NtAcceptConnectPort signature fixed.
[reactos.git] / reactos / include / ntos / zw.h
1 /* $Id$
2 *
3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * PURPOSE: System call definitions
6 * FILE: include/ddk/zw.h
7 * REVISION HISTORY:
8 * ??/??/??: First few functions (David Welch)
9 * ??/??/??: Complete implementation by Ariadne
10 * 13/07/98: Reorganised things a bit (David Welch)
11 * 04/08/98: Added some documentation (Ariadne)
12 * 14/08/98: Added type TIME and change variable type from [1] to [0]
13 * 14/09/98: Added for each Nt call a corresponding Zw Call
14 * 09/08/03: Added ThreadEventPair routines
15 */
16
17 #ifndef __DDK_ZW_H
18 #define __DDK_ZW_H
19
20 #include <ntos/security.h>
21 #include <ntos/zwtypes.h>
22 #include <napi/npipe.h>
23
24 #ifndef _RTLGETPROCESSHEAP_DEFINED_
25 #define _RTLGETPROCESSHEAP_DEFINED_
26 #define RtlGetProcessHeap() (NtCurrentPeb()->ProcessHeap)
27 #endif
28
29 // semaphore information
30
31 typedef enum _SEMAPHORE_INFORMATION_CLASS
32 {
33 SemaphoreBasicInformation = 0
34 } SEMAPHORE_INFORMATION_CLASS;
35
36 typedef struct _SEMAPHORE_BASIC_INFORMATION
37 {
38 LONG CurrentCount;
39 LONG MaximumCount;
40 } SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
41
42 // event information
43
44 typedef enum _EVENT_INFORMATION_CLASS
45 {
46 EventBasicInformation = 0
47 } EVENT_INFORMATION_CLASS;
48
49 typedef struct _EVENT_BASIC_INFORMATION
50 {
51 EVENT_TYPE EventType;
52 LONG EventState;
53 } EVENT_BASIC_INFORMATION, *PEVENT_BASIC_INFORMATION;
54
55 // wmi trace event data
56 typedef struct _EVENT_TRACE_HEADER {
57 USHORT Size;
58 union {
59 USHORT FieldTypeFlags;
60 struct {
61 UCHAR HeaderType;
62 UCHAR MarkerFlags;
63 };
64 };
65 union {
66 ULONG Version;
67 struct {
68 UCHAR Type;
69 UCHAR Level;
70 USHORT Version;
71 } Class;
72 };
73 ULONG ThreadId;
74 ULONG ProcessId;
75 LARGE_INTEGER TimeStamp;
76 union {
77 GUID Guid;
78 ULONGLONG GuidPtr;
79 };
80 union {
81 struct {
82 ULONG ClientContext;
83 ULONG Flags;
84 };
85 struct {
86 ULONG KernelTime;
87 ULONG UserTime;
88 };
89 ULONG64 ProcessorTime;
90 };
91 } EVENT_TRACE_HEADER, *PEVENT_TRACE_HEADER;
92
93
94 typedef struct _FILE_USER_QUOTA_INFORMATION {
95 ULONG NextEntryOffset;
96 ULONG SidLength;
97 LARGE_INTEGER ChangeTime;
98 LARGE_INTEGER QuotaUsed;
99 LARGE_INTEGER QuotaThreshold;
100 LARGE_INTEGER QuotaLimit;
101 SID Sid[1];
102 } FILE_USER_QUOTA_INFORMATION, *PFILE_USER_QUOTA_INFORMATION;
103
104
105 //#define LCID ULONG
106 //#define SECURITY_INFORMATION ULONG
107 //typedef ULONG SECURITY_INFORMATION;
108
109 #ifndef __USE_NT_LPC__
110 NTSTATUS STDCALL
111 NtAcceptConnectPort (OUT PHANDLE PortHandle,
112 IN PVOID Context,
113 IN PLPC_MESSAGE ServerReply,
114 IN BOOLEAN AcceptIt,
115 IN PLPC_SECTION_WRITE WriteMap,
116 IN PLPC_SECTION_READ ReadMap);
117 #else
118 NTSTATUS STDCALL
119 NtAcceptConnectPort (PHANDLE PortHandle,
120 ULONG PortIdentifier,
121 PLPC_MESSAGE ServerReply,
122 BOOLEAN AcceptIt,
123 PLPC_SECTION_WRITE WriteMap,
124 PLPC_SECTION_READ ReadMap);
125 #endif /* ndef __USE_NT_LPC__ */
126
127 NTSTATUS
128 STDCALL
129 NtAddBootEntry(
130 IN PUNICODE_STRING EntryName,
131 IN PUNICODE_STRING EntryValue
132 );
133
134 NTSTATUS
135 STDCALL
136 ZwAddBootEntry(
137 IN PUNICODE_STRING EntryName,
138 IN PUNICODE_STRING EntryValue
139 );
140
141 /*
142 * FUNCTION: Adjusts the groups in an access token
143 * ARGUMENTS:
144 * TokenHandle = Specifies the access token
145 * ResetToDefault = If true the NewState parameter is ignored and the groups are set to
146 * their default state, if false the groups specified in
147 * NewState are set.
148 * NewState =
149 * BufferLength = Specifies the size of the buffer for the PreviousState.
150 * PreviousState =
151 * ReturnLength = Bytes written in PreviousState buffer.
152 * REMARKS: The arguments map to the win32 AdjustTokenGroups
153 * RETURNS: Status
154 */
155
156 NTSTATUS
157 STDCALL
158 NtAdjustGroupsToken(
159 IN HANDLE TokenHandle,
160 IN BOOLEAN ResetToDefault,
161 IN PTOKEN_GROUPS NewState,
162 IN ULONG BufferLength,
163 OUT PTOKEN_GROUPS PreviousState OPTIONAL,
164 OUT PULONG ReturnLength
165 );
166
167 NTSTATUS
168 STDCALL
169 ZwAdjustGroupsToken(
170 IN HANDLE TokenHandle,
171 IN BOOLEAN ResetToDefault,
172 IN PTOKEN_GROUPS NewState,
173 IN ULONG BufferLength,
174 OUT PTOKEN_GROUPS PreviousState,
175 OUT PULONG ReturnLength
176 );
177
178
179 /*
180 * FUNCTION:
181 *
182 * ARGUMENTS:
183 * TokenHandle = Handle to the access token
184 * DisableAllPrivileges = The resulting suspend count.
185 NewState =
186 BufferLength =
187 PreviousState =
188 ReturnLength =
189 * REMARK:
190 * The arguments map to the win32 AdjustTokenPrivileges
191 * RETURNS: Status
192 */
193
194 NTSTATUS
195 STDCALL
196 NtAdjustPrivilegesToken(
197 IN HANDLE TokenHandle,
198 IN BOOLEAN DisableAllPrivileges,
199 IN PTOKEN_PRIVILEGES NewState,
200 IN ULONG BufferLength,
201 OUT PTOKEN_PRIVILEGES PreviousState,
202 OUT PULONG ReturnLength
203 );
204
205 NTSTATUS
206 STDCALL
207 ZwAdjustPrivilegesToken(
208 IN HANDLE TokenHandle,
209 IN BOOLEAN DisableAllPrivileges,
210 IN PTOKEN_PRIVILEGES NewState,
211 IN ULONG BufferLength,
212 OUT PTOKEN_PRIVILEGES PreviousState,
213 OUT PULONG ReturnLength
214 );
215
216
217 /*
218 * FUNCTION: Decrements a thread's suspend count and places it in an alerted
219 * state.
220 * ARGUMENTS:
221 * ThreadHandle = Handle to the thread that should be resumed
222 * SuspendCount = The resulting suspend count.
223 * REMARK:
224 * A thread is resumed if its suspend count is 0
225 * RETURNS: Status
226 */
227 NTSTATUS
228 STDCALL
229 NtAlertResumeThread(
230 IN HANDLE ThreadHandle,
231 OUT PULONG SuspendCount
232 );
233
234 NTSTATUS
235 STDCALL
236 ZwAlertResumeThread(
237 IN HANDLE ThreadHandle,
238 OUT PULONG SuspendCount
239 );
240
241 /*
242 * FUNCTION: Puts the thread in a alerted state
243 * ARGUMENTS:
244 * ThreadHandle = Handle to the thread that should be alerted
245 * RETURNS: Status
246 */
247 NTSTATUS
248 STDCALL
249 NtAlertThread(
250 IN HANDLE ThreadHandle
251 );
252
253 NTSTATUS
254 STDCALL
255 ZwAlertThread(
256 IN HANDLE ThreadHandle
257 );
258
259
260 /*
261 * FUNCTION: Allocates a locally unique id
262 * ARGUMENTS:
263 * LocallyUniqueId = Locally unique number
264 * RETURNS: Status
265 */
266 NTSTATUS
267 STDCALL
268 NtAllocateLocallyUniqueId(
269 OUT LUID *LocallyUniqueId
270 );
271
272 NTSTATUS
273 STDCALL
274 ZwAllocateLocallyUniqueId(
275 OUT PLUID Luid
276 );
277
278 /*
279 * FUNCTION: Allocates a block of virtual memory in the process address space
280 * ARGUMENTS:
281 * ProcessHandle = The handle of the process which owns the virtual memory
282 * BaseAddress = A pointer to the virtual memory allocated. If you supply a non zero
283 * value the system will try to allocate the memory at the address supplied. It rounds
284 * it down to a multiple if the page size.
285 * ZeroBits = (OPTIONAL) You can specify the number of high order bits that must be zero, ensuring that
286 * the memory will be allocated at a address below a certain value.
287 * RegionSize = The number of bytes to allocate
288 * AllocationType = Indicates the type of virtual memory you like to allocated,
289 * can be one of the values : MEM_COMMIT, MEM_RESERVE, MEM_RESET, MEM_TOP_DOWN
290 * Protect = Indicates the protection type of the pages allocated, can be a combination of
291 * PAGE_READONLY, PAGE_READWRITE, PAGE_EXECUTE_READ,
292 * PAGE_EXECUTE_READWRITE, PAGE_GUARD, PAGE_NOACCESS, PAGE_NOACCESS
293 * REMARKS:
294 * This function maps to the win32 VirtualAllocEx. Virtual memory is process based so the
295 * protocol starts with a ProcessHandle. I splitted the functionality of obtaining the actual address and specifying
296 * the start address in two parameters ( BaseAddress and StartAddress ) The NumberOfBytesAllocated specify the range
297 * and the AllocationType and ProctectionType map to the other two parameters.
298 * RETURNS: Status
299 */
300 NTSTATUS
301 STDCALL
302 NtAllocateVirtualMemory (
303 IN HANDLE ProcessHandle,
304 IN OUT PVOID *BaseAddress,
305 IN ULONG ZeroBits,
306 IN OUT PULONG RegionSize,
307 IN ULONG AllocationType,
308 IN ULONG Protect
309 );
310
311 NTSTATUS
312 STDCALL
313 ZwAllocateVirtualMemory (
314 IN HANDLE ProcessHandle,
315 IN OUT PVOID *BaseAddress,
316 IN ULONG ZeroBits,
317 IN OUT PULONG RegionSize,
318 IN ULONG AllocationType,
319 IN ULONG Protect);
320
321
322
323 NTSTATUS
324 STDCALL
325 NtAssignProcessToJobObject(
326 HANDLE JobHandle,
327 HANDLE ProcessHandle);
328
329 NTSTATUS
330 STDCALL
331 ZwAssignProcessToJobObject(
332 HANDLE JobHandle,
333 HANDLE ProcessHandle);
334
335 /*
336 * FUNCTION: Returns from a callback into user mode
337 * ARGUMENTS:
338 * RETURN Status
339 */
340 //FIXME: this function might need 3 parameters
341 NTSTATUS STDCALL NtCallbackReturn(PVOID Result,
342 ULONG ResultLength,
343 NTSTATUS Status);
344
345 NTSTATUS STDCALL ZwCallbackReturn(PVOID Result,
346 ULONG ResultLength,
347 NTSTATUS Status);
348
349 /*
350 * FUNCTION: Cancels a IO request
351 * ARGUMENTS:
352 * FileHandle = Handle to the file
353 * IoStatusBlock =
354 *
355 * REMARKS:
356 * This function maps to the win32 CancelIo.
357 * RETURNS: Status
358 */
359 NTSTATUS
360 STDCALL
361 NtCancelIoFile(
362 IN HANDLE FileHandle,
363 OUT PIO_STATUS_BLOCK IoStatusBlock
364 );
365
366 NTSTATUS
367 STDCALL
368 ZwCancelIoFile(
369 IN HANDLE FileHandle,
370 OUT PIO_STATUS_BLOCK IoStatusBlock
371 );
372
373 /*
374 * FUNCTION: Sets the status of the event back to non-signaled
375 * ARGUMENTS:
376 * EventHandle = Handle to the event
377 * REMARKS:
378 * This function maps to win32 function ResetEvent.
379 * RETURcNS: Status
380 */
381
382 NTSTATUS
383 STDCALL
384 NtClearEvent(
385 IN HANDLE EventHandle
386 );
387
388 NTSTATUS
389 STDCALL
390 ZwClearEvent(
391 IN HANDLE EventHandle
392 );
393
394 NTSTATUS
395 STDCALL
396 NtCreateJobObject(
397 PHANDLE JobHandle,
398 ACCESS_MASK DesiredAccess,
399 POBJECT_ATTRIBUTES ObjectAttributes
400 );
401
402 NTSTATUS
403 STDCALL
404 ZwCreateJobObject(
405 PHANDLE JobHandle,
406 ACCESS_MASK DesiredAccess,
407 POBJECT_ATTRIBUTES ObjectAttributes
408 );
409
410
411 /*
412 * FUNCTION: Closes an object handle
413 * ARGUMENTS:
414 * Handle = Handle to the object
415 * REMARKS:
416 * This function maps to the win32 function CloseHandle.
417 * RETURNS: Status
418 */
419
420 NTSTATUS
421 STDCALL
422 NtClose(
423 IN HANDLE Handle
424 );
425
426 NTSTATUS
427 STDCALL
428 ZwClose(
429 IN HANDLE Handle
430 );
431
432 /*
433 * FUNCTION: Generates an audit message when a handle to an object is dereferenced
434 * ARGUMENTS:
435 * SubsystemName =
436 HandleId = Handle to the object
437 GenerateOnClose =
438 * REMARKS:
439 * This function maps to the win32 function ObjectCloseAuditAlarm.
440 * RETURNS: Status
441 */
442
443 NTSTATUS
444 STDCALL
445 NtCloseObjectAuditAlarm(
446 IN PUNICODE_STRING SubsystemName,
447 IN PVOID HandleId,
448 IN BOOLEAN GenerateOnClose
449 );
450
451 NTSTATUS
452 STDCALL
453 ZwCloseObjectAuditAlarm(
454 IN PUNICODE_STRING SubsystemName,
455 IN PVOID HandleId,
456 IN BOOLEAN GenerateOnClose
457 );
458
459
460 NTSTATUS STDCALL
461 NtCompleteConnectPort (HANDLE PortHandle);
462
463 NTSTATUS STDCALL
464 ZwCompleteConnectPort (HANDLE PortHandle);
465
466
467 NTSTATUS STDCALL
468 NtConnectPort (PHANDLE PortHandle,
469 PUNICODE_STRING PortName,
470 PSECURITY_QUALITY_OF_SERVICE SecurityQos,
471 PLPC_SECTION_WRITE SectionInfo,
472 PLPC_SECTION_READ MapInfo,
473 PULONG MaxMessageSize,
474 PVOID ConnectInfo,
475 PULONG ConnectInfoLength);
476
477 NTSTATUS STDCALL
478 ZwConnectPort (PHANDLE PortHandle,
479 PUNICODE_STRING PortName,
480 PSECURITY_QUALITY_OF_SERVICE SecurityQos,
481 PLPC_SECTION_WRITE SectionInfo,
482 PLPC_SECTION_READ MapInfo,
483 PULONG MaxMessageSize,
484 PVOID ConnectInfo,
485 PULONG ConnectInfoLength);
486
487 /*
488 * FUNCTION: Creates a directory object
489 * ARGUMENTS:
490 * DirectoryHandle (OUT) = Caller supplied storage for the resulting handle
491 * DesiredAccess = Specifies access to the directory
492 * ObjectAttribute = Initialized attributes for the object
493 * REMARKS: This function maps to the win32 CreateDirectory. A directory is like a file so it needs a
494 * handle, a access mask and a OBJECT_ATTRIBUTES structure to map the path name and the SECURITY_ATTRIBUTES.
495 * RETURNS: Status
496 */
497
498 NTSTATUS
499 STDCALL
500 NtCreateDirectoryObject(
501 OUT PHANDLE DirectoryHandle,
502 IN ACCESS_MASK DesiredAccess,
503 IN POBJECT_ATTRIBUTES ObjectAttributes
504 );
505
506 NTSTATUS
507 STDCALL
508 ZwCreateDirectoryObject(
509 OUT PHANDLE DirectoryHandle,
510 IN ACCESS_MASK DesiredAccess,
511 IN POBJECT_ATTRIBUTES ObjectAttributes
512 );
513
514 /*
515 * FUNCTION: Creates an event object
516 * ARGUMENTS:
517 * EventHandle (OUT) = Caller supplied storage for the resulting handle
518 * DesiredAccess = Specifies access to the event
519 * ObjectAttribute = Initialized attributes for the object
520 * ManualReset = manual-reset or auto-reset if true you have to reset the state of the event manually
521 * using NtResetEvent/NtClearEvent. if false the system will reset the event to a non-signalled state
522 * automatically after the system has rescheduled a thread waiting on the event.
523 * InitialState = specifies the initial state of the event to be signaled ( TRUE ) or non-signalled (FALSE).
524 * REMARKS: This function maps to the win32 CreateEvent. Demanding a out variable of type HANDLE,
525 * a access mask and a OBJECT_ATTRIBUTES structure mapping to the SECURITY_ATTRIBUTES. ManualReset and InitialState are
526 * both parameters aswell ( possibly the order is reversed ).
