ViewVC Help
View File | Revision Log | View Changeset | Root Listing
root/Oni2/Daodan/MinGW/include/ddk/ntapi.h
Revision: 1046
Committed: Mon Aug 29 13:19:38 2016 UTC (9 years, 2 months ago) by alloc
Content type: text/x-chdr
File size: 92846 byte(s)
Log Message: 
Daodan: Added Windows MinGW and build batch file

File Contents

# Content
1 /*
2 * ntapi.h
3 *
4 * Windows NT Native API
5 *
6 * Most structures in this file is obtained from Windows NT/2000 Native API
7 * Reference by Gary Nebbett, ISBN 1578701996.
8 *
9 * This file is part of the w32api package.
10 *
11 * Contributors:
12 * Created by Casper S. Hornstrup <chorns@users.sourceforge.net>
13 *
14 * THIS SOFTWARE IS NOT COPYRIGHTED
15 *
16 * This source code is offered for use in the public domain. You may
17 * use, modify or distribute it freely.
18 *
19 * This code is distributed in the hope that it will be useful but
20 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
21 * DISCLAIMED. This includes but is not limited to warranties of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
23 *
24 */
25
26 #ifndef __NTAPI_H
27 #define __NTAPI_H
28
29 #if __GNUC__ >= 3
30 #pragma GCC system_header
31 #endif
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #include <stdarg.h>
38 #include <winbase.h>
39 #include "ntddk.h"
40 #include "ntpoapi.h"
41
42 #pragma pack(push,4)
43
44 typedef struct _PEB *PPEB;
45
46 /* FIXME: Unknown definitions */
47 typedef PVOID POBJECT_TYPE_LIST;
48 typedef PVOID PEXECUTION_STATE;
49 typedef PVOID PLANGID;
50
51 #ifndef NtCurrentProcess
52 #define NtCurrentProcess() ((HANDLE)0xFFFFFFFF)
53 #endif /* NtCurrentProcess */
54 #ifndef NtCurrentThread
55 #define NtCurrentThread() ((HANDLE)0xFFFFFFFE)
56 #endif /* NtCurrentThread */
57
58 /* System information and control */
59
60 typedef enum _SYSTEM_INFORMATION_CLASS {
61 SystemInformationClassMin = 0,
62 SystemBasicInformation = 0,
63 SystemProcessorInformation = 1,
64 SystemPerformanceInformation = 2,
65 SystemTimeOfDayInformation = 3,
66 SystemPathInformation = 4,
67 SystemNotImplemented1 = 4,
68 SystemProcessInformation = 5,
69 SystemProcessesAndThreadsInformation = 5,
70 SystemCallCountInfoInformation = 6,
71 SystemCallCounts = 6,
72 SystemDeviceInformation = 7,
73 SystemConfigurationInformation = 7,
74 SystemProcessorPerformanceInformation = 8,
75 SystemProcessorTimes = 8,
76 SystemFlagsInformation = 9,
77 SystemGlobalFlag = 9,
78 SystemCallTimeInformation = 10,
79 SystemNotImplemented2 = 10,
80 SystemModuleInformation = 11,
81 SystemLocksInformation = 12,
82 SystemLockInformation = 12,
83 SystemStackTraceInformation = 13,
84 SystemNotImplemented3 = 13,
85 SystemPagedPoolInformation = 14,
86 SystemNotImplemented4 = 14,
87 SystemNonPagedPoolInformation = 15,
88 SystemNotImplemented5 = 15,
89 SystemHandleInformation = 16,
90 SystemObjectInformation = 17,
91 SystemPageFileInformation = 18,
92 SystemPagefileInformation = 18,
93 SystemVdmInstemulInformation = 19,
94 SystemInstructionEmulationCounts = 19,
95 SystemVdmBopInformation = 20,
96 SystemInvalidInfoClass1 = 20,
97 SystemFileCacheInformation = 21,
98 SystemCacheInformation = 21,
99 SystemPoolTagInformation = 22,
100 SystemInterruptInformation = 23,
101 SystemProcessorStatistics = 23,
102 SystemDpcBehaviourInformation = 24,
103 SystemDpcInformation = 24,
104 SystemFullMemoryInformation = 25,
105 SystemNotImplemented6 = 25,
106 SystemLoadImage = 26,
107 SystemUnloadImage = 27,
108 SystemTimeAdjustmentInformation = 28,
109 SystemTimeAdjustment = 28,
110 SystemSummaryMemoryInformation = 29,
111 SystemNotImplemented7 = 29,
112 SystemNextEventIdInformation = 30,
113 SystemNotImplemented8 = 30,
114 SystemEventIdsInformation = 31,
115 SystemNotImplemented9 = 31,
116 SystemCrashDumpInformation = 32,
117 SystemExceptionInformation = 33,
118 SystemCrashDumpStateInformation = 34,
119 SystemKernelDebuggerInformation = 35,
120 SystemContextSwitchInformation = 36,
121 SystemRegistryQuotaInformation = 37,
122 SystemLoadAndCallImage = 38,
123 SystemPrioritySeparation = 39,
124 SystemPlugPlayBusInformation = 40,
125 SystemNotImplemented10 = 40,
126 SystemDockInformation = 41,
127 SystemNotImplemented11 = 41,
128 /* SystemPowerInformation = 42, Conflicts with POWER_INFORMATION_LEVEL 1 */
129 SystemInvalidInfoClass2 = 42,
130 SystemProcessorSpeedInformation = 43,
131 SystemInvalidInfoClass3 = 43,
132 SystemCurrentTimeZoneInformation = 44,
133 SystemTimeZoneInformation = 44,
134 SystemLookasideInformation = 45,
135 SystemSetTimeSlipEvent = 46,
136 SystemCreateSession = 47,
137 SystemDeleteSession = 48,
138 SystemInvalidInfoClass4 = 49,
139 SystemRangeStartInformation = 50,
140 SystemVerifierInformation = 51,
141 SystemAddVerifier = 52,
142 SystemSessionProcessesInformation = 53,
143 SystemInformationClassMax
144 } SYSTEM_INFORMATION_CLASS;
145
146 typedef struct _SYSTEM_BASIC_INFORMATION {
147 ULONG Unknown;
148 ULONG MaximumIncrement;
149 ULONG PhysicalPageSize;
150 ULONG NumberOfPhysicalPages;
151 ULONG LowestPhysicalPage;
152 ULONG HighestPhysicalPage;
153 ULONG AllocationGranularity;
154 ULONG LowestUserAddress;
155 ULONG HighestUserAddress;
156 ULONG ActiveProcessors;
157 UCHAR NumberProcessors;
158 } SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
159
160 typedef struct _SYSTEM_PROCESSOR_INFORMATION {
161 USHORT ProcessorArchitecture;
162 USHORT ProcessorLevel;
163 USHORT ProcessorRevision;
164 USHORT Unknown;
165 ULONG FeatureBits;
166 } SYSTEM_PROCESSOR_INFORMATION, *PSYSTEM_PROCESSOR_INFORMATION;
167
168 typedef struct _SYSTEM_PERFORMANCE_INFORMATION {
169 LARGE_INTEGER IdleTime;
170 LARGE_INTEGER ReadTransferCount;
171 LARGE_INTEGER WriteTransferCount;
172 LARGE_INTEGER OtherTransferCount;
173 ULONG ReadOperationCount;
174 ULONG WriteOperationCount;
175 ULONG OtherOperationCount;
176 ULONG AvailablePages;
177 ULONG TotalCommittedPages;
178 ULONG TotalCommitLimit;
179 ULONG PeakCommitment;
180 ULONG PageFaults;
181 ULONG WriteCopyFaults;
182 ULONG TransitionFaults;
183 ULONG CacheTransitionFaults;
184 ULONG DemandZeroFaults;
185 ULONG PagesRead;
186 ULONG PageReadIos;
187 ULONG CacheReads;
188 ULONG CacheIos;
189 ULONG PagefilePagesWritten;
190 ULONG PagefilePageWriteIos;
191 ULONG MappedFilePagesWritten;
192 ULONG MappedFilePageWriteIos;
193 ULONG PagedPoolUsage;
194 ULONG NonPagedPoolUsage;
195 ULONG PagedPoolAllocs;
196 ULONG PagedPoolFrees;
197 ULONG NonPagedPoolAllocs;
198 ULONG NonPagedPoolFrees;
199 ULONG TotalFreeSystemPtes;
200 ULONG SystemCodePage;
201 ULONG TotalSystemDriverPages;
202 ULONG TotalSystemCodePages;
203 ULONG SmallNonPagedLookasideListAllocateHits;
204 ULONG SmallPagedLookasideListAllocateHits;
205 ULONG Reserved3;
206 ULONG MmSystemCachePage;
207 ULONG PagedPoolPage;
208 ULONG SystemDriverPage;
209 ULONG FastReadNoWait;
210 ULONG FastReadWait;
211 ULONG FastReadResourceMiss;
212 ULONG FastReadNotPossible;
213 ULONG FastMdlReadNoWait;
214 ULONG FastMdlReadWait;
215 ULONG FastMdlReadResourceMiss;
216 ULONG FastMdlReadNotPossible;
217 ULONG MapDataNoWait;
218 ULONG MapDataWait;
219 ULONG MapDataNoWaitMiss;
220 ULONG MapDataWaitMiss;
221 ULONG PinMappedDataCount;
222 ULONG PinReadNoWait;
223 ULONG PinReadWait;
224 ULONG PinReadNoWaitMiss;
225 ULONG PinReadWaitMiss;
226 ULONG CopyReadNoWait;
227 ULONG CopyReadWait;
228 ULONG CopyReadNoWaitMiss;
229 ULONG CopyReadWaitMiss;
230 ULONG MdlReadNoWait;
231 ULONG MdlReadWait;
232 ULONG MdlReadNoWaitMiss;
233 ULONG MdlReadWaitMiss;
234 ULONG ReadAheadIos;
235 ULONG LazyWriteIos;
236 ULONG LazyWritePages;
237 ULONG DataFlushes;
238 ULONG DataPages;
239 ULONG ContextSwitches;
240 ULONG FirstLevelTbFills;
241 ULONG SecondLevelTbFills;
242 ULONG SystemCalls;
243 } SYSTEM_PERFORMANCE_INFORMATION, *PSYSTEM_PERFORMANCE_INFORMATION;
244
245 typedef struct _SYSTEM_TIME_OF_DAY_INFORMATION {
246 LARGE_INTEGER BootTime;
247 LARGE_INTEGER CurrentTime;
248 LARGE_INTEGER TimeZoneBias;
249 ULONG CurrentTimeZoneId;
250 } SYSTEM_TIME_OF_DAY_INFORMATION, *PSYSTEM_TIME_OF_DAY_INFORMATION;
251
252 typedef struct _VM_COUNTERS {
253 ULONG PeakVirtualSize;
254 ULONG VirtualSize;
255 ULONG PageFaultCount;
256 ULONG PeakWorkingSetSize;
257 ULONG WorkingSetSize;
258 ULONG QuotaPeakPagedPoolUsage;
259 ULONG QuotaPagedPoolUsage;
260 ULONG QuotaPeakNonPagedPoolUsage;
261 ULONG QuotaNonPagedPoolUsage;
262 ULONG PagefileUsage;
263 ULONG PeakPagefileUsage;
264 } VM_COUNTERS;
265
266 typedef enum _THREAD_STATE {
267 StateInitialized,
268 StateReady,
269 StateRunning,
270 StateStandby,
271 StateTerminated,
272 StateWait,
273 StateTransition,
274 StateUnknown
275 } THREAD_STATE;
276
277 typedef struct _SYSTEM_THREADS {
278 LARGE_INTEGER KernelTime;
279 LARGE_INTEGER UserTime;
280 LARGE_INTEGER CreateTime;
281 ULONG WaitTime;
282 PVOID StartAddress;
283 CLIENT_ID ClientId;
284 KPRIORITY Priority;
285 KPRIORITY BasePriority;
286 ULONG ContextSwitchCount;
287 THREAD_STATE State;
288 KWAIT_REASON WaitReason;
289 } SYSTEM_THREADS, *PSYSTEM_THREADS;
290
291 typedef struct _SYSTEM_PROCESSES {
292 ULONG NextEntryDelta;
293 ULONG ThreadCount;
294 ULONG Reserved1[6];
295 LARGE_INTEGER CreateTime;
296 LARGE_INTEGER UserTime;
