#ifndef __INCLUDE_DDK_ZWTYPES_H
#define __INCLUDE_DDK_ZWTYPES_H
+typedef enum _DEBUG_CONTROL_CODE
+{
+ DebugGetTraceInformation = 1,
+ DebugSetInternalBreakpoint,
+ DebugSetSpecialCalls,
+ DebugClearSpecialCalls,
+ DebugQuerySpecialCalls,
+ DebugDbgBreakPoint
+} DEBUG_CONTROL_CODE;
+
+typedef enum _KPROFILE_SOURCE
+{
+ ProfileTime
+} KPROFILE_SOURCE;
+
#define NtCurrentProcess() ( (HANDLE) 0xFFFFFFFF )
#define NtCurrentThread() ( (HANDLE) 0xFFFFFFFE )
+#ifdef __NTOSKRNL__
+extern ULONG EXPORTED NtBuildNumber;
+#else
+extern ULONG IMPORTED NtBuildNumber;
+#endif
// event access mask
#define FILE_OVERWRITE_IF 0x0005
#define FILE_MAXIMUM_DISPOSITION 0x0005
+// job query / set information class
+
+typedef enum _JOBOBJECTINFOCLASS { // Q S
+ JobObjectBasicAccountingInformation = 1, // Y N
+ JobObjectBasicLimitInformation, // Y Y
+ JobObjectBasicProcessIdList, // Y N
+ JobObjectBasicUIRestrictions, // Y Y
+ JobObjectSecurityLimitInformation, // Y Y
+ JobObjectEndOfJobTimeInformation, // N Y
+ JobObjectAssociateCompletionPortInformation, // N Y
+ JobObjectBasicAndIoAccountingInformation, // Y N
+ JobObjectExtendedLimitInformation, // Y Y
+} JOBOBJECTINFOCLASS;
+
//process query / set information class
#define ProcessBasicInformation 0
#define ProcessWx86Information 19
#define ProcessHandleCount 20
#define ProcessAffinityMask 21
-#define ProcessImageFileName 22
-#define MaxProcessInfoClass 23
+#define ProcessImageFileName 22 // ???
+#define ProcessPriorityBoost 22
+#define ProcessDeviceMap 23
+#define ProcessSessionInformation 24
+#define ProcessForegroundInformation 25
+#define ProcessWow64Information 26
+#define MaxProcessInfoClass 26
-// thread query / set information class
+/*
+ * thread query / set information class
+ */
#define ThreadBasicInformation 0
#define ThreadTimes 1
#define ThreadPriority 2
#define ThreadAmILastThread 12
#define ThreadIdealProcessor 13
#define ThreadPriorityBoost 14
-#define MaxThreadInfoClass 15
+#define ThreadSetTlsArrayAddress 15
+#define ThreadIsIoPending 16
+#define ThreadHideFromDebugger 17
+#define MaxThreadInfoClass 17
// object handle information
#define ObjectAllInformation 3
#define ObjectDataInformation 4
+// atom information
+
+typedef enum _ATOM_INFORMATION_CLASS
+{
+ AtomBasicInformation = 0,
+ AtomTableInformation = 1,
+} ATOM_INFORMATION_CLASS;
+
+typedef struct _ATOM_BASIC_INFORMATION
+{
+ USHORT UsageCount;
+ USHORT Flags;
+ USHORT NameLength;
+ WCHAR Name[1];
+} ATOM_BASIC_INFORMATION, *PATOM_BASIC_INFORMATION;
+
+typedef struct _ATOM_TABLE_INFORMATION
+{
+ ULONG NumberOfAtoms;
+ RTL_ATOM Atoms[1];
+} ATOM_TABLE_INFORMATION, *PATOM_TABLE_INFORMATION;
+
+
// semaphore information
-#define SemaphoreBasicInformation 0
+typedef enum _SEMAPHORE_INFORMATION_CLASS
+{
+ SemaphoreBasicInformation = 0
+} SEMAPHORE_INFORMATION_CLASS;
+
+typedef struct _SEMAPHORE_BASIC_INFORMATION
+{
+ LONG CurrentCount;
+ LONG MaximumCount;
+} SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
+
// event information
-#define EventBasicInformation 0
+typedef enum _EVENT_INFORMATION_CLASS
+{
+ EventBasicInformation = 0
+} EVENT_INFORMATION_CLASS;
+
+typedef struct _EVENT_BASIC_INFORMATION
+{
+ EVENT_TYPE EventType;
+ LONG EventState;
+} EVENT_BASIC_INFORMATION, *PEVENT_BASIC_INFORMATION;
+
// system information
// {Nt|Zw}{Query|Set}SystemInformation
+// (GN means Gary Nebbet in "NT/W2K Native API Reference")
typedef
enum _SYSTEM_INFORMATION_CLASS
{
SystemInformationClassMin = 0,