527 * RETURNS: Status
528 */
529
530 NTSTATUS
531 STDCALL
532 NtCreateEvent(
533 OUT PHANDLE EventHandle,
534 IN ACCESS_MASK DesiredAccess,
535 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
536 IN EVENT_TYPE EventType,
537 IN BOOLEAN InitialState
538 );
539
540 NTSTATUS
541 STDCALL
542 ZwCreateEvent(
543 OUT PHANDLE EventHandle,
544 IN ACCESS_MASK DesiredAccess,
545 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
546 IN EVENT_TYPE EventType,
547 IN BOOLEAN InitialState
548 );
549
550 /*
551 * FUNCTION: Creates an eventpair object
552 * ARGUMENTS:
553 * EventPairHandle (OUT) = Caller supplied storage for the resulting handle
554 * DesiredAccess = Specifies access to the event
555 * ObjectAttribute = Initialized attributes for the object
556 */
557
558 NTSTATUS
559 STDCALL
560 NtCreateEventPair(
561 OUT PHANDLE EventPairHandle,
562 IN ACCESS_MASK DesiredAccess,
563 IN POBJECT_ATTRIBUTES ObjectAttributes
564 );
565
566 NTSTATUS
567 STDCALL
568 ZwCreateEventPair(
569 OUT PHANDLE EventPairHandle,
570 IN ACCESS_MASK DesiredAccess,
571 IN POBJECT_ATTRIBUTES ObjectAttributes
572 );
573
574
575 /*
576 * FUNCTION: Creates or opens a file, directory or device object.
577 * ARGUMENTS:
578 * FileHandle (OUT) = Caller supplied storage for the resulting handle
579 * DesiredAccess = Specifies the allowed or desired access to the file can
580 * be a combination of DELETE | FILE_READ_DATA ..
581 * ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
582 * IoStatusBlock (OUT) = Caller supplied storage for the resulting status information, indicating if the
583 * the file is created and opened or allready existed and is just opened.
584 * FileAttributes = file attributes can be a combination of FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN ...
585 * ShareAccess = can be a combination of the following: FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE
586 * CreateDisposition = specifies what the behavior of the system if the file allready exists.
587 * CreateOptions = specifies the behavior of the system on file creation.
588 * EaBuffer (OPTIONAL) = Extended Attributes buffer, applies only to files and directories.
589 * EaLength = Extended Attributes buffer size, applies only to files and directories.
590 * REMARKS: This function maps to the win32 CreateFile.
591 * RETURNS: Status
592 */
593
594 NTSTATUS
595 STDCALL
596 NtCreateFile(
597 OUT PHANDLE FileHandle,
598 IN ACCESS_MASK DesiredAccess,
599 IN POBJECT_ATTRIBUTES ObjectAttributes,
600 OUT PIO_STATUS_BLOCK IoStatusBlock,
601 IN PLARGE_INTEGER AllocationSize OPTIONAL,
602 IN ULONG FileAttributes,
603 IN ULONG ShareAccess,
604 IN ULONG CreateDisposition,
605 IN ULONG CreateOptions,
606 IN PVOID EaBuffer OPTIONAL,
607 IN ULONG EaLength
608 );
609
610 NTSTATUS
611 STDCALL
612 ZwCreateFile(
613 OUT PHANDLE FileHandle,
614 IN ACCESS_MASK DesiredAccess,
615 IN POBJECT_ATTRIBUTES ObjectAttributes,
616 OUT PIO_STATUS_BLOCK IoStatusBlock,
617 IN PLARGE_INTEGER AllocationSize OPTIONAL,
618 IN ULONG FileAttributes,
619 IN ULONG ShareAccess,
620 IN ULONG CreateDisposition,
621 IN ULONG CreateOptions,
622 IN PVOID EaBuffer OPTIONAL,
623 IN ULONG EaLength
624 );
625
626 /*
627 * FUNCTION: Creates or opens a file, directory or device object.
628 * ARGUMENTS:
629 * CompletionPort (OUT) = Caller supplied storage for the resulting handle
630 * DesiredAccess = Specifies the allowed or desired access to the port
631 * IoStatusBlock =
632 * NumberOfConcurrentThreads =
633 * REMARKS: This function maps to the win32 CreateIoCompletionPort
634 * RETURNS:
635 * Status
636 */
637
638 NTSTATUS
639 STDCALL
640 NtCreateIoCompletion(
641 OUT PHANDLE IoCompletionHandle,
642 IN ACCESS_MASK DesiredAccess,
643 IN POBJECT_ATTRIBUTES ObjectAttributes,
644 IN ULONG NumberOfConcurrentThreads
645 );
646
647 NTSTATUS
648 STDCALL
649 ZwCreateIoCompletion(
650 OUT PHANDLE IoCompletionHandle,
651 IN ACCESS_MASK DesiredAccess,
652 IN POBJECT_ATTRIBUTES ObjectAttributes,
653 IN ULONG NumberOfConcurrentThreads
654 );
655
656 /*
657 * FUNCTION: Creates a registry key
658 * ARGUMENTS:
659 * KeyHandle (OUT) = Caller supplied storage for the resulting handle
660 * DesiredAccess = Specifies the allowed or desired access to the key
661 * It can have a combination of the following values:
662 * KEY_READ | KEY_WRITE | KEY_EXECUTE | KEY_ALL_ACCESS
663 * or
664 * KEY_QUERY_VALUE The values of the key can be queried.
665 * KEY_SET_VALUE The values of the key can be modified.
666 * KEY_CREATE_SUB_KEYS The key may contain subkeys.
667 * KEY_ENUMERATE_SUB_KEYS Subkeys can be queried.
668 * KEY_NOTIFY
669 * KEY_CREATE_LINK A symbolic link to the key can be created.
670 * ObjectAttributes = The name of the key may be specified directly in the name field
671 * of object attributes or relative to a key in rootdirectory.
672 * TitleIndex = Might specify the position in the sequential order of subkeys.
673 * Class = Specifies the kind of data, for example REG_SZ for string data. [ ??? ]
674 * CreateOptions = Specifies additional options with which the key is created
675 * REG_OPTION_VOLATILE The key is not preserved across boots.
676 * REG_OPTION_NON_VOLATILE The key is preserved accross boots.
677 * REG_OPTION_CREATE_LINK The key is a symbolic link to another key.
678 * REG_OPTION_BACKUP_RESTORE Key is being opened or created for backup/restore operations.
679 * Disposition = Indicates if the call to NtCreateKey resulted in the creation of a key it
680 * can have the following values: REG_CREATED_NEW_KEY | REG_OPENED_EXISTING_KEY
681 * RETURNS:
682 * Status
683 */
684
685 NTSTATUS STDCALL
686 NtCreateKey(OUT PHANDLE KeyHandle,
687 IN ACCESS_MASK DesiredAccess,
688 IN POBJECT_ATTRIBUTES ObjectAttributes,
689 IN ULONG TitleIndex,
690 IN PUNICODE_STRING Class OPTIONAL,
691 IN ULONG CreateOptions,
692 IN PULONG Disposition OPTIONAL);
693
694 NTSTATUS STDCALL
695 ZwCreateKey(OUT PHANDLE KeyHandle,
696 IN ACCESS_MASK DesiredAccess,
697 IN POBJECT_ATTRIBUTES ObjectAttributes,
698 IN ULONG TitleIndex,
699 IN PUNICODE_STRING Class OPTIONAL,
700 IN ULONG CreateOptions,
701 IN PULONG Disposition OPTIONAL);
702
703 /*
704 * FUNCTION: Creates a mail slot file
705 * ARGUMENTS:
706 * MailSlotFileHandle (OUT) = Caller supplied storage for the resulting handle
707 * DesiredAccess = Specifies the allowed or desired access to the file
708 * ObjectAttributes = Contains the name of the mailslotfile.
709 * IoStatusBlock =
710 * FileAttributes =
711 * ShareAccess =
712 * MaxMessageSize =
713 * TimeOut =
714 *
715 * REMARKS: This funciton maps to the win32 function CreateMailSlot
716 * RETURNS:
717 * Status
718 */
719
720 NTSTATUS
721 STDCALL
722 NtCreateMailslotFile(
723 OUT PHANDLE MailSlotFileHandle,
724 IN ACCESS_MASK DesiredAccess,
725 IN POBJECT_ATTRIBUTES ObjectAttributes,
726 OUT PIO_STATUS_BLOCK IoStatusBlock,
727 IN ULONG FileAttributes,
728 IN ULONG ShareAccess,
729 IN ULONG MaxMessageSize,
730 IN PLARGE_INTEGER TimeOut
731 );
732
733 NTSTATUS
734 STDCALL
735 ZwCreateMailslotFile(
736 OUT PHANDLE MailSlotFileHandle,
737 IN ACCESS_MASK DesiredAccess,
738 IN POBJECT_ATTRIBUTES ObjectAttributes,
739 OUT PIO_STATUS_BLOCK IoStatusBlock,
740 IN ULONG FileAttributes,
741 IN ULONG ShareAccess,
742 IN ULONG MaxMessageSize,
743 IN PLARGE_INTEGER TimeOut
744 );
745
746 /*
747 * FUNCTION: Creates or opens a mutex
748 * ARGUMENTS:
749 * MutantHandle (OUT) = Caller supplied storage for the resulting handle
750 * DesiredAccess = Specifies the allowed or desired access to the port
751 * ObjectAttributes = Contains the name of the mutex.
752 * InitialOwner = If true the calling thread acquires ownership
753 * of the mutex.
754 * REMARKS: This funciton maps to the win32 function CreateMutex
755 * RETURNS:
756 * Status
757 */
758 NTSTATUS
759 STDCALL
760 NtCreateMutant(
761 OUT PHANDLE MutantHandle,
762 IN ACCESS_MASK DesiredAccess,
763 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
764 IN BOOLEAN InitialOwner
765 );
766
767 NTSTATUS
768 STDCALL
769 ZwCreateMutant(
770 OUT PHANDLE MutantHandle,
771 IN ACCESS_MASK DesiredAccess,
772 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
773 IN BOOLEAN InitialOwner
774 );
775
776 /*
777 * FUNCTION: Creates a named pipe
778 * ARGUMENTS:
779 * NamedPipeFileHandle (OUT) = Caller supplied storage for the
780 * resulting handle
781 * DesiredAccess = Specifies the type of access that the caller
782 * requires to the file boject
783 * ObjectAttributes = Points to a structure that specifies the
784 * object attributes.
785 * IoStatusBlock = Points to a variable that receives the final
786 * completion status and information
787 * ShareAccess = Specifies the limitations on sharing of the file.
788 * This parameter can be zero or any compatible
789 * combination of the following flags
790 * FILE_SHARE_READ
791 * FILE_SHARE_WRITE
792 * CreateDisposition = Specifies what to do depending on whether
793 * the file already exists. This must be one of
794 * the following values
795 * FILE_OPEN
796 * FILE_CREATE
797 * FILE_OPEN_IF
798 * CreateOptions = Specifies the options to be applied when
799 * creating or opening the file, as a compatible
800 * combination of the following flags
801 * FILE_WRITE_THROUGH
802 * FILE_SYNCHRONOUS_IO_ALERT
803 * FILE_SYNCHRONOUS_IO_NONALERT
804 * TypeMessage = Specifies whether the data written to the pipe is
805 * interpreted as a sequence of messages or as a
806 * stream of bytes
807 * ReadModeMessage = Specifies whether the data read from the pipe
808 * is interpreted as a sequence of messages or as
809 * a stream of bytes
810 * NonBlocking = Specifies whether non-blocking mode is enabled
811 * MaxInstances = Specifies the maximum number of instancs that can
812 * be created for this pipe
813 * InBufferSize = Specifies the number of bytes to reserve for the
814 * input buffer
815 * OutBufferSize = Specifies the number of bytes to reserve for the
816 * output buffer
817 * DefaultTimeout = Optionally points to a variable that specifies
818 * the default timeout value in units of
819 * 100-nanoseconds.
820 * REMARKS: This funciton maps to the win32 function CreateNamedPipe
821 * RETURNS:
822 * Status
823 */
824 NTSTATUS STDCALL
825 NtCreateNamedPipeFile (OUT PHANDLE NamedPipeFileHandle,
826 IN ACCESS_MASK DesiredAccess,
827 IN POBJECT_ATTRIBUTES ObjectAttributes,
828 OUT PIO_STATUS_BLOCK IoStatusBlock,
829 IN ULONG ShareAccess,
830 IN ULONG CreateDisposition,
831 IN ULONG CreateOptions,
832 IN ULONG NamedPipeType,
833 IN ULONG ReadMode,
834 IN ULONG CompletionMode,
835 IN ULONG MaxInstances,
836 IN ULONG InBufferSize,
837 IN ULONG OutBufferSize,
838 IN PLARGE_INTEGER DefaultTimeOut);
839
840 NTSTATUS STDCALL
841 ZwCreateNamedPipeFile (OUT PHANDLE NamedPipeFileHandle,
842 IN ACCESS_MASK DesiredAccess,
843 IN POBJECT_ATTRIBUTES ObjectAttributes,
844 OUT PIO_STATUS_BLOCK IoStatusBlock,
845 IN ULONG ShareAccess,
846 IN ULONG CreateDisposition,
847 IN ULONG CreateOptions,
848 IN ULONG NamedPipeType,
849 IN ULONG ReadMode,
850 IN ULONG CompletionMode,
851 IN ULONG MaxInstances,
852 IN ULONG InBufferSize,
853 IN ULONG OutBufferSize,
854 IN PLARGE_INTEGER DefaultTimeOut);
855
856
857 NTSTATUS STDCALL
858 NtCreatePort (PHANDLE PortHandle,
859 POBJECT_ATTRIBUTES ObjectAttributes,
860 ULONG MaxConnectInfoLength,
861 ULONG MaxDataLength,
862 ULONG NPMessageQueueSize OPTIONAL);
863
864 NTSTATUS STDCALL
865 NtCreatePort (PHANDLE PortHandle,
866 POBJECT_ATTRIBUTES ObjectAttributes,
867 ULONG MaxConnectInfoLength,
868 ULONG MaxDataLength,
869 ULONG NPMessageQueueSize OPTIONAL);
870
871
872 /*
873 * FUNCTION: Creates a process.
874 * ARGUMENTS:
875 * ProcessHandle (OUT) = Caller supplied storage for the resulting handle
876 * DesiredAccess = Specifies the allowed or desired access to the process can
877 * be a combinate of STANDARD_RIGHTS_REQUIRED| ..
878 * ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
879 * ParentProcess = Handle to the parent process.
880 * InheritObjectTable = Specifies to inherit the objects of the parent process if true.
881 * SectionHandle = Handle to a section object to back the image file
882 * DebugPort = Handle to a DebugPort if NULL the system default debug port will be used.
883 * ExceptionPort = Handle to a exception port.
884 * REMARKS:
885 * This function maps to the win32 CreateProcess.
886 * RETURNS: Status
887 */
888 NTSTATUS
889 STDCALL
890 NtCreateProcess(
891 OUT PHANDLE ProcessHandle,
892 IN ACCESS_MASK DesiredAccess,
893 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
894 IN HANDLE ParentProcess,
895 IN BOOLEAN InheritObjectTable,
896 IN HANDLE SectionHandle OPTIONAL,
897 IN HANDLE DebugPort OPTIONAL,
898 IN HANDLE ExceptionPort OPTIONAL
899 );
900
901 NTSTATUS
902 STDCALL
903 ZwCreateProcess(
904 OUT PHANDLE ProcessHandle,
905 IN ACCESS_MASK DesiredAccess,
906 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
907 IN HANDLE ParentProcess,
908 IN BOOLEAN InheritObjectTable,
909 IN HANDLE SectionHandle OPTIONAL,
910 IN HANDLE DebugPort OPTIONAL,
911 IN HANDLE ExceptionPort OPTIONAL
912 );
913
914 /*
915 * FUNCTION: Creates a section object.
916 * ARGUMENTS:
917 * SectionHandle (OUT) = Caller supplied storage for the resulting handle
918 * DesiredAccess = Specifies the desired access to the section can be a combination of STANDARD_RIGHTS_REQUIRED | SECTION_QUERY | SECTION_MAP_WRITE |
919 * SECTION_MAP_READ | SECTION_MAP_EXECUTE.
920 * ObjectAttribute = Initialized attributes for the object can be used to create a named section
921 * MaxiumSize = Maximizes the size of the memory section. Must be non-NULL for a page-file backed section.
922 * If value specified for a mapped file and the file is not large enough, file will be extended.
923 * SectionPageProtection = Can be a combination of PAGE_READONLY | PAGE_READWRITE | PAGE_WRITEONLY | PAGE_WRITECOPY.
924 * AllocationAttributes = can be a combination of SEC_IMAGE | SEC_RESERVE
925 * FileHanlde = Handle to a file to create a section mapped to a file instead of a memory backed section.
926 * RETURNS: Status
927 */
928
929 NTSTATUS
930 STDCALL
931 NtCreateSection(
932 OUT PHANDLE SectionHandle,
933 IN ACCESS_MASK DesiredAccess,
934 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
935 IN PLARGE_INTEGER MaximumSize OPTIONAL,
936 IN ULONG SectionPageProtection OPTIONAL,
937 IN ULONG AllocationAttributes,
938 IN HANDLE FileHandle OPTIONAL
939 );
940
941 NTSTATUS
942 STDCALL
943 ZwCreateSection(
944 OUT PHANDLE SectionHandle,
945 IN ACCESS_MASK DesiredAccess,
946 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
947 IN PLARGE_INTEGER MaximumSize OPTIONAL,
948 IN ULONG SectionPageProtection OPTIONAL,
949 IN ULONG AllocationAttributes,
950 IN HANDLE FileHandle OPTIONAL
951 );
952
953 /*
954 * FUNCTION: Creates a semaphore object for interprocess synchronization.
955 * ARGUMENTS:
956 * SemaphoreHandle (OUT) = Caller supplied storage for the resulting handle
957 * DesiredAccess = Specifies the allowed or desired access to the semaphore.
958 * ObjectAttribute = Initialized attributes for the object.
959 * InitialCount = Not necessary zero, might be smaller than zero.
960 * MaximumCount = Maxiumum count the semaphore can reach.
961 * RETURNS: Status
962 * REMARKS:
963 * The semaphore is set to signaled when its count is greater than zero, and non-signaled when its count is zero.
964 */
965
966 //FIXME: should a semaphore's initial count allowed to be smaller than zero ??
