projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge my current work done on the kd++ branch:
[reactos.git] / reactos / include / ddk / ntifs.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 /* Dependencies */
34 #include <ntddk.h>
35 #include <excpt.h>
36 #include <ntdef.h>
37 #include <ntnls.h>
38 #include <ntstatus.h>
39 #include <bugcodes.h>
40 #include <ntiologc.h>
41
42
43 #ifndef FlagOn
44 #define FlagOn(_F,_SF) ((_F) & (_SF))
45 #endif
46
47 #ifndef BooleanFlagOn
48 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
49 #endif
50
51 #ifndef SetFlag
52 #define SetFlag(_F,_SF) ((_F) |= (_SF))
53 #endif
54
55 #ifndef ClearFlag
56 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
57 #endif
58
59 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
60 typedef STRING LSA_STRING, *PLSA_STRING;
61 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
62
63 /******************************************************************************
64 * Security Manager Types *
65 ******************************************************************************/
66 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
67 #define SID_IDENTIFIER_AUTHORITY_DEFINED
68 typedef struct _SID_IDENTIFIER_AUTHORITY {
69 UCHAR Value[6];
70 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
71 #endif
72
73 #ifndef SID_DEFINED
74 #define SID_DEFINED
75 typedef struct _SID {
76 UCHAR Revision;
77 UCHAR SubAuthorityCount;
78 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
79 #ifdef MIDL_PASS
80 [size_is(SubAuthorityCount)] ULONG SubAuthority[*];
81 #else
82 ULONG SubAuthority[ANYSIZE_ARRAY];
83 #endif
84 } SID, *PISID;
85 #endif
86
87 #define SID_REVISION 1
88 #define SID_MAX_SUB_AUTHORITIES 15
89 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
90
91 #ifndef MIDL_PASS
92 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
93 #endif
94
95 typedef enum _SID_NAME_USE {
96 SidTypeUser = 1,
97 SidTypeGroup,
98 SidTypeDomain,
99 SidTypeAlias,
100 SidTypeWellKnownGroup,
101 SidTypeDeletedAccount,
102 SidTypeInvalid,
103 SidTypeUnknown,
104 SidTypeComputer,
105 SidTypeLabel
106 } SID_NAME_USE, *PSID_NAME_USE;
107
108 typedef struct _SID_AND_ATTRIBUTES {
109 #ifdef MIDL_PASS
110 PISID Sid;
111 #else
112 PSID Sid;
113 #endif
114 ULONG Attributes;
115 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
116 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
117 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
118
119 #define SID_HASH_SIZE 32
120 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
121
122 typedef struct _SID_AND_ATTRIBUTES_HASH {
123 ULONG SidCount;
124 PSID_AND_ATTRIBUTES SidAttr;
125 SID_HASH_ENTRY Hash[SID_HASH_SIZE];
126 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
127
128 /* Universal well-known SIDs */
129
130 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
131 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
132 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
133 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
134 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
135 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
136
137 #define SECURITY_NULL_RID (0x00000000L)
138 #define SECURITY_WORLD_RID (0x00000000L)
139 #define SECURITY_LOCAL_RID (0x00000000L)
140 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
141
142 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
143 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
144 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
145 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
146 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
147
148 /* NT well-known SIDs */
149
150 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
151
152 #define SECURITY_DIALUP_RID (0x00000001L)
153 #define SECURITY_NETWORK_RID (0x00000002L)
154 #define SECURITY_BATCH_RID (0x00000003L)
155 #define SECURITY_INTERACTIVE_RID (0x00000004L)
156 #define SECURITY_LOGON_IDS_RID (0x00000005L)
157 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
158 #define SECURITY_SERVICE_RID (0x00000006L)
159 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
160 #define SECURITY_PROXY_RID (0x00000008L)
161 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
162 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
163 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
164 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
165 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
166 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
167 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
168 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
169 #define SECURITY_IUSER_RID (0x00000011L)
170 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
171 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
172 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
173 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
174 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
175 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
176
177 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
178 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
179
180
181 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
182 #define SECURITY_PACKAGE_RID_COUNT (2L)
183 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
184 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
185 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
186
187 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
188 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
189 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
190
191 #define SECURITY_MIN_BASE_RID (0x00000050L)
192 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
193 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
194 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
195 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
196 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
197 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
198 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
199 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
200 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
201 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
202 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
203 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
204 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
205 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
206 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
207 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
208 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
209
210 #define SECURITY_MAX_BASE_RID (0x0000006FL)
211
212 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
213 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
214
215 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
216
217 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
218
219 /* Well-known domain relative sub-authority values (RIDs) */
220
221 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
222
223 #define FOREST_USER_RID_MAX (0x000001F3L)
224
225 /* Well-known users */
226
227 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
228 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
229 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
230
231 #define DOMAIN_USER_RID_MAX (0x000003E7L)
232
233 /* Well-known groups */
234
235 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
236 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
237 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
238 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
239 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
240 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
241 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
242 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
243 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
244 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
245
246 /* Well-known aliases */
247
248 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
249 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
250 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
251 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
252
253 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
254 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
255 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
256 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
257
258 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
259 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
260 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
261 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
262 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
263 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
264
265 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
266 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
267 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
268 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
269 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
270 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
271 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
272 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
273 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
274 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
275 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
276
277 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
278 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
279 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
280 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
281 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
282 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
283 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
284
285 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
286 can be set by a usermode caller.*/
287
288 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
289
290 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
291
292 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
293 Use #999 here (0x3e7 = 999) */
294
295 #define SYSTEM_LUID {0x3e7, 0x0}
296 #define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
297 #define LOCALSERVICE_LUID {0x3e5, 0x0}
298 #define NETWORKSERVICE_LUID {0x3e4, 0x0}
299 #define IUSER_LUID {0x3e3, 0x0}
300
301 typedef struct _ACE_HEADER {
302 UCHAR AceType;
303 UCHAR AceFlags;
304 USHORT AceSize;
305 } ACE_HEADER, *PACE_HEADER;
306
307 /* also in winnt.h */
308 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
309 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
310 #define ACCESS_DENIED_ACE_TYPE (0x1)
311 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
312 #define SYSTEM_ALARM_ACE_TYPE (0x3)
313 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
314 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
315 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
316 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
317 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
318 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
319 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
320 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
321 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
322 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
323 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
324 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
325 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
326 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
327 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
328 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
329 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
330 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
331 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
332 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
333 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
334
335 /* The following are the inherit flags that go into the AceFlags field
336 of an Ace header. */
337
338 #define OBJECT_INHERIT_ACE (0x1)
339 #define CONTAINER_INHERIT_ACE (0x2)
340 #define NO_PROPAGATE_INHERIT_ACE (0x4)
341 #define INHERIT_ONLY_ACE (0x8)
342 #define INHERITED_ACE (0x10)
343 #define VALID_INHERIT_FLAGS (0x1F)
344
345 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
346 #define FAILED_ACCESS_ACE_FLAG (0x80)
347
348 typedef struct _ACCESS_ALLOWED_ACE {
349 ACE_HEADER Header;
350 ACCESS_MASK Mask;
351 ULONG SidStart;
352 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
353
354 typedef struct _ACCESS_DENIED_ACE {
355 ACE_HEADER Header;
356 ACCESS_MASK Mask;
357 ULONG SidStart;
358 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
359
360 typedef struct _SYSTEM_AUDIT_ACE {
361 ACE_HEADER Header;
362 ACCESS_MASK Mask;
363 ULONG SidStart;
364 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
365
366 typedef struct _SYSTEM_ALARM_ACE {
367 ACE_HEADER Header;
368 ACCESS_MASK Mask;
369 ULONG SidStart;
370 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
371
372 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
373 ACE_HEADER Header;
374 ACCESS_MASK Mask;
375 ULONG SidStart;
376 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
377
378 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
379 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
380 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
381 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
382 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
383 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
384
385 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
386
387 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
388
389 #define SE_OWNER_DEFAULTED 0x0001
390 #define SE_GROUP_DEFAULTED 0x0002
391 #define SE_DACL_PRESENT 0x0004
392 #define SE_DACL_DEFAULTED 0x0008
393 #define SE_SACL_PRESENT 0x0010
394 #define SE_SACL_DEFAULTED 0x0020
395 #define SE_DACL_UNTRUSTED 0x0040
396 #define SE_SERVER_SECURITY 0x0080
397 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
398 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
399 #define SE_DACL_AUTO_INHERITED 0x0400
400 #define SE_SACL_AUTO_INHERITED 0x0800
401 #define SE_DACL_PROTECTED 0x1000
402 #define SE_SACL_PROTECTED 0x2000
403 #define SE_RM_CONTROL_VALID 0x4000
404 #define SE_SELF_RELATIVE 0x8000
405
406 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
407 UCHAR Revision;
408 UCHAR Sbz1;
409 SECURITY_DESCRIPTOR_CONTROL Control;
410 ULONG Owner;
411 ULONG Group;
412 ULONG Sacl;
413 ULONG Dacl;
414 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
415
416 typedef struct _SECURITY_DESCRIPTOR {
417 UCHAR Revision;
418 UCHAR Sbz1;
419 SECURITY_DESCRIPTOR_CONTROL Control;
420 PSID Owner;
421 PSID Group;
422 PACL Sacl;
423 PACL Dacl;
424 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
425
426 typedef struct _OBJECT_TYPE_LIST {
427 USHORT Level;
428 USHORT Sbz;
429 GUID *ObjectType;
430 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
431
432 #define ACCESS_OBJECT_GUID 0
433 #define ACCESS_PROPERTY_SET_GUID 1
434 #define ACCESS_PROPERTY_GUID 2
435 #define ACCESS_MAX_LEVEL 4
436
437 typedef enum _AUDIT_EVENT_TYPE {
438 AuditEventObjectAccess,
439 AuditEventDirectoryServiceAccess
440 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
441
442 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
443
444 #define ACCESS_DS_SOURCE_A "DS"
445 #define ACCESS_DS_SOURCE_W L"DS"
446 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
447 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
448
449 #define ACCESS_REASON_TYPE_MASK 0xffff0000
450 #define ACCESS_REASON_DATA_MASK 0x0000ffff
451
452 typedef enum _ACCESS_REASON_TYPE {
453 AccessReasonNone = 0x00000000,
454 AccessReasonAllowedAce = 0x00010000,
455 AccessReasonDeniedAce = 0x00020000,
456 AccessReasonAllowedParentAce = 0x00030000,
457 AccessReasonDeniedParentAce = 0x00040000,
458 AccessReasonMissingPrivilege = 0x00100000,
459 AccessReasonFromPrivilege = 0x00200000,
460 AccessReasonIntegrityLevel = 0x00300000,
461 AccessReasonOwnership = 0x00400000,
462 AccessReasonNullDacl = 0x00500000,
463 AccessReasonEmptyDacl = 0x00600000,
464 AccessReasonNoSD = 0x00700000,
465 AccessReasonNoGrant = 0x00800000
466 } ACCESS_REASON_TYPE;
467
468 typedef ULONG ACCESS_REASON;
469
470 typedef struct _ACCESS_REASONS {
471 ACCESS_REASON Data[32];
472 } ACCESS_REASONS, *PACCESS_REASONS;
473
474 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
475 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
476 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
477
478 typedef struct _SE_SECURITY_DESCRIPTOR {
479 ULONG Size;
480 ULONG Flags;
481 PSECURITY_DESCRIPTOR SecurityDescriptor;
482 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
483
484 typedef struct _SE_ACCESS_REQUEST {
485 ULONG Size;
486 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
487 ACCESS_MASK DesiredAccess;
488 ACCESS_MASK PreviouslyGrantedAccess;
489 PSID PrincipalSelfSid;
490 PGENERIC_MAPPING GenericMapping;
491 ULONG ObjectTypeListCount;
492 POBJECT_TYPE_LIST ObjectTypeList;
493 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
494
495 typedef struct _SE_ACCESS_REPLY {
496 ULONG Size;
497 ULONG ResultListCount;
498 PACCESS_MASK GrantedAccess;
499 PNTSTATUS AccessStatus;
500 PACCESS_REASONS AccessReason;
501 PPRIVILEGE_SET* Privileges;
502 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
503
504 typedef enum _SE_AUDIT_OPERATION {
505 AuditPrivilegeObject,
506 AuditPrivilegeService,
507 AuditAccessCheck,
508 AuditOpenObject,
509 AuditOpenObjectWithTransaction,
510 AuditCloseObject,
511 AuditDeleteObject,
512 AuditOpenObjectForDelete,
513 AuditOpenObjectForDeleteWithTransaction,
514 AuditCloseNonObject,
515 AuditOpenNonObject,
516 AuditObjectReference,
517 AuditHandleCreation,
518 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
519
520 typedef struct _SE_AUDIT_INFO {
521 ULONG Size;
522 AUDIT_EVENT_TYPE AuditType;
523 SE_AUDIT_OPERATION AuditOperation;
524 ULONG AuditFlags;
525 UNICODE_STRING SubsystemName;
526 UNICODE_STRING ObjectTypeName;
527 UNICODE_STRING ObjectName;
528 PVOID HandleId;
529 GUID* TransactionId;
530 LUID* OperationId;
531 BOOLEAN ObjectCreation;
532 BOOLEAN GenerateOnClose;
533 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
534
535 #define TOKEN_ASSIGN_PRIMARY (0x0001)
536 #define TOKEN_DUPLICATE (0x0002)
537 #define TOKEN_IMPERSONATE (0x0004)
538 #define TOKEN_QUERY (0x0008)
539 #define TOKEN_QUERY_SOURCE (0x0010)
540 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
541 #define TOKEN_ADJUST_GROUPS (0x0040)
542 #define TOKEN_ADJUST_DEFAULT (0x0080)
543 #define TOKEN_ADJUST_SESSIONID (0x0100)
544
545 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
546 TOKEN_ASSIGN_PRIMARY |\
547 TOKEN_DUPLICATE |\
548 TOKEN_IMPERSONATE |\
549 TOKEN_QUERY |\
550 TOKEN_QUERY_SOURCE |\
551 TOKEN_ADJUST_PRIVILEGES |\
552 TOKEN_ADJUST_GROUPS |\
553 TOKEN_ADJUST_DEFAULT )
554
555 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
556 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
557 TOKEN_ADJUST_SESSIONID )
558 #else
559 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
560 #endif
561
562 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
563 TOKEN_QUERY)
564
565 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
566 TOKEN_ADJUST_PRIVILEGES |\
567 TOKEN_ADJUST_GROUPS |\
568 TOKEN_ADJUST_DEFAULT)
569
570 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
571
572 typedef enum _TOKEN_TYPE {
573 TokenPrimary = 1,
574 TokenImpersonation
575 } TOKEN_TYPE,*PTOKEN_TYPE;
576
577 typedef enum _TOKEN_INFORMATION_CLASS {
578 TokenUser = 1,
579 TokenGroups,
580 TokenPrivileges,
581 TokenOwner,
582 TokenPrimaryGroup,
583 TokenDefaultDacl,
584 TokenSource,
585 TokenType,
586 TokenImpersonationLevel,
587 TokenStatistics,
588 TokenRestrictedSids,
589 TokenSessionId,
590 TokenGroupsAndPrivileges,
591 TokenSessionReference,
592 TokenSandBoxInert,
593 TokenAuditPolicy,
594 TokenOrigin,
595 TokenElevationType,
596 TokenLinkedToken,
597 TokenElevation,
598 TokenHasRestrictions,
599 TokenAccessInformation,
600 TokenVirtualizationAllowed,
601 TokenVirtualizationEnabled,
602 TokenIntegrityLevel,
603 TokenUIAccess,
604 TokenMandatoryPolicy,
605 TokenLogonSid,
606 MaxTokenInfoClass
607 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
608
609 typedef struct _TOKEN_USER {
610 SID_AND_ATTRIBUTES User;
611 } TOKEN_USER, *PTOKEN_USER;
612
613 typedef struct _TOKEN_GROUPS {
614 ULONG GroupCount;
615 #ifdef MIDL_PASS
616 [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
617 #else
618 SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
619 #endif
620 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
621
622 typedef struct _TOKEN_PRIVILEGES {
623 ULONG PrivilegeCount;
624 LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
625 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
626
627 typedef struct _TOKEN_OWNER {
628 PSID Owner;
629 } TOKEN_OWNER,*PTOKEN_OWNER;
630
631 typedef struct _TOKEN_PRIMARY_GROUP {
632 PSID PrimaryGroup;
633 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
634
635 typedef struct _TOKEN_DEFAULT_DACL {
636 PACL DefaultDacl;
637 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
638
639 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
640 ULONG SidCount;
641 ULONG SidLength;
642 PSID_AND_ATTRIBUTES Sids;
643 ULONG RestrictedSidCount;
644 ULONG RestrictedSidLength;
645 PSID_AND_ATTRIBUTES RestrictedSids;
646 ULONG PrivilegeCount;
647 ULONG PrivilegeLength;
648 PLUID_AND_ATTRIBUTES Privileges;
649 LUID AuthenticationId;
650 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
651
652 typedef struct _TOKEN_LINKED_TOKEN {
653 HANDLE LinkedToken;
654 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
655
656 typedef struct _TOKEN_ELEVATION {
657 ULONG TokenIsElevated;
658 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
659
660 typedef struct _TOKEN_MANDATORY_LABEL {
661 SID_AND_ATTRIBUTES Label;
662 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
663
664 #define TOKEN_MANDATORY_POLICY_OFF 0x0
665 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
666 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
667
668 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
669 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
670
671 typedef struct _TOKEN_MANDATORY_POLICY {
672 ULONG Policy;
673 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
674
675 typedef struct _TOKEN_ACCESS_INFORMATION {
676 PSID_AND_ATTRIBUTES_HASH SidHash;
677 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
678 PTOKEN_PRIVILEGES Privileges;
679 LUID AuthenticationId;
680 TOKEN_TYPE TokenType;
681 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
682 TOKEN_MANDATORY_POLICY MandatoryPolicy;
683 ULONG Flags;
684 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
685
686 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
687
688 typedef struct _TOKEN_AUDIT_POLICY {
689 UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
690 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
691
692 #define TOKEN_SOURCE_LENGTH 8
693
694 typedef struct _TOKEN_SOURCE {
695 CHAR SourceName[TOKEN_SOURCE_LENGTH];
696 LUID SourceIdentifier;
697 } TOKEN_SOURCE,*PTOKEN_SOURCE;
698
699 typedef struct _TOKEN_STATISTICS {
700 LUID TokenId;
701 LUID AuthenticationId;
702 LARGE_INTEGER ExpirationTime;
703 TOKEN_TYPE TokenType;
704 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
705 ULONG DynamicCharged;
706 ULONG DynamicAvailable;
707 ULONG GroupCount;
708 ULONG PrivilegeCount;
709 LUID ModifiedId;
710 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
711
712 typedef struct _TOKEN_CONTROL {
713 LUID TokenId;
714 LUID AuthenticationId;
715 LUID ModifiedId;
716 TOKEN_SOURCE TokenSource;
717 } TOKEN_CONTROL,*PTOKEN_CONTROL;
718
719 typedef struct _TOKEN_ORIGIN {
720 LUID OriginatingLogonSession;
721 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
722
723 typedef enum _MANDATORY_LEVEL {
724 MandatoryLevelUntrusted = 0,
725 MandatoryLevelLow,
726 MandatoryLevelMedium,
727 MandatoryLevelHigh,
728 MandatoryLevelSystem,
729 MandatoryLevelSecureProcess,
730 MandatoryLevelCount
731 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
732
733 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
734 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
735 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
736 #define TOKEN_WRITE_RESTRICTED 0x0008
737 #define TOKEN_IS_RESTRICTED 0x0010
738 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
739 #define TOKEN_SANDBOX_INERT 0x0040
740 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
741 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
742 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
743 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
744 #define TOKEN_IS_FILTERED 0x0800
745 #define TOKEN_UIACCESS 0x1000
746 #define TOKEN_NOT_LOW 0x2000
747
748 typedef struct _SE_EXPORTS {
749 LUID SeCreateTokenPrivilege;
750 LUID SeAssignPrimaryTokenPrivilege;
751 LUID SeLockMemoryPrivilege;
752 LUID SeIncreaseQuotaPrivilege;
753 LUID SeUnsolicitedInputPrivilege;
754 LUID SeTcbPrivilege;
755 LUID SeSecurityPrivilege;
756 LUID SeTakeOwnershipPrivilege;
757 LUID SeLoadDriverPrivilege;
758 LUID SeCreatePagefilePrivilege;
759 LUID SeIncreaseBasePriorityPrivilege;
760 LUID SeSystemProfilePrivilege;
761 LUID SeSystemtimePrivilege;
762 LUID SeProfileSingleProcessPrivilege;
763 LUID SeCreatePermanentPrivilege;
764 LUID SeBackupPrivilege;
765 LUID SeRestorePrivilege;
766 LUID SeShutdownPrivilege;
767 LUID SeDebugPrivilege;
768 LUID SeAuditPrivilege;
769 LUID SeSystemEnvironmentPrivilege;
770 LUID SeChangeNotifyPrivilege;
771 LUID SeRemoteShutdownPrivilege;
772 PSID SeNullSid;
773 PSID SeWorldSid;
774 PSID SeLocalSid;
775 PSID SeCreatorOwnerSid;
776 PSID SeCreatorGroupSid;
777 PSID SeNtAuthoritySid;
778 PSID SeDialupSid;
779 PSID SeNetworkSid;
780 PSID SeBatchSid;
781 PSID SeInteractiveSid;
782 PSID SeLocalSystemSid;
783 PSID SeAliasAdminsSid;
784 PSID SeAliasUsersSid;
785 PSID SeAliasGuestsSid;
786 PSID SeAliasPowerUsersSid;
787 PSID SeAliasAccountOpsSid;
788 PSID SeAliasSystemOpsSid;
789 PSID SeAliasPrintOpsSid;
790 PSID SeAliasBackupOpsSid;
791 PSID SeAuthenticatedUsersSid;
792 PSID SeRestrictedSid;
793 PSID SeAnonymousLogonSid;
794 LUID SeUndockPrivilege;
795 LUID SeSyncAgentPrivilege;
796 LUID SeEnableDelegationPrivilege;
797 PSID SeLocalServiceSid;
798 PSID SeNetworkServiceSid;
799 LUID SeManageVolumePrivilege;
800 LUID SeImpersonatePrivilege;
801 LUID SeCreateGlobalPrivilege;
802 LUID SeTrustedCredManAccessPrivilege;
803 LUID SeRelabelPrivilege;
804 LUID SeIncreaseWorkingSetPrivilege;
805 LUID SeTimeZonePrivilege;
806 LUID SeCreateSymbolicLinkPrivilege;
807 PSID SeIUserSid;
808 PSID SeUntrustedMandatorySid;
809 PSID SeLowMandatorySid;
810 PSID SeMediumMandatorySid;
811 PSID SeHighMandatorySid;
812 PSID SeSystemMandatorySid;
813 PSID SeOwnerRightsSid;
814 } SE_EXPORTS, *PSE_EXPORTS;
815
816 typedef NTSTATUS
817 (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
818 IN PLUID LogonId);
819
820 typedef struct _SECURITY_CLIENT_CONTEXT {
821 SECURITY_QUALITY_OF_SERVICE SecurityQos;
822 PACCESS_TOKEN ClientToken;
823 BOOLEAN DirectlyAccessClientToken;
824 BOOLEAN DirectAccessEffectiveOnly;
825 BOOLEAN ServerIsRemote;
826 TOKEN_CONTROL ClientTokenControl;
827 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
828
829 /******************************************************************************
830 * Object Manager Types *
831 ******************************************************************************/
832
833 typedef enum _OBJECT_INFORMATION_CLASS {
834 ObjectBasicInformation = 0,
835 ObjectTypeInformation = 2,
836 /* Not for public use */
837 ObjectNameInformation = 1,
838 ObjectTypesInformation = 3,
839 ObjectHandleFlagInformation = 4,
840 ObjectSessionInformation = 5,
841 MaxObjectInfoClass
842 } OBJECT_INFORMATION_CLASS;
843
844
845 /******************************************************************************
846 * Runtime Library Types *
847 ******************************************************************************/
848
849
850 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
851
852 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE)
853 _IRQL_requires_max_(PASSIVE_LEVEL)
854 __drv_allocatesMem(Mem)
855 typedef PVOID
856 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
857 _In_ SIZE_T NumberOfBytes);
858
859 #if _WIN32_WINNT >= 0x0600
860 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE)
861 _IRQL_requires_max_(PASSIVE_LEVEL)
862 __drv_allocatesMem(Mem)
863 typedef PVOID
864 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
865 _In_ SIZE_T NumberOfBytes,
866 IN PVOID Buffer);
867 #endif
868
869 typedef VOID
870 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
871 _In_ __drv_freesMem(Mem) _Post_invalid_ PVOID Buffer);
872
873 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
874 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
875
876 #if _WIN32_WINNT >= 0x0600
877 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
878 #endif
879
880 _Function_class_(RTL_HEAP_COMMIT_ROUTINE)
881 _IRQL_requires_same_
882 typedef NTSTATUS
883 (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (
884 _In_ PVOID Base,
885 _Inout_ PVOID *CommitAddress,
886 _Inout_ PSIZE_T CommitSize);
887
888 typedef struct _RTL_HEAP_PARAMETERS {
889 ULONG Length;
890 SIZE_T SegmentReserve;
891 SIZE_T SegmentCommit;
892 SIZE_T DeCommitFreeBlockThreshold;
893 SIZE_T DeCommitTotalFreeThreshold;
894 SIZE_T MaximumAllocationSize;
895 SIZE_T VirtualMemoryThreshold;
896 SIZE_T InitialCommit;
897 SIZE_T InitialReserve;
898 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
899 SIZE_T Reserved[2];
900 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
901
902 #if (NTDDI_VERSION >= NTDDI_WIN2K)
903
904 typedef struct _GENERATE_NAME_CONTEXT {
905 USHORT Checksum;
906 BOOLEAN CheckSumInserted;
907 _Field_range_(<=, 8) UCHAR NameLength;
908 WCHAR NameBuffer[8];
909 _Field_range_(<=, 4) ULONG ExtensionLength;
910 WCHAR ExtensionBuffer[4];
911 ULONG LastIndexValue;
912 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
913
914 typedef struct _PREFIX_TABLE_ENTRY {
915 CSHORT NodeTypeCode;
916 CSHORT NameLength;
917 struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
918 RTL_SPLAY_LINKS Links;
919 PSTRING Prefix;
920 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
921
922 typedef struct _PREFIX_TABLE {
923 CSHORT NodeTypeCode;
924 CSHORT NameLength;
925 PPREFIX_TABLE_ENTRY NextPrefixTree;
926 } PREFIX_TABLE, *PPREFIX_TABLE;
927
928 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
929 CSHORT NodeTypeCode;
930 CSHORT NameLength;
931 struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
932 struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
933 RTL_SPLAY_LINKS Links;
934 PUNICODE_STRING Prefix;
935 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
936
937 typedef struct _UNICODE_PREFIX_TABLE {
938 CSHORT NodeTypeCode;
939 CSHORT NameLength;
940 PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
941 PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
942 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
943
944 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
945
946 #if (NTDDI_VERSION >= NTDDI_WINXP)
947 typedef struct _COMPRESSED_DATA_INFO {
948 USHORT CompressionFormatAndEngine;
949 UCHAR CompressionUnitShift;
950 UCHAR ChunkShift;
951 UCHAR ClusterShift;
952 UCHAR Reserved;
953 USHORT NumberOfChunks;
954 ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
955 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
956 #endif
957 /******************************************************************************
958 * Runtime Library Functions *
959 ******************************************************************************/
960
961
962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
963
964
965 _Must_inspect_result_
966 _Ret_maybenull_
967 _Post_writable_byte_size_(Size)
968 NTSYSAPI
969 PVOID
970 NTAPI
971 RtlAllocateHeap(
972 _In_ HANDLE HeapHandle,
973 _In_opt_ ULONG Flags,
974 _In_ SIZE_T Size);
975
976 _Success_(return != 0)
977 NTSYSAPI
978 BOOLEAN
979 NTAPI
980 RtlFreeHeap(
981 _In_ PVOID HeapHandle,
982 _In_opt_ ULONG Flags,
983 _In_ _Post_invalid_ PVOID BaseAddress);
984
985 NTSYSAPI
986 VOID
987 NTAPI
988 RtlCaptureContext(
989 _Out_ PCONTEXT ContextRecord);
990
991 _Ret_range_(<, MAXLONG)
992 NTSYSAPI
993 ULONG
994 NTAPI
995 RtlRandom(
996 _Inout_ PULONG Seed);
997
998 _IRQL_requires_max_(APC_LEVEL)
999 _Success_(return != 0)
1000 _Must_inspect_result_
1001 NTSYSAPI
1002 BOOLEAN
1003 NTAPI
1004 RtlCreateUnicodeString(
1005 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem))
1006 PUNICODE_STRING DestinationString,
1007 _In_z_ PCWSTR SourceString);
1008
1009 _IRQL_requires_max_(APC_LEVEL)
1010 NTSYSAPI
1011 NTSTATUS
1012 NTAPI
1013 RtlAppendStringToString(
1014 _Inout_ PSTRING Destination,
1015 _In_ const STRING *Source);
1016
1017 _IRQL_requires_max_(PASSIVE_LEVEL)
1018 _Must_inspect_result_
1019 NTSYSAPI
1020 NTSTATUS
1021 NTAPI
1022 RtlOemStringToUnicodeString(
1023 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1024 _When_(!AllocateDestinationString, _Inout_)
1025 PUNICODE_STRING DestinationString,
1026 _In_ PCOEM_STRING SourceString,
1027 _In_ BOOLEAN AllocateDestinationString);
1028
1029 _IRQL_requires_max_(PASSIVE_LEVEL)
1030 _Must_inspect_result_
1031 NTSYSAPI
1032 NTSTATUS
1033 NTAPI
1034 RtlUnicodeStringToOemString(
1035 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1036 _When_(!AllocateDestinationString, _Inout_)
1037 POEM_STRING DestinationString,
1038 _In_ PCUNICODE_STRING SourceString,
1039 _In_ BOOLEAN AllocateDestinationString);
1040
1041 _IRQL_requires_max_(PASSIVE_LEVEL)
1042 _Must_inspect_result_
1043 NTSYSAPI
1044 NTSTATUS
1045 NTAPI
1046 RtlUpcaseUnicodeStringToOemString(
1047 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1048 _When_(!AllocateDestinationString, _Inout_)
1049 POEM_STRING DestinationString,
1050 _In_ PCUNICODE_STRING SourceString,
1051 _In_ BOOLEAN AllocateDestinationString);
1052
1053 _IRQL_requires_max_(PASSIVE_LEVEL)
1054 _Must_inspect_result_
1055 NTSYSAPI
1056 NTSTATUS
1057 NTAPI
1058 RtlOemStringToCountedUnicodeString(
1059 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1060 _When_(!AllocateDestinationString, _Inout_)
1061 PUNICODE_STRING DestinationString,
1062 _In_ PCOEM_STRING SourceString,
1063 _In_ BOOLEAN AllocateDestinationString);
1064
1065 _IRQL_requires_max_(PASSIVE_LEVEL)
1066 _Must_inspect_result_
1067 NTSYSAPI
1068 NTSTATUS
1069 NTAPI
1070 RtlUnicodeStringToCountedOemString(
1071 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1072 _When_(!AllocateDestinationString, _Inout_)
1073 POEM_STRING DestinationString,
1074 _In_ PCUNICODE_STRING SourceString,
1075 _In_ BOOLEAN AllocateDestinationString);
1076
1077 _IRQL_requires_max_(PASSIVE_LEVEL)
1078 _Must_inspect_result_
1079 NTSYSAPI
1080 NTSTATUS
1081 NTAPI
1082 RtlUpcaseUnicodeStringToCountedOemString(
1083 _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
1084 _When_(!AllocateDestinationString, _Inout_)
1085 POEM_STRING DestinationString,
1086 _In_ PCUNICODE_STRING SourceString,
1087 _In_ BOOLEAN AllocateDestinationString);
1088
1089 _IRQL_requires_max_(PASSIVE_LEVEL)
1090 _When_(AllocateDestinationString, _Must_inspect_result_)
1091 NTSYSAPI
1092 NTSTATUS
1093 NTAPI
1094 RtlDowncaseUnicodeString(
1095 _When_(AllocateDestinationString, _Out_ _At_(UniDest->Buffer, __drv_allocatesMem(Mem)))
1096 _When_(!AllocateDestinationString, _Inout_)
1097 PUNICODE_STRING UniDest,
1098 _In_ PCUNICODE_STRING UniSource,
1099 _In_ BOOLEAN AllocateDestinationString);
1100
1101 _IRQL_requires_max_(PASSIVE_LEVEL)
1102 NTSYSAPI
1103 VOID
1104 NTAPI
1105 RtlFreeOemString(
1106 _Inout_ _At_(OemString->Buffer, __drv_freesMem(Mem)) POEM_STRING OemString);
1107
1108 _IRQL_requires_max_(PASSIVE_LEVEL)
1109 NTSYSAPI
1110 ULONG
1111 NTAPI
1112 RtlxUnicodeStringToOemSize(
1113 _In_ PCUNICODE_STRING UnicodeString);
1114
1115 _IRQL_requires_max_(PASSIVE_LEVEL)
1116 NTSYSAPI
1117 ULONG
1118 NTAPI
1119 RtlxOemStringToUnicodeSize(
1120 _In_ PCOEM_STRING OemString);
1121
1122 _IRQL_requires_max_(PASSIVE_LEVEL)
1123 NTSYSAPI
1124 NTSTATUS
1125 NTAPI
1126 RtlMultiByteToUnicodeN(
1127 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1128 _In_ ULONG MaxBytesInUnicodeString,
1129 _Out_opt_ PULONG BytesInUnicodeString,
1130 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1131 _In_ ULONG BytesInMultiByteString);
1132
1133 _IRQL_requires_max_(PASSIVE_LEVEL)
1134 NTSYSAPI
1135 NTSTATUS
1136 NTAPI
1137 RtlMultiByteToUnicodeSize(
1138 _Out_ PULONG BytesInUnicodeString,
1139 _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
1140 _In_ ULONG BytesInMultiByteString);
1141
1142 _IRQL_requires_max_(PASSIVE_LEVEL)
1143 NTSYSAPI
1144 NTSTATUS
1145 NTAPI
1146 RtlUnicodeToMultiByteSize(
1147 _Out_ PULONG BytesInMultiByteString,
1148 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1149 _In_ ULONG BytesInUnicodeString);
1150
1151 _IRQL_requires_max_(PASSIVE_LEVEL)
1152 NTSYSAPI
1153 NTSTATUS
1154 NTAPI
1155 RtlUnicodeToMultiByteN(
1156 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1157 _In_ ULONG MaxBytesInMultiByteString,
1158 _Out_opt_ PULONG BytesInMultiByteString,
1159 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1160 _In_ ULONG BytesInUnicodeString);
1161
1162 _IRQL_requires_max_(PASSIVE_LEVEL)
1163 NTSYSAPI
1164 NTSTATUS
1165 NTAPI
1166 RtlUpcaseUnicodeToMultiByteN(
1167 _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
1168 _In_ ULONG MaxBytesInMultiByteString,
1169 _Out_opt_ PULONG BytesInMultiByteString,
1170 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1171 _In_ ULONG BytesInUnicodeString);
1172
1173 _IRQL_requires_max_(PASSIVE_LEVEL)
1174 NTSYSAPI
1175 NTSTATUS
1176 NTAPI
1177 RtlOemToUnicodeN(
1178 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWSTR UnicodeString,
1179 _In_ ULONG MaxBytesInUnicodeString,
1180 _Out_opt_ PULONG BytesInUnicodeString,
1181 _In_reads_bytes_(BytesInOemString) PCCH OemString,
1182 _In_ ULONG BytesInOemString);
1183
1184 _IRQL_requires_max_(PASSIVE_LEVEL)
1185 NTSYSAPI
1186 NTSTATUS
1187 NTAPI
1188 RtlUnicodeToOemN(
1189 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1190 _In_ ULONG MaxBytesInOemString,
1191 _Out_opt_ PULONG BytesInOemString,
1192 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1193 _In_ ULONG BytesInUnicodeString);
1194
1195 _IRQL_requires_max_(PASSIVE_LEVEL)
1196 NTSYSAPI
1197 NTSTATUS
1198 NTAPI
1199 RtlUpcaseUnicodeToOemN(
1200 _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
1201 _In_ ULONG MaxBytesInOemString,
1202 _Out_opt_ PULONG BytesInOemString,
1203 _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
1204 _In_ ULONG BytesInUnicodeString);
1205
1206 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
1207 _IRQL_requires_max_(PASSIVE_LEVEL)
1208 NTSYSAPI
1209 NTSTATUS
1210 NTAPI
1211 RtlGenerate8dot3Name(
1212 _In_ PCUNICODE_STRING Name,
1213 _In_ BOOLEAN AllowExtendedCharacters,
1214 _Inout_ PGENERATE_NAME_CONTEXT Context,
1215 _Inout_ PUNICODE_STRING Name8dot3);
1216 #else
1217 _IRQL_requires_max_(PASSIVE_LEVEL)
1218 NTSYSAPI
1219 VOID
1220 NTAPI
1221 RtlGenerate8dot3Name(
1222 _In_ PCUNICODE_STRING Name,
1223 _In_ BOOLEAN AllowExtendedCharacters,
1224 _Inout_ PGENERATE_NAME_CONTEXT Context,
1225 _Inout_ PUNICODE_STRING Name8dot3);
1226 #endif
1227
1228 _IRQL_requires_max_(PASSIVE_LEVEL)
1229 _Must_inspect_result_
1230 NTSYSAPI
1231 BOOLEAN
1232 NTAPI
1233 RtlIsNameLegalDOS8Dot3(
1234 _In_ PCUNICODE_STRING Name,
1235 _Inout_opt_ POEM_STRING OemName,
1236 _Out_opt_ PBOOLEAN NameContainsSpaces);
1237
1238 _IRQL_requires_max_(PASSIVE_LEVEL)
1239 _Must_inspect_result_
1240 NTSYSAPI
1241 BOOLEAN
1242 NTAPI
1243 RtlIsValidOemCharacter(
1244 _Inout_ PWCHAR Char);
1245
1246 _IRQL_requires_max_(PASSIVE_LEVEL)
1247 NTSYSAPI
1248 VOID
1249 NTAPI
1250 PfxInitialize(
1251 _Out_ PPREFIX_TABLE PrefixTable);
1252
1253 _IRQL_requires_max_(PASSIVE_LEVEL)
1254 NTSYSAPI
1255 BOOLEAN
1256 NTAPI
1257 PfxInsertPrefix(
1258 _In_ PPREFIX_TABLE PrefixTable,
1259 _In_ __drv_aliasesMem PSTRING Prefix,
1260 _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1261
1262 _IRQL_requires_max_(PASSIVE_LEVEL)
1263 NTSYSAPI
1264 VOID
1265 NTAPI
1266 PfxRemovePrefix(
1267 _In_ PPREFIX_TABLE PrefixTable,
1268 _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
1269
1270 _IRQL_requires_max_(PASSIVE_LEVEL)
1271 _Must_inspect_result_
1272 NTSYSAPI
1273 PPREFIX_TABLE_ENTRY
1274 NTAPI
1275 PfxFindPrefix(
1276 _In_ PPREFIX_TABLE PrefixTable,
1277 _In_ PSTRING FullName);
1278
1279 _IRQL_requires_max_(PASSIVE_LEVEL)
1280 NTSYSAPI
1281 VOID
1282 NTAPI
1283 RtlInitializeUnicodePrefix(
1284 _Out_ PUNICODE_PREFIX_TABLE PrefixTable);
1285
1286 _IRQL_requires_max_(PASSIVE_LEVEL)
1287 NTSYSAPI
1288 BOOLEAN
1289 NTAPI
1290 RtlInsertUnicodePrefix(
1291 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1292 _In_ __drv_aliasesMem PUNICODE_STRING Prefix,
1293 _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1294
1295 _IRQL_requires_max_(PASSIVE_LEVEL)
1296 NTSYSAPI
1297 VOID
1298 NTAPI
1299 RtlRemoveUnicodePrefix(
1300 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1301 _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
1302
1303 _IRQL_requires_max_(PASSIVE_LEVEL)
1304 _Must_inspect_result_
1305 NTSYSAPI
1306 PUNICODE_PREFIX_TABLE_ENTRY
1307 NTAPI
1308 RtlFindUnicodePrefix(
1309 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1310 _In_ PUNICODE_STRING FullName,
1311 _In_ ULONG CaseInsensitiveIndex);
1312
1313 _IRQL_requires_max_(PASSIVE_LEVEL)
1314 _Must_inspect_result_
1315 NTSYSAPI
1316 PUNICODE_PREFIX_TABLE_ENTRY
1317 NTAPI
1318 RtlNextUnicodePrefix(
1319 _In_ PUNICODE_PREFIX_TABLE PrefixTable,
1320 _In_ BOOLEAN Restart);
1321
1322 _Must_inspect_result_
1323 NTSYSAPI
1324 SIZE_T
1325 NTAPI
1326 RtlCompareMemoryUlong(
1327 _In_reads_bytes_(Length) PVOID Source,
1328 _In_ SIZE_T Length,
1329 _In_ ULONG Pattern);
1330
1331 _Success_(return != 0)
1332 NTSYSAPI
1333 BOOLEAN
1334 NTAPI
1335 RtlTimeToSecondsSince1980(
1336 _In_ PLARGE_INTEGER Time,
1337 _Out_ PULONG ElapsedSeconds);
1338
1339 NTSYSAPI
1340 VOID
1341 NTAPI
1342 RtlSecondsSince1980ToTime(
1343 _In_ ULONG ElapsedSeconds,
1344 _Out_ PLARGE_INTEGER Time);
1345
1346 _Success_(return != 0)
1347 _Must_inspect_result_
1348 NTSYSAPI
1349 BOOLEAN
1350 NTAPI
1351 RtlTimeToSecondsSince1970(
1352 _In_ PLARGE_INTEGER Time,
1353 _Out_ PULONG ElapsedSeconds);
1354
1355 NTSYSAPI
1356 VOID
1357 NTAPI
1358 RtlSecondsSince1970ToTime(
1359 _In_ ULONG ElapsedSeconds,
1360 _Out_ PLARGE_INTEGER Time);
1361
1362 _IRQL_requires_max_(APC_LEVEL)
1363 _Must_inspect_result_
1364 NTSYSAPI
1365 BOOLEAN
1366 NTAPI
1367 RtlValidSid(
1368 _In_ PSID Sid);
1369
1370 _Must_inspect_result_
1371 NTSYSAPI
1372 BOOLEAN
1373 NTAPI
1374 RtlEqualSid(
1375 _In_ PSID Sid1,
1376 _In_ PSID Sid2);
1377
1378 _IRQL_requires_max_(APC_LEVEL)
1379 _Must_inspect_result_
1380 NTSYSAPI
1381 BOOLEAN
1382 NTAPI
1383 RtlEqualPrefixSid(
1384 _In_ PSID Sid1,
1385 _In_ PSID Sid2);
1386
1387 _IRQL_requires_max_(APC_LEVEL)
1388 NTSYSAPI
1389 ULONG
1390 NTAPI
1391 RtlLengthRequiredSid(
1392 _In_ ULONG SubAuthorityCount);
1393
1394 NTSYSAPI
1395 PVOID
1396 NTAPI
1397 RtlFreeSid(
1398 _In_ _Post_invalid_ PSID Sid);
1399
1400 _Must_inspect_result_
1401 NTSYSAPI
1402 NTSTATUS
1403 NTAPI
1404 RtlAllocateAndInitializeSid(
1405 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1406 _In_ UCHAR SubAuthorityCount,
1407 _In_ ULONG SubAuthority0,
1408 _In_ ULONG SubAuthority1,
1409 _In_ ULONG SubAuthority2,
1410 _In_ ULONG SubAuthority3,
1411 _In_ ULONG SubAuthority4,
1412 _In_ ULONG SubAuthority5,
1413 _In_ ULONG SubAuthority6,
1414 _In_ ULONG SubAuthority7,
1415 _Outptr_ PSID *Sid);
1416
1417 _IRQL_requires_max_(APC_LEVEL)
1418 NTSYSAPI
1419 NTSTATUS
1420 NTAPI
1421 RtlInitializeSid(
1422 _Out_ PSID Sid,
1423 _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
1424 _In_ UCHAR SubAuthorityCount);
1425
1426 NTSYSAPI
1427 PULONG
1428 NTAPI
1429 RtlSubAuthoritySid(
1430 _In_ PSID Sid,
1431 _In_ ULONG SubAuthority);
1432
1433 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
1434 NTSYSAPI
1435 ULONG
1436 NTAPI
1437 RtlLengthSid(
1438 _In_ PSID Sid);
1439
1440 _IRQL_requires_max_(APC_LEVEL)
1441 NTSYSAPI
1442 NTSTATUS
1443 NTAPI
1444 RtlCopySid(
1445 _In_ ULONG DestinationSidLength,
1446 _Out_writes_bytes_(DestinationSidLength) PSID DestinationSid,
1447 _In_ PSID SourceSid);
1448
1449 _IRQL_requires_max_(APC_LEVEL)
1450 NTSYSAPI
1451 NTSTATUS
1452 NTAPI
