 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
6066 _In_ PVOID FileInformation
);
6077 IoSynchronousPageWrite(
6078 _In_ PFILE_OBJECT FileObject
,
6080 _In_ PLARGE_INTEGER FileOffset
,
6082 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
6088 _In_ PETHREAD Thread
);
6093 IoUnregisterFileSystem(
6094 _In_ PDEVICE_OBJECT DeviceObject
);
6099 IoUnregisterFsRegistrationChange(
6100 _In_ PDRIVER_OBJECT DriverObject
,
6101 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
6107 _In_ PDEVICE_OBJECT DeviceObject
,
6108 _In_ BOOLEAN AllowRawMount
);
6113 IoGetRequestorSessionId(
6115 _Out_ PULONG pSessionId
);
6117 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6120 #if (NTDDI_VERSION >= NTDDI_WINXP)
6126 IoCreateStreamFileObjectEx(
6127 _In_opt_ PFILE_OBJECT FileObject
,
6128 _In_opt_ PDEVICE_OBJECT DeviceObject
,
6129 _Out_opt_ PHANDLE FileObjectHandle
);
6134 IoQueryFileDosDeviceName(
6135 _In_ PFILE_OBJECT FileObject
,
6136 _Out_ POBJECT_NAME_INFORMATION
*ObjectNameInformation
);
6141 IoEnumerateDeviceObjectList(
6142 _In_ PDRIVER_OBJECT DriverObject
,
6143 _Out_writes_bytes_to_opt_(DeviceObjectListSize
,(*ActualNumberDeviceObjects
)*sizeof(PDEVICE_OBJECT
))
6144 PDEVICE_OBJECT
*DeviceObjectList
,
6145 _In_ ULONG DeviceObjectListSize
,
6146 _Out_ PULONG ActualNumberDeviceObjects
);
6151 IoGetLowerDeviceObject(
6152 _In_ PDEVICE_OBJECT DeviceObject
);
6157 IoGetDeviceAttachmentBaseRef(
6158 _In_ PDEVICE_OBJECT DeviceObject
);
6163 IoGetDiskDeviceObject(
6164 _In_ PDEVICE_OBJECT FileSystemDeviceObject
,
6165 _Out_ PDEVICE_OBJECT
*DiskDeviceObject
);
6167 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6169 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
6175 IoEnumerateRegisteredFiltersList(
6176 _Out_writes_bytes_to_opt_(DriverObjectListSize
,(*ActualNumberDriverObjects
)*sizeof(PDRIVER_OBJECT
))
6177 PDRIVER_OBJECT
*DriverObjectList
,
6178 _In_ ULONG DriverObjectListSize
,
6179 _Out_ PULONG ActualNumberDriverObjects
);
6180 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
6182 #if (NTDDI_VERSION >= NTDDI_VISTA)
6187 IoInitializePriorityInfo(
6188 _In_ PIO_PRIORITY_INFO PriorityInfo
)
6190 PriorityInfo
->Size
= sizeof(IO_PRIORITY_INFO
);
6191 PriorityInfo
->ThreadPriority
= 0xffff;
6192 PriorityInfo
->IoPriority
= IoPriorityNormal
;
6193 PriorityInfo
->PagePriority
= 0;
6195 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6197 #if (NTDDI_VERSION >= NTDDI_WIN7)
6203 IoRegisterFsRegistrationChangeMountAware(
6204 _In_ PDRIVER_OBJECT DriverObject
,
6205 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
,
6206 _In_ BOOLEAN SynchronizeWithMounts
);
6211 IoReplaceFileObjectName(
6212 _In_ PFILE_OBJECT FileObject
,
6213 _In_reads_bytes_(FileNameLength
) PWSTR NewFileName
,
6214 _In_ USHORT FileNameLength
);
6215 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6218 #define PO_CB_SYSTEM_POWER_POLICY 0
6219 #define PO_CB_AC_STATUS 1
6220 #define PO_CB_BUTTON_COLLISION 2
6221 #define PO_CB_SYSTEM_STATE_LOCK 3
6222 #define PO_CB_LID_SWITCH_STATE 4
6223 #define PO_CB_PROCESSOR_POWER_POLICY 5
6226 #if (NTDDI_VERSION >= NTDDI_WINXP)
6227 _IRQL_requires_max_(APC_LEVEL
)
6231 PoQueueShutdownWorkItem(
6232 _Inout_ __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem
);
6234 /******************************************************************************
6235 * Memory manager Types *
6236 ******************************************************************************/
6237 typedef enum _MMFLUSH_TYPE
{
6242 typedef struct _READ_LIST
{
6243 PFILE_OBJECT FileObject
;
6244 ULONG NumberOfEntries
;
6246 FILE_SEGMENT_ELEMENT List
[ANYSIZE_ARRAY
];
6247 } READ_LIST
, *PREAD_LIST
;
6249 #if (NTDDI_VERSION >= NTDDI_WINXP)
6251 typedef union _MM_PREFETCH_FLAGS
{
6253 ULONG Priority
: SYSTEM_PAGE_PRIORITY_BITS
;
6254 ULONG RepurposePriority
: SYSTEM_PAGE_PRIORITY_BITS
;
6257 } MM_PREFETCH_FLAGS
, *PMM_PREFETCH_FLAGS
;
6259 #define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
6261 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6263 #define HEAP_NO_SERIALIZE 0x00000001
6264 #define HEAP_GROWABLE 0x00000002
6265 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
6266 #define HEAP_ZERO_MEMORY 0x00000008
6267 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
6268 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
6269 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
6270 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
6272 #define HEAP_CREATE_ALIGN_16 0x00010000
6273 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
6274 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
6276 #define HEAP_SETTABLE_USER_VALUE 0x00000100
6277 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
6278 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
6279 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
6280 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
6282 #define HEAP_CLASS_0 0x00000000
6283 #define HEAP_CLASS_1 0x00001000
6284 #define HEAP_CLASS_2 0x00002000
6285 #define HEAP_CLASS_3 0x00003000
6286 #define HEAP_CLASS_4 0x00004000
6287 #define HEAP_CLASS_5 0x00005000
6288 #define HEAP_CLASS_6 0x00006000
6289 #define HEAP_CLASS_7 0x00007000
6290 #define HEAP_CLASS_8 0x00008000
6291 #define HEAP_CLASS_MASK 0x0000F000
6293 #define HEAP_MAXIMUM_TAG 0x0FFF
6294 #define HEAP_GLOBAL_TAG 0x0800
6295 #define HEAP_PSEUDO_TAG_FLAG 0x8000
6296 #define HEAP_TAG_SHIFT 18
6297 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
6299 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
6301 HEAP_GENERATE_EXCEPTIONS | \
6302 HEAP_ZERO_MEMORY | \
6303 HEAP_REALLOC_IN_PLACE_ONLY | \
6304 HEAP_TAIL_CHECKING_ENABLED | \
6305 HEAP_FREE_CHECKING_ENABLED | \
6306 HEAP_DISABLE_COALESCE_ON_FREE | \
6308 HEAP_CREATE_ALIGN_16 | \
6309 HEAP_CREATE_ENABLE_TRACING | \
6310 HEAP_CREATE_ENABLE_EXECUTE)
6312 /******************************************************************************
6313 * Memory manager Functions *
6314 ******************************************************************************/
6318 HEAP_MAKE_TAG_FLAGS(
6322 //__assume_bound(TagBase); // FIXME
6323 return ((ULONG
)((TagBase
) + ((Tag
) << HEAP_TAG_SHIFT
)));
6326 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6331 MmIsRecursiveIoFault(VOID
);
6333 _IRQL_requires_max_ (APC_LEVEL
)
6337 MmForceSectionClosed(
6338 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6339 _In_ BOOLEAN DelayClose
);
6341 _IRQL_requires_max_ (APC_LEVEL
)
6345 MmFlushImageSection(
6346 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6347 _In_ MMFLUSH_TYPE FlushType
);
6349 _IRQL_requires_max_ (APC_LEVEL
)
6353 MmCanFileBeTruncated(
6354 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6355 _In_opt_ PLARGE_INTEGER NewFileSize
);
6357 _IRQL_requires_max_ (APC_LEVEL
)
6361 MmSetAddressRangeModified(
6362 _In_reads_bytes_ (Length
) PVOID Address
,
6363 _In_ SIZE_T Length
);
6365 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6367 #if (NTDDI_VERSION >= NTDDI_WINXP)
6370 _IRQL_requires_max_ (PASSIVE_LEVEL
)
6375 _In_ ULONG NumberOfLists
,
6376 _In_reads_ (NumberOfLists
) PREAD_LIST
*ReadLists
);
6378 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6381 #if (NTDDI_VERSION >= NTDDI_VISTA)
6383 _IRQL_requires_max_ (APC_LEVEL
)
6387 MmDoesFileHaveUserWritableReferences(
6388 _In_ PSECTION_OBJECT_POINTERS SectionPointer
);
6390 _Must_inspect_result_
6391 _At_(*BaseAddress
, __drv_allocatesMem(Mem
))
6396 NtAllocateVirtualMemory(
6397 _In_ HANDLE ProcessHandle
,
6398 _Inout_
_Outptr_result_buffer_(*RegionSize
) PVOID
*BaseAddress
,
6399 _In_ ULONG_PTR ZeroBits
,
6400 _Inout_ PSIZE_T RegionSize
,
6401 _In_ ULONG AllocationType
,
6402 _In_ ULONG Protect
);
6405 _IRQL_requires_max_(PASSIVE_LEVEL
)
6409 NtFreeVirtualMemory(
6410 _In_ HANDLE ProcessHandle
,
6411 _Inout_
__drv_freesMem(Mem
) PVOID
*BaseAddress
,
6412 _Inout_ PSIZE_T RegionSize
,
6413 _In_ ULONG FreeType
);
6415 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6418 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6425 _Inout_opt_ PACCESS_STATE PassedAccessState
,
6426 _In_opt_ ACCESS_MASK DesiredAccess
,
6427 _In_ ULONG ObjectPointerBias
,
6428 _Out_opt_ PVOID
*NewObject
,
6429 _Out_opt_ PHANDLE Handle
);
6434 ObOpenObjectByPointer(
6436 _In_ ULONG HandleAttributes
,
6437 _In_opt_ PACCESS_STATE PassedAccessState
,
6438 _In_ ACCESS_MASK DesiredAccess
,
6439 _In_opt_ POBJECT_TYPE ObjectType
,
6440 _In_ KPROCESSOR_MODE AccessMode
,
6441 _Out_ PHANDLE Handle
);
6446 ObMakeTemporaryObject(
6454 _Out_writes_bytes_opt_(Length
) POBJECT_NAME_INFORMATION ObjectNameInfo
,
6456 _Out_ PULONG ReturnLength
);
6461 ObQueryObjectAuditingByHandle(
6463 _Out_ PBOOLEAN GenerateOnClose
);
6464 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6466 #if (NTDDI_VERSION >= NTDDI_VISTA)
6472 _In_ HANDLE Handle
);
6476 #if (NTDDI_VERSION >= NTDDI_WIN7)
6481 ObOpenObjectByPointerWithTag(
6483 _In_ ULONG HandleAttributes
,
6484 _In_opt_ PACCESS_STATE PassedAccessState
,
6485 _In_ ACCESS_MASK DesiredAccess
,
6486 _In_opt_ POBJECT_TYPE ObjectType
,
6487 _In_ KPROCESSOR_MODE AccessMode
,
6489 _Out_ PHANDLE Handle
);
6494 ObGetObjectPointerCount(
6498 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6508 #define FSRTL_COMMON_FCB_HEADER_LAYOUT \
6509 CSHORT NodeTypeCode; \
6510 CSHORT NodeByteSize; \
6512 UCHAR IsFastIoPossible; \
6516 PERESOURCE Resource; \
6517 PERESOURCE PagingIoResource; \
6518 LARGE_INTEGER AllocationSize; \
6519 LARGE_INTEGER FileSize; \
6520 LARGE_INTEGER ValidDataLength;
6522 typedef struct _FSRTL_COMMON_FCB_HEADER
{
6523 FSRTL_COMMON_FCB_HEADER_LAYOUT
6524 } FSRTL_COMMON_FCB_HEADER
, *PFSRTL_COMMON_FCB_HEADER
;
6527 typedef struct _FSRTL_ADVANCED_FCB_HEADER
:FSRTL_COMMON_FCB_HEADER
{
6528 #else /* __cplusplus */
6529 typedef struct _FSRTL_ADVANCED_FCB_HEADER
{
6530 FSRTL_COMMON_FCB_HEADER_LAYOUT
6531 #endif /* __cplusplus */
6532 PFAST_MUTEX FastMutex
;
6533 LIST_ENTRY FilterContexts
;
6534 #if (NTDDI_VERSION >= NTDDI_VISTA)
6535 EX_PUSH_LOCK PushLock
;
6536 PVOID
*FileContextSupportPointer
;
6538 } FSRTL_ADVANCED_FCB_HEADER
, *PFSRTL_ADVANCED_FCB_HEADER
;
6540 #define FSRTL_FCB_HEADER_V0 (0x00)
6541 #define FSRTL_FCB_HEADER_V1 (0x01)
6543 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
6544 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
6545 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
6546 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
6547 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
6548 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
6549 #define FSRTL_FLAG_ADVANCED_HEADER (0x40)
6550 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
6552 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
6553 #define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
6554 #define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
6555 #define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
6557 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
6558 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
6559 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
6560 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
6561 #define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
6562 #define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
6563 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
6565 typedef struct _FSRTL_AUXILIARY_BUFFER
{
6570 } FSRTL_AUXILIARY_BUFFER
, *PFSRTL_AUXILIARY_BUFFER
;
6572 #define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
6574 typedef enum _FSRTL_COMPARISON_RESULT
{
6578 } FSRTL_COMPARISON_RESULT
;
6580 #define FSRTL_FAT_LEGAL 0x01
6581 #define FSRTL_HPFS_LEGAL 0x02
6582 #define FSRTL_NTFS_LEGAL 0x04
6583 #define FSRTL_WILD_CHARACTER 0x08
6584 #define FSRTL_OLE_LEGAL 0x10
6585 #define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
6587 #define FSRTL_VOLUME_DISMOUNT 1
6588 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
6589 #define FSRTL_VOLUME_LOCK 3
6590 #define FSRTL_VOLUME_LOCK_FAILED 4
6591 #define FSRTL_VOLUME_UNLOCK 5
6592 #define FSRTL_VOLUME_MOUNT 6
6593 #define FSRTL_VOLUME_NEEDS_CHKDSK 7
6594 #define FSRTL_VOLUME_WORM_NEAR_FULL 8
6595 #define FSRTL_VOLUME_WEARING_OUT 9
6596 #define FSRTL_VOLUME_FORCED_CLOSED 10
6597 #define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
6598 #define FSRTL_VOLUME_PREPARING_EJECT 12
6599 #define FSRTL_VOLUME_CHANGE_SIZE 13
6600 #define FSRTL_VOLUME_BACKGROUND_FORMAT 14
6603 (NTAPI
*PFSRTL_STACK_OVERFLOW_ROUTINE
)(
6605 _In_ PKEVENT Event
);
6607 #if (NTDDI_VERSION >= NTDDI_VISTA)
6609 #define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
6610 #define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
6611 #define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
6613 #define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
6615 #define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
6616 #define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
6618 #define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
6620 #define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
6621 #define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
6623 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1
{
6625 } FSRTL_MUP_PROVIDER_INFO_LEVEL_1
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1
;
6627 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2
{
6629 UNICODE_STRING ProviderName
;
6630 } FSRTL_MUP_PROVIDER_INFO_LEVEL_2
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2
;
6633 (*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK
) (
6634 _Inout_ PVOID EcpContext
,
6635 _In_ LPCGUID EcpType
);
6637 typedef struct _ECP_LIST ECP_LIST
, *PECP_LIST
;
6639 typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS
;
6640 typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS
;
6641 typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS
;
6643 typedef enum _FSRTL_CHANGE_BACKING_TYPE
{
6644 ChangeDataControlArea
,
6645 ChangeImageControlArea
,
6646 ChangeSharedCacheMap
6647 } FSRTL_CHANGE_BACKING_TYPE
, *PFSRTL_CHANGE_BACKING_TYPE
;
6649 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6651 typedef struct _FSRTL_PER_FILE_CONTEXT
{
6655 PFREE_FUNCTION FreeCallback
;
6656 } FSRTL_PER_FILE_CONTEXT
, *PFSRTL_PER_FILE_CONTEXT
;
6658 typedef struct _FSRTL_PER_STREAM_CONTEXT
{
6662 PFREE_FUNCTION FreeCallback
;
6663 } FSRTL_PER_STREAM_CONTEXT
, *PFSRTL_PER_STREAM_CONTEXT
;
6665 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6667 (*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS
) (
6668 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
6671 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT
{
6675 } FSRTL_PER_FILEOBJECT_CONTEXT
, *PFSRTL_PER_FILEOBJECT_CONTEXT
;
6677 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
6678 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
6681 (NTAPI
*PCOMPLETE_LOCK_IRP_ROUTINE
) (
6685 typedef struct _FILE_LOCK_INFO
{
6686 LARGE_INTEGER StartingByte
;
6687 LARGE_INTEGER Length
;
6688 BOOLEAN ExclusiveLock
;
6690 PFILE_OBJECT FileObject
;
6692 LARGE_INTEGER EndingByte
;
6693 } FILE_LOCK_INFO
, *PFILE_LOCK_INFO
;
6696 (NTAPI
*PUNLOCK_ROUTINE
) (
6698 _In_ PFILE_LOCK_INFO FileLockInfo
);
6700 typedef struct _FILE_LOCK
{
6701 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
;
6702 PUNLOCK_ROUTINE UnlockRoutine
;
6703 BOOLEAN FastIoIsQuestionable
;
6705 PVOID LockInformation
;
6706 FILE_LOCK_INFO LastReturnedLockInfo
;
6707 PVOID LastReturnedLock
;
6708 LONG
volatile LockRequestsInProgress
;
6709 } FILE_LOCK
, *PFILE_LOCK
;
6711 typedef struct _TUNNEL
{
6713 PRTL_SPLAY_LINKS Cache
;
6714 LIST_ENTRY TimerQueue
;
6718 typedef struct _BASE_MCB
{
6719 ULONG MaximumPairCount
;
6724 } BASE_MCB
, *PBASE_MCB
;
6726 typedef struct _LARGE_MCB
{
6727 PKGUARDED_MUTEX GuardedMutex
;
6729 } LARGE_MCB
, *PLARGE_MCB
;
6731 #define MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE 1
6733 typedef struct _MCB
{
6734 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly
;
6737 typedef enum _FAST_IO_POSSIBLE
{
6738 FastIoIsNotPossible
= 0,
6740 FastIoIsQuestionable
6743 typedef struct _EOF_WAIT_BLOCK
{
6744 LIST_ENTRY EofWaitLinks
;
6746 } EOF_WAIT_BLOCK
, *PEOF_WAIT_BLOCK
;
6748 typedef PVOID OPLOCK
, *POPLOCK
;
6751 (NTAPI
*POPLOCK_WAIT_COMPLETE_ROUTINE
) (
6756 (NTAPI
*POPLOCK_FS_PREPOST_IRP
) (
6760 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
6761 #define OPLOCK_FLAG_COMPLETE_IF_OPLOCKED 0x00000001
6764 #if (NTDDI_VERSION >= NTDDI_WIN7)
6765 #define OPLOCK_FLAG_OPLOCK_KEY_CHECK_ONLY 0x00000002
6766 #define OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK 0x00000004
6767 #define OPLOCK_FLAG_IGNORE_OPLOCK_KEYS 0x00000008
6768 #define OPLOCK_FSCTRL_FLAG_ALL_KEYS_MATCH 0x00000001
6771 #if (NTDDI_VERSION >= NTDDI_WIN7)
6773 typedef struct _OPLOCK_KEY_ECP_CONTEXT
{
6776 } OPLOCK_KEY_ECP_CONTEXT
, *POPLOCK_KEY_ECP_CONTEXT
;
6778 DEFINE_GUID(GUID_ECP_OPLOCK_KEY
, 0x48850596, 0x3050, 0x4be7, 0x98, 0x63, 0xfe, 0xc3, 0x50, 0xce, 0x8d, 0x7f);
6782 typedef PVOID PNOTIFY_SYNC
;
6784 #if (NTDDI_VERSION >= NTDDI_WIN7)
6785 typedef struct _ECP_HEADER ECP_HEADER
, *PECP_HEADER
;
6789 (NTAPI
*PCHECK_FOR_TRAVERSE_ACCESS
) (
6790 _In_ PVOID NotifyContext
,
6791 _In_opt_ PVOID TargetContext
,
6792 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
6795 (NTAPI
*PFILTER_REPORT_CHANGE
) (
6796 _In_ PVOID NotifyContext
,
6797 _In_ PVOID FilterContext
);
6798 /* FSRTL Functions */
6800 #define FsRtlEnterFileSystem KeEnterCriticalRegion
6801 #define FsRtlExitFileSystem KeLeaveCriticalRegion
6803 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6805 _Must_inspect_result_
6806 _IRQL_requires_max_(PASSIVE_LEVEL
)
6811 _In_ PFILE_OBJECT FileObject
,
6812 _In_ PLARGE_INTEGER FileOffset
,
6816 _Out_writes_bytes_(Length
) PVOID Buffer
,
6817 _Out_ PIO_STATUS_BLOCK IoStatus
,
6818 _In_ PDEVICE_OBJECT DeviceObject
);
6820 _Must_inspect_result_
6821 _IRQL_requires_max_(PASSIVE_LEVEL
)
6826 _In_ PFILE_OBJECT FileObject
,
6827 _In_ PLARGE_INTEGER FileOffset
,
6831 _In_reads_bytes_(Length
) PVOID Buffer
,
6832 _Out_ PIO_STATUS_BLOCK IoStatus
,
6833 _In_ PDEVICE_OBJECT DeviceObject
);
6835 _Must_inspect_result_
6836 _IRQL_requires_max_(APC_LEVEL
)
6841 _In_ PFILE_OBJECT FileObject
,
6842 _In_ PLARGE_INTEGER FileOffset
,
6845 _Outptr_ PMDL
*MdlChain
,
6846 _Out_ PIO_STATUS_BLOCK IoStatus
,
6847 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6849 _IRQL_requires_max_(PASSIVE_LEVEL
)
6853 FsRtlMdlReadCompleteDev(
6854 _In_ PFILE_OBJECT FileObject
,
6856 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6858 _Must_inspect_result_
6859 _IRQL_requires_max_(APC_LEVEL
)
6863 FsRtlPrepareMdlWriteDev(
6864 _In_ PFILE_OBJECT FileObject
,
6865 _In_ PLARGE_INTEGER FileOffset
,
6868 _Outptr_ PMDL
*MdlChain
,
6869 _Out_ PIO_STATUS_BLOCK IoStatus
,
6870 _In_ PDEVICE_OBJECT DeviceObject
);
6872 _Must_inspect_result_
6873 _IRQL_requires_max_(PASSIVE_LEVEL
)
6877 FsRtlMdlWriteCompleteDev(
6878 _In_ PFILE_OBJECT FileObject
,
6879 _In_ PLARGE_INTEGER FileOffset
,
6881 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6883 _IRQL_requires_max_(PASSIVE_LEVEL
)
6887 FsRtlAcquireFileExclusive(
6888 _In_ PFILE_OBJECT FileObject
);
6890 _IRQL_requires_max_(APC_LEVEL
)
6895 _In_ PFILE_OBJECT FileObject
);
6897 _Must_inspect_result_
6898 _IRQL_requires_max_(PASSIVE_LEVEL
)
6903 _In_ PFILE_OBJECT FileObject
,
6904 _Out_ PLARGE_INTEGER FileSize
);
6906 _Must_inspect_result_
6910 FsRtlIsTotalDeviceFailure(
6911 _In_ NTSTATUS Status
);
6913 _Must_inspect_result_
6914 _IRQL_requires_max_(APC_LEVEL
)
6918 FsRtlAllocateFileLock(
6919 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
,
6920 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine
);
6922 _IRQL_requires_max_(APC_LEVEL
)
6927 _In_ PFILE_LOCK FileLock
);
6929 _IRQL_requires_max_(APC_LEVEL
)
6933 FsRtlInitializeFileLock(
6934 _Out_ PFILE_LOCK FileLock
,
6935 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
,
6936 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine
);
6938 _IRQL_requires_max_(APC_LEVEL
)
6942 FsRtlUninitializeFileLock(
6943 _Inout_ PFILE_LOCK FileLock
);
6946 FsRtlProcessFileLock:
6949 -STATUS_INVALID_DEVICE_REQUEST
6950 -STATUS_RANGE_NOT_LOCKED from unlock routines.
