projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- More header fixes.
[reactos.git] / reactos / include / ddk / ntifs.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the w32api package.
7 *
8 * Contributors:
9 * Created by Bo Brantén <bosse@acc.umu.se>
10 *
11 * THIS SOFTWARE IS NOT COPYRIGHTED
12 *
13 * This source code is offered for use in the public domain. You may
14 * use, modify or distribute it freely.
15 *
16 * This code is distributed in the hope that it will be useful but
17 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
18 * DISCLAIMED. This includes but is not limited to warranties of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 */
22
23 #ifndef _NTIFS_
24 #define _NTIFS_
25 #define _GNU_NTIFS_
26
27 #if __GNUC__ >= 3
28 #pragma GCC system_header
29 #endif
30
31 #ifdef _NTOSKRNL_
32 /* HACKHACKHACK!!! We shouldn't include this header from ntoskrnl! */
33 #define NTKERNELAPI
34 #else
35 #define NTKERNELAPI DECLSPEC_IMPORT
36 #endif
37
38 #include "ntddk.h"
39
40 #define _NTIFS_INCLUDED_
41 #ifdef __cplusplus
42 extern "C" {
43 #endif
44
45 #pragma pack(push,4)
46
47 #ifndef VER_PRODUCTBUILD
48 #define VER_PRODUCTBUILD 10000
49 #endif
50
51 #ifndef NTSYSAPI
52 #define NTSYSAPI
53 #endif
54
55 #define EX_PUSH_LOCK ULONG_PTR
56 #define PEX_PUSH_LOCK PULONG_PTR
57
58 #include "csq.h"
59
60 typedef struct _SE_EXPORTS *PSE_EXPORTS;
61
62 #ifdef _NTOSKRNL_
63 extern PUCHAR FsRtlLegalAnsiCharacterArray;
64 #else
65 extern DECLSPEC_IMPORT PUCHAR FsRtlLegalAnsiCharacterArray;
66 #endif
67 extern PSE_EXPORTS SeExports;
68 extern PACL SePublicDefaultDacl;
69 extern PACL SeSystemDefaultDacl;
70
71 extern KSPIN_LOCK IoStatisticsLock;
72 extern ULONG IoReadOperationCount;
73 extern ULONG IoWriteOperationCount;
74 extern ULONG IoOtherOperationCount;
75 extern LARGE_INTEGER IoReadTransferCount;
76 extern LARGE_INTEGER IoWriteTransferCount;
77 extern LARGE_INTEGER IoOtherTransferCount;
78
79 typedef STRING LSA_STRING, *PLSA_STRING;
80 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
81
82 typedef enum _SECURITY_LOGON_TYPE
83 {
84 UndefinedLogonType = 0,
85 Interactive = 2,
86 Network,
87 Batch,
88 Service,
89 Proxy,
90 Unlock,
91 NetworkCleartext,
92 NewCredentials,
93 #if (_WIN32_WINNT >= 0x0501)
94 RemoteInteractive,
95 CachedInteractive,
96 #endif
97 #if (_WIN32_WINNT >= 0x0502)
98 CachedRemoteInteractive,
99 CachedUnlock
100 #endif
101 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
102
103 #define ANSI_DOS_STAR ('<')
104 #define ANSI_DOS_QM ('>')
105 #define ANSI_DOS_DOT ('"')
106
107 #define DOS_STAR (L'<')
108 #define DOS_QM (L'>')
109 #define DOS_DOT (L'"')
110
111 /* also in winnt.h */
112 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
113 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
114 #define ACCESS_DENIED_ACE_TYPE (0x1)
115 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
116 #define SYSTEM_ALARM_ACE_TYPE (0x3)
117 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
118 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
119 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
120 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
121 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
122 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
123 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
124 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
125 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
126 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
127 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
128 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
129 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
130 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
131 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
132 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
133 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
134 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
135 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
136 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x10)
137
138 #define COMPRESSION_FORMAT_NONE (0x0000)
139 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
140 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
141 #define COMPRESSION_ENGINE_STANDARD (0x0000)
142 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
143 #define COMPRESSION_ENGINE_HIBER (0x0200)
144
145 #define FILE_ACTION_ADDED 0x00000001
146 #define FILE_ACTION_REMOVED 0x00000002
147 #define FILE_ACTION_MODIFIED 0x00000003
148 #define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
149 #define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
150 #define FILE_ACTION_ADDED_STREAM 0x00000006
151 #define FILE_ACTION_REMOVED_STREAM 0x00000007
152 #define FILE_ACTION_MODIFIED_STREAM 0x00000008
153 #define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
154 #define FILE_ACTION_ID_NOT_TUNNELLED 0x0000000A
155 #define FILE_ACTION_TUNNELLED_ID_COLLISION 0x0000000B
156 /* end winnt.h */
157
158 #define FILE_EA_TYPE_BINARY 0xfffe
159 #define FILE_EA_TYPE_ASCII 0xfffd
160 #define FILE_EA_TYPE_BITMAP 0xfffb
161 #define FILE_EA_TYPE_METAFILE 0xfffa
162 #define FILE_EA_TYPE_ICON 0xfff9
163 #define FILE_EA_TYPE_EA 0xffee
164 #define FILE_EA_TYPE_MVMT 0xffdf
165 #define FILE_EA_TYPE_MVST 0xffde
166 #define FILE_EA_TYPE_ASN1 0xffdd
167 #define FILE_EA_TYPE_FAMILY_IDS 0xff01
168
169 #define FILE_NEED_EA 0x00000080
170
171 /* also in winnt.h */
172 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
173 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
174 #define FILE_NOTIFY_CHANGE_NAME 0x00000003
175 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
176 #define FILE_NOTIFY_CHANGE_SIZE 0x00000008
177 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
178 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
179 #define FILE_NOTIFY_CHANGE_CREATION 0x00000040
180 #define FILE_NOTIFY_CHANGE_EA 0x00000080
181 #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
182 #define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
183 #define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
184 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
185 #define FILE_NOTIFY_VALID_MASK 0x00000fff
186 /* end winnt.h */
187
188 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2 0x00000007
189 #define FILE_OPLOCK_BROKEN_TO_NONE 0x00000008
190
191 #define FILE_OPBATCH_BREAK_UNDERWAY 0x00000009
192
193 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
194 #define FILE_CASE_PRESERVED_NAMES 0x00000002
195 #define FILE_UNICODE_ON_DISK 0x00000004
196 #define FILE_PERSISTENT_ACLS 0x00000008
197 #define FILE_FILE_COMPRESSION 0x00000010
198 #define FILE_VOLUME_QUOTAS 0x00000020
199 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
200 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
201 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
202 #define FS_LFN_APIS 0x00004000
203 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
204 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
205 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
206 #define FILE_NAMED_STREAMS 0x00040000
207
208 #define FILE_PIPE_BYTE_STREAM_TYPE 0x00000000
209 #define FILE_PIPE_MESSAGE_TYPE 0x00000001
210
211 #define FILE_PIPE_BYTE_STREAM_MODE 0x00000000
212 #define FILE_PIPE_MESSAGE_MODE 0x00000001
213
214 #define FILE_PIPE_QUEUE_OPERATION 0x00000000
215 #define FILE_PIPE_COMPLETE_OPERATION 0x00000001
216
217 #define FILE_PIPE_INBOUND 0x00000000
218 #define FILE_PIPE_OUTBOUND 0x00000001
219 #define FILE_PIPE_FULL_DUPLEX 0x00000002
220
221 #define FILE_PIPE_DISCONNECTED_STATE 0x00000001
222 #define FILE_PIPE_LISTENING_STATE 0x00000002
223 #define FILE_PIPE_CONNECTED_STATE 0x00000003
224 #define FILE_PIPE_CLOSING_STATE 0x00000004
225
226 #define FILE_PIPE_CLIENT_END 0x00000000
227 #define FILE_PIPE_SERVER_END 0x00000001
228
229 #define FILE_PIPE_READ_DATA 0x00000000
230 #define FILE_PIPE_WRITE_SPACE 0x00000001
231
232 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
233 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
234 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
235 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
236 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
237 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
238 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
239 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
240 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
241 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
242 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
243 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
244 #define FILE_STORAGE_TYPE_MASK 0x000f0000
245 #define FILE_STORAGE_TYPE_SHIFT 16
246
247 #define FILE_VC_QUOTA_NONE 0x00000000
248 #define FILE_VC_QUOTA_TRACK 0x00000001
249 #define FILE_VC_QUOTA_ENFORCE 0x00000002
250 #define FILE_VC_QUOTA_MASK 0x00000003
251
252 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
253 #define FILE_VC_CONTENT_INDEX_DISABLED 0x00000008
254
255 #define FILE_VC_LOG_QUOTA_THRESHOLD 0x00000010
256 #define FILE_VC_LOG_QUOTA_LIMIT 0x00000020
257 #define FILE_VC_LOG_VOLUME_THRESHOLD 0x00000040
258 #define FILE_VC_LOG_VOLUME_LIMIT 0x00000080
259
260 #define FILE_VC_QUOTAS_INCOMPLETE 0x00000100
261 #define FILE_VC_QUOTAS_REBUILDING 0x00000200
262
263 #define FILE_VC_VALID_MASK 0x000003ff
264
265 #define FSRTL_FLAG_FILE_MODIFIED (0x01)
266 #define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
267 #define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
268 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
269 #define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
270 #define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
271 #define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
272
273 #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
274
275 #define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
276 #define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
277 #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
278 #define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
279 #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG (0x04)
280
281 #define FSRTL_VOLUME_DISMOUNT 1
282 #define FSRTL_VOLUME_DISMOUNT_FAILED 2
283 #define FSRTL_VOLUME_LOCK 3
284 #define FSRTL_VOLUME_LOCK_FAILED 4
285 #define FSRTL_VOLUME_UNLOCK 5
286 #define FSRTL_VOLUME_MOUNT 6
287
288 #define FSRTL_WILD_CHARACTER 0x08
289
290 #define FSRTL_FAT_LEGAL 0x01
291 #define FSRTL_HPFS_LEGAL 0x02
292 #define FSRTL_NTFS_LEGAL 0x04
293 #define FSRTL_WILD_CHARACTER 0x08
294 #define FSRTL_OLE_LEGAL 0x10
295 #define FSRTL_NTFS_STREAM_LEGAL 0x14
296
297 #ifdef _X86_
298 #define HARDWARE_PTE HARDWARE_PTE_X86
299 #define PHARDWARE_PTE PHARDWARE_PTE_X86
300 #endif
301
302 #define IO_CHECK_CREATE_PARAMETERS 0x0200
303 #define IO_ATTACH_DEVICE 0x0400
304
305 #define IO_ATTACH_DEVICE_API 0x80000000
306
307 #define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
308 #define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
309
310 #define IO_TYPE_APC 18
311 #define IO_TYPE_DPC 19
312 #define IO_TYPE_DEVICE_QUEUE 20
313 #define IO_TYPE_EVENT_PAIR 21
314 #define IO_TYPE_INTERRUPT 22
315 #define IO_TYPE_PROFILE 23
316
317 #define IRP_BEING_VERIFIED 0x10
318
319 #define MAILSLOT_CLASS_FIRSTCLASS 1
320 #define MAILSLOT_CLASS_SECONDCLASS 2
321
322 #define MAILSLOT_SIZE_AUTO 0
323
324 #define MAP_PROCESS 1L
325 #define MAP_SYSTEM 2L
326 #define MEM_DOS_LIM 0x40000000
327
328 #define OB_TYPE_TYPE 1
329 #define OB_TYPE_DIRECTORY 2
330 #define OB_TYPE_SYMBOLIC_LINK 3
331 #define OB_TYPE_TOKEN 4
332 #define OB_TYPE_PROCESS 5
333 #define OB_TYPE_THREAD 6
334 #define OB_TYPE_EVENT 7
335 #define OB_TYPE_EVENT_PAIR 8
336 #define OB_TYPE_MUTANT 9
337 #define OB_TYPE_SEMAPHORE 10
338 #define OB_TYPE_TIMER 11
339 #define OB_TYPE_PROFILE 12
340 #define OB_TYPE_WINDOW_STATION 13
341 #define OB_TYPE_DESKTOP 14
342 #define OB_TYPE_SECTION 15
343 #define OB_TYPE_KEY 16
344 #define OB_TYPE_PORT 17
345 #define OB_TYPE_ADAPTER 18
346 #define OB_TYPE_CONTROLLER 19
347 #define OB_TYPE_DEVICE 20
348 #define OB_TYPE_DRIVER 21
349 #define OB_TYPE_IO_COMPLETION 22
350 #define OB_TYPE_FILE 23
351
352 #define PIN_WAIT (1)
353 #define PIN_EXCLUSIVE (2)
354 #define PIN_NO_READ (4)
355 #define PIN_IF_BCB (8)
356
357 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
358 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
359
360 #define SEC_BASED 0x00200000
361
362 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
363 #define SECURITY_WORLD_RID (0x00000000L)
364
365 #define SID_REVISION 1
366 #define SID_MAX_SUB_AUTHORITIES 15
367 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
368
369 #define TOKEN_ASSIGN_PRIMARY (0x0001)
370 #define TOKEN_DUPLICATE (0x0002)
371 #define TOKEN_IMPERSONATE (0x0004)
372 #define TOKEN_QUERY (0x0008)
373 #define TOKEN_QUERY_SOURCE (0x0010)
374 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
375 #define TOKEN_ADJUST_GROUPS (0x0040)
376 #define TOKEN_ADJUST_DEFAULT (0x0080)
377 #define TOKEN_ADJUST_SESSIONID (0x0100)
378
379 #define TOKEN_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
380 TOKEN_ASSIGN_PRIMARY |\
381 TOKEN_DUPLICATE |\
382 TOKEN_IMPERSONATE |\
383 TOKEN_QUERY |\
384 TOKEN_QUERY_SOURCE |\
385 TOKEN_ADJUST_PRIVILEGES |\
386 TOKEN_ADJUST_GROUPS |\
387 TOKEN_ADJUST_DEFAULT |\
388 TOKEN_ADJUST_SESSIONID)
389
390 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
391 TOKEN_QUERY)
392
393 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
394 TOKEN_ADJUST_PRIVILEGES |\
395 TOKEN_ADJUST_GROUPS |\
396 TOKEN_ADJUST_DEFAULT)
397
398 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
399
400 #define TOKEN_SOURCE_LENGTH 8
401 /* end winnt.h */
402
403 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x01
404 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x02
405 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x04
406 #define TOKEN_HAS_ADMIN_GROUP 0x08
407 #define TOKEN_WRITE_RESTRICTED 0x08
408 #define TOKEN_IS_RESTRICTED 0x10
409 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
410
411 #define VACB_MAPPING_GRANULARITY (0x40000)
412 #define VACB_OFFSET_SHIFT (18)
413
414 #define SE_OWNER_DEFAULTED 0x0001
415 #define SE_GROUP_DEFAULTED 0x0002
416 #define SE_DACL_PRESENT 0x0004
417 #define SE_DACL_DEFAULTED 0x0008
418 #define SE_SACL_PRESENT 0x0010
419 #define SE_SACL_DEFAULTED 0x0020
420 #define SE_DACL_UNTRUSTED 0x0040
421 #define SE_SERVER_SECURITY 0x0080
422 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
423 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
424 #define SE_DACL_AUTO_INHERITED 0x0400
425 #define SE_SACL_AUTO_INHERITED 0x0800
426 #define SE_DACL_PROTECTED 0x1000
427 #define SE_SACL_PROTECTED 0x2000
428 #define SE_RM_CONTROL_VALID 0x4000
429 #define SE_SELF_RELATIVE 0x8000
430
431 #ifndef _WINNT_H
432 #define _AUDIT_EVENT_TYPE_HACK 0
433 #endif
434 #if (_AUDIT_EVENT_TYPE_HACK == 1)
435
436 #else
437 typedef enum _AUDIT_EVENT_TYPE
438 {
439 AuditEventObjectAccess,
440 AuditEventDirectoryServiceAccess
441 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
442 #endif
443
444 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
445
446 #define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
447 #define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
448 #define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
449 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
450 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
451 #define FSCTL_OPLOCK_BREAK_NOTIFY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
452 #define FSCTL_LOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
453 #define FSCTL_UNLOCK_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
454 #define FSCTL_DISMOUNT_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
455
456 #define FSCTL_IS_VOLUME_MOUNTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
457 #define FSCTL_IS_PATHNAME_VALID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
458 #define FSCTL_MARK_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
459
460 #define FSCTL_QUERY_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER, FILE_ANY_ACCESS)
461 #define FSCTL_GET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
462 #define FSCTL_SET_COMPRESSION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
463
464
465 #define FSCTL_MARK_AS_SYSTEM_HIVE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER, FILE_ANY_ACCESS)
466 #define FSCTL_OPLOCK_BREAK_ACK_NO_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
467 #define FSCTL_INVALIDATE_VOLUMES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
468 #define FSCTL_QUERY_FAT_BPB CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
469 #define FSCTL_REQUEST_FILTER_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
470 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
471
472 #if (VER_PRODUCTBUILD >= 1381)
473
474 #define FSCTL_GET_NTFS_VOLUME_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
475 #define FSCTL_GET_NTFS_FILE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
476 #define FSCTL_GET_VOLUME_BITMAP CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER, FILE_ANY_ACCESS)
477 #define FSCTL_GET_RETRIEVAL_POINTERS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER, FILE_ANY_ACCESS)
478 #define FSCTL_MOVE_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
479 #define FSCTL_IS_VOLUME_DIRTY CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
480 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
481 #define FSCTL_ALLOW_EXTENDED_DASD_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER, FILE_ANY_ACCESS)
482
483 #endif /* (VER_PRODUCTBUILD >= 1381) */
484
485 #if (VER_PRODUCTBUILD >= 2195)
486
487 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
488 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
489 #define FSCTL_FIND_FILES_BY_SID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER, FILE_ANY_ACCESS)
490
491 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
492 #define FSCTL_SET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
493 #define FSCTL_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
494 #define FSCTL_DELETE_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
495 #define FSCTL_SET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
496 #define FSCTL_GET_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
497 #define FSCTL_DELETE_REPARSE_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
498 #define FSCTL_ENUM_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER, FILE_READ_DATA)
499 #define FSCTL_SECURITY_ID_CHECK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER, FILE_READ_DATA)
500 #define FSCTL_READ_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER, FILE_READ_DATA)
501 #define FSCTL_SET_OBJECT_ID_EXTENDED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
502 #define FSCTL_CREATE_OR_GET_OBJECT_ID CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
