4 * Windows NT Filesystem Driver Developer Kit
6 * This file is part of the ReactOS DDK package.
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
12 * THIS SOFTWARE IS NOT COPYRIGHTED
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
26 #define _NTIFS_INCLUDED_
44 #define FlagOn(_F,_SF) ((_F) & (_SF))
48 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
52 #define SetFlag(_F,_SF) ((_F) |= (_SF))
56 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
59 typedef UNICODE_STRING LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
60 typedef STRING LSA_STRING
, *PLSA_STRING
;
61 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
63 /******************************************************************************
64 * Security Manager Types *
65 ******************************************************************************/
66 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
67 #define SID_IDENTIFIER_AUTHORITY_DEFINED
68 typedef struct _SID_IDENTIFIER_AUTHORITY
{
70 } SID_IDENTIFIER_AUTHORITY
,*PSID_IDENTIFIER_AUTHORITY
,*LPSID_IDENTIFIER_AUTHORITY
;
77 UCHAR SubAuthorityCount
;
78 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
;
80 [size_is(SubAuthorityCount
)] ULONG SubAuthority
[*];
82 ULONG SubAuthority
[ANYSIZE_ARRAY
];
87 #define SID_REVISION 1
88 #define SID_MAX_SUB_AUTHORITIES 15
89 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
92 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
95 typedef enum _SID_NAME_USE
{
100 SidTypeWellKnownGroup
,
101 SidTypeDeletedAccount
,
106 } SID_NAME_USE
, *PSID_NAME_USE
;
108 typedef struct _SID_AND_ATTRIBUTES
{
115 } SID_AND_ATTRIBUTES
, *PSID_AND_ATTRIBUTES
;
116 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
117 typedef SID_AND_ATTRIBUTES_ARRAY
*PSID_AND_ATTRIBUTES_ARRAY
;
119 #define SID_HASH_SIZE 32
120 typedef ULONG_PTR SID_HASH_ENTRY
, *PSID_HASH_ENTRY
;
122 typedef struct _SID_AND_ATTRIBUTES_HASH
{
124 PSID_AND_ATTRIBUTES SidAttr
;
125 SID_HASH_ENTRY Hash
[SID_HASH_SIZE
];
126 } SID_AND_ATTRIBUTES_HASH
, *PSID_AND_ATTRIBUTES_HASH
;
128 /* Universal well-known SIDs */
130 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
131 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
132 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
133 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
134 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
135 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
137 #define SECURITY_NULL_RID (0x00000000L)
138 #define SECURITY_WORLD_RID (0x00000000L)
139 #define SECURITY_LOCAL_RID (0x00000000L)
140 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
142 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
143 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
144 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
145 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
146 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
148 /* NT well-known SIDs */
150 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
152 #define SECURITY_DIALUP_RID (0x00000001L)
153 #define SECURITY_NETWORK_RID (0x00000002L)
154 #define SECURITY_BATCH_RID (0x00000003L)
155 #define SECURITY_INTERACTIVE_RID (0x00000004L)
156 #define SECURITY_LOGON_IDS_RID (0x00000005L)
157 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
158 #define SECURITY_SERVICE_RID (0x00000006L)
159 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
160 #define SECURITY_PROXY_RID (0x00000008L)
161 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
162 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
163 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
164 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
165 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
166 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
167 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
168 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
169 #define SECURITY_IUSER_RID (0x00000011L)
170 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
171 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
172 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
173 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
174 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
175 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
177 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
178 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
181 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
182 #define SECURITY_PACKAGE_RID_COUNT (2L)
183 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
184 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
185 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
187 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
188 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
189 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
191 #define SECURITY_MIN_BASE_RID (0x00000050L)
192 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
193 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
194 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
195 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
196 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
197 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
198 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
199 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
200 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
201 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
202 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
203 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
204 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
205 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
206 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
207 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
208 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
210 #define SECURITY_MAX_BASE_RID (0x0000006FL)
212 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
213 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
215 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
217 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
219 /* Well-known domain relative sub-authority values (RIDs) */
221 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
223 #define FOREST_USER_RID_MAX (0x000001F3L)
225 /* Well-known users */
227 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
228 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
229 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
231 #define DOMAIN_USER_RID_MAX (0x000003E7L)
233 /* Well-known groups */
235 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
236 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
237 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
238 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
239 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
240 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
241 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
242 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
243 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
244 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
246 /* Well-known aliases */
248 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
249 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
250 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
251 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
253 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
254 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
255 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
256 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
258 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
259 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
260 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
261 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
262 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
263 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
265 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
266 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
267 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
268 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
269 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
270 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
271 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
272 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
273 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
274 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
275 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
277 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
278 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
279 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
280 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
281 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
282 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
283 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
285 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
286 can be set by a usermode caller.*/
288 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
290 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
292 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
293 Use #999 here (0x3e7 = 999) */
295 #define SYSTEM_LUID {0x3e7, 0x0}
296 #define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
297 #define LOCALSERVICE_LUID {0x3e5, 0x0}
298 #define NETWORKSERVICE_LUID {0x3e4, 0x0}
299 #define IUSER_LUID {0x3e3, 0x0}
301 typedef struct _ACE_HEADER
{
305 } ACE_HEADER
, *PACE_HEADER
;
307 /* also in winnt.h */
308 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
309 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
310 #define ACCESS_DENIED_ACE_TYPE (0x1)
311 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
312 #define SYSTEM_ALARM_ACE_TYPE (0x3)
313 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
314 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
315 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
316 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
317 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
318 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
319 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
320 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
321 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
322 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
323 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
324 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
325 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
326 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
327 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
328 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
329 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
330 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
331 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
332 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
333 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
335 /* The following are the inherit flags that go into the AceFlags field
338 #define OBJECT_INHERIT_ACE (0x1)
339 #define CONTAINER_INHERIT_ACE (0x2)
340 #define NO_PROPAGATE_INHERIT_ACE (0x4)
341 #define INHERIT_ONLY_ACE (0x8)
342 #define INHERITED_ACE (0x10)
343 #define VALID_INHERIT_FLAGS (0x1F)
345 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
346 #define FAILED_ACCESS_ACE_FLAG (0x80)
348 typedef struct _ACCESS_ALLOWED_ACE
{
352 } ACCESS_ALLOWED_ACE
, *PACCESS_ALLOWED_ACE
;
354 typedef struct _ACCESS_DENIED_ACE
{
358 } ACCESS_DENIED_ACE
, *PACCESS_DENIED_ACE
;
360 typedef struct _SYSTEM_AUDIT_ACE
{
364 } SYSTEM_AUDIT_ACE
, *PSYSTEM_AUDIT_ACE
;
366 typedef struct _SYSTEM_ALARM_ACE
{
370 } SYSTEM_ALARM_ACE
, *PSYSTEM_ALARM_ACE
;
372 typedef struct _SYSTEM_MANDATORY_LABEL_ACE
{
376 } SYSTEM_MANDATORY_LABEL_ACE
, *PSYSTEM_MANDATORY_LABEL_ACE
;
378 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
379 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
380 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
381 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
382 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
383 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
385 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
387 typedef USHORT SECURITY_DESCRIPTOR_CONTROL
,*PSECURITY_DESCRIPTOR_CONTROL
;
389 #define SE_OWNER_DEFAULTED 0x0001
390 #define SE_GROUP_DEFAULTED 0x0002
391 #define SE_DACL_PRESENT 0x0004
392 #define SE_DACL_DEFAULTED 0x0008
393 #define SE_SACL_PRESENT 0x0010
394 #define SE_SACL_DEFAULTED 0x0020
395 #define SE_DACL_UNTRUSTED 0x0040
396 #define SE_SERVER_SECURITY 0x0080
397 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
398 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
399 #define SE_DACL_AUTO_INHERITED 0x0400
400 #define SE_SACL_AUTO_INHERITED 0x0800
401 #define SE_DACL_PROTECTED 0x1000
402 #define SE_SACL_PROTECTED 0x2000
403 #define SE_RM_CONTROL_VALID 0x4000
404 #define SE_SELF_RELATIVE 0x8000
406 typedef struct _SECURITY_DESCRIPTOR_RELATIVE
{
409 SECURITY_DESCRIPTOR_CONTROL Control
;
414 } SECURITY_DESCRIPTOR_RELATIVE
, *PISECURITY_DESCRIPTOR_RELATIVE
;
416 typedef struct _SECURITY_DESCRIPTOR
{
419 SECURITY_DESCRIPTOR_CONTROL Control
;
424 } SECURITY_DESCRIPTOR
, *PISECURITY_DESCRIPTOR
;
426 typedef struct _OBJECT_TYPE_LIST
{
430 } OBJECT_TYPE_LIST
, *POBJECT_TYPE_LIST
;
432 #define ACCESS_OBJECT_GUID 0
433 #define ACCESS_PROPERTY_SET_GUID 1
434 #define ACCESS_PROPERTY_GUID 2
435 #define ACCESS_MAX_LEVEL 4
437 typedef enum _AUDIT_EVENT_TYPE
{
438 AuditEventObjectAccess
,
439 AuditEventDirectoryServiceAccess
440 } AUDIT_EVENT_TYPE
, *PAUDIT_EVENT_TYPE
;
442 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
444 #define ACCESS_DS_SOURCE_A "DS"
445 #define ACCESS_DS_SOURCE_W L"DS"
446 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
447 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
449 #define ACCESS_REASON_TYPE_MASK 0xffff0000
450 #define ACCESS_REASON_DATA_MASK 0x0000ffff
452 typedef enum _ACCESS_REASON_TYPE
{
453 AccessReasonNone
= 0x00000000,
454 AccessReasonAllowedAce
= 0x00010000,
455 AccessReasonDeniedAce
= 0x00020000,
456 AccessReasonAllowedParentAce
= 0x00030000,
457 AccessReasonDeniedParentAce
= 0x00040000,
458 AccessReasonMissingPrivilege
= 0x00100000,
459 AccessReasonFromPrivilege
= 0x00200000,
460 AccessReasonIntegrityLevel
= 0x00300000,
461 AccessReasonOwnership
= 0x00400000,
462 AccessReasonNullDacl
= 0x00500000,
463 AccessReasonEmptyDacl
= 0x00600000,
464 AccessReasonNoSD
= 0x00700000,
465 AccessReasonNoGrant
= 0x00800000
466 } ACCESS_REASON_TYPE
;
468 typedef ULONG ACCESS_REASON
;
470 typedef struct _ACCESS_REASONS
{
471 ACCESS_REASON Data
[32];
472 } ACCESS_REASONS
, *PACCESS_REASONS
;
474 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
475 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
476 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
478 typedef struct _SE_SECURITY_DESCRIPTOR
{
481 PSECURITY_DESCRIPTOR SecurityDescriptor
;
482 } SE_SECURITY_DESCRIPTOR
, *PSE_SECURITY_DESCRIPTOR
;
484 typedef struct _SE_ACCESS_REQUEST
{
486 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor
;
487 ACCESS_MASK DesiredAccess
;
488 ACCESS_MASK PreviouslyGrantedAccess
;
489 PSID PrincipalSelfSid
;
490 PGENERIC_MAPPING GenericMapping
;
491 ULONG ObjectTypeListCount
;
492 POBJECT_TYPE_LIST ObjectTypeList
;
493 } SE_ACCESS_REQUEST
, *PSE_ACCESS_REQUEST
;
495 typedef struct _SE_ACCESS_REPLY
{
497 ULONG ResultListCount
;
498 PACCESS_MASK GrantedAccess
;
499 PNTSTATUS AccessStatus
;
500 PACCESS_REASONS AccessReason
;
501 PPRIVILEGE_SET
* Privileges
;
502 } SE_ACCESS_REPLY
, *PSE_ACCESS_REPLY
;
504 typedef enum _SE_AUDIT_OPERATION
{
505 AuditPrivilegeObject
,
506 AuditPrivilegeService
,
509 AuditOpenObjectWithTransaction
,
512 AuditOpenObjectForDelete
,
513 AuditOpenObjectForDeleteWithTransaction
,
516 AuditObjectReference
,
518 } SE_AUDIT_OPERATION
, *PSE_AUDIT_OPERATION
;
520 typedef struct _SE_AUDIT_INFO
{
522 AUDIT_EVENT_TYPE AuditType
;
523 SE_AUDIT_OPERATION AuditOperation
;
525 UNICODE_STRING SubsystemName
;
526 UNICODE_STRING ObjectTypeName
;
527 UNICODE_STRING ObjectName
;
531 BOOLEAN ObjectCreation
;
532 BOOLEAN GenerateOnClose
;
533 } SE_AUDIT_INFO
, *PSE_AUDIT_INFO
;
535 #define TOKEN_ASSIGN_PRIMARY (0x0001)
536 #define TOKEN_DUPLICATE (0x0002)
537 #define TOKEN_IMPERSONATE (0x0004)
538 #define TOKEN_QUERY (0x0008)
539 #define TOKEN_QUERY_SOURCE (0x0010)
540 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
541 #define TOKEN_ADJUST_GROUPS (0x0040)
542 #define TOKEN_ADJUST_DEFAULT (0x0080)
543 #define TOKEN_ADJUST_SESSIONID (0x0100)
545 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
546 TOKEN_ASSIGN_PRIMARY |\
550 TOKEN_QUERY_SOURCE |\
551 TOKEN_ADJUST_PRIVILEGES |\
552 TOKEN_ADJUST_GROUPS |\
553 TOKEN_ADJUST_DEFAULT )
555 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
556 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
557 TOKEN_ADJUST_SESSIONID )
559 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
562 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
565 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
566 TOKEN_ADJUST_PRIVILEGES |\
567 TOKEN_ADJUST_GROUPS |\
568 TOKEN_ADJUST_DEFAULT)
570 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
572 typedef enum _TOKEN_TYPE
{
575 } TOKEN_TYPE
,*PTOKEN_TYPE
;
577 typedef enum _TOKEN_INFORMATION_CLASS
{
586 TokenImpersonationLevel
,
590 TokenGroupsAndPrivileges
,
591 TokenSessionReference
,
598 TokenHasRestrictions
,
599 TokenAccessInformation
,
600 TokenVirtualizationAllowed
,
601 TokenVirtualizationEnabled
,
604 TokenMandatoryPolicy
,
607 } TOKEN_INFORMATION_CLASS
, *PTOKEN_INFORMATION_CLASS
;
609 typedef struct _TOKEN_USER
{
610 SID_AND_ATTRIBUTES User
;
611 } TOKEN_USER
, *PTOKEN_USER
;
613 typedef struct _TOKEN_GROUPS
{
616 [size_is(GroupCount
)] SID_AND_ATTRIBUTES Groups
[*];
618 SID_AND_ATTRIBUTES Groups
[ANYSIZE_ARRAY
];
620 } TOKEN_GROUPS
,*PTOKEN_GROUPS
,*LPTOKEN_GROUPS
;
622 typedef struct _TOKEN_PRIVILEGES
{
623 ULONG PrivilegeCount
;
624 LUID_AND_ATTRIBUTES Privileges
[ANYSIZE_ARRAY
];
625 } TOKEN_PRIVILEGES
,*PTOKEN_PRIVILEGES
,*LPTOKEN_PRIVILEGES
;
627 typedef struct _TOKEN_OWNER
{
629 } TOKEN_OWNER
,*PTOKEN_OWNER
;
631 typedef struct _TOKEN_PRIMARY_GROUP
{
633 } TOKEN_PRIMARY_GROUP
,*PTOKEN_PRIMARY_GROUP
;
635 typedef struct _TOKEN_DEFAULT_DACL
{
637 } TOKEN_DEFAULT_DACL
,*PTOKEN_DEFAULT_DACL
;
639 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES
{
642 PSID_AND_ATTRIBUTES Sids
;
643 ULONG RestrictedSidCount
;
644 ULONG RestrictedSidLength
;
645 PSID_AND_ATTRIBUTES RestrictedSids
;
646 ULONG PrivilegeCount
;
647 ULONG PrivilegeLength
;
648 PLUID_AND_ATTRIBUTES Privileges
;
649 LUID AuthenticationId
;
650 } TOKEN_GROUPS_AND_PRIVILEGES
, *PTOKEN_GROUPS_AND_PRIVILEGES
;
652 typedef struct _TOKEN_LINKED_TOKEN
{
654 } TOKEN_LINKED_TOKEN
, *PTOKEN_LINKED_TOKEN
;
656 typedef struct _TOKEN_ELEVATION
{
657 ULONG TokenIsElevated
;
658 } TOKEN_ELEVATION
, *PTOKEN_ELEVATION
;
660 typedef struct _TOKEN_MANDATORY_LABEL
{
661 SID_AND_ATTRIBUTES Label
;
662 } TOKEN_MANDATORY_LABEL
, *PTOKEN_MANDATORY_LABEL
;
664 #define TOKEN_MANDATORY_POLICY_OFF 0x0
665 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
666 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
668 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
669 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
671 typedef struct _TOKEN_MANDATORY_POLICY
{
673 } TOKEN_MANDATORY_POLICY
, *PTOKEN_MANDATORY_POLICY
;
675 typedef struct _TOKEN_ACCESS_INFORMATION
{
676 PSID_AND_ATTRIBUTES_HASH SidHash
;
677 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
;
678 PTOKEN_PRIVILEGES Privileges
;
679 LUID AuthenticationId
;
680 TOKEN_TYPE TokenType
;
681 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
682 TOKEN_MANDATORY_POLICY MandatoryPolicy
;
684 } TOKEN_ACCESS_INFORMATION
, *PTOKEN_ACCESS_INFORMATION
;
686 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
688 typedef struct _TOKEN_AUDIT_POLICY
{
689 UCHAR PerUserPolicy
[((POLICY_AUDIT_SUBCATEGORY_COUNT
) >> 1) + 1];
690 } TOKEN_AUDIT_POLICY
, *PTOKEN_AUDIT_POLICY
;
692 #define TOKEN_SOURCE_LENGTH 8
694 typedef struct _TOKEN_SOURCE
{
695 CHAR SourceName
[TOKEN_SOURCE_LENGTH
];
696 LUID SourceIdentifier
;
697 } TOKEN_SOURCE
,*PTOKEN_SOURCE
;
699 typedef struct _TOKEN_STATISTICS
{
701 LUID AuthenticationId
;
702 LARGE_INTEGER ExpirationTime
;
703 TOKEN_TYPE TokenType
;
704 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
705 ULONG DynamicCharged
;
706 ULONG DynamicAvailable
;
708 ULONG PrivilegeCount
;
710 } TOKEN_STATISTICS
, *PTOKEN_STATISTICS
;
712 typedef struct _TOKEN_CONTROL
{
714 LUID AuthenticationId
;
716 TOKEN_SOURCE TokenSource
;
717 } TOKEN_CONTROL
,*PTOKEN_CONTROL
;
719 typedef struct _TOKEN_ORIGIN
{
720 LUID OriginatingLogonSession
;
721 } TOKEN_ORIGIN
, *PTOKEN_ORIGIN
;
723 typedef enum _MANDATORY_LEVEL
{
724 MandatoryLevelUntrusted
= 0,
726 MandatoryLevelMedium
,
728 MandatoryLevelSystem
,
729 MandatoryLevelSecureProcess
,
731 } MANDATORY_LEVEL
, *PMANDATORY_LEVEL
;
733 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
734 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
735 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
736 #define TOKEN_WRITE_RESTRICTED 0x0008
737 #define TOKEN_IS_RESTRICTED 0x0010
738 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
739 #define TOKEN_SANDBOX_INERT 0x0040
740 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
741 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
742 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
743 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
744 #define TOKEN_IS_FILTERED 0x0800
745 #define TOKEN_UIACCESS 0x1000
746 #define TOKEN_NOT_LOW 0x2000
748 typedef struct _SE_EXPORTS
{
749 LUID SeCreateTokenPrivilege
;
750 LUID SeAssignPrimaryTokenPrivilege
;
751 LUID SeLockMemoryPrivilege
;
752 LUID SeIncreaseQuotaPrivilege
;
753 LUID SeUnsolicitedInputPrivilege
;
755 LUID SeSecurityPrivilege
;
756 LUID SeTakeOwnershipPrivilege
;
757 LUID SeLoadDriverPrivilege
;
758 LUID SeCreatePagefilePrivilege
;
759 LUID SeIncreaseBasePriorityPrivilege
;
760 LUID SeSystemProfilePrivilege
;
761 LUID SeSystemtimePrivilege
;
762 LUID SeProfileSingleProcessPrivilege
;
763 LUID SeCreatePermanentPrivilege
;
764 LUID SeBackupPrivilege
;
765 LUID SeRestorePrivilege
;
766 LUID SeShutdownPrivilege
;
767 LUID SeDebugPrivilege
;
768 LUID SeAuditPrivilege
;
769 LUID SeSystemEnvironmentPrivilege
;
770 LUID SeChangeNotifyPrivilege
;
771 LUID SeRemoteShutdownPrivilege
;
775 PSID SeCreatorOwnerSid
;
776 PSID SeCreatorGroupSid
;
777 PSID SeNtAuthoritySid
;
781 PSID SeInteractiveSid
;
782 PSID SeLocalSystemSid
;
783 PSID SeAliasAdminsSid
;
784 PSID SeAliasUsersSid
;
785 PSID SeAliasGuestsSid
;
786 PSID SeAliasPowerUsersSid
;
787 PSID SeAliasAccountOpsSid
;
788 PSID SeAliasSystemOpsSid
;
789 PSID SeAliasPrintOpsSid
;
790 PSID SeAliasBackupOpsSid
;
791 PSID SeAuthenticatedUsersSid
;
792 PSID SeRestrictedSid
;
793 PSID SeAnonymousLogonSid
;
794 LUID SeUndockPrivilege
;
795 LUID SeSyncAgentPrivilege
;
796 LUID SeEnableDelegationPrivilege
;
797 PSID SeLocalServiceSid
;
798 PSID SeNetworkServiceSid
;
799 LUID SeManageVolumePrivilege
;
800 LUID SeImpersonatePrivilege
;
801 LUID SeCreateGlobalPrivilege
;
802 LUID SeTrustedCredManAccessPrivilege
;
803 LUID SeRelabelPrivilege
;
804 LUID SeIncreaseWorkingSetPrivilege
;
805 LUID SeTimeZonePrivilege
;
806 LUID SeCreateSymbolicLinkPrivilege
;
808 PSID SeUntrustedMandatorySid
;
809 PSID SeLowMandatorySid
;
810 PSID SeMediumMandatorySid
;
811 PSID SeHighMandatorySid
;
812 PSID SeSystemMandatorySid
;
813 PSID SeOwnerRightsSid
;
814 } SE_EXPORTS
, *PSE_EXPORTS
;
817 (NTAPI
*PSE_LOGON_SESSION_TERMINATED_ROUTINE
)(
820 typedef struct _SECURITY_CLIENT_CONTEXT
{
821 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
822 PACCESS_TOKEN ClientToken
;
823 BOOLEAN DirectlyAccessClientToken
;
824 BOOLEAN DirectAccessEffectiveOnly
;
825 BOOLEAN ServerIsRemote
;
826 TOKEN_CONTROL ClientTokenControl
;
827 } SECURITY_CLIENT_CONTEXT
, *PSECURITY_CLIENT_CONTEXT
;
829 /******************************************************************************
830 * Object Manager Types *
831 ******************************************************************************/
833 typedef enum _OBJECT_INFORMATION_CLASS
{
834 ObjectBasicInformation
= 0,
835 ObjectTypeInformation
= 2,
836 /* Not for public use */
837 ObjectNameInformation
= 1,
838 ObjectTypesInformation
= 3,
839 ObjectHandleFlagInformation
= 4,
840 ObjectSessionInformation
= 5,
842 } OBJECT_INFORMATION_CLASS
;
845 /******************************************************************************
846 * Runtime Library Types *
847 ******************************************************************************/
850 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
852 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE
)
853 _IRQL_requires_max_(PASSIVE_LEVEL
)
854 __drv_allocatesMem(Mem
)
856 (NTAPI
*PRTL_ALLOCATE_STRING_ROUTINE
)(
857 _In_ SIZE_T NumberOfBytes
);
859 #if _WIN32_WINNT >= 0x0600
860 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE
)
861 _IRQL_requires_max_(PASSIVE_LEVEL
)
862 __drv_allocatesMem(Mem
)
864 (NTAPI
*PRTL_REALLOCATE_STRING_ROUTINE
)(
865 _In_ SIZE_T NumberOfBytes
,
870 (NTAPI
*PRTL_FREE_STRING_ROUTINE
)(
871 _In_
__drv_freesMem(Mem
) _Post_invalid_ PVOID Buffer
);
873 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine
;
874 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine
;
876 #if _WIN32_WINNT >= 0x0600
877 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine
;
880 _Function_class_(RTL_HEAP_COMMIT_ROUTINE
)
883 (NTAPI
*PRTL_HEAP_COMMIT_ROUTINE
) (
885 _Inout_ PVOID
*CommitAddress
,
886 _Inout_ PSIZE_T CommitSize
);
888 typedef struct _RTL_HEAP_PARAMETERS
{
890 SIZE_T SegmentReserve
;
891 SIZE_T SegmentCommit
;
892 SIZE_T DeCommitFreeBlockThreshold
;
893 SIZE_T DeCommitTotalFreeThreshold
;
894 SIZE_T MaximumAllocationSize
;
895 SIZE_T VirtualMemoryThreshold
;
896 SIZE_T InitialCommit
;
897 SIZE_T InitialReserve
;
898 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine
;
900 } RTL_HEAP_PARAMETERS
, *PRTL_HEAP_PARAMETERS
;
902 #if (NTDDI_VERSION >= NTDDI_WIN2K)
904 typedef struct _GENERATE_NAME_CONTEXT
{
906 BOOLEAN CheckSumInserted
;
907 _Field_range_(<=, 8) UCHAR NameLength
;
909 _Field_range_(<=, 4) ULONG ExtensionLength
;
910 WCHAR ExtensionBuffer
[4];
911 ULONG LastIndexValue
;
912 } GENERATE_NAME_CONTEXT
, *PGENERATE_NAME_CONTEXT
;
914 typedef struct _PREFIX_TABLE_ENTRY
{
917 struct _PREFIX_TABLE_ENTRY
*NextPrefixTree
;
918 RTL_SPLAY_LINKS Links
;
920 } PREFIX_TABLE_ENTRY
, *PPREFIX_TABLE_ENTRY
;
922 typedef struct _PREFIX_TABLE
{
925 PPREFIX_TABLE_ENTRY NextPrefixTree
;
926 } PREFIX_TABLE
, *PPREFIX_TABLE
;
928 typedef struct _UNICODE_PREFIX_TABLE_ENTRY
{
931 struct _UNICODE_PREFIX_TABLE_ENTRY
*NextPrefixTree
;
932 struct _UNICODE_PREFIX_TABLE_ENTRY
*CaseMatch
;
933 RTL_SPLAY_LINKS Links
;
934 PUNICODE_STRING Prefix
;
935 } UNICODE_PREFIX_TABLE_ENTRY
, *PUNICODE_PREFIX_TABLE_ENTRY
;
937 typedef struct _UNICODE_PREFIX_TABLE
{
940 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree
;
941 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry
;
942 } UNICODE_PREFIX_TABLE
, *PUNICODE_PREFIX_TABLE
;
944 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
946 #if (NTDDI_VERSION >= NTDDI_WINXP)
947 typedef struct _COMPRESSED_DATA_INFO
{
948 USHORT CompressionFormatAndEngine
;
949 UCHAR CompressionUnitShift
;
953 USHORT NumberOfChunks
;
954 ULONG CompressedChunkSizes
[ANYSIZE_ARRAY
];
955 } COMPRESSED_DATA_INFO
, *PCOMPRESSED_DATA_INFO
;
957 /******************************************************************************
958 * Runtime Library Functions *
959 ******************************************************************************/
962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
965 _Must_inspect_result_
967 _Post_writable_byte_size_(Size
)
972 _In_ HANDLE HeapHandle
,
973 _In_opt_ ULONG Flags
,
976 _Success_(return != 0)
981 _In_ PVOID HeapHandle
,
982 _In_opt_ ULONG Flags
,
983 _In_ _Post_invalid_ PVOID BaseAddress
);
989 _Out_ PCONTEXT ContextRecord
);
991 _Ret_range_(<, MAXLONG
)
996 _Inout_ PULONG Seed
);
998 _IRQL_requires_max_(APC_LEVEL
)
999 _Success_(return != 0)
1000 _Must_inspect_result_
1004 RtlCreateUnicodeString(
1005 _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
))
1006 PUNICODE_STRING DestinationString
,
1007 _In_z_ PCWSTR SourceString
);
1009 _IRQL_requires_max_(APC_LEVEL
)
1013 RtlAppendStringToString(
1014 _Inout_ PSTRING Destination
,
1015 _In_
const STRING
*Source
);
1017 _IRQL_requires_max_(PASSIVE_LEVEL
)
1018 _Must_inspect_result_
1022 RtlOemStringToUnicodeString(
1023 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1024 _When_(!AllocateDestinationString
, _Inout_
)
1025 PUNICODE_STRING DestinationString
,
1026 _In_ PCOEM_STRING SourceString
,
1027 _In_ BOOLEAN AllocateDestinationString
);
1029 _IRQL_requires_max_(PASSIVE_LEVEL
)
1030 _Must_inspect_result_
1034 RtlUnicodeStringToOemString(
1035 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1036 _When_(!AllocateDestinationString
, _Inout_
)
1037 POEM_STRING DestinationString
,
1038 _In_ PCUNICODE_STRING SourceString
,
1039 _In_ BOOLEAN AllocateDestinationString
);
1041 _IRQL_requires_max_(PASSIVE_LEVEL
)
1042 _Must_inspect_result_
1046 RtlUpcaseUnicodeStringToOemString(
1047 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1048 _When_(!AllocateDestinationString
, _Inout_
)
1049 POEM_STRING DestinationString
,
1050 _In_ PCUNICODE_STRING SourceString
,
1051 _In_ BOOLEAN AllocateDestinationString
);
1053 _IRQL_requires_max_(PASSIVE_LEVEL
)
1054 _Must_inspect_result_
1058 RtlOemStringToCountedUnicodeString(
1059 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1060 _When_(!AllocateDestinationString
, _Inout_
)
1061 PUNICODE_STRING DestinationString
,
1062 _In_ PCOEM_STRING SourceString
,
1063 _In_ BOOLEAN AllocateDestinationString
);
1065 _IRQL_requires_max_(PASSIVE_LEVEL
)
1066 _Must_inspect_result_
1070 RtlUnicodeStringToCountedOemString(
1071 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1072 _When_(!AllocateDestinationString
, _Inout_
)
1073 POEM_STRING DestinationString
,
1074 _In_ PCUNICODE_STRING SourceString
,
1075 _In_ BOOLEAN AllocateDestinationString
);
1077 _IRQL_requires_max_(PASSIVE_LEVEL
)
1078 _Must_inspect_result_
1082 RtlUpcaseUnicodeStringToCountedOemString(
1083 _When_(AllocateDestinationString
, _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)))
1084 _When_(!AllocateDestinationString
, _Inout_
)
1085 POEM_STRING DestinationString
,
1086 _In_ PCUNICODE_STRING SourceString
,
1087 _In_ BOOLEAN AllocateDestinationString
);
1089 _IRQL_requires_max_(PASSIVE_LEVEL
)
1090 _When_(AllocateDestinationString
, _Must_inspect_result_
)
1094 RtlDowncaseUnicodeString(
1095 _When_(AllocateDestinationString
, _Out_
_At_(UniDest
->Buffer
, __drv_allocatesMem(Mem
)))
1096 _When_(!AllocateDestinationString
, _Inout_
)
1097 PUNICODE_STRING UniDest
,
1098 _In_ PCUNICODE_STRING UniSource
,
1099 _In_ BOOLEAN AllocateDestinationString
);
1101 _IRQL_requires_max_(PASSIVE_LEVEL
)
1106 _Inout_
_At_(OemString
->Buffer
, __drv_freesMem(Mem
)) POEM_STRING OemString
);
1108 _IRQL_requires_max_(PASSIVE_LEVEL
)
1112 RtlxUnicodeStringToOemSize(
1113 _In_ PCUNICODE_STRING UnicodeString
);
1115 _IRQL_requires_max_(PASSIVE_LEVEL
)
1119 RtlxOemStringToUnicodeSize(
1120 _In_ PCOEM_STRING OemString
);
1122 _IRQL_requires_max_(PASSIVE_LEVEL
)
1126 RtlMultiByteToUnicodeN(
1127 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWCH UnicodeString
,
1128 _In_ ULONG MaxBytesInUnicodeString
,
1129 _Out_opt_ PULONG BytesInUnicodeString
,
1130 _In_reads_bytes_(BytesInMultiByteString
) const CHAR
*MultiByteString
,
1131 _In_ ULONG BytesInMultiByteString
);
1133 _IRQL_requires_max_(PASSIVE_LEVEL
)
1137 RtlMultiByteToUnicodeSize(
1138 _Out_ PULONG BytesInUnicodeString
,
1139 _In_reads_bytes_(BytesInMultiByteString
) const CHAR
*MultiByteString
,
1140 _In_ ULONG BytesInMultiByteString
);
1142 _IRQL_requires_max_(PASSIVE_LEVEL
)
1146 RtlUnicodeToMultiByteSize(
1147 _Out_ PULONG BytesInMultiByteString
,
1148 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1149 _In_ ULONG BytesInUnicodeString
);
1151 _IRQL_requires_max_(PASSIVE_LEVEL
)
1155 RtlUnicodeToMultiByteN(
1156 _Out_writes_bytes_to_(MaxBytesInMultiByteString
, *BytesInMultiByteString
) PCHAR MultiByteString
,
1157 _In_ ULONG MaxBytesInMultiByteString
,
1158 _Out_opt_ PULONG BytesInMultiByteString
,
1159 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1160 _In_ ULONG BytesInUnicodeString
);
1162 _IRQL_requires_max_(PASSIVE_LEVEL
)
1166 RtlUpcaseUnicodeToMultiByteN(
1167 _Out_writes_bytes_to_(MaxBytesInMultiByteString
, *BytesInMultiByteString
) PCHAR MultiByteString
,
1168 _In_ ULONG MaxBytesInMultiByteString
,
1169 _Out_opt_ PULONG BytesInMultiByteString
,
1170 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1171 _In_ ULONG BytesInUnicodeString
);
1173 _IRQL_requires_max_(PASSIVE_LEVEL
)
1178 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWSTR UnicodeString
,
1179 _In_ ULONG MaxBytesInUnicodeString
,
1180 _Out_opt_ PULONG BytesInUnicodeString
,
1181 _In_reads_bytes_(BytesInOemString
) PCCH OemString
,
1182 _In_ ULONG BytesInOemString
);
1184 _IRQL_requires_max_(PASSIVE_LEVEL
)
1189 _Out_writes_bytes_to_(MaxBytesInOemString
, *BytesInOemString
) PCHAR OemString
,
1190 _In_ ULONG MaxBytesInOemString
,
1191 _Out_opt_ PULONG BytesInOemString
,
1192 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1193 _In_ ULONG BytesInUnicodeString
);
1195 _IRQL_requires_max_(PASSIVE_LEVEL
)
1199 RtlUpcaseUnicodeToOemN(
1200 _Out_writes_bytes_to_(MaxBytesInOemString
, *BytesInOemString
) PCHAR OemString
,
1201 _In_ ULONG MaxBytesInOemString
,
1202 _Out_opt_ PULONG BytesInOemString
,
1203 _In_reads_bytes_(BytesInUnicodeString
) PCWCH UnicodeString
,
1204 _In_ ULONG BytesInUnicodeString
);
1206 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1207 _IRQL_requires_max_(PASSIVE_LEVEL
)
1211 RtlGenerate8dot3Name(
1212 _In_ PCUNICODE_STRING Name
,
1213 _In_ BOOLEAN AllowExtendedCharacters
,
1214 _Inout_ PGENERATE_NAME_CONTEXT Context
,
1215 _Inout_ PUNICODE_STRING Name8dot3
);
1217 _IRQL_requires_max_(PASSIVE_LEVEL
)
1221 RtlGenerate8dot3Name(
1222 _In_ PCUNICODE_STRING Name
,
1223 _In_ BOOLEAN AllowExtendedCharacters
,
1224 _Inout_ PGENERATE_NAME_CONTEXT Context
,
1225 _Inout_ PUNICODE_STRING Name8dot3
);
1228 _IRQL_requires_max_(PASSIVE_LEVEL
)
1229 _Must_inspect_result_
1233 RtlIsNameLegalDOS8Dot3(
1234 _In_ PCUNICODE_STRING Name
,
1235 _Inout_opt_ POEM_STRING OemName
,
1236 _Out_opt_ PBOOLEAN NameContainsSpaces
);
1238 _IRQL_requires_max_(PASSIVE_LEVEL
)
1239 _Must_inspect_result_
1243 RtlIsValidOemCharacter(
1244 _Inout_ PWCHAR Char
);
1246 _IRQL_requires_max_(PASSIVE_LEVEL
)
1251 _Out_ PPREFIX_TABLE PrefixTable
);
1253 _IRQL_requires_max_(PASSIVE_LEVEL
)
1258 _In_ PPREFIX_TABLE PrefixTable
,
1259 _In_ __drv_aliasesMem PSTRING Prefix
,
1260 _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1262 _IRQL_requires_max_(PASSIVE_LEVEL
)
1267 _In_ PPREFIX_TABLE PrefixTable
,
1268 _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry
);
1270 _IRQL_requires_max_(PASSIVE_LEVEL
)
1271 _Must_inspect_result_
1276 _In_ PPREFIX_TABLE PrefixTable
,
1277 _In_ PSTRING FullName
);
1279 _IRQL_requires_max_(PASSIVE_LEVEL
)
1283 RtlInitializeUnicodePrefix(
1284 _Out_ PUNICODE_PREFIX_TABLE PrefixTable
);
1286 _IRQL_requires_max_(PASSIVE_LEVEL
)
1290 RtlInsertUnicodePrefix(
1291 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1292 _In_ __drv_aliasesMem PUNICODE_STRING Prefix
,
1293 _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1295 _IRQL_requires_max_(PASSIVE_LEVEL
)
1299 RtlRemoveUnicodePrefix(
1300 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1301 _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry
);
1303 _IRQL_requires_max_(PASSIVE_LEVEL
)
1304 _Must_inspect_result_
1306 PUNICODE_PREFIX_TABLE_ENTRY
1308 RtlFindUnicodePrefix(
1309 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1310 _In_ PUNICODE_STRING FullName
,
1311 _In_ ULONG CaseInsensitiveIndex
);
1313 _IRQL_requires_max_(PASSIVE_LEVEL
)
1314 _Must_inspect_result_
1316 PUNICODE_PREFIX_TABLE_ENTRY
1318 RtlNextUnicodePrefix(
1319 _In_ PUNICODE_PREFIX_TABLE PrefixTable
,
1320 _In_ BOOLEAN Restart
);
1322 _Must_inspect_result_
1326 RtlCompareMemoryUlong(
1327 _In_reads_bytes_(Length
) PVOID Source
,
1329 _In_ ULONG Pattern
);
1331 _Success_(return != 0)
1335 RtlTimeToSecondsSince1980(
1336 _In_ PLARGE_INTEGER Time
,
1337 _Out_ PULONG ElapsedSeconds
);
1342 RtlSecondsSince1980ToTime(
1343 _In_ ULONG ElapsedSeconds
,
1344 _Out_ PLARGE_INTEGER Time
);
1346 _Success_(return != 0)
1350 RtlTimeToSecondsSince1970(
1351 _In_ PLARGE_INTEGER Time
,
1352 _Out_ PULONG ElapsedSeconds
);
1357 RtlSecondsSince1970ToTime(
1358 _In_ ULONG ElapsedSeconds
,
1359 _Out_ PLARGE_INTEGER Time
);
1361 _IRQL_requires_max_(APC_LEVEL
)
1362 _Must_inspect_result_
1369 _Must_inspect_result_
1377 _IRQL_requires_max_(APC_LEVEL
)
1378 _Must_inspect_result_
1386 _IRQL_requires_max_(APC_LEVEL
)
1390 RtlLengthRequiredSid(
1391 _In_ ULONG SubAuthorityCount
);
1397 _In_ _Post_invalid_ PSID Sid
);
1399 _Must_inspect_result_
1403 RtlAllocateAndInitializeSid(
1404 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1405 _In_ UCHAR SubAuthorityCount
,
1406 _In_ ULONG SubAuthority0
,
1407 _In_ ULONG SubAuthority1
,
1408 _In_ ULONG SubAuthority2
,
1409 _In_ ULONG SubAuthority3
,
1410 _In_ ULONG SubAuthority4