967 NTSTATUS
968 STDCALL
969 NtCreateSemaphore(
970 OUT PHANDLE SemaphoreHandle,
971 IN ACCESS_MASK DesiredAccess,
972 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
973 IN LONG InitialCount,
974 IN LONG MaximumCount
975 );
976
977 NTSTATUS
978 STDCALL
979 ZwCreateSemaphore(
980 OUT PHANDLE SemaphoreHandle,
981 IN ACCESS_MASK DesiredAccess,
982 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
983 IN LONG InitialCount,
984 IN LONG MaximumCount
985 );
986
987 /*
988 * FUNCTION: Creates a symbolic link object
989 * ARGUMENTS:
990 * SymbolicLinkHandle (OUT) = Caller supplied storage for the resulting handle
991 * DesiredAccess = Specifies the allowed or desired access to the thread.
992 * ObjectAttributes = Initialized attributes for the object.
993 * Name = Target name of the symbolic link
994 * RETURNS: Status
995 */
996 NTSTATUS
997 STDCALL
998 NtCreateSymbolicLinkObject(
999 OUT PHANDLE LinkHandle,
1000 IN ACCESS_MASK DesiredAccess,
1001 IN POBJECT_ATTRIBUTES ObjectAttributes,
1002 IN PUNICODE_STRING LinkTarget
1003 );
1004
1005 NTSTATUS
1006 STDCALL
1007 ZwCreateSymbolicLinkObject(
1008 OUT PHANDLE LinkHandle,
1009 IN ACCESS_MASK DesiredAccess,
1010 IN POBJECT_ATTRIBUTES ObjectAttributes,
1011 IN PUNICODE_STRING LinkTarget
1012 );
1013
1014 /*
1015 * FUNCTION: Creates a waitable timer.
1016 * ARGUMENTS:
1017 * TimerHandle (OUT) = Caller supplied storage for the resulting handle
1018 * DesiredAccess = Specifies the allowed or desired access to the timer.
1019 * ObjectAttributes = Initialized attributes for the object.
1020 * TimerType = Specifies if the timer should be reset manually.
1021 * REMARKS:
1022 * This function maps to the win32 CreateWaitableTimer. lpTimerAttributes and lpTimerName map to
1023 * corresponding fields in OBJECT_ATTRIBUTES structure.
1024 * RETURNS: Status
1025 */
1026 NTSTATUS
1027 STDCALL
1028 NtCreateTimer(
1029 OUT PHANDLE TimerHandle,
1030 IN ACCESS_MASK DesiredAccess,
1031 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
1032 IN TIMER_TYPE TimerType
1033 );
1034
1035 NTSTATUS
1036 STDCALL
1037 ZwCreateTimer(
1038 OUT PHANDLE TimerHandle,
1039 IN ACCESS_MASK DesiredAccess,
1040 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
1041 IN TIMER_TYPE TimerType
1042 );
1043
1044 /*
1045 * FUNCTION: Creates a token.
1046 * ARGUMENTS:
1047 * TokenHandle (OUT) = Caller supplied storage for the resulting handle
1048 * DesiredAccess = Specifies the allowed or desired access to the process can
1049 * be a combinate of STANDARD_RIGHTS_REQUIRED| ..
1050 * ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
1051 * TokenType =
1052 * AuthenticationId =
1053 * ExpirationTime =
1054 * TokenUser =
1055 * TokenGroups =
1056 * TokenPrivileges =
1057 * TokenOwner =
1058 * TokenPrimaryGroup =
1059 * TokenDefaultDacl =
1060 * TokenSource =
1061 * REMARKS:
1062 * This function does not map to a win32 function
1063 * RETURNS: Status
1064 */
1065
1066 NTSTATUS
1067 STDCALL
1068 NtCreateToken(
1069 OUT PHANDLE TokenHandle,
1070 IN ACCESS_MASK DesiredAccess,
1071 IN POBJECT_ATTRIBUTES ObjectAttributes,
1072 IN TOKEN_TYPE TokenType,
1073 IN PLUID AuthenticationId,
1074 IN PLARGE_INTEGER ExpirationTime,
1075 IN PTOKEN_USER TokenUser,
1076 IN PTOKEN_GROUPS TokenGroups,
1077 IN PTOKEN_PRIVILEGES TokenPrivileges,
1078 IN PTOKEN_OWNER TokenOwner,
1079 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
1080 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
1081 IN PTOKEN_SOURCE TokenSource
1082 );
1083
1084 NTSTATUS
1085 STDCALL
1086 ZwCreateToken(
1087 OUT PHANDLE TokenHandle,
1088 IN ACCESS_MASK DesiredAccess,
1089 IN POBJECT_ATTRIBUTES ObjectAttributes,
1090 IN TOKEN_TYPE TokenType,
1091 IN PLUID AuthenticationId,
1092 IN PLARGE_INTEGER ExpirationTime,
1093 IN PTOKEN_USER TokenUser,
1094 IN PTOKEN_GROUPS TokenGroups,
1095 IN PTOKEN_PRIVILEGES TokenPrivileges,
1096 IN PTOKEN_OWNER TokenOwner,
1097 IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
1098 IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
1099 IN PTOKEN_SOURCE TokenSource
1100 );
1101
1102 /*
1103 * FUNCTION: Returns the callers thread TEB.
1104 * RETURNS: The resulting teb.
1105 */
1106 #if 0
1107 NT_TEB *
1108 STDCALL
1109 NtCurrentTeb(VOID
1110 );
1111 #endif
1112
1113
1114 NTSTATUS STDCALL
1115 NtCreateWaitablePort (PHANDLE PortHandle,
1116 POBJECT_ATTRIBUTES ObjectAttributes,
1117 ULONG MaxConnectInfoLength,
1118 ULONG MaxDataLength,
1119 ULONG NPMessageQueueSize OPTIONAL);
1120
1121 NTSTATUS STDCALL
1122 ZwCreateWaitablePort (PHANDLE PortHandle,
1123 POBJECT_ATTRIBUTES ObjectAttributes,
1124 ULONG MaxConnectInfoLength,
1125 ULONG MaxDataLength,
1126 ULONG NPMessageQueueSize OPTIONAL);
1127
1128
1129 /*
1130 * FUNCTION: Deletes an atom from the global atom table
1131 * ARGUMENTS:
1132 * Atom = Identifies the atom to delete
1133 * REMARKS:
1134 * The function maps to the win32 GlobalDeleteAtom
1135 * RETURNS: Status
1136 */
1137 NTSTATUS
1138 STDCALL
1139 NtDeleteAtom(
1140 IN RTL_ATOM Atom
1141 );
1142
1143 NTSTATUS
1144 STDCALL
1145 ZwDeleteAtom(
1146 IN RTL_ATOM Atom
1147 );
1148
1149 NTSTATUS
1150 STDCALL
1151 NtDeleteBootEntry(
1152 IN PUNICODE_STRING EntryName,
1153 IN PUNICODE_STRING EntryValue
1154 );
1155
1156 NTSTATUS
1157 STDCALL
1158 ZwDeleteBootEntry(
1159 IN PUNICODE_STRING EntryName,
1160 IN PUNICODE_STRING EntryValue
1161 );
1162
1163 /*
1164 * FUNCTION: Deletes a file or a directory
1165 * ARGUMENTS:
1166 * ObjectAttributes = Name of the file which should be deleted
1167 * REMARKS:
1168 * This system call is functionally equivalent to NtSetInformationFile
1169 * setting the disposition information.
1170 * The function maps to the win32 DeleteFile.
1171 * RETURNS: Status
1172 */
1173 NTSTATUS
1174 STDCALL
1175 NtDeleteFile(
1176 IN POBJECT_ATTRIBUTES ObjectAttributes
1177 );
1178
1179 NTSTATUS
1180 STDCALL
1181 ZwDeleteFile(
1182 IN POBJECT_ATTRIBUTES ObjectAttributes
1183 );
1184
1185 /*
1186 * FUNCTION: Deletes a registry key
1187 * ARGUMENTS:
1188 * KeyHandle = Handle of the key
1189 * RETURNS: Status
1190 */
1191 NTSTATUS
1192 STDCALL
1193 NtDeleteKey(
1194 IN HANDLE KeyHandle
1195 );
1196 NTSTATUS
1197 STDCALL
1198 ZwDeleteKey(
1199 IN HANDLE KeyHandle
1200 );
1201
1202 /*
1203 * FUNCTION: Generates a audit message when an object is deleted
1204 * ARGUMENTS:
1205 * SubsystemName = Spefies the name of the subsystem can be 'WIN32' or 'DEBUG'
1206 * HandleId= Handle to an audit object
1207 * GenerateOnClose = Value returned by NtAccessCheckAndAuditAlarm
1208 * REMARKS: This function maps to the win32 ObjectCloseAuditAlarm
1209 * RETURNS: Status
1210 */
1211
1212 NTSTATUS
1213 STDCALL
1214 NtDeleteObjectAuditAlarm (
1215 IN PUNICODE_STRING SubsystemName,
1216 IN PVOID HandleId,
1217 IN BOOLEAN GenerateOnClose
1218 );
1219
1220 NTSTATUS
1221 STDCALL
1222 ZwDeleteObjectAuditAlarm (
1223 IN PUNICODE_STRING SubsystemName,
1224 IN PVOID HandleId,
1225 IN BOOLEAN GenerateOnClose
1226 );
1227
1228
1229 /*
1230 * FUNCTION: Deletes a value from a registry key
1231 * ARGUMENTS:
1232 * KeyHandle = Handle of the key
1233 * ValueName = Name of the value to delete
1234 * RETURNS: Status
1235 */
1236
1237 NTSTATUS
1238 STDCALL
1239 NtDeleteValueKey(
1240 IN HANDLE KeyHandle,
1241 IN PUNICODE_STRING ValueName
1242 );
1243
1244 NTSTATUS
1245 STDCALL
1246 ZwDeleteValueKey(
1247 IN HANDLE KeyHandle,
1248 IN PUNICODE_STRING ValueName
1249 );
1250 /*
1251 * FUNCTION: Sends IOCTL to the io sub system
1252 * ARGUMENTS:
1253 * DeviceHandle = Points to the handle that is created by NtCreateFile
1254 * Event = Event to synchronize on STATUS_PENDING
1255 * ApcRoutine = Asynchroneous procedure callback
1256 * ApcContext = Callback context.
1257 * IoStatusBlock = Caller should supply storage for extra information..
1258 * IoControlCode = Contains the IO Control command. This is an
1259 * index to the structures in InputBuffer and OutputBuffer.
1260 * InputBuffer = Caller should supply storage for input buffer if IOTL expects one.
1261 * InputBufferSize = Size of the input bufffer
1262 * OutputBuffer = Caller should supply storage for output buffer if IOTL expects one.
1263 * OutputBufferSize = Size of the input bufffer
1264 * RETURNS: Status
1265 */
1266
1267 NTSTATUS
1268 STDCALL
1269 NtDeviceIoControlFile(
1270 IN HANDLE DeviceHandle,
1271 IN HANDLE Event OPTIONAL,
1272 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
1273 IN PVOID UserApcContext OPTIONAL,
1274 OUT PIO_STATUS_BLOCK IoStatusBlock,
1275 IN ULONG IoControlCode,
1276 IN PVOID InputBuffer,
1277 IN ULONG InputBufferSize,
1278 OUT PVOID OutputBuffer,
1279 IN ULONG OutputBufferSize
1280 );
1281
1282 NTSTATUS
1283 STDCALL
1284 ZwDeviceIoControlFile(
1285 IN HANDLE DeviceHandle,
1286 IN HANDLE Event OPTIONAL,
1287 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
1288 IN PVOID UserApcContext OPTIONAL,
1289 OUT PIO_STATUS_BLOCK IoStatusBlock,
1290 IN ULONG IoControlCode,
1291 IN PVOID InputBuffer,
1292 IN ULONG InputBufferSize,
1293 OUT PVOID OutputBuffer,
1294 IN ULONG OutputBufferSize
1295 );
1296 /*
1297 * FUNCTION: Displays a string on the blue screen
1298 * ARGUMENTS:
1299 * DisplayString = The string to display
1300 * RETURNS: Status
1301 */
1302
1303 NTSTATUS
1304 STDCALL
1305 NtDisplayString(
1306 IN PUNICODE_STRING DisplayString
1307 );
1308
1309 NTSTATUS
1310 STDCALL
1311 ZwDisplayString(
1312 IN PUNICODE_STRING DisplayString
1313 );
1314
1315
1316 NTSTATUS
1317 STDCALL
1318 NtEnumerateBootEntries(
1319 IN ULONG Unknown1,
1320 IN ULONG Unknown2
1321 );
1322
1323 NTSTATUS
1324 STDCALL
1325 ZwEnumerateBootEntries(
1326 IN ULONG Unknown1,
1327 IN ULONG Unknown2
1328 );
1329
1330
1331 /*
1332 * FUNCTION: Returns information about the subkeys of an open key
1333 * ARGUMENTS:
1334 * KeyHandle = Handle of the key whose subkeys are to enumerated
1335 * Index = zero based index of the subkey for which information is
1336 * request
1337 * KeyInformationClass = Type of information returned
1338 * KeyInformation (OUT) = Caller allocated buffer for the information
1339 * about the key
1340 * Length = Length in bytes of the KeyInformation buffer
1341 * ResultLength (OUT) = Caller allocated storage which holds
1342 * the number of bytes of information retrieved
1343 * on return
1344 * RETURNS: Status
1345 */
1346 NTSTATUS
1347 STDCALL
1348 NtEnumerateKey(
1349 IN HANDLE KeyHandle,
1350 IN ULONG Index,
1351 IN KEY_INFORMATION_CLASS KeyInformationClass,
1352 OUT PVOID KeyInformation,
1353 IN ULONG Length,
1354 OUT PULONG ResultLength
1355 );
1356
1357 NTSTATUS
1358 STDCALL
1359 ZwEnumerateKey(
1360 IN HANDLE KeyHandle,
1361 IN ULONG Index,
1362 IN KEY_INFORMATION_CLASS KeyInformationClass,
1363 OUT PVOID KeyInformation,
1364 IN ULONG Length,
1365 OUT PULONG ResultLength
1366 );
1367 /*
1368 * FUNCTION: Returns information about the value entries of an open key
1369 * ARGUMENTS:
1370 * KeyHandle = Handle of the key whose value entries are to enumerated
1371 * Index = zero based index of the subkey for which information is
1372 * request
1373 * KeyInformationClass = Type of information returned
1374 * KeyInformation (OUT) = Caller allocated buffer for the information
1375 * about the key
1376 * Length = Length in bytes of the KeyInformation buffer
1377 * ResultLength (OUT) = Caller allocated storage which holds
1378 * the number of bytes of information retrieved
1379 * on return
1380 * RETURNS: Status
1381 */
1382 NTSTATUS
1383 STDCALL
1384 NtEnumerateValueKey(
1385 IN HANDLE KeyHandle,
1386 IN ULONG Index,
1387 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
1388 OUT PVOID KeyValueInformation,
1389 IN ULONG Length,
1390 OUT PULONG ResultLength
1391 );
1392
1393 NTSTATUS
1394 STDCALL
1395 ZwEnumerateValueKey(
1396 IN HANDLE KeyHandle,
1397 IN ULONG Index,
1398 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
1399 OUT PVOID KeyValueInformation,
1400 IN ULONG Length,
1401 OUT PULONG ResultLength
1402 );
1403
1404 /*
1405 * FUNCTION: Flushes chached file data to disk
1406 * ARGUMENTS:
1407 * FileHandle = Points to the file
1408 * IoStatusBlock = Caller must supply storage to receive the result of the flush
1409 * buffers operation. The information field is set to number of bytes
1410 * flushed to disk.
1411 * RETURNS: Status
1412 * REMARKS:
1413 * This funciton maps to the win32 FlushFileBuffers
1414 */
1415 NTSTATUS
1416 STDCALL
1417 NtFlushBuffersFile(
1418 IN HANDLE FileHandle,
1419 OUT PIO_STATUS_BLOCK IoStatusBlock
1420 );
1421
1422 NTSTATUS
1423 STDCALL
1424 ZwFlushBuffersFile(
1425 IN HANDLE FileHandle,
1426 OUT PIO_STATUS_BLOCK IoStatusBlock
1427 );
1428
1429 /*
1430 * FUNCTION: Flushes a registry key to disk
1431 * ARGUMENTS:
1432 * KeyHandle = Points to the registry key handle
1433 * RETURNS: Status
1434 * REMARKS:
1435 * This funciton maps to the win32 RegFlushKey.
1436 */
1437 NTSTATUS
1438 STDCALL
1439 NtFlushKey(
1440 IN HANDLE KeyHandle
1441 );
1442
1443 NTSTATUS
1444 STDCALL
1445 ZwFlushKey(
1446 IN HANDLE KeyHandle
1447 );
1448
1449 /*
1450 * FUNCTION: Flushes the dirty pages to file
1451 * RETURNS: Status
1452 * FIXME: Not sure this does (how is the file specified)
1453 */
1454 NTSTATUS STDCALL NtFlushWriteBuffer(VOID);
1455 NTSTATUS STDCALL ZwFlushWriteBuffer(VOID);
1456
1457 /*
1458 * FUNCTION: Frees a range of virtual memory
1459 * ARGUMENTS:
1460 * ProcessHandle = Points to the process that allocated the virtual
1461 * memory
1462 * BaseAddress = Points to the memory address, rounded down to a
1463 * multiple of the pagesize
1464 * RegionSize = Limits the range to free, rounded up to a multiple of
1465 * the paging size
1466 * FreeType = Can be one of the values: MEM_DECOMMIT, or MEM_RELEASE
1467 * RETURNS: Status
1468 */
1469 NTSTATUS STDCALL NtFreeVirtualMemory(IN HANDLE ProcessHandle,
1470 IN PVOID *BaseAddress,
1471 IN PULONG RegionSize,
1472 IN ULONG FreeType);
1473 NTSTATUS STDCALL ZwFreeVirtualMemory(IN HANDLE ProcessHandle,
1474 IN PVOID *BaseAddress,
1475 IN PULONG RegionSize,
1476 IN ULONG FreeType);
1477
1478 /*
1479 * FUNCTION: Sends FSCTL to the filesystem
1480 * ARGUMENTS:
1481 * DeviceHandle = Points to the handle that is created by NtCreateFile
1482 * Event = Event to synchronize on STATUS_PENDING
1483 * ApcRoutine =
1484 * ApcContext =
1485 * IoStatusBlock = Caller should supply storage for
1486 * IoControlCode = Contains the File System Control command. This is an
1487 * index to the structures in InputBuffer and OutputBuffer.
