Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-04-05 05:01:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

[XDK]

Browse source 
- Autogenerate ntifs.h based on ntifs.template.h
- Remove some duplicate definitions between WDM and NTDDK.

[DDK]
- Remove wmlib.h
- Reflect the recent XDK changes.

svn path=/branches/header-work/; revision=46490
This commit is contained in:
Amine Khaldi 2010-03-27 15:31:25 +00:00
parent 87ac6e3504
commit 736107dd68
26 changed files with 13163 additions and 3575 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

124
include/ddk/ntddk.h
View file

@ -40,11 +40,8 @@
#include <ntdef.h>
#include <ntstatus.h>
#include <mce.h>
/* FIXME
#include <bugcodes.h>
#include <ntiologc.h>
*/
#include <stdarg.h> // FIXME
#include <basetyps.h> // FIXME
@ -2509,7 +2506,6 @@ extern NTKERNELAPI PEPROCESS PsInitialSystemProcess;
******************************************************************************/
#ifndef _RTL_RUN_ONCE_DEF
#define _RTL_RUN_ONCE_DEF
@ -2875,8 +2871,6 @@ typedef enum _WELL_KNOWN_SID_TYPE {
WinThisOrganizationCertificateSid = 82,
} WELL_KNOWN_SID_TYPE;
#if defined(_M_IX86)
#define PAUSE_PROCESSOR YieldProcessor();
@ -3330,6 +3324,7 @@ Exfi386InterlockedExchangeUlong(
IN ULONG Value);
#endif
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
NTSTATUS
@ -3377,6 +3372,7 @@ ExRaiseDatatypeMisalignment(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
/* Hardware Abstraction Layer Functions */
#if (NTDDI_VERSION >= NTDDI_WIN2K)
@ -3878,6 +3874,7 @@ NTAPI
IoSetThreadHardErrorMode(
IN BOOLEAN EnableHardErrors);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
@ -4023,8 +4020,8 @@ IoGetPagingIoPriority(
IN PIRP Irp);
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
BOOLEAN
NTAPI
IoTranslateBusAddress(
@ -4033,7 +4030,7 @@ IoTranslateBusAddress(
IN PHYSICAL_ADDRESS BusAddress,
IN OUT PULONG AddressSpace,
OUT PPHYSICAL_ADDRESS TranslatedAddress);
#endif
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
@ -4094,6 +4091,7 @@ IoIsFileObjectIgnoringSharing(
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTSTATUS
NTAPI
IoSetFileObjectIgnoreSharing(
@ -4115,6 +4113,7 @@ DbgPrompt(
/******************************************************************************
* Kernel Functions *
******************************************************************************/
NTKERNELAPI
VOID
FASTCALL
@ -4122,7 +4121,6 @@ KeInvalidateRangeAllCaches(
IN PVOID BaseAddress,
IN ULONG Length);
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
@ -4163,8 +4161,6 @@ VOID
NTAPI
KeBugCheck(
IN ULONG BugCheckCode);
#if defined(SINGLE_GROUP_LEGACY_API)
@ -4179,22 +4175,20 @@ NTKERNELAPI
KAFFINITY
NTAPI
KeQueryActiveProcessors(VOID);
#endif /* defined(SINGLE_GROUP_LEGACY_API) */
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
BOOLEAN
NTAPI
KeAreApcsDisabled(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WS03)
@ -4202,9 +4196,7 @@ NTKERNELAPI
BOOLEAN
NTAPI
KeInvalidateAllCaches(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
NTKERNELAPI
@ -4224,14 +4216,11 @@ NTKERNELAPI
VOID
NTAPI
KeLeaveGuardedRegion(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
#if defined(SINGLE_GROUP_LEGACY_API)
NTKERNELAPI
ULONG
NTAPI
@ -4242,12 +4231,10 @@ NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCount(VOID);
#endif /* SINGLE_GROUP_LEGACY_API */
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
@ -4331,16 +4318,14 @@ KeQueryHardwareCounterConfiguration(
OUT PHARDWARE_COUNTER CounterArray,
IN ULONG MaximumCount,
OUT PULONG Count);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
/******************************************************************************
* Memory manager Functions *
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
PPHYSICAL_MEMORY_RANGE
NTAPI
@ -4515,78 +4500,17 @@ MmFreeContiguousMemorySpecifyCache(
IN SIZE_T NumberOfBytes,
IN MEMORY_CACHING_TYPE CacheType);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
NTSTATUS
NTAPI
MmAdvanceMdl(
IN OUT PMDL Mdl,
IN ULONG NumberOfBytes);
NTKERNELAPI
PVOID
NTAPI
MmAllocateMappingAddress(
IN SIZE_T NumberOfBytes,
IN ULONG PoolTag);
NTKERNELAPI
VOID
NTAPI
MmFreeMappingAddress(
IN PVOID BaseAddress,
IN ULONG PoolTag);
NTKERNELAPI
NTSTATUS
NTAPI
MmIsVerifierEnabled(
OUT PULONG VerifierFlags);
NTKERNELAPI
PVOID
NTAPI
MmMapLockedPagesWithReservedMapping(
IN PVOID MappingAddress,
IN ULONG PoolTag,
IN PMDL MemoryDescriptorList,
IN MEMORY_CACHING_TYPE CacheType);
NTKERNELAPI
NTSTATUS
NTAPI
MmProtectMdlSystemAddress(
IN PMDL MemoryDescriptorList,
IN ULONG NewProtect);
NTKERNELAPI
VOID
NTAPI
MmUnmapReservedMapping(
IN PVOID BaseAddress,
IN ULONG PoolTag,
IN PMDL MemoryDescriptorList);
NTKERNELAPI
NTSTATUS
NTAPI
MmAddVerifierThunks(
IN PVOID ThunkBuffer,
IN ULONG ThunkBufferSize);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WS03)
NTKERNELAPI
NTSTATUS
NTAPI
MmCreateMirror(VOID);
#endif
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTSTATUS
@ -4598,8 +4522,7 @@ MmRotatePhysicalView(
IN MM_ROTATE_DIRECTION Direction,
IN PMM_ROTATE_COPY_CALLBACK_FUNCTION CopyFunction,
IN PVOID Context OPTIONAL);
#endif
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
/******************************************************************************
* Process Manager Functions *
@ -4664,9 +4587,7 @@ PsGetVersion(
OUT PULONG MinorVersion OPTIONAL,
OUT PULONG BuildNumber OPTIONAL,
OUT PUNICODE_STRING CSDVersion OPTIONAL);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
@ -4698,7 +4619,6 @@ LONGLONG
NTAPI
PsGetProcessCreateTimeQuadPart(
IN PEPROCESS Process);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WS03)
@ -4736,8 +4656,8 @@ PsSetCreateProcessNotifyRoutineEx(
* Runtime Library Functions *
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
#ifndef RTL_USE_AVL_TABLES
@ -4972,13 +4892,13 @@ RtlWalkFrameChain(
IN ULONG Flags);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTSYSAPI
VOID
NTAPI
@ -5086,9 +5006,9 @@ RtlIsGenericTableEmptyAvl(
IN PRTL_AVL_TABLE Table);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
@ -5134,7 +5054,6 @@ RtlGetProductInfo(
OUT PULONG ReturnedProductType);
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
@ -5241,7 +5160,6 @@ RtlContractHashTable(
IN PRTL_DYNAMIC_HASH_TABLE HashTable);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
@ -5480,6 +5398,7 @@ RtlActiveEnumeratorsHashTable(
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
BOOLEAN
NTAPI
@ -5487,15 +5406,14 @@ SeSinglePrivilegeCheck(
IN LUID PrivilegeValue,
IN KPROCESSOR_MODE PreviousMode);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
/******************************************************************************
* ZwXxx Functions *
******************************************************************************/
NTSYSAPI
NTSTATUS
NTAPI
@ -5518,10 +5436,8 @@ ZwOpenProcess(
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PCLIENT_ID ClientId OPTIONAL);
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTSTATUS
NTAPI
ZwCancelTimer(
@ -5604,8 +5520,6 @@ ZwDeviceIoControlFile(
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
@ -5618,8 +5532,6 @@ ZwSetTimerEx(
IN TIMER_SET_INFORMATION_CLASS TimerSetInformationClass,
IN OUT PVOID TimerSetInformation,
IN ULONG TimerSetInformationLength);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */

3717
include/ddk/ntifs.h
View file

File diff suppressed because it is too large Load diff

64
include/ddk/wdm.h
View file

@ -551,7 +551,6 @@ typedef BOOLEAN
(*PFN_RTL_IS_SERVICE_PACK_VERSION_INSTALLED)(
IN ULONG Version);
/******************************************************************************
* Kernel Types *
******************************************************************************/
@ -2271,7 +2270,6 @@ typedef struct _SE_ADT_PARAMETER_ARRAY {
#endif /* !_NTLSA_AUDIT_ */
#endif /* !_NTLSA_IFS_ */
/******************************************************************************
* Power Management Support Types *
******************************************************************************/
@ -2683,7 +2681,6 @@ NTSTATUS
IN OUT PVOID Context OPTIONAL);
typedef POWER_SETTING_CALLBACK *PPOWER_SETTING_CALLBACK;
/******************************************************************************
* Configuration Manager Types *
******************************************************************************/
@ -8399,8 +8396,6 @@ RtlStringFromGUID(
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTSYSAPI
BOOLEAN
NTAPI
@ -8879,7 +8874,6 @@ RtlSetDaclSecurityDescriptor(
#define RtlStoreUlongPtr(Address,Value) RtlStoreUlong(Address,Value)
#endif /* _WIN64 */
NTSYSAPI
BOOLEAN
NTAPI
@ -8988,7 +8982,6 @@ RtlPrefetchMemoryNonTemporal(
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTSYSAPI
VOID
NTAPI
@ -9026,12 +9019,12 @@ RtlHashUnicodeString(
OUT PULONG HashValue);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTSYSAPI
ULONG
NTAPI
@ -9086,8 +9079,6 @@ RtlCmEncodeMemIoResource(
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTSYSAPI
NTSTATUS
NTAPI
@ -9663,7 +9654,6 @@ RTLVERLIB_DDI(RtlIsServicePackVersionInstalled)(
/******************************************************************************
* Kernel Functions *
******************************************************************************/
NTKERNELAPI
VOID
NTAPI
@ -9680,7 +9670,6 @@ KeClearEvent(
#if (NTDDI_VERSION >= NTDDI_WIN2K)
#if defined(_NTDDK_) || defined(_NTIFS_)
NTKERNELAPI
VOID
@ -9699,7 +9688,6 @@ ProbeForWrite(
IN SIZE_T Length,
IN ULONG Alignment);
#if defined(SINGLE_GROUP_LEGACY_API)
NTKERNELAPI
@ -9724,8 +9712,6 @@ NTKERNELAPI
KAFFINITY
NTAPI
KeQueryActiveProcessors(VOID);
#endif /* defined(SINGLE_GROUP_LEGACY_API) */
#if !defined(_M_AMD64)
@ -10164,7 +10150,6 @@ VOID
NTAPI
KeFlushQueuedDpcs(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WINXPSP2) */
#if (NTDDI_VERSION >= NTDDI_WS03)
NTKERNELAPI
@ -10214,12 +10199,9 @@ FASTCALL
KeTestSpinLock(
IN PKSPIN_LOCK SpinLock);
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
NTKERNELAPI
BOOLEAN
FASTCALL
@ -10276,11 +10258,9 @@ BOOLEAN
FASTCALL
KeTryToAcquireGuardedMutex(
IN OUT PKGUARDED_MUTEX GuardedMutex);
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
VOID
FASTCALL
@ -10299,7 +10279,6 @@ NTSTATUS
NTAPI
KeQueryDpcWatchdogInformation(
OUT PKDPC_WATCHDOG_INFORMATION WatchdogInformation);
#if defined(SINGLE_GROUP_LEGACY_API)
NTKERNELAPI
@ -10341,10 +10320,8 @@ KeDeregisterProcessorChangeCallback(
IN PVOID CallbackHandle);
#endif /* (NTDDI_VERSION >= NTDDI_WS08) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
ULONG64
NTAPI
KeQueryTotalCycleTimeProcess(
@ -10482,9 +10459,7 @@ ULONG
NTAPI
KeGetProcessorIndexFromNumber(
IN PPROCESSOR_NUMBER ProcNumber);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
#if !defined(_IA64_)
NTHALAPI
VOID
@ -10699,7 +10674,6 @@ KeFlushWriteBuffer(VOID);
}
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
PVOID
NTAPI
@ -10946,7 +10920,6 @@ MmAddVerifierThunks(
IN ULONG ThunkBufferSize);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WS03)
NTKERNELAPI
LOGICAL
@ -10954,8 +10927,8 @@ NTAPI
MmIsIoSpaceActive(
IN PHYSICAL_ADDRESS StartAddress,
IN SIZE_T NumberOfBytes);
#endif
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
NTKERNELAPI
PMDL
@ -10970,20 +10943,18 @@ MmAllocatePagesForMdlEx(
#endif
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
LOGICAL
NTAPI
MmIsDriverVerifyingByAddress(
IN PVOID AddressWithinSection);
#endif
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
/******************************************************************************
* Security Manager Functions *
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
BOOLEAN
NTAPI
@ -11068,6 +11039,7 @@ NTAPI
SeLockSubjectContext(
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
@ -11091,7 +11063,6 @@ SeReportSecurityEvent(
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
ULONG
NTAPI
@ -11108,7 +11079,6 @@ SeGetWorldRights(
IN PGENERIC_MAPPING GenericMapping,
OUT PACCESS_MASK GrantedAccess);
#endif /* SE_NTFS_WORLD_CACHE */
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
/******************************************************************************
* Configuration Manager Functions *
@ -12374,8 +12344,10 @@ NTAPI
IoSetTopLevelIrp(
IN PIRP Irp OPTIONAL);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
@ -12570,6 +12542,7 @@ IoCsqInsertIrpEx(
IN PVOID InsertContext OPTIONAL);
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
NTSTATUS
@ -12719,6 +12692,7 @@ IoReplacePartitionUnit(
#endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
NTSTATUS
NTAPI
@ -13401,6 +13375,7 @@ ExInitializeFastMutex(
return;
}
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
VOID
@ -13823,7 +13798,6 @@ VOID
FASTCALL
ExWaitForRundownProtectionRelease(
IN OUT PEX_RUNDOWN_REF RunRef);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
@ -14066,7 +14040,6 @@ ExFreeToNPagedLookasideList(
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
LONG_PTR
FASTCALL
@ -14115,7 +14088,6 @@ NTAPI
ObReleaseObjectSecurity(
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN BOOLEAN MemoryAllocated);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
@ -14148,7 +14120,6 @@ ObGetFilterVersion(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
NTSTATUS
NTAPI
@ -14196,10 +14167,8 @@ ObDereferenceObjectDeferDeleteWithTag(
#define ObReferenceObject ObfReferenceObject
#define ObDereferenceObjectWithTag ObfDereferenceObjectWithTag
#define ObReferenceObjectWithTag ObfReferenceObjectWithTag
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
/******************************************************************************
* Process Manager Functions *
******************************************************************************/
@ -14249,9 +14218,9 @@ NTAPI
PsTerminateSystemThread(
IN NTSTATUS ExitStatus);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
/******************************************************************************
* WMI Library Support Functions *
******************************************************************************/
@ -15321,11 +15290,8 @@ NtPropagationFailed(
#define ZwCurrentThread() NtCurrentThread()
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTSYSAPI
NTSTATUS
NTAPI
@ -15591,7 +15557,6 @@ ZwQueryFullAttributesFile(
IN POBJECT_ATTRIBUTES ObjectAttributes,
OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
@ -15927,15 +15892,9 @@ NTAPI
ZwSinglePhaseReject(
IN HANDLE EnlistmentHandle,
IN PLARGE_INTEGER TmVirtualClock OPTIONAL);
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTSYSAPI
NTSTATUS
NTAPI
@ -15999,7 +15958,6 @@ ZwSetInformationKey(
IN PVOID KeySetInformation,
IN ULONG KeySetInformationLength);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */

129
include/ddk/wmlib.h
View file

@ -1,129 +0,0 @@
#ifndef _WMILIB_
#define _WMILIB_
#ifdef __cplusplus
extern "C" {
#endif
typedef struct _WMIGUIDREGINFO {
LPCGUID Guid;
ULONG InstanceCount;
ULONG Flags;
} WMIGUIDREGINFO, *PWMIGUIDREGINFO;
typedef enum _WMIENABLEDISABLECONTROL {
WmiEventControl,
WmiDataBlockControl
} WMIENABLEDISABLECONTROL, *PWMIENABLEDISABLECONTROL;
typedef enum _SYSCTL_IRP_DISPOSITION {
IrpProcessed,
IrpNotCompleted,
IrpNotWmi,
IrpForward
} SYSCTL_IRP_DISPOSITION, *PSYSCTL_IRP_DISPOSITION;
typedef
NTSTATUS
(NTAPI WMI_QUERY_REGINFO_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PULONG RegFlags,
IN OUT PUNICODE_STRING InstanceName,
IN OUT PUNICODE_STRING *RegistryPath OPTIONAL,
IN OUT PUNICODE_STRING MofResourceName,
OUT PDEVICE_OBJECT *Pdo OPTIONAL);
typedef WMI_QUERY_REGINFO_CALLBACK *PWMI_QUERY_REGINFO;
typedef
NTSTATUS
(NTAPI WMI_QUERY_DATABLOCK_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
IN OUT ULONG GuidIndex,
IN ULONG InstanceIndex,
IN ULONG InstanceCount,
OUT PULONG InstanceLengthArray OPTIONAL,
IN ULONG BufferAvail,
OUT PUCHAR Buffer OPTIONAL);
typedef WMI_QUERY_DATABLOCK_CALLBACK *PWMI_QUERY_DATABLOCK;
typedef
NTSTATUS
(NTAPI WMI_SET_DATABLOCK_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
IN ULONG GuidIndex,
IN ULONG InstanceIndex,
IN ULONG BufferSize,
IN PUCHAR Buffer);
typedef WMI_SET_DATABLOCK_CALLBACK *PWMI_SET_DATABLOCK;
typedef
NTSTATUS
(NTAPI WMI_SET_DATAITEM_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
IN ULONG GuidIndex,
IN ULONG InstanceIndex,
IN ULONG DataItemId,
IN ULONG BufferSize,
IN PUCHAR Buffer);
typedef WMI_SET_DATAITEM_CALLBACK *PWMI_SET_DATAITEM;
typedef
NTSTATUS
(NTAPI WMI_EXECUTE_METHOD_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
IN ULONG GuidIndex,
IN ULONG InstanceIndex,
IN ULONG MethodId,
IN ULONG InBufferSize,
IN ULONG OutBufferSize,
IN OUT PUCHAR Buffer);
typedef WMI_EXECUTE_METHOD_CALLBACK *PWMI_EXECUTE_METHOD;
typedef
NTSTATUS
(NTAPI WMI_FUNCTION_CONTROL_CALLBACK)(
IN OUT PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
IN ULONG GuidIndex,
IN WMIENABLEDISABLECONTROL Function,
IN BOOLEAN Enable);
typedef WMI_FUNCTION_CONTROL_CALLBACK *PWMI_FUNCTION_CONTROL;
typedef struct _WMILIB_CONTEXT {
ULONG GuidCount;
PWMIGUIDREGINFO GuidList;
PWMI_QUERY_REGINFO QueryWmiRegInfo;
PWMI_QUERY_DATABLOCK QueryWmiDataBlock;
PWMI_SET_DATABLOCK SetWmiDataBlock;
PWMI_SET_DATAITEM SetWmiDataItem;
PWMI_EXECUTE_METHOD ExecuteWmiMethod;
PWMI_FUNCTION_CONTROL WmiFunctionControl;
} WMILIB_CONTEXT, *PWMILIB_CONTEXT;
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTSTATUS
NTAPI
WmiSystemControl(
IN PWMILIB_CONTEXT WmiLibInfo,
IN PDEVICE_OBJECT DeviceObject,
IN OUT PIRP Irp,
OUT PSYSCTL_IRP_DISPOSITION IrpDisposition);
#endif
#ifdef __cplusplus
}
#endif
#endif /* !_WMILIB_ */