,
1411 _In_ ULONG SubAuthority5
,
1412 _In_ ULONG SubAuthority6
,
1413 _In_ ULONG SubAuthority7
,
1414 _Outptr_ PSID
*Sid
);
1416 _IRQL_requires_max_(APC_LEVEL
)
1422 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
1423 _In_ UCHAR SubAuthorityCount
);
1430 _In_ ULONG SubAuthority
);
1432 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE
)
1439 _IRQL_requires_max_(APC_LEVEL
)
1445 _Out_writes_bytes_(Length
) PSID Destination
,
1448 _IRQL_requires_max_(APC_LEVEL
)
1452 RtlConvertSidToUnicodeString(
1453 _Inout_ PUNICODE_STRING UnicodeString
,
1455 _In_ BOOLEAN AllocateDestinationString
);
1457 _IRQL_requires_max_(APC_LEVEL
)
1462 _Out_ PLUID DestinationLuid
,
1463 _In_ PLUID SourceLuid
);
1465 _IRQL_requires_max_(APC_LEVEL
)
1470 _Out_writes_bytes_(AclLength
) PACL Acl
,
1471 _In_ ULONG AclLength
,
1472 _In_ ULONG AclRevision
);
1474 _IRQL_requires_max_(APC_LEVEL
)
1480 _In_ ULONG AceRevision
,
1481 _In_ ULONG StartingAceIndex
,
1482 _In_reads_bytes_(AceListLength
) PVOID AceList
,
1483 _In_ ULONG AceListLength
);
1485 _IRQL_requires_max_(APC_LEVEL
)
1491 _In_ ULONG AceIndex
);
1498 _In_ ULONG AceIndex
,
1499 _Outptr_ PVOID
*Ace
);
1501 _IRQL_requires_max_(APC_LEVEL
)
1505 RtlAddAccessAllowedAce(
1507 _In_ ULONG AceRevision
,
1508 _In_ ACCESS_MASK AccessMask
,
1511 _IRQL_requires_max_(APC_LEVEL
)
1515 RtlAddAccessAllowedAceEx(
1517 _In_ ULONG AceRevision
,
1518 _In_ ULONG AceFlags
,
1519 _In_ ACCESS_MASK AccessMask
,
1522 _IRQL_requires_max_(APC_LEVEL
)
1526 RtlCreateSecurityDescriptorRelative(
1527 _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor
,
1528 _In_ ULONG Revision
);
1533 RtlGetDaclSecurityDescriptor(
1534 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1535 _Out_ PBOOLEAN DaclPresent
,
1537 _Out_ PBOOLEAN DaclDefaulted
);
1539 _IRQL_requires_max_(APC_LEVEL
)
1543 RtlSetOwnerSecurityDescriptor(
1544 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1545 _In_opt_ PSID Owner
,
1546 _In_opt_ BOOLEAN OwnerDefaulted
);
1548 _IRQL_requires_max_(APC_LEVEL
)
1552 RtlGetOwnerSecurityDescriptor(
1553 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1555 _Out_ PBOOLEAN OwnerDefaulted
);
1557 _IRQL_requires_max_(APC_LEVEL
)
1558 _When_(Status
< 0, _Out_range_(>, 0))
1559 _When_(Status
>= 0, _Out_range_(==, 0))
1563 RtlNtStatusToDosError(
1564 _In_ NTSTATUS Status
);
1566 _IRQL_requires_max_(PASSIVE_LEVEL
)
1570 RtlCustomCPToUnicodeN(
1571 _In_ PCPTABLEINFO CustomCP
,
1572 _Out_writes_bytes_to_(MaxBytesInUnicodeString
, *BytesInUnicodeString
) PWCH UnicodeString
,
1573 _In_ ULONG MaxBytesInUnicodeString
,
1574 _Out_opt_ PULONG BytesInUnicodeString
,
1575 _In_reads_bytes_(BytesInCustomCPString
) PCH CustomCPString
,
1576 _In_ ULONG BytesInCustomCPString
);
1578 _IRQL_requires_max_(PASSIVE_LEVEL
)
1582 RtlUnicodeToCustomCPN(
1583 _In_ PCPTABLEINFO CustomCP
,
1584 _Out_writes_bytes_to_(MaxBytesInCustomCPString
, *BytesInCustomCPString
) PCH CustomCPString
,
1585 _In_ ULONG MaxBytesInCustomCPString
,
1586 _Out_opt_ PULONG BytesInCustomCPString
,
1587 _In_reads_bytes_(BytesInUnicodeString
) PWCH UnicodeString
,
1588 _In_ ULONG BytesInUnicodeString
);
1590 _IRQL_requires_max_(PASSIVE_LEVEL
)
1594 RtlUpcaseUnicodeToCustomCPN(
1595 _In_ PCPTABLEINFO CustomCP
,
1596 _Out_writes_bytes_to_(MaxBytesInCustomCPString
, *BytesInCustomCPString
) PCH CustomCPString
,
1597 _In_ ULONG MaxBytesInCustomCPString
,
1598 _Out_opt_ PULONG BytesInCustomCPString
,
1599 _In_reads_bytes_(BytesInUnicodeString
) PWCH UnicodeString
,
1600 _In_ ULONG BytesInUnicodeString
);
1602 _IRQL_requires_max_(PASSIVE_LEVEL
)
1606 RtlInitCodePageTable(
1607 _In_ PUSHORT TableBase
,
1608 _Inout_ PCPTABLEINFO CodePageTable
);
1611 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
1614 #if (NTDDI_VERSION >= NTDDI_WINXP)
1618 _Must_inspect_result_
1624 _In_opt_ PVOID HeapBase
,
1625 _In_opt_ SIZE_T ReserveSize
,
1626 _In_opt_ SIZE_T CommitSize
,
1627 _In_opt_ PVOID Lock
,
1628 _In_opt_ PRTL_HEAP_PARAMETERS Parameters
);
1634 _In_ _Post_invalid_ PVOID HeapHandle
);
1639 RtlCaptureStackBackTrace(
1640 _In_ ULONG FramesToSkip
,
1641 _In_ ULONG FramesToCapture
,
1642 _Out_writes_to_(FramesToCapture
, return) PVOID
*BackTrace
,
1643 _Out_opt_ PULONG BackTraceHash
);
1645 _Ret_range_(<, MAXLONG
)
1650 _Inout_ PULONG Seed
);
1652 _IRQL_requires_max_(DISPATCH_LEVEL
)
1656 RtlInitUnicodeStringEx(
1657 _Out_ PUNICODE_STRING DestinationString
,
1658 _In_opt_z_ __drv_aliasesMem PCWSTR SourceString
);
1660 _Must_inspect_result_
1664 RtlValidateUnicodeString(
1666 _In_ PCUNICODE_STRING String
);
1668 _IRQL_requires_max_(PASSIVE_LEVEL
)
1669 _Must_inspect_result_
1673 RtlDuplicateUnicodeString(
1675 _In_ PCUNICODE_STRING SourceString
,
1676 _Out_
_At_(DestinationString
->Buffer
, __drv_allocatesMem(Mem
)) PUNICODE_STRING DestinationString
);
1681 RtlGetCompressionWorkSpaceSize(
1682 _In_ USHORT CompressionFormatAndEngine
,
1683 _Out_ PULONG CompressBufferWorkSpaceSize
,
1684 _Out_ PULONG CompressFragmentWorkSpaceSize
);
1690 _In_ USHORT CompressionFormatAndEngine
,
1691 _In_reads_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1692 _In_ ULONG UncompressedBufferSize
,
1693 _Out_writes_bytes_to_(CompressedBufferSize
, *FinalCompressedSize
) PUCHAR CompressedBuffer
,
1694 _In_ ULONG CompressedBufferSize
,
1695 _In_ ULONG UncompressedChunkSize
,
1696 _Out_ PULONG FinalCompressedSize
,
1697 _In_ PVOID WorkSpace
);
1699 _IRQL_requires_max_(APC_LEVEL
)
1703 RtlDecompressBuffer(
1704 _In_ USHORT CompressionFormat
,
1705 _Out_writes_bytes_to_(UncompressedBufferSize
, *FinalUncompressedSize
) PUCHAR UncompressedBuffer
,
1706 _In_ ULONG UncompressedBufferSize
,
1707 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1708 _In_ ULONG CompressedBufferSize
,
1709 _Out_ PULONG FinalUncompressedSize
);
1711 _IRQL_requires_max_(APC_LEVEL
)
1715 RtlDecompressFragment(
1716 _In_ USHORT CompressionFormat
,
1717 _Out_writes_bytes_to_(UncompressedFragmentSize
, *FinalUncompressedSize
) PUCHAR UncompressedFragment
,
1718 _In_ ULONG UncompressedFragmentSize
,
1719 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1720 _In_ ULONG CompressedBufferSize
,
1721 _In_range_(<, CompressedBufferSize
) ULONG FragmentOffset
,
1722 _Out_ PULONG FinalUncompressedSize
,
1723 _In_ PVOID WorkSpace
);
1725 _IRQL_requires_max_(APC_LEVEL
)
1730 _In_ USHORT CompressionFormat
,
1731 _Inout_ PUCHAR
*CompressedBuffer
,
1732 _In_ PUCHAR EndOfCompressedBufferPlus1
,
1733 _Out_ PUCHAR
*ChunkBuffer
,
1734 _Out_ PULONG ChunkSize
);
1736 _IRQL_requires_max_(APC_LEVEL
)
1741 _In_ USHORT CompressionFormat
,
1742 _Inout_ PUCHAR
*CompressedBuffer
,
1743 _In_ PUCHAR EndOfCompressedBufferPlus1
,
1744 _Out_ PUCHAR
*ChunkBuffer
,
1745 _In_ ULONG ChunkSize
);
1747 _IRQL_requires_max_(APC_LEVEL
)
1751 RtlDecompressChunks(
1752 _Out_writes_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1753 _In_ ULONG UncompressedBufferSize
,
1754 _In_reads_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1755 _In_ ULONG CompressedBufferSize
,
1756 _In_reads_bytes_(CompressedTailSize
) PUCHAR CompressedTail
,
1757 _In_ ULONG CompressedTailSize
,
1758 _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo
);
1760 _IRQL_requires_max_(APC_LEVEL
)
1765 _In_reads_bytes_(UncompressedBufferSize
) PUCHAR UncompressedBuffer
,
1766 _In_ ULONG UncompressedBufferSize
,
1767 _Out_writes_bytes_(CompressedBufferSize
) PUCHAR CompressedBuffer
,
1768 _In_range_(>=, (UncompressedBufferSize
- (UncompressedBufferSize
/ 16))) ULONG CompressedBufferSize
,
1769 _Inout_updates_bytes_(CompressedDataInfoLength
) PCOMPRESSED_DATA_INFO CompressedDataInfo
,
1770 _In_range_(>, sizeof(COMPRESSED_DATA_INFO
)) ULONG CompressedDataInfoLength
,
1771 _In_ PVOID WorkSpace
);
1773 _IRQL_requires_max_(APC_LEVEL
)
1775 PSID_IDENTIFIER_AUTHORITY
1777 RtlIdentifierAuthoritySid(
1783 RtlSubAuthorityCountSid(
1786 _When_(Status
< 0, _Out_range_(>, 0))
1787 _When_(Status
>= 0, _Out_range_(==, 0))
1791 RtlNtStatusToDosErrorNoTeb(
1792 _In_ NTSTATUS Status
);
1794 _IRQL_requires_max_(PASSIVE_LEVEL
)
1798 RtlCreateSystemVolumeInformationFolder(
1799 _In_ PCUNICODE_STRING VolumeRootPath
);
1801 #if defined(_M_AMD64)
1806 _Out_writes_bytes_all_(Length
) PVOID Destination
,
1810 PULONG Address
= (PULONG
)Destination
;
1811 if ((Length
/= 4) != 0) {
1812 if (((ULONG64
)Address
& 4) != 0) {
1814 if ((Length
-= 1) == 0) {
1819 __stosq((PULONG64
)(Address
), Pattern
| ((ULONG64
)Pattern
<< 32), Length
/ 2);
1820 if ((Length
& 1) != 0) Address
[Length
- 1] = Pattern
;
1825 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
1826 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
1834 OUT PVOID Destination
,
1841 RtlFillMemoryUlonglong(
1842 _Out_writes_bytes_all_(Length
) PVOID Destination
,
1844 _In_ ULONGLONG Pattern
);
1846 #endif /* defined(_M_AMD64) */
1848 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
1850 #if (NTDDI_VERSION >= NTDDI_WS03)
1851 _IRQL_requires_max_(DISPATCH_LEVEL
)
1855 RtlInitAnsiStringEx(
1856 _Out_ PANSI_STRING DestinationString
,
1857 _In_opt_z_ __drv_aliasesMem PCSZ SourceString
);
1860 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
1862 _IRQL_requires_max_(APC_LEVEL
)
1866 RtlGetSaclSecurityDescriptor(
1867 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1868 _Out_ PBOOLEAN SaclPresent
,
1870 _Out_ PBOOLEAN SaclDefaulted
);
1872 _IRQL_requires_max_(APC_LEVEL
)
1876 RtlSetGroupSecurityDescriptor(
1877 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1878 _In_opt_ PSID Group
,
1879 _In_opt_ BOOLEAN GroupDefaulted
);
1881 _IRQL_requires_max_(APC_LEVEL
)
1885 RtlGetGroupSecurityDescriptor(
1886 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
1888 _Out_ PBOOLEAN GroupDefaulted
);
1890 _IRQL_requires_max_(APC_LEVEL
)
1894 RtlAbsoluteToSelfRelativeSD(
1895 _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor
,
1896 _Out_writes_bytes_to_opt_(*BufferLength
, *BufferLength
) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
,
1897 _Inout_ PULONG BufferLength
);
1899 _IRQL_requires_max_(APC_LEVEL
)
1903 RtlSelfRelativeToAbsoluteSD(
1904 _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
,
1905 _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize
, *AbsoluteSecurityDescriptorSize
) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor
,
1906 _Inout_ PULONG AbsoluteSecurityDescriptorSize
,
1907 _Out_writes_bytes_to_opt_(*DaclSize
, *DaclSize
) PACL Dacl
,
1908 _Inout_ PULONG DaclSize
,
1909 _Out_writes_bytes_to_opt_(*SaclSize
, *SaclSize
) PACL Sacl
,
1910 _Inout_ PULONG SaclSize
,
1911 _Out_writes_bytes_to_opt_(*OwnerSize
, *OwnerSize
) PSID Owner
,
1912 _Inout_ PULONG OwnerSize
,
1913 _Out_writes_bytes_to_opt_(*PrimaryGroupSize
, *PrimaryGroupSize
) PSID PrimaryGroup
,
1914 _Inout_ PULONG PrimaryGroupSize
);
1916 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
1918 #if (NTDDI_VERSION >= NTDDI_VISTA)
1924 _In_ ULONG NormForm
,
1925 _In_ PCWSTR SourceString
,
1926 _In_ LONG SourceStringLength
,
1927 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1928 _Inout_ PLONG DestinationStringLength
);
1933 RtlIsNormalizedString(
1934 _In_ ULONG NormForm
,
1935 _In_ PCWSTR SourceString
,
1936 _In_ LONG SourceStringLength
,
1937 _Out_ PBOOLEAN Normalized
);
1944 _In_ PCWSTR SourceString
,
1945 _In_ LONG SourceStringLength
,
1946 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1947 _Inout_ PLONG DestinationStringLength
);
1954 IN PCWSTR SourceString
,
1955 IN LONG SourceStringLength
,
1956 OUT PWSTR DestinationString
,
1957 IN OUT PLONG DestinationStringLength
);
1962 RtlIdnToNameprepUnicode(
1964 _In_ PCWSTR SourceString
,
1965 _In_ LONG SourceStringLength
,
1966 _Out_writes_to_(*DestinationStringLength
, *DestinationStringLength
) PWSTR DestinationString
,
1967 _Inout_ PLONG DestinationStringLength
);
1972 RtlCreateServiceSid(
1973 _In_ PUNICODE_STRING ServiceName
,
1974 _Out_writes_bytes_opt_(*ServiceSidLength
) PSID ServiceSid
,
1975 _Inout_ PULONG ServiceSidLength
);
1980 RtlCompareAltitudes(
1981 _In_ PCUNICODE_STRING Altitude1
,
1982 _In_ PCUNICODE_STRING Altitude2
);
1985 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1987 #if (NTDDI_VERSION >= NTDDI_WIN7)
1989 _IRQL_requires_max_(PASSIVE_LEVEL
)
1990 _Must_inspect_result_
1995 _Out_writes_bytes_to_(UTF8StringMaxByteCount
, *UTF8StringActualByteCount
) PCHAR UTF8StringDestination
,
1996 _In_ ULONG UTF8StringMaxByteCount
,
1997 _Out_ PULONG UTF8StringActualByteCount
,
1998 _In_reads_bytes_(UnicodeStringByteCount
) PCWCH UnicodeStringSource
,
1999 _In_ ULONG UnicodeStringByteCount
);
2001 _IRQL_requires_max_(PASSIVE_LEVEL
)
2002 _Must_inspect_result_
2007 _Out_writes_bytes_to_(UnicodeStringMaxByteCount
, *UnicodeStringActualByteCount
) PWSTR UnicodeStringDestination
,
2008 _In_ ULONG UnicodeStringMaxByteCount
,
2009 _Out_ PULONG UnicodeStringActualByteCount
,
2010 _In_reads_bytes_(UTF8StringByteCount
) PCCH UTF8StringSource
,
2011 _In_ ULONG UTF8StringByteCount
);
2013 _IRQL_requires_max_(APC_LEVEL
)
2018 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2021 _Out_ ULONG
*NumChanges
);
2026 RtlCreateVirtualAccountSid(
2027 _In_ PCUNICODE_STRING Name
,
2028 _In_ ULONG BaseSubAuthority
,
2029 _Out_writes_bytes_(*SidLength
) PSID Sid
,
2030 _Inout_ PULONG SidLength
);
2032 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
2035 #if defined(_AMD64_) || defined(_IA64_)
2039 #endif /* defined(_AMD64_) || defined(_IA64_) */
2043 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2044 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2046 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2047 RtlxUnicodeStringToOemSize(STRING) : \
2048 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2051 #define RtlOemStringToUnicodeSize(STRING) ( \
2052 NLS_MB_OEM_CODE_PAGE_TAG ? \
2053 RtlxOemStringToUnicodeSize(STRING) : \
2054 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2057 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2058 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2061 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
2062 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
2064 _IRQL_requires_max_(PASSIVE_LEVEL
)
2070 _In_opt_ HANDLE Handle
,
2071 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
,
2072 _Out_writes_bytes_opt_(ObjectInformationLength
) PVOID ObjectInformation
,
2073 _In_ ULONG ObjectInformationLength
,
2074 _Out_opt_ PULONG ReturnLength
);
2076 #if (NTDDI_VERSION >= NTDDI_WIN2K)
2078 _Must_inspect_result_
2084 _In_ HANDLE ThreadHandle
,
2085 _In_ ACCESS_MASK DesiredAccess
,
2086 _In_ BOOLEAN OpenAsSelf
,
2087 _Out_ PHANDLE TokenHandle
);
2089 _Must_inspect_result_
2095 _In_ HANDLE ProcessHandle
,
2096 _In_ ACCESS_MASK DesiredAccess
,
2097 _Out_ PHANDLE TokenHandle
);
2099 _When_(TokenInformationClass
== TokenAccessInformation
,
2100 _At_(TokenInformationLength
,
2101 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION
))))
2102 _Must_inspect_result_
2107 NtQueryInformationToken(
2108 _In_ HANDLE TokenHandle
,
2109 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
2110 _Out_writes_bytes_to_opt_(TokenInformationLength
, *ReturnLength
) PVOID TokenInformation
,
2111 _In_ ULONG TokenInformationLength
,
2112 _Out_ PULONG ReturnLength
);
2114 _Must_inspect_result_
2119 NtAdjustPrivilegesToken(
2120 _In_ HANDLE TokenHandle
,
2121 _In_ BOOLEAN DisableAllPrivileges
,
2122 _In_opt_ PTOKEN_PRIVILEGES NewState
,
2123 _In_ ULONG BufferLength
,
2124 _Out_writes_bytes_to_opt_(BufferLength
, *ReturnLength
) PTOKEN_PRIVILEGES PreviousState
,
2125 _Out_
_When_(PreviousState
== NULL
, _Out_opt_
) PULONG ReturnLength
);
2132 _Out_ PHANDLE FileHandle
,
2133 _In_ ACCESS_MASK DesiredAccess
,
2134 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
2135 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2136 _In_opt_ PLARGE_INTEGER AllocationSize
,
2137 _In_ ULONG FileAttributes
,
2138 _In_ ULONG ShareAccess
,
2139 _In_ ULONG CreateDisposition
,
2140 _In_ ULONG CreateOptions
,
2141 _In_reads_bytes_opt_(EaLength
) PVOID EaBuffer
,
2142 _In_ ULONG EaLength
);
2148 NtDeviceIoControlFile(
2149 _In_ HANDLE FileHandle
,
2150 _In_opt_ HANDLE Event
,
2151 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2152 _In_opt_ PVOID ApcContext
,
2153 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2154 _In_ ULONG IoControlCode
,
2155 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
2156 _In_ ULONG InputBufferLength
,
2157 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
2158 _In_ ULONG OutputBufferLength
);
2165 _In_ HANDLE FileHandle
,
2166 _In_opt_ HANDLE Event
,
2167 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2168 _In_opt_ PVOID ApcContext
,
2169 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2170 _In_ ULONG FsControlCode
,
2171 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
2172 _In_ ULONG InputBufferLength
,
2173 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
2174 _In_ ULONG OutputBufferLength
);
2181 _In_ HANDLE FileHandle
,
2182 _In_opt_ HANDLE Event
,
2183 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2184 _In_opt_ PVOID ApcContext
,
2185 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2186 _In_ PLARGE_INTEGER ByteOffset
,
2187 _In_ PLARGE_INTEGER Length
,
2189 _In_ BOOLEAN FailImmediately
,
2190 _In_ BOOLEAN ExclusiveLock
);
2197 _Out_ PHANDLE FileHandle
,
2198 _In_ ACCESS_MASK DesiredAccess
,
2199 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
2200 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2201 _In_ ULONG ShareAccess
,
2202 _In_ ULONG OpenOptions
);
2208 NtQueryDirectoryFile(
2209 _In_ HANDLE FileHandle
,
2210 _In_opt_ HANDLE Event
,
2211 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2212 _In_opt_ PVOID ApcContext
,
2213 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2214 _Out_writes_bytes_(Length
) PVOID FileInformation
,
2216 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
2217 _In_ BOOLEAN ReturnSingleEntry
,
2218 _In_opt_ PUNICODE_STRING FileName
,
2219 _In_ BOOLEAN RestartScan
);
2225 NtQueryInformationFile(
2226 _In_ HANDLE FileHandle
,
2227 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2228 _Out_writes_bytes_(Length
) PVOID FileInformation
,
2230 _In_ FILE_INFORMATION_CLASS FileInformationClass
);
2236 NtQueryQuotaInformationFile(
2237 _In_ HANDLE FileHandle
,
2238 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2239 _Out_writes_bytes_(Length
) PVOID Buffer
,
2241 _In_ BOOLEAN ReturnSingleEntry
,
2242 _In_reads_bytes_opt_(SidListLength
) PVOID SidList
,
2243 _In_ ULONG SidListLength
,
2244 _In_reads_bytes_opt_((8 + (4 * ((SID
*)StartSid
)->SubAuthorityCount
))) PSID StartSid
,
2245 _In_ BOOLEAN RestartScan
);
2251 NtQueryVolumeInformationFile(
2252 _In_ HANDLE FileHandle
,
2253 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2254 _Out_writes_bytes_(Length
) PVOID FsInformation
,
2256 _In_ FS_INFORMATION_CLASS FsInformationClass
);
2263 _In_ HANDLE FileHandle
,
2264 _In_opt_ HANDLE Event
,
2265 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2266 _In_opt_ PVOID ApcContext
,
2267 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2268 _Out_writes_bytes_(Length
) PVOID Buffer
,
2270 _In_opt_ PLARGE_INTEGER ByteOffset
,
2271 _In_opt_ PULONG Key
);
2277 NtSetInformationFile(
2278 _In_ HANDLE FileHandle
,
2279 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2280 _In_reads_bytes_(Length
) PVOID FileInformation
,
2282 _In_ FILE_INFORMATION_CLASS FileInformationClass
);
2288 NtSetQuotaInformationFile(
2289 _In_ HANDLE FileHandle
,
2290 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2291 _In_reads_bytes_(Length
) PVOID Buffer
,
2298 NtSetVolumeInformationFile(
2299 _In_ HANDLE FileHandle
,
2300 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2301 _In_reads_bytes_(Length
) PVOID FsInformation
,
2303 _In_ FS_INFORMATION_CLASS FsInformationClass
);
2310 _In_ HANDLE FileHandle
,
2311 _In_opt_ HANDLE Event
,
2312 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
2313 _In_opt_ PVOID ApcContext
,
2314 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2315 _In_reads_bytes_(Length
) PVOID Buffer
,
2317 _In_opt_ PLARGE_INTEGER ByteOffset
,
2318 _In_opt_ PULONG Key
);
2325 _In_ HANDLE FileHandle
,
2326 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
2327 _In_ PLARGE_INTEGER ByteOffset
,
2328 _In_ PLARGE_INTEGER Length
,
2331 _IRQL_requires_max_(PASSIVE_LEVEL
)
2336 NtSetSecurityObject(
2338 _In_ SECURITY_INFORMATION SecurityInformation
,
2339 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
2341 _IRQL_requires_max_(PASSIVE_LEVEL
)
2346 NtQuerySecurityObject(
2348 _In_ SECURITY_INFORMATION SecurityInformation
,
2349 _Out_writes_bytes_opt_(Length
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
2351 _Out_ PULONG LengthNeeded
);
2353 _IRQL_requires_max_(PASSIVE_LEVEL
)
2359 _In_ HANDLE Handle
);
2361 _Must_inspect_result_
2362 __drv_allocatesMem(Mem
)
2367 NtAllocateVirtualMemory(
2368 _In_ HANDLE ProcessHandle
,
2369 _Outptr_result_bytebuffer_(*RegionSize
) PVOID
*BaseAddress
,
2370 _In_ ULONG_PTR ZeroBits
,
2371 _Inout_ PSIZE_T RegionSize
,
2372 _In_ ULONG AllocationType
,
2373 _In_ ULONG Protect
);
2379 NtFreeVirtualMemory(
2380 _In_ HANDLE ProcessHandle
,
2381 _Inout_
__drv_freesMem(Mem
) PVOID
*BaseAddress
,
2382 _Inout_ PSIZE_T RegionSize
,
2383 _In_ ULONG FreeType
);
2387 #if (NTDDI_VERSION >= NTDDI_WINXP)
2389 _Must_inspect_result_
2394 NtOpenThreadTokenEx(
2395 _In_ HANDLE ThreadHandle
,
2396 _In_ ACCESS_MASK DesiredAccess
,
2397 _In_ BOOLEAN OpenAsSelf
,
2398 _In_ ULONG HandleAttributes
,
2399 _Out_ PHANDLE TokenHandle
);
2401 _Must_inspect_result_
2406 NtOpenProcessTokenEx(
2407 _In_ HANDLE ProcessHandle
,
2408 _In_ ACCESS_MASK DesiredAccess
,
2409 _In_ ULONG HandleAttributes
,
2410 _Out_ PHANDLE TokenHandle
);
2412 _Must_inspect_result_
2416 NtOpenJobObjectToken(
2417 _In_ HANDLE JobHandle
,
2418 _In_ ACCESS_MASK DesiredAccess
,
2419 _Out_ PHANDLE TokenHandle
);
2421 _Must_inspect_result_
2427 _In_ HANDLE ExistingTokenHandle
,
2428 _In_ ACCESS_MASK DesiredAccess
,
2429 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
2430 _In_ BOOLEAN EffectiveOnly
,
2431 _In_ TOKEN_TYPE TokenType
,
2432 _Out_ PHANDLE NewTokenHandle
);
2434 _Must_inspect_result_
2440 _In_ HANDLE ExistingTokenHandle
,
2442 _In_opt_ PTOKEN_GROUPS SidsToDisable
,
2443 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete
,
2444 _In_opt_ PTOKEN_GROUPS RestrictedSids
,
2445 _Out_ PHANDLE NewTokenHandle
);
2447 _Must_inspect_result_
2452 NtImpersonateAnonymousToken(
2453 _In_ HANDLE ThreadHandle
);
2455 _Must_inspect_result_
2460 NtSetInformationToken(
2461 _In_ HANDLE TokenHandle
,
2462 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
2463 _In_reads_bytes_(TokenInformationLength
) PVOID TokenInformation
,
2464 _In_ ULONG TokenInformationLength
);
2466 _Must_inspect_result_
2471 NtAdjustGroupsToken(
2472 _In_ HANDLE TokenHandle
,
2473 _In_ BOOLEAN ResetToDefault
,
2474 _In_opt_ PTOKEN_GROUPS NewState
,
2475 _In_opt_ ULONG BufferLength
,
2476 _Out_writes_bytes_to_opt_(BufferLength
, *ReturnLength
) PTOKEN_GROUPS PreviousState
,
2477 _Out_ PULONG ReturnLength
);
2479 _Must_inspect_result_
2485 _In_ HANDLE ClientToken
,
2486 _Inout_ PPRIVILEGE_SET RequiredPrivileges
,
2487 _Out_ PBOOLEAN Result
);
2489 _Must_inspect_result_
2494 NtAccessCheckAndAuditAlarm(
2495 _In_ PUNICODE_STRING SubsystemName
,
2496 _In_opt_ PVOID HandleId
,
2497 _In_ PUNICODE_STRING ObjectTypeName
,
2498 _In_ PUNICODE_STRING ObjectName
,
2499 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2500 _In_ ACCESS_MASK DesiredAccess
,
2501 _In_ PGENERIC_MAPPING GenericMapping
,
2502 _In_ BOOLEAN ObjectCreation
,
2503 _Out_ PACCESS_MASK GrantedAccess
,
2504 _Out_ PNTSTATUS AccessStatus
,
2505 _Out_ PBOOLEAN GenerateOnClose
);
2507 _Must_inspect_result_
2512 NtAccessCheckByTypeAndAuditAlarm(
2513 _In_ PUNICODE_STRING SubsystemName
,
2514 _In_opt_ PVOID HandleId
,
2515 _In_ PUNICODE_STRING ObjectTypeName
,
2516 _In_ PUNICODE_STRING ObjectName
,
2517 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2518 _In_opt_ PSID PrincipalSelfSid
,
2519 _In_ ACCESS_MASK DesiredAccess
,
2520 _In_ AUDIT_EVENT_TYPE AuditType
,
2522 _In_reads_opt_(ObjectTypeLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2523 _In_ ULONG ObjectTypeLength
,
2524 _In_ PGENERIC_MAPPING GenericMapping
,
2525 _In_ BOOLEAN ObjectCreation
,
2526 _Out_ PACCESS_MASK GrantedAccess
,
2527 _Out_ PNTSTATUS AccessStatus
,
2528 _Out_ PBOOLEAN GenerateOnClose
);
2530 _Must_inspect_result_
2535 NtAccessCheckByTypeResultListAndAuditAlarm(
2536 _In_ PUNICODE_STRING SubsystemName
,
2537 _In_opt_ PVOID HandleId
,
2538 _In_ PUNICODE_STRING ObjectTypeName
,
2539 _In_ PUNICODE_STRING ObjectName
,
2540 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2541 _In_opt_ PSID PrincipalSelfSid
,
2542 _In_ ACCESS_MASK DesiredAccess
,
2543 _In_ AUDIT_EVENT_TYPE AuditType
,
2545 _In_reads_opt_(ObjectTypeListLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2546 _In_ ULONG ObjectTypeListLength
,
2547 _In_ PGENERIC_MAPPING GenericMapping
,
2548 _In_ BOOLEAN ObjectCreation
,
2549 _Out_writes_(ObjectTypeListLength
) PACCESS_MASK GrantedAccess
,
2550 _Out_writes_(ObjectTypeListLength
) PNTSTATUS AccessStatus
,
2551 _Out_ PBOOLEAN GenerateOnClose
);
2553 _Must_inspect_result_
2558 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
2559 _In_ PUNICODE_STRING SubsystemName
,
2560 _In_opt_ PVOID HandleId
,
2561 _In_ HANDLE ClientToken
,
2562 _In_ PUNICODE_STRING ObjectTypeName
,
2563 _In_ PUNICODE_STRING ObjectName
,
2564 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2565 _In_opt_ PSID PrincipalSelfSid
,
2566 _In_ ACCESS_MASK DesiredAccess
,
2567 _In_ AUDIT_EVENT_TYPE AuditType
,
2569 _In_reads_opt_(ObjectTypeListLength
) POBJECT_TYPE_LIST ObjectTypeList
,
2570 _In_ ULONG ObjectTypeListLength
,
2571 _In_ PGENERIC_MAPPING GenericMapping
,
2572 _In_ BOOLEAN ObjectCreation
,
2573 _Out_writes_(ObjectTypeListLength
) PACCESS_MASK GrantedAccess
,
2574 _Out_writes_(ObjectTypeListLength
) PNTSTATUS AccessStatus
,
2575 _Out_ PBOOLEAN GenerateOnClose
);
2581 NtOpenObjectAuditAlarm(
2582 _In_ PUNICODE_STRING SubsystemName
,
2583 _In_opt_ PVOID HandleId
,
2584 _In_ PUNICODE_STRING ObjectTypeName
,
2585 _In_ PUNICODE_STRING ObjectName
,
2586 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
2587 _In_ HANDLE ClientToken
,
2588 _In_ ACCESS_MASK DesiredAccess
,
2589 _In_ ACCESS_MASK GrantedAccess
,
2590 _In_opt_ PPRIVILEGE_SET Privileges
,
2591 _In_ BOOLEAN ObjectCreation
,
2592 _In_ BOOLEAN AccessGranted
,
2593 _Out_ PBOOLEAN GenerateOnClose
);
2599 NtPrivilegeObjectAuditAlarm(
2600 _In_ PUNICODE_STRING SubsystemName
,
2601 _In_opt_ PVOID HandleId
,
2602 _In_ HANDLE ClientToken
,
2603 _In_ ACCESS_MASK DesiredAccess
,
2604 _In_ PPRIVILEGE_SET Privileges
,
2605 _In_ BOOLEAN AccessGranted
);
2611 NtCloseObjectAuditAlarm(
2612 _In_ PUNICODE_STRING SubsystemName
,
2613 _In_opt_ PVOID HandleId
,
2614 _In_ BOOLEAN GenerateOnClose
);
2620 NtDeleteObjectAuditAlarm(
2621 _In_ PUNICODE_STRING SubsystemName
,
2622 _In_opt_ PVOID HandleId
,
2623 _In_ BOOLEAN GenerateOnClose
);
2629 NtPrivilegedServiceAuditAlarm(
2630 _In_ PUNICODE_STRING SubsystemName
,
2631 _In_ PUNICODE_STRING ServiceName
,
2632 _In_ HANDLE ClientToken
,
2633 _In_ PPRIVILEGE_SET Privileges
,
2634 _In_ BOOLEAN AccessGranted
);
2640 NtSetInformationThread(
2641 _In_ HANDLE ThreadHandle
,
2642 _In_ THREADINFOCLASS ThreadInformationClass
,
2643 _In_reads_bytes_(ThreadInformationLength
) PVOID ThreadInformation
,
2644 _In_ ULONG ThreadInformationLength
);
2646 _Must_inspect_result_
2652 _Out_ PHANDLE SectionHandle
,
2653 _In_ ACCESS_MASK DesiredAccess
,
2654 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
2655 _In_opt_ PLARGE_INTEGER MaximumSize
,
2656 _In_ ULONG SectionPageProtection
,
2657 _In_ ULONG AllocationAttributes
,
2658 _In_opt_ HANDLE FileHandle
);
2662 #define COMPRESSION_FORMAT_NONE (0x0000)
2663 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2664 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2665 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2666 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2667 #define COMPRESSION_ENGINE_HIBER (0x0200)
2669 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2671 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2673 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2674 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2676 typedef ULONG LSA_OPERATIONAL_MODE
, *PLSA_OPERATIONAL_MODE
;
2678 typedef enum _SECURITY_LOGON_TYPE
{
2679 UndefinedLogonType
= 0,
2688 #if (_WIN32_WINNT >= 0x0501)
2692 #if (_WIN32_WINNT >= 0x0502)
2693 CachedRemoteInteractive
,
2696 } SECURITY_LOGON_TYPE
, *PSECURITY_LOGON_TYPE
;
2698 #ifndef _NTLSA_AUDIT_
2699 #define _NTLSA_AUDIT_
2701 #ifndef GUID_DEFINED
2702 #include <guiddef.h>
2705 #endif /* _NTLSA_AUDIT_ */
2707 _IRQL_requires_same_
2708 _IRQL_requires_max_(PASSIVE_LEVEL
)
2711 LsaRegisterLogonProcess(
2712 _In_ PLSA_STRING LogonProcessName
,
2713 _Out_ PHANDLE LsaHandle
,
2714 _Out_ PLSA_OPERATIONAL_MODE SecurityMode
);
2716 _IRQL_requires_same_
2717 _IRQL_requires_max_(PASSIVE_LEVEL
)
2721 _In_ HANDLE LsaHandle
,
2722 _In_ PLSA_STRING OriginName
,
2723 _In_ SECURITY_LOGON_TYPE LogonType
,
2724 _In_ ULONG AuthenticationPackage
,
2725 _In_reads_bytes_(AuthenticationInformationLength
) PVOID AuthenticationInformation
,
2726 _In_ ULONG AuthenticationInformationLength
,
2727 _In_opt_ PTOKEN_GROUPS LocalGroups
,
2728 _In_ PTOKEN_SOURCE SourceContext
,
2729 _Out_ PVOID
*ProfileBuffer
,
2730 _Out_ PULONG ProfileBufferLength
,
2731 _Inout_ PLUID LogonId
,
2732 _Out_ PHANDLE Token
,
2733 _Out_ PQUOTA_LIMITS Quotas
,
2734 _Out_ PNTSTATUS SubStatus
);
2736 _IRQL_requires_same_
2739 LsaFreeReturnBuffer(
2746 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2747 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2748 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2750 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2751 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2753 #define MSV1_0_CHALLENGE_LENGTH 8
2754 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2755 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2757 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2758 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2759 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2760 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2761 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2762 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2763 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2764 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2765 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2766 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2767 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2769 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2770 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2772 #if (_WIN32_WINNT >= 0x0502)
2773 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2774 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2777 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2778 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2780 #if (_WIN32_WINNT >= 0x0600)
2781 #define MSV1_0_S4U2SELF 0x00020000
2782 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2785 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2786 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2787 #define MSV1_0_MNS_LOGON 0x01000000
2789 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2790 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2792 #define LOGON_GUEST 0x01
2793 #define LOGON_NOENCRYPTION 0x02
2794 #define LOGON_CACHED_ACCOUNT 0x04
2795 #define LOGON_USED_LM_PASSWORD 0x08
2796 #define LOGON_EXTRA_SIDS 0x20
2797 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2798 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2799 #define LOGON_NTLMV2_ENABLED 0x100
2800 #define LOGON_RESOURCE_GROUPS 0x200
2801 #define LOGON_PROFILE_PATH_RETURNED 0x400
2802 #define LOGON_NT_V2 0x800
2803 #define LOGON_LM_V2 0x1000
2804 #define LOGON_NTLM_V2 0x2000
2806 #if (_WIN32_WINNT >= 0x0600)
2808 #define LOGON_OPTIMIZED 0x4000
2809 #define LOGON_WINLOGON 0x8000
2810 #define LOGON_PKINIT 0x10000
2811 #define LOGON_NO_OPTIMIZED 0x20000
2815 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2817 #define LOGON_GRACE_LOGON 0x01000000
2819 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2820 #define MSV1_0_CRED_LM_PRESENT 0x1
2821 #define MSV1_0_CRED_NT_PRESENT 0x2
2822 #define MSV1_0_CRED_VERSION 0
2824 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2825 #define MSV1_0_NTLM3_OWF_LENGTH 16
2827 #if (_WIN32_WINNT == 0x0500)
2828 #define MSV1_0_MAX_NTLM3_LIFE 1800
2830 #define MSV1_0_MAX_NTLM3_LIFE 129600
2832 #define MSV1_0_MAX_AVL_SIZE 64000
2834 #if (_WIN32_WINNT >= 0x0501)
2836 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2838 #if (_WIN32_WINNT >= 0x0600)
2839 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2844 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2846 #if(_WIN32_WINNT >= 0x0502)
2847 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2850 #define USE_PRIMARY_PASSWORD 0x01
2851 #define RETURN_PRIMARY_USERNAME 0x02
2852 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2853 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2854 #define GENERATE_CLIENT_CHALLENGE 0x10
2855 #define GCR_NTLM3_PARMS 0x20
2856 #define GCR_TARGET_INFO 0x40
2857 #define RETURN_RESERVED_PARAMETER 0x80
2858 #define GCR_ALLOW_NTLM 0x100
2859 #define GCR_USE_OEM_SET 0x200
2860 #define GCR_MACHINE_CREDENTIAL 0x400
2861 #define GCR_USE_OWF_PASSWORD 0x800
2862 #define GCR_ALLOW_LM 0x1000
2863 #define GCR_ALLOW_NO_TARGET 0x2000
2865 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE
{
2866 MsV1_0InteractiveLogon
= 2,
2870 MsV1_0WorkstationUnlockLogon
= 7,
2871 MsV1_0S4ULogon
= 12,
2872 MsV1_0VirtualLogon
= 82
2873 } MSV1_0_LOGON_SUBMIT_TYPE
, *PMSV1_0_LOGON_SUBMIT_TYPE
;
2875 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE
{
2876 MsV1_0InteractiveProfile
= 2,
2877 MsV1_0Lm20LogonProfile
,
2878 MsV1_0SmartCardProfile
2879 } MSV1_0_PROFILE_BUFFER_TYPE
, *PMSV1_0_PROFILE_BUFFER_TYPE
;
2881 typedef struct _MSV1_0_INTERACTIVE_LOGON
{
2882 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2883 UNICODE_STRING LogonDomainName
;
2884 UNICODE_STRING UserName
;
2885 UNICODE_STRING Password
;
2886 } MSV1_0_INTERACTIVE_LOGON
, *PMSV1_0_INTERACTIVE_LOGON
;
2888 typedef struct _MSV1_0_INTERACTIVE_PROFILE
{
2889 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2891 USHORT BadPasswordCount
;
2892 LARGE_INTEGER LogonTime
;
2893 LARGE_INTEGER LogoffTime
;
2894 LARGE_INTEGER KickOffTime
;
2895 LARGE_INTEGER PasswordLastSet
;
2896 LARGE_INTEGER PasswordCanChange
;
2897 LARGE_INTEGER PasswordMustChange
;
2898 UNICODE_STRING LogonScript
;
2899 UNICODE_STRING HomeDirectory
;
2900 UNICODE_STRING FullName
;
2901 UNICODE_STRING ProfilePath
;
2902 UNICODE_STRING HomeDirectoryDrive
;
2903 UNICODE_STRING LogonServer
;
2905 } MSV1_0_INTERACTIVE_PROFILE
, *PMSV1_0_INTERACTIVE_PROFILE
;
2907 typedef struct _MSV1_0_LM20_LOGON
{
2908 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2909 UNICODE_STRING LogonDomainName
;
2910 UNICODE_STRING UserName
;
2911 UNICODE_STRING Workstation
;
2912 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2913 STRING CaseSensitiveChallengeResponse
;
2914 STRING CaseInsensitiveChallengeResponse
;
2915 ULONG ParameterControl
;
2916 } MSV1_0_LM20_LOGON
, * PMSV1_0_LM20_LOGON
;
2918 typedef struct _MSV1_0_SUBAUTH_LOGON
{
2919 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2920 UNICODE_STRING LogonDomainName
;
2921 UNICODE_STRING UserName
;
2922 UNICODE_STRING Workstation
;
2923 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
2924 STRING AuthenticationInfo1
;
2925 STRING AuthenticationInfo2
;
2926 ULONG ParameterControl
;
2927 ULONG SubAuthPackageId
;
2928 } MSV1_0_SUBAUTH_LOGON
, * PMSV1_0_SUBAUTH_LOGON
;
2930 #if (_WIN32_WINNT >= 0x0600)
2932 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2934 typedef struct _MSV1_0_S4U_LOGON
{
2935 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
2937 UNICODE_STRING UserPrincipalName
;
2938 UNICODE_STRING DomainName
;
2939 } MSV1_0_S4U_LOGON
, *PMSV1_0_S4U_LOGON
;
2943 typedef struct _MSV1_0_LM20_LOGON_PROFILE
{
2944 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
2945 LARGE_INTEGER KickOffTime
;
2946 LARGE_INTEGER LogoffTime
;
2948 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
2949 UNICODE_STRING LogonDomainName
;
2950 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
2951 UNICODE_STRING LogonServer
;
2952 UNICODE_STRING UserParameters
;
2953 } MSV1_0_LM20_LOGON_PROFILE
, * PMSV1_0_LM20_LOGON_PROFILE
;
2955 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
2958 UCHAR LmPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2959 UCHAR NtPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
2960 } MSV1_0_SUPPLEMENTAL_CREDENTIAL
, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
2962 typedef struct _MSV1_0_NTLM3_RESPONSE
{
2963 UCHAR Response
[MSV1_0_NTLM3_RESPONSE_LENGTH
];
2968 ULONGLONG TimeStamp
;
2969 UCHAR ChallengeFromClient
[MSV1_0_CHALLENGE_LENGTH
];
2972 } MSV1_0_NTLM3_RESPONSE
, *PMSV1_0_NTLM3_RESPONSE
;
2974 typedef enum _MSV1_0_AVID
{
2976 MsvAvNbComputerName
,
2978 MsvAvDnsComputerName
,
2980 #if (_WIN32_WINNT >= 0x0501)
2983 #if (_WIN32_WINNT >= 0x0600)
2987 MsvAvChannelBindings
,
2992 typedef struct _MSV1_0_AV_PAIR
{
2995 } MSV1_0_AV_PAIR
, *PMSV1_0_AV_PAIR
;
2997 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE
{
2998 MsV1_0Lm20ChallengeRequest
= 0,
2999 MsV1_0Lm20GetChallengeResponse
,
3000 MsV1_0EnumerateUsers
,
3003 MsV1_0ChangePassword
,
3004 MsV1_0ChangeCachedPassword
,
3005 MsV1_0GenericPassthrough
,
3008 MsV1_0DeriveCredential
,
