mirror of
https://github.com/reactos/reactos.git
synced 2024-12-29 10:35:28 +00:00
661 lines
19 KiB
C
661 lines
19 KiB
C
#ifndef __NTDDK_EX__H__
|
|
#define __NTDDK_EX__H__
|
|
|
|
//#ifndef USE_REACTOS_DDK
|
|
#ifdef ASSERT
|
|
#undef ASSERT
|
|
#define ASSERT(x) ((void)0)
|
|
#endif //ASSERT
|
|
//#endif //USE_REACTOS_DDK
|
|
|
|
|
|
#if !defined(FILE_CHARACTERISTIC_PNP_DEVICE) || defined(USE_REACTOS_DDK) // DDK 2003
|
|
|
|
#ifndef FILE_CHARACTERISTIC_PNP_DEVICE
|
|
#define FILE_CHARACTERISTIC_PNP_DEVICE 0x00000800
|
|
#endif
|
|
|
|
typedef enum _SYSTEM_INFORMATION_CLASS {
|
|
SystemBasicInformation,
|
|
SystemProcessorInformation,
|
|
SystemPerformanceInformation,
|
|
SystemTimeOfDayInformation,
|
|
SystemPathInformation,
|
|
SystemProcessInformation,
|
|
SystemCallCountInformation,
|
|
SystemDeviceInformation,
|
|
SystemProcessorPerformanceInformation,
|
|
SystemFlagsInformation,
|
|
SystemCallTimeInformation,
|
|
SystemModuleInformation,
|
|
SystemLocksInformation,
|
|
SystemStackTraceInformation,
|
|
SystemPagedPoolInformation,
|
|
SystemNonPagedPoolInformation,
|
|
SystemHandleInformation,
|
|
SystemObjectInformation,
|
|
SystemPageFileInformation,
|
|
SystemVdmInstemulInformation,
|
|
SystemVdmBopInformation,
|
|
SystemFileCacheInformation,
|
|
SystemPoolTagInformation,
|
|
SystemInterruptInformation,
|
|
SystemDpcBehaviorInformation,
|
|
SystemFullMemoryInformation,
|
|
SystemLoadGdiDriverInformation,
|
|
SystemUnloadGdiDriverInformation,
|
|
SystemTimeAdjustmentInformation,
|
|
SystemSummaryMemoryInformation,
|
|
#ifndef USE_REACTOS_DDK
|
|
SystemNextEventIdInformation,
|
|
SystemEventIdsInformation,
|
|
SystemCrashDumpInformation,
|
|
#else
|
|
SystemMirrorMemoryInformation,
|
|
SystemPerformanceTraceInformation,
|
|
SystemObsolete0,
|
|
#endif // USE_REACTOS_DDK
|
|
SystemExceptionInformation,
|
|
SystemCrashDumpStateInformation,
|
|
SystemKernelDebuggerInformation,
|
|
SystemContextSwitchInformation,
|
|
SystemRegistryQuotaInformation,
|
|
SystemExtendServiceTableInformation,
|
|
SystemPrioritySeperation,
|
|
SystemPlugPlayBusInformation,
|
|
SystemDockInformation,
|
|
#ifdef USE_REACTOS_DDK
|
|
SystemPowerInformationNative,
|
|
#elif defined IRP_MN_START_DEVICE
|
|
SystemPowerInformationInfo,
|
|
#else
|
|
SystemPowerInformation,
|
|
#endif // USE_REACTOS_DDK
|
|
SystemProcessorSpeedInformation,
|
|
SystemCurrentTimeZoneInformation,
|
|
SystemLookasideInformation,
|
|
#ifdef USE_REACTOS_DDK
|
|
SystemTimeSlipNotification,
|
|
SystemSessionCreate,
|
|
SystemSessionDetach,
|
|
SystemSessionInformation,
|
|
SystemRangeStartInformation,
|
|
SystemVerifierInformation,
|
|
SystemAddVerifier,
|
|
SystemSessionProcessesInformation,
|
|
SystemLoadGdiDriverInSystemSpaceInformation,
|
|
SystemNumaProcessorMap,
|
|
SystemPrefetcherInformation,
|
|
SystemExtendedProcessInformation,
|
|
SystemRecommendedSharedDataAlignment,
|
|
SystemComPlusPackage,
|
|