1453 RtlConvertSidToUnicodeString(
1454 _Inout_ PUNICODE_STRING UnicodeString,
1455 _In_ PSID Sid,
1456 _In_ BOOLEAN AllocateDestinationString);
1457
1458 _IRQL_requires_max_(APC_LEVEL)
1459 NTSYSAPI
1460 VOID
1461 NTAPI
1462 RtlCopyLuid(
1463 _Out_ PLUID DestinationLuid,
1464 _In_ PLUID SourceLuid);
1465
1466 _IRQL_requires_max_(APC_LEVEL)
1467 NTSYSAPI
1468 NTSTATUS
1469 NTAPI
1470 RtlCreateAcl(
1471 _Out_writes_bytes_(AclLength) PACL Acl,
1472 _In_ ULONG AclLength,
1473 _In_ ULONG AclRevision);
1474
1475 _IRQL_requires_max_(APC_LEVEL)
1476 NTSYSAPI
1477 NTSTATUS
1478 NTAPI
1479 RtlAddAce(
1480 _Inout_ PACL Acl,
1481 _In_ ULONG AceRevision,
1482 _In_ ULONG StartingAceIndex,
1483 _In_reads_bytes_(AceListLength) PVOID AceList,
1484 _In_ ULONG AceListLength);
1485
1486 _IRQL_requires_max_(APC_LEVEL)
1487 NTSYSAPI
1488 NTSTATUS
1489 NTAPI
1490 RtlDeleteAce(
1491 _Inout_ PACL Acl,
1492 _In_ ULONG AceIndex);
1493
1494 NTSYSAPI
1495 NTSTATUS
1496 NTAPI
1497 RtlGetAce(
1498 _In_ PACL Acl,
1499 _In_ ULONG AceIndex,
1500 _Outptr_ PVOID *Ace);
1501
1502 _IRQL_requires_max_(APC_LEVEL)
1503 NTSYSAPI
1504 NTSTATUS
1505 NTAPI
1506 RtlAddAccessAllowedAce(
1507 _Inout_ PACL Acl,
1508 _In_ ULONG AceRevision,
1509 _In_ ACCESS_MASK AccessMask,
1510 _In_ PSID Sid);
1511
1512 _IRQL_requires_max_(APC_LEVEL)
1513 NTSYSAPI
1514 NTSTATUS
1515 NTAPI
1516 RtlAddAccessAllowedAceEx(
1517 _Inout_ PACL Acl,
1518 _In_ ULONG AceRevision,
1519 _In_ ULONG AceFlags,
1520 _In_ ACCESS_MASK AccessMask,
1521 _In_ PSID Sid);
1522
1523 _IRQL_requires_max_(APC_LEVEL)
1524 NTSYSAPI
1525 NTSTATUS
1526 NTAPI
1527 RtlCreateSecurityDescriptorRelative(
1528 _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
1529 _In_ ULONG Revision);
1530
1531 NTSYSAPI
1532 NTSTATUS
1533 NTAPI
1534 RtlGetDaclSecurityDescriptor(
1535 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1536 _Out_ PBOOLEAN DaclPresent,
1537 _Out_ PACL *Dacl,
1538 _Out_ PBOOLEAN DaclDefaulted);
1539
1540 _IRQL_requires_max_(APC_LEVEL)
1541 NTSYSAPI
1542 NTSTATUS
1543 NTAPI
1544 RtlSetOwnerSecurityDescriptor(
1545 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1546 _In_opt_ PSID Owner,
1547 _In_opt_ BOOLEAN OwnerDefaulted);
1548
1549 _IRQL_requires_max_(APC_LEVEL)
1550 NTSYSAPI
1551 NTSTATUS
1552 NTAPI
1553 RtlGetOwnerSecurityDescriptor(
1554 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1555 _Out_ PSID *Owner,
1556 _Out_ PBOOLEAN OwnerDefaulted);
1557
1558 _IRQL_requires_max_(APC_LEVEL)
1559 _When_(Status < 0, _Out_range_(>, 0))
1560 _When_(Status >= 0, _Out_range_(==, 0))
1561 NTSYSAPI
1562 ULONG
1563 NTAPI
1564 RtlNtStatusToDosError(
1565 _In_ NTSTATUS Status);
1566
1567 _IRQL_requires_max_(PASSIVE_LEVEL)
1568 NTSYSAPI
1569 NTSTATUS
1570 NTAPI
1571 RtlCustomCPToUnicodeN(
1572 _In_ PCPTABLEINFO CustomCP,
1573 _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
1574 _In_ ULONG MaxBytesInUnicodeString,
1575 _Out_opt_ PULONG BytesInUnicodeString,
1576 _In_reads_bytes_(BytesInCustomCPString) PCH CustomCPString,
1577 _In_ ULONG BytesInCustomCPString);
1578
1579 _IRQL_requires_max_(PASSIVE_LEVEL)
1580 NTSYSAPI
1581 NTSTATUS
1582 NTAPI
1583 RtlUnicodeToCustomCPN(
1584 _In_ PCPTABLEINFO CustomCP,
1585 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1586 _In_ ULONG MaxBytesInCustomCPString,
1587 _Out_opt_ PULONG BytesInCustomCPString,
1588 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1589 _In_ ULONG BytesInUnicodeString);
1590
1591 _IRQL_requires_max_(PASSIVE_LEVEL)
1592 NTSYSAPI
1593 NTSTATUS
1594 NTAPI
1595 RtlUpcaseUnicodeToCustomCPN(
1596 _In_ PCPTABLEINFO CustomCP,
1597 _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
1598 _In_ ULONG MaxBytesInCustomCPString,
1599 _Out_opt_ PULONG BytesInCustomCPString,
1600 _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
1601 _In_ ULONG BytesInUnicodeString);
1602
1603 _IRQL_requires_max_(PASSIVE_LEVEL)
1604 NTSYSAPI
1605 VOID
1606 NTAPI
1607 RtlInitCodePageTable(
1608 _In_ PUSHORT TableBase,
1609 _Out_ PCPTABLEINFO CodePageTable);
1610
1611
1612 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
1613
1614
1615 #if (NTDDI_VERSION >= NTDDI_WINXP)
1616
1617
1618
1619 _Must_inspect_result_
1620 NTSYSAPI
1621 PVOID
1622 NTAPI
1623 RtlCreateHeap(
1624 _In_ ULONG Flags,
1625 _In_opt_ PVOID HeapBase,
1626 _In_opt_ SIZE_T ReserveSize,
1627 _In_opt_ SIZE_T CommitSize,
1628 _In_opt_ PVOID Lock,
1629 _In_opt_ PRTL_HEAP_PARAMETERS Parameters);
1630
1631 NTSYSAPI
1632 PVOID
1633 NTAPI
1634 RtlDestroyHeap(
1635 _In_ _Post_invalid_ PVOID HeapHandle);
1636
1637 NTSYSAPI
1638 USHORT
1639 NTAPI
1640 RtlCaptureStackBackTrace(
1641 _In_ ULONG FramesToSkip,
1642 _In_ ULONG FramesToCapture,
1643 _Out_writes_to_(FramesToCapture, return) PVOID *BackTrace,
1644 _Out_opt_ PULONG BackTraceHash);
1645
1646 _Ret_range_(<, MAXLONG)
1647 NTSYSAPI
1648 ULONG
1649 NTAPI
1650 RtlRandomEx(
1651 _Inout_ PULONG Seed);
1652
1653 _IRQL_requires_max_(DISPATCH_LEVEL)
1654 NTSYSAPI
1655 NTSTATUS
1656 NTAPI
1657 RtlInitUnicodeStringEx(
1658 _Out_ PUNICODE_STRING DestinationString,
1659 _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
1660
1661 _Must_inspect_result_
1662 NTSYSAPI
1663 NTSTATUS
1664 NTAPI
1665 RtlValidateUnicodeString(
1666 _In_ ULONG Flags,
1667 _In_ PCUNICODE_STRING String);
1668
1669 _IRQL_requires_max_(PASSIVE_LEVEL)
1670 _Must_inspect_result_
1671 NTSYSAPI
1672 NTSTATUS
1673 NTAPI
1674 RtlDuplicateUnicodeString(
1675 _In_ ULONG Flags,
1676 _In_ PCUNICODE_STRING SourceString,
1677 _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)) PUNICODE_STRING DestinationString);
1678
1679 NTSYSAPI
1680 NTSTATUS
1681 NTAPI
1682 RtlGetCompressionWorkSpaceSize(
1683 _In_ USHORT CompressionFormatAndEngine,
1684 _Out_ PULONG CompressBufferWorkSpaceSize,
1685 _Out_ PULONG CompressFragmentWorkSpaceSize);
1686
1687 NTSYSAPI
1688 NTSTATUS
1689 NTAPI
1690 RtlCompressBuffer(
1691 _In_ USHORT CompressionFormatAndEngine,
1692 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1693 _In_ ULONG UncompressedBufferSize,
1694 _Out_writes_bytes_to_(CompressedBufferSize, *FinalCompressedSize) PUCHAR CompressedBuffer,
1695 _In_ ULONG CompressedBufferSize,
1696 _In_ ULONG UncompressedChunkSize,
1697 _Out_ PULONG FinalCompressedSize,
1698 _In_ PVOID WorkSpace);
1699
1700 _IRQL_requires_max_(APC_LEVEL)
1701 NTSYSAPI
1702 NTSTATUS
1703 NTAPI
1704 RtlDecompressBuffer(
1705 _In_ USHORT CompressionFormat,
1706 _Out_writes_bytes_to_(UncompressedBufferSize, *FinalUncompressedSize) PUCHAR UncompressedBuffer,
1707 _In_ ULONG UncompressedBufferSize,
1708 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1709 _In_ ULONG CompressedBufferSize,
1710 _Out_ PULONG FinalUncompressedSize);
1711
1712 _IRQL_requires_max_(APC_LEVEL)
1713 NTSYSAPI
1714 NTSTATUS
1715 NTAPI
1716 RtlDecompressFragment(
1717 _In_ USHORT CompressionFormat,
1718 _Out_writes_bytes_to_(UncompressedFragmentSize, *FinalUncompressedSize) PUCHAR UncompressedFragment,
1719 _In_ ULONG UncompressedFragmentSize,
1720 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1721 _In_ ULONG CompressedBufferSize,
1722 _In_range_(<, CompressedBufferSize) ULONG FragmentOffset,
1723 _Out_ PULONG FinalUncompressedSize,
1724 _In_ PVOID WorkSpace);
1725
1726 _IRQL_requires_max_(APC_LEVEL)
1727 NTSYSAPI
1728 NTSTATUS
1729 NTAPI
1730 RtlDescribeChunk(
1731 _In_ USHORT CompressionFormat,
1732 _Inout_ PUCHAR *CompressedBuffer,
1733 _In_ PUCHAR EndOfCompressedBufferPlus1,
1734 _Out_ PUCHAR *ChunkBuffer,
1735 _Out_ PULONG ChunkSize);
1736
1737 _IRQL_requires_max_(APC_LEVEL)
1738 NTSYSAPI
1739 NTSTATUS
1740 NTAPI
1741 RtlReserveChunk(
1742 _In_ USHORT CompressionFormat,
1743 _Inout_ PUCHAR *CompressedBuffer,
1744 _In_ PUCHAR EndOfCompressedBufferPlus1,
1745 _Out_ PUCHAR *ChunkBuffer,
1746 _In_ ULONG ChunkSize);
1747
1748 _IRQL_requires_max_(APC_LEVEL)
1749 NTSYSAPI
1750 NTSTATUS
1751 NTAPI
1752 RtlDecompressChunks(
1753 _Out_writes_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1754 _In_ ULONG UncompressedBufferSize,
1755 _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1756 _In_ ULONG CompressedBufferSize,
1757 _In_reads_bytes_(CompressedTailSize) PUCHAR CompressedTail,
1758 _In_ ULONG CompressedTailSize,
1759 _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo);
1760
1761 _IRQL_requires_max_(APC_LEVEL)
1762 NTSYSAPI
1763 NTSTATUS
1764 NTAPI
1765 RtlCompressChunks(
1766 _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
1767 _In_ ULONG UncompressedBufferSize,
1768 _Out_writes_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
1769 _In_range_(>=, (UncompressedBufferSize - (UncompressedBufferSize / 16))) ULONG CompressedBufferSize,
1770 _Inout_updates_bytes_(CompressedDataInfoLength) PCOMPRESSED_DATA_INFO CompressedDataInfo,
1771 _In_range_(>, sizeof(COMPRESSED_DATA_INFO)) ULONG CompressedDataInfoLength,
1772 _In_ PVOID WorkSpace);
1773
1774 _IRQL_requires_max_(APC_LEVEL)
1775 NTSYSAPI
1776 PSID_IDENTIFIER_AUTHORITY
1777 NTAPI
1778 RtlIdentifierAuthoritySid(
1779 _In_ PSID Sid);
1780
1781 NTSYSAPI
1782 PUCHAR
1783 NTAPI
1784 RtlSubAuthorityCountSid(
1785 _In_ PSID Sid);
1786
1787 _When_(Status < 0, _Out_range_(>, 0))
1788 _When_(Status >= 0, _Out_range_(==, 0))
1789 NTSYSAPI
1790 ULONG
1791 NTAPI
1792 RtlNtStatusToDosErrorNoTeb(
1793 _In_ NTSTATUS Status);
1794
1795 _IRQL_requires_max_(PASSIVE_LEVEL)
1796 NTSYSAPI
1797 NTSTATUS
1798 NTAPI
1799 RtlCreateSystemVolumeInformationFolder(
1800 _In_ PCUNICODE_STRING VolumeRootPath);
1801
1802 #if defined(_M_AMD64)
1803
1804 FORCEINLINE
1805 VOID
1806 RtlFillMemoryUlong(
1807 _Out_writes_bytes_all_(Length) PVOID Destination,
1808 _In_ SIZE_T Length,
1809 _In_ ULONG Pattern)
1810 {
1811 PULONG Address = (PULONG)Destination;
1812 if ((Length /= 4) != 0) {
1813 if (((ULONG64)Address & 4) != 0) {
1814 *Address = Pattern;
1815 if ((Length -= 1) == 0) {
1816 return;
1817 }
1818 Address += 1;
1819 }
1820 __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
1821 if ((Length & 1) != 0) Address[Length - 1] = Pattern;
1822 }
1823 return;
1824 }
1825
1826 #define RtlFillMemoryUlonglong(Destination, Length, Pattern) \
1827 __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
1828
1829 #else
1830
1831 NTSYSAPI
1832 VOID
1833 NTAPI
1834 RtlFillMemoryUlong(
1835 OUT PVOID Destination,
1836 IN SIZE_T Length,
1837 IN ULONG Pattern);
1838
1839 NTSYSAPI
1840 VOID
1841 NTAPI
1842 RtlFillMemoryUlonglong(
1843 _Out_writes_bytes_all_(Length) PVOID Destination,
1844 _In_ SIZE_T Length,
1845 _In_ ULONGLONG Pattern);
1846
1847 #endif /* defined(_M_AMD64) */
1848
1849 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
1850
1851 #if (NTDDI_VERSION >= NTDDI_WS03)
1852 _IRQL_requires_max_(DISPATCH_LEVEL)
1853 NTSYSAPI
1854 NTSTATUS
1855 NTAPI
1856 RtlInitAnsiStringEx(
1857 _Out_ PANSI_STRING DestinationString,
1858 _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
1859 #endif
1860
1861 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
1862
1863 _IRQL_requires_max_(APC_LEVEL)
1864 NTSYSAPI
1865 NTSTATUS
1866 NTAPI
1867 RtlGetSaclSecurityDescriptor(
1868 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1869 _Out_ PBOOLEAN SaclPresent,
1870 _Out_ PACL *Sacl,
1871 _Out_ PBOOLEAN SaclDefaulted);
1872
1873 _IRQL_requires_max_(APC_LEVEL)
1874 NTSYSAPI
1875 NTSTATUS
1876 NTAPI
1877 RtlSetGroupSecurityDescriptor(
1878 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1879 _In_opt_ PSID Group,
1880 _In_opt_ BOOLEAN GroupDefaulted);
1881
1882 _IRQL_requires_max_(APC_LEVEL)
1883 NTSYSAPI
1884 NTSTATUS
1885 NTAPI
1886 RtlGetGroupSecurityDescriptor(
1887 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1888 _Out_ PSID *Group,
1889 _Out_ PBOOLEAN GroupDefaulted);
1890
1891 _IRQL_requires_max_(APC_LEVEL)
1892 NTSYSAPI
1893 NTSTATUS
1894 NTAPI
1895 RtlAbsoluteToSelfRelativeSD(
1896 _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1897 _Out_writes_bytes_to_opt_(*BufferLength, *BufferLength) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1898 _Inout_ PULONG BufferLength);
1899
1900 _IRQL_requires_max_(APC_LEVEL)
1901 NTSYSAPI
1902 NTSTATUS
1903 NTAPI
1904 RtlSelfRelativeToAbsoluteSD(
1905 _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
1906 _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize, *AbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
1907 _Inout_ PULONG AbsoluteSecurityDescriptorSize,
1908 _Out_writes_bytes_to_opt_(*DaclSize, *DaclSize) PACL Dacl,
1909 _Inout_ PULONG DaclSize,
1910 _Out_writes_bytes_to_opt_(*SaclSize, *SaclSize) PACL Sacl,
1911 _Inout_ PULONG SaclSize,
1912 _Out_writes_bytes_to_opt_(*OwnerSize, *OwnerSize) PSID Owner,
1913 _Inout_ PULONG OwnerSize,
1914 _Out_writes_bytes_to_opt_(*PrimaryGroupSize, *PrimaryGroupSize) PSID PrimaryGroup,
1915 _Inout_ PULONG PrimaryGroupSize);
1916
1917 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
1918
1919 #if (NTDDI_VERSION >= NTDDI_VISTA)
1920
1921 NTSYSAPI
1922 NTSTATUS
1923 NTAPI
1924 RtlNormalizeString(
1925 _In_ ULONG NormForm,
1926 _In_ PCWSTR SourceString,
1927 _In_ LONG SourceStringLength,
1928 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1929 _Inout_ PLONG DestinationStringLength);
1930
1931 NTSYSAPI
1932 NTSTATUS
1933 NTAPI
1934 RtlIsNormalizedString(
1935 _In_ ULONG NormForm,
1936 _In_ PCWSTR SourceString,
1937 _In_ LONG SourceStringLength,
1938 _Out_ PBOOLEAN Normalized);
1939
1940 NTSYSAPI
1941 NTSTATUS
1942 NTAPI
1943 RtlIdnToAscii(
1944 _In_ ULONG Flags,
1945 _In_ PCWSTR SourceString,
1946 _In_ LONG SourceStringLength,
1947 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1948 _Inout_ PLONG DestinationStringLength);
1949
1950 NTSYSAPI
1951 NTSTATUS
1952 NTAPI
1953 RtlIdnToUnicode(
1954 IN ULONG Flags,
1955 IN PCWSTR SourceString,
1956 IN LONG SourceStringLength,
1957 OUT PWSTR DestinationString,
1958 IN OUT PLONG DestinationStringLength);
1959
1960 NTSYSAPI
1961 NTSTATUS
1962 NTAPI
1963 RtlIdnToNameprepUnicode(
1964 _In_ ULONG Flags,
1965 _In_ PCWSTR SourceString,
1966 _In_ LONG SourceStringLength,
1967 _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
1968 _Inout_ PLONG DestinationStringLength);
1969
1970 NTSYSAPI
1971 NTSTATUS
1972 NTAPI
1973 RtlCreateServiceSid(
1974 _In_ PUNICODE_STRING ServiceName,
1975 _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
1976 _Inout_ PULONG ServiceSidLength);
1977
1978 NTSYSAPI
1979 LONG
1980 NTAPI
1981 RtlCompareAltitudes(
1982 _In_ PCUNICODE_STRING Altitude1,
1983 _In_ PCUNICODE_STRING Altitude2);
1984
1985
1986 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1987
1988 #if (NTDDI_VERSION >= NTDDI_WIN7)
1989
1990 _IRQL_requires_max_(PASSIVE_LEVEL)
1991 _Must_inspect_result_
1992 NTSYSAPI
1993 NTSTATUS
1994 NTAPI
1995 RtlUnicodeToUTF8N(
1996 _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount) PCHAR UTF8StringDestination,
1997 _In_ ULONG UTF8StringMaxByteCount,
1998 _Out_ PULONG UTF8StringActualByteCount,
1999 _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
2000 _In_ ULONG UnicodeStringByteCount);
2001
2002 _IRQL_requires_max_(PASSIVE_LEVEL)
2003 _Must_inspect_result_
2004 NTSYSAPI
2005 NTSTATUS
2006 NTAPI
2007 RtlUTF8ToUnicodeN(
2008 _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount) PWSTR UnicodeStringDestination,
2009 _In_ ULONG UnicodeStringMaxByteCount,
2010 _Out_ PULONG UnicodeStringActualByteCount,
2011 _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
2012 _In_ ULONG UTF8StringByteCount);
2013
2014 _IRQL_requires_max_(APC_LEVEL)
2015 NTSYSAPI
2016 NTSTATUS
2017 NTAPI
2018 RtlReplaceSidInSd(
2019 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2020 _In_ PSID OldSid,
2021 _In_ PSID NewSid,
2022 _Out_ ULONG *NumChanges);
2023
2024 NTSYSAPI
2025 NTSTATUS
2026 NTAPI
2027 RtlCreateVirtualAccountSid(
2028 _In_ PCUNICODE_STRING Name,
2029 _In_ ULONG BaseSubAuthority,
2030 _Out_writes_bytes_(*SidLength) PSID Sid,
2031 _Inout_ PULONG SidLength);
2032
2033 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
2034
2035
2036 #if defined(_AMD64_) || defined(_IA64_)
2037
2038
2039
2040 #endif /* defined(_AMD64_) || defined(_IA64_) */
2041
2042
2043
2044 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
2045 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
2046
2047 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ? \
2048 RtlxUnicodeStringToOemSize(STRING) : \
2049 ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
2050 )
2051
2052 #define RtlOemStringToUnicodeSize(STRING) ( \
2053 NLS_MB_OEM_CODE_PAGE_TAG ? \
2054 RtlxOemStringToUnicodeSize(STRING) : \
2055 ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
2056 )
2057
2058 #define RtlOemStringToCountedUnicodeSize(STRING) ( \
2059 (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
2060 )
2061
2062 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
2063 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
2064
2065 _IRQL_requires_max_(PASSIVE_LEVEL)
2066 __kernel_entry
2067 NTSYSCALLAPI
2068 NTSTATUS
2069 NTAPI
2070 NtQueryObject(
2071 _In_opt_ HANDLE Handle,
2072 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
2073 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
2074 _In_ ULONG ObjectInformationLength,
2075 _Out_opt_ PULONG ReturnLength);
2076
2077 #if (NTDDI_VERSION >= NTDDI_WIN2K)
2078
2079 _Must_inspect_result_
2080 __kernel_entry
2081 NTSYSCALLAPI
2082 NTSTATUS
2083 NTAPI
2084 NtOpenThreadToken(
2085 _In_ HANDLE ThreadHandle,
2086 _In_ ACCESS_MASK DesiredAccess,
2087 _In_ BOOLEAN OpenAsSelf,
2088 _Out_ PHANDLE TokenHandle);
2089
2090 _Must_inspect_result_
2091 __kernel_entry
2092 NTSYSCALLAPI
2093 NTSTATUS
2094 NTAPI
2095 NtOpenProcessToken(
2096 _In_ HANDLE ProcessHandle,
2097 _In_ ACCESS_MASK DesiredAccess,
2098 _Out_ PHANDLE TokenHandle);
2099
2100 _When_(TokenInformationClass == TokenAccessInformation,
2101 _At_(TokenInformationLength,
2102 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
2103 _Must_inspect_result_
2104 __kernel_entry
2105 NTSYSCALLAPI
2106 NTSTATUS
2107 NTAPI
2108 NtQueryInformationToken(
2109 _In_ HANDLE TokenHandle,
2110 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2111 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
2112 _In_ ULONG TokenInformationLength,
2113 _Out_ PULONG ReturnLength);
2114
2115 _Must_inspect_result_
2116 __kernel_entry
2117 NTSYSCALLAPI
2118 NTSTATUS
2119 NTAPI
2120 NtAdjustPrivilegesToken(
2121 _In_ HANDLE TokenHandle,
2122 _In_ BOOLEAN DisableAllPrivileges,
2123 _In_opt_ PTOKEN_PRIVILEGES NewState,
2124 _In_ ULONG BufferLength,
2125 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
2126 _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
2127
2128 __kernel_entry
2129 NTSYSCALLAPI
2130 NTSTATUS
2131 NTAPI
2132 NtCreateFile(
2133 _Out_ PHANDLE FileHandle,
2134 _In_ ACCESS_MASK DesiredAccess,
2135 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2136 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2137 _In_opt_ PLARGE_INTEGER AllocationSize,
2138 _In_ ULONG FileAttributes,
2139 _In_ ULONG ShareAccess,
2140 _In_ ULONG CreateDisposition,
2141 _In_ ULONG CreateOptions,
2142 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
2143 _In_ ULONG EaLength);
2144
2145 __kernel_entry
2146 NTSYSCALLAPI
2147 NTSTATUS
2148 NTAPI
2149 NtDeviceIoControlFile(
2150 _In_ HANDLE FileHandle,
2151 _In_opt_ HANDLE Event,
2152 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2153 _In_opt_ PVOID ApcContext,
2154 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2155 _In_ ULONG IoControlCode,
2156 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2157 _In_ ULONG InputBufferLength,
2158 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2159 _In_ ULONG OutputBufferLength);
2160
2161 __kernel_entry
2162 NTSYSCALLAPI
2163 NTSTATUS
2164 NTAPI
2165 NtFsControlFile(
2166 _In_ HANDLE FileHandle,
2167 _In_opt_ HANDLE Event,
2168 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2169 _In_opt_ PVOID ApcContext,
2170 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2171 _In_ ULONG FsControlCode,
2172 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2173 _In_ ULONG InputBufferLength,
2174 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2175 _In_ ULONG OutputBufferLength);
2176
2177 __kernel_entry
2178 NTSYSCALLAPI
2179 NTSTATUS
2180 NTAPI
2181 NtLockFile(
2182 _In_ HANDLE FileHandle,
2183 _In_opt_ HANDLE Event,
2184 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2185 _In_opt_ PVOID ApcContext,
2186 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2187 _In_ PLARGE_INTEGER ByteOffset,
2188 _In_ PLARGE_INTEGER Length,
2189 _In_ ULONG Key,
2190 _In_ BOOLEAN FailImmediately,
2191 _In_ BOOLEAN ExclusiveLock);
2192
2193 __kernel_entry
2194 NTSYSCALLAPI
2195 NTSTATUS
2196 NTAPI
2197 NtOpenFile(
2198 _Out_ PHANDLE FileHandle,
2199 _In_ ACCESS_MASK DesiredAccess,
2200 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
2201 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2202 _In_ ULONG ShareAccess,
2203 _In_ ULONG OpenOptions);
2204
2205 __kernel_entry
2206 NTSYSCALLAPI
2207 NTSTATUS
2208 NTAPI
2209 NtQueryDirectoryFile(
2210 _In_ HANDLE FileHandle,
2211 _In_opt_ HANDLE Event,
2212 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2213 _In_opt_ PVOID ApcContext,
2214 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2215 _Out_writes_bytes_(Length) PVOID FileInformation,
2216 _In_ ULONG Length,
2217 _In_ FILE_INFORMATION_CLASS FileInformationClass,
2218 _In_ BOOLEAN ReturnSingleEntry,
2219 _In_opt_ PUNICODE_STRING FileName,
2220 _In_ BOOLEAN RestartScan);
2221
2222 __kernel_entry
2223 NTSYSCALLAPI
2224 NTSTATUS
2225 NTAPI
2226 NtQueryInformationFile(
2227 _In_ HANDLE FileHandle,
2228 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2229 _Out_writes_bytes_(Length) PVOID FileInformation,
2230 _In_ ULONG Length,
2231 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2232
2233 __kernel_entry
2234 NTSYSCALLAPI
2235 NTSTATUS
2236 NTAPI
2237 NtQueryQuotaInformationFile(
2238 _In_ HANDLE FileHandle,
2239 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2240 _Out_writes_bytes_(Length) PVOID Buffer,
2241 _In_ ULONG Length,
2242 _In_ BOOLEAN ReturnSingleEntry,
2243 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
2244 _In_ ULONG SidListLength,
2245 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
2246 _In_ BOOLEAN RestartScan);
2247
2248 __kernel_entry
2249 NTSYSCALLAPI
2250 NTSTATUS
2251 NTAPI
2252 NtQueryVolumeInformationFile(
2253 _In_ HANDLE FileHandle,
2254 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2255 _Out_writes_bytes_(Length) PVOID FsInformation,
2256 _In_ ULONG Length,
2257 _In_ FS_INFORMATION_CLASS FsInformationClass);
2258
2259 __kernel_entry
2260 NTSYSCALLAPI
2261 NTSTATUS
2262 NTAPI
2263 NtReadFile(
2264 _In_ HANDLE FileHandle,
2265 _In_opt_ HANDLE Event,
2266 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2267 _In_opt_ PVOID ApcContext,
2268 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2269 _Out_writes_bytes_(Length) PVOID Buffer,
2270 _In_ ULONG Length,
2271 _In_opt_ PLARGE_INTEGER ByteOffset,
2272 _In_opt_ PULONG Key);
2273
2274 __kernel_entry
2275 NTSYSCALLAPI
2276 NTSTATUS
2277 NTAPI
2278 NtSetInformationFile(
2279 _In_ HANDLE FileHandle,
2280 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2281 _In_reads_bytes_(Length) PVOID FileInformation,
2282 _In_ ULONG Length,
2283 _In_ FILE_INFORMATION_CLASS FileInformationClass);
2284
2285 __kernel_entry
2286 NTSYSCALLAPI
2287 NTSTATUS
2288 NTAPI
2289 NtSetQuotaInformationFile(
2290 _In_ HANDLE FileHandle,
2291 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2292 _In_reads_bytes_(Length) PVOID Buffer,
2293 _In_ ULONG Length);
2294
2295 __kernel_entry
2296 NTSYSCALLAPI
2297 NTSTATUS
2298 NTAPI
2299 NtSetVolumeInformationFile(
2300 _In_ HANDLE FileHandle,
2301 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2302 _In_reads_bytes_(Length) PVOID FsInformation,
2303 _In_ ULONG Length,
2304 _In_ FS_INFORMATION_CLASS FsInformationClass);
2305
2306 __kernel_entry
2307 NTSYSCALLAPI
2308 NTSTATUS
2309 NTAPI
2310 NtWriteFile(
2311 _In_ HANDLE FileHandle,
2312 _In_opt_ HANDLE Event,
2313 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
2314 _In_opt_ PVOID ApcContext,
2315 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2316 _In_reads_bytes_(Length) PVOID Buffer,
2317 _In_ ULONG Length,
2318 _In_opt_ PLARGE_INTEGER ByteOffset,
2319 _In_opt_ PULONG Key);
2320
2321 __kernel_entry
2322 NTSYSCALLAPI
2323 NTSTATUS
2324 NTAPI
2325 NtUnlockFile(
2326 _In_ HANDLE FileHandle,
2327 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
2328 _In_ PLARGE_INTEGER ByteOffset,
2329 _In_ PLARGE_INTEGER Length,
2330 _In_ ULONG Key);
2331
2332 _IRQL_requires_max_(PASSIVE_LEVEL)
2333 __kernel_entry
2334 NTSYSCALLAPI
2335 NTSTATUS
2336 NTAPI
2337 NtSetSecurityObject(
2338 _In_ HANDLE Handle,
2339 _In_ SECURITY_INFORMATION SecurityInformation,
2340 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
2341
2342 _IRQL_requires_max_(PASSIVE_LEVEL)
2343 __kernel_entry
2344 NTSYSCALLAPI
2345 NTSTATUS
2346 NTAPI
2347 NtQuerySecurityObject(
2348 _In_ HANDLE Handle,
2349 _In_ SECURITY_INFORMATION SecurityInformation,
2350 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
2351 _In_ ULONG Length,
2352 _Out_ PULONG LengthNeeded);
2353
2354 _IRQL_requires_max_(PASSIVE_LEVEL)
2355 __kernel_entry
2356 NTSYSCALLAPI
2357 NTSTATUS
2358 NTAPI
2359 NtClose(
2360 _In_ HANDLE Handle);
2361
2362 #endif
2363
2364 #if (NTDDI_VERSION >= NTDDI_WINXP)
2365
2366 _Must_inspect_result_
2367 __kernel_entry
2368 NTSYSCALLAPI
2369 NTSTATUS
2370 NTAPI
2371 NtOpenThreadTokenEx(
2372 _In_ HANDLE ThreadHandle,
2373 _In_ ACCESS_MASK DesiredAccess,
2374 _In_ BOOLEAN OpenAsSelf,
2375 _In_ ULONG HandleAttributes,
2376 _Out_ PHANDLE TokenHandle);
2377
2378 _Must_inspect_result_
2379 __kernel_entry
2380 NTSYSCALLAPI
2381 NTSTATUS
2382 NTAPI
2383 NtOpenProcessTokenEx(
2384 _In_ HANDLE ProcessHandle,
2385 _In_ ACCESS_MASK DesiredAccess,
2386 _In_ ULONG HandleAttributes,
2387 _Out_ PHANDLE TokenHandle);
2388
2389 _Must_inspect_result_
2390 NTSYSAPI
2391 NTSTATUS
2392 NTAPI
2393 NtOpenJobObjectToken(
2394 _In_ HANDLE JobHandle,
2395 _In_ ACCESS_MASK DesiredAccess,
2396 _Out_ PHANDLE TokenHandle);
2397
2398 _Must_inspect_result_
2399 __kernel_entry
2400 NTSYSCALLAPI
2401 NTSTATUS
2402 NTAPI
2403 NtDuplicateToken(
2404 _In_ HANDLE ExistingTokenHandle,
2405 _In_ ACCESS_MASK DesiredAccess,
2406 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2407 _In_ BOOLEAN EffectiveOnly,
2408 _In_ TOKEN_TYPE TokenType,
2409 _Out_ PHANDLE NewTokenHandle);
2410
2411 _Must_inspect_result_
2412 __kernel_entry
2413 NTSYSCALLAPI
2414 NTSTATUS
2415 NTAPI
2416 NtFilterToken(
2417 _In_ HANDLE ExistingTokenHandle,
2418 _In_ ULONG Flags,
2419 _In_opt_ PTOKEN_GROUPS SidsToDisable,
2420 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
2421 _In_opt_ PTOKEN_GROUPS RestrictedSids,
2422 _Out_ PHANDLE NewTokenHandle);
2423
2424 _Must_inspect_result_
2425 __kernel_entry
2426 NTSYSCALLAPI
2427 NTSTATUS
2428 NTAPI
2429 NtImpersonateAnonymousToken(
2430 _In_ HANDLE ThreadHandle);
2431
2432 _Must_inspect_result_
2433 __kernel_entry
2434 NTSYSCALLAPI
2435 NTSTATUS
2436 NTAPI
2437 NtSetInformationToken(
2438 _In_ HANDLE TokenHandle,
2439 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
2440 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
2441 _In_ ULONG TokenInformationLength);
2442
2443 _Must_inspect_result_
2444 __kernel_entry
2445 NTSYSCALLAPI
2446 NTSTATUS
2447 NTAPI
2448 NtAdjustGroupsToken(
2449 _In_ HANDLE TokenHandle,
2450 _In_ BOOLEAN ResetToDefault,
2451 _In_opt_ PTOKEN_GROUPS NewState,
2452 _In_opt_ ULONG BufferLength,
2453 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
2454 _Out_ PULONG ReturnLength);
2455
2456 _Must_inspect_result_
2457 __kernel_entry
2458 NTSYSCALLAPI
2459 NTSTATUS
2460 NTAPI
2461 NtPrivilegeCheck(
2462 _In_ HANDLE ClientToken,
2463 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
2464 _Out_ PBOOLEAN Result);
2465
2466 _Must_inspect_result_
2467 __kernel_entry
2468 NTSYSCALLAPI
2469 NTSTATUS
2470 NTAPI
2471 NtAccessCheckAndAuditAlarm(
2472 _In_ PUNICODE_STRING SubsystemName,
2473 _In_opt_ PVOID HandleId,
2474 _In_ PUNICODE_STRING ObjectTypeName,
2475 _In_ PUNICODE_STRING ObjectName,
2476 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2477 _In_ ACCESS_MASK DesiredAccess,
2478 _In_ PGENERIC_MAPPING GenericMapping,
2479 _In_ BOOLEAN ObjectCreation,
2480 _Out_ PACCESS_MASK GrantedAccess,
2481 _Out_ PNTSTATUS AccessStatus,
2482 _Out_ PBOOLEAN GenerateOnClose);
2483
2484 _Must_inspect_result_
2485 __kernel_entry
2486 NTSYSCALLAPI
2487 NTSTATUS
2488 NTAPI
2489 NtAccessCheckByTypeAndAuditAlarm(
2490 _In_ PUNICODE_STRING SubsystemName,
2491 _In_opt_ PVOID HandleId,
2492 _In_ PUNICODE_STRING ObjectTypeName,
2493 _In_ PUNICODE_STRING ObjectName,
2494 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2495 _In_opt_ PSID PrincipalSelfSid,
2496 _In_ ACCESS_MASK DesiredAccess,
2497 _In_ AUDIT_EVENT_TYPE AuditType,
2498 _In_ ULONG Flags,
2499 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
2500 _In_ ULONG ObjectTypeLength,
2501 _In_ PGENERIC_MAPPING GenericMapping,
2502 _In_ BOOLEAN ObjectCreation,
2503 _Out_ PACCESS_MASK GrantedAccess,
2504 _Out_ PNTSTATUS AccessStatus,
2505 _Out_ PBOOLEAN GenerateOnClose);
2506
2507 _Must_inspect_result_
2508 __kernel_entry
2509 NTSYSCALLAPI
2510 NTSTATUS
2511 NTAPI
2512 NtAccessCheckByTypeResultListAndAuditAlarm(
2513 _In_ PUNICODE_STRING SubsystemName,
2514 _In_opt_ PVOID HandleId,
2515 _In_ PUNICODE_STRING ObjectTypeName,
2516 _In_ PUNICODE_STRING ObjectName,
2517 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2518 _In_opt_ PSID PrincipalSelfSid,
2519 _In_ ACCESS_MASK DesiredAccess,
2520 _In_ AUDIT_EVENT_TYPE AuditType,
2521 _In_ ULONG Flags,
2522 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2523 _In_ ULONG ObjectTypeListLength,
2524 _In_ PGENERIC_MAPPING GenericMapping,
2525 _In_ BOOLEAN ObjectCreation,
2526 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2527 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2528 _Out_ PBOOLEAN GenerateOnClose);
2529
2530 _Must_inspect_result_
2531 __kernel_entry
2532 NTSYSCALLAPI
2533 NTSTATUS
2534 NTAPI
2535 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
2536 _In_ PUNICODE_STRING SubsystemName,
2537 _In_opt_ PVOID HandleId,
2538 _In_ HANDLE ClientToken,
2539 _In_ PUNICODE_STRING ObjectTypeName,
2540 _In_ PUNICODE_STRING ObjectName,
2541 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2542 _In_opt_ PSID PrincipalSelfSid,
2543 _In_ ACCESS_MASK DesiredAccess,
2544 _In_ AUDIT_EVENT_TYPE AuditType,
2545 _In_ ULONG Flags,
2546 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
2547 _In_ ULONG ObjectTypeListLength,
2548 _In_ PGENERIC_MAPPING GenericMapping,
2549 _In_ BOOLEAN ObjectCreation,
2550 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
2551 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
2552 _Out_ PBOOLEAN GenerateOnClose);
2553
2554 __kernel_entry
2555 NTSYSCALLAPI
2556 NTSTATUS
2557 NTAPI
2558 NtOpenObjectAuditAlarm(
2559 _In_ PUNICODE_STRING SubsystemName,
2560 _In_opt_ PVOID HandleId,
2561 _In_ PUNICODE_STRING ObjectTypeName,
2562 _In_ PUNICODE_STRING ObjectName,
2563 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
2564 _In_ HANDLE ClientToken,
2565 _In_ ACCESS_MASK DesiredAccess,
2566 _In_ ACCESS_MASK GrantedAccess,
2567 _In_opt_ PPRIVILEGE_SET Privileges,
2568 _In_ BOOLEAN ObjectCreation,
2569 _In_ BOOLEAN AccessGranted,
2570 _Out_ PBOOLEAN GenerateOnClose);
2571
2572 __kernel_entry
2573 NTSYSCALLAPI
2574 NTSTATUS
2575 NTAPI
2576 NtPrivilegeObjectAuditAlarm(
2577 _In_ PUNICODE_STRING SubsystemName,
2578 _In_opt_ PVOID HandleId,
2579 _In_ HANDLE ClientToken,
2580 _In_ ACCESS_MASK DesiredAccess,
2581 _In_ PPRIVILEGE_SET Privileges,
2582 _In_ BOOLEAN AccessGranted);
2583
2584 __kernel_entry
2585 NTSYSCALLAPI
2586 NTSTATUS
2587 NTAPI
2588 NtCloseObjectAuditAlarm(
2589 _In_ PUNICODE_STRING SubsystemName,
2590 _In_opt_ PVOID HandleId,
2591 _In_ BOOLEAN GenerateOnClose);
2592
2593 __kernel_entry
2594 NTSYSCALLAPI
2595 NTSTATUS
2596 NTAPI
2597 NtDeleteObjectAuditAlarm(
2598 _In_ PUNICODE_STRING SubsystemName,
2599 _In_opt_ PVOID HandleId,
2600 _In_ BOOLEAN GenerateOnClose);
2601
2602 __kernel_entry
2603 NTSYSCALLAPI
2604 NTSTATUS
2605 NTAPI
2606 NtPrivilegedServiceAuditAlarm(
2607 _In_ PUNICODE_STRING SubsystemName,
2608 _In_ PUNICODE_STRING ServiceName,
2609 _In_ HANDLE ClientToken,
2610 _In_ PPRIVILEGE_SET Privileges,
2611 _In_ BOOLEAN AccessGranted);
2612
2613 __kernel_entry
2614 NTSYSCALLAPI
2615 NTSTATUS
2616 NTAPI
2617 NtSetInformationThread(
2618 _In_ HANDLE ThreadHandle,
2619 _In_ THREADINFOCLASS ThreadInformationClass,
2620 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
2621 _In_ ULONG ThreadInformationLength);
2622
2623 _Must_inspect_result_
2624 __kernel_entry
2625 NTSYSCALLAPI
2626 NTSTATUS
2627 NTAPI
2628 NtCreateSection(
2629 _Out_ PHANDLE SectionHandle,
2630 _In_ ACCESS_MASK DesiredAccess,
2631 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
2632 _In_opt_ PLARGE_INTEGER MaximumSize,
2633 _In_ ULONG SectionPageProtection,
2634 _In_ ULONG AllocationAttributes,
2635 _In_opt_ HANDLE FileHandle);
2636
2637 #endif
2638
2639 #define COMPRESSION_FORMAT_NONE (0x0000)
2640 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
2641 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
2642 #define COMPRESSION_ENGINE_STANDARD (0x0000)
2643 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
2644 #define COMPRESSION_ENGINE_HIBER (0x0200)
2645
2646 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
2647
2648 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
2649
2650 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
2651 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
2652
2653 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
2654
2655 typedef enum _SECURITY_LOGON_TYPE {
2656 UndefinedLogonType = 0,
2657 Interactive = 2,
2658 Network,
2659 Batch,
2660 Service,
2661 Proxy,
2662 Unlock,
2663 NetworkCleartext,
2664 NewCredentials,
2665 #if (_WIN32_WINNT >= 0x0501)
2666 RemoteInteractive,
2667 CachedInteractive,
2668 #endif
2669 #if (_WIN32_WINNT >= 0x0502)
2670 CachedRemoteInteractive,
2671 CachedUnlock
2672 #endif
2673 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
2674
2675 #ifndef _NTLSA_AUDIT_
2676 #define _NTLSA_AUDIT_
2677
2678 #ifndef GUID_DEFINED
2679 #include <guiddef.h>
2680 #endif
2681
2682 #endif /* _NTLSA_AUDIT_ */
2683
2684 _IRQL_requires_same_
2685 _IRQL_requires_max_(PASSIVE_LEVEL)
2686 NTSTATUS
2687 NTAPI
2688 LsaRegisterLogonProcess(
2689 _In_ PLSA_STRING LogonProcessName,
2690 _Out_ PHANDLE LsaHandle,
2691 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
2692
2693 _IRQL_requires_same_
2694 _IRQL_requires_max_(PASSIVE_LEVEL)
2695 NTSTATUS
2696 NTAPI
2697 LsaLogonUser(
2698 _In_ HANDLE LsaHandle,
2699 _In_ PLSA_STRING OriginName,
2700 _In_ SECURITY_LOGON_TYPE LogonType,
2701 _In_ ULONG AuthenticationPackage,
2702 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
2703 _In_ ULONG AuthenticationInformationLength,
2704 _In_opt_ PTOKEN_GROUPS LocalGroups,
2705 _In_ PTOKEN_SOURCE SourceContext,
2706 _Out_ PVOID *ProfileBuffer,
2707 _Out_ PULONG ProfileBufferLength,
2708 _Inout_ PLUID LogonId,
2709 _Out_ PHANDLE Token,
2710 _Out_ PQUOTA_LIMITS Quotas,
2711 _Out_ PNTSTATUS SubStatus);
2712
2713 _IRQL_requires_same_
2714 NTSTATUS
2715 NTAPI
2716 LsaFreeReturnBuffer(
2717 _In_ PVOID Buffer);
2718
2719 #ifndef _NTLSA_IFS_
2720 #define _NTLSA_IFS_
2721 #endif
2722
2723 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2724 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
2725 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
2726
2727 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
2728 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
2729
2730 #define MSV1_0_CHALLENGE_LENGTH 8
2731 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
2732 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
2733
2734 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
2735 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
2736 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
2737 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
2738 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
2739 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
2740 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
2741 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
2742 #define MSV1_0_RETURN_PROFILE_PATH 0x200
2743 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
2744 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
2745
2746 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
2747 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
2748
2749 #if (_WIN32_WINNT >= 0x0502)
2750 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
2751 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
2752 #endif
2753
2754 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
2755 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
2756
2757 #if (_WIN32_WINNT >= 0x0600)
2758 #define MSV1_0_S4U2SELF 0x00020000
2759 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
2760 #endif
2761
2762 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
2763 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
2764 #define MSV1_0_MNS_LOGON 0x01000000
2765
2766 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
2767 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
2768
2769 #define LOGON_GUEST 0x01
2770 #define LOGON_NOENCRYPTION 0x02
2771 #define LOGON_CACHED_ACCOUNT 0x04
2772 #define LOGON_USED_LM_PASSWORD 0x08
2773 #define LOGON_EXTRA_SIDS 0x20
2774 #define LOGON_SUBAUTH_SESSION_KEY 0x40
2775 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
2776 #define LOGON_NTLMV2_ENABLED 0x100
2777 #define LOGON_RESOURCE_GROUPS 0x200
2778 #define LOGON_PROFILE_PATH_RETURNED 0x400
2779 #define LOGON_NT_V2 0x800
2780 #define LOGON_LM_V2 0x1000
2781 #define LOGON_NTLM_V2 0x2000
2782
2783 #if (_WIN32_WINNT >= 0x0600)
2784
2785 #define LOGON_OPTIMIZED 0x4000
2786 #define LOGON_WINLOGON 0x8000
2787 #define LOGON_PKINIT 0x10000
2788 #define LOGON_NO_OPTIMIZED 0x20000
2789
2790 #endif
2791
2792 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
2793
2794 #define LOGON_GRACE_LOGON 0x01000000
2795
2796 #define MSV1_0_OWF_PASSWORD_LENGTH 16
2797 #define MSV1_0_CRED_LM_PRESENT 0x1
2798 #define MSV1_0_CRED_NT_PRESENT 0x2
2799 #define MSV1_0_CRED_VERSION 0
2800
2801 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
2802 #define MSV1_0_NTLM3_OWF_LENGTH 16
2803
2804 #if (_WIN32_WINNT == 0x0500)
2805 #define MSV1_0_MAX_NTLM3_LIFE 1800
2806 #else
2807 #define MSV1_0_MAX_NTLM3_LIFE 129600
2808 #endif
2809 #define MSV1_0_MAX_AVL_SIZE 64000
2810
2811 #if (_WIN32_WINNT >= 0x0501)
2812
2813 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
2814
2815 #if (_WIN32_WINNT >= 0x0600)
2816 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
2817 #endif
2818
2819 #endif
2820
2821 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
2822
2823 #if(_WIN32_WINNT >= 0x0502)
2824 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
2825 #endif
2826
2827 #define USE_PRIMARY_PASSWORD 0x01
2828 #define RETURN_PRIMARY_USERNAME 0x02
2829 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
2830 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
2831 #define GENERATE_CLIENT_CHALLENGE 0x10
2832 #define GCR_NTLM3_PARMS 0x20
2833 #define GCR_TARGET_INFO 0x40
2834 #define RETURN_RESERVED_PARAMETER 0x80
2835 #define GCR_ALLOW_NTLM 0x100
2836 #define GCR_USE_OEM_SET 0x200
2837 #define GCR_MACHINE_CREDENTIAL 0x400
2838 #define GCR_USE_OWF_PASSWORD 0x800
2839 #define GCR_ALLOW_LM 0x1000
2840 #define GCR_ALLOW_NO_TARGET 0x2000
2841
2842 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
2843 MsV1_0InteractiveLogon = 2,
2844 MsV1_0Lm20Logon,
2845 MsV1_0NetworkLogon,
2846 MsV1_0SubAuthLogon,
2847 MsV1_0WorkstationUnlockLogon = 7,
2848 MsV1_0S4ULogon = 12,
2849 MsV1_0VirtualLogon = 82
2850 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
2851
2852 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
2853 MsV1_0InteractiveProfile = 2,
2854 MsV1_0Lm20LogonProfile,
2855 MsV1_0SmartCardProfile
2856 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
2857
2858 typedef struct _MSV1_0_INTERACTIVE_LOGON {
2859 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2860 UNICODE_STRING LogonDomainName;
2861 UNICODE_STRING UserName;
2862 UNICODE_STRING Password;
2863 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
2864
2865 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
2866 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2867 USHORT LogonCount;
2868 USHORT BadPasswordCount;
2869 LARGE_INTEGER LogonTime;
2870 LARGE_INTEGER LogoffTime;
2871 LARGE_INTEGER KickOffTime;
2872 LARGE_INTEGER PasswordLastSet;
2873 LARGE_INTEGER PasswordCanChange;
2874 LARGE_INTEGER PasswordMustChange;
2875 UNICODE_STRING LogonScript;
2876 UNICODE_STRING HomeDirectory;
2877 UNICODE_STRING FullName;
2878 UNICODE_STRING ProfilePath;
2879 UNICODE_STRING HomeDirectoryDrive;
2880 UNICODE_STRING LogonServer;
2881 ULONG UserFlags;
2882 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
2883
2884 typedef struct _MSV1_0_LM20_LOGON {
2885 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2886 UNICODE_STRING LogonDomainName;
2887 UNICODE_STRING UserName;
2888 UNICODE_STRING Workstation;
2889 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2890 STRING CaseSensitiveChallengeResponse;
2891 STRING CaseInsensitiveChallengeResponse;
2892 ULONG ParameterControl;
2893 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
2894
2895 typedef struct _MSV1_0_SUBAUTH_LOGON {
2896 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2897 UNICODE_STRING LogonDomainName;
2898 UNICODE_STRING UserName;
2899 UNICODE_STRING Workstation;
2900 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
2901 STRING AuthenticationInfo1;
2902 STRING AuthenticationInfo2;
2903 ULONG ParameterControl;
2904 ULONG SubAuthPackageId;
2905 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
2906
2907 #if (_WIN32_WINNT >= 0x0600)
2908
2909 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2910
2911 typedef struct _MSV1_0_S4U_LOGON {
2912 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
2913 ULONG Flags;
2914 UNICODE_STRING UserPrincipalName;
2915 UNICODE_STRING DomainName;
2916 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
2917
2918 #endif
2919
2920 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
2921 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
2922 LARGE_INTEGER KickOffTime;
2923 LARGE_INTEGER LogoffTime;
2924 ULONG UserFlags;
2925 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
2926 UNICODE_STRING LogonDomainName;
2927 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
2928 UNICODE_STRING LogonServer;
2929 UNICODE_STRING UserParameters;
2930 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
2931
2932 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
2933 ULONG Version;
2934 ULONG Flags;
2935 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2936 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
2937 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
2938
2939 typedef struct _MSV1_0_NTLM3_RESPONSE {
2940 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
2941 UCHAR RespType;
2942 UCHAR HiRespType;
2943 USHORT Flags;
2944 ULONG MsgWord;
2945 ULONGLONG TimeStamp;
2946 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
2947 ULONG AvPairsOff;
2948 UCHAR Buffer[1];
2949 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
2950
2951 typedef enum _MSV1_0_AVID {
2952 MsvAvEOL,
2953 MsvAvNbComputerName,
2954 MsvAvNbDomainName,
2955 MsvAvDnsComputerName,
2956 MsvAvDnsDomainName,
2957 #if (_WIN32_WINNT >= 0x0501)
2958 MsvAvDnsTreeName,
2959 MsvAvFlags,
2960 #if (_WIN32_WINNT >= 0x0600)
2961 MsvAvTimestamp,
2962 MsvAvRestrictions,
2963 MsvAvTargetName,
2964 MsvAvChannelBindings,
2965 #endif
2966 #endif
2967 } MSV1_0_AVID;
2968
2969 typedef struct _MSV1_0_AV_PAIR {
2970 USHORT AvId;
2971 USHORT AvLen;
2972 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
2973
2974 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
2975 MsV1_0Lm20ChallengeRequest = 0,
2976 MsV1_0Lm20GetChallengeResponse,
2977 MsV1_0EnumerateUsers,
2978 MsV1_0GetUserInfo,
2979 MsV1_0ReLogonUsers,
2980 MsV1_0ChangePassword,
2981 MsV1_0ChangeCachedPassword,
2982 MsV1_0GenericPassthrough,
2983 MsV1_0CacheLogon,
2984 MsV1_0SubAuth,
2985 MsV1_0DeriveCredential,
2986 MsV1_0CacheLookup,
2987 #if (_WIN32_WINNT >= 0x0501)
2988 MsV1_0SetProcessOption,
2989 #endif
2990 #if (_WIN32_WINNT >= 0x0600)
2991 MsV1_0ConfigLocalAliases,
2992 MsV1_0ClearCachedCredentials,
2993 #endif
2994 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
2995
2996 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
2997 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
2998 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
2999
