af6712bb4db86f912bab0b1e11075e72d9156a80
[reactos.git] / reactos / include / xdk / ntifs.template.h
1 /*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24 #pragma once
25
26 #define _NTIFS_INCLUDED_
27 #define _GNU_NTIFS_
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 /* Dependencies */
34 #include <ntddk.h>
35 #include <excpt.h>
36 #include <ntdef.h>
37 #include <ntnls.h>
38 #include <ntstatus.h>
39 #include <bugcodes.h>
40 #include <ntiologc.h>
41
42 $define (_NTIFS_)
43
44 #ifndef FlagOn
45 #define FlagOn(_F,_SF) ((_F) & (_SF))
46 #endif
47
48 #ifndef BooleanFlagOn
49 #define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
50 #endif
51
52 #ifndef SetFlag
53 #define SetFlag(_F,_SF) ((_F) |= (_SF))
54 #endif
55
56 #ifndef ClearFlag
57 #define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
58 #endif
59
60 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
61 typedef STRING LSA_STRING, *PLSA_STRING;
62 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
63
64 $include (setypes.h)
65 $include (obtypes.h)
66 $include (rtltypes.h)
67 $include (rtlfuncs.h)
68
69 _IRQL_requires_max_(PASSIVE_LEVEL)
70 __kernel_entry
71 NTSYSCALLAPI
72 NTSTATUS
73 NTAPI
74 NtQueryObject(
75 _In_opt_ HANDLE Handle,
76 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
77 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
78 _In_ ULONG ObjectInformationLength,
79 _Out_opt_ PULONG ReturnLength);
80
81 #if (NTDDI_VERSION >= NTDDI_WIN2K)
82
83 _Must_inspect_result_
84 __kernel_entry
85 NTSYSCALLAPI
86 NTSTATUS
87 NTAPI
88 NtOpenThreadToken(
89 _In_ HANDLE ThreadHandle,
90 _In_ ACCESS_MASK DesiredAccess,
91 _In_ BOOLEAN OpenAsSelf,
92 _Out_ PHANDLE TokenHandle);
93
94 _Must_inspect_result_
95 __kernel_entry
96 NTSYSCALLAPI
97 NTSTATUS
98 NTAPI
99 NtOpenProcessToken(
100 _In_ HANDLE ProcessHandle,
101 _In_ ACCESS_MASK DesiredAccess,
102 _Out_ PHANDLE TokenHandle);
103
104 _When_(TokenInformationClass == TokenAccessInformation,
105 _At_(TokenInformationLength,
106 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
107 _Must_inspect_result_
108 __kernel_entry
109 NTSYSCALLAPI
110 NTSTATUS
111 NTAPI
112 NtQueryInformationToken(
113 _In_ HANDLE TokenHandle,
114 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
115 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
116 _In_ ULONG TokenInformationLength,
117 _Out_ PULONG ReturnLength);
118
119 _Must_inspect_result_
120 __kernel_entry
121 NTSYSCALLAPI
122 NTSTATUS
123 NTAPI
124 NtAdjustPrivilegesToken(
125 _In_ HANDLE TokenHandle,
126 _In_ BOOLEAN DisableAllPrivileges,
127 _In_opt_ PTOKEN_PRIVILEGES NewState,
128 _In_ ULONG BufferLength,
129 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
130 _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
131
132 __kernel_entry
133 NTSYSCALLAPI
134 NTSTATUS
135 NTAPI
136 NtCreateFile(
137 _Out_ PHANDLE FileHandle,
138 _In_ ACCESS_MASK DesiredAccess,
139 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
140 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
141 _In_opt_ PLARGE_INTEGER AllocationSize,
142 _In_ ULONG FileAttributes,
143 _In_ ULONG ShareAccess,
144 _In_ ULONG CreateDisposition,
145 _In_ ULONG CreateOptions,
146 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
147 _In_ ULONG EaLength);
148
149 __kernel_entry
150 NTSYSCALLAPI
151 NTSTATUS
152 NTAPI
153 NtDeviceIoControlFile(
154 _In_ HANDLE FileHandle,
155 _In_opt_ HANDLE Event,
156 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
157 _In_opt_ PVOID ApcContext,
158 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
159 _In_ ULONG IoControlCode,
160 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
161 _In_ ULONG InputBufferLength,
162 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
163 _In_ ULONG OutputBufferLength);
164
165 __kernel_entry
166 NTSYSCALLAPI
167 NTSTATUS
168 NTAPI
169 NtFsControlFile(
170 _In_ HANDLE FileHandle,
171 _In_opt_ HANDLE Event,
172 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
173 _In_opt_ PVOID ApcContext,
174 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
175 _In_ ULONG FsControlCode,
176 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
177 _In_ ULONG InputBufferLength,
178 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
179 _In_ ULONG OutputBufferLength);
180
181 __kernel_entry
182 NTSYSCALLAPI
183 NTSTATUS
184 NTAPI
185 NtLockFile(
186 _In_ HANDLE FileHandle,
187 _In_opt_ HANDLE Event,
188 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
189 _In_opt_ PVOID ApcContext,
190 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
191 _In_ PLARGE_INTEGER ByteOffset,
192 _In_ PLARGE_INTEGER Length,
193 _In_ ULONG Key,
194 _In_ BOOLEAN FailImmediately,
195 _In_ BOOLEAN ExclusiveLock);
196
197 __kernel_entry
198 NTSYSCALLAPI
199 NTSTATUS
200 NTAPI
201 NtOpenFile(
202 _Out_ PHANDLE FileHandle,
203 _In_ ACCESS_MASK DesiredAccess,
204 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
205 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
206 _In_ ULONG ShareAccess,
207 _In_ ULONG OpenOptions);
208
209 __kernel_entry
210 NTSYSCALLAPI
211 NTSTATUS
212 NTAPI
213 NtQueryDirectoryFile(
214 _In_ HANDLE FileHandle,
215 _In_opt_ HANDLE Event,
216 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
217 _In_opt_ PVOID ApcContext,
218 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
219 _Out_writes_bytes_(Length) PVOID FileInformation,
220 _In_ ULONG Length,
221 _In_ FILE_INFORMATION_CLASS FileInformationClass,
222 _In_ BOOLEAN ReturnSingleEntry,
223 _In_opt_ PUNICODE_STRING FileName,
224 _In_ BOOLEAN RestartScan);
225
226 __kernel_entry
227 NTSYSCALLAPI
228 NTSTATUS
229 NTAPI
230 NtQueryInformationFile(
231 _In_ HANDLE FileHandle,
232 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
233 _Out_writes_bytes_(Length) PVOID FileInformation,
234 _In_ ULONG Length,
235 _In_ FILE_INFORMATION_CLASS FileInformationClass);
236
237 __kernel_entry
238 NTSYSCALLAPI
239 NTSTATUS
240 NTAPI
241 NtQueryQuotaInformationFile(
242 _In_ HANDLE FileHandle,
243 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
244 _Out_writes_bytes_(Length) PVOID Buffer,
245 _In_ ULONG Length,
246 _In_ BOOLEAN ReturnSingleEntry,
247 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
248 _In_ ULONG SidListLength,
249 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
250 _In_ BOOLEAN RestartScan);
251
252 __kernel_entry
253 NTSYSCALLAPI
254 NTSTATUS
255 NTAPI
256 NtQueryVolumeInformationFile(
257 _In_ HANDLE FileHandle,
258 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
259 _Out_writes_bytes_(Length) PVOID FsInformation,
