2006-05-10 17:47:44 +00:00
|
|
|
/*++ NDK Version: 0098
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
Copyright (c) Alex Ionescu. All rights reserved.
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
Header Name:
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
obtypes.h
|
2005-08-17 07:06:59 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
Abstract:
|
2005-08-17 07:06:59 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
Type definitions for the Object Manager
|
2005-08-17 07:06:59 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
Author:
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2006-05-10 17:47:44 +00:00
|
|
|
Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
|
2005-06-25 17:01:17 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
--*/
|
|
|
|
|
|
|
|
|
|
#ifndef _OBTYPES_H
|
|
|
|
|
#define _OBTYPES_H
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// Dependencies
|
|
|
|
|
//
|
2005-11-25 00:17:40 +00:00
|
|
|
#include <umtypes.h>
|
2007-01-08 08:03:47 +00:00
|
|
|
#ifndef NTOS_MODE_USER
|
|
|
|
|
#include <extypes.h>
|
2006-05-24 04:19:04 +00:00
|
|
|
#endif
|
|
|
|
|
|
2007-01-08 08:03:47 +00:00
|
|
|
#ifdef NTOS_MODE_USER
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Definitions for Object Creation
|
|
|
|
|
//
|
|
|
|
|
#define OBJ_INHERIT 0x00000002L
|
|
|
|
|
#define OBJ_PERMANENT 0x00000010L
|
|
|
|
|
#define OBJ_EXCLUSIVE 0x00000020L
|
|
|
|
|
#define OBJ_CASE_INSENSITIVE 0x00000040L
|
|
|
|
|
#define OBJ_OPENIF 0x00000080L
|
|
|
|
|
#define OBJ_OPENLINK 0x00000100L
|
|
|
|
|
#define OBJ_KERNEL_HANDLE 0x00000200L
|
|
|
|
|
#define OBJ_FORCE_ACCESS_CHECK 0x00000400L
|
|
|
|
|
#define OBJ_VALID_ATTRIBUTES 0x000007F2L
|
|
|
|
|
|
|
|
|
|
#define InitializeObjectAttributes(p,n,a,r,s) { \
|
|
|
|
|
(p)->Length = sizeof(OBJECT_ATTRIBUTES); \
|
|
|
|
|
(p)->RootDirectory = (r); \
|
|
|
|
|
(p)->Attributes = (a); \
|
|
|
|
|
(p)->ObjectName = (n); \
|
|
|
|
|
(p)->SecurityDescriptor = (s); \
|
|
|
|
|
(p)->SecurityQualityOfService = NULL; \
|
|
|
|
|
}
|
|
|
|
|
|
2006-05-10 17:47:44 +00:00
|
|
|
//
|
|
|
|
|
// Number of custom-defined bits that can be attached to a handle
|
|
|
|
|
//
|
|
|
|
|
#define OBJ_HANDLE_TAGBITS 0x3
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Directory Object Access Rights
|
|
|
|
|
//
|
|
|
|
|
#define DIRECTORY_QUERY 0x0001
|
|
|
|
|
#define DIRECTORY_TRAVERSE 0x0002
|
|
|
|
|
#define DIRECTORY_CREATE_OBJECT 0x0004
|
|
|
|
|
#define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
|
|
|
|
|
#define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xF)
|
|
|
|
|
|
2006-05-05 17:46:05 +00:00
|
|