3000 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
3001 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3002 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3003 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
3004
3005 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
3006 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3007 ULONG ParameterControl;
3008 LUID LogonId;
3009 UNICODE_STRING Password;
3010 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3011 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
3012
3013 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
3014 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3015 ULONG ParameterControl;
3016 LUID LogonId;
3017 UNICODE_STRING Password;
3018 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
3019 UNICODE_STRING UserName;
3020 UNICODE_STRING LogonDomainName;
3021 UNICODE_STRING ServerName;
3022 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
3023
3024 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
3025 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3026 STRING CaseSensitiveChallengeResponse;
3027 STRING CaseInsensitiveChallengeResponse;
3028 UNICODE_STRING UserName;
3029 UNICODE_STRING LogonDomainName;
3030 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
3031 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
3032 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
3033
3034 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
3035 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3036 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
3037
3038 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
3039 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3040 ULONG NumberOfLoggedOnUsers;
3041 PLUID LogonIds;
3042 PULONG EnumHandles;
3043 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
3044
3045 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
3046 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3047 LUID LogonId;
3048 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
3049
3050 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
3051 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
3052 PSID UserSid;
3053 UNICODE_STRING UserName;
3054 UNICODE_STRING LogonDomainName;
3055 UNICODE_STRING LogonServer;
3056 SECURITY_LOGON_TYPE LogonType;
3057 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
3058
3059
3060
3061 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
3062 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
3063 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
3064
3065 /* also in winnt.h */
3066 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
3067 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
3068 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
3069 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
3070 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
3071 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
3072 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
3073 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
3074 #define FILE_NOTIFY_CHANGE_EA 0x00000080
3075 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
3076 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
3077 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
3078 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
3079 #define FILE_NOTIFY_VALID_MASK 0x00000fff
3080
3081 #define FILE_ACTION_ADDED 0x00000001
3082 #define FILE_ACTION_REMOVED 0x00000002
3083 #define FILE_ACTION_MODIFIED 0x00000003
3084 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
3085 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
3086 #define FILE_ACTION_ADDED_STREAM 0x00000006
3087 #define FILE_ACTION_REMOVED_STREAM 0x00000007
3088 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
3089 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
3090 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
3091 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
3092 /* end winnt.h */
3093
3094 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
3095 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
3096
3097 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3098 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3099
3100 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS 0x00000000
3101 #define FILE_PIPE_REJECT_REMOTE_CLIENTS 0x00000002
3102 #define FILE_PIPE_TYPE_VALID_MASK 0x00000003
3103
3104 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
3105 #define FILE_PIPE_MESSAGE_MODE 0x00000001
3106
3107 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
3108 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
3109
3110 #define FILE_PIPE_INBOUND 0x00000000
3111 #define FILE_PIPE_OUTBOUND 0x00000001
3112 #define FILE_PIPE_FULL_DUPLEX 0x00000002
3113
3114 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
3115 #define FILE_PIPE_LISTENING_STATE 0x00000002
3116 #define FILE_PIPE_CONNECTED_STATE 0x00000003
3117 #define FILE_PIPE_CLOSING_STATE 0x00000004
3118
3119 #define FILE_PIPE_CLIENT_END 0x00000000
3120 #define FILE_PIPE_SERVER_END 0x00000001
3121
3122 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
3123 #define FILE_CASE_PRESERVED_NAMES 0x00000002
3124 #define FILE_UNICODE_ON_DISK 0x00000004
3125 #define FILE_PERSISTENT_ACLS 0x00000008
3126 #define FILE_FILE_COMPRESSION 0x00000010
3127 #define FILE_VOLUME_QUOTAS 0x00000020
3128 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
3129 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
3130 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
3131 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
3132 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
3133 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
3134 #define FILE_NAMED_STREAMS 0x00040000
3135 #define FILE_READ_ONLY_VOLUME 0x00080000
3136 #define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
3137 #define FILE_SUPPORTS_TRANSACTIONS 0x00200000
3138 #define FILE_SUPPORTS_HARD_LINKS 0x00400000
3139 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
3140 #define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
3141 #define FILE_SUPPORTS_USN_JOURNAL 0x02000000
3142
3143 #define FILE_NEED_EA 0x00000080
3144
3145 #define FILE_EA_TYPE_BINARY 0xfffe
3146 #define FILE_EA_TYPE_ASCII 0xfffd
3147 #define FILE_EA_TYPE_BITMAP 0xfffb
3148 #define FILE_EA_TYPE_METAFILE 0xfffa
3149 #define FILE_EA_TYPE_ICON 0xfff9
3150 #define FILE_EA_TYPE_EA 0xffee
3151 #define FILE_EA_TYPE_MVMT 0xffdf
3152 #define FILE_EA_TYPE_MVST 0xffde
3153 #define FILE_EA_TYPE_ASN1 0xffdd
3154 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
3155
3156 typedef struct _FILE_NOTIFY_INFORMATION {
3157 ULONG NextEntryOffset;
3158 ULONG Action;
3159 ULONG FileNameLength;
3160 WCHAR FileName[1];
3161 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
3162
3163 typedef struct _FILE_DIRECTORY_INFORMATION {
3164 ULONG NextEntryOffset;
3165 ULONG FileIndex;
3166 LARGE_INTEGER CreationTime;
3167 LARGE_INTEGER LastAccessTime;
3168 LARGE_INTEGER LastWriteTime;
3169 LARGE_INTEGER ChangeTime;
3170 LARGE_INTEGER EndOfFile;
3171 LARGE_INTEGER AllocationSize;
3172 ULONG FileAttributes;
3173 ULONG FileNameLength;
3174 WCHAR FileName[1];
3175 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
3176
3177 typedef struct _FILE_FULL_DIR_INFORMATION {
3178 ULONG NextEntryOffset;
3179 ULONG FileIndex;
3180 LARGE_INTEGER CreationTime;
3181 LARGE_INTEGER LastAccessTime;
3182 LARGE_INTEGER LastWriteTime;
3183 LARGE_INTEGER ChangeTime;
3184 LARGE_INTEGER EndOfFile;
3185 LARGE_INTEGER AllocationSize;
3186 ULONG FileAttributes;
3187 ULONG FileNameLength;
3188 ULONG EaSize;
3189 WCHAR FileName[1];
3190 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
3191
3192 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
3193 ULONG NextEntryOffset;
3194 ULONG FileIndex;
3195 LARGE_INTEGER CreationTime;
3196 LARGE_INTEGER LastAccessTime;
3197 LARGE_INTEGER LastWriteTime;
3198 LARGE_INTEGER ChangeTime;
3199 LARGE_INTEGER EndOfFile;
3200 LARGE_INTEGER AllocationSize;
3201 ULONG FileAttributes;
3202 ULONG FileNameLength;
3203 ULONG EaSize;
3204 LARGE_INTEGER FileId;
3205 WCHAR FileName[1];
3206 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
3207
3208 typedef struct _FILE_BOTH_DIR_INFORMATION {
3209 ULONG NextEntryOffset;
3210 ULONG FileIndex;
3211 LARGE_INTEGER CreationTime;
3212 LARGE_INTEGER LastAccessTime;
3213 LARGE_INTEGER LastWriteTime;
3214 LARGE_INTEGER ChangeTime;
3215 LARGE_INTEGER EndOfFile;
3216 LARGE_INTEGER AllocationSize;
3217 ULONG FileAttributes;
3218 ULONG FileNameLength;
3219 ULONG EaSize;
3220 CCHAR ShortNameLength;
3221 WCHAR ShortName[12];
3222 WCHAR FileName[1];
3223 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
3224
3225 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
3226 ULONG NextEntryOffset;
3227 ULONG FileIndex;
3228 LARGE_INTEGER CreationTime;
3229 LARGE_INTEGER LastAccessTime;
3230 LARGE_INTEGER LastWriteTime;
3231 LARGE_INTEGER ChangeTime;
3232 LARGE_INTEGER EndOfFile;
3233 LARGE_INTEGER AllocationSize;
3234 ULONG FileAttributes;
3235 ULONG FileNameLength;
3236 ULONG EaSize;
3237 CCHAR ShortNameLength;
3238 WCHAR ShortName[12];
3239 LARGE_INTEGER FileId;
3240 WCHAR FileName[1];
3241 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
3242
3243 typedef struct _FILE_NAMES_INFORMATION {
3244 ULONG NextEntryOffset;
3245 ULONG FileIndex;
3246 ULONG FileNameLength;
3247 WCHAR FileName[1];
3248 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
3249
3250 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
3251 ULONG NextEntryOffset;
3252 ULONG FileIndex;
3253 LARGE_INTEGER CreationTime;
3254 LARGE_INTEGER LastAccessTime;
3255 LARGE_INTEGER LastWriteTime;
3256 LARGE_INTEGER ChangeTime;
3257 LARGE_INTEGER EndOfFile;
3258 LARGE_INTEGER AllocationSize;
3259 ULONG FileAttributes;
3260 ULONG FileNameLength;
3261 LARGE_INTEGER FileId;
3262 GUID LockingTransactionId;
3263 ULONG TxInfoFlags;
3264 WCHAR FileName[1];
3265 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
3266
3267 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED 0x00000001
3268 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX 0x00000002
3269 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX 0x00000004
3270
3271 typedef struct _FILE_OBJECTID_INFORMATION {
3272 LONGLONG FileReference;
3273 UCHAR ObjectId[16];
3274 _ANONYMOUS_UNION union {
3275 _ANONYMOUS_STRUCT struct {
3276 UCHAR BirthVolumeId[16];
3277 UCHAR BirthObjectId[16];
3278 UCHAR DomainId[16];
3279 } DUMMYSTRUCTNAME;
3280 UCHAR ExtendedInfo[48];
3281 } DUMMYUNIONNAME;
3282 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
3283
3284 #define ANSI_DOS_STAR ('<')
3285 #define ANSI_DOS_QM ('>')
3286 #define ANSI_DOS_DOT ('"')
3287
3288 #define DOS_STAR (L'<')
3289 #define DOS_QM (L'>')
3290 #define DOS_DOT (L'"')
3291
3292 typedef struct _FILE_INTERNAL_INFORMATION {
3293 LARGE_INTEGER IndexNumber;
3294 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
3295
3296 typedef struct _FILE_EA_INFORMATION {
3297 ULONG EaSize;
3298 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
3299
3300 typedef struct _FILE_ACCESS_INFORMATION {
3301 ACCESS_MASK AccessFlags;
3302 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
3303
3304 typedef struct _FILE_MODE_INFORMATION {
3305 ULONG Mode;
3306 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
3307
3308 typedef struct _FILE_ALL_INFORMATION {
3309 FILE_BASIC_INFORMATION BasicInformation;
3310 FILE_STANDARD_INFORMATION StandardInformation;
3311 FILE_INTERNAL_INFORMATION InternalInformation;
3312 FILE_EA_INFORMATION EaInformation;
3313 FILE_ACCESS_INFORMATION AccessInformation;
3314 FILE_POSITION_INFORMATION PositionInformation;
3315 FILE_MODE_INFORMATION ModeInformation;
3316 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
3317 FILE_NAME_INFORMATION NameInformation;
3318 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
3319
3320 typedef struct _FILE_ALLOCATION_INFORMATION {
3321 LARGE_INTEGER AllocationSize;
3322 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
3323
3324 typedef struct _FILE_COMPRESSION_INFORMATION {
3325 LARGE_INTEGER CompressedFileSize;
3326 USHORT CompressionFormat;
3327 UCHAR CompressionUnitShift;
3328 UCHAR ChunkShift;
3329 UCHAR ClusterShift;
3330 UCHAR Reserved[3];
3331 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
3332
3333 typedef struct _FILE_LINK_INFORMATION {
3334 BOOLEAN ReplaceIfExists;
3335 HANDLE RootDirectory;
3336 ULONG FileNameLength;
3337 WCHAR FileName[1];
3338 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
3339
3340 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
3341 ULONG ClusterCount;
3342 HANDLE RootDirectory;
3343 ULONG FileNameLength;
3344 WCHAR FileName[1];
3345 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
3346
3347 typedef struct _FILE_RENAME_INFORMATION {
3348 BOOLEAN ReplaceIfExists;
3349 HANDLE RootDirectory;
3350 ULONG FileNameLength;
3351 WCHAR FileName[1];
3352 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
3353
3354 typedef struct _FILE_STREAM_INFORMATION {
3355 ULONG NextEntryOffset;
3356 ULONG StreamNameLength;
3357 LARGE_INTEGER StreamSize;
3358 LARGE_INTEGER StreamAllocationSize;
3359 WCHAR StreamName[1];
3360 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
3361
3362 typedef struct _FILE_TRACKING_INFORMATION {
3363 HANDLE DestinationFile;
3364 ULONG ObjectInformationLength;
3365 CHAR ObjectInformation[1];
3366 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
3367
3368 typedef struct _FILE_COMPLETION_INFORMATION {
3369 HANDLE Port;
3370 PVOID Key;
3371 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
3372
3373 typedef struct _FILE_PIPE_INFORMATION {
3374 ULONG ReadMode;
3375 ULONG CompletionMode;
3376 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
3377
3378 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
3379 ULONG NamedPipeType;
3380 ULONG NamedPipeConfiguration;
3381 ULONG MaximumInstances;
3382 ULONG CurrentInstances;
3383 ULONG InboundQuota;
3384 ULONG ReadDataAvailable;
3385 ULONG OutboundQuota;
3386 ULONG WriteQuotaAvailable;
3387 ULONG NamedPipeState;
3388 ULONG NamedPipeEnd;
3389 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
3390
3391 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
3392 LARGE_INTEGER CollectDataTime;
3393 ULONG MaximumCollectionCount;
3394 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
3395
3396 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
3397 ULONG MaximumMessageSize;
3398 ULONG MailslotQuota;
3399 ULONG NextMessageSize;
3400 ULONG MessagesAvailable;
3401 LARGE_INTEGER ReadTimeout;
3402 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
3403
3404 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
3405 PLARGE_INTEGER ReadTimeout;
3406 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
3407
3408 typedef struct _FILE_REPARSE_POINT_INFORMATION {
3409 LONGLONG FileReference;
3410 ULONG Tag;
3411 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
3412
3413 typedef struct _FILE_LINK_ENTRY_INFORMATION {
3414 ULONG NextEntryOffset;
3415 LONGLONG ParentFileId;
3416 ULONG FileNameLength;
3417 WCHAR FileName[1];
3418 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
3419
3420 typedef struct _FILE_LINKS_INFORMATION {
3421 ULONG BytesNeeded;
3422 ULONG EntriesReturned;
3423 FILE_LINK_ENTRY_INFORMATION Entry;
3424 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
3425
3426 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
3427 ULONG FileNameLength;
3428 WCHAR FileName[1];
3429 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
3430
3431 typedef struct _FILE_STANDARD_LINK_INFORMATION {
3432 ULONG NumberOfAccessibleLinks;
3433 ULONG TotalNumberOfLinks;
3434 BOOLEAN DeletePending;
3435 BOOLEAN Directory;
3436 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
3437
3438 typedef struct _FILE_GET_EA_INFORMATION {
3439 ULONG NextEntryOffset;
3440 UCHAR EaNameLength;
3441 CHAR EaName[1];
3442 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
3443
3444 #define REMOTE_PROTOCOL_FLAG_LOOPBACK 0x00000001
3445 #define REMOTE_PROTOCOL_FLAG_OFFLINE 0x00000002
3446
3447 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
3448 USHORT StructureVersion;
3449 USHORT StructureSize;
3450 ULONG Protocol;
3451 USHORT ProtocolMajorVersion;
3452 USHORT ProtocolMinorVersion;
3453 USHORT ProtocolRevision;
3454 USHORT Reserved;
3455 ULONG Flags;
3456 struct {
3457 ULONG Reserved[8];
3458 } GenericReserved;
3459 struct {
3460 ULONG Reserved[16];
3461 } ProtocolSpecificReserved;
3462 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
3463
3464 typedef struct _FILE_GET_QUOTA_INFORMATION {
3465 ULONG NextEntryOffset;
3466 ULONG SidLength;
3467 SID Sid;
3468 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
3469
3470 typedef struct _FILE_QUOTA_INFORMATION {
3471 ULONG NextEntryOffset;
3472 ULONG SidLength;
3473 LARGE_INTEGER ChangeTime;
3474 LARGE_INTEGER QuotaUsed;
3475 LARGE_INTEGER QuotaThreshold;
3476 LARGE_INTEGER QuotaLimit;
3477 SID Sid;
3478 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
3479
3480 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
3481 ULONG FileSystemAttributes;
3482 ULONG MaximumComponentNameLength;
3483 ULONG FileSystemNameLength;
3484 WCHAR FileSystemName[1];
3485 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
3486
3487 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
3488 BOOLEAN DriverInPath;
3489 ULONG DriverNameLength;
3490 WCHAR DriverName[1];
3491 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
3492
3493 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
3494 ULONG Flags;
3495 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
3496
3497 #define FILE_VC_QUOTA_NONE 0x00000000
3498 #define FILE_VC_QUOTA_TRACK 0x00000001
3499 #define FILE_VC_QUOTA_ENFORCE 0x00000002
3500 #define FILE_VC_QUOTA_MASK 0x00000003
3501 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
3502 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
3503 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
3504 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
3505 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
3506 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
3507 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
3508 #define FILE_VC_VALID_MASK 0x000003ff
3509
3510 typedef struct _FILE_FS_CONTROL_INFORMATION {
3511 LARGE_INTEGER FreeSpaceStartFiltering;
3512 LARGE_INTEGER FreeSpaceThreshold;
3513 LARGE_INTEGER FreeSpaceStopFiltering;
3514 LARGE_INTEGER DefaultQuotaThreshold;
3515 LARGE_INTEGER DefaultQuotaLimit;
3516 ULONG FileSystemControlFlags;
3517 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
3518
3519 #ifndef _FILESYSTEMFSCTL_
3520 #define _FILESYSTEMFSCTL_
3521
3522 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
3523 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
3524 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
3525 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
3526 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
3527 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
3528 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
3529 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
3530 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
3531 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
3532 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
3533 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
3534 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
3535 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
3536 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3537 #define FSCTL_SET_BOOTLOADER_ACCESSED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
3538
3539 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
3540 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
3541 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
3542 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
3543 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
3544
3545 #if (_WIN32_WINNT >= 0x0400)
3546
3547 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
3548 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
3549 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
3550 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
3551 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
3552 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
3553 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
3554
3555 #endif
3556
3557 #if (_WIN32_WINNT >= 0x0500)
3558
3559 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
3560 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
3561 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
3562 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
3563 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
3564 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
3565 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
3566 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
3567 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
3568 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
3569 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
3570 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
3571 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
3572 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
3573 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
3574 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
3575 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
3576 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
3577 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
3578 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
3579 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
3580 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
3581 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
3582 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
3583 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
3584 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
3585 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
3586 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
3587 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
3588 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
3589 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
3590 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3591
3592 #endif
3593
3594 #if (_WIN32_WINNT >= 0x0600)
3595
3596 #define FSCTL_MAKE_MEDIA_COMPATIBLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
3597 #define FSCTL_SET_DEFECT_MANAGEMENT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
3598 #define FSCTL_QUERY_SPARING_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
3599 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
3600 #define FSCTL_SET_VOLUME_COMPRESSION_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3601 #define FSCTL_TXFS_MODIFY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
3602 #define FSCTL_TXFS_QUERY_RM_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
3603 #define FSCTL_TXFS_ROLLFORWARD_REDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
3604 #define FSCTL_TXFS_ROLLFORWARD_UNDO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
3605 #define FSCTL_TXFS_START_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
3606 #define FSCTL_TXFS_SHUTDOWN_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
3607 #define FSCTL_TXFS_READ_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
3608 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
3609 #define FSCTL_TXFS_CREATE_SECONDARY_RM CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
3610 #define FSCTL_TXFS_GET_METADATA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
3611 #define FSCTL_TXFS_GET_TRANSACTED_VERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
3612 #define FSCTL_TXFS_SAVEPOINT_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
3613 #define FSCTL_TXFS_CREATE_MINIVERSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
3614 #define FSCTL_TXFS_TRANSACTION_ACTIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
3615 #define FSCTL_SET_ZERO_ON_DEALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3616 #define FSCTL_SET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
3617 #define FSCTL_GET_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
3618 #define FSCTL_WAIT_FOR_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
3619 #define FSCTL_INITIATE_REPAIR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
3620 #define FSCTL_CSC_INTERNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER, FILE_ANY_ACCESS)
3621 #define FSCTL_SHRINK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
3622 #define FSCTL_SET_SHORT_NAME_BEHAVIOR CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
3623 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
3624
3625 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
3626 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
3627 #define FSCTL_TXFS_LIST_TRANSACTIONS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
3628 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
3629 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
3630 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
3631
3632 #endif
3633
3634 #if (_WIN32_WINNT >= 0x0601)
3635
3636 #define FSCTL_QUERY_DEPENDENT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
3637 #define FSCTL_SD_GLOBAL_CHANGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
3638 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
3639 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
3640 #define FSCTL_FILE_TYPE_NOTIFICATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
3641 #define FSCTL_GET_BOOT_AREA_INFO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
3642 #define FSCTL_GET_RETRIEVAL_POINTER_BASE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
3643 #define FSCTL_SET_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
3644 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
3645
3646 #define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
3647
3648 #define FSCTL_CSV_TUNNEL_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
3649 #define FSCTL_IS_CSV_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
3650
3651 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
3652 #define FSCTL_CSV_GET_VOLUME_PATH_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
3653 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
3654 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150, METHOD_BUFFERED, FILE_ANY_ACCESS)
3655 #define FSCTL_IS_FILE_ON_CSV_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151, METHOD_BUFFERED, FILE_ANY_ACCESS)
3656
3657 typedef struct _CSV_NAMESPACE_INFO {
3658 ULONG Version;
3659 ULONG DeviceNumber;
3660 LARGE_INTEGER StartingOffset;
3661 ULONG SectorSize;
3662 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
3663
3664 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
3665 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
3666
3667 #endif
3668
3669 #define FSCTL_MARK_AS_SYSTEM_HIVE FSCTL_SET_BOOTLOADER_ACCESSED
3670
3671 typedef struct _PATHNAME_BUFFER {
3672 ULONG PathNameLength;
3673 WCHAR Name[1];
3674 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
3675
3676 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
3677 UCHAR First0x24BytesOfBootSector[0x24];
3678 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
3679
3680 #if (_WIN32_WINNT >= 0x0400)
3681
3682 typedef struct _NTFS_VOLUME_DATA_BUFFER {
3683 LARGE_INTEGER VolumeSerialNumber;
3684 LARGE_INTEGER NumberSectors;
3685 LARGE_INTEGER TotalClusters;
3686 LARGE_INTEGER FreeClusters;
3687 LARGE_INTEGER TotalReserved;
3688 ULONG BytesPerSector;
3689 ULONG BytesPerCluster;
3690 ULONG BytesPerFileRecordSegment;
3691 ULONG ClustersPerFileRecordSegment;
3692 LARGE_INTEGER MftValidDataLength;
3693 LARGE_INTEGER MftStartLcn;
3694 LARGE_INTEGER Mft2StartLcn;
3695 LARGE_INTEGER MftZoneStart;
3696 LARGE_INTEGER MftZoneEnd;
3697 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
3698
3699 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
3700 ULONG ByteCount;
3701 USHORT MajorVersion;
3702 USHORT MinorVersion;
3703 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
3704
3705 typedef struct _STARTING_LCN_INPUT_BUFFER {
3706 LARGE_INTEGER StartingLcn;
3707 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
3708
3709 typedef struct _VOLUME_BITMAP_BUFFER {
3710 LARGE_INTEGER StartingLcn;
3711 LARGE_INTEGER BitmapSize;
3712 UCHAR Buffer[1];
3713 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
3714
3715 typedef struct _STARTING_VCN_INPUT_BUFFER {
3716 LARGE_INTEGER StartingVcn;
3717 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
3718
3719 typedef struct _RETRIEVAL_POINTERS_BUFFER {
3720 ULONG ExtentCount;
3721 LARGE_INTEGER StartingVcn;
3722 struct {
3723 LARGE_INTEGER NextVcn;
3724 LARGE_INTEGER Lcn;
3725 } Extents[1];
3726 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
3727
3728 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
3729 LARGE_INTEGER FileReferenceNumber;
3730 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
3731
3732 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
3733 LARGE_INTEGER FileReferenceNumber;
3734 ULONG FileRecordLength;
3735 UCHAR FileRecordBuffer[1];
3736 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
3737
3738 typedef struct _MOVE_FILE_DATA {
3739 HANDLE FileHandle;
3740 LARGE_INTEGER StartingVcn;
3741 LARGE_INTEGER StartingLcn;
3742 ULONG ClusterCount;
3743 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
3744
3745 typedef struct _MOVE_FILE_RECORD_DATA {
3746 HANDLE FileHandle;
3747 LARGE_INTEGER SourceFileRecord;
3748 LARGE_INTEGER TargetFileRecord;
3749 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
3750
3751 #if defined(_WIN64)
3752 typedef struct _MOVE_FILE_DATA32 {
3753 UINT32 FileHandle;
3754 LARGE_INTEGER StartingVcn;
3755 LARGE_INTEGER StartingLcn;
3756 ULONG ClusterCount;
3757 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
3758 #endif
3759
3760 #endif /* (_WIN32_WINNT >= 0x0400) */
3761
3762 #if (_WIN32_WINNT >= 0x0500)
3763
3764 typedef struct _FIND_BY_SID_DATA {
3765 ULONG Restart;
3766 SID Sid;
3767 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
3768
3769 typedef struct _FIND_BY_SID_OUTPUT {
3770 ULONG NextEntryOffset;
3771 ULONG FileIndex;
3772 ULONG FileNameLength;
3773 WCHAR FileName[1];
3774 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
3775
3776 typedef struct _MFT_ENUM_DATA {
3777 ULONGLONG StartFileReferenceNumber;
3778 USN LowUsn;
3779 USN HighUsn;
3780 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
3781
3782 typedef struct _CREATE_USN_JOURNAL_DATA {
3783 ULONGLONG MaximumSize;
3784 ULONGLONG AllocationDelta;
3785 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
3786
3787 typedef struct _READ_USN_JOURNAL_DATA {
3788 USN StartUsn;
3789 ULONG ReasonMask;
3790 ULONG ReturnOnlyOnClose;
3791 ULONGLONG Timeout;
3792 ULONGLONG BytesToWaitFor;
3793 ULONGLONG UsnJournalID;
3794 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
3795
3796 typedef struct _USN_RECORD {
3797 ULONG RecordLength;
3798 USHORT MajorVersion;
3799 USHORT MinorVersion;
3800 ULONGLONG FileReferenceNumber;
3801 ULONGLONG ParentFileReferenceNumber;
3802 USN Usn;
3803 LARGE_INTEGER TimeStamp;
3804 ULONG Reason;
3805 ULONG SourceInfo;
3806 ULONG SecurityId;
3807 ULONG FileAttributes;
3808 USHORT FileNameLength;
3809 USHORT FileNameOffset;
3810 WCHAR FileName[1];
3811 } USN_RECORD, *PUSN_RECORD;
3812
3813 #define USN_PAGE_SIZE (0x1000)
3814
3815 #define USN_REASON_DATA_OVERWRITE (0x00000001)
3816 #define USN_REASON_DATA_EXTEND (0x00000002)
3817 #define USN_REASON_DATA_TRUNCATION (0x00000004)
3818 #define USN_REASON_NAMED_DATA_OVERWRITE (0x00000010)
3819 #define USN_REASON_NAMED_DATA_EXTEND (0x00000020)
3820 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
3821 #define USN_REASON_FILE_CREATE (0x00000100)
3822 #define USN_REASON_FILE_DELETE (0x00000200)
3823 #define USN_REASON_EA_CHANGE (0x00000400)
3824 #define USN_REASON_SECURITY_CHANGE (0x00000800)
3825 #define USN_REASON_RENAME_OLD_NAME (0x00001000)
3826 #define USN_REASON_RENAME_NEW_NAME (0x00002000)
3827 #define USN_REASON_INDEXABLE_CHANGE (0x00004000)
3828 #define USN_REASON_BASIC_INFO_CHANGE (0x00008000)
3829 #define USN_REASON_HARD_LINK_CHANGE (0x00010000)
3830 #define USN_REASON_COMPRESSION_CHANGE (0x00020000)
3831 #define USN_REASON_ENCRYPTION_CHANGE (0x00040000)
3832 #define USN_REASON_OBJECT_ID_CHANGE (0x00080000)
3833 #define USN_REASON_REPARSE_POINT_CHANGE (0x00100000)
3834 #define USN_REASON_STREAM_CHANGE (0x00200000)
3835 #define USN_REASON_TRANSACTED_CHANGE (0x00400000)
3836 #define USN_REASON_CLOSE (0x80000000)
3837
3838 typedef struct _USN_JOURNAL_DATA {
3839 ULONGLONG UsnJournalID;
3840 USN FirstUsn;
3841 USN NextUsn;
3842 USN LowestValidUsn;
3843 USN MaxUsn;
3844 ULONGLONG MaximumSize;
3845 ULONGLONG AllocationDelta;
3846 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
3847
3848 typedef struct _DELETE_USN_JOURNAL_DATA {
3849 ULONGLONG UsnJournalID;
3850 ULONG DeleteFlags;
3851 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
3852
3853 #define USN_DELETE_FLAG_DELETE (0x00000001)
3854 #define USN_DELETE_FLAG_NOTIFY (0x00000002)
3855 #define USN_DELETE_VALID_FLAGS (0x00000003)
3856
3857 typedef struct _MARK_HANDLE_INFO {
3858 ULONG UsnSourceInfo;
3859 HANDLE VolumeHandle;
3860 ULONG HandleInfo;
3861 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
3862
3863 #if defined(_WIN64)
3864 typedef struct _MARK_HANDLE_INFO32 {
3865 ULONG UsnSourceInfo;
3866 UINT32 VolumeHandle;
3867 ULONG HandleInfo;
3868 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
3869 #endif
3870
3871 #define USN_SOURCE_DATA_MANAGEMENT (0x00000001)
3872 #define USN_SOURCE_AUXILIARY_DATA (0x00000002)
3873 #define USN_SOURCE_REPLICATION_MANAGEMENT (0x00000004)
3874
3875 #define MARK_HANDLE_PROTECT_CLUSTERS (0x00000001)
3876 #define MARK_HANDLE_TXF_SYSTEM_LOG (0x00000004)
3877 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG (0x00000008)
3878
3879 typedef struct _BULK_SECURITY_TEST_DATA {
3880 ACCESS_MASK DesiredAccess;
3881 ULONG SecurityIds[1];
3882 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
3883
3884 #define VOLUME_IS_DIRTY (0x00000001)
3885 #define VOLUME_UPGRADE_SCHEDULED (0x00000002)
3886 #define VOLUME_SESSION_OPEN (0x00000004)
3887
3888 typedef struct _FILE_PREFETCH {
3889 ULONG Type;
3890 ULONG Count;
3891 ULONGLONG Prefetch[1];
3892 } FILE_PREFETCH, *PFILE_PREFETCH;
3893
3894 typedef struct _FILE_PREFETCH_EX {
3895 ULONG Type;
3896 ULONG Count;
3897 PVOID Context;
3898 ULONGLONG Prefetch[1];
3899 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
3900
3901 #define FILE_PREFETCH_TYPE_FOR_CREATE 0x1
3902 #define FILE_PREFETCH_TYPE_FOR_DIRENUM 0x2
3903 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX 0x3
3904 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX 0x4
3905
3906 #define FILE_PREFETCH_TYPE_MAX 0x4
3907
3908 typedef struct _FILE_OBJECTID_BUFFER {
3909 UCHAR ObjectId[16];
3910 _ANONYMOUS_UNION union {
3911 _ANONYMOUS_STRUCT struct {
3912 UCHAR BirthVolumeId[16];
3913 UCHAR BirthObjectId[16];
3914 UCHAR DomainId[16];
3915 } DUMMYSTRUCTNAME;
3916 UCHAR ExtendedInfo[48];
3917 } DUMMYUNIONNAME;
3918 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
3919
3920 typedef struct _FILE_SET_SPARSE_BUFFER {
3921 BOOLEAN SetSparse;
3922 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
3923
3924 typedef struct _FILE_ZERO_DATA_INFORMATION {
3925 LARGE_INTEGER FileOffset;
3926 LARGE_INTEGER BeyondFinalZero;
3927 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
3928
3929 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
3930 LARGE_INTEGER FileOffset;
3931 LARGE_INTEGER Length;
3932 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
3933
3934 typedef struct _ENCRYPTION_BUFFER {
3935 ULONG EncryptionOperation;
3936 UCHAR Private[1];
3937 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
3938
3939 #define FILE_SET_ENCRYPTION 0x00000001
3940 #define FILE_CLEAR_ENCRYPTION 0x00000002
3941 #define STREAM_SET_ENCRYPTION 0x00000003
3942 #define STREAM_CLEAR_ENCRYPTION 0x00000004
3943
3944 #define MAXIMUM_ENCRYPTION_VALUE 0x00000004
3945
3946 typedef struct _DECRYPTION_STATUS_BUFFER {
3947 BOOLEAN NoEncryptedStreams;
3948 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
3949
3950 #define ENCRYPTION_FORMAT_DEFAULT (0x01)
3951
3952 #define COMPRESSION_FORMAT_SPARSE (0x4000)
3953
3954 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
3955 LONGLONG FileOffset;
3956 ULONG Length;
3957 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
3958
3959 typedef struct _ENCRYPTED_DATA_INFO {
3960 ULONGLONG StartingFileOffset;
3961 ULONG OutputBufferOffset;
3962 ULONG BytesWithinFileSize;
3963 ULONG BytesWithinValidDataLength;
3964 USHORT CompressionFormat;
3965 UCHAR DataUnitShift;
3966 UCHAR ChunkShift;
3967 UCHAR ClusterShift;
3968 UCHAR EncryptionFormat;
3969 USHORT NumberOfDataBlocks;
3970 ULONG DataBlockSize[ANYSIZE_ARRAY];
3971 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
3972
3973 typedef struct _PLEX_READ_DATA_REQUEST {
3974 LARGE_INTEGER ByteOffset;
3975 ULONG ByteLength;
3976 ULONG PlexNumber;
3977 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
3978
3979 typedef struct _SI_COPYFILE {
3980 ULONG SourceFileNameLength;
3981 ULONG DestinationFileNameLength;
3982 ULONG Flags;
3983 WCHAR FileNameBuffer[1];
3984 } SI_COPYFILE, *PSI_COPYFILE;
3985
3986 #define COPYFILE_SIS_LINK 0x0001
3987 #define COPYFILE_SIS_REPLACE 0x0002
3988 #define COPYFILE_SIS_FLAGS 0x0003
3989
3990 #endif /* (_WIN32_WINNT >= 0x0500) */
3991
3992 #if (_WIN32_WINNT >= 0x0600)
3993
3994 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER {
3995 BOOLEAN CloseDisc;
3996 } FILE_MAKE_COMPATIBLE_BUFFER, *PFILE_MAKE_COMPATIBLE_BUFFER;
3997
3998 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER {
3999 BOOLEAN Disable;
4000 } FILE_SET_DEFECT_MGMT_BUFFER, *PFILE_SET_DEFECT_MGMT_BUFFER;
4001
4002 typedef struct _FILE_QUERY_SPARING_BUFFER {
4003 ULONG SparingUnitBytes;
4004 BOOLEAN SoftwareSparing;
4005 ULONG TotalSpareBlocks;
4006 ULONG FreeSpareBlocks;
4007 } FILE_QUERY_SPARING_BUFFER, *PFILE_QUERY_SPARING_BUFFER;
4008
4009 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER {
4010 LARGE_INTEGER DirectoryCount;
4011 LARGE_INTEGER FileCount;
4012 USHORT FsFormatMajVersion;
4013 USHORT FsFormatMinVersion;
4014 WCHAR FsFormatName[12];
4015 LARGE_INTEGER FormatTime;
4016 LARGE_INTEGER LastUpdateTime;
4017 WCHAR CopyrightInfo[34];
4018 WCHAR AbstractInfo[34];
4019 WCHAR FormattingImplementationInfo[34];
4020 WCHAR LastModifyingImplementationInfo[34];
4021 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER;
4022
4023 #define SET_REPAIR_ENABLED (0x00000001)
4024 #define SET_REPAIR_VOLUME_BITMAP_SCAN (0x00000002)
4025 #define SET_REPAIR_DELETE_CROSSLINK (0x00000004)
4026 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS (0x00000008)
4027 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT (0x00000010)
4028 #define SET_REPAIR_VALID_MASK (0x0000001F)
4029
4030 typedef enum _SHRINK_VOLUME_REQUEST_TYPES {
4031 ShrinkPrepare = 1,
4032 ShrinkCommit,
4033 ShrinkAbort
4034 } SHRINK_VOLUME_REQUEST_TYPES, *PSHRINK_VOLUME_REQUEST_TYPES;
4035
4036 typedef struct _SHRINK_VOLUME_INFORMATION {
4037 SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType;
4038 ULONGLONG Flags;
4039 LONGLONG NewNumberOfSectors;
4040 } SHRINK_VOLUME_INFORMATION, *PSHRINK_VOLUME_INFORMATION;
4041
4042 #define TXFS_RM_FLAG_LOGGING_MODE 0x00000001
4043 #define TXFS_RM_FLAG_RENAME_RM 0x00000002
4044 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000004
4045 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000008
4046 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000010
4047 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000020
4048 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000040
4049 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000080
4050 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000100
4051 #define TXFS_RM_FLAG_GROW_LOG 0x00000400
4052 #define TXFS_RM_FLAG_SHRINK_LOG 0x00000800
4053 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE 0x00001000
4054 #define TXFS_RM_FLAG_PRESERVE_CHANGES 0x00002000
4055 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START 0x00004000
4056 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START 0x00008000
4057 #define TXFS_RM_FLAG_PREFER_CONSISTENCY 0x00010000
4058 #define TXFS_RM_FLAG_PREFER_AVAILABILITY 0x00020000
4059
4060 #define TXFS_LOGGING_MODE_SIMPLE (0x0001)
4061 #define TXFS_LOGGING_MODE_FULL (0x0002)
4062
4063 #define TXFS_TRANSACTION_STATE_NONE 0x00
4064 #define TXFS_TRANSACTION_STATE_ACTIVE 0x01
4065 #define TXFS_TRANSACTION_STATE_PREPARED 0x02
4066 #define TXFS_TRANSACTION_STATE_NOTACTIVE 0x03
4067
4068 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE | \
4069 TXFS_RM_FLAG_RENAME_RM | \
4070 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4071 TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4072 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4073 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4074 TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4075 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4076 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4077 TXFS_RM_FLAG_SHRINK_LOG | \
4078 TXFS_RM_FLAG_GROW_LOG | \
4079 TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE | \
4080 TXFS_RM_FLAG_PRESERVE_CHANGES | \
4081 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4082 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4083 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4084 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4085
4086 typedef struct _TXFS_MODIFY_RM {
4087 ULONG Flags;
4088 ULONG LogContainerCountMax;
4089 ULONG LogContainerCountMin;
4090 ULONG LogContainerCount;
4091 ULONG LogGrowthIncrement;
4092 ULONG LogAutoShrinkPercentage;
4093 ULONGLONG Reserved;
4094 USHORT LoggingMode;
4095 } TXFS_MODIFY_RM, *PTXFS_MODIFY_RM;
4096
4097 #define TXFS_RM_STATE_NOT_STARTED 0
4098 #define TXFS_RM_STATE_STARTING 1
4099 #define TXFS_RM_STATE_ACTIVE 2
4100 #define TXFS_RM_STATE_SHUTTING_DOWN 3
4101
4102 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS \
4103 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4104 TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4105 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4106 TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN | \
4107 TXFS_RM_FLAG_RESET_RM_AT_NEXT_START | \
4108 TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START | \
4109 TXFS_RM_FLAG_PREFER_CONSISTENCY | \
4110 TXFS_RM_FLAG_PREFER_AVAILABILITY)
4111
4112 typedef struct _TXFS_QUERY_RM_INFORMATION {
4113 ULONG BytesRequired;
4114 ULONGLONG TailLsn;
4115 ULONGLONG CurrentLsn;
4116 ULONGLONG ArchiveTailLsn;
4117 ULONGLONG LogContainerSize;
4118 LARGE_INTEGER HighestVirtualClock;
4119 ULONG LogContainerCount;
4120 ULONG LogContainerCountMax;
4121 ULONG LogContainerCountMin;
4122 ULONG LogGrowthIncrement;
4123 ULONG LogAutoShrinkPercentage;
4124 ULONG Flags;
4125 USHORT LoggingMode;
4126 USHORT Reserved;
4127 ULONG RmState;
4128 ULONGLONG LogCapacity;
4129 ULONGLONG LogFree;
4130 ULONGLONG TopsSize;
4131 ULONGLONG TopsUsed;
4132 ULONGLONG TransactionCount;
4133 ULONGLONG OnePCCount;
4134 ULONGLONG TwoPCCount;
4135 ULONGLONG NumberLogFileFull;
4136 ULONGLONG OldestTransactionAge;
4137 GUID RMName;
4138 ULONG TmLogPathOffset;
4139 } TXFS_QUERY_RM_INFORMATION, *PTXFS_QUERY_RM_INFORMATION;
4140
4141 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN 0x01
4142 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK 0x02
4143
4144 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS \
4145 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN | \
4146 TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
4147
4148 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION {
4149 LARGE_INTEGER LastVirtualClock;
4150 ULONGLONG LastRedoLsn;
4151 ULONGLONG HighestRecoveryLsn;
4152 ULONG Flags;
4153 } TXFS_ROLLFORWARD_REDO_INFORMATION, *PTXFS_ROLLFORWARD_REDO_INFORMATION;
4154
4155 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX 0x00000001
4156 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN 0x00000002
4157 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE 0x00000004
4158 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS 0x00000008
4159 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT 0x00000010
4160 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE 0x00000020
4161 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX 0x00000040
4162 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN 0x00000080