SystemNumaAvailableMemory,
|
|
SystemProcessorPowerInformation,
|
|
SystemEmulationBasicInformation,
|
|
SystemEmulationProcessorInformation,
|
|
SystemExtendedHanfleInformation,
|
|
SystemLostDelayedWriteInformation,
|
|
SystemBigPoolInformation,
|
|
SystemSessionPoolTagInformation,
|
|
SystemSessionMappedViewInformation,
|
|
SystemHotpatchInformation,
|
|
SystemObjectSecurityMode,
|
|
SystemWatchDogTimerHandler,
|
|
SystemWatchDogTimerInformation,
|
|
SystemLogicalProcessorInformation,
|
|
SystemWo64SharedInformationObosolete,
|
|
SystemRegisterFirmwareTableInformationHandler,
|
|
SystemFirmwareTableInformation,
|
|
SystemModuleInformationEx,
|
|
SystemVerifierTriageInformation,
|
|
SystemSuperfetchInformation,
|
|
SystemMemoryListInformation,
|
|
SystemFileCacheInformationEx,
|
|
SystemThreadPriorityClientIdInformation,
|
|
SystemProcessorIdleCycleTimeInformation,
|
|
SystemVerifierCancellationInformation,
|
|
SystemProcessorPowerInformationEx,
|
|
SystemRefTraceInformation,
|
|
SystemSpecialPoolInformation,
|
|
SystemProcessIdInformation,
|
|
SystemErrorPortInformation,
|
|
SystemBootEnvironmentInformation,
|
|
SystemHypervisorInformation,
|
|
SystemVerifierInformationEx,
|
|
SystemTimeZoneInformation,
|
|
SystemImageFileExecutionOptionsInformation,
|
|
SystemCoverageInformation,
|
|
SystemPrefetchPathInformation,
|
|
SystemVerifierFaultsInformation,
|
|
MaxSystemInfoClass,
|
|
#endif // USE_REACTOS_DDK
|
|
} SYSTEM_INFORMATION_CLASS;
|
|
|
|
#endif // !defined(FILE_CHARACTERISTIC_PNP_DEVICE) || defined(USE_REACTOS_DDK)
|
|
|
|
|
|
NTSYSAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
ZwQuerySystemInformation(
|
|
IN SYSTEM_INFORMATION_CLASS SystemInfoClass,
|
|
OUT PVOID SystemInfoBuffer,
|
|
IN ULONG SystemInfoBufferSize,
|
|
OUT PULONG BytesReturned OPTIONAL
|
|
);
|
|
|
|
NTSYSAPI
|
|
NTSTATUS
|
|
NTAPI
|
|
NtQuerySystemInformation(
|
|
IN SYSTEM_INFORMATION_CLASS SystemInfoClass,
|
|
OUT PVOID SystemInfoBuffer,
|
|
IN ULONG SystemInfoBufferSize,
|
|
OUT PULONG BytesReturned OPTIONAL
|
|
);
|
|
|
|
typedef struct _SYSTEM_BASIC_INFORMATION {
|
|
ULONG Reserved;
|
|
ULONG TimerResolution;
|
|
ULONG PageSize;
|
|
ULONG NumberOfPhysicalPages;
|
|
ULONG LowestPhysicalPageNumber;
|
|
ULONG HighestPhysicalPageNumber;
|
|
ULONG AllocationGranularity;
|
|
ULONG MinimumUserModeAddress;
|
|
ULONG MaximumUserModeAddress;
|
|
KAFFINITY ActiveProcessorsAffinityMask;
|
|
CCHAR NumberOfProcessors;
|
|
} SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
|
|
|
|
typedef struct _SYSTEM_MODULE_ENTRY
|
|
{
|
|
ULONG Unused;
|
|
ULONG Always0;
|
|
PVOID ModuleBaseAddress;
|
|
ULONG ModuleSize;
|
|
ULONG Unknown;
|
|
ULONG ModuleEntryIndex;
|
|
USHORT ModuleNameLength;
|
|
USHORT ModuleNameOffset;
|
|
CHAR ModuleName [256];
|
|
} SYSTEM_MODULE_ENTRY, * PSYSTEM_MODULE_ENTRY;
|
|
|
|
typedef struct _SYSTEM_MODULE_INFORMATION
|
|
{
|
|
ULONG Count;
|
|
SYSTEM_MODULE_ENTRY Module [1];
