projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[INCLUDE]
[reactos.git] / reactos / include / ddk / ntifs.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 /* Dependencies */
34 #include <ntddk.h>
35 #include <excpt.h>
36 #include <ntdef.h>
37 #include <ntnls.h>
38 #include <ntstatus.h>
39 #include <bugcodes.h>
40 #include <ntiologc.h>
41
42
43 #ifndef FlagOn
44 #define FlagOn(_F,_SF) ((_F) & (_SF))
45 #endif
46
47 #ifndef BooleanFlagOn
48 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
49 #endif
50
51 #ifndef SetFlag
52 #define SetFlag(_F,_SF) ((_F) |= (_SF))
53 #endif
54
55 #ifndef ClearFlag
56 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
57 #endif
58
59 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
60 typedef STRING LSA_STRING, *PLSA_STRING;
61 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
62
63 /******************************************************************************
64 * Security Manager Types *
65 ******************************************************************************/
66 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
67 #define SID_IDENTIFIER_AUTHORITY_DEFINED
68 typedef struct _SID_IDENTIFIER_AUTHORITY {
69 UCHAR Value[6];
70 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
71 #endif
72
73 #ifndef SID_DEFINED
74 #define SID_DEFINED
75 typedef struct _SID {
76 UCHAR Revision;
77 UCHAR SubAuthorityCount;
78 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
79 #ifdef MIDL_PASS
80 [size_is(SubAuthorityCount)] ULONG SubAuthority[*];
81 #else
82 ULONG SubAuthority[ANYSIZE_ARRAY];
83 #endif
84 } SID, *PISID;
85 #endif
86
87 #define SID_REVISION 1
88 #define SID_MAX_SUB_AUTHORITIES 15
89 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
90
91 #ifndef MIDL_PASS
92 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
93 #endif
94
95 typedef enum _SID_NAME_USE {
96 SidTypeUser = 1,
97 SidTypeGroup,
98 SidTypeDomain,
99 SidTypeAlias,
100 SidTypeWellKnownGroup,
101 SidTypeDeletedAccount,
102 SidTypeInvalid,
103 SidTypeUnknown,
104 SidTypeComputer,
105 SidTypeLabel
106 } SID_NAME_USE, *PSID_NAME_USE;
107
108 typedef struct _SID_AND_ATTRIBUTES {
109 #ifdef MIDL_PASS
110 PISID Sid;
111 #else
112 PSID Sid;
113 #endif
114 ULONG Attributes;
115 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
116 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
117 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
118
119 #define SID_HASH_SIZE 32
120 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
121
122 typedef struct _SID_AND_ATTRIBUTES_HASH {
123 ULONG SidCount;
124 PSID_AND_ATTRIBUTES SidAttr;
125 SID_HASH_ENTRY Hash[SID_HASH_SIZE];
126 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
127
128 /* Universal well-known SIDs */
129
130 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
131 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
132 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
133 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
134 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
135 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
136
137 #define SECURITY_NULL_RID (0x00000000L)
138 #define SECURITY_WORLD_RID (0x00000000L)
139 #define SECURITY_LOCAL_RID (0x00000000L)
140 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
141
142 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
143 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
144 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
145 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
146 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
147
148 /* NT well-known SIDs */
149
150 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
151
152 #define SECURITY_DIALUP_RID (0x00000001L)
153 #define SECURITY_NETWORK_RID (0x00000002L)
154 #define SECURITY_BATCH_RID (0x00000003L)
155 #define SECURITY_INTERACTIVE_RID (0x00000004L)
156 #define SECURITY_LOGON_IDS_RID (0x00000005L)
157 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
158 #define SECURITY_SERVICE_RID (0x00000006L)
159 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
160 #define SECURITY_PROXY_RID (0x00000008L)
161 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
162 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
163 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
164 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
165 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
166 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
167 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
168 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
169 #define SECURITY_IUSER_RID (0x00000011L)
170 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
171 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
172 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
173 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
174 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
175 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
176
177 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
178 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
179
180
181 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
182 #define SECURITY_PACKAGE_RID_COUNT (2L)
183 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
184 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
185 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
186
187 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
188 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
189 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
190
191 #define SECURITY_MIN_BASE_RID (0x00000050L)
192 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
193 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
194 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
195 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
196 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
197 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
198 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
199 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
200 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
201 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
202 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
203 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
204 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
205 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
206 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
207 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
208 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
209
210 #define SECURITY_MAX_BASE_RID (0x0000006FL)
211
212 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
213 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
214
215 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
216
217 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
218
219 /* Well-known domain relative sub-authority values (RIDs) */
220
221 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
222
223 #define FOREST_USER_RID_MAX (0x000001F3L)
224
225 /* Well-known users */
226
227 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
228 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
229 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
230
231 #define DOMAIN_USER_RID_MAX (0x000003E7L)
232
233 /* Well-known groups */
234
235 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
236 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
237 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
238 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
239 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
240 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
241 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
242 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
243 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
244 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
245
246 /* Well-known aliases */
247
248 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
249 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
250 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
251 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
252
253 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
254 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
255 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
256 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
257
258 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
259 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
260 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
261 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
262 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
263 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
264
265 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
266 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
267 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
268 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
269 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
270 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
271 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
272 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
273 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
274 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
275 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
276
277 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
278 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
279 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
280 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
281 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
282 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
283 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
284
285 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
286 can be set by a usermode caller.*/
287
288 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
289
290 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
291
292 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
293 Use #999 here (0x3e7 = 999) */
294
295 #define SYSTEM_LUID {0x3e7, 0x0}
296 #define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
297 #define LOCALSERVICE_LUID {0x3e5, 0x0}
298 #define NETWORKSERVICE_LUID {0x3e4, 0x0}
299 #define IUSER_LUID {0x3e3, 0x0}
300
301 typedef struct _ACE_HEADER {
302 UCHAR AceType;
303 UCHAR AceFlags;
304 USHORT AceSize;
305 } ACE_HEADER, *PACE_HEADER;
306
307 /* also in winnt.h */
308 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
309 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
310 #define ACCESS_DENIED_ACE_TYPE (0x1)
311 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
312 #define SYSTEM_ALARM_ACE_TYPE (0x3)
313 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
314 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
315 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
316 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
317 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
318 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
319 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
320 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
321 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
322 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
323 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
324 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
325 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
326 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
327 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
328 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
329 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
330 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
331 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
332 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
333 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
334
335 /* The following are the inherit flags that go into the AceFlags field
336 of an Ace header. */
337
338 #define OBJECT_INHERIT_ACE (0x1)
339 #define CONTAINER_INHERIT_ACE (0x2)
340 #define NO_PROPAGATE_INHERIT_ACE (0x4)
341 #define INHERIT_ONLY_ACE (0x8)
342 #define INHERITED_ACE (0x10)
343 #define VALID_INHERIT_FLAGS (0x1F)
344
345 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
346 #define FAILED_ACCESS_ACE_FLAG (0x80)
347
348 typedef struct _ACCESS_ALLOWED_ACE {
349 ACE_HEADER Header;
350 ACCESS_MASK Mask;
351 ULONG SidStart;
352 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
353
354 typedef struct _ACCESS_DENIED_ACE {
355 ACE_HEADER Header;
356 ACCESS_MASK Mask;
357 ULONG SidStart;
358 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
359
360 typedef struct _SYSTEM_AUDIT_ACE {
361 ACE_HEADER Header;
362 ACCESS_MASK Mask;
363 ULONG SidStart;
364 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
365
366 typedef struct _SYSTEM_ALARM_ACE {
367 ACE_HEADER Header;
368 ACCESS_MASK Mask;
369 ULONG SidStart;
370 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
371
372 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
373 ACE_HEADER Header;
374 ACCESS_MASK Mask;
375 ULONG SidStart;
376 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
377
378 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
379 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
380 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
381 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
382 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
383 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
384
385 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
386
387 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
388
389 #define SE_OWNER_DEFAULTED 0x0001
390 #define SE_GROUP_DEFAULTED 0x0002
391 #define SE_DACL_PRESENT 0x0004
392 #define SE_DACL_DEFAULTED 0x0008
393 #define SE_SACL_PRESENT 0x0010
394 #define SE_SACL_DEFAULTED 0x0020
395 #define SE_DACL_UNTRUSTED 0x0040
396 #define SE_SERVER_SECURITY 0x0080
397 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
398 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
399 #define SE_DACL_AUTO_INHERITED 0x0400
400 #define SE_SACL_AUTO_INHERITED 0x0800
401 #define SE_DACL_PROTECTED 0x1000
402 #define SE_SACL_PROTECTED 0x2000
403 #define SE_RM_CONTROL_VALID 0x4000
404 #define SE_SELF_RELATIVE 0x8000
405
406 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
407 UCHAR Revision;
408 UCHAR Sbz1;
409 SECURITY_DESCRIPTOR_CONTROL Control;
410 ULONG Owner;
411 ULONG Group;
412 ULONG Sacl;
413 ULONG Dacl;
414 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
415
416 typedef struct _SECURITY_DESCRIPTOR {
417 UCHAR Revision;
418 UCHAR Sbz1;
419 SECURITY_DESCRIPTOR_CONTROL Control;
420 PSID Owner;
421 PSID Group;
422 PACL Sacl;
423 PACL Dacl;
424 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
425
426 typedef struct _OBJECT_TYPE_LIST {
427 USHORT Level;
428 USHORT Sbz;
429 GUID *ObjectType;
430 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
431
432 #define ACCESS_OBJECT_GUID 0
433 #define ACCESS_PROPERTY_SET_GUID 1
434 #define ACCESS_PROPERTY_GUID 2
435 #define ACCESS_MAX_LEVEL 4
436
437 typedef enum _AUDIT_EVENT_TYPE {
438 AuditEventObjectAccess,
439 AuditEventDirectoryServiceAccess
440 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
441
442 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
443
444 #define ACCESS_DS_SOURCE_A "DS"
445 #define ACCESS_DS_SOURCE_W L"DS"
446 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
447 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
448
449 #define ACCESS_REASON_TYPE_MASK 0xffff0000
450 #define ACCESS_REASON_DATA_MASK 0x0000ffff
451
452 typedef enum _ACCESS_REASON_TYPE {
453 AccessReasonNone = 0x00000000,
454 AccessReasonAllowedAce = 0x00010000,
455 AccessReasonDeniedAce = 0x00020000,
456 AccessReasonAllowedParentAce = 0x00030000,
457 AccessReasonDeniedParentAce = 0x00040000,
458 AccessReasonMissingPrivilege = 0x00100000,
459 AccessReasonFromPrivilege = 0x00200000,
460 AccessReasonIntegrityLevel = 0x00300000,
461 AccessReasonOwnership = 0x00400000,
462 AccessReasonNullDacl = 0x00500000,
463 AccessReasonEmptyDacl = 0x00600000,
464 AccessReasonNoSD = 0x00700000,
465 AccessReasonNoGrant = 0x00800000
466 } ACCESS_REASON_TYPE;
467
468 typedef ULONG ACCESS_REASON;
469
470 typedef struct _ACCESS_REASONS {
471 ACCESS_REASON Data[32];
472 } ACCESS_REASONS, *PACCESS_REASONS;
473
474 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
475 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
476 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
477
478 typedef struct _SE_SECURITY_DESCRIPTOR {
479 ULONG Size;
480 ULONG Flags;
481 PSECURITY_DESCRIPTOR SecurityDescriptor;
482 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
483
484 typedef struct _SE_ACCESS_REQUEST {
485 ULONG Size;
486 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
487 ACCESS_MASK DesiredAccess;
488 ACCESS_MASK PreviouslyGrantedAccess;
489 PSID PrincipalSelfSid;
490 PGENERIC_MAPPING GenericMapping;
491 ULONG ObjectTypeListCount;
492 POBJECT_TYPE_LIST ObjectTypeList;
493 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
494
495 typedef struct _SE_ACCESS_REPLY {
496 ULONG Size;
497 ULONG ResultListCount;
498 PACCESS_MASK GrantedAccess;
499 PNTSTATUS AccessStatus;
500 PACCESS_REASONS AccessReason;
501 PPRIVILEGE_SET* Privileges;
502 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
503
504 typedef enum _SE_AUDIT_OPERATION {
505 AuditPrivilegeObject,
506 AuditPrivilegeService,
507 AuditAccessCheck,
508 AuditOpenObject,
509 AuditOpenObjectWithTransaction,
510 AuditCloseObject,
511 AuditDeleteObject,
512 AuditOpenObjectForDelete,
513 AuditOpenObjectForDeleteWithTransaction,
514 AuditCloseNonObject,
515 AuditOpenNonObject,
516 AuditObjectReference,
517 AuditHandleCreation,
518 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
519
520 typedef struct _SE_AUDIT_INFO {
521 ULONG Size;
522 AUDIT_EVENT_TYPE AuditType;
523 SE_AUDIT_OPERATION AuditOperation;
524 ULONG AuditFlags;
525 UNICODE_STRING SubsystemName;
526 UNICODE_STRING ObjectTypeName;
527 UNICODE_STRING ObjectName;
528 PVOID HandleId;
529 GUID* TransactionId;
530 LUID* OperationId;
531 BOOLEAN ObjectCreation;
532 BOOLEAN GenerateOnClose;
533 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
534
535 #define TOKEN_ASSIGN_PRIMARY (0x0001)
536 #define TOKEN_DUPLICATE (0x0002)
537 #define TOKEN_IMPERSONATE (0x0004)
538 #define TOKEN_QUERY (0x0008)
539 #define TOKEN_QUERY_SOURCE (0x0010)
540 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
541 #define TOKEN_ADJUST_GROUPS (0x0040)
542 #define TOKEN_ADJUST_DEFAULT (0x0080)
543 #define TOKEN_ADJUST_SESSIONID (0x0100)
544
545 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
546 TOKEN_ASSIGN_PRIMARY |\
547 TOKEN_DUPLICATE |\
548 TOKEN_IMPERSONATE |\
549 TOKEN_QUERY |\
550 TOKEN_QUERY_SOURCE |\
551 TOKEN_ADJUST_PRIVILEGES |\
552 TOKEN_ADJUST_GROUPS |\
553 TOKEN_ADJUST_DEFAULT )
554
555 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
556 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
557 TOKEN_ADJUST_SESSIONID )
558 #else
559 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
560 #endif
561
562 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
563 TOKEN_QUERY)
564
565 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
566 TOKEN_ADJUST_PRIVILEGES |\
567 TOKEN_ADJUST_GROUPS |\
568 TOKEN_ADJUST_DEFAULT)
569
570 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
571
572 typedef enum _TOKEN_TYPE {
573 TokenPrimary = 1,
574 TokenImpersonation
575 } TOKEN_TYPE,*PTOKEN_TYPE;
576
577 typedef enum _TOKEN_INFORMATION_CLASS {
578 TokenUser = 1,
579 TokenGroups,
580 TokenPrivileges,
581 TokenOwner,
582 TokenPrimaryGroup,
583 TokenDefaultDacl,
584 TokenSource,
585 TokenType,
586 TokenImpersonationLevel,
587 TokenStatistics,
588 TokenRestrictedSids,
589 TokenSessionId,
590 TokenGroupsAndPrivileges,
591 TokenSessionReference,
592 TokenSandBoxInert,
593 TokenAuditPolicy,
594 TokenOrigin,
595 TokenElevationType,
596 TokenLinkedToken,
597 TokenElevation,
598 TokenHasRestrictions,
599 TokenAccessInformation,
600 TokenVirtualizationAllowed,
601 TokenVirtualizationEnabled,
602 TokenIntegrityLevel,
603 TokenUIAccess,
604 TokenMandatoryPolicy,
605 TokenLogonSid,
606 MaxTokenInfoClass
607 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
608
609 typedef struct _TOKEN_USER {
610 SID_AND_ATTRIBUTES User;
611 } TOKEN_USER, *PTOKEN_USER;
612
613 typedef struct _TOKEN_GROUPS {
614 ULONG GroupCount;
615 #ifdef MIDL_PASS
616 [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
617 #else
618 SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
619 #endif
620 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
621
622 typedef struct _TOKEN_PRIVILEGES {
623 ULONG PrivilegeCount;
624 LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
625 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
626
627 typedef struct _TOKEN_OWNER {
628 PSID Owner;
629 } TOKEN_OWNER,*PTOKEN_OWNER;
630
631 typedef struct _TOKEN_PRIMARY_GROUP {
632 PSID PrimaryGroup;
633 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
634
635 typedef struct _TOKEN_DEFAULT_DACL {
636 PACL DefaultDacl;
637 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
638
639 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
640 ULONG SidCount;
641 ULONG SidLength;
642 PSID_AND_ATTRIBUTES Sids;
643 ULONG RestrictedSidCount;
644 ULONG RestrictedSidLength;
645 PSID_AND_ATTRIBUTES RestrictedSids;
646 ULONG PrivilegeCount;
647 ULONG PrivilegeLength;
648 PLUID_AND_ATTRIBUTES Privileges;
649 LUID AuthenticationId;
650 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
651
652 typedef struct _TOKEN_LINKED_TOKEN {
653 HANDLE LinkedToken;
654 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
655
656 typedef struct _TOKEN_ELEVATION {
657 ULONG TokenIsElevated;
658 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
659
660 typedef struct _TOKEN_MANDATORY_LABEL {
661 SID_AND_ATTRIBUTES Label;
662 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
663
664 #define TOKEN_MANDATORY_POLICY_OFF 0x0
665 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
666 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
667
668 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
669 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
670
671 typedef struct _TOKEN_MANDATORY_POLICY {
672 ULONG Policy;
673 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
674
675 typedef struct _TOKEN_ACCESS_INFORMATION {
676 PSID_AND_ATTRIBUTES_HASH SidHash;
677 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
678 PTOKEN_PRIVILEGES Privileges;
679 LUID AuthenticationId;
680 TOKEN_TYPE TokenType;
681 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
682 TOKEN_MANDATORY_POLICY MandatoryPolicy;
683 ULONG Flags;
684 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
685
686 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
687
688 typedef struct _TOKEN_AUDIT_POLICY {
689 UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
690 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
691
692 #define TOKEN_SOURCE_LENGTH 8
693
694 typedef struct _TOKEN_SOURCE {
695 CHAR SourceName[TOKEN_SOURCE_LENGTH];
696 LUID SourceIdentifier;
697 } TOKEN_SOURCE,*PTOKEN_SOURCE;
698
699 typedef struct _TOKEN_STATISTICS {
700 LUID TokenId;
701 LUID AuthenticationId;
702 LARGE_INTEGER ExpirationTime;
703 TOKEN_TYPE TokenType;
704 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
705 ULONG DynamicCharged;
706 ULONG DynamicAvailable;
707 ULONG GroupCount;
708 ULONG PrivilegeCount;
709 LUID ModifiedId;
710 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
711
712 typedef struct _TOKEN_CONTROL {
713 LUID TokenId;
714 LUID AuthenticationId;
715 LUID ModifiedId;
716 TOKEN_SOURCE TokenSource;
717 } TOKEN_CONTROL,*PTOKEN_CONTROL;
718
719 typedef struct _TOKEN_ORIGIN {
720 LUID OriginatingLogonSession;
721 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
722
723 typedef enum _MANDATORY_LEVEL {
724 MandatoryLevelUntrusted = 0,
725 MandatoryLevelLow,
726 MandatoryLevelMedium,
727 MandatoryLevelHigh,
728 MandatoryLevelSystem,
729 MandatoryLevelSecureProcess,
730 MandatoryLevelCount
731 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
732
733 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
734 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
735 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
736 #define TOKEN_WRITE_RESTRICTED 0x0008
737 #define TOKEN_IS_RESTRICTED 0x0010
738 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
739 #define TOKEN_SANDBOX_INERT 0x0040
740 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
741 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
742 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
743 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
744 #define TOKEN_IS_FILTERED 0x0800
745 #define TOKEN_UIACCESS 0x1000
746 #define TOKEN_NOT_LOW 0x2000
747
748 typedef struct _SE_EXPORTS {
749 LUID SeCreateTokenPrivilege;
750 LUID SeAssignPrimaryTokenPrivilege;
751 LUID SeLockMemoryPrivilege;
752 LUID SeIncreaseQuotaPrivilege;
753 LUID SeUnsolicitedInputPrivilege;
754 LUID SeTcbPrivilege;
755 LUID SeSecurityPrivilege;
756 LUID SeTakeOwnershipPrivilege;
757 LUID SeLoadDriverPrivilege;
758 LUID SeCreatePagefilePrivilege;
759 LUID SeIncreaseBasePriorityPrivilege;
760 LUID SeSystemProfilePrivilege;
761 LUID SeSystemtimePrivilege;
762 LUID SeProfileSingleProcessPrivilege;
763 LUID SeCreatePermanentPrivilege;
764 LUID SeBackupPrivilege;
765 LUID SeRestorePrivilege;
766 LUID SeShutdownPrivilege;
767 LUID SeDebugPrivilege;
768 LUID SeAuditPrivilege;
769 LUID SeSystemEnvironmentPrivilege;
770 LUID SeChangeNotifyPrivilege;
771 LUID SeRemoteShutdownPrivilege;
772 PSID SeNullSid;
773 PSID SeWorldSid;
774 PSID SeLocalSid;
775 PSID SeCreatorOwnerSid;
776 PSID SeCreatorGroupSid;
777 PSID SeNtAuthoritySid;
778 PSID SeDialupSid;
779 PSID SeNetworkSid;
780 PSID SeBatchSid;
781 PSID SeInteractiveSid;
782 PSID SeLocalSystemSid;
783 PSID SeAliasAdminsSid;
784 PSID SeAliasUsersSid;
785 PSID SeAliasGuestsSid;
786 PSID SeAliasPowerUsersSid;
787 PSID SeAliasAccountOpsSid;
788 PSID SeAliasSystemOpsSid;
789 PSID SeAliasPrintOpsSid;
790 PSID SeAliasBackupOpsSid;
791 PSID SeAuthenticatedUsersSid;
792 PSID SeRestrictedSid;
793 PSID SeAnonymousLogonSid;
794 LUID SeUndockPrivilege;
795 LUID SeSyncAgentPrivilege;
796 LUID SeEnableDelegationPrivilege;
797 PSID SeLocalServiceSid;
798 PSID SeNetworkServiceSid;
799 LUID SeManageVolumePrivilege;
800 LUID SeImpersonatePrivilege;
801 LUID SeCreateGlobalPrivilege;
802 LUID SeTrustedCredManAccessPrivilege;
803 LUID SeRelabelPrivilege;
804 LUID SeIncreaseWorkingSetPrivilege;
805 LUID SeTimeZonePrivilege;
806 LUID SeCreateSymbolicLinkPrivilege;
807 PSID SeIUserSid;
808 PSID SeUntrustedMandatorySid;
809 PSID SeLowMandatorySid;
810 PSID SeMediumMandatorySid;
811 PSID SeHighMandatorySid;
812 PSID SeSystemMandatorySid;
813 PSID SeOwnerRightsSid;
814 } SE_EXPORTS, *PSE_EXPORTS;
815
816 typedef NTSTATUS
817 (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
818 IN PLUID LogonId);
819
820 typedef struct _SECURITY_CLIENT_CONTEXT {
821 SECURITY_QUALITY_OF_SERVICE SecurityQos;
822 PACCESS_TOKEN ClientToken;
823 BOOLEAN DirectlyAccessClientToken;
824 BOOLEAN DirectAccessEffectiveOnly;
825 BOOLEAN ServerIsRemote;
826 TOKEN_CONTROL ClientTokenControl;
827 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
828
829 /******************************************************************************
830 * Object Manager Types *
831 ******************************************************************************/
832
833 typedef enum _OBJECT_INFORMATION_CLASS {
834 ObjectBasicInformation = 0,
835 ObjectTypeInformation = 2,
836 /* Not for public use */
837 ObjectNameInformation = 1,
838 ObjectTypesInformation = 3,
839 ObjectHandleFlagInformation = 4,
840 ObjectSessionInformation = 5,
841 MaxObjectInfoClass
842 } OBJECT_INFORMATION_CLASS;
843
844
845 /******************************************************************************
846 * Runtime Library Types *
847 ******************************************************************************/
848
849
850 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
851
852 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE)
853 _IRQL_requires_max_(PASSIVE_LEVEL)
854 __drv_allocatesMem(Mem)
855 typedef PVOID
856 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
857 _In_ SIZE_T NumberOfBytes);
858
859 #if _WIN32_WINNT >= 0x0600
860 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE)
861 _IRQL_requires_max_(PASSIVE_LEVEL)
862 __drv_allocatesMem(Mem)
863 typedef PVOID
864 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
865 _In_ SIZE_T NumberOfBytes,
866 IN PVOID Buffer);
867 #endif
868
869 typedef VOID
870 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
871 _In_ __drv_freesMem(Mem) _Post_invalid_ PVOID Buffer);
872
873 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
874 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
875
876 #if _WIN32_WINNT >= 0x0600
877 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
878 #endif
879
880 _Function_class_(RTL_HEAP_COMMIT_ROUTINE)
881 _IRQL_requires_same_
882 typedef NTSTATUS
883 (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (
884 _In_ PVOID Base,
885 _Inout_ PVOID *CommitAddress,
886 _Inout_ PSIZE_T CommitSize);
887
888 typedef struct _RTL_HEAP_PARAMETERS {
889 ULONG Length;
890 SIZE_T SegmentReserve;
891 SIZE_T SegmentCommit;
892 SIZE_T DeCommitFreeBlockThreshold;
893 SIZE_T DeCommitTotalFreeThreshold;
894 SIZE_T MaximumAllocationSize;
895 SIZE_T VirtualMemoryThreshold;
896 SIZE_T InitialCommit;
897 SIZE_T InitialReserve;
898 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
899 SIZE_T Reserved[2];
900 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
901
902 #if (NTDDI_VERSION >= NTDDI_WIN2K)
903
904 typedef struct _GENERATE_NAME_CONTEXT {
905 USHORT Checksum;
906 BOOLEAN CheckSumInserted;
907 _Field_range_(<=, 8) UCHAR NameLength;
908 WCHAR NameBuffer[8];
909 _Field_range_(<=, 4) ULONG ExtensionLength;
910 WCHAR ExtensionBuffer[4];
911 ULONG LastIndexValue;
912 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
913
914 typedef struct _PREFIX_TABLE_ENTRY {
915 CSHORT NodeTypeCode;
916 CSHORT NameLength;
917 struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
918 RTL_SPLAY_LINKS Links;
919 PSTRING Prefix;
920 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
921
922 typedef struct _PREFIX_TABLE {
923 CSHORT NodeTypeCode;
924 CSHORT NameLength;
925 PPREFIX_TABLE_ENTRY NextPrefixTree;
926 } PREFIX_TABLE, *PPREFIX_TABLE;
927
928 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
929 CSHORT NodeTypeCode;
930 CSHORT NameLength;
931 struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
932 struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
933 RTL_SPLAY_LINKS Links;
934 PUNICODE_STRING Prefix;
935 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
936
937 typedef struct _UNICODE_PREFIX_TABLE {
938 CSHORT NodeTypeCode;
939 CSHORT NameLength;
940 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
941 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
942 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
943
944 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
945
946 #if (NTDDI_VERSION >= NTDDI_WINXP)
947 typedef struct _COMPRESSED_DATA_INFO {
948 USHORT CompressionFormatAndEngine;
949 UCHAR CompressionUnitShift;
950 UCHAR ChunkShift;
951 UCHAR ClusterShift;
952 UCHAR Reserved;
953 USHORT NumberOfChunks;
954 ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
955 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
956 #endif
957 /******************************************************************************
958 * Runtime Library Functions *
959 ******************************************************************************/
960
961
962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
963
964
965 _Must_inspect_result_
966 _Ret_maybenull_
967 _Post_writable_byte_size_(Size)
968 NTSYSAPI
969 PVOID
970 NTAPI
971 RtlAllocateHeap(
972 _In_ HANDLE HeapHandle,
973 _In_opt_ ULONG Flags,
974 _In_ SIZE_T Size);
975
976 _Success_(return != 0)
977 NTSYSAPI
978 BOOLEAN
979 NTAPI
980 RtlFreeHeap(
981 _In_ PVOID HeapHandle,
982 _In_opt_ ULONG Flags,
983 _In_ _Post_invalid_ PVOID BaseAddress);
984
985 NTSYSAPI
986 VOID
987 NTAPI
988 RtlCaptureContext(
989 _Out_ PCONTEXT ContextRecord);
990
991 _Ret_range_(<, MAXLONG)
992 NTSYSAPI
993 ULONG
994 NTAPI
995 RtlRandom(
996 _Inout_ PULONG Seed);
997
998 _IRQL_requires_max_(APC_LEVEL)
999 _Success_(return != 0)
1000 _Must_inspect_result_
1001 NTSYSAPI
1002 BOOLEAN
1003 NTAPI
1004 RtlCreateUnicodeString(
1005 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem))
1006 PUNICODE_STRING DestinationString,
1007 _In_z_ PCWSTR SourceString);
1008
1009 _IRQL_requires_max_(APC_LEVEL)
1010 NTSYSAPI
1011 NTSTATUS
1012 NTAPI
1013 RtlAppendStringToString(
1014 _Inout_ PSTRING Destination,
1015 _In_ const STRING *Source);
1016
1017 _IRQL_requires_max_(PASSIVE_LEVEL)
1018 _Must_inspect_result_
1019 NTSYSAPI
1020 NTSTATUS
1021 NTAPI
1022 RtlOemStringToUnicodeString(
1023 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1024 _When_(!AllocateDestinationString, _Inout_)
1025 PUNICODE_STRING DestinationString,
1026 _In_ PCOEM_STRING SourceString,
1027 _In_ BOOLEAN AllocateDestinationString);
1028
1029 _IRQL_requires_max_(PASSIVE_LEVEL)
1030 _Must_inspect_result_
1031 NTSYSAPI
1032 NTSTATUS
1033 NTAPI
1034 RtlUnicodeStringToOemString(
1035 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1036 _When_(!AllocateDestinationString, _Inout_)
1037 POEM_STRING DestinationString,
1038 _In_ PCUNICODE_STRING SourceString,
1039 _In_ BOOLEAN AllocateDestinationString);
1040
1041 _IRQL_requires_max_(PASSIVE_LEVEL)
1042 _Must_inspect_result_
1043 NTSYSAPI
1044 NTSTATUS
1045 NTAPI
1046 RtlUpcaseUnicodeStringToOemString(
1047 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1048 _When_(!AllocateDestinationString, _Inout_)
1049 POEM_STRING DestinationString,
1050 _In_ PCUNICODE_STRING SourceString,
1051 _In_ BOOLEAN AllocateDestinationString);
1052
1053 _IRQL_requires_max_(PASSIVE_LEVEL)
1054 _Must_inspect_result_
1055 NTSYSAPI
1056 NTSTATUS
1057 NTAPI
1058 RtlOemStringToCountedUnicodeString(
1059 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1060 _When_(!AllocateDestinationString, _Inout_)
1061 PUNICODE_STRING DestinationString,
1062 _In_ PCOEM_STRING SourceString,
1063 _In_ BOOLEAN AllocateDestinationString);
1064
1065 _IRQL_requires_max_(PASSIVE_LEVEL)
1066 _Must_inspect_result_
1067 NTSYSAPI
1068 NTSTATUS
1069 NTAPI
1070 RtlUnicodeStringToCountedOemString(
1071 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1072 _When_(!AllocateDestinationString, _Inout_)
1073 POEM_STRING DestinationString,
1074 _In_ PCUNICODE_STRING SourceString,
1075 _In_ BOOLEAN AllocateDestinationString);
1076
1077 _IRQL_requires_max_(PASSIVE_LEVEL)
1078 _Must_inspect_result_
1079 NTSYSAPI
1080 NTSTATUS
1081 NTAPI
1082 RtlUpcaseUnicodeStringToCountedOemString(
1083 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1084 _When_(!AllocateDestinationString, _Inout_)
1085 POEM_STRING DestinationString,
1086 _In_ PCUNICODE_STRING SourceString,
1087 _In_ BOOLEAN AllocateDestinationString);
1088
1089 _IRQL_requires_max_(PASSIVE_LEVEL)
1090 _When_(AllocateDestinationString, _Must_inspect_result_)
1091 NTSYSAPI
1092 NTSTATUS
1093 NTAPI
1094 RtlDowncaseUnicodeString(
1095 _When_(AllocateDestinationString, _Out_ _At_(UniDest->Buffer, __drv_allocatesMem(Mem)))
1096 _When_(!AllocateDestinationString, _Inout_)
1097 PUNICODE_STRING UniDest,
1098 _In_ PCUNICODE_STRING UniSource,
1099 _In_ BOOLEAN AllocateDestinationString);
1100
1101 _IRQL_requires_max_(PASSIVE_LEVEL)
1102 NTSYSAPI
1103 VOID
1104 NTAPI
1105 RtlFreeOemString(
1106 _Inout_ _At_(OemString->Buffer, __drv_freesMem(Mem)) POEM_STRING OemString);
1107
1108 _IRQL_requires_max_(PASSIVE_LEVEL)
1109 NTSYSAPI
1110 ULONG
1111 NTAPI
1112 RtlxUnicodeStringToOemSize(
1113 _In_ PCUNICODE_STRING UnicodeString);
1114
1115 _IRQL_requires_max_(PASSIVE_LEVEL)
1116 NTSYSAPI
1117 ULONG
1118 NTAPI
1119 RtlxOemStringToUnicodeSize(
1120 _In_ PCOEM_STRING OemString);
1121
1122 _IRQL_requires_max_(PASSIVE_LEVEL)
1123 NTSYSAPI
1124 NTSTATUS
1125 NTAPI
1126 RtlMultiByteToUnicodeN(
1127 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1128 _In_ ULONG MaxBytesInUnicodeString,
1129 _Out_opt_ PULONG BytesInUnicodeString,
1130 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1131 _In_ ULONG BytesInMultiByteString);
1132
1133 _IRQL_requires_max_(PASSIVE_LEVEL)
1134 NTSYSAPI
1135 NTSTATUS
1136 NTAPI
1137 RtlMultiByteToUnicodeSize(
1138 _Out_ PULONG BytesInUnicodeString,
1139 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1140 _In_ ULONG BytesInMultiByteString);
1141
1142 _IRQL_requires_max_(PASSIVE_LEVEL)
1143 NTSYSAPI
1144 NTSTATUS
1145 NTAPI
1146 RtlUnicodeToMultiByteSize(
1147 _Out_ PULONG BytesInMultiByteString,
1148 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1149 _In_ ULONG BytesInUnicodeString);
1150
1151 _IRQL_requires_max_(PASSIVE_LEVEL)
1152 NTSYSAPI
1153 NTSTATUS
1154 NTAPI
1155 RtlUnicodeToMultiByteN(
1156 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1157 _In_ ULONG MaxBytesInMultiByteString,
1158 _Out_opt_ PULONG BytesInMultiByteString,
1159 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1160 _In_ ULONG BytesInUnicodeString);
1161
1162 _IRQL_requires_max_(PASSIVE_LEVEL)
1163 NTSYSAPI
1164 NTSTATUS
1165 NTAPI
1166 RtlUpcaseUnicodeToMultiByteN(
1167 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1168 _In_ ULONG MaxBytesInMultiByteString,
1169 _Out_opt_ PULONG BytesInMultiByteString,
1170 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1171 _In_ ULONG BytesInUnicodeString);
1172
1173 _IRQL_requires_max_(PASSIVE_LEVEL)
1174 NTSYSAPI
1175 NTSTATUS
1176 NTAPI
1177 RtlOemToUnicodeN(
1178 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWSTR UnicodeString,
1179 _In_ ULONG MaxBytesInUnicodeString,
1180 _Out_opt_ PULONG BytesInUnicodeString,
1181 _In_reads_bytes_(BytesInOemString) PCCH OemString,
1182 _In_ ULONG BytesInOemString);
1183
1184 _IRQL_requires_max_(PASSIVE_LEVEL)
1185 NTSYSAPI
1186 NTSTATUS
1187 NTAPI
1188 RtlUnicodeToOemN(
1189 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1190 _In_ ULONG MaxBytesInOemString,
1191 _Out_opt_ PULONG BytesInOemString,
1192 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1193 _In_ ULONG BytesInUnicodeString);
1194
1195 _IRQL_requires_max_(PASSIVE_LEVEL)
1196 NTSYSAPI
1197 NTSTATUS
1198 NTAPI
1199 RtlUpcaseUnicodeToOemN(
1200 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1201 _In_ ULONG MaxBytesInOemString,
1202 _Out_opt_ PULONG BytesInOemString,
1203 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1204 _In_ ULONG BytesInUnicodeString);
1205
1206 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1207 _IRQL_requires_max_(PASSIVE_LEVEL)
1208 NTSYSAPI
1209 NTSTATUS
1210 NTAPI
1211 RtlGenerate8dot3Name(
1212 _In_ PCUNICODE_STRING Name,
1213 _In_ BOOLEAN AllowExtendedCharacters,
1214 _Inout_ PGENERATE_NAME_CONTEXT Context,
1215 _Inout_ PUNICODE_STRING Name8dot3);
1216 #else
1217 _IRQL_requires_max_(PASSIVE_LEVEL)
1218 NTSYSAPI
1219 VOID
1220 NTAPI
1221 RtlGenerate8dot3Name(
1222 _In_ PCUNICODE_STRING Name,
1223 _In_ BOOLEAN AllowExtendedCharacters,
1224 _Inout_ PGENERATE_NAME_CONTEXT Context,
1225 _Inout_ PUNICODE_STRING Name8dot3);
1226 #endif
1227
1228 _IRQL_requires_max_(PASSIVE_LEVEL)
1229 _Must_inspect_result_
1230 NTSYSAPI
1231 BOOLEAN
1232 NTAPI
1233 RtlIsNameLegalDOS8Dot3(
1234 _In_ PCUNICODE_STRING Name,
1235 _Inout_opt_ POEM_STRING OemName,
1236 _Out_opt_ PBOOLEAN NameContainsSpaces);
1237
1238 _IRQL_requires_max_(PASSIVE_LEVEL)
1239 _Must_inspect_result_
1240 NTSYSAPI
1241 BOOLEAN
1242 NTAPI
1243 RtlIsValidOemCharacter(
1244 _Inout_ PWCHAR Char);
1245
1246 _IRQL_requires_max_(PASSIVE_LEVEL)
1247 NTSYSAPI
1248 VOID
1249 NTAPI
1250 PfxInitialize(
1251 _Out_ PPREFIX_TABLE PrefixTable);
1252
1253 _IRQL_requires_max_(PASSIVE_LEVEL)
1254 NTSYSAPI
1255 BOOLEAN
1256 NTAPI
1257 PfxInsertPrefix(
1258 _In_ PPREFIX_TABLE PrefixTable,
1259 _In_ __drv_aliasesMem PSTRING Prefix,
1260 _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1261
1262 _IRQL_requires_max_(PASSIVE_LEVEL)
1263 NTSYSAPI
1264 VOID
1265 NTAPI
1266 PfxRemovePrefix(
1267 _In_ PPREFIX_TABLE PrefixTable,
1268 _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1269
1270 _IRQL_requires_max_(PASSIVE_LEVEL)
1271 _Must_inspect_result_
1272 NTSYSAPI
1273 PPREFIX_TABLE_ENTRY
1274 NTAPI
1275 PfxFindPrefix(
1276 _In_ PPREFIX_TABLE PrefixTable,
1277 _In_ PSTRING FullName);
1278
1279 _IRQL_requires_max_(PASSIVE_LEVEL)
1280 NTSYSAPI
1281 VOID
1282 NTAPI
1283 RtlInitializeUnicodePrefix(
1284 _Out_ PUNICODE_PREFIX_TABLE PrefixTable);
1285
1286 _IRQL_requires_max_(PASSIVE_LEVEL)
1287 NTSYSAPI
1288 BOOLEAN
1289 NTAPI
1290 RtlInsertUnicodePrefix(
1291 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1292 _In_ __drv_aliasesMem PUNICODE_STRING Prefix,
1293 _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1294
1295 _IRQL_requires_max_(PASSIVE_LEVEL)
1296 NTSYSAPI
1297 VOID
1298 NTAPI
1299 RtlRemoveUnicodePrefix(
1300 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1301 _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1302
1303 _IRQL_requires_max_(PASSIVE_LEVEL)
1304 _Must_inspect_result_
1305 NTSYSAPI
1306 PUNICODE_PREFIX_TABLE_ENTRY
1307 NTAPI
1308 RtlFindUnicodePrefix(
1309 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1310 _In_ PUNICODE_STRING FullName,
1311 _In_ ULONG CaseInsensitiveIndex);
1312
1313 _IRQL_requires_max_(PASSIVE_LEVEL)
1314 _Must_inspect_result_
1315 NTSYSAPI
1316 PUNICODE_PREFIX_TABLE_ENTRY
1317 NTAPI
1318 RtlNextUnicodePrefix(
1319 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1320 _In_ BOOLEAN Restart);
1321
1322 _Must_inspect_result_
1323 NTSYSAPI
1324 SIZE_T
1325 NTAPI
1326 RtlCompareMemoryUlong(
1327 _In_reads_bytes_(Length) PVOID Source,
1328 _In_ SIZE_T Length,
1329 _In_ ULONG Pattern);
1330
1331 _Success_(return != 0)
1332 NTSYSAPI
1333 BOOLEAN
1334 NTAPI
1335 RtlTimeToSecondsSince1980(
1336 _In_ PLARGE_INTEGER Time,
1337 _Out_ PULONG ElapsedSeconds);
1338
1339 NTSYSAPI
1340 VOID
1341 NTAPI
1342 RtlSecondsSince1980ToTime(
1343 _In_ ULONG ElapsedSeconds,
1344 _Out_ PLARGE_INTEGER Time);
1345
1346 _Success_(return != 0)
1347 NTSYSAPI
1348 BOOLEAN
1349 NTAPI
1350 RtlTimeToSecondsSince1970(
1351 _In_ PLARGE_INTEGER Time,
1352 _Out_ PULONG ElapsedSeconds);
1353
1354 NTSYSAPI
1355 VOID
1356 NTAPI
1357 RtlSecondsSince1970ToTime(
1358 _In_ ULONG ElapsedSeconds,
1359 _Out_ PLARGE_INTEGER Time);
1360
1361 _IRQL_requires_max_(APC_LEVEL)
1362 _Must_inspect_result_
1363 NTSYSAPI
1364 BOOLEAN
1365 NTAPI
1366 RtlValidSid(
1367 _In_ PSID Sid);
1368
1369 _Must_inspect_result_
1370 NTSYSAPI
1371 BOOLEAN
1372 NTAPI
1373 RtlEqualSid(
1374 _In_ PSID Sid1,
1375 _In_ PSID Sid2);
1376
1377 _IRQL_requires_max_(APC_LEVEL)
1378 _Must_inspect_result_
1379 NTSYSAPI
1380 BOOLEAN
1381 NTAPI
1382 RtlEqualPrefixSid(
1383 _In_ PSID Sid1,
1384 _In_ PSID Sid2);
1385
1386 _IRQL_requires_max_(APC_LEVEL)
1387 NTSYSAPI
1388 ULONG
1389 NTAPI
1390 RtlLengthRequiredSid(
1391 _In_ ULONG SubAuthorityCount);
1392
1393 NTSYSAPI
1394 PVOID
1395 NTAPI
1396 RtlFreeSid(
1397 _In_ _Post_invalid_ PSID Sid);
1398
1399 _Must_inspect_result_
1400 NTSYSAPI
1401 NTSTATUS
1402 NTAPI
1403 RtlAllocateAndInitializeSid(
1404 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1405 _In_ UCHAR SubAuthorityCount,
1406 _In_ ULONG SubAuthority0,
1407 _In_ ULONG SubAuthority1,
1408 _In_ ULONG SubAuthority2,
1409 _In_ ULONG SubAuthority3,
1410 _In_ ULONG SubAuthority4,
1411 _In_ ULONG SubAuthority5,
1412 _In_ ULONG SubAuthority6,
1413 _In_ ULONG SubAuthority7,
1414 _Outptr_ PSID *Sid);
1415
1416 _IRQL_requires_max_(APC_LEVEL)
1417 NTSYSAPI
1418 NTSTATUS
1419 NTAPI
1420 RtlInitializeSid(
1421 _Out_ PSID Sid,
1422 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1423 _In_ UCHAR SubAuthorityCount);
1424
1425 NTSYSAPI
1426 PULONG
1427 NTAPI
1428 RtlSubAuthoritySid(
1429 _In_ PSID Sid,
1430 _In_ ULONG SubAuthority);
1431
1432 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
1433 NTSYSAPI
1434 ULONG
1435 NTAPI
1436 RtlLengthSid(
1437 _In_ PSID Sid);
1438