260 _In_ ULONG Length,
261 _In_ FS_INFORMATION_CLASS FsInformationClass);
262
263 __kernel_entry
264 NTSYSCALLAPI
265 NTSTATUS
266 NTAPI
267 NtReadFile(
268 _In_ HANDLE FileHandle,
269 _In_opt_ HANDLE Event,
270 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
271 _In_opt_ PVOID ApcContext,
272 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
273 _Out_writes_bytes_(Length) PVOID Buffer,
274 _In_ ULONG Length,
275 _In_opt_ PLARGE_INTEGER ByteOffset,
276 _In_opt_ PULONG Key);
277
278 __kernel_entry
279 NTSYSCALLAPI
280 NTSTATUS
281 NTAPI
282 NtSetInformationFile(
283 _In_ HANDLE FileHandle,
284 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
285 _In_reads_bytes_(Length) PVOID FileInformation,
286 _In_ ULONG Length,
287 _In_ FILE_INFORMATION_CLASS FileInformationClass);
288
289 __kernel_entry
290 NTSYSCALLAPI
291 NTSTATUS
292 NTAPI
293 NtSetQuotaInformationFile(
294 _In_ HANDLE FileHandle,
295 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
296 _In_reads_bytes_(Length) PVOID Buffer,
297 _In_ ULONG Length);
298
299 __kernel_entry
300 NTSYSCALLAPI
301 NTSTATUS
302 NTAPI
303 NtSetVolumeInformationFile(
304 _In_ HANDLE FileHandle,
305 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
306 _In_reads_bytes_(Length) PVOID FsInformation,
307 _In_ ULONG Length,
308 _In_ FS_INFORMATION_CLASS FsInformationClass);
309
310 __kernel_entry
311 NTSYSCALLAPI
312 NTSTATUS
313 NTAPI
314 NtWriteFile(
315 _In_ HANDLE FileHandle,
316 _In_opt_ HANDLE Event,
317 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
318 _In_opt_ PVOID ApcContext,
319 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
320 _In_reads_bytes_(Length) PVOID Buffer,
321 _In_ ULONG Length,
322 _In_opt_ PLARGE_INTEGER ByteOffset,
323 _In_opt_ PULONG Key);
324
325 __kernel_entry
326 NTSYSCALLAPI
327 NTSTATUS
328 NTAPI
329 NtUnlockFile(
330 _In_ HANDLE FileHandle,
331 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
332 _In_ PLARGE_INTEGER ByteOffset,
333 _In_ PLARGE_INTEGER Length,
334 _In_ ULONG Key);
335
336 _IRQL_requires_max_(PASSIVE_LEVEL)
337 __kernel_entry
338 NTSYSCALLAPI
339 NTSTATUS
340 NTAPI
341 NtSetSecurityObject(
342 _In_ HANDLE Handle,
343 _In_ SECURITY_INFORMATION SecurityInformation,
344 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
345
346 _IRQL_requires_max_(PASSIVE_LEVEL)
347 __kernel_entry
348 NTSYSCALLAPI
349 NTSTATUS
350 NTAPI
351 NtQuerySecurityObject(
352 _In_ HANDLE Handle,
353 _In_ SECURITY_INFORMATION SecurityInformation,
354 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
355 _In_ ULONG Length,
356 _Out_ PULONG LengthNeeded);
357
358 _IRQL_requires_max_(PASSIVE_LEVEL)
359 __kernel_entry
360 NTSYSCALLAPI
361 NTSTATUS
362 NTAPI
363 NtClose(
364 _In_ HANDLE Handle);
365
366 #endif
367
368 #if (NTDDI_VERSION >= NTDDI_WINXP)
369
370 _Must_inspect_result_
371 __kernel_entry
372 NTSYSCALLAPI
373 NTSTATUS
374 NTAPI
375 NtOpenThreadTokenEx(
376 _In_ HANDLE ThreadHandle,
377 _In_ ACCESS_MASK DesiredAccess,
378 _In_ BOOLEAN OpenAsSelf,
379 _In_ ULONG HandleAttributes,
380 _Out_ PHANDLE TokenHandle);
381
382 _Must_inspect_result_
383 __kernel_entry
384 NTSYSCALLAPI
385 NTSTATUS
386 NTAPI
387 NtOpenProcessTokenEx(
388 _In_ HANDLE ProcessHandle,
389 _In_ ACCESS_MASK DesiredAccess,
390 _In_ ULONG HandleAttributes,
391 _Out_ PHANDLE TokenHandle);
392
393 _Must_inspect_result_
394 NTSYSAPI
395 NTSTATUS
396 NTAPI
397 NtOpenJobObjectToken(
398 _In_ HANDLE JobHandle,
399 _In_ ACCESS_MASK DesiredAccess,
400 _Out_ PHANDLE TokenHandle);
401
402 _Must_inspect_result_
403 __kernel_entry
404 NTSYSCALLAPI
405 NTSTATUS
406 NTAPI
407 NtDuplicateToken(
408 _In_ HANDLE ExistingTokenHandle,
409 _In_ ACCESS_MASK DesiredAccess,
410 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
411 _In_ BOOLEAN EffectiveOnly,
412 _In_ TOKEN_TYPE TokenType,
413 _Out_ PHANDLE NewTokenHandle);
414
415 _Must_inspect_result_
416 __kernel_entry
417 NTSYSCALLAPI
418 NTSTATUS
419 NTAPI
420 NtFilterToken(
421 _In_ HANDLE ExistingTokenHandle,
422 _In_ ULONG Flags,
423 _In_opt_ PTOKEN_GROUPS SidsToDisable,
424 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
425 _In_opt_ PTOKEN_GROUPS RestrictedSids,
426 _Out_ PHANDLE NewTokenHandle);
427
428 _Must_inspect_result_
429 __kernel_entry
430 NTSYSCALLAPI
431 NTSTATUS
432 NTAPI
433 NtImpersonateAnonymousToken(
434 _In_ HANDLE ThreadHandle);
435
436 _Must_inspect_result_
437 __kernel_entry
438 NTSYSCALLAPI
439 NTSTATUS
440 NTAPI
441 NtSetInformationToken(
442 _In_ HANDLE TokenHandle,
443 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
444 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
445 _In_ ULONG TokenInformationLength);
446
447 _Must_inspect_result_
448 __kernel_entry
449 NTSYSCALLAPI
450 NTSTATUS
451 NTAPI
452 NtAdjustGroupsToken(
453 _In_ HANDLE TokenHandle,
454 _In_ BOOLEAN ResetToDefault,
455 _In_opt_ PTOKEN_GROUPS NewState,
456 _In_opt_ ULONG BufferLength,
457 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
458 _Out_ PULONG ReturnLength);
459
460 _Must_inspect_result_
461 __kernel_entry
462 NTSYSCALLAPI
463 NTSTATUS
464 NTAPI
465 NtPrivilegeCheck(
466 _In_ HANDLE ClientToken,
467 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
468 _Out_ PBOOLEAN Result);
469
470 _Must_inspect_result_
471 __kernel_entry
472 NTSYSCALLAPI
473 NTSTATUS
474 NTAPI
475 NtAccessCheckAndAuditAlarm(
476 _In_ PUNICODE_STRING SubsystemName,
477 _In_opt_ PVOID HandleId,
478 _In_ PUNICODE_STRING ObjectTypeName,
479 _In_ PUNICODE_STRING ObjectName,
480 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
481 _In_ ACCESS_MASK DesiredAccess,
482 _In_ PGENERIC_MAPPING GenericMapping,
483 _In_ BOOLEAN ObjectCreation,
484 _Out_ PACCESS_MASK GrantedAccess,
485 _Out_ PNTSTATUS AccessStatus,
486 _Out_ PBOOLEAN GenerateOnClose);
487
488 _Must_inspect_result_
489 __kernel_entry
490 NTSYSCALLAPI
491 NTSTATUS
492 NTAPI
493 NtAccessCheckByTypeAndAuditAlarm(
494 _In_ PUNICODE_STRING SubsystemName,
495 _In_opt_ PVOID HandleId,
496 _In_ PUNICODE_STRING ObjectTypeName,
497 _In_ PUNICODE_STRING ObjectName,
498 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
499 _In_opt_ PSID PrincipalSelfSid,
500 _In_ ACCESS_MASK DesiredAccess,
501 _In_ AUDIT_EVENT_TYPE AuditType,
502 _In_ ULONG Flags,
503 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
504 _In_ ULONG ObjectTypeLength,
505 _In_ PGENERIC_MAPPING GenericMapping,
506 _In_ BOOLEAN ObjectCreation,
507 _Out_ PACCESS_MASK GrantedAccess,
508 _Out_ PNTSTATUS AccessStatus,
509 _Out_ PBOOLEAN GenerateOnClose);
510
511 _Must_inspect_result_
512 __kernel_entry
513 NTSYSCALLAPI
514 NTSTATUS
515 NTAPI