4163
4164 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT 0x00000200
4165 #define TXFS_START_RM_FLAG_LOGGING_MODE 0x00000400
4166 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES 0x00000800
4167
4168 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY 0x00001000
4169 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY 0x00002000
4170
4171 #define TXFS_START_RM_VALID_FLAGS \
4172 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX | \
4173 TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN | \
4174 TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE | \
4175 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
4176 TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT | \
4177 TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE | \
4178 TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT | \
4179 TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX | \
4180 TXFS_START_RM_FLAG_LOGGING_MODE | \
4181 TXFS_START_RM_FLAG_PRESERVE_CHANGES | \
4182 TXFS_START_RM_FLAG_PREFER_CONSISTENCY | \
4183 TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
4184
4185 typedef struct _TXFS_START_RM_INFORMATION {
4186 ULONG Flags;
4187 ULONGLONG LogContainerSize;
4188 ULONG LogContainerCountMin;
4189 ULONG LogContainerCountMax;
4190 ULONG LogGrowthIncrement;
4191 ULONG LogAutoShrinkPercentage;
4192 ULONG TmLogPathOffset;
4193 USHORT TmLogPathLength;
4194 USHORT LoggingMode;
4195 USHORT LogPathLength;
4196 USHORT Reserved;
4197 WCHAR LogPath[1];
4198 } TXFS_START_RM_INFORMATION, *PTXFS_START_RM_INFORMATION;
4199
4200 typedef struct _TXFS_GET_METADATA_INFO_OUT {
4201 struct {
4202 LONGLONG LowPart;
4203 LONGLONG HighPart;
4204 } TxfFileId;
4205 GUID LockingTransaction;
4206 ULONGLONG LastLsn;
4207 ULONG TransactionState;
4208 } TXFS_GET_METADATA_INFO_OUT, *PTXFS_GET_METADATA_INFO_OUT;
4209
4210 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED 0x00000001
4211 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED 0x00000002
4212
4213 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY {
4214 ULONGLONG Offset;
4215 ULONG NameFlags;
4216 LONGLONG FileId;
4217 ULONG Reserved1;
4218 ULONG Reserved2;
4219 LONGLONG Reserved3;
4220 WCHAR FileName[1];
4221 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY;
4222
4223 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES {
4224 GUID KtmTransaction;
4225 ULONGLONG NumberOfFiles;
4226 ULONGLONG BufferSizeRequired;
4227 ULONGLONG Offset;
4228 } TXFS_LIST_TRANSACTION_LOCKED_FILES, *PTXFS_LIST_TRANSACTION_LOCKED_FILES;
4229
4230 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY {
4231 GUID TransactionId;
4232 ULONG TransactionState;
4233 ULONG Reserved1;
4234 ULONG Reserved2;
4235 LONGLONG Reserved3;
4236 } TXFS_LIST_TRANSACTIONS_ENTRY, *PTXFS_LIST_TRANSACTIONS_ENTRY;
4237
4238 typedef struct _TXFS_LIST_TRANSACTIONS {
4239 ULONGLONG NumberOfTransactions;
4240 ULONGLONG BufferSizeRequired;
4241 } TXFS_LIST_TRANSACTIONS, *PTXFS_LIST_TRANSACTIONS;
4242
4243 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT {
4244 _ANONYMOUS_UNION union {
4245 ULONG BufferLength;
4246 UCHAR Buffer[1];
4247 } DUMMYUNIONNAME;
4248 } TXFS_READ_BACKUP_INFORMATION_OUT, *PTXFS_READ_BACKUP_INFORMATION_OUT;
4249
4250 typedef struct _TXFS_WRITE_BACKUP_INFORMATION {
4251 UCHAR Buffer[1];
4252 } TXFS_WRITE_BACKUP_INFORMATION, *PTXFS_WRITE_BACKUP_INFORMATION;
4253
4254 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED 0xFFFFFFFE
4255 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED 0xFFFFFFFF
4256
4257 typedef struct _TXFS_GET_TRANSACTED_VERSION {
4258 ULONG ThisBaseVersion;
4259 ULONG LatestVersion;
4260 USHORT ThisMiniVersion;
4261 USHORT FirstMiniVersion;
4262 USHORT LatestMiniVersion;
4263 } TXFS_GET_TRANSACTED_VERSION, *PTXFS_GET_TRANSACTED_VERSION;
4264
4265 #define TXFS_SAVEPOINT_SET 0x00000001
4266 #define TXFS_SAVEPOINT_ROLLBACK 0x00000002
4267 #define TXFS_SAVEPOINT_CLEAR 0x00000004
4268 #define TXFS_SAVEPOINT_CLEAR_ALL 0x00000010
4269
4270 typedef struct _TXFS_SAVEPOINT_INFORMATION {
4271 HANDLE KtmTransaction;
4272 ULONG ActionCode;
4273 ULONG SavepointId;
4274 } TXFS_SAVEPOINT_INFORMATION, *PTXFS_SAVEPOINT_INFORMATION;
4275
4276 typedef struct _TXFS_CREATE_MINIVERSION_INFO {
4277 USHORT StructureVersion;
4278 USHORT StructureLength;
4279 ULONG BaseVersion;
4280 USHORT MiniVersion;
4281 } TXFS_CREATE_MINIVERSION_INFO, *PTXFS_CREATE_MINIVERSION_INFO;
4282
4283 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO {
4284 BOOLEAN TransactionsActiveAtSnapshot;
4285 } TXFS_TRANSACTION_ACTIVE_INFO, *PTXFS_TRANSACTION_ACTIVE_INFO;
4286
4287 #endif /* (_WIN32_WINNT >= 0x0600) */
4288
4289 #if (_WIN32_WINNT >= 0x0601)
4290
4291 #define MARK_HANDLE_REALTIME (0x00000020)
4292 #define MARK_HANDLE_NOT_REALTIME (0x00000040)
4293
4294 #define NO_8DOT3_NAME_PRESENT (0x00000001)
4295 #define REMOVED_8DOT3_NAME (0x00000002)
4296
4297 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED (0x00000001)
4298
4299 typedef struct _BOOT_AREA_INFO {
4300 ULONG BootSectorCount;
4301 struct {
4302 LARGE_INTEGER Offset;
4303 } BootSectors[2];
4304 } BOOT_AREA_INFO, *PBOOT_AREA_INFO;
4305
4306 typedef struct _RETRIEVAL_POINTER_BASE {
4307 LARGE_INTEGER FileAreaOffset;
4308 } RETRIEVAL_POINTER_BASE, *PRETRIEVAL_POINTER_BASE;
4309
4310 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION {
4311 ULONG VolumeFlags;
4312 ULONG FlagMask;
4313 ULONG Version;
4314 ULONG Reserved;
4315 } FILE_FS_PERSISTENT_VOLUME_INFORMATION, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION;
4316
4317 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION {
4318 CHAR FileSystem[9];
4319 } FILE_SYSTEM_RECOGNITION_INFORMATION, *PFILE_SYSTEM_RECOGNITION_INFORMATION;
4320
4321 #define OPLOCK_LEVEL_CACHE_READ (0x00000001)
4322 #define OPLOCK_LEVEL_CACHE_HANDLE (0x00000002)
4323 #define OPLOCK_LEVEL_CACHE_WRITE (0x00000004)
4324
4325 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST (0x00000001)
4326 #define REQUEST_OPLOCK_INPUT_FLAG_ACK (0x00000002)
4327 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
4328
4329 #define REQUEST_OPLOCK_CURRENT_VERSION 1
4330
4331 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
4332 USHORT StructureVersion;
4333 USHORT StructureLength;
4334 ULONG RequestedOplockLevel;
4335 ULONG Flags;
4336 } REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;
4337
4338 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED (0x00000001)
4339 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED (0x00000002)
4340
4341 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
4342 USHORT StructureVersion;
4343 USHORT StructureLength;
4344 ULONG OriginalOplockLevel;
4345 ULONG NewOplockLevel;
4346 ULONG Flags;
4347 ACCESS_MASK AccessMode;
4348 USHORT ShareMode;
4349 } REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;
4350
4351 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID 1
4352
4353 typedef struct _SD_CHANGE_MACHINE_SID_INPUT {
4354 USHORT CurrentMachineSIDOffset;
4355 USHORT CurrentMachineSIDLength;
4356 USHORT NewMachineSIDOffset;
4357 USHORT NewMachineSIDLength;
4358 } SD_CHANGE_MACHINE_SID_INPUT, *PSD_CHANGE_MACHINE_SID_INPUT;
4359
4360 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT {
4361 ULONGLONG NumSDChangedSuccess;
4362 ULONGLONG NumSDChangedFail;
4363 ULONGLONG NumSDUnused;
4364 ULONGLONG NumSDTotal;
4365 ULONGLONG NumMftSDChangedSuccess;
4366 ULONGLONG NumMftSDChangedFail;
4367 ULONGLONG NumMftSDTotal;
4368 } SD_CHANGE_MACHINE_SID_OUTPUT, *PSD_CHANGE_MACHINE_SID_OUTPUT;
4369
4370 typedef struct _SD_GLOBAL_CHANGE_INPUT {
4371 ULONG Flags;
4372 ULONG ChangeType;
4373 _ANONYMOUS_UNION union {
4374 SD_CHANGE_MACHINE_SID_INPUT SdChange;
4375 } DUMMYUNIONNAME;
4376 } SD_GLOBAL_CHANGE_INPUT, *PSD_GLOBAL_CHANGE_INPUT;
4377
4378 typedef struct _SD_GLOBAL_CHANGE_OUTPUT {
4379 ULONG Flags;
4380 ULONG ChangeType;
4381 _ANONYMOUS_UNION union {
4382 SD_CHANGE_MACHINE_SID_OUTPUT SdChange;
4383 } DUMMYUNIONNAME;
4384 } SD_GLOBAL_CHANGE_OUTPUT, *PSD_GLOBAL_CHANGE_OUTPUT;
4385
4386 #define ENCRYPTED_DATA_INFO_SPARSE_FILE 1
4387
4388 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO {
4389 ULONG ExtendedCode;
4390 ULONG Length;
4391 ULONG Flags;
4392 ULONG Reserved;
4393 } EXTENDED_ENCRYPTED_DATA_INFO, *PEXTENDED_ENCRYPTED_DATA_INFO;
4394
4395 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT {
4396 ULONG Flags;
4397 ULONG NumberOfClusters;
4398 LARGE_INTEGER Cluster[1];
4399 } LOOKUP_STREAM_FROM_CLUSTER_INPUT, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT;
4400
4401 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT {
4402 ULONG Offset;
4403 ULONG NumberOfMatches;
4404 ULONG BufferSizeRequired;
4405 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT;
4406
4407 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE 0x00000001
4408 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET 0x00000002
4409 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE 0x00000004
4410 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE 0x00000008
4411
4412 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK 0xff000000
4413 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA 0x01000000
4414 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX 0x02000000
4415 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM 0x03000000
4416
4417 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY {
4418 ULONG OffsetToNext;
4419 ULONG Flags;
4420 LARGE_INTEGER Reserved;
4421 LARGE_INTEGER Cluster;
4422 WCHAR FileName[1];
4423 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY;
4424
4425 typedef struct _FILE_TYPE_NOTIFICATION_INPUT {
4426 ULONG Flags;
4427 ULONG NumFileTypeIDs;
4428 GUID FileTypeID[1];
4429 } FILE_TYPE_NOTIFICATION_INPUT, *PFILE_TYPE_NOTIFICATION_INPUT;
4430
4431 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN 0x00000001
4432 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END 0x00000002
4433
4434 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE, 0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
4435 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE, 0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
4436 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE, 0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
4437
4438 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
4439 #define _VIRTUAL_STORAGE_TYPE_DEFINED
4440 typedef struct _VIRTUAL_STORAGE_TYPE {
4441 ULONG DeviceId;
4442 GUID VendorId;
4443 } VIRTUAL_STORAGE_TYPE, *PVIRTUAL_STORAGE_TYPE;
4444 #endif
4445
4446 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST {
4447 ULONG RequestLevel;
4448 ULONG RequestFlags;
4449 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST;
4450
4451 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES 0x1
4452 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES 0x2
4453
4454 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY {
4455 ULONG EntryLength;
4456 ULONG DependencyTypeFlags;
4457 ULONG ProviderSpecificFlags;
4458 VIRTUAL_STORAGE_TYPE VirtualStorageType;
4459 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY;
4460
4461 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY {
4462 ULONG EntryLength;
4463 ULONG DependencyTypeFlags;
4464 ULONG ProviderSpecificFlags;
4465 VIRTUAL_STORAGE_TYPE VirtualStorageType;
4466 ULONG AncestorLevel;
4467 ULONG HostVolumeNameOffset;
4468 ULONG HostVolumeNameSize;
4469 ULONG DependentVolumeNameOffset;
4470 ULONG DependentVolumeNameSize;
4471 ULONG RelativePathOffset;
4472 ULONG RelativePathSize;
4473 ULONG DependentDeviceNameOffset;
4474 ULONG DependentDeviceNameSize;
4475 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY;
4476
4477 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE {
4478 ULONG ResponseLevel;
4479 ULONG NumberEntries;
4480 _ANONYMOUS_UNION union {
4481 STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends[0];
4482 STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends[0];
4483 } DUMMYUNIONNAME;
4484 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE;
4485
4486 #endif /* (_WIN32_WINNT >= 0x0601) */
4487
4488 typedef struct _FILESYSTEM_STATISTICS {
4489 USHORT FileSystemType;
4490 USHORT Version;
4491 ULONG SizeOfCompleteStructure;
4492 ULONG UserFileReads;
4493 ULONG UserFileReadBytes;
4494 ULONG UserDiskReads;
4495 ULONG UserFileWrites;
4496 ULONG UserFileWriteBytes;
4497 ULONG UserDiskWrites;
4498 ULONG MetaDataReads;
4499 ULONG MetaDataReadBytes;
4500 ULONG MetaDataDiskReads;
4501 ULONG MetaDataWrites;
4502 ULONG MetaDataWriteBytes;
4503 ULONG MetaDataDiskWrites;
4504 } FILESYSTEM_STATISTICS, *PFILESYSTEM_STATISTICS;
4505
4506 #define FILESYSTEM_STATISTICS_TYPE_NTFS 1
4507 #define FILESYSTEM_STATISTICS_TYPE_FAT 2
4508 #define FILESYSTEM_STATISTICS_TYPE_EXFAT 3
4509
4510 typedef struct _FAT_STATISTICS {
4511 ULONG CreateHits;
4512 ULONG SuccessfulCreates;
4513 ULONG FailedCreates;
4514 ULONG NonCachedReads;
4515 ULONG NonCachedReadBytes;
4516 ULONG NonCachedWrites;
4517 ULONG NonCachedWriteBytes;
4518 ULONG NonCachedDiskReads;
4519 ULONG NonCachedDiskWrites;
4520 } FAT_STATISTICS, *PFAT_STATISTICS;
4521
4522 typedef struct _EXFAT_STATISTICS {
4523 ULONG CreateHits;
4524 ULONG SuccessfulCreates;
4525 ULONG FailedCreates;
4526 ULONG NonCachedReads;
4527 ULONG NonCachedReadBytes;
4528 ULONG NonCachedWrites;
4529 ULONG NonCachedWriteBytes;
4530 ULONG NonCachedDiskReads;
4531 ULONG NonCachedDiskWrites;
4532 } EXFAT_STATISTICS, *PEXFAT_STATISTICS;
4533
4534 typedef struct _NTFS_STATISTICS {
4535 ULONG LogFileFullExceptions;
4536 ULONG OtherExceptions;
4537 ULONG MftReads;
4538 ULONG MftReadBytes;
4539 ULONG MftWrites;
4540 ULONG MftWriteBytes;
4541 struct {
4542 USHORT Write;
4543 USHORT Create;
4544 USHORT SetInfo;
4545 USHORT Flush;
4546 } MftWritesUserLevel;
4547 USHORT MftWritesFlushForLogFileFull;
4548 USHORT MftWritesLazyWriter;
4549 USHORT MftWritesUserRequest;
4550 ULONG Mft2Writes;
4551 ULONG Mft2WriteBytes;
4552 struct {
4553 USHORT Write;
4554 USHORT Create;
4555 USHORT SetInfo;
4556 USHORT Flush;
4557 } Mft2WritesUserLevel;
4558 USHORT Mft2WritesFlushForLogFileFull;
4559 USHORT Mft2WritesLazyWriter;
4560 USHORT Mft2WritesUserRequest;
4561 ULONG RootIndexReads;
4562 ULONG RootIndexReadBytes;
4563 ULONG RootIndexWrites;
4564 ULONG RootIndexWriteBytes;
4565 ULONG BitmapReads;
4566 ULONG BitmapReadBytes;
4567 ULONG BitmapWrites;
4568 ULONG BitmapWriteBytes;
4569 USHORT BitmapWritesFlushForLogFileFull;
4570 USHORT BitmapWritesLazyWriter;
4571 USHORT BitmapWritesUserRequest;
4572 struct {
4573 USHORT Write;
4574 USHORT Create;
4575 USHORT SetInfo;
4576 } BitmapWritesUserLevel;
4577 ULONG MftBitmapReads;
4578 ULONG MftBitmapReadBytes;
4579 ULONG MftBitmapWrites;
4580 ULONG MftBitmapWriteBytes;
4581 USHORT MftBitmapWritesFlushForLogFileFull;
4582 USHORT MftBitmapWritesLazyWriter;
4583 USHORT MftBitmapWritesUserRequest;
4584 struct {
4585 USHORT Write;
4586 USHORT Create;
4587 USHORT SetInfo;
4588 USHORT Flush;
4589 } MftBitmapWritesUserLevel;
4590 ULONG UserIndexReads;
4591 ULONG UserIndexReadBytes;
4592 ULONG UserIndexWrites;
4593 ULONG UserIndexWriteBytes;
4594 ULONG LogFileReads;
4595 ULONG LogFileReadBytes;
4596 ULONG LogFileWrites;
4597 ULONG LogFileWriteBytes;
4598 struct {
4599 ULONG Calls;
4600 ULONG Clusters;
4601 ULONG Hints;
4602 ULONG RunsReturned;
4603 ULONG HintsHonored;
4604 ULONG HintsClusters;
4605 ULONG Cache;
4606 ULONG CacheClusters;
4607 ULONG CacheMiss;
4608 ULONG CacheMissClusters;
4609 } Allocate;
4610 } NTFS_STATISTICS, *PNTFS_STATISTICS;
4611
4612 #endif /* _FILESYSTEMFSCTL_ */
4613
4614 #define SYMLINK_FLAG_RELATIVE 1
4615
4616 typedef struct _REPARSE_DATA_BUFFER {
4617 ULONG ReparseTag;
4618 USHORT ReparseDataLength;
4619 USHORT Reserved;
4620 _ANONYMOUS_UNION union {
4621 struct {
4622 USHORT SubstituteNameOffset;
4623 USHORT SubstituteNameLength;
4624 USHORT PrintNameOffset;
4625 USHORT PrintNameLength;
4626 ULONG Flags;
4627 WCHAR PathBuffer[1];
4628 } SymbolicLinkReparseBuffer;
4629 struct {
4630 USHORT SubstituteNameOffset;
4631 USHORT SubstituteNameLength;
4632 USHORT PrintNameOffset;
4633 USHORT PrintNameLength;
4634 WCHAR PathBuffer[1];
4635 } MountPointReparseBuffer;
4636 struct {
4637 UCHAR DataBuffer[1];
4638 } GenericReparseBuffer;
4639 } DUMMYUNIONNAME;
4640 } REPARSE_DATA_BUFFER, *PREPARSE_DATA_BUFFER;
4641
4642 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
4643
4644 typedef struct _REPARSE_GUID_DATA_BUFFER {
4645 ULONG ReparseTag;
4646 USHORT ReparseDataLength;
4647 USHORT Reserved;
4648 GUID ReparseGuid;
4649 struct {
4650 UCHAR DataBuffer[1];
4651 } GenericReparseBuffer;
4652 } REPARSE_GUID_DATA_BUFFER, *PREPARSE_GUID_DATA_BUFFER;
4653
4654 #define REPARSE_GUID_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer)
4655
4656 #define MAXIMUM_REPARSE_DATA_BUFFER_SIZE ( 16 * 1024 )
4657
4658 /* Reserved reparse tags */
4659 #define IO_REPARSE_TAG_RESERVED_ZERO (0)
4660 #define IO_REPARSE_TAG_RESERVED_ONE (1)
4661 #define IO_REPARSE_TAG_RESERVED_RANGE IO_REPARSE_TAG_RESERVED_ONE
4662
4663 #define IsReparseTagMicrosoft(_tag) (((_tag) & 0x80000000))
4664 #define IsReparseTagNameSurrogate(_tag) (((_tag) & 0x20000000))
4665
4666 #define IO_REPARSE_TAG_VALID_VALUES (0xF000FFFF)
4667
4668 #define IsReparseTagValid(tag) ( \
4669 !((tag) & ~IO_REPARSE_TAG_VALID_VALUES) && \
4670 ((tag) > IO_REPARSE_TAG_RESERVED_RANGE) \
4671 )
4672
4673 /* MicroSoft reparse point tags */
4674 #define IO_REPARSE_TAG_MOUNT_POINT (0xA0000003L)
4675 #define IO_REPARSE_TAG_HSM (0xC0000004L)
4676 #define IO_REPARSE_TAG_DRIVE_EXTENDER (0x80000005L)
4677 #define IO_REPARSE_TAG_HSM2 (0x80000006L)
4678 #define IO_REPARSE_TAG_SIS (0x80000007L)
4679 #define IO_REPARSE_TAG_WIM (0x80000008L)
4680 #define IO_REPARSE_TAG_CSV (0x80000009L)
4681 #define IO_REPARSE_TAG_DFS (0x8000000AL)
4682 #define IO_REPARSE_TAG_FILTER_MANAGER (0x8000000BL)
4683 #define IO_REPARSE_TAG_SYMLINK (0xA000000CL)
4684 #define IO_REPARSE_TAG_IIS_CACHE (0xA0000010L)
4685 #define IO_REPARSE_TAG_DFSR (0x80000012L)
4686
4687 #pragma pack(4)
4688 typedef struct _REPARSE_INDEX_KEY {
4689 ULONG FileReparseTag;
4690 LARGE_INTEGER FileId;
4691 } REPARSE_INDEX_KEY, *PREPARSE_INDEX_KEY;
4692 #pragma pack()
4693
4694 #define FSCTL_LMR_GET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,58,METHOD_BUFFERED,FILE_ANY_ACCESS)
4695 #define FSCTL_LMR_SET_LINK_TRACKING_INFORMATION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,59,METHOD_BUFFERED,FILE_ANY_ACCESS)
4696 #define IOCTL_LMR_ARE_FILE_OBJECTS_ON_SAME_SERVER CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM,60,METHOD_BUFFERED,FILE_ANY_ACCESS)
4697
4698 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
4699 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
4700 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
4701 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
4702 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
4703 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4704 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
4705 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
4706 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
4707 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
4708 #define FSCTL_PIPE_GET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
4709 #define FSCTL_PIPE_SET_PIPE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
4710 #define FSCTL_PIPE_GET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
4711 #define FSCTL_PIPE_SET_CONNECTION_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 13, METHOD_BUFFERED, FILE_ANY_ACCESS)
4712 #define FSCTL_PIPE_GET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 14, METHOD_BUFFERED, FILE_ANY_ACCESS)
4713 #define FSCTL_PIPE_SET_HANDLE_ATTRIBUTE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
4714 #define FSCTL_PIPE_FLUSH CTL_CODE(FILE_DEVICE_NAMED_PIPE, 16, METHOD_BUFFERED, FILE_WRITE_DATA)
4715
4716 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
4717 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
4718 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
4719 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
4720
4721 #define FILE_PIPE_READ_DATA 0x00000000
4722 #define FILE_PIPE_WRITE_SPACE 0x00000001
4723
4724 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER {
4725 HANDLE EventHandle;
4726 ULONG KeyValue;
4727 } FILE_PIPE_ASSIGN_EVENT_BUFFER, *PFILE_PIPE_ASSIGN_EVENT_BUFFER;
4728
4729 typedef struct _FILE_PIPE_EVENT_BUFFER {
4730 ULONG NamedPipeState;
4731 ULONG EntryType;
4732 ULONG ByteCount;
4733 ULONG KeyValue;
4734 ULONG NumberRequests;
4735 } FILE_PIPE_EVENT_BUFFER, *PFILE_PIPE_EVENT_BUFFER;
4736
4737 typedef struct _FILE_PIPE_PEEK_BUFFER {
4738 ULONG NamedPipeState;
4739 ULONG ReadDataAvailable;
4740 ULONG NumberOfMessages;
4741 ULONG MessageLength;
4742 CHAR Data[1];
4743 } FILE_PIPE_PEEK_BUFFER, *PFILE_PIPE_PEEK_BUFFER;
4744
4745 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER {
4746 LARGE_INTEGER Timeout;
4747 ULONG NameLength;
4748 BOOLEAN TimeoutSpecified;
4749 WCHAR Name[1];
4750 } FILE_PIPE_WAIT_FOR_BUFFER, *PFILE_PIPE_WAIT_FOR_BUFFER;
4751
4752 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER {
4753 #if !defined(BUILD_WOW6432)
4754 PVOID ClientSession;
4755 PVOID ClientProcess;
4756 #else
4757 ULONGLONG ClientSession;
4758 ULONGLONG ClientProcess;
4759 #endif
4760 } FILE_PIPE_CLIENT_PROCESS_BUFFER, *PFILE_PIPE_CLIENT_PROCESS_BUFFER;
4761
4762 #define FILE_PIPE_COMPUTER_NAME_LENGTH 15
4763
4764 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER_EX {
4765 #if !defined(BUILD_WOW6432)
4766 PVOID ClientSession;
4767 PVOID ClientProcess;
4768 #else
4769 ULONGLONG ClientSession;
4770 ULONGLONG ClientProcess;
4771 #endif
4772 USHORT ClientComputerNameLength;
4773 WCHAR ClientComputerBuffer[FILE_PIPE_COMPUTER_NAME_LENGTH+1];
4774 } FILE_PIPE_CLIENT_PROCESS_BUFFER_EX, *PFILE_PIPE_CLIENT_PROCESS_BUFFER_EX;
4775
4776 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
4777
4778 typedef enum _LINK_TRACKING_INFORMATION_TYPE {
4779 NtfsLinkTrackingInformation,
4780 DfsLinkTrackingInformation
4781 } LINK_TRACKING_INFORMATION_TYPE, *PLINK_TRACKING_INFORMATION_TYPE;
4782
4783 typedef struct _LINK_TRACKING_INFORMATION {
4784 LINK_TRACKING_INFORMATION_TYPE Type;
4785 UCHAR VolumeId[16];
4786 } LINK_TRACKING_INFORMATION, *PLINK_TRACKING_INFORMATION;
4787
4788 typedef struct _REMOTE_LINK_TRACKING_INFORMATION {
4789 PVOID TargetFileObject;
4790 ULONG TargetLinkTrackingInformationLength;
4791 UCHAR TargetLinkTrackingInformationBuffer[1];
4792 } REMOTE_LINK_TRACKING_INFORMATION, *PREMOTE_LINK_TRACKING_INFORMATION;
4793
4794 #define IO_OPEN_PAGING_FILE 0x0002
4795 #define IO_OPEN_TARGET_DIRECTORY 0x0004
4796 #define IO_STOP_ON_SYMLINK 0x0008
4797 #define IO_MM_PAGING_FILE 0x0010
4798
4799 typedef VOID
4800 (NTAPI *PDRIVER_FS_NOTIFICATION) (
4801 _In_ PDEVICE_OBJECT DeviceObject,
4802 _In_ BOOLEAN FsActive);
4803
4804 typedef enum _FS_FILTER_SECTION_SYNC_TYPE {
4805 SyncTypeOther = 0,
4806 SyncTypeCreateSection
4807 } FS_FILTER_SECTION_SYNC_TYPE, *PFS_FILTER_SECTION_SYNC_TYPE;
4808
4809 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE {
4810 NotifyTypeCreate = 0,
4811 NotifyTypeRetired
4812 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE;
4813
4814 typedef union _FS_FILTER_PARAMETERS {
4815 struct {
4816 PLARGE_INTEGER EndingOffset;
4817 PERESOURCE *ResourceToRelease;
4818 } AcquireForModifiedPageWriter;
4819 struct {
4820 PERESOURCE ResourceToRelease;
4821 } ReleaseForModifiedPageWriter;
4822 struct {
4823 FS_FILTER_SECTION_SYNC_TYPE SyncType;
4824 ULONG PageProtection;
4825 } AcquireForSectionSynchronization;
4826 struct {
4827 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType;
4828 BOOLEAN POINTER_ALIGNMENT SafeToRecurse;
4829 } NotifyStreamFileObject;
4830 struct {
4831 PVOID Argument1;
4832 PVOID Argument2;
4833 PVOID Argument3;
4834 PVOID Argument4;
4835 PVOID Argument5;
4836 } Others;
4837 } FS_FILTER_PARAMETERS, *PFS_FILTER_PARAMETERS;
4838
4839 #define FS_FILTER_ACQUIRE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-1
4840 #define FS_FILTER_RELEASE_FOR_SECTION_SYNCHRONIZATION (UCHAR)-2
4841 #define FS_FILTER_ACQUIRE_FOR_MOD_WRITE (UCHAR)-3
4842 #define FS_FILTER_RELEASE_FOR_MOD_WRITE (UCHAR)-4
4843 #define FS_FILTER_ACQUIRE_FOR_CC_FLUSH (UCHAR)-5
4844 #define FS_FILTER_RELEASE_FOR_CC_FLUSH (UCHAR)-6
4845
4846 typedef struct _FS_FILTER_CALLBACK_DATA {
4847 ULONG SizeOfFsFilterCallbackData;
4848 UCHAR Operation;
4849 UCHAR Reserved;
4850 struct _DEVICE_OBJECT *DeviceObject;
4851 struct _FILE_OBJECT *FileObject;
4852 FS_FILTER_PARAMETERS Parameters;
4853 } FS_FILTER_CALLBACK_DATA, *PFS_FILTER_CALLBACK_DATA;
4854
4855 typedef NTSTATUS
4856 (NTAPI *PFS_FILTER_CALLBACK) (
4857 _In_ PFS_FILTER_CALLBACK_DATA Data,
4858 _Out_ PVOID *CompletionContext);
4859
4860 typedef VOID
4861 (NTAPI *PFS_FILTER_COMPLETION_CALLBACK) (
4862 _In_ PFS_FILTER_CALLBACK_DATA Data,
4863 _In_ NTSTATUS OperationStatus,
4864 _In_ PVOID CompletionContext);
4865
4866 typedef struct _FS_FILTER_CALLBACKS {
4867 ULONG SizeOfFsFilterCallbacks;
4868 ULONG Reserved;
4869 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization;
4870 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization;
4871 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization;
4872 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization;
4873 PFS_FILTER_CALLBACK PreAcquireForCcFlush;
4874 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush;
4875 PFS_FILTER_CALLBACK PreReleaseForCcFlush;
4876 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush;
4877 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter;
4878 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter;
4879 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter;
4880 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter;
4881 } FS_FILTER_CALLBACKS, *PFS_FILTER_CALLBACKS;
4882
4883 #if (NTDDI_VERSION >= NTDDI_WINXP)
4884 NTKERNELAPI
4885 NTSTATUS
4886 NTAPI
4887 FsRtlRegisterFileSystemFilterCallbacks(
4888 _In_ struct _DRIVER_OBJECT *FilterDriverObject,
4889 _In_ PFS_FILTER_CALLBACKS Callbacks);
4890 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
4891
4892 #if (NTDDI_VERSION >= NTDDI_VISTA)
4893 NTKERNELAPI
4894 NTSTATUS
4895 NTAPI
4896 FsRtlNotifyStreamFileObject(
4897 _In_ struct _FILE_OBJECT * StreamFileObject,
4898 _In_opt_ struct _DEVICE_OBJECT *DeviceObjectHint,
4899 _In_ FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType,
4900 _In_ BOOLEAN SafeToRecurse);
4901 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
4902
4903 #define DO_VERIFY_VOLUME 0x00000002
4904 #define DO_BUFFERED_IO 0x00000004
4905 #define DO_EXCLUSIVE 0x00000008
4906 #define DO_DIRECT_IO 0x00000010
4907 #define DO_MAP_IO_BUFFER 0x00000020
4908 #define DO_DEVICE_HAS_NAME 0x00000040
4909 #define DO_DEVICE_INITIALIZING 0x00000080
4910 #define DO_SYSTEM_BOOT_PARTITION 0x00000100
4911 #define DO_LONG_TERM_REQUESTS 0x00000200
4912 #define DO_NEVER_LAST_DEVICE 0x00000400
4913 #define DO_SHUTDOWN_REGISTERED 0x00000800
4914 #define DO_BUS_ENUMERATED_DEVICE 0x00001000
4915 #define DO_POWER_PAGABLE 0x00002000
4916 #define DO_POWER_INRUSH 0x00004000
4917 #define DO_LOW_PRIORITY_FILESYSTEM 0x00010000
4918 #define DO_SUPPORTS_TRANSACTIONS 0x00040000
4919 #define DO_FORCE_NEITHER_IO 0x00080000
4920 #define DO_VOLUME_DEVICE_OBJECT 0x00100000
4921 #define DO_SYSTEM_SYSTEM_PARTITION 0x00200000
4922 #define DO_SYSTEM_CRITICAL_PARTITION 0x00400000
4923 #define DO_DISALLOW_EXECUTE 0x00800000
4924
4925 extern KSPIN_LOCK IoStatisticsLock;
4926 extern ULONG IoReadOperationCount;
4927 extern ULONG IoWriteOperationCount;
4928 extern ULONG IoOtherOperationCount;
4929 extern LARGE_INTEGER IoReadTransferCount;
4930 extern LARGE_INTEGER IoWriteTransferCount;
4931 extern LARGE_INTEGER IoOtherTransferCount;
4932
4933 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
4934 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
4935
4936 #if (NTDDI_VERSION >= NTDDI_VISTA)
4937 typedef struct _IO_PRIORITY_INFO {
4938 ULONG Size;
4939 ULONG ThreadPriority;
4940 ULONG PagePriority;
4941 IO_PRIORITY_HINT IoPriority;
4942 } IO_PRIORITY_INFO, *PIO_PRIORITY_INFO;
4943 #endif
4944
4945 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
4946 ULONG Attributes;
4947 ACCESS_MASK GrantedAccess;
4948 ULONG HandleCount;
4949 ULONG PointerCount;
4950 ULONG Reserved[10];
4951 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
4952
4953 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
4954 UNICODE_STRING TypeName;
4955 ULONG Reserved [22];
4956 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
4957
4958 #define SYSTEM_PAGE_PRIORITY_BITS 3
4959 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
4960
4961 /******************************************************************************
4962 * Kernel Types *
4963 ******************************************************************************/
4964 typedef struct _KAPC_STATE {
4965 LIST_ENTRY ApcListHead[MaximumMode];
4966 PKPROCESS Process;
4967 BOOLEAN KernelApcInProgress;
4968 BOOLEAN KernelApcPending;
4969 BOOLEAN UserApcPending;
4970 } KAPC_STATE, *PKAPC_STATE, *RESTRICTED_POINTER PRKAPC_STATE;
4971
4972 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
4973
4974 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
4975
4976 typedef struct _KQUEUE {
4977 DISPATCHER_HEADER Header;
4978 LIST_ENTRY EntryListHead;
4979 volatile ULONG CurrentCount;
4980 ULONG MaximumCount;
4981 LIST_ENTRY ThreadListHead;
4982 } KQUEUE, *PKQUEUE, *RESTRICTED_POINTER PRKQUEUE;
4983
4984
4985
4986 /******************************************************************************
4987 * Kernel Functions *
4988 ******************************************************************************/
4989
4990 NTSTATUS
4991 NTAPI
4992 KeGetProcessorNumberFromIndex(
4993 _In_ ULONG ProcIndex,
4994 _Out_ PPROCESSOR_NUMBER ProcNumber);
4995
4996 ULONG
4997 NTAPI
4998 KeGetProcessorIndexFromNumber(
4999 _In_ PPROCESSOR_NUMBER ProcNumber);
5000
5001 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5002
5003
5004
5005
5006 NTKERNELAPI
5007 VOID
5008 NTAPI
5009 KeInitializeMutant(
5010 _Out_ PRKMUTANT Mutant,
5011 _In_ BOOLEAN InitialOwner);
5012
5013 _IRQL_requires_max_(DISPATCH_LEVEL)
5014 NTKERNELAPI
5015 LONG
5016 NTAPI
5017 KeReadStateMutant(
5018 _In_ PRKMUTANT Mutant);
5019
5020 _When_(Wait==0, _IRQL_requires_max_(DISPATCH_LEVEL))
5021 _When_(Wait==1, _IRQL_requires_max_(APC_LEVEL))
5022 NTKERNELAPI
5023 LONG
5024 NTAPI
5025 KeReleaseMutant(
5026 _Inout_ PRKMUTANT Mutant,
5027 _In_ KPRIORITY Increment,
5028 _In_ BOOLEAN Abandoned,
5029 _In_ BOOLEAN Wait);
5030
5031 NTKERNELAPI
5032 VOID
5033 NTAPI
5034 KeInitializeQueue(
5035 _Out_ PRKQUEUE Queue,
5036 _In_ ULONG Count);
5037
5038 _IRQL_requires_max_(DISPATCH_LEVEL)
5039 NTKERNELAPI
5040 LONG
5041 NTAPI
5042 KeReadStateQueue(
5043 _In_ PRKQUEUE Queue);
5044
5045 _IRQL_requires_min_(PASSIVE_LEVEL)
5046 _IRQL_requires_max_(DISPATCH_LEVEL)
5047 NTKERNELAPI
5048 LONG
5049 NTAPI
5050 KeInsertQueue(
5051 _Inout_ PRKQUEUE Queue,
5052 _Inout_ PLIST_ENTRY Entry);
5053
5054 _IRQL_requires_min_(PASSIVE_LEVEL)
5055 _IRQL_requires_max_(DISPATCH_LEVEL)
5056 NTKERNELAPI
5057 LONG
5058 NTAPI
5059 KeInsertHeadQueue(
5060 _Inout_ PRKQUEUE Queue,
5061 _Inout_ PLIST_ENTRY Entry);
5062
5063 _IRQL_requires_min_(PASSIVE_LEVEL)
5064 _When_((Timeout==NULL || Timeout->QuadPart!=0), _IRQL_requires_max_(APC_LEVEL))
5065 _When_((Timeout!=NULL && Timeout->QuadPart==0), _IRQL_requires_max_(DISPATCH_LEVEL))
5066 NTKERNELAPI
5067 PLIST_ENTRY
5068 NTAPI
5069 KeRemoveQueue(
5070 _Inout_ PRKQUEUE Queue,
5071 _In_ KPROCESSOR_MODE WaitMode,
5072 _In_opt_ PLARGE_INTEGER Timeout);
5073
5074 _IRQL_requires_max_(APC_LEVEL)
5075 NTKERNELAPI
5076 VOID
5077 NTAPI
5078 KeAttachProcess(
5079 _Inout_ PKPROCESS Process);
5080
5081 _IRQL_requires_max_(APC_LEVEL)
5082 NTKERNELAPI
5083 VOID
5084 NTAPI
5085 KeDetachProcess(VOID);
5086
5087 _IRQL_requires_max_(DISPATCH_LEVEL)
5088 NTKERNELAPI
5089 PLIST_ENTRY
5090 NTAPI
5091 KeRundownQueue(
5092 _Inout_ PRKQUEUE Queue);
5093
5094 _IRQL_requires_max_(APC_LEVEL)
5095 NTKERNELAPI
5096 VOID
5097 NTAPI
5098 KeStackAttachProcess(
5099 _Inout_ PKPROCESS Process,
5100 _Out_ PKAPC_STATE ApcState);
5101
5102 _IRQL_requires_max_(APC_LEVEL)
5103 NTKERNELAPI
5104 VOID
5105 NTAPI
5106 KeUnstackDetachProcess(
5107 _In_ PKAPC_STATE ApcState);
5108
5109 _IRQL_requires_min_(PASSIVE_LEVEL)
5110 _IRQL_requires_max_(DISPATCH_LEVEL)
5111 NTKERNELAPI
5112 UCHAR
5113 NTAPI
5114 KeSetIdealProcessorThread(
5115 _Inout_ PKTHREAD Thread,
5116 _In_ UCHAR Processor);
5117
5118 _IRQL_requires_max_(APC_LEVEL)
5119 NTKERNELAPI
5120 BOOLEAN
5121 NTAPI
5122 KeSetKernelStackSwapEnable(
5123 _In_ BOOLEAN Enable);
5124
5125 #if defined(_X86_)
5126 _Requires_lock_not_held_(*SpinLock)
5127 _Acquires_lock_(*SpinLock)
5128 _IRQL_raises_(SYNCH_LEVEL)
5129 _IRQL_saves_
5130 NTHALAPI
5131 KIRQL
5132 FASTCALL
5133 KeAcquireSpinLockRaiseToSynch(
5134 _Inout_ PKSPIN_LOCK SpinLock);
5135 #else
5136 _Requires_lock_not_held_(*SpinLock)
5137 _Acquires_lock_(*SpinLock)
5138 _IRQL_raises_(SYNCH_LEVEL)
5139 _IRQL_saves_
5140 NTKERNELAPI
5141 KIRQL
5142 KeAcquireSpinLockRaiseToSynch(
5143 _Inout_ PKSPIN_LOCK SpinLock);
5144 #endif
5145
5146 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5147
5148 #if (NTDDI_VERSION >= NTDDI_WINXP)
5149
5150
5151 _Requires_lock_not_held_(Number)
5152 _Acquires_lock_(Number)
5153 _IRQL_raises_(DISPATCH_LEVEL)
5154 _DECL_HAL_KE_IMPORT
5155 KIRQL
5156 FASTCALL
5157 KeAcquireQueuedSpinLock(
5158 _In_ KSPIN_LOCK_QUEUE_NUMBER Number);
5159
5160 _Requires_lock_held_(Number)
5161 _Releases_lock_(Number)
5162 _DECL_HAL_KE_IMPORT
5163 VOID
5164 FASTCALL
5165 KeReleaseQueuedSpinLock(
5166 _In_ KSPIN_LOCK_QUEUE_NUMBER Number,
5167 _In_ KIRQL OldIrql);
5168
5169 _Must_inspect_result_
5170 _Post_satisfies_(return == 1 || return == 0)
5171 _DECL_HAL_KE_IMPORT
5172 LOGICAL
5173 FASTCALL
5174 KeTryToAcquireQueuedSpinLock(
5175 _In_ KSPIN_LOCK_QUEUE_NUMBER Number,
5176 _Out_ _At_(*OldIrql, _IRQL_saves_) PKIRQL OldIrql);
5177
5178 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5179
5180
5181
5182
5183
5184 #if (NTDDI_VERSION >= NTDDI_VISTA)
5185
5186 _IRQL_requires_max_(DISPATCH_LEVEL)
5187 NTKERNELAPI
5188 VOID
5189 KeQueryOwnerMutant(
5190 _In_ PKMUTANT Mutant,
5191 _Out_ PCLIENT_ID ClientId);
5192
5193 _IRQL_requires_min_(PASSIVE_LEVEL)
5194 _When_((Timeout==NULL || *Timeout!=0), _IRQL_requires_max_(APC_LEVEL))
5195 _When_((Timeout!=NULL && *Timeout==0), _IRQL_requires_max_(DISPATCH_LEVEL))
5196 NTKERNELAPI
5197 ULONG
5198 NTAPI
5199 KeRemoveQueueEx(
5200 _Inout_ PKQUEUE Queue,
5201 _In_ KPROCESSOR_MODE WaitMode,
5202 _In_ BOOLEAN Alertable,
5203 _In_opt_ PLARGE_INTEGER Timeout,
5204 _Out_writes_to_(Count, return) PLIST_ENTRY *EntryArray,
5205 _In_ ULONG Count);
5206
5207 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5208
5209
5210 #define INVALID_PROCESSOR_INDEX 0xffffffff
5211
5212 #define EX_PUSH_LOCK ULONG_PTR
5213 #define PEX_PUSH_LOCK PULONG_PTR
5214 /******************************************************************************
5215 * Executive Functions *
5216 ******************************************************************************/
5217
5218
5219 #define ExDisableResourceBoost ExDisableResourceBoostLite
5220
5221 VOID
5222 ExInitializePushLock(
5223 _Out_ PEX_PUSH_LOCK PushLock);
5224
5225 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5226
5227 _IRQL_requires_max_(DISPATCH_LEVEL)
5228 NTKERNELAPI
5229 SIZE_T
5230 NTAPI
5231 ExQueryPoolBlockSize(
5232 _In_ PVOID PoolBlock,
5233 _Out_ PBOOLEAN QuotaCharged);
5234
5235 _IRQL_requires_max_(DISPATCH_LEVEL)
5236 VOID
5237 ExAdjustLookasideDepth(VOID);
5238
5239 _IRQL_requires_max_(DISPATCH_LEVEL)
5240 NTKERNELAPI
5241 VOID
5242 NTAPI
5243 ExDisableResourceBoostLite(
5244 _In_ PERESOURCE Resource);
5245 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5246
5247 #if (NTDDI_VERSION >= NTDDI_WINXP)
5248
5249 PSLIST_ENTRY
5250 FASTCALL
5251 InterlockedPushListSList(
5252 _Inout_ PSLIST_HEADER ListHead,
5253 _Inout_ __drv_aliasesMem PSLIST_ENTRY List,
5254 _Inout_ PSLIST_ENTRY ListEnd,
5255 _In_ ULONG Count);
5256 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5257
5258 /******************************************************************************
5259 * Security Manager Functions *
5260 ******************************************************************************/
5261
5262 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5263
5264
5265 NTKERNELAPI
5266 VOID
5267 NTAPI
5268 SeReleaseSubjectContext(
5269 _Inout_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
5270
5271 NTKERNELAPI
5272 BOOLEAN
5273 NTAPI
5274 SePrivilegeCheck(
5275 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
5276 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
5277 _In_ KPROCESSOR_MODE AccessMode);
5278
5279 NTKERNELAPI
5280 VOID
5281 NTAPI
5282 SeOpenObjectAuditAlarm(
5283 _In_ PUNICODE_STRING ObjectTypeName,
5284 _In_opt_ PVOID Object,
5285 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5286 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5287 _In_ PACCESS_STATE AccessState,
5288 _In_ BOOLEAN ObjectCreated,
5289 _In_ BOOLEAN AccessGranted,
5290 _In_ KPROCESSOR_MODE AccessMode,
5291 _Out_ PBOOLEAN GenerateOnClose);
5292
5293 NTKERNELAPI
5294 VOID
5295 NTAPI
5296 SeOpenObjectForDeleteAuditAlarm(
5297 _In_ PUNICODE_STRING ObjectTypeName,
5298 _In_opt_ PVOID Object,
5299 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5300 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5301 _In_ PACCESS_STATE AccessState,
5302 _In_ BOOLEAN ObjectCreated,
5303 _In_ BOOLEAN AccessGranted,
5304 _In_ KPROCESSOR_MODE AccessMode,
5305 _Out_ PBOOLEAN GenerateOnClose);
5306
5307 NTKERNELAPI
5308 VOID
5309 NTAPI
5310 SeDeleteObjectAuditAlarm(
5311 _In_ PVOID Object,
5312 _In_ HANDLE Handle);
5313
5314 NTKERNELAPI
5315 TOKEN_TYPE
5316 NTAPI
5317 SeTokenType(
5318 _In_ PACCESS_TOKEN Token);
5319
5320 NTKERNELAPI
5321 BOOLEAN
5322 NTAPI
5323 SeTokenIsAdmin(
5324 _In_ PACCESS_TOKEN Token);
5325
5326 NTKERNELAPI
5327 BOOLEAN
5328 NTAPI
5329 SeTokenIsRestricted(
5330 _In_ PACCESS_TOKEN Token);
5331
5332 NTKERNELAPI
5333 NTSTATUS
5334 NTAPI
5335 SeQueryAuthenticationIdToken(
5336 _In_ PACCESS_TOKEN Token,
5337 _Out_ PLUID AuthenticationId);
5338
5339 NTKERNELAPI
5340 NTSTATUS
5341 NTAPI
5342 SeQuerySessionIdToken(
5343 _In_ PACCESS_TOKEN Token,
5344 _Out_ PULONG SessionId);
5345
5346 NTKERNELAPI
5347 NTSTATUS
5348 NTAPI
5349 SeCreateClientSecurity(
5350 _In_ PETHREAD ClientThread,
5351 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
5352 _In_ BOOLEAN RemoteSession,
5353 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
5354
5355 NTKERNELAPI
5356 VOID
5357 NTAPI
5358 SeImpersonateClient(
5359 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
5360 _In_opt_ PETHREAD ServerThread);
5361
5362 NTKERNELAPI
5363 NTSTATUS
5364 NTAPI
5365 SeImpersonateClientEx(
5366 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
5367 _In_opt_ PETHREAD ServerThread);
5368
5369 NTKERNELAPI
5370 NTSTATUS
5371 NTAPI
5372 SeCreateClientSecurityFromSubjectContext(
5373 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
5374 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
5375 _In_ BOOLEAN ServerIsRemote,
5376 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext);
5377
5378 NTKERNELAPI
5379 NTSTATUS
5380 NTAPI
5381 SeQuerySecurityDescriptorInfo(
5382 _In_ PSECURITY_INFORMATION SecurityInformation,
5383 _Out_writes_bytes_(*Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
5384 _Inout_ PULONG Length,
5385 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
5386
5387 NTKERNELAPI
5388 NTSTATUS
5389 NTAPI
5390 SeSetSecurityDescriptorInfo(
5391 _In_opt_ PVOID Object,
5392 _In_ PSECURITY_INFORMATION SecurityInformation,
5393 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5394 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
5395 _In_ POOL_TYPE PoolType,
5396 _In_ PGENERIC_MAPPING GenericMapping);
5397
5398 NTKERNELAPI
5399 NTSTATUS
5400 NTAPI
5401 SeSetSecurityDescriptorInfoEx(
5402 _In_opt_ PVOID Object,
5403 _In_ PSECURITY_INFORMATION SecurityInformation,
5404 _In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
5405 _Inout_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
5406 _In_ ULONG AutoInheritFlags,
5407 _In_ POOL_TYPE PoolType,
5408 _In_ PGENERIC_MAPPING GenericMapping);
5409
5410 NTKERNELAPI
5411 NTSTATUS
5412 NTAPI
5413 SeAppendPrivileges(
5414 _Inout_ PACCESS_STATE AccessState,
5415 _In_ PPRIVILEGE_SET Privileges);
5416
5417 NTKERNELAPI
5418 BOOLEAN
5419 NTAPI
5420 SeAuditingFileEvents(
5421 _In_ BOOLEAN AccessGranted,
5422 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
5423
5424 NTKERNELAPI
5425 BOOLEAN
5426 NTAPI
5427 SeAuditingFileOrGlobalEvents(
5428 _In_ BOOLEAN AccessGranted,
5429 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5430 _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5431
5432 VOID
5433 NTAPI
5434 SeSetAccessStateGenericMapping(
5435 _Inout_ PACCESS_STATE AccessState,
5436 _In_ PGENERIC_MAPPING GenericMapping);
5437
5438 NTKERNELAPI
5439 NTSTATUS
5440 NTAPI
5441 SeRegisterLogonSessionTerminatedRoutine(
5442 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
5443
5444 NTKERNELAPI
5445 NTSTATUS
5446 NTAPI
5447 SeUnregisterLogonSessionTerminatedRoutine(
5448 _In_ PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
5449
5450 NTKERNELAPI
5451 NTSTATUS
5452 NTAPI
5453 SeMarkLogonSessionForTerminationNotification(
5454 _In_ PLUID LogonId);
5455
5456 NTKERNELAPI
5457 NTSTATUS
5458 NTAPI
5459 SeQueryInformationToken(
5460 _In_ PACCESS_TOKEN Token,
5461 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
5462 _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation);
5463
5464 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5465 #if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
5466 NTKERNELAPI
5467 BOOLEAN
5468 NTAPI
5469 SeAuditingHardLinkEvents(
5470 _In_ BOOLEAN AccessGranted,
5471 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
5472 #endif
5473
5474 #if (NTDDI_VERSION >= NTDDI_WINXP)
5475
5476 NTKERNELAPI
5477 NTSTATUS
5478 NTAPI
5479 SeFilterToken(
5480 _In_ PACCESS_TOKEN ExistingToken,
5481 _In_ ULONG Flags,
5482 _In_opt_ PTOKEN_GROUPS SidsToDisable,
5483 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
5484 _In_opt_ PTOKEN_GROUPS RestrictedSids,
5485 _Outptr_ PACCESS_TOKEN *FilteredToken);
5486
5487 NTKERNELAPI
5488 VOID
5489 NTAPI
5490 SeAuditHardLinkCreation(
5491 _In_ PUNICODE_STRING FileName,
5492 _In_ PUNICODE_STRING LinkName,
5493 _In_ BOOLEAN bSuccess);
5494
5495 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5496
5497 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
5498
5499 NTKERNELAPI
5500 BOOLEAN
5501 NTAPI
5502 SeAuditingFileEventsWithContext(
5503 _In_ BOOLEAN AccessGranted,
5504 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5505 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5506
5507 NTKERNELAPI
5508 BOOLEAN
5509 NTAPI
5510 SeAuditingHardLinkEventsWithContext(
5511 _In_ BOOLEAN AccessGranted,
5512 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5513 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
5514
5515 #endif
5516
5517
5518 #if (NTDDI_VERSION >= NTDDI_VISTA)
5519
5520 NTKERNELAPI
5521 VOID
5522 NTAPI
5523 SeOpenObjectAuditAlarmWithTransaction(
5524 _In_ PUNICODE_STRING ObjectTypeName,
5525 _In_opt_ PVOID Object,
5526 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5527 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5528 _In_ PACCESS_STATE AccessState,
5529 _In_ BOOLEAN ObjectCreated,
5530 _In_ BOOLEAN AccessGranted,
5531 _In_ KPROCESSOR_MODE AccessMode,
5532 _In_opt_ GUID *TransactionId,
5533 _Out_ PBOOLEAN GenerateOnClose);
5534
5535 NTKERNELAPI
5536 VOID
5537 NTAPI
5538 SeOpenObjectForDeleteAuditAlarmWithTransaction(
5539 _In_ PUNICODE_STRING ObjectTypeName,
5540 _In_opt_ PVOID Object,
5541 _In_opt_ PUNICODE_STRING AbsoluteObjectName,
5542 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5543 _In_ PACCESS_STATE AccessState,
5544 _In_ BOOLEAN ObjectCreated,
5545 _In_ BOOLEAN AccessGranted,
5546 _In_ KPROCESSOR_MODE AccessMode,
5547 _In_opt_ GUID *TransactionId,
5548 _Out_ PBOOLEAN GenerateOnClose);
5549
5550 NTKERNELAPI
5551 VOID
5552 NTAPI
5553 SeExamineSacl(
5554 _In_ PACL Sacl,
5555 _In_ PACCESS_TOKEN Token,
5556 _In_ ACCESS_MASK DesiredAccess,
5557 _In_ BOOLEAN AccessGranted,
5558 _Out_ PBOOLEAN GenerateAudit,
5559 _Out_ PBOOLEAN GenerateAlarm);
5560
5561 NTKERNELAPI
5562 VOID
5563 NTAPI
5564 SeDeleteObjectAuditAlarmWithTransaction(
5565 _In_ PVOID Object,
5566 _In_ HANDLE Handle,
5567 _In_opt_ GUID *TransactionId);
5568
5569 NTKERNELAPI
5570 VOID
5571 NTAPI
5572 SeQueryTokenIntegrity(
5573 _In_ PACCESS_TOKEN Token,
5574 _Inout_ PSID_AND_ATTRIBUTES IntegritySA);