SystemBasicInformation = 0, /* Q */
+
SystemProcessorInformation = 1, /* Q */
+
SystemPerformanceInformation = 2, /* Q */
- SystemTimeInformation = 3, /* Q */
- SystemPathInformation = 4,
+
+ SystemTimeOfDayInformation = 3, /* Q */
+
+ SystemPathInformation = 4, /* Q (checked build only) */
+ SystemNotImplemented1 = 4, /* Q (GN) */
+
SystemProcessInformation = 5, /* Q */
- SystemServiceDescriptorTableInfo = 6, /* Q */
- SystemIoConfigInformation = 7, /* Q */
- SystemProcessorTimeInformation = 8, /* Q */
- SystemNtGlobalFlagInformation = 9, /* QS */
- SystemInformation10 = 10,
+ SystemProcessesAndThreadsInformation = 5, /* Q (GN) */
+
+ SystemCallCountInfoInformation = 6, /* Q */
+ SystemCallCounts = 6, /* Q (GN) */
+
+ SystemDeviceInformation = 7, /* Q */
+// It conflicts with symbol in ntoskrnl/io/resource.c
+// SystemConfigurationInformation = 7, /* Q (GN) */
+
+ SystemProcessorPerformanceInformation = 8, /* Q */
+ SystemProcessorTimes = 8, /* Q (GN) */
+
+ SystemFlagsInformation = 9, /* QS */
+ SystemGlobalFlag = 9, /* QS (GN) */
+
+ SystemCallTimeInformation = 10,
+ SystemNotImplemented2 = 10, /* (GN) */
+
SystemModuleInformation = 11, /* Q */
- SystemResourceLockInformation = 12, /* Q */
- SystemInformation13 = 13,
- SystemInformation14 = 14,
- SystemInformation15 = 15,
+
+ SystemLocksInformation = 12, /* Q */
+ SystemLockInformation = 12, /* Q (GN) */
+
+ SystemStackTraceInformation = 13,
+ SystemNotImplemented3 = 13, /* Q (GN) */
+
+ SystemPagedPoolInformation = 14,
+ SystemNotImplemented4 = 14, /* Q (GN) */
+
+ SystemNonPagedPoolInformation = 15,
+ SystemNotImplemented5 = 15, /* Q (GN) */
+
SystemHandleInformation = 16, /* Q */
+
SystemObjectInformation = 17, /* Q */
+
SystemPageFileInformation = 18, /* Q */
- SystemInstructionEmulationInfo = 19, /* Q */
- SystemInformation20 = 20,
- SystemCacheInformation = 21, /* QS */
+ SystemPagefileInformation = 18, /* Q (GN) */
+
+ SystemVdmInstemulInformation = 19, /* Q */
+ SystemInstructionEmulationCounts = 19, /* Q (GN) */
+
+ SystemVdmBopInformation = 20,
+ SystemInvalidInfoClass1 = 20, /* (GN) */
+
+ SystemFileCacheInformation = 21, /* QS */
+ SystemCacheInformation = 21, /* QS (GN) */
+
SystemPoolTagInformation = 22, /* Q (checked build only) */
- SystemProcessorScheduleInfo = 23, /* Q */
- SystemDpcInformation = 24, /* QS */
- SystemInformation25 = 25,
- SystemLoadImage = 26, /* S (callable) */
- SystemUnloadImage = 27, /* S (callable) */
+
+ SystemInterruptInformation = 23, /* Q */
+ SystemProcessorStatistics = 23, /* Q (GN) */
+
+ SystemDpcBehaviourInformation = 24, /* QS */
+ SystemDpcInformation = 24, /* QS (GN) */
+
+ SystemFullMemoryInformation = 25,
+ SystemNotImplemented6 = 25, /* (GN) */
+
+ SystemLoadGdiDriverInformation = 26, /* S (callable) */
+ SystemLoadImage = 26, /* S (callable) (GN) */
+
+ SystemUnloadGdiDriverInformation = 27, /* S (callable) */
+ SystemUnloadImage = 27, /* S (callable) (GN) */
+
SystemTimeAdjustmentInformation = 28, /* QS */
- SystemInformation29 = 29,
- SystemInformation30 = 30,
- SystemInformation31 = 31,
- SystemCrashDumpSectionInfo = 32, /* Q */
- SystemProcessorFaultCountInfo = 33, /* Q */
- SystemCrashDumpStateInfo = 34, /* Q */
- SystemDebuggerInformation = 35, /* Q */
- SystemThreadSwitchCountersInfo = 36, /* Q */
- SystemQuotaInformation = 37, /* QS */
- SystemLoadDriver = 38, /* S */
- SystemPrioritySeparationInfo = 39, /* S */
- SystemInformation40 = 40,
- SystemInformation41 = 41,