297 LARGE_INTEGER KernelTime;
298 UNICODE_STRING ProcessName;
299 KPRIORITY BasePriority;
300 ULONG ProcessId;
301 ULONG InheritedFromProcessId;
302 ULONG HandleCount;
303 ULONG Reserved2[2];
304 VM_COUNTERS VmCounters;
305 IO_COUNTERS IoCounters;
306 SYSTEM_THREADS Threads[1];
307 } SYSTEM_PROCESSES, *PSYSTEM_PROCESSES;
308
309 typedef struct _SYSTEM_CALLS_INFORMATION {
310 ULONG Size;
311 ULONG NumberOfDescriptorTables;
312 ULONG NumberOfRoutinesInTable[1];
313 ULONG CallCounts[ANYSIZE_ARRAY];
314 } SYSTEM_CALLS_INFORMATION, *PSYSTEM_CALLS_INFORMATION;
315
316 typedef struct _SYSTEM_CONFIGURATION_INFORMATION {
317 ULONG DiskCount;
318 ULONG FloppyCount;
319 ULONG CdRomCount;
320 ULONG TapeCount;
321 ULONG SerialCount;
322 ULONG ParallelCount;
323 } SYSTEM_CONFIGURATION_INFORMATION, *PSYSTEM_CONFIGURATION_INFORMATION;
324
325 typedef struct _SYSTEM_PROCESSOR_TIMES {
326 LARGE_INTEGER IdleTime;
327 LARGE_INTEGER KernelTime;
328 LARGE_INTEGER UserTime;
329 LARGE_INTEGER DpcTime;
330 LARGE_INTEGER InterruptTime;
331 ULONG InterruptCount;
332 } SYSTEM_PROCESSOR_TIMES, *PSYSTEM_PROCESSOR_TIMES;
333
334 /* SYSTEM_GLOBAL_FLAG.GlobalFlag constants */
335 #define FLG_STOP_ON_EXCEPTION 0x00000001
336 #define FLG_SHOW_LDR_SNAPS 0x00000002
337 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004
338 #define FLG_STOP_ON_HUNG_GUI 0x00000008
339 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
340 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
341 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
342 #define FLG_HEAP_VALIDATE_ALL 0x00000080
343 #define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
344 #define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
345 #define FLG_POOL_ENABLE_TAGGING 0x00000400
346 #define FLG_HEAP_ENABLE_TAGGING 0x00000800
347 #define FLG_USER_STACK_TRACE_DB 0x00001000
348 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000
349 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
350 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
351 #define FLG_IGNORE_DEBUG_PRIV 0x00010000
352 #define FLG_ENABLE_CSRDEBUG 0x00020000
353 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
354 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
355 #define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
356 #define FLG_HEAP_DISABLE_COALESCING 0x00200000
357 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
358 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
359 #define FLG_ENABLE_DBGPRINT_BUFFERING 0x08000000
360
361 typedef struct _SYSTEM_GLOBAL_FLAG {
362 ULONG GlobalFlag;
363 } SYSTEM_GLOBAL_FLAG, *PSYSTEM_GLOBAL_FLAG;
364
365 typedef struct _SYSTEM_MODULE_INFORMATION_ENTRY {
366 ULONG Unknown1;
367 ULONG Unknown2;
368 PVOID Base;
369 ULONG Size;
370 ULONG Flags;
371 USHORT Index;
372 /* Length of module name not including the path, this
373 field contains valid value only for NTOSKRNL module */
374 USHORT NameLength;
375 USHORT LoadCount;
376 USHORT PathLength;
377 CHAR ImageName[256];
378 } SYSTEM_MODULE_INFORMATION_ENTRY, *PSYSTEM_MODULE_INFORMATION_ENTRY;
379
380 typedef struct _SYSTEM_MODULE_INFORMATION {
381 ULONG Count;
382 SYSTEM_MODULE_INFORMATION_ENTRY Module[1];
383 } SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
384
385 typedef struct _SYSTEM_LOCK_INFORMATION {
386 PVOID Address;
387 USHORT Type;
388 USHORT Reserved1;
389 ULONG ExclusiveOwnerThreadId;
390 ULONG ActiveCount;
391 ULONG ContentionCount;
392 ULONG Reserved2[2];
393 ULONG NumberOfSharedWaiters;
394 ULONG NumberOfExclusiveWaiters;
395 } SYSTEM_LOCK_INFORMATION, *PSYSTEM_LOCK_INFORMATION;
396
397 /*SYSTEM_HANDLE_INFORMATION.Flags cosntants */
398 #define PROTECT_FROM_CLOSE 0x01
399 #define INHERIT 0x02
400
401 typedef struct _SYSTEM_HANDLE_INFORMATION {
402 ULONG ProcessId;
403 UCHAR ObjectTypeNumber;
404 UCHAR Flags;
405 USHORT Handle;
406 PVOID Object;
407 ACCESS_MASK GrantedAccess;
408 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
409
410 typedef struct _SYSTEM_OBJECT_TYPE_INFORMATION {
411 ULONG NextEntryOffset;
412 ULONG ObjectCount;
413 ULONG HandleCount;
414 ULONG TypeNumber;
415 ULONG InvalidAttributes;
416 GENERIC_MAPPING GenericMapping;
417 ACCESS_MASK ValidAccessMask;
418 POOL_TYPE PoolType;
419 UCHAR Unknown;
420 UNICODE_STRING Name;
421 } SYSTEM_OBJECT_TYPE_INFORMATION, *PSYSTEM_OBJECT_TYPE_INFORMATION;
422
423 /* SYSTEM_OBJECT_INFORMATION.Flags constants */
424 #define FLG_SYSOBJINFO_SINGLE_HANDLE_ENTRY 0x40
425 #define FLG_SYSOBJINFO_DEFAULT_SECURITY_QUOTA 0x20
426 #define FLG_SYSOBJINFO_PERMANENT 0x10
427 #define FLG_SYSOBJINFO_EXCLUSIVE 0x08
428 #define FLG_SYSOBJINFO_CREATOR_INFO 0x04
429 #define FLG_SYSOBJINFO_KERNEL_MODE 0x02
430
431 typedef struct _SYSTEM_OBJECT_INFORMATION {
432 ULONG NextEntryOffset;
433 PVOID Object;
434 ULONG CreatorProcessId;
435 USHORT Unknown;
436 USHORT Flags;
437 ULONG PointerCount;
438 ULONG HandleCount;
439 ULONG PagedPoolUsage;
440 ULONG NonPagedPoolUsage;
441 ULONG ExclusiveProcessId;
442 PSECURITY_DESCRIPTOR SecurityDescriptor;
443 UNICODE_STRING Name;
444 } SYSTEM_OBJECT_INFORMATION, *PSYSTEM_OBJECT_INFORMATION;
445
446 typedef struct _SYSTEM_PAGEFILE_INFORMATION {
447 ULONG NextEntryOffset;
448 ULONG CurrentSize;
449 ULONG TotalUsed;
450 ULONG PeakUsed;
451 UNICODE_STRING FileName;
452 } SYSTEM_PAGEFILE_INFORMATION, *PSYSTEM_PAGEFILE_INFORMATION;
453
454 typedef struct _SYSTEM_INSTRUCTION_EMULATION_INFORMATION {
455 ULONG SegmentNotPresent;
456 ULONG TwoByteOpcode;
457 ULONG ESprefix;
458 ULONG CSprefix;
459 ULONG SSprefix;
460 ULONG DSprefix;
461 ULONG FSPrefix;
462 ULONG GSprefix;
463 ULONG OPER32prefix;
464 ULONG ADDR32prefix;
465 ULONG INSB;
466 ULONG INSW;
467 ULONG OUTSB;
468 ULONG OUTSW;
469 ULONG PUSHFD;
470 ULONG POPFD;
471 ULONG INTnn;
472 ULONG INTO;
473 ULONG IRETD;
474 ULONG INBimm;
475 ULONG INWimm;
476 ULONG OUTBimm;
477 ULONG OUTWimm;
478 ULONG INB;
479 ULONG INW;
480 ULONG OUTB;
481 ULONG OUTW;
482 ULONG LOCKprefix;
483 ULONG REPNEprefix;
484 ULONG REPprefix;
485 ULONG HLT;
486 ULONG CLI;
487 ULONG STI;
488 ULONG GenericInvalidOpcode;
489 } SYSTEM_INSTRUCTION_EMULATION_INFORMATION, *PSYSTEM_INSTRUCTION_EMULATION_INFORMATION;
490
491 typedef struct _SYSTEM_POOL_TAG_INFORMATION {
492 CHAR Tag[4];
493 ULONG PagedPoolAllocs;
494 ULONG PagedPoolFrees;
495 ULONG PagedPoolUsage;
496 ULONG NonPagedPoolAllocs;
497 ULONG NonPagedPoolFrees;
498 ULONG NonPagedPoolUsage;
499 } SYSTEM_POOL_TAG_INFORMATION, *PSYSTEM_POOL_TAG_INFORMATION;
500
501 typedef struct _SYSTEM_PROCESSOR_STATISTICS {
502 ULONG ContextSwitches;
503 ULONG DpcCount;
504 ULONG DpcRequestRate;
505 ULONG TimeIncrement;
506 ULONG DpcBypassCount;
507 ULONG ApcBypassCount;
508 } SYSTEM_PROCESSOR_STATISTICS, *PSYSTEM_PROCESSOR_STATISTICS;
509
510 typedef struct _SYSTEM_DPC_INFORMATION {
511 ULONG Reserved;
512 ULONG MaximumDpcQueueDepth;
513 ULONG MinimumDpcRate;
514 ULONG AdjustDpcThreshold;
515 ULONG IdealDpcRate;
516 } SYSTEM_DPC_INFORMATION, *PSYSTEM_DPC_INFORMATION;
517
518 typedef struct _SYSTEM_LOAD_IMAGE {
519 UNICODE_STRING ModuleName;
520 PVOID ModuleBase;
521 PVOID SectionPointer;
522 PVOID EntryPoint;
523 PVOID ExportDirectory;
524 } SYSTEM_LOAD_IMAGE, *PSYSTEM_LOAD_IMAGE;
525
526 typedef struct _SYSTEM_UNLOAD_IMAGE {
527 PVOID ModuleBase;
528 } SYSTEM_UNLOAD_IMAGE, *PSYSTEM_UNLOAD_IMAGE;
529
530 typedef struct _SYSTEM_QUERY_TIME_ADJUSTMENT {
531 ULONG TimeAdjustment;
532 ULONG MaximumIncrement;
533 BOOLEAN TimeSynchronization;
534 } SYSTEM_QUERY_TIME_ADJUSTMENT, *PSYSTEM_QUERY_TIME_ADJUSTMENT;
535
536 typedef struct _SYSTEM_SET_TIME_ADJUSTMENT {
537 ULONG TimeAdjustment;
538 BOOLEAN TimeSynchronization;
539 } SYSTEM_SET_TIME_ADJUSTMENT, *PSYSTEM_SET_TIME_ADJUSTMENT;
540
541 typedef struct _SYSTEM_CRASH_DUMP_INFORMATION {
542 HANDLE CrashDumpSectionHandle;
543 HANDLE Unknown;
544 } SYSTEM_CRASH_DUMP_INFORMATION, *PSYSTEM_CRASH_DUMP_INFORMATION;
545
546 typedef struct _SYSTEM_EXCEPTION_INFORMATION {
547 ULONG AlignmentFixupCount;
548 ULONG ExceptionDispatchCount;
549 ULONG FloatingEmulationCount;
550 ULONG Reserved;
551 } SYSTEM_EXCEPTION_INFORMATION, *PSYSTEM_EXCEPTION_INFORMATION;
552
553 typedef struct _SYSTEM_CRASH_DUMP_STATE_INFORMATION {
554 ULONG CrashDumpSectionExists;
555 ULONG Unknown;
556 } SYSTEM_CRASH_DUMP_STATE_INFORMATION, *PSYSTEM_CRASH_DUMP_STATE_INFORMATION;
557
558 typedef struct _SYSTEM_KERNEL_DEBUGGER_INFORMATION {
559 BOOLEAN DebuggerEnabled;
560 BOOLEAN DebuggerNotPresent;
561 } SYSTEM_KERNEL_DEBUGGER_INFORMATION, *PSYSTEM_KERNEL_DEBUGGER_INFORMATION;
562
563 typedef struct _SYSTEM_CONTEXT_SWITCH_INFORMATION {
564 ULONG ContextSwitches;
565 ULONG ContextSwitchCounters[11];
566 } SYSTEM_CONTEXT_SWITCH_INFORMATION, *PSYSTEM_CONTEXT_SWITCH_INFORMATION;
567
568 typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION {
569 ULONG RegistryQuota;
570 ULONG RegistryQuotaInUse;
571 ULONG PagedPoolSize;
572 } SYSTEM_REGISTRY_QUOTA_INFORMATION, *PSYSTEM_REGISTRY_QUOTA_INFORMATION;
573
574 typedef struct _SYSTEM_LOAD_AND_CALL_IMAGE {
575 UNICODE_STRING ModuleName;
576 } SYSTEM_LOAD_AND_CALL_IMAGE, *PSYSTEM_LOAD_AND_CALL_IMAGE;