5575
5576 NTKERNELAPI
5577 NTSTATUS
5578 NTAPI
5579 SeSetSessionIdToken(
5580 _In_ PACCESS_TOKEN Token,
5581 _In_ ULONG SessionId);
5582
5583 NTKERNELAPI
5584 VOID
5585 NTAPI
5586 SeAuditHardLinkCreationWithTransaction(
5587 _In_ PUNICODE_STRING FileName,
5588 _In_ PUNICODE_STRING LinkName,
5589 _In_ BOOLEAN bSuccess,
5590 _In_opt_ GUID *TransactionId);
5591
5592 NTKERNELAPI
5593 VOID
5594 NTAPI
5595 SeAuditTransactionStateChange(
5596 _In_ GUID *TransactionId,
5597 _In_ GUID *ResourceManagerId,
5598 _In_ ULONG NewTransactionState);
5599 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
5600
5601 #if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
5602 NTKERNELAPI
5603 BOOLEAN
5604 NTAPI
5605 SeTokenIsWriteRestricted(
5606 _In_ PACCESS_TOKEN Token);
5607 #endif
5608
5609 #if (NTDDI_VERSION >= NTDDI_WIN7)
5610
5611 NTKERNELAPI
5612 BOOLEAN
5613 NTAPI
5614 SeAuditingAnyFileEventsWithContext(
5615 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5616 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
5617 _Out_opt_ PBOOLEAN StagingEnabled);
5618
5619 NTKERNELAPI
5620 VOID
5621 NTAPI
5622 SeExamineGlobalSacl(
5623 _In_ PUNICODE_STRING ObjectType,
5624 _In_ PACL ResourceSacl,
5625 _In_ PACCESS_TOKEN Token,
5626 _In_ ACCESS_MASK DesiredAccess,
5627 _In_ BOOLEAN AccessGranted,
5628 _Inout_ PBOOLEAN GenerateAudit,
5629 _Inout_opt_ PBOOLEAN GenerateAlarm);
5630
5631 NTKERNELAPI
5632 VOID
5633 NTAPI
5634 SeMaximumAuditMaskFromGlobalSacl(
5635 _In_opt_ PUNICODE_STRING ObjectTypeName,
5636 _In_ ACCESS_MASK GrantedAccess,
5637 _In_ PACCESS_TOKEN Token,
5638 _Inout_ PACCESS_MASK AuditMask);
5639
5640 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
5641
5642 NTSTATUS
5643 NTAPI
5644 SeReportSecurityEventWithSubCategory(
5645 _In_ ULONG Flags,
5646 _In_ PUNICODE_STRING SourceName,
5647 _In_opt_ PSID UserSid,
5648 _In_ PSE_ADT_PARAMETER_ARRAY AuditParameters,
5649 _In_ ULONG AuditSubcategoryId);
5650
5651 BOOLEAN
5652 NTAPI
5653 SeAccessCheckFromState(
5654 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
5655 _In_ PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
5656 _In_opt_ PTOKEN_ACCESS_INFORMATION ClientTokenInformation,
5657 _In_ ACCESS_MASK DesiredAccess,
5658 _In_ ACCESS_MASK PreviouslyGrantedAccess,
5659 _Outptr_opt_result_maybenull_ PPRIVILEGE_SET *Privileges,
5660 _In_ PGENERIC_MAPPING GenericMapping,
5661 _In_ KPROCESSOR_MODE AccessMode,
5662 _Out_ PACCESS_MASK GrantedAccess,
5663 _Out_ PNTSTATUS AccessStatus);
5664
5665 NTKERNELAPI
5666 VOID
5667 NTAPI
5668 SeFreePrivileges(
5669 _In_ PPRIVILEGE_SET Privileges);
5670
5671 NTSTATUS
5672 NTAPI
5673 SeLocateProcessImageName(
5674 _Inout_ PEPROCESS Process,
5675 _Outptr_ PUNICODE_STRING *pImageFileName);
5676
5677 #define SeLengthSid( Sid ) \
5678 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
5679
5680 #define SeDeleteClientSecurity(C) { \
5681 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
5682 PsDereferencePrimaryToken( (C)->ClientToken ); \
5683 } else { \
5684 PsDereferenceImpersonationToken( (C)->ClientToken ); \
5685 } \
5686 }
5687
5688 #define SeStopImpersonatingClient() PsRevertToSelf()
5689
5690 #define SeQuerySubjectContextToken( SubjectContext ) \
5691 ( ARGUMENT_PRESENT( \
5692 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
5693 ) ? \
5694 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
5695 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
5696
5697 extern NTKERNELAPI PSE_EXPORTS SeExports;
5698 /******************************************************************************
5699 * Process Manager Functions *
5700 ******************************************************************************/
5701
5702 _Must_inspect_result_
5703 _IRQL_requires_max_(APC_LEVEL)
5704 NTKERNELAPI
5705 NTSTATUS
5706 NTAPI
5707 PsLookupProcessByProcessId(
5708 _In_ HANDLE ProcessId,
5709 _Outptr_ PEPROCESS *Process);
5710
5711 _Must_inspect_result_
5712 _IRQL_requires_max_(APC_LEVEL)
5713 NTKERNELAPI
5714 NTSTATUS
5715 NTAPI
5716 PsLookupThreadByThreadId(
5717 _In_ HANDLE UniqueThreadId,
5718 _Outptr_ PETHREAD *Thread);
5719
5720 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5721
5722
5723 _IRQL_requires_max_(APC_LEVEL)
5724 NTKERNELAPI
5725 PACCESS_TOKEN
5726 NTAPI
5727 PsReferenceImpersonationToken(
5728 _Inout_ PETHREAD Thread,
5729 _Out_ PBOOLEAN CopyOnOpen,
5730 _Out_ PBOOLEAN EffectiveOnly,
5731 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
5732
5733 _IRQL_requires_max_(APC_LEVEL)
5734 NTKERNELAPI
5735 LARGE_INTEGER
5736 NTAPI
5737 PsGetProcessExitTime(VOID);
5738
5739 _IRQL_requires_max_(DISPATCH_LEVEL)
5740 NTKERNELAPI
5741 BOOLEAN
5742 NTAPI
5743 PsIsThreadTerminating(
5744 _In_ PETHREAD Thread);
5745
5746 _Must_inspect_result_
5747 _IRQL_requires_max_(PASSIVE_LEVEL)
5748 NTKERNELAPI
5749 NTSTATUS
5750 NTAPI
5751 PsImpersonateClient(
5752 _Inout_ PETHREAD Thread,
5753 _In_opt_ PACCESS_TOKEN Token,
5754 _In_ BOOLEAN CopyOnOpen,
5755 _In_ BOOLEAN EffectiveOnly,
5756 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
5757
5758 _IRQL_requires_max_(PASSIVE_LEVEL)
5759 NTKERNELAPI
5760 BOOLEAN
5761 NTAPI
5762 PsDisableImpersonation(
5763 _Inout_ PETHREAD Thread,
5764 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState);
5765
5766 _IRQL_requires_max_(PASSIVE_LEVEL)
5767 NTKERNELAPI
5768 VOID
5769 NTAPI
5770 PsRestoreImpersonation(
5771 _Inout_ PETHREAD Thread,
5772 _In_ PSE_IMPERSONATION_STATE ImpersonationState);
5773
5774 _IRQL_requires_max_(PASSIVE_LEVEL)
5775 NTKERNELAPI
5776 VOID
5777 NTAPI
5778 PsRevertToSelf(VOID);
5779
5780 _IRQL_requires_max_(APC_LEVEL)
5781 NTKERNELAPI
5782 VOID
5783 NTAPI
5784 PsChargePoolQuota(
5785 _In_ PEPROCESS Process,
5786 _In_ POOL_TYPE PoolType,
5787 _In_ ULONG_PTR Amount);
5788
5789 _IRQL_requires_max_(APC_LEVEL)
5790 NTKERNELAPI
5791 VOID
5792 NTAPI
5793 PsReturnPoolQuota(
5794 _In_ PEPROCESS Process,
5795 _In_ POOL_TYPE PoolType,
5796 _In_ ULONG_PTR Amount);
5797
5798 _IRQL_requires_max_(PASSIVE_LEVEL)
5799 NTKERNELAPI
5800 NTSTATUS
5801 NTAPI
5802 PsAssignImpersonationToken(
5803 _In_ PETHREAD Thread,
5804 _In_opt_ HANDLE Token);
5805
5806 _IRQL_requires_max_(PASSIVE_LEVEL)
5807 NTKERNELAPI
5808 HANDLE
5809 NTAPI
5810 PsReferencePrimaryToken(
5811 _Inout_ PEPROCESS Process);
5812 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
5813 #if (NTDDI_VERSION >= NTDDI_WINXP)
5814
5815
5816 _IRQL_requires_max_(PASSIVE_LEVEL)
5817 NTKERNELAPI
5818 VOID
5819 NTAPI
5820 PsDereferencePrimaryToken(
5821 _In_ PACCESS_TOKEN PrimaryToken);
5822
5823 _IRQL_requires_max_(PASSIVE_LEVEL)
5824 NTKERNELAPI
5825 VOID
5826 NTAPI
5827 PsDereferenceImpersonationToken(
5828 _In_ PACCESS_TOKEN ImpersonationToken);
5829
5830 _Must_inspect_result_
5831 _IRQL_requires_max_(APC_LEVEL)
5832 NTKERNELAPI
5833 NTSTATUS
5834 NTAPI
5835 PsChargeProcessPoolQuota(
5836 _In_ PEPROCESS Process,
5837 _In_ POOL_TYPE PoolType,
5838 _In_ ULONG_PTR Amount);
5839
5840 NTKERNELAPI
5841 BOOLEAN
5842 NTAPI
5843 PsIsSystemThread(
5844 _In_ PETHREAD Thread);
5845 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
5846
5847 /******************************************************************************
5848 * I/O Manager Functions *
5849 ******************************************************************************/
5850
5851 #define IoIsFileOpenedExclusively(FileObject) ( \
5852 (BOOLEAN) !( \
5853 (FileObject)->SharedRead || \
5854 (FileObject)->SharedWrite || \
5855 (FileObject)->SharedDelete \
5856 ) \
5857 )
5858
5859 #if (NTDDI_VERSION == NTDDI_WIN2K)
5860 NTKERNELAPI
5861 NTSTATUS
5862 NTAPI
5863 IoRegisterFsRegistrationChangeEx(
5864 _In_ PDRIVER_OBJECT DriverObject,
5865 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
5866 #endif
5867 #if (NTDDI_VERSION >= NTDDI_WIN2K)
5868
5869
5870 NTKERNELAPI
5871 VOID
5872 NTAPI
5873 IoAcquireVpbSpinLock(
5874 _Out_ PKIRQL Irql);
5875
5876 NTKERNELAPI
5877 NTSTATUS
5878 NTAPI
5879 IoCheckDesiredAccess(
5880 _Inout_ PACCESS_MASK DesiredAccess,
5881 _In_ ACCESS_MASK GrantedAccess);
5882
5883 NTKERNELAPI
5884 NTSTATUS
5885 NTAPI
5886 IoCheckEaBufferValidity(
5887 _In_ PFILE_FULL_EA_INFORMATION EaBuffer,
5888 _In_ ULONG EaLength,
5889 _Out_ PULONG ErrorOffset);
5890
5891 NTKERNELAPI
5892 NTSTATUS
5893 NTAPI
5894 IoCheckFunctionAccess(
5895 _In_ ACCESS_MASK GrantedAccess,
5896 _In_ UCHAR MajorFunction,
5897 _In_ UCHAR MinorFunction,
5898 _In_ ULONG IoControlCode,
5899 _In_opt_ PVOID Argument1,
5900 _In_opt_ PVOID Argument2);
5901
5902 NTKERNELAPI
5903 NTSTATUS
5904 NTAPI
5905 IoCheckQuerySetFileInformation(
5906 _In_ FILE_INFORMATION_CLASS FileInformationClass,
5907 _In_ ULONG Length,
5908 _In_ BOOLEAN SetOperation);
5909
5910 NTKERNELAPI
5911 NTSTATUS
5912 NTAPI
5913 IoCheckQuerySetVolumeInformation(
5914 _In_ FS_INFORMATION_CLASS FsInformationClass,
5915 _In_ ULONG Length,
5916 _In_ BOOLEAN SetOperation);
5917
5918 NTKERNELAPI
5919 NTSTATUS
5920 NTAPI
5921 IoCheckQuotaBufferValidity(
5922 _In_ PFILE_QUOTA_INFORMATION QuotaBuffer,
5923 _In_ ULONG QuotaLength,
5924 _Out_ PULONG ErrorOffset);
5925
5926 NTKERNELAPI
5927 PFILE_OBJECT
5928 NTAPI
5929 IoCreateStreamFileObject(
5930 _In_opt_ PFILE_OBJECT FileObject,
5931 _In_opt_ PDEVICE_OBJECT DeviceObject);
5932
5933 NTKERNELAPI
5934 PFILE_OBJECT
5935 NTAPI
5936 IoCreateStreamFileObjectLite(
5937 _In_opt_ PFILE_OBJECT FileObject,
5938 _In_opt_ PDEVICE_OBJECT DeviceObject);
5939
5940 NTKERNELAPI
5941 BOOLEAN
5942 NTAPI
5943 IoFastQueryNetworkAttributes(
5944 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
5945 _In_ ACCESS_MASK DesiredAccess,
5946 _In_ ULONG OpenOptions,
5947 _Out_ PIO_STATUS_BLOCK IoStatus,
5948 _Out_ PFILE_NETWORK_OPEN_INFORMATION Buffer);
5949
5950 NTKERNELAPI
5951 NTSTATUS
5952 NTAPI
5953 IoPageRead(
5954 _In_ PFILE_OBJECT FileObject,
5955 _In_ PMDL Mdl,
5956 _In_ PLARGE_INTEGER Offset,
5957 _In_ PKEVENT Event,
5958 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
5959
5960 NTKERNELAPI
5961 PDEVICE_OBJECT
5962 NTAPI
5963 IoGetBaseFileSystemDeviceObject(
5964 _In_ PFILE_OBJECT FileObject);
5965
5966 _IRQL_requires_max_(PASSIVE_LEVEL)
5967 NTKERNELAPI
5968 PCONFIGURATION_INFORMATION
5969 NTAPI
5970 IoGetConfigurationInformation(VOID);
5971
5972 NTKERNELAPI
5973 ULONG
5974 NTAPI
5975 IoGetRequestorProcessId(
5976 _In_ PIRP Irp);
5977
5978 NTKERNELAPI
5979 PEPROCESS
5980 NTAPI
5981 IoGetRequestorProcess(
5982 _In_ PIRP Irp);
5983
5984 NTKERNELAPI
5985 PIRP
5986 NTAPI
5987 IoGetTopLevelIrp(VOID);
5988
5989 NTKERNELAPI
5990 BOOLEAN
5991 NTAPI
5992 IoIsOperationSynchronous(
5993 _In_ PIRP Irp);
5994
5995 NTKERNELAPI
5996 BOOLEAN
5997 NTAPI
5998 IoIsSystemThread(
5999 _In_ PETHREAD Thread);
6000
6001 NTKERNELAPI
6002 BOOLEAN
6003 NTAPI
6004 IoIsValidNameGraftingBuffer(
6005 _In_ PIRP Irp,
6006 _In_ PREPARSE_DATA_BUFFER ReparseBuffer);
6007
6008 NTKERNELAPI
6009 NTSTATUS
6010 NTAPI
6011 IoQueryFileInformation(
6012 _In_ PFILE_OBJECT FileObject,
6013 _In_ FILE_INFORMATION_CLASS FileInformationClass,
6014 _In_ ULONG Length,
6015 _Out_ PVOID FileInformation,
6016 _Out_ PULONG ReturnedLength);
6017
6018 NTKERNELAPI
6019 NTSTATUS
6020 NTAPI
6021 IoQueryVolumeInformation(
6022 _In_ PFILE_OBJECT FileObject,
6023 _In_ FS_INFORMATION_CLASS FsInformationClass,
6024 _In_ ULONG Length,
6025 _Out_ PVOID FsInformation,
6026 _Out_ PULONG ReturnedLength);
6027
6028 NTKERNELAPI
6029 VOID
6030 NTAPI
6031 IoQueueThreadIrp(
6032 _In_ PIRP Irp);
6033
6034 NTKERNELAPI
6035 VOID
6036 NTAPI
6037 IoRegisterFileSystem(
6038 _In_ __drv_aliasesMem PDEVICE_OBJECT DeviceObject);
6039
6040 NTKERNELAPI
6041 NTSTATUS
6042 NTAPI
6043 IoRegisterFsRegistrationChange(
6044 _In_ PDRIVER_OBJECT DriverObject,
6045 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
6046
6047 NTKERNELAPI
6048 VOID
6049 NTAPI
6050 IoReleaseVpbSpinLock(
6051 _In_ KIRQL Irql);
6052
6053 NTKERNELAPI
6054 VOID
6055 NTAPI
6056 IoSetDeviceToVerify(
6057 _In_ PETHREAD Thread,
6058 _In_opt_ PDEVICE_OBJECT DeviceObject);
6059
6060 NTKERNELAPI
6061 NTSTATUS
6062 NTAPI
6063 IoSetInformation(
6064 _In_ PFILE_OBJECT FileObject,
6065 _In_ FILE_INFORMATION_CLASS FileInformationClass,
6066 _In_ ULONG Length,
6067 _In_ PVOID FileInformation);
6068
6069 NTKERNELAPI
6070 VOID
6071 NTAPI
6072 IoSetTopLevelIrp(
6073 _In_opt_ PIRP Irp);
6074
6075 NTKERNELAPI
6076 NTSTATUS
6077 NTAPI
6078 IoSynchronousPageWrite(
6079 _In_ PFILE_OBJECT FileObject,
6080 _In_ PMDL Mdl,
6081 _In_ PLARGE_INTEGER FileOffset,
6082 _In_ PKEVENT Event,
6083 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
6084
6085 NTKERNELAPI
6086 PEPROCESS
6087 NTAPI
6088 IoThreadToProcess(
6089 _In_ PETHREAD Thread);
6090
6091 NTKERNELAPI
6092 VOID
6093 NTAPI
6094 IoUnregisterFileSystem(
6095 _In_ PDEVICE_OBJECT DeviceObject);
6096
6097 NTKERNELAPI
6098 VOID
6099 NTAPI
6100 IoUnregisterFsRegistrationChange(
6101 _In_ PDRIVER_OBJECT DriverObject,
6102 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine);
6103
6104 NTKERNELAPI
6105 NTSTATUS
6106 NTAPI
6107 IoVerifyVolume(
6108 _In_ PDEVICE_OBJECT DeviceObject,
6109 _In_ BOOLEAN AllowRawMount);
6110
6111 NTKERNELAPI
6112 NTSTATUS
6113 NTAPI
6114 IoGetRequestorSessionId(
6115 _In_ PIRP Irp,
6116 _Out_ PULONG pSessionId);
6117
6118 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6119
6120
6121 #if (NTDDI_VERSION >= NTDDI_WINXP)
6122
6123
6124 NTKERNELAPI
6125 PFILE_OBJECT
6126 NTAPI
6127 IoCreateStreamFileObjectEx(
6128 _In_opt_ PFILE_OBJECT FileObject,
6129 _In_opt_ PDEVICE_OBJECT DeviceObject,
6130 _Out_opt_ PHANDLE FileObjectHandle);
6131
6132 NTKERNELAPI
6133 NTSTATUS
6134 NTAPI
6135 IoQueryFileDosDeviceName(
6136 _In_ PFILE_OBJECT FileObject,
6137 _Out_ POBJECT_NAME_INFORMATION *ObjectNameInformation);
6138
6139 NTKERNELAPI
6140 NTSTATUS
6141 NTAPI
6142 IoEnumerateDeviceObjectList(
6143 _In_ PDRIVER_OBJECT DriverObject,
6144 _Out_writes_bytes_to_opt_(DeviceObjectListSize,(*ActualNumberDeviceObjects)*sizeof(PDEVICE_OBJECT))
6145 PDEVICE_OBJECT *DeviceObjectList,
6146 _In_ ULONG DeviceObjectListSize,
6147 _Out_ PULONG ActualNumberDeviceObjects);
6148
6149 NTKERNELAPI
6150 PDEVICE_OBJECT
6151 NTAPI
6152 IoGetLowerDeviceObject(
6153 _In_ PDEVICE_OBJECT DeviceObject);
6154
6155 NTKERNELAPI
6156 PDEVICE_OBJECT
6157 NTAPI
6158 IoGetDeviceAttachmentBaseRef(
6159 _In_ PDEVICE_OBJECT DeviceObject);
6160
6161 NTKERNELAPI
6162 NTSTATUS
6163 NTAPI
6164 IoGetDiskDeviceObject(
6165 _In_ PDEVICE_OBJECT FileSystemDeviceObject,
6166 _Out_ PDEVICE_OBJECT *DiskDeviceObject);
6167
6168 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6169
6170 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
6171
6172
6173 NTKERNELAPI
6174 NTSTATUS
6175 NTAPI
6176 IoEnumerateRegisteredFiltersList(
6177 _Out_writes_bytes_to_opt_(DriverObjectListSize,(*ActualNumberDriverObjects)*sizeof(PDRIVER_OBJECT))
6178 PDRIVER_OBJECT *DriverObjectList,
6179 _In_ ULONG DriverObjectListSize,
6180 _Out_ PULONG ActualNumberDriverObjects);
6181 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
6182
6183 #if (NTDDI_VERSION >= NTDDI_VISTA)
6184
6185 FORCEINLINE
6186 VOID
6187 NTAPI
6188 IoInitializePriorityInfo(
6189 _In_ PIO_PRIORITY_INFO PriorityInfo)
6190 {
6191 PriorityInfo->Size = sizeof(IO_PRIORITY_INFO);
6192 PriorityInfo->ThreadPriority = 0xffff;
6193 PriorityInfo->IoPriority = IoPriorityNormal;
6194 PriorityInfo->PagePriority = 0;
6195 }
6196 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6197
6198 #if (NTDDI_VERSION >= NTDDI_WIN7)
6199
6200
6201 NTKERNELAPI
6202 NTSTATUS
6203 NTAPI
6204 IoRegisterFsRegistrationChangeMountAware(
6205 _In_ PDRIVER_OBJECT DriverObject,
6206 _In_ PDRIVER_FS_NOTIFICATION DriverNotificationRoutine,
6207 _In_ BOOLEAN SynchronizeWithMounts);
6208
6209 NTKERNELAPI
6210 NTSTATUS
6211 NTAPI
6212 IoReplaceFileObjectName(
6213 _In_ PFILE_OBJECT FileObject,
6214 _In_reads_bytes_(FileNameLength) PWSTR NewFileName,
6215 _In_ USHORT FileNameLength);
6216 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6217
6218
6219 #define PO_CB_SYSTEM_POWER_POLICY 0
6220 #define PO_CB_AC_STATUS 1
6221 #define PO_CB_BUTTON_COLLISION 2
6222 #define PO_CB_SYSTEM_STATE_LOCK 3
6223 #define PO_CB_LID_SWITCH_STATE 4
6224 #define PO_CB_PROCESSOR_POWER_POLICY 5
6225
6226
6227 #if (NTDDI_VERSION >= NTDDI_WINXP)
6228 _IRQL_requires_max_(APC_LEVEL)
6229 NTKERNELAPI
6230 NTSTATUS
6231 NTAPI
6232 PoQueueShutdownWorkItem(
6233 _Inout_ __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem);
6234 #endif
6235 /******************************************************************************
6236 * Memory manager Types *
6237 ******************************************************************************/
6238 typedef enum _MMFLUSH_TYPE {
6239 MmFlushForDelete,
6240 MmFlushForWrite
6241 } MMFLUSH_TYPE;
6242
6243 typedef struct _READ_LIST {
6244 PFILE_OBJECT FileObject;
6245 ULONG NumberOfEntries;
6246 LOGICAL IsImage;
6247 FILE_SEGMENT_ELEMENT List[ANYSIZE_ARRAY];
6248 } READ_LIST, *PREAD_LIST;
6249
6250 #if (NTDDI_VERSION >= NTDDI_WINXP)
6251
6252 typedef union _MM_PREFETCH_FLAGS {
6253 struct {
6254 ULONG Priority : SYSTEM_PAGE_PRIORITY_BITS;
6255 ULONG RepurposePriority : SYSTEM_PAGE_PRIORITY_BITS;
6256 } Flags;
6257 ULONG AllFlags;
6258 } MM_PREFETCH_FLAGS, *PMM_PREFETCH_FLAGS;
6259
6260 #define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
6261
6262 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6263
6264 #define HEAP_NO_SERIALIZE 0x00000001
6265 #define HEAP_GROWABLE 0x00000002
6266 #define HEAP_GENERATE_EXCEPTIONS 0x00000004
6267 #define HEAP_ZERO_MEMORY 0x00000008
6268 #define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
6269 #define HEAP_TAIL_CHECKING_ENABLED 0x00000020
6270 #define HEAP_FREE_CHECKING_ENABLED 0x00000040
6271 #define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
6272
6273 #define HEAP_CREATE_ALIGN_16 0x00010000
6274 #define HEAP_CREATE_ENABLE_TRACING 0x00020000
6275 #define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
6276
6277 #define HEAP_SETTABLE_USER_VALUE 0x00000100
6278 #define HEAP_SETTABLE_USER_FLAG1 0x00000200
6279 #define HEAP_SETTABLE_USER_FLAG2 0x00000400
6280 #define HEAP_SETTABLE_USER_FLAG3 0x00000800
6281 #define HEAP_SETTABLE_USER_FLAGS 0x00000E00
6282
6283 #define HEAP_CLASS_0 0x00000000
6284 #define HEAP_CLASS_1 0x00001000
6285 #define HEAP_CLASS_2 0x00002000
6286 #define HEAP_CLASS_3 0x00003000
6287 #define HEAP_CLASS_4 0x00004000
6288 #define HEAP_CLASS_5 0x00005000
6289 #define HEAP_CLASS_6 0x00006000
6290 #define HEAP_CLASS_7 0x00007000
6291 #define HEAP_CLASS_8 0x00008000
6292 #define HEAP_CLASS_MASK 0x0000F000
6293
6294 #define HEAP_MAXIMUM_TAG 0x0FFF
6295 #define HEAP_GLOBAL_TAG 0x0800
6296 #define HEAP_PSEUDO_TAG_FLAG 0x8000
6297 #define HEAP_TAG_SHIFT 18
6298 #define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
6299
6300 #define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
6301 HEAP_GROWABLE | \
6302 HEAP_GENERATE_EXCEPTIONS | \
6303 HEAP_ZERO_MEMORY | \
6304 HEAP_REALLOC_IN_PLACE_ONLY | \
6305 HEAP_TAIL_CHECKING_ENABLED | \
6306 HEAP_FREE_CHECKING_ENABLED | \
6307 HEAP_DISABLE_COALESCE_ON_FREE | \
6308 HEAP_CLASS_MASK | \
6309 HEAP_CREATE_ALIGN_16 | \
6310 HEAP_CREATE_ENABLE_TRACING | \
6311 HEAP_CREATE_ENABLE_EXECUTE)
6312
6313 /******************************************************************************
6314 * Memory manager Functions *
6315 ******************************************************************************/
6316
6317 FORCEINLINE
6318 ULONG
6319 HEAP_MAKE_TAG_FLAGS(
6320 _In_ ULONG TagBase,
6321 _In_ ULONG Tag)
6322 {
6323 //__assume_bound(TagBase); // FIXME
6324 return ((ULONG)((TagBase) + ((Tag) << HEAP_TAG_SHIFT)));
6325 }
6326
6327 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6328
6329 NTKERNELAPI
6330 BOOLEAN
6331 NTAPI
6332 MmIsRecursiveIoFault(VOID);
6333
6334 _IRQL_requires_max_ (APC_LEVEL)
6335 NTKERNELAPI
6336 BOOLEAN
6337 NTAPI
6338 MmForceSectionClosed(
6339 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6340 _In_ BOOLEAN DelayClose);
6341
6342 _IRQL_requires_max_ (APC_LEVEL)
6343 NTKERNELAPI
6344 BOOLEAN
6345 NTAPI
6346 MmFlushImageSection(
6347 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6348 _In_ MMFLUSH_TYPE FlushType);
6349
6350 _IRQL_requires_max_ (APC_LEVEL)
6351 NTKERNELAPI
6352 BOOLEAN
6353 NTAPI
6354 MmCanFileBeTruncated(
6355 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
6356 _In_opt_ PLARGE_INTEGER NewFileSize);
6357
6358 _IRQL_requires_max_ (APC_LEVEL)
6359 NTKERNELAPI
6360 BOOLEAN
6361 NTAPI
6362 MmSetAddressRangeModified(
6363 _In_reads_bytes_ (Length) PVOID Address,
6364 _In_ SIZE_T Length);
6365
6366 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6367
6368 #if (NTDDI_VERSION >= NTDDI_WINXP)
6369
6370
6371 _IRQL_requires_max_ (PASSIVE_LEVEL)
6372 NTKERNELAPI
6373 NTSTATUS
6374 NTAPI
6375 MmPrefetchPages(
6376 _In_ ULONG NumberOfLists,
6377 _In_reads_ (NumberOfLists) PREAD_LIST *ReadLists);
6378
6379 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
6380
6381
6382 #if (NTDDI_VERSION >= NTDDI_VISTA)
6383
6384 _IRQL_requires_max_ (APC_LEVEL)
6385 NTKERNELAPI
6386 ULONG
6387 NTAPI
6388 MmDoesFileHaveUserWritableReferences(
6389 _In_ PSECTION_OBJECT_POINTERS SectionPointer);
6390
6391 _Must_inspect_result_
6392 _At_(*BaseAddress, __drv_allocatesMem(Mem))
6393 __kernel_entry
6394 NTSYSCALLAPI
6395 NTSTATUS
6396 NTAPI
6397 NtAllocateVirtualMemory(
6398 _In_ HANDLE ProcessHandle,
6399 _Inout_ _Outptr_result_buffer_(*RegionSize) PVOID *BaseAddress,
6400 _In_ ULONG_PTR ZeroBits,
6401 _Inout_ PSIZE_T RegionSize,
6402 _In_ ULONG AllocationType,
6403 _In_ ULONG Protect);
6404
6405 __kernel_entry
6406 _IRQL_requires_max_(PASSIVE_LEVEL)
6407 NTSYSCALLAPI
6408 NTSTATUS
6409 NTAPI
6410 NtFreeVirtualMemory(
6411 _In_ HANDLE ProcessHandle,
6412 _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
6413 _Inout_ PSIZE_T RegionSize,
6414 _In_ ULONG FreeType);
6415
6416 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6417
6418
6419 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6420
6421 NTKERNELAPI
6422 NTSTATUS
6423 NTAPI
6424 ObInsertObject(
6425 _In_ PVOID Object,
6426 _Inout_opt_ PACCESS_STATE PassedAccessState,
6427 _In_opt_ ACCESS_MASK DesiredAccess,
6428 _In_ ULONG ObjectPointerBias,
6429 _Out_opt_ PVOID *NewObject,
6430 _Out_opt_ PHANDLE Handle);
6431
6432 NTKERNELAPI
6433 NTSTATUS
6434 NTAPI
6435 ObOpenObjectByPointer(
6436 _In_ PVOID Object,
6437 _In_ ULONG HandleAttributes,
6438 _In_opt_ PACCESS_STATE PassedAccessState,
6439 _In_ ACCESS_MASK DesiredAccess,
6440 _In_opt_ POBJECT_TYPE ObjectType,
6441 _In_ KPROCESSOR_MODE AccessMode,
6442 _Out_ PHANDLE Handle);
6443
6444 NTKERNELAPI
6445 VOID
6446 NTAPI
6447 ObMakeTemporaryObject(
6448 _In_ PVOID Object);
6449
6450 NTKERNELAPI
6451 NTSTATUS
6452 NTAPI
6453 ObQueryNameString(
6454 _In_ PVOID Object,
6455 _Out_writes_bytes_opt_(Length) POBJECT_NAME_INFORMATION ObjectNameInfo,
6456 _In_ ULONG Length,
6457 _Out_ PULONG ReturnLength);
6458
6459 NTKERNELAPI
6460 NTSTATUS
6461 NTAPI
6462 ObQueryObjectAuditingByHandle(
6463 _In_ HANDLE Handle,
6464 _Out_ PBOOLEAN GenerateOnClose);
6465 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
6466
6467 #if (NTDDI_VERSION >= NTDDI_VISTA)
6468
6469 NTKERNELAPI
6470 BOOLEAN
6471 NTAPI
6472 ObIsKernelHandle(
6473 _In_ HANDLE Handle);
6474 #endif
6475
6476
6477 #if (NTDDI_VERSION >= NTDDI_WIN7)
6478
6479 NTKERNELAPI
6480 NTSTATUS
6481 NTAPI
6482 ObOpenObjectByPointerWithTag(
6483 _In_ PVOID Object,
6484 _In_ ULONG HandleAttributes,
6485 _In_opt_ PACCESS_STATE PassedAccessState,
6486 _In_ ACCESS_MASK DesiredAccess,
6487 _In_opt_ POBJECT_TYPE ObjectType,
6488 _In_ KPROCESSOR_MODE AccessMode,
6489 _In_ ULONG Tag,
6490 _Out_ PHANDLE Handle);
6491
6492 NTKERNELAPI
6493 ULONG
6494 NTAPI
6495 ObGetObjectPointerCount(
6496 _In_ PVOID Object
6497 );
6498
6499 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
6500
6501 /* FSRTL Types */
6502
6503 typedef ULONG LBN;
6504 typedef LBN *PLBN;
6505
6506 typedef ULONG VBN;
6507 typedef VBN *PVBN;
6508
6509 #define FSRTL_COMMON_FCB_HEADER_LAYOUT \
6510 CSHORT NodeTypeCode; \
6511 CSHORT NodeByteSize; \
6512 UCHAR Flags; \
6513 UCHAR IsFastIoPossible; \
6514 UCHAR Flags2; \
6515 UCHAR Reserved:4; \
6516 UCHAR Version:4; \
6517 PERESOURCE Resource; \
6518 PERESOURCE PagingIoResource; \
6519 LARGE_INTEGER AllocationSize; \
6520 LARGE_INTEGER FileSize; \
6521 LARGE_INTEGER ValidDataLength;
6522
6523 typedef struct _FSRTL_COMMON_FCB_HEADER {
6524 FSRTL_COMMON_FCB_HEADER_LAYOUT
6525 } FSRTL_COMMON_FCB_HEADER, *PFSRTL_COMMON_FCB_HEADER;
6526
6527 #ifdef __cplusplus
6528 typedef struct _FSRTL_ADVANCED_FCB_HEADER:FSRTL_COMMON_FCB_HEADER {
6529 #else /* __cplusplus */
6530 typedef struct _FSRTL_ADVANCED_FCB_HEADER {
6531 FSRTL_COMMON_FCB_HEADER_LAYOUT
6532 #endif /* __cplusplus */
6533 PFAST_MUTEX FastMutex;
6534 LIST_ENTRY FilterContexts;
6535 #if (NTDDI_VERSION >= NTDDI_VISTA)
6536 EX_PUSH_LOCK PushLock;
6537 PVOID *FileContextSupportPointer;
6538 #endif
6539 } FSRTL_ADVANCED_FCB_HEADER, *PFSRTL_ADVANCED_FCB_HEADER;
6540
6541 #define FSRTL_FCB_HEADER_V0 (0x00)
6542 #define FSRTL_FCB_HEADER_V1 (0x01)
6543
6544 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
6545 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
6546 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
6547 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
6548 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
6549 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
6550 #define FSRTL_FLAG_ADVANCED_HEADER (0x40)
6551 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
6552
6553 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
6554 #define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
6555 #define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
6556 #define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
6557
6558 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
6559 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
6560 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
6561 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
6562 #define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
6563 #define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
6564 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
6565
6566 typedef struct _FSRTL_AUXILIARY_BUFFER {
6567 PVOID Buffer;
6568 ULONG Length;
6569 ULONG Flags;
6570 PMDL Mdl;
6571 } FSRTL_AUXILIARY_BUFFER, *PFSRTL_AUXILIARY_BUFFER;
6572
6573 #define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
6574
6575 typedef enum _FSRTL_COMPARISON_RESULT {
6576 LessThan = -1,
6577 EqualTo = 0,
6578 GreaterThan = 1
6579 } FSRTL_COMPARISON_RESULT;
6580
6581 #define FSRTL_FAT_LEGAL 0x01
6582 #define FSRTL_HPFS_LEGAL 0x02
6583 #define FSRTL_NTFS_LEGAL 0x04
6584 #define FSRTL_WILD_CHARACTER 0x08
6585 #define FSRTL_OLE_LEGAL 0x10
6586 #define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
6587
6588 #define FSRTL_VOLUME_DISMOUNT 1
6589 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
6590 #define FSRTL_VOLUME_LOCK 3
6591 #define FSRTL_VOLUME_LOCK_FAILED 4
6592 #define FSRTL_VOLUME_UNLOCK 5
6593 #define FSRTL_VOLUME_MOUNT 6
6594 #define FSRTL_VOLUME_NEEDS_CHKDSK 7
6595 #define FSRTL_VOLUME_WORM_NEAR_FULL 8
6596 #define FSRTL_VOLUME_WEARING_OUT 9
6597 #define FSRTL_VOLUME_FORCED_CLOSED 10
6598 #define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
6599 #define FSRTL_VOLUME_PREPARING_EJECT 12
6600 #define FSRTL_VOLUME_CHANGE_SIZE 13
6601 #define FSRTL_VOLUME_BACKGROUND_FORMAT 14
6602
6603 typedef VOID
6604 (NTAPI *PFSRTL_STACK_OVERFLOW_ROUTINE)(
6605 _In_ PVOID Context,
6606 _In_ PKEVENT Event);
6607
6608 #if (NTDDI_VERSION >= NTDDI_VISTA)
6609
6610 #define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
6611 #define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
6612 #define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
6613
6614 #define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
6615
6616 #define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
6617 #define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
6618
6619 #define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
6620
6621 #define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
6622 #define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
6623
6624 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1 {
6625 ULONG32 ProviderId;
6626 } FSRTL_MUP_PROVIDER_INFO_LEVEL_1, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1;
6627
6628 typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2 {
6629 ULONG32 ProviderId;
6630 UNICODE_STRING ProviderName;
6631 } FSRTL_MUP_PROVIDER_INFO_LEVEL_2, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2;
6632
6633 typedef VOID
6634 (*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK) (
6635 _Inout_ PVOID EcpContext,
6636 _In_ LPCGUID EcpType);
6637
6638 typedef struct _ECP_LIST ECP_LIST, *PECP_LIST;
6639
6640 typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS;
6641 typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS;
6642 typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS;
6643
6644 typedef enum _FSRTL_CHANGE_BACKING_TYPE {
6645 ChangeDataControlArea,
6646 ChangeImageControlArea,
6647 ChangeSharedCacheMap
6648 } FSRTL_CHANGE_BACKING_TYPE, *PFSRTL_CHANGE_BACKING_TYPE;
6649
6650 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
6651
6652 typedef struct _FSRTL_PER_FILE_CONTEXT {
6653 LIST_ENTRY Links;
6654 PVOID OwnerId;
6655 PVOID InstanceId;
6656 PFREE_FUNCTION FreeCallback;
6657 } FSRTL_PER_FILE_CONTEXT, *PFSRTL_PER_FILE_CONTEXT;
6658
6659 typedef struct _FSRTL_PER_STREAM_CONTEXT {
6660 LIST_ENTRY Links;
6661 PVOID OwnerId;
6662 PVOID InstanceId;
6663 PFREE_FUNCTION FreeCallback;
6664 } FSRTL_PER_STREAM_CONTEXT, *PFSRTL_PER_STREAM_CONTEXT;
6665
6666 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6667 typedef VOID
6668 (*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS) (
6669 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader);
6670 #endif
6671
6672 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT {
6673 LIST_ENTRY Links;
6674 PVOID OwnerId;
6675 PVOID InstanceId;
6676 } FSRTL_PER_FILEOBJECT_CONTEXT, *PFSRTL_PER_FILEOBJECT_CONTEXT;
6677
6678 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
6679 #define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
6680
6681 typedef NTSTATUS
6682 (NTAPI *PCOMPLETE_LOCK_IRP_ROUTINE) (
6683 _In_ PVOID Context,
6684 _In_ PIRP Irp);
6685
6686 typedef struct _FILE_LOCK_INFO {
6687 LARGE_INTEGER StartingByte;
6688 LARGE_INTEGER Length;
6689 BOOLEAN ExclusiveLock;
6690 ULONG Key;
6691 PFILE_OBJECT FileObject;
6692 PVOID ProcessId;
6693 LARGE_INTEGER EndingByte;
6694 } FILE_LOCK_INFO, *PFILE_LOCK_INFO;
6695
6696 typedef VOID
6697 (NTAPI *PUNLOCK_ROUTINE) (
6698 _In_ PVOID Context,
6699 _In_ PFILE_LOCK_INFO FileLockInfo);
6700
6701 typedef struct _FILE_LOCK {
6702 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine;
6703 PUNLOCK_ROUTINE UnlockRoutine;
6704 BOOLEAN FastIoIsQuestionable;
6705 BOOLEAN SpareC[3];
6706 PVOID LockInformation;
6707 FILE_LOCK_INFO LastReturnedLockInfo;
6708 PVOID LastReturnedLock;
6709 LONG volatile LockRequestsInProgress;
6710 } FILE_LOCK, *PFILE_LOCK;
6711
6712 typedef struct _TUNNEL {
6713 FAST_MUTEX Mutex;
6714 PRTL_SPLAY_LINKS Cache;
6715 LIST_ENTRY TimerQueue;
6716 USHORT NumEntries;
6717 } TUNNEL, *PTUNNEL;
6718
6719 typedef struct _BASE_MCB {
6720 ULONG MaximumPairCount;
6721 ULONG PairCount;
6722 USHORT PoolType;
6723 USHORT Flags;
6724 PVOID Mapping;
6725 } BASE_MCB, *PBASE_MCB;
6726
6727 typedef struct _LARGE_MCB {
6728 PKGUARDED_MUTEX GuardedMutex;
6729 BASE_MCB BaseMcb;
6730 } LARGE_MCB, *PLARGE_MCB;
6731
6732 #define MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE 1
6733
6734 typedef struct _MCB {
6735 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly;
6736 } MCB, *PMCB;
6737
6738 typedef enum _FAST_IO_POSSIBLE {
6739 FastIoIsNotPossible = 0,
6740 FastIoIsPossible,
6741 FastIoIsQuestionable
6742 } FAST_IO_POSSIBLE;
6743
6744 typedef struct _EOF_WAIT_BLOCK {
6745 LIST_ENTRY EofWaitLinks;
6746 KEVENT Event;
6747 } EOF_WAIT_BLOCK, *PEOF_WAIT_BLOCK;
6748
6749 typedef PVOID OPLOCK, *POPLOCK;
6750
6751 typedef VOID
6752 (NTAPI *POPLOCK_WAIT_COMPLETE_ROUTINE) (
6753 _In_ PVOID Context,
6754 _In_ PIRP Irp);
6755
6756 typedef VOID
6757 (NTAPI *POPLOCK_FS_PREPOST_IRP) (
6758 _In_ PVOID Context,
6759 _In_ PIRP Irp);
6760
6761 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
6762 #define OPLOCK_FLAG_COMPLETE_IF_OPLOCKED 0x00000001
6763 #endif
6764
6765 #if (NTDDI_VERSION >= NTDDI_WIN7)
6766 #define OPLOCK_FLAG_OPLOCK_KEY_CHECK_ONLY 0x00000002
6767 #define OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK 0x00000004
6768 #define OPLOCK_FLAG_IGNORE_OPLOCK_KEYS 0x00000008
6769 #define OPLOCK_FSCTRL_FLAG_ALL_KEYS_MATCH 0x00000001
6770 #endif
6771
6772 #if (NTDDI_VERSION >= NTDDI_WIN7)
6773
6774 typedef struct _OPLOCK_KEY_ECP_CONTEXT {
6775 GUID OplockKey;
6776 ULONG Reserved;
6777 } OPLOCK_KEY_ECP_CONTEXT, *POPLOCK_KEY_ECP_CONTEXT;
6778
6779 DEFINE_GUID(GUID_ECP_OPLOCK_KEY, 0x48850596, 0x3050, 0x4be7, 0x98, 0x63, 0xfe, 0xc3, 0x50, 0xce, 0x8d, 0x7f);
6780
6781 #endif
6782
6783 typedef PVOID PNOTIFY_SYNC;
6784
6785 #if (NTDDI_VERSION >= NTDDI_WIN7)
6786 typedef struct _ECP_HEADER ECP_HEADER, *PECP_HEADER;
6787 #endif
6788
6789 typedef BOOLEAN
6790 (NTAPI *PCHECK_FOR_TRAVERSE_ACCESS) (
6791 _In_ PVOID NotifyContext,
6792 _In_opt_ PVOID TargetContext,
6793 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
6794
6795 typedef BOOLEAN
6796 (NTAPI *PFILTER_REPORT_CHANGE) (
6797 _In_ PVOID NotifyContext,
6798 _In_ PVOID FilterContext);
6799 /* FSRTL Functions */
6800
6801 #define FsRtlEnterFileSystem KeEnterCriticalRegion
6802 #define FsRtlExitFileSystem KeLeaveCriticalRegion
6803
6804 #if (NTDDI_VERSION >= NTDDI_WIN2K)
6805
6806 _Must_inspect_result_
6807 _IRQL_requires_max_(PASSIVE_LEVEL)
6808 NTKERNELAPI
6809 BOOLEAN
6810 NTAPI
6811 FsRtlCopyRead(
6812 _In_ PFILE_OBJECT FileObject,
6813 _In_ PLARGE_INTEGER FileOffset,
6814 _In_ ULONG Length,
6815 _In_ BOOLEAN Wait,
6816 _In_ ULONG LockKey,
6817 _Out_writes_bytes_(Length) PVOID Buffer,
6818 _Out_ PIO_STATUS_BLOCK IoStatus,
6819 _In_ PDEVICE_OBJECT DeviceObject);
6820
6821 _Must_inspect_result_
6822 _IRQL_requires_max_(PASSIVE_LEVEL)
6823 NTKERNELAPI
6824 BOOLEAN
6825 NTAPI
6826 FsRtlCopyWrite(
6827 _In_ PFILE_OBJECT FileObject,
6828 _In_ PLARGE_INTEGER FileOffset,
6829 _In_ ULONG Length,
6830 _In_ BOOLEAN Wait,
6831 _In_ ULONG LockKey,
6832 _In_reads_bytes_(Length) PVOID Buffer,
6833 _Out_ PIO_STATUS_BLOCK IoStatus,
6834 _In_ PDEVICE_OBJECT DeviceObject);
6835
6836 _Must_inspect_result_
6837 _IRQL_requires_max_(APC_LEVEL)
6838 NTKERNELAPI
6839 BOOLEAN
6840 NTAPI
6841 FsRtlMdlReadDev(
6842 _In_ PFILE_OBJECT FileObject,
6843 _In_ PLARGE_INTEGER FileOffset,
6844 _In_ ULONG Length,
6845 _In_ ULONG LockKey,
6846 _Outptr_ PMDL *MdlChain,
6847 _Out_ PIO_STATUS_BLOCK IoStatus,
6848 _In_opt_ PDEVICE_OBJECT DeviceObject);
6849
6850 _IRQL_requires_max_(PASSIVE_LEVEL)
6851 NTKERNELAPI
6852 BOOLEAN
6853 NTAPI
6854 FsRtlMdlReadCompleteDev(
6855 _In_ PFILE_OBJECT FileObject,
6856 _In_ PMDL MdlChain,
6857 _In_opt_ PDEVICE_OBJECT DeviceObject);
6858
6859 _Must_inspect_result_
6860 _IRQL_requires_max_(APC_LEVEL)
6861 NTKERNELAPI
6862 BOOLEAN
6863 NTAPI
6864 FsRtlPrepareMdlWriteDev(
6865 _In_ PFILE_OBJECT FileObject,
6866 _In_ PLARGE_INTEGER FileOffset,
6867 _In_ ULONG Length,
6868 _In_ ULONG LockKey,
6869 _Outptr_ PMDL *MdlChain,
6870 _Out_ PIO_STATUS_BLOCK IoStatus,
6871 _In_ PDEVICE_OBJECT DeviceObject);
6872
6873 _Must_inspect_result_
6874 _IRQL_requires_max_(PASSIVE_LEVEL)
6875 NTKERNELAPI
6876 BOOLEAN
6877 NTAPI
6878 FsRtlMdlWriteCompleteDev(
6879 _In_ PFILE_OBJECT FileObject,
6880 _In_ PLARGE_INTEGER FileOffset,
6881 _In_ PMDL MdlChain,
6882 _In_opt_ PDEVICE_OBJECT DeviceObject);
6883
6884 _IRQL_requires_max_(PASSIVE_LEVEL)
6885 NTKERNELAPI
6886 VOID
6887 NTAPI
6888 FsRtlAcquireFileExclusive(
6889 _In_ PFILE_OBJECT FileObject);
6890
6891 _IRQL_requires_max_(APC_LEVEL)
6892 NTKERNELAPI
6893 VOID
6894 NTAPI
6895 FsRtlReleaseFile(
6896 _In_ PFILE_OBJECT FileObject);
6897
6898 _Must_inspect_result_
6899 _IRQL_requires_max_(PASSIVE_LEVEL)
6900 NTKERNELAPI
6901 NTSTATUS
6902 NTAPI
6903 FsRtlGetFileSize(
6904 _In_ PFILE_OBJECT FileObject,
6905 _Out_ PLARGE_INTEGER FileSize);
6906
6907 _Must_inspect_result_
6908 NTKERNELAPI
6909 BOOLEAN
6910 NTAPI
6911 FsRtlIsTotalDeviceFailure(
6912 _In_ NTSTATUS Status);
6913
6914 _Must_inspect_result_
6915 _IRQL_requires_max_(APC_LEVEL)
6916 NTKERNELAPI
6917 PFILE_LOCK
6918 NTAPI
6919 FsRtlAllocateFileLock(
6920 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine,
6921 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine);
6922
6923 _IRQL_requires_max_(APC_LEVEL)
6924 NTKERNELAPI
6925 VOID
6926 NTAPI
6927 FsRtlFreeFileLock(
6928 _In_ PFILE_LOCK FileLock);
6929
6930 _IRQL_requires_max_(APC_LEVEL)
6931 NTKERNELAPI
6932 VOID
6933 NTAPI
6934 FsRtlInitializeFileLock(
6935 _Out_ PFILE_LOCK FileLock,
6936 _In_opt_ PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine,
6937 _In_opt_ PUNLOCK_ROUTINE UnlockRoutine);
6938
6939 _IRQL_requires_max_(APC_LEVEL)
6940 NTKERNELAPI
6941 VOID
6942 NTAPI
6943 FsRtlUninitializeFileLock(
6944 _Inout_ PFILE_LOCK FileLock);
6945
6946 /*
6947 FsRtlProcessFileLock:
6948
6949 ret:
6950 -STATUS_INVALID_DEVICE_REQUEST
6951 -STATUS_RANGE_NOT_LOCKED from unlock routines.
6952 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
6953 (redirected IoStatus->Status).
6954
6955 Internals:
6956 -switch ( Irp->CurrentStackLocation->MinorFunction )
6957 lock: return FsRtlPrivateLock;
6958 unlocksingle: return FsRtlFastUnlockSingle;
6959 unlockall: return FsRtlFastUnlockAll;
6960 unlockallbykey: return FsRtlFastUnlockAllByKey;
6961 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
6962 return STATUS_INVALID_DEVICE_REQUEST;
6963
6964 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
6965 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
6966 */
6967 _Must_inspect_result_
6968 _IRQL_requires_max_(APC_LEVEL)
6969 NTKERNELAPI
6970 NTSTATUS
6971 NTAPI
6972 FsRtlProcessFileLock(
6973 _In_ PFILE_LOCK FileLock,
6974 _In_ PIRP Irp,
6975 _In_opt_ PVOID Context);
6976
6977 /*
6978 FsRtlCheckLockForReadAccess:
6979
6980 All this really does is pick out the lock parameters from the irp (io stack
6981 location?), get IoGetRequestorProcess, and pass values on to
6982 FsRtlFastCheckLockForRead.
6983 */
6984 _Must_inspect_result_
6985 _IRQL_requires_max_(APC_LEVEL)
6986 NTKERNELAPI
6987 BOOLEAN
6988 NTAPI
6989 FsRtlCheckLockForReadAccess(
6990 _In_ PFILE_LOCK FileLock,
6991 _In_ PIRP Irp);
6992
6993 /*
6994 FsRtlCheckLockForWriteAccess:
6995
6996 All this really does is pick out the lock parameters from the irp (io stack
6997 location?), get IoGetRequestorProcess, and pass values on to
6998 FsRtlFastCheckLockForWrite.
6999 */
7000 _Must_inspect_result_
7001 _IRQL_requires_max_(APC_LEVEL)
7002 NTKERNELAPI
7003 BOOLEAN
7004 NTAPI
7005 FsRtlCheckLockForWriteAccess(
7006 _In_ PFILE_LOCK FileLock,
7007 _In_ PIRP Irp);
7008
7009 _Must_inspect_result_
7010 _IRQL_requires_max_(APC_LEVEL)
7011 NTKERNELAPI
7012 BOOLEAN
7013 NTAPI
7014 FsRtlFastCheckLockForRead(
7015 _In_ PFILE_LOCK FileLock,
7016 _In_ PLARGE_INTEGER FileOffset,
7017 _In_ PLARGE_INTEGER Length,
7018 _In_ ULONG Key,
7019 _In_ PFILE_OBJECT FileObject,
7020 _In_ PVOID Process);
7021
7022 _Must_inspect_result_
7023 _IRQL_requires_max_(APC_LEVEL)
7024 NTKERNELAPI
7025 BOOLEAN
7026 NTAPI
7027 FsRtlFastCheckLockForWrite(
7028 _In_ PFILE_LOCK FileLock,
7029 _In_ PLARGE_INTEGER FileOffset,
7030 _In_ PLARGE_INTEGER Length,
7031 _In_ ULONG Key,
7032 _In_ PFILE_OBJECT FileObject,
7033 _In_ PVOID Process);
7034
7035 /*
7036 FsRtlGetNextFileLock:
7037
7038 ret: NULL if no more locks
7039
7040 Internals:
7041 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
7042 FileLock->LastReturnedLock as storage.
7043 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
7044 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
7045 calls with Restart = FALSE.
7046 */
7047 _Must_inspect_result_
7048 _IRQL_requires_max_(APC_LEVEL)
7049 NTKERNELAPI
7050 PFILE_LOCK_INFO
7051 NTAPI
7052 FsRtlGetNextFileLock(
7053 _In_ PFILE_LOCK FileLock,
7054 _In_ BOOLEAN Restart);
7055
7056 _IRQL_requires_max_(APC_LEVEL)
7057 NTKERNELAPI
7058 NTSTATUS
7059 NTAPI
7060 FsRtlFastUnlockSingle(
7061 _In_ PFILE_LOCK FileLock,
7062 _In_ PFILE_OBJECT FileObject,
7063 _In_ PLARGE_INTEGER FileOffset,
7064 _In_ PLARGE_INTEGER Length,
7065 _In_ PEPROCESS Process,
7066 _In_ ULONG Key,
7067 _In_opt_ PVOID Context,
7068 _In_ BOOLEAN AlreadySynchronized);
7069
7070 _IRQL_requires_max_(APC_LEVEL)
7071 NTKERNELAPI
7072 NTSTATUS
7073 NTAPI
7074 FsRtlFastUnlockAll(
7075 _In_ PFILE_LOCK FileLock,
7076 _In_ PFILE_OBJECT FileObject,
7077 _In_ PEPROCESS Process,
7078 _In_opt_ PVOID Context);
7079
7080 _IRQL_requires_max_(APC_LEVEL)
7081 NTKERNELAPI
7082 NTSTATUS
7083 NTAPI
7084 FsRtlFastUnlockAllByKey(
7085 _In_ PFILE_LOCK FileLock,
7086 _In_ PFILE_OBJECT FileObject,
7087 _In_ PEPROCESS Process,
7088 _In_ ULONG Key,
7089 _In_opt_ PVOID Context);
7090
7091 /*
7092 FsRtlPrivateLock:
7093
7094 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
7095
7096 Internals:
7097 -Calls IoCompleteRequest if Irp
7098 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
7099 */
7100 _Must_inspect_result_
7101 _IRQL_requires_max_(APC_LEVEL)
7102 __drv_preferredFunction(FsRtlFastLock, "Obsolete")
7103 NTKERNELAPI
7104 BOOLEAN
7105 NTAPI
7106 FsRtlPrivateLock(
7107 _In_ PFILE_LOCK FileLock,
7108 _In_ PFILE_OBJECT FileObject,
7109 _In_ PLARGE_INTEGER FileOffset,
7110 _In_ PLARGE_INTEGER Length,
7111 _In_ PEPROCESS Process,
7112 _In_ ULONG Key,
7113 _In_ BOOLEAN FailImmediately,
7114 _In_ BOOLEAN ExclusiveLock,
7115 _Out_ PIO_STATUS_BLOCK IoStatus,
7116 _In_opt_ PIRP Irp,
7117 _In_opt_ __drv_aliasesMem PVOID Context,
7118 _In_ BOOLEAN AlreadySynchronized);
7119
7120 _IRQL_requires_max_(APC_LEVEL)
7121 NTKERNELAPI
7122 VOID
7123 NTAPI
7124 FsRtlInitializeTunnelCache(
7125 _In_ PTUNNEL Cache);
7126
7127 _IRQL_requires_max_(APC_LEVEL)
7128 NTKERNELAPI
7129 VOID
7130 NTAPI
7131 FsRtlAddToTunnelCache(
7132 _In_ PTUNNEL Cache,
7133 _In_ ULONGLONG DirectoryKey,
7134 _In_ PUNICODE_STRING ShortName,
7135 _In_ PUNICODE_STRING LongName,
7136 _In_ BOOLEAN KeyByShortName,
7137 _In_ ULONG DataLength,
7138 _In_reads_bytes_(DataLength) PVOID Data);
7139
7140 _Must_inspect_result_
7141 _IRQL_requires_max_(APC_LEVEL)
7142 NTKERNELAPI
7143 BOOLEAN
7144 NTAPI
7145 FsRtlFindInTunnelCache(
7146 _In_ PTUNNEL Cache,
7147 _In_ ULONGLONG DirectoryKey,
7148 _In_ PUNICODE_STRING Name,
7149 _Out_ PUNICODE_STRING ShortName,
7150 _Out_ PUNICODE_STRING LongName,
7151 _Inout_ PULONG DataLength,
7152 _Out_writes_bytes_to_(*DataLength, *DataLength) PVOID Data);
7153
7154 _IRQL_requires_max_(APC_LEVEL)
7155 NTKERNELAPI
7156 VOID
7157 NTAPI
7158 FsRtlDeleteKeyFromTunnelCache(
7159 _In_ PTUNNEL Cache,
7160 _In_ ULONGLONG DirectoryKey);
7161
7162 _IRQL_requires_max_(APC_LEVEL)
7163 NTKERNELAPI
7164 VOID
7165 NTAPI
7166 FsRtlDeleteTunnelCache(
7167 _In_ PTUNNEL Cache);
7168
7169 _IRQL_requires_max_(APC_LEVEL)
7170 NTKERNELAPI
7171 VOID
7172 NTAPI
7173 FsRtlDissectDbcs(
7174 _In_ ANSI_STRING Name,
7175 _Out_ PANSI_STRING FirstPart,
7176 _Out_ PANSI_STRING RemainingPart);
7177
7178 _Must_inspect_result_
7179 _IRQL_requires_max_(APC_LEVEL)
7180 NTKERNELAPI
7181 BOOLEAN
7182 NTAPI
7183 FsRtlDoesDbcsContainWildCards(
7184 _In_ PANSI_STRING Name);
7185
7186 _Must_inspect_result_
7187 _IRQL_requires_max_(APC_LEVEL)
7188 NTKERNELAPI
7189 BOOLEAN
7190 NTAPI
7191 FsRtlIsDbcsInExpression(
7192 _In_ PANSI_STRING Expression,
7193 _In_ PANSI_STRING Name);
7194
7195 _Must_inspect_result_
7196 _IRQL_requires_max_(APC_LEVEL)
7197 NTKERNELAPI
7198 BOOLEAN
7199 NTAPI
7200 FsRtlIsFatDbcsLegal(
7201 _In_ ANSI_STRING DbcsName,
7202 _In_ BOOLEAN WildCardsPermissible,
7203 _In_ BOOLEAN PathNamePermissible,
7204 _In_ BOOLEAN LeadingBackslashPermissible);
7205
7206 _Must_inspect_result_
7207 _IRQL_requires_max_(APC_LEVEL)
7208 NTKERNELAPI
7209 BOOLEAN
7210 NTAPI
7211 FsRtlIsHpfsDbcsLegal(
7212 _In_ ANSI_STRING DbcsName,
7213 _In_ BOOLEAN WildCardsPermissible,
7214 _In_ BOOLEAN PathNamePermissible,
7215 _In_ BOOLEAN LeadingBackslashPermissible);
7216
7217 NTKERNELAPI
7218 NTSTATUS
7219 NTAPI
7220 FsRtlNormalizeNtstatus(
7221 _In_ NTSTATUS Exception,
7222 _In_ NTSTATUS GenericException);
7223
7224 _Must_inspect_result_
7225 NTKERNELAPI
7226 BOOLEAN
7227 NTAPI
7228 FsRtlIsNtstatusExpected(
7229 _In_ NTSTATUS Ntstatus);
7230
7231 _IRQL_requires_max_(APC_LEVEL)
7232 __drv_preferredFunction(ExAllocateFromNPagedLookasideList, "The FsRtlAllocateResource routine is obsolete, but is exported to support existing driver binaries. Use ExAllocateFromNPagedLookasideList and ExInitializeResourceLite instead.")