1488 * FSCTL_GET_RETRIEVAL_POINTERS [Input/Output] RETRIEVAL_POINTERS_BUFFER
1489 * FSCTL_GET_VOLUME_BITMAP [Input] STARTING_LCN_INPUT_BUFFER
1490 * FSCTL_GET_VOLUME_BITMAP [Output] VOLUME_BITMAP_BUFFER
1491 * FSCTL_MOVE_FILE [Input] MOVE_FILE_DATA
1492 *
1493 * InputBuffer = Caller should supply storage for input buffer if FSCTL expects one.
1494 * InputBufferSize = Size of the input bufffer
1495 * OutputBuffer = Caller should supply storage for output buffer if FSCTL expects one.
1496 * OutputBufferSize = Size of the input bufffer
1497 * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES |
1498 * STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST ]
1499 */
1500 NTSTATUS
1501 STDCALL
1502 NtFsControlFile(
1503 IN HANDLE DeviceHandle,
1504 IN HANDLE Event OPTIONAL,
1505 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1506 IN PVOID ApcContext OPTIONAL,
1507 OUT PIO_STATUS_BLOCK IoStatusBlock,
1508 IN ULONG IoControlCode,
1509 IN PVOID InputBuffer,
1510 IN ULONG InputBufferSize,
1511 OUT PVOID OutputBuffer,
1512 IN ULONG OutputBufferSize
1513 );
1514
1515 NTSTATUS
1516 STDCALL
1517 ZwFsControlFile(
1518 IN HANDLE DeviceHandle,
1519 IN HANDLE Event OPTIONAL,
1520 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1521 IN PVOID ApcContext OPTIONAL,
1522 OUT PIO_STATUS_BLOCK IoStatusBlock,
1523 IN ULONG IoControlCode,
1524 IN PVOID InputBuffer,
1525 IN ULONG InputBufferSize,
1526 OUT PVOID OutputBuffer,
1527 IN ULONG OutputBufferSize
1528 );
1529
1530 /*
1531 * FUNCTION: Retrieves the processor context of a thread
1532 * ARGUMENTS:
1533 * ThreadHandle = Handle to a thread
1534 * ThreadContext (OUT) = Caller allocated storage for the processor context
1535 * RETURNS: Status
1536 */
1537
1538 NTSTATUS
1539 STDCALL
1540 NtGetContextThread(
1541 IN HANDLE ThreadHandle,
1542 OUT PCONTEXT ThreadContext
1543 );
1544
1545 NTSTATUS
1546 STDCALL
1547 ZwGetContextThread(
1548 IN HANDLE ThreadHandle,
1549 OUT PCONTEXT ThreadContext
1550 );
1551
1552
1553 NTSTATUS STDCALL
1554 NtImpersonateClientOfPort (HANDLE PortHandle,
1555 PLPC_MESSAGE ClientMessage);
1556
1557 NTSTATUS STDCALL
1558 ZwImpersonateClientOfPort (HANDLE PortHandle,
1559 PLPC_MESSAGE ClientMessage);
1560
1561 /*
1562 * FUNCTION: Sets a thread to impersonate another
1563 * ARGUMENTS:
1564 * ThreadHandle = Server thread that will impersonate a client.
1565 ThreadToImpersonate = Client thread that will be impersonated
1566 SecurityQualityOfService = Specifies the impersonation level.
1567 * RETURNS: Status
1568 */
1569
1570 NTSTATUS
1571 STDCALL
1572 NtImpersonateThread(
1573 IN HANDLE ThreadHandle,
1574 IN HANDLE ThreadToImpersonate,
1575 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
1576 );
1577
1578 NTSTATUS
1579 STDCALL
1580 ZwImpersonateThread(
1581 IN HANDLE ThreadHandle,
1582 IN HANDLE ThreadToImpersonate,
1583 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
1584 );
1585
1586 NTSTATUS
1587 STDCALL
1588 NtInitiatePowerAction (
1589 IN POWER_ACTION SystemAction,
1590 IN SYSTEM_POWER_STATE MinSystemState,
1591 IN ULONG Flags,
1592 IN BOOLEAN Asynchronous
1593 );
1594
1595 NTSTATUS
1596 STDCALL
1597 ZwInitiatePowerAction (
1598 IN POWER_ACTION SystemAction,
1599 IN SYSTEM_POWER_STATE MinSystemState,
1600 IN ULONG Flags,
1601 IN BOOLEAN Asynchronous
1602 );
1603 /*
1604 * FUNCTION: Initializes the registry.
1605 * ARGUMENTS:
1606 * SetUpBoot = This parameter is true for a setup boot.
1607 * RETURNS: Status
1608 */
1609 NTSTATUS
1610 STDCALL
1611 NtInitializeRegistry(
1612 BOOLEAN SetUpBoot
1613 );
1614 NTSTATUS
1615 STDCALL
1616 ZwInitializeRegistry(
1617 BOOLEAN SetUpBoot
1618 );
1619
1620 NTSTATUS
1621 STDCALL
1622 NtIsProcessInJob(
1623 IN HANDLE ProcessHandle, // ProcessHandle must grant PROCESS_QUERY_INFORMATION access.
1624 IN HANDLE JobHandle OPTIONAL // JobHandle must JOB_OBJECT_QUERY grant access. Defaults to the current process's job object.
1625 );
1626
1627 NTSTATUS
1628 STDCALL
1629 ZwIsProcessInJob(
1630 IN HANDLE ProcessHandle, // ProcessHandle must grant PROCESS_QUERY_INFORMATION access.
1631 IN HANDLE JobHandle OPTIONAL // JobHandle must JOB_OBJECT_QUERY grant access. Defaults to the current process's job object.
1632 );
1633
1634 NTSTATUS STDCALL
1635 NtListenPort (HANDLE PortHandle,
1636 PLPC_MESSAGE LpcMessage);
1637
1638 NTSTATUS STDCALL
1639 ZwListenPort (HANDLE PortHandle,
1640 PLPC_MESSAGE LpcMessage);
1641
1642
1643 /*
1644 * FUNCTION: Loads a driver.
1645 * ARGUMENTS:
1646 * DriverServiceName = Name of the driver to load
1647 * RETURNS: Status
1648 */
1649 NTSTATUS
1650 STDCALL
1651 NtLoadDriver(
1652 IN PUNICODE_STRING DriverServiceName
1653 );
1654
1655 NTSTATUS
1656 STDCALL
1657 ZwLoadDriver(
1658 IN PUNICODE_STRING DriverServiceName
1659 );
1660
1661 /*
1662 * FUNCTION: Locks a range of bytes in a file.
1663 * ARGUMENTS:
1664 * FileHandle = Handle to the file
1665 * Event = Should be null if apc is specified.
1666 * ApcRoutine = Asynchroneous Procedure Callback
1667 * ApcContext = Argument to the callback
1668 * IoStatusBlock (OUT) = Caller should supply storage for a structure containing
1669 * the completion status and information about the requested lock operation.
1670 * ByteOffset = Offset
1671 * Length = Number of bytes to lock.
1672 * Key = Special value to give other threads the possibility to unlock the file
1673 by supplying the key in a call to NtUnlockFile.
1674 * FailImmediatedly = If false the request will block untill the lock is obtained.
1675 * ExclusiveLock = Specifies whether a exclusive or a shared lock is obtained.
1676 * REMARK:
1677 This procedure maps to the win32 procedure LockFileEx. STATUS_PENDING is returned if the lock could
1678 not be obtained immediately, the device queue is busy and the IRP is queued.
1679 * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES |
1680 STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST | STATUS_LOCK_NOT_GRANTED ]
1681
1682 */
1683 NTSTATUS
1684 STDCALL
1685 NtLockFile(
1686 IN HANDLE FileHandle,
1687 IN HANDLE Event OPTIONAL,
1688 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1689 IN PVOID ApcContext OPTIONAL,
1690 OUT PIO_STATUS_BLOCK IoStatusBlock,
1691 IN PLARGE_INTEGER ByteOffset,
1692 IN PLARGE_INTEGER Length,
1693 IN PULONG Key,
1694 IN BOOLEAN FailImmediatedly,
1695 IN BOOLEAN ExclusiveLock
1696 );
1697
1698 NTSTATUS
1699 STDCALL
1700 ZwLockFile(
1701 IN HANDLE FileHandle,
1702 IN HANDLE Event OPTIONAL,
1703 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1704 IN PVOID ApcContext OPTIONAL,
1705 OUT PIO_STATUS_BLOCK IoStatusBlock,
1706 IN PLARGE_INTEGER ByteOffset,
1707 IN PLARGE_INTEGER Length,
1708 IN PULONG Key,
1709 IN BOOLEAN FailImmediatedly,
1710 IN BOOLEAN ExclusiveLock
1711 );
1712
1713 /*
1714 * FUNCTION: Makes temporary object that will be removed at next boot.
1715 * ARGUMENTS:
1716 * Handle = Handle to object
1717 * RETURNS: Status
1718 */
1719
1720
1721 NTSTATUS
1722 STDCALL
1723 NtMakePermanentObject(
1724 IN HANDLE ObjectHandle
1725 );
1726
1727 NTSTATUS
1728 STDCALL
1729 ZwMakePermanentObject(
1730 IN HANDLE ObjectHandle
1731 );
1732
1733 NTSTATUS
1734 STDCALL
1735 NtMakeTemporaryObject(
1736 IN HANDLE ObjectHandle
1737 );
1738
1739 NTSTATUS
1740 STDCALL
1741 ZwMakeTemporaryObject(
1742 IN HANDLE ObjectHandle
1743 );
1744 /*
1745 * FUNCTION: Maps a view of a section into the virtual address space of a
1746 * process
1747 * ARGUMENTS:
1748 * SectionHandle = Handle of the section
1749 * ProcessHandle = Handle of the process
1750 * BaseAddress = Desired base address (or NULL) on entry
1751 * Actual base address of the view on exit
1752 * ZeroBits = Number of high order address bits that must be zero
1753 * CommitSize = Size in bytes of the initially committed section of
1754 * the view
1755 * SectionOffset = Offset in bytes from the beginning of the section
1756 * to the beginning of the view
1757 * ViewSize = Desired length of map (or zero to map all) on entry
1758 * Actual length mapped on exit
1759 * InheritDisposition = Specified how the view is to be shared with
1760 * child processes
1761 * AllocateType = Type of allocation for the pages
1762 * Protect = Protection for the committed region of the view
1763 * RETURNS: Status
1764 */
1765 NTSTATUS
1766 STDCALL
1767 NtMapViewOfSection(
1768 IN HANDLE SectionHandle,
1769 IN HANDLE ProcessHandle,
1770 IN OUT PVOID *BaseAddress,
1771 IN ULONG ZeroBits,
1772 IN ULONG CommitSize,
1773 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
1774 IN OUT PULONG ViewSize,
1775 IN SECTION_INHERIT InheritDisposition,
1776 IN ULONG AllocationType,
1777 IN ULONG AccessProtection
1778 );
1779
1780 NTSTATUS
1781 STDCALL
1782 ZwMapViewOfSection(
1783 IN HANDLE SectionHandle,
1784 IN HANDLE ProcessHandle,
1785 IN OUT PVOID *BaseAddress,
1786 IN ULONG ZeroBits,
1787 IN ULONG CommitSize,
1788 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
1789 IN OUT PULONG ViewSize,
1790 IN SECTION_INHERIT InheritDisposition,
1791 IN ULONG AllocationType,
1792 IN ULONG AccessProtection
1793 );
1794
1795 /*
1796 * FUNCTION: Installs a notify for the change of a directory's contents
1797 * ARGUMENTS:
1798 * FileHandle = Handle to the directory
1799 Event =
1800 * ApcRoutine = Start address
1801 * ApcContext = Delimits the range of virtual memory
1802 * for which the new access protection holds
1803 * IoStatusBlock = The new access proctection for the pages
1804 * Buffer = Caller supplies storage for resulting information --> FILE_NOTIFY_INFORMATION
1805 * BufferSize = Size of the buffer
1806 CompletionFilter = Can be one of the following values:
1807 FILE_NOTIFY_CHANGE_FILE_NAME
1808 FILE_NOTIFY_CHANGE_DIR_NAME
1809 FILE_NOTIFY_CHANGE_NAME ( FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_DIR_NAME )
1810 FILE_NOTIFY_CHANGE_ATTRIBUTES
1811 FILE_NOTIFY_CHANGE_SIZE
1812 FILE_NOTIFY_CHANGE_LAST_WRITE
1813 FILE_NOTIFY_CHANGE_LAST_ACCESS
1814 FILE_NOTIFY_CHANGE_CREATION ( change of creation timestamp )
1815 FILE_NOTIFY_CHANGE_EA
1816 FILE_NOTIFY_CHANGE_SECURITY
1817 FILE_NOTIFY_CHANGE_STREAM_NAME
1818 FILE_NOTIFY_CHANGE_STREAM_SIZE
1819 FILE_NOTIFY_CHANGE_STREAM_WRITE
1820 WatchTree = If true the notify will be installed recursively on the targetdirectory and all subdirectories.
1821 *
1822 * REMARKS:
1823 * The function maps to the win32 FindFirstChangeNotification, FindNextChangeNotification
1824 * RETURNS: Status
1825 */
1826 NTSTATUS
1827 STDCALL
1828 NtNotifyChangeDirectoryFile(
1829 IN HANDLE FileHandle,
1830 IN HANDLE Event OPTIONAL,
1831 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1832 IN PVOID ApcContext OPTIONAL,
1833 OUT PIO_STATUS_BLOCK IoStatusBlock,
1834 OUT PVOID Buffer,
1835 IN ULONG BufferSize,
1836 IN ULONG CompletionFilter,
1837 IN BOOLEAN WatchTree
1838 );
1839
1840 NTSTATUS
1841 STDCALL
1842 ZwNotifyChangeDirectoryFile(
1843 IN HANDLE FileHandle,
1844 IN HANDLE Event OPTIONAL,
1845 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1846 IN PVOID ApcContext OPTIONAL,
1847 OUT PIO_STATUS_BLOCK IoStatusBlock,
1848 OUT PVOID Buffer,
1849 IN ULONG BufferSize,
1850 IN ULONG CompletionFilter,
1851 IN BOOLEAN WatchTree
1852 );
1853
1854 /*
1855 * FUNCTION: Installs a notfication callback on registry changes
1856 * ARGUMENTS:
1857 KeyHandle = Handle to the registry key
1858 Event = Event that should be signalled on modification of the key
1859 ApcRoutine = Routine that should be called on modification of the key
1860 ApcContext = Argument to the ApcRoutine
1861 IoStatusBlock = ???
1862 CompletionFilter = Specifies the kind of notification the caller likes to receive.
1863 Can be a combination of the following values:
1864
1865 REG_NOTIFY_CHANGE_NAME
1866 REG_NOTIFY_CHANGE_ATTRIBUTES
1867 REG_NOTIFY_CHANGE_LAST_SET
1868 REG_NOTIFY_CHANGE_SECURITY
1869
1870
1871 Asynchroneous = If TRUE the changes are reported by signalling an event if false
1872 the function will not return before a change occurs.
1873 ChangeBuffer = Will return the old value
1874 Length = Size of the change buffer
1875 WatchSubtree = Indicates if the caller likes to receive a notification of changes in
1876 sub keys or not.
1877 * REMARKS: If the key is closed the event is signalled aswell.