1439 _IRQL_requires_max_(APC_LEVEL)
1440 NTSYSAPI
1441 NTSTATUS
1442 NTAPI
1443 RtlCopySid(
1444 _In_ ULONG Length,
1445 _Out_writes_bytes_(Length) PSID Destination,
1446 _In_ PSID Source);
1447
1448 _IRQL_requires_max_(APC_LEVEL)
1449 NTSYSAPI
1450 NTSTATUS
1451 NTAPI
1452 RtlConvertSidToUnicodeString(
1453 _Inout_ PUNICODE_STRING UnicodeString,
1454 _In_ PSID Sid,
1455 _In_ BOOLEAN AllocateDestinationString);
1456
1457 _IRQL_requires_max_(APC_LEVEL)
1458 NTSYSAPI
1459 VOID
1460 NTAPI
1461 RtlCopyLuid(
1462 _Out_ PLUID DestinationLuid,
1463 _In_ PLUID SourceLuid);
1464
1465 _IRQL_requires_max_(APC_LEVEL)
1466 NTSYSAPI
1467 NTSTATUS
1468 NTAPI
1469 RtlCreateAcl(
1470 _Out_writes_bytes_(AclLength) PACL Acl,
1471 _In_ ULONG AclLength,
1472 _In_ ULONG AclRevision);
1473
1474 _IRQL_requires_max_(APC_LEVEL)
1475 NTSYSAPI
1476 NTSTATUS
1477 NTAPI
1478 RtlAddAce(
1479 _Inout_ PACL Acl,
1480 _In_ ULONG AceRevision,
1481 _In_ ULONG StartingAceIndex,
1482 _In_reads_bytes_(AceListLength) PVOID AceList,
1483 _In_ ULONG AceListLength);
1484
1485 _IRQL_requires_max_(APC_LEVEL)
1486 NTSYSAPI
1487 NTSTATUS
1488 NTAPI
1489 RtlDeleteAce(
1490 _Inout_ PACL Acl,
1491 _In_ ULONG AceIndex);
1492
1493 NTSYSAPI
1494 NTSTATUS
1495 NTAPI
1496 RtlGetAce(
1497 _In_ PACL Acl,
1498 _In_ ULONG AceIndex,
1499 _Outptr_ PVOID *Ace);
1500
1501 _IRQL_requires_max_(APC_LEVEL)
1502 NTSYSAPI
1503 NTSTATUS
1504 NTAPI
1505 RtlAddAccessAllowedAce(
1506 _Inout_ PACL Acl,
1507 _In_ ULONG AceRevision,
1508 _In_ ACCESS_MASK AccessMask,
1509 _In_ PSID Sid);
1510
1511 _IRQL_requires_max_(APC_LEVEL)
1512 NTSYSAPI
1513 NTSTATUS
1514 NTAPI
1515 RtlAddAccessAllowedAceEx(
1516 _Inout_ PACL Acl,
1517 _In_ ULONG AceRevision,
1518 _In_ ULONG AceFlags,
1519 _In_ ACCESS_MASK AccessMask,
1520 _In_ PSID Sid);
1521
1522 _IRQL_requires_max_(APC_LEVEL)
1523 NTSYSAPI
1524 NTSTATUS
1525 NTAPI
1526 RtlCreateSecurityDescriptorRelative(
1527 _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
1528 _In_ ULONG Revision);
1529
1530 NTSYSAPI
1531 NTSTATUS
1532 NTAPI
1533 RtlGetDaclSecurityDescriptor(
1534 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1535 _Out_ PBOOLEAN DaclPresent,
1536 _Out_ PACL *Dacl,
1537 _Out_ PBOOLEAN DaclDefaulted);
1538
1539 _IRQL_requires_max_(APC_LEVEL)
1540 NTSYSAPI
1541 NTSTATUS
1542 NTAPI
1543 RtlSetOwnerSecurityDescriptor(
1544 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1545 _In_opt_ PSID Owner,
1546 _In_opt_ BOOLEAN OwnerDefaulted);
1547
1548 _IRQL_requires_max_(APC_LEVEL)
1549 NTSYSAPI
1550 NTSTATUS
1551 NTAPI
1552 RtlGetOwnerSecurityDescriptor(
1553 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1554 _Out_ PSID *Owner,
1555 _Out_ PBOOLEAN OwnerDefaulted);
1556
1557 _IRQL_requires_max_(APC_LEVEL)
1558 _When_(Status < 0, _Out_range_(>, 0))
1559 _When_(Status >= 0, _Out_range_(==, 0))
1560 NTSYSAPI
1561 ULONG
1562 NTAPI
1563 RtlNtStatusToDosError(
1564 _In_ NTSTATUS Status);
1565
1566 _IRQL_requires_max_(PASSIVE_LEVEL)
1567 NTSYSAPI
1568 NTSTATUS
1569 NTAPI
1570 RtlCustomCPToUnicodeN(
1571 _In_ PCPTABLEINFO CustomCP,
1572 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1573 _In_ ULONG MaxBytesInUnicodeString,
1574 _Out_opt_ PULONG BytesInUnicodeString,
1575 _In_reads_bytes_(BytesInCustomCPString) PCH CustomCPString,
1576 _In_ ULONG BytesInCustomCPString);
1577
1578 _IRQL_requires_max_(PASSIVE_LEVEL)
1579 NTSYSAPI
1580 NTSTATUS
1581 NTAPI
1582 RtlUnicodeToCustomCPN(
1583 _In_ PCPTABLEINFO CustomCP,
1584 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1585 _In_ ULONG MaxBytesInCustomCPString,
1586 _Out_opt_ PULONG BytesInCustomCPString,
1587 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1588 _In_ ULONG BytesInUnicodeString);
1589
1590 _IRQL_requires_max_(PASSIVE_LEVEL)
1591 NTSYSAPI
1592 NTSTATUS
1593 NTAPI
1594 RtlUpcaseUnicodeToCustomCPN(
1595 _In_ PCPTABLEINFO CustomCP,
1596 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1597 _In_ ULONG MaxBytesInCustomCPString,
1598 _Out_opt_ PULONG BytesInCustomCPString,
1599 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1600 _In_ ULONG BytesInUnicodeString);
1601
1602 _IRQL_requires_max_(PASSIVE_LEVEL)
1603 NTSYSAPI
1604 VOID
1605 NTAPI
1606 RtlInitCodePageTable(
1607 _In_ PUSHORT TableBase,
1608 _Inout_ PCPTABLEINFO CodePageTable);
1609
1610
1611 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
1612
1613
1614 #if (NTDDI_VERSION >= NTDDI_WINXP)
1615
1616
1617
1618 _Must_inspect_result_
1619 NTSYSAPI
1620 PVOID
1621 NTAPI
1622 RtlCreateHeap(
1623 _In_ ULONG Flags,
1624 _In_opt_ PVOID HeapBase,
1625 _In_opt_ SIZE_T ReserveSize,
1626 _In_opt_ SIZE_T CommitSize,
1627 _In_opt_ PVOID Lock,
1628 _In_opt_ PRTL_HEAP_PARAMETERS Parameters);
1629
1630 NTSYSAPI
1631 PVOID
1632 NTAPI
1633 RtlDestroyHeap(
1634 _In_ _Post_invalid_ PVOID HeapHandle);
1635
1636 NTSYSAPI
1637 USHORT
1638 NTAPI
1639 RtlCaptureStackBackTrace(
1640 _In_ ULONG FramesToSkip,
1641 _In_ ULONG FramesToCapture,
1642 _Out_writes_to_(FramesToCapture, return) PVOID *BackTrace,
1643 _Out_opt_ PULONG BackTraceHash);
1644
1645 _Ret_range_(<, MAXLONG)
1646 NTSYSAPI
1647 ULONG
1648 NTAPI
1649 RtlRandomEx(
1650 _Inout_ PULONG Seed);
1651
1652 _IRQL_requires_max_(DISPATCH_LEVEL)
1653 NTSYSAPI
1654 NTSTATUS
1655 NTAPI
1656 RtlInitUnicodeStringEx(
1657 _Out_ PUNICODE_STRING DestinationString,
1658 _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
1659
1660 _Must_inspect_result_
1661 NTSYSAPI
1662 NTSTATUS
1663 NTAPI
1664 RtlValidateUnicodeString(
1665 _In_ ULONG Flags,
1666 _In_ PCUNICODE_STRING String);
1667
1668 _IRQL_requires_max_(PASSIVE_LEVEL)
1669 _Must_inspect_result_
1670 NTSYSAPI
1671 NTSTATUS
1672 NTAPI
1673 RtlDuplicateUnicodeString(
1674 _In_ ULONG Flags,
1675 _In_ PCUNICODE_STRING SourceString,
1676 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)) PUNICODE_STRING DestinationString);
1677
1678 NTSYSAPI
1679 NTSTATUS
1680 NTAPI
1681 RtlGetCompressionWorkSpaceSize(
1682 _In_ USHORT CompressionFormatAndEngine,
1683 _Out_ PULONG CompressBufferWorkSpaceSize,
1684 _Out_ PULONG CompressFragmentWorkSpaceSize);
1685
1686 NTSYSAPI
1687 NTSTATUS
1688 NTAPI
1689 RtlCompressBuffer(
1690 _In_ USHORT CompressionFormatAndEngine,
1691 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1692 _In_ ULONG UncompressedBufferSize,
1693 _Out_writes_bytes_to_(CompressedBufferSize, *FinalCompressedSize) PUCHAR CompressedBuffer,
1694 _In_ ULONG CompressedBufferSize,
1695 _In_ ULONG UncompressedChunkSize,
1696 _Out_ PULONG FinalCompressedSize,
1697 _In_ PVOID WorkSpace);
1698
1699 _IRQL_requires_max_(APC_LEVEL)
1700 NTSYSAPI
1701 NTSTATUS
1702 NTAPI
1703 RtlDecompressBuffer(
1704 _In_ USHORT CompressionFormat,
1705 _Out_writes_bytes_to_(UncompressedBufferSize, *FinalUncompressedSize) PUCHAR UncompressedBuffer,
1706 _In_ ULONG UncompressedBufferSize,
1707 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1708 _In_ ULONG CompressedBufferSize,
1709 _Out_ PULONG FinalUncompressedSize);
1710
1711 _IRQL_requires_max_(APC_LEVEL)
1712 NTSYSAPI
1713 NTSTATUS
1714 NTAPI
1715 RtlDecompressFragment(
1716 _In_ USHORT CompressionFormat,
1717 _Out_writes_bytes_to_(UncompressedFragmentSize, *FinalUncompressedSize) PUCHAR UncompressedFragment,
1718 _In_ ULONG UncompressedFragmentSize,
1719 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1720 _In_ ULONG CompressedBufferSize,
1721 _In_range_(<, CompressedBufferSize) ULONG FragmentOffset,
1722 _Out_ PULONG FinalUncompressedSize,
1723 _In_ PVOID WorkSpace);
1724
1725 _IRQL_requires_max_(APC_LEVEL)
1726 NTSYSAPI
1727 NTSTATUS
1728 NTAPI
1729 RtlDescribeChunk(
1730 _In_ USHORT CompressionFormat,
1731 _Inout_ PUCHAR *CompressedBuffer,
1732 _In_ PUCHAR EndOfCompressedBufferPlus1,
1733 _Out_ PUCHAR *ChunkBuffer,
1734 _Out_ PULONG ChunkSize);
1735
1736 _IRQL_requires_max_(APC_LEVEL)
1737 NTSYSAPI
1738 NTSTATUS
1739 NTAPI
1740 RtlReserveChunk(
1741 _In_ USHORT CompressionFormat,
1742 _Inout_ PUCHAR *CompressedBuffer,
1743 _In_ PUCHAR EndOfCompressedBufferPlus1,
1744 _Out_ PUCHAR *ChunkBuffer,
1745 _In_ ULONG ChunkSize);
1746
1747 _IRQL_requires_max_(APC_LEVEL)
1748 NTSYSAPI
1749 NTSTATUS
1750 NTAPI
1751 RtlDecompressChunks(
1752 _Out_writes_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1753 _In_ ULONG UncompressedBufferSize,
1754 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1755 _In_ ULONG CompressedBufferSize,
1756 _In_reads_bytes_(CompressedTailSize) PUCHAR CompressedTail,
1757 _In_ ULONG CompressedTailSize,
1758 _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo);
1759
1760 _IRQL_requires_max_(APC_LEVEL)
1761 NTSYSAPI
1762 NTSTATUS
1763 NTAPI
1764 RtlCompressChunks(
1765 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1766 _In_ ULONG UncompressedBufferSize,
1767 _Out_writes_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1768 _In_range_(>=, (UncompressedBufferSize - (UncompressedBufferSize / 16))) ULONG CompressedBufferSize,
1769 _Inout_updates_bytes_(CompressedDataInfoLength) PCOMPRESSED_DATA_INFO CompressedDataInfo,
1770 _In_range_(>, sizeof(COMPRESSED_DATA_INFO)) ULONG CompressedDataInfoLength,
1771 _In_ PVOID WorkSpace);
1772
1773 _IRQL_requires_max_(APC_LEVEL)
1774 NTSYSAPI
1775 PSID_IDENTIFIER_AUTHORITY
1776 NTAPI
1777 RtlIdentifierAuthoritySid(
1778 _In_ PSID Sid);
1779
1780 NTSYSAPI
1781 PUCHAR
1782 NTAPI
1783 RtlSubAuthorityCountSid(
1784 _In_ PSID Sid);
1785
1786 _When_(Status < 0, _Out_range_(>, 0))
1787 _When_(Status >= 0, _Out_range_(==, 0))
1788 NTSYSAPI
1789 ULONG
1790 NTAPI
1791 RtlNtStatusToDosErrorNoTeb(
1792 _In_ NTSTATUS Status);
1793
1794 _IRQL_requires_max_(PASSIVE_LEVEL)
1795 NTSYSAPI
1796 NTSTATUS
1797 NTAPI
1798 RtlCreateSystemVolumeInformationFolder(
1799 _In_ PCUNICODE_STRING VolumeRootPath);
1800
1801 #if defined(_M_AMD64)
1802
1803 FORCEINLINE
1804 VOID
1805 RtlFillMemoryUlong(
1806 _Out_writes_bytes_all_(Length) PVOID Destination,
1807 _In_ SIZE_T Length,
1808 _In_ ULONG Pattern)
1809 {
1810 PULONG Address = (PULONG)Destination;
1811 if ((Length /= 4) != 0) {
1812 if (((ULONG64)Address & 4) != 0) {
1813 *Address = Pattern;
1814 if ((Length -= 1) == 0) {
1815 return;
1816 }
1817 Address += 1;
1818 }
1819 __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
1820 if ((Length & 1) != 0) Address[Length - 1] = Pattern;
1821 }
1822 return;
1823 }
1824
1825 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
1826 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
1827
1828 #else
1829
1830 NTSYSAPI
1831 VOID
1832 NTAPI
1833 RtlFillMemoryUlong(
1834 OUT PVOID Destination,
1835 IN SIZE_T Length,
1836 IN ULONG Pattern);
1837
1838 NTSYSAPI
1839 VOID
1840 NTAPI
1841 RtlFillMemoryUlonglong(
1842 _Out_writes_bytes_all_(Length) PVOID Destination,
1843 _In_ SIZE_T Length,
1844 _In_ ULONGLONG Pattern);
1845
1846 #endif /* defined(_M_AMD64) */
1847
1848 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
1849
1850 #if (NTDDI_VERSION >= NTDDI_WS03)
1851 _IRQL_requires_max_(DISPATCH_LEVEL)
1852 NTSYSAPI
1853 NTSTATUS
1854 NTAPI
1855 RtlInitAnsiStringEx(
1856 _Out_ PANSI_STRING DestinationString,
1857 _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
1858 #endif
1859
1860 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
1861
1862 _IRQL_requires_max_(APC_LEVEL)
1863 NTSYSAPI
1864 NTSTATUS
1865 NTAPI
1866 RtlGetSaclSecurityDescriptor(
1867 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1868 _Out_ PBOOLEAN SaclPresent,
1869 _Out_ PACL *Sacl,
1870 _Out_ PBOOLEAN SaclDefaulted);
1871
1872 _IRQL_requires_max_(APC_LEVEL)
1873 NTSYSAPI
1874 NTSTATUS
1875 NTAPI
1876 RtlSetGroupSecurityDescriptor(
1877 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1878 _In_opt_ PSID Group,
1879 _In_opt_ BOOLEAN GroupDefaulted);
1880
1881 _IRQL_requires_max_(APC_LEVEL)
1882 NTSYSAPI
1883 NTSTATUS
1884 NTAPI
1885 RtlGetGroupSecurityDescriptor(
1886 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1887 _Out_ PSID *Group,
1888 _Out_ PBOOLEAN GroupDefaulted);
1889
1890 _IRQL_requires_max_(APC_LEVEL)
1891 NTSYSAPI
1892 NTSTATUS
1893 NTAPI
1894 RtlAbsoluteToSelfRelativeSD(
1895 _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1896 _Out_writes_bytes_to_opt_(*BufferLength, *BufferLength) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1897 _Inout_ PULONG BufferLength);
1898
1899 _IRQL_requires_max_(APC_LEVEL)
1900 NTSYSAPI
1901 NTSTATUS
1902 NTAPI
1903 RtlSelfRelativeToAbsoluteSD(
1904 _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1905 _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize, *AbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1906 _Inout_ PULONG AbsoluteSecurityDescriptorSize,
1907 _Out_writes_bytes_to_opt_(*DaclSize, *DaclSize) PACL Dacl,
1908 _Inout_ PULONG DaclSize,
1909 _Out_writes_bytes_to_opt_(*SaclSize, *SaclSize) PACL Sacl,
1910 _Inout_ PULONG SaclSize,
1911 _Out_writes_bytes_to_opt_(*OwnerSize, *OwnerSize) PSID Owner,
1912 _Inout_ PULONG OwnerSize,
1913 _Out_writes_bytes_to_opt_(*PrimaryGroupSize, *PrimaryGroupSize) PSID PrimaryGroup,
1914 _Inout_ PULONG PrimaryGroupSize);
1915
1916 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
1917
1918 #if (NTDDI_VERSION >= NTDDI_VISTA)
1919
1920 NTSYSAPI
1921 NTSTATUS
1922 NTAPI
1923 RtlNormalizeString(
1924 _In_ ULONG NormForm,
1925 _In_ PCWSTR SourceString,
1926 _In_ LONG SourceStringLength,
1927 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1928 _Inout_ PLONG DestinationStringLength);
1929
1930 NTSYSAPI
1931 NTSTATUS
1932 NTAPI
1933 RtlIsNormalizedString(
1934 _In_ ULONG NormForm,
1935 _In_ PCWSTR SourceString,
1936 _In_ LONG SourceStringLength,
1937 _Out_ PBOOLEAN Normalized);
1938
1939 NTSYSAPI
1940 NTSTATUS
1941 NTAPI
1942 RtlIdnToAscii(
1943 _In_ ULONG Flags,
1944 _In_ PCWSTR SourceString,
1945 _In_ LONG SourceStringLength,
1946 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1947 _Inout_ PLONG DestinationStringLength);
1948
1949 NTSYSAPI
1950 NTSTATUS
1951 NTAPI
1952 RtlIdnToUnicode(
1953 IN ULONG Flags,
1954 IN PCWSTR SourceString,
1955 IN LONG SourceStringLength,
1956 OUT PWSTR DestinationString,
1957 IN OUT PLONG DestinationStringLength);
1958
1959 NTSYSAPI
1960 NTSTATUS
1961 NTAPI
1962 RtlIdnToNameprepUnicode(
1963 _In_ ULONG Flags,
1964 _In_ PCWSTR SourceString,
1965 _In_ LONG SourceStringLength,
1966 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1967 _Inout_ PLONG DestinationStringLength);
1968
1969 NTSYSAPI
1970 NTSTATUS
1971 NTAPI
1972 RtlCreateServiceSid(
1973 _In_ PUNICODE_STRING ServiceName,
1974 _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
1975 _Inout_ PULONG ServiceSidLength);
1976
1977 NTSYSAPI
1978 LONG
1979 NTAPI
1980 RtlCompareAltitudes(
1981 _In_ PCUNICODE_STRING Altitude1,
1982 _In_ PCUNICODE_STRING Altitude2);
1983
1984
1985 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1986
1987 #if (NTDDI_VERSION >= NTDDI_WIN7)
1988
1989 _IRQL_requires_max_(PASSIVE_LEVEL)
1990 _Must_inspect_result_
1991 NTSYSAPI
1992 NTSTATUS
1993 NTAPI
1994 RtlUnicodeToUTF8N(
1995 _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount) PCHAR UTF8StringDestination,
1996 _In_ ULONG UTF8StringMaxByteCount,
1997 _Out_ PULONG UTF8StringActualByteCount,
1998 _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
1999 _In_ ULONG UnicodeStringByteCount);
2000
2001 _IRQL_requires_max_(PASSIVE_LEVEL)
2002 _Must_inspect_result_
2003 NTSYSAPI
2004 NTSTATUS
2005 NTAPI
2006 RtlUTF8ToUnicodeN(
2007 _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount) PWSTR UnicodeStringDestination,
2008 _In_ ULONG UnicodeStringMaxByteCount,
2009 _Out_ PULONG UnicodeStringActualByteCount,
2010 _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
2011 _In_ ULONG UTF8StringByteCount);
2012
2013 _IRQL_requires_max_(APC_LEVEL)
2014 NTSYSAPI
2015 NTSTATUS
2016 NTAPI
2017 RtlReplaceSidInSd(
2018 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2019 _In_ PSID OldSid,
2020 _In_ PSID NewSid,
2021 _Out_ ULONG *NumChanges);
2022
2023 NTSYSAPI
2024 NTSTATUS
2025 NTAPI
2026 RtlCreateVirtualAccountSid(
2027 _In_ PCUNICODE_STRING Name,
2028 _In_ ULONG BaseSubAuthority,
2029 _Out_writes_bytes_(*SidLength) PSID Sid,
2030 _Inout_ PULONG SidLength);
2031
2032 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
2033
2034
2035 #if defined(_AMD64_) || defined(_IA64_)
2036
2037
2038
2039 #endif /* defined(_AMD64_) || defined(_IA64_) */
2040
2041
2042
2043 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2044 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2045
2046 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2047 RtlxUnicodeStringToOemSize(STRING) : \
2048 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2049 )
2050
2051 #define RtlOemStringToUnicodeSize(STRING) ( \
2052 NLS_MB_OEM_CODE_PAGE_TAG ? \
2053 RtlxOemStringToUnicodeSize(STRING) : \
2054 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2055 )
2056
2057 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2058 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2059 )
2060
2061 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
2062 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
2063
2064 _IRQL_requires_max_(PASSIVE_LEVEL)
2065 __kernel_entry
2066 NTSYSCALLAPI
2067 NTSTATUS
2068 NTAPI
2069 NtQueryObject(
2070 _In_opt_ HANDLE Handle,
2071 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
2072 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
2073 _In_ ULONG ObjectInformationLength,
2074 _Out_opt_ PULONG ReturnLength);
2075
2076 #if (NTDDI_VERSION >= NTDDI_WIN2K)
2077
2078 _Must_inspect_result_
2079 __kernel_entry
2080 NTSYSCALLAPI
2081 NTSTATUS
2082 NTAPI
2083 NtOpenThreadToken(
2084 _In_ HANDLE ThreadHandle,
2085 _In_ ACCESS_MASK DesiredAccess,
2086 _In_ BOOLEAN OpenAsSelf,
2087 _Out_ PHANDLE TokenHandle);
2088
2089 _Must_inspect_result_
2090 __kernel_entry
2091 NTSYSCALLAPI
2092 NTSTATUS
2093 NTAPI
2094 NtOpenProcessToken(
2095 _In_ HANDLE ProcessHandle,
2096 _In_ ACCESS_MASK DesiredAccess,
2097 _Out_ PHANDLE TokenHandle);
2098
2099 _When_(TokenInformationClass == TokenAccessInformation,
2100 _At_(TokenInformationLength,
2101 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
2102 _Must_inspect_result_
2103 __kernel_entry
2104 NTSYSCALLAPI
2105 NTSTATUS
2106 NTAPI
2107 NtQueryInformationToken(
2108 _In_ HANDLE TokenHandle,
2109 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2110 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
2111 _In_ ULONG TokenInformationLength,
2112 _Out_ PULONG ReturnLength);
2113
2114 _Must_inspect_result_
2115 __kernel_entry
2116 NTSYSCALLAPI
2117 NTSTATUS
2118 NTAPI
2119 NtAdjustPrivilegesToken(
2120 _In_ HANDLE TokenHandle,
2121 _In_ BOOLEAN DisableAllPrivileges,
2122 _In_opt_ PTOKEN_PRIVILEGES NewState,
2123 _In_ ULONG BufferLength,
2124 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
2125 _Out_ _When_(PreviousState == NULL, _Out_opt_) PULONG ReturnLength);
2126
2127 __kernel_entry
2128 NTSYSCALLAPI
2129 NTSTATUS
2130 NTAPI
2131 NtCreateFile(
2132 _Out_ PHANDLE FileHandle,
2133 _In_ ACCESS_MASK DesiredAccess,
2134 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2135 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2136 _In_opt_ PLARGE_INTEGER AllocationSize,
2137 _In_ ULONG FileAttributes,
2138 _In_ ULONG ShareAccess,
2139 _In_ ULONG CreateDisposition,
2140 _In_ ULONG CreateOptions,
2141 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
2142 _In_ ULONG EaLength);
2143
2144 __kernel_entry
2145 NTSYSCALLAPI
2146 NTSTATUS
2147 NTAPI
2148 NtDeviceIoControlFile(
2149 _In_ HANDLE FileHandle,
2150 _In_opt_ HANDLE Event,
2151 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2152 _In_opt_ PVOID ApcContext,
2153 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2154 _In_ ULONG IoControlCode,
2155 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2156 _In_ ULONG InputBufferLength,
2157 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2158 _In_ ULONG OutputBufferLength);
2159
2160 __kernel_entry
2161 NTSYSCALLAPI
2162 NTSTATUS
2163 NTAPI
2164 NtFsControlFile(
2165 _In_ HANDLE FileHandle,
2166 _In_opt_ HANDLE Event,
2167 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2168 _In_opt_ PVOID ApcContext,
2169 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2170 _In_ ULONG FsControlCode,
2171 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2172 _In_ ULONG InputBufferLength,
2173 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2174 _In_ ULONG OutputBufferLength);
2175
2176 __kernel_entry
2177 NTSYSCALLAPI
2178 NTSTATUS
2179 NTAPI
2180 NtLockFile(
2181 _In_ HANDLE FileHandle,
2182 _In_opt_ HANDLE Event,
2183 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2184 _In_opt_ PVOID ApcContext,
2185 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2186 _In_ PLARGE_INTEGER ByteOffset,
2187 _In_ PLARGE_INTEGER Length,
2188 _In_ ULONG Key,
2189 _In_ BOOLEAN FailImmediately,
2190 _In_ BOOLEAN ExclusiveLock);
2191
2192 __kernel_entry
2193 NTSYSCALLAPI
2194 NTSTATUS
2195 NTAPI
2196 NtOpenFile(
2197 _Out_ PHANDLE FileHandle,
2198 _In_ ACCESS_MASK DesiredAccess,
2199 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2200 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2201 _In_ ULONG ShareAccess,
2202 _In_ ULONG OpenOptions);
2203
2204 __kernel_entry
2205 NTSYSCALLAPI
2206 NTSTATUS
2207 NTAPI
2208 NtQueryDirectoryFile(
2209 _In_ HANDLE FileHandle,
2210 _In_opt_ HANDLE Event,
2211 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2212 _In_opt_ PVOID ApcContext,
2213 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2214 _Out_writes_bytes_(Length) PVOID FileInformation,
2215 _In_ ULONG Length,
2216 _In_ FILE_INFORMATION_CLASS FileInformationClass,
2217 _In_ BOOLEAN ReturnSingleEntry,
2218 _In_opt_ PUNICODE_STRING FileName,
2219 _In_ BOOLEAN RestartScan);
2220
2221 __kernel_entry
2222 NTSYSCALLAPI
2223 NTSTATUS
2224 NTAPI
2225 NtQueryInformationFile(
2226 _In_ HANDLE FileHandle,
2227 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2228 _Out_writes_bytes_(Length) PVOID FileInformation,
2229 _In_ ULONG Length,
2230 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2231
2232 __kernel_entry
2233 NTSYSCALLAPI
2234 NTSTATUS
2235 NTAPI
2236 NtQueryQuotaInformationFile(
2237 _In_ HANDLE FileHandle,
2238 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2239 _Out_writes_bytes_(Length) PVOID Buffer,
2240 _In_ ULONG Length,
2241 _In_ BOOLEAN ReturnSingleEntry,
2242 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
2243 _In_ ULONG SidListLength,
2244 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
2245 _In_ BOOLEAN RestartScan);
2246
2247 __kernel_entry
2248 NTSYSCALLAPI
2249 NTSTATUS
2250 NTAPI
2251 NtQueryVolumeInformationFile(
2252 _In_ HANDLE FileHandle,
2253 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2254 _Out_writes_bytes_(Length) PVOID FsInformation,
2255 _In_ ULONG Length,
2256 _In_ FS_INFORMATION_CLASS FsInformationClass);
2257
2258 __kernel_entry
2259 NTSYSCALLAPI
2260 NTSTATUS
2261 NTAPI
2262 NtReadFile(
2263 _In_ HANDLE FileHandle,
2264 _In_opt_ HANDLE Event,
2265 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2266 _In_opt_ PVOID ApcContext,
2267 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2268 _Out_writes_bytes_(Length) PVOID Buffer,
2269 _In_ ULONG Length,
2270 _In_opt_ PLARGE_INTEGER ByteOffset,
2271 _In_opt_ PULONG Key);
2272
2273 __kernel_entry
2274 NTSYSCALLAPI
2275 NTSTATUS
2276 NTAPI
2277 NtSetInformationFile(
2278 _In_ HANDLE FileHandle,
2279 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2280 _In_reads_bytes_(Length) PVOID FileInformation,
2281 _In_ ULONG Length,
2282 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2283
2284 __kernel_entry
2285 NTSYSCALLAPI
2286 NTSTATUS
2287 NTAPI
2288 NtSetQuotaInformationFile(
2289 _In_ HANDLE FileHandle,
2290 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2291 _In_reads_bytes_(Length) PVOID Buffer,
2292 _In_ ULONG Length);
2293
2294 __kernel_entry
2295 NTSYSCALLAPI
2296 NTSTATUS
2297 NTAPI
2298 NtSetVolumeInformationFile(
2299 _In_ HANDLE FileHandle,
2300 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2301 _In_reads_bytes_(Length) PVOID FsInformation,
2302 _In_ ULONG Length,
2303 _In_ FS_INFORMATION_CLASS FsInformationClass);
2304
2305 __kernel_entry
2306 NTSYSCALLAPI
2307 NTSTATUS
2308 NTAPI
2309 NtWriteFile(
2310 _In_ HANDLE FileHandle,
2311 _In_opt_ HANDLE Event,
2312 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2313 _In_opt_ PVOID ApcContext,
2314 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2315 _In_reads_bytes_(Length) PVOID Buffer,
2316 _In_ ULONG Length,
2317 _In_opt_ PLARGE_INTEGER ByteOffset,
2318 _In_opt_ PULONG Key);
2319
2320 __kernel_entry
2321 NTSYSCALLAPI
2322 NTSTATUS
2323 NTAPI
2324 NtUnlockFile(
2325 _In_ HANDLE FileHandle,
2326 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2327 _In_ PLARGE_INTEGER ByteOffset,
2328 _In_ PLARGE_INTEGER Length,
2329 _In_ ULONG Key);
2330
2331 _IRQL_requires_max_(PASSIVE_LEVEL)
2332 __kernel_entry
2333 NTSYSCALLAPI
2334 NTSTATUS
2335 NTAPI
2336 NtSetSecurityObject(
2337 _In_ HANDLE Handle,
2338 _In_ SECURITY_INFORMATION SecurityInformation,
2339 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
2340
2341 _IRQL_requires_max_(PASSIVE_LEVEL)
2342 __kernel_entry
2343 NTSYSCALLAPI
2344 NTSTATUS
2345 NTAPI
2346 NtQuerySecurityObject(
2347 _In_ HANDLE Handle,
2348 _In_ SECURITY_INFORMATION SecurityInformation,
2349 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
2350 _In_ ULONG Length,
2351 _Out_ PULONG LengthNeeded);
2352
2353 _IRQL_requires_max_(PASSIVE_LEVEL)
2354 __kernel_entry
2355 NTSYSCALLAPI
2356 NTSTATUS
2357 NTAPI
2358 NtClose(
2359 _In_ HANDLE Handle);
2360
2361 _Must_inspect_result_
2362 __drv_allocatesMem(Mem)
2363 __kernel_entry
2364 NTSYSCALLAPI
2365 NTSTATUS
2366 NTAPI
2367 NtAllocateVirtualMemory(
2368 _In_ HANDLE ProcessHandle,
2369 _Outptr_result_bytebuffer_(*RegionSize) PVOID *BaseAddress,
2370 _In_ ULONG_PTR ZeroBits,
2371 _Inout_ PSIZE_T RegionSize,
2372 _In_ ULONG AllocationType,
2373 _In_ ULONG Protect);
2374
2375 __kernel_entry
2376 NTSYSCALLAPI
2377 NTSTATUS
2378 NTAPI
2379 NtFreeVirtualMemory(
2380 _In_ HANDLE ProcessHandle,
2381 _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
2382 _Inout_ PSIZE_T RegionSize,
2383 _In_ ULONG FreeType);
2384
2385 #endif
2386
2387 #if (NTDDI_VERSION >= NTDDI_WINXP)
2388
2389 _Must_inspect_result_
2390 __kernel_entry
2391 NTSYSCALLAPI
2392 NTSTATUS
2393 NTAPI
2394 NtOpenThreadTokenEx(
2395 _In_ HANDLE ThreadHandle,
2396 _In_ ACCESS_MASK DesiredAccess,
2397 _In_ BOOLEAN OpenAsSelf,
2398 _In_ ULONG HandleAttributes,
2399 _Out_ PHANDLE TokenHandle);
2400
2401 _Must_inspect_result_
2402 __kernel_entry
2403 NTSYSCALLAPI
2404 NTSTATUS
2405 NTAPI
2406 NtOpenProcessTokenEx(
2407 _In_ HANDLE ProcessHandle,
2408 _In_ ACCESS_MASK DesiredAccess,
2409 _In_ ULONG HandleAttributes,
2410 _Out_ PHANDLE TokenHandle);
2411
2412 _Must_inspect_result_
2413 NTSYSAPI
2414 NTSTATUS
2415 NTAPI
2416 NtOpenJobObjectToken(
2417 _In_ HANDLE JobHandle,
2418 _In_ ACCESS_MASK DesiredAccess,
2419 _Out_ PHANDLE TokenHandle);
2420
2421 _Must_inspect_result_
2422 __kernel_entry
2423 NTSYSCALLAPI
2424 NTSTATUS
2425 NTAPI
2426 NtDuplicateToken(
2427 _In_ HANDLE ExistingTokenHandle,
2428 _In_ ACCESS_MASK DesiredAccess,
2429 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2430 _In_ BOOLEAN EffectiveOnly,
2431 _In_ TOKEN_TYPE TokenType,
2432 _Out_ PHANDLE NewTokenHandle);
2433
2434 _Must_inspect_result_
2435 __kernel_entry
2436 NTSYSCALLAPI
2437 NTSTATUS
2438 NTAPI
2439 NtFilterToken(
2440 _In_ HANDLE ExistingTokenHandle,
2441 _In_ ULONG Flags,
2442 _In_opt_ PTOKEN_GROUPS SidsToDisable,
2443 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
2444 _In_opt_ PTOKEN_GROUPS RestrictedSids,
2445 _Out_ PHANDLE NewTokenHandle);
2446
2447 _Must_inspect_result_
2448 __kernel_entry
2449 NTSYSCALLAPI
2450 NTSTATUS
2451 NTAPI
2452 NtImpersonateAnonymousToken(
2453 _In_ HANDLE ThreadHandle);
2454
2455 _Must_inspect_result_
2456 __kernel_entry
2457 NTSYSCALLAPI
2458 NTSTATUS
2459 NTAPI
2460 NtSetInformationToken(
2461 _In_ HANDLE TokenHandle,
2462 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2463 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
2464 _In_ ULONG TokenInformationLength);
2465
2466 _Must_inspect_result_
2467 __kernel_entry
2468 NTSYSCALLAPI
2469 NTSTATUS
2470 NTAPI
2471 NtAdjustGroupsToken(
2472 _In_ HANDLE TokenHandle,
2473 _In_ BOOLEAN ResetToDefault,
2474 _In_opt_ PTOKEN_GROUPS NewState,
2475 _In_opt_ ULONG BufferLength,
2476 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
2477 _Out_ PULONG ReturnLength);
2478
2479 _Must_inspect_result_
2480 __kernel_entry
2481 NTSYSCALLAPI
2482 NTSTATUS
2483 NTAPI
2484 NtPrivilegeCheck(
2485 _In_ HANDLE ClientToken,
2486 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
2487 _Out_ PBOOLEAN Result);
2488
2489 _Must_inspect_result_
2490 __kernel_entry
2491 NTSYSCALLAPI
2492 NTSTATUS
2493 NTAPI
2494 NtAccessCheckAndAuditAlarm(
2495 _In_ PUNICODE_STRING SubsystemName,
2496 _In_opt_ PVOID HandleId,
2497 _In_ PUNICODE_STRING ObjectTypeName,
2498 _In_ PUNICODE_STRING ObjectName,
2499 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2500 _In_ ACCESS_MASK DesiredAccess,
2501 _In_ PGENERIC_MAPPING GenericMapping,
2502 _In_ BOOLEAN ObjectCreation,
2503 _Out_ PACCESS_MASK GrantedAccess,
2504 _Out_ PNTSTATUS AccessStatus,
2505 _Out_ PBOOLEAN GenerateOnClose);
2506
2507 _Must_inspect_result_
2508 __kernel_entry
2509 NTSYSCALLAPI
2510 NTSTATUS
2511 NTAPI
2512 NtAccessCheckByTypeAndAuditAlarm(
2513 _In_ PUNICODE_STRING SubsystemName,
2514 _In_opt_ PVOID HandleId,
2515 _In_ PUNICODE_STRING ObjectTypeName,
2516 _In_ PUNICODE_STRING ObjectName,
2517 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2518 _In_opt_ PSID PrincipalSelfSid,
2519 _In_ ACCESS_MASK DesiredAccess,
2520 _In_ AUDIT_EVENT_TYPE AuditType,
2521 _In_ ULONG Flags,
2522 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
2523 _In_ ULONG ObjectTypeLength,
2524 _In_ PGENERIC_MAPPING GenericMapping,
2525 _In_ BOOLEAN ObjectCreation,
2526 _Out_ PACCESS_MASK GrantedAccess,
2527 _Out_ PNTSTATUS AccessStatus,
2528 _Out_ PBOOLEAN GenerateOnClose);
2529
2530 _Must_inspect_result_
2531 __kernel_entry
2532 NTSYSCALLAPI
2533 NTSTATUS
2534 NTAPI
2535 NtAccessCheckByTypeResultListAndAuditAlarm(
2536 _In_ PUNICODE_STRING SubsystemName,
2537 _In_opt_ PVOID HandleId,
2538 _In_ PUNICODE_STRING ObjectTypeName,
2539 _In_ PUNICODE_STRING ObjectName,
2540 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2541 _In_opt_ PSID PrincipalSelfSid,
2542 _In_ ACCESS_MASK DesiredAccess,
2543 _In_ AUDIT_EVENT_TYPE AuditType,
2544 _In_ ULONG Flags,
2545 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2546 _In_ ULONG ObjectTypeListLength,
2547 _In_ PGENERIC_MAPPING GenericMapping,
2548 _In_ BOOLEAN ObjectCreation,
2549 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2550 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2551 _Out_ PBOOLEAN GenerateOnClose);
2552
2553 _Must_inspect_result_
2554 __kernel_entry
2555 NTSYSCALLAPI
2556 NTSTATUS
2557 NTAPI
2558 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
2559 _In_ PUNICODE_STRING SubsystemName,
2560 _In_opt_ PVOID HandleId,
2561 _In_ HANDLE ClientToken,
2562 _In_ PUNICODE_STRING ObjectTypeName,
2563 _In_ PUNICODE_STRING ObjectName,
2564 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2565 _In_opt_ PSID PrincipalSelfSid,
2566 _In_ ACCESS_MASK DesiredAccess,
2567 _In_ AUDIT_EVENT_TYPE AuditType,
2568 _In_ ULONG Flags,
2569 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2570 _In_ ULONG ObjectTypeListLength,
2571 _In_ PGENERIC_MAPPING GenericMapping,
2572 _In_ BOOLEAN ObjectCreation,
2573 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2574 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2575 _Out_ PBOOLEAN GenerateOnClose);
2576
2577 __kernel_entry
2578 NTSYSCALLAPI
2579 NTSTATUS
2580 NTAPI
2581 NtOpenObjectAuditAlarm(
2582 _In_ PUNICODE_STRING SubsystemName,
2583 _In_opt_ PVOID HandleId,
2584 _In_ PUNICODE_STRING ObjectTypeName,
2585 _In_ PUNICODE_STRING ObjectName,
2586 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2587 _In_ HANDLE ClientToken,
2588 _In_ ACCESS_MASK DesiredAccess,
2589 _In_ ACCESS_MASK GrantedAccess,
2590 _In_opt_ PPRIVILEGE_SET Privileges,
2591 _In_ BOOLEAN ObjectCreation,
2592 _In_ BOOLEAN AccessGranted,
2593 _Out_ PBOOLEAN GenerateOnClose);
2594
2595 __kernel_entry
2596 NTSYSCALLAPI
2597 NTSTATUS
2598 NTAPI
2599 NtPrivilegeObjectAuditAlarm(
2600 _In_ PUNICODE_STRING SubsystemName,
2601 _In_opt_ PVOID HandleId,
2602 _In_ HANDLE ClientToken,
2603 _In_ ACCESS_MASK DesiredAccess,
2604 _In_ PPRIVILEGE_SET Privileges,
2605 _In_ BOOLEAN AccessGranted);
2606
2607 __kernel_entry
2608 NTSYSCALLAPI
2609 NTSTATUS
2610 NTAPI
2611 NtCloseObjectAuditAlarm(
2612 _In_ PUNICODE_STRING SubsystemName,
2613 _In_opt_ PVOID HandleId,
2614 _In_ BOOLEAN GenerateOnClose);
2615
2616 __kernel_entry
2617 NTSYSCALLAPI
2618 NTSTATUS
2619 NTAPI
2620 NtDeleteObjectAuditAlarm(
2621 _In_ PUNICODE_STRING SubsystemName,
2622 _In_opt_ PVOID HandleId,
2623 _In_ BOOLEAN GenerateOnClose);
2624
2625 __kernel_entry
2626 NTSYSCALLAPI
2627 NTSTATUS
2628 NTAPI
2629 NtPrivilegedServiceAuditAlarm(
2630 _In_ PUNICODE_STRING SubsystemName,
2631 _In_ PUNICODE_STRING ServiceName,
2632 _In_ HANDLE ClientToken,
2633 _In_ PPRIVILEGE_SET Privileges,
2634 _In_ BOOLEAN AccessGranted);
2635
2636 __kernel_entry
2637 NTSYSCALLAPI
2638 NTSTATUS
2639 NTAPI
2640 NtSetInformationThread(
2641 _In_ HANDLE ThreadHandle,
2642 _In_ THREADINFOCLASS ThreadInformationClass,
2643 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
2644 _In_ ULONG ThreadInformationLength);
2645
2646 _Must_inspect_result_
2647 __kernel_entry
2648 NTSYSCALLAPI
2649 NTSTATUS
2650 NTAPI
2651 NtCreateSection(
2652 _Out_ PHANDLE SectionHandle,
2653 _In_ ACCESS_MASK DesiredAccess,
2654 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2655 _In_opt_ PLARGE_INTEGER MaximumSize,
2656 _In_ ULONG SectionPageProtection,
2657 _In_ ULONG AllocationAttributes,
2658 _In_opt_ HANDLE FileHandle);
2659
2660 #endif
2661
2662 #define COMPRESSION_FORMAT_NONE (0x0000)
2663 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2664 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2665 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2666 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2667 #define COMPRESSION_ENGINE_HIBER (0x0200)
2668
2669 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2670
2671 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2672
2673 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2674 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2675
2676 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
2677
2678 typedef enum _SECURITY_LOGON_TYPE {
2679 UndefinedLogonType = 0,
2680 Interactive = 2,
2681 Network,
2682 Batch,
2683 Service,
2684 Proxy,
2685 Unlock,
2686 NetworkCleartext,
2687 NewCredentials,
2688 #if (_WIN32_WINNT >= 0x0501)
2689 RemoteInteractive,
2690 CachedInteractive,
2691 #endif
2692 #if (_WIN32_WINNT >= 0x0502)
2693 CachedRemoteInteractive,
2694 CachedUnlock
2695 #endif
2696 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
2697
2698 #ifndef _NTLSA_AUDIT_
2699 #define _NTLSA_AUDIT_
2700
2701 #ifndef GUID_DEFINED
2702 #include <guiddef.h>
2703 #endif
2704
2705 #endif /* _NTLSA_AUDIT_ */
2706
2707 _IRQL_requires_same_
2708 _IRQL_requires_max_(PASSIVE_LEVEL)
2709 NTSTATUS
2710 NTAPI
2711 LsaRegisterLogonProcess(
2712 _In_ PLSA_STRING LogonProcessName,
2713 _Out_ PHANDLE LsaHandle,
2714 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
2715
2716 _IRQL_requires_same_
2717 _IRQL_requires_max_(PASSIVE_LEVEL)
2718 NTSTATUS
2719 NTAPI
2720 LsaLogonUser(
2721 _In_ HANDLE LsaHandle,
2722 _In_ PLSA_STRING OriginName,
2723 _In_ SECURITY_LOGON_TYPE LogonType,
2724 _In_ ULONG AuthenticationPackage,
2725 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
2726 _In_ ULONG AuthenticationInformationLength,
2727 _In_opt_ PTOKEN_GROUPS LocalGroups,
2728 _In_ PTOKEN_SOURCE SourceContext,
2729 _Out_ PVOID *ProfileBuffer,
2730 _Out_ PULONG ProfileBufferLength,
2731 _Inout_ PLUID LogonId,
2732 _Out_ PHANDLE Token,
2733 _Out_ PQUOTA_LIMITS Quotas,
2734 _Out_ PNTSTATUS SubStatus);
2735
2736 _IRQL_requires_same_
2737 NTSTATUS
2738 NTAPI
2739 LsaFreeReturnBuffer(
2740 _In_ PVOID Buffer);
2741
2742 #ifndef _NTLSA_IFS_
2743 #define _NTLSA_IFS_
2744 #endif
2745
2746 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2747 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2748 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2749
2750 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2751 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2752
2753 #define MSV1_0_CHALLENGE_LENGTH 8
2754 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2755 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2756
2757 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2758 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2759 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2760 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2761 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2762 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2763 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2764 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2765 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2766 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2767 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2768
2769 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2770 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2771
2772 #if (_WIN32_WINNT >= 0x0502)
2773 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2774 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2775 #endif
2776
2777 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2778 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2779
2780 #if (_WIN32_WINNT >= 0x0600)
2781 #define MSV1_0_S4U2SELF 0x00020000
2782 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2783 #endif
2784
2785 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2786 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2787 #define MSV1_0_MNS_LOGON 0x01000000
2788
2789 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2790 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2791
2792 #define LOGON_GUEST 0x01
2793 #define LOGON_NOENCRYPTION 0x02
2794 #define LOGON_CACHED_ACCOUNT 0x04
2795 #define LOGON_USED_LM_PASSWORD 0x08
2796 #define LOGON_EXTRA_SIDS 0x20
2797 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2798 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2799 #define LOGON_NTLMV2_ENABLED 0x100
2800 #define LOGON_RESOURCE_GROUPS 0x200
2801 #define LOGON_PROFILE_PATH_RETURNED 0x400
2802 #define LOGON_NT_V2 0x800
2803 #define LOGON_LM_V2 0x1000
2804 #define LOGON_NTLM_V2 0x2000
2805
2806 #if (_WIN32_WINNT >= 0x0600)
2807
2808 #define LOGON_OPTIMIZED 0x4000
2809 #define LOGON_WINLOGON 0x8000
2810 #define LOGON_PKINIT 0x10000
2811 #define LOGON_NO_OPTIMIZED 0x20000
2812
2813 #endif
2814
2815 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2816
2817 #define LOGON_GRACE_LOGON 0x01000000
2818
2819 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2820 #define MSV1_0_CRED_LM_PRESENT 0x1
2821 #define MSV1_0_CRED_NT_PRESENT 0x2
2822 #define MSV1_0_CRED_VERSION 0
2823
2824 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2825 #define MSV1_0_NTLM3_OWF_LENGTH 16
2826
2827 #if (_WIN32_WINNT == 0x0500)
2828 #define MSV1_0_MAX_NTLM3_LIFE 1800
2829 #else
2830 #define MSV1_0_MAX_NTLM3_LIFE 129600
2831 #endif
2832 #define MSV1_0_MAX_AVL_SIZE 64000
2833
2834 #if (_WIN32_WINNT >= 0x0501)
2835
2836 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2837
2838 #if (_WIN32_WINNT >= 0x0600)
2839 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2840 #endif
2841
2842 #endif
2843
2844 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2845
2846 #if(_WIN32_WINNT >= 0x0502)
2847 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2848 #endif
2849
2850 #define USE_PRIMARY_PASSWORD 0x01
2851 #define RETURN_PRIMARY_USERNAME 0x02
2852 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2853 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2854 #define GENERATE_CLIENT_CHALLENGE 0x10
2855 #define GCR_NTLM3_PARMS 0x20
2856 #define GCR_TARGET_INFO 0x40
2857 #define RETURN_RESERVED_PARAMETER 0x80
2858 #define GCR_ALLOW_NTLM 0x100
2859 #define GCR_USE_OEM_SET 0x200
2860 #define GCR_MACHINE_CREDENTIAL 0x400
2861 #define GCR_USE_OWF_PASSWORD 0x800
2862 #define GCR_ALLOW_LM 0x1000
2863 #define GCR_ALLOW_NO_TARGET 0x2000
2864
2865 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
2866 MsV1_0InteractiveLogon = 2,
2867 MsV1_0Lm20Logon,
2868 MsV1_0NetworkLogon,
2869 MsV1_0SubAuthLogon,
2870 MsV1_0WorkstationUnlockLogon = 7,
2871 MsV1_0S4ULogon = 12,
2872 MsV1_0VirtualLogon = 82
2873 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
2874
2875 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
2876 MsV1_0InteractiveProfile = 2,
2877 MsV1_0Lm20LogonProfile,
2878 MsV1_0SmartCardProfile
2879 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
2880
2881 typedef struct _MSV1_0_INTERACTIVE_LOGON {
2882 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2883 UNICODE_STRING LogonDomainName;
2884 UNICODE_STRING UserName;
2885 UNICODE_STRING Password;
2886 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
2887
2888 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
2889 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2890 USHORT LogonCount;
2891 USHORT BadPasswordCount;
2892 LARGE_INTEGER LogonTime;
2893 LARGE_INTEGER LogoffTime;
2894 LARGE_INTEGER KickOffTime;
2895 LARGE_INTEGER PasswordLastSet;
2896 LARGE_INTEGER PasswordCanChange;
2897 LARGE_INTEGER PasswordMustChange;
2898 UNICODE_STRING LogonScript;
2899 UNICODE_STRING HomeDirectory;
2900 UNICODE_STRING FullName;
2901 UNICODE_STRING ProfilePath;
2902 UNICODE_STRING HomeDirectoryDrive;
2903 UNICODE_STRING LogonServer;
2904 ULONG UserFlags;
2905 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
2906
2907 typedef struct _MSV1_0_LM20_LOGON {
2908 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2909 UNICODE_STRING LogonDomainName;
2910 UNICODE_STRING UserName;
2911 UNICODE_STRING Workstation;
2912 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2913 STRING CaseSensitiveChallengeResponse;
2914 STRING CaseInsensitiveChallengeResponse;
2915 ULONG ParameterControl;
2916 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
2917
2918 typedef struct _MSV1_0_SUBAUTH_LOGON {
2919 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2920 UNICODE_STRING LogonDomainName;
2921 UNICODE_STRING UserName;
2922 UNICODE_STRING Workstation;
2923 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2924 STRING AuthenticationInfo1;
2925 STRING AuthenticationInfo2;
2926 ULONG ParameterControl;
2927 ULONG SubAuthPackageId;
2928 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
2929
2930 #if (_WIN32_WINNT >= 0x0600)
2931
2932 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2933
2934 typedef struct _MSV1_0_S4U_LOGON {
2935 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2936 ULONG Flags;
2937 UNICODE_STRING UserPrincipalName;
2938 UNICODE_STRING DomainName;
2939 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
2940
2941 #endif
2942
2943 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
2944 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2945 LARGE_INTEGER KickOffTime;
2946 LARGE_INTEGER LogoffTime;
2947 ULONG UserFlags;
2948 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
2949 UNICODE_STRING LogonDomainName;
2950 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
2951 UNICODE_STRING LogonServer;
2952 UNICODE_STRING UserParameters;
2953 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
2954
2955 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
2956 ULONG Version;
2957 ULONG Flags;
2958 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2959 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2960 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
2961
2962 typedef struct _MSV1_0_NTLM3_RESPONSE {
2963 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
2964 UCHAR RespType;
2965 UCHAR HiRespType;
2966 USHORT Flags;
2967 ULONG MsgWord;
2968 ULONGLONG TimeStamp;
2969 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
2970 ULONG AvPairsOff;
2971 UCHAR Buffer[1];
2972 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
2973
2974 typedef enum _MSV1_0_AVID {
2975 MsvAvEOL,
2976 MsvAvNbComputerName,
2977 MsvAvNbDomainName,
2978 MsvAvDnsComputerName,
2979 MsvAvDnsDomainName,
