mirror of
https://github.com/reactos/reactos.git
synced 2024-11-09 08:08:38 +00:00
c501d8112c
svn path=/branches/aicom-network-fixes/; revision=34994
1451 lines
35 KiB
C
1451 lines
35 KiB
C
/*++ NDK Version: 0098
|
|
|
|
Copyright (c) Alex Ionescu. All rights reserved.
|
|
|
|
Header Name:
|
|
|
|
extypes.h
|
|
|
|
Abstract:
|
|
|
|
Type definitions for the Executive.
|
|
|
|
Author:
|
|
|
|
Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
|
|
|
|
--*/
|
|
|
|
#ifndef _EXTYPES_H
|
|
#define _EXTYPES_H
|
|
|
|
//
|
|
// Dependencies
|
|
//
|
|
#include <umtypes.h>
|
|
#include <cfg.h>
|
|
#if defined(_MSC_VER) && !defined(NTOS_MODE_USER)
|
|
#include <ntimage.h>
|
|
#endif
|
|
#include <cmtypes.h>
|
|
#include <ketypes.h>
|
|
#include <potypes.h>
|
|
#include <lpctypes.h>
|
|
#ifdef NTOS_MODE_USER
|
|
#include <obtypes.h>
|
|
#endif
|
|
|
|
//
|
|
// GCC compatibility
|
|
//
|
|
#if defined(__GNUC__)
|
|
#define __ALIGNED(n) __attribute__((aligned (n)))
|
|
#elif defined(_MSC_VER)
|
|
#define __ALIGNED(n) __declspec(align(n))
|
|
#else
|
|
#error __ALIGNED not defined for your compiler!
|
|
#endif
|
|
|
|
//
|
|
// Atom and Language IDs
|
|
//
|
|
typedef USHORT LANGID, *PLANGID;
|
|
typedef USHORT RTL_ATOM, *PRTL_ATOM;
|
|
|
|
#ifndef NTOS_MODE_USER
|
|
|
|
//
|
|
// Kernel Exported Object Types
|
|
//
|
|
extern POBJECT_TYPE NTSYSAPI ExDesktopObjectType;
|
|
extern POBJECT_TYPE NTSYSAPI ExWindowStationObjectType;
|
|
extern POBJECT_TYPE NTSYSAPI ExIoCompletionType;
|
|
extern POBJECT_TYPE NTSYSAPI ExMutantObjectType;
|
|
extern POBJECT_TYPE NTSYSAPI ExTimerType;
|
|
|
|
//
|
|
// Exported NT Build Number
|
|
//
|
|
extern ULONG NtBuildNumber;
|
|
|
|
//
|
|
// Invalid Handle Value Constant
|
|
//
|
|
#define INVALID_HANDLE_VALUE (HANDLE)-1
|
|
|
|
#endif
|
|
|
|
//
|
|
// Increments
|
|
//
|
|
#define MUTANT_INCREMENT 1
|
|
|
|
//
|
|
// Callback Object Access Mask
|
|
//
|
|
#define CALLBACK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x0001)
|
|
#define CALLBACK_EXECUTE (STANDARD_RIGHTS_EXECUTE|SYNCHRONIZE|0x0001)
|
|
#define CALLBACK_WRITE (STANDARD_RIGHTS_WRITE|SYNCHRONIZE|0x0001)
|
|
#define CALLBACK_READ (STANDARD_RIGHTS_READ|SYNCHRONIZE|0x0001)
|
|
|
|
//
|
|
// Event Object Access Masks
|
|
//
|
|
#ifdef NTOS_MODE_USER
|
|
#define EVENT_QUERY_STATE 0x0001
|
|
|
|
//
|
|
// Semaphore Object Access Masks
|
|
//
|
|
#define SEMAPHORE_QUERY_STATE 0x0001
|
|
#else
|
|
|
|
//
|
|
// Mutant Object Access Masks
|
|
//
|
|
#define MUTANT_QUERY_STATE 0x0001
|
|
#define MUTANT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
|
|
SYNCHRONIZE | \
|
|
MUTANT_QUERY_STATE)
|
|
|
|
#define TIMER_QUERY_STATE 0x0001
|
|
#define TIMER_MODIFY_STATE 0x0002
|
|
#define TIMER_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
|
|
SYNCHRONIZE | \
|
|
TIMER_QUERY_STATE | \
|
|
TIMER_MODIFY_STATE)
|
|
#endif
|
|
|
|
//
|
|
// Event Pair Access Masks
|
|
//
|
|
#define EVENT_PAIR_ALL_ACCESS 0x1F0000L
|
|
|
|
//
|
|
// Profile Object Access Masks
|
|
//
|
|
#define PROFILE_CONTROL 0x0001
|
|
#define PROFILE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | PROFILE_CONTROL)
|
|
|
|
//
|
|
// Maximum Parameters for NtRaiseHardError
|
|
//
|
|
#define MAXIMUM_HARDERROR_PARAMETERS 4
|
|
|
|
//
|
|
// Pushlock bits
|
|
//
|
|
#define EX_PUSH_LOCK_LOCK_V ((ULONG_PTR)0x0)
|
|
#define EX_PUSH_LOCK_LOCK ((ULONG_PTR)0x1)
|
|
#define EX_PUSH_LOCK_WAITING ((ULONG_PTR)0x2)
|
|
#define EX_PUSH_LOCK_WAKING ((ULONG_PTR)0x4)
|
|
#define EX_PUSH_LOCK_MULTIPLE_SHARED ((ULONG_PTR)0x8)
|
|
#define EX_PUSH_LOCK_SHARE_INC ((ULONG_PTR)0x10)
|
|
#define EX_PUSH_LOCK_PTR_BITS ((ULONG_PTR)0xf)
|
|
|
|
//
|
|
// Pushlock Wait Block Flags
|
|
//
|
|
#define EX_PUSH_LOCK_FLAGS_EXCLUSIVE 1
|
|
#define EX_PUSH_LOCK_FLAGS_WAIT_V 1
|
|
#define EX_PUSH_LOCK_FLAGS_WAIT 2
|
|
|
|
//
|
|
// Resource (ERESOURCE) Flags
|
|
//
|
|
#define ResourceHasDisabledPriorityBoost 0x08
|
|
|
|
//
|
|
// Shutdown types for NtShutdownSystem
|
|
//
|
|
typedef enum _SHUTDOWN_ACTION
|
|
{
|
|
ShutdownNoReboot,
|
|
ShutdownReboot,
|
|
ShutdownPowerOff
|
|
} SHUTDOWN_ACTION;
|
|
|
|
//
|
|
// Responses for NtRaiseHardError
|
|
//
|
|
typedef enum _HARDERROR_RESPONSE_OPTION
|
|
{
|
|
OptionAbortRetryIgnore,
|
|
OptionOk,
|
|
OptionOkCancel,
|
|
OptionRetryCancel,
|
|
OptionYesNo,
|
|
OptionYesNoCancel,
|
|
OptionShutdownSystem
|
|
} HARDERROR_RESPONSE_OPTION, *PHARDERROR_RESPONSE_OPTION;
|
|
|
|
typedef enum _HARDERROR_RESPONSE
|
|
{
|
|
ResponseReturnToCaller,
|
|
ResponseNotHandled,
|
|
ResponseAbort,
|
|
ResponseCancel,
|
|
ResponseIgnore,
|
|
ResponseNo,
|
|
ResponseOk,
|
|
ResponseRetry,
|
|
ResponseYes,
|
|
ResponseTryAgain,
|
|
ResponseContinue
|
|
} HARDERROR_RESPONSE, *PHARDERROR_RESPONSE;