1878 * RETURNS: Status
1879 */
1880
1881 NTSTATUS
1882 STDCALL
1883 NtNotifyChangeKey(
1884 IN HANDLE KeyHandle,
1885 IN HANDLE Event,
1886 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1887 IN PVOID ApcContext OPTIONAL,
1888 OUT PIO_STATUS_BLOCK IoStatusBlock,
1889 IN ULONG CompletionFilter,
1890 IN BOOLEAN WatchSubtree,
1891 OUT PVOID Buffer,
1892 IN ULONG Length,
1893 IN BOOLEAN Asynchronous
1894 );
1895
1896 NTSTATUS
1897 STDCALL
1898 ZwNotifyChangeKey(
1899 IN HANDLE KeyHandle,
1900 IN HANDLE Event,
1901 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
1902 IN PVOID ApcContext OPTIONAL,
1903 OUT PIO_STATUS_BLOCK IoStatusBlock,
1904 IN ULONG CompletionFilter,
1905 IN BOOLEAN WatchSubtree,
1906 OUT PVOID Buffer,
1907 IN ULONG Length,
1908 IN BOOLEAN Asynchronous
1909 );
1910
1911 /*
1912 * FUNCTION: Opens an existing directory object
1913 * ARGUMENTS:
1914 * FileHandle (OUT) = Caller supplied storage for the resulting handle
1915 * DesiredAccess = Requested access to the directory
1916 * ObjectAttributes = Initialized attributes for the object
1917 * RETURNS: Status
1918 */
1919
1920 NTSTATUS
1921 STDCALL
1922 NtOpenDirectoryObject(
1923 OUT PHANDLE FileHandle,
1924 IN ACCESS_MASK DesiredAccess,
1925 IN POBJECT_ATTRIBUTES ObjectAttributes
1926 );
1927 NTSTATUS
1928 STDCALL
1929 ZwOpenDirectoryObject(
1930 OUT PHANDLE FileHandle,
1931 IN ACCESS_MASK DesiredAccess,
1932 IN POBJECT_ATTRIBUTES ObjectAttributes
1933 );
1934
1935 /*
1936 * FUNCTION: Opens an existing event
1937 * ARGUMENTS:
1938 * EventHandle (OUT) = Caller supplied storage for the resulting handle
1939 * DesiredAccess = Requested access to the event
1940 * ObjectAttributes = Initialized attributes for the object
1941 * RETURNS: Status
1942 */
1943 NTSTATUS
1944 STDCALL
1945 NtOpenEvent(
1946 OUT PHANDLE EventHandle,
1947 IN ACCESS_MASK DesiredAccess,
1948 IN POBJECT_ATTRIBUTES ObjectAttributes
1949 );
1950
1951 NTSTATUS
1952 STDCALL
1953 ZwOpenEvent(
1954 OUT PHANDLE EventHandle,
1955 IN ACCESS_MASK DesiredAccess,
1956 IN POBJECT_ATTRIBUTES ObjectAttributes
1957 );
1958
1959 /*
1960 * FUNCTION: Opens an existing event pair
1961 * ARGUMENTS:
1962 * EventHandle (OUT) = Caller supplied storage for the resulting handle
1963 * DesiredAccess = Requested access to the event
1964 * ObjectAttributes = Initialized attributes for the object
1965 * RETURNS: Status
1966 */
1967
1968 NTSTATUS
1969 STDCALL
1970 NtOpenEventPair(
1971 OUT PHANDLE EventPairHandle,
1972 IN ACCESS_MASK DesiredAccess,
1973 IN POBJECT_ATTRIBUTES ObjectAttributes
1974 );
1975
1976 NTSTATUS
1977 STDCALL
1978 ZwOpenEventPair(
1979 OUT PHANDLE EventPairHandle,
1980 IN ACCESS_MASK DesiredAccess,
1981 IN POBJECT_ATTRIBUTES ObjectAttributes
1982 );
1983 /*
1984 * FUNCTION: Opens an existing file
1985 * ARGUMENTS:
1986 * FileHandle (OUT) = Caller supplied storage for the resulting handle
1987 * DesiredAccess = Requested access to the file
1988 * ObjectAttributes = Initialized attributes for the object
1989 * IoStatusBlock =
1990 * ShareAccess =
1991 * OpenOptions =
1992 * RETURNS: Status
1993 */
1994 NTSTATUS
1995 STDCALL
1996 NtOpenFile(
1997 OUT PHANDLE FileHandle,
1998 IN ACCESS_MASK DesiredAccess,
1999 IN POBJECT_ATTRIBUTES ObjectAttributes,
2000 OUT PIO_STATUS_BLOCK IoStatusBlock,
2001 IN ULONG ShareAccess,
2002 IN ULONG OpenOptions
2003 );
2004
2005 NTSTATUS
2006 STDCALL
2007 ZwOpenFile(
2008 OUT PHANDLE FileHandle,
2009 IN ACCESS_MASK DesiredAccess,
2010 IN POBJECT_ATTRIBUTES ObjectAttributes,
2011 OUT PIO_STATUS_BLOCK IoStatusBlock,
2012 IN ULONG ShareAccess,
2013 IN ULONG OpenOptions
2014 );
2015
2016 /*
2017 * FUNCTION: Opens an existing io completion object
2018 * ARGUMENTS:
2019 * CompletionPort (OUT) = Caller supplied storage for the resulting handle
2020 * DesiredAccess = Requested access to the io completion object
2021 * ObjectAttributes = Initialized attributes for the object
2022 * RETURNS: Status
2023 */
2024
2025 NTSTATUS
2026 STDCALL
2027 NtOpenIoCompletion(
2028 OUT PHANDLE CompetionPort,
2029 IN ACCESS_MASK DesiredAccess,
2030 IN POBJECT_ATTRIBUTES ObjectAttributes
2031 );
2032
2033 NTSTATUS
2034 STDCALL
2035 ZwOpenIoCompletion(
2036 OUT PHANDLE CompetionPort,
2037 IN ACCESS_MASK DesiredAccess,
2038 IN POBJECT_ATTRIBUTES ObjectAttributes
2039 );
2040
2041
2042 NTSTATUS
2043 STDCALL
2044 NtOpenJobObject(
2045 PHANDLE JobHandle,
2046 ACCESS_MASK DesiredAccess,
2047 POBJECT_ATTRIBUTES ObjectAttributes
2048 );
2049
2050 NTSTATUS
2051 STDCALL
2052 ZwOpenJobObject(
2053 PHANDLE JobHandle,
2054 ACCESS_MASK DesiredAccess,
2055 POBJECT_ATTRIBUTES ObjectAttributes
2056 );
2057 /*
2058 * FUNCTION: Opens an existing key in the registry
2059 * ARGUMENTS:
2060 * KeyHandle (OUT) = Caller supplied storage for the resulting handle
2061 * DesiredAccess = Requested access to the key
2062 * ObjectAttributes = Initialized attributes for the object
2063 * RETURNS: Status
2064 */
2065 NTSTATUS
2066 STDCALL
2067 NtOpenKey(
2068 OUT PHANDLE KeyHandle,
2069 IN ACCESS_MASK DesiredAccess,
2070 IN POBJECT_ATTRIBUTES ObjectAttributes
2071 );
2072
2073 NTSTATUS
2074 STDCALL
2075 ZwOpenKey(
2076 OUT PHANDLE KeyHandle,
2077 IN ACCESS_MASK DesiredAccess,
2078 IN POBJECT_ATTRIBUTES ObjectAttributes
2079 );
2080 /*
2081 * FUNCTION: Opens an existing key in the registry
2082 * ARGUMENTS:
2083 * MutantHandle (OUT) = Caller supplied storage for the resulting handle
2084 * DesiredAccess = Requested access to the mutant
2085 * ObjectAttribute = Initialized attributes for the object
2086 * RETURNS: Status
2087 */
2088 NTSTATUS
2089 STDCALL
2090 NtOpenMutant(
2091 OUT PHANDLE MutantHandle,
2092 IN ACCESS_MASK DesiredAccess,
2093 IN POBJECT_ATTRIBUTES ObjectAttributes
2094 );
2095 NTSTATUS
2096 STDCALL
2097 ZwOpenMutant(
2098 OUT PHANDLE MutantHandle,
2099 IN ACCESS_MASK DesiredAccess,
2100 IN POBJECT_ATTRIBUTES ObjectAttributes
2101 );
2102
2103 /*
2104 * FUNCTION: Opens an existing process
2105 * ARGUMENTS:
2106 * ProcessHandle (OUT) = Caller supplied storage for the resulting handle
2107 * DesiredAccess = Requested access to the process
2108 * ObjectAttribute = Initialized attributes for the object
2109 * ClientId = Identifies the process id to open
2110 * RETURNS: Status
2111 */
2112 NTSTATUS
2113 STDCALL
2114 NtOpenProcess (
2115 OUT PHANDLE ProcessHandle,
2116 IN ACCESS_MASK DesiredAccess,
2117 IN POBJECT_ATTRIBUTES ObjectAttributes,
2118 IN PCLIENT_ID ClientId
2119 );
2120 NTSTATUS
2121 STDCALL
2122 ZwOpenProcess (
2123 OUT PHANDLE ProcessHandle,
2124 IN ACCESS_MASK DesiredAccess,
2125 IN POBJECT_ATTRIBUTES ObjectAttributes,
2126 IN PCLIENT_ID ClientId
2127 );
2128 /*
2129 * FUNCTION: Opens an existing process
2130 * ARGUMENTS:
2131 * ProcessHandle = Handle of the process of which owns the token
2132 * DesiredAccess = Requested access to the token
2133 * TokenHandle (OUT) = Caller supplies storage for the resulting token.
2134 * REMARKS:
2135 This function maps to the win32
2136 * RETURNS: Status
2137 */
2138
2139 NTSTATUS
2140 STDCALL
2141 NtOpenProcessToken(
2142 IN HANDLE ProcessHandle,
2143 IN ACCESS_MASK DesiredAccess,
2144 OUT PHANDLE TokenHandle
2145 );
2146
2147 NTSTATUS
2148 STDCALL
2149 ZwOpenProcessToken(
2150 IN HANDLE ProcessHandle,
2151 IN ACCESS_MASK DesiredAccess,
2152 OUT PHANDLE TokenHandle
2153 );
2154
2155
2156 NTSTATUS
2157 STDCALL
2158 NtOpenProcessTokenEx(
2159 IN HANDLE ProcessHandle,
2160 IN ACCESS_MASK DesiredAccess,
2161 IN ULONG HandleAttributes,
2162 OUT PHANDLE TokenHandle
2163 );
2164
2165
2166 NTSTATUS
2167 STDCALL
2168 ZwOpenProcessTokenEx(
2169 IN HANDLE ProcessHandle,
2170 IN ACCESS_MASK DesiredAccess,
2171 IN ULONG HandleAttributes,
2172 OUT PHANDLE TokenHandle
2173 );
2174 /*
2175 * FUNCTION: Opens an existing section object
2176 * ARGUMENTS:
2177 * KeyHandle (OUT) = Caller supplied storage for the resulting handle
2178 * DesiredAccess = Requested access to the key
2179 * ObjectAttribute = Initialized attributes for the object
2180 * RETURNS: Status
2181 */
2182
2183 NTSTATUS
2184 STDCALL
2185 NtOpenSection(
2186 OUT PHANDLE SectionHandle,
2187 IN ACCESS_MASK DesiredAccess,
2188 IN POBJECT_ATTRIBUTES ObjectAttributes
2189 );
2190 NTSTATUS
2191 STDCALL
2192 ZwOpenSection(
2193 OUT PHANDLE SectionHandle,
2194 IN ACCESS_MASK DesiredAccess,
2195 IN POBJECT_ATTRIBUTES ObjectAttributes
2196 );
2197 /*
2198 * FUNCTION: Opens an existing semaphore
2199 * ARGUMENTS:
2200 * SemaphoreHandle (OUT) = Caller supplied storage for the resulting handle
2201 * DesiredAccess = Requested access to the semaphore
2202 * ObjectAttribute = Initialized attributes for the object
2203 * RETURNS: Status
2204 */
2205 NTSTATUS
2206 STDCALL
2207 NtOpenSemaphore(
2208 OUT PHANDLE SemaphoreHandle,
2209 IN ACCESS_MASK DesiredAcces,
2210 IN POBJECT_ATTRIBUTES ObjectAttributes
2211 );
2212 NTSTATUS
2213 STDCALL
2214 ZwOpenSemaphore(
2215 OUT PHANDLE SemaphoreHandle,
2216 IN ACCESS_MASK DesiredAcces,
2217 IN POBJECT_ATTRIBUTES ObjectAttributes
2218 );
2219 /*
2220 * FUNCTION: Opens an existing symbolic link
2221 * ARGUMENTS:
2222 * SymbolicLinkHandle (OUT) = Caller supplied storage for the resulting handle
2223 * DesiredAccess = Requested access to the symbolic link
2224 * ObjectAttribute = Initialized attributes for the object
2225 * RETURNS: Status
2226 */
2227 NTSTATUS
2228 STDCALL
2229 NtOpenSymbolicLinkObject(
2230 OUT PHANDLE LinkHandle,
2231 IN ACCESS_MASK DesiredAccess,
2232 IN POBJECT_ATTRIBUTES ObjectAttributes
2233 );
2234 NTSTATUS
2235 STDCALL
2236 ZwOpenSymbolicLinkObject(
2237 OUT PHANDLE LinkHandle,
2238 IN ACCESS_MASK DesiredAccess,
2239 IN POBJECT_ATTRIBUTES ObjectAttributes
2240 );
2241 /*
2242 * FUNCTION: Opens an existing thread
2243 * ARGUMENTS:
2244 * ThreadHandle (OUT) = Caller supplied storage for the resulting handle
2245 * DesiredAccess = Requested access to the thread
2246 * ObjectAttribute = Initialized attributes for the object
2247 * ClientId = Identifies the thread to open.
2248 * RETURNS: Status
2249 */
2250 NTSTATUS
2251 STDCALL
2252 NtOpenThread(
2253 OUT PHANDLE ThreadHandle,
2254 IN ACCESS_MASK DesiredAccess,
2255 IN POBJECT_ATTRIBUTES ObjectAttributes,
2256 IN PCLIENT_ID ClientId
2257 );
2258 NTSTATUS
2259 STDCALL
2260 ZwOpenThread(
2261 OUT PHANDLE ThreadHandle,
2262 IN ACCESS_MASK DesiredAccess,
2263 IN POBJECT_ATTRIBUTES ObjectAttributes,
2264 IN PCLIENT_ID ClientId
2265 );
2266
2267 NTSTATUS
2268 STDCALL
2269 NtOpenThreadToken(
2270 IN HANDLE ThreadHandle,
2271 IN ACCESS_MASK DesiredAccess,
2272 IN BOOLEAN OpenAsSelf,
2273 OUT PHANDLE TokenHandle
2274 );
2275
2276 NTSTATUS
2277 STDCALL
2278 ZwOpenThreadToken(
2279 IN HANDLE ThreadHandle,
2280 IN ACCESS_MASK DesiredAccess,
2281 IN BOOLEAN OpenAsSelf,
2282 OUT PHANDLE TokenHandle
2283 );
2284
2285 NTSTATUS
2286 STDCALL
2287 NtOpenThreadTokenEx(
2288 IN HANDLE ThreadHandle,
2289 IN ACCESS_MASK DesiredAccess,
2290 IN BOOLEAN OpenAsSelf,
2291 IN ULONG HandleAttributes,
2292 OUT PHANDLE TokenHandle
2293 );
2294
2295
2296 NTSTATUS
2297 STDCALL
2298 ZwOpenThreadTokenEx(
2299 IN HANDLE ThreadHandle,
2300 IN ACCESS_MASK DesiredAccess,
2301 IN BOOLEAN OpenAsSelf,
2302 IN ULONG HandleAttributes,
2303 OUT PHANDLE TokenHandle
2304 );
2305
2306 /*
2307 * FUNCTION: Opens an existing timer
2308 * ARGUMENTS:
2309 * TimerHandle (OUT) = Caller supplied storage for the resulting handle
2310 * DesiredAccess = Requested access to the timer
2311 * ObjectAttribute = Initialized attributes for the object
2312 * RETURNS: Status
2313 */
2314 NTSTATUS
2315 STDCALL
2316 NtOpenTimer(
2317 OUT PHANDLE TimerHandle,
2318 IN ACCESS_MASK DesiredAccess,
2319 IN POBJECT_ATTRIBUTES ObjectAttributes
2320 );
2321 NTSTATUS
2322 STDCALL
2323 ZwOpenTimer(
2324 OUT PHANDLE TimerHandle,
2325 IN ACCESS_MASK DesiredAccess,
2326 IN POBJECT_ATTRIBUTES ObjectAttributes
2327 );
2328
2329 /*
2330 * FUNCTION: Checks an access token for specific privileges
2331 * ARGUMENTS:
2332 * ClientToken = Handle to a access token structure
2333 * RequiredPrivileges = Specifies the requested privileges.
2334 * Result = Caller supplies storage for the result. If PRIVILEGE_SET_ALL_NECESSARY is
2335 set in the Control member of PRIVILEGES_SET Result
2336 will only be TRUE if all privileges are present in the access token.
2337 * RETURNS: Status
2338 */
2339
2340
2341 NTSTATUS
2342 STDCALL
2343 NtPowerInformation(
2344 IN POWER_INFORMATION_LEVEL PowerInformationLevel,
2345 IN PVOID InputBuffer OPTIONAL,
2346 IN ULONG InputBufferLength,
2347 OUT PVOID OutputBuffer OPTIONAL,
2348 IN ULONG OutputBufferLength
2349 );
2350
2351 NTSTATUS
2352 STDCALL
2353 ZwPowerInformation(
2354 IN POWER_INFORMATION_LEVEL PowerInformationLevel,
2355 IN PVOID InputBuffer OPTIONAL,
2356 IN ULONG InputBufferLength,
2357 OUT PVOID OutputBuffer OPTIONAL,
2358 IN ULONG OutputBufferLength
2359 );
2360
2361 NTSTATUS
2362 STDCALL
2363 NtPrivilegeCheck(
2364 IN HANDLE ClientToken,
2365 IN PPRIVILEGE_SET RequiredPrivileges,
2366 IN PBOOLEAN Result
2367 );
2368
2369 NTSTATUS
2370 STDCALL
2371 ZwPrivilegeCheck(
2372 IN HANDLE ClientToken,
2373 IN PPRIVILEGE_SET RequiredPrivileges,
2374 IN PBOOLEAN Result
2375 );
2376
2377 NTSTATUS
2378 STDCALL
2379 NtPrivilegedServiceAuditAlarm(
2380 IN PUNICODE_STRING SubsystemName,
2381 IN PUNICODE_STRING ServiceName,
2382 IN HANDLE ClientToken,
2383 IN PPRIVILEGE_SET Privileges,
2384 IN BOOLEAN AccessGranted
2385 );
2386
2387 NTSTATUS
2388 STDCALL
2389 ZwPrivilegedServiceAuditAlarm(
2390 IN PUNICODE_STRING SubsystemName,
2391 IN PUNICODE_STRING ServiceName,
2392 IN HANDLE ClientToken,
2393 IN PPRIVILEGE_SET Privileges,
2394 IN BOOLEAN AccessGranted
2395 );
2396
2397 NTSTATUS
2398 STDCALL
2399 NtPrivilegeObjectAuditAlarm(
2400 IN PUNICODE_STRING SubsystemName,
2401 IN PVOID HandleId,
2402 IN HANDLE ClientToken,
2403 IN ULONG DesiredAccess,
2404 IN PPRIVILEGE_SET Privileges,
2405 IN BOOLEAN AccessGranted
2406 );
2407
2408 NTSTATUS
2409 STDCALL
2410 ZwPrivilegeObjectAuditAlarm(
2411 IN PUNICODE_STRING SubsystemName,
2412 IN PVOID HandleId,
2413 IN HANDLE ClientToken,
2414 IN ULONG DesiredAccess,
2415 IN PPRIVILEGE_SET Privileges,
2416 IN BOOLEAN AccessGranted
2417 );
2418
2419 /*
2420 * FUNCTION: Entry point for native applications
2421 * ARGUMENTS:
2422 * Peb = Pointes to the Process Environment Block (PEB)
2423 * REMARKS:
2424 * Native applications should use this function instead of a main.
2425 * Calling proces should terminate itself.
2426 * RETURNS: Status
2427 */
2428 VOID STDCALL
2429 NtProcessStartup(
2430 IN PPEB Peb
2431 );
2432
2433
2434 /*
2435 * FUNCTION: Signals an event and resets it afterwards.