6951 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
6952 (redirected IoStatus->Status).
6955 -switch ( Irp->CurrentStackLocation->MinorFunction )
6956 lock: return FsRtlPrivateLock;
6957 unlocksingle: return FsRtlFastUnlockSingle;
6958 unlockall: return FsRtlFastUnlockAll;
6959 unlockallbykey: return FsRtlFastUnlockAllByKey;
6960 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
6961 return STATUS_INVALID_DEVICE_REQUEST;
6963 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
6964 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
6966 _Must_inspect_result_
6967 _IRQL_requires_max_(APC_LEVEL
)
6971 FsRtlProcessFileLock(
6972 _In_ PFILE_LOCK FileLock
,
6974 _In_opt_ PVOID Context
);
6977 FsRtlCheckLockForReadAccess:
6979 All this really does is pick out the lock parameters from the irp (io stack
6980 location?), get IoGetRequestorProcess, and pass values on to
6981 FsRtlFastCheckLockForRead.
6983 _Must_inspect_result_
6984 _IRQL_requires_max_(APC_LEVEL
)
6988 FsRtlCheckLockForReadAccess(
6989 _In_ PFILE_LOCK FileLock
,
6993 FsRtlCheckLockForWriteAccess:
6995 All this really does is pick out the lock parameters from the irp (io stack
6996 location?), get IoGetRequestorProcess, and pass values on to
6997 FsRtlFastCheckLockForWrite.
6999 _Must_inspect_result_
7000 _IRQL_requires_max_(APC_LEVEL
)
7004 FsRtlCheckLockForWriteAccess(
7005 _In_ PFILE_LOCK FileLock
,
7008 _Must_inspect_result_
7009 _IRQL_requires_max_(APC_LEVEL
)
7013 FsRtlFastCheckLockForRead(
7014 _In_ PFILE_LOCK FileLock
,
7015 _In_ PLARGE_INTEGER FileOffset
,
7016 _In_ PLARGE_INTEGER Length
,
7018 _In_ PFILE_OBJECT FileObject
,
7019 _In_ PVOID Process
);
7021 _Must_inspect_result_
7022 _IRQL_requires_max_(APC_LEVEL
)
7026 FsRtlFastCheckLockForWrite(
7027 _In_ PFILE_LOCK FileLock
,
7028 _In_ PLARGE_INTEGER FileOffset
,
7029 _In_ PLARGE_INTEGER Length
,
7031 _In_ PFILE_OBJECT FileObject
,
7032 _In_ PVOID Process
);
7035 FsRtlGetNextFileLock:
7037 ret: NULL if no more locks
7040 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
7041 FileLock->LastReturnedLock as storage.
7042 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
7043 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
7044 calls with Restart = FALSE.
7046 _Must_inspect_result_
7047 _IRQL_requires_max_(APC_LEVEL
)
7051 FsRtlGetNextFileLock(
7052 _In_ PFILE_LOCK FileLock
,
7053 _In_ BOOLEAN Restart
);
7055 _IRQL_requires_max_(APC_LEVEL
)
7059 FsRtlFastUnlockSingle(
7060 _In_ PFILE_LOCK FileLock
,
7061 _In_ PFILE_OBJECT FileObject
,
7062 _In_ PLARGE_INTEGER FileOffset
,
7063 _In_ PLARGE_INTEGER Length
,
7064 _In_ PEPROCESS Process
,
7066 _In_opt_ PVOID Context
,
7067 _In_ BOOLEAN AlreadySynchronized
);
7069 _IRQL_requires_max_(APC_LEVEL
)
7074 _In_ PFILE_LOCK FileLock
,
7075 _In_ PFILE_OBJECT FileObject
,
7076 _In_ PEPROCESS Process
,
7077 _In_opt_ PVOID Context
);
7079 _IRQL_requires_max_(APC_LEVEL
)
7083 FsRtlFastUnlockAllByKey(
7084 _In_ PFILE_LOCK FileLock
,
7085 _In_ PFILE_OBJECT FileObject
,
7086 _In_ PEPROCESS Process
,
7088 _In_opt_ PVOID Context
);
7093 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
7096 -Calls IoCompleteRequest if Irp
7097 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
7099 _Must_inspect_result_
7100 _IRQL_requires_max_(APC_LEVEL
)
7101 __drv_preferredFunction(FsRtlFastLock
, "Obsolete")
7106 _In_ PFILE_LOCK FileLock
,
7107 _In_ PFILE_OBJECT FileObject
,
7108 _In_ PLARGE_INTEGER FileOffset
,
7109 _In_ PLARGE_INTEGER Length
,
7110 _In_ PEPROCESS Process
,
7112 _In_ BOOLEAN FailImmediately
,
7113 _In_ BOOLEAN ExclusiveLock
,
7114 _Out_ PIO_STATUS_BLOCK IoStatus
,
7116 _In_opt_ __drv_aliasesMem PVOID Context
,
7117 _In_ BOOLEAN AlreadySynchronized
);
7119 _IRQL_requires_max_(APC_LEVEL
)
7123 FsRtlInitializeTunnelCache(
7124 _In_ PTUNNEL Cache
);
7126 _IRQL_requires_max_(APC_LEVEL
)
7130 FsRtlAddToTunnelCache(
7132 _In_ ULONGLONG DirectoryKey
,
7133 _In_ PUNICODE_STRING ShortName
,
7134 _In_ PUNICODE_STRING LongName
,
7135 _In_ BOOLEAN KeyByShortName
,
7136 _In_ ULONG DataLength
,
7137 _In_reads_bytes_(DataLength
) PVOID Data
);
7139 _Must_inspect_result_
7140 _IRQL_requires_max_(APC_LEVEL
)
7144 FsRtlFindInTunnelCache(
7146 _In_ ULONGLONG DirectoryKey
,
7147 _In_ PUNICODE_STRING Name
,
7148 _Out_ PUNICODE_STRING ShortName
,
7149 _Out_ PUNICODE_STRING LongName
,
7150 _Inout_ PULONG DataLength
,
7151 _Out_writes_bytes_to_(*DataLength
, *DataLength
) PVOID Data
);
7153 _IRQL_requires_max_(APC_LEVEL
)
7157 FsRtlDeleteKeyFromTunnelCache(
7159 _In_ ULONGLONG DirectoryKey
);
7161 _IRQL_requires_max_(APC_LEVEL
)
7165 FsRtlDeleteTunnelCache(
7166 _In_ PTUNNEL Cache
);
7168 _IRQL_requires_max_(APC_LEVEL
)
7173 _In_ ANSI_STRING Name
,
7174 _Out_ PANSI_STRING FirstPart
,
7175 _Out_ PANSI_STRING RemainingPart
);
7177 _Must_inspect_result_
7178 _IRQL_requires_max_(APC_LEVEL
)
7182 FsRtlDoesDbcsContainWildCards(
7183 _In_ PANSI_STRING Name
);
7185 _Must_inspect_result_
7186 _IRQL_requires_max_(APC_LEVEL
)
7190 FsRtlIsDbcsInExpression(
7191 _In_ PANSI_STRING Expression
,
7192 _In_ PANSI_STRING Name
);
7194 _Must_inspect_result_
7195 _IRQL_requires_max_(APC_LEVEL
)
7199 FsRtlIsFatDbcsLegal(
7200 _In_ ANSI_STRING DbcsName
,
7201 _In_ BOOLEAN WildCardsPermissible
,
7202 _In_ BOOLEAN PathNamePermissible
,
7203 _In_ BOOLEAN LeadingBackslashPermissible
);
7205 _Must_inspect_result_
7206 _IRQL_requires_max_(APC_LEVEL
)
7210 FsRtlIsHpfsDbcsLegal(
7211 _In_ ANSI_STRING DbcsName
,
7212 _In_ BOOLEAN WildCardsPermissible
,
7213 _In_ BOOLEAN PathNamePermissible
,
7214 _In_ BOOLEAN LeadingBackslashPermissible
);
7219 FsRtlNormalizeNtstatus(
7220 _In_ NTSTATUS Exception
,
7221 _In_ NTSTATUS GenericException
);
7223 _Must_inspect_result_
7227 FsRtlIsNtstatusExpected(
7228 _In_ NTSTATUS Ntstatus
);
7230 _IRQL_requires_max_(APC_LEVEL
)
7231 __drv_preferredFunction(ExAllocateFromNPagedLookasideList
, "The FsRtlAllocateResource routine is obsolete, but is exported to support existing driver binaries. Use ExAllocateFromNPagedLookasideList and ExInitializeResourceLite instead.")
7235 FsRtlAllocateResource(VOID
);
7237 _IRQL_requires_max_(APC_LEVEL
)
7241 FsRtlInitializeLargeMcb(
7242 _Out_ PLARGE_MCB Mcb
,
7243 _In_ POOL_TYPE PoolType
);
7245 _IRQL_requires_max_(APC_LEVEL
)
7249 FsRtlUninitializeLargeMcb(
7250 _Inout_ PLARGE_MCB Mcb
);
7252 _IRQL_requires_max_(APC_LEVEL
)
7257 _Inout_ PLARGE_MCB Mcb
,
7258 _In_ BOOLEAN SelfSynchronized
);
7260 _IRQL_requires_max_(APC_LEVEL
)
7264 FsRtlTruncateLargeMcb(
7265 _Inout_ PLARGE_MCB Mcb
,
7268 _Must_inspect_result_
7269 _IRQL_requires_max_(APC_LEVEL
)
7273 FsRtlAddLargeMcbEntry(
7274 _Inout_ PLARGE_MCB Mcb
,
7277 _In_ LONGLONG SectorCount
);
7279 _IRQL_requires_max_(APC_LEVEL
)
7283 FsRtlRemoveLargeMcbEntry(
7284 _Inout_ PLARGE_MCB Mcb
,
7286 _In_ LONGLONG SectorCount
);
7288 _IRQL_requires_max_(APC_LEVEL
)
7292 FsRtlLookupLargeMcbEntry(
7293 _In_ PLARGE_MCB Mcb
,
7295 _Out_opt_ PLONGLONG Lbn
,
7296 _Out_opt_ PLONGLONG SectorCountFromLbn
,
7297 _Out_opt_ PLONGLONG StartingLbn
,
7298 _Out_opt_ PLONGLONG SectorCountFromStartingLbn
,
7299 _Out_opt_ PULONG Index
);
7301 _IRQL_requires_max_(APC_LEVEL
)
7305 FsRtlLookupLastLargeMcbEntry(
7306 _In_ PLARGE_MCB Mcb
,
7307 _Out_ PLONGLONG Vbn
,
7308 _Out_ PLONGLONG Lbn
);
7310 _IRQL_requires_max_(APC_LEVEL
)
7314 FsRtlLookupLastLargeMcbEntryAndIndex(
7315 _In_ PLARGE_MCB OpaqueMcb
,
7316 _Out_ PLONGLONG LargeVbn
,
7317 _Out_ PLONGLONG LargeLbn
,
7318 _Out_ PULONG Index
);
7320 _IRQL_requires_max_(APC_LEVEL
)
7324 FsRtlNumberOfRunsInLargeMcb(
7325 _In_ PLARGE_MCB Mcb
);
7327 _Must_inspect_result_
7328 _IRQL_requires_max_(APC_LEVEL
)
7332 FsRtlGetNextLargeMcbEntry(
7333 _In_ PLARGE_MCB Mcb
,
7334 _In_ ULONG RunIndex
,
7335 _Out_ PLONGLONG Vbn
,
7336 _Out_ PLONGLONG Lbn
,
7337 _Out_ PLONGLONG SectorCount
);
7339 _Must_inspect_result_
7340 _IRQL_requires_max_(APC_LEVEL
)
7345 _Inout_ PLARGE_MCB Mcb
,
7347 _In_ LONGLONG Amount
);
7349 _IRQL_requires_max_(APC_LEVEL
)
7350 __drv_preferredFunction(FsRtlInitializeLargeMcb
, "Obsolete")
7356 _In_ POOL_TYPE PoolType
);
7358 _IRQL_requires_max_(APC_LEVEL
)
7362 FsRtlUninitializeMcb(
7365 _IRQL_requires_max_(APC_LEVEL
)
7373 _IRQL_requires_max_(APC_LEVEL
)
7381 _In_ ULONG SectorCount
);
7383 _IRQL_requires_max_(APC_LEVEL
)
7387 FsRtlRemoveMcbEntry(
7390 _In_ ULONG SectorCount
);
7392 _IRQL_requires_max_(APC_LEVEL
)
7396 FsRtlLookupMcbEntry(
7400 _Out_opt_ PULONG SectorCount
,
7401 _Out_ PULONG Index
);
7403 _IRQL_requires_max_(APC_LEVEL
)
7407 FsRtlLookupLastMcbEntry(
7412 _IRQL_requires_max_(APC_LEVEL
)
7416 FsRtlNumberOfRunsInMcb(
7419 _Must_inspect_result_
7420 _IRQL_requires_max_(APC_LEVEL
)
7424 FsRtlGetNextMcbEntry(
7426 _In_ ULONG RunIndex
,
7429 _Out_ PULONG SectorCount
);
7431 _IRQL_requires_max_(PASSIVE_LEVEL
)
7436 _In_ PDEVICE_OBJECT TargetDevice
);
7438 _IRQL_requires_max_(APC_LEVEL
)
7442 FsRtlInitializeOplock(
7443 _Inout_ POPLOCK Oplock
);
7445 _IRQL_requires_max_(APC_LEVEL
)
7449 FsRtlUninitializeOplock(
7450 _Inout_ POPLOCK Oplock
);
7452 _Must_inspect_result_
7453 _IRQL_requires_max_(APC_LEVEL
)
7458 _In_ POPLOCK Oplock
,
7460 _In_ ULONG OpenCount
);
7462 _When_(CompletionRoutine
!= NULL
, _Must_inspect_result_
)
7463 _IRQL_requires_max_(APC_LEVEL
)
7468 _In_ POPLOCK Oplock
,
7470 _In_opt_ PVOID Context
,
7471 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
7472 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
7474 _Must_inspect_result_
7475 _IRQL_requires_max_(APC_LEVEL
)
7479 FsRtlOplockIsFastIoPossible(
7480 _In_ POPLOCK Oplock
);
7482 _Must_inspect_result_
7483 _IRQL_requires_max_(APC_LEVEL
)
7487 FsRtlCurrentBatchOplock(
7488 _In_ POPLOCK Oplock
);
7490 _IRQL_requires_max_(APC_LEVEL
)
7494 FsRtlNotifyVolumeEvent(
7495 _In_ PFILE_OBJECT FileObject
,
7496 _In_ ULONG EventCode
);
7498 _IRQL_requires_max_(APC_LEVEL
)
7502 FsRtlNotifyInitializeSync(
7503 _In_ PNOTIFY_SYNC
*NotifySync
);
7505 _IRQL_requires_max_(APC_LEVEL
)
7509 FsRtlNotifyUninitializeSync(
7510 _In_ PNOTIFY_SYNC
*NotifySync
);
7512 _IRQL_requires_max_(PASSIVE_LEVEL
)
7516 FsRtlNotifyFullChangeDirectory(
7517 _In_ PNOTIFY_SYNC NotifySync
,
7518 _In_ PLIST_ENTRY NotifyList
,
7519 _In_ PVOID FsContext
,
7520 _In_ PSTRING FullDirectoryName
,
7521 _In_ BOOLEAN WatchTree
,
7522 _In_ BOOLEAN IgnoreBuffer
,
7523 _In_ ULONG CompletionFilter
,
7524 _In_opt_ PIRP NotifyIrp
,
7525 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback
,
7526 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
7528 _IRQL_requires_max_(PASSIVE_LEVEL
)
7532 FsRtlNotifyFilterReportChange(
7533 _In_ PNOTIFY_SYNC NotifySync
,
7534 _In_ PLIST_ENTRY NotifyList
,
7535 _In_ PSTRING FullTargetName
,
7536 _In_ USHORT TargetNameOffset
,
7537 _In_opt_ PSTRING StreamName
,
7538 _In_opt_ PSTRING NormalizedParentName
,
7539 _In_ ULONG FilterMatch
,
7541 _In_opt_ PVOID TargetContext
,
7542 _In_opt_ PVOID FilterContext
);
7544 _IRQL_requires_max_(PASSIVE_LEVEL
)
7548 FsRtlNotifyFullReportChange(
7549 _In_ PNOTIFY_SYNC NotifySync
,
7550 _In_ PLIST_ENTRY NotifyList
,
7551 _In_ PSTRING FullTargetName
,
7552 _In_ USHORT TargetNameOffset
,
7553 _In_opt_ PSTRING StreamName
,
7554 _In_opt_ PSTRING NormalizedParentName
,
7555 _In_ ULONG FilterMatch
,
7557 _In_opt_ PVOID TargetContext
);
7559 _IRQL_requires_max_(APC_LEVEL
)
7564 _In_ PNOTIFY_SYNC NotifySync
,
7565 _In_ PLIST_ENTRY NotifyList
,
7566 _In_ PVOID FsContext
);
7568 _IRQL_requires_max_(PASSIVE_LEVEL
)
7573 _In_ UNICODE_STRING Name
,
7574 _Out_ PUNICODE_STRING FirstPart
,
7575 _Out_ PUNICODE_STRING RemainingPart
);
7577 _Must_inspect_result_
7578 _IRQL_requires_max_(PASSIVE_LEVEL
)
7582 FsRtlDoesNameContainWildCards(
7583 _In_ PUNICODE_STRING Name
);
7585 _Must_inspect_result_
7586 _IRQL_requires_max_(PASSIVE_LEVEL
)
7591 _In_ PCUNICODE_STRING Name1
,
7592 _In_ PCUNICODE_STRING Name2
,
7593 _In_ BOOLEAN IgnoreCase
,
7594 _In_reads_opt_(0x10000) PCWCH UpcaseTable
);
7596 _Must_inspect_result_
7597 _IRQL_requires_max_(PASSIVE_LEVEL
)
7601 FsRtlIsNameInExpression(
7602 _In_ PUNICODE_STRING Expression
,
7603 _In_ PUNICODE_STRING Name
,
7604 _In_ BOOLEAN IgnoreCase
,
7605 _In_opt_ PWCHAR UpcaseTable
);
7607 _IRQL_requires_max_(DISPATCH_LEVEL
)
7611 FsRtlPostPagingFileStackOverflow(
7614 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7616 _IRQL_requires_max_(DISPATCH_LEVEL
)
7620 FsRtlPostStackOverflow (
7623 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7625 _Must_inspect_result_
7626 _IRQL_requires_max_(PASSIVE_LEVEL
)
7630 FsRtlRegisterUncProvider(
7631 _Out_ PHANDLE MupHandle
,
7632 _In_ PUNICODE_STRING RedirectorDeviceName
,
7633 _In_ BOOLEAN MailslotsSupported
);
7635 _IRQL_requires_max_(PASSIVE_LEVEL
)
7639 FsRtlDeregisterUncProvider(
7640 _In_ HANDLE Handle
);
7642 _IRQL_requires_max_(APC_LEVEL
)
7646 FsRtlTeardownPerStreamContexts(
7647 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
7649 _Must_inspect_result_
7650 _IRQL_requires_max_(APC_LEVEL
)
7654 FsRtlCreateSectionForDataScan(
7655 _Out_ PHANDLE SectionHandle
,
7656 _Outptr_ PVOID
*SectionObject
,
7657 _Out_opt_ PLARGE_INTEGER SectionFileSize
,
7658 _In_ PFILE_OBJECT FileObject
,
7659 _In_ ACCESS_MASK DesiredAccess
,
7660 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
7661 _In_opt_ PLARGE_INTEGER MaximumSize
,
7662 _In_ ULONG SectionPageProtection
,
7663 _In_ ULONG AllocationAttributes
,
7666 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
7668 #if (NTDDI_VERSION >= NTDDI_WINXP)
7670 _IRQL_requires_max_(PASSIVE_LEVEL
)
7674 FsRtlNotifyFilterChangeDirectory(
7675 _In_ PNOTIFY_SYNC NotifySync
,
7676 _In_ PLIST_ENTRY NotifyList
,
7677 _In_ PVOID FsContext
,
7678 _In_ PSTRING FullDirectoryName
,
7679 _In_ BOOLEAN WatchTree
,
7680 _In_ BOOLEAN IgnoreBuffer
,
7681 _In_ ULONG CompletionFilter
,
7682 _In_opt_ PIRP NotifyIrp
,
7683 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback
,
7684 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
7685 _In_opt_ PFILTER_REPORT_CHANGE FilterCallback
);
7687 _Must_inspect_result_
7688 _IRQL_requires_max_(APC_LEVEL
)
7692 FsRtlInsertPerStreamContext(
7693 _In_ PFSRTL_ADVANCED_FCB_HEADER PerStreamContext
,
7694 _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
);
7696 _Must_inspect_result_
7697 _IRQL_requires_max_(APC_LEVEL
)
7699 PFSRTL_PER_STREAM_CONTEXT
7701 FsRtlLookupPerStreamContextInternal(
7702 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7703 _In_opt_ PVOID OwnerId
,
7704 _In_opt_ PVOID InstanceId
);
7706 _Must_inspect_result_
7707 _IRQL_requires_max_(APC_LEVEL
)
7709 PFSRTL_PER_STREAM_CONTEXT
7711 FsRtlRemovePerStreamContext(
7712 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7713 _In_opt_ PVOID OwnerId
,
7714 _In_opt_ PVOID InstanceId
);
7719 FsRtlIncrementCcFastReadNotPossible(
7725 FsRtlIncrementCcFastReadWait(VOID
);
7730 FsRtlIncrementCcFastReadNoWait(VOID
);
7735 FsRtlIncrementCcFastReadResourceMiss(VOID
);
7737 _IRQL_requires_max_(APC_LEVEL
)
7742 _In_ PFILE_OBJECT FileObject
