2002-11-13 Casper S. Hornstrup <chorns@users.sourceforge.net>
authorCasper Hornstrup <chorns@users.sourceforge.net>
Thu, 14 Nov 2002 18:21:07 +0000 (18:21 +0000)
committerCasper Hornstrup <chorns@users.sourceforge.net>
Thu, 14 Nov 2002 18:21:07 +0000 (18:21 +0000)
* drivers/bus/acpi/ospm/osl.c (acpi_os_readable, acpi_os_writable):
Match prototypes.
* include/ascii.h (AbortSystemShutdownA): Correct prototype.
* include/debug.h (assert): Wrap in #ifndef assert.
* include/funcs.h (AbortSystemShutdown): Remove duplicate prototype.
* include/ddk/rtltypes.h: Move ...
* include/ntos/rtltypes.h: ... here.
* include/ddk/rtl.h: Move ...
* include/ntos/rtl.h: ... here.
* include/ddk/zwtypes.h: Move ...
* include/ntos/zwtypes.h: ... here.
* include/ddk/zw.h: Move ...
* include/ntos/zw.h: ... here.
| include/ddk/cmfuncs.h: Remove file; Move NtCreateKey to ntos/zw.h.
* include/ntos.h: #include ntos/rtltypes.h, ntos/rtl.h, ntos/zwtypes.h,
and ntos/zw.h.
* include/unicode.h: (AbortSystemShutdownW): Correct prototype.
* include/ddk/ntddk.h: Include headers at new location; Don't include
removed files.
* include/defines.h: Wrap definitions in w32api in #ifndef __USE_W32API.
* include/ntos/zwtypes.h: Ditto.
* include/napi/lpc.h: Ditto.
* include/napi/shared_data.h: Ditto.
* include/napi/teb.h: Ditto.
* include/napi/types.h: Ditto.
* include/ntdll/ldr.h: Ditto.
* include/ntdll/rtl.h: Ditto.
* include/ntos/console.h: Ditto.
* include/ntos/disk.h: Ditto.
* include/ntos/except.h: Ditto.
* include/ntos/file.h: Ditto.
* include/ntos/gditypes.h: Ditto.
* include/ntos/heap.h: Ditto.
* include/ntos/keyboard.h: Ditto.
* include/ntos/mm.h: Ditto.
* include/ntos/ntdef.h: Ditto.
* include/ntos/ps.h: Ditto.
* include/ntos/registry.h: Ditto.
* include/ntos/security.h: Ditto.
* include/ntos/synch.h: Ditto.
* include/ntos/time.h: Ditto.
* include/ntos/types.h: Ditto.
* include/ntos/port.h: Ditto.
* lib/advapi32/misc/shutdown.c (AbortSystemShutdownW,
AbortSystemShutdownA): Correct prototype.
* lib/advapi32/reg/reg.c: #include ntos.h.
* lib/advapi32/sec/misc.c: Ditto.
* lib/advapi32/sec/sid.c: Ditto.
* lib/advapi32/service/sctrl.c: Ditto.
* lib/advapi32/token/token.c: Ditto.
* lib/kernel32/misc/dllmain.c: Ditto.
* ntoskrnl/ex/napi.c: Ditto.
* ntoskrnl/rtl/i386/exception.c: Ditto.
* lib/advapi32/sec/ac.c: Ditto.
(FindFirstFreeAce, GetAce): Change PACE* to PACE_HEADER*.
* lib/advapi32/service/scm.c (EnumServicesStatusExA,
EnumServicesStatusExW, QueryServiceStatusEx): Correct prototype.
* lib/ntdll/rtl/ppb.c (RtlDestroyProcessParameters): Match prototype.
* ntoskrnl/dbg/errinfo.c (DbgGetErrorText): Use %08x, not %08lx.
* ntoskrnl/io/arcname.c (IoCreateSystemRootLink): Use %u, not %lu.
* ntoskrnl/ke/main.c (ExpInitializeExecutive): Ditto.
* (_main): Use %d, not %ld.
* ntoskrnl/include/internal/i386/ke.h: Add #pragma GCC system_header.
* include/ddk/ntdef.h (NTSYSAPI, NTAPI, NTKERNELAPI): Define to STDCALL;
Check if already defined.
* include/base.h (STDCALL, CDECL, CALLBACK, PASCAL): Move to ntos/types.h.

svn path=/trunk/; revision=3755

59 files changed:
reactos/ChangeLog
reactos/drivers/bus/acpi/ospm/osl.c
reactos/include/ascii.h
reactos/include/base.h
reactos/include/ddk/cmfuncs.h [deleted file]
reactos/include/ddk/ntddk.h
reactos/include/ddk/ntdef.h
reactos/include/ddk/rtl.h [deleted file]
reactos/include/ddk/rtltypes.h [deleted file]
reactos/include/ddk/zw.h [deleted file]
reactos/include/ddk/zwtypes.h [deleted file]
reactos/include/debug.h
reactos/include/defines.h
reactos/include/funcs.h
reactos/include/napi/lpc.h
reactos/include/napi/shared_data.h
reactos/include/napi/teb.h
reactos/include/napi/types.h
reactos/include/ntdll/ldr.h
reactos/include/ntdll/rtl.h
reactos/include/ntos.h
reactos/include/ntos/cdrom.h
reactos/include/ntos/console.h
reactos/include/ntos/disk.h
reactos/include/ntos/except.h
reactos/include/ntos/file.h
reactos/include/ntos/gditypes.h
reactos/include/ntos/heap.h
reactos/include/ntos/kdbgsyms.h
reactos/include/ntos/keyboard.h
reactos/include/ntos/minmax.h
reactos/include/ntos/mm.h
reactos/include/ntos/ntdef.h
reactos/include/ntos/port.h
reactos/include/ntos/ps.h
reactos/include/ntos/registry.h
reactos/include/ntos/security.h
reactos/include/ntos/synch.h
reactos/include/ntos/time.h
reactos/include/ntos/types.h
reactos/include/pe.h
reactos/include/unicode.h
reactos/lib/advapi32/misc/shutdown.c
reactos/lib/advapi32/reg/reg.c
reactos/lib/advapi32/sec/ac.c
reactos/lib/advapi32/sec/misc.c
reactos/lib/advapi32/sec/sec.c
reactos/lib/advapi32/sec/sid.c
reactos/lib/advapi32/service/scm.c
reactos/lib/advapi32/service/sctrl.c
reactos/lib/advapi32/token/token.c
reactos/lib/kernel32/misc/dllmain.c
reactos/lib/ntdll/rtl/ppb.c
reactos/ntoskrnl/dbg/errinfo.c
reactos/ntoskrnl/ex/napi.c
reactos/ntoskrnl/include/internal/i386/ke.h
reactos/ntoskrnl/io/arcname.c
reactos/ntoskrnl/ke/main.c
reactos/ntoskrnl/rtl/i386/exception.c

index c2936d4..a3c4087 100644 (file)
@@ -1,3 +1,72 @@
+2002-11-13  Casper S. Hornstrup  <chorns@users.sourceforge.net>\r
+\r
+       * drivers/bus/acpi/ospm/osl.c (acpi_os_readable, acpi_os_writable):\r
+       Match prototypes.\r
+       * include/ascii.h (AbortSystemShutdownA): Correct prototype.\r
+       * include/debug.h (assert): Wrap in #ifndef assert.\r
+       * include/funcs.h (AbortSystemShutdown): Remove duplicate prototype.\r
+       * include/ddk/rtltypes.h: Move ...\r
+       * include/ntos/rtltypes.h: ... here.\r
+       * include/ddk/rtl.h: Move ...\r
+       * include/ntos/rtl.h: ... here.\r
+       * include/ddk/zwtypes.h: Move ...\r
+       * include/ntos/zwtypes.h: ... here.\r
+       * include/ddk/zw.h: Move ...\r
+       * include/ntos/zw.h: ... here.\r
+       | include/ddk/cmfuncs.h: Remove file; Move NtCreateKey to ntos/zw.h.\r
+       * include/ntos.h: #include ntos/rtltypes.h, ntos/rtl.h, ntos/zwtypes.h,\r
+       and ntos/zw.h.\r
+       * include/unicode.h: (AbortSystemShutdownW): Correct prototype.\r
+       * include/ddk/ntddk.h: Include headers at new location; Don't include\r
+       removed files.\r
+       * include/defines.h: Wrap definitions in w32api in #ifndef __USE_W32API.\r
+       * include/ntos/zwtypes.h: Ditto.\r
+       * include/napi/lpc.h: Ditto.\r
+       * include/napi/shared_data.h: Ditto.\r
+       * include/napi/teb.h: Ditto.\r
+       * include/napi/types.h: Ditto.\r
+       * include/ntdll/ldr.h: Ditto.\r
+       * include/ntdll/rtl.h: Ditto.\r
+       * include/ntos/console.h: Ditto.\r
+       * include/ntos/disk.h: Ditto.\r
+       * include/ntos/except.h: Ditto.\r
+       * include/ntos/file.h: Ditto.\r
+       * include/ntos/gditypes.h: Ditto.\r
+       * include/ntos/heap.h: Ditto.\r
+       * include/ntos/keyboard.h: Ditto.\r
+       * include/ntos/mm.h: Ditto.\r
+       * include/ntos/ntdef.h: Ditto.\r
+       * include/ntos/ps.h: Ditto.\r
+       * include/ntos/registry.h: Ditto.\r
+       * include/ntos/security.h: Ditto.\r
+       * include/ntos/synch.h: Ditto.\r
+       * include/ntos/time.h: Ditto.\r
+       * include/ntos/types.h: Ditto.\r
+       * include/ntos/port.h: Ditto.\r
+       * lib/advapi32/misc/shutdown.c (AbortSystemShutdownW,\r
+       AbortSystemShutdownA): Correct prototype.\r
+       * lib/advapi32/reg/reg.c: #include ntos.h.\r
+       * lib/advapi32/sec/misc.c: Ditto.\r
+       * lib/advapi32/sec/sid.c: Ditto.\r
+       * lib/advapi32/service/sctrl.c: Ditto.\r
+       * lib/advapi32/token/token.c: Ditto.\r
+       * lib/kernel32/misc/dllmain.c: Ditto.\r
+       * ntoskrnl/ex/napi.c: Ditto.\r
+       * ntoskrnl/rtl/i386/exception.c: Ditto.\r
+       * lib/advapi32/sec/ac.c: Ditto.\r
+       (FindFirstFreeAce, GetAce): Change PACE* to PACE_HEADER*.\r
+       * lib/advapi32/service/scm.c (EnumServicesStatusExA,\r
+       EnumServicesStatusExW, QueryServiceStatusEx): Correct prototype.\r
+       * lib/ntdll/rtl/ppb.c (RtlDestroyProcessParameters): Match prototype.\r
+       * ntoskrnl/dbg/errinfo.c (DbgGetErrorText): Use %08x, not %08lx.\r
+       * ntoskrnl/io/arcname.c (IoCreateSystemRootLink): Use %u, not %lu.\r
+       * ntoskrnl/ke/main.c (ExpInitializeExecutive): Ditto.\r
+       * (_main): Use %d, not %ld.\r
+       * ntoskrnl/include/internal/i386/ke.h: Add #pragma GCC system_header.\r
+       * include/ddk/ntdef.h (NTSYSAPI, NTAPI, NTKERNELAPI): Define to STDCALL;\r
+       Check if already defined.\r
+       * include/base.h (STDCALL, CDECL, CALLBACK, PASCAL): Move to ntos/types.h.\r
+\r
 2002-11-13  Rick Gaiser  <RickG81@Wanadoo.nl>\r
 \r
        * drivers/bus/isapnp/isapnp.c (FindNextReadPort): Increment Port before\r
index f46fd17..8e478b1 100644 (file)
@@ -592,14 +592,14 @@ acpi_os_get_line(NATIVE_CHAR *buffer)
        return 0;
 }
 
-BOOLEAN
+u8
 acpi_os_readable(void *ptr, u32 len)
 {
   /* Always readable */
        return TRUE;
 }
 
-BOOLEAN
+u8
 acpi_os_writable(void *ptr, u32 len)
 {
   /* Always writable */
index 50b0dc8..598da56 100644 (file)
@@ -2415,7 +2415,7 @@ InitiateSystemShutdownA(
 WINBOOL
 STDCALL
 AbortSystemShutdownA(
-    LPSTR lpMachineName
+    LPCSTR lpMachineName
     );
 
 int
index d57906e..91b43bb 100644 (file)
@@ -56,17 +56,6 @@ typedef long LONG;
 
 #define CONST const
 
-#ifdef i386
-#define STDCALL     __attribute__ ((stdcall))
-#define CDECL       __attribute((cdecl))
-#define CALLBACK    WINAPI
-#define PASCAL      WINAPI
-#else
-#define STDCALL
-#define CDECL
-#define CALLBACK
-#define PASCAL
-#endif
 #define WINAPI      STDCALL
 #define APIENTRY    STDCALL
 #define WINGDIAPI
diff --git a/reactos/include/ddk/cmfuncs.h b/reactos/include/ddk/cmfuncs.h
deleted file mode 100644 (file)
index fee65aa..0000000
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * FUNCTION: Creates a registry key
- * ARGUMENTS:
- *        KeyHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the key
- *          It can have a combination of the following values:
- *          KEY_READ | KEY_WRITE | KEY_EXECUTE | KEY_ALL_ACCESS
- *          or
- *          KEY_QUERY_VALUE The values of the key can be queried.
- *          KEY_SET_VALUE The values of the key can be modified.
- *          KEY_CREATE_SUB_KEYS The key may contain subkeys.
- *          KEY_ENUMERATE_SUB_KEYS Subkeys can be queried.
- *          KEY_NOTIFY
- *          KEY_CREATE_LINK A symbolic link to the key can be created. 
- *        ObjectAttributes = The name of the key may be specified directly in the name field 
- *          of object attributes or relative to a key in rootdirectory.
- *        TitleIndex = Might specify the position in the sequential order of subkeys. 
- *        Class = Specifies the kind of data, for example REG_SZ for string data. [ ??? ]
- *        CreateOptions = Specifies additional options with which the key is created
- *          REG_OPTION_VOLATILE  The key is not preserved across boots.
- *          REG_OPTION_NON_VOLATILE  The key is preserved accross boots.
- *          REG_OPTION_CREATE_LINK  The key is a symbolic link to another key. 
- *          REG_OPTION_BACKUP_RESTORE  Key is being opened or created for backup/restore operations. 
- *        Disposition = Indicates if the call to NtCreateKey resulted in the creation of a key it 
- *          can have the following values: REG_CREATED_NEW_KEY | REG_OPENED_EXISTING_KEY
- * RETURNS:
- *  Status
- */
-
-NTSTATUS STDCALL
-NtCreateKey(OUT PHANDLE KeyHandle,
-            IN ACCESS_MASK DesiredAccess,
-            IN POBJECT_ATTRIBUTES ObjectAttributes,
-            IN ULONG TitleIndex,
-            IN PUNICODE_STRING Class OPTIONAL,
-            IN ULONG CreateOptions,
-            IN PULONG Disposition OPTIONAL);
-
-NTSTATUS STDCALL
-ZwCreateKey(OUT PHANDLE KeyHandle,
-            IN ACCESS_MASK DesiredAccess,
-            IN POBJECT_ATTRIBUTES ObjectAttributes,
-            IN ULONG TitleIndex,
-            IN PUNICODE_STRING Class OPTIONAL,
-            IN ULONG CreateOptions,
-            IN PULONG Disposition OPTIONAL);
-
index 59e7fbc..b5343f7 100644 (file)
@@ -1,4 +1,4 @@
-/* $Id: ntddk.h,v 1.31 2002/09/08 10:47:44 chorns Exp $
+/* $Id: ntddk.h,v 1.32 2002/11/14 18:21:02 chorns Exp $
  *
  * COPYRIGHT:      See COPYING in the top level directory
  * PROJECT:        ReactOS kernel
@@ -57,17 +57,16 @@ extern "C"
 #include <ddk/extypes.h>
 #include <ddk/pstypes.h>
 #include <ddk/ldrtypes.h>
-#include <ddk/zwtypes.h>
+#include <ntos/zwtypes.h>
 #include <ddk/ioctrl.h>
-#include <ddk/rtltypes.h>
+#include <ntos/rtltypes.h>
 #include <ddk/haltypes.h>
 #include <napi/shared_data.h>
 
-#include <ddk/zw.h>
-#include <ddk/rtl.h>
+#include <ntos/zw.h>
+#include <ntos/rtl.h>
 #include <ddk/dbgfuncs.h>
 #include <ddk/ldrfuncs.h>
-#include <ddk/cmfuncs.h>
 #if defined(__NTOSKRNL__) || defined(__NTDRIVER__) || defined(__NTHAL__)
 #include <ddk/exfuncs.h>
 #include <ddk/halfuncs.h>
index 264adc1..837c729 100644 (file)
@@ -5,9 +5,16 @@ struct _KTHREAD;
 struct _ETHREAD;
 struct _EPROCESS;
 
-#define NTKERNELAPI
-#define NTSYSAPI
-#define NTAPI
+#ifndef NTKERNELAPI
+#define NTKERNELAPI STDCAL
+#endif
+
+#ifndef NTSYSAPI
+#define NTSYSAPI STDCALL
+#endif
 