516 NtAccessCheckByTypeResultListAndAuditAlarm(
517 _In_ PUNICODE_STRING SubsystemName,
518 _In_opt_ PVOID HandleId,
519 _In_ PUNICODE_STRING ObjectTypeName,
520 _In_ PUNICODE_STRING ObjectName,
521 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
522 _In_opt_ PSID PrincipalSelfSid,
523 _In_ ACCESS_MASK DesiredAccess,
524 _In_ AUDIT_EVENT_TYPE AuditType,
525 _In_ ULONG Flags,
526 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
527 _In_ ULONG ObjectTypeListLength,
528 _In_ PGENERIC_MAPPING GenericMapping,
529 _In_ BOOLEAN ObjectCreation,
530 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
531 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
532 _Out_ PBOOLEAN GenerateOnClose);
533
534 _Must_inspect_result_
535 __kernel_entry
536 NTSYSCALLAPI
537 NTSTATUS
538 NTAPI
539 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
540 _In_ PUNICODE_STRING SubsystemName,
541 _In_opt_ PVOID HandleId,
542 _In_ HANDLE ClientToken,
543 _In_ PUNICODE_STRING ObjectTypeName,
544 _In_ PUNICODE_STRING ObjectName,
545 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
546 _In_opt_ PSID PrincipalSelfSid,
547 _In_ ACCESS_MASK DesiredAccess,
548 _In_ AUDIT_EVENT_TYPE AuditType,
549 _In_ ULONG Flags,
550 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
551 _In_ ULONG ObjectTypeListLength,
552 _In_ PGENERIC_MAPPING GenericMapping,
553 _In_ BOOLEAN ObjectCreation,
554 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
555 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
556 _Out_ PBOOLEAN GenerateOnClose);
557
558 __kernel_entry
559 NTSYSCALLAPI
560 NTSTATUS
561 NTAPI
562 NtOpenObjectAuditAlarm(
563 _In_ PUNICODE_STRING SubsystemName,
564 _In_opt_ PVOID HandleId,
565 _In_ PUNICODE_STRING ObjectTypeName,
566 _In_ PUNICODE_STRING ObjectName,
567 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
568 _In_ HANDLE ClientToken,
569 _In_ ACCESS_MASK DesiredAccess,
570 _In_ ACCESS_MASK GrantedAccess,
571 _In_opt_ PPRIVILEGE_SET Privileges,
572 _In_ BOOLEAN ObjectCreation,
573 _In_ BOOLEAN AccessGranted,
574 _Out_ PBOOLEAN GenerateOnClose);
575
576 __kernel_entry
577 NTSYSCALLAPI
578 NTSTATUS
579 NTAPI
580 NtPrivilegeObjectAuditAlarm(
581 _In_ PUNICODE_STRING SubsystemName,
582 _In_opt_ PVOID HandleId,
583 _In_ HANDLE ClientToken,
584 _In_ ACCESS_MASK DesiredAccess,
585 _In_ PPRIVILEGE_SET Privileges,
586 _In_ BOOLEAN AccessGranted);
587
588 __kernel_entry
589 NTSYSCALLAPI
590 NTSTATUS
591 NTAPI
592 NtCloseObjectAuditAlarm(
593 _In_ PUNICODE_STRING SubsystemName,
594 _In_opt_ PVOID HandleId,
595 _In_ BOOLEAN GenerateOnClose);
596
597 __kernel_entry
598 NTSYSCALLAPI
599 NTSTATUS
600 NTAPI
601 NtDeleteObjectAuditAlarm(
602 _In_ PUNICODE_STRING SubsystemName,
603 _In_opt_ PVOID HandleId,
604 _In_ BOOLEAN GenerateOnClose);
605
606 __kernel_entry
607 NTSYSCALLAPI
608 NTSTATUS
609 NTAPI
610 NtPrivilegedServiceAuditAlarm(
611 _In_ PUNICODE_STRING SubsystemName,
612 _In_ PUNICODE_STRING ServiceName,
613 _In_ HANDLE ClientToken,
614 _In_ PPRIVILEGE_SET Privileges,
615 _In_ BOOLEAN AccessGranted);
616
617 __kernel_entry
618 NTSYSCALLAPI
619 NTSTATUS
620 NTAPI
621 NtSetInformationThread(
622 _In_ HANDLE ThreadHandle,
623 _In_ THREADINFOCLASS ThreadInformationClass,
624 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
625 _In_ ULONG ThreadInformationLength);
626
627 _Must_inspect_result_
628 __kernel_entry
629 NTSYSCALLAPI
630 NTSTATUS
631 NTAPI
632 NtCreateSection(
633 _Out_ PHANDLE SectionHandle,
634 _In_ ACCESS_MASK DesiredAccess,
635 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
636 _In_opt_ PLARGE_INTEGER MaximumSize,
637 _In_ ULONG SectionPageProtection,
638 _In_ ULONG AllocationAttributes,
639 _In_opt_ HANDLE FileHandle);
640
641 #endif
642
643 #define COMPRESSION_FORMAT_NONE (0x0000)
644 #define COMPRESSION_FORMAT_DEFAULT (0x0001)
645 #define COMPRESSION_FORMAT_LZNT1 (0x0002)
646 #define COMPRESSION_ENGINE_STANDARD (0x0000)
647 #define COMPRESSION_ENGINE_MAXIMUM (0x0100)
648 #define COMPRESSION_ENGINE_HIBER (0x0200)
649
650 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
651
652 #define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
653
654 #define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
655 #define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
656
657 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
658
659 typedef enum _SECURITY_LOGON_TYPE {
660 UndefinedLogonType = 0,
661 Interactive = 2,
662 Network,
663 Batch,
664 Service,
665 Proxy,
666 Unlock,
667 NetworkCleartext,
668 NewCredentials,
669 #if (_WIN32_WINNT >= 0x0501)
670 RemoteInteractive,
671 CachedInteractive,
672 #endif
673 #if (_WIN32_WINNT >= 0x0502)
674 CachedRemoteInteractive,
675 CachedUnlock
676 #endif
677 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
678
679 #ifndef _NTLSA_AUDIT_
680 #define _NTLSA_AUDIT_
681
682 #ifndef GUID_DEFINED
683 #include <guiddef.h>
684 #endif
685
686 #endif /* _NTLSA_AUDIT_ */
687
688 _IRQL_requires_same_
689 _IRQL_requires_max_(PASSIVE_LEVEL)
690 NTSTATUS
691 NTAPI
692 LsaRegisterLogonProcess(
693 _In_ PLSA_STRING LogonProcessName,
694 _Out_ PHANDLE LsaHandle,
695 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
696
697 _IRQL_requires_same_
698 _IRQL_requires_max_(PASSIVE_LEVEL)
699 NTSTATUS
700 NTAPI
701 LsaLogonUser(
702 _In_ HANDLE LsaHandle,
703 _In_ PLSA_STRING OriginName,
704 _In_ SECURITY_LOGON_TYPE LogonType,
705 _In_ ULONG AuthenticationPackage,
706 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
707 _In_ ULONG AuthenticationInformationLength,
708 _In_opt_ PTOKEN_GROUPS LocalGroups,
709 _In_ PTOKEN_SOURCE SourceContext,
710 _Out_ PVOID *ProfileBuffer,
711 _Out_ PULONG ProfileBufferLength,
712 _Inout_ PLUID LogonId,
713 _Out_ PHANDLE Token,
714 _Out_ PQUOTA_LIMITS Quotas,
715 _Out_ PNTSTATUS SubStatus);
716
717 _IRQL_requires_same_
718 NTSTATUS
719 NTAPI
720 LsaFreeReturnBuffer(
721 _In_ PVOID Buffer);
722
723 #ifndef _NTLSA_IFS_
724 #define _NTLSA_IFS_
725 #endif
726
727 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
728 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
729 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
730
731 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
732 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
733
734 #define MSV1_0_CHALLENGE_LENGTH 8
735 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
736 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
737
738 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
739 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
740 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