|
|
} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
|
|
|
|
typedef unsigned short WORD;
|
|
#ifndef __REACTOS__
|
|
typedef unsigned int BOOL;
|
|
#endif //__REACTOS__
|
|
typedef unsigned long DWORD;
|
|
typedef unsigned char BYTE;
|
|
|
|
|
|
typedef struct _LDR_DATA_TABLE_ENTRY {
|
|
LIST_ENTRY LoadOrder;
|
|
LIST_ENTRY MemoryOrder;
|
|
LIST_ENTRY InitializationOrder;
|
|
PVOID ModuleBaseAddress;
|
|
PVOID EntryPoint;
|
|
ULONG ModuleSize;
|
|
UNICODE_STRING FullModuleName;
|
|
UNICODE_STRING ModuleName;
|
|
ULONG Flags;
|
|
USHORT LoadCount;
|
|
USHORT TlsIndex;
|
|
union {
|
|
LIST_ENTRY Hash;
|
|
struct {
|
|
PVOID SectionPointer;
|
|
ULONG CheckSum;
|
|
};
|
|
};
|
|
ULONG TimeStamp;
|
|
} LDR_DATA_TABLE_ENTRY, *PLDR_DATA_TABLE_ENTRY;
|
|
|
|
typedef struct _PEB_LDR_DATA {
|
|
ULONG Length;
|
|
BOOLEAN Initialized;
|
|
HANDLE SsHandle;
|
|
LIST_ENTRY LoadOrder;
|
|
LIST_ENTRY MemoryOrder;
|
|
LIST_ENTRY InitializationOrder;
|
|
} PEB_LDR_DATA, *PPEB_LDR_DATA;
|
|
|
|
typedef struct _PEB_FREE_BLOCK {
|
|
struct _PEB_FREE_BLOCK *Next;
|
|
ULONG Size;
|
|
} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
|
|
|
|
#define GDI_HANDLE_BUFFER_SIZE 34
|
|
|
|
#define TLS_MINIMUM_AVAILABLE 64 // winnt
|
|
|
|
typedef struct _PEB {
|
|
BOOLEAN InheritedAddressSpace; // These four fields cannot change unless the
|
|
BOOLEAN ReadImageFileExecOptions; //
|
|
BOOLEAN BeingDebugged; //
|
|
BOOLEAN SpareBool; //
|
|
HANDLE Mutant; // INITIAL_PEB structure is also updated.
|
|
|
|
PVOID ImageBaseAddress;
|
|
PPEB_LDR_DATA Ldr;
|
|
struct _RTL_USER_PROCESS_PARAMETERS *ProcessParameters;
|
|
PVOID SubSystemData;
|
|
PVOID ProcessHeap;
|
|
PVOID FastPebLock;
|
|
PVOID FastPebLockRoutine;
|
|
PVOID FastPebUnlockRoutine;
|
|
ULONG EnvironmentUpdateCount;
|
|
PVOID KernelCallbackTable;
|
|
HANDLE EventLogSection;
|
|
PVOID EventLog;
|
|
PPEB_FREE_BLOCK FreeList;
|
|
ULONG TlsExpansionCounter;
|
|
PVOID TlsBitmap;
|
|
ULONG TlsBitmapBits[2]; // relates to TLS_MINIMUM_AVAILABLE
|
|
PVOID ReadOnlySharedMemoryBase;
|
|
PVOID ReadOnlySharedMemoryHeap;
|
|
PVOID *ReadOnlyStaticServerData;
|
|
PVOID AnsiCodePageData;
|
|
PVOID OemCodePageData;
|
|
PVOID UnicodeCaseTableData;
|
|
|
|
// Useful information for LdrpInitialize
|
|
ULONG NumberOfProcessors;
|
|
ULONG NtGlobalFlag;
|
|
|
|
// Passed up from MmCreatePeb from Session Manager registry key
|
|
|
|
LARGE_INTEGER CriticalSectionTimeout;
|
|
ULONG HeapSegmentReserve;
|
|
ULONG HeapSegmentCommit;
|
|
ULONG HeapDeCommitTotalFreeThreshold;
|
|
ULONG HeapDeCommitFreeBlockThreshold;
|
|
|
|
// Where heap manager keeps track of all heaps created for a process
|
|
// Fields initialized by MmCreatePeb. ProcessHeaps is initialized
|
|
// to point to the first free byte after the PEB and MaximumNumberOfHeaps
|
|
// is computed from the page size used to hold the PEB, less the fixed
|
|
// size of this data structure.