577
578 typedef struct _SYSTEM_PRIORITY_SEPARATION {
579 ULONG PrioritySeparation;
580 } SYSTEM_PRIORITY_SEPARATION, *PSYSTEM_PRIORITY_SEPARATION;
581
582 typedef struct _SYSTEM_TIME_ZONE_INFORMATION {
583 LONG Bias;
584 WCHAR StandardName[32];
585 LARGE_INTEGER StandardDate;
586 LONG StandardBias;
587 WCHAR DaylightName[32];
588 LARGE_INTEGER DaylightDate;
589 LONG DaylightBias;
590 } SYSTEM_TIME_ZONE_INFORMATION, *PSYSTEM_TIME_ZONE_INFORMATION;
591
592 typedef struct _SYSTEM_LOOKASIDE_INFORMATION {
593 USHORT Depth;
594 USHORT MaximumDepth;
595 ULONG TotalAllocates;
596 ULONG AllocateMisses;
597 ULONG TotalFrees;
598 ULONG FreeMisses;
599 POOL_TYPE Type;
600 ULONG Tag;
601 ULONG Size;
602 } SYSTEM_LOOKASIDE_INFORMATION, *PSYSTEM_LOOKASIDE_INFORMATION;
603
604 typedef struct _SYSTEM_SET_TIME_SLIP_EVENT {
605 HANDLE TimeSlipEvent;
606 } SYSTEM_SET_TIME_SLIP_EVENT, *PSYSTEM_SET_TIME_SLIP_EVENT;
607
608 typedef struct _SYSTEM_CREATE_SESSION {
609 ULONG SessionId;
610 } SYSTEM_CREATE_SESSION, *PSYSTEM_CREATE_SESSION;
611
612 typedef struct _SYSTEM_DELETE_SESSION {
613 ULONG SessionId;
614 } SYSTEM_DELETE_SESSION, *PSYSTEM_DELETE_SESSION;
615
616 typedef struct _SYSTEM_RANGE_START_INFORMATION {
617 PVOID SystemRangeStart;
618 } SYSTEM_RANGE_START_INFORMATION, *PSYSTEM_RANGE_START_INFORMATION;
619
620 typedef struct _SYSTEM_SESSION_PROCESSES_INFORMATION {
621 ULONG SessionId;
622 ULONG BufferSize;
623 PVOID Buffer;
624 } SYSTEM_SESSION_PROCESSES_INFORMATION, *PSYSTEM_SESSION_PROCESSES_INFORMATION;
625
626 typedef struct _SYSTEM_POOL_BLOCK {
627 BOOLEAN Allocated;
628 USHORT Unknown;
629 ULONG Size;
630 CHAR Tag[4];
631 } SYSTEM_POOL_BLOCK, *PSYSTEM_POOL_BLOCK;
632
633 typedef struct _SYSTEM_POOL_BLOCKS_INFORMATION {
634 ULONG PoolSize;
635 PVOID PoolBase;
636 USHORT Unknown;
637 ULONG NumberOfBlocks;
638 SYSTEM_POOL_BLOCK PoolBlocks[1];
639 } SYSTEM_POOL_BLOCKS_INFORMATION, *PSYSTEM_POOL_BLOCKS_INFORMATION;
640
641 typedef struct _SYSTEM_MEMORY_USAGE {
642 PVOID Name;
643 USHORT Valid;
644 USHORT Standby;
645 USHORT Modified;
646 USHORT PageTables;
647 } SYSTEM_MEMORY_USAGE, *PSYSTEM_MEMORY_USAGE;
648
649 typedef struct _SYSTEM_MEMORY_USAGE_INFORMATION {
650 ULONG Reserved;
651 PVOID EndOfData;
652 SYSTEM_MEMORY_USAGE MemoryUsage[1];
653 } SYSTEM_MEMORY_USAGE_INFORMATION, *PSYSTEM_MEMORY_USAGE_INFORMATION;
654
655 NTOSAPI
656 NTSTATUS
657 NTAPI
658 NtQuerySystemInformation(
659 /*IN*/ SYSTEM_INFORMATION_CLASS SystemInformationClass,
660 /*IN OUT*/ PVOID SystemInformation,
661 /*IN*/ ULONG SystemInformationLength,
662 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
663
664 NTOSAPI
665 NTSTATUS
666 NTAPI
667 ZwQuerySystemInformation(
668 /*IN*/ SYSTEM_INFORMATION_CLASS SystemInformationClass,
669 /*IN OUT*/ PVOID SystemInformation,
670 /*IN*/ ULONG SystemInformationLength,
671 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
672
673 NTOSAPI
674 NTAPI
675 NTSTATUS
676 NtQueryFullAttributesFile(
677 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
678 /*OUT*/ PFILE_NETWORK_OPEN_INFORMATION FileInformation);
679
680 NTOSAPI
681 NTAPI
682 NTSTATUS
683 ZwQueryFullAttributesFile(
684 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
685 /*OUT*/ PFILE_NETWORK_OPEN_INFORMATION FileInformation);
686
687 NTOSAPI
688 NTSTATUS
689 NTAPI
690 NtSetSystemInformation(
691 /*IN*/ SYSTEM_INFORMATION_CLASS SystemInformationClass,
692 /*IN OUT*/ PVOID SystemInformation,
693 /*IN*/ ULONG SystemInformationLength);
694
695 NTOSAPI
696 NTSTATUS
697 NTAPI
698 ZwSetSystemInformation(
699 /*IN*/ SYSTEM_INFORMATION_CLASS SystemInformationClass,
700 /*IN OUT*/ PVOID SystemInformation,
701 /*IN*/ ULONG SystemInformationLength);
702
703 NTOSAPI
704 NTSTATUS
705 NTAPI
706 NtQuerySystemEnvironmentValue(
707 /*IN*/ PUNICODE_STRING Name,
708 /*OUT*/ PVOID Value,
709 /*IN*/ ULONG ValueLength,
710 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
711
712 NTOSAPI
713 NTSTATUS
714 NTAPI
715 ZwQuerySystemEnvironmentValue(
716 /*IN*/ PUNICODE_STRING Name,
717 /*OUT*/ PVOID Value,
718 /*IN*/ ULONG ValueLength,
719 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
720
721 NTOSAPI
722 NTSTATUS
723 NTAPI
724 NtSetSystemEnvironmentValue(
725 /*IN*/ PUNICODE_STRING Name,
726 /*IN*/ PUNICODE_STRING Value);
727
728 NTOSAPI
729 NTSTATUS
730 NTAPI
731 ZwSetSystemEnvironmentValue(
732 /*IN*/ PUNICODE_STRING Name,
733 /*IN*/ PUNICODE_STRING Value);
734
735 typedef enum _SHUTDOWN_ACTION {
736 ShutdownNoReboot,
737 ShutdownReboot,
738 ShutdownPowerOff
739 } SHUTDOWN_ACTION;
740
741 NTOSAPI
742 NTSTATUS
743 NTAPI
744 NtShutdownSystem(
745 /*IN*/ SHUTDOWN_ACTION Action);
746
747 NTOSAPI
748 NTSTATUS
749 NTAPI
750 ZwShutdownSystem(
751 /*IN*/ SHUTDOWN_ACTION Action);
752
753 typedef enum _DEBUG_CONTROL_CODE {
754 DebugGetTraceInformation = 1,
755 DebugSetInternalBreakpoint,
756 DebugSetSpecialCall,
757 DebugClearSpecialCalls,
758 DebugQuerySpecialCalls,
759 DebugDbgBreakPoint,
760 DebugMaximum
761 } DEBUG_CONTROL_CODE;
762
763
764 NTOSAPI
765 NTSTATUS
766 NTAPI
767 NtSystemDebugControl(
768 /*IN*/ DEBUG_CONTROL_CODE ControlCode,
769 /*IN*/ PVOID InputBuffer /*OPTIONAL*/,
770 /*IN*/ ULONG InputBufferLength,
771 /*OUT*/ PVOID OutputBuffer /*OPTIONAL*/,
772 /*IN*/ ULONG OutputBufferLength,
773 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
774
775 NTOSAPI
776 NTSTATUS
777 NTAPI
778 ZwSystemDebugControl(
779 /*IN*/ DEBUG_CONTROL_CODE ControlCode,
780 /*IN*/ PVOID InputBuffer /*OPTIONAL*/,
781 /*IN*/ ULONG InputBufferLength,
782 /*OUT*/ PVOID OutputBuffer /*OPTIONAL*/,
783 /*IN*/ ULONG OutputBufferLength,
784 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
785
786
787
788 /* Objects, Object directories, and symbolic links */
789
790 typedef enum _OBJECT_INFORMATION_CLASS {
791 ObjectBasicInformation,
792 ObjectNameInformation,
793 ObjectTypeInformation,
794 ObjectAllTypesInformation,
795 ObjectHandleInformation
796 } OBJECT_INFORMATION_CLASS;
797
798 NTOSAPI
799 NTSTATUS
800 NTAPI
801 NtQueryObject(
802 /*IN*/ HANDLE ObjectHandle,
803 /*IN*/ OBJECT_INFORMATION_CLASS ObjectInformationClass,
804 /*OUT*/ PVOID ObjectInformation,
805 /*IN*/ ULONG ObjectInformationLength,
806 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
807
808 NTOSAPI
809 NTSTATUS
810 NTAPI
811 ZwQueryObject(
812 /*IN*/ HANDLE ObjectHandle,
813 /*IN*/ OBJECT_INFORMATION_CLASS ObjectInformationClass,
814 /*OUT*/ PVOID ObjectInformation,
815 /*IN*/ ULONG ObjectInformationLength,
816 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
817
818 NTOSAPI
819 NTSTATUS
820 NTAPI
821 NtSetInformationObject(
822 /*IN*/ HANDLE ObjectHandle,
823 /*IN*/ OBJECT_INFORMATION_CLASS ObjectInformationClass,
824 /*IN*/ PVOID ObjectInformation,
825 /*IN*/ ULONG ObjectInformationLength);
826
827 NTOSAPI
828 NTSTATUS
829 NTAPI
830 ZwSetInformationObject(
831 /*IN*/ HANDLE ObjectHandle,
832 /*IN*/ OBJECT_INFORMATION_CLASS ObjectInformationClass,
833 /*IN*/ PVOID ObjectInformation,
834 /*IN*/ ULONG ObjectInformationLength);
835
836 /* OBJECT_BASIC_INFORMATION.Attributes constants */
837 /* also in winbase.h */
838 #define HANDLE_FLAG_INHERIT 0x01
839 #define HANDLE_FLAG_PROTECT_FROM_CLOSE 0x02
840 /* end winbase.h */
841 #define PERMANENT 0x10
842 #define EXCLUSIVE 0x20
843
844 typedef struct _OBJECT_BASIC_INFORMATION {
845 ULONG Attributes;
846 ACCESS_MASK GrantedAccess;
847 ULONG HandleCount;
848 ULONG PointerCount;
849 ULONG PagedPoolUsage;
850 ULONG NonPagedPoolUsage;
851 ULONG Reserved[3];
852 ULONG NameInformationLength;
853 ULONG TypeInformationLength;
854 ULONG SecurityDescriptorLength;
855 LARGE_INTEGER CreateTime;
856 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
857 #if 0
858 /* FIXME: Enable later */
859 typedef struct _OBJECT_TYPE_INFORMATION {
860 UNICODE_STRING Name;
861 ULONG ObjectCount;
862 ULONG HandleCount;
863 ULONG Reserved1[4];
864 ULONG PeakObjectCount;
865 ULONG PeakHandleCount;
866 ULONG Reserved2[4];
867 ULONG InvalidAttributes;
868 GENERIC_MAPPING GenericMapping;
869 ULONG ValidAccess;
870 UCHAR Unknown;
871 BOOLEAN MaintainHandleDatabase;
872 POOL_TYPE PoolType;
873 ULONG PagedPoolUsage;
874 ULONG NonPagedPoolUsage;
875 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
876
877 typedef struct _OBJECT_ALL_TYPES_INFORMATION {
878 ULONG NumberOfTypes;
879 OBJECT_TYPE_INFORMATION TypeInformation;
880 } OBJECT_ALL_TYPES_INFORMATION, *POBJECT_ALL_TYPES_INFORMATION;
881 #endif
882 typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFORMATION {
883 BOOLEAN Inherit;
884 BOOLEAN ProtectFromClose;
885 } OBJECT_HANDLE_ATTRIBUTE_INFORMATION, *POBJECT_HANDLE_ATTRIBUTE_INFORMATION;
886
887 NTOSAPI
888 NTSTATUS
889 NTAPI
890 NtDuplicateObject(
891 /*IN*/ HANDLE SourceProcessHandle,
892 /*IN*/ HANDLE SourceHandle,
893 /*IN*/ HANDLE TargetProcessHandle,
894 /*OUT*/ PHANDLE TargetHandle /*OPTIONAL*/,
895 /*IN*/ ACCESS_MASK DesiredAccess,
896 /*IN*/ ULONG Attributes,
897 /*IN*/ ULONG Options);
898
899 NTOSAPI
900 NTSTATUS
901 NTAPI
902 ZwDuplicateObject(
903 /*IN*/ HANDLE SourceProcessHandle,
904 /*IN*/ HANDLE SourceHandle,
905 /*IN*/ HANDLE TargetProcessHandle,