430
include/xdk/ccfuncs.h Normal file
View file

@ -0,0 +1,430 @@
$if (_NTIFS_)
/* Common Cache Functions */
#define CcIsFileCached(FO) ( \
((FO)->SectionObjectPointer != NULL) && \
(((PSECTION_OBJECT_POINTERS)(FO)->SectionObjectPointer)->SharedCacheMap != NULL) \
)
extern ULONG CcFastMdlReadWait;
#if (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
VOID
NTAPI
CcInitializeCacheMap(
IN PFILE_OBJECT FileObject,
IN PCC_FILE_SIZES FileSizes,
IN BOOLEAN PinAccess,
IN PCACHE_MANAGER_CALLBACKS Callbacks,
IN PVOID LazyWriteContext);
NTKERNELAPI
BOOLEAN
NTAPI
CcUninitializeCacheMap(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER TruncateSize OPTIONAL,
IN PCACHE_UNINITIALIZE_EVENT UninitializeCompleteEvent OPTIONAL);
NTKERNELAPI
VOID
NTAPI
CcSetFileSizes(
IN PFILE_OBJECT FileObject,
IN PCC_FILE_SIZES FileSizes);
NTKERNELAPI
VOID
NTAPI
CcSetDirtyPageThreshold(
IN PFILE_OBJECT FileObject,
IN ULONG DirtyPageThreshold);
NTKERNELAPI
VOID
NTAPI
CcFlushCache(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN ULONG Length,
OUT PIO_STATUS_BLOCK IoStatus OPTIONAL);
NTKERNELAPI
LARGE_INTEGER
NTAPI
CcGetFlushedValidData(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN BOOLEAN BcbListHeld);
NTKERNELAPI
BOOLEAN
NTAPI
CcZeroData(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER StartOffset,
IN PLARGE_INTEGER EndOffset,
IN BOOLEAN Wait);
NTKERNELAPI
PVOID
NTAPI
CcRemapBcb(
IN PVOID Bcb);
NTKERNELAPI
VOID
NTAPI
CcRepinBcb(
IN PVOID Bcb);
NTKERNELAPI
VOID
NTAPI
CcUnpinRepinnedBcb(
IN PVOID Bcb,
IN BOOLEAN WriteThrough,
OUT PIO_STATUS_BLOCK IoStatus);
NTKERNELAPI
PFILE_OBJECT
NTAPI
CcGetFileObjectFromSectionPtrs(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer);
NTKERNELAPI
PFILE_OBJECT
NTAPI
CcGetFileObjectFromBcb(
IN PVOID Bcb);
NTKERNELAPI
BOOLEAN
NTAPI
CcCanIWrite(
IN PFILE_OBJECT FileObject,
IN ULONG BytesToWrite,
IN BOOLEAN Wait,
IN BOOLEAN Retrying);
NTKERNELAPI
VOID
NTAPI
CcDeferWrite(
IN PFILE_OBJECT FileObject,
IN PCC_POST_DEFERRED_WRITE PostRoutine,
IN PVOID Context1,
IN PVOID Context2,
IN ULONG BytesToWrite,
IN BOOLEAN Retrying);
NTKERNELAPI
BOOLEAN
NTAPI
CcCopyRead(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN BOOLEAN Wait,
OUT PVOID Buffer,
OUT PIO_STATUS_BLOCK IoStatus);
NTKERNELAPI
VOID
NTAPI
CcFastCopyRead(
IN PFILE_OBJECT FileObject,
IN ULONG FileOffset,
IN ULONG Length,
IN ULONG PageCount,
OUT PVOID Buffer,
OUT PIO_STATUS_BLOCK IoStatus);
NTKERNELAPI
BOOLEAN
NTAPI
CcCopyWrite(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN BOOLEAN Wait,
IN PVOID Buffer);
NTKERNELAPI
VOID
NTAPI
CcFastCopyWrite(
IN PFILE_OBJECT FileObject,
IN ULONG FileOffset,
IN ULONG Length,
IN PVOID Buffer);
NTKERNELAPI
VOID
NTAPI
CcMdlRead(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
OUT PMDL *MdlChain,
OUT PIO_STATUS_BLOCK IoStatus);
NTKERNELAPI
VOID
NTAPI
CcMdlReadComplete(
IN PFILE_OBJECT FileObject,
IN PMDL MdlChain);
NTKERNELAPI
VOID
NTAPI
CcPrepareMdlWrite(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
OUT PMDL *MdlChain,
OUT PIO_STATUS_BLOCK IoStatus);
NTKERNELAPI
VOID
NTAPI
CcMdlWriteComplete(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN PMDL MdlChain);
NTKERNELAPI
VOID
NTAPI
CcScheduleReadAhead(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length);
NTKERNELAPI
NTSTATUS
NTAPI
CcWaitForCurrentLazyWriterActivity(
VOID);
NTKERNELAPI
VOID
NTAPI
CcSetReadAheadGranularity(
IN PFILE_OBJECT FileObject,
IN ULONG Granularity);
NTKERNELAPI
BOOLEAN
NTAPI
CcPinRead(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN ULONG Flags,
OUT PVOID *Bcb,
OUT PVOID *Buffer);
NTKERNELAPI
BOOLEAN
NTAPI
CcPinMappedData(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN ULONG Flags,
IN OUT PVOID *Bcb);
NTKERNELAPI
BOOLEAN
NTAPI
CcPreparePinWrite(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN BOOLEAN Zero,
IN ULONG Flags,
OUT PVOID *Bcb,
OUT PVOID *Buffer);
NTKERNELAPI
VOID
NTAPI
CcSetDirtyPinnedData(
IN PVOID BcbVoid,
IN PLARGE_INTEGER Lsn OPTIONAL);
NTKERNELAPI
VOID
NTAPI
CcUnpinData(
IN PVOID Bcb);
NTKERNELAPI
VOID
NTAPI
CcSetBcbOwnerPointer(
IN PVOID Bcb,
IN PVOID OwnerPointer);
NTKERNELAPI
VOID
NTAPI
CcUnpinDataForThread(
IN PVOID Bcb,
IN ERESOURCE_THREAD ResourceThreadId);
NTKERNELAPI
VOID
NTAPI
CcSetAdditionalCacheAttributes(
IN PFILE_OBJECT FileObject,
IN BOOLEAN DisableReadAhead,
IN BOOLEAN DisableWriteBehind);
NTKERNELAPI
BOOLEAN
NTAPI
CcIsThereDirtyData(
IN PVPB Vpb);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
VOID
NTAPI
CcMdlWriteAbort(
IN PFILE_OBJECT FileObject,
IN PMDL MdlChain);
NTKERNELAPI
VOID
NTAPI
CcSetLogHandleForFile(
IN PFILE_OBJECT FileObject,
IN PVOID LogHandle,
IN PFLUSH_TO_LSN FlushToLsnRoutine);
NTKERNELAPI
LARGE_INTEGER
NTAPI
CcGetDirtyPages(
IN PVOID LogHandle,
IN PDIRTY_PAGE_ROUTINE DirtyPageRoutine,
IN PVOID Context1,
IN PVOID Context2);
#endif
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
BOOLEAN
NTAPI
CcMapData(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN ULONG Flags,
OUT PVOID *Bcb,
OUT PVOID *Buffer);
#elif (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
BOOLEAN
NTAPI
CcMapData(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN BOOLEAN Wait,
OUT PVOID *Bcb,
OUT PVOID *Buffer);
#endif
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
NTSTATUS
NTAPI
CcSetFileSizesEx(
IN PFILE_OBJECT FileObject,
IN PCC_FILE_SIZES FileSizes);
NTKERNELAPI
PFILE_OBJECT
NTAPI
CcGetFileObjectFromSectionPtrsRef(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer);
NTKERNELAPI
VOID
NTAPI
CcSetParallelFlushFile(
IN PFILE_OBJECT FileObject,
IN BOOLEAN EnableParallelFlush);
NTKERNELAPI
BOOLEAN
CcIsThereDirtyDataEx(
IN PVPB Vpb,
IN PULONG NumberOfDirtyPages OPTIONAL);
#endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
VOID
NTAPI
CcCoherencyFlushAndPurgeCache(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN ULONG Length,
OUT PIO_STATUS_BLOCK IoStatus,
IN ULONG Flags OPTIONAL);
#endif
#define CcGetFileSizePointer(FO) ( \
((PLARGE_INTEGER)((FO)->SectionObjectPointer->SharedCacheMap) + 1) \
)
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI
BOOLEAN
NTAPI
CcPurgeCacheSection(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN ULONG Length,
IN ULONG Flags);
#elif (NTDDI_VERSION >= NTDDI_WIN2K)
NTKERNELAPI
BOOLEAN
NTAPI
CcPurgeCacheSection(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN PLARGE_INTEGER FileOffset OPTIONAL,
IN ULONG Length,
IN BOOLEAN UninitializeCacheMaps);
#endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
BOOLEAN
NTAPI
CcCopyWriteWontFlush(
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length);
#else
#define CcCopyWriteWontFlush(FO, FOFF, LEN) ((LEN) <= 0x10000)
#endif
#define CcReadAhead(FO, FOFF, LEN) ( \
if ((LEN) >= 256) { \
CcScheduleReadAhead((FO), (FOFF), (LEN)); \
} \
)
$endif (_NTIFS_)

75
include/xdk/cctypes.h Normal file
View file

@ -0,0 +1,75 @@
$if (_NTIFS_)
/* Common Cache Types */
#define VACB_MAPPING_GRANULARITY (0x40000)
#define VACB_OFFSET_SHIFT (18)
typedef struct _PUBLIC_BCB {
CSHORT NodeTypeCode;
CSHORT NodeByteSize;
ULONG MappedLength;
LARGE_INTEGER MappedFileOffset;
} PUBLIC_BCB, *PPUBLIC_BCB;
typedef struct _CC_FILE_SIZES {
LARGE_INTEGER AllocationSize;
LARGE_INTEGER FileSize;
LARGE_INTEGER ValidDataLength;
} CC_FILE_SIZES, *PCC_FILE_SIZES;
typedef BOOLEAN
(NTAPI *PACQUIRE_FOR_LAZY_WRITE) (
IN PVOID Context,
IN BOOLEAN Wait);
typedef VOID
(NTAPI *PRELEASE_FROM_LAZY_WRITE) (
IN PVOID Context);
typedef BOOLEAN
(NTAPI *PACQUIRE_FOR_READ_AHEAD) (
IN PVOID Context,
IN BOOLEAN Wait);
typedef VOID
(NTAPI *PRELEASE_FROM_READ_AHEAD) (
IN PVOID Context);
typedef struct _CACHE_MANAGER_CALLBACKS {
PACQUIRE_FOR_LAZY_WRITE AcquireForLazyWrite;
PRELEASE_FROM_LAZY_WRITE ReleaseFromLazyWrite;
PACQUIRE_FOR_READ_AHEAD AcquireForReadAhead;
PRELEASE_FROM_READ_AHEAD ReleaseFromReadAhead;
} CACHE_MANAGER_CALLBACKS, *PCACHE_MANAGER_CALLBACKS;
typedef struct _CACHE_UNINITIALIZE_EVENT {
struct _CACHE_UNINITIALIZE_EVENT *Next;
KEVENT Event;
} CACHE_UNINITIALIZE_EVENT, *PCACHE_UNINITIALIZE_EVENT;
typedef VOID
(NTAPI *PDIRTY_PAGE_ROUTINE) (
IN PFILE_OBJECT FileObject,
IN PLARGE_INTEGER FileOffset,
IN ULONG Length,
IN PLARGE_INTEGER OldestLsn,
IN PLARGE_INTEGER NewestLsn,
IN PVOID Context1,
IN PVOID Context2);
typedef VOID
(NTAPI *PFLUSH_TO_LSN) (
IN PVOID LogHandle,
IN LARGE_INTEGER Lsn);
typedef VOID
(NTAPI *PCC_POST_DEFERRED_WRITE) (
IN PVOID Context1,
IN PVOID Context2);
#define UNINITIALIZE_CACHE_MAPS (1)
#define DO_NOT_RETRY_PURGE (2)
#define DO_NOT_PURGE_DIRTY_PAGES (0x4)
#define CC_FLUSH_AND_PURGE_NO_PURGE (0x1)
$endif (_NTIFS_)