+#ifndef NTAPI
+#define NTAPI STDCALL
+#endif
 
 #endif
diff --git a/reactos/include/ddk/rtl.h b/reactos/include/ddk/rtl.h
deleted file mode 100644 (file)
index b010a6f..0000000
+++ /dev/null
@@ -1,2183 +0,0 @@
-/* $Id: rtl.h,v 1.69 2002/11/10 13:34:42 robd Exp $
- * 
- */
-
-#ifndef __DDK_RTL_H
-#define __DDK_RTL_H
-
-#if defined(__NTOSKRNL__) || defined(__NTDRIVER__) || defined(__NTHAL__) || defined(__NTDLL__) || defined (__NTAPP__)
-
-#include <stddef.h>
-#include <stdarg.h>
-
-#endif /* __NTOSKRNL__ || __NTDRIVER__ || __NTHAL__ || __NTDLL__ || __NTAPP__ */
-
-#include <pe.h>
-
-
-
-/*
- * PURPOSE: Flags for RtlQueryRegistryValues
- */
-#define RTL_QUERY_REGISTRY_SUBKEY      (0x00000001)
-#define RTL_QUERY_REGISTRY_TOPKEY      (0x00000002)
-#define RTL_QUERY_REGISTRY_REQUIRED    (0x00000004)
-#define RTL_QUERY_REGISTRY_NOVALUE     (0x00000008)
-#define RTL_QUERY_REGISTRY_NOEXPAND    (0x00000010)
-#define RTL_QUERY_REGISTRY_DIRECT      (0x00000020)
-#define RTL_QUERY_REGISTRY_DELETE      (0x00000040)
-
-
-/*
- * PURPOSE: Used with RtlCheckRegistryKey, RtlCreateRegistryKey, 
- * RtlDeleteRegistryKey
- */
-#define RTL_REGISTRY_ABSOLUTE   0
-#define RTL_REGISTRY_SERVICES   1
-#define RTL_REGISTRY_CONTROL    2
-#define RTL_REGISTRY_WINDOWS_NT 3
-#define RTL_REGISTRY_DEVICEMAP  4
-#define RTL_REGISTRY_USER       5
-#define RTL_REGISTRY_ENUM       6   // ReactOS specific: Used internally in kernel only
-#define RTL_REGISTRY_MAXIMUM    7
-
-#define RTL_REGISTRY_HANDLE     0x40000000
-#define RTL_REGISTRY_OPTIONAL   0x80000000
-
-
-#define SHORT_SIZE     (sizeof(USHORT))
-#define SHORT_MASK     (SHORT_SIZE-1)
-#define LONG_SIZE      (sizeof(ULONG))
-#define LONG_MASK      (LONG_SIZE-1)
-#define LOWBYTE_MASK   0x00FF
-
-#define FIRSTBYTE(Value)       ((Value) & LOWBYTE_MASK)
-#define SECONDBYTE(Value)      (((Value) >> 8) & LOWBYTE_MASK)
-#define THIRDBYTE(Value)       (((Value) >> 16) & LOWBYTE_MASK)
-#define FOURTHBYTE(Value)      (((Value) >> 24) & LOWBYTE_MASK)
-
-/* FIXME: reverse byte-order on big-endian machines (e.g. MIPS) */
-#define SHORT_LEAST_SIGNIFICANT_BIT    0
-#define SHORT_MOST_SIGNIFICANT_BIT     1
-
-#define LONG_LEAST_SIGNIFICANT_BIT     0
-#define LONG_3RD_MOST_SIGNIFICANT_BIT  1
-#define LONG_2RD_MOST_SIGNIFICANT_BIT  2
-#define LONG_MOST_SIGNIFICANT_BIT      3
-
-
-
-#if defined(__NTOSKRNL__) || defined(__NTDLL__)
-#define NLS_MB_CODE_PAGE_TAG     NlsMbCodePageTag
-#define NLS_MB_OEM_CODE_PAGE_TAG NlsMbOemCodePageTag
-#else
-#define NLS_MB_CODE_PAGE_TAG     (*NlsMbCodePageTag)
-#define NLS_MB_OEM_CODE_PAGE_TAG (*NlsMbOemCodePageTag)
-#endif /* __NTOSKRNL__ || __NTDLL__ */
-
-extern BOOLEAN NLS_MB_CODE_PAGE_TAG;
-extern BOOLEAN NLS_MB_OEM_CODE_PAGE_TAG;
-
-
-/*
- * NOTE: ReactOS extensions
- */
-#define RtlMin(X,Y) (((X) < (Y))? (X) : (Y))
-#define RtlMax(X,Y) (((X) > (Y))? (X) : (Y))
-#define RtlMin3(X,Y,Z) (((X) < (Y)) ? RtlMin(X,Z) : RtlMin(Y,Z))
-#define RtlMax3(X,Y,Z) (((X) > (Y)) ? RtlMax(X,Z) : RtlMax(Y,Z))
-
-
-/*
- * VOID
- * InitializeObjectAttributes (
- *     POBJECT_ATTRIBUTES      InitializedAttributes,
- *     PUNICODE_STRING         ObjectName,
- *     ULONG                   Attributes,
- *     HANDLE                  RootDirectory,
- *     PSECURITY_DESCRIPTOR    SecurityDescriptor
- *     );
- *
- * FUNCTION: Sets up a parameter of type OBJECT_ATTRIBUTES for a 
- * subsequent call to ZwCreateXXX or ZwOpenXXX
- * ARGUMENTS:
- *        InitializedAttributes (OUT) = Caller supplied storage for the
- *                                      object attributes
- *        ObjectName = Full path name for object
- *        Attributes = Attributes for the object
- *        RootDirectory = Where the object should be placed or NULL
- *        SecurityDescriptor = Ignored
- */
-#define InitializeObjectAttributes(p,n,a,r,s) \
-{ \
-       (p)->Length = sizeof(OBJECT_ATTRIBUTES); \
-       (p)->ObjectName = n; \
-       (p)->Attributes = a; \
-       (p)->RootDirectory = r; \
-       (p)->SecurityDescriptor = s; \
-       (p)->SecurityQualityOfService = NULL; \
-}
-
-
-/*
- * VOID
- * InitializeListHead (
- *             PLIST_ENTRY     ListHead
- *             );
- *
- * FUNCTION: Initializes a double linked list
- * ARGUMENTS:
- *         ListHead = Caller supplied storage for the head of the list
- */
-#define InitializeListHead(ListHead) \
-{ \
-       (ListHead)->Flink = (ListHead); \
-       (ListHead)->Blink = (ListHead); \
-}
-
-
-/*
- * VOID
- * InsertHeadList (
- *             PLIST_ENTRY     ListHead,
- *             PLIST_ENTRY     Entry
- *             );
- *
- * FUNCTION: Inserts an entry in a double linked list
- * ARGUMENTS:
- *        ListHead = Head of the list
- *        Entry = Entry to insert
- */
-#define InsertHeadList(ListHead, ListEntry) \
-{ \
-       PLIST_ENTRY OldFlink; \
-       OldFlink = (ListHead)->Flink; \
-       (ListEntry)->Flink = OldFlink; \
-       (ListEntry)->Blink = (ListHead); \
-       OldFlink->Blink = (ListEntry); \
-       (ListHead)->Flink = (ListEntry); \
-       assert((ListEntry) != NULL); \
-       assert((ListEntry)->Blink!=NULL); \
-       assert((ListEntry)->Blink->Flink == (ListEntry)); \
-       assert((ListEntry)->Flink != NULL); \
-       assert((ListEntry)->Flink->Blink == (ListEntry)); \
-}
-
-
-/*
- * VOID
- * InsertTailList (
- *             PLIST_ENTRY     ListHead,
- *             PLIST_ENTRY     Entry
- *             );
- *
- * FUNCTION:
- *     Inserts an entry in a double linked list
- *
- * ARGUMENTS:
- *     ListHead = Head of the list
- *     Entry = Entry to insert
- */
-#define InsertTailList(ListHead, ListEntry) \
-{ \
-       PLIST_ENTRY OldBlink; \
-       OldBlink = (ListHead)->Blink; \
-       (ListEntry)->Flink = (ListHead); \
-       (ListEntry)->Blink = OldBlink; \
-       OldBlink->Flink = (ListEntry); \
-       (ListHead)->Blink = (ListEntry); \
-       assert((ListEntry) != NULL); \
-       assert((ListEntry)->Blink != NULL); \
-       assert((ListEntry)->Blink->Flink == (ListEntry)); \
-       assert((ListEntry)->Flink != NULL); \
-       assert((ListEntry)->Flink->Blink == (ListEntry)); \
-}
-
-/*
- * BOOLEAN
- * IsListEmpty (
- *     PLIST_ENTRY     ListHead
- *     );
- *
- * FUNCTION:
- *     Checks if a double linked list is empty
- *
- * ARGUMENTS:
- *     ListHead = Head of the list
-*/
-#define IsListEmpty(ListHead) \
-       ((ListHead)->Flink == (ListHead))
-
-
-/*
- * PSINGLE_LIST_ENTRY
- * PopEntryList (
- *     PSINGLE_LIST_ENTRY      ListHead
- *     );
- *
- * FUNCTION:
- *     Removes an entry from the head of a single linked list
- *
- * ARGUMENTS:
- *     ListHead = Head of the list
- *
- * RETURNS:
- *     The removed entry
- */
-/*
-#define PopEntryList(ListHead) \
-       (ListHead)->Next; \
-       { \
-               PSINGLE_LIST_ENTRY FirstEntry; \
-               FirstEntry = (ListHead)->Next; \
-               if (FirstEntry != NULL) \
-               { \
-                       (ListHead)->Next = FirstEntry->Next; \
-               } \
-       }
-*/
-static
-inline
-PSINGLE_LIST_ENTRY
- PopEntryList(
-       PSINGLE_LIST_ENTRY      ListHead
-       )
-{
-       PSINGLE_LIST_ENTRY ListEntry;
-
-       ListEntry = ListHead->Next;
-       if (ListEntry!=NULL)
-       {
-               ListHead->Next = ListEntry->Next;
-       }
-       return ListEntry;
-}
-
-/*
-VOID
-PushEntryList (
-       PSINGLE_LIST_ENTRY      ListHead,
-       PSINGLE_LIST_ENTRY      Entry
-       );
-*/
-/*
-#define PushEntryList(ListHead,Entry) \
-       (Entry)->Next = (ListHead)->Next; \
-       (ListHead)->Next = (Entry)
-*/
-static
-inline
-VOID
-PushEntryList (
-       PSINGLE_LIST_ENTRY      ListHead,
-       PSINGLE_LIST_ENTRY      Entry
-       )
-{
-       Entry->Next = ListHead->Next;
-       ListHead->Next = Entry;
-}
-
-
-/*
- * An ReactOS extension
- */
-static
-inline
-PSINGLE_LIST_ENTRY
- PopEntrySList(
-       PSLIST_HEADER   ListHead
-       )
-{
-       PSINGLE_LIST_ENTRY ListEntry;
-
-       ListEntry = ListHead->s.Next.Next;
-       if (ListEntry!=NULL)
-       {
-               ListHead->s.Next.Next = ListEntry->Next;
-    ListHead->s.Depth++;
-    ListHead->s.Sequence++;
-  }
-       return ListEntry;
-}
-
-
-/*
- * An ReactOS extension
- */
-static
-inline
-VOID
-PushEntrySList (
-       PSLIST_HEADER   ListHead,
-       PSINGLE_LIST_ENTRY      Entry
-       )
-{
-       Entry->Next = ListHead->s.Next.Next;
-       ListHead->s.Next.Next = Entry;
-  ListHead->s.Depth++;
-  ListHead->s.Sequence++;
-}
-
-
-/*
- *VOID
- *RemoveEntryList (
- *     PLIST_ENTRY     Entry
- *     );
- *
- * FUNCTION:
- *     Removes an entry from a double linked list
- *
- * ARGUMENTS:
- *     ListEntry = Entry to remove
- */
-#define RemoveEntryList(ListEntry) \
-{ \
-       PLIST_ENTRY OldFlink; \
-       PLIST_ENTRY OldBlink; \
-       assert((ListEntry) != NULL); \
-       assert((ListEntry)->Blink!=NULL); \
-       assert((ListEntry)->Blink->Flink == (ListEntry)); \
-       assert((ListEntry)->Flink != NULL); \
-       assert((ListEntry)->Flink->Blink == (ListEntry)); \
-       OldFlink = (ListEntry)->Flink; \
-       OldBlink = (ListEntry)->Blink; \
-       OldFlink->Blink = OldBlink; \
-       OldBlink->Flink = OldFlink; \
-        (ListEntry)->Flink = NULL; \
-        (ListEntry)->Blink = NULL; \
-}
-
-
-/*
- * PLIST_ENTRY
- * RemoveHeadList (
- *     PLIST_ENTRY     ListHead
- *     );
- *
- * FUNCTION:
- *     Removes the head entry from a double linked list
- *
- * ARGUMENTS:
- *     ListHead = Head of the list
- *
- * RETURNS:
- *     The removed entry
- */
-/*
-#define RemoveHeadList(ListHead) \
-       (ListHead)->Flink; \
-       {RemoveEntryList((ListHead)->Flink)}
-*/
-/*
-PLIST_ENTRY
-RemoveHeadList (
-       PLIST_ENTRY     ListHead
-       );
-*/
-
-static
-inline
-PLIST_ENTRY
-RemoveHeadList (
-       PLIST_ENTRY     ListHead
-       )
-{
-       PLIST_ENTRY Old;
-       PLIST_ENTRY OldFlink;
-       PLIST_ENTRY OldBlink;
-
-       Old = ListHead->Flink;
-
-       OldFlink = ListHead->Flink->Flink;
-       OldBlink = ListHead->Flink->Blink;
-       OldFlink->Blink = OldBlink;
-       OldBlink->Flink = OldFlink;
-        if (Old != ListHead)
-     {
-        Old->Flink = NULL;
-        Old->Blink = NULL;
-     }
-   
-       return(Old);
-}
-
-
-/*
- * PLIST_ENTRY
- * RemoveTailList (
- *     PLIST_ENTRY     ListHead
- *     );
- *
- * FUNCTION:
- *     Removes the tail entry from a double linked list
- *
- * ARGUMENTS:
- *     ListHead = Head of the list
- *
- * RETURNS:
- *     The removed entry
- */
-/*
-#define RemoveTailList(ListHead) \
-       (ListHead)->Blink; \
-       {RemoveEntryList((ListHead)->Blink)}
-*/
-/*
-PLIST_ENTRY
-RemoveTailList (
-       PLIST_ENTRY     ListHead
-       );
-*/
-
-static
-inline
-PLIST_ENTRY
-RemoveTailList (
-       PLIST_ENTRY ListHead
-       )
-{
-       PLIST_ENTRY Old;
-       PLIST_ENTRY OldFlink;
-       PLIST_ENTRY OldBlink;
-
-       Old = ListHead->Blink;
-
-       OldFlink = ListHead->Blink->Flink;
-       OldBlink = ListHead->Blink->Blink;
-       OldFlink->Blink = OldBlink;
-       OldBlink->Flink = OldFlink;
-   if (Old != ListHead)
-     {
-        Old->Flink = NULL;
-        Old->Blink = NULL;
-     }
-   
-       return(Old);
-}
-
-
-NTSTATUS
-STDCALL
-RtlAddAtomToAtomTable (
-       IN      PRTL_ATOM_TABLE AtomTable,
-       IN      PWSTR           AtomName,
-       OUT     PRTL_ATOM       Atom
-       );
-
-PVOID STDCALL
-RtlAllocateHeap (
-       HANDLE  Heap,
-       ULONG   Flags,
-       ULONG   Size
-       );
-
-WCHAR
-STDCALL
-RtlAnsiCharToUnicodeChar (
-       CHAR    AnsiChar
-       );
-
-ULONG
-STDCALL
-RtlAnsiStringToUnicodeSize (
-       PANSI_STRING    AnsiString
-       );
-
-NTSTATUS
-STDCALL
-RtlAnsiStringToUnicodeString (
-       PUNICODE_STRING DestinationString,
-       PANSI_STRING    SourceString,
-       BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlAppendAsciizToString(
-       PSTRING Destination,
-       PCSZ    Source
-       );
-
-NTSTATUS
-STDCALL
-RtlAppendStringToString (
-       PSTRING Destination,
-       PSTRING Source
-       );
-
-NTSTATUS
-STDCALL
-RtlAppendUnicodeStringToString (
-       PUNICODE_STRING Destination,
-       PUNICODE_STRING Source
-       );
-
-NTSTATUS
-STDCALL
-RtlAppendUnicodeToString (
-       PUNICODE_STRING Destination,
-       PWSTR           Source
-       );
-
-BOOLEAN
-STDCALL
-RtlAreBitsClear (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           StartingIndex,
-       ULONG           Length
-       );
-
-BOOLEAN
-STDCALL
-RtlAreBitsSet (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           StartingIndex,
-       ULONG           Length
-       );
-
-VOID
-STDCALL
-RtlAssert (
-       PVOID FailedAssertion,
-       PVOID FileName,
-       ULONG LineNumber,
-       PCHAR Message
-       );
-
-NTSTATUS
-STDCALL
-RtlCharToInteger (
-       PCSZ    String,
-       ULONG   Base,
-       PULONG  Value
-       );
-
-NTSTATUS
-STDCALL
-RtlCheckRegistryKey (
-       ULONG   RelativeTo,
-       PWSTR   Path
-       );
-
-VOID
-STDCALL
-RtlClearAllBits (
-       IN      PRTL_BITMAP     BitMapHeader
-       );
-
-VOID
-STDCALL
-RtlClearBits (
-       IN      PRTL_BITMAP     BitMapHeader,
-       IN      ULONG           StartingIndex,
-       IN      ULONG           NumberToClear
-       );
-
-DWORD
-STDCALL
-RtlCompactHeap (
-       HANDLE  hheap,
-       DWORD   flags
-       );
-
-ULONG
-STDCALL
-RtlCompareMemory (
-       PVOID   Source1,
-       PVOID   Source2,
-       ULONG   Length
-       );
-
-LONG
-STDCALL
-RtlCompareString (
-       PSTRING String1,
-       PSTRING String2,
-       BOOLEAN CaseInsensitive
-       );
-
-LONG
-STDCALL
-RtlCompareUnicodeString (
-       PUNICODE_STRING String1,
-       PUNICODE_STRING String2,
-       BOOLEAN         BaseInsensitive
-       );
-
-NTSTATUS STDCALL
-RtlCompressBuffer(IN USHORT CompressionFormatAndEngine,
-                 IN PUCHAR UncompressedBuffer,
-                 IN ULONG UncompressedBufferSize,
-                 OUT PUCHAR CompressedBuffer,
-                 IN ULONG CompressedBufferSize,
-                 IN ULONG UncompressedChunkSize,
-                 OUT PULONG FinalCompressedSize,
-                 IN PVOID WorkSpace);
-
-NTSTATUS STDCALL
-RtlCompressChunks(IN PUCHAR UncompressedBuffer,
-                 IN ULONG UncompressedBufferSize,
-                 OUT PUCHAR CompressedBuffer,
-                 IN ULONG CompressedBufferSize,
-                 IN OUT PCOMPRESSED_DATA_INFO CompressedDataInfo,
-                 IN ULONG CompressedDataInfoLength,
-                 IN PVOID WorkSpace);
-
-LARGE_INTEGER STDCALL
-RtlConvertLongToLargeInteger(IN LONG SignedInteger);
-
-NTSTATUS STDCALL
-RtlConvertSidToUnicodeString(IN OUT PUNICODE_STRING String,
-                            IN PSID Sid,
-                            IN BOOLEAN AllocateString);
-
-LARGE_INTEGER STDCALL
-RtlConvertUlongToLargeInteger(IN ULONG UnsignedInteger);
-
-#if 0
-VOID
-RtlCopyBytes (
-       PVOID           Destination,
-       CONST VOID      * Source,
-       ULONG           Length
-       );
-
-VOID
-RtlCopyMemory (
-       VOID            * Destination,
-       CONST VOID      * Source,
-       ULONG           Length
-       );
-#endif
-
-#define RtlCopyMemory(Destination,Source,Length) \
-       memcpy((Destination),(Source),(Length))
-
-#define RtlCopyBytes RtlCopyMemory
-
-VOID STDCALL
-RtlCopyLuid(IN PLUID LuidDest,
-           IN PLUID LuidSrc);
-
-VOID STDCALL
-RtlCopyLuidAndAttributesArray(ULONG Count,
-                             PLUID_AND_ATTRIBUTES Src,
-                             PLUID_AND_ATTRIBUTES Dest);
-
-NTSTATUS STDCALL
-RtlCopySid(ULONG BufferLength,
-          PSID Dest,
-          PSID Src);
-
-NTSTATUS STDCALL
-RtlCopySidAndAttributesArray(ULONG Count,
-                            PSID_AND_ATTRIBUTES Src,
-                            ULONG SidAreaSize,
-                            PSID_AND_ATTRIBUTES Dest,
-                            PVOID SidArea,
-                            PVOID* RemainingSidArea,
-                            PULONG RemainingSidAreaSize);
-
-VOID STDCALL
-RtlCopyString(PSTRING DestinationString,
-             PSTRING SourceString);
-
-VOID STDCALL
-RtlCopyUnicodeString(PUNICODE_STRING DestinationString,
-                    PUNICODE_STRING SourceString);
-
-NTSTATUS STDCALL
-RtlCreateAtomTable(IN ULONG TableSize,
-                  IN OUT PRTL_ATOM_TABLE *AtomTable);
-
-HANDLE
-STDCALL
-RtlCreateHeap (
-       ULONG                   Flags,
-       PVOID                   BaseAddress,
-       ULONG                   SizeToReserve,     // dwMaximumSize
-       ULONG                   SizeToCommit,      // dwInitialSize
-       PVOID                   Unknown,
-       PRTL_HEAP_DEFINITION    Definition
-       );
-
-NTSTATUS
-STDCALL
-RtlCreateRegistryKey (
-       ULONG   RelativeTo,
-       PWSTR   Path
-       );
-
-NTSTATUS
-STDCALL
-RtlCreateSecurityDescriptor (
-       PSECURITY_DESCRIPTOR    SecurityDescriptor,
-       ULONG                   Revision
-       );
-
-BOOLEAN
-STDCALL
-RtlCreateUnicodeString (
-       OUT     PUNICODE_STRING Destination,
-       IN      PWSTR           Source
-       );
-
-BOOLEAN STDCALL
-RtlCreateUnicodeStringFromAsciiz (OUT  PUNICODE_STRING Destination,
-                                 IN    PCSZ            Source);
-
-NTSTATUS
-STDCALL
-RtlCustomCPToUnicodeN (
-       PRTL_NLS_DATA   NlsData,
-       PWCHAR          UnicodeString,
-       ULONG           UnicodeSize,
-       PULONG          ResultSize,
-       PCHAR           CustomString,
-       ULONG           CustomSize
-       );
-
-NTSTATUS STDCALL
-RtlDecompressBuffer(IN USHORT CompressionFormat,
-                   OUT PUCHAR UncompressedBuffer,
-                   IN ULONG UncompressedBufferSize,
-                   IN PUCHAR CompressedBuffer,
-                   IN ULONG CompressedBufferSize,
-                   OUT PULONG FinalUncompressedSize);
-
-NTSTATUS STDCALL
-RtlDecompressChunks(OUT PUCHAR UncompressedBuffer,
-                   IN ULONG UncompressedBufferSize,
-                   IN PUCHAR CompressedBuffer,
-                   IN ULONG CompressedBufferSize,
-                   IN PUCHAR CompressedTail,
-                   IN ULONG CompressedTailSize,
-                   IN PCOMPRESSED_DATA_INFO CompressedDataInfo);
-
-NTSTATUS STDCALL
-RtlDecompressFragment(IN USHORT CompressionFormat,
-                     OUT PUCHAR UncompressedFragment,
-                     IN ULONG UncompressedFragmentSize,
-                     IN PUCHAR CompressedBuffer,
-                     IN ULONG CompressedBufferSize,
-                     IN ULONG FragmentOffset,
-                     OUT PULONG FinalUncompressedSize,
-                     IN PVOID WorkSpace);
-
-NTSTATUS STDCALL
-RtlDeleteAtomFromAtomTable(IN PRTL_ATOM_TABLE AtomTable,
-                          IN RTL_ATOM Atom);
-
-NTSTATUS STDCALL
-RtlDeleteRegistryValue(IN ULONG RelativeTo,
-                      IN PWSTR Path,
-                      IN PWSTR ValueName);
-
-NTSTATUS STDCALL
-RtlDescribeChunk(IN USHORT CompressionFormat,
-                IN OUT PUCHAR *CompressedBuffer,
-                IN PUCHAR EndOfCompressedBufferPlus1,
-                OUT PUCHAR *ChunkBuffer,
-                OUT PULONG ChunkSize);
-
-NTSTATUS STDCALL
-RtlDestroyAtomTable(IN PRTL_ATOM_TABLE AtomTable);
-
-BOOL STDCALL
-RtlDestroyHeap(HANDLE hheap);
-
-NTSTATUS
-STDCALL
-RtlDowncaseUnicodeString (
-       IN OUT PUNICODE_STRING  DestinationString,
-       IN PUNICODE_STRING      SourceString,
-       IN BOOLEAN              AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlEmptyAtomTable (
-       IN      PRTL_ATOM_TABLE AtomTable,
-       IN      BOOLEAN         DeletePinned
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlEnlargedIntegerMultiply (
-       LONG    Multiplicand,
-       LONG    Multiplier
-       );
-
-ULONG
-STDCALL
-RtlEnlargedUnsignedDivide (
-       ULARGE_INTEGER  Dividend,
-       ULONG           Divisor,
-       PULONG          Remainder
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlEnlargedUnsignedMultiply (
-       ULONG   Multiplicand,
-       ULONG   Multiplier
-       );
-
-BOOLEAN STDCALL
-RtlEqualLuid(IN PLUID Luid1,
-            IN PLUID Luid2);
-
-BOOLEAN
-STDCALL
-RtlEqualString (
-       PSTRING String1,
-       PSTRING String2,
-       BOOLEAN CaseInSensitive
-       );
-
-BOOLEAN
-STDCALL
-RtlEqualUnicodeString (
-       PUNICODE_STRING String1,
-       PUNICODE_STRING String2,
-       BOOLEAN         CaseInSensitive
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlExtendedIntegerMultiply (
-       LARGE_INTEGER   Multiplicand,
-       LONG            Multiplier
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlExtendedLargeIntegerDivide (
-       LARGE_INTEGER   Dividend,
-       ULONG           Divisor,
-       PULONG          Remainder
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlExtendedMagicDivide (
-       LARGE_INTEGER   Dividend,
-       LARGE_INTEGER   MagicDivisor,
-       CCHAR           ShiftCount
-       );
-
-VOID
-STDCALL
-RtlFillMemory (
-       PVOID   Destination,
-       ULONG   Length,
-       UCHAR   Fill
-       );
-
-VOID
-STDCALL
-RtlFillMemoryUlong (
-       PVOID   Destination,
-       ULONG   Length,
-       ULONG   Fill
-       );
-
-ULONG
-STDCALL
-RtlFindClearBits (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           NumberToFind,
-       ULONG           HintIndex
-       );
-
-ULONG
-STDCALL
-RtlFindClearBitsAndSet (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           NumberToFind,
-       ULONG           HintIndex
-       );
-
-ULONG
-STDCALL
-RtlFindFirstRunClear (
-       PRTL_BITMAP     BitMapHeader,
-       PULONG          StartingIndex
-       );
-
-ULONG
-STDCALL
-RtlFindFirstRunSet (
-       PRTL_BITMAP     BitMapHeader,
-       PULONG          StartingIndex
-       );
-
-ULONG
-STDCALL
-RtlFindLongestRunClear (
-       PRTL_BITMAP     BitMapHeader,
-       PULONG          StartingIndex
-       );
-
-ULONG
-STDCALL
-RtlFindLongestRunSet (
-       PRTL_BITMAP     BitMapHeader,
-       PULONG          StartingIndex
-       );
-
-NTSTATUS
-STDCALL
-RtlFindMessage (
-       IN      PVOID                           BaseAddress,
-       IN      ULONG                           Type,
-       IN      ULONG                           Language,
-       IN      ULONG                           MessageId,
-       OUT     PRTL_MESSAGE_RESOURCE_ENTRY     *MessageResourceEntry
-       );
-
-ULONG
-STDCALL
-RtlFindSetBits (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           NumberToFind,
-       ULONG           HintIndex
-       );
-
-ULONG
-STDCALL
-RtlFindSetBitsAndClear (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           NumberToFind,
-       ULONG           HintIndex
-       );
-
-NTSTATUS
-STDCALL
-RtlFormatCurrentUserKeyPath (
-       IN OUT  PUNICODE_STRING KeyPath
-       );
-
-VOID
-STDCALL
-RtlFreeAnsiString (
-       PANSI_STRING    AnsiString
-       );
-
-BOOLEAN
-STDCALL
-RtlFreeHeap (
-       HANDLE  Heap,
-       ULONG   Flags,
-       PVOID   Address
-       );
-
-VOID
-STDCALL
-RtlFreeOemString (
-       POEM_STRING     OemString
-       );
-
-VOID
-STDCALL
-RtlFreeUnicodeString (
-       PUNICODE_STRING UnicodeString
-       );
-
-VOID STDCALL
-RtlGenerate8dot3Name(IN PUNICODE_STRING Name,
-                    IN BOOLEAN AllowExtendedCharacters,
-                    IN OUT PGENERATE_NAME_CONTEXT Context,
-                    OUT PUNICODE_STRING Name8dot3);
-
-VOID
-RtlGetCallersAddress (
-       PVOID   * CallersAddress
-       );
-
-NTSTATUS STDCALL
-RtlGetCompressionWorkSpaceSize(IN USHORT CompressionFormatAndEngine,
-                              OUT PULONG CompressBufferAndWorkSpaceSize,
-                              OUT PULONG CompressFragmentWorkSpaceSize);
-
-VOID
-STDCALL
-RtlGetDefaultCodePage (
-       PUSHORT AnsiCodePage,
-       PUSHORT OemCodePage
-       );
-
-#define RtlGetProcessHeap() (NtCurrentPeb()->ProcessHeap)
-
-PVOID
-STDCALL
-RtlImageDirectoryEntryToData (
-       PVOID   BaseAddress,
-       BOOLEAN bFlag,
-       ULONG   Directory,
-       PULONG  Size
-       );
-
-PIMAGE_NT_HEADERS
-STDCALL
-RtlImageNtHeader (
-       PVOID   BaseAddress
-       );
-
-PIMAGE_SECTION_HEADER
-STDCALL
-RtlImageRvaToSection (
-       PIMAGE_NT_HEADERS       NtHeader,
-       PVOID                   BaseAddress,
-       ULONG                   Rva
-       );
-
-ULONG
-STDCALL
-RtlImageRvaToVa (
-       PIMAGE_NT_HEADERS       NtHeader,
-       PVOID                   BaseAddress,
-       ULONG                   Rva,
-       PIMAGE_SECTION_HEADER   *SectionHeader
-       );
-
-VOID
-STDCALL
-RtlInitAnsiString (
-       PANSI_STRING    DestinationString,
-       PCSZ            SourceString
-       );
-
-VOID
-STDCALL
-RtlInitString (
-       PSTRING DestinationString,
-       PCSZ    SourceString
-       );
-
-VOID
-STDCALL
-RtlInitUnicodeString (
-       PUNICODE_STRING DestinationString,
-       PCWSTR          SourceString
-       );
-
-/*
-VOID
-InitializeUnicodeString (
-       PUNICODE_STRING DestinationString,
-        USHORT          Lenght,
-        USHORT          MaximumLength,
-       PCWSTR          Buffer
-       );
-
- Initialize an UNICODE_STRING from its fields. Use when you know the values of
- all the fields in advance
-
- */
-
-#define InitializeUnicodeString(__PDEST_STRING__,__LENGTH__,__MAXLENGTH__,__BUFFER__) \
-{ \
- (__PDEST_STRING__)->Length = (__LENGTH__); \
- (__PDEST_STRING__)->MaximumLength = (__MAXLENGTH__); \
- (__PDEST_STRING__)->Buffer = (__BUFFER__); \
-}
-
-/*
-VOID
-RtlInitUnicodeStringFromLiteral (
-       PUNICODE_STRING DestinationString,
-       PCWSTR          SourceString
-       );
-
- Initialize an UNICODE_STRING from a wide string literal. WARNING: use only with
- string literals and statically initialized arrays, it will calculate the wrong
- length otherwise
-
- */
-
-#define RtlInitUnicodeStringFromLiteral(__PDEST_STRING__,__SOURCE_STRING__) \
- InitializeUnicodeString( \
-  (__PDEST_STRING__), \
-  sizeof(__SOURCE_STRING__) - sizeof(WCHAR), \
-  sizeof(__SOURCE_STRING__), \
-  (__SOURCE_STRING__) \
- )
-
-/*
- Static initializer for UNICODE_STRING variables. Usage:
-
- UNICODE_STRING wstr = UNICODE_STRING_INITIALIZER(L"string");
-
-*/
-
-#define UNICODE_STRING_INITIALIZER(__SOURCE_STRING__) \
-{ \
- sizeof((__SOURCE_STRING__)) - sizeof(WCHAR), \
- sizeof((__SOURCE_STRING__)), \
- (__SOURCE_STRING__) \
-}
-
-/*
- Initializer for empty UNICODE_STRING variables. Usage:
-
- UNICODE_STRING wstr = EMPTY_UNICODE_STRING;
-
-*/
-#define EMPTY_UNICODE_STRING {0, 0, NULL}
-
-VOID
-STDCALL
-RtlInitializeBitMap (
-       IN OUT  PRTL_BITMAP     BitMapHeader,
-       IN      PULONG          BitMapBuffer,
-       IN      ULONG           SizeOfBitMap
-       );
-
-NTSTATUS
-STDCALL
-RtlInitializeContext (
-       IN      HANDLE                  ProcessHandle,
-       IN      PCONTEXT                Context,
-       IN      PVOID                   Parameter,
-       IN      PTHREAD_START_ROUTINE   StartAddress,
-       IN OUT  PINITIAL_TEB            InitialTeb
-       );
-
-VOID
-STDCALL
-RtlInitializeGenericTable (
-       IN OUT  PRTL_GENERIC_TABLE      Table,
-       IN      PVOID                   CompareRoutine,
-       IN      PVOID                   AllocateRoutine,
-       IN      PVOID                   FreeRoutine,
-       IN      ULONG                   UserParameter
-       );
-
-PVOID
-STDCALL
-RtlInsertElementGenericTable (
-       IN OUT  PRTL_GENERIC_TABLE      Table,
-       IN      PVOID                   Element,
-       IN      ULONG                   ElementSize,
-       IN      ULONG                   Unknown4
-       );
-
-NTSTATUS
-STDCALL
-RtlIntegerToChar (
-       IN      ULONG   Value,
-       IN      ULONG   Base,
-       IN      ULONG   Length,
-       IN OUT  PCHAR   String
-       );
-
-NTSTATUS
-STDCALL
-RtlIntegerToUnicodeString (
-       IN      ULONG           Value,
-       IN      ULONG           Base,
-       IN OUT  PUNICODE_STRING String
-       );
-
-BOOLEAN
-STDCALL
-RtlIsGenericTableEmpty (
-       IN      PRTL_GENERIC_TABLE      Table
-       );
-
-BOOLEAN STDCALL
-RtlIsNameLegalDOS8Dot3(IN PUNICODE_STRING UnicodeName,
-                      IN PANSI_STRING AnsiName,
-                      OUT PBOOLEAN SpacesFound);
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerAdd (
-       LARGE_INTEGER   Addend1,
-       LARGE_INTEGER   Addend2
-       );
-
-/*
- * VOID
- * RtlLargeIntegerAnd (
- *     PLARGE_INTEGER  Result,
- *     LARGE_INTEGER   Source,
- *     LARGE_INTEGER   Mask
- *     );
- */
-#define RtlLargeIntegerAnd(Result, Source, Mask) \
-{ \
-       Result.HighPart = Source.HighPart & Mask.HighPart; \
-       Result.LowPart = Source.LowPart & Mask.LowPart; \
-}
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerArithmeticShift (
-       LARGE_INTEGER   LargeInteger,
-       CCHAR   ShiftCount
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerDivide (
-       LARGE_INTEGER   Dividend,
-       LARGE_INTEGER   Divisor,
-       PLARGE_INTEGER  Remainder
-       );
-
-/*
- * BOOLEAN
- * RtlLargeIntegerEqualTo (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerEqualTo(X,Y) \
-       (!(((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerEqualToZero (
- *     LARGE_INTEGER   Operand
- *     );
- */
-#define RtlLargeIntegerEqualToZero(X) \
-       (!((X).LowPart | (X).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerGreaterThan (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerGreaterThan(X,Y) \
-       ((((X).HighPart == (Y).HighPart) && ((X).LowPart > (Y).LowPart)) || \
-         ((X).HighPart > (Y).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerGreaterThanOrEqualTo (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerGreaterThanOrEqualTo(X,Y) \
-       ((((X).HighPart == (Y).HighPart) && ((X).LowPart >= (Y).LowPart)) || \
-         ((X).HighPart > (Y).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerGreaterThanOrEqualToZero (
- *     LARGE_INTEGER   Operand1
- *     );
- */
-#define RtlLargeIntegerGreaterOrEqualToZero(X) \
-       ((X).HighPart >= 0)
-
-/*
- * BOOLEAN
- * RtlLargeIntegerGreaterThanZero (
- *     LARGE_INTEGER   Operand1
- *     );
- */
-#define RtlLargeIntegerGreaterThanZero(X) \
-       ((((X).HighPart == 0) && ((X).LowPart > 0)) || \
-         ((X).HighPart > 0 ))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerLessThan (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerLessThan(X,Y) \
-       ((((X).HighPart == (Y).HighPart) && ((X).LowPart < (Y).LowPart)) || \
-         ((X).HighPart < (Y).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerLessThanOrEqualTo (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerLessThanOrEqualTo(X,Y) \
-       ((((X).HighPart == (Y).HighPart) && ((X).LowPart <= (Y).LowPart)) || \
-         ((X).HighPart < (Y).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerLessThanOrEqualToZero (
- *     LARGE_INTEGER   Operand
- *     );
- */
-#define RtlLargeIntegerLessOrEqualToZero(X) \
-       (((X).HighPart < 0) || !((X).LowPart | (X).HighPart))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerLessThanZero (
- *     LARGE_INTEGER   Operand
- *     );
- */
-#define RtlLargeIntegerLessThanZero(X) \
-       (((X).HighPart < 0))
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerNegate (
-       LARGE_INTEGER   Subtrahend
-       );
-
-/*
- * BOOLEAN
- * RtlLargeIntegerNotEqualTo (
- *     LARGE_INTEGER   Operand1,
- *     LARGE_INTEGER   Operand2
- *     );
- */
-#define RtlLargeIntegerNotEqualTo(X,Y) \
-       ((((X).LowPart ^ (Y).LowPart) | ((X).HighPart ^ (Y).HighPart)))
-
-/*
- * BOOLEAN
- * RtlLargeIntegerNotEqualToZero (
- *     LARGE_INTEGER   Operand
- *     );
- */
-#define RtlLargeIntegerNotEqualToZero(X) \
-       (((X).LowPart | (X).HighPart))
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerShiftLeft (
-       LARGE_INTEGER   LargeInteger,
-       CCHAR           ShiftCount
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerShiftRight (
-       LARGE_INTEGER   LargeInteger,
-       CCHAR           ShiftCount
-       );
-
-LARGE_INTEGER
-STDCALL
-RtlLargeIntegerSubtract (
-       LARGE_INTEGER   Minuend,
-       LARGE_INTEGER   Subtrahend
-       );
-
-ULONG
-STDCALL
-RtlLengthSecurityDescriptor (
-       PSECURITY_DESCRIPTOR    SecurityDescriptor
-       );
-
-BOOL
-STDCALL
-RtlLockHeap (
-       HANDLE  hheap
-       );
-
-NTSTATUS
-STDCALL
-RtlLookupAtomInAtomTable (
-       IN      PRTL_ATOM_TABLE AtomTable,
-       IN      PWSTR           AtomName,
-       OUT     PRTL_ATOM       Atom
-       );
-
-VOID STDCALL
-RtlMoveMemory (PVOID Destination, CONST VOID* Source, ULONG Length);
-
-NTSTATUS
-STDCALL
-RtlMultiByteToUnicodeN (
-       PWCHAR UnicodeString,
-       ULONG  UnicodeSize,
-       PULONG ResultSize,
-       PCHAR  MbString,
-       ULONG  MbSize
-       );
-
-NTSTATUS
-STDCALL
-RtlMultiByteToUnicodeSize (
-       PULONG UnicodeSize,
-       PCHAR  MbString,
-       ULONG  MbSize
-       );
-
-DWORD
-STDCALL
-RtlNtStatusToDosError (
-       NTSTATUS        StatusCode
-       );
-
-DWORD
-STDCALL
-RtlNtStatusToDosErrorNoTeb (
-       NTSTATUS        StatusCode
-       );
-
-int
-STDCALL
-RtlNtStatusToPsxErrno (
-       NTSTATUS        StatusCode
-       );
-
-ULONG
-STDCALL
-RtlNumberGenericTableElements (
-       IN      PRTL_GENERIC_TABLE      Table
-       );
-
-ULONG
-STDCALL
-RtlNumberOfClearBits (
-       PRTL_BITMAP     BitMapHeader
-       );
-
-ULONG
-STDCALL
-RtlNumberOfSetBits (
-       PRTL_BITMAP     BitMapHeader
-       );
-
-ULONG
-STDCALL
-RtlOemStringToUnicodeSize (
-       POEM_STRING     AnsiString
-       );
-
-NTSTATUS
-STDCALL
-RtlOemStringToUnicodeString (
-       PUNICODE_STRING DestinationString,
-       POEM_STRING     SourceString,
-       BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlOemToUnicodeN (
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize,
-       PULONG  ResultSize,
-       PCHAR   OemString,
-       ULONG   OemSize
-       );
-
-NTSTATUS
-STDCALL
-RtlOpenCurrentUser (
-       IN      ACCESS_MASK     DesiredAccess,
-       OUT     PHANDLE         KeyHandle
-       );
-
-NTSTATUS STDCALL
-RtlPinAtomInAtomTable (
-       IN      PRTL_ATOM_TABLE AtomTable,
-       IN      RTL_ATOM        Atom
-       );
-
-BOOLEAN
-STDCALL
-RtlPrefixString (
-       PANSI_STRING    String1,
-       PANSI_STRING    String2,
-       BOOLEAN         CaseInsensitive
-       );
-
-BOOLEAN
-STDCALL
-RtlPrefixUnicodeString (
-       PUNICODE_STRING String1,
-       PUNICODE_STRING String2,
-       BOOLEAN         CaseInsensitive
-       );
-
-NTSTATUS
-STDCALL
-RtlQueryAtomInAtomTable (
-       IN      PRTL_ATOM_TABLE AtomTable,
-       IN      RTL_ATOM        Atom,
-       IN OUT  PULONG          RefCount OPTIONAL,
-       IN OUT  PULONG          PinCount OPTIONAL,
-       IN OUT  PWSTR           AtomName OPTIONAL,
-       IN OUT  PULONG          NameLength OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-RtlQueryRegistryValues (
-       IN      ULONG                           RelativeTo,
-       IN      PWSTR                           Path,
-       IN      PRTL_QUERY_REGISTRY_TABLE       QueryTable,
-       IN      PVOID                           Context,
-       IN      PVOID                           Environment
-       );
-
-NTSTATUS
-STDCALL
-RtlQueryTimeZoneInformation (
-       IN OUT  PTIME_ZONE_INFORMATION  TimeZoneInformation
-       );
-
-VOID
-STDCALL
-RtlRaiseException (
-       IN      PEXCEPTION_RECORD       ExceptionRecord
-       );
-
-LPVOID
-STDCALL
-RtlReAllocateHeap (
-       HANDLE  hheap,
-       DWORD   flags,
-       LPVOID  ptr,
-       DWORD   size
-       );
-
-NTSTATUS STDCALL
-RtlReserveChunk(IN USHORT CompressionFormat,
-               IN OUT PUCHAR *CompressedBuffer,
-               IN PUCHAR EndOfCompressedBufferPlus1,
-               OUT PUCHAR *ChunkBuffer,
-               IN ULONG ChunkSize);
-
-/*
- * VOID
- * RtlRetrieveUlong (
- *     PULONG  DestinationAddress,
- *     PULONG  SourceAddress
- *     );
- */
-#define RtlRetrieveUlong(DestAddress,SrcAddress) \
-       if ((ULONG)(SrcAddress) & LONG_MASK) \
-       { \
-               ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
-               ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
-               ((PUCHAR)(DestAddress))[2]=((PUCHAR)(SrcAddress))[2]; \
-               ((PUCHAR)(DestAddress))[3]=((PUCHAR)(SrcAddress))[3]; \
-       } \
-       else \
-       { \
-               *((PULONG)(DestAddress))=*((PULONG)(SrcAddress)); \
-       }
-
-/*
- * VOID
- * RtlRetrieveUshort (
- *     PUSHORT DestinationAddress,
- *     PUSHORT SourceAddress
- *     );
- */
-#define RtlRetrieveUshort(DestAddress,SrcAddress) \
-       if ((ULONG)(SrcAddress) & SHORT_MASK) \
-       { \
-               ((PUCHAR)(DestAddress))[0]=((PUCHAR)(SrcAddress))[0]; \
-               ((PUCHAR)(DestAddress))[1]=((PUCHAR)(SrcAddress))[1]; \
-       } \
-       else \
-       { \
-               *((PUSHORT)(DestAddress))=*((PUSHORT)(SrcAddress)); \
-       }
-
-VOID
-STDCALL
-RtlSecondsSince1970ToTime (
-       ULONG SecondsSince1970,
-       PLARGE_INTEGER Time
-       );
-
-VOID
-STDCALL
-RtlSecondsSince1980ToTime (
-       ULONG SecondsSince1980,
-       PLARGE_INTEGER Time
-       );
-
-VOID
-STDCALL
-RtlSetAllBits (
-       IN      PRTL_BITMAP     BitMapHeader
-       );
-
-VOID
-STDCALL
-RtlSetBits (
-       PRTL_BITMAP     BitMapHeader,
-       ULONG           StartingIndex,
-       ULONG           NumberToSet
-       );
-
-NTSTATUS
-STDCALL
-RtlSetDaclSecurityDescriptor (
-       PSECURITY_DESCRIPTOR    SecurityDescriptor,
-       BOOLEAN                 DaclPresent,
-       PACL                    Dacl,
-       BOOLEAN                 DaclDefaulted
-       );
-
-NTSTATUS
-STDCALL
-RtlSetTimeZoneInformation (
-       IN OUT  PTIME_ZONE_INFORMATION  TimeZoneInformation
-       );
-
-DWORD
-STDCALL
-RtlSizeHeap (
-       HANDLE  hheap,
-       DWORD   flags,
-       PVOID   pmem
-       );
-
-/*
- * VOID
- * RtlStoreUlong (
- *     PULONG  Address,
- *     ULONG   Value
- *     );
- */
-#define RtlStoreUlong(Address,Value) \
-       if ((ULONG)(Address) & LONG_MASK) \
-       { \
-               ((PUCHAR)(Address))[LONG_LEAST_SIGNIFICANT_BIT]=(UCHAR)(FIRSTBYTE(Value)); \
-               ((PUCHAR)(Address))[LONG_3RD_MOST_SIGNIFICANT_BIT]=(UCHAR)(FIRSTBYTE(Value)); \
-               ((PUCHAR)(Address))[LONG_2ND_MOST_SIGNIFICANT_BIT]=(UCHAR)(THIRDBYTE(Value)); \
-               ((PUCHAR)(Address))[LONG_MOST_SIGNIFICANT_BIT]=(UCHAR)(FOURTHBYTE(Value)); \
-       } \
-       else \
-       { \
-               *((PULONG)(Address))=(ULONG)(Value); \
-       }
-
-/*
- * VOID
- * RtlStoreUshort (
- *     PUSHORT Address,
- *     USHORT  Value
- *     );
- */
-#define RtlStoreUshort(Address,Value) \
-       if ((ULONG)(Address) & SHORT_MASK) \
-       { \
-               ((PUCHAR)(Address))[SHORT_LEAST_SIGNIFICANT_BIT]=(UCHAR)(FIRSTBYTE(Value)); \
-               ((PUCHAR)(Address))[SHORT_MOST_SIGNIFICANT_BIT]=(UCHAR)(SECONDBYTE(Value)); \
-       } \
-       else \
-       { \
-               *((PUSHORT)(Address))=(USHORT)(Value); \
-       }
-
-BOOLEAN
-STDCALL
-RtlTimeFieldsToTime (
-       PTIME_FIELDS    TimeFields,
-       PLARGE_INTEGER  Time
-       );
-
-BOOLEAN
-STDCALL
-RtlTimeToSecondsSince1970 (
-       PLARGE_INTEGER Time,
-       PULONG SecondsSince1970
-       );
-
-BOOLEAN
-STDCALL
-RtlTimeToSecondsSince1980 (
-       PLARGE_INTEGER Time,
-       PULONG SecondsSince1980
-       );
-
-VOID
-STDCALL
-RtlTimeToTimeFields (
-       PLARGE_INTEGER  Time,
-       PTIME_FIELDS    TimeFields
-       );
-
-ULONG
-STDCALL
-RtlUnicodeStringToAnsiSize (
-       IN      PUNICODE_STRING UnicodeString
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeStringToAnsiString (
-       IN OUT  PANSI_STRING    DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeStringToInteger (
-       IN      PUNICODE_STRING String,
-       IN      ULONG           Base,
-       OUT     PULONG          Value
-       );
-
-ULONG
-STDCALL
-RtlUnicodeStringToOemSize (
-       IN      PUNICODE_STRING UnicodeString
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeStringToCountedOemString (
-       IN OUT  POEM_STRING     DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeStringToOemString (
-       IN OUT  POEM_STRING     DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeToCustomCPN (
-       PRTL_NLS_DATA   NlsData,
-       PCHAR           MbString,
-       ULONG           MbSize,
-       PULONG          ResultSize,
-       PWCHAR          UnicodeString,
-       ULONG           UnicodeSize
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeToMultiByteN (
-       PCHAR   MbString,
-       ULONG   MbSize,
-       PULONG  ResultSize,
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeToMultiByteSize (
-       PULONG  MbSize,
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize
-       );
-
-NTSTATUS
-STDCALL
-RtlUnicodeToOemN (
-       PCHAR   OemString,
-       ULONG   OemSize,
-       PULONG  ResultSize,
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize
-       );
-
-BOOL
-STDCALL
-RtlUnlockHeap (
-       HANDLE  hheap
-       );
-
-VOID
-STDCALL
-RtlUnwind (
-  PEXCEPTION_REGISTRATION RegistrationFrame,
-  PVOID ReturnAddress,
-  PEXCEPTION_RECORD ExceptionRecord,
-  DWORD EaxValue
-       );
-
-WCHAR
-STDCALL
-RtlUpcaseUnicodeChar (
-       WCHAR Source
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeString (
-       IN OUT  PUNICODE_STRING DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeStringToAnsiString (
-       IN OUT  PANSI_STRING    DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeStringToCountedOemString (
-       IN OUT  POEM_STRING     DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeStringToOemString (
-       IN OUT  POEM_STRING     DestinationString,
-       IN      PUNICODE_STRING SourceString,
-       IN      BOOLEAN         AllocateDestinationString
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeToCustomCPN (
-       PRTL_NLS_DATA   NlsData,
-       PCHAR           MbString,
-       ULONG           MbSize,
-       PULONG          ResultSize,
-       PWCHAR          UnicodeString,
-       ULONG           UnicodeSize
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeToMultiByteN (
-       PCHAR   MbString,
-       ULONG   MbSize,
-       PULONG  ResultSize,
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize
-       );
-
-NTSTATUS
-STDCALL
-RtlUpcaseUnicodeToOemN (
-       PCHAR   OemString,
-       ULONG   OemSize,
-       PULONG  ResultSize,
-       PWCHAR  UnicodeString,
-       ULONG   UnicodeSize
-       );
-
-CHAR
-STDCALL
-RtlUpperChar (
-       CHAR    Source
-       );
-
-VOID
-STDCALL
-RtlUpperString (
-       PSTRING DestinationString,
-       PSTRING SourceString
-       );
-
-BOOL
-STDCALL
-RtlValidateHeap (
-       HANDLE  hheap,
-       DWORD   flags,
-       PVOID   pmem
-       );
-
-BOOLEAN
-STDCALL
-RtlValidSecurityDescriptor (
-       PSECURITY_DESCRIPTOR    SecurityDescriptor
-       );
-
-BOOLEAN STDCALL
-RtlValidSid(IN PSID Sid);
-
-NTSTATUS
-STDCALL
-RtlWriteRegistryValue (
-       ULONG   RelativeTo,
-       PWSTR   Path,
-       PWSTR   ValueName,
-       ULONG   ValueType,
-       PVOID   ValueData,
-       ULONG   ValueLength
-       );
-
-VOID STDCALL
-RtlZeroMemory (PVOID Destination, ULONG Length);
-
-ULONG
-STDCALL
-RtlxAnsiStringToUnicodeSize (
-       IN      PANSI_STRING    AnsiString
-       );
-
-ULONG
-STDCALL
-RtlxOemStringToUnicodeSize (
-       IN      POEM_STRING     OemString
-       );
-
-ULONG
-STDCALL
-RtlxUnicodeStringToAnsiSize (
-       IN      PUNICODE_STRING UnicodeString
-       );
-
-ULONG
-STDCALL
-RtlxUnicodeStringToOemSize (
-       IN      PUNICODE_STRING UnicodeString
-       );
-
-
-/* Register io functions */
-
-UCHAR
-STDCALL
-READ_REGISTER_UCHAR (
-       PUCHAR  Register
-       );
-
-USHORT
-STDCALL
-READ_REGISTER_USHORT (
-       PUSHORT Register
-       );
-
-ULONG
-STDCALL
-READ_REGISTER_ULONG (
-       PULONG  Register
-       );
-
-VOID
-STDCALL
-READ_REGISTER_BUFFER_UCHAR (
-       PUCHAR  Register,
-       PUCHAR  Buffer,
-       ULONG   Count
-       );
-
-VOID
-STDCALL
-READ_REGISTER_BUFFER_USHORT (
-       PUSHORT Register,
-       PUSHORT Buffer,
-       ULONG   Count
-       );
-
-VOID
-STDCALL
-READ_REGISTER_BUFFER_ULONG (
-       PULONG  Register,
-       PULONG  Buffer,
-       ULONG   Count
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_UCHAR (
-       PUCHAR  Register,
-       UCHAR   Value
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_USHORT (
-       PUSHORT Register,
-       USHORT  Value
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_ULONG (
-       PULONG  Register,
-       ULONG   Value
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_BUFFER_UCHAR (
-       PUCHAR  Register,
-       PUCHAR  Buffer,
-       ULONG   Count
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_BUFFER_USHORT (
-       PUSHORT Register,
-       PUSHORT Buffer,
-       ULONG   Count
-       );
-
-VOID
-STDCALL
-WRITE_REGISTER_BUFFER_ULONG (
-       PULONG  Register,
-       PULONG  Buffer,
-       ULONG   Count
-       );
-
-
-NTSTATUS STDCALL RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision);
-NTSTATUS STDCALL RtlQueryInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass);
-NTSTATUS STDCALL RtlSetInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass);
-BOOLEAN STDCALL RtlValidAcl (PACL Acl);
-
-NTSTATUS STDCALL RtlAddAccessAllowedAce(PACL Acl, ULONG Revision, ACCESS_MASK AccessMask, PSID Sid);
-NTSTATUS STDCALL RtlAddAccessDeniedAce(PACL Acl, ULONG Revision, ACCESS_MASK AccessMask, PSID Sid);
-NTSTATUS STDCALL RtlAddAce(PACL Acl, ULONG Revision, ULONG StartingIndex, PACE AceList, ULONG AceListLength);
-NTSTATUS STDCALL RtlAddAuditAccessAce (PACL Acl, ULONG Revision, ACCESS_MASK AccessMask, PSID Sid, BOOLEAN Success, BOOLEAN Failure);
-NTSTATUS STDCALL RtlDeleteAce(PACL Acl, ULONG AceIndex);
-BOOLEAN STDCALL RtlFirstFreeAce(PACL Acl, PACE* Ace);
-NTSTATUS STDCALL RtlGetAce(PACL Acl, ULONG AceIndex, PACE *Ace);
-
-NTSTATUS STDCALL RtlAbsoluteToSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength);
-NTSTATUS STDCALL RtlMakeSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength);
-NTSTATUS STDCALL RtlCreateSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG Revision);
-BOOLEAN STDCALL RtlValidSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor);
-ULONG STDCALL RtlLengthSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor);
-NTSTATUS STDCALL RtlSetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, BOOLEAN DaclPresent, PACL Dacl, BOOLEAN DaclDefaulted);
-NTSTATUS STDCALL RtlGetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PBOOLEAN DaclPresent, PACL* Dacl, PBOOLEAN DaclDefauted);
-NTSTATUS STDCALL RtlSetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID Owner, BOOLEAN OwnerDefaulted);
-NTSTATUS STDCALL RtlGetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Owner, PBOOLEAN OwnerDefaulted);
-NTSTATUS STDCALL RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID Group, BOOLEAN GroupDefaulted);
-NTSTATUS STDCALL RtlGetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Group, PBOOLEAN GroupDefaulted);
-NTSTATUS STDCALL RtlGetControlSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL Control, PULONG Revision);
-NTSTATUS STDCALL RtlSetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, BOOLEAN SaclPresent, PACL Sacl, BOOLEAN SaclDefaulted);
-NTSTATUS STDCALL RtlGetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PBOOLEAN SaclPresent, PACL* Sacl, PBOOLEAN SaclDefauted);
-NTSTATUS STDCALL RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR RelSD,
-                                             PSECURITY_DESCRIPTOR AbsSD,
-                                             PDWORD AbsSDSize,
-                                             PACL Dacl,
-                                             PDWORD DaclSize,
-                                             PACL Sacl,
-                                             PDWORD SaclSize,
-                                             PSID Owner,
-                                             PDWORD OwnerSize,
-                                             PSID Group,
-                                             PDWORD GroupSize);
-
-NTSTATUS STDCALL RtlAllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
-                                             UCHAR SubAuthorityCount,
-                                             ULONG SubAuthority0,
-                                             ULONG SubAuthority1,
-                                             ULONG SubAuthority2,
-                                             ULONG SubAuthority3,
-                                             ULONG SubAuthority4,
-                                             ULONG SubAuthority5,
-                                             ULONG SubAuthority6,
-                                             ULONG SubAuthority7,
-                                             PSID *Sid);
-ULONG STDCALL RtlLengthRequiredSid (UCHAR SubAuthorityCount);
-PSID_IDENTIFIER_AUTHORITY STDCALL RtlIdentifierAuthoritySid (PSID Sid);
-NTSTATUS STDCALL RtlInitializeSid (PSID Sid, PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, UCHAR SubAuthorityCount);
-PULONG STDCALL RtlSubAuthoritySid (PSID Sid, ULONG SubAuthority);
-BOOLEAN STDCALL RtlEqualPrefixSid (PSID Sid1, PSID Sid2);
-BOOLEAN STDCALL RtlEqualSid(PSID Sid1, PSID Sid2);
-PSID STDCALL RtlFreeSid (PSID Sid);
-ULONG STDCALL RtlLengthSid (PSID Sid);
-PULONG STDCALL RtlSubAuthoritySid (PSID Sid, ULONG SubAuthority);
-PUCHAR STDCALL RtlSubAuthorityCountSid (PSID Sid);
-BOOLEAN STDCALL RtlValidSid (PSID Sid);
-NTSTATUS STDCALL RtlConvertSidToUnicodeString (PUNICODE_STRING String, PSID Sid, BOOLEAN AllocateBuffer);
-
-BOOLEAN STDCALL RtlAreAllAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess);
-BOOLEAN STDCALL RtlAreAnyAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess);
-VOID STDCALL RtlMapGenericMask (PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping);
-
-
-/*  functions exported from NTOSKRNL.EXE which are considered RTL  */
-
-#if defined(__NTOSKRNL__) || defined(__NTDRIVER__) || defined(__NTHAL__) || defined(__NTDLL__) || defined(__NTAPP__)
-
-char *_itoa (int value, char *string, int radix);
-int _snprintf(char * buf, size_t cnt, const char *fmt, ...);
-int _snwprintf(wchar_t *buf, size_t cnt, const wchar_t *fmt, ...);
-int _stricmp(const char *s1, const char *s2);
-char * _strlwr(char *x);
-int _strnicmp(const char *s1, const char *s2, size_t n);
-char * _strnset(char* szToFill, int szFill, size_t sizeMaxFill);
-char * _strrev(char *s);
-char * _strset(char* szToFill, int szFill);
-char * _strupr(char *x);
-int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args);
-int _wcsicmp (const wchar_t* cs, const wchar_t* ct);
-wchar_t * _wcslwr (wchar_t *x);
-int _wcsnicmp (const wchar_t * cs,const wchar_t * ct,size_t count);
-wchar_t* _wcsnset (wchar_t* wsToFill, wchar_t wcFill, size_t sizeMaxFill);
-wchar_t * _wcsrev(wchar_t *s);
-wchar_t *_wcsupr(wchar_t *x);
-
-int atoi(const char *str);
-long atol(const char *str);
-int isdigit(int c);
-int islower(int c);
-int isprint(int c);
-int isspace(int c);
-int isupper(int c);
-int isxdigit(int c);
-size_t mbstowcs (wchar_t *wcstr, const char *mbstr, size_t count);
-int mbtowc (wchar_t *wchar, const char *mbchar, size_t count);
-void * memchr(const void *s, int c, size_t n);
-void * memcpy(void *to, const void *from, size_t count);
-void * memmove(void *dest,const void *src, size_t count);
-void * memset(void *src, int val, size_t count);
-
-#if 0
-qsort
-#endif
-
-int rand(void);
-int sprintf(char * buf, const char *fmt, ...);
-void srand(unsigned seed);
-char * strcat(char *s, const char *append);
-char * strchr(const char *s, int c);
-int strcmp(const char *s1, const char *s2);