|
//
|
|
|
|
|
// Slash separator used in the OB Namespace (and Registry)
|
|
|
|
|
//
|
|
|
|
|
#define OBJ_NAME_PATH_SEPARATOR L'\\'
|
|
|
|
|
|
2007-08-04 08:26:58 +00:00
|
|
|
//
|
|
|
|
|
// Object Information Classes for NtQueryInformationObject
|
|
|
|
|
//
|
|
|
|
|
typedef enum _OBJECT_INFORMATION_CLASS
|
|
|
|
|
{
|
|
|
|
|
ObjectBasicInformation,
|
|
|
|
|
ObjectNameInformation,
|
|
|
|
|
ObjectTypeInformation,
|
|
|
|
|
ObjectTypesInformation,
|
|
|
|
|
ObjectHandleFlagInformation,
|
|
|
|
|
ObjectSessionInformation,
|
|
|
|
|
MaxObjectInfoClass
|
|
|
|
|
} OBJECT_INFORMATION_CLASS;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
#else
|
|
|
|
|
|
2015-09-24 02:40:30 +00:00
|
|
|
//
|
|
|
|
|
// Undocumented Attribute for Kernel-Only Access
|
|
|
|
|
//
|
|
|
|
|
#define OBJ_KERNEL_EXCLUSIVE 0x00010000L
|
|
|
|
|
#define OBJ_VALID_KERNEL_ATTRIBUTES (OBJ_VALID_ATTRIBUTES | \
|
|
|
|
|
OBJ_KERNEL_EXCLUSIVE)
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Flags
|
|
|
|
|
//
|
|
|
|
|
#define OB_FLAG_CREATE_INFO 0x01
|
|
|
|
|
#define OB_FLAG_KERNEL_MODE 0x02
|
|
|
|
|
#define OB_FLAG_CREATOR_INFO 0x04
|
|
|
|
|
#define OB_FLAG_EXCLUSIVE 0x08
|
|
|
|
|
#define OB_FLAG_PERMANENT 0x10
|
|
|
|
|
#define OB_FLAG_SECURITY 0x20
|
|
|
|
|
#define OB_FLAG_SINGLE_PROCESS 0x40
|
2007-01-08 08:03:47 +00:00
|
|
|
#define OB_FLAG_DEFER_DELETE 0x80
|
2005-11-22 04:57:45 +00:00
|
|
|
|
2015-09-24 02:40:30 +00:00
|
|
|
//
|
|
|
|
|
// Object Flags encoded in "QueryReferences" field
|
|
|
|
|
//
|
|
|
|
|
#define OB_FLAG_KERNEL_EXCLUSIVE 0x40000000
|
|
|
|
|
|
2006-05-25 19:30:09 +00:00
|
|
|
#define OBJECT_TO_OBJECT_HEADER(o) \
|
|
|
|
|
CONTAINING_RECORD((o), OBJECT_HEADER, Body)
|
|
|
|
|
|
|
|
|
|
#define OBJECT_HEADER_TO_NAME_INFO(h) \
|
|
|
|
|
((POBJECT_HEADER_NAME_INFO)(!(h)->NameInfoOffset ? \
|
|
|
|
|
NULL: ((PCHAR)(h) - (h)->NameInfoOffset)))
|
|
|
|
|
|
|
|
|
|
#define OBJECT_HEADER_TO_HANDLE_INFO(h) \
|
|
|
|
|
((POBJECT_HEADER_HANDLE_INFO)(!(h)->HandleInfoOffset ? \
|
|
|
|
|
NULL: ((PCHAR)(h) - (h)->HandleInfoOffset)))
|
|
|
|
|
|
2006-06-08 20:58:21 +00:00
|
|
|
#define OBJECT_HEADER_TO_QUOTA_INFO(h) \
|
|
|
|
|
((POBJECT_HEADER_QUOTA_INFO)(!(h)->QuotaInfoOffset ? \
|
|
|
|
|
NULL: ((PCHAR)(h) - (h)->QuotaInfoOffset)))
|
|
|
|
|
|
2006-05-25 19:30:09 +00:00
|
|
|
#define OBJECT_HEADER_TO_CREATOR_INFO(h) \
|
|
|
|
|
((POBJECT_HEADER_CREATOR_INFO)(!((h)->Flags & \
|
|
|
|
|
OB_FLAG_CREATOR_INFO) ? NULL: ((PCHAR)(h) - \
|
|
|
|
|
sizeof(OBJECT_HEADER_CREATOR_INFO))))
|
|
|
|
|
|
2007-01-08 08:03:47 +00:00
|
|
|
#define OBJECT_HEADER_TO_EXCLUSIVE_PROCESS(h) \
|
|
|
|
|
((!((h)->Flags & OB_FLAG_EXCLUSIVE)) ? \