309
include/xdk/exfuncs.h
View file

@ -2,100 +2,6 @@
* Executive Functions *
******************************************************************************/
$if (_NTDDK_)
static __inline PVOID
ExAllocateFromZone(
IN PZONE_HEADER Zone)
{
if (Zone->FreeList.Next)
Zone->FreeList.Next = Zone->FreeList.Next->Next;
return (PVOID) Zone->FreeList.Next;
}
static __inline PVOID
ExFreeToZone(
IN PZONE_HEADER Zone,
IN PVOID Block)
{
((PSINGLE_LIST_ENTRY) Block)->Next = Zone->FreeList.Next;
Zone->FreeList.Next = ((PSINGLE_LIST_ENTRY) Block);
return ((PSINGLE_LIST_ENTRY) Block)->Next;
}
/*
* PVOID
* ExInterlockedAllocateFromZone(
* IN PZONE_HEADER Zone,
* IN PKSPIN_LOCK Lock)
*/
#define ExInterlockedAllocateFromZone(Zone, Lock) \
((PVOID) ExInterlockedPopEntryList(&Zone->FreeList, Lock))
/* PVOID
* ExInterlockedFreeToZone(
* IN PZONE_HEADER Zone,
* IN PVOID Block,
* IN PKSPIN_LOCK Lock);
*/
#define ExInterlockedFreeToZone(Zone, Block, Lock) \
ExInterlockedPushEntryList(&(Zone)->FreeList, (PSINGLE_LIST_ENTRY)(Block), Lock)
/*
* BOOLEAN
* ExIsFullZone(
* IN PZONE_HEADER Zone)
*/
#define ExIsFullZone(Zone) \
((Zone)->FreeList.Next == (PSINGLE_LIST_ENTRY) NULL)
/* BOOLEAN
* ExIsObjectInFirstZoneSegment(
* IN PZONE_HEADER Zone,
* IN PVOID Object);
*/
#define ExIsObjectInFirstZoneSegment(Zone,Object) \
((BOOLEAN)( ((PUCHAR)(Object) >= (PUCHAR)(Zone)->SegmentList.Next) && \
((PUCHAR)(Object) < (PUCHAR)(Zone)->SegmentList.Next + \
(Zone)->TotalSegmentSize)) )
#define ExAcquireResourceExclusive ExAcquireResourceExclusiveLite
#define ExAcquireResourceShared ExAcquireResourceSharedLite
#define ExConvertExclusiveToShared ExConvertExclusiveToSharedLite
#define ExDeleteResource ExDeleteResourceLite
#define ExInitializeResource ExInitializeResourceLite
#define ExIsResourceAcquiredExclusive ExIsResourceAcquiredExclusiveLite
#define ExIsResourceAcquiredShared ExIsResourceAcquiredSharedLite
#define ExIsResourceAcquired ExIsResourceAcquiredSharedLite
#define ExReleaseResourceForThread ExReleaseResourceForThreadLite
typedef enum _INTERLOCKED_RESULT {
ResultNegative = RESULT_NEGATIVE,
ResultZero = RESULT_ZERO,
ResultPositive = RESULT_POSITIVE
} INTERLOCKED_RESULT;
#ifdef _X86_
NTKERNELAPI
INTERLOCKED_RESULT
FASTCALL
Exfi386InterlockedIncrementLong(
IN OUT LONG volatile *Addend);
NTKERNELAPI
INTERLOCKED_RESULT
FASTCALL
Exfi386InterlockedDecrementLong(
IN PLONG Addend);
NTKERNELAPI
ULONG
FASTCALL
Exfi386InterlockedExchangeUlong(
IN PULONG Target,
IN ULONG Value);
#endif
$endif (_NTDDK_)
$if (_WDMDDK_)
#define ExInterlockedIncrementLong(Addend,Lock) Exfi386InterlockedIncrementLong(Addend)
#define ExInterlockedDecrementLong(Addend,Lock) Exfi386InterlockedDecrementLong(Addend)
@ -327,53 +233,110 @@ ExInitializeFastMutex(
}
$endif (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_NTDDK_)
static __inline PVOID
ExAllocateFromZone(
IN PZONE_HEADER Zone)
{
if (Zone->FreeList.Next)
Zone->FreeList.Next = Zone->FreeList.Next->Next;
return (PVOID) Zone->FreeList.Next;
}
static __inline PVOID
ExFreeToZone(
IN PZONE_HEADER Zone,
IN PVOID Block)
{
((PSINGLE_LIST_ENTRY) Block)->Next = Zone->FreeList.Next;
Zone->FreeList.Next = ((PSINGLE_LIST_ENTRY) Block);
return ((PSINGLE_LIST_ENTRY) Block)->Next;
}
/*
* PVOID
* ExInterlockedAllocateFromZone(
* IN PZONE_HEADER Zone,
* IN PKSPIN_LOCK Lock)
*/
#define ExInterlockedAllocateFromZone(Zone, Lock) \
((PVOID) ExInterlockedPopEntryList(&Zone->FreeList, Lock))
/* PVOID
* ExInterlockedFreeToZone(
* IN PZONE_HEADER Zone,
* IN PVOID Block,
* IN PKSPIN_LOCK Lock);
*/
#define ExInterlockedFreeToZone(Zone, Block, Lock) \
ExInterlockedPushEntryList(&(Zone)->FreeList, (PSINGLE_LIST_ENTRY)(Block), Lock)
/*
* BOOLEAN
* ExIsFullZone(
* IN PZONE_HEADER Zone)
*/
#define ExIsFullZone(Zone) \
((Zone)->FreeList.Next == (PSINGLE_LIST_ENTRY) NULL)
/* BOOLEAN
* ExIsObjectInFirstZoneSegment(
* IN PZONE_HEADER Zone,
* IN PVOID Object);
*/
#define ExIsObjectInFirstZoneSegment(Zone,Object) \
((BOOLEAN)( ((PUCHAR)(Object) >= (PUCHAR)(Zone)->SegmentList.Next) && \
((PUCHAR)(Object) < (PUCHAR)(Zone)->SegmentList.Next + \
(Zone)->TotalSegmentSize)) )
#define ExAcquireResourceExclusive ExAcquireResourceExclusiveLite
#define ExAcquireResourceShared ExAcquireResourceSharedLite
#define ExConvertExclusiveToShared ExConvertExclusiveToSharedLite
#define ExDeleteResource ExDeleteResourceLite
#define ExInitializeResource ExInitializeResourceLite
#define ExIsResourceAcquiredExclusive ExIsResourceAcquiredExclusiveLite
#define ExIsResourceAcquiredShared ExIsResourceAcquiredSharedLite
#define ExIsResourceAcquired ExIsResourceAcquiredSharedLite
#define ExReleaseResourceForThread ExReleaseResourceForThreadLite
typedef enum _INTERLOCKED_RESULT {
ResultNegative = RESULT_NEGATIVE,
ResultZero = RESULT_ZERO,
ResultPositive = RESULT_POSITIVE
} INTERLOCKED_RESULT;
#ifdef _X86_
NTKERNELAPI
NTSTATUS
NTAPI
ExExtendZone(
IN OUT PZONE_HEADER Zone,
IN OUT PVOID Segment,
IN ULONG SegmentSize);
INTERLOCKED_RESULT
FASTCALL
Exfi386InterlockedIncrementLong(
IN OUT LONG volatile *Addend);
NTKERNELAPI
NTSTATUS
NTAPI
ExInitializeZone(
OUT PZONE_HEADER Zone,
IN ULONG BlockSize,
IN OUT PVOID InitialSegment,
IN ULONG InitialSegmentSize);
INTERLOCKED_RESULT
FASTCALL
Exfi386InterlockedDecrementLong(
IN PLONG Addend);
NTKERNELAPI
NTSTATUS
NTAPI
ExInterlockedExtendZone(
IN OUT PZONE_HEADER Zone,
IN OUT PVOID Segment,
IN ULONG SegmentSize,
IN OUT PKSPIN_LOCK Lock);
ULONG
FASTCALL
Exfi386InterlockedExchangeUlong(
IN PULONG Target,
IN ULONG Value);
#endif
NTKERNELAPI
NTSTATUS
NTAPI
ExUuidCreate(
OUT UUID *Uuid);
$endif (_NTDDK_)
$if (_NTIFS_)
#define ExDisableResourceBoost ExDisableResourceBoostLite
NTKERNELAPI
DECLSPEC_NORETURN
VOID
NTAPI
ExRaiseAccessViolation(VOID);
ExInitializePushLock (
OUT PEX_PUSH_LOCK PushLock);
$endif (_NTIFS_)
NTKERNELAPI
DECLSPEC_NORETURN
VOID
NTAPI
ExRaiseDatatypeMisalignment(VOID);
$endif (_NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_WDMDDK_)
NTKERNELAPI
VOID
@ -751,11 +714,78 @@ NTAPI
ExUnregisterCallback(
IN OUT PVOID CbRegistration);
$endif (_WDMDDK_)
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
ExExtendZone(
IN OUT PZONE_HEADER Zone,
IN OUT PVOID Segment,
IN ULONG SegmentSize);
NTKERNELAPI
NTSTATUS
NTAPI
ExInitializeZone(
OUT PZONE_HEADER Zone,
IN ULONG BlockSize,
IN OUT PVOID InitialSegment,
IN ULONG InitialSegmentSize);
NTKERNELAPI
NTSTATUS
NTAPI
ExInterlockedExtendZone(
IN OUT PZONE_HEADER Zone,
IN OUT PVOID Segment,
IN ULONG SegmentSize,
IN OUT PKSPIN_LOCK Lock);
NTKERNELAPI
NTSTATUS
NTAPI
ExUuidCreate(
OUT UUID *Uuid);
NTKERNELAPI
DECLSPEC_NORETURN
VOID
NTAPI
ExRaiseAccessViolation(VOID);
NTKERNELAPI
DECLSPEC_NORETURN
VOID
NTAPI
ExRaiseDatatypeMisalignment(VOID);
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
SIZE_T
NTAPI
ExQueryPoolBlockSize(
IN PVOID PoolBlock,
OUT PBOOLEAN QuotaCharged);
VOID
ExAdjustLookasideDepth(
VOID);
NTKERNELAPI
VOID
NTAPI
ExDisableResourceBoostLite(
IN PERESOURCE Resource);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$if (_WDMDDK_)
$if (_WDMDDK_ || _NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
$endif
$if (_WDMDDK_)
NTKERNELAPI
BOOLEAN
@ -798,9 +828,22 @@ VOID
FASTCALL
ExWaitForRundownProtectionRelease(
IN OUT PEX_RUNDOWN_REF RunRef);
$endif (_WDMDDK_)
$if (_NTIFS_)
PSLIST_ENTRY
FASTCALL
InterlockedPushListSList(
IN OUT PSLIST_HEADER ListHead,
IN OUT PSLIST_ENTRY List,
IN OUT PSLIST_ENTRY ListEnd,
IN ULONG Count);
$endif (_NTIFS_)
$if (_WDMDDK_ || _NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
$endif
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
NTKERNELAPI

1499
include/xdk/fsrtlfuncs.h Normal file
View file

File diff suppressed because it is too large Load diff

172
include/xdk/fsrtltypes.h Normal file
View file

@ -0,0 +1,172 @@
$if (_NTIFS_)
/* FSRTL Types */
typedef struct _FSRTL_COMMON_FCB_HEADER {
CSHORT NodeTypeCode;
CSHORT NodeByteSize;
UCHAR Flags;
UCHAR IsFastIoPossible;
UCHAR Flags2;
UCHAR Reserved:4;
UCHAR Version:4;
PERESOURCE Resource;
PERESOURCE PagingIoResource;
LARGE_INTEGER AllocationSize;
LARGE_INTEGER FileSize;
LARGE_INTEGER ValidDataLength;
} FSRTL_COMMON_FCB_HEADER, *PFSRTL_COMMON_FCB_HEADER;
#ifdef __cplusplus
typedef struct _FSRTL_ADVANCED_FCB_HEADER:FSRTL_COMMON_FCB_HEADER {
#else /* __cplusplus */
typedef struct _FSRTL_ADVANCED_FCB_HEADER {
FSRTL_COMMON_FCB_HEADER DUMMYSTRUCTNAME;
#endif /* __cplusplus */
PFAST_MUTEX FastMutex;
LIST_ENTRY FilterContexts;
#if (NTDDI_VERSION >= NTDDI_VISTA)
EX_PUSH_LOCK PushLock;
PVOID *FileContextSupportPointer;
#endif
} FSRTL_ADVANCED_FCB_HEADER, *PFSRTL_ADVANCED_FCB_HEADER;
#define FSRTL_FCB_HEADER_V0 (0x00)
#define FSRTL_FCB_HEADER_V1 (0x01)
#define FSRTL_FLAG_FILE_MODIFIED (0x01)
#define FSRTL_FLAG_FILE_LENGTH_CHANGED (0x02)
#define FSRTL_FLAG_LIMIT_MODIFIED_PAGES (0x04)
#define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_EX (0x08)
#define FSRTL_FLAG_ACQUIRE_MAIN_RSRC_SH (0x10)
#define FSRTL_FLAG_USER_MAPPED_FILE (0x20)
#define FSRTL_FLAG_ADVANCED_HEADER (0x40)
#define FSRTL_FLAG_EOF_ADVANCE_ACTIVE (0x80)
#define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01)
#define FSRTL_FLAG2_SUPPORTS_FILTER_CONTEXTS (0x02)
#define FSRTL_FLAG2_PURGE_WHEN_MAPPED (0x04)
#define FSRTL_FLAG2_IS_PAGING_FILE (0x08)
#define FSRTL_FSP_TOP_LEVEL_IRP (0x01)
#define FSRTL_CACHE_TOP_LEVEL_IRP (0x02)
#define FSRTL_MOD_WRITE_TOP_LEVEL_IRP (0x03)
#define FSRTL_FAST_IO_TOP_LEVEL_IRP (0x04)
#define FSRTL_NETWORK1_TOP_LEVEL_IRP ((LONG_PTR)0x05)
#define FSRTL_NETWORK2_TOP_LEVEL_IRP ((LONG_PTR)0x06)
#define FSRTL_MAX_TOP_LEVEL_IRP_FLAG ((LONG_PTR)0xFFFF)
typedef struct _FSRTL_AUXILIARY_BUFFER {
PVOID Buffer;
ULONG Length;
ULONG Flags;
PMDL Mdl;
} FSRTL_AUXILIARY_BUFFER, *PFSRTL_AUXILIARY_BUFFER;
#define FSRTL_AUXILIARY_FLAG_DEALLOCATE 0x00000001
typedef enum _FSRTL_COMPARISON_RESULT {
LessThan = -1,
EqualTo = 0,
GreaterThan = 1
} FSRTL_COMPARISON_RESULT;
#define FSRTL_FAT_LEGAL 0x01
#define FSRTL_HPFS_LEGAL 0x02
#define FSRTL_NTFS_LEGAL 0x04
#define FSRTL_WILD_CHARACTER 0x08
#define FSRTL_OLE_LEGAL 0x10
#define FSRTL_NTFS_STREAM_LEGAL (FSRTL_NTFS_LEGAL | FSRTL_OLE_LEGAL)
#define FSRTL_VOLUME_DISMOUNT 1
#define FSRTL_VOLUME_DISMOUNT_FAILED 2
#define FSRTL_VOLUME_LOCK 3
#define FSRTL_VOLUME_LOCK_FAILED 4
#define FSRTL_VOLUME_UNLOCK 5
#define FSRTL_VOLUME_MOUNT 6
#define FSRTL_VOLUME_NEEDS_CHKDSK 7
#define FSRTL_VOLUME_WORM_NEAR_FULL 8
#define FSRTL_VOLUME_WEARING_OUT 9
#define FSRTL_VOLUME_FORCED_CLOSED 10
#define FSRTL_VOLUME_INFO_MAKE_COMPAT 11
#define FSRTL_VOLUME_PREPARING_EJECT 12
#define FSRTL_VOLUME_CHANGE_SIZE 13
#define FSRTL_VOLUME_BACKGROUND_FORMAT 14
typedef VOID
(NTAPI *PFSRTL_STACK_OVERFLOW_ROUTINE) (
IN PVOID Context,
IN PKEVENT Event);
#if (NTDDI_VERSION >= NTDDI_VISTA)
#define FSRTL_UNC_PROVIDER_FLAGS_MAILSLOTS_SUPPORTED 0x00000001
#define FSRTL_UNC_PROVIDER_FLAGS_CSC_ENABLED 0x00000002
#define FSRTL_UNC_PROVIDER_FLAGS_DOMAIN_SVC_AWARE 0x00000004
#define FSRTL_ALLOCATE_ECPLIST_FLAG_CHARGE_QUOTA 0x00000001
#define FSRTL_ALLOCATE_ECP_FLAG_CHARGE_QUOTA 0x00000001
#define FSRTL_ALLOCATE_ECP_FLAG_NONPAGED_POOL 0x00000002
#define FSRTL_ECP_LOOKASIDE_FLAG_NONPAGED_POOL 0x00000002
#define FSRTL_VIRTDISK_FULLY_ALLOCATED 0x00000001
#define FSRTL_VIRTDISK_NO_DRIVE_LETTER 0x00000002
typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_1 {
ULONG32 ProviderId;
} FSRTL_MUP_PROVIDER_INFO_LEVEL_1, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_1;
typedef struct _FSRTL_MUP_PROVIDER_INFO_LEVEL_2 {
ULONG32 ProviderId;
UNICODE_STRING ProviderName;
} FSRTL_MUP_PROVIDER_INFO_LEVEL_2, *PFSRTL_MUP_PROVIDER_INFO_LEVEL_2;
typedef VOID
(*PFSRTL_EXTRA_CREATE_PARAMETER_CLEANUP_CALLBACK) (
IN OUT PVOID EcpContext,
IN LPCGUID EcpType);
typedef struct _ECP_LIST ECP_LIST, *PECP_LIST;
typedef ULONG FSRTL_ALLOCATE_ECPLIST_FLAGS;
typedef ULONG FSRTL_ALLOCATE_ECP_FLAGS;
typedef ULONG FSRTL_ECP_LOOKASIDE_FLAGS;
typedef enum _FSRTL_CHANGE_BACKING_TYPE {
ChangeDataControlArea,
ChangeImageControlArea,
ChangeSharedCacheMap
} FSRTL_CHANGE_BACKING_TYPE, *PFSRTL_CHANGE_BACKING_TYPE;
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
typedef struct _FSRTL_PER_FILE_CONTEXT {
LIST_ENTRY Links;
PVOID OwnerId;
PVOID InstanceId;
PFREE_FUNCTION FreeCallback;
} FSRTL_PER_FILE_CONTEXT, *PFSRTL_PER_FILE_CONTEXT;
typedef struct _FSRTL_PER_STREAM_CONTEXT {
LIST_ENTRY Links;
PVOID OwnerId;
PVOID InstanceId;
PFREE_FUNCTION FreeCallback;
} FSRTL_PER_STREAM_CONTEXT, *PFSRTL_PER_STREAM_CONTEXT;
#if (NTDDI_VERSION >= NTDDI_WIN2K)
typedef VOID
(*PFN_FSRTLTEARDOWNPERSTREAMCONTEXTS) (
IN PFSRTL_ADVANCED_FCB_HEADER AdvancedHeader);
#endif
typedef struct _FSRTL_PER_FILEOBJECT_CONTEXT {
LIST_ENTRY Links;
PVOID OwnerId;
PVOID InstanceId;
} FSRTL_PER_FILEOBJECT_CONTEXT, *PFSRTL_PER_FILEOBJECT_CONTEXT;
#define FSRTL_CC_FLUSH_ERROR_FLAG_NO_HARD_ERROR 0x1
#define FSRTL_CC_FLUSH_ERROR_FLAG_NO_LOG_ENTRY 0x2
$endif (_NTIFS_)

1
include/xdk/generate.bat
View file

@ -2,4 +2,5 @@
..\..\output-i386\tools\hpp\hpp.exe wdm.template.h wdm.h
..\..\output-i386\tools\hpp\hpp.exe ntddk.template.h ntddk.h
..\..\output-i386\tools\hpp\hpp.exe ntifs.template.h ntifs.h
..\..\output-i386\tools\hpp\hpp.exe devioctl.template.h devioctl.h

