#pragma GCC system_header
#endif
+#ifdef _NTOSKRNL_
+/* HACKHACKHACK!!! We shouldn't include this header from ntoskrnl! */
+#define NTKERNELAPI
+#else
+#define NTKERNELAPI DECLSPEC_IMPORT
+#endif
+
#include "ntddk.h"
#define _NTIFS_INCLUDED_
#pragma pack(push,4)
+#ifndef VER_PRODUCTBUILD
#define VER_PRODUCTBUILD 10000
+#endif
#ifndef NTSYSAPI
#define NTSYSAPI
#endif
-#ifndef NTKERNELAPI
-#if defined(_NTDRIVER_) || defined(_NTDDK_) || defined (_NTIFS_) || defined(_NTHAL_)
-#define NTKERNELAPI DECLSPEC_IMPORT
-#else
-#define NTKERNELAPI
-#endif
-#endif
+#define EX_PUSH_LOCK ULONG_PTR
+#define PEX_PUSH_LOCK PULONG_PTR
#include "csq.h"
extern LARGE_INTEGER IoWriteTransferCount;
extern LARGE_INTEGER IoOtherTransferCount;
+typedef STRING LSA_STRING, *PLSA_STRING;
+typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
+
+typedef enum _SECURITY_LOGON_TYPE
+{
+ UndefinedLogonType = 0,
+ Interactive = 2,
+ Network,
+ Batch,
+ Service,
+ Proxy,
+ Unlock,
+ NetworkCleartext,
+ NewCredentials,
+#if (_WIN32_WINNT >= 0x0501)
+ RemoteInteractive,
+ CachedInteractive,
+#endif
+#if (_WIN32_WINNT >= 0x0502)
+ CachedRemoteInteractive,
+ CachedUnlock
+#endif
+} SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
+
#define ANSI_DOS_STAR ('<')
#define ANSI_DOS_QM ('>')
#define ANSI_DOS_DOT ('"')
#define IO_ATTACH_DEVICE 0x0400
#define IO_ATTACH_DEVICE_API 0x80000000
-/* also in winnt.h */
-#define IO_COMPLETION_QUERY_STATE 0x0001
-#define IO_COMPLETION_MODIFY_STATE 0x0002
-#define IO_COMPLETION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x3)
-/* end winnt.h */
+
#define IO_FILE_OBJECT_NON_PAGED_POOL_CHARGE 64
#define IO_FILE_OBJECT_PAGED_POOL_CHARGE 1024
#define MAP_PROCESS 1L
#define MAP_SYSTEM 2L
#define MEM_DOS_LIM 0x40000000
-/* also in winnt.h */
-#define MEM_IMAGE SEC_IMAGE
-/* end winnt.h */
+
#define OB_TYPE_TYPE 1
#define OB_TYPE_DIRECTORY 2
#define OB_TYPE_SYMBOLIC_LINK 3
#define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
#define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
-/* also in winnt.h */
#define SEC_BASED 0x00200000
-#define SEC_NO_CHANGE 0x00400000
-#define SEC_FILE 0x00800000
-#define SEC_IMAGE 0x01000000
-#define SEC_VLM 0x02000000
-#define SEC_RESERVE 0x04000000
-#define SEC_COMMIT 0x08000000
-#define SEC_NOCACHE 0x10000000
#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
#define SECURITY_WORLD_RID (0x00000000L)
#define TOKEN_HAS_BACKUP_PRIVILEGE 0x02
#define TOKEN_HAS_RESTORE_PRIVILEGE 0x04
#define TOKEN_HAS_ADMIN_GROUP 0x08
+#define TOKEN_WRITE_RESTRICTED 0x08
#define TOKEN_IS_RESTRICTED 0x10
+#define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
#define VACB_MAPPING_GRANULARITY (0x40000)