7233 NTKERNELAPI
7234 PERESOURCE
7235 NTAPI
7236 FsRtlAllocateResource(VOID);
7237
7238 _IRQL_requires_max_(APC_LEVEL)
7239 NTKERNELAPI
7240 VOID
7241 NTAPI
7242 FsRtlInitializeLargeMcb(
7243 _Out_ PLARGE_MCB Mcb,
7244 _In_ POOL_TYPE PoolType);
7245
7246 _IRQL_requires_max_(APC_LEVEL)
7247 NTKERNELAPI
7248 VOID
7249 NTAPI
7250 FsRtlUninitializeLargeMcb(
7251 _Inout_ PLARGE_MCB Mcb);
7252
7253 _IRQL_requires_max_(APC_LEVEL)
7254 NTKERNELAPI
7255 VOID
7256 NTAPI
7257 FsRtlResetLargeMcb(
7258 _Inout_ PLARGE_MCB Mcb,
7259 _In_ BOOLEAN SelfSynchronized);
7260
7261 _IRQL_requires_max_(APC_LEVEL)
7262 NTKERNELAPI
7263 VOID
7264 NTAPI
7265 FsRtlTruncateLargeMcb(
7266 _Inout_ PLARGE_MCB Mcb,
7267 _In_ LONGLONG Vbn);
7268
7269 _Must_inspect_result_
7270 _IRQL_requires_max_(APC_LEVEL)
7271 NTKERNELAPI
7272 BOOLEAN
7273 NTAPI
7274 FsRtlAddLargeMcbEntry(
7275 _Inout_ PLARGE_MCB Mcb,
7276 _In_ LONGLONG Vbn,
7277 _In_ LONGLONG Lbn,
7278 _In_ LONGLONG SectorCount);
7279
7280 _IRQL_requires_max_(APC_LEVEL)
7281 NTKERNELAPI
7282 VOID
7283 NTAPI
7284 FsRtlRemoveLargeMcbEntry(
7285 _Inout_ PLARGE_MCB Mcb,
7286 _In_ LONGLONG Vbn,
7287 _In_ LONGLONG SectorCount);
7288
7289 _IRQL_requires_max_(APC_LEVEL)
7290 NTKERNELAPI
7291 BOOLEAN
7292 NTAPI
7293 FsRtlLookupLargeMcbEntry(
7294 _In_ PLARGE_MCB Mcb,
7295 _In_ LONGLONG Vbn,
7296 _Out_opt_ PLONGLONG Lbn,
7297 _Out_opt_ PLONGLONG SectorCountFromLbn,
7298 _Out_opt_ PLONGLONG StartingLbn,
7299 _Out_opt_ PLONGLONG SectorCountFromStartingLbn,
7300 _Out_opt_ PULONG Index);
7301
7302 _IRQL_requires_max_(APC_LEVEL)
7303 NTKERNELAPI
7304 BOOLEAN
7305 NTAPI
7306 FsRtlLookupLastLargeMcbEntry(
7307 _In_ PLARGE_MCB Mcb,
7308 _Out_ PLONGLONG Vbn,
7309 _Out_ PLONGLONG Lbn);
7310
7311 _IRQL_requires_max_(APC_LEVEL)
7312 NTKERNELAPI
7313 BOOLEAN
7314 NTAPI
7315 FsRtlLookupLastLargeMcbEntryAndIndex(
7316 _In_ PLARGE_MCB OpaqueMcb,
7317 _Out_ PLONGLONG LargeVbn,
7318 _Out_ PLONGLONG LargeLbn,
7319 _Out_ PULONG Index);
7320
7321 _IRQL_requires_max_(APC_LEVEL)
7322 NTKERNELAPI
7323 ULONG
7324 NTAPI
7325 FsRtlNumberOfRunsInLargeMcb(
7326 _In_ PLARGE_MCB Mcb);
7327
7328 _Must_inspect_result_
7329 _IRQL_requires_max_(APC_LEVEL)
7330 NTKERNELAPI
7331 BOOLEAN
7332 NTAPI
7333 FsRtlGetNextLargeMcbEntry(
7334 _In_ PLARGE_MCB Mcb,
7335 _In_ ULONG RunIndex,
7336 _Out_ PLONGLONG Vbn,
7337 _Out_ PLONGLONG Lbn,
7338 _Out_ PLONGLONG SectorCount);
7339
7340 _Must_inspect_result_
7341 _IRQL_requires_max_(APC_LEVEL)
7342 NTKERNELAPI
7343 BOOLEAN
7344 NTAPI
7345 FsRtlSplitLargeMcb(
7346 _Inout_ PLARGE_MCB Mcb,
7347 _In_ LONGLONG Vbn,
7348 _In_ LONGLONG Amount);
7349
7350 _IRQL_requires_max_(APC_LEVEL)
7351 __drv_preferredFunction(FsRtlInitializeLargeMcb, "Obsolete")
7352 NTKERNELAPI
7353 VOID
7354 NTAPI
7355 FsRtlInitializeMcb(
7356 _Out_ PMCB Mcb,
7357 _In_ POOL_TYPE PoolType);
7358
7359 _IRQL_requires_max_(APC_LEVEL)
7360 NTKERNELAPI
7361 VOID
7362 NTAPI
7363 FsRtlUninitializeMcb(
7364 _Inout_ PMCB Mcb);
7365
7366 _IRQL_requires_max_(APC_LEVEL)
7367 NTKERNELAPI
7368 VOID
7369 NTAPI
7370 FsRtlTruncateMcb(
7371 _Inout_ PMCB Mcb,
7372 _In_ VBN Vbn);
7373
7374 _IRQL_requires_max_(APC_LEVEL)
7375 NTKERNELAPI
7376 BOOLEAN
7377 NTAPI
7378 FsRtlAddMcbEntry(
7379 _Inout_ PMCB Mcb,
7380 _In_ VBN Vbn,
7381 _In_ LBN Lbn,
7382 _In_ ULONG SectorCount);
7383
7384 _IRQL_requires_max_(APC_LEVEL)
7385 NTKERNELAPI
7386 VOID
7387 NTAPI
7388 FsRtlRemoveMcbEntry(
7389 _Inout_ PMCB Mcb,
7390 _In_ VBN Vbn,
7391 _In_ ULONG SectorCount);
7392
7393 _IRQL_requires_max_(APC_LEVEL)
7394 NTKERNELAPI
7395 BOOLEAN
7396 NTAPI
7397 FsRtlLookupMcbEntry(
7398 _In_ PMCB Mcb,
7399 _In_ VBN Vbn,
7400 _Out_ PLBN Lbn,
7401 _Out_opt_ PULONG SectorCount,
7402 _Out_ PULONG Index);
7403
7404 _IRQL_requires_max_(APC_LEVEL)
7405 NTKERNELAPI
7406 BOOLEAN
7407 NTAPI
7408 FsRtlLookupLastMcbEntry(
7409 _In_ PMCB Mcb,
7410 _Out_ PVBN Vbn,
7411 _Out_ PLBN Lbn);
7412
7413 _IRQL_requires_max_(APC_LEVEL)
7414 NTKERNELAPI
7415 ULONG
7416 NTAPI
7417 FsRtlNumberOfRunsInMcb(
7418 _In_ PMCB Mcb);
7419
7420 _Must_inspect_result_
7421 _IRQL_requires_max_(APC_LEVEL)
7422 NTKERNELAPI
7423 BOOLEAN
7424 NTAPI
7425 FsRtlGetNextMcbEntry(
7426 _In_ PMCB Mcb,
7427 _In_ ULONG RunIndex,
7428 _Out_ PVBN Vbn,
7429 _Out_ PLBN Lbn,
7430 _Out_ PULONG SectorCount);
7431
7432 _IRQL_requires_max_(PASSIVE_LEVEL)
7433 NTKERNELAPI
7434 NTSTATUS
7435 NTAPI
7436 FsRtlBalanceReads(
7437 _In_ PDEVICE_OBJECT TargetDevice);
7438
7439 _IRQL_requires_max_(APC_LEVEL)
7440 NTKERNELAPI
7441 VOID
7442 NTAPI
7443 FsRtlInitializeOplock(
7444 _Inout_ POPLOCK Oplock);
7445
7446 _IRQL_requires_max_(APC_LEVEL)
7447 NTKERNELAPI
7448 VOID
7449 NTAPI
7450 FsRtlUninitializeOplock(
7451 _Inout_ POPLOCK Oplock);
7452
7453 _Must_inspect_result_
7454 _IRQL_requires_max_(APC_LEVEL)
7455 NTKERNELAPI
7456 NTSTATUS
7457 NTAPI
7458 FsRtlOplockFsctrl(
7459 _In_ POPLOCK Oplock,
7460 _In_ PIRP Irp,
7461 _In_ ULONG OpenCount);
7462
7463 _When_(CompletionRoutine != NULL, _Must_inspect_result_)
7464 _IRQL_requires_max_(APC_LEVEL)
7465 NTKERNELAPI
7466 NTSTATUS
7467 NTAPI
7468 FsRtlCheckOplock(
7469 _In_ POPLOCK Oplock,
7470 _In_ PIRP Irp,
7471 _In_opt_ PVOID Context,
7472 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
7473 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
7474
7475 _Must_inspect_result_
7476 _IRQL_requires_max_(APC_LEVEL)
7477 NTKERNELAPI
7478 BOOLEAN
7479 NTAPI
7480 FsRtlOplockIsFastIoPossible(
7481 _In_ POPLOCK Oplock);
7482
7483 _Must_inspect_result_
7484 _IRQL_requires_max_(APC_LEVEL)
7485 NTKERNELAPI
7486 BOOLEAN
7487 NTAPI
7488 FsRtlCurrentBatchOplock(
7489 _In_ POPLOCK Oplock);
7490
7491 _IRQL_requires_max_(APC_LEVEL)
7492 NTKERNELAPI
7493 NTSTATUS
7494 NTAPI
7495 FsRtlNotifyVolumeEvent(
7496 _In_ PFILE_OBJECT FileObject,
7497 _In_ ULONG EventCode);
7498
7499 _IRQL_requires_max_(APC_LEVEL)
7500 NTKERNELAPI
7501 VOID
7502 NTAPI
7503 FsRtlNotifyInitializeSync(
7504 _In_ PNOTIFY_SYNC *NotifySync);
7505
7506 _IRQL_requires_max_(APC_LEVEL)
7507 NTKERNELAPI
7508 VOID
7509 NTAPI
7510 FsRtlNotifyUninitializeSync(
7511 _In_ PNOTIFY_SYNC *NotifySync);
7512
7513 _IRQL_requires_max_(PASSIVE_LEVEL)
7514 NTKERNELAPI
7515 VOID
7516 NTAPI
7517 FsRtlNotifyFullChangeDirectory(
7518 _In_ PNOTIFY_SYNC NotifySync,
7519 _In_ PLIST_ENTRY NotifyList,
7520 _In_ PVOID FsContext,
7521 _In_ PSTRING FullDirectoryName,
7522 _In_ BOOLEAN WatchTree,
7523 _In_ BOOLEAN IgnoreBuffer,
7524 _In_ ULONG CompletionFilter,
7525 _In_opt_ PIRP NotifyIrp,
7526 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback,
7527 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext);
7528
7529 _IRQL_requires_max_(PASSIVE_LEVEL)
7530 NTKERNELAPI
7531 VOID
7532 NTAPI
7533 FsRtlNotifyFilterReportChange(
7534 _In_ PNOTIFY_SYNC NotifySync,
7535 _In_ PLIST_ENTRY NotifyList,
7536 _In_ PSTRING FullTargetName,
7537 _In_ USHORT TargetNameOffset,
7538 _In_opt_ PSTRING StreamName,
7539 _In_opt_ PSTRING NormalizedParentName,
7540 _In_ ULONG FilterMatch,
7541 _In_ ULONG Action,
7542 _In_opt_ PVOID TargetContext,
7543 _In_opt_ PVOID FilterContext);
7544
7545 _IRQL_requires_max_(PASSIVE_LEVEL)
7546 NTKERNELAPI
7547 VOID
7548 NTAPI
7549 FsRtlNotifyFullReportChange(
7550 _In_ PNOTIFY_SYNC NotifySync,
7551 _In_ PLIST_ENTRY NotifyList,
7552 _In_ PSTRING FullTargetName,
7553 _In_ USHORT TargetNameOffset,
7554 _In_opt_ PSTRING StreamName,
7555 _In_opt_ PSTRING NormalizedParentName,
7556 _In_ ULONG FilterMatch,
7557 _In_ ULONG Action,
7558 _In_opt_ PVOID TargetContext);
7559
7560 _IRQL_requires_max_(APC_LEVEL)
7561 NTKERNELAPI
7562 VOID
7563 NTAPI
7564 FsRtlNotifyCleanup(
7565 _In_ PNOTIFY_SYNC NotifySync,
7566 _In_ PLIST_ENTRY NotifyList,
7567 _In_ PVOID FsContext);
7568
7569 _IRQL_requires_max_(PASSIVE_LEVEL)
7570 NTKERNELAPI
7571 VOID
7572 NTAPI
7573 FsRtlDissectName(
7574 _In_ UNICODE_STRING Name,
7575 _Out_ PUNICODE_STRING FirstPart,
7576 _Out_ PUNICODE_STRING RemainingPart);
7577
7578 _Must_inspect_result_
7579 _IRQL_requires_max_(PASSIVE_LEVEL)
7580 NTKERNELAPI
7581 BOOLEAN
7582 NTAPI
7583 FsRtlDoesNameContainWildCards(
7584 _In_ PUNICODE_STRING Name);
7585
7586 _Must_inspect_result_
7587 _IRQL_requires_max_(PASSIVE_LEVEL)
7588 NTKERNELAPI
7589 BOOLEAN
7590 NTAPI
7591 FsRtlAreNamesEqual(
7592 _In_ PCUNICODE_STRING Name1,
7593 _In_ PCUNICODE_STRING Name2,
7594 _In_ BOOLEAN IgnoreCase,
7595 _In_reads_opt_(0x10000) PCWCH UpcaseTable);
7596
7597 _Must_inspect_result_
7598 _IRQL_requires_max_(PASSIVE_LEVEL)
7599 NTKERNELAPI
7600 BOOLEAN
7601 NTAPI
7602 FsRtlIsNameInExpression(
7603 _In_ PUNICODE_STRING Expression,
7604 _In_ PUNICODE_STRING Name,
7605 _In_ BOOLEAN IgnoreCase,
7606 _In_opt_ PWCHAR UpcaseTable);
7607
7608 _IRQL_requires_max_(DISPATCH_LEVEL)
7609 NTKERNELAPI
7610 VOID
7611 NTAPI
7612 FsRtlPostPagingFileStackOverflow(
7613 _In_ PVOID Context,
7614 _In_ PKEVENT Event,
7615 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine);
7616
7617 _IRQL_requires_max_(DISPATCH_LEVEL)
7618 NTKERNELAPI
7619 VOID
7620 NTAPI
7621 FsRtlPostStackOverflow (
7622 _In_ PVOID Context,
7623 _In_ PKEVENT Event,
7624 _In_ PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine);
7625
7626 _Must_inspect_result_
7627 _IRQL_requires_max_(PASSIVE_LEVEL)
7628 NTKERNELAPI
7629 NTSTATUS
7630 NTAPI
7631 FsRtlRegisterUncProvider(
7632 _Out_ PHANDLE MupHandle,
7633 _In_ PUNICODE_STRING RedirectorDeviceName,
7634 _In_ BOOLEAN MailslotsSupported);
7635
7636 _IRQL_requires_max_(PASSIVE_LEVEL)
7637 NTKERNELAPI
7638 VOID
7639 NTAPI
7640 FsRtlDeregisterUncProvider(
7641 _In_ HANDLE Handle);
7642
7643 _IRQL_requires_max_(APC_LEVEL)
7644 NTKERNELAPI
7645 VOID
7646 NTAPI
7647 FsRtlTeardownPerStreamContexts(
7648 _In_ PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader);
7649
7650 _Must_inspect_result_
7651 _IRQL_requires_max_(APC_LEVEL)
7652 NTKERNELAPI
7653 NTSTATUS
7654 NTAPI
7655 FsRtlCreateSectionForDataScan(
7656 _Out_ PHANDLE SectionHandle,
7657 _Outptr_ PVOID *SectionObject,
7658 _Out_opt_ PLARGE_INTEGER SectionFileSize,
7659 _In_ PFILE_OBJECT FileObject,
7660 _In_ ACCESS_MASK DesiredAccess,
7661 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
7662 _In_opt_ PLARGE_INTEGER MaximumSize,
7663 _In_ ULONG SectionPageProtection,
7664 _In_ ULONG AllocationAttributes,
7665 _In_ ULONG Flags);
7666
7667 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
7668
7669 #if (NTDDI_VERSION >= NTDDI_WINXP)
7670
7671 _IRQL_requires_max_(PASSIVE_LEVEL)
7672 NTKERNELAPI
7673 VOID
7674 NTAPI
7675 FsRtlNotifyFilterChangeDirectory(
7676 _In_ PNOTIFY_SYNC NotifySync,
7677 _In_ PLIST_ENTRY NotifyList,
7678 _In_ PVOID FsContext,
7679 _In_ PSTRING FullDirectoryName,
7680 _In_ BOOLEAN WatchTree,
7681 _In_ BOOLEAN IgnoreBuffer,
7682 _In_ ULONG CompletionFilter,
7683 _In_opt_ PIRP NotifyIrp,
7684 _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback,
7685 _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
7686 _In_opt_ PFILTER_REPORT_CHANGE FilterCallback);
7687
7688 _Must_inspect_result_
7689 _IRQL_requires_max_(APC_LEVEL)
7690 NTKERNELAPI
7691 NTSTATUS
7692 NTAPI
7693 FsRtlInsertPerStreamContext(
7694 _In_ PFSRTL_ADVANCED_FCB_HEADER PerStreamContext,
7695 _In_ PFSRTL_PER_STREAM_CONTEXT Ptr);
7696
7697 _Must_inspect_result_
7698 _IRQL_requires_max_(APC_LEVEL)
7699 NTKERNELAPI
7700 PFSRTL_PER_STREAM_CONTEXT
7701 NTAPI
7702 FsRtlLookupPerStreamContextInternal(
7703 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext,
7704 _In_opt_ PVOID OwnerId,
7705 _In_opt_ PVOID InstanceId);
7706
7707 _Must_inspect_result_
7708 _IRQL_requires_max_(APC_LEVEL)
7709 NTKERNELAPI
7710 PFSRTL_PER_STREAM_CONTEXT
7711 NTAPI
7712 FsRtlRemovePerStreamContext(
7713 _In_ PFSRTL_ADVANCED_FCB_HEADER StreamContext,
7714 _In_opt_ PVOID OwnerId,
7715 _In_opt_ PVOID InstanceId);
7716
7717 NTKERNELAPI
7718 VOID
7719 NTAPI
7720 FsRtlIncrementCcFastReadNotPossible(
7721 VOID);
7722
7723 NTKERNELAPI
7724 VOID
7725 NTAPI
7726 FsRtlIncrementCcFastReadWait(VOID);
7727
7728 NTKERNELAPI
7729 VOID
7730 NTAPI
7731 FsRtlIncrementCcFastReadNoWait(VOID);
7732
7733 NTKERNELAPI
7734 VOID
7735 NTAPI
7736 FsRtlIncrementCcFastReadResourceMiss(VOID);
7737
7738 _IRQL_requires_max_(APC_LEVEL)
7739 NTKERNELAPI
7740 LOGICAL
7741 NTAPI
7742 FsRtlIsPagingFile(
7743 _In_ PFILE_OBJECT FileObject);
7744
7745 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
7746
7747 #if (NTDDI_VERSION >= NTDDI_WS03)
7748
7749 _IRQL_requires_max_(APC_LEVEL)
7750 NTKERNELAPI
7751 VOID
7752 NTAPI
7753 FsRtlInitializeBaseMcb(
7754 _Out_ PBASE_MCB Mcb,
7755 _In_ POOL_TYPE PoolType);
7756
7757 _IRQL_requires_max_(APC_LEVEL)
7758 NTKERNELAPI
7759 VOID
7760 NTAPI
7761 FsRtlUninitializeBaseMcb(
7762 _In_ PBASE_MCB Mcb);
7763
7764 _IRQL_requires_max_(APC_LEVEL)
7765 NTKERNELAPI
7766 VOID
7767 NTAPI
7768 FsRtlResetBaseMcb(
7769 _Out_ PBASE_MCB Mcb);
7770
7771 _IRQL_requires_max_(APC_LEVEL)
7772 NTKERNELAPI
7773 VOID
7774 NTAPI
7775 FsRtlTruncateBaseMcb(
7776 _Inout_ PBASE_MCB Mcb,
7777 _In_ LONGLONG Vbn);
7778
7779 _IRQL_requires_max_(APC_LEVEL)
7780 NTKERNELAPI
7781 BOOLEAN
7782 NTAPI
7783 FsRtlAddBaseMcbEntry(
7784 _Inout_ PBASE_MCB Mcb,
7785 _In_ LONGLONG Vbn,
7786 _In_ LONGLONG Lbn,
7787 _In_ LONGLONG SectorCount);
7788
7789 _IRQL_requires_max_(APC_LEVEL)
7790 NTKERNELAPI
7791 BOOLEAN
7792 NTAPI
7793 FsRtlRemoveBaseMcbEntry(
7794 _Inout_ PBASE_MCB Mcb,
7795 _In_ LONGLONG Vbn,
7796 _In_ LONGLONG SectorCount);
7797
7798 _IRQL_requires_max_(APC_LEVEL)
7799 NTKERNELAPI
7800 BOOLEAN
7801 NTAPI
7802 FsRtlLookupBaseMcbEntry(
7803 _In_ PBASE_MCB Mcb,
7804 _In_ LONGLONG Vbn,
7805 _Out_opt_ PLONGLONG Lbn,
7806 _Out_opt_ PLONGLONG SectorCountFromLbn,
7807 _Out_opt_ PLONGLONG StartingLbn,
7808 _Out_opt_ PLONGLONG SectorCountFromStartingLbn,
7809 _Out_opt_ PULONG Index);
7810
7811 _IRQL_requires_max_(APC_LEVEL)
7812 NTKERNELAPI
7813 BOOLEAN
7814 NTAPI
7815 FsRtlLookupLastBaseMcbEntry(
7816 _In_ PBASE_MCB Mcb,
7817 _Out_ PLONGLONG Vbn,
7818 _Out_ PLONGLONG Lbn);
7819
7820 _IRQL_requires_max_(APC_LEVEL)
7821 NTKERNELAPI
7822 BOOLEAN
7823 NTAPI
7824 FsRtlLookupLastBaseMcbEntryAndIndex(
7825 _In_ PBASE_MCB OpaqueMcb,
7826 _Inout_ PLONGLONG LargeVbn,
7827 _Inout_ PLONGLONG LargeLbn,
7828 _Inout_ PULONG Index);
7829
7830 _IRQL_requires_max_(APC_LEVEL)
7831 NTKERNELAPI
7832 ULONG
7833 NTAPI
7834 FsRtlNumberOfRunsInBaseMcb(
7835 _In_ PBASE_MCB Mcb);
7836
7837 _IRQL_requires_max_(APC_LEVEL)
7838 NTKERNELAPI
7839 BOOLEAN
7840 NTAPI
7841 FsRtlGetNextBaseMcbEntry(
7842 _In_ PBASE_MCB Mcb,
7843 _In_ ULONG RunIndex,
7844 _Out_ PLONGLONG Vbn,
7845 _Out_ PLONGLONG Lbn,
7846 _Out_ PLONGLONG SectorCount);
7847
7848 _IRQL_requires_max_(APC_LEVEL)
7849 NTKERNELAPI
7850 BOOLEAN
7851 NTAPI
7852 FsRtlSplitBaseMcb(
7853 _Inout_ PBASE_MCB Mcb,
7854 _In_ LONGLONG Vbn,
7855 _In_ LONGLONG Amount);
7856
7857 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
7858
7859 #if (NTDDI_VERSION >= NTDDI_VISTA)
7860
7861 _When_(!Flags & MCB_FLAG_RAISE_ON_ALLOCATION_FAILURE, _Must_inspect_result_)
7862 _IRQL_requires_max_(APC_LEVEL)
7863 BOOLEAN
7864 NTAPI
7865 FsRtlInitializeBaseMcbEx(
7866 _Out_ PBASE_MCB Mcb,
7867 _In_ POOL_TYPE PoolType,
7868 _In_ USHORT Flags);
7869
7870 _Must_inspect_result_
7871 _IRQL_requires_max_(APC_LEVEL)
7872 NTSTATUS
7873 NTAPI
7874 FsRtlAddBaseMcbEntryEx(
7875 _Inout_ PBASE_MCB Mcb,
7876 _In_ LONGLONG Vbn,
7877 _In_ LONGLONG Lbn,
7878 _In_ LONGLONG SectorCount);
7879
7880 _Must_inspect_result_
7881 _IRQL_requires_max_(APC_LEVEL)
7882 NTKERNELAPI
7883 BOOLEAN
7884 NTAPI
7885 FsRtlCurrentOplock(
7886 _In_ POPLOCK Oplock);
7887
7888 _Must_inspect_result_
7889 _IRQL_requires_max_(APC_LEVEL)
7890 NTKERNELAPI
7891 NTSTATUS
7892 NTAPI
7893 FsRtlOplockBreakToNone(
7894 _Inout_ POPLOCK Oplock,
7895 _In_opt_ PIO_STACK_LOCATION IrpSp,
7896 _In_ PIRP Irp,
7897 _In_opt_ PVOID Context,
7898 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
7899 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
7900
7901 _IRQL_requires_max_(DISPATCH_LEVEL)
7902 NTKERNELAPI
7903 NTSTATUS
7904 NTAPI
7905 FsRtlNotifyVolumeEventEx(
7906 _In_ PFILE_OBJECT FileObject,
7907 _In_ ULONG EventCode,
7908 _In_ PTARGET_DEVICE_CUSTOM_NOTIFICATION Event);
7909
7910 _IRQL_requires_max_(APC_LEVEL)
7911 NTKERNELAPI
7912 VOID
7913 NTAPI
7914 FsRtlNotifyCleanupAll(
7915 _In_ PNOTIFY_SYNC NotifySync,
7916 _In_ PLIST_ENTRY NotifyList);
7917
7918 _Must_inspect_result_
7919 _IRQL_requires_max_(PASSIVE_LEVEL)
7920 NTSTATUS
7921 NTAPI
7922 FsRtlRegisterUncProviderEx(
7923 _Out_ PHANDLE MupHandle,
7924 _In_ PUNICODE_STRING RedirDevName,
7925 _In_ PDEVICE_OBJECT DeviceObject,
7926 _In_ ULONG Flags);
7927
7928 _Must_inspect_result_
7929 _When_(Irp!=NULL, _IRQL_requires_max_(PASSIVE_LEVEL))
7930 _When_(Irp==NULL, _IRQL_requires_max_(APC_LEVEL))
7931 NTKERNELAPI
7932 NTSTATUS
7933 NTAPI
7934 FsRtlCancellableWaitForSingleObject(
7935 _In_ PVOID Object,
7936 _In_opt_ PLARGE_INTEGER Timeout,
7937 _In_opt_ PIRP Irp);
7938
7939 _Must_inspect_result_
7940 _When_(Irp != NULL, _IRQL_requires_max_(PASSIVE_LEVEL))
7941 _When_(Irp == NULL, _IRQL_requires_max_(APC_LEVEL))
7942 NTKERNELAPI
7943 NTSTATUS
7944 NTAPI
7945 FsRtlCancellableWaitForMultipleObjects(
7946 _In_ ULONG Count,
7947 _In_reads_(Count) PVOID ObjectArray[],
7948 _In_ WAIT_TYPE WaitType,
7949 _In_opt_ PLARGE_INTEGER Timeout,
7950 _In_opt_ PKWAIT_BLOCK WaitBlockArray,
7951 _In_opt_ PIRP Irp);
7952
7953 _Must_inspect_result_
7954 _IRQL_requires_max_(APC_LEVEL)
7955 NTKERNELAPI
7956 NTSTATUS
7957 NTAPI
7958 FsRtlMupGetProviderInfoFromFileObject(
7959 _In_ PFILE_OBJECT pFileObject,
7960 _In_ ULONG Level,
7961 _Out_writes_bytes_(*pBufferSize) PVOID pBuffer,
7962 _Inout_ PULONG pBufferSize);
7963
7964 _Must_inspect_result_
7965 _IRQL_requires_max_(APC_LEVEL)
7966 NTKERNELAPI
7967 NTSTATUS
7968 NTAPI
7969 FsRtlMupGetProviderIdFromName(
7970 _In_ PUNICODE_STRING pProviderName,
7971 _Out_ PULONG32 pProviderId);
7972
7973 NTKERNELAPI
7974 VOID
7975 NTAPI
7976 FsRtlIncrementCcFastMdlReadWait(VOID);
7977
7978 _Must_inspect_result_
7979 _IRQL_requires_max_(PASSIVE_LEVEL)
7980 NTKERNELAPI
7981 NTSTATUS
7982 NTAPI
7983 FsRtlValidateReparsePointBuffer(
7984 _In_ ULONG BufferLength,
7985 _In_reads_bytes_(BufferLength) PREPARSE_DATA_BUFFER ReparseBuffer);
7986
7987 _Must_inspect_result_
7988 _IRQL_requires_max_(PASSIVE_LEVEL)
7989 NTKERNELAPI
7990 NTSTATUS
7991 NTAPI
7992 FsRtlRemoveDotsFromPath(
7993 _Inout_updates_bytes_(PathLength) PWSTR OriginalString,
7994 _In_ USHORT PathLength,
7995 _Out_ USHORT *NewLength);
7996
7997 _Must_inspect_result_
7998 _IRQL_requires_max_(APC_LEVEL)
7999 NTKERNELAPI
8000 NTSTATUS
8001 NTAPI
8002 FsRtlAllocateExtraCreateParameterList(
8003 _In_ FSRTL_ALLOCATE_ECPLIST_FLAGS Flags,
8004 _Outptr_ PECP_LIST *EcpList);
8005
8006 _IRQL_requires_max_(APC_LEVEL)
8007 NTKERNELAPI
8008 VOID
8009 NTAPI
8010 FsRtlFreeExtraCreateParameterList(
8011 _In_ PECP_LIST EcpList);
8012
8013 _Must_inspect_result_
8014 _IRQL_requires_max_(APC_LEVEL)
8015 NTKERNELAPI
8016 NTSTATUS
8017 NTAPI
8018 FsRtlAllocateExtraCreateParameter(
8019 _In_ LPCGUID EcpType,
8020 _In_ ULONG SizeOfContext,
8021 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags,
8022 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8023 _In_ ULONG PoolTag,
8024 _Outptr_result_bytebuffer_(SizeOfContext) PVOID *EcpContext);
8025
8026 _IRQL_requires_max_(APC_LEVEL)
8027 NTKERNELAPI
8028 VOID
8029 NTAPI
8030 FsRtlFreeExtraCreateParameter(
8031 _In_ PVOID EcpContext);
8032
8033 _When_(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL, _IRQL_requires_max_(DISPATCH_LEVEL))
8034 _When_(!(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL), _IRQL_requires_max_(APC_LEVEL))
8035 NTKERNELAPI
8036 VOID
8037 NTAPI
8038 FsRtlInitExtraCreateParameterLookasideList(
8039 _Inout_ PVOID Lookaside,
8040 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags,
8041 _In_ SIZE_T Size,
8042 _In_ ULONG Tag);
8043
8044 _When_(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL, _IRQL_requires_max_(DISPATCH_LEVEL))
8045 _When_(!(Flags|FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL), _IRQL_requires_max_(APC_LEVEL))
8046 VOID
8047 NTAPI
8048 FsRtlDeleteExtraCreateParameterLookasideList(
8049 _Inout_ PVOID Lookaside,
8050 _In_ FSRTL_ECP_LOOKASIDE_FLAGS Flags);
8051
8052 _Must_inspect_result_
8053 _IRQL_requires_max_(APC_LEVEL)
8054 NTKERNELAPI
8055 NTSTATUS
8056 NTAPI
8057 FsRtlAllocateExtraCreateParameterFromLookasideList(
8058 _In_ LPCGUID EcpType,
8059 ULONG SizeOfContext,
8060 _In_ FSRTL_ALLOCATE_ECP_FLAGS Flags,
8061 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8062 _Inout_ PVOID LookasideList,
8063 _Outptr_ PVOID *EcpContext);
8064
8065 _Must_inspect_result_
8066 _IRQL_requires_max_(APC_LEVEL)
8067 NTKERNELAPI
8068 NTSTATUS
8069 NTAPI
8070 FsRtlInsertExtraCreateParameter(
8071 _Inout_ PECP_LIST EcpList,
8072 _Inout_ PVOID EcpContext);
8073
8074 _Must_inspect_result_
8075 _IRQL_requires_max_(APC_LEVEL)
8076 NTKERNELAPI
8077 NTSTATUS
8078 NTAPI
8079 FsRtlFindExtraCreateParameter(
8080 _In_ PECP_LIST EcpList,
8081 _In_ LPCGUID EcpType,
8082 _Outptr_opt_ PVOID *EcpContext,
8083 _Out_opt_ ULONG *EcpContextSize);
8084
8085 _Must_inspect_result_
8086 _IRQL_requires_max_(APC_LEVEL)
8087 NTKERNELAPI
8088 NTSTATUS
8089 NTAPI
8090 FsRtlRemoveExtraCreateParameter(
8091 _Inout_ PECP_LIST EcpList,
8092 _In_ LPCGUID EcpType,
8093 _Outptr_ PVOID *EcpContext,
8094 _Out_opt_ ULONG *EcpContextSize);
8095
8096 _Must_inspect_result_
8097 _IRQL_requires_max_(APC_LEVEL)
8098 NTKERNELAPI
8099 NTSTATUS
8100 NTAPI
8101 FsRtlGetEcpListFromIrp(
8102 _In_ PIRP Irp,
8103 _Outptr_result_maybenull_ PECP_LIST *EcpList);
8104
8105 _Must_inspect_result_
8106 _IRQL_requires_max_(APC_LEVEL)
8107 NTKERNELAPI
8108 NTSTATUS
8109 NTAPI
8110 FsRtlSetEcpListIntoIrp(
8111 _Inout_ PIRP Irp,
8112 _In_ PECP_LIST EcpList);
8113
8114 _Must_inspect_result_
8115 _IRQL_requires_max_(APC_LEVEL)
8116 NTKERNELAPI
8117 NTSTATUS
8118 NTAPI
8119 FsRtlGetNextExtraCreateParameter(
8120 _In_ PECP_LIST EcpList,
8121 _In_opt_ PVOID CurrentEcpContext,
8122 _Out_opt_ LPGUID NextEcpType,
8123 _Outptr_opt_ PVOID *NextEcpContext,
8124 _Out_opt_ ULONG *NextEcpContextSize);
8125
8126 _IRQL_requires_max_(APC_LEVEL)
8127 NTKERNELAPI
8128 VOID
8129 NTAPI
8130 FsRtlAcknowledgeEcp(
8131 _In_ PVOID EcpContext);
8132
8133 _IRQL_requires_max_(APC_LEVEL)
8134 NTKERNELAPI
8135 BOOLEAN
8136 NTAPI
8137 FsRtlIsEcpAcknowledged(
8138 _In_ PVOID EcpContext);
8139
8140 _IRQL_requires_max_(APC_LEVEL)
8141 NTKERNELAPI
8142 BOOLEAN
8143 NTAPI
8144 FsRtlIsEcpFromUserMode(
8145 _In_ PVOID EcpContext);
8146
8147 _Must_inspect_result_
8148 _IRQL_requires_max_(PASSIVE_LEVEL)
8149 NTKERNELAPI
8150 NTSTATUS
8151 NTAPI
8152 FsRtlChangeBackingFileObject(
8153 _In_opt_ PFILE_OBJECT CurrentFileObject,
8154 _In_ PFILE_OBJECT NewFileObject,
8155 _In_ FSRTL_CHANGE_BACKING_TYPE ChangeBackingType,
8156 _In_ ULONG Flags);
8157
8158 _Must_inspect_result_
8159 _IRQL_requires_max_(APC_LEVEL)
8160 NTKERNELAPI
8161 NTSTATUS
8162 NTAPI
8163 FsRtlLogCcFlushError(
8164 _In_ PUNICODE_STRING FileName,
8165 _In_ PDEVICE_OBJECT DeviceObject,
8166 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8167 _In_ NTSTATUS FlushError,
8168 _In_ ULONG Flags);
8169
8170 _IRQL_requires_max_(APC_LEVEL)
8171 NTKERNELAPI
8172 BOOLEAN
8173 NTAPI
8174 FsRtlAreVolumeStartupApplicationsComplete(VOID);
8175
8176 NTKERNELAPI
8177 ULONG
8178 NTAPI
8179 FsRtlQueryMaximumVirtualDiskNestingLevel(VOID);
8180
8181 NTKERNELAPI
8182 NTSTATUS
8183 NTAPI
8184 FsRtlGetVirtualDiskNestingLevel(
8185 _In_ PDEVICE_OBJECT DeviceObject,
8186 _Out_ PULONG NestingLevel,
8187 _Out_opt_ PULONG NestingFlags);
8188
8189 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
8190
8191 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
8192 _When_(Flags | OPLOCK_FLAG_BACK_OUT_ATOMIC_OPLOCK, _Must_inspect_result_)
8193 _IRQL_requires_max_(APC_LEVEL)
8194 NTKERNELAPI
8195 NTSTATUS
8196 NTAPI
8197 FsRtlCheckOplockEx(
8198 _In_ POPLOCK Oplock,
8199 _In_ PIRP Irp,
8200 _In_ ULONG Flags,
8201 _In_opt_ PVOID Context,
8202 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8203 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8204
8205 #endif
8206
8207 #if (NTDDI_VERSION >= NTDDI_WIN7)
8208
8209 _IRQL_requires_max_(APC_LEVEL)
8210 NTKERNELAPI
8211 BOOLEAN
8212 NTAPI
8213 FsRtlAreThereCurrentOrInProgressFileLocks(
8214 _In_ PFILE_LOCK FileLock);
8215
8216 _Must_inspect_result_
8217 _IRQL_requires_max_(APC_LEVEL)
8218 NTKERNELAPI
8219 BOOLEAN
8220 NTAPI
8221 FsRtlOplockIsSharedRequest(
8222 _In_ PIRP Irp);
8223
8224 _Must_inspect_result_
8225 _IRQL_requires_max_(APC_LEVEL)
8226 NTKERNELAPI
8227 NTSTATUS
8228 NTAPI
8229 FsRtlOplockBreakH(
8230 _In_ POPLOCK Oplock,
8231 _In_ PIRP Irp,
8232 _In_ ULONG Flags,
8233 _In_opt_ PVOID Context,
8234 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8235 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8236
8237 _IRQL_requires_max_(APC_LEVEL)
8238 NTKERNELAPI
8239 BOOLEAN
8240 NTAPI
8241 FsRtlCurrentOplockH(
8242 _In_ POPLOCK Oplock);
8243
8244 _Must_inspect_result_
8245 _IRQL_requires_max_(APC_LEVEL)
8246 NTKERNELAPI
8247 NTSTATUS
8248 NTAPI
8249 FsRtlOplockBreakToNoneEx(
8250 _Inout_ POPLOCK Oplock,
8251 _In_ PIRP Irp,
8252 _In_ ULONG Flags,
8253 _In_opt_ PVOID Context,
8254 _In_opt_ POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine,
8255 _In_opt_ POPLOCK_FS_PREPOST_IRP PostIrpRoutine);
8256
8257 _Must_inspect_result_
8258 _IRQL_requires_max_(APC_LEVEL)
8259 NTKERNELAPI
8260 NTSTATUS
8261 NTAPI
8262 FsRtlOplockFsctrlEx(
8263 _In_ POPLOCK Oplock,
8264 _In_ PIRP Irp,
8265 _In_ ULONG OpenCount,
8266 _In_ ULONG Flags);
8267
8268 _IRQL_requires_max_(APC_LEVEL)
8269 NTKERNELAPI
8270 BOOLEAN
8271 NTAPI
8272 FsRtlOplockKeysEqual(
8273 _In_opt_ PFILE_OBJECT Fo1,
8274 _In_opt_ PFILE_OBJECT Fo2);
8275
8276 NTKERNELAPI
8277 NTSTATUS
8278 NTAPI
8279 FsRtlInitializeExtraCreateParameterList(
8280 _Inout_ PECP_LIST EcpList);
8281
8282 NTKERNELAPI
8283 VOID
8284 NTAPI
8285 FsRtlInitializeExtraCreateParameter(
8286 _Out_ PECP_HEADER Ecp,
8287 _In_ ULONG EcpFlags,
8288 _In_opt_ PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK CleanupCallback,
8289 _In_ ULONG TotalSize,
8290 _In_ LPCGUID EcpType,
8291 _In_opt_ PVOID ListAllocatedFrom);
8292
8293 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
8294
8295 _Must_inspect_result_
8296 _IRQL_requires_max_(APC_LEVEL)
8297 NTKERNELAPI
8298 NTSTATUS
8299 NTAPI
8300 FsRtlInsertPerFileContext(
8301 _In_ PVOID* PerFileContextPointer,
8302 _In_ PFSRTL_PER_FILE_CONTEXT Ptr);
8303
8304 _Must_inspect_result_
8305 _IRQL_requires_max_(APC_LEVEL)
8306 NTKERNELAPI
8307 PFSRTL_PER_FILE_CONTEXT
8308 NTAPI
8309 FsRtlLookupPerFileContext(
8310 _In_ PVOID* PerFileContextPointer,
8311 _In_opt_ PVOID OwnerId,
8312 _In_opt_ PVOID InstanceId);
8313
8314 _Must_inspect_result_
8315 _IRQL_requires_max_(APC_LEVEL)
8316 NTKERNELAPI
8317 PFSRTL_PER_FILE_CONTEXT
8318 NTAPI
8319 FsRtlRemovePerFileContext(
8320 _In_ PVOID* PerFileContextPointer,
8321 _In_opt_ PVOID OwnerId,
8322 _In_opt_ PVOID InstanceId);
8323
8324 _IRQL_requires_max_(APC_LEVEL)
8325 NTKERNELAPI
8326 VOID
8327 NTAPI
8328 FsRtlTeardownPerFileContexts(
8329 _In_ PVOID* PerFileContextPointer);
8330
8331 _Must_inspect_result_
8332 _IRQL_requires_max_(APC_LEVEL)
8333 NTKERNELAPI
8334 NTSTATUS
8335 NTAPI
8336 FsRtlInsertPerFileObjectContext(
8337 _In_ PFILE_OBJECT FileObject,
8338 _In_ PFSRTL_PER_FILEOBJECT_CONTEXT Ptr);
8339
8340 _Must_inspect_result_
8341 _IRQL_requires_max_(APC_LEVEL)
8342 NTKERNELAPI
8343 PFSRTL_PER_FILEOBJECT_CONTEXT
8344 NTAPI
8345 FsRtlLookupPerFileObjectContext(
8346 _In_ PFILE_OBJECT FileObject,
8347 _In_opt_ PVOID OwnerId,
8348 _In_opt_ PVOID InstanceId);
8349
8350 _Must_inspect_result_
8351 _IRQL_requires_max_(APC_LEVEL)
8352 NTKERNELAPI
8353 PFSRTL_PER_FILEOBJECT_CONTEXT
8354 NTAPI
8355 FsRtlRemovePerFileObjectContext(
8356 _In_ PFILE_OBJECT FileObject,
8357 _In_opt_ PVOID OwnerId,
8358 _In_opt_ PVOID InstanceId);
8359
8360 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) ( \
8361 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11) \
8362 )
8363
8364 #define FsRtlAreThereCurrentFileLocks(FL) ( \
8365 ((FL)->FastIoIsQuestionable) \
8366 )
8367
8368 #define FsRtlIncrementLockRequestsInProgress(FL) { \
8369 ASSERT( (FL)->LockRequestsInProgress >= 0 ); \
8370 (void) \
8371 (InterlockedIncrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8372 }
8373
8374 #define FsRtlDecrementLockRequestsInProgress(FL) { \
8375 ASSERT( (FL)->LockRequestsInProgress > 0 ); \
8376 (void) \
8377 (InterlockedDecrement((LONG volatile *)&((FL)->LockRequestsInProgress)));\
8378 }
8379
8380 /* GCC compatible definition, MS one is retarded */
8381 extern NTKERNELAPI const UCHAR * const FsRtlLegalAnsiCharacterArray;
8382 #define LEGAL_ANSI_CHARACTER_ARRAY FsRtlLegalAnsiCharacterArray
8383
8384 #define FsRtlIsAnsiCharacterWild(C) ( \
8385 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], FSRTL_WILD_CHARACTER ) \
8386 )
8387
8388 #define FsRtlIsAnsiCharacterLegalFat(C, WILD) ( \
8389 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_FAT_LEGAL) | \
8390 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8391 )
8392
8393 #define FsRtlIsAnsiCharacterLegalHpfs(C, WILD) ( \
8394 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_HPFS_LEGAL) | \
8395 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8396 )
8397
8398 #define FsRtlIsAnsiCharacterLegalNtfs(C, WILD) ( \
8399 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], (FSRTL_NTFS_LEGAL) | \
8400 ((WILD) ? FSRTL_WILD_CHARACTER : 0 )) \
8401 )
8402
8403 #define FsRtlIsAnsiCharacterLegalNtfsStream(C,WILD_OK) ( \
8404 FsRtlTestAnsiCharacter((C), TRUE, (WILD_OK), FSRTL_NTFS_STREAM_LEGAL) \
8405 )
8406
8407 #define FsRtlIsAnsiCharacterLegal(C,FLAGS) ( \
8408 FsRtlTestAnsiCharacter((C), TRUE, FALSE, (FLAGS)) \
8409 )
8410
8411 #define FsRtlTestAnsiCharacter(C, DEFAULT_RET, WILD_OK, FLAGS) ( \
8412 ((SCHAR)(C) < 0) ? DEFAULT_RET : \
8413 FlagOn( LEGAL_ANSI_CHARACTER_ARRAY[(C)], \
8414 (FLAGS) | \
8415 ((WILD_OK) ? FSRTL_WILD_CHARACTER : 0) ) \
8416 )
8417
8418 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) ( \
8419 (BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
8420 (NLS_MB_CODE_PAGE_TAG && \
8421 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))) \
8422 )
8423
8424 #define FsRtlIsUnicodeCharacterWild(C) ( \
8425 (((C) >= 0x40) ? \
8426 FALSE : \
8427 FlagOn(FsRtlLegalAnsiCharacterArray[(C)], FSRTL_WILD_CHARACTER )) \
8428 )
8429
8430 #define FsRtlInitPerFileContext( _fc, _owner, _inst, _cb) \
8431 ((_fc)->OwnerId = (_owner), \
8432 (_fc)->InstanceId = (_inst), \
8433 (_fc)->FreeCallback = (_cb))
8434
8435 #define FsRtlGetPerFileContextPointer(_fo) \
8436 (FsRtlSupportsPerFileContexts(_fo) ? \
8437 FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer : \
8438 NULL)
8439
8440 #define FsRtlSupportsPerFileContexts(_fo) \
8441 ((FsRtlGetPerStreamContextPointer(_fo) != NULL) && \
8442 (FsRtlGetPerStreamContextPointer(_fo)->Version >= FSRTL_FCB_HEADER_V1) && \
8443 (FsRtlGetPerStreamContextPointer(_fo)->FileContextSupportPointer != NULL))
8444
8445 #define FsRtlSetupAdvancedHeaderEx( _advhdr, _fmutx, _fctxptr ) \
8446 { \
8447 FsRtlSetupAdvancedHeader( _advhdr, _fmutx ); \
8448 if ((_fctxptr) != NULL) { \
8449 (_advhdr)->FileContextSupportPointer = (_fctxptr); \
8450 } \
8451 }
8452
8453 #define FsRtlGetPerStreamContextPointer(FO) ( \
8454 (PFSRTL_ADVANCED_FCB_HEADER)(FO)->FsContext \
8455 )
8456
8457 #define FsRtlInitPerStreamContext(PSC, O, I, FC) ( \
8458 (PSC)->OwnerId = (O), \
8459 (PSC)->InstanceId = (I), \
8460 (PSC)->FreeCallback = (FC) \
8461 )
8462
8463 #define FsRtlSupportsPerStreamContexts(FO) ( \
8464 (BOOLEAN)((NULL != FsRtlGetPerStreamContextPointer(FO) && \
8465 FlagOn(FsRtlGetPerStreamContextPointer(FO)->Flags2, \
8466 FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS)) \
8467 )
8468
8469 #define FsRtlLookupPerStreamContext(_sc, _oid, _iid) \
8470 (((NULL != (_sc)) && \
8471 FlagOn((_sc)->Flags2,FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS) && \
8472 !IsListEmpty(&(_sc)->FilterContexts)) ? \
8473 FsRtlLookupPerStreamContextInternal((_sc), (_oid), (_iid)) : \
8474 NULL)
8475
8476 _IRQL_requires_max_(APC_LEVEL)
8477 FORCEINLINE
8478 VOID
8479 NTAPI
8480 FsRtlSetupAdvancedHeader(
8481 _In_ PVOID AdvHdr,
8482 _In_ PFAST_MUTEX FMutex )
8483 {
8484 PFSRTL_ADVANCED_FCB_HEADER localAdvHdr = (PFSRTL_ADVANCED_FCB_HEADER)AdvHdr;
8485
8486 localAdvHdr->Flags |= FSRTL_FLAG_ADVANCED_HEADER;
8487 localAdvHdr->Flags2 |= FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS;
8488 #if (NTDDI_VERSION >= NTDDI_VISTA)
8489 localAdvHdr->Version = FSRTL_FCB_HEADER_V1;
8490 #else
8491 localAdvHdr->Version = FSRTL_FCB_HEADER_V0;
8492 #endif
8493 InitializeListHead( &localAdvHdr->FilterContexts );
8494 if (FMutex != NULL) {
8495 localAdvHdr->FastMutex = FMutex;
8496 }
8497 #if (NTDDI_VERSION >= NTDDI_VISTA)
8498 *((PULONG_PTR)(&localAdvHdr->PushLock)) = 0;
8499 localAdvHdr->FileContextSupportPointer = NULL;
8500 #endif
8501 }
8502
8503 #define FsRtlInitPerFileObjectContext(_fc, _owner, _inst) \
8504 ((_fc)->OwnerId = (_owner), (_fc)->InstanceId = (_inst))
8505
8506 #define FsRtlCompleteRequest(IRP,STATUS) { \
8507 (IRP)->IoStatus.Status = (STATUS); \
8508 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
8509 }
8510 /* Common Cache Types */
8511
8512 #define VACB_MAPPING_GRANULARITY (0x40000)
8513 #define VACB_OFFSET_SHIFT (18)
8514
8515 typedef struct _PUBLIC_BCB {
8516 CSHORT NodeTypeCode;
8517 CSHORT NodeByteSize;
8518 ULONG MappedLength;
8519 LARGE_INTEGER MappedFileOffset;
8520 } PUBLIC_BCB, *PPUBLIC_BCB;
8521
8522 typedef struct _CC_FILE_SIZES {
8523 LARGE_INTEGER AllocationSize;
8524 LARGE_INTEGER FileSize;
8525 LARGE_INTEGER ValidDataLength;
8526 } CC_FILE_SIZES, *PCC_FILE_SIZES;
8527
8528 typedef BOOLEAN
8529 (NTAPI *PACQUIRE_FOR_LAZY_WRITE) (
8530 _In_ PVOID Context,
8531 _In_ BOOLEAN Wait);
8532
8533 typedef VOID
8534 (NTAPI *PRELEASE_FROM_LAZY_WRITE) (
8535 _In_ PVOID Context);
8536
8537 typedef BOOLEAN
8538 (NTAPI *PACQUIRE_FOR_READ_AHEAD) (
8539 _In_ PVOID Context,
8540 _In_ BOOLEAN Wait);
8541
8542 typedef VOID
8543 (NTAPI *PRELEASE_FROM_READ_AHEAD) (
8544 _In_ PVOID Context);
8545
8546 typedef struct _CACHE_MANAGER_CALLBACKS {
8547 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite;
8548 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite;
8549 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead;
8550 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead;
8551 } CACHE_MANAGER_CALLBACKS, *PCACHE_MANAGER_CALLBACKS;
8552
8553 typedef struct _CACHE_UNINITIALIZE_EVENT {
8554 struct _CACHE_UNINITIALIZE_EVENT *Next;
8555 KEVENT Event;
8556 } CACHE_UNINITIALIZE_EVENT, *PCACHE_UNINITIALIZE_EVENT;
8557
8558 typedef VOID
8559 (NTAPI *PDIRTY_PAGE_ROUTINE) (
8560 _In_ PFILE_OBJECT FileObject,
8561 _In_ PLARGE_INTEGER FileOffset,
8562 _In_ ULONG Length,
8563 _In_ PLARGE_INTEGER OldestLsn,
8564 _In_ PLARGE_INTEGER NewestLsn,
8565 _In_ PVOID Context1,
8566 _In_ PVOID Context2);
8567
8568 typedef VOID
8569 (NTAPI *PFLUSH_TO_LSN) (
8570 _In_ PVOID LogHandle,
8571 _In_ LARGE_INTEGER Lsn);
8572
8573 typedef VOID
8574 (NTAPI *PCC_POST_DEFERRED_WRITE) (
8575 _In_ PVOID Context1,
8576 _In_ PVOID Context2);
8577
8578 #define UNINITIALIZE_CACHE_MAPS (1)
8579 #define DO_NOT_RETRY_PURGE (2)
8580 #define DO_NOT_PURGE_DIRTY_PAGES (0x4)
8581
8582 #define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
8583 /* Common Cache Functions */
8584
8585 #define CcIsFileCached(FO) ( \
8586 ((FO)->SectionObjectPointer != NULL) && \
8587 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
8588 )
8589
8590 extern ULONG CcFastMdlReadWait;
8591
8592 #if (NTDDI_VERSION >= NTDDI_WIN2K)
8593
8594 NTKERNELAPI
8595 VOID
8596 NTAPI
8597 CcInitializeCacheMap(
8598 _In_ PFILE_OBJECT FileObject,
8599 _In_ PCC_FILE_SIZES FileSizes,
8600 _In_ BOOLEAN PinAccess,
8601 _In_ PCACHE_MANAGER_CALLBACKS Callbacks,
8602 _In_ PVOID LazyWriteContext);
8603
8604 NTKERNELAPI
8605 BOOLEAN
8606 NTAPI
8607 CcUninitializeCacheMap(
8608 _In_ PFILE_OBJECT FileObject,
8609 _In_opt_ PLARGE_INTEGER TruncateSize,
8610 _In_opt_ PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent);
8611
8612 NTKERNELAPI
8613 VOID
8614 NTAPI
8615 CcSetFileSizes(
8616 IN PFILE_OBJECT FileObject,
8617 IN PCC_FILE_SIZES FileSizes);
8618
8619 NTKERNELAPI
8620 VOID
8621 NTAPI
8622 CcSetDirtyPageThreshold(
8623 _In_ PFILE_OBJECT FileObject,
8624 _In_ ULONG DirtyPageThreshold);
8625
8626 NTKERNELAPI
8627 VOID
8628 NTAPI
8629 CcFlushCache(
8630 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8631 _In_opt_ PLARGE_INTEGER FileOffset,
8632 _In_ ULONG Length,
8633 _Out_opt_ PIO_STATUS_BLOCK IoStatus);
8634
8635 NTKERNELAPI
8636 LARGE_INTEGER
8637 NTAPI
8638 CcGetFlushedValidData(
8639 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8640 _In_ BOOLEAN BcbListHeld);
8641
8642 NTKERNELAPI
8643 BOOLEAN
8644 NTAPI
8645 CcZeroData(
8646 _In_ PFILE_OBJECT FileObject,
8647 _In_ PLARGE_INTEGER StartOffset,
8648 _In_ PLARGE_INTEGER EndOffset,
8649 _In_ BOOLEAN Wait);
8650
8651 NTKERNELAPI
8652 PVOID
8653 NTAPI
8654 CcRemapBcb(
8655 _In_ PVOID Bcb);
8656
8657 NTKERNELAPI
8658 VOID
8659 NTAPI
8660 CcRepinBcb(
8661 _In_ PVOID Bcb);
8662
8663 NTKERNELAPI
8664 VOID
8665 NTAPI
8666 CcUnpinRepinnedBcb(
8667 _In_ PVOID Bcb,
8668 _In_ BOOLEAN WriteThrough,
8669 _Out_ PIO_STATUS_BLOCK IoStatus);
8670
8671 NTKERNELAPI
8672 PFILE_OBJECT
8673 NTAPI
8674 CcGetFileObjectFromSectionPtrs(
8675 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer);
8676
8677 NTKERNELAPI
8678 PFILE_OBJECT
8679 NTAPI
8680 CcGetFileObjectFromBcb(
8681 _In_ PVOID Bcb);
8682
8683 NTKERNELAPI
8684 BOOLEAN
8685 NTAPI
8686 CcCanIWrite(
8687 _In_opt_ PFILE_OBJECT FileObject,
8688 _In_ ULONG BytesToWrite,
8689 _In_ BOOLEAN Wait,
8690 _In_ BOOLEAN Retrying);
8691
8692 NTKERNELAPI
8693 VOID
8694 NTAPI
8695 CcDeferWrite(
8696 _In_ PFILE_OBJECT FileObject,
8697 _In_ PCC_POST_DEFERRED_WRITE PostRoutine,
8698 _In_ PVOID Context1,
8699 _In_ PVOID Context2,
8700 _In_ ULONG BytesToWrite,
8701 _In_ BOOLEAN Retrying);
8702
8703 NTKERNELAPI
8704 BOOLEAN
8705 NTAPI
8706 CcCopyRead(
8707 _In_ PFILE_OBJECT FileObject,
8708 _In_ PLARGE_INTEGER FileOffset,
8709 _In_ ULONG Length,
8710 _In_ BOOLEAN Wait,
8711 _Out_writes_bytes_(Length) PVOID Buffer,
8712 _Out_ PIO_STATUS_BLOCK IoStatus);
8713
8714 NTKERNELAPI
8715 VOID
8716 NTAPI
8717 CcFastCopyRead(
8718 _In_ PFILE_OBJECT FileObject,
8719 _In_ ULONG FileOffset,
8720 _In_ ULONG Length,
8721 _In_ ULONG PageCount,
8722 _Out_writes_bytes_(Length) PVOID Buffer,
8723 _Out_ PIO_STATUS_BLOCK IoStatus);
8724
8725 NTKERNELAPI
8726 BOOLEAN
8727 NTAPI
8728 CcCopyWrite(
8729 _In_ PFILE_OBJECT FileObject,
8730 _In_ PLARGE_INTEGER FileOffset,
8731 _In_ ULONG Length,
8732 _In_ BOOLEAN Wait,
8733 _In_reads_bytes_(Length) PVOID Buffer);
8734
8735 NTKERNELAPI
8736 VOID
8737 NTAPI
8738 CcFastCopyWrite(
8739 _In_ PFILE_OBJECT FileObject,
8740 _In_ ULONG FileOffset,
8741 _In_ ULONG Length,
8742 _In_reads_bytes_(Length) PVOID Buffer);
8743
8744 NTKERNELAPI
8745 VOID
8746 NTAPI
8747 CcMdlRead(
8748 _In_ PFILE_OBJECT FileObject,
8749 _In_ PLARGE_INTEGER FileOffset,
8750 _In_ ULONG Length,
8751 _Out_ PMDL *MdlChain,
8752 _Out_ PIO_STATUS_BLOCK IoStatus);
8753
8754 NTKERNELAPI
8755 VOID
8756 NTAPI
8757 CcMdlReadComplete(
8758 _In_ PFILE_OBJECT FileObject,
8759 _In_ PMDL MdlChain);
8760
8761 NTKERNELAPI
8762 VOID
8763 NTAPI
8764 CcPrepareMdlWrite(
8765 _In_ PFILE_OBJECT FileObject,
8766 _In_ PLARGE_INTEGER FileOffset,
8767 _In_ ULONG Length,
8768 _Out_ PMDL *MdlChain,
8769 _Out_ PIO_STATUS_BLOCK IoStatus);
8770
8771 NTKERNELAPI
8772 VOID
8773 NTAPI
8774 CcMdlWriteComplete(
8775 _In_ PFILE_OBJECT FileObject,
8776 _In_ PLARGE_INTEGER FileOffset,
8777 _In_ PMDL MdlChain);
8778
8779 NTKERNELAPI
8780 VOID
8781 NTAPI
8782 CcScheduleReadAhead(
8783 _In_ PFILE_OBJECT FileObject,
8784 _In_ PLARGE_INTEGER FileOffset,
8785 _In_ ULONG Length);
8786
8787 NTKERNELAPI
8788 NTSTATUS
8789 NTAPI
8790 CcWaitForCurrentLazyWriterActivity(VOID);
8791
8792 NTKERNELAPI
8793 VOID
8794 NTAPI
8795 CcSetReadAheadGranularity(
8796 _In_ PFILE_OBJECT FileObject,
8797 _In_ ULONG Granularity);
8798
8799 NTKERNELAPI
8800 BOOLEAN
8801 NTAPI
8802 CcPinRead(
8803 _In_ PFILE_OBJECT FileObject,
8804 _In_ PLARGE_INTEGER FileOffset,
8805 _In_ ULONG Length,
8806 _In_ ULONG Flags,
8807 _Outptr_ PVOID *Bcb,
8808 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8809
8810 NTKERNELAPI
8811 BOOLEAN
8812 NTAPI
8813 CcPinMappedData(
8814 _In_ PFILE_OBJECT FileObject,
8815 _In_ PLARGE_INTEGER FileOffset,
8816 _In_ ULONG Length,
8817 _In_ ULONG Flags,
8818 _Inout_ PVOID *Bcb);
8819
8820 NTKERNELAPI
8821 BOOLEAN
8822 NTAPI
8823 CcPreparePinWrite(
8824 _In_ PFILE_OBJECT FileObject,
8825 _In_ PLARGE_INTEGER FileOffset,
8826 _In_ ULONG Length,
8827 _In_ BOOLEAN Zero,
8828 _In_ ULONG Flags,
8829 _Outptr_ PVOID *Bcb,
8830 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8831
8832 NTKERNELAPI
8833 VOID
8834 NTAPI
8835 CcSetDirtyPinnedData(
8836 _In_ PVOID BcbVoid,
8837 _In_opt_ PLARGE_INTEGER Lsn);
8838
8839 NTKERNELAPI
8840 VOID
8841 NTAPI
8842 CcUnpinData(
8843 _In_ PVOID Bcb);
8844
8845 NTKERNELAPI
8846 VOID
8847 NTAPI
8848 CcSetBcbOwnerPointer(
8849 _In_ PVOID Bcb,
8850 _In_ PVOID OwnerPointer);
8851
8852 NTKERNELAPI
8853 VOID
8854 NTAPI
8855 CcUnpinDataForThread(
8856 _In_ PVOID Bcb,
8857 _In_ ERESOURCE_THREAD ResourceThreadId);
8858
8859 NTKERNELAPI
8860 VOID
8861 NTAPI
8862 CcSetAdditionalCacheAttributes(