3010 #if (_WIN32_WINNT >= 0x0501)
3011 MsV1_0SetProcessOption
,
3013 #if (_WIN32_WINNT >= 0x0600)
3014 MsV1_0ConfigLocalAliases
,
3015 MsV1_0ClearCachedCredentials
,
3017 } MSV1_0_PROTOCOL_MESSAGE_TYPE
, *PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
3019 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST
{
3020 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3021 } MSV1_0_LM20_CHALLENGE_REQUEST
, *PMSV1_0_LM20_CHALLENGE_REQUEST
;
3023 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE
{
3024 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3025 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3026 } MSV1_0_LM20_CHALLENGE_RESPONSE
, *PMSV1_0_LM20_CHALLENGE_RESPONSE
;
3028 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1
{
3029 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3030 ULONG ParameterControl
;
3032 UNICODE_STRING Password
;
3033 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3034 } MSV1_0_GETCHALLENRESP_REQUEST_V1
, *PMSV1_0_GETCHALLENRESP_REQUEST_V1
;
3036 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST
{
3037 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3038 ULONG ParameterControl
;
3040 UNICODE_STRING Password
;
3041 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
3042 UNICODE_STRING UserName
;
3043 UNICODE_STRING LogonDomainName
;
3044 UNICODE_STRING ServerName
;
3045 } MSV1_0_GETCHALLENRESP_REQUEST
, *PMSV1_0_GETCHALLENRESP_REQUEST
;
3047 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE
{
3048 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3049 STRING CaseSensitiveChallengeResponse
;
3050 STRING CaseInsensitiveChallengeResponse
;
3051 UNICODE_STRING UserName
;
3052 UNICODE_STRING LogonDomainName
;
3053 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
3054 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
3055 } MSV1_0_GETCHALLENRESP_RESPONSE
, *PMSV1_0_GETCHALLENRESP_RESPONSE
;
3057 typedef struct _MSV1_0_ENUMUSERS_REQUEST
{
3058 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3059 } MSV1_0_ENUMUSERS_REQUEST
, *PMSV1_0_ENUMUSERS_REQUEST
;
3061 typedef struct _MSV1_0_ENUMUSERS_RESPONSE
{
3062 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3063 ULONG NumberOfLoggedOnUsers
;
3066 } MSV1_0_ENUMUSERS_RESPONSE
, *PMSV1_0_ENUMUSERS_RESPONSE
;
3068 typedef struct _MSV1_0_GETUSERINFO_REQUEST
{
3069 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3071 } MSV1_0_GETUSERINFO_REQUEST
, *PMSV1_0_GETUSERINFO_REQUEST
;
3073 typedef struct _MSV1_0_GETUSERINFO_RESPONSE
{
3074 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
3076 UNICODE_STRING UserName
;
3077 UNICODE_STRING LogonDomainName
;
3078 UNICODE_STRING LogonServer
;
3079 SECURITY_LOGON_TYPE LogonType
;
3080 } MSV1_0_GETUSERINFO_RESPONSE
, *PMSV1_0_GETUSERINFO_RESPONSE
;
3084 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
3085 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
3086 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
3088 /* also in winnt.h */
3089 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
3090 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
3091 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
3092 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
3093 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
3094 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
3095 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
3096 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
3097 #define FILE_NOTIFY_CHANGE_EA 0x00000080
3098 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
3099 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
3100 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
3101 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
3102 #define FILE_NOTIFY_VALID_MASK 0x00000fff
3104 #define FILE_ACTION_ADDED 0x00000001
3105 #define FILE_ACTION_REMOVED 0x00000002
3106 #define FILE_ACTION_MODIFIED 0x00000003
3107 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
3108 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
3109 #define FILE_ACTION_ADDED_STREAM 0x00000006
3110 #define FILE_ACTION_REMOVED_STREAM 0x00000007
3111 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
3112 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
3113 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
3114 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
3117 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
3118 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
3120 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3121 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3123 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3124 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3125 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
3127 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
3128 #define FILE_PIPE_MESSAGE_MODE 0x00000001
3130 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
3131 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
3133 #define FILE_PIPE_INBOUND 0x00000000
3134 #define FILE_PIPE_OUTBOUND 0x00000001
3135 #define FILE_PIPE_FULL_DUPLEX 0x00000002
3137 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
3138 #define FILE_PIPE_LISTENING_STATE 0x00000002
3139 #define FILE_PIPE_CONNECTED_STATE 0x00000003
3140 #define FILE_PIPE_CLOSING_STATE 0x00000004
3142 #define FILE_PIPE_CLIENT_END 0x00000000
3143 #define FILE_PIPE_SERVER_END 0x00000001
3145 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
3146 #define FILE_CASE_PRESERVED_NAMES 0x00000002
3147 #define FILE_UNICODE_ON_DISK 0x00000004
3148 #define FILE_PERSISTENT_ACLS 0x00000008
3149 #define FILE_FILE_COMPRESSION 0x00000010
3150 #define FILE_VOLUME_QUOTAS 0x00000020
3151 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
3152 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
3153 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
3154 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
3155 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
3156 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
3157 #define FILE_NAMED_STREAMS 0x00040000
3158 #define FILE_READ_ONLY_VOLUME 0x00080000
3159 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
3160 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
3161 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
3162 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
3163 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
3164 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
3166 #define FILE_NEED_EA 0x00000080
3168 #define FILE_EA_TYPE_BINARY 0xfffe
3169 #define FILE_EA_TYPE_ASCII 0xfffd
3170 #define FILE_EA_TYPE_BITMAP 0xfffb
3171 #define FILE_EA_TYPE_METAFILE 0xfffa
3172 #define FILE_EA_TYPE_ICON 0xfff9
3173 #define FILE_EA_TYPE_EA 0xffee
3174 #define FILE_EA_TYPE_MVMT 0xffdf
3175 #define FILE_EA_TYPE_MVST 0xffde
3176 #define FILE_EA_TYPE_ASN1 0xffdd
3177 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3179 typedef struct _FILE_NOTIFY_INFORMATION
{
3180 ULONG NextEntryOffset
;
3182 ULONG FileNameLength
;
3184 } FILE_NOTIFY_INFORMATION
, *PFILE_NOTIFY_INFORMATION
;
3186 typedef struct _FILE_DIRECTORY_INFORMATION
{
3187 ULONG NextEntryOffset
;
3189 LARGE_INTEGER CreationTime
;
3190 LARGE_INTEGER LastAccessTime
;
3191 LARGE_INTEGER LastWriteTime
;
3192 LARGE_INTEGER ChangeTime
;
3193 LARGE_INTEGER EndOfFile
;
3194 LARGE_INTEGER AllocationSize
;
3195 ULONG FileAttributes
;
3196 ULONG FileNameLength
;
3198 } FILE_DIRECTORY_INFORMATION
, *PFILE_DIRECTORY_INFORMATION
;
3200 typedef struct _FILE_FULL_DIR_INFORMATION
{
3201 ULONG NextEntryOffset
;
3203 LARGE_INTEGER CreationTime
;
3204 LARGE_INTEGER LastAccessTime
;
3205 LARGE_INTEGER LastWriteTime
;
3206 LARGE_INTEGER ChangeTime
;
3207 LARGE_INTEGER EndOfFile
;
3208 LARGE_INTEGER AllocationSize
;
3209 ULONG FileAttributes
;
3210 ULONG FileNameLength
;
3213 } FILE_FULL_DIR_INFORMATION
, *PFILE_FULL_DIR_INFORMATION
;
3215 typedef struct _FILE_ID_FULL_DIR_INFORMATION
{
3216 ULONG NextEntryOffset
;
3218 LARGE_INTEGER CreationTime
;
3219 LARGE_INTEGER LastAccessTime
;
3220 LARGE_INTEGER LastWriteTime
;
3221 LARGE_INTEGER ChangeTime
;
3222 LARGE_INTEGER EndOfFile
;
3223 LARGE_INTEGER AllocationSize
;
3224 ULONG FileAttributes
;
3225 ULONG FileNameLength
;
3227 LARGE_INTEGER FileId
;
3229 } FILE_ID_FULL_DIR_INFORMATION
, *PFILE_ID_FULL_DIR_INFORMATION
;
3231 typedef struct _FILE_BOTH_DIR_INFORMATION
{
3232 ULONG NextEntryOffset
;
3234 LARGE_INTEGER CreationTime
;
3235 LARGE_INTEGER LastAccessTime
;
3236 LARGE_INTEGER LastWriteTime
;
3237 LARGE_INTEGER ChangeTime
;
3238 LARGE_INTEGER EndOfFile
;
3239 LARGE_INTEGER AllocationSize
;
3240 ULONG FileAttributes
;
3241 ULONG FileNameLength
;
3243 CCHAR ShortNameLength
;
3244 WCHAR ShortName
[12];
3246 } FILE_BOTH_DIR_INFORMATION
, *PFILE_BOTH_DIR_INFORMATION
;
3248 typedef struct _FILE_ID_BOTH_DIR_INFORMATION
{
3249 ULONG NextEntryOffset
;
3251 LARGE_INTEGER CreationTime
;
3252 LARGE_INTEGER LastAccessTime
;
3253 LARGE_INTEGER LastWriteTime
;
3254 LARGE_INTEGER ChangeTime
;
3255 LARGE_INTEGER EndOfFile
;
3256 LARGE_INTEGER AllocationSize
;
3257 ULONG FileAttributes
;
3258 ULONG FileNameLength
;
3260 CCHAR ShortNameLength
;
3261 WCHAR ShortName
[12];
3262 LARGE_INTEGER FileId
;
3264 } FILE_ID_BOTH_DIR_INFORMATION
, *PFILE_ID_BOTH_DIR_INFORMATION
;
3266 typedef struct _FILE_NAMES_INFORMATION
{
3267 ULONG NextEntryOffset
;
3269 ULONG FileNameLength
;
3271 } FILE_NAMES_INFORMATION
, *PFILE_NAMES_INFORMATION
;
3273 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION
{
3274 ULONG NextEntryOffset
;
3276 LARGE_INTEGER CreationTime
;
3277 LARGE_INTEGER LastAccessTime
;
3278 LARGE_INTEGER LastWriteTime
;
3279 LARGE_INTEGER ChangeTime
;
3280 LARGE_INTEGER EndOfFile
;
3281 LARGE_INTEGER AllocationSize
;
3282 ULONG FileAttributes
;
3283 ULONG FileNameLength
;
3284 LARGE_INTEGER FileId
;
3285 GUID LockingTransactionId
;
3288 } FILE_ID_GLOBAL_TX_DIR_INFORMATION
, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION
;
3290 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3291 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3292 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3294 typedef struct _FILE_OBJECTID_INFORMATION
{
3295 LONGLONG FileReference
;
3297 _ANONYMOUS_UNION
union {
3298 _ANONYMOUS_STRUCT
struct {
3299 UCHAR BirthVolumeId
[16];
3300 UCHAR BirthObjectId
[16];
3303 UCHAR ExtendedInfo
[48];
3305 } FILE_OBJECTID_INFORMATION
, *PFILE_OBJECTID_INFORMATION
;
3307 #define ANSI_DOS_STAR ('<')
3308 #define ANSI_DOS_QM ('>')
3309 #define ANSI_DOS_DOT ('"')
3311 #define DOS_STAR (L'<')
3312 #define DOS_QM (L'>')
3313 #define DOS_DOT (L'"')
3315 typedef struct _FILE_INTERNAL_INFORMATION
{
3316 LARGE_INTEGER IndexNumber
;
3317 } FILE_INTERNAL_INFORMATION
, *PFILE_INTERNAL_INFORMATION
;
3319 typedef struct _FILE_EA_INFORMATION
{
3321 } FILE_EA_INFORMATION
, *PFILE_EA_INFORMATION
;
3323 typedef struct _FILE_ACCESS_INFORMATION
{
3324 ACCESS_MASK AccessFlags
;
3325 } FILE_ACCESS_INFORMATION
, *PFILE_ACCESS_INFORMATION
;
3327 typedef struct _FILE_MODE_INFORMATION
{
3329 } FILE_MODE_INFORMATION
, *PFILE_MODE_INFORMATION
;
3331 typedef struct _FILE_ALL_INFORMATION
{
3332 FILE_BASIC_INFORMATION BasicInformation
;
3333 FILE_STANDARD_INFORMATION StandardInformation
;
3334 FILE_INTERNAL_INFORMATION InternalInformation
;
3335 FILE_EA_INFORMATION EaInformation
;
3336 FILE_ACCESS_INFORMATION AccessInformation
;
3337 FILE_POSITION_INFORMATION PositionInformation
;
3338 FILE_MODE_INFORMATION ModeInformation
;
3339 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
3340 FILE_NAME_INFORMATION NameInformation
;
3341 } FILE_ALL_INFORMATION
, *PFILE_ALL_INFORMATION
;
3343 typedef struct _FILE_ALLOCATION_INFORMATION
{
3344 LARGE_INTEGER AllocationSize
;
3345 } FILE_ALLOCATION_INFORMATION
, *PFILE_ALLOCATION_INFORMATION
;
3347 typedef struct _FILE_COMPRESSION_INFORMATION
{
3348 LARGE_INTEGER CompressedFileSize
;
3349 USHORT CompressionFormat
;
3350 UCHAR CompressionUnitShift
;
3354 } FILE_COMPRESSION_INFORMATION
, *PFILE_COMPRESSION_INFORMATION
;
3356 typedef struct _FILE_LINK_INFORMATION
{
3357 BOOLEAN ReplaceIfExists
;
3358 HANDLE RootDirectory
;
3359 ULONG FileNameLength
;
3361 } FILE_LINK_INFORMATION
, *PFILE_LINK_INFORMATION
;
3363 typedef struct _FILE_MOVE_CLUSTER_INFORMATION
{
3365 HANDLE RootDirectory
;
3366 ULONG FileNameLength
;
3368 } FILE_MOVE_CLUSTER_INFORMATION
, *PFILE_MOVE_CLUSTER_INFORMATION
;
3370 typedef struct _FILE_RENAME_INFORMATION
{
3371 BOOLEAN ReplaceIfExists
;
3372 HANDLE RootDirectory
;
3373 ULONG FileNameLength
;
3375 } FILE_RENAME_INFORMATION
, *PFILE_RENAME_INFORMATION
;
3377 typedef struct _FILE_STREAM_INFORMATION
{
3378 ULONG NextEntryOffset
;
3379 ULONG StreamNameLength
;
3380 LARGE_INTEGER StreamSize
;
3381 LARGE_INTEGER StreamAllocationSize
;
3382 WCHAR StreamName
[1];
3383 } FILE_STREAM_INFORMATION
, *PFILE_STREAM_INFORMATION
;
3385 typedef struct _FILE_TRACKING_INFORMATION
{
3386 HANDLE DestinationFile
;
3387 ULONG ObjectInformationLength
;
3388 CHAR ObjectInformation
[1];
3389 } FILE_TRACKING_INFORMATION
, *PFILE_TRACKING_INFORMATION
;
3391 typedef struct _FILE_COMPLETION_INFORMATION
{
3394 } FILE_COMPLETION_INFORMATION
, *PFILE_COMPLETION_INFORMATION
;
3396 typedef struct _FILE_PIPE_INFORMATION
{
3398 ULONG CompletionMode
;
3399 } FILE_PIPE_INFORMATION
, *PFILE_PIPE_INFORMATION
;
3401 typedef struct _FILE_PIPE_LOCAL_INFORMATION
{
3402 ULONG NamedPipeType
;
3403 ULONG NamedPipeConfiguration
;
3404 ULONG MaximumInstances
;
3405 ULONG CurrentInstances
;
3407 ULONG ReadDataAvailable
;
3408 ULONG OutboundQuota
;
3409 ULONG WriteQuotaAvailable
;
3410 ULONG NamedPipeState
;
3412 } FILE_PIPE_LOCAL_INFORMATION
, *PFILE_PIPE_LOCAL_INFORMATION
;
3414 typedef struct _FILE_PIPE_REMOTE_INFORMATION
{
3415 LARGE_INTEGER CollectDataTime
;
3416 ULONG MaximumCollectionCount
;
3417 } FILE_PIPE_REMOTE_INFORMATION
, *PFILE_PIPE_REMOTE_INFORMATION
;
3419 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION
{
3420 ULONG MaximumMessageSize
;
3421 ULONG MailslotQuota
;
3422 ULONG NextMessageSize
;
3423 ULONG MessagesAvailable
;
3424 LARGE_INTEGER ReadTimeout
;
3425 } FILE_MAILSLOT_QUERY_INFORMATION
, *PFILE_MAILSLOT_QUERY_INFORMATION
;
3427 typedef struct _FILE_MAILSLOT_SET_INFORMATION
{
3428 PLARGE_INTEGER ReadTimeout
;
3429 } FILE_MAILSLOT_SET_INFORMATION
, *PFILE_MAILSLOT_SET_INFORMATION
;
3431 typedef struct _FILE_REPARSE_POINT_INFORMATION
{
3432 LONGLONG FileReference
;
3434 } FILE_REPARSE_POINT_INFORMATION
, *PFILE_REPARSE_POINT_INFORMATION
;
3436 typedef struct _FILE_LINK_ENTRY_INFORMATION
{
3437 ULONG NextEntryOffset
;
3438 LONGLONG ParentFileId
;
3439 ULONG FileNameLength
;
3441 } FILE_LINK_ENTRY_INFORMATION
, *PFILE_LINK_ENTRY_INFORMATION
;
3443 typedef struct _FILE_LINKS_INFORMATION
{
3445 ULONG EntriesReturned
;
3446 FILE_LINK_ENTRY_INFORMATION Entry
;
3447 } FILE_LINKS_INFORMATION
, *PFILE_LINKS_INFORMATION
;
3449 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION
{
3450 ULONG FileNameLength
;
3452 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION
, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION
;
3454 typedef struct _FILE_STANDARD_LINK_INFORMATION
{
3455 ULONG NumberOfAccessibleLinks
;
3456 ULONG TotalNumberOfLinks
;
3457 BOOLEAN DeletePending
;
3459 } FILE_STANDARD_LINK_INFORMATION
, *PFILE_STANDARD_LINK_INFORMATION
;
3461 typedef struct _FILE_GET_EA_INFORMATION
{
3462 ULONG NextEntryOffset
;
3465 } FILE_GET_EA_INFORMATION
, *PFILE_GET_EA_INFORMATION
;
3467 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3468 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3470 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION
{
3471 USHORT StructureVersion
;
3472 USHORT StructureSize
;
3474 USHORT ProtocolMajorVersion
;
3475 USHORT ProtocolMinorVersion
;
3476 USHORT ProtocolRevision
;
3484 } ProtocolSpecificReserved
;
3485 } FILE_REMOTE_PROTOCOL_INFORMATION
, *PFILE_REMOTE_PROTOCOL_INFORMATION
;
3487 typedef struct _FILE_GET_QUOTA_INFORMATION
{
3488 ULONG NextEntryOffset
;
3491 } FILE_GET_QUOTA_INFORMATION
, *PFILE_GET_QUOTA_INFORMATION
;
3493 typedef struct _FILE_QUOTA_INFORMATION
{
3494 ULONG NextEntryOffset
;
3496 LARGE_INTEGER ChangeTime
;
3497 LARGE_INTEGER QuotaUsed
;
3498 LARGE_INTEGER QuotaThreshold
;
3499 LARGE_INTEGER QuotaLimit
;
3501 } FILE_QUOTA_INFORMATION
, *PFILE_QUOTA_INFORMATION
;
3503 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION
{
3504 ULONG FileSystemAttributes
;
3505 ULONG MaximumComponentNameLength
;
3506 ULONG FileSystemNameLength
;
3507 WCHAR FileSystemName
[1];
3508 } FILE_FS_ATTRIBUTE_INFORMATION
, *PFILE_FS_ATTRIBUTE_INFORMATION
;
3510 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION
{
3511 BOOLEAN DriverInPath
;
3512 ULONG DriverNameLength
;
3513 WCHAR DriverName
[1];
3514 } FILE_FS_DRIVER_PATH_INFORMATION
, *PFILE_FS_DRIVER_PATH_INFORMATION
;
3516 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION
{
3518 } FILE_FS_VOLUME_FLAGS_INFORMATION
, *PFILE_FS_VOLUME_FLAGS_INFORMATION
;
3520 #define FILE_VC_QUOTA_NONE 0x00000000
3521 #define FILE_VC_QUOTA_TRACK 0x00000001
3522 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3523 #define FILE_VC_QUOTA_MASK 0x00000003
3524 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3525 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3526 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3527 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3528 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3529 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3530 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3531 #define FILE_VC_VALID_MASK 0x000003ff
3533 typedef struct _FILE_FS_CONTROL_INFORMATION
{
3534 LARGE_INTEGER FreeSpaceStartFiltering
;
3535 LARGE_INTEGER FreeSpaceThreshold
;
3536 LARGE_INTEGER FreeSpaceStopFiltering
;
3537 LARGE_INTEGER DefaultQuotaThreshold
;
3538 LARGE_INTEGER DefaultQuotaLimit
;
3539 ULONG FileSystemControlFlags
;
3540 } FILE_FS_CONTROL_INFORMATION
, *PFILE_FS_CONTROL_INFORMATION
;
3542 #ifndef _FILESYSTEMFSCTL_
3543 #define _FILESYSTEMFSCTL_
3545 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3546 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3547 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3548 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3549 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3550 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3551 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3552 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3553 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3554 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3555 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3556 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3557 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3558 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3559 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3560 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3562 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3563 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3564 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3565 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3566 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3568 #if (_WIN32_WINNT >= 0x0400)
3570 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3571 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3572 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3573 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3574 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
3575 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3576 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3580 #if (_WIN32_WINNT >= 0x0500)
3582 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3583 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
3584 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3585 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
3586 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
3587 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3588 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
3589 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
3590 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3591 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
3592 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
3593 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3594 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
3595 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3596 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3597 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3598 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
3599 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3600 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
3601 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
3602 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
3603 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
3604 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
3605 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3606 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3607 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3608 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3609 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3610 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3611 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3612 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3613 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3617 #if (_WIN32_WINNT >= 0x0600)
3619 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3620 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3621 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3622 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3623 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3624 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3625 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3626 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3627 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3628 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3629 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3630 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3631 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3632 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3633 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3634 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3635 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3636 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3637 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3638 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3639 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3640 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3641 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3642 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3643 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3644 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3645 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3646 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3648 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3649 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3650 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3651 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3652 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3653 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3657 #if (_WIN32_WINNT >= 0x0601)
3659 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3660 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3661 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3662 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3663 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3664 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3665 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3666 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3667 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3669 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3671 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3672 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3674 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3675 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3676 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3677 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3678 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3680 typedef struct _CSV_NAMESPACE_INFO
{
3683 LARGE_INTEGER StartingOffset
;
3685 } CSV_NAMESPACE_INFO
, *PCSV_NAMESPACE_INFO
;
3687 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3688 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3692 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3694 typedef struct _PATHNAME_BUFFER
{
3695 ULONG PathNameLength
;
3697 } PATHNAME_BUFFER
, *PPATHNAME_BUFFER
;
3699 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER
{
3700 UCHAR First0x24BytesOfBootSector
[0x24];
3701 } FSCTL_QUERY_FAT_BPB_BUFFER
, *PFSCTL_QUERY_FAT_BPB_BUFFER
;
3703 #if (_WIN32_WINNT >= 0x0400)
3705 typedef struct _NTFS_VOLUME_DATA_BUFFER
{
3706 LARGE_INTEGER VolumeSerialNumber
;
3707 LARGE_INTEGER NumberSectors
;
3708 LARGE_INTEGER TotalClusters
;
3709 LARGE_INTEGER FreeClusters
;
3710 LARGE_INTEGER TotalReserved
;
3711 ULONG BytesPerSector
;
3712 ULONG BytesPerCluster
;
3713 ULONG BytesPerFileRecordSegment
;
3714 ULONG ClustersPerFileRecordSegment
;
3715 LARGE_INTEGER MftValidDataLength
;
3716 LARGE_INTEGER MftStartLcn
;
3717 LARGE_INTEGER Mft2StartLcn
;
3718 LARGE_INTEGER MftZoneStart
;
3719 LARGE_INTEGER MftZoneEnd
;
3720 } NTFS_VOLUME_DATA_BUFFER
, *PNTFS_VOLUME_DATA_BUFFER
;
3722 typedef struct _NTFS_EXTENDED_VOLUME_DATA
{
3724 USHORT MajorVersion
;
3725 USHORT MinorVersion
;
3726 } NTFS_EXTENDED_VOLUME_DATA
, *PNTFS_EXTENDED_VOLUME_DATA
;
3728 typedef struct _STARTING_LCN_INPUT_BUFFER
{
3729 LARGE_INTEGER StartingLcn
;
3730 } STARTING_LCN_INPUT_BUFFER
, *PSTARTING_LCN_INPUT_BUFFER
;
3732 typedef struct _VOLUME_BITMAP_BUFFER
{
3733 LARGE_INTEGER StartingLcn
;
3734 LARGE_INTEGER BitmapSize
;
3736 } VOLUME_BITMAP_BUFFER
, *PVOLUME_BITMAP_BUFFER
;
3738 typedef struct _STARTING_VCN_INPUT_BUFFER
{
3739 LARGE_INTEGER StartingVcn
;
3740 } STARTING_VCN_INPUT_BUFFER
, *PSTARTING_VCN_INPUT_BUFFER
;
3742 typedef struct _RETRIEVAL_POINTERS_BUFFER
{
3744 LARGE_INTEGER StartingVcn
;
3746 LARGE_INTEGER NextVcn
;
3749 } RETRIEVAL_POINTERS_BUFFER
, *PRETRIEVAL_POINTERS_BUFFER
;
3751 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER
{
3752 LARGE_INTEGER FileReferenceNumber
;
3753 } NTFS_FILE_RECORD_INPUT_BUFFER
, *PNTFS_FILE_RECORD_INPUT_BUFFER
;
3755 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER
{
3756 LARGE_INTEGER FileReferenceNumber
;
3757 ULONG FileRecordLength
;
3758 UCHAR FileRecordBuffer
[1];
3759 } NTFS_FILE_RECORD_OUTPUT_BUFFER
, *PNTFS_FILE_RECORD_OUTPUT_BUFFER
;
3761 typedef struct _MOVE_FILE_DATA
{
3763 LARGE_INTEGER StartingVcn
;
3764 LARGE_INTEGER StartingLcn
;
3766 } MOVE_FILE_DATA
, *PMOVE_FILE_DATA
;
3768 typedef struct _MOVE_FILE_RECORD_DATA
{
3770 LARGE_INTEGER SourceFileRecord
;
3771 LARGE_INTEGER TargetFileRecord
;
3772 } MOVE_FILE_RECORD_DATA
, *PMOVE_FILE_RECORD_DATA
;
3775 typedef struct _MOVE_FILE_DATA32
{
3777 LARGE_INTEGER StartingVcn
;
3778 LARGE_INTEGER StartingLcn
;
3780 } MOVE_FILE_DATA32
, *PMOVE_FILE_DATA32
;
3783 #endif /* (_WIN32_WINNT >= 0x0400) */
3785 #if (_WIN32_WINNT >= 0x0500)
3787 typedef struct _FIND_BY_SID_DATA
{
3790 } FIND_BY_SID_DATA
, *PFIND_BY_SID_DATA
;
3792 typedef struct _FIND_BY_SID_OUTPUT
{
3793 ULONG NextEntryOffset
;
3795 ULONG FileNameLength
;
3797 } FIND_BY_SID_OUTPUT
, *PFIND_BY_SID_OUTPUT
;
3799 typedef struct _MFT_ENUM_DATA
{
3800 ULONGLONG StartFileReferenceNumber
;
3803 } MFT_ENUM_DATA
, *PMFT_ENUM_DATA
;
3805 typedef struct _CREATE_USN_JOURNAL_DATA
{
3806 ULONGLONG MaximumSize
;
3807 ULONGLONG AllocationDelta
;
3808 } CREATE_USN_JOURNAL_DATA
, *PCREATE_USN_JOURNAL_DATA
;
3810 typedef struct _READ_USN_JOURNAL_DATA
{
3813 ULONG ReturnOnlyOnClose
;
3815 ULONGLONG BytesToWaitFor
;
3816 ULONGLONG UsnJournalID
;
3817 } READ_USN_JOURNAL_DATA
, *PREAD_USN_JOURNAL_DATA
;
3819 typedef struct _USN_RECORD
{
3821 USHORT MajorVersion
;
3822 USHORT MinorVersion
;
3823 ULONGLONG FileReferenceNumber
;
3824 ULONGLONG ParentFileReferenceNumber
;
3826 LARGE_INTEGER TimeStamp
;
3830 ULONG FileAttributes
;
3831 USHORT FileNameLength
;
3832 USHORT FileNameOffset
;
3834 } USN_RECORD
, *PUSN_RECORD
;
3836 #define USN_PAGE_SIZE (0x1000)
3838 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3839 #define USN_REASON_DATA_EXTEND (0x00000002)
3840 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3841 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3842 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3843 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3844 #define USN_REASON_FILE_CREATE (0x00000100)
3845 #define USN_REASON_FILE_DELETE (0x00000200)
3846 #define USN_REASON_EA_CHANGE (0x00000400)
3847 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3848 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3849 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3850 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3851 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3852 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3853 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3854 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3855 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3856 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3857 #define USN_REASON_STREAM_CHANGE (0x00200000)
3858 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3859 #define USN_REASON_CLOSE (0x80000000)
3861 typedef struct _USN_JOURNAL_DATA
{
3862 ULONGLONG UsnJournalID
;
3867 ULONGLONG MaximumSize
;
3868 ULONGLONG AllocationDelta
;
3869 } USN_JOURNAL_DATA
, *PUSN_JOURNAL_DATA
;
3871 typedef struct _DELETE_USN_JOURNAL_DATA
{
3872 ULONGLONG UsnJournalID
;
3874 } DELETE_USN_JOURNAL_DATA
, *PDELETE_USN_JOURNAL_DATA
;
3876 #define USN_DELETE_FLAG_DELETE (0x00000001)
3877 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3878 #define USN_DELETE_VALID_FLAGS (0x00000003)
3880 typedef struct _MARK_HANDLE_INFO
{
3881 ULONG UsnSourceInfo
;
3882 HANDLE VolumeHandle
;
3884 } MARK_HANDLE_INFO
, *PMARK_HANDLE_INFO
;
3887 typedef struct _MARK_HANDLE_INFO32
{
3888 ULONG UsnSourceInfo
;
3889 UINT32 VolumeHandle
;
3891 } MARK_HANDLE_INFO32
, *PMARK_HANDLE_INFO32
;
3894 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3895 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3896 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3898 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3899 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3900 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3902 typedef struct _BULK_SECURITY_TEST_DATA
{
3903 ACCESS_MASK DesiredAccess
;
3904 ULONG SecurityIds
[1];
3905 } BULK_SECURITY_TEST_DATA
, *PBULK_SECURITY_TEST_DATA
;
3907 #define VOLUME_IS_DIRTY (0x00000001)
3908 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3909 #define VOLUME_SESSION_OPEN (0x00000004)
3911 typedef struct _FILE_PREFETCH
{
3914 ULONGLONG Prefetch
[1];
3915 } FILE_PREFETCH
, *PFILE_PREFETCH
;
3917 typedef struct _FILE_PREFETCH_EX
{
3921 ULONGLONG Prefetch
[1];
3922 } FILE_PREFETCH_EX
, *PFILE_PREFETCH_EX
;
3924 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3925 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3926 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3927 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3929 #define FILE_PREFETCH_TYPE_MAX 0x4
3931 typedef struct _FILE_OBJECTID_BUFFER
{
3933 _ANONYMOUS_UNION
union {
3934 _ANONYMOUS_STRUCT
struct {
3935 UCHAR BirthVolumeId
[16];
3936 UCHAR BirthObjectId
[16];
3939 UCHAR ExtendedInfo
[48];
3941 } FILE_OBJECTID_BUFFER
, *PFILE_OBJECTID_BUFFER
;
3943 typedef struct _FILE_SET_SPARSE_BUFFER
{
3945 } FILE_SET_SPARSE_BUFFER
, *PFILE_SET_SPARSE_BUFFER
;
3947 typedef struct _FILE_ZERO_DATA_INFORMATION
{
3948 LARGE_INTEGER FileOffset
;
3949 LARGE_INTEGER BeyondFinalZero
;
3950 } FILE_ZERO_DATA_INFORMATION
, *PFILE_ZERO_DATA_INFORMATION
;
3952 typedef struct _FILE_ALLOCATED_RANGE_BUFFER
{
3953 LARGE_INTEGER FileOffset
;
3954 LARGE_INTEGER Length
;
3955 } FILE_ALLOCATED_RANGE_BUFFER
, *PFILE_ALLOCATED_RANGE_BUFFER
;
3957 typedef struct _ENCRYPTION_BUFFER
{
3958 ULONG EncryptionOperation
;
3960 } ENCRYPTION_BUFFER
, *PENCRYPTION_BUFFER
;
3962 #define FILE_SET_ENCRYPTION 0x00000001
3963 #define FILE_CLEAR_ENCRYPTION 0x00000002
3964 #define STREAM_SET_ENCRYPTION 0x00000003
3965 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3967 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3969 typedef struct _DECRYPTION_STATUS_BUFFER
{
3970 BOOLEAN NoEncryptedStreams
;
3971 } DECRYPTION_STATUS_BUFFER
, *PDECRYPTION_STATUS_BUFFER
;
3973 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3975 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3977 typedef struct _REQUEST_RAW_ENCRYPTED_DATA
{
3978 LONGLONG FileOffset
;
3980 } REQUEST_RAW_ENCRYPTED_DATA
, *PREQUEST_RAW_ENCRYPTED_DATA
;
3982 typedef struct _ENCRYPTED_DATA_INFO
{
3983 ULONGLONG StartingFileOffset
;
3984 ULONG OutputBufferOffset
;
3985 ULONG BytesWithinFileSize
;
3986 ULONG BytesWithinValidDataLength
;
3987 USHORT CompressionFormat
;
3988 UCHAR DataUnitShift
;
3991 UCHAR EncryptionFormat
;
3992 USHORT NumberOfDataBlocks
;
3993 ULONG DataBlockSize
[ANYSIZE_ARRAY
];
3994 } ENCRYPTED_DATA_INFO
, *PENCRYPTED_DATA_INFO
;
3996 typedef struct _PLEX_READ_DATA_REQUEST
{
3997 LARGE_INTEGER ByteOffset
;
4000 } PLEX_READ_DATA_REQUEST
, *PPLEX_READ_DATA_REQUEST
;
4002 typedef struct _SI_COPYFILE
{
4003 ULONG SourceFileNameLength
;
4004 ULONG DestinationFileNameLength
;
4006 WCHAR FileNameBuffer
[1];
4007 } SI_COPYFILE
, *PSI_COPYFILE
;
4009 #define COPYFILE_SIS_LINK 0x0001
4010 #define COPYFILE_SIS_REPLACE 0x0002
4011 #define COPYFILE_SIS_FLAGS 0x0003
4013 #endif /* (_WIN32_WINNT >= 0x0500) */
4015 #if (_WIN32_WINNT >= 0x0600)
4017 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER
{
4019 } FILE_MAKE_COMPATIBLE_BUFFER
, *PFILE_MAKE_COMPATIBLE_BUFFER
;
4021 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER
{
4023 } FILE_SET_DEFECT_MGMT_BUFFER
, *PFILE_SET_DEFECT_MGMT_BUFFER
;
4025 typedef struct _FILE_QUERY_SPARING_BUFFER
{
4026 ULONG SparingUnitBytes
;
4027 BOOLEAN SoftwareSparing
;
4028 ULONG TotalSpareBlocks
;
4029 ULONG FreeSpareBlocks
;
4030 } FILE_QUERY_SPARING_BUFFER
, *PFILE_QUERY_SPARING_BUFFER
;
4032 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
{
4033 LARGE_INTEGER DirectoryCount
;
4034 LARGE_INTEGER FileCount
;
4035 USHORT FsFormatMajVersion
;
4036 USHORT FsFormatMinVersion
;
4037 WCHAR FsFormatName
[12];
4038 LARGE_INTEGER FormatTime
;
4039 LARGE_INTEGER LastUpdateTime
;
4040 WCHAR CopyrightInfo
[34];
4041 WCHAR AbstractInfo
[34];
4042 WCHAR FormattingImplementationInfo
[34];
4043 WCHAR LastModifyingImplementationInfo
[34];
4044 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER
, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER
;
4046 #define SET_REPAIR_ENABLED (0x00000001)
4047 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
4048 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
4049 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
4050 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
4051 #define SET_REPAIR_VALID_MASK (0x0000001F)
4053 typedef enum _SHRINK_VOLUME_REQUEST_TYPES
{
4057 } SHRINK_VOLUME_REQUEST_TYPES
, *PSHRINK_VOLUME_REQUEST_TYPES
;
4059 typedef struct _SHRINK_VOLUME_INFORMATION
{
4060 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType
;
4062 LONGLONG NewNumberOfSectors
;
4063 } SHRINK_VOLUME_INFORMATION
, *PSHRINK_VOLUME_INFORMATION
;
4065 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
4066 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
4067 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
4068 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
4069 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
4070 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
4071 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
4072 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
4073 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
4074 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
4075 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
4076 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
4077 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
4078 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
4079 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
4080 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
4081 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
4083 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
4084 #define TXFS_LOGGING_MODE_FULL (0x0002)
4086 #define TXFS_TRANSACTION_STATE_NONE 0x00
4087 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
4088 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
4089 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
4091 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE | \
4092 TXFS_RM_FLAG_RENAME_RM | \
4093 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4094 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4095 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4096 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4097 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4098 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4099 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4100 TXFS_RM_FLAG_SHRINK_LOG | \