906 /*OUT*/ PHANDLE TargetHandle /*OPTIONAL*/,
907 /*IN*/ ACCESS_MASK DesiredAccess,
908 /*IN*/ ULONG Attributes,
909 /*IN*/ ULONG Options);
910
911 NTOSAPI
912 NTSTATUS
913 NTAPI
914 NtQuerySecurityObject(
915 /*IN*/ HANDLE Handle,
916 /*IN*/ SECURITY_INFORMATION SecurityInformation,
917 /*OUT*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
918 /*IN*/ ULONG SecurityDescriptorLength,
919 /*OUT*/ PULONG ReturnLength);
920
921 NTOSAPI
922 NTSTATUS
923 NTAPI
924 ZwQuerySecurityObject(
925 /*IN*/ HANDLE Handle,
926 /*IN*/ SECURITY_INFORMATION SecurityInformation,
927 /*OUT*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
928 /*IN*/ ULONG SecurityDescriptorLength,
929 /*OUT*/ PULONG ReturnLength);
930
931 NTOSAPI
932 NTSTATUS
933 NTAPI
934 NtSetSecurityObject(
935 /*IN*/ HANDLE Handle,
936 /*IN*/ SECURITY_INFORMATION SecurityInformation,
937 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor);
938
939 NTOSAPI
940 NTSTATUS
941 NTAPI
942 ZwSetSecurityObject(
943 /*IN*/ HANDLE Handle,
944 /*IN*/ SECURITY_INFORMATION SecurityInformation,
945 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor);
946
947 NTOSAPI
948 NTSTATUS
949 NTAPI
950 NtOpenDirectoryObject(
951 /*OUT*/ PHANDLE DirectoryHandle,
952 /*IN*/ ACCESS_MASK DesiredAccess,
953 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
954
955 NTOSAPI
956 NTSTATUS
957 NTAPI
958 ZwOpenDirectoryObject(
959 /*OUT*/ PHANDLE DirectoryHandle,
960 /*IN*/ ACCESS_MASK DesiredAccess,
961 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
962
963 NTOSAPI
964 NTSTATUS
965 NTAPI
966 NtQueryDirectoryObject(
967 /*IN*/ HANDLE DirectoryHandle,
968 /*OUT*/ PVOID Buffer,
969 /*IN*/ ULONG BufferLength,
970 /*IN*/ BOOLEAN ReturnSingleEntry,
971 /*IN*/ BOOLEAN RestartScan,
972 /*IN OUT*/ PULONG Context,
973 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
974
975 NTOSAPI
976 NTSTATUS
977 NTAPI
978 ZwQueryDirectoryObject(
979 /*IN*/ HANDLE DirectoryHandle,
980 /*OUT*/ PVOID Buffer,
981 /*IN*/ ULONG BufferLength,
982 /*IN*/ BOOLEAN ReturnSingleEntry,
983 /*IN*/ BOOLEAN RestartScan,
984 /*IN OUT*/ PULONG Context,
985 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
986
987 typedef struct _DIRECTORY_BASIC_INFORMATION {
988 UNICODE_STRING ObjectName;
989 UNICODE_STRING ObjectTypeName;
990 } DIRECTORY_BASIC_INFORMATION, *PDIRECTORY_BASIC_INFORMATION;
991
992 NTOSAPI
993 NTSTATUS
994 NTAPI
995 NtCreateSymbolicLinkObject(
996 /*OUT*/ PHANDLE SymbolicLinkHandle,
997 /*IN*/ ACCESS_MASK DesiredAccess,
998 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
999 /*IN*/ PUNICODE_STRING TargetName);
1000
1001 NTOSAPI
1002 NTSTATUS
1003 NTAPI
1004 ZwCreateSymbolicLinkObject(
1005 /*OUT*/ PHANDLE SymbolicLinkHandle,
1006 /*IN*/ ACCESS_MASK DesiredAccess,
1007 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1008 /*IN*/ PUNICODE_STRING TargetName);
1009
1010
1011
1012
1013 /* Virtual memory */
1014
1015 typedef enum _MEMORY_INFORMATION_CLASS {
1016 MemoryBasicInformation,
1017 MemoryWorkingSetList,
1018 MemorySectionName,
1019 MemoryBasicVlmInformation
1020 } MEMORY_INFORMATION_CLASS;
1021
1022 NTOSAPI
1023 NTSTATUS
1024 NTAPI
1025 NtAllocateVirtualMemory(
1026 /*IN*/ HANDLE ProcessHandle,
1027 /*IN OUT*/ PVOID *BaseAddress,
1028 /*IN*/ ULONG ZeroBits,
1029 /*IN OUT*/ PULONG AllocationSize,
1030 /*IN*/ ULONG AllocationType,
1031 /*IN*/ ULONG Protect);
1032
1033 NTOSAPI
1034 NTSTATUS
1035 NTAPI
1036 ZwAllocateVirtualMemory(
1037 /*IN*/ HANDLE ProcessHandle,
1038 /*IN OUT*/ PVOID *BaseAddress,
1039 /*IN*/ ULONG ZeroBits,
1040 /*IN OUT*/ PULONG AllocationSize,
1041 /*IN*/ ULONG AllocationType,
1042 /*IN*/ ULONG Protect);
1043
1044 NTOSAPI
1045 NTSTATUS
1046 NTAPI
1047 NtFreeVirtualMemory(
1048 /*IN*/ HANDLE ProcessHandle,
1049 /*IN OUT*/ PVOID *BaseAddress,
1050 /*IN OUT*/ PULONG FreeSize,
1051 /*IN*/ ULONG FreeType);
1052
1053 NTOSAPI
1054 NTSTATUS
1055 NTAPI
1056 ZwFreeVirtualMemory(
1057 /*IN*/ HANDLE ProcessHandle,
1058 /*IN OUT*/ PVOID *BaseAddress,
1059 /*IN OUT*/ PULONG FreeSize,
1060 /*IN*/ ULONG FreeType);
1061
1062 NTOSAPI
1063 NTSTATUS
1064 NTAPI
1065 NtQueryVirtualMemory(
1066 /*IN*/ HANDLE ProcessHandle,
1067 /*IN*/ PVOID BaseAddress,
1068 /*IN*/ MEMORY_INFORMATION_CLASS MemoryInformationClass,
1069 /*OUT*/ PVOID MemoryInformation,
1070 /*IN*/ ULONG MemoryInformationLength,
1071 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1072
1073 NTOSAPI
1074 NTSTATUS
1075 NTAPI
1076 ZwQueryVirtualMemory(
1077 /*IN*/ HANDLE ProcessHandle,
1078 /*IN*/ PVOID BaseAddress,
1079 /*IN*/ MEMORY_INFORMATION_CLASS MemoryInformationClass,
1080 /*OUT*/ PVOID MemoryInformation,
1081 /*IN*/ ULONG MemoryInformationLength,
1082 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1083
1084 /* MEMORY_WORKING_SET_LIST.WorkingSetList constants */
1085 #define WSLE_PAGE_READONLY 0x001
1086 #define WSLE_PAGE_EXECUTE 0x002
1087 #define WSLE_PAGE_READWRITE 0x004
1088 #define WSLE_PAGE_EXECUTE_READ 0x003
1089 #define WSLE_PAGE_WRITECOPY 0x005
1090 #define WSLE_PAGE_EXECUTE_READWRITE 0x006
1091 #define WSLE_PAGE_EXECUTE_WRITECOPY 0x007
1092 #define WSLE_PAGE_SHARE_COUNT_MASK 0x0E0
1093 #define WSLE_PAGE_SHAREABLE 0x100
1094
1095 typedef struct _MEMORY_WORKING_SET_LIST {
1096 ULONG NumberOfPages;
1097 ULONG WorkingSetList[1];
1098 } MEMORY_WORKING_SET_LIST, *PMEMORY_WORKING_SET_LIST;
1099
1100 typedef struct _MEMORY_SECTION_NAME {
1101 UNICODE_STRING SectionFileName;
1102 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
1103
1104 /* Zw[Lock|Unlock]VirtualMemory.LockType constants */
1105 #define LOCK_VM_IN_WSL 0x01
1106 #define LOCK_VM_IN_RAM 0x02
1107
1108 NTOSAPI
1109 NTSTATUS
1110 NTAPI
1111 NtLockVirtualMemory(
1112 /*IN*/ HANDLE ProcessHandle,
1113 /*IN OUT*/ PVOID *BaseAddress,
1114 /*IN OUT*/ PULONG LockSize,
1115 /*IN*/ ULONG LockType);
1116
1117 NTOSAPI
1118 NTSTATUS
1119 NTAPI
1120 ZwLockVirtualMemory(
1121 /*IN*/ HANDLE ProcessHandle,
1122 /*IN OUT*/ PVOID *BaseAddress,
1123 /*IN OUT*/ PULONG LockSize,
1124 /*IN*/ ULONG LockType);
1125
1126 NTOSAPI
1127 NTSTATUS
1128 NTAPI
1129 NtUnlockVirtualMemory(
1130 /*IN*/ HANDLE ProcessHandle,
1131 /*IN OUT*/ PVOID *BaseAddress,
1132 /*IN OUT*/ PULONG LockSize,
1133 /*IN*/ ULONG LockType);
1134
1135 NTOSAPI
1136 NTSTATUS
1137 NTAPI
1138 ZwUnlockVirtualMemory(
1139 /*IN*/ HANDLE ProcessHandle,
1140 /*IN OUT*/ PVOID *BaseAddress,
1141 /*IN OUT*/ PULONG LockSize,
1142 /*IN*/ ULONG LockType);
1143
1144 NTOSAPI
1145 NTSTATUS
1146 NTAPI
1147 NtReadVirtualMemory(
1148 /*IN*/ HANDLE ProcessHandle,
1149 /*IN*/ PVOID BaseAddress,
1150 /*OUT*/ PVOID Buffer,
1151 /*IN*/ ULONG BufferLength,
1152 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1153
1154 NTOSAPI
1155 NTSTATUS
1156 NTAPI
1157 ZwReadVirtualMemory(
1158 /*IN*/ HANDLE ProcessHandle,
1159 /*IN*/ PVOID BaseAddress,
1160 /*OUT*/ PVOID Buffer,
1161 /*IN*/ ULONG BufferLength,
1162 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1163
1164 NTOSAPI
1165 NTSTATUS
1166 NTAPI
1167 NtWriteVirtualMemory(
1168 /*IN*/ HANDLE ProcessHandle,
1169 /*IN*/ PVOID BaseAddress,
1170 /*IN*/ PVOID Buffer,
1171 /*IN*/ ULONG BufferLength,
1172 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1173
1174 NTOSAPI
1175 NTSTATUS
1176 NTAPI
1177 ZwWriteVirtualMemory(
1178 /*IN*/ HANDLE ProcessHandle,
1179 /*IN*/ PVOID BaseAddress,
1180 /*IN*/ PVOID Buffer,
1181 /*IN*/ ULONG BufferLength,
1182 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1183
1184 NTOSAPI
1185 NTSTATUS
1186 NTAPI
1187 NtProtectVirtualMemory(
1188 /*IN*/ HANDLE ProcessHandle,
1189 /*IN OUT*/ PVOID *BaseAddress,
1190 /*IN OUT*/ PULONG ProtectSize,
1191 /*IN*/ ULONG NewProtect,
1192 /*OUT*/ PULONG OldProtect);
1193
1194 NTOSAPI
1195 NTSTATUS
1196 NTAPI
1197 ZwProtectVirtualMemory(
1198 /*IN*/ HANDLE ProcessHandle,
1199 /*IN OUT*/ PVOID *BaseAddress,
1200 /*IN OUT*/ PULONG ProtectSize,
1201 /*IN*/ ULONG NewProtect,
1202 /*OUT*/ PULONG OldProtect);
1203
1204 NTOSAPI
1205 NTSTATUS
1206 NTAPI
1207 NtFlushVirtualMemory(
1208 /*IN*/ HANDLE ProcessHandle,
1209 /*IN OUT*/ PVOID *BaseAddress,
1210 /*IN OUT*/ PULONG FlushSize,
1211 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
1212
1213 NTOSAPI
1214 NTSTATUS
1215 NTAPI
1216 ZwFlushVirtualMemory(
1217 /*IN*/ HANDLE ProcessHandle,
1218 /*IN OUT*/ PVOID *BaseAddress,
1219 /*IN OUT*/ PULONG FlushSize,
1220 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
1221
1222 NTOSAPI
1223 NTSTATUS
1224 NTAPI
1225 NtAllocateUserPhysicalPages(
1226 /*IN*/ HANDLE ProcessHandle,
1227 /*IN*/ PULONG NumberOfPages,
1228 /*OUT*/ PULONG PageFrameNumbers);
1229
1230 NTOSAPI
1231 NTSTATUS
1232 NTAPI
1233 ZwAllocateUserPhysicalPages(
1234 /*IN*/ HANDLE ProcessHandle,
1235 /*IN*/ PULONG NumberOfPages,
1236 /*OUT*/ PULONG PageFrameNumbers);
1237
1238 NTOSAPI
1239 NTSTATUS
1240 NTAPI
1241 NtFreeUserPhysicalPages(
1242 /*IN*/ HANDLE ProcessHandle,
1243 /*IN OUT*/ PULONG NumberOfPages,
1244 /*IN*/ PULONG PageFrameNumbers);
1245
1246 NTOSAPI
1247 NTSTATUS
1248 NTAPI
1249 ZwFreeUserPhysicalPages(
1250 /*IN*/ HANDLE ProcessHandle,
1251 /*IN OUT*/ PULONG NumberOfPages,
1252 /*IN*/ PULONG PageFrameNumbers);
1253
1254 NTOSAPI