2436 * ARGUMENTS:
2437 * EventHandle = Handle to the event
2438 * PulseCount = Number of times the action is repeated
2439 * RETURNS: Status
2440 */
2441 NTSTATUS
2442 STDCALL
2443 NtPulseEvent(
2444 IN HANDLE EventHandle,
2445 OUT PLONG PreviousState OPTIONAL
2446 );
2447
2448 NTSTATUS
2449 STDCALL
2450 ZwPulseEvent(
2451 IN HANDLE EventHandle,
2452 OUT PLONG PreviousState OPTIONAL
2453 );
2454
2455 /*
2456 * FUNCTION: Queries the attributes of a file
2457 * ARGUMENTS:
2458 * ObjectAttributes = Initialized attributes for the object
2459 * Buffer = Caller supplies storage for the attributes
2460 * RETURNS: Status
2461 */
2462
2463 NTSTATUS
2464 STDCALL
2465 NtQueryAttributesFile(
2466 IN POBJECT_ATTRIBUTES ObjectAttributes,
2467 OUT PFILE_BASIC_INFORMATION FileInformation
2468 );
2469
2470 NTSTATUS
2471 STDCALL
2472 ZwQueryAttributesFile(
2473 IN POBJECT_ATTRIBUTES ObjectAttributes,
2474 OUT PFILE_BASIC_INFORMATION FileInformation
2475 );
2476
2477
2478 NTSTATUS
2479 STDCALL
2480 NtQueryBootEntryOrder(
2481 IN ULONG Unknown1,
2482 IN ULONG Unknown2
2483 );
2484
2485 NTSTATUS
2486 STDCALL
2487 ZwQueryBootEntryOrder(
2488 IN ULONG Unknown1,
2489 IN ULONG Unknown2
2490 );
2491
2492 NTSTATUS
2493 STDCALL
2494 NtQueryBootOptions(
2495 IN ULONG Unknown1,
2496 IN ULONG Unknown2
2497 );
2498
2499 NTSTATUS
2500 STDCALL
2501 ZwQueryBootOptions(
2502 IN ULONG Unknown1,
2503 IN ULONG Unknown2
2504 );
2505 /*
2506 * FUNCTION: Queries the default locale id
2507 * ARGUMENTS:
2508 * UserProfile = Type of locale id
2509 * TRUE: thread locale id
2510 * FALSE: system locale id
2511 * DefaultLocaleId = Caller supplies storage for the locale id
2512 * RETURNS: Status
2513 */
2514
2515 NTSTATUS
2516 STDCALL
2517 NtQueryDefaultLocale(
2518 IN BOOLEAN UserProfile,
2519 OUT PLCID DefaultLocaleId
2520 );
2521
2522 NTSTATUS
2523 STDCALL
2524 ZwQueryDefaultLocale(
2525 IN BOOLEAN UserProfile,
2526 OUT PLCID DefaultLocaleId
2527 );
2528
2529 NTSTATUS
2530 STDCALL
2531 NtQueryDefaultUILanguage(
2532 PLANGID LanguageId
2533 );
2534
2535 NTSTATUS
2536 STDCALL
2537 ZwQueryDefaultUILanguage(
2538 PLANGID LanguageId
2539 );
2540
2541 /*
2542 * FUNCTION: Queries a directory file.
2543 * ARGUMENTS:
2544 * FileHandle = Handle to a directory file
2545 * EventHandle = Handle to the event signaled on completion
2546 * ApcRoutine = Asynchroneous procedure callback, called on completion
2547 * ApcContext = Argument to the apc.
2548 * IoStatusBlock = Caller supplies storage for extended status information.
2549 * FileInformation = Caller supplies storage for the resulting information.
2550 *
2551 * FileNameInformation FILE_NAMES_INFORMATION
2552 * FileDirectoryInformation FILE_DIRECTORY_INFORMATION
2553 * FileFullDirectoryInformation FILE_FULL_DIRECTORY_INFORMATION
2554 * FileBothDirectoryInformation FILE_BOTH_DIR_INFORMATION
2555 *
2556 * Length = Size of the storage supplied
2557 * FileInformationClass = Indicates the type of information requested.
2558 * ReturnSingleEntry = Specify true if caller only requests the first directory found.
2559 * FileName = Initial directory name to query, that may contain wild cards.
2560 * RestartScan = Number of times the action should be repeated
2561 * RETURNS: Status [ STATUS_SUCCESS, STATUS_ACCESS_DENIED, STATUS_INSUFFICIENT_RESOURCES,
2562 * STATUS_INVALID_PARAMETER, STATUS_INVALID_DEVICE_REQUEST, STATUS_BUFFER_OVERFLOW,
2563 * STATUS_INVALID_INFO_CLASS, STATUS_NO_SUCH_FILE, STATUS_NO_MORE_FILES ]
2564 */
2565
2566 NTSTATUS
2567 STDCALL
2568 NtQueryDirectoryFile(
2569 IN HANDLE FileHandle,
2570 IN HANDLE Event OPTIONAL,
2571 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
2572 IN PVOID ApcContext OPTIONAL,
2573 OUT PIO_STATUS_BLOCK IoStatusBlock,
2574 OUT PVOID FileInformation,
2575 IN ULONG Length,
2576 IN FILE_INFORMATION_CLASS FileInformationClass,
2577 IN BOOLEAN ReturnSingleEntry,
2578 IN PUNICODE_STRING FileName OPTIONAL,
2579 IN BOOLEAN RestartScan
2580 );
2581
2582 NTSTATUS
2583 STDCALL
2584 ZwQueryDirectoryFile(
2585 IN HANDLE FileHandle,
2586 IN HANDLE Event OPTIONAL,
2587 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
2588 IN PVOID ApcContext OPTIONAL,
2589 OUT PIO_STATUS_BLOCK IoStatusBlock,
2590 OUT PVOID FileInformation,
2591 IN ULONG Length,
2592 IN FILE_INFORMATION_CLASS FileInformationClass,
2593 IN BOOLEAN ReturnSingleEntry,
2594 IN PUNICODE_STRING FileName OPTIONAL,
2595 IN BOOLEAN RestartScan
2596 );
2597
2598 /*
2599 * FUNCTION: Queries the extended attributes of a file
2600 * ARGUMENTS:
2601 * FileHandle = Handle to the event
2602 * IoStatusBlock = Number of times the action is repeated
2603 * Buffer
2604 * Length
2605 * ReturnSingleEntry
2606 * EaList
2607 * EaListLength
2608 * EaIndex
2609 * RestartScan
2610 * RETURNS: Status
2611 */
2612
2613 NTSTATUS
2614 STDCALL
2615 NtQueryEaFile(
2616 IN HANDLE FileHandle,
2617 OUT PIO_STATUS_BLOCK IoStatusBlock,
2618 OUT PVOID Buffer,
2619 IN ULONG Length,
2620 IN BOOLEAN ReturnSingleEntry,
2621 IN PVOID EaList OPTIONAL,
2622 IN ULONG EaListLength,
2623 IN PULONG EaIndex OPTIONAL,
2624 IN BOOLEAN RestartScan
2625 );
2626
2627 NTSTATUS
2628 STDCALL
2629 ZwQueryEaFile(
2630 IN HANDLE FileHandle,
2631 OUT PIO_STATUS_BLOCK IoStatusBlock,
2632 OUT PVOID Buffer,
2633 IN ULONG Length,
2634 IN BOOLEAN ReturnSingleEntry,
2635 IN PVOID EaList OPTIONAL,
2636 IN ULONG EaListLength,
2637 IN PULONG EaIndex OPTIONAL,
2638 IN BOOLEAN RestartScan
2639 );
2640
2641 /*
2642 * FUNCTION: Queries an event
2643 * ARGUMENTS:
2644 * EventHandle = Handle to the event
2645 * EventInformationClass = Index of the information structure
2646
2647 EventBasicInformation EVENT_BASIC_INFORMATION
2648
2649 * EventInformation = Caller supplies storage for the information structure
2650 * EventInformationLength = Size of the information structure
2651 * ReturnLength = Data written
2652 * RETURNS: Status
2653 */
2654 NTSTATUS
2655 STDCALL
2656 NtQueryEvent(
2657 IN HANDLE EventHandle,
2658 IN EVENT_INFORMATION_CLASS EventInformationClass,
2659 OUT PVOID EventInformation,
2660 IN ULONG EventInformationLength,
2661 OUT PULONG ReturnLength OPTIONAL
2662 );
2663 NTSTATUS
2664 STDCALL
2665 ZwQueryEvent(
2666 IN HANDLE EventHandle,
2667 IN EVENT_INFORMATION_CLASS EventInformationClass,
2668 OUT PVOID EventInformation,
2669 IN ULONG EventInformationLength,
2670 OUT PULONG ReturnLength OPTIONAL
2671 );
2672
2673 NTSTATUS STDCALL
2674 NtQueryFullAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
2675 OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
2676
2677 NTSTATUS STDCALL
2678 ZwQueryFullAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
2679 OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
2680
2681 /*
2682 * FUNCTION: Queries the information of a file object.
2683 * ARGUMENTS:
2684 * FileHandle = Handle to the file object
2685 * IoStatusBlock = Caller supplies storage for extended information
2686 * on the current operation.
2687 * FileInformation = Storage for the new file information
2688 * Lenght = Size of the storage for the file information.
2689 * FileInformationClass = Indicates which file information is queried
2690
2691 FileDirectoryInformation FILE_DIRECTORY_INFORMATION
2692 FileFullDirectoryInformation FILE_FULL_DIRECTORY_INFORMATION
2693 FileBothDirectoryInformation FILE_BOTH_DIRECTORY_INFORMATION
2694 FileBasicInformation FILE_BASIC_INFORMATION
2695 FileStandardInformation FILE_STANDARD_INFORMATION
2696 FileInternalInformation FILE_INTERNAL_INFORMATION
2697 FileEaInformation FILE_EA_INFORMATION
2698 FileAccessInformation FILE_ACCESS_INFORMATION
2699 FileNameInformation FILE_NAME_INFORMATION
2700 FileRenameInformation FILE_RENAME_INFORMATION
2701 FileLinkInformation
2702 FileNamesInformation FILE_NAMES_INFORMATION
2703 FileDispositionInformation FILE_DISPOSITION_INFORMATION
2704 FilePositionInformation FILE_POSITION_INFORMATION
2705 FileFullEaInformation FILE_FULL_EA_INFORMATION
2706 FileModeInformation FILE_MODE_INFORMATION
2707 FileAlignmentInformation FILE_ALIGNMENT_INFORMATION
2708 FileAllInformation FILE_ALL_INFORMATION
2709
2710 FileEndOfFileInformation FILE_END_OF_FILE_INFORMATION
2711 FileAlternateNameInformation
2712 FileStreamInformation FILE_STREAM_INFORMATION
2713 FilePipeInformation
2714 FilePipeLocalInformation
2715 FilePipeRemoteInformation
2716 FileMailslotQueryInformation
2717 FileMailslotSetInformation
2718 FileCompressionInformation FILE_COMPRESSION_INFORMATION
2719 FileCopyOnWriteInformation
2720 FileCompletionInformation IO_COMPLETION_CONTEXT
2721 FileMoveClusterInformation
2722 FileOleClassIdInformation
2723 FileOleStateBitsInformation
2724 FileNetworkOpenInformation FILE_NETWORK_OPEN_INFORMATION
2725 FileObjectIdInformation
2726 FileOleAllInformation
2727 FileOleDirectoryInformation
2728 FileContentIndexInformation
2729 FileInheritContentIndexInformation
2730 FileOleInformation
2731 FileMaximumInformation
2732
2733 * REMARK:
2734 * This procedure maps to the win32 GetShortPathName, GetLongPathName,
2735 GetFullPathName, GetFileType, GetFileSize, GetFileTime functions.
2736 * RETURNS: Status
2737 */
2738 NTSTATUS
2739 STDCALL
2740 NtQueryInformationFile(
2741 IN HANDLE FileHandle,
2742 OUT PIO_STATUS_BLOCK IoStatusBlock,
2743 OUT PVOID FileInformation,
2744 IN ULONG Length,
2745 IN FILE_INFORMATION_CLASS FileInformationClass
2746 );
2747
2748 NTSTATUS
2749 STDCALL
2750 ZwQueryInformationFile(
2751 HANDLE FileHandle,
2752 PIO_STATUS_BLOCK IoStatusBlock,
2753 PVOID FileInformation,
2754 ULONG Length,
2755 FILE_INFORMATION_CLASS FileInformationClass
2756 );
2757
2758 NTSTATUS
2759 STDCALL
2760 NtQueryInformationJobObject(
2761 HANDLE JobHandle,
2762 JOBOBJECTINFOCLASS JobInformationClass,
2763 PVOID JobInformation,
2764 ULONG JobInformationLength,
2765 PULONG ReturnLength
2766 );
2767
2768 NTSTATUS
2769 STDCALL
2770 ZwQueryInformationJobObject(
2771 HANDLE JobHandle,
2772 JOBOBJECTINFOCLASS JobInformationClass,
2773 PVOID JobInformation,
2774 ULONG JobInformationLength,
2775 PULONG ReturnLength
2776 );
2777
2778 NTSTATUS STDCALL
2779 NtQueryInformationPort (HANDLE PortHandle,
2780 CINT PortInformationClass,
2781 PVOID PortInformation,
2782 ULONG PortInformationLength,
2783 PULONG ReturnLength);
2784
2785 #ifndef __USE_W32API
2786 NTSTATUS STDCALL
2787 ZwQueryInformationPort (HANDLE PortHandle,
2788 CINT PortInformationClass,
2789 PVOID PortInformation,
2790 ULONG PortInformationLength,
2791 PULONG ReturnLength);
2792 #endif
2793
2794 /*
2795 * FUNCTION: Queries the information of a thread object.
2796 * ARGUMENTS:
2797 * ThreadHandle = Handle to the thread object
2798 * ThreadInformationClass = Index to a certain information structure
2799
2800 ThreadBasicInformation THREAD_BASIC_INFORMATION
2801 ThreadTimes KERNEL_USER_TIMES
2802 ThreadPriority KPRIORITY
2803 ThreadBasePriority KPRIORITY
2804 ThreadAffinityMask KAFFINITY
2805 ThreadImpersonationToken
2806 ThreadDescriptorTableEntry
2807 ThreadEnableAlignmentFaultFixup
2808 ThreadEventPair
2809 ThreadQuerySetWin32StartAddress
2810 ThreadZeroTlsCell
2811 ThreadPerformanceCount
2812 ThreadAmILastThread BOOLEAN
2813 ThreadIdealProcessor ULONG
2814 ThreadPriorityBoost ULONG
2815 MaxThreadInfoClass
2816
2817
2818 * ThreadInformation = Caller supplies torage for the thread information
2819 * ThreadInformationLength = Size of the thread information structure
2820 * ReturnLength = Actual number of bytes written
2821
2822 * REMARK:
2823 * This procedure maps to the win32 GetThreadTimes, GetThreadPriority,
2824 GetThreadPriorityBoost functions.
2825 * RETURNS: Status
2826 */
2827
2828
2829 NTSTATUS
2830 STDCALL
2831 NtQueryInformationThread(
2832 IN HANDLE ThreadHandle,
2833 IN THREADINFOCLASS ThreadInformationClass,
2834 OUT PVOID ThreadInformation,
2835 IN ULONG ThreadInformationLength,
2836 OUT PULONG ReturnLength OPTIONAL
2837 );
2838
2839 NTSTATUS
2840 STDCALL
2841 ZwQueryInformationThread(
2842 IN HANDLE ThreadHandle,
2843 IN THREADINFOCLASS ThreadInformationClass,
2844 OUT PVOID ThreadInformation,
2845 IN ULONG ThreadInformationLength,
2846 OUT PULONG ReturnLength OPTIONAL
2847 );
2848
2849
2850 NTSTATUS
2851 STDCALL
2852 NtQueryInformationToken(
2853 IN HANDLE TokenHandle,
2854 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
2855 OUT PVOID TokenInformation,
2856 IN ULONG TokenInformationLength,
2857 OUT PULONG ReturnLength
2858 );
2859
2860 NTSTATUS
2861 STDCALL
2862 ZwQueryInformationToken(
2863 IN HANDLE TokenHandle,
2864 IN TOKEN_INFORMATION_CLASS TokenInformationClass,
2865 OUT PVOID TokenInformation,
2866 IN ULONG TokenInformationLength,
2867 OUT PULONG ReturnLength
2868 );
2869
2870 NTSTATUS
2871 STDCALL
2872 NtQueryInstallUILanguage(
2873 PLANGID LanguageId
2874 );
2875
2876 NTSTATUS
2877 STDCALL
2878 ZwQueryInstallUILanguage(
2879 PLANGID LanguageId
2880 );
2881
2882 NTSTATUS
2883 STDCALL
2884 NtQueryIoCompletion(
2885 IN HANDLE IoCompletionHandle,
2886 IN IO_COMPLETION_INFORMATION_CLASS IoCompletionInformationClass,
2887 OUT PVOID IoCompletionInformation,
2888 IN ULONG IoCompletionInformationLength,
2889 OUT PULONG ResultLength OPTIONAL
2890 );
2891
2892 NTSTATUS
2893 STDCALL
2894 ZwQueryIoCompletion(
2895 IN HANDLE IoCompletionHandle,
2896 IN IO_COMPLETION_INFORMATION_CLASS IoCompletionInformationClass,
2897 OUT PVOID IoCompletionInformation,
2898 IN ULONG IoCompletionInformationLength,
2899 OUT PULONG ResultLength OPTIONAL
2900 );
2901
2902 /*
2903 * FUNCTION: Queries the information of a registry key object.