4101 TXFS_RM_FLAG_GROW_LOG | \
4102 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
4103 TXFS_RM_FLAG_PRESERVE_CHANGES | \
4104 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4105 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4106 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4107 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4109 typedef struct _TXFS_MODIFY_RM
{
4111 ULONG LogContainerCountMax
;
4112 ULONG LogContainerCountMin
;
4113 ULONG LogContainerCount
;
4114 ULONG LogGrowthIncrement
;
4115 ULONG LogAutoShrinkPercentage
;
4118 } TXFS_MODIFY_RM
, *PTXFS_MODIFY_RM
;
4120 #define TXFS_RM_STATE_NOT_STARTED 0
4121 #define TXFS_RM_STATE_STARTING 1
4122 #define TXFS_RM_STATE_ACTIVE 2
4123 #define TXFS_RM_STATE_SHUTTING_DOWN 3
4125 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
4126 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4127 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4128 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4129 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4130 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4131 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4132 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4133 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4135 typedef struct _TXFS_QUERY_RM_INFORMATION
{
4136 ULONG BytesRequired
;
4138 ULONGLONG CurrentLsn
;
4139 ULONGLONG ArchiveTailLsn
;
4140 ULONGLONG LogContainerSize
;
4141 LARGE_INTEGER HighestVirtualClock
;
4142 ULONG LogContainerCount
;
4143 ULONG LogContainerCountMax
;
4144 ULONG LogContainerCountMin
;
4145 ULONG LogGrowthIncrement
;
4146 ULONG LogAutoShrinkPercentage
;
4151 ULONGLONG LogCapacity
;
4155 ULONGLONG TransactionCount
;
4156 ULONGLONG OnePCCount
;
4157 ULONGLONG TwoPCCount
;
4158 ULONGLONG NumberLogFileFull
;
4159 ULONGLONG OldestTransactionAge
;
4161 ULONG TmLogPathOffset
;
4162 } TXFS_QUERY_RM_INFORMATION
, *PTXFS_QUERY_RM_INFORMATION
;
4164 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
4165 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
4167 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
4168 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
4169 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
4171 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION
{
4172 LARGE_INTEGER LastVirtualClock
;
4173 ULONGLONG LastRedoLsn
;
4174 ULONGLONG HighestRecoveryLsn
;
4176 } TXFS_ROLLFORWARD_REDO_INFORMATION
, *PTXFS_ROLLFORWARD_REDO_INFORMATION
;
4178 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4179 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4180 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4181 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4182 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4183 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4184 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4185 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4187 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4188 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4189 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4191 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4192 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4194 #define TXFS_START_RM_VALID_FLAGS \
4195 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4196 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4197 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4198 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4199 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4200 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4201 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4202 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4203 TXFS_START_RM_FLAG_LOGGING_MODE | \
4204 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4205 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4206 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4208 typedef struct _TXFS_START_RM_INFORMATION
{
4210 ULONGLONG LogContainerSize
;
4211 ULONG LogContainerCountMin
;
4212 ULONG LogContainerCountMax
;
4213 ULONG LogGrowthIncrement
;
4214 ULONG LogAutoShrinkPercentage
;
4215 ULONG TmLogPathOffset
;
4216 USHORT TmLogPathLength
;
4218 USHORT LogPathLength
;
4221 } TXFS_START_RM_INFORMATION
, *PTXFS_START_RM_INFORMATION
;
4223 typedef struct _TXFS_GET_METADATA_INFO_OUT
{
4228 GUID LockingTransaction
;
4230 ULONG TransactionState
;
4231 } TXFS_GET_METADATA_INFO_OUT
, *PTXFS_GET_METADATA_INFO_OUT
;
4233 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4234 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4236 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
{
4244 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY
;
4246 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES
{
4247 GUID KtmTransaction
;
4248 ULONGLONG NumberOfFiles
;
4249 ULONGLONG BufferSizeRequired
;
4251 } TXFS_LIST_TRANSACTION_LOCKED_FILES
, *PTXFS_LIST_TRANSACTION_LOCKED_FILES
;
4253 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY
{
4255 ULONG TransactionState
;
4259 } TXFS_LIST_TRANSACTIONS_ENTRY
, *PTXFS_LIST_TRANSACTIONS_ENTRY
;
4261 typedef struct _TXFS_LIST_TRANSACTIONS
{
4262 ULONGLONG NumberOfTransactions
;
4263 ULONGLONG BufferSizeRequired
;
4264 } TXFS_LIST_TRANSACTIONS
, *PTXFS_LIST_TRANSACTIONS
;
4266 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT
{
4267 _ANONYMOUS_UNION
union {
4271 } TXFS_READ_BACKUP_INFORMATION_OUT
, *PTXFS_READ_BACKUP_INFORMATION_OUT
;
4273 typedef struct _TXFS_WRITE_BACKUP_INFORMATION
{
4275 } TXFS_WRITE_BACKUP_INFORMATION
, *PTXFS_WRITE_BACKUP_INFORMATION
;
4277 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4278 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4280 typedef struct _TXFS_GET_TRANSACTED_VERSION
{
4281 ULONG ThisBaseVersion
;
4282 ULONG LatestVersion
;
4283 USHORT ThisMiniVersion
;
4284 USHORT FirstMiniVersion
;
4285 USHORT LatestMiniVersion
;
4286 } TXFS_GET_TRANSACTED_VERSION
, *PTXFS_GET_TRANSACTED_VERSION
;
4288 #define TXFS_SAVEPOINT_SET 0x00000001
4289 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4290 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4291 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4293 typedef struct _TXFS_SAVEPOINT_INFORMATION
{
4294 HANDLE KtmTransaction
;
4297 } TXFS_SAVEPOINT_INFORMATION
, *PTXFS_SAVEPOINT_INFORMATION
;
4299 typedef struct _TXFS_CREATE_MINIVERSION_INFO
{
4300 USHORT StructureVersion
;
4301 USHORT StructureLength
;
4304 } TXFS_CREATE_MINIVERSION_INFO
, *PTXFS_CREATE_MINIVERSION_INFO
;
4306 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO
{
4307 BOOLEAN TransactionsActiveAtSnapshot
;
4308 } TXFS_TRANSACTION_ACTIVE_INFO
, *PTXFS_TRANSACTION_ACTIVE_INFO
;
4310 #endif /* (_WIN32_WINNT >= 0x0600) */
4312 #if (_WIN32_WINNT >= 0x0601)
4314 #define MARK_HANDLE_REALTIME (0x00000020)
4315 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4317 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4318 #define REMOVED_8DOT3_NAME (0x00000002)
4320 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4322 typedef struct _BOOT_AREA_INFO
{
4323 ULONG BootSectorCount
;
4325 LARGE_INTEGER Offset
;
4327 } BOOT_AREA_INFO
, *PBOOT_AREA_INFO
;
4329 typedef struct _RETRIEVAL_POINTER_BASE
{
4330 LARGE_INTEGER FileAreaOffset
;
4331 } RETRIEVAL_POINTER_BASE
, *PRETRIEVAL_POINTER_BASE
;
4333 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION
{
4338 } FILE_FS_PERSISTENT_VOLUME_INFORMATION
, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION
;
4340 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION
{
4342 } FILE_SYSTEM_RECOGNITION_INFORMATION
, *PFILE_SYSTEM_RECOGNITION_INFORMATION
;
4344 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4345 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4346 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4348 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4349 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4350 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4352 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4354 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER
{
4355 USHORT StructureVersion
;
4356 USHORT StructureLength
;
4357 ULONG RequestedOplockLevel
;
4359 } REQUEST_OPLOCK_INPUT_BUFFER
, *PREQUEST_OPLOCK_INPUT_BUFFER
;
4361 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4362 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4364 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER
{
4365 USHORT StructureVersion
;
4366 USHORT StructureLength
;
4367 ULONG OriginalOplockLevel
;
4368 ULONG NewOplockLevel
;
4370 ACCESS_MASK AccessMode
;
4372 } REQUEST_OPLOCK_OUTPUT_BUFFER
, *PREQUEST_OPLOCK_OUTPUT_BUFFER
;
4374 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4376 typedef struct _SD_CHANGE_MACHINE_SID_INPUT
{
4377 USHORT CurrentMachineSIDOffset
;
4378 USHORT CurrentMachineSIDLength
;
4379 USHORT NewMachineSIDOffset
;
4380 USHORT NewMachineSIDLength
;
4381 } SD_CHANGE_MACHINE_SID_INPUT
, *PSD_CHANGE_MACHINE_SID_INPUT
;
4383 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT
{
4384 ULONGLONG NumSDChangedSuccess
;
4385 ULONGLONG NumSDChangedFail
;
4386 ULONGLONG NumSDUnused
;
4387 ULONGLONG NumSDTotal
;
4388 ULONGLONG NumMftSDChangedSuccess
;
4389 ULONGLONG NumMftSDChangedFail
;
4390 ULONGLONG NumMftSDTotal
;
4391 } SD_CHANGE_MACHINE_SID_OUTPUT
, *PSD_CHANGE_MACHINE_SID_OUTPUT
;
4393 typedef struct _SD_GLOBAL_CHANGE_INPUT
{
4396 _ANONYMOUS_UNION
union {
4397 SD_CHANGE_MACHINE_SID_INPUT SdChange
;
4399 } SD_GLOBAL_CHANGE_INPUT
, *PSD_GLOBAL_CHANGE_INPUT
;
4401 typedef struct _SD_GLOBAL_CHANGE_OUTPUT
{
4404 _ANONYMOUS_UNION
union {
4405 SD_CHANGE_MACHINE_SID_OUTPUT SdChange
;
4407 } SD_GLOBAL_CHANGE_OUTPUT
, *PSD_GLOBAL_CHANGE_OUTPUT
;
4409 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4411 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO
{
4416 } EXTENDED_ENCRYPTED_DATA_INFO
, *PEXTENDED_ENCRYPTED_DATA_INFO
;
4418 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT
{
4420 ULONG NumberOfClusters
;
4421 LARGE_INTEGER Cluster
[1];
4422 } LOOKUP_STREAM_FROM_CLUSTER_INPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT
;
4424 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
{
4426 ULONG NumberOfMatches
;
4427 ULONG BufferSizeRequired
;
4428 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT
, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT
;
4430 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4431 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4432 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4433 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008
4435 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK 0xff000000
4436 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA 0x01000000
4437 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX 0x02000000
4438 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM 0x03000000
4440 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY
{
4443 LARGE_INTEGER Reserved
;
4444 LARGE_INTEGER Cluster
;
4446 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY
, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY
;
4448 typedef struct _FILE_TYPE_NOTIFICATION_INPUT
{
4450 ULONG NumFileTypeIDs
;
4452 } FILE_TYPE_NOTIFICATION_INPUT
, *PFILE_TYPE_NOTIFICATION_INPUT
;
4454 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN 0x00000001
4455 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END 0x00000002
4457 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE
, 0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
4458 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE
, 0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
4459 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE
, 0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
4461 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
4462 #define _VIRTUAL_STORAGE_TYPE_DEFINED
4463 typedef struct _VIRTUAL_STORAGE_TYPE
{
4466 } VIRTUAL_STORAGE_TYPE
, *PVIRTUAL_STORAGE_TYPE
;
4469 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
{
4472 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST
;
4474 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES 0x1
4475 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES 0x2
4477 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
{
4479 ULONG DependencyTypeFlags
;
4480 ULONG ProviderSpecificFlags
;
4481 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4482 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY
;
4484 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
{
4486 ULONG DependencyTypeFlags
;
4487 ULONG ProviderSpecificFlags
;
4488 VIRTUAL_STORAGE_TYPE VirtualStorageType
;
4489 ULONG AncestorLevel
;
4490 ULONG HostVolumeNameOffset
;
4491 ULONG HostVolumeNameSize
;
4492 ULONG DependentVolumeNameOffset
;
4493 ULONG DependentVolumeNameSize
;
4494 ULONG RelativePathOffset
;
4495 ULONG RelativePathSize
;
4496 ULONG DependentDeviceNameOffset
;
4497 ULONG DependentDeviceNameSize
;
4498 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY
;
4500 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
{
4501 ULONG ResponseLevel
;
4502 ULONG NumberEntries
;
4503 _ANONYMOUS_UNION
union {
4504 STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends
[0];
4505 STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends
[0];
4507 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE
;
4509 #endif /* (_WIN32_WINNT >= 0x0601) */
4511 typedef struct _FILESYSTEM_STATISTICS
{
4512 USHORT FileSystemType
;
4514 ULONG SizeOfCompleteStructure
;
4515 ULONG UserFileReads
;
4516 ULONG UserFileReadBytes
;
4517 ULONG UserDiskReads
;
4518 ULONG UserFileWrites
;
4519 ULONG UserFileWriteBytes
;
4520 ULONG UserDiskWrites
;
4521 ULONG MetaDataReads
;
4522 ULONG MetaDataReadBytes
;
4523 ULONG MetaDataDiskReads
;
4524 ULONG MetaDataWrites
;
4525 ULONG MetaDataWriteBytes
;
4526 ULONG MetaDataDiskWrites
;
4527 } FILESYSTEM_STATISTICS
, *PFILESYSTEM_STATISTICS
;
4529 #define FILESYSTEM_STATISTICS_TYPE_NTFS 1
4530 #define FILESYSTEM_STATISTICS_TYPE_FAT 2
4531 #define FILESYSTEM_STATISTICS_TYPE_EXFAT 3
4533 typedef struct _FAT_STATISTICS
{
4535 ULONG SuccessfulCreates
;
4536 ULONG FailedCreates
;
4537 ULONG NonCachedReads
;
4538 ULONG NonCachedReadBytes
;
4539 ULONG NonCachedWrites
;
4540 ULONG NonCachedWriteBytes
;
4541 ULONG NonCachedDiskReads
;
4542 ULONG NonCachedDiskWrites
;
4543 } FAT_STATISTICS
, *PFAT_STATISTICS
;
4545 typedef struct _EXFAT_STATISTICS
{
4547 ULONG SuccessfulCreates
;
4548 ULONG FailedCreates
;
4549 ULONG NonCachedReads
;
4550 ULONG NonCachedReadBytes
;
4551 ULONG NonCachedWrites
;
4552 ULONG NonCachedWriteBytes
;
4553 ULONG NonCachedDiskReads
;
4554 ULONG NonCachedDiskWrites
;
4555 } EXFAT_STATISTICS
, *PEXFAT_STATISTICS
;
4557 typedef struct _NTFS_STATISTICS
{
4558 ULONG LogFileFullExceptions
;
4559 ULONG OtherExceptions
;
4563 ULONG MftWriteBytes
;
4569 } MftWritesUserLevel
;
4570 USHORT MftWritesFlushForLogFileFull
;
4571 USHORT MftWritesLazyWriter
;
4572 USHORT MftWritesUserRequest
;
4574 ULONG Mft2WriteBytes
;
4580 } Mft2WritesUserLevel
;
4581 USHORT Mft2WritesFlushForLogFileFull
;
4582 USHORT Mft2WritesLazyWriter
;
4583 USHORT Mft2WritesUserRequest
;
4584 ULONG RootIndexReads
;
4585 ULONG RootIndexReadBytes
;
4586 ULONG RootIndexWrites
;
4587 ULONG RootIndexWriteBytes
;
4589 ULONG BitmapReadBytes
;
4591 ULONG BitmapWriteBytes
;
4592 USHORT BitmapWritesFlushForLogFileFull
;
4593 USHORT BitmapWritesLazyWriter
;
4594 USHORT BitmapWritesUserRequest
;
4599 } BitmapWritesUserLevel
;
4600 ULONG MftBitmapReads
;
4601 ULONG MftBitmapReadBytes
;
4602 ULONG MftBitmapWrites
;
4603 ULONG MftBitmapWriteBytes
;
4604 USHORT MftBitmapWritesFlushForLogFileFull
;
4605 USHORT MftBitmapWritesLazyWriter
;
4606 USHORT MftBitmapWritesUserRequest
;
4612 } MftBitmapWritesUserLevel
;
4613 ULONG UserIndexReads
;
4614 ULONG UserIndexReadBytes
;
4615 ULONG UserIndexWrites
;
4616 ULONG UserIndexWriteBytes
;
4618 ULONG LogFileReadBytes
;
4619 ULONG LogFileWrites
;
4620 ULONG LogFileWriteBytes
;
4627 ULONG HintsClusters
;
4629 ULONG CacheClusters
;
4631 ULONG CacheMissClusters
;
4633 } NTFS_STATISTICS
, *PNTFS_STATISTICS
;
4635 #endif /* _FILESYSTEMFSCTL_ */
4637 #define SYMLINK_FLAG_RELATIVE 1
4639 typedef struct _REPARSE_DATA_BUFFER
{
4641 USHORT ReparseDataLength
;
4643 _ANONYMOUS_UNION
union {
4645 USHORT SubstituteNameOffset
;
4646 USHORT SubstituteNameLength
;
4647 USHORT PrintNameOffset
;
4648 USHORT PrintNameLength
;
4650 WCHAR PathBuffer
[1];
4651 } SymbolicLinkReparseBuffer
;
4653 USHORT SubstituteNameOffset
;
4654 USHORT SubstituteNameLength
;
4655 USHORT PrintNameOffset
;
4656 USHORT PrintNameLength
;
4657 WCHAR PathBuffer
[1];
4658 } MountPointReparseBuffer
;
4660 UCHAR DataBuffer
[1];
4661 } GenericReparseBuffer
;
4663 } REPARSE_DATA_BUFFER
, *PREPARSE_DATA_BUFFER
;
4665 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
4667 typedef struct _REPARSE_GUID_DATA_BUFFER
{
4669 USHORT ReparseDataLength
;
4673 UCHAR DataBuffer
[1];
4674 } GenericReparseBuffer
;
4675 } REPARSE_GUID_DATA_BUFFER
, *PREPARSE_GUID_DATA_BUFFER
;
4677 #define REPARSE_GUID_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer)
4679 #define MAXIMUM_REPARSE_DATA_BUFFER_SIZE ( 16 * 1024 )
4681 /* Reserved reparse tags */
4682 #define IO_REPARSE_TAG_RESERVED_ZERO (0)
4683 #define IO_REPARSE_TAG_RESERVED_ONE (1)
4684 #define IO_REPARSE_TAG_RESERVED_RANGE IO_REPARSE_TAG_RESERVED_ONE
4686 #define IsReparseTagMicrosoft(_tag) (((_tag) & 0x80000000))
4687 #define IsReparseTagNameSurrogate(_tag) (((_tag) & 0x20000000))
4689 #define IO_REPARSE_TAG_VALID_VALUES (0xF000FFFF)
4691 #define IsReparseTagValid(tag) ( \
4692 !((tag) & ~IO_REPARSE_TAG_VALID_VALUES) && \
4693 ((tag) > IO_REPARSE_TAG_RESERVED_RANGE) \
4696 /* MicroSoft reparse point tags */
4697 #define IO_REPARSE_TAG_MOUNT_POINT (0xA0000003L)
4698 #define IO_REPARSE_TAG_HSM (0xC0000004L)
4699 #define IO_REPARSE_TAG_DRIVE_EXTENDER (0x80000005L)
4700 #define IO_REPARSE_TAG_HSM2 (0x80000006L)
4701 #define IO_REPARSE_TAG_SIS (0x80000007L)
4702 #define IO_REPARSE_TAG_WIM (0x80000008L)
4703 #define IO_REPARSE_TAG_CSV (0x80000009L)
4704 #define IO_REPARSE_TAG_DFS (0x8000000AL)
4705 #define IO_REPARSE_TAG_FILTER_MANAGER (0x8000000BL)
4706 #define IO_REPARSE_TAG_SYMLINK (0xA000000CL)
4707 #define IO_REPARSE_TAG_IIS_CACHE (0xA0000010L)
4708 #define IO_REPARSE_TAG_DFSR (0x80000012L)
4711 typedef struct _REPARSE_INDEX_KEY
{
4712 ULONG FileReparseTag
;
4713 LARGE_INTEGER FileId
;
4714 } REPARSE_INDEX_KEY
, *PREPARSE_INDEX_KEY
;
4717 #define FSCTL_LMR_GET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,58,METHOD_BUFFERED,FILE_ANY_ACCESS)
4718 #define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,59,METHOD_BUFFERED,FILE_ANY_ACCESS)
4719 #define IOCTL_LMR_ARE_FILE_OBJECTS_ON_SAME_SERVER CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,60,METHOD_BUFFERED,FILE_ANY_ACCESS)
4721 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
4722 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
4723 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
4724 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
4725 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
4726 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4727 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
4728 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
4729 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
4730 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
4731 #define FSCTL_PIPE_GET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
4732 #define FSCTL_PIPE_SET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
4733 #define FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
4734 #define FSCTL_PIPE_SET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 13, METHOD_BUFFERED, FILE_ANY_ACCESS)
4735 #define FSCTL_PIPE_GET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 14, METHOD_BUFFERED, FILE_ANY_ACCESS)
4736 #define FSCTL_PIPE_SET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
4737 #define FSCTL_PIPE_FLUSH CTL_CODE(FILE_DEVICE_NAMED_PIPE, 16, METHOD_BUFFERED, FILE_WRITE_DATA)
4739 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
4740 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
4741 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4742 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
4744 #define FILE_PIPE_READ_DATA 0x00000000
4745 #define FILE_PIPE_WRITE_SPACE 0x00000001
4747 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER
{
4750 } FILE_PIPE_ASSIGN_EVENT_BUFFER
, *PFILE_PIPE_ASSIGN_EVENT_BUFFER
;
4752 typedef struct _FILE_PIPE_EVENT_BUFFER
{
4753 ULONG NamedPipeState
;
4757 ULONG NumberRequests
;
4758 } FILE_PIPE_EVENT_BUFFER
, *PFILE_PIPE_EVENT_BUFFER
;
4760 typedef struct _FILE_PIPE_PEEK_BUFFER
{
4761 ULONG NamedPipeState
;
4762 ULONG ReadDataAvailable
;
4763 ULONG NumberOfMessages
;
4764 ULONG MessageLength
;
4766 } FILE_PIPE_PEEK_BUFFER
, *PFILE_PIPE_PEEK_BUFFER
;
4768 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER
{
4769 LARGE_INTEGER Timeout
;
4771 BOOLEAN TimeoutSpecified
;
4773 } FILE_PIPE_WAIT_FOR_BUFFER
, *PFILE_PIPE_WAIT_FOR_BUFFER
;
4775 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER
{
4776 #if !defined(BUILD_WOW6432)
4777 PVOID ClientSession
;
4778 PVOID ClientProcess
;
4780 ULONGLONG ClientSession
;
4781 ULONGLONG ClientProcess
;
4783 } FILE_PIPE_CLIENT_PROCESS_BUFFER
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER
;
4785 #define FILE_PIPE_COMPUTER_NAME_LENGTH 15
4787 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
{
4788 #if !defined(BUILD_WOW6432)
4789 PVOID ClientSession
;
4790 PVOID ClientProcess
;
4792 ULONGLONG ClientSession
;
4793 ULONGLONG ClientProcess
;
4795 USHORT ClientComputerNameLength
;
4796 WCHAR ClientComputerBuffer
[FILE_PIPE_COMPUTER_NAME_LENGTH
+1];
4797 } FILE_PIPE_CLIENT_PROCESS_BUFFER_EX
, *PFILE_PIPE_CLIENT_PROCESS_BUFFER_EX
;
4799 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
4801 typedef enum _LINK_TRACKING_INFORMATION_TYPE
{
4802 NtfsLinkTrackingInformation
,
4803 DfsLinkTrackingInformation
4804 } LINK_TRACKING_INFORMATION_TYPE
, *PLINK_TRACKING_INFORMATION_TYPE
;
4806 typedef struct _LINK_TRACKING_INFORMATION
{
4807 LINK_TRACKING_INFORMATION_TYPE Type
;
4809 } LINK_TRACKING_INFORMATION
, *PLINK_TRACKING_INFORMATION
;
4811 typedef struct _REMOTE_LINK_TRACKING_INFORMATION
{
4812 PVOID TargetFileObject
;
4813 ULONG TargetLinkTrackingInformationLength
;
4814 UCHAR TargetLinkTrackingInformationBuffer
[1];
4815 } REMOTE_LINK_TRACKING_INFORMATION
, *PREMOTE_LINK_TRACKING_INFORMATION
;
4817 #define IO_OPEN_PAGING_FILE 0x0002
4818 #define IO_OPEN_TARGET_DIRECTORY 0x0004
4819 #define IO_STOP_ON_SYMLINK 0x0008
4820 #define IO_MM_PAGING_FILE 0x0010
4823 (NTAPI
*PDRIVER_FS_NOTIFICATION
) (
4824 _In_ PDEVICE_OBJECT DeviceObject
,
4825 _In_ BOOLEAN FsActive
);
4827 typedef enum _FS_FILTER_SECTION_SYNC_TYPE
{
4829 SyncTypeCreateSection
4830 } FS_FILTER_SECTION_SYNC_TYPE
, *PFS_FILTER_SECTION_SYNC_TYPE
;
4832 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
{
4833 NotifyTypeCreate
= 0,
4835 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE
, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE
;
4837 typedef union _FS_FILTER_PARAMETERS
{
4839 PLARGE_INTEGER EndingOffset
;
4840 PERESOURCE
*ResourceToRelease
;
4841 } AcquireForModifiedPageWriter
;
4843 PERESOURCE ResourceToRelease
;
4844 } ReleaseForModifiedPageWriter
;
4846 FS_FILTER_SECTION_SYNC_TYPE SyncType
;
4847 ULONG PageProtection
;
4848 } AcquireForSectionSynchronization
;
4850 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
;
4851 BOOLEAN POINTER_ALIGNMENT SafeToRecurse
;
4852 } NotifyStreamFileObject
;
4860 } FS_FILTER_PARAMETERS
, *PFS_FILTER_PARAMETERS
;
4862 #define FS_FILTER_ACQUIRE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-1
4863 #define FS_FILTER_RELEASE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-2
4864 #define FS_FILTER_ACQUIRE_FOR_MOD_WRITE (UCHAR)-3
4865 #define FS_FILTER_RELEASE_FOR_MOD_WRITE (UCHAR)-4
4866 #define FS_FILTER_ACQUIRE_FOR_CC_FLUSH (UCHAR)-5
4867 #define FS_FILTER_RELEASE_FOR_CC_FLUSH (UCHAR)-6
4869 typedef struct _FS_FILTER_CALLBACK_DATA
{
4870 ULONG SizeOfFsFilterCallbackData
;
4873 struct _DEVICE_OBJECT
*DeviceObject
;
4874 struct _FILE_OBJECT
*FileObject
;
4875 FS_FILTER_PARAMETERS Parameters
;
4876 } FS_FILTER_CALLBACK_DATA
, *PFS_FILTER_CALLBACK_DATA
;
4879 (NTAPI
*PFS_FILTER_CALLBACK
) (
4880 _In_ PFS_FILTER_CALLBACK_DATA Data
,
4881 _Out_ PVOID
*CompletionContext
);
4884 (NTAPI
*PFS_FILTER_COMPLETION_CALLBACK
) (
4885 _In_ PFS_FILTER_CALLBACK_DATA Data
,
4886 _In_ NTSTATUS OperationStatus
,
4887 _In_ PVOID CompletionContext
);
4889 typedef struct _FS_FILTER_CALLBACKS
{
4890 ULONG SizeOfFsFilterCallbacks
;
4892 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization
;
4893 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization
;
4894 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization
;
4895 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization
;
4896 PFS_FILTER_CALLBACK PreAcquireForCcFlush
;
4897 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush
;
4898 PFS_FILTER_CALLBACK PreReleaseForCcFlush
;
4899 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush
;
4900 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter
;
4901 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter
;
4902 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter
;
4903 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter
;
4904 } FS_FILTER_CALLBACKS
, *PFS_FILTER_CALLBACKS
;
4906 #if (NTDDI_VERSION >= NTDDI_WINXP)
4910 FsRtlRegisterFileSystemFilterCallbacks(
4911 _In_
struct _DRIVER_OBJECT
*FilterDriverObject
,
4912 _In_ PFS_FILTER_CALLBACKS Callbacks
);
4913 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
4915 #if (NTDDI_VERSION >= NTDDI_VISTA)
4919 FsRtlNotifyStreamFileObject(
4920 _In_
struct _FILE_OBJECT
* StreamFileObject
,
4921 _In_opt_
struct _DEVICE_OBJECT
*DeviceObjectHint
,
4922 _In_ FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType
,
4923 _In_ BOOLEAN SafeToRecurse
);
4924 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
4926 #define DO_VERIFY_VOLUME 0x00000002
4927 #define DO_BUFFERED_IO 0x00000004
4928 #define DO_EXCLUSIVE 0x00000008
4929 #define DO_DIRECT_IO 0x00000010
4930 #define DO_MAP_IO_BUFFER 0x00000020
4931 #define DO_DEVICE_HAS_NAME 0x00000040
4932 #define DO_DEVICE_INITIALIZING 0x00000080
4933 #define DO_SYSTEM_BOOT_PARTITION 0x00000100
4934 #define DO_LONG_TERM_REQUESTS 0x00000200
4935 #define DO_NEVER_LAST_DEVICE 0x00000400
4936 #define DO_SHUTDOWN_REGISTERED 0x00000800
4937 #define DO_BUS_ENUMERATED_DEVICE 0x00001000
4938 #define DO_POWER_PAGABLE 0x00002000
4939 #define DO_POWER_INRUSH 0x00004000
4940 #define DO_LOW_PRIORITY_FILESYSTEM 0x00010000
4941 #define DO_SUPPORTS_TRANSACTIONS 0x00040000
4942 #define DO_FORCE_NEITHER_IO 0x00080000
4943 #define DO_VOLUME_DEVICE_OBJECT 0x00100000
4944 #define DO_SYSTEM_SYSTEM_PARTITION 0x00200000
4945 #define DO_SYSTEM_CRITICAL_PARTITION 0x00400000
4946 #define DO_DISALLOW_EXECUTE 0x00800000
4948 extern KSPIN_LOCK IoStatisticsLock
;
4949 extern ULONG IoReadOperationCount
;
4950 extern ULONG IoWriteOperationCount
;
4951 extern ULONG IoOtherOperationCount
;
4952 extern LARGE_INTEGER IoReadTransferCount
;
4953 extern LARGE_INTEGER IoWriteTransferCount
;
4954 extern LARGE_INTEGER IoOtherTransferCount
;
4956 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
4957 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
4959 #if (NTDDI_VERSION >= NTDDI_VISTA)
4960 typedef struct _IO_PRIORITY_INFO
{
4962 ULONG ThreadPriority
;
4964 IO_PRIORITY_HINT IoPriority
;
4965 } IO_PRIORITY_INFO
, *PIO_PRIORITY_INFO
;
4968 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION
{
4970 ACCESS_MASK GrantedAccess
;
4974 } PUBLIC_OBJECT_BASIC_INFORMATION
, *PPUBLIC_OBJECT_BASIC_INFORMATION
;
4976 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION
{
4977 UNICODE_STRING TypeName
;
4978 ULONG Reserved
[22];
4979 } PUBLIC_OBJECT_TYPE_INFORMATION
, *PPUBLIC_OBJECT_TYPE_INFORMATION
;
4981 #define SYSTEM_PAGE_PRIORITY_BITS 3
4982 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
4984 /******************************************************************************
4986 ******************************************************************************/
4987 typedef struct _KAPC_STATE
{
4988 LIST_ENTRY ApcListHead
[MaximumMode
];
4990 BOOLEAN KernelApcInProgress
;
4991 BOOLEAN KernelApcPending
;
4992 BOOLEAN UserApcPending
;
4993 } KAPC_STATE
, *PKAPC_STATE
, *RESTRICTED_POINTER PRKAPC_STATE
;
4995 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
4997 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
4999 typedef struct _KQUEUE
{
5000 DISPATCHER_HEADER Header
;
5001 LIST_ENTRY EntryListHead
;
5002 volatile ULONG CurrentCount
;
5004 LIST_ENTRY ThreadListHead
;
5005 } KQUEUE
, *PKQUEUE
, *RESTRICTED_POINTER PRKQUEUE
;
5008 /******************************************************************************
5009 * Kernel Functions *
5010 ******************************************************************************/
5014 KeGetProcessorNumberFromIndex(
5015 _In_ ULONG ProcIndex
,
5016 _Out_ PPROCESSOR_NUMBER ProcNumber
);
5020 KeGetProcessorIndexFromNumber(
5021 _In_ PPROCESSOR_NUMBER ProcNumber
);
5023 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5032 _Out_ PRKMUTANT Mutant
,
5033 _In_ BOOLEAN InitialOwner
);
5035 _IRQL_requires_max_(DISPATCH_LEVEL
)
5040 _In_ PRKMUTANT Mutant
);
5042 _When_(Wait
==0, _IRQL_requires_max_(DISPATCH_LEVEL
))
5043 _When_(Wait
==1, _IRQL_requires_max_(APC_LEVEL
))
5048 _Inout_ PRKMUTANT Mutant
,
5049 _In_ KPRIORITY Increment
,
5050 _In_ BOOLEAN Abandoned
,
5057 _Out_ PRKQUEUE Queue
,
5060 _IRQL_requires_max_(DISPATCH_LEVEL
)
5065 _In_ PRKQUEUE Queue
);
5067 _IRQL_requires_min_(PASSIVE_LEVEL
)
5068 _IRQL_requires_max_(DISPATCH_LEVEL
)
5073 _Inout_ PRKQUEUE Queue
,
5074 _Inout_ PLIST_ENTRY Entry
);
5076 _IRQL_requires_min_(PASSIVE_LEVEL
)
5077 _IRQL_requires_max_(DISPATCH_LEVEL
)
5082 _Inout_ PRKQUEUE Queue
,
5083 _Inout_ PLIST_ENTRY Entry
);
5085 _IRQL_requires_min_(PASSIVE_LEVEL
)
5086 _When_((Timeout
==NULL
|| Timeout
->QuadPart
!=0), _IRQL_requires_max_(APC_LEVEL
))
5087 _When_((Timeout
!=NULL
&& Timeout
->QuadPart
==0), _IRQL_requires_max_(DISPATCH_LEVEL
))
5092 _Inout_ PRKQUEUE Queue
,
5093 _In_ KPROCESSOR_MODE WaitMode
,
5094 _In_opt_ PLARGE_INTEGER Timeout
);
5096 _IRQL_requires_max_(APC_LEVEL
)
5101 _Inout_ PKPROCESS Process
);
5103 _IRQL_requires_max_(APC_LEVEL
)
5107 KeDetachProcess(VOID
);
5109 _IRQL_requires_max_(DISPATCH_LEVEL
)
5114 _Inout_ PRKQUEUE Queue
);
5116 _IRQL_requires_max_(APC_LEVEL
)
5120 KeStackAttachProcess(
5121 _Inout_ PKPROCESS Process
,
5122 _Out_ PKAPC_STATE ApcState
);
5124 _IRQL_requires_max_(APC_LEVEL
)
5128 KeUnstackDetachProcess(
5129 _In_ PKAPC_STATE ApcState
);
5131 _IRQL_requires_min_(PASSIVE_LEVEL
)
5132 _IRQL_requires_max_(DISPATCH_LEVEL
)
5136 KeSetIdealProcessorThread(
5137 _Inout_ PKTHREAD Thread
,
5138 _In_ UCHAR Processor
);
5140 _IRQL_requires_max_(APC_LEVEL
)
5144 KeSetKernelStackSwapEnable(
5145 _In_ BOOLEAN Enable
);
5148 _Requires_lock_not_held_(*SpinLock
)
5149 _Acquires_lock_(*SpinLock
)
5150 _IRQL_raises_(SYNCH_LEVEL
)
5155 KeAcquireSpinLockRaiseToSynch(
5156 _Inout_ PKSPIN_LOCK SpinLock
);
5158 _Requires_lock_not_held_(*SpinLock
)
5159 _Acquires_lock_(*SpinLock
)
5160 _IRQL_raises_(SYNCH_LEVEL
)
5164 KeAcquireSpinLockRaiseToSynch(
5165 _Inout_ PKSPIN_LOCK SpinLock
);
5168 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5170 #if (NTDDI_VERSION >= NTDDI_WINXP)
5173 _Requires_lock_not_held_(Number
)
5174 _Acquires_lock_(Number
)
5175 _IRQL_raises_(DISPATCH_LEVEL
)
5179 KeAcquireQueuedSpinLock(
5180 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
);
5182 _Requires_lock_held_(Number
)
5183 _Releases_lock_(Number
)
5187 KeReleaseQueuedSpinLock(
5188 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
,
5189 _In_ KIRQL OldIrql
);
5191 _Must_inspect_result_
5192 _Post_satisfies_(return == 1 || return == 0)
5196 KeTryToAcquireQueuedSpinLock(
5197 _In_ KSPIN_LOCK_QUEUE_NUMBER Number
,
5198 _Out_
_At_(*OldIrql
, _IRQL_saves_
) PKIRQL OldIrql
);
5200 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5206 #if (NTDDI_VERSION >= NTDDI_VISTA)
5208 _IRQL_requires_max_(DISPATCH_LEVEL
)
5212 _In_ PKMUTANT Mutant
,
5213 _Out_ PCLIENT_ID ClientId
);
5215 _IRQL_requires_min_(PASSIVE_LEVEL
)
5216 _When_((Timeout
==NULL
|| *Timeout
!=0), _IRQL_requires_max_(APC_LEVEL
))
5217 _When_((Timeout
!=NULL
&& *Timeout
==0), _IRQL_requires_max_(DISPATCH_LEVEL
))
5222 _Inout_ PKQUEUE Queue
,
5223 _In_ KPROCESSOR_MODE WaitMode
,
5224 _In_ BOOLEAN Alertable
,
5225 _In_opt_ PLARGE_INTEGER Timeout
,
5226 _Out_writes_to_(Count
, return) PLIST_ENTRY
*EntryArray
,
5229 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5232 #define INVALID_PROCESSOR_INDEX 0xffffffff
5234 #define EX_PUSH_LOCK ULONG_PTR
5235 #define PEX_PUSH_LOCK PULONG_PTR
5236 /******************************************************************************
5237 * Executive Functions *
5238 ******************************************************************************/
5241 #define ExDisableResourceBoost ExDisableResourceBoostLite
5244 ExInitializePushLock(
5245 _Out_ PEX_PUSH_LOCK PushLock
);
5247 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5249 _IRQL_requires_max_(DISPATCH_LEVEL
)
5253 ExQueryPoolBlockSize(
5254 _In_ PVOID PoolBlock
,
5255 _Out_ PBOOLEAN QuotaCharged
);
5257 _IRQL_requires_max_(DISPATCH_LEVEL
)
5259 ExAdjustLookasideDepth(VOID
);
5261 _IRQL_requires_max_(DISPATCH_LEVEL
)
5265 ExDisableResourceBoostLite(
5266 _In_ PERESOURCE Resource
);
5267 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5269 #if (NTDDI_VERSION >= NTDDI_WINXP)
5273 InterlockedPushListSList(
5274 _Inout_ PSLIST_HEADER ListHead
,
5275 _Inout_ __drv_aliasesMem PSLIST_ENTRY List
,
5276 _Inout_ PSLIST_ENTRY ListEnd
,
5278 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5280 /******************************************************************************
5281 * Security Manager Functions *
5282 ******************************************************************************/
5284 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5290 SeReleaseSubjectContext(
5291 _Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
5297 _Inout_ PPRIVILEGE_SET RequiredPrivileges
,
5298 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5299 _In_ KPROCESSOR_MODE AccessMode
);
5304 SeOpenObjectAuditAlarm(
5305 _In_ PUNICODE_STRING ObjectTypeName
,
5306 _In_opt_ PVOID Object
,
5307 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5308 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5309 _In_ PACCESS_STATE AccessState
,
5310 _In_ BOOLEAN ObjectCreated
,
5311 _In_ BOOLEAN AccessGranted
,
5312 _In_ KPROCESSOR_MODE AccessMode
,
5313 _Out_ PBOOLEAN GenerateOnClose
);
5318 SeOpenObjectForDeleteAuditAlarm(
5319 _In_ PUNICODE_STRING ObjectTypeName
,
5320 _In_opt_ PVOID Object
,
5321 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5322 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5323 _In_ PACCESS_STATE AccessState
,
5324 _In_ BOOLEAN ObjectCreated
,
5325 _In_ BOOLEAN AccessGranted
,
5326 _In_ KPROCESSOR_MODE AccessMode
,
5327 _Out_ PBOOLEAN GenerateOnClose
);
5332 SeDeleteObjectAuditAlarm(
5334 _In_ HANDLE Handle
);
5340 _In_ PACCESS_TOKEN Token
);
5346 _In_ PACCESS_TOKEN Token
);
5351 SeTokenIsRestricted(
5352 _In_ PACCESS_TOKEN Token
);
5357 SeQueryAuthenticationIdToken(
5358 _In_ PACCESS_TOKEN Token
,
5359 _Out_ PLUID AuthenticationId
);
5364 SeQuerySessionIdToken(
5365 _In_ PACCESS_TOKEN Token
,
5366 _Out_ PULONG SessionId
);
5371 SeCreateClientSecurity(
5372 _In_ PETHREAD ClientThread
,
5373 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5374 _In_ BOOLEAN RemoteSession
,
5375 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext
);
5380 SeImpersonateClient(
5381 _In_ PSECURITY_CLIENT_CONTEXT ClientContext
,
5382 _In_opt_ PETHREAD ServerThread
);
5387 SeImpersonateClientEx(
5388 _In_ PSECURITY_CLIENT_CONTEXT ClientContext
,
5389 _In_opt_ PETHREAD ServerThread
);
5394 SeCreateClientSecurityFromSubjectContext(
5395 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
5396 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos
,
5397 _In_ BOOLEAN ServerIsRemote
,
5398 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext
);
5403 SeQuerySecurityDescriptorInfo(
5404 _In_ PSECURITY_INFORMATION SecurityInformation
,
5405 _Out_writes_bytes_(*Length
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
5406 _Inout_ PULONG Length
,
5407 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
);
5412 SeSetSecurityDescriptorInfo(
5413 _In_opt_ PVOID Object
,
5414 _In_ PSECURITY_INFORMATION SecurityInformation
,
5415 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5416 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5417 _In_ POOL_TYPE PoolType
,
5418 _In_ PGENERIC_MAPPING GenericMapping
);
5423 SeSetSecurityDescriptorInfoEx(
5424 _In_opt_ PVOID Object
,
5425 _In_ PSECURITY_INFORMATION SecurityInformation
,
5426 _In_ PSECURITY_DESCRIPTOR ModificationDescriptor
,
5427 _Inout_ PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
5428 _In_ ULONG AutoInheritFlags
,
5429 _In_ POOL_TYPE PoolType
,
5430 _In_ PGENERIC_MAPPING GenericMapping
);
5436 _Inout_ PACCESS_STATE AccessState
,
5437 _In_ PPRIVILEGE_SET Privileges
);
5442 SeAuditingFileEvents(
5443 _In_ BOOLEAN AccessGranted
,
5444 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
5449 SeAuditingFileOrGlobalEvents(
5450 _In_ BOOLEAN AccessGranted
,
5451 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5452 _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5456 SeSetAccessStateGenericMapping(