741 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
742 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
743 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
744 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
745 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
746 #define MSV1_0_RETURN_PROFILE_PATH 0x200
747 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
748 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
749
750 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
751 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
752
753 #if (_WIN32_WINNT >= 0x0502)
754 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
755 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
756 #endif
757
758 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
759 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
760
761 #if (_WIN32_WINNT >= 0x0600)
762 #define MSV1_0_S4U2SELF 0x00020000
763 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
764 #endif
765
766 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
767 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
768 #define MSV1_0_MNS_LOGON 0x01000000
769
770 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
771 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
772
773 #define LOGON_GUEST 0x01
774 #define LOGON_NOENCRYPTION 0x02
775 #define LOGON_CACHED_ACCOUNT 0x04
776 #define LOGON_USED_LM_PASSWORD 0x08
777 #define LOGON_EXTRA_SIDS 0x20
778 #define LOGON_SUBAUTH_SESSION_KEY 0x40
779 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
780 #define LOGON_NTLMV2_ENABLED 0x100
781 #define LOGON_RESOURCE_GROUPS 0x200
782 #define LOGON_PROFILE_PATH_RETURNED 0x400
783 #define LOGON_NT_V2 0x800
784 #define LOGON_LM_V2 0x1000
785 #define LOGON_NTLM_V2 0x2000
786
787 #if (_WIN32_WINNT >= 0x0600)
788
789 #define LOGON_OPTIMIZED 0x4000
790 #define LOGON_WINLOGON 0x8000
791 #define LOGON_PKINIT 0x10000
792 #define LOGON_NO_OPTIMIZED 0x20000
793
794 #endif
795
796 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
797
798 #define LOGON_GRACE_LOGON 0x01000000
799
800 #define MSV1_0_OWF_PASSWORD_LENGTH 16
801 #define MSV1_0_CRED_LM_PRESENT 0x1
802 #define MSV1_0_CRED_NT_PRESENT 0x2
803 #define MSV1_0_CRED_VERSION 0
804
805 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
806 #define MSV1_0_NTLM3_OWF_LENGTH 16
807
808 #if (_WIN32_WINNT == 0x0500)
809 #define MSV1_0_MAX_NTLM3_LIFE 1800
810 #else
811 #define MSV1_0_MAX_NTLM3_LIFE 129600
812 #endif
813 #define MSV1_0_MAX_AVL_SIZE 64000
814
815 #if (_WIN32_WINNT >= 0x0501)
816
817 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
818
819 #if (_WIN32_WINNT >= 0x0600)
820 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
821 #endif
822
823 #endif
824
825 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
826
827 #if(_WIN32_WINNT >= 0x0502)
828 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
829 #endif
830
831 #define USE_PRIMARY_PASSWORD 0x01
832 #define RETURN_PRIMARY_USERNAME 0x02
833 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
834 #define RETURN_NON_NT_USER_SESSION_KEY 0x08
835 #define GENERATE_CLIENT_CHALLENGE 0x10
836 #define GCR_NTLM3_PARMS 0x20
837 #define GCR_TARGET_INFO 0x40
838 #define RETURN_RESERVED_PARAMETER 0x80
839 #define GCR_ALLOW_NTLM 0x100
840 #define GCR_USE_OEM_SET 0x200
841 #define GCR_MACHINE_CREDENTIAL 0x400
842 #define GCR_USE_OWF_PASSWORD 0x800
843 #define GCR_ALLOW_LM 0x1000
844 #define GCR_ALLOW_NO_TARGET 0x2000
845
846 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
847 MsV1_0InteractiveLogon = 2,
848 MsV1_0Lm20Logon,
849 MsV1_0NetworkLogon,
850 MsV1_0SubAuthLogon,
851 MsV1_0WorkstationUnlockLogon = 7,
852 MsV1_0S4ULogon = 12,
853 MsV1_0VirtualLogon = 82
854 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
855
856 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
857 MsV1_0InteractiveProfile = 2,
858 MsV1_0Lm20LogonProfile,
859 MsV1_0SmartCardProfile
860 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
861
862 typedef struct _MSV1_0_INTERACTIVE_LOGON {
863 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
864 UNICODE_STRING LogonDomainName;
865 UNICODE_STRING UserName;
866 UNICODE_STRING Password;
867 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
868
869 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
870 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
871 USHORT LogonCount;
872 USHORT BadPasswordCount;
873 LARGE_INTEGER LogonTime;
874 LARGE_INTEGER LogoffTime;
875 LARGE_INTEGER KickOffTime;
876 LARGE_INTEGER PasswordLastSet;
877 LARGE_INTEGER PasswordCanChange;
878 LARGE_INTEGER PasswordMustChange;
879 UNICODE_STRING LogonScript;
880 UNICODE_STRING HomeDirectory;
881 UNICODE_STRING FullName;
882 UNICODE_STRING ProfilePath;
883 UNICODE_STRING HomeDirectoryDrive;
884 UNICODE_STRING LogonServer;
885 ULONG UserFlags;
886 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
887
888 typedef struct _MSV1_0_LM20_LOGON {
889 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
890 UNICODE_STRING LogonDomainName;
891 UNICODE_STRING UserName;
892 UNICODE_STRING Workstation;
893 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
894 STRING CaseSensitiveChallengeResponse;
895 STRING CaseInsensitiveChallengeResponse;
896 ULONG ParameterControl;
897 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
898
899 typedef struct _MSV1_0_SUBAUTH_LOGON {
900 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
901 UNICODE_STRING LogonDomainName;
902 UNICODE_STRING UserName;
903 UNICODE_STRING Workstation;
904 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
905 STRING AuthenticationInfo1;
906 STRING AuthenticationInfo2;
907 ULONG ParameterControl;
908 ULONG SubAuthPackageId;
909 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
910
911 #if (_WIN32_WINNT >= 0x0600)
912
913 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
914
915 typedef struct _MSV1_0_S4U_LOGON {
916 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
917 ULONG Flags;
918 UNICODE_STRING UserPrincipalName;
919 UNICODE_STRING DomainName;
920 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
921
922 #endif
923
924 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
925 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
926 LARGE_INTEGER KickOffTime;
927 LARGE_INTEGER LogoffTime;
928 ULONG UserFlags;
929 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
930 UNICODE_STRING LogonDomainName;
931 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
932 UNICODE_STRING LogonServer;
933 UNICODE_STRING UserParameters;
934 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