1172
include/xdk/iofuncs.h
View file

File diff suppressed because it is too large Load diff

1887
include/xdk/iotypes.h
View file

File diff suppressed because it is too large Load diff

526
include/xdk/kefuncs.h
View file

@ -1,15 +1,6 @@
/******************************************************************************
* Kernel Functions *
******************************************************************************/
$if (_NTDDK_)
NTKERNELAPI
VOID
FASTCALL
KeInvalidateRangeAllCaches(
IN PVOID BaseAddress,
IN ULONG Length);
$endif
$if (_WDMDDK_)
NTKERNELAPI
VOID
@ -24,10 +15,52 @@ VOID
NTAPI
KeClearEvent(
IN OUT PRKEVENT Event);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
VOID
FASTCALL
KeInvalidateRangeAllCaches(
IN PVOID BaseAddress,
IN ULONG Length);
$endif (_NTDDK_)
$if (_NTIFS_)
NTSTATUS
NTAPI
KeGetProcessorNumberFromIndex(
IN ULONG ProcIndex,
OUT PPROCESSOR_NUMBER ProcNumber);
ULONG
NTAPI
KeGetProcessorIndexFromNumber(
IN PPROCESSOR_NUMBER ProcNumber);
$endif (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_WDMDDK_)
#if defined(_NTDDK_) || defined(_NTIFS_)
NTKERNELAPI
VOID
NTAPI
ProbeForRead(
IN CONST VOID *Address, /* CONST is added */
IN SIZE_T Length,
IN ULONG Alignment);
#endif /* defined(_NTDDK_) || defined(_NTIFS_) */
NTKERNELAPI
VOID
NTAPI
ProbeForWrite(
IN PVOID Address,
IN SIZE_T Length,
IN ULONG Alignment);
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
VOID
@ -67,30 +100,10 @@ VOID
NTAPI
KeBugCheck(
IN ULONG BugCheckCode);
$endif /* _NTDDK_ */
$if (_WDMDDK_)
#if defined(_NTDDK_) || defined(_NTIFS_)
NTKERNELAPI
VOID
NTAPI
ProbeForRead(
IN CONST VOID *Address, /* CONST is added */
IN SIZE_T Length,
IN ULONG Alignment);
#endif /* defined(_NTDDK_) || defined(_NTIFS_) */
NTKERNELAPI
VOID
NTAPI
ProbeForWrite(
IN PVOID Address,
IN SIZE_T Length,
IN ULONG Alignment);
$endif /* _WDMDDK_ */
$endif(_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#if defined(SINGLE_GROUP_LEGACY_API)
$endif
$if (_WDMDDK_)
NTKERNELAPI
@ -115,9 +128,9 @@ NTKERNELAPI
KAFFINITY
NTAPI
KeQueryActiveProcessors(VOID);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
VOID
NTAPI
@ -129,9 +142,10 @@ NTKERNELAPI
KAFFINITY
NTAPI
KeQueryActiveProcessors(VOID);
$endif
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* defined(SINGLE_GROUP_LEGACY_API) */
$endif
$if (_WDMDDK_)
#if !defined(_M_AMD64)
@ -475,17 +489,127 @@ KeWaitForSingleObject(
IN KPROCESSOR_MODE WaitMode,
IN BOOLEAN Alertable,
IN PLARGE_INTEGER Timeout OPTIONAL);
$endif (_WDMDDK_)
$if (_NTIFS_)
NTKERNELAPI
VOID
NTAPI
KeInitializeMutant(
OUT PRKMUTANT Mutant,
IN BOOLEAN InitialOwner);
NTKERNELAPI
LONG
NTAPI
KeReadStateMutant(
IN PRKMUTANT Mutant);
NTKERNELAPI
LONG
NTAPI
KeReleaseMutant(
IN OUT PRKMUTANT Mutant,
IN KPRIORITY Increment,
IN BOOLEAN Abandoned,
IN BOOLEAN Wait);
NTKERNELAPI
VOID
NTAPI
KeInitializeQueue(
OUT PRKQUEUE Queue,
IN ULONG Count);
NTKERNELAPI
LONG
NTAPI
KeReadStateQueue(
IN PRKQUEUE Queue);
NTKERNELAPI
LONG
NTAPI
KeInsertQueue(
IN OUT PRKQUEUE Queue,
IN OUT PLIST_ENTRY Entry);
NTKERNELAPI
LONG
NTAPI
KeInsertHeadQueue(
IN OUT PRKQUEUE Queue,
IN OUT PLIST_ENTRY Entry);
NTKERNELAPI
PLIST_ENTRY
NTAPI
KeRemoveQueue(
IN OUT PRKQUEUE Queue,
IN KPROCESSOR_MODE WaitMode,
IN PLARGE_INTEGER Timeout OPTIONAL);
NTKERNELAPI
VOID
NTAPI
KeAttachProcess(
IN OUT PKPROCESS Process);
NTKERNELAPI
VOID
NTAPI
KeDetachProcess(
VOID);
NTKERNELAPI
PLIST_ENTRY
NTAPI
KeRundownQueue(
IN OUT PRKQUEUE Queue);
NTKERNELAPI
VOID
NTAPI
KeStackAttachProcess(
IN OUT PKPROCESS Process,
OUT PKAPC_STATE ApcState);
NTKERNELAPI
VOID
NTAPI
KeUnstackDetachProcess(
IN PKAPC_STATE ApcState);
NTKERNELAPI
UCHAR
NTAPI
KeSetIdealProcessorThread(
IN OUT PKTHREAD Thread,
IN UCHAR Processor);
NTKERNELAPI
BOOLEAN
NTAPI
KeSetKernelStackSwapEnable(
IN BOOLEAN Enable);
#if defined(_X86_)
NTHALAPI
KIRQL
FASTCALL
KeAcquireSpinLockRaiseToSynch(
IN OUT PKSPIN_LOCK SpinLock);
#else
NTKERNELAPI
KIRQL
KeAcquireSpinLockRaiseToSynch(
IN OUT PKSPIN_LOCK SpinLock);
#endif
$endif
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
$if (_NTDDK_)
NTKERNELAPI
BOOLEAN
NTAPI
KeAreApcsDisabled(VOID);
$endif
$if (_WDMDDK_)
_DECL_HAL_KE_IMPORT
@ -550,7 +674,35 @@ VOID
FASTCALL
KeReleaseInStackQueuedSpinLock(
IN PKLOCK_QUEUE_HANDLE LockHandle);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
BOOLEAN
NTAPI
KeAreApcsDisabled(VOID);
$endif (_NTDDK_)
$if (_NTIFS_)
_DECL_HAL_KE_IMPORT
KIRQL
FASTCALL
KeAcquireQueuedSpinLock(
IN OUT KSPIN_LOCK_QUEUE_NUMBER Number);
_DECL_HAL_KE_IMPORT
VOID
FASTCALL
KeReleaseQueuedSpinLock(
IN OUT KSPIN_LOCK_QUEUE_NUMBER Number,
IN KIRQL OldIrql);
_DECL_HAL_KE_IMPORT
LOGICAL
FASTCALL
KeTryToAcquireQueuedSpinLock(
IN KSPIN_LOCK_QUEUE_NUMBER Number,
OUT PKIRQL OldIrql);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
@ -580,9 +732,10 @@ VOID
NTAPI
KeFlushQueuedDpcs(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_WINXPSP2) */
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_WDMDDK_ || _NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03)
$endif
$if (_WDMDDK_)
NTKERNELAPI
@ -631,38 +784,20 @@ BOOLEAN
FASTCALL
KeTestSpinLock(
IN PKSPIN_LOCK SpinLock);
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
BOOLEAN
NTAPI
KeInvalidateAllCaches(VOID);
$endif /* _NTDDK_ */
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
$endif
$if (_WDMDDK_ || _NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
$if (_NTDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
KeExpandKernelStackAndCallout(
IN PEXPAND_STACK_CALLOUT Callout,
IN PVOID Parameter OPTIONAL,
IN SIZE_T Size);
NTKERNELAPI
VOID
NTAPI
KeEnterGuardedRegion(VOID);
NTKERNELAPI
VOID
NTAPI
KeLeaveGuardedRegion(VOID);
$endif /* _NTDDK_ */
$endif
$if (_WDMDDK_)
NTKERNELAPI
@ -721,12 +856,31 @@ BOOLEAN
FASTCALL
KeTryToAcquireGuardedMutex(
IN OUT PKGUARDED_MUTEX GuardedMutex);
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
KeExpandKernelStackAndCallout(
IN PEXPAND_STACK_CALLOUT Callout,
IN PVOID Parameter OPTIONAL,
IN SIZE_T Size);
NTKERNELAPI
VOID
NTAPI
KeEnterGuardedRegion(VOID);
NTKERNELAPI
VOID
NTAPI
KeLeaveGuardedRegion(VOID);
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
$endif
#if (NTDDI_VERSION >= NTDDI_VISTA)
$if (_WDMDDK_)
NTKERNELAPI
VOID
@ -746,21 +900,10 @@ NTSTATUS
NTAPI
KeQueryDpcWatchdogInformation(
OUT PKDPC_WATCHDOG_INFORMATION WatchdogInformation);
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_WDMDDK_ || _NTDDK_)
#if defined(SINGLE_GROUP_LEGACY_API)
$if (_NTDDK_)
NTKERNELAPI
ULONG
NTAPI
KeQueryActiveProcessorCount(
OUT PKAFFINITY ActiveProcessors OPTIONAL);
NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCount(VOID);
$endif /* _NTDDK_ */
$endif
$if (_WDMDDK_)
NTKERNELAPI
@ -785,8 +928,39 @@ NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCount(VOID);
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
ULONG
NTAPI
KeQueryActiveProcessorCount(
OUT PKAFFINITY ActiveProcessors OPTIONAL);
NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCount(VOID);
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* SINGLE_GROUP_LEGACY_API */
$endif
$if (_NTIFS_)
NTKERNELAPI
VOID
KeQueryOwnerMutant(
IN PKMUTANT Mutant,
OUT PCLIENT_ID ClientId);
NTKERNELAPI
ULONG
KeRemoveQueueEx (
IN OUT PKQUEUE Queue,
IN KPROCESSOR_MODE WaitMode,
IN BOOLEAN Alertable,
IN PLARGE_INTEGER Timeout OPTIONAL,
OUT PLIST_ENTRY *EntryArray,
IN ULONG Count);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
@ -804,93 +978,10 @@ KeDeregisterProcessorChangeCallback(
IN PVOID CallbackHandle);
#endif /* (NTDDI_VERSION >= NTDDI_WS08) */
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_WDMDDK_ || _NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WIN7)
$if (_NTDDK_)
NTKERNELAPI
ULONG
NTAPI
KeQueryActiveProcessorCountEx(
IN USHORT GroupNumber);
NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCountEx(
IN USHORT GroupNumber);
NTKERNELAPI
USHORT
NTAPI
KeQueryActiveGroupCount(VOID);
NTKERNELAPI
USHORT
NTAPI
KeQueryMaximumGroupCount(VOID);
NTKERNELAPI
KAFFINITY
NTAPI
KeQueryGroupAffinity(
IN USHORT GroupNumber);
NTKERNELAPI
ULONG
NTAPI
KeGetCurrentProcessorNumberEx(
OUT PPROCESSOR_NUMBER ProcNumber OPTIONAL);
NTKERNELAPI
VOID
NTAPI
KeQueryNodeActiveAffinity(
IN USHORT NodeNumber,
OUT PGROUP_AFFINITY Affinity OPTIONAL,
OUT PUSHORT Count OPTIONAL);
NTKERNELAPI
USHORT
NTAPI
KeQueryNodeMaximumProcessorCount(
IN USHORT NodeNumber);
NTKERNELAPI
USHORT
NTAPI
KeQueryHighestNodeNumber(VOID);
NTKERNELAPI
USHORT
NTAPI
KeGetCurrentNodeNumber(VOID);
NTKERNELAPI
NTSTATUS
NTAPI
KeQueryLogicalProcessorRelationship(
IN PPROCESSOR_NUMBER ProcessorNumber OPTIONAL,
IN LOGICAL_PROCESSOR_RELATIONSHIP RelationshipType,
OUT PSYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX Information OPTIONAL,
IN OUT PULONG Length);
NTKERNELAPI
NTSTATUS
NTAPI
KeSetHardwareCounterConfiguration(
IN PHARDWARE_COUNTER CounterArray,
IN ULONG Count);
NTKERNELAPI
NTSTATUS
NTAPI
KeQueryHardwareCounterConfiguration(
OUT PHARDWARE_COUNTER CounterArray,
IN ULONG MaximumCount,
OUT PULONG Count);
$endif /* _NTDDK_ */
$endif
$if (_WDMDDK_)
ULONG64
@ -1030,10 +1121,93 @@ ULONG
NTAPI
KeGetProcessorIndexFromNumber(
IN PPROCESSOR_NUMBER ProcNumber);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
ULONG
NTAPI
KeQueryActiveProcessorCountEx(
IN USHORT GroupNumber);
NTKERNELAPI
ULONG
NTAPI
KeQueryMaximumProcessorCountEx(
IN USHORT GroupNumber);
NTKERNELAPI
USHORT
NTAPI
KeQueryActiveGroupCount(VOID);
NTKERNELAPI
USHORT
NTAPI
KeQueryMaximumGroupCount(VOID);
NTKERNELAPI
KAFFINITY
NTAPI
KeQueryGroupAffinity(
IN USHORT GroupNumber);
NTKERNELAPI
ULONG
NTAPI
KeGetCurrentProcessorNumberEx(
OUT PPROCESSOR_NUMBER ProcNumber OPTIONAL);
NTKERNELAPI
VOID
NTAPI
KeQueryNodeActiveAffinity(
IN USHORT NodeNumber,
OUT PGROUP_AFFINITY Affinity OPTIONAL,
OUT PUSHORT Count OPTIONAL);
NTKERNELAPI
USHORT
NTAPI
KeQueryNodeMaximumProcessorCount(
IN USHORT NodeNumber);
NTKERNELAPI
USHORT
NTAPI
KeQueryHighestNodeNumber(VOID);
NTKERNELAPI
USHORT
NTAPI
KeGetCurrentNodeNumber(VOID);
NTKERNELAPI
NTSTATUS
NTAPI
KeQueryLogicalProcessorRelationship(
IN PPROCESSOR_NUMBER ProcessorNumber OPTIONAL,
IN LOGICAL_PROCESSOR_RELATIONSHIP RelationshipType,
OUT PSYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX Information OPTIONAL,
IN OUT PULONG Length);
NTKERNELAPI
NTSTATUS
NTAPI
KeSetHardwareCounterConfiguration(
IN PHARDWARE_COUNTER CounterArray,
IN ULONG Count);
NTKERNELAPI
NTSTATUS
NTAPI
KeQueryHardwareCounterConfiguration(
OUT PHARDWARE_COUNTER CounterArray,
IN ULONG MaximumCount,
OUT PULONG Count);
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
$endif
$if (_WDMDDK_)
#if !defined(_IA64_)
NTHALAPI
@ -1071,5 +1245,5 @@ KeFlushWriteBuffer(VOID);
#endif /* DBG */
#define PAGED_CODE_LOCKED() NOP_FUNCTION;
$endif
$endif (_WDMDDK_)

457
include/xdk/mmfuncs.h
View file

@ -174,185 +174,21 @@ $if (_WDMDDK_)
ASSERT(((_Mdl)->MdlFlags & MDL_MAPPED_TO_SYSTEM_VA) == 0); \
} \
}
$endif
$endif (_WDMDDK_)
$if (_NTIFS_)
FORCEINLINE
ULONG
HEAP_MAKE_TAG_FLAGS(
IN ULONG TagBase,
IN ULONG Tag)
{
//__assume_bound(TagBase); // FIXME
return ((ULONG)((TagBase) + ((Tag) << HEAP_TAG_SHIFT)));
}
$endif (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_NTDDK_)
NTKERNELAPI
PPHYSICAL_MEMORY_RANGE
NTAPI
MmGetPhysicalMemoryRanges(VOID);
NTKERNELAPI
PHYSICAL_ADDRESS
NTAPI
MmGetPhysicalAddress(
IN PVOID BaseAddress);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsNonPagedSystemAddressValid(
IN PVOID VirtualAddress);
NTKERNELAPI
PVOID
NTAPI
MmAllocateNonCachedMemory(
IN SIZE_T NumberOfBytes);
NTKERNELAPI
VOID
NTAPI
MmFreeNonCachedMemory(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes);
NTKERNELAPI
PVOID
NTAPI
MmGetVirtualForPhysical(
IN PHYSICAL_ADDRESS PhysicalAddress);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapUserAddressesToPage(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes,
IN PVOID PageAddress);
NTKERNELAPI
PVOID
NTAPI
MmMapVideoDisplay(
IN PHYSICAL_ADDRESS PhysicalAddress,
IN SIZE_T NumberOfBytes,
IN MEMORY_CACHING_TYPE CacheType);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapViewInSessionSpace(
IN PVOID Section,
OUT PVOID *MappedBase,
IN OUT PSIZE_T ViewSize);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapViewInSystemSpace(
IN PVOID Section,
OUT PVOID *MappedBase,
IN OUT PSIZE_T ViewSize);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsAddressValid(
IN PVOID VirtualAddress);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsThisAnNtAsSystem(VOID);
NTKERNELAPI
VOID
NTAPI
MmLockPagableSectionByHandle(
IN PVOID ImageSectionHandle);
NTKERNELAPI
NTSTATUS
NTAPI
MmUnmapViewInSessionSpace(
IN PVOID MappedBase);
NTKERNELAPI
NTSTATUS
NTAPI
MmUnmapViewInSystemSpace(
IN PVOID MappedBase);
NTKERNELAPI
VOID
NTAPI
MmUnsecureVirtualMemory(
IN HANDLE SecureHandle);
NTKERNELAPI
NTSTATUS
NTAPI
MmRemovePhysicalMemory(
IN PPHYSICAL_ADDRESS StartAddress,
IN OUT PLARGE_INTEGER NumberOfBytes);
NTKERNELAPI
HANDLE
NTAPI
MmSecureVirtualMemory(
IN PVOID Address,
IN SIZE_T Size,
IN ULONG ProbeMode);
NTKERNELAPI
VOID
NTAPI
MmUnmapVideoDisplay(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes);
NTKERNELAPI
NTSTATUS
NTAPI
MmAddPhysicalMemory(
IN PPHYSICAL_ADDRESS StartAddress,
IN OUT PLARGE_INTEGER NumberOfBytes);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemory(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS HighestAcceptableAddress);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemorySpecifyCache(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS LowestAcceptableAddress,
IN PHYSICAL_ADDRESS HighestAcceptableAddress,
IN PHYSICAL_ADDRESS BoundaryAddressMultiple OPTIONAL,
IN MEMORY_CACHING_TYPE CacheType);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemorySpecifyCacheNode(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS LowestAcceptableAddress,
IN PHYSICAL_ADDRESS HighestAcceptableAddress,
IN PHYSICAL_ADDRESS BoundaryAddressMultiple OPTIONAL,
IN MEMORY_CACHING_TYPE CacheType,
IN NODE_REQUIREMENT PreferredNode);
NTKERNELAPI
VOID
NTAPI
MmFreeContiguousMemory(
IN PVOID BaseAddress);
NTKERNELAPI
VOID
NTAPI
MmFreeContiguousMemorySpecifyCache(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes,
IN MEMORY_CACHING_TYPE CacheType);
$endif
$if (_WDMDDK_)
NTKERNELAPI
PVOID
@ -536,12 +372,227 @@ MmAllocateContiguousMemorySpecifyCacheNode(
IN PHYSICAL_ADDRESS BoundaryAddressMultiple OPTIONAL,
IN MEMORY_CACHING_TYPE CacheType,
IN NODE_REQUIREMENT PreferredNode);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
PPHYSICAL_MEMORY_RANGE
NTAPI
MmGetPhysicalMemoryRanges(VOID);
NTKERNELAPI
PHYSICAL_ADDRESS
NTAPI
MmGetPhysicalAddress(
IN PVOID BaseAddress);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsNonPagedSystemAddressValid(
IN PVOID VirtualAddress);
NTKERNELAPI
PVOID
NTAPI
MmAllocateNonCachedMemory(
IN SIZE_T NumberOfBytes);
NTKERNELAPI
VOID
NTAPI
MmFreeNonCachedMemory(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes);
NTKERNELAPI
PVOID
NTAPI
MmGetVirtualForPhysical(
IN PHYSICAL_ADDRESS PhysicalAddress);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapUserAddressesToPage(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes,
IN PVOID PageAddress);
NTKERNELAPI
PVOID
NTAPI
MmMapVideoDisplay(
IN PHYSICAL_ADDRESS PhysicalAddress,
IN SIZE_T NumberOfBytes,
IN MEMORY_CACHING_TYPE CacheType);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapViewInSessionSpace(
IN PVOID Section,
OUT PVOID *MappedBase,
IN OUT PSIZE_T ViewSize);
NTKERNELAPI
NTSTATUS
NTAPI
MmMapViewInSystemSpace(
IN PVOID Section,
OUT PVOID *MappedBase,
IN OUT PSIZE_T ViewSize);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsAddressValid(
IN PVOID VirtualAddress);
NTKERNELAPI
BOOLEAN
NTAPI
MmIsThisAnNtAsSystem(VOID);
NTKERNELAPI
VOID
NTAPI
MmLockPagableSectionByHandle(
IN PVOID ImageSectionHandle);
NTKERNELAPI
NTSTATUS
NTAPI
MmUnmapViewInSessionSpace(
IN PVOID MappedBase);
NTKERNELAPI
NTSTATUS
NTAPI
MmUnmapViewInSystemSpace(
IN PVOID MappedBase);
NTKERNELAPI
VOID
NTAPI
MmUnsecureVirtualMemory(
IN HANDLE SecureHandle);
NTKERNELAPI
NTSTATUS
NTAPI
MmRemovePhysicalMemory(
IN PPHYSICAL_ADDRESS StartAddress,
IN OUT PLARGE_INTEGER NumberOfBytes);
NTKERNELAPI
HANDLE
NTAPI
MmSecureVirtualMemory(
IN PVOID Address,
IN SIZE_T Size,
IN ULONG ProbeMode);
NTKERNELAPI
VOID
NTAPI
MmUnmapVideoDisplay(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes);
NTKERNELAPI
NTSTATUS
NTAPI
MmAddPhysicalMemory(
IN PPHYSICAL_ADDRESS StartAddress,
IN OUT PLARGE_INTEGER NumberOfBytes);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemory(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS HighestAcceptableAddress);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemorySpecifyCache(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS LowestAcceptableAddress,
IN PHYSICAL_ADDRESS HighestAcceptableAddress,
IN PHYSICAL_ADDRESS BoundaryAddressMultiple OPTIONAL,
IN MEMORY_CACHING_TYPE CacheType);
NTKERNELAPI
PVOID
NTAPI
MmAllocateContiguousMemorySpecifyCacheNode(
IN SIZE_T NumberOfBytes,
IN PHYSICAL_ADDRESS LowestAcceptableAddress,
IN PHYSICAL_ADDRESS HighestAcceptableAddress,
IN PHYSICAL_ADDRESS BoundaryAddressMultiple OPTIONAL,
IN MEMORY_CACHING_TYPE CacheType,
IN NODE_REQUIREMENT PreferredNode);
NTKERNELAPI
VOID
NTAPI
MmFreeContiguousMemory(
IN PVOID BaseAddress);
NTKERNELAPI
VOID
NTAPI
MmFreeContiguousMemorySpecifyCache(
IN PVOID BaseAddress,
IN SIZE_T NumberOfBytes,
IN MEMORY_CACHING_TYPE CacheType);
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
BOOLEAN
NTAPI
MmIsRecursiveIoFault(
VOID);
NTKERNELAPI
BOOLEAN
NTAPI
MmForceSectionClosed(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN BOOLEAN DelayClose);
NTKERNELAPI
BOOLEAN
NTAPI
MmFlushImageSection(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN MMFLUSH_TYPE FlushType);
NTKERNELAPI
BOOLEAN
NTAPI
MmCanFileBeTruncated(
IN PSECTION_OBJECT_POINTERS SectionObjectPointer,
IN PLARGE_INTEGER NewFileSize OPTIONAL);
NTKERNELAPI
BOOLEAN
NTAPI
MmSetAddressRangeModified(
IN PVOID Address,
IN SIZE_T Length);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$if (_WDMDDK_ || _NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
$endif
$if (_WDMDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
@ -599,15 +650,22 @@ NTAPI
MmAddVerifierThunks(
IN PVOID ThunkBuffer,
IN ULONG ThunkBufferSize);
$endif (_WDMDDK_)
$if (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WS03)
$if (_NTDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
MmCreateMirror(VOID);
MmPrefetchPages(
IN ULONG NumberOfLists,
IN PREAD_LIST *ReadLists);
$endif (_NTIFS_)
$if (_WDMDDK_ || _NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
$endif
$if (_WDMDDK_ || _NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03)
$endif
$if (_WDMDDK_)
NTKERNELAPI
@ -616,9 +674,17 @@ NTAPI
MmIsIoSpaceActive(
IN PHYSICAL_ADDRESS StartAddress,
IN SIZE_T NumberOfBytes);
$endif
#endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
MmCreateMirror(VOID);
$endif (_NTDDK_)
$if (_WDMDDK_ || _NTDDK_)
#endif /* (NTDDI_VERSION >= NTDDI_WS03) */
$endif
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
NTKERNELAPI
@ -635,6 +701,13 @@ MmAllocatePagesForMdlEx(
$endif
#if (NTDDI_VERSION >= NTDDI_VISTA)
$if (_WDMDDK_)
NTKERNELAPI
LOGICAL
NTAPI
MmIsDriverVerifyingByAddress(
IN PVOID AddressWithinSection);
$endif (_WDMDDK_)
$if (_NTDDK_)
NTSTATUS
NTAPI
@ -645,14 +718,14 @@ MmRotatePhysicalView(
IN MM_ROTATE_DIRECTION Direction,
IN PMM_ROTATE_COPY_CALLBACK_FUNCTION CopyFunction,
IN PVOID Context OPTIONAL);
$endif
$endif (_NTDDK_)
$if (_NTIFS_)
$if (_WDMDDK_)
NTKERNELAPI
LOGICAL
ULONG
NTAPI
MmIsDriverVerifyingByAddress(
IN PVOID AddressWithinSection);
$endif
#endif
MmDoesFileHaveUserWritableReferences(
IN PSECTION_OBJECT_POINTERS SectionPointer);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */

80
include/xdk/mmtypes.h
View file

@ -145,7 +145,7 @@ typedef enum _MM_SYSTEM_SIZE {
extern NTKERNELAPI BOOLEAN Mm64BitPhysicalAddress;
extern PVOID MmBadPointer;
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
typedef struct _PHYSICAL_MEMORY_RANGE {
@ -167,5 +167,81 @@ typedef enum _MM_ROTATE_DIRECTION {
MmMaximumRotateDirection
} MM_ROTATE_DIRECTION, *PMM_ROTATE_DIRECTION;
$endif /* _NTDDK_ */
$endif (_NTDDK_)
$if (_NTIFS_)
typedef enum _MMFLUSH_TYPE {
MmFlushForDelete,
MmFlushForWrite
} MMFLUSH_TYPE;
typedef struct _READ_LIST {
PFILE_OBJECT FileObject;
ULONG NumberOfEntries;
LOGICAL IsImage;
FILE_SEGMENT_ELEMENT List[ANYSIZE_ARRAY];
} READ_LIST, *PREAD_LIST;
#if (NTDDI_VERSION >= NTDDI_WINXP)
typedef union _MM_PREFETCH_FLAGS {
struct {
ULONG Priority : SYSTEM_PAGE_PRIORITY_BITS;
ULONG RepurposePriority : SYSTEM_PAGE_PRIORITY_BITS;
} Flags;
ULONG AllFlags;
} MM_PREFETCH_FLAGS, *PMM_PREFETCH_FLAGS;
#define MM_PREFETCH_FLAGS_MASK ((1 << (2*SYSTEM_PAGE_PRIORITY_BITS)) - 1)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#define HEAP_NO_SERIALIZE 0x00000001
#define HEAP_GROWABLE 0x00000002
#define HEAP_GENERATE_EXCEPTIONS 0x00000004
#define HEAP_ZERO_MEMORY 0x00000008
#define HEAP_REALLOC_IN_PLACE_ONLY 0x00000010
#define HEAP_TAIL_CHECKING_ENABLED 0x00000020
#define HEAP_FREE_CHECKING_ENABLED 0x00000040
#define HEAP_DISABLE_COALESCE_ON_FREE 0x00000080
#define HEAP_CREATE_ALIGN_16 0x00010000
#define HEAP_CREATE_ENABLE_TRACING 0x00020000
#define HEAP_CREATE_ENABLE_EXECUTE 0x00040000
#define HEAP_SETTABLE_USER_VALUE 0x00000100
#define HEAP_SETTABLE_USER_FLAG1 0x00000200
#define HEAP_SETTABLE_USER_FLAG2 0x00000400
#define HEAP_SETTABLE_USER_FLAG3 0x00000800
#define HEAP_SETTABLE_USER_FLAGS 0x00000E00
#define HEAP_CLASS_0 0x00000000
#define HEAP_CLASS_1 0x00001000
#define HEAP_CLASS_2 0x00002000
#define HEAP_CLASS_3 0x00003000
#define HEAP_CLASS_4 0x00004000
#define HEAP_CLASS_5 0x00005000
#define HEAP_CLASS_6 0x00006000
#define HEAP_CLASS_7 0x00007000
#define HEAP_CLASS_8 0x00008000
#define HEAP_CLASS_MASK 0x0000F000
#define HEAP_MAXIMUM_TAG 0x0FFF
#define HEAP_GLOBAL_TAG 0x0800
#define HEAP_PSEUDO_TAG_FLAG 0x8000
#define HEAP_TAG_SHIFT 18
#define HEAP_TAG_MASK (HEAP_MAXIMUM_TAG << HEAP_TAG_SHIFT)
#define HEAP_CREATE_VALID_MASK (HEAP_NO_SERIALIZE | \
HEAP_GROWABLE | \
HEAP_GENERATE_EXCEPTIONS | \
HEAP_ZERO_MEMORY | \
HEAP_REALLOC_IN_PLACE_ONLY | \
HEAP_TAIL_CHECKING_ENABLED | \
HEAP_FREE_CHECKING_ENABLED | \
HEAP_DISABLE_COALESCE_ON_FREE | \
HEAP_CLASS_MASK | \
HEAP_CREATE_ALIGN_16 | \
HEAP_CREATE_ENABLE_TRACING | \
HEAP_CREATE_ENABLE_EXECUTE)
$endif (_NTIFS_)

3
include/xdk/ntddk.template.h
View file

@ -40,11 +40,8 @@
#include <ntdef.h>
#include <ntstatus.h>
#include <mce.h>
/* FIXME
#include <bugcodes.h>
#include <ntiologc.h>
*/
#include <stdarg.h> // FIXME
#include <basetyps.h> // FIXME

2238
include/xdk/ntifs.template.h Normal file
View file

File diff suppressed because it is too large Load diff

83
include/xdk/obfuncs.h
View file

@ -1,10 +1,11 @@
$if (_WDMDDK_)
/******************************************************************************
* Object Manager Functions *
******************************************************************************/
$endif (_WDMDDK_)
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_WDMDDK_)
NTKERNELAPI
LONG_PTR
FASTCALL
@ -53,17 +54,75 @@ NTAPI
ObReleaseObjectSecurity(
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN BOOLEAN MemoryAllocated);
$endif (_WDMDDK_)
$if (_NTIFS_)
NTKERNELAPI
NTSTATUS
NTAPI
ObInsertObject(
IN PVOID Object,
IN OUT PACCESS_STATE PassedAccessState OPTIONAL,
IN ACCESS_MASK DesiredAccess OPTIONAL,
IN ULONG ObjectPointerBias,
OUT PVOID *NewObject OPTIONAL,
OUT PHANDLE Handle OPTIONAL);
NTKERNELAPI
NTSTATUS
NTAPI
ObOpenObjectByPointer(
IN PVOID Object,
IN ULONG HandleAttributes,
IN PACCESS_STATE PassedAccessState OPTIONAL,
IN ACCESS_MASK DesiredAccess OPTIONAL,
IN POBJECT_TYPE ObjectType OPTIONAL,
IN KPROCESSOR_MODE AccessMode,
OUT PHANDLE Handle);
NTKERNELAPI
VOID
NTAPI
ObMakeTemporaryObject(
IN PVOID Object);
NTKERNELAPI
NTSTATUS
NTAPI
ObQueryNameString(
IN PVOID Object,
OUT POBJECT_NAME_INFORMATION ObjectNameInfo OPTIONAL,
IN ULONG Length,
OUT PULONG ReturnLength);
NTKERNELAPI
NTSTATUS
NTAPI
ObQueryObjectAuditingByHandle(
IN HANDLE Handle,
OUT PBOOLEAN GenerateOnClose);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_VISTA)
$if (_WDMDDK_)
NTKERNELAPI
VOID
NTAPI
ObDereferenceObjectDeferDelete(
IN PVOID Object);
$endif (_WDMDDK_)
$if (_NTIFS_)
NTKERNELAPI
BOOLEAN
NTAPI
ObIsKernelHandle(
IN HANDLE Handle);
$endif (_NTIFS_)
#endif
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_VISTASP1)
NTKERNELAPI
NTSTATUS
@ -84,9 +143,10 @@ NTAPI
ObGetFilterVersion(VOID);
#endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */
$endif (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WIN7)
$if (_WDMDDK_)
NTKERNELAPI
NTSTATUS
NTAPI
@ -134,8 +194,21 @@ ObDereferenceObjectDeferDeleteWithTag(
#define ObReferenceObject ObfReferenceObject
#define ObDereferenceObjectWithTag ObfDereferenceObjectWithTag
#define ObReferenceObjectWithTag ObfReferenceObjectWithTag
$endif (_WDMDDK_)
$if (_NTIFS_)
NTKERNELAPI
NTSTATUS
NTAPI
ObOpenObjectByPointerWithTag(
IN PVOID Object,
IN ULONG HandleAttributes,
IN PACCESS_STATE PassedAccessState OPTIONAL,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_TYPE ObjectType OPTIONAL,
IN KPROCESSOR_MODE AccessMode,
IN ULONG Tag,
OUT PHANDLE Handle);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
$endif

12
include/xdk/pofuncs.h
View file

@ -1,3 +1,4 @@
$if (_WDMDDK_)
/******************************************************************************
* Power Management Support Functions *
******************************************************************************/
@ -73,7 +74,18 @@ PoRequestShutdownEvent(
OUT PVOID *Event);
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$endif (_WDMDDK_)
$if (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
NTSTATUS
NTAPI
PoQueueShutdownWorkItem(
IN OUT PWORK_QUEUE_ITEM WorkItem);
#endif
$endif (_NTIFS_)
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_VISTA)
NTKERNELAPI

10
include/xdk/potypes.h
View file

@ -1,3 +1,4 @@
$if (_WDMDDK_)
/******************************************************************************
* Power Management Support Types *
******************************************************************************/
@ -408,5 +409,14 @@ NTSTATUS
IN ULONG ValueLength,
IN OUT PVOID Context OPTIONAL);
typedef POWER_SETTING_CALLBACK *PPOWER_SETTING_CALLBACK;
$endif (_WDMDDK_)
$if (_NTIFS_)
#define PO_CB_SYSTEM_POWER_POLICY 0
#define PO_CB_AC_STATUS 1
#define PO_CB_BUTTON_COLLISION 2
#define PO_CB_SYSTEM_STATE_LOCK 3
#define PO_CB_LID_SWITCH_STATE 4
#define PO_CB_PROCESSOR_POWER_POLICY 5
$endif (_NTIFS_)

141
include/xdk/psfuncs.h
View file

@ -27,7 +27,7 @@ PsGetCurrentThread(VOID)
}
#endif /* !_PSGETCURRENTTHREAD_ */
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
NTSYSCALLAPI
@ -48,7 +48,23 @@ NtQueryInformationProcess(
OUT PVOID ProcessInformation OPTIONAL,
IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL);
$endif /* _NTDDK_ */
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
NTSTATUS
NTAPI
PsLookupProcessByProcessId(
IN HANDLE ProcessId,
OUT PEPROCESS *Process);
NTKERNELAPI
NTSTATUS
NTAPI
PsLookupThreadByThreadId(
IN HANDLE UniqueThreadId,
OUT PETHREAD *Thread);
$endif (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
@ -71,7 +87,7 @@ NTAPI
PsTerminateSystemThread(
IN NTSTATUS ExitStatus);
$endif /* _WDMDDK_ */
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
@ -111,13 +127,93 @@ PsGetVersion(
OUT PULONG MinorVersion OPTIONAL,
OUT PULONG BuildNumber OPTIONAL,
OUT PUNICODE_STRING CSDVersion OPTIONAL);
$endif /* _NTDDK_ */
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
PACCESS_TOKEN
NTAPI
PsReferenceImpersonationToken(
IN OUT PETHREAD Thread,
OUT PBOOLEAN CopyOnOpen,
OUT PBOOLEAN EffectiveOnly,
OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
NTKERNELAPI
LARGE_INTEGER
NTAPI
PsGetProcessExitTime(VOID);
NTKERNELAPI
BOOLEAN
NTAPI
PsIsThreadTerminating(
IN PETHREAD Thread);
NTKERNELAPI
NTSTATUS
NTAPI
PsImpersonateClient(
IN OUT PETHREAD Thread,
IN PACCESS_TOKEN Token,
IN BOOLEAN CopyOnOpen,
IN BOOLEAN EffectiveOnly,
IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
NTKERNELAPI
BOOLEAN
NTAPI
PsDisableImpersonation(
IN OUT PETHREAD Thread,
IN OUT PSE_IMPERSONATION_STATE ImpersonationState);
NTKERNELAPI
VOID
NTAPI
PsRestoreImpersonation(
IN PETHREAD Thread,
IN PSE_IMPERSONATION_STATE ImpersonationState);
NTKERNELAPI
VOID
NTAPI
PsRevertToSelf(VOID);
NTKERNELAPI
VOID
NTAPI
PsChargePoolQuota(
IN PEPROCESS Process,
IN POOL_TYPE PoolType,
IN ULONG_PTR Amount);
NTKERNELAPI
VOID
NTAPI
PsReturnPoolQuota(
IN PEPROCESS Process,
IN POOL_TYPE PoolType,
IN ULONG_PTR Amount);
NTKERNELAPI
NTSTATUS
NTAPI
PsAssignImpersonationToken(
IN PETHREAD Thread,
IN HANDLE Token OPTIONAL);
NTKERNELAPI
HANDLE
NTAPI
PsReferencePrimaryToken(
IN OUT PEPROCESS Process);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$if (_NTDDK_ || _NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
$endif
$if (_NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
HANDLE
NTAPI
@ -147,9 +243,40 @@ LONGLONG
NTAPI
PsGetProcessCreateTimeQuadPart(
IN PEPROCESS Process);
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
VOID
NTAPI
PsDereferencePrimaryToken(
IN PACCESS_TOKEN PrimaryToken);
NTKERNELAPI
VOID
NTAPI
PsDereferenceImpersonationToken(
IN PACCESS_TOKEN ImpersonationToken);
NTKERNELAPI
NTSTATUS
NTAPI
PsChargeProcessPoolQuota(
IN PEPROCESS Process,
IN POOL_TYPE PoolType,
IN ULONG_PTR Amount);
NTKERNELAPI
BOOLEAN
NTAPI
PsIsSystemThread(
IN PETHREAD Thread);
$endif (_NTIFS_)
$if (_NTDDK_ || _NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
$endif
$if (_NTDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03)
NTKERNELAPI
HANDLE
@ -181,4 +308,4 @@ PsSetCreateProcessNotifyRoutineEx(
IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine,
IN BOOLEAN Remove);
#endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */
$endif
$endif (_NTDDK_)