|
|
|
|
|
NULL: (((POBJECT_HEADER_QUOTA_INFO)((PCHAR)(h) - \
|
|
|
|
|
(h)->QuotaInfoOffset))->ExclusiveProcess))
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Reasons for Open Callback
|
|
|
|
|
//
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef enum _OB_OPEN_REASON
|
2005-06-26 01:08:55 +00:00
|
|
|
{
|
2005-06-25 17:01:17 +00:00
|
|
|
ObCreateHandle,
|
|
|
|
|
ObOpenHandle,
|
|
|
|
|
ObDuplicateHandle,
|
|
|
|
|
ObInheritHandle,
|
|
|
|
|
ObMaxOpenReason
|
|
|
|
|
} OB_OPEN_REASON;
|
2005-11-22 04:57:45 +00:00
|
|
|
|
2005-09-06 15:57:42 +00:00
|
|
|
#endif
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Duplication Flags
|
|
|
|
|
//
|
|
|
|
|
#define DUPLICATE_SAME_ATTRIBUTES 0x00000004
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// Number of hash entries in an Object Directory
|
|
|
|
|
//
|
|
|
|
|
#define NUMBER_HASH_BUCKETS 37
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// Types for DosDeviceDriveType
|
|
|
|
|
//
|
|
|
|
|
#define DOSDEVICE_DRIVE_UNKNOWN 0
|
|
|
|
|
#define DOSDEVICE_DRIVE_CALCULATE 1
|
|
|
|
|
#define DOSDEVICE_DRIVE_REMOVABLE 2
|
|
|
|
|
#define DOSDEVICE_DRIVE_FIXED 3
|
|
|
|
|
#define DOSDEVICE_DRIVE_REMOTE 4
|
|
|
|
|
#define DOSDEVICE_DRIVE_CDROM 5
|
|
|
|
|
#define DOSDEVICE_DRIVE_RAMDISK 6
|
|
|
|
|
|
2005-11-27 20:18:33 +00:00
|
|
|
//
|
|
|
|
|
// Dump Control Structure for Object Debugging
|
|
|
|
|
//
|
2005-11-28 21:40:21 +00:00
|
|
|
typedef struct _OB_DUMP_CONTROL
|
2005-11-27 20:18:33 +00:00
|
|
|
{
|
|
|
|
|
PVOID Stream;
|
|
|
|
|
ULONG Detail;
|
2005-11-28 21:40:21 +00:00
|
|
|
} OB_DUMP_CONTROL, *POB_DUMP_CONTROL;
|
2005-06-25 17:01:17 +00:00
|
|
|
|
2005-09-06 15:57:42 +00:00
|
|
|
#ifndef NTOS_MODE_USER
|
2005-11-22 04:57:45 +00:00
|
|
|
|
|
|
|
|
//
|
2005-11-27 20:18:33 +00:00
|
|
|
// Object Type Callbacks
|
|
|
|
|
//
|
|
|
|
|
typedef VOID
|
|
|
|
|
(NTAPI *OB_DUMP_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ PVOID Object,
|
|
|
|
|
_In_opt_ POB_DUMP_CONTROL Control
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef NTSTATUS
|
|
|
|
|
(NTAPI *OB_OPEN_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ OB_OPEN_REASON Reason,
|
|
|
|
|
_In_opt_ PEPROCESS Process,
|
|
|
|
|
_In_ PVOID ObjectBody,
|
|
|
|
|
_In_ ACCESS_MASK GrantedAccess,
|
|
|
|
|
_In_ ULONG HandleCount
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef VOID
|
|
|
|
|
(NTAPI *OB_CLOSE_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_opt_ PEPROCESS Process,
|
|
|
|
|
_In_ PVOID Object,
|
|
|
|
|
_In_ ACCESS_MASK GrantedAccess,
|
|
|
|
|
_In_ ULONG ProcessHandleCount,
|
|
|
|
|
_In_ ULONG SystemHandleCount