-char * strcpy(char *to, const char *from);
-size_t strlen(const char *str);
-char * strncat(char *dst, const char *src, size_t n);
-int strncmp(const char *s1, const char *s2, size_t n);
-char *strncpy(char *dst, const char *src, size_t n);
-char *strrchr(const char *s, int c);
-size_t strspn(const char *s1, const char *s2);
-char *strstr(const char *s, const char *find);
-int swprintf(wchar_t *buf, const wchar_t *fmt, ...);
-int tolower(int c);
-int toupper(int c);
-wchar_t towlower(wchar_t c);
-wchar_t towupper(wchar_t c);
-int vsprintf(char *buf, const char *fmt, va_list args);
-wchar_t * wcscat(wchar_t *dest, const wchar_t *src);
-wchar_t * wcschr(const wchar_t *str, wchar_t ch);
-int wcscmp(const wchar_t *cs, const wchar_t *ct);
-wchar_t* wcscpy(wchar_t* str1, const wchar_t* str2);
-size_t wcscspn(const wchar_t *str,const wchar_t *reject);
-size_t wcslen(const wchar_t *s);
-wchar_t * wcsncat(wchar_t *dest, const wchar_t *src, size_t count);
-int wcsncmp(const wchar_t *cs, const wchar_t *ct, size_t count);
-wchar_t * wcsncpy(wchar_t *dest, const wchar_t *src, size_t count);
-wchar_t * wcsrchr(const wchar_t *str, wchar_t ch);
-size_t wcsspn(const wchar_t *str,const wchar_t *accept);
-wchar_t *wcsstr(const wchar_t *s,const wchar_t *b);
-size_t wcstombs (char *mbstr, const wchar_t *wcstr, size_t count);
-int wctomb (char *mbchar, wchar_t wchar);
-
-#endif /* __NTOSKRNL__ || __NTDRIVER__ || __NTHAL__ || __NTDLL__ || __NTAPP__ */
-
-#endif /* __DDK_RTL_H */
diff --git a/reactos/include/ddk/rtltypes.h b/reactos/include/ddk/rtltypes.h
deleted file mode 100644 (file)
index 19b388f..0000000
+++ /dev/null
@@ -1,214 +0,0 @@
-/* $Id: rtltypes.h,v 1.6 2002/09/08 10:47:45 chorns Exp $
- * 
- */
-
-#ifndef __DDK_RTLTYPES_H
-#define __DDK_RTLTYPES_H
-
-
-#define COMPRESSION_FORMAT_NONE                0x0000
-#define COMPRESSION_FORMAT_DEFAULT     0x0001
-#define COMPRESSION_FORMAT_LZNT1       0x0002
-
-#define COMPRESSION_ENGINE_STANDARD    0x0000
-#define COMPRESSION_ENGINE_MAXIMUM     0x0100
-#define COMPRESSION_ENGINE_HIBER       0x0200
-
-
-typedef struct _INITIAL_TEB
-{
-  ULONG StackCommit;
-  ULONG StackReserve;
-  PVOID StackBase;
-  PVOID StackLimit;
-  PVOID StackAllocate;
-} INITIAL_TEB, *PINITIAL_TEB;
-
-typedef struct _CONTROLLER_OBJECT
-{
-  CSHORT Type;
-  CSHORT Size;
-  PVOID ControllerExtension;
-  KDEVICE_QUEUE DeviceWaitQueue;
-  ULONG Spare1;
-  LARGE_INTEGER Spare2;
-} CONTROLLER_OBJECT, *PCONTROLLER_OBJECT;
-
-typedef struct _STRING
-{
-  /*
-   * Length in bytes of the string stored in buffer
-   */
-  USHORT Length;
-
-  /*
-   * Maximum length of the string 
-   */
-  USHORT MaximumLength;
-
-  /*
-   * String
-   */
-  PCHAR Buffer;
-} STRING, *PSTRING;
-
-typedef STRING ANSI_STRING;
-typedef PSTRING PANSI_STRING;
-
-typedef STRING OEM_STRING;
-typedef PSTRING POEM_STRING;
-
-
-typedef struct _TIME_FIELDS
-{
-  CSHORT Year;
-  CSHORT Month;
-  CSHORT Day;
-  CSHORT Hour;
-  CSHORT Minute;
-  CSHORT Second;
-  CSHORT Milliseconds;
-  CSHORT Weekday;
-} TIME_FIELDS, *PTIME_FIELDS;
-
-typedef struct _RTL_BITMAP
-{
-  ULONG  SizeOfBitMap;
-  PULONG Buffer;
-} RTL_BITMAP, *PRTL_BITMAP;
-
-typedef struct _RTL_HEAP_DEFINITION
-{
-  ULONG Length;
-  ULONG Unknown[11];
-} RTL_HEAP_DEFINITION, *PRTL_HEAP_DEFINITION;
-
-typedef struct _RTL_ATOM_TABLE
-{
-  ULONG TableSize;
-  ULONG NumberOfAtoms;
-  PVOID Lock;          /* fast mutex (kernel mode)/ critical section (user mode) */
-  PVOID HandleTable;
-  LIST_ENTRY Slot[0];
-} RTL_ATOM_TABLE, *PRTL_ATOM_TABLE;
-
-typedef struct _LB_RANGE
-{
-  UCHAR upper;
-  UCHAR lower;
-} LB_RANGE;
-
-typedef struct _RTL_NLS_DATA
-{
-  USHORT   CodePage;
-  USHORT   MaxCharacterSize;  // SBCS = 1, DBCS = 2
-  WCHAR    DefaultCharacter;
-  WCHAR    char1;
-  WCHAR    char2;
-  WCHAR    char3;
-  USHORT   DbcsFlag;
-  LB_RANGE LeadByteRange[6];
-  USHORT   reserved;
-  PWCHAR   MultiByteToUnicode;
-  PCHAR    UnicodeToMultiByte;
-  PWCHAR   DosMultiByteToUnicode;
-  PCHAR    DbcsTags;
-} RTL_NLS_DATA, *PRTL_NLS_DATA;
-
-typedef struct _RTL_NLS_TABLE
-{
-  RTL_NLS_DATA OemInfo;
-  RTL_NLS_DATA AnsiInfo;
-  PWCHAR UpcaseTable;
-  PWCHAR DowncaseTable;
-} RTL_NLS_TABLE, *PRTL_NLS_TABLE;
-
-
-typedef struct _RTL_SPLAY_LINKS
-{
-  struct _RTL_SPLAY_LINKS *Parent;
-  struct _RTL_SPLAY_LINKS *LeftChild;
-  struct _RTL_SPLAY_LINKS *RightChild;
-} RTL_SPLAY_LINKS, *PRTL_SPLAY_LINKS;
-
-
-typedef struct _RTL_GENERIC_TABLE
-{
-  PVOID RootElement;
-  ULONG Unknown2;
-  ULONG Unknown3;
-  ULONG Unknown4;
-  ULONG Unknown5;
-  ULONG ElementCount;
-  PVOID CompareRoutine;
-  PVOID AllocateRoutine;
-  PVOID FreeRoutine;
-  ULONG UserParameter;
-} RTL_GENERIC_TABLE, *PRTL_GENERIC_TABLE;
-
-
-typedef struct _RTL_MESSAGE_RESOURCE_ENTRY
-{
-  USHORT Length;
-  USHORT Flags;
-  UCHAR Text[1];
-} RTL_MESSAGE_RESOURCE_ENTRY, *PRTL_MESSAGE_RESOURCE_ENTRY;
-
-typedef struct _RTL_MESSAGE_RESOURCE_BLOCK
-{
-  ULONG LowId;
-  ULONG HighId;
-  ULONG OffsetToEntries;
-} RTL_MESSAGE_RESOURCE_BLOCK, *PRTL_MESSAGE_RESOURCE_BLOCK;
-
-typedef struct _RTL_MESSAGE_RESOURCE_DATA
-{
-  ULONG NumberOfBlocks;
-  RTL_MESSAGE_RESOURCE_BLOCK Blocks[1];
-} RTL_MESSAGE_RESOURCE_DATA, *PRTL_MESSAGE_RESOURCE_DATA;
-
-
-typedef NTSTATUS STDCALL
-(*PRTL_QUERY_REGISTRY_ROUTINE)(PWSTR ValueName,
-                              ULONG ValueType,
-                              PVOID ValueData,
-                              ULONG ValueLength,
-                              PVOID Context,
-                              PVOID EntryContext);
-
-typedef struct _RTL_QUERY_REGISTRY_TABLE
-{
-  PRTL_QUERY_REGISTRY_ROUTINE QueryRoutine;
-  ULONG Flags;
-  PWSTR Name;
-  PVOID EntryContext;
-  ULONG DefaultType;
-  PVOID DefaultData;
-  ULONG DefaultLength;
-} RTL_QUERY_REGISTRY_TABLE, *PRTL_QUERY_REGISTRY_TABLE;
-
-
-typedef struct _GENERATE_NAME_CONTEXT
-{
-  USHORT Checksum;
-  BOOLEAN CheckSumInserted;
-  UCHAR NameLength;
-  WCHAR NameBuffer[8];
-  ULONG ExtensionLength;
-  WCHAR ExtensionBuffer[4];
-  ULONG LastIndexValue;
-} GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
-
-
-typedef struct _COMPRESSED_DATA_INFO
-{
-  USHORT CompressionFormatAndEngine;
-  UCHAR CompressionUnitShift;
-  UCHAR ChunkShift;
-  UCHAR ClusterShift;
-  UCHAR Reserved;
-  USHORT NumberOfChunks;
-  ULONG CompressedChunkSizes[1];
-} COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
-
-#endif /* __DDK_RTLTYPES_H */
diff --git a/reactos/include/ddk/zw.h b/reactos/include/ddk/zw.h
deleted file mode 100644 (file)
index a821ab5..0000000
+++ /dev/null
@@ -1,5308 +0,0 @@
-
-/* $Id: zw.h,v 1.54 2002/10/25 22:08:20 chorns Exp $
- *
- * COPYRIGHT:        See COPYING in the top level directory
- * PROJECT:          ReactOS kernel
- * PURPOSE:          System call definitions
- * FILE:             include/ddk/zw.h
- * REVISION HISTORY: 
- *              ??/??/??: First few functions (David Welch)
- *              ??/??/??: Complete implementation by Ariadne
- *              13/07/98: Reorganised things a bit (David Welch)
- *              04/08/98: Added some documentation (Ariadne)
- *             14/08/98: Added type TIME and change variable type from [1] to [0]
- *              14/09/98: Added for each Nt call a corresponding Zw Call
- */
-
-#ifndef __DDK_ZW_H
-#define __DDK_ZW_H
-
-#include <ntos/security.h>
-#include <napi/npipe.h>
-
-//#define LCID ULONG
-//#define SECURITY_INFORMATION ULONG
-//typedef ULONG SECURITY_INFORMATION;
-
-
-/*
- * FUNCTION: Checks a clients access rights to a object
- * ARGUMENTS: 
- *       SecurityDescriptor = Security information against which the access is checked
- *       ClientToken = Represents a client
- *       DesiredAcces = 
- *       GenericMapping =
- *       PrivilegeSet =
- *       ReturnLength = Bytes written
- *       GrantedAccess = 
- *       AccessStatus = Indicates if the ClientToken allows the requested access
- * REMARKS: The arguments map to the win32 AccessCheck 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtAccessCheck(
-       IN PSECURITY_DESCRIPTOR SecurityDescriptor,
-       IN HANDLE ClientToken,
-       IN ACCESS_MASK DesiredAcces,
-       IN PGENERIC_MAPPING GenericMapping,
-       OUT PPRIVILEGE_SET PrivilegeSet,
-       OUT PULONG ReturnLength,
-       OUT PULONG GrantedAccess,
-       OUT PBOOLEAN AccessStatus
-       );
-
-NTSTATUS
-STDCALL
-ZwAccessCheck(
-       IN PSECURITY_DESCRIPTOR SecurityDescriptor,
-       IN HANDLE ClientToken,
-       IN ACCESS_MASK DesiredAcces,
-       IN PGENERIC_MAPPING GenericMapping,
-       OUT PPRIVILEGE_SET PrivilegeSet,
-       OUT PULONG ReturnLength,
-       OUT PULONG GrantedAccess,
-       OUT PBOOLEAN AccessStatus
-       );
-
-/*
- * FUNCTION: Checks a clients access rights to a object and issues a audit a alarm. ( it logs the access )
- * ARGUMENTS: 
- *       SubsystemName = Specifies the name of the subsystem, can be "WIN32" or "DEBUG"
- *       ObjectHandle =
- *       ObjectAttributes =
- *       DesiredAcces = 
- *       GenericMapping =
- *       ObjectCreation = 
- *       GrantedAccess = 
- *       AccessStatus =
- *       GenerateOnClose =
- * REMARKS: The arguments map to the win32 AccessCheck 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtAccessCheckAndAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PHANDLE ObjectHandle,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN ACCESS_MASK DesiredAccess,
-       IN PGENERIC_MAPPING GenericMapping,
-       IN BOOLEAN ObjectCreation,
-       OUT PULONG GrantedAccess,
-       OUT PBOOLEAN AccessStatus,
-       OUT PBOOLEAN GenerateOnClose
-       );
-
-NTSTATUS
-STDCALL
-ZwAccessCheckAndAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PHANDLE ObjectHandle,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN ACCESS_MASK DesiredAccess,
-       IN PGENERIC_MAPPING GenericMapping,
-       IN BOOLEAN ObjectCreation,
-       OUT PULONG GrantedAccess,
-       OUT PBOOLEAN AccessStatus,
-       OUT PBOOLEAN GenerateOnClose
-       );
-
-/*
- * FUNCTION: Adds an atom to the global atom table
- * ARGUMENTS:
- *        AtomString = The string to add to the atom table.
- *        Atom (OUT) = Caller supplies storage for the resulting atom.
- * REMARKS: The arguments map to the win32 add GlobalAddAtom.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtAddAtom(
-       IN      PWSTR           AtomName,
-       IN OUT  PRTL_ATOM       Atom
-       );
-
-
-NTSTATUS
-STDCALL
-ZwAddAtom(
-       IN      PWSTR           AtomName,
-       IN OUT  PRTL_ATOM       Atom
-       );
-
-
-/*
- * FUNCTION: Adjusts the groups in an access token
- * ARGUMENTS: 
- *       TokenHandle = Specifies the access token
- *       ResetToDefault = If true the NewState parameter is ignored and the groups are set to
- *                     their default state, if false the groups specified in
- *                     NewState are set.
- *       NewState = 
- *       BufferLength = Specifies the size of the buffer for the PreviousState.
- *       PreviousState = 
- *       ReturnLength = Bytes written in PreviousState buffer.
- * REMARKS: The arguments map to the win32 AdjustTokenGroups
- * RETURNS: Status
- */
-
-NTSTATUS 
-STDCALL 
-NtAdjustGroupsToken(
-       IN HANDLE TokenHandle,
-       IN BOOLEAN  ResetToDefault,
-       IN PTOKEN_GROUPS  NewState,
-       IN ULONG  BufferLength,
-       OUT PTOKEN_GROUPS  PreviousState OPTIONAL,
-       OUT PULONG  ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwAdjustGroupsToken(
-       IN HANDLE TokenHandle,
-       IN BOOLEAN  ResetToDefault,
-       IN PTOKEN_GROUPS  NewState,
-       IN ULONG  BufferLength,
-       OUT PTOKEN_GROUPS  PreviousState,
-       OUT PULONG  ReturnLength
-       );
-
-
-/*
- * FUNCTION:
- *
- * ARGUMENTS:
- *        TokenHandle = Handle to the access token
- *        DisableAllPrivileges =  The resulting suspend count.
-         NewState = 
-         BufferLength =
-         PreviousState =
-         ReturnLength =
- * REMARK:
- *       The arguments map to the win32 AdjustTokenPrivileges
- * RETURNS: Status
- */
-
-NTSTATUS 
-STDCALL 
-NtAdjustPrivilegesToken(
-       IN HANDLE  TokenHandle,
-       IN BOOLEAN  DisableAllPrivileges,
-       IN PTOKEN_PRIVILEGES  NewState,
-       IN ULONG  BufferLength,
-       OUT PTOKEN_PRIVILEGES  PreviousState,
-       OUT PULONG ReturnLength
-       );
-
-NTSTATUS 
-STDCALL 
-ZwAdjustPrivilegesToken(
-       IN HANDLE  TokenHandle,
-       IN BOOLEAN  DisableAllPrivileges,
-       IN PTOKEN_PRIVILEGES  NewState,
-       IN ULONG  BufferLength,
-       OUT PTOKEN_PRIVILEGES  PreviousState,
-       OUT PULONG ReturnLength
-       );
-
-
-/*
- * FUNCTION: Decrements a thread's suspend count and places it in an alerted 
- *           state.
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread that should be resumed
- *        SuspendCount =  The resulting suspend count.
- * REMARK:
- *       A thread is resumed if its suspend count is 0
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtAlertResumeThread(
-       IN HANDLE ThreadHandle,
-       OUT PULONG SuspendCount
-       );
-
-NTSTATUS
-STDCALL
-ZwAlertResumeThread(
-       IN HANDLE ThreadHandle,
-       OUT PULONG SuspendCount
-       );
-
-/*
- * FUNCTION: Puts the thread in a alerted state
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread that should be alerted
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtAlertThread(
-       IN HANDLE ThreadHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwAlertThread(
-       IN HANDLE ThreadHandle
-       );
-
-
-/*
- * FUNCTION: Allocates a locally unique id
- * ARGUMENTS: 
- *        LocallyUniqueId = Locally unique number
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtAllocateLocallyUniqueId(
-       OUT LUID *LocallyUniqueId
-       );
-
-NTSTATUS
-STDCALL
-ZwAllocateLocallyUniqueId(
-       OUT PLUID Luid
-       );
-
-NTSTATUS
-STDCALL
-NtAllocateUuids(
-       PULARGE_INTEGER Time,
-       PULONG Range,
-       PULONG Sequence
-       );
-
-NTSTATUS
-STDCALL
-ZwAllocateUuids(
-       PULARGE_INTEGER Time,
-       PULONG Range,
-       PULONG Sequence
-       );
-
-
-/*
- * FUNCTION: Allocates a block of virtual memory in the process address space
- * ARGUMENTS:
- *      ProcessHandle = The handle of the process which owns the virtual memory
- *      BaseAddress   = A pointer to the virtual memory allocated. If you supply a non zero
- *                     value the system will try to allocate the memory at the address supplied. It rounds
- *                     it down to a multiple if the page size.
- *      ZeroBits  = (OPTIONAL) You can specify the number of high order bits that must be zero, ensuring that 
- *                     the memory will be allocated at a address below a certain value.
- *      RegionSize = The number of bytes to allocate
- *      AllocationType = Indicates the type of virtual memory you like to allocated,
- *                       can be one of the values : MEM_COMMIT, MEM_RESERVE, MEM_RESET, MEM_TOP_DOWN
- *      Protect = Indicates the protection type of the pages allocated, can be a combination of
- *                      PAGE_READONLY, PAGE_READWRITE, PAGE_EXECUTE_READ,
- *                      PAGE_EXECUTE_READWRITE, PAGE_GUARD, PAGE_NOACCESS, PAGE_NOACCESS
- * REMARKS:
- *       This function maps to the win32 VirtualAllocEx. Virtual memory is process based so the 
- *       protocol starts with a ProcessHandle. I splitted the functionality of obtaining the actual address and specifying
- *       the start address in two parameters ( BaseAddress and StartAddress ) The NumberOfBytesAllocated specify the range
- *       and the AllocationType and ProctectionType map to the other two parameters.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtAllocateVirtualMemory (
-       IN HANDLE ProcessHandle,
-       IN OUT PVOID *BaseAddress,
-       IN ULONG  ZeroBits,
-       IN OUT PULONG  RegionSize,
-       IN ULONG  AllocationType,
-       IN ULONG  Protect
-       );
-
-NTSTATUS
-STDCALL
-ZwAllocateVirtualMemory (
-       IN HANDLE ProcessHandle,
-       IN OUT PVOID *BaseAddress,
-       IN ULONG  ZeroBits,
-       IN OUT PULONG  RegionSize,
-       IN ULONG  AllocationType,
-       IN ULONG  Protect);
-
-/*
- * FUNCTION: Returns from a callback into user mode
- * ARGUMENTS:
- * RETURN Status
- */
-//FIXME: this function might need 3 parameters
-NTSTATUS STDCALL NtCallbackReturn(PVOID Result,
-                                 ULONG ResultLength,
-                                 NTSTATUS Status);
-
-NTSTATUS STDCALL ZwCallbackReturn(PVOID Result,
-                                 ULONG ResultLength,
-                                 NTSTATUS Status);
-
-/*
- * FUNCTION: Cancels a IO request
- * ARGUMENTS: 
- *        FileHandle = Handle to the file
- *        IoStatusBlock  = 
- *
- * REMARKS:
- *        This function maps to the win32 CancelIo.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtCancelIoFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock
-       );
-
-NTSTATUS
-STDCALL
-ZwCancelIoFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock
-       );
-/*
- * FUNCTION: Cancels a timer
- * ARGUMENTS: 
- *        TimerHandle = Handle to the timer
- *        CurrentState = Specifies the state of the timer when cancelled.
- * REMARKS:
- *        The arguments to this function map to the function CancelWaitableTimer. 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtCancelTimer(
-       IN HANDLE TimerHandle,
-       OUT PBOOLEAN CurrentState OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwCancelTimer(
-       IN HANDLE TimerHandle,
-       OUT ULONG ElapsedTime
-       );
-/*
- * FUNCTION: Sets the status of the event back to non-signaled
- * ARGUMENTS: 
- *        EventHandle = Handle to the event
- * REMARKS:
- *       This function maps to win32 function ResetEvent.
- * RETURcNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtClearEvent(
-       IN HANDLE  EventHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwClearEvent(
-       IN HANDLE  EventHandle
-       );
-
-/*
- * FUNCTION: Closes an object handle
- * ARGUMENTS:
- *         Handle = Handle to the object
- * REMARKS:
- *       This function maps to the win32 function CloseHandle. 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtClose(
-       IN HANDLE Handle
-       );
-
-NTSTATUS
-STDCALL
-ZwClose(
-       IN HANDLE Handle
-       );
-
-/*
- * FUNCTION: Generates an audit message when a handle to an object is dereferenced
- * ARGUMENTS:
- *         SubsystemName   = 
-          HandleId        = Handle to the object
-          GenerateOnClose =
- * REMARKS:
- *       This function maps to the win32 function ObjectCloseAuditAlarm. 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCloseObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PVOID HandleId,
-       IN BOOLEAN GenerateOnClose
-       );
-
-NTSTATUS
-STDCALL
-ZwCloseObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PVOID HandleId,
-       IN BOOLEAN GenerateOnClose
-       );
-
-/*
- * FUNCTION: Continues a thread with the specified context
- * ARGUMENTS: 
- *        Context = Specifies the processor context
- *       IrqLevel = Specifies the Interupt Request Level to continue with. Can
- *                     be PASSIVE_LEVEL or APC_LEVEL
- * REMARKS
- *        NtContinue can be used to continue after an exception or apc.
- * RETURNS: Status
- */
-//FIXME This function might need another parameter
-
-NTSTATUS
-STDCALL
-NtContinue(
-       IN PCONTEXT Context,
-       IN BOOLEAN TestAlert
-       );
-
-NTSTATUS STDCALL ZwContinue(IN PCONTEXT Context, IN CINT IrqLevel);
-
-
-/*
- * FUNCTION: Creates a directory object
- * ARGUMENTS:
- *        DirectoryHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies access to the directory
- *        ObjectAttribute = Initialized attributes for the object
- * REMARKS: This function maps to the win32 CreateDirectory. A directory is like a file so it needs a
- *          handle, a access mask and a OBJECT_ATTRIBUTES structure to map the path name and the SECURITY_ATTRIBUTES.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateDirectoryObject(
-       OUT PHANDLE DirectoryHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateDirectoryObject(
-       OUT PHANDLE DirectoryHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Creates an event object
- * ARGUMENTS:
- *        EventHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies access to the event
- *        ObjectAttribute = Initialized attributes for the object
- *        ManualReset = manual-reset or auto-reset if true you have to reset the state of the event manually
- *                       using NtResetEvent/NtClearEvent. if false the system will reset the event to a non-signalled state
- *                       automatically after the system has rescheduled a thread waiting on the event.
- *        InitialState = specifies the initial state of the event to be signaled ( TRUE ) or non-signalled (FALSE).
- * REMARKS: This function maps to the win32 CreateEvent. Demanding a out variable  of type HANDLE,
- *          a access mask and a OBJECT_ATTRIBUTES structure mapping to the SECURITY_ATTRIBUTES. ManualReset and InitialState are
- *          both parameters aswell ( possibly the order is reversed ).
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateEvent(
-       OUT PHANDLE EventHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN BOOLEAN ManualReset,
-       IN BOOLEAN InitialState
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateEvent(
-       OUT PHANDLE EventHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN BOOLEAN ManualReset,
-       IN BOOLEAN InitialState
-       );
-
-/*
- * FUNCTION: Creates an eventpair object
- * ARGUMENTS:
- *        EventPairHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies access to the event
- *        ObjectAttribute = Initialized attributes for the object
- */
-
-NTSTATUS
-STDCALL
-NtCreateEventPair(
-       OUT PHANDLE EventPairHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateEventPair(
-       OUT PHANDLE EventPairHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-
-/*
- * FUNCTION: Creates or opens a file, directory or device object.
- * ARGUMENTS:
- *        FileHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the file can
- *                        be a combination of DELETE | FILE_READ_DATA ..  
- *        ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
- *        IoStatusBlock (OUT) = Caller supplied storage for the resulting status information, indicating if the
- *                              the file is created and opened or allready existed and is just opened.
- *        FileAttributes = file attributes can be a combination of FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN ...
- *        ShareAccess = can be a combination of the following: FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE 
- *        CreateDisposition = specifies what the behavior of the system if the file allready exists.
- *        CreateOptions = specifies the behavior of the system on file creation.
- *        EaBuffer (OPTIONAL) = Extended Attributes buffer, applies only to files and directories.
- *        EaLength = Extended Attributes buffer size,  applies only to files and directories.
- * REMARKS: This function maps to the win32 CreateFile. 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateFile(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PLARGE_INTEGER AllocationSize OPTIONAL,
-       IN ULONG FileAttributes,
-       IN ULONG ShareAccess,
-       IN ULONG CreateDisposition,
-       IN ULONG CreateOptions,
-       IN PVOID EaBuffer OPTIONAL,
-       IN ULONG EaLength
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateFile(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PLARGE_INTEGER AllocationSize OPTIONAL,
-       IN ULONG FileAttributes,
-       IN ULONG ShareAccess,
-       IN ULONG CreateDisposition,
-       IN ULONG CreateOptions,
-       IN PVOID EaBuffer OPTIONAL,
-       IN ULONG EaLength
-       );
-
-/*
- * FUNCTION: Creates or opens a file, directory or device object.
- * ARGUMENTS:
- *        CompletionPort (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the port
- *        IoStatusBlock =
- *        NumberOfConcurrentThreads =
- * REMARKS: This function maps to the win32 CreateIoCompletionPort
- * RETURNS:
- *     Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateIoCompletion(
-       OUT PHANDLE CompletionPort,
-       IN ACCESS_MASK DesiredAccess,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG NumberOfConcurrentThreads
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateIoCompletion(
-       OUT PHANDLE CompletionPort,
-       IN ACCESS_MASK DesiredAccess,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG NumberOfConcurrentThreads
-       );
-
-
-/*
- * FUNCTION: Creates a mail slot file
- * ARGUMENTS:
- *        MailSlotFileHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the file
- *        ObjectAttributes = Contains the name of the mailslotfile.
- *        IoStatusBlock = 
- *        FileAttributes =
- *        ShareAccess =
- *        MaxMessageSize =
- *        TimeOut =
- *       
- * REMARKS: This funciton maps to the win32 function CreateMailSlot
- * RETURNS:
- *     Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateMailslotFile(
-       OUT PHANDLE MailSlotFileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG FileAttributes,
-       IN ULONG ShareAccess,
-       IN ULONG MaxMessageSize,
-       IN PLARGE_INTEGER TimeOut
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateMailslotFile(
-       OUT PHANDLE MailSlotFileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG FileAttributes,
-       IN ULONG ShareAccess,
-       IN ULONG MaxMessageSize,
-       IN PLARGE_INTEGER TimeOut
-       );
-
-/*
- * FUNCTION: Creates or opens a mutex
- * ARGUMENTS:
- *        MutantHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the port
- *        ObjectAttributes = Contains the name of the mutex.
- *        InitialOwner = If true the calling thread acquires ownership 
- *                     of the mutex.
- * REMARKS: This funciton maps to the win32 function CreateMutex
- * RETURNS:
- *     Status
- */
-NTSTATUS
-STDCALL
-NtCreateMutant(
-       OUT PHANDLE MutantHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN BOOLEAN InitialOwner
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateMutant(
-       OUT PHANDLE MutantHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN BOOLEAN InitialOwner
-       );
-
-
-/*
- * FUNCTION: Creates a paging file.
- * ARGUMENTS:
- *        FileName  = Name of the pagefile
- *        InitialSize = Specifies the initial size in bytes
- *        MaximumSize = Specifies the maximum size in bytes
- *        Reserved = Reserved for future use
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtCreatePagingFile(
-       IN PUNICODE_STRING FileName,
-       IN PLARGE_INTEGER InitialSize,
-       IN PLARGE_INTEGER MaxiumSize,
-       IN ULONG Reserved
-       );
-
-NTSTATUS
-STDCALL
-ZwCreatePagingFile(
-       IN PUNICODE_STRING FileName,
-       IN PLARGE_INTEGER InitialSize,
-       IN PLARGE_INTEGER MaxiumSize,
-       IN ULONG Reserved
-       );
-
-/*
- * FUNCTION: Creates a process.
- * ARGUMENTS:
- *        ProcessHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the process can
- *                        be a combinate of STANDARD_RIGHTS_REQUIRED| ..  
- *        ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
- *        ParentProcess = Handle to the parent process.
- *        InheritObjectTable = Specifies to inherit the objects of the parent process if true.
- *        SectionHandle = Handle to a section object to back the image file
- *        DebugPort = Handle to a DebugPort if NULL the system default debug port will be used.
- *        ExceptionPort = Handle to a exception port.
- * REMARKS:
- *        This function maps to the win32 CreateProcess.
- * RETURNS: Status
- */
-NTSTATUS 
-STDCALL 
-NtCreateProcess(
-       OUT PHANDLE ProcessHandle,
-        IN ACCESS_MASK DesiredAccess,
-        IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-        IN HANDLE ParentProcess,
-        IN BOOLEAN InheritObjectTable,
-        IN HANDLE SectionHandle OPTIONAL,
-        IN HANDLE DebugPort OPTIONAL,
-        IN HANDLE ExceptionPort OPTIONAL
-       );
-
-NTSTATUS 
-STDCALL 
-ZwCreateProcess(
-       OUT PHANDLE ProcessHandle,
-        IN ACCESS_MASK DesiredAccess,
-        IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-        IN HANDLE ParentProcess,
-        IN BOOLEAN InheritObjectTable,
-        IN HANDLE SectionHandle OPTIONAL,
-        IN HANDLE DebugPort OPTIONAL,
-        IN HANDLE ExceptionPort OPTIONAL
-       );
-
-/*
- * FUNCTION: Creates a profile
- * ARGUMENTS:
- *        ProfileHandle (OUT) = Caller supplied storage for the resulting handle
- *        ObjectAttribute = Initialized attributes for the object
- *        ImageBase = Start address of executable image
- *        ImageSize = Size of the image
- *        Granularity = Bucket size
- *        Buffer =  Caller supplies buffer for profiling info
- *        ProfilingSize = Buffer size
- *        ClockSource = Specify 0 / FALSE ??
- *        ProcessorMask = A value of -1 indicates disables  per processor profiling,
-                         otherwise bit set for the processor to profile.
- * REMARKS:
- *        This function maps to the win32 CreateProcess. 
- * RETURNS: Status
- */
-
-NTSTATUS 
-STDCALL
-NtCreateProfile(OUT PHANDLE ProfileHandle, 
-               IN HANDLE ProcessHandle,
-               IN PVOID ImageBase, 
-               IN ULONG ImageSize, 
-               IN ULONG Granularity,
-               OUT PULONG Buffer, 
-               IN ULONG ProfilingSize,
-               IN KPROFILE_SOURCE Source,
-               IN ULONG ProcessorMask);
-
-NTSTATUS 
-STDCALL
-ZwCreateProfile(
-       OUT PHANDLE ProfileHandle, 
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN ULONG ImageBase, 
-       IN ULONG ImageSize, 
-       IN ULONG Granularity,
-       OUT PVOID Buffer, 
-       IN ULONG ProfilingSize,
-       IN ULONG ClockSource,
-       IN ULONG ProcessorMask
-       );
-
-/*
- * FUNCTION: Creates a section object.
- * ARGUMENTS:
- *        SectionHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the desired access to the section can be a combination of STANDARD_RIGHTS_REQUIRED | SECTION_QUERY | SECTION_MAP_WRITE |  
- *                        SECTION_MAP_READ | SECTION_MAP_EXECUTE.
- *        ObjectAttribute = Initialized attributes for the object can be used to create a named section
- *        MaxiumSize = Maximizes the size of the memory section. Must be non-NULL for a page-file backed section. 
- *                     If value specified for a mapped file and the file is not large enough, file will be extended. 
- *        SectionPageProtection = Can be a combination of PAGE_READONLY | PAGE_READWRITE | PAGE_WRITEONLY | PAGE_WRITECOPY.
- *        AllocationAttributes = can be a combination of SEC_IMAGE | SEC_RESERVE
- *        FileHanlde = Handle to a file to create a section mapped to a file instead of a memory backed section.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateSection( 
-       OUT PHANDLE SectionHandle, 
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,  
-       IN PLARGE_INTEGER MaximumSize OPTIONAL,  
-       IN ULONG SectionPageProtection OPTIONAL,
-       IN ULONG AllocationAttributes,
-       IN HANDLE FileHandle OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateSection( 
-       OUT PHANDLE SectionHandle, 
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,  
-       IN PLARGE_INTEGER MaximumSize OPTIONAL,  
-       IN ULONG SectionPageProtection OPTIONAL,
-       IN ULONG AllocationAttributes,
-       IN HANDLE FileHandle OPTIONAL
-       );
-
-/*
- * FUNCTION: Creates a semaphore object for interprocess synchronization.
- * ARGUMENTS:
- *        SemaphoreHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the semaphore. 
- *        ObjectAttribute = Initialized attributes for the object.
- *        InitialCount = Not necessary zero, might be smaller than zero.
- *        MaximumCount = Maxiumum count the semaphore can reach.
- * RETURNS: Status
- * REMARKS: 
- *        The semaphore is set to signaled when its count is greater than zero, and non-signaled when its count is zero.
- */
-
-//FIXME: should a semaphore's initial count allowed to be smaller than zero ??
-NTSTATUS
-STDCALL
-NtCreateSemaphore(
-       OUT PHANDLE SemaphoreHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-       IN LONG InitialCount,
-       IN LONG MaximumCount
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateSemaphore(
-       OUT PHANDLE SemaphoreHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-       IN LONG InitialCount,
-       IN LONG MaximumCount
-       );
-
-/*
- * FUNCTION: Creates a symbolic link object
- * ARGUMENTS:
- *        SymbolicLinkHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the thread. 
- *        ObjectAttributes = Initialized attributes for the object.
- *        Name = Target name of the symbolic link  
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtCreateSymbolicLinkObject(
-       OUT PHANDLE SymbolicLinkHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PUNICODE_STRING Name
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateSymbolicLinkObject(
-       OUT PHANDLE SymbolicLinkHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PUNICODE_STRING Name
-       );
-
-/*
- * FUNCTION: Creates a user mode thread
- * ARGUMENTS:
- *        ThreadHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the thread. 
- *        ObjectAttributes = Initialized attributes for the object.
- *        ProcessHandle = Handle to the threads parent process.
- *        ClientId (OUT) = Caller supplies storage for returned process id and thread id.
- *        ThreadContext = Initial processor context for the thread.
- *        InitialTeb = Initial user mode stack context for the thread.
- *        CreateSuspended = Specifies if the thread is ready for scheduling
- * REMARKS:
- *        This function maps to the win32 function CreateThread.  
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL 
-NtCreateThread(
-       OUT     PHANDLE                 ThreadHandle,
-       IN      ACCESS_MASK             DesiredAccess,
-       IN      POBJECT_ATTRIBUTES      ObjectAttributes        OPTIONAL,
-       IN      HANDLE                  ProcessHandle,
-       OUT     PCLIENT_ID              ClientId,
-       IN      PCONTEXT                ThreadContext,
-       IN      PINITIAL_TEB            InitialTeb,
-       IN      BOOLEAN                 CreateSuspended
-       );
-
-NTSTATUS
-STDCALL 
-ZwCreateThread(
-       OUT PHANDLE ThreadHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-       IN HANDLE ProcessHandle,
-       OUT PCLIENT_ID ClientId,
-       IN PCONTEXT ThreadContext,
-       IN PINITIAL_TEB InitialTeb,
-       IN BOOLEAN CreateSuspended
-       );
-
-/*
- * FUNCTION: Creates a waitable timer.
- * ARGUMENTS:
- *        TimerHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the timer. 
- *        ObjectAttributes = Initialized attributes for the object.
- *        TimerType = Specifies if the timer should be reset manually.
- * REMARKS:
- *       This function maps to the win32  CreateWaitableTimer. lpTimerAttributes and lpTimerName map to
- *       corresponding fields in OBJECT_ATTRIBUTES structure. 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtCreateTimer(
-       OUT PHANDLE TimerHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-       IN TIMER_TYPE TimerType
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateTimer(
-       OUT PHANDLE TimerHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
-       IN TIMER_TYPE TimerType
-       );
-
-/*
- * FUNCTION: Creates a token.
- * ARGUMENTS:
- *        TokenHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Specifies the allowed or desired access to the process can
- *                        be a combinate of STANDARD_RIGHTS_REQUIRED| ..  
- *        ObjectAttribute = Initialized attributes for the object, contains the rootdirectory and the filename
- *        TokenType = 
- *        AuthenticationId = 
- *        ExpirationTime = 
- *        TokenUser = 
- *        TokenGroups =
- *        TokenPrivileges = 
- *        TokenOwner = 
- *        TokenPrimaryGroup = 
- *        TokenDefaultDacl =
- *        TokenSource =
- * REMARKS:
- *        This function does not map to a win32 function
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtCreateToken(
-       OUT PHANDLE TokenHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN TOKEN_TYPE TokenType,
-       IN PLUID AuthenticationId,
-       IN PLARGE_INTEGER ExpirationTime,
-       IN PTOKEN_USER TokenUser,
-       IN PTOKEN_GROUPS TokenGroups,
-       IN PTOKEN_PRIVILEGES TokenPrivileges,
-       IN PTOKEN_OWNER TokenOwner,
-       IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
-       IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
-       IN PTOKEN_SOURCE TokenSource
-       );
-
-NTSTATUS
-STDCALL
-ZwCreateToken(
-       OUT PHANDLE TokenHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN TOKEN_TYPE TokenType,
-       IN PLUID AuthenticationId,
-       IN PLARGE_INTEGER ExpirationTime,
-       IN PTOKEN_USER TokenUser,
-       IN PTOKEN_GROUPS TokenGroups,
-       IN PTOKEN_PRIVILEGES TokenPrivileges,
-       IN PTOKEN_OWNER TokenOwner,
-       IN PTOKEN_PRIMARY_GROUP TokenPrimaryGroup,
-       IN PTOKEN_DEFAULT_DACL TokenDefaultDacl,
-       IN PTOKEN_SOURCE TokenSource
-       );
-
-/*
- * FUNCTION: Returns the callers thread TEB.
- * RETURNS: The resulting teb.
- */
-#if 0
- NT_TEB *
-STDCALL 
-NtCurrentTeb(VOID
-       );
-#endif
-
-/*
- * FUNCTION: Delays the execution of the calling thread.
- * ARGUMENTS:
- *        Alertable = If TRUE the thread is alertable during is wait period
- *        Interval  = Specifies the interval to wait.      
- * RETURNS: Status
- */
-NTSTATUS STDCALL NtDelayExecution(IN ULONG Alertable, IN TIME* Interval);
-
-NTSTATUS
-STDCALL
-ZwDelayExecution(
-       IN BOOLEAN Alertable,
-       IN TIME *Interval
-       );
-
-
-/*
- * FUNCTION: Deletes an atom from the global atom table
- * ARGUMENTS:
- *        Atom = Identifies the atom to delete
- * REMARKS:
- *      The function maps to the win32 GlobalDeleteAtom
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtDeleteAtom(
-       IN RTL_ATOM Atom
-       );
-
-NTSTATUS
-STDCALL
-ZwDeleteAtom(
-       IN RTL_ATOM Atom
-       );
-
-/*
- * FUNCTION: Deletes a file or a directory
- * ARGUMENTS:
- *        ObjectAttributes = Name of the file which should be deleted
- * REMARKS:
- *      This system call is functionally equivalent to NtSetInformationFile
- *      setting the disposition information.
- *      The function maps to the win32 DeleteFile. 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtDeleteFile(
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwDeleteFile(
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Deletes a registry key
- * ARGUMENTS:
- *         KeyHandle = Handle of the key
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtDeleteKey(
-       IN HANDLE KeyHandle
-       );
-NTSTATUS
-STDCALL
-ZwDeleteKey(
-       IN HANDLE KeyHandle
-       );
-
-/*
- * FUNCTION: Generates a audit message when an object is deleted
- * ARGUMENTS:
- *         SubsystemName = Spefies the name of the subsystem can be 'WIN32' or 'DEBUG'
- *         HandleId= Handle to an audit object
- *        GenerateOnClose = Value returned by NtAccessCheckAndAuditAlarm
- * REMARKS: This function maps to the win32 ObjectCloseAuditAlarm
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtDeleteObjectAuditAlarm ( 
-       IN PUNICODE_STRING SubsystemName, 
-       IN PVOID HandleId, 
-       IN BOOLEAN GenerateOnClose 
-       );
-
-NTSTATUS
-STDCALL
-ZwDeleteObjectAuditAlarm ( 
-       IN PUNICODE_STRING SubsystemName, 
-       IN PVOID HandleId, 
-       IN BOOLEAN GenerateOnClose 
-       );  
-
-
-/*
- * FUNCTION: Deletes a value from a registry key
- * ARGUMENTS:
- *         KeyHandle = Handle of the key
- *         ValueName = Name of the value to delete
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtDeleteValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName
-       );
-
-NTSTATUS
-STDCALL
-ZwDeleteValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName
-       );
-/*
- * FUNCTION: Sends IOCTL to the io sub system
- * ARGUMENTS:
- *        DeviceHandle = Points to the handle that is created by NtCreateFile
- *        Event = Event to synchronize on STATUS_PENDING
- *        ApcRoutine = Asynchroneous procedure callback
- *       ApcContext = Callback context.
- *       IoStatusBlock = Caller should supply storage for extra information.. 
- *        IoControlCode = Contains the IO Control command. This is an 
- *                     index to the structures in InputBuffer and OutputBuffer.
- *       InputBuffer = Caller should supply storage for input buffer if IOTL expects one.
- *       InputBufferSize = Size of the input bufffer
- *        OutputBuffer = Caller should supply storage for output buffer if IOTL expects one.
- *        OutputBufferSize  = Size of the input bufffer
- * RETURNS: Status 
- */
-
-NTSTATUS
-STDCALL
-NtDeviceIoControlFile(
-       IN HANDLE DeviceHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, 
-       IN PVOID UserApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock, 
-       IN ULONG IoControlCode,
-       IN PVOID InputBuffer, 
-       IN ULONG InputBufferSize,
-       OUT PVOID OutputBuffer,
-       IN ULONG OutputBufferSize
-       );
-
-NTSTATUS
-STDCALL
-ZwDeviceIoControlFile(
-       IN HANDLE DeviceHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, 
-       IN PVOID UserApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock, 
-       IN ULONG IoControlCode,
-       IN PVOID InputBuffer, 
-       IN ULONG InputBufferSize,
-       OUT PVOID OutputBuffer,
-       IN ULONG OutputBufferSize
-       );
-/*
- * FUNCTION: Displays a string on the blue screen
- * ARGUMENTS:
- *         DisplayString = The string to display
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtDisplayString(
-       IN PUNICODE_STRING DisplayString
-       );
-
-NTSTATUS
-STDCALL
-ZwDisplayString(
-       IN PUNICODE_STRING DisplayString
-       );
-
-/*
- * FUNCTION: Copies a handle from one process space to another
- * ARGUMENTS:
- *         SourceProcessHandle = The source process owning the handle. The source process should have opened
- *                     the SourceHandle with PROCESS_DUP_HANDLE access.
- *        SourceHandle = The handle to the object.
- *        TargetProcessHandle = The destination process owning the handle 
- *        TargetHandle (OUT) = Caller should supply storage for the duplicated handle. 
- *        DesiredAccess = The desired access to the handle.
- *        InheritHandle = Indicates wheter the new handle will be inheritable or not.
- *        Options = Specifies special actions upon duplicating the handle. Can be
- *                     one of the values DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS.
- *                     DUPLICATE_CLOSE_SOURCE specifies that the source handle should be
- *                     closed after duplicating. DUPLICATE_SAME_ACCESS specifies to ignore
- *                     the DesiredAccess paramter and just grant the same access to the new
- *                     handle.
- * RETURNS: Status
- * REMARKS: This function maps to the win32 DuplicateHandle.
- */
-
-NTSTATUS
-STDCALL
-NtDuplicateObject(
-       IN HANDLE SourceProcessHandle,
-       IN HANDLE SourceHandle,
-       IN HANDLE TargetProcessHandle,
-       OUT PHANDLE TargetHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN BOOLEAN InheritHandle,
-       IN ULONG Options
-       );
-
-NTSTATUS
-STDCALL
-ZwDuplicateObject(
-       IN HANDLE SourceProcessHandle,
-       IN PHANDLE SourceHandle,
-       IN HANDLE TargetProcessHandle,
-       OUT PHANDLE TargetHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN BOOLEAN InheritHandle,
-       IN ULONG Options
-       );
-
-NTSTATUS
-STDCALL
-NtDuplicateToken(  
-       IN HANDLE ExistingToken, 
-       IN ACCESS_MASK DesiredAccess, 
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
-       IN TOKEN_TYPE TokenType,  
-       OUT PHANDLE NewToken     
-       );
-
-NTSTATUS
-STDCALL
-ZwDuplicateToken(  
-       IN HANDLE ExistingToken, 
-       IN ACCESS_MASK DesiredAccess, 
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
-       IN TOKEN_TYPE TokenType,  
-       OUT PHANDLE NewToken     
-       );
-/*
- * FUNCTION: Returns information about the subkeys of an open key
- * ARGUMENTS:
- *         KeyHandle = Handle of the key whose subkeys are to enumerated
- *         Index = zero based index of the subkey for which information is
- *                 request
- *         KeyInformationClass = Type of information returned
- *         KeyInformation (OUT) = Caller allocated buffer for the information
- *                                about the key
- *         Length = Length in bytes of the KeyInformation buffer
- *         ResultLength (OUT) = Caller allocated storage which holds
- *                              the number of bytes of information retrieved
- *                              on return
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtEnumerateKey(
-       IN HANDLE KeyHandle,
-       IN ULONG Index,
-       IN KEY_INFORMATION_CLASS KeyInformationClass,
-       OUT PVOID KeyInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwEnumerateKey(
-       IN HANDLE KeyHandle,
-       IN ULONG Index,
-       IN KEY_INFORMATION_CLASS KeyInformationClass,
-       OUT PVOID KeyInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-/*
- * FUNCTION: Returns information about the value entries of an open key
- * ARGUMENTS:
- *         KeyHandle = Handle of the key whose value entries are to enumerated
- *         Index = zero based index of the subkey for which information is
- *                 request
- *         KeyInformationClass = Type of information returned
- *         KeyInformation (OUT) = Caller allocated buffer for the information
- *                                about the key
- *         Length = Length in bytes of the KeyInformation buffer
- *         ResultLength (OUT) = Caller allocated storage which holds
- *                              the number of bytes of information retrieved
- *                              on return
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtEnumerateValueKey(
-       IN HANDLE KeyHandle,
-       IN ULONG Index,
-       IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
-       OUT PVOID KeyValueInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwEnumerateValueKey(
-       IN HANDLE KeyHandle,
-       IN ULONG Index,
-       IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
-       OUT PVOID KeyValueInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-/*
- * FUNCTION: Extends a section
- * ARGUMENTS:
- *       SectionHandle = Handle to the section
- *      NewMaximumSize = Adjusted size
- * RETURNS: Status 
- */
-NTSTATUS
-STDCALL
-NtExtendSection(
-       IN HANDLE SectionHandle,
-       IN ULONG NewMaximumSize
-       );
-NTSTATUS
-STDCALL
-ZwExtendSection(
-       IN HANDLE SectionHandle,
-       IN ULONG NewMaximumSize
-       );
-
-/*
- * FUNCTION: Finds a atom
- * ARGUMENTS:
- *       AtomName = Name to search for.
- *       Atom = Caller supplies storage for the resulting atom
- * RETURNS: Status 
- * REMARKS:
- *     This funciton maps to the win32 GlobalFindAtom
- */
-NTSTATUS
-STDCALL
-NtFindAtom(
-       IN      PWSTR           AtomName,
-       OUT     PRTL_ATOM       Atom OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwFindAtom(
-       IN      PWSTR           AtomName,
-       OUT     PRTL_ATOM       Atom OPTIONAL
-       );
-
-/*
- * FUNCTION: Flushes chached file data to disk
- * ARGUMENTS:
- *       FileHandle = Points to the file
- *      IoStatusBlock = Caller must supply storage to receive the result of the flush
- *             buffers operation. The information field is set to number of bytes
- *             flushed to disk.
- * RETURNS: Status 
- * REMARKS:
- *     This funciton maps to the win32 FlushFileBuffers
- */
-NTSTATUS
-STDCALL
-NtFlushBuffersFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock
-       );
-
-NTSTATUS
-STDCALL
-ZwFlushBuffersFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock
-       );
-/*
- * FUNCTION: Flushes a the processors instruction cache
- * ARGUMENTS:
- *       ProcessHandle = Points to the process owning the cache
- *      BaseAddress = // might this be a image address ????
- *      NumberOfBytesToFlush = 
- * RETURNS: Status 
- * REMARKS:
- *     This funciton is used by debuggers
- */
-NTSTATUS
-STDCALL
-NtFlushInstructionCache(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN UINT NumberOfBytesToFlush
-       );
-NTSTATUS
-STDCALL
-ZwFlushInstructionCache(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN UINT NumberOfBytesToFlush
-       );
-/*
- * FUNCTION: Flushes a registry key to disk
- * ARGUMENTS:
- *       KeyHandle = Points to the registry key handle
- * RETURNS: Status 
- * REMARKS:
- *     This funciton maps to the win32 RegFlushKey.
- */
-NTSTATUS
-STDCALL
-NtFlushKey(
-       IN HANDLE KeyHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwFlushKey(
-       IN HANDLE KeyHandle
-       );
-
-/*
- * FUNCTION: Flushes virtual memory to file
- * ARGUMENTS:
- *        ProcessHandle = Points to the process that allocated the virtual memory
- *        BaseAddress = Points to the memory address
- *        NumberOfBytesToFlush = Limits the range to flush,
- *        NumberOfBytesFlushed = Actual number of bytes flushed
- * RETURNS: Status 
- * REMARKS:
- *       Check return status on STATUS_NOT_MAPPED_DATA 
- */
-NTSTATUS
-STDCALL
-NtFlushVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG NumberOfBytesToFlush,
-       OUT PULONG NumberOfBytesFlushed OPTIONAL
-       );
-NTSTATUS
-STDCALL
-ZwFlushVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG NumberOfBytesToFlush,
-       OUT PULONG NumberOfBytesFlushed OPTIONAL
-       );
-/*
- * FUNCTION: Flushes the dirty pages to file
- * RETURNS: Status
- * FIXME: Not sure this does (how is the file specified)
- */
-NTSTATUS STDCALL NtFlushWriteBuffer(VOID);
-NTSTATUS STDCALL ZwFlushWriteBuffer(VOID);                      
-
- /*
- * FUNCTION: Frees a range of virtual memory
- * ARGUMENTS:
- *        ProcessHandle = Points to the process that allocated the virtual 
- *                        memory
- *        BaseAddress = Points to the memory address, rounded down to a 
- *                      multiple of the pagesize
- *        RegionSize = Limits the range to free, rounded up to a multiple of 
- *                     the paging size
- *        FreeType = Can be one of the values:  MEM_DECOMMIT, or MEM_RELEASE
- * RETURNS: Status 
- */
-NTSTATUS STDCALL NtFreeVirtualMemory(IN HANDLE ProcessHandle,
-                                    IN PVOID  *BaseAddress,    
-                                    IN PULONG  RegionSize,     
-                                    IN ULONG  FreeType);
-NTSTATUS STDCALL ZwFreeVirtualMemory(IN HANDLE ProcessHandle,
-                                    IN PVOID  *BaseAddress,    
-                                    IN PULONG  RegionSize,     
-                                    IN ULONG  FreeType);  
-
-/*
- * FUNCTION: Sends FSCTL to the filesystem
- * ARGUMENTS:
- *        DeviceHandle = Points to the handle that is created by NtCreateFile
- *        Event = Event to synchronize on STATUS_PENDING
- *        ApcRoutine = 
- *       ApcContext =
- *       IoStatusBlock = Caller should supply storage for 
- *        IoControlCode = Contains the File System Control command. This is an 