2980 #if (_WIN32_WINNT >= 0x0501)
2981 MsvAvDnsTreeName,
2982 MsvAvFlags,
2983 #if (_WIN32_WINNT >= 0x0600)
2984 MsvAvTimestamp,
2985 MsvAvRestrictions,
2986 MsvAvTargetName,
2987 MsvAvChannelBindings,
2988 #endif
2989 #endif
2990 } MSV1_0_AVID;
2991
2992 typedef struct _MSV1_0_AV_PAIR {
2993 USHORT AvId;
2994 USHORT AvLen;
2995 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
2996
2997 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
2998 MsV1_0Lm20ChallengeRequest = 0,
2999 MsV1_0Lm20GetChallengeResponse,
3000 MsV1_0EnumerateUsers,
3001 MsV1_0GetUserInfo,
3002 MsV1_0ReLogonUsers,
3003 MsV1_0ChangePassword,
3004 MsV1_0ChangeCachedPassword,
3005 MsV1_0GenericPassthrough,
3006 MsV1_0CacheLogon,
3007 MsV1_0SubAuth,
3008 MsV1_0DeriveCredential,
3009 MsV1_0CacheLookup,
3010 #if (_WIN32_WINNT >= 0x0501)
3011 MsV1_0SetProcessOption,
3012 #endif
3013 #if (_WIN32_WINNT >= 0x0600)
3014 MsV1_0ConfigLocalAliases,
3015 MsV1_0ClearCachedCredentials,
3016 #endif
3017 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
3018
3019 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
3020 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3021 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
3022
3023 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
3024 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3025 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3026 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
3027
3028 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
3029 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3030 ULONG ParameterControl;
3031 LUID LogonId;
3032 UNICODE_STRING Password;
3033 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3034 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
3035
3036 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
3037 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3038 ULONG ParameterControl;
3039 LUID LogonId;
3040 UNICODE_STRING Password;
3041 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3042 UNICODE_STRING UserName;
3043 UNICODE_STRING LogonDomainName;
3044 UNICODE_STRING ServerName;
3045 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
3046
3047 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
3048 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3049 STRING CaseSensitiveChallengeResponse;
3050 STRING CaseInsensitiveChallengeResponse;
3051 UNICODE_STRING UserName;
3052 UNICODE_STRING LogonDomainName;
3053 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
3054 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
3055 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
3056
3057 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
3058 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3059 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
3060
3061 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
3062 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3063 ULONG NumberOfLoggedOnUsers;
3064 PLUID LogonIds;
3065 PULONG EnumHandles;
3066 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
3067
3068 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
3069 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3070 LUID LogonId;
3071 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
3072
3073 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
3074 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3075 PSID UserSid;
3076 UNICODE_STRING UserName;
3077 UNICODE_STRING LogonDomainName;
3078 UNICODE_STRING LogonServer;
3079 SECURITY_LOGON_TYPE LogonType;
3080 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
3081
3082
3083
3084 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
3085 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
3086 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
3087
3088 /* also in winnt.h */
3089 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
3090 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
3091 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
3092 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
3093 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
3094 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
3095 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
3096 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
3097 #define FILE_NOTIFY_CHANGE_EA 0x00000080
3098 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
3099 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
3100 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
3101 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
3102 #define FILE_NOTIFY_VALID_MASK 0x00000fff
3103
3104 #define FILE_ACTION_ADDED 0x00000001
3105 #define FILE_ACTION_REMOVED 0x00000002
3106 #define FILE_ACTION_MODIFIED 0x00000003
3107 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
3108 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
3109 #define FILE_ACTION_ADDED_STREAM 0x00000006
3110 #define FILE_ACTION_REMOVED_STREAM 0x00000007
3111 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
3112 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
3113 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
3114 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
3115 /* end winnt.h */
3116
3117 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
3118 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
3119
3120 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3121 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3122
3123 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3124 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3125 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
3126
3127 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
3128 #define FILE_PIPE_MESSAGE_MODE 0x00000001
3129
3130 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
3131 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
3132
3133 #define FILE_PIPE_INBOUND 0x00000000
3134 #define FILE_PIPE_OUTBOUND 0x00000001
3135 #define FILE_PIPE_FULL_DUPLEX 0x00000002
3136
3137 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
3138 #define FILE_PIPE_LISTENING_STATE 0x00000002
3139 #define FILE_PIPE_CONNECTED_STATE 0x00000003
3140 #define FILE_PIPE_CLOSING_STATE 0x00000004
3141
3142 #define FILE_PIPE_CLIENT_END 0x00000000
3143 #define FILE_PIPE_SERVER_END 0x00000001
3144
3145 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
3146 #define FILE_CASE_PRESERVED_NAMES 0x00000002
3147 #define FILE_UNICODE_ON_DISK 0x00000004
3148 #define FILE_PERSISTENT_ACLS 0x00000008
3149 #define FILE_FILE_COMPRESSION 0x00000010
3150 #define FILE_VOLUME_QUOTAS 0x00000020
3151 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
3152 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
3153 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
3154 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
3155 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
3156 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
3157 #define FILE_NAMED_STREAMS 0x00040000
3158 #define FILE_READ_ONLY_VOLUME 0x00080000
3159 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
3160 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
3161 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
3162 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
3163 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
3164 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
3165
3166 #define FILE_NEED_EA 0x00000080
3167
3168 #define FILE_EA_TYPE_BINARY 0xfffe
3169 #define FILE_EA_TYPE_ASCII 0xfffd
3170 #define FILE_EA_TYPE_BITMAP 0xfffb
3171 #define FILE_EA_TYPE_METAFILE 0xfffa
3172 #define FILE_EA_TYPE_ICON 0xfff9
3173 #define FILE_EA_TYPE_EA 0xffee
3174 #define FILE_EA_TYPE_MVMT 0xffdf
3175 #define FILE_EA_TYPE_MVST 0xffde
3176 #define FILE_EA_TYPE_ASN1 0xffdd
3177 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3178
3179 typedef struct _FILE_NOTIFY_INFORMATION {
3180 ULONG NextEntryOffset;
3181 ULONG Action;
3182 ULONG FileNameLength;
3183 WCHAR FileName[1];
3184 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
3185
3186 typedef struct _FILE_DIRECTORY_INFORMATION {
3187 ULONG NextEntryOffset;
3188 ULONG FileIndex;
3189 LARGE_INTEGER CreationTime;
3190 LARGE_INTEGER LastAccessTime;
3191 LARGE_INTEGER LastWriteTime;
3192 LARGE_INTEGER ChangeTime;
3193 LARGE_INTEGER EndOfFile;
3194 LARGE_INTEGER AllocationSize;
3195 ULONG FileAttributes;
3196 ULONG FileNameLength;
3197 WCHAR FileName[1];
3198 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
3199
3200 typedef struct _FILE_FULL_DIR_INFORMATION {
3201 ULONG NextEntryOffset;
3202 ULONG FileIndex;
3203 LARGE_INTEGER CreationTime;
3204 LARGE_INTEGER LastAccessTime;
3205 LARGE_INTEGER LastWriteTime;
3206 LARGE_INTEGER ChangeTime;
3207 LARGE_INTEGER EndOfFile;
3208 LARGE_INTEGER AllocationSize;
3209 ULONG FileAttributes;
3210 ULONG FileNameLength;
3211 ULONG EaSize;
3212 WCHAR FileName[1];
3213 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
3214
3215 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
3216 ULONG NextEntryOffset;
3217 ULONG FileIndex;
3218 LARGE_INTEGER CreationTime;
3219 LARGE_INTEGER LastAccessTime;
3220 LARGE_INTEGER LastWriteTime;
3221 LARGE_INTEGER ChangeTime;
3222 LARGE_INTEGER EndOfFile;
3223 LARGE_INTEGER AllocationSize;
3224 ULONG FileAttributes;
3225 ULONG FileNameLength;
3226 ULONG EaSize;
3227 LARGE_INTEGER FileId;
3228 WCHAR FileName[1];
3229 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
3230
3231 typedef struct _FILE_BOTH_DIR_INFORMATION {
3232 ULONG NextEntryOffset;
3233 ULONG FileIndex;
3234 LARGE_INTEGER CreationTime;
3235 LARGE_INTEGER LastAccessTime;
3236 LARGE_INTEGER LastWriteTime;
3237 LARGE_INTEGER ChangeTime;
3238 LARGE_INTEGER EndOfFile;
3239 LARGE_INTEGER AllocationSize;
3240 ULONG FileAttributes;
3241 ULONG FileNameLength;
3242 ULONG EaSize;
3243 CCHAR ShortNameLength;
3244 WCHAR ShortName[12];
3245 WCHAR FileName[1];
3246 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
3247
3248 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
3249 ULONG NextEntryOffset;
3250 ULONG FileIndex;
3251 LARGE_INTEGER CreationTime;
3252 LARGE_INTEGER LastAccessTime;
3253 LARGE_INTEGER LastWriteTime;
3254 LARGE_INTEGER ChangeTime;
3255 LARGE_INTEGER EndOfFile;
3256 LARGE_INTEGER AllocationSize;
3257 ULONG FileAttributes;
3258 ULONG FileNameLength;
3259 ULONG EaSize;
3260 CCHAR ShortNameLength;
3261 WCHAR ShortName[12];
3262 LARGE_INTEGER FileId;
3263 WCHAR FileName[1];
3264 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
3265
3266 typedef struct _FILE_NAMES_INFORMATION {
3267 ULONG NextEntryOffset;
3268 ULONG FileIndex;
3269 ULONG FileNameLength;
3270 WCHAR FileName[1];
3271 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
3272
3273 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
3274 ULONG NextEntryOffset;
3275 ULONG FileIndex;
3276 LARGE_INTEGER CreationTime;
3277 LARGE_INTEGER LastAccessTime;
3278 LARGE_INTEGER LastWriteTime;
3279 LARGE_INTEGER ChangeTime;
3280 LARGE_INTEGER EndOfFile;
3281 LARGE_INTEGER AllocationSize;
3282 ULONG FileAttributes;
3283 ULONG FileNameLength;
3284 LARGE_INTEGER FileId;
3285 GUID LockingTransactionId;
3286 ULONG TxInfoFlags;
3287 WCHAR FileName[1];
3288 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
3289
3290 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3291 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3292 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3293
3294 typedef struct _FILE_OBJECTID_INFORMATION {
3295 LONGLONG FileReference;
3296 UCHAR ObjectId[16];
3297 _ANONYMOUS_UNION union {
3298 _ANONYMOUS_STRUCT struct {
3299 UCHAR BirthVolumeId[16];
3300 UCHAR BirthObjectId[16];
3301 UCHAR DomainId[16];
3302 } DUMMYSTRUCTNAME;
3303 UCHAR ExtendedInfo[48];
3304 } DUMMYUNIONNAME;
3305 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
3306
3307 #define ANSI_DOS_STAR ('<')
3308 #define ANSI_DOS_QM ('>')
3309 #define ANSI_DOS_DOT ('"')
3310
3311 #define DOS_STAR (L'<')
3312 #define DOS_QM (L'>')
3313 #define DOS_DOT (L'"')
3314
3315 typedef struct _FILE_INTERNAL_INFORMATION {
3316 LARGE_INTEGER IndexNumber;
3317 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
3318
3319 typedef struct _FILE_EA_INFORMATION {
3320 ULONG EaSize;
3321 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
3322
3323 typedef struct _FILE_ACCESS_INFORMATION {
3324 ACCESS_MASK AccessFlags;
3325 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
3326
3327 typedef struct _FILE_MODE_INFORMATION {
3328 ULONG Mode;
3329 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
3330
3331 typedef struct _FILE_ALL_INFORMATION {
3332 FILE_BASIC_INFORMATION BasicInformation;
3333 FILE_STANDARD_INFORMATION StandardInformation;
3334 FILE_INTERNAL_INFORMATION InternalInformation;
3335 FILE_EA_INFORMATION EaInformation;
3336 FILE_ACCESS_INFORMATION AccessInformation;
3337 FILE_POSITION_INFORMATION PositionInformation;
3338 FILE_MODE_INFORMATION ModeInformation;
3339 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
3340 FILE_NAME_INFORMATION NameInformation;
3341 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
3342
3343 typedef struct _FILE_ALLOCATION_INFORMATION {
3344 LARGE_INTEGER AllocationSize;
3345 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
3346
3347 typedef struct _FILE_COMPRESSION_INFORMATION {
3348 LARGE_INTEGER CompressedFileSize;
3349 USHORT CompressionFormat;
3350 UCHAR CompressionUnitShift;
3351 UCHAR ChunkShift;
3352 UCHAR ClusterShift;
3353 UCHAR Reserved[3];
3354 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
3355
3356 typedef struct _FILE_LINK_INFORMATION {
3357 BOOLEAN ReplaceIfExists;
3358 HANDLE RootDirectory;
3359 ULONG FileNameLength;
3360 WCHAR FileName[1];
3361 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
3362
3363 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
3364 ULONG ClusterCount;
3365 HANDLE RootDirectory;
3366 ULONG FileNameLength;
3367 WCHAR FileName[1];
3368 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
3369
3370 typedef struct _FILE_RENAME_INFORMATION {
3371 BOOLEAN ReplaceIfExists;
3372 HANDLE RootDirectory;
3373 ULONG FileNameLength;
3374 WCHAR FileName[1];
3375 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
3376
3377 typedef struct _FILE_STREAM_INFORMATION {
3378 ULONG NextEntryOffset;
3379 ULONG StreamNameLength;
3380 LARGE_INTEGER StreamSize;
3381 LARGE_INTEGER StreamAllocationSize;
3382 WCHAR StreamName[1];
3383 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
3384
3385 typedef struct _FILE_TRACKING_INFORMATION {
3386 HANDLE DestinationFile;
3387 ULONG ObjectInformationLength;
3388 CHAR ObjectInformation[1];
3389 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
3390
3391 typedef struct _FILE_COMPLETION_INFORMATION {
3392 HANDLE Port;
3393 PVOID Key;
3394 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
3395
3396 typedef struct _FILE_PIPE_INFORMATION {
3397 ULONG ReadMode;
3398 ULONG CompletionMode;
3399 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
3400
3401 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
3402 ULONG NamedPipeType;
3403 ULONG NamedPipeConfiguration;
3404 ULONG MaximumInstances;
3405 ULONG CurrentInstances;
3406 ULONG InboundQuota;
3407 ULONG ReadDataAvailable;
3408 ULONG OutboundQuota;
3409 ULONG WriteQuotaAvailable;
3410 ULONG NamedPipeState;
3411 ULONG NamedPipeEnd;
3412 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
3413
3414 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
3415 LARGE_INTEGER CollectDataTime;
3416 ULONG MaximumCollectionCount;
3417 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
3418
3419 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
3420 ULONG MaximumMessageSize;
3421 ULONG MailslotQuota;
3422 ULONG NextMessageSize;
3423 ULONG MessagesAvailable;
3424 LARGE_INTEGER ReadTimeout;
3425 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
3426
3427 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
3428 PLARGE_INTEGER ReadTimeout;
3429 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
3430
3431 typedef struct _FILE_REPARSE_POINT_INFORMATION {
3432 LONGLONG FileReference;
3433 ULONG Tag;
3434 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
3435
3436 typedef struct _FILE_LINK_ENTRY_INFORMATION {
3437 ULONG NextEntryOffset;
3438 LONGLONG ParentFileId;
3439 ULONG FileNameLength;
3440 WCHAR FileName[1];
3441 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
3442
3443 typedef struct _FILE_LINKS_INFORMATION {
3444 ULONG BytesNeeded;
3445 ULONG EntriesReturned;
3446 FILE_LINK_ENTRY_INFORMATION Entry;
3447 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
3448
3449 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
3450 ULONG FileNameLength;
3451 WCHAR FileName[1];
3452 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
3453
3454 typedef struct _FILE_STANDARD_LINK_INFORMATION {
3455 ULONG NumberOfAccessibleLinks;
3456 ULONG TotalNumberOfLinks;
3457 BOOLEAN DeletePending;
3458 BOOLEAN Directory;
3459 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
3460
3461 typedef struct _FILE_GET_EA_INFORMATION {
3462 ULONG NextEntryOffset;
3463 UCHAR EaNameLength;
3464 CHAR EaName[1];
3465 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
3466
3467 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3468 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3469
3470 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
3471 USHORT StructureVersion;
3472 USHORT StructureSize;
3473 ULONG Protocol;
3474 USHORT ProtocolMajorVersion;
3475 USHORT ProtocolMinorVersion;
3476 USHORT ProtocolRevision;
3477 USHORT Reserved;
3478 ULONG Flags;
3479 struct {
3480 ULONG Reserved[8];
3481 } GenericReserved;
3482 struct {
3483 ULONG Reserved[16];
3484 } ProtocolSpecificReserved;
3485 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
3486
3487 typedef struct _FILE_GET_QUOTA_INFORMATION {
3488 ULONG NextEntryOffset;
3489 ULONG SidLength;
3490 SID Sid;
3491 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
3492
3493 typedef struct _FILE_QUOTA_INFORMATION {
3494 ULONG NextEntryOffset;
3495 ULONG SidLength;
3496 LARGE_INTEGER ChangeTime;
3497 LARGE_INTEGER QuotaUsed;
3498 LARGE_INTEGER QuotaThreshold;
3499 LARGE_INTEGER QuotaLimit;
3500 SID Sid;
3501 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
3502
3503 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
3504 ULONG FileSystemAttributes;
3505 ULONG MaximumComponentNameLength;
3506 ULONG FileSystemNameLength;
3507 WCHAR FileSystemName[1];
3508 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
3509
3510 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
3511 BOOLEAN DriverInPath;
3512 ULONG DriverNameLength;
3513 WCHAR DriverName[1];
3514 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
3515
3516 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
3517 ULONG Flags;
3518 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
3519
3520 #define FILE_VC_QUOTA_NONE 0x00000000
3521 #define FILE_VC_QUOTA_TRACK 0x00000001
3522 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3523 #define FILE_VC_QUOTA_MASK 0x00000003
3524 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3525 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3526 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3527 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3528 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3529 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3530 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3531 #define FILE_VC_VALID_MASK 0x000003ff
3532
3533 typedef struct _FILE_FS_CONTROL_INFORMATION {
3534 LARGE_INTEGER FreeSpaceStartFiltering;
3535 LARGE_INTEGER FreeSpaceThreshold;
3536 LARGE_INTEGER FreeSpaceStopFiltering;
3537 LARGE_INTEGER DefaultQuotaThreshold;
3538 LARGE_INTEGER DefaultQuotaLimit;
3539 ULONG FileSystemControlFlags;
3540 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
3541
3542 #ifndef _FILESYSTEMFSCTL_
3543 #define _FILESYSTEMFSCTL_
3544
3545 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3546 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3547 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3548 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3549 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3550 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3551 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3552 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3553 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3554 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3555 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3556 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3557 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3558 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3559 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3560 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3561
3562 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3563 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3564 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3565 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3566 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3567
3568 #if (_WIN32_WINNT >= 0x0400)
3569
3570 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3571 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3572 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3573 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3574 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
3575 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3576 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3577
3578 #endif
3579
3580 #if (_WIN32_WINNT >= 0x0500)
3581
3582 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3583 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
3584 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3585 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
3586 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
3587 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3588 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
3589 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
3590 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3591 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
3592 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
3593 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3594 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
3595 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3596 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3597 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3598 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
3599 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3600 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
3601 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
3602 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
3603 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
3604 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
3605 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3606 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3607 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3608 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3609 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3610 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3611 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3612 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3613 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3614
3615 #endif
3616
3617 #if (_WIN32_WINNT >= 0x0600)
3618
3619 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3620 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3621 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3622 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3623 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3624 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3625 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3626 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3627 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3628 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3629 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3630 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3631 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3632 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3633 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3634 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3635 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3636 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3637 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3638 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3639 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3640 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3641 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3642 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3643 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3644 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3645 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3646 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3647
3648 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3649 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3650 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3651 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3652 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3653 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3654
3655 #endif
3656
3657 #if (_WIN32_WINNT >= 0x0601)
3658
3659 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3660 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3661 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3662 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3663 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3664 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3665 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3666 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3667 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3668
3669 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3670
3671 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3672 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3673
3674 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3675 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3676 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3677 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3678 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3679
3680 typedef struct _CSV_NAMESPACE_INFO {
3681 ULONG Version;
3682 ULONG DeviceNumber;
3683 LARGE_INTEGER StartingOffset;
3684 ULONG SectorSize;
3685 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
3686
3687 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3688 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3689
3690 #endif
3691
3692 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3693
3694 typedef struct _PATHNAME_BUFFER {
3695 ULONG PathNameLength;
3696 WCHAR Name[1];
3697 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
3698
3699 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
3700 UCHAR First0x24BytesOfBootSector[0x24];
3701 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
3702
3703 #if (_WIN32_WINNT >= 0x0400)
3704
3705 typedef struct _NTFS_VOLUME_DATA_BUFFER {
3706 LARGE_INTEGER VolumeSerialNumber;
3707 LARGE_INTEGER NumberSectors;
3708 LARGE_INTEGER TotalClusters;
3709 LARGE_INTEGER FreeClusters;
3710 LARGE_INTEGER TotalReserved;
3711 ULONG BytesPerSector;
3712 ULONG BytesPerCluster;
3713 ULONG BytesPerFileRecordSegment;
3714 ULONG ClustersPerFileRecordSegment;
3715 LARGE_INTEGER MftValidDataLength;
3716 LARGE_INTEGER MftStartLcn;
3717 LARGE_INTEGER Mft2StartLcn;
3718 LARGE_INTEGER MftZoneStart;
3719 LARGE_INTEGER MftZoneEnd;
3720 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
3721
3722 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
3723 ULONG ByteCount;
3724 USHORT MajorVersion;
3725 USHORT MinorVersion;
3726 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
3727
3728 typedef struct _STARTING_LCN_INPUT_BUFFER {
3729 LARGE_INTEGER StartingLcn;
3730 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
3731
3732 typedef struct _VOLUME_BITMAP_BUFFER {
3733 LARGE_INTEGER StartingLcn;
3734 LARGE_INTEGER BitmapSize;
3735 UCHAR Buffer[1];
3736 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
3737
3738 typedef struct _STARTING_VCN_INPUT_BUFFER {
3739 LARGE_INTEGER StartingVcn;
3740 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
3741
3742 typedef struct _RETRIEVAL_POINTERS_BUFFER {
3743 ULONG ExtentCount;
3744 LARGE_INTEGER StartingVcn;
3745 struct {
3746 LARGE_INTEGER NextVcn;
3747 LARGE_INTEGER Lcn;
3748 } Extents[1];
3749 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
3750
3751 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
3752 LARGE_INTEGER FileReferenceNumber;
3753 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
3754
3755 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
3756 LARGE_INTEGER FileReferenceNumber;
3757 ULONG FileRecordLength;
3758 UCHAR FileRecordBuffer[1];
3759 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
3760
3761 typedef struct _MOVE_FILE_DATA {
3762 HANDLE FileHandle;
3763 LARGE_INTEGER StartingVcn;
3764 LARGE_INTEGER StartingLcn;
3765 ULONG ClusterCount;
3766 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
3767
3768 typedef struct _MOVE_FILE_RECORD_DATA {
3769 HANDLE FileHandle;
3770 LARGE_INTEGER SourceFileRecord;
3771 LARGE_INTEGER TargetFileRecord;
3772 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
3773
3774 #if defined(_WIN64)
3775 typedef struct _MOVE_FILE_DATA32 {
3776 UINT32 FileHandle;
3777 LARGE_INTEGER StartingVcn;
3778 LARGE_INTEGER StartingLcn;
3779 ULONG ClusterCount;
3780 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
3781 #endif
3782
3783 #endif /* (_WIN32_WINNT >= 0x0400) */
3784
3785 #if (_WIN32_WINNT >= 0x0500)
3786
3787 typedef struct _FIND_BY_SID_DATA {
3788 ULONG Restart;
3789 SID Sid;
3790 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
3791
3792 typedef struct _FIND_BY_SID_OUTPUT {
3793 ULONG NextEntryOffset;
3794 ULONG FileIndex;
3795 ULONG FileNameLength;
3796 WCHAR FileName[1];
3797 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
3798
3799 typedef struct _MFT_ENUM_DATA {
3800 ULONGLONG StartFileReferenceNumber;
3801 USN LowUsn;
3802 USN HighUsn;
3803 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
3804
3805 typedef struct _CREATE_USN_JOURNAL_DATA {
3806 ULONGLONG MaximumSize;
3807 ULONGLONG AllocationDelta;
3808 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
3809
3810 typedef struct _READ_USN_JOURNAL_DATA {
3811 USN StartUsn;
3812 ULONG ReasonMask;
3813 ULONG ReturnOnlyOnClose;
3814 ULONGLONG Timeout;
3815 ULONGLONG BytesToWaitFor;
3816 ULONGLONG UsnJournalID;
3817 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
3818
3819 typedef struct _USN_RECORD {
3820 ULONG RecordLength;
3821 USHORT MajorVersion;
3822 USHORT MinorVersion;
3823 ULONGLONG FileReferenceNumber;
3824 ULONGLONG ParentFileReferenceNumber;
3825 USN Usn;
3826 LARGE_INTEGER TimeStamp;
3827 ULONG Reason;
3828 ULONG SourceInfo;
3829 ULONG SecurityId;
3830 ULONG FileAttributes;
3831 USHORT FileNameLength;
3832 USHORT FileNameOffset;
3833 WCHAR FileName[1];
3834 } USN_RECORD, *PUSN_RECORD;
3835
3836 #define USN_PAGE_SIZE (0x1000)
3837
3838 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3839 #define USN_REASON_DATA_EXTEND (0x00000002)
3840 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3841 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3842 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3843 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3844 #define USN_REASON_FILE_CREATE (0x00000100)
3845 #define USN_REASON_FILE_DELETE (0x00000200)
3846 #define USN_REASON_EA_CHANGE (0x00000400)
3847 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3848 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3849 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3850 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3851 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3852 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3853 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3854 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3855 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3856 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3857 #define USN_REASON_STREAM_CHANGE (0x00200000)
3858 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3859 #define USN_REASON_CLOSE (0x80000000)
3860
3861 typedef struct _USN_JOURNAL_DATA {
3862 ULONGLONG UsnJournalID;
3863 USN FirstUsn;
3864 USN NextUsn;
3865 USN LowestValidUsn;
3866 USN MaxUsn;
3867 ULONGLONG MaximumSize;
3868 ULONGLONG AllocationDelta;
3869 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
3870
3871 typedef struct _DELETE_USN_JOURNAL_DATA {
3872 ULONGLONG UsnJournalID;
3873 ULONG DeleteFlags;
3874 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
3875
3876 #define USN_DELETE_FLAG_DELETE (0x00000001)
3877 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3878 #define USN_DELETE_VALID_FLAGS (0x00000003)
3879
3880 typedef struct _MARK_HANDLE_INFO {
3881 ULONG UsnSourceInfo;
3882 HANDLE VolumeHandle;
3883 ULONG HandleInfo;
3884 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
3885
3886 #if defined(_WIN64)
3887 typedef struct _MARK_HANDLE_INFO32 {
3888 ULONG UsnSourceInfo;
3889 UINT32 VolumeHandle;
3890 ULONG HandleInfo;
3891 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
3892 #endif
3893
3894 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3895 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3896 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3897
3898 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3899 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3900 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3901
3902 typedef struct _BULK_SECURITY_TEST_DATA {
3903 ACCESS_MASK DesiredAccess;
3904 ULONG SecurityIds[1];
3905 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
3906
3907 #define VOLUME_IS_DIRTY (0x00000001)
3908 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3909 #define VOLUME_SESSION_OPEN (0x00000004)
3910
3911 typedef struct _FILE_PREFETCH {
3912 ULONG Type;
3913 ULONG Count;
3914 ULONGLONG Prefetch[1];
3915 } FILE_PREFETCH, *PFILE_PREFETCH;
3916
3917 typedef struct _FILE_PREFETCH_EX {
3918 ULONG Type;
3919 ULONG Count;
3920 PVOID Context;
3921 ULONGLONG Prefetch[1];
3922 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
3923
3924 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3925 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3926 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3927 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3928
3929 #define FILE_PREFETCH_TYPE_MAX 0x4
3930
3931 typedef struct _FILE_OBJECTID_BUFFER {
3932 UCHAR ObjectId[16];
3933 _ANONYMOUS_UNION union {
3934 _ANONYMOUS_STRUCT struct {
3935 UCHAR BirthVolumeId[16];
3936 UCHAR BirthObjectId[16];
3937 UCHAR DomainId[16];
3938 } DUMMYSTRUCTNAME;
3939 UCHAR ExtendedInfo[48];
3940 } DUMMYUNIONNAME;
3941 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
3942
3943 typedef struct _FILE_SET_SPARSE_BUFFER {
3944 BOOLEAN SetSparse;
3945 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
3946
3947 typedef struct _FILE_ZERO_DATA_INFORMATION {
3948 LARGE_INTEGER FileOffset;
3949 LARGE_INTEGER BeyondFinalZero;
3950 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
3951
3952 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
3953 LARGE_INTEGER FileOffset;
3954 LARGE_INTEGER Length;
3955 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
3956
3957 typedef struct _ENCRYPTION_BUFFER {
3958 ULONG EncryptionOperation;
3959 UCHAR Private[1];
3960 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
3961
3962 #define FILE_SET_ENCRYPTION 0x00000001
3963 #define FILE_CLEAR_ENCRYPTION 0x00000002
3964 #define STREAM_SET_ENCRYPTION 0x00000003
3965 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3966
3967 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3968
3969 typedef struct _DECRYPTION_STATUS_BUFFER {
3970 BOOLEAN NoEncryptedStreams;
3971 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
3972
3973 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3974
3975 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3976
3977 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
3978 LONGLONG FileOffset;
3979 ULONG Length;
3980 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
3981
3982 typedef struct _ENCRYPTED_DATA_INFO {
3983 ULONGLONG StartingFileOffset;
3984 ULONG OutputBufferOffset;
3985 ULONG BytesWithinFileSize;
3986 ULONG BytesWithinValidDataLength;
3987 USHORT CompressionFormat;
3988 UCHAR DataUnitShift;
3989 UCHAR ChunkShift;
3990 UCHAR ClusterShift;
3991 UCHAR EncryptionFormat;
3992 USHORT NumberOfDataBlocks;
3993 ULONG DataBlockSize[ANYSIZE_ARRAY];
3994 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
3995
3996 typedef struct _PLEX_READ_DATA_REQUEST {
3997 LARGE_INTEGER ByteOffset;
3998 ULONG ByteLength;
3999 ULONG PlexNumber;
4000 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
4001
4002 typedef struct _SI_COPYFILE {
4003 ULONG SourceFileNameLength;
4004 ULONG DestinationFileNameLength;
4005 ULONG Flags;
4006 WCHAR FileNameBuffer[1];
4007 } SI_COPYFILE, *PSI_COPYFILE;
4008
4009 #define COPYFILE_SIS_LINK 0x0001
4010 #define COPYFILE_SIS_REPLACE 0x0002
4011 #define COPYFILE_SIS_FLAGS 0x0003
4012
4013 #endif /* (_WIN32_WINNT >= 0x0500) */
4014
4015 #if (_WIN32_WINNT >= 0x0600)
4016
4017 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER {
4018 BOOLEAN CloseDisc;
4019 } FILE_MAKE_COMPATIBLE_BUFFER, *PFILE_MAKE_COMPATIBLE_BUFFER;
4020
4021 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER {
4022 BOOLEAN Disable;
4023 } FILE_SET_DEFECT_MGMT_BUFFER, *PFILE_SET_DEFECT_MGMT_BUFFER;
4024
4025 typedef struct _FILE_QUERY_SPARING_BUFFER {
4026 ULONG SparingUnitBytes;
4027 BOOLEAN SoftwareSparing;
4028 ULONG TotalSpareBlocks;
4029 ULONG FreeSpareBlocks;
4030 } FILE_QUERY_SPARING_BUFFER, *PFILE_QUERY_SPARING_BUFFER;
4031
4032 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER {
4033 LARGE_INTEGER DirectoryCount;
4034 LARGE_INTEGER FileCount;
4035 USHORT FsFormatMajVersion;
4036 USHORT FsFormatMinVersion;
4037 WCHAR FsFormatName[12];
4038 LARGE_INTEGER FormatTime;
4039 LARGE_INTEGER LastUpdateTime;
4040 WCHAR CopyrightInfo[34];
4041 WCHAR AbstractInfo[34];
4042 WCHAR FormattingImplementationInfo[34];
4043 WCHAR LastModifyingImplementationInfo[34];
4044 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER;
4045
4046 #define SET_REPAIR_ENABLED (0x00000001)
4047 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
4048 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
4049 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
4050 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
4051 #define SET_REPAIR_VALID_MASK (0x0000001F)
4052
4053 typedef enum _SHRINK_VOLUME_REQUEST_TYPES {
4054 ShrinkPrepare = 1,
4055 ShrinkCommit,
4056 ShrinkAbort
4057 } SHRINK_VOLUME_REQUEST_TYPES, *PSHRINK_VOLUME_REQUEST_TYPES;
4058
4059 typedef struct _SHRINK_VOLUME_INFORMATION {
4060 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType;
4061 ULONGLONG Flags;
4062 LONGLONG NewNumberOfSectors;
4063 } SHRINK_VOLUME_INFORMATION, *PSHRINK_VOLUME_INFORMATION;
4064
4065 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
4066 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
4067 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
4068 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
4069 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
4070 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
4071 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
4072 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
4073 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
4074 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
4075 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
4076 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
4077 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
4078 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
4079 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
4080 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
4081 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
4082
4083 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
4084 #define TXFS_LOGGING_MODE_FULL (0x0002)
4085
4086 #define TXFS_TRANSACTION_STATE_NONE 0x00
4087 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
4088 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
4089 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
4090
4091 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE | \
4092 TXFS_RM_FLAG_RENAME_RM | \
4093 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4094 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4095 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4096 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4097 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4098 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4099 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4100 TXFS_RM_FLAG_SHRINK_LOG | \
4101 TXFS_RM_FLAG_GROW_LOG | \
4102 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
4103 TXFS_RM_FLAG_PRESERVE_CHANGES | \
4104 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4105 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4106 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4107 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4108
4109 typedef struct _TXFS_MODIFY_RM {
4110 ULONG Flags;
4111 ULONG LogContainerCountMax;
4112 ULONG LogContainerCountMin;
4113 ULONG LogContainerCount;
4114 ULONG LogGrowthIncrement;
4115 ULONG LogAutoShrinkPercentage;
4116 ULONGLONG Reserved;
4117 USHORT LoggingMode;
4118 } TXFS_MODIFY_RM, *PTXFS_MODIFY_RM;
4119
4120 #define TXFS_RM_STATE_NOT_STARTED 0
4121 #define TXFS_RM_STATE_STARTING 1
4122 #define TXFS_RM_STATE_ACTIVE 2
4123 #define TXFS_RM_STATE_SHUTTING_DOWN 3
4124
4125 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
4126 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4127 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4128 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4129 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4130 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4131 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4132 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4133 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4134
4135 typedef struct _TXFS_QUERY_RM_INFORMATION {
4136 ULONG BytesRequired;
4137 ULONGLONG TailLsn;
4138 ULONGLONG CurrentLsn;
4139 ULONGLONG ArchiveTailLsn;
4140 ULONGLONG LogContainerSize;
4141 LARGE_INTEGER HighestVirtualClock;
4142 ULONG LogContainerCount;
4143 ULONG LogContainerCountMax;
4144 ULONG LogContainerCountMin;
4145 ULONG LogGrowthIncrement;
4146 ULONG LogAutoShrinkPercentage;
4147 ULONG Flags;
4148 USHORT LoggingMode;
4149 USHORT Reserved;
4150 ULONG RmState;
4151 ULONGLONG LogCapacity;
4152 ULONGLONG LogFree;
4153 ULONGLONG TopsSize;
4154 ULONGLONG TopsUsed;
4155 ULONGLONG TransactionCount;
4156 ULONGLONG OnePCCount;
4157 ULONGLONG TwoPCCount;
4158 ULONGLONG NumberLogFileFull;
4159 ULONGLONG OldestTransactionAge;
4160 GUID RMName;
4161 ULONG TmLogPathOffset;
4162 } TXFS_QUERY_RM_INFORMATION, *PTXFS_QUERY_RM_INFORMATION;
4163
4164 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
4165 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
4166
4167 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
4168 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
4169 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
4170
4171 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION {
4172 LARGE_INTEGER LastVirtualClock;
4173 ULONGLONG LastRedoLsn;
4174 ULONGLONG HighestRecoveryLsn;
4175 ULONG Flags;
4176 } TXFS_ROLLFORWARD_REDO_INFORMATION, *PTXFS_ROLLFORWARD_REDO_INFORMATION;
4177