503 #define FSCTL_SET_SPARSE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
504 #define FSCTL_SET_ZERO_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
505 #define FSCTL_QUERY_ALLOCATED_RANGES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER, FILE_READ_DATA)
506 #define FSCTL_ENABLE_UPGRADE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
507 #define FSCTL_SET_ENCRYPTION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
508 #define FSCTL_ENCRYPTION_FSCTL_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER, FILE_ANY_ACCESS)
509 #define FSCTL_WRITE_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, FILE_ANY_ACCESS)
510 #define FSCTL_READ_RAW_ENCRYPTED CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER, FILE_ANY_ACCESS)
511 #define FSCTL_CREATE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER, FILE_READ_DATA)
512 #define FSCTL_READ_FILE_USN_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER, FILE_READ_DATA)
513 #define FSCTL_WRITE_USN_CLOSE_RECORD CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER, FILE_READ_DATA)
514 #define FSCTL_EXTEND_VOLUME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
515 #define FSCTL_QUERY_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
516 #define FSCTL_DELETE_USN_JOURNAL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
517 #define FSCTL_MARK_HANDLE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
518 #define FSCTL_SIS_COPYFILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
519 #define FSCTL_SIS_LINK_FILES CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
520 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
521 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
522 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
523 #define FSCTL_RECALL_FILE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
524 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
525 #define FSCTL_READ_FROM_PLEX CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
526 #define FSCTL_FILE_PREFETCH CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
527
528 #endif /* (VER_PRODUCTBUILD >= 2195) */
529
530 #define FSCTL_MAILSLOT_PEEK CTL_CODE(FILE_DEVICE_MAILSLOT, 0, METHOD_NEITHER, FILE_READ_DATA)
531
532 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
533 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
534 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
535 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
536 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
537 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
538 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
539 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
540
541 #define FSCTL_PIPE_ASSIGN_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
542 #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
543 #define FSCTL_PIPE_LISTEN CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
544 #define FSCTL_PIPE_PEEK CTL_CODE(FILE_DEVICE_NAMED_PIPE, 3, METHOD_BUFFERED, FILE_READ_DATA)
545 #define FSCTL_PIPE_QUERY_EVENT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)
546 #define FSCTL_PIPE_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 5, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
547 #define FSCTL_PIPE_WAIT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
548 #define FSCTL_PIPE_IMPERSONATE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
549 #define FSCTL_PIPE_SET_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)
550 #define FSCTL_PIPE_QUERY_CLIENT_PROCESS CTL_CODE(FILE_DEVICE_NAMED_PIPE, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)
551 #define FSCTL_PIPE_INTERNAL_READ CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2045, METHOD_BUFFERED, FILE_READ_DATA)
552 #define FSCTL_PIPE_INTERNAL_WRITE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2046, METHOD_BUFFERED, FILE_WRITE_DATA)
553 #define FSCTL_PIPE_INTERNAL_TRANSCEIVE CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2047, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
554 #define FSCTL_PIPE_INTERNAL_READ_OVFLOW CTL_CODE(FILE_DEVICE_NAMED_PIPE, 2048, METHOD_BUFFERED, FILE_READ_DATA)
555
556 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
557
558 typedef PVOID OPLOCK, *POPLOCK;
559
560 typedef struct _CACHE_MANAGER_CALLBACKS *PCACHE_MANAGER_CALLBACKS;
561 typedef struct _FILE_GET_QUOTA_INFORMATION *PFILE_GET_QUOTA_INFORMATION;
562 typedef struct _HANDLE_TABLE *PHANDLE_TABLE;
563 typedef struct _KPROCESS *PKPROCESS;
564 typedef struct _KQUEUE *PKQUEUE;
565 typedef struct _KTRAP_FRAME *PKTRAP_FRAME;
566 typedef struct _OBJECT_DIRECTORY *POBJECT_DIRECTORY;
567 typedef struct _SHARED_CACHE_MAP *PSHARED_CACHE_MAP;
568 typedef struct _VACB *PVACB;
569 typedef struct _VAD_HEADER *PVAD_HEADER;
570
571 typedef ULONG LBN;
572 typedef LBN *PLBN;
573
574 typedef ULONG VBN;
575 typedef VBN *PVBN;
576
577 typedef struct _NOTIFY_SYNC
578 {
579 ULONG Unknown0;
580 ULONG Unknown1;
581 ULONG Unknown2;
582 USHORT Unknown3;
583 USHORT Unknown4;
584 ULONG Unknown5;
585 ULONG Unknown6;
586 ULONG Unknown7;
587 ULONG Unknown8;
588 ULONG Unknown9;
589 ULONG Unknown10;
590 } NOTIFY_SYNC, * PNOTIFY_SYNC;
591
592 typedef enum _FAST_IO_POSSIBLE {
593 FastIoIsNotPossible,
594 FastIoIsPossible,
595 FastIoIsQuestionable
596 } FAST_IO_POSSIBLE;
597
598 typedef enum _FILE_STORAGE_TYPE {
599 StorageTypeDefault = 1,
600 StorageTypeDirectory,
601 StorageTypeFile,
602 StorageTypeJunctionPoint,
603 StorageTypeCatalog,
604 StorageTypeStructuredStorage,
605 StorageTypeEmbedding,
606 StorageTypeStream
607 } FILE_STORAGE_TYPE;
608
609 typedef enum _OBJECT_INFORMATION_CLASS
610 {
611 ObjectBasicInformation,
612 ObjectNameInformation,
613 ObjectTypeInformation,
614 ObjectTypesInformation,
615 ObjectHandleFlagInformation,
616 ObjectSessionInformation,
617 MaxObjectInfoClass
618 } OBJECT_INFORMATION_CLASS;
619
620 typedef struct _OBJECT_BASIC_INFORMATION
621 {
622 ULONG Attributes;
623 ACCESS_MASK GrantedAccess;
624 ULONG HandleCount;
625 ULONG PointerCount;
626 ULONG PagedPoolCharge;
627 ULONG NonPagedPoolCharge;
628 ULONG Reserved[ 3 ];
629 ULONG NameInfoSize;
630 ULONG TypeInfoSize;
631 ULONG SecurityDescriptorSize;
632 LARGE_INTEGER CreationTime;
633 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
634
635 typedef struct _KAPC_STATE {
636 LIST_ENTRY ApcListHead[2];
637 PKPROCESS Process;
638 BOOLEAN KernelApcInProgress;
639 BOOLEAN KernelApcPending;
640 BOOLEAN UserApcPending;
641 } KAPC_STATE, *PKAPC_STATE, *RESTRICTED_POINTER PRKAPC_STATE;
642 #define KAPC_STATE_ACTUAL_LENGTH (FIELD_OFFSET(KAPC_STATE, UserApcPending) + sizeof(BOOLEAN))
643
644 typedef struct _BITMAP_RANGE {
645 LIST_ENTRY Links;
646 LONGLONG BasePage;
647 ULONG FirstDirtyPage;
648 ULONG LastDirtyPage;
649 ULONG DirtyPages;
650 PULONG Bitmap;
651 } BITMAP_RANGE, *PBITMAP_RANGE;
652
653 typedef struct _CACHE_UNINITIALIZE_EVENT {
654 struct _CACHE_UNINITIALIZE_EVENT *Next;
655 KEVENT Event;
656 } CACHE_UNINITIALIZE_EVENT, *PCACHE_UNINITIALIZE_EVENT;
657
658 typedef struct _CC_FILE_SIZES {
659 LARGE_INTEGER AllocationSize;
660 LARGE_INTEGER FileSize;
661 LARGE_INTEGER ValidDataLength;
662 } CC_FILE_SIZES, *PCC_FILE_SIZES;
663
664 typedef struct _COMPRESSED_DATA_INFO {
665 USHORT CompressionFormatAndEngine;
666 UCHAR CompressionUnitShift;
667 UCHAR ChunkShift;
668 UCHAR ClusterShift;
669 UCHAR Reserved;
670 USHORT NumberOfChunks;
671 ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
672 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
673
674 typedef struct _SID_IDENTIFIER_AUTHORITY {
675 BYTE Value[6];
676 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
677 typedef PVOID PSID;
678 typedef struct _SID {
679 BYTE Revision;
680 BYTE SubAuthorityCount;
681 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
682 DWORD SubAuthority[ANYSIZE_ARRAY];
683 } SID, *PISID;
684 typedef struct _SID_AND_ATTRIBUTES {
685 PSID Sid;
686 DWORD Attributes;
687 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
688 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
689 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
690 typedef struct _TOKEN_SOURCE {
691 CHAR SourceName[TOKEN_SOURCE_LENGTH];
692 LUID SourceIdentifier;
693 } TOKEN_SOURCE,*PTOKEN_SOURCE;
694 typedef struct _TOKEN_CONTROL {
695 LUID TokenId;
696 LUID AuthenticationId;
697 LUID ModifiedId;
698 TOKEN_SOURCE TokenSource;
699 } TOKEN_CONTROL,*PTOKEN_CONTROL;
700 typedef struct _TOKEN_DEFAULT_DACL {
701 PACL DefaultDacl;
702 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
703 typedef struct _TOKEN_GROUPS {
704 DWORD GroupCount;
705 SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
706 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
707 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
708 ULONG SidCount;
709 ULONG SidLength;
710 PSID_AND_ATTRIBUTES Sids;
711 ULONG RestrictedSidCount;
712 ULONG RestrictedSidLength;
713 PSID_AND_ATTRIBUTES RestrictedSids;
714 ULONG PrivilegeCount;
715 ULONG PrivilegeLength;
716 PLUID_AND_ATTRIBUTES Privileges;
717 LUID AuthenticationId;
718 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
719 typedef struct _TOKEN_ORIGIN {
720 LUID OriginatingLogonSession;
721 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
722 typedef struct _TOKEN_OWNER {
723 PSID Owner;
724 } TOKEN_OWNER,*PTOKEN_OWNER;
725 typedef struct _TOKEN_PRIMARY_GROUP {
726 PSID PrimaryGroup;
727 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
728 typedef struct _TOKEN_PRIVILEGES {
729 DWORD PrivilegeCount;
730 LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
731 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
732 typedef enum tagTOKEN_TYPE {
733 TokenPrimary = 1,
734 TokenImpersonation
735 } TOKEN_TYPE,*PTOKEN_TYPE;
736 typedef struct _TOKEN_STATISTICS {
737 LUID TokenId;
738 LUID AuthenticationId;
739 LARGE_INTEGER ExpirationTime;
740 TOKEN_TYPE TokenType;
741 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
742 DWORD DynamicCharged;
743 DWORD DynamicAvailable;
744 DWORD GroupCount;
745 DWORD PrivilegeCount;
746 LUID ModifiedId;
747 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
748 typedef struct _TOKEN_USER {
749 SID_AND_ATTRIBUTES User;
750 } TOKEN_USER, *PTOKEN_USER;
751 typedef DWORD SECURITY_INFORMATION,*PSECURITY_INFORMATION;
752 typedef WORD SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
753 typedef struct _SECURITY_DESCRIPTOR {
754 BYTE Revision;
755 BYTE Sbz1;
756 SECURITY_DESCRIPTOR_CONTROL Control;
757 PSID Owner;
758 PSID Group;
759 PACL Sacl;
760 PACL Dacl;
761 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
762 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
763 BYTE Revision;
764 BYTE Sbz1;
765 SECURITY_DESCRIPTOR_CONTROL Control;
766 DWORD Owner;
767 DWORD Group;
768 DWORD Sacl;
769 DWORD Dacl;
770 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
771 typedef enum _TOKEN_INFORMATION_CLASS {
772 TokenUser=1,TokenGroups,TokenPrivileges,TokenOwner,
773 TokenPrimaryGroup,TokenDefaultDacl,TokenSource,TokenType,
774 TokenImpersonationLevel,TokenStatistics,TokenRestrictedSids,
775 TokenSessionId,TokenGroupsAndPrivileges,TokenSessionReference,
776 TokenSandBoxInert,TokenAuditPolicy,TokenOrigin,
777 } TOKEN_INFORMATION_CLASS;
778
779 #define SYMLINK_FLAG_RELATIVE 1
780
781 typedef struct _REPARSE_DATA_BUFFER {
782 ULONG ReparseTag;
783 USHORT ReparseDataLength;
784 USHORT Reserved;
785 union {
786 struct {
787 USHORT SubstituteNameOffset;
788 USHORT SubstituteNameLength;
789 USHORT PrintNameOffset;
790 USHORT PrintNameLength;
791 ULONG Flags;
792 WCHAR PathBuffer[1];
793 } SymbolicLinkReparseBuffer;
794 struct {
795 USHORT SubstituteNameOffset;
796 USHORT SubstituteNameLength;
797 USHORT PrintNameOffset;
798 USHORT PrintNameLength;
799 WCHAR PathBuffer[1];
800 } MountPointReparseBuffer;
801 struct {
802 UCHAR DataBuffer[1];
803 } GenericReparseBuffer;
804 };
805 } REPARSE_DATA_BUFFER, *PREPARSE_DATA_BUFFER;
806
807 #define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
808
809 typedef struct _FILE_ACCESS_INFORMATION {
810 ACCESS_MASK AccessFlags;
811 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
812
813 typedef struct _FILE_ALLOCATION_INFORMATION {
814 LARGE_INTEGER AllocationSize;
815 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
816
817 typedef struct _FILE_BOTH_DIR_INFORMATION {
818 ULONG NextEntryOffset;
819 ULONG FileIndex;
820 LARGE_INTEGER CreationTime;
821 LARGE_INTEGER LastAccessTime;
822 LARGE_INTEGER LastWriteTime;
823 LARGE_INTEGER ChangeTime;
824 LARGE_INTEGER EndOfFile;
825 LARGE_INTEGER AllocationSize;
826 ULONG FileAttributes;
827 ULONG FileNameLength;
828 ULONG EaSize;
829 CCHAR ShortNameLength;
830 WCHAR ShortName[12];
831 WCHAR FileName[1];
832 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
833
834 typedef struct _FILE_COMPLETION_INFORMATION {
835 HANDLE Port;
836 PVOID Key;
837 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
838
839 typedef struct _FILE_COMPRESSION_INFORMATION {
840 LARGE_INTEGER CompressedFileSize;
841 USHORT CompressionFormat;
842 UCHAR CompressionUnitShift;
843 UCHAR ChunkShift;
844 UCHAR ClusterShift;
845 UCHAR Reserved[3];
846 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
847
848 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
849 BOOLEAN ReplaceIfExists;
850 HANDLE RootDirectory;
851 ULONG FileNameLength;
852 WCHAR FileName[1];
853 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
854
855 typedef struct _FILE_DIRECTORY_INFORMATION {
856 ULONG NextEntryOffset;
857 ULONG FileIndex;
858 LARGE_INTEGER CreationTime;
859 LARGE_INTEGER LastAccessTime;
860 LARGE_INTEGER LastWriteTime;
861 LARGE_INTEGER ChangeTime;
862 LARGE_INTEGER EndOfFile;
863 LARGE_INTEGER AllocationSize;
864 ULONG FileAttributes;
865 ULONG FileNameLength;
866 WCHAR FileName[1];
867 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
868
869 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
870 ULONG NextEntryOffset;
871 ULONG FileIndex;
872 LARGE_INTEGER CreationTime;
873 LARGE_INTEGER LastAccessTime;
874 LARGE_INTEGER LastWriteTime;
875 LARGE_INTEGER ChangeTime;
876 LARGE_INTEGER EndOfFile;
877 LARGE_INTEGER AllocationSize;
878 ULONG FileAttributes;
879 ULONG FileNameLength;
880 ULONG EaSize;
881 WCHAR FileName[0];
882 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
883
884 typedef struct _FILE_BOTH_DIRECTORY_INFORMATION {
885 ULONG NextEntryOffset;
886 ULONG FileIndex;
887 LARGE_INTEGER CreationTime;
888 LARGE_INTEGER LastAccessTime;
889 LARGE_INTEGER LastWriteTime;
890 LARGE_INTEGER ChangeTime;
891 LARGE_INTEGER EndOfFile;
892 LARGE_INTEGER AllocationSize;
893 ULONG FileAttributes;
894 ULONG FileNameLength;
895 ULONG EaSize;
896 CHAR ShortNameLength;
897 WCHAR ShortName[12];
898 WCHAR FileName[0];
899 } FILE_BOTH_DIRECTORY_INFORMATION, *PFILE_BOTH_DIRECTORY_INFORMATION;
900
901 typedef struct _FILE_EA_INFORMATION {
902 ULONG EaSize;
903 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
904
905 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
906 ULONG FileSystemAttributes;
907 ULONG MaximumComponentNameLength;
908 ULONG FileSystemNameLength;
909 WCHAR FileSystemName[1];
910 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
911
912 typedef struct _FILE_FS_CONTROL_INFORMATION {
913 LARGE_INTEGER FreeSpaceStartFiltering;
914 LARGE_INTEGER FreeSpaceThreshold;
915 LARGE_INTEGER FreeSpaceStopFiltering;
916 LARGE_INTEGER DefaultQuotaThreshold;
917 LARGE_INTEGER DefaultQuotaLimit;
918 ULONG FileSystemControlFlags;
919 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
920
921 typedef struct _FILE_FS_FULL_SIZE_INFORMATION {
922 LARGE_INTEGER TotalAllocationUnits;
923 LARGE_INTEGER CallerAvailableAllocationUnits;
924 LARGE_INTEGER ActualAvailableAllocationUnits;
925 ULONG SectorsPerAllocationUnit;
926 ULONG BytesPerSector;
927 } FILE_FS_FULL_SIZE_INFORMATION, *PFILE_FS_FULL_SIZE_INFORMATION;
928
929 typedef struct _FILE_FS_LABEL_INFORMATION {
930 ULONG VolumeLabelLength;
931 WCHAR VolumeLabel[1];
932 } FILE_FS_LABEL_INFORMATION, *PFILE_FS_LABEL_INFORMATION;
933
934 #if (VER_PRODUCTBUILD >= 2195)
935
936 typedef struct _FILE_FS_OBJECT_ID_INFORMATION {
937 UCHAR ObjectId[16];
938 UCHAR ExtendedInfo[48];
939 } FILE_FS_OBJECT_ID_INFORMATION, *PFILE_FS_OBJECT_ID_INFORMATION;
940
941 #endif /* (VER_PRODUCTBUILD >= 2195) */
942
943 typedef struct _FILE_FS_SIZE_INFORMATION {
944 LARGE_INTEGER TotalAllocationUnits;
945 LARGE_INTEGER AvailableAllocationUnits;
946 ULONG SectorsPerAllocationUnit;
947 ULONG BytesPerSector;
948 } FILE_FS_SIZE_INFORMATION, *PFILE_FS_SIZE_INFORMATION;
949
950 typedef struct _FILE_FS_VOLUME_INFORMATION {
951 LARGE_INTEGER VolumeCreationTime;
952 ULONG VolumeSerialNumber;
953 ULONG VolumeLabelLength;
954 BOOLEAN SupportsObjects;
955 WCHAR VolumeLabel[1];
956 } FILE_FS_VOLUME_INFORMATION, *PFILE_FS_VOLUME_INFORMATION;
957
958 typedef struct _FILE_FS_OBJECTID_INFORMATION
959 {
960 UCHAR ObjectId[16];
961 UCHAR ExtendedInfo[48];
962 } FILE_FS_OBJECTID_INFORMATION, *PFILE_FS_OBJECTID_INFORMATION;
963
964 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION
965 {
966 BOOLEAN DriverInPath;
967 ULONG DriverNameLength;
968 WCHAR DriverName[1];
969 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
970
971 typedef struct _FILE_FULL_DIR_INFORMATION {
972 ULONG NextEntryOffset;
973 ULONG FileIndex;
974 LARGE_INTEGER CreationTime;
975 LARGE_INTEGER LastAccessTime;
976 LARGE_INTEGER LastWriteTime;
977 LARGE_INTEGER ChangeTime;
978 LARGE_INTEGER EndOfFile;
979 LARGE_INTEGER AllocationSize;
980 ULONG FileAttributes;
981 ULONG FileNameLength;
982 ULONG EaSize;
983 WCHAR FileName[1];
984 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
985
986 typedef struct _FILE_GET_EA_INFORMATION {
987 ULONG NextEntryOffset;
988 UCHAR EaNameLength;
989 CHAR EaName[1];
990 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
991
992 typedef struct _FILE_GET_QUOTA_INFORMATION {
993 ULONG NextEntryOffset;
994 ULONG SidLength;
995 SID Sid;
996 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
997
998 typedef struct _FILE_QUOTA_INFORMATION
999 {
1000 ULONG NextEntryOffset;
1001 ULONG SidLength;
1002 LARGE_INTEGER ChangeTime;
1003 LARGE_INTEGER QuotaUsed;
1004 LARGE_INTEGER QuotaThreshold;
1005 LARGE_INTEGER QuotaLimit;
1006 SID Sid;
1007 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
1008
1009 typedef struct _FILE_INTERNAL_INFORMATION {
1010 LARGE_INTEGER IndexNumber;
1011 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
1012
1013 typedef struct _FILE_LINK_INFORMATION {
1014 BOOLEAN ReplaceIfExists;
1015 HANDLE RootDirectory;
1016 ULONG FileNameLength;
1017 WCHAR FileName[1];
1018 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
1019
1020 typedef struct _FILE_LOCK_INFO
1021 {
1022 LARGE_INTEGER StartingByte;
1023 LARGE_INTEGER Length;
1024 BOOLEAN ExclusiveLock;
1025 ULONG Key;
1026 PFILE_OBJECT FileObject;
1027 PVOID ProcessId;
1028 LARGE_INTEGER EndingByte;
1029 } FILE_LOCK_INFO, *PFILE_LOCK_INFO;
1030
1031 typedef struct _FILE_REPARSE_POINT_INFORMATION
1032 {
1033 LONGLONG FileReference;
1034 ULONG Tag;
1035 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
