struct _KWAIT_BLOCK *NextWaitBlock;
USHORT WaitKey;
UCHAR WaitType;
+#if (NTDDI_VERSION >= NTDDI_WIN7)
volatile UCHAR BlockState;
+#else
+ UCHAR SpareByte;
+#endif
#if defined(_WIN64)
LONG SpareLong;
#endif
ULARGE_INTEGER DueTime;
LIST_ENTRY TimerListEntry;
struct _KDPC *Dpc;
-# if !defined(_X86_)
+#if (NTDDI_VERSION >= NTDDI_WIN7) && !defined(_X86_)
ULONG Processor;
-# endif
+#endif
ULONG Period;
} KTIMER, *PKTIMER, *RESTRICTED_POINTER PRKTIMER;
#endif
+/******************************************************************************
+ * Memory manager Types *
+ ******************************************************************************/
-#if defined(_M_IX86)
-/** Kernel definitions for x86 **/
+#if (NTDDI_VERSION >= NTDDI_WIN2K)
+typedef ULONG NODE_REQUIREMENT;
+#define MM_ANY_NODE_OK 0x80000000
+#endif
-/* Interrupt request levels */
-#define PASSIVE_LEVEL 0
-#define LOW_LEVEL 0
-#define APC_LEVEL 1
-#define DISPATCH_LEVEL 2
-#define CMCI_LEVEL 5
-#define PROFILE_LEVEL 27
-#define CLOCK1_LEVEL 28
-#define CLOCK2_LEVEL 28
-#define IPI_LEVEL 29
-#define POWER_LEVEL 30
-#define HIGH_LEVEL 31
-#define CLOCK_LEVEL CLOCK2_LEVEL
+#define MM_DONT_ZERO_ALLOCATION 0x00000001
+#define MM_ALLOCATE_FROM_LOCAL_NODE_ONLY 0x00000002
+#define MM_ALLOCATE_FULLY_REQUIRED 0x00000004
+#define MM_ALLOCATE_NO_WAIT 0x00000008
+#define MM_ALLOCATE_PREFER_CONTIGUOUS 0x00000010
+#define MM_ALLOCATE_REQUIRE_CONTIGUOUS_CHUNKS 0x00000020
-#define KIP0PCRADDRESS 0xffdff000
-#define KI_USER_SHARED_DATA 0xffdf0000
-#define SharedUserData ((KUSER_SHARED_DATA * CONST)KI_USER_SHARED_DATA)
+#define MDL_MAPPED_TO_SYSTEM_VA 0x0001
+#define MDL_PAGES_LOCKED 0x0002
+#define MDL_SOURCE_IS_NONPAGED_POOL 0x0004
+#define MDL_ALLOCATED_FIXED_SIZE 0x0008
+#define MDL_PARTIAL 0x0010
+#define MDL_PARTIAL_HAS_BEEN_MAPPED 0x0020
+#define MDL_IO_PAGE_READ 0x0040
+#define MDL_WRITE_OPERATION 0x0080
+#define MDL_PARENT_MAPPED_SYSTEM_VA 0x0100
+#define MDL_FREE_EXTRA_PTES 0x0200
+#define MDL_DESCRIBES_AWE 0x0400
+#define MDL_IO_SPACE 0x0800
+#define MDL_NETWORK_HEADER 0x1000
+#define MDL_MAPPING_CAN_FAIL 0x2000
+#define MDL_ALLOCATED_MUST_SUCCEED 0x4000
+#define MDL_INTERNAL 0x8000
-#define PAGE_SIZE 0x1000
-#define PAGE_SHIFT 12L
-#define KeGetDcacheFillSize() 1L
+#define MDL_MAPPING_FLAGS (MDL_MAPPED_TO_SYSTEM_VA | \
+ MDL_PAGES_LOCKED | \
+ MDL_SOURCE_IS_NONPAGED_POOL | \
+ MDL_PARTIAL_HAS_BEEN_MAPPED | \
+ MDL_PARENT_MAPPED_SYSTEM_VA | \
+ MDL_SYSTEM_VA | \
+ MDL_IO_SPACE)
-#define EFLAG_SIGN 0x8000
-#define EFLAG_ZERO 0x4000
-#define EFLAG_SELECT (EFLAG_SIGN | EFLAG_ZERO)
+#define FLUSH_MULTIPLE_MAXIMUM 32
-#define RESULT_NEGATIVE ((EFLAG_SIGN & ~EFLAG_ZERO) & EFLAG_SELECT)
-#define RESULT_ZERO ((~EFLAG_SIGN & EFLAG_ZERO) & EFLAG_SELECT)
-#define RESULT_POSITIVE ((~EFLAG_SIGN & ~EFLAG_ZERO) & EFLAG_SELECT)
+/* Section access rights */
+#define SECTION_QUERY 0x0001
+#define SECTION_MAP_WRITE 0x0002
+#define SECTION_MAP_READ 0x0004
+#define SECTION_MAP_EXECUTE 0x0008
+#define SECTION_EXTEND_SIZE 0x0010
+#define SECTION_MAP_EXECUTE_EXPLICIT 0x0020
+#define SECTION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SECTION_QUERY| \
+ SECTION_MAP_WRITE | \
+ SECTION_MAP_READ | \
+ SECTION_MAP_EXECUTE | \
+ SECTION_EXTEND_SIZE)
-typedef struct _KFLOATING_SAVE {
- ULONG ControlWord;
- ULONG StatusWord;
- ULONG ErrorOffset;
- ULONG ErrorSelector;
- ULONG DataOffset;
- ULONG DataSelector;
- ULONG Cr0NpxState;
- ULONG Spare1;
-} KFLOATING_SAVE, *PKFLOATING_SAVE;
+#define SESSION_QUERY_ACCESS 0x0001
+#define SESSION_MODIFY_ACCESS 0x0002
-extern NTKERNELAPI volatile KSYSTEM_TIME KeTickCount;
+#define SESSION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
+ SESSION_QUERY_ACCESS | \
+ SESSION_MODIFY_ACCESS)
-#define YieldProcessor _mm_pause
+#define SEGMENT_ALL_ACCESS SECTION_ALL_ACCESS
-FORCEINLINE
-VOID
-KeMemoryBarrier(VOID)
-{
- LONG Barrier, *Dummy = &Barrier;
- UNREFERENCED_LOCAL_VARIABLE(Dummy);
+#define PAGE_NOACCESS 0x01
+#define PAGE_READONLY 0x02
+#define PAGE_READWRITE 0x04
+#define PAGE_WRITECOPY 0x08
+#define PAGE_EXECUTE 0x10
+#define PAGE_EXECUTE_READ 0x20
+#define PAGE_EXECUTE_READWRITE 0x40
+#define PAGE_EXECUTE_WRITECOPY 0x80
+#define PAGE_GUARD 0x100
+#define PAGE_NOCACHE 0x200
+#define PAGE_WRITECOMBINE 0x400
-#if defined(__GNUC__)
- __asm__ __volatile__ ("xchg %%eax, %0" : : "m" (Barrier) : "%eax");
-#elif defined(_MSC_VER)
- __asm xchg [Barrier], eax
-#endif
-}
+#define MEM_COMMIT 0x1000
+#define MEM_RESERVE 0x2000
+#define MEM_DECOMMIT 0x4000
+#define MEM_RELEASE 0x8000
+#define MEM_FREE 0x10000
+#define MEM_PRIVATE 0x20000
+#define MEM_MAPPED 0x40000
+#define MEM_RESET 0x80000
+#define MEM_TOP_DOWN 0x100000
+#define MEM_LARGE_PAGES 0x20000000
+#define MEM_4MB_PAGES 0x80000000
-#define KeMemoryBarrierWithoutFence() _ReadWriteBarrier()
+#define SEC_RESERVE 0x4000000
+#define SEC_COMMIT 0x8000000
+#define SEC_LARGE_PAGES 0x80000000
-_IRQL_requires_max_(HIGH_LEVEL)
-_IRQL_saves_
-NTHALAPI
-KIRQL
-NTAPI
-KeGetCurrentIrql(VOID);
+/* Section map options */
+typedef enum _SECTION_INHERIT {
+ ViewShare = 1,
+ ViewUnmap = 2
+} SECTION_INHERIT;
-_IRQL_requires_max_(HIGH_LEVEL)
-NTHALAPI
-VOID
-FASTCALL
-KfLowerIrql(
- _In_ _IRQL_restores_ _Notliteral_ KIRQL NewIrql);
-#define KeLowerIrql(a) KfLowerIrql(a)
+typedef ULONG PFN_COUNT;
+typedef LONG_PTR SPFN_NUMBER, *PSPFN_NUMBER;
+typedef ULONG_PTR PFN_NUMBER, *PPFN_NUMBER;
-_IRQL_requires_max_(HIGH_LEVEL)
-_IRQL_raises_(NewIrql)
-_IRQL_saves_
-NTHALAPI
-KIRQL
-FASTCALL
-KfRaiseIrql(
- _In_ KIRQL NewIrql);
-#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
+_Struct_size_bytes_(_Inexpressible_(sizeof(struct _MDL) +
+ (ByteOffset + ByteCount + PAGE_SIZE-1) / PAGE_SIZE * sizeof(PFN_NUMBER)))
+typedef struct _MDL {
+ struct _MDL *Next;
+ CSHORT Size;
+ CSHORT MdlFlags;
+ struct _EPROCESS *Process;
+ PVOID MappedSystemVa;
+ PVOID StartVa;
+ ULONG ByteCount;
+ ULONG ByteOffset;
+} MDL, *PMDL;
+#if (_MSC_VER >= 1600)
+typedef _Readable_bytes_(_Inexpressible_(polymorphism)) MDL *PMDLX;
+#else
+typedef MDL *PMDLX;
+#endif
-_IRQL_requires_max_(DISPATCH_LEVEL)
-_IRQL_saves_
-_IRQL_raises_(DISPATCH_LEVEL)
-NTHALAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToDpcLevel(VOID);
+typedef enum _MEMORY_CACHING_TYPE_ORIG {
+ MmFrameBufferCached = 2
+} MEMORY_CACHING_TYPE_ORIG;
-NTHALAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToSynchLevel(VOID);
+typedef enum _MEMORY_CACHING_TYPE {
+ MmNonCached = FALSE,
+ MmCached = TRUE,
+ MmWriteCombined = MmFrameBufferCached,
+ MmHardwareCoherentCached,
+ MmNonCachedUnordered,
+ MmUSWCCached,
+ MmMaximumCacheType
+} MEMORY_CACHING_TYPE;
-_Requires_lock_not_held_(*SpinLock)
-_Acquires_lock_(*SpinLock)
-_IRQL_requires_max_(DISPATCH_LEVEL)
-_IRQL_saves_
-_IRQL_raises_(DISPATCH_LEVEL)
-NTHALAPI
-KIRQL
-FASTCALL
-KfAcquireSpinLock(
- _Inout_ PKSPIN_LOCK SpinLock);
-#define KeAcquireSpinLock(a,b) *(b) = KfAcquireSpinLock(a)
+typedef enum _MM_PAGE_PRIORITY {
+ LowPagePriority,
+ NormalPagePriority = 16,
+ HighPagePriority = 32
+} MM_PAGE_PRIORITY;
-_Requires_lock_held_(*SpinLock)
-_Releases_lock_(*SpinLock)
-_IRQL_requires_(DISPATCH_LEVEL)
-NTHALAPI
-VOID
-FASTCALL
-KfReleaseSpinLock(
- _Inout_ PKSPIN_LOCK SpinLock,
- _In_ _IRQL_restores_ KIRQL NewIrql);
-#define KeReleaseSpinLock(a,b) KfReleaseSpinLock(a,b)
+typedef enum _MM_SYSTEM_SIZE {
+ MmSmallSystem,
+ MmMediumSystem,
+ MmLargeSystem
+} MM_SYSTEMSIZE;
-_Requires_lock_not_held_(*SpinLock)
-_Acquires_lock_(*SpinLock)
-_IRQL_requires_min_(DISPATCH_LEVEL)
-NTKERNELAPI
-VOID
-FASTCALL
-KefAcquireSpinLockAtDpcLevel(
- _Inout_ PKSPIN_LOCK SpinLock);
-#define KeAcquireSpinLockAtDpcLevel(SpinLock) KefAcquireSpinLockAtDpcLevel(SpinLock)
+extern NTKERNELAPI BOOLEAN Mm64BitPhysicalAddress;
+extern PVOID MmBadPointer;
-_Requires_lock_held_(*SpinLock)
-_Releases_lock_(*SpinLock)
-_IRQL_requires_min_(DISPATCH_LEVEL)
-NTKERNELAPI
-VOID
-FASTCALL
-KefReleaseSpinLockFromDpcLevel(
- _Inout_ PKSPIN_LOCK SpinLock);
-#define KeReleaseSpinLockFromDpcLevel(SpinLock) KefReleaseSpinLockFromDpcLevel(SpinLock)
-
-NTSYSAPI
-PKTHREAD
-NTAPI
-KeGetCurrentThread(VOID);
-_Always_(_Post_satisfies_(return<=0))
-_Must_inspect_result_
-_IRQL_requires_max_(DISPATCH_LEVEL)
-_Kernel_float_saved_
-_At_(*FloatSave, _Kernel_requires_resource_not_held_(FloatState) _Kernel_acquires_resource_(FloatState))
-NTKERNELAPI
-NTSTATUS
-NTAPI
-KeSaveFloatingPointState(
- _Out_ PKFLOATING_SAVE FloatSave);
+/******************************************************************************
+ * Executive Types *
+ ******************************************************************************/
+#define EX_RUNDOWN_ACTIVE 0x1
+#define EX_RUNDOWN_COUNT_SHIFT 0x1
+#define EX_RUNDOWN_COUNT_INC (1 << EX_RUNDOWN_COUNT_SHIFT)
-_Success_(1)
-_Kernel_float_restored_
-_At_(*FloatSave, _Kernel_requires_resource_held_(FloatState) _Kernel_releases_resource_(FloatState))
-NTKERNELAPI
-NTSTATUS
-NTAPI
-KeRestoreFloatingPointState(
- _In_ PKFLOATING_SAVE FloatSave);
+typedef struct _FAST_MUTEX {
+ volatile LONG Count;
+ PKTHREAD Owner;
+ ULONG Contention;
+ KEVENT Event;
+ ULONG OldIrql;
+} FAST_MUTEX, *PFAST_MUTEX;
-/* VOID
- * KeFlushIoBuffers(
- * IN PMDL Mdl,
- * IN BOOLEAN ReadOperation,
- * IN BOOLEAN DmaOperation)
- */
-#define KeFlushIoBuffers(_Mdl, _ReadOperation, _DmaOperation)
+typedef enum _SUITE_TYPE {
+ SmallBusiness,
+ Enterprise,
+ BackOffice,
+ CommunicationServer,
+ TerminalServer,
+ SmallBusinessRestricted,
+ EmbeddedNT,
+ DataCenter,
+ SingleUserTS,
+ Personal,
+ Blade,
+ EmbeddedRestricted,
+ SecurityAppliance,
+ StorageServer,
+ ComputeServer,
+ WHServer,
+ MaxSuiteType
+} SUITE_TYPE;
-/* x86 and x64 performs a 0x2C interrupt */
-#define DbgRaiseAssertionFailure __int2c
+typedef enum _EX_POOL_PRIORITY {
+ LowPoolPriority,
+ LowPoolPrioritySpecialPoolOverrun = 8,
+ LowPoolPrioritySpecialPoolUnderrun = 9,
+ NormalPoolPriority = 16,
+ NormalPoolPrioritySpecialPoolOverrun = 24,
+ NormalPoolPrioritySpecialPoolUnderrun = 25,
+ HighPoolPriority = 32,
+ HighPoolPrioritySpecialPoolOverrun = 40,
+ HighPoolPrioritySpecialPoolUnderrun = 41
+} EX_POOL_PRIORITY;
-FORCEINLINE
-VOID
-_KeQueryTickCount(
- OUT PLARGE_INTEGER CurrentCount)
-{
- for (;;) {
-#ifdef NONAMELESSUNION
- CurrentCount->s.HighPart = KeTickCount.High1Time;
- CurrentCount->s.LowPart = KeTickCount.LowPart;
- if (CurrentCount->s.HighPart == KeTickCount.High2Time) break;
+#if !defined(_WIN64) && (defined(_NTDDK_) || defined(_NTIFS_) || defined(_NDIS_))
+#define LOOKASIDE_ALIGN
#else
- CurrentCount->HighPart = KeTickCount.High1Time;
- CurrentCount->LowPart = KeTickCount.LowPart;
- if (CurrentCount->HighPart == KeTickCount.High2Time) break;
+#define LOOKASIDE_ALIGN /* FIXME: DECLSPEC_CACHEALIGN */
#endif
- YieldProcessor();
- }
-}
-#define KeQueryTickCount(CurrentCount) _KeQueryTickCount(CurrentCount)
+typedef struct _LOOKASIDE_LIST_EX *PLOOKASIDE_LIST_EX;
+_IRQL_requires_same_
+_Function_class_(ALLOCATE_FUNCTION)
+typedef PVOID
+(NTAPI *PALLOCATE_FUNCTION)(
+ _In_ POOL_TYPE PoolType,
+ _In_ SIZE_T NumberOfBytes,
+ _In_ ULONG Tag);
+_IRQL_requires_same_
+_Function_class_(ALLOCATE_FUNCTION_EX)
+typedef PVOID
+(NTAPI *PALLOCATE_FUNCTION_EX)(
+ _In_ POOL_TYPE PoolType,
+ _In_ SIZE_T NumberOfBytes,
+ _In_ ULONG Tag,
+ _Inout_ PLOOKASIDE_LIST_EX Lookaside);
+_IRQL_requires_same_
+_Function_class_(FREE_FUNCTION)
+typedef VOID
+(NTAPI *PFREE_FUNCTION)(
+ _In_ PVOID Buffer);
-#elif defined(_M_AMD64)
-/** Kernel definitions for AMD64 **/
+_IRQL_requires_same_
+_Function_class_(FREE_FUNCTION_EX)
+typedef VOID
+(NTAPI *PFREE_FUNCTION_EX)(
+ _In_ PVOID Buffer,
+ _Inout_ PLOOKASIDE_LIST_EX Lookaside);
-/* Interrupt request levels */
-#define PASSIVE_LEVEL 0
-#define LOW_LEVEL 0
-#define APC_LEVEL 1
-#define DISPATCH_LEVEL 2
-#define CMCI_LEVEL 5
-#define CLOCK_LEVEL 13
-#define IPI_LEVEL 14
-#define DRS_LEVEL 14
-#define POWER_LEVEL 14
-#define PROFILE_LEVEL 15
-#define HIGH_LEVEL 15
+_IRQL_requires_same_
+_Function_class_(CALLBACK_FUNCTION)
+typedef VOID
+(NTAPI CALLBACK_FUNCTION)(
+ _In_opt_ PVOID CallbackContext,
+ _In_opt_ PVOID Argument1,
+ _In_opt_ PVOID Argument2);
+typedef CALLBACK_FUNCTION *PCALLBACK_FUNCTION;
-#define KI_USER_SHARED_DATA 0xFFFFF78000000000ULL
-#define SharedUserData ((PKUSER_SHARED_DATA const)KI_USER_SHARED_DATA)
-#define SharedInterruptTime (KI_USER_SHARED_DATA + 0x8)
-#define SharedSystemTime (KI_USER_SHARED_DATA + 0x14)
-#define SharedTickCount (KI_USER_SHARED_DATA + 0x320)
+#define GENERAL_LOOKASIDE_LAYOUT \
+ _ANONYMOUS_UNION union { \
+ SLIST_HEADER ListHead; \
+ SINGLE_LIST_ENTRY SingleListHead; \
+ } DUMMYUNIONNAME; \
+ USHORT Depth; \
+ USHORT MaximumDepth; \
+ ULONG TotalAllocates; \
+ _ANONYMOUS_UNION union { \
+ ULONG AllocateMisses; \
+ ULONG AllocateHits; \
+ } DUMMYUNIONNAME2; \
+ ULONG TotalFrees; \
+ _ANONYMOUS_UNION union { \
+ ULONG FreeMisses; \
+ ULONG FreeHits; \
+ } DUMMYUNIONNAME3; \
+ POOL_TYPE Type; \
+ ULONG Tag; \
+ ULONG Size; \
+ _ANONYMOUS_UNION union { \
+ PALLOCATE_FUNCTION_EX AllocateEx; \
+ PALLOCATE_FUNCTION Allocate; \
+ } DUMMYUNIONNAME4; \
+ _ANONYMOUS_UNION union { \
+ PFREE_FUNCTION_EX FreeEx; \
+ PFREE_FUNCTION Free; \
+ } DUMMYUNIONNAME5; \
+ LIST_ENTRY ListEntry; \
+ ULONG LastTotalAllocates; \
+ _ANONYMOUS_UNION union { \
+ ULONG LastAllocateMisses; \
+ ULONG LastAllocateHits; \
+ } DUMMYUNIONNAME6; \
+ ULONG Future[2];
-#define PAGE_SIZE 0x1000
-#define PAGE_SHIFT 12L
+typedef struct LOOKASIDE_ALIGN _GENERAL_LOOKASIDE {
+ GENERAL_LOOKASIDE_LAYOUT
+} GENERAL_LOOKASIDE, *PGENERAL_LOOKASIDE;
-#define EFLAG_SIGN 0x8000
-#define EFLAG_ZERO 0x4000
-#define EFLAG_SELECT (EFLAG_SIGN | EFLAG_ZERO)
+typedef struct _GENERAL_LOOKASIDE_POOL {
+ GENERAL_LOOKASIDE_LAYOUT
+} GENERAL_LOOKASIDE_POOL, *PGENERAL_LOOKASIDE_POOL;
-typedef struct _KFLOATING_SAVE {
- ULONG Dummy;
-} KFLOATING_SAVE, *PKFLOATING_SAVE;
+#define LOOKASIDE_CHECK(f) \
+ C_ASSERT(FIELD_OFFSET(GENERAL_LOOKASIDE,f) == FIELD_OFFSET(GENERAL_LOOKASIDE_POOL,f))
-typedef XSAVE_FORMAT XMM_SAVE_AREA32, *PXMM_SAVE_AREA32;
+LOOKASIDE_CHECK(TotalFrees);
+LOOKASIDE_CHECK(Tag);
+LOOKASIDE_CHECK(Future);
-#define KeQueryInterruptTime() \
- (*(volatile ULONG64*)SharedInterruptTime)
+typedef struct LOOKASIDE_ALIGN _PAGED_LOOKASIDE_LIST {
+ GENERAL_LOOKASIDE L;
+#if !defined(_AMD64_) && !defined(_IA64_)
+ FAST_MUTEX Lock__ObsoleteButDoNotDelete;
+#endif
+} PAGED_LOOKASIDE_LIST, *PPAGED_LOOKASIDE_LIST;
-#define KeQuerySystemTime(CurrentCount) \
- *(ULONG64*)(CurrentCount) = *(volatile ULONG64*)SharedSystemTime
+typedef struct LOOKASIDE_ALIGN _NPAGED_LOOKASIDE_LIST {
+ GENERAL_LOOKASIDE L;
+#if !defined(_AMD64_) && !defined(_IA64_)
+ KSPIN_LOCK Lock__ObsoleteButDoNotDelete;
+#endif
+} NPAGED_LOOKASIDE_LIST, *PNPAGED_LOOKASIDE_LIST;
-#define KeQueryTickCount(CurrentCount) \
- *(ULONG64*)(CurrentCount) = *(volatile ULONG64*)SharedTickCount
+#define LOOKASIDE_MINIMUM_BLOCK_SIZE (RTL_SIZEOF_THROUGH_FIELD (SLIST_ENTRY, Next))
-#define KeGetDcacheFillSize() 1L
+typedef struct _LOOKASIDE_LIST_EX {
+ GENERAL_LOOKASIDE_POOL L;
+} LOOKASIDE_LIST_EX;
-#define YieldProcessor _mm_pause
-#define FastFence __faststorefence
-#define LoadFence _mm_lfence
-#define MemoryFence _mm_mfence
-#define StoreFence _mm_sfence
-#define LFENCE_ACQUIRE() LoadFence()
+#if (NTDDI_VERSION >= NTDDI_VISTA)
-FORCEINLINE
-VOID
-KeMemoryBarrier(VOID)
-{
- // FIXME: Do we really need lfence after the __faststorefence ?