|
|
|
|
//
|
|
// System Information Classes for NtQuerySystemInformation
|
|
//
|
|
typedef enum _SYSTEM_INFORMATION_CLASS
|
|
{
|
|
SystemBasicInformation,
|
|
SystemProcessorInformation,
|
|
SystemPerformanceInformation,
|
|
SystemTimeOfDayInformation,
|
|
SystemPathInformation, /// Obsolete: Use KUSER_SHARED_DATA
|
|
SystemProcessInformation,
|
|
SystemCallCountInformation,
|
|
SystemDeviceInformation,
|
|
SystemProcessorPerformanceInformation,
|
|
SystemFlagsInformation,
|
|
SystemCallTimeInformation,
|
|
SystemModuleInformation,
|
|
SystemLocksInformation,
|
|
SystemStackTraceInformation,
|
|
SystemPagedPoolInformation,
|
|
SystemNonPagedPoolInformation,
|
|
SystemHandleInformation,
|
|
SystemObjectInformation,
|
|
SystemPageFileInformation,
|
|
SystemVdmInstemulInformation,
|
|
SystemVdmBopInformation,
|
|
SystemFileCacheInformation,
|
|
SystemPoolTagInformation,
|
|
SystemInterruptInformation,
|
|
SystemDpcBehaviorInformation,
|
|
SystemFullMemoryInformation,
|
|
SystemLoadGdiDriverInformation,
|
|
SystemUnloadGdiDriverInformation,
|
|
SystemTimeAdjustmentInformation,
|
|
SystemSummaryMemoryInformation,
|
|
SystemMirrorMemoryInformation,
|
|
SystemPerformanceTraceInformation,
|
|
SystemObsolete0,
|
|
SystemExceptionInformation,
|
|
SystemCrashDumpStateInformation,
|
|
SystemKernelDebuggerInformation,
|
|
SystemContextSwitchInformation,
|
|
SystemRegistryQuotaInformation,
|
|
SystemExtendServiceTableInformation,
|
|
SystemPrioritySeperation,
|
|
SystemPlugPlayBusInformation,
|
|
SystemDockInformation,
|
|
SystemPowerInformationNative,
|
|
SystemProcessorSpeedInformation,
|
|
SystemCurrentTimeZoneInformation,
|
|
SystemLookasideInformation,
|
|
SystemTimeSlipNotification,
|
|
SystemSessionCreate,
|
|
SystemSessionDetach,
|
|
SystemSessionInformation,
|
|
SystemRangeStartInformation,
|
|
SystemVerifierInformation,
|
|
SystemAddVerifier,
|
|
SystemSessionProcessesInformation,
|
|
SystemLoadGdiDriverInSystemSpaceInformation,
|
|
SystemNumaProcessorMap,
|
|
SystemPrefetcherInformation,
|
|
SystemExtendedProcessInformation,
|
|
SystemRecommendedSharedDataAlignment,
|
|
SystemComPlusPackage,
|
|
SystemNumaAvailableMemory,
|
|
SystemProcessorPowerInformation,
|
|
SystemEmulationBasicInformation,
|
|
SystemEmulationProcessorInformation,
|
|
SystemExtendedHanfleInformation,
|
|
SystemLostDelayedWriteInformation,
|
|
SystemBigPoolInformation,
|
|
SystemSessionPoolTagInformation,
|
|
SystemSessionMappedViewInformation,
|
|
SystemHotpatchInformation,
|
|
SystemObjectSecurityMode,
|
|
SystemWatchDogTimerHandler,
|
|
SystemWatchDogTimerInformation,
|
|
SystemLogicalProcessorInformation,
|
|
SystemWow64SharedInformationObsolete,
|
|
SystemRegisterFirmwareTableInformationHandler,
|
|
SystemFirmwareTableInformation,
|
|
SystemModuleInformationEx,
|
|
SystemVerifierTriageInformation,
|
|
SystemSuperfetchInformation,
|
|
SystemMemoryListInformation,
|
|
SystemFileCacheInformationEx,
|
|
SystemThreadPriorityClientIdInformation,
|
|
SystemProcessorIdleCycleTimeInformation,
|
|
SystemVerifierCancellationInformation,
|
|
SystemProcessorPowerInformationEx,
|
|
SystemRefTraceInformation,
|
|
SystemSpecialPoolInformation,
|
|
SystemProcessIdInformation,
|
|
SystemErrorPortInformation,
|
|
SystemBootEnvironmentInformation,
|
|
SystemHypervisorInformation,
|
|
SystemVerifierInformationEx,
|
|
SystemTimeZoneInformation,
|
|
SystemImageFileExecutionOptionsInformation,
|
|
SystemCoverageInformation,
|
|
SystemPrefetchPathInformation,
|
|
SystemVerifierFaultsInformation,
|
|
MaxSystemInfoClass,
|
|
} SYSTEM_INFORMATION_CLASS;
|
|
|
|
//
|
|
// System Information Classes for NtQueryMutant
|
|
//
|
|
typedef enum _MUTANT_INFORMATION_CLASS
|
|
{
|
|
MutantBasicInformation,
|
|
MutantOwnerInformation
|
|
} MUTANT_INFORMATION_CLASS;
|
|
|
|
//
|
|
// System Information Classes for NtQueryAtom
|
|
//
|
|
typedef enum _ATOM_INFORMATION_CLASS
|
|
{
|
|
AtomBasicInformation,
|
|
AtomTableInformation,
|
|
} ATOM_INFORMATION_CLASS;
|
|
|
|
//
|
|
// System Information Classes for NtQueryTimer
|
|
//
|
|
typedef enum _TIMER_INFORMATION_CLASS
|
|
{
|
|
TimerBasicInformation
|
|
} TIMER_INFORMATION_CLASS;
|
|
|
|
//
|
|
// System Information Classes for NtQuerySemaphore
|
|
//
|
|
typedef enum _SEMAPHORE_INFORMATION_CLASS
|
|
{
|
|
SemaphoreBasicInformation
|
|
} SEMAPHORE_INFORMATION_CLASS;
|
|
|
|
//
|
|
// System Information Classes for NtQueryEvent
|
|
//
|
|
typedef enum _EVENT_INFORMATION_CLASS
|
|
{
|
|
EventBasicInformation
|
|
} EVENT_INFORMATION_CLASS;
|
|
|
|
#ifdef NTOS_MODE_USER
|
|
|
|
//
|
|
// Firmware Table Actions for SystemFirmwareTableInformation
|
|
//
|
|
typedef enum _SYSTEM_FIRMWARE_TABLE_ACTION
|
|
{
|
|
SystemFirmwareTable_Enumerate = 0,