- SystemInformation42 = 42,
- SystemInformation43 = 43,
- SystemTimeZoneInformation = 44, /* QS */
+ SystemTimeAdjustment = 28, /* QS (GN) */
+
+ SystemSummaryMemoryInformation = 29,
+ SystemNotImplemented7 = 29, /* (GN) */
+
+ SystemNextEventIdInformation = 30,
+ SystemNotImplemented8 = 30, /* (GN) */
+
+ SystemEventIdsInformation = 31,
+ SystemNotImplemented9 = 31, /* (GN) */
+
+ SystemCrashDumpInformation = 32, /* Q */
+
+ SystemExceptionInformation = 33, /* Q */
+
+ SystemCrashDumpStateInformation = 34, /* Q */
+
+ SystemKernelDebuggerInformation = 35, /* Q */
+
+ SystemContextSwitchInformation = 36, /* Q */
+
+ SystemRegistryQuotaInformation = 37, /* QS */
+
+ SystemExtendServiceTableInformation = 38, /* S */
+ SystemLoadAndCallImage = 38, /* S (GN) */
+
+ SystemPrioritySeparation = 39, /* S */
+
+ SystemPlugPlayBusInformation = 40,
+ SystemNotImplemented10 = 40, /* Q (GN) */
+
+ SystemDockInformation = 41,
+ SystemNotImplemented11 = 41, /* Q (GN) */
+
+ SystemPowerInformation = 42,
+ SystemInvalidInfoClass2 = 42, /* (GN) */
+
+ SystemProcessorSpeedInformation = 43,
+ SystemInvalidInfoClass3 = 43, /* (GN) */
+
+ SystemCurrentTimeZoneInformation = 44, /* QS */
+ SystemTimeZoneInformation = 44, /* QS (GN) */
+
SystemLookasideInformation = 45, /* Q */
+
+ SystemSetTimeSlipEvent = 46, /* S (GN) */
+
+ SystemCreateSession = 47, /* S (GN) */
+
+ SystemDeleteSession = 48, /* S (GN) */
+
+ SystemInvalidInfoClass4 = 49, /* (GN) */
+
+ SystemRangeStartInformation = 50, /* Q (GN) */
+
+ SystemVerifierInformation = 51, /* QS (GN) */
+
+ SystemAddVerifier = 52, /* S (GN) */
+
+ SystemSessionProcessesInformation = 53, /* Q (GN) */
SystemInformationClassMax
} SYSTEM_INFORMATION_CLASS;
typedef
struct _SYSTEM_BASIC_INFORMATION
{
- DWORD AlwaysZero;
- ULONG KeMaximumIncrement;
- ULONG MmPageSize;
- ULONG MmNumberOfPhysicalPages;
- ULONG MmLowestPhysicalPage;
- ULONG MmHighestPhysicalPage;
- PVOID MmLowestUserAddress;
- PVOID MmLowestUserAddress1;
- PVOID MmHighestUserAddress;
- DWORD KeActiveProcessors;
- USHORT KeNumberProcessors;
-
+ ULONG Reserved;
+ ULONG TimerResolution;
+ ULONG PageSize;
+ ULONG NumberOfPhysicalPages;
+ ULONG LowestPhysicalPageNumber;
+ ULONG HighestPhysicalPageNumber;
+ ULONG AllocationGranularity;
+ ULONG MinimumUserModeAddress;
+ ULONG MaximumUserModeAddress;
+ KAFFINITY ActiveProcessorsAffinityMask;
+ CCHAR NumberOfProcessors;
} SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
// SystemProcessorInformation (1)
typedef
struct _SYSTEM_PROCESSOR_INFORMATION
{
- USHORT KeProcessorArchitecture;
- USHORT KeProcessorLevel;
- USHORT KeProcessorRevision;
- USHORT AlwaysZero;
- DWORD KeFeatureBits;
-
+ USHORT ProcessorArchitecture;
+ USHORT ProcessorLevel;
+ USHORT ProcessorRevision;
+ USHORT Reserved;
+ ULONG ProcessorFeatureBits;
} SYSTEM_PROCESSOR_INFORMATION, *PSYSTEM_PROCESSOR_INFORMATION;
// SystemPerformanceInfo (2)
typedef
-struct _SYSTEM_PERFORMANCE_INFO
+struct _SYSTEM_PERFORMANCE_INFORMATION
{
- LARGE_INTEGER TotalProcessorTime;
+ LARGE_INTEGER IdleProcessorTime;
LARGE_INTEGER IoReadTransferCount;
LARGE_INTEGER IoWriteTransferCount;
LARGE_INTEGER IoOtherTransferCount;
ULONG IoReadOperationCount;
ULONG IoWriteOperationCount;
ULONG IoOtherOperationCount;
- ULONG MmAvailablePages;
- ULONG MmTotalCommitedPages;
- ULONG MmTotalCommitLimit;
- ULONG MmPeakLimit;
- ULONG PageFaults;
- ULONG WriteCopies;
- ULONG TransitionFaults;
- ULONG Unknown1;
- ULONG DemandZeroFaults;