1614
include/xdk/rtlfuncs.h
View file

File diff suppressed because it is too large Load diff

105
include/xdk/rtltypes.h
View file

@ -167,8 +167,7 @@ typedef BOOLEAN
(*PFN_RTL_IS_SERVICE_PACK_VERSION_INSTALLED)(
IN ULONG Version);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
#ifndef _RTL_RUN_ONCE_DEF
@ -445,4 +444,106 @@ typedef LPOSVERSIONINFOA LPOSVERSIONINFO;
#define HASH_ENTRY_KEY(x) ((x)->Signature)
$endif (_NTDDK_)
$if (_NTIFS_)
#define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER L"System Volume Information"
typedef PVOID
(NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
IN SIZE_T NumberOfBytes);
#if _WIN32_WINNT >= 0x0600
typedef PVOID
(NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
IN SIZE_T NumberOfBytes,
IN PVOID Buffer);
#endif
typedef VOID
(NTAPI *PRTL_FREE_STRING_ROUTINE)(
IN PVOID Buffer);
extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
#if _WIN32_WINNT >= 0x0600
extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
#endif
typedef NTSTATUS
(NTAPI * PRTL_HEAP_COMMIT_ROUTINE) (
IN PVOID Base,
IN OUT PVOID *CommitAddress,
IN OUT PSIZE_T CommitSize);
typedef struct _RTL_HEAP_PARAMETERS {
ULONG Length;
SIZE_T SegmentReserve;
SIZE_T SegmentCommit;
SIZE_T DeCommitFreeBlockThreshold;
SIZE_T DeCommitTotalFreeThreshold;
SIZE_T MaximumAllocationSize;
SIZE_T VirtualMemoryThreshold;
SIZE_T InitialCommit;
SIZE_T InitialReserve;
PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
SIZE_T Reserved[2];
} RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
#if (NTDDI_VERSION >= NTDDI_WIN2K)
typedef struct _GENERATE_NAME_CONTEXT {
USHORT Checksum;
BOOLEAN CheckSumInserted;
UCHAR NameLength;
WCHAR NameBuffer[8];
ULONG ExtensionLength;
WCHAR ExtensionBuffer[4];
ULONG LastIndexValue;
} GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
typedef struct _PREFIX_TABLE_ENTRY {
CSHORT NodeTypeCode;
CSHORT NameLength;
struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
RTL_SPLAY_LINKS Links;
PSTRING Prefix;
} PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
typedef struct _PREFIX_TABLE {
CSHORT NodeTypeCode;
CSHORT NameLength;
PPREFIX_TABLE_ENTRY NextPrefixTree;
} PREFIX_TABLE, *PPREFIX_TABLE;
typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
CSHORT NodeTypeCode;
CSHORT NameLength;
struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
RTL_SPLAY_LINKS Links;
PUNICODE_STRING Prefix;
} UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
typedef struct _UNICODE_PREFIX_TABLE {
CSHORT NodeTypeCode;
CSHORT NameLength;
PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
} UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
#if (NTDDI_VERSION >= NTDDI_WINXP)
typedef struct _COMPRESSED_DATA_INFO {
USHORT CompressionFormatAndEngine;
UCHAR CompressionUnitShift;
UCHAR ChunkShift;
UCHAR ClusterShift;
UCHAR Reserved;
USHORT NumberOfChunks;
ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
} COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
#endif
$endif

460
include/xdk/sefuncs.h
View file

@ -3,15 +3,6 @@
******************************************************************************/
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_NTDDK_)
NTKERNELAPI
BOOLEAN
NTAPI
SeSinglePrivilegeCheck(
IN LUID PrivilegeValue,
IN KPROCESSOR_MODE PreviousMode);
$endif
$if (_WDMDDK_)
NTKERNELAPI
BOOLEAN
@ -96,9 +87,272 @@ VOID
NTAPI
SeLockSubjectContext(
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTKERNELAPI
BOOLEAN
NTAPI
SeSinglePrivilegeCheck(
IN LUID PrivilegeValue,
IN KPROCESSOR_MODE PreviousMode);
$endif (_NTDDK_)
$if (_NTIFS_)
NTKERNELAPI
VOID
NTAPI
SeReleaseSubjectContext(
IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
NTKERNELAPI
BOOLEAN
NTAPI
SePrivilegeCheck(
IN OUT PPRIVILEGE_SET RequiredPrivileges,
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
IN KPROCESSOR_MODE AccessMode);
NTKERNELAPI
VOID
NTAPI
SeOpenObjectAuditAlarm(
IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL,
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PACCESS_STATE AccessState,
IN BOOLEAN ObjectCreated,
IN BOOLEAN AccessGranted,
IN KPROCESSOR_MODE AccessMode,
OUT PBOOLEAN GenerateOnClose);
NTKERNELAPI
VOID
NTAPI
SeOpenObjectForDeleteAuditAlarm(
IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL,
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PACCESS_STATE AccessState,
IN BOOLEAN ObjectCreated,
IN BOOLEAN AccessGranted,
IN KPROCESSOR_MODE AccessMode,
OUT PBOOLEAN GenerateOnClose);
NTKERNELAPI
VOID
NTAPI
SeDeleteObjectAuditAlarm(
IN PVOID Object,
IN HANDLE Handle);
NTKERNELAPI
TOKEN_TYPE
NTAPI
SeTokenType(
IN PACCESS_TOKEN Token);
NTKERNELAPI
BOOLEAN
NTAPI
SeTokenIsAdmin(
IN PACCESS_TOKEN Token);
NTKERNELAPI
BOOLEAN
NTAPI
SeTokenIsRestricted(
IN PACCESS_TOKEN Token);
NTKERNELAPI
NTSTATUS
NTAPI
SeQueryAuthenticationIdToken(
IN PACCESS_TOKEN Token,
OUT PLUID AuthenticationId);
NTKERNELAPI
NTSTATUS
NTAPI
SeQuerySessionIdToken(
IN PACCESS_TOKEN Token,
OUT PULONG SessionId);
NTKERNELAPI
NTSTATUS
NTAPI
SeCreateClientSecurity(
IN PETHREAD ClientThread,
IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
IN BOOLEAN RemoteSession,
OUT PSECURITY_CLIENT_CONTEXT ClientContext);
NTKERNELAPI
VOID
NTAPI
SeImpersonateClient(
IN PSECURITY_CLIENT_CONTEXT ClientContext,
IN PETHREAD ServerThread OPTIONAL);
NTKERNELAPI
NTSTATUS
NTAPI
SeImpersonateClientEx(
IN PSECURITY_CLIENT_CONTEXT ClientContext,
IN PETHREAD ServerThread OPTIONAL);
NTKERNELAPI
NTSTATUS
NTAPI
SeCreateClientSecurityFromSubjectContext(
IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
IN BOOLEAN ServerIsRemote,
OUT PSECURITY_CLIENT_CONTEXT ClientContext);
NTKERNELAPI
NTSTATUS
NTAPI
SeQuerySecurityDescriptorInfo(
IN PSECURITY_INFORMATION SecurityInformation,
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
IN OUT PULONG Length,
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
NTKERNELAPI
NTSTATUS
NTAPI
SeSetSecurityDescriptorInfo(
IN PVOID Object OPTIONAL,
IN PSECURITY_INFORMATION SecurityInformation,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
IN POOL_TYPE PoolType,
IN PGENERIC_MAPPING GenericMapping);
NTKERNELAPI
NTSTATUS
NTAPI
SeSetSecurityDescriptorInfoEx(
IN PVOID Object OPTIONAL,
IN PSECURITY_INFORMATION SecurityInformation,
IN PSECURITY_DESCRIPTOR ModificationDescriptor,
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
IN ULONG AutoInheritFlags,
IN POOL_TYPE PoolType,
IN PGENERIC_MAPPING GenericMapping);
NTKERNELAPI
NTSTATUS
NTAPI
SeAppendPrivileges(
IN OUT PACCESS_STATE AccessState,
IN PPRIVILEGE_SET Privileges);
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingFileEvents(
IN BOOLEAN AccessGranted,
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingFileOrGlobalEvents(
IN BOOLEAN AccessGranted,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext);
VOID
NTAPI
SeSetAccessStateGenericMapping(
IN OUT PACCESS_STATE AccessState,
IN PGENERIC_MAPPING GenericMapping);
NTKERNELAPI
NTSTATUS
NTAPI
SeRegisterLogonSessionTerminatedRoutine(
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
NTKERNELAPI
NTSTATUS
NTAPI
SeUnregisterLogonSessionTerminatedRoutine(
IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
NTKERNELAPI
NTSTATUS
NTAPI
SeMarkLogonSessionForTerminationNotification(
IN PLUID LogonId);
NTKERNELAPI
NTSTATUS
NTAPI
SeQueryInformationToken(
IN PACCESS_TOKEN Token,
IN TOKEN_INFORMATION_CLASS TokenInformationClass,
OUT PVOID *TokenInformation);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$if (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WIN2KSP3)
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingHardLinkEvents(
IN BOOLEAN AccessGranted,
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
#endif
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTKERNELAPI
NTSTATUS
NTAPI
SeFilterToken(
IN PACCESS_TOKEN ExistingToken,
IN ULONG Flags,
IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
IN PTOKEN_PRIVILEGES PrivilegesToDelete OPTIONAL,
IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
OUT PACCESS_TOKEN *FilteredToken);
NTKERNELAPI
VOID
NTAPI
SeAuditHardLinkCreation(
IN PUNICODE_STRING FileName,
IN PUNICODE_STRING LinkName,
IN BOOLEAN bSuccess);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingFileEventsWithContext(
IN BOOLEAN AccessGranted,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingHardLinkEventsWithContext(
IN BOOLEAN AccessGranted,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
#endif
$endif (_NTIFS_)
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03SP1)
@ -120,9 +374,12 @@ SeReportSecurityEvent(
IN PSE_ADT_PARAMETER_ARRAY AuditParameters);
#endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
$endif (_WDMDDK_)
$if (_WDMDDK_ || _NTIFS_)
#if (NTDDI_VERSION >= NTDDI_VISTA)
$endif
$if (_WDMDDK_)
NTKERNELAPI
ULONG
NTAPI
@ -139,6 +396,187 @@ SeGetWorldRights(
IN PGENERIC_MAPPING GenericMapping,
OUT PACCESS_MASK GrantedAccess);
#endif /* SE_NTFS_WORLD_CACHE */
$endif (_WDMDDK_)
$if (_NTIFS_)
NTKERNELAPI
VOID
NTAPI
SeOpenObjectAuditAlarmWithTransaction(
IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL,
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PACCESS_STATE AccessState,
IN BOOLEAN ObjectCreated,
IN BOOLEAN AccessGranted,
IN KPROCESSOR_MODE AccessMode,
IN GUID *TransactionId OPTIONAL,
OUT PBOOLEAN GenerateOnClose);
NTKERNELAPI
VOID
NTAPI
SeOpenObjectForDeleteAuditAlarmWithTransaction(
IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL,
IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PACCESS_STATE AccessState,
IN BOOLEAN ObjectCreated,
IN BOOLEAN AccessGranted,
IN KPROCESSOR_MODE AccessMode,
IN GUID *TransactionId OPTIONAL,
OUT PBOOLEAN GenerateOnClose);
NTKERNELAPI
VOID
NTAPI
SeExamineSacl(
IN PACL Sacl,
IN PACCESS_TOKEN Token,
IN ACCESS_MASK DesiredAccess,
IN BOOLEAN AccessGranted,
OUT PBOOLEAN GenerateAudit,
OUT PBOOLEAN GenerateAlarm);
NTKERNELAPI
VOID
NTAPI
SeDeleteObjectAuditAlarmWithTransaction(
IN PVOID Object,
IN HANDLE Handle,
IN GUID *TransactionId OPTIONAL);
NTKERNELAPI
VOID
NTAPI
SeQueryTokenIntegrity(
IN PACCESS_TOKEN Token,
IN OUT PSID_AND_ATTRIBUTES IntegritySA);
NTKERNELAPI
NTSTATUS
NTAPI
SeSetSessionIdToken(
IN PACCESS_TOKEN Token,
IN ULONG SessionId);
NTKERNELAPI
VOID
NTAPI
SeAuditHardLinkCreationWithTransaction(
IN PUNICODE_STRING FileName,
IN PUNICODE_STRING LinkName,
IN BOOLEAN bSuccess,
IN GUID *TransactionId OPTIONAL);
NTKERNELAPI
VOID
NTAPI
SeAuditTransactionStateChange(
IN GUID *TransactionId,
IN GUID *ResourceManagerId,
IN ULONG NewTransactionState);
$endif (_NTIFS_)
$if (_WDMDDK_ || _NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
$endif
$if (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_VISTA || (NTDDI_VERSION >= NTDDI_WINXPSP2 && NTDDI_VERSION < NTDDI_WS03))
NTKERNELAPI
BOOLEAN
NTAPI
SeTokenIsWriteRestricted(
IN PACCESS_TOKEN Token);
#endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
NTKERNELAPI
BOOLEAN
NTAPI
SeAuditingAnyFileEventsWithContext(
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext OPTIONAL);
NTKERNELAPI
VOID
NTAPI
SeExamineGlobalSacl(
IN PUNICODE_STRING ObjectType,
IN PACCESS_TOKEN Token,
IN ACCESS_MASK DesiredAccess,
IN BOOLEAN AccessGranted,
IN OUT PBOOLEAN GenerateAudit,
IN OUT PBOOLEAN GenerateAlarm OPTIONAL);
NTKERNELAPI
VOID
NTAPI
SeMaximumAuditMaskFromGlobalSacl(
IN PUNICODE_STRING ObjectTypeName OPTIONAL,
IN ACCESS_MASK GrantedAccess,
IN PACCESS_TOKEN Token,
IN OUT PACCESS_MASK AuditMask);
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
NTSTATUS
NTAPI
SeReportSecurityEventWithSubCategory(
IN ULONG Flags,
IN PUNICODE_STRING SourceName,
IN PSID UserSid OPTIONAL,
IN PSE_ADT_PARAMETER_ARRAY AuditParameters,
IN ULONG AuditSubcategoryId);
BOOLEAN
NTAPI
SeAccessCheckFromState(
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN PTOKEN_ACCESS_INFORMATION PrimaryTokenInformation,
IN PTOKEN_ACCESS_INFORMATION ClientTokenInformation OPTIONAL,
IN ACCESS_MASK DesiredAccess,
IN ACCESS_MASK PreviouslyGrantedAccess,
OUT PPRIVILEGE_SET *Privileges OPTIONAL,
IN PGENERIC_MAPPING GenericMapping,
IN KPROCESSOR_MODE AccessMode,
OUT PACCESS_MASK GrantedAccess,
OUT PNTSTATUS AccessStatus);
NTKERNELAPI
VOID
NTAPI
SeFreePrivileges(
IN PPRIVILEGE_SET Privileges);
NTSTATUS
NTAPI
SeLocateProcessImageName(
IN OUT PEPROCESS Process,
OUT PUNICODE_STRING *pImageFileName);
#define SeLengthSid( Sid ) \
(8 + (4 * ((SID *)Sid)->SubAuthorityCount))
#define SeDeleteClientSecurity(C) { \
if (SeTokenType((C)->ClientToken) == TokenPrimary) { \
PsDereferencePrimaryToken( (C)->ClientToken ); \
} else { \
PsDereferenceImpersonationToken( (C)->ClientToken ); \
} \
}
#define SeStopImpersonatingClient() PsRevertToSelf()
#define SeQuerySubjectContextToken( SubjectContext ) \
( ARGUMENT_PRESENT( \
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken \
) ? \
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->ClientToken : \
((PSECURITY_SUBJECT_CONTEXT) SubjectContext)->PrimaryToken )
extern NTKERNELAPI PSE_EXPORTS SeExports;
$endif (_NTIFS_)