|
|
SystemFirmwareTable_Get = 1,
|
|
} SYSTEM_FIRMWARE_TABLE_ACTION, *PSYSTEM_FIRMWARE_TABLE_ACTION;
|
|
|
|
//
|
|
// Firmware Handler Callback
|
|
//
|
|
struct _SYSTEM_FIRMWARE_TABLE_INFORMATION;
|
|
typedef
|
|
NTSTATUS
|
|
(__cdecl *PFNFTH)(
|
|
IN struct _SYSTEM_FIRMWARE_TABLE_INFORMATION *FirmwareTableInformation
|
|
);
|
|
|
|
#else
|
|
|
|
//
|
|
// Handle Enumeration Callback
|
|
//
|
|
struct _HANDLE_TABLE_ENTRY;
|
|
typedef BOOLEAN
|
|
(NTAPI *PEX_ENUM_HANDLE_CALLBACK)(
|
|
IN struct _HANDLE_TABLE_ENTRY *HandleTableEntry,
|
|
IN HANDLE Handle,
|
|
IN PVOID Context
|
|
);
|
|
|
|
//
|
|
// Executive Work Queue Structures
|
|
//
|
|
typedef struct _EX_QUEUE_WORKER_INFO
|
|
{
|
|
ULONG QueueDisabled:1;
|
|
ULONG MakeThreadsAsNecessary:1;
|
|
ULONG WaitMode:1;
|
|
ULONG WorkerCount:29;
|
|
} EX_QUEUE_WORKER_INFO, *PEX_QUEUE_WORKER_INFO;
|
|
|
|
typedef struct _EX_WORK_QUEUE
|
|
{
|
|
KQUEUE WorkerQueue;
|
|
LONG DynamicThreadCount;
|
|
ULONG WorkItemsProcessed;
|
|
ULONG WorkItemsProcessedLastPass;
|
|
ULONG QueueDepthLastPass;
|
|
EX_QUEUE_WORKER_INFO Info;
|
|
} EX_WORK_QUEUE, *PEX_WORK_QUEUE;
|
|
|
|
//
|
|
// Executive Fast Reference Structure
|
|
//
|
|
typedef struct _EX_FAST_REF
|
|
{
|
|
union
|
|
{
|
|
PVOID Object;
|
|
ULONG_PTR RefCnt:3;
|
|
ULONG_PTR Value;
|
|
};
|
|
} EX_FAST_REF, *PEX_FAST_REF;
|
|
|
|
//
|
|
// Executive Cache-Aware Rundown Reference Descriptor
|
|
//
|
|
typedef struct _EX_RUNDOWN_REF_CACHE_AWARE
|
|
{
|
|
PEX_RUNDOWN_REF RunRefs;
|
|
PVOID PoolToFree;
|
|
ULONG RunRefSize;
|
|
ULONG Number;
|
|
} EX_RUNDOWN_REF_CACHE_AWARE, *PEX_RUNDOWN_REF_CACHE_AWARE;
|
|
|
|
//
|
|
// Executive Rundown Wait Block
|
|
//
|
|
typedef struct _EX_RUNDOWN_WAIT_BLOCK
|
|
{
|
|
ULONG_PTR Count;
|
|
KEVENT WakeEvent;
|
|
} EX_RUNDOWN_WAIT_BLOCK, *PEX_RUNDOWN_WAIT_BLOCK;
|
|
|
|
//
|
|
// Executive Pushlock
|
|
//
|
|
#undef EX_PUSH_LOCK
|
|
#undef PEX_PUSH_LOCK
|
|
typedef struct _EX_PUSH_LOCK
|
|
{
|
|
union
|
|
{
|
|
struct
|
|
{
|
|
ULONG_PTR Locked:1;
|
|
ULONG_PTR Waiting:1;
|
|
ULONG_PTR Waking:1;
|
|
ULONG_PTR MultipleShared:1;
|
|
ULONG_PTR Shared:sizeof (ULONG_PTR) * 8 - 4;
|
|
};
|
|
ULONG_PTR Value;
|
|
PVOID Ptr;
|
|
};
|
|
} EX_PUSH_LOCK, *PEX_PUSH_LOCK;
|
|
|
|
//
|
|
// Executive Pushlock Wait Block
|
|
//
|
|
typedef __ALIGNED(16) struct _EX_PUSH_LOCK_WAIT_BLOCK
|
|
{
|
|
union
|
|
{
|
|
KGATE WakeGate;
|
|
KEVENT WakeEvent;
|
|
};
|
|
struct _EX_PUSH_LOCK_WAIT_BLOCK *Next;
|
|
struct _EX_PUSH_LOCK_WAIT_BLOCK *Last;
|
|
struct _EX_PUSH_LOCK_WAIT_BLOCK *Previous;
|
|
LONG ShareCount;
|
|
LONG Flags;
|
|
#if DBG
|
|
BOOLEAN Signaled;
|
|
EX_PUSH_LOCK NewValue;
|
|
EX_PUSH_LOCK OldValue;
|
|
PEX_PUSH_LOCK PushLock;
|
|
#endif
|
|
} EX_PUSH_LOCK_WAIT_BLOCK, *PEX_PUSH_LOCK_WAIT_BLOCK;
|
|
|
|
//
|
|
// Callback Object
|
|
//
|
|
typedef struct _CALLBACK_OBJECT
|
|
{
|
|
ULONG Signature;
|
|
KSPIN_LOCK Lock;
|
|
LIST_ENTRY RegisteredCallbacks;
|
|
BOOLEAN AllowMultipleCallbacks;
|
|
UCHAR reserved[3];
|
|
} CALLBACK_OBJECT, *PCALLBACK_OBJECT;
|
|
|
|
//
|
|
// Callback Handle
|
|
//
|
|
typedef struct _CALLBACK_REGISTRATION
|
|
{
|
|
LIST_ENTRY Link;
|
|
PCALLBACK_OBJECT CallbackObject;
|
|
PCALLBACK_FUNCTION CallbackFunction;
|
|
PVOID CallbackContext;
|
|
ULONG Busy;
|
|
BOOLEAN UnregisterWaiting;
|
|
} CALLBACK_REGISTRATION, *PCALLBACK_REGISTRATION;
|
|
|
|
//
|
|
// Internal Callback Object
|
|
//
|
|
typedef struct _EX_CALLBACK_ROUTINE_BLOCK
|
|
{
|
|
EX_RUNDOWN_REF RundownProtect;
|
|
PEX_CALLBACK_FUNCTION Function;
|
|
PVOID Context;
|
|
} EX_CALLBACK_ROUTINE_BLOCK, *PEX_CALLBACK_ROUTINE_BLOCK;
|
|
|
|
//
|
|
// Internal Callback Handle
|
|
//
|
|
typedef struct _EX_CALLBACK
|
|
{
|
|
EX_FAST_REF RoutineBlock;
|
|
} EX_CALLBACK, *PEX_CALLBACK;
|
|
|
|
//
|
|
// Profile Object
|
|
//
|
|
typedef struct _EPROFILE
|
|
{
|
|
PEPROCESS Process;
|
|
PVOID RangeBase;
|
|
SIZE_T RangeSize;
|
|
PVOID Buffer;
|
|
ULONG BufferSize;
|
|
ULONG BucketSize;
|
|
PKPROFILE ProfileObject;
|
|
PVOID LockedBufferAddress;
|
|
PMDL Mdl;
|
|
ULONG Segment;
|
|
KPROFILE_SOURCE ProfileSource;
|
|
KAFFINITY Affinity;
|
|
} EPROFILE, *PEPROFILE;
|
|
|
|
//
|
|
// Handle Table Structures
|
|
//
|
|
typedef struct _HANDLE_TRACE_DB_ENTRY
|
|
{
|
|
CLIENT_ID ClientId;
|
|
HANDLE Handle;
|
|
ULONG Type;
|
|
PVOID StackTrace[16];
|
|
} HANDLE_TRACE_DB_ENTRY, *PHANDLE_TRACE_DB_ENTRY;
|
|
|
|
typedef struct _HANDLE_TRACE_DEBUG_INFO
|
|
{
|
|
LONG RefCount;
|
|
ULONG TableSize;
|
|
ULONG BitMaskFlags;
|
|
FAST_MUTEX CloseCompatcionLock;
|
|
ULONG CurrentStackIndex;
|
|
HANDLE_TRACE_DB_ENTRY TraceDb[1];
|
|
} HANDLE_TRACE_DEBUG_INFO, *PHANDLE_TRACE_DEBUG_INFO;
|
|
|
|
typedef struct _HANDLE_TABLE_ENTRY_INFO
|
|