935
936 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
937 ULONG Version;
938 ULONG Flags;
939 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
940 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
941 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
942
943 typedef struct _MSV1_0_NTLM3_RESPONSE {
944 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
945 UCHAR RespType;
946 UCHAR HiRespType;
947 USHORT Flags;
948 ULONG MsgWord;
949 ULONGLONG TimeStamp;
950 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
951 ULONG AvPairsOff;
952 UCHAR Buffer[1];
953 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
954
955 typedef enum _MSV1_0_AVID {
956 MsvAvEOL,
957 MsvAvNbComputerName,
958 MsvAvNbDomainName,
959 MsvAvDnsComputerName,
960 MsvAvDnsDomainName,
961 #if (_WIN32_WINNT >= 0x0501)
962 MsvAvDnsTreeName,
963 MsvAvFlags,
964 #if (_WIN32_WINNT >= 0x0600)
965 MsvAvTimestamp,
966 MsvAvRestrictions,
967 MsvAvTargetName,
968 MsvAvChannelBindings,
969 #endif
970 #endif
971 } MSV1_0_AVID;
972
973 typedef struct _MSV1_0_AV_PAIR {
974 USHORT AvId;
975 USHORT AvLen;
976 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
977
978 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
979 MsV1_0Lm20ChallengeRequest = 0,
980 MsV1_0Lm20GetChallengeResponse,
981 MsV1_0EnumerateUsers,
982 MsV1_0GetUserInfo,
983 MsV1_0ReLogonUsers,
984 MsV1_0ChangePassword,
985 MsV1_0ChangeCachedPassword,
986 MsV1_0GenericPassthrough,
987 MsV1_0CacheLogon,
988 MsV1_0SubAuth,
989 MsV1_0DeriveCredential,
990 MsV1_0CacheLookup,
991 #if (_WIN32_WINNT >= 0x0501)
992 MsV1_0SetProcessOption,
993 #endif
994 #if (_WIN32_WINNT >= 0x0600)
995 MsV1_0ConfigLocalAliases,
996 MsV1_0ClearCachedCredentials,
997 #endif
998 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
999
1000 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
1001 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1002 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
1003
1004 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
1005 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1006 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1007 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
1008
1009 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
1010 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1011 ULONG ParameterControl;
1012 LUID LogonId;
1013 UNICODE_STRING Password;
1014 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1015 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
1016
1017 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
1018 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1019 ULONG ParameterControl;
1020 LUID LogonId;
1021 UNICODE_STRING Password;
1022 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1023 UNICODE_STRING UserName;
1024 UNICODE_STRING LogonDomainName;
1025 UNICODE_STRING ServerName;
1026 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
1027
1028 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
1029 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1030 STRING CaseSensitiveChallengeResponse;
1031 STRING CaseInsensitiveChallengeResponse;
1032 UNICODE_STRING UserName;
1033 UNICODE_STRING LogonDomainName;
1034 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1035 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1036 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
1037
1038 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
1039 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1040 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
1041
1042 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
1043 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1044 ULONG NumberOfLoggedOnUsers;
1045 PLUID LogonIds;
1046 PULONG EnumHandles;
1047 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
1048
1049 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
1050 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1051 LUID LogonId;
1052 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
1053
1054 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
1055 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1056 PSID UserSid;
1057 UNICODE_STRING UserName;
1058 UNICODE_STRING LogonDomainName;
1059 UNICODE_STRING LogonServer;
1060 SECURITY_LOGON_TYPE LogonType;
1061 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
1062
1063 $include (iotypes.h)
1064
1065 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
1066 ULONG Attributes;
1067 ACCESS_MASK GrantedAccess;
1068 ULONG HandleCount;
1069 ULONG PointerCount;
1070 ULONG Reserved[10];
1071 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
1072
1073 typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
1074 UNICODE_STRING TypeName;
1075 ULONG Reserved [22];
1076 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
1077
1078 #define SYSTEM_PAGE_PRIORITY_BITS 3
1079 #define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
1080
1081 $include (ketypes.h)
1082 $include (kefuncs.h)
1083 $include (extypes.h)
1084 $include (exfuncs.h)
1085 $include (sefuncs.h)
1086 $include (psfuncs.h)
1087 $include (iofuncs.h)
1088 $include (potypes.h)
1089 $include (pofuncs.h)
1090 $include (mmtypes.h)
1091 $include (mmfuncs.h)
1092 $include (obfuncs.h)
1093 $include (fsrtltypes.h)
1094 $include (fsrtlfuncs.h)
1095 $include (cctypes.h)
1096 $include (ccfuncs.h)
1097 $include (zwfuncs.h)
1098 $include (sspi.h)
1099
1100 /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
1101 #if defined(_WIN64)
1102 C_ASSERT(sizeof(ERESOURCE) == 0x68);
1103 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
1104 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
1105 #else
1106 C_ASSERT(sizeof(ERESOURCE) == 0x38);
1107 C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
1108 C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
1109 #endif
1110 /* #endif */
1111
1112 #if defined(_IA64_)
1113 #if (NTDDI_VERSION >= NTDDI_WIN2K)
1114 //DECLSPEC_DEPRECATED_DDK
1115 NTHALAPI
1116 ULONG
1117 NTAPI
1118 HalGetDmaAlignmentRequirement(
1119 VOID);
1120 #endif
1121 #endif
1122
1123 #if defined(_M_IX86) || defined(_M_AMD64)
1124 #define HalGetDmaAlignmentRequirement() 1L
1125 #endif
1126
1127 #ifdef _NTSYSTEM_
1128 extern PUSHORT NlsOemLeadByteInfo;
1129 #define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
1130 #else
1131 __CREATE_NTOS_DATA_IMPORT_ALIAS(NlsOemLeadByteInfo)
1132 extern PUSHORT *NlsOemLeadByteInfo;
1133 #define NLS_OEM_LEAD_BYTE_INFO (*NlsOemLeadByteInfo)
1134 #endif
1135
1136 #if (NTDDI_VERSION >= NTDDI_VISTA)
1137