918
include/xdk/setypes.h
View file

@ -1,97 +1,8 @@
/******************************************************************************
* Security Manager Types *
******************************************************************************/
$if (_NTDDK_)
#define SE_UNSOLICITED_INPUT_PRIVILEGE 6
typedef enum _WELL_KNOWN_SID_TYPE {
WinNullSid = 0,
WinWorldSid = 1,
WinLocalSid = 2,
WinCreatorOwnerSid = 3,
WinCreatorGroupSid = 4,
WinCreatorOwnerServerSid = 5,
WinCreatorGroupServerSid = 6,
WinNtAuthoritySid = 7,
WinDialupSid = 8,
WinNetworkSid = 9,
WinBatchSid = 10,
WinInteractiveSid = 11,
WinServiceSid = 12,
WinAnonymousSid = 13,
WinProxySid = 14,
WinEnterpriseControllersSid = 15,
WinSelfSid = 16,
WinAuthenticatedUserSid = 17,
WinRestrictedCodeSid = 18,
WinTerminalServerSid = 19,
WinRemoteLogonIdSid = 20,
WinLogonIdsSid = 21,
WinLocalSystemSid = 22,
WinLocalServiceSid = 23,
WinNetworkServiceSid = 24,
WinBuiltinDomainSid = 25,
WinBuiltinAdministratorsSid = 26,
WinBuiltinUsersSid = 27,
WinBuiltinGuestsSid = 28,
WinBuiltinPowerUsersSid = 29,
WinBuiltinAccountOperatorsSid = 30,
WinBuiltinSystemOperatorsSid = 31,
WinBuiltinPrintOperatorsSid = 32,
WinBuiltinBackupOperatorsSid = 33,
WinBuiltinReplicatorSid = 34,
WinBuiltinPreWindows2000CompatibleAccessSid = 35,
WinBuiltinRemoteDesktopUsersSid = 36,
WinBuiltinNetworkConfigurationOperatorsSid = 37,
WinAccountAdministratorSid = 38,
WinAccountGuestSid = 39,
WinAccountKrbtgtSid = 40,
WinAccountDomainAdminsSid = 41,
WinAccountDomainUsersSid = 42,
WinAccountDomainGuestsSid = 43,
WinAccountComputersSid = 44,
WinAccountControllersSid = 45,
WinAccountCertAdminsSid = 46,
WinAccountSchemaAdminsSid = 47,
WinAccountEnterpriseAdminsSid = 48,
WinAccountPolicyAdminsSid = 49,
WinAccountRasAndIasServersSid = 50,
WinNTLMAuthenticationSid = 51,
WinDigestAuthenticationSid = 52,
WinSChannelAuthenticationSid = 53,
WinThisOrganizationSid = 54,
WinOtherOrganizationSid = 55,
WinBuiltinIncomingForestTrustBuildersSid = 56,
WinBuiltinPerfMonitoringUsersSid = 57,
WinBuiltinPerfLoggingUsersSid = 58,
WinBuiltinAuthorizationAccessSid = 59,
WinBuiltinTerminalServerLicenseServersSid = 60,
WinBuiltinDCOMUsersSid = 61,
WinBuiltinIUsersSid = 62,
WinIUserSid = 63,
WinBuiltinCryptoOperatorsSid = 64,
WinUntrustedLabelSid = 65,
WinLowLabelSid = 66,
WinMediumLabelSid = 67,
WinHighLabelSid = 68,
WinSystemLabelSid = 69,
WinWriteRestrictedCodeSid = 70,
WinCreatorOwnerRightsSid = 71,
WinCacheablePrincipalsGroupSid = 72,
WinNonCacheablePrincipalsGroupSid = 73,
WinEnterpriseReadonlyControllersSid = 74,
WinAccountReadonlyControllersSid = 75,
WinBuiltinEventLogReadersGroup = 76,
WinNewEnterpriseReadonlyControllersSid = 77,
WinBuiltinCertSvcDComAccessGroup = 78,
WinMediumPlusLabelSid = 79,
WinLocalLogonSid = 80,
WinConsoleLogonSid = 81,
WinThisOrganizationCertificateSid = 82,
} WELL_KNOWN_SID_TYPE;
$endif
$if (_WDMDDK_)
/* Simple types */
typedef PVOID PSECURITY_DESCRIPTOR;
typedef ULONG SECURITY_INFORMATION, *PSECURITY_INFORMATION;
@ -393,4 +304,831 @@ typedef struct _SE_ADT_PARAMETER_ARRAY {
#endif /* !_NTLSA_AUDIT_ */
#endif /* !_NTLSA_IFS_ */
$endif
$if (_NTDDK_)
#define SE_UNSOLICITED_INPUT_PRIVILEGE 6
typedef enum _WELL_KNOWN_SID_TYPE {
WinNullSid = 0,
WinWorldSid = 1,
WinLocalSid = 2,
WinCreatorOwnerSid = 3,
WinCreatorGroupSid = 4,
WinCreatorOwnerServerSid = 5,
WinCreatorGroupServerSid = 6,
WinNtAuthoritySid = 7,
WinDialupSid = 8,
WinNetworkSid = 9,
WinBatchSid = 10,
WinInteractiveSid = 11,
WinServiceSid = 12,
WinAnonymousSid = 13,
WinProxySid = 14,
WinEnterpriseControllersSid = 15,
WinSelfSid = 16,
WinAuthenticatedUserSid = 17,
WinRestrictedCodeSid = 18,
WinTerminalServerSid = 19,
WinRemoteLogonIdSid = 20,
WinLogonIdsSid = 21,
WinLocalSystemSid = 22,
WinLocalServiceSid = 23,
WinNetworkServiceSid = 24,
WinBuiltinDomainSid = 25,
WinBuiltinAdministratorsSid = 26,
WinBuiltinUsersSid = 27,
WinBuiltinGuestsSid = 28,
WinBuiltinPowerUsersSid = 29,
WinBuiltinAccountOperatorsSid = 30,
WinBuiltinSystemOperatorsSid = 31,
WinBuiltinPrintOperatorsSid = 32,
WinBuiltinBackupOperatorsSid = 33,
WinBuiltinReplicatorSid = 34,
WinBuiltinPreWindows2000CompatibleAccessSid = 35,
WinBuiltinRemoteDesktopUsersSid = 36,
WinBuiltinNetworkConfigurationOperatorsSid = 37,
WinAccountAdministratorSid = 38,
WinAccountGuestSid = 39,
WinAccountKrbtgtSid = 40,
WinAccountDomainAdminsSid = 41,
WinAccountDomainUsersSid = 42,
WinAccountDomainGuestsSid = 43,
WinAccountComputersSid = 44,
WinAccountControllersSid = 45,
WinAccountCertAdminsSid = 46,
WinAccountSchemaAdminsSid = 47,
WinAccountEnterpriseAdminsSid = 48,
WinAccountPolicyAdminsSid = 49,
WinAccountRasAndIasServersSid = 50,
WinNTLMAuthenticationSid = 51,
WinDigestAuthenticationSid = 52,
WinSChannelAuthenticationSid = 53,
WinThisOrganizationSid = 54,
WinOtherOrganizationSid = 55,
WinBuiltinIncomingForestTrustBuildersSid = 56,
WinBuiltinPerfMonitoringUsersSid = 57,
WinBuiltinPerfLoggingUsersSid = 58,
WinBuiltinAuthorizationAccessSid = 59,
WinBuiltinTerminalServerLicenseServersSid = 60,
WinBuiltinDCOMUsersSid = 61,
WinBuiltinIUsersSid = 62,
WinIUserSid = 63,
WinBuiltinCryptoOperatorsSid = 64,
WinUntrustedLabelSid = 65,
WinLowLabelSid = 66,
WinMediumLabelSid = 67,
WinHighLabelSid = 68,
WinSystemLabelSid = 69,
WinWriteRestrictedCodeSid = 70,
WinCreatorOwnerRightsSid = 71,
WinCacheablePrincipalsGroupSid = 72,
WinNonCacheablePrincipalsGroupSid = 73,
WinEnterpriseReadonlyControllersSid = 74,
WinAccountReadonlyControllersSid = 75,
WinBuiltinEventLogReadersGroup = 76,
WinNewEnterpriseReadonlyControllersSid = 77,
WinBuiltinCertSvcDComAccessGroup = 78,
WinMediumPlusLabelSid = 79,
WinLocalLogonSid = 80,
WinConsoleLogonSid = 81,
WinThisOrganizationCertificateSid = 82,
} WELL_KNOWN_SID_TYPE;
$endif
$if (_NTIFS_)
#ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
#define SID_IDENTIFIER_AUTHORITY_DEFINED
typedef struct _SID_IDENTIFIER_AUTHORITY {
UCHAR Value[6];
} SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
#endif
#ifndef SID_DEFINED
#define SID_DEFINED
typedef struct _SID {
UCHAR Revision;
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
ULONG SubAuthority[ANYSIZE_ARRAY];
} SID, *PISID;
#endif
#define SID_REVISION 1
#define SID_MAX_SUB_AUTHORITIES 15
#define SID_RECOMMENDED_SUB_AUTHORITIES 1
typedef enum _SID_NAME_USE {
SidTypeUser = 1,
SidTypeGroup,
SidTypeDomain,
SidTypeAlias,
SidTypeWellKnownGroup,
SidTypeDeletedAccount,
SidTypeInvalid,
SidTypeUnknown,
SidTypeComputer,
SidTypeLabel
} SID_NAME_USE, *PSID_NAME_USE;
typedef struct _SID_AND_ATTRIBUTES {
PSID Sid;
ULONG Attributes;
} SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
#define SID_HASH_SIZE 32
typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
typedef struct _SID_AND_ATTRIBUTES_HASH {
ULONG SidCount;
PSID_AND_ATTRIBUTES SidAttr;
SID_HASH_ENTRY Hash[SID_HASH_SIZE];
} SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
/* Universal well-known SIDs */
#define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
#define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
#define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
#define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
#define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
#define SECURITY_NULL_RID (0x00000000L)
#define SECURITY_WORLD_RID (0x00000000L)
#define SECURITY_LOCAL_RID (0x00000000L)
#define SECURITY_LOCAL_LOGON_RID (0x00000001L)
#define SECURITY_CREATOR_OWNER_RID (0x00000000L)
#define SECURITY_CREATOR_GROUP_RID (0x00000001L)
#define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
#define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
#define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
/* NT well-known SIDs */
#define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
#define SECURITY_DIALUP_RID (0x00000001L)
#define SECURITY_NETWORK_RID (0x00000002L)
#define SECURITY_BATCH_RID (0x00000003L)
#define SECURITY_INTERACTIVE_RID (0x00000004L)
#define SECURITY_LOGON_IDS_RID (0x00000005L)
#define SECURITY_LOGON_IDS_RID_COUNT (3L)
#define SECURITY_SERVICE_RID (0x00000006L)
#define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
#define SECURITY_PROXY_RID (0x00000008L)
#define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
#define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
#define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
#define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
#define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
#define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
#define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
#define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
#define SECURITY_IUSER_RID (0x00000011L)
#define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
#define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
#define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
#define SECURITY_NT_NON_UNIQUE (0x00000015L)
#define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
#define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
#define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
#define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
#define SECURITY_PACKAGE_BASE_RID (0x00000040L)
#define SECURITY_PACKAGE_RID_COUNT (2L)
#define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
#define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
#define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
#define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
#define SECURITY_CRED_TYPE_RID_COUNT (2L)
#define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
#define SECURITY_MIN_BASE_RID (0x00000050L)
#define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
#define SECURITY_SERVICE_ID_RID_COUNT (6L)
#define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
#define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
#define SECURITY_APPPOOL_ID_RID_COUNT (6L)
#define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
#define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
#define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
#define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
#define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
#define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
#define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
#define SECURITY_WMIHOST_ID_RID_COUNT (6L)
#define SECURITY_TASK_ID_BASE_RID (0x00000057L)
#define SECURITY_NFS_ID_BASE_RID (0x00000058L)
#define SECURITY_COM_ID_BASE_RID (0x00000059L)
#define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
#define SECURITY_MAX_BASE_RID (0x0000006FL)
#define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
#define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
#define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
#define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
/* Well-known domain relative sub-authority values (RIDs) */
#define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
#define FOREST_USER_RID_MAX (0x000001F3L)
/* Well-known users */
#define DOMAIN_USER_RID_ADMIN (0x000001F4L)
#define DOMAIN_USER_RID_GUEST (0x000001F5L)
#define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
#define DOMAIN_USER_RID_MAX (0x000003E7L)
/* Well-known groups */
#define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
#define DOMAIN_GROUP_RID_USERS (0x00000201L)
#define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
#define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
/* Well-known aliases */
#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
#define DOMAIN_ALIAS_RID_USERS (0x00000221L)
#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
#define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
#define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
#define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
#define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
#define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
#define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
#define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
#define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
#define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
#define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
#define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
#define SECURITY_MANDATORY_LOW_RID (0x00001000L)
#define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
#define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
#define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
#define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
/* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
can be set by a usermode caller.*/
#define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
#define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
/* Allocate the System Luid. The first 1000 LUIDs are reserved.
Use #999 here (0x3e7 = 999) */
#define SYSTEM_LUID { 0x3e7, 0x0 }
#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
#define LOCALSERVICE_LUID { 0x3e5, 0x0 }
#define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
#define IUSER_LUID { 0x3e3, 0x0 }
typedef struct _ACE_HEADER {
UCHAR AceType;
UCHAR AceFlags;
USHORT AceSize;
} ACE_HEADER, *PACE_HEADER;
/* also in winnt.h */
#define ACCESS_MIN_MS_ACE_TYPE (0x0)
#define ACCESS_ALLOWED_ACE_TYPE (0x0)
#define ACCESS_DENIED_ACE_TYPE (0x1)
#define SYSTEM_AUDIT_ACE_TYPE (0x2)
#define SYSTEM_ALARM_ACE_TYPE (0x3)
#define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
#define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
#define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
#define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
#define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
#define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
#define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
#define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
#define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
#define ACCESS_MAX_MS_ACE_TYPE (0x8)
#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
#define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
#define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
#define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
/* The following are the inherit flags that go into the AceFlags field
of an Ace header. */
#define OBJECT_INHERIT_ACE (0x1)
#define CONTAINER_INHERIT_ACE (0x2)
#define NO_PROPAGATE_INHERIT_ACE (0x4)
#define INHERIT_ONLY_ACE (0x8)
#define INHERITED_ACE (0x10)
#define VALID_INHERIT_FLAGS (0x1F)
#define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
#define FAILED_ACCESS_ACE_FLAG (0x80)
typedef struct _ACCESS_ALLOWED_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
ULONG SidStart;
} ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
typedef struct _ACCESS_DENIED_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
ULONG SidStart;
} ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
typedef struct _SYSTEM_AUDIT_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
ULONG SidStart;
} SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
typedef struct _SYSTEM_ALARM_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
ULONG SidStart;
} SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
ULONG SidStart;
} SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
#define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
#define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
#define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
#define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
#define SE_OWNER_DEFAULTED 0x0001
#define SE_GROUP_DEFAULTED 0x0002
#define SE_DACL_PRESENT 0x0004
#define SE_DACL_DEFAULTED 0x0008
#define SE_SACL_PRESENT 0x0010
#define SE_SACL_DEFAULTED 0x0020
#define SE_DACL_UNTRUSTED 0x0040
#define SE_SERVER_SECURITY 0x0080
#define SE_DACL_AUTO_INHERIT_REQ 0x0100
#define SE_SACL_AUTO_INHERIT_REQ 0x0200
#define SE_DACL_AUTO_INHERITED 0x0400
#define SE_SACL_AUTO_INHERITED 0x0800
#define SE_DACL_PROTECTED 0x1000
#define SE_SACL_PROTECTED 0x2000
#define SE_RM_CONTROL_VALID 0x4000
#define SE_SELF_RELATIVE 0x8000
typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
UCHAR Revision;
UCHAR Sbz1;
SECURITY_DESCRIPTOR_CONTROL Control;
ULONG Owner;
ULONG Group;
ULONG Sacl;
ULONG Dacl;
} SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
typedef struct _SECURITY_DESCRIPTOR {
UCHAR Revision;
UCHAR Sbz1;
SECURITY_DESCRIPTOR_CONTROL Control;
PSID Owner;
PSID Group;
PACL Sacl;
PACL Dacl;
} SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
typedef struct _OBJECT_TYPE_LIST {
USHORT Level;
USHORT Sbz;
GUID *ObjectType;
} OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
#define ACCESS_OBJECT_GUID 0
#define ACCESS_PROPERTY_SET_GUID 1
#define ACCESS_PROPERTY_GUID 2
#define ACCESS_MAX_LEVEL 4
typedef enum _AUDIT_EVENT_TYPE {
AuditEventObjectAccess,
AuditEventDirectoryServiceAccess
} AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
#define AUDIT_ALLOW_NO_PRIVILEGE 0x1
#define ACCESS_DS_SOURCE_A "DS"
#define ACCESS_DS_SOURCE_W L"DS"
#define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
#define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
#define ACCESS_REASON_TYPE_MASK 0xffff0000
#define ACCESS_REASON_DATA_MASK 0x0000ffff
typedef enum _ACCESS_REASON_TYPE {
AccessReasonNone = 0x00000000,
AccessReasonAllowedAce = 0x00010000,
AccessReasonDeniedAce = 0x00020000,
AccessReasonAllowedParentAce = 0x00030000,
AccessReasonDeniedParentAce = 0x00040000,
AccessReasonMissingPrivilege = 0x00100000,
AccessReasonFromPrivilege = 0x00200000,
AccessReasonIntegrityLevel = 0x00300000,
AccessReasonOwnership = 0x00400000,
AccessReasonNullDacl = 0x00500000,
AccessReasonEmptyDacl = 0x00600000,
AccessReasonNoSD = 0x00700000,
AccessReasonNoGrant = 0x00800000
} ACCESS_REASON_TYPE;
typedef ULONG ACCESS_REASON;
typedef struct _ACCESS_REASONS {
ACCESS_REASON Data[32];
} ACCESS_REASONS, *PACCESS_REASONS;
#define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
#define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
#define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
typedef struct _SE_SECURITY_DESCRIPTOR {
ULONG Size;
ULONG Flags;
PSECURITY_DESCRIPTOR SecurityDescriptor;
} SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
typedef struct _SE_ACCESS_REQUEST {
ULONG Size;
PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
ACCESS_MASK DesiredAccess;
ACCESS_MASK PreviouslyGrantedAccess;
PSID PrincipalSelfSid;
PGENERIC_MAPPING GenericMapping;
ULONG ObjectTypeListCount;
POBJECT_TYPE_LIST ObjectTypeList;
} SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
typedef struct _SE_ACCESS_REPLY {
ULONG Size;
ULONG ResultListCount;
PACCESS_MASK GrantedAccess;
PNTSTATUS AccessStatus;
PACCESS_REASONS AccessReason;
PPRIVILEGE_SET* Privileges;
} SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
typedef enum _SE_AUDIT_OPERATION {
AuditPrivilegeObject,
AuditPrivilegeService,
AuditAccessCheck,
AuditOpenObject,
AuditOpenObjectWithTransaction,
AuditCloseObject,
AuditDeleteObject,
AuditOpenObjectForDelete,
AuditOpenObjectForDeleteWithTransaction,
AuditCloseNonObject,
AuditOpenNonObject,
AuditObjectReference,
AuditHandleCreation,
} SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
typedef struct _SE_AUDIT_INFO {
ULONG Size;
AUDIT_EVENT_TYPE AuditType;
SE_AUDIT_OPERATION AuditOperation;
ULONG AuditFlags;
UNICODE_STRING SubsystemName;
UNICODE_STRING ObjectTypeName;
UNICODE_STRING ObjectName;
PVOID HandleId;
GUID* TransactionId;
LUID* OperationId;
BOOLEAN ObjectCreation;
BOOLEAN GenerateOnClose;
} SE_AUDIT_INFO, *PSE_AUDIT_INFO;
#define TOKEN_ASSIGN_PRIMARY (0x0001)
#define TOKEN_DUPLICATE (0x0002)
#define TOKEN_IMPERSONATE (0x0004)
#define TOKEN_QUERY (0x0008)
#define TOKEN_QUERY_SOURCE (0x0010)
#define TOKEN_ADJUST_PRIVILEGES (0x0020)
#define TOKEN_ADJUST_GROUPS (0x0040)
#define TOKEN_ADJUST_DEFAULT (0x0080)
#define TOKEN_ADJUST_SESSIONID (0x0100)
#define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
TOKEN_ASSIGN_PRIMARY |\
TOKEN_DUPLICATE |\
TOKEN_IMPERSONATE |\
TOKEN_QUERY |\
TOKEN_QUERY_SOURCE |\
TOKEN_ADJUST_PRIVILEGES |\
TOKEN_ADJUST_GROUPS |\
TOKEN_ADJUST_DEFAULT )
#if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
TOKEN_ADJUST_SESSIONID )
#else
#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
#endif
#define TOKEN_READ (STANDARD_RIGHTS_READ |\
TOKEN_QUERY)
#define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
TOKEN_ADJUST_PRIVILEGES |\
TOKEN_ADJUST_GROUPS |\
TOKEN_ADJUST_DEFAULT)
#define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
typedef enum _TOKEN_TYPE {
TokenPrimary = 1,
TokenImpersonation
} TOKEN_TYPE,*PTOKEN_TYPE;
typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
typedef struct _TOKEN_USER {
SID_AND_ATTRIBUTES User;
} TOKEN_USER, *PTOKEN_USER;
typedef struct _TOKEN_GROUPS {
ULONG GroupCount;
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
} TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
typedef struct _TOKEN_PRIVILEGES {
ULONG PrivilegeCount;
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
} TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
typedef struct _TOKEN_OWNER {
PSID Owner;
} TOKEN_OWNER,*PTOKEN_OWNER;
typedef struct _TOKEN_PRIMARY_GROUP {
PSID PrimaryGroup;
} TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
typedef struct _TOKEN_DEFAULT_DACL {
PACL DefaultDacl;
} TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
ULONG SidCount;
ULONG SidLength;
PSID_AND_ATTRIBUTES Sids;
ULONG RestrictedSidCount;
ULONG RestrictedSidLength;
PSID_AND_ATTRIBUTES RestrictedSids;
ULONG PrivilegeCount;
ULONG PrivilegeLength;
PLUID_AND_ATTRIBUTES Privileges;
LUID AuthenticationId;
} TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
typedef struct _TOKEN_LINKED_TOKEN {
HANDLE LinkedToken;
} TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
typedef struct _TOKEN_ELEVATION {
ULONG TokenIsElevated;
} TOKEN_ELEVATION, *PTOKEN_ELEVATION;
typedef struct _TOKEN_MANDATORY_LABEL {
SID_AND_ATTRIBUTES Label;
} TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
#define TOKEN_MANDATORY_POLICY_OFF 0x0
#define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
#define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
#define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
typedef struct _TOKEN_MANDATORY_POLICY {
ULONG Policy;
} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
typedef struct _TOKEN_ACCESS_INFORMATION {
PSID_AND_ATTRIBUTES_HASH SidHash;
PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
PTOKEN_PRIVILEGES Privileges;
LUID AuthenticationId;
TOKEN_TYPE TokenType;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
TOKEN_MANDATORY_POLICY MandatoryPolicy;
ULONG Flags;
} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
#define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
typedef struct _TOKEN_AUDIT_POLICY {
UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
} TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
#define TOKEN_SOURCE_LENGTH 8
typedef struct _TOKEN_SOURCE {
CHAR SourceName[TOKEN_SOURCE_LENGTH];
LUID SourceIdentifier;
} TOKEN_SOURCE,*PTOKEN_SOURCE;
typedef struct _TOKEN_STATISTICS {
LUID TokenId;
LUID AuthenticationId;
LARGE_INTEGER ExpirationTime;
TOKEN_TYPE TokenType;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
ULONG DynamicCharged;
ULONG DynamicAvailable;
ULONG GroupCount;
ULONG PrivilegeCount;
LUID ModifiedId;
} TOKEN_STATISTICS, *PTOKEN_STATISTICS;
typedef struct _TOKEN_CONTROL {
LUID TokenId;
LUID AuthenticationId;
LUID ModifiedId;
TOKEN_SOURCE TokenSource;
} TOKEN_CONTROL,*PTOKEN_CONTROL;
typedef struct _TOKEN_ORIGIN {
LUID OriginatingLogonSession;
} TOKEN_ORIGIN, *PTOKEN_ORIGIN;
typedef enum _MANDATORY_LEVEL {
MandatoryLevelUntrusted = 0,
MandatoryLevelLow,
MandatoryLevelMedium,
MandatoryLevelHigh,
MandatoryLevelSystem,
MandatoryLevelSecureProcess,
MandatoryLevelCount
} MANDATORY_LEVEL, *PMANDATORY_LEVEL;
#define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
#define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
#define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
#define TOKEN_WRITE_RESTRICTED 0x0008
#define TOKEN_IS_RESTRICTED 0x0010
#define TOKEN_SESSION_NOT_REFERENCED 0x0020
#define TOKEN_SANDBOX_INERT 0x0040
#define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
#define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
#define TOKEN_VIRTUALIZE_ALLOWED 0x0200
#define TOKEN_VIRTUALIZE_ENABLED 0x0400
#define TOKEN_IS_FILTERED 0x0800
#define TOKEN_UIACCESS 0x1000
#define TOKEN_NOT_LOW 0x2000
typedef struct _SE_EXPORTS {
LUID SeCreateTokenPrivilege;
LUID SeAssignPrimaryTokenPrivilege;
LUID SeLockMemoryPrivilege;
LUID SeIncreaseQuotaPrivilege;
LUID SeUnsolicitedInputPrivilege;
LUID SeTcbPrivilege;
LUID SeSecurityPrivilege;
LUID SeTakeOwnershipPrivilege;
LUID SeLoadDriverPrivilege;
LUID SeCreatePagefilePrivilege;
LUID SeIncreaseBasePriorityPrivilege;
LUID SeSystemProfilePrivilege;
LUID SeSystemtimePrivilege;
LUID SeProfileSingleProcessPrivilege;
LUID SeCreatePermanentPrivilege;
LUID SeBackupPrivilege;
LUID SeRestorePrivilege;
LUID SeShutdownPrivilege;
LUID SeDebugPrivilege;
LUID SeAuditPrivilege;
LUID SeSystemEnvironmentPrivilege;
LUID SeChangeNotifyPrivilege;
LUID SeRemoteShutdownPrivilege;
PSID SeNullSid;
PSID SeWorldSid;
PSID SeLocalSid;
PSID SeCreatorOwnerSid;
PSID SeCreatorGroupSid;
PSID SeNtAuthoritySid;
PSID SeDialupSid;
PSID SeNetworkSid;
PSID SeBatchSid;
PSID SeInteractiveSid;
PSID SeLocalSystemSid;
PSID SeAliasAdminsSid;
PSID SeAliasUsersSid;
PSID SeAliasGuestsSid;
PSID SeAliasPowerUsersSid;
PSID SeAliasAccountOpsSid;
PSID SeAliasSystemOpsSid;
PSID SeAliasPrintOpsSid;
PSID SeAliasBackupOpsSid;
PSID SeAuthenticatedUsersSid;
PSID SeRestrictedSid;
PSID SeAnonymousLogonSid;
LUID SeUndockPrivilege;
LUID SeSyncAgentPrivilege;
LUID SeEnableDelegationPrivilege;
PSID SeLocalServiceSid;
PSID SeNetworkServiceSid;
LUID SeManageVolumePrivilege;
LUID SeImpersonatePrivilege;
LUID SeCreateGlobalPrivilege;
LUID SeTrustedCredManAccessPrivilege;
LUID SeRelabelPrivilege;
LUID SeIncreaseWorkingSetPrivilege;
LUID SeTimeZonePrivilege;
LUID SeCreateSymbolicLinkPrivilege;
PSID SeIUserSid;
PSID SeUntrustedMandatorySid;
PSID SeLowMandatorySid;
PSID SeMediumMandatorySid;
PSID SeHighMandatorySid;
PSID SeSystemMandatorySid;
PSID SeOwnerRightsSid;
} SE_EXPORTS, *PSE_EXPORTS;
typedef NTSTATUS
(NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
IN PLUID LogonId);
$endif (_NTIFS_)