4178 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4179 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4180 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4181 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4182 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4183 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4184 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4185 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4186
4187 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4188 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4189 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4190
4191 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4192 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4193
4194 #define TXFS_START_RM_VALID_FLAGS \
4195 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4196 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4197 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4198 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4199 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4200 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4201 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4202 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4203 TXFS_START_RM_FLAG_LOGGING_MODE | \
4204 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4205 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4206 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4207
4208 typedef struct _TXFS_START_RM_INFORMATION {
4209 ULONG Flags;
4210 ULONGLONG LogContainerSize;
4211 ULONG LogContainerCountMin;
4212 ULONG LogContainerCountMax;
4213 ULONG LogGrowthIncrement;
4214 ULONG LogAutoShrinkPercentage;
4215 ULONG TmLogPathOffset;
4216 USHORT TmLogPathLength;
4217 USHORT LoggingMode;
4218 USHORT LogPathLength;
4219 USHORT Reserved;
4220 WCHAR LogPath[1];
4221 } TXFS_START_RM_INFORMATION, *PTXFS_START_RM_INFORMATION;
4222
4223 typedef struct _TXFS_GET_METADATA_INFO_OUT {
4224 struct {
4225 LONGLONG LowPart;
4226 LONGLONG HighPart;
4227 } TxfFileId;
4228 GUID LockingTransaction;
4229 ULONGLONG LastLsn;
4230 ULONG TransactionState;
4231 } TXFS_GET_METADATA_INFO_OUT, *PTXFS_GET_METADATA_INFO_OUT;
4232
4233 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4234 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4235
4236 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY {
4237 ULONGLONG Offset;
4238 ULONG NameFlags;
4239 LONGLONG FileId;
4240 ULONG Reserved1;
4241 ULONG Reserved2;
4242 LONGLONG Reserved3;
4243 WCHAR FileName[1];
4244 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY;
4245
4246 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES {
4247 GUID KtmTransaction;
4248 ULONGLONG NumberOfFiles;
4249 ULONGLONG BufferSizeRequired;
4250 ULONGLONG Offset;
4251 } TXFS_LIST_TRANSACTION_LOCKED_FILES, *PTXFS_LIST_TRANSACTION_LOCKED_FILES;
4252
4253 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY {
4254 GUID TransactionId;
4255 ULONG TransactionState;
4256 ULONG Reserved1;
4257 ULONG Reserved2;
4258 LONGLONG Reserved3;
4259 } TXFS_LIST_TRANSACTIONS_ENTRY, *PTXFS_LIST_TRANSACTIONS_ENTRY;
4260
4261 typedef struct _TXFS_LIST_TRANSACTIONS {
4262 ULONGLONG NumberOfTransactions;
4263 ULONGLONG BufferSizeRequired;
4264 } TXFS_LIST_TRANSACTIONS, *PTXFS_LIST_TRANSACTIONS;
4265
4266 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT {
4267 _ANONYMOUS_UNION union {
4268 ULONG BufferLength;
4269 UCHAR Buffer[1];
4270 } DUMMYUNIONNAME;
4271 } TXFS_READ_BACKUP_INFORMATION_OUT, *PTXFS_READ_BACKUP_INFORMATION_OUT;
4272
4273 typedef struct _TXFS_WRITE_BACKUP_INFORMATION {
4274 UCHAR Buffer[1];
4275 } TXFS_WRITE_BACKUP_INFORMATION, *PTXFS_WRITE_BACKUP_INFORMATION;
4276
4277 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4278 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4279
4280 typedef struct _TXFS_GET_TRANSACTED_VERSION {
4281 ULONG ThisBaseVersion;
4282 ULONG LatestVersion;
4283 USHORT ThisMiniVersion;
4284 USHORT FirstMiniVersion;
4285 USHORT LatestMiniVersion;
4286 } TXFS_GET_TRANSACTED_VERSION, *PTXFS_GET_TRANSACTED_VERSION;
4287
4288 #define TXFS_SAVEPOINT_SET 0x00000001
4289 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4290 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4291 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4292
4293 typedef struct _TXFS_SAVEPOINT_INFORMATION {
4294 HANDLE KtmTransaction;
4295 ULONG ActionCode;
4296 ULONG SavepointId;
4297 } TXFS_SAVEPOINT_INFORMATION, *PTXFS_SAVEPOINT_INFORMATION;
4298
4299 typedef struct _TXFS_CREATE_MINIVERSION_INFO {
4300 USHORT StructureVersion;
4301 USHORT StructureLength;
4302 ULONG BaseVersion;
4303 USHORT MiniVersion;
4304 } TXFS_CREATE_MINIVERSION_INFO, *PTXFS_CREATE_MINIVERSION_INFO;
4305
4306 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO {
4307 BOOLEAN TransactionsActiveAtSnapshot;
4308 } TXFS_TRANSACTION_ACTIVE_INFO, *PTXFS_TRANSACTION_ACTIVE_INFO;
4309
4310 #endif /* (_WIN32_WINNT >= 0x0600) */
4311
4312 #if (_WIN32_WINNT >= 0x0601)
4313
4314 #define MARK_HANDLE_REALTIME (0x00000020)
4315 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4316
4317 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4318 #define REMOVED_8DOT3_NAME (0x00000002)
4319
4320 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4321
4322 typedef struct _BOOT_AREA_INFO {
4323 ULONG BootSectorCount;
4324 struct {
4325 LARGE_INTEGER Offset;
4326 } BootSectors[2];
4327 } BOOT_AREA_INFO, *PBOOT_AREA_INFO;
4328
4329 typedef struct _RETRIEVAL_POINTER_BASE {
4330 LARGE_INTEGER FileAreaOffset;
4331 } RETRIEVAL_POINTER_BASE, *PRETRIEVAL_POINTER_BASE;
4332
4333 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION {
4334 ULONG VolumeFlags;
4335 ULONG FlagMask;
4336 ULONG Version;
4337 ULONG Reserved;
4338 } FILE_FS_PERSISTENT_VOLUME_INFORMATION, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION;
4339
4340 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION {
4341 CHAR FileSystem[9];
4342 } FILE_SYSTEM_RECOGNITION_INFORMATION, *PFILE_SYSTEM_RECOGNITION_INFORMATION;
4343
4344 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4345 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4346 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4347
4348 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4349 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4350 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4351
4352 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4353
4354 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
4355 USHORT StructureVersion;
4356 USHORT StructureLength;
4357 ULONG RequestedOplockLevel;
4358 ULONG Flags;
4359 } REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;
4360
4361 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4362 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4363
4364 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
4365 USHORT StructureVersion;
4366 USHORT StructureLength;
4367 ULONG OriginalOplockLevel;
4368 ULONG NewOplockLevel;
4369 ULONG Flags;
4370 ACCESS_MASK AccessMode;
4371 USHORT ShareMode;
4372 } REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;
4373
4374 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4375
4376 typedef struct _SD_CHANGE_MACHINE_SID_INPUT {
4377 USHORT CurrentMachineSIDOffset;
4378 USHORT CurrentMachineSIDLength;
4379 USHORT NewMachineSIDOffset;
4380 USHORT NewMachineSIDLength;
4381 } SD_CHANGE_MACHINE_SID_INPUT, *PSD_CHANGE_MACHINE_SID_INPUT;
4382
4383 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT {
4384 ULONGLONG NumSDChangedSuccess;
4385 ULONGLONG NumSDChangedFail;
4386 ULONGLONG NumSDUnused;
4387 ULONGLONG NumSDTotal;
4388 ULONGLONG NumMftSDChangedSuccess;
4389 ULONGLONG NumMftSDChangedFail;
4390 ULONGLONG NumMftSDTotal;
4391 } SD_CHANGE_MACHINE_SID_OUTPUT, *PSD_CHANGE_MACHINE_SID_OUTPUT;
4392
4393 typedef struct _SD_GLOBAL_CHANGE_INPUT {
4394 ULONG Flags;
4395 ULONG ChangeType;
4396 _ANONYMOUS_UNION union {
4397 SD_CHANGE_MACHINE_SID_INPUT SdChange;
4398 } DUMMYUNIONNAME;
4399 } SD_GLOBAL_CHANGE_INPUT, *PSD_GLOBAL_CHANGE_INPUT;
4400
4401 typedef struct _SD_GLOBAL_CHANGE_OUTPUT {
4402 ULONG Flags;
4403 ULONG ChangeType;
4404 _ANONYMOUS_UNION union {
4405 SD_CHANGE_MACHINE_SID_OUTPUT SdChange;
4406 } DUMMYUNIONNAME;
4407 } SD_GLOBAL_CHANGE_OUTPUT, *PSD_GLOBAL_CHANGE_OUTPUT;
4408
4409 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4410
4411 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO {
4412 ULONG ExtendedCode;
4413 ULONG Length;
4414 ULONG Flags;
4415 ULONG Reserved;
4416 } EXTENDED_ENCRYPTED_DATA_INFO, *PEXTENDED_ENCRYPTED_DATA_INFO;
4417
4418 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT {
4419 ULONG Flags;
4420 ULONG NumberOfClusters;
4421 LARGE_INTEGER Cluster[1];
4422 } LOOKUP_STREAM_FROM_CLUSTER_INPUT, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT;
4423
4424 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT {
4425 ULONG Offset;
4426 ULONG NumberOfMatches;
4427 ULONG BufferSizeRequired;
4428 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT;
4429
4430 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4431 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4432 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4433 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008
4434
4435 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK 0xff000000
4436 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA 0x01000000
4437 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX 0x02000000
4438 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM 0x03000000
4439
4440 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY {
4441 ULONG OffsetToNext;
4442 ULONG Flags;
4443 LARGE_INTEGER Reserved;
4444 LARGE_INTEGER Cluster;
4445 WCHAR FileName[1];
4446 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY;
4447
4448 typedef struct _FILE_TYPE_NOTIFICATION_INPUT {
4449 ULONG Flags;
4450 ULONG NumFileTypeIDs;
4451 GUID FileTypeID[1];
4452 } FILE_TYPE_NOTIFICATION_INPUT, *PFILE_TYPE_NOTIFICATION_INPUT;
4453
4454 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN 0x00000001
4455 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END 0x00000002
4456
4457 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE, 0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
4458 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE, 0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
4459 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE, 0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
4460
4461 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
4462 #define _VIRTUAL_STORAGE_TYPE_DEFINED
4463 typedef struct _VIRTUAL_STORAGE_TYPE {
4464 ULONG DeviceId;
4465 GUID VendorId;
4466 } VIRTUAL_STORAGE_TYPE, *PVIRTUAL_STORAGE_TYPE;
4467 #endif
4468
4469 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST {
4470 ULONG RequestLevel;
4471 ULONG RequestFlags;
4472 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST;
4473
4474 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES 0x1
4475 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES 0x2
4476
4477 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY {
4478 ULONG EntryLength;
4479 ULONG DependencyTypeFlags;
4480 ULONG ProviderSpecificFlags;
4481 VIRTUAL_STORAGE_TYPE VirtualStorageType;
4482 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY;
4483
4484 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY {
4485 ULONG EntryLength;
4486 ULONG DependencyTypeFlags;
4487 ULONG ProviderSpecificFlags;
4488 VIRTUAL_STORAGE_TYPE VirtualStorageType;
4489 ULONG AncestorLevel;
4490 ULONG HostVolumeNameOffset;
4491 ULONG HostVolumeNameSize;
4492 ULONG DependentVolumeNameOffset;
4493 ULONG DependentVolumeNameSize;
4494 ULONG RelativePathOffset;
4495 ULONG RelativePathSize;
4496 ULONG DependentDeviceNameOffset;
4497 ULONG DependentDeviceNameSize;
4498 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY;
4499
4500 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE {
4501 ULONG ResponseLevel;
4502 ULONG NumberEntries;
4503 _ANONYMOUS_UNION union {
4504 STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends[0];
4505 STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends[0];
4506 } DUMMYUNIONNAME;
4507 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE;
4508
4509 #endif /* (_WIN32_WINNT >= 0x0601) */
4510
4511 typedef struct _FILESYSTEM_STATISTICS {
4512 USHORT FileSystemType;
4513 USHORT Version;
4514 ULONG SizeOfCompleteStructure;
4515 ULONG UserFileReads;
4516 ULONG UserFileReadBytes;
4517 ULONG UserDiskReads;
4518 ULONG UserFileWrites;
4519 ULONG UserFileWriteBytes;
4520 ULONG UserDiskWrites;
4521 ULONG MetaDataReads;
4522 ULONG MetaDataReadBytes;
4523 ULONG MetaDataDiskReads;
4524 ULONG MetaDataWrites;
4525 ULONG MetaDataWriteBytes;
4526 ULONG MetaDataDiskWrites;
4527 } FILESYSTEM_STATISTICS, *PFILESYSTEM_STATISTICS;
4528
4529 #define FILESYSTEM_STATISTICS_TYPE_NTFS 1
4530 #define FILESYSTEM_STATISTICS_TYPE_FAT 2
4531 #define FILESYSTEM_STATISTICS_TYPE_EXFAT 3
4532
4533 typedef struct _FAT_STATISTICS {
4534 ULONG CreateHits;
4535 ULONG SuccessfulCreates;
4536 ULONG FailedCreates;
4537 ULONG NonCachedReads;
4538 ULONG NonCachedReadBytes;
4539 ULONG NonCachedWrites;
4540 ULONG NonCachedWriteBytes;
4541 ULONG NonCachedDiskReads;
4542 ULONG NonCachedDiskWrites;
4543 } FAT_STATISTICS, *PFAT_STATISTICS;
4544
4545 typedef struct _EXFAT_STATISTICS {
4546 ULONG CreateHits;
4547 ULONG SuccessfulCreates;
4548 ULONG FailedCreates;
4549 ULONG NonCachedReads;
4550 ULONG NonCachedReadBytes;
4551 ULONG NonCachedWrites;
4552 ULONG NonCachedWriteBytes;
4553 ULONG NonCachedDiskReads;
4554 ULONG NonCachedDiskWrites;
4555 } EXFAT_STATISTICS, *PEXFAT_STATISTICS;
4556
4557 typedef struct _NTFS_STATISTICS {
4558 ULONG LogFileFullExceptions;
4559 ULONG OtherExceptions;
4560 ULONG MftReads;
4561 ULONG MftReadBytes;
4562 ULONG MftWrites;
4563 ULONG MftWriteBytes;
4564 struct {
4565 USHORT Write;
4566 USHORT Create;
4567 USHORT SetInfo;
4568 USHORT Flush;
4569 } MftWritesUserLevel;
4570 USHORT MftWritesFlushForLogFileFull;
4571 USHORT MftWritesLazyWriter;
4572 USHORT MftWritesUserRequest;
4573 ULONG Mft2Writes;
4574 ULONG Mft2WriteBytes;
4575 struct {
4576 USHORT Write;
4577 USHORT Create;
4578 USHORT SetInfo;
4579 USHORT Flush;
4580 } Mft2WritesUserLevel;
4581 USHORT Mft2WritesFlushForLogFileFull;
4582 USHORT Mft2WritesLazyWriter;
4583 USHORT Mft2WritesUserRequest;
4584 ULONG RootIndexReads;
4585 ULONG RootIndexReadBytes;
4586 ULONG RootIndexWrites;
4587 ULONG RootIndexWriteBytes;
4588 ULONG BitmapReads;
4589 ULONG BitmapReadBytes;
4590 ULONG BitmapWrites;
4591 ULONG BitmapWriteBytes;
4592 USHORT BitmapWritesFlushForLogFileFull;
4593 USHORT BitmapWritesLazyWriter;
4594 USHORT BitmapWritesUserRequest;
4595 struct {
4596 USHORT Write;
4597 USHORT Create;
4598 USHORT SetInfo;
4599 } BitmapWritesUserLevel;
4600 ULONG MftBitmapReads;
4601 ULONG MftBitmapReadBytes;
4602 ULONG MftBitmapWrites;
4603 ULONG MftBitmapWriteBytes;
4604 USHORT MftBitmapWritesFlushForLogFileFull;
4605 USHORT MftBitmapWritesLazyWriter;
4606 USHORT MftBitmapWritesUserRequest;
4607 struct {
4608 USHORT Write;
4609 USHORT Create;
4610 USHORT SetInfo;
4611 USHORT Flush;
4612 } MftBitmapWritesUserLevel;
4613 ULONG UserIndexReads;
4614 ULONG UserIndexReadBytes;
4615 ULONG UserIndexWrites;
4616 ULONG UserIndexWriteBytes;
4617 ULONG LogFileReads;
4618 ULONG LogFileReadBytes;
4619 ULONG LogFileWrites;
4620 ULONG LogFileWriteBytes;
4621 struct {
4622 ULONG Calls;
4623 ULONG Clusters;
4624 ULONG Hints;
4625 ULONG RunsReturned;
4626 ULONG HintsHonored;
4627 ULONG HintsClusters;
4628 ULONG Cache;
4629 ULONG CacheClusters;
4630 ULONG CacheMiss;
4631 ULONG CacheMissClusters;
4632 } Allocate;
4633 } NTFS_STATISTICS, *PNTFS_STATISTICS;
4634
4635 #endif /* _FILESYSTEMFSCTL_ */
4636
4637 #define SYMLINK_FLAG_RELATIVE 1
4638
4639 typedef struct _REPARSE_DATA_BUFFER {
4640 ULONG ReparseTag;
4641 USHORT ReparseDataLength;
4642 USHORT Reserved;
4643 _ANONYMOUS_UNION union {
4644 struct {
4645 USHORT SubstituteNameOffset;
4646 USHORT SubstituteNameLength;
4647 USHORT PrintNameOffset;
4648 USHORT PrintNameLength;
4649 ULONG Flags;
4650 WCHAR PathBuffer[1];
4651 } SymbolicLinkReparseBuffer;
4652 struct {
4653 USHORT SubstituteNameOffset;
4654 USHORT SubstituteNameLength;
4655 USHORT PrintNameOffset;
4656 USHORT PrintNameLength;
4657 WCHAR PathBuffer[1];
4658 } MountPointReparseBuffer;
4659 struct {
4660 UCHAR DataBuffer[1];
4661 } GenericReparseBuffer;
4662 } DUMMYUNIONNAME;
4663 } REPARSE_DATA_BUFFER, *PREPARSE_DATA_BUFFER;
4664
4665 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
4666
4667 typedef struct _REPARSE_GUID_DATA_BUFFER {
4668 ULONG ReparseTag;
4669 USHORT ReparseDataLength;
4670 USHORT Reserved;
4671 GUID ReparseGuid;
4672 struct {
4673 UCHAR DataBuffer[1];
4674 } GenericReparseBuffer;
4675 } REPARSE_GUID_DATA_BUFFER, *PREPARSE_GUID_DATA_BUFFER;
4676
4677 #define REPARSE_GUID_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer)
4678
4679 #define MAXIMUM_REPARSE_DATA_BUFFER_SIZE ( 16 * 1024 )
4680
4681 /* Reserved reparse tags */
4682 #define IO_REPARSE_TAG_RESERVED_ZERO (0)
4683 #define IO_REPARSE_TAG_RESERVED_ONE (1)
4684 #define IO_REPARSE_TAG_RESERVED_RANGE IO_REPARSE_TAG_RESERVED_ONE
4685
4686 #define IsReparseTagMicrosoft(_tag) (((_tag) & 0x80000000))
4687 #define IsReparseTagNameSurrogate(_tag) (((_tag) & 0x20000000))
4688
4689 #define IO_REPARSE_TAG_VALID_VALUES (0xF000FFFF)
4690
4691 #define IsReparseTagValid(tag) ( \
4692 !((tag) & ~IO_REPARSE_TAG_VALID_VALUES) && \
4693 ((tag) > IO_REPARSE_TAG_RESERVED_RANGE) \
4694 )
4695
4696 /* MicroSoft reparse point tags */
4697 #define IO_REPARSE_TAG_MOUNT_POINT (0xA0000003L)
4698 #define IO_REPARSE_TAG_HSM (0xC0000004L)
4699 #define IO_REPARSE_TAG_DRIVE_EXTENDER (0x80000005L)
4700 #define IO_REPARSE_TAG_HSM2 (0x80000006L)
4701 #define IO_REPARSE_TAG_SIS (0x80000007L)
4702 #define IO_REPARSE_TAG_WIM (0x80000008L)
4703 #define IO_REPARSE_TAG_CSV (0x80000009L)
4704 #define IO_REPARSE_TAG_DFS (0x8000000AL)
4705 #define IO_REPARSE_TAG_FILTER_MANAGER (0x8000000BL)
4706 #define IO_REPARSE_TAG_SYMLINK (0xA000000CL)
4707 #define IO_REPARSE_TAG_IIS_CACHE (0xA0000010L)
4708 #define IO_REPARSE_TAG_DFSR (0x80000012L)
4709
4710 #pragma pack(4)
4711 typedef struct _REPARSE_INDEX_KEY {
4712 ULONG FileReparseTag;
4713 LARGE_INTEGER FileId;
4714 } REPARSE_INDEX_KEY, *PREPARSE_INDEX_KEY;
4715 #pragma pack()
4716
4717 #define FSCTL_LMR_GET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,58,METHOD_BUFFERED,FILE_ANY_ACCESS)
4718 #define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,59,METHOD_BUFFERED,FILE_ANY_ACCESS)
4719 #define IOCTL_LMR_ARE_FILE_OBJECTS_ON_SAME_SERVER CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,60,METHOD_BUFFERED,FILE_ANY_ACCESS)
4720
4721 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
4722 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
4723 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
4724 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
4725 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
4726 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4727 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
4728 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
4729 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
4730 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
4731 #define FSCTL_PIPE_GET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
4732 #define FSCTL_PIPE_SET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
4733 #define FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
4734 #define FSCTL_PIPE_SET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 13, METHOD_BUFFERED, FILE_ANY_ACCESS)
4735 #define FSCTL_PIPE_GET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 14, METHOD_BUFFERED, FILE_ANY_ACCESS)
4736 #define FSCTL_PIPE_SET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
4737 #define FSCTL_PIPE_FLUSH CTL_CODE(FILE_DEVICE_NAMED_PIPE, 16, METHOD_BUFFERED, FILE_WRITE_DATA)
4738
4739 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
4740 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
4741 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4742 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
4743
4744 #define FILE_PIPE_READ_DATA 0x00000000
4745 #define FILE_PIPE_WRITE_SPACE 0x00000001
4746
4747 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER {
4748 HANDLE EventHandle;
4749 ULONG KeyValue;
4750 } FILE_PIPE_ASSIGN_EVENT_BUFFER, *PFILE_PIPE_ASSIGN_EVENT_BUFFER;
4751
4752 typedef struct _FILE_PIPE_EVENT_BUFFER {
4753 ULONG NamedPipeState;
4754 ULONG EntryType;
4755 ULONG ByteCount;
4756 ULONG KeyValue;
4757 ULONG NumberRequests;
4758 } FILE_PIPE_EVENT_BUFFER, *PFILE_PIPE_EVENT_BUFFER;
4759
4760 typedef struct _FILE_PIPE_PEEK_BUFFER {
4761 ULONG NamedPipeState;
4762 ULONG ReadDataAvailable;
4763 ULONG NumberOfMessages;
4764 ULONG MessageLength;
4765 CHAR Data[1];
4766 } FILE_PIPE_PEEK_BUFFER, *PFILE_PIPE_PEEK_BUFFER;
4767
4768 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER {
4769 LARGE_INTEGER Timeout;
4770 ULONG NameLength;
4771 BOOLEAN TimeoutSpecified;
4772 WCHAR Name[1];
4773 } FILE_PIPE_WAIT_FOR_BUFFER, *PFILE_PIPE_WAIT_FOR_BUFFER;
4774
4775 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER {
4776 #if !defined(BUILD_WOW6432)
4777 PVOID ClientSession;
4778 PVOID ClientProcess;
4779 #else
4780 ULONGLONG ClientSession;
4781 ULONGLONG ClientProcess;
4782 #endif
4783 } FILE_PIPE_CLIENT_PROCESS_BUFFER, *PFILE_PIPE_CLIENT_PROCESS_BUFFER;
4784
4785 #define FILE_PIPE_COMPUTER_NAME_LENGTH 15
4786
4787 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER_EX {
4788 #if !defined(BUILD_WOW6432)
4789 PVOID ClientSession;
4790 PVOID ClientProcess;
4791 #else
4792 ULONGLONG ClientSession;
4793 ULONGLONG ClientProcess;
4794 #endif
4795 USHORT ClientComputerNameLength;
4796 WCHAR ClientComputerBuffer[FILE_PIPE_COMPUTER_NAME_LENGTH+1];
4797 } FILE_PIPE_CLIENT_PROCESS_BUFFER_EX, *PFILE_PIPE_CLIENT_PROCESS_BUFFER_EX;
4798
4799 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
4800
4801 typedef enum _LINK_TRACKING_INFORMATION_TYPE {
4802 NtfsLinkTrackingInformation,
4803 DfsLinkTrackingInformation
4804 } LINK_TRACKING_INFORMATION_TYPE, *PLINK_TRACKING_INFORMATION_TYPE;
4805
4806 typedef struct _LINK_TRACKING_INFORMATION {
4807 LINK_TRACKING_INFORMATION_TYPE Type;
4808 UCHAR VolumeId[16];
4809 } LINK_TRACKING_INFORMATION, *PLINK_TRACKING_INFORMATION;
4810
4811 typedef struct _REMOTE_LINK_TRACKING_INFORMATION {
4812 PVOID TargetFileObject;
4813 ULONG TargetLinkTrackingInformationLength;
4814 UCHAR TargetLinkTrackingInformationBuffer[1];
4815 } REMOTE_LINK_TRACKING_INFORMATION, *PREMOTE_LINK_TRACKING_INFORMATION;
4816
4817 #define IO_OPEN_PAGING_FILE 0x0002
4818 #define IO_OPEN_TARGET_DIRECTORY 0x0004
4819 #define IO_STOP_ON_SYMLINK 0x0008
4820 #define IO_MM_PAGING_FILE 0x0010
4821
4822 typedef VOID
4823 (NTAPI *PDRIVER_FS_NOTIFICATION) (
4824 _In_ PDEVICE_OBJECT DeviceObject,
4825 _In_ BOOLEAN FsActive);
4826
4827 typedef enum _FS_FILTER_SECTION_SYNC_TYPE {
4828 SyncTypeOther = 0,
4829 SyncTypeCreateSection
4830 } FS_FILTER_SECTION_SYNC_TYPE, *PFS_FILTER_SECTION_SYNC_TYPE;
4831
4832 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE {
4833 NotifyTypeCreate = 0,
4834 NotifyTypeRetired
4835 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE;
4836
4837 typedef union _FS_FILTER_PARAMETERS {
4838 struct {
4839 PLARGE_INTEGER EndingOffset;
4840 PERESOURCE *ResourceToRelease;
4841 } AcquireForModifiedPageWriter;
4842 struct {
4843 PERESOURCE ResourceToRelease;
4844 } ReleaseForModifiedPageWriter;
4845 struct {
4846 FS_FILTER_SECTION_SYNC_TYPE SyncType;
4847 ULONG PageProtection;
4848 } AcquireForSectionSynchronization;
4849 struct {
4850 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType;
4851 BOOLEAN POINTER_ALIGNMENT SafeToRecurse;
4852 } NotifyStreamFileObject;
4853 struct {
4854 PVOID Argument1;
4855 PVOID Argument2;
4856 PVOID Argument3;
4857 PVOID Argument4;
4858 PVOID Argument5;
4859 } Others;
4860 } FS_FILTER_PARAMETERS, *PFS_FILTER_PARAMETERS;
4861
4862 #define FS_FILTER_ACQUIRE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-1
4863 #define FS_FILTER_RELEASE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-2
4864 #define FS_FILTER_ACQUIRE_FOR_MOD_WRITE (UCHAR)-3
4865 #define FS_FILTER_RELEASE_FOR_MOD_WRITE (UCHAR)-4
4866 #define FS_FILTER_ACQUIRE_FOR_CC_FLUSH (UCHAR)-5
4867 #define FS_FILTER_RELEASE_FOR_CC_FLUSH (UCHAR)-6
4868
4869 typedef struct _FS_FILTER_CALLBACK_DATA {
4870 ULONG SizeOfFsFilterCallbackData;
4871 UCHAR Operation;
4872 UCHAR Reserved;
4873 struct _DEVICE_OBJECT *DeviceObject;
4874 struct _FILE_OBJECT *FileObject;
4875 FS_FILTER_PARAMETERS Parameters;
4876 } FS_FILTER_CALLBACK_DATA, *PFS_FILTER_CALLBACK_DATA;
4877
4878 typedef NTSTATUS
4879 (NTAPI *PFS_FILTER_CALLBACK) (
4880 _In_ PFS_FILTER_CALLBACK_DATA Data,
4881 _Out_ PVOID *CompletionContext);
4882
4883 typedef VOID
4884 (NTAPI *PFS_FILTER_COMPLETION_CALLBACK) (
4885 _In_ PFS_FILTER_CALLBACK_DATA Data,
4886 _In_ NTSTATUS OperationStatus,
4887 _In_ PVOID CompletionContext);
4888
4889 typedef struct _FS_FILTER_CALLBACKS {
4890 ULONG SizeOfFsFilterCallbacks;
4891 ULONG Reserved;
4892 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization;
4893 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization;
4894 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization;
4895 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization;
4896 PFS_FILTER_CALLBACK PreAcquireForCcFlush;
4897 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush;
4898 PFS_FILTER_CALLBACK PreReleaseForCcFlush;
4899 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush;
4900 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter;
4901 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter;
4902 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter;
4903 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter;
4904 } FS_FILTER_CALLBACKS, *PFS_FILTER_CALLBACKS;
4905
4906 #if (NTDDI_VERSION >= NTDDI_WINXP)
4907 NTKERNELAPI
4908 NTSTATUS
4909 NTAPI
4910 FsRtlRegisterFileSystemFilterCallbacks(
4911 _In_ struct _DRIVER_OBJECT *FilterDriverObject,
4912 _In_ PFS_FILTER_CALLBACKS Callbacks);
4913 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
4914
4915 #if (NTDDI_VERSION >= NTDDI_VISTA)
4916 NTKERNELAPI
4917 NTSTATUS
4918 NTAPI
4919 FsRtlNotifyStreamFileObject(
4920 _In_ struct _FILE_OBJECT * StreamFileObject,
4921 _In_opt_ struct _DEVICE_OBJECT *DeviceObjectHint,
4922 _In_ FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType,
4923 _In_ BOOLEAN SafeToRecurse);
4924 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
4925
4926 #define DO_VERIFY_VOLUME 0x00000002
4927 #define DO_BUFFERED_IO 0x00000004
4928 #define DO_EXCLUSIVE 0x00000008
4929 #define DO_DIRECT_IO 0x00000010
4930 #define DO_MAP_IO_BUFFER 0x00000020
4931 #define DO_DEVICE_HAS_NAME 0x00000040
4932 #define DO_DEVICE_INITIALIZING 0x00000080
4933 #define DO_SYSTEM_BOOT_PARTITION 0x00000100
4934 #define DO_LONG_TERM_REQUESTS 0x00000200
4935 #define DO_NEVER_LAST_DEVICE 0x00000400
4936 #define DO_SHUTDOWN_REGISTERED 0x00000800
4937 #define DO_BUS_ENUMERATED_DEVICE 0x00001000
4938 #define DO_POWER_PAGABLE 0x00002000
4939 #define DO_POWER_INRUSH 0x00004000
4940 #define DO_LOW_PRIORITY_FILESYSTEM 0x00010000
4941 #define DO_SUPPORTS_TRANSACTIONS 0x00040000
4942 #define DO_FORCE_NEITHER_IO 0x00080000
4943 #define DO_VOLUME_DEVICE_OBJECT 0x00100000
4944 #define DO_SYSTEM_SYSTEM_PARTITION 0x00200000
4945 #define DO_SYSTEM_CRITICAL_PARTITION 0x00400000
4946 #define DO_DISALLOW_EXECUTE 0x00800000
4947
4948 extern KSPIN_LOCK IoStatisticsLock;
4949 extern ULONG IoReadOperationCount;
4950 extern ULONG IoWriteOperationCount;
4951 extern ULONG IoOtherOperationCount;
4952 extern LARGE_INTEGER IoReadTransferCount;
4953 extern LARGE_INTEGER IoWriteTransferCount;
4954 extern LARGE_INTEGER IoOtherTransferCount;
4955
4956 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
4957 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
4958
4959 #if (NTDDI_VERSION >= NTDDI_VISTA)
4960 typedef struct _IO_PRIORITY_INFO {
4961 ULONG Size;
4962 ULONG ThreadPriority;
4963 ULONG PagePriority;
4964 IO_PRIORITY_HINT IoPriority;
4965 } IO_PRIORITY_INFO, *PIO_PRIORITY_INFO;
4966 #endif
4967
4968 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
4969 ULONG Attributes;
4970 ACCESS_MASK GrantedAccess;
4971 ULONG HandleCount;
4972 ULONG PointerCount;
4973 ULONG Reserved[10];
4974 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
4975
4976 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
4977 UNICODE_STRING TypeName;
4978 ULONG Reserved [22];
4979 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
4980
4981 #define SYSTEM_PAGE_PRIORITY_BITS 3
4982 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
4983
4984 /******************************************************************************
4985 * Kernel Types *
4986 ******************************************************************************/
4987 typedef struct _KAPC_STATE {
4988 LIST_ENTRY ApcListHead[MaximumMode];
4989 PKPROCESS Process;
4990 BOOLEAN KernelApcInProgress;
4991 BOOLEAN KernelApcPending;
4992 BOOLEAN UserApcPending;
4993 } KAPC_STATE, *PKAPC_STATE, *RESTRICTED_POINTER PRKAPC_STATE;
4994
4995 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
4996
4997 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
4998
4999 typedef struct _KQUEUE {
5000 DISPATCHER_HEADER Header;
5001 LIST_ENTRY EntryListHead;
5002 volatile ULONG CurrentCount;
5003 ULONG MaximumCount;
5004 LIST_ENTRY ThreadListHead;
5005 } KQUEUE, *PKQUEUE, *RESTRICTED_POINTER PRKQUEUE;
5006
5007
5008 /******************************************************************************
5009 * Kernel Functions *
5010 ******************************************************************************/
5011
5012 NTSTATUS
5013 NTAPI
5014 KeGetProcessorNumberFromIndex(
5015 _In_ ULONG ProcIndex,
5016 _Out_ PPROCESSOR_NUMBER ProcNumber);
5017
5018 ULONG
5019 NTAPI
5020 KeGetProcessorIndexFromNumber(
5021 _In_ PPROCESSOR_NUMBER ProcNumber);
5022
5023 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5024
5025
5026
5027
5028 NTKERNELAPI
5029 VOID
5030 NTAPI
5031 KeInitializeMutant(
5032 _Out_ PRKMUTANT Mutant,
5033 _In_ BOOLEAN InitialOwner);
5034
5035 _IRQL_requires_max_(DISPATCH_LEVEL)
5036 NTKERNELAPI
5037 LONG
5038 NTAPI
5039 KeReadStateMutant(
5040 _In_ PRKMUTANT Mutant);
5041
5042 _When_(Wait==0, _IRQL_requires_max_(DISPATCH_LEVEL))
5043 _When_(Wait==1, _IRQL_requires_max_(APC_LEVEL))
5044 NTKERNELAPI
5045 LONG
5046 NTAPI
5047 KeReleaseMutant(
5048 _Inout_ PRKMUTANT Mutant,
5049 _In_ KPRIORITY Increment,
5050 _In_ BOOLEAN Abandoned,
5051 _In_ BOOLEAN Wait);
5052
5053 NTKERNELAPI
5054 VOID
5055 NTAPI
5056 KeInitializeQueue(
5057 _Out_ PRKQUEUE Queue,
5058 _In_ ULONG Count);
5059
5060 _IRQL_requires_max_(DISPATCH_LEVEL)
5061 NTKERNELAPI
5062 LONG
5063 NTAPI
5064 KeReadStateQueue(
5065 _In_ PRKQUEUE Queue);
5066
5067 _IRQL_requires_min_(PASSIVE_LEVEL)
5068 _IRQL_requires_max_(DISPATCH_LEVEL)
5069 NTKERNELAPI
5070 LONG
5071 NTAPI
5072 KeInsertQueue(
5073 _Inout_ PRKQUEUE Queue,
5074 _Inout_ PLIST_ENTRY Entry);
5075
5076 _IRQL_requires_min_(PASSIVE_LEVEL)
5077 _IRQL_requires_max_(DISPATCH_LEVEL)
5078 NTKERNELAPI
5079 LONG
5080 NTAPI
5081 KeInsertHeadQueue(
5082 _Inout_ PRKQUEUE Queue,
5083 _Inout_ PLIST_ENTRY Entry);
5084
5085 _IRQL_requires_min_(PASSIVE_LEVEL)
5086 _When_((Timeout==NULL || Timeout->QuadPart!=0), _IRQL_requires_max_(APC_LEVEL))
5087 _When_((Timeout!=NULL && Timeout->QuadPart==0), _IRQL_requires_max_(DISPATCH_LEVEL))
5088 NTKERNELAPI
5089 PLIST_ENTRY
5090 NTAPI
5091 KeRemoveQueue(
5092 _Inout_ PRKQUEUE Queue,
5093 _In_ KPROCESSOR_MODE WaitMode,
5094 _In_opt_ PLARGE_INTEGER Timeout);
5095
5096 _IRQL_requires_max_(APC_LEVEL)
5097 NTKERNELAPI
5098 VOID
5099 NTAPI
5100 KeAttachProcess(
5101 _Inout_ PKPROCESS Process);
5102
5103 _IRQL_requires_max_(APC_LEVEL)
5104 NTKERNELAPI
5105 VOID
5106 NTAPI
5107 KeDetachProcess(VOID);
5108
5109 _IRQL_requires_max_(DISPATCH_LEVEL)
5110 NTKERNELAPI
5111 PLIST_ENTRY
5112 NTAPI
5113 KeRundownQueue(
5114 _Inout_ PRKQUEUE Queue);
5115
5116 _IRQL_requires_max_(APC_LEVEL)
5117 NTKERNELAPI
5118 VOID
5119 NTAPI
5120 KeStackAttachProcess(
5121 _Inout_ PKPROCESS Process,
5122 _Out_ PKAPC_STATE ApcState);
5123
5124 _IRQL_requires_max_(APC_LEVEL)
5125 NTKERNELAPI
5126 VOID
5127 NTAPI
5128 KeUnstackDetachProcess(
5129 _In_ PKAPC_STATE ApcState);
5130
5131 _IRQL_requires_min_(PASSIVE_LEVEL)
5132 _IRQL_requires_max_(DISPATCH_LEVEL)
5133 NTKERNELAPI
5134 UCHAR
5135 NTAPI
5136 KeSetIdealProcessorThread(
5137 _Inout_ PKTHREAD Thread,
5138 _In_ UCHAR Processor);
5139
5140 _IRQL_requires_max_(APC_LEVEL)
5141 NTKERNELAPI
5142 BOOLEAN
5143 NTAPI
5144 KeSetKernelStackSwapEnable(
5145 _In_ BOOLEAN Enable);
5146
5147 #if defined(_X86_)
5148 _Requires_lock_not_held_(*SpinLock)
5149 _Acquires_lock_(*SpinLock)
5150 _IRQL_raises_(SYNCH_LEVEL)
5151 _IRQL_saves_
5152 NTHALAPI
5153 KIRQL
5154 FASTCALL
5155 KeAcquireSpinLockRaiseToSynch(
5156 _Inout_ PKSPIN_LOCK SpinLock);
5157 #else
5158 _Requires_lock_not_held_(*SpinLock)
5159 _Acquires_lock_(*SpinLock)
5160 _IRQL_raises_(SYNCH_LEVEL)
5161 _IRQL_saves_
5162 NTKERNELAPI
5163 KIRQL
5164 KeAcquireSpinLockRaiseToSynch(
5165 _Inout_ PKSPIN_LOCK SpinLock);
5166 #endif
5167
5168 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5169
5170 #if (NTDDI_VERSION >= NTDDI_WINXP)
5171
5172
5173 _Requires_lock_not_held_(Number)
5174 _Acquires_lock_(Number)
5175 _IRQL_raises_(DISPATCH_LEVEL)
5176 _DECL_HAL_KE_IMPORT
5177 KIRQL
5178 FASTCALL
5179 KeAcquireQueuedSpinLock(
5180 _In_ KSPIN_LOCK_QUEUE_NUMBER Number);
5181
5182 _Requires_lock_held_(Number)
5183 _Releases_lock_(Number)
5184 _DECL_HAL_KE_IMPORT
5185 VOID
5186 FASTCALL
5187 KeReleaseQueuedSpinLock(
5188 _In_ KSPIN_LOCK_QUEUE_NUMBER Number,
5189 _In_ KIRQL OldIrql);
5190
5191 _Must_inspect_result_
5192 _Post_satisfies_(return == 1 || return == 0)
5193 _DECL_HAL_KE_IMPORT
5194 LOGICAL
5195 FASTCALL
5196 KeTryToAcquireQueuedSpinLock(
5197 _In_ KSPIN_LOCK_QUEUE_NUMBER Number,
5198 _Out_ _At_(*OldIrql, _IRQL_saves_) PKIRQL OldIrql);
5199
5200 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5201
5202
5203
5204
5205
5206 #if (NTDDI_VERSION >= NTDDI_VISTA)
5207
5208 _IRQL_requires_max_(DISPATCH_LEVEL)
5209 NTKERNELAPI
5210 VOID
5211 KeQueryOwnerMutant(
5212 _In_ PKMUTANT Mutant,
5213 _Out_ PCLIENT_ID ClientId);
5214
5215 _IRQL_requires_min_(PASSIVE_LEVEL)
5216 _When_((Timeout==NULL || *Timeout!=0), _IRQL_requires_max_(APC_LEVEL))
5217 _When_((Timeout!=NULL && *Timeout==0), _IRQL_requires_max_(DISPATCH_LEVEL))
5218 NTKERNELAPI
5219 ULONG
5220 NTAPI
5221 KeRemoveQueueEx(
5222 _Inout_ PKQUEUE Queue,
5223 _In_ KPROCESSOR_MODE WaitMode,
5224 _In_ BOOLEAN Alertable,
5225 _In_opt_ PLARGE_INTEGER Timeout,
5226 _Out_writes_to_(Count, return) PLIST_ENTRY *EntryArray,
5227 _In_ ULONG Count);
5228
5229 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5230
5231
5232 #define INVALID_PROCESSOR_INDEX 0xffffffff
5233
5234 #define EX_PUSH_LOCK ULONG_PTR
5235 #define PEX_PUSH_LOCK PULONG_PTR
5236 /******************************************************************************
5237 * Executive Functions *
5238 ******************************************************************************/
5239
5240
5241 #define ExDisableResourceBoost ExDisableResourceBoostLite
5242
5243 VOID
5244 ExInitializePushLock(
5245 _Out_ PEX_PUSH_LOCK PushLock);
5246
5247 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5248
5249 _IRQL_requires_max_(DISPATCH_LEVEL)
5250 NTKERNELAPI
5251 SIZE_T
5252 NTAPI
5253 ExQueryPoolBlockSize(
5254 _In_ PVOID PoolBlock,
5255 _Out_ PBOOLEAN QuotaCharged);
5256
5257 _IRQL_requires_max_(DISPATCH_LEVEL)
5258 VOID
5259 ExAdjustLookasideDepth(VOID);
5260
5261 _IRQL_requires_max_(DISPATCH_LEVEL)
5262 NTKERNELAPI
5263 VOID
5264 NTAPI
5265 ExDisableResourceBoostLite(
5266 _In_ PERESOURCE Resource);
5267 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5268
5269 #if (NTDDI_VERSION >= NTDDI_WINXP)
5270
5271 PSLIST_ENTRY
5272 FASTCALL
5273 InterlockedPushListSList(
5274 _Inout_ PSLIST_HEADER ListHead,
5275 _Inout_ __drv_aliasesMem PSLIST_ENTRY List,
5276 _Inout_ PSLIST_ENTRY ListEnd,
5277 _In_ ULONG Count);
5278 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5279
5280 /******************************************************************************
5281 * Security Manager Functions *
5282 ******************************************************************************/
5283
5284 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5285
5286
5287 NTKERNELAPI
5288 VOID
5289 NTAPI
5290 SeReleaseSubjectContext(
5291 _Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
5292
5293 NTKERNELAPI
5294 BOOLEAN
5295 NTAPI
5296 SePrivilegeCheck(
5297 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
5298 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
5299 _In_ KPROCESSOR_MODE AccessMode);
5300
5301 NTKERNELAPI
5302 VOID
5303 NTAPI
5304 SeOpenObjectAuditAlarm(
5305 _In_ PUNICODE_STRING ObjectTypeName,
5306 _In_opt_ PVOID Object,
5307 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5308 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5309 _In_ PACCESS_STATE AccessState,
5310 _In_ BOOLEAN ObjectCreated,
5311 _In_ BOOLEAN AccessGranted,
5312 _In_ KPROCESSOR_MODE AccessMode,
5313 _Out_ PBOOLEAN GenerateOnClose);
5314
5315 NTKERNELAPI
5316 VOID
5317 NTAPI
5318 SeOpenObjectForDeleteAuditAlarm(
5319 _In_ PUNICODE_STRING ObjectTypeName,
5320 _In_opt_ PVOID Object,
5321 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5322 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5323 _In_ PACCESS_STATE AccessState,
5324 _In_ BOOLEAN ObjectCreated,
5325 _In_ BOOLEAN AccessGranted,
5326 _In_ KPROCESSOR_MODE AccessMode,
5327 _Out_ PBOOLEAN GenerateOnClose);
5328
5329 NTKERNELAPI
5330 VOID
5331 NTAPI
5332 SeDeleteObjectAuditAlarm(
5333 _In_ PVOID Object,
5334 _In_ HANDLE Handle);
5335
5336 NTKERNELAPI
5337 TOKEN_TYPE
5338 NTAPI
5339 SeTokenType(
5340 _In_ PACCESS_TOKEN Token);
5341
5342 NTKERNELAPI
5343 BOOLEAN
5344 NTAPI
5345 SeTokenIsAdmin(
5346 _In_ PACCESS_TOKEN Token);
5347
5348 NTKERNELAPI
5349 BOOLEAN
5350 NTAPI
5351 SeTokenIsRestricted(
5352 _In_ PACCESS_TOKEN Token);
5353
5354 NTKERNELAPI
5355 NTSTATUS
5356 NTAPI
5357 SeQueryAuthenticationIdToken(
5358 _In_ PACCESS_TOKEN Token,
5359 _Out_ PLUID AuthenticationId);
5360
5361 NTKERNELAPI
5362 NTSTATUS
5363 NTAPI
5364 SeQuerySessionIdToken(
5365 _In_ PACCESS_TOKEN Token,
5366 _Out_ PULONG SessionId);
5367
5368 NTKERNELAPI
5369 NTSTATUS
5370 NTAPI
5371 SeCreateClientSecurity(
5372 _In_ PETHREAD ClientThread,
5373 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
5374 _In_ BOOLEAN RemoteSession,
5375 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
5376
5377 NTKERNELAPI
5378 VOID
5379 NTAPI
5380 SeImpersonateClient(
5381 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
5382 _In_opt_ PETHREAD ServerThread);
5383
5384 NTKERNELAPI
5385 NTSTATUS
5386 NTAPI
5387 SeImpersonateClientEx(
5388 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
5389 _In_opt_ PETHREAD ServerThread);
5390
5391 NTKERNELAPI
5392 NTSTATUS
5393 NTAPI
5394 SeCreateClientSecurityFromSubjectContext(
5395 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
5396 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
5397 _In_ BOOLEAN ServerIsRemote,
5398 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
5399
5400 NTKERNELAPI
5401 NTSTATUS
5402 NTAPI
5403 SeQuerySecurityDescriptorInfo(
5404 _In_ PSECURITY_INFORMATION SecurityInformation,
5405 _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
5406 _Inout_ PULONG Length,
5407 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
5408
5409 NTKERNELAPI
5410 NTSTATUS
5411 NTAPI
5412 SeSetSecurityDescriptorInfo(
5413 _In_opt_ PVOID Object,
5414 _In_ PSECURITY_INFORMATION SecurityInformation,
5415 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5416 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
5417 _In_ POOL_TYPE PoolType,
5418 _In_ PGENERIC_MAPPING GenericMapping);
5419
5420 NTKERNELAPI
5421 NTSTATUS
5422 NTAPI
5423 SeSetSecurityDescriptorInfoEx(
5424 _In_opt_ PVOID Object,
5425 _In_ PSECURITY_INFORMATION SecurityInformation,
5426 _In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
5427 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
5428 _In_ ULONG AutoInheritFlags,
5429 _In_ POOL_TYPE PoolType,
5430 _In_ PGENERIC_MAPPING GenericMapping);
5431
5432 NTKERNELAPI
5433 NTSTATUS
5434 NTAPI
5435 SeAppendPrivileges(
5436 _Inout_ PACCESS_STATE AccessState,
5437 _In_ PPRIVILEGE_SET Privileges);
5438
5439 NTKERNELAPI
5440 BOOLEAN
5441 NTAPI
5442 SeAuditingFileEvents(
5443 _In_ BOOLEAN AccessGranted,
5444 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
5445
5446 NTKERNELAPI
5447 BOOLEAN
5448 NTAPI
5449 SeAuditingFileOrGlobalEvents(
5450 _In_ BOOLEAN AccessGranted,
5451 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5452 _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5453
5454 VOID
5455 NTAPI
5456 SeSetAccessStateGenericMapping(
5457 _Inout_ PACCESS_STATE AccessState,
5458 _In_ PGENERIC_MAPPING GenericMapping);
5459
5460 NTKERNELAPI
5461 NTSTATUS
5462 NTAPI
5463 SeRegisterLogonSessionTerminatedRoutine(
5464 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
5465
5466 NTKERNELAPI
5467 NTSTATUS
5468 NTAPI
5469 SeUnregisterLogonSessionTerminatedRoutine(
5470 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
5471
5472 NTKERNELAPI
5473 NTSTATUS
5474 NTAPI
5475 SeMarkLogonSessionForTerminationNotification(
5476 _In_ PLUID LogonId);
5477
5478 NTKERNELAPI
5479 NTSTATUS
5480 NTAPI
5481 SeQueryInformationToken(
5482 _In_ PACCESS_TOKEN Token,
5483 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
5484 _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation);
5485
5486 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5487 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
5488 NTKERNELAPI
5489 BOOLEAN
5490 NTAPI
5491 SeAuditingHardLinkEvents(
5492 _In_ BOOLEAN AccessGranted,
5493 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
5494 #endif
5495
5496 #if (NTDDI_VERSION >= NTDDI_WINXP)
5497
5498 NTKERNELAPI
5499 NTSTATUS
5500 NTAPI
5501 SeFilterToken(
5502 _In_ PACCESS_TOKEN ExistingToken,
5503 _In_ ULONG Flags,
5504 _In_opt_ PTOKEN_GROUPS SidsToDisable,
5505 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
5506 _In_opt_ PTOKEN_GROUPS RestrictedSids,
5507 _Outptr_ PACCESS_TOKEN *FilteredToken);
5508
5509 NTKERNELAPI
5510 VOID
5511 NTAPI
5512 SeAuditHardLinkCreation(
5513 _In_ PUNICODE_STRING FileName,
5514 _In_ PUNICODE_STRING LinkName,
5515 _In_ BOOLEAN bSuccess);
5516
5517 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5518
5519 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
5520
5521 NTKERNELAPI
5522 BOOLEAN
5523 NTAPI
5524 SeAuditingFileEventsWithContext(
5525 _In_ BOOLEAN AccessGranted,
5526 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5527 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5528
5529 NTKERNELAPI
5530 BOOLEAN
5531 NTAPI
5532 SeAuditingHardLinkEventsWithContext(
5533 _In_ BOOLEAN AccessGranted,
5534 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5535 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5536
5537 #endif
5538
5539
5540 #if (NTDDI_VERSION >= NTDDI_VISTA)
5541
5542 NTKERNELAPI
5543 VOID
5544 NTAPI
5545 SeOpenObjectAuditAlarmWithTransaction(
5546 _In_ PUNICODE_STRING ObjectTypeName,
5547 _In_opt_ PVOID Object,
5548 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5549 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5550 _In_ PACCESS_STATE AccessState,
5551 _In_ BOOLEAN ObjectCreated,
5552 _In_ BOOLEAN AccessGranted,
5553 _In_ KPROCESSOR_MODE AccessMode,
5554 _In_opt_ GUID *TransactionId,
5555 _Out_ PBOOLEAN GenerateOnClose);
5556
5557 NTKERNELAPI
5558 VOID
5559 NTAPI
5560 SeOpenObjectForDeleteAuditAlarmWithTransaction(
5561 _In_ PUNICODE_STRING ObjectTypeName,
5562 _In_opt_ PVOID Object,
5563 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5564 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5565 _In_ PACCESS_STATE AccessState,
5566 _In_ BOOLEAN ObjectCreated,
5567 _In_ BOOLEAN AccessGranted,
5568 _In_ KPROCESSOR_MODE AccessMode,
5569 _In_opt_ GUID *TransactionId,
5570 _Out_ PBOOLEAN GenerateOnClose);
5571
5572 NTKERNELAPI
5573 VOID
5574 NTAPI
5575 SeExamineSacl(
5576 _In_ PACL Sacl,
5577 _In_ PACCESS_TOKEN Token,
5578 _In_ ACCESS_MASK DesiredAccess,
5579 _In_ BOOLEAN AccessGranted,
5580 _Out_ PBOOLEAN GenerateAudit,
5581 _Out_ PBOOLEAN GenerateAlarm);
5582
5583 NTKERNELAPI
5584 VOID
5585 NTAPI
5586 SeDeleteObjectAuditAlarmWithTransaction(
5587 _In_ PVOID Object,
5588 _In_ HANDLE Handle,
5589 _In_opt_ GUID *TransactionId);
5590
5591 NTKERNELAPI
5592 VOID
5593 NTAPI
5594 SeQueryTokenIntegrity(
5595 _In_ PACCESS_TOKEN Token,
5596 _Inout_ PSID_AND_ATTRIBUTES IntegritySA);
5597
5598 NTKERNELAPI
5599 NTSTATUS
5600 NTAPI
5601 SeSetSessionIdToken(
5602 _In_ PACCESS_TOKEN Token,
5603 _In_ ULONG SessionId);
5604
5605 NTKERNELAPI
5606 VOID
5607 NTAPI
5608 SeAuditHardLinkCreationWithTransaction(
5609 _In_ PUNICODE_STRING FileName,
5610 _In_ PUNICODE_STRING LinkName,
5611 _In_ BOOLEAN bSuccess,
5612 _In_opt_ GUID *TransactionId);
5613
5614 NTKERNELAPI
5615 VOID
5616 NTAPI
5617 SeAuditTransactionStateChange(
5618 _In_ GUID *TransactionId,
5619 _In_ GUID *ResourceManagerId,
5620 _In_ ULONG NewTransactionState);
5621 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5622
5623 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
5624 NTKERNELAPI
5625 BOOLEAN
5626 NTAPI
5627 SeTokenIsWriteRestricted(
5628 _In_ PACCESS_TOKEN Token);
5629 #endif
5630
5631 #if (NTDDI_VERSION >= NTDDI_WIN7)
5632
5633 NTKERNELAPI
5634 BOOLEAN
5635 NTAPI
5636 SeAuditingAnyFileEventsWithContext(
5637 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5638 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
5639 _Out_opt_ PBOOLEAN StagingEnabled);
5640
5641 NTKERNELAPI
5642 VOID
5643 NTAPI
5644 SeExamineGlobalSacl(
5645 _In_ PUNICODE_STRING ObjectType,
5646 _In_ PACL ResourceSacl,
5647 _In_ PACCESS_TOKEN Token,
5648 _In_ ACCESS_MASK DesiredAccess,
5649 _In_ BOOLEAN AccessGranted,
5650 _Inout_ PBOOLEAN GenerateAudit,
5651 _Inout_opt_ PBOOLEAN GenerateAlarm);
5652
5653 NTKERNELAPI
5654 VOID
5655 NTAPI
5656 SeMaximumAuditMaskFromGlobalSacl(
5657 _In_opt_ PUNICODE_STRING ObjectTypeName,
5658 _In_ ACCESS_MASK GrantedAccess,
5659 _In_ PACCESS_TOKEN Token,
5660 _Inout_ PACCESS_MASK AuditMask);
5661
5662 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
5663
5664 NTSTATUS
5665 NTAPI
5666 SeReportSecurityEventWithSubCategory(
5667 _In_ ULONG Flags,
5668 _In_ PUNICODE_STRING SourceName,
5669 _In_opt_ PSID UserSid,
5670 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
5671 _In_ ULONG AuditSubcategoryId);
5672
5673 BOOLEAN
5674 NTAPI
5675 SeAccessCheckFromState(
5676 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5677 _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
5678 _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation,
5679 _In_ ACCESS_MASK DesiredAccess,
5680 _In_ ACCESS_MASK PreviouslyGrantedAccess,
5681 _Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges,
5682 _In_ PGENERIC_MAPPING GenericMapping,
5683 _In_ KPROCESSOR_MODE AccessMode,
5684 _Out_ PACCESS_MASK GrantedAccess,
5685 _Out_ PNTSTATUS AccessStatus);
5686
5687 NTKERNELAPI
5688 VOID
5689 NTAPI
5690 SeFreePrivileges(
5691 _In_ PPRIVILEGE_SET Privileges);
5692
5693 NTSTATUS
5694 NTAPI
5695 SeLocateProcessImageName(
5696 _Inout_ PEPROCESS Process,
5697 _Outptr_ PUNICODE_STRING *pImageFileName);
5698
5699 #define SeLengthSid( Sid ) \
5700 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
5701
5702 #define SeDeleteClientSecurity(C) { \
5703 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
5704 PsDereferencePrimaryToken( (C)->ClientToken ); \
5705 } else { \
5706 PsDereferenceImpersonationToken( (C)->ClientToken ); \
5707 } \
5708 }
5709
5710 #define SeStopImpersonatingClient() PsRevertToSelf()
5711
5712 #define SeQuerySubjectContextToken( SubjectContext ) \
5713 ( ARGUMENT_PRESENT( \
5714 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
5715 ) ? \
5716 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
5717 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
5718
5719 extern NTKERNELAPI PSE_EXPORTS SeExports;
5720 /******************************************************************************
5721 * Process Manager Functions *
5722 ******************************************************************************/
5723
5724 _Must_inspect_result_
5725 _IRQL_requires_max_(APC_LEVEL)
5726 NTKERNELAPI
5727 NTSTATUS
5728 NTAPI
5729 PsLookupProcessByProcessId(
5730 _In_ HANDLE ProcessId,
5731 _Outptr_ PEPROCESS *Process);
5732
5733 _Must_inspect_result_
5734 _IRQL_requires_max_(APC_LEVEL)
5735 NTKERNELAPI
5736 NTSTATUS
5737 NTAPI
5738 PsLookupThreadByThreadId(
5739 _In_ HANDLE UniqueThreadId,
5740 _Outptr_ PETHREAD *Thread);
5741
5742 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5743
5744
5745 _IRQL_requires_max_(APC_LEVEL)
5746 NTKERNELAPI
5747 PACCESS_TOKEN
5748 NTAPI
5749 PsReferenceImpersonationToken(
5750 _Inout_ PETHREAD Thread,
5751 _Out_ PBOOLEAN CopyOnOpen,
5752 _Out_ PBOOLEAN EffectiveOnly,
5753 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
5754
5755 _IRQL_requires_max_(APC_LEVEL)
5756 NTKERNELAPI
5757 LARGE_INTEGER
5758 NTAPI
5759 PsGetProcessExitTime(VOID);
5760
5761 _IRQL_requires_max_(DISPATCH_LEVEL)
5762 NTKERNELAPI
5763 BOOLEAN
5764 NTAPI
5765 PsIsThreadTerminating(
5766 _In_ PETHREAD Thread);
5767
5768 _Must_inspect_result_
5769 _IRQL_requires_max_(PASSIVE_LEVEL)
5770 NTKERNELAPI
5771 NTSTATUS
5772 NTAPI
5773 PsImpersonateClient(
5774 _Inout_ PETHREAD Thread,
5775 _In_opt_ PACCESS_TOKEN Token,
5776 _In_ BOOLEAN CopyOnOpen,
5777 _In_ BOOLEAN EffectiveOnly,
5778 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
5779
5780 _IRQL_requires_max_(PASSIVE_LEVEL)
5781 NTKERNELAPI
5782 BOOLEAN
5783 NTAPI
5784 PsDisableImpersonation(
5785 _Inout_ PETHREAD Thread,
5786 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState);
5787
5788 _IRQL_requires_max_(PASSIVE_LEVEL)
5789 NTKERNELAPI
5790 VOID
5791 NTAPI
5792 PsRestoreImpersonation(
5793 _Inout_ PETHREAD Thread,
5794 _In_ PSE_IMPERSONATION_STATE ImpersonationState);
5795
5796 _IRQL_requires_max_(PASSIVE_LEVEL)
5797 NTKERNELAPI
5798 VOID
5799 NTAPI
5800 PsRevertToSelf(VOID);
5801
5802 _IRQL_requires_max_(APC_LEVEL)
5803 NTKERNELAPI
5804 VOID
5805 NTAPI
5806 PsChargePoolQuota(
5807 _In_ PEPROCESS Process,
5808 _In_ POOL_TYPE PoolType,
5809 _In_ ULONG_PTR Amount);
5810
5811 _IRQL_requires_max_(APC_LEVEL)
5812 NTKERNELAPI
5813 VOID
5814 NTAPI
5815 PsReturnPoolQuota(
5816 _In_ PEPROCESS Process,
5817 _In_ POOL_TYPE PoolType,
5818 _In_ ULONG_PTR Amount);
5819
5820 _IRQL_requires_max_(PASSIVE_LEVEL)
5821 NTKERNELAPI
5822 NTSTATUS
5823 NTAPI
5824 PsAssignImpersonationToken(
5825 _In_ PETHREAD Thread,
5826 _In_opt_ HANDLE Token);
5827
5828 _IRQL_requires_max_(PASSIVE_LEVEL)
5829 NTKERNELAPI
5830 HANDLE
5831 NTAPI
5832 PsReferencePrimaryToken(
5833 _Inout_ PEPROCESS Process);
5834 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5835 #if (NTDDI_VERSION >= NTDDI_WINXP)
5836
5837
5838 _IRQL_requires_max_(PASSIVE_LEVEL)
5839 NTKERNELAPI
5840 VOID
5841 NTAPI
5842 PsDereferencePrimaryToken(
5843 _In_ PACCESS_TOKEN PrimaryToken);
5844
5845 _IRQL_requires_max_(PASSIVE_LEVEL)
5846 NTKERNELAPI
5847 VOID
5848 NTAPI
5849 PsDereferenceImpersonationToken(
5850 _In_ PACCESS_TOKEN ImpersonationToken);
5851
5852 _Must_inspect_result_
5853 _IRQL_requires_max_(APC_LEVEL)
5854 NTKERNELAPI
5855 NTSTATUS
5856 NTAPI
5857 PsChargeProcessPoolQuota(
5858 _In_ PEPROCESS Process,
5859 _In_ POOL_TYPE PoolType,
5860 _In_ ULONG_PTR Amount);
5861
5862 NTKERNELAPI
5863 BOOLEAN
5864 NTAPI
5865 PsIsSystemThread(
5866 _In_ PETHREAD Thread);
5867 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5868
5869 /******************************************************************************
5870 * I/O Manager Functions *
5871 ******************************************************************************/
5872
5873 #define IoIsFileOpenedExclusively(FileObject) ( \
5874 (BOOLEAN) !( \
5875 (FileObject)->SharedRead || \
5876 (FileObject)->SharedWrite || \
5877 (FileObject)->SharedDelete \
5878 ) \
5879 )
5880
5881 #if (NTDDI_VERSION == NTDDI_WIN2K)
5882 NTKERNELAPI
5883 NTSTATUS
5884 NTAPI
5885 IoRegisterFsRegistrationChangeEx(
5886 _In_ PDRIVER_OBJECT DriverObject,
5887 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
5888 #endif
5889 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5890
5891
5892 NTKERNELAPI
5893 VOID
5894 NTAPI
5895 IoAcquireVpbSpinLock(
5896 _Out_ PKIRQL Irql);
5897
5898 NTKERNELAPI
5899 NTSTATUS
5900 NTAPI
5901 IoCheckDesiredAccess(
5902 _Inout_ PACCESS_MASK DesiredAccess,
5903 _In_ ACCESS_MASK GrantedAccess);
5904
5905 NTKERNELAPI
5906 NTSTATUS
5907 NTAPI
5908 IoCheckEaBufferValidity(
5909 _In_ PFILE_FULL_EA_INFORMATION EaBuffer,
5910 _In_ ULONG EaLength,
5911 _Out_ PULONG ErrorOffset);
5912
5913 NTKERNELAPI
5914 NTSTATUS
5915 NTAPI
5916 IoCheckFunctionAccess(
5917 _In_ ACCESS_MASK GrantedAccess,
5918 _In_ UCHAR MajorFunction,
5919 _In_ UCHAR MinorFunction,
5920 _In_ ULONG IoControlCode,
5921 _In_opt_ PVOID Argument1,
5922 _In_opt_ PVOID Argument2);
5923
5924 NTKERNELAPI
5925 NTSTATUS
5926 NTAPI
5927 IoCheckQuerySetFileInformation(
5928 _In_ FILE_INFORMATION_CLASS FileInformationClass,
5929 _In_ ULONG Length,
5930 _In_ BOOLEAN SetOperation);
5931
5932 NTKERNELAPI
5933 NTSTATUS
5934 NTAPI
5935 IoCheckQuerySetVolumeInformation(
5936 _In_ FS_INFORMATION_CLASS FsInformationClass,
5937 _In_ ULONG Length,
5938 _In_ BOOLEAN SetOperation);
5939
5940 NTKERNELAPI
5941 NTSTATUS
5942 NTAPI
5943 IoCheckQuotaBufferValidity(
5944 _In_ PFILE_QUOTA_INFORMATION QuotaBuffer,
5945 _In_ ULONG QuotaLength,
5946 _Out_ PULONG ErrorOffset);
5947
5948 NTKERNELAPI
5949 PFILE_OBJECT
5950 NTAPI
5951 IoCreateStreamFileObject(
5952 _In_opt_ PFILE_OBJECT FileObject,
5953 _In_opt_ PDEVICE_OBJECT DeviceObject);
5954
5955 NTKERNELAPI
5956 PFILE_OBJECT
5957 NTAPI
5958 IoCreateStreamFileObjectLite(
5959 _In_opt_ PFILE_OBJECT FileObject,
5960 _In_opt_ PDEVICE_OBJECT DeviceObject);
5961
5962 NTKERNELAPI
5963 BOOLEAN
5964 NTAPI
5965 IoFastQueryNetworkAttributes(
5966 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
5967 _In_ ACCESS_MASK DesiredAccess,
5968 _In_ ULONG OpenOptions,
5969 _Out_ PIO_STATUS_BLOCK IoStatus,
5970 _Out_ PFILE_NETWORK_OPEN_INFORMATION Buffer);
5971
5972 NTKERNELAPI
5973 NTSTATUS
5974 NTAPI
5975 IoPageRead(
5976 _In_ PFILE_OBJECT FileObject,
5977 _In_ PMDL Mdl,
5978 _In_ PLARGE_INTEGER Offset,
5979 _In_ PKEVENT Event,
5980 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
5981
5982 NTKERNELAPI
5983 PDEVICE_OBJECT
5984 NTAPI
5985 IoGetBaseFileSystemDeviceObject(
5986 _In_ PFILE_OBJECT FileObject);
5987
5988 _IRQL_requires_max_(PASSIVE_LEVEL)
5989 NTKERNELAPI
5990 PCONFIGURATION_INFORMATION
5991 NTAPI
5992 IoGetConfigurationInformation(VOID);
5993
5994 NTKERNELAPI
5995 ULONG
5996 NTAPI
5997 IoGetRequestorProcessId(
5998 _In_ PIRP Irp);
5999
6000 NTKERNELAPI
6001 PEPROCESS
6002 NTAPI
6003 IoGetRequestorProcess(
6004 _In_ PIRP Irp);
6005
6006 NTKERNELAPI
6007 PIRP
6008 NTAPI
6009 IoGetTopLevelIrp(VOID);
6010
6011 NTKERNELAPI
6012 BOOLEAN
6013 NTAPI
6014 IoIsOperationSynchronous(
6015 _In_ PIRP Irp);
6016
6017 NTKERNELAPI
6018 BOOLEAN
6019 NTAPI
6020 IoIsSystemThread(
6021 _In_ PETHREAD Thread);
6022
6023 NTKERNELAPI
6024 BOOLEAN
6025 NTAPI
6026 IoIsValidNameGraftingBuffer(
6027 _In_ PIRP Irp,
6028 _In_ PREPARSE_DATA_BUFFER ReparseBuffer);
6029
6030 NTKERNELAPI
6031 NTSTATUS
6032 NTAPI
6033 IoQueryFileInformation(
6034 _In_ PFILE_OBJECT FileObject,
6035 _In_ FILE_INFORMATION_CLASS FileInformationClass,
6036 _In_ ULONG Length,
6037 _Out_ PVOID FileInformation,
6038 _Out_ PULONG ReturnedLength);
6039
6040 NTKERNELAPI
6041 NTSTATUS
6042 NTAPI
6043 IoQueryVolumeInformation(
6044 _In_ PFILE_OBJECT FileObject,
6045 _In_ FS_INFORMATION_CLASS FsInformationClass,
6046 _In_ ULONG Length,
6047 _Out_ PVOID FsInformation,
6048 _Out_ PULONG ReturnedLength);
6049
6050 NTKERNELAPI
6051 VOID
6052 NTAPI
6053 IoQueueThreadIrp(
6054 _In_ PIRP Irp);
6055
6056 NTKERNELAPI
6057 VOID
6058 NTAPI
6059 IoRegisterFileSystem(
6060 _In_ __drv_aliasesMem PDEVICE_OBJECT DeviceObject);
6061
6062 NTKERNELAPI
6063 NTSTATUS
6064 NTAPI
6065 IoRegisterFsRegistrationChange(
6066 _In_ PDRIVER_OBJECT DriverObject,
6067 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
6068
6069 NTKERNELAPI
6070 VOID
6071 NTAPI
6072 IoReleaseVpbSpinLock(
6073 _In_ KIRQL Irql);
6074
6075 NTKERNELAPI
6076 VOID
6077 NTAPI
6078 IoSetDeviceToVerify(
6079 _In_ PETHREAD Thread,
6080 _In_opt_ PDEVICE_OBJECT DeviceObject);
6081
6082 NTKERNELAPI
6083 NTSTATUS
6084 NTAPI
6085 IoSetInformation(
6086 _In_ PFILE_OBJECT FileObject,
6087 _In_ FILE_INFORMATION_CLASS FileInformationClass,
6088 _In_ ULONG Length,
6089 _In_ PVOID FileInformation);
6090
6091 NTKERNELAPI
6092 VOID
6093 NTAPI
6094 IoSetTopLevelIrp(
6095 _In_opt_ PIRP Irp);
6096
6097 NTKERNELAPI
6098 NTSTATUS
6099 NTAPI
6100 IoSynchronousPageWrite(
6101 _In_ PFILE_OBJECT FileObject,
6102 _In_ PMDL Mdl,
6103 _In_ PLARGE_INTEGER FileOffset,
6104 _In_ PKEVENT Event,
6105 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
6106
6107 NTKERNELAPI
6108 PEPROCESS
6109 NTAPI
6110 IoThreadToProcess(
6111 _In_ PETHREAD Thread);
6112
6113 NTKERNELAPI
6114 VOID
6115 NTAPI
6116 IoUnregisterFileSystem(
6117 _In_ PDEVICE_OBJECT DeviceObject);
6118
6119 NTKERNELAPI
6120 VOID
6121 NTAPI
6122 IoUnregisterFsRegistrationChange(
6123 _In_ PDRIVER_OBJECT DriverObject,
6124 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
6125
6126 NTKERNELAPI
6127 NTSTATUS
6128 NTAPI
6129 IoVerifyVolume(
6130 _In_ PDEVICE_OBJECT DeviceObject,
6131 _In_ BOOLEAN AllowRawMount);
6132
6133 NTKERNELAPI
6134 NTSTATUS
6135 NTAPI
6136 IoGetRequestorSessionId(
6137 _In_ PIRP Irp,
6138 _Out_ PULONG pSessionId);
6139
6140 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6141
6142
6143 #if (NTDDI_VERSION >= NTDDI_WINXP)
6144
6145
6146 NTKERNELAPI
6147 PFILE_OBJECT
6148 NTAPI
6149 IoCreateStreamFileObjectEx(
6150 _In_opt_ PFILE_OBJECT FileObject,
6151 _In_opt_ PDEVICE_OBJECT DeviceObject,
6152 _Out_opt_ PHANDLE FileObjectHandle);
6153
6154 NTKERNELAPI
6155 NTSTATUS
6156 NTAPI
6157 IoQueryFileDosDeviceName(
6158 _In_ PFILE_OBJECT FileObject,
6159 _Out_ POBJECT_NAME_INFORMATION *ObjectNameInformation);
6160
6161 NTKERNELAPI
6162 NTSTATUS
6163 NTAPI
6164 IoEnumerateDeviceObjectList(
6165 _In_ PDRIVER_OBJECT DriverObject,
6166 _Out_writes_bytes_to_opt_(DeviceObjectListSize,(*ActualNumberDeviceObjects)*sizeof(PDEVICE_OBJECT))
6167 PDEVICE_OBJECT *DeviceObjectList,
6168 _In_ ULONG DeviceObjectListSize,
6169 _Out_ PULONG ActualNumberDeviceObjects);
6170
6171 NTKERNELAPI
6172 PDEVICE_OBJECT
6173 NTAPI
6174 IoGetLowerDeviceObject(
6175 _In_ PDEVICE_OBJECT DeviceObject);
6176
6177 NTKERNELAPI
6178 PDEVICE_OBJECT
6179 NTAPI
6180 IoGetDeviceAttachmentBaseRef(
6181 _In_ PDEVICE_OBJECT DeviceObject);
6182
6183 NTKERNELAPI
6184 NTSTATUS
6185 NTAPI
6186 IoGetDiskDeviceObject(
6187 _In_ PDEVICE_OBJECT FileSystemDeviceObject,
6188 _Out_ PDEVICE_OBJECT *DiskDeviceObject);
6189
6190 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6191
6192 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
6193
6194
6195 NTKERNELAPI
6196 NTSTATUS
6197 NTAPI
6198 IoEnumerateRegisteredFiltersList(
6199 _Out_writes_bytes_to_opt_(DriverObjectListSize,(*ActualNumberDriverObjects)*sizeof(PDRIVER_OBJECT))
6200 PDRIVER_OBJECT *DriverObjectList,
6201 _In_ ULONG DriverObjectListSize,
6202 _Out_ PULONG ActualNumberDriverObjects);
6203 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
6204
6205 #if (NTDDI_VERSION >= NTDDI_VISTA)
6206
6207 FORCEINLINE
6208 VOID
6209 NTAPI
6210 IoInitializePriorityInfo(
6211 _In_ PIO_PRIORITY_INFO PriorityInfo)
6212 {
6213 PriorityInfo->Size = sizeof(IO_PRIORITY_INFO);
6214 PriorityInfo->ThreadPriority = 0xffff;
6215 PriorityInfo->IoPriority = IoPriorityNormal;
6216 PriorityInfo->PagePriority = 0;
6217 }
6218 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6219
6220 #if (NTDDI_VERSION >= NTDDI_WIN7)
6221
6222
6223 NTKERNELAPI
6224 NTSTATUS
6225 NTAPI
6226 IoRegisterFsRegistrationChangeMountAware(
6227 _In_ PDRIVER_OBJECT DriverObject,
6228 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine,
6229 _In_ BOOLEAN SynchronizeWithMounts);
6230
6231 NTKERNELAPI
6232 NTSTATUS
6233 NTAPI
6234 IoReplaceFileObjectName(
6235 _In_ PFILE_OBJECT FileObject,
6236 _In_reads_bytes_(FileNameLength) PWSTR NewFileName,
6237 _In_ USHORT FileNameLength);
6238 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6239
6240
6241 #define PO_CB_SYSTEM_POWER_POLICY 0
6242 #define PO_CB_AC_STATUS 1
6243 #define PO_CB_BUTTON_COLLISION 2
6244 #define PO_CB_SYSTEM_STATE_LOCK 3
6245 #define PO_CB_LID_SWITCH_STATE 4
6246 #define PO_CB_PROCESSOR_POWER_POLICY 5
6247
6248
6249 #if (NTDDI_VERSION >= NTDDI_WINXP)
6250 _IRQL_requires_max_(APC_LEVEL)
6251 NTKERNELAPI
6252 NTSTATUS
6253 NTAPI
6254 PoQueueShutdownWorkItem(
6255 _Inout_ __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem);
6256 #endif
6257 /******************************************************************************
6258 * Memory manager Types *
6259 ******************************************************************************/
6260 typedef enum _MMFLUSH_TYPE {
6261 MmFlushForDelete,
6262 MmFlushForWrite
6263 } MMFLUSH_TYPE;
6264
6265 typedef struct _READ_LIST {
6266 PFILE_OBJECT FileObject;
6267 ULONG NumberOfEntries;
6268 LOGICAL IsImage;
6269 FILE_SEGMENT_ELEMENT List[ANYSIZE_ARRAY];
6270 } READ_LIST, *PREAD_LIST;
6271
6272 #if (NTDDI_VERSION >= NTDDI_WINXP)
6273
6274 typedef union _MM_PREFETCH_FLAGS {
6275 struct {
6276 ULONG Priority : SYSTEM_PAGE_PRIORITY_BITS;
6277 ULONG RepurposePriority : SYSTEM_PAGE_PRIORITY_BITS;
6278 } Flags;
6279 ULONG AllFlags;
6280 } MM_PREFETCH_FLAGS, *PMM_PREFETCH_FLAGS;
6281
6282 #define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
6283
6284 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6285
6286 #define HEAP_NO_SERIALIZE 0x00000001
6287 #define HEAP_GROWABLE 0x00000002
6288 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
6289 #define HEAP_ZERO_MEMORY 0x00000008
6290 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
6291 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
6292 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
6293 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
6294
6295 #define HEAP_CREATE_ALIGN_16 0x00010000
6296 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
6297 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
6298
6299 #define HEAP_SETTABLE_USER_VALUE 0x00000100
6300 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
6301 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
6302 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
6303 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
6304
6305 #define HEAP_CLASS_0 0x00000000
6306 #define HEAP_CLASS_1 0x00001000
6307 #define HEAP_CLASS_2 0x00002000
6308 #define HEAP_CLASS_3 0x00003000
6309 #define HEAP_CLASS_4 0x00004000
6310 #define HEAP_CLASS_5 0x00005000
6311 #define HEAP_CLASS_6 0x00006000
6312 #define HEAP_CLASS_7 0x00007000
6313 #define HEAP_CLASS_8 0x00008000
6314 #define HEAP_CLASS_MASK 0x0000F000
6315
6316 #define HEAP_MAXIMUM_TAG 0x0FFF
6317 #define HEAP_GLOBAL_TAG 0x0800
6318 #define HEAP_PSEUDO_TAG_FLAG 0x8000
6319 #define HEAP_TAG_SHIFT 18
6320 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
6321
6322 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
6323 HEAP_GROWABLE | \
6324 HEAP_GENERATE_EXCEPTIONS | \
6325 HEAP_ZERO_MEMORY | \
6326 HEAP_REALLOC_IN_PLACE_ONLY | \
6327 HEAP_TAIL_CHECKING_ENABLED | \
6328 HEAP_FREE_CHECKING_ENABLED | \
6329 HEAP_DISABLE_COALESCE_ON_FREE | \
6330 HEAP_CLASS_MASK | \
6331 HEAP_CREATE_ALIGN_16 | \
6332 HEAP_CREATE_ENABLE_TRACING | \
6333 HEAP_CREATE_ENABLE_EXECUTE)
6334
6335 /******************************************************************************
6336 * Memory manager Functions *
6337 ******************************************************************************/
6338
6339 FORCEINLINE
6340 ULONG
6341 HEAP_MAKE_TAG_FLAGS(
6342 _In_ ULONG TagBase,
6343 _In_ ULONG Tag)
6344 {
6345 //__assume_bound(TagBase); // FIXME
6346 return ((ULONG)((TagBase) + ((Tag) << HEAP_TAG_SHIFT)));
6347 }
6348
6349 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6350
6351 NTKERNELAPI
6352 BOOLEAN
6353 NTAPI
6354 MmIsRecursiveIoFault(VOID);
6355
6356 _IRQL_requires_max_ (APC_LEVEL)
6357 NTKERNELAPI
6358 BOOLEAN
6359 NTAPI
6360 MmForceSectionClosed(
6361 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6362 _In_ BOOLEAN DelayClose);
6363
6364 _IRQL_requires_max_ (APC_LEVEL)
6365 NTKERNELAPI
6366 BOOLEAN
6367 NTAPI
6368 MmFlushImageSection(
6369 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6370 _In_ MMFLUSH_TYPE FlushType);
6371
6372 _IRQL_requires_max_ (APC_LEVEL)
6373 NTKERNELAPI
6374 BOOLEAN
6375 NTAPI
6376 MmCanFileBeTruncated(
6377 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6378 _In_opt_ PLARGE_INTEGER NewFileSize);
6379
6380 _IRQL_requires_max_ (APC_LEVEL)
6381 NTKERNELAPI
6382 BOOLEAN
6383 NTAPI
6384 MmSetAddressRangeModified(
6385 _In_reads_bytes_ (Length) PVOID Address,
6386 _In_ SIZE_T Length);
6387
6388 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6389
6390 #if (NTDDI_VERSION >= NTDDI_WINXP)
6391
6392
6393 _IRQL_requires_max_ (PASSIVE_LEVEL)
6394 NTKERNELAPI
6395 NTSTATUS
6396 NTAPI
6397 MmPrefetchPages(
6398 _In_ ULONG NumberOfLists,
6399 _In_reads_ (NumberOfLists) PREAD_LIST *ReadLists);
6400
6401 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6402
6403
6404 #if (NTDDI_VERSION >= NTDDI_VISTA)
6405
6406 _IRQL_requires_max_ (APC_LEVEL)
6407 NTKERNELAPI
6408 ULONG
6409 NTAPI
6410 MmDoesFileHaveUserWritableReferences(
6411 _In_ PSECTION_OBJECT_POINTERS SectionPointer);
6412 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6413
6414
6415 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6416
6417 NTKERNELAPI
6418 NTSTATUS
6419 NTAPI
6420 ObInsertObject(
6421 _In_ PVOID Object,
6422 _Inout_opt_ PACCESS_STATE PassedAccessState,
6423 _In_opt_ ACCESS_MASK DesiredAccess,
6424 _In_ ULONG ObjectPointerBias,
6425 _Out_opt_ PVOID *NewObject,
6426 _Out_opt_ PHANDLE Handle);
6427
6428 NTKERNELAPI
6429 NTSTATUS
6430 NTAPI
6431 ObOpenObjectByPointer(
6432 _In_ PVOID Object,
6433 _In_ ULONG HandleAttributes,
6434 _In_opt_ PACCESS_STATE PassedAccessState,
6435 _In_ ACCESS_MASK DesiredAccess,
6436 _In_opt_ POBJECT_TYPE ObjectType,
6437 _In_ KPROCESSOR_MODE AccessMode,
6438 _Out_ PHANDLE Handle);
6439
6440 NTKERNELAPI
6441 VOID
6442 NTAPI
6443 ObMakeTemporaryObject(
6444 _In_ PVOID Object);
6445
6446 NTKERNELAPI
6447 NTSTATUS
6448 NTAPI
6449 ObQueryNameString(
6450 _In_ PVOID Object,
6451 _Out_writes_bytes_opt_(Length) POBJECT_NAME_INFORMATION ObjectNameInfo,
6452 _In_ ULONG Length,
6453 _Out_ PULONG ReturnLength);
6454
6455 NTKERNELAPI
6456 NTSTATUS
6457 NTAPI
6458 ObQueryObjectAuditingByHandle(
6459 _In_ HANDLE Handle,
6460 _Out_ PBOOLEAN GenerateOnClose);
6461 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6462
6463 #if (NTDDI_VERSION >= NTDDI_VISTA)
6464
6465 NTKERNELAPI
6466 BOOLEAN
6467 NTAPI
6468 ObIsKernelHandle(
6469 _In_ HANDLE Handle);
6470 #endif
6471
6472
6473 #if (NTDDI_VERSION >= NTDDI_WIN7)
6474
6475 NTKERNELAPI
6476 NTSTATUS
6477 NTAPI
6478 ObOpenObjectByPointerWithTag(
6479 _In_ PVOID Object,
6480 _In_ ULONG HandleAttributes,
6481 _In_opt_ PACCESS_STATE PassedAccessState,
6482 _In_ ACCESS_MASK DesiredAccess,
6483 _In_opt_ POBJECT_TYPE ObjectType,
6484 _In_ KPROCESSOR_MODE AccessMode,
6485 _In_ ULONG Tag,
6486 _Out_ PHANDLE Handle);
6487 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6488
6489 /* FSRTL Types */
6490
6491 typedef ULONG LBN;
6492 typedef LBN *PLBN;
6493
6494 typedef ULONG VBN;
6495 typedef VBN *PVBN;
6496
6497 #define FSRTL_COMMON_FCB_HEADER_LAYOUT \
6498 CSHORT NodeTypeCode; \
6499 CSHORT NodeByteSize; \
6500 UCHAR Flags; \
6501 UCHAR IsFastIoPossible; \
6502 UCHAR Flags2; \
6503 UCHAR Reserved:4; \
6504 UCHAR Version:4; \
6505 PERESOURCE Resource; \
6506 PERESOURCE PagingIoResource; \
6507 LARGE_INTEGER AllocationSize; \
6508 LARGE_INTEGER FileSize; \
6509 LARGE_INTEGER ValidDataLength;
6510
6511 typedef struct _FSRTL_COMMON_FCB_HEADER {
6512 FSRTL_COMMON_FCB_HEADER_LAYOUT
6513 } FSRTL_COMMON_FCB_HEADER, *PFSRTL_COMMON_FCB_HEADER;
6514
6515 #ifdef __cplusplus
6516 typedef struct _FSRTL_ADVANCED_FCB_HEADER:FSRTL_COMMON_FCB_HEADER {
6517 #else /* __cplusplus */
6518 typedef struct _FSRTL_ADVANCED_FCB_HEADER {
6519 FSRTL_COMMON_FCB_HEADER_LAYOUT
6520 #endif /* __cplusplus */
6521 PFAST_MUTEX FastMutex;
6522 LIST_ENTRY FilterContexts;
6523 #if (NTDDI_VERSION >= NTDDI_VISTA)
6524 EX_PUSH_LOCK PushLock;
6525 PVOID *FileContextSupportPointer;
6526 #endif
6527 } FSRTL_ADVANCED_FCB_HEADER, *PFSRTL_ADVANCED_FCB_HEADER;
6528
6529 #define FSRTL_FCB_HEADER_V0 (0x00)
6530 #define FSRTL_FCB_HEADER_V1 (0x01)
6531
6532 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
6533 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
6534 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
6535 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
6536 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
6537 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
6538 #define FSRTL_FLAG_ADVANCED_HEADER (0x40)
6539 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
6540
6541 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
6542 #define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
6543 #define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
6544 #define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
6545
6546 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
6547 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
6548 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
6549 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
6550 #define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
6551 #define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
6552 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
6553
6554 typedef struct _FSRTL_AUXILIARY_BUFFER {
6555 PVOID Buffer;
6556 ULONG Length;
6557 ULONG Flags;
6558 PMDL Mdl;
6559 } FSRTL_AUXILIARY_BUFFER, *PFSRTL_AUXILIARY_BUFFER;
6560
6561 #define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
6562
6563 typedef enum _FSRTL_COMPARISON_RESULT {
6564 LessThan = -1,
6565 EqualTo = 0,
6566 GreaterThan = 1
6567 } FSRTL_COMPARISON_RESULT;
6568
6569 #define FSRTL_FAT_LEGAL 0x01
6570 #define FSRTL_HPFS_LEGAL 0x02
6571 #define FSRTL_NTFS_LEGAL 0x04
6572 #define FSRTL_WILD_CHARACTER 0x08
6573 #define FSRTL_OLE_LEGAL 0x10
6574 #define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
6575
6576 #define FSRTL_VOLUME_DISMOUNT 1
6577 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
6578 #define FSRTL_VOLUME_LOCK 3
6579 #define FSRTL_VOLUME_LOCK_FAILED 4
6580 #define FSRTL_VOLUME_UNLOCK 5
6581 #define FSRTL_VOLUME_MOUNT 6
6582 #define FSRTL_VOLUME_NEEDS_CHKDSK 7
6583 #define FSRTL_VOLUME_WORM_NEAR_FULL 8
6584 #define FSRTL_VOLUME_WEARING_OUT 9
6585 #define FSRTL_VOLUME_FORCED_CLOSED 10
6586 #define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
6587 #define FSRTL_VOLUME_PREPARING_EJECT 12
6588 #define FSRTL_VOLUME_CHANGE_SIZE 13
6589 #define FSRTL_VOLUME_BACKGROUND_FORMAT 14
6590
6591 typedef VOID
6592 (NTAPI *PFSRTL_STACK_OVERFLOW_ROUTINE)(
6593 _In_ PVOID Context,
6594 _In_ PKEVENT Event);
6595
6596 #if (NTDDI_VERSION >= NTDDI_VISTA)
6597
6598 #define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
6599 #define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
6600 #define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
6601
6602 #define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
6603
6604 #define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
6605 #define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
6606
6607 #define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
6608
6609 #define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
6610 #define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
6611
6612 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1 {
6613 ULONG32 ProviderId;
6614 } FSRTL_MUP_PROVIDER_INFO_LEVEL_1, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1;
6615
6616 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2 {
6617 ULONG32 ProviderId;
6618 UNICODE_STRING ProviderName;
6619 } FSRTL_MUP_PROVIDER_INFO_LEVEL_2, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2;
6620
6621 typedef VOID
6622 (*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK) (
6623 _Inout_ PVOID EcpContext,
6624 _In_ LPCGUID EcpType);
6625
6626 typedef struct _ECP_LIST ECP_LIST, *PECP_LIST;
6627
6628 typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS;
6629 typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS;
6630 typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS;
6631
6632 typedef enum _FSRTL_CHANGE_BACKING_TYPE {
6633 ChangeDataControlArea,
6634 ChangeImageControlArea,
6635 ChangeSharedCacheMap
6636 } FSRTL_CHANGE_BACKING_TYPE, *PFSRTL_CHANGE_BACKING_TYPE;
6637
6638 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6639
6640 typedef struct _FSRTL_PER_FILE_CONTEXT {
6641 LIST_ENTRY Links;
6642 PVOID OwnerId;
6643 PVOID InstanceId;
6644 PFREE_FUNCTION FreeCallback;
6645 } FSRTL_PER_FILE_CONTEXT, *PFSRTL_PER_FILE_CONTEXT;
6646
6647 typedef struct _FSRTL_PER_STREAM_CONTEXT {
6648 LIST_ENTRY Links;
6649 PVOID OwnerId;
6650 PVOID InstanceId;
6651 PFREE_FUNCTION FreeCallback;
6652 } FSRTL_PER_STREAM_CONTEXT, *PFSRTL_PER_STREAM_CONTEXT;
6653
6654 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6655 typedef VOID
6656 (*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS) (
6657 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader);
6658 #endif
6659
6660 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT {
6661 LIST_ENTRY Links;
6662 PVOID OwnerId;
6663 PVOID InstanceId;
6664 } FSRTL_PER_FILEOBJECT_CONTEXT, *PFSRTL_PER_FILEOBJECT_CONTEXT;
6665
6666 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
6667 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
6668
6669 typedef NTSTATUS
6670 (NTAPI *PCOMPLETE_LOCK_IRP_ROUTINE) (
6671 _In_ PVOID Context,
6672 _In_ PIRP Irp);
6673
6674 typedef struct _FILE_LOCK_INFO {
6675 LARGE_INTEGER StartingByte;
6676 LARGE_INTEGER Length;
6677 BOOLEAN ExclusiveLock;
6678 ULONG Key;
6679 PFILE_OBJECT FileObject;
6680 PVOID ProcessId;
6681 LARGE_INTEGER EndingByte;
6682 } FILE_LOCK_INFO, *PFILE_LOCK_INFO;
6683
6684 typedef VOID
6685 (NTAPI *PUNLOCK_ROUTINE) (
6686 _In_ PVOID Context,
6687 _In_ PFILE_LOCK_INFO FileLockInfo);
6688
6689 typedef struct _FILE_LOCK {
6690 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine;
6691 PUNLOCK_ROUTINE UnlockRoutine;
6692 BOOLEAN FastIoIsQuestionable;
6693 BOOLEAN SpareC[3];
6694 PVOID LockInformation;
6695 FILE_LOCK_INFO LastReturnedLockInfo;
6696 PVOID LastReturnedLock;
6697 LONG volatile LockRequestsInProgress;
6698 } FILE_LOCK, *PFILE_LOCK;
6699
6700 typedef struct _TUNNEL {
6701 FAST_MUTEX Mutex;
6702 PRTL_SPLAY_LINKS Cache;
6703 LIST_ENTRY TimerQueue;
6704 USHORT NumEntries;
6705 } TUNNEL, *PTUNNEL;
6706
6707 typedef struct _BASE_MCB {
6708 ULONG MaximumPairCount;
6709 ULONG PairCount;
6710 USHORT PoolType;
6711 USHORT Flags;
6712 PVOID Mapping;
6713 } BASE_MCB, *PBASE_MCB;
6714
6715 typedef struct _LARGE_MCB {
6716 PKGUARDED_MUTEX GuardedMutex;
6717 BASE_MCB BaseMcb;
6718 } LARGE_MCB, *PLARGE_MCB;
6719
6720 #define MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE 1
6721
6722 typedef struct _MCB {
6723 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly;
6724 } MCB, *PMCB;
6725
6726 typedef enum _FAST_IO_POSSIBLE {
6727 FastIoIsNotPossible = 0,
6728 FastIoIsPossible,
6729 FastIoIsQuestionable
6730 } FAST_IO_POSSIBLE;
6731
6732 typedef struct _EOF_WAIT_BLOCK {
6733 LIST_ENTRY EofWaitLinks;
6734 KEVENT Event;
6735 } EOF_WAIT_BLOCK, *PEOF_WAIT_BLOCK;
6736
6737 typedef PVOID OPLOCK, *POPLOCK;
6738
6739 typedef VOID
6740 (NTAPI *POPLOCK_WAIT_COMPLETE_ROUTINE) (
6741 _In_ PVOID Context,
6742 _In_ PIRP Irp);
6743
6744 typedef VOID
6745 (NTAPI *POPLOCK_FS_PREPOST_IRP) (
6746 _In_ PVOID Context,
6747 _In_ PIRP Irp);
6748
6749 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
6750 #define OPLOCK_FLAG_COMPLETE_IF_OPLOCKED 0x00000001
6751 #endif
6752
6753 #if (NTDDI_VERSION >= NTDDI_WIN7)
6754 #define OPLOCK_FLAG_OPLOCK_KEY_CHECK_ONLY 0x00000002
6755 #define OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK 0x00000004
6756 #define OPLOCK_FLAG_IGNORE_OPLOCK_KEYS 0x00000008
6757 #define OPLOCK_FSCTRL_FLAG_ALL_KEYS_MATCH 0x00000001
6758 #endif
6759
6760 #if (NTDDI_VERSION >= NTDDI_WIN7)
6761
6762 typedef struct _OPLOCK_KEY_ECP_CONTEXT {
6763 GUID OplockKey;
6764 ULONG Reserved;
6765 } OPLOCK_KEY_ECP_CONTEXT, *POPLOCK_KEY_ECP_CONTEXT;
6766
6767 DEFINE_GUID(GUID_ECP_OPLOCK_KEY, 0x48850596, 0x3050, 0x4be7, 0x98, 0x63, 0xfe, 0xc3, 0x50, 0xce, 0x8d, 0x7f);
6768
6769 #endif
6770
6771 typedef PVOID PNOTIFY_SYNC;
6772
6773 #if (NTDDI_VERSION >= NTDDI_WIN7)
6774 typedef struct _ECP_HEADER ECP_HEADER, *PECP_HEADER;
6775 #endif
6776
6777 typedef BOOLEAN
6778 (NTAPI *PCHECK_FOR_TRAVERSE_ACCESS) (
6779 _In_ PVOID NotifyContext,
6780 _In_opt_ PVOID TargetContext,
6781 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
6782
6783 typedef BOOLEAN
6784 (NTAPI *PFILTER_REPORT_CHANGE) (
6785 _In_ PVOID NotifyContext,
6786 _In_ PVOID FilterContext);
6787 /* FSRTL Functions */
6788
6789 #define FsRtlEnterFileSystem KeEnterCriticalRegion
6790 #define FsRtlExitFileSystem KeLeaveCriticalRegion
6791
6792 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6793
6794 _Must_inspect_result_
6795 _IRQL_requires_max_(PASSIVE_LEVEL)
6796 NTKERNELAPI
6797 BOOLEAN
6798 NTAPI
6799 FsRtlCopyRead(
6800 _In_ PFILE_OBJECT FileObject,
6801 _In_ PLARGE_INTEGER FileOffset,
6802 _In_ ULONG Length,
6803 _In_ BOOLEAN Wait,
6804 _In_ ULONG LockKey,
6805 _Out_writes_bytes_(Length) PVOID Buffer,
6806 _Out_ PIO_STATUS_BLOCK IoStatus,
6807 _In_ PDEVICE_OBJECT DeviceObject);
6808
6809 _Must_inspect_result_
6810 _IRQL_requires_max_(PASSIVE_LEVEL)
6811 NTKERNELAPI
6812 BOOLEAN
6813 NTAPI
6814 FsRtlCopyWrite(
6815 _In_ PFILE_OBJECT FileObject,
6816 _In_ PLARGE_INTEGER FileOffset,
6817 _In_ ULONG Length,
6818 _In_ BOOLEAN Wait,
6819 _In_ ULONG LockKey,
6820 _In_reads_bytes_(Length) PVOID Buffer,
6821 _Out_ PIO_STATUS_BLOCK IoStatus,
6822 _In_ PDEVICE_OBJECT DeviceObject);
6823
6824 _Must_inspect_result_
6825 _IRQL_requires_max_(APC_LEVEL)
6826 NTKERNELAPI
6827 BOOLEAN
6828 NTAPI
6829 FsRtlMdlReadDev(
6830 _In_ PFILE_OBJECT FileObject,
6831 _In_ PLARGE_INTEGER FileOffset,
6832 _In_ ULONG Length,
6833 _In_ ULONG LockKey,
6834 _Outptr_ PMDL *MdlChain,
6835 _Out_ PIO_STATUS_BLOCK IoStatus,
6836 _In_opt_ PDEVICE_OBJECT DeviceObject);
6837
6838 _IRQL_requires_max_(PASSIVE_LEVEL)
6839 NTKERNELAPI
6840 BOOLEAN
6841 NTAPI
6842 FsRtlMdlReadCompleteDev(
6843 _In_ PFILE_OBJECT FileObject,
6844 _In_ PMDL MdlChain,
6845 _In_opt_ PDEVICE_OBJECT DeviceObject);
6846
6847 _Must_inspect_result_
6848 _IRQL_requires_max_(APC_LEVEL)
6849 NTKERNELAPI
6850 BOOLEAN
6851 NTAPI
6852 FsRtlPrepareMdlWriteDev(
6853 _In_ PFILE_OBJECT FileObject,
6854 _In_ PLARGE_INTEGER FileOffset,
6855 _In_ ULONG Length,
6856 _In_ ULONG LockKey,
6857 _Outptr_ PMDL *MdlChain,
6858 _Out_ PIO_STATUS_BLOCK IoStatus,
6859 _In_ PDEVICE_OBJECT DeviceObject);
6860
6861 _Must_inspect_result_
6862 _IRQL_requires_max_(PASSIVE_LEVEL)
6863 NTKERNELAPI
6864 BOOLEAN
6865 NTAPI
6866 FsRtlMdlWriteCompleteDev(
6867 _In_ PFILE_OBJECT FileObject,
6868 _In_ PLARGE_INTEGER FileOffset,
6869 _In_ PMDL MdlChain,
6870 _In_opt_ PDEVICE_OBJECT DeviceObject);
6871
6872 _IRQL_requires_max_(PASSIVE_LEVEL)
6873 NTKERNELAPI
6874 VOID
6875 NTAPI
6876 FsRtlAcquireFileExclusive(
6877 _In_ PFILE_OBJECT FileObject);
6878
6879 _IRQL_requires_max_(APC_LEVEL)
6880 NTKERNELAPI
6881 VOID
6882 NTAPI
6883 FsRtlReleaseFile(
6884 _In_ PFILE_OBJECT FileObject);
6885
6886 _Must_inspect_result_
6887 _IRQL_requires_max_(PASSIVE_LEVEL)
6888 NTKERNELAPI
6889 NTSTATUS
6890 NTAPI
6891 FsRtlGetFileSize(
6892 _In_ PFILE_OBJECT FileObject,
6893 _Out_ PLARGE_INTEGER FileSize);
6894
6895 _Must_inspect_result_
6896 NTKERNELAPI
6897 BOOLEAN
6898 NTAPI
6899 FsRtlIsTotalDeviceFailure(
6900 _In_ NTSTATUS Status);
6901
6902 _Must_inspect_result_
6903 _IRQL_requires_max_(APC_LEVEL)
6904 NTKERNELAPI
6905 PFILE_LOCK
6906 NTAPI
6907 FsRtlAllocateFileLock(
6908 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine,
6909 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine);
6910
6911 _IRQL_requires_max_(APC_LEVEL)
6912 NTKERNELAPI
6913 VOID
6914 NTAPI
6915 FsRtlFreeFileLock(
6916 _In_ PFILE_LOCK FileLock);
6917
6918 _IRQL_requires_max_(APC_LEVEL)
6919 NTKERNELAPI
6920 VOID
6921 NTAPI
6922 FsRtlInitializeFileLock(
6923 _Out_ PFILE_LOCK FileLock,
6924 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine,
6925 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine);
6926
6927 _IRQL_requires_max_(APC_LEVEL)
6928 NTKERNELAPI
6929 VOID
6930 NTAPI
6931 FsRtlUninitializeFileLock(
6932 _Inout_ PFILE_LOCK FileLock);
6933
6934 /*
6935 FsRtlProcessFileLock:
6936
6937 ret:
6938 -STATUS_INVALID_DEVICE_REQUEST
6939 -STATUS_RANGE_NOT_LOCKED from unlock routines.
6940 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
6941 (redirected IoStatus->Status).
6942
6943 Internals:
6944 -switch ( Irp->CurrentStackLocation->MinorFunction )
6945 lock: return FsRtlPrivateLock;
6946 unlocksingle: return FsRtlFastUnlockSingle;
6947 unlockall: return FsRtlFastUnlockAll;
6948 unlockallbykey: return FsRtlFastUnlockAllByKey;
6949 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
6950 return STATUS_INVALID_DEVICE_REQUEST;
6951
6952 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
6953 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
6954 */
6955 _Must_inspect_result_
6956 _IRQL_requires_max_(APC_LEVEL)
6957 NTKERNELAPI
6958 NTSTATUS
6959 NTAPI
6960 FsRtlProcessFileLock(
6961 _In_ PFILE_LOCK FileLock,
6962 _In_ PIRP Irp,
6963 _In_opt_ PVOID Context);
6964
6965 /*
6966 FsRtlCheckLockForReadAccess:
6967
6968 All this really does is pick out the lock parameters from the irp (io stack
6969 location?), get IoGetRequestorProcess, and pass values on to
6970 FsRtlFastCheckLockForRead.
6971 */
6972 _Must_inspect_result_
6973 _IRQL_requires_max_(APC_LEVEL)
6974 NTKERNELAPI
6975 BOOLEAN
6976 NTAPI
6977 FsRtlCheckLockForReadAccess(
6978 _In_ PFILE_LOCK FileLock,
6979 _In_ PIRP Irp);
6980
6981 /*
6982 FsRtlCheckLockForWriteAccess:
6983
6984 All this really does is pick out the lock parameters from the irp (io stack
6985 location?), get IoGetRequestorProcess, and pass values on to
6986 FsRtlFastCheckLockForWrite.
6987 */
6988 _Must_inspect_result_
6989 _IRQL_requires_max_(APC_LEVEL)
6990 NTKERNELAPI
6991 BOOLEAN
6992 NTAPI
6993 FsRtlCheckLockForWriteAccess(
6994 _In_ PFILE_LOCK FileLock,
6995 _In_ PIRP Irp);
6996
6997 _Must_inspect_result_
6998 _IRQL_requires_max_(APC_LEVEL)
6999 NTKERNELAPI
7000 BOOLEAN
7001 NTAPI
7002 FsRtlFastCheckLockForRead(
7003 _In_ PFILE_LOCK FileLock,
7004 _In_ PLARGE_INTEGER FileOffset,
7005 _In_ PLARGE_INTEGER Length,
7006 _In_ ULONG Key,
7007 _In_ PFILE_OBJECT FileObject,
7008 _In_ PVOID Process);
7009
7010 _Must_inspect_result_
7011 _IRQL_requires_max_(APC_LEVEL)
7012 NTKERNELAPI
7013 BOOLEAN
7014 NTAPI
7015 FsRtlFastCheckLockForWrite(
7016 _In_ PFILE_LOCK FileLock,
7017 _In_ PLARGE_INTEGER FileOffset,
7018 _In_ PLARGE_INTEGER Length,
7019 _In_ ULONG Key,
7020 _In_ PFILE_OBJECT FileObject,
7021 _In_ PVOID Process);
7022
7023 /*
7024 FsRtlGetNextFileLock:
7025
7026 ret: NULL if no more locks
7027
7028 Internals:
7029 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
7030 FileLock->LastReturnedLock as storage.
7031 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
7032 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
7033 calls with Restart = FALSE.
7034 */
7035 _Must_inspect_result_
7036 _IRQL_requires_max_(APC_LEVEL)
7037 NTKERNELAPI
7038 PFILE_LOCK_INFO
7039 NTAPI
7040 FsRtlGetNextFileLock(
7041 _In_ PFILE_LOCK FileLock,
7042 _In_ BOOLEAN Restart);
7043
7044 _IRQL_requires_max_(APC_LEVEL)
7045 NTKERNELAPI
7046 NTSTATUS
7047 NTAPI
7048 FsRtlFastUnlockSingle(
7049 _In_ PFILE_LOCK FileLock,
7050 _In_ PFILE_OBJECT FileObject,
7051 _In_ PLARGE_INTEGER FileOffset,
7052 _In_ PLARGE_INTEGER Length,
7053 _In_ PEPROCESS Process,
7054 _In_ ULONG Key,
7055 _In_opt_ PVOID Context,
7056 _In_ BOOLEAN AlreadySynchronized);
7057
7058 _IRQL_requires_max_(APC_LEVEL)
7059 NTKERNELAPI
7060 NTSTATUS
7061 NTAPI
7062 FsRtlFastUnlockAll(
7063 _In_ PFILE_LOCK FileLock,
7064 _In_ PFILE_OBJECT FileObject,
7065 _In_ PEPROCESS Process,
7066 _In_opt_ PVOID Context);
7067
7068 _IRQL_requires_max_(APC_LEVEL)
7069 NTKERNELAPI
7070 NTSTATUS
7071 NTAPI
7072 FsRtlFastUnlockAllByKey(
7073 _In_ PFILE_LOCK FileLock,
7074 _In_ PFILE_OBJECT FileObject,
7075 _In_ PEPROCESS Process,
7076 _In_ ULONG Key,
7077 _In_opt_ PVOID Context);
7078
7079 /*
7080 FsRtlPrivateLock:
7081
7082 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
7083
7084 Internals:
7085 -Calls IoCompleteRequest if Irp
7086 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
7087 */
7088 _Must_inspect_result_
7089 _IRQL_requires_max_(APC_LEVEL)
7090 __drv_preferredFunction(FsRtlFastLock, "Obsolete")
7091 NTKERNELAPI
7092 BOOLEAN
7093 NTAPI
7094 FsRtlPrivateLock(
7095 _In_ PFILE_LOCK FileLock,
7096 _In_ PFILE_OBJECT FileObject,
7097 _In_ PLARGE_INTEGER FileOffset,
7098 _In_ PLARGE_INTEGER Length,
7099 _In_ PEPROCESS Process,
7100 _In_ ULONG Key,
7101 _In_ BOOLEAN FailImmediately,
7102 _In_ BOOLEAN ExclusiveLock,
7103 _Out_ PIO_STATUS_BLOCK IoStatus,
7104 _In_opt_ PIRP Irp,
7105 _In_opt_ __drv_aliasesMem PVOID Context,
7106 _In_ BOOLEAN AlreadySynchronized);
7107
7108 _IRQL_requires_max_(APC_LEVEL)
7109 NTKERNELAPI
7110 VOID
7111 NTAPI
7112 FsRtlInitializeTunnelCache(
7113 _In_ PTUNNEL Cache);
7114
7115 _IRQL_requires_max_(APC_LEVEL)
7116 NTKERNELAPI
7117 VOID
7118 NTAPI
7119 FsRtlAddToTunnelCache(
7120 _In_ PTUNNEL Cache,
7121 _In_ ULONGLONG DirectoryKey,
7122 _In_ PUNICODE_STRING ShortName,
7123 _In_ PUNICODE_STRING LongName,
7124 _In_ BOOLEAN KeyByShortName,
7125 _In_ ULONG DataLength,
7126 _In_reads_bytes_(DataLength) PVOID Data);
7127
7128 _Must_inspect_result_
7129 _IRQL_requires_max_(APC_LEVEL)
7130 NTKERNELAPI
7131 BOOLEAN
7132 NTAPI
7133 FsRtlFindInTunnelCache(
7134 _In_ PTUNNEL Cache,
7135 _In_ ULONGLONG DirectoryKey,
7136 _In_ PUNICODE_STRING Name,
7137 _Out_ PUNICODE_STRING ShortName,
7138 _Out_ PUNICODE_STRING LongName,
7139 _Inout_ PULONG DataLength,
7140 _Out_writes_bytes_to_(*DataLength, *DataLength) PVOID Data);
7141
7142 _IRQL_requires_max_(APC_LEVEL)
7143 NTKERNELAPI
7144 VOID
7145 NTAPI
7146 FsRtlDeleteKeyFromTunnelCache(
7147 _In_ PTUNNEL Cache,
7148 _In_ ULONGLONG DirectoryKey);
7149
7150 _IRQL_requires_max_(APC_LEVEL)
7151 NTKERNELAPI
7152 VOID
7153 NTAPI
7154 FsRtlDeleteTunnelCache(
7155 _In_ PTUNNEL Cache);
7156
7157 _IRQL_requires_max_(APC_LEVEL)
7158 NTKERNELAPI
7159 VOID
7160 NTAPI
7161 FsRtlDissectDbcs(
7162 _In_ ANSI_STRING Name,
7163 _Out_ PANSI_STRING FirstPart,
7164 _Out_ PANSI_STRING RemainingPart);
7165
7166 _Must_inspect_result_
7167 _IRQL_requires_max_(APC_LEVEL)
7168 NTKERNELAPI
7169 BOOLEAN
7170 NTAPI
7171 FsRtlDoesDbcsContainWildCards(
7172 _In_ PANSI_STRING Name);
7173
7174 _Must_inspect_result_
7175 _IRQL_requires_max_(APC_LEVEL)
7176 NTKERNELAPI
7177 BOOLEAN
7178 NTAPI
7179 FsRtlIsDbcsInExpression(
7180 _In_ PANSI_STRING Expression,
7181 _In_ PANSI_STRING Name);
7182
7183 _Must_inspect_result_
7184 _IRQL_requires_max_(APC_LEVEL)
7185 NTKERNELAPI
7186 BOOLEAN
7187 NTAPI
7188 FsRtlIsFatDbcsLegal(
7189 _In_ ANSI_STRING DbcsName,
7190 _In_ BOOLEAN WildCardsPermissible,
7191 _In_ BOOLEAN PathNamePermissible,
7192 _In_ BOOLEAN LeadingBackslashPermissible);
7193
7194 _Must_inspect_result_
7195 _IRQL_requires_max_(APC_LEVEL)
7196 NTKERNELAPI
7197 BOOLEAN
7198 NTAPI
7199 FsRtlIsHpfsDbcsLegal(
7200 _In_ ANSI_STRING DbcsName,
7201 _In_ BOOLEAN WildCardsPermissible,
7202 _In_ BOOLEAN PathNamePermissible,
7203 _In_ BOOLEAN LeadingBackslashPermissible);
7204
7205 NTKERNELAPI
7206 NTSTATUS
7207 NTAPI
7208 FsRtlNormalizeNtstatus(
7209 _In_ NTSTATUS Exception,
7210 _In_ NTSTATUS GenericException);
7211
7212 _Must_inspect_result_
7213 NTKERNELAPI
7214 BOOLEAN
7215 NTAPI
7216 FsRtlIsNtstatusExpected(
7217 _In_ NTSTATUS Ntstatus);
7218
7219 _IRQL_requires_max_(APC_LEVEL)
7220 __drv_preferredFunction(ExAllocateFromNPagedLookasideList, "The FsRtlAllocateResource routine is obsolete, but is exported to support existing driver binaries. Use ExAllocateFromNPagedLookasideList and ExInitializeResourceLite instead.")