|
|
|
|
ULONG NumberOfHeaps;
|
|
ULONG MaximumNumberOfHeaps;
|
|
PVOID *ProcessHeaps;
|
|
|
|
//
|
|
//
|
|
PVOID GdiSharedHandleTable;
|
|
PVOID ProcessStarterHelper;
|
|
PVOID GdiDCAttributeList;
|
|
PVOID LoaderLock;
|
|
|
|
// Following fields filled in by MmCreatePeb from system values and/or
|
|
// image header.
|
|
|
|
ULONG OSMajorVersion;
|
|
ULONG OSMinorVersion;
|
|
ULONG OSBuildNumber;
|
|
ULONG OSPlatformId;
|
|
ULONG ImageSubsystem;
|
|
ULONG ImageSubsystemMajorVersion;
|
|
ULONG ImageSubsystemMinorVersion;
|
|
ULONG ImageProcessAffinityMask;
|
|
ULONG GdiHandleBuffer[GDI_HANDLE_BUFFER_SIZE];
|
|
} PEB, *PPEB;
|
|
|
|
//
|
|
// Gdi command batching
|
|
//
|
|
|
|
#define GDI_BATCH_BUFFER_SIZE 310
|
|
|
|
typedef struct _GDI_TEB_BATCH {
|
|
ULONG Offset;
|
|
ULONG HDC;
|
|
ULONG Buffer[GDI_BATCH_BUFFER_SIZE];
|
|
} GDI_TEB_BATCH,*PGDI_TEB_BATCH;
|
|
|
|
//
|
|
// TEB - The thread environment block
|
|
//
|
|
|
|
#define STATIC_UNICODE_BUFFER_LENGTH 261
|
|
#define WIN32_CLIENT_INFO_LENGTH 31
|
|
#define WIN32_CLIENT_INFO_SPIN_COUNT 1
|
|
|
|
typedef struct _TEB {
|
|
NT_TIB NtTib;
|
|
PVOID EnvironmentPointer;
|
|
CLIENT_ID ClientId;
|
|
PVOID ActiveRpcHandle;
|
|
PVOID ThreadLocalStoragePointer;
|
|
PPEB ProcessEnvironmentBlock;
|
|
ULONG LastErrorValue;
|
|
ULONG CountOfOwnedCriticalSections;
|
|
PVOID CsrClientThread;
|
|
PVOID Win32ThreadInfo; // PtiCurrent
|
|
ULONG Win32ClientInfo[WIN32_CLIENT_INFO_LENGTH]; // User32 Client Info
|
|
PVOID WOW32Reserved; // used by WOW
|
|
LCID CurrentLocale;
|
|
ULONG FpSoftwareStatusRegister;
|
|
PVOID SystemReserved1[54]; // Used by FP emulator
|
|
PVOID Spare1; // unused
|
|
NTSTATUS ExceptionCode; // for RaiseUserException
|
|
UCHAR SpareBytes1[40];
|
|
PVOID SystemReserved2[10]; // Used by user/console for temp obja
|
|
GDI_TEB_BATCH GdiTebBatch; // Gdi batching
|
|
ULONG gdiRgn;
|
|
ULONG gdiPen;
|
|
ULONG gdiBrush;
|
|
CLIENT_ID RealClientId;
|
|
HANDLE GdiCachedProcessHandle;
|
|
ULONG GdiClientPID;
|
|
ULONG GdiClientTID;
|
|
PVOID GdiThreadLocalInfo;
|
|
PVOID UserReserved[5]; // unused
|
|
PVOID glDispatchTable[280]; // OpenGL
|
|
ULONG glReserved1[26]; // OpenGL
|
|
PVOID glReserved2; // OpenGL
|
|
PVOID glSectionInfo; // OpenGL
|
|
PVOID glSection; // OpenGL
|
|
PVOID glTable; // OpenGL
|
|
PVOID glCurrentRC; // OpenGL