512
include/xdk/zwfuncs.h
View file

@ -9,11 +9,9 @@ $if (_WDMDDK_)
#define ZwCurrentProcess() NtCurrentProcess()
#define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 )
#define ZwCurrentThread() NtCurrentThread()
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTSYSAPI
NTSTATUS
NTAPI
@ -35,97 +33,45 @@ ZwOpenProcess(
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PCLIENT_ID ClientId OPTIONAL);
$endif (_NTDDK_)
$if (_NTIFS_)
$endif
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryEaFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID Buffer,
IN ULONG Length,
IN BOOLEAN ReturnSingleEntry,
IN PVOID EaList OPTIONAL,
IN ULONG EaListLength,
IN PULONG EaIndex OPTIONAL,
IN BOOLEAN RestartScan);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetEaFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID Buffer,
IN ULONG Length);
NTSYSAPI
NTSTATUS
NTAPI
ZwDuplicateToken(
IN HANDLE ExistingTokenHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN BOOLEAN EffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE NewTokenHandle);
$endif (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WIN2K)
$if (_NTDDK_)
NTSTATUS
NTAPI
ZwCancelTimer(
IN HANDLE TimerHandle,
OUT PBOOLEAN CurrentState OPTIONAL);
NTSTATUS
NTAPI
ZwCreateTimer(
OUT PHANDLE TimerHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN TIMER_TYPE TimerType);
NTSTATUS
NTAPI
ZwOpenTimer(
OUT PHANDLE TimerHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationThread(
IN HANDLE ThreadHandle,
IN THREADINFOCLASS ThreadInformationClass,
IN PVOID ThreadInformation,
IN ULONG ThreadInformationLength);
NTSTATUS
NTAPI
ZwSetTimer(
IN HANDLE TimerHandle,
IN PLARGE_INTEGER DueTime,
IN PTIMER_APC_ROUTINE TimerApcRoutine OPTIONAL,
IN PVOID TimerContext OPTIONAL,
IN BOOLEAN ResumeTimer,
IN LONG Period OPTIONAL,
OUT PBOOLEAN PreviousState OPTIONAL);
NTSYSAPI
NTSTATUS
NTAPI
ZwDisplayString(
IN PUNICODE_STRING String);
NTSYSAPI
NTSTATUS
NTAPI
ZwPowerInformation(
IN POWER_INFORMATION_LEVEL PowerInformationLevel,
IN PVOID InputBuffer OPTIONAL,
IN ULONG InputBufferLength,
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryVolumeInformationFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FsInformation,
IN ULONG Length,
IN FS_INFORMATION_CLASS FsInformationClass);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeviceIoControlFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG IoControlCode,
IN PVOID InputBuffer OPTIONAL,
IN ULONG InputBufferLength,
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
$endif
$if (_WDMDDK_)
NTSYSAPI
@ -393,10 +339,294 @@ ZwQueryFullAttributesFile(
IN POBJECT_ATTRIBUTES ObjectAttributes,
OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTSTATUS
NTAPI
ZwCancelTimer(
IN HANDLE TimerHandle,
OUT PBOOLEAN CurrentState OPTIONAL);
NTSTATUS
NTAPI
ZwCreateTimer(
OUT PHANDLE TimerHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN TIMER_TYPE TimerType);
NTSTATUS
NTAPI
ZwOpenTimer(
OUT PHANDLE TimerHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationThread(
IN HANDLE ThreadHandle,
IN THREADINFOCLASS ThreadInformationClass,
IN PVOID ThreadInformation,
IN ULONG ThreadInformationLength);
NTSTATUS
NTAPI
ZwSetTimer(
IN HANDLE TimerHandle,
IN PLARGE_INTEGER DueTime,
IN PTIMER_APC_ROUTINE TimerApcRoutine OPTIONAL,
IN PVOID TimerContext OPTIONAL,
IN BOOLEAN ResumeTimer,
IN LONG Period OPTIONAL,
OUT PBOOLEAN PreviousState OPTIONAL);
NTSYSAPI
NTSTATUS
NTAPI
ZwDisplayString(
IN PUNICODE_STRING String);
NTSYSAPI
NTSTATUS
NTAPI
ZwPowerInformation(
IN POWER_INFORMATION_LEVEL PowerInformationLevel,
IN PVOID InputBuffer OPTIONAL,
IN ULONG InputBufferLength,
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryVolumeInformationFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FsInformation,
IN ULONG Length,
IN FS_INFORMATION_CLASS FsInformationClass);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeviceIoControlFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG IoControlCode,
IN PVOID InputBuffer OPTIONAL,
IN ULONG InputBufferLength,
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
$endif (_NTDDK_)
$if (_NTIFS_)
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryObject(
IN HANDLE Handle OPTIONAL,
IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
OUT PVOID ObjectInformation OPTIONAL,
IN ULONG ObjectInformationLength,
OUT PULONG ReturnLength OPTIONAL);
NTSYSAPI
NTSTATUS
NTAPI
ZwNotifyChangeKey(
IN HANDLE KeyHandle,
IN HANDLE EventHandle OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG NotifyFilter,
IN BOOLEAN WatchSubtree,
OUT PVOID Buffer,
IN ULONG BufferLength,
IN BOOLEAN Asynchronous);
NTSYSAPI
NTSTATUS
NTAPI
ZwCreateEvent(
OUT PHANDLE EventHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN EVENT_TYPE EventType,
IN BOOLEAN InitialState);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeleteFile(
IN POBJECT_ATTRIBUTES ObjectAttributes);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryDirectoryFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass,
IN BOOLEAN ReturnSingleEntry,
IN PUNICODE_STRING FileName OPTIONAL,
IN BOOLEAN RestartScan);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetVolumeInformationFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN PVOID FsInformation,
IN ULONG Length,
IN FS_INFORMATION_CLASS FsInformationClass);
NTSYSAPI
NTSTATUS
NTAPI
ZwFsControlFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG FsControlCode,
IN PVOID InputBuffer OPTIONAL,
IN ULONG InputBufferLength,
OUT PVOID OutputBuffer OPTIONAL,
IN ULONG OutputBufferLength);
NTSYSAPI
NTSTATUS
NTAPI
ZwDuplicateObject(
IN HANDLE SourceProcessHandle,
IN HANDLE SourceHandle,
IN HANDLE TargetProcessHandle OPTIONAL,
OUT PHANDLE TargetHandle OPTIONAL,
IN ACCESS_MASK DesiredAccess,
IN ULONG HandleAttributes,
IN ULONG Options);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenDirectoryObject(
OUT PHANDLE DirectoryHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes);
NTSYSAPI
NTSTATUS
NTAPI
ZwAllocateVirtualMemory(
IN HANDLE ProcessHandle,
IN OUT PVOID *BaseAddress,
IN ULONG_PTR ZeroBits,
IN OUT PSIZE_T RegionSize,
IN ULONG AllocationType,
IN ULONG Protect);
NTSYSAPI
NTSTATUS
NTAPI
ZwFreeVirtualMemory(
IN HANDLE ProcessHandle,
IN OUT PVOID *BaseAddress,
IN OUT PSIZE_T RegionSize,
IN ULONG FreeType);
NTSYSAPI
NTSTATUS
NTAPI
ZwWaitForSingleObject(
IN HANDLE Handle,
IN BOOLEAN Alertable,
IN PLARGE_INTEGER Timeout OPTIONAL);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetEvent(
IN HANDLE EventHandle,
OUT PLONG PreviousState OPTIONAL);
NTSYSAPI
NTSTATUS
NTAPI
ZwFlushVirtualMemory(
IN HANDLE ProcessHandle,
IN OUT PVOID *BaseAddress,
IN OUT PSIZE_T RegionSize,
OUT PIO_STATUS_BLOCK IoStatusBlock);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryInformationToken(
IN HANDLE TokenHandle,
IN TOKEN_INFORMATION_CLASS TokenInformationClass,
OUT PVOID TokenInformation,
IN ULONG Length,
OUT PULONG ResultLength);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetSecurityObject(
IN HANDLE Handle,
IN SECURITY_INFORMATION SecurityInformation,
IN PSECURITY_DESCRIPTOR SecurityDescriptor);
NTSYSAPI
NTSTATUS
NTAPI
ZwQuerySecurityObject(
IN HANDLE FileHandle,
IN SECURITY_INFORMATION SecurityInformation,
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
IN ULONG Length,
OUT PULONG ResultLength);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
$if (_NTIFS_)
#if (NTDDI_VERSION >= NTDDI_WINXP)
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenProcessTokenEx(
IN HANDLE ProcessHandle,
IN ACCESS_MASK DesiredAccess,
IN ULONG HandleAttributes,
OUT PHANDLE TokenHandle);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenThreadTokenEx(
IN HANDLE ThreadHandle,
IN ACCESS_MASK DesiredAccess,
IN BOOLEAN OpenAsSelf,
IN ULONG HandleAttributes,
OUT PHANDLE TokenHandle);
#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
$endif (_NTIFS_)
$if (_WDMDDK_)
#if (NTDDI_VERSION >= NTDDI_WS03)
@ -408,8 +638,12 @@ ZwOpenEvent(
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes);
#endif
$endif (_WDMDDK_)
$if (_WDMDDK_ || _NTIFS_)
#if (NTDDI_VERSION >= NTDDI_VISTA)
$endif
$if (_WDMDDK_)
NTSYSAPI
NTSTATUS
@ -731,24 +965,68 @@ NTAPI
ZwSinglePhaseReject(
IN HANDLE EnlistmentHandle,
IN PLARGE_INTEGER TmVirtualClock OPTIONAL);
$endif (_WDMDDK_)
$if (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
$endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
$if (_NTDDK_)
NTSYSAPI
NTSTATUS
NTAPI
ZwSetTimerEx(
IN HANDLE TimerHandle,
IN TIMER_SET_INFORMATION_CLASS TimerSetInformationClass,
IN OUT PVOID TimerSetInformation,
IN ULONG TimerSetInformationLength);
$endif
ZwLockFile(
IN HANDLE FileHandle,
IN HANDLE Event OPTIONAL,
IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
IN PVOID ApcContext OPTIONAL,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN PLARGE_INTEGER ByteOffset,
IN PLARGE_INTEGER Length,
IN ULONG Key,
IN BOOLEAN FailImmediately,
IN BOOLEAN ExclusiveLock);
NTSYSAPI
NTSTATUS
NTAPI
ZwUnlockFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN PLARGE_INTEGER ByteOffset,
IN PLARGE_INTEGER Length,
IN ULONG Key);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryQuotaInformationFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
OUT PVOID Buffer,
IN ULONG Length,
IN BOOLEAN ReturnSingleEntry,
IN PVOID SidList,
IN ULONG SidListLength,
IN PSID StartSid OPTIONAL,
IN BOOLEAN RestartScan);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetQuotaInformationFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock,
IN PVOID Buffer,
IN ULONG Length);
NTSYSAPI
NTSTATUS
NTAPI
ZwFlushBuffersFile(
IN HANDLE FileHandle,
OUT PIO_STATUS_BLOCK IoStatusBlock);
$endif (_NTIFS_)
$if (_WDMDDK_ || _NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
$endif
#if (NTDDI_VERSION >= NTDDI_WIN7)
$if (_WDMDDK_)
NTSYSAPI
@ -814,7 +1092,27 @@ ZwSetInformationKey(
IN PVOID KeySetInformation,
IN ULONG KeySetInformationLength);
$endif
$endif (_WDMDDK_)
$if (_NTDDK_)
NTSTATUS
NTAPI
ZwSetTimerEx(
IN HANDLE TimerHandle,
IN TIMER_SET_INFORMATION_CLASS TimerSetInformationClass,
IN OUT PVOID TimerSetInformation,
IN ULONG TimerSetInformationLength);
$endif (_NTDDK_)
$if (_NTIFS_)
NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationToken(
IN HANDLE TokenHandle,
IN TOKEN_INFORMATION_CLASS TokenInformationClass,
IN PVOID TokenInformation,
IN ULONG TokenInformationLength);
$endif (_NTIFS_)
#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */