7e77f627fc30a38ff2fe51fa5830b4ada18d5062
[reactos.git] / reactos / include / xdk / ntifs.template.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 $define(UCHAR=UCHAR)
34 $define(ULONG=ULONG)
35
36 /* Dependencies */
37 #include <ntddk.h>
38 #include <excpt.h>
39 #include <ntdef.h>
40 #include <ntnls.h>
41 #include <ntstatus.h>
42 #include <bugcodes.h>
43 #include <ntiologc.h>
44
45 $define (_NTIFS_)
46
47 #ifndef FlagOn
48 #define FlagOn(_F,_SF) ((_F) & (_SF))
49 #endif
50
51 #ifndef BooleanFlagOn
52 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
53 #endif
54
55 #ifndef SetFlag
56 #define SetFlag(_F,_SF) ((_F) |= (_SF))
57 #endif
58
59 #ifndef ClearFlag
60 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
61 #endif
62
63 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
64 typedef STRING LSA_STRING, *PLSA_STRING;
65 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
66
67 $include (setypes.h)
68 $include (obtypes.h)
69 $include (rtltypes.h)
70 $include (rtlfuncs.h)
71
72 _IRQL_requires_max_(PASSIVE_LEVEL)
73 __kernel_entry
74 NTSYSCALLAPI
75 NTSTATUS
76 NTAPI
77 NtQueryObject(
78 _In_opt_ HANDLE Handle,
79 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
80 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
81 _In_ ULONG ObjectInformationLength,
82 _Out_opt_ PULONG ReturnLength);
83
84 #if (NTDDI_VERSION >= NTDDI_WIN2K)
85
86 _Must_inspect_result_
87 __kernel_entry
88 NTSYSCALLAPI
89 NTSTATUS
90 NTAPI
91 NtOpenThreadToken(
92 _In_ HANDLE ThreadHandle,
93 _In_ ACCESS_MASK DesiredAccess,
94 _In_ BOOLEAN OpenAsSelf,
95 _Out_ PHANDLE TokenHandle);
96
97 _Must_inspect_result_
98 __kernel_entry
99 NTSYSCALLAPI
100 NTSTATUS
101 NTAPI
102 NtOpenProcessToken(
103 _In_ HANDLE ProcessHandle,
104 _In_ ACCESS_MASK DesiredAccess,
105 _Out_ PHANDLE TokenHandle);
106
107 _When_(TokenInformationClass == TokenAccessInformation,
108 _At_(TokenInformationLength,
109 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
110 _Must_inspect_result_
111 __kernel_entry
112 NTSYSCALLAPI
113 NTSTATUS
114 NTAPI
115 NtQueryInformationToken(
116 _In_ HANDLE TokenHandle,
117 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
118 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
119 _In_ ULONG TokenInformationLength,
120 _Out_ PULONG ReturnLength);
121
122 _Must_inspect_result_
123 __kernel_entry
124 NTSYSCALLAPI
125 NTSTATUS
126 NTAPI
127 NtAdjustPrivilegesToken(
128 _In_ HANDLE TokenHandle,
129 _In_ BOOLEAN DisableAllPrivileges,
130 _In_opt_ PTOKEN_PRIVILEGES NewState,
131 _In_ ULONG BufferLength,
132 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
133 _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
134
135 __kernel_entry
136 NTSYSCALLAPI
137 NTSTATUS
138 NTAPI
139 NtCreateFile(
140 _Out_ PHANDLE FileHandle,
141 _In_ ACCESS_MASK DesiredAccess,
142 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
143 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
144 _In_opt_ PLARGE_INTEGER AllocationSize,
145 _In_ ULONG FileAttributes,
146 _In_ ULONG ShareAccess,
147 _In_ ULONG CreateDisposition,
148 _In_ ULONG CreateOptions,
149 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
150 _In_ ULONG EaLength);
151
152 __kernel_entry
153 NTSYSCALLAPI
154 NTSTATUS
155 NTAPI
156 NtDeviceIoControlFile(
157 _In_ HANDLE FileHandle,
158 _In_opt_ HANDLE Event,
159 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
160 _In_opt_ PVOID ApcContext,
161 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
162 _In_ ULONG IoControlCode,
163 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
164 _In_ ULONG InputBufferLength,
165 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
166 _In_ ULONG OutputBufferLength);
167
168 __kernel_entry
169 NTSYSCALLAPI
170 NTSTATUS
171 NTAPI
172 NtFsControlFile(
173 _In_ HANDLE FileHandle,
174 _In_opt_ HANDLE Event,
175 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
176 _In_opt_ PVOID ApcContext,
177 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
178 _In_ ULONG FsControlCode,
179 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
180 _In_ ULONG InputBufferLength,
181 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
182 _In_ ULONG OutputBufferLength);
183
184 __kernel_entry
185 NTSYSCALLAPI
186 NTSTATUS
187 NTAPI
188 NtLockFile(
189 _In_ HANDLE FileHandle,
190 _In_opt_ HANDLE Event,
191 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
192 _In_opt_ PVOID ApcContext,
193 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
194 _In_ PLARGE_INTEGER ByteOffset,
195 _In_ PLARGE_INTEGER Length,
196 _In_ ULONG Key,
197 _In_ BOOLEAN FailImmediately,
198 _In_ BOOLEAN ExclusiveLock);
199
200 __kernel_entry
201 NTSYSCALLAPI
202 NTSTATUS
203 NTAPI
204 NtOpenFile(
205 _Out_ PHANDLE FileHandle,
206 _In_ ACCESS_MASK DesiredAccess,
207 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
208 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
209 _In_ ULONG ShareAccess,
210 _In_ ULONG OpenOptions);
211
212 __kernel_entry
213 NTSYSCALLAPI
214 NTSTATUS
215 NTAPI
216 NtQueryDirectoryFile(
217 _In_ HANDLE FileHandle,
218 _In_opt_ HANDLE Event,
219 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
220 _In_opt_ PVOID ApcContext,
221 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
222 _Out_writes_bytes_(Length) PVOID FileInformation,
223 _In_ ULONG Length,
224 _In_ FILE_INFORMATION_CLASS FileInformationClass,
225 _In_ BOOLEAN ReturnSingleEntry,
226 _In_opt_ PUNICODE_STRING FileName,
227 _In_ BOOLEAN RestartScan);
228
229 __kernel_entry
230 NTSYSCALLAPI
231 NTSTATUS
232 NTAPI
233 NtQueryInformationFile(
234 _In_ HANDLE FileHandle,
235 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
236 _Out_writes_bytes_(Length) PVOID FileInformation,
237 _In_ ULONG Length,
238 _In_ FILE_INFORMATION_CLASS FileInformationClass);
239
240 __kernel_entry
241 NTSYSCALLAPI
242 NTSTATUS
243 NTAPI
244 NtQueryQuotaInformationFile(
245 _In_ HANDLE FileHandle,
246 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
247 _Out_writes_bytes_(Length) PVOID Buffer,
248 _In_ ULONG Length,
249 _In_ BOOLEAN ReturnSingleEntry,
250 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
251 _In_ ULONG SidListLength,
252 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
253 _In_ BOOLEAN RestartScan);
254
255 __kernel_entry
256 NTSYSCALLAPI
257 NTSTATUS
258 NTAPI
259 NtQueryVolumeInformationFile(
260 _In_ HANDLE FileHandle,
261 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
262 _Out_writes_bytes_(Length) PVOID FsInformation,
263 _In_ ULONG Length,