{
|
|
ULONG AuditMask;
|
|
} HANDLE_TABLE_ENTRY_INFO, *PHANDLE_TABLE_ENTRY_INFO;
|
|
|
|
typedef struct _HANDLE_TABLE_ENTRY
|
|
{
|
|
union
|
|
{
|
|
PVOID Object;
|
|
ULONG_PTR ObAttributes;
|
|
PHANDLE_TABLE_ENTRY_INFO InfoTable;
|
|
ULONG_PTR Value;
|
|
};
|
|
union
|
|
{
|
|
ULONG GrantedAccess;
|
|
struct
|
|
{
|
|
USHORT GrantedAccessIndex;
|
|
USHORT CreatorBackTraceIndex;
|
|
};
|
|
LONG NextFreeTableEntry;
|
|
};
|
|
} HANDLE_TABLE_ENTRY, *PHANDLE_TABLE_ENTRY;
|
|
|
|
typedef struct _HANDLE_TABLE
|
|
{
|
|
#if (NTDDI_VERSION >= NTDDI_WINXP)
|
|
ULONG TableCode;
|
|
#else
|
|
PHANDLE_TABLE_ENTRY **Table;
|
|
#endif
|
|
PEPROCESS QuotaProcess;
|
|
PVOID UniqueProcessId;
|
|
#if (NTDDI_VERSION >= NTDDI_WINXP)
|
|
EX_PUSH_LOCK HandleTableLock[4];
|
|
LIST_ENTRY HandleTableList;
|
|
EX_PUSH_LOCK HandleContentionEvent;
|
|
#else
|
|
ERESOURCE HandleLock;
|
|
LIST_ENTRY HandleTableList;
|
|
KEVENT HandleContentionEvent;
|
|
#endif
|
|
PHANDLE_TRACE_DEBUG_INFO DebugInfo;
|
|
LONG ExtraInfoPages;
|
|
#if (NTDDI_VERSION >= NTDDI_LONGHORN)
|
|
union
|
|
{
|
|
ULONG Flags;
|
|
UCHAR StrictFIFO:1;
|
|
};
|
|
LONG FirstFreeHandle;
|
|
PHANDLE_TABLE_ENTRY LastFreeHandleEntry;
|
|
LONG HandleCount;
|
|
ULONG NextHandleNeedingPool;
|
|
#else
|
|
ULONG FirstFree;
|
|
ULONG LastFree;
|
|
ULONG NextHandleNeedingPool;
|
|
LONG HandleCount;
|
|
union
|
|
{
|
|
ULONG Flags;
|
|
UCHAR StrictFIFO:1;
|
|
};
|
|
#endif
|
|
} HANDLE_TABLE, *PHANDLE_TABLE;
|
|
|
|
#endif
|
|
|
|
//
|
|
// Hard Error LPC Message
|
|
//
|
|
typedef struct _HARDERROR_MSG
|
|
{
|
|
PORT_MESSAGE h;
|
|
NTSTATUS Status;
|
|
LARGE_INTEGER ErrorTime;
|
|
ULONG ValidResponseOptions;
|
|
ULONG Response;
|
|
ULONG NumberOfParameters;
|
|
ULONG UnicodeStringParameterMask;
|
|
ULONG Parameters[MAXIMUM_HARDERROR_PARAMETERS];
|
|
} HARDERROR_MSG, *PHARDERROR_MSG;
|
|
|
|
//
|
|
// Information Structures for NtQueryMutant
|
|
//
|
|
typedef struct _MUTANT_BASIC_INFORMATION
|
|
{
|
|
LONG CurrentCount;
|
|
BOOLEAN OwnedByCaller;
|
|
BOOLEAN AbandonedState;
|
|
} MUTANT_BASIC_INFORMATION, *PMUTANT_BASIC_INFORMATION;
|
|
|
|
typedef struct _MUTANT_OWNER_INFORMATION
|
|
{
|
|
CLIENT_ID ClientId;
|
|
} MUTANT_OWNER_INFORMATION, *PMUTANT_OWNER_INFORMATION;
|
|
|
|
//
|
|
// Information Structures for NtQueryAtom
|
|
//
|
|
typedef struct _ATOM_BASIC_INFORMATION
|
|
{
|
|
USHORT UsageCount;
|
|
USHORT Flags;
|
|
USHORT NameLength;
|
|
WCHAR Name[1];
|
|
} ATOM_BASIC_INFORMATION, *PATOM_BASIC_INFORMATION;
|
|
|
|
typedef struct _ATOM_TABLE_INFORMATION
|
|
{
|
|
ULONG NumberOfAtoms;
|
|
USHORT Atoms[1];
|
|
} ATOM_TABLE_INFORMATION, *PATOM_TABLE_INFORMATION;
|
|
|
|
//
|
|
// Information Structures for NtQueryTimer
|
|
//
|
|
typedef struct _TIMER_BASIC_INFORMATION
|
|
{
|
|
LARGE_INTEGER TimeRemaining;
|
|
BOOLEAN SignalState;
|
|
} TIMER_BASIC_INFORMATION, *PTIMER_BASIC_INFORMATION;
|
|
|
|
//
|
|
// Information Structures for NtQuerySemaphore
|
|
//
|
|
typedef struct _SEMAPHORE_BASIC_INFORMATION
|
|
{
|
|
LONG CurrentCount;
|
|
LONG MaximumCount;
|
|
} SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
|
|
|
|
//
|
|
// Information Structures for NtQueryEvent
|
|
//
|
|
typedef struct _EVENT_BASIC_INFORMATION
|
|
{
|
|
EVENT_TYPE EventType;
|
|
LONG EventState;
|
|
} EVENT_BASIC_INFORMATION, *PEVENT_BASIC_INFORMATION;
|
|
|
|
//
|
|
// Information Structures for NtQuerySystemInformation
|
|
//
|
|
typedef struct _SYSTEM_BASIC_INFORMATION
|
|
{
|
|
ULONG Reserved;
|
|
ULONG TimerResolution;
|
|
ULONG PageSize;
|
|
ULONG NumberOfPhysicalPages;
|
|
ULONG LowestPhysicalPageNumber;
|
|
ULONG HighestPhysicalPageNumber;
|
|
ULONG AllocationGranularity;
|
|
ULONG_PTR MinimumUserModeAddress;
|
|
ULONG_PTR MaximumUserModeAddress;
|
|
ULONG_PTR ActiveProcessorsAffinityMask;
|
|
CCHAR NumberOfProcessors;
|
|
} SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
|
|
|
|
// Class 1
|
|
typedef struct _SYSTEM_PROCESSOR_INFORMATION
|
|
{
|
|
USHORT ProcessorArchitecture;
|
|
USHORT ProcessorLevel;
|
|
USHORT ProcessorRevision;
|
|
USHORT Reserved;
|
|
ULONG ProcessorFeatureBits;
|
|
} SYSTEM_PROCESSOR_INFORMATION, *PSYSTEM_PROCESSOR_INFORMATION;
|
|
|
|
// Class 2
|
|
typedef struct _SYSTEM_PERFORMANCE_INFORMATION
|
|
{
|
|
LARGE_INTEGER IdleProcessTime;
|
|
LARGE_INTEGER IoReadTransferCount;
|
|
LARGE_INTEGER IoWriteTransferCount;
|
|
LARGE_INTEGER IoOtherTransferCount;
|
|
ULONG IoReadOperationCount;
|
|
ULONG IoWriteOperationCount;
|
|
ULONG IoOtherOperationCount;
|
|
ULONG AvailablePages;
|
|
ULONG CommittedPages;
|
|
ULONG CommitLimit;
|
|
ULONG PeakCommitment;
|
|
ULONG PageFaultCount;
|
|
ULONG CopyOnWriteCount;
|
|
ULONG TransitionCount;
|
|
ULONG CacheTransitionCount;
|
|