);
7744 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
7746 #if (NTDDI_VERSION >= NTDDI_WS03)
7748 _IRQL_requires_max_(APC_LEVEL
)
7752 FsRtlInitializeBaseMcb(
7753 _Out_ PBASE_MCB Mcb
,
7754 _In_ POOL_TYPE PoolType
);
7756 _IRQL_requires_max_(APC_LEVEL
)
7760 FsRtlUninitializeBaseMcb(
7761 _In_ PBASE_MCB Mcb
);
7763 _IRQL_requires_max_(APC_LEVEL
)
7768 _Out_ PBASE_MCB Mcb
);
7770 _IRQL_requires_max_(APC_LEVEL
)
7774 FsRtlTruncateBaseMcb(
7775 _Inout_ PBASE_MCB Mcb
,
7778 _IRQL_requires_max_(APC_LEVEL
)
7782 FsRtlAddBaseMcbEntry(
7783 _Inout_ PBASE_MCB Mcb
,
7786 _In_ LONGLONG SectorCount
);
7788 _IRQL_requires_max_(APC_LEVEL
)
7792 FsRtlRemoveBaseMcbEntry(
7793 _Inout_ PBASE_MCB Mcb
,
7795 _In_ LONGLONG SectorCount
);
7797 _IRQL_requires_max_(APC_LEVEL
)
7801 FsRtlLookupBaseMcbEntry(
7804 _Out_opt_ PLONGLONG Lbn
,
7805 _Out_opt_ PLONGLONG SectorCountFromLbn
,
7806 _Out_opt_ PLONGLONG StartingLbn
,
7807 _Out_opt_ PLONGLONG SectorCountFromStartingLbn
,
7808 _Out_opt_ PULONG Index
);
7810 _IRQL_requires_max_(APC_LEVEL
)
7814 FsRtlLookupLastBaseMcbEntry(
7816 _Out_ PLONGLONG Vbn
,
7817 _Out_ PLONGLONG Lbn
);
7819 _IRQL_requires_max_(APC_LEVEL
)
7823 FsRtlLookupLastBaseMcbEntryAndIndex(
7824 _In_ PBASE_MCB OpaqueMcb
,
7825 _Inout_ PLONGLONG LargeVbn
,
7826 _Inout_ PLONGLONG LargeLbn
,
7827 _Inout_ PULONG Index
);
7829 _IRQL_requires_max_(APC_LEVEL
)
7833 FsRtlNumberOfRunsInBaseMcb(
7834 _In_ PBASE_MCB Mcb
);
7836 _IRQL_requires_max_(APC_LEVEL
)
7840 FsRtlGetNextBaseMcbEntry(
7842 _In_ ULONG RunIndex
,
7843 _Out_ PLONGLONG Vbn
,
7844 _Out_ PLONGLONG Lbn
,
7845 _Out_ PLONGLONG SectorCount
);
7847 _IRQL_requires_max_(APC_LEVEL
)
7852 _Inout_ PBASE_MCB Mcb
,
7854 _In_ LONGLONG Amount
);
7856 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
7858 #if (NTDDI_VERSION >= NTDDI_VISTA)
7860 _When_(!Flags
& MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE
, _Must_inspect_result_
)
7861 _IRQL_requires_max_(APC_LEVEL
)
7864 FsRtlInitializeBaseMcbEx(
7865 _Out_ PBASE_MCB Mcb
,
7866 _In_ POOL_TYPE PoolType
,
7869 _Must_inspect_result_
7870 _IRQL_requires_max_(APC_LEVEL
)
7873 FsRtlAddBaseMcbEntryEx(
7874 _Inout_ PBASE_MCB Mcb
,
7877 _In_ LONGLONG SectorCount
);
7879 _Must_inspect_result_
7880 _IRQL_requires_max_(APC_LEVEL
)
7885 _In_ POPLOCK Oplock
);
7887 _Must_inspect_result_
7888 _IRQL_requires_max_(APC_LEVEL
)
7892 FsRtlOplockBreakToNone(
7893 _Inout_ POPLOCK Oplock
,
7894 _In_opt_ PIO_STACK_LOCATION IrpSp
,
7896 _In_opt_ PVOID Context
,
7897 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
7898 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
7900 _IRQL_requires_max_(DISPATCH_LEVEL
)
7904 FsRtlNotifyVolumeEventEx(
7905 _In_ PFILE_OBJECT FileObject
,
7906 _In_ ULONG EventCode
,
7907 _In_ PTARGET_DEVICE_CUSTOM_NOTIFICATION Event
);
7909 _IRQL_requires_max_(APC_LEVEL
)
7913 FsRtlNotifyCleanupAll(
7914 _In_ PNOTIFY_SYNC NotifySync
,
7915 _In_ PLIST_ENTRY NotifyList
);
7917 _Must_inspect_result_
7918 _IRQL_requires_max_(PASSIVE_LEVEL
)
7921 FsRtlRegisterUncProviderEx(
7922 _Out_ PHANDLE MupHandle
,
7923 _In_ PUNICODE_STRING RedirDevName
,
7924 _In_ PDEVICE_OBJECT DeviceObject
,
7927 _Must_inspect_result_
7928 _When_(Irp
!=NULL
, _IRQL_requires_max_(PASSIVE_LEVEL
))
7929 _When_(Irp
==NULL
, _IRQL_requires_max_(APC_LEVEL
))
7933 FsRtlCancellableWaitForSingleObject(
7935 _In_opt_ PLARGE_INTEGER Timeout
,
7938 _Must_inspect_result_
7939 _When_(Irp
!= NULL
, _IRQL_requires_max_(PASSIVE_LEVEL
))
7940 _When_(Irp
== NULL
, _IRQL_requires_max_(APC_LEVEL
))
7944 FsRtlCancellableWaitForMultipleObjects(
7946 _In_reads_(Count
) PVOID ObjectArray
[],
7947 _In_ WAIT_TYPE WaitType
,
7948 _In_opt_ PLARGE_INTEGER Timeout
,
7949 _In_opt_ PKWAIT_BLOCK WaitBlockArray
,
7952 _Must_inspect_result_
7953 _IRQL_requires_max_(APC_LEVEL
)
7957 FsRtlMupGetProviderInfoFromFileObject(
7958 _In_ PFILE_OBJECT pFileObject
,
7960 _Out_writes_bytes_(*pBufferSize
) PVOID pBuffer
,
7961 _Inout_ PULONG pBufferSize
);
7963 _Must_inspect_result_
7964 _IRQL_requires_max_(APC_LEVEL
)
7968 FsRtlMupGetProviderIdFromName(
7969 _In_ PUNICODE_STRING pProviderName
,
7970 _Out_ PULONG32 pProviderId
);
7975 FsRtlIncrementCcFastMdlReadWait(VOID
);
7977 _Must_inspect_result_
7978 _IRQL_requires_max_(PASSIVE_LEVEL
)
7982 FsRtlValidateReparsePointBuffer(
7983 _In_ ULONG BufferLength
,
7984 _In_reads_bytes_(BufferLength
) PREPARSE_DATA_BUFFER ReparseBuffer
);
7986 _Must_inspect_result_
7987 _IRQL_requires_max_(PASSIVE_LEVEL
)
7991 FsRtlRemoveDotsFromPath(
7992 _Inout_updates_bytes_(PathLength
) PWSTR OriginalString
,
7993 _In_ USHORT PathLength
,
7994 _Out_ USHORT
*NewLength
);
7996 _Must_inspect_result_
7997 _IRQL_requires_max_(APC_LEVEL
)
8001 FsRtlAllocateExtraCreateParameterList(
8002 _In_ FSRTL_ALLOCATE_ECPLIST_FLAGS Flags
,
8003 _Outptr_ PECP_LIST
*EcpList
);
8005 _IRQL_requires_max_(APC_LEVEL
)
8009 FsRtlFreeExtraCreateParameterList(
8010 _In_ PECP_LIST EcpList
);
8012 _Must_inspect_result_
8013 _IRQL_requires_max_(APC_LEVEL
)
8017 FsRtlAllocateExtraCreateParameter(
8018 _In_ LPCGUID EcpType
,
8019 _In_ ULONG SizeOfContext
,
8020 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags
,
8021 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8023 _Outptr_result_bytebuffer_(SizeOfContext
) PVOID
*EcpContext
);
8025 _IRQL_requires_max_(APC_LEVEL
)
8029 FsRtlFreeExtraCreateParameter(
8030 _In_ PVOID EcpContext
);
8032 _When_(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
, _IRQL_requires_max_(DISPATCH_LEVEL
))
8033 _When_(!(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
), _IRQL_requires_max_(APC_LEVEL
))
8037 FsRtlInitExtraCreateParameterLookasideList(
8038 _Inout_ PVOID Lookaside
,
8039 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags
,
8043 _When_(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
, _IRQL_requires_max_(DISPATCH_LEVEL
))
8044 _When_(!(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
), _IRQL_requires_max_(APC_LEVEL
))
8047 FsRtlDeleteExtraCreateParameterLookasideList(
8048 _Inout_ PVOID Lookaside
,
8049 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags
);
8051 _Must_inspect_result_
8052 _IRQL_requires_max_(APC_LEVEL
)
8056 FsRtlAllocateExtraCreateParameterFromLookasideList(
8057 _In_ LPCGUID EcpType
,
8058 ULONG SizeOfContext
,
8059 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags
,
8060 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8061 _Inout_ PVOID LookasideList
,
8062 _Outptr_ PVOID
*EcpContext
);
8064 _Must_inspect_result_
8065 _IRQL_requires_max_(APC_LEVEL
)
8069 FsRtlInsertExtraCreateParameter(
8070 _Inout_ PECP_LIST EcpList
,
8071 _Inout_ PVOID EcpContext
);
8073 _Must_inspect_result_
8074 _IRQL_requires_max_(APC_LEVEL
)
8078 FsRtlFindExtraCreateParameter(
8079 _In_ PECP_LIST EcpList
,
8080 _In_ LPCGUID EcpType
,
8081 _Outptr_opt_ PVOID
*EcpContext
,
8082 _Out_opt_ ULONG
*EcpContextSize
);
8084 _Must_inspect_result_
8085 _IRQL_requires_max_(APC_LEVEL
)
8089 FsRtlRemoveExtraCreateParameter(
8090 _Inout_ PECP_LIST EcpList
,
8091 _In_ LPCGUID EcpType
,
8092 _Outptr_ PVOID
*EcpContext
,
8093 _Out_opt_ ULONG
*EcpContextSize
);
8095 _Must_inspect_result_
8096 _IRQL_requires_max_(APC_LEVEL
)
8100 FsRtlGetEcpListFromIrp(
8102 _Outptr_result_maybenull_ PECP_LIST
*EcpList
);
8104 _Must_inspect_result_
8105 _IRQL_requires_max_(APC_LEVEL
)
8109 FsRtlSetEcpListIntoIrp(
8111 _In_ PECP_LIST EcpList
);
8113 _Must_inspect_result_
8114 _IRQL_requires_max_(APC_LEVEL
)
8118 FsRtlGetNextExtraCreateParameter(
8119 _In_ PECP_LIST EcpList
,
8120 _In_opt_ PVOID CurrentEcpContext
,
8121 _Out_opt_ LPGUID NextEcpType
,
8122 _Outptr_opt_ PVOID
*NextEcpContext
,
8123 _Out_opt_ ULONG
*NextEcpContextSize
);
8125 _IRQL_requires_max_(APC_LEVEL
)
8129 FsRtlAcknowledgeEcp(
8130 _In_ PVOID EcpContext
);
8132 _IRQL_requires_max_(APC_LEVEL
)
8136 FsRtlIsEcpAcknowledged(
8137 _In_ PVOID EcpContext
);
8139 _IRQL_requires_max_(APC_LEVEL
)
8143 FsRtlIsEcpFromUserMode(
8144 _In_ PVOID EcpContext
);
8146 _Must_inspect_result_
8147 _IRQL_requires_max_(PASSIVE_LEVEL
)
8151 FsRtlChangeBackingFileObject(
8152 _In_opt_ PFILE_OBJECT CurrentFileObject
,
8153 _In_ PFILE_OBJECT NewFileObject
,
8154 _In_ FSRTL_CHANGE_BACKING_TYPE ChangeBackingType
,
8157 _Must_inspect_result_
8158 _IRQL_requires_max_(APC_LEVEL
)
8162 FsRtlLogCcFlushError(
8163 _In_ PUNICODE_STRING FileName
,
8164 _In_ PDEVICE_OBJECT DeviceObject
,
8165 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8166 _In_ NTSTATUS FlushError
,
8169 _IRQL_requires_max_(APC_LEVEL
)
8173 FsRtlAreVolumeStartupApplicationsComplete(VOID
);
8178 FsRtlQueryMaximumVirtualDiskNestingLevel(VOID
);
8183 FsRtlGetVirtualDiskNestingLevel(
8184 _In_ PDEVICE_OBJECT DeviceObject
,
8185 _Out_ PULONG NestingLevel
,
8186 _Out_opt_ PULONG NestingFlags
);
8188 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8190 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
8191 _When_(Flags
| OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK
, _Must_inspect_result_
)
8192 _IRQL_requires_max_(APC_LEVEL
)
8197 _In_ POPLOCK Oplock
,
8200 _In_opt_ PVOID Context
,
8201 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8202 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8206 #if (NTDDI_VERSION >= NTDDI_WIN7)
8208 _IRQL_requires_max_(APC_LEVEL
)
8212 FsRtlAreThereCurrentOrInProgressFileLocks(
8213 _In_ PFILE_LOCK FileLock
);
8215 _Must_inspect_result_
8216 _IRQL_requires_max_(APC_LEVEL
)
8220 FsRtlOplockIsSharedRequest(
8223 _Must_inspect_result_
8224 _IRQL_requires_max_(APC_LEVEL
)
8229 _In_ POPLOCK Oplock
,
8232 _In_opt_ PVOID Context
,
8233 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8234 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8236 _IRQL_requires_max_(APC_LEVEL
)
8240 FsRtlCurrentOplockH(
8241 _In_ POPLOCK Oplock
);
8243 _Must_inspect_result_
8244 _IRQL_requires_max_(APC_LEVEL
)
8248 FsRtlOplockBreakToNoneEx(
8249 _Inout_ POPLOCK Oplock
,
8252 _In_opt_ PVOID Context
,
8253 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8254 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8256 _Must_inspect_result_
8257 _IRQL_requires_max_(APC_LEVEL
)
8261 FsRtlOplockFsctrlEx(
8262 _In_ POPLOCK Oplock
,
8264 _In_ ULONG OpenCount
,
8267 _IRQL_requires_max_(APC_LEVEL
)
8271 FsRtlOplockKeysEqual(
8272 _In_opt_ PFILE_OBJECT Fo1
,
8273 _In_opt_ PFILE_OBJECT Fo2
);
8278 FsRtlInitializeExtraCreateParameterList(
8279 _Inout_ PECP_LIST EcpList
);
8284 FsRtlInitializeExtraCreateParameter(
8285 _Out_ PECP_HEADER Ecp
,
8286 _In_ ULONG EcpFlags
,
8287 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8288 _In_ ULONG TotalSize
,
8289 _In_ LPCGUID EcpType
,
8290 _In_opt_ PVOID ListAllocatedFrom
);
8292 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
8294 _Must_inspect_result_
8295 _IRQL_requires_max_(APC_LEVEL
)
8299 FsRtlInsertPerFileContext(
8300 _In_ PVOID
* PerFileContextPointer
,
8301 _In_ PFSRTL_PER_FILE_CONTEXT Ptr
);
8303 _Must_inspect_result_
8304 _IRQL_requires_max_(APC_LEVEL
)
8306 PFSRTL_PER_FILE_CONTEXT
8308 FsRtlLookupPerFileContext(
8309 _In_ PVOID
* PerFileContextPointer
,
8310 _In_opt_ PVOID OwnerId
,
8311 _In_opt_ PVOID InstanceId
);
8313 _Must_inspect_result_
8314 _IRQL_requires_max_(APC_LEVEL
)
8316 PFSRTL_PER_FILE_CONTEXT
8318 FsRtlRemovePerFileContext(
8319 _In_ PVOID
* PerFileContextPointer
,
8320 _In_opt_ PVOID OwnerId
,
8321 _In_opt_ PVOID InstanceId
);
8323 _IRQL_requires_max_(APC_LEVEL
)
8327 FsRtlTeardownPerFileContexts(
8328 _In_ PVOID
* PerFileContextPointer
);
8330 _Must_inspect_result_
8331 _IRQL_requires_max_(APC_LEVEL
)
8335 FsRtlInsertPerFileObjectContext(
8336 _In_ PFILE_OBJECT FileObject
,
8337 _In_ PFSRTL_PER_FILEOBJECT_CONTEXT Ptr
);
8339 _Must_inspect_result_
8340 _IRQL_requires_max_(APC_LEVEL
)
8342 PFSRTL_PER_FILEOBJECT_CONTEXT
8344 FsRtlLookupPerFileObjectContext(
8345 _In_ PFILE_OBJECT FileObject
,
8346 _In_opt_ PVOID OwnerId
,
8347 _In_opt_ PVOID InstanceId
);
8349 _Must_inspect_result_
8350 _IRQL_requires_max_(APC_LEVEL
)
8352 PFSRTL_PER_FILEOBJECT_CONTEXT
8354 FsRtlRemovePerFileObjectContext(
8355 _In_ PFILE_OBJECT FileObject
,
8356 _In_opt_ PVOID OwnerId
,
8357 _In_opt_ PVOID InstanceId
);
8362 FsRtlRegisterFileSystemFilterCallbacks(
8363 _In_
struct _DRIVER_OBJECT
*FilterDriverObject
,
8364 _In_ PFS_FILTER_CALLBACKS Callbacks
);
8366 #if (NTDDI_VERSION >= NTDDI_VISTA)
8370 FsRtlNotifyStreamFileObject(
8371 _In_
struct _FILE_OBJECT
* StreamFileObject
,
8372 _In_opt_
struct _DEVICE_OBJECT
*DeviceObjectHint
,
8373 _In_ FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
,
8374 _In_ BOOLEAN SafeToRecurse
);
8375 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8377 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) \
8378 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11)
8380 #define FsRtlAreThereCurrentFileLocks(FL) \
8381 ((FL)->FastIoIsQuestionable)
8383 #define FsRtlIncrementLockRequestsInProgress(FL) { \
8384 ASSERT((FL)->LockRequestsInProgress >= 0); \
8386 (InterlockedIncrement((LONG volatile *)&((FL)->LockRequestsInProgress))); \
8389 #define FsRtlDecrementLockRequestsInProgress(FL) { \
8390 ASSERT((FL)->LockRequestsInProgress > 0); \
8392 (InterlockedDecrement((LONG volatile *)&((FL)->LockRequestsInProgress))); \
8396 extern const UCHAR
* const FsRtlLegalAnsiCharacterArray
;
8397 #define LEGAL_ANSI_CHARACTER_ARRAY FsRtlLegalAnsiCharacterArray
8399 __CREATE_NTOS_DATA_IMPORT_ALIAS(FsRtlLegalAnsiCharacterArray
)
8400 extern const UCHAR
* const *FsRtlLegalAnsiCharacterArray
;
8401 #define LEGAL_ANSI_CHARACTER_ARRAY (*FsRtlLegalAnsiCharacterArray)
8404 #define FsRtlIsAnsiCharacterWild(C) \
8405 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(UCHAR)(C)], FSRTL_WILD_CHARACTER)
8407 #define FsRtlIsAnsiCharacterLegalFat(C, WILD) \
8408 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(UCHAR)(C)], (FSRTL_FAT_LEGAL) | \
8409 ((WILD) ? FSRTL_WILD_CHARACTER : 0 ))
8411 #define FsRtlIsAnsiCharacterLegalHpfs(C, WILD) \
8412 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(UCHAR)(C)], (FSRTL_HPFS_LEGAL) | \
8413 ((WILD) ? FSRTL_WILD_CHARACTER : 0 ))
8415 #define FsRtlIsAnsiCharacterLegalNtfs(C, WILD) \
8416 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(UCHAR)(C)], (FSRTL_NTFS_LEGAL) | \
8417 ((WILD) ? FSRTL_WILD_CHARACTER : 0 ))
8419 #define FsRtlIsAnsiCharacterLegalNtfsStream(C,WILD_OK) \
8420 FsRtlTestAnsiCharacter((C), TRUE, (WILD_OK), FSRTL_NTFS_STREAM_LEGAL)
8422 #define FsRtlIsAnsiCharacterLegal(C,FLAGS) \
8423 FsRtlTestAnsiCharacter((C), TRUE, FALSE, (FLAGS))
8425 #define FsRtlTestAnsiCharacter(C, DEFAULT_RET, WILD_OK, FLAGS) \
8426 (((SCHAR)(C) < 0) ? DEFAULT_RET : \
8427 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(C)], \
8428 (FLAGS) | ((WILD_OK) ? FSRTL_WILD_CHARACTER : 0)))
8430 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) \
8431 ((BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
8432 (NLS_MB_CODE_PAGE_TAG && \
8433 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))))
8435 #define FsRtlIsUnicodeCharacterWild(C) \
8436 ((((C) >= 0x40) ? FALSE : \
8437 FlagOn(LEGAL_ANSI_CHARACTER_ARRAY[(C)], FSRTL_WILD_CHARACTER )))
8439 #define FsRtlInitPerFileContext(_fc, _owner, _inst, _cb) \
8440 ((_fc)->OwnerId = (_owner), \
8441 (_fc)->InstanceId = (_inst), \
8442 (_fc)->FreeCallback = (_cb))
8444 #define FsRtlGetPerFileContextPointer(_fo) \
8445 (FsRtlSupportsPerFileContexts(_fo) ? \
8446 FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer : NULL)
8448 #define FsRtlSupportsPerFileContexts(_fo) \
8449 ((FsRtlGetPerStreamContextPointer(_fo) != NULL) && \
8450 (FsRtlGetPerStreamContextPointer(_fo)->Version >= FSRTL_FCB_HEADER_V1) && \
8451 (FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer != NULL))
8453 #define FsRtlSetupAdvancedHeaderEx(_advhdr, _fmutx, _fctxptr) \
8455 FsRtlSetupAdvancedHeader( _advhdr, _fmutx ); \
8456 if ((_fctxptr) != NULL) { \
8457 (_advhdr)->FileContextSupportPointer = (_fctxptr); \
8461 #define FsRtlGetPerStreamContextPointer(FO) \
8462 ((PFSRTL_ADVANCED_FCB_HEADER)(FO)->FsContext)
8464 #define FsRtlInitPerStreamContext(PSC, O, I, FC) \
8465 ((PSC)->OwnerId = (O), \
8466 (PSC)->InstanceId = (I), \
8467 (PSC)->FreeCallback = (FC))
8469 #define FsRtlSupportsPerStreamContexts(FO) \
8470 ((BOOLEAN)((NULL != FsRtlGetPerStreamContextPointer(FO) && \
8471 FlagOn(FsRtlGetPerStreamContextPointer(FO)->Flags2, \
8472 FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS)))
8474 #define FsRtlLookupPerStreamContext(_sc, _oid, _iid) \
8475 (((NULL != (_sc)) && \
8476 FlagOn((_sc)->Flags2,FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS) && \
8477 !IsListEmpty(&(_sc)->FilterContexts)) ? \
8478 FsRtlLookupPerStreamContextInternal((_sc), (_oid), (_iid)) : NULL)
8480 _IRQL_requires_max_(APC_LEVEL
)
8484 FsRtlSetupAdvancedHeader(
8486 _In_ PFAST_MUTEX FMutex
)
8488 PFSRTL_ADVANCED_FCB_HEADER localAdvHdr
= (PFSRTL_ADVANCED_FCB_HEADER
)AdvHdr
;
8490 localAdvHdr
->Flags
|= FSRTL_FLAG_ADVANCED_HEADER
;
8491 localAdvHdr
->Flags2
|= FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS
;
8492 #if (NTDDI_VERSION >= NTDDI_VISTA)
8493 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V1
;
8495 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V0
;
8497 InitializeListHead( &localAdvHdr
->FilterContexts
);
8498 if (FMutex
!= NULL
) {
8499 localAdvHdr
->FastMutex
= FMutex
;
8501 #if (NTDDI_VERSION >= NTDDI_VISTA)
8502 *((PULONG_PTR
)(&localAdvHdr
->PushLock
)) = 0;
8503 localAdvHdr
->FileContextSupportPointer
= NULL
;
8507 #define FsRtlInitPerFileObjectContext(_fc, _owner, _inst) \
8508 ((_fc)->OwnerId = (_owner), (_fc)->InstanceId = (_inst))
8510 #define FsRtlCompleteRequest(IRP, STATUS) { \
8511 (IRP)->IoStatus.Status = (STATUS); \
8512 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
8514 /* Common Cache Types */
8516 #define VACB_MAPPING_GRANULARITY (0x40000)
8517 #define VACB_OFFSET_SHIFT (18)
8519 typedef struct _PUBLIC_BCB
{
8520 CSHORT NodeTypeCode
;
8521 CSHORT NodeByteSize
;
8523 LARGE_INTEGER MappedFileOffset
;
8524 } PUBLIC_BCB
, *PPUBLIC_BCB
;
8526 typedef struct _CC_FILE_SIZES
{
8527 LARGE_INTEGER AllocationSize
;
8528 LARGE_INTEGER FileSize
;
8529 LARGE_INTEGER ValidDataLength
;
8530 } CC_FILE_SIZES
, *PCC_FILE_SIZES
;
8533 (NTAPI
*PACQUIRE_FOR_LAZY_WRITE
) (
8538 (NTAPI
*PRELEASE_FROM_LAZY_WRITE
) (
8539 _In_ PVOID Context
);
8542 (NTAPI
*PACQUIRE_FOR_READ_AHEAD
) (
8547 (NTAPI
*PRELEASE_FROM_READ_AHEAD
) (
8548 _In_ PVOID Context
);
8550 typedef struct _CACHE_MANAGER_CALLBACKS
{
8551 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite
;
8552 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite
;
8553 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead
;
8554 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead
;
8555 } CACHE_MANAGER_CALLBACKS
, *PCACHE_MANAGER_CALLBACKS
;
8557 typedef struct _CACHE_UNINITIALIZE_EVENT
{
8558 struct _CACHE_UNINITIALIZE_EVENT
*Next
;
8560 } CACHE_UNINITIALIZE_EVENT
, *PCACHE_UNINITIALIZE_EVENT
;
8563 (NTAPI
*PDIRTY_PAGE_ROUTINE
) (
8564 _In_ PFILE_OBJECT FileObject
,
8565 _In_ PLARGE_INTEGER FileOffset
,
8567 _In_ PLARGE_INTEGER OldestLsn
,
8568 _In_ PLARGE_INTEGER NewestLsn
,
8569 _In_ PVOID Context1
,
8570 _In_ PVOID Context2
);
8573 (NTAPI
*PFLUSH_TO_LSN
) (
8574 _In_ PVOID LogHandle
,
8575 _In_ LARGE_INTEGER Lsn
);
8578 (NTAPI
*PCC_POST_DEFERRED_WRITE
) (
8579 _In_ PVOID Context1
,
8580 _In_ PVOID Context2
);
8582 #define UNINITIALIZE_CACHE_MAPS (1)
8583 #define DO_NOT_RETRY_PURGE (2)
8584 #define DO_NOT_PURGE_DIRTY_PAGES (0x4)
8586 #define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
8587 /* Common Cache Functions */
8589 #define CcIsFileCached(FO) ( \
8590 ((FO)->SectionObjectPointer != NULL) && \
8591 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
8594 extern NTKERNELAPI ULONG CcFastMdlReadWait
;
8596 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8601 CcInitializeCacheMap(
8602 _In_ PFILE_OBJECT FileObject
,
8603 _In_ PCC_FILE_SIZES FileSizes
,
8604 _In_ BOOLEAN PinAccess
,
8605 _In_ PCACHE_MANAGER_CALLBACKS Callbacks
,
8606 _In_ PVOID LazyWriteContext
);
8611 CcUninitializeCacheMap(
8612 _In_ PFILE_OBJECT FileObject
,
8613 _In_opt_ PLARGE_INTEGER TruncateSize
,
8614 _In_opt_ PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent
);
8620 IN PFILE_OBJECT FileObject
,
8621 IN PCC_FILE_SIZES FileSizes
);
8626 CcSetDirtyPageThreshold(
8627 _In_ PFILE_OBJECT FileObject
,
8628 _In_ ULONG DirtyPageThreshold
);
8634 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8635 _In_opt_ PLARGE_INTEGER FileOffset
,
8637 _Out_opt_ PIO_STATUS_BLOCK IoStatus
);
8642 CcGetFlushedValidData(
8643 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8644 _In_ BOOLEAN BcbListHeld
);
8650 _In_ PFILE_OBJECT FileObject
,
8651 _In_ PLARGE_INTEGER StartOffset
,
8652 _In_ PLARGE_INTEGER EndOffset
,
8672 _In_ BOOLEAN WriteThrough
,
8673 _Out_ PIO_STATUS_BLOCK IoStatus
);
8678 CcGetFileObjectFromSectionPtrs(
8679 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8684 CcGetFileObjectFromBcb(
8691 _In_opt_ PFILE_OBJECT FileObject
,
8692 _In_ ULONG BytesToWrite
,
8694 _In_ BOOLEAN Retrying
);
8700 _In_ PFILE_OBJECT FileObject
,
8701 _In_ PCC_POST_DEFERRED_WRITE PostRoutine
,
8702 _In_ PVOID Context1
,
8703 _In_ PVOID Context2
,
8704 _In_ ULONG BytesToWrite
,
8705 _In_ BOOLEAN Retrying
);
8711 _In_ PFILE_OBJECT FileObject
,
8712 _In_ PLARGE_INTEGER FileOffset
,
8715 _Out_writes_bytes_(Length
) PVOID Buffer
,
8716 _Out_ PIO_STATUS_BLOCK IoStatus
);
8722 _In_ PFILE_OBJECT FileObject
,
8723 _In_ ULONG FileOffset
,
8725 _In_ ULONG PageCount
,
8726 _Out_writes_bytes_(Length
) PVOID Buffer
,
8727 _Out_ PIO_STATUS_BLOCK IoStatus
);
8733 _In_ PFILE_OBJECT FileObject
,
8734 _In_ PLARGE_INTEGER FileOffset
,
8737 _In_reads_bytes_(Length
) PVOID Buffer
);
8743 _In_ PFILE_OBJECT FileObject
,
8744 _In_ ULONG FileOffset
,
8746 _In_reads_bytes_(Length
) PVOID Buffer
);
8752 _In_ PFILE_OBJECT FileObject
,
8753 _In_ PLARGE_INTEGER FileOffset
,
8755 _Out_ PMDL
*MdlChain
,
8756 _Out_ PIO_STATUS_BLOCK IoStatus
);
8762 _In_ PFILE_OBJECT FileObject
,
8763 _In_ PMDL MdlChain
);
8769 _In_ PFILE_OBJECT FileObject
,
8770 _In_ PLARGE_INTEGER FileOffset
,
8772 _Out_ PMDL
*MdlChain
,
8773 _Out_ PIO_STATUS_BLOCK IoStatus
);
8779 _In_ PFILE_OBJECT FileObject
,
8780 _In_ PLARGE_INTEGER FileOffset
,
8781 _In_ PMDL MdlChain
);
8786 CcScheduleReadAhead(
8787 _In_ PFILE_OBJECT FileObject
,
8788 _In_ PLARGE_INTEGER FileOffset
,
8794 CcWaitForCurrentLazyWriterActivity(VOID
);
8799 CcSetReadAheadGranularity(
8800 _In_ PFILE_OBJECT FileObject
,
8801 _In_ ULONG Granularity
);
8807 _In_ PFILE_OBJECT FileObject
,
8808 _In_ PLARGE_INTEGER FileOffset
,
8811 _Outptr_ PVOID
*Bcb
,
8812 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8818 _In_ PFILE_OBJECT FileObject
,
8819 _In_ PLARGE_INTEGER FileOffset
,
8822 _Inout_ PVOID
*Bcb
);
8828 _In_ PFILE_OBJECT FileObject
,
8829 _In_ PLARGE_INTEGER FileOffset
,
8833 _Outptr_ PVOID
*Bcb
,
8834 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8839 CcSetDirtyPinnedData(
8841 _In_opt_ PLARGE_INTEGER Lsn
);
8852 CcSetBcbOwnerPointer(
8854 _In_ PVOID OwnerPointer
);
8859 CcUnpinDataForThread(
8861 _In_ ERESOURCE_THREAD ResourceThreadId
);
8866 CcSetAdditionalCacheAttributes(
8867 _In_ PFILE_OBJECT FileObject
,
8868 _In_ BOOLEAN DisableReadAhead
,
8869 _In_ BOOLEAN DisableWriteBehind
);
8877 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
8879 #if (NTDDI_VERSION >= NTDDI_WINXP)
8885 _In_ PFILE_OBJECT FileObject
,
8886 _In_ PMDL MdlChain
);
8891 CcSetLogHandleForFile(
8892 _In_ PFILE_OBJECT FileObject
,
8893 _In_ PVOID LogHandle
,
8894 _In_ PFLUSH_TO_LSN FlushToLsnRoutine
);
8900 _In_ PVOID LogHandle
,
8901 _In_ PDIRTY_PAGE_ROUTINE DirtyPageRoutine
,
8902 _In_ PVOID Context1
,
8903 _In_ PVOID Context2
);
8907 #if (NTDDI_VERSION >= NTDDI_WINXP)
8908 _Success_(return!=FALSE
)
8913 _In_ PFILE_OBJECT FileObject
,
8914 _In_ PLARGE_INTEGER FileOffset
,
8917 _Outptr_ PVOID
*Bcb
,
8918 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8919 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8924 _In_ PFILE_OBJECT FileObject
,
8925 _In_ PLARGE_INTEGER FileOffset
,
8928 _Outptr_ PVOID
*Bcb
,
8929 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8932 #if (NTDDI_VERSION >= NTDDI_VISTA)
8938 _In_ PFILE_OBJECT FileObject
,
8939 _In_ PCC_FILE_SIZES FileSizes
);
8944 CcGetFileObjectFromSectionPtrsRef(
8945 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8950 CcSetParallelFlushFile(
8951 _In_ PFILE_OBJECT FileObject
,
8952 _In_ BOOLEAN EnableParallelFlush
);
8956 CcIsThereDirtyDataEx(
8958 _In_opt_ PULONG NumberOfDirtyPages
);
8962 #if (NTDDI_VERSION >= NTDDI_WIN7)
8966 CcCoherencyFlushAndPurgeCache(
8967 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8968 _In_opt_ PLARGE_INTEGER FileOffset
,
8970 _Out_ PIO_STATUS_BLOCK IoStatus
,
8971 _In_opt_ ULONG Flags
);
8974 #define CcGetFileSizePointer(FO) ( \
8975 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
8978 #if (NTDDI_VERSION >= NTDDI_VISTA)
8982 CcPurgeCacheSection(
8983 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8984 _In_opt_ PLARGE_INTEGER FileOffset
,
8987 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8991 CcPurgeCacheSection(
8992 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8993 _In_opt_ PLARGE_INTEGER FileOffset
,
8995 _In_ BOOLEAN UninitializeCacheMaps
);
8998 #if (NTDDI_VERSION >= NTDDI_WIN7)
9002 CcCopyWriteWontFlush(
9003 _In_ PFILE_OBJECT FileObject
,
9004 _In_ PLARGE_INTEGER FileOffset
,
9007 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
9010 #define CcReadAhead(FO, FOFF, LEN) ( \
9011 if ((LEN) >= 256) { \
9012 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
9015 /******************************************************************************
9017 ******************************************************************************/
9021 _IRQL_requires_max_(PASSIVE_LEVEL
)
9026 _In_ HANDLE FileHandle
,
9027 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9028 _Out_writes_bytes_(Length
) PVOID Buffer
,
9030 _In_ BOOLEAN ReturnSingleEntry
,
9031 _In_reads_bytes_opt_(EaListLength
) PVOID EaList
,
9032 _In_ ULONG EaListLength
,
9033 _In_opt_ PULONG EaIndex
,
9034 _In_ BOOLEAN RestartScan
);
9036 _IRQL_requires_max_(PASSIVE_LEVEL
)
9041 _In_ HANDLE FileHandle
,
9042 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9043 _In_reads_bytes_(Length
) PVOID Buffer
,
9046 _IRQL_requires_max_(PASSIVE_LEVEL
)
9051 _In_ HANDLE ExistingTokenHandle
,
9052 _In_ ACCESS_MASK DesiredAccess
,
9053 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
9054 _In_ BOOLEAN EffectiveOnly
,
9055 _In_ TOKEN_TYPE TokenType
,
9056 _Out_ PHANDLE NewTokenHandle
);
9058 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9060 _IRQL_requires_max_(PASSIVE_LEVEL
)
9065 _In_opt_ HANDLE Handle
,
9066 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
,
9067 _Out_writes_bytes_opt_(ObjectInformationLength
) PVOID ObjectInformation
,
9068 _In_ ULONG ObjectInformationLength
,
9069 _Out_opt_ PULONG ReturnLength
);
9071 _IRQL_requires_max_(PASSIVE_LEVEL
)
9076 _In_ HANDLE KeyHandle
,
9077 _In_opt_ HANDLE EventHandle
,
9078 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9079 _In_opt_ PVOID ApcContext
,
9080 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9081 _In_ ULONG NotifyFilter
,
9082 _In_ BOOLEAN WatchSubtree
,
9083 _Out_writes_bytes_opt_(BufferLength
) PVOID Buffer
,
9084 _In_ ULONG BufferLength
,
9085 _In_ BOOLEAN Asynchronous
);
9087 _IRQL_requires_max_(PASSIVE_LEVEL
)
9092 _Out_ PHANDLE EventHandle
,
9093 _In_ ACCESS_MASK DesiredAccess
,
9094 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
9095 _In_ EVENT_TYPE EventType
,
9096 _In_ BOOLEAN InitialState
);
9098 _IRQL_requires_max_(PASSIVE_LEVEL
)
9103 _In_ POBJECT_ATTRIBUTES ObjectAttributes
);
9105 _IRQL_requires_max_(PASSIVE_LEVEL
)
9109 ZwQueryDirectoryFile(
9110 _In_ HANDLE FileHandle
,
9111 _In_opt_ HANDLE Event
,
9112 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9113 _In_opt_ PVOID ApcContext
,
9114 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9115 _Out_writes_bytes_(Length
) PVOID FileInformation
,
9117 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
9118 _In_ BOOLEAN ReturnSingleEntry
,
9119 _In_opt_ PUNICODE_STRING FileName
,
9120 _In_ BOOLEAN RestartScan
);
9122 _IRQL_requires_max_(PASSIVE_LEVEL
)
9126 ZwSetVolumeInformationFile(
9127 _In_ HANDLE FileHandle
,
9128 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9129 _In_reads_bytes_(Length
) PVOID FsInformation
,
9131 _In_ FS_INFORMATION_CLASS FsInformationClass
);
9133 _IRQL_requires_max_(PASSIVE_LEVEL
)
9138 _In_ HANDLE FileHandle
,
9139 _In_opt_ HANDLE Event
,
9140 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9141 _In_opt_ PVOID ApcContext
,
9142 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9143 _In_ ULONG FsControlCode
,
9144 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
9145 _In_ ULONG InputBufferLength
,
9146 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
9147 _In_ ULONG OutputBufferLength
);
9149 _IRQL_requires_max_(PASSIVE_LEVEL
)
9154 _In_ HANDLE SourceProcessHandle
,
9155 _In_ HANDLE SourceHandle
,
9156 _In_opt_ HANDLE TargetProcessHandle
,
9157 _Out_opt_ PHANDLE TargetHandle
,
9158 _In_ ACCESS_MASK DesiredAccess
,
9159 _In_ ULONG HandleAttributes
,
9160 _In_ ULONG Options
);
9162 _IRQL_requires_max_(PASSIVE_LEVEL
)
9166 ZwOpenDirectoryObject(
9167 _Out_ PHANDLE DirectoryHandle
,
9168 _In_ ACCESS_MASK DesiredAccess
,
9169 _In_ POBJECT_ATTRIBUTES ObjectAttributes
);
9171 _Must_inspect_result_
9172 _At_(*BaseAddress
, __drv_allocatesMem(Mem
))
9177 ZwAllocateVirtualMemory(
9178 _In_ HANDLE ProcessHandle
,
9179 _Inout_
_Outptr_result_buffer_(*RegionSize
) PVOID
*BaseAddress
,
9180 _In_ ULONG_PTR ZeroBits
,
9181 _Inout_ PSIZE_T RegionSize
,
9182 _In_ ULONG AllocationType
,