1255 NTSTATUS
1256 NTAPI
1257 NtMapUserPhysicalPages(
1258 /*IN*/ PVOID BaseAddress,
1259 /*IN*/ PULONG NumberOfPages,
1260 /*IN*/ PULONG PageFrameNumbers);
1261
1262 NTOSAPI
1263 NTSTATUS
1264 NTAPI
1265 ZwMapUserPhysicalPages(
1266 /*IN*/ PVOID BaseAddress,
1267 /*IN*/ PULONG NumberOfPages,
1268 /*IN*/ PULONG PageFrameNumbers);
1269
1270 NTOSAPI
1271 NTSTATUS
1272 NTAPI
1273 NtMapUserPhysicalPagesScatter(
1274 /*IN*/ PVOID *BaseAddresses,
1275 /*IN*/ PULONG NumberOfPages,
1276 /*IN*/ PULONG PageFrameNumbers);
1277
1278 NTOSAPI
1279 NTSTATUS
1280 NTAPI
1281 ZwMapUserPhysicalPagesScatter(
1282 /*IN*/ PVOID *BaseAddresses,
1283 /*IN*/ PULONG NumberOfPages,
1284 /*IN*/ PULONG PageFrameNumbers);
1285
1286 NTOSAPI
1287 NTSTATUS
1288 NTAPI
1289 NtGetWriteWatch(
1290 /*IN*/ HANDLE ProcessHandle,
1291 /*IN*/ ULONG Flags,
1292 /*IN*/ PVOID BaseAddress,
1293 /*IN*/ ULONG RegionSize,
1294 /*OUT*/ PULONG Buffer,
1295 /*IN OUT*/ PULONG BufferEntries,
1296 /*OUT*/ PULONG Granularity);
1297
1298 NTOSAPI
1299 NTSTATUS
1300 NTAPI
1301 ZwGetWriteWatch(
1302 /*IN*/ HANDLE ProcessHandle,
1303 /*IN*/ ULONG Flags,
1304 /*IN*/ PVOID BaseAddress,
1305 /*IN*/ ULONG RegionSize,
1306 /*OUT*/ PULONG Buffer,
1307 /*IN OUT*/ PULONG BufferEntries,
1308 /*OUT*/ PULONG Granularity);
1309
1310 NTOSAPI
1311 NTSTATUS
1312 NTAPI
1313 NtResetWriteWatch(
1314 /*IN*/ HANDLE ProcessHandle,
1315 /*IN*/ PVOID BaseAddress,
1316 /*IN*/ ULONG RegionSize);
1317
1318 NTOSAPI
1319 NTSTATUS
1320 NTAPI
1321 ZwResetWriteWatch(
1322 /*IN*/ HANDLE ProcessHandle,
1323 /*IN*/ PVOID BaseAddress,
1324 /*IN*/ ULONG RegionSize);
1325
1326
1327
1328
1329 /* Sections */
1330
1331 typedef enum _SECTION_INFORMATION_CLASS {
1332 SectionBasicInformation,
1333 SectionImageInformation
1334 } SECTION_INFORMATION_CLASS;
1335
1336 NTOSAPI
1337 NTSTATUS
1338 NTAPI
1339 NtCreateSection(
1340 /*OUT*/ PHANDLE SectionHandle,
1341 /*IN*/ ACCESS_MASK DesiredAccess,
1342 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1343 /*IN*/ PLARGE_INTEGER SectionSize /*OPTIONAL*/,
1344 /*IN*/ ULONG Protect,
1345 /*IN*/ ULONG Attributes,
1346 /*IN*/ HANDLE FileHandle);
1347
1348 NTOSAPI
1349 NTSTATUS
1350 NTAPI
1351 ZwCreateSection(
1352 /*OUT*/ PHANDLE SectionHandle,
1353 /*IN*/ ACCESS_MASK DesiredAccess,
1354 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1355 /*IN*/ PLARGE_INTEGER SectionSize /*OPTIONAL*/,
1356 /*IN*/ ULONG Protect,
1357 /*IN*/ ULONG Attributes,
1358 /*IN*/ HANDLE FileHandle);
1359
1360 NTOSAPI
1361 NTSTATUS
1362 NTAPI
1363 NtQuerySection(
1364 /*IN*/ HANDLE SectionHandle,
1365 /*IN*/ SECTION_INFORMATION_CLASS SectionInformationClass,
1366 /*OUT*/ PVOID SectionInformation,
1367 /*IN*/ ULONG SectionInformationLength,
1368 /*OUT*/ PULONG ResultLength /*OPTIONAL*/);
1369
1370 NTOSAPI
1371 NTSTATUS
1372 NTAPI
1373 ZwQuerySection(
1374 /*IN*/ HANDLE SectionHandle,
1375 /*IN*/ SECTION_INFORMATION_CLASS SectionInformationClass,
1376 /*OUT*/ PVOID SectionInformation,
1377 /*IN*/ ULONG SectionInformationLength,
1378 /*OUT*/ PULONG ResultLength /*OPTIONAL*/);
1379
1380 NTOSAPI
1381 NTSTATUS
1382 NTAPI
1383 NtExtendSection(
1384 /*IN*/ HANDLE SectionHandle,
1385 /*IN*/ PLARGE_INTEGER SectionSize);
1386
1387 NTOSAPI
1388 NTSTATUS
1389 NTAPI
1390 ZwExtendSection(
1391 /*IN*/ HANDLE SectionHandle,
1392 /*IN*/ PLARGE_INTEGER SectionSize);
1393
1394 NTOSAPI
1395 NTSTATUS
1396 NTAPI
1397 NtAreMappedFilesTheSame(
1398 /*IN*/ PVOID Address1,
1399 /*IN*/ PVOID Address2);
1400
1401 NTOSAPI
1402 NTSTATUS
1403 NTAPI
1404 ZwAreMappedFilesTheSame(
1405 /*IN*/ PVOID Address1,
1406 /*IN*/ PVOID Address2);
1407
1408
1409
1410
1411 /* Threads */
1412
1413 typedef struct _USER_STACK {
1414 PVOID FixedStackBase;
1415 PVOID FixedStackLimit;
1416 PVOID ExpandableStackBase;
1417 PVOID ExpandableStackLimit;
1418 PVOID ExpandableStackBottom;
1419 } USER_STACK, *PUSER_STACK;
1420
1421 NTOSAPI
1422 NTSTATUS
1423 NTAPI
1424 NtCreateThread(
1425 /*OUT*/ PHANDLE ThreadHandle,
1426 /*IN*/ ACCESS_MASK DesiredAccess,
1427 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1428 /*IN*/ HANDLE ProcessHandle,
1429 /*OUT*/ PCLIENT_ID ClientId,
1430 /*IN*/ PCONTEXT ThreadContext,
1431 /*IN*/ PUSER_STACK UserStack,
1432 /*IN*/ BOOLEAN CreateSuspended);
1433
1434 NTOSAPI
1435 NTSTATUS
1436 NTAPI
1437 ZwCreateThread(
1438 /*OUT*/ PHANDLE ThreadHandle,
1439 /*IN*/ ACCESS_MASK DesiredAccess,
1440 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1441 /*IN*/ HANDLE ProcessHandle,
1442 /*OUT*/ PCLIENT_ID ClientId,
1443 /*IN*/ PCONTEXT ThreadContext,
1444 /*IN*/ PUSER_STACK UserStack,
1445 /*IN*/ BOOLEAN CreateSuspended);
1446
1447 NTOSAPI
1448 NTSTATUS
1449 NTAPI
1450 NtOpenThread(
1451 /*OUT*/ PHANDLE ThreadHandle,
1452 /*IN*/ ACCESS_MASK DesiredAccess,
1453 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1454 /*IN*/ PCLIENT_ID ClientId);
1455
1456 NTOSAPI
1457 NTSTATUS
1458 NTAPI
1459 ZwOpenThread(
1460 /*OUT*/ PHANDLE ThreadHandle,
1461 /*IN*/ ACCESS_MASK DesiredAccess,
1462 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1463 /*IN*/ PCLIENT_ID ClientId);
1464
1465 NTOSAPI
1466 NTSTATUS
1467 NTAPI
1468 NtTerminateThread(
1469 /*IN*/ HANDLE ThreadHandle /*OPTIONAL*/,
1470 /*IN*/ NTSTATUS ExitStatus);
1471
1472 NTOSAPI
1473 NTSTATUS
1474 NTAPI
1475 ZwTerminateThread(
1476 /*IN*/ HANDLE ThreadHandle /*OPTIONAL*/,
1477 /*IN*/ NTSTATUS ExitStatus);
1478
1479 NTOSAPI
1480 NTSTATUS
1481 NTAPI
1482 NtQueryInformationThread(
1483 /*IN*/ HANDLE ThreadHandle,
1484 /*IN*/ THREADINFOCLASS ThreadInformationClass,
1485 /*OUT*/ PVOID ThreadInformation,
1486 /*IN*/ ULONG ThreadInformationLength,
1487 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1488
1489 NTOSAPI
1490 NTSTATUS
1491 NTAPI
1492 ZwQueryInformationThread(
1493 /*IN*/ HANDLE ThreadHandle,
1494 /*IN*/ THREADINFOCLASS ThreadInformationClass,
1495 /*OUT*/ PVOID ThreadInformation,
1496 /*IN*/ ULONG ThreadInformationLength,
1497 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1498
1499 NTOSAPI
1500 NTSTATUS
1501 NTAPI
1502 NtSetInformationThread(
1503 /*IN*/ HANDLE ThreadHandle,
1504 /*IN*/ THREADINFOCLASS ThreadInformationClass,
1505 /*IN*/ PVOID ThreadInformation,
1506 /*IN*/ ULONG ThreadInformationLength);
1507
1508 NTOSAPI
1509 NTSTATUS
1510 NTAPI
1511 ZwSetInformationThread(
1512 /*IN*/ HANDLE ThreadHandle,
1513 /*IN*/ THREADINFOCLASS ThreadInformationClass,
1514 /*IN*/ PVOID ThreadInformation,
1515 /*IN*/ ULONG ThreadInformationLength);
1516
1517 typedef struct _THREAD_BASIC_INFORMATION {
1518 NTSTATUS ExitStatus;
1519 PNT_TIB TebBaseAddress;
1520 CLIENT_ID ClientId;
1521 KAFFINITY AffinityMask;
1522 KPRIORITY Priority;
1523 KPRIORITY BasePriority;
1524 } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
1525
1526 typedef struct _KERNEL_USER_TIMES {
1527 LARGE_INTEGER CreateTime;
1528 LARGE_INTEGER ExitTime;
1529 LARGE_INTEGER KernelTime;
1530 LARGE_INTEGER UserTime;
1531 } KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
1532
1533 NTOSAPI
1534 NTSTATUS
1535 NTAPI
1536 NtSuspendThread(
1537 /*IN*/ HANDLE ThreadHandle,
1538 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1539
1540 NTOSAPI
1541 NTSTATUS
1542 NTAPI
1543 ZwSuspendThread(
1544 /*IN*/ HANDLE ThreadHandle,
1545 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1546
1547 NTOSAPI
1548 NTSTATUS
1549 NTAPI
1550 NtResumeThread(
1551 /*IN*/ HANDLE ThreadHandle,
1552 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1553
1554 NTOSAPI
1555 NTSTATUS
1556 NTAPI
1557 ZwResumeThread(
1558 /*IN*/ HANDLE ThreadHandle,
1559 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1560
1561 NTOSAPI
1562 NTSTATUS
1563 NTAPI
1564 NtGetContextThread(
1565 /*IN*/ HANDLE ThreadHandle,
1566 /*OUT*/ PCONTEXT Context);
1567
1568 NTOSAPI
1569 NTSTATUS
1570 NTAPI
1571 ZwGetContextThread(
1572 /*IN*/ HANDLE ThreadHandle,
1573 /*OUT*/ PCONTEXT Context);
1574
1575 NTOSAPI
1576 NTSTATUS
1577 NTAPI
1578 NtSetContextThread(
1579 /*IN*/ HANDLE ThreadHandle,
1580 /*IN*/ PCONTEXT Context);
1581
1582 NTOSAPI
1583 NTSTATUS
1584 NTAPI
1585 ZwSetContextThread(
1586 /*IN*/ HANDLE ThreadHandle,
1587 /*IN*/ PCONTEXT Context);
1588
1589 NTOSAPI
1590 NTSTATUS
1591 NTAPI
1592 NtQueueApcThread(
1593 /*IN*/ HANDLE ThreadHandle,
1594 /*IN*/ PKNORMAL_ROUTINE ApcRoutine,
1595 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
1596 /*IN*/ PVOID Argument1 /*OPTIONAL*/,
1597 /*IN*/ PVOID Argument2 /*OPTIONAL*/);
1598
1599 NTOSAPI
1600 NTSTATUS
1601 NTAPI
1602 ZwQueueApcThread(
1603 /*IN*/ HANDLE ThreadHandle,
1604 /*IN*/ PKNORMAL_ROUTINE ApcRoutine,
1605 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
1606 /*IN*/ PVOID Argument1 /*OPTIONAL*/,
1607 /*IN*/ PVOID Argument2 /*OPTIONAL*/);
1608
1609 NTOSAPI
1610 NTSTATUS
1611 NTAPI
1612 NtTestAlert(
1613 VOID);
1614
1615 NTOSAPI
1616 NTSTATUS
1617 NTAPI
1618 ZwTestAlert(
1619 VOID);
1620
1621 NTOSAPI
1622 NTSTATUS
1623 NTAPI
1624 NtAlertThread(
1625 /*IN*/ HANDLE ThreadHandle);
1626
1627 NTOSAPI
1628 NTSTATUS
1629 NTAPI
1630 ZwAlertThread(
1631 /*IN*/ HANDLE ThreadHandle);
1632
1633 NTOSAPI
1634 NTSTATUS
1635 NTAPI
1636 NtAlertResumeThread(
1637 /*IN*/ HANDLE ThreadHandle,