ULONG DemandZeroCount;
|
|
ULONG PageReadCount;
|
|
ULONG PageReadIoCount;
|
|
ULONG CacheReadCount;
|
|
ULONG CacheIoCount;
|
|
ULONG DirtyPagesWriteCount;
|
|
ULONG DirtyWriteIoCount;
|
|
ULONG MappedPagesWriteCount;
|
|
ULONG MappedWriteIoCount;
|
|
ULONG PagedPoolPages;
|
|
ULONG NonPagedPoolPages;
|
|
ULONG PagedPoolAllocs;
|
|
ULONG PagedPoolFrees;
|
|
ULONG NonPagedPoolAllocs;
|
|
ULONG NonPagedPoolFrees;
|
|
ULONG FreeSystemPtes;
|
|
ULONG ResidentSystemCodePage;
|
|
ULONG TotalSystemDriverPages;
|
|
ULONG TotalSystemCodePages;
|
|
ULONG NonPagedPoolLookasideHits;
|
|
ULONG PagedPoolLookasideHits;
|
|
ULONG Spare3Count;
|
|
ULONG ResidentSystemCachePage;
|
|
ULONG ResidentPagedPoolPage;
|
|
ULONG ResidentSystemDriverPage;
|
|
ULONG CcFastReadNoWait;
|
|
ULONG CcFastReadWait;
|
|
ULONG CcFastReadResourceMiss;
|
|
ULONG CcFastReadNotPossible;
|
|
ULONG CcFastMdlReadNoWait;
|
|
ULONG CcFastMdlReadWait;
|
|
ULONG CcFastMdlReadResourceMiss;
|
|
ULONG CcFastMdlReadNotPossible;
|
|
ULONG CcMapDataNoWait;
|
|
ULONG CcMapDataWait;
|
|
ULONG CcMapDataNoWaitMiss;
|
|
ULONG CcMapDataWaitMiss;
|
|
ULONG CcPinMappedDataCount;
|
|
ULONG CcPinReadNoWait;
|
|
ULONG CcPinReadWait;
|
|
ULONG CcPinReadNoWaitMiss;
|
|
ULONG CcPinReadWaitMiss;
|
|
ULONG CcCopyReadNoWait;
|
|
ULONG CcCopyReadWait;
|
|
ULONG CcCopyReadNoWaitMiss;
|
|
ULONG CcCopyReadWaitMiss;
|
|
ULONG CcMdlReadNoWait;
|
|
ULONG CcMdlReadWait;
|
|
ULONG CcMdlReadNoWaitMiss;
|
|
ULONG CcMdlReadWaitMiss;
|
|
ULONG CcReadAheadIos;
|
|
ULONG CcLazyWriteIos;
|
|
ULONG CcLazyWritePages;
|
|
ULONG CcDataFlushes;
|
|
ULONG CcDataPages;
|
|
ULONG ContextSwitches;
|
|
ULONG FirstLevelTbFills;
|
|
ULONG SecondLevelTbFills;
|
|
ULONG SystemCalls;
|
|
} SYSTEM_PERFORMANCE_INFORMATION, *PSYSTEM_PERFORMANCE_INFORMATION;
|
|
|
|
// Class 3
|
|
typedef struct _SYSTEM_TIMEOFDAY_INFORMATION
|
|
{
|
|
LARGE_INTEGER BootTime;
|
|
LARGE_INTEGER CurrentTime;
|
|
LARGE_INTEGER TimeZoneBias;
|
|
ULONG TimeZoneId;
|
|
ULONG Reserved;
|
|
} SYSTEM_TIMEOFDAY_INFORMATION, *PSYSTEM_TIMEOFDAY_INFORMATION;
|
|
|
|
// Class 4
|
|
// This class is obsolete, please use KUSER_SHARED_DATA instead
|
|
|
|
// Class 5
|
|
typedef struct _SYSTEM_THREAD_INFORMATION
|
|
{
|
|
LARGE_INTEGER KernelTime;
|
|
LARGE_INTEGER UserTime;
|
|
LARGE_INTEGER CreateTime;
|
|
ULONG WaitTime;
|
|
PVOID StartAddress;
|
|
CLIENT_ID ClientId;
|
|
KPRIORITY Priority;
|
|
LONG BasePriority;
|
|
ULONG ContextSwitches;
|
|
ULONG ThreadState;
|
|
ULONG WaitReason;
|
|
} SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION;
|
|
|
|
typedef struct _SYSTEM_PROCESS_INFORMATION
|
|
{
|
|
ULONG NextEntryOffset;
|
|
ULONG NumberOfThreads;
|
|
LARGE_INTEGER SpareLi1;
|
|
LARGE_INTEGER SpareLi2;
|
|
LARGE_INTEGER SpareLi3;
|
|
LARGE_INTEGER CreateTime;
|
|
LARGE_INTEGER UserTime;
|
|
LARGE_INTEGER KernelTime;
|
|
UNICODE_STRING ImageName;
|
|
KPRIORITY BasePriority;
|
|
HANDLE UniqueProcessId;
|
|
HANDLE InheritedFromUniqueProcessId;
|
|
ULONG HandleCount;
|
|
ULONG SessionId;
|
|
ULONG_PTR PageDirectoryBase;
|
|
|
|
//
|
|
// This part corresponds to VM_COUNTERS_EX.
|
|
// NOTE: *NOT* THE SAME AS VM_COUNTERS!
|
|
//
|
|
SIZE_T PeakVirtualSize;
|
|
ULONG VirtualSize;
|
|
SIZE_T PageFaultCount;
|
|
SIZE_T PeakWorkingSetSize;
|
|
SIZE_T WorkingSetSize;
|
|
SIZE_T QuotaPeakPagedPoolUsage;
|
|
SIZE_T QuotaPagedPoolUsage;
|
|
SIZE_T QuotaPeakNonPagedPoolUsage;
|
|
SIZE_T QuotaNonPagedPoolUsage;
|
|
SIZE_T PagefileUsage;
|
|
SIZE_T PeakPagefileUsage;
|
|
SIZE_T PrivatePageCount;
|
|
|
|
//
|
|
// This part corresponds to IO_COUNTERS
|
|
//
|
|
LARGE_INTEGER ReadOperationCount;
|
|
LARGE_INTEGER WriteOperationCount;
|
|
LARGE_INTEGER OtherOperationCount;
|
|
LARGE_INTEGER ReadTransferCount;
|
|
LARGE_INTEGER WriteTransferCount;
|
|
LARGE_INTEGER OtherTransferCount;
|
|
|
|
//SYSTEM_THREAD_INFORMATION TH[1];
|
|
} SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;
|
|
|
|
// Class 6
|
|
typedef struct _SYSTEM_CALL_COUNT_INFORMATION
|
|
{
|
|
ULONG Length;
|
|
ULONG NumberOfTables;
|
|
} SYSTEM_CALL_COUNT_INFORMATION, *PSYSTEM_CALL_COUNT_INFORMATION;
|
|
|
|
// Class 7
|
|
typedef struct _SYSTEM_DEVICE_INFORMATION
|
|
{
|
|
ULONG NumberOfDisks;
|
|
ULONG NumberOfFloppies;
|
|
ULONG NumberOfCdRoms;
|
|
ULONG NumberOfTapes;
|
|
ULONG NumberOfSerialPorts;
|
|
ULONG NumberOfParallelPorts;
|
|
} SYSTEM_DEVICE_INFORMATION, *PSYSTEM_DEVICE_INFORMATION;
|
|
|
|
// Class 8
|
|
typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION
|
|
{
|
|
LARGE_INTEGER IdleTime;
|
|
LARGE_INTEGER KernelTime;
|
|
LARGE_INTEGER UserTime;
|
|
LARGE_INTEGER DpcTime;
|
|
LARGE_INTEGER InterruptTime;
|
|
ULONG InterruptCount;
|
|
} SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION, *PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION;
|
|
|
|
// Class 9
|
|
typedef struct _SYSTEM_FLAGS_INFORMATION
|
|
{
|
|
ULONG Flags;
|
|
} SYSTEM_FLAGS_INFORMATION, *PSYSTEM_FLAGS_INFORMATION;
|
|
|
|
// Class 10
|
|
typedef struct _SYSTEM_CALL_TIME_INFORMATION
|
|
{
|
|
ULONG Length;
|
|
ULONG TotalCalls;
|
|
LARGE_INTEGER TimeOfCalls[1];
|
|
} SYSTEM_CALL_TIME_INFORMATION, *PSYSTEM_CALL_TIME_INFORMATION;
|
|
|
|
// Class 11 - See RTL_PROCESS_MODULES
|
|
|
|
// Class 12 - See RTL_PROCESS_LOCKS
|
|
|
|
// Class 13 - See RTL_PROCESS_BACKTRACES
|
|
|
|
// Class 14 - 15
|
|
typedef struct _SYSTEM_POOL_ENTRY
|
|
{
|
|
BOOLEAN Allocated;
|
|
BOOLEAN Spare0;
|
|
USHORT AllocatorBackTraceIndex;
|
|
ULONG Size;
|
|
union
|
|
{
|
|
UCHAR Tag[4];
|
|
ULONG TagUlong;
|
|
PVOID ProcessChargedQuota;
|
|
};
|
|
} SYSTEM_POOL_ENTRY, *PSYSTEM_POOL_ENTRY;
|
|
|
|
typedef struct _SYSTEM_POOL_INFORMATION
|
|
{
|
|
ULONG TotalSize;
|
|
PVOID FirstEntry;
|
|
USHORT EntryOverhead;
|
|
BOOLEAN PoolTagPresent;
|
|
BOOLEAN Spare0;
|
|
ULONG NumberOfEntries;
|
|
SYSTEM_POOL_ENTRY Entries[1];
|
|
} SYSTEM_POOL_INFORMATION, *PSYSTEM_POOL_INFORMATION;
|
|
|
|
// Class 16
|
|
typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO
|
|
{
|
|
USHORT UniqueProcessId;
|
|
USHORT CreatorBackTraceIndex;
|
|
UCHAR ObjectTypeIndex;
|
|
UCHAR HandleAttributes;
|
|
USHORT HandleValue;
|
|
PVOID Object;
|
|
ULONG GrantedAccess;
|
|
} SYSTEM_HANDLE_TABLE_ENTRY_INFO, *PSYSTEM_HANDLE_TABLE_ENTRY_INFO;
|
|
|
|
typedef struct _SYSTEM_HANDLE_INFORMATION
|
|
{
|
|
ULONG NumberOfHandles;
|
|
SYSTEM_HANDLE_TABLE_ENTRY_INFO Handles[1];
|
|
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
|
|
|
|
// Class 17
|
|
typedef struct _SYSTEM_OBJECTTYPE_INFORMATION
|
|
{
|
|
ULONG NextEntryOffset;
|
|
ULONG NumberOfObjects;
|
|
ULONG NumberOfHandles;
|
|
ULONG TypeIndex;
|
|
ULONG InvalidAttributes;
|
|
GENERIC_MAPPING GenericMapping;
|
|
ULONG ValidAccessMask;
|
|
ULONG PoolType;
|
|
BOOLEAN SecurityRequired;
|
|
BOOLEAN WaitableObject;
|
|
UNICODE_STRING TypeName;
|
|
} SYSTEM_OBJECTTYPE_INFORMATION, *PSYSTEM_OBJECTTYPE_INFORMATION;
|
|
|
|
typedef struct _SYSTEM_OBJECT_INFORMATION
|
|
{
|
|
ULONG NextEntryOffset;
|
|
PVOID Object;
|
|
HANDLE CreatorUniqueProcess;
|
|
USHORT CreatorBackTraceIndex;
|
|
USHORT Flags;
|
|
LONG PointerCount;
|
|
LONG HandleCount;
|
|
ULONG PagedPoolCharge;
|
|
ULONG NonPagedPoolCharge;
|
|
HANDLE ExclusiveProcessId;
|
|
PVOID SecurityDescriptor;
|
|
OBJECT_NAME_INFORMATION NameInfo;
|
|
} SYSTEM_OBJECT_INFORMATION, *PSYSTEM_OBJECT_INFORMATION;
|
|
|
|
// Class 18
|
|
typedef struct _SYSTEM_PAGEFILE_INFORMATION
|
|
{
|
|
ULONG NextEntryOffset;
|
|
ULONG TotalSize;
|
|
ULONG TotalInUse;
|
|
ULONG PeakUsage;
|
|
UNICODE_STRING PageFileName;
|
|
} SYSTEM_PAGEFILE_INFORMATION, *PSYSTEM_PAGEFILE_INFORMATION;
|
|
|
|
// Class 19
|
|
typedef struct _SYSTEM_VDM_INSTEMUL_INFO
|
|
{
|
|
ULONG SegmentNotPresent;
|
|
ULONG VdmOpcode0F;
|
|
ULONG OpcodeESPrefix;
|
|
ULONG OpcodeCSPrefix;
|
|
ULONG OpcodeSSPrefix;
|
|
ULONG OpcodeDSPrefix;
|
|
ULONG OpcodeFSPrefix;
|
|
ULONG OpcodeGSPrefix;
|
|
ULONG OpcodeOPER32Prefix;
|
|
ULONG OpcodeADDR32Prefix;
|
|
ULONG OpcodeINSB;
|
|
ULONG OpcodeINSW;
|
|
ULONG OpcodeOUTSB;
|
|
ULONG OpcodeOUTSW;
|
|
ULONG OpcodePUSHF;
|
|
ULONG OpcodePOPF;
|
|
ULONG OpcodeINTnn;
|
|
ULONG OpcodeINTO;
|
|
ULONG OpcodeIRET;
|
|
ULONG OpcodeINBimm;
|
|
ULONG OpcodeINWimm;
|
|
ULONG OpcodeOUTBimm;
|
|
ULONG OpcodeOUTWimm ;
|
|
ULONG OpcodeINB;
|
|
ULONG OpcodeINW;
|
|
ULONG OpcodeOUTB;
|
|
ULONG OpcodeOUTW;
|
|
ULONG OpcodeLOCKPrefix;
|
|
ULONG OpcodeREPNEPrefix;
|
|
ULONG OpcodeREPPrefix;
|
|
ULONG OpcodeHLT;
|
|
ULONG OpcodeCLI;
|
|
ULONG OpcodeSTI;
|
|
ULONG BopCount;
|
|
} SYSTEM_VDM_INSTEMUL_INFO, *PSYSTEM_VDM_INSTEMUL_INFO;
|
|
|
|
// Class 20 - ULONG VDMBOPINFO
|
|
|
|
// Class 21
|
|
typedef struct _SYSTEM_FILECACHE_INFORMATION
|
|
{
|
|
ULONG CurrentSize;
|
|
ULONG PeakSize;
|
|
ULONG PageFaultCount;
|
|
ULONG MinimumWorkingSet;
|
|
ULONG MaximumWorkingSet;
|
|
ULONG CurrentSizeIncludingTransitionInPages;
|
|
ULONG PeakSizeIncludingTransitionInPages;
|
|
ULONG TransitionRePurposeCount;
|
|
ULONG Flags;
|
|
} SYSTEM_FILECACHE_INFORMATION, *PSYSTEM_FILECACHE_INFORMATION;
|
|
|
|
// Class 22
|
|
typedef struct _SYSTEM_POOLTAG
|
|
{
|
|
union
|
|
{
|
|
UCHAR Tag[4];
|
|
ULONG TagUlong;
|
|
};
|
|
ULONG PagedAllocs;
|
|
ULONG PagedFrees;
|
|
ULONG PagedUsed;
|
|
ULONG NonPagedAllocs;
|
|
ULONG NonPagedFrees;
|
|
ULONG NonPagedUsed;
|
|
} SYSTEM_POOLTAG, *PSYSTEM_POOLTAG;
|
|
typedef struct _SYSTEM_POOLTAG_INFORMATION
|
|
{
|
|
ULONG Count;
|
|
SYSTEM_POOLTAG TagInfo[1];
|
|
} SYSTEM_POOLTAG_INFORMATION, *PSYSTEM_POOLTAG_INFORMATION;