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef VOID
|
|
|
|
|
(NTAPI *OB_DELETE_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ PVOID Object
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef NTSTATUS
|
|
|
|
|
(NTAPI *OB_PARSE_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ PVOID ParseObject,
|
|
|
|
|
_In_ PVOID ObjectType,
|
|
|
|
|
_Inout_ PACCESS_STATE AccessState,
|
|
|
|
|
_In_ KPROCESSOR_MODE AccessMode,
|
|
|
|
|
_In_ ULONG Attributes,
|
|
|
|
|
_Inout_ PUNICODE_STRING CompleteName,
|
|
|
|
|
_Inout_ PUNICODE_STRING RemainingName,
|
|
|
|
|
_Inout_opt_ PVOID Context,
|
|
|
|
|
_In_opt_ PSECURITY_QUALITY_OF_SERVICE SecurityQos,
|
|
|
|
|
_Out_ PVOID *Object
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef NTSTATUS
|
|
|
|
|
(NTAPI *OB_SECURITY_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ PVOID Object,
|
|
|
|
|
_In_ SECURITY_OPERATION_CODE OperationType,
|
|
|
|
|
_In_ PSECURITY_INFORMATION SecurityInformation,
|
|
|
|
|
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
|
|
|
_Inout_ PULONG CapturedLength,
|
|
|
|
|
_Inout_ PSECURITY_DESCRIPTOR *ObjectSecurityDescriptor,
|
|
|
|
|
_In_ POOL_TYPE PoolType,
|
|
|
|
|
_In_ PGENERIC_MAPPING GenericMapping
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
typedef NTSTATUS
|
|
|
|
|
(NTAPI *OB_QUERYNAME_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_ PVOID Object,
|
|
|
|
|
_In_ BOOLEAN HasObjectName,
|
|
|
|
|
_Out_ POBJECT_NAME_INFORMATION ObjectNameInfo,
|
|
|
|
|
_In_ ULONG Length,
|
|
|
|
|
_Out_ PULONG ReturnLength,
|
|
|
|
|
_In_ KPROCESSOR_MODE AccessMode
|
2005-11-27 20:18:33 +00:00
|
|
|
);
|
|
|
|
|
|
2011-08-13 20:10:40 +00:00
|
|
|
typedef BOOLEAN
|
2005-11-28 21:40:21 +00:00
|
|
|
(NTAPI *OB_OKAYTOCLOSE_METHOD)(
|
2013-01-13 14:49:21 +00:00
|
|
|
_In_opt_ PEPROCESS Process,
|
|
|
|
|
_In_ PVOID Object,
|
|
|
|
|
_In_ HANDLE Handle,
|
|
|
|
|
_In_ KPROCESSOR_MODE AccessMode
|
2005-11-28 21:40:21 +00:00
|
|
|
);
|
|
|
|
|
|
2005-11-27 20:18:33 +00:00
|
|
|
#else
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Information Types for NtQueryInformationObject
|
|
|
|
|
//
|
2005-08-17 07:06:59 +00:00
|
|
|
typedef struct _OBJECT_NAME_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
UNICODE_STRING Name;
|
|
|
|
|
} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
|
2005-11-22 04:57:45 +00:00
|
|
|
|
2005-08-17 07:06:59 +00:00
|
|
|
#endif
|
|
|
|
|
|
2005-09-06 15:57:42 +00:00
|
|
|
typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
BOOLEAN Inherit;
|
|
|
|
|
BOOLEAN ProtectFromClose;
|
|
|
|
|
} OBJECT_HANDLE_ATTRIBUTE_INFORMATION, *POBJECT_HANDLE_ATTRIBUTE_INFORMATION;