9183 _In_ ULONG Protect
);
9185 _IRQL_requires_max_(PASSIVE_LEVEL
)
9189 ZwFreeVirtualMemory(
9190 _In_ HANDLE ProcessHandle
,
9191 _Inout_
__drv_freesMem(Mem
) PVOID
*BaseAddress
,
9192 _Inout_ PSIZE_T RegionSize
,
9193 _In_ ULONG FreeType
);
9195 _When_(Timeout
== NULL
, _IRQL_requires_max_(APC_LEVEL
))
9196 _When_(Timeout
->QuadPart
!= 0, _IRQL_requires_max_(APC_LEVEL
))
9197 _When_(Timeout
->QuadPart
== 0, _IRQL_requires_max_(DISPATCH_LEVEL
))
9201 ZwWaitForSingleObject(
9203 _In_ BOOLEAN Alertable
,
9204 _In_opt_ PLARGE_INTEGER Timeout
);
9206 _IRQL_requires_max_(DISPATCH_LEVEL
)
9211 _In_ HANDLE EventHandle
,
9212 _Out_opt_ PLONG PreviousState
);
9214 _IRQL_requires_max_(APC_LEVEL
)
9218 ZwFlushVirtualMemory(
9219 _In_ HANDLE ProcessHandle
,
9220 _Inout_ PVOID
*BaseAddress
,
9221 _Inout_ PSIZE_T RegionSize
,
9222 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
9224 _IRQL_requires_max_(PASSIVE_LEVEL
)
9228 ZwQueryInformationToken(
9229 _In_ HANDLE TokenHandle
,
9230 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
9231 _Out_writes_bytes_to_opt_(Length
,*ResultLength
) PVOID TokenInformation
,
9233 _Out_ PULONG ResultLength
);
9235 _IRQL_requires_max_(PASSIVE_LEVEL
)
9239 ZwSetSecurityObject(
9241 _In_ SECURITY_INFORMATION SecurityInformation
,
9242 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
9244 _IRQL_requires_max_(PASSIVE_LEVEL
)
9248 ZwQuerySecurityObject(
9249 _In_ HANDLE FileHandle
,
9250 _In_ SECURITY_INFORMATION SecurityInformation
,
9251 _Out_writes_bytes_to_(Length
,*ResultLength
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
9253 _Out_ PULONG ResultLength
);
9254 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
9256 #if (NTDDI_VERSION >= NTDDI_WINXP)
9258 _IRQL_requires_max_(PASSIVE_LEVEL
)
9262 ZwOpenProcessTokenEx(
9263 _In_ HANDLE ProcessHandle
,
9264 _In_ ACCESS_MASK DesiredAccess
,
9265 _In_ ULONG HandleAttributes
,
9266 _Out_ PHANDLE TokenHandle
);
9268 _IRQL_requires_max_(PASSIVE_LEVEL
)
9272 ZwOpenThreadTokenEx(
9273 _In_ HANDLE ThreadHandle
,
9274 _In_ ACCESS_MASK DesiredAccess
,
9275 _In_ BOOLEAN OpenAsSelf
,
9276 _In_ ULONG HandleAttributes
,
9277 _Out_ PHANDLE TokenHandle
);
9279 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
9281 #if (NTDDI_VERSION >= NTDDI_VISTA)
9283 _IRQL_requires_max_(PASSIVE_LEVEL
)
9288 _In_ HANDLE FileHandle
,
9289 _In_opt_ HANDLE Event
,
9290 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9291 _In_opt_ PVOID ApcContext
,
9292 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9293 _In_ PLARGE_INTEGER ByteOffset
,
9294 _In_ PLARGE_INTEGER Length
,
9296 _In_ BOOLEAN FailImmediately
,
9297 _In_ BOOLEAN ExclusiveLock
);
9299 _IRQL_requires_max_(PASSIVE_LEVEL
)
9304 _In_ HANDLE FileHandle
,
9305 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9306 _In_ PLARGE_INTEGER ByteOffset
,
9307 _In_ PLARGE_INTEGER Length
,
9310 _IRQL_requires_max_(PASSIVE_LEVEL
)
9314 ZwQueryQuotaInformationFile(
9315 _In_ HANDLE FileHandle
,
9316 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9317 _Out_writes_bytes_(Length
) PVOID Buffer
,
9319 _In_ BOOLEAN ReturnSingleEntry
,
9320 _In_reads_bytes_opt_(SidListLength
) PVOID SidList
,
9321 _In_ ULONG SidListLength
,
9322 _In_opt_ PSID StartSid
,
9323 _In_ BOOLEAN RestartScan
);
9325 _IRQL_requires_max_(PASSIVE_LEVEL
)
9329 ZwSetQuotaInformationFile(
9330 _In_ HANDLE FileHandle
,
9331 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9332 _In_reads_bytes_(Length
) PVOID Buffer
,
9335 _IRQL_requires_max_(PASSIVE_LEVEL
)
9340 _In_ HANDLE FileHandle
,
9341 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
9342 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
9343 #if (NTDDI_VERSION >= NTDDI_WIN7)
9345 _IRQL_requires_max_(PASSIVE_LEVEL
)
9349 ZwSetInformationToken(
9350 _In_ HANDLE TokenHandle
,
9351 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
9352 _In_reads_bytes_(TokenInformationLength
) PVOID TokenInformation
,
9353 _In_ ULONG TokenInformationLength
);
9355 #if (VER_PRODUCTBUILD >= 2195)
9359 ZwAdjustPrivilegesToken (
9360 _In_ HANDLE TokenHandle
,
9361 _In_ BOOLEAN DisableAllPrivileges
,
9362 _In_ PTOKEN_PRIVILEGES NewState
,
9363 _In_ ULONG BufferLength
,
9364 _Out_opt_ PTOKEN_PRIVILEGES PreviousState
,
9365 _Out_ PULONG ReturnLength
9367 #endif /* (VER_PRODUCTBUILD >= 2195) */
9373 _In_ HANDLE ThreadHandle
9379 ZwAccessCheckAndAuditAlarm (
9380 _In_ PUNICODE_STRING SubsystemName
,
9381 _In_ PVOID HandleId
,
9382 _In_ PUNICODE_STRING ObjectTypeName
,
9383 _In_ PUNICODE_STRING ObjectName
,
9384 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
9385 _In_ ACCESS_MASK DesiredAccess
,
9386 _In_ PGENERIC_MAPPING GenericMapping
,
9387 _In_ BOOLEAN ObjectCreation
,
9388 _Out_ PACCESS_MASK GrantedAccess
,
9389 _Out_ PBOOLEAN AccessStatus
,
9390 _Out_ PBOOLEAN GenerateOnClose
9393 #if (VER_PRODUCTBUILD >= 2195)
9398 _In_ HANDLE FileHandle
,
9399 _Out_ PIO_STATUS_BLOCK IoStatusBlock
9401 #endif /* (VER_PRODUCTBUILD >= 2195) */
9407 _In_ HANDLE EventHandle
9413 ZwCloseObjectAuditAlarm (
9414 _In_ PUNICODE_STRING SubsystemName
,
9415 _In_ PVOID HandleId
,
9416 _In_ BOOLEAN GenerateOnClose
9422 ZwCreateSymbolicLinkObject (
9423 _Out_ PHANDLE SymbolicLinkHandle
,
9424 _In_ ACCESS_MASK DesiredAccess
,
9425 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
9426 _In_ PUNICODE_STRING TargetName
9432 ZwFlushInstructionCache (
9433 _In_ HANDLE ProcessHandle
,
9434 _In_opt_ PVOID BaseAddress
,
9435 _In_ ULONG FlushSize
9442 _In_ HANDLE FileHandle
,
9443 _Out_ PIO_STATUS_BLOCK IoStatusBlock
9446 #if (VER_PRODUCTBUILD >= 2195)
9450 ZwInitiatePowerAction (
9451 _In_ POWER_ACTION SystemAction
,
9452 _In_ SYSTEM_POWER_STATE MinSystemState
,
9454 _In_ BOOLEAN Asynchronous
9456 #endif /* (VER_PRODUCTBUILD >= 2195) */
9462 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes
,
9463 _In_ POBJECT_ATTRIBUTES FileObjectAttributes
9469 ZwOpenProcessToken (
9470 _In_ HANDLE ProcessHandle
,
9471 _In_ ACCESS_MASK DesiredAccess
,
9472 _Out_ PHANDLE TokenHandle
9479 _Out_ PHANDLE ThreadHandle
,
9480 _In_ ACCESS_MASK DesiredAccess
,
9481 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
9482 _In_ PCLIENT_ID ClientId
9489 _In_ HANDLE ThreadHandle
,
9490 _In_ ACCESS_MASK DesiredAccess
,
9491 _In_ BOOLEAN OpenAsSelf
,
9492 _Out_ PHANDLE TokenHandle
9499 _In_ HANDLE EventHandle
,
9500 _In_opt_ PLONG PulseCount
9506 ZwQueryDefaultLocale (
9507 _In_ BOOLEAN UserProfile
,
9508 _Out_ PLCID DefaultLocaleId
9511 #if (VER_PRODUCTBUILD >= 2195)
9512 _IRQL_requires_max_(PASSIVE_LEVEL
)
9516 ZwQueryDirectoryObject(
9517 _In_ HANDLE DirectoryHandle
,
9519 _In_ ULONG BufferLength
,
9520 _In_ BOOLEAN ReturnSingleEntry
,
9521 _In_ BOOLEAN RestartScan
,
9522 _Inout_ PULONG Context
,
9523 _Out_opt_ PULONG ReturnLength
9525 #endif /* (VER_PRODUCTBUILD >= 2195) */
9530 ZwQueryInformationProcess (
9531 _In_ HANDLE ProcessHandle
,
9532 _In_ PROCESSINFOCLASS ProcessInformationClass
,
9533 _Out_ PVOID ProcessInformation
,
9534 _In_ ULONG ProcessInformationLength
,
9535 _Out_opt_ PULONG ReturnLength
9542 _In_ POBJECT_ATTRIBUTES NewFileObjectAttributes
,
9543 _In_ HANDLE KeyHandle
,
9544 _In_ POBJECT_ATTRIBUTES OldFileObjectAttributes
9551 _In_ HANDLE EventHandle
,
9552 _Out_opt_ PLONG NumberOfWaitingThreads
9555 #if (VER_PRODUCTBUILD >= 2195)
9560 _In_ HANDLE KeyHandle
,
9561 _In_ HANDLE FileHandle
,
9564 #endif /* (VER_PRODUCTBUILD >= 2195) */
9570 _In_ HANDLE KeyHandle
,
9571 _In_ HANDLE FileHandle
9577 ZwSetDefaultLocale (
9578 _In_ BOOLEAN UserProfile
,
9579 _In_ LCID DefaultLocaleId
9582 #if (VER_PRODUCTBUILD >= 2195)
9586 ZwSetDefaultUILanguage (
9587 _In_ LANGID LanguageId
9589 #endif /* (VER_PRODUCTBUILD >= 2195) */
9594 ZwSetInformationProcess (
9595 _In_ HANDLE ProcessHandle
,
9596 _In_ PROCESSINFOCLASS ProcessInformationClass
,
9597 _In_ PVOID ProcessInformation
,
9598 _In_ ULONG ProcessInformationLength
9605 _In_ PLARGE_INTEGER NewTime
,
9606 _Out_opt_ PLARGE_INTEGER OldTime
9613 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes
9619 ZwWaitForMultipleObjects (
9620 _In_ ULONG HandleCount
,
9621 _In_ PHANDLE Handles
,
9622 _In_ WAIT_TYPE WaitType
,
9623 _In_ BOOLEAN Alertable
,
9624 _In_opt_ PLARGE_INTEGER Timeout
9634 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
9640 #define ISSP_LEVEL 32
9644 #define MIDL_PROP(x) x
9646 #define MIDL_PROP(x)
9649 #define SEC_TEXT TEXT
9651 #define SEC_ENTRY __stdcall
9653 #if defined(_NO_KSECDD_IMPORT_)
9654 #define KSECDDDECLSPEC
9656 #define KSECDDDECLSPEC __declspec(dllimport)
9659 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
9660 #define SECQOP_WRAP_OOB_DATA 0x40000000
9662 #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")
9663 #define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW
9665 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
9666 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2
9667 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3
9668 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4
9670 #define SECURITY_NATIVE_DREP 0x00000010
9671 #define SECURITY_NETWORK_DREP 0x00000000
9673 #define SECPKG_ID_NONE 0xFFFF
9675 #define SECPKG_CRED_ATTR_NAMES 1
9676 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
9678 #define SECPKG_ATTR_SIZES 0
9679 #define SECPKG_ATTR_NAMES 1
9680 #define SECPKG_ATTR_LIFESPAN 2
9681 #define SECPKG_ATTR_DCE_INFO 3
9682 #define SECPKG_ATTR_STREAM_SIZES 4
9683 #define SECPKG_ATTR_KEY_INFO 5
9684 #define SECPKG_ATTR_AUTHORITY 6
9685 #define SECPKG_ATTR_PROTO_INFO 7
9686 #define SECPKG_ATTR_PASSWORD_EXPIRY 8
9687 #define SECPKG_ATTR_SESSION_KEY 9
9688 #define SECPKG_ATTR_PACKAGE_INFO 10
9689 #define SECPKG_ATTR_USER_FLAGS 11
9690 #define SECPKG_ATTR_NEGOTIATION_INFO 12
9691 #define SECPKG_ATTR_NATIVE_NAMES 13
9692 #define SECPKG_ATTR_FLAGS 14
9693 #define SECPKG_ATTR_USE_VALIDATED 15
9694 #define SECPKG_ATTR_CREDENTIAL_NAME 16
9695 #define SECPKG_ATTR_TARGET_INFORMATION 17
9696 #define SECPKG_ATTR_ACCESS_TOKEN 18
9697 #define SECPKG_ATTR_TARGET 19
9698 #define SECPKG_ATTR_AUTHENTICATION_ID 20
9699 #define SECPKG_ATTR_LOGOFF_TIME 21
9700 #define SECPKG_ATTR_NEGO_KEYS 22
9701 #define SECPKG_ATTR_PROMPTING_NEEDED 24
9702 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
9703 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
9704 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
9705 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
9706 #define SECPKG_ATTR_NEGO_PKG_INFO 31
9707 #define SECPKG_ATTR_NEGO_STATUS 32
9708 #define SECPKG_ATTR_CONTEXT_DELETED 33
9710 #define SECPKG_FLAG_INTEGRITY 0x00000001
9711 #define SECPKG_FLAG_PRIVACY 0x00000002
9712 #define SECPKG_FLAG_TOKEN_ONLY 0x00000004
9713 #define SECPKG_FLAG_DATAGRAM 0x00000008
9714 #define SECPKG_FLAG_CONNECTION 0x00000010
9715 #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
9716 #define SECPKG_FLAG_CLIENT_ONLY 0x00000040
9717 #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
9718 #define SECPKG_FLAG_IMPERSONATION 0x00000100
9719 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
9720 #define SECPKG_FLAG_STREAM 0x00000400
9721 #define SECPKG_FLAG_NEGOTIABLE 0x00000800
9722 #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
9723 #define SECPKG_FLAG_LOGON 0x00002000
9724 #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
9725 #define SECPKG_FLAG_FRAGMENT 0x00008000
9726 #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
9727 #define SECPKG_FLAG_DELEGATION 0x00020000
9728 #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
9729 #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
9730 #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
9731 #define SECPKG_FLAG_NEGOTIABLE2 0x00200000
9733 #define SECPKG_CRED_INBOUND 0x00000001
9734 #define SECPKG_CRED_OUTBOUND 0x00000002
9735 #define SECPKG_CRED_BOTH 0x00000003
9736 #define SECPKG_CRED_DEFAULT 0x00000004
9737 #define SECPKG_CRED_RESERVED 0xF0000000
9738 #define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
9739 #define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
9741 #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001
9742 #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002
9743 #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004
9745 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
9746 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
9747 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
9749 #define SecPkgContext_NativeNames SecPkgContext_NativeNamesW
9750 #define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW
9752 #define SECBUFFER_VERSION 0
9754 #define SECBUFFER_EMPTY 0
9755 #define SECBUFFER_DATA 1
9756 #define SECBUFFER_TOKEN 2
9757 #define SECBUFFER_PKG_PARAMS 3
9758 #define SECBUFFER_MISSING 4
9759 #define SECBUFFER_EXTRA 5
9760 #define SECBUFFER_STREAM_TRAILER 6
9761 #define SECBUFFER_STREAM_HEADER 7
9762 #define SECBUFFER_NEGOTIATION_INFO 8
9763 #define SECBUFFER_PADDING 9
9764 #define SECBUFFER_STREAM 10
9765 #define SECBUFFER_MECHLIST 11
9766 #define SECBUFFER_MECHLIST_SIGNATURE 12
9767 #define SECBUFFER_TARGET 13
9768 #define SECBUFFER_CHANNEL_BINDINGS 14
9769 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
9770 #define SECBUFFER_TARGET_HOST 16
9771 #define SECBUFFER_ALERT 17
9773 #define SECBUFFER_ATTRMASK 0xF0000000
9774 #define SECBUFFER_READONLY 0x80000000
9775 #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
9776 #define SECBUFFER_RESERVED 0x60000000
9778 #define ISC_REQ_DELEGATE 0x00000001
9779 #define ISC_REQ_MUTUAL_AUTH 0x00000002
9780 #define ISC_REQ_REPLAY_DETECT 0x00000004
9781 #define ISC_REQ_SEQUENCE_DETECT 0x00000008
9782 #define ISC_REQ_CONFIDENTIALITY 0x00000010
9783 #define ISC_REQ_USE_SESSION_KEY 0x00000020
9784 #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
9785 #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
9786 #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
9787 #define ISC_REQ_USE_DCE_STYLE 0x00000200
9788 #define ISC_REQ_DATAGRAM 0x00000400
9789 #define ISC_REQ_CONNECTION 0x00000800
9790 #define ISC_REQ_CALL_LEVEL 0x00001000
9791 #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
9792 #define ISC_REQ_EXTENDED_ERROR 0x00004000
9793 #define ISC_REQ_STREAM 0x00008000
9794 #define ISC_REQ_INTEGRITY 0x00010000
9795 #define ISC_REQ_IDENTIFY 0x00020000
9796 #define ISC_REQ_NULL_SESSION 0x00040000
9797 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
9798 #define ISC_REQ_RESERVED1 0x00100000
9799 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
9800 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
9801 #define ISC_REQ_NO_INTEGRITY 0x00800000
9802 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
9804 #define ISC_RET_DELEGATE 0x00000001
9805 #define ISC_RET_MUTUAL_AUTH 0x00000002
9806 #define ISC_RET_REPLAY_DETECT 0x00000004
9807 #define ISC_RET_SEQUENCE_DETECT 0x00000008
9808 #define ISC_RET_CONFIDENTIALITY 0x00000010
9809 #define ISC_RET_USE_SESSION_KEY 0x00000020