1036
1037 typedef struct _FILE_MOVE_CLUSTER_INFORMATION
1038 {
1039 ULONG ClusterCount;
1040 HANDLE RootDirectory;
1041 ULONG FileNameLength;
1042 WCHAR FileName[1];
1043 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
1044
1045 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1046 typedef struct _FILE_SHARED_LOCK_ENTRY {
1047 PVOID Unknown1;
1048 PVOID Unknown2;
1049 FILE_LOCK_INFO FileLock;
1050 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
1051
1052 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1053 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
1054 LIST_ENTRY ListEntry;
1055 PVOID Unknown1;
1056 PVOID Unknown2;
1057 FILE_LOCK_INFO FileLock;
1058 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
1059
1060 typedef NTSTATUS (NTAPI *PCOMPLETE_LOCK_IRP_ROUTINE) (
1061 IN PVOID Context,
1062 IN PIRP Irp
1063 );
1064
1065 typedef VOID (NTAPI *PUNLOCK_ROUTINE) (
1066 IN PVOID Context,
1067 IN PFILE_LOCK_INFO FileLockInfo
1068 );
1069
1070 typedef struct _FILE_LOCK {
1071 PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine;
1072 PUNLOCK_ROUTINE UnlockRoutine;
1073 BOOLEAN FastIoIsQuestionable;
1074 BOOLEAN Pad[3];
1075 PVOID LockInformation;
1076 FILE_LOCK_INFO LastReturnedLockInfo;
1077 PVOID LastReturnedLock;
1078 } FILE_LOCK, *PFILE_LOCK;
1079
1080 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
1081 ULONG ReadDataAvailable;
1082 ULONG NumberOfMessages;
1083 ULONG MessageLength;
1084 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
1085
1086 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
1087 ULONG MaximumMessageSize;
1088 ULONG MailslotQuota;
1089 ULONG NextMessageSize;
1090 ULONG MessagesAvailable;
1091 LARGE_INTEGER ReadTimeout;
1092 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
1093
1094 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
1095 PLARGE_INTEGER ReadTimeout;
1096 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
1097
1098 typedef struct _FILE_MODE_INFORMATION {
1099 ULONG Mode;
1100 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
1101
1102 typedef struct _FILE_ALL_INFORMATION {
1103 FILE_BASIC_INFORMATION BasicInformation;
1104 FILE_STANDARD_INFORMATION StandardInformation;
1105 FILE_INTERNAL_INFORMATION InternalInformation;
1106 FILE_EA_INFORMATION EaInformation;
1107 FILE_ACCESS_INFORMATION AccessInformation;
1108 FILE_POSITION_INFORMATION PositionInformation;
1109 FILE_MODE_INFORMATION ModeInformation;
1110 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1111 FILE_NAME_INFORMATION NameInformation;
1112 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
1113
1114 typedef struct _FILE_NAMES_INFORMATION {
1115 ULONG NextEntryOffset;
1116 ULONG FileIndex;
1117 ULONG FileNameLength;
1118 WCHAR FileName[1];
1119 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
1120
1121 typedef struct _FILE_OBJECTID_INFORMATION {
1122 LONGLONG FileReference;
1123 UCHAR ObjectId[16];
1124 _ANONYMOUS_UNION union {
1125 struct {
1126 UCHAR BirthVolumeId[16];
1127 UCHAR BirthObjectId[16];
1128 UCHAR DomainId[16];
1129 } ;
1130 UCHAR ExtendedInfo[48];
1131 } DUMMYUNIONNAME;
1132 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
1133
1134 typedef struct _FILE_OLE_CLASSID_INFORMATION {
1135 GUID ClassId;
1136 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
1137
1138 typedef struct _FILE_OLE_ALL_INFORMATION {
1139 FILE_BASIC_INFORMATION BasicInformation;
1140 FILE_STANDARD_INFORMATION StandardInformation;
1141 FILE_INTERNAL_INFORMATION InternalInformation;
1142 FILE_EA_INFORMATION EaInformation;
1143 FILE_ACCESS_INFORMATION AccessInformation;
1144 FILE_POSITION_INFORMATION PositionInformation;
1145 FILE_MODE_INFORMATION ModeInformation;
1146 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1147 USN LastChangeUsn;
1148 USN ReplicationUsn;
1149 LARGE_INTEGER SecurityChangeTime;
1150 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1151 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1152 FILE_STORAGE_TYPE StorageType;
1153 ULONG OleStateBits;
1154 ULONG OleId;
1155 ULONG NumberOfStreamReferences;
1156 ULONG StreamIndex;
1157 ULONG SecurityId;
1158 BOOLEAN ContentIndexDisable;
1159 BOOLEAN InheritContentIndexDisable;
1160 FILE_NAME_INFORMATION NameInformation;
1161 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
1162
1163 typedef struct _FILE_OLE_DIR_INFORMATION {
1164 ULONG NextEntryOffset;
1165 ULONG FileIndex;
1166 LARGE_INTEGER CreationTime;
1167 LARGE_INTEGER LastAccessTime;
1168 LARGE_INTEGER LastWriteTime;
1169 LARGE_INTEGER ChangeTime;
1170 LARGE_INTEGER EndOfFile;
1171 LARGE_INTEGER AllocationSize;
1172 ULONG FileAttributes;
1173 ULONG FileNameLength;
1174 FILE_STORAGE_TYPE StorageType;
1175 GUID OleClassId;
1176 ULONG OleStateBits;
1177 BOOLEAN ContentIndexDisable;
1178 BOOLEAN InheritContentIndexDisable;
1179 WCHAR FileName[1];
1180 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
1181
1182 typedef struct _FILE_OLE_INFORMATION {
1183 LARGE_INTEGER SecurityChangeTime;
1184 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1185 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1186 FILE_STORAGE_TYPE StorageType;
1187 ULONG OleStateBits;
1188 BOOLEAN ContentIndexDisable;
1189 BOOLEAN InheritContentIndexDisable;
1190 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
1191
1192 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
1193 ULONG StateBits;
1194 ULONG StateBitsMask;
1195 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
1196
1197 typedef struct _FILE_PIPE_ASSIGN_EVENT_BUFFER {
1198 HANDLE EventHandle;
1199 ULONG KeyValue;
1200 } FILE_PIPE_ASSIGN_EVENT_BUFFER, *PFILE_PIPE_ASSIGN_EVENT_BUFFER;
1201
1202 typedef struct _FILE_PIPE_CLIENT_PROCESS_BUFFER {
1203 PVOID ClientSession;
1204 PVOID ClientProcess;
1205 } FILE_PIPE_CLIENT_PROCESS_BUFFER, *PFILE_PIPE_CLIENT_PROCESS_BUFFER;
1206
1207 typedef struct _FILE_PIPE_EVENT_BUFFER {
1208 ULONG NamedPipeState;
1209 ULONG EntryType;
1210 ULONG ByteCount;
1211 ULONG KeyValue;
1212 ULONG NumberRequests;
1213 } FILE_PIPE_EVENT_BUFFER, *PFILE_PIPE_EVENT_BUFFER;
1214
1215 typedef struct _FILE_PIPE_PEEK_BUFFER
1216 {
1217 ULONG NamedPipeState;
1218 ULONG ReadDataAvailable;
1219 ULONG NumberOfMessages;
1220 ULONG MessageLength;
1221 CHAR Data[1];
1222 } FILE_PIPE_PEEK_BUFFER, *PFILE_PIPE_PEEK_BUFFER;
1223
1224 typedef struct _FILE_PIPE_INFORMATION {
1225 ULONG ReadMode;
1226 ULONG CompletionMode;
1227 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
1228
1229 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
1230 ULONG NamedPipeType;
1231 ULONG NamedPipeConfiguration;
1232 ULONG MaximumInstances;
1233 ULONG CurrentInstances;
1234 ULONG InboundQuota;
1235 ULONG ReadDataAvailable;
1236 ULONG OutboundQuota;
1237 ULONG WriteQuotaAvailable;
1238 ULONG NamedPipeState;
1239 ULONG NamedPipeEnd;
1240 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
1241
1242 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
1243 LARGE_INTEGER CollectDataTime;
1244 ULONG MaximumCollectionCount;
1245 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
1246
1247 typedef struct _FILE_PIPE_WAIT_FOR_BUFFER {
1248 LARGE_INTEGER Timeout;
1249 ULONG NameLength;
1250 BOOLEAN TimeoutSpecified;
1251 WCHAR Name[1];
1252 } FILE_PIPE_WAIT_FOR_BUFFER, *PFILE_PIPE_WAIT_FOR_BUFFER;
1253
1254 typedef struct _FILE_RENAME_INFORMATION {
1255 BOOLEAN ReplaceIfExists;
1256 HANDLE RootDirectory;
1257 ULONG FileNameLength;
1258 WCHAR FileName[1];
1259 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
1260
1261 typedef struct _FILE_STREAM_INFORMATION {
1262 ULONG NextEntryOffset;
1263 ULONG StreamNameLength;
1264 LARGE_INTEGER StreamSize;
1265 LARGE_INTEGER StreamAllocationSize;
1266 WCHAR StreamName[1];
1267 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
1268
1269 typedef struct _FILE_TRACKING_INFORMATION {
1270 HANDLE DestinationFile;
1271 ULONG ObjectInformationLength;
1272 CHAR ObjectInformation[1];
1273 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
1274
1275 #if (VER_PRODUCTBUILD >= 2195)
1276 typedef struct _FILE_ZERO_DATA_INFORMATION {
1277 LARGE_INTEGER FileOffset;
1278 LARGE_INTEGER BeyondFinalZero;
1279 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
1280
1281 typedef struct FILE_ALLOCATED_RANGE_BUFFER {
1282 LARGE_INTEGER FileOffset;
1283 LARGE_INTEGER Length;
1284 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
1285 #endif /* (VER_PRODUCTBUILD >= 2195) */
1286
1287 typedef struct _FSRTL_COMMON_FCB_HEADER {
1288 CSHORT NodeTypeCode;
1289 CSHORT NodeByteSize;
1290 UCHAR Flags;
1291 UCHAR IsFastIoPossible;
1292 #if (VER_PRODUCTBUILD >= 1381)
1293 UCHAR Flags2;
1294 UCHAR Reserved;
1295 #endif /* (VER_PRODUCTBUILD >= 1381) */
1296 PERESOURCE Resource;
1297 PERESOURCE PagingIoResource;
1298 LARGE_INTEGER AllocationSize;
1299 LARGE_INTEGER FileSize;
1300 LARGE_INTEGER ValidDataLength;
1301 } FSRTL_COMMON_FCB_HEADER, *PFSRTL_COMMON_FCB_HEADER;
1302
1303 #if (VER_PRODUCTBUILD >= 2600)
1304
1305 typedef struct _FSRTL_ADVANCED_FCB_HEADER {
1306 CSHORT NodeTypeCode;
1307 CSHORT NodeByteSize;
1308 UCHAR Flags;
1309 UCHAR IsFastIoPossible;
1310 UCHAR Flags2;
1311 UCHAR Reserved: 4;
1312 UCHAR Version: 4;
1313 PERESOURCE Resource;
1314 PERESOURCE PagingIoResource;
1315 LARGE_INTEGER AllocationSize;
1316 LARGE_INTEGER FileSize;
1317 LARGE_INTEGER ValidDataLength;
1318 PFAST_MUTEX FastMutex;
1319 LIST_ENTRY FilterContexts;
1320 EX_PUSH_LOCK PushLock;
1321 PVOID *FileContextSupportPointer;
1322 } FSRTL_ADVANCED_FCB_HEADER, *PFSRTL_ADVANCED_FCB_HEADER;
1323
1324 typedef struct _FSRTL_PER_STREAM_CONTEXT {
1325 LIST_ENTRY Links;
1326 PVOID OwnerId;
1327 PVOID InstanceId;
1328 PFREE_FUNCTION FreeCallback;
1329 } FSRTL_PER_STREAM_CONTEXT, *PFSRTL_PER_STREAM_CONTEXT;
1330
1331 typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT
1332 {
1333 LIST_ENTRY Links;
1334 PVOID OwnerId;
1335 PVOID InstanceId;
1336 } FSRTL_PER_FILEOBJECT_CONTEXT, *PFSRTL_PER_FILEOBJECT_CONTEXT;
1337
1338 #endif /* (VER_PRODUCTBUILD >= 2600) */
1339
1340 typedef struct _BASE_MCB
1341 {
1342 ULONG MaximumPairCount;
1343 ULONG PairCount;
1344 USHORT PoolType;
1345 USHORT Flags;
1346 PVOID Mapping;
1347 } BASE_MCB, *PBASE_MCB;
1348
1349 typedef struct _LARGE_MCB
1350 {
1351 PKGUARDED_MUTEX GuardedMutex;
1352 BASE_MCB BaseMcb;
1353 } LARGE_MCB, *PLARGE_MCB;
1354
1355 typedef struct _MCB
1356 {
1357 LARGE_MCB DummyFieldThatSizesThisStructureCorrectly;
1358 } MCB, *PMCB;
1359
1360 typedef struct _GENERATE_NAME_CONTEXT {
1361 USHORT Checksum;
1362 BOOLEAN CheckSumInserted;
1363 UCHAR NameLength;
1364 WCHAR NameBuffer[8];
1365 ULONG ExtensionLength;
1366 WCHAR ExtensionBuffer[4];
1367 ULONG LastIndexValue;
1368 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
1369
1370 typedef struct _MAPPING_PAIR {
1371 ULONGLONG Vcn;
1372 ULONGLONG Lcn;
1373 } MAPPING_PAIR, *PMAPPING_PAIR;
1374
1375 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
1376 ULONG NumberOfPairs;
1377 ULONGLONG StartVcn;
1378 MAPPING_PAIR Pair[1];
1379 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
1380
1381 typedef struct _KQUEUE {
1382 DISPATCHER_HEADER Header;
1383 LIST_ENTRY EntryListHead;
1384 ULONG CurrentCount;
1385 ULONG MaximumCount;
1386 LIST_ENTRY ThreadListHead;
1387 } KQUEUE, *PKQUEUE, *RESTRICTED_POINTER PRKQUEUE;
1388
1389 #define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
1390
1391 typedef struct _MBCB {
1392 CSHORT NodeTypeCode;
1393 CSHORT NodeIsInZone;
1394 ULONG PagesToWrite;
1395 ULONG DirtyPages;
1396 ULONG Reserved;
1397 LIST_ENTRY BitmapRanges;
1398 LONGLONG ResumeWritePage;
1399 BITMAP_RANGE BitmapRange1;
1400 BITMAP_RANGE BitmapRange2;
1401 BITMAP_RANGE BitmapRange3;
1402 } MBCB, *PMBCB;
1403
1404 typedef struct _MOVEFILE_DESCRIPTOR {
1405 HANDLE FileHandle;
1406 ULONG Reserved;
1407 LARGE_INTEGER StartVcn;
1408 LARGE_INTEGER TargetLcn;
1409 ULONG NumVcns;
1410 ULONG Reserved1;
1411 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
1412
1413 typedef struct _OBJECT_BASIC_INFO {
1414 ULONG Attributes;
1415 ACCESS_MASK GrantedAccess;
1416 ULONG HandleCount;
1417 ULONG ReferenceCount;
1418 ULONG PagedPoolUsage;
1419 ULONG NonPagedPoolUsage;
1420 ULONG Reserved[3];
1421 ULONG NameInformationLength;
1422 ULONG TypeInformationLength;
1423 ULONG SecurityDescriptorLength;
1424 LARGE_INTEGER CreateTime;
1425 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
1426
1427 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
1428 BOOLEAN Inherit;
1429 BOOLEAN ProtectFromClose;
1430 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
1431
1432 typedef struct _OBJECT_NAME_INFO {
1433 UNICODE_STRING ObjectName;
1434 WCHAR ObjectNameBuffer[1];
1435 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
1436
1437 typedef struct _OBJECT_PROTECTION_INFO {
1438 BOOLEAN Inherit;
1439 BOOLEAN ProtectHandle;
1440 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
1441
1442 typedef struct _OBJECT_TYPE_INFO {
1443 UNICODE_STRING ObjectTypeName;
1444 UCHAR Unknown[0x58];
1445 WCHAR ObjectTypeNameBuffer[1];
1446 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
1447
1448 typedef struct _OBJECT_ALL_TYPES_INFO {
1449 ULONG NumberOfObjectTypes;
1450 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
1451 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
1452
1453
1454 typedef struct _PATHNAME_BUFFER {
1455 ULONG PathNameLength;
1456 WCHAR Name[1];
1457 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
1458
1459 typedef enum _RTL_GENERIC_COMPARE_RESULTS
1460 {
1461 GenericLessThan,
1462 GenericGreaterThan,
1463 GenericEqual
1464 } RTL_GENERIC_COMPARE_RESULTS;
1465
1466 typedef enum _TABLE_SEARCH_RESULT
1467 {
1468 TableEmptyTree,
1469 TableFoundNode,
1470 TableInsertAsLeft,
1471 TableInsertAsRight
1472 } TABLE_SEARCH_RESULT;
1473
1474 typedef NTSTATUS
1475 (NTAPI *PRTL_AVL_MATCH_FUNCTION)(
1476 struct _RTL_AVL_TABLE *Table,
1477 PVOID UserData,
1478 PVOID MatchData
1479 );
1480
1481 typedef RTL_GENERIC_COMPARE_RESULTS
1482 (NTAPI *PRTL_AVL_COMPARE_ROUTINE) (
1483 struct _RTL_AVL_TABLE *Table,
1484 PVOID FirstStruct,
1485 PVOID SecondStruct
1486 );
1487
1488 typedef RTL_GENERIC_COMPARE_RESULTS
1489 (NTAPI *PRTL_GENERIC_COMPARE_ROUTINE) (
1490 struct _RTL_GENERIC_TABLE *Table,
1491 PVOID FirstStruct,
1492 PVOID SecondStruct
1493 );
1494
1495 typedef PVOID
1496 (NTAPI *PRTL_GENERIC_ALLOCATE_ROUTINE) (
1497 struct _RTL_GENERIC_TABLE *Table,
1498 CLONG ByteSize
1499 );
1500
1501 typedef VOID
1502 (NTAPI *PRTL_GENERIC_FREE_ROUTINE) (
1503 struct _RTL_GENERIC_TABLE *Table,
1504 PVOID Buffer
1505 );
1506
1507 typedef PVOID
1508 (NTAPI *PRTL_AVL_ALLOCATE_ROUTINE) (
1509 struct _RTL_AVL_TABLE *Table,
1510 CLONG ByteSize
1511 );
1512
1513 typedef VOID
1514 (NTAPI *PRTL_AVL_FREE_ROUTINE) (
1515 struct _RTL_AVL_TABLE *Table,
1516 PVOID Buffer
1517 );
1518
1519 typedef struct _PUBLIC_BCB {
1520 CSHORT NodeTypeCode;
1521 CSHORT NodeByteSize;
1522 ULONG MappedLength;
1523 LARGE_INTEGER MappedFileOffset;
1524 } PUBLIC_BCB, *PPUBLIC_BCB;
1525
1526 typedef struct _QUERY_PATH_REQUEST {
1527 ULONG PathNameLength;
1528 PIO_SECURITY_CONTEXT SecurityContext;
1529 WCHAR FilePathName[1];
1530 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
1531
1532 typedef struct _QUERY_PATH_RESPONSE {
1533 ULONG LengthAccepted;
1534 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
1535
1536 typedef struct _RETRIEVAL_POINTERS_BUFFER {
1537 ULONG ExtentCount;
1538 LARGE_INTEGER StartingVcn;
1539 struct {
1540 LARGE_INTEGER NextVcn;
1541 LARGE_INTEGER Lcn;
1542 } Extents[1];
1543 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
1544
1545 typedef struct _RTL_SPLAY_LINKS {
1546 struct _RTL_SPLAY_LINKS *Parent;
1547 struct _RTL_SPLAY_LINKS *LeftChild;
1548 struct _RTL_SPLAY_LINKS *RightChild;
1549 } RTL_SPLAY_LINKS, *PRTL_SPLAY_LINKS;
1550
1551 typedef struct _RTL_BALANCED_LINKS
1552 {
1553 struct _RTL_BALANCED_LINKS *Parent;
1554 struct _RTL_BALANCED_LINKS *LeftChild;
1555 struct _RTL_BALANCED_LINKS *RightChild;
1556 CHAR Balance;
1557 UCHAR Reserved[3];
1558 } RTL_BALANCED_LINKS, *PRTL_BALANCED_LINKS;
1559
1560 typedef struct _RTL_GENERIC_TABLE
1561 {
1562 PRTL_SPLAY_LINKS TableRoot;
1563 LIST_ENTRY InsertOrderList;
1564 PLIST_ENTRY OrderedPointer;
1565 ULONG WhichOrderedElement;
1566 ULONG NumberGenericTableElements;
1567 PRTL_GENERIC_COMPARE_ROUTINE CompareRoutine;
1568 PRTL_GENERIC_ALLOCATE_ROUTINE AllocateRoutine;
1569 PRTL_GENERIC_FREE_ROUTINE FreeRoutine;
1570 PVOID TableContext;
1571 } RTL_GENERIC_TABLE, *PRTL_GENERIC_TABLE;
1572
1573 typedef struct _RTL_AVL_TABLE
1574 {
1575 RTL_BALANCED_LINKS BalancedRoot;
1576 PVOID OrderedPointer;
1577 ULONG WhichOrderedElement;
1578 ULONG NumberGenericTableElements;
1579 ULONG DepthOfTree;
1580 PRTL_BALANCED_LINKS RestartKey;
1581 ULONG DeleteCount;
1582 PRTL_AVL_COMPARE_ROUTINE CompareRoutine;
1583 PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine;
1584 PRTL_AVL_FREE_ROUTINE FreeRoutine;
1585 PVOID TableContext;
1586 } RTL_AVL_TABLE, *PRTL_AVL_TABLE;
1587
1588 NTSYSAPI
1589 VOID
1590 NTAPI
1591 RtlInitializeGenericTableAvl(
1592 PRTL_AVL_TABLE Table,
1593 PRTL_AVL_COMPARE_ROUTINE CompareRoutine,
1594 PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine,
1595 PRTL_AVL_FREE_ROUTINE FreeRoutine,
1596 PVOID TableContext
1597 );
1598
1599 #if defined(USE_LPC6432)
1600 #define LPC_CLIENT_ID CLIENT_ID64
1601 #define LPC_SIZE_T ULONGLONG
1602 #define LPC_PVOID ULONGLONG
1603 #define LPC_HANDLE ULONGLONG
1604 #else
1605 #define LPC_CLIENT_ID CLIENT_ID
1606 #define LPC_SIZE_T SIZE_T
1607 #define LPC_PVOID PVOID
1608 #define LPC_HANDLE HANDLE
1609 #endif
1610
1611 typedef struct _PORT_MESSAGE
1612 {
1613 union
1614 {
1615 struct
1616 {
1617 CSHORT DataLength;
1618 CSHORT TotalLength;
1619 } s1;
1620 ULONG Length;
1621 } u1;
1622 union
1623 {
1624 struct
1625 {
1626 CSHORT Type;
1627 CSHORT DataInfoOffset;
1628 } s2;
1629 ULONG ZeroInit;
1630 } u2;
1631 union
1632 {
1633 LPC_CLIENT_ID ClientId;
1634 double DoNotUseThisField;
1635 };
1636 ULONG MessageId;
1637 union
1638 {
1639 LPC_SIZE_T ClientViewSize;
1640 ULONG CallbackId;
1641 };
1642 } PORT_MESSAGE, *PPORT_MESSAGE;
1643
1644 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1645
1646 typedef struct _PORT_VIEW
1647 {
1648 ULONG Length;
1649 LPC_HANDLE SectionHandle;
1650 ULONG SectionOffset;
1651 LPC_SIZE_T ViewSize;
1652 LPC_PVOID ViewBase;
1653 LPC_PVOID ViewRemoteBase;
1654 } PORT_VIEW, *PPORT_VIEW;
1655
1656 typedef struct _REMOTE_PORT_VIEW
1657 {
1658 ULONG Length;
1659 LPC_SIZE_T ViewSize;
1660 LPC_PVOID ViewBase;
1661 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
1662
1663 typedef struct _SE_EXPORTS {
1664
1665 LUID SeCreateTokenPrivilege;
1666 LUID SeAssignPrimaryTokenPrivilege;
1667 LUID SeLockMemoryPrivilege;
1668 LUID SeIncreaseQuotaPrivilege;
1669 LUID SeUnsolicitedInputPrivilege;
1670 LUID SeTcbPrivilege;
1671 LUID SeSecurityPrivilege;
1672 LUID SeTakeOwnershipPrivilege;
1673 LUID SeLoadDriverPrivilege;
1674 LUID SeCreatePagefilePrivilege;
1675 LUID SeIncreaseBasePriorityPrivilege;
1676 LUID SeSystemProfilePrivilege;
1677 LUID SeSystemtimePrivilege;
1678 LUID SeProfileSingleProcessPrivilege;