|
|
PVOID glContext; // OpenGL
|
|
ULONG LastStatusValue;
|
|
UNICODE_STRING StaticUnicodeString;
|
|
WCHAR StaticUnicodeBuffer[STATIC_UNICODE_BUFFER_LENGTH];
|
|
PVOID DeallocationStack;
|
|
PVOID TlsSlots[TLS_MINIMUM_AVAILABLE];
|
|
LIST_ENTRY TlsLinks;
|
|
PVOID Vdm;
|
|
PVOID ReservedForNtRpc;
|
|
PVOID DbgSsReserved[2];
|
|
ULONG HardErrorsAreDisabled;
|
|
PVOID Instrumentation[16];
|
|
PVOID WinSockData; // WinSock
|
|
ULONG GdiBatchCount;
|
|
ULONG Spare2;
|
|
ULONG Spare3;
|
|
ULONG Spare4;
|
|
PVOID ReservedForOle;
|
|
ULONG WaitingOnLoaderLock;
|
|
} TEB;
|
|
typedef TEB *PTEB;
|
|
|
|
typedef struct _KTHREAD_HDR {
|
|
|
|
//
|
|
// The dispatcher header and mutant listhead are faifly infrequently
|
|
// referenced, but pad the thread to a 32-byte boundary (assumption
|
|
// that pool allocation is in units of 32-bytes).
|
|
//
|
|
|
|
DISPATCHER_HEADER Header;
|
|
LIST_ENTRY MutantListHead;
|
|
|
|
//
|
|
// The following fields are referenced during trap, interrupts, or
|
|
// context switches.
|
|
//
|
|
// N.B. The Teb address and TlsArray are loaded as a quadword quantity
|
|
// on MIPS and therefore must to on a quadword boundary.
|
|
//
|
|
|
|
PVOID InitialStack;
|
|
PVOID StackLimit;
|
|
PVOID Teb;
|
|
PVOID TlsArray;
|
|
PVOID KernelStack;
|
|
BOOLEAN DebugActive;
|
|
UCHAR State;
|
|
BOOLEAN Alerted[MaximumMode];
|
|
UCHAR Iopl;
|
|
UCHAR NpxState;
|
|
BOOLEAN Saturation;
|
|
SCHAR Priority;
|
|
/* KAPC_STATE ApcState;
|
|
ULONG ContextSwitches;
|
|
|
|
//
|
|
// The following fields are referenced during wait operations.
|
|
//
|
|
|
|
NTSTATUS WaitStatus;
|
|
KIRQL WaitIrql;
|
|
KPROCESSOR_MODE WaitMode;
|
|
BOOLEAN WaitNext;
|
|
UCHAR WaitReason;
|
|
PRKWAIT_BLOCK WaitBlockList;
|
|
LIST_ENTRY WaitListEntry;
|
|
ULONG WaitTime;
|
|
SCHAR BasePriority;
|
|
UCHAR DecrementCount;
|
|
SCHAR PriorityDecrement;
|
|
SCHAR Quantum;
|
|
KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
|
|
PVOID LegoData;
|
|
ULONG KernelApcDisable;
|
|
KAFFINITY UserAffinity;
|
|
BOOLEAN SystemAffinityActive;
|
|
UCHAR Pad[3];
|
|
PVOID ServiceTable;
|
|
// struct _ECHANNEL *Channel;
|
|
// PVOID Section;
|
|
// PCHANNEL_MESSAGE SystemView;
|
|
// PCHANNEL_MESSAGE ThreadView;
|
|
|
|
//
|
|
// The following fields are referenced during queue operations.