2904 * ARGUMENTS:
2905 KeyHandle = Handle to a registry key
2906 KeyInformationClass = Index to a certain information structure
2907 KeyInformation = Caller supplies storage for resulting information
2908 Length = Size of the supplied storage
2909 ResultLength = Bytes written
2910 */
2911 NTSTATUS
2912 STDCALL
2913 NtQueryKey(
2914 IN HANDLE KeyHandle,
2915 IN KEY_INFORMATION_CLASS KeyInformationClass,
2916 OUT PVOID KeyInformation,
2917 IN ULONG Length,
2918 OUT PULONG ResultLength
2919 );
2920
2921 NTSTATUS
2922 STDCALL
2923 ZwQueryKey(
2924 IN HANDLE KeyHandle,
2925 IN KEY_INFORMATION_CLASS KeyInformationClass,
2926 OUT PVOID KeyInformation,
2927 IN ULONG Length,
2928 OUT PULONG ResultLength
2929 );
2930
2931
2932
2933 NTSTATUS
2934 STDCALL
2935 NtQueryQuotaInformationFile(
2936 IN HANDLE FileHandle,
2937 OUT PIO_STATUS_BLOCK IoStatusBlock,
2938 OUT PVOID Buffer,
2939 IN ULONG Length,
2940 IN BOOLEAN ReturnSingleEntry,
2941 IN PVOID SidList OPTIONAL,
2942 IN ULONG SidListLength,
2943 IN PSID StartSid OPTIONAL,
2944 IN BOOLEAN RestartScan
2945 );
2946
2947
2948 NTSTATUS
2949 STDCALL
2950 ZwQueryQuotaInformationFile(
2951 IN HANDLE FileHandle,
2952 OUT PIO_STATUS_BLOCK IoStatusBlock,
2953 OUT PVOID Buffer,
2954 IN ULONG Length,
2955 IN BOOLEAN ReturnSingleEntry,
2956 IN PVOID SidList OPTIONAL,
2957 IN ULONG SidListLength,
2958 IN PSID StartSid OPTIONAL,
2959 IN BOOLEAN RestartScan
2960 );
2961 // draft
2962
2963 NTSTATUS
2964 STDCALL
2965 NtQueryMultipleValueKey(
2966 IN HANDLE KeyHandle,
2967 IN OUT PKEY_VALUE_ENTRY ValueList,
2968 IN ULONG NumberOfValues,
2969 OUT PVOID Buffer,
2970 IN OUT PULONG Length,
2971 OUT PULONG ReturnLength
2972 );
2973
2974 NTSTATUS
2975 STDCALL
2976 ZwQueryMultipleValueKey(
2977 IN HANDLE KeyHandle,
2978 IN OUT PKEY_VALUE_ENTRY ValueList,
2979 IN ULONG NumberOfValues,
2980 OUT PVOID Buffer,
2981 IN OUT PULONG Length,
2982 OUT PULONG ReturnLength
2983 );
2984
2985 /*
2986 * FUNCTION: Queries the information of a mutant object.
2987 * ARGUMENTS:
2988 MutantHandle = Handle to a mutant
2989 MutantInformationClass = Index to a certain information structure
2990 MutantInformation = Caller supplies storage for resulting information
2991 Length = Size of the supplied storage
2992 ResultLength = Bytes written
2993 */
2994 NTSTATUS
2995 STDCALL
2996 NtQueryMutant(
2997 IN HANDLE MutantHandle,
2998 IN MUTANT_INFORMATION_CLASS MutantInformationClass,
2999 OUT PVOID MutantInformation,
3000 IN ULONG MutantInformationLength,
3001 OUT PULONG ResultLength OPTIONAL
3002 );
3003
3004 NTSTATUS
3005 STDCALL
3006 ZwQueryMutant(
3007 IN HANDLE MutantHandle,
3008 IN MUTANT_INFORMATION_CLASS MutantInformationClass,
3009 OUT PVOID MutantInformation,
3010 IN ULONG MutantInformationLength,
3011 OUT PULONG ResultLength OPTIONAL
3012 );
3013
3014 /*
3015 * FUNCTION: Queries the system ( high-resolution ) performance counter.
3016 * ARGUMENTS:
3017 * PerformanceCounter = Performance counter
3018 * PerformanceFrequency = Performance frequency
3019 * REMARKS:
3020 This procedure queries a tick count faster than 10ms ( The resolution for IntelĀ®-based CPUs is about 0.8 microseconds.)
3021 This procedure maps to the win32 QueryPerformanceCounter, QueryPerformanceFrequency
3022 * RETURNS: Status
3023 *
3024 */
3025 NTSTATUS
3026 STDCALL
3027 NtQueryPerformanceCounter(
3028 OUT PLARGE_INTEGER PerformanceCounter,
3029 OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL
3030 );
3031
3032 NTSTATUS
3033 STDCALL
3034 ZwQueryPerformanceCounter(
3035 OUT PLARGE_INTEGER PerformanceCounter,
3036 OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL
3037 );
3038
3039 /*
3040 * FUNCTION: Queries the information of a semaphore.
3041 * ARGUMENTS:
3042 * SemaphoreHandle = Handle to the semaphore object
3043 * SemaphoreInformationClass = Index to a certain information structure
3044
3045 SemaphoreBasicInformation SEMAPHORE_BASIC_INFORMATION
3046
3047 * SemaphoreInformation = Caller supplies storage for the semaphore information structure
3048 * Length = Size of the infomation structure
3049 */
3050 NTSTATUS
3051 STDCALL
3052 NtQuerySemaphore(
3053 IN HANDLE SemaphoreHandle,
3054 IN SEMAPHORE_INFORMATION_CLASS SemaphoreInformationClass,
3055 OUT PVOID SemaphoreInformation,
3056 IN ULONG Length,
3057 OUT PULONG ReturnLength OPTIONAL
3058 );
3059
3060 NTSTATUS
3061 STDCALL
3062 ZwQuerySemaphore(
3063 IN HANDLE SemaphoreHandle,
3064 IN SEMAPHORE_INFORMATION_CLASS SemaphoreInformationClass,
3065 OUT PVOID SemaphoreInformation,
3066 IN ULONG Length,
3067 OUT PULONG ReturnLength OPTIONAL
3068 );
3069
3070
3071 /*
3072 * FUNCTION: Queries the information of a symbolic link object.
3073 * ARGUMENTS:
3074 * SymbolicLinkHandle = Handle to the symbolic link object
3075 * LinkTarget = resolved name of link
3076 * DataWritten = size of the LinkName.
3077 * RETURNS: Status
3078 *
3079 */
3080 NTSTATUS
3081 STDCALL
3082 NtQuerySymbolicLinkObject(
3083 IN HANDLE LinkHandle,
3084 OUT PUNICODE_STRING LinkTarget,
3085 OUT PULONG ResultLength OPTIONAL
3086 );
3087
3088 NTSTATUS
3089 STDCALL
3090 ZwQuerySymbolicLinkObject(
3091 IN HANDLE LinkHandle,
3092 OUT PUNICODE_STRING LinkTarget,
3093 OUT PULONG ResultLength OPTIONAL
3094 );
3095
3096
3097 /*
3098 * FUNCTION: Queries a system environment variable.
3099 * ARGUMENTS:
3100 * Name = Name of the variable
3101 * Value (OUT) = value of the variable
3102 * Length = size of the buffer
3103 * ReturnLength = data written
3104 * RETURNS: Status
3105 *
3106 */
3107 NTSTATUS
3108 STDCALL
3109 NtQuerySystemEnvironmentValue(
3110 IN PUNICODE_STRING VariableName,
3111 OUT PWCHAR ValueBuffer,
3112 IN ULONG ValueBufferLength,
3113 OUT PULONG ReturnLength OPTIONAL
3114 );
3115
3116 NTSTATUS
3117 STDCALL
3118 ZwQuerySystemEnvironmentValue(
3119 IN PUNICODE_STRING VariableName,
3120 OUT PWCHAR ValueBuffer,
3121 IN ULONG ValueBufferLength,
3122 OUT PULONG ReturnLength OPTIONAL
3123 );
3124
3125
3126 /*
3127 * FUNCTION: Queries the system information.
3128 * ARGUMENTS:
3129 * SystemInformationClass = Index to a certain information structure
3130
3131 SystemTimeAdjustmentInformation SYSTEM_TIME_ADJUSTMENT
3132 SystemCacheInformation SYSTEM_CACHE_INFORMATION
3133 SystemConfigurationInformation CONFIGURATION_INFORMATION
3134
3135 * SystemInformation = caller supplies storage for the information structure
3136 * Length = size of the structure
3137 ResultLength = Data written
3138 * RETURNS: Status
3139 *
3140 */
3141 NTSTATUS
3142 STDCALL
3143 NtQuerySystemInformation(
3144 IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
3145 OUT PVOID SystemInformation,
3146 IN ULONG Length,
3147 OUT PULONG ResultLength
3148 );
3149
3150 NTSTATUS
3151 STDCALL
3152 ZwQuerySystemInformation(
3153 IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
3154 OUT PVOID SystemInformation,
3155 IN ULONG Length,
3156 OUT PULONG ResultLength
3157 );
3158
3159 /*
3160 * FUNCTION: Queries information about a timer
3161 * ARGUMENTS:
3162 * TimerHandle = Handle to the timer
3163 TimerValueInformationClass = Index to a certain information structure
3164 TimerValueInformation = Caller supplies storage for the information structure
3165 Length = Size of the information structure
3166 ResultLength = Data written
3167 * RETURNS: Status
3168 *
3169 */
3170 NTSTATUS
3171 STDCALL
3172 NtQueryTimer(
3173 IN HANDLE TimerHandle,
3174 IN TIMER_INFORMATION_CLASS TimerInformationClass,
3175 OUT PVOID TimerInformation,
3176 IN ULONG TimerInformationLength,
3177 OUT PULONG ReturnLength OPTIONAL
3178 );
3179 NTSTATUS
3180 STDCALL
3181 ZwQueryTimer(
3182 IN HANDLE TimerHandle,
3183 IN TIMER_INFORMATION_CLASS TimerInformationClass,
3184 OUT PVOID TimerInformation,
3185 IN ULONG TimerInformationLength,
3186 OUT PULONG ReturnLength OPTIONAL
3187 );
3188
3189 /*
3190 * FUNCTION: Queries the timer resolution
3191 * ARGUMENTS:
3192 * MinimumResolution (OUT) = Caller should supply storage for the resulting time.
3193 Maximum Resolution (OUT) = Caller should supply storage for the resulting time.
3194 ActualResolution (OUT) = Caller should supply storage for the resulting time.
3195 * RETURNS: Status
3196 *
3197 */
3198
3199
3200 NTSTATUS
3201 STDCALL
3202 NtQueryTimerResolution (
3203 OUT PULONG MinimumResolution,
3204 OUT PULONG MaximumResolution,
3205 OUT PULONG ActualResolution
3206 );
3207
3208 NTSTATUS
3209 STDCALL
3210 ZwQueryTimerResolution (
3211 OUT PULONG MinimumResolution,
3212 OUT PULONG MaximumResolution,
3213 OUT PULONG ActualResolution
3214 );
3215
3216 /*
3217 * FUNCTION: Queries a registry key value
3218 * ARGUMENTS:
3219 * KeyHandle = Handle to the registry key
3220 ValueName = Name of the value in the registry key
3221 KeyValueInformationClass = Index to a certain information structure
3222
3223 KeyValueBasicInformation = KEY_VALUE_BASIC_INFORMATION
3224 KeyValueFullInformation = KEY_FULL_INFORMATION
3225 KeyValuePartialInformation = KEY_VALUE_PARTIAL_INFORMATION
3226
3227 KeyValueInformation = Caller supplies storage for the information structure
3228 Length = Size of the information structure
3229 ResultLength = Data written
3230 * RETURNS: Status
3231 *
3232 */
3233 NTSTATUS
3234 STDCALL
3235 NtQueryValueKey(
3236 IN HANDLE KeyHandle,
3237 IN PUNICODE_STRING ValueName,
3238 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
3239 OUT PVOID KeyValueInformation,
3240 IN ULONG Length,
3241 OUT PULONG ResultLength
3242 );
3243
3244 NTSTATUS
3245 STDCALL
3246 ZwQueryValueKey(
3247 IN HANDLE KeyHandle,
3248 IN PUNICODE_STRING ValueName,
3249 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
3250 OUT PVOID KeyValueInformation,
3251 IN ULONG Length,
3252 OUT PULONG ResultLength
3253 );
3254
3255 /*
3256 * FUNCTION: Queries the volume information
3257 * ARGUMENTS:
3258 * FileHandle = Handle to a file object on the target volume
3259 * IoStatusBlock = Caller should supply storage for additional status information
3260 * ReturnLength = DataWritten
3261 * FsInformation = Caller should supply storage for the information structure.
3262 * Length = Size of the information structure
3263 * FsInformationClass = Index to a information structure
3264
3265 FileFsVolumeInformation FILE_FS_VOLUME_INFORMATION
3266 FileFsLabelInformation FILE_FS_LABEL_INFORMATION
3267 FileFsSizeInformation FILE_FS_SIZE_INFORMATION
3268 FileFsDeviceInformation FILE_FS_DEVICE_INFORMATION
3269 FileFsAttributeInformation FILE_FS_ATTRIBUTE_INFORMATION
3270 FileFsControlInformation
3271 FileFsQuotaQueryInformation --
3272 FileFsQuotaSetInformation --
3273 FileFsMaximumInformation
3274
3275 * RETURNS: Status [ STATUS_SUCCESS | STATUS_INSUFFICIENT_RESOURCES | STATUS_INVALID_PARAMETER |
3276 STATUS_INVALID_DEVICE_REQUEST | STATUS_BUFFER_OVERFLOW ]
3277 *
3278 */
3279 NTSTATUS
3280 STDCALL
3281 NtQueryVolumeInformationFile(
3282 IN HANDLE FileHandle,
3283 OUT PIO_STATUS_BLOCK IoStatusBlock,
3284 OUT PVOID FsInformation,
3285 IN ULONG Length,
3286 IN FS_INFORMATION_CLASS FsInformationClass
3287 );
3288
3289 NTSTATUS
3290 STDCALL
3291 ZwQueryVolumeInformationFile(
3292 IN HANDLE FileHandle,
3293 OUT PIO_STATUS_BLOCK IoStatusBlock,
3294 OUT PVOID FsInformation,
3295 IN ULONG Length,
3296 IN FS_INFORMATION_CLASS FsInformationClass
3297 );
3298 // draft
3299 // FIXME: Should I specify if the apc is user or kernel mode somewhere ??
3300 /*
3301 * FUNCTION: Queues a (user) apc to a thread.
3302 * ARGUMENTS:
3303 ThreadHandle = Thread to which the apc is queued.
3304 ApcRoutine = Points to the apc routine
3305 NormalContext = Argument to Apc Routine
3306 * SystemArgument1 = Argument of the Apc Routine
3307 SystemArgument2 = Argument of the Apc Routine
3308 * REMARK: If the apc is queued against a thread of a different process than the calling thread
3309 the apc routine should be specified in the address space of the queued thread's process.
3310 * RETURNS: Status
3311 */
3312
3313 NTSTATUS
3314 STDCALL
3315 NtQueueApcThread(
3316 HANDLE ThreadHandle,
3317 PKNORMAL_ROUTINE ApcRoutine,
3318 PVOID NormalContext,
3319 PVOID SystemArgument1,
3320 PVOID SystemArgument2);
3321
3322 NTSTATUS
3323 STDCALL
3324 ZwQueueApcThread(
3325 HANDLE ThreadHandle,
3326 PKNORMAL_ROUTINE ApcRoutine,
3327 PVOID NormalContext,
3328 PVOID SystemArgument1,
3329 PVOID SystemArgument2);
3330
3331
3332 /*
3333 * FUNCTION: Raises an exception
3334 * ARGUMENTS:
3335 * ExceptionRecord = Structure specifying the exception
3336 * Context = Context in which the excpetion is raised
3337 * IsDebugger =
3338 * RETURNS: Status
3339 *
3340 */
3341
3342 NTSTATUS
3343 STDCALL
3344 NtRaiseException(
3345 IN PEXCEPTION_RECORD ExceptionRecord,
3346 IN PCONTEXT Context,
3347 IN BOOLEAN SearchFrames
3348 );
3349
3350 NTSTATUS
3351 STDCALL
3352 ZwRaiseException(
3353 IN PEXCEPTION_RECORD ExceptionRecord,
3354 IN PCONTEXT Context,
3355 IN BOOLEAN SearchFrames
3356 );
3357
3358 /*
3359 * FUNCTION: Read a file
3360 * ARGUMENTS:
3361 * FileHandle = Handle of a file to read
3362 * Event = This event is signalled when the read operation completes
3363 * UserApcRoutine = Call back , if supplied Event should be NULL
3364 * UserApcContext = Argument to the callback
3365 * IoStatusBlock = Caller should supply storage for additional status information
3366 * Buffer = Caller should supply storage to receive the information
3367 * BufferLength = Size of the buffer
3368 * ByteOffset = Offset to start reading the file
3369 * Key = If a range is lock a matching key will allow the read to continue.
3370 * RETURNS: Status
3371 *
3372 */
3373
3374 NTSTATUS
3375 STDCALL
3376 NtReadFile(
3377 IN HANDLE FileHandle,
3378 IN HANDLE Event OPTIONAL,
3379 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
3380 IN PVOID UserApcContext OPTIONAL,
3381 OUT PIO_STATUS_BLOCK IoStatusBlock,
3382 OUT PVOID Buffer,
3383 IN ULONG BufferLength,
3384 IN PLARGE_INTEGER ByteOffset OPTIONAL,
3385 IN PULONG Key OPTIONAL
3386 );
3387
3388 NTSTATUS
3389 STDCALL
3390 ZwReadFile(
3391 IN HANDLE FileHandle,
3392 IN HANDLE Event OPTIONAL,
3393 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
3394 IN PVOID UserApcContext OPTIONAL,
3395 OUT PIO_STATUS_BLOCK IoStatusBlock,
3396 OUT PVOID Buffer,
3397 IN ULONG BufferLength,
3398 IN PLARGE_INTEGER ByteOffset OPTIONAL,
3399 IN PULONG Key OPTIONAL
3400 );
3401 /*
3402 * FUNCTION: Read a file using scattered io
3403 * ARGUMENTS:
3404 FileHandle = Handle of a file to read
3405 Event = This event is signalled when the read operation completes
3406 * UserApcRoutine = Call back , if supplied Event should be NULL
3407 UserApcContext = Argument to the callback
3408 IoStatusBlock = Caller should supply storage for additional status information
3409 BufferDescription = Caller should supply storage to receive the information
3410 BufferLength = Size of the buffer
3411 ByteOffset = Offset to start reading the file
3412 Key = Key = If a range is lock a matching key will allow the read to continue.
3413 * RETURNS: Status
3414 *
3415 */
3416 NTSTATUS
3417 STDCALL
3418 NtReadFileScatter(
3419 IN HANDLE FileHandle,
3420 IN HANDLE Event OPTIONAL,
3421 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
3422 IN PVOID UserApcContext OPTIONAL,
3423 OUT PIO_STATUS_BLOCK UserIoStatusBlock,
3424 IN FILE_SEGMENT_ELEMENT BufferDescription[],
3425 IN ULONG BufferLength,
3426 IN PLARGE_INTEGER ByteOffset,
3427 IN PULONG Key OPTIONAL
3428 );
3429
3430 NTSTATUS
3431 STDCALL
3432 ZwReadFileScatter(
3433 IN HANDLE FileHandle,
3434 IN HANDLE Event OPTIONAL,
3435 IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
3436 IN PVOID UserApcContext OPTIONAL,
3437 OUT PIO_STATUS_BLOCK UserIoStatusBlock,
3438 IN FILE_SEGMENT_ELEMENT BufferDescription[],
3439 IN ULONG BufferLength,
3440 IN PLARGE_INTEGER ByteOffset,
3441 IN PULONG Key OPTIONAL
3442 );
3443
3444
3445 NTSTATUS STDCALL
3446 NtReadRequestData (HANDLE PortHandle,
3447 PLPC_MESSAGE Message,
3448 ULONG Index,
3449 PVOID Buffer,
3450 ULONG BufferLength,
3451 PULONG ReturnLength);
3452
3453 NTSTATUS STDCALL
3454 ZwReadRequestData (HANDLE PortHandle,
3455 PLPC_MESSAGE Message,
3456 ULONG Index,
3457 PVOID Buffer,
3458 ULONG BufferLength,
3459 PULONG ReturnLength);
3460
3461
3462 /*
3463 * FUNCTION: Copies a range of virtual memory to a buffer
3464 * ARGUMENTS:
3465 * ProcessHandle = Specifies the process owning the virtual address space
3466 * BaseAddress = Points to the address of virtual memory to start the read
3467 * Buffer = Caller supplies storage to copy the virtual memory to.
3468 * NumberOfBytesToRead = Limits the range to read
3469 * NumberOfBytesRead = The actual number of bytes read.
3470 * RETURNS: Status
3471 */
3472
3473 NTSTATUS
3474 STDCALL
3475 NtReadVirtualMemory(
3476 IN HANDLE ProcessHandle,
3477 IN PVOID BaseAddress,
3478 OUT PVOID Buffer,
3479 IN ULONG NumberOfBytesToRead,
3480 OUT PULONG NumberOfBytesRead
3481 );
3482 NTSTATUS
3483 STDCALL
3484 ZwReadVirtualMemory(
3485 IN HANDLE ProcessHandle,
3486 IN PVOID BaseAddress,
3487 OUT PVOID Buffer,
3488 IN ULONG NumberOfBytesToRead,
3489 OUT PULONG NumberOfBytesRead
3490 );
3491
3492
3493 /*
3494 * FUNCTION: Debugger can register for thread termination
3495 * ARGUMENTS:
3496 * TerminationPort = Port on which the debugger likes to be notified.
3497 * RETURNS: Status
3498 */
3499 NTSTATUS
3500 STDCALL
3501 NtRegisterThreadTerminatePort(
3502 HANDLE PortHandle
3503 );
3504 NTSTATUS
3505 STDCALL
3506 ZwRegisterThreadTerminatePort(
3507 HANDLE PortHandle
3508 );
3509
3510 /*
3511 * FUNCTION: Releases a mutant
3512 * ARGUMENTS:
3513 * MutantHandle = Handle to the mutant
3514 * ReleaseCount =
3515 * RETURNS: Status
3516 */
3517 NTSTATUS
3518 STDCALL
3519 NtReleaseMutant(
3520 IN HANDLE MutantHandle,
3521 IN PLONG PreviousCount OPTIONAL
3522 );
3523
3524 NTSTATUS
3525 STDCALL
3526 ZwReleaseMutant(
3527 IN HANDLE MutantHandle,
3528 IN PLONG PreviousCount OPTIONAL
3529 );
3530
3531 /*
3532 * FUNCTION: Releases a semaphore
3533 * ARGUMENTS:
3534 * SemaphoreHandle = Handle to the semaphore object
3535 * ReleaseCount = Number to decrease the semaphore count
3536 * PreviousCount = Previous semaphore count
3537 * RETURNS: Status
3538 */
3539 NTSTATUS
3540 STDCALL
3541 NtReleaseSemaphore(
3542 IN HANDLE SemaphoreHandle,
3543 IN LONG ReleaseCount,
3544 OUT PLONG PreviousCount OPTIONAL
3545 );
3546
3547 NTSTATUS
3548 STDCALL
3549 ZwReleaseSemaphore(
3550 IN HANDLE SemaphoreHandle,
3551 IN LONG ReleaseCount,
3552 OUT PLONG PreviousCount OPTIONAL
3553 );
3554
3555 /*
3556 * FUNCTION: Removes an io completion
3557 * ARGUMENTS:
3558 * CompletionPort (OUT) = Caller supplied storage for the resulting handle
3559 * CompletionKey = Requested access to the key
3560 * IoStatusBlock = Caller provides storage for extended status information
3561 * CompletionStatus = Current status of the io operation.
3562 * WaitTime = Time to wait if ..
3563 * RETURNS: Status
3564 */
3565 NTSTATUS
3566 STDCALL
3567 NtRemoveIoCompletion(
3568 IN HANDLE IoCompletionHandle,
3569 OUT PVOID *CompletionKey,
3570 OUT PVOID *CompletionContext,
3571 OUT PIO_STATUS_BLOCK IoStatusBlock,
3572 IN PLARGE_INTEGER Timeout OPTIONAL
3573 );
3574
3575 NTSTATUS
3576 STDCALL
3577 ZwRemoveIoCompletion(
3578 IN HANDLE IoCompletionHandle,
3579 OUT PVOID *CompletionKey,
3580 OUT PVOID *CompletionValue,
3581 OUT PIO_STATUS_BLOCK IoStatusBlock,
3582 IN PLARGE_INTEGER Timeout OPTIONAL
3583 );
3584
3585 /*
3586 * FUNCTION: Replaces one registry key with another
3587 * ARGUMENTS:
3588 * ObjectAttributes = Specifies the attributes of the key
3589 * Key = Handle to the key
3590 * ReplacedObjectAttributes = The function returns the old object attributes
3591 * RETURNS: Status
3592 */
3593 NTSTATUS
3594 STDCALL
3595 NtReplaceKey(
3596 IN POBJECT_ATTRIBUTES ObjectAttributes,
3597 IN HANDLE Key,
3598 IN POBJECT_ATTRIBUTES ReplacedObjectAttributes
3599 );
3600 NTSTATUS
3601 STDCALL
3602 ZwReplaceKey(
3603 IN POBJECT_ATTRIBUTES ObjectAttributes,
3604 IN HANDLE Key,
3605 IN POBJECT_ATTRIBUTES ReplacedObjectAttributes
3606 );
3607
3608
3609 NTSTATUS STDCALL
3610 NtReplyPort (HANDLE PortHandle,
3611 PLPC_MESSAGE LpcReply);
3612
3613 NTSTATUS STDCALL
3614 ZwReplyPort (HANDLE PortHandle,
3615 PLPC_MESSAGE LpcReply);
3616
3617
3618 NTSTATUS STDCALL
3619 NtReplyWaitReceivePort (HANDLE PortHandle,
3620 PULONG PortId,
3621 PLPC_MESSAGE MessageReply,
3622 PLPC_MESSAGE MessageRequest);
3623
3624 NTSTATUS STDCALL
3625 ZwReplyWaitReceivePort (HANDLE PortHandle,
3626 PULONG PortId,
3627 PLPC_MESSAGE MessageReply,
3628 PLPC_MESSAGE MessageRequest);
3629
3630
3631 NTSTATUS STDCALL
3632 NtReplyWaitReplyPort (HANDLE PortHandle,
3633 PLPC_MESSAGE ReplyMessage);
3634
3635 NTSTATUS STDCALL
3636 ZwReplyWaitReplyPort (HANDLE PortHandle,
3637 PLPC_MESSAGE ReplyMessage);
3638
3639
3640 NTSTATUS STDCALL
3641 NtRequestPort (HANDLE PortHandle,
3642 PLPC_MESSAGE LpcMessage);
3643
3644 NTSTATUS STDCALL
3645 ZwRequestPort (HANDLE PortHandle,
3646 PLPC_MESSAGE LpcMessage);
3647
3648
3649 NTSTATUS STDCALL
3650 NtRequestWaitReplyPort (HANDLE PortHandle,
3651 PLPC_MESSAGE LpcReply,
3652 PLPC_MESSAGE LpcRequest);
3653
3654 NTSTATUS STDCALL
3655 ZwRequestWaitReplyPort (HANDLE PortHandle,
3656 PLPC_MESSAGE LpcReply,
3657 PLPC_MESSAGE LpcRequest);
3658
3659 /*
3660 * FUNCTION: Resets a event to a non signaled state
3661 * ARGUMENTS:
3662 * EventHandle = Handle to the event that should be reset
3663 * NumberOfWaitingThreads = The number of threads released.
3664 * RETURNS: Status
3665 */
3666 NTSTATUS
3667 STDCALL
3668 NtResetEvent(
3669 HANDLE EventHandle,
3670 OUT PLONG PreviousState OPTIONAL
3671 );
3672 NTSTATUS
3673 STDCALL
3674 ZwResetEvent(
3675 HANDLE EventHandle,
3676 OUT PLONG PreviousState OPTIONAL
3677 );
3678 //draft
3679 NTSTATUS
3680 STDCALL
3681 NtRestoreKey(
3682 HANDLE KeyHandle,
3683 HANDLE FileHandle,
3684 ULONG RestoreFlags
3685 );
3686
3687 NTSTATUS
3688 STDCALL
3689 ZwRestoreKey(
3690 HANDLE KeyHandle,
3691 HANDLE FileHandle,
3692 ULONG RestoreFlags
3693 );
3694 /*
3695 * FUNCTION: Decrements a thread's resume count
3696 * ARGUMENTS:
3697 * ThreadHandle = Handle to the thread that should be resumed
3698 * ResumeCount = The resulting resume count.
3699 * REMARK:
3700 * A thread is resumed if its suspend count is 0. This procedure maps to
3701 * the win32 ResumeThread function. ( documentation about the the suspend count can be found here aswell )
3702 * RETURNS: Status
3703 */
3704 NTSTATUS
3705 STDCALL
3706 NtResumeThread(
3707 IN HANDLE ThreadHandle,
3708 OUT PULONG SuspendCount OPTIONAL
3709 );
3710 NTSTATUS
3711 STDCALL
3712 ZwResumeThread(
3713 IN HANDLE ThreadHandle,
3714 OUT PULONG SuspendCount OPTIONAL
3715 );
3716 /*
3717 * FUNCTION: Writes the content of a registry key to ascii file
3718 * ARGUMENTS:
3719 * KeyHandle = Handle to the key
3720 * FileHandle = Handle of the file
3721 * REMARKS:
3722 This function maps to the Win32 RegSaveKey.
3723 * RETURNS: Status
3724 */
3725
3726 NTSTATUS
3727 STDCALL
3728 NtSaveKey(
3729 IN HANDLE KeyHandle,
3730 IN HANDLE FileHandle
3731 );
3732 NTSTATUS
3733 STDCALL
3734 ZwSaveKey(
3735 IN HANDLE KeyHandle,
3736 IN HANDLE FileHandle
3737 );
3738
3739 NTSTATUS
3740 STDCALL
3741 NtSaveKeyEx(
3742 IN HANDLE KeyHandle,
3743 IN HANDLE FileHandle,
3744 IN ULONG Flags // REG_STANDARD_FORMAT, etc..
3745 );
3746
3747 NTSTATUS
3748 STDCALL
3749 ZwSaveKeyEx(
3750 IN HANDLE KeyHandle,
3751 IN HANDLE FileHandle,
3752 IN ULONG Flags // REG_STANDARD_FORMAT, etc..
3753 );
3754
3755 NTSTATUS
3756 STDCALL
3757 NtSetBootEntryOrder(
3758 IN ULONG Unknown1,
3759 IN ULONG Unknown2
3760 );
3761
3762 NTSTATUS
3763 STDCALL
3764 ZwSetBootEntryOrder(
3765 IN ULONG Unknown1,
3766 IN ULONG Unknown2
3767 );
3768
3769 NTSTATUS
3770 STDCALL
3771 NtSetBootOptions(
3772 ULONG Unknown1,
3773 ULONG Unknown2
3774 );
3775
3776 NTSTATUS
3777 STDCALL
3778 ZwSetBootOptions(
3779 ULONG Unknown1,
3780 ULONG Unknown2
3781 );
3782
3783
3784 /*
3785 * FUNCTION: Sets the context of a specified thread.
3786 * ARGUMENTS:
3787 * ThreadHandle = Handle to the thread
3788 * ThreadContext = The processor context.
3789 * RETURNS: Status
3790 */
3791
3792 NTSTATUS
3793 STDCALL
3794 NtSetContextThread(
3795 IN HANDLE ThreadHandle,
3796 IN PCONTEXT ThreadContext
3797 );
3798 NTSTATUS
3799 STDCALL
3800 ZwSetContextThread(
3801 IN HANDLE ThreadHandle,
3802 IN PCONTEXT ThreadContext
3803 );
3804
3805 /*
3806 * FUNCTION: Sets the default locale id
3807 * ARGUMENTS:
3808 * UserProfile = Type of locale id
3809 * TRUE: thread locale id
3810 * FALSE: system locale id
3811 * DefaultLocaleId = Locale id
3812 * RETURNS: Status
3813 */
3814
3815 NTSTATUS
3816 STDCALL
3817 NtSetDefaultLocale(
3818 IN BOOLEAN UserProfile,
3819 IN LCID DefaultLocaleId
3820 );
3821
3822 NTSTATUS
3823 STDCALL
3824 ZwSetDefaultLocale(
3825 IN BOOLEAN UserProfile,
3826 IN LCID DefaultLocaleId
3827 );
3828
3829 NTSTATUS
3830 STDCALL
3831 NtSetDefaultUILanguage(
3832 LANGID LanguageId
3833 );
3834
3835 NTSTATUS
3836 STDCALL
3837 ZwSetDefaultUILanguage(
3838 LANGID LanguageId
3839 );
3840 /*
3841 * FUNCTION: Sets the default hard error port
3842 * ARGUMENTS:
3843 * PortHandle = Handle to the port
3844 * NOTE: The hard error port is used for first change exception handling
3845 * RETURNS: Status
3846 */
3847 NTSTATUS
3848 STDCALL
3849 NtSetDefaultHardErrorPort(
3850 IN HANDLE PortHandle
3851 );
3852 NTSTATUS
3853 STDCALL
3854 ZwSetDefaultHardErrorPort(
3855 IN HANDLE PortHandle
3856 );
3857
3858 /*
3859 * FUNCTION: Sets the extended attributes of a file.
3860 * ARGUMENTS:
3861 * FileHandle = Handle to the file
3862 * IoStatusBlock = Storage for a resulting status and information
3863 * on the current operation.
3864 * EaBuffer = Extended Attributes buffer.
3865 * EaBufferSize = Size of the extended attributes buffer
3866 * RETURNS: Status
3867 */
3868 NTSTATUS
3869 STDCALL
3870 NtSetEaFile(
3871 IN HANDLE FileHandle,
3872 IN PIO_STATUS_BLOCK IoStatusBlock,
3873 PVOID EaBuffer,
3874 ULONG EaBufferSize
3875 );
3876 NTSTATUS
3877 STDCALL
3878 ZwSetEaFile(
3879 IN HANDLE FileHandle,
3880 IN PIO_STATUS_BLOCK IoStatusBlock,
3881 PVOID EaBuffer,
3882 ULONG EaBufferSize
3883 );
3884
3885 //FIXME: should I return the event state ?
3886
3887 /*
3888 * FUNCTION: Sets the event to a signalled state.
3889 * ARGUMENTS:
3890 * EventHandle = Handle to the event
3891 * NumberOfThreadsReleased = The number of threads released
3892 * REMARK:
3893 * This procedure maps to the win32 SetEvent function.
3894 * RETURNS: Status
3895 */
3896
3897 NTSTATUS
3898 STDCALL
3899 NtSetEvent(
3900 IN HANDLE EventHandle,
3901 OUT PLONG PreviousState OPTIONAL
3902 );
3903
3904 NTSTATUS
3905 STDCALL
3906 ZwSetEvent(
3907 IN HANDLE EventHandle,
3908 OUT PLONG PreviousState OPTIONAL
3909 );
3910
3911 /*
3912 * FUNCTION: Sets the high part of an event pair
3913 * ARGUMENTS:
3914 EventPair = Handle to the event pair
3915 * RETURNS: Status
3916 */
3917
3918 NTSTATUS
3919 STDCALL
3920 NtSetHighEventPair(
3921 IN HANDLE EventPairHandle
3922 );
3923
3924 NTSTATUS
3925 STDCALL
3926 ZwSetHighEventPair(
3927 IN HANDLE EventPairHandle
3928 );
3929 /*
3930 * FUNCTION: Sets the high part of an event pair and wait for the low part
3931 * ARGUMENTS:
3932 EventPair = Handle to the event pair
3933 * RETURNS: Status
3934 */
3935 NTSTATUS
3936 STDCALL
3937 NtSetHighWaitLowEventPair(
3938 IN HANDLE EventPairHandle
3939 );
3940 NTSTATUS
3941 STDCALL
3942 ZwSetHighWaitLowEventPair(
3943 IN HANDLE EventPairHandle
3944 );
3945
3946 /*
3947 * FUNCTION: Sets the information of a file object.
3948 * ARGUMENTS:
3949 * FileHandle = Handle to the file object
3950 * IoStatusBlock = Caller supplies storage for extended information
3951 * on the current operation.
3952 * FileInformation = Storage for the new file information
3953 * Lenght = Size of the new file information.
3954 * FileInformationClass = Indicates to a certain information structure
3955
3956 FileNameInformation FILE_NAME_INFORMATION
3957 FileRenameInformation FILE_RENAME_INFORMATION
3958 FileStreamInformation FILE_STREAM_INFORMATION
3959 * FileCompletionInformation IO_COMPLETION_CONTEXT
3960
3961 * REMARK:
3962 * This procedure maps to the win32 SetEndOfFile, SetFileAttributes,
3963 * SetNamedPipeHandleState, SetMailslotInfo functions.