5457 _Inout_ PACCESS_STATE AccessState
,
5458 _In_ PGENERIC_MAPPING GenericMapping
);
5463 SeRegisterLogonSessionTerminatedRoutine(
5464 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5469 SeUnregisterLogonSessionTerminatedRoutine(
5470 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
);
5475 SeMarkLogonSessionForTerminationNotification(
5476 _In_ PLUID LogonId
);
5481 SeQueryInformationToken(
5482 _In_ PACCESS_TOKEN Token
,
5483 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
5484 _Outptr_result_buffer_(_Inexpressible_(token
-dependent
)) PVOID
*TokenInformation
);
5486 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5487 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
5491 SeAuditingHardLinkEvents(
5492 _In_ BOOLEAN AccessGranted
,
5493 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
5496 #if (NTDDI_VERSION >= NTDDI_WINXP)
5502 _In_ PACCESS_TOKEN ExistingToken
,
5504 _In_opt_ PTOKEN_GROUPS SidsToDisable
,
5505 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete
,
5506 _In_opt_ PTOKEN_GROUPS RestrictedSids
,
5507 _Outptr_ PACCESS_TOKEN
*FilteredToken
);
5512 SeAuditHardLinkCreation(
5513 _In_ PUNICODE_STRING FileName
,
5514 _In_ PUNICODE_STRING LinkName
,
5515 _In_ BOOLEAN bSuccess
);
5517 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5519 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
5524 SeAuditingFileEventsWithContext(
5525 _In_ BOOLEAN AccessGranted
,
5526 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5527 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5532 SeAuditingHardLinkEventsWithContext(
5533 _In_ BOOLEAN AccessGranted
,
5534 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5535 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
);
5540 #if (NTDDI_VERSION >= NTDDI_VISTA)
5545 SeOpenObjectAuditAlarmWithTransaction(
5546 _In_ PUNICODE_STRING ObjectTypeName
,
5547 _In_opt_ PVOID Object
,
5548 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5549 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5550 _In_ PACCESS_STATE AccessState
,
5551 _In_ BOOLEAN ObjectCreated
,
5552 _In_ BOOLEAN AccessGranted
,
5553 _In_ KPROCESSOR_MODE AccessMode
,
5554 _In_opt_ GUID
*TransactionId
,
5555 _Out_ PBOOLEAN GenerateOnClose
);
5560 SeOpenObjectForDeleteAuditAlarmWithTransaction(
5561 _In_ PUNICODE_STRING ObjectTypeName
,
5562 _In_opt_ PVOID Object
,
5563 _In_opt_ PUNICODE_STRING AbsoluteObjectName
,
5564 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5565 _In_ PACCESS_STATE AccessState
,
5566 _In_ BOOLEAN ObjectCreated
,
5567 _In_ BOOLEAN AccessGranted
,
5568 _In_ KPROCESSOR_MODE AccessMode
,
5569 _In_opt_ GUID
*TransactionId
,
5570 _Out_ PBOOLEAN GenerateOnClose
);
5577 _In_ PACCESS_TOKEN Token
,
5578 _In_ ACCESS_MASK DesiredAccess
,
5579 _In_ BOOLEAN AccessGranted
,
5580 _Out_ PBOOLEAN GenerateAudit
,
5581 _Out_ PBOOLEAN GenerateAlarm
);
5586 SeDeleteObjectAuditAlarmWithTransaction(
5589 _In_opt_ GUID
*TransactionId
);
5594 SeQueryTokenIntegrity(
5595 _In_ PACCESS_TOKEN Token
,
5596 _Inout_ PSID_AND_ATTRIBUTES IntegritySA
);
5601 SeSetSessionIdToken(
5602 _In_ PACCESS_TOKEN Token
,
5603 _In_ ULONG SessionId
);
5608 SeAuditHardLinkCreationWithTransaction(
5609 _In_ PUNICODE_STRING FileName
,
5610 _In_ PUNICODE_STRING LinkName
,
5611 _In_ BOOLEAN bSuccess
,
5612 _In_opt_ GUID
*TransactionId
);
5617 SeAuditTransactionStateChange(
5618 _In_ GUID
*TransactionId
,
5619 _In_ GUID
*ResourceManagerId
,
5620 _In_ ULONG NewTransactionState
);
5621 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5623 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
5627 SeTokenIsWriteRestricted(
5628 _In_ PACCESS_TOKEN Token
);
5631 #if (NTDDI_VERSION >= NTDDI_WIN7)
5636 SeAuditingAnyFileEventsWithContext(
5637 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5638 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext
,
5639 _Out_opt_ PBOOLEAN StagingEnabled
);
5644 SeExamineGlobalSacl(
5645 _In_ PUNICODE_STRING ObjectType
,
5646 _In_ PACL ResourceSacl
,
5647 _In_ PACCESS_TOKEN Token
,
5648 _In_ ACCESS_MASK DesiredAccess
,
5649 _In_ BOOLEAN AccessGranted
,
5650 _Inout_ PBOOLEAN GenerateAudit
,
5651 _Inout_opt_ PBOOLEAN GenerateAlarm
);
5656 SeMaximumAuditMaskFromGlobalSacl(
5657 _In_opt_ PUNICODE_STRING ObjectTypeName
,
5658 _In_ ACCESS_MASK GrantedAccess
,
5659 _In_ PACCESS_TOKEN Token
,
5660 _Inout_ PACCESS_MASK AuditMask
);
5662 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
5666 SeReportSecurityEventWithSubCategory(
5668 _In_ PUNICODE_STRING SourceName
,
5669 _In_opt_ PSID UserSid
,
5670 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters
,
5671 _In_ ULONG AuditSubcategoryId
);
5675 SeAccessCheckFromState(
5676 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
,
5677 _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation
,
5678 _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation
,
5679 _In_ ACCESS_MASK DesiredAccess
,
5680 _In_ ACCESS_MASK PreviouslyGrantedAccess
,
5681 _Outptr_opt_result_maybenull_ PPRIVILEGE_SET
*Privileges
,
5682 _In_ PGENERIC_MAPPING GenericMapping
,
5683 _In_ KPROCESSOR_MODE AccessMode
,
5684 _Out_ PACCESS_MASK GrantedAccess
,
5685 _Out_ PNTSTATUS AccessStatus
);
5691 _In_ PPRIVILEGE_SET Privileges
);
5695 SeLocateProcessImageName(
5696 _Inout_ PEPROCESS Process
,
5697 _Outptr_ PUNICODE_STRING
*pImageFileName
);
5699 #define SeLengthSid( Sid ) \
5700 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
5702 #define SeDeleteClientSecurity(C) { \
5703 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
5704 PsDereferencePrimaryToken( (C)->ClientToken ); \
5706 PsDereferenceImpersonationToken( (C)->ClientToken ); \
5710 #define SeStopImpersonatingClient() PsRevertToSelf()
5712 #define SeQuerySubjectContextToken( SubjectContext ) \
5713 ( ARGUMENT_PRESENT( \
5714 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
5716 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
5717 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
5719 extern NTKERNELAPI PSE_EXPORTS SeExports
;
5720 /******************************************************************************
5721 * Process Manager Functions *
5722 ******************************************************************************/
5724 _Must_inspect_result_
5725 _IRQL_requires_max_(APC_LEVEL
)
5729 PsLookupProcessByProcessId(
5730 _In_ HANDLE ProcessId
,
5731 _Outptr_ PEPROCESS
*Process
);
5733 _Must_inspect_result_
5734 _IRQL_requires_max_(APC_LEVEL
)
5738 PsLookupThreadByThreadId(
5739 _In_ HANDLE UniqueThreadId
,
5740 _Outptr_ PETHREAD
*Thread
);
5742 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5745 _IRQL_requires_max_(APC_LEVEL
)
5749 PsReferenceImpersonationToken(
5750 _Inout_ PETHREAD Thread
,
5751 _Out_ PBOOLEAN CopyOnOpen
,
5752 _Out_ PBOOLEAN EffectiveOnly
,
5753 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5755 _IRQL_requires_max_(APC_LEVEL
)
5759 PsGetProcessExitTime(VOID
);
5761 _IRQL_requires_max_(DISPATCH_LEVEL
)
5765 PsIsThreadTerminating(
5766 _In_ PETHREAD Thread
);
5768 _Must_inspect_result_
5769 _IRQL_requires_max_(PASSIVE_LEVEL
)
5773 PsImpersonateClient(
5774 _Inout_ PETHREAD Thread
,
5775 _In_opt_ PACCESS_TOKEN Token
,
5776 _In_ BOOLEAN CopyOnOpen
,
5777 _In_ BOOLEAN EffectiveOnly
,
5778 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
5780 _IRQL_requires_max_(PASSIVE_LEVEL
)
5784 PsDisableImpersonation(
5785 _Inout_ PETHREAD Thread
,
5786 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState
);
5788 _IRQL_requires_max_(PASSIVE_LEVEL
)
5792 PsRestoreImpersonation(
5793 _Inout_ PETHREAD Thread
,
5794 _In_ PSE_IMPERSONATION_STATE ImpersonationState
);
5796 _IRQL_requires_max_(PASSIVE_LEVEL
)
5800 PsRevertToSelf(VOID
);
5802 _IRQL_requires_max_(APC_LEVEL
)
5807 _In_ PEPROCESS Process
,
5808 _In_ POOL_TYPE PoolType
,
5809 _In_ ULONG_PTR Amount
);
5811 _IRQL_requires_max_(APC_LEVEL
)
5816 _In_ PEPROCESS Process
,
5817 _In_ POOL_TYPE PoolType
,
5818 _In_ ULONG_PTR Amount
);
5820 _IRQL_requires_max_(PASSIVE_LEVEL
)
5824 PsAssignImpersonationToken(
5825 _In_ PETHREAD Thread
,
5826 _In_opt_ HANDLE Token
);
5828 _IRQL_requires_max_(PASSIVE_LEVEL
)
5832 PsReferencePrimaryToken(
5833 _Inout_ PEPROCESS Process
);
5834 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5835 #if (NTDDI_VERSION >= NTDDI_WINXP)
5838 _IRQL_requires_max_(PASSIVE_LEVEL
)
5842 PsDereferencePrimaryToken(
5843 _In_ PACCESS_TOKEN PrimaryToken
);
5845 _IRQL_requires_max_(PASSIVE_LEVEL
)
5849 PsDereferenceImpersonationToken(
5850 _In_ PACCESS_TOKEN ImpersonationToken
);
5852 _Must_inspect_result_
5853 _IRQL_requires_max_(APC_LEVEL
)
5857 PsChargeProcessPoolQuota(
5858 _In_ PEPROCESS Process
,
5859 _In_ POOL_TYPE PoolType
,
5860 _In_ ULONG_PTR Amount
);
5866 _In_ PETHREAD Thread
);
5867 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5869 /******************************************************************************
5870 * I/O Manager Functions *
5871 ******************************************************************************/
5873 #define IoIsFileOpenedExclusively(FileObject) ( \
5875 (FileObject)->SharedRead || \
5876 (FileObject)->SharedWrite || \
5877 (FileObject)->SharedDelete \
5881 #if (NTDDI_VERSION == NTDDI_WIN2K)
5885 IoRegisterFsRegistrationChangeEx(
5886 _In_ PDRIVER_OBJECT DriverObject
,
5887 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
5889 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5895 IoAcquireVpbSpinLock(
5901 IoCheckDesiredAccess(
5902 _Inout_ PACCESS_MASK DesiredAccess
,
5903 _In_ ACCESS_MASK GrantedAccess
);
5908 IoCheckEaBufferValidity(
5909 _In_ PFILE_FULL_EA_INFORMATION EaBuffer
,
5910 _In_ ULONG EaLength
,
5911 _Out_ PULONG ErrorOffset
);
5916 IoCheckFunctionAccess(
5917 _In_ ACCESS_MASK GrantedAccess
,
5918 _In_ UCHAR MajorFunction
,
5919 _In_ UCHAR MinorFunction
,
5920 _In_ ULONG IoControlCode
,
5921 _In_opt_ PVOID Argument1
,
5922 _In_opt_ PVOID Argument2
);
5927 IoCheckQuerySetFileInformation(
5928 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
5930 _In_ BOOLEAN SetOperation
);
5935 IoCheckQuerySetVolumeInformation(
5936 _In_ FS_INFORMATION_CLASS FsInformationClass
,
5938 _In_ BOOLEAN SetOperation
);
5943 IoCheckQuotaBufferValidity(
5944 _In_ PFILE_QUOTA_INFORMATION QuotaBuffer
,
5945 _In_ ULONG QuotaLength
,
5946 _Out_ PULONG ErrorOffset
);
5951 IoCreateStreamFileObject(
5952 _In_opt_ PFILE_OBJECT FileObject
,
5953 _In_opt_ PDEVICE_OBJECT DeviceObject
);
5958 IoCreateStreamFileObjectLite(
5959 _In_opt_ PFILE_OBJECT FileObject
,
5960 _In_opt_ PDEVICE_OBJECT DeviceObject
);
5965 IoFastQueryNetworkAttributes(
5966 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
5967 _In_ ACCESS_MASK DesiredAccess
,
5968 _In_ ULONG OpenOptions
,
5969 _Out_ PIO_STATUS_BLOCK IoStatus
,
5970 _Out_ PFILE_NETWORK_OPEN_INFORMATION Buffer
);
5976 _In_ PFILE_OBJECT FileObject
,
5978 _In_ PLARGE_INTEGER Offset
,
5980 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
5985 IoGetBaseFileSystemDeviceObject(
5986 _In_ PFILE_OBJECT FileObject
);
5988 _IRQL_requires_max_(PASSIVE_LEVEL
)
5990 PCONFIGURATION_INFORMATION
5992 IoGetConfigurationInformation(VOID
);
5997 IoGetRequestorProcessId(
6003 IoGetRequestorProcess(
6009 IoGetTopLevelIrp(VOID
);
6014 IoIsOperationSynchronous(
6021 _In_ PETHREAD Thread
);
6026 IoIsValidNameGraftingBuffer(
6028 _In_ PREPARSE_DATA_BUFFER ReparseBuffer
);
6033 IoQueryFileInformation(
6034 _In_ PFILE_OBJECT FileObject
,
6035 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
6037 _Out_ PVOID FileInformation
,
6038 _Out_ PULONG ReturnedLength
);
6043 IoQueryVolumeInformation(
6044 _In_ PFILE_OBJECT FileObject
,
6045 _In_ FS_INFORMATION_CLASS FsInformationClass
,
6047 _Out_ PVOID FsInformation
,
6048 _Out_ PULONG ReturnedLength
);
6059 IoRegisterFileSystem(
6060 _In_ __drv_aliasesMem PDEVICE_OBJECT DeviceObject
);
6065 IoRegisterFsRegistrationChange(
6066 _In_ PDRIVER_OBJECT DriverObject
,
6067 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
6072 IoReleaseVpbSpinLock(
6078 IoSetDeviceToVerify(
6079 _In_ PETHREAD Thread
,
6080 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6086 _In_ PFILE_OBJECT FileObject
,
6087 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
6089 _In_ PVOID FileInformation
);
6100 IoSynchronousPageWrite(
6101 _In_ PFILE_OBJECT FileObject
,
6103 _In_ PLARGE_INTEGER FileOffset
,
6105 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
6111 _In_ PETHREAD Thread
);
6116 IoUnregisterFileSystem(
6117 _In_ PDEVICE_OBJECT DeviceObject
);
6122 IoUnregisterFsRegistrationChange(
6123 _In_ PDRIVER_OBJECT DriverObject
,
6124 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
);
6130 _In_ PDEVICE_OBJECT DeviceObject
,
6131 _In_ BOOLEAN AllowRawMount
);
6136 IoGetRequestorSessionId(
6138 _Out_ PULONG pSessionId
);
6140 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6143 #if (NTDDI_VERSION >= NTDDI_WINXP)
6149 IoCreateStreamFileObjectEx(
6150 _In_opt_ PFILE_OBJECT FileObject
,
6151 _In_opt_ PDEVICE_OBJECT DeviceObject
,
6152 _Out_opt_ PHANDLE FileObjectHandle
);
6157 IoQueryFileDosDeviceName(
6158 _In_ PFILE_OBJECT FileObject
,
6159 _Out_ POBJECT_NAME_INFORMATION
*ObjectNameInformation
);
6164 IoEnumerateDeviceObjectList(
6165 _In_ PDRIVER_OBJECT DriverObject
,
6166 _Out_writes_bytes_to_opt_(DeviceObjectListSize
,(*ActualNumberDeviceObjects
)*sizeof(PDEVICE_OBJECT
))
6167 PDEVICE_OBJECT
*DeviceObjectList
,
6168 _In_ ULONG DeviceObjectListSize
,
6169 _Out_ PULONG ActualNumberDeviceObjects
);
6174 IoGetLowerDeviceObject(
6175 _In_ PDEVICE_OBJECT DeviceObject
);
6180 IoGetDeviceAttachmentBaseRef(
6181 _In_ PDEVICE_OBJECT DeviceObject
);
6186 IoGetDiskDeviceObject(
6187 _In_ PDEVICE_OBJECT FileSystemDeviceObject
,
6188 _Out_ PDEVICE_OBJECT
*DiskDeviceObject
);
6190 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6192 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
6198 IoEnumerateRegisteredFiltersList(
6199 _Out_writes_bytes_to_opt_(DriverObjectListSize
,(*ActualNumberDriverObjects
)*sizeof(PDRIVER_OBJECT
))
6200 PDRIVER_OBJECT
*DriverObjectList
,
6201 _In_ ULONG DriverObjectListSize
,
6202 _Out_ PULONG ActualNumberDriverObjects
);
6203 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
6205 #if (NTDDI_VERSION >= NTDDI_VISTA)
6210 IoInitializePriorityInfo(
6211 _In_ PIO_PRIORITY_INFO PriorityInfo
)
6213 PriorityInfo
->Size
= sizeof(IO_PRIORITY_INFO
);
6214 PriorityInfo
->ThreadPriority
= 0xffff;
6215 PriorityInfo
->IoPriority
= IoPriorityNormal
;
6216 PriorityInfo
->PagePriority
= 0;
6218 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6220 #if (NTDDI_VERSION >= NTDDI_WIN7)
6226 IoRegisterFsRegistrationChangeMountAware(
6227 _In_ PDRIVER_OBJECT DriverObject
,
6228 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
,
6229 _In_ BOOLEAN SynchronizeWithMounts
);
6234 IoReplaceFileObjectName(
6235 _In_ PFILE_OBJECT FileObject
,
6236 _In_reads_bytes_(FileNameLength
) PWSTR NewFileName
,
6237 _In_ USHORT FileNameLength
);
6238 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6241 #define PO_CB_SYSTEM_POWER_POLICY 0
6242 #define PO_CB_AC_STATUS 1
6243 #define PO_CB_BUTTON_COLLISION 2
6244 #define PO_CB_SYSTEM_STATE_LOCK 3
6245 #define PO_CB_LID_SWITCH_STATE 4
6246 #define PO_CB_PROCESSOR_POWER_POLICY 5
6249 #if (NTDDI_VERSION >= NTDDI_WINXP)
6250 _IRQL_requires_max_(APC_LEVEL
)
6254 PoQueueShutdownWorkItem(
6255 _Inout_ __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem
);
6257 /******************************************************************************
6258 * Memory manager Types *
6259 ******************************************************************************/
6260 typedef enum _MMFLUSH_TYPE
{
6265 typedef struct _READ_LIST
{
6266 PFILE_OBJECT FileObject
;
6267 ULONG NumberOfEntries
;
6269 FILE_SEGMENT_ELEMENT List
[ANYSIZE_ARRAY
];
6270 } READ_LIST
, *PREAD_LIST
;
6272 #if (NTDDI_VERSION >= NTDDI_WINXP)
6274 typedef union _MM_PREFETCH_FLAGS
{
6276 ULONG Priority
: SYSTEM_PAGE_PRIORITY_BITS
;
6277 ULONG RepurposePriority
: SYSTEM_PAGE_PRIORITY_BITS
;
6280 } MM_PREFETCH_FLAGS
, *PMM_PREFETCH_FLAGS
;
6282 #define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
6284 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6286 #define HEAP_NO_SERIALIZE 0x00000001
6287 #define HEAP_GROWABLE 0x00000002
6288 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
6289 #define HEAP_ZERO_MEMORY 0x00000008
6290 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
6291 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
6292 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
6293 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
6295 #define HEAP_CREATE_ALIGN_16 0x00010000
6296 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
6297 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
6299 #define HEAP_SETTABLE_USER_VALUE 0x00000100
6300 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
6301 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
6302 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
6303 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
6305 #define HEAP_CLASS_0 0x00000000
6306 #define HEAP_CLASS_1 0x00001000
6307 #define HEAP_CLASS_2 0x00002000
6308 #define HEAP_CLASS_3 0x00003000
6309 #define HEAP_CLASS_4 0x00004000
6310 #define HEAP_CLASS_5 0x00005000
6311 #define HEAP_CLASS_6 0x00006000
6312 #define HEAP_CLASS_7 0x00007000
6313 #define HEAP_CLASS_8 0x00008000
6314 #define HEAP_CLASS_MASK 0x0000F000
6316 #define HEAP_MAXIMUM_TAG 0x0FFF
6317 #define HEAP_GLOBAL_TAG 0x0800
6318 #define HEAP_PSEUDO_TAG_FLAG 0x8000
6319 #define HEAP_TAG_SHIFT 18
6320 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
6322 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
6324 HEAP_GENERATE_EXCEPTIONS | \
6325 HEAP_ZERO_MEMORY | \
6326 HEAP_REALLOC_IN_PLACE_ONLY | \
6327 HEAP_TAIL_CHECKING_ENABLED | \
6328 HEAP_FREE_CHECKING_ENABLED | \
6329 HEAP_DISABLE_COALESCE_ON_FREE | \
6331 HEAP_CREATE_ALIGN_16 | \
6332 HEAP_CREATE_ENABLE_TRACING | \
6333 HEAP_CREATE_ENABLE_EXECUTE)
6335 /******************************************************************************
6336 * Memory manager Functions *
6337 ******************************************************************************/
6341 HEAP_MAKE_TAG_FLAGS(
6345 //__assume_bound(TagBase); // FIXME
6346 return ((ULONG
)((TagBase
) + ((Tag
) << HEAP_TAG_SHIFT
)));
6349 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6354 MmIsRecursiveIoFault(VOID
);
6356 _IRQL_requires_max_ (APC_LEVEL
)
6360 MmForceSectionClosed(
6361 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6362 _In_ BOOLEAN DelayClose
);
6364 _IRQL_requires_max_ (APC_LEVEL
)
6368 MmFlushImageSection(
6369 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6370 _In_ MMFLUSH_TYPE FlushType
);
6372 _IRQL_requires_max_ (APC_LEVEL
)
6376 MmCanFileBeTruncated(
6377 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
6378 _In_opt_ PLARGE_INTEGER NewFileSize
);
6380 _IRQL_requires_max_ (APC_LEVEL
)
6384 MmSetAddressRangeModified(
6385 _In_reads_bytes_ (Length
) PVOID Address
,
6386 _In_ SIZE_T Length
);
6388 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6390 #if (NTDDI_VERSION >= NTDDI_WINXP)
6393 _IRQL_requires_max_ (PASSIVE_LEVEL
)
6398 _In_ ULONG NumberOfLists
,
6399 _In_reads_ (NumberOfLists
) PREAD_LIST
*ReadLists
);
6401 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6404 #if (NTDDI_VERSION >= NTDDI_VISTA)
6406 _IRQL_requires_max_ (APC_LEVEL
)
6410 MmDoesFileHaveUserWritableReferences(
6411 _In_ PSECTION_OBJECT_POINTERS SectionPointer
);
6412 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6415 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6422 _Inout_opt_ PACCESS_STATE PassedAccessState
,
6423 _In_opt_ ACCESS_MASK DesiredAccess
,
6424 _In_ ULONG ObjectPointerBias
,
6425 _Out_opt_ PVOID
*NewObject
,
6426 _Out_opt_ PHANDLE Handle
);
6431 ObOpenObjectByPointer(
6433 _In_ ULONG HandleAttributes
,
6434 _In_opt_ PACCESS_STATE PassedAccessState
,
6435 _In_ ACCESS_MASK DesiredAccess
,
6436 _In_opt_ POBJECT_TYPE ObjectType
,
6437 _In_ KPROCESSOR_MODE AccessMode
,
6438 _Out_ PHANDLE Handle
);
6443 ObMakeTemporaryObject(
6451 _Out_writes_bytes_opt_(Length
) POBJECT_NAME_INFORMATION ObjectNameInfo
,
6453 _Out_ PULONG ReturnLength
);
6458 ObQueryObjectAuditingByHandle(
6460 _Out_ PBOOLEAN GenerateOnClose
);
6461 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6463 #if (NTDDI_VERSION >= NTDDI_VISTA)
6469 _In_ HANDLE Handle
);
6473 #if (NTDDI_VERSION >= NTDDI_WIN7)
6478 ObOpenObjectByPointerWithTag(
6480 _In_ ULONG HandleAttributes
,
6481 _In_opt_ PACCESS_STATE PassedAccessState
,
6482 _In_ ACCESS_MASK DesiredAccess
,
6483 _In_opt_ POBJECT_TYPE ObjectType
,
6484 _In_ KPROCESSOR_MODE AccessMode
,
6486 _Out_ PHANDLE Handle
);
6487 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6497 #define FSRTL_COMMON_FCB_HEADER_LAYOUT \
6498 CSHORT NodeTypeCode; \
6499 CSHORT NodeByteSize; \
6501 UCHAR IsFastIoPossible; \
6505 PERESOURCE Resource; \
6506 PERESOURCE PagingIoResource; \
6507 LARGE_INTEGER AllocationSize; \
6508 LARGE_INTEGER FileSize; \
6509 LARGE_INTEGER ValidDataLength;
6511 typedef struct _FSRTL_COMMON_FCB_HEADER
{
6512 FSRTL_COMMON_FCB_HEADER_LAYOUT
6513 } FSRTL_COMMON_FCB_HEADER
, *PFSRTL_COMMON_FCB_HEADER
;
6516 typedef struct _FSRTL_ADVANCED_FCB_HEADER
:FSRTL_COMMON_FCB_HEADER
{
6517 #else /* __cplusplus */
6518 typedef struct _FSRTL_ADVANCED_FCB_HEADER
{
6519 FSRTL_COMMON_FCB_HEADER_LAYOUT
6520 #endif /* __cplusplus */
6521 PFAST_MUTEX FastMutex
;
6522 LIST_ENTRY FilterContexts
;
6523 #if (NTDDI_VERSION >= NTDDI_VISTA)
6524 EX_PUSH_LOCK PushLock
;
6525 PVOID
*FileContextSupportPointer
;
6527 } FSRTL_ADVANCED_FCB_HEADER
, *PFSRTL_ADVANCED_FCB_HEADER
;
6529 #define FSRTL_FCB_HEADER_V0 (0x00)
6530 #define FSRTL_FCB_HEADER_V1 (0x01)
6532 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
6533 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
6534 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
6535 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
6536 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
6537 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
6538 #define FSRTL_FLAG_ADVANCED_HEADER (0x40)
6539 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
6541 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
6542 #define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
6543 #define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
6544 #define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
6546 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
6547 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
6548 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
6549 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
6550 #define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
6551 #define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
6552 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
6554 typedef struct _FSRTL_AUXILIARY_BUFFER
{
6559 } FSRTL_AUXILIARY_BUFFER
, *PFSRTL_AUXILIARY_BUFFER
;
6561 #define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
6563 typedef enum _FSRTL_COMPARISON_RESULT
{
6567 } FSRTL_COMPARISON_RESULT
;
6569 #define FSRTL_FAT_LEGAL 0x01
6570 #define FSRTL_HPFS_LEGAL 0x02
6571 #define FSRTL_NTFS_LEGAL 0x04
6572 #define FSRTL_WILD_CHARACTER 0x08
6573 #define FSRTL_OLE_LEGAL 0x10
6574 #define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
6576 #define FSRTL_VOLUME_DISMOUNT 1
6577 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
6578 #define FSRTL_VOLUME_LOCK 3
6579 #define FSRTL_VOLUME_LOCK_FAILED 4
6580 #define FSRTL_VOLUME_UNLOCK 5
6581 #define FSRTL_VOLUME_MOUNT 6
6582 #define FSRTL_VOLUME_NEEDS_CHKDSK 7
6583 #define FSRTL_VOLUME_WORM_NEAR_FULL 8
6584 #define FSRTL_VOLUME_WEARING_OUT 9
6585 #define FSRTL_VOLUME_FORCED_CLOSED 10
6586 #define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
6587 #define FSRTL_VOLUME_PREPARING_EJECT 12
6588 #define FSRTL_VOLUME_CHANGE_SIZE 13
6589 #define FSRTL_VOLUME_BACKGROUND_FORMAT 14
6592 (NTAPI
*PFSRTL_STACK_OVERFLOW_ROUTINE
)(
6594 _In_ PKEVENT Event
);
6596 #if (NTDDI_VERSION >= NTDDI_VISTA)
6598 #define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
6599 #define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
6600 #define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
6602 #define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
6604 #define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
6605 #define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
6607 #define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
6609 #define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
6610 #define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
6612 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1
{
6614 } FSRTL_MUP_PROVIDER_INFO_LEVEL_1
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1
;
6616 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2
{
6618 UNICODE_STRING ProviderName
;
6619 } FSRTL_MUP_PROVIDER_INFO_LEVEL_2
, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2
;
6622 (*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK
) (
6623 _Inout_ PVOID EcpContext
,
6624 _In_ LPCGUID EcpType
);
6626 typedef struct _ECP_LIST ECP_LIST
, *PECP_LIST
;
6628 typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS
;
6629 typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS
;
6630 typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS
;
6632 typedef enum _FSRTL_CHANGE_BACKING_TYPE
{
6633 ChangeDataControlArea
,
6634 ChangeImageControlArea
,
6635 ChangeSharedCacheMap
6636 } FSRTL_CHANGE_BACKING_TYPE
, *PFSRTL_CHANGE_BACKING_TYPE
;
6638 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6640 typedef struct _FSRTL_PER_FILE_CONTEXT
{
6644 PFREE_FUNCTION FreeCallback
;
6645 } FSRTL_PER_FILE_CONTEXT
, *PFSRTL_PER_FILE_CONTEXT
;
6647 typedef struct _FSRTL_PER_STREAM_CONTEXT
{
6651 PFREE_FUNCTION FreeCallback
;
6652 } FSRTL_PER_STREAM_CONTEXT
, *PFSRTL_PER_STREAM_CONTEXT
;
6654 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6656 (*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS
) (
6657 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
6660 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT
{
6664 } FSRTL_PER_FILEOBJECT_CONTEXT
, *PFSRTL_PER_FILEOBJECT_CONTEXT
;
6666 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
6667 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
6670 (NTAPI
*PCOMPLETE_LOCK_IRP_ROUTINE
) (
6674 typedef struct _FILE_LOCK_INFO
{
6675 LARGE_INTEGER StartingByte
;
6676 LARGE_INTEGER Length
;
6677 BOOLEAN ExclusiveLock
;
6679 PFILE_OBJECT FileObject
;
6681 LARGE_INTEGER EndingByte
;
6682 } FILE_LOCK_INFO
, *PFILE_LOCK_INFO
;
6685 (NTAPI
*PUNLOCK_ROUTINE
) (
6687 _In_ PFILE_LOCK_INFO FileLockInfo
);
6689 typedef struct _FILE_LOCK
{
6690 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
;
6691 PUNLOCK_ROUTINE UnlockRoutine
;
6692 BOOLEAN FastIoIsQuestionable
;
6694 PVOID LockInformation
;
6695 FILE_LOCK_INFO LastReturnedLockInfo
;
6696 PVOID LastReturnedLock
;
6697 LONG
volatile LockRequestsInProgress
;
6698 } FILE_LOCK
, *PFILE_LOCK
;
6700 typedef struct _TUNNEL
{
6702 PRTL_SPLAY_LINKS Cache
;
6703 LIST_ENTRY TimerQueue
;
6707 typedef struct _BASE_MCB
{
6708 ULONG MaximumPairCount
;
6713 } BASE_MCB
, *PBASE_MCB
;
6715 typedef struct _LARGE_MCB
{
6716 PKGUARDED_MUTEX GuardedMutex
;
6718 } LARGE_MCB
, *PLARGE_MCB
;
6720 #define MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE 1
6722 typedef struct _MCB
{
6723 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly
;
6726 typedef enum _FAST_IO_POSSIBLE
{
6727 FastIoIsNotPossible
= 0,
6729 FastIoIsQuestionable
6732 typedef struct _EOF_WAIT_BLOCK
{
6733 LIST_ENTRY EofWaitLinks
;
6735 } EOF_WAIT_BLOCK
, *PEOF_WAIT_BLOCK
;
6737 typedef PVOID OPLOCK
, *POPLOCK
;
6740 (NTAPI
*POPLOCK_WAIT_COMPLETE_ROUTINE
) (
6745 (NTAPI
*POPLOCK_FS_PREPOST_IRP
) (
6749 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
6750 #define OPLOCK_FLAG_COMPLETE_IF_OPLOCKED 0x00000001
6753 #if (NTDDI_VERSION >= NTDDI_WIN7)
6754 #define OPLOCK_FLAG_OPLOCK_KEY_CHECK_ONLY 0x00000002
6755 #define OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK 0x00000004
6756 #define OPLOCK_FLAG_IGNORE_OPLOCK_KEYS 0x00000008
6757 #define OPLOCK_FSCTRL_FLAG_ALL_KEYS_MATCH 0x00000001
6760 #if (NTDDI_VERSION >= NTDDI_WIN7)
6762 typedef struct _OPLOCK_KEY_ECP_CONTEXT
{
6765 } OPLOCK_KEY_ECP_CONTEXT
, *POPLOCK_KEY_ECP_CONTEXT
;
6767 DEFINE_GUID(GUID_ECP_OPLOCK_KEY
, 0x48850596, 0x3050, 0x4be7, 0x98, 0x63, 0xfe, 0xc3, 0x50, 0xce, 0x8d, 0x7f);
6771 typedef PVOID PNOTIFY_SYNC
;
6773 #if (NTDDI_VERSION >= NTDDI_WIN7)
6774 typedef struct _ECP_HEADER ECP_HEADER
, *PECP_HEADER
;
6778 (NTAPI
*PCHECK_FOR_TRAVERSE_ACCESS
) (
6779 _In_ PVOID NotifyContext
,
6780 _In_opt_ PVOID TargetContext
,
6781 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
6784 (NTAPI
*PFILTER_REPORT_CHANGE
) (
6785 _In_ PVOID NotifyContext
,
6786 _In_ PVOID FilterContext
);
6787 /* FSRTL Functions */
6789 #define FsRtlEnterFileSystem KeEnterCriticalRegion
6790 #define FsRtlExitFileSystem KeLeaveCriticalRegion
6792 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6794 _Must_inspect_result_
6795 _IRQL_requires_max_(PASSIVE_LEVEL
)
6800 _In_ PFILE_OBJECT FileObject
,
6801 _In_ PLARGE_INTEGER FileOffset
,
6805 _Out_writes_bytes_(Length
) PVOID Buffer
,
6806 _Out_ PIO_STATUS_BLOCK IoStatus
,
6807 _In_ PDEVICE_OBJECT DeviceObject
);
6809 _Must_inspect_result_
6810 _IRQL_requires_max_(PASSIVE_LEVEL
)
6815 _In_ PFILE_OBJECT FileObject
,
6816 _In_ PLARGE_INTEGER FileOffset
,
6820 _In_reads_bytes_(Length
) PVOID Buffer
,
6821 _Out_ PIO_STATUS_BLOCK IoStatus
,
6822 _In_ PDEVICE_OBJECT DeviceObject
);
6824 _Must_inspect_result_
6825 _IRQL_requires_max_(APC_LEVEL
)
6830 _In_ PFILE_OBJECT FileObject
,
6831 _In_ PLARGE_INTEGER FileOffset
,
6834 _Outptr_ PMDL
*MdlChain
,
6835 _Out_ PIO_STATUS_BLOCK IoStatus
,
6836 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6838 _IRQL_requires_max_(PASSIVE_LEVEL
)
6842 FsRtlMdlReadCompleteDev(
6843 _In_ PFILE_OBJECT FileObject
,
6845 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6847 _Must_inspect_result_
6848 _IRQL_requires_max_(APC_LEVEL
)
6852 FsRtlPrepareMdlWriteDev(
6853 _In_ PFILE_OBJECT FileObject
,
6854 _In_ PLARGE_INTEGER FileOffset
,
6857 _Outptr_ PMDL
*MdlChain
,
6858 _Out_ PIO_STATUS_BLOCK IoStatus
,
6859 _In_ PDEVICE_OBJECT DeviceObject
);
6861 _Must_inspect_result_
6862 _IRQL_requires_max_(PASSIVE_LEVEL
)
6866 FsRtlMdlWriteCompleteDev(
6867 _In_ PFILE_OBJECT FileObject
,
6868 _In_ PLARGE_INTEGER FileOffset
,
6870 _In_opt_ PDEVICE_OBJECT DeviceObject
);
6872 _IRQL_requires_max_(PASSIVE_LEVEL
)
6876 FsRtlAcquireFileExclusive(
6877 _In_ PFILE_OBJECT FileObject
);
6879 _IRQL_requires_max_(APC_LEVEL
)
6884 _In_ PFILE_OBJECT FileObject
);
6886 _Must_inspect_result_
6887 _IRQL_requires_max_(PASSIVE_LEVEL
)
6892 _In_ PFILE_OBJECT FileObject
,
6893 _Out_ PLARGE_INTEGER FileSize
);
6895 _Must_inspect_result_
6899 FsRtlIsTotalDeviceFailure(
6900 _In_ NTSTATUS Status
);
6902 _Must_inspect_result_
6903 _IRQL_requires_max_(APC_LEVEL
)
6907 FsRtlAllocateFileLock(
6908 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
,
6909 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine
);
6911 _IRQL_requires_max_(APC_LEVEL
)
6916 _In_ PFILE_LOCK FileLock
);
6918 _IRQL_requires_max_(APC_LEVEL
)
6922 FsRtlInitializeFileLock(
6923 _Out_ PFILE_LOCK FileLock
,
6924 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine
,
6925 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine
);
6927 _IRQL_requires_max_(APC_LEVEL
)
6931 FsRtlUninitializeFileLock(
6932 _Inout_ PFILE_LOCK FileLock
);
6935 FsRtlProcessFileLock:
6938 -STATUS_INVALID_DEVICE_REQUEST
6939 -STATUS_RANGE_NOT_LOCKED from unlock routines.
6940 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
6941 (redirected IoStatus->Status).
6944 -switch ( Irp->CurrentStackLocation->MinorFunction )
6945 lock: return FsRtlPrivateLock;
6946 unlocksingle: return FsRtlFastUnlockSingle;
6947 unlockall: return FsRtlFastUnlockAll;
6948 unlockallbykey: return FsRtlFastUnlockAllByKey;
6949 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
6950 return STATUS_INVALID_DEVICE_REQUEST;
6952 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
6953 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
6955 _Must_inspect_result_
6956 _IRQL_requires_max_(APC_LEVEL
)
6960 FsRtlProcessFileLock(
6961 _In_ PFILE_LOCK FileLock
,
6963 _In_opt_ PVOID Context
);
6966 FsRtlCheckLockForReadAccess:
6968 All this really does is pick out the lock parameters from the irp (io stack
6969 location?), get IoGetRequestorProcess, and pass values on to
6970 FsRtlFastCheckLockForRead.
6972 _Must_inspect_result_
6973 _IRQL_requires_max_(APC_LEVEL
)
6977 FsRtlCheckLockForReadAccess(
6978 _In_ PFILE_LOCK FileLock
,
6982 FsRtlCheckLockForWriteAccess:
6984 All this really does is pick out the lock parameters from the irp (io stack
6985 location?), get IoGetRequestorProcess, and pass values on to
6986 FsRtlFastCheckLockForWrite.
6988 _Must_inspect_result_
6989 _IRQL_requires_max_(APC_LEVEL
)
6993 FsRtlCheckLockForWriteAccess(
6994 _In_ PFILE_LOCK FileLock
,
6997 _Must_inspect_result_
6998 _IRQL_requires_max_(APC_LEVEL
)
7002 FsRtlFastCheckLockForRead(
7003 _In_ PFILE_LOCK FileLock
,
7004 _In_ PLARGE_INTEGER FileOffset
,
7005 _In_ PLARGE_INTEGER Length
,
7007 _In_ PFILE_OBJECT FileObject
,
7008 _In_ PVOID Process
);
7010 _Must_inspect_result_
7011 _IRQL_requires_max_(APC_LEVEL
)
7015 FsRtlFastCheckLockForWrite(
7016 _In_ PFILE_LOCK FileLock
,
7017 _In_ PLARGE_INTEGER FileOffset
,
7018 _In_ PLARGE_INTEGER Length
,
7020 _In_ PFILE_OBJECT FileObject
,
7021 _In_ PVOID Process
);
7024 FsRtlGetNextFileLock:
7026 ret: NULL if no more locks
7029 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
7030 FileLock->LastReturnedLock as storage.
7031 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
7032 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
7033 calls with Restart = FALSE.
7035 _Must_inspect_result_
7036 _IRQL_requires_max_(APC_LEVEL
)
7040 FsRtlGetNextFileLock(
7041 _In_ PFILE_LOCK FileLock
,
7042 _In_ BOOLEAN Restart
);
7044 _IRQL_requires_max_(APC_LEVEL
)
7048 FsRtlFastUnlockSingle(
7049 _In_ PFILE_LOCK FileLock
,
7050 _In_ PFILE_OBJECT FileObject
,
7051 _In_ PLARGE_INTEGER FileOffset
,
7052 _In_ PLARGE_INTEGER Length
,
7053 _In_ PEPROCESS Process
,
7055 _In_opt_ PVOID Context
,
7056 _In_ BOOLEAN AlreadySynchronized
);
7058 _IRQL_requires_max_(APC_LEVEL
)
7063 _In_ PFILE_LOCK FileLock
,
7064 _In_ PFILE_OBJECT FileObject
,
7065 _In_ PEPROCESS Process
,
7066 _In_opt_ PVOID Context
);
7068 _IRQL_requires_max_(APC_LEVEL
)
7072 FsRtlFastUnlockAllByKey(
7073 _In_ PFILE_LOCK FileLock
,
7074 _In_ PFILE_OBJECT FileObject
,
7075 _In_ PEPROCESS Process
,
7077 _In_opt_ PVOID Context
);
7082 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
7085 -Calls IoCompleteRequest if Irp
7086 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
7088 _Must_inspect_result_
7089 _IRQL_requires_max_(APC_LEVEL
)
7090 __drv_preferredFunction(FsRtlFastLock
, "Obsolete")
7095 _In_ PFILE_LOCK FileLock
,
7096 _In_ PFILE_OBJECT FileObject
,
7097 _In_ PLARGE_INTEGER FileOffset
,
7098 _In_ PLARGE_INTEGER Length
,
7099 _In_ PEPROCESS Process
,
7101 _In_ BOOLEAN FailImmediately
,
7102 _In_ BOOLEAN ExclusiveLock
,
7103 _Out_ PIO_STATUS_BLOCK IoStatus
,
7105 _In_opt_ __drv_aliasesMem PVOID Context
,
7106 _In_ BOOLEAN AlreadySynchronized
);
7108 _IRQL_requires_max_(APC_LEVEL
)
7112 FsRtlInitializeTunnelCache(
7113 _In_ PTUNNEL Cache
);
7115 _IRQL_requires_max_(APC_LEVEL
)
7119 FsRtlAddToTunnelCache(
7121 _In_ ULONGLONG DirectoryKey
,
7122 _In_ PUNICODE_STRING ShortName
,
7123 _In_ PUNICODE_STRING LongName
,
7124 _In_ BOOLEAN KeyByShortName
,
7125 _In_ ULONG DataLength
,
7126 _In_reads_bytes_(DataLength
) PVOID Data
);
7128 _Must_inspect_result_
7129 _IRQL_requires_max_(APC_LEVEL
)
7133 FsRtlFindInTunnelCache(
7135 _In_ ULONGLONG DirectoryKey
,
7136 _In_ PUNICODE_STRING Name
,
7137 _Out_ PUNICODE_STRING ShortName
,
7138 _Out_ PUNICODE_STRING LongName
,
7139 _Inout_ PULONG DataLength
,
7140 _Out_writes_bytes_to_(*DataLength
, *DataLength
) PVOID Data
);
7142 _IRQL_requires_max_(APC_LEVEL
)
7146 FsRtlDeleteKeyFromTunnelCache(
7148 _In_ ULONGLONG DirectoryKey
);
7150 _IRQL_requires_max_(APC_LEVEL
)
7154 FsRtlDeleteTunnelCache(
7155 _In_ PTUNNEL Cache
);
7157 _IRQL_requires_max_(APC_LEVEL
)
7162 _In_ ANSI_STRING Name
,
7163 _Out_ PANSI_STRING FirstPart
,
7164 _Out_ PANSI_STRING RemainingPart
);
7166 _Must_inspect_result_
7167 _IRQL_requires_max_(APC_LEVEL
)
7171 FsRtlDoesDbcsContainWildCards(
7172 _In_ PANSI_STRING Name
);
7174 _Must_inspect_result_
7175 _IRQL_requires_max_(APC_LEVEL
)
7179 FsRtlIsDbcsInExpression(
7180 _In_ PANSI_STRING Expression
,
7181 _In_ PANSI_STRING Name
);
7183 _Must_inspect_result_
7184 _IRQL_requires_max_(APC_LEVEL
)
7188 FsRtlIsFatDbcsLegal(
7189 _In_ ANSI_STRING DbcsName
,
7190 _In_ BOOLEAN WildCardsPermissible
,
7191 _In_ BOOLEAN PathNamePermissible
,
7192 _In_ BOOLEAN LeadingBackslashPermissible
);
7194 _Must_inspect_result_
7195 _IRQL_requires_max_(APC_LEVEL
)
7199 FsRtlIsHpfsDbcsLegal(
7200 _In_ ANSI_STRING DbcsName
,
7201 _In_ BOOLEAN WildCardsPermissible
,
7202 _In_ BOOLEAN PathNamePermissible
,
7203 _In_ BOOLEAN LeadingBackslashPermissible
);
7208 FsRtlNormalizeNtstatus(
7209 _In_ NTSTATUS Exception
,
7210 _In_ NTSTATUS GenericException
);
7212 _Must_inspect_result_
7216 FsRtlIsNtstatusExpected(
7217 _In_ NTSTATUS Ntstatus
);
7219 _IRQL_requires_max_(APC_LEVEL
)
7220 __drv_preferredFunction(ExAllocateFromNPagedLookasideList
, "The FsRtlAllocateResource routine is obsolete, but is exported to support existing driver binaries. Use ExAllocateFromNPagedLookasideList and ExInitializeResourceLite instead.")