1638 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1639
1640 NTOSAPI
1641 NTSTATUS
1642 NTAPI
1643 ZwAlertResumeThread(
1644 /*IN*/ HANDLE ThreadHandle,
1645 /*OUT*/ PULONG PreviousSuspendCount /*OPTIONAL*/);
1646
1647 NTOSAPI
1648 NTSTATUS
1649 NTAPI
1650 NtRegisterThreadTerminatePort(
1651 /*IN*/ HANDLE PortHandle);
1652
1653 NTOSAPI
1654 NTSTATUS
1655 NTAPI
1656 ZwRegisterThreadTerminatePort(
1657 /*IN*/ HANDLE PortHandle);
1658
1659 NTOSAPI
1660 NTSTATUS
1661 NTAPI
1662 NtImpersonateThread(
1663 /*IN*/ HANDLE ThreadHandle,
1664 /*IN*/ HANDLE TargetThreadHandle,
1665 /*IN*/ PSECURITY_QUALITY_OF_SERVICE SecurityQos);
1666
1667 NTOSAPI
1668 NTSTATUS
1669 NTAPI
1670 ZwImpersonateThread(
1671 /*IN*/ HANDLE ThreadHandle,
1672 /*IN*/ HANDLE TargetThreadHandle,
1673 /*IN*/ PSECURITY_QUALITY_OF_SERVICE SecurityQos);
1674
1675 NTOSAPI
1676 NTSTATUS
1677 NTAPI
1678 NtImpersonateAnonymousToken(
1679 /*IN*/ HANDLE ThreadHandle);
1680
1681 NTOSAPI
1682 NTSTATUS
1683 NTAPI
1684 ZwImpersonateAnonymousToken(
1685 /*IN*/ HANDLE ThreadHandle);
1686
1687
1688
1689
1690 /* Processes */
1691
1692 NTOSAPI
1693 NTSTATUS
1694 NTAPI
1695 NtCreateProcess(
1696 /*OUT*/ PHANDLE ProcessHandle,
1697 /*IN*/ ACCESS_MASK DesiredAccess,
1698 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1699 /*IN*/ HANDLE InheritFromProcessHandle,
1700 /*IN*/ BOOLEAN InheritHandles,
1701 /*IN*/ HANDLE SectionHandle /*OPTIONAL*/,
1702 /*IN*/ HANDLE DebugPort /*OPTIONAL*/,
1703 /*IN*/ HANDLE ExceptionPort /*OPTIONAL*/);
1704
1705 NTOSAPI
1706 NTSTATUS
1707 NTAPI
1708 ZwCreateProcess(
1709 /*OUT*/ PHANDLE ProcessHandle,
1710 /*IN*/ ACCESS_MASK DesiredAccess,
1711 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
1712 /*IN*/ HANDLE InheritFromProcessHandle,
1713 /*IN*/ BOOLEAN InheritHandles,
1714 /*IN*/ HANDLE SectionHandle /*OPTIONAL*/,
1715 /*IN*/ HANDLE DebugPort /*OPTIONAL*/,
1716 /*IN*/ HANDLE ExceptionPort /*OPTIONAL*/);
1717
1718 NTOSAPI
1719 NTSTATUS
1720 NTAPI
1721 NtTerminateProcess(
1722 /*IN*/ HANDLE ProcessHandle /*OPTIONAL*/,
1723 /*IN*/ NTSTATUS ExitStatus);
1724
1725 NTOSAPI
1726 NTSTATUS
1727 NTAPI
1728 ZwTerminateProcess(
1729 /*IN*/ HANDLE ProcessHandle /*OPTIONAL*/,
1730 /*IN*/ NTSTATUS ExitStatus);
1731
1732 NTOSAPI
1733 NTSTATUS
1734 NTAPI
1735 NtQueryInformationProcess(
1736 /*IN*/ HANDLE ProcessHandle,
1737 /*IN*/ PROCESSINFOCLASS ProcessInformationClass,
1738 /*OUT*/ PVOID ProcessInformation,
1739 /*IN*/ ULONG ProcessInformationLength,
1740 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1741
1742 NTOSAPI
1743 NTSTATUS
1744 NTAPI
1745 ZwQueryInformationProcess(
1746 /*IN*/ HANDLE ProcessHandle,
1747 /*IN*/ PROCESSINFOCLASS ProcessInformationClass,
1748 /*OUT*/ PVOID ProcessInformation,
1749 /*IN*/ ULONG ProcessInformationLength,
1750 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
1751
1752 NTOSAPI
1753 NTSTATUS
1754 NTAPI
1755 NtSetInformationProcess(
1756 /*IN*/ HANDLE ProcessHandle,
1757 /*IN*/ PROCESSINFOCLASS ProcessInformationClass,
1758 /*IN*/ PVOID ProcessInformation,
1759 /*IN*/ ULONG ProcessInformationLength);
1760
1761 NTOSAPI
1762 NTSTATUS
1763 NTAPI
1764 ZwSetInformationProcess(
1765 /*IN*/ HANDLE ProcessHandle,
1766 /*IN*/ PROCESSINFOCLASS ProcessInformationClass,
1767 /*IN*/ PVOID ProcessInformation,
1768 /*IN*/ ULONG ProcessInformationLength);
1769
1770 typedef struct _PROCESS_BASIC_INFORMATION {
1771 NTSTATUS ExitStatus;
1772 PPEB PebBaseAddress;
1773 KAFFINITY AffinityMask;
1774 KPRIORITY BasePriority;
1775 ULONG UniqueProcessId;
1776 ULONG InheritedFromUniqueProcessId;
1777 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
1778
1779 typedef struct _PROCESS_ACCESS_TOKEN {
1780 HANDLE Token;
1781 HANDLE Thread;
1782 } PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
1783
1784 /* DefaultHardErrorMode constants */
1785 /* also in winbase.h */
1786 #define SEM_FAILCRITICALERRORS 0x0001
1787 #define SEM_NOGPFAULTERRORBOX 0x0002
1788 #define SEM_NOALIGNMENTFAULTEXCEPT 0x0004
1789 #define SEM_NOOPENFILEERRORBOX 0x8000
1790 /* end winbase.h */
1791 typedef struct _POOLED_USAGE_AND_LIMITS {
1792 ULONG PeakPagedPoolUsage;
1793 ULONG PagedPoolUsage;
1794 ULONG PagedPoolLimit;
1795 ULONG PeakNonPagedPoolUsage;
1796 ULONG NonPagedPoolUsage;
1797 ULONG NonPagedPoolLimit;
1798 ULONG PeakPagefileUsage;
1799 ULONG PagefileUsage;
1800 ULONG PagefileLimit;
1801 } POOLED_USAGE_AND_LIMITS, *PPOOLED_USAGE_AND_LIMITS;
1802
1803 typedef struct _PROCESS_WS_WATCH_INFORMATION {
1804 PVOID FaultingPc;
1805 PVOID FaultingVa;
1806 } PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;
1807
1808 /* PROCESS_PRIORITY_CLASS.PriorityClass constants */
1809 #define PC_IDLE 1
1810 #define PC_NORMAL 2
1811 #define PC_HIGH 3
1812 #define PC_REALTIME 4
1813 #define PC_BELOW_NORMAL 5
1814 #define PC_ABOVE_NORMAL 6
1815
1816 typedef struct _PROCESS_PRIORITY_CLASS {
1817 BOOLEAN Foreground;
1818 UCHAR PriorityClass;
1819 } PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
1820
1821 /* PROCESS_DEVICEMAP_INFORMATION.DriveType constants */
1822 #define DRIVE_UNKNOWN 0
1823 #define DRIVE_NO_ROOT_DIR 1
1824 #define DRIVE_REMOVABLE 2
1825 #define DRIVE_FIXED 3
1826 #define DRIVE_REMOTE 4
1827 #define DRIVE_CDROM 5
1828 #define DRIVE_RAMDISK 6
1829
1830 typedef struct _PROCESS_DEVICEMAP_INFORMATION {
1831 _ANONYMOUS_UNION union {
1832 struct {
1833 HANDLE DirectoryHandle;
1834 } Set;
1835 struct {
1836 ULONG DriveMap;
1837 UCHAR DriveType[32];
1838 } Query;
1839 } DUMMYUNIONNAME;
1840 } PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
1841
1842 typedef struct _PROCESS_SESSION_INFORMATION {
1843 ULONG SessionId;
1844 } PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
1845
1846 typedef struct _RTL_USER_PROCESS_PARAMETERS {
1847 ULONG AllocationSize;
1848 ULONG Size;
1849 ULONG Flags;
1850 ULONG DebugFlags;
1851 HANDLE hConsole;
1852 ULONG ProcessGroup;
1853 HANDLE hStdInput;
1854 HANDLE hStdOutput;
1855 HANDLE hStdError;
1856 UNICODE_STRING CurrentDirectoryName;
1857 HANDLE CurrentDirectoryHandle;
1858 UNICODE_STRING DllPath;
1859 UNICODE_STRING ImagePathName;
1860 UNICODE_STRING CommandLine;
1861 PWSTR Environment;
1862 ULONG dwX;
1863 ULONG dwY;
1864 ULONG dwXSize;
1865 ULONG dwYSize;
1866 ULONG dwXCountChars;
1867 ULONG dwYCountChars;
1868 ULONG dwFillAttribute;
1869 ULONG dwFlags;
1870 ULONG wShowWindow;
1871 UNICODE_STRING WindowTitle;
1872 UNICODE_STRING DesktopInfo;
1873 UNICODE_STRING ShellInfo;
1874 UNICODE_STRING RuntimeInfo;
1875 } RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
1876
1877 NTSTATUS
1878 NTAPI
1879 RtlCreateProcessParameters(
1880 /*OUT*/ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters,
1881 /*IN*/ PUNICODE_STRING ImageFile,
1882 /*IN*/ PUNICODE_STRING DllPath /*OPTIONAL*/,
1883 /*IN*/ PUNICODE_STRING CurrentDirectory /*OPTIONAL*/,
1884 /*IN*/ PUNICODE_STRING CommandLine /*OPTIONAL*/,
1885 /*IN*/ PWSTR Environment /*OPTIONAL*/,
1886 /*IN*/ PUNICODE_STRING WindowTitle /*OPTIONAL*/,
1887 /*IN*/ PUNICODE_STRING DesktopInfo /*OPTIONAL*/,
1888 /*IN*/ PUNICODE_STRING ShellInfo /*OPTIONAL*/,
1889 /*IN*/ PUNICODE_STRING RuntimeInfo /*OPTIONAL*/);
1890
1891 NTSTATUS
1892 NTAPI
1893 RtlDestroyProcessParameters(
1894 /*IN*/ PRTL_USER_PROCESS_PARAMETERS ProcessParameters);
1895
1896 typedef struct _DEBUG_BUFFER {
1897 HANDLE SectionHandle;
1898 PVOID SectionBase;
1899 PVOID RemoteSectionBase;
1900 ULONG SectionBaseDelta;
1901 HANDLE EventPairHandle;
1902 ULONG Unknown[2];
1903 HANDLE RemoteThreadHandle;
1904 ULONG InfoClassMask;
1905 ULONG SizeOfInfo;
1906 ULONG AllocatedSize;
1907 ULONG SectionSize;
1908 PVOID ModuleInformation;
1909 PVOID BackTraceInformation;
1910 PVOID HeapInformation;
1911 PVOID LockInformation;
1912 PVOID Reserved[8];
1913 } DEBUG_BUFFER, *PDEBUG_BUFFER;
1914
1915 PDEBUG_BUFFER
1916 NTAPI
1917 RtlCreateQueryDebugBuffer(
1918 /*IN*/ ULONG Size,
1919 /*IN*/ BOOLEAN EventPair);
1920
1921 /* RtlQueryProcessDebugInformation.DebugInfoClassMask constants */
1922 #define PDI_MODULES 0x01
1923 #define PDI_BACKTRACE 0x02
1924 #define PDI_HEAPS 0x04
1925 #define PDI_HEAP_TAGS 0x08
1926 #define PDI_HEAP_BLOCKS 0x10
1927 #define PDI_LOCKS 0x20
1928
1929 NTSTATUS
1930 NTAPI
1931 RtlQueryProcessDebugInformation(
1932 /*IN*/ ULONG ProcessId,
1933 /*IN*/ ULONG DebugInfoClassMask,
1934 /*IN OUT*/ PDEBUG_BUFFER DebugBuffer);
1935
1936 NTSTATUS
1937 NTAPI
1938 RtlDestroyQueryDebugBuffer(
1939 /*IN*/ PDEBUG_BUFFER DebugBuffer);
1940
1941 /* DEBUG_MODULE_INFORMATION.Flags constants */
1942 #define LDRP_STATIC_LINK 0x00000002
1943 #define LDRP_IMAGE_DLL 0x00000004
1944 #define LDRP_LOAD_IN_PROGRESS 0x00001000
1945 #define LDRP_UNLOAD_IN_PROGRESS 0x00002000
1946 #define LDRP_ENTRY_PROCESSED 0x00004000
1947 #define LDRP_ENTRY_INSERTED 0x00008000
1948 #define LDRP_CURRENT_LOAD 0x00010000
1949 #define LDRP_FAILED_BUILTIN_LOAD 0x00020000
1950 #define LDRP_DONT_CALL_FOR_THREADS 0x00040000
1951 #define LDRP_PROCESS_ATTACH_CALLED 0x00080000
1952 #define LDRP_DEBUG_SYMBOLS_LOADED 0x00100000
1953 #define LDRP_IMAGE_NOT_AT_BASE 0x00200000
1954 #define LDRP_WX86_IGNORE_MACHINETYPE 0x00400000
1955