#define VACB_OFFSET_SHIFT (18)
#define SE_RM_CONTROL_VALID 0x4000
#define SE_SELF_RELATIVE 0x8000
+#ifndef _WINNT_H
+#define _AUDIT_EVENT_TYPE_HACK 0
+#endif
+#if (_AUDIT_EVENT_TYPE_HACK == 1)
+
+#else
+typedef enum _AUDIT_EVENT_TYPE
+{
+ AuditEventObjectAccess,
+ AuditEventDirectoryServiceAccess
+} AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
+#endif
+
+#define AUDIT_ALLOW_NO_PRIVILEGE 0x1
+
#define FSCTL_REQUEST_OPLOCK_LEVEL_1 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define FSCTL_REQUEST_OPLOCK_LEVEL_2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define FSCTL_REQUEST_BATCH_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
TokenSandBoxInert,TokenAuditPolicy,TokenOrigin,
} TOKEN_INFORMATION_CLASS;
+#define SYMLINK_FLAG_RELATIVE 1
+
+typedef struct _REPARSE_DATA_BUFFER {
+ ULONG ReparseTag;
+ USHORT ReparseDataLength;
+ USHORT Reserved;
+ union {
+ struct {
+ USHORT SubstituteNameOffset;
+ USHORT SubstituteNameLength;
+ USHORT PrintNameOffset;
+ USHORT PrintNameLength;
+ ULONG Flags;
+ WCHAR PathBuffer[1];
+ } SymbolicLinkReparseBuffer;
+ struct {
+ USHORT SubstituteNameOffset;
+ USHORT SubstituteNameLength;
+ USHORT PrintNameOffset;
+ USHORT PrintNameLength;
+ WCHAR PathBuffer[1];
+ } MountPointReparseBuffer;
+ struct {
+ UCHAR DataBuffer[1];
+ } GenericReparseBuffer;
+ };
+} REPARSE_DATA_BUFFER, *PREPARSE_DATA_BUFFER;
+
+#define REPARSE_DATA_BUFFER_HEADER_SIZE FIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer)
+
typedef struct _FILE_ACCESS_INFORMATION {
ACCESS_MASK AccessFlags;
} FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
WCHAR VolumeLabel[1];
} FILE_FS_VOLUME_INFORMATION, *PFILE_FS_VOLUME_INFORMATION;
+typedef struct _FILE_FS_OBJECTID_INFORMATION
+{
+ UCHAR ObjectId[16];
+ UCHAR ExtendedInfo[48];
+} FILE_FS_OBJECTID_INFORMATION, *PFILE_FS_OBJECTID_INFORMATION;
+
+typedef struct _FILE_FS_DRIVER_PATH_INFORMATION
+{
+ BOOLEAN DriverInPath;
+ ULONG DriverNameLength;
+ WCHAR DriverName[1];
+} FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
+
typedef struct _FILE_FULL_DIR_INFORMATION {
ULONG NextEntryOffset;
ULONG FileIndex;
WCHAR FileName[1];
} FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
-typedef struct _FILE_LOCK_INFO {
- LARGE_INTEGER StartingByte;
- LARGE_INTEGER Length;
- BOOLEAN ExclusiveLock;
- ULONG Key;
- PFILE_OBJECT FileObject;
- PEPROCESS Process;
- LARGE_INTEGER EndingByte;
+typedef struct _FILE_LOCK_INFO
+{
+ LARGE_INTEGER StartingByte;
+ LARGE_INTEGER Length;
+ BOOLEAN ExclusiveLock;
+ ULONG Key;
+ PFILE_OBJECT FileObject;
+ PVOID ProcessId;
+ LARGE_INTEGER EndingByte;
} FILE_LOCK_INFO, *PFILE_LOCK_INFO;
+typedef struct _FILE_REPARSE_POINT_INFORMATION
+{
+ LONGLONG FileReference;
+ ULONG Tag;
+} FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
+
+typedef struct _FILE_MOVE_CLUSTER_INFORMATION
+{
+ ULONG ClusterCount;
+ HANDLE RootDirectory;
+ ULONG FileNameLength;
+ WCHAR FileName[1];
+} FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
+
/* raw internal file lock struct returned from FsRtlGetNextFileLock */
typedef struct _FILE_SHARED_LOCK_ENTRY {
PVOID Unknown1;
PFREE_FUNCTION FreeCallback;
} FSRTL_PER_STREAM_CONTEXT, *PFSRTL_PER_STREAM_CONTEXT;
+typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT
+{
+ LIST_ENTRY Links;
+ PVOID OwnerId;
+ PVOID InstanceId;
+} FSRTL_PER_FILEOBJECT_CONTEXT, *PFSRTL_PER_FILEOBJECT_CONTEXT;
+
#endif /* (VER_PRODUCTBUILD >= 2600) */
typedef struct _BASE_MCB
{
ULONG MaximumPairCount;
ULONG PairCount;
- POOL_TYPE PoolType;
+ USHORT PoolType;
+ USHORT Flags;
PVOID Mapping;
-} BASE_MCB;
-typedef BASE_MCB *PBASE_MCB;
+} BASE_MCB, *PBASE_MCB;
-typedef struct _LARGE_MCB {
- PFAST_MUTEX FastMutex;
- ULONG MaximumPairCount;
- ULONG PairCount;
- POOL_TYPE PoolType;
- PVOID Mapping;
-} LARGE_MCB;
-typedef LARGE_MCB *PLARGE_MCB;
+typedef struct _LARGE_MCB
+{
+ PKGUARDED_MUTEX GuardedMutex;
+ BASE_MCB BaseMcb;
+} LARGE_MCB, *PLARGE_MCB;
-typedef struct _MCB
+typedef struct _MCB
{
LARGE_MCB DummyFieldThatSizesThisStructureCorrectly;
-} MCB;
-typedef MCB *PMCB;
+} MCB, *PMCB;
typedef struct _GENERATE_NAME_CONTEXT {
USHORT Checksum;
MAPPING_PAIR Pair[1];
} GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
-typedef struct _IO_COMPLETION_BASIC_INFORMATION {
- LONG Depth;
-} IO_COMPLETION_BASIC_INFORMATION, *PIO_COMPLETION_BASIC_INFORMATION;
-
typedef struct _KQUEUE {
DISPATCHER_HEADER Header;
LIST_ENTRY EntryListHead;
LIST_ENTRY ThreadListHead;
} KQUEUE, *PKQUEUE, *RESTRICTED_POINTER PRKQUEUE;
+#define ASSERT_QUEUE(Q) ASSERT(((Q)->Header.Type & KOBJECT_TYPE_MASK) == QueueObject);
+
typedef struct _MBCB {
CSHORT NodeTypeCode;
CSHORT NodeIsInZone;
WCHAR Name[1];
} PATHNAME_BUFFER, *PPATHNAME_BUFFER;
-#if (VER_PRODUCTBUILD >= 2600)
+typedef enum _RTL_GENERIC_COMPARE_RESULTS
+{
+ GenericLessThan,
+ GenericGreaterThan,
+ GenericEqual
+} RTL_GENERIC_COMPARE_RESULTS;
-typedef struct _PRIVATE_CACHE_MAP_FLAGS {
- ULONG DontUse : 16;
- ULONG ReadAheadActive : 1;
- ULONG ReadAheadEnabled : 1;
- ULONG Available : 14;
-} PRIVATE_CACHE_MAP_FLAGS, *PPRIVATE_CACHE_MAP_FLAGS;
+typedef enum _TABLE_SEARCH_RESULT
+{
+ TableEmptyTree,
+ TableFoundNode,
+ TableInsertAsLeft,
+ TableInsertAsRight
+} TABLE_SEARCH_RESULT;
-typedef struct _PRIVATE_CACHE_MAP {
- _ANONYMOUS_UNION union {
- CSHORT NodeTypeCode;
- PRIVATE_CACHE_MAP_FLAGS Flags;
- ULONG UlongFlags;
- } DUMMYUNIONNAME;
- ULONG ReadAheadMask;
- PFILE_OBJECT FileObject;
- LARGE_INTEGER FileOffset1;
- LARGE_INTEGER BeyondLastByte1;
- LARGE_INTEGER FileOffset2;
- LARGE_INTEGER BeyondLastByte2;
- LARGE_INTEGER ReadAheadOffset[2];
- ULONG ReadAheadLength[2];
- KSPIN_LOCK ReadAheadSpinLock;
- LIST_ENTRY PrivateLinks;
-} PRIVATE_CACHE_MAP, *PPRIVATE_CACHE_MAP;
+typedef NTSTATUS
+(NTAPI *PRTL_AVL_MATCH_FUNCTION)(
+ struct _RTL_AVL_TABLE *Table,
+ PVOID UserData,
+ PVOID MatchData
+);
-#endif
+typedef RTL_GENERIC_COMPARE_RESULTS
+(NTAPI *PRTL_AVL_COMPARE_ROUTINE) (
+ struct _RTL_AVL_TABLE *Table,
+ PVOID FirstStruct,
+ PVOID SecondStruct
+);
+
+typedef RTL_GENERIC_COMPARE_RESULTS
+(NTAPI *PRTL_GENERIC_COMPARE_ROUTINE) (
+ struct _RTL_GENERIC_TABLE *Table,
+ PVOID FirstStruct,
+ PVOID SecondStruct
+);
+
+typedef PVOID
+(NTAPI *PRTL_GENERIC_ALLOCATE_ROUTINE) (
+ struct _RTL_GENERIC_TABLE *Table,
+ CLONG ByteSize
+);
+
+typedef VOID
+(NTAPI *PRTL_GENERIC_FREE_ROUTINE) (
+ struct _RTL_GENERIC_TABLE *Table,
+ PVOID Buffer
+);
+
+typedef PVOID
+(NTAPI *PRTL_AVL_ALLOCATE_ROUTINE) (
+ struct _RTL_AVL_TABLE *Table,
+ CLONG ByteSize
+);
+
+typedef VOID
+(NTAPI *PRTL_AVL_FREE_ROUTINE) (
+ struct _RTL_AVL_TABLE *Table,
+ PVOID Buffer
+);
typedef struct _PUBLIC_BCB {
CSHORT NodeTypeCode;
struct _RTL_SPLAY_LINKS *RightChild;
} RTL_SPLAY_LINKS, *PRTL_SPLAY_LINKS;
-typedef enum _RTL_GENERIC_COMPARE_RESULTS
+typedef struct _RTL_BALANCED_LINKS
{
- GenericLessThan,
- GenericGreaterThan,
- GenericEqual
-} RTL_GENERIC_COMPARE_RESULTS;
+ struct _RTL_BALANCED_LINKS *Parent;
+ struct _RTL_BALANCED_LINKS *LeftChild;
+ struct _RTL_BALANCED_LINKS *RightChild;
+ CHAR Balance;
+ UCHAR Reserved[3];
+} RTL_BALANCED_LINKS, *PRTL_BALANCED_LINKS;
+
+typedef struct _RTL_GENERIC_TABLE
+{
+ PRTL_SPLAY_LINKS TableRoot;
+ LIST_ENTRY InsertOrderList;
+ PLIST_ENTRY OrderedPointer;
+ ULONG WhichOrderedElement;
+ ULONG NumberGenericTableElements;
+ PRTL_GENERIC_COMPARE_ROUTINE CompareRoutine;
+ PRTL_GENERIC_ALLOCATE_ROUTINE AllocateRoutine;
+ PRTL_GENERIC_FREE_ROUTINE FreeRoutine;
+ PVOID TableContext;
+} RTL_GENERIC_TABLE, *PRTL_GENERIC_TABLE;
+
+typedef struct _RTL_AVL_TABLE
+{
+ RTL_BALANCED_LINKS BalancedRoot;
+ PVOID OrderedPointer;
+ ULONG WhichOrderedElement;
+ ULONG NumberGenericTableElements;
+ ULONG DepthOfTree;
+ PRTL_BALANCED_LINKS RestartKey;
+ ULONG DeleteCount;
+ PRTL_AVL_COMPARE_ROUTINE CompareRoutine;
+ PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine;
+ PRTL_AVL_FREE_ROUTINE FreeRoutine;
+ PVOID TableContext;
+} RTL_AVL_TABLE, *PRTL_AVL_TABLE;
+
+NTSYSAPI
+VOID
+NTAPI
+RtlInitializeGenericTableAvl(
+ PRTL_AVL_TABLE Table,
+ PRTL_AVL_COMPARE_ROUTINE CompareRoutine,
+ PRTL_AVL_ALLOCATE_ROUTINE AllocateRoutine,
+ PRTL_AVL_FREE_ROUTINE FreeRoutine,
+ PVOID TableContext
+);
#if defined(USE_LPC6432)
#define LPC_CLIENT_ID CLIENT_ID64
};
} PORT_MESSAGE, *PPORT_MESSAGE;
+#define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
+
typedef struct _PORT_VIEW
{
ULONG Length;
USHORT NumEntries;
} TUNNEL, *PTUNNEL;
-typedef struct _VACB {
- PVOID BaseAddress;
- PSHARED_CACHE_MAP SharedCacheMap;
- union {
- LARGE_INTEGER FileOffset;
- USHORT ActiveCount;
- } Overlay;
- LIST_ENTRY LruList;
-} VACB, *PVACB;
-
typedef struct _VAD_HEADER {
PVOID StartVPN;
PVOID EndVPN;
(((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
)
+extern ULONG CcFastMdlReadWait;
+
NTKERNELAPI
BOOLEAN
NTAPI
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
- IN BOOLEAN Wait,
+ IN ULONG Flags,
OUT PVOID *Bcb,
OUT PVOID *Buffer
);
IN PMDL MdlChain
);
+#define MAP_WAIT 1
+
NTKERNELAPI
BOOLEAN
NTAPI
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
-#if (VER_PRODUCTBUILD >= 2195)
IN ULONG Flags,
-#else
- IN BOOLEAN Wait,
-#endif
IN OUT PVOID *Bcb
);
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
-#if (VER_PRODUCTBUILD >= 2195)
IN ULONG Flags,
-#else
- IN BOOLEAN Wait,
-#endif
OUT PVOID *Bcb,
OUT PVOID *Buffer
);
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN BOOLEAN Zero,
-#if (VER_PRODUCTBUILD >= 2195)
IN ULONG Flags,
-#else
- IN BOOLEAN Wait,
-#endif
OUT PVOID *Bcb,
OUT PVOID *Buffer
);
BOOLEAN
NTAPI
FsRtlAreNamesEqual (
- IN PUNICODE_STRING Name1,
- IN PUNICODE_STRING Name2,
+ IN PCUNICODE_STRING Name1,
+ IN PCUNICODE_STRING Name2,
IN BOOLEAN IgnoreCase,
- IN PWCHAR UpcaseTable OPTIONAL
+ IN PCWCH UpcaseTable OPTIONAL
);
#define FsRtlAreThereCurrentFileLocks(FL) ( \
IN PDEVICE_OBJECT DeviceObject
);
-NTKERNELAPI
+NTSYSAPI
PVOID
NTAPI
RtlCreateHeap (
IN HANDLE Handle
);
-NTKERNELAPI
+NTSYSAPI
PVOID
NTAPI
RtlDestroyHeap(
IN PUNICODE_STRING Name
);
+#define FsRtlCompleteRequest(IRP,STATUS) { \
+ (IRP)->IoStatus.Status = (STATUS); \
+ IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
+}
+
#define FsRtlEnterFileSystem KeEnterCriticalRegion
#define FsRtlExitFileSystem KeLeaveCriticalRegion
IN PCHAR String
);
-NTHALAPI
-VOID
+NTKERNELAPI
+UCHAR
NTAPI
-HalSetRealTimeClock (
- IN PTIME_FIELDS TimeFields
+KeSetIdealProcessorThread(
+ IN OUT PKTHREAD Thread,
+ IN UCHAR Processor
);
NTKERNELAPI
IN PLIST_ENTRY Entry
);
-NTKERNELAPI
-BOOLEAN
-NTAPI
-KeInsertQueueApc (
- IN PKAPC Apc,
- IN PVOID SystemArgument1,
- IN PVOID SystemArgument2,
- IN KPRIORITY PriorityBoost
-);
-
NTKERNELAPI
LONG
NTAPI
IN ULONG Size
);
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlAppendStringToString(
+ PSTRING Destination,
+ const STRING *Source
+);
+
+NTSYSAPI
+USHORT
+NTAPI
+RtlCaptureStackBackTrace (
+ IN ULONG FramesToSkip,
+ IN ULONG FramesToCapture,
+ OUT PVOID *BackTrace,
+ OUT PULONG BackTraceHash OPTIONAL
+);
+
NTSYSAPI
NTSTATUS
NTAPI
IN PACCESS_TOKEN Token
);
+
+NTSTATUS
+NTAPI
+SeLocateProcessImageName(
+ IN PEPROCESS Process,
+ OUT PUNICODE_STRING *pImageFileName
+);
+
#endif /* (VER_PRODUCTBUILD >= 2195) */
NTKERNELAPI
IN ULONG Protect
);
+NTSTATUS
+NTAPI
+NtAccessCheckByTypeAndAuditAlarm(
+ IN PUNICODE_STRING SubsystemName,
+ IN HANDLE HandleId,
+ IN PUNICODE_STRING ObjectTypeName,
+ IN PUNICODE_STRING ObjectName,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PSID PrincipalSelfSid,
+ IN ACCESS_MASK DesiredAccess,
+ IN AUDIT_EVENT_TYPE AuditType,
+ IN ULONG Flags,
+ IN POBJECT_TYPE_LIST ObjectTypeList,
+ IN ULONG ObjectTypeLength,
+ IN PGENERIC_MAPPING GenericMapping,
+ IN BOOLEAN ObjectCreation,
+ OUT PACCESS_MASK GrantedAccess,
+ OUT PNTSTATUS AccessStatus,
+ OUT PBOOLEAN GenerateOnClose
+);
+
+NTSTATUS
+NTAPI
+NtAccessCheckByTypeResultListAndAuditAlarm(
+ IN PUNICODE_STRING SubsystemName,
+ IN HANDLE HandleId,
+ IN PUNICODE_STRING ObjectTypeName,
+ IN PUNICODE_STRING ObjectName,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PSID PrincipalSelfSid,
+ IN ACCESS_MASK DesiredAccess,
+ IN AUDIT_EVENT_TYPE AuditType,
+ IN ULONG Flags,
+ IN POBJECT_TYPE_LIST ObjectTypeList,
+ IN ULONG ObjectTypeLength,
+ IN PGENERIC_MAPPING GenericMapping,
+ IN BOOLEAN ObjectCreation,
+ OUT PACCESS_MASK GrantedAccess,
+ OUT PNTSTATUS AccessStatus,
+ OUT PBOOLEAN GenerateOnClose
+);
+
+NTSTATUS
+NTAPI
+NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
+ IN PUNICODE_STRING SubsystemName,
+ IN HANDLE HandleId,
+ IN HANDLE ClientToken,
+ IN PUNICODE_STRING ObjectTypeName,
+ IN PUNICODE_STRING ObjectName,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PSID PrincipalSelfSid,
+ IN ACCESS_MASK DesiredAccess,
+ IN AUDIT_EVENT_TYPE AuditType,
+ IN ULONG Flags,
+ IN POBJECT_TYPE_LIST ObjectTypeList,
+ IN ULONG ObjectTypeLength,
+ IN PGENERIC_MAPPING GenericMapping,
+ IN BOOLEAN ObjectCreation,
+ OUT PACCESS_MASK GrantedAccess,
+ OUT PNTSTATUS AccessStatus,
+ OUT PBOOLEAN GenerateOnClose
+);
+
NTSYSAPI
NTSTATUS
NTAPI
OUT PHANDLE NewTokenHandle
);
+NTSTATUS
+NTAPI
+NtFilterToken(
+ IN HANDLE ExistingTokenHandle,
+ IN ULONG Flags,
+ IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
+ IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
+ IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
+ OUT PHANDLE NewTokenHandle
+);
+
NTSYSAPI
NTSTATUS
NTAPI
projects / reactos.git / blobdiff