264 _In_ FS_INFORMATION_CLASS FsInformationClass);
265
266 __kernel_entry
267 NTSYSCALLAPI
268 NTSTATUS
269 NTAPI
270 NtReadFile(
271 _In_ HANDLE FileHandle,
272 _In_opt_ HANDLE Event,
273 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
274 _In_opt_ PVOID ApcContext,
275 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
276 _Out_writes_bytes_(Length) PVOID Buffer,
277 _In_ ULONG Length,
278 _In_opt_ PLARGE_INTEGER ByteOffset,
279 _In_opt_ PULONG Key);
280
281 __kernel_entry
282 NTSYSCALLAPI
283 NTSTATUS
284 NTAPI
285 NtSetInformationFile(
286 _In_ HANDLE FileHandle,
287 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
288 _In_reads_bytes_(Length) PVOID FileInformation,
289 _In_ ULONG Length,
290 _In_ FILE_INFORMATION_CLASS FileInformationClass);
291
292 __kernel_entry
293 NTSYSCALLAPI
294 NTSTATUS
295 NTAPI
296 NtSetQuotaInformationFile(
297 _In_ HANDLE FileHandle,
298 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
299 _In_reads_bytes_(Length) PVOID Buffer,
300 _In_ ULONG Length);
301
302 __kernel_entry
303 NTSYSCALLAPI
304 NTSTATUS
305 NTAPI
306 NtSetVolumeInformationFile(
307 _In_ HANDLE FileHandle,
308 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
309 _In_reads_bytes_(Length) PVOID FsInformation,
310 _In_ ULONG Length,
311 _In_ FS_INFORMATION_CLASS FsInformationClass);
312
313 __kernel_entry
314 NTSYSCALLAPI
315 NTSTATUS
316 NTAPI
317 NtWriteFile(
318 _In_ HANDLE FileHandle,
319 _In_opt_ HANDLE Event,
320 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
321 _In_opt_ PVOID ApcContext,
322 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
323 _In_reads_bytes_(Length) PVOID Buffer,
324 _In_ ULONG Length,
325 _In_opt_ PLARGE_INTEGER ByteOffset,
326 _In_opt_ PULONG Key);
327
328 __kernel_entry
329 NTSYSCALLAPI
330 NTSTATUS
331 NTAPI
332 NtUnlockFile(
333 _In_ HANDLE FileHandle,
334 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
335 _In_ PLARGE_INTEGER ByteOffset,
336 _In_ PLARGE_INTEGER Length,
337 _In_ ULONG Key);
338
339 _IRQL_requires_max_(PASSIVE_LEVEL)
340 __kernel_entry
341 NTSYSCALLAPI
342 NTSTATUS
343 NTAPI
344 NtSetSecurityObject(
345 _In_ HANDLE Handle,
346 _In_ SECURITY_INFORMATION SecurityInformation,
347 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
348
349 _IRQL_requires_max_(PASSIVE_LEVEL)
350 __kernel_entry
351 NTSYSCALLAPI
352 NTSTATUS
353 NTAPI
354 NtQuerySecurityObject(
355 _In_ HANDLE Handle,
356 _In_ SECURITY_INFORMATION SecurityInformation,
357 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
358 _In_ ULONG Length,
359 _Out_ PULONG LengthNeeded);
360
361 _IRQL_requires_max_(PASSIVE_LEVEL)
362 __kernel_entry
363 NTSYSCALLAPI
364 NTSTATUS
365 NTAPI
366 NtClose(
367 _In_ HANDLE Handle);
368
369 #endif
370
371 #if (NTDDI_VERSION >= NTDDI_WINXP)
372
373 _Must_inspect_result_
374 __kernel_entry
375 NTSYSCALLAPI
376 NTSTATUS
377 NTAPI
378 NtOpenThreadTokenEx(
379 _In_ HANDLE ThreadHandle,
380 _In_ ACCESS_MASK DesiredAccess,
381 _In_ BOOLEAN OpenAsSelf,
382 _In_ ULONG HandleAttributes,
383 _Out_ PHANDLE TokenHandle);
384
385 _Must_inspect_result_
386 __kernel_entry
387 NTSYSCALLAPI
388 NTSTATUS
389 NTAPI
390 NtOpenProcessTokenEx(
391 _In_ HANDLE ProcessHandle,
392 _In_ ACCESS_MASK DesiredAccess,
393 _In_ ULONG HandleAttributes,
394 _Out_ PHANDLE TokenHandle);
395
396 _Must_inspect_result_
397 NTSYSAPI
398 NTSTATUS
399 NTAPI
400 NtOpenJobObjectToken(
401 _In_ HANDLE JobHandle,
402 _In_ ACCESS_MASK DesiredAccess,
403 _Out_ PHANDLE TokenHandle);
404
405 _Must_inspect_result_
406 __kernel_entry
407 NTSYSCALLAPI
408 NTSTATUS
409 NTAPI
410 NtDuplicateToken(
411 _In_ HANDLE ExistingTokenHandle,
412 _In_ ACCESS_MASK DesiredAccess,
413 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
414 _In_ BOOLEAN EffectiveOnly,
415 _In_ TOKEN_TYPE TokenType,
416 _Out_ PHANDLE NewTokenHandle);
417
418 _Must_inspect_result_
419 __kernel_entry
420 NTSYSCALLAPI
421 NTSTATUS
422 NTAPI
423 NtFilterToken(
424 _In_ HANDLE ExistingTokenHandle,
425 _In_ ULONG Flags,
426 _In_opt_ PTOKEN_GROUPS SidsToDisable,
427 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
428 _In_opt_ PTOKEN_GROUPS RestrictedSids,
429 _Out_ PHANDLE NewTokenHandle);
430
431 _Must_inspect_result_
432 __kernel_entry
433 NTSYSCALLAPI
434 NTSTATUS
435 NTAPI
436 NtImpersonateAnonymousToken(
437 _In_ HANDLE ThreadHandle);
438
439 _Must_inspect_result_
440 __kernel_entry
441 NTSYSCALLAPI
442 NTSTATUS
443 NTAPI
444 NtSetInformationToken(
445 _In_ HANDLE TokenHandle,
446 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
447 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
448 _In_ ULONG TokenInformationLength);
449
450 _Must_inspect_result_
451 __kernel_entry
452 NTSYSCALLAPI
453 NTSTATUS
454 NTAPI
455 NtAdjustGroupsToken(
456 _In_ HANDLE TokenHandle,
457 _In_ BOOLEAN ResetToDefault,
458 _In_opt_ PTOKEN_GROUPS NewState,
459 _In_opt_ ULONG BufferLength,
460 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
461 _Out_ PULONG ReturnLength);
462
463 _Must_inspect_result_
464 __kernel_entry
465 NTSYSCALLAPI
466 NTSTATUS
467 NTAPI
468 NtPrivilegeCheck(
469 _In_ HANDLE ClientToken,
470 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
471 _Out_ PBOOLEAN Result);
472
473 _Must_inspect_result_
474 __kernel_entry
475 NTSYSCALLAPI
476 NTSTATUS
477 NTAPI
478 NtAccessCheckAndAuditAlarm(
479 _In_ PUNICODE_STRING SubsystemName,
480 _In_opt_ PVOID HandleId,
481 _In_ PUNICODE_STRING ObjectTypeName,
482 _In_ PUNICODE_STRING ObjectName,
483 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
484 _In_ ACCESS_MASK DesiredAccess,
485 _In_ PGENERIC_MAPPING GenericMapping,
486 _In_ BOOLEAN ObjectCreation,
487 _Out_ PACCESS_MASK GrantedAccess,
488 _Out_ PNTSTATUS AccessStatus,
489 _Out_ PBOOLEAN GenerateOnClose);
490
491 _Must_inspect_result_
492 __kernel_entry
493 NTSYSCALLAPI
494 NTSTATUS
495 NTAPI
496 NtAccessCheckByTypeAndAuditAlarm(
497 _In_ PUNICODE_STRING SubsystemName,
498 _In_opt_ PVOID HandleId,
499 _In_ PUNICODE_STRING ObjectTypeName,
500 _In_ PUNICODE_STRING ObjectName,
501 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
502 _In_opt_ PSID PrincipalSelfSid,
503 _In_ ACCESS_MASK DesiredAccess,
504 _In_ AUDIT_EVENT_TYPE AuditType,
505 _In_ ULONG Flags,
506 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
507 _In_ ULONG ObjectTypeLength,
508 _In_ PGENERIC_MAPPING GenericMapping,
509 _In_ BOOLEAN ObjectCreation,
510 _Out_ PACCESS_MASK GrantedAccess,
511 _Out_ PNTSTATUS AccessStatus,
512 _Out_ PBOOLEAN GenerateOnClose);
513
514 _Must_inspect_result_
515 __kernel_entry
516 NTSYSCALLAPI
517 NTSTATUS
518 NTAPI