- ULONG PagesInput;
- ULONG PagesRead;
- ULONG Unknown2;
- ULONG Unknown3;
- ULONG PagesOutput;
- ULONG PageWrites;
- ULONG Unknown4;
- ULONG Unknown5;
- ULONG PoolPagedBytes;
- ULONG PoolNonPagedBytes;
+ ULONG AvailablePages;
+ ULONG CommitedPages;
+ ULONG CommitLimit;
+ ULONG PeakCommitment;
+ ULONG PageFaultCount;
+ ULONG CopyOnWriteCount;
+ ULONG TransitionCount;
+ ULONG CacheTransitionCount;
+ ULONG DemandZeroCount;
+ ULONG PageReadCount;
+ ULONG PageReadIoCount;
+ ULONG CacheReadCount;
+ ULONG CacheIoCount;
+ ULONG DirtyPagesWriteCount;
+ ULONG DirtyWriteIoCount;
+ ULONG MappedPagesWriteCount;
+ ULONG MappedWriteIoCount;
+ ULONG PagedPoolPages;
+ ULONG NonPagedPoolPages;
ULONG Unknown6;
ULONG Unknown7;
ULONG Unknown8;
} SYSTEM_PERFORMANCE_INFO, *PSYSTEM_PERFORMANCE_INFO;
-// SystemTimeInformation (3)
+// SystemTimeOfDayInformation (3)
typedef
-struct _SYSTEM_TIME_INFORMATION
+struct _SYSTEM_TIMEOFDAY_INFORMATION
{
- TIME KeBootTime;
- TIME KeSystemTime;
- TIME ExpTimeZoneBias;
- ULONG ExpTimeZoneId;
- ULONG Unused;
-
-} SYSTEM_TIME_INFORMATION, *PSYSTEM_TIME_INFORMATION;
+ LARGE_INTEGER BootTime;
+ LARGE_INTEGER CurrentTime;
+ LARGE_INTEGER TimeZoneBias;
+ ULONG TimeZoneId;
+ ULONG Reserved;
+} SYSTEM_TIMEOFDAY_INFORMATION, *PSYSTEM_TIMEOFDAY_INFORMATION;
// SystemPathInformation (4)
// IT DOES NOT WORK
} SYSTEM_PATH_INFORMATION, * PSYSTEM_PATH_INFORMATION;
-// SystemProcessThreadInfo (5)
+// SystemProcessInformation (5)
typedef
struct _SYSTEM_THREAD_INFORMATION
{
} SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;
-// SystemServiceDescriptorTableInfo (6)
+// SystemCallCountInformation (6)
typedef
struct _SYSTEM_SDT_INFORMATION
{
} SYSTEM_SDT_INFORMATION, *PSYSTEM_SDT_INFORMATION;
-// SystemIoConfigInformation (7)
+// SystemDeviceInformation (7)
typedef
-struct _SYSTEM_IOCONFIG_INFORMATION
+struct _SYSTEM_DEVICE_INFORMATION
{
- ULONG DiskCount;
- ULONG FloppyCount;
- ULONG CdRomCount;
- ULONG TapeCount;
- ULONG SerialCount;
- ULONG ParallelCount;
-
-} SYSTEM_IOCONFIG_INFORMATION, *PSYSTEM_IOCONFIG_INFORMATION;
-
-// SystemProcessorTimeInformation (8)
+ ULONG NumberOfDisks;
+ ULONG NumberOfFloppies;
+ ULONG NumberOfCdRoms;
+ ULONG NumberOfTapes;
+ ULONG NumberOfSerialPorts;
+ ULONG NumberOfParallelPorts;
+} SYSTEM_DEVICE_INFORMATION, *PSYSTEM_DEVICE_INFORMATION;
+
+// SystemProcessorPerformanceInformation (8)
+// (one per processor in the system)
typedef
struct _SYSTEM_PROCESSORTIME_INFO
{
TIME TotalInterruptTime;
ULONG TotalInterrupts;
ULONG Unused;
-
+
} SYSTEM_PROCESSORTIME_INFO, *PSYSTEM_PROCESSORTIME_INFO;
-// SystemNtGlobalFlagInformation (9)
+// SystemFlagsInformation (9)
typedef
-struct _SYSTEM_GLOBAL_FLAG_INFO
+struct _SYSTEM_FLAGS_INFORMATION
{
- ULONG NtGlobalFlag;
-
-} SYSTEM_GLOBAL_FLAG_INFO, * PSYSTEM_GLOBAL_FLAG_INFO;
-
-// SystemInformation10 (10)
+ ULONG Flags;
+
+} SYSTEM_FLAGS_INFORMATION, * PSYSTEM_FLAGS_INFORMATION;
+
+#define FLG_STOP_ON_EXCEPTION 0x00000001
+#define FLG_SHOW_LDR_SNAPS 0x00000002
+#define FLG_DEBUG_INITIAL_COMMAND 0x00000004
+#define FLG_STOP_ON_HANG_GUI 0x00000008
+#define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
+#define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
+#define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
+#define FLG_HEAP_VALIDATE_ALL 0x00000080
+#define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
+#define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