8863 _In_ PFILE_OBJECT FileObject,
8864 _In_ BOOLEAN DisableReadAhead,
8865 _In_ BOOLEAN DisableWriteBehind);
8866
8867 NTKERNELAPI
8868 BOOLEAN
8869 NTAPI
8870 CcIsThereDirtyData(
8871 _In_ PVPB Vpb);
8872
8873 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
8874
8875 #if (NTDDI_VERSION >= NTDDI_WINXP)
8876
8877 NTKERNELAPI
8878 VOID
8879 NTAPI
8880 CcMdlWriteAbort(
8881 _In_ PFILE_OBJECT FileObject,
8882 _In_ PMDL MdlChain);
8883
8884 NTKERNELAPI
8885 VOID
8886 NTAPI
8887 CcSetLogHandleForFile(
8888 _In_ PFILE_OBJECT FileObject,
8889 _In_ PVOID LogHandle,
8890 _In_ PFLUSH_TO_LSN FlushToLsnRoutine);
8891
8892 NTKERNELAPI
8893 LARGE_INTEGER
8894 NTAPI
8895 CcGetDirtyPages(
8896 _In_ PVOID LogHandle,
8897 _In_ PDIRTY_PAGE_ROUTINE DirtyPageRoutine,
8898 _In_ PVOID Context1,
8899 _In_ PVOID Context2);
8900
8901 #endif
8902
8903 #if (NTDDI_VERSION >= NTDDI_WINXP)
8904 _Success_(return!=FALSE)
8905 NTKERNELAPI
8906 BOOLEAN
8907 NTAPI
8908 CcMapData(
8909 _In_ PFILE_OBJECT FileObject,
8910 _In_ PLARGE_INTEGER FileOffset,
8911 _In_ ULONG Length,
8912 _In_ ULONG Flags,
8913 _Outptr_ PVOID *Bcb,
8914 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8915 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8916 NTKERNELAPI
8917 BOOLEAN
8918 NTAPI
8919 CcMapData(
8920 _In_ PFILE_OBJECT FileObject,
8921 _In_ PLARGE_INTEGER FileOffset,
8922 _In_ ULONG Length,
8923 _In_ BOOLEAN Wait,
8924 _Outptr_ PVOID *Bcb,
8925 _Outptr_result_bytebuffer_(Length) PVOID *Buffer);
8926 #endif
8927
8928 #if (NTDDI_VERSION >= NTDDI_VISTA)
8929
8930 NTKERNELAPI
8931 NTSTATUS
8932 NTAPI
8933 CcSetFileSizesEx(
8934 _In_ PFILE_OBJECT FileObject,
8935 _In_ PCC_FILE_SIZES FileSizes);
8936
8937 NTKERNELAPI
8938 PFILE_OBJECT
8939 NTAPI
8940 CcGetFileObjectFromSectionPtrsRef(
8941 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer);
8942
8943 NTKERNELAPI
8944 VOID
8945 NTAPI
8946 CcSetParallelFlushFile(
8947 _In_ PFILE_OBJECT FileObject,
8948 _In_ BOOLEAN EnableParallelFlush);
8949
8950 NTKERNELAPI
8951 BOOLEAN
8952 CcIsThereDirtyDataEx(
8953 _In_ PVPB Vpb,
8954 _In_opt_ PULONG NumberOfDirtyPages);
8955
8956 #endif
8957
8958 #if (NTDDI_VERSION >= NTDDI_WIN7)
8959 NTKERNELAPI
8960 VOID
8961 NTAPI
8962 CcCoherencyFlushAndPurgeCache(
8963 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8964 _In_opt_ PLARGE_INTEGER FileOffset,
8965 _In_ ULONG Length,
8966 _Out_ PIO_STATUS_BLOCK IoStatus,
8967 _In_opt_ ULONG Flags);
8968 #endif
8969
8970 #define CcGetFileSizePointer(FO) ( \
8971 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
8972 )
8973
8974 #if (NTDDI_VERSION >= NTDDI_VISTA)
8975 NTKERNELAPI
8976 BOOLEAN
8977 NTAPI
8978 CcPurgeCacheSection(
8979 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8980 _In_opt_ PLARGE_INTEGER FileOffset,
8981 _In_ ULONG Length,
8982 _In_ ULONG Flags);
8983 #elif (NTDDI_VERSION >= NTDDI_WIN2K)
8984 NTKERNELAPI
8985 BOOLEAN
8986 NTAPI
8987 CcPurgeCacheSection(
8988 _In_ PSECTION_OBJECT_POINTERS SectionObjectPointer,
8989 _In_opt_ PLARGE_INTEGER FileOffset,
8990 _In_ ULONG Length,
8991 _In_ BOOLEAN UninitializeCacheMaps);
8992 #endif
8993
8994 #if (NTDDI_VERSION >= NTDDI_WIN7)
8995 NTKERNELAPI
8996 BOOLEAN
8997 NTAPI
8998 CcCopyWriteWontFlush(
8999 _In_ PFILE_OBJECT FileObject,
9000 _In_ PLARGE_INTEGER FileOffset,
9001 _In_ ULONG Length);
9002 #else
9003 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
9004 #endif
9005
9006 #define CcReadAhead(FO, FOFF, LEN) ( \
9007 if ((LEN) >= 256) { \
9008 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
9009 } \
9010 )
9011 /******************************************************************************
9012 * ZwXxx Functions *
9013 ******************************************************************************/
9014
9015
9016
9017 _IRQL_requires_max_(PASSIVE_LEVEL)
9018 NTSYSAPI
9019 NTSTATUS
9020 NTAPI
9021 ZwQueryEaFile(
9022 _In_ HANDLE FileHandle,
9023 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9024 _Out_writes_bytes_(Length) PVOID Buffer,
9025 _In_ ULONG Length,
9026 _In_ BOOLEAN ReturnSingleEntry,
9027 _In_reads_bytes_opt_(EaListLength) PVOID EaList,
9028 _In_ ULONG EaListLength,
9029 _In_opt_ PULONG EaIndex,
9030 _In_ BOOLEAN RestartScan);
9031
9032 _IRQL_requires_max_(PASSIVE_LEVEL)
9033 NTSYSAPI
9034 NTSTATUS
9035 NTAPI
9036 ZwSetEaFile(
9037 _In_ HANDLE FileHandle,
9038 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9039 _In_reads_bytes_(Length) PVOID Buffer,
9040 _In_ ULONG Length);
9041
9042 _IRQL_requires_max_(PASSIVE_LEVEL)
9043 NTSYSAPI
9044 NTSTATUS
9045 NTAPI
9046 ZwDuplicateToken(
9047 _In_ HANDLE ExistingTokenHandle,
9048 _In_ ACCESS_MASK DesiredAccess,
9049 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
9050 _In_ BOOLEAN EffectiveOnly,
9051 _In_ TOKEN_TYPE TokenType,
9052 _Out_ PHANDLE NewTokenHandle);
9053
9054 #if (NTDDI_VERSION >= NTDDI_WIN2K)
9055
9056 _IRQL_requires_max_(PASSIVE_LEVEL)
9057 NTSYSAPI
9058 NTSTATUS
9059 NTAPI
9060 ZwQueryObject(
9061 _In_opt_ HANDLE Handle,
9062 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
9063 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
9064 _In_ ULONG ObjectInformationLength,
9065 _Out_opt_ PULONG ReturnLength);
9066
9067 _IRQL_requires_max_(PASSIVE_LEVEL)
9068 NTSYSAPI
9069 NTSTATUS
9070 NTAPI
9071 ZwNotifyChangeKey(
9072 _In_ HANDLE KeyHandle,
9073 _In_opt_ HANDLE EventHandle,
9074 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9075 _In_opt_ PVOID ApcContext,
9076 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9077 _In_ ULONG NotifyFilter,
9078 _In_ BOOLEAN WatchSubtree,
9079 _Out_writes_bytes_opt_(BufferLength) PVOID Buffer,
9080 _In_ ULONG BufferLength,
9081 _In_ BOOLEAN Asynchronous);
9082
9083 _IRQL_requires_max_(PASSIVE_LEVEL)
9084 NTSYSAPI
9085 NTSTATUS
9086 NTAPI
9087 ZwCreateEvent(
9088 _Out_ PHANDLE EventHandle,
9089 _In_ ACCESS_MASK DesiredAccess,
9090 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
9091 _In_ EVENT_TYPE EventType,
9092 _In_ BOOLEAN InitialState);
9093
9094 _IRQL_requires_max_(PASSIVE_LEVEL)
9095 NTSYSAPI
9096 NTSTATUS
9097 NTAPI
9098 ZwDeleteFile(
9099 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
9100
9101 _IRQL_requires_max_(PASSIVE_LEVEL)
9102 NTSYSAPI
9103 NTSTATUS
9104 NTAPI
9105 ZwQueryDirectoryFile(
9106 _In_ HANDLE FileHandle,
9107 _In_opt_ HANDLE Event,
9108 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9109 _In_opt_ PVOID ApcContext,
9110 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9111 _Out_writes_bytes_(Length) PVOID FileInformation,
9112 _In_ ULONG Length,
9113 _In_ FILE_INFORMATION_CLASS FileInformationClass,
9114 _In_ BOOLEAN ReturnSingleEntry,
9115 _In_opt_ PUNICODE_STRING FileName,
9116 _In_ BOOLEAN RestartScan);
9117
9118 _IRQL_requires_max_(PASSIVE_LEVEL)
9119 NTSYSAPI
9120 NTSTATUS
9121 NTAPI
9122 ZwSetVolumeInformationFile(
9123 _In_ HANDLE FileHandle,
9124 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9125 _In_reads_bytes_(Length) PVOID FsInformation,
9126 _In_ ULONG Length,
9127 _In_ FS_INFORMATION_CLASS FsInformationClass);
9128
9129 _IRQL_requires_max_(PASSIVE_LEVEL)
9130 NTSYSAPI
9131 NTSTATUS
9132 NTAPI
9133 ZwFsControlFile(
9134 _In_ HANDLE FileHandle,
9135 _In_opt_ HANDLE Event,
9136 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9137 _In_opt_ PVOID ApcContext,
9138 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9139 _In_ ULONG FsControlCode,
9140 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
9141 _In_ ULONG InputBufferLength,
9142 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
9143 _In_ ULONG OutputBufferLength);
9144
9145 _IRQL_requires_max_(PASSIVE_LEVEL)
9146 NTSYSAPI
9147 NTSTATUS
9148 NTAPI
9149 ZwDuplicateObject(
9150 _In_ HANDLE SourceProcessHandle,
9151 _In_ HANDLE SourceHandle,
9152 _In_opt_ HANDLE TargetProcessHandle,
9153 _Out_opt_ PHANDLE TargetHandle,
9154 _In_ ACCESS_MASK DesiredAccess,
9155 _In_ ULONG HandleAttributes,
9156 _In_ ULONG Options);
9157
9158 _IRQL_requires_max_(PASSIVE_LEVEL)
9159 NTSYSAPI
9160 NTSTATUS
9161 NTAPI
9162 ZwOpenDirectoryObject(
9163 _Out_ PHANDLE DirectoryHandle,
9164 _In_ ACCESS_MASK DesiredAccess,
9165 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
9166
9167 _Must_inspect_result_
9168 _At_(*BaseAddress, __drv_allocatesMem(Mem))
9169 __kernel_entry
9170 NTSYSAPI
9171 NTSTATUS
9172 NTAPI
9173 ZwAllocateVirtualMemory(
9174 _In_ HANDLE ProcessHandle,
9175 _Inout_ _Outptr_result_buffer_(*RegionSize) PVOID *BaseAddress,
9176 _In_ ULONG_PTR ZeroBits,
9177 _Inout_ PSIZE_T RegionSize,
9178 _In_ ULONG AllocationType,
9179 _In_ ULONG Protect);
9180
9181 _IRQL_requires_max_(PASSIVE_LEVEL)
9182 NTSYSAPI
9183 NTSTATUS
9184 NTAPI
9185 ZwFreeVirtualMemory(
9186 _In_ HANDLE ProcessHandle,
9187 _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
9188 _Inout_ PSIZE_T RegionSize,
9189 _In_ ULONG FreeType);
9190
9191 _When_(Timeout == NULL, _IRQL_requires_max_(APC_LEVEL))
9192 _When_(Timeout->QuadPart != 0, _IRQL_requires_max_(APC_LEVEL))
9193 _When_(Timeout->QuadPart == 0, _IRQL_requires_max_(DISPATCH_LEVEL))
9194 NTSYSAPI
9195 NTSTATUS
9196 NTAPI
9197 ZwWaitForSingleObject(
9198 _In_ HANDLE Handle,
9199 _In_ BOOLEAN Alertable,
9200 _In_opt_ PLARGE_INTEGER Timeout);
9201
9202 _IRQL_requires_max_(DISPATCH_LEVEL)
9203 NTSYSAPI
9204 NTSTATUS
9205 NTAPI
9206 ZwSetEvent(
9207 _In_ HANDLE EventHandle,
9208 _Out_opt_ PLONG PreviousState);
9209
9210 _IRQL_requires_max_(APC_LEVEL)
9211 NTSYSAPI
9212 NTSTATUS
9213 NTAPI
9214 ZwFlushVirtualMemory(
9215 _In_ HANDLE ProcessHandle,
9216 _Inout_ PVOID *BaseAddress,
9217 _Inout_ PSIZE_T RegionSize,
9218 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
9219
9220 _IRQL_requires_max_(PASSIVE_LEVEL)
9221 NTSYSAPI
9222 NTSTATUS
9223 NTAPI
9224 ZwQueryInformationToken(
9225 _In_ HANDLE TokenHandle,
9226 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
9227 _Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
9228 _In_ ULONG Length,
9229 _Out_ PULONG ResultLength);
9230
9231 _IRQL_requires_max_(PASSIVE_LEVEL)
9232 NTSYSAPI
9233 NTSTATUS
9234 NTAPI
9235 ZwSetSecurityObject(
9236 _In_ HANDLE Handle,
9237 _In_ SECURITY_INFORMATION SecurityInformation,
9238 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
9239
9240 _IRQL_requires_max_(PASSIVE_LEVEL)
9241 NTSYSAPI
9242 NTSTATUS
9243 NTAPI
9244 ZwQuerySecurityObject(
9245 _In_ HANDLE FileHandle,
9246 _In_ SECURITY_INFORMATION SecurityInformation,
9247 _Out_writes_bytes_to_(Length,*ResultLength) PSECURITY_DESCRIPTOR SecurityDescriptor,
9248 _In_ ULONG Length,
9249 _Out_ PULONG ResultLength);
9250 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
9251
9252 #if (NTDDI_VERSION >= NTDDI_WINXP)
9253
9254 _IRQL_requires_max_(PASSIVE_LEVEL)
9255 NTSYSAPI
9256 NTSTATUS
9257 NTAPI
9258 ZwOpenProcessTokenEx(
9259 _In_ HANDLE ProcessHandle,
9260 _In_ ACCESS_MASK DesiredAccess,
9261 _In_ ULONG HandleAttributes,
9262 _Out_ PHANDLE TokenHandle);
9263
9264 _IRQL_requires_max_(PASSIVE_LEVEL)
9265 NTSYSAPI
9266 NTSTATUS
9267 NTAPI
9268 ZwOpenThreadTokenEx(
9269 _In_ HANDLE ThreadHandle,
9270 _In_ ACCESS_MASK DesiredAccess,
9271 _In_ BOOLEAN OpenAsSelf,
9272 _In_ ULONG HandleAttributes,
9273 _Out_ PHANDLE TokenHandle);
9274
9275 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
9276
9277 #if (NTDDI_VERSION >= NTDDI_VISTA)
9278
9279 _IRQL_requires_max_(PASSIVE_LEVEL)
9280 NTSYSAPI
9281 NTSTATUS
9282 NTAPI
9283 ZwLockFile(
9284 _In_ HANDLE FileHandle,
9285 _In_opt_ HANDLE Event,
9286 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
9287 _In_opt_ PVOID ApcContext,
9288 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9289 _In_ PLARGE_INTEGER ByteOffset,
9290 _In_ PLARGE_INTEGER Length,
9291 _In_ ULONG Key,
9292 _In_ BOOLEAN FailImmediately,
9293 _In_ BOOLEAN ExclusiveLock);
9294
9295 _IRQL_requires_max_(PASSIVE_LEVEL)
9296 NTSYSAPI
9297 NTSTATUS
9298 NTAPI
9299 ZwUnlockFile(
9300 _In_ HANDLE FileHandle,
9301 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9302 _In_ PLARGE_INTEGER ByteOffset,
9303 _In_ PLARGE_INTEGER Length,
9304 _In_ ULONG Key);
9305
9306 _IRQL_requires_max_(PASSIVE_LEVEL)
9307 NTSYSAPI
9308 NTSTATUS
9309 NTAPI
9310 ZwQueryQuotaInformationFile(
9311 _In_ HANDLE FileHandle,
9312 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9313 _Out_writes_bytes_(Length) PVOID Buffer,
9314 _In_ ULONG Length,
9315 _In_ BOOLEAN ReturnSingleEntry,
9316 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
9317 _In_ ULONG SidListLength,
9318 _In_opt_ PSID StartSid,
9319 _In_ BOOLEAN RestartScan);
9320
9321 _IRQL_requires_max_(PASSIVE_LEVEL)
9322 NTSYSAPI
9323 NTSTATUS
9324 NTAPI
9325 ZwSetQuotaInformationFile(
9326 _In_ HANDLE FileHandle,
9327 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
9328 _In_reads_bytes_(Length) PVOID Buffer,
9329 _In_ ULONG Length);
9330
9331 _IRQL_requires_max_(PASSIVE_LEVEL)
9332 NTSYSAPI
9333 NTSTATUS
9334 NTAPI
9335 ZwFlushBuffersFile(
9336 _In_ HANDLE FileHandle,
9337 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
9338 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
9339 #if (NTDDI_VERSION >= NTDDI_WIN7)
9340
9341 _IRQL_requires_max_(PASSIVE_LEVEL)
9342 NTSYSAPI
9343 NTSTATUS
9344 NTAPI
9345 ZwSetInformationToken(
9346 _In_ HANDLE TokenHandle,
9347 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
9348 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
9349 _In_ ULONG TokenInformationLength);
9350
9351 #if (VER_PRODUCTBUILD >= 2195)
9352 NTSYSAPI
9353 NTSTATUS
9354 NTAPI
9355 ZwAdjustPrivilegesToken (
9356 _In_ HANDLE TokenHandle,
9357 _In_ BOOLEAN DisableAllPrivileges,
9358 _In_ PTOKEN_PRIVILEGES NewState,
9359 _In_ ULONG BufferLength,
9360 _Out_opt_ PTOKEN_PRIVILEGES PreviousState,
9361 _Out_ PULONG ReturnLength
9362 );
9363 #endif /* (VER_PRODUCTBUILD >= 2195) */
9364
9365 NTSYSAPI
9366 NTSTATUS
9367 NTAPI
9368 ZwAlertThread (
9369 _In_ HANDLE ThreadHandle
9370 );
9371
9372 NTSYSAPI
9373 NTSTATUS
9374 NTAPI
9375 ZwAccessCheckAndAuditAlarm (
9376 _In_ PUNICODE_STRING SubsystemName,
9377 _In_ PVOID HandleId,
9378 _In_ PUNICODE_STRING ObjectTypeName,
9379 _In_ PUNICODE_STRING ObjectName,
9380 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
9381 _In_ ACCESS_MASK DesiredAccess,
9382 _In_ PGENERIC_MAPPING GenericMapping,
9383 _In_ BOOLEAN ObjectCreation,
9384 _Out_ PACCESS_MASK GrantedAccess,
9385 _Out_ PBOOLEAN AccessStatus,
9386 _Out_ PBOOLEAN GenerateOnClose
9387 );
9388
9389 #if (VER_PRODUCTBUILD >= 2195)
9390 NTSYSAPI
9391 NTSTATUS
9392 NTAPI
9393 ZwCancelIoFile (
9394 _In_ HANDLE FileHandle,
9395 _Out_ PIO_STATUS_BLOCK IoStatusBlock
9396 );
9397 #endif /* (VER_PRODUCTBUILD >= 2195) */
9398
9399 NTSYSAPI
9400 NTSTATUS
9401 NTAPI
9402 ZwClearEvent (
9403 _In_ HANDLE EventHandle
9404 );
9405
9406 NTSYSAPI
9407 NTSTATUS
9408 NTAPI
9409 ZwCloseObjectAuditAlarm (
9410 _In_ PUNICODE_STRING SubsystemName,
9411 _In_ PVOID HandleId,
9412 _In_ BOOLEAN GenerateOnClose
9413 );
9414
9415 NTSYSAPI
9416 NTSTATUS
9417 NTAPI
9418 ZwCreateSymbolicLinkObject (
9419 _Out_ PHANDLE SymbolicLinkHandle,
9420 _In_ ACCESS_MASK DesiredAccess,
9421 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
9422 _In_ PUNICODE_STRING TargetName
9423 );
9424
9425 NTSYSAPI
9426 NTSTATUS
9427 NTAPI
9428 ZwFlushInstructionCache (
9429 _In_ HANDLE ProcessHandle,
9430 _In_opt_ PVOID BaseAddress,
9431 _In_ ULONG FlushSize
9432 );
9433
9434 NTSYSAPI
9435 NTSTATUS
9436 NTAPI
9437 ZwFlushBuffersFile(
9438 _In_ HANDLE FileHandle,
9439 _Out_ PIO_STATUS_BLOCK IoStatusBlock
9440 );
9441
9442 #if (VER_PRODUCTBUILD >= 2195)
9443 NTSYSAPI
9444 NTSTATUS
9445 NTAPI
9446 ZwInitiatePowerAction (
9447 _In_ POWER_ACTION SystemAction,
9448 _In_ SYSTEM_POWER_STATE MinSystemState,
9449 _In_ ULONG Flags,
9450 _In_ BOOLEAN Asynchronous
9451 );
9452 #endif /* (VER_PRODUCTBUILD >= 2195) */
9453
9454 NTSYSAPI
9455 NTSTATUS
9456 NTAPI
9457 ZwLoadKey (
9458 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes,
9459 _In_ POBJECT_ATTRIBUTES FileObjectAttributes
9460 );
9461
9462 NTSYSAPI
9463 NTSTATUS
9464 NTAPI
9465 ZwOpenProcessToken (
9466 _In_ HANDLE ProcessHandle,
9467 _In_ ACCESS_MASK DesiredAccess,
9468 _Out_ PHANDLE TokenHandle
9469 );
9470
9471 NTSYSAPI
9472 NTSTATUS
9473 NTAPI
9474 ZwOpenThread (
9475 _Out_ PHANDLE ThreadHandle,
9476 _In_ ACCESS_MASK DesiredAccess,
9477 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
9478 _In_ PCLIENT_ID ClientId
9479 );
9480
9481 NTSYSAPI
9482 NTSTATUS
9483 NTAPI
9484 ZwOpenThreadToken (
9485 _In_ HANDLE ThreadHandle,
9486 _In_ ACCESS_MASK DesiredAccess,
9487 _In_ BOOLEAN OpenAsSelf,
9488 _Out_ PHANDLE TokenHandle
9489 );
9490
9491 NTSYSAPI
9492 NTSTATUS
9493 NTAPI
9494 ZwPulseEvent (
9495 _In_ HANDLE EventHandle,
9496 _In_opt_ PLONG PulseCount
9497 );
9498
9499 NTSYSAPI
9500 NTSTATUS
9501 NTAPI
9502 ZwQueryDefaultLocale (
9503 _In_ BOOLEAN UserProfile,
9504 _Out_ PLCID DefaultLocaleId
9505 );
9506
9507 #if (VER_PRODUCTBUILD >= 2195)
9508 _IRQL_requires_max_(PASSIVE_LEVEL)
9509 NTSYSAPI
9510 NTSTATUS
9511 NTAPI
9512 ZwQueryDirectoryObject(
9513 _In_ HANDLE DirectoryHandle,
9514 _Out_ PVOID Buffer,
9515 _In_ ULONG BufferLength,
9516 _In_ BOOLEAN ReturnSingleEntry,
9517 _In_ BOOLEAN RestartScan,
9518 _Inout_ PULONG Context,
9519 _Out_opt_ PULONG ReturnLength
9520 );
9521 #endif /* (VER_PRODUCTBUILD >= 2195) */
9522
9523 NTSYSAPI
9524 NTSTATUS
9525 NTAPI
9526 ZwQueryInformationProcess (
9527 _In_ HANDLE ProcessHandle,
9528 _In_ PROCESSINFOCLASS ProcessInformationClass,
9529 _Out_ PVOID ProcessInformation,
9530 _In_ ULONG ProcessInformationLength,
9531 _Out_opt_ PULONG ReturnLength
9532 );
9533
9534 NTSYSAPI
9535 NTSTATUS
9536 NTAPI
9537 ZwReplaceKey (
9538 _In_ POBJECT_ATTRIBUTES NewFileObjectAttributes,
9539 _In_ HANDLE KeyHandle,
9540 _In_ POBJECT_ATTRIBUTES OldFileObjectAttributes
9541 );
9542
9543 NTSYSAPI
9544 NTSTATUS
9545 NTAPI
9546 ZwResetEvent (
9547 _In_ HANDLE EventHandle,
9548 _Out_opt_ PLONG NumberOfWaitingThreads
9549 );
9550
9551 #if (VER_PRODUCTBUILD >= 2195)
9552 NTSYSAPI
9553 NTSTATUS
9554 NTAPI
9555 ZwRestoreKey (
9556 _In_ HANDLE KeyHandle,
9557 _In_ HANDLE FileHandle,
9558 _In_ ULONG Flags
9559 );
9560 #endif /* (VER_PRODUCTBUILD >= 2195) */
9561
9562 NTSYSAPI
9563 NTSTATUS
9564 NTAPI
9565 ZwSaveKey (
9566 _In_ HANDLE KeyHandle,
9567 _In_ HANDLE FileHandle
9568 );
9569
9570 NTSYSAPI
9571 NTSTATUS
9572 NTAPI
9573 ZwSetDefaultLocale (
9574 _In_ BOOLEAN UserProfile,
9575 _In_ LCID DefaultLocaleId
9576 );
9577
9578 #if (VER_PRODUCTBUILD >= 2195)
9579 NTSYSAPI
9580 NTSTATUS
9581 NTAPI
9582 ZwSetDefaultUILanguage (
9583 _In_ LANGID LanguageId
9584 );
9585 #endif /* (VER_PRODUCTBUILD >= 2195) */
9586
9587 NTSYSAPI
9588 NTSTATUS
9589 NTAPI
9590 ZwSetInformationProcess (
9591 _In_ HANDLE ProcessHandle,
9592 _In_ PROCESSINFOCLASS ProcessInformationClass,
9593 _In_ PVOID ProcessInformation,
9594 _In_ ULONG ProcessInformationLength
9595 );
9596
9597 NTSYSAPI
9598 NTSTATUS
9599 NTAPI
9600 ZwSetSystemTime (
9601 _In_ PLARGE_INTEGER NewTime,
9602 _Out_opt_ PLARGE_INTEGER OldTime
9603 );
9604
9605 NTSYSAPI
9606 NTSTATUS
9607 NTAPI
9608 ZwUnloadKey (
9609 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes
9610 );
9611
9612 NTSYSAPI
9613 NTSTATUS
9614 NTAPI
9615 ZwWaitForMultipleObjects (
9616 _In_ ULONG HandleCount,
9617 _In_ PHANDLE Handles,
9618 _In_ WAIT_TYPE WaitType,
9619 _In_ BOOLEAN Alertable,
9620 _In_opt_ PLARGE_INTEGER Timeout
9621 );
9622
9623 NTSYSAPI
9624 NTSTATUS
9625 NTAPI
9626 ZwYieldExecution (
9627 VOID
9628 );
9629
9630 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
9631
9632 #ifndef __SSPI_H__
9633 #define __SSPI_H__
9634
9635 // for ntifs.h:
9636 #define ISSP_LEVEL 32
9637 #define ISSP_MODE 0
9638
9639 #ifdef MIDL_PASS
9640 #define MIDL_PROP(x) x
9641 #else
9642 #define MIDL_PROP(x)
9643 #endif
9644
9645 #define SEC_TEXT TEXT
9646 #define SEC_FAR
9647 #define SEC_ENTRY __stdcall
9648
9649 #if defined(_NO_KSECDD_IMPORT_)
9650 #define KSECDDDECLSPEC
9651 #else
9652 #define KSECDDDECLSPEC __declspec(dllimport)
9653 #endif
9654
9655 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
9656 #define SECQOP_WRAP_OOB_DATA 0x40000000
9657
9658 #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")
9659 #define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW
9660
9661 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
9662 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2
9663 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3
9664 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4
9665
9666 #define SECURITY_NATIVE_DREP 0x00000010
9667 #define SECURITY_NETWORK_DREP 0x00000000
9668
9669 #define SECPKG_ID_NONE 0xFFFF
9670
9671 #define SECPKG_CRED_ATTR_NAMES 1
9672 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
9673
9674 #define SECPKG_ATTR_SIZES 0
9675 #define SECPKG_ATTR_NAMES 1
9676 #define SECPKG_ATTR_LIFESPAN 2
9677 #define SECPKG_ATTR_DCE_INFO 3
9678 #define SECPKG_ATTR_STREAM_SIZES 4
9679 #define SECPKG_ATTR_KEY_INFO 5
9680 #define SECPKG_ATTR_AUTHORITY 6
9681 #define SECPKG_ATTR_PROTO_INFO 7
9682 #define SECPKG_ATTR_PASSWORD_EXPIRY 8
9683 #define SECPKG_ATTR_SESSION_KEY 9
9684 #define SECPKG_ATTR_PACKAGE_INFO 10
9685 #define SECPKG_ATTR_USER_FLAGS 11
9686 #define SECPKG_ATTR_NEGOTIATION_INFO 12
9687 #define SECPKG_ATTR_NATIVE_NAMES 13
9688 #define SECPKG_ATTR_FLAGS 14
9689 #define SECPKG_ATTR_USE_VALIDATED 15
9690 #define SECPKG_ATTR_CREDENTIAL_NAME 16
9691 #define SECPKG_ATTR_TARGET_INFORMATION 17
9692 #define SECPKG_ATTR_ACCESS_TOKEN 18
9693 #define SECPKG_ATTR_TARGET 19
9694 #define SECPKG_ATTR_AUTHENTICATION_ID 20
9695 #define SECPKG_ATTR_LOGOFF_TIME 21
9696 #define SECPKG_ATTR_NEGO_KEYS 22
9697 #define SECPKG_ATTR_PROMPTING_NEEDED 24
9698 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
9699 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
9700 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
9701 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
9702 #define SECPKG_ATTR_NEGO_PKG_INFO 31
9703 #define SECPKG_ATTR_NEGO_STATUS 32
9704 #define SECPKG_ATTR_CONTEXT_DELETED 33
9705
9706 #define SECPKG_FLAG_INTEGRITY 0x00000001
9707 #define SECPKG_FLAG_PRIVACY 0x00000002
9708 #define SECPKG_FLAG_TOKEN_ONLY 0x00000004
9709 #define SECPKG_FLAG_DATAGRAM 0x00000008
9710 #define SECPKG_FLAG_CONNECTION 0x00000010
9711 #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
9712 #define SECPKG_FLAG_CLIENT_ONLY 0x00000040
9713 #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
9714 #define SECPKG_FLAG_IMPERSONATION 0x00000100
9715 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
9716 #define SECPKG_FLAG_STREAM 0x00000400
9717 #define SECPKG_FLAG_NEGOTIABLE 0x00000800
9718 #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
9719 #define SECPKG_FLAG_LOGON 0x00002000
9720 #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
9721 #define SECPKG_FLAG_FRAGMENT 0x00008000
9722 #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
9723 #define SECPKG_FLAG_DELEGATION 0x00020000
9724 #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
9725 #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
9726 #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
9727 #define SECPKG_FLAG_NEGOTIABLE2 0x00200000
9728
9729 #define SECPKG_CRED_INBOUND 0x00000001
9730 #define SECPKG_CRED_OUTBOUND 0x00000002
9731 #define SECPKG_CRED_BOTH 0x00000003
9732 #define SECPKG_CRED_DEFAULT 0x00000004
9733 #define SECPKG_CRED_RESERVED 0xF0000000
9734 #define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
9735 #define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
9736
9737 #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001
9738 #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002
9739 #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004
9740
9741 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
9742 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
9743 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
9744
9745 #define SecPkgContext_NativeNames SecPkgContext_NativeNamesW
9746 #define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW
9747
9748 #define SECBUFFER_VERSION 0
9749
9750 #define SECBUFFER_EMPTY 0
9751 #define SECBUFFER_DATA 1
9752 #define SECBUFFER_TOKEN 2
9753 #define SECBUFFER_PKG_PARAMS 3
9754 #define SECBUFFER_MISSING 4
9755 #define SECBUFFER_EXTRA 5
9756 #define SECBUFFER_STREAM_TRAILER 6
9757 #define SECBUFFER_STREAM_HEADER 7
9758 #define SECBUFFER_NEGOTIATION_INFO 8
9759 #define SECBUFFER_PADDING 9
9760 #define SECBUFFER_STREAM 10
9761 #define SECBUFFER_MECHLIST 11
9762 #define SECBUFFER_MECHLIST_SIGNATURE 12
9763 #define SECBUFFER_TARGET 13
9764 #define SECBUFFER_CHANNEL_BINDINGS 14
9765 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
9766 #define SECBUFFER_TARGET_HOST 16
9767 #define SECBUFFER_ALERT 17
9768
9769 #define SECBUFFER_ATTRMASK 0xF0000000
9770 #define SECBUFFER_READONLY 0x80000000
9771 #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
9772 #define SECBUFFER_RESERVED 0x60000000
9773
9774 #define ISC_REQ_DELEGATE 0x00000001
9775 #define ISC_REQ_MUTUAL_AUTH 0x00000002
9776 #define ISC_REQ_REPLAY_DETECT 0x00000004
9777 #define ISC_REQ_SEQUENCE_DETECT 0x00000008
9778 #define ISC_REQ_CONFIDENTIALITY 0x00000010
9779 #define ISC_REQ_USE_SESSION_KEY 0x00000020
9780 #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
9781 #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
9782 #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
9783 #define ISC_REQ_USE_DCE_STYLE 0x00000200
9784 #define ISC_REQ_DATAGRAM 0x00000400
9785 #define ISC_REQ_CONNECTION 0x00000800
9786 #define ISC_REQ_CALL_LEVEL 0x00001000
9787 #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
9788 #define ISC_REQ_EXTENDED_ERROR 0x00004000
9789 #define ISC_REQ_STREAM 0x00008000
9790 #define ISC_REQ_INTEGRITY 0x00010000
9791 #define ISC_REQ_IDENTIFY 0x00020000
9792 #define ISC_REQ_NULL_SESSION 0x00040000
9793 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
9794 #define ISC_REQ_RESERVED1 0x00100000
9795 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
9796 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
9797 #define ISC_REQ_NO_INTEGRITY 0x00800000
9798 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
9799
9800 #define ISC_RET_DELEGATE 0x00000001
9801 #define ISC_RET_MUTUAL_AUTH 0x00000002
9802 #define ISC_RET_REPLAY_DETECT 0x00000004
9803 #define ISC_RET_SEQUENCE_DETECT 0x00000008
9804 #define ISC_RET_CONFIDENTIALITY 0x00000010
9805 #define ISC_RET_USE_SESSION_KEY 0x00000020
9806 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
9807 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
9808 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
9809 #define ISC_RET_USED_DCE_STYLE 0x00000200
9810 #define ISC_RET_DATAGRAM 0x00000400
9811 #define ISC_RET_CONNECTION 0x00000800
9812 #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
9813 #define ISC_RET_CALL_LEVEL 0x00002000
9814 #define ISC_RET_EXTENDED_ERROR 0x00004000
9815 #define ISC_RET_STREAM 0x00008000
9816 #define ISC_RET_INTEGRITY 0x00010000
9817 #define ISC_RET_IDENTIFY 0x00020000
9818 #define ISC_RET_NULL_SESSION 0x00040000
9819 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
9820 #define ISC_RET_RESERVED1 0x00100000
9821 #define ISC_RET_FRAGMENT_ONLY 0x00200000
9822 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
9823 #define ISC_RET_USED_HTTP_STYLE 0x01000000
9824 #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9825 #define ISC_RET_REAUTHENTICATION 0x08000000
9826
9827 #define ASC_REQ_DELEGATE 0x00000001
9828 #define ASC_REQ_MUTUAL_AUTH 0x00000002
9829 #define ASC_REQ_REPLAY_DETECT 0x00000004
9830 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
9831 #define ASC_REQ_CONFIDENTIALITY 0x00000010
9832 #define ASC_REQ_USE_SESSION_KEY 0x00000020
9833 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
9834 #define ASC_REQ_USE_DCE_STYLE 0x00000200
9835 #define ASC_REQ_DATAGRAM 0x00000400
9836 #define ASC_REQ_CONNECTION 0x00000800
9837 #define ASC_REQ_CALL_LEVEL 0x00001000
9838 #define ASC_REQ_EXTENDED_ERROR 0x00008000
9839 #define ASC_REQ_STREAM 0x00010000
9840 #define ASC_REQ_INTEGRITY 0x00020000
9841 #define ASC_REQ_LICENSING 0x00040000
9842 #define ASC_REQ_IDENTIFY 0x00080000
9843 #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
9844 #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
9845 #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
9846 #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
9847 #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
9848 #define ASC_REQ_NO_TOKEN 0x01000000
9849 #define ASC_REQ_PROXY_BINDINGS 0x04000000
9850 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9851
9852 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
9853 #define ASC_RET_DELEGATE 0x00000001
9854 #define ASC_RET_MUTUAL_AUTH 0x00000002
9855 #define ASC_RET_REPLAY_DETECT 0x00000004
9856 #define ASC_RET_SEQUENCE_DETECT 0x00000008
9857 #define ASC_RET_CONFIDENTIALITY 0x00000010
9858 #define ASC_RET_USE_SESSION_KEY 0x00000020
9859 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
9860 #define ASC_RET_USED_DCE_STYLE 0x00000200
9861 #define ASC_RET_DATAGRAM 0x00000400
9862 #define ASC_RET_CONNECTION 0x00000800
9863 #define ASC_RET_CALL_LEVEL 0x00002000
9864 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
9865 #define ASC_RET_EXTENDED_ERROR 0x00008000
9866 #define ASC_RET_STREAM 0x00010000
9867 #define ASC_RET_INTEGRITY 0x00020000
9868 #define ASC_RET_LICENSING 0x00040000
9869 #define ASC_RET_IDENTIFY 0x00080000
9870 #define ASC_RET_NULL_SESSION 0x00100000
9871 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
9872 #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
9873 #define ASC_RET_FRAGMENT_ONLY 0x00800000
9874 #define ASC_RET_NO_TOKEN 0x01000000
9875 #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000
9876 #define ASC_RET_NO_PROXY_BINDINGS 0x04000000
9877 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
9878 #define ASC_RET_MISSING_BINDINGS 0x10000000
9879
9880 #define SEC_DELETED_HANDLE ((ULONG_PTR)(-2))
9881
9882 #define SecInvalidateHandle(x) \
9883 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1));
9884
9885 #define SecIsValidHandle(x) \
9886 ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \
9887 ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) )
9888
9889 typedef WCHAR SEC_WCHAR;
9890 typedef CHAR SEC_CHAR;
9891 typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER;
9892 typedef SECURITY_INTEGER TimeStamp, *PTimeStamp;
9893 typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;
9894 #if ISSP_MODE == 0
9895 #define PSSPI_SEC_STRING PSECURITY_STRING
9896 #else
9897 #define PSSPI_SEC_STRING SEC_WCHAR*
9898 #endif
9899
9900 typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE;
9901
9902 #ifndef __SECSTATUS_DEFINED__
9903 typedef LONG SECURITY_STATUS;
9904 #define __SECSTATUS_DEFINED__
9905 #endif
9906
9907 typedef enum _SECPKG_CRED_CLASS
9908 {
9909 SecPkgCredClass_None = 0,
9910 SecPkgCredClass_Ephemeral = 10,
9911 SecPkgCredClass_PersistedGeneric = 20,
9912 SecPkgCredClass_PersistedSpecific = 30,
9913 SecPkgCredClass_Explicit = 40,
9914 } SECPKG_CRED_CLASS, *PSECPKG_CRED_CLASS;
9915
9916 typedef struct _SEC_NEGOTIATION_INFO
9917 {
9918 ULONG Size;
9919 ULONG NameLength;
9920 SEC_WCHAR *Name;
9921 PVOID Reserved;
9922 } SEC_NEGOTIATION_INFO, *PSEC_NEGOTIATION_INFO;
9923
9924 typedef struct _SEC_CHANNEL_BINDINGS
9925 {
9926 ULONG dwInitiatorAddrType;
9927 ULONG cbInitiatorLength;
9928 ULONG dwInitiatorOffset;
9929 ULONG dwAcceptorAddrType;
9930 ULONG cbAcceptorLength;
9931 ULONG dwAcceptorOffset;
9932 ULONG cbApplicationDataLength;
9933 ULONG dwApplicationDataOffset;
9934 } SEC_CHANNEL_BINDINGS, *PSEC_CHANNEL_BINDINGS;
9935
9936 #ifndef _AUTH_IDENTITY_EX2_DEFINED
9937 #define _AUTH_IDENTITY_EX2_DEFINED
9938 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2
9939 {
9940 ULONG Version;
9941 USHORT cbHeaderLength;
9942 ULONG cbStructureLength;
9943 ULONG UserOffset;
9944 USHORT UserLength;
9945 ULONG DomainOffset;
9946 USHORT DomainLength;
9947 ULONG PackedCredentialsOffset;
9948 USHORT PackedCredentialsLength;
9949 ULONG Flags;
9950 ULONG PackageListOffset;
9951 USHORT PackageListLength;
9952 } SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2;
9953 #define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
9954 #endif
9955
9956 #ifndef _AUTH_IDENTITY_DEFINED
9957 #define _AUTH_IDENTITY_DEFINED
9958 typedef struct _SEC_WINNT_AUTH_IDENTITY_W
9959 {
9960 PUSHORT User;
9961 ULONG UserLength;
9962 PUSHORT Domain;
9963 ULONG DomainLength;
9964 PUSHORT Password;
9965 ULONG PasswordLength;
9966 ULONG Flags;
9967 } SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
9968 #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
9969 #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
9970 #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
9971 #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
9972 #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W
9973 #endif
9974
9975 #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
9976 #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
9977 typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW
9978 {
9979 ULONG Version;
9980 ULONG Length;
9981 PUSHORT User;
9982 ULONG UserLength;
9983 PUSHORT Domain;
9984 ULONG DomainLength;
9985 PUSHORT Password;
9986 ULONG PasswordLength;
9987 ULONG Flags;
9988 PUSHORT PackageList;
9989 ULONG PackageListLength;
9990 } SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
9991 #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
9992 #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
9993 #endif
9994
9995 #ifndef __SECHANDLE_DEFINED__
9996 typedef struct _SecHandle
9997 {
9998 ULONG_PTR dwLower;
9999 ULONG_PTR dwUpper;
10000 } SecHandle, *PSecHandle;
10001 #define __SECHANDLE_DEFINED__
10002 #endif
10003
10004 typedef SecHandle CredHandle, *PCredHandle, CtxtHandle, *PCtxtHandle;
10005
10006 typedef struct _SecBuffer
10007 {
10008 ULONG cbBuffer;
10009 ULONG BufferType;
10010 #ifdef MIDL_PASS
10011 MIDL_PROP([size_is(cbBuffer)]) PCHAR pvBuffer;
10012 #else
10013 __field_bcount(cbBuffer) void SEC_FAR *pvBuffer;
10014 #endif
10015 } SecBuffer, *PSecBuffer;
10016
10017 typedef struct _SecBufferDesc
10018 {
10019 ULONG ulVersion;
10020 ULONG cBuffers;
10021 MIDL_PROP([size_is(cBuffers)]) __field_ecount(cBuffers) PSecBuffer pBuffers;
10022 } SecBufferDesc, SEC_FAR *PSecBufferDesc;
10023
10024 typedef struct _SecPkgInfoW
10025 {
10026 ULONG fCapabilities;
10027 USHORT wVersion;
10028 USHORT wRPCID;
10029 ULONG cbMaxToken;
10030 MIDL_PROP([string]) SEC_WCHAR *Name;
10031 MIDL_PROP([string]) SEC_WCHAR *Comment;
10032 } SecPkgInfoW, *PSecPkgInfoW;
10033 #define SecPkgInfo SecPkgInfoW
10034 #define PSecPkgInfo PSecPkgInfoW
10035
10036 typedef struct _SecPkgCredentials_NamesW
10037 {
10038 MIDL_PROP([string]) SEC_WCHAR *sUserName;
10039 } SecPkgCredentials_NamesW, *PSecPkgCredentials_NamesW;
10040 #define SecPkgCredentials_Names SecPkgCredentials_NamesW
10041 #define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
10042
10043 typedef struct _SecPkgContext_NamesW
10044 {
10045 SEC_WCHAR *sUserName;
10046 } SecPkgContext_NamesW, *PSecPkgContext_NamesW;
10047 #define SecPkgContext_Names SecPkgContext_NamesW
10048 #define PSecPkgContext_Names PSecPkgContext_NamesW
10049
10050 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10051 typedef struct _SecPkgContext_CredentialNameW
10052 {
10053 ULONG CredentialType;
10054 SEC_WCHAR *sCredentialName;
10055 } SecPkgContext_CredentialNameW, *PSecPkgContext_CredentialNameW;
10056 #endif
10057 #define SecPkgContext_CredentialName SecPkgContext_CredentialNameW
10058 #define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW
10059
10060 typedef struct _SecPkgContext_SubjectAttributes
10061 {
10062 PVOID AttributeInfo;
10063 } SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes;
10064
10065 typedef struct _SecPkgContext_CredInfo
10066 {
10067 SECPKG_CRED_CLASS CredClass;
10068 ULONG IsPromptingNeeded;
10069 } SecPkgContext_CredInfo, *PSecPkgContext_CredInfo;
10070
10071 typedef struct _SecPkgContext_NegoPackageInfo
10072 {
10073 ULONG PackageMask;
10074 } SecPkgContext_NegoPackageInfo, *PSecPkgContext_NegoPackageInfo;
10075
10076 typedef struct _SecPkgContext_NegoStatus
10077 {
10078 ULONG LastStatus;
10079 } SecPkgContext_NegoStatus, *PSecPkgContext_NegoStatus;
10080
10081 typedef struct _SecPkgContext_Sizes
10082 {
10083 ULONG cbMaxToken;
10084 ULONG cbMaxSignature;
10085 ULONG cbBlockSize;
10086 ULONG cbSecurityTrailer;
10087 } SecPkgContext_Sizes, *PSecPkgContext_Sizes;
10088
10089 typedef struct _SecPkgContext_StreamSizes
10090 {
10091 ULONG cbHeader;
10092 ULONG cbTrailer;
10093 ULONG cbMaximumMessage;
10094 ULONG cBuffers;
10095 ULONG cbBlockSize;
10096 } SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes;
10097
10098 typedef struct _SecPkgContext_Lifespan
10099 {
10100 TimeStamp tsStart;
10101 TimeStamp tsExpiry;
10102 } SecPkgContext_Lifespan, *PSecPkgContext_Lifespan;
10103
10104 typedef struct _SecPkgContext_PasswordExpiry
10105 {
10106 TimeStamp tsPasswordExpires;
10107 } SecPkgContext_PasswordExpiry, *PSecPkgContext_PasswordExpiry;
10108
10109 typedef struct _SecPkgContext_ProtoInfoW
10110 {
10111 SEC_WCHAR *sProtocolName;
10112 ULONG majorVersion;
10113 ULONG minorVersion;
10114 } SecPkgContext_ProtoInfoW, *PSecPkgContext_ProtoInfoW;
10115 #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW
10116 #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW
10117
10118 typedef struct _SecPkgContext_KeyInfoW
10119 {
10120 SEC_WCHAR *sSignatureAlgorithmName;
10121 SEC_WCHAR *sEncryptAlgorithmName;
10122 ULONG KeySize;
10123 ULONG SignatureAlgorithm;
10124 ULONG EncryptAlgorithm;
10125 } SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW;
10126 #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW
10127 #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW
10128
10129 typedef struct _SecPkgContext_SessionKey
10130 {
10131 ULONG SessionKeyLength;
10132 __field_bcount(SessionKeyLength) PUCHAR SessionKey;
10133 } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
10134
10135 typedef struct _SecPkgContext_NegoKeys
10136 {
10137 ULONG KeyType;
10138 USHORT KeyLength;
10139 __field_bcount(KeyLength) PUCHAR KeyValue;
10140 ULONG VerifyKeyType;
10141 USHORT VerifyKeyLength;
10142 __field_bcount(VerifyKeyLength) PUCHAR VerifyKeyValue;
10143 } SecPkgContext_NegoKeys, *PSecPkgContext_NegoKeys;
10144
10145 typedef struct _SecPkgContext_DceInfo
10146 {
10147 ULONG AuthzSvc;
10148 PVOID pPac;
10149 } SecPkgContext_DceInfo, *PSecPkgContext_DceInfo;
10150
10151 typedef struct _SecPkgContext_PackageInfoW
10152 {
10153 PSecPkgInfoW PackageInfo;
10154 } SecPkgContext_PackageInfoW, *PSecPkgContext_PackageInfoW;
10155 #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
10156 #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW
10157
10158 typedef struct _SecPkgContext_UserFlags
10159 {
10160 ULONG UserFlags;
10161 } SecPkgContext_UserFlags, *PSecPkgContext_UserFlags;
10162
10163 typedef struct _SecPkgContext_Flags
10164 {
10165 ULONG Flags;
10166 } SecPkgContext_Flags, *PSecPkgContext_Flags;
10167
10168 typedef struct _SecPkgContext_NegotiationInfoW
10169 {
10170 PSecPkgInfoW PackageInfo ;
10171 ULONG NegotiationState ;
10172 } SecPkgContext_NegotiationInfoW, *PSecPkgContext_NegotiationInfoW;
10173
10174 typedef struct _SecPkgContext_AuthorityW
10175 {
10176 SEC_WCHAR *sAuthorityName;
10177 } SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW;
10178 #define SecPkgContext_Authority SecPkgContext_AuthorityW
10179 #define PSecPkgContext_Authority PSecPkgContext_AuthorityW
10180
10181
10182 #if NTDDI_VERSION > NTDDI_WS03
10183 typedef struct _SecPkgCredentials_SSIProviderW
10184 {
10185 SEC_WCHAR *sProviderName;
10186 ULONG ProviderInfoLength;
10187 PCHAR ProviderInfo;
10188 } SecPkgCredentials_SSIProviderW, *PSecPkgCredentials_SSIProviderW;
10189 #define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
10190 #define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
10191
10192 typedef struct _SecPkgContext_LogoffTime
10193 {
10194 TimeStamp tsLogoffTime;
10195 } SecPkgContext_LogoffTime, *PSecPkgContext_LogoffTime;
10196 #endif
10197
10198 /* forward declaration */
10199 typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW, *PSecurityFunctionTableW;
10200 #define SecurityFunctionTable SecurityFunctionTableW
10201 #define PSecurityFunctionTable PSecurityFunctionTableW
10202
10203 typedef
10204 VOID
10205 (SEC_ENTRY * SEC_GET_KEY_FN)(
10206 PVOID Arg,
10207 PVOID Principal,
10208 ULONG KeyVer,
10209 PVOID *Key,
10210 SECURITY_STATUS *Status);
10211
10212 KSECDDDECLSPEC
10213 SECURITY_STATUS
10214 SEC_ENTRY
10215 AcceptSecurityContext(
10216 _In_opt_ PCredHandle phCredential,
10217 _In_opt_ PCtxtHandle phContext,
10218 _In_opt_ PSecBufferDesc pInput,
10219 _In_ ULONG fContextReq,
10220 _In_ ULONG TargetDataRep,
10221 _In_opt_ PCtxtHandle phNewContext,
10222 _In_opt_ PSecBufferDesc pOutput,
10223 _Out_ PULONG pfContextAttr,
10224 _Out_opt_ PTimeStamp ptsExpiry);
10225
10226 typedef
10227 SECURITY_STATUS
10228 (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
10229 PCredHandle,
10230 PCtxtHandle,
10231 PSecBufferDesc,
10232 ULONG,
10233 ULONG,
10234 PCtxtHandle,
10235 PSecBufferDesc,
10236 PULONG,
10237 PTimeStamp);
10238
10239 KSECDDDECLSPEC
10240 SECURITY_STATUS
10241 SEC_ENTRY
10242 AcquireCredentialsHandleW(
10243 _In_opt_ PSSPI_SEC_STRING pPrincipal,
10244 _In_ PSSPI_SEC_STRING pPackage,