|
|
//
|
|
|
|
PRKQUEUE Queue;
|
|
KSPIN_LOCK ApcQueueLock;
|
|
KTIMER Timer;
|
|
LIST_ENTRY QueueListEntry;
|
|
|
|
//
|
|
// The following fields are referenced during read and find ready
|
|
// thread.
|
|
//
|
|
|
|
KAFFINITY Affinity;
|
|
BOOLEAN Preempted;
|
|
BOOLEAN ProcessReadyQueue;
|
|
BOOLEAN KernelStackResident;
|
|
UCHAR NextProcessor;
|
|
|
|
//
|
|
// The following fields are referenced suring system calls.
|
|
//
|
|
|
|
PVOID CallbackStack;
|
|
PVOID Win32Thread;
|
|
PKTRAP_FRAME TrapFrame;
|
|
PKAPC_STATE ApcStatePointer[2];
|
|
UCHAR EnableStackSwap;
|
|
UCHAR LargeStack;
|
|
UCHAR ResourceIndex;
|
|
CCHAR PreviousMode;
|
|
|
|
//
|
|
// The following entries are reference during clock interrupts.
|
|
//
|
|
|
|
ULONG KernelTime;
|
|
ULONG UserTime;
|
|
|
|
//
|
|
// The following fileds are referenced during APC queuing and process
|
|
// attach/detach.
|
|
//
|
|
|
|
KAPC_STATE SavedApcState;
|
|
BOOLEAN Alertable;
|
|
UCHAR ApcStateIndex;
|
|
BOOLEAN ApcQueueable;
|
|
BOOLEAN AutoAlignment;
|
|
|
|
//
|
|
// The following fields are referenced when the thread is initialized
|
|
// and very infrequently thereafter.
|
|
//
|
|
|
|
PVOID StackBase;
|
|
KAPC SuspendApc;
|
|
KSEMAPHORE SuspendSemaphore;
|
|
LIST_ENTRY ThreadListEntry;
|
|
|
|
//
|
|
// N.B. The below four UCHARs share the same DWORD and are modified
|
|
// by other threads. Therefore, they must ALWAYS be modified
|
|
// under the dispatcher lock to prevent granularity problems
|
|
// on Alpha machines.
|
|
//
|
|
CCHAR FreezeCount;
|
|
CCHAR SuspendCount;
|
|
UCHAR IdealProcessor;
|
|
UCHAR DisableBoost;
|
|
*/
|
|
} KTHREAD_HDR, *PKTHREAD_HDR;
|
|
|
|
#ifndef __REACTOS__
|
|
typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header
|
|
WORD e_magic; // Magic number
|
|
WORD e_cblp; // Bytes on last page of file
|
|
WORD e_cp; // Pages in file
|
|
WORD e_crlc; // Relocations
|
|
WORD e_cparhdr; // Size of header in paragraphs
|
|
WORD e_minalloc; // Minimum extra paragraphs needed
|
|
WORD e_maxalloc; // Maximum extra paragraphs needed
|
|
WORD e_ss; // Initial (relative) SS value
|
|
WORD e_sp; // Initial SP value
|
|
WORD e_csum; // Checksum
|
|
WORD e_ip; // Initial IP value
|
|
WORD e_cs; // Initial (relative) CS value
|
|
WORD e_lfarlc; // File address of relocation table
|
|
WORD e_ovno; // Overlay number
|
|
WORD e_res[4]; // Reserved words
|
|
WORD e_oemid; // OEM identifier (for e_oeminfo)
|
|
WORD e_oeminfo; // OEM information; e_oemid specific
|
|
WORD e_res2[10]; // Reserved words
|
|
LONG e_lfanew; // File address of new exe header
|
|
} IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;
|
|
|
|
typedef struct _IMAGE_FILE_HEADER {
|
|
WORD Machine;
|
|
WORD NumberOfSections;
|
|
DWORD TimeDateStamp;
|
|
DWORD PointerToSymbolTable;
|
|
DWORD NumberOfSymbols;
|
|
WORD SizeOfOptionalHeader;
|
|
WORD Characteristics;
|
|
} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
|
|
|
|
typedef struct _IMAGE_DATA_DIRECTORY {
|
|
DWORD VirtualAddress;
|
|
DWORD Size;
|
|
} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
|
|
#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
|
|
|
|
|
|
typedef struct _IMAGE_OPTIONAL_HEADER {
|
|
//
|
|
// Standard fields.