- FastFence();
- LFENCE_ACQUIRE();
-}
+#define EX_LOOKASIDE_LIST_EX_FLAGS_RAISE_ON_FAIL 0x00000001UL
+#define EX_LOOKASIDE_LIST_EX_FLAGS_FAIL_NO_RAISE 0x00000002UL
-#define KeMemoryBarrierWithoutFence() _ReadWriteBarrier()
+#define EX_MAXIMUM_LOOKASIDE_DEPTH_BASE 256
+#define EX_MAXIMUM_LOOKASIDE_DEPTH_LIMIT 1024
-FORCEINLINE
-KIRQL
-KeGetCurrentIrql(VOID)
-{
- return (KIRQL)__readcr8();
-}
+#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
-FORCEINLINE
-VOID
-KeLowerIrql(IN KIRQL NewIrql)
-{
- //ASSERT(KeGetCurrentIrql() >= NewIrql);
- __writecr8(NewIrql);
-}
+typedef struct _EX_RUNDOWN_REF {
+ _ANONYMOUS_UNION union {
+ volatile ULONG_PTR Count;
+ volatile PVOID Ptr;
+ } DUMMYUNIONNAME;
+} EX_RUNDOWN_REF, *PEX_RUNDOWN_REF;
-FORCEINLINE
-KIRQL
-KfRaiseIrql(IN KIRQL NewIrql)
-{
- KIRQL OldIrql;
+typedef struct _EX_RUNDOWN_REF_CACHE_AWARE *PEX_RUNDOWN_REF_CACHE_AWARE;
- OldIrql = (KIRQL)__readcr8();
- //ASSERT(OldIrql <= NewIrql);
- __writecr8(NewIrql);
- return OldIrql;
-}
-#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
+typedef enum _WORK_QUEUE_TYPE {
+ CriticalWorkQueue,
+ DelayedWorkQueue,
+ HyperCriticalWorkQueue,
+ MaximumWorkQueue
+} WORK_QUEUE_TYPE;
-FORCEINLINE
-KIRQL
-KeRaiseIrqlToDpcLevel(VOID)
-{
- return KfRaiseIrql(DISPATCH_LEVEL);
-}
+_IRQL_requires_same_
+_Function_class_(WORKER_THREAD_ROUTINE)
+typedef VOID
+(NTAPI WORKER_THREAD_ROUTINE)(
+ _In_ PVOID Parameter);
+typedef WORKER_THREAD_ROUTINE *PWORKER_THREAD_ROUTINE;
-FORCEINLINE
-KIRQL
-KeRaiseIrqlToSynchLevel(VOID)
-{
- return KfRaiseIrql(12); // SYNCH_LEVEL = IPI_LEVEL - 2
-}
+typedef struct _WORK_QUEUE_ITEM {
+ LIST_ENTRY List;
+ PWORKER_THREAD_ROUTINE WorkerRoutine;
+ volatile PVOID Parameter;
+} WORK_QUEUE_ITEM, *PWORK_QUEUE_ITEM;
-FORCEINLINE
-PKTHREAD
-KeGetCurrentThread(VOID)
-{
- return (struct _KTHREAD *)__readgsqword(0x188);
-}
+typedef ULONG_PTR ERESOURCE_THREAD, *PERESOURCE_THREAD;
-FORCEINLINE
-NTSTATUS
-KeSaveFloatingPointState(PVOID FloatingState)
-{
- UNREFERENCED_PARAMETER(FloatingState);
- return STATUS_SUCCESS;
-}
+typedef struct _OWNER_ENTRY {
+ ERESOURCE_THREAD OwnerThread;
+ _ANONYMOUS_UNION union {
+ _ANONYMOUS_STRUCT struct {
+ ULONG IoPriorityBoosted:1;
+ ULONG OwnerReferenced:1;
+ ULONG OwnerCount:30;
+ } DUMMYSTRUCTNAME;
+ ULONG TableSize;
+ } DUMMYUNIONNAME;
+} OWNER_ENTRY, *POWNER_ENTRY;
-FORCEINLINE
-NTSTATUS
-KeRestoreFloatingPointState(PVOID FloatingState)
-{
- UNREFERENCED_PARAMETER(FloatingState);
- return STATUS_SUCCESS;
-}
+typedef struct _ERESOURCE {
+ LIST_ENTRY SystemResourcesList;
+ POWNER_ENTRY OwnerTable;
+ SHORT ActiveCount;
+ USHORT Flag;
+ volatile PKSEMAPHORE SharedWaiters;
+ volatile PKEVENT ExclusiveWaiters;
+ OWNER_ENTRY OwnerEntry;
+ ULONG ActiveEntries;
+ ULONG ContentionCount;
+ ULONG NumberOfSharedWaiters;
+ ULONG NumberOfExclusiveWaiters;
+#if defined(_WIN64)
+ PVOID Reserved2;
+#endif
+ _ANONYMOUS_UNION union {
+ PVOID Address;
+ ULONG_PTR CreatorBackTraceIndex;
+ } DUMMYUNIONNAME;
+ KSPIN_LOCK SpinLock;
+} ERESOURCE, *PERESOURCE;
-/* VOID
- * KeFlushIoBuffers(
- * IN PMDL Mdl,
- * IN BOOLEAN ReadOperation,
- * IN BOOLEAN DmaOperation)
- */
-#define KeFlushIoBuffers(_Mdl, _ReadOperation, _DmaOperation)
+/* ERESOURCE.Flag */
+#define ResourceNeverExclusive 0x0010
+#define ResourceReleaseByOtherThread 0x0020
+#define ResourceOwnedExclusive 0x0080
-/* x86 and x64 performs a 0x2C interrupt */
-#define DbgRaiseAssertionFailure __int2c
+#define RESOURCE_HASH_TABLE_SIZE 64
-#elif defined(_M_IA64)
-/** Kernel definitions for IA64 **/
+typedef struct _RESOURCE_HASH_ENTRY {
+ LIST_ENTRY ListEntry;
+ PVOID Address;
+ ULONG ContentionCount;
+ ULONG Number;
+} RESOURCE_HASH_ENTRY, *PRESOURCE_HASH_ENTRY;
-/* Interrupt request levels */
-#define PASSIVE_LEVEL 0
-#define LOW_LEVEL 0
-#define APC_LEVEL 1
-#define DISPATCH_LEVEL 2
-#define CMC_LEVEL 3
-#define DEVICE_LEVEL_BASE 4
-#define PC_LEVEL 12
-#define IPI_LEVEL 14
-#define DRS_LEVEL 14
-#define CLOCK_LEVEL 13
-#define POWER_LEVEL 15
-#define PROFILE_LEVEL 15
-#define HIGH_LEVEL 15
+typedef struct _RESOURCE_PERFORMANCE_DATA {
+ ULONG ActiveResourceCount;
+ ULONG TotalResourceCount;
+ ULONG ExclusiveAcquire;
+ ULONG SharedFirstLevel;
+ ULONG SharedSecondLevel;
+ ULONG StarveFirstLevel;
+ ULONG StarveSecondLevel;
+ ULONG WaitForExclusive;
+ ULONG OwnerTableExpands;
+ ULONG MaximumTableExpand;
+ LIST_ENTRY HashTable[RESOURCE_HASH_TABLE_SIZE];
+} RESOURCE_PERFORMANCE_DATA, *PRESOURCE_PERFORMANCE_DATA;
-#define KI_USER_SHARED_DATA ((ULONG_PTR)(KADDRESS_BASE + 0xFFFE0000))
-extern volatile LARGE_INTEGER KeTickCount;
+/* Global debug flag */
+#if DEVL
+extern ULONG NtGlobalFlag;
+#define IF_NTOS_DEBUG(FlagName) if (NtGlobalFlag & (FLG_##FlagName))
+#else
+#define IF_NTOS_DEBUG(FlagName) if(FALSE)
+#endif
-#define PAUSE_PROCESSOR __yield();
+/******************************************************************************
+ * Security Manager Types *
+ ******************************************************************************/
-FORCEINLINE
-VOID
-KeFlushWriteBuffer(VOID)
-{
- __mf ();
- return;
-}
+/* Simple types */
+typedef PVOID PSECURITY_DESCRIPTOR;
+typedef ULONG SECURITY_INFORMATION, *PSECURITY_INFORMATION;
+typedef ULONG ACCESS_MASK, *PACCESS_MASK;
+typedef PVOID PACCESS_TOKEN;
+typedef PVOID PSID;
-NTSYSAPI
-PKTHREAD
-NTAPI
-KeGetCurrentThread(VOID);
+#define DELETE 0x00010000L
+#define READ_CONTROL 0x00020000L
+#define WRITE_DAC 0x00040000L
+#define WRITE_OWNER 0x00080000L
+#define SYNCHRONIZE 0x00100000L
+#define STANDARD_RIGHTS_REQUIRED 0x000F0000L
+#define STANDARD_RIGHTS_READ READ_CONTROL
+#define STANDARD_RIGHTS_WRITE READ_CONTROL
+#define STANDARD_RIGHTS_EXECUTE READ_CONTROL
+#define STANDARD_RIGHTS_ALL 0x001F0000L
+#define SPECIFIC_RIGHTS_ALL 0x0000FFFFL
+#define ACCESS_SYSTEM_SECURITY 0x01000000L
+#define MAXIMUM_ALLOWED 0x02000000L
+#define GENERIC_READ 0x80000000L
+#define GENERIC_WRITE 0x40000000L
+#define GENERIC_EXECUTE 0x20000000L
+#define GENERIC_ALL 0x10000000L
+typedef struct _GENERIC_MAPPING {
+ ACCESS_MASK GenericRead;
+ ACCESS_MASK GenericWrite;
+ ACCESS_MASK GenericExecute;
+ ACCESS_MASK GenericAll;
+} GENERIC_MAPPING, *PGENERIC_MAPPING;
-#elif defined(_M_PPC)
+#define ACL_REVISION 2
+#define ACL_REVISION_DS 4
-/* Interrupt request levels */
-#define PASSIVE_LEVEL 0
-#define LOW_LEVEL 0
-#define APC_LEVEL 1
-#define DISPATCH_LEVEL 2
-#define PROFILE_LEVEL 27
-#define CLOCK1_LEVEL 28
-#define CLOCK2_LEVEL 28
-#define IPI_LEVEL 29
-#define POWER_LEVEL 30
-#define HIGH_LEVEL 31
+#define ACL_REVISION1 1
+#define ACL_REVISION2 2
+#define ACL_REVISION3 3
+#define ACL_REVISION4 4
+#define MIN_ACL_REVISION ACL_REVISION2
+#define MAX_ACL_REVISION ACL_REVISION4
-//
-// Used to contain PFNs and PFN counts
-//
-typedef ULONG PFN_COUNT;
-typedef ULONG PFN_NUMBER, *PPFN_NUMBER;
-typedef LONG SPFN_NUMBER, *PSPFN_NUMBER;
+typedef struct _ACL {
+ UCHAR AclRevision;
+ UCHAR Sbz1;
+ USHORT AclSize;
+ USHORT AceCount;
+ USHORT Sbz2;
+} ACL, *PACL;
+/* Current security descriptor revision value */
+#define SECURITY_DESCRIPTOR_REVISION (1)
+#define SECURITY_DESCRIPTOR_REVISION1 (1)
-typedef struct _KFLOATING_SAVE {
- ULONG Dummy;
-} KFLOATING_SAVE, *PKFLOATING_SAVE;
+/* Privilege attributes */
+#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L)
+#define SE_PRIVILEGE_ENABLED (0x00000002L)
+#define SE_PRIVILEGE_REMOVED (0X00000004L)
+#define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
-typedef struct _KPCR_TIB {
- PVOID ExceptionList; /* 00 */
- PVOID StackBase; /* 04 */
- PVOID StackLimit; /* 08 */
- PVOID SubSystemTib; /* 0C */
- _ANONYMOUS_UNION union {
- PVOID FiberData; /* 10 */
- ULONG Version; /* 10 */
- } DUMMYUNIONNAME;
- PVOID ArbitraryUserPointer; /* 14 */
- struct _KPCR_TIB *Self; /* 18 */
-} KPCR_TIB, *PKPCR_TIB; /* 1C */
-
-#define PCR_MINOR_VERSION 1
-#define PCR_MAJOR_VERSION 1
-
-typedef struct _KPCR {
- KPCR_TIB Tib; /* 00 */
- struct _KPCR *Self; /* 1C */
- struct _KPRCB *Prcb; /* 20 */
- KIRQL Irql; /* 24 */
- ULONG IRR; /* 28 */
- ULONG IrrActive; /* 2C */
- ULONG IDR; /* 30 */
- PVOID KdVersionBlock; /* 34 */
- PUSHORT IDT; /* 38 */
- PUSHORT GDT; /* 3C */
- struct _KTSS *TSS; /* 40 */
- USHORT MajorVersion; /* 44 */
- USHORT MinorVersion; /* 46 */
- KAFFINITY SetMember; /* 48 */
- ULONG StallScaleFactor; /* 4C */
- UCHAR SpareUnused; /* 50 */
- UCHAR Number; /* 51 */
-} KPCR, *PKPCR; /* 54 */
+#define SE_PRIVILEGE_VALID_ATTRIBUTES (SE_PRIVILEGE_ENABLED_BY_DEFAULT | \
+ SE_PRIVILEGE_ENABLED | \
+ SE_PRIVILEGE_REMOVED | \
+ SE_PRIVILEGE_USED_FOR_ACCESS)
-#define KeGetPcr() PCR
+#include <pshpack4.h>
+typedef struct _LUID_AND_ATTRIBUTES {
+ LUID Luid;
+ ULONG Attributes;
+} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
+#include <poppack.h>
-#define YieldProcessor() __asm__ __volatile__("nop");
+typedef LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
+typedef LUID_AND_ATTRIBUTES_ARRAY *PLUID_AND_ATTRIBUTES_ARRAY;
-FORCEINLINE
-ULONG
-NTAPI
-KeGetCurrentProcessorNumber(VOID)
-{
- ULONG Number;
- __asm__ __volatile__ (
- "lwz %0, %c1(12)\n"
- : "=r" (Number)
- : "i" (FIELD_OFFSET(KPCR, Number))
- );
- return Number;
-}
+/* Privilege sets */
+#define PRIVILEGE_SET_ALL_NECESSARY (1)
-NTHALAPI
-VOID
-FASTCALL
-KfLowerIrql(
- IN KIRQL NewIrql);
-#define KeLowerIrql(a) KfLowerIrql(a)
+typedef struct _PRIVILEGE_SET {
+ ULONG PrivilegeCount;
+ ULONG Control;
+ LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY];
+} PRIVILEGE_SET,*PPRIVILEGE_SET;
-NTHALAPI
-KIRQL
-FASTCALL
-KfRaiseIrql(
- IN KIRQL NewIrql);
-#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
+typedef enum _SECURITY_IMPERSONATION_LEVEL {
+ SecurityAnonymous,
+ SecurityIdentification,
+ SecurityImpersonation,
+ SecurityDelegation
+} SECURITY_IMPERSONATION_LEVEL, * PSECURITY_IMPERSONATION_LEVEL;
-NTHALAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToDpcLevel(VOID);
+#define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation
+#define SECURITY_MIN_IMPERSONATION_LEVEL SecurityAnonymous
+#define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation
+#define VALID_IMPERSONATION_LEVEL(Level) (((Level) >= SECURITY_MIN_IMPERSONATION_LEVEL) && ((Level) <= SECURITY_MAX_IMPERSONATION_LEVEL))
-NTHALAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToSynchLevel(VOID);
+#define SECURITY_DYNAMIC_TRACKING (TRUE)
+#define SECURITY_STATIC_TRACKING (FALSE)
+typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE, *PSECURITY_CONTEXT_TRACKING_MODE;
+typedef struct _SECURITY_QUALITY_OF_SERVICE {
+ ULONG Length;
+ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+ SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode;
+ BOOLEAN EffectiveOnly;
+} SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE;
-#elif defined(_M_MIPS)
-#error MIPS Headers are totally incorrect
+typedef struct _SE_IMPERSONATION_STATE {
+ PACCESS_TOKEN Token;
+ BOOLEAN CopyOnOpen;
+ BOOLEAN EffectiveOnly;
+ SECURITY_IMPERSONATION_LEVEL Level;
+} SE_IMPERSONATION_STATE, *PSE_IMPERSONATION_STATE;
-//
-// Used to contain PFNs and PFN counts
-//
-typedef ULONG PFN_COUNT;
-typedef ULONG PFN_NUMBER, *PPFN_NUMBER;
-typedef LONG SPFN_NUMBER, *PSPFN_NUMBER;
+#define OWNER_SECURITY_INFORMATION (0x00000001L)
+#define GROUP_SECURITY_INFORMATION (0x00000002L)
+#define DACL_SECURITY_INFORMATION (0x00000004L)
+#define SACL_SECURITY_INFORMATION (0x00000008L)
+#define LABEL_SECURITY_INFORMATION (0x00000010L)
-#define PASSIVE_LEVEL 0
-#define APC_LEVEL 1
-#define DISPATCH_LEVEL 2
-#define PROFILE_LEVEL 27
-#define IPI_LEVEL 29
-#define HIGH_LEVEL 31
+#define PROTECTED_DACL_SECURITY_INFORMATION (0x80000000L)
+#define PROTECTED_SACL_SECURITY_INFORMATION (0x40000000L)
+#define UNPROTECTED_DACL_SECURITY_INFORMATION (0x20000000L)
+#define UNPROTECTED_SACL_SECURITY_INFORMATION (0x10000000L)
-typedef struct _KPCR {
- struct _KPRCB *Prcb; /* 20 */
- KIRQL Irql; /* 24 */
- ULONG IRR; /* 28 */
- ULONG IDR; /* 30 */
-} KPCR, *PKPCR;
+typedef enum _SECURITY_OPERATION_CODE {
+ SetSecurityDescriptor,
+ QuerySecurityDescriptor,
+ DeleteSecurityDescriptor,
+ AssignSecurityDescriptor
+} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
-#define KeGetPcr() PCR
+#define INITIAL_PRIVILEGE_COUNT 3
-typedef struct _KFLOATING_SAVE {
-} KFLOATING_SAVE, *PKFLOATING_SAVE;
+typedef struct _INITIAL_PRIVILEGE_SET {
+ ULONG PrivilegeCount;
+ ULONG Control;
+ LUID_AND_ATTRIBUTES Privilege[INITIAL_PRIVILEGE_COUNT];
+} INITIAL_PRIVILEGE_SET, * PINITIAL_PRIVILEGE_SET;
-static __inline
-ULONG
-NTAPI
-KeGetCurrentProcessorNumber(VOID)
-{
- return 0;
-}
+#define SE_MIN_WELL_KNOWN_PRIVILEGE 2
+#define SE_CREATE_TOKEN_PRIVILEGE 2
+#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3
+#define SE_LOCK_MEMORY_PRIVILEGE 4
+#define SE_INCREASE_QUOTA_PRIVILEGE 5
+#define SE_MACHINE_ACCOUNT_PRIVILEGE 6
+#define SE_TCB_PRIVILEGE 7
+#define SE_SECURITY_PRIVILEGE 8
+#define SE_TAKE_OWNERSHIP_PRIVILEGE 9
+#define SE_LOAD_DRIVER_PRIVILEGE 10
+#define SE_SYSTEM_PROFILE_PRIVILEGE 11
+#define SE_SYSTEMTIME_PRIVILEGE 12
+#define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13
+#define SE_INC_BASE_PRIORITY_PRIVILEGE 14
+#define SE_CREATE_PAGEFILE_PRIVILEGE 15
+#define SE_CREATE_PERMANENT_PRIVILEGE 16
+#define SE_BACKUP_PRIVILEGE 17
+#define SE_RESTORE_PRIVILEGE 18
+#define SE_SHUTDOWN_PRIVILEGE 19
+#define SE_DEBUG_PRIVILEGE 20
+#define SE_AUDIT_PRIVILEGE 21
+#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
+#define SE_CHANGE_NOTIFY_PRIVILEGE 23
+#define SE_REMOTE_SHUTDOWN_PRIVILEGE 24
+#define SE_UNDOCK_PRIVILEGE 25
+#define SE_SYNC_AGENT_PRIVILEGE 26
+#define SE_ENABLE_DELEGATION_PRIVILEGE 27
+#define SE_MANAGE_VOLUME_PRIVILEGE 28
+#define SE_IMPERSONATE_PRIVILEGE 29
+#define SE_CREATE_GLOBAL_PRIVILEGE 30
+#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE 31
+#define SE_RELABEL_PRIVILEGE 32
+#define SE_INC_WORKING_SET_PRIVILEGE 33
+#define SE_TIME_ZONE_PRIVILEGE 34
+#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
+#define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
-#define YieldProcessor() __asm__ __volatile__("nop");
+typedef struct _SECURITY_SUBJECT_CONTEXT {
+ PACCESS_TOKEN ClientToken;
+ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+ PACCESS_TOKEN PrimaryToken;
+ PVOID ProcessAuditId;
+} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
-#define KeLowerIrql(a) KfLowerIrql(a)
-#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
+typedef struct _ACCESS_STATE {
+ LUID OperationID;
+ BOOLEAN SecurityEvaluated;
+ BOOLEAN GenerateAudit;
+ BOOLEAN GenerateOnClose;
+ BOOLEAN PrivilegesAllocated;
+ ULONG Flags;
+ ACCESS_MASK RemainingDesiredAccess;
+ ACCESS_MASK PreviouslyGrantedAccess;
+ ACCESS_MASK OriginalDesiredAccess;
+ SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
+ PSECURITY_DESCRIPTOR SecurityDescriptor;
+ PVOID AuxData;
+ union {
+ INITIAL_PRIVILEGE_SET InitialPrivilegeSet;
+ PRIVILEGE_SET PrivilegeSet;
+ } Privileges;
+ BOOLEAN AuditPrivileges;
+ UNICODE_STRING ObjectName;
+ UNICODE_STRING ObjectTypeName;
+} ACCESS_STATE, *PACCESS_STATE;
-NTKERNELAPI
-VOID
-NTAPI
-KfLowerIrql(
- IN KIRQL NewIrql);
+typedef VOID
+(NTAPI *PNTFS_DEREF_EXPORTED_SECURITY_DESCRIPTOR)(
+ _In_ PVOID Vcb,
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
-NTKERNELAPI
-KIRQL
-NTAPI
-KfRaiseIrql(
- IN KIRQL NewIrql);
+#ifndef _NTLSA_IFS_
-NTKERNELAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToDpcLevel(VOID);
+#ifndef _NTLSA_AUDIT_
+#define _NTLSA_AUDIT_
-NTKERNELAPI
-KIRQL
-NTAPI
-KeRaiseIrqlToSynchLevel(VOID);
+#define SE_MAX_AUDIT_PARAMETERS 32
+#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
-
-#elif defined(_M_ARM)
-#include <armddk.h>
-#else
-#error Unknown Architecture
-#endif
-
-/******************************************************************************
- * Memory manager Types *
- ******************************************************************************/
-
-#if (NTDDI_VERSION >= NTDDI_WIN2K)
-typedef ULONG NODE_REQUIREMENT;
-#define MM_ANY_NODE_OK 0x80000000
-#endif
-
-#define MM_DONT_ZERO_ALLOCATION 0x00000001
-#define MM_ALLOCATE_FROM_LOCAL_NODE_ONLY 0x00000002
-#define MM_ALLOCATE_FULLY_REQUIRED 0x00000004
-#define MM_ALLOCATE_NO_WAIT 0x00000008
-#define MM_ALLOCATE_PREFER_CONTIGUOUS 0x00000010
-#define MM_ALLOCATE_REQUIRE_CONTIGUOUS_CHUNKS 0x00000020
-
-#define MDL_MAPPED_TO_SYSTEM_VA 0x0001
-#define MDL_PAGES_LOCKED 0x0002
-#define MDL_SOURCE_IS_NONPAGED_POOL 0x0004
-#define MDL_ALLOCATED_FIXED_SIZE 0x0008
-#define MDL_PARTIAL 0x0010
-#define MDL_PARTIAL_HAS_BEEN_MAPPED 0x0020
-#define MDL_IO_PAGE_READ 0x0040
-#define MDL_WRITE_OPERATION 0x0080
-#define MDL_PARENT_MAPPED_SYSTEM_VA 0x0100
-#define MDL_FREE_EXTRA_PTES 0x0200
-#define MDL_DESCRIBES_AWE 0x0400
-#define MDL_IO_SPACE 0x0800
-#define MDL_NETWORK_HEADER 0x1000
-#define MDL_MAPPING_CAN_FAIL 0x2000
-#define MDL_ALLOCATED_MUST_SUCCEED 0x4000
-#define MDL_INTERNAL 0x8000
-
-#define MDL_MAPPING_FLAGS (MDL_MAPPED_TO_SYSTEM_VA | \
- MDL_PAGES_LOCKED | \
- MDL_SOURCE_IS_NONPAGED_POOL | \
- MDL_PARTIAL_HAS_BEEN_MAPPED | \
- MDL_PARENT_MAPPED_SYSTEM_VA | \
- MDL_SYSTEM_VA | \
- MDL_IO_SPACE)
-
-#define FLUSH_MULTIPLE_MAXIMUM 32
-
-/* Section access rights */
-#define SECTION_QUERY 0x0001