10245 _In_ ULONG fCredentialUse,
10246 _In_opt_ PVOID pvLogonId,
10247 _In_opt_ PVOID pAuthData,
10248 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
10249 _In_opt_ PVOID pvGetKeyArgument,
10250 _Out_ PCredHandle phCredential,
10251 _Out_opt_ PTimeStamp ptsExpiry);
10252 #define AcquireCredentialsHandle AcquireCredentialsHandleW
10253
10254 typedef
10255 SECURITY_STATUS
10256 (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
10257 PSSPI_SEC_STRING,
10258 PSSPI_SEC_STRING,
10259 ULONG,
10260 PVOID,
10261 PVOID,
10262 SEC_GET_KEY_FN,
10263 PVOID,
10264 PCredHandle,
10265 PTimeStamp);
10266 #define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
10267
10268 SECURITY_STATUS
10269 SEC_ENTRY
10270 AddCredentialsA(
10271 _In_ PCredHandle hCredentials,
10272 _In_opt_ LPSTR pszPrincipal,
10273 _In_ LPSTR pszPackage,
10274 _In_ ULONG fCredentialUse,
10275 _In_opt_ PVOID pAuthData,
10276 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
10277 _In_opt_ PVOID pvGetKeyArgument,
10278 _Out_opt_ PTimeStamp ptsExpiry);
10279
10280 typedef
10281 SECURITY_STATUS
10282 (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(
10283 PCredHandle,
10284 SEC_CHAR *,
10285 SEC_CHAR *,
10286 ULONG,
10287 PVOID,
10288 SEC_GET_KEY_FN,
10289 PVOID,
10290 PTimeStamp);
10291
10292 KSECDDDECLSPEC
10293 SECURITY_STATUS
10294 SEC_ENTRY
10295 AddCredentialsW(
10296 _In_ PCredHandle hCredentials,
10297 _In_opt_ PSSPI_SEC_STRING pPrincipal,
10298 _In_ PSSPI_SEC_STRING pPackage,
10299 _In_ ULONG fCredentialUse,
10300 _In_opt_ PVOID pAuthData,
10301 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
10302 _In_opt_ PVOID pvGetKeyArgument,
10303 _Out_opt_ PTimeStamp ptsExpiry);
10304
10305 typedef
10306 SECURITY_STATUS
10307 (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(
10308 PCredHandle,
10309 PSSPI_SEC_STRING,
10310 PSSPI_SEC_STRING,
10311 ULONG,
10312 PVOID,
10313 SEC_GET_KEY_FN,
10314 PVOID,
10315 PTimeStamp);
10316
10317 #ifdef UNICODE
10318 #define AddCredentials AddCredentialsW
10319 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
10320 #else
10321 #define AddCredentials AddCredentialsA
10322 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
10323 #endif
10324
10325 KSECDDDECLSPEC
10326 SECURITY_STATUS
10327 SEC_ENTRY
10328 ApplyControlToken(
10329 _In_ PCtxtHandle phContext,
10330 _In_ PSecBufferDesc pInput);
10331
10332 typedef
10333 SECURITY_STATUS
10334 (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
10335 PCtxtHandle, PSecBufferDesc);
10336
10337 #if (ISSP_MODE != 0)
10338
10339 SECURITY_STATUS
10340 SEC_ENTRY
10341 ChangeAccountPasswordA(
10342 _In_ SEC_CHAR* pszPackageName,
10343 _In_ SEC_CHAR* pszDomainName,
10344 _In_ SEC_CHAR* pszAccountName,
10345 _In_ SEC_CHAR* pszOldPassword,
10346 _In_ SEC_CHAR* pszNewPassword,
10347 _In_ BOOLEAN bImpersonating,
10348 _In_ ULONG dwReserved,
10349 _Inout_ PSecBufferDesc pOutput);
10350
10351 typedef
10352 SECURITY_STATUS
10353 (SEC_ENTRY * CHANGE_PASSWORD_FN_A)(
10354 SEC_CHAR *,
10355 SEC_CHAR *,
10356 SEC_CHAR *,
10357 SEC_CHAR *,
10358 SEC_CHAR *,
10359 BOOLEAN,
10360 ULONG,
10361 PSecBufferDesc);
10362
10363 SECURITY_STATUS
10364 SEC_ENTRY
10365 ChangeAccountPasswordW(
10366 _In_ SEC_WCHAR* pszPackageName,
10367 _In_ SEC_WCHAR* pszDomainName,
10368 _In_ SEC_WCHAR* pszAccountName,
10369 _In_ SEC_WCHAR* pszOldPassword,
10370 _In_ SEC_WCHAR* pszNewPassword,
10371 _In_ BOOLEAN bImpersonating,
10372 _In_ ULONG dwReserved,
10373 _Inout_ PSecBufferDesc pOutput);
10374
10375 typedef
10376 SECURITY_STATUS
10377 (SEC_ENTRY * CHANGE_PASSWORD_FN_W)(
10378 SEC_WCHAR *,
10379 SEC_WCHAR *,
10380 SEC_WCHAR *,
10381 SEC_WCHAR *,
10382 SEC_WCHAR *,
10383 BOOLEAN,
10384 ULONG,
10385 PSecBufferDesc);
10386
10387 #ifdef UNICODE
10388 #define ChangeAccountPassword ChangeAccountPasswordW
10389 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W
10390 #else
10391 #define ChangeAccountPassword ChangeAccountPasswordA
10392 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A
10393 #endif
10394
10395 #endif /* ISSP_MODE != 0 */
10396
10397 SECURITY_STATUS
10398 SEC_ENTRY
10399 CompleteAuthToken(
10400 _In_ PCtxtHandle phContext,
10401 _In_ PSecBufferDesc pToken);
10402
10403 typedef
10404 SECURITY_STATUS
10405 (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
10406 PCtxtHandle,
10407 PSecBufferDesc);
10408
10409 SECURITY_STATUS
10410 SEC_ENTRY
10411 DecryptMessage(
10412 _In_ PCtxtHandle phContext,
10413 _Inout_ PSecBufferDesc pMessage,
10414 _In_ ULONG MessageSeqNo,
10415 _Out_opt_ PULONG pfQOP);
10416
10417 typedef
10418 SECURITY_STATUS
10419 (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
10420 PCtxtHandle,
10421 PSecBufferDesc,
10422 ULONG,
10423 PULONG);
10424
10425 KSECDDDECLSPEC
10426 SECURITY_STATUS
10427 SEC_ENTRY
10428 DeleteSecurityContext(
10429 _In_ PCtxtHandle phContext);
10430
10431 typedef
10432 SECURITY_STATUS
10433 (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
10434 PCtxtHandle);
10435
10436 SECURITY_STATUS
10437 SEC_ENTRY
10438 EncryptMessage(
10439 _In_ PCtxtHandle phContext,
10440 _In_ ULONG fQOP,
10441 _Inout_ PSecBufferDesc pMessage,
10442 _In_ ULONG MessageSeqNo);
10443
10444 typedef
10445 SECURITY_STATUS
10446 (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
10447 PCtxtHandle,
10448 ULONG,
10449 PSecBufferDesc,
10450 ULONG);
10451
10452 KSECDDDECLSPEC
10453 SECURITY_STATUS
10454 SEC_ENTRY
10455 EnumerateSecurityPackagesW(
10456 _Out_ PULONG pcPackages,
10457 _Deref_out_ PSecPkgInfoW* ppPackageInfo);
10458 #define EnumerateSecurityPackages EnumerateSecurityPackagesW
10459
10460 typedef
10461 SECURITY_STATUS
10462 (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
10463 PULONG,
10464 PSecPkgInfoW*);
10465 #define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
10466
10467 KSECDDDECLSPEC
10468 SECURITY_STATUS
10469 SEC_ENTRY
10470 ExportSecurityContext(
10471 _In_ PCtxtHandle phContext,
10472 _In_ ULONG fFlags,
10473 _Out_ PSecBuffer pPackedContext,
10474 _Out_ PVOID* pToken);
10475
10476 typedef
10477 SECURITY_STATUS
10478 (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
10479 PCtxtHandle,
10480 ULONG,
10481 PSecBuffer,
10482 PVOID*);
10483
10484 SECURITY_STATUS
10485 SEC_ENTRY
10486 FreeContextBuffer(
10487 _Inout_ PVOID pvContextBuffer);
10488
10489 typedef
10490 SECURITY_STATUS
10491 (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
10492 _Inout_ PVOID);
10493
10494 KSECDDDECLSPEC
10495 SECURITY_STATUS
10496 SEC_ENTRY
10497 FreeCredentialsHandle(
10498 _In_ PCredHandle phCredential);
10499
10500 typedef
10501 SECURITY_STATUS
10502 (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
10503 PCredHandle);
10504
10505 KSECDDDECLSPEC
10506 SECURITY_STATUS
10507 SEC_ENTRY
10508 ImpersonateSecurityContext(
10509 _In_ PCtxtHandle phContext);
10510
10511 typedef
10512 SECURITY_STATUS
10513 (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
10514 PCtxtHandle);
10515
10516 KSECDDDECLSPEC
10517 SECURITY_STATUS
10518 SEC_ENTRY
10519 ImportSecurityContextW(
10520 _In_ PSSPI_SEC_STRING pszPackage,
10521 _In_ PSecBuffer pPackedContext,
10522 _In_ PVOID Token,
10523 _Out_ PCtxtHandle phContext);
10524 #define ImportSecurityContext ImportSecurityContextW
10525
10526 typedef
10527 SECURITY_STATUS
10528 (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
10529 PSSPI_SEC_STRING,
10530 PSecBuffer,
10531 PVOID,
10532 PCtxtHandle);
10533 #define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
10534
10535 KSECDDDECLSPEC
10536 SECURITY_STATUS
10537 SEC_ENTRY
10538 InitializeSecurityContextW(
10539 _In_opt_ PCredHandle phCredential,
10540 _In_opt_ PCtxtHandle phContext,
10541 _In_opt_ PSSPI_SEC_STRING pTargetName,
10542 _In_ ULONG fContextReq,
10543 _In_ ULONG Reserved1,
10544 _In_ ULONG TargetDataRep,
10545 _In_opt_ PSecBufferDesc pInput,
10546 _In_ ULONG Reserved2,
10547 _Inout_opt_ PCtxtHandle phNewContext,
10548 _Inout_opt_ PSecBufferDesc pOutput,
10549 _Out_ PULONG pfContextAttr,
10550 _Out_opt_ PTimeStamp ptsExpiry);
10551 #define InitializeSecurityContext InitializeSecurityContextW
10552
10553 typedef
10554 SECURITY_STATUS
10555 (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
10556 PCredHandle,
10557 PCtxtHandle,
10558 PSSPI_SEC_STRING,
10559 ULONG,
10560 ULONG,
10561 ULONG,
10562 PSecBufferDesc,
10563 ULONG,
10564 PCtxtHandle,
10565 PSecBufferDesc,
10566 PULONG,
10567 PTimeStamp);
10568 #define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
10569
10570 KSECDDDECLSPEC
10571 PSecurityFunctionTableW
10572 SEC_ENTRY
10573 InitSecurityInterfaceW(VOID);
10574 #define InitSecurityInterface InitSecurityInterfaceW
10575
10576 typedef
10577 PSecurityFunctionTableW
10578 (SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(VOID);
10579 #define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
10580
10581 KSECDDDECLSPEC
10582 SECURITY_STATUS
10583 SEC_ENTRY
10584 MakeSignature(
10585 _In_ PCtxtHandle phContext,
10586 _In_ ULONG fQOP,
10587 _In_ PSecBufferDesc pMessage,
10588 _In_ ULONG MessageSeqNo);
10589
10590 typedef
10591 SECURITY_STATUS
10592 (SEC_ENTRY * MAKE_SIGNATURE_FN)(
10593 PCtxtHandle,
10594 ULONG,
10595 PSecBufferDesc,
10596 ULONG);
10597
10598 KSECDDDECLSPEC
10599 SECURITY_STATUS
10600 SEC_ENTRY
10601 QueryContextAttributesW(
10602 _In_ PCtxtHandle phContext,
10603 _In_ ULONG ulAttribute,
10604 _Out_ PVOID pBuffer);
10605 #define QueryContextAttributes QueryContextAttributesW
10606
10607 typedef
10608 SECURITY_STATUS
10609 (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
10610 PCtxtHandle,
10611 ULONG,
10612 PVOID);
10613 #define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
10614
10615 KSECDDDECLSPEC
10616 SECURITY_STATUS
10617 SEC_ENTRY
10618 QueryCredentialsAttributesW(
10619 _In_ PCredHandle phCredential,
10620 _In_ ULONG ulAttribute,
10621 _Inout_ PVOID pBuffer);
10622 #define QueryCredentialsAttributes QueryCredentialsAttributesW
10623
10624 typedef
10625 SECURITY_STATUS
10626 (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
10627 PCredHandle,
10628 ULONG,
10629 PVOID);
10630 #define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
10631
10632 KSECDDDECLSPEC
10633 SECURITY_STATUS
10634 SEC_ENTRY
10635 QuerySecurityContextToken(
10636 _In_ PCtxtHandle phContext,
10637 _Out_ PVOID* Token);
10638
10639 typedef
10640 SECURITY_STATUS
10641 (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
10642 PCtxtHandle, PVOID *);
10643
10644 KSECDDDECLSPEC
10645 SECURITY_STATUS
10646 SEC_ENTRY
10647 QuerySecurityPackageInfoW(
10648 _In_ PSSPI_SEC_STRING pPackageName,
10649 _Deref_out_ PSecPkgInfoW *ppPackageInfo);
10650 #define QuerySecurityPackageInfo QuerySecurityPackageInfoW
10651
10652 typedef
10653 SECURITY_STATUS
10654 (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
10655 PSSPI_SEC_STRING,
10656 PSecPkgInfoW *);
10657 #define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
10658
10659 KSECDDDECLSPEC
10660 SECURITY_STATUS
10661 SEC_ENTRY
10662 RevertSecurityContext(
10663 _In_ PCtxtHandle phContext);
10664
10665 typedef
10666 SECURITY_STATUS
10667 (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
10668 PCtxtHandle);
10669
10670 #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
10671 SECURITY_STATUS
10672 SEC_ENTRY
10673 SetContextAttributesW(
10674 _In_ PCtxtHandle phContext,
10675 _In_ ULONG ulAttribute,
10676 _In_bytecount_(cbBuffer) PVOID pBuffer,
10677 _In_ ULONG cbBuffer);
10678 #define SetContextAttributes SetContextAttributesW
10679
10680 typedef
10681 SECURITY_STATUS
10682 (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(
10683 PCtxtHandle,
10684 ULONG,
10685 PVOID,
10686 ULONG);
10687 #define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
10688 #endif
10689
10690 #if (NTDDI_VERSION > NTDDI_WS03)
10691 KSECDDDECLSPEC
10692 SECURITY_STATUS
10693 SEC_ENTRY
10694 SetCredentialsAttributesW(
10695 _In_ PCredHandle phCredential,
10696 _In_ ULONG ulAttribute,
10697 _In_bytecount_(cbBuffer) PVOID pBuffer,
10698 _In_ ULONG cbBuffer);
10699 #define SetCredentialsAttributes SetCredentialsAttributesW
10700
10701 typedef
10702 SECURITY_STATUS
10703 (SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)(
10704 PCredHandle,
10705 ULONG,
10706 PVOID,
10707 ULONG);
10708 #define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
10709 #endif /* NTDDI_VERSION > NTDDI_WS03 */
10710
10711 KSECDDDECLSPEC
10712 SECURITY_STATUS
10713 SEC_ENTRY
10714 VerifySignature(
10715 _In_ PCtxtHandle phContext,
10716 _In_ PSecBufferDesc pMessage,
10717 _In_ ULONG MessageSeqNo,
10718 _Out_ PULONG pfQOP);
10719
10720 typedef
10721 SECURITY_STATUS
10722 (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
10723 PCtxtHandle,
10724 PSecBufferDesc,
10725 ULONG,
10726 PULONG);
10727
10728 #if (ISSP_MODE == 0)
10729
10730 KSECDDDECLSPEC
10731 NTSTATUS
10732 NTAPI
10733 SecMakeSPN(
10734 _In_ PUNICODE_STRING ServiceClass,
10735 _In_ PUNICODE_STRING ServiceName,
10736 _In_opt_ PUNICODE_STRING InstanceName,
10737 _In_opt_ USHORT InstancePort,
10738 _In_opt_ PUNICODE_STRING Referrer,
10739 _Inout_ PUNICODE_STRING Spn,
10740 _Out_opt_ PULONG Length,
10741 _In_ BOOLEAN Allocate);
10742
10743 #if (NTDDI_VERSION >= NTDDI_WINXP)
10744 KSECDDDECLSPEC
10745 NTSTATUS
10746 NTAPI
10747 SecMakeSPNEx(
10748 _In_ PUNICODE_STRING ServiceClass,
10749 _In_ PUNICODE_STRING ServiceName,
10750 _In_opt_ PUNICODE_STRING InstanceName,
10751 _In_opt_ USHORT InstancePort,
10752 _In_opt_ PUNICODE_STRING Referrer,
10753 _In_opt_ PUNICODE_STRING TargetInfo,
10754 _Inout_ PUNICODE_STRING Spn,
10755 _Out_ PULONG Length OPTIONAL,
10756 _In_ BOOLEAN Allocate);
10757
10758 KSECDDDECLSPEC
10759 NTSTATUS
10760 SEC_ENTRY
10761 SecLookupAccountSid(
10762 _In_ PSID Sid,
10763 _Out_ PULONG NameSize,
10764 _Inout_ PUNICODE_STRING NameBuffer,
10765 _Out_ PULONG DomainSize OPTIONAL,
10766 _Out_opt_ PUNICODE_STRING DomainBuffer,
10767 _Out_ PSID_NAME_USE NameUse);
10768
10769 KSECDDDECLSPEC
10770 NTSTATUS
10771 SEC_ENTRY
10772 SecLookupAccountName(
10773 _In_ PUNICODE_STRING Name,
10774 _Inout_ PULONG SidSize,
10775 _Out_ PSID Sid,
10776 _Out_ PSID_NAME_USE NameUse,
10777 _Out_opt_ PULONG DomainSize, // WDK says _Out_ only + ... OPTIONAL
10778 _Inout_opt_ PUNICODE_STRING ReferencedDomain);
10779 #endif
10780
10781 #if (NTDDI_VERSION >= NTDDI_WS03)
10782 KSECDDDECLSPEC
10783 NTSTATUS
10784 SEC_ENTRY
10785 SecLookupWellKnownSid(
10786 _In_ WELL_KNOWN_SID_TYPE SidType,
10787 _Out_ PSID Sid,
10788 _In_ ULONG SidBufferSize,
10789 _Inout_opt_ PULONG SidSize);
10790 #endif
10791
10792 #if (NTDDI_VERSION >= NTDDI_VISTA)
10793 KSECDDDECLSPEC
10794 NTSTATUS
10795 NTAPI
10796 SecMakeSPNEx2(
10797 _In_ PUNICODE_STRING ServiceClass,
10798 _In_ PUNICODE_STRING ServiceName,
10799 _In_opt_ PUNICODE_STRING InstanceName,
10800 _In_opt_ USHORT InstancePort,
10801 _In_opt_ PUNICODE_STRING Referrer,
10802 _In_opt_ PUNICODE_STRING InTargetInfo,
10803 _Inout_ PUNICODE_STRING Spn,
10804 _Out_opt_ PULONG TotalSize,
10805 _In_ BOOLEAN Allocate,
10806 _In_ BOOLEAN IsTargetInfoMarshaled);
10807 #endif
10808
10809 #endif /* ISSP_MODE == 0 */
10810
10811 #if (NTDDI_VERSION >= NTDDI_WIN7)
10812
10813 SECURITY_STATUS
10814 SEC_ENTRY
10815 SspiEncodeAuthIdentityAsStrings(
10816 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity,
10817 _Deref_out_opt_ PCWSTR* ppszUserName,
10818 _Deref_out_opt_ PCWSTR* ppszDomainName,
10819 _Deref_opt_out_opt_ PCWSTR* ppszPackedCredentialsString);
10820
10821 SECURITY_STATUS
10822 SEC_ENTRY
10823 SspiValidateAuthIdentity(
10824 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10825
10826 SECURITY_STATUS
10827 SEC_ENTRY
10828 SspiCopyAuthIdentity(
10829 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData,
10830 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy);
10831
10832 VOID
10833 SEC_ENTRY
10834 SspiFreeAuthIdentity(
10835 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10836
10837 VOID
10838 SEC_ENTRY
10839 SspiZeroAuthIdentity(
10840 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
10841
10842 VOID
10843 SEC_ENTRY
10844 SspiLocalFree(
10845 _In_opt_ PVOID DataBuffer);
10846
10847 SECURITY_STATUS
10848 SEC_ENTRY
10849 SspiEncodeStringsAsAuthIdentity(
10850 _In_opt_ PCWSTR pszUserName,
10851 _In_opt_ PCWSTR pszDomainName,
10852 _In_opt_ PCWSTR pszPackedCredentialsString,
10853 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
10854
10855 SECURITY_STATUS
10856 SEC_ENTRY
10857 SspiCompareAuthIdentities(
10858 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1,
10859 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2,
10860 _Out_opt_ PBOOLEAN SameSuppliedUser,
10861 _Out_opt_ PBOOLEAN SameSuppliedIdentity);
10862
10863 SECURITY_STATUS
10864 SEC_ENTRY
10865 SspiMarshalAuthIdentity(
10866 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
10867 _Out_ PULONG AuthIdentityLength,
10868 _Outptr_result_bytebuffer_(*AuthIdentityLength) PCHAR* AuthIdentityByteArray);
10869
10870 SECURITY_STATUS
10871 SEC_ENTRY
10872 SspiUnmarshalAuthIdentity(
10873 _In_ PULONG AuthIdentityLength,
10874 _In_reads_bytes_(AuthIdentityLength) PCHAR AuthIdentityByteArray,
10875 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
10876
10877 BOOLEAN
10878 SEC_ENTRY
10879 SspiIsPromptingNeeded(
10880 _In_ PULONG ErrorOrNtStatus);
10881
10882 SECURITY_STATUS
10883 SEC_ENTRY
10884 SspiGetTargetHostName(
10885 _In_ PCWSTR pszTargetName,
10886 _Outptr_ PWSTR* pszHostName);
10887
10888 SECURITY_STATUS
10889 SEC_ENTRY
10890 SspiExcludePackage(
10891 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
10892 _In_ PCWSTR pszPackageName,
10893 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity);
10894
10895 #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04
10896 #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08
10897
10898 #endif /* NTDDI_VERSION >= NTDDI_WIN7 */
10899
10900 #define FreeCredentialHandle FreeCredentialsHandle
10901 struct _SECURITY_FUNCTION_TABLE_W
10902 {
10903 ULONG dwVersion;
10904 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
10905 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
10906 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
10907 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
10908 PVOID Reserved2;
10909 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
10910 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
10911 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
10912 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
10913 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
10914 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
10915 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
10916 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
10917 MAKE_SIGNATURE_FN MakeSignature;
10918 VERIFY_SIGNATURE_FN VerifySignature;
10919 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
10920 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
10921 PVOID Reserved3;
10922 PVOID Reserved4;
10923 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
10924 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
10925 ADD_CREDENTIALS_FN_W AddCredentialsW ;
10926 PVOID Reserved8;
10927 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
10928 ENCRYPT_MESSAGE_FN EncryptMessage;
10929 DECRYPT_MESSAGE_FN DecryptMessage;
10930 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
10931 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
10932 #endif
10933 #if NTDDI_VERSION > NTDDI_WS03SP1
10934 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
10935 #endif
10936 #if ISSP_MODE != 0
10937 CHANGE_PASSWORD_FN_W ChangeAccountPasswordW;
10938 #else
10939 PVOID Reserved9;
10940 #endif
10941 };
10942
10943 #endif /* !__SSPI_H__ */
10944
10945 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
10946 #if defined(_WIN64)
10947 C_ASSERT(sizeof(ERESOURCE) == 0x68);
10948 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
10949 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
10950 #else
10951 C_ASSERT(sizeof(ERESOURCE) == 0x38);
10952 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
10953 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
10954 #endif
10955 /* #endif */
10956
10957 #if defined(_IA64_)
10958 #if (NTDDI_VERSION >= NTDDI_WIN2K)
10959 //DECLSPEC_DEPRECATED_DDK
10960 NTHALAPI
10961 ULONG
10962 NTAPI
10963 HalGetDmaAlignmentRequirement(
10964 VOID);
10965 #endif
10966 #endif
10967
10968 #if defined(_M_IX86) || defined(_M_AMD64)
10969 #define HalGetDmaAlignmentRequirement() 1L
10970 #endif
10971
10972 extern NTKERNELAPI PUSHORT NlsOemLeadByteInfo;
10973 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
10974
10975 #ifdef NLS_MB_CODE_PAGE_TAG
10976 #undef NLS_MB_CODE_PAGE_TAG
10977 #endif
10978 #define NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag
10979
10980 #if (NTDDI_VERSION >= NTDDI_VISTA)
10981
10982 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
10983 NetworkOpenLocationAny,
10984 NetworkOpenLocationRemote,
10985 NetworkOpenLocationLoopback
10986 } NETWORK_OPEN_LOCATION_QUALIFIER;
10987
10988 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
10989 NetworkOpenIntegrityAny,
10990 NetworkOpenIntegrityNone,
10991 NetworkOpenIntegritySigned,
10992 NetworkOpenIntegrityEncrypted,
10993 NetworkOpenIntegrityMaximum
10994 } NETWORK_OPEN_INTEGRITY_QUALIFIER;
10995
10996 #if (NTDDI_VERSION >= NTDDI_WIN7)
10997
10998 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
10999 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
11000 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
11001
11002 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
11003 USHORT Size;
11004 USHORT Reserved;
11005 _ANONYMOUS_STRUCT struct {
11006 struct {
11007 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11008 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11009 ULONG Flags;
11010 } in;
11011 struct {
11012 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11013 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11014 ULONG Flags;
11015 } out;
11016 } DUMMYSTRUCTNAME;
11017 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
11018
11019 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
11020 USHORT Size;
11021 USHORT Reserved;
11022 _ANONYMOUS_STRUCT struct {
11023 struct {
11024 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11025 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11026 } in;
11027 struct {
11028 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11029 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11030 } out;
11031 } DUMMYSTRUCTNAME;
11032 } NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
11033
11034 #elif (NTDDI_VERSION >= NTDDI_VISTA)
11035 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
11036 USHORT Size;
11037 USHORT Reserved;
11038 _ANONYMOUS_STRUCT struct {
11039 struct {
11040 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11041 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11042 } in;
11043 struct {
11044 NETWORK_OPEN_LOCATION_QUALIFIER Location;
11045 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
11046 } out;
11047 } DUMMYSTRUCTNAME;
11048 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
11049 #endif
11050
11051 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
11052
11053 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
11054
11055
11056 #if (NTDDI_VERSION >= NTDDI_VISTA)
11057
11058 typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
11059 PVOID Context;
11060 } PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
11061
11062 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
11063
11064 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
11065
11066 #if (NTDDI_VERSION >= NTDDI_WIN7)
11067
11068 DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
11069 DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
11070
11071 typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
11072
11073 typedef struct _NFS_OPEN_ECP_CONTEXT {
11074 PUNICODE_STRING ExportAlias;
11075 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
11076 } NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
11077
11078 typedef struct _SRV_OPEN_ECP_CONTEXT {
11079 PUNICODE_STRING ShareName;
11080 PSOCKADDR_STORAGE_NFS SocketAddress;
11081 BOOLEAN OplockBlockState;
11082 BOOLEAN OplockAppState;
11083 BOOLEAN OplockFinalState;
11084 } SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
11085
11086 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
11087
11088 #define PIN_WAIT (1)
11089 #define PIN_EXCLUSIVE (2)
11090 #define PIN_NO_READ (4)
11091 #define PIN_IF_BCB (8)
11092 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
11093 #define PIN_HIGH_PRIORITY (64)
11094
11095 #define MAP_WAIT 1
11096 #define MAP_NO_READ (16)
11097 #define MAP_HIGH_PRIORITY (64)
11098
11099 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
11100 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
11101
11102 typedef struct _QUERY_PATH_REQUEST {
11103 ULONG PathNameLength;
11104 PIO_SECURITY_CONTEXT SecurityContext;
11105 WCHAR FilePathName[1];
11106 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
11107
11108 typedef struct _QUERY_PATH_REQUEST_EX {
11109 PIO_SECURITY_CONTEXT pSecurityContext;
11110 ULONG EaLength;
11111 PVOID pEaBuffer;
11112 UNICODE_STRING PathName;
11113 UNICODE_STRING DomainServiceName;
11114 ULONG_PTR Reserved[ 3 ];
11115 } QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
11116
11117 typedef struct _QUERY_PATH_RESPONSE {
11118 ULONG LengthAccepted;
11119 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
11120
11121 #define VOLSNAPCONTROLTYPE 0x00000053
11122 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
11123
11124 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
11125 #pragma pack(push,4)
11126
11127 #ifndef VER_PRODUCTBUILD
11128 #define VER_PRODUCTBUILD 10000
11129 #endif
11130
11131 #include "csq.h"
11132
11133 #define FS_LFN_APIS 0x00004000
11134
11135 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
11136 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
11137 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
11138 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
11139 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
11140 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
11141 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
11142 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
11143 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
11144 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
11145 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
11146 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
11147 #define FILE_STORAGE_TYPE_MASK 0x000f0000
11148 #define FILE_STORAGE_TYPE_SHIFT 16
11149
11150 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
11151
11152 #ifdef _X86_
11153 #define HARDWARE_PTE HARDWARE_PTE_X86
11154 #define PHARDWARE_PTE PHARDWARE_PTE_X86
11155 #endif
11156
11157 #define IO_ATTACH_DEVICE_API 0x80000000
11158
11159 #define IO_TYPE_APC 18
11160 #define IO_TYPE_DPC 19
11161 #define IO_TYPE_DEVICE_QUEUE 20
11162 #define IO_TYPE_EVENT_PAIR 21
11163 #define IO_TYPE_INTERRUPT 22
11164 #define IO_TYPE_PROFILE 23
11165
11166 #define IRP_BEING_VERIFIED 0x10
11167
11168 #define MAILSLOT_CLASS_FIRSTCLASS 1
11169 #define MAILSLOT_CLASS_SECONDCLASS 2
11170
11171 #define MAILSLOT_SIZE_AUTO 0
11172
11173 #define MEM_DOS_LIM 0x40000000
11174
11175 #define OB_TYPE_TYPE 1
11176 #define OB_TYPE_DIRECTORY 2
11177 #define OB_TYPE_SYMBOLIC_LINK 3
11178 #define OB_TYPE_TOKEN 4
11179 #define OB_TYPE_PROCESS 5
11180 #define OB_TYPE_THREAD 6
11181 #define OB_TYPE_EVENT 7
11182 #define OB_TYPE_EVENT_PAIR 8
11183 #define OB_TYPE_MUTANT 9
11184 #define OB_TYPE_SEMAPHORE 10
11185 #define OB_TYPE_TIMER 11
11186 #define OB_TYPE_PROFILE 12
11187 #define OB_TYPE_WINDOW_STATION 13
11188 #define OB_TYPE_DESKTOP 14
11189 #define OB_TYPE_SECTION 15
11190 #define OB_TYPE_KEY 16
11191 #define OB_TYPE_PORT 17
11192 #define OB_TYPE_ADAPTER 18
11193 #define OB_TYPE_CONTROLLER 19
11194 #define OB_TYPE_DEVICE 20
11195 #define OB_TYPE_DRIVER 21
11196 #define OB_TYPE_IO_COMPLETION 22
11197 #define OB_TYPE_FILE 23
11198
11199 #define SEC_BASED 0x00200000
11200
11201 /* end winnt.h */
11202
11203 #define TOKEN_HAS_ADMIN_GROUP 0x08
11204
11205 #if (VER_PRODUCTBUILD >= 1381)
11206 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
11207 #endif /* (VER_PRODUCTBUILD >= 1381) */
11208
11209 #if (VER_PRODUCTBUILD >= 2195)
11210
11211 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
11212 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
11213
11214 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
11215
11216 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
11217 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
11218 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
11219 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
11220 #endif /* (VER_PRODUCTBUILD >= 2195) */
11221
11222 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
11223 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
11224 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
11225 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
11226 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
11227 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
11228 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
11229 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
11230
11231 typedef enum _FILE_STORAGE_TYPE {
11232 StorageTypeDefault = 1,
11233 StorageTypeDirectory,
11234 StorageTypeFile,
11235 StorageTypeJunctionPoint,
11236 StorageTypeCatalog,
11237 StorageTypeStructuredStorage,
11238 StorageTypeEmbedding,
11239 StorageTypeStream
11240 } FILE_STORAGE_TYPE;
11241
11242 typedef struct _OBJECT_BASIC_INFORMATION
11243 {
11244 ULONG Attributes;
11245 ACCESS_MASK GrantedAccess;
11246 ULONG HandleCount;
11247 ULONG PointerCount;
11248 ULONG PagedPoolCharge;
11249 ULONG NonPagedPoolCharge;
11250 ULONG Reserved[ 3 ];
11251 ULONG NameInfoSize;
11252 ULONG TypeInfoSize;
11253 ULONG SecurityDescriptorSize;
11254 LARGE_INTEGER CreationTime;
11255 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
11256
11257 typedef struct _BITMAP_RANGE {
11258 LIST_ENTRY Links;
11259 LONGLONG BasePage;
11260 ULONG FirstDirtyPage;
11261 ULONG LastDirtyPage;
11262 ULONG DirtyPages;
11263 PULONG Bitmap;
11264 } BITMAP_RANGE, *PBITMAP_RANGE;
11265
11266 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
11267 BOOLEAN ReplaceIfExists;
11268 HANDLE RootDirectory;
11269 ULONG FileNameLength;
11270 WCHAR FileName[1];
11271 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
11272
11273 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
11274 ULONG NextEntryOffset;
11275 ULONG FileIndex;
11276 LARGE_INTEGER CreationTime;
11277 LARGE_INTEGER LastAccessTime;
11278 LARGE_INTEGER LastWriteTime;
11279 LARGE_INTEGER ChangeTime;
11280 LARGE_INTEGER EndOfFile;
11281 LARGE_INTEGER AllocationSize;
11282 ULONG FileAttributes;
11283 ULONG FileNameLength;
11284 ULONG EaSize;
11285 WCHAR FileName[ANYSIZE_ARRAY];
11286 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
11287
11288 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11289 typedef struct _FILE_SHARED_LOCK_ENTRY {
11290 PVOID Unknown1;
11291 PVOID Unknown2;
11292 FILE_LOCK_INFO FileLock;
11293 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
11294
11295 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
11296 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
11297 LIST_ENTRY ListEntry;
11298 PVOID Unknown1;
11299 PVOID Unknown2;
11300 FILE_LOCK_INFO FileLock;
11301 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
11302
11303 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
11304 ULONG ReadDataAvailable;
11305 ULONG NumberOfMessages;
11306 ULONG MessageLength;
11307 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
11308
11309 typedef struct _FILE_OLE_CLASSID_INFORMATION {
11310 GUID ClassId;
11311 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
11312
11313 typedef struct _FILE_OLE_ALL_INFORMATION {
11314 FILE_BASIC_INFORMATION BasicInformation;
11315 FILE_STANDARD_INFORMATION StandardInformation;
11316 FILE_INTERNAL_INFORMATION InternalInformation;
11317 FILE_EA_INFORMATION EaInformation;
11318 FILE_ACCESS_INFORMATION AccessInformation;
11319 FILE_POSITION_INFORMATION PositionInformation;
11320 FILE_MODE_INFORMATION ModeInformation;
11321 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
11322 USN LastChangeUsn;
11323 USN ReplicationUsn;
11324 LARGE_INTEGER SecurityChangeTime;
11325 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
11326 FILE_OBJECTID_INFORMATION ObjectIdInformation;
11327 FILE_STORAGE_TYPE StorageType;
11328 ULONG OleStateBits;
11329 ULONG OleId;
11330 ULONG NumberOfStreamReferences;
11331 ULONG StreamIndex;
11332 ULONG SecurityId;
11333 BOOLEAN ContentIndexDisable;
11334 BOOLEAN InheritContentIndexDisable;
11335 FILE_NAME_INFORMATION NameInformation;
11336 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
11337
11338 typedef struct _FILE_OLE_DIR_INFORMATION {
11339 ULONG NextEntryOffset;
11340 ULONG FileIndex;
11341 LARGE_INTEGER CreationTime;
11342 LARGE_INTEGER LastAccessTime;
11343 LARGE_INTEGER LastWriteTime;
11344 LARGE_INTEGER ChangeTime;
11345 LARGE_INTEGER EndOfFile;
11346 LARGE_INTEGER AllocationSize;
11347 ULONG FileAttributes;
11348 ULONG FileNameLength;
11349 FILE_STORAGE_TYPE StorageType;
11350 GUID OleClassId;
11351 ULONG OleStateBits;
11352 BOOLEAN ContentIndexDisable;
11353 BOOLEAN InheritContentIndexDisable;
11354 WCHAR FileName[1];
11355 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
11356
11357 typedef struct _FILE_OLE_INFORMATION {
11358 LARGE_INTEGER SecurityChangeTime;
11359 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
11360 FILE_OBJECTID_INFORMATION ObjectIdInformation;
11361 FILE_STORAGE_TYPE StorageType;
11362 ULONG OleStateBits;
11363 BOOLEAN ContentIndexDisable;
11364 BOOLEAN InheritContentIndexDisable;
11365 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
11366
11367 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
11368 ULONG StateBits;
11369 ULONG StateBitsMask;
11370 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
11371
11372 typedef struct _MAPPING_PAIR {
11373 ULONGLONG Vcn;
11374 ULONGLONG Lcn;
11375 } MAPPING_PAIR, *PMAPPING_PAIR;
11376
11377 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
11378 ULONG NumberOfPairs;
11379 ULONGLONG StartVcn;
11380 MAPPING_PAIR Pair[1];
11381 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
11382
11383 typedef struct _MBCB {
11384 CSHORT NodeTypeCode;
11385 CSHORT NodeIsInZone;
11386 ULONG PagesToWrite;
11387 ULONG DirtyPages;
11388 ULONG Reserved;
11389 LIST_ENTRY BitmapRanges;
11390 LONGLONG ResumeWritePage;
11391 BITMAP_RANGE BitmapRange1;
11392 BITMAP_RANGE BitmapRange2;
11393 BITMAP_RANGE BitmapRange3;
11394 } MBCB, *PMBCB;
11395
11396 typedef struct _MOVEFILE_DESCRIPTOR {
11397 HANDLE FileHandle;
11398 ULONG Reserved;
11399 LARGE_INTEGER StartVcn;
11400 LARGE_INTEGER TargetLcn;
11401 ULONG NumVcns;
11402 ULONG Reserved1;
11403 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
11404
11405 typedef struct _OBJECT_BASIC_INFO {
11406 ULONG Attributes;
11407 ACCESS_MASK GrantedAccess;
11408 ULONG HandleCount;
11409 ULONG ReferenceCount;
11410 ULONG PagedPoolUsage;
11411 ULONG NonPagedPoolUsage;
11412 ULONG Reserved[3];
11413 ULONG NameInformationLength;
11414 ULONG TypeInformationLength;
11415 ULONG SecurityDescriptorLength;
11416 LARGE_INTEGER CreateTime;
11417 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
11418
11419 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
11420 BOOLEAN Inherit;
11421 BOOLEAN ProtectFromClose;
11422 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
11423
11424 typedef struct _OBJECT_NAME_INFO {
11425 UNICODE_STRING ObjectName;
11426 WCHAR ObjectNameBuffer[1];
11427 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
11428
11429 typedef struct _OBJECT_PROTECTION_INFO {
11430 BOOLEAN Inherit;
11431 BOOLEAN ProtectHandle;
11432 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
11433
11434 typedef struct _OBJECT_TYPE_INFO {
11435 UNICODE_STRING ObjectTypeName;
11436 UCHAR Unknown[0x58];
11437 WCHAR ObjectTypeNameBuffer[1];
11438 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
11439
11440 typedef struct _OBJECT_ALL_TYPES_INFO {
11441 ULONG NumberOfObjectTypes;
11442 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
11443 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
11444
11445 #if defined(USE_LPC6432)
11446 #define LPC_CLIENT_ID CLIENT_ID64
11447 #define LPC_SIZE_T ULONGLONG
11448 #define LPC_PVOID ULONGLONG
11449 #define LPC_HANDLE ULONGLONG
11450 #else
11451 #define LPC_CLIENT_ID CLIENT_ID
11452 #define LPC_SIZE_T SIZE_T
11453 #define LPC_PVOID PVOID
11454 #define LPC_HANDLE HANDLE
11455 #endif
11456
11457 typedef struct _PORT_MESSAGE
11458 {
11459 union
11460 {
11461 struct
11462 {
11463 CSHORT DataLength;
11464 CSHORT TotalLength;
11465 } s1;
11466 ULONG Length;
11467 } u1;
11468 union
11469 {
11470 struct
11471 {
11472 CSHORT Type;
11473 CSHORT DataInfoOffset;
11474 } s2;
11475 ULONG ZeroInit;
11476 } u2;
11477 __GNU_EXTENSION union
11478 {
11479 LPC_CLIENT_ID ClientId;
11480 double DoNotUseThisField;
11481 };
11482 ULONG MessageId;
11483 __GNU_EXTENSION union
11484 {
11485 LPC_SIZE_T ClientViewSize;
11486 ULONG CallbackId;
11487 };
11488 } PORT_MESSAGE, *PPORT_MESSAGE;
11489
11490 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
11491
11492 typedef struct _PORT_VIEW
11493 {
11494 ULONG Length;
11495 LPC_HANDLE SectionHandle;
11496 ULONG SectionOffset;
11497 LPC_SIZE_T ViewSize;
11498 LPC_PVOID ViewBase;
11499 LPC_PVOID ViewRemoteBase;
11500 } PORT_VIEW, *PPORT_VIEW;
11501
11502 typedef struct _REMOTE_PORT_VIEW
11503 {
11504 ULONG Length;
11505 LPC_SIZE_T ViewSize;
11506 LPC_PVOID ViewBase;
11507 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
11508
11509 typedef struct _VAD_HEADER {
11510 PVOID StartVPN;
11511 PVOID EndVPN;
11512 struct _VAD_HEADER* ParentLink;
11513 struct _VAD_HEADER* LeftLink;
11514 struct _VAD_HEADER* RightLink;
11515 ULONG Flags; /* LSB = CommitCharge */
11516 PVOID ControlArea;
11517 PVOID FirstProtoPte;
11518 PVOID LastPTE;
11519 ULONG Unknown;
11520 LIST_ENTRY Secured;
11521 } VAD_HEADER, *PVAD_HEADER;
11522
11523 NTKERNELAPI
11524 LARGE_INTEGER
11525 NTAPI
11526 CcGetLsnForFileObject (
11527 _In_ PFILE_OBJECT FileObject,
11528 _Out_opt_ PLARGE_INTEGER OldestLsn
11529 );
11530
11531 NTKERNELAPI
11532 PVOID
11533 NTAPI
11534 FsRtlAllocatePool (
11535 _In_ POOL_TYPE PoolType,
11536 _In_ ULONG NumberOfBytes
11537 );
11538
11539 NTKERNELAPI
11540 PVOID
11541 NTAPI
11542 FsRtlAllocatePoolWithQuota (
11543 _In_ POOL_TYPE PoolType,
11544 _In_ ULONG NumberOfBytes
11545 );
11546
11547 NTKERNELAPI
11548 PVOID
11549 NTAPI
11550 FsRtlAllocatePoolWithQuotaTag (
11551 _In_ POOL_TYPE PoolType,
11552 _In_ ULONG NumberOfBytes,
11553 _In_ ULONG Tag
11554 );
11555
11556 NTKERNELAPI
11557 PVOID
11558 NTAPI
11559 FsRtlAllocatePoolWithTag (
11560 _In_ POOL_TYPE PoolType,
11561 _In_ ULONG NumberOfBytes,
11562 _In_ ULONG Tag
11563 );
11564
11565 NTKERNELAPI
11566 BOOLEAN
11567 NTAPI
11568 FsRtlMdlReadComplete (
11569 _In_ PFILE_OBJECT FileObject,
11570 _In_ PMDL MdlChain
11571 );
11572
11573 NTKERNELAPI
11574 BOOLEAN
11575 NTAPI
11576 FsRtlMdlWriteComplete (
11577 _In_ PFILE_OBJECT FileObject,
11578 _In_ PLARGE_INTEGER FileOffset,
11579 _In_ PMDL MdlChain
11580 );
11581
11582 NTKERNELAPI
11583 VOID
11584 NTAPI
11585 FsRtlNotifyChangeDirectory (
11586 _In_ PNOTIFY_SYNC NotifySync,
11587 _In_ PVOID FsContext,
11588 _In_ PSTRING FullDirectoryName,
11589 _In_ PLIST_ENTRY NotifyList,
11590 _In_ BOOLEAN WatchTree,
11591 _In_ ULONG CompletionFilter,
11592 _In_ PIRP NotifyIrp
11593 );
11594
11595 #if 1
11596 NTKERNELAPI
11597 NTSTATUS
11598 NTAPI
11599 ObCreateObject(
11600 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode,
11601 _In_ POBJECT_TYPE ObjectType,
11602 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
11603 _In_ KPROCESSOR_MODE AccessMode,
11604 _Inout_opt_ PVOID ParseContext,
11605 _In_ ULONG ObjectSize,
11606 _In_opt_ ULONG PagedPoolCharge,
11607 _In_opt_ ULONG NonPagedPoolCharge,
11608 _Out_ PVOID *Object
11609 );
11610
11611 NTKERNELAPI
11612 NTSTATUS
11613 NTAPI
11614 ObReferenceObjectByName (
11615 _In_ PUNICODE_STRING ObjectName,
11616 _In_ ULONG Attributes,
11617 _In_opt_ PACCESS_STATE PassedAccessState,
11618 _In_opt_ ACCESS_MASK DesiredAccess,
11619 _In_ POBJECT_TYPE ObjectType,
11620 _In_ KPROCESSOR_MODE AccessMode,
11621 _Inout_opt_ PVOID ParseContext,
11622 _Out_ PVOID *Object
11623 );
11624
11625 #define PsDereferenceImpersonationToken(T) \
11626 {if (ARGUMENT_PRESENT(T)) { \
11627 (ObDereferenceObject((T))); \
11628 } else { \
11629 ; \
11630 } \
11631 }
11632
11633 NTKERNELAPI
11634 NTSTATUS
11635 NTAPI
11636 PsLookupProcessThreadByCid (
11637 _In_ PCLIENT_ID Cid,
11638 _Out_opt_ PEPROCESS *Process,
11639 _Out_ PETHREAD *Thread
11640 );
11641
11642 NTSYSAPI
11643 NTSTATUS
11644 NTAPI
11645 RtlSetSaclSecurityDescriptor (
11646 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
11647 _In_ BOOLEAN SaclPresent,
11648 _In_ PACL Sacl,
11649 _In_ BOOLEAN SaclDefaulted
11650 );
11651
11652 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
11653
11654 #endif
11655
11656 #pragma pack(pop)
11657
11658 #ifdef __cplusplus
11659 }
11660 #endif
A free Windows-compatible Operating System