519 NtAccessCheckByTypeResultListAndAuditAlarm(
520 _In_ PUNICODE_STRING SubsystemName,
521 _In_opt_ PVOID HandleId,
522 _In_ PUNICODE_STRING ObjectTypeName,
523 _In_ PUNICODE_STRING ObjectName,
524 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
525 _In_opt_ PSID PrincipalSelfSid,
526 _In_ ACCESS_MASK DesiredAccess,
527 _In_ AUDIT_EVENT_TYPE AuditType,
528 _In_ ULONG Flags,
529 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
530 _In_ ULONG ObjectTypeListLength,
531 _In_ PGENERIC_MAPPING GenericMapping,
532 _In_ BOOLEAN ObjectCreation,
533 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
534 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
535 _Out_ PBOOLEAN GenerateOnClose);
536
537 _Must_inspect_result_
538 __kernel_entry
539 NTSYSCALLAPI
540 NTSTATUS
541 NTAPI
542 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
543 _In_ PUNICODE_STRING SubsystemName,
544 _In_opt_ PVOID HandleId,
545 _In_ HANDLE ClientToken,
546 _In_ PUNICODE_STRING ObjectTypeName,
547 _In_ PUNICODE_STRING ObjectName,
548 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
549 _In_opt_ PSID PrincipalSelfSid,
550 _In_ ACCESS_MASK DesiredAccess,
551 _In_ AUDIT_EVENT_TYPE AuditType,
552 _In_ ULONG Flags,
553 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
554 _In_ ULONG ObjectTypeListLength,
555 _In_ PGENERIC_MAPPING GenericMapping,
556 _In_ BOOLEAN ObjectCreation,
557 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
558 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
559 _Out_ PBOOLEAN GenerateOnClose);
560
561 __kernel_entry
562 NTSYSCALLAPI
563 NTSTATUS
564 NTAPI
565 NtOpenObjectAuditAlarm(
566 _In_ PUNICODE_STRING SubsystemName,
567 _In_opt_ PVOID HandleId,
568 _In_ PUNICODE_STRING ObjectTypeName,
569 _In_ PUNICODE_STRING ObjectName,
570 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
571 _In_ HANDLE ClientToken,
572 _In_ ACCESS_MASK DesiredAccess,
573 _In_ ACCESS_MASK GrantedAccess,
574 _In_opt_ PPRIVILEGE_SET Privileges,
575 _In_ BOOLEAN ObjectCreation,
576 _In_ BOOLEAN AccessGranted,
577 _Out_ PBOOLEAN GenerateOnClose);
578
579 __kernel_entry
580 NTSYSCALLAPI
581 NTSTATUS
582 NTAPI
583 NtPrivilegeObjectAuditAlarm(
584 _In_ PUNICODE_STRING SubsystemName,
585 _In_opt_ PVOID HandleId,
586 _In_ HANDLE ClientToken,
587 _In_ ACCESS_MASK DesiredAccess,
588 _In_ PPRIVILEGE_SET Privileges,
589 _In_ BOOLEAN AccessGranted);
590
591 __kernel_entry
592 NTSYSCALLAPI
593 NTSTATUS
594 NTAPI
595 NtCloseObjectAuditAlarm(
596 _In_ PUNICODE_STRING SubsystemName,
597 _In_opt_ PVOID HandleId,
598 _In_ BOOLEAN GenerateOnClose);
599
600 __kernel_entry
601 NTSYSCALLAPI
602 NTSTATUS
603 NTAPI
604 NtDeleteObjectAuditAlarm(
605 _In_ PUNICODE_STRING SubsystemName,
606 _In_opt_ PVOID HandleId,
607 _In_ BOOLEAN GenerateOnClose);
608
609 __kernel_entry
610 NTSYSCALLAPI
611 NTSTATUS
612 NTAPI
613 NtPrivilegedServiceAuditAlarm(
614 _In_ PUNICODE_STRING SubsystemName,
615 _In_ PUNICODE_STRING ServiceName,
616 _In_ HANDLE ClientToken,
617 _In_ PPRIVILEGE_SET Privileges,
618 _In_ BOOLEAN AccessGranted);
619
620 __kernel_entry
621 NTSYSCALLAPI
622 NTSTATUS
623 NTAPI
624 NtSetInformationThread(
625 _In_ HANDLE ThreadHandle,
626 _In_ THREADINFOCLASS ThreadInformationClass,
627 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
628 _In_ ULONG ThreadInformationLength);
629
630 _Must_inspect_result_
631 __kernel_entry
632 NTSYSCALLAPI
633 NTSTATUS
634 NTAPI
635 NtCreateSection(
636 _Out_ PHANDLE SectionHandle,
637 _In_ ACCESS_MASK DesiredAccess,
638 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
639 _In_opt_ PLARGE_INTEGER MaximumSize,
640 _In_ ULONG SectionPageProtection,
641 _In_ ULONG AllocationAttributes,
642 _In_opt_ HANDLE FileHandle);
643
644 #endif
645
646 #define COMPRESSION_FORMAT_NONE (0x0000)
647 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
648 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
649 #define COMPRESSION_ENGINE_STANDARD (0x0000)
650 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
651 #define COMPRESSION_ENGINE_HIBER (0x0200)
652
653 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
654
655 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
656
657 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
658 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
659
660 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
661
662 typedef enum _SECURITY_LOGON_TYPE {
663 UndefinedLogonType = 0,
664 Interactive = 2,
665 Network,
666 Batch,
667 Service,
668 Proxy,
669 Unlock,
670 NetworkCleartext,
671 NewCredentials,
672 #if (_WIN32_WINNT >= 0x0501)
673 RemoteInteractive,
674 CachedInteractive,
675 #endif
676 #if (_WIN32_WINNT >= 0x0502)
677 CachedRemoteInteractive,
678 CachedUnlock
679 #endif
680 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
681
682 #ifndef _NTLSA_AUDIT_
683 #define _NTLSA_AUDIT_
684
685 #ifndef GUID_DEFINED
686 #include <guiddef.h>
687 #endif
688
689 #endif /* _NTLSA_AUDIT_ */
690
691 _IRQL_requires_same_
692 _IRQL_requires_max_(PASSIVE_LEVEL)
693 NTSTATUS
694 NTAPI
695 LsaRegisterLogonProcess(
696 _In_ PLSA_STRING LogonProcessName,
697 _Out_ PHANDLE LsaHandle,
698 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
699
700 _IRQL_requires_same_
701 _IRQL_requires_max_(PASSIVE_LEVEL)
702 NTSTATUS
703 NTAPI
704 LsaLogonUser(
705 _In_ HANDLE LsaHandle,
706 _In_ PLSA_STRING OriginName,
707 _In_ SECURITY_LOGON_TYPE LogonType,
708 _In_ ULONG AuthenticationPackage,
709 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
710 _In_ ULONG AuthenticationInformationLength,
711 _In_opt_ PTOKEN_GROUPS LocalGroups,
712 _In_ PTOKEN_SOURCE SourceContext,
713 _Out_ PVOID *ProfileBuffer,
714 _Out_ PULONG ProfileBufferLength,
715 _Inout_ PLUID LogonId,
716 _Out_ PHANDLE Token,
717 _Out_ PQUOTA_LIMITS Quotas,
718 _Out_ PNTSTATUS SubStatus);
719
720 _IRQL_requires_same_
721 NTSTATUS
722 NTAPI
723 LsaFreeReturnBuffer(
724 _In_ PVOID Buffer);
725
726 #ifndef _NTLSA_IFS_
727 #define _NTLSA_IFS_
728 #endif
729
730 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
731 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
732 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
733
734 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
735 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
736
737 #define MSV1_0_CHALLENGE_LENGTH 8
738 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
739 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
740
741 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
742 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