+#define FLG_POOL_ENABLE_TAGGING 0x00000400
+#define FLG_HEAP_ENABLE_TAGGING 0x00000800
+#define FLG_USER_STACK_TRACE_DB 0x00001000
+#define FLG_KERNEL_STACK_TRACE_DB 0x00002000
+#define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
+#define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
+#define FLG_IGNORE_DEBUG_PRIV 0x00010000
+#define FLG_ENABLE_CSRDEBUG 0x00020000
+#define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
+#define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
+#define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
+#define FLG_HEAP_DISABLE_COALESCING 0x00200000
+#define FLG_ENABLE_CLOSE_EXCEPTION 0x00400000
+#define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
+#define FLG_UNKNOWN_01000000 0x01000000
+#define FLG_UNKNOWN_02000000 0x02000000
+#define FLG_UNKNOWN_04000000 0x04000000
+#define FLG_ENABLE_DBGPRINT_BUFFERING 0x08000000
+#define FLG_UNKNOWN_10000000 0x10000000
+#define FLG_UNKNOWN_20000000 0x20000000
+#define FLG_UNKNOWN_40000000 0x40000000
+#define FLG_UNKNOWN_80000000 0x80000000
+
+// SystemCallTimeInformation (10)
// UNKNOWN
// SystemModuleInformation (11)
typedef
struct _SYSTEM_MODULE_ENTRY
{
- ULONG Unused;
- ULONG Always0;
- ULONG ModuleBaseAddress;
- ULONG ModuleSize;
- ULONG Unknown;
- ULONG ModuleEntryIndex;
- USHORT ModuleNameLength; /* Length of module name not including the path, this field contains valid value only for NTOSKRNL module*/
- USHORT ModulePathLength; /* Length of 'directory path' part of modulename*/
- CHAR ModuleName [256];
-
+ ULONG Unknown1;
+ ULONG Unknown2;
+ PVOID BaseAddress;
+ ULONG Size;
+ ULONG Flags;
+ ULONG EntryIndex;
+ USHORT NameLength; /* Length of module name not including the path, this field contains valid value only for NTOSKRNL module*/
+ USHORT PathLength; /* Length of 'directory path' part of modulename*/
+ CHAR Name [256];
} SYSTEM_MODULE_ENTRY, * PSYSTEM_MODULE_ENTRY;
typedef
{
ULONG Count;
SYSTEM_MODULE_ENTRY Module [1];
-
} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
-// SystemResourceLockInformation (12)
+// SystemLocksInformation (12)
typedef
struct _SYSTEM_RESOURCE_LOCK_ENTRY
{
// UNKNOWN
// SystemHandleInformation (16)
-#if 0
-#define OBJECT_TYPE_0 0
-#define OBJECT_TYPE_1 1
-#define OBJECT_TYPE_OBJDIRECTORY 2
-#define OBJECT_TYPE_SYMLINK 3
-#define OBJECT_TYPE_TOKEN 4
-#define OBJECT_TYPE_PROCESS 5
-#define OBJECT_TYPE_THREAD 6
-#define OBJECT_TYPE_EVENT 7
-#define OBJECT_TYPE_8 8
-#define OBJECT_TYPE_MUTANT 9
-#define OBJECT_TYPE_SEMAPHORE 10
-#define OBJECT_TYPE_TIMER 11
-#define OBJECT_TYPE_12 12
-#define OBJECT_TYPE_WINSTATION 13
-#define OBJECT_TYPE_DESKTOP 14
-#define OBJECT_TYPE_SECTION 15
-#define OBJECT_TYPE_KEY 16
-#define OBJECT_TYPE_PORT 17
-#define OBJECT_TYPE_18 18
-#define OBJECT_TYPE_19 19
-#define OBJECT_TYPE_20 20
-#define OBJECT_TYPE_21 21
-#define OBJECT_TYPE_IOCOMPLETION 22
-#define OBJECT_TYPE_FILE 23
-#endif
+// (see ontypes.h)
typedef
struct _SYSTEM_HANDLE_ENTRY
{
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
// SystemObjectInformation (17)
-// UNKNOWN
+typedef
+struct _SYSTEM_OBJECT_TYPE_INFORMATION
+{
+ ULONG NextEntryOffset;
+ ULONG ObjectCount;
+ ULONG HandleCount;
+ ULONG TypeNumber;
+ ULONG InvalidAttributes;
+ GENERIC_MAPPING GenericMapping;
+ ACCESS_MASK ValidAccessMask;
+ POOL_TYPE PoolType;
+ UCHAR Unknown;
+ UNICODE_STRING Name;
+
+} SYSTEM_OBJECT_TYPE_INFORMATION, *PSYSTEM_OBJECT_TYPE_INFORMATION;
+
typedef
struct _SYSTEM_OBJECT_INFORMATION