1956 typedef struct _DEBUG_MODULE_INFORMATION {
1957 ULONG Reserved[2];
1958 ULONG Base;
1959 ULONG Size;
1960 ULONG Flags;
1961 USHORT Index;
1962 USHORT Unknown;
1963 USHORT LoadCount;
1964 USHORT ModuleNameOffset;
1965 CHAR ImageName[256];
1966 } DEBUG_MODULE_INFORMATION, *PDEBUG_MODULE_INFORMATION;
1967
1968 typedef struct _DEBUG_HEAP_INFORMATION {
1969 ULONG Base;
1970 ULONG Flags;
1971 USHORT Granularity;
1972 USHORT Unknown;
1973 ULONG Allocated;
1974 ULONG Committed;
1975 ULONG TagCount;
1976 ULONG BlockCount;
1977 ULONG Reserved[7];
1978 PVOID Tags;
1979 PVOID Blocks;
1980 } DEBUG_HEAP_INFORMATION, *PDEBUG_HEAP_INFORMATION;
1981
1982 typedef struct _DEBUG_LOCK_INFORMATION {
1983 PVOID Address;
1984 USHORT Type;
1985 USHORT CreatorBackTraceIndex;
1986 ULONG OwnerThreadId;
1987 ULONG ActiveCount;
1988 ULONG ContentionCount;
1989 ULONG EntryCount;
1990 ULONG RecursionCount;
1991 ULONG NumberOfSharedWaiters;
1992 ULONG NumberOfExclusiveWaiters;
1993 } DEBUG_LOCK_INFORMATION, *PDEBUG_LOCK_INFORMATION;
1994
1995
1996
1997 /* Jobs */
1998
1999 NTOSAPI
2000 NTSTATUS
2001 NTAPI
2002 NtCreateJobObject(
2003 /*OUT*/ PHANDLE JobHandle,
2004 /*IN*/ ACCESS_MASK DesiredAccess,
2005 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2006
2007 NTOSAPI
2008 NTSTATUS
2009 NTAPI
2010 ZwCreateJobObject(
2011 /*OUT*/ PHANDLE JobHandle,
2012 /*IN*/ ACCESS_MASK DesiredAccess,
2013 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2014
2015 NTOSAPI
2016 NTSTATUS
2017 NTAPI
2018 NtOpenJobObject(
2019 /*OUT*/ PHANDLE JobHandle,
2020 /*IN*/ ACCESS_MASK DesiredAccess,
2021 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2022
2023 NTOSAPI
2024 NTSTATUS
2025 NTAPI
2026 ZwOpenJobObject(
2027 /*OUT*/ PHANDLE JobHandle,
2028 /*IN*/ ACCESS_MASK DesiredAccess,
2029 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2030
2031 NTOSAPI
2032 NTSTATUS
2033 NTAPI
2034 NtTerminateJobObject(
2035 /*IN*/ HANDLE JobHandle,
2036 /*IN*/ NTSTATUS ExitStatus);
2037
2038 NTOSAPI
2039 NTSTATUS
2040 NTAPI
2041 ZwTerminateJobObject(
2042 /*IN*/ HANDLE JobHandle,
2043 /*IN*/ NTSTATUS ExitStatus);
2044
2045 NTOSAPI
2046 NTSTATUS
2047 NTAPI
2048 NtAssignProcessToJobObject(
2049 /*IN*/ HANDLE JobHandle,
2050 /*IN*/ HANDLE ProcessHandle);
2051
2052 NTOSAPI
2053 NTSTATUS
2054 NTAPI
2055 ZwAssignProcessToJobObject(
2056 /*IN*/ HANDLE JobHandle,
2057 /*IN*/ HANDLE ProcessHandle);
2058
2059 NTOSAPI
2060 NTSTATUS
2061 NTAPI
2062 NtQueryInformationJobObject(
2063 /*IN*/ HANDLE JobHandle,
2064 /*IN*/ JOBOBJECTINFOCLASS JobInformationClass,
2065 /*OUT*/ PVOID JobInformation,
2066 /*IN*/ ULONG JobInformationLength,
2067 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2068
2069 NTOSAPI
2070 NTSTATUS
2071 NTAPI
2072 ZwQueryInformationJobObject(
2073 /*IN*/ HANDLE JobHandle,
2074 /*IN*/ JOBOBJECTINFOCLASS JobInformationClass,
2075 /*OUT*/ PVOID JobInformation,
2076 /*IN*/ ULONG JobInformationLength,
2077 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2078
2079 NTOSAPI
2080 NTSTATUS
2081 NTAPI
2082 NtSetInformationJobObject(
2083 /*IN*/ HANDLE JobHandle,
2084 /*IN*/ JOBOBJECTINFOCLASS JobInformationClass,
2085 /*IN*/ PVOID JobInformation,
2086 /*IN*/ ULONG JobInformationLength);
2087
2088 NTOSAPI
2089 NTSTATUS
2090 NTAPI
2091 ZwSetInformationJobObject(
2092 /*IN*/ HANDLE JobHandle,
2093 /*IN*/ JOBOBJECTINFOCLASS JobInformationClass,
2094 /*IN*/ PVOID JobInformation,
2095 /*IN*/ ULONG JobInformationLength);
2096
2097
2098 /* Tokens */
2099
2100 NTOSAPI
2101 NTSTATUS
2102 NTAPI
2103 NtCreateToken(
2104 /*OUT*/ PHANDLE TokenHandle,
2105 /*IN*/ ACCESS_MASK DesiredAccess,
2106 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2107 /*IN*/ TOKEN_TYPE Type,
2108 /*IN*/ PLUID AuthenticationId,
2109 /*IN*/ PLARGE_INTEGER ExpirationTime,
2110 /*IN*/ PTOKEN_USER User,
2111 /*IN*/ PTOKEN_GROUPS Groups,
2112 /*IN*/ PTOKEN_PRIVILEGES Privileges,
2113 /*IN*/ PTOKEN_OWNER Owner,
2114 /*IN*/ PTOKEN_PRIMARY_GROUP PrimaryGroup,
2115 /*IN*/ PTOKEN_DEFAULT_DACL DefaultDacl,
2116 /*IN*/ PTOKEN_SOURCE Source
2117 );
2118
2119 NTOSAPI
2120 NTSTATUS
2121 NTAPI
2122 ZwCreateToken(
2123 /*OUT*/ PHANDLE TokenHandle,
2124 /*IN*/ ACCESS_MASK DesiredAccess,
2125 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2126 /*IN*/ TOKEN_TYPE Type,
2127 /*IN*/ PLUID AuthenticationId,
2128 /*IN*/ PLARGE_INTEGER ExpirationTime,
2129 /*IN*/ PTOKEN_USER User,
2130 /*IN*/ PTOKEN_GROUPS Groups,
2131 /*IN*/ PTOKEN_PRIVILEGES Privileges,
2132 /*IN*/ PTOKEN_OWNER Owner,
2133 /*IN*/ PTOKEN_PRIMARY_GROUP PrimaryGroup,
2134 /*IN*/ PTOKEN_DEFAULT_DACL DefaultDacl,
2135 /*IN*/ PTOKEN_SOURCE Source
2136 );
2137
2138 NTOSAPI
2139 NTSTATUS
2140 NTAPI
2141 NtOpenProcessToken(
2142 /*IN*/ HANDLE ProcessHandle,
2143 /*IN*/ ACCESS_MASK DesiredAccess,
2144 /*OUT*/ PHANDLE TokenHandle);
2145
2146 NTOSAPI
2147 NTSTATUS
2148 NTAPI
2149 ZwOpenProcessToken(
2150 /*IN*/ HANDLE ProcessHandle,
2151 /*IN*/ ACCESS_MASK DesiredAccess,
2152 /*OUT*/ PHANDLE TokenHandle);
2153
2154 NTOSAPI
2155 NTSTATUS
2156 NTAPI
2157 NtOpenThreadToken(
2158 /*IN*/ HANDLE ThreadHandle,
2159 /*IN*/ ACCESS_MASK DesiredAccess,
2160 /*IN*/ BOOLEAN OpenAsSelf,
2161 /*OUT*/ PHANDLE TokenHandle);
2162
2163 NTOSAPI
2164 NTSTATUS
2165 NTAPI
2166 ZwOpenThreadToken(
2167 /*IN*/ HANDLE ThreadHandle,
2168 /*IN*/ ACCESS_MASK DesiredAccess,
2169 /*IN*/ BOOLEAN OpenAsSelf,
2170 /*OUT*/ PHANDLE TokenHandle);
2171
2172 NTOSAPI
2173 NTSTATUS
2174 NTAPI
2175 NtDuplicateToken(
2176 /*IN*/ HANDLE ExistingTokenHandle,
2177 /*IN*/ ACCESS_MASK DesiredAccess,
2178 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2179 /*IN*/ BOOLEAN EffectiveOnly,
2180 /*IN*/ TOKEN_TYPE TokenType,
2181 /*OUT*/ PHANDLE NewTokenHandle);
2182
2183 NTOSAPI
2184 NTSTATUS
2185 NTAPI
2186 ZwDuplicateToken(
2187 /*IN*/ HANDLE ExistingTokenHandle,
2188 /*IN*/ ACCESS_MASK DesiredAccess,
2189 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2190 /*IN*/ BOOLEAN EffectiveOnly,
2191 /*IN*/ TOKEN_TYPE TokenType,
2192 /*OUT*/ PHANDLE NewTokenHandle);
2193
2194 NTOSAPI
2195 NTSTATUS
2196 NTAPI
2197 NtFilterToken(
2198 /*IN*/ HANDLE ExistingTokenHandle,
2199 /*IN*/ ULONG Flags,
2200 /*IN*/ PTOKEN_GROUPS SidsToDisable,
2201 /*IN*/ PTOKEN_PRIVILEGES PrivilegesToDelete,
2202 /*IN*/ PTOKEN_GROUPS SidsToRestricted,
2203 /*OUT*/ PHANDLE NewTokenHandle);
2204
2205 NTOSAPI
2206 NTSTATUS
2207 NTAPI
2208 ZwFilterToken(
2209 /*IN*/ HANDLE ExistingTokenHandle,
2210 /*IN*/ ULONG Flags,
2211 /*IN*/ PTOKEN_GROUPS SidsToDisable,
2212 /*IN*/ PTOKEN_PRIVILEGES PrivilegesToDelete,
2213 /*IN*/ PTOKEN_GROUPS SidsToRestricted,
2214 /*OUT*/ PHANDLE NewTokenHandle);
2215
2216 NTOSAPI
2217 NTSTATUS
2218 NTAPI
2219 NtAdjustPrivilegesToken(
2220 /*IN*/ HANDLE TokenHandle,
2221 /*IN*/ BOOLEAN DisableAllPrivileges,
2222 /*IN*/ PTOKEN_PRIVILEGES NewState,
2223 /*IN*/ ULONG BufferLength,
2224 /*OUT*/ PTOKEN_PRIVILEGES PreviousState /*OPTIONAL*/,
2225 /*OUT*/ PULONG ReturnLength);
2226
2227 NTOSAPI
2228 NTSTATUS
2229 NTAPI
2230 ZwAdjustPrivilegesToken(
2231 /*IN*/ HANDLE TokenHandle,
2232 /*IN*/ BOOLEAN DisableAllPrivileges,
2233 /*IN*/ PTOKEN_PRIVILEGES NewState,
2234 /*IN*/ ULONG BufferLength,
2235 /*OUT*/ PTOKEN_PRIVILEGES PreviousState /*OPTIONAL*/,
2236 /*OUT*/ PULONG ReturnLength);
2237
2238 NTOSAPI
2239 NTSTATUS
2240 NTAPI
2241 NtAdjustGroupsToken(
2242 /*IN*/ HANDLE TokenHandle,
2243 /*IN*/ BOOLEAN ResetToDefault,
2244 /*IN*/ PTOKEN_GROUPS NewState,
2245 /*IN*/ ULONG BufferLength,
2246 /*OUT*/ PTOKEN_GROUPS PreviousState /*OPTIONAL*/,
2247 /*OUT*/ PULONG ReturnLength);
2248
2249 NTOSAPI
2250 NTSTATUS
2251 NTAPI
2252 ZwAdjustGroupsToken(
2253 /*IN*/ HANDLE TokenHandle,
2254 /*IN*/ BOOLEAN ResetToDefault,
2255 /*IN*/ PTOKEN_GROUPS NewState,
2256 /*IN*/ ULONG BufferLength,
2257 /*OUT*/ PTOKEN_GROUPS PreviousState /*OPTIONAL*/,
2258 /*OUT*/ PULONG ReturnLength);
2259
2260 NTOSAPI
2261 NTSTATUS
2262 NTAPI
2263 NtQueryInformationToken(
2264 /*IN*/ HANDLE TokenHandle,
2265 /*IN*/ TOKEN_INFORMATION_CLASS TokenInformationClass,
2266 /*OUT*/ PVOID TokenInformation,
2267 /*IN*/ ULONG TokenInformationLength,
2268 /*OUT*/ PULONG ReturnLength);
2269
2270 NTOSAPI
2271 NTSTATUS
2272 NTAPI
2273 ZwQueryInformationToken(
2274 /*IN*/ HANDLE TokenHandle,
2275 /*IN*/ TOKEN_INFORMATION_CLASS TokenInformationClass,
2276 /*OUT*/ PVOID TokenInformation,
2277 /*IN*/ ULONG TokenInformationLength,
2278 /*OUT*/ PULONG ReturnLength);
2279
2280 NTOSAPI
2281 NTSTATUS
2282 NTAPI
2283 NtSetInformationToken(
2284 /*IN*/ HANDLE TokenHandle,
2285 /*IN*/ TOKEN_INFORMATION_CLASS TokenInformationClass,
2286 /*IN*/ PVOID TokenInformation,
2287 /*IN*/ ULONG TokenInformationLength);
2288
2289 NTOSAPI
2290 NTSTATUS
2291 NTAPI
2292 ZwSetInformationToken(
2293 /*IN*/ HANDLE TokenHandle,
2294 /*IN*/ TOKEN_INFORMATION_CLASS TokenInformationClass,
2295 /*IN*/ PVOID TokenInformation,
2296 /*IN*/ ULONG TokenInformationLength);
2297
2298
2299
2300
2301 /* Time */
2302
2303 NTOSAPI
2304 NTSTATUS
2305 NTAPI
2306 NtQuerySystemTime(
2307 /*OUT*/ PLARGE_INTEGER CurrentTime);
2308
2309 NTOSAPI
2310 NTSTATUS
2311 NTAPI
2312 ZwQuerySystemTime(
2313 /*OUT*/ PLARGE_INTEGER CurrentTime);
2314
2315 NTOSAPI