743 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
744 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
745 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
746 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
747 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
748 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
749 #define MSV1_0_RETURN_PROFILE_PATH 0x200
750 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
751 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
752
753 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
754 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
755
756 #if (_WIN32_WINNT >= 0x0502)
757 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
758 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
759 #endif
760
761 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
762 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
763
764 #if (_WIN32_WINNT >= 0x0600)
765 #define MSV1_0_S4U2SELF 0x00020000
766 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
767 #endif
768
769 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
770 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
771 #define MSV1_0_MNS_LOGON 0x01000000
772
773 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
774 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
775
776 #define LOGON_GUEST 0x01
777 #define LOGON_NOENCRYPTION 0x02
778 #define LOGON_CACHED_ACCOUNT 0x04
779 #define LOGON_USED_LM_PASSWORD 0x08
780 #define LOGON_EXTRA_SIDS 0x20
781 #define LOGON_SUBAUTH_SESSION_KEY 0x40
782 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
783 #define LOGON_NTLMV2_ENABLED 0x100
784 #define LOGON_RESOURCE_GROUPS 0x200
785 #define LOGON_PROFILE_PATH_RETURNED 0x400
786 #define LOGON_NT_V2 0x800
787 #define LOGON_LM_V2 0x1000
788 #define LOGON_NTLM_V2 0x2000
789
790 #if (_WIN32_WINNT >= 0x0600)
791
792 #define LOGON_OPTIMIZED 0x4000
793 #define LOGON_WINLOGON 0x8000
794 #define LOGON_PKINIT 0x10000
795 #define LOGON_NO_OPTIMIZED 0x20000
796
797 #endif
798
799 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
800
801 #define LOGON_GRACE_LOGON 0x01000000
802
803 #define MSV1_0_OWF_PASSWORD_LENGTH 16
804 #define MSV1_0_CRED_LM_PRESENT 0x1
805 #define MSV1_0_CRED_NT_PRESENT 0x2
806 #define MSV1_0_CRED_VERSION 0
807
808 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
809 #define MSV1_0_NTLM3_OWF_LENGTH 16
810
811 #if (_WIN32_WINNT == 0x0500)
812 #define MSV1_0_MAX_NTLM3_LIFE 1800
813 #else
814 #define MSV1_0_MAX_NTLM3_LIFE 129600
815 #endif
816 #define MSV1_0_MAX_AVL_SIZE 64000
817
818 #if (_WIN32_WINNT >= 0x0501)
819
820 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
821
822 #if (_WIN32_WINNT >= 0x0600)
823 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
824 #endif
825
826 #endif
827
828 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
829
830 #if(_WIN32_WINNT >= 0x0502)
831 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
832 #endif
833
834 #define USE_PRIMARY_PASSWORD 0x01
835 #define RETURN_PRIMARY_USERNAME 0x02
836 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
837 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
838 #define GENERATE_CLIENT_CHALLENGE 0x10
839 #define GCR_NTLM3_PARMS 0x20
840 #define GCR_TARGET_INFO 0x40
841 #define RETURN_RESERVED_PARAMETER 0x80
842 #define GCR_ALLOW_NTLM 0x100
843 #define GCR_USE_OEM_SET 0x200
844 #define GCR_MACHINE_CREDENTIAL 0x400
845 #define GCR_USE_OWF_PASSWORD 0x800
846 #define GCR_ALLOW_LM 0x1000
847 #define GCR_ALLOW_NO_TARGET 0x2000
848
849 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
850 MsV1_0InteractiveLogon = 2,
851 MsV1_0Lm20Logon,
852 MsV1_0NetworkLogon,
853 MsV1_0SubAuthLogon,
854 MsV1_0WorkstationUnlockLogon = 7,
855 MsV1_0S4ULogon = 12,
856 MsV1_0VirtualLogon = 82
857 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
858
859 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
860 MsV1_0InteractiveProfile = 2,
861 MsV1_0Lm20LogonProfile,
862 MsV1_0SmartCardProfile
863 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
864
865 typedef struct _MSV1_0_INTERACTIVE_LOGON {
866 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
867 UNICODE_STRING LogonDomainName;
868 UNICODE_STRING UserName;
869 UNICODE_STRING Password;
870 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
871
872 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
873 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
874 USHORT LogonCount;
875 USHORT BadPasswordCount;
876 LARGE_INTEGER LogonTime;
877 LARGE_INTEGER LogoffTime;
878 LARGE_INTEGER KickOffTime;
879 LARGE_INTEGER PasswordLastSet;
880 LARGE_INTEGER PasswordCanChange;
881 LARGE_INTEGER PasswordMustChange;
882 UNICODE_STRING LogonScript;
883 UNICODE_STRING HomeDirectory;
884 UNICODE_STRING FullName;
885 UNICODE_STRING ProfilePath;
886 UNICODE_STRING HomeDirectoryDrive;
887 UNICODE_STRING LogonServer;
888 ULONG UserFlags;
889 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
890
891 typedef struct _MSV1_0_LM20_LOGON {
892 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
893 UNICODE_STRING LogonDomainName;
894 UNICODE_STRING UserName;
895 UNICODE_STRING Workstation;
896 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
897 STRING CaseSensitiveChallengeResponse;
898 STRING CaseInsensitiveChallengeResponse;
899 ULONG ParameterControl;
900 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
901
902 typedef struct _MSV1_0_SUBAUTH_LOGON {
903 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
904 UNICODE_STRING LogonDomainName;
905 UNICODE_STRING UserName;
906 UNICODE_STRING Workstation;
907 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
908 STRING AuthenticationInfo1;
909 STRING AuthenticationInfo2;
910 ULONG ParameterControl;
911 ULONG SubAuthPackageId;
912 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
913
914 #if (_WIN32_WINNT >= 0x0600)
915
916 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
917
918 typedef struct _MSV1_0_S4U_LOGON {
919 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
920 ULONG Flags;
921 UNICODE_STRING UserPrincipalName;
922 UNICODE_STRING DomainName;
923 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
924
925 #endif
926
927 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
928 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
929 LARGE_INTEGER KickOffTime;
930 LARGE_INTEGER LogoffTime;
931 ULONG UserFlags;
932 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
933 UNICODE_STRING LogonDomainName;