7221 NTKERNELAPI
7222 PERESOURCE
7223 NTAPI
7224 FsRtlAllocateResource(VOID);
7225
7226 _IRQL_requires_max_(APC_LEVEL)
7227 NTKERNELAPI
7228 VOID
7229 NTAPI
7230 FsRtlInitializeLargeMcb(
7231 _Out_ PLARGE_MCB Mcb,
7232 _In_ POOL_TYPE PoolType);
7233
7234 _IRQL_requires_max_(APC_LEVEL)
7235 NTKERNELAPI
7236 VOID
7237 NTAPI
7238 FsRtlUninitializeLargeMcb(
7239 _Inout_ PLARGE_MCB Mcb);
7240
7241 _IRQL_requires_max_(APC_LEVEL)
7242 NTKERNELAPI
7243 VOID
7244 NTAPI
7245 FsRtlResetLargeMcb(
7246 _Inout_ PLARGE_MCB Mcb,
7247 _In_ BOOLEAN SelfSynchronized);
7248
7249 _IRQL_requires_max_(APC_LEVEL)
7250 NTKERNELAPI
7251 VOID
7252 NTAPI
7253 FsRtlTruncateLargeMcb(
7254 _Inout_ PLARGE_MCB Mcb,
7255 _In_ LONGLONG Vbn);
7256
7257 _Must_inspect_result_
7258 _IRQL_requires_max_(APC_LEVEL)
7259 NTKERNELAPI
7260 BOOLEAN
7261 NTAPI
7262 FsRtlAddLargeMcbEntry(
7263 _Inout_ PLARGE_MCB Mcb,
7264 _In_ LONGLONG Vbn,
7265 _In_ LONGLONG Lbn,
7266 _In_ LONGLONG SectorCount);
7267
7268 _IRQL_requires_max_(APC_LEVEL)
7269 NTKERNELAPI
7270 VOID
7271 NTAPI
7272 FsRtlRemoveLargeMcbEntry(
7273 _Inout_ PLARGE_MCB Mcb,
7274 _In_ LONGLONG Vbn,
7275 _In_ LONGLONG SectorCount);
7276
7277 _IRQL_requires_max_(APC_LEVEL)
7278 NTKERNELAPI
7279 BOOLEAN
7280 NTAPI
7281 FsRtlLookupLargeMcbEntry(
7282 _In_ PLARGE_MCB Mcb,
7283 _In_ LONGLONG Vbn,
7284 _Out_opt_ PLONGLONG Lbn,
7285 _Out_opt_ PLONGLONG SectorCountFromLbn,
7286 _Out_opt_ PLONGLONG StartingLbn,
7287 _Out_opt_ PLONGLONG SectorCountFromStartingLbn,
7288 _Out_opt_ PULONG Index);
7289
7290 _IRQL_requires_max_(APC_LEVEL)
7291 NTKERNELAPI
7292 BOOLEAN
7293 NTAPI
7294 FsRtlLookupLastLargeMcbEntry(
7295 _In_ PLARGE_MCB Mcb,
7296 _Out_ PLONGLONG Vbn,
7297 _Out_ PLONGLONG Lbn);
7298
7299 _IRQL_requires_max_(APC_LEVEL)
7300 NTKERNELAPI
7301 BOOLEAN
7302 NTAPI
7303 FsRtlLookupLastLargeMcbEntryAndIndex(
7304 _In_ PLARGE_MCB OpaqueMcb,
7305 _Out_ PLONGLONG LargeVbn,
7306 _Out_ PLONGLONG LargeLbn,
7307 _Out_ PULONG Index);
7308
7309 _IRQL_requires_max_(APC_LEVEL)
7310 NTKERNELAPI
7311 ULONG
7312 NTAPI
7313 FsRtlNumberOfRunsInLargeMcb(
7314 _In_ PLARGE_MCB Mcb);
7315
7316 _Must_inspect_result_
7317 _IRQL_requires_max_(APC_LEVEL)
7318 NTKERNELAPI
7319 BOOLEAN
7320 NTAPI
7321 FsRtlGetNextLargeMcbEntry(
7322 _In_ PLARGE_MCB Mcb,
7323 _In_ ULONG RunIndex,
7324 _Out_ PLONGLONG Vbn,
7325 _Out_ PLONGLONG Lbn,
7326 _Out_ PLONGLONG SectorCount);
7327
7328 _Must_inspect_result_
7329 _IRQL_requires_max_(APC_LEVEL)
7330 NTKERNELAPI
7331 BOOLEAN
7332 NTAPI
7333 FsRtlSplitLargeMcb(
7334 _Inout_ PLARGE_MCB Mcb,
7335 _In_ LONGLONG Vbn,
7336 _In_ LONGLONG Amount);
7337
7338 _IRQL_requires_max_(APC_LEVEL)
7339 __drv_preferredFunction(FsRtlInitializeLargeMcb, "Obsolete")
7340 NTKERNELAPI
7341 VOID
7342 NTAPI
7343 FsRtlInitializeMcb(
7344 _Out_ PMCB Mcb,
7345 _In_ POOL_TYPE PoolType);
7346
7347 _IRQL_requires_max_(APC_LEVEL)
7348 NTKERNELAPI
7349 VOID
7350 NTAPI
7351 FsRtlUninitializeMcb(
7352 _Inout_ PMCB Mcb);
7353
7354 _IRQL_requires_max_(APC_LEVEL)
7355 NTKERNELAPI
7356 VOID
7357 NTAPI
7358 FsRtlTruncateMcb(
7359 _Inout_ PMCB Mcb,
7360 _In_ VBN Vbn);
7361
7362 _IRQL_requires_max_(APC_LEVEL)
7363 NTKERNELAPI
7364 BOOLEAN
7365 NTAPI
7366 FsRtlAddMcbEntry(
7367 _Inout_ PMCB Mcb,
7368 _In_ VBN Vbn,
7369 _In_ LBN Lbn,
7370 _In_ ULONG SectorCount);
7371
7372 _IRQL_requires_max_(APC_LEVEL)
7373 NTKERNELAPI
7374 VOID
7375 NTAPI
7376 FsRtlRemoveMcbEntry(
7377 _Inout_ PMCB Mcb,
7378 _In_ VBN Vbn,
7379 _In_ ULONG SectorCount);
7380
7381 _IRQL_requires_max_(APC_LEVEL)
7382 NTKERNELAPI
7383 BOOLEAN
7384 NTAPI
7385 FsRtlLookupMcbEntry(
7386 _In_ PMCB Mcb,
7387 _In_ VBN Vbn,
7388 _Out_ PLBN Lbn,
7389 _Out_opt_ PULONG SectorCount,
7390 _Out_ PULONG Index);
7391
7392 _IRQL_requires_max_(APC_LEVEL)
7393 NTKERNELAPI
7394 BOOLEAN
7395 NTAPI
7396 FsRtlLookupLastMcbEntry(
7397 _In_ PMCB Mcb,
7398 _Out_ PVBN Vbn,
7399 _Out_ PLBN Lbn);
7400
7401 _IRQL_requires_max_(APC_LEVEL)
7402 NTKERNELAPI
7403 ULONG
7404 NTAPI
7405 FsRtlNumberOfRunsInMcb(
7406 _In_ PMCB Mcb);
7407
7408 _Must_inspect_result_
7409 _IRQL_requires_max_(APC_LEVEL)
7410 NTKERNELAPI
7411 BOOLEAN
7412 NTAPI
7413 FsRtlGetNextMcbEntry(
7414 _In_ PMCB Mcb,
7415 _In_ ULONG RunIndex,
7416 _Out_ PVBN Vbn,
7417 _Out_ PLBN Lbn,
7418 _Out_ PULONG SectorCount);
7419
7420 _IRQL_requires_max_(PASSIVE_LEVEL)
7421 NTKERNELAPI
7422 NTSTATUS
7423 NTAPI
7424 FsRtlBalanceReads(
7425 _In_ PDEVICE_OBJECT TargetDevice);
7426
7427 _IRQL_requires_max_(APC_LEVEL)
7428 NTKERNELAPI
7429 VOID
7430 NTAPI
7431 FsRtlInitializeOplock(
7432 _Inout_ POPLOCK Oplock);
7433
7434 _IRQL_requires_max_(APC_LEVEL)
7435 NTKERNELAPI
7436 VOID
7437 NTAPI
7438 FsRtlUninitializeOplock(
7439 _Inout_ POPLOCK Oplock);
7440
7441 _Must_inspect_result_
7442 _IRQL_requires_max_(APC_LEVEL)
7443 NTKERNELAPI
7444 NTSTATUS
7445 NTAPI
7446 FsRtlOplockFsctrl(
7447 _In_ POPLOCK Oplock,
7448 _In_ PIRP Irp,
7449 _In_ ULONG OpenCount);
7450
7451 _When_(CompletionRoutine != NULL, _Must_inspect_result_)
7452 _IRQL_requires_max_(APC_LEVEL)
7453 NTKERNELAPI
7454 NTSTATUS
7455 NTAPI
7456 FsRtlCheckOplock(
7457 _In_ POPLOCK Oplock,
7458 _In_ PIRP Irp,
7459 _In_opt_ PVOID Context,
7460 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
7461 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
7462
7463 _Must_inspect_result_
7464 _IRQL_requires_max_(APC_LEVEL)
7465 NTKERNELAPI
7466 BOOLEAN
7467 NTAPI
7468 FsRtlOplockIsFastIoPossible(
7469 _In_ POPLOCK Oplock);
7470
7471 _Must_inspect_result_
7472 _IRQL_requires_max_(APC_LEVEL)
7473 NTKERNELAPI
7474 BOOLEAN
7475 NTAPI
7476 FsRtlCurrentBatchOplock(
7477 _In_ POPLOCK Oplock);
7478
7479 _IRQL_requires_max_(APC_LEVEL)
7480 NTKERNELAPI
7481 NTSTATUS
7482 NTAPI
7483 FsRtlNotifyVolumeEvent(
7484 _In_ PFILE_OBJECT FileObject,
7485 _In_ ULONG EventCode);
7486
7487 _IRQL_requires_max_(APC_LEVEL)
7488 NTKERNELAPI
7489 VOID
7490 NTAPI
7491 FsRtlNotifyInitializeSync(
7492 _In_ PNOTIFY_SYNC *NotifySync);
7493
7494 _IRQL_requires_max_(APC_LEVEL)
7495 NTKERNELAPI
7496 VOID
7497 NTAPI
7498 FsRtlNotifyUninitializeSync(
7499 _In_ PNOTIFY_SYNC *NotifySync);
7500
7501 _IRQL_requires_max_(PASSIVE_LEVEL)
7502 NTKERNELAPI
7503 VOID
7504 NTAPI
7505 FsRtlNotifyFullChangeDirectory(
7506 _In_ PNOTIFY_SYNC NotifySync,
7507 _In_ PLIST_ENTRY NotifyList,
7508 _In_ PVOID FsContext,
7509 _In_ PSTRING FullDirectoryName,
7510 _In_ BOOLEAN WatchTree,
7511 _In_ BOOLEAN IgnoreBuffer,
7512 _In_ ULONG CompletionFilter,
7513 _In_opt_ PIRP NotifyIrp,
7514 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback,
7515 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
7516
7517 _IRQL_requires_max_(PASSIVE_LEVEL)
7518 NTKERNELAPI
7519 VOID
7520 NTAPI
7521 FsRtlNotifyFilterReportChange(
7522 _In_ PNOTIFY_SYNC NotifySync,
7523 _In_ PLIST_ENTRY NotifyList,
7524 _In_ PSTRING FullTargetName,
7525 _In_ USHORT TargetNameOffset,
7526 _In_opt_ PSTRING StreamName,
7527 _In_opt_ PSTRING NormalizedParentName,
7528 _In_ ULONG FilterMatch,
7529 _In_ ULONG Action,
7530 _In_opt_ PVOID TargetContext,
7531 _In_opt_ PVOID FilterContext);
7532
7533 _IRQL_requires_max_(PASSIVE_LEVEL)
7534 NTKERNELAPI
7535 VOID
7536 NTAPI
7537 FsRtlNotifyFullReportChange(
7538 _In_ PNOTIFY_SYNC NotifySync,
7539 _In_ PLIST_ENTRY NotifyList,
7540 _In_ PSTRING FullTargetName,
7541 _In_ USHORT TargetNameOffset,
7542 _In_opt_ PSTRING StreamName,
7543 _In_opt_ PSTRING NormalizedParentName,
7544 _In_ ULONG FilterMatch,
7545 _In_ ULONG Action,
7546 _In_opt_ PVOID TargetContext);
7547
7548 _IRQL_requires_max_(APC_LEVEL)
7549 NTKERNELAPI
7550 VOID
7551 NTAPI
7552 FsRtlNotifyCleanup(
7553 _In_ PNOTIFY_SYNC NotifySync,
7554 _In_ PLIST_ENTRY NotifyList,
7555 _In_ PVOID FsContext);
7556
7557 _IRQL_requires_max_(PASSIVE_LEVEL)
7558 NTKERNELAPI
7559 VOID
7560 NTAPI
7561 FsRtlDissectName(
7562 _In_ UNICODE_STRING Name,
7563 _Out_ PUNICODE_STRING FirstPart,
7564 _Out_ PUNICODE_STRING RemainingPart);
7565
7566 _Must_inspect_result_
7567 _IRQL_requires_max_(PASSIVE_LEVEL)
7568 NTKERNELAPI
7569 BOOLEAN
7570 NTAPI
7571 FsRtlDoesNameContainWildCards(
7572 _In_ PUNICODE_STRING Name);
7573
7574 _Must_inspect_result_
7575 _IRQL_requires_max_(PASSIVE_LEVEL)
7576 NTKERNELAPI
7577 BOOLEAN
7578 NTAPI
7579 FsRtlAreNamesEqual(
7580 _In_ PCUNICODE_STRING Name1,
7581 _In_ PCUNICODE_STRING Name2,
7582 _In_ BOOLEAN IgnoreCase,
7583 _In_reads_opt_(0x10000) PCWCH UpcaseTable);
7584
7585 _Must_inspect_result_
7586 _IRQL_requires_max_(PASSIVE_LEVEL)
7587 NTKERNELAPI
7588 BOOLEAN
7589 NTAPI
7590 FsRtlIsNameInExpression(
7591 _In_ PUNICODE_STRING Expression,
7592 _In_ PUNICODE_STRING Name,
7593 _In_ BOOLEAN IgnoreCase,
7594 _In_opt_ PWCHAR UpcaseTable);
7595
7596 _IRQL_requires_max_(DISPATCH_LEVEL)
7597 NTKERNELAPI
7598 VOID
7599 NTAPI
7600 FsRtlPostPagingFileStackOverflow(
7601 _In_ PVOID Context,
7602 _In_ PKEVENT Event,
7603 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine);
7604
7605 _IRQL_requires_max_(DISPATCH_LEVEL)
7606 NTKERNELAPI
7607 VOID
7608 NTAPI
7609 FsRtlPostStackOverflow (
7610 _In_ PVOID Context,
7611 _In_ PKEVENT Event,
7612 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine);
7613
7614 _Must_inspect_result_
7615 _IRQL_requires_max_(PASSIVE_LEVEL)
7616 NTKERNELAPI
7617 NTSTATUS
7618 NTAPI
7619 FsRtlRegisterUncProvider(
7620 _Out_ PHANDLE MupHandle,
7621 _In_ PUNICODE_STRING RedirectorDeviceName,
7622 _In_ BOOLEAN MailslotsSupported);
7623
7624 _IRQL_requires_max_(PASSIVE_LEVEL)
7625 NTKERNELAPI
7626 VOID
7627 NTAPI
7628 FsRtlDeregisterUncProvider(
7629 _In_ HANDLE Handle);
7630
7631 _IRQL_requires_max_(APC_LEVEL)
7632 NTKERNELAPI
7633 VOID
7634 NTAPI
7635 FsRtlTeardownPerStreamContexts(
7636 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader);
7637
7638 _Must_inspect_result_
7639 _IRQL_requires_max_(APC_LEVEL)
7640 NTKERNELAPI
7641 NTSTATUS
7642 NTAPI
7643 FsRtlCreateSectionForDataScan(
7644 _Out_ PHANDLE SectionHandle,
7645 _Outptr_ PVOID *SectionObject,
7646 _Out_opt_ PLARGE_INTEGER SectionFileSize,
7647 _In_ PFILE_OBJECT FileObject,
7648 _In_ ACCESS_MASK DesiredAccess,
7649 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
7650 _In_opt_ PLARGE_INTEGER MaximumSize,
7651 _In_ ULONG SectionPageProtection,
7652 _In_ ULONG AllocationAttributes,
7653 _In_ ULONG Flags);
7654
7655 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
7656
7657 #if (NTDDI_VERSION >= NTDDI_WINXP)
7658
7659 _IRQL_requires_max_(PASSIVE_LEVEL)
7660 NTKERNELAPI
7661 VOID
7662 NTAPI
7663 FsRtlNotifyFilterChangeDirectory(
7664 _In_ PNOTIFY_SYNC NotifySync,
7665 _In_ PLIST_ENTRY NotifyList,
7666 _In_ PVOID FsContext,
7667 _In_ PSTRING FullDirectoryName,
7668 _In_ BOOLEAN WatchTree,
7669 _In_ BOOLEAN IgnoreBuffer,
7670 _In_ ULONG CompletionFilter,
7671 _In_opt_ PIRP NotifyIrp,
7672 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback,
7673 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
7674 _In_opt_ PFILTER_REPORT_CHANGE FilterCallback);
7675
7676 _Must_inspect_result_
7677 _IRQL_requires_max_(APC_LEVEL)
7678 NTKERNELAPI
7679 NTSTATUS
7680 NTAPI
7681 FsRtlInsertPerStreamContext(
7682 _In_ PFSRTL_ADVANCED_FCB_HEADER PerStreamContext,
7683 _In_ PFSRTL_PER_STREAM_CONTEXT Ptr);
7684
7685 _Must_inspect_result_
7686 _IRQL_requires_max_(APC_LEVEL)
7687 NTKERNELAPI
7688 PFSRTL_PER_STREAM_CONTEXT
7689 NTAPI
7690 FsRtlLookupPerStreamContextInternal(
7691 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext,
7692 _In_opt_ PVOID OwnerId,
7693 _In_opt_ PVOID InstanceId);
7694
7695 _Must_inspect_result_
7696 _IRQL_requires_max_(APC_LEVEL)
7697 NTKERNELAPI
7698 PFSRTL_PER_STREAM_CONTEXT
7699 NTAPI
7700 FsRtlRemovePerStreamContext(
7701 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext,
7702 _In_opt_ PVOID OwnerId,
7703 _In_opt_ PVOID InstanceId);
7704
7705 NTKERNELAPI
7706 VOID
7707 NTAPI
7708 FsRtlIncrementCcFastReadNotPossible(
7709 VOID);
7710
7711 NTKERNELAPI
7712 VOID
7713 NTAPI
7714 FsRtlIncrementCcFastReadWait(VOID);
7715
7716 NTKERNELAPI
7717 VOID
7718 NTAPI
7719 FsRtlIncrementCcFastReadNoWait(VOID);
7720
7721 NTKERNELAPI
7722 VOID
7723 NTAPI
7724 FsRtlIncrementCcFastReadResourceMiss(VOID);
7725
7726 _IRQL_requires_max_(APC_LEVEL)
7727 NTKERNELAPI
7728 LOGICAL
7729 NTAPI
7730 FsRtlIsPagingFile(
7731 _In_ PFILE_OBJECT FileObject);
7732
7733 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
7734
7735 #if (NTDDI_VERSION >= NTDDI_WS03)
7736
7737 _IRQL_requires_max_(APC_LEVEL)
7738 NTKERNELAPI
7739 VOID
7740 NTAPI
7741 FsRtlInitializeBaseMcb(
7742 _Out_ PBASE_MCB Mcb,
7743 _In_ POOL_TYPE PoolType);
7744
7745 _IRQL_requires_max_(APC_LEVEL)
7746 NTKERNELAPI
7747 VOID
7748 NTAPI
7749 FsRtlUninitializeBaseMcb(
7750 _In_ PBASE_MCB Mcb);
7751
7752 _IRQL_requires_max_(APC_LEVEL)
7753 NTKERNELAPI
7754 VOID
7755 NTAPI
7756 FsRtlResetBaseMcb(
7757 _Out_ PBASE_MCB Mcb);
7758
7759 _IRQL_requires_max_(APC_LEVEL)
7760 NTKERNELAPI
7761 VOID
7762 NTAPI
7763 FsRtlTruncateBaseMcb(
7764 _Inout_ PBASE_MCB Mcb,
7765 _In_ LONGLONG Vbn);
7766
7767 _IRQL_requires_max_(APC_LEVEL)
7768 NTKERNELAPI
7769 BOOLEAN
7770 NTAPI
7771 FsRtlAddBaseMcbEntry(
7772 _Inout_ PBASE_MCB Mcb,
7773 _In_ LONGLONG Vbn,
7774 _In_ LONGLONG Lbn,
7775 _In_ LONGLONG SectorCount);
7776
7777 _IRQL_requires_max_(APC_LEVEL)
7778 NTKERNELAPI
7779 BOOLEAN
7780 NTAPI
7781 FsRtlRemoveBaseMcbEntry(
7782 _Inout_ PBASE_MCB Mcb,
7783 _In_ LONGLONG Vbn,
7784 _In_ LONGLONG SectorCount);
7785
7786 _IRQL_requires_max_(APC_LEVEL)
7787 NTKERNELAPI
7788 BOOLEAN
7789 NTAPI
7790 FsRtlLookupBaseMcbEntry(
7791 _In_ PBASE_MCB Mcb,
7792 _In_ LONGLONG Vbn,
7793 _Out_opt_ PLONGLONG Lbn,
7794 _Out_opt_ PLONGLONG SectorCountFromLbn,
7795 _Out_opt_ PLONGLONG StartingLbn,
7796 _Out_opt_ PLONGLONG SectorCountFromStartingLbn,
7797 _Out_opt_ PULONG Index);
7798
7799 _IRQL_requires_max_(APC_LEVEL)
7800 NTKERNELAPI
7801 BOOLEAN
7802 NTAPI
7803 FsRtlLookupLastBaseMcbEntry(
7804 _In_ PBASE_MCB Mcb,
7805 _Out_ PLONGLONG Vbn,
7806 _Out_ PLONGLONG Lbn);
7807
7808 _IRQL_requires_max_(APC_LEVEL)
7809 NTKERNELAPI
7810 BOOLEAN
7811 NTAPI
7812 FsRtlLookupLastBaseMcbEntryAndIndex(
7813 _In_ PBASE_MCB OpaqueMcb,
7814 _Inout_ PLONGLONG LargeVbn,
7815 _Inout_ PLONGLONG LargeLbn,
7816 _Inout_ PULONG Index);
7817
7818 _IRQL_requires_max_(APC_LEVEL)
7819 NTKERNELAPI
7820 ULONG
7821 NTAPI
7822 FsRtlNumberOfRunsInBaseMcb(
7823 _In_ PBASE_MCB Mcb);
7824
7825 _IRQL_requires_max_(APC_LEVEL)
7826 NTKERNELAPI
7827 BOOLEAN
7828 NTAPI
7829 FsRtlGetNextBaseMcbEntry(
7830 _In_ PBASE_MCB Mcb,
7831 _In_ ULONG RunIndex,
7832 _Out_ PLONGLONG Vbn,
7833 _Out_ PLONGLONG Lbn,
7834 _Out_ PLONGLONG SectorCount);
7835
7836 _IRQL_requires_max_(APC_LEVEL)
7837 NTKERNELAPI
7838 BOOLEAN
7839 NTAPI
7840 FsRtlSplitBaseMcb(
7841 _Inout_ PBASE_MCB Mcb,
7842 _In_ LONGLONG Vbn,
7843 _In_ LONGLONG Amount);
7844
7845 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
7846
7847 #if (NTDDI_VERSION >= NTDDI_VISTA)
7848
7849 _When_(!Flags & MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE, _Must_inspect_result_)
7850 _IRQL_requires_max_(APC_LEVEL)
7851 BOOLEAN
7852 NTAPI
7853 FsRtlInitializeBaseMcbEx(
7854 _Out_ PBASE_MCB Mcb,
7855 _In_ POOL_TYPE PoolType,
7856 _In_ USHORT Flags);
7857
7858 _Must_inspect_result_
7859 _IRQL_requires_max_(APC_LEVEL)
7860 NTSTATUS
7861 NTAPI
7862 FsRtlAddBaseMcbEntryEx(
7863 _Inout_ PBASE_MCB Mcb,
7864 _In_ LONGLONG Vbn,
7865 _In_ LONGLONG Lbn,
7866 _In_ LONGLONG SectorCount);
7867
7868 _Must_inspect_result_
7869 _IRQL_requires_max_(APC_LEVEL)
7870 NTKERNELAPI
7871 BOOLEAN
7872 NTAPI
7873 FsRtlCurrentOplock(
7874 _In_ POPLOCK Oplock);
7875
7876 _Must_inspect_result_
7877 _IRQL_requires_max_(APC_LEVEL)
7878 NTKERNELAPI
7879 NTSTATUS
7880 NTAPI
7881 FsRtlOplockBreakToNone(
7882 _Inout_ POPLOCK Oplock,
7883 _In_opt_ PIO_STACK_LOCATION IrpSp,
7884 _In_ PIRP Irp,
7885 _In_opt_ PVOID Context,
7886 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
7887 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
7888
7889 _IRQL_requires_max_(DISPATCH_LEVEL)
7890 NTKERNELAPI
7891 NTSTATUS
7892 NTAPI
7893 FsRtlNotifyVolumeEventEx(
7894 _In_ PFILE_OBJECT FileObject,
7895 _In_ ULONG EventCode,
7896 _In_ PTARGET_DEVICE_CUSTOM_NOTIFICATION Event);
7897
7898 _IRQL_requires_max_(APC_LEVEL)
7899 NTKERNELAPI
7900 VOID
7901 NTAPI
7902 FsRtlNotifyCleanupAll(
7903 _In_ PNOTIFY_SYNC NotifySync,
7904 _In_ PLIST_ENTRY NotifyList);
7905
7906 _Must_inspect_result_
7907 _IRQL_requires_max_(PASSIVE_LEVEL)
7908 NTSTATUS
7909 NTAPI
7910 FsRtlRegisterUncProviderEx(
7911 _Out_ PHANDLE MupHandle,
7912 _In_ PUNICODE_STRING RedirDevName,
7913 _In_ PDEVICE_OBJECT DeviceObject,
7914 _In_ ULONG Flags);
7915
7916 _Must_inspect_result_
7917 _When_(Irp!=NULL, _IRQL_requires_max_(PASSIVE_LEVEL))
7918 _When_(Irp==NULL, _IRQL_requires_max_(APC_LEVEL))
7919 NTKERNELAPI
7920 NTSTATUS
7921 NTAPI
7922 FsRtlCancellableWaitForSingleObject(
7923 _In_ PVOID Object,
7924 _In_opt_ PLARGE_INTEGER Timeout,
7925 _In_opt_ PIRP Irp);
7926
7927 _Must_inspect_result_
7928 _When_(Irp != NULL, _IRQL_requires_max_(PASSIVE_LEVEL))
7929 _When_(Irp == NULL, _IRQL_requires_max_(APC_LEVEL))
7930 NTKERNELAPI
7931 NTSTATUS
7932 NTAPI
7933 FsRtlCancellableWaitForMultipleObjects(
7934 _In_ ULONG Count,
7935 _In_reads_(Count) PVOID ObjectArray[],
7936 _In_ WAIT_TYPE WaitType,
7937 _In_opt_ PLARGE_INTEGER Timeout,
7938 _In_opt_ PKWAIT_BLOCK WaitBlockArray,
7939 _In_opt_ PIRP Irp);
7940
7941 _Must_inspect_result_
7942 _IRQL_requires_max_(APC_LEVEL)
7943 NTKERNELAPI
7944 NTSTATUS
7945 NTAPI
7946 FsRtlMupGetProviderInfoFromFileObject(
7947 _In_ PFILE_OBJECT pFileObject,
7948 _In_ ULONG Level,
7949 _Out_writes_bytes_(*pBufferSize) PVOID pBuffer,
7950 _Inout_ PULONG pBufferSize);
7951
7952 _Must_inspect_result_
7953 _IRQL_requires_max_(APC_LEVEL)
7954 NTKERNELAPI
7955 NTSTATUS
7956 NTAPI
7957 FsRtlMupGetProviderIdFromName(
7958 _In_ PUNICODE_STRING pProviderName,
7959 _Out_ PULONG32 pProviderId);
7960
7961 NTKERNELAPI
7962 VOID
7963 NTAPI
7964 FsRtlIncrementCcFastMdlReadWait(VOID);
7965
7966 _Must_inspect_result_
7967 _IRQL_requires_max_(PASSIVE_LEVEL)
7968 NTKERNELAPI
7969 NTSTATUS
7970 NTAPI
7971 FsRtlValidateReparsePointBuffer(
7972 _In_ ULONG BufferLength,
7973 _In_reads_bytes_(BufferLength) PREPARSE_DATA_BUFFER ReparseBuffer);
7974
7975 _Must_inspect_result_
7976 _IRQL_requires_max_(PASSIVE_LEVEL)
7977 NTKERNELAPI
7978 NTSTATUS
7979 NTAPI
7980 FsRtlRemoveDotsFromPath(
7981 _Inout_updates_bytes_(PathLength) PWSTR OriginalString,
7982 _In_ USHORT PathLength,
7983 _Out_ USHORT *NewLength);
7984
7985 _Must_inspect_result_
7986 _IRQL_requires_max_(APC_LEVEL)
7987 NTKERNELAPI
7988 NTSTATUS
7989 NTAPI
7990 FsRtlAllocateExtraCreateParameterList(
7991 _In_ FSRTL_ALLOCATE_ECPLIST_FLAGS Flags,
7992 _Outptr_ PECP_LIST *EcpList);
7993
7994 _IRQL_requires_max_(APC_LEVEL)
7995 NTKERNELAPI
7996 VOID
7997 NTAPI
7998 FsRtlFreeExtraCreateParameterList(
7999 _In_ PECP_LIST EcpList);
8000
8001 _Must_inspect_result_
8002 _IRQL_requires_max_(APC_LEVEL)
8003 NTKERNELAPI
8004 NTSTATUS
8005 NTAPI
8006 FsRtlAllocateExtraCreateParameter(
8007 _In_ LPCGUID EcpType,
8008 _In_ ULONG SizeOfContext,
8009 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags,
8010 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8011 _In_ ULONG PoolTag,
8012 _Outptr_result_bytebuffer_(SizeOfContext) PVOID *EcpContext);
8013
8014 _IRQL_requires_max_(APC_LEVEL)
8015 NTKERNELAPI
8016 VOID
8017 NTAPI
8018 FsRtlFreeExtraCreateParameter(
8019 _In_ PVOID EcpContext);
8020
8021 _When_(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL, _IRQL_requires_max_(DISPATCH_LEVEL))
8022 _When_(!(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL), _IRQL_requires_max_(APC_LEVEL))
8023 NTKERNELAPI
8024 VOID
8025 NTAPI
8026 FsRtlInitExtraCreateParameterLookasideList(
8027 _Inout_ PVOID Lookaside,
8028 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags,
8029 _In_ SIZE_T Size,
8030 _In_ ULONG Tag);
8031
8032 _When_(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL, _IRQL_requires_max_(DISPATCH_LEVEL))
8033 _When_(!(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL), _IRQL_requires_max_(APC_LEVEL))
8034 VOID
8035 NTAPI
8036 FsRtlDeleteExtraCreateParameterLookasideList(
8037 _Inout_ PVOID Lookaside,
8038 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags);
8039
8040 _Must_inspect_result_
8041 _IRQL_requires_max_(APC_LEVEL)
8042 NTKERNELAPI
8043 NTSTATUS
8044 NTAPI
8045 FsRtlAllocateExtraCreateParameterFromLookasideList(
8046 _In_ LPCGUID EcpType,
8047 ULONG SizeOfContext,
8048 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags,
8049 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8050 _Inout_ PVOID LookasideList,
8051 _Outptr_ PVOID *EcpContext);
8052
8053 _Must_inspect_result_
8054 _IRQL_requires_max_(APC_LEVEL)
8055 NTKERNELAPI
8056 NTSTATUS
8057 NTAPI
8058 FsRtlInsertExtraCreateParameter(
8059 _Inout_ PECP_LIST EcpList,
8060 _Inout_ PVOID EcpContext);
8061
8062 _Must_inspect_result_
8063 _IRQL_requires_max_(APC_LEVEL)
8064 NTKERNELAPI
8065 NTSTATUS
8066 NTAPI
8067 FsRtlFindExtraCreateParameter(
8068 _In_ PECP_LIST EcpList,
8069 _In_ LPCGUID EcpType,
8070 _Outptr_opt_ PVOID *EcpContext,
8071 _Out_opt_ ULONG *EcpContextSize);
8072
8073 _Must_inspect_result_
8074 _IRQL_requires_max_(APC_LEVEL)
8075 NTKERNELAPI
8076 NTSTATUS
8077 NTAPI
8078 FsRtlRemoveExtraCreateParameter(
8079 _Inout_ PECP_LIST EcpList,
8080 _In_ LPCGUID EcpType,
8081 _Outptr_ PVOID *EcpContext,
8082 _Out_opt_ ULONG *EcpContextSize);
8083
8084 _Must_inspect_result_
8085 _IRQL_requires_max_(APC_LEVEL)
8086 NTKERNELAPI
8087 NTSTATUS
8088 NTAPI
8089 FsRtlGetEcpListFromIrp(
8090 _In_ PIRP Irp,
8091 _Outptr_result_maybenull_ PECP_LIST *EcpList);
8092
8093 _Must_inspect_result_
8094 _IRQL_requires_max_(APC_LEVEL)
8095 NTKERNELAPI
8096 NTSTATUS
8097 NTAPI
8098 FsRtlSetEcpListIntoIrp(
8099 _Inout_ PIRP Irp,
8100 _In_ PECP_LIST EcpList);
8101
8102 _Must_inspect_result_
8103 _IRQL_requires_max_(APC_LEVEL)
8104 NTKERNELAPI
8105 NTSTATUS
8106 NTAPI
8107 FsRtlGetNextExtraCreateParameter(
8108 _In_ PECP_LIST EcpList,
8109 _In_opt_ PVOID CurrentEcpContext,
8110 _Out_opt_ LPGUID NextEcpType,
8111 _Outptr_opt_ PVOID *NextEcpContext,
8112 _Out_opt_ ULONG *NextEcpContextSize);
8113
8114 _IRQL_requires_max_(APC_LEVEL)
8115 NTKERNELAPI
8116 VOID
8117 NTAPI
8118 FsRtlAcknowledgeEcp(
8119 _In_ PVOID EcpContext);
8120
8121 _IRQL_requires_max_(APC_LEVEL)
8122 NTKERNELAPI
8123 BOOLEAN
8124 NTAPI
8125 FsRtlIsEcpAcknowledged(
8126 _In_ PVOID EcpContext);
8127
8128 _IRQL_requires_max_(APC_LEVEL)
8129 NTKERNELAPI
8130 BOOLEAN
8131 NTAPI
8132 FsRtlIsEcpFromUserMode(
8133 _In_ PVOID EcpContext);
8134
8135 _Must_inspect_result_
8136 _IRQL_requires_max_(PASSIVE_LEVEL)
8137 NTKERNELAPI
8138 NTSTATUS
8139 NTAPI
8140 FsRtlChangeBackingFileObject(
8141 _In_opt_ PFILE_OBJECT CurrentFileObject,
8142 _In_ PFILE_OBJECT NewFileObject,
8143 _In_ FSRTL_CHANGE_BACKING_TYPE ChangeBackingType,
8144 _In_ ULONG Flags);
8145
8146 _Must_inspect_result_
8147 _IRQL_requires_max_(APC_LEVEL)
8148 NTKERNELAPI
8149 NTSTATUS
8150 NTAPI
8151 FsRtlLogCcFlushError(
8152 _In_ PUNICODE_STRING FileName,
8153 _In_ PDEVICE_OBJECT DeviceObject,
8154 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8155 _In_ NTSTATUS FlushError,
8156 _In_ ULONG Flags);
8157
8158 _IRQL_requires_max_(APC_LEVEL)
8159 NTKERNELAPI
8160 BOOLEAN
8161 NTAPI
8162 FsRtlAreVolumeStartupApplicationsComplete(VOID);
8163
8164 NTKERNELAPI
8165 ULONG
8166 NTAPI
8167 FsRtlQueryMaximumVirtualDiskNestingLevel(VOID);
8168
8169 NTKERNELAPI
8170 NTSTATUS
8171 NTAPI
8172 FsRtlGetVirtualDiskNestingLevel(
8173 _In_ PDEVICE_OBJECT DeviceObject,
8174 _Out_ PULONG NestingLevel,
8175 _Out_opt_ PULONG NestingFlags);
8176
8177 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8178
8179 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
8180 _When_(Flags | OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK, _Must_inspect_result_)
8181 _IRQL_requires_max_(APC_LEVEL)
8182 NTKERNELAPI
8183 NTSTATUS
8184 NTAPI
8185 FsRtlCheckOplockEx(
8186 _In_ POPLOCK Oplock,
8187 _In_ PIRP Irp,
8188 _In_ ULONG Flags,
8189 _In_opt_ PVOID Context,
8190 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8191 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8192
8193 #endif
8194
8195 #if (NTDDI_VERSION >= NTDDI_WIN7)
8196
8197 _IRQL_requires_max_(APC_LEVEL)
8198 NTKERNELAPI
8199 BOOLEAN
8200 NTAPI
8201 FsRtlAreThereCurrentOrInProgressFileLocks(
8202 _In_ PFILE_LOCK FileLock);
8203
8204 _Must_inspect_result_
8205 _IRQL_requires_max_(APC_LEVEL)
8206 NTKERNELAPI
8207 BOOLEAN
8208 NTAPI
8209 FsRtlOplockIsSharedRequest(
8210 _In_ PIRP Irp);
8211
8212 _Must_inspect_result_
8213 _IRQL_requires_max_(APC_LEVEL)
8214 NTKERNELAPI
8215 NTSTATUS
8216 NTAPI
8217 FsRtlOplockBreakH(
8218 _In_ POPLOCK Oplock,
8219 _In_ PIRP Irp,
8220 _In_ ULONG Flags,
8221 _In_opt_ PVOID Context,
8222 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8223 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8224
8225 _IRQL_requires_max_(APC_LEVEL)
8226 NTKERNELAPI
8227 BOOLEAN
8228 NTAPI
8229 FsRtlCurrentOplockH(
8230 _In_ POPLOCK Oplock);
8231
8232 _Must_inspect_result_
8233 _IRQL_requires_max_(APC_LEVEL)
8234 NTKERNELAPI
8235 NTSTATUS
8236 NTAPI
8237 FsRtlOplockBreakToNoneEx(
8238 _Inout_ POPLOCK Oplock,
8239 _In_ PIRP Irp,
8240 _In_ ULONG Flags,
8241 _In_opt_ PVOID Context,
8242 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8243 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8244
8245 _Must_inspect_result_
8246 _IRQL_requires_max_(APC_LEVEL)
8247 NTKERNELAPI
8248 NTSTATUS
8249 NTAPI
8250 FsRtlOplockFsctrlEx(
8251 _In_ POPLOCK Oplock,
8252 _In_ PIRP Irp,
8253 _In_ ULONG OpenCount,
8254 _In_ ULONG Flags);
8255
8256 _IRQL_requires_max_(APC_LEVEL)
8257 NTKERNELAPI
8258 BOOLEAN
8259 NTAPI
8260 FsRtlOplockKeysEqual(
8261 _In_opt_ PFILE_OBJECT Fo1,
8262 _In_opt_ PFILE_OBJECT Fo2);
8263
8264 NTKERNELAPI
8265 NTSTATUS
8266 NTAPI
8267 FsRtlInitializeExtraCreateParameterList(
8268 _Inout_ PECP_LIST EcpList);
8269
8270 NTKERNELAPI
8271 VOID
8272 NTAPI
8273 FsRtlInitializeExtraCreateParameter(
8274 _Out_ PECP_HEADER Ecp,
8275 _In_ ULONG EcpFlags,
8276 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8277 _In_ ULONG TotalSize,
8278 _In_ LPCGUID EcpType,
8279 _In_opt_ PVOID ListAllocatedFrom);
8280
8281 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
8282
8283 _Must_inspect_result_
8284 _IRQL_requires_max_(APC_LEVEL)
8285 NTKERNELAPI
8286 NTSTATUS
8287 NTAPI
8288 FsRtlInsertPerFileContext(
8289 _In_ PVOID* PerFileContextPointer,
8290 _In_ PFSRTL_PER_FILE_CONTEXT Ptr);
8291
8292 _Must_inspect_result_
8293 _IRQL_requires_max_(APC_LEVEL)
8294 NTKERNELAPI
8295 PFSRTL_PER_FILE_CONTEXT
8296 NTAPI
8297 FsRtlLookupPerFileContext(
8298 _In_ PVOID* PerFileContextPointer,
8299 _In_opt_ PVOID OwnerId,
8300 _In_opt_ PVOID InstanceId);
8301
8302 _Must_inspect_result_
8303 _IRQL_requires_max_(APC_LEVEL)
8304 NTKERNELAPI
8305 PFSRTL_PER_FILE_CONTEXT
8306 NTAPI
8307 FsRtlRemovePerFileContext(
8308 _In_ PVOID* PerFileContextPointer,
8309 _In_opt_ PVOID OwnerId,
8310 _In_opt_ PVOID InstanceId);
8311
8312 _IRQL_requires_max_(APC_LEVEL)
8313 NTKERNELAPI
8314 VOID
8315 NTAPI
8316 FsRtlTeardownPerFileContexts(
8317 _In_ PVOID* PerFileContextPointer);
8318
8319 _Must_inspect_result_
8320 _IRQL_requires_max_(APC_LEVEL)
8321 NTKERNELAPI
8322 NTSTATUS
8323 NTAPI
8324 FsRtlInsertPerFileObjectContext(
8325 _In_ PFILE_OBJECT FileObject,
8326 _In_ PFSRTL_PER_FILEOBJECT_CONTEXT Ptr);
8327
8328 _Must_inspect_result_
8329 _IRQL_requires_max_(APC_LEVEL)
8330 NTKERNELAPI
8331 PFSRTL_PER_FILEOBJECT_CONTEXT
8332 NTAPI
8333 FsRtlLookupPerFileObjectContext(
8334 _In_ PFILE_OBJECT FileObject,
8335 _In_opt_ PVOID OwnerId,
8336 _In_opt_ PVOID InstanceId);
8337
8338 _Must_inspect_result_
8339 _IRQL_requires_max_(APC_LEVEL)
8340 NTKERNELAPI
8341 PFSRTL_PER_FILEOBJECT_CONTEXT
8342 NTAPI
8343 FsRtlRemovePerFileObjectContext(
8344 _In_ PFILE_OBJECT FileObject,
8345 _In_opt_ PVOID OwnerId,
8346 _In_opt_ PVOID InstanceId);
8347
8348 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) ( \
8349 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11) \
8350 )
8351
8352 #define FsRtlAreThereCurrentFileLocks(FL) ( \
8353 ((FL)->FastIoIsQuestionable) \
8354 )
8355
8356 #define FsRtlIncrementLockRequestsInProgress(FL) { \
8357 ASSERT( (FL)->LockRequestsInProgress >= 0 ); \
8358 (void) \
8359 (InterlockedIncrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8360 }
8361
8362 #define FsRtlDecrementLockRequestsInProgress(FL) { \
8363 ASSERT( (FL)->LockRequestsInProgress > 0 ); \
8364 (void) \
8365 (InterlockedDecrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8366 }
8367
8368 /* GCC compatible definition, MS one is retarded */
8369 extern NTKERNELAPI const UCHAR * const FsRtlLegalAnsiCharacterArray;
8370 #define LEGAL_ANSI_CHARACTER_ARRAY FsRtlLegalAnsiCharacterArray
8371
8372 #define FsRtlIsAnsiCharacterWild(C) ( \
8373 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], FSRTL_WILD_CHARACTER ) \
8374 )
8375
8376 #define FsRtlIsAnsiCharacterLegalFat(C, WILD) ( \
8377 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_FAT_LEGAL) | \
8378 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8379 )
8380
8381 #define FsRtlIsAnsiCharacterLegalHpfs(C, WILD) ( \
8382 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_HPFS_LEGAL) | \
8383 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8384 )
8385
8386 #define FsRtlIsAnsiCharacterLegalNtfs(C, WILD) ( \
8387 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_NTFS_LEGAL) | \
8388 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8389 )
8390
8391 #define FsRtlIsAnsiCharacterLegalNtfsStream(C,WILD_OK) ( \
8392 FsRtlTestAnsiCharacter((C), TRUE, (WILD_OK), FSRTL_NTFS_STREAM_LEGAL) \
8393 )
8394
8395 #define FsRtlIsAnsiCharacterLegal(C,FLAGS) ( \
8396 FsRtlTestAnsiCharacter((C), TRUE, FALSE, (FLAGS)) \
8397 )
8398
8399 #define FsRtlTestAnsiCharacter(C, DEFAULT_RET, WILD_OK, FLAGS) ( \
8400 ((SCHAR)(C) < 0) ? DEFAULT_RET : \
8401 FlagOn( LEGAL_ANSI_CHARACTER_ARRAY[(C)], \
8402 (FLAGS) | \
8403 ((WILD_OK) ? FSRTL_WILD_CHARACTER : 0) ) \
8404 )
8405
8406 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) ( \
8407 (BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
8408 (NLS_MB_CODE_PAGE_TAG && \
8409 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))) \
8410 )
8411
8412 #define FsRtlIsUnicodeCharacterWild(C) ( \
8413 (((C) >= 0x40) ? \
8414 FALSE : \
8415 FlagOn(FsRtlLegalAnsiCharacterArray[(C)], FSRTL_WILD_CHARACTER )) \
8416 )
8417
8418 #define FsRtlInitPerFileContext( _fc, _owner, _inst, _cb) \
8419 ((_fc)->OwnerId = (_owner), \
8420 (_fc)->InstanceId = (_inst), \
8421 (_fc)->FreeCallback = (_cb))
8422
8423 #define FsRtlGetPerFileContextPointer(_fo) \
8424 (FsRtlSupportsPerFileContexts(_fo) ? \
8425 FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer : \
8426 NULL)
8427
8428 #define FsRtlSupportsPerFileContexts(_fo) \
8429 ((FsRtlGetPerStreamContextPointer(_fo) != NULL) && \
8430 (FsRtlGetPerStreamContextPointer(_fo)->Version >= FSRTL_FCB_HEADER_V1) && \
8431 (FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer != NULL))
8432
8433 #define FsRtlSetupAdvancedHeaderEx( _advhdr, _fmutx, _fctxptr ) \
8434 { \
8435 FsRtlSetupAdvancedHeader( _advhdr, _fmutx ); \
8436 if ((_fctxptr) != NULL) { \
8437 (_advhdr)->FileContextSupportPointer = (_fctxptr); \
8438 } \
8439 }
8440
8441 #define FsRtlGetPerStreamContextPointer(FO) ( \
8442 (PFSRTL_ADVANCED_FCB_HEADER)(FO)->FsContext \
8443 )
8444
8445 #define FsRtlInitPerStreamContext(PSC, O, I, FC) ( \
8446 (PSC)->OwnerId = (O), \
8447 (PSC)->InstanceId = (I), \
8448 (PSC)->FreeCallback = (FC) \
8449 )
8450
8451 #define FsRtlSupportsPerStreamContexts(FO) ( \
8452 (BOOLEAN)((NULL != FsRtlGetPerStreamContextPointer(FO) && \
8453 FlagOn(FsRtlGetPerStreamContextPointer(FO)->Flags2, \
8454 FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS)) \
8455 )
8456
8457 #define FsRtlLookupPerStreamContext(_sc, _oid, _iid) \
8458 (((NULL != (_sc)) && \
8459 FlagOn((_sc)->Flags2,FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS) && \
8460 !IsListEmpty(&(_sc)->FilterContexts)) ? \
8461 FsRtlLookupPerStreamContextInternal((_sc), (_oid), (_iid)) : \
8462 NULL)
8463
8464 _IRQL_requires_max_(APC_LEVEL)
8465 FORCEINLINE
8466 VOID
8467 NTAPI
8468 FsRtlSetupAdvancedHeader(
8469 _In_ PVOID AdvHdr,
8470 _In_ PFAST_MUTEX FMutex )
8471 {
8472 PFSRTL_ADVANCED_FCB_HEADER localAdvHdr = (PFSRTL_ADVANCED_FCB_HEADER)AdvHdr;
8473
8474 localAdvHdr->Flags |= FSRTL_FLAG_ADVANCED_HEADER;
8475 localAdvHdr->Flags2 |= FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS;
8476 #if (NTDDI_VERSION >= NTDDI_VISTA)
8477 localAdvHdr->Version = FSRTL_FCB_HEADER_V1;
8478 #else
8479 localAdvHdr->Version = FSRTL_FCB_HEADER_V0;
8480 #endif
8481 InitializeListHead( &localAdvHdr->FilterContexts );
8482 if (FMutex != NULL) {
8483 localAdvHdr->FastMutex = FMutex;
8484 }
8485 #if (NTDDI_VERSION >= NTDDI_VISTA)
8486 *((PULONG_PTR)(&localAdvHdr->PushLock)) = 0;
8487 localAdvHdr->FileContextSupportPointer = NULL;
8488 #endif
8489 }
8490
8491 #define FsRtlInitPerFileObjectContext(_fc, _owner, _inst) \
8492 ((_fc)->OwnerId = (_owner), (_fc)->InstanceId = (_inst))
8493
8494 #define FsRtlCompleteRequest(IRP,STATUS) { \
8495 (IRP)->IoStatus.Status = (STATUS); \
8496 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
8497 }
8498 /* Common Cache Types */
8499
8500 #define VACB_MAPPING_GRANULARITY (0x40000)
8501 #define VACB_OFFSET_SHIFT (18)
8502
8503 typedef struct _PUBLIC_BCB {
8504 CSHORT NodeTypeCode;
8505 CSHORT NodeByteSize;
8506 ULONG MappedLength;
8507 LARGE_INTEGER MappedFileOffset;
8508 } PUBLIC_BCB, *PPUBLIC_BCB;
8509
8510 typedef struct _CC_FILE_SIZES {
8511 LARGE_INTEGER AllocationSize;
8512 LARGE_INTEGER FileSize;
8513 LARGE_INTEGER ValidDataLength;
8514 } CC_FILE_SIZES, *PCC_FILE_SIZES;
8515
8516 typedef BOOLEAN
8517 (NTAPI *PACQUIRE_FOR_LAZY_WRITE) (
8518 _In_ PVOID Context,
8519 _In_ BOOLEAN Wait);
8520
8521 typedef VOID
8522 (NTAPI *PRELEASE_FROM_LAZY_WRITE) (
8523 _In_ PVOID Context);
8524
8525 typedef BOOLEAN
8526 (NTAPI *PACQUIRE_FOR_READ_AHEAD) (
8527 _In_ PVOID Context,
8528 _In_ BOOLEAN Wait);
8529
8530 typedef VOID
8531 (NTAPI *PRELEASE_FROM_READ_AHEAD) (
8532 _In_ PVOID Context);
8533
8534 typedef struct _CACHE_MANAGER_CALLBACKS {
8535 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite;
8536 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite;
8537 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead;
8538 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead;
8539 } CACHE_MANAGER_CALLBACKS, *PCACHE_MANAGER_CALLBACKS;
8540
8541 typedef struct _CACHE_UNINITIALIZE_EVENT {
8542 struct _CACHE_UNINITIALIZE_EVENT *Next;
8543 KEVENT Event;
8544 } CACHE_UNINITIALIZE_EVENT, *PCACHE_UNINITIALIZE_EVENT;
8545
8546 typedef VOID
8547 (NTAPI *PDIRTY_PAGE_ROUTINE) (
8548 _In_ PFILE_OBJECT FileObject,
8549 _In_ PLARGE_INTEGER FileOffset,
8550 _In_ ULONG Length,
8551 _In_ PLARGE_INTEGER OldestLsn,
8552 _In_ PLARGE_INTEGER NewestLsn,
8553 _In_ PVOID Context1,
8554 _In_ PVOID Context2);
8555
8556 typedef VOID
8557 (NTAPI *PFLUSH_TO_LSN) (
8558 _In_ PVOID LogHandle,
8559 _In_ LARGE_INTEGER Lsn);
8560
8561 typedef VOID
8562 (NTAPI *PCC_POST_DEFERRED_WRITE) (
8563 _In_ PVOID Context1,
8564 _In_ PVOID Context2);
8565
8566 #define UNINITIALIZE_CACHE_MAPS (1)
8567 #define DO_NOT_RETRY_PURGE (2)
8568 #define DO_NOT_PURGE_DIRTY_PAGES (0x4)
8569
8570 #define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
8571 /* Common Cache Functions */
8572
8573 #define CcIsFileCached(FO) ( \
8574 ((FO)->SectionObjectPointer != NULL) && \
8575 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
8576 )
8577
8578 extern ULONG CcFastMdlReadWait;
8579
8580 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8581
8582 NTKERNELAPI
8583 VOID
8584 NTAPI
8585 CcInitializeCacheMap(
8586 _In_ PFILE_OBJECT FileObject,
8587 _In_ PCC_FILE_SIZES FileSizes,
8588 _In_ BOOLEAN PinAccess,
8589 _In_ PCACHE_MANAGER_CALLBACKS Callbacks,
8590 _In_ PVOID LazyWriteContext);
8591
8592 NTKERNELAPI
8593 BOOLEAN
8594 NTAPI
8595 CcUninitializeCacheMap(
8596 _In_ PFILE_OBJECT FileObject,
8597 _In_opt_ PLARGE_INTEGER TruncateSize,
8598 _In_opt_ PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent);
8599
8600 NTKERNELAPI
8601 VOID
8602 NTAPI
8603 CcSetFileSizes(
8604 IN PFILE_OBJECT FileObject,
8605 IN PCC_FILE_SIZES FileSizes);
8606
8607 NTKERNELAPI
8608 VOID
8609 NTAPI
8610 CcSetDirtyPageThreshold(
8611 _In_ PFILE_OBJECT FileObject,
8612 _In_ ULONG DirtyPageThreshold);
8613
8614 NTKERNELAPI
8615 VOID
8616 NTAPI
8617 CcFlushCache(
8618 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8619 _In_opt_ PLARGE_INTEGER FileOffset,
8620 _In_ ULONG Length,
8621 _Out_opt_ PIO_STATUS_BLOCK IoStatus);
8622
8623 NTKERNELAPI
8624 LARGE_INTEGER
8625 NTAPI
8626 CcGetFlushedValidData(
8627 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8628 _In_ BOOLEAN BcbListHeld);
8629
8630 NTKERNELAPI
8631 BOOLEAN
8632 NTAPI
8633 CcZeroData(
8634 _In_ PFILE_OBJECT FileObject,
8635 _In_ PLARGE_INTEGER StartOffset,
8636 _In_ PLARGE_INTEGER EndOffset,
8637 _In_ BOOLEAN Wait);
8638
8639 NTKERNELAPI
8640 PVOID
8641 NTAPI
8642 CcRemapBcb(
8643 _In_ PVOID Bcb);
8644
8645 NTKERNELAPI
8646 VOID
8647 NTAPI
8648 CcRepinBcb(
8649 _In_ PVOID Bcb);
8650
8651 NTKERNELAPI
8652 VOID
8653 NTAPI
8654 CcUnpinRepinnedBcb(
8655 _In_ PVOID Bcb,
8656 _In_ BOOLEAN WriteThrough,
8657 _Out_ PIO_STATUS_BLOCK IoStatus);
8658
8659 NTKERNELAPI
8660 PFILE_OBJECT
8661 NTAPI
8662 CcGetFileObjectFromSectionPtrs(
8663 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer);
8664
8665 NTKERNELAPI
8666 PFILE_OBJECT
8667 NTAPI
8668 CcGetFileObjectFromBcb(
8669 _In_ PVOID Bcb);
8670
8671 NTKERNELAPI
8672 BOOLEAN
8673 NTAPI
8674 CcCanIWrite(
8675 _In_opt_ PFILE_OBJECT FileObject,
8676 _In_ ULONG BytesToWrite,
8677 _In_ BOOLEAN Wait,
8678 _In_ BOOLEAN Retrying);
8679
8680 NTKERNELAPI
8681 VOID
8682 NTAPI
8683 CcDeferWrite(
8684 _In_ PFILE_OBJECT FileObject,
8685 _In_ PCC_POST_DEFERRED_WRITE PostRoutine,
8686 _In_ PVOID Context1,
8687 _In_ PVOID Context2,
8688 _In_ ULONG BytesToWrite,
8689 _In_ BOOLEAN Retrying);
8690
8691 NTKERNELAPI
8692 BOOLEAN
8693 NTAPI
8694 CcCopyRead(
8695 _In_ PFILE_OBJECT FileObject,
8696 _In_ PLARGE_INTEGER FileOffset,
8697 _In_ ULONG Length,
8698 _In_ BOOLEAN Wait,
8699 _Out_writes_bytes_(Length) PVOID Buffer,
8700 _Out_ PIO_STATUS_BLOCK IoStatus);
8701
8702 NTKERNELAPI
8703 VOID
8704 NTAPI
8705 CcFastCopyRead(
8706 _In_ PFILE_OBJECT FileObject,
8707 _In_ ULONG FileOffset,
8708 _In_ ULONG Length,
8709 _In_ ULONG PageCount,
8710 _Out_writes_bytes_(Length) PVOID Buffer,
8711 _Out_ PIO_STATUS_BLOCK IoStatus);
8712
8713 NTKERNELAPI
8714 BOOLEAN
8715 NTAPI
8716 CcCopyWrite(
8717 _In_ PFILE_OBJECT FileObject,
8718 _In_ PLARGE_INTEGER FileOffset,
8719 _In_ ULONG Length,
8720 _In_ BOOLEAN Wait,
8721 _In_reads_bytes_(Length) PVOID Buffer);
8722
8723 NTKERNELAPI
8724 VOID
8725 NTAPI
8726 CcFastCopyWrite(
8727 _In_ PFILE_OBJECT FileObject,
8728 _In_ ULONG FileOffset,
8729 _In_ ULONG Length,
8730 _In_reads_bytes_(Length) PVOID Buffer);
8731
8732 NTKERNELAPI
8733 VOID
8734 NTAPI
8735 CcMdlRead(
8736 _In_ PFILE_OBJECT FileObject,
8737 _In_ PLARGE_INTEGER FileOffset,
8738 _In_ ULONG Length,
8739 _Out_ PMDL *MdlChain,
8740 _Out_ PIO_STATUS_BLOCK IoStatus);
8741
8742 NTKERNELAPI
8743 VOID
8744 NTAPI
8745 CcMdlReadComplete(
8746 _In_ PFILE_OBJECT FileObject,
8747 _In_ PMDL MdlChain);
8748
8749 NTKERNELAPI
8750 VOID
8751 NTAPI
8752 CcPrepareMdlWrite(
8753 _In_ PFILE_OBJECT FileObject,
8754 _In_ PLARGE_INTEGER FileOffset,
8755 _In_ ULONG Length,
8756 _Out_ PMDL *MdlChain,
8757 _Out_ PIO_STATUS_BLOCK IoStatus);
8758
8759 NTKERNELAPI
8760 VOID
8761 NTAPI
8762 CcMdlWriteComplete(
8763 _In_ PFILE_OBJECT FileObject,
8764 _In_ PLARGE_INTEGER FileOffset,
8765 _In_ PMDL MdlChain);
8766
8767 NTKERNELAPI
8768 VOID
8769 NTAPI
8770 CcScheduleReadAhead(
8771 _In_ PFILE_OBJECT FileObject,
8772 _In_ PLARGE_INTEGER FileOffset,
8773 _In_ ULONG Length);
8774
8775 NTKERNELAPI
8776 NTSTATUS
8777 NTAPI
8778 CcWaitForCurrentLazyWriterActivity(VOID);
8779
8780 NTKERNELAPI
8781 VOID
8782 NTAPI
8783 CcSetReadAheadGranularity(
8784 _In_ PFILE_OBJECT FileObject,
8785 _In_ ULONG Granularity);
8786
8787 NTKERNELAPI
8788 BOOLEAN
8789 NTAPI
8790 CcPinRead(
8791 _In_ PFILE_OBJECT FileObject,
8792 _In_ PLARGE_INTEGER FileOffset,
8793 _In_ ULONG Length,
8794 _In_ ULONG Flags,
8795 _Outptr_ PVOID *Bcb,
8796 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8797
8798 NTKERNELAPI
8799 BOOLEAN
8800 NTAPI
8801 CcPinMappedData(
8802 _In_ PFILE_OBJECT FileObject,
8803 _In_ PLARGE_INTEGER FileOffset,
8804 _In_ ULONG Length,
8805 _In_ ULONG Flags,
8806 _Inout_ PVOID *Bcb);
8807
8808 NTKERNELAPI
8809 BOOLEAN
8810 NTAPI
8811 CcPreparePinWrite(
8812 _In_ PFILE_OBJECT FileObject,
8813 _In_ PLARGE_INTEGER FileOffset,
8814 _In_ ULONG Length,
8815 _In_ BOOLEAN Zero,
8816 _In_ ULONG Flags,
8817 _Outptr_ PVOID *Bcb,
8818 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8819
8820 NTKERNELAPI
8821 VOID
8822 NTAPI
8823 CcSetDirtyPinnedData(
8824 _In_ PVOID BcbVoid,
8825 _In_opt_ PLARGE_INTEGER Lsn);
8826
8827 NTKERNELAPI
8828 VOID
8829 NTAPI
8830 CcUnpinData(
8831 _In_ PVOID Bcb);
8832
8833 NTKERNELAPI
8834 VOID
8835 NTAPI
8836 CcSetBcbOwnerPointer(
8837 _In_ PVOID Bcb,
8838 _In_ PVOID OwnerPointer);
8839
8840 NTKERNELAPI
8841 VOID
8842 NTAPI
8843 CcUnpinDataForThread(
8844 _In_ PVOID Bcb,
8845 _In_ ERESOURCE_THREAD ResourceThreadId);
8846