{
- DWORD Unknown;
- /* FIXME */
+ ULONG NextEntryOffset;
+ PVOID Object;
+ ULONG CreatorProcessId;
+ USHORT Unknown;
+ USHORT Flags;
+ ULONG PointerCount;
+ ULONG HandleCount;
+ ULONG PagedPoolUsage;
+ ULONG NonPagedPoolUsage;
+ ULONG ExclusiveProcessId;
+ PSECURITY_DESCRIPTOR SecurityDescriptor;
+ UNICODE_STRING Name;
+
} SYSTEM_OBJECT_INFORMATION, *PSYSTEM_OBJECT_INFORMATION;
// SystemPageFileInformation (18)
{
ULONG Count;
SYSTEM_POOL_TAG_ENTRY PoolEntry [1];
-
+
} SYSTEM_POOL_TAG_INFO, *PSYSTEM_POOL_TAG_INFO;
// SystemProcessorScheduleInfo (23)
// SystemInformation25 (25)
// UNKNOWN
-// SystemLoadImage (26)
-typedef
-struct _SYSTEM_IMAGE_LOAD
-{
- UNICODE_STRING ModuleFileName IN;
- PVOID BaseAddress OUT;
- PVOID Section OUT;
- PVOID EntryPoint OUT;
- PVOID ExportDirectory OUT;
-
-} SYSTEM_IMAGE_LOAD, *PSYSTEM_IMAGE_LOAD;
-
-// SystemUnloadImage (27)
-typedef
-struct _SYSTEM_IMAGE_UNLOAD
+// SystemLoadGdiDriverInformation (26)
+// SystemUnloadGdiDriverInformation (27)
+typedef struct _SYSTEM_GDI_DRIVER_INFORMATION
{
- PVOID Section IN; /* see SYSTEM_IMAGE_LOAD.ModuleSection */
-
-} SYSTEM_IMAGE_UNLOAD, *PSYSTEM_IMAGE_UNLOAD;
-
+ UNICODE_STRING DriverName;
+ PVOID ImageAddress;
+ PVOID SectionPointer;
+ PVOID EntryPoint;
+// PIMAGE_EXPORT_DIRECTORY ExportSectionPointer;
+ PVOID ExportSectionPointer;
+} SYSTEM_GDI_DRIVER_INFORMATION, *PSYSTEM_GDI_DRIVER_INFORMATION;
// SystemTimeAdjustmentInformation (28)
-// (what is the right one?)
-#if 0
typedef
-struct _SYSTEM_TIME_ADJUSTMENT_INFO
+struct _SYSTEM_QUERY_TIME_ADJUSTMENT
{
- TIME TimeAdjustment;
- BOOL TimeAdjustmentDisabled;
+ ULONG TimeAdjustment;
+ ULONG MaximumIncrement;
+ BOOLEAN TimeSynchronization;
+
+} SYSTEM_QUERY_TIME_ADJUSTMENT, *PSYSTEM_QUERY_TIME_ADJUSTMENT;
-} SYSTEM_TIME_ADJUSTMENT_INFO, *PSYSTEM_TIME_ADJUSTMENT_INFO;
-#else
typedef
-struct _SYSTEM_TIME_ADJUSTMENT_INFO
+struct _SYSTEM_SET_TIME_ADJUSTMENT
{
- ULONG KeTimeAdjustment;
- ULONG KeMaximumIncrement;
- BOOLEAN KeTimeSynchronization;
+ ULONG TimeAdjustment;
+ BOOLEAN TimeSynchronization;
} SYSTEM_TIME_ADJUSTMENT_INFO, *PSYSTEM_TIME_ADJUSTMENT_INFO;
-#endif
// SystemProcessorFaultCountInfo (33)
typedef
} SYSTEM_DRIVER_LOAD, *PSYSTEM_DRIVER_LOAD;
+// SystemTimeZoneInformation (44)
+typedef
+struct _SYSTEM_TIME_ZONE_INFORMATION
+{
+ LONG Bias;
+ WCHAR StandardName [32];
+ TIME StandardDate;
+ LONG StandardBias;
+ WCHAR DaylightName [32];
+ TIME DaylightDate;
+ LONG DaylightBias;
+} SYSTEM_TIME_ZONE_INFORMATION, * PSYSTEM_TIME_ZONE_INFORMATION;
+
+// SystemLookasideInformation (45)
+typedef
+struct _SYSTEM_LOOKASIDE_INFORMATION
+{
+ USHORT Depth;
+ USHORT MaximumDepth;
+ ULONG TotalAllocates;
+ ULONG AllocatesMisses;
+ ULONG TotalFrees;
+ ULONG FreeMisses;
+ POOL_TYPE Type;
+ ULONG Tag;
+ ULONG Size;
+
+} SYSTEM_LOOKASIDE_INFORMATION, * PSYSTEM_LOOKASIDE_INFORMATION;
+
+// SystemSetTimeSlipEvent (46)
+typedef
+struct _SYSTEM_SET_TIME_SLIP_EVENT
+{
+ HANDLE TimeSlipEvent; /* IN */
+
+} SYSTEM_SET_TIME_SLIP_EVENT, * PSYSTEM_SET_TIME_SLIP_EVENT;
+
+// SystemCreateSession (47)
+// (available only on TSE/NT5+)
+typedef
+struct _SYSTEM_CREATE_SESSION
+{
+ ULONG SessionId; /* OUT */
+
+} SYSTEM_CREATE_SESSION, * PSYSTEM_CREATE_SESSION;
+
+// SystemDeleteSession (48)
+// (available only on TSE/NT5+)
+typedef
+struct _SYSTEM_DELETE_SESSION
+{
+ ULONG SessionId; /* IN */
+
+} SYSTEM_DELETE_SESSION, * PSYSTEM_DELETE_SESSION;
+
+// (49)
+// UNKNOWN
+