1138 typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
1139 NetworkOpenLocationAny,
1140 NetworkOpenLocationRemote,
1141 NetworkOpenLocationLoopback
1142 } NETWORK_OPEN_LOCATION_QUALIFIER;
1143
1144 typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
1145 NetworkOpenIntegrityAny,
1146 NetworkOpenIntegrityNone,
1147 NetworkOpenIntegritySigned,
1148 NetworkOpenIntegrityEncrypted,
1149 NetworkOpenIntegrityMaximum
1150 } NETWORK_OPEN_INTEGRITY_QUALIFIER;
1151
1152 #if (NTDDI_VERSION >= NTDDI_WIN7)
1153
1154 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
1155 #define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
1156 #define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
1157
1158 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1159 USHORT Size;
1160 USHORT Reserved;
1161 _ANONYMOUS_STRUCT struct {
1162 struct {
1163 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1164 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1165 ULONG Flags;
1166 } in;
1167 struct {
1168 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1169 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1170 ULONG Flags;
1171 } out;
1172 } DUMMYSTRUCTNAME;
1173 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1174
1175 typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
1176 USHORT Size;
1177 USHORT Reserved;
1178 _ANONYMOUS_STRUCT struct {
1179 struct {
1180 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1181 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1182 } in;
1183 struct {
1184 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1185 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1186 } out;
1187 } DUMMYSTRUCTNAME;
1188 } NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
1189
1190 #elif (NTDDI_VERSION >= NTDDI_VISTA)
1191 typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1192 USHORT Size;
1193 USHORT Reserved;
1194 _ANONYMOUS_STRUCT struct {
1195 struct {
1196 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1197 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1198 } in;
1199 struct {
1200 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1201 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1202 } out;
1203 } DUMMYSTRUCTNAME;
1204 } NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1205 #endif
1206
1207 DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
1208
1209 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1210
1211
1212 #if (NTDDI_VERSION >= NTDDI_VISTA)
1213
1214 typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
1215 PVOID Context;
1216 } PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
1217
1218 DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
1219
1220 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1221
1222 #if (NTDDI_VERSION >= NTDDI_WIN7)
1223
1224 DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
1225 DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
1226
1227 typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
1228
1229 typedef struct _NFS_OPEN_ECP_CONTEXT {
1230 PUNICODE_STRING ExportAlias;
1231 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
1232 } NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
1233
1234 typedef struct _SRV_OPEN_ECP_CONTEXT {
1235 PUNICODE_STRING ShareName;
1236 PSOCKADDR_STORAGE_NFS SocketAddress;
1237 BOOLEAN OplockBlockState;
1238 BOOLEAN OplockAppState;
1239 BOOLEAN OplockFinalState;
1240 } SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
1241
1242 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1243
1244 #define PIN_WAIT (1)
1245 #define PIN_EXCLUSIVE (2)
1246 #define PIN_NO_READ (4)
1247 #define PIN_IF_BCB (8)
1248 #define PIN_CALLER_TRACKS_DIRTY_DATA (32)
1249 #define PIN_HIGH_PRIORITY (64)
1250
1251 #define MAP_WAIT 1
1252 #define MAP_NO_READ (16)
1253 #define MAP_HIGH_PRIORITY (64)
1254
1255 #define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
1256 #define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
1257
1258 typedef struct _QUERY_PATH_REQUEST {
1259 ULONG PathNameLength;
1260 PIO_SECURITY_CONTEXT SecurityContext;
1261 WCHAR FilePathName[1];
1262 } QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
1263
1264 typedef struct _QUERY_PATH_REQUEST_EX {
1265 PIO_SECURITY_CONTEXT pSecurityContext;
1266 ULONG EaLength;
1267 PVOID pEaBuffer;
1268 UNICODE_STRING PathName;
1269 UNICODE_STRING DomainServiceName;
1270 ULONG_PTR Reserved[ 3 ];
1271 } QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
1272
1273 typedef struct _QUERY_PATH_RESPONSE {
1274 ULONG LengthAccepted;
1275 } QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
1276
1277 #define VOLSNAPCONTROLTYPE 0x00000053
1278 #define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
1279
1280 /* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
1281 #pragma pack(push,4)
1282
1283 #ifndef VER_PRODUCTBUILD
1284 #define VER_PRODUCTBUILD 10000
1285 #endif
1286
1287 #include "csq.h"
1288
1289 #define FS_LFN_APIS 0x00004000
1290
1291 #define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
1292 #define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
1293 #define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
1294 #define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
1295 #define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
1296 #define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
1297 #define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
1298 #define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
1299 #define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
1300 #define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
1301 #define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
1302 #define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
1303 #define FILE_STORAGE_TYPE_MASK 0x000f0000
1304 #define FILE_STORAGE_TYPE_SHIFT 16
1305
1306 #define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
1307
1308 #ifdef _X86_
1309 #define HARDWARE_PTE HARDWARE_PTE_X86
1310 #define PHARDWARE_PTE PHARDWARE_PTE_X86
1311 #endif
1312
1313 #define IO_ATTACH_DEVICE_API 0x80000000
1314
1315 #define IO_TYPE_APC 18
1316 #define IO_TYPE_DPC 19
1317 #define IO_TYPE_DEVICE_QUEUE 20
1318 #define IO_TYPE_EVENT_PAIR 21
1319 #define IO_TYPE_INTERRUPT 22
1320 #define IO_TYPE_PROFILE 23
1321
1322 #define IRP_BEING_VERIFIED 0x10
1323
1324 #define MAILSLOT_CLASS_FIRSTCLASS 1
1325 #define MAILSLOT_CLASS_SECONDCLASS 2
1326
1327 #define MAILSLOT_SIZE_AUTO 0
1328
1329 #define MEM_DOS_LIM 0x40000000
1330
1331 #define OB_TYPE_TYPE 1
1332 #define OB_TYPE_DIRECTORY 2