|
|
|
|
// Class 23
|
|
typedef struct _SYSTEM_INTERRUPT_INFORMATION
|
|
{
|
|
ULONG ContextSwitches;
|
|
ULONG DpcCount;
|
|
ULONG DpcRate;
|
|
ULONG TimeIncrement;
|
|
ULONG DpcBypassCount;
|
|
ULONG ApcBypassCount;
|
|
} SYSTEM_INTERRUPT_INFORMATION, *PSYSTEM_INTERRUPT_INFORMATION;
|
|
|
|
// Class 24
|
|
typedef struct _SYSTEM_DPC_BEHAVIOR_INFORMATION
|
|
{
|
|
ULONG Spare;
|
|
ULONG DpcQueueDepth;
|
|
ULONG MinimumDpcRate;
|
|
ULONG AdjustDpcThreshold;
|
|
ULONG IdealDpcRate;
|
|
} SYSTEM_DPC_BEHAVIOR_INFORMATION, *PSYSTEM_DPC_BEHAVIOR_INFORMATION;
|
|
|
|
// Class 25
|
|
typedef struct _SYSTEM_MEMORY_INFO
|
|
{
|
|
PUCHAR StringOffset;
|
|
USHORT ValidCount;
|
|
USHORT TransitionCount;
|
|
USHORT ModifiedCount;
|
|
USHORT PageTableCount;
|
|
} SYSTEM_MEMORY_INFO, *PSYSTEM_MEMORY_INFO;
|
|
|
|
typedef struct _SYSTEM_MEMORY_INFORMATION
|
|
{
|
|
ULONG InfoSize;
|
|
ULONG StringStart;
|
|
SYSTEM_MEMORY_INFO Memory[1];
|
|
} SYSTEM_MEMORY_INFORMATION, *PSYSTEM_MEMORY_INFORMATION;
|
|
|
|
// Class 26
|
|
typedef struct _SYSTEM_GDI_DRIVER_INFORMATION
|
|
{
|
|
UNICODE_STRING DriverName;
|
|
PVOID ImageAddress;
|
|
PVOID SectionPointer;
|
|
PVOID EntryPoint;
|
|
PIMAGE_EXPORT_DIRECTORY ExportSectionPointer;
|
|
ULONG ImageLength;
|
|
} SYSTEM_GDI_DRIVER_INFORMATION, *PSYSTEM_GDI_DRIVER_INFORMATION;
|
|
|
|
// Class 27
|
|
// Not an actually class, simply a PVOID to the ImageAddress
|
|
|
|
// Class 28
|
|
typedef struct _SYSTEM_QUERY_TIME_ADJUST_INFORMATION
|
|
{
|
|
ULONG TimeAdjustment;
|
|
ULONG TimeIncrement;
|
|
BOOLEAN Enable;
|
|
} SYSTEM_QUERY_TIME_ADJUST_INFORMATION, *PSYSTEM_QUERY_TIME_ADJUST_INFORMATION;
|
|
|
|
typedef struct _SYSTEM_SET_TIME_ADJUST_INFORMATION
|
|
{
|
|
ULONG TimeAdjustment;
|
|
BOOLEAN Enable;
|
|
} SYSTEM_SET_TIME_ADJUST_INFORMATION, *PSYSTEM_SET_TIME_ADJUST_INFORMATION;
|
|
|
|
// Class 29 - Same as 25
|
|
|
|
// FIXME: Class 30
|
|
|
|
// Class 31
|
|
typedef struct _SYSTEM_REF_TRACE_INFORMATION
|
|
{
|
|
UCHAR TraceEnable;
|
|
UCHAR TracePermanent;
|
|
UNICODE_STRING TraceProcessName;
|
|
UNICODE_STRING TracePoolTags;
|
|
} SYSTEM_REF_TRACE_INFORMATION, *PSYSTEM_REF_TRACE_INFORMATION;
|
|
|
|
// Class 32 - OBSOLETE
|
|
|
|
// Class 33
|
|
typedef struct _SYSTEM_EXCEPTION_INFORMATION
|
|
{
|
|
ULONG AlignmentFixupCount;
|
|
ULONG ExceptionDispatchCount;
|
|
ULONG FloatingEmulationCount;
|
|
ULONG ByteWordEmulationCount;
|
|
} SYSTEM_EXCEPTION_INFORMATION, *PSYSTEM_EXCEPTION_INFORMATION;
|
|
|
|
// Class 34
|
|
typedef struct _SYSTEM_CRASH_STATE_INFORMATION
|
|
{
|
|
ULONG ValidCrashDump;
|
|
} SYSTEM_CRASH_STATE_INFORMATION, *PSYSTEM_CRASH_STATE_INFORMATION;
|
|
|
|
// Class 35
|
|
typedef struct _SYSTEM_KERNEL_DEBUGGER_INFORMATION
|
|
{
|
|
BOOLEAN KernelDebuggerEnabled;
|
|
BOOLEAN KernelDebuggerNotPresent;
|
|
} SYSTEM_KERNEL_DEBUGGER_INFORMATION, *PSYSTEM_KERNEL_DEBUGGER_INFORMATION;
|
|
|
|
// Class 36
|
|
typedef struct _SYSTEM_CONTEXT_SWITCH_INFORMATION
|
|
{
|
|
ULONG ContextSwitches;
|
|
ULONG FindAny;
|
|
ULONG FindLast;
|
|
ULONG FindIdeal;
|
|
ULONG IdleAny;
|
|
ULONG IdleCurrent;
|
|
ULONG IdleLast;
|
|
ULONG IdleIdeal;
|
|
ULONG PreemptAny;
|
|
ULONG PreemptCurrent;
|
|
ULONG PreemptLast;
|
|
ULONG SwitchToIdle;
|
|
} SYSTEM_CONTEXT_SWITCH_INFORMATION, *PSYSTEM_CONTEXT_SWITCH_INFORMATION;
|
|
|
|
// Class 37
|
|
typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION
|
|
{
|
|
ULONG RegistryQuotaAllowed;
|
|
ULONG RegistryQuotaUsed;
|
|
ULONG PagedPoolSize;
|
|
} SYSTEM_REGISTRY_QUOTA_INFORMATION, *PSYSTEM_REGISTRY_QUOTA_INFORMATION;
|
|
|
|
// Class 38
|
|
// Not a structure, simply send the UNICODE_STRING
|
|
|
|
// Class 39
|
|
// Not a structure, simply send a ULONG containing the new separation
|
|
|
|
// Class 40
|
|
typedef struct _SYSTEM_PLUGPLAY_BUS_INFORMATION
|
|
{
|
|
ULONG BusCount;
|
|
PLUGPLAY_BUS_INSTANCE BusInstance[1];
|
|
} SYSTEM_PLUGPLAY_BUS_INFORMATION, *PSYSTEM_PLUGPLAY_BUS_INFORMATION;
|
|
|
|
// Class 41
|
|
typedef struct _SYSTEM_DOCK_INFORMATION
|
|
{
|
|
SYSTEM_DOCK_STATE DockState;
|
|
INTERFACE_TYPE DeviceBusType;
|
|
ULONG DeviceBusNumber;
|
|
ULONG SlotNumber;
|
|
} SYSTEM_DOCK_INFORMATION, *PSYSTEM_DOCK_INFORMATION;
|
|
|
|
// Class 42
|
|
typedef struct _SYSTEM_POWER_INFORMATION_NATIVE
|
|
{
|
|
BOOLEAN SystemSuspendSupported;
|
|
BOOLEAN SystemHibernateSupported;
|
|
BOOLEAN ResumeTimerSupportsSuspend;
|
|
BOOLEAN ResumeTimerSupportsHibernate;
|
|
BOOLEAN LidSupported;
|
|
BOOLEAN TurboSettingSupported;
|
|
BOOLEAN TurboMode;
|
|
BOOLEAN SystemAcOrDc;
|
|
BOOLEAN PowerDownDisabled;
|
|
LARGE_INTEGER SpindownDrives;
|
|
} SYSTEM_POWER_INFORMATION_NATIVE, *PSYSTEM_POWER_INFORMATION_NATIVE;
|
|
|
|
// Class 43
|
|