1679 LUID SeCreatePermanentPrivilege;
1680 LUID SeBackupPrivilege;
1681 LUID SeRestorePrivilege;
1682 LUID SeShutdownPrivilege;
1683 LUID SeDebugPrivilege;
1684 LUID SeAuditPrivilege;
1685 LUID SeSystemEnvironmentPrivilege;
1686 LUID SeChangeNotifyPrivilege;
1687 LUID SeRemoteShutdownPrivilege;
1688
1689 PSID SeNullSid;
1690 PSID SeWorldSid;
1691 PSID SeLocalSid;
1692 PSID SeCreatorOwnerSid;
1693 PSID SeCreatorGroupSid;
1694
1695 PSID SeNtAuthoritySid;
1696 PSID SeDialupSid;
1697 PSID SeNetworkSid;
1698 PSID SeBatchSid;
1699 PSID SeInteractiveSid;
1700 PSID SeLocalSystemSid;
1701 PSID SeAliasAdminsSid;
1702 PSID SeAliasUsersSid;
1703 PSID SeAliasGuestsSid;
1704 PSID SeAliasPowerUsersSid;
1705 PSID SeAliasAccountOpsSid;
1706 PSID SeAliasSystemOpsSid;
1707 PSID SeAliasPrintOpsSid;
1708 PSID SeAliasBackupOpsSid;
1709
1710 PSID SeAuthenticatedUsersSid;
1711
1712 PSID SeRestrictedSid;
1713 PSID SeAnonymousLogonSid;
1714
1715 LUID SeUndockPrivilege;
1716 LUID SeSyncAgentPrivilege;
1717 LUID SeEnableDelegationPrivilege;
1718
1719 } SE_EXPORTS, *PSE_EXPORTS;
1720
1721 typedef struct
1722 {
1723 LARGE_INTEGER StartingLcn;
1724 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
1725
1726 typedef struct _STARTING_VCN_INPUT_BUFFER {
1727 LARGE_INTEGER StartingVcn;
1728 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
1729
1730 typedef struct _SECURITY_CLIENT_CONTEXT {
1731 SECURITY_QUALITY_OF_SERVICE SecurityQos;
1732 PACCESS_TOKEN ClientToken;
1733 BOOLEAN DirectlyAccessClientToken;
1734 BOOLEAN DirectAccessEffectiveOnly;
1735 BOOLEAN ServerIsRemote;
1736 TOKEN_CONTROL ClientTokenControl;
1737 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
1738
1739 typedef struct _ACE_HEADER
1740 {
1741 UCHAR AceType;
1742 UCHAR AceFlags;
1743 USHORT AceSize;
1744 } ACE_HEADER, *PACE_HEADER;
1745
1746 typedef struct _ACCESS_ALLOWED_ACE
1747 {
1748 ACE_HEADER Header;
1749 ACCESS_MASK Mask;
1750 ULONG SidStart;
1751 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
1752
1753 typedef struct _ACCESS_DENIED_ACE
1754 {
1755 ACE_HEADER Header;
1756 ACCESS_MASK Mask;
1757 ULONG SidStart;
1758 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
1759
1760 typedef struct _SYSTEM_AUDIT_ACE
1761 {
1762 ACE_HEADER Header;
1763 ACCESS_MASK Mask;
1764 ULONG SidStart;
1765 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
1766
1767 typedef struct _SYSTEM_ALARM_ACE
1768 {
1769 ACE_HEADER Header;
1770 ACCESS_MASK Mask;
1771 ULONG SidStart;
1772 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
1773
1774 typedef struct _SYSTEM_MANDATORY_LABEL_ACE
1775 {
1776 ACE_HEADER Header;
1777 ACCESS_MASK Mask;
1778 ULONG SidStart;
1779 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
1780
1781 typedef struct _TUNNEL {
1782 FAST_MUTEX Mutex;
1783 PRTL_SPLAY_LINKS Cache;
1784 LIST_ENTRY TimerQueue;
1785 USHORT NumEntries;
1786 } TUNNEL, *PTUNNEL;
1787
1788 typedef struct _VAD_HEADER {
1789 PVOID StartVPN;
1790 PVOID EndVPN;
1791 PVAD_HEADER ParentLink;
1792 PVAD_HEADER LeftLink;
1793 PVAD_HEADER RightLink;
1794 ULONG Flags; /* LSB = CommitCharge */
1795 PVOID ControlArea;
1796 PVOID FirstProtoPte;
1797 PVOID LastPTE;
1798 ULONG Unknown;
1799 LIST_ENTRY Secured;
1800 } VAD_HEADER, *PVAD_HEADER;
1801
1802 typedef struct
1803 {
1804 LARGE_INTEGER StartingLcn;
1805 LARGE_INTEGER BitmapSize;
1806 UCHAR Buffer[1];
1807 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
1808
1809 #if (VER_PRODUCTBUILD >= 2600)
1810
1811 typedef BOOLEAN
1812 (NTAPI *PFILTER_REPORT_CHANGE) (
1813 IN PVOID NotifyContext,
1814 IN PVOID FilterContext
1815 );
1816
1817 typedef enum _FS_FILTER_SECTION_SYNC_TYPE {
1818 SyncTypeOther = 0,
1819 SyncTypeCreateSection
1820 } FS_FILTER_SECTION_SYNC_TYPE, *PFS_FILTER_SECTION_SYNC_TYPE;
1821
1822 typedef enum _FS_FILTER_STREAM_FO_NOTIFICATION_TYPE {
1823 NotifyTypeCreate = 0,
1824 NotifyTypeRetired
1825 } FS_FILTER_STREAM_FO_NOTIFICATION_TYPE, *PFS_FILTER_STREAM_FO_NOTIFICATION_TYPE;
1826
1827 typedef union _FS_FILTER_PARAMETERS {
1828 struct {
1829 PLARGE_INTEGER EndingOffset;
1830 PERESOURCE *ResourceToRelease;
1831 } AcquireForModifiedPageWriter;
1832
1833 struct {
1834 PERESOURCE ResourceToRelease;
1835 } ReleaseForModifiedPageWriter;
1836
1837 struct {
1838 FS_FILTER_SECTION_SYNC_TYPE SyncType;
1839 ULONG PageProtection;
1840 } AcquireForSectionSynchronization;
1841
1842 struct {
1843 FS_FILTER_STREAM_FO_NOTIFICATION_TYPE NotificationType;
1844 BOOLEAN POINTER_ALIGNMENT SafeToRecurse;
1845 } NotifyStreamFileObject;
1846
1847 struct {
1848 PVOID Argument1;
1849 PVOID Argument2;
1850 PVOID Argument3;
1851 PVOID Argument4;
1852 PVOID Argument5;
1853 } Others;
1854 } FS_FILTER_PARAMETERS, *PFS_FILTER_PARAMETERS;
1855
1856 typedef struct _FS_FILTER_CALLBACK_DATA {
1857 ULONG SizeOfFsFilterCallbackData;
1858 UCHAR Operation;
1859 UCHAR Reserved;
1860 struct _DEVICE_OBJECT *DeviceObject;
1861 struct _FILE_OBJECT *FileObject;
1862 FS_FILTER_PARAMETERS Parameters;
1863 } FS_FILTER_CALLBACK_DATA, *PFS_FILTER_CALLBACK_DATA;
1864
1865 typedef NTSTATUS
1866 (NTAPI *PFS_FILTER_CALLBACK) (
1867 IN PFS_FILTER_CALLBACK_DATA Data,
1868 OUT PVOID *CompletionContext
1869 );
1870
1871 typedef VOID
1872 (NTAPI *PFS_FILTER_COMPLETION_CALLBACK) (
1873 IN PFS_FILTER_CALLBACK_DATA Data,
1874 IN NTSTATUS OperationStatus,
1875 IN PVOID CompletionContext
1876 );
1877
1878 typedef struct _FS_FILTER_CALLBACKS {
1879 ULONG SizeOfFsFilterCallbacks;
1880 ULONG Reserved;
1881 PFS_FILTER_CALLBACK PreAcquireForSectionSynchronization;
1882 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForSectionSynchronization;
1883 PFS_FILTER_CALLBACK PreReleaseForSectionSynchronization;
1884 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForSectionSynchronization;
1885 PFS_FILTER_CALLBACK PreAcquireForCcFlush;
1886 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForCcFlush;
1887 PFS_FILTER_CALLBACK PreReleaseForCcFlush;
1888 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForCcFlush;
1889 PFS_FILTER_CALLBACK PreAcquireForModifiedPageWriter;
1890 PFS_FILTER_COMPLETION_CALLBACK PostAcquireForModifiedPageWriter;
1891 PFS_FILTER_CALLBACK PreReleaseForModifiedPageWriter;
1892 PFS_FILTER_COMPLETION_CALLBACK PostReleaseForModifiedPageWriter;
1893 } FS_FILTER_CALLBACKS, *PFS_FILTER_CALLBACKS;
1894
1895 typedef struct _READ_LIST {
1896 PFILE_OBJECT FileObject;
1897 ULONG NumberOfEntries;
1898 LOGICAL IsImage;
1899 FILE_SEGMENT_ELEMENT List[ANYSIZE_ARRAY];
1900 } READ_LIST, *PREAD_LIST;
1901
1902 #endif
1903
1904 typedef NTSTATUS
1905 (NTAPI * PRTL_HEAP_COMMIT_ROUTINE) (
1906 IN PVOID Base,
1907 IN OUT PVOID *CommitAddress,
1908 IN OUT PSIZE_T CommitSize
1909 );
1910
1911 typedef struct _RTL_HEAP_PARAMETERS {
1912 ULONG Length;
1913 SIZE_T SegmentReserve;
1914 SIZE_T SegmentCommit;
1915 SIZE_T DeCommitFreeBlockThreshold;
1916 SIZE_T DeCommitTotalFreeThreshold;
1917 SIZE_T MaximumAllocationSize;
1918 SIZE_T VirtualMemoryThreshold;
1919 SIZE_T InitialCommit;
1920 SIZE_T InitialReserve;
1921 PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
1922 SIZE_T Reserved[2];
1923 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
1924
1925 NTKERNELAPI
1926 BOOLEAN
1927 NTAPI
1928 CcCanIWrite (
1929 IN PFILE_OBJECT FileObject,
1930 IN ULONG BytesToWrite,
1931 IN BOOLEAN Wait,
1932 IN BOOLEAN Retrying
1933 );
1934
1935 NTKERNELAPI
1936 BOOLEAN
1937 NTAPI
1938 CcCopyRead (
1939 IN PFILE_OBJECT FileObject,
1940 IN PLARGE_INTEGER FileOffset,
1941 IN ULONG Length,
1942 IN BOOLEAN Wait,
1943 OUT PVOID Buffer,
1944 OUT PIO_STATUS_BLOCK IoStatus
1945 );
1946
1947 NTKERNELAPI
1948 BOOLEAN
1949 NTAPI
1950 CcCopyWrite (
1951 IN PFILE_OBJECT FileObject,
1952 IN PLARGE_INTEGER FileOffset,
1953 IN ULONG Length,
1954 IN BOOLEAN Wait,
1955 IN PVOID Buffer
1956 );
1957
1958 #define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
1959
1960 typedef VOID (NTAPI *PCC_POST_DEFERRED_WRITE) (
1961 IN PVOID Context1,
1962 IN PVOID Context2
1963 );
1964
1965 NTKERNELAPI
1966 VOID
1967 NTAPI
1968 CcDeferWrite (
1969 IN PFILE_OBJECT FileObject,
1970 IN PCC_POST_DEFERRED_WRITE PostRoutine,
1971 IN PVOID Context1,
1972 IN PVOID Context2,
1973 IN ULONG BytesToWrite,
1974 IN BOOLEAN Retrying
1975 );
1976
1977 NTKERNELAPI
1978 VOID
1979 NTAPI
1980 CcFastCopyRead (
1981 IN PFILE_OBJECT FileObject,
1982 IN ULONG FileOffset,
1983 IN ULONG Length,
1984 IN ULONG PageCount,
1985 OUT PVOID Buffer,
1986 OUT PIO_STATUS_BLOCK IoStatus
1987 );
1988
1989 NTKERNELAPI
1990 VOID
1991 NTAPI
1992 CcFastCopyWrite (
1993 IN PFILE_OBJECT FileObject,
1994 IN ULONG FileOffset,
1995 IN ULONG Length,
1996 IN PVOID Buffer
1997 );
1998
1999 NTKERNELAPI
2000 VOID
2001 NTAPI
2002 CcFlushCache (
2003 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
2004 IN PLARGE_INTEGER FileOffset OPTIONAL,
2005 IN ULONG Length,
2006 OUT PIO_STATUS_BLOCK IoStatus OPTIONAL
2007 );
2008
2009 typedef VOID (*PDIRTY_PAGE_ROUTINE) (
2010 IN PFILE_OBJECT FileObject,
2011 IN PLARGE_INTEGER FileOffset,
2012 IN ULONG Length,
2013 IN PLARGE_INTEGER OldestLsn,
2014 IN PLARGE_INTEGER NewestLsn,
2015 IN PVOID Context1,
2016 IN PVOID Context2
2017 );
2018
2019 NTKERNELAPI
2020 LARGE_INTEGER
2021 NTAPI
2022 CcGetDirtyPages (
2023 IN PVOID LogHandle,
2024 IN PDIRTY_PAGE_ROUTINE DirtyPageRoutine,
2025 IN PVOID Context1,
2026 IN PVOID Context2
2027 );
2028
2029 NTKERNELAPI
2030 PFILE_OBJECT
2031 NTAPI
2032 CcGetFileObjectFromBcb (
2033 IN PVOID Bcb
2034 );
2035
2036 NTKERNELAPI
2037 PFILE_OBJECT
2038 NTAPI
2039 CcGetFileObjectFromSectionPtrs (
2040 IN PSECTION_OBJECT_POINTERS SectionObjectPointer
2041 );
2042
2043 #define CcGetFileSizePointer(FO) ( \
2044 ((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
2045 )
2046
2047 #if (VER_PRODUCTBUILD >= 2195)
2048
2049 NTKERNELAPI
2050 LARGE_INTEGER
2051 NTAPI
2052 CcGetFlushedValidData (
2053 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
2054 IN BOOLEAN BcbListHeld
2055 );
2056
2057 #endif /* (VER_PRODUCTBUILD >= 2195) */
2058
2059 NTKERNELAPI
2060 LARGE_INTEGER
2061 NTAPI
2062 CcGetLsnForFileObject (
2063 IN PFILE_OBJECT FileObject,
2064 OUT PLARGE_INTEGER OldestLsn OPTIONAL
2065 );
2066
2067 typedef BOOLEAN (NTAPI *PACQUIRE_FOR_LAZY_WRITE) (
2068 IN PVOID Context,
2069 IN BOOLEAN Wait
2070 );
2071
2072 typedef VOID (NTAPI *PRELEASE_FROM_LAZY_WRITE) (
2073 IN PVOID Context
2074 );
2075
2076 typedef BOOLEAN (NTAPI *PACQUIRE_FOR_READ_AHEAD) (
2077 IN PVOID Context,
2078 IN BOOLEAN Wait
2079 );
2080
2081 typedef VOID (NTAPI *PRELEASE_FROM_READ_AHEAD) (
2082 IN PVOID Context
2083 );
2084
2085 typedef struct _CACHE_MANAGER_CALLBACKS {
2086 PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite;
2087 PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite;
2088 PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead;
2089 PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead;
2090 } CACHE_MANAGER_CALLBACKS, *PCACHE_MANAGER_CALLBACKS;
2091
2092 NTKERNELAPI
2093 VOID
2094 NTAPI
2095 CcInitializeCacheMap (
2096 IN PFILE_OBJECT FileObject,
2097 IN PCC_FILE_SIZES FileSizes,
2098 IN BOOLEAN PinAccess,
2099 IN PCACHE_MANAGER_CALLBACKS Callbacks,
2100 IN PVOID LazyWriteContext
2101 );
2102
2103 #define CcIsFileCached(FO) ( \
2104 ((FO)->SectionObjectPointer != NULL) && \
2105 (((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
2106 )
2107
2108 extern ULONG CcFastMdlReadWait;
2109
2110 NTKERNELAPI
2111 BOOLEAN
2112 NTAPI
2113 CcIsThereDirtyData (
2114 IN PVPB Vpb
2115 );
2116
2117 NTKERNELAPI
2118 BOOLEAN
2119 NTAPI
2120 CcMapData (
2121 IN PFILE_OBJECT FileObject,
2122 IN PLARGE_INTEGER FileOffset,
2123 IN ULONG Length,
2124 IN ULONG Flags,
2125 OUT PVOID *Bcb,
2126 OUT PVOID *Buffer
2127 );
2128
2129 NTKERNELAPI
2130 VOID
2131 NTAPI
2132 CcMdlRead (
2133 IN PFILE_OBJECT FileObject,
2134 IN PLARGE_INTEGER FileOffset,
2135 IN ULONG Length,
2136 OUT PMDL *MdlChain,
2137 OUT PIO_STATUS_BLOCK IoStatus
2138 );
2139
2140 NTKERNELAPI
2141 VOID
2142 NTAPI
2143 CcMdlReadComplete (
2144 IN PFILE_OBJECT FileObject,
2145 IN PMDL MdlChain
2146 );
2147
2148 NTKERNELAPI
2149 VOID
2150 NTAPI
2151 CcMdlWriteComplete (
2152 IN PFILE_OBJECT FileObject,
2153 IN PLARGE_INTEGER FileOffset,
2154 IN PMDL MdlChain
2155 );
2156
2157 #define MAP_WAIT 1
2158
2159 NTKERNELAPI
2160 BOOLEAN
2161 NTAPI
2162 CcPinMappedData (
2163 IN PFILE_OBJECT FileObject,
2164 IN PLARGE_INTEGER FileOffset,
2165 IN ULONG Length,
2166 IN ULONG Flags,
2167 IN OUT PVOID *Bcb
2168 );
2169
2170 NTKERNELAPI
2171 BOOLEAN
2172 NTAPI
2173 CcPinRead (
2174 IN PFILE_OBJECT FileObject,
2175 IN PLARGE_INTEGER FileOffset,
2176 IN ULONG Length,
2177 IN ULONG Flags,
2178 OUT PVOID *Bcb,
2179 OUT PVOID *Buffer
2180 );
2181
2182 NTKERNELAPI
2183 VOID
2184 NTAPI
2185 CcPrepareMdlWrite (
2186 IN PFILE_OBJECT FileObject,
2187 IN PLARGE_INTEGER FileOffset,
2188 IN ULONG Length,
2189 OUT PMDL *MdlChain,
2190 OUT PIO_STATUS_BLOCK IoStatus
2191 );
2192
2193 NTKERNELAPI
2194 BOOLEAN
2195 NTAPI
2196 CcPreparePinWrite (
2197 IN PFILE_OBJECT FileObject,
2198 IN PLARGE_INTEGER FileOffset,
2199 IN ULONG Length,
2200 IN BOOLEAN Zero,
2201 IN ULONG Flags,
2202 OUT PVOID *Bcb,
2203 OUT PVOID *Buffer
2204 );
2205
2206 NTKERNELAPI
2207 BOOLEAN
2208 NTAPI
2209 CcPurgeCacheSection (
2210 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
2211 IN PLARGE_INTEGER FileOffset OPTIONAL,
2212 IN ULONG Length,
2213 IN BOOLEAN UninitializeCacheMaps
2214 );
2215
2216 #define CcReadAhead(FO, FOFF, LEN) ( \
2217 if ((LEN) >= 256) { \
2218 CcScheduleReadAhead((FO), (FOFF), (LEN)); \
2219 } \
2220 )
2221
2222 #if (VER_PRODUCTBUILD >= 2195)
2223
2224 NTKERNELAPI
2225 PVOID
2226 NTAPI
2227 CcRemapBcb (
2228 IN PVOID Bcb
2229 );
2230
2231 #endif /* (VER_PRODUCTBUILD >= 2195) */
2232
2233 NTKERNELAPI
2234 VOID
2235 NTAPI
2236 CcRepinBcb (
2237 IN PVOID Bcb
2238 );
2239
2240 NTKERNELAPI
2241 VOID
2242 NTAPI
2243 CcScheduleReadAhead (
2244 IN PFILE_OBJECT FileObject,
2245 IN PLARGE_INTEGER FileOffset,
2246 IN ULONG Length
2247 );
2248
2249 NTKERNELAPI
2250 VOID
2251 NTAPI
2252 CcSetAdditionalCacheAttributes (
2253 IN PFILE_OBJECT FileObject,
2254 IN BOOLEAN DisableReadAhead,
2255 IN BOOLEAN DisableWriteBehind
2256 );
2257
2258 NTKERNELAPI
2259 VOID
2260 NTAPI
2261 CcSetBcbOwnerPointer (
2262 IN PVOID Bcb,
2263 IN PVOID OwnerPointer
2264 );
2265
2266 NTKERNELAPI
2267 VOID
2268 NTAPI
2269 CcSetDirtyPageThreshold (
2270 IN PFILE_OBJECT FileObject,
2271 IN ULONG DirtyPageThreshold
2272 );
2273
2274 NTKERNELAPI
2275 VOID
2276 NTAPI
2277 CcSetDirtyPinnedData (
2278 IN PVOID BcbVoid,
2279 IN PLARGE_INTEGER Lsn OPTIONAL
2280 );
2281
2282 NTKERNELAPI
2283 VOID
2284 NTAPI
2285 CcSetFileSizes (
2286 IN PFILE_OBJECT FileObject,
2287 IN PCC_FILE_SIZES FileSizes
2288 );
2289
2290 typedef VOID (NTAPI *PFLUSH_TO_LSN) (
2291 IN PVOID LogHandle,
2292 IN LARGE_INTEGER Lsn
2293 );
2294
2295 NTKERNELAPI
2296 VOID
2297 NTAPI
2298 CcSetLogHandleForFile (
2299 IN PFILE_OBJECT FileObject,
2300 IN PVOID LogHandle,
2301 IN PFLUSH_TO_LSN FlushToLsnRoutine
2302 );
2303
2304 NTKERNELAPI
2305 VOID
2306 NTAPI
2307 CcSetReadAheadGranularity (
2308 IN PFILE_OBJECT FileObject,
2309 IN ULONG Granularity /* default: PAGE_SIZE */
2310 /* allowed: 2^n * PAGE_SIZE */
2311 );
2312
2313 NTKERNELAPI
2314 BOOLEAN
2315 NTAPI
2316 CcUninitializeCacheMap (
2317 IN PFILE_OBJECT FileObject,
2318 IN PLARGE_INTEGER TruncateSize OPTIONAL,
2319 IN PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent OPTIONAL
2320 );
2321
2322 NTKERNELAPI
2323 VOID
2324 NTAPI
2325 CcUnpinData (
2326 IN PVOID Bcb
2327 );
2328
2329 NTKERNELAPI
2330 VOID
2331 NTAPI
2332 CcUnpinDataForThread (
2333 IN PVOID Bcb,
2334 IN ERESOURCE_THREAD ResourceThreadId
2335 );
2336
2337 NTKERNELAPI
2338 VOID
2339 NTAPI
2340 CcUnpinRepinnedBcb (
2341 IN PVOID Bcb,
2342 IN BOOLEAN WriteThrough,
2343 OUT PIO_STATUS_BLOCK IoStatus
2344 );
2345
2346 #if (VER_PRODUCTBUILD >= 2195)
2347
2348 NTKERNELAPI
2349 NTSTATUS
2350 NTAPI
2351 CcWaitForCurrentLazyWriterActivity (
2352 VOID
2353 );
2354
2355 #endif /* (VER_PRODUCTBUILD >= 2195) */
2356
2357 NTKERNELAPI
2358 BOOLEAN
2359 NTAPI
2360 CcZeroData (
2361 IN PFILE_OBJECT FileObject,
2362 IN PLARGE_INTEGER StartOffset,
2363 IN PLARGE_INTEGER EndOffset,
2364 IN BOOLEAN Wait
2365 );
2366
2367 NTKERNELAPI
2368 VOID
2369 NTAPI
2370 ExDisableResourceBoostLite (
2371 IN PERESOURCE Resource
2372 );
2373
2374 NTKERNELAPI
2375 ULONG
2376 NTAPI
2377 ExQueryPoolBlockSize (
2378 IN PVOID PoolBlock,
2379 OUT PBOOLEAN QuotaCharged
2380 );
2381
2382 #if (VER_PRODUCTBUILD >= 2600)
2383
2384 #ifndef __NTOSKRNL__
2385 NTKERNELAPI
2386 VOID
2387 FASTCALL
2388 ExInitializeRundownProtection (
2389 IN PEX_RUNDOWN_REF RunRef
2390 );
2391
2392 NTKERNELAPI
2393 VOID
2394 FASTCALL
2395 ExReInitializeRundownProtection (
2396 IN PEX_RUNDOWN_REF RunRef
2397 );
2398
2399 NTKERNELAPI
2400 BOOLEAN
2401 FASTCALL
2402 ExAcquireRundownProtection (
2403 IN PEX_RUNDOWN_REF RunRef
2404 );
2405
2406 NTKERNELAPI
2407 BOOLEAN
2408 FASTCALL
2409 ExAcquireRundownProtectionEx (
2410 IN PEX_RUNDOWN_REF RunRef,
2411 IN ULONG Count
2412 );
2413
2414 NTKERNELAPI
2415 VOID
2416 FASTCALL
2417 ExReleaseRundownProtection (
2418 IN PEX_RUNDOWN_REF RunRef
2419 );
2420
2421 NTKERNELAPI
2422 VOID
2423 FASTCALL
2424 ExReleaseRundownProtectionEx (
2425 IN PEX_RUNDOWN_REF RunRef,
2426 IN ULONG Count
2427 );
2428
2429 NTKERNELAPI
2430 VOID
2431 FASTCALL
2432 ExRundownCompleted (
2433 IN PEX_RUNDOWN_REF RunRef
2434 );
2435
2436 NTKERNELAPI
2437 VOID
2438 FASTCALL
2439 ExWaitForRundownProtectionRelease (
2440 IN PEX_RUNDOWN_REF RunRef
2441 );
2442
2443 #endif
2444 #endif /* (VER_PRODUCTBUILD >= 2600) */
2445
2446 #define FlagOn(x, f) ((x) & (f))
2447
2448 NTKERNELAPI
2449 VOID
2450 NTAPI
2451 FsRtlAddToTunnelCache (
2452 IN PTUNNEL Cache,
2453 IN ULONGLONG DirectoryKey,
2454 IN PUNICODE_STRING ShortName,
2455 IN PUNICODE_STRING LongName,
2456 IN BOOLEAN KeyByShortName,
2457 IN ULONG DataLength,
2458 IN PVOID Data
2459 );
2460
2461 #if (VER_PRODUCTBUILD >= 2195)
2462
2463 PFILE_LOCK
2464 NTAPI
2465 FsRtlAllocateFileLock (
2466 IN PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine OPTIONAL,
2467 IN PUNLOCK_ROUTINE UnlockRoutine OPTIONAL
2468 );
2469
2470 #endif /* (VER_PRODUCTBUILD >= 2195) */
2471
2472 NTKERNELAPI
2473 PVOID
2474 NTAPI
2475 FsRtlAllocatePool (
2476 IN POOL_TYPE PoolType,
2477 IN ULONG NumberOfBytes
2478 );
2479
2480 NTKERNELAPI
2481 PVOID
2482 NTAPI
2483 FsRtlAllocatePoolWithQuota (
2484 IN POOL_TYPE PoolType,
2485 IN ULONG NumberOfBytes
2486 );
2487
2488 NTKERNELAPI
2489 PVOID
2490 NTAPI
2491 FsRtlAllocatePoolWithQuotaTag (
2492 IN POOL_TYPE PoolType,
2493 IN ULONG NumberOfBytes,
2494 IN ULONG Tag
2495 );
2496
2497 NTKERNELAPI
2498 PVOID
2499 NTAPI
2500 FsRtlAllocatePoolWithTag (
2501 IN POOL_TYPE PoolType,
2502 IN ULONG NumberOfBytes,
2503 IN ULONG Tag
2504 );
2505
2506 NTKERNELAPI
2507 BOOLEAN
2508 NTAPI
2509 FsRtlAreNamesEqual (
2510 IN PCUNICODE_STRING Name1,
2511 IN PCUNICODE_STRING Name2,
2512 IN BOOLEAN IgnoreCase,
2513 IN PCWCH UpcaseTable OPTIONAL
2514 );
2515
2516 #define FsRtlAreThereCurrentFileLocks(FL) ( \
2517 ((FL)->FastIoIsQuestionable) \
2518 )