8847 NTKERNELAPI
8848 VOID
8849 NTAPI
8850 CcSetAdditionalCacheAttributes(
8851 _In_ PFILE_OBJECT FileObject,
8852 _In_ BOOLEAN DisableReadAhead,
8853 _In_ BOOLEAN DisableWriteBehind);
8854
8855 NTKERNELAPI
8856 BOOLEAN
8857 NTAPI
8858 CcIsThereDirtyData(
8859 _In_ PVPB Vpb);
8860
8861 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
8862
8863 #if (NTDDI_VERSION >= NTDDI_WINXP)
8864
8865 NTKERNELAPI
8866 VOID
8867 NTAPI
8868 CcMdlWriteAbort(
8869 _In_ PFILE_OBJECT FileObject,
8870 _In_ PMDL MdlChain);
8871
8872 NTKERNELAPI
8873 VOID
8874 NTAPI
8875 CcSetLogHandleForFile(
8876 _In_ PFILE_OBJECT FileObject,
8877 _In_ PVOID LogHandle,
8878 _In_ PFLUSH_TO_LSN FlushToLsnRoutine);
8879
8880 NTKERNELAPI
8881 LARGE_INTEGER
8882 NTAPI
8883 CcGetDirtyPages(
8884 _In_ PVOID LogHandle,
8885 _In_ PDIRTY_PAGE_ROUTINE DirtyPageRoutine,
8886 _In_ PVOID Context1,
8887 _In_ PVOID Context2);
8888
8889 #endif
8890
8891 #if (NTDDI_VERSION >= NTDDI_WINXP)
8892 _Success_(return!=FALSE)
8893 NTKERNELAPI
8894 BOOLEAN
8895 NTAPI
8896 CcMapData(
8897 _In_ PFILE_OBJECT FileObject,
8898 _In_ PLARGE_INTEGER FileOffset,
8899 _In_ ULONG Length,
8900 _In_ ULONG Flags,
8901 _Outptr_ PVOID *Bcb,
8902 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8903 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8904 NTKERNELAPI
8905 BOOLEAN
8906 NTAPI
8907 CcMapData(
8908 _In_ PFILE_OBJECT FileObject,
8909 _In_ PLARGE_INTEGER FileOffset,
8910 _In_ ULONG Length,
8911 _In_ BOOLEAN Wait,
8912 _Outptr_ PVOID *Bcb,
8913 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8914 #endif
8915
8916 #if (NTDDI_VERSION >= NTDDI_VISTA)
8917
8918 NTKERNELAPI
8919 NTSTATUS
8920 NTAPI
8921 CcSetFileSizesEx(
8922 _In_ PFILE_OBJECT FileObject,
8923 _In_ PCC_FILE_SIZES FileSizes);
8924
8925 NTKERNELAPI
8926 PFILE_OBJECT
8927 NTAPI
8928 CcGetFileObjectFromSectionPtrsRef(
8929 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer);
8930
8931 NTKERNELAPI
8932 VOID
8933 NTAPI
8934 CcSetParallelFlushFile(
8935 _In_ PFILE_OBJECT FileObject,
8936 _In_ BOOLEAN EnableParallelFlush);
8937
8938 NTKERNELAPI
8939 BOOLEAN
8940 CcIsThereDirtyDataEx(
8941 _In_ PVPB Vpb,
8942 _In_opt_ PULONG NumberOfDirtyPages);
8943
8944 #endif
8945
8946 #if (NTDDI_VERSION >= NTDDI_WIN7)
8947 NTKERNELAPI
8948 VOID
8949 NTAPI
8950 CcCoherencyFlushAndPurgeCache(
8951 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8952 _In_opt_ PLARGE_INTEGER FileOffset,
8953 _In_ ULONG Length,
8954 _Out_ PIO_STATUS_BLOCK IoStatus,
8955 _In_opt_ ULONG Flags);
8956 #endif
8957
8958 #define CcGetFileSizePointer(FO) ( \
8959 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
8960 )
8961
8962 #if (NTDDI_VERSION >= NTDDI_VISTA)
8963 NTKERNELAPI
8964 BOOLEAN
8965 NTAPI
8966 CcPurgeCacheSection(
8967 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8968 _In_opt_ PLARGE_INTEGER FileOffset,
8969 _In_ ULONG Length,
8970 _In_ ULONG Flags);
8971 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8972 NTKERNELAPI
8973 BOOLEAN
8974 NTAPI
8975 CcPurgeCacheSection(
8976 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8977 _In_opt_ PLARGE_INTEGER FileOffset,
8978 _In_ ULONG Length,
8979 _In_ BOOLEAN UninitializeCacheMaps);
8980 #endif
8981
8982 #if (NTDDI_VERSION >= NTDDI_WIN7)
8983 NTKERNELAPI
8984 BOOLEAN
8985 NTAPI
8986 CcCopyWriteWontFlush(
8987 _In_ PFILE_OBJECT FileObject,
8988 _In_ PLARGE_INTEGER FileOffset,
8989 _In_ ULONG Length);
8990 #else
8991 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
8992 #endif
8993
8994 #define CcReadAhead(FO, FOFF, LEN) ( \
8995 if ((LEN) >= 256) { \
8996 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
8997 } \
8998 )
8999 /******************************************************************************
9000 * ZwXxx Functions *
9001 ******************************************************************************/
9002
9003
9004
9005 _IRQL_requires_max_(PASSIVE_LEVEL)
9006 NTSYSAPI
9007 NTSTATUS
9008 NTAPI
9009 ZwQueryEaFile(
9010 _In_ HANDLE FileHandle,
9011 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9012 _Out_writes_bytes_(Length) PVOID Buffer,
9013 _In_ ULONG Length,
9014 _In_ BOOLEAN ReturnSingleEntry,
9015 _In_reads_bytes_opt_(EaListLength) PVOID EaList,
9016 _In_ ULONG EaListLength,
9017 _In_opt_ PULONG EaIndex,
9018 _In_ BOOLEAN RestartScan);
9019
9020 _IRQL_requires_max_(PASSIVE_LEVEL)
9021 NTSYSAPI
9022 NTSTATUS
9023 NTAPI
9024 ZwSetEaFile(
9025 _In_ HANDLE FileHandle,
9026 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9027 _In_reads_bytes_(Length) PVOID Buffer,
9028 _In_ ULONG Length);
9029
9030 _IRQL_requires_max_(PASSIVE_LEVEL)
9031 NTSYSAPI
9032 NTSTATUS
9033 NTAPI
9034 ZwDuplicateToken(
9035 _In_ HANDLE ExistingTokenHandle,
9036 _In_ ACCESS_MASK DesiredAccess,
9037 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
9038 _In_ BOOLEAN EffectiveOnly,
9039 _In_ TOKEN_TYPE TokenType,
9040 _Out_ PHANDLE NewTokenHandle);
9041
9042 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9043
9044 _IRQL_requires_max_(PASSIVE_LEVEL)
9045 NTSYSAPI
9046 NTSTATUS
9047 NTAPI
9048 ZwQueryObject(
9049 _In_opt_ HANDLE Handle,
9050 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
9051 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
9052 _In_ ULONG ObjectInformationLength,
9053 _Out_opt_ PULONG ReturnLength);
9054
9055 _IRQL_requires_max_(PASSIVE_LEVEL)
9056 NTSYSAPI
9057 NTSTATUS
9058 NTAPI
9059 ZwNotifyChangeKey(
9060 _In_ HANDLE KeyHandle,
9061 _In_opt_ HANDLE EventHandle,
9062 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9063 _In_opt_ PVOID ApcContext,
9064 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9065 _In_ ULONG NotifyFilter,
9066 _In_ BOOLEAN WatchSubtree,
9067 _Out_writes_bytes_opt_(BufferLength) PVOID Buffer,
9068 _In_ ULONG BufferLength,
9069 _In_ BOOLEAN Asynchronous);
9070
9071 _IRQL_requires_max_(PASSIVE_LEVEL)
9072 NTSYSAPI
9073 NTSTATUS
9074 NTAPI
9075 ZwCreateEvent(
9076 _Out_ PHANDLE EventHandle,
9077 _In_ ACCESS_MASK DesiredAccess,
9078 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
9079 _In_ EVENT_TYPE EventType,
9080 _In_ BOOLEAN InitialState);
9081
9082 _IRQL_requires_max_(PASSIVE_LEVEL)
9083 NTSYSAPI
9084 NTSTATUS
9085 NTAPI
9086 ZwDeleteFile(
9087 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
9088
9089 _IRQL_requires_max_(PASSIVE_LEVEL)
9090 NTSYSAPI
9091 NTSTATUS
9092 NTAPI
9093 ZwQueryDirectoryFile(
9094 _In_ HANDLE FileHandle,
9095 _In_opt_ HANDLE Event,
9096 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9097 _In_opt_ PVOID ApcContext,
9098 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9099 _Out_writes_bytes_(Length) PVOID FileInformation,
9100 _In_ ULONG Length,
9101 _In_ FILE_INFORMATION_CLASS FileInformationClass,
9102 _In_ BOOLEAN ReturnSingleEntry,
9103 _In_opt_ PUNICODE_STRING FileName,
9104 _In_ BOOLEAN RestartScan);
9105
9106 _IRQL_requires_max_(PASSIVE_LEVEL)
9107 NTSYSAPI
9108 NTSTATUS
9109 NTAPI
9110 ZwSetVolumeInformationFile(
9111 _In_ HANDLE FileHandle,
9112 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9113 _In_reads_bytes_(Length) PVOID FsInformation,
9114 _In_ ULONG Length,
9115 _In_ FS_INFORMATION_CLASS FsInformationClass);
9116
9117 _IRQL_requires_max_(PASSIVE_LEVEL)
9118 NTSYSAPI
9119 NTSTATUS
9120 NTAPI
9121 ZwFsControlFile(
9122 _In_ HANDLE FileHandle,
9123 _In_opt_ HANDLE Event,
9124 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9125 _In_opt_ PVOID ApcContext,
9126 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9127 _In_ ULONG FsControlCode,
9128 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
9129 _In_ ULONG InputBufferLength,
9130 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
9131 _In_ ULONG OutputBufferLength);
9132
9133 _IRQL_requires_max_(PASSIVE_LEVEL)
9134 NTSYSAPI
9135 NTSTATUS
9136 NTAPI
9137 ZwDuplicateObject(
9138 _In_ HANDLE SourceProcessHandle,
9139 _In_ HANDLE SourceHandle,
9140 _In_opt_ HANDLE TargetProcessHandle,
9141 _Out_opt_ PHANDLE TargetHandle,
9142 _In_ ACCESS_MASK DesiredAccess,
9143 _In_ ULONG HandleAttributes,
9144 _In_ ULONG Options);
9145
9146 _IRQL_requires_max_(PASSIVE_LEVEL)
9147 NTSYSAPI
9148 NTSTATUS
9149 NTAPI
9150 ZwOpenDirectoryObject(
9151 _Out_ PHANDLE DirectoryHandle,
9152 _In_ ACCESS_MASK DesiredAccess,
9153 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
9154
9155 _IRQL_requires_max_(PASSIVE_LEVEL)
9156 _When_(return==0, __drv_allocatesMem(Region))
9157 NTSYSAPI
9158 NTSTATUS
9159 NTAPI
9160 ZwAllocateVirtualMemory(
9161 _In_ HANDLE ProcessHandle,
9162 _Inout_ PVOID *BaseAddress,
9163 _In_ ULONG_PTR ZeroBits,
9164 _Inout_ PSIZE_T RegionSize,
9165 _In_ ULONG AllocationType,
9166 _In_ ULONG Protect);
9167
9168 _IRQL_requires_max_(PASSIVE_LEVEL)
9169 _When_(return==0, __drv_freesMem(Region))
9170 NTSYSAPI
9171 NTSTATUS
9172 NTAPI
9173 ZwFreeVirtualMemory(
9174 _In_ HANDLE ProcessHandle,
9175 _Inout_ PVOID *BaseAddress,
9176 _Inout_ PSIZE_T RegionSize,
9177 _In_ ULONG FreeType);
9178
9179 _When_(Timeout == NULL, _IRQL_requires_max_(APC_LEVEL))
9180 _When_(Timeout->QuadPart != 0, _IRQL_requires_max_(APC_LEVEL))
9181 _When_(Timeout->QuadPart == 0, _IRQL_requires_max_(DISPATCH_LEVEL))
9182 NTSYSAPI
9183 NTSTATUS
9184 NTAPI
9185 ZwWaitForSingleObject(
9186 _In_ HANDLE Handle,
9187 _In_ BOOLEAN Alertable,
9188 _In_opt_ PLARGE_INTEGER Timeout);
9189
9190 _IRQL_requires_max_(DISPATCH_LEVEL)
9191 NTSYSAPI
9192 NTSTATUS
9193 NTAPI
9194 ZwSetEvent(
9195 _In_ HANDLE EventHandle,
9196 _Out_opt_ PLONG PreviousState);
9197
9198 _IRQL_requires_max_(APC_LEVEL)
9199 NTSYSAPI
9200 NTSTATUS
9201 NTAPI
9202 ZwFlushVirtualMemory(
9203 _In_ HANDLE ProcessHandle,
9204 _Inout_ PVOID *BaseAddress,
9205 _Inout_ PSIZE_T RegionSize,
9206 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
9207
9208 _IRQL_requires_max_(PASSIVE_LEVEL)
9209 NTSYSAPI
9210 NTSTATUS
9211 NTAPI
9212 ZwQueryInformationToken(
9213 _In_ HANDLE TokenHandle,
9214 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
9215 _Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
9216 _In_ ULONG Length,
9217 _Out_ PULONG ResultLength);
9218
9219 _IRQL_requires_max_(PASSIVE_LEVEL)
9220 NTSYSAPI
9221 NTSTATUS
9222 NTAPI
9223 ZwSetSecurityObject(
9224 _In_ HANDLE Handle,
9225 _In_ SECURITY_INFORMATION SecurityInformation,
9226 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
9227
9228 _IRQL_requires_max_(PASSIVE_LEVEL)
9229 NTSYSAPI
9230 NTSTATUS
9231 NTAPI
9232 ZwQuerySecurityObject(
9233 _In_ HANDLE FileHandle,
9234 _In_ SECURITY_INFORMATION SecurityInformation,
9235 _Out_writes_bytes_to_(Length,*ResultLength) PSECURITY_DESCRIPTOR SecurityDescriptor,
9236 _In_ ULONG Length,
9237 _Out_ PULONG ResultLength);
9238 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
9239
9240 #if (NTDDI_VERSION >= NTDDI_WINXP)
9241
9242 _IRQL_requires_max_(PASSIVE_LEVEL)
9243 NTSYSAPI
9244 NTSTATUS
9245 NTAPI
9246 ZwOpenProcessTokenEx(
9247 _In_ HANDLE ProcessHandle,
9248 _In_ ACCESS_MASK DesiredAccess,
9249 _In_ ULONG HandleAttributes,
9250 _Out_ PHANDLE TokenHandle);
9251
9252 _IRQL_requires_max_(PASSIVE_LEVEL)
9253 NTSYSAPI
9254 NTSTATUS
9255 NTAPI
9256 ZwOpenThreadTokenEx(
9257 _In_ HANDLE ThreadHandle,
9258 _In_ ACCESS_MASK DesiredAccess,
9259 _In_ BOOLEAN OpenAsSelf,
9260 _In_ ULONG HandleAttributes,
9261 _Out_ PHANDLE TokenHandle);
9262
9263 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
9264
9265 #if (NTDDI_VERSION >= NTDDI_VISTA)
9266
9267 _IRQL_requires_max_(PASSIVE_LEVEL)
9268 NTSYSAPI
9269 NTSTATUS
9270 NTAPI
9271 ZwLockFile(
9272 _In_ HANDLE FileHandle,
9273 _In_opt_ HANDLE Event,
9274 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9275 _In_opt_ PVOID ApcContext,
9276 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9277 _In_ PLARGE_INTEGER ByteOffset,
9278 _In_ PLARGE_INTEGER Length,
9279 _In_ ULONG Key,
9280 _In_ BOOLEAN FailImmediately,
9281 _In_ BOOLEAN ExclusiveLock);
9282
9283 _IRQL_requires_max_(PASSIVE_LEVEL)
9284 NTSYSAPI
9285 NTSTATUS
9286 NTAPI
9287 ZwUnlockFile(
9288 _In_ HANDLE FileHandle,
9289 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9290 _In_ PLARGE_INTEGER ByteOffset,
9291 _In_ PLARGE_INTEGER Length,
9292 _In_ ULONG Key);
9293
9294 _IRQL_requires_max_(PASSIVE_LEVEL)
9295 NTSYSAPI
9296 NTSTATUS
9297 NTAPI
9298 ZwQueryQuotaInformationFile(
9299 _In_ HANDLE FileHandle,
9300 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9301 _Out_writes_bytes_(Length) PVOID Buffer,
9302 _In_ ULONG Length,
9303 _In_ BOOLEAN ReturnSingleEntry,
9304 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
9305 _In_ ULONG SidListLength,
9306 _In_opt_ PSID StartSid,
9307 _In_ BOOLEAN RestartScan);
9308
9309 _IRQL_requires_max_(PASSIVE_LEVEL)
9310 NTSYSAPI
9311 NTSTATUS
9312 NTAPI
9313 ZwSetQuotaInformationFile(
9314 _In_ HANDLE FileHandle,
9315 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9316 _In_reads_bytes_(Length) PVOID Buffer,
9317 _In_ ULONG Length);
9318
9319 _IRQL_requires_max_(PASSIVE_LEVEL)
9320 NTSYSAPI
9321 NTSTATUS
9322 NTAPI
9323 ZwFlushBuffersFile(
9324 _In_ HANDLE FileHandle,
9325 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
9326 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
9327 #if (NTDDI_VERSION >= NTDDI_WIN7)
9328
9329 _IRQL_requires_max_(PASSIVE_LEVEL)
9330 NTSYSAPI
9331 NTSTATUS
9332 NTAPI
9333 ZwSetInformationToken(
9334 _In_ HANDLE TokenHandle,
9335 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
9336 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
9337 _In_ ULONG TokenInformationLength);
9338 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
9339
9340 #ifndef __SSPI_H__
9341 #define __SSPI_H__
9342
9343 // for ntifs.h:
9344 #define ISSP_LEVEL 32
9345 #define ISSP_MODE 0
9346
9347 #ifdef MIDL_PASS
9348 #define MIDL_PROP(x) x
9349 #else
9350 #define MIDL_PROP(x)
9351 #endif
9352
9353 #define SEC_TEXT TEXT
9354 #define SEC_FAR
9355 #define SEC_ENTRY __stdcall
9356
9357 #if defined(_NO_KSECDD_IMPORT_)
9358 #define KSECDDDECLSPEC
9359 #else
9360 #define KSECDDDECLSPEC __declspec(dllimport)
9361 #endif
9362
9363 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
9364 #define SECQOP_WRAP_OOB_DATA 0x40000000
9365
9366 #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")
9367 #define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW
9368
9369 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
9370 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2
9371 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3
9372 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4
9373
9374 #define SECURITY_NATIVE_DREP 0x00000010
9375 #define SECURITY_NETWORK_DREP 0x00000000
9376
9377 #define SECPKG_ID_NONE 0xFFFF
9378
9379 #define SECPKG_CRED_ATTR_NAMES 1
9380 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
9381
9382 #define SECPKG_ATTR_SIZES 0
9383 #define SECPKG_ATTR_NAMES 1
9384 #define SECPKG_ATTR_LIFESPAN 2
9385 #define SECPKG_ATTR_DCE_INFO 3
9386 #define SECPKG_ATTR_STREAM_SIZES 4
9387 #define SECPKG_ATTR_KEY_INFO 5
9388 #define SECPKG_ATTR_AUTHORITY 6
9389 #define SECPKG_ATTR_PROTO_INFO 7
9390 #define SECPKG_ATTR_PASSWORD_EXPIRY 8
9391 #define SECPKG_ATTR_SESSION_KEY 9
9392 #define SECPKG_ATTR_PACKAGE_INFO 10
9393 #define SECPKG_ATTR_USER_FLAGS 11
9394 #define SECPKG_ATTR_NEGOTIATION_INFO 12
9395 #define SECPKG_ATTR_NATIVE_NAMES 13
9396 #define SECPKG_ATTR_FLAGS 14
9397 #define SECPKG_ATTR_USE_VALIDATED 15
9398 #define SECPKG_ATTR_CREDENTIAL_NAME 16
9399 #define SECPKG_ATTR_TARGET_INFORMATION 17
9400 #define SECPKG_ATTR_ACCESS_TOKEN 18
9401 #define SECPKG_ATTR_TARGET 19
9402 #define SECPKG_ATTR_AUTHENTICATION_ID 20
9403 #define SECPKG_ATTR_LOGOFF_TIME 21
9404 #define SECPKG_ATTR_NEGO_KEYS 22
9405 #define SECPKG_ATTR_PROMPTING_NEEDED 24
9406 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
9407 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
9408 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
9409 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
9410 #define SECPKG_ATTR_NEGO_PKG_INFO 31
9411 #define SECPKG_ATTR_NEGO_STATUS 32
9412 #define SECPKG_ATTR_CONTEXT_DELETED 33
9413
9414 #define SECPKG_FLAG_INTEGRITY 0x00000001
9415 #define SECPKG_FLAG_PRIVACY 0x00000002
9416 #define SECPKG_FLAG_TOKEN_ONLY 0x00000004
9417 #define SECPKG_FLAG_DATAGRAM 0x00000008
9418 #define SECPKG_FLAG_CONNECTION 0x00000010
9419 #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
9420 #define SECPKG_FLAG_CLIENT_ONLY 0x00000040
9421 #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
9422 #define SECPKG_FLAG_IMPERSONATION 0x00000100
9423 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
9424 #define SECPKG_FLAG_STREAM 0x00000400
9425 #define SECPKG_FLAG_NEGOTIABLE 0x00000800
9426 #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
9427 #define SECPKG_FLAG_LOGON 0x00002000
9428 #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
9429 #define SECPKG_FLAG_FRAGMENT 0x00008000
9430 #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
9431 #define SECPKG_FLAG_DELEGATION 0x00020000
9432 #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
9433 #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
9434 #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
9435 #define SECPKG_FLAG_NEGOTIABLE2 0x00200000
9436
9437 #define SECPKG_CRED_INBOUND 0x00000001
9438 #define SECPKG_CRED_OUTBOUND 0x00000002
9439 #define SECPKG_CRED_BOTH 0x00000003
9440 #define SECPKG_CRED_DEFAULT 0x00000004
9441 #define SECPKG_CRED_RESERVED 0xF0000000
9442 #define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
9443 #define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
9444
9445 #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001
9446 #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002
9447 #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004
9448
9449 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
9450 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
9451 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
9452
9453 #define SecPkgContext_NativeNames SecPkgContext_NativeNamesW
9454 #define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW
9455
9456 #define SECBUFFER_VERSION 0
9457
9458 #define SECBUFFER_EMPTY 0
9459 #define SECBUFFER_DATA 1
9460 #define SECBUFFER_TOKEN 2
9461 #define SECBUFFER_PKG_PARAMS 3
9462 #define SECBUFFER_MISSING 4
9463 #define SECBUFFER_EXTRA 5
9464 #define SECBUFFER_STREAM_TRAILER 6
9465 #define SECBUFFER_STREAM_HEADER 7
9466 #define SECBUFFER_NEGOTIATION_INFO 8
9467 #define SECBUFFER_PADDING 9
9468 #define SECBUFFER_STREAM 10
9469 #define SECBUFFER_MECHLIST 11
9470 #define SECBUFFER_MECHLIST_SIGNATURE 12
9471 #define SECBUFFER_TARGET 13
9472 #define SECBUFFER_CHANNEL_BINDINGS 14
9473 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
9474 #define SECBUFFER_TARGET_HOST 16
9475 #define SECBUFFER_ALERT 17
9476
9477 #define SECBUFFER_ATTRMASK 0xF0000000
9478 #define SECBUFFER_READONLY 0x80000000
9479 #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
9480 #define SECBUFFER_RESERVED 0x60000000
9481
9482 #define ISC_REQ_DELEGATE 0x00000001
9483 #define ISC_REQ_MUTUAL_AUTH 0x00000002
9484 #define ISC_REQ_REPLAY_DETECT 0x00000004
9485 #define ISC_REQ_SEQUENCE_DETECT 0x00000008
9486 #define ISC_REQ_CONFIDENTIALITY 0x00000010
9487 #define ISC_REQ_USE_SESSION_KEY 0x00000020
9488 #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
9489 #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
9490 #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
9491 #define ISC_REQ_USE_DCE_STYLE 0x00000200
9492 #define ISC_REQ_DATAGRAM 0x00000400
9493 #define ISC_REQ_CONNECTION 0x00000800
9494 #define ISC_REQ_CALL_LEVEL 0x00001000
9495 #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
9496 #define ISC_REQ_EXTENDED_ERROR 0x00004000
9497 #define ISC_REQ_STREAM 0x00008000
9498 #define ISC_REQ_INTEGRITY 0x00010000
9499 #define ISC_REQ_IDENTIFY 0x00020000
9500 #define ISC_REQ_NULL_SESSION 0x00040000
9501 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
9502 #define ISC_REQ_RESERVED1 0x00100000
9503 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
9504 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
9505 #define ISC_REQ_NO_INTEGRITY 0x00800000
9506 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
9507
9508 #define ISC_RET_DELEGATE 0x00000001
9509 #define ISC_RET_MUTUAL_AUTH 0x00000002
9510 #define ISC_RET_REPLAY_DETECT 0x00000004
9511 #define ISC_RET_SEQUENCE_DETECT 0x00000008
9512 #define ISC_RET_CONFIDENTIALITY 0x00000010
9513 #define ISC_RET_USE_SESSION_KEY 0x00000020
9514 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
9515 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
9516 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
9517 #define ISC_RET_USED_DCE_STYLE 0x00000200
9518 #define ISC_RET_DATAGRAM 0x00000400
9519 #define ISC_RET_CONNECTION 0x00000800
9520 #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
9521 #define ISC_RET_CALL_LEVEL 0x00002000
9522 #define ISC_RET_EXTENDED_ERROR 0x00004000
9523 #define ISC_RET_STREAM 0x00008000
9524 #define ISC_RET_INTEGRITY 0x00010000
9525 #define ISC_RET_IDENTIFY 0x00020000
9526 #define ISC_RET_NULL_SESSION 0x00040000
9527 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
9528 #define ISC_RET_RESERVED1 0x00100000
9529 #define ISC_RET_FRAGMENT_ONLY 0x00200000
9530 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
9531 #define ISC_RET_USED_HTTP_STYLE 0x01000000
9532 #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9533 #define ISC_RET_REAUTHENTICATION 0x08000000
9534
9535 #define ASC_REQ_DELEGATE 0x00000001
9536 #define ASC_REQ_MUTUAL_AUTH 0x00000002
9537 #define ASC_REQ_REPLAY_DETECT 0x00000004
9538 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
9539 #define ASC_REQ_CONFIDENTIALITY 0x00000010
9540 #define ASC_REQ_USE_SESSION_KEY 0x00000020
9541 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
9542 #define ASC_REQ_USE_DCE_STYLE 0x00000200
9543 #define ASC_REQ_DATAGRAM 0x00000400
9544 #define ASC_REQ_CONNECTION 0x00000800
9545 #define ASC_REQ_CALL_LEVEL 0x00001000
9546 #define ASC_REQ_EXTENDED_ERROR 0x00008000
9547 #define ASC_REQ_STREAM 0x00010000
9548 #define ASC_REQ_INTEGRITY 0x00020000
9549 #define ASC_REQ_LICENSING 0x00040000
9550 #define ASC_REQ_IDENTIFY 0x00080000
9551 #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
9552 #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
9553 #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
9554 #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
9555 #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
9556 #define ASC_REQ_NO_TOKEN 0x01000000
9557 #define ASC_REQ_PROXY_BINDINGS 0x04000000
9558 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9559
9560 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
9561 #define ASC_RET_DELEGATE 0x00000001
9562 #define ASC_RET_MUTUAL_AUTH 0x00000002
9563 #define ASC_RET_REPLAY_DETECT 0x00000004
9564 #define ASC_RET_SEQUENCE_DETECT 0x00000008
9565 #define ASC_RET_CONFIDENTIALITY 0x00000010
9566 #define ASC_RET_USE_SESSION_KEY 0x00000020
9567 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
9568 #define ASC_RET_USED_DCE_STYLE 0x00000200
9569 #define ASC_RET_DATAGRAM 0x00000400
9570 #define ASC_RET_CONNECTION 0x00000800
9571 #define ASC_RET_CALL_LEVEL 0x00002000
9572 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
9573 #define ASC_RET_EXTENDED_ERROR 0x00008000
9574 #define ASC_RET_STREAM 0x00010000
9575 #define ASC_RET_INTEGRITY 0x00020000
9576 #define ASC_RET_LICENSING 0x00040000
9577 #define ASC_RET_IDENTIFY 0x00080000
9578 #define ASC_RET_NULL_SESSION 0x00100000
9579 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
9580 #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
9581 #define ASC_RET_FRAGMENT_ONLY 0x00800000
9582 #define ASC_RET_NO_TOKEN 0x01000000
9583 #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9584 #define ASC_RET_NO_PROXY_BINDINGS 0x04000000
9585 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9586 #define ASC_RET_MISSING_BINDINGS 0x10000000
9587
9588 #define SEC_DELETED_HANDLE ((ULONG_PTR)(-2))
9589
9590 #define SecInvalidateHandle(x) \
9591 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1));
9592
9593 #define SecIsValidHandle(x) \
9594 ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \
9595 ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) )
9596
9597 typedef WCHAR SEC_WCHAR;
9598 typedef CHAR SEC_CHAR;
9599 typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER;
9600 typedef SECURITY_INTEGER TimeStamp, *PTimeStamp;
9601 typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;
9602 #if ISSP_MODE == 0
9603 #define PSSPI_SEC_STRING PSECURITY_STRING
9604 #else
9605 #define PSSPI_SEC_STRING SEC_WCHAR*
9606 #endif
9607
9608 typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE;
9609
9610 #ifndef __SECSTATUS_DEFINED__
9611 typedef LONG SECURITY_STATUS;
9612 #define __SECSTATUS_DEFINED__
9613 #endif
9614
9615 typedef enum _SECPKG_CRED_CLASS
9616 {
9617 SecPkgCredClass_None = 0,
9618 SecPkgCredClass_Ephemeral = 10,
9619 SecPkgCredClass_PersistedGeneric = 20,
9620 SecPkgCredClass_PersistedSpecific = 30,
9621 SecPkgCredClass_Explicit = 40,
9622 } SECPKG_CRED_CLASS, *PSECPKG_CRED_CLASS;
9623
9624 typedef struct _SEC_NEGOTIATION_INFO
9625 {
9626 ULONG Size;
9627 ULONG NameLength;
9628 SEC_WCHAR *Name;
9629 PVOID Reserved;
9630 } SEC_NEGOTIATION_INFO, *PSEC_NEGOTIATION_INFO;
9631
9632 typedef struct _SEC_CHANNEL_BINDINGS
9633 {
9634 ULONG dwInitiatorAddrType;
9635 ULONG cbInitiatorLength;
9636 ULONG dwInitiatorOffset;
9637 ULONG dwAcceptorAddrType;
9638 ULONG cbAcceptorLength;
9639 ULONG dwAcceptorOffset;
9640 ULONG cbApplicationDataLength;
9641 ULONG dwApplicationDataOffset;
9642 } SEC_CHANNEL_BINDINGS, *PSEC_CHANNEL_BINDINGS;
9643
9644 #ifndef _AUTH_IDENTITY_EX2_DEFINED
9645 #define _AUTH_IDENTITY_EX2_DEFINED
9646 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2
9647 {
9648 ULONG Version;
9649 USHORT cbHeaderLength;
9650 ULONG cbStructureLength;
9651 ULONG UserOffset;
9652 USHORT UserLength;
9653 ULONG DomainOffset;
9654 USHORT DomainLength;
9655 ULONG PackedCredentialsOffset;
9656 USHORT PackedCredentialsLength;
9657 ULONG Flags;
9658 ULONG PackageListOffset;
9659 USHORT PackageListLength;
9660 } SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2;
9661 #define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
9662 #endif
9663
9664 #ifndef _AUTH_IDENTITY_DEFINED
9665 #define _AUTH_IDENTITY_DEFINED
9666 typedef struct _SEC_WINNT_AUTH_IDENTITY_W
9667 {
9668 PUSHORT User;
9669 ULONG UserLength;
9670 PUSHORT Domain;
9671 ULONG DomainLength;
9672 PUSHORT Password;
9673 ULONG PasswordLength;
9674 ULONG Flags;
9675 } SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
9676 #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
9677 #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
9678 #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
9679 #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
9680 #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W
9681 #endif
9682
9683 #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
9684 #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
9685 typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW
9686 {
9687 ULONG Version;
9688 ULONG Length;
9689 PUSHORT User;
9690 ULONG UserLength;
9691 PUSHORT Domain;
9692 ULONG DomainLength;
9693 PUSHORT Password;
9694 ULONG PasswordLength;
9695 ULONG Flags;
9696 PUSHORT PackageList;
9697 ULONG PackageListLength;
9698 } SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
9699 #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
9700 #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
9701 #endif
9702
9703 #ifndef __SECHANDLE_DEFINED__
9704 typedef struct _SecHandle
9705 {
9706 ULONG_PTR dwLower;
9707 ULONG_PTR dwUpper;
9708 } SecHandle, *PSecHandle;
9709 #define __SECHANDLE_DEFINED__
9710 #endif
9711
9712 typedef SecHandle CredHandle, *PCredHandle, CtxtHandle, *PCtxtHandle;
9713
9714 typedef struct _SecBuffer
9715 {
9716 ULONG cbBuffer;
9717 ULONG BufferType;
9718 #ifdef MIDL_PASS
9719 MIDL_PROP([size_is(cbBuffer)]) PCHAR pvBuffer;
9720 #else
9721 __field_bcount(cbBuffer) void SEC_FAR *pvBuffer;
9722 #endif
9723 } SecBuffer, *PSecBuffer;
9724
9725 typedef struct _SecBufferDesc
9726 {
9727 ULONG ulVersion;
9728 ULONG cBuffers;
9729 MIDL_PROP([size_is(cBuffers)]) __field_ecount(cBuffers) PSecBuffer pBuffers;
9730 } SecBufferDesc, SEC_FAR *PSecBufferDesc;
9731
9732 typedef struct _SecPkgInfoW
9733 {
9734 ULONG fCapabilities;
9735 USHORT wVersion;
9736 USHORT wRPCID;
9737 ULONG cbMaxToken;
9738 MIDL_PROP([string]) SEC_WCHAR *Name;
9739 MIDL_PROP([string]) SEC_WCHAR *Comment;
9740 } SecPkgInfoW, *PSecPkgInfoW;
9741 #define SecPkgInfo SecPkgInfoW
9742 #define PSecPkgInfo PSecPkgInfoW
9743
9744 typedef struct _SecPkgCredentials_NamesW
9745 {
9746 MIDL_PROP([string]) SEC_WCHAR *sUserName;
9747 } SecPkgCredentials_NamesW, *PSecPkgCredentials_NamesW;
9748 #define SecPkgCredentials_Names SecPkgCredentials_NamesW
9749 #define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
9750
9751 typedef struct _SecPkgContext_NamesW
9752 {
9753 SEC_WCHAR *sUserName;
9754 } SecPkgContext_NamesW, *PSecPkgContext_NamesW;
9755 #define SecPkgContext_Names SecPkgContext_NamesW
9756 #define PSecPkgContext_Names PSecPkgContext_NamesW
9757
9758 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
9759 typedef struct _SecPkgContext_CredentialNameW
9760 {
9761 ULONG CredentialType;
9762 SEC_WCHAR *sCredentialName;
9763 } SecPkgContext_CredentialNameW, *PSecPkgContext_CredentialNameW;
9764 #endif
9765 #define SecPkgContext_CredentialName SecPkgContext_CredentialNameW
9766 #define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW
9767
9768 typedef struct _SecPkgContext_SubjectAttributes
9769 {
9770 PVOID AttributeInfo;
9771 } SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes;
9772
9773 typedef struct _SecPkgContext_CredInfo
9774 {
9775 SECPKG_CRED_CLASS CredClass;
9776 ULONG IsPromptingNeeded;
9777 } SecPkgContext_CredInfo, *PSecPkgContext_CredInfo;
9778
9779 typedef struct _SecPkgContext_NegoPackageInfo
9780 {
9781 ULONG PackageMask;
9782 } SecPkgContext_NegoPackageInfo, *PSecPkgContext_NegoPackageInfo;
9783
9784 typedef struct _SecPkgContext_NegoStatus
9785 {
9786 ULONG LastStatus;
9787 } SecPkgContext_NegoStatus, *PSecPkgContext_NegoStatus;
9788
9789 typedef struct _SecPkgContext_Sizes
9790 {
9791 ULONG cbMaxToken;
9792 ULONG cbMaxSignature;
9793 ULONG cbBlockSize;
9794 ULONG cbSecurityTrailer;
9795 } SecPkgContext_Sizes, *PSecPkgContext_Sizes;
9796
9797 typedef struct _SecPkgContext_StreamSizes
9798 {
9799 ULONG cbHeader;
9800 ULONG cbTrailer;
9801 ULONG cbMaximumMessage;
9802 ULONG cBuffers;
9803 ULONG cbBlockSize;
9804 } SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes;
9805
9806 typedef struct _SecPkgContext_Lifespan
9807 {
9808 TimeStamp tsStart;
9809 TimeStamp tsExpiry;
9810 } SecPkgContext_Lifespan, *PSecPkgContext_Lifespan;
9811
9812 typedef struct _SecPkgContext_PasswordExpiry
9813 {
9814 TimeStamp tsPasswordExpires;
9815 } SecPkgContext_PasswordExpiry, *PSecPkgContext_PasswordExpiry;
9816
9817 typedef struct _SecPkgContext_ProtoInfoW
9818 {
9819 SEC_WCHAR *sProtocolName;
9820 ULONG majorVersion;
9821 ULONG minorVersion;
9822 } SecPkgContext_ProtoInfoW, *PSecPkgContext_ProtoInfoW;
9823 #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW
9824 #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW
9825
9826 typedef struct _SecPkgContext_KeyInfoW
9827 {
9828 SEC_WCHAR *sSignatureAlgorithmName;
9829 SEC_WCHAR *sEncryptAlgorithmName;
9830 ULONG KeySize;
9831 ULONG SignatureAlgorithm;
9832 ULONG EncryptAlgorithm;
9833 } SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW;
9834 #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW
9835 #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW
9836
9837 typedef struct _SecPkgContext_SessionKey
9838 {
9839 ULONG SessionKeyLength;
9840 __field_bcount(SessionKeyLength) PUCHAR SessionKey;
9841 } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
9842
9843 typedef struct _SecPkgContext_NegoKeys
9844 {
9845 ULONG KeyType;
9846 USHORT KeyLength;
9847 __field_bcount(KeyLength) PUCHAR KeyValue;
9848 ULONG VerifyKeyType;
9849 USHORT VerifyKeyLength;
9850 __field_bcount(VerifyKeyLength) PUCHAR VerifyKeyValue;
9851 } SecPkgContext_NegoKeys, *PSecPkgContext_NegoKeys;
9852
9853 typedef struct _SecPkgContext_DceInfo
9854 {
9855 ULONG AuthzSvc;
9856 PVOID pPac;
9857 } SecPkgContext_DceInfo, *PSecPkgContext_DceInfo;
9858
9859 typedef struct _SecPkgContext_PackageInfoW
9860 {
9861 PSecPkgInfoW PackageInfo;
9862 } SecPkgContext_PackageInfoW, *PSecPkgContext_PackageInfoW;
9863 #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
9864 #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW
9865
9866 typedef struct _SecPkgContext_UserFlags
9867 {
9868 ULONG UserFlags;
9869 } SecPkgContext_UserFlags, *PSecPkgContext_UserFlags;
9870
9871 typedef struct _SecPkgContext_Flags
9872 {
9873 ULONG Flags;
9874 } SecPkgContext_Flags, *PSecPkgContext_Flags;
9875
9876 typedef struct _SecPkgContext_NegotiationInfoW
9877 {
9878 PSecPkgInfoW PackageInfo ;
9879 ULONG NegotiationState ;
9880 } SecPkgContext_NegotiationInfoW, *PSecPkgContext_NegotiationInfoW;
9881
9882 typedef struct _SecPkgContext_AuthorityW
9883 {
9884 SEC_WCHAR *sAuthorityName;
9885 } SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW;
9886 #define SecPkgContext_Authority SecPkgContext_AuthorityW
9887 #define PSecPkgContext_Authority PSecPkgContext_AuthorityW
9888
9889
9890 #if NTDDI_VERSION > NTDDI_WS03
9891 typedef struct _SecPkgCredentials_SSIProviderW
9892 {
9893 SEC_WCHAR *sProviderName;
9894 ULONG ProviderInfoLength;
9895 PCHAR ProviderInfo;
9896 } SecPkgCredentials_SSIProviderW, *PSecPkgCredentials_SSIProviderW;
9897 #define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
9898 #define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
9899
9900 typedef struct _SecPkgContext_LogoffTime
9901 {
9902 TimeStamp tsLogoffTime;
9903 } SecPkgContext_LogoffTime, *PSecPkgContext_LogoffTime;
9904 #endif
9905
9906 /* forward declaration */
9907 typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW, *PSecurityFunctionTableW;
9908 #define SecurityFunctionTable SecurityFunctionTableW
9909 #define PSecurityFunctionTable PSecurityFunctionTableW
9910
9911 typedef
9912 VOID
9913 (SEC_ENTRY * SEC_GET_KEY_FN)(
9914 PVOID Arg,
9915 PVOID Principal,
9916 ULONG KeyVer,
9917 PVOID *Key,
9918 SECURITY_STATUS *Status);
9919
9920 KSECDDDECLSPEC
9921 SECURITY_STATUS
9922 SEC_ENTRY
9923 AcceptSecurityContext(
9924 _In_opt_ PCredHandle phCredential,
9925 _In_opt_ PCtxtHandle phContext,
9926 _In_opt_ PSecBufferDesc pInput,
9927 _In_ ULONG fContextReq,
9928 _In_ ULONG TargetDataRep,
9929 _In_opt_ PCtxtHandle phNewContext,
9930 _In_opt_ PSecBufferDesc pOutput,
9931 _Out_ PULONG pfContextAttr,
9932 _Out_opt_ PTimeStamp ptsExpiry);
9933
9934 typedef
9935 SECURITY_STATUS
9936 (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
9937 PCredHandle,
9938 PCtxtHandle,
9939 PSecBufferDesc,
9940 ULONG,
9941 ULONG,
9942 PCtxtHandle,
9943 PSecBufferDesc,
9944 PULONG,
9945 PTimeStamp);
9946
9947 KSECDDDECLSPEC
9948 SECURITY_STATUS
9949 SEC_ENTRY
9950 AcquireCredentialsHandleW(
9951 _In_opt_ PSSPI_SEC_STRING pPrincipal,
9952 _In_ PSSPI_SEC_STRING pPackage,
9953 _In_ ULONG fCredentialUse,
9954 _In_opt_ PVOID pvLogonId,
9955 _In_opt_ PVOID pAuthData,
9956 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
9957 _In_opt_ PVOID pvGetKeyArgument,
9958 _Out_ PCredHandle phCredential,
9959 _Out_opt_ PTimeStamp ptsExpiry);
9960 #define AcquireCredentialsHandle AcquireCredentialsHandleW
9961
9962 typedef
9963 SECURITY_STATUS
9964 (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
9965 PSSPI_SEC_STRING,
9966 PSSPI_SEC_STRING,
9967 ULONG,
9968 PVOID,
9969 PVOID,
9970 SEC_GET_KEY_FN,
9971 PVOID,
9972 PCredHandle,
9973 PTimeStamp);
9974 #define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
9975
9976 SECURITY_STATUS
9977 SEC_ENTRY
9978 AddCredentialsA(
9979 _In_ PCredHandle hCredentials,
9980 _In_opt_ LPSTR pszPrincipal,
9981 _In_ LPSTR pszPackage,
9982 _In_ ULONG fCredentialUse,
9983 _In_opt_ PVOID pAuthData,
9984 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
9985 _In_opt_ PVOID pvGetKeyArgument,
9986 _Out_opt_ PTimeStamp ptsExpiry);
9987
9988 typedef
9989 SECURITY_STATUS
9990 (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(
9991 PCredHandle,
9992 SEC_CHAR *,
9993 SEC_CHAR *,
9994 ULONG,
9995 PVOID,
9996 SEC_GET_KEY_FN,
9997 PVOID,
9998 PTimeStamp);
9999
10000 KSECDDDECLSPEC
10001 SECURITY_STATUS
10002 SEC_ENTRY
10003 AddCredentialsW(
10004 _In_ PCredHandle hCredentials,
10005 _In_opt_ PSSPI_SEC_STRING pPrincipal,
10006 _In_ PSSPI_SEC_STRING pPackage,
10007 _In_ ULONG fCredentialUse,
10008 _In_opt_ PVOID pAuthData,
10009 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
10010 _In_opt_ PVOID pvGetKeyArgument,
10011 _Out_opt_ PTimeStamp ptsExpiry);
10012
10013 typedef
10014 SECURITY_STATUS
10015 (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(
10016 PCredHandle,
10017 PSSPI_SEC_STRING,
10018 PSSPI_SEC_STRING,
10019 ULONG,
10020 PVOID,
10021 SEC_GET_KEY_FN,
10022 PVOID,
10023 PTimeStamp);
10024
10025 #ifdef UNICODE
10026 #define AddCredentials AddCredentialsW
10027 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
10028 #else
10029 #define AddCredentials AddCredentialsA
10030 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
10031 #endif
10032
10033 KSECDDDECLSPEC
10034 SECURITY_STATUS
10035 SEC_ENTRY
10036 ApplyControlToken(
10037 _In_ PCtxtHandle phContext,
10038 _In_ PSecBufferDesc pInput);
10039
10040 typedef
10041 SECURITY_STATUS
10042 (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
10043 PCtxtHandle, PSecBufferDesc);
10044
10045 #if (ISSP_MODE != 0)
10046
10047 SECURITY_STATUS
10048 SEC_ENTRY
10049 ChangeAccountPasswordA(
10050 _In_ SEC_CHAR* pszPackageName,
10051 _In_ SEC_CHAR* pszDomainName,
10052 _In_ SEC_CHAR* pszAccountName,
10053 _In_ SEC_CHAR* pszOldPassword,
10054 _In_ SEC_CHAR* pszNewPassword,
10055 _In_ BOOLEAN bImpersonating,
10056 _In_ ULONG dwReserved,
10057 _Inout_ PSecBufferDesc pOutput);
10058
10059 typedef
10060 SECURITY_STATUS
10061 (SEC_ENTRY * CHANGE_PASSWORD_FN_A)(
10062 SEC_CHAR *,
10063 SEC_CHAR *,
10064 SEC_CHAR *,
10065 SEC_CHAR *,
10066 SEC_CHAR *,
10067 BOOLEAN,
10068 ULONG,
10069 PSecBufferDesc);
10070
10071 SECURITY_STATUS
10072 SEC_ENTRY
10073 ChangeAccountPasswordW(
10074 _In_ SEC_WCHAR* pszPackageName,
10075 _In_ SEC_WCHAR* pszDomainName,
10076 _In_ SEC_WCHAR* pszAccountName,
10077 _In_ SEC_WCHAR* pszOldPassword,
10078 _In_ SEC_WCHAR* pszNewPassword,
10079 _In_ BOOLEAN bImpersonating,
10080 _In_ ULONG dwReserved,
10081 _Inout_ PSecBufferDesc pOutput);
10082
10083 typedef
10084 SECURITY_STATUS
10085 (SEC_ENTRY * CHANGE_PASSWORD_FN_W)(
10086 SEC_WCHAR *,
10087 SEC_WCHAR *,
10088 SEC_WCHAR *,
10089 SEC_WCHAR *,
10090 SEC_WCHAR *,
10091 BOOLEAN,
10092 ULONG,
10093 PSecBufferDesc);
10094
10095 #ifdef UNICODE
10096 #define ChangeAccountPassword ChangeAccountPasswordW
10097 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W
10098 #else
10099 #define ChangeAccountPassword ChangeAccountPasswordA
10100 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A
10101 #endif
10102
10103 #endif /* ISSP_MODE != 0 */
10104
10105 SECURITY_STATUS
10106 SEC_ENTRY
10107 CompleteAuthToken(
10108 _In_ PCtxtHandle phContext,
10109 _In_ PSecBufferDesc pToken);
10110
10111 typedef
10112 SECURITY_STATUS
10113 (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
10114 PCtxtHandle,
10115 PSecBufferDesc);
10116
10117 SECURITY_STATUS
10118 SEC_ENTRY
10119 DecryptMessage(
10120 _In_ PCtxtHandle phContext,
10121 _Inout_ PSecBufferDesc pMessage,
10122 _In_ ULONG MessageSeqNo,
10123 _Out_opt_ PULONG pfQOP);
10124
10125 typedef
10126 SECURITY_STATUS
10127 (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
10128 PCtxtHandle,
10129 PSecBufferDesc,
10130 ULONG,
10131 PULONG);
10132
10133 KSECDDDECLSPEC
10134 SECURITY_STATUS
10135 SEC_ENTRY
10136 DeleteSecurityContext(
10137 _In_ PCtxtHandle phContext);
10138
10139 typedef
10140 SECURITY_STATUS
10141 (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
10142 PCtxtHandle);
10143
10144 SECURITY_STATUS
10145 SEC_ENTRY
10146 EncryptMessage(
10147 _In_ PCtxtHandle phContext,
10148 _In_ ULONG fQOP,
10149 _Inout_ PSecBufferDesc pMessage,
10150 _In_ ULONG MessageSeqNo);
10151
10152 typedef
10153 SECURITY_STATUS
10154 (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
10155 PCtxtHandle,
10156 ULONG,
10157 PSecBufferDesc,
10158 ULONG);
10159
10160 KSECDDDECLSPEC
10161 SECURITY_STATUS
10162 SEC_ENTRY
10163 EnumerateSecurityPackagesW(
10164 _Out_ PULONG pcPackages,
10165 _Deref_out_ PSecPkgInfoW* ppPackageInfo);
10166 #define EnumerateSecurityPackages EnumerateSecurityPackagesW
10167
10168 typedef
10169 SECURITY_STATUS
10170 (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
10171 PULONG,
10172 PSecPkgInfoW*);
10173 #define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
10174
10175 KSECDDDECLSPEC
10176 SECURITY_STATUS
10177 SEC_ENTRY
10178 ExportSecurityContext(
10179 _In_ PCtxtHandle phContext,
10180 _In_ ULONG fFlags,
10181 _Out_ PSecBuffer pPackedContext,
10182 _Out_ PVOID* pToken);
10183
10184 typedef
10185 SECURITY_STATUS
10186 (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
10187 PCtxtHandle,
10188 ULONG,
10189 PSecBuffer,
10190 PVOID*);
10191
10192 SECURITY_STATUS
10193 SEC_ENTRY
10194 FreeContextBuffer(