- *                     index to the structures in InputBuffer and OutputBuffer.
- *             FSCTL_GET_RETRIEVAL_POINTERS    MAPPING_PAIR
- *             FSCTL_GET_RETRIEVAL_POINTERS    GET_RETRIEVAL_DESCRIPTOR
- *             FSCTL_GET_VOLUME_BITMAP         BITMAP_DESCRIPTOR
- *             FSCTL_MOVE_FILE                 MOVEFILE_DESCRIPTOR
- *
- *       InputBuffer = Caller should supply storage for input buffer if FCTL expects one.
- *       InputBufferSize = Size of the input bufffer
- *        OutputBuffer = Caller should supply storage for output buffer if FCTL expects one.
- *        OutputBufferSize  = Size of the input bufffer
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES |
- *             STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST ]
- */
-NTSTATUS
-STDCALL
-NtFsControlFile(
-       IN HANDLE DeviceHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock, 
-       IN ULONG IoControlCode,
-       IN PVOID InputBuffer, 
-       IN ULONG InputBufferSize,
-       OUT PVOID OutputBuffer,
-       IN ULONG OutputBufferSize
-       );
-
-NTSTATUS
-STDCALL
-ZwFsControlFile(
-       IN HANDLE DeviceHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock, 
-       IN ULONG IoControlCode,
-       IN PVOID InputBuffer, 
-       IN ULONG InputBufferSize,
-       OUT PVOID OutputBuffer,
-       IN ULONG OutputBufferSize
-       );
-
-/*
- * FUNCTION: Retrieves the processor context of a thread
- * ARGUMENTS:
- *        ThreadHandle = Handle to a thread
- *        Context (OUT) = Caller allocated storage for the processor context
- * RETURNS: Status 
- */
-
-NTSTATUS
-STDCALL 
-NtGetContextThread(
-       IN HANDLE ThreadHandle, 
-       OUT PCONTEXT Context
-       );
-
-NTSTATUS
-STDCALL 
-ZwGetContextThread(
-       IN HANDLE ThreadHandle, 
-       OUT PCONTEXT Context
-       );
-/*
- * FUNCTION: Retrieves the uptime of the system
- * ARGUMENTS:
- *        UpTime = Number of clock ticks since boot.
- * RETURNS: Status 
- */
-NTSTATUS
-STDCALL 
-NtGetTickCount(
-       PULONG UpTime
-       );
-
-NTSTATUS
-STDCALL 
-ZwGetTickCount(
-       PULONG UpTime
-       );
-
-/*
- * FUNCTION: Sets a thread to impersonate another 
- * ARGUMENTS:
- *        ThreadHandle = Server thread that will impersonate a client.
-         ThreadToImpersonate = Client thread that will be impersonated
-         SecurityQualityOfService = Specifies the impersonation level.
- * RETURNS: Status 
- */
-
-NTSTATUS
-STDCALL 
-NtImpersonateThread(
-       IN HANDLE ThreadHandle,
-       IN HANDLE ThreadToImpersonate,
-       IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
-       );
-
-NTSTATUS
-STDCALL 
-ZwImpersonateThread(
-       IN HANDLE ThreadHandle,
-       IN HANDLE ThreadToImpersonate,
-       IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
-       );
-
-/*
- * FUNCTION: Initializes the registry.
- * ARGUMENTS:
- *        SetUpBoot = This parameter is true for a setup boot.
- * RETURNS: Status 
- */
-NTSTATUS
-STDCALL 
-NtInitializeRegistry(
-       BOOLEAN SetUpBoot
-       );
-NTSTATUS
-STDCALL 
-ZwInitializeRegistry(
-       BOOLEAN SetUpBoot
-       );
-
-/*
- * FUNCTION: Loads a driver. 
- * ARGUMENTS: 
- *      DriverServiceName = Name of the driver to load
- * RETURNS: Status
- */    
-NTSTATUS
-STDCALL 
-NtLoadDriver(
-       IN PUNICODE_STRING DriverServiceName
-       );
-
-NTSTATUS
-STDCALL 
-ZwLoadDriver(
-       IN PUNICODE_STRING DriverServiceName
-       );
-
-/*
- * FUNCTION: Loads a registry key.
- * ARGUMENTS:
- *       KeyHandle = Handle to the registry key
- *       ObjectAttributes = ???
- * REMARK:
- *      This procedure maps to the win32 procedure RegLoadKey
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL 
-NtLoadKey(
-       PHANDLE KeyHandle,
-       POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL 
-ZwLoadKey(
-       PHANDLE KeyHandle,
-       POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Loads a registry key.
- * ARGUMENTS:
- *       KeyHandle = Handle to the registry key
- *       ObjectAttributes = ???
- *       Unknown3 = ???
- * REMARK:
- *       This procedure maps to the win32 procedure RegLoadKey
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtLoadKey2 (
-       PHANDLE                 KeyHandle,
-       POBJECT_ATTRIBUTES      ObjectAttributes,
-       ULONG                   Unknown3
-       );
-NTSTATUS
-STDCALL
-ZwLoadKey2 (
-       PHANDLE                 KeyHandle,
-       POBJECT_ATTRIBUTES      ObjectAttributes,
-       ULONG                   Unknown3
-       );
-
-/*
- * FUNCTION: Locks a range of bytes in a file. 
- * ARGUMENTS: 
- *       FileHandle = Handle to the file
- *       Event = Should be null if apc is specified.
- *       ApcRoutine = Asynchroneous Procedure Callback
- *       ApcContext = Argument to the callback
- *       IoStatusBlock (OUT) = Caller should supply storage for a structure containing
- *                      the completion status and information about the requested lock operation.
- *       ByteOffset = Offset 
- *       Length = Number of bytes to lock.
- *       Key  = Special value to give other threads the possibility to unlock the file
-               by supplying the key in a call to NtUnlockFile.
- *       FailImmediatedly = If false the request will block untill the lock is obtained. 
- *       ExclusiveLock = Specifies whether a exclusive or a shared lock is obtained.
- * REMARK:
-       This procedure maps to the win32 procedure LockFileEx. STATUS_PENDING is returned if the lock could
-       not be obtained immediately, the device queue is busy and the IRP is queued.
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES |
-               STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST | STATUS_LOCK_NOT_GRANTED ]
-
- */    
-NTSTATUS 
-STDCALL
-NtLockFile(
-       IN  HANDLE FileHandle,
-       IN  HANDLE Event OPTIONAL,
-       IN  PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN  PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN  PLARGE_INTEGER ByteOffset,
-       IN  PLARGE_INTEGER Length,
-       IN  PULONG Key,
-       IN  BOOLEAN FailImmediatedly,
-       IN  BOOLEAN ExclusiveLock
-       );
-
-NTSTATUS 
-STDCALL
-ZwLockFile(
-       IN  HANDLE FileHandle,
-       IN  HANDLE Event OPTIONAL,
-       IN  PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN  PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN  PLARGE_INTEGER ByteOffset,
-       IN  PLARGE_INTEGER Length,
-       IN  PULONG Key,
-       IN  BOOLEAN FailImmediatedly,
-       IN  BOOLEAN ExclusiveLock
-       );
-/*
- * FUNCTION: Locks a range of virtual memory. 
- * ARGUMENTS: 
- *       ProcessHandle = Handle to the process
- *       BaseAddress =  Lower boundary of the range of bytes to lock. 
- *       NumberOfBytesLock = Offset to the upper boundary.
- *       NumberOfBytesLocked (OUT) = Number of bytes actually locked.
- * REMARK:
-       This procedure maps to the win32 procedure VirtualLock 
- * RETURNS: Status [STATUS_SUCCESS | STATUS_WAS_LOCKED ]
- */    
-NTSTATUS
-STDCALL 
-NtLockVirtualMemory(
-       HANDLE ProcessHandle,
-       PVOID BaseAddress,
-       ULONG NumberOfBytesToLock,
-       PULONG NumberOfBytesLocked
-       );
-NTSTATUS
-STDCALL 
-ZwLockVirtualMemory(
-       HANDLE ProcessHandle,
-       PVOID BaseAddress,
-       ULONG NumberOfBytesToLock,
-       PULONG NumberOfBytesLocked
-       );
-/*
- * FUNCTION: Makes temporary object that will be removed at next boot.
- * ARGUMENTS: 
- *       Handle = Handle to object
- * RETURNS: Status
- */    
-
-NTSTATUS
-STDCALL
-NtMakeTemporaryObject(
-       IN HANDLE Handle 
-       );
-
-NTSTATUS
-STDCALL
-ZwMakeTemporaryObject(
-       IN HANDLE Handle 
-       );
-/*
- * FUNCTION: Maps a view of a section into the virtual address space of a 
- *           process
- * ARGUMENTS:
- *        SectionHandle = Handle of the section
- *        ProcessHandle = Handle of the process
- *        BaseAddress = Desired base address (or NULL) on entry
- *                      Actual base address of the view on exit
- *        ZeroBits = Number of high order address bits that must be zero
- *        CommitSize = Size in bytes of the initially committed section of 
- *                     the view 
- *        SectionOffset = Offset in bytes from the beginning of the section
- *                        to the beginning of the view
- *        ViewSize = Desired length of map (or zero to map all) on entry
- *                   Actual length mapped on exit
- *        InheritDisposition = Specified how the view is to be shared with
- *                            child processes
- *        AllocateType = Type of allocation for the pages
- *        Protect = Protection for the committed region of the view
- * RETURNS: Status
- */
-NTSTATUS 
-STDCALL
-NtMapViewOfSection(
-       IN HANDLE SectionHandle,
-       IN HANDLE ProcessHandle,
-       IN OUT PVOID *BaseAddress,
-       IN ULONG ZeroBits,
-       IN ULONG CommitSize,
-       IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
-       IN OUT PULONG ViewSize,
-       IN SECTION_INHERIT InheritDisposition,
-       IN ULONG AllocationType,
-       IN ULONG AccessProtection
-       );
-
-NTSTATUS
-STDCALL
-ZwMapViewOfSection(
-       IN HANDLE SectionHandle,
-       IN HANDLE ProcessHandle,
-       IN OUT PVOID *BaseAddress,
-       IN ULONG ZeroBits,
-       IN ULONG CommitSize,
-       IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
-       IN OUT PULONG ViewSize,
-       IN SECTION_INHERIT InheritDisposition,
-       IN ULONG AllocationType,
-       IN ULONG AccessProtection
-       );
-
-/*
- * FUNCTION: Installs a notify for the change of a directory's contents
- * ARGUMENTS:
- *        FileHandle = Handle to the directory
-         Event = 
- *        ApcRoutine   = Start address
- *        ApcContext = Delimits the range of virtual memory
- *                             for which the new access protection holds
- *        IoStatusBlock = The new access proctection for the pages
- *        Buffer = Caller supplies storage for resulting information --> FILE_NOTIFY_INFORMATION
- *       BufferSize =  Size of the buffer
-         CompletionFilter = Can be one of the following values:
-                       FILE_NOTIFY_CHANGE_FILE_NAME
-                       FILE_NOTIFY_CHANGE_DIR_NAME
-                       FILE_NOTIFY_CHANGE_NAME ( FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_DIR_NAME ) 
-                       FILE_NOTIFY_CHANGE_ATTRIBUTES
-                       FILE_NOTIFY_CHANGE_SIZE
-                       FILE_NOTIFY_CHANGE_LAST_WRITE
-                       FILE_NOTIFY_CHANGE_LAST_ACCESS
-                       FILE_NOTIFY_CHANGE_CREATION ( change of creation timestamp )
-                       FILE_NOTIFY_CHANGE_EA
-                       FILE_NOTIFY_CHANGE_SECURITY
-                       FILE_NOTIFY_CHANGE_STREAM_NAME
-                       FILE_NOTIFY_CHANGE_STREAM_SIZE
-                       FILE_NOTIFY_CHANGE_STREAM_WRITE
-         WatchTree = If true the notify will be installed recursively on the targetdirectory and all subdirectories.
- *
- * REMARKS:
- *      The function maps to the win32 FindFirstChangeNotification, FindNextChangeNotification 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtNotifyChangeDirectoryFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG BufferSize,
-       IN ULONG CompletionFilter,
-       IN BOOLEAN WatchTree
-       );
-
-NTSTATUS
-STDCALL
-ZwNotifyChangeDirectoryFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG BufferSize,
-       IN ULONG CompletionFilter,
-       IN BOOLEAN WatchTree
-       );
-
-/*
- * FUNCTION: Installs a notfication callback on registry changes
- * ARGUMENTS:
-       KeyHandle = Handle to the registry key
-       Event = Event that should be signalled on modification of the key
-       ApcRoutine = Routine that should be called on modification of the key
-       ApcContext = Argument to the ApcRoutine
-       IoStatusBlock = ???
-       CompletionFilter = Specifies the kind of notification the caller likes to receive.
-                       Can be a combination of the following values:
-
-                       REG_NOTIFY_CHANGE_NAME
-                       REG_NOTIFY_CHANGE_ATTRIBUTES
-                       REG_NOTIFY_CHANGE_LAST_SET
-                       REG_NOTIFY_CHANGE_SECURITY
-                               
-                               
-       Asynchroneous = If TRUE the changes are reported by signalling an event if false
-                       the function will not return before a change occurs.
-       ChangeBuffer =  Will return the old value
-       Length = Size of the change buffer
-       WatchSubtree =  Indicates if the caller likes to receive a notification of changes in
-                       sub keys or not.
- * REMARKS: If the key is closed the event is signalled aswell.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtNotifyChangeKey(
-       IN HANDLE KeyHandle,
-       IN HANDLE Event,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG CompletionFilter,
-       IN BOOLEAN Asynchroneous, 
-       OUT PVOID ChangeBuffer,
-       IN ULONG Length,
-       IN BOOLEAN WatchSubtree
-       );
-
-NTSTATUS
-STDCALL
-ZwNotifyChangeKey(
-       IN HANDLE KeyHandle,
-       IN HANDLE Event,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG CompletionFilter,
-       IN BOOLEAN Asynchroneous, 
-       OUT PVOID ChangeBuffer,
-       IN ULONG Length,
-       IN BOOLEAN WatchSubtree
-       );
-
-/*
- * FUNCTION: Opens an existing directory object
- * ARGUMENTS:
- *        FileHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the directory
- *        ObjectAttributes = Initialized attributes for the object
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtOpenDirectoryObject(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenDirectoryObject(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Opens an existing event
- * ARGUMENTS:
- *        EventHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the event
- *        ObjectAttributes = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenEvent(
-       OUT PHANDLE EventHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenEvent(
-       OUT PHANDLE EventHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Opens an existing event pair
- * ARGUMENTS:
- *        EventHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the event
- *        ObjectAttributes = Initialized attributes for the object
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtOpenEventPair(
-       OUT PHANDLE EventPairHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenEventPair(
-       OUT PHANDLE EventPairHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-/*
- * FUNCTION: Opens an existing file
- * ARGUMENTS:
- *        FileHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the file
- *        ObjectAttributes = Initialized attributes for the object
- *        IoStatusBlock =
- *        ShareAccess =
- *        OpenOptions =
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenFile(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG ShareAccess,
-       IN ULONG OpenOptions
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenFile(
-       OUT PHANDLE FileHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG ShareAccess,
-       IN ULONG OpenOptions
-       );
-
-/*
- * FUNCTION: Opens an existing io completion object
- * ARGUMENTS:
- *        CompletionPort (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the io completion object
- *        ObjectAttributes = Initialized attributes for the object
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtOpenIoCompletion(
-       OUT PHANDLE CompetionPort,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenIoCompletion(
-       OUT PHANDLE CompetionPort,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-       
-/*
- * FUNCTION: Opens an existing key in the registry
- * ARGUMENTS:
- *        KeyHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the key
- *        ObjectAttributes = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenKey(
-       OUT PHANDLE KeyHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenKey(
-       OUT PHANDLE KeyHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-/*
- * FUNCTION: Opens an existing key in the registry
- * ARGUMENTS:
- *        MutantHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the mutant
- *        ObjectAttribute = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenMutant(
-       OUT PHANDLE MutantHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenMutant(
-       OUT PHANDLE MutantHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-NTSTATUS
-STDCALL
-NtOpenObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,       
-       IN PVOID HandleId,      
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN HANDLE ClientToken,  
-       IN ULONG DesiredAccess, 
-       IN ULONG GrantedAccess, 
-       IN PPRIVILEGE_SET Privileges,
-       IN BOOLEAN ObjectCreation,      
-       IN BOOLEAN AccessGranted,       
-       OUT PBOOLEAN GenerateOnClose    
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,       
-       IN PVOID HandleId,      
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN HANDLE ClientToken,  
-       IN ULONG DesiredAccess, 
-       IN ULONG GrantedAccess, 
-       IN PPRIVILEGE_SET Privileges,
-       IN BOOLEAN ObjectCreation,      
-       IN BOOLEAN AccessGranted,       
-       OUT PBOOLEAN GenerateOnClose    
-       );
-/*
- * FUNCTION: Opens an existing process
- * ARGUMENTS:
- *        ProcessHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the process
- *        ObjectAttribute = Initialized attributes for the object
- *        ClientId = Identifies the process id to open
- * RETURNS: Status
- */
-NTSTATUS 
-STDCALL
-NtOpenProcess (
-       OUT PHANDLE ProcessHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PCLIENT_ID ClientId
-       ); 
-NTSTATUS 
-STDCALL
-ZwOpenProcess (
-       OUT PHANDLE ProcessHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PCLIENT_ID ClientId
-       ); 
-/*
- * FUNCTION: Opens an existing process
- * ARGUMENTS:
- *        ProcessHandle  = Handle of the process of which owns the token
- *        DesiredAccess = Requested access to the token
- *       TokenHandle (OUT) = Caller supplies storage for the resulting token.
- * REMARKS:
-       This function maps to the win32 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtOpenProcessToken(
-       IN HANDLE ProcessHandle,
-       IN ACCESS_MASK DesiredAccess,
-       OUT PHANDLE TokenHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenProcessToken(
-       IN HANDLE ProcessHandle,
-       IN ACCESS_MASK DesiredAccess,
-       OUT PHANDLE TokenHandle
-       );
-
-/*
- * FUNCTION: Opens an existing section object
- * ARGUMENTS:
- *        KeyHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the key
- *        ObjectAttribute = Initialized attributes for the object
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtOpenSection(
-       OUT PHANDLE SectionHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenSection(
-       OUT PHANDLE SectionHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-/*
- * FUNCTION: Opens an existing semaphore
- * ARGUMENTS:
- *        SemaphoreHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the semaphore
- *        ObjectAttribute = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenSemaphore(
-       IN HANDLE SemaphoreHandle,
-       IN ACCESS_MASK DesiredAcces,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenSemaphore(
-       IN HANDLE SemaphoreHandle,
-       IN ACCESS_MASK DesiredAcces,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-/*
- * FUNCTION: Opens an existing symbolic link
- * ARGUMENTS:
- *        SymbolicLinkHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the symbolic link
- *        ObjectAttribute = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenSymbolicLinkObject(
-       OUT PHANDLE SymbolicLinkHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenSymbolicLinkObject(
-       OUT PHANDLE SymbolicLinkHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-/*
- * FUNCTION: Opens an existing thread
- * ARGUMENTS:
- *        ThreadHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the thread
- *        ObjectAttribute = Initialized attributes for the object
- *       ClientId = Identifies the thread to open.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenThread(
-       OUT PHANDLE ThreadHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PCLIENT_ID ClientId
-       );
-NTSTATUS
-STDCALL
-ZwOpenThread(
-       OUT PHANDLE ThreadHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes,
-       IN PCLIENT_ID ClientId
-       );
-
-NTSTATUS
-STDCALL
-NtOpenThreadToken(
-       IN HANDLE ThreadHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN BOOLEAN OpenAsSelf,
-       OUT PHANDLE TokenHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwOpenThreadToken(
-       IN HANDLE ThreadHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN BOOLEAN OpenAsSelf,
-       OUT PHANDLE TokenHandle
-       );
-/*
- * FUNCTION: Opens an existing timer
- * ARGUMENTS:
- *        TimerHandle (OUT) = Caller supplied storage for the resulting handle
- *        DesiredAccess = Requested access to the timer
- *        ObjectAttribute = Initialized attributes for the object
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtOpenTimer(
-       OUT PHANDLE TimerHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-NTSTATUS
-STDCALL
-ZwOpenTimer(
-       OUT PHANDLE TimerHandle,
-       IN ACCESS_MASK DesiredAccess,
-       IN POBJECT_ATTRIBUTES ObjectAttributes
-       );
-
-/*
- * FUNCTION: Checks an access token for specific privileges
- * ARGUMENTS:
- *        ClientToken = Handle to a access token structure
- *        RequiredPrivileges = Specifies the requested privileges.
- *        Result = Caller supplies storage for the result. If PRIVILEGE_SET_ALL_NECESSARY is
-                  set in the Control member of PRIVILEGES_SET Result
-                  will only be TRUE if all privileges are present in the access token. 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtPrivilegeCheck(
-       IN HANDLE ClientToken,
-       IN PPRIVILEGE_SET RequiredPrivileges,
-       IN PBOOLEAN Result
-       );
-
-NTSTATUS
-STDCALL
-ZwPrivilegeCheck(
-       IN HANDLE ClientToken,
-       IN PPRIVILEGE_SET RequiredPrivileges,
-       IN PBOOLEAN Result
-       );
-
-NTSTATUS
-STDCALL
-NtPrivilegedServiceAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PUNICODE_STRING ServiceName,
-       IN HANDLE ClientToken,
-       IN PPRIVILEGE_SET Privileges,
-       IN BOOLEAN AccessGranted
-       );
-
-NTSTATUS
-STDCALL
-ZwPrivilegedServiceAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,       
-       IN PUNICODE_STRING ServiceName, 
-       IN HANDLE ClientToken,
-       IN PPRIVILEGE_SET Privileges,   
-       IN BOOLEAN AccessGranted        
-       );      
-
-NTSTATUS
-STDCALL
-NtPrivilegeObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PVOID HandleId,
-       IN HANDLE ClientToken,
-       IN ULONG DesiredAccess,
-       IN PPRIVILEGE_SET Privileges,
-       IN BOOLEAN AccessGranted
-       );
-
-NTSTATUS
-STDCALL
-ZwPrivilegeObjectAuditAlarm(
-       IN PUNICODE_STRING SubsystemName,
-       IN PVOID HandleId,
-       IN HANDLE ClientToken,
-       IN ULONG DesiredAccess,
-       IN PPRIVILEGE_SET Privileges,
-       IN BOOLEAN AccessGranted
-       );
-
-/*
- * FUNCTION: Entry point for native applications
- * ARGUMENTS:
- *     Peb = Pointes to the Process Environment Block (PEB)
- * REMARKS:
- *     Native applications should use this function instead of a main.
- *     Calling proces should terminate itself.
- * RETURNS: Status
- */    
-VOID STDCALL
-NtProcessStartup(
-       IN      PPEB    Peb
-       );
-
-/*
- * FUNCTION: Set the access protection of a range of virtual memory
- * ARGUMENTS:
- *        ProcessHandle = Handle to process owning the virtual address space
- *        BaseAddress   = Start address
- *        NumberOfBytesToProtect = Delimits the range of virtual memory
- *                             for which the new access protection holds
- *        NewAccessProtection = The new access proctection for the pages
- *        OldAccessProtection = Caller should supply storage for the old 
- *                             access protection
- *
- * REMARKS:
- *      The function maps to the win32 VirtualProtectEx
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtProtectVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG NumberOfBytesToProtect,
-       IN ULONG NewAccessProtection,
-       OUT PULONG OldAccessProtection
-       );
-
-NTSTATUS
-STDCALL
-ZwProtectVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG NumberOfBytesToProtect,
-       IN ULONG NewAccessProtection,
-       OUT PULONG OldAccessProtection
-       );
-
-
-/*
- * FUNCTION: Signals an event and resets it afterwards.
- * ARGUMENTS:
- *        EventHandle  = Handle to the event
- *        PulseCount = Number of times the action is repeated
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtPulseEvent(
-       IN HANDLE EventHandle,
-       IN PULONG PulseCount OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwPulseEvent(
-       IN HANDLE EventHandle,
-       IN PULONG PulseCount OPTIONAL
-       );
-
-/*
- * FUNCTION: Queries the attributes of a file
- * ARGUMENTS:
- *        ObjectAttributes = Initialized attributes for the object
- *        Buffer = Caller supplies storage for the attributes
- * RETURNS: Status
- */
-
-NTSTATUS STDCALL
-NtQueryAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
-                     OUT PFILE_BASIC_INFORMATION FileInformation);
-
-NTSTATUS STDCALL
-ZwQueryAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
-                     OUT PFILE_BASIC_INFORMATION FileInformation);
-
-/*
- * FUNCTION: Queries the default locale id
- * ARGUMENTS:
- *        UserProfile = Type of locale id
- *              TRUE: thread locale id
- *              FALSE: system locale id
- *        DefaultLocaleId = Caller supplies storage for the locale id
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtQueryDefaultLocale(
-       IN BOOLEAN UserProfile,
-       OUT PLCID DefaultLocaleId
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryDefaultLocale(
-       IN BOOLEAN UserProfile,
-       OUT PLCID DefaultLocaleId
-       );
-
-/*
- * FUNCTION: Queries a directory file.
- * ARGUMENTS:
- *       FileHandle = Handle to a directory file
- *        EventHandle  = Handle to the event signaled on completion
- *       ApcRoutine = Asynchroneous procedure callback, called on completion
- *       ApcContext = Argument to the apc.
- *       IoStatusBlock = Caller supplies storage for extended status information.
- *       FileInformation = Caller supplies storage for the resulting information.
- *
- *             FileNameInformation             FILE_NAMES_INFORMATION
- *             FileDirectoryInformation        FILE_DIRECTORY_INFORMATION
- *             FileFullDirectoryInformation    FILE_FULL_DIRECTORY_INFORMATION
- *             FileBothDirectoryInformation    FILE_BOTH_DIR_INFORMATION
- *
- *       Length = Size of the storage supplied
- *       FileInformationClass = Indicates the type of information requested.  
- *       ReturnSingleEntry = Specify true if caller only requests the first directory found.
- *       FileName = Initial directory name to query, that may contain wild cards.
- *        RestartScan = Number of times the action should be repeated
- * RETURNS: Status [ STATUS_SUCCESS, STATUS_ACCESS_DENIED, STATUS_INSUFFICIENT_RESOURCES,
- *                  STATUS_INVALID_PARAMETER, STATUS_INVALID_DEVICE_REQUEST, STATUS_BUFFER_OVERFLOW,
- *                  STATUS_INVALID_INFO_CLASS, STATUS_NO_SUCH_FILE, STATUS_NO_MORE_FILES ]
- */
-
-NTSTATUS
-STDCALL
-NtQueryDirectoryFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID FileInformation,
-       IN ULONG Length,
-       IN FILE_INFORMATION_CLASS FileInformationClass,
-       IN BOOLEAN ReturnSingleEntry,
-       IN PUNICODE_STRING FileName OPTIONAL,
-       IN BOOLEAN RestartScan
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryDirectoryFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID FileInformation,
-       IN ULONG Length,
-       IN FILE_INFORMATION_CLASS FileInformationClass,
-       IN BOOLEAN ReturnSingleEntry,
-       IN PUNICODE_STRING FileName OPTIONAL,
-       IN BOOLEAN RestartScan
-       );
-
-/*
- * FUNCTION: Query information about the content of a directory object
- * ARGUMENTS:
-       DirObjInformation =   Buffer must be large enough to hold the name strings too
-        GetNextIndex = If TRUE :return the index of the next object in this directory in ObjectIndex
-                      If FALSE:  return the number of objects in this directory in ObjectIndex
-        IgnoreInputIndex= If TRUE:  ignore input value of ObjectIndex  always start at index 0
-                         If FALSE use input value of ObjectIndex
-       ObjectIndex =   zero based index of object in the directory  depends on GetNextIndex and IgnoreInputIndex
-        DataWritten  = Actual size of the ObjectIndex ???
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtQueryDirectoryObject(
-       IN      HANDLE                  DirObjHandle,
-       OUT     POBJDIR_INFORMATION     DirObjInformation,
-       IN      ULONG                   BufferLength,
-       IN      BOOLEAN                 GetNextIndex,
-       IN      BOOLEAN                 IgnoreInputIndex,
-       IN OUT  PULONG                  ObjectIndex,
-       OUT     PULONG                  DataWritten OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryDirectoryObject(
-       IN HANDLE DirObjHandle,
-       OUT POBJDIR_INFORMATION DirObjInformation,
-       IN ULONG                BufferLength,
-       IN BOOLEAN              GetNextIndex,
-       IN BOOLEAN              IgnoreInputIndex,
-       IN OUT PULONG           ObjectIndex,
-       OUT PULONG              DataWritten OPTIONAL
-       );
-
-/*
- * FUNCTION: Queries the extended attributes of a file
- * ARGUMENTS:
- *        FileHandle  = Handle to the event
- *        IoStatusBlock = Number of times the action is repeated
- *        Buffer
- *        Length
- *        ReturnSingleEntry
- *        EaList
- *        EaListLength
- *        EaIndex
- *        RestartScan
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtQueryEaFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG Length,
-       IN BOOLEAN ReturnSingleEntry,
-       IN PVOID EaList OPTIONAL,
-       IN ULONG EaListLength,
-       IN PULONG EaIndex OPTIONAL,
-       IN BOOLEAN RestartScan
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryEaFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG Length,
-       IN BOOLEAN ReturnSingleEntry,
-       IN PVOID EaList OPTIONAL,
-       IN ULONG EaListLength,
-       IN PULONG EaIndex OPTIONAL,
-       IN BOOLEAN RestartScan
-       );
-
-/*
- * FUNCTION: Queries an event
- * ARGUMENTS:
- *        EventHandle  = Handle to the event
- *        EventInformationClass = Index of the information structure
-       
-         EventBasicInformation         EVENT_BASIC_INFORMATION
-
- *       EventInformation = Caller supplies storage for the information structure
- *       EventInformationLength =  Size of the information structure
- *       ReturnLength = Data written
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtQueryEvent(
-       IN HANDLE EventHandle,
-       IN EVENT_INFORMATION_CLASS EventInformationClass,
-       OUT PVOID EventInformation,
-       IN ULONG EventInformationLength,
-       OUT PULONG ReturnLength
-       );
-NTSTATUS
-STDCALL
-ZwQueryEvent(
-       IN HANDLE EventHandle,
-       IN EVENT_INFORMATION_CLASS EventInformationClass,
-       OUT PVOID EventInformation,
-       IN ULONG EventInformationLength,
-       OUT PULONG ReturnLength
-       );
-
-NTSTATUS STDCALL
-NtQueryFullAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
-                         OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
-
-NTSTATUS STDCALL
-ZwQueryFullAttributesFile(IN POBJECT_ATTRIBUTES ObjectAttributes,
-                         OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
-
-NTSTATUS
-STDCALL
-NtQueryInformationAtom(
-       IN      RTL_ATOM                Atom,
-       IN      ATOM_INFORMATION_CLASS  AtomInformationClass,
-       OUT     PVOID                   AtomInformation,
-       IN      ULONG                   AtomInformationLength,
-       OUT     PULONG                  ReturnLength OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-NtQueryInformationAtom(
-       IN      RTL_ATOM                Atom,
-       IN      ATOM_INFORMATION_CLASS  AtomInformationClass,
-       OUT     PVOID                   AtomInformation,
-       IN      ULONG                   AtomInformationLength,
-       OUT     PULONG                  ReturnLength OPTIONAL
-       );
-
-
-/*
- * FUNCTION: Queries the information of a file object.
- * ARGUMENTS: 
- *        FileHandle = Handle to the file object
- *       IoStatusBlock = Caller supplies storage for extended information 
- *                        on the current operation.
- *        FileInformation = Storage for the new file information
- *        Lenght = Size of the storage for the file information.
- *        FileInformationClass = Indicates which file information is queried
-
-         FileDirectoryInformation              FILE_DIRECTORY_INFORMATION
-         FileFullDirectoryInformation          FILE_FULL_DIRECTORY_INFORMATION
-         FileBothDirectoryInformation          FILE_BOTH_DIRECTORY_INFORMATION
-         FileBasicInformation                  FILE_BASIC_INFORMATION
-         FileStandardInformation               FILE_STANDARD_INFORMATION
-         FileInternalInformation               FILE_INTERNAL_INFORMATION
-         FileEaInformation                     FILE_EA_INFORMATION
-         FileAccessInformation                 FILE_ACCESS_INFORMATION
-         FileNameInformation                   FILE_NAME_INFORMATION
-         FileRenameInformation                 FILE_RENAME_INFORMATION
-         FileLinkInformation                   
-         FileNamesInformation                  FILE_NAMES_INFORMATION
-         FileDispositionInformation            FILE_DISPOSITION_INFORMATION
-         FilePositionInformation               FILE_POSITION_INFORMATION
-         FileFullEaInformation                 FILE_FULL_EA_INFORMATION                
-         FileModeInformation                   FILE_MODE_INFORMATION
-         FileAlignmentInformation              FILE_ALIGNMENT_INFORMATION
-         FileAllInformation                    FILE_ALL_INFORMATION
-
-         FileEndOfFileInformation              FILE_END_OF_FILE_INFORMATION
-         FileAlternateNameInformation          
-         FileStreamInformation                 FILE_STREAM_INFORMATION
-         FilePipeInformation                   
-         FilePipeLocalInformation              
-         FilePipeRemoteInformation             
-         FileMailslotQueryInformation          
-         FileMailslotSetInformation            
-         FileCompressionInformation            FILE_COMPRESSION_INFORMATION            
-         FileCopyOnWriteInformation            
-         FileCompletionInformation             IO_COMPLETION_CONTEXT
-         FileMoveClusterInformation            
-         FileOleClassIdInformation             
-         FileOleStateBitsInformation           
-         FileNetworkOpenInformation            FILE_NETWORK_OPEN_INFORMATION
-         FileObjectIdInformation               
-         FileOleAllInformation                 
-         FileOleDirectoryInformation           
-         FileContentIndexInformation           
-         FileInheritContentIndexInformation    
-         FileOleInformation                    
-         FileMaximumInformation                        
-
- * REMARK:
- *       This procedure maps to the win32 GetShortPathName, GetLongPathName,
-          GetFullPathName, GetFileType, GetFileSize, GetFileTime  functions. 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtQueryInformationFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID FileInformation,
-       IN ULONG Length,
-       IN FILE_INFORMATION_CLASS FileInformationClass
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryInformationFile(
-       HANDLE FileHandle,
-       PIO_STATUS_BLOCK IoStatusBlock,
-       PVOID FileInformation,
-       ULONG Length,
-       FILE_INFORMATION_CLASS FileInformationClass
-       );
-
-/*
- * FUNCTION: Queries the information of a process object.
- * ARGUMENTS: 
- *        ProcessHandle = Handle to the process object
- *        ProcessInformation = Index to a certain information structure
-
-               ProcessBasicInformation          PROCESS_BASIC_INFORMATION
-               ProcessQuotaLimits               QUOTA_LIMITS
-               ProcessIoCounters                IO_COUNTERS
-               ProcessVmCounters                VM_COUNTERS
-               ProcessTimes                     KERNEL_USER_TIMES
-               ProcessBasePriority              KPRIORITY
-               ProcessRaisePriority             KPRIORITY
-               ProcessDebugPort                 HANDLE
-               ProcessExceptionPort             HANDLE 
-               ProcessAccessToken               PROCESS_ACCESS_TOKEN
-               ProcessLdtInformation            LDT_ENTRY ??
-               ProcessLdtSize                   ULONG
-               ProcessDefaultHardErrorMode      ULONG
-               ProcessIoPortHandlers            // kernel mode only
-               ProcessPooledUsageAndLimits      POOLED_USAGE_AND_LIMITS
-               ProcessWorkingSetWatch           PROCESS_WS_WATCH_INFORMATION           
-               ProcessUserModeIOPL              (I/O Privilege Level)
-               ProcessEnableAlignmentFaultFixup BOOLEAN        
-               ProcessPriorityClass             ULONG
-               ProcessWx86Information           ULONG  
-               ProcessHandleCount               ULONG
-               ProcessAffinityMask              ULONG  
-               ProcessPooledQuotaLimits         QUOTA_LIMITS
-               MaxProcessInfoClass              
-
- *        ProcessInformation = Caller supplies storage for the process information structure
- *       ProcessInformationLength = Size of the process information structure
- *        ReturnLength  = Actual number of bytes written
-               
- * REMARK:
- *       This procedure maps to the win32 GetProcessTimes, GetProcessVersion,
-          GetProcessWorkingSetSize, GetProcessPriorityBoost, GetProcessAffinityMask, GetPriorityClass,
-          GetProcessShutdownParameters  functions. 
- * RETURNS: Status
-*/
-
-NTSTATUS
-STDCALL
-NtQueryInformationProcess(
-       IN HANDLE ProcessHandle,
-       IN CINT ProcessInformationClass,
-       OUT PVOID ProcessInformation,
-       IN ULONG ProcessInformationLength,
-       OUT PULONG ReturnLength 
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryInformationProcess(
-       IN HANDLE ProcessHandle,
-       IN CINT ProcessInformationClass,
-       OUT PVOID ProcessInformation,
-       IN ULONG ProcessInformationLength,
-       OUT PULONG ReturnLength 
-       );
-
-
-/*
- * FUNCTION: Queries the information of a thread object.
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread object
- *        ThreadInformationClass = Index to a certain information structure
-
-               ThreadBasicInformation                  THREAD_BASIC_INFORMATION        
-               ThreadTimes                             KERNEL_USER_TIMES
-               ThreadPriority                          KPRIORITY       
-               ThreadBasePriority                      KPRIORITY       
-               ThreadAffinityMask                      KAFFINITY       
-               ThreadImpersonationToken                
-               ThreadDescriptorTableEntry              
-               ThreadEnableAlignmentFaultFixup         
-               ThreadEventPair                         
-               ThreadQuerySetWin32StartAddress         
-               ThreadZeroTlsCell                       
-               ThreadPerformanceCount                  
-               ThreadAmILastThread                     BOOLEAN
-               ThreadIdealProcessor                    ULONG
-               ThreadPriorityBoost                     ULONG   
-               MaxThreadInfoClass                      
-               
-
- *        ThreadInformation = Caller supplies torage for the thread information
- *       ThreadInformationLength = Size of the thread information structure
- *        ReturnLength  = Actual number of bytes written
-               
- * REMARK:
- *       This procedure maps to the win32 GetThreadTimes, GetThreadPriority,
-          GetThreadPriorityBoost   functions. 
- * RETURNS: Status
-*/
-
-
-NTSTATUS
-STDCALL
-NtQueryInformationThread(
-       IN HANDLE ThreadHandle,
-       IN THREADINFOCLASS ThreadInformationClass,
-       OUT PVOID ThreadInformation,
-       IN ULONG ThreadInformationLength,
-       OUT PULONG ReturnLength 
-       );
-
-
-NTSTATUS
-STDCALL
-NtQueryInformationToken(
-       IN HANDLE TokenHandle,
-       IN TOKEN_INFORMATION_CLASS TokenInformationClass,
-       OUT PVOID TokenInformation,
-       IN ULONG TokenInformationLength,
-       OUT PULONG ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryInformationToken(
-       IN HANDLE TokenHandle,
-       IN TOKEN_INFORMATION_CLASS TokenInformationClass,
-       OUT PVOID TokenInformation,
-       IN ULONG TokenInformationLength,
-       OUT PULONG ReturnLength
-       );
-
-/*
- * FUNCTION: Query the interval and the clocksource for profiling
- * ARGUMENTS:
-       Interval =   
-        ClockSource = 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtQueryIntervalProfile(
-       OUT PULONG Interval,
-       OUT KPROFILE_SOURCE ClockSource
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryIntervalProfile(
-       OUT PULONG Interval,
-       OUT KPROFILE_SOURCE ClockSource
-       );
-
-
-
-NTSTATUS
-STDCALL
-NtQueryIoCompletion(
-       IN HANDLE CompletionPort,
-       IN ULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PULONG NumberOfBytesTransferred
-       );
-NTSTATUS
-STDCALL
-ZwQueryIoCompletion(
-       IN HANDLE CompletionPort,
-       IN ULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PULONG NumberOfBytesTransferred
-       );
-
-
-/*
- * FUNCTION: Queries the information of a registry key object.
- * ARGUMENTS: 
-       KeyHandle = Handle to a registry key
-       KeyInformationClass = Index to a certain information structure
-       KeyInformation = Caller supplies storage for resulting information
-       Length = Size of the supplied storage 
-       ResultLength = Bytes written
- */
-NTSTATUS
-STDCALL
-NtQueryKey(
-       IN HANDLE KeyHandle,
-       IN KEY_INFORMATION_CLASS KeyInformationClass,
-       OUT PVOID KeyInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryKey(
-       IN HANDLE KeyHandle,
-       IN KEY_INFORMATION_CLASS KeyInformationClass,
-       OUT PVOID KeyInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-
-// draft
-
-NTSTATUS
-STDCALL
-NtQueryMultipleValueKey(
-       IN HANDLE KeyHandle,
-       IN OUT PKEY_VALUE_ENTRY ValueList,
-       IN ULONG NumberOfValues,
-       OUT PVOID Buffer,
-       IN OUT PULONG Length,
-       OUT PULONG ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryMultipleValueKey(
-       IN HANDLE KeyHandle,
-       IN OUT PKEY_VALUE_ENTRY ValueList,
-       IN ULONG NumberOfValues,
-       OUT PVOID Buffer,
-       IN OUT PULONG Length,
-       OUT PULONG ReturnLength
-       );
-
-/*
- * FUNCTION: Queries the information of a mutant object.
- * ARGUMENTS: 
-       MutantHandle = Handle to a mutant
-       MutantInformationClass = Index to a certain information structure
-       MutantInformation = Caller supplies storage for resulting information
-       Length = Size of the supplied storage 
-       ResultLength = Bytes written
- */
-NTSTATUS
-STDCALL
-NtQueryMutant(
-       IN HANDLE MutantHandle,
-       IN CINT MutantInformationClass,
-       OUT PVOID MutantInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryMutant(
-       IN HANDLE MutantHandle,
-       IN CINT MutantInformationClass,
-       OUT PVOID MutantInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-/*
- * FUNCTION: Queries the information of a  object.
- * ARGUMENTS: 
-       ObjectHandle = Handle to a object
-       ObjectInformationClass = Index to a certain information structure
-
-       ObjectBasicInformation          
-       ObjectTypeInformation           OBJECT_TYPE_INFORMATION 
-       ObjectNameInformation           OBJECT_NAME_INFORMATION
-       ObjectDataInformation           OBJECT_DATA_INFORMATION
-
-       ObjectInformation = Caller supplies storage for resulting information
-       Length = Size of the supplied storage 
-       ResultLength = Bytes written
- */
-
-NTSTATUS
-STDCALL
-NtQueryObject(
-       IN HANDLE ObjectHandle,
-       IN CINT ObjectInformationClass,
-       OUT PVOID ObjectInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryObject(
-       IN HANDLE ObjectHandle,
-       IN CINT ObjectInformationClass,
-       OUT PVOID ObjectInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-/*
- * FUNCTION: Queries the system ( high-resolution ) performance counter.
- * ARGUMENTS: 
- *        Counter = Performance counter
- *       Frequency = Performance frequency
- * REMARKS:
-       This procedure queries a tick count faster than 10ms ( The resolution for  IntelĀ®-based CPUs is about 0.8 microseconds.)
-       This procedure maps to the win32 QueryPerformanceCounter, QueryPerformanceFrequency 
- * RETURNS: Status
- *
-*/
-NTSTATUS
-STDCALL
-NtQueryPerformanceCounter(
-       IN PLARGE_INTEGER Counter,
-       IN PLARGE_INTEGER Frequency
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryPerformanceCounter(
-       IN PLARGE_INTEGER Counter,
-       IN PLARGE_INTEGER Frequency
-       );
-/*
- * FUNCTION: Queries the information of a section object.
- * ARGUMENTS: 
- *        SectionHandle = Handle to the section link object
- *       SectionInformationClass = Index to a certain information structure
- *        SectionInformation (OUT)= Caller supplies storage for resulting information
- *        Length =  Size of the supplied storage 
- *        ResultLength = Data written
- * RETURNS: Status
- *
-*/
-NTSTATUS
-STDCALL
-NtQuerySection(
-       IN HANDLE SectionHandle,
-       IN CINT SectionInformationClass,
-       OUT PVOID SectionInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySection(
-       IN HANDLE SectionHandle,
-       IN CINT SectionInformationClass,
-       OUT PVOID SectionInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-NtQuerySecurityObject(
-       IN HANDLE Object,
-       IN CINT SecurityObjectInformationClass,
-       OUT PVOID SecurityObjectInformation,
-       IN ULONG Length,
-       OUT PULONG ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySecurityObject(
-       IN HANDLE Object,
-       IN CINT SecurityObjectInformationClass,
-       OUT PVOID SecurityObjectInformation,
-       IN ULONG Length,
-       OUT PULONG ReturnLength
-       );
-
-
-/*
- * FUNCTION: Queries the information of a semaphore.
- * ARGUMENTS: 
- *        SemaphoreHandle = Handle to the semaphore object
- *        SemaphoreInformationClass = Index to a certain information structure
-
-         SemaphoreBasicInformation     SEMAPHORE_BASIC_INFORMATION
-
- *       SemaphoreInformation = Caller supplies storage for the semaphore information structure
- *       Length = Size of the infomation structure
- */
-NTSTATUS
-STDCALL
-NtQuerySemaphore(
-       IN      HANDLE                          SemaphoreHandle,
-       IN      SEMAPHORE_INFORMATION_CLASS     SemaphoreInformationClass,
-       OUT     PVOID                           SemaphoreInformation,
-       IN      ULONG                           Length,
-       OUT     PULONG                          ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySemaphore(
-       IN      HANDLE                          SemaphoreHandle,
-       IN      SEMAPHORE_INFORMATION_CLASS     SemaphoreInformationClass,
-       OUT     PVOID                           SemaphoreInformation,
-       IN      ULONG                           Length,
-       OUT     PULONG                          ReturnLength
-       );
-
-
-/*
- * FUNCTION: Queries the information of a symbolic link object.
- * ARGUMENTS: 
- *        SymbolicLinkHandle = Handle to the symbolic link object
- *       LinkTarget = resolved name of link
- *        DataWritten = size of the LinkName.
- * RETURNS: Status
- *
-*/
-NTSTATUS
-STDCALL
-NtQuerySymbolicLinkObject(
-       IN HANDLE               SymLinkObjHandle,
-       OUT PUNICODE_STRING     LinkTarget,
-       OUT PULONG              DataWritten OPTIONAL
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySymbolicLinkObject(
-       IN HANDLE               SymLinkObjHandle,
-       OUT PUNICODE_STRING     LinkName,
-       OUT PULONG              DataWritten OPTIONAL
-       ); 
-
-
-/*
- * FUNCTION: Queries a system environment variable.
- * ARGUMENTS: 
- *        Name = Name of the variable
- *       Value (OUT) = value of the variable
- *        Length = size of the buffer
- *        ReturnLength = data written
- * RETURNS: Status
- *
-*/
-NTSTATUS
-STDCALL
-NtQuerySystemEnvironmentValue(
-       IN PUNICODE_STRING Name,
-       OUT PVOID Value,
-       ULONG Length,
-       PULONG ReturnLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySystemEnvironmentValue(
-       IN PUNICODE_STRING Name,
-       OUT PVOID Value,
-       ULONG Length,
-       PULONG ReturnLength
-       );
-
-
-/*
- * FUNCTION: Queries the system information.
- * ARGUMENTS: 
- *        SystemInformationClass = Index to a certain information structure
-
-         SystemTimeAdjustmentInformation       SYSTEM_TIME_ADJUSTMENT
-         SystemCacheInformation                SYSTEM_CACHE_INFORMATION
-         SystemConfigurationInformation        CONFIGURATION_INFORMATION
-
- *       SystemInformation = caller supplies storage for the information structure
- *        Length = size of the structure
-         ResultLength = Data written
- * RETURNS: Status
- *
-*/
-NTSTATUS
-STDCALL
-NtQuerySystemInformation(
-       IN      SYSTEM_INFORMATION_CLASS        SystemInformationClass,
-       OUT     PVOID                           SystemInformation,
-       IN      ULONG                           Length,
-       OUT     PULONG                          ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySystemInformation(
-       IN      SYSTEM_INFORMATION_CLASS        SystemInformationClass,
-       OUT     PVOID                           SystemInformation,
-       IN      ULONG                           Length,
-       OUT     PULONG                          ResultLength
-       );
-
-/*
- * FUNCTION: Retrieves the system time
- * ARGUMENTS: 
- *        CurrentTime (OUT) = Caller should supply storage for the resulting time.
- * RETURNS: Status
- *
-*/
-
-NTSTATUS
-STDCALL
-NtQuerySystemTime (
-       OUT TIME *CurrentTime
-       );
-
-NTSTATUS
-STDCALL
-ZwQuerySystemTime (
-       OUT TIME *CurrentTime
-       );
-
-/*
- * FUNCTION: Queries information about a timer
- * ARGUMENTS: 
- *        TimerHandle  = Handle to the timer
-         TimerValueInformationClass = Index to a certain information structure
-         TimerValueInformation = Caller supplies storage for the information structure
-         Length = Size of the information structure
-         ResultLength = Data written
- * RETURNS: Status
- *
-*/       
-NTSTATUS
-STDCALL
-NtQueryTimer(