2519
2520 /*
2521 FsRtlCheckLockForReadAccess:
2522
2523 All this really does is pick out the lock parameters from the irp (io stack
2524 location?), get IoGetRequestorProcess, and pass values on to
2525 FsRtlFastCheckLockForRead.
2526 */
2527 NTKERNELAPI
2528 BOOLEAN
2529 NTAPI
2530 FsRtlCheckLockForReadAccess (
2531 IN PFILE_LOCK FileLock,
2532 IN PIRP Irp
2533 );
2534
2535 /*
2536 FsRtlCheckLockForWriteAccess:
2537
2538 All this really does is pick out the lock parameters from the irp (io stack
2539 location?), get IoGetRequestorProcess, and pass values on to
2540 FsRtlFastCheckLockForWrite.
2541 */
2542 NTKERNELAPI
2543 BOOLEAN
2544 NTAPI
2545 FsRtlCheckLockForWriteAccess (
2546 IN PFILE_LOCK FileLock,
2547 IN PIRP Irp
2548 );
2549
2550 typedef
2551 VOID
2552 (NTAPI*POPLOCK_WAIT_COMPLETE_ROUTINE) (
2553 IN PVOID Context,
2554 IN PIRP Irp
2555 );
2556
2557 typedef
2558 VOID
2559 (NTAPI*POPLOCK_FS_PREPOST_IRP) (
2560 IN PVOID Context,
2561 IN PIRP Irp
2562 );
2563
2564 NTKERNELAPI
2565 NTSTATUS
2566 NTAPI
2567 FsRtlCheckOplock (
2568 IN POPLOCK Oplock,
2569 IN PIRP Irp,
2570 IN PVOID Context,
2571 IN POPLOCK_WAIT_COMPLETE_ROUTINE CompletionRoutine OPTIONAL,
2572 IN POPLOCK_FS_PREPOST_IRP PostIrpRoutine OPTIONAL
2573 );
2574
2575 NTKERNELAPI
2576 BOOLEAN
2577 NTAPI
2578 FsRtlCopyRead (
2579 IN PFILE_OBJECT FileObject,
2580 IN PLARGE_INTEGER FileOffset,
2581 IN ULONG Length,
2582 IN BOOLEAN Wait,
2583 IN ULONG LockKey,
2584 OUT PVOID Buffer,
2585 OUT PIO_STATUS_BLOCK IoStatus,
2586 IN PDEVICE_OBJECT DeviceObject
2587 );
2588
2589 NTKERNELAPI
2590 BOOLEAN
2591 NTAPI
2592 FsRtlCopyWrite (
2593 IN PFILE_OBJECT FileObject,
2594 IN PLARGE_INTEGER FileOffset,
2595 IN ULONG Length,
2596 IN BOOLEAN Wait,
2597 IN ULONG LockKey,
2598 IN PVOID Buffer,
2599 OUT PIO_STATUS_BLOCK IoStatus,
2600 IN PDEVICE_OBJECT DeviceObject
2601 );
2602
2603 NTSYSAPI
2604 PVOID
2605 NTAPI
2606 RtlCreateHeap (
2607 IN ULONG Flags,
2608 IN PVOID HeapBase OPTIONAL,
2609 IN SIZE_T ReserveSize OPTIONAL,
2610 IN SIZE_T CommitSize OPTIONAL,
2611 IN PVOID Lock OPTIONAL,
2612 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL
2613 );
2614
2615 NTKERNELAPI
2616 BOOLEAN
2617 NTAPI
2618 FsRtlCurrentBatchOplock (
2619 IN POPLOCK Oplock
2620 );
2621
2622 NTKERNELAPI
2623 VOID
2624 NTAPI
2625 FsRtlDeleteKeyFromTunnelCache (
2626 IN PTUNNEL Cache,
2627 IN ULONGLONG DirectoryKey
2628 );
2629
2630 NTKERNELAPI
2631 VOID
2632 NTAPI
2633 FsRtlDeleteTunnelCache (
2634 IN PTUNNEL Cache
2635 );
2636
2637 NTKERNELAPI
2638 VOID
2639 NTAPI
2640 FsRtlDeregisterUncProvider (
2641 IN HANDLE Handle
2642 );
2643
2644 NTSYSAPI
2645 PVOID
2646 NTAPI
2647 RtlDestroyHeap(
2648 IN PVOID HeapHandle
2649 );
2650
2651 NTKERNELAPI
2652 VOID
2653 NTAPI
2654 FsRtlDissectDbcs (
2655 IN ANSI_STRING Name,
2656 OUT PANSI_STRING FirstPart,
2657 OUT PANSI_STRING RemainingPart
2658 );
2659
2660 NTKERNELAPI
2661 VOID
2662 NTAPI
2663 FsRtlDissectName (
2664 IN UNICODE_STRING Name,
2665 OUT PUNICODE_STRING FirstPart,
2666 OUT PUNICODE_STRING RemainingPart
2667 );
2668
2669 NTKERNELAPI
2670 BOOLEAN
2671 NTAPI
2672 FsRtlDoesDbcsContainWildCards (
2673 IN PANSI_STRING Name
2674 );
2675
2676 NTKERNELAPI
2677 BOOLEAN
2678 NTAPI
2679 FsRtlDoesNameContainWildCards (
2680 IN PUNICODE_STRING Name
2681 );
2682
2683 #define FsRtlCompleteRequest(IRP,STATUS) { \
2684 (IRP)->IoStatus.Status = (STATUS); \
2685 IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
2686 }
2687
2688 #define FsRtlEnterFileSystem KeEnterCriticalRegion
2689
2690 #define FsRtlExitFileSystem KeLeaveCriticalRegion
2691
2692 NTKERNELAPI
2693 BOOLEAN
2694 NTAPI
2695 FsRtlFastCheckLockForRead (
2696 IN PFILE_LOCK FileLock,
2697 IN PLARGE_INTEGER FileOffset,
2698 IN PLARGE_INTEGER Length,
2699 IN ULONG Key,
2700 IN PFILE_OBJECT FileObject,
2701 IN PEPROCESS Process
2702 );
2703
2704 NTKERNELAPI
2705 BOOLEAN
2706 NTAPI
2707 FsRtlFastCheckLockForWrite (
2708 IN PFILE_LOCK FileLock,
2709 IN PLARGE_INTEGER FileOffset,
2710 IN PLARGE_INTEGER Length,
2711 IN ULONG Key,
2712 IN PFILE_OBJECT FileObject,
2713 IN PEPROCESS Process
2714 );
2715
2716 #define FsRtlFastLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11) ( \
2717 FsRtlPrivateLock(A1, A2, A3, A4, A5, A6, A7, A8, A9, NULL, A10, A11) \
2718 )
2719
2720 NTKERNELAPI
2721 NTSTATUS
2722 NTAPI
2723 FsRtlFastUnlockAll (
2724 IN PFILE_LOCK FileLock,
2725 IN PFILE_OBJECT FileObject,
2726 IN PEPROCESS Process,
2727 IN PVOID Context OPTIONAL
2728 );
2729 /* ret: STATUS_RANGE_NOT_LOCKED */
2730
2731 NTKERNELAPI
2732 NTSTATUS
2733 NTAPI
2734 FsRtlFastUnlockAllByKey (
2735 IN PFILE_LOCK FileLock,
2736 IN PFILE_OBJECT FileObject,
2737 IN PEPROCESS Process,
2738 IN ULONG Key,
2739 IN PVOID Context OPTIONAL
2740 );
2741 /* ret: STATUS_RANGE_NOT_LOCKED */
2742
2743 NTKERNELAPI
2744 NTSTATUS
2745 NTAPI
2746 FsRtlFastUnlockSingle (
2747 IN PFILE_LOCK FileLock,
2748 IN PFILE_OBJECT FileObject,
2749 IN PLARGE_INTEGER FileOffset,
2750 IN PLARGE_INTEGER Length,
2751 IN PEPROCESS Process,
2752 IN ULONG Key,
2753 IN PVOID Context OPTIONAL,
2754 IN BOOLEAN AlreadySynchronized
2755 );
2756 /* ret: STATUS_RANGE_NOT_LOCKED */
2757
2758 NTKERNELAPI
2759 BOOLEAN
2760 NTAPI
2761 FsRtlFindInTunnelCache (
2762 IN PTUNNEL Cache,
2763 IN ULONGLONG DirectoryKey,
2764 IN PUNICODE_STRING Name,
2765 OUT PUNICODE_STRING ShortName,
2766 OUT PUNICODE_STRING LongName,
2767 IN OUT PULONG DataLength,
2768 OUT PVOID Data
2769 );
2770
2771 #if (VER_PRODUCTBUILD >= 2195)
2772
2773 NTKERNELAPI
2774 VOID
2775 NTAPI
2776 FsRtlFreeFileLock (
2777 IN PFILE_LOCK FileLock
2778 );
2779
2780 #endif /* (VER_PRODUCTBUILD >= 2195) */
2781
2782 NTKERNELAPI
2783 NTSTATUS
2784 NTAPI
2785 FsRtlGetFileSize (
2786 IN PFILE_OBJECT FileObject,
2787 IN OUT PLARGE_INTEGER FileSize
2788 );
2789
2790 /*
2791 FsRtlGetNextFileLock:
2792
2793 ret: NULL if no more locks
2794
2795 Internals:
2796 FsRtlGetNextFileLock uses FileLock->LastReturnedLockInfo and
2797 FileLock->LastReturnedLock as storage.
2798 LastReturnedLock is a pointer to the 'raw' lock inkl. double linked
2799 list, and FsRtlGetNextFileLock needs this to get next lock on subsequent
2800 calls with Restart = FALSE.
2801 */
2802 NTKERNELAPI
2803 PFILE_LOCK_INFO
2804 NTAPI
2805 FsRtlGetNextFileLock (
2806 IN PFILE_LOCK FileLock,
2807 IN BOOLEAN Restart
2808 );
2809
2810 NTKERNELAPI
2811 VOID
2812 NTAPI
2813 FsRtlInitializeFileLock (
2814 IN PFILE_LOCK FileLock,
2815 IN PCOMPLETE_LOCK_IRP_ROUTINE CompleteLockIrpRoutine OPTIONAL,
2816 IN PUNLOCK_ROUTINE UnlockRoutine OPTIONAL
2817 );
2818
2819 NTKERNELAPI
2820 VOID
2821 NTAPI
2822 FsRtlInitializeOplock (
2823 IN OUT POPLOCK Oplock
2824 );
2825
2826 NTKERNELAPI
2827 VOID
2828 NTAPI
2829 FsRtlInitializeTunnelCache (
2830 IN PTUNNEL Cache
2831 );
2832
2833 NTKERNELAPI
2834 BOOLEAN
2835 NTAPI
2836 FsRtlIsNameInExpression (
2837 IN PUNICODE_STRING Expression,
2838 IN PUNICODE_STRING Name,
2839 IN BOOLEAN IgnoreCase,
2840 IN PWCHAR UpcaseTable OPTIONAL
2841 );
2842
2843 NTKERNELAPI
2844 BOOLEAN
2845 NTAPI
2846 FsRtlIsNtstatusExpected (
2847 IN NTSTATUS Ntstatus
2848 );
2849
2850 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
2851
2852 extern PUSHORT NlsOemLeadByteInfo;
2853
2854 #define FsRtlIsLeadDbcsCharacter(DBCS_CHAR) ( \
2855 (BOOLEAN)((UCHAR)(DBCS_CHAR) < 0x80 ? FALSE : \
2856 (NLS_MB_CODE_PAGE_TAG && \
2857 (NLS_OEM_LEAD_BYTE_INFO[(UCHAR)(DBCS_CHAR)] != 0))) \
2858 )
2859
2860 #define FsRtlIsAnsiCharacterWild(C) ( \
2861 FlagOn(FsRtlLegalAnsiCharacterArray[(UCHAR)(C)], FSRTL_WILD_CHARACTER ) \
2862 )
2863
2864 #define FsRtlIsUnicodeCharacterWild(C) ( \
2865 (((C) >= 0x40) ? \
2866 FALSE : \
2867 FlagOn(FsRtlLegalAnsiCharacterArray[(C)], FSRTL_WILD_CHARACTER )) \
2868 )
2869
2870 NTKERNELAPI
2871 BOOLEAN
2872 NTAPI
2873 FsRtlMdlReadDev (
2874 IN PFILE_OBJECT FileObject,
2875 IN PLARGE_INTEGER FileOffset,
2876 IN ULONG Length,
2877 IN ULONG LockKey,
2878 OUT PMDL *MdlChain,
2879 OUT PIO_STATUS_BLOCK IoStatus,
2880 IN PDEVICE_OBJECT DeviceObject
2881 );
2882
2883 NTKERNELAPI
2884 BOOLEAN
2885 NTAPI
2886 FsRtlMdlReadComplete (
2887 IN PFILE_OBJECT FileObject,
2888 IN PMDL MdlChain
2889 );
2890
2891 NTKERNELAPI
2892 BOOLEAN
2893 NTAPI
2894 FsRtlMdlReadCompleteDev (
2895 IN PFILE_OBJECT FileObject,
2896 IN PMDL MdlChain,
2897 IN PDEVICE_OBJECT DeviceObject
2898 );
2899
2900 NTKERNELAPI
2901 BOOLEAN
2902 NTAPI
2903 FsRtlPrepareMdlWriteDev (
2904 IN PFILE_OBJECT FileObject,
2905 IN PLARGE_INTEGER FileOffset,
2906 IN ULONG Length,
2907 IN ULONG LockKey,
2908 OUT PMDL *MdlChain,
2909 OUT PIO_STATUS_BLOCK IoStatus,
2910 IN PDEVICE_OBJECT DeviceObject
2911 );
2912
2913 NTKERNELAPI
2914 BOOLEAN
2915 NTAPI
2916 FsRtlMdlWriteComplete (
2917 IN PFILE_OBJECT FileObject,
2918 IN PLARGE_INTEGER FileOffset,
2919 IN PMDL MdlChain
2920 );
2921
2922 NTKERNELAPI
2923 BOOLEAN
2924 NTAPI
2925 FsRtlMdlWriteCompleteDev (
2926 IN PFILE_OBJECT FileObject,
2927 IN PLARGE_INTEGER FileOffset,
2928 IN PMDL MdlChain,
2929 IN PDEVICE_OBJECT DeviceObject
2930 );
2931
2932 NTKERNELAPI
2933 NTSTATUS
2934 NTAPI
2935 FsRtlNormalizeNtstatus (
2936 IN NTSTATUS Exception,
2937 IN NTSTATUS GenericException
2938 );
2939
2940 NTKERNELAPI
2941 VOID
2942 NTAPI
2943 FsRtlNotifyChangeDirectory (
2944 IN PNOTIFY_SYNC NotifySync,
2945 IN PVOID FsContext,
2946 IN PSTRING FullDirectoryName,
2947 IN PLIST_ENTRY NotifyList,
2948 IN BOOLEAN WatchTree,
2949 IN ULONG CompletionFilter,
2950 IN PIRP NotifyIrp
2951 );
2952
2953 NTKERNELAPI
2954 VOID
2955 NTAPI
2956 FsRtlNotifyCleanup (
2957 IN PNOTIFY_SYNC NotifySync,
2958 IN PLIST_ENTRY NotifyList,
2959 IN PVOID FsContext
2960 );
2961
2962 typedef BOOLEAN (*PCHECK_FOR_TRAVERSE_ACCESS) (
2963 IN PVOID NotifyContext,
2964 IN PVOID TargetContext,
2965 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
2966 );
2967
2968 NTKERNELAPI
2969 VOID
2970 NTAPI
2971 FsRtlNotifyFullChangeDirectory (
2972 IN PNOTIFY_SYNC NotifySync,
2973 IN PLIST_ENTRY NotifyList,
2974 IN PVOID FsContext,
2975 IN PSTRING FullDirectoryName,
2976 IN BOOLEAN WatchTree,
2977 IN BOOLEAN IgnoreBuffer,
2978 IN ULONG CompletionFilter,
2979 IN PIRP NotifyIrp,
2980 IN PCHECK_FOR_TRAVERSE_ACCESS TraverseCallback OPTIONAL,
2981 IN PSECURITY_SUBJECT_CONTEXT SubjectContext OPTIONAL
2982 );
2983
2984 NTKERNELAPI
2985 VOID
2986 NTAPI
2987 FsRtlNotifyFullReportChange (
2988 IN PNOTIFY_SYNC NotifySync,
2989 IN PLIST_ENTRY NotifyList,
2990 IN PSTRING FullTargetName,
2991 IN USHORT TargetNameOffset,
2992 IN PSTRING StreamName OPTIONAL,
2993 IN PSTRING NormalizedParentName OPTIONAL,
2994 IN ULONG FilterMatch,
2995 IN ULONG Action,
2996 IN PVOID TargetContext
2997 );
2998
2999 NTKERNELAPI
3000 VOID
3001 NTAPI
3002 FsRtlNotifyInitializeSync (
3003 IN PNOTIFY_SYNC *NotifySync
3004 );
3005
3006 NTKERNELAPI
3007 VOID
3008 NTAPI
3009 FsRtlNotifyReportChange (
3010 IN PNOTIFY_SYNC NotifySync,
3011 IN PLIST_ENTRY NotifyList,
3012 IN PSTRING FullTargetName,
3013 IN PUSHORT FileNamePartLength,
3014 IN ULONG FilterMatch
3015 );
3016
3017 NTKERNELAPI
3018 VOID
3019 NTAPI
3020 FsRtlNotifyUninitializeSync (
3021 IN PNOTIFY_SYNC *NotifySync
3022 );
3023
3024 #if (VER_PRODUCTBUILD >= 2195)
3025
3026 NTKERNELAPI
3027 NTSTATUS
3028 NTAPI
3029 FsRtlNotifyVolumeEvent (
3030 IN PFILE_OBJECT FileObject,
3031 IN ULONG EventCode
3032 );
3033
3034 #endif /* (VER_PRODUCTBUILD >= 2195) */
3035
3036 NTKERNELAPI
3037 NTSTATUS
3038 NTAPI
3039 FsRtlOplockFsctrl (
3040 IN POPLOCK Oplock,
3041 IN PIRP Irp,
3042 IN ULONG OpenCount
3043 );
3044
3045 NTKERNELAPI
3046 BOOLEAN
3047 NTAPI
3048 FsRtlOplockIsFastIoPossible (
3049 IN POPLOCK Oplock
3050 );
3051
3052 /*
3053 FsRtlPrivateLock:
3054
3055 ret: IoStatus->Status: STATUS_PENDING, STATUS_LOCK_NOT_GRANTED
3056
3057 Internals:
3058 -Calls IoCompleteRequest if Irp
3059 -Uses exception handling / ExRaiseStatus with STATUS_INSUFFICIENT_RESOURCES
3060 */
3061 NTKERNELAPI
3062 BOOLEAN
3063 NTAPI
3064 FsRtlPrivateLock (
3065 IN PFILE_LOCK FileLock,
3066 IN PFILE_OBJECT FileObject,
3067 IN PLARGE_INTEGER FileOffset,
3068 IN PLARGE_INTEGER Length,
3069 IN PEPROCESS Process,
3070 IN ULONG Key,
3071 IN BOOLEAN FailImmediately,
3072 IN BOOLEAN ExclusiveLock,
3073 OUT PIO_STATUS_BLOCK IoStatus,
3074 IN PIRP Irp OPTIONAL,
3075 IN PVOID Context,
3076 IN BOOLEAN AlreadySynchronized
3077 );
3078
3079 /*
3080 FsRtlProcessFileLock:
3081
3082 ret:
3083 -STATUS_INVALID_DEVICE_REQUEST
3084 -STATUS_RANGE_NOT_LOCKED from unlock routines.
3085 -STATUS_PENDING, STATUS_LOCK_NOT_GRANTED from FsRtlPrivateLock
3086 (redirected IoStatus->Status).
3087
3088 Internals:
3089 -switch ( Irp->CurrentStackLocation->MinorFunction )
3090 lock: return FsRtlPrivateLock;
3091 unlocksingle: return FsRtlFastUnlockSingle;
3092 unlockall: return FsRtlFastUnlockAll;
3093 unlockallbykey: return FsRtlFastUnlockAllByKey;
3094 default: IofCompleteRequest with STATUS_INVALID_DEVICE_REQUEST;
3095 return STATUS_INVALID_DEVICE_REQUEST;
3096
3097 -'AllwaysZero' is passed thru as 'AllwaysZero' to lock / unlock routines.
3098 -'Irp' is passet thru as 'Irp' to FsRtlPrivateLock.