typedef struct _SYSTEM_LEGACY_DRIVER_INFORMATION
|
|
{
|
|
PNP_VETO_TYPE VetoType;
|
|
UNICODE_STRING VetoDriver;
|
|
// CHAR Buffer[0];
|
|
} SYSTEM_LEGACY_DRIVER_INFORMATION, *PSYSTEM_LEGACY_DRIVER_INFORMATION;
|
|
|
|
// Class 44
|
|
//typedef struct _TIME_ZONE_INFORMATION RTL_TIME_ZONE_INFORMATION;
|
|
|
|
// Class 45
|
|
typedef struct _SYSTEM_LOOKASIDE_INFORMATION
|
|
{
|
|
USHORT CurrentDepth;
|
|
USHORT MaximumDepth;
|
|
ULONG TotalAllocates;
|
|
ULONG AllocateMisses;
|
|
ULONG TotalFrees;
|
|
ULONG FreeMisses;
|
|
ULONG Type;
|
|
ULONG Tag;
|
|
ULONG Size;
|
|
} SYSTEM_LOOKASIDE_INFORMATION, *PSYSTEM_LOOKASIDE_INFORMATION;
|
|
|
|
// Class 46
|
|
// Not a structure. Only a HANDLE for the SlipEvent;
|
|
|
|
// Class 47
|
|
// Not a structure. Only a ULONG for the SessionId;
|
|
|
|
// Class 48
|
|
// Not a structure. Only a ULONG for the SessionId;
|
|
|
|
// FIXME: Class 49
|
|
|
|
// Class 50
|
|
// Not a structure. Only a ULONG_PTR for the SystemRangeStart
|
|
|
|
// Class 51
|
|
typedef struct _SYSTEM_VERIFIER_INFORMATION
|
|
{
|
|
ULONG NextEntryOffset;
|
|
ULONG Level;
|
|
UNICODE_STRING DriverName;
|
|
ULONG RaiseIrqls;
|
|
ULONG AcquireSpinLocks;
|
|
ULONG SynchronizeExecutions;
|
|
ULONG AllocationsAttempted;
|
|
ULONG AllocationsSucceeded;
|
|
ULONG AllocationsSucceededSpecialPool;
|
|
ULONG AllocationsWithNoTag;
|
|
ULONG TrimRequests;
|
|
ULONG Trims;
|
|
ULONG AllocationsFailed;
|
|
ULONG AllocationsFailedDeliberately;
|
|
ULONG Loads;
|
|
ULONG Unloads;
|
|
ULONG UnTrackedPool;
|
|
ULONG CurrentPagedPoolAllocations;
|
|
ULONG CurrentNonPagedPoolAllocations;
|
|
ULONG PeakPagedPoolAllocations;
|
|
ULONG PeakNonPagedPoolAllocations;
|
|
ULONG PagedPoolUsageInBytes;
|
|
ULONG NonPagedPoolUsageInBytes;
|
|
ULONG PeakPagedPoolUsageInBytes;
|
|
ULONG PeakNonPagedPoolUsageInBytes;
|
|
} SYSTEM_VERIFIER_INFORMATION, *PSYSTEM_VERIFIER_INFORMATION;
|
|
|
|
// FIXME: Class 52
|
|
|
|
// Class 53
|
|
typedef struct _SYSTEM_SESSION_PROCESS_INFORMATION
|
|
{
|
|
ULONG SessionId;
|
|
ULONG SizeOfBuf;
|
|
PVOID Buffer; // Same format as in SystemProcessInformation
|
|
} SYSTEM_SESSION_PROCESS_INFORMATION, *PSYSTEM_SESSION_PROCESS_INFORMATION;
|
|
|
|
// FIXME: Class 54-97
|
|
|
|
//
|
|
// Hotpatch flags
|
|
//
|
|
#define RTL_HOTPATCH_SUPPORTED_FLAG 0x01
|
|
#define RTL_HOTPATCH_SWAP_OBJECT_NAMES 0x08 << 24
|
|
#define RTL_HOTPATCH_SYNC_RENAME_FILES 0x10 << 24
|
|
#define RTL_HOTPATCH_PATCH_USER_MODE 0x20 << 24
|
|
#define RTL_HOTPATCH_REMAP_SYSTEM_DLL 0x40 << 24
|
|
#define RTL_HOTPATCH_PATCH_KERNEL_MODE 0x80 << 24
|
|
|
|
|
|
// Class 69
|
|
typedef struct _SYSTEM_HOTPATCH_CODE_INFORMATION
|
|
{
|
|
ULONG Flags;
|
|
ULONG InfoSize;
|
|
union
|
|
{
|
|
struct
|
|
{
|
|
ULONG Foo;
|
|
} CodeInfo;
|
|
struct
|
|
{
|
|
USHORT NameOffset;
|
|
USHORT NameLength;
|
|
} KernelInfo;
|
|
struct
|
|
{
|
|
USHORT NameOffset;
|
|
USHORT NameLength;
|
|
USHORT TargetNameOffset;
|
|
USHORT TargetNameLength;
|
|
UCHAR PatchingFinished;
|
|
} UserModeInfo;
|
|
struct
|
|
{
|
|
USHORT NameOffset;
|
|
USHORT NameLength;
|
|
USHORT TargetNameOffset;
|
|
USHORT TargetNameLength;
|
|
UCHAR PatchingFinished;
|
|
NTSTATUS ReturnCode;
|
|
HANDLE TargetProcess;
|
|
} InjectionInfo;
|
|
struct
|
|
{
|
|
HANDLE FileHandle1;
|
|
PIO_STATUS_BLOCK IoStatusBlock1;
|
|
PVOID RenameInformation1;
|
|
PVOID RenameInformationLength1;
|
|
HANDLE FileHandle2;
|
|
PIO_STATUS_BLOCK IoStatusBlock2;
|
|
PVOID RenameInformation2;
|
|
PVOID RenameInformationLength2;
|
|
} RenameInfo;
|
|
struct
|
|
{
|
|
HANDLE ParentDirectory;
|
|
HANDLE ObjectHandle1;
|
|
HANDLE ObjectHandle2;
|
|
} AtomicSwap;
|
|
};
|
|
} SYSTEM_HOTPATCH_CODE_INFORMATION, *PSYSTEM_HOTPATCH_CODE_INFORMATION;
|
|
|
|
//
|
|
// Class 75
|
|
//
|
|
#ifdef NTOS_MODE_USER
|
|
typedef struct _SYSTEM_FIRMWARE_TABLE_HANDLER
|
|
{
|
|
ULONG ProviderSignature;
|
|
BOOLEAN Register;
|
|
PFNFTH FirmwareTableHandler;
|
|
PVOID DriverObject;
|
|
} SYSTEM_FIRMWARE_TABLE_HANDLER, *PSYSTEM_FIRMWARE_TABLE_HANDLER;
|
|
|
|
//
|
|
// Class 76
|
|
//
|
|
typedef struct _SYSTEM_FIRMWARE_TABLE_INFORMATION
|
|
{
|
|
ULONG ProviderSignature;
|
|
SYSTEM_FIRMWARE_TABLE_ACTION Action;
|
|
ULONG TableID;
|
|
ULONG TableBufferLength;
|
|
UCHAR TableBuffer[1];
|
|
} SYSTEM_FIRMWARE_TABLE_INFORMATION, *PSYSTEM_FIRMWARE_TABLE_INFORMATION;
|
|
|
|
//
|
|
// Class 81
|
|
//
|
|
typedef struct _SYSTEM_MEMORY_LIST_INFORMATION
|
|
{
|
|
SIZE_T ZeroPageCount;
|
|
SIZE_T FreePageCount;
|
|
SIZE_T ModifiedPageCount;
|
|
SIZE_T ModifiedNoWritePageCount;
|
|
SIZE_T BadPageCount;
|
|
SIZE_T PageCountByPriority[8];
|
|
SIZE_T RepurposedPagesByPriority[8];
|
|
} SYSTEM_MEMORY_LIST_INFORMATION, *PSYSTEM_MEMORY_LIST_INFORMATION;
|
|
|
|
#endif
|
|
#endif
|