7224 FsRtlAllocateResource(VOID
);
7226 _IRQL_requires_max_(APC_LEVEL
)
7230 FsRtlInitializeLargeMcb(
7231 _Out_ PLARGE_MCB Mcb
,
7232 _In_ POOL_TYPE PoolType
);
7234 _IRQL_requires_max_(APC_LEVEL
)
7238 FsRtlUninitializeLargeMcb(
7239 _Inout_ PLARGE_MCB Mcb
);
7241 _IRQL_requires_max_(APC_LEVEL
)
7246 _Inout_ PLARGE_MCB Mcb
,
7247 _In_ BOOLEAN SelfSynchronized
);
7249 _IRQL_requires_max_(APC_LEVEL
)
7253 FsRtlTruncateLargeMcb(
7254 _Inout_ PLARGE_MCB Mcb
,
7257 _Must_inspect_result_
7258 _IRQL_requires_max_(APC_LEVEL
)
7262 FsRtlAddLargeMcbEntry(
7263 _Inout_ PLARGE_MCB Mcb
,
7266 _In_ LONGLONG SectorCount
);
7268 _IRQL_requires_max_(APC_LEVEL
)
7272 FsRtlRemoveLargeMcbEntry(
7273 _Inout_ PLARGE_MCB Mcb
,
7275 _In_ LONGLONG SectorCount
);
7277 _IRQL_requires_max_(APC_LEVEL
)
7281 FsRtlLookupLargeMcbEntry(
7282 _In_ PLARGE_MCB Mcb
,
7284 _Out_opt_ PLONGLONG Lbn
,
7285 _Out_opt_ PLONGLONG SectorCountFromLbn
,
7286 _Out_opt_ PLONGLONG StartingLbn
,
7287 _Out_opt_ PLONGLONG SectorCountFromStartingLbn
,
7288 _Out_opt_ PULONG Index
);
7290 _IRQL_requires_max_(APC_LEVEL
)
7294 FsRtlLookupLastLargeMcbEntry(
7295 _In_ PLARGE_MCB Mcb
,
7296 _Out_ PLONGLONG Vbn
,
7297 _Out_ PLONGLONG Lbn
);
7299 _IRQL_requires_max_(APC_LEVEL
)
7303 FsRtlLookupLastLargeMcbEntryAndIndex(
7304 _In_ PLARGE_MCB OpaqueMcb
,
7305 _Out_ PLONGLONG LargeVbn
,
7306 _Out_ PLONGLONG LargeLbn
,
7307 _Out_ PULONG Index
);
7309 _IRQL_requires_max_(APC_LEVEL
)
7313 FsRtlNumberOfRunsInLargeMcb(
7314 _In_ PLARGE_MCB Mcb
);
7316 _Must_inspect_result_
7317 _IRQL_requires_max_(APC_LEVEL
)
7321 FsRtlGetNextLargeMcbEntry(
7322 _In_ PLARGE_MCB Mcb
,
7323 _In_ ULONG RunIndex
,
7324 _Out_ PLONGLONG Vbn
,
7325 _Out_ PLONGLONG Lbn
,
7326 _Out_ PLONGLONG SectorCount
);
7328 _Must_inspect_result_
7329 _IRQL_requires_max_(APC_LEVEL
)
7334 _Inout_ PLARGE_MCB Mcb
,
7336 _In_ LONGLONG Amount
);
7338 _IRQL_requires_max_(APC_LEVEL
)
7339 __drv_preferredFunction(FsRtlInitializeLargeMcb
, "Obsolete")
7345 _In_ POOL_TYPE PoolType
);
7347 _IRQL_requires_max_(APC_LEVEL
)
7351 FsRtlUninitializeMcb(
7354 _IRQL_requires_max_(APC_LEVEL
)
7362 _IRQL_requires_max_(APC_LEVEL
)
7370 _In_ ULONG SectorCount
);
7372 _IRQL_requires_max_(APC_LEVEL
)
7376 FsRtlRemoveMcbEntry(
7379 _In_ ULONG SectorCount
);
7381 _IRQL_requires_max_(APC_LEVEL
)
7385 FsRtlLookupMcbEntry(
7389 _Out_opt_ PULONG SectorCount
,
7390 _Out_ PULONG Index
);
7392 _IRQL_requires_max_(APC_LEVEL
)
7396 FsRtlLookupLastMcbEntry(
7401 _IRQL_requires_max_(APC_LEVEL
)
7405 FsRtlNumberOfRunsInMcb(
7408 _Must_inspect_result_
7409 _IRQL_requires_max_(APC_LEVEL
)
7413 FsRtlGetNextMcbEntry(
7415 _In_ ULONG RunIndex
,
7418 _Out_ PULONG SectorCount
);
7420 _IRQL_requires_max_(PASSIVE_LEVEL
)
7425 _In_ PDEVICE_OBJECT TargetDevice
);
7427 _IRQL_requires_max_(APC_LEVEL
)
7431 FsRtlInitializeOplock(
7432 _Inout_ POPLOCK Oplock
);
7434 _IRQL_requires_max_(APC_LEVEL
)
7438 FsRtlUninitializeOplock(
7439 _Inout_ POPLOCK Oplock
);
7441 _Must_inspect_result_
7442 _IRQL_requires_max_(APC_LEVEL
)
7447 _In_ POPLOCK Oplock
,
7449 _In_ ULONG OpenCount
);
7451 _When_(CompletionRoutine
!= NULL
, _Must_inspect_result_
)
7452 _IRQL_requires_max_(APC_LEVEL
)
7457 _In_ POPLOCK Oplock
,
7459 _In_opt_ PVOID Context
,
7460 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
7461 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
7463 _Must_inspect_result_
7464 _IRQL_requires_max_(APC_LEVEL
)
7468 FsRtlOplockIsFastIoPossible(
7469 _In_ POPLOCK Oplock
);
7471 _Must_inspect_result_
7472 _IRQL_requires_max_(APC_LEVEL
)
7476 FsRtlCurrentBatchOplock(
7477 _In_ POPLOCK Oplock
);
7479 _IRQL_requires_max_(APC_LEVEL
)
7483 FsRtlNotifyVolumeEvent(
7484 _In_ PFILE_OBJECT FileObject
,
7485 _In_ ULONG EventCode
);
7487 _IRQL_requires_max_(APC_LEVEL
)
7491 FsRtlNotifyInitializeSync(
7492 _In_ PNOTIFY_SYNC
*NotifySync
);
7494 _IRQL_requires_max_(APC_LEVEL
)
7498 FsRtlNotifyUninitializeSync(
7499 _In_ PNOTIFY_SYNC
*NotifySync
);
7501 _IRQL_requires_max_(PASSIVE_LEVEL
)
7505 FsRtlNotifyFullChangeDirectory(
7506 _In_ PNOTIFY_SYNC NotifySync
,
7507 _In_ PLIST_ENTRY NotifyList
,
7508 _In_ PVOID FsContext
,
7509 _In_ PSTRING FullDirectoryName
,
7510 _In_ BOOLEAN WatchTree
,
7511 _In_ BOOLEAN IgnoreBuffer
,
7512 _In_ ULONG CompletionFilter
,
7513 _In_opt_ PIRP NotifyIrp
,
7514 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback
,
7515 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
);
7517 _IRQL_requires_max_(PASSIVE_LEVEL
)
7521 FsRtlNotifyFilterReportChange(
7522 _In_ PNOTIFY_SYNC NotifySync
,
7523 _In_ PLIST_ENTRY NotifyList
,
7524 _In_ PSTRING FullTargetName
,
7525 _In_ USHORT TargetNameOffset
,
7526 _In_opt_ PSTRING StreamName
,
7527 _In_opt_ PSTRING NormalizedParentName
,
7528 _In_ ULONG FilterMatch
,
7530 _In_opt_ PVOID TargetContext
,
7531 _In_opt_ PVOID FilterContext
);
7533 _IRQL_requires_max_(PASSIVE_LEVEL
)
7537 FsRtlNotifyFullReportChange(
7538 _In_ PNOTIFY_SYNC NotifySync
,
7539 _In_ PLIST_ENTRY NotifyList
,
7540 _In_ PSTRING FullTargetName
,
7541 _In_ USHORT TargetNameOffset
,
7542 _In_opt_ PSTRING StreamName
,
7543 _In_opt_ PSTRING NormalizedParentName
,
7544 _In_ ULONG FilterMatch
,
7546 _In_opt_ PVOID TargetContext
);
7548 _IRQL_requires_max_(APC_LEVEL
)
7553 _In_ PNOTIFY_SYNC NotifySync
,
7554 _In_ PLIST_ENTRY NotifyList
,
7555 _In_ PVOID FsContext
);
7557 _IRQL_requires_max_(PASSIVE_LEVEL
)
7562 _In_ UNICODE_STRING Name
,
7563 _Out_ PUNICODE_STRING FirstPart
,
7564 _Out_ PUNICODE_STRING RemainingPart
);
7566 _Must_inspect_result_
7567 _IRQL_requires_max_(PASSIVE_LEVEL
)
7571 FsRtlDoesNameContainWildCards(
7572 _In_ PUNICODE_STRING Name
);
7574 _Must_inspect_result_
7575 _IRQL_requires_max_(PASSIVE_LEVEL
)
7580 _In_ PCUNICODE_STRING Name1
,
7581 _In_ PCUNICODE_STRING Name2
,
7582 _In_ BOOLEAN IgnoreCase
,
7583 _In_reads_opt_(0x10000) PCWCH UpcaseTable
);
7585 _Must_inspect_result_
7586 _IRQL_requires_max_(PASSIVE_LEVEL
)
7590 FsRtlIsNameInExpression(
7591 _In_ PUNICODE_STRING Expression
,
7592 _In_ PUNICODE_STRING Name
,
7593 _In_ BOOLEAN IgnoreCase
,
7594 _In_opt_ PWCHAR UpcaseTable
);
7596 _IRQL_requires_max_(DISPATCH_LEVEL
)
7600 FsRtlPostPagingFileStackOverflow(
7603 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7605 _IRQL_requires_max_(DISPATCH_LEVEL
)
7609 FsRtlPostStackOverflow (
7612 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
);
7614 _Must_inspect_result_
7615 _IRQL_requires_max_(PASSIVE_LEVEL
)
7619 FsRtlRegisterUncProvider(
7620 _Out_ PHANDLE MupHandle
,
7621 _In_ PUNICODE_STRING RedirectorDeviceName
,
7622 _In_ BOOLEAN MailslotsSupported
);
7624 _IRQL_requires_max_(PASSIVE_LEVEL
)
7628 FsRtlDeregisterUncProvider(
7629 _In_ HANDLE Handle
);
7631 _IRQL_requires_max_(APC_LEVEL
)
7635 FsRtlTeardownPerStreamContexts(
7636 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader
);
7638 _Must_inspect_result_
7639 _IRQL_requires_max_(APC_LEVEL
)
7643 FsRtlCreateSectionForDataScan(
7644 _Out_ PHANDLE SectionHandle
,
7645 _Outptr_ PVOID
*SectionObject
,
7646 _Out_opt_ PLARGE_INTEGER SectionFileSize
,
7647 _In_ PFILE_OBJECT FileObject
,
7648 _In_ ACCESS_MASK DesiredAccess
,
7649 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
7650 _In_opt_ PLARGE_INTEGER MaximumSize
,
7651 _In_ ULONG SectionPageProtection
,
7652 _In_ ULONG AllocationAttributes
,
7655 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
7657 #if (NTDDI_VERSION >= NTDDI_WINXP)
7659 _IRQL_requires_max_(PASSIVE_LEVEL
)
7663 FsRtlNotifyFilterChangeDirectory(
7664 _In_ PNOTIFY_SYNC NotifySync
,
7665 _In_ PLIST_ENTRY NotifyList
,
7666 _In_ PVOID FsContext
,
7667 _In_ PSTRING FullDirectoryName
,
7668 _In_ BOOLEAN WatchTree
,
7669 _In_ BOOLEAN IgnoreBuffer
,
7670 _In_ ULONG CompletionFilter
,
7671 _In_opt_ PIRP NotifyIrp
,
7672 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback
,
7673 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
,
7674 _In_opt_ PFILTER_REPORT_CHANGE FilterCallback
);
7676 _Must_inspect_result_
7677 _IRQL_requires_max_(APC_LEVEL
)
7681 FsRtlInsertPerStreamContext(
7682 _In_ PFSRTL_ADVANCED_FCB_HEADER PerStreamContext
,
7683 _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
);
7685 _Must_inspect_result_
7686 _IRQL_requires_max_(APC_LEVEL
)
7688 PFSRTL_PER_STREAM_CONTEXT
7690 FsRtlLookupPerStreamContextInternal(
7691 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7692 _In_opt_ PVOID OwnerId
,
7693 _In_opt_ PVOID InstanceId
);
7695 _Must_inspect_result_
7696 _IRQL_requires_max_(APC_LEVEL
)
7698 PFSRTL_PER_STREAM_CONTEXT
7700 FsRtlRemovePerStreamContext(
7701 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext
,
7702 _In_opt_ PVOID OwnerId
,
7703 _In_opt_ PVOID InstanceId
);
7708 FsRtlIncrementCcFastReadNotPossible(
7714 FsRtlIncrementCcFastReadWait(VOID
);
7719 FsRtlIncrementCcFastReadNoWait(VOID
);
7724 FsRtlIncrementCcFastReadResourceMiss(VOID
);
7726 _IRQL_requires_max_(APC_LEVEL
)
7731 _In_ PFILE_OBJECT FileObject
);
7733 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
7735 #if (NTDDI_VERSION >= NTDDI_WS03)
7737 _IRQL_requires_max_(APC_LEVEL
)
7741 FsRtlInitializeBaseMcb(
7742 _Out_ PBASE_MCB Mcb
,
7743 _In_ POOL_TYPE PoolType
);
7745 _IRQL_requires_max_(APC_LEVEL
)
7749 FsRtlUninitializeBaseMcb(
7750 _In_ PBASE_MCB Mcb
);
7752 _IRQL_requires_max_(APC_LEVEL
)
7757 _Out_ PBASE_MCB Mcb
);
7759 _IRQL_requires_max_(APC_LEVEL
)
7763 FsRtlTruncateBaseMcb(
7764 _Inout_ PBASE_MCB Mcb
,
7767 _IRQL_requires_max_(APC_LEVEL
)
7771 FsRtlAddBaseMcbEntry(
7772 _Inout_ PBASE_MCB Mcb
,
7775 _In_ LONGLONG SectorCount
);
7777 _IRQL_requires_max_(APC_LEVEL
)
7781 FsRtlRemoveBaseMcbEntry(
7782 _Inout_ PBASE_MCB Mcb
,
7784 _In_ LONGLONG SectorCount
);
7786 _IRQL_requires_max_(APC_LEVEL
)
7790 FsRtlLookupBaseMcbEntry(
7793 _Out_opt_ PLONGLONG Lbn
,
7794 _Out_opt_ PLONGLONG SectorCountFromLbn
,
7795 _Out_opt_ PLONGLONG StartingLbn
,
7796 _Out_opt_ PLONGLONG SectorCountFromStartingLbn
,
7797 _Out_opt_ PULONG Index
);
7799 _IRQL_requires_max_(APC_LEVEL
)
7803 FsRtlLookupLastBaseMcbEntry(
7805 _Out_ PLONGLONG Vbn
,
7806 _Out_ PLONGLONG Lbn
);
7808 _IRQL_requires_max_(APC_LEVEL
)
7812 FsRtlLookupLastBaseMcbEntryAndIndex(
7813 _In_ PBASE_MCB OpaqueMcb
,
7814 _Inout_ PLONGLONG LargeVbn
,
7815 _Inout_ PLONGLONG LargeLbn
,
7816 _Inout_ PULONG Index
);
7818 _IRQL_requires_max_(APC_LEVEL
)
7822 FsRtlNumberOfRunsInBaseMcb(
7823 _In_ PBASE_MCB Mcb
);
7825 _IRQL_requires_max_(APC_LEVEL
)
7829 FsRtlGetNextBaseMcbEntry(
7831 _In_ ULONG RunIndex
,
7832 _Out_ PLONGLONG Vbn
,
7833 _Out_ PLONGLONG Lbn
,
7834 _Out_ PLONGLONG SectorCount
);
7836 _IRQL_requires_max_(APC_LEVEL
)
7841 _Inout_ PBASE_MCB Mcb
,
7843 _In_ LONGLONG Amount
);
7845 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
7847 #if (NTDDI_VERSION >= NTDDI_VISTA)
7849 _When_(!Flags
& MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE
, _Must_inspect_result_
)
7850 _IRQL_requires_max_(APC_LEVEL
)
7853 FsRtlInitializeBaseMcbEx(
7854 _Out_ PBASE_MCB Mcb
,
7855 _In_ POOL_TYPE PoolType
,
7858 _Must_inspect_result_
7859 _IRQL_requires_max_(APC_LEVEL
)
7862 FsRtlAddBaseMcbEntryEx(
7863 _Inout_ PBASE_MCB Mcb
,
7866 _In_ LONGLONG SectorCount
);
7868 _Must_inspect_result_
7869 _IRQL_requires_max_(APC_LEVEL
)
7874 _In_ POPLOCK Oplock
);
7876 _Must_inspect_result_
7877 _IRQL_requires_max_(APC_LEVEL
)
7881 FsRtlOplockBreakToNone(
7882 _Inout_ POPLOCK Oplock
,
7883 _In_opt_ PIO_STACK_LOCATION IrpSp
,
7885 _In_opt_ PVOID Context
,
7886 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
7887 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
7889 _IRQL_requires_max_(DISPATCH_LEVEL
)
7893 FsRtlNotifyVolumeEventEx(
7894 _In_ PFILE_OBJECT FileObject
,
7895 _In_ ULONG EventCode
,
7896 _In_ PTARGET_DEVICE_CUSTOM_NOTIFICATION Event
);
7898 _IRQL_requires_max_(APC_LEVEL
)
7902 FsRtlNotifyCleanupAll(
7903 _In_ PNOTIFY_SYNC NotifySync
,
7904 _In_ PLIST_ENTRY NotifyList
);
7906 _Must_inspect_result_
7907 _IRQL_requires_max_(PASSIVE_LEVEL
)
7910 FsRtlRegisterUncProviderEx(
7911 _Out_ PHANDLE MupHandle
,
7912 _In_ PUNICODE_STRING RedirDevName
,
7913 _In_ PDEVICE_OBJECT DeviceObject
,
7916 _Must_inspect_result_
7917 _When_(Irp
!=NULL
, _IRQL_requires_max_(PASSIVE_LEVEL
))
7918 _When_(Irp
==NULL
, _IRQL_requires_max_(APC_LEVEL
))
7922 FsRtlCancellableWaitForSingleObject(
7924 _In_opt_ PLARGE_INTEGER Timeout
,
7927 _Must_inspect_result_
7928 _When_(Irp
!= NULL
, _IRQL_requires_max_(PASSIVE_LEVEL
))
7929 _When_(Irp
== NULL
, _IRQL_requires_max_(APC_LEVEL
))
7933 FsRtlCancellableWaitForMultipleObjects(
7935 _In_reads_(Count
) PVOID ObjectArray
[],
7936 _In_ WAIT_TYPE WaitType
,
7937 _In_opt_ PLARGE_INTEGER Timeout
,
7938 _In_opt_ PKWAIT_BLOCK WaitBlockArray
,
7941 _Must_inspect_result_
7942 _IRQL_requires_max_(APC_LEVEL
)
7946 FsRtlMupGetProviderInfoFromFileObject(
7947 _In_ PFILE_OBJECT pFileObject
,
7949 _Out_writes_bytes_(*pBufferSize
) PVOID pBuffer
,
7950 _Inout_ PULONG pBufferSize
);
7952 _Must_inspect_result_
7953 _IRQL_requires_max_(APC_LEVEL
)
7957 FsRtlMupGetProviderIdFromName(
7958 _In_ PUNICODE_STRING pProviderName
,
7959 _Out_ PULONG32 pProviderId
);
7964 FsRtlIncrementCcFastMdlReadWait(VOID
);
7966 _Must_inspect_result_
7967 _IRQL_requires_max_(PASSIVE_LEVEL
)
7971 FsRtlValidateReparsePointBuffer(
7972 _In_ ULONG BufferLength
,
7973 _In_reads_bytes_(BufferLength
) PREPARSE_DATA_BUFFER ReparseBuffer
);
7975 _Must_inspect_result_
7976 _IRQL_requires_max_(PASSIVE_LEVEL
)
7980 FsRtlRemoveDotsFromPath(
7981 _Inout_updates_bytes_(PathLength
) PWSTR OriginalString
,
7982 _In_ USHORT PathLength
,
7983 _Out_ USHORT
*NewLength
);
7985 _Must_inspect_result_
7986 _IRQL_requires_max_(APC_LEVEL
)
7990 FsRtlAllocateExtraCreateParameterList(
7991 _In_ FSRTL_ALLOCATE_ECPLIST_FLAGS Flags
,
7992 _Outptr_ PECP_LIST
*EcpList
);
7994 _IRQL_requires_max_(APC_LEVEL
)
7998 FsRtlFreeExtraCreateParameterList(
7999 _In_ PECP_LIST EcpList
);
8001 _Must_inspect_result_
8002 _IRQL_requires_max_(APC_LEVEL
)
8006 FsRtlAllocateExtraCreateParameter(
8007 _In_ LPCGUID EcpType
,
8008 _In_ ULONG SizeOfContext
,
8009 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags
,
8010 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8012 _Outptr_result_bytebuffer_(SizeOfContext
) PVOID
*EcpContext
);
8014 _IRQL_requires_max_(APC_LEVEL
)
8018 FsRtlFreeExtraCreateParameter(
8019 _In_ PVOID EcpContext
);
8021 _When_(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
, _IRQL_requires_max_(DISPATCH_LEVEL
))
8022 _When_(!(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
), _IRQL_requires_max_(APC_LEVEL
))
8026 FsRtlInitExtraCreateParameterLookasideList(
8027 _Inout_ PVOID Lookaside
,
8028 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags
,
8032 _When_(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
, _IRQL_requires_max_(DISPATCH_LEVEL
))
8033 _When_(!(Flags
|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL
), _IRQL_requires_max_(APC_LEVEL
))
8036 FsRtlDeleteExtraCreateParameterLookasideList(
8037 _Inout_ PVOID Lookaside
,
8038 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags
);
8040 _Must_inspect_result_
8041 _IRQL_requires_max_(APC_LEVEL
)
8045 FsRtlAllocateExtraCreateParameterFromLookasideList(
8046 _In_ LPCGUID EcpType
,
8047 ULONG SizeOfContext
,
8048 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags
,
8049 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8050 _Inout_ PVOID LookasideList
,
8051 _Outptr_ PVOID
*EcpContext
);
8053 _Must_inspect_result_
8054 _IRQL_requires_max_(APC_LEVEL
)
8058 FsRtlInsertExtraCreateParameter(
8059 _Inout_ PECP_LIST EcpList
,
8060 _Inout_ PVOID EcpContext
);
8062 _Must_inspect_result_
8063 _IRQL_requires_max_(APC_LEVEL
)
8067 FsRtlFindExtraCreateParameter(
8068 _In_ PECP_LIST EcpList
,
8069 _In_ LPCGUID EcpType
,
8070 _Outptr_opt_ PVOID
*EcpContext
,
8071 _Out_opt_ ULONG
*EcpContextSize
);
8073 _Must_inspect_result_
8074 _IRQL_requires_max_(APC_LEVEL
)
8078 FsRtlRemoveExtraCreateParameter(
8079 _Inout_ PECP_LIST EcpList
,
8080 _In_ LPCGUID EcpType
,
8081 _Outptr_ PVOID
*EcpContext
,
8082 _Out_opt_ ULONG
*EcpContextSize
);
8084 _Must_inspect_result_
8085 _IRQL_requires_max_(APC_LEVEL
)
8089 FsRtlGetEcpListFromIrp(
8091 _Outptr_result_maybenull_ PECP_LIST
*EcpList
);
8093 _Must_inspect_result_
8094 _IRQL_requires_max_(APC_LEVEL
)
8098 FsRtlSetEcpListIntoIrp(
8100 _In_ PECP_LIST EcpList
);
8102 _Must_inspect_result_
8103 _IRQL_requires_max_(APC_LEVEL
)
8107 FsRtlGetNextExtraCreateParameter(
8108 _In_ PECP_LIST EcpList
,
8109 _In_opt_ PVOID CurrentEcpContext
,
8110 _Out_opt_ LPGUID NextEcpType
,
8111 _Outptr_opt_ PVOID
*NextEcpContext
,
8112 _Out_opt_ ULONG
*NextEcpContextSize
);
8114 _IRQL_requires_max_(APC_LEVEL
)
8118 FsRtlAcknowledgeEcp(
8119 _In_ PVOID EcpContext
);
8121 _IRQL_requires_max_(APC_LEVEL
)
8125 FsRtlIsEcpAcknowledged(
8126 _In_ PVOID EcpContext
);
8128 _IRQL_requires_max_(APC_LEVEL
)
8132 FsRtlIsEcpFromUserMode(
8133 _In_ PVOID EcpContext
);
8135 _Must_inspect_result_
8136 _IRQL_requires_max_(PASSIVE_LEVEL
)
8140 FsRtlChangeBackingFileObject(
8141 _In_opt_ PFILE_OBJECT CurrentFileObject
,
8142 _In_ PFILE_OBJECT NewFileObject
,
8143 _In_ FSRTL_CHANGE_BACKING_TYPE ChangeBackingType
,
8146 _Must_inspect_result_
8147 _IRQL_requires_max_(APC_LEVEL
)
8151 FsRtlLogCcFlushError(
8152 _In_ PUNICODE_STRING FileName
,
8153 _In_ PDEVICE_OBJECT DeviceObject
,
8154 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8155 _In_ NTSTATUS FlushError
,
8158 _IRQL_requires_max_(APC_LEVEL
)
8162 FsRtlAreVolumeStartupApplicationsComplete(VOID
);
8167 FsRtlQueryMaximumVirtualDiskNestingLevel(VOID
);
8172 FsRtlGetVirtualDiskNestingLevel(
8173 _In_ PDEVICE_OBJECT DeviceObject
,
8174 _Out_ PULONG NestingLevel
,
8175 _Out_opt_ PULONG NestingFlags
);
8177 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8179 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
8180 _When_(Flags
| OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK
, _Must_inspect_result_
)
8181 _IRQL_requires_max_(APC_LEVEL
)
8186 _In_ POPLOCK Oplock
,
8189 _In_opt_ PVOID Context
,
8190 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8191 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8195 #if (NTDDI_VERSION >= NTDDI_WIN7)
8197 _IRQL_requires_max_(APC_LEVEL
)
8201 FsRtlAreThereCurrentOrInProgressFileLocks(
8202 _In_ PFILE_LOCK FileLock
);
8204 _Must_inspect_result_
8205 _IRQL_requires_max_(APC_LEVEL
)
8209 FsRtlOplockIsSharedRequest(
8212 _Must_inspect_result_
8213 _IRQL_requires_max_(APC_LEVEL
)
8218 _In_ POPLOCK Oplock
,
8221 _In_opt_ PVOID Context
,
8222 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8223 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8225 _IRQL_requires_max_(APC_LEVEL
)
8229 FsRtlCurrentOplockH(
8230 _In_ POPLOCK Oplock
);
8232 _Must_inspect_result_
8233 _IRQL_requires_max_(APC_LEVEL
)
8237 FsRtlOplockBreakToNoneEx(
8238 _Inout_ POPLOCK Oplock
,
8241 _In_opt_ PVOID Context
,
8242 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine
,
8243 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine
);
8245 _Must_inspect_result_
8246 _IRQL_requires_max_(APC_LEVEL
)
8250 FsRtlOplockFsctrlEx(
8251 _In_ POPLOCK Oplock
,
8253 _In_ ULONG OpenCount
,
8256 _IRQL_requires_max_(APC_LEVEL
)
8260 FsRtlOplockKeysEqual(
8261 _In_opt_ PFILE_OBJECT Fo1
,
8262 _In_opt_ PFILE_OBJECT Fo2
);
8267 FsRtlInitializeExtraCreateParameterList(
8268 _Inout_ PECP_LIST EcpList
);
8273 FsRtlInitializeExtraCreateParameter(
8274 _Out_ PECP_HEADER Ecp
,
8275 _In_ ULONG EcpFlags
,
8276 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback
,
8277 _In_ ULONG TotalSize
,
8278 _In_ LPCGUID EcpType
,
8279 _In_opt_ PVOID ListAllocatedFrom
);
8281 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
8283 _Must_inspect_result_
8284 _IRQL_requires_max_(APC_LEVEL
)
8288 FsRtlInsertPerFileContext(
8289 _In_ PVOID
* PerFileContextPointer
,
8290 _In_ PFSRTL_PER_FILE_CONTEXT Ptr
);
8292 _Must_inspect_result_
8293 _IRQL_requires_max_(APC_LEVEL
)
8295 PFSRTL_PER_FILE_CONTEXT
8297 FsRtlLookupPerFileContext(
8298 _In_ PVOID
* PerFileContextPointer
,
8299 _In_opt_ PVOID OwnerId
,
8300 _In_opt_ PVOID InstanceId
);
8302 _Must_inspect_result_
8303 _IRQL_requires_max_(APC_LEVEL
)
8305 PFSRTL_PER_FILE_CONTEXT
8307 FsRtlRemovePerFileContext(
8308 _In_ PVOID
* PerFileContextPointer
,
8309 _In_opt_ PVOID OwnerId
,
8310 _In_opt_ PVOID InstanceId
);
8312 _IRQL_requires_max_(APC_LEVEL
)
8316 FsRtlTeardownPerFileContexts(
8317 _In_ PVOID
* PerFileContextPointer
);
8319 _Must_inspect_result_
8320 _IRQL_requires_max_(APC_LEVEL
)
8324 FsRtlInsertPerFileObjectContext(
8325 _In_ PFILE_OBJECT FileObject
,
8326 _In_ PFSRTL_PER_FILEOBJECT_CONTEXT Ptr
);
8328 _Must_inspect_result_
8329 _IRQL_requires_max_(APC_LEVEL
)
8331 PFSRTL_PER_FILEOBJECT_CONTEXT
8333 FsRtlLookupPerFileObjectContext(
8334 _In_ PFILE_OBJECT FileObject
,
8335 _In_opt_ PVOID OwnerId
,
8336 _In_opt_ PVOID InstanceId
);
8338 _Must_inspect_result_
8339 _IRQL_requires_max_(APC_LEVEL
)
8341 PFSRTL_PER_FILEOBJECT_CONTEXT
8343 FsRtlRemovePerFileObjectContext(
8344 _In_ PFILE_OBJECT FileObject
,
8345 _In_opt_ PVOID OwnerId
,
8346 _In_opt_ PVOID InstanceId
);
8348 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) ( \
8349 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11) \
8352 #define FsRtlAreThereCurrentFileLocks(FL) ( \
8353 ((FL)->FastIoIsQuestionable) \
8356 #define FsRtlIncrementLockRequestsInProgress(FL) { \
8357 ASSERT( (FL)->LockRequestsInProgress >= 0 ); \
8359 (InterlockedIncrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8362 #define FsRtlDecrementLockRequestsInProgress(FL) { \
8363 ASSERT( (FL)->LockRequestsInProgress > 0 ); \
8365 (InterlockedDecrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8368 /* GCC compatible definition, MS one is retarded */
8369 extern NTKERNELAPI
const UCHAR
* const FsRtlLegalAnsiCharacterArray
;
8370 #define LEGAL_ANSI_CHARACTER_ARRAY FsRtlLegalAnsiCharacterArray
8372 #define FsRtlIsAnsiCharacterWild(C) ( \
8373 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], FSRTL_WILD_CHARACTER ) \
8376 #define FsRtlIsAnsiCharacterLegalFat(C, WILD) ( \
8377 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_FAT_LEGAL) | \
8378 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8381 #define FsRtlIsAnsiCharacterLegalHpfs(C, WILD) ( \
8382 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_HPFS_LEGAL) | \
8383 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8386 #define FsRtlIsAnsiCharacterLegalNtfs(C, WILD) ( \
8387 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_NTFS_LEGAL) | \
8388 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8391 #define FsRtlIsAnsiCharacterLegalNtfsStream(C,WILD_OK) ( \
8392 FsRtlTestAnsiCharacter((C), TRUE, (WILD_OK), FSRTL_NTFS_STREAM_LEGAL) \
8395 #define FsRtlIsAnsiCharacterLegal(C,FLAGS) ( \
8396 FsRtlTestAnsiCharacter((C), TRUE, FALSE, (FLAGS)) \
8399 #define FsRtlTestAnsiCharacter(C, DEFAULT_RET, WILD_OK, FLAGS) ( \
8400 ((SCHAR)(C) < 0) ? DEFAULT_RET : \
8401 FlagOn( LEGAL_ANSI_CHARACTER_ARRAY[(C)], \
8403 ((WILD_OK) ? FSRTL_WILD_CHARACTER : 0) ) \
8406 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) ( \
8407 (BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
8408 (NLS_MB_CODE_PAGE_TAG && \
8409 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))) \
8412 #define FsRtlIsUnicodeCharacterWild(C) ( \
8415 FlagOn(FsRtlLegalAnsiCharacterArray[(C)], FSRTL_WILD_CHARACTER )) \
8418 #define FsRtlInitPerFileContext( _fc, _owner, _inst, _cb) \
8419 ((_fc)->OwnerId = (_owner), \
8420 (_fc)->InstanceId = (_inst), \
8421 (_fc)->FreeCallback = (_cb))
8423 #define FsRtlGetPerFileContextPointer(_fo) \
8424 (FsRtlSupportsPerFileContexts(_fo) ? \
8425 FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer : \
8428 #define FsRtlSupportsPerFileContexts(_fo) \
8429 ((FsRtlGetPerStreamContextPointer(_fo) != NULL) && \
8430 (FsRtlGetPerStreamContextPointer(_fo)->Version >= FSRTL_FCB_HEADER_V1) && \
8431 (FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer != NULL))
8433 #define FsRtlSetupAdvancedHeaderEx( _advhdr, _fmutx, _fctxptr ) \
8435 FsRtlSetupAdvancedHeader( _advhdr, _fmutx ); \
8436 if ((_fctxptr) != NULL) { \
8437 (_advhdr)->FileContextSupportPointer = (_fctxptr); \
8441 #define FsRtlGetPerStreamContextPointer(FO) ( \
8442 (PFSRTL_ADVANCED_FCB_HEADER)(FO)->FsContext \
8445 #define FsRtlInitPerStreamContext(PSC, O, I, FC) ( \
8446 (PSC)->OwnerId = (O), \
8447 (PSC)->InstanceId = (I), \
8448 (PSC)->FreeCallback = (FC) \
8451 #define FsRtlSupportsPerStreamContexts(FO) ( \
8452 (BOOLEAN)((NULL != FsRtlGetPerStreamContextPointer(FO) && \
8453 FlagOn(FsRtlGetPerStreamContextPointer(FO)->Flags2, \
8454 FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS)) \
8457 #define FsRtlLookupPerStreamContext(_sc, _oid, _iid) \
8458 (((NULL != (_sc)) && \
8459 FlagOn((_sc)->Flags2,FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS) && \
8460 !IsListEmpty(&(_sc)->FilterContexts)) ? \
8461 FsRtlLookupPerStreamContextInternal((_sc), (_oid), (_iid)) : \
8464 _IRQL_requires_max_(APC_LEVEL
)
8468 FsRtlSetupAdvancedHeader(
8470 _In_ PFAST_MUTEX FMutex
)
8472 PFSRTL_ADVANCED_FCB_HEADER localAdvHdr
= (PFSRTL_ADVANCED_FCB_HEADER
)AdvHdr
;
8474 localAdvHdr
->Flags
|= FSRTL_FLAG_ADVANCED_HEADER
;
8475 localAdvHdr
->Flags2
|= FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS
;
8476 #if (NTDDI_VERSION >= NTDDI_VISTA)
8477 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V1
;
8479 localAdvHdr
->Version
= FSRTL_FCB_HEADER_V0
;
8481 InitializeListHead( &localAdvHdr
->FilterContexts
);
8482 if (FMutex
!= NULL
) {
8483 localAdvHdr
->FastMutex
= FMutex
;
8485 #if (NTDDI_VERSION >= NTDDI_VISTA)
8486 *((PULONG_PTR
)(&localAdvHdr
->PushLock
)) = 0;
8487 localAdvHdr
->FileContextSupportPointer
= NULL
;
8491 #define FsRtlInitPerFileObjectContext(_fc, _owner, _inst) \
8492 ((_fc)->OwnerId = (_owner), (_fc)->InstanceId = (_inst))
8494 #define FsRtlCompleteRequest(IRP,STATUS) { \
8495 (IRP)->IoStatus.Status = (STATUS); \
8496 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
8498 /* Common Cache Types */
8500 #define VACB_MAPPING_GRANULARITY (0x40000)
8501 #define VACB_OFFSET_SHIFT (18)
8503 typedef struct _PUBLIC_BCB
{
8504 CSHORT NodeTypeCode
;
8505 CSHORT NodeByteSize
;
8507 LARGE_INTEGER MappedFileOffset
;
8508 } PUBLIC_BCB
, *PPUBLIC_BCB
;
8510 typedef struct _CC_FILE_SIZES
{
8511 LARGE_INTEGER AllocationSize
;
8512 LARGE_INTEGER FileSize
;
8513 LARGE_INTEGER ValidDataLength
;
8514 } CC_FILE_SIZES
, *PCC_FILE_SIZES
;
8517 (NTAPI
*PACQUIRE_FOR_LAZY_WRITE
) (
8522 (NTAPI
*PRELEASE_FROM_LAZY_WRITE
) (
8523 _In_ PVOID Context
);
8526 (NTAPI
*PACQUIRE_FOR_READ_AHEAD
) (
8531 (NTAPI
*PRELEASE_FROM_READ_AHEAD
) (
8532 _In_ PVOID Context
);
8534 typedef struct _CACHE_MANAGER_CALLBACKS
{
8535 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite
;
8536 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite
;
8537 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead
;
8538 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead
;
8539 } CACHE_MANAGER_CALLBACKS
, *PCACHE_MANAGER_CALLBACKS
;
8541 typedef struct _CACHE_UNINITIALIZE_EVENT
{
8542 struct _CACHE_UNINITIALIZE_EVENT
*Next
;
8544 } CACHE_UNINITIALIZE_EVENT
, *PCACHE_UNINITIALIZE_EVENT
;
8547 (NTAPI
*PDIRTY_PAGE_ROUTINE
) (
8548 _In_ PFILE_OBJECT FileObject
,
8549 _In_ PLARGE_INTEGER FileOffset
,
8551 _In_ PLARGE_INTEGER OldestLsn
,
8552 _In_ PLARGE_INTEGER NewestLsn
,
8553 _In_ PVOID Context1
,
8554 _In_ PVOID Context2
);
8557 (NTAPI
*PFLUSH_TO_LSN
) (
8558 _In_ PVOID LogHandle
,
8559 _In_ LARGE_INTEGER Lsn
);
8562 (NTAPI
*PCC_POST_DEFERRED_WRITE
) (
8563 _In_ PVOID Context1
,
8564 _In_ PVOID Context2
);
8566 #define UNINITIALIZE_CACHE_MAPS (1)
8567 #define DO_NOT_RETRY_PURGE (2)
8568 #define DO_NOT_PURGE_DIRTY_PAGES (0x4)
8570 #define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
8571 /* Common Cache Functions */
8573 #define CcIsFileCached(FO) ( \
8574 ((FO)->SectionObjectPointer != NULL) && \
8575 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
8578 extern ULONG CcFastMdlReadWait
;
8580 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8585 CcInitializeCacheMap(
8586 _In_ PFILE_OBJECT FileObject
,
8587 _In_ PCC_FILE_SIZES FileSizes
,
8588 _In_ BOOLEAN PinAccess
,
8589 _In_ PCACHE_MANAGER_CALLBACKS Callbacks
,
8590 _In_ PVOID LazyWriteContext
);
8595 CcUninitializeCacheMap(
8596 _In_ PFILE_OBJECT FileObject
,
8597 _In_opt_ PLARGE_INTEGER TruncateSize
,
8598 _In_opt_ PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent
);
8604 IN PFILE_OBJECT FileObject
,
8605 IN PCC_FILE_SIZES FileSizes
);
8610 CcSetDirtyPageThreshold(
8611 _In_ PFILE_OBJECT FileObject
,
8612 _In_ ULONG DirtyPageThreshold
);
8618 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8619 _In_opt_ PLARGE_INTEGER FileOffset
,
8621 _Out_opt_ PIO_STATUS_BLOCK IoStatus
);
8626 CcGetFlushedValidData(
8627 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8628 _In_ BOOLEAN BcbListHeld
);
8634 _In_ PFILE_OBJECT FileObject
,
8635 _In_ PLARGE_INTEGER StartOffset
,
8636 _In_ PLARGE_INTEGER EndOffset
,
8656 _In_ BOOLEAN WriteThrough
,
8657 _Out_ PIO_STATUS_BLOCK IoStatus
);
8662 CcGetFileObjectFromSectionPtrs(
8663 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8668 CcGetFileObjectFromBcb(
8675 _In_opt_ PFILE_OBJECT FileObject
,
8676 _In_ ULONG BytesToWrite
,
8678 _In_ BOOLEAN Retrying
);
8684 _In_ PFILE_OBJECT FileObject
,
8685 _In_ PCC_POST_DEFERRED_WRITE PostRoutine
,
8686 _In_ PVOID Context1
,
8687 _In_ PVOID Context2
,
8688 _In_ ULONG BytesToWrite
,
8689 _In_ BOOLEAN Retrying
);
8695 _In_ PFILE_OBJECT FileObject
,
8696 _In_ PLARGE_INTEGER FileOffset
,
8699 _Out_writes_bytes_(Length
) PVOID Buffer
,
8700 _Out_ PIO_STATUS_BLOCK IoStatus
);
8706 _In_ PFILE_OBJECT FileObject
,
8707 _In_ ULONG FileOffset
,
8709 _In_ ULONG PageCount
,
8710 _Out_writes_bytes_(Length
) PVOID Buffer
,
8711 _Out_ PIO_STATUS_BLOCK IoStatus
);
8717 _In_ PFILE_OBJECT FileObject
,
8718 _In_ PLARGE_INTEGER FileOffset
,
8721 _In_reads_bytes_(Length
) PVOID Buffer
);
8727 _In_ PFILE_OBJECT FileObject
,
8728 _In_ ULONG FileOffset
,
8730 _In_reads_bytes_(Length
) PVOID Buffer
);
8736 _In_ PFILE_OBJECT FileObject
,
8737 _In_ PLARGE_INTEGER FileOffset
,
8739 _Out_ PMDL
*MdlChain
,
8740 _Out_ PIO_STATUS_BLOCK IoStatus
);
8746 _In_ PFILE_OBJECT FileObject
,
8747 _In_ PMDL MdlChain
);
8753 _In_ PFILE_OBJECT FileObject
,
8754 _In_ PLARGE_INTEGER FileOffset
,
8756 _Out_ PMDL
*MdlChain
,
8757 _Out_ PIO_STATUS_BLOCK IoStatus
);
8763 _In_ PFILE_OBJECT FileObject
,
8764 _In_ PLARGE_INTEGER FileOffset
,
8765 _In_ PMDL MdlChain
);
8770 CcScheduleReadAhead(
8771 _In_ PFILE_OBJECT FileObject
,
8772 _In_ PLARGE_INTEGER FileOffset
,
8778 CcWaitForCurrentLazyWriterActivity(VOID
);
8783 CcSetReadAheadGranularity(
8784 _In_ PFILE_OBJECT FileObject
,
8785 _In_ ULONG Granularity
);
8791 _In_ PFILE_OBJECT FileObject
,
8792 _In_ PLARGE_INTEGER FileOffset
,
8795 _Outptr_ PVOID
*Bcb
,
8796 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8802 _In_ PFILE_OBJECT FileObject
,
8803 _In_ PLARGE_INTEGER FileOffset
,
8806 _Inout_ PVOID
*Bcb
);
8812 _In_ PFILE_OBJECT FileObject
,
8813 _In_ PLARGE_INTEGER FileOffset
,
8817 _Outptr_ PVOID
*Bcb
,
8818 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8823 CcSetDirtyPinnedData(
8825 _In_opt_ PLARGE_INTEGER Lsn
);
8836 CcSetBcbOwnerPointer(
8838 _In_ PVOID OwnerPointer
);
8843 CcUnpinDataForThread(
8845 _In_ ERESOURCE_THREAD ResourceThreadId
);
8850 CcSetAdditionalCacheAttributes(
8851 _In_ PFILE_OBJECT FileObject
,
8852 _In_ BOOLEAN DisableReadAhead
,
8853 _In_ BOOLEAN DisableWriteBehind
);
8861 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
8863 #if (NTDDI_VERSION >= NTDDI_WINXP)
8869 _In_ PFILE_OBJECT FileObject
,
8870 _In_ PMDL MdlChain
);
8875 CcSetLogHandleForFile(
8876 _In_ PFILE_OBJECT FileObject
,
8877 _In_ PVOID LogHandle
,
8878 _In_ PFLUSH_TO_LSN FlushToLsnRoutine
);
8884 _In_ PVOID LogHandle
,
8885 _In_ PDIRTY_PAGE_ROUTINE DirtyPageRoutine
,
8886 _In_ PVOID Context1
,
8887 _In_ PVOID Context2
);
8891 #if (NTDDI_VERSION >= NTDDI_WINXP)
8892 _Success_(return!=FALSE
)
8897 _In_ PFILE_OBJECT FileObject
,
8898 _In_ PLARGE_INTEGER FileOffset
,
8901 _Outptr_ PVOID
*Bcb
,
8902 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8903 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8908 _In_ PFILE_OBJECT FileObject
,
8909 _In_ PLARGE_INTEGER FileOffset
,
8912 _Outptr_ PVOID
*Bcb
,
8913 _Outptr_result_bytebuffer_(Length
) PVOID
*Buffer
);
8916 #if (NTDDI_VERSION >= NTDDI_VISTA)