3099 */
3100 NTKERNELAPI
3101 NTSTATUS
3102 NTAPI
3103 FsRtlProcessFileLock (
3104 IN PFILE_LOCK FileLock,
3105 IN PIRP Irp,
3106 IN PVOID Context OPTIONAL
3107 );
3108
3109 NTKERNELAPI
3110 NTSTATUS
3111 NTAPI
3112 FsRtlRegisterUncProvider (
3113 IN OUT PHANDLE MupHandle,
3114 IN PUNICODE_STRING RedirectorDeviceName,
3115 IN BOOLEAN MailslotsSupported
3116 );
3117
3118 typedef VOID
3119 (NTAPI *PFSRTL_STACK_OVERFLOW_ROUTINE) (
3120 IN PVOID Context,
3121 IN PKEVENT Event
3122 );
3123
3124 NTKERNELAPI
3125 VOID
3126 NTAPI
3127 FsRtlPostStackOverflow (
3128 IN PVOID Context,
3129 IN PKEVENT Event,
3130 IN PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
3131 );
3132
3133 NTKERNELAPI
3134 VOID
3135 NTAPI
3136 FsRtlPostPagingFileStackOverflow (
3137 IN PVOID Context,
3138 IN PKEVENT Event,
3139 IN PFSRTL_STACK_OVERFLOW_ROUTINE StackOverflowRoutine
3140 );
3141
3142 NTKERNELAPI
3143 VOID
3144 NTAPI
3145 FsRtlUninitializeFileLock (
3146 IN PFILE_LOCK FileLock
3147 );
3148
3149 NTKERNELAPI
3150 VOID
3151 NTAPI
3152 FsRtlUninitializeOplock (
3153 IN OUT POPLOCK Oplock
3154 );
3155
3156 NTHALAPI
3157 VOID
3158 NTAPI
3159 HalDisplayString (
3160 IN PCHAR String
3161 );
3162
3163 NTKERNELAPI
3164 UCHAR
3165 NTAPI
3166 KeSetIdealProcessorThread(
3167 IN OUT PKTHREAD Thread,
3168 IN UCHAR Processor
3169 );
3170
3171 NTKERNELAPI
3172 NTSTATUS
3173 NTAPI
3174 IoAttachDeviceToDeviceStackSafe(
3175 IN PDEVICE_OBJECT SourceDevice,
3176 IN PDEVICE_OBJECT TargetDevice,
3177 OUT PDEVICE_OBJECT *AttachedToDeviceObject
3178 );
3179
3180 NTKERNELAPI
3181 VOID
3182 NTAPI
3183 IoAcquireVpbSpinLock (
3184 OUT PKIRQL Irql
3185 );
3186
3187 NTKERNELAPI
3188 NTSTATUS
3189 NTAPI
3190 IoCheckDesiredAccess (
3191 IN OUT PACCESS_MASK DesiredAccess,
3192 IN ACCESS_MASK GrantedAccess
3193 );
3194
3195 NTKERNELAPI
3196 NTSTATUS
3197 NTAPI
3198 IoCheckEaBufferValidity (
3199 IN PFILE_FULL_EA_INFORMATION EaBuffer,
3200 IN ULONG EaLength,
3201 OUT PULONG ErrorOffset
3202 );
3203
3204 NTKERNELAPI
3205 NTSTATUS
3206 NTAPI
3207 IoCheckFunctionAccess (
3208 IN ACCESS_MASK GrantedAccess,
3209 IN UCHAR MajorFunction,
3210 IN UCHAR MinorFunction,
3211 IN ULONG IoControlCode,
3212 IN PVOID Argument1 OPTIONAL,
3213 IN PVOID Argument2 OPTIONAL
3214 );
3215
3216 #if (VER_PRODUCTBUILD >= 2195)
3217
3218 NTKERNELAPI
3219 NTSTATUS
3220 NTAPI
3221 IoCheckQuotaBufferValidity (
3222 IN PFILE_QUOTA_INFORMATION QuotaBuffer,
3223 IN ULONG QuotaLength,
3224 OUT PULONG ErrorOffset
3225 );
3226
3227 #endif /* (VER_PRODUCTBUILD >= 2195) */
3228
3229 NTKERNELAPI
3230 PFILE_OBJECT
3231 NTAPI
3232 IoCreateStreamFileObject (
3233 IN PFILE_OBJECT FileObject OPTIONAL,
3234 IN PDEVICE_OBJECT DeviceObject OPTIONAL
3235 );
3236
3237 #if (VER_PRODUCTBUILD >= 2195)
3238
3239 NTKERNELAPI
3240 PFILE_OBJECT
3241 NTAPI
3242 IoCreateStreamFileObjectLite (
3243 IN PFILE_OBJECT FileObject OPTIONAL,
3244 IN PDEVICE_OBJECT DeviceObject OPTIONAL
3245 );
3246
3247 #endif /* (VER_PRODUCTBUILD >= 2195) */
3248
3249 NTKERNELAPI
3250 BOOLEAN
3251 NTAPI
3252 IoFastQueryNetworkAttributes (
3253 IN POBJECT_ATTRIBUTES ObjectAttributes,
3254 IN ACCESS_MASK DesiredAccess,
3255 IN ULONG OpenOptions,
3256 OUT PIO_STATUS_BLOCK IoStatus,
3257 OUT PFILE_NETWORK_OPEN_INFORMATION Buffer
3258 );
3259
3260 NTKERNELAPI
3261 PDEVICE_OBJECT
3262 NTAPI
3263 IoGetAttachedDevice (
3264 IN PDEVICE_OBJECT DeviceObject
3265 );
3266
3267 NTKERNELAPI
3268 PDEVICE_OBJECT
3269 NTAPI
3270 IoGetBaseFileSystemDeviceObject (
3271 IN PFILE_OBJECT FileObject
3272 );
3273
3274 NTKERNELAPI
3275 PEPROCESS
3276 NTAPI
3277 IoGetRequestorProcess (
3278 IN PIRP Irp
3279 );
3280
3281 #if (VER_PRODUCTBUILD >= 2195)
3282
3283 NTKERNELAPI
3284 ULONG
3285 NTAPI
3286 IoGetRequestorProcessId (
3287 IN PIRP Irp
3288 );
3289
3290 #endif /* (VER_PRODUCTBUILD >= 2195) */
3291
3292 NTKERNELAPI
3293 PIRP
3294 NTAPI
3295 IoGetTopLevelIrp (
3296 VOID
3297 );
3298
3299 #define IoIsFileOpenedExclusively(FileObject) ( \
3300 (BOOLEAN) !( \
3301 (FileObject)->SharedRead || \
3302 (FileObject)->SharedWrite || \
3303 (FileObject)->SharedDelete \
3304 ) \
3305 )
3306
3307 NTKERNELAPI
3308 BOOLEAN
3309 NTAPI
3310 IoIsOperationSynchronous (
3311 IN PIRP Irp
3312 );
3313
3314 NTKERNELAPI
3315 BOOLEAN
3316 NTAPI
3317 IoIsSystemThread (
3318 IN PETHREAD Thread
3319 );
3320
3321 #if (VER_PRODUCTBUILD >= 2195)
3322
3323 NTKERNELAPI
3324 BOOLEAN
3325 NTAPI
3326 IoIsValidNameGraftingBuffer (
3327 IN PIRP Irp,
3328 IN PREPARSE_DATA_BUFFER ReparseBuffer
3329 );
3330
3331 #endif /* (VER_PRODUCTBUILD >= 2195) */
3332
3333 NTKERNELAPI
3334 NTSTATUS
3335 NTAPI
3336 IoPageRead (
3337 IN PFILE_OBJECT FileObject,
3338 IN PMDL Mdl,
3339 IN PLARGE_INTEGER Offset,
3340 IN PKEVENT Event,
3341 OUT PIO_STATUS_BLOCK IoStatusBlock
3342 );
3343
3344 NTKERNELAPI
3345 NTSTATUS
3346 NTAPI
3347 IoQueryFileInformation (
3348 IN PFILE_OBJECT FileObject,
3349 IN FILE_INFORMATION_CLASS FileInformationClass,
3350 IN ULONG Length,
3351 OUT PVOID FileInformation,
3352 OUT PULONG ReturnedLength
3353 );
3354
3355 NTKERNELAPI
3356 NTSTATUS
3357 NTAPI
3358 IoQueryVolumeInformation (
3359 IN PFILE_OBJECT FileObject,
3360 IN FS_INFORMATION_CLASS FsInformationClass,
3361 IN ULONG Length,
3362 OUT PVOID FsInformation,
3363 OUT PULONG ReturnedLength
3364 );
3365
3366 NTKERNELAPI
3367 VOID
3368 NTAPI
3369 IoQueueThreadIrp(
3370 IN PIRP Irp
3371 );
3372
3373 NTKERNELAPI
3374 VOID
3375 NTAPI
3376 IoRegisterFileSystem (
3377 IN OUT PDEVICE_OBJECT DeviceObject
3378 );
3379
3380 #if (VER_PRODUCTBUILD >= 1381)
3381
3382 typedef VOID (NTAPI *PDRIVER_FS_NOTIFICATION) (
3383 IN PDEVICE_OBJECT DeviceObject,
3384 IN BOOLEAN DriverActive
3385 );
3386
3387 NTKERNELAPI
3388 NTSTATUS
3389 NTAPI
3390 IoRegisterFsRegistrationChange (
3391 IN PDRIVER_OBJECT DriverObject,
3392 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
3393 );
3394
3395 #endif /* (VER_PRODUCTBUILD >= 1381) */
3396
3397 NTKERNELAPI
3398 VOID
3399 NTAPI
3400 IoReleaseVpbSpinLock (
3401 IN KIRQL Irql
3402 );
3403
3404 NTKERNELAPI
3405 VOID
3406 NTAPI
3407 IoSetDeviceToVerify (
3408 IN PETHREAD Thread,
3409 IN PDEVICE_OBJECT DeviceObject
3410 );
3411
3412 NTKERNELAPI
3413 NTSTATUS
3414 NTAPI
3415 IoSetInformation (
3416 IN PFILE_OBJECT FileObject,
3417 IN FILE_INFORMATION_CLASS FileInformationClass,
3418 IN ULONG Length,
3419 IN PVOID FileInformation
3420 );
3421
3422 NTKERNELAPI
3423 VOID
3424 NTAPI
3425 IoSetTopLevelIrp (
3426 IN PIRP Irp
3427 );
3428
3429 NTKERNELAPI
3430 NTSTATUS
3431 NTAPI
3432 IoSynchronousPageWrite (
3433 IN PFILE_OBJECT FileObject,
3434 IN PMDL Mdl,
3435 IN PLARGE_INTEGER FileOffset,
3436 IN PKEVENT Event,
3437 OUT PIO_STATUS_BLOCK IoStatusBlock
3438 );
3439
3440 NTKERNELAPI
3441 PEPROCESS
3442 NTAPI
3443 IoThreadToProcess (
3444 IN PETHREAD Thread
3445 );
3446
3447 NTKERNELAPI
3448 VOID
3449 NTAPI
3450 IoUnregisterFileSystem (
3451 IN OUT PDEVICE_OBJECT DeviceObject
3452 );
3453
3454 #if (VER_PRODUCTBUILD >= 1381)
3455
3456 NTKERNELAPI
3457 VOID
3458 NTAPI
3459 IoUnregisterFsRegistrationChange (
3460 IN PDRIVER_OBJECT DriverObject,
3461 IN PDRIVER_FS_NOTIFICATION DriverNotificationRoutine
3462 );
3463
3464 #endif /* (VER_PRODUCTBUILD >= 1381) */
3465
3466 NTKERNELAPI
3467 NTSTATUS
3468 NTAPI
3469 IoVerifyVolume (
3470 IN PDEVICE_OBJECT DeviceObject,
3471 IN BOOLEAN AllowRawMount
3472 );
3473
3474 NTHALAPI
3475 KIRQL
3476 FASTCALL
3477 KeAcquireQueuedSpinLock (
3478 IN KSPIN_LOCK_QUEUE_NUMBER Number
3479 );
3480
3481 NTHALAPI
3482 VOID
3483 FASTCALL
3484 KeReleaseQueuedSpinLock (
3485 IN KSPIN_LOCK_QUEUE_NUMBER Number,
3486 IN KIRQL OldIrql
3487 );
3488
3489 NTKERNELAPI
3490 VOID
3491 NTAPI
3492 KeAttachProcess (
3493 IN PKPROCESS Process
3494 );
3495
3496 NTKERNELAPI
3497 VOID
3498 NTAPI
3499 KeDetachProcess (
3500 VOID
3501 );
3502
3503 NTKERNELAPI
3504 VOID
3505 NTAPI
3506 KeInitializeQueue (
3507 IN PRKQUEUE Queue,
3508 IN ULONG Count OPTIONAL
3509 );
3510
3511 NTKERNELAPI
3512 LONG
3513 NTAPI
3514 KeInsertHeadQueue (
3515 IN PRKQUEUE Queue,
3516 IN PLIST_ENTRY Entry
3517 );
3518
3519 NTKERNELAPI
3520 LONG
3521 NTAPI
3522 KeInsertQueue (
3523 IN PRKQUEUE Queue,
3524 IN PLIST_ENTRY Entry
3525 );
3526
3527 NTKERNELAPI
3528 LONG
3529 NTAPI
3530 KeReadStateQueue (
3531 IN PRKQUEUE Queue
3532 );
3533
3534 NTKERNELAPI
3535 PLIST_ENTRY
3536 NTAPI
3537 KeRemoveQueue (
3538 IN PRKQUEUE Queue,
3539 IN KPROCESSOR_MODE WaitMode,
3540 IN PLARGE_INTEGER Timeout OPTIONAL
3541 );
3542
3543 NTKERNELAPI
3544 PLIST_ENTRY
3545 NTAPI
3546 KeRundownQueue (
3547 IN PRKQUEUE Queue
3548 );
3549
3550 NTKERNELAPI
3551 VOID
3552 NTAPI
3553 KeInitializeMutant (
3554 IN PRKMUTANT Mutant,
3555 IN BOOLEAN InitialOwner
3556 );
3557
3558 NTKERNELAPI
3559 LONG
3560 NTAPI
3561 KeReadStateMutant (
3562 IN PRKMUTANT Mutant
3563 );
3564
3565 NTKERNELAPI
3566 LONG
3567 NTAPI
3568 KeReleaseMutant (
3569 IN PRKMUTANT Mutant,
3570 IN KPRIORITY Increment,
3571 IN BOOLEAN Abandoned,
3572 IN BOOLEAN Wait
3573 );
3574
3575 #if (VER_PRODUCTBUILD >= 2195)
3576
3577 NTKERNELAPI
3578 VOID
3579 NTAPI
3580 KeStackAttachProcess (
3581 IN PKPROCESS Process,
3582 OUT PKAPC_STATE ApcState
3583 );
3584
3585 NTKERNELAPI
3586 VOID
3587 NTAPI
3588 KeUnstackDetachProcess (
3589 IN PKAPC_STATE ApcState
3590 );
3591
3592 #endif /* (VER_PRODUCTBUILD >= 2195) */
3593
3594 NTKERNELAPI
3595 BOOLEAN
3596 NTAPI
3597 KeSetKernelStackSwapEnable(
3598 IN BOOLEAN Enable
3599 );
3600
3601 NTKERNELAPI
3602 BOOLEAN
3603 NTAPI
3604 MmCanFileBeTruncated (
3605 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
3606 IN PLARGE_INTEGER NewFileSize
3607 );
3608
3609 NTKERNELAPI
3610 BOOLEAN
3611 NTAPI
3612 MmFlushImageSection (
3613 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
3614 IN MMFLUSH_TYPE FlushType
3615 );
3616
3617 NTKERNELAPI
3618 BOOLEAN
3619 NTAPI
3620 MmForceSectionClosed (
3621 IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
3622 IN BOOLEAN DelayClose
3623 );
3624
3625 #if (VER_PRODUCTBUILD >= 1381)
3626
3627 NTKERNELAPI
3628 BOOLEAN
3629 NTAPI
3630 MmIsRecursiveIoFault (
3631 VOID
3632 );
3633
3634 #else
3635
3636 #define MmIsRecursiveIoFault() ( \
3637 (PsGetCurrentThread()->DisablePageFaultClustering) | \
3638 (PsGetCurrentThread()->ForwardClusterOnly) \
3639 )
3640
3641 #endif
3642
3643
3644 NTKERNELAPI
3645 BOOLEAN
3646 NTAPI
3647 MmSetAddressRangeModified (
3648 IN PVOID Address,
3649 IN ULONG Length
3650 );
3651
3652 NTKERNELAPI
3653 NTSTATUS
3654 NTAPI
3655 ObCreateObject (
3656 IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL,
3657 IN POBJECT_TYPE ObjectType,
3658 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
3659 IN KPROCESSOR_MODE AccessMode,
3660 IN OUT PVOID ParseContext OPTIONAL,
3661 IN ULONG ObjectSize,
3662 IN ULONG PagedPoolCharge OPTIONAL,
3663 IN ULONG NonPagedPoolCharge OPTIONAL,
3664 OUT PVOID *Object
3665 );
3666
3667 NTKERNELAPI
3668 ULONG
3669 NTAPI
3670 ObGetObjectPointerCount (
3671 IN PVOID Object
3672 );
3673
3674 NTKERNELAPI
3675 NTSTATUS
3676 NTAPI
3677 ObInsertObject (
3678 IN PVOID Object,
3679 IN PACCESS_STATE PassedAccessState OPTIONAL,
3680 IN ACCESS_MASK DesiredAccess,
3681 IN ULONG AdditionalReferences,
3682 OUT PVOID *ReferencedObject OPTIONAL,
3683 OUT PHANDLE Handle
3684 );
3685
3686 NTKERNELAPI
3687 VOID
3688 NTAPI
3689 ObMakeTemporaryObject (
3690 IN PVOID Object
3691 );
3692
3693 NTKERNELAPI
3694 NTSTATUS
3695 NTAPI
3696 ObOpenObjectByPointer (
3697 IN PVOID Object,
3698 IN ULONG HandleAttributes,
3699 IN PACCESS_STATE PassedAccessState OPTIONAL,
3700 IN ACCESS_MASK DesiredAccess OPTIONAL,
3701 IN POBJECT_TYPE ObjectType OPTIONAL,
3702 IN KPROCESSOR_MODE AccessMode,
3703 OUT PHANDLE Handle
3704 );
3705
3706 NTKERNELAPI
3707 NTSTATUS
3708 NTAPI
3709 ObQueryNameString (
3710 IN PVOID Object,
3711 OUT POBJECT_NAME_INFORMATION ObjectNameInfo,
3712 IN ULONG Length,
3713 OUT PULONG ReturnLength
3714 );
3715
3716 NTKERNELAPI
3717 NTSTATUS
3718 NTAPI
3719 ObQueryObjectAuditingByHandle (
3720 IN HANDLE Handle,
3721 OUT PBOOLEAN GenerateOnClose
3722 );
3723
3724 NTKERNELAPI
3725 NTSTATUS
3726 NTAPI
3727 ObReferenceObjectByName (
3728 IN PUNICODE_STRING ObjectName,
3729 IN ULONG Attributes,
3730 IN PACCESS_STATE PassedAccessState OPTIONAL,
3731 IN ACCESS_MASK DesiredAccess OPTIONAL,
3732 IN POBJECT_TYPE ObjectType,
3733 IN KPROCESSOR_MODE AccessMode,
3734 IN OUT PVOID ParseContext OPTIONAL,
3735 OUT PVOID *Object
3736 );
3737
3738 NTKERNELAPI
3739 NTSTATUS
3740 NTAPI
3741 PsAssignImpersonationToken (
3742 IN PETHREAD Thread,
3743 IN HANDLE Token
3744 );
3745
3746 NTKERNELAPI
3747 VOID
3748 NTAPI
3749 PsChargePoolQuota (
3750 IN PEPROCESS Process,
3751 IN POOL_TYPE PoolType,
3752 IN SIZE_T Amount
3753 );
3754
3755 NTKERNELAPI
3756 NTSTATUS
3757 NTAPI
3758 PsChargeProcessPoolQuota (
3759 IN PEPROCESS Process,
3760 IN POOL_TYPE PoolType,
3761 IN SIZE_T Amount
3762 );
3763
3764 #define PsDereferenceImpersonationToken(T) \
3765 {if (ARGUMENT_PRESENT(T)) { \
3766 (ObDereferenceObject((T))); \
3767 } else { \
3768 ; \
3769 } \
3770 }
3771
3772 #define PsDereferencePrimaryToken(T) (ObDereferenceObject((T)))
3773
3774 NTKERNELAPI
3775 BOOLEAN
3776 NTAPI
3777 PsDisableImpersonation(
3778 IN PETHREAD Thread,
3779 IN PSE_IMPERSONATION_STATE ImpersonationState
3780 );
3781
3782 NTKERNELAPI
3783 LARGE_INTEGER
3784 NTAPI
3785 PsGetProcessExitTime (
3786 VOID
3787 );
3788
3789 NTKERNELAPI
3790 NTSTATUS
3791 NTAPI
3792 PsImpersonateClient(
3793 IN PETHREAD Thread,
3794 IN PACCESS_TOKEN Token,
3795 IN BOOLEAN CopyOnOpen,
3796 IN BOOLEAN EffectiveOnly,
3797 IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
3798 );
3799
3800 NTKERNELAPI
3801 BOOLEAN
3802 NTAPI
3803 PsIsSystemThread(
3804 IN PETHREAD Thread
3805 );
3806
3807 NTKERNELAPI
3808 BOOLEAN
3809 NTAPI
3810 PsIsThreadTerminating (
3811 IN PETHREAD Thread
3812 );
3813
3814 NTKERNELAPI
3815 NTSTATUS
3816 NTAPI
3817 PsLookupProcessByProcessId (
3818 IN HANDLE ProcessId,
3819 OUT PEPROCESS *Process
3820 );
3821
3822 NTKERNELAPI
3823 NTSTATUS
3824 NTAPI
3825 PsLookupProcessThreadByCid (
3826 IN PCLIENT_ID Cid,
3827 OUT PEPROCESS *Process OPTIONAL,
3828 OUT PETHREAD *Thread
3829 );
3830
3831 NTKERNELAPI
3832 NTSTATUS
3833 NTAPI
3834 PsLookupThreadByThreadId (
3835 IN HANDLE UniqueThreadId,
3836 OUT PETHREAD *Thread
3837 );
3838
3839 NTKERNELAPI
3840 PACCESS_TOKEN
3841 NTAPI
3842 PsReferenceImpersonationToken (
3843 IN PETHREAD Thread,
3844 OUT PBOOLEAN CopyOnUse,
3845 OUT PBOOLEAN EffectiveOnly,
3846 OUT PSECURITY_IMPERSONATION_LEVEL Level
3847 );
3848
3849 NTKERNELAPI
3850 HANDLE
3851 NTAPI
3852 PsReferencePrimaryToken (
3853 IN PEPROCESS Process
3854 );
3855
3856 NTKERNELAPI
3857 VOID
3858 NTAPI
3859 PsRestoreImpersonation(
3860 IN PETHREAD Thread,
3861 IN PSE_IMPERSONATION_STATE ImpersonationState
3862 );
3863
3864 NTKERNELAPI
3865 VOID
3866 NTAPI
3867 PsReturnPoolQuota (
3868 IN PEPROCESS Process,
3869 IN POOL_TYPE PoolType,
3870 IN SIZE_T Amount
3871 );
3872
3873 NTKERNELAPI
3874 VOID
3875 NTAPI
3876 PsRevertToSelf (
3877 VOID
3878 );
3879
3880 NTSYSAPI
3881 NTSTATUS
3882 NTAPI
3883 RtlAbsoluteToSelfRelativeSD (
3884 IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
3885 IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
3886 IN PULONG BufferLength
3887 );
3888
3889 NTSYSAPI
3890 PVOID
3891 NTAPI
3892 RtlAllocateHeap (
3893 IN HANDLE HeapHandle,
3894 IN ULONG Flags,
3895 IN ULONG Size
3896 );
3897
3898 NTSYSAPI
3899 NTSTATUS
3900 NTAPI
3901 RtlAppendStringToString(
3902 PSTRING Destination,
3903 const STRING *Source
3904 );
3905
3906 NTSYSAPI
3907 USHORT
3908 NTAPI
3909 RtlCaptureStackBackTrace (
3910 IN ULONG FramesToSkip,
3911 IN ULONG FramesToCapture,
3912 OUT PVOID *BackTrace,
3913 OUT PULONG BackTraceHash OPTIONAL
3914 );
3915
3916 NTSYSAPI
3917 SIZE_T
3918 NTAPI
3919 RtlCompareMemoryUlong (
3920 PVOID Source,
3921 SIZE_T Length,
3922 ULONG Pattern
3923 );
3924
3925 NTSYSAPI
3926 NTSTATUS
3927 NTAPI
3928 RtlCompressBuffer (
3929 IN USHORT CompressionFormatAndEngine,
3930 IN PUCHAR UncompressedBuffer,
3931 IN ULONG UncompressedBufferSize,
3932 OUT PUCHAR CompressedBuffer,