+// SystemRangeStartInformation (50)
+typedef
+struct _SYSTEM_RANGE_START_INFORMATION
+{
+ PVOID SystemRangeStart;
+
+} SYSTEM_RANGE_START_INFORMATION, * PSYSTEM_RANGE_START_INFORMATION;
+
+// SystemVerifierInformation (51)
+// UNKNOWN
+
+// SystemAddVerifier (52)
+// UNKNOWN
+
+// SystemSessionProcessesInformation (53)
+// (available only on TSE/NT5+)
+typedef
+struct _SYSTEM_SESSION_PROCESSES_INFORMATION
+{
+ ULONG SessionId;
+ ULONG BufferSize;
+ PVOID Buffer; /* same format as in SystemProcessInformation */
+
+} SYSTEM_SESSION_PROCESSES_INFORMATION, * PSYSTEM_SESSION_PROCESSES_INFORMATION;
// memory information
#define SYMBOLIC_LINK_QUERY 0x0001
#define SYMBOLIC_LINK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)
-typedef struct _PROCESS_WS_WATCH_INFORMATION
-{
- PVOID FaultingPc;
- PVOID FaultingVa;
-} PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;
-
+// Information class 0
typedef struct _PROCESS_BASIC_INFORMATION
{
NTSTATUS ExitStatus;
ULONG InheritedFromUniqueProcessId;
} PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
+// Information class 1
typedef struct _QUOTA_LIMITS
{
ULONG PagedPoolLimit;
TIME TimeLimit;
} QUOTA_LIMITS, *PQUOTA_LIMITS;
+// Information class 2
typedef struct _IO_COUNTERS
{
ULONG ReadOperationCount;
LARGE_INTEGER OtherTransferCount;
} IO_COUNTERS, *PIO_COUNTERS;
-
+// Information class 3
typedef struct _VM_COUNTERS_
{
ULONG PeakVirtualSize;
ULONG PeakPagefileUsage;
} VM_COUNTERS, *PVM_COUNTERS;
+// Information class 4
+typedef struct _KERNEL_USER_TIMES
+{
+ TIME CreateTime;
+ TIME ExitTime;
+ TIME KernelTime;
+ TIME UserTime;
+} KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
+// Information class 9
+typedef struct _PROCESS_ACCESS_TOKEN
+{
+ HANDLE Token;
+ HANDLE Thread;
+} PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
+
+// Information class 14
typedef struct _POOLED_USAGE_AND_LIMITS_
{
ULONG PeakPagedPoolUsage;
ULONG PagefileLimit;
} POOLED_USAGE_AND_LIMITS, *PPOOLED_USAGE_AND_LIMITS;
+// Information class 15
+typedef struct _PROCESS_WS_WATCH_INFORMATION
+{
+ PVOID FaultingPc;
+ PVOID FaultingVa;
+} PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;
-typedef struct _PROCESS_ACCESS_TOKEN
+// Information class 18
+typedef struct _PROCESS_PRIORITY_CLASS
{
- HANDLE Token;
- HANDLE Thread;
-} PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
+ BOOLEAN Foreground;
+ UCHAR PriorityClass;
+} PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
-typedef struct _KERNEL_USER_TIMES
+// Information class 23
+typedef struct _PROCESS_DEVICEMAP_INFORMATION
{
- TIME CreateTime;
- TIME ExitTime;
- TIME KernelTime;
- TIME UserTime;
-} KERNEL_USER_TIMES;
-typedef KERNEL_USER_TIMES *PKERNEL_USER_TIMES;
+ union {
+ struct {
+ HANDLE DirectoryHandle;
+ } Set;
+ struct {
+ ULONG DriveMap;
+ UCHAR DriveType[32];
+ } Query;
+ };
+} PROCESS_DEVICEMAP_INFORMATION, *pPROCESS_DEVICEMAP_INFORMATION;
+
+// Information class 24
+typedef struct _PROCESS_SESSION_INFORMATION
+{
+ ULONG SessionId;
+} PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
// thread information
typedef struct _THREAD_BASIC_INFORMATION
{
- NTSTATUS ExitStatus;
- PVOID TebBaseAddress;
- KAFFINITY AffinityMask;
- KPRIORITY BasePriority;
- ULONG UniqueThreadId;
+ NTSTATUS ExitStatus;
+ PVOID TebBaseAddress; // PNT_TIB (GN)
+ CLIENT_ID ClientId;
+ KAFFINITY AffinityMask;
+ KPRIORITY Priority;
+ KPRIORITY BasePriority;
} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