9810 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
9811 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
9812 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
9813 #define ISC_RET_USED_DCE_STYLE 0x00000200
9814 #define ISC_RET_DATAGRAM 0x00000400
9815 #define ISC_RET_CONNECTION 0x00000800
9816 #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
9817 #define ISC_RET_CALL_LEVEL 0x00002000
9818 #define ISC_RET_EXTENDED_ERROR 0x00004000
9819 #define ISC_RET_STREAM 0x00008000
9820 #define ISC_RET_INTEGRITY 0x00010000
9821 #define ISC_RET_IDENTIFY 0x00020000
9822 #define ISC_RET_NULL_SESSION 0x00040000
9823 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
9824 #define ISC_RET_RESERVED1 0x00100000
9825 #define ISC_RET_FRAGMENT_ONLY 0x00200000
9826 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
9827 #define ISC_RET_USED_HTTP_STYLE 0x01000000
9828 #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9829 #define ISC_RET_REAUTHENTICATION 0x08000000
9831 #define ASC_REQ_DELEGATE 0x00000001
9832 #define ASC_REQ_MUTUAL_AUTH 0x00000002
9833 #define ASC_REQ_REPLAY_DETECT 0x00000004
9834 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
9835 #define ASC_REQ_CONFIDENTIALITY 0x00000010
9836 #define ASC_REQ_USE_SESSION_KEY 0x00000020
9837 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
9838 #define ASC_REQ_USE_DCE_STYLE 0x00000200
9839 #define ASC_REQ_DATAGRAM 0x00000400
9840 #define ASC_REQ_CONNECTION 0x00000800
9841 #define ASC_REQ_CALL_LEVEL 0x00001000
9842 #define ASC_REQ_EXTENDED_ERROR 0x00008000
9843 #define ASC_REQ_STREAM 0x00010000
9844 #define ASC_REQ_INTEGRITY 0x00020000
9845 #define ASC_REQ_LICENSING 0x00040000
9846 #define ASC_REQ_IDENTIFY 0x00080000
9847 #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
9848 #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
9849 #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
9850 #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
9851 #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
9852 #define ASC_REQ_NO_TOKEN 0x01000000
9853 #define ASC_REQ_PROXY_BINDINGS 0x04000000
9854 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9856 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
9857 #define ASC_RET_DELEGATE 0x00000001
9858 #define ASC_RET_MUTUAL_AUTH 0x00000002
9859 #define ASC_RET_REPLAY_DETECT 0x00000004
9860 #define ASC_RET_SEQUENCE_DETECT 0x00000008
9861 #define ASC_RET_CONFIDENTIALITY 0x00000010
9862 #define ASC_RET_USE_SESSION_KEY 0x00000020
9863 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
9864 #define ASC_RET_USED_DCE_STYLE 0x00000200
9865 #define ASC_RET_DATAGRAM 0x00000400
9866 #define ASC_RET_CONNECTION 0x00000800
9867 #define ASC_RET_CALL_LEVEL 0x00002000
9868 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
9869 #define ASC_RET_EXTENDED_ERROR 0x00008000
9870 #define ASC_RET_STREAM 0x00010000
9871 #define ASC_RET_INTEGRITY 0x00020000
9872 #define ASC_RET_LICENSING 0x00040000
9873 #define ASC_RET_IDENTIFY 0x00080000
9874 #define ASC_RET_NULL_SESSION 0x00100000
9875 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
9876 #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
9877 #define ASC_RET_FRAGMENT_ONLY 0x00800000
9878 #define ASC_RET_NO_TOKEN 0x01000000
9879 #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9880 #define ASC_RET_NO_PROXY_BINDINGS 0x04000000
9881 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9882 #define ASC_RET_MISSING_BINDINGS 0x10000000
9884 #define SEC_DELETED_HANDLE ((ULONG_PTR)(-2))
9886 #define SecInvalidateHandle(x) \
9887 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1));
9889 #define SecIsValidHandle(x) \
9890 ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \
9891 ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) )
9893 typedef WCHAR SEC_WCHAR
;
9894 typedef CHAR SEC_CHAR
;
9895 typedef LARGE_INTEGER _SECURITY_INTEGER
, SECURITY_INTEGER
, *PSECURITY_INTEGER
;
9896 typedef SECURITY_INTEGER TimeStamp
, *PTimeStamp
;
9897 typedef UNICODE_STRING SECURITY_STRING
, *PSECURITY_STRING
;
9899 #define PSSPI_SEC_STRING PSECURITY_STRING
9901 #define PSSPI_SEC_STRING SEC_WCHAR*
9904 typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE
;
9906 #ifndef __SECSTATUS_DEFINED__
9907 typedef LONG SECURITY_STATUS
;
9908 #define __SECSTATUS_DEFINED__
9911 typedef enum _SECPKG_CRED_CLASS
9913 SecPkgCredClass_None
= 0,
9914 SecPkgCredClass_Ephemeral
= 10,
9915 SecPkgCredClass_PersistedGeneric
= 20,
9916 SecPkgCredClass_PersistedSpecific
= 30,
9917 SecPkgCredClass_Explicit
= 40,
9918 } SECPKG_CRED_CLASS
, *PSECPKG_CRED_CLASS
;
9920 typedef struct _SEC_NEGOTIATION_INFO
9926 } SEC_NEGOTIATION_INFO
, *PSEC_NEGOTIATION_INFO
;
9928 typedef struct _SEC_CHANNEL_BINDINGS
9930 ULONG dwInitiatorAddrType
;
9931 ULONG cbInitiatorLength
;
9932 ULONG dwInitiatorOffset
;
9933 ULONG dwAcceptorAddrType
;
9934 ULONG cbAcceptorLength
;
9935 ULONG dwAcceptorOffset
;
9936 ULONG cbApplicationDataLength
;
9937 ULONG dwApplicationDataOffset
;
9938 } SEC_CHANNEL_BINDINGS
, *PSEC_CHANNEL_BINDINGS
;
9940 #ifndef _AUTH_IDENTITY_EX2_DEFINED
9941 #define _AUTH_IDENTITY_EX2_DEFINED
9942 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2
9945 USHORT cbHeaderLength
;
9946 ULONG cbStructureLength
;
9950 USHORT DomainLength
;
9951 ULONG PackedCredentialsOffset
;
9952 USHORT PackedCredentialsLength
;
9954 ULONG PackageListOffset
;
9955 USHORT PackageListLength
;
9956 } SEC_WINNT_AUTH_IDENTITY_EX2
, *PSEC_WINNT_AUTH_IDENTITY_EX2
;
9957 #define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
9960 #ifndef _AUTH_IDENTITY_DEFINED
9961 #define _AUTH_IDENTITY_DEFINED
9962 typedef struct _SEC_WINNT_AUTH_IDENTITY_W
9969 ULONG PasswordLength
;
9971 } SEC_WINNT_AUTH_IDENTITY_W
, *PSEC_WINNT_AUTH_IDENTITY_W
;
9972 #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
9973 #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
9974 #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
9975 #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
9976 #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W
9979 #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
9980 #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
9981 typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW
9990 ULONG PasswordLength
;
9992 PUSHORT PackageList
;
9993 ULONG PackageListLength
;
9994 } SEC_WINNT_AUTH_IDENTITY_EXW
, *PSEC_WINNT_AUTH_IDENTITY_EXW
;
9995 #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
9996 #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
9999 #ifndef __SECHANDLE_DEFINED__
10000 typedef struct _SecHandle
10004 } SecHandle
, *PSecHandle
;
10005 #define __SECHANDLE_DEFINED__
10008 typedef SecHandle CredHandle
, *PCredHandle
, CtxtHandle
, *PCtxtHandle
;
10010 typedef struct _SecBuffer
10015 MIDL_PROP([size_is(cbBuffer
)]) PCHAR pvBuffer
;
10017 _Field_size_bytes_(cbBuffer
) void SEC_FAR
*pvBuffer
;
10019 } SecBuffer
, *PSecBuffer
;
10021 typedef struct _SecBufferDesc
10025 MIDL_PROP([size_is(cBuffers
)]) _Field_size_(cBuffers
) PSecBuffer pBuffers
;
10026 } SecBufferDesc
, SEC_FAR
*PSecBufferDesc
;
10028 typedef struct _SecPkgInfoW
10030 ULONG fCapabilities
;
10034 MIDL_PROP([string
]) SEC_WCHAR
*Name
;
10035 MIDL_PROP([string
]) SEC_WCHAR
*Comment
;
10036 } SecPkgInfoW
, *PSecPkgInfoW
;
10037 #define SecPkgInfo SecPkgInfoW
10038 #define PSecPkgInfo PSecPkgInfoW
10040 typedef struct _SecPkgCredentials_NamesW
10042 MIDL_PROP([string
]) SEC_WCHAR
*sUserName
;
10043 } SecPkgCredentials_NamesW
, *PSecPkgCredentials_NamesW
;
10044 #define SecPkgCredentials_Names SecPkgCredentials_NamesW
10045 #define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
10047 typedef struct _SecPkgContext_NamesW
10049 SEC_WCHAR
*sUserName
;
10050 } SecPkgContext_NamesW
, *PSecPkgContext_NamesW
;
10051 #define SecPkgContext_Names SecPkgContext_NamesW
10052 #define PSecPkgContext_Names PSecPkgContext_NamesW
10054 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10055 typedef struct _SecPkgContext_CredentialNameW
10057 ULONG CredentialType
;
10058 SEC_WCHAR
*sCredentialName
;
10059 } SecPkgContext_CredentialNameW
, *PSecPkgContext_CredentialNameW
;
10061 #define SecPkgContext_CredentialName SecPkgContext_CredentialNameW
10062 #define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW
10064 typedef struct _SecPkgContext_SubjectAttributes
10066 PVOID AttributeInfo
;
10067 } SecPkgContext_SubjectAttributes
, *PSecPkgContext_SubjectAttributes
;
10069 typedef struct _SecPkgContext_CredInfo
10071 SECPKG_CRED_CLASS CredClass
;
10072 ULONG IsPromptingNeeded
;
10073 } SecPkgContext_CredInfo
, *PSecPkgContext_CredInfo
;
10075 typedef struct _SecPkgContext_NegoPackageInfo
10078 } SecPkgContext_NegoPackageInfo
, *PSecPkgContext_NegoPackageInfo
;
10080 typedef struct _SecPkgContext_NegoStatus
10083 } SecPkgContext_NegoStatus
, *PSecPkgContext_NegoStatus
;
10085 typedef struct _SecPkgContext_Sizes
10088 ULONG cbMaxSignature
;
10090 ULONG cbSecurityTrailer
;
10091 } SecPkgContext_Sizes
, *PSecPkgContext_Sizes
;
10093 typedef struct _SecPkgContext_StreamSizes
10097 ULONG cbMaximumMessage
;
10100 } SecPkgContext_StreamSizes
, *PSecPkgContext_StreamSizes
;
10102 typedef struct _SecPkgContext_Lifespan
10105 TimeStamp tsExpiry
;
10106 } SecPkgContext_Lifespan
, *PSecPkgContext_Lifespan
;
10108 typedef struct _SecPkgContext_PasswordExpiry
10110 TimeStamp tsPasswordExpires
;
10111 } SecPkgContext_PasswordExpiry
, *PSecPkgContext_PasswordExpiry
;
10113 typedef struct _SecPkgContext_ProtoInfoW
10115 SEC_WCHAR
*sProtocolName
;
10116 ULONG majorVersion
;
10117 ULONG minorVersion
;
10118 } SecPkgContext_ProtoInfoW
, *PSecPkgContext_ProtoInfoW
;
10119 #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW
10120 #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW
10122 typedef struct _SecPkgContext_KeyInfoW
10124 SEC_WCHAR
*sSignatureAlgorithmName
;
10125 SEC_WCHAR
*sEncryptAlgorithmName
;
10127 ULONG SignatureAlgorithm
;
10128 ULONG EncryptAlgorithm
;
10129 } SecPkgContext_KeyInfoW
, *PSecPkgContext_KeyInfoW
;
10130 #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW
10131 #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW
10133 typedef struct _SecPkgContext_SessionKey
10135 ULONG SessionKeyLength
;
10136 _Field_size_bytes_(SessionKeyLength
) PUCHAR SessionKey
;
10137 } SecPkgContext_SessionKey
, *PSecPkgContext_SessionKey
;
10139 typedef struct _SecPkgContext_NegoKeys
10143 _Field_size_bytes_(KeyLength
) PUCHAR KeyValue
;
10144 ULONG VerifyKeyType
;
10145 USHORT VerifyKeyLength
;
10146 _Field_size_bytes_(VerifyKeyLength
) PUCHAR VerifyKeyValue
;
10147 } SecPkgContext_NegoKeys
, *PSecPkgContext_NegoKeys
;
10149 typedef struct _SecPkgContext_DceInfo
10153 } SecPkgContext_DceInfo
, *PSecPkgContext_DceInfo
;
10155 typedef struct _SecPkgContext_PackageInfoW
10157 PSecPkgInfoW PackageInfo
;
10158 } SecPkgContext_PackageInfoW
, *PSecPkgContext_PackageInfoW
;
10159 #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
10160 #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW
10162 typedef struct _SecPkgContext_UserFlags
10165 } SecPkgContext_UserFlags
, *PSecPkgContext_UserFlags
;
10167 typedef struct _SecPkgContext_Flags
10170 } SecPkgContext_Flags
, *PSecPkgContext_Flags
;
10172 typedef struct _SecPkgContext_NegotiationInfoW
10174 PSecPkgInfoW PackageInfo
;
10175 ULONG NegotiationState
;
10176 } SecPkgContext_NegotiationInfoW
, *PSecPkgContext_NegotiationInfoW
;
10178 typedef struct _SecPkgContext_AuthorityW
10180 SEC_WCHAR
*sAuthorityName
;
10181 } SecPkgContext_AuthorityW
, *PSecPkgContext_AuthorityW
;
10182 #define SecPkgContext_Authority SecPkgContext_AuthorityW
10183 #define PSecPkgContext_Authority PSecPkgContext_AuthorityW
10186 #if NTDDI_VERSION > NTDDI_WS03
10187 typedef struct _SecPkgCredentials_SSIProviderW
10189 SEC_WCHAR
*sProviderName
;
10190 ULONG ProviderInfoLength
;
10191 PCHAR ProviderInfo
;
10192 } SecPkgCredentials_SSIProviderW
, *PSecPkgCredentials_SSIProviderW
;
10193 #define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
10194 #define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
10196 typedef struct _SecPkgContext_LogoffTime
10198 TimeStamp tsLogoffTime
;
10199 } SecPkgContext_LogoffTime
, *PSecPkgContext_LogoffTime
;
10202 /* forward declaration */
10203 typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW
, *PSecurityFunctionTableW
;
10204 #define SecurityFunctionTable SecurityFunctionTableW
10205 #define PSecurityFunctionTable PSecurityFunctionTableW
10209 (SEC_ENTRY
* SEC_GET_KEY_FN
)(
10214 SECURITY_STATUS
*Status
);
10219 AcceptSecurityContext(
10220 _In_opt_ PCredHandle phCredential
,
10221 _In_opt_ PCtxtHandle phContext
,
10222 _In_opt_ PSecBufferDesc pInput
,
10223 _In_ ULONG fContextReq
,
10224 _In_ ULONG TargetDataRep
,
10225 _In_opt_ PCtxtHandle phNewContext
,
10226 _In_opt_ PSecBufferDesc pOutput
,
10227 _Out_ PULONG pfContextAttr
,
10228 _Out_opt_ PTimeStamp ptsExpiry
);
10232 (SEC_ENTRY
* ACCEPT_SECURITY_CONTEXT_FN
)(
10246 AcquireCredentialsHandleW(
10247 _In_opt_ PSSPI_SEC_STRING pPrincipal
,
10248 _In_ PSSPI_SEC_STRING pPackage
,
10249 _In_ ULONG fCredentialUse
,
10250 _In_opt_ PVOID pvLogonId
,
10251 _In_opt_ PVOID pAuthData
,
10252 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
10253 _In_opt_ PVOID pvGetKeyArgument
,
10254 _Out_ PCredHandle phCredential
,
10255 _Out_opt_ PTimeStamp ptsExpiry
);
10256 #define AcquireCredentialsHandle AcquireCredentialsHandleW
10260 (SEC_ENTRY
* ACQUIRE_CREDENTIALS_HANDLE_FN_W
)(
10270 #define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
10275 _In_ PCredHandle hCredentials
,
10276 _In_opt_ LPSTR pszPrincipal
,
10277 _In_ LPSTR pszPackage
,
10278 _In_ ULONG fCredentialUse
,
10279 _In_opt_ PVOID pAuthData
,
10280 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
10281 _In_opt_ PVOID pvGetKeyArgument
,
10282 _Out_opt_ PTimeStamp ptsExpiry
);
10286 (SEC_ENTRY
* ADD_CREDENTIALS_FN_A
)(
10300 _In_ PCredHandle hCredentials
,
10301 _In_opt_ PSSPI_SEC_STRING pPrincipal
,
10302 _In_ PSSPI_SEC_STRING pPackage
,
10303 _In_ ULONG fCredentialUse
,
10304 _In_opt_ PVOID pAuthData
,
10305 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
10306 _In_opt_ PVOID pvGetKeyArgument
,
10307 _Out_opt_ PTimeStamp ptsExpiry
);
10311 (SEC_ENTRY
* ADD_CREDENTIALS_FN_W
)(
10322 #define AddCredentials AddCredentialsW
10323 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
10325 #define AddCredentials AddCredentialsA
10326 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
10333 _In_ PCtxtHandle phContext
,
10334 _In_ PSecBufferDesc pInput
);
10338 (SEC_ENTRY
* APPLY_CONTROL_TOKEN_FN
)(
10339 PCtxtHandle
, PSecBufferDesc
);
10341 #if (ISSP_MODE != 0)
10345 ChangeAccountPasswordA(
10346 _In_ SEC_CHAR
* pszPackageName
,
10347 _In_ SEC_CHAR
* pszDomainName
,
10348 _In_ SEC_CHAR
* pszAccountName
,
10349 _In_ SEC_CHAR
* pszOldPassword
,
10350 _In_ SEC_CHAR
* pszNewPassword
,
10351 _In_ BOOLEAN bImpersonating
,