934 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
935 UNICODE_STRING LogonServer;
936 UNICODE_STRING UserParameters;
937 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
938
939 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
940 ULONG Version;
941 ULONG Flags;
942 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
943 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
944 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
945
946 typedef struct _MSV1_0_NTLM3_RESPONSE {
947 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
948 UCHAR RespType;
949 UCHAR HiRespType;
950 USHORT Flags;
951 ULONG MsgWord;
952 ULONGLONG TimeStamp;
953 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
954 ULONG AvPairsOff;
955 UCHAR Buffer[1];
956 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
957
958 typedef enum _MSV1_0_AVID {
959 MsvAvEOL,
960 MsvAvNbComputerName,
961 MsvAvNbDomainName,
962 MsvAvDnsComputerName,
963 MsvAvDnsDomainName,
964 #if (_WIN32_WINNT >= 0x0501)
965 MsvAvDnsTreeName,
966 MsvAvFlags,
967 #if (_WIN32_WINNT >= 0x0600)
968 MsvAvTimestamp,
969 MsvAvRestrictions,
970 MsvAvTargetName,
971 MsvAvChannelBindings,
972 #endif
973 #endif
974 } MSV1_0_AVID;
975
976 typedef struct _MSV1_0_AV_PAIR {
977 USHORT AvId;
978 USHORT AvLen;
979 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
980
981 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
982 MsV1_0Lm20ChallengeRequest = 0,
983 MsV1_0Lm20GetChallengeResponse,
984 MsV1_0EnumerateUsers,
985 MsV1_0GetUserInfo,
986 MsV1_0ReLogonUsers,
987 MsV1_0ChangePassword,
988 MsV1_0ChangeCachedPassword,
989 MsV1_0GenericPassthrough,
990 MsV1_0CacheLogon,
991 MsV1_0SubAuth,
992 MsV1_0DeriveCredential,
993 MsV1_0CacheLookup,
994 #if (_WIN32_WINNT >= 0x0501)
995 MsV1_0SetProcessOption,
996 #endif
997 #if (_WIN32_WINNT >= 0x0600)
998 MsV1_0ConfigLocalAliases,
999 MsV1_0ClearCachedCredentials,
1000 #endif
1001 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
1002
1003 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
1004 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1005 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
1006
1007 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
1008 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1009 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1010 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
1011
1012 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
1013 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1014 ULONG ParameterControl;
1015 LUID LogonId;
1016 UNICODE_STRING Password;
1017 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1018 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
1019
1020 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
1021 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1022 ULONG ParameterControl;
1023 LUID LogonId;
1024 UNICODE_STRING Password;
1025 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1026 UNICODE_STRING UserName;
1027 UNICODE_STRING LogonDomainName;
1028 UNICODE_STRING ServerName;
1029 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
1030
1031 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
1032 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1033 STRING CaseSensitiveChallengeResponse;
1034 STRING CaseInsensitiveChallengeResponse;
1035 UNICODE_STRING UserName;
1036 UNICODE_STRING LogonDomainName;
1037 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1038 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1039 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
1040
1041 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
1042 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1043 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
1044
1045 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
1046 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1047 ULONG NumberOfLoggedOnUsers;
1048 PLUID LogonIds;
1049 PULONG EnumHandles;
1050 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
1051
1052 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
1053 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1054 LUID LogonId;
1055 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
1056
1057 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
1058 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1059 PSID UserSid;
1060 UNICODE_STRING UserName;
1061 UNICODE_STRING LogonDomainName;
1062 UNICODE_STRING LogonServer;
1063 SECURITY_LOGON_TYPE LogonType;
1064 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
1065
1066 $include (iotypes.h)
1067
1068 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
1069 ULONG Attributes;
1070 ACCESS_MASK GrantedAccess;
1071 ULONG HandleCount;
1072 ULONG PointerCount;
1073 ULONG Reserved[10];
1074 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
1075
1076 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
1077 UNICODE_STRING TypeName;
1078 ULONG Reserved [22];
1079 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
1080
1081 #define SYSTEM_PAGE_PRIORITY_BITS 3
1082 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
1083
1084 $include (ketypes.h)
1085 $include (kefuncs.h)
1086 $include (extypes.h)
1087 $include (exfuncs.h)
1088 $include (sefuncs.h)
1089 $include (psfuncs.h)
1090 $include (iofuncs.h)
1091 $include (potypes.h)
1092 $include (pofuncs.h)
1093 $include (mmtypes.h)
1094 $include (mmfuncs.h)
1095 $include (obfuncs.h)
1096 $include (fsrtltypes.h)
1097 $include (fsrtlfuncs.h)
1098 $include (cctypes.h)
1099 $include (ccfuncs.h)
1100 $include (zwfuncs.h)
1101 $include (sspi.h)
1102
1103 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
1104 #if defined(_WIN64)
1105 C_ASSERT(sizeof(ERESOURCE) == 0x68);
1106 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
1107 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
1108 #else
1109 C_ASSERT(sizeof(ERESOURCE) == 0x38);
1110 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
1111 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
1112 #endif
1113 /* #endif */
1114
1115 #if defined(_IA64_)
1116 #if (NTDDI_VERSION >= NTDDI_WIN2K)
1117 //DECLSPEC_DEPRECATED_DDK
1118 NTHALAPI
1119 ULONG
1120 NTAPI
1121 HalGetDmaAlignmentRequirement(
1122 VOID);
1123 #endif
1124 #endif
1125
1126 #if defined(_M_IX86) || defined(_M_AMD64)
1127 #define HalGetDmaAlignmentRequirement() 1L
1128 #endif
1129
1130 #ifdef _NTSYSTEM_
1131 extern PUSHORT NlsOemLeadByteInfo;
1132 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
1133 #else
1134 __CREATE_NTOS_DATA_IMPORT_ALIAS(NlsOemLeadByteInfo)