3933 IN ULONG CompressedBufferSize,
3934 IN ULONG UncompressedChunkSize,
3935 OUT PULONG FinalCompressedSize,
3936 IN PVOID WorkSpace
3937 );
3938
3939 NTSYSAPI
3940 NTSTATUS
3941 NTAPI
3942 RtlCompressChunks (
3943 IN PUCHAR UncompressedBuffer,
3944 IN ULONG UncompressedBufferSize,
3945 OUT PUCHAR CompressedBuffer,
3946 IN ULONG CompressedBufferSize,
3947 IN OUT PCOMPRESSED_DATA_INFO CompressedDataInfo,
3948 IN ULONG CompressedDataInfoLength,
3949 IN PVOID WorkSpace
3950 );
3951
3952 NTSYSAPI
3953 NTSTATUS
3954 NTAPI
3955 RtlConvertSidToUnicodeString (
3956 OUT PUNICODE_STRING DestinationString,
3957 IN PSID Sid,
3958 IN BOOLEAN AllocateDestinationString
3959 );
3960
3961 NTSYSAPI
3962 NTSTATUS
3963 NTAPI
3964 RtlCopySid (
3965 IN ULONG Length,
3966 IN PSID Destination,
3967 IN PSID Source
3968 );
3969
3970 NTSYSAPI
3971 BOOLEAN
3972 NTAPI
3973 RtlCreateUnicodeString(
3974 PUNICODE_STRING DestinationString,
3975 PCWSTR SourceString
3976 );
3977
3978 NTSYSAPI
3979 NTSTATUS
3980 NTAPI
3981 RtlDecompressBuffer (
3982 IN USHORT CompressionFormat,
3983 OUT PUCHAR UncompressedBuffer,
3984 IN ULONG UncompressedBufferSize,
3985 IN PUCHAR CompressedBuffer,
3986 IN ULONG CompressedBufferSize,
3987 OUT PULONG FinalUncompressedSize
3988 );
3989
3990 NTSYSAPI
3991 NTSTATUS
3992 NTAPI
3993 RtlDecompressChunks (
3994 OUT PUCHAR UncompressedBuffer,
3995 IN ULONG UncompressedBufferSize,
3996 IN PUCHAR CompressedBuffer,
3997 IN ULONG CompressedBufferSize,
3998 IN PUCHAR CompressedTail,
3999 IN ULONG CompressedTailSize,
4000 IN PCOMPRESSED_DATA_INFO CompressedDataInfo
4001 );
4002
4003 NTSYSAPI
4004 NTSTATUS
4005 NTAPI
4006 RtlDecompressFragment (
4007 IN USHORT CompressionFormat,
4008 OUT PUCHAR UncompressedFragment,
4009 IN ULONG UncompressedFragmentSize,
4010 IN PUCHAR CompressedBuffer,
4011 IN ULONG CompressedBufferSize,
4012 IN ULONG FragmentOffset,
4013 OUT PULONG FinalUncompressedSize,
4014 IN PVOID WorkSpace
4015 );
4016
4017 NTSYSAPI
4018 NTSTATUS
4019 NTAPI
4020 RtlDescribeChunk (
4021 IN USHORT CompressionFormat,
4022 IN OUT PUCHAR *CompressedBuffer,
4023 IN PUCHAR EndOfCompressedBufferPlus1,
4024 OUT PUCHAR *ChunkBuffer,
4025 OUT PULONG ChunkSize
4026 );
4027
4028 NTSYSAPI
4029 NTSTATUS
4030 NTAPI
4031 RtlDowncaseUnicodeString(
4032 IN OUT PUNICODE_STRING UniDest,
4033 IN PCUNICODE_STRING UniSource,
4034 IN BOOLEAN AllocateDestinationString
4035 );
4036
4037 NTSYSAPI
4038 NTSTATUS
4039 NTAPI
4040 RtlDuplicateUnicodeString(
4041 IN ULONG Flags,
4042 IN PCUNICODE_STRING SourceString,
4043 OUT PUNICODE_STRING DestinationString
4044 );
4045
4046 NTSYSAPI
4047 BOOLEAN
4048 NTAPI
4049 RtlEqualSid (
4050 IN PSID Sid1,
4051 IN PSID Sid2
4052 );
4053
4054 NTSYSAPI
4055 VOID
4056 NTAPI
4057 RtlFillMemoryUlong (
4058 IN PVOID Destination,
4059 IN ULONG Length,
4060 IN ULONG Fill
4061 );
4062
4063 NTSYSAPI
4064 BOOLEAN
4065 NTAPI
4066 RtlFreeHeap (
4067 IN HANDLE HeapHandle,
4068 IN ULONG Flags,
4069 IN PVOID P
4070 );
4071
4072 NTSYSAPI
4073 VOID
4074 NTAPI
4075 RtlGenerate8dot3Name (
4076 IN PUNICODE_STRING Name,
4077 IN BOOLEAN AllowExtendedCharacters,
4078 IN OUT PGENERATE_NAME_CONTEXT Context,
4079 OUT PUNICODE_STRING Name8dot3
4080 );
4081
4082 NTSYSAPI
4083 NTSTATUS
4084 NTAPI
4085 RtlGetCompressionWorkSpaceSize (
4086 IN USHORT CompressionFormatAndEngine,
4087 OUT PULONG CompressBufferWorkSpaceSize,
4088 OUT PULONG CompressFragmentWorkSpaceSize
4089 );
4090
4091 NTSYSAPI
4092 NTSTATUS
4093 NTAPI
4094 RtlGetDaclSecurityDescriptor (
4095 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4096 OUT PBOOLEAN DaclPresent,
4097 OUT PACL *Dacl,
4098 OUT PBOOLEAN DaclDefaulted
4099 );
4100
4101 NTSYSAPI
4102 NTSTATUS
4103 NTAPI
4104 RtlGetGroupSecurityDescriptor (
4105 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4106 OUT PSID *Group,
4107 OUT PBOOLEAN GroupDefaulted
4108 );
4109
4110 NTSYSAPI
4111 NTSTATUS
4112 NTAPI
4113 RtlGetOwnerSecurityDescriptor (
4114 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4115 OUT PSID *Owner,
4116 OUT PBOOLEAN OwnerDefaulted
4117 );
4118
4119 NTSYSAPI
4120 NTSTATUS
4121 NTAPI
4122 RtlInitializeSid (
4123 IN OUT PSID Sid,
4124 IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
4125 IN UCHAR SubAuthorityCount
4126 );
4127
4128 NTSYSAPI
4129 BOOLEAN
4130 NTAPI
4131 RtlIsNameLegalDOS8Dot3(
4132 IN PCUNICODE_STRING Name,
4133 IN OUT POEM_STRING OemName OPTIONAL,
4134 IN OUT PBOOLEAN NameContainsSpaces OPTIONAL
4135 );
4136
4137 NTSYSAPI
4138 ULONG
4139 NTAPI
4140 RtlLengthRequiredSid (
4141 IN ULONG SubAuthorityCount
4142 );
4143
4144 NTSYSAPI
4145 ULONG
4146 NTAPI
4147 RtlLengthSid (
4148 IN PSID Sid
4149 );
4150
4151 NTSYSAPI
4152 ULONG
4153 NTAPI
4154 RtlNtStatusToDosError (
4155 IN NTSTATUS Status
4156 );
4157
4158 NTSYSAPI
4159 NTSTATUS
4160 NTAPI
4161 RtlOemStringToUnicodeString(
4162 IN OUT PUNICODE_STRING DestinationString,
4163 IN PCOEM_STRING SourceString,
4164 IN BOOLEAN AllocateDestinationString
4165 );
4166
4167 NTSYSAPI
4168 NTSTATUS
4169 NTAPI
4170 RtlUnicodeStringToOemString(
4171 IN OUT POEM_STRING DestinationString,
4172 IN PCUNICODE_STRING SourceString,
4173 IN BOOLEAN AllocateDestinationString
4174 );
4175
4176 NTSYSAPI
4177 NTSTATUS
4178 NTAPI
4179 RtlReserveChunk (
4180 IN USHORT CompressionFormat,
4181 IN OUT PUCHAR *CompressedBuffer,
4182 IN PUCHAR EndOfCompressedBufferPlus1,
4183 OUT PUCHAR *ChunkBuffer,
4184 IN ULONG ChunkSize
4185 );
4186
4187 NTSYSAPI
4188 VOID
4189 NTAPI
4190 RtlSecondsSince1970ToTime (
4191 IN ULONG SecondsSince1970,
4192 OUT PLARGE_INTEGER Time
4193 );
4194
4195 NTSYSAPI
4196 NTSTATUS
4197 NTAPI
4198 RtlSetGroupSecurityDescriptor (
4199 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
4200 IN PSID Group,
4201 IN BOOLEAN GroupDefaulted
4202 );
4203
4204 NTSYSAPI
4205 NTSTATUS
4206 NTAPI
4207 RtlSetOwnerSecurityDescriptor (
4208 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
4209 IN PSID Owner,
4210 IN BOOLEAN OwnerDefaulted
4211 );
4212
4213 NTSYSAPI
4214 NTSTATUS
4215 NTAPI
4216 RtlSetSaclSecurityDescriptor (
4217 IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
4218 IN BOOLEAN SaclPresent,
4219 IN PACL Sacl,
4220 IN BOOLEAN SaclDefaulted
4221 );
4222
4223 NTSYSAPI
4224 PUCHAR
4225 NTAPI
4226 RtlSubAuthorityCountSid (
4227 IN PSID Sid
4228 );
4229
4230 NTSYSAPI
4231 PULONG
4232 NTAPI
4233 RtlSubAuthoritySid (
4234 IN PSID Sid,
4235 IN ULONG SubAuthority
4236 );
4237
4238 NTSYSAPI
4239 NTSTATUS
4240 NTAPI
4241 RtlUnicodeToMultiByteN(
4242 OUT PCHAR MultiByteString,
4243 IN ULONG MaxBytesInMultiByteString,
4244 OUT PULONG BytesInMultiByteString OPTIONAL,
4245 IN PWCH UnicodeString,
4246 IN ULONG BytesInUnicodeString
4247 );
4248
4249 /* RTL Splay Tree Functions */
4250 NTSYSAPI
4251 PRTL_SPLAY_LINKS
4252 NTAPI
4253 RtlSplay(PRTL_SPLAY_LINKS Links);
4254
4255 NTSYSAPI
4256 PRTL_SPLAY_LINKS
4257 NTAPI
4258 RtlDelete(PRTL_SPLAY_LINKS Links);
4259
4260 NTSYSAPI
4261 VOID
4262 NTAPI
4263 RtlDeleteNoSplay(
4264 PRTL_SPLAY_LINKS Links,
4265 PRTL_SPLAY_LINKS *Root
4266 );
4267
4268 NTSYSAPI
4269 PRTL_SPLAY_LINKS
4270 NTAPI
4271 RtlSubtreeSuccessor(PRTL_SPLAY_LINKS Links);
4272
4273 NTSYSAPI
4274 PRTL_SPLAY_LINKS
4275 NTAPI
4276 RtlSubtreePredecessor(PRTL_SPLAY_LINKS Links);
4277
4278 NTSYSAPI
4279 PRTL_SPLAY_LINKS
4280 NTAPI
4281 RtlRealSuccessor(PRTL_SPLAY_LINKS Links);
4282
4283 NTSYSAPI
4284 PRTL_SPLAY_LINKS
4285 NTAPI
4286 RtlRealPredecessor(PRTL_SPLAY_LINKS Links);
4287
4288 #define RtlIsLeftChild(Links) \
4289 (RtlLeftChild(RtlParent(Links)) == (PRTL_SPLAY_LINKS)(Links))
4290
4291 #define RtlIsRightChild(Links) \
4292 (RtlRightChild(RtlParent(Links)) == (PRTL_SPLAY_LINKS)(Links))
4293
4294 #define RtlRightChild(Links) \
4295 ((PRTL_SPLAY_LINKS)(Links))->RightChild
4296
4297 #define RtlIsRoot(Links) \
4298 (RtlParent(Links) == (PRTL_SPLAY_LINKS)(Links))
4299
4300 #define RtlLeftChild(Links) \
4301 ((PRTL_SPLAY_LINKS)(Links))->LeftChild
4302
4303 #define RtlParent(Links) \
4304 ((PRTL_SPLAY_LINKS)(Links))->Parent
4305
4306 #define RtlInitializeSplayLinks(Links) \
4307 { \
4308 PRTL_SPLAY_LINKS _SplayLinks; \
4309 _SplayLinks = (PRTL_SPLAY_LINKS)(Links); \
4310 _SplayLinks->Parent = _SplayLinks; \
4311 _SplayLinks->LeftChild = NULL; \
4312 _SplayLinks->RightChild = NULL; \
4313 }
4314
4315 #define RtlInsertAsLeftChild(ParentLinks,ChildLinks) \
4316 { \
4317 PRTL_SPLAY_LINKS _SplayParent; \
4318 PRTL_SPLAY_LINKS _SplayChild; \
4319 _SplayParent = (PRTL_SPLAY_LINKS)(ParentLinks); \
4320 _SplayChild = (PRTL_SPLAY_LINKS)(ChildLinks); \
4321 _SplayParent->LeftChild = _SplayChild; \
4322 _SplayChild->Parent = _SplayParent; \
4323 }
4324
4325 #define RtlInsertAsRightChild(ParentLinks,ChildLinks) \
4326 { \
4327 PRTL_SPLAY_LINKS _SplayParent; \
4328 PRTL_SPLAY_LINKS _SplayChild; \
4329 _SplayParent = (PRTL_SPLAY_LINKS)(ParentLinks); \
4330 _SplayChild = (PRTL_SPLAY_LINKS)(ChildLinks); \
4331 _SplayParent->RightChild = _SplayChild; \
4332 _SplayChild->Parent = _SplayParent; \
4333 }
4334
4335 NTSYSAPI
4336 BOOLEAN
4337 NTAPI
4338 RtlValidSid (
4339 IN PSID Sid
4340 );
4341
4342 NTKERNELAPI
4343 NTSTATUS
4344 NTAPI
4345 SeAppendPrivileges (
4346 PACCESS_STATE AccessState,
4347 PPRIVILEGE_SET Privileges
4348 );
4349
4350 NTKERNELAPI
4351 BOOLEAN
4352 NTAPI
4353 SeAuditingFileEvents (
4354 IN BOOLEAN AccessGranted,
4355 IN PSECURITY_DESCRIPTOR SecurityDescriptor
4356 );
4357
4358 NTKERNELAPI
4359 BOOLEAN
4360 NTAPI
4361 SeAuditingFileOrGlobalEvents (
4362 IN BOOLEAN AccessGranted,
4363 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4364 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
4365 );
4366
4367 NTKERNELAPI
4368 VOID
4369 NTAPI
4370 SeCaptureSubjectContext (
4371 OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
4372 );
4373
4374 NTKERNELAPI
4375 NTSTATUS
4376 NTAPI
4377 SeCreateClientSecurity (
4378 IN PETHREAD Thread,
4379 IN PSECURITY_QUALITY_OF_SERVICE QualityOfService,
4380 IN BOOLEAN RemoteClient,
4381 OUT PSECURITY_CLIENT_CONTEXT ClientContext
4382 );
4383
4384 #if (VER_PRODUCTBUILD >= 2195)
4385
4386 NTKERNELAPI
4387 NTSTATUS
4388 NTAPI
4389 SeCreateClientSecurityFromSubjectContext (
4390 IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
4391 IN PSECURITY_QUALITY_OF_SERVICE QualityOfService,
4392 IN BOOLEAN ServerIsRemote,
4393 OUT PSECURITY_CLIENT_CONTEXT ClientContext
4394 );
4395
4396 #endif /* (VER_PRODUCTBUILD >= 2195) */
4397
4398
4399 #define SeLengthSid( Sid ) \
4400 (8 + (4 * ((SID *)Sid)->SubAuthorityCount))
4401
4402 #define SeDeleteClientSecurity(C) { \
4403 if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
4404 PsDereferencePrimaryToken( (C)->ClientToken ); \
4405 } else { \
4406 PsDereferenceImpersonationToken( (C)->ClientToken ); \
4407 } \
4408 }
4409
4410 NTKERNELAPI
4411 VOID
4412 NTAPI
4413 SeDeleteObjectAuditAlarm (
4414 IN PVOID Object,
4415 IN HANDLE Handle
4416 );
4417
4418 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
4419
4420 NTKERNELAPI
4421 VOID
4422 NTAPI
4423 SeFreePrivileges (
4424 IN PPRIVILEGE_SET Privileges
4425 );
4426
4427 NTKERNELAPI
4428 VOID
4429 NTAPI
4430 SeImpersonateClient (
4431 IN PSECURITY_CLIENT_CONTEXT ClientContext,
4432 IN PETHREAD ServerThread OPTIONAL
4433 );
4434
4435 #if (VER_PRODUCTBUILD >= 2195)
4436
4437 NTKERNELAPI
4438 NTSTATUS
4439 NTAPI
4440 SeImpersonateClientEx (
4441 IN PSECURITY_CLIENT_CONTEXT ClientContext,
4442 IN PETHREAD ServerThread OPTIONAL
4443 );
4444
4445 #endif /* (VER_PRODUCTBUILD >= 2195) */
4446
4447 NTKERNELAPI
4448 VOID
4449 NTAPI
4450 SeLockSubjectContext (
4451 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
4452 );
4453
4454 NTKERNELAPI
4455 NTSTATUS
4456 NTAPI
4457 SeMarkLogonSessionForTerminationNotification (
4458 IN PLUID LogonId
4459 );
4460
4461 NTKERNELAPI
4462 VOID
4463 NTAPI
4464 SeOpenObjectAuditAlarm (
4465 IN PUNICODE_STRING ObjectTypeName,
4466 IN PVOID Object OPTIONAL,
4467 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
4468 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4469 IN PACCESS_STATE AccessState,
4470 IN BOOLEAN ObjectCreated,
4471 IN BOOLEAN AccessGranted,
4472 IN KPROCESSOR_MODE AccessMode,
4473 OUT PBOOLEAN GenerateOnClose
4474 );
4475
4476 NTKERNELAPI
4477 VOID
4478 NTAPI
4479 SeOpenObjectForDeleteAuditAlarm (
4480 IN PUNICODE_STRING ObjectTypeName,
4481 IN PVOID Object OPTIONAL,
4482 IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
4483 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4484 IN PACCESS_STATE AccessState,
4485 IN BOOLEAN ObjectCreated,
4486 IN BOOLEAN AccessGranted,
4487 IN KPROCESSOR_MODE AccessMode,
4488 OUT PBOOLEAN GenerateOnClose
4489 );
4490
4491 NTKERNELAPI
4492 BOOLEAN
4493 NTAPI
4494 SePrivilegeCheck (
4495 IN OUT PPRIVILEGE_SET RequiredPrivileges,
4496 IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
4497 IN KPROCESSOR_MODE AccessMode
4498 );
4499
4500 NTKERNELAPI
4501 NTSTATUS
4502 NTAPI
4503 SeQueryAuthenticationIdToken (
4504 IN PACCESS_TOKEN Token,
4505 OUT PLUID LogonId
4506 );
4507
4508 #if (VER_PRODUCTBUILD >= 2195)
4509
4510 NTKERNELAPI
4511 NTSTATUS
4512 NTAPI
4513 SeQueryInformationToken (
4514 IN PACCESS_TOKEN Token,
4515 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
4516 OUT PVOID *TokenInformation
4517 );
4518
4519 #endif /* (VER_PRODUCTBUILD >= 2195) */
4520
4521 NTKERNELAPI
4522 NTSTATUS
4523 NTAPI
4524 SeQuerySecurityDescriptorInfo (
4525 IN PSECURITY_INFORMATION SecurityInformation,
4526 OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
4527 IN OUT PULONG Length,
4528 IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor
4529 );
4530
4531 #if (VER_PRODUCTBUILD >= 2195)
4532
4533 NTKERNELAPI
4534 NTSTATUS
4535 NTAPI
4536 SeQuerySessionIdToken (
4537 IN PACCESS_TOKEN Token,
4538 IN PULONG SessionId
4539 );
4540
4541 #endif /* (VER_PRODUCTBUILD >= 2195) */
4542
4543 #define SeQuerySubjectContextToken( SubjectContext ) \
4544 ( ARGUMENT_PRESENT( \
4545 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
4546 ) ? \
4547 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
4548 ((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
4549
4550 typedef NTSTATUS (*PSE_LOGON_SESSION_TERMINATED_ROUTINE) (
4551 IN PLUID LogonId
4552 );
4553
4554 NTKERNELAPI
4555 NTSTATUS
4556 NTAPI
4557 SeRegisterLogonSessionTerminatedRoutine (
4558 IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
4559 );
4560
4561 NTKERNELAPI
4562 VOID
4563 NTAPI
4564 SeReleaseSubjectContext (
4565 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
4566 );
4567
4568 NTKERNELAPI
4569 VOID
4570 NTAPI
4571 SeSetAccessStateGenericMapping (
4572 PACCESS_STATE AccessState,
4573 PGENERIC_MAPPING GenericMapping
4574 );
4575
4576 NTKERNELAPI
4577 NTSTATUS
4578 NTAPI
4579 SeSetSecurityDescriptorInfo (
4580 IN PVOID Object OPTIONAL,
4581 IN PSECURITY_INFORMATION SecurityInformation,
4582 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4583 IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
4584 IN POOL_TYPE PoolType,
4585 IN PGENERIC_MAPPING GenericMapping
4586 );
4587
4588 #if (VER_PRODUCTBUILD >= 2195)
4589
4590 NTKERNELAPI
4591 NTSTATUS
4592 NTAPI
4593 SeSetSecurityDescriptorInfoEx (
4594 IN PVOID Object OPTIONAL,
4595 IN PSECURITY_INFORMATION SecurityInformation,
4596 IN PSECURITY_DESCRIPTOR ModificationDescriptor,
4597 IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
4598 IN ULONG AutoInheritFlags,
4599 IN POOL_TYPE PoolType,
4600 IN PGENERIC_MAPPING GenericMapping
4601 );
4602
4603 NTKERNELAPI
4604 BOOLEAN
4605 NTAPI
4606 SeTokenIsAdmin (
4607 IN PACCESS_TOKEN Token
4608 );
4609
4610 NTKERNELAPI
4611 BOOLEAN
4612 NTAPI
4613 SeTokenIsRestricted (
4614 IN PACCESS_TOKEN Token
4615 );
4616
4617
4618 NTSTATUS
4619 NTAPI
4620 SeLocateProcessImageName(
4621 IN PEPROCESS Process,
4622 OUT PUNICODE_STRING *pImageFileName
4623 );
4624
4625 #endif /* (VER_PRODUCTBUILD >= 2195) */
4626
4627 NTKERNELAPI
4628 TOKEN_TYPE
4629 NTAPI
4630 SeTokenType (
4631 IN PACCESS_TOKEN Token
4632 );
4633
4634 NTKERNELAPI
4635 VOID
4636 NTAPI
4637 SeUnlockSubjectContext (
4638 IN PSECURITY_SUBJECT_CONTEXT SubjectContext
4639 );
4640
4641 NTKERNELAPI
4642 NTSTATUS
4643 NTAPI