-       IN HANDLE TimerHandle,
-       IN CINT TimerInformationClass,
-       OUT PVOID TimerInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-NTSTATUS
-STDCALL
-ZwQueryTimer(
-       IN HANDLE TimerHandle,
-       IN CINT TimerInformationClass,
-       OUT PVOID TimerInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-/*
- * FUNCTION: Queries the timer resolution
- * ARGUMENTS: 
- *        MinimumResolution (OUT) = Caller should supply storage for the resulting time.
-         Maximum Resolution (OUT) = Caller should supply storage for the resulting time.
-         ActualResolution (OUT) = Caller should supply storage for the resulting time.
- * RETURNS: Status
- *
-*/        
-
-
-NTSTATUS
-STDCALL 
-NtQueryTimerResolution ( 
-       OUT PULONG MinimumResolution,
-       OUT PULONG MaximumResolution, 
-       OUT PULONG ActualResolution 
-       ); 
-
-NTSTATUS
-STDCALL 
-ZwQueryTimerResolution ( 
-       OUT PULONG MinimumResolution,
-       OUT PULONG MaximumResolution, 
-       OUT PULONG ActualResolution 
-       ); 
-
-/*
- * FUNCTION: Queries a registry key value
- * ARGUMENTS: 
- *        KeyHandle  = Handle to the registry key
-         ValueName = Name of the value in the registry key
-         KeyValueInformationClass = Index to a certain information structure
-
-               KeyValueBasicInformation = KEY_VALUE_BASIC_INFORMATION
-               KeyValueFullInformation = KEY_FULL_INFORMATION
-               KeyValuePartialInformation = KEY_VALUE_PARTIAL_INFORMATION
-
-         KeyValueInformation = Caller supplies storage for the information structure
-         Length = Size of the information structure
-         ResultLength = Data written
- * RETURNS: Status
- *
-*/       
-NTSTATUS
-STDCALL
-NtQueryValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName,
-       IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
-       OUT PVOID KeyValueInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName,
-       IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
-       OUT PVOID KeyValueInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-
-
-
-/*
- * FUNCTION: Queries the virtual memory information.
- * ARGUMENTS: 
-         ProcessHandle = Process owning the virtual address space
-         BaseAddress = Points to the page where the information is queried for. 
- *        VirtualMemoryInformationClass = Index to a certain information structure
-
-         MemoryBasicInformation                MEMORY_BASIC_INFORMATION
-
- *       VirtualMemoryInformation = caller supplies storage for the information structure
- *        Length = size of the structure
-         ResultLength = Data written
- * RETURNS: Status
- *
-*/
-
-NTSTATUS
-STDCALL
-NtQueryVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID Address,
-       IN IN CINT VirtualMemoryInformationClass,
-       OUT PVOID VirtualMemoryInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-NTSTATUS
-STDCALL
-ZwQueryVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID Address,
-       IN IN CINT VirtualMemoryInformationClass,
-       OUT PVOID VirtualMemoryInformation,
-       IN ULONG Length,
-       OUT PULONG ResultLength
-       );
-
-/*
- * FUNCTION: Queries the volume information
- * ARGUMENTS: 
- *       FileHandle  = Handle to a file object on the target volume
- *       IoStatusBlock = Caller should supply storage for additional status information
- *       ReturnLength = DataWritten
- *       FsInformation = Caller should supply storage for the information structure.
- *       Length = Size of the information structure
- *       FsInformationClass = Index to a information structure
-
-               FileFsVolumeInformation         FILE_FS_VOLUME_INFORMATION
-               FileFsLabelInformation          FILE_FS_LABEL_INFORMATION       
-               FileFsSizeInformation           FILE_FS_SIZE_INFORMATION
-               FileFsDeviceInformation         FILE_FS_DEVICE_INFORMATION
-               FileFsAttributeInformation      FILE_FS_ATTRIBUTE_INFORMATION
-               FileFsControlInformation        
-               FileFsQuotaQueryInformation     --
-               FileFsQuotaSetInformation       --
-               FileFsMaximumInformation        
-
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_INSUFFICIENT_RESOURCES | STATUS_INVALID_PARAMETER |
-                STATUS_INVALID_DEVICE_REQUEST | STATUS_BUFFER_OVERFLOW ]
- *
-*/
-NTSTATUS
-STDCALL
-NtQueryVolumeInformationFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID FsInformation,
-       IN ULONG Length,
-       IN FS_INFORMATION_CLASS FsInformationClass 
-       );
-
-NTSTATUS
-STDCALL
-ZwQueryVolumeInformationFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID FsInformation,
-       IN ULONG Length,
-       IN FS_INFORMATION_CLASS FsInformationClass
-       );
-// draft
-// FIXME: Should I specify if the apc is user or kernel mode somewhere ??
-/*
- * FUNCTION: Queues a (user) apc to a thread.
- * ARGUMENTS: 
-         ThreadHandle = Thread to which the apc is queued.
-         ApcRoutine = Points to the apc routine
-         NormalContext = Argument to Apc Routine
- *        SystemArgument1 = Argument of the Apc Routine
-         SystemArgument2 = Argument of the Apc Routine
- * REMARK: If the apc is queued against a thread of a different process than the calling thread
-               the apc routine should be specified in the address space of the queued thread's process.
- * RETURNS: Status
-*/
-
-NTSTATUS
-STDCALL
-NtQueueApcThread(
-       HANDLE ThreadHandle,
-       PKNORMAL_ROUTINE ApcRoutine,
-       PVOID NormalContext,
-       PVOID SystemArgument1,
-       PVOID SystemArgument2);
-
-NTSTATUS
-STDCALL
-ZwQueueApcThread(
-       HANDLE ThreadHandle,
-       PKNORMAL_ROUTINE ApcRoutine,
-       PVOID NormalContext,
-       PVOID SystemArgument1,
-       PVOID SystemArgument2);
-
-
-/*
- * FUNCTION: Raises an exception
- * ARGUMENTS:
- *       ExceptionRecord = Structure specifying the exception
- *       Context = Context in which the excpetion is raised 
- *       IsDebugger = 
- * RETURNS: Status
- *
-*/
-
-NTSTATUS
-STDCALL
-NtRaiseException(
-       IN PEXCEPTION_RECORD ExceptionRecord,
-       IN PCONTEXT Context,
-       IN BOOLEAN SearchFrames
-       );
-
-NTSTATUS
-STDCALL
-ZwRaiseException(
-       IN PEXCEPTION_RECORD ExceptionRecord,
-       IN PCONTEXT Context,
-       IN BOOLEAN SearchFrames
-       );
-
-/*
- * FUNCTION: Raises a hard error (stops the system)
- * ARGUMENTS:
- *       Status = Status code of the hard error
- *       Unknown2 = ??
- *       Unknown3 = ??
- *       Unknown4 = ??
- *       Unknown5 = ??
- *       Unknown6 = ??
- * RETURNS: Status
- *
- */
-
-NTSTATUS
-STDCALL
-NtRaiseHardError(
-       IN NTSTATUS Status,
-       ULONG Unknown2,
-       ULONG Unknown3,
-       ULONG Unknown4,
-       ULONG Unknown5,
-       ULONG Unknown6
-       );
-
-NTSTATUS
-STDCALL
-ZwRaiseHardError(
-       IN NTSTATUS Status,
-       ULONG Unknown2,
-       ULONG Unknown3,
-       ULONG Unknown4,
-       ULONG Unknown5,
-       ULONG Unknown6
-       );
-
-/*
- * FUNCTION: Read a file
- * ARGUMENTS:
- *       FileHandle = Handle of a file to read
- *       Event = This event is signalled when the read operation completes
- *       UserApcRoutine = Call back , if supplied Event should be NULL
- *       UserApcContext = Argument to the callback
- *       IoStatusBlock = Caller should supply storage for additional status information
- *       Buffer = Caller should supply storage to receive the information
- *       BufferLength = Size of the buffer
- *       ByteOffset = Offset to start reading the file
- *       Key = If a range is lock a matching key will allow the read to continue.
- * RETURNS: Status
- *
- */
-
-NTSTATUS
-STDCALL
-NtReadFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
-       IN PVOID UserApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG BufferLength,
-       IN PLARGE_INTEGER ByteOffset OPTIONAL,
-       IN PULONG Key OPTIONAL  
-       );
-
-NTSTATUS
-STDCALL
-ZwReadFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL,
-       IN PVOID UserApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PVOID Buffer,
-       IN ULONG BufferLength,
-       IN PLARGE_INTEGER ByteOffset OPTIONAL,
-       IN PULONG Key OPTIONAL  
-       );
-/*
- * FUNCTION: Read a file using scattered io
- * ARGUMENTS: 
-         FileHandle = Handle of a file to read
-         Event = This event is signalled when the read operation completes
- *        UserApcRoutine = Call back , if supplied Event should be NULL
-         UserApcContext = Argument to the callback
-         IoStatusBlock = Caller should supply storage for additional status information
-         BufferDescription = Caller should supply storage to receive the information
-         BufferLength = Size of the buffer
-         ByteOffset = Offset to start reading the file
-         Key =  Key = If a range is lock a matching key will allow the read to continue.
- * RETURNS: Status
- *
-*/       
-NTSTATUS
-STDCALL
-NtReadFileScatter( 
-       IN HANDLE FileHandle, 
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, 
-       IN  PVOID UserApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK UserIoStatusBlock, 
-       IN FILE_SEGMENT_ELEMENT BufferDescription[], 
-       IN ULONG BufferLength, 
-       IN PLARGE_INTEGER ByteOffset, 
-       IN PULONG Key OPTIONAL  
-       ); 
-
-NTSTATUS
-STDCALL
-ZwReadFileScatter( 
-       IN HANDLE FileHandle, 
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, 
-       IN  PVOID UserApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK UserIoStatusBlock, 
-       IN FILE_SEGMENT_ELEMENT BufferDescription[], 
-       IN ULONG BufferLength, 
-       IN PLARGE_INTEGER ByteOffset, 
-       IN PULONG Key OPTIONAL  
-       ); 
-/*
- * FUNCTION: Copies a range of virtual memory to a buffer
- * ARGUMENTS: 
- *       ProcessHandle = Specifies the process owning the virtual address space
- *       BaseAddress =  Points to the address of virtual memory to start the read
- *       Buffer = Caller supplies storage to copy the virtual memory to.
- *       NumberOfBytesToRead = Limits the range to read
- *       NumberOfBytesRead = The actual number of bytes read.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtReadVirtualMemory( 
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       OUT PVOID Buffer,
-       IN ULONG  NumberOfBytesToRead,
-       OUT PULONG NumberOfBytesRead
-       ); 
-NTSTATUS
-STDCALL
-ZwReadVirtualMemory( 
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       OUT PVOID Buffer,
-       IN ULONG  NumberOfBytesToRead,
-       OUT PULONG NumberOfBytesRead
-       );      
-       
-
-/*
- * FUNCTION: Debugger can register for thread termination
- * ARGUMENTS: 
- *       TerminationPort = Port on which the debugger likes to be notified.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL        
-NtRegisterThreadTerminatePort(
-       HANDLE TerminationPort
-       );
-NTSTATUS
-STDCALL        
-ZwRegisterThreadTerminatePort(
-       HANDLE TerminationPort
-       );
-
-/*
- * FUNCTION: Releases a mutant
- * ARGUMENTS: 
- *       MutantHandle = Handle to the mutant
- *       ReleaseCount = 
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL        
-NtReleaseMutant(
-       IN HANDLE MutantHandle,
-       IN PULONG ReleaseCount OPTIONAL
-       );
-
-NTSTATUS
-STDCALL        
-ZwReleaseMutant(
-       IN HANDLE MutantHandle,
-       IN PULONG ReleaseCount OPTIONAL
-       );
-
-/*
- * FUNCTION: Releases a semaphore
- * ARGUMENTS: 
- *       SemaphoreHandle = Handle to the semaphore object
- *       ReleaseCount = Number to decrease the semaphore count
- *       PreviousCount = Previous semaphore count
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtReleaseSemaphore(
-       IN      HANDLE  SemaphoreHandle,
-       IN      LONG    ReleaseCount,
-       OUT     PLONG   PreviousCount
-       );
-
-NTSTATUS
-STDCALL
-ZwReleaseSemaphore(
-       IN      HANDLE  SemaphoreHandle,
-       IN      LONG    ReleaseCount,
-       OUT     PLONG   PreviousCount
-       );
-
-/*
- * FUNCTION: Removes an io completion
- * ARGUMENTS:
- *        CompletionPort (OUT) = Caller supplied storage for the resulting handle
- *        CompletionKey = Requested access to the key
- *        IoStatusBlock = Caller provides storage for extended status information
- *        CompletionStatus = Current status of the io operation.
- *        WaitTime = Time to wait if ..
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtRemoveIoCompletion(
-       IN HANDLE CompletionPort,
-       OUT PULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PULONG CompletionStatus,
-       IN PLARGE_INTEGER WaitTime 
-       );
-
-NTSTATUS
-STDCALL
-ZwRemoveIoCompletion(
-       IN HANDLE CompletionPort,
-       OUT PULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       OUT PULONG CompletionStatus,
-       IN PLARGE_INTEGER WaitTime 
-       );
-/*
- * FUNCTION: Replaces one registry key with another
- * ARGUMENTS: 
- *       ObjectAttributes = Specifies the attributes of the key
- *       Key =  Handle to the key
- *       ReplacedObjectAttributes = The function returns the old object attributes
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtReplaceKey(
-       IN POBJECT_ATTRIBUTES ObjectAttributes, 
-       IN HANDLE Key,
-       IN POBJECT_ATTRIBUTES ReplacedObjectAttributes 
-       );
-NTSTATUS
-STDCALL
-ZwReplaceKey(
-       IN POBJECT_ATTRIBUTES ObjectAttributes, 
-       IN HANDLE Key,
-       IN POBJECT_ATTRIBUTES ReplacedObjectAttributes 
-       );
-
-/*
- * FUNCTION: Resets a event to a non signaled state 
- * ARGUMENTS: 
- *       EventHandle = Handle to the event that should be reset
- *       NumberOfWaitingThreads =  The number of threads released.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtResetEvent(
-       HANDLE EventHandle,
-       PULONG NumberOfWaitingThreads OPTIONAL
-       );
-NTSTATUS
-STDCALL
-ZwResetEvent(
-       HANDLE EventHandle,
-       PULONG NumberOfWaitingThreads OPTIONAL
-       );
-//draft
-NTSTATUS
-STDCALL
-NtRestoreKey(
-       HANDLE KeyHandle,
-       HANDLE FileHandle,
-       ULONG RestoreFlags
-       );
-
-NTSTATUS
-STDCALL
-ZwRestoreKey(
-       HANDLE KeyHandle,
-       HANDLE FileHandle,
-       ULONG RestoreFlags
-       );
-/*
- * FUNCTION: Decrements a thread's resume count
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread that should be resumed
- *        ResumeCount =  The resulting resume count.
- * REMARK:
- *       A thread is resumed if its suspend count is 0. This procedure maps to
- *        the win32 ResumeThread function. ( documentation about the the suspend count can be found here aswell )
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtResumeThread(
-       IN HANDLE ThreadHandle,
-       OUT PULONG SuspendCount
-       );
-NTSTATUS
-STDCALL
-ZwResumeThread(
-       IN HANDLE ThreadHandle,
-       OUT PULONG SuspendCount
-       );
-/*
- * FUNCTION: Writes the content of a registry key to ascii file
- * ARGUMENTS: 
- *        KeyHandle = Handle to the key
- *        FileHandle =  Handle of the file
- * REMARKS:
-         This function maps to the Win32 RegSaveKey.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtSaveKey(
-       IN HANDLE KeyHandle,
-       IN HANDLE FileHandle
-       );
-NTSTATUS
-STDCALL
-ZwSaveKey(
-       IN HANDLE KeyHandle,
-       IN HANDLE FileHandle
-       );
-
-/*
- * FUNCTION: Sets the context of a specified thread.
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread
- *        Context =  The processor context.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtSetContextThread(
-       IN HANDLE ThreadHandle,
-       IN PCONTEXT Context
-       );
-NTSTATUS
-STDCALL
-ZwSetContextThread(
-       IN HANDLE ThreadHandle,
-       IN PCONTEXT Context
-       );
-
-/*
- * FUNCTION: Sets the default locale id
- * ARGUMENTS:
- *        UserProfile = Type of locale id
- *              TRUE: thread locale id
- *              FALSE: system locale id
- *        DefaultLocaleId = Locale id
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtSetDefaultLocale(
-       IN BOOLEAN UserProfile,
-       IN LCID DefaultLocaleId
-       );
-
-NTSTATUS
-STDCALL
-ZwSetDefaultLocale(
-       IN BOOLEAN UserProfile,
-       IN LCID DefaultLocaleId
-       );
-
-/*
- * FUNCTION: Sets the default hard error port
- * ARGUMENTS:
- *        PortHandle = Handle to the port
- * NOTE: The hard error port is used for first change exception handling
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtSetDefaultHardErrorPort(
-       IN HANDLE PortHandle
-       );
-NTSTATUS
-STDCALL
-ZwSetDefaultHardErrorPort(
-       IN HANDLE PortHandle
-       );
-
-/*
- * FUNCTION: Sets the extended attributes of a file.
- * ARGUMENTS:
- *        FileHandle = Handle to the file
- *        IoStatusBlock = Storage for a resulting status and information
- *                        on the current operation.
- *        EaBuffer = Extended Attributes buffer.
- *        EaBufferSize = Size of the extended attributes buffer
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtSetEaFile(
-       IN HANDLE FileHandle,
-       IN PIO_STATUS_BLOCK IoStatusBlock,
-       PVOID EaBuffer,
-       ULONG EaBufferSize
-       );
-NTSTATUS
-STDCALL
-ZwSetEaFile(
-       IN HANDLE FileHandle,
-       IN PIO_STATUS_BLOCK IoStatusBlock,
-       PVOID EaBuffer,
-       ULONG EaBufferSize
-       );
-
-//FIXME: should I return the event state ?
-
-/*
- * FUNCTION: Sets the  event to a signalled state.
- * ARGUMENTS: 
- *        EventHandle = Handle to the event
- *        NumberOfThreadsReleased =  The number of threads released
- * REMARK:
- *       This procedure maps to the win32 SetEvent function. 
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtSetEvent(
-       IN HANDLE EventHandle,
-       PULONG NumberOfThreadsReleased
-       );
-
-NTSTATUS
-STDCALL
-ZwSetEvent(
-       IN HANDLE EventHandle,
-       PULONG NumberOfThreadsReleased
-       );
-
-/*
- * FUNCTION: Sets the high part of an event pair
- * ARGUMENTS: 
-       EventPair = Handle to the event pair
- * RETURNS: Status
-*/
-
-NTSTATUS
-STDCALL
-NtSetHighEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwSetHighEventPair(
-       IN HANDLE EventPairHandle
-       );
-/*
- * FUNCTION: Sets the high part of an event pair and wait for the low part
- * ARGUMENTS: 
-       EventPair = Handle to the event pair
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetHighWaitLowEventPair(
-       IN HANDLE EventPairHandle
-       );
-NTSTATUS
-STDCALL
-ZwSetHighWaitLowEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-/*
- * FUNCTION: Sets the information of a file object.
- * ARGUMENTS: 
- *        FileHandle = Handle to the file object
- *       IoStatusBlock = Caller supplies storage for extended information 
- *                        on the current operation.
- *        FileInformation = Storage for the new file information
- *        Lenght = Size of the new file information.
- *        FileInformationClass = Indicates to a certain information structure
-        
-         FileNameInformation                   FILE_NAME_INFORMATION
-         FileRenameInformation                 FILE_RENAME_INFORMATION
-         FileStreamInformation                 FILE_STREAM_INFORMATION
- *       FileCompletionInformation             IO_COMPLETION_CONTEXT
-
- * REMARK:
- *       This procedure maps to the win32 SetEndOfFile, SetFileAttributes, 
- *       SetNamedPipeHandleState, SetMailslotInfo functions. 
- * RETURNS: Status
- */
-
-
-NTSTATUS
-STDCALL
-NtSetInformationFile(
-       IN      HANDLE                  FileHandle,
-       IN      PIO_STATUS_BLOCK        IoStatusBlock,
-       IN      PVOID                   FileInformation,
-       IN      ULONG                   Length,
-       IN      FILE_INFORMATION_CLASS  FileInformationClass
-       );
-NTSTATUS
-STDCALL
-ZwSetInformationFile(
-       IN      HANDLE                  FileHandle,
-       IN      PIO_STATUS_BLOCK        IoStatusBlock,
-       IN      PVOID                   FileInformation,
-       IN      ULONG                   Length,
-       IN      FILE_INFORMATION_CLASS  FileInformationClass
-       );
-
-
-
-/*
- * FUNCTION: Sets the information of a registry key.
- * ARGUMENTS: 
- *       KeyHandle = Handle to the registry key
- *       KeyInformationClass =  Index to the a certain information structure.
-                       Can be one of the following values:
-
- *      KeyWriteTimeInformation  KEY_WRITE_TIME_INFORMATION
-
-        KeyInformation = Storage for the new information
- *       KeyInformationLength = Size of the information strucure
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtSetInformationKey(
-       IN HANDLE KeyHandle,
-       IN CINT KeyInformationClass,
-       IN PVOID KeyInformation,
-       IN ULONG KeyInformationLength
-       );
-
-NTSTATUS
-STDCALL
-ZwSetInformationKey(
-       IN HANDLE KeyHandle,
-       IN CINT KeyInformationClass,
-       IN PVOID KeyInformation,
-       IN ULONG KeyInformationLength
-       );
-/*
- * FUNCTION: Changes a set of object specific parameters
- * ARGUMENTS: 
- *      ObjectHandle = 
- *     ObjectInformationClass = Index to the set of parameters to change. 
-
-                       
-       ObjectBasicInformation          
-       ObjectTypeInformation           OBJECT_TYPE_INFORMATION 
-       ObjectAllInformation            
-       ObjectDataInformation           OBJECT_DATA_INFORMATION
-       ObjectNameInformation           OBJECT_NAME_INFORMATION 
-
-
- *      ObjectInformation = Caller supplies storage for parameters to set.
- *      Length = Size of the storage supplied
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetInformationObject(
-       IN HANDLE ObjectHandle,
-       IN CINT ObjectInformationClass,
-       IN PVOID ObjectInformation,
-       IN ULONG Length 
-       );
-
-NTSTATUS
-STDCALL
-ZwSetInformationObject(
-       IN HANDLE ObjectHandle,
-       IN CINT ObjectInformationClass,
-       IN PVOID ObjectInformation,
-       IN ULONG Length 
-       );
-
-/*
- * FUNCTION: Changes a set of process specific parameters
- * ARGUMENTS: 
- *      ProcessHandle = Handle to the process
- *     ProcessInformationClass = Index to a information structure. 
- *
- *     ProcessBasicInformation                 PROCESS_BASIC_INFORMATION
- *     ProcessQuotaLimits                      QUOTA_LIMITS
- *     ProcessBasePriority                     KPRIORITY
- *     ProcessRaisePriority                    KPRIORITY 
- *     ProcessDebugPort                        HANDLE
- *     ProcessExceptionPort                    HANDLE  
- *     ProcessAccessToken                      PROCESS_ACCESS_TOKEN    
- *     ProcessDefaultHardErrorMode             ULONG
- *     ProcessPriorityClass                    ULONG
- *     ProcessAffinityMask                     KAFFINITY //??
- *
- *      ProcessInformation = Caller supplies storage for information to set.
- *      ProcessInformationLength = Size of the information structure
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetInformationProcess(
-       IN HANDLE ProcessHandle,
-       IN CINT ProcessInformationClass,
-       IN PVOID ProcessInformation,
-       IN ULONG ProcessInformationLength
-       );
-NTSTATUS
-STDCALL
-ZwSetInformationProcess(
-       IN HANDLE ProcessHandle,
-       IN CINT ProcessInformationClass,
-       IN PVOID ProcessInformation,
-       IN ULONG ProcessInformationLength
-       );
-/*
- * FUNCTION: Changes a set of thread specific parameters
- * ARGUMENTS: 
- *      ThreadHandle = Handle to the thread
- *     ThreadInformationClass = Index to the set of parameters to change. 
- *     Can be one of the following values:
- *
- *     ThreadBasicInformation                  THREAD_BASIC_INFORMATION
- *     ThreadPriority                          KPRIORITY //???
- *     ThreadBasePriority                      KPRIORITY
- *     ThreadAffinityMask                      KAFFINITY //??
- *      ThreadImpersonationToken               ACCESS_TOKEN
- *     ThreadIdealProcessor                    ULONG
- *     ThreadPriorityBoost                     ULONG
- *
- *      ThreadInformation = Caller supplies storage for parameters to set.
- *      ThreadInformationLength = Size of the storage supplied
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetInformationThread(
-       IN HANDLE ThreadHandle,
-       IN THREADINFOCLASS ThreadInformationClass,
-       IN PVOID ThreadInformation,
-       IN ULONG ThreadInformationLength
-       );
-NTSTATUS
-STDCALL
-ZwSetInformationThread(
-       IN HANDLE ThreadHandle,
-       IN THREADINFOCLASS ThreadInformationClass,
-       IN PVOID ThreadInformation,
-       IN ULONG ThreadInformationLength
-       );
-
-/*
- * FUNCTION: Changes a set of token specific parameters
- * ARGUMENTS: 
- *      TokenHandle = Handle to the token
- *     TokenInformationClass = Index to a certain information structure. 
- *     Can be one of the following values:
- *
-               TokenUser               TOKEN_USER 
-               TokenGroups             TOKEN_GROUPS
-               TokenPrivileges         TOKEN_PRIVILEGES
-               TokenOwner              TOKEN_OWNER
-               TokenPrimaryGroup       TOKEN_PRIMARY_GROUP
-               TokenDefaultDacl        TOKEN_DEFAULT_DACL
-               TokenSource             TOKEN_SOURCE
-               TokenType               TOKEN_TYPE
-               TokenImpersonationLevel TOKEN_IMPERSONATION_LEVEL
-               TokenStatistics         TOKEN_STATISTICS
- *
- *      TokenInformation = Caller supplies storage for information structure.
- *      TokenInformationLength = Size of the information structure
- * RETURNS: Status
-*/
-
-NTSTATUS
-STDCALL
-NtSetInformationToken(
-       IN HANDLE TokenHandle,            
-       IN TOKEN_INFORMATION_CLASS TokenInformationClass,
-       OUT PVOID TokenInformation,       
-       IN ULONG TokenInformationLength   
-       );
-
-NTSTATUS
-STDCALL
-ZwSetInformationToken(
-       IN HANDLE TokenHandle,            
-       IN TOKEN_INFORMATION_CLASS TokenInformationClass,
-       OUT PVOID TokenInformation,       
-       IN ULONG TokenInformationLength   
-       );
-
-
-/*
- * FUNCTION: Sets an io completion
- * ARGUMENTS: 
- *      CompletionPort = 
- *     CompletionKey = 
- *      IoStatusBlock =
- *      NumberOfBytesToTransfer =
- *      NumberOfBytesTransferred =
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetIoCompletion(
-       IN HANDLE CompletionPort,
-       IN ULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG NumberOfBytesToTransfer, 
-       OUT PULONG NumberOfBytesTransferred
-       );
-NTSTATUS
-STDCALL
-ZwSetIoCompletion(
-       IN HANDLE CompletionPort,
-       IN ULONG CompletionKey,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN ULONG NumberOfBytesToTransfer, 
-       OUT PULONG NumberOfBytesTransferred
-       );
-
-/*
- * FUNCTION: Set properties for profiling
- * ARGUMENTS: 
- *      Interval = 
- *     ClockSource = 
- * RETURNS: Status
- *
- */
-
-NTSTATUS 
-STDCALL
-NtSetIntervalProfile(
-       ULONG Interval,
-       KPROFILE_SOURCE ClockSource
-       );
-
-NTSTATUS 
-STDCALL
-ZwSetIntervalProfile(
-       ULONG Interval,
-       KPROFILE_SOURCE ClockSource
-       );
-
-
-/*
- * FUNCTION: Sets the low part of an event pair
- * ARGUMENTS: 
-       EventPair = Handle to the event pair
- * RETURNS: Status
-*/
-
-NTSTATUS
-STDCALL
-NtSetLowEventPair(
-       HANDLE EventPair
-       );
-NTSTATUS
-STDCALL
-ZwSetLowEventPair(
-       HANDLE EventPair
-       );
-/*
- * FUNCTION: Sets the low part of an event pair and wait for the high part
- * ARGUMENTS: 
-       EventPair = Handle to the event pair
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetLowWaitHighEventPair(
-       HANDLE EventPair
-       );
-NTSTATUS
-STDCALL
-ZwSetLowWaitHighEventPair(
-       HANDLE EventPair
-       );
-
-NTSTATUS
-STDCALL
-NtSetSecurityObject(
-       IN HANDLE Handle, 
-       IN SECURITY_INFORMATION SecurityInformation, 
-       IN PSECURITY_DESCRIPTOR SecurityDescriptor 
-       ); 
-
-NTSTATUS
-STDCALL
-ZwSetSecurityObject(
-       IN HANDLE Handle, 
-       IN SECURITY_INFORMATION SecurityInformation, 
-       IN PSECURITY_DESCRIPTOR SecurityDescriptor 
-       ); 
-
-
-/*
- * FUNCTION: Sets a system environment variable
- * ARGUMENTS: 
- *      ValueName = Name of the environment variable
- *     Value = Value of the environment variable
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetSystemEnvironmentValue(
-       IN PUNICODE_STRING VariableName,
-       IN PUNICODE_STRING Value
-       );
-NTSTATUS
-STDCALL
-ZwSetSystemEnvironmentValue(
-       IN PUNICODE_STRING VariableName,
-       IN PUNICODE_STRING Value
-       );
-/*
- * FUNCTION: Sets system parameters
- * ARGUMENTS: 
- *      SystemInformationClass = Index to a particular set of system parameters
- *                     Can be one of the following values:
- *
- *     SystemTimeAdjustmentInformation         SYSTEM_TIME_ADJUSTMENT
- *
- *     SystemInformation = Structure containing the parameters.
- *      SystemInformationLength = Size of the structure.
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetSystemInformation(
-       IN      SYSTEM_INFORMATION_CLASS        SystemInformationClass,
-       IN      PVOID                           SystemInformation,
-       IN      ULONG                           SystemInformationLength
-       );
-
-NTSTATUS
-STDCALL
-ZwSetSystemInformation(
-       IN      SYSTEM_INFORMATION_CLASS        SystemInformationClass,
-       IN      PVOID                           SystemInformation,
-       IN      ULONG                           SystemInformationLength
-       );
-
-/*
- * FUNCTION: Sets the system time
- * ARGUMENTS: 
- *      SystemTime = Old System time
- *     NewSystemTime = New System time
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetSystemTime(
-       IN PLARGE_INTEGER SystemTime,
-       IN PLARGE_INTEGER NewSystemTime OPTIONAL
-       );
-NTSTATUS
-STDCALL
-ZwSetSystemTime(
-       IN PLARGE_INTEGER SystemTime,
-       IN PLARGE_INTEGER NewSystemTime OPTIONAL
-       );
-/*
- * FUNCTION: Sets the characteristics of a timer
- * ARGUMENTS: 
- *      TimerHandle = Handle to the timer
- *     DueTime = Time before the timer becomes signalled for the first time.
- *      TimerApcRoutine = Completion routine can be called on time completion
- *      TimerContext = Argument to the completion routine
- *      Resume = Specifies if the timer should repeated after completing one cycle
- *      Period = Cycle of the timer
- * REMARKS: This routine maps to the win32 SetWaitableTimer.
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetTimer(
-       IN HANDLE TimerHandle,
-       IN PLARGE_INTEGER DueTime,
-       IN PTIMERAPCROUTINE TimerApcRoutine,
-       IN PVOID TimerContext,
-       IN BOOL WakeTimer,
-       IN ULONG Period OPTIONAL,
-       OUT PBOOLEAN PreviousState OPTIONAL
-       );
-NTSTATUS
-STDCALL
-ZwSetTimer(
-       IN HANDLE TimerHandle,
-       IN PLARGE_INTEGER DueTime,
-       IN PTIMERAPCROUTINE TimerApcRoutine,
-       IN PVOID TimerContext,
-       IN BOOL WakeTimer,
-       IN ULONG Period OPTIONAL,
-       OUT PBOOLEAN PreviousState OPTIONAL
-       );
-
-/*
- * FUNCTION: Sets the frequency of the system timer
- * ARGUMENTS: 
- *      RequestedResolution = 
- *     SetOrUnset = 
- *      ActualResolution = 
- * RETURNS: Status
-*/
-NTSTATUS
-STDCALL
-NtSetTimerResolution(
-       IN ULONG RequestedResolution,
-       IN BOOL SetOrUnset,
-       OUT PULONG ActualResolution
-       );
-NTSTATUS
-STDCALL
-ZwSetTimerResolution(
-       IN ULONG RequestedResolution,
-       IN BOOL SetOrUnset,
-       OUT PULONG ActualResolution
-       );
-
-/*
- * FUNCTION: Sets the value of a registry key
- * ARGUMENTS: 
- *      KeyHandle = Handle to a registry key
- *     ValueName = Name of the value entry to change
- *     TitleIndex = pointer to a structure containing the new volume information
- *      Type = Type of the registry key. Can be one of the values:
- *             REG_BINARY                      Unspecified binary data
- *             REG_DWORD                       A 32 bit value
- *             REG_DWORD_LITTLE_ENDIAN         Same as REG_DWORD
- *             REG_DWORD_BIG_ENDIAN            A 32 bit value whose least significant byte is at the highest address
- *             REG_EXPAND_SZ                   A zero terminated wide character string with unexpanded environment variables  ( "%PATH%" )
- *             REG_LINK                        A zero terminated wide character string referring to a symbolic link.
- *             REG_MULTI_SZ                    A series of zero-terminated strings including a additional trailing zero
- *             REG_NONE                        Unspecified type
- *             REG_SZ                          A wide character string ( zero terminated )
- *             REG_RESOURCE_LIST               ??
- *             REG_RESOURCE_REQUIREMENTS_LIST  ??
- *             REG_FULL_RESOURCE_DESCRIPTOR    ??
- *      Data = Contains the data for the registry key.
- *     DataSize = size of the data.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtSetValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName,
-       IN ULONG TitleIndex OPTIONAL,
-       IN ULONG Type,
-       IN PVOID Data,
-       IN ULONG DataSize
-       );
-NTSTATUS
-STDCALL
-ZwSetValueKey(
-       IN HANDLE KeyHandle,
-       IN PUNICODE_STRING ValueName,
-       IN ULONG TitleIndex OPTIONAL,
-       IN ULONG Type,
-       IN PVOID Data,
-       IN ULONG DataSize
-       );
-
-/*
- * FUNCTION: Sets the volume information.
- * ARGUMENTS:
- *     FileHandle = Handle to the file
- *     IoStatusBlock = Caller should supply storage for additional status information
- *     VolumeInformation = pointer to a structure containing the new volume information
- *     Length = size of the structure.
- *     VolumeInformationClass = specifies the particular volume information to set
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtSetVolumeInformationFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PVOID FsInformation,
-       IN ULONG Length,
-       IN FS_INFORMATION_CLASS FsInformationClass
-       );
-
-NTSTATUS
-STDCALL
-ZwSetVolumeInformationFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PVOID FsInformation,
-       IN ULONG Length,
-       IN FS_INFORMATION_CLASS FsInformationClass
-       );
-
-/*
- * FUNCTION: Shuts the system down
- * ARGUMENTS:
- *        Action = Specifies the type of shutdown, it can be one of the following values:
- *              ShutdownNoReboot, ShutdownReboot, ShutdownPowerOff
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtShutdownSystem(
-       IN SHUTDOWN_ACTION Action
-       );
-
-NTSTATUS
-STDCALL
-ZwShutdownSystem(
-       IN SHUTDOWN_ACTION Action
-       );
-
-
-/* --- PROFILING --- */
-
-/*
- * FUNCTION: Starts profiling
- * ARGUMENTS: 
- *       ProfileHandle = Handle to the profile
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtStartProfile(
-       HANDLE ProfileHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwStartProfile(
-       HANDLE ProfileHandle
-       );
-
-/*
- * FUNCTION: Stops profiling
- * ARGUMENTS: 
- *       ProfileHandle = Handle to the profile
- * RETURNS: Status    
- */
-
-NTSTATUS
-STDCALL
-NtStopProfile(
-       HANDLE ProfileHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwStopProfile(
-       HANDLE ProfileHandle
-       );
-
-/* --- PROCESS MANAGEMENT --- */
-
-//--NtSystemDebugControl
-/*
- * FUNCTION: Terminates the execution of a process. 
- * ARGUMENTS: 
- *      ThreadHandle = Handle to the process
- *      ExitStatus  = The exit status of the process to terminate with.
- * REMARKS
-       Native applications should kill themselves using this function.
- * RETURNS: Status
- */    
-NTSTATUS 
-STDCALL 
-NtTerminateProcess(
-       IN HANDLE ProcessHandle ,
-       IN NTSTATUS ExitStatus
-       );
-NTSTATUS 
-STDCALL 
-ZwTerminateProcess(
-       IN HANDLE ProcessHandle ,
-       IN NTSTATUS ExitStatus
-       );
-
-/* --- DEVICE DRIVER CONTROL --- */
-
-/*
- * FUNCTION: Unloads a driver. 
- * ARGUMENTS: 
- *      DriverServiceName = Name of the driver to unload
- * RETURNS: Status
- */    
-NTSTATUS 
-STDCALL
-NtUnloadDriver(
-       IN PUNICODE_STRING DriverServiceName
-       );
-NTSTATUS 
-STDCALL
-ZwUnloadDriver(
-       IN PUNICODE_STRING DriverServiceName
-       );
-
-/* --- VIRTUAL MEMORY MANAGEMENT --- */
-
-/*
- * FUNCTION: Writes a range of virtual memory
- * ARGUMENTS: 
- *       ProcessHandle = The handle to the process owning the address space.
- *       BaseAddress  = The points to the address to  write to
- *       Buffer = Pointer to the buffer to write
- *       NumberOfBytesToWrite = Offset to the upper boundary to write
- *       NumberOfBytesWritten = Total bytes written
- * REMARKS:
- *      This function maps to the win32 WriteProcessMemory
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL 
-NtWriteVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID  BaseAddress,
-       IN PVOID Buffer,
-       IN ULONG NumberOfBytesToWrite,
-       OUT PULONG NumberOfBytesWritten
-       );
-
-NTSTATUS
-STDCALL 
-ZwWriteVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID  BaseAddress,
-       IN PVOID Buffer,
-       IN ULONG NumberOfBytesToWrite,
-       OUT PULONG NumberOfBytesWritten
-       );
-
-/*
- * FUNCTION: Unlocks a range of virtual memory. 
- * ARGUMENTS: 
- *       ProcessHandle = Handle to the process
- *       BaseAddress =   Lower boundary of the range of bytes to unlock. 
- *       NumberOfBytesToUnlock = Offset to the upper boundary to unlock.
- *       NumberOfBytesUnlocked (OUT) = Number of bytes actually unlocked.
- * REMARK:
-       This procedure maps to the win32 procedure VirtualUnlock 
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PAGE_WAS_ULOCKED ]
- */    
-NTSTATUS 
-STDCALL
-NtUnlockVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG  NumberOfBytesToUnlock,
-       OUT PULONG NumberOfBytesUnlocked OPTIONAL
-       );
-
-NTSTATUS 
-STDCALL
-ZwUnlockVirtualMemory(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress,
-       IN ULONG  NumberOfBytesToUnlock,
-       OUT PULONG NumberOfBytesUnlocked OPTIONAL
-       );
-/*
- * FUNCTION: Unmaps a piece of virtual memory backed by a file. 
- * ARGUMENTS: 
- *       ProcessHandle = Handle to the process
- *       BaseAddress =  The address where the mapping begins
- * REMARK:
-       This procedure maps to the win32 UnMapViewOfFile
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtUnmapViewOfSection(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress
-       );
-NTSTATUS
-STDCALL
-ZwUnmapViewOfSection(
-       IN HANDLE ProcessHandle,
-       IN PVOID BaseAddress
-       );
-
-/* --- OBJECT SYNCHRONIZATION --- */
-
-/*
- * FUNCTION: Signals an object and wait for an other one.
- * ARGUMENTS: 
- *        SignalObject = Handle to the object that should be signaled
- *        WaitObject = Handle to the object that should be waited for
- *        Alertable = True if the wait is alertable
- *        Time = The time to wait
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtSignalAndWaitForSingleObject(
-       IN      HANDLE          SignalObject,
-       IN      HANDLE          WaitObject,
-       IN      BOOLEAN         Alertable,
-       IN      PLARGE_INTEGER  Time
-       );
-
-NTSTATUS
-STDCALL
-NtSignalAndWaitForSingleObject(
-       IN      HANDLE          SignalObject,
-       IN      HANDLE          WaitObject,
-       IN      BOOLEAN         Alertable,
-       IN      PLARGE_INTEGER  Time
-       );
-
-/*
- * FUNCTION: Waits for multiple objects to become signalled.
- * ARGUMENTS: 
- *       Count = The number of objects
- *       Object = The array of object handles
- *       WaitType = Can be one of the values UserMode or KernelMode
- *       Alertable = If true the wait is alertable.
- *       Time = The maximum wait time.
- * REMARKS:
- *       This function maps to the win32 WaitForMultipleObjectEx.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtWaitForMultipleObjects (
-       IN ULONG Count,
-       IN HANDLE Object[],
-       IN CINT WaitType,
-       IN BOOLEAN Alertable,
-       IN PLARGE_INTEGER Time
-       );
-
-NTSTATUS
-STDCALL
-ZwWaitForMultipleObjects (
-       IN ULONG Count,
-       IN HANDLE Object[],
-       IN CINT WaitType,
-       IN BOOLEAN Alertable,
-       IN PLARGE_INTEGER Time
-       );
-
-/*
- * FUNCTION: Waits for an object to become signalled.
- * ARGUMENTS: 
- *       Object = The object handle
- *       Alertable = If true the wait is alertable.
- *       Time = The maximum wait time.
- * REMARKS:
- *       This function maps to the win32 WaitForSingleObjectEx.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtWaitForSingleObject (
-       IN HANDLE Object,
-       IN BOOLEAN Alertable,
-       IN PLARGE_INTEGER Time
-       );
-
-NTSTATUS
-STDCALL
-ZwWaitForSingleObject (
-       IN HANDLE Object,
-       IN BOOLEAN Alertable,
-       IN PLARGE_INTEGER Time
-       );
-
-/* --- EVENT PAIR OBJECT --- */
-
-/*
- * FUNCTION: Waits for the high part of an eventpair to become signalled
- * ARGUMENTS:
- *       EventPairHandle = Handle to the event pair.
- * RETURNS: Status
- */
-
-NTSTATUS
-STDCALL
-NtWaitHighEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwWaitHighEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-/*
- * FUNCTION: Waits for the low part of an eventpair to become signalled
- * ARGUMENTS:
- *       EventPairHandle = Handle to the event pair.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtWaitLowEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-NTSTATUS
-STDCALL
-ZwWaitLowEventPair(
-       IN HANDLE EventPairHandle
-       );
-
-/* --- FILE MANAGEMENT --- */
-
-/*
- * FUNCTION: Unlocks a range of bytes in a file. 
- * ARGUMENTS: 
- *       FileHandle = Handle to the file
- *       IoStatusBlock = Caller should supply storage for a structure containing
- *                      the completion status and information about the requested unlock operation.
-                       The information field is set to the number of bytes unlocked.
- *       ByteOffset = Offset to start the range of bytes to unlock 
- *       Length = Number of bytes to unlock.
- *       Key = Special value to enable other threads to unlock a file than the
-               thread that locked the file. The key supplied must match with the one obtained
-               in a previous call to NtLockFile.
- * REMARK:
-       This procedure maps to the win32 procedure UnlockFileEx. STATUS_PENDING is returned if the lock could
-       not be obtained immediately, the device queue is busy and the IRP is queued.
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES |
-       STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST | STATUS_RANGE_NOT_LOCKED ]
- */    
-NTSTATUS 
-STDCALL
-NtUnlockFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PLARGE_INTEGER ByteOffset,
-       IN PLARGE_INTEGER Lenght,
-       OUT PULONG Key OPTIONAL
-       );
-NTSTATUS 
-STDCALL
-ZwUnlockFile(
-       IN HANDLE FileHandle,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PLARGE_INTEGER ByteOffset,
-       IN PLARGE_INTEGER Lenght,
-       OUT PULONG Key OPTIONAL
-       );
-       
-/*
- * FUNCTION: Writes data to a file
- * ARGUMENTS: 
- *       FileHandle = The handle a file ( from NtCreateFile )
- *       Event  = Specifies a event that will become signalled when the write operation completes.
- *       ApcRoutine = Asynchroneous Procedure Callback [ Should not be used by device drivers ]
- *       ApcContext = Argument to the Apc Routine 
- *       IoStatusBlock = Caller should supply storage for a structure containing the completion status and information about the requested write operation.
- *       Buffer = Caller should supply storage for a buffer that will contain the information to be written to file.
- *       Length = Size in bytest of the buffer
- *       ByteOffset = Points to a file offset. If a combination of Length and BytesOfSet is past the end-of-file mark the file will be enlarged.
- *                   BytesOffset is ignored if the file is created with FILE_APPEND_DATA in the DesiredAccess. BytesOffset is also ignored if
- *                    the file is created with CreateOptions flags FILE_SYNCHRONOUS_IO_ALERT or FILE_SYNCHRONOUS_IO_NONALERT set, in that case a offset
- *                    should be created by specifying FILE_USE_FILE_POINTER_POSITION.
- *       Key =  Unused
- * REMARKS:
- *      This function maps to the win32 WriteFile. 
- *      Callers to NtWriteFile should run at IRQL PASSIVE_LEVEL.
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES
-       STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST | STATUS_FILE_LOCK_CONFLICT ]
- */
-NTSTATUS
-STDCALL
-NtWriteFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PVOID Buffer,
-       IN ULONG Length,
-       IN PLARGE_INTEGER ByteOffset,
-       IN PULONG Key OPTIONAL
-    );
-
-NTSTATUS
-STDCALL
-ZwWriteFile(
-       IN HANDLE FileHandle,
-       IN HANDLE Event OPTIONAL,
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
-       IN PVOID ApcContext OPTIONAL,
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN PVOID Buffer,
-       IN ULONG Length,
-       IN PLARGE_INTEGER ByteOffset ,
-       IN PULONG Key OPTIONAL
-    );
-
-/*
- * FUNCTION: Writes a file 
- * ARGUMENTS: 
- *       FileHandle = The handle of the file 
- *       Event  = 
- *       ApcRoutine = Asynchroneous Procedure Callback [ Should not be used by device drivers ]
- *       ApcContext = Argument to the Apc Routine 
- *       IoStatusBlock = Caller should supply storage for a structure containing the completion status and information about the requested write operation.
- *       BufferDescription = Caller should supply storage for a buffer that will contain the information to be written to file.
- *       BufferLength = Size in bytest of the buffer
- *       ByteOffset = Points to a file offset. If a combination of Length and BytesOfSet is past the end-of-file mark the file will be enlarged.
- *                   BytesOffset is ignored if the file is created with FILE_APPEND_DATA in the DesiredAccess. BytesOffset is also ignored if
- *                    the file is created with CreateOptions flags FILE_SYNCHRONOUS_IO_ALERT or FILE_SYNCHRONOUS_IO_NONALERT set, in that case a offset
- *                    should be created by specifying FILE_USE_FILE_POINTER_POSITION. Use FILE_WRITE_TO_END_OF_FILE to write to the EOF.
- *       Key = If a matching key [ a key provided at NtLockFile ] is provided the write operation will continue even if a byte range is locked.
- * REMARKS:
- *      This function maps to the win32 WriteFile. 
- *      Callers to NtWriteFile should run at IRQL PASSIVE_LEVEL.
- * RETURNS: Status [ STATUS_SUCCESS | STATUS_PENDING | STATUS_ACCESS_DENIED | STATUS_INSUFFICIENT_RESOURCES
-               STATUS_INVALID_PARAMETER | STATUS_INVALID_DEVICE_REQUEST | STATUS_FILE_LOCK_CONFLICT ]
- */
-
-NTSTATUS
-STDCALL 
-NtWriteFileGather( 
-       IN HANDLE FileHandle, 
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN FILE_SEGMENT_ELEMENT BufferDescription[], 
-       IN ULONG BufferLength, 
-       IN PLARGE_INTEGER ByteOffset, 
-       IN PULONG Key OPTIONAL
-       ); 
-
-NTSTATUS
-STDCALL 
-ZwWriteFileGather( 
-       IN HANDLE FileHandle, 
-       IN HANDLE Event OPTIONAL, 
-       IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 
-       IN PVOID ApcContext OPTIONAL, 
-       OUT PIO_STATUS_BLOCK IoStatusBlock,
-       IN FILE_SEGMENT_ELEMENT BufferDescription[], 
-       IN ULONG BufferLength, 
-       IN PLARGE_INTEGER ByteOffset, 
-       IN PULONG Key OPTIONAL
-       ); 
-
-
-/* --- THREAD MANAGEMENT --- */
-
-/*
- * FUNCTION: Increments a thread's resume count
- * ARGUMENTS: 
- *        ThreadHandle = Handle to the thread that should be resumed
- *        PreviousSuspendCount =  The resulting/previous suspend count.
- * REMARK:
- *       A thread will be suspended if its suspend count is greater than 0. This procedure maps to
- *        the win32 SuspendThread function. ( documentation about the the suspend count can be found here aswell )
- *        The suspend count is not increased if it is greater than MAXIMUM_SUSPEND_COUNT.
- * RETURNS: Status
- */ 
-NTSTATUS 
-STDCALL 
-NtSuspendThread(
-       IN HANDLE ThreadHandle,
-       IN PULONG PreviousSuspendCount 
-       );
-
-NTSTATUS 
-STDCALL 
-ZwSuspendThread(
-       IN HANDLE ThreadHandle,
-       IN PULONG PreviousSuspendCount 
-       );
-
-/*
- * FUNCTION: Terminates the execution of a thread. 
- * ARGUMENTS: 
- *      ThreadHandle = Handle to the thread
- *      ExitStatus  = The exit status of the thread to terminate with.
- * RETURNS: Status
- */    
-NTSTATUS 
-STDCALL 
-NtTerminateThread(
-       IN HANDLE ThreadHandle ,
-       IN NTSTATUS ExitStatus
-       );
-NTSTATUS 
-STDCALL 
-ZwTerminateThread(
-       IN HANDLE ThreadHandle ,
-       IN NTSTATUS ExitStatus
-       );
-/*
- * FUNCTION: Tests to see if there are any pending alerts for the calling thread 
- * RETURNS: Status
- */    
-NTSTATUS 
-STDCALL 
-NtTestAlert(
-       VOID 
-       );
-NTSTATUS 
-STDCALL 
-ZwTestAlert(
-       VOID 
-       );
-
-/*
- * FUNCTION: Yields the callers thread.
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL 
-NtYieldExecution(
-       VOID
-       );
-
-NTSTATUS
-STDCALL 
-ZwYieldExecution(
-       VOID
-       );
-
-
-/*
- * --- Local Procedure Call Facility
- * These prototypes are unknown as yet
- * (stack sizes by Peter-Michael Hager)
- */
-
-/* --- REGISTRY --- */
-
-/*
- * FUNCTION: Unloads a registry key.
- * ARGUMENTS:
- *       KeyHandle = Handle to the registry key
- * REMARK:
- *       This procedure maps to the win32 procedure RegUnloadKey
- * RETURNS: Status
- */
-NTSTATUS
-STDCALL
-NtUnloadKey(
-       HANDLE KeyHandle
-       );
-NTSTATUS
-STDCALL
-ZwUnloadKey(
-       HANDLE KeyHandle
-       );
-
-
-/* --- PLUG AND PLAY --- */
-
-NTSTATUS
-STDCALL
-NtPlugPlayControl (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtGetPlugPlayEvent (
-       VOID
-       );
-
-/* --- POWER MANAGEMENT --- */
-
-NTSTATUS STDCALL 
-NtSetSystemPowerState(IN POWER_ACTION SystemAction,
-                     IN SYSTEM_POWER_STATE MinSystemState,
-                     IN ULONG Flags);
-
-/* --- DEBUG SUBSYSTEM --- */
-
-NTSTATUS STDCALL 
-NtSystemDebugControl(DEBUG_CONTROL_CODE ControlCode,
-                    PVOID InputBuffer,
-                    ULONG InputBufferLength,
-                    PVOID OutputBuffer,
-                    ULONG OutputBufferLength,
-                    PULONG ReturnLength);
-
-/* --- VIRTUAL DOS MACHINE (VDM) --- */
-
-NTSTATUS
-STDCALL
-NtVdmControl (ULONG ControlCode, PVOID ControlData);
-
-
-/* --- WIN32 --- */
-
-NTSTATUS STDCALL
-NtW32Call(IN ULONG RoutineIndex,
-         IN PVOID Argument,
-         IN ULONG ArgumentLength,
-         OUT PVOID* Result OPTIONAL,
-         OUT PULONG ResultLength OPTIONAL);
-
-/* --- CHANNELS --- */
-
-NTSTATUS
-STDCALL
-NtCreateChannel (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtListenChannel (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtOpenChannel (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtReplyWaitSendChannel (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtSendWaitReplyChannel (
-       VOID
-       );
-
-NTSTATUS
-STDCALL
-NtSetContextChannel (
-       VOID
-       );
-
-/* --- MISCELLANEA --- */
-
-//NTSTATUS STDCALL NtSetLdtEntries(VOID);
-NTSTATUS
-STDCALL
-NtSetLdtEntries (
-       HANDLE  Thread,
-       ULONG           FirstEntry,
-       PULONG  Entries
-       );
-
-
-NTSTATUS
-STDCALL
-NtQueryOleDirectoryFile (
-       VOID
-       );
-
-#endif /* __DDK_ZW_H */