|
|
|
|
|
|
|
|
|
|
typedef struct _OBJECT_DIRECTORY_INFORMATION
|
|
|
|
|
{
|
2006-07-17 03:16:15 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
|
UNICODE_STRING TypeName;
|
2005-09-06 15:57:42 +00:00
|
|
|
} OBJECT_DIRECTORY_INFORMATION, *POBJECT_DIRECTORY_INFORMATION;
|
|
|
|
|
|
2007-01-25 01:50:40 +00:00
|
|
|
//
|
|
|
|
|
// Object Type Information
|
|
|
|
|
//
|
|
|
|
|
typedef struct _OBJECT_TYPE_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
UNICODE_STRING TypeName;
|
|
|
|
|
ULONG TotalNumberOfObjects;
|
|
|
|
|
ULONG TotalNumberOfHandles;
|
|
|
|
|
ULONG TotalPagedPoolUsage;
|
|
|
|
|
ULONG TotalNonPagedPoolUsage;
|
|
|
|
|
ULONG TotalNamePoolUsage;
|
|
|
|
|
ULONG TotalHandleTableUsage;
|
|
|
|
|
ULONG HighWaterNumberOfObjects;
|
|
|
|
|
ULONG HighWaterNumberOfHandles;
|
|
|
|
|
ULONG HighWaterPagedPoolUsage;
|
|
|
|
|
ULONG HighWaterNonPagedPoolUsage;
|
|
|
|
|
ULONG HighWaterNamePoolUsage;
|
|
|
|
|
ULONG HighWaterHandleTableUsage;
|
|
|
|
|
ULONG InvalidAttributes;
|
|
|
|
|
GENERIC_MAPPING GenericMapping;
|
|
|
|
|
ULONG ValidAccessMask;
|
|
|
|
|
BOOLEAN SecurityRequired;
|
|
|
|
|
BOOLEAN MaintainHandleCount;
|
|
|
|
|
ULONG PoolType;
|
|
|
|
|
ULONG DefaultPagedPoolCharge;
|
|
|
|
|
ULONG DefaultNonPagedPoolCharge;
|
|
|
|
|
} OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
|
|
|
|
|
|
2008-06-16 09:20:47 +00:00
|
|
|
typedef struct _OBJECT_ALL_TYPES_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
ULONG NumberOfTypes;
|
|
|
|
|
//OBJECT_TYPE_INFORMATION TypeInformation[1];
|
|
|
|
|
} OBJECT_ALL_TYPES_INFORMATION, *POBJECT_ALL_TYPES_INFORMATION;
|
|
|
|
|
|
2007-08-04 08:26:58 +00:00
|
|
|
#ifdef NTOS_MODE_USER
|
2005-11-22 04:57:45 +00:00
|
|
|
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _OBJECT_BASIC_INFORMATION
|
2005-06-18 23:33:40 +00:00
|
|
|
{
|
|
|
|
|
ULONG Attributes;
|
|
|
|
|
ACCESS_MASK GrantedAccess;
|
|
|
|
|
ULONG HandleCount;
|
|
|
|
|
ULONG PointerCount;
|
|
|
|
|
ULONG PagedPoolUsage;
|
|
|
|
|
ULONG NonPagedPoolUsage;
|
|
|
|
|
ULONG Reserved[3];
|
|
|
|
|
ULONG NameInformationLength;
|
|
|
|
|
ULONG TypeInformationLength;
|
|
|
|
|
ULONG SecurityDescriptorLength;
|
|
|
|
|
LARGE_INTEGER CreateTime;
|
|
|
|
|
} OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
|
2005-06-26 01:08:55 +00:00
|
|
|
|
2007-08-04 08:26:58 +00:00
|
|
|
#else
|
|
|
|
|
|
2005-06-26 01:08:55 +00:00
|
|
|
typedef struct _OBJECT_CREATE_INFORMATION
|
2005-06-25 17:01:17 +00:00
|
|
|
{
|
|
|
|
|
ULONG Attributes;
|
|
|
|
|
HANDLE RootDirectory;
|
|
|
|
|
PVOID ParseContext;
|
|
|
|
|
KPROCESSOR_MODE ProbeMode;
|
|
|
|
|
ULONG PagedPoolCharge;
|
|
|