1333 #define OB_TYPE_SYMBOLIC_LINK 3
1334 #define OB_TYPE_TOKEN 4
1335 #define OB_TYPE_PROCESS 5
1336 #define OB_TYPE_THREAD 6
1337 #define OB_TYPE_EVENT 7
1338 #define OB_TYPE_EVENT_PAIR 8
1339 #define OB_TYPE_MUTANT 9
1340 #define OB_TYPE_SEMAPHORE 10
1341 #define OB_TYPE_TIMER 11
1342 #define OB_TYPE_PROFILE 12
1343 #define OB_TYPE_WINDOW_STATION 13
1344 #define OB_TYPE_DESKTOP 14
1345 #define OB_TYPE_SECTION 15
1346 #define OB_TYPE_KEY 16
1347 #define OB_TYPE_PORT 17
1348 #define OB_TYPE_ADAPTER 18
1349 #define OB_TYPE_CONTROLLER 19
1350 #define OB_TYPE_DEVICE 20
1351 #define OB_TYPE_DRIVER 21
1352 #define OB_TYPE_IO_COMPLETION 22
1353 #define OB_TYPE_FILE 23
1354
1355 #define SEC_BASED 0x00200000
1356
1357 /* end winnt.h */
1358
1359 #define TOKEN_HAS_ADMIN_GROUP 0x08
1360
1361 #if (VER_PRODUCTBUILD >= 1381)
1362 #define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
1363 #endif /* (VER_PRODUCTBUILD >= 1381) */
1364
1365 #if (VER_PRODUCTBUILD >= 2195)
1366
1367 #define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
1368 #define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
1369
1370 #define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
1371
1372 #define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
1373 #define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
1374 #define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
1375 #define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
1376 #endif /* (VER_PRODUCTBUILD >= 2195) */
1377
1378 #define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
1379 #define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
1380 #define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
1381 #define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
1382 #define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
1383 #define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
1384 #define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
1385 #define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
1386
1387 typedef enum _FILE_STORAGE_TYPE {
1388 StorageTypeDefault = 1,
1389 StorageTypeDirectory,
1390 StorageTypeFile,
1391 StorageTypeJunctionPoint,
1392 StorageTypeCatalog,
1393 StorageTypeStructuredStorage,
1394 StorageTypeEmbedding,
1395 StorageTypeStream
1396 } FILE_STORAGE_TYPE;
1397
1398 typedef struct _OBJECT_BASIC_INFORMATION
1399 {
1400 ULONG Attributes;
1401 ACCESS_MASK GrantedAccess;
1402 ULONG HandleCount;
1403 ULONG PointerCount;
1404 ULONG PagedPoolCharge;
1405 ULONG NonPagedPoolCharge;
1406 ULONG Reserved[ 3 ];
1407 ULONG NameInfoSize;
1408 ULONG TypeInfoSize;
1409 ULONG SecurityDescriptorSize;
1410 LARGE_INTEGER CreationTime;
1411 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
1412
1413 typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
1414 BOOLEAN ReplaceIfExists;
1415 HANDLE RootDirectory;
1416 ULONG FileNameLength;
1417 WCHAR FileName[1];
1418 } FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
1419
1420 typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
1421 ULONG NextEntryOffset;
1422 ULONG FileIndex;
1423 LARGE_INTEGER CreationTime;
1424 LARGE_INTEGER LastAccessTime;
1425 LARGE_INTEGER LastWriteTime;
1426 LARGE_INTEGER ChangeTime;
1427 LARGE_INTEGER EndOfFile;
1428 LARGE_INTEGER AllocationSize;
1429 ULONG FileAttributes;
1430 ULONG FileNameLength;
1431 ULONG EaSize;
1432 WCHAR FileName[ANYSIZE_ARRAY];
1433 } FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
1434
1435 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1436 typedef struct _FILE_SHARED_LOCK_ENTRY {
1437 PVOID Unknown1;
1438 PVOID Unknown2;
1439 FILE_LOCK_INFO FileLock;
1440 } FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
1441
1442 /* raw internal file lock struct returned from FsRtlGetNextFileLock */
1443 typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
1444 LIST_ENTRY ListEntry;
1445 PVOID Unknown1;
1446 PVOID Unknown2;
1447 FILE_LOCK_INFO FileLock;
1448 } FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
1449
1450 typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
1451 ULONG ReadDataAvailable;
1452 ULONG NumberOfMessages;
1453 ULONG MessageLength;
1454 } FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
1455
1456 typedef struct _FILE_OLE_CLASSID_INFORMATION {
1457 GUID ClassId;
1458 } FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
1459
1460 typedef struct _FILE_OLE_ALL_INFORMATION {
1461 FILE_BASIC_INFORMATION BasicInformation;
1462 FILE_STANDARD_INFORMATION StandardInformation;
1463 FILE_INTERNAL_INFORMATION InternalInformation;
1464 FILE_EA_INFORMATION EaInformation;
1465 FILE_ACCESS_INFORMATION AccessInformation;
1466 FILE_POSITION_INFORMATION PositionInformation;
1467 FILE_MODE_INFORMATION ModeInformation;
1468 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1469 USN LastChangeUsn;
1470 USN ReplicationUsn;
1471 LARGE_INTEGER SecurityChangeTime;
1472 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1473 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1474 FILE_STORAGE_TYPE StorageType;
1475 ULONG OleStateBits;
1476 ULONG OleId;
1477 ULONG NumberOfStreamReferences;
1478 ULONG StreamIndex;
1479 ULONG SecurityId;
1480 BOOLEAN ContentIndexDisable;
1481 BOOLEAN InheritContentIndexDisable;
1482 FILE_NAME_INFORMATION NameInformation;
1483 } FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
1484
1485 typedef struct _FILE_OLE_DIR_INFORMATION {
1486 ULONG NextEntryOffset;
1487 ULONG FileIndex;
1488 LARGE_INTEGER CreationTime;
1489 LARGE_INTEGER LastAccessTime;
1490 LARGE_INTEGER LastWriteTime;
1491 LARGE_INTEGER ChangeTime;
1492 LARGE_INTEGER EndOfFile;
1493 LARGE_INTEGER AllocationSize;
1494 ULONG FileAttributes;
1495 ULONG FileNameLength;
1496 FILE_STORAGE_TYPE StorageType;
1497 GUID OleClassId;
1498 ULONG OleStateBits;
1499 BOOLEAN ContentIndexDisable;
1500 BOOLEAN InheritContentIndexDisable;
1501 WCHAR FileName[1];
1502 } FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
1503
1504 typedef struct _FILE_OLE_INFORMATION {
1505 LARGE_INTEGER SecurityChangeTime;
1506 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1507 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1508 FILE_STORAGE_TYPE StorageType;
1509 ULONG OleStateBits;
1510 BOOLEAN ContentIndexDisable;
1511 BOOLEAN InheritContentIndexDisable;
1512 } FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
1513
1514 typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
1515 ULONG StateBits;
1516 ULONG StateBitsMask;
1517 } FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
1518
1519 typedef struct _MAPPING_PAIR {
1520 ULONGLONG Vcn;