diff --git a/reactos/include/ddk/zwtypes.h b/reactos/include/ddk/zwtypes.h
deleted file mode 100644 (file)
index 1095c91..0000000
+++ /dev/null
@@ -1,1662 +0,0 @@
-#ifndef __INCLUDE_DDK_ZWTYPES_H
-#define __INCLUDE_DDK_ZWTYPES_H
-
-typedef enum _DEBUG_CONTROL_CODE
-{
-  DebugGetTraceInformation = 1,
-  DebugSetInternalBreakpoint,
-  DebugSetSpecialCalls,
-  DebugClearSpecialCalls,
-  DebugQuerySpecialCalls,
-  DebugDbgBreakPoint,
-  DebugDbgLoadSymbols
-} DEBUG_CONTROL_CODE;
-
-typedef enum _KPROFILE_SOURCE
-{
-  ProfileTime
-} KPROFILE_SOURCE;
-
-#define NtCurrentProcess() ( (HANDLE) 0xFFFFFFFF )
-#define NtCurrentThread() ( (HANDLE) 0xFFFFFFFE )
-
-#ifdef __NTOSKRNL__
-extern ULONG EXPORTED NtBuildNumber;
-#else
-extern ULONG IMPORTED NtBuildNumber;
-#endif
-
-
-// event access mask
-
-#define EVENT_READ_ACCESS                      1
-#define EVENT_WRITE_ACCESS                     2
-
-
-// file disposition values
-
-
-#define FILE_SUPERSEDE                  0x0000
-#define FILE_OPEN                       0x0001
-#define FILE_CREATE                     0x0002
-#define FILE_OPEN_IF                    0x0003
-#define FILE_OVERWRITE                  0x0004
-#define FILE_OVERWRITE_IF               0x0005
-#define FILE_MAXIMUM_DISPOSITION        0x0005
-
-// job query / set information class
-
-typedef enum _JOBOBJECTINFOCLASS {               // Q S
-    JobObjectBasicAccountingInformation = 1,     // Y N
-    JobObjectBasicLimitInformation,              // Y Y
-    JobObjectBasicProcessIdList,                 // Y N
-    JobObjectBasicUIRestrictions,                // Y Y
-    JobObjectSecurityLimitInformation,           // Y Y
-    JobObjectEndOfJobTimeInformation,            // N Y
-    JobObjectAssociateCompletionPortInformation, // N Y
-    JobObjectBasicAndIoAccountingInformation,    // Y N
-    JobObjectExtendedLimitInformation,           // Y Y
-} JOBOBJECTINFOCLASS;
-
-//process query / set information class
-
-#define ProcessBasicInformation                        0
-#define ProcessQuotaLimits                     1
-#define ProcessIoCounters                      2
-#define ProcessVmCounters                      3
-#define ProcessTimes                           4
-#define ProcessBasePriority                    5
-#define ProcessRaisePriority                   6
-#define ProcessDebugPort                       7
-#define ProcessExceptionPort                   8
-#define ProcessAccessToken                     9
-#define ProcessLdtInformation                  10
-#define ProcessLdtSize                         11
-#define ProcessDefaultHardErrorMode            12
-#define ProcessIoPortHandlers                  13
-#define ProcessPooledUsageAndLimits            14
-#define ProcessWorkingSetWatch                 15
-#define ProcessUserModeIOPL                    16
-#define ProcessEnableAlignmentFaultFixup       17
-#define ProcessPriorityClass                   18
-#define ProcessWx86Information                 19
-#define ProcessHandleCount                     20
-#define ProcessAffinityMask                    21
-#define ProcessPriorityBoost                   22
-#define ProcessDeviceMap                       23
-#define ProcessSessionInformation              24
-#define ProcessForegroundInformation           25
-#define ProcessWow64Information                        26
-/* ReactOS private. */
-#define ProcessImageFileName                   27
-#define ProcessDesktop                          28
-#define MaxProcessInfoClass                    29
-
-/*
- * thread query / set information class
- */
-#define ThreadBasicInformation                 0
-#define ThreadTimes                            1
-#define ThreadPriority                         2
-#define ThreadBasePriority                     3
-#define ThreadAffinityMask                     4
-#define ThreadImpersonationToken               5
-#define ThreadDescriptorTableEntry             6
-#define ThreadEnableAlignmentFaultFixup                7
-#define ThreadEventPair                                8
-#define ThreadQuerySetWin32StartAddress                9
-#define ThreadZeroTlsCell                      10
-#define ThreadPerformanceCount                 11
-#define ThreadAmILastThread                    12
-#define ThreadIdealProcessor                   13
-#define ThreadPriorityBoost                    14
-#define ThreadSetTlsArrayAddress               15
-#define ThreadIsIoPending                      16
-#define ThreadHideFromDebugger                 17
-#define MaxThreadInfoClass                     17
-
-// object handle information
-
-#define ObjectBasicInformation                 0
-#define ObjectNameInformation                  1
-#define ObjectTypeInformation                  2
-#define ObjectAllInformation                   3
-#define ObjectDataInformation                  4
-
-// atom information
-
-typedef enum _ATOM_INFORMATION_CLASS
-{
-   AtomBasicInformation                = 0,
-   AtomTableInformation                = 1,
-} ATOM_INFORMATION_CLASS;
-
-typedef struct _ATOM_BASIC_INFORMATION
-{
-   USHORT UsageCount;
-   USHORT Flags;
-   USHORT NameLength;
-   WCHAR Name[1];
-} ATOM_BASIC_INFORMATION, *PATOM_BASIC_INFORMATION;
-
-typedef struct _ATOM_TABLE_INFORMATION
-{
-   ULONG NumberOfAtoms;
-   RTL_ATOM Atoms[1];
-} ATOM_TABLE_INFORMATION, *PATOM_TABLE_INFORMATION;
-
-
-// mutant information
-
-typedef enum _MUTANT_INFORMATION_CLASS
-{
-  MutantBasicInformation = 0
-} MUTANT_INFORMATION_CLASS;
-
-typedef struct _MUTANT_BASIC_INFORMATION
-{
-  LONG Count;
-  BOOLEAN Owned;
-  BOOLEAN Abandoned;
-} MUTANT_BASIC_INFORMATION, *PMUTANT_BASIC_INFORMATION;
-
-
-// semaphore information
-
-typedef enum _SEMAPHORE_INFORMATION_CLASS
-{
-       SemaphoreBasicInformation               = 0
-} SEMAPHORE_INFORMATION_CLASS;
-
-typedef struct _SEMAPHORE_BASIC_INFORMATION
-{
-       LONG CurrentCount;
-       LONG MaximumCount;
-} SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
-
-
-// event information
-
-typedef enum _EVENT_INFORMATION_CLASS
-{
-       EventBasicInformation                   = 0
-} EVENT_INFORMATION_CLASS;
-
-typedef struct _EVENT_BASIC_INFORMATION
-{
-       EVENT_TYPE EventType;
-       LONG EventState;
-} EVENT_BASIC_INFORMATION, *PEVENT_BASIC_INFORMATION;
-
-
-// system information
-// {Nt|Zw}{Query|Set}SystemInformation
-// (GN means Gary Nebbet in "NT/W2K Native API Reference")
-
-typedef
-enum _SYSTEM_INFORMATION_CLASS
-{
-       SystemInformationClassMin               = 0,
-       SystemBasicInformation                  = 0,    /* Q */
-       
-       SystemProcessorInformation              = 1,    /* Q */
-       
-       SystemPerformanceInformation            = 2,    /* Q */
-       
-       SystemTimeOfDayInformation              = 3,    /* Q */
-       
-       SystemPathInformation                   = 4,    /* Q (checked build only) */
-       SystemNotImplemented1                   = 4,    /* Q (GN) */
-       
-       SystemProcessInformation                = 5,    /* Q */
-       SystemProcessesAndThreadsInformation    = 5,    /* Q (GN) */
-       
-       SystemCallCountInfoInformation          = 6,    /* Q */
-       SystemCallCounts                        = 6,    /* Q (GN) */
-       
-       SystemDeviceInformation                 = 7,    /* Q */
-// It conflicts with symbol in ntoskrnl/io/resource.c
-//     SystemConfigurationInformation          = 7,    /* Q (GN) */
-       
-       SystemProcessorPerformanceInformation   = 8,    /* Q */
-       SystemProcessorTimes                    = 8,    /* Q (GN) */
-       
-       SystemFlagsInformation                  = 9,    /* QS */
-       SystemGlobalFlag                        = 9,    /* QS (GN) */
-       
-       SystemCallTimeInformation               = 10,
-       SystemNotImplemented2                   = 10,   /* (GN) */
-       
-       SystemModuleInformation                 = 11,   /* Q */
-       
-       SystemLocksInformation                  = 12,   /* Q */
-       SystemLockInformation                   = 12,   /* Q (GN) */
-       
-       SystemStackTraceInformation             = 13,
-       SystemNotImplemented3                   = 13,   /* Q (GN) */
-       
-       SystemPagedPoolInformation              = 14,
-       SystemNotImplemented4                   = 14,   /* Q (GN) */
-       
-       SystemNonPagedPoolInformation           = 15,
-       SystemNotImplemented5                   = 15,   /* Q (GN) */
-       
-       SystemHandleInformation                 = 16,   /* Q */
-       
-       SystemObjectInformation                 = 17,   /* Q */
-       
-       SystemPageFileInformation               = 18,   /* Q */
-       SystemPagefileInformation               = 18,   /* Q (GN) */
-       
-       SystemVdmInstemulInformation            = 19,   /* Q */
-       SystemInstructionEmulationCounts        = 19,   /* Q (GN) */
-       
-       SystemVdmBopInformation                 = 20,
-       SystemInvalidInfoClass1                 = 20,   /* (GN) */
-       
-       SystemFileCacheInformation              = 21,   /* QS */
-       SystemCacheInformation                  = 21,   /* QS (GN) */
-       
-       SystemPoolTagInformation                = 22,   /* Q (checked build only) */
-       
-       SystemInterruptInformation              = 23,   /* Q */
-       SystemProcessorStatistics               = 23,   /* Q (GN) */
-       
-       SystemDpcBehaviourInformation           = 24,   /* QS */
-       SystemDpcInformation                    = 24,   /* QS (GN) */
-       
-       SystemFullMemoryInformation             = 25,
-       SystemNotImplemented6                   = 25,   /* (GN) */
-       
-       SystemLoadImage                         = 26,   /* S (callable) (GN) */
-       
-       SystemUnloadImage                       = 27,   /* S (callable) (GN) */
-       
-       SystemTimeAdjustmentInformation         = 28,   /* QS */
-       SystemTimeAdjustment                    = 28,   /* QS (GN) */
-       
-       SystemSummaryMemoryInformation          = 29,
-       SystemNotImplemented7                   = 29,   /* (GN) */
-       
-       SystemNextEventIdInformation            = 30,
-       SystemNotImplemented8                   = 30,   /* (GN) */
-       
-       SystemEventIdsInformation               = 31,
-       SystemNotImplemented9                   = 31,   /* (GN) */
-       
-       SystemCrashDumpInformation              = 32,   /* Q */
-       
-       SystemExceptionInformation              = 33,   /* Q */
-       
-       SystemCrashDumpStateInformation         = 34,   /* Q */
-       
-       SystemKernelDebuggerInformation         = 35,   /* Q */
-       
-       SystemContextSwitchInformation          = 36,   /* Q */
-       
-       SystemRegistryQuotaInformation          = 37,   /* QS */
-       
-       SystemLoadAndCallImage                  = 38,   /* S (GN) */
-       
-       SystemPrioritySeparation                = 39,   /* S */
-       
-       SystemPlugPlayBusInformation            = 40,
-       SystemNotImplemented10                  = 40,   /* Q (GN) */
-       
-       SystemDockInformation                   = 41,
-       SystemNotImplemented11                  = 41,   /* Q (GN) */
-       
-       SystemPowerInformation                  = 42,
-       SystemInvalidInfoClass2                 = 42,   /* (GN) */
-       
-       SystemProcessorSpeedInformation         = 43,
-       SystemInvalidInfoClass3                 = 43,   /* (GN) */
-       
-       SystemCurrentTimeZoneInformation        = 44,   /* QS */
-       SystemTimeZoneInformation               = 44,   /* QS (GN) */
-       
-       SystemLookasideInformation              = 45,   /* Q */
-       
-       SystemSetTimeSlipEvent                  = 46,   /* S (GN) */
-       
-       SystemCreateSession                     = 47,   /* S (GN) */
-       
-       SystemDeleteSession                     = 48,   /* S (GN) */
-       
-       SystemInvalidInfoClass4                 = 49,   /* (GN) */
-       
-       SystemRangeStartInformation             = 50,   /* Q (GN) */
-       
-       SystemVerifierInformation               = 51,   /* QS (GN) */
-       
-       SystemAddVerifier                       = 52,   /* S (GN) */
-       
-       SystemSessionProcessesInformation       = 53,   /* Q (GN) */
-       SystemInformationClassMax
-
-} SYSTEM_INFORMATION_CLASS;
-
-// SystemBasicInformation (0)
-typedef
-struct _SYSTEM_BASIC_INFORMATION
-{
-       ULONG           Reserved;
-       ULONG           TimerResolution;
-       ULONG           PageSize;
-       ULONG           NumberOfPhysicalPages;
-       ULONG           LowestPhysicalPageNumber;
-       ULONG           HighestPhysicalPageNumber;
-       ULONG           AllocationGranularity;
-       ULONG           MinimumUserModeAddress;
-       ULONG           MaximumUserModeAddress;
-       KAFFINITY       ActiveProcessorsAffinityMask;
-       CCHAR           NumberOfProcessors;
-} SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
-
-// SystemProcessorInformation (1)
-typedef
-struct _SYSTEM_PROCESSOR_INFORMATION
-{
-       USHORT  ProcessorArchitecture;
-       USHORT  ProcessorLevel;
-       USHORT  ProcessorRevision;
-       USHORT  Reserved;
-       ULONG   ProcessorFeatureBits;
-} SYSTEM_PROCESSOR_INFORMATION, *PSYSTEM_PROCESSOR_INFORMATION;
-
-// SystemPerformanceInfo (2)
-typedef
-struct _SYSTEM_PERFORMANCE_INFORMATION
-{
-       LARGE_INTEGER   IdleProcessorTime;
-       LARGE_INTEGER   IoReadTransferCount;
-       LARGE_INTEGER   IoWriteTransferCount;
-       LARGE_INTEGER   IoOtherTransferCount;
-       ULONG           IoReadOperationCount;
-       ULONG           IoWriteOperationCount;
-       ULONG           IoOtherOperationCount;
-       ULONG           AvailablePages;
-       ULONG           CommitedPages;
-       ULONG           CommitLimit;
-       ULONG           PeakCommitment;
-       ULONG           PageFaultCount;
-       ULONG           CopyOnWriteCount;
-       ULONG           TransitionCount;
-       ULONG           CacheTransitionCount;
-       ULONG           DemandZeroCount;
-       ULONG           PageReadCount;
-       ULONG           PageReadIoCount;
-       ULONG           CacheReadCount;
-       ULONG           CacheIoCount;
-       ULONG           DirtyPagesWriteCount;
-       ULONG           DirtyWriteIoCount;
-       ULONG           MappedPagesWriteCount;
-       ULONG           MappedWriteIoCount;
-       ULONG           PagedPoolPages;
-       ULONG           NonPagedPoolPages;
-       ULONG           Unknown6;
-       ULONG           Unknown7;
-       ULONG           Unknown8;
-       ULONG           Unknown9;
-       ULONG           MmTotalSystemFreePtes;
-       ULONG           MmSystemCodepage;
-       ULONG           MmTotalSystemDriverPages;
-       ULONG           MmTotalSystemCodePages;
-       ULONG           Unknown10;
-       ULONG           Unknown11;
-       ULONG           Unknown12;
-       ULONG           MmSystemCachePage;
-       ULONG           MmPagedPoolPage;
-       ULONG           MmSystemDriverPage;
-       ULONG           CcFastReadNoWait;
-       ULONG           CcFastReadWait;
-       ULONG           CcFastReadResourceMiss;
-       ULONG           CcFastReadNotPossible;
-       ULONG           CcFastMdlReadNoWait;
-       ULONG           CcFastMdlReadWait;
-       ULONG           CcFastMdlReadResourceMiss;
-       ULONG           CcFastMdlReadNotPossible;
-       ULONG           CcMapDataNoWait;
-       ULONG           CcMapDataWait;
-       ULONG           CcMapDataNoWaitMiss;
-       ULONG           CcMapDataWaitMiss;
-       ULONG           CcPinMappedDataCount;
-       ULONG           CcPinReadNoWait;
-       ULONG           CcPinReadWait;
-       ULONG           CcPinReadNoWaitMiss;
-       ULONG           CcPinReadWaitMiss;
-       ULONG           CcCopyReadNoWait;
-       ULONG           CcCopyReadWait;
-       ULONG           CcCopyReadNoWaitMiss;
-       ULONG           CcCopyReadWaitMiss;
-       ULONG           CcMdlReadNoWait;
-       ULONG           CcMdlReadWait;
-       ULONG           CcMdlReadNoWaitMiss;
-       ULONG           CcMdlReadWaitMiss;
-       ULONG           CcReadaheadIos;
-       ULONG           CcLazyWriteIos;
-       ULONG           CcLazyWritePages;
-       ULONG           CcDataFlushes;
-       ULONG           CcDataPages;
-       ULONG           ContextSwitches;
-       ULONG           Unknown13;
-       ULONG           Unknown14;
-       ULONG           SystemCalls;
-
-} SYSTEM_PERFORMANCE_INFO, *PSYSTEM_PERFORMANCE_INFO;
-
-// SystemTimeOfDayInformation (3)
-typedef
-struct _SYSTEM_TIMEOFDAY_INFORMATION
-{
-       LARGE_INTEGER   BootTime;
-       LARGE_INTEGER   CurrentTime;
-       LARGE_INTEGER   TimeZoneBias;
-       ULONG           TimeZoneId;
-       ULONG           Reserved;
-} SYSTEM_TIMEOFDAY_INFORMATION, *PSYSTEM_TIMEOFDAY_INFORMATION;
-
-// SystemPathInformation (4)
-// IT DOES NOT WORK
-typedef
-struct _SYSTEM_PATH_INFORMATION
-{
-       PVOID   Dummy;
-
-} SYSTEM_PATH_INFORMATION, * PSYSTEM_PATH_INFORMATION;
-
-// SystemProcessInformation (5)
-typedef
-struct _SYSTEM_THREAD_INFORMATION
-{
-       TIME            KernelTime;
-       TIME            UserTime;
-       TIME            CreateTime;
-       ULONG           TickCount;
-       ULONG           StartEIP;
-       CLIENT_ID       ClientId;
-       ULONG           DynamicPriority;
-       ULONG           BasePriority;
-       ULONG           nSwitches;
-       DWORD           State;
-       KWAIT_REASON    WaitReason;
-       
-} SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION;
-
-typedef
-struct SYSTEM_PROCESS_INFORMATION
-{
-       ULONG                           RelativeOffset;
-       ULONG                           ThreadCount;
-       ULONG                           Unused1 [6];
-       TIME                            CreateTime;
-       TIME                            UserTime;
-       TIME                            KernelTime;
-       UNICODE_STRING                  Name;
-       ULONG                           BasePriority;
-       ULONG                           ProcessId;
-       ULONG                           ParentProcessId;
-       ULONG                           HandleCount;
-       ULONG                           Unused2[2];
-       ULONG                           PeakVirtualSizeBytes;
-       ULONG                           TotalVirtualSizeBytes;
-       ULONG                           PageFaultCount;
-       ULONG                           PeakWorkingSetSizeBytes;
-       ULONG                           TotalWorkingSetSizeBytes;
-       ULONG                           PeakPagedPoolUsagePages;
-       ULONG                           TotalPagedPoolUsagePages;
-       ULONG                           PeakNonPagedPoolUsagePages;
-       ULONG                           TotalNonPagedPoolUsagePages;
-       ULONG                           TotalPageFileUsageBytes;
-       ULONG                           PeakPageFileUsageBytes;
-       ULONG                           TotalPrivateBytes;
-       SYSTEM_THREAD_INFORMATION       ThreadSysInfo [1];
-       
-} SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;
-
-// SystemCallCountInformation (6)
-typedef
-struct _SYSTEM_SDT_INFORMATION
-{
-       ULONG   BufferLength;
-       ULONG   NumberOfSystemServiceTables;
-       ULONG   NumberOfServices [1];
-       ULONG   ServiceCounters [1];
-
-} SYSTEM_SDT_INFORMATION, *PSYSTEM_SDT_INFORMATION;
-
-// SystemDeviceInformation (7)
-typedef
-struct _SYSTEM_DEVICE_INFORMATION
-{
-       ULONG   NumberOfDisks;
-       ULONG   NumberOfFloppies;
-       ULONG   NumberOfCdRoms;
-       ULONG   NumberOfTapes;
-       ULONG   NumberOfSerialPorts;
-       ULONG   NumberOfParallelPorts;
-} SYSTEM_DEVICE_INFORMATION, *PSYSTEM_DEVICE_INFORMATION;
-
-// SystemProcessorPerformanceInformation (8)
-// (one per processor in the system)
-typedef
-struct _SYSTEM_PROCESSORTIME_INFO
-{
-       TIME    TotalProcessorRunTime;
-       TIME    TotalProcessorTime;
-       TIME    TotalProcessorUserTime;
-       TIME    TotalDPCTime;
-       TIME    TotalInterruptTime;
-       ULONG   TotalInterrupts;
-       ULONG   Unused;
-
-} SYSTEM_PROCESSORTIME_INFO, *PSYSTEM_PROCESSORTIME_INFO;
-
-// SystemFlagsInformation (9)
-typedef
-struct _SYSTEM_FLAGS_INFORMATION
-{
-       ULONG   Flags;
-
-} SYSTEM_FLAGS_INFORMATION, * PSYSTEM_FLAGS_INFORMATION;
-
-#define FLG_STOP_ON_EXCEPTION          0x00000001
-#define FLG_SHOW_LDR_SNAPS             0x00000002
-#define FLG_DEBUG_INITIAL_COMMAND      0x00000004
-#define FLG_STOP_ON_HANG_GUI           0x00000008
-#define FLG_HEAP_ENABLE_TAIL_CHECK     0x00000010
-#define FLG_HEAP_ENABLE_FREE_CHECK     0x00000020
-#define FLG_HEAP_VALIDATE_PARAMETERS   0x00000040
-#define FLG_HEAP_VALIDATE_ALL          0x00000080
-#define FLG_POOL_ENABLE_TAIL_CHECK     0x00000100
-#define FLG_POOL_ENABLE_FREE_CHECK     0x00000200
-#define FLG_POOL_ENABLE_TAGGING                0x00000400
-#define FLG_HEAP_ENABLE_TAGGING                0x00000800
-#define FLG_USER_STACK_TRACE_DB                0x00001000
-#define FLG_KERNEL_STACK_TRACE_DB      0x00002000
-#define FLG_MAINTAIN_OBJECT_TYPELIST   0x00004000
-#define FLG_HEAP_ENABLE_TAG_BY_DLL     0x00008000
-#define FLG_IGNORE_DEBUG_PRIV          0x00010000
-#define FLG_ENABLE_CSRDEBUG            0x00020000
-#define FLG_ENABLE_KDEBUG_SYMBOL_LOAD  0x00040000
-#define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
-#define FLG_HEAP_ENABLE_CALL_TRACING   0x00100000
-#define FLG_HEAP_DISABLE_COALESCING    0x00200000
-#define FLG_ENABLE_CLOSE_EXCEPTION     0x00400000
-#define FLG_ENABLE_EXCEPTION_LOGGING   0x00800000
-#define FLG_UNKNOWN_01000000           0x01000000
-#define FLG_UNKNOWN_02000000           0x02000000
-#define FLG_UNKNOWN_04000000           0x04000000
-#define FLG_ENABLE_DBGPRINT_BUFFERING  0x08000000
-#define FLG_UNKNOWN_10000000           0x10000000
-#define FLG_UNKNOWN_20000000           0x20000000
-#define FLG_UNKNOWN_40000000           0x40000000
-#define FLG_UNKNOWN_80000000           0x80000000
-
-// SystemCallTimeInformation (10)
-// UNKNOWN
-
-// SystemModuleInformation (11)
-typedef
-struct _SYSTEM_MODULE_ENTRY
-{
-       ULONG   Unknown1;
-       ULONG   Unknown2;
-       PVOID   BaseAddress;
-       ULONG   Size;
-       ULONG   Flags;
-       ULONG   EntryIndex;
-       USHORT  NameLength; /* Length of module name not including the path, this field contains valid value only for NTOSKRNL module*/
-       USHORT  PathLength; /* Length of 'directory path' part of modulename*/
-       CHAR    Name [256];
-} SYSTEM_MODULE_ENTRY, * PSYSTEM_MODULE_ENTRY;
-
-typedef
-struct _SYSTEM_MODULE_INFORMATION
-{
-       ULONG                   Count;
-       SYSTEM_MODULE_ENTRY     Module [1];
-} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
-
-// SystemLocksInformation (12)
-typedef
-struct _SYSTEM_RESOURCE_LOCK_ENTRY
-{
-       ULONG   ResourceAddress;
-       ULONG   Always1;
-       ULONG   Unknown;
-       ULONG   ActiveCount;
-       ULONG   ContentionCount;
-       ULONG   Unused[2];
-       ULONG   NumberOfSharedWaiters;
-       ULONG   NumberOfExclusiveWaiters;
-       
-} SYSTEM_RESOURCE_LOCK_ENTRY, *PSYSTEM_RESOURCE_LOCK_ENTRY;
-
-typedef
-struct _SYSTEM_RESOURCE_LOCK_INFO
-{
-       ULONG                           Count;
-       SYSTEM_RESOURCE_LOCK_ENTRY      Lock [1];
-       
-} SYSTEM_RESOURCE_LOCK_INFO, *PSYSTEM_RESOURCE_LOCK_INFO;
-
-// SystemInformation13 (13)
-// UNKNOWN
-
-// SystemInformation14 (14)
-// UNKNOWN
-
-// SystemInformation15 (15)
-// UNKNOWN
-
-// SystemHandleInformation (16)
-// (see ontypes.h)
-typedef
-struct _SYSTEM_HANDLE_ENTRY
-{
-       ULONG   OwnerPid;
-       BYTE    ObjectType;
-       BYTE    HandleFlags;
-       USHORT  HandleValue;
-       PVOID   ObjectPointer;
-       ULONG   AccessMask;
-       
-} SYSTEM_HANDLE_ENTRY, *PSYSTEM_HANDLE_ENTRY;
-
-typedef
-struct _SYSTEM_HANDLE_INFORMATION
-{
-       ULONG                   Count;
-       SYSTEM_HANDLE_ENTRY     Handle [1];
-       
-} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
-
-// SystemObjectInformation (17)
-typedef
-struct _SYSTEM_OBJECT_TYPE_INFORMATION
-{
-       ULONG           NextEntryOffset;
-       ULONG           ObjectCount;
-       ULONG           HandleCount;
-       ULONG           TypeNumber;
-       ULONG           InvalidAttributes;
-       GENERIC_MAPPING GenericMapping;
-       ACCESS_MASK     ValidAccessMask;
-       POOL_TYPE       PoolType;
-       UCHAR           Unknown;
-       UNICODE_STRING  Name;
-       
-} SYSTEM_OBJECT_TYPE_INFORMATION, *PSYSTEM_OBJECT_TYPE_INFORMATION;
-
-typedef
-struct _SYSTEM_OBJECT_INFORMATION
-{
-       ULONG                   NextEntryOffset;
-       PVOID                   Object;
-       ULONG                   CreatorProcessId;
-       USHORT                  Unknown;
-       USHORT                  Flags;
-       ULONG                   PointerCount;
-       ULONG                   HandleCount;
-       ULONG                   PagedPoolUsage;
-       ULONG                   NonPagedPoolUsage;
-       ULONG                   ExclusiveProcessId;
-       PSECURITY_DESCRIPTOR    SecurityDescriptor;
-       UNICODE_STRING          Name;
-
-} SYSTEM_OBJECT_INFORMATION, *PSYSTEM_OBJECT_INFORMATION;
-
-// SystemPageFileInformation (18)
-typedef
-struct _SYSTEM_PAGEFILE_INFORMATION
-{
-       ULONG           RelativeOffset;
-       ULONG           CurrentSizePages;
-       ULONG           TotalUsedPages;
-       ULONG           PeakUsedPages;
-       UNICODE_STRING  PagefileFileName;
-       
-} SYSTEM_PAGEFILE_INFORMATION, *PSYSTEM_PAGEFILE_INFORMATION;
-
-// SystemInstructionEmulationInfo (19)
-typedef
-struct _SYSTEM_VDM_INFORMATION
-{
-       ULONG VdmSegmentNotPresentCount;
-       ULONG VdmINSWCount;
-       ULONG VdmESPREFIXCount;
-       ULONG VdmCSPREFIXCount;
-       ULONG VdmSSPREFIXCount;
-       ULONG VdmDSPREFIXCount;
-       ULONG VdmFSPREFIXCount;
-       ULONG VdmGSPREFIXCount;
-       ULONG VdmOPER32PREFIXCount;
-       ULONG VdmADDR32PREFIXCount;
-       ULONG VdmINSBCount;
-       ULONG VdmINSWV86Count;
-       ULONG VdmOUTSBCount;
-       ULONG VdmOUTSWCount;
-       ULONG VdmPUSHFCount;
-       ULONG VdmPOPFCount;
-       ULONG VdmINTNNCount;
-       ULONG VdmINTOCount;
-       ULONG VdmIRETCount;
-       ULONG VdmINBIMMCount;
-       ULONG VdmINWIMMCount;
-       ULONG VdmOUTBIMMCount;
-       ULONG VdmOUTWIMMCount;
-       ULONG VdmINBCount;
-       ULONG VdmINWCount;
-       ULONG VdmOUTBCount;
-       ULONG VdmOUTWCount;
-       ULONG VdmLOCKPREFIXCount;
-       ULONG VdmREPNEPREFIXCount;
-       ULONG VdmREPPREFIXCount;
-       ULONG VdmHLTCount;
-       ULONG VdmCLICount;
-       ULONG VdmSTICount;
-       ULONG VdmBopCount;
-
-} SYSTEM_VDM_INFORMATION, *PSYSTEM_VDM_INFORMATION;
-
-// SystemInformation20 (20)
-// UNKNOWN
-
-// SystemCacheInformation (21)
-typedef
-struct _SYSTEM_CACHE_INFORMATION
-{
-       ULONG   CurrentSize;
-       ULONG   PeakSize;
-       ULONG   PageFaultCount;
-       ULONG   MinimumWorkingSet;
-       ULONG   MaximumWorkingSet;
-       ULONG   Unused[4];
-
-} SYSTEM_CACHE_INFORMATION;
-
-// SystemPoolTagInformation (22)
-// found by Klaus P. Gerlicher
-// (implemented only in checked builds)
-typedef
-struct _POOL_TAG_STATS
-{
-       ULONG AllocationCount;
-       ULONG FreeCount;
-       ULONG SizeBytes;
-       
-} POOL_TAG_STATS;
-
-typedef
-struct _SYSTEM_POOL_TAG_ENTRY
-{
-       ULONG           Tag;
-       POOL_TAG_STATS  Paged;
-       POOL_TAG_STATS  NonPaged;
-
-} SYSTEM_POOL_TAG_ENTRY, * PSYSTEM_POOL_TAG_ENTRY;
-
-typedef
-struct _SYSTEM_POOL_TAG_INFO
-{
-       ULONG                   Count;
-       SYSTEM_POOL_TAG_ENTRY   PoolEntry [1];
-
-} SYSTEM_POOL_TAG_INFO, *PSYSTEM_POOL_TAG_INFO;
-
-// SystemProcessorScheduleInfo (23)
-typedef
-struct _SYSTEM_PROCESSOR_SCHEDULE_INFO
-{
-       ULONG nContextSwitches;
-       ULONG nDPCQueued;
-       ULONG nDPCRate;
-       ULONG TimerResolution;
-       ULONG nDPCBypasses;
-       ULONG nAPCBypasses;
-       
-} SYSTEM_PROCESSOR_SCHEDULE_INFO, *PSYSTEM_PROCESSOR_SCHEDULE_INFO;
-
-// SystemDpcInformation (24)
-typedef
-struct _SYSTEM_DPC_INFORMATION
-{
-       ULONG   Unused;
-       ULONG   KiMaximumDpcQueueDepth;
-       ULONG   KiMinimumDpcRate;
-       ULONG   KiAdjustDpcThreshold;
-       ULONG   KiIdealDpcRate;
-
-} SYSTEM_DPC_INFORMATION, *PSYSTEM_DPC_INFORMATION;
-
-// SystemInformation25 (25)
-// UNKNOWN
-
-// SystemLoadImage (26)
-typedef struct _SYSTEM_LOAD_IMAGE
-{
-  UNICODE_STRING ModuleName;
-  PVOID ModuleBase;
-  PVOID SectionPointer;
-  PVOID EntryPoint;
-  PVOID ExportDirectory;
-} SYSTEM_LOAD_IMAGE, *PSYSTEM_LOAD_IMAGE;
-
-// SystemUnloadImage (27)
-typedef struct _SYSTEM_UNLOAD_IMAGE
-{
-  PVOID ModuleBase;
-} SYSTEM_UNLOAD_IMAGE, *PSYSTEM_UNLOAD_IMAGE;
-
-// SystemTimeAdjustmentInformation (28)
-typedef
-struct _SYSTEM_QUERY_TIME_ADJUSTMENT
-{
-       ULONG   TimeAdjustment;
-       ULONG   MaximumIncrement;
-       BOOLEAN TimeSynchronization;
-
-} SYSTEM_QUERY_TIME_ADJUSTMENT, *PSYSTEM_QUERY_TIME_ADJUSTMENT;
-
-typedef
-struct _SYSTEM_SET_TIME_ADJUSTMENT
-{
-       ULONG   TimeAdjustment;
-       BOOLEAN TimeSynchronization;
-       
-} SYSTEM_TIME_ADJUSTMENT_INFO, *PSYSTEM_TIME_ADJUSTMENT_INFO;
-
-// SystemProcessorFaultCountInfo (33)
-typedef
-struct _SYSTEM_PROCESSOR_FAULT_INFO
-{
-       ULONG   nAlignmentFixup;
-       ULONG   nExceptionDispatches;
-       ULONG   nFloatingEmulation;
-       ULONG   Unknown;
-       
-} SYSTEM_PROCESSOR_FAULT_INFO, *PSYSTEM_PROCESSOR_FAULT_INFO;
-
-// SystemCrashDumpStateInfo (34)
-//
-
-// SystemDebuggerInformation (35)
-typedef
-struct _SYSTEM_DEBUGGER_INFO
-{
-       BOOLEAN KdDebuggerEnabled;
-       BOOLEAN KdDebuggerPresent;
-       
-} SYSTEM_DEBUGGER_INFO, *PSYSTEM_DEBUGGER_INFO;
-
-// SystemInformation36 (36)
-// UNKNOWN
-
-// SystemQuotaInformation (37)
-typedef
-struct _SYSTEM_QUOTA_INFORMATION
-{
-       ULONG   CmpGlobalQuota;
-       ULONG   CmpGlobalQuotaUsed;
-       ULONG   MmSizeofPagedPoolInBytes;
-       
-} SYSTEM_QUOTA_INFORMATION, *PSYSTEM_QUOTA_INFORMATION;
-
-// SystemLoadAndCallImage(38)
-typedef struct _SYSTEM_LOAD_AND_CALL_IMAGE
-{
-  UNICODE_STRING ModuleName;
-} SYSTEM_LOAD_AND_CALL_IMAGE, *PSYSTEM_LOAD_AND_CALL_IMAGE;
-
-// SystemTimeZoneInformation (44)
-typedef
-struct _SYSTEM_TIME_ZONE_INFORMATION
-{
-       LONG    Bias;
-       WCHAR   StandardName [32];
-       TIME    StandardDate;
-       LONG    StandardBias;
-       WCHAR   DaylightName [32];
-       TIME    DaylightDate;
-       LONG    DaylightBias;
-
-} SYSTEM_TIME_ZONE_INFORMATION, * PSYSTEM_TIME_ZONE_INFORMATION;
-
-// SystemLookasideInformation (45)
-typedef
-struct _SYSTEM_LOOKASIDE_INFORMATION
-{
-       USHORT          Depth;
-       USHORT          MaximumDepth;
-       ULONG           TotalAllocates;
-       ULONG           AllocatesMisses;
-       ULONG           TotalFrees;
-       ULONG           FreeMisses;
-       POOL_TYPE       Type;
-       ULONG           Tag;
-       ULONG           Size;
-       
-} SYSTEM_LOOKASIDE_INFORMATION, * PSYSTEM_LOOKASIDE_INFORMATION;
-
-// SystemSetTimeSlipEvent (46)
-typedef
-struct _SYSTEM_SET_TIME_SLIP_EVENT
-{
-       HANDLE  TimeSlipEvent; /* IN */
-
-} SYSTEM_SET_TIME_SLIP_EVENT, * PSYSTEM_SET_TIME_SLIP_EVENT;
-
-// SystemCreateSession (47)
-// (available only on TSE/NT5+)
-typedef
-struct _SYSTEM_CREATE_SESSION
-{
-       ULONG   SessionId; /* OUT */
-
-} SYSTEM_CREATE_SESSION, * PSYSTEM_CREATE_SESSION;
-
-// SystemDeleteSession (48)
-// (available only on TSE/NT5+)
-typedef
-struct _SYSTEM_DELETE_SESSION
-{
-       ULONG   SessionId; /* IN */
-
-} SYSTEM_DELETE_SESSION, * PSYSTEM_DELETE_SESSION;
-
-// (49)
-// UNKNOWN
-
-// SystemRangeStartInformation (50)
-typedef
-struct _SYSTEM_RANGE_START_INFORMATION
-{
-       PVOID   SystemRangeStart;
-
-} SYSTEM_RANGE_START_INFORMATION, * PSYSTEM_RANGE_START_INFORMATION;
-
-// SystemVerifierInformation (51)
-// UNKNOWN
-
-// SystemAddVerifier (52)
-// UNKNOWN
-
-// SystemSessionProcessesInformation (53)
-// (available only on TSE/NT5+)
-typedef
-struct _SYSTEM_SESSION_PROCESSES_INFORMATION
-{
-       ULONG   SessionId;
-       ULONG   BufferSize;
-       PVOID   Buffer; /* same format as in SystemProcessInformation */
-
-} SYSTEM_SESSION_PROCESSES_INFORMATION, * PSYSTEM_SESSION_PROCESSES_INFORMATION;
-
-// memory information
-
-typedef enum _MEMORY_INFORMATION_CLASS {
- MemoryBasicInformation,
- MemoryWorkingSetList,
- MemorySectionName //,
- //MemoryBasicVlmInformation //???
-} MEMORY_INFORMATION_CLASS;
-
-typedef struct _MEMORY_BASIC_INFORMATION { // Information Class 0
- PVOID BaseAddress;
- PVOID AllocationBase;
- ULONG AllocationProtect;
- ULONG RegionSize;
- ULONG State;
- ULONG Protect;
- ULONG Type;
-} MEMORY_BASIC_INFORMATION, *PMEMORY_BASIC_INFORMATION;
-
-typedef struct _MEMORY_WORKING_SET_LIST { // Information Class 1
- ULONG NumberOfPages;
- ULONG WorkingSetList[1];
-} MEMORY_WORKING_SET_LIST, *PMEMORY_WORKING_SET_LIST;
-
-// Information Class 2
-#define _MEMORY_SECTION_NAME_STATIC(__bufsize__) \
- { \
- UNICODE_STRING SectionFileName; \
- WCHAR          NameBuffer[(__bufsize__)]; \
-} 
-
-#define MEMORY_SECTION_NAME_STATIC(__bufsize__) \
- struct _MEMORY_SECTION_NAME_STATIC((__bufsize__) 
-
-typedef struct _MEMORY_SECTION_NAME_STATIC(ANYSIZE_ARRAY)
- MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
-
-// shutdown action
-
-typedef enum SHUTDOWN_ACTION_TAG {
-       ShutdownNoReboot,
-       ShutdownReboot,
-       ShutdownPowerOff
-} SHUTDOWN_ACTION;
-
-// wait type
-
-#define WaitAll                                        0
-#define WaitAny                                        1
-
-// number of wait objects
-
-#define THREAD_WAIT_OBJECTS                    3
-//#define MAXIMUM_WAIT_OBJECTS                 64
-
-// key restore flags
-
-#define REG_WHOLE_HIVE_VOLATILE                        1
-#define REG_REFRESH_HIVE                       2
-
-// object type  access rights
-
-#define OBJECT_TYPE_CREATE             0x0001
-#define OBJECT_TYPE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)
-
-// directory access rights
-
-#define DIRECTORY_QUERY                                0x0001
-#define DIRECTORY_TRAVERSE                     0x0002
-#define DIRECTORY_CREATE_OBJECT                        0x0004
-#define DIRECTORY_CREATE_SUBDIRECTORY          0x0008
-
-#define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xF)
-
-// symbolic link access rights
-
-#define SYMBOLIC_LINK_QUERY                    0x0001
-#define SYMBOLIC_LINK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)
-
-// Information class 0
-typedef struct _PROCESS_BASIC_INFORMATION
-{
-       NTSTATUS ExitStatus;
-       PPEB PebBaseAddress;
-       KAFFINITY AffinityMask;
-       KPRIORITY BasePriority;
-       ULONG UniqueProcessId;
-       ULONG InheritedFromUniqueProcessId;
-} PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
-
-// Information class 1
-typedef struct _QUOTA_LIMITS
-{
-       ULONG PagedPoolLimit;
-       ULONG NonPagedPoolLimit;
-       ULONG MinimumWorkingSetSize;
-       ULONG MaximumWorkingSetSize;
-       ULONG PagefileLimit;
-       TIME TimeLimit;
-} QUOTA_LIMITS, *PQUOTA_LIMITS;
-
-// Information class 2
-typedef struct _IO_COUNTERS
-{
-       ULONG ReadOperationCount;
-       ULONG WriteOperationCount;
-       ULONG OtherOperationCount;
-       LARGE_INTEGER ReadTransferCount;
-       LARGE_INTEGER WriteTransferCount;
-       LARGE_INTEGER OtherTransferCount;
-} IO_COUNTERS, *PIO_COUNTERS;
-
-// Information class 3
-typedef struct _VM_COUNTERS_
-{
-       ULONG PeakVirtualSize;
-       ULONG VirtualSize;
-       ULONG PageFaultCount;
-       ULONG PeakWorkingSetSize;
-       ULONG WorkingSetSize;
-       ULONG QuotaPeakPagedPoolUsage;
-       ULONG QuotaPagedPoolUsage;
-       ULONG QuotaPeakNonPagedPoolUsage;
-       ULONG QuotaNonPagedPoolUsage;
-       ULONG PagefileUsage;
-       ULONG PeakPagefileUsage;
-} VM_COUNTERS, *PVM_COUNTERS;
-
-// Information class 4
-typedef struct _KERNEL_USER_TIMES
-{
-       TIME CreateTime;
-       TIME ExitTime;
-       TIME KernelTime;
-       TIME UserTime;
-} KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
-
-// Information class 9
-typedef struct _PROCESS_ACCESS_TOKEN
-{
-       HANDLE Token;
-       HANDLE Thread;
-} PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
-
-// Information class 14 
-typedef struct _POOLED_USAGE_AND_LIMITS_
-{
-       ULONG PeakPagedPoolUsage;
-       ULONG PagedPoolUsage;
-       ULONG PagedPoolLimit;
-       ULONG PeakNonPagedPoolUsage;
-       ULONG NonPagedPoolUsage;
-       ULONG NonPagedPoolLimit;
-       ULONG PeakPagefileUsage;
-       ULONG PagefileUsage;
-       ULONG PagefileLimit;
-} POOLED_USAGE_AND_LIMITS, *PPOOLED_USAGE_AND_LIMITS;
-
-// Information class 15
-typedef struct _PROCESS_WS_WATCH_INFORMATION
-{
-       PVOID FaultingPc;
-       PVOID FaultingVa;
-} PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;
-
-// Information class 18
-typedef struct _PROCESS_PRIORITY_CLASS
-{
-       BOOLEAN Foreground;
-       UCHAR   PriorityClass;
-} PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
-
-// Information class 23
-typedef struct _PROCESS_DEVICEMAP_INFORMATION
-{
-       union {
-               struct {
-                       HANDLE DirectoryHandle;
-               } Set;
-               struct {
-                       ULONG DriveMap;
-                       UCHAR DriveType[32];
-               } Query;
-       };
-} PROCESS_DEVICEMAP_INFORMATION, *pPROCESS_DEVICEMAP_INFORMATION;
-
-// Information class 24
-typedef struct _PROCESS_SESSION_INFORMATION
-{
-       ULONG SessionId;
-} PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
-
-// thread information
-
-// incompatible with MS NT
-
-typedef struct _THREAD_BASIC_INFORMATION
-{
-  NTSTATUS  ExitStatus;
-  PVOID     TebBaseAddress;    // PNT_TIB (GN)
-  CLIENT_ID ClientId;
-  KAFFINITY AffinityMask;
-  KPRIORITY Priority;
-  KPRIORITY BasePriority;
-} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
-
-// object information
-
-typedef struct _OBJECT_NAME_INFORMATION
-{
-       UNICODE_STRING  Name;
-} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
-
-
-
-typedef struct _OBJECT_DATA_INFORMATION
-{
-       BOOLEAN bInheritHandle;
-       BOOLEAN bProtectFromClose;
-} OBJECT_DATA_INFORMATION, *POBJECT_DATA_INFORMATION;
-
-
-typedef struct _OBJECT_TYPE_INFORMATION
-{
-       UNICODE_STRING  Name;
-       UNICODE_STRING Type;
-       ULONG TotalHandles;
-       ULONG ReferenceCount;
-} OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
-
-// file information
-
-typedef struct _FILE_BASIC_INFORMATION
-{
-       TIME CreationTime;
-       TIME LastAccessTime;
-       TIME LastWriteTime;
-       TIME ChangeTime;
-       ULONG FileAttributes;
-} FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION;
-
-typedef struct _FILE_STANDARD_INFORMATION
-{
-       LARGE_INTEGER AllocationSize;
-       LARGE_INTEGER EndOfFile;
-       ULONG NumberOfLinks;
-       BOOLEAN DeletePending;
-       BOOLEAN Directory;
-} FILE_STANDARD_INFORMATION, *PFILE_STANDARD_INFORMATION;
-
-typedef struct _FILE_POSITION_INFORMATION
-{
-       LARGE_INTEGER CurrentByteOffset;
-} FILE_POSITION_INFORMATION, *PFILE_POSITION_INFORMATION;
-
-typedef struct _FILE_ALIGNMENT_INFORMATION
-{
-       ULONG AlignmentRequirement;
-} FILE_ALIGNMENT_INFORMATION, *PFILE_ALIGNMENT_INFORMATION;
-
-typedef struct _FILE_DISPOSITION_INFORMATION
-{
-       BOOLEAN DoDeleteFile;
-} FILE_DISPOSITION_INFORMATION, *PFILE_DISPOSITION_INFORMATION;
-
-typedef struct _FILE_END_OF_FILE_INFORMATION
-{
-       LARGE_INTEGER EndOfFile;
-} FILE_END_OF_FILE_INFORMATION, *PFILE_END_OF_FILE_INFORMATION;
-
-typedef struct _FILE_NETWORK_OPEN_INFORMATION
-{
-       TIME CreationTime;
-       TIME LastAccessTime;
-       TIME LastWriteTime;
-       TIME ChangeTime;
-       LARGE_INTEGER AllocationSize;
-       LARGE_INTEGER EndOfFile;
-       ULONG FileAttributes;
-} FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION;
-
-typedef struct _FILE_FULL_EA_INFORMATION
-{
-       ULONG NextEntryOffset;
-       UCHAR Flags;
-       UCHAR EaNameLength;
-       USHORT EaValueLength;
-       CHAR  EaName[0];
-} FILE_FULL_EA_INFORMATION, *PFILE_FULL_EA_INFORMATION;
-
-
-typedef struct _FILE_EA_INFORMATION {
-       ULONG EaSize;
-} FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
-
-
-typedef struct _FILE_GET_EA_INFORMATION {
-       ULONG NextEntryOffset;
-       UCHAR EaNameLength;
-       CHAR EaName[0];
-} FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
-
-typedef struct _FILE_STREAM_INFORMATION {
-       ULONG NextEntryOffset;
-       ULONG StreamNameLength;
-       LARGE_INTEGER StreamSize;
-       LARGE_INTEGER StreamAllocationSize;
-       WCHAR StreamName[0];
-} FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
-
-typedef struct _FILE_ALLOCATION_INFORMATION {
-       LARGE_INTEGER AllocationSize;
-} FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
-
-typedef struct _FILE_NAME_INFORMATION {
-       ULONG FileNameLength;
-       WCHAR FileName[0];
-} FILE_NAME_INFORMATION, *PFILE_NAME_INFORMATION;
-
-typedef struct _FILE_NAMES_INFORMATION 
-{
-       ULONG NextEntryOffset;
-       ULONG FileIndex;
-       ULONG FileNameLength;
-       WCHAR FileName[0];
-} FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
-
-
-typedef struct _FILE_RENAME_INFORMATION {
-       BOOLEAN Replace;
-       HANDLE RootDir;
-       ULONG FileNameLength;
-       WCHAR FileName[0];
-} FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
-
-
-typedef struct _FILE_INTERNAL_INFORMATION {
-       LARGE_INTEGER IndexNumber;
-} FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
-
-typedef struct _FILE_ACCESS_INFORMATION {
-       ACCESS_MASK AccessFlags;
-} FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
-
-
-typedef struct _FILE_MODE_INFORMATION {
-       ULONG Mode;
-} FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
-
-
-typedef struct _FILE_PIPE_INFORMATION {
-       ULONG ReadMode;
-       ULONG CompletionMode;
-} FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
-
-typedef struct _FILE_PIPE_LOCAL_INFORMATION {
-       ULONG NamedPipeType;
-       ULONG NamedPipeConfiguration;
-       ULONG MaximumInstances;
-       ULONG CurrentInstances;
-       ULONG InboundQuota;
-       ULONG ReadDataAvailable;
-       ULONG OutboundQuota;
-       ULONG WriteQuotaAvailable;
-       ULONG NamedPipeState;
-       ULONG NamedPipeEnd;
-} FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
-
-typedef struct _FILE_PIPE_REMOTE_INFORMATION {
-       LARGE_INTEGER CollectDataTime;
-       ULONG MaximumCollectionCount;
-} FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
-
-typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
-       ULONG MaxMessageSize;
-       ULONG Unknown; /* ?? */
-       ULONG NextSize;
-       ULONG MessageCount;
-       LARGE_INTEGER Timeout;
-} FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
-
-typedef struct _FILE_MAILSLOT_SET_INFORMATION {
-       LARGE_INTEGER Timeout;
-} FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
-
-typedef struct _FILE_COMPRESSION_INFORMATION {
-       LARGE_INTEGER CompressedFileSize;
-       USHORT CompressionFormat;
-       UCHAR CompressionUnitShift;
-       UCHAR ChunkShift;
-       UCHAR ClusterShift;
-       UCHAR Reserved[3];
-} FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
-
-typedef struct _FILE_ALL_INFORMATION {
-       FILE_BASIC_INFORMATION BasicInformation;
-       FILE_STANDARD_INFORMATION StandardInformation;
-       FILE_INTERNAL_INFORMATION InternalInformation;
-       FILE_EA_INFORMATION EaInformation;
-       FILE_ACCESS_INFORMATION AccessInformation;
-       FILE_POSITION_INFORMATION PositionInformation;
-       FILE_MODE_INFORMATION ModeInformation;
-       FILE_ALIGNMENT_INFORMATION AlignmentInformation;
-       FILE_NAME_INFORMATION NameInformation;
-} FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
-
-
-// file system information structures
-
-typedef struct _FILE_FS_DEVICE_INFORMATION {
-       DEVICE_TYPE DeviceType;
-       ULONG Characteristics;
-} FILE_FS_DEVICE_INFORMATION,  *PFILE_FS_DEVICE_INFORMATION;
-
-
-typedef struct _FILE_FS_VOLUME_INFORMATION {
-       TIME VolumeCreationTime;
-       ULONG VolumeSerialNumber;
-       ULONG VolumeLabelLength;
-       BOOLEAN SupportsObjects;
-       WCHAR VolumeLabel[0];
-} FILE_FS_VOLUME_INFORMATION, *PFILE_FS_VOLUME_INFORMATION;
-
-typedef struct _FILE_FS_SIZE_INFORMATION {
-       LARGE_INTEGER TotalAllocationUnits;
-       LARGE_INTEGER AvailableAllocationUnits;
-       ULONG SectorsPerAllocationUnit;
-       ULONG BytesPerSector;
-} FILE_FS_SIZE_INFORMATION, *PFILE_FS_SIZE_INFORMATION;
-
-typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
-       ULONG FileSystemAttributes;
-       LONG MaximumComponentNameLength;
-       ULONG FileSystemNameLength;
-       WCHAR FileSystemName[0];
-} FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
-
-/*
-       FileSystemAttributes is one of the following values:
-
-       FILE_CASE_SENSITIVE_SEARCH      0x00000001
-        FILE_CASE_PRESERVED_NAMES       0x00000002
-        FILE_UNICODE_ON_DISK            0x00000004
-        FILE_PERSISTENT_ACLS            0x00000008
-        FILE_FILE_COMPRESSION           0x00000010
-        FILE_VOLUME_QUOTAS              0x00000020
-        FILE_VOLUME_IS_COMPRESSED       0x00008000
-*/
-typedef struct _FILE_FS_LABEL_INFORMATION {
-       ULONG VolumeLabelLength;
-       WCHAR VolumeLabel[0];
-} FILE_FS_LABEL_INFORMATION, *PFILE_FS_LABEL_INFORMATION;
-
-// read file scatter / write file scatter
-//FIXME I am a win32 struct aswell
-
-typedef union _FILE_SEGMENT_ELEMENT {
-       PVOID Buffer;
-       ULONG Alignment;
-}FILE_SEGMENT_ELEMENT, *PFILE_SEGMENT_ELEMENT;
-
-// directory information
-
-typedef struct _OBJDIR_INFORMATION {
-       UNICODE_STRING ObjectName;
-       UNICODE_STRING ObjectTypeName; // Directory, Device ...
-       UCHAR          Data[0];
-} OBJDIR_INFORMATION, *POBJDIR_INFORMATION;
-
-
-typedef struct _FILE_DIRECTORY_INFORMATION {
-       ULONG   NextEntryOffset;
-       ULONG   FileIndex;
-       TIME CreationTime;
-       TIME LastAccessTime;
-       TIME LastWriteTime;
-       TIME ChangeTime;
-       LARGE_INTEGER EndOfFile;
-       LARGE_INTEGER AllocationSize;
-       ULONG FileAttributes;
-       ULONG FileNameLength;
-       WCHAR FileName[0];
-} FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
-
-typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
-       ULONG   NextEntryOffset;
-       ULONG   FileIndex;
-       TIME CreationTime;
-       TIME LastAccessTime;
-       TIME LastWriteTime;
-       TIME ChangeTime;
-       LARGE_INTEGER EndOfFile;
-       LARGE_INTEGER AllocationSize;
-       ULONG FileAttributes;
-       ULONG FileNameLength;
-       ULONG EaSize;
-       WCHAR FileName[0]; // variable size
-} FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION,
-  FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
-
-
-typedef struct _FILE_BOTH_DIRECTORY_INFORMATION {
-       ULONG           NextEntryOffset;
-       ULONG           FileIndex;
-       TIME            CreationTime;
-       TIME            LastAccessTime;
-       TIME            LastWriteTime;
-       TIME            ChangeTime;
-       LARGE_INTEGER   EndOfFile;
-       LARGE_INTEGER   AllocationSize;
-       ULONG           FileAttributes;
-       ULONG           FileNameLength;
-       ULONG           EaSize;
-       CHAR            ShortNameLength;
-       WCHAR           ShortName[12]; // 8.3 name
-       WCHAR           FileName[0];
-} FILE_BOTH_DIRECTORY_INFORMATION, *PFILE_BOTH_DIRECTORY_INFORMATION,
-  FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
-
-
-/*
-       NotifyFilter / CompletionFilter:
-
-       FILE_NOTIFY_CHANGE_FILE_NAME        0x00000001
-       FILE_NOTIFY_CHANGE_DIR_NAME         0x00000002
-       FILE_NOTIFY_CHANGE_NAME             0x00000003
-       FILE_NOTIFY_CHANGE_ATTRIBUTES       0x00000004
-       FILE_NOTIFY_CHANGE_SIZE             0x00000008
-       FILE_NOTIFY_CHANGE_LAST_WRITE       0x00000010
-       FILE_NOTIFY_CHANGE_LAST_ACCESS      0x00000020
-       FILE_NOTIFY_CHANGE_CREATION         0x00000040
-       FILE_NOTIFY_CHANGE_EA               0x00000080
-       FILE_NOTIFY_CHANGE_SECURITY         0x00000100
-       FILE_NOTIFY_CHANGE_STREAM_NAME      0x00000200
-       FILE_NOTIFY_CHANGE_STREAM_SIZE      0x00000400
-       FILE_NOTIFY_CHANGE_STREAM_WRITE     0x00000800
-*/
-
-typedef struct _FILE_NOTIFY_INFORMATION {
-       ULONG Action;
-       ULONG FileNameLength;
-       WCHAR FileName[0]; 
-} FILE_NOTIFY_INFORMATION;
-
-
-/*
-        Action is one of the following values:
-
-       FILE_ACTION_ADDED               0x00000001
-       FILE_ACTION_REMOVED             0x00000002
-       FILE_ACTION_MODIFIED            0x00000003
-       FILE_ACTION_RENAMED_OLD_NAME    0x00000004
-       FILE_ACTION_RENAMED_NEW_NAME    0x00000005
-       FILE_ACTION_ADDED_STREAM        0x00000006
-       FILE_ACTION_REMOVED_STREAM      0x00000007
-       FILE_ACTION_MODIFIED_STREAM     0x00000008
-
-*/
-
-
-// File System Control commands ( related to defragging )
-
-#define        FSCTL_READ_MFT_RECORD                   0x90068 // NTFS only
-#define FSCTL_GET_VOLUME_BITMAP                        0x9006F
-#define FSCTL_GET_RETRIEVAL_POINTERS           0x90073
-#define FSCTL_MOVE_FILE                                0x90074
-
-typedef struct _MAPPING_PAIR
-{
-       ULONGLONG       Vcn;
-       ULONGLONG       Lcn;
-} MAPPING_PAIR, *PMAPPING_PAIR;
-
-typedef struct _GET_RETRIEVAL_DESCRIPTOR
-{
-       ULONG           NumberOfPairs;
-       ULONGLONG       StartVcn;
-       MAPPING_PAIR    Pair[0]; // variable size 
-} GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
-
-typedef struct _BITMAP_DESCRIPTOR
-{
-       ULONGLONG       StartLcn;
-       ULONGLONG       ClustersToEndOfVol;
-       BYTE            Map[0]; // variable size
-} BITMAP_DESCRIPTOR, *PBITMAP_DESCRIPTOR;
-
-typedef struct _MOVEFILE_DESCRIPTOR
-{
-       HANDLE            FileHandle;
-       ULONG             Reserved;
-       LARGE_INTEGER     StartVcn;
-       LARGE_INTEGER     TargetLcn;
-       ULONG             NumVcns;
-       ULONG             Reserved1;
-} MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
-
-
-
-//typedef enum _TIMER_TYPE 
-//{
-//     NotificationTimer,
-//     SynchronizationTimer
-//} TIMER_TYPE;
-
-typedef struct _TIMER_BASIC_INFORMATION
-{
-  LARGE_INTEGER TimeRemaining;
-  BOOLEAN SignalState;
-} TIMER_BASIC_INFORMATION, *PTIMER_BASIC_INFORMATION;
-
-typedef enum _TIMER_INFORMATION_CLASS
-{
-  TimerBasicInformation
-} TIMER_INFORMATION_CLASS;
-
-typedef
-struct _LPC_PORT_BASIC_INFORMATION
-{
-       DWORD   Unknown0;
-       DWORD   Unknown1;
-       DWORD   Unknown2;
-       DWORD   Unknown3;
-       DWORD   Unknown4;
-       DWORD   Unknown5;
-       DWORD   Unknown6;
-       DWORD   Unknown7;
-       DWORD   Unknown8;
-       DWORD   Unknown9;
-       DWORD   Unknown10;
-       DWORD   Unknown11;
-       DWORD   Unknown12;
-       DWORD   Unknown13;
-
-} LPC_PORT_BASIC_INFORMATION, * PLPC_PORT_BASIC_INFORMATION;
-
-typedef struct _SECTION_BASIC_INFORMATION
-{
-  PVOID BaseAddress;
-  ULONG Attributes;
-  LARGE_INTEGER Size;
-} SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
-
-typedef struct _SECTION_IMAGE_INFORMATION
-{
-  PVOID EntryPoint;
-  ULONG Unknown1;
-  ULONG StackReserve;
-  ULONG StackCommit;
-  ULONG Subsystem;
-  USHORT MinorSubsystemVersion;
-  USHORT MajorSubsystemVersion;
-  ULONG Unknown2;
-  ULONG Characteristics;
-  USHORT ImageNumber;
-  BOOLEAN Executable;
-  UCHAR Unknown3;
-  ULONG Unknown4[3];
-} SECTION_IMAGE_INFORMATION, *PSECTION_IMAGE_INFORMATION;
-
-typedef enum _SECTION_INFORMATION_CLASS 
-{
-  SectionBasicInformation,
-  SectionImageInformation,
-} SECTION_INFORMATION_CLASS;
-
-#endif
index 75d8798..38c9223 100644 (file)
 #define CHECKED
 #endif
 