|
|
ULONG NonPagedPoolCharge;
|
|
|
|
|
ULONG SecurityDescriptorCharge;
|
|
|
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor;
|
|
|
|
|
PSECURITY_QUALITY_OF_SERVICE SecurityQos;
|
|
|
|
|
SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
|
|
|
|
|
} OBJECT_CREATE_INFORMATION, *POBJECT_CREATE_INFORMATION;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Type Initialize for ObCreateObjectType
|
|
|
|
|
//
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_TYPE_INITIALIZER
|
|
|
|
|
{
|
2005-09-05 04:48:20 +00:00
|
|
|
USHORT Length;
|
2007-01-25 01:50:40 +00:00
|
|
|
BOOLEAN UseDefaultObject;
|
|
|
|
|
BOOLEAN CaseInsensitive;
|
2005-06-25 17:01:17 +00:00
|
|
|
ULONG InvalidAttributes;
|
|
|
|
|
GENERIC_MAPPING GenericMapping;
|
|
|
|
|
ULONG ValidAccessMask;
|
2007-01-25 01:50:40 +00:00
|
|
|
BOOLEAN SecurityRequired;
|
|
|
|
|
BOOLEAN MaintainHandleCount;
|
|
|
|
|
BOOLEAN MaintainTypeList;
|
2005-06-25 17:01:17 +00:00
|
|
|
POOL_TYPE PoolType;
|
|
|
|
|
ULONG DefaultPagedPoolCharge;
|
|
|
|
|
ULONG DefaultNonPagedPoolCharge;
|
|
|
|
|
OB_DUMP_METHOD DumpProcedure;
|
|
|
|
|
OB_OPEN_METHOD OpenProcedure;
|
|
|
|
|
OB_CLOSE_METHOD CloseProcedure;
|
|
|
|
|
OB_DELETE_METHOD DeleteProcedure;
|
|
|
|
|
OB_PARSE_METHOD ParseProcedure;
|
|
|
|
|
OB_SECURITY_METHOD SecurityProcedure;
|
|
|
|
|
OB_QUERYNAME_METHOD QueryNameProcedure;
|
|
|
|
|
OB_OKAYTOCLOSE_METHOD OkayToCloseProcedure;
|
|
|
|
|
} OBJECT_TYPE_INITIALIZER, *POBJECT_TYPE_INITIALIZER;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Type Object
|
|
|
|
|
//
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_TYPE
|
|
|
|
|
{
|
|
|
|
|
ERESOURCE Mutex;
|
|
|
|
|
LIST_ENTRY TypeList;
|
|
|
|
|
UNICODE_STRING Name;
|
|
|
|
|
PVOID DefaultObject;
|
|
|
|
|
ULONG Index;
|
|
|
|
|
ULONG TotalNumberOfObjects;
|
|
|
|
|
ULONG TotalNumberOfHandles;
|
|
|
|
|
ULONG HighWaterNumberOfObjects;
|
|
|
|
|
ULONG HighWaterNumberOfHandles;
|
|
|
|
|
OBJECT_TYPE_INITIALIZER TypeInfo;
|
|
|
|
|
ULONG Key;
|
|
|
|
|
ERESOURCE ObjectLocks[4];
|
|
|
|
|
} OBJECT_TYPE;
|
|
|
|
|
|
2006-05-24 20:06:13 +00:00
|
|
|
//
|
|
|
|
|
// Object Directory Structures
|
|
|
|
|
//
|
|
|
|
|
typedef struct _OBJECT_DIRECTORY_ENTRY
|
|
|
|
|
{
|
|
|
|
|
struct _OBJECT_DIRECTORY_ENTRY *ChainLink;
|
|
|
|
|
PVOID Object;
|
|
|
|
|
#if (NTDDI_VERSION >= NTDDI_WS03)
|
|
|
|
|
ULONG HashValue;
|
|
|
|
|
#endif
|
|
|
|
|
} OBJECT_DIRECTORY_ENTRY, *POBJECT_DIRECTORY_ENTRY;
|
|
|
|
|
|
|
|
|
|
typedef struct _OBJECT_DIRECTORY
|
|
|
|
|
{
|
|
|
|
|
struct _OBJECT_DIRECTORY_ENTRY *HashBuckets[NUMBER_HASH_BUCKETS];
|
|
|
|
|
#if (NTDDI_VERSION < NTDDI_WINXP)
|
|
|
|
|