4644 SeUnregisterLogonSessionTerminatedRoutine (
4645 IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine
4646 );
4647
4648 #if (VER_PRODUCTBUILD >= 2195)
4649
4650 NTSYSAPI
4651 NTSTATUS
4652 NTAPI
4653 ZwAdjustPrivilegesToken (
4654 IN HANDLE TokenHandle,
4655 IN BOOLEAN DisableAllPrivileges,
4656 IN PTOKEN_PRIVILEGES NewState,
4657 IN ULONG BufferLength,
4658 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
4659 OUT PULONG ReturnLength
4660 );
4661
4662 #endif /* (VER_PRODUCTBUILD >= 2195) */
4663
4664 NTSYSAPI
4665 NTSTATUS
4666 NTAPI
4667 ZwAlertThread (
4668 IN HANDLE ThreadHandle
4669 );
4670
4671 NTSYSAPI
4672 NTSTATUS
4673 NTAPI
4674 ZwAllocateVirtualMemory (
4675 IN HANDLE ProcessHandle,
4676 IN OUT PVOID *BaseAddress,
4677 IN ULONG ZeroBits,
4678 IN OUT PSIZE_T RegionSize,
4679 IN ULONG AllocationType,
4680 IN ULONG Protect
4681 );
4682
4683 NTSTATUS
4684 NTAPI
4685 NtAccessCheckByTypeAndAuditAlarm(
4686 IN PUNICODE_STRING SubsystemName,
4687 IN HANDLE HandleId,
4688 IN PUNICODE_STRING ObjectTypeName,
4689 IN PUNICODE_STRING ObjectName,
4690 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4691 IN PSID PrincipalSelfSid,
4692 IN ACCESS_MASK DesiredAccess,
4693 IN AUDIT_EVENT_TYPE AuditType,
4694 IN ULONG Flags,
4695 IN POBJECT_TYPE_LIST ObjectTypeList,
4696 IN ULONG ObjectTypeLength,
4697 IN PGENERIC_MAPPING GenericMapping,
4698 IN BOOLEAN ObjectCreation,
4699 OUT PACCESS_MASK GrantedAccess,
4700 OUT PNTSTATUS AccessStatus,
4701 OUT PBOOLEAN GenerateOnClose
4702 );
4703
4704 NTSTATUS
4705 NTAPI
4706 NtAccessCheckByTypeResultListAndAuditAlarm(
4707 IN PUNICODE_STRING SubsystemName,
4708 IN HANDLE HandleId,
4709 IN PUNICODE_STRING ObjectTypeName,
4710 IN PUNICODE_STRING ObjectName,
4711 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4712 IN PSID PrincipalSelfSid,
4713 IN ACCESS_MASK DesiredAccess,
4714 IN AUDIT_EVENT_TYPE AuditType,
4715 IN ULONG Flags,
4716 IN POBJECT_TYPE_LIST ObjectTypeList,
4717 IN ULONG ObjectTypeLength,
4718 IN PGENERIC_MAPPING GenericMapping,
4719 IN BOOLEAN ObjectCreation,
4720 OUT PACCESS_MASK GrantedAccess,
4721 OUT PNTSTATUS AccessStatus,
4722 OUT PBOOLEAN GenerateOnClose
4723 );
4724
4725 NTSTATUS
4726 NTAPI
4727 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
4728 IN PUNICODE_STRING SubsystemName,
4729 IN HANDLE HandleId,
4730 IN HANDLE ClientToken,
4731 IN PUNICODE_STRING ObjectTypeName,
4732 IN PUNICODE_STRING ObjectName,
4733 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4734 IN PSID PrincipalSelfSid,
4735 IN ACCESS_MASK DesiredAccess,
4736 IN AUDIT_EVENT_TYPE AuditType,
4737 IN ULONG Flags,
4738 IN POBJECT_TYPE_LIST ObjectTypeList,
4739 IN ULONG ObjectTypeLength,
4740 IN PGENERIC_MAPPING GenericMapping,
4741 IN BOOLEAN ObjectCreation,
4742 OUT PACCESS_MASK GrantedAccess,
4743 OUT PNTSTATUS AccessStatus,
4744 OUT PBOOLEAN GenerateOnClose
4745 );
4746
4747 NTSYSAPI
4748 NTSTATUS
4749 NTAPI
4750 ZwAccessCheckAndAuditAlarm (
4751 IN PUNICODE_STRING SubsystemName,
4752 IN PVOID HandleId,
4753 IN PUNICODE_STRING ObjectTypeName,
4754 IN PUNICODE_STRING ObjectName,
4755 IN PSECURITY_DESCRIPTOR SecurityDescriptor,
4756 IN ACCESS_MASK DesiredAccess,
4757 IN PGENERIC_MAPPING GenericMapping,
4758 IN BOOLEAN ObjectCreation,
4759 OUT PACCESS_MASK GrantedAccess,
4760 OUT PBOOLEAN AccessStatus,
4761 OUT PBOOLEAN GenerateOnClose
4762 );
4763
4764 #if (VER_PRODUCTBUILD >= 2195)
4765
4766 NTSYSAPI
4767 NTSTATUS
4768 NTAPI
4769 ZwCancelIoFile (
4770 IN HANDLE FileHandle,
4771 OUT PIO_STATUS_BLOCK IoStatusBlock
4772 );
4773
4774 #endif /* (VER_PRODUCTBUILD >= 2195) */
4775
4776 NTSYSAPI
4777 NTSTATUS
4778 NTAPI
4779 ZwClearEvent (
4780 IN HANDLE EventHandle
4781 );
4782
4783 NTSYSAPI
4784 NTSTATUS
4785 NTAPI
4786 ZwCloseObjectAuditAlarm (
4787 IN PUNICODE_STRING SubsystemName,
4788 IN PVOID HandleId,
4789 IN BOOLEAN GenerateOnClose
4790 );
4791
4792 NTSYSAPI
4793 NTSTATUS
4794 NTAPI
4795 ZwCreateSection (
4796 OUT PHANDLE SectionHandle,
4797 IN ACCESS_MASK DesiredAccess,
4798 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
4799 IN PLARGE_INTEGER MaximumSize OPTIONAL,
4800 IN ULONG SectionPageProtection,
4801 IN ULONG AllocationAttributes,
4802 IN HANDLE FileHandle OPTIONAL
4803 );
4804
4805 NTSYSAPI
4806 NTSTATUS
4807 NTAPI
4808 ZwCreateSymbolicLinkObject (
4809 OUT PHANDLE SymbolicLinkHandle,
4810 IN ACCESS_MASK DesiredAccess,
4811 IN POBJECT_ATTRIBUTES ObjectAttributes,
4812 IN PUNICODE_STRING TargetName
4813 );
4814
4815 NTSYSAPI
4816 NTSTATUS
4817 NTAPI
4818 ZwDeleteFile (
4819 IN POBJECT_ATTRIBUTES ObjectAttributes
4820 );
4821
4822 NTSYSAPI
4823 NTSTATUS
4824 NTAPI
4825 ZwDeleteValueKey (
4826 IN HANDLE Handle,
4827 IN PUNICODE_STRING Name
4828 );
4829
4830 NTSYSAPI
4831 NTSTATUS
4832 NTAPI
4833 ZwDeviceIoControlFile (
4834 IN HANDLE FileHandle,
4835 IN HANDLE Event OPTIONAL,
4836 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
4837 IN PVOID ApcContext OPTIONAL,
4838 OUT PIO_STATUS_BLOCK IoStatusBlock,
4839 IN ULONG IoControlCode,
4840 IN PVOID InputBuffer OPTIONAL,
4841 IN ULONG InputBufferLength,
4842 OUT PVOID OutputBuffer OPTIONAL,
4843 IN ULONG OutputBufferLength
4844 );
4845
4846 NTSYSAPI
4847 NTSTATUS
4848 NTAPI
4849 ZwDisplayString (
4850 IN PUNICODE_STRING String
4851 );
4852
4853 NTSYSAPI
4854 NTSTATUS
4855 NTAPI
4856 ZwDuplicateObject (
4857 IN HANDLE SourceProcessHandle,
4858 IN HANDLE SourceHandle,
4859 IN HANDLE TargetProcessHandle OPTIONAL,
4860 OUT PHANDLE TargetHandle OPTIONAL,
4861 IN ACCESS_MASK DesiredAccess,
4862 IN ULONG HandleAttributes,
4863 IN ULONG Options
4864 );
4865
4866 NTSYSAPI
4867 NTSTATUS
4868 NTAPI
4869 ZwDuplicateToken (
4870 IN HANDLE ExistingTokenHandle,
4871 IN ACCESS_MASK DesiredAccess,
4872 IN POBJECT_ATTRIBUTES ObjectAttributes,
4873 IN BOOLEAN EffectiveOnly,
4874 IN TOKEN_TYPE TokenType,
4875 OUT PHANDLE NewTokenHandle
4876 );
4877
4878 NTSTATUS
4879 NTAPI
4880 NtFilterToken(
4881 IN HANDLE ExistingTokenHandle,
4882 IN ULONG Flags,
4883 IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
4884 IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
4885 IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
4886 OUT PHANDLE NewTokenHandle
4887 );
4888
4889 NTSYSAPI
4890 NTSTATUS
4891 NTAPI
4892 ZwFlushInstructionCache (
4893 IN HANDLE ProcessHandle,
4894 IN PVOID BaseAddress OPTIONAL,
4895 IN ULONG FlushSize
4896 );
4897
4898 NTSYSAPI
4899 NTSTATUS
4900 NTAPI
4901 ZwFlushBuffersFile(
4902 IN HANDLE FileHandle,
4903 OUT PIO_STATUS_BLOCK IoStatusBlock
4904 );
4905
4906 #if (VER_PRODUCTBUILD >= 2195)
4907
4908 NTSYSAPI
4909 NTSTATUS
4910 NTAPI
4911 ZwFlushVirtualMemory (
4912 IN HANDLE ProcessHandle,
4913 IN OUT PVOID *BaseAddress,
4914 IN OUT PULONG FlushSize,
4915 OUT PIO_STATUS_BLOCK IoStatusBlock
4916 );
4917
4918 #endif /* (VER_PRODUCTBUILD >= 2195) */
4919
4920 NTSYSAPI
4921 NTSTATUS
4922 NTAPI
4923 ZwFreeVirtualMemory (
4924 IN HANDLE ProcessHandle,
4925 IN OUT PVOID *BaseAddress,
4926 IN OUT PSIZE_T RegionSize,
4927 IN ULONG FreeType
4928 );
4929
4930 NTSYSAPI
4931 NTSTATUS
4932 NTAPI
4933 ZwFsControlFile (
4934 IN HANDLE FileHandle,
4935 IN HANDLE Event OPTIONAL,
4936 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
4937 IN PVOID ApcContext OPTIONAL,
4938 OUT PIO_STATUS_BLOCK IoStatusBlock,
4939 IN ULONG FsControlCode,
4940 IN PVOID InputBuffer OPTIONAL,
4941 IN ULONG InputBufferLength,
4942 OUT PVOID OutputBuffer OPTIONAL,
4943 IN ULONG OutputBufferLength
4944 );
4945
4946 #if (VER_PRODUCTBUILD >= 2195)
4947
4948 NTSYSAPI
4949 NTSTATUS
4950 NTAPI
4951 ZwInitiatePowerAction (
4952 IN POWER_ACTION SystemAction,
4953 IN SYSTEM_POWER_STATE MinSystemState,
4954 IN ULONG Flags,
4955 IN BOOLEAN Asynchronous
4956 );
4957
4958 #endif /* (VER_PRODUCTBUILD >= 2195) */
4959
4960 NTSYSAPI
4961 NTSTATUS
4962 NTAPI
4963 ZwLoadDriver (
4964 /* "\\Registry\\Machine\\System\\CurrentControlSet\\Services\\<DriverName>" */
4965 IN PUNICODE_STRING RegistryPath
4966 );
4967
4968 NTSYSAPI
4969 NTSTATUS
4970 NTAPI
4971 ZwLoadKey (
4972 IN POBJECT_ATTRIBUTES KeyObjectAttributes,
4973 IN POBJECT_ATTRIBUTES FileObjectAttributes
4974 );
4975
4976 NTSYSAPI
4977 NTSTATUS
4978 NTAPI
4979 ZwNotifyChangeKey (
4980 IN HANDLE KeyHandle,
4981 IN HANDLE EventHandle OPTIONAL,
4982 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
4983 IN PVOID ApcContext OPTIONAL,
4984 OUT PIO_STATUS_BLOCK IoStatusBlock,
4985 IN ULONG NotifyFilter,
4986 IN BOOLEAN WatchSubtree,
4987 IN PVOID Buffer,
4988 IN ULONG BufferLength,
4989 IN BOOLEAN Asynchronous
4990 );
4991
4992 NTSYSAPI
4993 NTSTATUS
4994 NTAPI
4995 ZwOpenDirectoryObject (
4996 OUT PHANDLE DirectoryHandle,
4997 IN ACCESS_MASK DesiredAccess,
4998 IN POBJECT_ATTRIBUTES ObjectAttributes
4999 );
5000
5001 NTSYSAPI
5002 NTSTATUS
5003 NTAPI
5004 ZwOpenEvent (
5005 OUT PHANDLE EventHandle,
5006 IN ACCESS_MASK DesiredAccess,
5007 IN POBJECT_ATTRIBUTES ObjectAttributes
5008 );
5009
5010 NTSYSAPI
5011 NTSTATUS
5012 NTAPI
5013 ZwOpenProcess (
5014 OUT PHANDLE ProcessHandle,
5015 IN ACCESS_MASK DesiredAccess,
5016 IN POBJECT_ATTRIBUTES ObjectAttributes,
5017 IN PCLIENT_ID ClientId OPTIONAL
5018 );
5019
5020 NTSYSAPI
5021 NTSTATUS
5022 NTAPI
5023 ZwOpenProcessToken (
5024 IN HANDLE ProcessHandle,
5025 IN ACCESS_MASK DesiredAccess,
5026 OUT PHANDLE TokenHandle
5027 );
5028
5029 NTSYSAPI
5030 NTSTATUS
5031 NTAPI
5032 ZwOpenThread (
5033 OUT PHANDLE ThreadHandle,
5034 IN ACCESS_MASK DesiredAccess,
5035 IN POBJECT_ATTRIBUTES ObjectAttributes,
5036 IN PCLIENT_ID ClientId
5037 );
5038
5039 NTSYSAPI
5040 NTSTATUS
5041 NTAPI
5042 ZwOpenThreadToken (
5043 IN HANDLE ThreadHandle,
5044 IN ACCESS_MASK DesiredAccess,
5045 IN BOOLEAN OpenAsSelf,
5046 OUT PHANDLE TokenHandle
5047 );
5048
5049 #if (VER_PRODUCTBUILD >= 2195)
5050
5051 NTSYSAPI
5052 NTSTATUS
5053 NTAPI
5054 ZwPowerInformation (
5055 IN POWER_INFORMATION_LEVEL PowerInformationLevel,
5056 IN PVOID InputBuffer OPTIONAL,
5057 IN ULONG InputBufferLength,
5058 OUT PVOID OutputBuffer OPTIONAL,
5059 IN ULONG OutputBufferLength
5060 );
5061
5062 #endif /* (VER_PRODUCTBUILD >= 2195) */
5063
5064 NTSYSAPI
5065 NTSTATUS
5066 NTAPI
5067 ZwPulseEvent (
5068 IN HANDLE EventHandle,
5069 OUT PLONG PreviousState OPTIONAL
5070 );
5071
5072 NTSYSAPI
5073 NTSTATUS
5074 NTAPI
5075 ZwQueryDefaultLocale (
5076 IN BOOLEAN ThreadOrSystem,
5077 OUT PLCID Locale
5078 );
5079
5080 NTSYSAPI
5081 NTSTATUS
5082 NTAPI
5083 ZwQueryDirectoryFile (
5084 IN HANDLE FileHandle,
5085 IN HANDLE Event OPTIONAL,
5086 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
5087 IN PVOID ApcContext OPTIONAL,
5088 OUT PIO_STATUS_BLOCK IoStatusBlock,
5089 OUT PVOID FileInformation,
5090 IN ULONG Length,
5091 IN FILE_INFORMATION_CLASS FileInformationClass,
5092 IN BOOLEAN ReturnSingleEntry,
5093 IN PUNICODE_STRING FileName OPTIONAL,
5094 IN BOOLEAN RestartScan
5095 );
5096
5097 #if (VER_PRODUCTBUILD >= 2195)
5098
5099 NTSYSAPI
5100 NTSTATUS
5101 NTAPI
5102 ZwQueryDirectoryObject (
5103 IN HANDLE DirectoryHandle,
5104 OUT PVOID Buffer,
5105 IN ULONG Length,
5106 IN BOOLEAN ReturnSingleEntry,
5107 IN BOOLEAN RestartScan,
5108 IN OUT PULONG Context,
5109 OUT PULONG ReturnLength OPTIONAL
5110 );
5111
5112 NTSYSAPI
5113 NTSTATUS
5114 NTAPI
5115 ZwQueryEaFile (
5116 IN HANDLE FileHandle,
5117 OUT PIO_STATUS_BLOCK IoStatusBlock,
5118 OUT PVOID Buffer,
5119 IN ULONG Length,
5120 IN BOOLEAN ReturnSingleEntry,
5121 IN PVOID EaList OPTIONAL,
5122 IN ULONG EaListLength,
5123 IN PULONG EaIndex OPTIONAL,
5124 IN BOOLEAN RestartScan
5125 );
5126
5127 #endif /* (VER_PRODUCTBUILD >= 2195) */
5128
5129 NTSYSAPI
5130 NTSTATUS
5131 NTAPI
5132 ZwQueryInformationProcess (
5133 IN HANDLE ProcessHandle,
5134 IN PROCESSINFOCLASS ProcessInformationClass,
5135 OUT PVOID ProcessInformation,
5136 IN ULONG ProcessInformationLength,
5137 OUT PULONG ReturnLength OPTIONAL
5138 );
5139
5140 NTSYSAPI
5141 NTSTATUS
5142 NTAPI
5143 ZwQueryInformationToken (
5144 IN HANDLE TokenHandle,
5145 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
5146 OUT PVOID TokenInformation,
5147 IN ULONG Length,
5148 OUT PULONG ResultLength
5149 );
5150
5151 NTSYSAPI
5152 NTSTATUS
5153 NTAPI
5154 ZwQuerySecurityObject (
5155 IN HANDLE FileHandle,
5156 IN SECURITY_INFORMATION SecurityInformation,
5157 OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
5158 IN ULONG Length,
5159 OUT PULONG ResultLength
5160 );
5161
5162 NTSYSAPI
5163 NTSTATUS
5164 NTAPI
5165 ZwQueryVolumeInformationFile (
5166 IN HANDLE FileHandle,
5167 OUT PIO_STATUS_BLOCK IoStatusBlock,
5168 OUT PVOID FsInformation,
5169 IN ULONG Length,
5170 IN FS_INFORMATION_CLASS FsInformationClass
5171 );
5172
5173 NTSYSAPI
5174 NTSTATUS
5175 NTAPI
5176 ZwReplaceKey (
5177 IN POBJECT_ATTRIBUTES NewFileObjectAttributes,
5178 IN HANDLE KeyHandle,
5179 IN POBJECT_ATTRIBUTES OldFileObjectAttributes
5180 );
5181
5182 NTSYSAPI
5183 NTSTATUS
5184 NTAPI
5185 ZwResetEvent (
5186 IN HANDLE EventHandle,
5187 OUT PLONG PreviousState OPTIONAL
5188 );
5189
5190 #if (VER_PRODUCTBUILD >= 2195)
5191
5192 NTSYSAPI
5193 NTSTATUS
5194 NTAPI
5195 ZwRestoreKey (
5196 IN HANDLE KeyHandle,
5197 IN HANDLE FileHandle,
5198 IN ULONG Flags
5199 );
5200
5201 #endif /* (VER_PRODUCTBUILD >= 2195) */
5202
5203 NTSYSAPI
5204 NTSTATUS
5205 NTAPI
5206 ZwSaveKey (
5207 IN HANDLE KeyHandle,
5208 IN HANDLE FileHandle
5209 );
5210
5211 NTSYSAPI
5212 NTSTATUS
5213 NTAPI
5214 ZwSetDefaultLocale (
5215 IN BOOLEAN ThreadOrSystem,
5216 IN LCID Locale
5217 );
5218
5219 #if (VER_PRODUCTBUILD >= 2195)
5220
5221 NTSYSAPI
5222 NTSTATUS
5223 NTAPI
5224 ZwSetDefaultUILanguage (
5225 IN LANGID LanguageId
5226 );
5227
5228 NTSYSAPI
5229 NTSTATUS
5230 NTAPI
5231 ZwSetEaFile (
5232 IN HANDLE FileHandle,
5233 OUT PIO_STATUS_BLOCK IoStatusBlock,
5234 OUT PVOID Buffer,
5235 IN ULONG Length
5236 );
5237
5238 #endif /* (VER_PRODUCTBUILD >= 2195) */
5239
5240 NTSYSAPI
5241 NTSTATUS
5242 NTAPI
5243 ZwSetEvent (
5244 IN HANDLE EventHandle,
5245 OUT PLONG PreviousState OPTIONAL
5246 );
5247
5248 NTSYSAPI
5249 NTSTATUS
5250 NTAPI
5251 ZwSetInformationProcess (
5252 IN HANDLE ProcessHandle,
5253 IN PROCESSINFOCLASS ProcessInformationClass,
5254 IN PVOID ProcessInformation,
5255 IN ULONG ProcessInformationLength
5256 );
5257
5258 #if (VER_PRODUCTBUILD >= 2195)
5259
5260 NTSYSAPI
5261 NTSTATUS
5262 NTAPI
5263 ZwSetSecurityObject (
5264 IN HANDLE Handle,
5265 IN SECURITY_INFORMATION SecurityInformation,
5266 IN PSECURITY_DESCRIPTOR SecurityDescriptor
5267 );
5268
5269 #endif /* (VER_PRODUCTBUILD >= 2195) */
5270
5271 NTSYSAPI
5272 NTSTATUS
5273 NTAPI
5274 ZwSetSystemTime (
5275 IN PLARGE_INTEGER NewTime,
5276 OUT PLARGE_INTEGER OldTime OPTIONAL
5277 );
5278
5279 #if (VER_PRODUCTBUILD >= 2195)
5280
5281 NTSYSAPI
5282 NTSTATUS
5283 NTAPI
5284 ZwSetVolumeInformationFile (
5285 IN HANDLE FileHandle,
5286 OUT PIO_STATUS_BLOCK IoStatusBlock,
5287 IN PVOID FsInformation,
5288 IN ULONG Length,
5289 IN FS_INFORMATION_CLASS FsInformationClass
5290 );
5291
5292 #endif /* (VER_PRODUCTBUILD >= 2195) */
5293
5294 NTSYSAPI
5295 NTSTATUS
5296 NTAPI
5297 ZwTerminateProcess (
5298 IN HANDLE ProcessHandle OPTIONAL,
5299 IN NTSTATUS ExitStatus
5300 );
5301
5302 NTSYSAPI
5303 NTSTATUS
5304 NTAPI
5305 ZwUnloadDriver (
5306 /* "\\Registry\\Machine\\System\\CurrentControlSet\\Services\\<DriverName>" */
5307 IN PUNICODE_STRING RegistryPath
5308 );
5309
5310 NTSYSAPI
5311 NTSTATUS
5312 NTAPI
5313 ZwUnloadKey (
5314 IN POBJECT_ATTRIBUTES KeyObjectAttributes
5315 );
5316
5317 NTSYSAPI
5318 NTSTATUS
5319 NTAPI
5320 ZwWaitForSingleObject (
5321 IN HANDLE Handle,
5322 IN BOOLEAN Alertable,
5323 IN PLARGE_INTEGER Timeout OPTIONAL
5324 );
5325
5326 NTSYSAPI
5327 NTSTATUS
5328 NTAPI
5329 ZwWaitForMultipleObjects (
5330 IN ULONG HandleCount,
5331 IN PHANDLE Handles,
5332 IN WAIT_TYPE WaitType,
5333 IN BOOLEAN Alertable,
5334 IN PLARGE_INTEGER Timeout OPTIONAL
5335 );
5336
5337 NTSYSAPI
5338 NTSTATUS
5339 NTAPI
5340 ZwYieldExecution (
5341 VOID
5342 );
5343
5344 #pragma pack(pop)
5345
5346 #ifdef __cplusplus
5347 }
5348 #endif
5349
5350 #endif /* _NTIFS_ */
A free Windows-compatible Operating System