1521 ULONGLONG Lcn;
1522 } MAPPING_PAIR, *PMAPPING_PAIR;
1523
1524 typedef struct _GET_RETRIEVAL_DESCRIPTOR {
1525 ULONG NumberOfPairs;
1526 ULONGLONG StartVcn;
1527 MAPPING_PAIR Pair[1];
1528 } GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
1529
1530 typedef struct _MOVEFILE_DESCRIPTOR {
1531 HANDLE FileHandle;
1532 ULONG Reserved;
1533 LARGE_INTEGER StartVcn;
1534 LARGE_INTEGER TargetLcn;
1535 ULONG NumVcns;
1536 ULONG Reserved1;
1537 } MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
1538
1539 typedef struct _OBJECT_BASIC_INFO {
1540 ULONG Attributes;
1541 ACCESS_MASK GrantedAccess;
1542 ULONG HandleCount;
1543 ULONG ReferenceCount;
1544 ULONG PagedPoolUsage;
1545 ULONG NonPagedPoolUsage;
1546 ULONG Reserved[3];
1547 ULONG NameInformationLength;
1548 ULONG TypeInformationLength;
1549 ULONG SecurityDescriptorLength;
1550 LARGE_INTEGER CreateTime;
1551 } OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
1552
1553 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
1554 BOOLEAN Inherit;
1555 BOOLEAN ProtectFromClose;
1556 } OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
1557
1558 typedef struct _OBJECT_NAME_INFO {
1559 UNICODE_STRING ObjectName;
1560 WCHAR ObjectNameBuffer[1];
1561 } OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
1562
1563 typedef struct _OBJECT_PROTECTION_INFO {
1564 BOOLEAN Inherit;
1565 BOOLEAN ProtectHandle;
1566 } OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
1567
1568 typedef struct _OBJECT_TYPE_INFO {
1569 UNICODE_STRING ObjectTypeName;
1570 UCHAR Unknown[0x58];
1571 WCHAR ObjectTypeNameBuffer[1];
1572 } OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
1573
1574 typedef struct _OBJECT_ALL_TYPES_INFO {
1575 ULONG NumberOfObjectTypes;
1576 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
1577 } OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
1578
1579 #if defined(USE_LPC6432)
1580 #define LPC_CLIENT_ID CLIENT_ID64
1581 #define LPC_SIZE_T ULONGLONG
1582 #define LPC_PVOID ULONGLONG
1583 #define LPC_HANDLE ULONGLONG
1584 #else
1585 #define LPC_CLIENT_ID CLIENT_ID
1586 #define LPC_SIZE_T SIZE_T
1587 #define LPC_PVOID PVOID
1588 #define LPC_HANDLE HANDLE
1589 #endif
1590
1591 typedef struct _PORT_MESSAGE
1592 {
1593 union
1594 {
1595 struct
1596 {
1597 CSHORT DataLength;
1598 CSHORT TotalLength;
1599 } s1;
1600 ULONG Length;
1601 } u1;
1602 union
1603 {
1604 struct
1605 {
1606 CSHORT Type;
1607 CSHORT DataInfoOffset;
1608 } s2;
1609 ULONG ZeroInit;
1610 } u2;
1611 __GNU_EXTENSION union
1612 {
1613 LPC_CLIENT_ID ClientId;
1614 double DoNotUseThisField;
1615 };
1616 ULONG MessageId;
1617 __GNU_EXTENSION union
1618 {
1619 LPC_SIZE_T ClientViewSize;
1620 ULONG CallbackId;
1621 };
1622 } PORT_MESSAGE, *PPORT_MESSAGE;
1623
1624 #define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1625
1626 typedef struct _PORT_VIEW
1627 {
1628 ULONG Length;
1629 LPC_HANDLE SectionHandle;
1630 ULONG SectionOffset;
1631 LPC_SIZE_T ViewSize;
1632 LPC_PVOID ViewBase;
1633 LPC_PVOID ViewRemoteBase;
1634 } PORT_VIEW, *PPORT_VIEW;
1635
1636 typedef struct _REMOTE_PORT_VIEW
1637 {
1638 ULONG Length;
1639 LPC_SIZE_T ViewSize;
1640 LPC_PVOID ViewBase;
1641 } REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
1642
1643 typedef struct _VAD_HEADER {
1644 PVOID StartVPN;
1645 PVOID EndVPN;
1646 struct _VAD_HEADER* ParentLink;
1647 struct _VAD_HEADER* LeftLink;
1648 struct _VAD_HEADER* RightLink;
1649 ULONG Flags; /* LSB = CommitCharge */
1650 PVOID ControlArea;
1651 PVOID FirstProtoPte;
1652 PVOID LastPTE;
1653 ULONG Unknown;
1654 LIST_ENTRY Secured;
1655 } VAD_HEADER, *PVAD_HEADER;
1656
1657 NTKERNELAPI
1658 LARGE_INTEGER
1659 NTAPI
1660 CcGetLsnForFileObject (
1661 _In_ PFILE_OBJECT FileObject,
1662 _Out_opt_ PLARGE_INTEGER OldestLsn
1663 );
1664
1665 NTKERNELAPI
1666 PVOID
1667 NTAPI
1668 FsRtlAllocatePool (
1669 _In_ POOL_TYPE PoolType,
1670 _In_ ULONG NumberOfBytes
1671 );
1672
1673 NTKERNELAPI
1674 PVOID
1675 NTAPI
1676 FsRtlAllocatePoolWithQuota (
1677 _In_ POOL_TYPE PoolType,
1678 _In_ ULONG NumberOfBytes
1679 );
1680
1681 NTKERNELAPI
1682 PVOID
1683 NTAPI
1684 FsRtlAllocatePoolWithQuotaTag (
1685 _In_ POOL_TYPE PoolType,
1686 _In_ ULONG NumberOfBytes,
1687 _In_ ULONG Tag
1688 );
1689
1690 NTKERNELAPI
1691 PVOID
1692 NTAPI
1693 FsRtlAllocatePoolWithTag (
1694 _In_ POOL_TYPE PoolType,
1695 _In_ ULONG NumberOfBytes,
1696 _In_ ULONG Tag
1697 );
1698
1699 NTKERNELAPI
1700 BOOLEAN
1701 NTAPI
1702 FsRtlMdlReadComplete (
1703 _In_ PFILE_OBJECT FileObject,
1704 _In_ PMDL MdlChain
1705 );
1706
1707 NTKERNELAPI
1708 BOOLEAN
1709 NTAPI
1710 FsRtlMdlWriteComplete (
1711 _In_ PFILE_OBJECT FileObject,
1712 _In_ PLARGE_INTEGER FileOffset,
1713 _In_ PMDL MdlChain
1714 );
1715
1716 NTKERNELAPI
1717 VOID
1718 NTAPI
1719 FsRtlNotifyChangeDirectory (
1720 _In_ PNOTIFY_SYNC NotifySync,
1721 _In_ PVOID FsContext,
1722 _In_ PSTRING FullDirectoryName,
1723 _In_ PLIST_ENTRY NotifyList,
1724 _In_ BOOLEAN WatchTree,
1725 _In_ ULONG CompletionFilter,
1726 _In_ PIRP NotifyIrp
1727 );
1728
1729 #if 1
1730 NTKERNELAPI
1731 NTSTATUS
1732 NTAPI
1733 ObCreateObject(
1734 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode,
1735 _In_ POBJECT_TYPE ObjectType,
1736 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
1737 _In_ KPROCESSOR_MODE AccessMode,
1738 _Inout_opt_ PVOID ParseContext,
1739 _In_ ULONG ObjectSize,
1740 _In_opt_ ULONG PagedPoolCharge,
1741 _In_opt_ ULONG NonPagedPoolCharge,
1742 _Out_ PVOID *Object
1743 );
1744
1745 NTKERNELAPI
1746 NTSTATUS
1747 NTAPI
1748 ObReferenceObjectByName (
1749 _In_ PUNICODE_STRING ObjectName,
1750 _In_ ULONG Attributes,
1751 _In_opt_ PACCESS_STATE PassedAccessState,
1752 _In_opt_ ACCESS_MASK DesiredAccess,
1753 _In_ POBJECT_TYPE ObjectType,
1754 _In_ KPROCESSOR_MODE AccessMode,
1755 _Inout_opt_ PVOID ParseContext,
1756 _Out_ PVOID *Object
1757 );
1758
1759 #define PsDereferenceImpersonationToken(T) \
1760 {if (ARGUMENT_PRESENT(T)) { \
1761 (ObDereferenceObject((T))); \
1762 } else { \
1763 ; \
1764 } \
1765 }
1766
1767 NTKERNELAPI
1768 NTSTATUS
1769 NTAPI
1770 PsLookupProcessThreadByCid (
1771 _In_ PCLIENT_ID Cid,
1772 _Out_opt_ PEPROCESS *Process,
1773 _Out_ PETHREAD *Thread
1774 );
1775
1776 NTSYSAPI
1777 NTSTATUS
1778 NTAPI
1779 RtlSetSaclSecurityDescriptor (
1780 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1781 _In_ BOOLEAN SaclPresent,
1782 _In_ PACL Sacl,
1783 _In_ BOOLEAN SaclDefaulted
1784 );
1785
1786 #define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
1787
1788 #endif
1789
1790 #pragma pack(pop)
1791
1792 #ifdef __cplusplus
1793 }
1794 #endif