ERESOURCE Lock;
|
2007-01-08 08:03:47 +00:00
|
|
|
#else
|
|
|
|
|
EX_PUSH_LOCK Lock;
|
2006-05-24 20:06:13 +00:00
|
|
|
#endif
|
|
|
|
|
#if (NTDDI_VERSION < NTDDI_WINXP)
|
|
|
|
|
BOOLEAN CurrentEntryValid;
|
|
|
|
|
#else
|
|
|
|
|
struct _DEVICE_MAP *DeviceMap;
|
|
|
|
|
#endif
|
|
|
|
|
ULONG SessionId;
|
|
|
|
|
#if (NTDDI_VERSION == NTDDI_WINXP)
|
|
|
|
|
USHORT Reserved;
|
|
|
|
|
USHORT SymbolicLinkUsageCount;
|
|
|
|
|
#endif
|
|
|
|
|
} OBJECT_DIRECTORY, *POBJECT_DIRECTORY;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Object Header Addon Information
|
|
|
|
|
//
|
|
|
|
|
typedef struct _OBJECT_HEADER_NAME_INFO
|
|
|
|
|
{
|
2006-05-24 20:06:13 +00:00
|
|
|
POBJECT_DIRECTORY Directory;
|
2005-11-22 04:57:45 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
|
ULONG QueryReferences;
|
|
|
|
|
ULONG Reserved2;
|
|
|
|
|
ULONG DbgReferenceCount;
|
2018-01-04 18:23:47 +00:00
|
|
|
#ifdef _WIN64
|
|
|
|
|
ULONG64 Reserved3;
|
|
|
|
|
#endif
|
2005-11-22 04:57:45 +00:00
|
|
|
} OBJECT_HEADER_NAME_INFO, *POBJECT_HEADER_NAME_INFO;
|
|
|
|
|
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_HANDLE_COUNT_ENTRY
|
|
|
|
|
{
|
|
|
|
|
struct _EPROCESS *Process;
|
|
|
|
|
ULONG HandleCount;
|
|
|
|
|
} OBJECT_HANDLE_COUNT_ENTRY, *POBJECT_HANDLE_COUNT_ENTRY;
|
2005-06-26 01:08:55 +00:00
|
|
|
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_HANDLE_COUNT_DATABASE
|
|
|
|
|
{
|
|
|
|
|
ULONG CountEntries;
|
2007-01-08 17:56:56 +00:00
|
|
|
OBJECT_HANDLE_COUNT_ENTRY HandleCountEntries[1];
|
2005-06-25 17:01:17 +00:00
|
|
|
} OBJECT_HANDLE_COUNT_DATABASE, *POBJECT_HANDLE_COUNT_DATABASE;
|
2005-06-26 01:08:55 +00:00
|
|
|
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_HEADER_HANDLE_INFO
|
|
|
|
|
{
|
|
|
|
|
union
|
|
|
|
|
{
|
|
|
|
|
POBJECT_HANDLE_COUNT_DATABASE HandleCountDatabase;
|
|
|
|
|
OBJECT_HANDLE_COUNT_ENTRY SingleEntry;
|
|
|
|
|
};
|
|
|
|
|
} OBJECT_HEADER_HANDLE_INFO, *POBJECT_HEADER_HANDLE_INFO;
|
2005-06-26 01:08:55 +00:00
|
|
|
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_HEADER_CREATOR_INFO
|
|
|
|
|
{
|
|
|
|
|
LIST_ENTRY TypeList;
|
|
|
|
|
PVOID CreatorUniqueProcess;
|
|
|
|
|
USHORT CreatorBackTraceIndex;
|
|
|
|
|
USHORT Reserved;
|
|
|
|
|
} OBJECT_HEADER_CREATOR_INFO, *POBJECT_HEADER_CREATOR_INFO;
|
|
|
|
|
|
2006-06-08 20:58:21 +00:00
|
|
|
typedef struct _OBJECT_HEADER_QUOTA_INFO
|
|
|
|
|
{
|
|
|
|
|
ULONG PagedPoolCharge;
|
|
|
|
|
ULONG NonPagedPoolCharge;
|
|
|
|
|
ULONG SecurityDescriptorCharge;
|
|
|
|
|
PEPROCESS ExclusiveProcess;
|
2018-01-04 18:23:47 +00:00
|
|
|
#ifdef _WIN64
|
|
|
|
|
ULONG64 Reserved;
|
|
|
|
|
#endif
|
2006-06-08 20:58:21 +00:00