1135 extern PUSHORT *NlsOemLeadByteInfo;
1136 #define NLS_OEM_LEAD_BYTE_INFO (*NlsOemLeadByteInfo)
1137 #endif
1138
1139 #if (NTDDI_VERSION >= NTDDI_VISTA)
1140
1141 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
1142 NetworkOpenLocationAny,
1143 NetworkOpenLocationRemote,
1144 NetworkOpenLocationLoopback
1145 } NETWORK_OPEN_LOCATION_QUALIFIER;
1146
1147 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
1148 NetworkOpenIntegrityAny,
1149 NetworkOpenIntegrityNone,
1150 NetworkOpenIntegritySigned,
1151 NetworkOpenIntegrityEncrypted,
1152 NetworkOpenIntegrityMaximum
1153 } NETWORK_OPEN_INTEGRITY_QUALIFIER;
1154
1155 #if (NTDDI_VERSION >= NTDDI_WIN7)
1156
1157 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
1158 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
1159 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
1160
1161 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1162 USHORT Size;
1163 USHORT Reserved;
1164 _ANONYMOUS_STRUCT struct {
1165 struct {
1166 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1167 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1168 ULONG Flags;
1169 } in;
1170 struct {
1171 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1172 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1173 ULONG Flags;
1174 } out;
1175 } DUMMYSTRUCTNAME;
1176 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1177
1178 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
1179 USHORT Size;
1180 USHORT Reserved;
1181 _ANONYMOUS_STRUCT struct {
1182 struct {
1183 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1184 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1185 } in;
1186 struct {
1187 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1188 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1189 } out;
1190 } DUMMYSTRUCTNAME;
1191 } NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
1192
1193 #elif (NTDDI_VERSION >= NTDDI_VISTA)
1194 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1195 USHORT Size;
1196 USHORT Reserved;
1197 _ANONYMOUS_STRUCT struct {
1198 struct {
1199 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1200 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1201 } in;
1202 struct {
1203 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1204 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1205 } out;
1206 } DUMMYSTRUCTNAME;
1207 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1208 #endif
1209
1210 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
1211
1212 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1213
1214
1215 #if (NTDDI_VERSION >= NTDDI_VISTA)
1216
1217 typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
1218 PVOID Context;
1219 } PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
1220
1221 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
1222
1223 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1224
1225 #if (NTDDI_VERSION >= NTDDI_WIN7)
1226
1227 DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
1228 DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
1229
1230 typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
1231
1232 typedef struct _NFS_OPEN_ECP_CONTEXT {
1233 PUNICODE_STRING ExportAlias;
1234 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
1235 } NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
1236
1237 typedef struct _SRV_OPEN_ECP_CONTEXT {
1238 PUNICODE_STRING ShareName;
1239 PSOCKADDR_STORAGE_NFS SocketAddress;
1240 BOOLEAN OplockBlockState;
1241 BOOLEAN OplockAppState;
1242 BOOLEAN OplockFinalState;
1243 } SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
1244
1245 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1246
1247 #define PIN_WAIT (1)
1248 #define PIN_EXCLUSIVE (2)
1249 #define PIN_NO_READ (4)
1250 #define PIN_IF_BCB (8)
1251 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
1252 #define PIN_HIGH_PRIORITY (64)
1253
1254 #define MAP_WAIT 1
1255 #define MAP_NO_READ (16)
1256 #define MAP_HIGH_PRIORITY (64)
1257
1258 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
1259 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
1260
1261 typedef struct _QUERY_PATH_REQUEST {
1262 ULONG PathNameLength;
1263 PIO_SECURITY_CONTEXT SecurityContext;
1264 WCHAR FilePathName[1];
1265 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
1266
1267 typedef struct _QUERY_PATH_REQUEST_EX {
1268 PIO_SECURITY_CONTEXT pSecurityContext;
1269 ULONG EaLength;
1270 PVOID pEaBuffer;
1271 UNICODE_STRING PathName;
1272 UNICODE_STRING DomainServiceName;
1273 ULONG_PTR Reserved[ 3 ];
1274 } QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
1275
1276 typedef struct _QUERY_PATH_RESPONSE {
1277 ULONG LengthAccepted;
1278 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
1279
1280 #define VOLSNAPCONTROLTYPE 0x00000053
1281 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
1282
1283 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
1284 #pragma pack(push,4)
1285
1286 #ifndef VER_PRODUCTBUILD
1287 #define VER_PRODUCTBUILD 10000
1288 #endif
1289
1290 #include "csq.h"
1291
1292 #define FS_LFN_APIS 0x00004000
1293
1294 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
1295 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
1296 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
1297 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
1298 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
1299 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
1300 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
1301 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
1302 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
1303 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
1304 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
1305 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
1306 #define FILE_STORAGE_TYPE_MASK 0x000f0000
1307 #define FILE_STORAGE_TYPE_SHIFT 16
1308
1309 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
1310
1311 #ifdef _X86_
1312 #define HARDWARE_PTE HARDWARE_PTE_X86
1313 #define PHARDWARE_PTE PHARDWARE_PTE_X86
1314 #endif
1315
1316 #define IO_ATTACH_DEVICE_API 0x80000000
1317
1318 #define IO_TYPE_APC 18
1319 #define IO_TYPE_DPC 19
1320 #define IO_TYPE_DEVICE_QUEUE 20
1321 #define IO_TYPE_EVENT_PAIR 21
1322 #define IO_TYPE_INTERRUPT 22
1323 #define IO_TYPE_PROFILE 23
1324
1325 #define IRP_BEING_VERIFIED 0x10
1326
1327 #define MAILSLOT_CLASS_FIRSTCLASS 1
1328 #define MAILSLOT_CLASS_SECONDCLASS 2
1329
1330 #define MAILSLOT_SIZE_AUTO 0
1331