+#ifndef assert
 #ifndef NASSERT
 #define assert(x) if (!(x)) {RtlAssert("#x",__FILE__,__LINE__, ""); }
 #else
 #define assert(x)
 #endif
+#endif
 
 #define DPRINT1(args...) do { DbgPrint("(%s:%d) ",__FILE__,__LINE__); DbgPrint(args); } while(0);
 #define CHECKPOINT1 do { DbgPrint("%s:%d\n",__FILE__,__LINE__); } while(0);
index 4f76358..a4fe9ac 100644 (file)
@@ -4718,6 +4718,18 @@ DECLARE_HANDLE(HANDLE);
 #endif
 
 
+#ifndef __USE_W32API\r
+
+typedef enum _SC_STATUS_TYPE {
+  SC_STATUS_PROCESS_INFO = 0
+} SC_STATUS_TYPE;
+
+typedef enum _SC_ENUM_TYPE {
+  SC_ENUM_PROCESS_INFO = 0
+} SC_ENUM_TYPE;
+
+#endif /* !__USE_W32API */\r
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
index 1d0902f..0e4aa97 100644 (file)
@@ -865,7 +865,6 @@ int STDCALL AbortDoc(HDC);
 WINBOOL STDCALL AbortPath(HDC);
 WINBOOL STDCALL AbortPrinter(HANDLE);
 WINBOOL CALLBACK AbortProc(HDC, int);
-WINBOOL STDCALL AbortSystemShutdown(LPTSTR);
 WINBOOL STDCALL AccessCheck(
                    PSECURITY_DESCRIPTOR  pSecurityDescriptor,
                    HANDLE  ClientToken,
index a99c919..f136bf5 100644 (file)
@@ -1,10 +1,16 @@
 #ifndef __INCLUDE_NAPI_LPC_H
 #define __INCLUDE_NAPI_LPC_H
 