10352 _In_ ULONG dwReserved
,
10353 _Inout_ PSecBufferDesc pOutput
);
10357 (SEC_ENTRY
* CHANGE_PASSWORD_FN_A
)(
10369 ChangeAccountPasswordW(
10370 _In_ SEC_WCHAR
* pszPackageName
,
10371 _In_ SEC_WCHAR
* pszDomainName
,
10372 _In_ SEC_WCHAR
* pszAccountName
,
10373 _In_ SEC_WCHAR
* pszOldPassword
,
10374 _In_ SEC_WCHAR
* pszNewPassword
,
10375 _In_ BOOLEAN bImpersonating
,
10376 _In_ ULONG dwReserved
,
10377 _Inout_ PSecBufferDesc pOutput
);
10381 (SEC_ENTRY
* CHANGE_PASSWORD_FN_W
)(
10392 #define ChangeAccountPassword ChangeAccountPasswordW
10393 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W
10395 #define ChangeAccountPassword ChangeAccountPasswordA
10396 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A
10399 #endif /* ISSP_MODE != 0 */
10404 _In_ PCtxtHandle phContext
,
10405 _In_ PSecBufferDesc pToken
);
10409 (SEC_ENTRY
* COMPLETE_AUTH_TOKEN_FN
)(
10416 _In_ PCtxtHandle phContext
,
10417 _Inout_ PSecBufferDesc pMessage
,
10418 _In_ ULONG MessageSeqNo
,
10419 _Out_opt_ PULONG pfQOP
);
10423 (SEC_ENTRY
* DECRYPT_MESSAGE_FN
)(
10432 DeleteSecurityContext(
10433 _In_ PCtxtHandle phContext
);
10437 (SEC_ENTRY
* DELETE_SECURITY_CONTEXT_FN
)(
10443 _In_ PCtxtHandle phContext
,
10445 _Inout_ PSecBufferDesc pMessage
,
10446 _In_ ULONG MessageSeqNo
);
10450 (SEC_ENTRY
* ENCRYPT_MESSAGE_FN
)(
10459 EnumerateSecurityPackagesW(
10460 _Out_ PULONG pcPackages
,
10461 _Deref_out_ PSecPkgInfoW
* ppPackageInfo
);
10462 #define EnumerateSecurityPackages EnumerateSecurityPackagesW
10466 (SEC_ENTRY
* ENUMERATE_SECURITY_PACKAGES_FN_W
)(
10469 #define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
10474 ExportSecurityContext(
10475 _In_ PCtxtHandle phContext
,
10477 _Out_ PSecBuffer pPackedContext
,
10478 _Out_ PVOID
* pToken
);
10482 (SEC_ENTRY
* EXPORT_SECURITY_CONTEXT_FN
)(
10491 _Inout_ PVOID pvContextBuffer
);
10495 (SEC_ENTRY
* FREE_CONTEXT_BUFFER_FN
)(
10501 FreeCredentialsHandle(
10502 _In_ PCredHandle phCredential
);
10506 (SEC_ENTRY
* FREE_CREDENTIALS_HANDLE_FN
)(
10512 ImpersonateSecurityContext(
10513 _In_ PCtxtHandle phContext
);
10517 (SEC_ENTRY
* IMPERSONATE_SECURITY_CONTEXT_FN
)(
10523 ImportSecurityContextW(
10524 _In_ PSSPI_SEC_STRING pszPackage
,
10525 _In_ PSecBuffer pPackedContext
,
10527 _Out_ PCtxtHandle phContext
);
10528 #define ImportSecurityContext ImportSecurityContextW
10532 (SEC_ENTRY
* IMPORT_SECURITY_CONTEXT_FN_W
)(
10537 #define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
10542 InitializeSecurityContextW(
10543 _In_opt_ PCredHandle phCredential
,
10544 _In_opt_ PCtxtHandle phContext
,
10545 _In_opt_ PSSPI_SEC_STRING pTargetName
,
10546 _In_ ULONG fContextReq
,
10547 _In_ ULONG Reserved1
,
10548 _In_ ULONG TargetDataRep
,
10549 _In_opt_ PSecBufferDesc pInput
,
10550 _In_ ULONG Reserved2
,
10551 _Inout_opt_ PCtxtHandle phNewContext
,
10552 _Inout_opt_ PSecBufferDesc pOutput
,
10553 _Out_ PULONG pfContextAttr
,
10554 _Out_opt_ PTimeStamp ptsExpiry
);
10555 #define InitializeSecurityContext InitializeSecurityContextW
10559 (SEC_ENTRY
* INITIALIZE_SECURITY_CONTEXT_FN_W
)(
10572 #define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
10575 PSecurityFunctionTableW
10577 InitSecurityInterfaceW(VOID
);
10578 #define InitSecurityInterface InitSecurityInterfaceW
10581 PSecurityFunctionTableW
10582 (SEC_ENTRY
* INIT_SECURITY_INTERFACE_W
)(VOID
);
10583 #define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
10589 _In_ PCtxtHandle phContext
,
10591 _In_ PSecBufferDesc pMessage
,
10592 _In_ ULONG MessageSeqNo
);
10596 (SEC_ENTRY
* MAKE_SIGNATURE_FN
)(
10605 QueryContextAttributesW(
10606 _In_ PCtxtHandle phContext
,
10607 _In_ ULONG ulAttribute
,
10608 _Out_ PVOID pBuffer
);
10609 #define QueryContextAttributes QueryContextAttributesW
10613 (SEC_ENTRY
* QUERY_CONTEXT_ATTRIBUTES_FN_W
)(
10617 #define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
10622 QueryCredentialsAttributesW(
10623 _In_ PCredHandle phCredential
,
10624 _In_ ULONG ulAttribute
,
10625 _Inout_ PVOID pBuffer
);
10626 #define QueryCredentialsAttributes QueryCredentialsAttributesW
10630 (SEC_ENTRY
* QUERY_CREDENTIALS_ATTRIBUTES_FN_W
)(
10634 #define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
10639 QuerySecurityContextToken(
10640 _In_ PCtxtHandle phContext
,
10641 _Out_ PVOID
* Token
);
10645 (SEC_ENTRY
* QUERY_SECURITY_CONTEXT_TOKEN_FN
)(
10646 PCtxtHandle
, PVOID
*);
10651 QuerySecurityPackageInfoW(
10652 _In_ PSSPI_SEC_STRING pPackageName
,
10653 _Deref_out_ PSecPkgInfoW
*ppPackageInfo
);
10654 #define QuerySecurityPackageInfo QuerySecurityPackageInfoW
10658 (SEC_ENTRY
* QUERY_SECURITY_PACKAGE_INFO_FN_W
)(
10661 #define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
10666 RevertSecurityContext(
10667 _In_ PCtxtHandle phContext
);
10671 (SEC_ENTRY
* REVERT_SECURITY_CONTEXT_FN
)(
10674 #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
10677 SetContextAttributesW(
10678 _In_ PCtxtHandle phContext
,
10679 _In_ ULONG ulAttribute
,
10680 _In_bytecount_(cbBuffer
) PVOID pBuffer
,
10681 _In_ ULONG cbBuffer
);
10682 #define SetContextAttributes SetContextAttributesW
10686 (SEC_ENTRY
* SET_CONTEXT_ATTRIBUTES_FN_W
)(
10691 #define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
10694 #if (NTDDI_VERSION > NTDDI_WS03)
10698 SetCredentialsAttributesW(
10699 _In_ PCredHandle phCredential
,
10700 _In_ ULONG ulAttribute
,
10701 _In_bytecount_(cbBuffer
) PVOID pBuffer
,
10702 _In_ ULONG cbBuffer
);
10703 #define SetCredentialsAttributes SetCredentialsAttributesW
10707 (SEC_ENTRY
* SET_CREDENTIALS_ATTRIBUTES_FN_W
)(
10712 #define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
10713 #endif /* NTDDI_VERSION > NTDDI_WS03 */
10719 _In_ PCtxtHandle phContext
,
10720 _In_ PSecBufferDesc pMessage
,
10721 _In_ ULONG MessageSeqNo
,
10722 _Out_ PULONG pfQOP
);
10726 (SEC_ENTRY
* VERIFY_SIGNATURE_FN
)(
10732 #if (ISSP_MODE == 0)
10738 _In_ PUNICODE_STRING ServiceClass
,
10739 _In_ PUNICODE_STRING ServiceName
,
10740 _In_opt_ PUNICODE_STRING InstanceName
,
10741 _In_opt_ USHORT InstancePort
,
10742 _In_opt_ PUNICODE_STRING Referrer
,
10743 _Inout_ PUNICODE_STRING Spn
,
10744 _Out_opt_ PULONG Length
,
10745 _In_ BOOLEAN Allocate
);
10747 #if (NTDDI_VERSION >= NTDDI_WINXP)
10752 _In_ PUNICODE_STRING ServiceClass
,
10753 _In_ PUNICODE_STRING ServiceName
,
10754 _In_opt_ PUNICODE_STRING InstanceName
,
10755 _In_opt_ USHORT InstancePort
,
10756 _In_opt_ PUNICODE_STRING Referrer
,
10757 _In_opt_ PUNICODE_STRING TargetInfo
,
10758 _Inout_ PUNICODE_STRING Spn
,
10759 _Out_ PULONG Length OPTIONAL
,
10760 _In_ BOOLEAN Allocate
);
10765 SecLookupAccountSid(
10767 _Out_ PULONG NameSize
,
10768 _Inout_ PUNICODE_STRING NameBuffer
,
10769 _Out_ PULONG DomainSize OPTIONAL
,
10770 _Out_opt_ PUNICODE_STRING DomainBuffer
,
10771 _Out_ PSID_NAME_USE NameUse
);
10776 SecLookupAccountName(
10777 _In_ PUNICODE_STRING Name
,
10778 _Inout_ PULONG SidSize
,
10780 _Out_ PSID_NAME_USE NameUse
,
10781 _Out_opt_ PULONG DomainSize
, // WDK says _Out_ only + ... OPTIONAL
10782 _Inout_opt_ PUNICODE_STRING ReferencedDomain
);
10785 #if (NTDDI_VERSION >= NTDDI_WS03)
10789 SecLookupWellKnownSid(
10790 _In_ WELL_KNOWN_SID_TYPE SidType
,
10792 _In_ ULONG SidBufferSize
,
10793 _Inout_opt_ PULONG SidSize
);
10796 #if (NTDDI_VERSION >= NTDDI_VISTA)
10801 _In_ PUNICODE_STRING ServiceClass
,
10802 _In_ PUNICODE_STRING ServiceName
,
10803 _In_opt_ PUNICODE_STRING InstanceName
,
10804 _In_opt_ USHORT InstancePort
,
10805 _In_opt_ PUNICODE_STRING Referrer
,
10806 _In_opt_ PUNICODE_STRING InTargetInfo
,
10807 _Inout_ PUNICODE_STRING Spn
,
10808 _Out_opt_ PULONG TotalSize
,
10809 _In_ BOOLEAN Allocate
,
10810 _In_ BOOLEAN IsTargetInfoMarshaled
);
10813 #endif /* ISSP_MODE == 0 */
10815 #if (NTDDI_VERSION >= NTDDI_WIN7)
10819 SspiEncodeAuthIdentityAsStrings(
10820 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity
,
10821 _Deref_out_opt_ PCWSTR
* ppszUserName
,
10822 _Deref_out_opt_ PCWSTR
* ppszDomainName
,
10823 _Deref_opt_out_opt_ PCWSTR
* ppszPackedCredentialsString
);
10827 SspiValidateAuthIdentity(
10828 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10832 SspiCopyAuthIdentity(
10833 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
,
10834 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* AuthDataCopy
);
10838 SspiFreeAuthIdentity(
10839 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10843 SspiZeroAuthIdentity(
10844 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10849 _In_opt_ PVOID DataBuffer
);
10853 SspiEncodeStringsAsAuthIdentity(
10854 _In_opt_ PCWSTR pszUserName
,
10855 _In_opt_ PCWSTR pszDomainName
,
10856 _In_opt_ PCWSTR pszPackedCredentialsString
,
10857 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppAuthIdentity
);
10861 SspiCompareAuthIdentities(
10862 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1
,
10863 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2
,
10864 _Out_opt_ PBOOLEAN SameSuppliedUser
,
10865 _Out_opt_ PBOOLEAN SameSuppliedIdentity
);
10869 SspiMarshalAuthIdentity(
10870 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity
,
10871 _Out_ PULONG AuthIdentityLength
,
10872 _Outptr_result_bytebuffer_(*AuthIdentityLength
) PCHAR
* AuthIdentityByteArray
);
10876 SspiUnmarshalAuthIdentity(
10877 _In_ PULONG AuthIdentityLength
,
10878 _In_reads_bytes_(AuthIdentityLength
) PCHAR AuthIdentityByteArray
,
10879 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppAuthIdentity
);
10883 SspiIsPromptingNeeded(
10884 _In_ PULONG ErrorOrNtStatus
);
10888 SspiGetTargetHostName(
10889 _In_ PCWSTR pszTargetName
,
10890 _Outptr_ PWSTR
* pszHostName
);
10894 SspiExcludePackage(
10895 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity
,
10896 _In_ PCWSTR pszPackageName
,
10897 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppNewAuthIdentity
);
10899 #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04
10900 #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08
10902 #endif /* NTDDI_VERSION >= NTDDI_WIN7 */
10904 #define FreeCredentialHandle FreeCredentialsHandle
10905 struct _SECURITY_FUNCTION_TABLE_W
10908 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW
;
10909 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW
;
10910 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW
;
10911 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle
;
10913 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW
;
10914 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext
;
10915 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken
;
10916 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext
;
10917 APPLY_CONTROL_TOKEN_FN ApplyControlToken
;
10918 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW
;
10919 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext
;
10920 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext
;
10921 MAKE_SIGNATURE_FN MakeSignature
;
10922 VERIFY_SIGNATURE_FN VerifySignature
;
10923 FREE_CONTEXT_BUFFER_FN FreeContextBuffer
;
10924 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW
;
10927 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext
;
10928 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW
;
10929 ADD_CREDENTIALS_FN_W AddCredentialsW
;
10931 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken
;
10932 ENCRYPT_MESSAGE_FN EncryptMessage
;
10933 DECRYPT_MESSAGE_FN DecryptMessage
;
10934 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10935 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW
;
10937 #if NTDDI_VERSION > NTDDI_WS03SP1
10938 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW
;
10941 CHANGE_PASSWORD_FN_W ChangeAccountPasswordW
;
10947 #endif /* !__SSPI_H__ */
10949 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
10950 #if defined(_WIN64)
10951 C_ASSERT(sizeof(ERESOURCE
) == 0x68);
10952 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x18);
10953 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x1a);
10955 C_ASSERT(sizeof(ERESOURCE
) == 0x38);
10956 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x0c);
10957 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x0e);
10961 #if defined(_IA64_)
10962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10963 //DECLSPEC_DEPRECATED_DDK
10967 HalGetDmaAlignmentRequirement(
10972 #if defined(_M_IX86) || defined(_M_AMD64)
10973 #define HalGetDmaAlignmentRequirement() 1L
10977 extern PUSHORT NlsOemLeadByteInfo
;
10978 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
10980 __CREATE_NTOS_DATA_IMPORT_ALIAS(NlsOemLeadByteInfo
)
10981 extern PUSHORT
*NlsOemLeadByteInfo
;
10982 #define NLS_OEM_LEAD_BYTE_INFO (*NlsOemLeadByteInfo)
10985 #if (NTDDI_VERSION >= NTDDI_VISTA)
10987 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER
{
10988 NetworkOpenLocationAny
,
10989 NetworkOpenLocationRemote
,
10990 NetworkOpenLocationLoopback
10991 } NETWORK_OPEN_LOCATION_QUALIFIER
;
10993 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER
{
10994 NetworkOpenIntegrityAny
,
10995 NetworkOpenIntegrityNone
,
10996 NetworkOpenIntegritySigned
,
10997 NetworkOpenIntegrityEncrypted
,
10998 NetworkOpenIntegrityMaximum
10999 } NETWORK_OPEN_INTEGRITY_QUALIFIER
;
11001 #if (NTDDI_VERSION >= NTDDI_WIN7)
11003 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
11004 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
11005 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
11007 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
11010 _ANONYMOUS_STRUCT
struct {
11012 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11013 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11017 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11018 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11022 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
11024 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0
{
11027 _ANONYMOUS_STRUCT
struct {
11029 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11030 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11033 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11034 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11037 } NETWORK_OPEN_ECP_CONTEXT_V0
, *PNETWORK_OPEN_ECP_CONTEXT_V0
;
11039 #elif (NTDDI_VERSION >= NTDDI_VISTA)
11040 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
11043 _ANONYMOUS_STRUCT
struct {
11045 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11046 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11049 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
11050 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
11053 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
11056 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT
, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
11058 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
11061 #if (NTDDI_VERSION >= NTDDI_VISTA)
11063 typedef struct _PREFETCH_OPEN_ECP_CONTEXT
{
11065 } PREFETCH_OPEN_ECP_CONTEXT
, *PPREFETCH_OPEN_ECP_CONTEXT
;