8922 _In_ PFILE_OBJECT FileObject
,
8923 _In_ PCC_FILE_SIZES FileSizes
);
8928 CcGetFileObjectFromSectionPtrsRef(
8929 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
);
8934 CcSetParallelFlushFile(
8935 _In_ PFILE_OBJECT FileObject
,
8936 _In_ BOOLEAN EnableParallelFlush
);
8940 CcIsThereDirtyDataEx(
8942 _In_opt_ PULONG NumberOfDirtyPages
);
8946 #if (NTDDI_VERSION >= NTDDI_WIN7)
8950 CcCoherencyFlushAndPurgeCache(
8951 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8952 _In_opt_ PLARGE_INTEGER FileOffset
,
8954 _Out_ PIO_STATUS_BLOCK IoStatus
,
8955 _In_opt_ ULONG Flags
);
8958 #define CcGetFileSizePointer(FO) ( \
8959 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
8962 #if (NTDDI_VERSION >= NTDDI_VISTA)
8966 CcPurgeCacheSection(
8967 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8968 _In_opt_ PLARGE_INTEGER FileOffset
,
8971 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8975 CcPurgeCacheSection(
8976 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer
,
8977 _In_opt_ PLARGE_INTEGER FileOffset
,
8979 _In_ BOOLEAN UninitializeCacheMaps
);
8982 #if (NTDDI_VERSION >= NTDDI_WIN7)
8986 CcCopyWriteWontFlush(
8987 _In_ PFILE_OBJECT FileObject
,
8988 _In_ PLARGE_INTEGER FileOffset
,
8991 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
8994 #define CcReadAhead(FO, FOFF, LEN) ( \
8995 if ((LEN) >= 256) { \
8996 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
8999 /******************************************************************************
9001 ******************************************************************************/
9005 _IRQL_requires_max_(PASSIVE_LEVEL
)
9010 _In_ HANDLE FileHandle
,
9011 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9012 _Out_writes_bytes_(Length
) PVOID Buffer
,
9014 _In_ BOOLEAN ReturnSingleEntry
,
9015 _In_reads_bytes_opt_(EaListLength
) PVOID EaList
,
9016 _In_ ULONG EaListLength
,
9017 _In_opt_ PULONG EaIndex
,
9018 _In_ BOOLEAN RestartScan
);
9020 _IRQL_requires_max_(PASSIVE_LEVEL
)
9025 _In_ HANDLE FileHandle
,
9026 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9027 _In_reads_bytes_(Length
) PVOID Buffer
,
9030 _IRQL_requires_max_(PASSIVE_LEVEL
)
9035 _In_ HANDLE ExistingTokenHandle
,
9036 _In_ ACCESS_MASK DesiredAccess
,
9037 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
9038 _In_ BOOLEAN EffectiveOnly
,
9039 _In_ TOKEN_TYPE TokenType
,
9040 _Out_ PHANDLE NewTokenHandle
);
9042 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9044 _IRQL_requires_max_(PASSIVE_LEVEL
)
9049 _In_opt_ HANDLE Handle
,
9050 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
,
9051 _Out_writes_bytes_opt_(ObjectInformationLength
) PVOID ObjectInformation
,
9052 _In_ ULONG ObjectInformationLength
,
9053 _Out_opt_ PULONG ReturnLength
);
9055 _IRQL_requires_max_(PASSIVE_LEVEL
)
9060 _In_ HANDLE KeyHandle
,
9061 _In_opt_ HANDLE EventHandle
,
9062 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9063 _In_opt_ PVOID ApcContext
,
9064 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9065 _In_ ULONG NotifyFilter
,
9066 _In_ BOOLEAN WatchSubtree
,
9067 _Out_writes_bytes_opt_(BufferLength
) PVOID Buffer
,
9068 _In_ ULONG BufferLength
,
9069 _In_ BOOLEAN Asynchronous
);
9071 _IRQL_requires_max_(PASSIVE_LEVEL
)
9076 _Out_ PHANDLE EventHandle
,
9077 _In_ ACCESS_MASK DesiredAccess
,
9078 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
9079 _In_ EVENT_TYPE EventType
,
9080 _In_ BOOLEAN InitialState
);
9082 _IRQL_requires_max_(PASSIVE_LEVEL
)
9087 _In_ POBJECT_ATTRIBUTES ObjectAttributes
);
9089 _IRQL_requires_max_(PASSIVE_LEVEL
)
9093 ZwQueryDirectoryFile(
9094 _In_ HANDLE FileHandle
,
9095 _In_opt_ HANDLE Event
,
9096 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9097 _In_opt_ PVOID ApcContext
,
9098 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9099 _Out_writes_bytes_(Length
) PVOID FileInformation
,
9101 _In_ FILE_INFORMATION_CLASS FileInformationClass
,
9102 _In_ BOOLEAN ReturnSingleEntry
,
9103 _In_opt_ PUNICODE_STRING FileName
,
9104 _In_ BOOLEAN RestartScan
);
9106 _IRQL_requires_max_(PASSIVE_LEVEL
)
9110 ZwSetVolumeInformationFile(
9111 _In_ HANDLE FileHandle
,
9112 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9113 _In_reads_bytes_(Length
) PVOID FsInformation
,
9115 _In_ FS_INFORMATION_CLASS FsInformationClass
);
9117 _IRQL_requires_max_(PASSIVE_LEVEL
)
9122 _In_ HANDLE FileHandle
,
9123 _In_opt_ HANDLE Event
,
9124 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9125 _In_opt_ PVOID ApcContext
,
9126 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9127 _In_ ULONG FsControlCode
,
9128 _In_reads_bytes_opt_(InputBufferLength
) PVOID InputBuffer
,
9129 _In_ ULONG InputBufferLength
,
9130 _Out_writes_bytes_opt_(OutputBufferLength
) PVOID OutputBuffer
,
9131 _In_ ULONG OutputBufferLength
);
9133 _IRQL_requires_max_(PASSIVE_LEVEL
)
9138 _In_ HANDLE SourceProcessHandle
,
9139 _In_ HANDLE SourceHandle
,
9140 _In_opt_ HANDLE TargetProcessHandle
,
9141 _Out_opt_ PHANDLE TargetHandle
,
9142 _In_ ACCESS_MASK DesiredAccess
,
9143 _In_ ULONG HandleAttributes
,
9144 _In_ ULONG Options
);
9146 _IRQL_requires_max_(PASSIVE_LEVEL
)
9150 ZwOpenDirectoryObject(
9151 _Out_ PHANDLE DirectoryHandle
,
9152 _In_ ACCESS_MASK DesiredAccess
,
9153 _In_ POBJECT_ATTRIBUTES ObjectAttributes
);
9155 _IRQL_requires_max_(PASSIVE_LEVEL
)
9156 _When_(return==0, __drv_allocatesMem(Region
))
9160 ZwAllocateVirtualMemory(
9161 _In_ HANDLE ProcessHandle
,
9162 _Inout_ PVOID
*BaseAddress
,
9163 _In_ ULONG_PTR ZeroBits
,
9164 _Inout_ PSIZE_T RegionSize
,
9165 _In_ ULONG AllocationType
,
9166 _In_ ULONG Protect
);
9168 _IRQL_requires_max_(PASSIVE_LEVEL
)
9169 _When_(return==0, __drv_freesMem(Region
))
9173 ZwFreeVirtualMemory(
9174 _In_ HANDLE ProcessHandle
,
9175 _Inout_ PVOID
*BaseAddress
,
9176 _Inout_ PSIZE_T RegionSize
,
9177 _In_ ULONG FreeType
);
9179 _When_(Timeout
== NULL
, _IRQL_requires_max_(APC_LEVEL
))
9180 _When_(Timeout
->QuadPart
!= 0, _IRQL_requires_max_(APC_LEVEL
))
9181 _When_(Timeout
->QuadPart
== 0, _IRQL_requires_max_(DISPATCH_LEVEL
))
9185 ZwWaitForSingleObject(
9187 _In_ BOOLEAN Alertable
,
9188 _In_opt_ PLARGE_INTEGER Timeout
);
9190 _IRQL_requires_max_(DISPATCH_LEVEL
)
9195 _In_ HANDLE EventHandle
,
9196 _Out_opt_ PLONG PreviousState
);
9198 _IRQL_requires_max_(APC_LEVEL
)
9202 ZwFlushVirtualMemory(
9203 _In_ HANDLE ProcessHandle
,
9204 _Inout_ PVOID
*BaseAddress
,
9205 _Inout_ PSIZE_T RegionSize
,
9206 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
9208 _IRQL_requires_max_(PASSIVE_LEVEL
)
9212 ZwQueryInformationToken(
9213 _In_ HANDLE TokenHandle
,
9214 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
9215 _Out_writes_bytes_to_opt_(Length
,*ResultLength
) PVOID TokenInformation
,
9217 _Out_ PULONG ResultLength
);
9219 _IRQL_requires_max_(PASSIVE_LEVEL
)
9223 ZwSetSecurityObject(
9225 _In_ SECURITY_INFORMATION SecurityInformation
,
9226 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
9228 _IRQL_requires_max_(PASSIVE_LEVEL
)
9232 ZwQuerySecurityObject(
9233 _In_ HANDLE FileHandle
,
9234 _In_ SECURITY_INFORMATION SecurityInformation
,
9235 _Out_writes_bytes_to_(Length
,*ResultLength
) PSECURITY_DESCRIPTOR SecurityDescriptor
,
9237 _Out_ PULONG ResultLength
);
9238 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
9240 #if (NTDDI_VERSION >= NTDDI_WINXP)
9242 _IRQL_requires_max_(PASSIVE_LEVEL
)
9246 ZwOpenProcessTokenEx(
9247 _In_ HANDLE ProcessHandle
,
9248 _In_ ACCESS_MASK DesiredAccess
,
9249 _In_ ULONG HandleAttributes
,
9250 _Out_ PHANDLE TokenHandle
);
9252 _IRQL_requires_max_(PASSIVE_LEVEL
)
9256 ZwOpenThreadTokenEx(
9257 _In_ HANDLE ThreadHandle
,
9258 _In_ ACCESS_MASK DesiredAccess
,
9259 _In_ BOOLEAN OpenAsSelf
,
9260 _In_ ULONG HandleAttributes
,
9261 _Out_ PHANDLE TokenHandle
);
9263 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
9265 #if (NTDDI_VERSION >= NTDDI_VISTA)
9267 _IRQL_requires_max_(PASSIVE_LEVEL
)
9272 _In_ HANDLE FileHandle
,
9273 _In_opt_ HANDLE Event
,
9274 _In_opt_ PIO_APC_ROUTINE ApcRoutine
,
9275 _In_opt_ PVOID ApcContext
,
9276 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9277 _In_ PLARGE_INTEGER ByteOffset
,
9278 _In_ PLARGE_INTEGER Length
,
9280 _In_ BOOLEAN FailImmediately
,
9281 _In_ BOOLEAN ExclusiveLock
);
9283 _IRQL_requires_max_(PASSIVE_LEVEL
)
9288 _In_ HANDLE FileHandle
,
9289 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9290 _In_ PLARGE_INTEGER ByteOffset
,
9291 _In_ PLARGE_INTEGER Length
,
9294 _IRQL_requires_max_(PASSIVE_LEVEL
)
9298 ZwQueryQuotaInformationFile(
9299 _In_ HANDLE FileHandle
,
9300 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9301 _Out_writes_bytes_(Length
) PVOID Buffer
,
9303 _In_ BOOLEAN ReturnSingleEntry
,
9304 _In_reads_bytes_opt_(SidListLength
) PVOID SidList
,
9305 _In_ ULONG SidListLength
,
9306 _In_opt_ PSID StartSid
,
9307 _In_ BOOLEAN RestartScan
);
9309 _IRQL_requires_max_(PASSIVE_LEVEL
)
9313 ZwSetQuotaInformationFile(
9314 _In_ HANDLE FileHandle
,
9315 _Out_ PIO_STATUS_BLOCK IoStatusBlock
,
9316 _In_reads_bytes_(Length
) PVOID Buffer
,
9319 _IRQL_requires_max_(PASSIVE_LEVEL
)
9324 _In_ HANDLE FileHandle
,
9325 _Out_ PIO_STATUS_BLOCK IoStatusBlock
);
9326 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
9327 #if (NTDDI_VERSION >= NTDDI_WIN7)
9329 _IRQL_requires_max_(PASSIVE_LEVEL
)
9333 ZwSetInformationToken(
9334 _In_ HANDLE TokenHandle
,
9335 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass
,
9336 _In_reads_bytes_(TokenInformationLength
) PVOID TokenInformation
,
9337 _In_ ULONG TokenInformationLength
);
9338 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
9344 #define ISSP_LEVEL 32
9348 #define MIDL_PROP(x) x
9350 #define MIDL_PROP(x)
9353 #define SEC_TEXT TEXT
9355 #define SEC_ENTRY __stdcall
9357 #if defined(_NO_KSECDD_IMPORT_)
9358 #define KSECDDDECLSPEC
9360 #define KSECDDDECLSPEC __declspec(dllimport)
9363 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
9364 #define SECQOP_WRAP_OOB_DATA 0x40000000
9366 #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")
9367 #define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW
9369 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
9370 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2
9371 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3
9372 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4
9374 #define SECURITY_NATIVE_DREP 0x00000010
9375 #define SECURITY_NETWORK_DREP 0x00000000
9377 #define SECPKG_ID_NONE 0xFFFF
9379 #define SECPKG_CRED_ATTR_NAMES 1
9380 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
9382 #define SECPKG_ATTR_SIZES 0
9383 #define SECPKG_ATTR_NAMES 1
9384 #define SECPKG_ATTR_LIFESPAN 2
9385 #define SECPKG_ATTR_DCE_INFO 3
9386 #define SECPKG_ATTR_STREAM_SIZES 4
9387 #define SECPKG_ATTR_KEY_INFO 5
9388 #define SECPKG_ATTR_AUTHORITY 6
9389 #define SECPKG_ATTR_PROTO_INFO 7
9390 #define SECPKG_ATTR_PASSWORD_EXPIRY 8
9391 #define SECPKG_ATTR_SESSION_KEY 9
9392 #define SECPKG_ATTR_PACKAGE_INFO 10
9393 #define SECPKG_ATTR_USER_FLAGS 11
9394 #define SECPKG_ATTR_NEGOTIATION_INFO 12
9395 #define SECPKG_ATTR_NATIVE_NAMES 13
9396 #define SECPKG_ATTR_FLAGS 14
9397 #define SECPKG_ATTR_USE_VALIDATED 15
9398 #define SECPKG_ATTR_CREDENTIAL_NAME 16
9399 #define SECPKG_ATTR_TARGET_INFORMATION 17
9400 #define SECPKG_ATTR_ACCESS_TOKEN 18
9401 #define SECPKG_ATTR_TARGET 19
9402 #define SECPKG_ATTR_AUTHENTICATION_ID 20
9403 #define SECPKG_ATTR_LOGOFF_TIME 21
9404 #define SECPKG_ATTR_NEGO_KEYS 22
9405 #define SECPKG_ATTR_PROMPTING_NEEDED 24
9406 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
9407 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
9408 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
9409 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
9410 #define SECPKG_ATTR_NEGO_PKG_INFO 31
9411 #define SECPKG_ATTR_NEGO_STATUS 32
9412 #define SECPKG_ATTR_CONTEXT_DELETED 33
9414 #define SECPKG_FLAG_INTEGRITY 0x00000001
9415 #define SECPKG_FLAG_PRIVACY 0x00000002
9416 #define SECPKG_FLAG_TOKEN_ONLY 0x00000004
9417 #define SECPKG_FLAG_DATAGRAM 0x00000008
9418 #define SECPKG_FLAG_CONNECTION 0x00000010
9419 #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
9420 #define SECPKG_FLAG_CLIENT_ONLY 0x00000040
9421 #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
9422 #define SECPKG_FLAG_IMPERSONATION 0x00000100
9423 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
9424 #define SECPKG_FLAG_STREAM 0x00000400
9425 #define SECPKG_FLAG_NEGOTIABLE 0x00000800
9426 #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
9427 #define SECPKG_FLAG_LOGON 0x00002000
9428 #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
9429 #define SECPKG_FLAG_FRAGMENT 0x00008000
9430 #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
9431 #define SECPKG_FLAG_DELEGATION 0x00020000
9432 #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
9433 #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
9434 #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
9435 #define SECPKG_FLAG_NEGOTIABLE2 0x00200000
9437 #define SECPKG_CRED_INBOUND 0x00000001
9438 #define SECPKG_CRED_OUTBOUND 0x00000002
9439 #define SECPKG_CRED_BOTH 0x00000003
9440 #define SECPKG_CRED_DEFAULT 0x00000004
9441 #define SECPKG_CRED_RESERVED 0xF0000000
9442 #define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
9443 #define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
9445 #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001
9446 #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002
9447 #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004
9449 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
9450 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
9451 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
9453 #define SecPkgContext_NativeNames SecPkgContext_NativeNamesW
9454 #define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW
9456 #define SECBUFFER_VERSION 0
9458 #define SECBUFFER_EMPTY 0
9459 #define SECBUFFER_DATA 1
9460 #define SECBUFFER_TOKEN 2
9461 #define SECBUFFER_PKG_PARAMS 3
9462 #define SECBUFFER_MISSING 4
9463 #define SECBUFFER_EXTRA 5
9464 #define SECBUFFER_STREAM_TRAILER 6
9465 #define SECBUFFER_STREAM_HEADER 7
9466 #define SECBUFFER_NEGOTIATION_INFO 8
9467 #define SECBUFFER_PADDING 9
9468 #define SECBUFFER_STREAM 10
9469 #define SECBUFFER_MECHLIST 11
9470 #define SECBUFFER_MECHLIST_SIGNATURE 12
9471 #define SECBUFFER_TARGET 13
9472 #define SECBUFFER_CHANNEL_BINDINGS 14
9473 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
9474 #define SECBUFFER_TARGET_HOST 16
9475 #define SECBUFFER_ALERT 17
9477 #define SECBUFFER_ATTRMASK 0xF0000000
9478 #define SECBUFFER_READONLY 0x80000000
9479 #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
9480 #define SECBUFFER_RESERVED 0x60000000
9482 #define ISC_REQ_DELEGATE 0x00000001
9483 #define ISC_REQ_MUTUAL_AUTH 0x00000002
9484 #define ISC_REQ_REPLAY_DETECT 0x00000004
9485 #define ISC_REQ_SEQUENCE_DETECT 0x00000008
9486 #define ISC_REQ_CONFIDENTIALITY 0x00000010
9487 #define ISC_REQ_USE_SESSION_KEY 0x00000020
9488 #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
9489 #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
9490 #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
9491 #define ISC_REQ_USE_DCE_STYLE 0x00000200
9492 #define ISC_REQ_DATAGRAM 0x00000400
9493 #define ISC_REQ_CONNECTION 0x00000800
9494 #define ISC_REQ_CALL_LEVEL 0x00001000
9495 #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
9496 #define ISC_REQ_EXTENDED_ERROR 0x00004000
9497 #define ISC_REQ_STREAM 0x00008000
9498 #define ISC_REQ_INTEGRITY 0x00010000
9499 #define ISC_REQ_IDENTIFY 0x00020000
9500 #define ISC_REQ_NULL_SESSION 0x00040000
9501 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
9502 #define ISC_REQ_RESERVED1 0x00100000
9503 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
9504 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
9505 #define ISC_REQ_NO_INTEGRITY 0x00800000
9506 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
9508 #define ISC_RET_DELEGATE 0x00000001
9509 #define ISC_RET_MUTUAL_AUTH 0x00000002
9510 #define ISC_RET_REPLAY_DETECT 0x00000004
9511 #define ISC_RET_SEQUENCE_DETECT 0x00000008
9512 #define ISC_RET_CONFIDENTIALITY 0x00000010
9513 #define ISC_RET_USE_SESSION_KEY 0x00000020
9514 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
9515 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
9516 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
9517 #define ISC_RET_USED_DCE_STYLE 0x00000200
9518 #define ISC_RET_DATAGRAM 0x00000400
9519 #define ISC_RET_CONNECTION 0x00000800
9520 #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
9521 #define ISC_RET_CALL_LEVEL 0x00002000
9522 #define ISC_RET_EXTENDED_ERROR 0x00004000
9523 #define ISC_RET_STREAM 0x00008000
9524 #define ISC_RET_INTEGRITY 0x00010000
9525 #define ISC_RET_IDENTIFY 0x00020000
9526 #define ISC_RET_NULL_SESSION 0x00040000
9527 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
9528 #define ISC_RET_RESERVED1 0x00100000
9529 #define ISC_RET_FRAGMENT_ONLY 0x00200000
9530 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
9531 #define ISC_RET_USED_HTTP_STYLE 0x01000000
9532 #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9533 #define ISC_RET_REAUTHENTICATION 0x08000000
9535 #define ASC_REQ_DELEGATE 0x00000001
9536 #define ASC_REQ_MUTUAL_AUTH 0x00000002
9537 #define ASC_REQ_REPLAY_DETECT 0x00000004
9538 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
9539 #define ASC_REQ_CONFIDENTIALITY 0x00000010
9540 #define ASC_REQ_USE_SESSION_KEY 0x00000020
9541 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
9542 #define ASC_REQ_USE_DCE_STYLE 0x00000200
9543 #define ASC_REQ_DATAGRAM 0x00000400
9544 #define ASC_REQ_CONNECTION 0x00000800
9545 #define ASC_REQ_CALL_LEVEL 0x00001000
9546 #define ASC_REQ_EXTENDED_ERROR 0x00008000
9547 #define ASC_REQ_STREAM 0x00010000
9548 #define ASC_REQ_INTEGRITY 0x00020000
9549 #define ASC_REQ_LICENSING 0x00040000
9550 #define ASC_REQ_IDENTIFY 0x00080000
9551 #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
9552 #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
9553 #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
9554 #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
9555 #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
9556 #define ASC_REQ_NO_TOKEN 0x01000000
9557 #define ASC_REQ_PROXY_BINDINGS 0x04000000
9558 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9560 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
9561 #define ASC_RET_DELEGATE 0x00000001
9562 #define ASC_RET_MUTUAL_AUTH 0x00000002
9563 #define ASC_RET_REPLAY_DETECT 0x00000004
9564 #define ASC_RET_SEQUENCE_DETECT 0x00000008
9565 #define ASC_RET_CONFIDENTIALITY 0x00000010
9566 #define ASC_RET_USE_SESSION_KEY 0x00000020
9567 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
9568 #define ASC_RET_USED_DCE_STYLE 0x00000200
9569 #define ASC_RET_DATAGRAM 0x00000400
9570 #define ASC_RET_CONNECTION 0x00000800
9571 #define ASC_RET_CALL_LEVEL 0x00002000
9572 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
9573 #define ASC_RET_EXTENDED_ERROR 0x00008000
9574 #define ASC_RET_STREAM 0x00010000
9575 #define ASC_RET_INTEGRITY 0x00020000
9576 #define ASC_RET_LICENSING 0x00040000
9577 #define ASC_RET_IDENTIFY 0x00080000
9578 #define ASC_RET_NULL_SESSION 0x00100000
9579 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
9580 #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
9581 #define ASC_RET_FRAGMENT_ONLY 0x00800000
9582 #define ASC_RET_NO_TOKEN 0x01000000
9583 #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9584 #define ASC_RET_NO_PROXY_BINDINGS 0x04000000
9585 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9586 #define ASC_RET_MISSING_BINDINGS 0x10000000
9588 #define SEC_DELETED_HANDLE ((ULONG_PTR)(-2))
9590 #define SecInvalidateHandle(x) \
9591 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1));
9593 #define SecIsValidHandle(x) \
9594 ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \
9595 ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) )
9597 typedef WCHAR SEC_WCHAR
;
9598 typedef CHAR SEC_CHAR
;
9599 typedef LARGE_INTEGER _SECURITY_INTEGER
, SECURITY_INTEGER
, *PSECURITY_INTEGER
;
9600 typedef SECURITY_INTEGER TimeStamp
, *PTimeStamp
;
9601 typedef UNICODE_STRING SECURITY_STRING
, *PSECURITY_STRING
;
9603 #define PSSPI_SEC_STRING PSECURITY_STRING
9605 #define PSSPI_SEC_STRING SEC_WCHAR*
9608 typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE
;
9610 #ifndef __SECSTATUS_DEFINED__
9611 typedef LONG SECURITY_STATUS
;
9612 #define __SECSTATUS_DEFINED__
9615 typedef enum _SECPKG_CRED_CLASS
9617 SecPkgCredClass_None
= 0,
9618 SecPkgCredClass_Ephemeral
= 10,
9619 SecPkgCredClass_PersistedGeneric
= 20,
9620 SecPkgCredClass_PersistedSpecific
= 30,
9621 SecPkgCredClass_Explicit
= 40,
9622 } SECPKG_CRED_CLASS
, *PSECPKG_CRED_CLASS
;
9624 typedef struct _SEC_NEGOTIATION_INFO
9630 } SEC_NEGOTIATION_INFO
, *PSEC_NEGOTIATION_INFO
;
9632 typedef struct _SEC_CHANNEL_BINDINGS
9634 ULONG dwInitiatorAddrType
;
9635 ULONG cbInitiatorLength
;
9636 ULONG dwInitiatorOffset
;
9637 ULONG dwAcceptorAddrType
;
9638 ULONG cbAcceptorLength
;
9639 ULONG dwAcceptorOffset
;
9640 ULONG cbApplicationDataLength
;
9641 ULONG dwApplicationDataOffset
;
9642 } SEC_CHANNEL_BINDINGS
, *PSEC_CHANNEL_BINDINGS
;
9644 #ifndef _AUTH_IDENTITY_EX2_DEFINED
9645 #define _AUTH_IDENTITY_EX2_DEFINED
9646 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2
9649 USHORT cbHeaderLength
;
9650 ULONG cbStructureLength
;
9654 USHORT DomainLength
;
9655 ULONG PackedCredentialsOffset
;
9656 USHORT PackedCredentialsLength
;
9658 ULONG PackageListOffset
;
9659 USHORT PackageListLength
;
9660 } SEC_WINNT_AUTH_IDENTITY_EX2
, *PSEC_WINNT_AUTH_IDENTITY_EX2
;
9661 #define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
9664 #ifndef _AUTH_IDENTITY_DEFINED
9665 #define _AUTH_IDENTITY_DEFINED
9666 typedef struct _SEC_WINNT_AUTH_IDENTITY_W
9673 ULONG PasswordLength
;
9675 } SEC_WINNT_AUTH_IDENTITY_W
, *PSEC_WINNT_AUTH_IDENTITY_W
;
9676 #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
9677 #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
9678 #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
9679 #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
9680 #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W
9683 #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
9684 #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
9685 typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW
9694 ULONG PasswordLength
;
9696 PUSHORT PackageList
;
9697 ULONG PackageListLength
;
9698 } SEC_WINNT_AUTH_IDENTITY_EXW
, *PSEC_WINNT_AUTH_IDENTITY_EXW
;
9699 #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
9700 #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
9703 #ifndef __SECHANDLE_DEFINED__
9704 typedef struct _SecHandle
9708 } SecHandle
, *PSecHandle
;
9709 #define __SECHANDLE_DEFINED__
9712 typedef SecHandle CredHandle
, *PCredHandle
, CtxtHandle
, *PCtxtHandle
;
9714 typedef struct _SecBuffer
9719 MIDL_PROP([size_is(cbBuffer
)]) PCHAR pvBuffer
;
9721 __field_bcount(cbBuffer
) void SEC_FAR
*pvBuffer
;
9723 } SecBuffer
, *PSecBuffer
;
9725 typedef struct _SecBufferDesc
9729 MIDL_PROP([size_is(cBuffers
)]) __field_ecount(cBuffers
) PSecBuffer pBuffers
;
9730 } SecBufferDesc
, SEC_FAR
*PSecBufferDesc
;
9732 typedef struct _SecPkgInfoW
9734 ULONG fCapabilities
;
9738 MIDL_PROP([string
]) SEC_WCHAR
*Name
;
9739 MIDL_PROP([string
]) SEC_WCHAR
*Comment
;
9740 } SecPkgInfoW
, *PSecPkgInfoW
;
9741 #define SecPkgInfo SecPkgInfoW
9742 #define PSecPkgInfo PSecPkgInfoW
9744 typedef struct _SecPkgCredentials_NamesW
9746 MIDL_PROP([string
]) SEC_WCHAR
*sUserName
;
9747 } SecPkgCredentials_NamesW
, *PSecPkgCredentials_NamesW
;
9748 #define SecPkgCredentials_Names SecPkgCredentials_NamesW
9749 #define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
9751 typedef struct _SecPkgContext_NamesW
9753 SEC_WCHAR
*sUserName
;
9754 } SecPkgContext_NamesW
, *PSecPkgContext_NamesW
;
9755 #define SecPkgContext_Names SecPkgContext_NamesW
9756 #define PSecPkgContext_Names PSecPkgContext_NamesW
9758 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
9759 typedef struct _SecPkgContext_CredentialNameW
9761 ULONG CredentialType
;
9762 SEC_WCHAR
*sCredentialName
;
9763 } SecPkgContext_CredentialNameW
, *PSecPkgContext_CredentialNameW
;
9765 #define SecPkgContext_CredentialName SecPkgContext_CredentialNameW
9766 #define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW
9768 typedef struct _SecPkgContext_SubjectAttributes
9770 PVOID AttributeInfo
;
9771 } SecPkgContext_SubjectAttributes
, *PSecPkgContext_SubjectAttributes
;
9773 typedef struct _SecPkgContext_CredInfo
9775 SECPKG_CRED_CLASS CredClass
;
9776 ULONG IsPromptingNeeded
;
9777 } SecPkgContext_CredInfo
, *PSecPkgContext_CredInfo
;
9779 typedef struct _SecPkgContext_NegoPackageInfo
9782 } SecPkgContext_NegoPackageInfo
, *PSecPkgContext_NegoPackageInfo
;
9784 typedef struct _SecPkgContext_NegoStatus
9787 } SecPkgContext_NegoStatus
, *PSecPkgContext_NegoStatus
;
9789 typedef struct _SecPkgContext_Sizes
9792 ULONG cbMaxSignature
;
9794 ULONG cbSecurityTrailer
;
9795 } SecPkgContext_Sizes
, *PSecPkgContext_Sizes
;
9797 typedef struct _SecPkgContext_StreamSizes
9801 ULONG cbMaximumMessage
;
9804 } SecPkgContext_StreamSizes
, *PSecPkgContext_StreamSizes
;
9806 typedef struct _SecPkgContext_Lifespan
9810 } SecPkgContext_Lifespan
, *PSecPkgContext_Lifespan
;
9812 typedef struct _SecPkgContext_PasswordExpiry
9814 TimeStamp tsPasswordExpires
;
9815 } SecPkgContext_PasswordExpiry
, *PSecPkgContext_PasswordExpiry
;
9817 typedef struct _SecPkgContext_ProtoInfoW
9819 SEC_WCHAR
*sProtocolName
;
9822 } SecPkgContext_ProtoInfoW
, *PSecPkgContext_ProtoInfoW
;
9823 #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW
9824 #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW
9826 typedef struct _SecPkgContext_KeyInfoW
9828 SEC_WCHAR
*sSignatureAlgorithmName
;
9829 SEC_WCHAR
*sEncryptAlgorithmName
;
9831 ULONG SignatureAlgorithm
;
9832 ULONG EncryptAlgorithm
;
9833 } SecPkgContext_KeyInfoW
, *PSecPkgContext_KeyInfoW
;
9834 #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW
9835 #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW
9837 typedef struct _SecPkgContext_SessionKey
9839 ULONG SessionKeyLength
;
9840 __field_bcount(SessionKeyLength
) PUCHAR SessionKey
;
9841 } SecPkgContext_SessionKey
, *PSecPkgContext_SessionKey
;
9843 typedef struct _SecPkgContext_NegoKeys
9847 __field_bcount(KeyLength
) PUCHAR KeyValue
;
9848 ULONG VerifyKeyType
;
9849 USHORT VerifyKeyLength
;
9850 __field_bcount(VerifyKeyLength
) PUCHAR VerifyKeyValue
;
9851 } SecPkgContext_NegoKeys
, *PSecPkgContext_NegoKeys
;
9853 typedef struct _SecPkgContext_DceInfo
9857 } SecPkgContext_DceInfo
, *PSecPkgContext_DceInfo
;
9859 typedef struct _SecPkgContext_PackageInfoW
9861 PSecPkgInfoW PackageInfo
;
9862 } SecPkgContext_PackageInfoW
, *PSecPkgContext_PackageInfoW
;
9863 #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
9864 #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW
9866 typedef struct _SecPkgContext_UserFlags
9869 } SecPkgContext_UserFlags
, *PSecPkgContext_UserFlags
;
9871 typedef struct _SecPkgContext_Flags
9874 } SecPkgContext_Flags
, *PSecPkgContext_Flags
;
9876 typedef struct _SecPkgContext_NegotiationInfoW
9878 PSecPkgInfoW PackageInfo
;
9879 ULONG NegotiationState
;
9880 } SecPkgContext_NegotiationInfoW
, *PSecPkgContext_NegotiationInfoW
;
9882 typedef struct _SecPkgContext_AuthorityW
9884 SEC_WCHAR
*sAuthorityName
;
9885 } SecPkgContext_AuthorityW
, *PSecPkgContext_AuthorityW
;
9886 #define SecPkgContext_Authority SecPkgContext_AuthorityW
9887 #define PSecPkgContext_Authority PSecPkgContext_AuthorityW
9890 #if NTDDI_VERSION > NTDDI_WS03
9891 typedef struct _SecPkgCredentials_SSIProviderW
9893 SEC_WCHAR
*sProviderName
;
9894 ULONG ProviderInfoLength
;
9896 } SecPkgCredentials_SSIProviderW
, *PSecPkgCredentials_SSIProviderW
;
9897 #define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
9898 #define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
9900 typedef struct _SecPkgContext_LogoffTime
9902 TimeStamp tsLogoffTime
;
9903 } SecPkgContext_LogoffTime
, *PSecPkgContext_LogoffTime
;
9906 /* forward declaration */
9907 typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW
, *PSecurityFunctionTableW
;
9908 #define SecurityFunctionTable SecurityFunctionTableW
9909 #define PSecurityFunctionTable PSecurityFunctionTableW
9913 (SEC_ENTRY
* SEC_GET_KEY_FN
)(
9918 SECURITY_STATUS
*Status
);
9923 AcceptSecurityContext(
9924 _In_opt_ PCredHandle phCredential
,
9925 _In_opt_ PCtxtHandle phContext
,
9926 _In_opt_ PSecBufferDesc pInput
,
9927 _In_ ULONG fContextReq
,
9928 _In_ ULONG TargetDataRep
,
9929 _In_opt_ PCtxtHandle phNewContext
,
9930 _In_opt_ PSecBufferDesc pOutput
,
9931 _Out_ PULONG pfContextAttr
,
9932 _Out_opt_ PTimeStamp ptsExpiry
);
9936 (SEC_ENTRY
* ACCEPT_SECURITY_CONTEXT_FN
)(
9950 AcquireCredentialsHandleW(
9951 _In_opt_ PSSPI_SEC_STRING pPrincipal
,
9952 _In_ PSSPI_SEC_STRING pPackage
,
9953 _In_ ULONG fCredentialUse
,
9954 _In_opt_ PVOID pvLogonId
,
9955 _In_opt_ PVOID pAuthData
,
9956 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
9957 _In_opt_ PVOID pvGetKeyArgument
,
9958 _Out_ PCredHandle phCredential
,
9959 _Out_opt_ PTimeStamp ptsExpiry
);
9960 #define AcquireCredentialsHandle AcquireCredentialsHandleW
9964 (SEC_ENTRY
* ACQUIRE_CREDENTIALS_HANDLE_FN_W
)(
9974 #define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
9979 _In_ PCredHandle hCredentials
,
9980 _In_opt_ LPSTR pszPrincipal
,
9981 _In_ LPSTR pszPackage
,
9982 _In_ ULONG fCredentialUse
,
9983 _In_opt_ PVOID pAuthData
,
9984 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
9985 _In_opt_ PVOID pvGetKeyArgument
,
9986 _Out_opt_ PTimeStamp ptsExpiry
);
9990 (SEC_ENTRY
* ADD_CREDENTIALS_FN_A
)(
10004 _In_ PCredHandle hCredentials
,
10005 _In_opt_ PSSPI_SEC_STRING pPrincipal
,
10006 _In_ PSSPI_SEC_STRING pPackage
,
10007 _In_ ULONG fCredentialUse
,
10008 _In_opt_ PVOID pAuthData
,
10009 _In_opt_ SEC_GET_KEY_FN pGetKeyFn
,
10010 _In_opt_ PVOID pvGetKeyArgument
,
10011 _Out_opt_ PTimeStamp ptsExpiry
);
10015 (SEC_ENTRY
* ADD_CREDENTIALS_FN_W
)(
10026 #define AddCredentials AddCredentialsW
10027 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
10029 #define AddCredentials AddCredentialsA
10030 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
10037 _In_ PCtxtHandle phContext
,
10038 _In_ PSecBufferDesc pInput
);
10042 (SEC_ENTRY
* APPLY_CONTROL_TOKEN_FN
)(
10043 PCtxtHandle
, PSecBufferDesc
);
10045 #if (ISSP_MODE != 0)
10049 ChangeAccountPasswordA(
10050 _In_ SEC_CHAR
* pszPackageName
,
10051 _In_ SEC_CHAR
* pszDomainName
,
10052 _In_ SEC_CHAR
* pszAccountName
,
10053 _In_ SEC_CHAR
* pszOldPassword
,
10054 _In_ SEC_CHAR
* pszNewPassword
,
10055 _In_ BOOLEAN bImpersonating
,
10056 _In_ ULONG dwReserved
,
10057 _Inout_ PSecBufferDesc pOutput
);
10061 (SEC_ENTRY
* CHANGE_PASSWORD_FN_A
)(
10073 ChangeAccountPasswordW(
10074 _In_ SEC_WCHAR
* pszPackageName
,
10075 _In_ SEC_WCHAR
* pszDomainName
,
10076 _In_ SEC_WCHAR
* pszAccountName
,
10077 _In_ SEC_WCHAR
* pszOldPassword
,
10078 _In_ SEC_WCHAR
* pszNewPassword
,
10079 _In_ BOOLEAN bImpersonating
,
10080 _In_ ULONG dwReserved
,
10081 _Inout_ PSecBufferDesc pOutput
);
10085 (SEC_ENTRY
* CHANGE_PASSWORD_FN_W
)(
10096 #define ChangeAccountPassword ChangeAccountPasswordW
10097 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W
10099 #define ChangeAccountPassword ChangeAccountPasswordA
10100 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A
10103 #endif /* ISSP_MODE != 0 */
10108 _In_ PCtxtHandle phContext
,
10109 _In_ PSecBufferDesc pToken
);
10113 (SEC_ENTRY
* COMPLETE_AUTH_TOKEN_FN
)(
10120 _In_ PCtxtHandle phContext
,
10121 _Inout_ PSecBufferDesc pMessage
,
10122 _In_ ULONG MessageSeqNo
,
10123 _Out_opt_ PULONG pfQOP
);
10127 (SEC_ENTRY
* DECRYPT_MESSAGE_FN
)(
10136 DeleteSecurityContext(
10137 _In_ PCtxtHandle phContext
);
10141 (SEC_ENTRY
* DELETE_SECURITY_CONTEXT_FN
)(
10147 _In_ PCtxtHandle phContext
,
10149 _Inout_ PSecBufferDesc pMessage
,
10150 _In_ ULONG MessageSeqNo
);
10154 (SEC_ENTRY
* ENCRYPT_MESSAGE_FN
)(
10163 EnumerateSecurityPackagesW(
10164 _Out_ PULONG pcPackages
,
10165 _Deref_out_ PSecPkgInfoW
* ppPackageInfo
);
10166 #define EnumerateSecurityPackages EnumerateSecurityPackagesW
10170 (SEC_ENTRY
* ENUMERATE_SECURITY_PACKAGES_FN_W
)(
10173 #define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