1332 #define MEM_DOS_LIM 0x40000000
1333
1334 #define OB_TYPE_TYPE 1
1335 #define OB_TYPE_DIRECTORY 2
1336 #define OB_TYPE_SYMBOLIC_LINK 3
1337 #define OB_TYPE_TOKEN 4
1338 #define OB_TYPE_PROCESS 5
1339 #define OB_TYPE_THREAD 6
1340 #define OB_TYPE_EVENT 7
1341 #define OB_TYPE_EVENT_PAIR 8
1342 #define OB_TYPE_MUTANT 9
1343 #define OB_TYPE_SEMAPHORE 10
1344 #define OB_TYPE_TIMER 11
1345 #define OB_TYPE_PROFILE 12
1346 #define OB_TYPE_WINDOW_STATION 13
1347 #define OB_TYPE_DESKTOP 14
1348 #define OB_TYPE_SECTION 15
1349 #define OB_TYPE_KEY 16
1350 #define OB_TYPE_PORT 17
1351 #define OB_TYPE_ADAPTER 18
1352 #define OB_TYPE_CONTROLLER 19
1353 #define OB_TYPE_DEVICE 20
1354 #define OB_TYPE_DRIVER 21
1355 #define OB_TYPE_IO_COMPLETION 22
1356 #define OB_TYPE_FILE 23
1357
1358 #define SEC_BASED 0x00200000
1359
1360 /* end winnt.h */
1361
1362 #define TOKEN_HAS_ADMIN_GROUP 0x08
1363
1364 #if (VER_PRODUCTBUILD >= 1381)
1365 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
1366 #endif /* (VER_PRODUCTBUILD >= 1381) */
1367
1368 #if (VER_PRODUCTBUILD >= 2195)
1369
1370 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
1371 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
1372
1373 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
1374
1375 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
1376 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
1377 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
1378 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
1379 #endif /* (VER_PRODUCTBUILD >= 2195) */
1380
1381 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
1382 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
1383 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
1384 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
1385 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
1386 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
1387 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
1388 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
1389
1390 typedef enum _FILE_STORAGE_TYPE {
1391 StorageTypeDefault = 1,
1392 StorageTypeDirectory,
1393 StorageTypeFile,
1394 StorageTypeJunctionPoint,
1395 StorageTypeCatalog,
1396 StorageTypeStructuredStorage,
1397 StorageTypeEmbedding,
1398 StorageTypeStream
1399 } FILE_STORAGE_TYPE;
1400
1401 typedef struct _OBJECT_BASIC_INFORMATION
1402 {
1403 ULONG Attributes;
1404 ACCESS_MASK GrantedAccess;
1405 ULONG HandleCount;
1406 ULONG PointerCount;
1407 ULONG PagedPoolCharge;
1408 ULONG NonPagedPoolCharge;
1409 ULONG Reserved[ 3 ];
1410 ULONG NameInfoSize;
1411 ULONG TypeInfoSize;
1412 ULONG SecurityDescriptorSize;
1413 LARGE_INTEGER CreationTime;
1414 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
1415
1416 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
1417 BOOLEAN ReplaceIfExists;
1418 HANDLE RootDirectory;
1419 ULONG FileNameLength;
1420 WCHAR FileName[1];
1421 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
1422
1423 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
1424 ULONG NextEntryOffset;
1425 ULONG FileIndex;
1426 LARGE_INTEGER CreationTime;
1427 LARGE_INTEGER LastAccessTime;
1428 LARGE_INTEGER LastWriteTime;
1429 LARGE_INTEGER ChangeTime;
1430 LARGE_INTEGER EndOfFile;
1431 LARGE_INTEGER AllocationSize;
1432 ULONG FileAttributes;
1433 ULONG FileNameLength;
1434 ULONG EaSize;
1435 WCHAR FileName[ANYSIZE_ARRAY];
1436 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
1437
1438 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1439 typedef struct _FILE_SHARED_LOCK_ENTRY {
1440 PVOID Unknown1;
1441 PVOID Unknown2;
1442 FILE_LOCK_INFO FileLock;
1443 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
1444
1445 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1446 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
1447 LIST_ENTRY ListEntry;
1448 PVOID Unknown1;
1449 PVOID Unknown2;
1450 FILE_LOCK_INFO FileLock;
1451 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
1452
1453 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
1454 ULONG ReadDataAvailable;
1455 ULONG NumberOfMessages;
1456 ULONG MessageLength;
1457 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
1458
1459 typedef struct _FILE_OLE_CLASSID_INFORMATION {
1460 GUID ClassId;
1461 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
1462
1463 typedef struct _FILE_OLE_ALL_INFORMATION {
1464 FILE_BASIC_INFORMATION BasicInformation;
1465 FILE_STANDARD_INFORMATION StandardInformation;
1466 FILE_INTERNAL_INFORMATION InternalInformation;
1467 FILE_EA_INFORMATION EaInformation;
1468 FILE_ACCESS_INFORMATION AccessInformation;
1469 FILE_POSITION_INFORMATION PositionInformation;
1470 FILE_MODE_INFORMATION ModeInformation;
1471 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1472 USN LastChangeUsn;
1473 USN ReplicationUsn;
1474 LARGE_INTEGER SecurityChangeTime;
1475 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1476 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1477 FILE_STORAGE_TYPE StorageType;
1478 ULONG OleStateBits;
1479 ULONG OleId;
1480 ULONG NumberOfStreamReferences;
1481 ULONG StreamIndex;
1482 ULONG SecurityId;
1483 BOOLEAN ContentIndexDisable;
1484 BOOLEAN InheritContentIndexDisable;
1485 FILE_NAME_INFORMATION NameInformation;
1486 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
1487
1488 typedef struct _FILE_OLE_DIR_INFORMATION {
1489 ULONG NextEntryOffset;
1490 ULONG FileIndex;
1491 LARGE_INTEGER CreationTime;
1492 LARGE_INTEGER LastAccessTime;
1493 LARGE_INTEGER LastWriteTime;
1494 LARGE_INTEGER ChangeTime;
1495 LARGE_INTEGER EndOfFile;
1496 LARGE_INTEGER AllocationSize;
1497 ULONG FileAttributes;
1498 ULONG FileNameLength;
1499 FILE_STORAGE_TYPE StorageType;
1500 GUID OleClassId;
1501 ULONG OleStateBits;
1502 BOOLEAN ContentIndexDisable;
1503 BOOLEAN InheritContentIndexDisable;
1504 WCHAR FileName[1];
1505 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
1506
1507 typedef struct _FILE_OLE_INFORMATION {
1508 LARGE_INTEGER SecurityChangeTime;
1509 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1510 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1511 FILE_STORAGE_TYPE StorageType;
1512 ULONG OleStateBits;
1513 BOOLEAN ContentIndexDisable;
1514 BOOLEAN InheritContentIndexDisable;
1515 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
1516
1517 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
1518 ULONG StateBits;
1519 ULONG StateBitsMask;
1520 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
1521
1522 typedef struct _MAPPING_PAIR {
1523 ULONGLONG Vcn;
1524 ULONGLONG Lcn;