-#define SECTION_MAP_WRITE 0x0002
-#define SECTION_MAP_READ 0x0004
-#define SECTION_MAP_EXECUTE 0x0008
-#define SECTION_EXTEND_SIZE 0x0010
-#define SECTION_MAP_EXECUTE_EXPLICIT 0x0020
-
-#define SECTION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SECTION_QUERY| \
- SECTION_MAP_WRITE | \
- SECTION_MAP_READ | \
- SECTION_MAP_EXECUTE | \
- SECTION_EXTEND_SIZE)
-
-#define SESSION_QUERY_ACCESS 0x0001
-#define SESSION_MODIFY_ACCESS 0x0002
-
-#define SESSION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
- SESSION_QUERY_ACCESS | \
- SESSION_MODIFY_ACCESS)
-
-#define SEGMENT_ALL_ACCESS SECTION_ALL_ACCESS
-
-#define PAGE_NOACCESS 0x01
-#define PAGE_READONLY 0x02
-#define PAGE_READWRITE 0x04
-#define PAGE_WRITECOPY 0x08
-#define PAGE_EXECUTE 0x10
-#define PAGE_EXECUTE_READ 0x20
-#define PAGE_EXECUTE_READWRITE 0x40
-#define PAGE_EXECUTE_WRITECOPY 0x80
-#define PAGE_GUARD 0x100
-#define PAGE_NOCACHE 0x200
-#define PAGE_WRITECOMBINE 0x400
-
-#define MEM_COMMIT 0x1000
-#define MEM_RESERVE 0x2000
-#define MEM_DECOMMIT 0x4000
-#define MEM_RELEASE 0x8000
-#define MEM_FREE 0x10000
-#define MEM_PRIVATE 0x20000
-#define MEM_MAPPED 0x40000
-#define MEM_RESET 0x80000
-#define MEM_TOP_DOWN 0x100000
-#define MEM_LARGE_PAGES 0x20000000
-#define MEM_4MB_PAGES 0x80000000
-
-#define SEC_RESERVE 0x4000000
-#define SEC_COMMIT 0x8000000
-#define SEC_LARGE_PAGES 0x80000000
-
-/* Section map options */
-typedef enum _SECTION_INHERIT {
- ViewShare = 1,
- ViewUnmap = 2
-} SECTION_INHERIT;
-
-typedef ULONG PFN_COUNT;
-typedef LONG_PTR SPFN_NUMBER, *PSPFN_NUMBER;
-typedef ULONG_PTR PFN_NUMBER, *PPFN_NUMBER;
-
-_Struct_size_bytes_(_Inexpressible_(sizeof(struct _MDL) +
- (ByteOffset + ByteCount + PAGE_SIZE-1) / PAGE_SIZE * sizeof(PFN_NUMBER)))
-typedef struct _MDL {
- struct _MDL *Next;
- CSHORT Size;
- CSHORT MdlFlags;
- struct _EPROCESS *Process;
- PVOID MappedSystemVa;
- PVOID StartVa;
- ULONG ByteCount;
- ULONG ByteOffset;
-} MDL, *PMDL;
-#if (_MSC_VER >= 1600)
-typedef _Readable_bytes_(_Inexpressible_(polymorphism)) MDL *PMDLX;
-#else
-typedef MDL *PMDLX;
-#endif
-
-typedef enum _MEMORY_CACHING_TYPE_ORIG {
- MmFrameBufferCached = 2
-} MEMORY_CACHING_TYPE_ORIG;
-
-typedef enum _MEMORY_CACHING_TYPE {
- MmNonCached = FALSE,
- MmCached = TRUE,
- MmWriteCombined = MmFrameBufferCached,
- MmHardwareCoherentCached,
- MmNonCachedUnordered,
- MmUSWCCached,
- MmMaximumCacheType
-} MEMORY_CACHING_TYPE;
-
-typedef enum _MM_PAGE_PRIORITY {
- LowPagePriority,
- NormalPagePriority = 16,
- HighPagePriority = 32
-} MM_PAGE_PRIORITY;
-
-typedef enum _MM_SYSTEM_SIZE {
- MmSmallSystem,
- MmMediumSystem,
- MmLargeSystem
-} MM_SYSTEMSIZE;
-
-extern NTKERNELAPI BOOLEAN Mm64BitPhysicalAddress;
-extern PVOID MmBadPointer;
-
-
-/******************************************************************************
- * Executive Types *
- ******************************************************************************/
-#define EX_RUNDOWN_ACTIVE 0x1
-#define EX_RUNDOWN_COUNT_SHIFT 0x1
-#define EX_RUNDOWN_COUNT_INC (1 << EX_RUNDOWN_COUNT_SHIFT)
-
-typedef struct _FAST_MUTEX {
- volatile LONG Count;
- PKTHREAD Owner;
- ULONG Contention;
- KEVENT Event;
- ULONG OldIrql;
-} FAST_MUTEX, *PFAST_MUTEX;
-
-typedef enum _SUITE_TYPE {
- SmallBusiness,
- Enterprise,
- BackOffice,
- CommunicationServer,
- TerminalServer,
- SmallBusinessRestricted,
- EmbeddedNT,
- DataCenter,
- SingleUserTS,
- Personal,
- Blade,
- EmbeddedRestricted,
- SecurityAppliance,
- StorageServer,
- ComputeServer,
- WHServer,
- MaxSuiteType
-} SUITE_TYPE;
-
-typedef enum _EX_POOL_PRIORITY {
- LowPoolPriority,
- LowPoolPrioritySpecialPoolOverrun = 8,
- LowPoolPrioritySpecialPoolUnderrun = 9,
- NormalPoolPriority = 16,
- NormalPoolPrioritySpecialPoolOverrun = 24,
- NormalPoolPrioritySpecialPoolUnderrun = 25,
- HighPoolPriority = 32,
- HighPoolPrioritySpecialPoolOverrun = 40,
- HighPoolPrioritySpecialPoolUnderrun = 41
-} EX_POOL_PRIORITY;
-
-#if !defined(_WIN64) && (defined(_NTDDK_) || defined(_NTIFS_) || defined(_NDIS_))
-#define LOOKASIDE_ALIGN
-#else
-#define LOOKASIDE_ALIGN /* FIXME: DECLSPEC_CACHEALIGN */
-#endif
-
-typedef struct _LOOKASIDE_LIST_EX *PLOOKASIDE_LIST_EX;
-
-_IRQL_requires_same_
-_Function_class_(ALLOCATE_FUNCTION)
-typedef PVOID
-(NTAPI *PALLOCATE_FUNCTION)(
- _In_ POOL_TYPE PoolType,
- _In_ SIZE_T NumberOfBytes,
- _In_ ULONG Tag);
-
-_IRQL_requires_same_
-_Function_class_(ALLOCATE_FUNCTION_EX)
-typedef PVOID
-(NTAPI *PALLOCATE_FUNCTION_EX)(
- _In_ POOL_TYPE PoolType,
- _In_ SIZE_T NumberOfBytes,
- _In_ ULONG Tag,
- _Inout_ PLOOKASIDE_LIST_EX Lookaside);
-
-_IRQL_requires_same_
-_Function_class_(FREE_FUNCTION)
-typedef VOID
-(NTAPI *PFREE_FUNCTION)(
- _In_ PVOID Buffer);
-
-_IRQL_requires_same_
-_Function_class_(FREE_FUNCTION_EX)
-typedef VOID
-(NTAPI *PFREE_FUNCTION_EX)(
- _In_ PVOID Buffer,
- _Inout_ PLOOKASIDE_LIST_EX Lookaside);
-
-_IRQL_requires_same_
-_Function_class_(CALLBACK_FUNCTION)
-typedef VOID
-(NTAPI CALLBACK_FUNCTION)(
- _In_opt_ PVOID CallbackContext,
- _In_opt_ PVOID Argument1,
- _In_opt_ PVOID Argument2);
-typedef CALLBACK_FUNCTION *PCALLBACK_FUNCTION;
-
-#define GENERAL_LOOKASIDE_LAYOUT \
- _ANONYMOUS_UNION union { \
- SLIST_HEADER ListHead; \
- SINGLE_LIST_ENTRY SingleListHead; \
- } DUMMYUNIONNAME; \
- USHORT Depth; \
- USHORT MaximumDepth; \
- ULONG TotalAllocates; \
- _ANONYMOUS_UNION union { \
- ULONG AllocateMisses; \
- ULONG AllocateHits; \
- } DUMMYUNIONNAME2; \
- ULONG TotalFrees; \
- _ANONYMOUS_UNION union { \
- ULONG FreeMisses; \
- ULONG FreeHits; \
- } DUMMYUNIONNAME3; \
- POOL_TYPE Type; \
- ULONG Tag; \
- ULONG Size; \
- _ANONYMOUS_UNION union { \
- PALLOCATE_FUNCTION_EX AllocateEx; \
- PALLOCATE_FUNCTION Allocate; \
- } DUMMYUNIONNAME4; \
- _ANONYMOUS_UNION union { \
- PFREE_FUNCTION_EX FreeEx; \
- PFREE_FUNCTION Free; \
- } DUMMYUNIONNAME5; \
- LIST_ENTRY ListEntry; \
- ULONG LastTotalAllocates; \
- _ANONYMOUS_UNION union { \
- ULONG LastAllocateMisses; \
- ULONG LastAllocateHits; \
- } DUMMYUNIONNAME6; \
- ULONG Future[2];
-
-typedef struct LOOKASIDE_ALIGN _GENERAL_LOOKASIDE {
- GENERAL_LOOKASIDE_LAYOUT
-} GENERAL_LOOKASIDE, *PGENERAL_LOOKASIDE;
-
-typedef struct _GENERAL_LOOKASIDE_POOL {
- GENERAL_LOOKASIDE_LAYOUT
-} GENERAL_LOOKASIDE_POOL, *PGENERAL_LOOKASIDE_POOL;
-
-#define LOOKASIDE_CHECK(f) \
- C_ASSERT(FIELD_OFFSET(GENERAL_LOOKASIDE,f) == FIELD_OFFSET(GENERAL_LOOKASIDE_POOL,f))
-
-LOOKASIDE_CHECK(TotalFrees);
-LOOKASIDE_CHECK(Tag);
-LOOKASIDE_CHECK(Future);
-
-typedef struct LOOKASIDE_ALIGN _PAGED_LOOKASIDE_LIST {
- GENERAL_LOOKASIDE L;
-#if !defined(_AMD64_) && !defined(_IA64_)
- FAST_MUTEX Lock__ObsoleteButDoNotDelete;
-#endif
-} PAGED_LOOKASIDE_LIST, *PPAGED_LOOKASIDE_LIST;
-
-typedef struct LOOKASIDE_ALIGN _NPAGED_LOOKASIDE_LIST {
- GENERAL_LOOKASIDE L;
-#if !defined(_AMD64_) && !defined(_IA64_)
- KSPIN_LOCK Lock__ObsoleteButDoNotDelete;
-#endif
-} NPAGED_LOOKASIDE_LIST, *PNPAGED_LOOKASIDE_LIST;
-
-#define LOOKASIDE_MINIMUM_BLOCK_SIZE (RTL_SIZEOF_THROUGH_FIELD (SLIST_ENTRY, Next))
-
-typedef struct _LOOKASIDE_LIST_EX {
- GENERAL_LOOKASIDE_POOL L;
-} LOOKASIDE_LIST_EX;
-
-#if (NTDDI_VERSION >= NTDDI_VISTA)
-
-#define EX_LOOKASIDE_LIST_EX_FLAGS_RAISE_ON_FAIL 0x00000001UL
-#define EX_LOOKASIDE_LIST_EX_FLAGS_FAIL_NO_RAISE 0x00000002UL
-
-#define EX_MAXIMUM_LOOKASIDE_DEPTH_BASE 256
-#define EX_MAXIMUM_LOOKASIDE_DEPTH_LIMIT 1024
-
-#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
-
-typedef struct _EX_RUNDOWN_REF {
- _ANONYMOUS_UNION union {
- volatile ULONG_PTR Count;
- volatile PVOID Ptr;
- } DUMMYUNIONNAME;
-} EX_RUNDOWN_REF, *PEX_RUNDOWN_REF;
-
-typedef struct _EX_RUNDOWN_REF_CACHE_AWARE *PEX_RUNDOWN_REF_CACHE_AWARE;
-
-typedef enum _WORK_QUEUE_TYPE {
- CriticalWorkQueue,
- DelayedWorkQueue,
- HyperCriticalWorkQueue,
- MaximumWorkQueue
-} WORK_QUEUE_TYPE;
-
-_IRQL_requires_same_
-_Function_class_(WORKER_THREAD_ROUTINE)
-typedef VOID
-(NTAPI WORKER_THREAD_ROUTINE)(
- _In_ PVOID Parameter);
-typedef WORKER_THREAD_ROUTINE *PWORKER_THREAD_ROUTINE;
-
-typedef struct _WORK_QUEUE_ITEM {
- LIST_ENTRY List;
- PWORKER_THREAD_ROUTINE WorkerRoutine;
- volatile PVOID Parameter;
-} WORK_QUEUE_ITEM, *PWORK_QUEUE_ITEM;
-
-typedef ULONG_PTR ERESOURCE_THREAD, *PERESOURCE_THREAD;
-
-typedef struct _OWNER_ENTRY {
- ERESOURCE_THREAD OwnerThread;
- _ANONYMOUS_UNION union {
- _ANONYMOUS_STRUCT struct {
- ULONG IoPriorityBoosted:1;
- ULONG OwnerReferenced:1;
- ULONG OwnerCount:30;
- } DUMMYSTRUCTNAME;
- ULONG TableSize;
- } DUMMYUNIONNAME;
-} OWNER_ENTRY, *POWNER_ENTRY;
-
-typedef struct _ERESOURCE {
- LIST_ENTRY SystemResourcesList;
- POWNER_ENTRY OwnerTable;
- SHORT ActiveCount;
- USHORT Flag;
- volatile PKSEMAPHORE SharedWaiters;
- volatile PKEVENT ExclusiveWaiters;
- OWNER_ENTRY OwnerEntry;
- ULONG ActiveEntries;
- ULONG ContentionCount;
- ULONG NumberOfSharedWaiters;
- ULONG NumberOfExclusiveWaiters;
-#if defined(_WIN64)
- PVOID Reserved2;
-#endif
- _ANONYMOUS_UNION union {
- PVOID Address;
- ULONG_PTR CreatorBackTraceIndex;
- } DUMMYUNIONNAME;
- KSPIN_LOCK SpinLock;
-} ERESOURCE, *PERESOURCE;
-
-/* ERESOURCE.Flag */
-#define ResourceNeverExclusive 0x0010
-#define ResourceReleaseByOtherThread 0x0020
-#define ResourceOwnedExclusive 0x0080
-
-#define RESOURCE_HASH_TABLE_SIZE 64
-
-typedef struct _RESOURCE_HASH_ENTRY {
- LIST_ENTRY ListEntry;
- PVOID Address;
- ULONG ContentionCount;
- ULONG Number;
-} RESOURCE_HASH_ENTRY, *PRESOURCE_HASH_ENTRY;
-
-typedef struct _RESOURCE_PERFORMANCE_DATA {
- ULONG ActiveResourceCount;
- ULONG TotalResourceCount;
- ULONG ExclusiveAcquire;
- ULONG SharedFirstLevel;
- ULONG SharedSecondLevel;
- ULONG StarveFirstLevel;
- ULONG StarveSecondLevel;
- ULONG WaitForExclusive;
- ULONG OwnerTableExpands;
- ULONG MaximumTableExpand;
- LIST_ENTRY HashTable[RESOURCE_HASH_TABLE_SIZE];
-} RESOURCE_PERFORMANCE_DATA, *PRESOURCE_PERFORMANCE_DATA;
-
-/* Global debug flag */
-#if DEVL
-extern ULONG NtGlobalFlag;
-#define IF_NTOS_DEBUG(FlagName) if (NtGlobalFlag & (FLG_##FlagName))
-#else
-#define IF_NTOS_DEBUG(FlagName) if(FALSE)
-#endif
-
-/******************************************************************************
- * Security Manager Types *
- ******************************************************************************/
-
-/* Simple types */
-typedef PVOID PSECURITY_DESCRIPTOR;
-typedef ULONG SECURITY_INFORMATION, *PSECURITY_INFORMATION;
-typedef ULONG ACCESS_MASK, *PACCESS_MASK;
-typedef PVOID PACCESS_TOKEN;
-typedef PVOID PSID;
-
-#define DELETE 0x00010000L
-#define READ_CONTROL 0x00020000L
-#define WRITE_DAC 0x00040000L
-#define WRITE_OWNER 0x00080000L
-#define SYNCHRONIZE 0x00100000L
-#define STANDARD_RIGHTS_REQUIRED 0x000F0000L
-#define STANDARD_RIGHTS_READ READ_CONTROL
-#define STANDARD_RIGHTS_WRITE READ_CONTROL
-#define STANDARD_RIGHTS_EXECUTE READ_CONTROL
-#define STANDARD_RIGHTS_ALL 0x001F0000L
-#define SPECIFIC_RIGHTS_ALL 0x0000FFFFL
-#define ACCESS_SYSTEM_SECURITY 0x01000000L
-#define MAXIMUM_ALLOWED 0x02000000L
-#define GENERIC_READ 0x80000000L
-#define GENERIC_WRITE 0x40000000L
-#define GENERIC_EXECUTE 0x20000000L
-#define GENERIC_ALL 0x10000000L
-
-typedef struct _GENERIC_MAPPING {
- ACCESS_MASK GenericRead;
- ACCESS_MASK GenericWrite;
- ACCESS_MASK GenericExecute;
- ACCESS_MASK GenericAll;
-} GENERIC_MAPPING, *PGENERIC_MAPPING;
-
-#define ACL_REVISION 2
-#define ACL_REVISION_DS 4
-
-#define ACL_REVISION1 1
-#define ACL_REVISION2 2
-#define ACL_REVISION3 3
-#define ACL_REVISION4 4
-#define MIN_ACL_REVISION ACL_REVISION2
-#define MAX_ACL_REVISION ACL_REVISION4
-
-typedef struct _ACL {
- UCHAR AclRevision;
- UCHAR Sbz1;
- USHORT AclSize;
- USHORT AceCount;
- USHORT Sbz2;
-} ACL, *PACL;
-
-/* Current security descriptor revision value */
-#define SECURITY_DESCRIPTOR_REVISION (1)
-#define SECURITY_DESCRIPTOR_REVISION1 (1)
-
-/* Privilege attributes */
-#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L)
-#define SE_PRIVILEGE_ENABLED (0x00000002L)
-#define SE_PRIVILEGE_REMOVED (0X00000004L)
-#define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
-
-#define SE_PRIVILEGE_VALID_ATTRIBUTES (SE_PRIVILEGE_ENABLED_BY_DEFAULT | \
- SE_PRIVILEGE_ENABLED | \
- SE_PRIVILEGE_REMOVED | \
- SE_PRIVILEGE_USED_FOR_ACCESS)
-
-#include <pshpack4.h>
-typedef struct _LUID_AND_ATTRIBUTES {
- LUID Luid;
- ULONG Attributes;
-} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
-#include <poppack.h>
-
-typedef LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
-typedef LUID_AND_ATTRIBUTES_ARRAY *PLUID_AND_ATTRIBUTES_ARRAY;
-
-/* Privilege sets */
-#define PRIVILEGE_SET_ALL_NECESSARY (1)
-
-typedef struct _PRIVILEGE_SET {
- ULONG PrivilegeCount;
- ULONG Control;
- LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY];
-} PRIVILEGE_SET,*PPRIVILEGE_SET;
-
-typedef enum _SECURITY_IMPERSONATION_LEVEL {
- SecurityAnonymous,
- SecurityIdentification,
- SecurityImpersonation,
- SecurityDelegation
-} SECURITY_IMPERSONATION_LEVEL, * PSECURITY_IMPERSONATION_LEVEL;
-
-#define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation
-#define SECURITY_MIN_IMPERSONATION_LEVEL SecurityAnonymous
-#define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation
-#define VALID_IMPERSONATION_LEVEL(Level) (((Level) >= SECURITY_MIN_IMPERSONATION_LEVEL) && ((Level) <= SECURITY_MAX_IMPERSONATION_LEVEL))
-
-#define SECURITY_DYNAMIC_TRACKING (TRUE)
-#define SECURITY_STATIC_TRACKING (FALSE)
-
-typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE, *PSECURITY_CONTEXT_TRACKING_MODE;
-
-typedef struct _SECURITY_QUALITY_OF_SERVICE {
- ULONG Length;
- SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
- SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode;
- BOOLEAN EffectiveOnly;
-} SECURITY_QUALITY_OF_SERVICE, *PSECURITY_QUALITY_OF_SERVICE;
-
-typedef struct _SE_IMPERSONATION_STATE {
- PACCESS_TOKEN Token;
- BOOLEAN CopyOnOpen;
- BOOLEAN EffectiveOnly;
- SECURITY_IMPERSONATION_LEVEL Level;
-} SE_IMPERSONATION_STATE, *PSE_IMPERSONATION_STATE;
-
-#define OWNER_SECURITY_INFORMATION (0x00000001L)
-#define GROUP_SECURITY_INFORMATION (0x00000002L)
-#define DACL_SECURITY_INFORMATION (0x00000004L)
-#define SACL_SECURITY_INFORMATION (0x00000008L)
-#define LABEL_SECURITY_INFORMATION (0x00000010L)
-
-#define PROTECTED_DACL_SECURITY_INFORMATION (0x80000000L)
-#define PROTECTED_SACL_SECURITY_INFORMATION (0x40000000L)
-#define UNPROTECTED_DACL_SECURITY_INFORMATION (0x20000000L)
-#define UNPROTECTED_SACL_SECURITY_INFORMATION (0x10000000L)
-
-typedef enum _SECURITY_OPERATION_CODE {
- SetSecurityDescriptor,
- QuerySecurityDescriptor,
- DeleteSecurityDescriptor,
- AssignSecurityDescriptor
-} SECURITY_OPERATION_CODE, *PSECURITY_OPERATION_CODE;
-
-#define INITIAL_PRIVILEGE_COUNT 3
-
-typedef struct _INITIAL_PRIVILEGE_SET {
- ULONG PrivilegeCount;
- ULONG Control;
- LUID_AND_ATTRIBUTES Privilege[INITIAL_PRIVILEGE_COUNT];
-} INITIAL_PRIVILEGE_SET, * PINITIAL_PRIVILEGE_SET;
-
-#define SE_MIN_WELL_KNOWN_PRIVILEGE 2
-#define SE_CREATE_TOKEN_PRIVILEGE 2
-#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3
-#define SE_LOCK_MEMORY_PRIVILEGE 4
-#define SE_INCREASE_QUOTA_PRIVILEGE 5
-#define SE_MACHINE_ACCOUNT_PRIVILEGE 6
-#define SE_TCB_PRIVILEGE 7
-#define SE_SECURITY_PRIVILEGE 8
-#define SE_TAKE_OWNERSHIP_PRIVILEGE 9
-#define SE_LOAD_DRIVER_PRIVILEGE 10
-#define SE_SYSTEM_PROFILE_PRIVILEGE 11
-#define SE_SYSTEMTIME_PRIVILEGE 12
-#define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13
-#define SE_INC_BASE_PRIORITY_PRIVILEGE 14
-#define SE_CREATE_PAGEFILE_PRIVILEGE 15
-#define SE_CREATE_PERMANENT_PRIVILEGE 16
-#define SE_BACKUP_PRIVILEGE 17
-#define SE_RESTORE_PRIVILEGE 18
-#define SE_SHUTDOWN_PRIVILEGE 19
-#define SE_DEBUG_PRIVILEGE 20
-#define SE_AUDIT_PRIVILEGE 21
-#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
-#define SE_CHANGE_NOTIFY_PRIVILEGE 23
-#define SE_REMOTE_SHUTDOWN_PRIVILEGE 24
-#define SE_UNDOCK_PRIVILEGE 25
-#define SE_SYNC_AGENT_PRIVILEGE 26
-#define SE_ENABLE_DELEGATION_PRIVILEGE 27
-#define SE_MANAGE_VOLUME_PRIVILEGE 28
-#define SE_IMPERSONATE_PRIVILEGE 29
-#define SE_CREATE_GLOBAL_PRIVILEGE 30
-#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE 31
-#define SE_RELABEL_PRIVILEGE 32
-#define SE_INC_WORKING_SET_PRIVILEGE 33
-#define SE_TIME_ZONE_PRIVILEGE 34
-#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
-#define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
-
-typedef struct _SECURITY_SUBJECT_CONTEXT {
- PACCESS_TOKEN ClientToken;
- SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
- PACCESS_TOKEN PrimaryToken;
- PVOID ProcessAuditId;
-} SECURITY_SUBJECT_CONTEXT, *PSECURITY_SUBJECT_CONTEXT;
-
-typedef struct _ACCESS_STATE {
- LUID OperationID;
- BOOLEAN SecurityEvaluated;
- BOOLEAN GenerateAudit;
- BOOLEAN GenerateOnClose;
- BOOLEAN PrivilegesAllocated;
- ULONG Flags;
- ACCESS_MASK RemainingDesiredAccess;
- ACCESS_MASK PreviouslyGrantedAccess;
- ACCESS_MASK OriginalDesiredAccess;
- SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
- PSECURITY_DESCRIPTOR SecurityDescriptor;
- PVOID AuxData;
- union {
- INITIAL_PRIVILEGE_SET InitialPrivilegeSet;
- PRIVILEGE_SET PrivilegeSet;
- } Privileges;
- BOOLEAN AuditPrivileges;
- UNICODE_STRING ObjectName;
- UNICODE_STRING ObjectTypeName;
-} ACCESS_STATE, *PACCESS_STATE;
-
-typedef VOID
-(NTAPI *PNTFS_DEREF_EXPORTED_SECURITY_DESCRIPTOR)(
- _In_ PVOID Vcb,
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
-
-#ifndef _NTLSA_IFS_
-
-#ifndef _NTLSA_AUDIT_
-#define _NTLSA_AUDIT_
-
-#define SE_MAX_AUDIT_PARAMETERS 32
-#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
-
-#define SE_ADT_OBJECT_ONLY 0x1
+#define SE_ADT_OBJECT_ONLY 0x1
#define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
#define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
******************************************************************************/
-#if !defined(MIDL_PASS) && !defined(SORTPP_PASS)
+#if !defined(MIDL_PASS) && !defined(SORTPP_PASS)
+
+#define RTL_STATIC_LIST_HEAD(x) LIST_ENTRY x = { &x, &x }
+
+FORCEINLINE
+VOID
+InitializeListHead(
+ _Out_ PLIST_ENTRY ListHead)
+{
+ ListHead->Flink = ListHead->Blink = ListHead;
+}
+
+_Must_inspect_result_
+FORCEINLINE
+BOOLEAN
+IsListEmpty(
+ _In_ const LIST_ENTRY * ListHead)
+{
+ return (BOOLEAN)(ListHead->Flink == ListHead);
+}
+
+FORCEINLINE
+BOOLEAN
+RemoveEntryList(
+ _In_ PLIST_ENTRY Entry)
+{
+ PLIST_ENTRY OldFlink;
+ PLIST_ENTRY OldBlink;
+
+ OldFlink = Entry->Flink;
+ OldBlink = Entry->Blink;
+ OldFlink->Blink = OldBlink;
+ OldBlink->Flink = OldFlink;
+ return (BOOLEAN)(OldFlink == OldBlink);
+}
+
+FORCEINLINE
+PLIST_ENTRY
+RemoveHeadList(
+ _Inout_ PLIST_ENTRY ListHead)
+{
+ PLIST_ENTRY Flink;
+ PLIST_ENTRY Entry;
+
+ Entry = ListHead->Flink;
+ Flink = Entry->Flink;
+ ListHead->Flink = Flink;
+ Flink->Blink = ListHead;
+ return Entry;
+}
+
+FORCEINLINE
+PLIST_ENTRY
+RemoveTailList(
+ _Inout_ PLIST_ENTRY ListHead)
+{
+ PLIST_ENTRY Blink;
+ PLIST_ENTRY Entry;
+
+ Entry = ListHead->Blink;
+ Blink = Entry->Blink;
+ ListHead->Blink = Blink;
+ Blink->Flink = ListHead;
+ return Entry;
+}
+
+FORCEINLINE
+VOID
+InsertTailList(
+ _Inout_ PLIST_ENTRY ListHead,
+ _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
+{
+ PLIST_ENTRY OldBlink;
+ OldBlink = ListHead->Blink;
+ Entry->Flink = ListHead;
+ Entry->Blink = OldBlink;
+ OldBlink->Flink = Entry;
+ ListHead->Blink = Entry;
+}
+
+FORCEINLINE
+VOID
+InsertHeadList(
+ _Inout_ PLIST_ENTRY ListHead,
+ _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
+{
+ PLIST_ENTRY OldFlink;
+ OldFlink = ListHead->Flink;
+ Entry->Flink = OldFlink;
+ Entry->Blink = ListHead;
+ OldFlink->Blink = Entry;
+ ListHead->Flink = Entry;
+}
+
+FORCEINLINE
+VOID
+AppendTailList(
+ _Inout_ PLIST_ENTRY ListHead,
+ _Inout_ PLIST_ENTRY ListToAppend)
+{
+ PLIST_ENTRY ListEnd = ListHead->Blink;
+
+ ListHead->Blink->Flink = ListToAppend;
+ ListHead->Blink = ListToAppend->Blink;
+ ListToAppend->Blink->Flink = ListHead;
+ ListToAppend->Blink = ListEnd;
+}
+
+FORCEINLINE
+PSINGLE_LIST_ENTRY
+PopEntryList(
+ _Inout_ PSINGLE_LIST_ENTRY ListHead)
+{
+ PSINGLE_LIST_ENTRY FirstEntry;
+ FirstEntry = ListHead->Next;
+ if (FirstEntry != NULL) {
+ ListHead->Next = FirstEntry->Next;
+ }
+ return FirstEntry;
+}
+
+FORCEINLINE
+VOID
+PushEntryList(
+ _Inout_ PSINGLE_LIST_ENTRY ListHead,
+ _Inout_ __drv_aliasesMem PSINGLE_LIST_ENTRY Entry)
+{
+ Entry->Next = ListHead->Next;
+ ListHead->Next = Entry;
+}
+
+#endif /* !defined(MIDL_PASS) && !defined(SORTPP_PASS) */
+
+__analysis_noreturn
+NTSYSAPI
+VOID
+NTAPI
+RtlAssert(
+ _In_ PVOID FailedAssertion,
+ _In_ PVOID FileName,
+ _In_ ULONG LineNumber,
+ _In_opt_ PSTR Message);
+
+/* VOID
+ * RtlCopyMemory(
+ * IN VOID UNALIGNED *Destination,
+ * IN CONST VOID UNALIGNED *Source,
+ * IN SIZE_T Length)
+ */
+#define RtlCopyMemory(Destination, Source, Length) \
+ memcpy(Destination, Source, Length)
+
+#define RtlCopyBytes RtlCopyMemory
+
+#if defined(_M_AMD64)
+NTSYSAPI
+VOID
+NTAPI
+RtlCopyMemoryNonTemporal(
+ _Out_writes_bytes_all_(Length) VOID UNALIGNED *Destination,
+ _In_reads_bytes_(Length) const VOID UNALIGNED *Source,
+ _In_ SIZE_T Length);
+#else
+#define RtlCopyMemoryNonTemporal RtlCopyMemory
+#endif
+
+/* BOOLEAN
+ * RtlEqualLuid(
+ * IN PLUID Luid1,
+ * IN PLUID Luid2)
+ */
+#define RtlEqualLuid(Luid1, Luid2) \
+ (((Luid1)->LowPart == (Luid2)->LowPart) && ((Luid1)->HighPart == (Luid2)->HighPart))
+
+/* LOGICAL
+ * RtlEqualMemory(
+ * IN VOID UNALIGNED *Destination,
+ * IN CONST VOID UNALIGNED *Source,
+ * IN SIZE_T Length)
+ */
+#define RtlEqualMemory(Destination, Source, Length) \
+ (!memcmp(Destination, Source, Length))
+
+/* VOID
+ * RtlFillMemory(
+ * IN VOID UNALIGNED *Destination,
+ * IN SIZE_T Length,
+ * IN UCHAR Fill)
+ */
+#define RtlFillMemory(Destination, Length, Fill) \
+ memset(Destination, Fill, Length)
+
+#define RtlFillBytes RtlFillMemory
+
+_IRQL_requires_max_(PASSIVE_LEVEL)
+NTSYSAPI
+VOID
+NTAPI
+RtlFreeUnicodeString(
+ _Inout_ _At_(UnicodeString->Buffer, __drv_freesMem(Mem))
+ PUNICODE_STRING UnicodeString);
+
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlGUIDFromString(
+ _In_ PUNICODE_STRING GuidString,
+ _Out_ GUID *Guid);
+
+_IRQL_requires_max_(DISPATCH_LEVEL)
+_At_(DestinationString->Buffer, _Post_equal_to_(SourceString))
+//_At_(DestinationString->Length, _Post_equal_to_(_String_length_(SourceString) * sizeof(WCHAR)))
+_At_(DestinationString->MaximumLength, _Post_equal_to_(DestinationString->Length + sizeof(WCHAR)))
+NTSYSAPI
+VOID
+NTAPI
+RtlInitUnicodeString(
+ _Out_ PUNICODE_STRING DestinationString,
+ _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
+
+/* VOID
+ * RtlMoveMemory(
+ * IN VOID UNALIGNED *Destination,
+ * IN CONST VOID UNALIGNED *Source,
+ * IN SIZE_T Length)
+ */
+#define RtlMoveMemory(Destination, Source, Length) \
+ memmove(Destination, Source, Length)
+
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlStringFromGUID(
+ _In_ REFGUID Guid,
+ _Out_ _At_(GuidString->Buffer, __drv_allocatesMem(Mem))
+ PUNICODE_STRING GuidString);
+
+/* VOID
+ * RtlZeroMemory(
+ * IN VOID UNALIGNED *Destination,
+ * IN SIZE_T Length)
+ */
+#define RtlZeroMemory(Destination, Length) \
+ memset(Destination, 0, Length)
-#define RTL_STATIC_LIST_HEAD(x) LIST_ENTRY x = { &x, &x }
+#define RtlZeroBytes RtlZeroMemory
-FORCEINLINE
-VOID
-InitializeListHead(
- _Out_ PLIST_ENTRY ListHead)
-{
- ListHead->Flink = ListHead->Blink = ListHead;
-}
+#if (NTDDI_VERSION >= NTDDI_WIN2K)
_Must_inspect_result_
-FORCEINLINE
+NTSYSAPI
BOOLEAN
-IsListEmpty(
- _In_ const LIST_ENTRY * ListHead)
-{
- return (BOOLEAN)(ListHead->Flink == ListHead);
-}
+NTAPI
+RtlAreBitsClear(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG StartingIndex,
+ _In_ ULONG Length);
-FORCEINLINE
+_Must_inspect_result_
+NTSYSAPI
BOOLEAN
-RemoveEntryList(
- _In_ PLIST_ENTRY Entry)
-{
- PLIST_ENTRY OldFlink;
- PLIST_ENTRY OldBlink;
+NTAPI
+RtlAreBitsSet(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG StartingIndex,
+ _In_ ULONG Length);
- OldFlink = Entry->Flink;
- OldBlink = Entry->Blink;
- OldFlink->Blink = OldBlink;
- OldBlink->Flink = OldFlink;
- return (BOOLEAN)(OldFlink == OldBlink);
-}
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlAnsiStringToUnicodeString(
+ _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
+ _When_(!AllocateDestinationString, _Inout_)
+ PUNICODE_STRING DestinationString,
+ _In_ PANSI_STRING SourceString,
+ _In_ BOOLEAN AllocateDestinationString);
-FORCEINLINE
-PLIST_ENTRY
-RemoveHeadList(
- _Inout_ PLIST_ENTRY ListHead)
-{
- PLIST_ENTRY Flink;
- PLIST_ENTRY Entry;
+_IRQL_requires_max_(PASSIVE_LEVEL)
+NTSYSAPI
+ULONG
+NTAPI
+RtlxAnsiStringToUnicodeSize(
+ _In_ PCANSI_STRING AnsiString);
- Entry = ListHead->Flink;
- Flink = Entry->Flink;
- ListHead->Flink = Flink;
- Flink->Blink = ListHead;
- return Entry;
-}
+#define RtlAnsiStringToUnicodeSize(String) ( \
+ NLS_MB_CODE_PAGE_TAG ? \
+ RtlxAnsiStringToUnicodeSize(String) : \
+ ((String)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
+)
-FORCEINLINE
-PLIST_ENTRY
-RemoveTailList(
- _Inout_ PLIST_ENTRY ListHead)
-{
- PLIST_ENTRY Blink;
- PLIST_ENTRY Entry;
+_Success_(1)
+_Unchanged_(Destination->MaximumLength)
+_Unchanged_(Destination->Buffer)
+_When_(_Old_(Destination->Length) + Source->Length <= Destination->MaximumLength,
+ _At_(Destination->Length, _Post_equal_to_(_Old_(Destination->Length) + Source->Length))
+ _At_(return, _Out_range_(==, 0)))
+_When_(_Old_(Destination->Length) + Source->Length > Destination->MaximumLength,
+ _Unchanged_(Destination->Length)
+ _At_(return, _Out_range_(<, 0)))
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlAppendUnicodeStringToString(
+ _Inout_ PUNICODE_STRING Destination,
+ _In_ PCUNICODE_STRING Source);
- Entry = ListHead->Blink;
- Blink = Entry->Blink;
- ListHead->Blink = Blink;
- Blink->Flink = ListHead;
- return Entry;
-}
+_Success_(1)
+_Unchanged_(Destination->MaximumLength)
+_Unchanged_(Destination->Buffer)
+/* _When_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR) <= Destination->MaximumLength,
+ _At_(Destination->Length, _Post_equal_to_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR)))
+ _At_(return, _Out_range_(==, 0)))
+_When_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR) > Destination->MaximumLength,
+ _Unchanged_(Destination->Length)
+ _At_(return, _Out_range_(<, 0))) */
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlAppendUnicodeToString(
+ _Inout_ PUNICODE_STRING Destination,
+ _In_opt_z_ PCWSTR Source);
-FORCEINLINE
-VOID
-InsertTailList(
- _Inout_ PLIST_ENTRY ListHead,
- _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
-{
- PLIST_ENTRY OldBlink;
- OldBlink = ListHead->Blink;
- Entry->Flink = ListHead;
- Entry->Blink = OldBlink;
- OldBlink->Flink = Entry;
- ListHead->Blink = Entry;
-}
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlCheckRegistryKey(
+ _In_ ULONG RelativeTo,
+ _In_ PWSTR Path);
-FORCEINLINE
+NTSYSAPI
VOID
-InsertHeadList(
- _Inout_ PLIST_ENTRY ListHead,
- _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
-{
- PLIST_ENTRY OldFlink;
- OldFlink = ListHead->Flink;
- Entry->Flink = OldFlink;
- Entry->Blink = ListHead;
- OldFlink->Blink = Entry;
- ListHead->Flink = Entry;
-}
+NTAPI
+RtlClearAllBits(
+ _In_ PRTL_BITMAP BitMapHeader);
-FORCEINLINE
+NTSYSAPI
VOID
-AppendTailList(
- _Inout_ PLIST_ENTRY ListHead,
- _Inout_ PLIST_ENTRY ListToAppend)
-{
- PLIST_ENTRY ListEnd = ListHead->Blink;
+NTAPI
+RtlClearBits(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_range_(0, BitMapHeader->SizeOfBitMap - NumberToClear) ULONG StartingIndex,
+ _In_range_(0, BitMapHeader->SizeOfBitMap - StartingIndex) ULONG NumberToClear);
- ListHead->Blink->Flink = ListToAppend;
- ListHead->Blink = ListToAppend->Blink;
- ListToAppend->Blink->Flink = ListHead;
- ListToAppend->Blink = ListEnd;
-}
+_Must_inspect_result_
+NTSYSAPI
+SIZE_T
+NTAPI
+RtlCompareMemory(
+ _In_ const VOID *Source1,
+ _In_ const VOID *Source2,
+ _In_ SIZE_T Length);
-FORCEINLINE
-PSINGLE_LIST_ENTRY
-PopEntryList(
- _Inout_ PSINGLE_LIST_ENTRY ListHead)
-{
- PSINGLE_LIST_ENTRY FirstEntry;
- FirstEntry = ListHead->Next;
- if (FirstEntry != NULL) {
- ListHead->Next = FirstEntry->Next;
- }
- return FirstEntry;
-}
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+LONG
+NTAPI
+RtlCompareUnicodeString(
+ _In_ PCUNICODE_STRING String1,
+ _In_ PCUNICODE_STRING String2,
+ _In_ BOOLEAN CaseInSensitive);
-FORCEINLINE
-VOID
-PushEntryList(
- _Inout_ PSINGLE_LIST_ENTRY ListHead,
- _Inout_ __drv_aliasesMem PSINGLE_LIST_ENTRY Entry)
-{
- Entry->Next = ListHead->Next;
- ListHead->Next = Entry;
-}
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+LONG
+NTAPI
+RtlCompareUnicodeStrings(
+ _In_reads_(String1Length) PCWCH String1,
+ _In_ SIZE_T String1Length,
+ _In_reads_(String2Length) PCWCH String2,
+ _In_ SIZE_T String2Length,
+ _In_ BOOLEAN CaseInSensitive);
-#endif /* !defined(MIDL_PASS) && !defined(SORTPP_PASS) */
+_Unchanged_(DestinationString->Buffer)
+_Unchanged_(DestinationString->MaximumLength)
+_At_(DestinationString->Length,
+ _When_(SourceString->Length > DestinationString->MaximumLength,
+ _Post_equal_to_(DestinationString->MaximumLength))
+ _When_(SourceString->Length <= DestinationString->MaximumLength,
+ _Post_equal_to_(SourceString->Length)))
+NTSYSAPI
+VOID
+NTAPI
+RtlCopyUnicodeString(
+ _Inout_ PUNICODE_STRING DestinationString,
+ _In_opt_ PCUNICODE_STRING SourceString);
-__analysis_noreturn
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-VOID
+NTSTATUS
NTAPI
-RtlAssert(
- _In_ PVOID FailedAssertion,
- _In_ PVOID FileName,
- _In_ ULONG LineNumber,
- _In_opt_ PSTR Message);
-
-/* VOID
- * RtlCopyMemory(
- * IN VOID UNALIGNED *Destination,
- * IN CONST VOID UNALIGNED *Source,
- * IN SIZE_T Length)
- */
-#define RtlCopyMemory(Destination, Source, Length) \
- memcpy(Destination, Source, Length)
+RtlCreateRegistryKey(
+ _In_ ULONG RelativeTo,
+ _In_ PWSTR Path);
-#define RtlCopyBytes RtlCopyMemory
+_IRQL_requires_max_(APC_LEVEL)
+NTSYSAPI
+NTSTATUS
+NTAPI
+RtlCreateSecurityDescriptor(
+ _Out_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ ULONG Revision);
-#if defined(_M_AMD64)
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-VOID
+NTSTATUS
NTAPI
-RtlCopyMemoryNonTemporal(
- _Out_writes_bytes_all_(Length) VOID UNALIGNED *Destination,
- _In_reads_bytes_(Length) const VOID UNALIGNED *Source,
- _In_ SIZE_T Length);
-#else
-#define RtlCopyMemoryNonTemporal RtlCopyMemory
-#endif
+RtlDeleteRegistryValue(
+ _In_ ULONG RelativeTo,
+ _In_ PCWSTR Path,
+ _In_z_ PCWSTR ValueName);
-/* BOOLEAN
- * RtlEqualLuid(
- * IN PLUID Luid1,
- * IN PLUID Luid2)
- */
-#define RtlEqualLuid(Luid1, Luid2) \
- (((Luid1)->LowPart == (Luid2)->LowPart) && ((Luid1)->HighPart == (Luid2)->HighPart))
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
+NTSYSAPI
+BOOLEAN
+NTAPI
+RtlEqualUnicodeString(
+ _In_ CONST UNICODE_STRING *String1,
+ _In_ CONST UNICODE_STRING *String2,
+ _In_ BOOLEAN CaseInSensitive);
-/* ULONG
- * RtlEqualMemory(
- * IN VOID UNALIGNED *Destination,
- * IN CONST VOID UNALIGNED *Source,
- * IN SIZE_T Length)
- */
-#define RtlEqualMemory(Destination, Source, Length) \
- (!memcmp(Destination, Source, Length))
+#if !defined(_AMD64_) && !defined(_IA64_)
+NTSYSAPI
+LARGE_INTEGER
+NTAPI
+RtlExtendedIntegerMultiply(
+ _In_ LARGE_INTEGER Multiplicand,
+ _In_ LONG Multiplier);
-/* VOID
- * RtlFillMemory(
- * IN VOID UNALIGNED *Destination,
- * IN SIZE_T Length,
- * IN UCHAR Fill)
- */
-#define RtlFillMemory(Destination, Length, Fill) \
- memset(Destination, Fill, Length)
+NTSYSAPI
+LARGE_INTEGER
+NTAPI
+RtlExtendedLargeIntegerDivide(
+ _In_ LARGE_INTEGER Dividend,
+ _In_ ULONG Divisor,
+ _Out_opt_ PULONG Remainder);
+#endif
-#define RtlFillBytes RtlFillMemory
+#if defined(_X86_) || defined(_IA64_)
+NTSYSAPI
+LARGE_INTEGER
+NTAPI
+RtlExtendedMagicDivide(
+ _In_ LARGE_INTEGER Dividend,
+ _In_ LARGE_INTEGER MagicDivisor,
+ _In_ CCHAR ShiftCount);
+#endif
_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
VOID
NTAPI
-RtlFreeUnicodeString(
- _Inout_ _At_(UnicodeString->Buffer, __drv_freesMem(Mem))
- PUNICODE_STRING UnicodeString);
+RtlFreeAnsiString(
+ _Inout_ _At_(AnsiString->Buffer, __drv_freesMem(Mem))
+ PANSI_STRING AnsiString);
-_IRQL_requires_max_(PASSIVE_LEVEL)
+_Success_(return != -1)
_Must_inspect_result_
NTSYSAPI
-NTSTATUS
+ULONG
NTAPI
-RtlGUIDFromString(
- _In_ PUNICODE_STRING GuidString,
- _Out_ GUID *Guid);
+RtlFindClearBits(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG NumberToFind,
+ _In_ ULONG HintIndex);
-_IRQL_requires_max_(DISPATCH_LEVEL)
-_At_(DestinationString->Buffer, _Post_equal_to_(SourceString))
-//_At_(DestinationString->Length, _Post_equal_to_(_String_length_(SourceString) * sizeof(WCHAR)))
-_At_(DestinationString->MaximumLength, _Post_equal_to_(DestinationString->Length + sizeof(WCHAR)))
+_Success_(return != -1)
NTSYSAPI
-VOID
+ULONG
NTAPI
-RtlInitUnicodeString(
- _Out_ PUNICODE_STRING DestinationString,
- _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
-
-/* VOID
- * RtlMoveMemory(
- * IN VOID UNALIGNED *Destination,
- * IN CONST VOID UNALIGNED *Source,
- * IN SIZE_T Length)
- */
-#define RtlMoveMemory(Destination, Source, Length) \
- memmove(Destination, Source, Length)
+RtlFindClearBitsAndSet(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG NumberToFind,
+ _In_ ULONG HintIndex);
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
NTSYSAPI
-NTSTATUS
+ULONG
NTAPI
-RtlStringFromGUID(
- _In_ REFGUID Guid,
- _Out_ _At_(GuidString->Buffer, __drv_allocatesMem(Mem))
- PUNICODE_STRING GuidString);
-
-/* VOID
- * RtlZeroMemory(
- * IN VOID UNALIGNED *Destination,
- * IN SIZE_T Length)
- */
-#define RtlZeroMemory(Destination, Length) \
- memset(Destination, 0, Length)
+RtlFindFirstRunClear(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _Out_ PULONG StartingIndex);
-#define RtlZeroBytes RtlZeroMemory
+NTSYSAPI
+ULONG
+NTAPI
+RtlFindClearRuns(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _Out_writes_to_(SizeOfRunArray, return) PRTL_BITMAP_RUN RunArray,
+ _In_range_(>, 0) ULONG SizeOfRunArray,
+ _In_ BOOLEAN LocateLongestRuns);
-#if (NTDDI_VERSION >= NTDDI_WIN2K)
+NTSYSAPI
+ULONG
+NTAPI
+RtlFindLastBackwardRunClear(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG FromIndex,
+ _Out_ PULONG StartingRunIndex);
+_Success_(return != -1)
_Must_inspect_result_
NTSYSAPI
-BOOLEAN
+CCHAR
NTAPI
-RtlAreBitsClear(
+RtlFindLeastSignificantBit(
+ _In_ ULONGLONG Set);
+
+NTSYSAPI
+ULONG
+NTAPI
+RtlFindLongestRunClear(
_In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG StartingIndex,
- _In_ ULONG Length);
+ _Out_ PULONG StartingIndex);
+_Success_(return != -1)
_Must_inspect_result_
NTSYSAPI
-BOOLEAN
+CCHAR
NTAPI
-RtlAreBitsSet(
+RtlFindMostSignificantBit(
+ _In_ ULONGLONG Set);
+
+NTSYSAPI
+ULONG
+NTAPI
+RtlFindNextForwardRunClear(
_In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG StartingIndex,
- _In_ ULONG Length);
+ _In_ ULONG FromIndex,
+ _Out_ PULONG StartingRunIndex);
-_IRQL_requires_max_(PASSIVE_LEVEL)
+_Success_(return != -1)
_Must_inspect_result_
NTSYSAPI
-NTSTATUS
+ULONG
NTAPI
-RtlAnsiStringToUnicodeString(
- _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
- _When_(!AllocateDestinationString, _Inout_)
- PUNICODE_STRING DestinationString,
- _In_ PANSI_STRING SourceString,
- _In_ BOOLEAN AllocateDestinationString);
+RtlFindSetBits(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG NumberToFind,
+ _In_ ULONG HintIndex);
-_IRQL_requires_max_(PASSIVE_LEVEL)
+_Success_(return != -1)
NTSYSAPI
ULONG
NTAPI
-RtlxAnsiStringToUnicodeSize(
- _In_ PCANSI_STRING AnsiString);
+RtlFindSetBitsAndClear(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_ ULONG NumberToFind,
+ _In_ ULONG HintIndex);
-#define RtlAnsiStringToUnicodeSize(String) ( \
- NLS_MB_CODE_PAGE_TAG ? \
- RtlxAnsiStringToUnicodeSize(String) : \
- ((String)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR) \
-)
+_IRQL_requires_max_(DISPATCH_LEVEL)
+NTSYSAPI
+VOID
+NTAPI
+RtlInitAnsiString(
+ _Out_ PANSI_STRING DestinationString,
+ _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
-_Success_(1)
-_Unchanged_(Destination->MaximumLength)
-_Unchanged_(Destination->Buffer)
-_When_(_Old_(Destination->Length) + Source->Length <= Destination->MaximumLength,
- _At_(Destination->Length, _Post_equal_to_(_Old_(Destination->Length) + Source->Length))
- _At_(return, _Out_range_(==, 0)))
-_When_(_Old_(Destination->Length) + Source->Length > Destination->MaximumLength,
- _Unchanged_(Destination->Length)
- _At_(return, _Out_range_(<, 0)))
NTSYSAPI
-NTSTATUS
+VOID
+NTAPI
+RtlInitializeBitMap(
+ _Out_ PRTL_BITMAP BitMapHeader,
+ _In_ __drv_aliasesMem PULONG BitMapBuffer,
+ _In_ ULONG SizeOfBitMap);
+
+_IRQL_requires_max_(DISPATCH_LEVEL)
+NTSYSAPI
+VOID
NTAPI
-RtlAppendUnicodeStringToString(
- _Inout_ PUNICODE_STRING Destination,
- _In_ PCUNICODE_STRING Source);
+RtlInitString(
+ _Out_ PSTRING DestinationString,
+ _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
-_Success_(1)
-_Unchanged_(Destination->MaximumLength)
-_Unchanged_(Destination->Buffer)
-/* _When_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR) <= Destination->MaximumLength,
- _At_(Destination->Length, _Post_equal_to_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR)))
- _At_(return, _Out_range_(==, 0)))
-_When_(_Old_(Destination->Length) + _String_length_(Source) * sizeof(WCHAR) > Destination->MaximumLength,
- _Unchanged_(Destination->Length)
- _At_(return, _Out_range_(<, 0))) */
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_At_(String->MaximumLength, _Const_)
NTSYSAPI
NTSTATUS
NTAPI
-RtlAppendUnicodeToString(
- _Inout_ PUNICODE_STRING Destination,
- _In_opt_z_ PCWSTR Source);
+RtlIntegerToUnicodeString(
+ _In_ ULONG Value,
+ _In_opt_ ULONG Base,
+ _Inout_ PUNICODE_STRING String);
_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
+_At_(String->MaximumLength, _Const_)
NTSYSAPI
NTSTATUS
NTAPI
-RtlCheckRegistryKey(
- _In_ ULONG RelativeTo,
- _In_ PWSTR Path);
+RtlInt64ToUnicodeString(
+ _In_ ULONGLONG Value,
+ _In_opt_ ULONG Base,
+ _Inout_ PUNICODE_STRING String);
-NTSYSAPI
-VOID
-NTAPI
-RtlClearAllBits(
- _In_ PRTL_BITMAP BitMapHeader);
+#ifdef _WIN64
+#define RtlIntPtrToUnicodeString(Value, Base, String) \
+ RtlInt64ToUnicodeString(Value, Base, String)
+#else
+#define RtlIntPtrToUnicodeString(Value, Base, String) \
+ RtlIntegerToUnicodeString(Value, Base, String)
+#endif
+
+/* BOOLEAN
+ * RtlIsZeroLuid(
+ * IN PLUID L1);
+ */
+#define RtlIsZeroLuid(_L1) \
+ ((BOOLEAN) ((!(_L1)->LowPart) && (!(_L1)->HighPart)))
+_IRQL_requires_max_(APC_LEVEL)
NTSYSAPI
-VOID
+ULONG
NTAPI
-RtlClearBits(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(0, BitMapHeader->SizeOfBitMap - NumberToClear) ULONG StartingIndex,
- _In_range_(0, BitMapHeader->SizeOfBitMap - StartingIndex) ULONG NumberToClear);
+RtlLengthSecurityDescriptor(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
-_Must_inspect_result_
NTSYSAPI
-SIZE_T
+ULONG
NTAPI
-RtlCompareMemory(
- _In_ const VOID *Source1,
- _In_ const VOID *Source2,
- _In_ SIZE_T Length);
+RtlNumberOfClearBits(
+ _In_ PRTL_BITMAP BitMapHeader);
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
NTSYSAPI
-LONG
+ULONG
NTAPI
-RtlCompareUnicodeString(
- _In_ PCUNICODE_STRING String1,
- _In_ PCUNICODE_STRING String2,
- _In_ BOOLEAN CaseInSensitive);
+RtlNumberOfSetBits(
+ _In_ PRTL_BITMAP BitMapHeader);
_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
NTSYSAPI
-LONG
+NTSTATUS
NTAPI
-RtlCompareUnicodeStrings(
- _In_reads_(String1Length) PCWCH String1,
- _In_ SIZE_T String1Length,
- _In_reads_(String2Length) PCWCH String2,
- _In_ SIZE_T String2Length,
- _In_ BOOLEAN CaseInSensitive);
+RtlQueryRegistryValues(
+ _In_ ULONG RelativeTo,
+ _In_ PCWSTR Path,
+ _Inout_ _At_(*(*QueryTable).EntryContext, _Post_valid_)
+ PRTL_QUERY_REGISTRY_TABLE QueryTable,
+ _In_opt_ PVOID Context,
+ _In_opt_ PVOID Environment);
+
+#define SHORT_SIZE (sizeof(USHORT))
+#define SHORT_MASK (SHORT_SIZE - 1)
+#define LONG_SIZE (sizeof(LONG))
+#define LONGLONG_SIZE (sizeof(LONGLONG))
+#define LONG_MASK (LONG_SIZE - 1)
+#define LONGLONG_MASK (LONGLONG_SIZE - 1)
+#define LOWBYTE_MASK 0x00FF
+
+#define FIRSTBYTE(VALUE) ((VALUE) & LOWBYTE_MASK)
+#define SECONDBYTE(VALUE) (((VALUE) >> 8) & LOWBYTE_MASK)
+#define THIRDBYTE(VALUE) (((VALUE) >> 16) & LOWBYTE_MASK)
+#define FOURTHBYTE(VALUE) (((VALUE) >> 24) & LOWBYTE_MASK)
-_Unchanged_(DestinationString->Buffer)
-_Unchanged_(DestinationString->MaximumLength)
-_At_(DestinationString->Length,
- _When_(SourceString->Length > DestinationString->MaximumLength,
- _Post_equal_to_(DestinationString->MaximumLength))
- _When_(SourceString->Length <= DestinationString->MaximumLength,
- _Post_equal_to_(SourceString->Length)))
NTSYSAPI
VOID
NTAPI
-RtlCopyUnicodeString(
- _Inout_ PUNICODE_STRING DestinationString,
- _In_opt_ PCUNICODE_STRING SourceString);
+RtlSetAllBits(
+ _In_ PRTL_BITMAP BitMapHeader);
-_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-NTSTATUS
+VOID
NTAPI
-RtlCreateRegistryKey(
- _In_ ULONG RelativeTo,
- _In_ PWSTR Path);
+RtlSetBits(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_range_(0, BitMapHeader->SizeOfBitMap - NumberToSet) ULONG StartingIndex,
+ _In_range_(0, BitMapHeader->SizeOfBitMap - StartingIndex) ULONG NumberToSet);
_IRQL_requires_max_(APC_LEVEL)
NTSYSAPI
NTSTATUS
NTAPI
-RtlCreateSecurityDescriptor(
- _Out_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ ULONG Revision);
+RtlSetDaclSecurityDescriptor(
+ _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ _In_ BOOLEAN DaclPresent,
+ _In_opt_ PACL Dacl,
+ _In_opt_ BOOLEAN DaclDefaulted);
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlDeleteRegistryValue(
- _In_ ULONG RelativeTo,
- _In_ PCWSTR Path,
- _In_z_ PCWSTR ValueName);
+#if defined(_AMD64_)
+
+/* VOID
+ * RtlStoreUlong(
+ * IN PULONG Address,
+ * IN ULONG Value);
+ */
+#define RtlStoreUlong(Address,Value) \
+ *(ULONG UNALIGNED *)(Address) = (Value)
+
+/* VOID
+ * RtlStoreUlonglong(
+ * IN OUT PULONGLONG Address,
+ * ULONGLONG Value);
+ */
+#define RtlStoreUlonglong(Address,Value) \
+ *(ULONGLONG UNALIGNED *)(Address) = (Value)
+
+/* VOID
+ * RtlStoreUshort(
+ * IN PUSHORT Address,
+ * IN USHORT Value);
+ */
+#define RtlStoreUshort(Address,Value) \
+ *(USHORT UNALIGNED *)(Address) = (Value)
+
+/* VOID
+ * RtlRetrieveUshort(
+ * PUSHORT DestinationAddress,
+ * PUSHORT SourceAddress);
+ */
+#define RtlRetrieveUshort(DestAddress,SrcAddress) \
+ *(USHORT UNALIGNED *)(DestAddress) = *(USHORT)(SrcAddress)
+
+/* VOID
+ * RtlRetrieveUlong(
+ * PULONG DestinationAddress,
+ * PULONG SourceAddress);
+ */
+#define RtlRetrieveUlong(DestAddress,SrcAddress) \
+ *(ULONG UNALIGNED *)(DestAddress) = *(PULONG)(SrcAddress)
+
+#else
+
+#define RtlStoreUlong(Address,Value) \
+ if ((ULONG_PTR)(Address) & LONG_MASK) { \
+ ((PUCHAR) (Address))[LONG_LEAST_SIGNIFICANT_BIT] = (UCHAR)(FIRSTBYTE(Value)); \
+ ((PUCHAR) (Address))[LONG_3RD_MOST_SIGNIFICANT_BIT] = (UCHAR)(SECONDBYTE(Value)); \
+ ((PUCHAR) (Address))[LONG_2ND_MOST_SIGNIFICANT_BIT] = (UCHAR)(THIRDBYTE(Value)); \
+ ((PUCHAR) (Address))[LONG_MOST_SIGNIFICANT_BIT] = (UCHAR)(FOURTHBYTE(Value)); \
+ } \
+ else { \
+ *((PULONG)(Address)) = (ULONG) (Value); \
+ }
+
+#define RtlStoreUlonglong(Address,Value) \
+ if ((ULONG_PTR)(Address) & LONGLONG_MASK) { \
+ RtlStoreUlong((ULONG_PTR)(Address), \
+ (ULONGLONG)(Value) & 0xFFFFFFFF); \
+ RtlStoreUlong((ULONG_PTR)(Address)+sizeof(ULONG), \
+ (ULONGLONG)(Value) >> 32); \
+ } else { \
+ *((PULONGLONG)(Address)) = (ULONGLONG)(Value); \
+ }
+
+#define RtlStoreUshort(Address,Value) \
+ if ((ULONG_PTR)(Address) & SHORT_MASK) { \
+ ((PUCHAR) (Address))[SHORT_LEAST_SIGNIFICANT_BIT] = (UCHAR)(FIRSTBYTE(Value)); \
+ ((PUCHAR) (Address))[SHORT_MOST_SIGNIFICANT_BIT ] = (UCHAR)(SECONDBYTE(Value)); \
+ } \
+ else { \
+ *((PUSHORT) (Address)) = (USHORT)Value; \
+ }
+
+#define RtlRetrieveUshort(DestAddress,SrcAddress) \
+ if ((ULONG_PTR)(SrcAddress) & LONG_MASK) \
+ { \
+ ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
+ ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
+ } \
+ else \
+ { \
+ *((PUSHORT)(DestAddress))=*((PUSHORT)(SrcAddress)); \
+ }
+
+#define RtlRetrieveUlong(DestAddress,SrcAddress) \
+ if ((ULONG_PTR)(SrcAddress) & LONG_MASK) \
+ { \
+ ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
+ ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
+ ((PUCHAR)(DestAddress))[2]=((PUCHAR)(SrcAddress))[2]; \
+ ((PUCHAR)(DestAddress))[3]=((PUCHAR)(SrcAddress))[3]; \
+ } \
+ else \
+ { \
+ *((PULONG)(DestAddress))=*((PULONG)(SrcAddress)); \
+ }
+
+#endif /* defined(_AMD64_) */
+
+#ifdef _WIN64
+/* VOID
+ * RtlStoreUlongPtr(
+ * IN OUT PULONG_PTR Address,
+ * IN ULONG_PTR Value);
+ */
+#define RtlStoreUlongPtr(Address,Value) RtlStoreUlonglong(Address,Value)
+#else
+#define RtlStoreUlongPtr(Address,Value) RtlStoreUlong(Address,Value)
+#endif /* _WIN64 */
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
+_Success_(return != 0)
NTSYSAPI
BOOLEAN
NTAPI
-RtlEqualUnicodeString(
- _In_ CONST UNICODE_STRING *String1,
- _In_ CONST UNICODE_STRING *String2,
- _In_ BOOLEAN CaseInSensitive);
+RtlTimeFieldsToTime(
+ _In_ PTIME_FIELDS TimeFields,
+ _Out_ PLARGE_INTEGER Time);
-#if !defined(_AMD64_) && !defined(_IA64_)
NTSYSAPI
-LARGE_INTEGER
+VOID
NTAPI
-RtlExtendedIntegerMultiply(
- _In_ LARGE_INTEGER Multiplicand,
- _In_ LONG Multiplier);
+RtlTimeToTimeFields(
+ _In_ PLARGE_INTEGER Time,
+ _Out_ PTIME_FIELDS TimeFields);
NTSYSAPI
-LARGE_INTEGER
-NTAPI
-RtlExtendedLargeIntegerDivide(
- _In_ LARGE_INTEGER Dividend,
- _In_ ULONG Divisor,
- _Out_opt_ PULONG Remainder);
-#endif
+ULONG
+FASTCALL
+RtlUlongByteSwap(
+ _In_ ULONG Source);
-#if defined(_X86_) || defined(_IA64_)
NTSYSAPI
-LARGE_INTEGER
-NTAPI
-RtlExtendedMagicDivide(
- _In_ LARGE_INTEGER Dividend,
- _In_ LARGE_INTEGER MagicDivisor,
- _In_ CCHAR ShiftCount);
-#endif
+ULONGLONG
+FASTCALL
+RtlUlonglongByteSwap(
+ _In_ ULONGLONG Source);
+_When_(AllocateDestinationString,
+ _At_(DestinationString->MaximumLength,
+ _Out_range_(<=, (SourceString->MaximumLength / sizeof(WCHAR)))))
+_When_(!AllocateDestinationString,
+ _At_(DestinationString->Buffer, _Const_)
+ _At_(DestinationString->MaximumLength, _Const_))
_IRQL_requires_max_(PASSIVE_LEVEL)
+_When_(AllocateDestinationString, _Must_inspect_result_)
NTSYSAPI
-VOID
+NTSTATUS
NTAPI
-RtlFreeAnsiString(
- _Inout_ _At_(AnsiString->Buffer, __drv_freesMem(Mem))
- PANSI_STRING AnsiString);
+RtlUnicodeStringToAnsiString(
+ _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
+ _When_(!AllocateDestinationString, _Inout_)
+ PANSI_STRING DestinationString,
+ _In_ PCUNICODE_STRING SourceString,
+ _In_ BOOLEAN AllocateDestinationString);
-_Success_(return != -1)
-_Must_inspect_result_
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
ULONG
NTAPI
-RtlFindClearBits(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG NumberToFind,
- _In_ ULONG HintIndex);
+RtlxUnicodeStringToAnsiSize(
+ _In_ PCUNICODE_STRING UnicodeString);
-_Success_(return != -1)
-NTSYSAPI
-ULONG
-NTAPI
-RtlFindClearBitsAndSet(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG NumberToFind,
- _In_ ULONG HintIndex);
+#define RtlUnicodeStringToAnsiSize(String) ( \
+ NLS_MB_CODE_PAGE_TAG ? \
+ RtlxUnicodeStringToAnsiSize(String) : \
+ ((String)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
+)
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-ULONG
+NTSTATUS
NTAPI
-RtlFindFirstRunClear(
- _In_ PRTL_BITMAP BitMapHeader,
- _Out_ PULONG StartingIndex);
+RtlUnicodeStringToInteger(
+ _In_ PCUNICODE_STRING String,
+ _In_opt_ ULONG Base,
+ _Out_ PULONG Value);
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-ULONG
+WCHAR
NTAPI
-RtlFindClearRuns(
- _In_ PRTL_BITMAP BitMapHeader,
- _Out_writes_to_(SizeOfRunArray, return) PRTL_BITMAP_RUN RunArray,
- _In_range_(>, 0) ULONG SizeOfRunArray,
- _In_ BOOLEAN LocateLongestRuns);
+RtlUpcaseUnicodeChar(
+ _In_ WCHAR SourceCharacter);
NTSYSAPI
-ULONG
-NTAPI
-RtlFindLastBackwardRunClear(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG FromIndex,
- _Out_ PULONG StartingRunIndex);
+USHORT
+FASTCALL
+RtlUshortByteSwap(
+ _In_ USHORT Source);
-_Success_(return != -1)
+_IRQL_requires_max_(APC_LEVEL)
_Must_inspect_result_
NTSYSAPI
-CCHAR
-NTAPI
-RtlFindLeastSignificantBit(
- _In_ ULONGLONG Set);
-
-NTSYSAPI
-ULONG
+BOOLEAN
NTAPI
-RtlFindLongestRunClear(
- _In_ PRTL_BITMAP BitMapHeader,
- _Out_ PULONG StartingIndex);
+RtlValidRelativeSecurityDescriptor(
+ _In_reads_bytes_(SecurityDescriptorLength) PSECURITY_DESCRIPTOR SecurityDescriptorInput,
+ _In_ ULONG SecurityDescriptorLength,
+ _In_ SECURITY_INFORMATION RequiredInformation);
-_Success_(return != -1)
+_IRQL_requires_max_(APC_LEVEL)
_Must_inspect_result_
NTSYSAPI
-CCHAR
+BOOLEAN
NTAPI
-RtlFindMostSignificantBit(
- _In_ ULONGLONG Set);
+RtlValidSecurityDescriptor(
+ _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-ULONG
+NTSTATUS
NTAPI
-RtlFindNextForwardRunClear(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG FromIndex,
- _Out_ PULONG StartingRunIndex);
+RtlWriteRegistryValue(
+ _In_ ULONG RelativeTo,
+ _In_ PCWSTR Path,
+ _In_z_ PCWSTR ValueName,
+ _In_ ULONG ValueType,
+ _In_reads_bytes_opt_(ValueLength) PVOID ValueData,
+ _In_ ULONG ValueLength);
-_Success_(return != -1)
-_Must_inspect_result_
+
+#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
+
+
+#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
NTSYSAPI
-ULONG
-NTAPI
-RtlFindSetBits(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG NumberToFind,
- _In_ ULONG HintIndex);
+VOID
+FASTCALL
+RtlPrefetchMemoryNonTemporal(
+ _In_ PVOID Source,
+ _In_ SIZE_T Length);
+#endif
+
+
+#if (NTDDI_VERSION >= NTDDI_WINXP)
+
-_Success_(return != -1)
NTSYSAPI
-ULONG
+VOID
NTAPI
-RtlFindSetBitsAndClear(
+RtlClearBit(
_In_ PRTL_BITMAP BitMapHeader,
- _In_ ULONG NumberToFind,
- _In_ ULONG HintIndex);
+ _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
-_IRQL_requires_max_(DISPATCH_LEVEL)
+_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
-VOID
+WCHAR
NTAPI
-RtlInitAnsiString(
- _Out_ PANSI_STRING DestinationString,
- _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
+RtlDowncaseUnicodeChar(
+ _In_ WCHAR SourceCharacter);
NTSYSAPI
VOID
NTAPI
-RtlInitializeBitMap(
- _Out_ PRTL_BITMAP BitMapHeader,
- _In_ __drv_aliasesMem PULONG BitMapBuffer,
- _In_ ULONG SizeOfBitMap);
+RtlSetBit(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
-_IRQL_requires_max_(DISPATCH_LEVEL)
+_Must_inspect_result_
NTSYSAPI
-VOID
+BOOLEAN
NTAPI
-RtlInitString(
- _Out_ PSTRING DestinationString,
- _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
+RtlTestBit(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
_IRQL_requires_max_(PASSIVE_LEVEL)
-_At_(String->MaximumLength, _Const_)
NTSYSAPI
NTSTATUS
NTAPI
-RtlIntegerToUnicodeString(
- _In_ ULONG Value,
- _In_opt_ ULONG Base,
- _Inout_ PUNICODE_STRING String);
+RtlHashUnicodeString(
+ _In_ CONST UNICODE_STRING *String,
+ _In_ BOOLEAN CaseInSensitive,
+ _In_ ULONG HashAlgorithm,
+ _Out_ PULONG HashValue);
+
+
+
+#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
+
+
+#if (NTDDI_VERSION >= NTDDI_VISTA)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_At_(String->MaximumLength, _Const_)
NTSYSAPI
-NTSTATUS
+ULONG
NTAPI
-RtlInt64ToUnicodeString(
- _In_ ULONGLONG Value,
- _In_opt_ ULONG Base,
- _Inout_ PUNICODE_STRING String);
-
-#ifdef _WIN64
-#define RtlIntPtrToUnicodeString(Value, Base, String) \
- RtlInt64ToUnicodeString(Value, Base, String)
-#else
-#define RtlIntPtrToUnicodeString(Value, Base, String) \
- RtlIntegerToUnicodeString(Value, Base, String)
-#endif
+RtlNumberOfSetBitsUlongPtr(
+ _In_ ULONG_PTR Target);
-/* BOOLEAN
- * RtlIsZeroLuid(
- * IN PLUID L1);
- */
-#define RtlIsZeroLuid(_L1) \
- ((BOOLEAN) ((!(_L1)->LowPart) && (!(_L1)->HighPart)))
+NTSYSAPI
+ULONGLONG
+NTAPI
+RtlIoDecodeMemIoResource(
+ _In_ struct _IO_RESOURCE_DESCRIPTOR *Descriptor,
+ _Out_opt_ PULONGLONG Alignment,
+ _Out_opt_ PULONGLONG MinimumAddress,
+ _Out_opt_ PULONGLONG MaximumAddress);
-_IRQL_requires_max_(APC_LEVEL)
NTSYSAPI
-ULONG
+NTSTATUS
NTAPI
-RtlLengthSecurityDescriptor(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
+RtlIoEncodeMemIoResource(
+ _In_ struct _IO_RESOURCE_DESCRIPTOR *Descriptor,
+ _In_ UCHAR Type,
+ _In_ ULONGLONG Length,
+ _In_ ULONGLONG Alignment,
+ _In_ ULONGLONG MinimumAddress,
+ _In_ ULONGLONG MaximumAddress);
NTSYSAPI
-ULONG
+ULONGLONG
NTAPI
-RtlNumberOfClearBits(
- _In_ PRTL_BITMAP BitMapHeader);
+RtlCmDecodeMemIoResource(
+ _In_ struct _CM_PARTIAL_RESOURCE_DESCRIPTOR *Descriptor,
+ _Out_opt_ PULONGLONG Start);
NTSYSAPI
-ULONG
+NTSTATUS
NTAPI
-RtlNumberOfSetBits(
- _In_ PRTL_BITMAP BitMapHeader);
+RtlFindClosestEncodableLength(
+ _In_ ULONGLONG SourceLength,
+ _Out_ PULONGLONG TargetLength);
-_IRQL_requires_max_(PASSIVE_LEVEL)
NTSYSAPI
NTSTATUS
NTAPI
-RtlQueryRegistryValues(
- _In_ ULONG RelativeTo,
- _In_ PCWSTR Path,
- _Inout_ _At_(*(*QueryTable).EntryContext, _Post_valid_)
- PRTL_QUERY_REGISTRY_TABLE QueryTable,
- _In_opt_ PVOID Context,
- _In_opt_ PVOID Environment);
+RtlCmEncodeMemIoResource(
+ _In_ PCM_PARTIAL_RESOURCE_DESCRIPTOR Descriptor,
+ _In_ UCHAR Type,
+ _In_ ULONGLONG Length,
+ _In_ ULONGLONG Start);
-#define SHORT_SIZE (sizeof(USHORT))
-#define SHORT_MASK (SHORT_SIZE - 1)
-#define LONG_SIZE (sizeof(LONG))
-#define LONGLONG_SIZE (sizeof(LONGLONG))
-#define LONG_MASK (LONG_SIZE - 1)
-#define LONGLONG_MASK (LONGLONG_SIZE - 1)
-#define LOWBYTE_MASK 0x00FF
-#define FIRSTBYTE(VALUE) ((VALUE) & LOWBYTE_MASK)
-#define SECONDBYTE(VALUE) (((VALUE) >> 8) & LOWBYTE_MASK)
-#define THIRDBYTE(VALUE) (((VALUE) >> 16) & LOWBYTE_MASK)
-#define FOURTHBYTE(VALUE) (((VALUE) >> 24) & LOWBYTE_MASK)
+#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
+
+#if (NTDDI_VERSION >= NTDDI_WIN7)
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
NTSYSAPI
-VOID
+NTSTATUS
NTAPI
-RtlSetAllBits(
- _In_ PRTL_BITMAP BitMapHeader);
+RtlUnicodeToUTF8N(
+ _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount)
+ PCHAR UTF8StringDestination,
+ _In_ ULONG UTF8StringMaxByteCount,
+ _Out_ PULONG UTF8StringActualByteCount,
+ _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
+ _In_ ULONG UnicodeStringByteCount);
+_IRQL_requires_max_(PASSIVE_LEVEL)
+_Must_inspect_result_
NTSYSAPI
-VOID
+NTSTATUS
NTAPI
-RtlSetBits(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(0, BitMapHeader->SizeOfBitMap - NumberToSet) ULONG StartingIndex,
- _In_range_(0, BitMapHeader->SizeOfBitMap - StartingIndex) ULONG NumberToSet);
+RtlUTF8ToUnicodeN(
+ _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount)
+ PWSTR UnicodeStringDestination,
+ _In_ ULONG UnicodeStringMaxByteCount,
+ _Out_ PULONG UnicodeStringActualByteCount,
+ _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
+ _In_ ULONG UTF8StringByteCount);
-_IRQL_requires_max_(APC_LEVEL)
NTSYSAPI
-NTSTATUS
+ULONG64
NTAPI
-RtlSetDaclSecurityDescriptor(
- _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
- _In_ BOOLEAN DaclPresent,
- _In_opt_ PACL Dacl,
- _In_opt_ BOOLEAN DaclDefaulted);
+RtlGetEnabledExtendedFeatures(
+ IN ULONG64 FeatureMask);
-#if defined(_AMD64_)
-/* VOID
- * RtlStoreUlong(
- * IN PULONG Address,
- * IN ULONG Value);
- */
-#define RtlStoreUlong(Address,Value) \
- *(ULONG UNALIGNED *)(Address) = (Value)
+#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
+
+
+#if !defined(MIDL_PASS)
+/* inline funftions */
+//DECLSPEC_DEPRECATED_DDK_WINXP
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlConvertLongToLargeInteger(
+ _In_ LONG SignedInteger)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = SignedInteger;
+ return ret;
+}
+
+//DECLSPEC_DEPRECATED_DDK_WINXP
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlConvertUlongToLargeInteger(
+ _In_ ULONG UnsignedInteger)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = UnsignedInteger;
+ return ret;
+}
+
+//DECLSPEC_DEPRECATED_DDK_WINXP
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerShiftLeft(
+ _In_ LARGE_INTEGER LargeInteger,
+ _In_ CCHAR ShiftCount)
+{
+ LARGE_INTEGER Result;
+
+ Result.QuadPart = LargeInteger.QuadPart << ShiftCount;
+ return Result;
+}
+
+//DECLSPEC_DEPRECATED_DDK_WINXP
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerShiftRight(
+ _In_ LARGE_INTEGER LargeInteger,
+ _In_ CCHAR ShiftCount)
+{
+ LARGE_INTEGER Result;
+
+ Result.QuadPart = (ULONG64)LargeInteger.QuadPart >> ShiftCount;
+ return Result;
+}
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+ULONG
+NTAPI_INLINE
+RtlEnlargedUnsignedDivide(
+ _In_ ULARGE_INTEGER Dividend,
+ _In_ ULONG Divisor,
+ _Out_opt_ PULONG Remainder)
+{
+ if (Remainder)
+ *Remainder = (ULONG)(Dividend.QuadPart % Divisor);
+ return (ULONG)(Dividend.QuadPart / Divisor);
+}
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerNegate(
+ _In_ LARGE_INTEGER Subtrahend)
+{
+ LARGE_INTEGER Difference;
+
+ Difference.QuadPart = -Subtrahend.QuadPart;
+ return Difference;
+}
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerSubtract(
+ _In_ LARGE_INTEGER Minuend,
+ _In_ LARGE_INTEGER Subtrahend)
+{
+ LARGE_INTEGER Difference;
+
+ Difference.QuadPart = Minuend.QuadPart - Subtrahend.QuadPart;
+ return Difference;
+}
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlEnlargedUnsignedMultiply(
+ _In_ ULONG Multiplicand,
+ _In_ ULONG Multiplier)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = (ULONGLONG)Multiplicand * (ULONGLONG)Multiplier;
+ return ret;
+}
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlEnlargedIntegerMultiply(
+ _In_ LONG Multiplicand,
+ _In_ LONG Multiplier)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = (LONGLONG)Multiplicand * (ULONGLONG)Multiplier;
+ return ret;
+}
+
+_At_(AnsiString->Buffer, _Post_equal_to_(Buffer))
+_At_(AnsiString->Length, _Post_equal_to_(0))
+_At_(AnsiString->MaximumLength, _Post_equal_to_(BufferSize))
+FORCEINLINE
+VOID
+RtlInitEmptyAnsiString(
+ _Out_ PANSI_STRING AnsiString,
+ _Pre_maybenull_ _Pre_readable_size_(BufferSize) __drv_aliasesMem PCHAR Buffer,
+ _In_ USHORT BufferSize)
+{
+ AnsiString->Length = 0;
+ AnsiString->MaximumLength = BufferSize;
+ AnsiString->Buffer = Buffer;
+}
+
+_At_(UnicodeString->Buffer, _Post_equal_to_(Buffer))
+_At_(UnicodeString->Length, _Post_equal_to_(0))
+_At_(UnicodeString->MaximumLength, _Post_equal_to_(BufferSize))
+FORCEINLINE
+VOID
+RtlInitEmptyUnicodeString(
+ _Out_ PUNICODE_STRING UnicodeString,
+ _Writable_bytes_(BufferSize)
+ _When_(BufferSize != 0, _Notnull_)
+ __drv_aliasesMem PWSTR Buffer,
+ _In_ USHORT BufferSize)
+{
+ UnicodeString->Length = 0;
+ UnicodeString->MaximumLength = BufferSize;
+ UnicodeString->Buffer = Buffer;
+}
-/* VOID
- * RtlStoreUlonglong(
- * IN OUT PULONGLONG Address,
- * ULONGLONG Value);
- */
-#define RtlStoreUlonglong(Address,Value) \
- *(ULONGLONG UNALIGNED *)(Address) = (Value)
+#if defined(_AMD64_) || defined(_IA64_)
-/* VOID
- * RtlStoreUshort(
- * IN PUSHORT Address,
- * IN USHORT Value);
- */
-#define RtlStoreUshort(Address,Value) \
- *(USHORT UNALIGNED *)(Address) = (Value)
-/* VOID
- * RtlRetrieveUshort(
- * PUSHORT DestinationAddress,
- * PUSHORT SourceAddress);
- */
-#define RtlRetrieveUshort(DestAddress,SrcAddress) \
- *(USHORT UNALIGNED *)(DestAddress) = *(USHORT)(SrcAddress)
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlExtendedIntegerMultiply(
+ _In_ LARGE_INTEGER Multiplicand,
+ _In_ LONG Multiplier)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = Multiplicand.QuadPart * Multiplier;
+ return ret;
+}
-/* VOID
- * RtlRetrieveUlong(
- * PULONG DestinationAddress,
- * PULONG SourceAddress);
- */
-#define RtlRetrieveUlong(DestAddress,SrcAddress) \
- *(ULONG UNALIGNED *)(DestAddress) = *(PULONG)(SrcAddress)
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlExtendedLargeIntegerDivide(
+ _In_ LARGE_INTEGER Dividend,
+ _In_ ULONG Divisor,
+ _Out_opt_ PULONG Remainder)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = (ULONG64)Dividend.QuadPart / Divisor;
+ if (Remainder)
+ *Remainder = (ULONG)(Dividend.QuadPart % Divisor);
+ return ret;
+}
-#else
-#define RtlStoreUlong(Address,Value) \
- if ((ULONG_PTR)(Address) & LONG_MASK) { \
- ((PUCHAR) (Address))[LONG_LEAST_SIGNIFICANT_BIT] = (UCHAR)(FIRSTBYTE(Value)); \
- ((PUCHAR) (Address))[LONG_3RD_MOST_SIGNIFICANT_BIT] = (UCHAR)(SECONDBYTE(Value)); \
- ((PUCHAR) (Address))[LONG_2ND_MOST_SIGNIFICANT_BIT] = (UCHAR)(THIRDBYTE(Value)); \
- ((PUCHAR) (Address))[LONG_MOST_SIGNIFICANT_BIT] = (UCHAR)(FOURTHBYTE(Value)); \
- } \
- else { \
- *((PULONG)(Address)) = (ULONG) (Value); \
- }
-#define RtlStoreUlonglong(Address,Value) \
- if ((ULONG_PTR)(Address) & LONGLONG_MASK) { \
- RtlStoreUlong((ULONG_PTR)(Address), \
- (ULONGLONG)(Value) & 0xFFFFFFFF); \
- RtlStoreUlong((ULONG_PTR)(Address)+sizeof(ULONG), \
- (ULONGLONG)(Value) >> 32); \
- } else { \
- *((PULONGLONG)(Address)) = (ULONGLONG)(Value); \
- }
+#endif /* defined(_AMD64_) || defined(_IA64_) */
-#define RtlStoreUshort(Address,Value) \
- if ((ULONG_PTR)(Address) & SHORT_MASK) { \
- ((PUCHAR) (Address))[SHORT_LEAST_SIGNIFICANT_BIT] = (UCHAR)(FIRSTBYTE(Value)); \
- ((PUCHAR) (Address))[SHORT_MOST_SIGNIFICANT_BIT ] = (UCHAR)(SECONDBYTE(Value)); \
- } \
- else { \
- *((PUSHORT) (Address)) = (USHORT)Value; \
- }
-#define RtlRetrieveUshort(DestAddress,SrcAddress) \
- if ((ULONG_PTR)(SrcAddress) & LONG_MASK) \
- { \
- ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
- ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
- } \
- else \
- { \
- *((PUSHORT)(DestAddress))=*((PUSHORT)(SrcAddress)); \
- }
+#if defined(_AMD64_)
-#define RtlRetrieveUlong(DestAddress,SrcAddress) \
- if ((ULONG_PTR)(SrcAddress) & LONG_MASK) \
- { \
- ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
- ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
- ((PUCHAR)(DestAddress))[2]=((PUCHAR)(SrcAddress))[2]; \
- ((PUCHAR)(DestAddress))[3]=((PUCHAR)(SrcAddress))[3]; \
- } \
- else \
- { \
- *((PULONG)(DestAddress))=*((PULONG)(SrcAddress)); \
- }
+#define MultiplyHigh __mulh
+#define UnsignedMultiplyHigh __umulh
-#endif /* defined(_AMD64_) */
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlExtendedMagicDivide(
+ _In_ LARGE_INTEGER Dividend,
+ _In_ LARGE_INTEGER MagicDivisor,
+ _In_ CCHAR ShiftCount)
+{
+ LARGE_INTEGER ret;
+ ULONG64 ret64;
+ BOOLEAN Pos;
+ Pos = (Dividend.QuadPart >= 0);
+ ret64 = UnsignedMultiplyHigh(Pos ? Dividend.QuadPart : -Dividend.QuadPart,
+ MagicDivisor.QuadPart);
+ ret64 >>= ShiftCount;
+ ret.QuadPart = Pos ? ret64 : -(LONG64)ret64;
+ return ret;
+}
+#endif
+
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerAdd(
+ _In_ LARGE_INTEGER Addend1,
+ _In_ LARGE_INTEGER Addend2)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = Addend1.QuadPart + Addend2.QuadPart;
+ return ret;
+}
-#ifdef _WIN64
/* VOID
- * RtlStoreUlongPtr(
- * IN OUT PULONG_PTR Address,
- * IN ULONG_PTR Value);
+ * RtlLargeIntegerAnd(
+ * IN OUT LARGE_INTEGER Result,
+ * IN LARGE_INTEGER Source,
+ * IN LARGE_INTEGER Mask);
*/
-#define RtlStoreUlongPtr(Address,Value) RtlStoreUlonglong(Address,Value)
-#else
-#define RtlStoreUlongPtr(Address,Value) RtlStoreUlong(Address,Value)
-#endif /* _WIN64 */
+#define RtlLargeIntegerAnd(Result, Source, Mask) \
+ Result.QuadPart = Source.QuadPart & Mask.QuadPart
-_Success_(return != 0)
-NTSYSAPI
-BOOLEAN
-NTAPI
-RtlTimeFieldsToTime(
- _In_ PTIME_FIELDS TimeFields,
- _Out_ PLARGE_INTEGER Time);
+//DECLSPEC_DEPRECATED_DDK
+static __inline
+LARGE_INTEGER
+NTAPI_INLINE
+RtlLargeIntegerArithmeticShift(
+ _In_ LARGE_INTEGER LargeInteger,
+ _In_ CCHAR ShiftCount)
+{
+ LARGE_INTEGER ret;
+ ret.QuadPart = LargeInteger.QuadPart >> ShiftCount;
+ return ret;
+}
-NTSYSAPI
-VOID
-NTAPI
-RtlTimeToTimeFields(
- _In_ PLARGE_INTEGER Time,
- _Out_ PTIME_FIELDS TimeFields);
+/* BOOLEAN
+ * RtlLargeIntegerEqualTo(
+ * IN LARGE_INTEGER Operand1,
+ * IN LARGE_INTEGER Operand2);
+ */
+#define RtlLargeIntegerEqualTo(X,Y) \
+ (!(((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)))
-NTSYSAPI
-ULONG
-FASTCALL
-RtlUlongByteSwap(
- _In_ ULONG Source);
+FORCEINLINE
+PVOID
+RtlSecureZeroMemory(
+ _Out_writes_bytes_all_(Size) PVOID Pointer,
+ _In_ SIZE_T Size)
+{
+ volatile char* vptr = (volatile char*)Pointer;
+#if defined(_M_AMD64)
+ __stosb((PUCHAR)vptr, 0, Size);
+#else
+ char * endptr = (char *)vptr + Size;
+ while (vptr < endptr) {
+ *vptr = 0; vptr++;
+ }
+#endif
+ return Pointer;
+}
-NTSYSAPI
-ULONGLONG
-FASTCALL
-RtlUlonglongByteSwap(
- _In_ ULONGLONG Source);
+#if defined(_M_AMD64)
+_Must_inspect_result_
+FORCEINLINE
+BOOLEAN
+RtlCheckBit(
+ _In_ PRTL_BITMAP BitMapHeader,
+ _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitPosition)
+{
+ return BitTest64((LONG64 CONST*)BitMapHeader->Buffer, (LONG64)BitPosition);
+}
+#else
+#define RtlCheckBit(BMH,BP) (((((PLONG)(BMH)->Buffer)[(BP)/32]) >> ((BP)%32)) & 0x1)
+#endif /* defined(_M_AMD64) */
-_When_(AllocateDestinationString,
- _At_(DestinationString->MaximumLength,
- _Out_range_(<=, (SourceString->MaximumLength / sizeof(WCHAR)))))
-_When_(!AllocateDestinationString,
- _At_(DestinationString->Buffer, _Const_)
- _At_(DestinationString->MaximumLength, _Const_))
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_When_(AllocateDestinationString, _Must_inspect_result_)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlUnicodeStringToAnsiString(
- _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
- _When_(!AllocateDestinationString, _Inout_)
- PANSI_STRING DestinationString,
- _In_ PCUNICODE_STRING SourceString,
- _In_ BOOLEAN AllocateDestinationString);
+#define RtlLargeIntegerGreaterThan(X,Y) ( \
+ (((X).HighPart == (Y).HighPart) && ((X).LowPart > (Y).LowPart)) || \
+ ((X).HighPart > (Y).HighPart) \
+)
+
+#define RtlLargeIntegerGreaterThanOrEqualTo(X,Y) ( \
+ (((X).HighPart == (Y).HighPart) && ((X).LowPart >= (Y).LowPart)) || \
+ ((X).HighPart > (Y).HighPart) \
+)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-ULONG
-NTAPI
-RtlxUnicodeStringToAnsiSize(
- _In_ PCUNICODE_STRING UnicodeString);
+#define RtlLargeIntegerNotEqualTo(X,Y) ( \
+ (((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)) \
+)
-#define RtlUnicodeStringToAnsiSize(String) ( \
- NLS_MB_CODE_PAGE_TAG ? \
- RtlxUnicodeStringToAnsiSize(String) : \
- ((String)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
+#define RtlLargeIntegerLessThan(X,Y) ( \
+ (((X).HighPart == (Y).HighPart) && ((X).LowPart < (Y).LowPart)) || \
+ ((X).HighPart < (Y).HighPart) \
)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlUnicodeStringToInteger(
- _In_ PCUNICODE_STRING String,
- _In_opt_ ULONG Base,
- _Out_ PULONG Value);
+#define RtlLargeIntegerLessThanOrEqualTo(X,Y) ( \
+ (((X).HighPart == (Y).HighPart) && ((X).LowPart <= (Y).LowPart)) || \
+ ((X).HighPart < (Y).HighPart) \
+)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-WCHAR
-NTAPI
-RtlUpcaseUnicodeChar(
- _In_ WCHAR SourceCharacter);
+#define RtlLargeIntegerGreaterThanZero(X) ( \
+ (((X).HighPart == 0) && ((X).LowPart > 0)) || \
+ ((X).HighPart > 0 ) \
+)
-NTSYSAPI
-USHORT
-FASTCALL
-RtlUshortByteSwap(
- _In_ USHORT Source);
+#define RtlLargeIntegerGreaterOrEqualToZero(X) ( (X).HighPart >= 0 )
-_IRQL_requires_max_(APC_LEVEL)
-_Must_inspect_result_
-NTSYSAPI
-BOOLEAN
-NTAPI
-RtlValidRelativeSecurityDescriptor(
- _In_reads_bytes_(SecurityDescriptorLength) PSECURITY_DESCRIPTOR SecurityDescriptorInput,
- _In_ ULONG SecurityDescriptorLength,
- _In_ SECURITY_INFORMATION RequiredInformation);
+#define RtlLargeIntegerEqualToZero(X) ( !((X).LowPart | (X).HighPart) )
-_IRQL_requires_max_(APC_LEVEL)
-_Must_inspect_result_
-NTSYSAPI
-BOOLEAN
-NTAPI
-RtlValidSecurityDescriptor(
- _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
+#define RtlLargeIntegerNotEqualToZero(X) ( ((X).LowPart | (X).HighPart) )
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlWriteRegistryValue(
- _In_ ULONG RelativeTo,
- _In_ PCWSTR Path,
- _In_z_ PCWSTR ValueName,
- _In_ ULONG ValueType,
- _In_reads_bytes_opt_(ValueLength) PVOID ValueData,
- _In_ ULONG ValueLength);
+#define RtlLargeIntegerLessThanZero(X) ( ((X).HighPart < 0) )
+#define RtlLargeIntegerLessOrEqualToZero(X) ( ((X).HighPart < 0) || !((X).LowPart | (X).HighPart) )
-#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
+#endif /* !defined(MIDL_PASS) */
+
+/* Byte Swap Functions */
+#if (defined(_M_IX86) && (_MSC_FULL_VER > 13009037 || defined(__GNUC__))) || \
+ ((defined(_M_AMD64) || defined(_M_IA64)) \
+ && (_MSC_FULL_VER > 13009175 || defined(__GNUC__)))
+#define RtlUshortByteSwap(_x) _byteswap_ushort((USHORT)(_x))
+#define RtlUlongByteSwap(_x) _byteswap_ulong((_x))
+#define RtlUlonglongByteSwap(_x) _byteswap_uint64((_x))
-#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
-NTSYSAPI
-VOID
-FASTCALL
-RtlPrefetchMemoryNonTemporal(
- _In_ PVOID Source,
- _In_ SIZE_T Length);
#endif
+#if DBG
-#if (NTDDI_VERSION >= NTDDI_WINXP)
+#define ASSERT(exp) \
+ (VOID)((!(exp)) ? \
+ RtlAssert( (PVOID)#exp, (PVOID)__FILE__, __LINE__, NULL ), FALSE : TRUE)