|
|
|
} OBJECT_HEADER_QUOTA_INFO, *POBJECT_HEADER_QUOTA_INFO;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
2005-11-27 19:21:19 +00:00
|
|
|
// Object Header
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
2005-06-25 17:01:17 +00:00
|
|
|
typedef struct _OBJECT_HEADER
|
|
|
|
|
{
|
2018-01-04 18:23:47 +00:00
|
|
|
LONG_PTR PointerCount;
|
2005-06-26 01:08:55 +00:00
|
|
|
union
|
|
|
|
|
{
|
2018-01-04 18:23:47 +00:00
|
|
|
LONG_PTR HandleCount;
|
2006-05-29 00:05:07 +00:00
|
|
|
volatile PVOID NextToFree;
|
2005-06-25 17:01:17 +00:00
|
|
|
};
|
|
|
|
|
POBJECT_TYPE Type;
|
|
|
|
|
UCHAR NameInfoOffset;
|
|
|
|
|
UCHAR HandleInfoOffset;
|
|
|
|
|
UCHAR QuotaInfoOffset;
|
|
|
|
|
UCHAR Flags;
|
2005-06-26 01:08:55 +00:00
|
|
|
union
|
|
|
|
|
{
|
2005-06-25 17:01:17 +00:00
|
|
|
POBJECT_CREATE_INFORMATION ObjectCreateInfo;
|
|
|
|
|
PVOID QuotaBlockCharged;
|
|
|
|
|
};
|
|
|
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor;
|
|
|
|
|
QUAD Body;
|
|
|
|
|
} OBJECT_HEADER, *POBJECT_HEADER;
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2006-05-24 20:13:47 +00:00
|
|
|
//
|
|
|
|
|
// Object Lookup Context
|
|
|
|
|
//
|
|
|
|
|
typedef struct _OBP_LOOKUP_CONTEXT
|
|
|
|
|
{
|
|
|
|
|
POBJECT_DIRECTORY Directory;
|
|
|
|
|
PVOID Object;
|
|
|
|
|
ULONG HashValue;
|
|
|
|
|
USHORT HashIndex;
|
|
|
|
|
BOOLEAN DirectoryLocked;
|
|
|
|
|
ULONG LockStateSignature;
|
|
|
|
|
} OBP_LOOKUP_CONTEXT, *POBP_LOOKUP_CONTEXT;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Device Map
|
|
|
|
|
//
|
2005-06-23 05:07:25 +00:00
|
|
|
typedef struct _DEVICE_MAP
|
|
|
|
|
{
|
2006-05-24 20:06:13 +00:00
|
|
|
POBJECT_DIRECTORY DosDevicesDirectory;
|
|
|
|
|
POBJECT_DIRECTORY GlobalDosDevicesDirectory;
|
|
|
|
|
ULONG ReferenceCount;
|
|
|
|
|
ULONG DriveMap;
|
|
|
|
|
UCHAR DriveType[32];
|
2005-06-26 01:08:55 +00:00
|
|
|
} DEVICE_MAP, *PDEVICE_MAP;
|
2005-06-23 05:07:25 +00:00
|
|
|
|
2006-05-24 02:45:06 +00:00
|
|
|
//
|
|
|
|
|
// Symbolic Link Object
|
|
|
|
|
//
|
|
|
|
|
typedef struct _OBJECT_SYMBOLIC_LINK
|
|
|
|
|
{
|
|
|
|
|
LARGE_INTEGER CreationTime;
|
|
|
|
|
UNICODE_STRING LinkTarget;
|
|
|
|
|
UNICODE_STRING LinkTargetRemaining;
|
|
|
|
|
PVOID LinkTargetObject;
|
|
|
|
|
ULONG DosDeviceDriveIndex;
|
|
|
|
|
} OBJECT_SYMBOLIC_LINK, *POBJECT_SYMBOLIC_LINK;
|
|
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
//
|
|
|
|
|
// Kernel Exports
|
|
|
|
|
//
|
2005-09-05 04:48:20 +00:00
|
|
|
extern PDEVICE_MAP NTSYSAPI ObSystemDeviceMap;
|
2005-06-18 23:33:40 +00:00
|
|
|
|
2005-11-22 04:57:45 +00:00
|
|
|
#endif // !NTOS_MODE_USER
|
|
|
|
|
|
|
|
|
|
#endif // _OBTYPES_H
|