11067 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN
, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
11069 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
11071 #if (NTDDI_VERSION >= NTDDI_WIN7)
11073 DEFINE_GUID (GUID_ECP_NFS_OPEN
, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
11074 DEFINE_GUID (GUID_ECP_SRV_OPEN
, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
11076 typedef struct sockaddr_storage
*PSOCKADDR_STORAGE_NFS
;
11078 typedef struct _NFS_OPEN_ECP_CONTEXT
{
11079 PUNICODE_STRING ExportAlias
;
11080 PSOCKADDR_STORAGE_NFS ClientSocketAddress
;
11081 } NFS_OPEN_ECP_CONTEXT
, *PNFS_OPEN_ECP_CONTEXT
, **PPNFS_OPEN_ECP_CONTEXT
;
11083 typedef struct _SRV_OPEN_ECP_CONTEXT
{
11084 PUNICODE_STRING ShareName
;
11085 PSOCKADDR_STORAGE_NFS SocketAddress
;
11086 BOOLEAN OplockBlockState
;
11087 BOOLEAN OplockAppState
;
11088 BOOLEAN OplockFinalState
;
11089 } SRV_OPEN_ECP_CONTEXT
, *PSRV_OPEN_ECP_CONTEXT
;
11091 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
11093 #define PIN_WAIT (1)
11094 #define PIN_EXCLUSIVE (2)
11095 #define PIN_NO_READ (4)
11096 #define PIN_IF_BCB (8)
11097 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
11098 #define PIN_HIGH_PRIORITY (64)
11101 #define MAP_NO_READ (16)
11102 #define MAP_HIGH_PRIORITY (64)
11104 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
11105 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
11107 typedef struct _QUERY_PATH_REQUEST
{
11108 ULONG PathNameLength
;
11109 PIO_SECURITY_CONTEXT SecurityContext
;
11110 WCHAR FilePathName
[1];
11111 } QUERY_PATH_REQUEST
, *PQUERY_PATH_REQUEST
;
11113 typedef struct _QUERY_PATH_REQUEST_EX
{
11114 PIO_SECURITY_CONTEXT pSecurityContext
;
11117 UNICODE_STRING PathName
;
11118 UNICODE_STRING DomainServiceName
;
11119 ULONG_PTR Reserved
[ 3 ];
11120 } QUERY_PATH_REQUEST_EX
, *PQUERY_PATH_REQUEST_EX
;
11122 typedef struct _QUERY_PATH_RESPONSE
{
11123 ULONG LengthAccepted
;
11124 } QUERY_PATH_RESPONSE
, *PQUERY_PATH_RESPONSE
;
11126 #define VOLSNAPCONTROLTYPE 0x00000053
11127 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
11129 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
11130 #pragma pack(push,4)
11132 #ifndef VER_PRODUCTBUILD
11133 #define VER_PRODUCTBUILD 10000
11138 #define FS_LFN_APIS 0x00004000
11140 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
11141 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
11142 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
11143 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
11144 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
11145 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
11146 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
11147 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
11148 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
11149 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
11150 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
11151 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
11152 #define FILE_STORAGE_TYPE_MASK 0x000f0000
11153 #define FILE_STORAGE_TYPE_SHIFT 16
11155 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
11158 #define HARDWARE_PTE HARDWARE_PTE_X86
11159 #define PHARDWARE_PTE PHARDWARE_PTE_X86
11162 #define IO_ATTACH_DEVICE_API 0x80000000
11164 #define IO_TYPE_APC 18
11165 #define IO_TYPE_DPC 19
11166 #define IO_TYPE_DEVICE_QUEUE 20
11167 #define IO_TYPE_EVENT_PAIR 21
11168 #define IO_TYPE_INTERRUPT 22
11169 #define IO_TYPE_PROFILE 23
11171 #define IRP_BEING_VERIFIED 0x10
11173 #define MAILSLOT_CLASS_FIRSTCLASS 1
11174 #define MAILSLOT_CLASS_SECONDCLASS 2
11176 #define MAILSLOT_SIZE_AUTO 0
11178 #define MEM_DOS_LIM 0x40000000
11180 #define OB_TYPE_TYPE 1
11181 #define OB_TYPE_DIRECTORY 2
11182 #define OB_TYPE_SYMBOLIC_LINK 3
11183 #define OB_TYPE_TOKEN 4
11184 #define OB_TYPE_PROCESS 5
11185 #define OB_TYPE_THREAD 6
11186 #define OB_TYPE_EVENT 7
11187 #define OB_TYPE_EVENT_PAIR 8
11188 #define OB_TYPE_MUTANT 9
11189 #define OB_TYPE_SEMAPHORE 10
11190 #define OB_TYPE_TIMER 11
11191 #define OB_TYPE_PROFILE 12
11192 #define OB_TYPE_WINDOW_STATION 13
11193 #define OB_TYPE_DESKTOP 14
11194 #define OB_TYPE_SECTION 15
11195 #define OB_TYPE_KEY 16
11196 #define OB_TYPE_PORT 17
11197 #define OB_TYPE_ADAPTER 18
11198 #define OB_TYPE_CONTROLLER 19
11199 #define OB_TYPE_DEVICE 20
11200 #define OB_TYPE_DRIVER 21
11201 #define OB_TYPE_IO_COMPLETION 22
11202 #define OB_TYPE_FILE 23
11204 #define SEC_BASED 0x00200000
11208 #define TOKEN_HAS_ADMIN_GROUP 0x08
11210 #if (VER_PRODUCTBUILD >= 1381)
11211 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
11212 #endif /* (VER_PRODUCTBUILD >= 1381) */
11214 #if (VER_PRODUCTBUILD >= 2195)
11216 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
11217 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
11219 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
11221 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
11222 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
11223 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
11224 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
11225 #endif /* (VER_PRODUCTBUILD >= 2195) */
11227 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
11228 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
11229 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
11230 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
11231 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
11232 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
11233 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
11234 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
11236 typedef enum _FILE_STORAGE_TYPE
{
11237 StorageTypeDefault
= 1,
11238 StorageTypeDirectory
,
11240 StorageTypeJunctionPoint
,
11241 StorageTypeCatalog
,
11242 StorageTypeStructuredStorage
,
11243 StorageTypeEmbedding
,
11245 } FILE_STORAGE_TYPE
;
11247 typedef struct _OBJECT_BASIC_INFORMATION
11250 ACCESS_MASK GrantedAccess
;
11252 ULONG PointerCount
;
11253 ULONG PagedPoolCharge
;
11254 ULONG NonPagedPoolCharge
;
11255 ULONG Reserved
[ 3 ];
11256 ULONG NameInfoSize
;
11257 ULONG TypeInfoSize
;
11258 ULONG SecurityDescriptorSize
;
11259 LARGE_INTEGER CreationTime
;
11260 } OBJECT_BASIC_INFORMATION
, *POBJECT_BASIC_INFORMATION
;
11262 typedef struct _FILE_COPY_ON_WRITE_INFORMATION
{
11263 BOOLEAN ReplaceIfExists
;
11264 HANDLE RootDirectory
;
11265 ULONG FileNameLength
;
11267 } FILE_COPY_ON_WRITE_INFORMATION
, *PFILE_COPY_ON_WRITE_INFORMATION
;
11269 typedef struct _FILE_FULL_DIRECTORY_INFORMATION
{
11270 ULONG NextEntryOffset
;
11272 LARGE_INTEGER CreationTime
;
11273 LARGE_INTEGER LastAccessTime
;
11274 LARGE_INTEGER LastWriteTime
;
11275 LARGE_INTEGER ChangeTime
;
11276 LARGE_INTEGER EndOfFile
;
11277 LARGE_INTEGER AllocationSize
;
11278 ULONG FileAttributes
;
11279 ULONG FileNameLength
;
11281 WCHAR FileName
[ANYSIZE_ARRAY
];
11282 } FILE_FULL_DIRECTORY_INFORMATION
, *PFILE_FULL_DIRECTORY_INFORMATION
;
11284 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11285 typedef struct _FILE_SHARED_LOCK_ENTRY
{
11288 FILE_LOCK_INFO FileLock
;
11289 } FILE_SHARED_LOCK_ENTRY
, *PFILE_SHARED_LOCK_ENTRY
;
11291 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11292 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY
{
11293 LIST_ENTRY ListEntry
;
11296 FILE_LOCK_INFO FileLock
;
11297 } FILE_EXCLUSIVE_LOCK_ENTRY
, *PFILE_EXCLUSIVE_LOCK_ENTRY
;
11299 typedef struct _FILE_MAILSLOT_PEEK_BUFFER
{
11300 ULONG ReadDataAvailable
;
11301 ULONG NumberOfMessages
;
11302 ULONG MessageLength
;
11303 } FILE_MAILSLOT_PEEK_BUFFER
, *PFILE_MAILSLOT_PEEK_BUFFER
;
11305 typedef struct _FILE_OLE_CLASSID_INFORMATION
{
11307 } FILE_OLE_CLASSID_INFORMATION
, *PFILE_OLE_CLASSID_INFORMATION
;
11309 typedef struct _FILE_OLE_ALL_INFORMATION
{
11310 FILE_BASIC_INFORMATION BasicInformation
;
11311 FILE_STANDARD_INFORMATION StandardInformation
;
11312 FILE_INTERNAL_INFORMATION InternalInformation
;
11313 FILE_EA_INFORMATION EaInformation
;
11314 FILE_ACCESS_INFORMATION AccessInformation
;
11315 FILE_POSITION_INFORMATION PositionInformation
;
11316 FILE_MODE_INFORMATION ModeInformation
;
11317 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
11319 USN ReplicationUsn
;
11320 LARGE_INTEGER SecurityChangeTime
;
11321 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
11322 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
11323 FILE_STORAGE_TYPE StorageType
;
11324 ULONG OleStateBits
;
11326 ULONG NumberOfStreamReferences
;
11329 BOOLEAN ContentIndexDisable
;
11330 BOOLEAN InheritContentIndexDisable
;
11331 FILE_NAME_INFORMATION NameInformation
;
11332 } FILE_OLE_ALL_INFORMATION
, *PFILE_OLE_ALL_INFORMATION
;
11334 typedef struct _FILE_OLE_DIR_INFORMATION
{
11335 ULONG NextEntryOffset
;
11337 LARGE_INTEGER CreationTime
;
11338 LARGE_INTEGER LastAccessTime
;
11339 LARGE_INTEGER LastWriteTime
;
11340 LARGE_INTEGER ChangeTime
;
11341 LARGE_INTEGER EndOfFile
;
11342 LARGE_INTEGER AllocationSize
;
11343 ULONG FileAttributes
;
11344 ULONG FileNameLength
;
11345 FILE_STORAGE_TYPE StorageType
;
11347 ULONG OleStateBits
;
11348 BOOLEAN ContentIndexDisable
;
11349 BOOLEAN InheritContentIndexDisable
;
11351 } FILE_OLE_DIR_INFORMATION
, *PFILE_OLE_DIR_INFORMATION
;
11353 typedef struct _FILE_OLE_INFORMATION
{
11354 LARGE_INTEGER SecurityChangeTime
;
11355 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
11356 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
11357 FILE_STORAGE_TYPE StorageType
;
11358 ULONG OleStateBits
;
11359 BOOLEAN ContentIndexDisable
;
11360 BOOLEAN InheritContentIndexDisable
;
11361 } FILE_OLE_INFORMATION
, *PFILE_OLE_INFORMATION
;
11363 typedef struct _FILE_OLE_STATE_BITS_INFORMATION
{
11365 ULONG StateBitsMask
;
11366 } FILE_OLE_STATE_BITS_INFORMATION
, *PFILE_OLE_STATE_BITS_INFORMATION
;
11368 typedef struct _MAPPING_PAIR
{
11371 } MAPPING_PAIR
, *PMAPPING_PAIR
;
11373 typedef struct _GET_RETRIEVAL_DESCRIPTOR
{
11374 ULONG NumberOfPairs
;
11375 ULONGLONG StartVcn
;
11376 MAPPING_PAIR Pair
[1];
11377 } GET_RETRIEVAL_DESCRIPTOR
, *PGET_RETRIEVAL_DESCRIPTOR
;
11379 typedef struct _MOVEFILE_DESCRIPTOR
{
11382 LARGE_INTEGER StartVcn
;
11383 LARGE_INTEGER TargetLcn
;
11386 } MOVEFILE_DESCRIPTOR
, *PMOVEFILE_DESCRIPTOR
;
11388 typedef struct _OBJECT_BASIC_INFO
{
11390 ACCESS_MASK GrantedAccess
;
11392 ULONG ReferenceCount
;
11393 ULONG PagedPoolUsage
;
11394 ULONG NonPagedPoolUsage
;
11396 ULONG NameInformationLength
;
11397 ULONG TypeInformationLength
;
11398 ULONG SecurityDescriptorLength
;
11399 LARGE_INTEGER CreateTime
;
11400 } OBJECT_BASIC_INFO
, *POBJECT_BASIC_INFO
;
11402 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO
{
11404 BOOLEAN ProtectFromClose
;
11405 } OBJECT_HANDLE_ATTRIBUTE_INFO
, *POBJECT_HANDLE_ATTRIBUTE_INFO
;
11407 typedef struct _OBJECT_NAME_INFO
{
11408 UNICODE_STRING ObjectName
;
11409 WCHAR ObjectNameBuffer
[1];
11410 } OBJECT_NAME_INFO
, *POBJECT_NAME_INFO
;
11412 typedef struct _OBJECT_PROTECTION_INFO
{
11414 BOOLEAN ProtectHandle
;
11415 } OBJECT_PROTECTION_INFO
, *POBJECT_PROTECTION_INFO
;
11417 typedef struct _OBJECT_TYPE_INFO
{
11418 UNICODE_STRING ObjectTypeName
;
11419 UCHAR Unknown
[0x58];
11420 WCHAR ObjectTypeNameBuffer
[1];
11421 } OBJECT_TYPE_INFO
, *POBJECT_TYPE_INFO
;
11423 typedef struct _OBJECT_ALL_TYPES_INFO
{
11424 ULONG NumberOfObjectTypes
;
11425 OBJECT_TYPE_INFO ObjectsTypeInfo
[1];
11426 } OBJECT_ALL_TYPES_INFO
, *POBJECT_ALL_TYPES_INFO
;
11428 #if defined(USE_LPC6432)
11429 #define LPC_CLIENT_ID CLIENT_ID64
11430 #define LPC_SIZE_T ULONGLONG
11431 #define LPC_PVOID ULONGLONG
11432 #define LPC_HANDLE ULONGLONG
11434 #define LPC_CLIENT_ID CLIENT_ID
11435 #define LPC_SIZE_T SIZE_T
11436 #define LPC_PVOID PVOID
11437 #define LPC_HANDLE HANDLE
11440 typedef struct _PORT_MESSAGE
11447 CSHORT TotalLength
;
11456 CSHORT DataInfoOffset
;
11460 __GNU_EXTENSION
union
11462 LPC_CLIENT_ID ClientId
;
11463 double DoNotUseThisField
;
11466 __GNU_EXTENSION
union
11468 LPC_SIZE_T ClientViewSize
;
11471 } PORT_MESSAGE
, *PPORT_MESSAGE
;
11473 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
11475 typedef struct _PORT_VIEW
11478 LPC_HANDLE SectionHandle
;
11479 ULONG SectionOffset
;
11480 LPC_SIZE_T ViewSize
;
11481 LPC_PVOID ViewBase
;
11482 LPC_PVOID ViewRemoteBase
;
11483 } PORT_VIEW
, *PPORT_VIEW
;
11485 typedef struct _REMOTE_PORT_VIEW
11488 LPC_SIZE_T ViewSize
;
11489 LPC_PVOID ViewBase
;
11490 } REMOTE_PORT_VIEW
, *PREMOTE_PORT_VIEW
;
11492 typedef struct _VAD_HEADER
{
11495 struct _VAD_HEADER
* ParentLink
;
11496 struct _VAD_HEADER
* LeftLink
;
11497 struct _VAD_HEADER
* RightLink
;
11498 ULONG Flags
; /* LSB = CommitCharge */
11500 PVOID FirstProtoPte
;
11503 LIST_ENTRY Secured
;
11504 } VAD_HEADER
, *PVAD_HEADER
;
11509 CcGetLsnForFileObject (
11510 _In_ PFILE_OBJECT FileObject
,
11511 _Out_opt_ PLARGE_INTEGER OldestLsn
11517 FsRtlAllocatePool (
11518 _In_ POOL_TYPE PoolType
,
11519 _In_ ULONG NumberOfBytes
11525 FsRtlAllocatePoolWithQuota (
11526 _In_ POOL_TYPE PoolType
,
11527 _In_ ULONG NumberOfBytes
11533 FsRtlAllocatePoolWithQuotaTag (
11534 _In_ POOL_TYPE PoolType
,
11535 _In_ ULONG NumberOfBytes
,
11542 FsRtlAllocatePoolWithTag (
11543 _In_ POOL_TYPE PoolType
,
11544 _In_ ULONG NumberOfBytes
,
11551 FsRtlMdlReadComplete (
11552 _In_ PFILE_OBJECT FileObject
,
11559 FsRtlMdlWriteComplete (
11560 _In_ PFILE_OBJECT FileObject
,
11561 _In_ PLARGE_INTEGER FileOffset
,
11568 FsRtlNotifyChangeDirectory (
11569 _In_ PNOTIFY_SYNC NotifySync
,
11570 _In_ PVOID FsContext
,
11571 _In_ PSTRING FullDirectoryName
,
11572 _In_ PLIST_ENTRY NotifyList
,
11573 _In_ BOOLEAN WatchTree
,
11574 _In_ ULONG CompletionFilter
,
11575 _In_ PIRP NotifyIrp
11583 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode
,
11584 _In_ POBJECT_TYPE ObjectType
,
11585 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
11586 _In_ KPROCESSOR_MODE AccessMode
,
11587 _Inout_opt_ PVOID ParseContext
,
11588 _In_ ULONG ObjectSize
,
11589 _In_opt_ ULONG PagedPoolCharge
,
11590 _In_opt_ ULONG NonPagedPoolCharge
,
11591 _Out_ PVOID
*Object
11597 ObReferenceObjectByName (
11598 _In_ PUNICODE_STRING ObjectName
,
11599 _In_ ULONG Attributes
,
11600 _In_opt_ PACCESS_STATE PassedAccessState
,
11601 _In_opt_ ACCESS_MASK DesiredAccess
,
11602 _In_ POBJECT_TYPE ObjectType
,
11603 _In_ KPROCESSOR_MODE AccessMode
,
11604 _Inout_opt_ PVOID ParseContext
,
11605 _Out_ PVOID
*Object
11608 #define PsDereferenceImpersonationToken(T) \
11609 {if (ARGUMENT_PRESENT(T)) { \
11610 (ObDereferenceObject((T))); \
11619 PsLookupProcessThreadByCid (
11620 _In_ PCLIENT_ID Cid
,
11621 _Out_opt_ PEPROCESS
*Process
,
11622 _Out_ PETHREAD
*Thread
11628 RtlSetSaclSecurityDescriptor (
11629 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
11630 _In_ BOOLEAN SaclPresent
,
11632 _In_ BOOLEAN SaclDefaulted
11635 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
projects / reactos.git / blob