10195 _Inout_ PVOID pvContextBuffer);
10196
10197 typedef
10198 SECURITY_STATUS
10199 (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
10200 _Inout_ PVOID);
10201
10202 KSECDDDECLSPEC
10203 SECURITY_STATUS
10204 SEC_ENTRY
10205 FreeCredentialsHandle(
10206 _In_ PCredHandle phCredential);
10207
10208 typedef
10209 SECURITY_STATUS
10210 (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
10211 PCredHandle);
10212
10213 KSECDDDECLSPEC
10214 SECURITY_STATUS
10215 SEC_ENTRY
10216 ImpersonateSecurityContext(
10217 _In_ PCtxtHandle phContext);
10218
10219 typedef
10220 SECURITY_STATUS
10221 (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
10222 PCtxtHandle);
10223
10224 KSECDDDECLSPEC
10225 SECURITY_STATUS
10226 SEC_ENTRY
10227 ImportSecurityContextW(
10228 _In_ PSSPI_SEC_STRING pszPackage,
10229 _In_ PSecBuffer pPackedContext,
10230 _In_ PVOID Token,
10231 _Out_ PCtxtHandle phContext);
10232 #define ImportSecurityContext ImportSecurityContextW
10233
10234 typedef
10235 SECURITY_STATUS
10236 (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
10237 PSSPI_SEC_STRING,
10238 PSecBuffer,
10239 PVOID,
10240 PCtxtHandle);
10241 #define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
10242
10243 KSECDDDECLSPEC
10244 SECURITY_STATUS
10245 SEC_ENTRY
10246 InitializeSecurityContextW(
10247 _In_opt_ PCredHandle phCredential,
10248 _In_opt_ PCtxtHandle phContext,
10249 _In_opt_ PSSPI_SEC_STRING pTargetName,
10250 _In_ ULONG fContextReq,
10251 _In_ ULONG Reserved1,
10252 _In_ ULONG TargetDataRep,
10253 _In_opt_ PSecBufferDesc pInput,
10254 _In_ ULONG Reserved2,
10255 _Inout_opt_ PCtxtHandle phNewContext,
10256 _Inout_opt_ PSecBufferDesc pOutput,
10257 _Out_ PULONG pfContextAttr,
10258 _Out_opt_ PTimeStamp ptsExpiry);
10259 #define InitializeSecurityContext InitializeSecurityContextW
10260
10261 typedef
10262 SECURITY_STATUS
10263 (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
10264 PCredHandle,
10265 PCtxtHandle,
10266 PSSPI_SEC_STRING,
10267 ULONG,
10268 ULONG,
10269 ULONG,
10270 PSecBufferDesc,
10271 ULONG,
10272 PCtxtHandle,
10273 PSecBufferDesc,
10274 PULONG,
10275 PTimeStamp);
10276 #define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
10277
10278 KSECDDDECLSPEC
10279 PSecurityFunctionTableW
10280 SEC_ENTRY
10281 InitSecurityInterfaceW(VOID);
10282 #define InitSecurityInterface InitSecurityInterfaceW
10283
10284 typedef
10285 PSecurityFunctionTableW
10286 (SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(VOID);
10287 #define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
10288
10289 KSECDDDECLSPEC
10290 SECURITY_STATUS
10291 SEC_ENTRY
10292 MakeSignature(
10293 _In_ PCtxtHandle phContext,
10294 _In_ ULONG fQOP,
10295 _In_ PSecBufferDesc pMessage,
10296 _In_ ULONG MessageSeqNo);
10297
10298 typedef
10299 SECURITY_STATUS
10300 (SEC_ENTRY * MAKE_SIGNATURE_FN)(
10301 PCtxtHandle,
10302 ULONG,
10303 PSecBufferDesc,
10304 ULONG);
10305
10306 KSECDDDECLSPEC
10307 SECURITY_STATUS
10308 SEC_ENTRY
10309 QueryContextAttributesW(
10310 _In_ PCtxtHandle phContext,
10311 _In_ ULONG ulAttribute,
10312 _Out_ PVOID pBuffer);
10313 #define QueryContextAttributes QueryContextAttributesW
10314
10315 typedef
10316 SECURITY_STATUS
10317 (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
10318 PCtxtHandle,
10319 ULONG,
10320 PVOID);
10321 #define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
10322
10323 KSECDDDECLSPEC
10324 SECURITY_STATUS
10325 SEC_ENTRY
10326 QueryCredentialsAttributesW(
10327 _In_ PCredHandle phCredential,
10328 _In_ ULONG ulAttribute,
10329 _Inout_ PVOID pBuffer);
10330 #define QueryCredentialsAttributes QueryCredentialsAttributesW
10331
10332 typedef
10333 SECURITY_STATUS
10334 (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
10335 PCredHandle,
10336 ULONG,
10337 PVOID);
10338 #define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
10339
10340 KSECDDDECLSPEC
10341 SECURITY_STATUS
10342 SEC_ENTRY
10343 QuerySecurityContextToken(
10344 _In_ PCtxtHandle phContext,
10345 _Out_ PVOID* Token);
10346
10347 typedef
10348 SECURITY_STATUS
10349 (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
10350 PCtxtHandle, PVOID *);
10351
10352 KSECDDDECLSPEC
10353 SECURITY_STATUS
10354 SEC_ENTRY
10355 QuerySecurityPackageInfoW(
10356 _In_ PSSPI_SEC_STRING pPackageName,
10357 _Deref_out_ PSecPkgInfoW *ppPackageInfo);
10358 #define QuerySecurityPackageInfo QuerySecurityPackageInfoW
10359
10360 typedef
10361 SECURITY_STATUS
10362 (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
10363 PSSPI_SEC_STRING,
10364 PSecPkgInfoW *);
10365 #define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
10366
10367 KSECDDDECLSPEC
10368 SECURITY_STATUS
10369 SEC_ENTRY
10370 RevertSecurityContext(
10371 _In_ PCtxtHandle phContext);
10372
10373 typedef
10374 SECURITY_STATUS
10375 (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
10376 PCtxtHandle);
10377
10378 #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
10379 SECURITY_STATUS
10380 SEC_ENTRY
10381 SetContextAttributesW(
10382 _In_ PCtxtHandle phContext,
10383 _In_ ULONG ulAttribute,
10384 _In_bytecount_(cbBuffer) PVOID pBuffer,
10385 _In_ ULONG cbBuffer);
10386 #define SetContextAttributes SetContextAttributesW
10387
10388 typedef
10389 SECURITY_STATUS
10390 (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(
10391 PCtxtHandle,
10392 ULONG,
10393 PVOID,
10394 ULONG);
10395 #define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
10396 #endif
10397
10398 #if (NTDDI_VERSION > NTDDI_WS03)
10399 KSECDDDECLSPEC
10400 SECURITY_STATUS
10401 SEC_ENTRY
10402 SetCredentialsAttributesW(
10403 _In_ PCredHandle phCredential,
10404 _In_ ULONG ulAttribute,
10405 _In_bytecount_(cbBuffer) PVOID pBuffer,
10406 _In_ ULONG cbBuffer);
10407 #define SetCredentialsAttributes SetCredentialsAttributesW
10408
10409 typedef
10410 SECURITY_STATUS
10411 (SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)(
10412 PCredHandle,
10413 ULONG,
10414 PVOID,
10415 ULONG);
10416 #define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
10417 #endif /* NTDDI_VERSION > NTDDI_WS03 */
10418
10419 KSECDDDECLSPEC
10420 SECURITY_STATUS
10421 SEC_ENTRY
10422 VerifySignature(
10423 _In_ PCtxtHandle phContext,
10424 _In_ PSecBufferDesc pMessage,
10425 _In_ ULONG MessageSeqNo,
10426 _Out_ PULONG pfQOP);
10427
10428 typedef
10429 SECURITY_STATUS
10430 (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
10431 PCtxtHandle,
10432 PSecBufferDesc,
10433 ULONG,
10434 PULONG);
10435
10436 #if (ISSP_MODE == 0)
10437
10438 KSECDDDECLSPEC
10439 NTSTATUS
10440 NTAPI
10441 SecMakeSPN(
10442 _In_ PUNICODE_STRING ServiceClass,
10443 _In_ PUNICODE_STRING ServiceName,
10444 _In_opt_ PUNICODE_STRING InstanceName,
10445 _In_opt_ USHORT InstancePort,
10446 _In_opt_ PUNICODE_STRING Referrer,
10447 _Inout_ PUNICODE_STRING Spn,
10448 _Out_opt_ PULONG Length,
10449 _In_ BOOLEAN Allocate);
10450
10451 #if (NTDDI_VERSION >= NTDDI_WINXP)
10452 KSECDDDECLSPEC
10453 NTSTATUS
10454 NTAPI
10455 SecMakeSPNEx(
10456 _In_ PUNICODE_STRING ServiceClass,
10457 _In_ PUNICODE_STRING ServiceName,
10458 _In_opt_ PUNICODE_STRING InstanceName,
10459 _In_opt_ USHORT InstancePort,
10460 _In_opt_ PUNICODE_STRING Referrer,
10461 _In_opt_ PUNICODE_STRING TargetInfo,
10462 _Inout_ PUNICODE_STRING Spn,
10463 _Out_ PULONG Length OPTIONAL,
10464 _In_ BOOLEAN Allocate);
10465
10466 KSECDDDECLSPEC
10467 NTSTATUS
10468 SEC_ENTRY
10469 SecLookupAccountSid(
10470 _In_ PSID Sid,
10471 _Out_ PULONG NameSize,
10472 _Inout_ PUNICODE_STRING NameBuffer,
10473 _Out_ PULONG DomainSize OPTIONAL,
10474 _Out_opt_ PUNICODE_STRING DomainBuffer,
10475 _Out_ PSID_NAME_USE NameUse);
10476
10477 KSECDDDECLSPEC
10478 NTSTATUS
10479 SEC_ENTRY
10480 SecLookupAccountName(
10481 _In_ PUNICODE_STRING Name,
10482 _Inout_ PULONG SidSize,
10483 _Out_ PSID Sid,
10484 _Out_ PSID_NAME_USE NameUse,
10485 _Out_opt_ PULONG DomainSize, // WDK says _Out_ only + ... OPTIONAL
10486 _Inout_opt_ PUNICODE_STRING ReferencedDomain);
10487 #endif
10488
10489 #if (NTDDI_VERSION >= NTDDI_WS03)
10490 KSECDDDECLSPEC
10491 NTSTATUS
10492 SEC_ENTRY
10493 SecLookupWellKnownSid(
10494 _In_ WELL_KNOWN_SID_TYPE SidType,
10495 _Out_ PSID Sid,
10496 _In_ ULONG SidBufferSize,
10497 _Inout_opt_ PULONG SidSize);
10498 #endif
10499
10500 #if (NTDDI_VERSION >= NTDDI_VISTA)
10501 KSECDDDECLSPEC
10502 NTSTATUS
10503 NTAPI
10504 SecMakeSPNEx2(
10505 _In_ PUNICODE_STRING ServiceClass,
10506 _In_ PUNICODE_STRING ServiceName,
10507 _In_opt_ PUNICODE_STRING InstanceName,
10508 _In_opt_ USHORT InstancePort,
10509 _In_opt_ PUNICODE_STRING Referrer,
10510 _In_opt_ PUNICODE_STRING InTargetInfo,
10511 _Inout_ PUNICODE_STRING Spn,
10512 _Out_opt_ PULONG TotalSize,
10513 _In_ BOOLEAN Allocate,
10514 _In_ BOOLEAN IsTargetInfoMarshaled);
10515 #endif
10516
10517 #endif /* ISSP_MODE == 0 */
10518
10519 #if (NTDDI_VERSION >= NTDDI_WIN7)
10520
10521 SECURITY_STATUS
10522 SEC_ENTRY
10523 SspiEncodeAuthIdentityAsStrings(
10524 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity,
10525 _Deref_out_opt_ PCWSTR* ppszUserName,
10526 _Deref_out_opt_ PCWSTR* ppszDomainName,
10527 _Deref_opt_out_opt_ PCWSTR* ppszPackedCredentialsString);
10528
10529 SECURITY_STATUS
10530 SEC_ENTRY
10531 SspiValidateAuthIdentity(
10532 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10533
10534 SECURITY_STATUS
10535 SEC_ENTRY
10536 SspiCopyAuthIdentity(
10537 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData,
10538 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy);
10539
10540 VOID
10541 SEC_ENTRY
10542 SspiFreeAuthIdentity(
10543 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10544
10545 VOID
10546 SEC_ENTRY
10547 SspiZeroAuthIdentity(
10548 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10549
10550 VOID
10551 SEC_ENTRY
10552 SspiLocalFree(
10553 _In_opt_ PVOID DataBuffer);
10554
10555 SECURITY_STATUS
10556 SEC_ENTRY
10557 SspiEncodeStringsAsAuthIdentity(
10558 _In_opt_ PCWSTR pszUserName,
10559 _In_opt_ PCWSTR pszDomainName,
10560 _In_opt_ PCWSTR pszPackedCredentialsString,
10561 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
10562
10563 SECURITY_STATUS
10564 SEC_ENTRY
10565 SspiCompareAuthIdentities(
10566 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1,
10567 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2,
10568 _Out_opt_ PBOOLEAN SameSuppliedUser,
10569 _Out_opt_ PBOOLEAN SameSuppliedIdentity);
10570
10571 SECURITY_STATUS
10572 SEC_ENTRY
10573 SspiMarshalAuthIdentity(
10574 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
10575 _Out_ PULONG AuthIdentityLength,
10576 _Outptr_result_bytebuffer_(*AuthIdentityLength) PCHAR* AuthIdentityByteArray);
10577
10578 SECURITY_STATUS
10579 SEC_ENTRY
10580 SspiUnmarshalAuthIdentity(
10581 _In_ PULONG AuthIdentityLength,
10582 _In_reads_bytes_(AuthIdentityLength) PCHAR AuthIdentityByteArray,
10583 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
10584
10585 BOOLEAN
10586 SEC_ENTRY
10587 SspiIsPromptingNeeded(
10588 _In_ PULONG ErrorOrNtStatus);
10589
10590 SECURITY_STATUS
10591 SEC_ENTRY
10592 SspiGetTargetHostName(
10593 _In_ PCWSTR pszTargetName,
10594 _Outptr_ PWSTR* pszHostName);
10595
10596 SECURITY_STATUS
10597 SEC_ENTRY
10598 SspiExcludePackage(
10599 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
10600 _In_ PCWSTR pszPackageName,
10601 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity);
10602
10603 #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04
10604 #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08
10605
10606 #endif /* NTDDI_VERSION >= NTDDI_WIN7 */
10607
10608 #define FreeCredentialHandle FreeCredentialsHandle
10609 struct _SECURITY_FUNCTION_TABLE_W
10610 {
10611 ULONG dwVersion;
10612 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
10613 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
10614 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
10615 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
10616 PVOID Reserved2;
10617 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
10618 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
10619 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
10620 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
10621 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
10622 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
10623 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
10624 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
10625 MAKE_SIGNATURE_FN MakeSignature;
10626 VERIFY_SIGNATURE_FN VerifySignature;
10627 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
10628 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
10629 PVOID Reserved3;
10630 PVOID Reserved4;
10631 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
10632 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
10633 ADD_CREDENTIALS_FN_W AddCredentialsW ;
10634 PVOID Reserved8;
10635 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
10636 ENCRYPT_MESSAGE_FN EncryptMessage;
10637 DECRYPT_MESSAGE_FN DecryptMessage;
10638 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10639 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
10640 #endif
10641 #if NTDDI_VERSION > NTDDI_WS03SP1
10642 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
10643 #endif
10644 #if ISSP_MODE != 0
10645 CHANGE_PASSWORD_FN_W ChangeAccountPasswordW;
10646 #else
10647 PVOID Reserved9;
10648 #endif
10649 };
10650
10651 #endif /* !__SSPI_H__ */
10652
10653 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
10654 #if defined(_WIN64)
10655 C_ASSERT(sizeof(ERESOURCE) == 0x68);
10656 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
10657 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
10658 #else
10659 C_ASSERT(sizeof(ERESOURCE) == 0x38);
10660 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
10661 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
10662 #endif
10663 /* #endif */
10664
10665 #if defined(_IA64_)
10666 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10667 //DECLSPEC_DEPRECATED_DDK
10668 NTHALAPI
10669 ULONG
10670 NTAPI
10671 HalGetDmaAlignmentRequirement(
10672 VOID);
10673 #endif
10674 #endif
10675
10676 #if defined(_M_IX86) || defined(_M_AMD64)
10677 #define HalGetDmaAlignmentRequirement() 1L
10678 #endif
10679
10680 extern NTKERNELAPI PUSHORT NlsOemLeadByteInfo;
10681 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
10682
10683 #ifdef NLS_MB_CODE_PAGE_TAG
10684 #undef NLS_MB_CODE_PAGE_TAG
10685 #endif
10686 #define NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag
10687
10688 #if (NTDDI_VERSION >= NTDDI_VISTA)
10689
10690 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
10691 NetworkOpenLocationAny,
10692 NetworkOpenLocationRemote,
10693 NetworkOpenLocationLoopback
10694 } NETWORK_OPEN_LOCATION_QUALIFIER;
10695
10696 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
10697 NetworkOpenIntegrityAny,
10698 NetworkOpenIntegrityNone,
10699 NetworkOpenIntegritySigned,
10700 NetworkOpenIntegrityEncrypted,
10701 NetworkOpenIntegrityMaximum
10702 } NETWORK_OPEN_INTEGRITY_QUALIFIER;
10703
10704 #if (NTDDI_VERSION >= NTDDI_WIN7)
10705
10706 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
10707 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
10708 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
10709
10710 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
10711 USHORT Size;
10712 USHORT Reserved;
10713 _ANONYMOUS_STRUCT struct {
10714 struct {
10715 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10716 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10717 ULONG Flags;
10718 } in;
10719 struct {
10720 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10721 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10722 ULONG Flags;
10723 } out;
10724 } DUMMYSTRUCTNAME;
10725 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
10726
10727 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
10728 USHORT Size;
10729 USHORT Reserved;
10730 _ANONYMOUS_STRUCT struct {
10731 struct {
10732 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10733 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10734 } in;
10735 struct {
10736 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10737 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10738 } out;
10739 } DUMMYSTRUCTNAME;
10740 } NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
10741
10742 #elif (NTDDI_VERSION >= NTDDI_VISTA)
10743 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
10744 USHORT Size;
10745 USHORT Reserved;
10746 _ANONYMOUS_STRUCT struct {
10747 struct {
10748 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10749 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10750 } in;
10751 struct {
10752 NETWORK_OPEN_LOCATION_QUALIFIER Location;
10753 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
10754 } out;
10755 } DUMMYSTRUCTNAME;
10756 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
10757 #endif
10758
10759 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
10760
10761 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
10762
10763
10764 #if (NTDDI_VERSION >= NTDDI_VISTA)
10765
10766 typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
10767 PVOID Context;
10768 } PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
10769
10770 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
10771
10772 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
10773
10774 #if (NTDDI_VERSION >= NTDDI_WIN7)
10775
10776 DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
10777 DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
10778
10779 typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
10780
10781 typedef struct _NFS_OPEN_ECP_CONTEXT {
10782 PUNICODE_STRING ExportAlias;
10783 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
10784 } NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
10785
10786 typedef struct _SRV_OPEN_ECP_CONTEXT {
10787 PUNICODE_STRING ShareName;
10788 PSOCKADDR_STORAGE_NFS SocketAddress;
10789 BOOLEAN OplockBlockState;
10790 BOOLEAN OplockAppState;
10791 BOOLEAN OplockFinalState;
10792 } SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
10793
10794 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
10795
10796 #define PIN_WAIT (1)
10797 #define PIN_EXCLUSIVE (2)
10798 #define PIN_NO_READ (4)
10799 #define PIN_IF_BCB (8)
10800 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
10801 #define PIN_HIGH_PRIORITY (64)
10802
10803 #define MAP_WAIT 1
10804 #define MAP_NO_READ (16)
10805 #define MAP_HIGH_PRIORITY (64)
10806
10807 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
10808 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
10809
10810 typedef struct _QUERY_PATH_REQUEST {
10811 ULONG PathNameLength;
10812 PIO_SECURITY_CONTEXT SecurityContext;
10813 WCHAR FilePathName[1];
10814 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
10815
10816 typedef struct _QUERY_PATH_REQUEST_EX {
10817 PIO_SECURITY_CONTEXT pSecurityContext;
10818 ULONG EaLength;
10819 PVOID pEaBuffer;
10820 UNICODE_STRING PathName;
10821 UNICODE_STRING DomainServiceName;
10822 ULONG_PTR Reserved[ 3 ];
10823 } QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
10824
10825 typedef struct _QUERY_PATH_RESPONSE {
10826 ULONG LengthAccepted;
10827 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
10828
10829 #define VOLSNAPCONTROLTYPE 0x00000053
10830 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
10831
10832 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
10833 #pragma pack(push,4)
10834
10835 #ifndef VER_PRODUCTBUILD
10836 #define VER_PRODUCTBUILD 10000
10837 #endif
10838
10839 #include "csq.h"
10840
10841 #define FS_LFN_APIS 0x00004000
10842
10843 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
10844 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
10845 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
10846 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
10847 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
10848 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
10849 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
10850 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
10851 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
10852 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
10853 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
10854 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
10855 #define FILE_STORAGE_TYPE_MASK 0x000f0000
10856 #define FILE_STORAGE_TYPE_SHIFT 16
10857
10858 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
10859
10860 #ifdef _X86_
10861 #define HARDWARE_PTE HARDWARE_PTE_X86
10862 #define PHARDWARE_PTE PHARDWARE_PTE_X86
10863 #endif
10864
10865 #define IO_ATTACH_DEVICE_API 0x80000000
10866
10867 #define IO_TYPE_APC 18
10868 #define IO_TYPE_DPC 19
10869 #define IO_TYPE_DEVICE_QUEUE 20
10870 #define IO_TYPE_EVENT_PAIR 21
10871 #define IO_TYPE_INTERRUPT 22
10872 #define IO_TYPE_PROFILE 23
10873
10874 #define IRP_BEING_VERIFIED 0x10
10875
10876 #define MAILSLOT_CLASS_FIRSTCLASS 1
10877 #define MAILSLOT_CLASS_SECONDCLASS 2
10878
10879 #define MAILSLOT_SIZE_AUTO 0
10880
10881 #define MEM_DOS_LIM 0x40000000
10882
10883 #define OB_TYPE_TYPE 1
10884 #define OB_TYPE_DIRECTORY 2
10885 #define OB_TYPE_SYMBOLIC_LINK 3
10886 #define OB_TYPE_TOKEN 4
10887 #define OB_TYPE_PROCESS 5
10888 #define OB_TYPE_THREAD 6
10889 #define OB_TYPE_EVENT 7
10890 #define OB_TYPE_EVENT_PAIR 8
10891 #define OB_TYPE_MUTANT 9
10892 #define OB_TYPE_SEMAPHORE 10
10893 #define OB_TYPE_TIMER 11
10894 #define OB_TYPE_PROFILE 12
10895 #define OB_TYPE_WINDOW_STATION 13
10896 #define OB_TYPE_DESKTOP 14
10897 #define OB_TYPE_SECTION 15
10898 #define OB_TYPE_KEY 16
10899 #define OB_TYPE_PORT 17
10900 #define OB_TYPE_ADAPTER 18
10901 #define OB_TYPE_CONTROLLER 19
10902 #define OB_TYPE_DEVICE 20
10903 #define OB_TYPE_DRIVER 21
10904 #define OB_TYPE_IO_COMPLETION 22
10905 #define OB_TYPE_FILE 23
10906
10907 #define SEC_BASED 0x00200000
10908
10909 /* end winnt.h */
10910
10911 #define TOKEN_HAS_ADMIN_GROUP 0x08
10912
10913 #if (VER_PRODUCTBUILD >= 1381)
10914 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
10915 #endif /* (VER_PRODUCTBUILD >= 1381) */
10916
10917 #if (VER_PRODUCTBUILD >= 2195)
10918
10919 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
10920 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
10921
10922 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
10923
10924 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
10925 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
10926 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
10927 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
10928 #endif /* (VER_PRODUCTBUILD >= 2195) */
10929
10930 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
10931 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
10932 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
10933 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
10934 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
10935 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
10936 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
10937 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
10938
10939 typedef enum _FILE_STORAGE_TYPE {
10940 StorageTypeDefault = 1,
10941 StorageTypeDirectory,
10942 StorageTypeFile,
10943 StorageTypeJunctionPoint,
10944 StorageTypeCatalog,
10945 StorageTypeStructuredStorage,
10946 StorageTypeEmbedding,
10947 StorageTypeStream
10948 } FILE_STORAGE_TYPE;
10949
10950 typedef struct _OBJECT_BASIC_INFORMATION
10951 {
10952 ULONG Attributes;
10953 ACCESS_MASK GrantedAccess;
10954 ULONG HandleCount;
10955 ULONG PointerCount;
10956 ULONG PagedPoolCharge;
10957 ULONG NonPagedPoolCharge;
10958 ULONG Reserved[ 3 ];
10959 ULONG NameInfoSize;
10960 ULONG TypeInfoSize;
10961 ULONG SecurityDescriptorSize;
10962 LARGE_INTEGER CreationTime;
10963 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
10964
10965 typedef struct _BITMAP_RANGE {
10966 LIST_ENTRY Links;
10967 LONGLONG BasePage;
10968 ULONG FirstDirtyPage;
10969 ULONG LastDirtyPage;
10970 ULONG DirtyPages;
10971 PULONG Bitmap;
10972 } BITMAP_RANGE, *PBITMAP_RANGE;
10973
10974 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
10975 BOOLEAN ReplaceIfExists;
10976 HANDLE RootDirectory;
10977 ULONG FileNameLength;
10978 WCHAR FileName[1];
10979 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
10980
10981 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
10982 ULONG NextEntryOffset;
10983 ULONG FileIndex;
10984 LARGE_INTEGER CreationTime;
10985 LARGE_INTEGER LastAccessTime;
10986 LARGE_INTEGER LastWriteTime;
10987 LARGE_INTEGER ChangeTime;
10988 LARGE_INTEGER EndOfFile;
10989 LARGE_INTEGER AllocationSize;
10990 ULONG FileAttributes;
10991 ULONG FileNameLength;
10992 ULONG EaSize;
10993 WCHAR FileName[ANYSIZE_ARRAY];
10994 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
10995
10996 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
10997 typedef struct _FILE_SHARED_LOCK_ENTRY {
10998 PVOID Unknown1;
10999 PVOID Unknown2;
11000 FILE_LOCK_INFO FileLock;
11001 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
11002
11003 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11004 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
11005 LIST_ENTRY ListEntry;
11006 PVOID Unknown1;
11007 PVOID Unknown2;
11008 FILE_LOCK_INFO FileLock;
11009 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
11010
11011 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
11012 ULONG ReadDataAvailable;
11013 ULONG NumberOfMessages;
11014 ULONG MessageLength;
11015 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
11016
11017 typedef struct _FILE_OLE_CLASSID_INFORMATION {
11018 GUID ClassId;
11019 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
11020
11021 typedef struct _FILE_OLE_ALL_INFORMATION {
11022 FILE_BASIC_INFORMATION BasicInformation;
11023 FILE_STANDARD_INFORMATION StandardInformation;
11024 FILE_INTERNAL_INFORMATION InternalInformation;
11025 FILE_EA_INFORMATION EaInformation;
11026 FILE_ACCESS_INFORMATION AccessInformation;
11027 FILE_POSITION_INFORMATION PositionInformation;
11028 FILE_MODE_INFORMATION ModeInformation;
11029 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
11030 USN LastChangeUsn;
11031 USN ReplicationUsn;
11032 LARGE_INTEGER SecurityChangeTime;
11033 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
11034 FILE_OBJECTID_INFORMATION ObjectIdInformation;
11035 FILE_STORAGE_TYPE StorageType;
11036 ULONG OleStateBits;
11037 ULONG OleId;
11038 ULONG NumberOfStreamReferences;
11039 ULONG StreamIndex;
11040 ULONG SecurityId;
11041 BOOLEAN ContentIndexDisable;
11042 BOOLEAN InheritContentIndexDisable;
11043 FILE_NAME_INFORMATION NameInformation;
11044 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
11045
11046 typedef struct _FILE_OLE_DIR_INFORMATION {
11047 ULONG NextEntryOffset;
11048 ULONG FileIndex;
11049 LARGE_INTEGER CreationTime;
11050 LARGE_INTEGER LastAccessTime;
11051 LARGE_INTEGER LastWriteTime;
11052 LARGE_INTEGER ChangeTime;
11053 LARGE_INTEGER EndOfFile;
11054 LARGE_INTEGER AllocationSize;
11055 ULONG FileAttributes;
11056 ULONG FileNameLength;
11057 FILE_STORAGE_TYPE StorageType;
11058 GUID OleClassId;
11059 ULONG OleStateBits;
11060 BOOLEAN ContentIndexDisable;
11061 BOOLEAN InheritContentIndexDisable;
11062 WCHAR FileName[1];
11063 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
11064
11065 typedef struct _FILE_OLE_INFORMATION {
11066 LARGE_INTEGER SecurityChangeTime;
11067 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
11068 FILE_OBJECTID_INFORMATION ObjectIdInformation;
11069 FILE_STORAGE_TYPE StorageType;
11070 ULONG OleStateBits;
11071 BOOLEAN ContentIndexDisable;
11072 BOOLEAN InheritContentIndexDisable;
11073 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
11074
11075 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
11076 ULONG StateBits;
11077 ULONG StateBitsMask;
11078 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
11079
11080 typedef struct _MAPPING_PAIR {
11081 ULONGLONG Vcn;
11082 ULONGLONG Lcn;
11083 } MAPPING_PAIR, *PMAPPING_PAIR;
11084
11085 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
11086 ULONG NumberOfPairs;
11087 ULONGLONG StartVcn;
11088 MAPPING_PAIR Pair[1];
11089 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
11090
11091 typedef struct _MBCB {
11092 CSHORT NodeTypeCode;
11093 CSHORT NodeIsInZone;
11094 ULONG PagesToWrite;
11095 ULONG DirtyPages;
11096 ULONG Reserved;
11097 LIST_ENTRY BitmapRanges;
11098 LONGLONG ResumeWritePage;
11099 BITMAP_RANGE BitmapRange1;
11100 BITMAP_RANGE BitmapRange2;
11101 BITMAP_RANGE BitmapRange3;
11102 } MBCB, *PMBCB;
11103
11104 typedef struct _MOVEFILE_DESCRIPTOR {
11105 HANDLE FileHandle;
11106 ULONG Reserved;
11107 LARGE_INTEGER StartVcn;
11108 LARGE_INTEGER TargetLcn;
11109 ULONG NumVcns;
11110 ULONG Reserved1;
11111 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
11112
11113 typedef struct _OBJECT_BASIC_INFO {
11114 ULONG Attributes;
11115 ACCESS_MASK GrantedAccess;
11116 ULONG HandleCount;
11117 ULONG ReferenceCount;
11118 ULONG PagedPoolUsage;
11119 ULONG NonPagedPoolUsage;
11120 ULONG Reserved[3];
11121 ULONG NameInformationLength;
11122 ULONG TypeInformationLength;
11123 ULONG SecurityDescriptorLength;
11124 LARGE_INTEGER CreateTime;
11125 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
11126
11127 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
11128 BOOLEAN Inherit;
11129 BOOLEAN ProtectFromClose;
11130 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
11131
11132 typedef struct _OBJECT_NAME_INFO {
11133 UNICODE_STRING ObjectName;
11134 WCHAR ObjectNameBuffer[1];
11135 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
11136
11137 typedef struct _OBJECT_PROTECTION_INFO {
11138 BOOLEAN Inherit;
11139 BOOLEAN ProtectHandle;
11140 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
11141
11142 typedef struct _OBJECT_TYPE_INFO {
11143 UNICODE_STRING ObjectTypeName;
11144 UCHAR Unknown[0x58];
11145 WCHAR ObjectTypeNameBuffer[1];
11146 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
11147
11148 typedef struct _OBJECT_ALL_TYPES_INFO {
11149 ULONG NumberOfObjectTypes;
11150 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
11151 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
11152
11153 #if defined(USE_LPC6432)
11154 #define LPC_CLIENT_ID CLIENT_ID64
11155 #define LPC_SIZE_T ULONGLONG
11156 #define LPC_PVOID ULONGLONG
11157 #define LPC_HANDLE ULONGLONG
11158 #else
11159 #define LPC_CLIENT_ID CLIENT_ID
11160 #define LPC_SIZE_T SIZE_T
11161 #define LPC_PVOID PVOID
11162 #define LPC_HANDLE HANDLE
11163 #endif
11164
11165 typedef struct _PORT_MESSAGE
11166 {
11167 union
11168 {
11169 struct
11170 {
11171 CSHORT DataLength;
11172 CSHORT TotalLength;
11173 } s1;
11174 ULONG Length;
11175 } u1;
11176 union
11177 {
11178 struct
11179 {
11180 CSHORT Type;
11181 CSHORT DataInfoOffset;
11182 } s2;
11183 ULONG ZeroInit;
11184 } u2;
11185 __GNU_EXTENSION union
11186 {
11187 LPC_CLIENT_ID ClientId;
11188 double DoNotUseThisField;
11189 };
11190 ULONG MessageId;
11191 __GNU_EXTENSION union
11192 {
11193 LPC_SIZE_T ClientViewSize;
11194 ULONG CallbackId;
11195 };
11196 } PORT_MESSAGE, *PPORT_MESSAGE;
11197
11198 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
11199
11200 typedef struct _PORT_VIEW
11201 {
11202 ULONG Length;
11203 LPC_HANDLE SectionHandle;
11204 ULONG SectionOffset;
11205 LPC_SIZE_T ViewSize;
11206 LPC_PVOID ViewBase;
11207 LPC_PVOID ViewRemoteBase;
11208 } PORT_VIEW, *PPORT_VIEW;
11209
11210 typedef struct _REMOTE_PORT_VIEW
11211 {
11212 ULONG Length;
11213 LPC_SIZE_T ViewSize;
11214 LPC_PVOID ViewBase;
11215 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
11216
11217 typedef struct _VAD_HEADER {
11218 PVOID StartVPN;
11219 PVOID EndVPN;
11220 struct _VAD_HEADER* ParentLink;
11221 struct _VAD_HEADER* LeftLink;
11222 struct _VAD_HEADER* RightLink;
11223 ULONG Flags; /* LSB = CommitCharge */
11224 PVOID ControlArea;
11225 PVOID FirstProtoPte;
11226 PVOID LastPTE;
11227 ULONG Unknown;
11228 LIST_ENTRY Secured;
11229 } VAD_HEADER, *PVAD_HEADER;
11230
11231 NTKERNELAPI
11232 LARGE_INTEGER
11233 NTAPI
11234 CcGetLsnForFileObject (
11235 IN PFILE_OBJECT FileObject,
11236 OUT PLARGE_INTEGER OldestLsn OPTIONAL
11237 );
11238
11239 NTKERNELAPI
11240 PVOID
11241 NTAPI
11242 FsRtlAllocatePool (
11243 IN POOL_TYPE PoolType,
11244 IN ULONG NumberOfBytes
11245 );
11246
11247 NTKERNELAPI
11248 PVOID
11249 NTAPI
11250 FsRtlAllocatePoolWithQuota (
11251 IN POOL_TYPE PoolType,
11252 IN ULONG NumberOfBytes
11253 );
11254
11255 NTKERNELAPI
11256 PVOID
11257 NTAPI
11258 FsRtlAllocatePoolWithQuotaTag (
11259 IN POOL_TYPE PoolType,
11260 IN ULONG NumberOfBytes,
11261 IN ULONG Tag
11262 );
11263
11264 NTKERNELAPI
11265 PVOID
11266 NTAPI
11267 FsRtlAllocatePoolWithTag (
11268 IN POOL_TYPE PoolType,
11269 IN ULONG NumberOfBytes,
11270 IN ULONG Tag
11271 );
11272
11273 NTKERNELAPI
11274 BOOLEAN
11275 NTAPI
11276 FsRtlMdlReadComplete (
11277 IN PFILE_OBJECT FileObject,
11278 IN PMDL MdlChain
11279 );
11280
11281 NTKERNELAPI
11282 BOOLEAN
11283 NTAPI
11284 FsRtlMdlWriteComplete (
11285 IN PFILE_OBJECT FileObject,
11286 IN PLARGE_INTEGER FileOffset,
11287 IN PMDL MdlChain
11288 );
11289
11290 NTKERNELAPI
11291 VOID
11292 NTAPI
11293 FsRtlNotifyChangeDirectory (
11294 IN PNOTIFY_SYNC NotifySync,
11295 IN PVOID FsContext,
11296 IN PSTRING FullDirectoryName,
11297 IN PLIST_ENTRY NotifyList,
11298 IN BOOLEAN WatchTree,
11299 IN ULONG CompletionFilter,
11300 IN PIRP NotifyIrp
11301 );
11302
11303 NTKERNELAPI
11304 NTSTATUS
11305 NTAPI
11306 ObCreateObject (
11307 IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL,
11308 IN POBJECT_TYPE ObjectType,
11309 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
11310 IN KPROCESSOR_MODE AccessMode,
11311 IN OUT PVOID ParseContext OPTIONAL,
11312 IN ULONG ObjectSize,
11313 IN ULONG PagedPoolCharge OPTIONAL,
11314 IN ULONG NonPagedPoolCharge OPTIONAL,
11315 OUT PVOID *Object
11316 );
11317
11318 NTKERNELAPI
11319 ULONG
11320 NTAPI
11321 ObGetObjectPointerCount (
11322 IN PVOID Object
11323 );
11324
11325 NTKERNELAPI
11326 NTSTATUS
11327 NTAPI
11328 ObReferenceObjectByName (
11329 IN PUNICODE_STRING ObjectName,
11330 IN ULONG Attributes,
11331 IN PACCESS_STATE PassedAccessState OPTIONAL,
11332 IN ACCESS_MASK DesiredAccess OPTIONAL,
11333 IN POBJECT_TYPE ObjectType,
11334 IN KPROCESSOR_MODE AccessMode,
11335 IN OUT PVOID ParseContext OPTIONAL,
11336 OUT PVOID *Object
11337 );
11338
11339 #define PsDereferenceImpersonationToken(T) \
11340 {if (ARGUMENT_PRESENT(T)) { \
11341 (ObDereferenceObject((T))); \
11342 } else { \
11343 ; \
11344 } \
11345 }
11346
11347 NTKERNELAPI
11348 NTSTATUS
11349 NTAPI
11350 PsLookupProcessThreadByCid (
11351 IN PCLIENT_ID Cid,
11352 OUT PEPROCESS *Process OPTIONAL,
11353 OUT PETHREAD *Thread
11354 );
11355
11356 NTSYSAPI
11357 NTSTATUS
11358 NTAPI
11359 RtlSetSaclSecurityDescriptor (
11360 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
11361 IN BOOLEAN SaclPresent,
11362 IN PACL Sacl,
11363 IN BOOLEAN SaclDefaulted
11364 );
11365
11366 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
11367
11368 #if (VER_PRODUCTBUILD >= 2195)
11369
11370 NTSYSAPI
11371 NTSTATUS
11372 NTAPI
11373 ZwAdjustPrivilegesToken (
11374 IN HANDLE TokenHandle,
11375 IN BOOLEAN DisableAllPrivileges,
11376 IN PTOKEN_PRIVILEGES NewState,
11377 IN ULONG BufferLength,
11378 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
11379 OUT PULONG ReturnLength
11380 );
11381
11382 #endif /* (VER_PRODUCTBUILD >= 2195) */
11383
11384 NTSYSAPI
11385 NTSTATUS
11386 NTAPI
11387 ZwAlertThread (
11388 IN HANDLE ThreadHandle
11389 );
11390
11391 NTSYSAPI
11392 NTSTATUS
11393 NTAPI
11394 ZwAccessCheckAndAuditAlarm (
11395 IN PUNICODE_STRING SubsystemName,
11396 IN PVOID HandleId,
11397 IN PUNICODE_STRING ObjectTypeName,
11398 IN PUNICODE_STRING ObjectName,
11399 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
11400 IN ACCESS_MASK DesiredAccess,
11401 IN PGENERIC_MAPPING GenericMapping,
11402 IN BOOLEAN ObjectCreation,
11403 OUT PACCESS_MASK GrantedAccess,
11404 OUT PBOOLEAN AccessStatus,
11405 OUT PBOOLEAN GenerateOnClose
11406 );
11407
11408 #if (VER_PRODUCTBUILD >= 2195)
11409
11410 NTSYSAPI
11411 NTSTATUS
11412 NTAPI
11413 ZwCancelIoFile (
11414 IN HANDLE FileHandle,
11415 OUT PIO_STATUS_BLOCK IoStatusBlock
11416 );
11417
11418 #endif /* (VER_PRODUCTBUILD >= 2195) */
11419
11420 NTSYSAPI
11421 NTSTATUS
11422 NTAPI
11423 ZwClearEvent (
11424 IN HANDLE EventHandle
11425 );
11426
11427 NTSYSAPI
11428 NTSTATUS
11429 NTAPI
11430 ZwCloseObjectAuditAlarm (
11431 IN PUNICODE_STRING SubsystemName,
11432 IN PVOID HandleId,
11433 IN BOOLEAN GenerateOnClose
11434 );
11435
11436 NTSYSAPI
11437 NTSTATUS
11438 NTAPI
11439 ZwCreateSymbolicLinkObject (
11440 OUT PHANDLE SymbolicLinkHandle,
11441 IN ACCESS_MASK DesiredAccess,
11442 IN POBJECT_ATTRIBUTES ObjectAttributes,
11443 IN PUNICODE_STRING TargetName
11444 );
11445
11446 NTSYSAPI
11447 NTSTATUS
11448 NTAPI
11449 ZwFlushInstructionCache (
11450 IN HANDLE ProcessHandle,
11451 IN PVOID BaseAddress OPTIONAL,
11452 IN ULONG FlushSize
11453 );
11454
11455 NTSYSAPI
11456 NTSTATUS
11457 NTAPI
11458 ZwFlushBuffersFile(
11459 IN HANDLE FileHandle,
11460 OUT PIO_STATUS_BLOCK IoStatusBlock
11461 );
11462
11463 #if (VER_PRODUCTBUILD >= 2195)
11464
11465 NTSYSAPI
11466 NTSTATUS
11467 NTAPI
11468 ZwInitiatePowerAction (
11469 IN POWER_ACTION SystemAction,
11470 IN SYSTEM_POWER_STATE MinSystemState,
11471 IN ULONG Flags,
11472 IN BOOLEAN Asynchronous
11473 );
11474
11475 #endif /* (VER_PRODUCTBUILD >= 2195) */
11476
11477 NTSYSAPI
11478 NTSTATUS
11479 NTAPI
11480 ZwLoadKey (
11481 IN POBJECT_ATTRIBUTES KeyObjectAttributes,
11482 IN POBJECT_ATTRIBUTES FileObjectAttributes
11483 );
11484
11485 NTSYSAPI
11486 NTSTATUS
11487 NTAPI
11488 ZwOpenProcessToken (
11489 IN HANDLE ProcessHandle,
11490 IN ACCESS_MASK DesiredAccess,
11491 OUT PHANDLE TokenHandle
11492 );
11493
11494 NTSYSAPI
11495 NTSTATUS
11496 NTAPI
11497 ZwOpenThread (
11498 OUT PHANDLE ThreadHandle,
11499 IN ACCESS_MASK DesiredAccess,
11500 IN POBJECT_ATTRIBUTES ObjectAttributes,
11501 IN PCLIENT_ID ClientId
11502 );
11503
11504 NTSYSAPI
11505 NTSTATUS
11506 NTAPI
11507 ZwOpenThreadToken (
11508 IN HANDLE ThreadHandle,
11509 IN ACCESS_MASK DesiredAccess,
11510 IN BOOLEAN OpenAsSelf,
11511 OUT PHANDLE TokenHandle
11512 );
11513
11514 NTSYSAPI
11515 NTSTATUS
11516 NTAPI
11517 ZwPulseEvent (
11518 IN HANDLE EventHandle,
11519 OUT PLONG PreviousState OPTIONAL
11520 );
11521
11522 NTSYSAPI
11523 NTSTATUS
11524 NTAPI
11525 ZwQueryDefaultLocale (
11526 IN BOOLEAN ThreadOrSystem,
11527 OUT PLCID Locale
11528 );
11529
11530 #if (VER_PRODUCTBUILD >= 2195)
11531
11532 NTSYSAPI
11533 NTSTATUS
11534 NTAPI
11535 ZwQueryDirectoryObject (
11536 IN HANDLE DirectoryHandle,
11537 OUT PVOID Buffer,
11538 IN ULONG Length,
11539 IN BOOLEAN ReturnSingleEntry,
11540 IN BOOLEAN RestartScan,
11541 IN OUT PULONG Context,
11542 OUT PULONG ReturnLength OPTIONAL
11543 );
11544
11545 #endif /* (VER_PRODUCTBUILD >= 2195) */
11546
11547 NTSYSAPI
11548 NTSTATUS
11549 NTAPI
11550 ZwQueryInformationProcess (
11551 IN HANDLE ProcessHandle,
11552 IN PROCESSINFOCLASS ProcessInformationClass,
11553 OUT PVOID ProcessInformation,
11554 IN ULONG ProcessInformationLength,
11555 OUT PULONG ReturnLength OPTIONAL
11556 );
11557
11558 NTSYSAPI
11559 NTSTATUS
11560 NTAPI
11561 ZwReplaceKey (
11562 IN POBJECT_ATTRIBUTES NewFileObjectAttributes,
11563 IN HANDLE KeyHandle,
11564 IN POBJECT_ATTRIBUTES OldFileObjectAttributes
11565 );
11566
11567 NTSYSAPI
11568 NTSTATUS
11569 NTAPI
11570 ZwResetEvent (
11571 IN HANDLE EventHandle,
11572 OUT PLONG PreviousState OPTIONAL
11573 );
11574
11575 #if (VER_PRODUCTBUILD >= 2195)
11576
11577 NTSYSAPI
11578 NTSTATUS
11579 NTAPI
11580 ZwRestoreKey (
11581 IN HANDLE KeyHandle,
11582 IN HANDLE FileHandle,
11583 IN ULONG Flags
11584 );
11585
11586 #endif /* (VER_PRODUCTBUILD >= 2195) */
11587
11588 NTSYSAPI
11589 NTSTATUS
11590 NTAPI
11591 ZwSaveKey (
11592 IN HANDLE KeyHandle,
11593 IN HANDLE FileHandle
11594 );
11595
11596 NTSYSAPI
11597 NTSTATUS
11598 NTAPI
11599 ZwSetDefaultLocale (
11600 IN BOOLEAN ThreadOrSystem,
11601 IN LCID Locale
11602 );
11603
11604 #if (VER_PRODUCTBUILD >= 2195)
11605
11606 NTSYSAPI
11607 NTSTATUS
11608 NTAPI
11609 ZwSetDefaultUILanguage (
11610 IN LANGID LanguageId
11611 );
11612
11613 #endif /* (VER_PRODUCTBUILD >= 2195) */
11614
11615 NTSYSAPI
11616 NTSTATUS
11617 NTAPI
11618 ZwSetInformationProcess (
11619 IN HANDLE ProcessHandle,
11620 IN PROCESSINFOCLASS ProcessInformationClass,
11621 IN PVOID ProcessInformation,
11622 IN ULONG ProcessInformationLength
11623 );
11624
11625 NTSYSAPI
11626 NTSTATUS
11627 NTAPI
11628 ZwSetSystemTime (
11629 IN PLARGE_INTEGER NewTime,
11630 OUT PLARGE_INTEGER OldTime OPTIONAL
11631 );
11632
11633 NTSYSAPI
11634 NTSTATUS
11635 NTAPI
11636 ZwUnloadKey (
11637 IN POBJECT_ATTRIBUTES KeyObjectAttributes
11638 );
11639
11640 NTSYSAPI
11641 NTSTATUS
11642 NTAPI
11643 ZwWaitForMultipleObjects (
11644 IN ULONG HandleCount,
11645 IN PHANDLE Handles,
11646 IN WAIT_TYPE WaitType,
11647 IN BOOLEAN Alertable,
11648 IN PLARGE_INTEGER Timeout OPTIONAL
11649 );
11650
11651 NTSYSAPI
11652 NTSTATUS
11653 NTAPI
11654 ZwYieldExecution (
11655 VOID
11656 );
11657
11658 #pragma pack(pop)
11659
11660 #ifdef __cplusplus
11661 }
11662 #endif
A free Windows-compatible Operating System