10178 ExportSecurityContext(
10179 _In_ PCtxtHandle phContext
,
10181 _Out_ PSecBuffer pPackedContext
,
10182 _Out_ PVOID
* pToken
);
10186 (SEC_ENTRY
* EXPORT_SECURITY_CONTEXT_FN
)(
10195 _Inout_ PVOID pvContextBuffer
);
10199 (SEC_ENTRY
* FREE_CONTEXT_BUFFER_FN
)(
10205 FreeCredentialsHandle(
10206 _In_ PCredHandle phCredential
);
10210 (SEC_ENTRY
* FREE_CREDENTIALS_HANDLE_FN
)(
10216 ImpersonateSecurityContext(
10217 _In_ PCtxtHandle phContext
);
10221 (SEC_ENTRY
* IMPERSONATE_SECURITY_CONTEXT_FN
)(
10227 ImportSecurityContextW(
10228 _In_ PSSPI_SEC_STRING pszPackage
,
10229 _In_ PSecBuffer pPackedContext
,
10231 _Out_ PCtxtHandle phContext
);
10232 #define ImportSecurityContext ImportSecurityContextW
10236 (SEC_ENTRY
* IMPORT_SECURITY_CONTEXT_FN_W
)(
10241 #define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
10246 InitializeSecurityContextW(
10247 _In_opt_ PCredHandle phCredential
,
10248 _In_opt_ PCtxtHandle phContext
,
10249 _In_opt_ PSSPI_SEC_STRING pTargetName
,
10250 _In_ ULONG fContextReq
,
10251 _In_ ULONG Reserved1
,
10252 _In_ ULONG TargetDataRep
,
10253 _In_opt_ PSecBufferDesc pInput
,
10254 _In_ ULONG Reserved2
,
10255 _Inout_opt_ PCtxtHandle phNewContext
,
10256 _Inout_opt_ PSecBufferDesc pOutput
,
10257 _Out_ PULONG pfContextAttr
,
10258 _Out_opt_ PTimeStamp ptsExpiry
);
10259 #define InitializeSecurityContext InitializeSecurityContextW
10263 (SEC_ENTRY
* INITIALIZE_SECURITY_CONTEXT_FN_W
)(
10276 #define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
10279 PSecurityFunctionTableW
10281 InitSecurityInterfaceW(VOID
);
10282 #define InitSecurityInterface InitSecurityInterfaceW
10285 PSecurityFunctionTableW
10286 (SEC_ENTRY
* INIT_SECURITY_INTERFACE_W
)(VOID
);
10287 #define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
10293 _In_ PCtxtHandle phContext
,
10295 _In_ PSecBufferDesc pMessage
,
10296 _In_ ULONG MessageSeqNo
);
10300 (SEC_ENTRY
* MAKE_SIGNATURE_FN
)(
10309 QueryContextAttributesW(
10310 _In_ PCtxtHandle phContext
,
10311 _In_ ULONG ulAttribute
,
10312 _Out_ PVOID pBuffer
);
10313 #define QueryContextAttributes QueryContextAttributesW
10317 (SEC_ENTRY
* QUERY_CONTEXT_ATTRIBUTES_FN_W
)(
10321 #define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
10326 QueryCredentialsAttributesW(
10327 _In_ PCredHandle phCredential
,
10328 _In_ ULONG ulAttribute
,
10329 _Inout_ PVOID pBuffer
);
10330 #define QueryCredentialsAttributes QueryCredentialsAttributesW
10334 (SEC_ENTRY
* QUERY_CREDENTIALS_ATTRIBUTES_FN_W
)(
10338 #define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
10343 QuerySecurityContextToken(
10344 _In_ PCtxtHandle phContext
,
10345 _Out_ PVOID
* Token
);
10349 (SEC_ENTRY
* QUERY_SECURITY_CONTEXT_TOKEN_FN
)(
10350 PCtxtHandle
, PVOID
*);
10355 QuerySecurityPackageInfoW(
10356 _In_ PSSPI_SEC_STRING pPackageName
,
10357 _Deref_out_ PSecPkgInfoW
*ppPackageInfo
);
10358 #define QuerySecurityPackageInfo QuerySecurityPackageInfoW
10362 (SEC_ENTRY
* QUERY_SECURITY_PACKAGE_INFO_FN_W
)(
10365 #define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
10370 RevertSecurityContext(
10371 _In_ PCtxtHandle phContext
);
10375 (SEC_ENTRY
* REVERT_SECURITY_CONTEXT_FN
)(
10378 #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
10381 SetContextAttributesW(
10382 _In_ PCtxtHandle phContext
,
10383 _In_ ULONG ulAttribute
,
10384 _In_bytecount_(cbBuffer
) PVOID pBuffer
,
10385 _In_ ULONG cbBuffer
);
10386 #define SetContextAttributes SetContextAttributesW
10390 (SEC_ENTRY
* SET_CONTEXT_ATTRIBUTES_FN_W
)(
10395 #define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
10398 #if (NTDDI_VERSION > NTDDI_WS03)
10402 SetCredentialsAttributesW(
10403 _In_ PCredHandle phCredential
,
10404 _In_ ULONG ulAttribute
,
10405 _In_bytecount_(cbBuffer
) PVOID pBuffer
,
10406 _In_ ULONG cbBuffer
);
10407 #define SetCredentialsAttributes SetCredentialsAttributesW
10411 (SEC_ENTRY
* SET_CREDENTIALS_ATTRIBUTES_FN_W
)(
10416 #define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
10417 #endif /* NTDDI_VERSION > NTDDI_WS03 */
10423 _In_ PCtxtHandle phContext
,
10424 _In_ PSecBufferDesc pMessage
,
10425 _In_ ULONG MessageSeqNo
,
10426 _Out_ PULONG pfQOP
);
10430 (SEC_ENTRY
* VERIFY_SIGNATURE_FN
)(
10436 #if (ISSP_MODE == 0)
10442 _In_ PUNICODE_STRING ServiceClass
,
10443 _In_ PUNICODE_STRING ServiceName
,
10444 _In_opt_ PUNICODE_STRING InstanceName
,
10445 _In_opt_ USHORT InstancePort
,
10446 _In_opt_ PUNICODE_STRING Referrer
,
10447 _Inout_ PUNICODE_STRING Spn
,
10448 _Out_opt_ PULONG Length
,
10449 _In_ BOOLEAN Allocate
);
10451 #if (NTDDI_VERSION >= NTDDI_WINXP)
10456 _In_ PUNICODE_STRING ServiceClass
,
10457 _In_ PUNICODE_STRING ServiceName
,
10458 _In_opt_ PUNICODE_STRING InstanceName
,
10459 _In_opt_ USHORT InstancePort
,
10460 _In_opt_ PUNICODE_STRING Referrer
,
10461 _In_opt_ PUNICODE_STRING TargetInfo
,
10462 _Inout_ PUNICODE_STRING Spn
,
10463 _Out_ PULONG Length OPTIONAL
,
10464 _In_ BOOLEAN Allocate
);
10469 SecLookupAccountSid(
10471 _Out_ PULONG NameSize
,
10472 _Inout_ PUNICODE_STRING NameBuffer
,
10473 _Out_ PULONG DomainSize OPTIONAL
,
10474 _Out_opt_ PUNICODE_STRING DomainBuffer
,
10475 _Out_ PSID_NAME_USE NameUse
);
10480 SecLookupAccountName(
10481 _In_ PUNICODE_STRING Name
,
10482 _Inout_ PULONG SidSize
,
10484 _Out_ PSID_NAME_USE NameUse
,
10485 _Out_opt_ PULONG DomainSize
, // WDK says _Out_ only + ... OPTIONAL
10486 _Inout_opt_ PUNICODE_STRING ReferencedDomain
);
10489 #if (NTDDI_VERSION >= NTDDI_WS03)
10493 SecLookupWellKnownSid(
10494 _In_ WELL_KNOWN_SID_TYPE SidType
,
10496 _In_ ULONG SidBufferSize
,
10497 _Inout_opt_ PULONG SidSize
);
10500 #if (NTDDI_VERSION >= NTDDI_VISTA)
10505 _In_ PUNICODE_STRING ServiceClass
,
10506 _In_ PUNICODE_STRING ServiceName
,
10507 _In_opt_ PUNICODE_STRING InstanceName
,
10508 _In_opt_ USHORT InstancePort
,
10509 _In_opt_ PUNICODE_STRING Referrer
,
10510 _In_opt_ PUNICODE_STRING InTargetInfo
,
10511 _Inout_ PUNICODE_STRING Spn
,
10512 _Out_opt_ PULONG TotalSize
,
10513 _In_ BOOLEAN Allocate
,
10514 _In_ BOOLEAN IsTargetInfoMarshaled
);
10517 #endif /* ISSP_MODE == 0 */
10519 #if (NTDDI_VERSION >= NTDDI_WIN7)
10523 SspiEncodeAuthIdentityAsStrings(
10524 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity
,
10525 _Deref_out_opt_ PCWSTR
* ppszUserName
,
10526 _Deref_out_opt_ PCWSTR
* ppszDomainName
,
10527 _Deref_opt_out_opt_ PCWSTR
* ppszPackedCredentialsString
);
10531 SspiValidateAuthIdentity(
10532 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10536 SspiCopyAuthIdentity(
10537 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
,
10538 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* AuthDataCopy
);
10542 SspiFreeAuthIdentity(
10543 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10547 SspiZeroAuthIdentity(
10548 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
10553 _In_opt_ PVOID DataBuffer
);
10557 SspiEncodeStringsAsAuthIdentity(
10558 _In_opt_ PCWSTR pszUserName
,
10559 _In_opt_ PCWSTR pszDomainName
,
10560 _In_opt_ PCWSTR pszPackedCredentialsString
,
10561 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppAuthIdentity
);
10565 SspiCompareAuthIdentities(
10566 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1
,
10567 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2
,
10568 _Out_opt_ PBOOLEAN SameSuppliedUser
,
10569 _Out_opt_ PBOOLEAN SameSuppliedIdentity
);
10573 SspiMarshalAuthIdentity(
10574 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity
,
10575 _Out_ PULONG AuthIdentityLength
,
10576 _Outptr_result_bytebuffer_(*AuthIdentityLength
) PCHAR
* AuthIdentityByteArray
);
10580 SspiUnmarshalAuthIdentity(
10581 _In_ PULONG AuthIdentityLength
,
10582 _In_reads_bytes_(AuthIdentityLength
) PCHAR AuthIdentityByteArray
,
10583 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppAuthIdentity
);
10587 SspiIsPromptingNeeded(
10588 _In_ PULONG ErrorOrNtStatus
);
10592 SspiGetTargetHostName(
10593 _In_ PCWSTR pszTargetName
,
10594 _Outptr_ PWSTR
* pszHostName
);
10598 SspiExcludePackage(
10599 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity
,
10600 _In_ PCWSTR pszPackageName
,
10601 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE
* ppNewAuthIdentity
);
10603 #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04
10604 #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08
10606 #endif /* NTDDI_VERSION >= NTDDI_WIN7 */
10608 #define FreeCredentialHandle FreeCredentialsHandle
10609 struct _SECURITY_FUNCTION_TABLE_W
10612 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW
;
10613 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW
;
10614 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW
;
10615 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle
;
10617 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW
;
10618 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext
;
10619 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken
;
10620 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext
;
10621 APPLY_CONTROL_TOKEN_FN ApplyControlToken
;
10622 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW
;
10623 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext
;
10624 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext
;
10625 MAKE_SIGNATURE_FN MakeSignature
;
10626 VERIFY_SIGNATURE_FN VerifySignature
;
10627 FREE_CONTEXT_BUFFER_FN FreeContextBuffer
;
10628 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW
;
10631 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext
;
10632 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW
;
10633 ADD_CREDENTIALS_FN_W AddCredentialsW
;
10635 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken
;
10636 ENCRYPT_MESSAGE_FN EncryptMessage
;
10637 DECRYPT_MESSAGE_FN DecryptMessage
;
10638 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10639 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW
;
10641 #if NTDDI_VERSION > NTDDI_WS03SP1
10642 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW
;
10645 CHANGE_PASSWORD_FN_W ChangeAccountPasswordW
;
10651 #endif /* !__SSPI_H__ */
10653 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
10654 #if defined(_WIN64)
10655 C_ASSERT(sizeof(ERESOURCE
) == 0x68);
10656 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x18);
10657 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x1a);
10659 C_ASSERT(sizeof(ERESOURCE
) == 0x38);
10660 C_ASSERT(FIELD_OFFSET(ERESOURCE
,ActiveCount
) == 0x0c);
10661 C_ASSERT(FIELD_OFFSET(ERESOURCE
,Flag
) == 0x0e);
10665 #if defined(_IA64_)
10666 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10667 //DECLSPEC_DEPRECATED_DDK
10671 HalGetDmaAlignmentRequirement(
10676 #if defined(_M_IX86) || defined(_M_AMD64)
10677 #define HalGetDmaAlignmentRequirement() 1L
10680 extern NTKERNELAPI PUSHORT NlsOemLeadByteInfo
;
10681 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
10683 #ifdef NLS_MB_CODE_PAGE_TAG
10684 #undef NLS_MB_CODE_PAGE_TAG
10686 #define NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag
10688 #if (NTDDI_VERSION >= NTDDI_VISTA)
10690 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER
{
10691 NetworkOpenLocationAny
,
10692 NetworkOpenLocationRemote
,
10693 NetworkOpenLocationLoopback
10694 } NETWORK_OPEN_LOCATION_QUALIFIER
;
10696 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER
{
10697 NetworkOpenIntegrityAny
,
10698 NetworkOpenIntegrityNone
,
10699 NetworkOpenIntegritySigned
,
10700 NetworkOpenIntegrityEncrypted
,
10701 NetworkOpenIntegrityMaximum
10702 } NETWORK_OPEN_INTEGRITY_QUALIFIER
;
10704 #if (NTDDI_VERSION >= NTDDI_WIN7)
10706 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
10707 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
10708 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
10710 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
10713 _ANONYMOUS_STRUCT
struct {
10715 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10716 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10720 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10721 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10725 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
10727 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0
{
10730 _ANONYMOUS_STRUCT
struct {
10732 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10733 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10736 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10737 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10740 } NETWORK_OPEN_ECP_CONTEXT_V0
, *PNETWORK_OPEN_ECP_CONTEXT_V0
;
10742 #elif (NTDDI_VERSION >= NTDDI_VISTA)
10743 typedef struct _NETWORK_OPEN_ECP_CONTEXT
{
10746 _ANONYMOUS_STRUCT
struct {
10748 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10749 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10752 NETWORK_OPEN_LOCATION_QUALIFIER Location
;
10753 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
;
10756 } NETWORK_OPEN_ECP_CONTEXT
, *PNETWORK_OPEN_ECP_CONTEXT
;
10759 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT
, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
10761 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
10764 #if (NTDDI_VERSION >= NTDDI_VISTA)
10766 typedef struct _PREFETCH_OPEN_ECP_CONTEXT
{
10768 } PREFETCH_OPEN_ECP_CONTEXT
, *PPREFETCH_OPEN_ECP_CONTEXT
;
10770 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN
, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
10772 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
10774 #if (NTDDI_VERSION >= NTDDI_WIN7)
10776 DEFINE_GUID (GUID_ECP_NFS_OPEN
, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
10777 DEFINE_GUID (GUID_ECP_SRV_OPEN
, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
10779 typedef struct sockaddr_storage
*PSOCKADDR_STORAGE_NFS
;
10781 typedef struct _NFS_OPEN_ECP_CONTEXT
{
10782 PUNICODE_STRING ExportAlias
;
10783 PSOCKADDR_STORAGE_NFS ClientSocketAddress
;
10784 } NFS_OPEN_ECP_CONTEXT
, *PNFS_OPEN_ECP_CONTEXT
, **PPNFS_OPEN_ECP_CONTEXT
;
10786 typedef struct _SRV_OPEN_ECP_CONTEXT
{
10787 PUNICODE_STRING ShareName
;
10788 PSOCKADDR_STORAGE_NFS SocketAddress
;
10789 BOOLEAN OplockBlockState
;
10790 BOOLEAN OplockAppState
;
10791 BOOLEAN OplockFinalState
;
10792 } SRV_OPEN_ECP_CONTEXT
, *PSRV_OPEN_ECP_CONTEXT
;
10794 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
10796 #define PIN_WAIT (1)
10797 #define PIN_EXCLUSIVE (2)
10798 #define PIN_NO_READ (4)
10799 #define PIN_IF_BCB (8)
10800 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
10801 #define PIN_HIGH_PRIORITY (64)
10804 #define MAP_NO_READ (16)
10805 #define MAP_HIGH_PRIORITY (64)
10807 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
10808 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
10810 typedef struct _QUERY_PATH_REQUEST
{
10811 ULONG PathNameLength
;
10812 PIO_SECURITY_CONTEXT SecurityContext
;
10813 WCHAR FilePathName
[1];
10814 } QUERY_PATH_REQUEST
, *PQUERY_PATH_REQUEST
;
10816 typedef struct _QUERY_PATH_REQUEST_EX
{
10817 PIO_SECURITY_CONTEXT pSecurityContext
;
10820 UNICODE_STRING PathName
;
10821 UNICODE_STRING DomainServiceName
;
10822 ULONG_PTR Reserved
[ 3 ];
10823 } QUERY_PATH_REQUEST_EX
, *PQUERY_PATH_REQUEST_EX
;
10825 typedef struct _QUERY_PATH_RESPONSE
{
10826 ULONG LengthAccepted
;
10827 } QUERY_PATH_RESPONSE
, *PQUERY_PATH_RESPONSE
;
10829 #define VOLSNAPCONTROLTYPE 0x00000053
10830 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
10832 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
10833 #pragma pack(push,4)
10835 #ifndef VER_PRODUCTBUILD
10836 #define VER_PRODUCTBUILD 10000
10841 #define FS_LFN_APIS 0x00004000
10843 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
10844 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
10845 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
10846 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
10847 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
10848 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
10849 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
10850 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
10851 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
10852 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
10853 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
10854 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
10855 #define FILE_STORAGE_TYPE_MASK 0x000f0000
10856 #define FILE_STORAGE_TYPE_SHIFT 16
10858 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
10861 #define HARDWARE_PTE HARDWARE_PTE_X86
10862 #define PHARDWARE_PTE PHARDWARE_PTE_X86
10865 #define IO_ATTACH_DEVICE_API 0x80000000
10867 #define IO_TYPE_APC 18
10868 #define IO_TYPE_DPC 19
10869 #define IO_TYPE_DEVICE_QUEUE 20
10870 #define IO_TYPE_EVENT_PAIR 21
10871 #define IO_TYPE_INTERRUPT 22
10872 #define IO_TYPE_PROFILE 23
10874 #define IRP_BEING_VERIFIED 0x10
10876 #define MAILSLOT_CLASS_FIRSTCLASS 1
10877 #define MAILSLOT_CLASS_SECONDCLASS 2
10879 #define MAILSLOT_SIZE_AUTO 0
10881 #define MEM_DOS_LIM 0x40000000
10883 #define OB_TYPE_TYPE 1
10884 #define OB_TYPE_DIRECTORY 2
10885 #define OB_TYPE_SYMBOLIC_LINK 3
10886 #define OB_TYPE_TOKEN 4
10887 #define OB_TYPE_PROCESS 5
10888 #define OB_TYPE_THREAD 6
10889 #define OB_TYPE_EVENT 7
10890 #define OB_TYPE_EVENT_PAIR 8
10891 #define OB_TYPE_MUTANT 9
10892 #define OB_TYPE_SEMAPHORE 10
10893 #define OB_TYPE_TIMER 11
10894 #define OB_TYPE_PROFILE 12
10895 #define OB_TYPE_WINDOW_STATION 13
10896 #define OB_TYPE_DESKTOP 14
10897 #define OB_TYPE_SECTION 15
10898 #define OB_TYPE_KEY 16
10899 #define OB_TYPE_PORT 17
10900 #define OB_TYPE_ADAPTER 18
10901 #define OB_TYPE_CONTROLLER 19
10902 #define OB_TYPE_DEVICE 20
10903 #define OB_TYPE_DRIVER 21
10904 #define OB_TYPE_IO_COMPLETION 22
10905 #define OB_TYPE_FILE 23
10907 #define SEC_BASED 0x00200000
10911 #define TOKEN_HAS_ADMIN_GROUP 0x08
10913 #if (VER_PRODUCTBUILD >= 1381)
10914 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
10915 #endif /* (VER_PRODUCTBUILD >= 1381) */
10917 #if (VER_PRODUCTBUILD >= 2195)
10919 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
10920 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
10922 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
10924 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
10925 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
10926 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
10927 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
10928 #endif /* (VER_PRODUCTBUILD >= 2195) */
10930 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
10931 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
10932 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
10933 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
10934 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
10935 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
10936 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
10937 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
10939 typedef enum _FILE_STORAGE_TYPE
{
10940 StorageTypeDefault
= 1,
10941 StorageTypeDirectory
,
10943 StorageTypeJunctionPoint
,
10944 StorageTypeCatalog
,
10945 StorageTypeStructuredStorage
,
10946 StorageTypeEmbedding
,
10948 } FILE_STORAGE_TYPE
;
10950 typedef struct _OBJECT_BASIC_INFORMATION
10953 ACCESS_MASK GrantedAccess
;
10955 ULONG PointerCount
;
10956 ULONG PagedPoolCharge
;
10957 ULONG NonPagedPoolCharge
;
10958 ULONG Reserved
[ 3 ];
10959 ULONG NameInfoSize
;
10960 ULONG TypeInfoSize
;
10961 ULONG SecurityDescriptorSize
;
10962 LARGE_INTEGER CreationTime
;
10963 } OBJECT_BASIC_INFORMATION
, *POBJECT_BASIC_INFORMATION
;
10965 typedef struct _BITMAP_RANGE
{
10968 ULONG FirstDirtyPage
;
10969 ULONG LastDirtyPage
;
10972 } BITMAP_RANGE
, *PBITMAP_RANGE
;
10974 typedef struct _FILE_COPY_ON_WRITE_INFORMATION
{
10975 BOOLEAN ReplaceIfExists
;
10976 HANDLE RootDirectory
;
10977 ULONG FileNameLength
;
10979 } FILE_COPY_ON_WRITE_INFORMATION
, *PFILE_COPY_ON_WRITE_INFORMATION
;
10981 typedef struct _FILE_FULL_DIRECTORY_INFORMATION
{
10982 ULONG NextEntryOffset
;
10984 LARGE_INTEGER CreationTime
;
10985 LARGE_INTEGER LastAccessTime
;
10986 LARGE_INTEGER LastWriteTime
;
10987 LARGE_INTEGER ChangeTime
;
10988 LARGE_INTEGER EndOfFile
;
10989 LARGE_INTEGER AllocationSize
;
10990 ULONG FileAttributes
;
10991 ULONG FileNameLength
;
10993 WCHAR FileName
[ANYSIZE_ARRAY
];
10994 } FILE_FULL_DIRECTORY_INFORMATION
, *PFILE_FULL_DIRECTORY_INFORMATION
;
10996 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
10997 typedef struct _FILE_SHARED_LOCK_ENTRY
{
11000 FILE_LOCK_INFO FileLock
;
11001 } FILE_SHARED_LOCK_ENTRY
, *PFILE_SHARED_LOCK_ENTRY
;
11003 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11004 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY
{
11005 LIST_ENTRY ListEntry
;
11008 FILE_LOCK_INFO FileLock
;
11009 } FILE_EXCLUSIVE_LOCK_ENTRY
, *PFILE_EXCLUSIVE_LOCK_ENTRY
;
11011 typedef struct _FILE_MAILSLOT_PEEK_BUFFER
{
11012 ULONG ReadDataAvailable
;
11013 ULONG NumberOfMessages
;
11014 ULONG MessageLength
;
11015 } FILE_MAILSLOT_PEEK_BUFFER
, *PFILE_MAILSLOT_PEEK_BUFFER
;
11017 typedef struct _FILE_OLE_CLASSID_INFORMATION
{
11019 } FILE_OLE_CLASSID_INFORMATION
, *PFILE_OLE_CLASSID_INFORMATION
;
11021 typedef struct _FILE_OLE_ALL_INFORMATION
{
11022 FILE_BASIC_INFORMATION BasicInformation
;
11023 FILE_STANDARD_INFORMATION StandardInformation
;
11024 FILE_INTERNAL_INFORMATION InternalInformation
;
11025 FILE_EA_INFORMATION EaInformation
;
11026 FILE_ACCESS_INFORMATION AccessInformation
;
11027 FILE_POSITION_INFORMATION PositionInformation
;
11028 FILE_MODE_INFORMATION ModeInformation
;
11029 FILE_ALIGNMENT_INFORMATION AlignmentInformation
;
11031 USN ReplicationUsn
;
11032 LARGE_INTEGER SecurityChangeTime
;
11033 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
11034 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
11035 FILE_STORAGE_TYPE StorageType
;
11036 ULONG OleStateBits
;
11038 ULONG NumberOfStreamReferences
;
11041 BOOLEAN ContentIndexDisable
;
11042 BOOLEAN InheritContentIndexDisable
;
11043 FILE_NAME_INFORMATION NameInformation
;
11044 } FILE_OLE_ALL_INFORMATION
, *PFILE_OLE_ALL_INFORMATION
;
11046 typedef struct _FILE_OLE_DIR_INFORMATION
{
11047 ULONG NextEntryOffset
;
11049 LARGE_INTEGER CreationTime
;
11050 LARGE_INTEGER LastAccessTime
;
11051 LARGE_INTEGER LastWriteTime
;
11052 LARGE_INTEGER ChangeTime
;
11053 LARGE_INTEGER EndOfFile
;
11054 LARGE_INTEGER AllocationSize
;
11055 ULONG FileAttributes
;
11056 ULONG FileNameLength
;
11057 FILE_STORAGE_TYPE StorageType
;
11059 ULONG OleStateBits
;
11060 BOOLEAN ContentIndexDisable
;
11061 BOOLEAN InheritContentIndexDisable
;
11063 } FILE_OLE_DIR_INFORMATION
, *PFILE_OLE_DIR_INFORMATION
;
11065 typedef struct _FILE_OLE_INFORMATION
{
11066 LARGE_INTEGER SecurityChangeTime
;
11067 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
;
11068 FILE_OBJECTID_INFORMATION ObjectIdInformation
;
11069 FILE_STORAGE_TYPE StorageType
;
11070 ULONG OleStateBits
;
11071 BOOLEAN ContentIndexDisable
;
11072 BOOLEAN InheritContentIndexDisable
;
11073 } FILE_OLE_INFORMATION
, *PFILE_OLE_INFORMATION
;
11075 typedef struct _FILE_OLE_STATE_BITS_INFORMATION
{
11077 ULONG StateBitsMask
;
11078 } FILE_OLE_STATE_BITS_INFORMATION
, *PFILE_OLE_STATE_BITS_INFORMATION
;
11080 typedef struct _MAPPING_PAIR
{
11083 } MAPPING_PAIR
, *PMAPPING_PAIR
;
11085 typedef struct _GET_RETRIEVAL_DESCRIPTOR
{
11086 ULONG NumberOfPairs
;
11087 ULONGLONG StartVcn
;
11088 MAPPING_PAIR Pair
[1];
11089 } GET_RETRIEVAL_DESCRIPTOR
, *PGET_RETRIEVAL_DESCRIPTOR
;
11091 typedef struct _MBCB
{
11092 CSHORT NodeTypeCode
;
11093 CSHORT NodeIsInZone
;
11094 ULONG PagesToWrite
;
11097 LIST_ENTRY BitmapRanges
;
11098 LONGLONG ResumeWritePage
;
11099 BITMAP_RANGE BitmapRange1
;
11100 BITMAP_RANGE BitmapRange2
;
11101 BITMAP_RANGE BitmapRange3
;
11104 typedef struct _MOVEFILE_DESCRIPTOR
{
11107 LARGE_INTEGER StartVcn
;
11108 LARGE_INTEGER TargetLcn
;
11111 } MOVEFILE_DESCRIPTOR
, *PMOVEFILE_DESCRIPTOR
;
11113 typedef struct _OBJECT_BASIC_INFO
{
11115 ACCESS_MASK GrantedAccess
;
11117 ULONG ReferenceCount
;
11118 ULONG PagedPoolUsage
;
11119 ULONG NonPagedPoolUsage
;
11121 ULONG NameInformationLength
;
11122 ULONG TypeInformationLength
;
11123 ULONG SecurityDescriptorLength
;
11124 LARGE_INTEGER CreateTime
;
11125 } OBJECT_BASIC_INFO
, *POBJECT_BASIC_INFO
;
11127 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO
{
11129 BOOLEAN ProtectFromClose
;
11130 } OBJECT_HANDLE_ATTRIBUTE_INFO
, *POBJECT_HANDLE_ATTRIBUTE_INFO
;
11132 typedef struct _OBJECT_NAME_INFO
{
11133 UNICODE_STRING ObjectName
;
11134 WCHAR ObjectNameBuffer
[1];
11135 } OBJECT_NAME_INFO
, *POBJECT_NAME_INFO
;
11137 typedef struct _OBJECT_PROTECTION_INFO
{
11139 BOOLEAN ProtectHandle
;
11140 } OBJECT_PROTECTION_INFO
, *POBJECT_PROTECTION_INFO
;
11142 typedef struct _OBJECT_TYPE_INFO
{
11143 UNICODE_STRING ObjectTypeName
;
11144 UCHAR Unknown
[0x58];
11145 WCHAR ObjectTypeNameBuffer
[1];
11146 } OBJECT_TYPE_INFO
, *POBJECT_TYPE_INFO
;
11148 typedef struct _OBJECT_ALL_TYPES_INFO
{
11149 ULONG NumberOfObjectTypes
;
11150 OBJECT_TYPE_INFO ObjectsTypeInfo
[1];
11151 } OBJECT_ALL_TYPES_INFO
, *POBJECT_ALL_TYPES_INFO
;
11153 #if defined(USE_LPC6432)
11154 #define LPC_CLIENT_ID CLIENT_ID64
11155 #define LPC_SIZE_T ULONGLONG
11156 #define LPC_PVOID ULONGLONG
11157 #define LPC_HANDLE ULONGLONG
11159 #define LPC_CLIENT_ID CLIENT_ID
11160 #define LPC_SIZE_T SIZE_T
11161 #define LPC_PVOID PVOID
11162 #define LPC_HANDLE HANDLE
11165 typedef struct _PORT_MESSAGE
11172 CSHORT TotalLength
;
11181 CSHORT DataInfoOffset
;
11185 __GNU_EXTENSION
union
11187 LPC_CLIENT_ID ClientId
;
11188 double DoNotUseThisField
;
11191 __GNU_EXTENSION
union
11193 LPC_SIZE_T ClientViewSize
;
11196 } PORT_MESSAGE
, *PPORT_MESSAGE
;
11198 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
11200 typedef struct _PORT_VIEW
11203 LPC_HANDLE SectionHandle
;
11204 ULONG SectionOffset
;
11205 LPC_SIZE_T ViewSize
;
11206 LPC_PVOID ViewBase
;
11207 LPC_PVOID ViewRemoteBase
;
11208 } PORT_VIEW
, *PPORT_VIEW
;
11210 typedef struct _REMOTE_PORT_VIEW
11213 LPC_SIZE_T ViewSize
;
11214 LPC_PVOID ViewBase
;
11215 } REMOTE_PORT_VIEW
, *PREMOTE_PORT_VIEW
;
11217 typedef struct _VAD_HEADER
{
11220 struct _VAD_HEADER
* ParentLink
;
11221 struct _VAD_HEADER
* LeftLink
;
11222 struct _VAD_HEADER
* RightLink
;
11223 ULONG Flags
; /* LSB = CommitCharge */
11225 PVOID FirstProtoPte
;
11228 LIST_ENTRY Secured
;
11229 } VAD_HEADER
, *PVAD_HEADER
;
11234 CcGetLsnForFileObject (
11235 IN PFILE_OBJECT FileObject
,
11236 OUT PLARGE_INTEGER OldestLsn OPTIONAL
11242 FsRtlAllocatePool (
11243 IN POOL_TYPE PoolType
,
11244 IN ULONG NumberOfBytes
11250 FsRtlAllocatePoolWithQuota (
11251 IN POOL_TYPE PoolType
,
11252 IN ULONG NumberOfBytes
11258 FsRtlAllocatePoolWithQuotaTag (
11259 IN POOL_TYPE PoolType
,
11260 IN ULONG NumberOfBytes
,
11267 FsRtlAllocatePoolWithTag (
11268 IN POOL_TYPE PoolType
,
11269 IN ULONG NumberOfBytes
,
11276 FsRtlMdlReadComplete (
11277 IN PFILE_OBJECT FileObject
,
11284 FsRtlMdlWriteComplete (
11285 IN PFILE_OBJECT FileObject
,
11286 IN PLARGE_INTEGER FileOffset
,
11293 FsRtlNotifyChangeDirectory (
11294 IN PNOTIFY_SYNC NotifySync
,
11295 IN PVOID FsContext
,
11296 IN PSTRING FullDirectoryName
,
11297 IN PLIST_ENTRY NotifyList
,
11298 IN BOOLEAN WatchTree
,
11299 IN ULONG CompletionFilter
,
11307 IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL
,
11308 IN POBJECT_TYPE ObjectType
,
11309 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
11310 IN KPROCESSOR_MODE AccessMode
,
11311 IN OUT PVOID ParseContext OPTIONAL
,
11312 IN ULONG ObjectSize
,
11313 IN ULONG PagedPoolCharge OPTIONAL
,
11314 IN ULONG NonPagedPoolCharge OPTIONAL
,
11321 ObGetObjectPointerCount (
11328 ObReferenceObjectByName (
11329 IN PUNICODE_STRING ObjectName
,
11330 IN ULONG Attributes
,
11331 IN PACCESS_STATE PassedAccessState OPTIONAL
,
11332 IN ACCESS_MASK DesiredAccess OPTIONAL
,
11333 IN POBJECT_TYPE ObjectType
,
11334 IN KPROCESSOR_MODE AccessMode
,
11335 IN OUT PVOID ParseContext OPTIONAL
,
11339 #define PsDereferenceImpersonationToken(T) \
11340 {if (ARGUMENT_PRESENT(T)) { \
11341 (ObDereferenceObject((T))); \
11350 PsLookupProcessThreadByCid (
11352 OUT PEPROCESS
*Process OPTIONAL
,
11353 OUT PETHREAD
*Thread
11359 RtlSetSaclSecurityDescriptor (
11360 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor
,
11361 IN BOOLEAN SaclPresent
,
11363 IN BOOLEAN SaclDefaulted
11366 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
11368 #if (VER_PRODUCTBUILD >= 2195)
11373 ZwAdjustPrivilegesToken (
11374 IN HANDLE TokenHandle
,
11375 IN BOOLEAN DisableAllPrivileges
,
11376 IN PTOKEN_PRIVILEGES NewState
,
11377 IN ULONG BufferLength
,
11378 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL
,
11379 OUT PULONG ReturnLength
11382 #endif /* (VER_PRODUCTBUILD >= 2195) */
11388 IN HANDLE ThreadHandle
11394 ZwAccessCheckAndAuditAlarm (
11395 IN PUNICODE_STRING SubsystemName
,
11397 IN PUNICODE_STRING ObjectTypeName
,
11398 IN PUNICODE_STRING ObjectName
,
11399 IN PSECURITY_DESCRIPTOR SecurityDescriptor
,
11400 IN ACCESS_MASK DesiredAccess
,
11401 IN PGENERIC_MAPPING GenericMapping
,
11402 IN BOOLEAN ObjectCreation
,
11403 OUT PACCESS_MASK GrantedAccess
,
11404 OUT PBOOLEAN AccessStatus
,
11405 OUT PBOOLEAN GenerateOnClose
11408 #if (VER_PRODUCTBUILD >= 2195)
11414 IN HANDLE FileHandle
,
11415 OUT PIO_STATUS_BLOCK IoStatusBlock
11418 #endif /* (VER_PRODUCTBUILD >= 2195) */
11424 IN HANDLE EventHandle
11430 ZwCloseObjectAuditAlarm (
11431 IN PUNICODE_STRING SubsystemName
,
11433 IN BOOLEAN GenerateOnClose
11439 ZwCreateSymbolicLinkObject (
11440 OUT PHANDLE SymbolicLinkHandle
,
11441 IN ACCESS_MASK DesiredAccess
,
11442 IN POBJECT_ATTRIBUTES ObjectAttributes
,
11443 IN PUNICODE_STRING TargetName
11449 ZwFlushInstructionCache (
11450 IN HANDLE ProcessHandle
,
11451 IN PVOID BaseAddress OPTIONAL
,
11458 ZwFlushBuffersFile(
11459 IN HANDLE FileHandle
,
11460 OUT PIO_STATUS_BLOCK IoStatusBlock
11463 #if (VER_PRODUCTBUILD >= 2195)
11468 ZwInitiatePowerAction (
11469 IN POWER_ACTION SystemAction
,
11470 IN SYSTEM_POWER_STATE MinSystemState
,
11472 IN BOOLEAN Asynchronous
11475 #endif /* (VER_PRODUCTBUILD >= 2195) */
11481 IN POBJECT_ATTRIBUTES KeyObjectAttributes
,
11482 IN POBJECT_ATTRIBUTES FileObjectAttributes
11488 ZwOpenProcessToken (
11489 IN HANDLE ProcessHandle
,
11490 IN ACCESS_MASK DesiredAccess
,
11491 OUT PHANDLE TokenHandle
11498 OUT PHANDLE ThreadHandle
,
11499 IN ACCESS_MASK DesiredAccess
,
11500 IN POBJECT_ATTRIBUTES ObjectAttributes
,
11501 IN PCLIENT_ID ClientId
11507 ZwOpenThreadToken (
11508 IN HANDLE ThreadHandle
,
11509 IN ACCESS_MASK DesiredAccess
,
11510 IN BOOLEAN OpenAsSelf
,
11511 OUT PHANDLE TokenHandle
11518 IN HANDLE EventHandle
,
11519 OUT PLONG PreviousState OPTIONAL
11525 ZwQueryDefaultLocale (
11526 IN BOOLEAN ThreadOrSystem
,
11530 #if (VER_PRODUCTBUILD >= 2195)
11535 ZwQueryDirectoryObject (
11536 IN HANDLE DirectoryHandle
,
11539 IN BOOLEAN ReturnSingleEntry
,
11540 IN BOOLEAN RestartScan
,
11541 IN OUT PULONG Context
,
11542 OUT PULONG ReturnLength OPTIONAL
11545 #endif /* (VER_PRODUCTBUILD >= 2195) */
11550 ZwQueryInformationProcess (
11551 IN HANDLE ProcessHandle
,
11552 IN PROCESSINFOCLASS ProcessInformationClass
,
11553 OUT PVOID ProcessInformation
,
11554 IN ULONG ProcessInformationLength
,
11555 OUT PULONG ReturnLength OPTIONAL
11562 IN POBJECT_ATTRIBUTES NewFileObjectAttributes
,
11563 IN HANDLE KeyHandle
,
11564 IN POBJECT_ATTRIBUTES OldFileObjectAttributes
11571 IN HANDLE EventHandle
,
11572 OUT PLONG PreviousState OPTIONAL
11575 #if (VER_PRODUCTBUILD >= 2195)
11581 IN HANDLE KeyHandle
,
11582 IN HANDLE FileHandle
,
11586 #endif /* (VER_PRODUCTBUILD >= 2195) */
11592 IN HANDLE KeyHandle
,
11593 IN HANDLE FileHandle
11599 ZwSetDefaultLocale (
11600 IN BOOLEAN ThreadOrSystem
,
11604 #if (VER_PRODUCTBUILD >= 2195)
11609 ZwSetDefaultUILanguage (
11610 IN LANGID LanguageId
11613 #endif /* (VER_PRODUCTBUILD >= 2195) */
11618 ZwSetInformationProcess (
11619 IN HANDLE ProcessHandle
,
11620 IN PROCESSINFOCLASS ProcessInformationClass
,
11621 IN PVOID ProcessInformation
,
11622 IN ULONG ProcessInformationLength
11629 IN PLARGE_INTEGER NewTime
,
11630 OUT PLARGE_INTEGER OldTime OPTIONAL
11637 IN POBJECT_ATTRIBUTES KeyObjectAttributes
11643 ZwWaitForMultipleObjects (
11644 IN ULONG HandleCount
,
11645 IN PHANDLE Handles
,
11646 IN WAIT_TYPE WaitType
,
11647 IN BOOLEAN Alertable
,
11648 IN PLARGE_INTEGER Timeout OPTIONAL