|
|
//
|
|
|
|
WORD Magic;
|
|
BYTE MajorLinkerVersion;
|
|
BYTE MinorLinkerVersion;
|
|
DWORD SizeOfCode;
|
|
DWORD SizeOfInitializedData;
|
|
DWORD SizeOfUninitializedData;
|
|
DWORD AddressOfEntryPoint;
|
|
DWORD BaseOfCode;
|
|
DWORD BaseOfData;
|
|
|
|
//
|
|
// NT additional fields.
|
|
//
|
|
|
|
DWORD ImageBase;
|
|
DWORD SectionAlignment;
|
|
DWORD FileAlignment;
|
|
WORD MajorOperatingSystemVersion;
|
|
WORD MinorOperatingSystemVersion;
|
|
WORD MajorImageVersion;
|
|
WORD MinorImageVersion;
|
|
WORD MajorSubsystemVersion;
|
|
WORD MinorSubsystemVersion;
|
|
DWORD Win32VersionValue;
|
|
DWORD SizeOfImage;
|
|
DWORD SizeOfHeaders;
|
|
DWORD CheckSum;
|
|
WORD Subsystem;
|
|
WORD DllCharacteristics;
|
|
DWORD SizeOfStackReserve;
|
|
DWORD SizeOfStackCommit;
|
|
DWORD SizeOfHeapReserve;
|
|
DWORD SizeOfHeapCommit;
|
|
DWORD LoaderFlags;
|
|
DWORD NumberOfRvaAndSizes;
|
|
IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
|
|
} IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32;
|
|
|
|
typedef struct _IMAGE_NT_HEADERS {
|
|
DWORD Signature;
|
|
IMAGE_FILE_HEADER FileHeader;
|
|
IMAGE_OPTIONAL_HEADER32 OptionalHeader;
|
|
} IMAGE_NT_HEADERS32, *PIMAGE_NT_HEADERS32;
|
|
typedef IMAGE_NT_HEADERS32 IMAGE_NT_HEADERS;
|
|
typedef PIMAGE_NT_HEADERS32 PIMAGE_NT_HEADERS;
|
|
|
|
#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory
|
|
|
|
typedef struct _IMAGE_EXPORT_DIRECTORY {
|
|
DWORD Characteristics;
|
|
DWORD TimeDateStamp;
|
|
WORD MajorVersion;
|
|
WORD MinorVersion;
|
|
DWORD Name;
|
|
DWORD Base;
|
|
DWORD NumberOfFunctions;
|
|
DWORD NumberOfNames;
|
|
DWORD AddressOfFunctions; // RVA from base of image
|
|
DWORD AddressOfNames; // RVA from base of image
|
|
DWORD AddressOfNameOrdinals; // RVA from base of image
|
|
} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
|
|
#endif
|
|
|
|
NTHALAPI
|
|
VOID
|
|
NTAPI
|
|
HalDisplayString (
|
|
PUCHAR String
|
|
);
|
|
|
|
NTHALAPI
|
|
VOID
|
|
NTAPI
|
|
HalQueryDisplayParameters (
|
|
OUT PULONG WidthInCharacters,
|
|
OUT PULONG HeightInLines,
|
|
OUT PULONG CursorColumn,
|
|
OUT PULONG CursorRow
|
|
);
|
|
|
|
NTHALAPI
|
|
VOID
|
|
NTAPI
|
|
HalSetDisplayParameters (
|
|
IN ULONG CursorColumn,
|
|
IN ULONG CursorRow
|
|
);
|
|
|
|
extern ULONG NtBuildNumber;
|
|
|
|
#endif //__NTDDK_EX__H__
|