+#define ASSERTMSG(msg, exp) \
+ (VOID)((!(exp)) ? \
+ RtlAssert( (PVOID)#exp, (PVOID)__FILE__, __LINE__, (PCHAR)msg ), FALSE : TRUE)
-NTSYSAPI
-VOID
-NTAPI
-RtlClearBit(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
+#define RTL_SOFT_ASSERT(exp) \
+ (VOID)((!(exp)) ? \
+ DbgPrint("%s(%d): Soft assertion failed\n Expression: %s\n", __FILE__, __LINE__, #exp), FALSE : TRUE)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-WCHAR
-NTAPI
-RtlDowncaseUnicodeChar(
- _In_ WCHAR SourceCharacter);
+#define RTL_SOFT_ASSERTMSG(msg, exp) \
+ (VOID)((!(exp)) ? \
+ DbgPrint("%s(%d): Soft assertion failed\n Expression: %s\n Message: %s\n", __FILE__, __LINE__, #exp, (msg)), FALSE : TRUE)
-NTSYSAPI
-VOID
-NTAPI
-RtlSetBit(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
+#define RTL_VERIFY(exp) ASSERT(exp)
+#define RTL_VERIFYMSG(msg, exp) ASSERTMSG(msg, exp)
-_Must_inspect_result_
-NTSYSAPI
-BOOLEAN
-NTAPI
-RtlTestBit(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber);
+#define RTL_SOFT_VERIFY(exp) RTL_SOFT_ASSERT(exp)
+#define RTL_SOFT_VERIFYMSG(msg, exp) RTL_SOFT_ASSERTMSG(msg, exp)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlHashUnicodeString(
- _In_ CONST UNICODE_STRING *String,
- _In_ BOOLEAN CaseInSensitive,
- _In_ ULONG HashAlgorithm,
- _Out_ PULONG HashValue);
+#if defined(_MSC_VER)
+#define NT_ASSERT(exp) \
+ ((!(exp)) ? \
+ (__annotation(L"Debug", L"AssertFail", L#exp), \
+ DbgRaiseAssertionFailure(), FALSE) : TRUE)
+#define NT_ASSERTMSG(msg, exp) \
+ ((!(exp)) ? \
+ (__annotation(L"Debug", L"AssertFail", L##msg), \
+ DbgRaiseAssertionFailure(), FALSE) : TRUE)
-#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
+#define NT_ASSERTMSGW(msg, exp) \
+ ((!(exp)) ? \
+ (__annotation(L"Debug", L"AssertFail", msg), \
+ DbgRaiseAssertionFailure(), FALSE) : TRUE)
+#define NT_VERIFY NT_ASSERT
+#define NT_VERIFYMSG NT_ASSERTMSG
+#define NT_VERIFYMSGW NT_ASSERTMSGW
-#if (NTDDI_VERSION >= NTDDI_VISTA)
+#else
-NTSYSAPI
-ULONG
-NTAPI
-RtlNumberOfSetBitsUlongPtr(
- _In_ ULONG_PTR Target);
+/* GCC doesn't support __annotation (nor PDB) */
+#define NT_ASSERT(exp) \
+ (VOID)((!(exp)) ? (DbgRaiseAssertionFailure(), FALSE) : TRUE)
-NTSYSAPI
-ULONGLONG
-NTAPI
-RtlIoDecodeMemIoResource(
- _In_ struct _IO_RESOURCE_DESCRIPTOR *Descriptor,
- _Out_opt_ PULONGLONG Alignment,
- _Out_opt_ PULONGLONG MinimumAddress,
- _Out_opt_ PULONGLONG MaximumAddress);
+#define NT_ASSERTMSG NT_ASSERT
+#define NT_ASSERTMSGW NT_ASSERT
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlIoEncodeMemIoResource(
- _In_ struct _IO_RESOURCE_DESCRIPTOR *Descriptor,
- _In_ UCHAR Type,
- _In_ ULONGLONG Length,
- _In_ ULONGLONG Alignment,
- _In_ ULONGLONG MinimumAddress,
- _In_ ULONGLONG MaximumAddress);
+#endif
-NTSYSAPI
-ULONGLONG
-NTAPI
-RtlCmDecodeMemIoResource(
- _In_ struct _CM_PARTIAL_RESOURCE_DESCRIPTOR *Descriptor,
- _Out_opt_ PULONGLONG Start);
+#else /* !DBG */
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlFindClosestEncodableLength(
- _In_ ULONGLONG SourceLength,
- _Out_ PULONGLONG TargetLength);
+#define ASSERT(exp) ((VOID) 0)
+#define ASSERTMSG(msg, exp) ((VOID) 0)
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlCmEncodeMemIoResource(
- _In_ PCM_PARTIAL_RESOURCE_DESCRIPTOR Descriptor,
- _In_ UCHAR Type,
- _In_ ULONGLONG Length,
- _In_ ULONGLONG Start);
+#define RTL_SOFT_ASSERT(exp) ((VOID) 0)
+#define RTL_SOFT_ASSERTMSG(msg, exp) ((VOID) 0)
+#define RTL_VERIFY(exp) ((exp) ? TRUE : FALSE)
+#define RTL_VERIFYMSG(msg, exp) ((exp) ? TRUE : FALSE)
-#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
+#define RTL_SOFT_VERIFY(exp) ((exp) ? TRUE : FALSE)
+#define RTL_SOFT_VERIFYMSG(msg, exp) ((exp) ? TRUE : FALSE)
-#if (NTDDI_VERSION >= NTDDI_WIN7)
+#define NT_ASSERT(exp) ((VOID)0)
+#define NT_ASSERTMSG(msg, exp) ((VOID)0)
+#define NT_ASSERTMSGW(msg, exp) ((VOID)0)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlUnicodeToUTF8N(
- _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount)
- PCHAR UTF8StringDestination,
- _In_ ULONG UTF8StringMaxByteCount,
- _Out_ PULONG UTF8StringActualByteCount,
- _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
- _In_ ULONG UnicodeStringByteCount);
+#define NT_VERIFY(_exp) ((_exp) ? TRUE : FALSE)
+#define NT_VERIFYMSG(_msg, _exp ) ((_exp) ? TRUE : FALSE)
+#define NT_VERIFYMSGW(_msg, _exp) ((_exp) ? TRUE : FALSE)
-_IRQL_requires_max_(PASSIVE_LEVEL)
-_Must_inspect_result_
-NTSYSAPI
-NTSTATUS
-NTAPI
-RtlUTF8ToUnicodeN(
- _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount)
- PWSTR UnicodeStringDestination,
- _In_ ULONG UnicodeStringMaxByteCount,
- _Out_ PULONG UnicodeStringActualByteCount,
- _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
- _In_ ULONG UTF8StringByteCount);
+#endif /* DBG */
-NTSYSAPI
-ULONG64
-NTAPI
-RtlGetEnabledExtendedFeatures(
- IN ULONG64 FeatureMask);
+#define InitializeListHead32(ListHead) (\
+ (ListHead)->Flink = (ListHead)->Blink = PtrToUlong((ListHead)))
+#if !defined(_WINBASE_)
-#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
+#if defined(_WIN64) && (defined(_NTDRIVER_) || defined(_NTDDK_) || defined(_NTIFS_) || defined(_NTHAL_) || defined(_NTOSP_))
+NTKERNELAPI
+VOID
+InitializeSListHead(
+ _Out_ PSLIST_HEADER SListHead);
-#if !defined(MIDL_PASS)
-/* inline funftions */
-//DECLSPEC_DEPRECATED_DDK_WINXP
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlConvertLongToLargeInteger(
- _In_ LONG SignedInteger)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = SignedInteger;
- return ret;
-}
+#else
-//DECLSPEC_DEPRECATED_DDK_WINXP
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlConvertUlongToLargeInteger(
- _In_ ULONG UnsignedInteger)
+FORCEINLINE
+VOID
+InitializeSListHead(
+ _Out_ PSLIST_HEADER SListHead)
{
- LARGE_INTEGER ret;
- ret.QuadPart = UnsignedInteger;
- return ret;
+#if defined(_IA64_)
+ ULONG64 FeatureBits;
+#endif
+
+#if defined(_WIN64)
+ if (((ULONG_PTR)SListHead & 0xf) != 0) {
+ RtlRaiseStatus(STATUS_DATATYPE_MISALIGNMENT);
+ }
+#endif
+ RtlZeroMemory(SListHead, sizeof(SLIST_HEADER));
+#if defined(_IA64_)
+ FeatureBits = __getReg(CV_IA64_CPUID4);
+ if ((FeatureBits & KF_16BYTE_INSTR) != 0) {
+ SListHead->Header16.HeaderType = 1;
+ SListHead->Header16.Init = 1;
+ }
+#endif
}
-//DECLSPEC_DEPRECATED_DDK_WINXP
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerShiftLeft(
- _In_ LARGE_INTEGER LargeInteger,
- _In_ CCHAR ShiftCount)
-{
- LARGE_INTEGER Result;
+#endif
- Result.QuadPart = LargeInteger.QuadPart << ShiftCount;
- return Result;
-}
+#if defined(_WIN64)
-//DECLSPEC_DEPRECATED_DDK_WINXP
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerShiftRight(
- _In_ LARGE_INTEGER LargeInteger,
- _In_ CCHAR ShiftCount)
-{
- LARGE_INTEGER Result;
+#define InterlockedPopEntrySList(Head) \
+ ExpInterlockedPopEntrySList(Head)
- Result.QuadPart = (ULONG64)LargeInteger.QuadPart >> ShiftCount;
- return Result;
-}
+#define InterlockedPushEntrySList(Head, Entry) \
+ ExpInterlockedPushEntrySList(Head, Entry)
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-ULONG
-NTAPI_INLINE
-RtlEnlargedUnsignedDivide(
- _In_ ULARGE_INTEGER Dividend,
- _In_ ULONG Divisor,
- _Out_opt_ PULONG Remainder)
-{
- if (Remainder)
- *Remainder = (ULONG)(Dividend.QuadPart % Divisor);
- return (ULONG)(Dividend.QuadPart / Divisor);
-}
+#define InterlockedFlushSList(Head) \
+ ExpInterlockedFlushSList(Head)
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerNegate(
- _In_ LARGE_INTEGER Subtrahend)
-{
- LARGE_INTEGER Difference;
+#define QueryDepthSList(Head) \
+ ExQueryDepthSList(Head)
- Difference.QuadPart = -Subtrahend.QuadPart;
- return Difference;
-}
+#else /* !defined(_WIN64) */
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerSubtract(
- _In_ LARGE_INTEGER Minuend,
- _In_ LARGE_INTEGER Subtrahend)
-{
- LARGE_INTEGER Difference;
+NTKERNELAPI
+PSLIST_ENTRY
+FASTCALL
+InterlockedPopEntrySList(
+ _Inout_ PSLIST_HEADER ListHead);
- Difference.QuadPart = Minuend.QuadPart - Subtrahend.QuadPart;
- return Difference;
-}
+NTKERNELAPI
+PSLIST_ENTRY
+FASTCALL
+InterlockedPushEntrySList(
+ _Inout_ PSLIST_HEADER ListHead,
+ _Inout_ __drv_aliasesMem PSLIST_ENTRY ListEntry);
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlEnlargedUnsignedMultiply(
- _In_ ULONG Multiplicand,
- _In_ ULONG Multiplier)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = (ULONGLONG)Multiplicand * (ULONGLONG)Multiplier;
- return ret;
-}
+#define InterlockedFlushSList(ListHead) \
+ ExInterlockedFlushSList(ListHead)
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlEnlargedIntegerMultiply(
- _In_ LONG Multiplicand,
- _In_ LONG Multiplier)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = (LONGLONG)Multiplicand * (ULONGLONG)Multiplier;
- return ret;
-}
+#define QueryDepthSList(Head) \
+ ExQueryDepthSList(Head)
-_At_(AnsiString->Buffer, _Post_equal_to_(Buffer))
-_At_(AnsiString->Length, _Post_equal_to_(0))
-_At_(AnsiString->MaximumLength, _Post_equal_to_(BufferSize))
-FORCEINLINE
-VOID
-RtlInitEmptyAnsiString(
- _Out_ PANSI_STRING AnsiString,
- _Pre_maybenull_ _Pre_readable_size_(BufferSize) __drv_aliasesMem PCHAR Buffer,
- _In_ USHORT BufferSize)
-{
- AnsiString->Length = 0;
- AnsiString->MaximumLength = BufferSize;
- AnsiString->Buffer = Buffer;
-}
+#endif /* !defined(_WIN64) */
-_At_(UnicodeString->Buffer, _Post_equal_to_(Buffer))
-_At_(UnicodeString->Length, _Post_equal_to_(0))
-_At_(UnicodeString->MaximumLength, _Post_equal_to_(BufferSize))
-FORCEINLINE
-VOID
-RtlInitEmptyUnicodeString(
- _Out_ PUNICODE_STRING UnicodeString,
- _Writable_bytes_(BufferSize)
- _When_(BufferSize != 0, _Notnull_)
- __drv_aliasesMem PWSTR Buffer,
- _In_ USHORT BufferSize)
-{
- UnicodeString->Length = 0;
- UnicodeString->MaximumLength = BufferSize;
- UnicodeString->Buffer = Buffer;
-}
+#endif /* !defined(_WINBASE_) */
-#if defined(_AMD64_) || defined(_IA64_)
+#define RTL_CONTEXT_EX_OFFSET(ContextEx, Chunk) ((ContextEx)->Chunk.Offset)
+#define RTL_CONTEXT_EX_LENGTH(ContextEx, Chunk) ((ContextEx)->Chunk.Length)
+#define RTL_CONTEXT_EX_CHUNK(Base, Layout, Chunk) \
+ ((PVOID)((PCHAR)(Base) + RTL_CONTEXT_EX_OFFSET(Layout, Chunk)))
+#define RTL_CONTEXT_OFFSET(Context, Chunk) \
+ RTL_CONTEXT_EX_OFFSET((PCONTEXT_EX)(Context + 1), Chunk)
+#define RTL_CONTEXT_LENGTH(Context, Chunk) \
+ RTL_CONTEXT_EX_LENGTH((PCONTEXT_EX)(Context + 1), Chunk)
+#define RTL_CONTEXT_CHUNK(Context, Chunk) \
+ RTL_CONTEXT_EX_CHUNK((PCONTEXT_EX)(Context + 1), \
+ (PCONTEXT_EX)(Context + 1), \
+ Chunk)
+BOOLEAN
+RTLVERLIB_DDI(RtlIsNtDdiVersionAvailable)(
+ _In_ ULONG Version);
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlExtendedIntegerMultiply(
- _In_ LARGE_INTEGER Multiplicand,
- _In_ LONG Multiplier)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = Multiplicand.QuadPart * Multiplier;
- return ret;
-}
+BOOLEAN
+RTLVERLIB_DDI(RtlIsServicePackVersionInstalled)(
+ _In_ ULONG Version);
+
+#ifndef RtlIsNtDdiVersionAvailable
+#define RtlIsNtDdiVersionAvailable WdmlibRtlIsNtDdiVersionAvailable
+#endif
+
+#ifndef RtlIsServicePackVersionInstalled
+#define RtlIsServicePackVersionInstalled WdmlibRtlIsServicePackVersionInstalled
+#endif
+
+#define RtlInterlockedSetBits(Flags, Flag) \
+ InterlockedOr((PLONG)(Flags), Flag)
+
+#define RtlInterlockedAndBits(Flags, Flag) \
+ InterlockedAnd((PLONG)(Flags), Flag)
+
+#define RtlInterlockedClearBits(Flags, Flag) \
+ RtlInterlockedAndBits(Flags, ~(Flag))
+
+#define RtlInterlockedXorBits(Flags, Flag) \
+ InterlockedXor(Flags, Flag)
+
+#define RtlInterlockedSetBitsDiscardReturn(Flags, Flag) \
+ (VOID) RtlInterlockedSetBits(Flags, Flag)
+
+#define RtlInterlockedAndBitsDiscardReturn(Flags, Flag) \
+ (VOID) RtlInterlockedAndBits(Flags, Flag)
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlExtendedLargeIntegerDivide(
- _In_ LARGE_INTEGER Dividend,
- _In_ ULONG Divisor,
- _Out_opt_ PULONG Remainder)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = (ULONG64)Dividend.QuadPart / Divisor;
- if (Remainder)
- *Remainder = (ULONG)(Dividend.QuadPart % Divisor);
- return ret;
-}
+#define RtlInterlockedClearBitsDiscardReturn(Flags, Flag) \
+ RtlInterlockedAndBitsDiscardReturn(Flags, ~(Flag))
+/******************************************************************************
+ * Kernel Functions *
+ ******************************************************************************/
+#if defined(_M_IX86)
+/** Kernel definitions for x86 **/
-#endif /* defined(_AMD64_) || defined(_IA64_) */
+/* Interrupt request levels */
+#define PASSIVE_LEVEL 0
+#define LOW_LEVEL 0
+#define APC_LEVEL 1
+#define DISPATCH_LEVEL 2
+#define CMCI_LEVEL 5
+#define PROFILE_LEVEL 27
+#define CLOCK1_LEVEL 28
+#define CLOCK2_LEVEL 28
+#define IPI_LEVEL 29
+#define POWER_LEVEL 30
+#define HIGH_LEVEL 31
+#define CLOCK_LEVEL CLOCK2_LEVEL
+#define KIP0PCRADDRESS 0xffdff000
+#define KI_USER_SHARED_DATA 0xffdf0000
+#define SharedUserData ((KUSER_SHARED_DATA * CONST)KI_USER_SHARED_DATA)
-#if defined(_AMD64_)
+#define PAGE_SIZE 0x1000
+#define PAGE_SHIFT 12L
+#define KeGetDcacheFillSize() 1L
-#define MultiplyHigh __mulh
-#define UnsignedMultiplyHigh __umulh
+#define EFLAG_SIGN 0x8000
+#define EFLAG_ZERO 0x4000
+#define EFLAG_SELECT (EFLAG_SIGN | EFLAG_ZERO)
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlExtendedMagicDivide(
- _In_ LARGE_INTEGER Dividend,
- _In_ LARGE_INTEGER MagicDivisor,
- _In_ CCHAR ShiftCount)
-{
- LARGE_INTEGER ret;
- ULONG64 ret64;
- BOOLEAN Pos;
- Pos = (Dividend.QuadPart >= 0);
- ret64 = UnsignedMultiplyHigh(Pos ? Dividend.QuadPart : -Dividend.QuadPart,
- MagicDivisor.QuadPart);
- ret64 >>= ShiftCount;
- ret.QuadPart = Pos ? ret64 : -(LONG64)ret64;
- return ret;
-}
-#endif
+#define RESULT_NEGATIVE ((EFLAG_SIGN & ~EFLAG_ZERO) & EFLAG_SELECT)
+#define RESULT_ZERO ((~EFLAG_SIGN & EFLAG_ZERO) & EFLAG_SELECT)
+#define RESULT_POSITIVE ((~EFLAG_SIGN & ~EFLAG_ZERO) & EFLAG_SELECT)
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerAdd(
- _In_ LARGE_INTEGER Addend1,
- _In_ LARGE_INTEGER Addend2)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = Addend1.QuadPart + Addend2.QuadPart;
- return ret;
-}
-/* VOID
- * RtlLargeIntegerAnd(
- * IN OUT LARGE_INTEGER Result,
- * IN LARGE_INTEGER Source,
- * IN LARGE_INTEGER Mask);
- */
-#define RtlLargeIntegerAnd(Result, Source, Mask) \
- Result.QuadPart = Source.QuadPart & Mask.QuadPart
+typedef struct _KFLOATING_SAVE {
+ ULONG ControlWord;
+ ULONG StatusWord;
+ ULONG ErrorOffset;
+ ULONG ErrorSelector;
+ ULONG DataOffset;
+ ULONG DataSelector;
+ ULONG Cr0NpxState;
+ ULONG Spare1;
+} KFLOATING_SAVE, *PKFLOATING_SAVE;
-//DECLSPEC_DEPRECATED_DDK
-static __inline
-LARGE_INTEGER
-NTAPI_INLINE
-RtlLargeIntegerArithmeticShift(
- _In_ LARGE_INTEGER LargeInteger,
- _In_ CCHAR ShiftCount)
-{
- LARGE_INTEGER ret;
- ret.QuadPart = LargeInteger.QuadPart >> ShiftCount;
- return ret;
-}
+extern NTKERNELAPI volatile KSYSTEM_TIME KeTickCount;
-/* BOOLEAN
- * RtlLargeIntegerEqualTo(
- * IN LARGE_INTEGER Operand1,
- * IN LARGE_INTEGER Operand2);
- */
-#define RtlLargeIntegerEqualTo(X,Y) \
- (!(((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)))
+#define YieldProcessor _mm_pause
FORCEINLINE
-PVOID
-RtlSecureZeroMemory(
- _Out_writes_bytes_all_(Size) PVOID Pointer,
- _In_ SIZE_T Size)
+VOID
+KeMemoryBarrier(VOID)
{
- volatile char* vptr = (volatile char*)Pointer;
-#if defined(_M_AMD64)
- __stosb((PUCHAR)vptr, 0, Size);
-#else
- char * endptr = (char *)vptr + Size;
- while (vptr < endptr) {
- *vptr = 0; vptr++;
- }
+ LONG Barrier, *Dummy = &Barrier;
+ UNREFERENCED_LOCAL_VARIABLE(Dummy);
+
+#if defined(__GNUC__)
+ __asm__ __volatile__ ("xchg %%eax, %0" : : "m" (Barrier) : "%eax");
+#elif defined(_MSC_VER)
+ __asm xchg [Barrier], eax
#endif
- return Pointer;
}
-#if defined(_M_AMD64)
-_Must_inspect_result_
-FORCEINLINE
-BOOLEAN
-RtlCheckBit(
- _In_ PRTL_BITMAP BitMapHeader,
- _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitPosition)
-{
- return BitTest64((LONG64 CONST*)BitMapHeader->Buffer, (LONG64)BitPosition);
-}
-#else
-#define RtlCheckBit(BMH,BP) (((((PLONG)(BMH)->Buffer)[(BP)/32]) >> ((BP)%32)) & 0x1)
-#endif /* defined(_M_AMD64) */
+#define KeMemoryBarrierWithoutFence() _ReadWriteBarrier()
-#define RtlLargeIntegerGreaterThan(X,Y) ( \
- (((X).HighPart == (Y).HighPart) && ((X).LowPart > (Y).LowPart)) || \
- ((X).HighPart > (Y).HighPart) \
-)
+_IRQL_requires_max_(HIGH_LEVEL)
+_IRQL_saves_
+NTHALAPI
+KIRQL
+NTAPI
+KeGetCurrentIrql(VOID);
-#define RtlLargeIntegerGreaterThanOrEqualTo(X,Y) ( \
- (((X).HighPart == (Y).HighPart) && ((X).LowPart >= (Y).LowPart)) || \
- ((X).HighPart > (Y).HighPart) \
-)
+_IRQL_requires_max_(HIGH_LEVEL)
+NTHALAPI
+VOID
+FASTCALL
+KfLowerIrql(
+ _In_ _IRQL_restores_ _Notliteral_ KIRQL NewIrql);
+#define KeLowerIrql(a) KfLowerIrql(a)
-#define RtlLargeIntegerNotEqualTo(X,Y) ( \
- (((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)) \
-)
+_IRQL_requires_max_(HIGH_LEVEL)
+_IRQL_raises_(NewIrql)
+_IRQL_saves_
+NTHALAPI
+KIRQL
+FASTCALL
+KfRaiseIrql(
+ _In_ KIRQL NewIrql);
+#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
-#define RtlLargeIntegerLessThan(X,Y) ( \
- (((X).HighPart == (Y).HighPart) && ((X).LowPart < (Y).LowPart)) || \
- ((X).HighPart < (Y).HighPart) \
-)
+_IRQL_requires_max_(DISPATCH_LEVEL)
+_IRQL_saves_
+_IRQL_raises_(DISPATCH_LEVEL)
+NTHALAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToDpcLevel(VOID);
-#define RtlLargeIntegerLessThanOrEqualTo(X,Y) ( \
- (((X).HighPart == (Y).HighPart) && ((X).LowPart <= (Y).LowPart)) || \
- ((X).HighPart < (Y).HighPart) \
-)
+NTHALAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToSynchLevel(VOID);
-#define RtlLargeIntegerGreaterThanZero(X) ( \
- (((X).HighPart == 0) && ((X).LowPart > 0)) || \
- ((X).HighPart > 0 ) \
-)
+_Requires_lock_not_held_(*SpinLock)
+_Acquires_lock_(*SpinLock)
+_IRQL_requires_max_(DISPATCH_LEVEL)
+_IRQL_saves_
+_IRQL_raises_(DISPATCH_LEVEL)
+NTHALAPI
+KIRQL
+FASTCALL
+KfAcquireSpinLock(
+ _Inout_ PKSPIN_LOCK SpinLock);
+#define KeAcquireSpinLock(a,b) *(b) = KfAcquireSpinLock(a)
-#define RtlLargeIntegerGreaterOrEqualToZero(X) ( (X).HighPart >= 0 )
+_Requires_lock_held_(*SpinLock)
+_Releases_lock_(*SpinLock)
+_IRQL_requires_(DISPATCH_LEVEL)
+NTHALAPI
+VOID
+FASTCALL
+KfReleaseSpinLock(
+ _Inout_ PKSPIN_LOCK SpinLock,
+ _In_ _IRQL_restores_ KIRQL NewIrql);
+#define KeReleaseSpinLock(a,b) KfReleaseSpinLock(a,b)
+
+_Requires_lock_not_held_(*SpinLock)
+_Acquires_lock_(*SpinLock)
+_IRQL_requires_min_(DISPATCH_LEVEL)
+NTKERNELAPI
+VOID
+FASTCALL
+KefAcquireSpinLockAtDpcLevel(
+ _Inout_ PKSPIN_LOCK SpinLock);
+#define KeAcquireSpinLockAtDpcLevel(SpinLock) KefAcquireSpinLockAtDpcLevel(SpinLock)
+
+_Requires_lock_held_(*SpinLock)
+_Releases_lock_(*SpinLock)
+_IRQL_requires_min_(DISPATCH_LEVEL)
+NTKERNELAPI
+VOID
+FASTCALL
+KefReleaseSpinLockFromDpcLevel(
+ _Inout_ PKSPIN_LOCK SpinLock);
+#define KeReleaseSpinLockFromDpcLevel(SpinLock) KefReleaseSpinLockFromDpcLevel(SpinLock)
+
+NTSYSAPI
+PKTHREAD
+NTAPI
+KeGetCurrentThread(VOID);
-#define RtlLargeIntegerEqualToZero(X) ( !((X).LowPart | (X).HighPart) )
+_Always_(_Post_satisfies_(return<=0))
+_Must_inspect_result_
+_IRQL_requires_max_(DISPATCH_LEVEL)
+_Kernel_float_saved_
+_At_(*FloatSave, _Kernel_requires_resource_not_held_(FloatState) _Kernel_acquires_resource_(FloatState))
+NTKERNELAPI
+NTSTATUS
+NTAPI
+KeSaveFloatingPointState(
+ _Out_ PKFLOATING_SAVE FloatSave);
-#define RtlLargeIntegerNotEqualToZero(X) ( ((X).LowPart | (X).HighPart) )
+_Success_(1)
+_Kernel_float_restored_
+_At_(*FloatSave, _Kernel_requires_resource_held_(FloatState) _Kernel_releases_resource_(FloatState))
+NTKERNELAPI
+NTSTATUS
+NTAPI
+KeRestoreFloatingPointState(
+ _In_ PKFLOATING_SAVE FloatSave);
-#define RtlLargeIntegerLessThanZero(X) ( ((X).HighPart < 0) )
+/* VOID
+ * KeFlushIoBuffers(
+ * IN PMDL Mdl,
+ * IN BOOLEAN ReadOperation,
+ * IN BOOLEAN DmaOperation)
+ */
+#define KeFlushIoBuffers(_Mdl, _ReadOperation, _DmaOperation)
-#define RtlLargeIntegerLessOrEqualToZero(X) ( ((X).HighPart < 0) || !((X).LowPart | (X).HighPart) )
+/* x86 and x64 performs a 0x2C interrupt */
+#define DbgRaiseAssertionFailure __int2c
-#endif /* !defined(MIDL_PASS) */
+FORCEINLINE
+VOID
+_KeQueryTickCount(
+ OUT PLARGE_INTEGER CurrentCount)
+{
+ for (;;) {
+#ifdef NONAMELESSUNION
+ CurrentCount->s.HighPart = KeTickCount.High1Time;
+ CurrentCount->s.LowPart = KeTickCount.LowPart;
+ if (CurrentCount->s.HighPart == KeTickCount.High2Time) break;
+#else
+ CurrentCount->HighPart = KeTickCount.High1Time;
+ CurrentCount->LowPart = KeTickCount.LowPart;
+ if (CurrentCount->HighPart == KeTickCount.High2Time) break;
+#endif
+ YieldProcessor();
+ }
+}
+#define KeQueryTickCount(CurrentCount) _KeQueryTickCount(CurrentCount)
-/* Byte Swap Functions */
-#if (defined(_M_IX86) && (_MSC_FULL_VER > 13009037 || defined(__GNUC__))) || \
- ((defined(_M_AMD64) || defined(_M_IA64)) \
- && (_MSC_FULL_VER > 13009175 || defined(__GNUC__)))
-#define RtlUshortByteSwap(_x) _byteswap_ushort((USHORT)(_x))
-#define RtlUlongByteSwap(_x) _byteswap_ulong((_x))
-#define RtlUlonglongByteSwap(_x) _byteswap_uint64((_x))
-#endif
-#if DBG
-#define ASSERT(exp) \
- (VOID)((!(exp)) ? \
- RtlAssert( (PVOID)#exp, (PVOID)__FILE__, __LINE__, NULL ), FALSE : TRUE)
+#elif defined(_M_AMD64)
+/** Kernel definitions for AMD64 **/
-#define ASSERTMSG(msg, exp) \
- (VOID)((!(exp)) ? \
- RtlAssert( (PVOID)#exp, (PVOID)__FILE__, __LINE__, (PCHAR)msg ), FALSE : TRUE)
+/* Interrupt request levels */
+#define PASSIVE_LEVEL 0
+#define LOW_LEVEL 0
+#define APC_LEVEL 1
+#define DISPATCH_LEVEL 2
+#define CMCI_LEVEL 5
+#define CLOCK_LEVEL 13
+#define IPI_LEVEL 14
+#define DRS_LEVEL 14
+#define POWER_LEVEL 14
+#define PROFILE_LEVEL 15
+#define HIGH_LEVEL 15
-#define RTL_SOFT_ASSERT(exp) \
- (VOID)((!(exp)) ? \
- DbgPrint("%s(%d): Soft assertion failed\n Expression: %s\n", __FILE__, __LINE__, #exp), FALSE : TRUE)
+#define KI_USER_SHARED_DATA 0xFFFFF78000000000ULL
+#define SharedUserData ((PKUSER_SHARED_DATA const)KI_USER_SHARED_DATA)
+#define SharedInterruptTime (KI_USER_SHARED_DATA + 0x8)
+#define SharedSystemTime (KI_USER_SHARED_DATA + 0x14)
+#define SharedTickCount (KI_USER_SHARED_DATA + 0x320)
-#define RTL_SOFT_ASSERTMSG(msg, exp) \
- (VOID)((!(exp)) ? \
- DbgPrint("%s(%d): Soft assertion failed\n Expression: %s\n Message: %s\n", __FILE__, __LINE__, #exp, (msg)), FALSE : TRUE)
+#define PAGE_SIZE 0x1000
+#define PAGE_SHIFT 12L
-#define RTL_VERIFY(exp) ASSERT(exp)
-#define RTL_VERIFYMSG(msg, exp) ASSERTMSG(msg, exp)
+#define EFLAG_SIGN 0x8000
+#define EFLAG_ZERO 0x4000
+#define EFLAG_SELECT (EFLAG_SIGN | EFLAG_ZERO)
-#define RTL_SOFT_VERIFY(exp) RTL_SOFT_ASSERT(exp)
-#define RTL_SOFT_VERIFYMSG(msg, exp) RTL_SOFT_ASSERTMSG(msg, exp)
+typedef struct _KFLOATING_SAVE {
+ ULONG Dummy;
+} KFLOATING_SAVE, *PKFLOATING_SAVE;
-#if defined(_MSC_VER)
+typedef XSAVE_FORMAT XMM_SAVE_AREA32, *PXMM_SAVE_AREA32;
-#define NT_ASSERT(exp) \
- ((!(exp)) ? \
- (__annotation(L"Debug", L"AssertFail", L#exp), \
- DbgRaiseAssertionFailure(), FALSE) : TRUE)
+#define KeQueryInterruptTime() \
+ (*(volatile ULONG64*)SharedInterruptTime)
-#define NT_ASSERTMSG(msg, exp) \
- ((!(exp)) ? \
- (__annotation(L"Debug", L"AssertFail", L##msg), \
- DbgRaiseAssertionFailure(), FALSE) : TRUE)
+#define KeQuerySystemTime(CurrentCount) \
+ *(ULONG64*)(CurrentCount) = *(volatile ULONG64*)SharedSystemTime
-#define NT_ASSERTMSGW(msg, exp) \
- ((!(exp)) ? \
- (__annotation(L"Debug", L"AssertFail", msg), \
- DbgRaiseAssertionFailure(), FALSE) : TRUE)
+#define KeQueryTickCount(CurrentCount) \
+ *(ULONG64*)(CurrentCount) = *(volatile ULONG64*)SharedTickCount
-#define NT_VERIFY NT_ASSERT
-#define NT_VERIFYMSG NT_ASSERTMSG
-#define NT_VERIFYMSGW NT_ASSERTMSGW
+#define KeGetDcacheFillSize() 1L
-#else
+#define YieldProcessor _mm_pause
+#define FastFence __faststorefence
+#define LoadFence _mm_lfence
+#define MemoryFence _mm_mfence
+#define StoreFence _mm_sfence
+#define LFENCE_ACQUIRE() LoadFence()
-/* GCC doesn't support __annotation (nor PDB) */
-#define NT_ASSERT(exp) \
- (VOID)((!(exp)) ? (DbgRaiseAssertionFailure(), FALSE) : TRUE)
+FORCEINLINE
+VOID
+KeMemoryBarrier(VOID)
+{
+ // FIXME: Do we really need lfence after the __faststorefence ?
+ FastFence();
+ LFENCE_ACQUIRE();
+}
-#define NT_ASSERTMSG NT_ASSERT
-#define NT_ASSERTMSGW NT_ASSERT
+#define KeMemoryBarrierWithoutFence() _ReadWriteBarrier()
-#endif
+FORCEINLINE
+KIRQL
+KeGetCurrentIrql(VOID)
+{
+ return (KIRQL)__readcr8();
+}
-#else /* !DBG */
+FORCEINLINE
+VOID
+KeLowerIrql(IN KIRQL NewIrql)
+{
+ ASSERT((KIRQL)__readcr8() >= NewIrql);
+ __writecr8(NewIrql);
+}
-#define ASSERT(exp) ((VOID) 0)
-#define ASSERTMSG(msg, exp) ((VOID) 0)
+FORCEINLINE
+KIRQL
+KfRaiseIrql(IN KIRQL NewIrql)
+{
+ KIRQL OldIrql;
-#define RTL_SOFT_ASSERT(exp) ((VOID) 0)
-#define RTL_SOFT_ASSERTMSG(msg, exp) ((VOID) 0)
+ OldIrql = (KIRQL)__readcr8();
+ ASSERT(OldIrql <= NewIrql);
+ __writecr8(NewIrql);
+ return OldIrql;
+}
+#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
-#define RTL_VERIFY(exp) ((exp) ? TRUE : FALSE)
-#define RTL_VERIFYMSG(msg, exp) ((exp) ? TRUE : FALSE)
+FORCEINLINE
+KIRQL
+KeRaiseIrqlToDpcLevel(VOID)
+{
+ return KfRaiseIrql(DISPATCH_LEVEL);
+}
-#define RTL_SOFT_VERIFY(exp) ((exp) ? TRUE : FALSE)
-#define RTL_SOFT_VERIFYMSG(msg, exp) ((exp) ? TRUE : FALSE)
+FORCEINLINE
+KIRQL
+KeRaiseIrqlToSynchLevel(VOID)
+{
+ return KfRaiseIrql(12); // SYNCH_LEVEL = IPI_LEVEL - 2
+}
-#define NT_ASSERT(exp) ((VOID)0)
-#define NT_ASSERTMSG(msg, exp) ((VOID)0)
-#define NT_ASSERTMSGW(msg, exp) ((VOID)0)
+FORCEINLINE
+PKTHREAD
+KeGetCurrentThread(VOID)
+{
+ return (struct _KTHREAD *)__readgsqword(0x188);
+}
-#define NT_VERIFY(_exp) ((_exp) ? TRUE : FALSE)
-#define NT_VERIFYMSG(_msg, _exp ) ((_exp) ? TRUE : FALSE)
-#define NT_VERIFYMSGW(_msg, _exp) ((_exp) ? TRUE : FALSE)
+FORCEINLINE
+NTSTATUS
+KeSaveFloatingPointState(PVOID FloatingState)
+{
+ UNREFERENCED_PARAMETER(FloatingState);
+ return STATUS_SUCCESS;
+}
-#endif /* DBG */
+FORCEINLINE
+NTSTATUS
+KeRestoreFloatingPointState(PVOID FloatingState)
+{
+ UNREFERENCED_PARAMETER(FloatingState);
+ return STATUS_SUCCESS;
+}
-#define InitializeListHead32(ListHead) (\
- (ListHead)->Flink = (ListHead)->Blink = PtrToUlong((ListHead)))
+/* VOID
+ * KeFlushIoBuffers(
+ * IN PMDL Mdl,
+ * IN BOOLEAN ReadOperation,
+ * IN BOOLEAN DmaOperation)
+ */
+#define KeFlushIoBuffers(_Mdl, _ReadOperation, _DmaOperation)
-#if !defined(_WINBASE_)
+/* x86 and x64 performs a 0x2C interrupt */
+#define DbgRaiseAssertionFailure __int2c
-#if defined(_WIN64) && (defined(_NTDRIVER_) || defined(_NTDDK_) || defined(_NTIFS_) || defined(_NTHAL_) || defined(_NTOSP_))
+#elif defined(_M_IA64)
+/** Kernel definitions for IA64 **/
-NTKERNELAPI
-VOID
-InitializeSListHead(
- _Out_ PSLIST_HEADER SListHead);
+/* Interrupt request levels */
+#define PASSIVE_LEVEL 0
+#define LOW_LEVEL 0
+#define APC_LEVEL 1
+#define DISPATCH_LEVEL 2
+#define CMC_LEVEL 3
+#define DEVICE_LEVEL_BASE 4
+#define PC_LEVEL 12
+#define IPI_LEVEL 14
+#define DRS_LEVEL 14
+#define CLOCK_LEVEL 13
+#define POWER_LEVEL 15
+#define PROFILE_LEVEL 15
+#define HIGH_LEVEL 15
-#else
+#define KI_USER_SHARED_DATA ((ULONG_PTR)(KADDRESS_BASE + 0xFFFE0000))
+extern volatile LARGE_INTEGER KeTickCount;
+
+#define PAUSE_PROCESSOR __yield();
FORCEINLINE
VOID
-InitializeSListHead(
- _Out_ PSLIST_HEADER SListHead)
+KeFlushWriteBuffer(VOID)
{
-#if defined(_IA64_)
- ULONG64 FeatureBits;
-#endif
-
-#if defined(_WIN64)
- if (((ULONG_PTR)SListHead & 0xf) != 0) {
- RtlRaiseStatus(STATUS_DATATYPE_MISALIGNMENT);
- }
-#endif
- RtlZeroMemory(SListHead, sizeof(SLIST_HEADER));
-#if defined(_IA64_)
- FeatureBits = __getReg(CV_IA64_CPUID4);
- if ((FeatureBits & KF_16BYTE_INSTR) != 0) {
- SListHead->Header16.HeaderType = 1;
- SListHead->Header16.Init = 1;
- }
-#endif
+ __mf ();
+ return;
}
-#endif
+NTSYSAPI
+PKTHREAD
+NTAPI
+KeGetCurrentThread(VOID);
-#if defined(_WIN64)
-#define InterlockedPopEntrySList(Head) \
- ExpInterlockedPopEntrySList(Head)
+#elif defined(_M_PPC)
-#define InterlockedPushEntrySList(Head, Entry) \
- ExpInterlockedPushEntrySList(Head, Entry)
+/* Interrupt request levels */
+#define PASSIVE_LEVEL 0
+#define LOW_LEVEL 0
+#define APC_LEVEL 1
+#define DISPATCH_LEVEL 2
+#define PROFILE_LEVEL 27
+#define CLOCK1_LEVEL 28
+#define CLOCK2_LEVEL 28
+#define IPI_LEVEL 29
+#define POWER_LEVEL 30
+#define HIGH_LEVEL 31
-#define InterlockedFlushSList(Head) \
- ExpInterlockedFlushSList(Head)
+//
+// Used to contain PFNs and PFN counts
+//
+typedef ULONG PFN_COUNT;
+typedef ULONG PFN_NUMBER, *PPFN_NUMBER;
+typedef LONG SPFN_NUMBER, *PSPFN_NUMBER;
-#define QueryDepthSList(Head) \
- ExQueryDepthSList(Head)
-#else /* !defined(_WIN64) */
+typedef struct _KFLOATING_SAVE {
+ ULONG Dummy;
+} KFLOATING_SAVE, *PKFLOATING_SAVE;
-NTKERNELAPI
-PSLIST_ENTRY
+typedef struct _KPCR_TIB {
+ PVOID ExceptionList; /* 00 */
+ PVOID StackBase; /* 04 */
+ PVOID StackLimit; /* 08 */
+ PVOID SubSystemTib; /* 0C */
+ _ANONYMOUS_UNION union {
+ PVOID FiberData; /* 10 */
+ ULONG Version; /* 10 */
+ } DUMMYUNIONNAME;
+ PVOID ArbitraryUserPointer; /* 14 */
+ struct _KPCR_TIB *Self; /* 18 */
+} KPCR_TIB, *PKPCR_TIB; /* 1C */
+
+#define PCR_MINOR_VERSION 1
+#define PCR_MAJOR_VERSION 1
+
+typedef struct _KPCR {
+ KPCR_TIB Tib; /* 00 */
+ struct _KPCR *Self; /* 1C */
+ struct _KPRCB *Prcb; /* 20 */
+ KIRQL Irql; /* 24 */
+ ULONG IRR; /* 28 */
+ ULONG IrrActive; /* 2C */
+ ULONG IDR; /* 30 */
+ PVOID KdVersionBlock; /* 34 */
+ PUSHORT IDT; /* 38 */
+ PUSHORT GDT; /* 3C */
+ struct _KTSS *TSS; /* 40 */
+ USHORT MajorVersion; /* 44 */
+ USHORT MinorVersion; /* 46 */
+ KAFFINITY SetMember; /* 48 */
+ ULONG StallScaleFactor; /* 4C */
+ UCHAR SpareUnused; /* 50 */
+ UCHAR Number; /* 51 */
+} KPCR, *PKPCR; /* 54 */
+
+#define KeGetPcr() PCR
+
+#define YieldProcessor() __asm__ __volatile__("nop");
+
+FORCEINLINE
+ULONG
+NTAPI
+KeGetCurrentProcessorNumber(VOID)
+{
+ ULONG Number;
+ __asm__ __volatile__ (
+ "lwz %0, %c1(12)\n"
+ : "=r" (Number)
+ : "i" (FIELD_OFFSET(KPCR, Number))
+ );
+ return Number;
+}
+
+NTHALAPI
+VOID
FASTCALL
-InterlockedPopEntrySList(
- _Inout_ PSLIST_HEADER ListHead);
+KfLowerIrql(
+ IN KIRQL NewIrql);
+#define KeLowerIrql(a) KfLowerIrql(a)
-NTKERNELAPI
-PSLIST_ENTRY
+NTHALAPI
+KIRQL
FASTCALL
-InterlockedPushEntrySList(
- _Inout_ PSLIST_HEADER ListHead,
- _Inout_ __drv_aliasesMem PSLIST_ENTRY ListEntry);
+KfRaiseIrql(
+ IN KIRQL NewIrql);
+#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
-#define InterlockedFlushSList(ListHead) \
- ExInterlockedFlushSList(ListHead)
+NTHALAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToDpcLevel(VOID);
-#define QueryDepthSList(Head) \
- ExQueryDepthSList(Head)
+NTHALAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToSynchLevel(VOID);
-#endif /* !defined(_WIN64) */
-#endif /* !defined(_WINBASE_) */
-#define RTL_CONTEXT_EX_OFFSET(ContextEx, Chunk) ((ContextEx)->Chunk.Offset)
-#define RTL_CONTEXT_EX_LENGTH(ContextEx, Chunk) ((ContextEx)->Chunk.Length)
-#define RTL_CONTEXT_EX_CHUNK(Base, Layout, Chunk) \
- ((PVOID)((PCHAR)(Base) + RTL_CONTEXT_EX_OFFSET(Layout, Chunk)))
-#define RTL_CONTEXT_OFFSET(Context, Chunk) \
- RTL_CONTEXT_EX_OFFSET((PCONTEXT_EX)(Context + 1), Chunk)
-#define RTL_CONTEXT_LENGTH(Context, Chunk) \
- RTL_CONTEXT_EX_LENGTH((PCONTEXT_EX)(Context + 1), Chunk)
-#define RTL_CONTEXT_CHUNK(Context, Chunk) \
- RTL_CONTEXT_EX_CHUNK((PCONTEXT_EX)(Context + 1), \
- (PCONTEXT_EX)(Context + 1), \
- Chunk)
+#elif defined(_M_MIPS)
+#error MIPS Headers are totally incorrect
-BOOLEAN
-RTLVERLIB_DDI(RtlIsNtDdiVersionAvailable)(
- _In_ ULONG Version);
+//
+// Used to contain PFNs and PFN counts
+//
+typedef ULONG PFN_COUNT;
+typedef ULONG PFN_NUMBER, *PPFN_NUMBER;
+typedef LONG SPFN_NUMBER, *PSPFN_NUMBER;
-BOOLEAN
-RTLVERLIB_DDI(RtlIsServicePackVersionInstalled)(
- _In_ ULONG Version);
+#define PASSIVE_LEVEL 0
+#define APC_LEVEL 1
+#define DISPATCH_LEVEL 2
+#define PROFILE_LEVEL 27
+#define IPI_LEVEL 29
+#define HIGH_LEVEL 31
-#ifndef RtlIsNtDdiVersionAvailable
-#define RtlIsNtDdiVersionAvailable WdmlibRtlIsNtDdiVersionAvailable
-#endif
+typedef struct _KPCR {
+ struct _KPRCB *Prcb; /* 20 */
+ KIRQL Irql; /* 24 */
+ ULONG IRR; /* 28 */
+ ULONG IDR; /* 30 */
+} KPCR, *PKPCR;
-#ifndef RtlIsServicePackVersionInstalled
-#define RtlIsServicePackVersionInstalled WdmlibRtlIsServicePackVersionInstalled
-#endif
+#define KeGetPcr() PCR
-#define RtlInterlockedSetBits(Flags, Flag) \
- InterlockedOr((PLONG)(Flags), Flag)
+typedef struct _KFLOATING_SAVE {
+} KFLOATING_SAVE, *PKFLOATING_SAVE;
-#define RtlInterlockedAndBits(Flags, Flag) \
- InterlockedAnd((PLONG)(Flags), Flag)
+static __inline
+ULONG
+NTAPI
+KeGetCurrentProcessorNumber(VOID)
+{
+ return 0;
+}
-#define RtlInterlockedClearBits(Flags, Flag) \
- RtlInterlockedAndBits(Flags, ~(Flag))
+#define YieldProcessor() __asm__ __volatile__("nop");
-#define RtlInterlockedXorBits(Flags, Flag) \
- InterlockedXor(Flags, Flag)
+#define KeLowerIrql(a) KfLowerIrql(a)
+#define KeRaiseIrql(a,b) *(b) = KfRaiseIrql(a)
-#define RtlInterlockedSetBitsDiscardReturn(Flags, Flag) \
- (VOID) RtlInterlockedSetBits(Flags, Flag)
+NTKERNELAPI
+VOID
+NTAPI
+KfLowerIrql(
+ IN KIRQL NewIrql);
-#define RtlInterlockedAndBitsDiscardReturn(Flags, Flag) \
- (VOID) RtlInterlockedAndBits(Flags, Flag)
+NTKERNELAPI
+KIRQL
+NTAPI
+KfRaiseIrql(
+ IN KIRQL NewIrql);
-#define RtlInterlockedClearBitsDiscardReturn(Flags, Flag) \
- RtlInterlockedAndBitsDiscardReturn(Flags, ~(Flag))
+NTKERNELAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToDpcLevel(VOID);
+NTKERNELAPI
+KIRQL
+NTAPI
+KeRaiseIrqlToSynchLevel(VOID);
+
+
+#elif defined(_M_ARM)
+#include <armddk.h>
+#else
+#error Unknown Architecture
+#endif
-/******************************************************************************
- * Kernel Functions *
- ******************************************************************************/
NTKERNELAPI
VOID
NTAPI
}
#endif
-//DECLSPEC_NORETURN
+DECLSPEC_NORETURN
NTKERNELAPI
VOID
NTAPI
_In_ PDEVICE_OBJECT DeviceObject,
_In_ PIO_DPC_ROUTINE DpcRoutine)
{
+#ifdef _MSC_VER
+#pragma warning(push)
+#pragma warning(disable:28024)
+#endif
KeInitializeDpc(&DeviceObject->Dpc,
(PKDEFERRED_ROUTINE) DpcRoutine,
DeviceObject);
+#ifdef _MSC_VER
+#pragma warning(pop)
+#endif
}
#define DEVICE_INTERFACE_INCLUDE_NONACTIVE 0x00000001
{
#ifdef _MSC_VER
#pragma warning(push)
+#pragma warning(disable:28024)
#pragma warning(disable:28128)
#endif
KeInitializeThreadedDpc(&DeviceObject->Dpc,
projects / reactos.git / blobdiff