// object information
typedef struct _FILE_DISPOSITION_INFORMATION
{
- BOOLEAN DeleteFile;
+ BOOLEAN DoDeleteFile;
} FILE_DISPOSITION_INFORMATION, *PFILE_DISPOSITION_INFORMATION;
typedef struct _FILE_END_OF_FILE_INFORMATION
ULONG Mode;
} FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
+
+typedef struct _FILE_PIPE_INFORMATION {
+ ULONG ReadMode;
+ ULONG CompletionMode;
+} FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
+
+typedef struct _FILE_PIPE_LOCAL_INFORMATION {
+ ULONG NamedPipeType;
+ ULONG NamedPipeConfiguration;
+ ULONG MaximumInstances;
+ ULONG CurrentInstances;
+ ULONG InboundQuota;
+ ULONG ReadDataAvailable;
+ ULONG OutboundQuota;
+ ULONG WriteQuotaAvailable;
+ ULONG NamedPipeState;
+ ULONG NamedPipeEnd;
+} FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
+
+typedef struct _FILE_PIPE_REMOTE_INFORMATION {
+ LARGE_INTEGER CollectDataTime;
+ ULONG MaximumCollectionCount;
+} FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
+
+typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
+ ULONG MaxMessageSize;
+ ULONG Unknown; /* ?? */
+ ULONG NextSize;
+ ULONG MessageCount;
+ LARGE_INTEGER Timeout;
+} FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
+
+typedef struct _FILE_MAILSLOT_SET_INFORMATION {
+ LARGE_INTEGER Timeout;
+} FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
+
typedef struct _FILE_COMPRESSION_INFORMATION {
LARGE_INTEGER CompressedFileSize;
USHORT CompressionFormat;
FILE_NAME_INFORMATION NameInformation;
} FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
+
// file system information structures
typedef struct _FILE_FS_DEVICE_INFORMATION {
*/
-//FIXME: I am a win32 object
-typedef
-VOID
-(*PTIMERAPCROUTINE)(
- LPVOID lpArgToCompletionRoutine,
- DWORD dwTimerLowValue,
- DWORD dwTimerHighValue
- );
-
-
// File System Control commands ( related to defragging )
#define FSCTL_READ_MFT_RECORD 0x90068 // NTFS only
} MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
-// semaphore information
-
-typedef struct _SEMAPHORE_BASIC_INFORMATION
-{
- ULONG CurrentCount;
- ULONG MaximumCount;
-} SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
-
-// event information
-
-typedef struct _EVENT_BASIC_INFORMATION
-{
- BOOL AutomaticReset;
- BOOL Signaled;
-} EVENT_BASIC_INFORMATION, *PEVENT_INFORMATION;
//typedef enum _TIMER_TYPE
//{
// SynchronizationTimer
//} TIMER_TYPE;
+typedef struct _TIMER_BASIC_INFORMATION
+{
+ LARGE_INTEGER TimeRemaining;
+ BOOLEAN SignalState;
+} TIMER_BASIC_INFORMATION, *PTIMER_BASIC_INFORMATION;
+
+typedef enum _TIMER_INFORMATION_CLASS
+{
+ TimerBasicInformation
+} TIMER_INFORMATION_CLASS;
+
typedef
struct _LPC_PORT_BASIC_INFORMATION
{
} LPC_PORT_BASIC_INFORMATION, * PLPC_PORT_BASIC_INFORMATION;
+typedef struct _SECTION_BASIC_INFORMATION
+{
+ PVOID BaseAddress;
+ ULONG Attributes;
+ LARGE_INTEGER Size;
+} SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
+
+typedef struct _SECTION_IMAGE_INFORMATION
+{
+ PVOID EntryPoint;
+ ULONG Unknown1;
+ ULONG StackReserve;
+ ULONG StackCommit;
+ ULONG Subsystem;
+ USHORT MinorSubsystemVersion;
+ USHORT MajorSubsystemVersion;
+ ULONG Unknown2;
+ ULONG Characteristics;
+ USHORT ImageNumber;
+ BOOLEAN Executable;
+ UCHAR Unknown3;
+ ULONG Unknown4[3];
+} SECTION_IMAGE_INFORMATION, *PSECTION_IMAGE_INFORMATION;
+
+typedef enum _SECTION_INFORMATION_CLASS
+{
+ SectionBasicInformation,
+ SectionImageInformation,
+} SECTION_INFORMATION_CLASS;
+
#endif
projects / reactos.git / blobdiff