+#ifdef __USE_W32API
+#include <ddk/ntapi.h>
+#endif /* !__USE_W32API */
+
 #include <ntos/security.h>
 
 #define MAX_MESSAGE_DATA   (0x130)
 
+#ifndef __USE_W32API
+
 typedef enum 
 {
     UNUSED_MSG_TYPE        = 0x0, /* ReactOS */
@@ -52,6 +58,8 @@ typedef struct _LPC_MESSAGE_HEADER
    ULONG SharedSectionSize;
 } LPC_MESSAGE, *PLPC_MESSAGE;
 
+#endif /* !__USE_W32API */
+
 typedef struct _LPC_TERMINATION_MESSAGE
 {
    LPC_MESSAGE Header;
index 2387273..a44b154 100644 (file)
@@ -15,9 +15,9 @@ typedef struct _KUSER_SHARED_DATA
 {
    volatile ULONG TickCountLow;
    ULONG TickCountMultiplier;
-   volatile KSYSTEM_TIME InterruptTime;
-   volatile KSYSTEM_TIME SystemTime;
-   volatile KSYSTEM_TIME TimeZoneBias;
+   volatile ULARGE_INTEGER InterruptTime;
+   volatile ULARGE_INTEGER SystemTime;
+   volatile ULARGE_INTEGER TimeZoneBias;
    USHORT ImageNumberLow;
    USHORT ImageNumberHigh;
    WCHAR NtSystemRoot[260];
@@ -61,7 +61,9 @@ typedef struct _KUSER_SHARED_DATA
 #define KI_USER_SHARED_DATA    (0xFFDF0000)
 #define SharedUserData         ((KUSER_SHARED_DATA * const)KI_USER_SHARED_DATA)
 #else
+#ifndef __USE_W32API
 #define SharedUserData         ((KUSER_SHARED_DATA * const)USER_SHARED_DATA)
+#endif /* !__USE_W32API */
 #endif
 
 
index 05962c2..ec94959 100644 (file)
-/* TEB/PEB parameters */\r
-#ifndef __INCLUDE_INTERNAL_TEB\r
-#define __INCLUDE_INTERNAL_TEB\r
-\r
-#include <napi/types.h>\r
-\r
-typedef struct _CLIENT_ID\r
-{\r
-   HANDLE UniqueProcess;\r
-   HANDLE UniqueThread;\r
-} CLIENT_ID, *PCLIENT_ID;\r
-\r
-typedef struct _CURDIR\r
-{\r
-   UNICODE_STRING DosPath;\r
-   PVOID Handle;\r
-} CURDIR, *PCURDIR;\r
-\r
-typedef struct RTL_DRIVE_LETTER_CURDIR\r
-{\r
-   USHORT Flags;\r
-   USHORT Length;\r
-   ULONG TimeStamp;\r
-   UNICODE_STRING DosPath;\r
-} RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;\r
-\r
-typedef struct _PEB_FREE_BLOCK\r
-{\r
-   struct _PEB_FREE_BLOCK* Next;\r
-   ULONG Size;\r
-} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;\r
-\r
-/* RTL_USER_PROCESS_PARAMETERS.Flags */\r
-#define PPF_NORMALIZED (1)\r
-\r
-typedef struct _RTL_USER_PROCESS_PARAMETERS {\r
-       ULONG  AllocationSize;\r
-       ULONG  Size;\r
-       ULONG  Flags;\r
-       ULONG  DebugFlags;\r
-       HANDLE  hConsole;\r
-       ULONG  ProcessGroup;\r
-       HANDLE  hStdInput;\r
-       HANDLE  hStdOutput;\r
-       HANDLE  hStdError;\r
-       UNICODE_STRING  CurrentDirectoryName;\r
-       HANDLE  CurrentDirectoryHandle;\r
-       UNICODE_STRING  DllPath;\r
-       UNICODE_STRING  ImagePathName;\r
-       UNICODE_STRING  CommandLine;\r
-       PWSTR  Environment;\r
-       ULONG  dwX;\r
-       ULONG  dwY;\r
-       ULONG  dwXSize;\r
-       ULONG  dwYSize;\r
-       ULONG  dwXCountChars;\r
-       ULONG  dwYCountChars;\r
-       ULONG  dwFillAttribute;\r
-       ULONG  dwFlags;\r
-       ULONG  wShowWindow;\r
-       UNICODE_STRING  WindowTitle;\r
-       UNICODE_STRING  DesktopInfo;\r
-       UNICODE_STRING  ShellInfo;\r
-       UNICODE_STRING  RuntimeInfo;\r
-} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;\r
-\r
-#define PEB_BASE        (0x7FFDF000)\r
-\r
-typedef struct _PEB_LDR_DATA\r
-{\r
-   ULONG Length;\r
-   BOOLEAN Initialized;\r
-   PVOID SsHandle;\r
-   LIST_ENTRY InLoadOrderModuleList;\r
-   LIST_ENTRY InMemoryOrderModuleList;\r
-   LIST_ENTRY InInitializationOrderModuleList;\r
-} PEB_LDR_DATA, *PPEB_LDR_DATA;\r
-\r
-typedef VOID STDCALL (*PPEBLOCKROUTINE)(PVOID);\r
-\r
-typedef struct _PEB\r
-{\r
-   UCHAR InheritedAddressSpace;                     // 00h\r
-   UCHAR ReadImageFileExecOptions;                  // 01h\r
-   UCHAR BeingDebugged;                             // 02h\r
-   UCHAR Spare;                                     // 03h\r
-   PVOID Mutant;                                    // 04h\r
-   PVOID ImageBaseAddress;                          // 08h\r
-   PPEB_LDR_DATA Ldr;                               // 0Ch\r
-   PRTL_USER_PROCESS_PARAMETERS ProcessParameters;  // 10h\r
-   PVOID SubSystemData;                             // 14h\r
-   PVOID ProcessHeap;                               // 18h\r
-   PVOID FastPebLock;                               // 1Ch\r
-   PPEBLOCKROUTINE FastPebLockRoutine;              // 20h\r
-   PPEBLOCKROUTINE FastPebUnlockRoutine;            // 24h\r
-   ULONG EnvironmentUpdateCount;                    // 28h\r
-   PVOID* KernelCallbackTable;                      // 2Ch\r
-   PVOID EventLogSection;                           // 30h\r
-   PVOID EventLog;                                  // 34h\r
-   PPEB_FREE_BLOCK FreeList;                        // 38h\r
-   ULONG TlsExpansionCounter;                       // 3Ch\r
-   PVOID TlsBitmap;                                 // 40h\r
-   ULONG TlsBitmapBits[0x2];                        // 44h\r
-   PVOID ReadOnlySharedMemoryBase;                  // 4Ch\r
-   PVOID ReadOnlySharedMemoryHeap;                  // 50h\r
-   PVOID* ReadOnlyStaticServerData;                 // 54h\r
-   PVOID AnsiCodePageData;                          // 58h\r
-   PVOID OemCodePageData;                           // 5Ch\r
-   PVOID UnicodeCaseTableData;                      // 60h\r
-   ULONG NumberOfProcessors;                        // 64h\r
-   ULONG NtGlobalFlag;                              // 68h\r
-   UCHAR Spare2[0x4];                               // 6Ch\r
-   LARGE_INTEGER CriticalSectionTimeout;            // 70h\r
-   ULONG HeapSegmentReserve;                        // 78h\r
-   ULONG HeapSegmentCommit;                         // 7Ch\r
-   ULONG HeapDeCommitTotalFreeThreshold;            // 80h\r
-   ULONG HeapDeCommitFreeBlockThreshold;            // 84h\r
-   ULONG NumberOfHeaps;                             // 88h\r
-   ULONG MaximumNumberOfHeaps;                      // 8Ch\r
-   PVOID** ProcessHeaps;                            // 90h\r
-   PVOID GdiSharedHandleTable;                      // 94h\r
-   PVOID ProcessStarterHelper;                      // 98h\r
-   PVOID GdiDCAttributeList;                        // 9Ch\r
-   PVOID LoaderLock;                                // A0h\r
-   ULONG OSMajorVersion;                            // A4h\r
-   ULONG OSMinorVersion;                            // A8h\r
-   ULONG OSBuildNumber;                             // ACh\r
-   ULONG OSPlatformId;                              // B0h\r
-   ULONG ImageSubSystem;                            // B4h\r
-   ULONG ImageSubSystemMajorVersion;                // B8h\r
-   ULONG ImageSubSystemMinorVersion;                // C0h\r
-   ULONG GdiHandleBuffer[0x22];                     // C4h\r
-} PEB, *PPEB;\r
-\r
-\r
-typedef struct _NT_TIB {\r
-    struct _EXCEPTION_REGISTRATION_RECORD* ExceptionList;  // 00h\r
-    PVOID StackBase;                                       // 04h\r
-    PVOID StackLimit;                                      // 08h\r
-    PVOID SubSystemTib;                                    // 0Ch\r
-    union {\r
-        PVOID FiberData;                                   // 10h\r
-        ULONG Version;                                     // 10h\r
-    } Fib;\r
-    PVOID ArbitraryUserPointer;                            // 14h\r
-    struct _NT_TIB *Self;                                  // 18h\r
-} NT_TIB, *PNT_TIB;\r
-\r
-typedef struct _GDI_TEB_BATCH\r
-{\r
-   ULONG Offset;\r
-   ULONG HDC;\r
-   ULONG Buffer[0x136];\r
-} GDI_TEB_BATCH, *PGDI_TEB_BATCH;\r
-\r
-typedef struct _TEB\r
-{\r
-   NT_TIB Tib;                         // 00h\r
-   PVOID EnvironmentPointer;           // 1Ch\r
-   CLIENT_ID Cid;                      // 20h\r
-   PVOID ActiveRpcInfo;                // 28h\r
-   PVOID ThreadLocalStoragePointer;    // 2Ch\r
-   PPEB Peb;                           // 30h\r
-   ULONG LastErrorValue;               // 34h\r
-   ULONG CountOfOwnedCriticalSections; // 38h\r
-   PVOID CsrClientThread;              // 3Ch\r
-   struct _W32THREAD* Win32ThreadInfo;         // 40h\r
-   ULONG Win32ClientInfo[0x1F];        // 44h\r
-   PVOID WOW32Reserved;                // C0h\r
-   ULONG CurrentLocale;                // C4h\r
-   ULONG FpSoftwareStatusRegister;     // C8h\r
-   PVOID SystemReserved1[0x36];        // CCh\r
-   PVOID Spare1;                       // 1A4h\r
-   LONG ExceptionCode;                 // 1A8h\r
-   ULONG SpareBytes1[0x28];            // 1ACh\r
-   PVOID SystemReserved2[0xA];         // 1D4h\r
-//   GDI_TEB_BATCH GdiTebBatch;          // 1FCh\r
-   ULONG gdiRgn;                       // 6DCh\r
-   ULONG gdiPen;                       // 6E0h\r
-   ULONG gdiBrush;                     // 6E4h\r
-   CLIENT_ID RealClientId;             // 6E8h\r
-   PVOID GdiCachedProcessHandle;       // 6F0h\r
-   ULONG GdiClientPID;                 // 6F4h\r
-   ULONG GdiClientTID;                 // 6F8h\r
-   PVOID GdiThreadLocaleInfo;          // 6FCh\r
-   PVOID UserReserved[5];              // 700h\r
-   PVOID glDispatchTable[0x118];       // 714h\r
-   ULONG glReserved1[0x1A];            // B74h\r
-   PVOID glReserved2;                  // BDCh\r
-   PVOID glSectionInfo;                // BE0h\r
-   PVOID glSection;                    // BE4h\r
-   PVOID glTable;                      // BE8h\r
-   PVOID glCurrentRC;                  // BECh\r
-   PVOID glContext;                    // BF0h\r
-   NTSTATUS LastStatusValue;           // BF4h\r
-   UNICODE_STRING StaticUnicodeString; // BF8h\r
-   WCHAR StaticUnicodeBuffer[0x105];   // C00h\r
-   PVOID DeallocationStack;            // E0Ch\r
-   PVOID TlsSlots[0x40];               // E10h\r
-   LIST_ENTRY TlsLinks;                // F10h\r
-   PVOID Vdm;                          // F18h\r
-   PVOID ReservedForNtRpc;             // F1Ch\r
-   PVOID DbgSsReserved[0x2];           // F20h\r
-   ULONG HardErrorDisabled;            // F28h\r
-   PVOID Instrumentation[0x10];        // F2Ch\r
-   PVOID WinSockData;                  // F6Ch\r
-   ULONG GdiBatchCount;                // F70h\r
-   ULONG Spare2;                       // F74h\r
-   ULONG Spare3;                       // F78h\r
-   ULONG Spare4;                       // F7Ch\r
-   PVOID ReservedForOle;               // F80h\r
-   ULONG WaitingOnLoaderLock;          // F84h\r
-   PVOID WineDebugInfo;                // Needed for WINE DLL's\r
-} TEB, *PTEB;\r
-\r
-\r
-#define NtCurrentPeb() (NtCurrentTeb()->Peb)\r
-\r
-static inline PTEB NtCurrentTeb(VOID)\r
-{\r
-   int x;\r
-   \r
-   __asm__ __volatile__("movl %%fs:0x18, %0\n\t"\r
-                       : "=r" (x) /* can't have two memory operands */\r
-                       : /* no inputs */\r
-                       );\r
-   \r
-   return((PTEB)x);\r
-}\r
-\r
-\r
-\r
-#endif /* __INCLUDE_INTERNAL_TEB */\r
+/* TEB/PEB parameters */
+#ifndef __INCLUDE_INTERNAL_TEB
+#define __INCLUDE_INTERNAL_TEB
+
+#include <napi/types.h>
+
+#ifdef __USE_W32API
+#include <ddk/ntapi.h>
+#endif /* !__USE_W32API */
+
+#ifndef __USE_W32API
+
+typedef struct _CLIENT_ID
+{
+   HANDLE UniqueProcess;
+   HANDLE UniqueThread;
+} CLIENT_ID, *PCLIENT_ID;
+
+typedef struct _RTL_USER_PROCESS_PARAMETERS {
+       ULONG  AllocationSize;
+       ULONG  Size;
+       ULONG  Flags;
+       ULONG  DebugFlags;
+       HANDLE  hConsole;
+       ULONG  ProcessGroup;
+       HANDLE  hStdInput;
+       HANDLE  hStdOutput;
+       HANDLE  hStdError;
+       UNICODE_STRING  CurrentDirectoryName;
+       HANDLE  CurrentDirectoryHandle;
+       UNICODE_STRING  DllPath;
+       UNICODE_STRING  ImagePathName;
+       UNICODE_STRING  CommandLine;
+       PWSTR  Environment;
+       ULONG  dwX;
+       ULONG  dwY;
+       ULONG  dwXSize;
+       ULONG  dwYSize;
+       ULONG  dwXCountChars;
+       ULONG  dwYCountChars;
+       ULONG  dwFillAttribute;
+       ULONG  dwFlags;
+       ULONG  wShowWindow;
+       UNICODE_STRING  WindowTitle;
+       UNICODE_STRING  DesktopInfo;
+       UNICODE_STRING  ShellInfo;
+       UNICODE_STRING  RuntimeInfo;
+} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
+
+typedef struct _NT_TIB {
+    struct _EXCEPTION_REGISTRATION_RECORD* ExceptionList;  // 00h
+    PVOID StackBase;                                       // 04h
+    PVOID StackLimit;                                      // 08h
+    PVOID SubSystemTib;                                    // 0Ch
+    union {
+        PVOID FiberData;                                   // 10h
+        ULONG Version;                                     // 10h
+    } Fib;
+    PVOID ArbitraryUserPointer;                            // 14h
+    struct _NT_TIB *Self;                                  // 18h
+} NT_TIB, *PNT_TIB;
+
+#endif /* !__USE_W32API */
+
+typedef struct _CURDIR
+{
+   UNICODE_STRING DosPath;
+   PVOID Handle;
+} CURDIR, *PCURDIR;
+
+typedef struct RTL_DRIVE_LETTER_CURDIR
+{
+   USHORT Flags;
+   USHORT Length;
+   ULONG TimeStamp;
+   UNICODE_STRING DosPath;
+} RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;
+
+typedef struct _PEB_FREE_BLOCK
+{
+   struct _PEB_FREE_BLOCK* Next;
+   ULONG Size;
+} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
+
+/* RTL_USER_PROCESS_PARAMETERS.Flags */
+#define PPF_NORMALIZED (1)
+
+#define PEB_BASE        (0x7FFDF000)
+
+typedef struct _PEB_LDR_DATA
+{
+   ULONG Length;
+   BOOLEAN Initialized;
+   PVOID SsHandle;
+   LIST_ENTRY InLoadOrderModuleList;
+   LIST_ENTRY InMemoryOrderModuleList;
+   LIST_ENTRY InInitializationOrderModuleList;
+} PEB_LDR_DATA, *PPEB_LDR_DATA;
+
+typedef VOID STDCALL (*PPEBLOCKROUTINE)(PVOID);
+
+typedef struct _PEB
+{
+   UCHAR InheritedAddressSpace;                     // 00h
+   UCHAR ReadImageFileExecOptions;                  // 01h
+   UCHAR BeingDebugged;                             // 02h
+   UCHAR Spare;                                     // 03h
+   PVOID Mutant;                                    // 04h
+   PVOID ImageBaseAddress;                          // 08h
+   PPEB_LDR_DATA Ldr;                               // 0Ch
+   PRTL_USER_PROCESS_PARAMETERS ProcessParameters;  // 10h
+   PVOID SubSystemData;                             // 14h
+   PVOID ProcessHeap;                               // 18h
+   PVOID FastPebLock;                               // 1Ch
+   PPEBLOCKROUTINE FastPebLockRoutine;              // 20h
+   PPEBLOCKROUTINE FastPebUnlockRoutine;            // 24h
+   ULONG EnvironmentUpdateCount;                    // 28h
+   PVOID* KernelCallbackTable;                      // 2Ch
+   PVOID EventLogSection;                           // 30h
+   PVOID EventLog;                                  // 34h
+   PPEB_FREE_BLOCK FreeList;                        // 38h
+   ULONG TlsExpansionCounter;                       // 3Ch
+   PVOID TlsBitmap;                                 // 40h
+   ULONG TlsBitmapBits[0x2];                        // 44h
+   PVOID ReadOnlySharedMemoryBase;                  // 4Ch
+   PVOID ReadOnlySharedMemoryHeap;                  // 50h
+   PVOID* ReadOnlyStaticServerData;                 // 54h
+   PVOID AnsiCodePageData;                          // 58h
+   PVOID OemCodePageData;                           // 5Ch
+   PVOID UnicodeCaseTableData;                      // 60h
+   ULONG NumberOfProcessors;                        // 64h
+   ULONG NtGlobalFlag;                              // 68h
+   UCHAR Spare2[0x4];                               // 6Ch
+   LARGE_INTEGER CriticalSectionTimeout;            // 70h
+   ULONG HeapSegmentReserve;                        // 78h
+   ULONG HeapSegmentCommit;                         // 7Ch
+   ULONG HeapDeCommitTotalFreeThreshold;            // 80h
+   ULONG HeapDeCommitFreeBlockThreshold;            // 84h
+   ULONG NumberOfHeaps;                             // 88h
+   ULONG MaximumNumberOfHeaps;                      // 8Ch
+   PVOID** ProcessHeaps;                            // 90h
+   PVOID GdiSharedHandleTable;                      // 94h
+   PVOID ProcessStarterHelper;                      // 98h
+   PVOID GdiDCAttributeList;                        // 9Ch
+   PVOID LoaderLock;                                // A0h
+   ULONG OSMajorVersion;                            // A4h
+   ULONG OSMinorVersion;                            // A8h
+   ULONG OSBuildNumber;                             // ACh
+   ULONG OSPlatformId;                              // B0h
+   ULONG ImageSubSystem;                            // B4h
+   ULONG ImageSubSystemMajorVersion;                // B8h
+   ULONG ImageSubSystemMinorVersion;                // C0h
+   ULONG GdiHandleBuffer[0x22];                     // C4h
+} PEB;
+
+#ifndef __USE_W32API
+
+typedef PEB *PPEB;
+
+#endif /* !__USE_W32API */
+
+typedef struct _GDI_TEB_BATCH
+{
+   ULONG Offset;
+   ULONG HDC;
+   ULONG Buffer[0x136];
+} GDI_TEB_BATCH, *PGDI_TEB_BATCH;
+
+typedef struct _TEB
+{
+   NT_TIB Tib;                         // 00h
+   PVOID EnvironmentPointer;           // 1Ch
+   CLIENT_ID Cid;                      // 20h
+   PVOID ActiveRpcInfo;                // 28h
+   PVOID ThreadLocalStoragePointer;    // 2Ch
+   PPEB Peb;                           // 30h
+   ULONG LastErrorValue;               // 34h
+   ULONG CountOfOwnedCriticalSections; // 38h
+   PVOID CsrClientThread;              // 3Ch
+   struct _W32THREAD* Win32ThreadInfo;         // 40h
+   ULONG Win32ClientInfo[0x1F];        // 44h
+   PVOID WOW32Reserved;                // C0h
+   ULONG CurrentLocale;                // C4h
+   ULONG FpSoftwareStatusRegister;     // C8h
+   PVOID SystemReserved1[0x36];        // CCh
+   PVOID Spare1;                       // 1A4h
+   LONG ExceptionCode;                 // 1A8h
+   ULONG SpareBytes1[0x28];            // 1ACh
+   PVOID SystemReserved2[0xA];         // 1D4h
+//   GDI_TEB_BATCH GdiTebBatch;          // 1FCh
+   ULONG gdiRgn;                       // 6DCh
+   ULONG gdiPen;                       // 6E0h
+   ULONG gdiBrush;                     // 6E4h
+   CLIENT_ID RealClientId;             // 6E8h
+   PVOID GdiCachedProcessHandle;       // 6F0h
+   ULONG GdiClientPID;                 // 6F4h
+   ULONG GdiClientTID;                 // 6F8h
+   PVOID GdiThreadLocaleInfo;          // 6FCh
+   PVOID UserReserved[5];              // 700h
+   PVOID glDispatchTable[0x118];       // 714h
+   ULONG glReserved1[0x1A];            // B74h
+   PVOID glReserved2;                  // BDCh
+   PVOID glSectionInfo;                // BE0h
+   PVOID glSection;                    // BE4h
+   PVOID glTable;                      // BE8h
+   PVOID glCurrentRC;                  // BECh
+   PVOID glContext;                    // BF0h
+   NTSTATUS LastStatusValue;           // BF4h
+   UNICODE_STRING StaticUnicodeString; // BF8h
+   WCHAR StaticUnicodeBuffer[0x105];   // C00h
+   PVOID DeallocationStack;            // E0Ch
+   PVOID TlsSlots[0x40];               // E10h
+   LIST_ENTRY TlsLinks;                // F10h
+   PVOID Vdm;                          // F18h
+   PVOID ReservedForNtRpc;             // F1Ch
+   PVOID DbgSsReserved[0x2];           // F20h
+   ULONG HardErrorDisabled;            // F28h
+   PVOID Instrumentation[0x10];        // F2Ch
+   PVOID WinSockData;                  // F6Ch
+   ULONG GdiBatchCount;                // F70h
+   ULONG Spare2;                       // F74h
+   ULONG Spare3;                       // F78h
+   ULONG Spare4;                       // F7Ch
+   PVOID ReservedForOle;               // F80h
+   ULONG WaitingOnLoaderLock;          // F84h
+   PVOID WineDebugInfo;                // Needed for WINE DLL's
+} TEB, *PTEB;
+
+
+#define NtCurrentPeb() (NtCurrentTeb()->Peb)
+
+static inline PTEB NtCurrentTeb(VOID)
+{
+   int x;
+   
+   __asm__ __volatile__("movl %%fs:0x18, %0\n\t"
+                       : "=r" (x) /* can't have two memory operands */
+                       : /* no inputs */
+                       );
+   
+   return((PTEB)x);
+}
+
+#endif /* __INCLUDE_INTERNAL_TEB */