1525 } MAPPING_PAIR, *PMAPPING_PAIR;
1526
1527 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
1528 ULONG NumberOfPairs;
1529 ULONGLONG StartVcn;
1530 MAPPING_PAIR Pair[1];
1531 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
1532
1533 typedef struct _MOVEFILE_DESCRIPTOR {
1534 HANDLE FileHandle;
1535 ULONG Reserved;
1536 LARGE_INTEGER StartVcn;
1537 LARGE_INTEGER TargetLcn;
1538 ULONG NumVcns;
1539 ULONG Reserved1;
1540 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
1541
1542 typedef struct _OBJECT_BASIC_INFO {
1543 ULONG Attributes;
1544 ACCESS_MASK GrantedAccess;
1545 ULONG HandleCount;
1546 ULONG ReferenceCount;
1547 ULONG PagedPoolUsage;
1548 ULONG NonPagedPoolUsage;
1549 ULONG Reserved[3];
1550 ULONG NameInformationLength;
1551 ULONG TypeInformationLength;
1552 ULONG SecurityDescriptorLength;
1553 LARGE_INTEGER CreateTime;
1554 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
1555
1556 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
1557 BOOLEAN Inherit;
1558 BOOLEAN ProtectFromClose;
1559 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
1560
1561 typedef struct _OBJECT_NAME_INFO {
1562 UNICODE_STRING ObjectName;
1563 WCHAR ObjectNameBuffer[1];
1564 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
1565
1566 typedef struct _OBJECT_PROTECTION_INFO {
1567 BOOLEAN Inherit;
1568 BOOLEAN ProtectHandle;
1569 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
1570
1571 typedef struct _OBJECT_TYPE_INFO {
1572 UNICODE_STRING ObjectTypeName;
1573 UCHAR Unknown[0x58];
1574 WCHAR ObjectTypeNameBuffer[1];
1575 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
1576
1577 typedef struct _OBJECT_ALL_TYPES_INFO {
1578 ULONG NumberOfObjectTypes;
1579 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
1580 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
1581
1582 #if defined(USE_LPC6432)
1583 #define LPC_CLIENT_ID CLIENT_ID64
1584 #define LPC_SIZE_T ULONGLONG
1585 #define LPC_PVOID ULONGLONG
1586 #define LPC_HANDLE ULONGLONG
1587 #else
1588 #define LPC_CLIENT_ID CLIENT_ID
1589 #define LPC_SIZE_T SIZE_T
1590 #define LPC_PVOID PVOID
1591 #define LPC_HANDLE HANDLE
1592 #endif
1593
1594 typedef struct _PORT_MESSAGE
1595 {
1596 union
1597 {
1598 struct
1599 {
1600 CSHORT DataLength;
1601 CSHORT TotalLength;
1602 } s1;
1603 ULONG Length;
1604 } u1;
1605 union
1606 {
1607 struct
1608 {
1609 CSHORT Type;
1610 CSHORT DataInfoOffset;
1611 } s2;
1612 ULONG ZeroInit;
1613 } u2;
1614 __GNU_EXTENSION union
1615 {
1616 LPC_CLIENT_ID ClientId;
1617 double DoNotUseThisField;
1618 };
1619 ULONG MessageId;
1620 __GNU_EXTENSION union
1621 {
1622 LPC_SIZE_T ClientViewSize;
1623 ULONG CallbackId;
1624 };
1625 } PORT_MESSAGE, *PPORT_MESSAGE;
1626
1627 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1628
1629 typedef struct _PORT_VIEW
1630 {
1631 ULONG Length;
1632 LPC_HANDLE SectionHandle;
1633 ULONG SectionOffset;
1634 LPC_SIZE_T ViewSize;
1635 LPC_PVOID ViewBase;
1636 LPC_PVOID ViewRemoteBase;
1637 } PORT_VIEW, *PPORT_VIEW;
1638
1639 typedef struct _REMOTE_PORT_VIEW
1640 {
1641 ULONG Length;
1642 LPC_SIZE_T ViewSize;
1643 LPC_PVOID ViewBase;
1644 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
1645
1646 typedef struct _VAD_HEADER {
1647 PVOID StartVPN;
1648 PVOID EndVPN;
1649 struct _VAD_HEADER* ParentLink;
1650 struct _VAD_HEADER* LeftLink;
1651 struct _VAD_HEADER* RightLink;
1652 ULONG Flags; /* LSB = CommitCharge */
1653 PVOID ControlArea;
1654 PVOID FirstProtoPte;
1655 PVOID LastPTE;
1656 ULONG Unknown;
1657 LIST_ENTRY Secured;
1658 } VAD_HEADER, *PVAD_HEADER;
1659
1660 NTKERNELAPI
1661 LARGE_INTEGER
1662 NTAPI
1663 CcGetLsnForFileObject (
1664 _In_ PFILE_OBJECT FileObject,
1665 _Out_opt_ PLARGE_INTEGER OldestLsn
1666 );
1667
1668 NTKERNELAPI
1669 PVOID
1670 NTAPI
1671 FsRtlAllocatePool (
1672 _In_ POOL_TYPE PoolType,
1673 _In_ ULONG NumberOfBytes
1674 );
1675
1676 NTKERNELAPI
1677 PVOID
1678 NTAPI
1679 FsRtlAllocatePoolWithQuota (
1680 _In_ POOL_TYPE PoolType,
1681 _In_ ULONG NumberOfBytes
1682 );
1683
1684 NTKERNELAPI
1685 PVOID
1686 NTAPI
1687 FsRtlAllocatePoolWithQuotaTag (
1688 _In_ POOL_TYPE PoolType,
1689 _In_ ULONG NumberOfBytes,
1690 _In_ ULONG Tag
1691 );
1692
1693 NTKERNELAPI
1694 PVOID
1695 NTAPI
1696 FsRtlAllocatePoolWithTag (
1697 _In_ POOL_TYPE PoolType,
1698 _In_ ULONG NumberOfBytes,
1699 _In_ ULONG Tag
1700 );
1701
1702 NTKERNELAPI
1703 BOOLEAN
1704 NTAPI
1705 FsRtlMdlReadComplete (
1706 _In_ PFILE_OBJECT FileObject,
1707 _In_ PMDL MdlChain
1708 );
1709
1710 NTKERNELAPI
1711 BOOLEAN
1712 NTAPI
1713 FsRtlMdlWriteComplete (
1714 _In_ PFILE_OBJECT FileObject,
1715 _In_ PLARGE_INTEGER FileOffset,
1716 _In_ PMDL MdlChain
1717 );
1718
1719 NTKERNELAPI
1720 VOID
1721 NTAPI
1722 FsRtlNotifyChangeDirectory (
1723 _In_ PNOTIFY_SYNC NotifySync,
1724 _In_ PVOID FsContext,
1725 _In_ PSTRING FullDirectoryName,
1726 _In_ PLIST_ENTRY NotifyList,
1727 _In_ BOOLEAN WatchTree,
1728 _In_ ULONG CompletionFilter,
1729 _In_ PIRP NotifyIrp
1730 );
1731
1732 #if 1
1733 NTKERNELAPI
1734 NTSTATUS
1735 NTAPI
1736 ObCreateObject(
1737 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode,
1738 _In_ POBJECT_TYPE ObjectType,
1739 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
1740 _In_ KPROCESSOR_MODE AccessMode,
1741 _Inout_opt_ PVOID ParseContext,
1742 _In_ ULONG ObjectSize,
1743 _In_opt_ ULONG PagedPoolCharge,
1744 _In_opt_ ULONG NonPagedPoolCharge,
1745 _Out_ PVOID *Object
1746 );
1747
1748 NTKERNELAPI
1749 NTSTATUS
1750 NTAPI
1751 ObReferenceObjectByName (
1752 _In_ PUNICODE_STRING ObjectName,
1753 _In_ ULONG Attributes,
1754 _In_opt_ PACCESS_STATE PassedAccessState,
1755 _In_opt_ ACCESS_MASK DesiredAccess,
1756 _In_ POBJECT_TYPE ObjectType,
1757 _In_ KPROCESSOR_MODE AccessMode,
1758 _Inout_opt_ PVOID ParseContext,
1759 _Out_ PVOID *Object
1760 );
1761
1762 #define PsDereferenceImpersonationToken(T) \
1763 {if (ARGUMENT_PRESENT(T)) { \
1764 (ObDereferenceObject((T))); \
1765 } else { \
1766 ; \
1767 } \
1768 }
1769
1770 NTKERNELAPI
1771 NTSTATUS
1772 NTAPI
1773 PsLookupProcessThreadByCid (
1774 _In_ PCLIENT_ID Cid,
1775 _Out_opt_ PEPROCESS *Process,
1776 _Out_ PETHREAD *Thread
1777 );
1778
1779 NTSYSAPI
1780 NTSTATUS
1781 NTAPI
1782 RtlSetSaclSecurityDescriptor (
1783 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1784 _In_ BOOLEAN SaclPresent,
1785 _In_ PACL Sacl,
1786 _In_ BOOLEAN SaclDefaulted
1787 );
1788
1789 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
1790
1791 #endif
1792
1793 #pragma pack(pop)
1794
1795 #ifdef __cplusplus
1796 }
1797 #endif