2316 NTSTATUS
2317 NTAPI
2318 NtSetSystemTime(
2319 /*IN*/ PLARGE_INTEGER NewTime,
2320 /*OUT*/ PLARGE_INTEGER OldTime /*OPTIONAL*/);
2321
2322 NTOSAPI
2323 NTSTATUS
2324 NTAPI
2325 ZwSetSystemTime(
2326 /*IN*/ PLARGE_INTEGER NewTime,
2327 /*OUT*/ PLARGE_INTEGER OldTime /*OPTIONAL*/);
2328
2329 NTOSAPI
2330 NTSTATUS
2331 NTAPI
2332 NtQueryPerformanceCounter(
2333 /*OUT*/ PLARGE_INTEGER PerformanceCount,
2334 /*OUT*/ PLARGE_INTEGER PerformanceFrequency /*OPTIONAL*/);
2335
2336 NTOSAPI
2337 NTSTATUS
2338 NTAPI
2339 ZwQueryPerformanceCounter(
2340 /*OUT*/ PLARGE_INTEGER PerformanceCount,
2341 /*OUT*/ PLARGE_INTEGER PerformanceFrequency /*OPTIONAL*/);
2342
2343 NTOSAPI
2344 NTSTATUS
2345 NTAPI
2346 NtQueryTimerResolution(
2347 /*OUT*/ PULONG CoarsestResolution,
2348 /*OUT*/ PULONG FinestResolution,
2349 /*OUT*/ PULONG ActualResolution);
2350
2351 NTOSAPI
2352 NTSTATUS
2353 NTAPI
2354 ZwQueryTimerResolution(
2355 /*OUT*/ PULONG CoarsestResolution,
2356 /*OUT*/ PULONG FinestResolution,
2357 /*OUT*/ PULONG ActualResolution);
2358
2359 NTOSAPI
2360 NTSTATUS
2361 NTAPI
2362 NtDelayExecution(
2363 /*IN*/ BOOLEAN Alertable,
2364 /*IN*/ PLARGE_INTEGER Interval);
2365
2366 NTOSAPI
2367 NTSTATUS
2368 NTAPI
2369 ZwDelayExecution(
2370 /*IN*/ BOOLEAN Alertable,
2371 /*IN*/ PLARGE_INTEGER Interval);
2372
2373 NTOSAPI
2374 NTSTATUS
2375 NTAPI
2376 NtYieldExecution(
2377 VOID);
2378
2379 NTOSAPI
2380 NTSTATUS
2381 NTAPI
2382 ZwYieldExecution(
2383 VOID);
2384
2385 NTOSAPI
2386 ULONG
2387 NTAPI
2388 NtGetTickCount(
2389 VOID);
2390
2391 NTOSAPI
2392 ULONG
2393 NTAPI
2394 ZwGetTickCount(
2395 VOID);
2396
2397
2398
2399
2400 /* Execution profiling */
2401
2402 NTOSAPI
2403 NTSTATUS
2404 NTAPI
2405 NtCreateProfile(
2406 /*OUT*/ PHANDLE ProfileHandle,
2407 /*IN*/ HANDLE ProcessHandle,
2408 /*IN*/ PVOID Base,
2409 /*IN*/ ULONG Size,
2410 /*IN*/ ULONG BucketShift,
2411 /*IN*/ PULONG Buffer,
2412 /*IN*/ ULONG BufferLength,
2413 /*IN*/ KPROFILE_SOURCE Source,
2414 /*IN*/ ULONG ProcessorMask);
2415
2416 NTOSAPI
2417 NTSTATUS
2418 NTAPI
2419 ZwCreateProfile(
2420 /*OUT*/ PHANDLE ProfileHandle,
2421 /*IN*/ HANDLE ProcessHandle,
2422 /*IN*/ PVOID Base,
2423 /*IN*/ ULONG Size,
2424 /*IN*/ ULONG BucketShift,
2425 /*IN*/ PULONG Buffer,
2426 /*IN*/ ULONG BufferLength,
2427 /*IN*/ KPROFILE_SOURCE Source,
2428 /*IN*/ ULONG ProcessorMask);
2429
2430 NTOSAPI
2431 NTSTATUS
2432 NTAPI
2433 NtSetIntervalProfile(
2434 /*IN*/ ULONG Interval,
2435 /*IN*/ KPROFILE_SOURCE Source);
2436
2437 NTOSAPI
2438 NTSTATUS
2439 NTAPI
2440 ZwSetIntervalProfile(
2441 /*IN*/ ULONG Interval,
2442 /*IN*/ KPROFILE_SOURCE Source);
2443
2444 NTOSAPI
2445 NTSTATUS
2446 NTAPI
2447 NtQueryIntervalProfile(
2448 /*IN*/ KPROFILE_SOURCE Source,
2449 /*OUT*/ PULONG Interval);
2450
2451 NTOSAPI
2452 NTSTATUS
2453 NTAPI
2454 ZwQueryIntervalProfile(
2455 /*IN*/ KPROFILE_SOURCE Source,
2456 /*OUT*/ PULONG Interval);
2457
2458 NTOSAPI
2459 NTSTATUS
2460 NTAPI
2461 NtStartProfile(
2462 /*IN*/ HANDLE ProfileHandle);
2463
2464 NTOSAPI
2465 NTSTATUS
2466 NTAPI
2467 ZwStartProfile(
2468 /*IN*/ HANDLE ProfileHandle);
2469
2470 NTOSAPI
2471 NTSTATUS
2472 NTAPI
2473 NtStopProfile(
2474 /*IN*/ HANDLE ProfileHandle);
2475
2476 NTOSAPI
2477 NTSTATUS
2478 NTAPI
2479 ZwStopProfile(
2480 /*IN*/ HANDLE ProfileHandle);
2481
2482 /* Local Procedure Call (LPC) */
2483
2484 typedef struct _LPC_MESSAGE {
2485 USHORT DataSize;
2486 USHORT MessageSize;
2487 USHORT MessageType;
2488 USHORT VirtualRangesOffset;
2489 CLIENT_ID ClientId;
2490 ULONG MessageId;
2491 ULONG SectionSize;
2492 UCHAR Data[ANYSIZE_ARRAY];
2493 } LPC_MESSAGE, *PLPC_MESSAGE;
2494
2495 #define LPC_MESSAGE_BASE_SIZE 24
2496
2497 typedef enum _LPC_TYPE {
2498 LPC_NEW_MESSAGE,
2499 LPC_REQUEST,
2500 LPC_REPLY,
2501 LPC_DATAGRAM,
2502 LPC_LOST_REPLY,
2503 LPC_PORT_CLOSED,
2504 LPC_CLIENT_DIED,
2505 LPC_EXCEPTION,
2506 LPC_DEBUG_EVENT,
2507 LPC_ERROR_EVENT,
2508 LPC_CONNECTION_REQUEST,
2509 LPC_CONNECTION_REFUSED,
2510 LPC_MAXIMUM
2511 } LPC_TYPE;
2512
2513 typedef struct _LPC_SECTION_WRITE {
2514 ULONG Length;
2515 HANDLE SectionHandle;
2516 ULONG SectionOffset;
2517 ULONG ViewSize;
2518 PVOID ViewBase;
2519 PVOID TargetViewBase;
2520 } LPC_SECTION_WRITE, *PLPC_SECTION_WRITE;
2521
2522 typedef struct _LPC_SECTION_READ {
2523 ULONG Length;
2524 ULONG ViewSize;
2525 PVOID ViewBase;
2526 } LPC_SECTION_READ, *PLPC_SECTION_READ;
2527
2528 NTOSAPI
2529 NTSTATUS
2530 NTAPI
2531 NtCreatePort(
2532 /*OUT*/ PHANDLE PortHandle,
2533 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2534 /*IN*/ ULONG MaxDataSize,
2535 /*IN*/ ULONG MaxMessageSize,
2536 /*IN*/ ULONG Reserved);
2537
2538 NTOSAPI
2539 NTSTATUS
2540 NTAPI
2541 ZwCreatePort(
2542 /*OUT*/ PHANDLE PortHandle,
2543 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2544 /*IN*/ ULONG MaxDataSize,
2545 /*IN*/ ULONG MaxMessageSize,
2546 /*IN*/ ULONG Reserved);
2547
2548 NTOSAPI
2549 NTSTATUS
2550 NTAPI
2551 NtCreateWaitablePort(
2552 /*OUT*/ PHANDLE PortHandle,
2553 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2554 /*IN*/ ULONG MaxDataSize,
2555 /*IN*/ ULONG MaxMessageSize,
2556 /*IN*/ ULONG Reserved);
2557
2558 NTOSAPI
2559 NTSTATUS
2560 NTAPI
2561 ZwCreateWaitablePort(
2562 /*OUT*/ PHANDLE PortHandle,
2563 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
2564 /*IN*/ ULONG MaxDataSize,
2565 /*IN*/ ULONG MaxMessageSize,
2566 /*IN*/ ULONG Reserved);
2567
2568 NTOSAPI
2569 NTSTATUS
2570 NTAPI
2571 NtConnectPort(
2572 /*OUT*/ PHANDLE PortHandle,
2573 /*IN*/ PUNICODE_STRING PortName,
2574 /*IN*/ PSECURITY_QUALITY_OF_SERVICE SecurityQos,
2575 /*IN OUT*/ PLPC_SECTION_WRITE WriteSection /*OPTIONAL*/,
2576 /*IN OUT*/ PLPC_SECTION_READ ReadSection /*OPTIONAL*/,
2577 /*OUT*/ PULONG MaxMessageSize /*OPTIONAL*/,
2578 /*IN OUT*/ PVOID ConnectData /*OPTIONAL*/,
2579 /*IN OUT*/ PULONG ConnectDataLength /*OPTIONAL*/);
2580
2581 NTOSAPI
2582 NTSTATUS
2583 NTAPI
2584 ZwConnectPort(
2585 /*OUT*/ PHANDLE PortHandle,
2586 /*IN*/ PUNICODE_STRING PortName,
2587 /*IN*/ PSECURITY_QUALITY_OF_SERVICE SecurityQos,
2588 /*IN OUT*/ PLPC_SECTION_WRITE WriteSection /*OPTIONAL*/,
2589 /*IN OUT*/ PLPC_SECTION_READ ReadSection /*OPTIONAL*/,
2590 /*OUT*/ PULONG MaxMessageSize /*OPTIONAL*/,
2591 /*IN OUT*/ PVOID ConnectData /*OPTIONAL*/,
2592 /*IN OUT*/ PULONG ConnectDataLength /*OPTIONAL*/);
2593
2594 NTOSAPI
2595 NTSTATUS
2596 NTAPI
2597 NtListenPort(
2598 /*IN*/ HANDLE PortHandle,
2599 /*OUT*/ PLPC_MESSAGE Message);
2600
2601 NTOSAPI
2602 NTSTATUS
2603 NTAPI
2604 ZwListenPort(
2605 /*IN*/ HANDLE PortHandle,
2606 /*OUT*/ PLPC_MESSAGE Message);
2607
2608 NTOSAPI
2609 NTSTATUS
2610 NTAPI
2611 NtAcceptConnectPort(
2612 /*OUT*/ PHANDLE PortHandle,
2613 /*IN*/ ULONG PortIdentifier,
2614 /*IN*/ PLPC_MESSAGE Message,
2615 /*IN*/ BOOLEAN Accept,
2616 /*IN OUT*/ PLPC_SECTION_WRITE WriteSection /*OPTIONAL*/,
2617 /*IN OUT*/ PLPC_SECTION_READ ReadSection /*OPTIONAL*/);
2618
2619 NTOSAPI
2620 NTSTATUS
2621 NTAPI
2622 ZwAcceptConnectPort(
2623 /*OUT*/ PHANDLE PortHandle,
2624 /*IN*/ ULONG PortIdentifier,
2625 /*IN*/ PLPC_MESSAGE Message,
2626 /*IN*/ BOOLEAN Accept,
2627 /*IN OUT*/ PLPC_SECTION_WRITE WriteSection /*OPTIONAL*/,
2628 /*IN OUT*/ PLPC_SECTION_READ ReadSection /*OPTIONAL*/);
2629
2630 NTOSAPI
2631 NTSTATUS
2632 NTAPI
2633 NtCompleteConnectPort(
2634 /*IN*/ HANDLE PortHandle);
2635
2636 NTOSAPI
2637 NTSTATUS
2638 NTAPI
2639 ZwCompleteConnectPort(
2640 /*IN*/ HANDLE PortHandle);
2641
2642 NTOSAPI
2643 NTSTATUS
2644 NTAPI
2645 NtRequestPort(
2646 /*IN*/ HANDLE PortHandle,
2647 /*IN*/ PLPC_MESSAGE RequestMessage);
2648
2649 NTOSAPI
2650 NTSTATUS
2651 NTAPI
2652 ZwRequestPort(
2653 /*IN*/ HANDLE PortHandle,
2654 /*IN*/ PLPC_MESSAGE RequestMessage);
2655
2656 NTOSAPI
2657 NTSTATUS
2658 NTAPI
2659 NtRequestWaitReplyPort(
2660 /*IN*/ HANDLE PortHandle,
2661 /*IN*/ PLPC_MESSAGE RequestMessage,
2662 /*OUT*/ PLPC_MESSAGE ReplyMessage);
2663
2664 NTOSAPI
2665 NTSTATUS
2666 NTAPI
2667 ZwRequestWaitReplyPort(
2668 /*IN*/ HANDLE PortHandle,
2669 /*IN*/ PLPC_MESSAGE RequestMessage,
2670 /*OUT*/ PLPC_MESSAGE ReplyMessage);
2671
2672 NTOSAPI
2673 NTSTATUS
2674 NTAPI
2675 NtReplyPort(
2676 /*IN*/ HANDLE PortHandle,
2677 /*IN*/ PLPC_MESSAGE ReplyMessage);
2678
2679 NTOSAPI
2680 NTSTATUS
2681 NTAPI
2682 ZwReplyPort(
2683 /*IN*/ HANDLE PortHandle,
2684 /*IN*/ PLPC_MESSAGE ReplyMessage);
2685
2686 NTOSAPI
2687 NTSTATUS
2688 NTAPI
2689 NtReplyWaitReplyPort(
2690 /*IN*/ HANDLE PortHandle,
2691 /*IN OUT*/ PLPC_MESSAGE ReplyMessage);
2692
2693 NTOSAPI
2694 NTSTATUS
2695 NTAPI
2696 ZwReplyWaitReplyPort(
2697 /*IN*/ HANDLE PortHandle,
2698 /*IN OUT*/ PLPC_MESSAGE ReplyMessage);
2699
2700 NTOSAPI
2701 NTSTATUS
2702 NTAPI
2703 NtReplyWaitReceivePort(
2704 /*IN*/ HANDLE PortHandle,
2705 /*OUT*/ PULONG PortIdentifier /*OPTIONAL*/,
2706 /*IN*/ PLPC_MESSAGE ReplyMessage /*OPTIONAL*/,
2707 /*OUT*/ PLPC_MESSAGE Message);
2708
2709 NTOSAPI
2710 NTSTATUS
2711 NTAPI
2712 ZwReplyWaitReceivePort(
2713 /*IN*/ HANDLE PortHandle,
2714 /*OUT*/ PULONG PortIdentifier /*OPTIONAL*/,
2715 /*IN*/ PLPC_MESSAGE ReplyMessage /*OPTIONAL*/,
2716 /*OUT*/ PLPC_MESSAGE Message);
2717
2718 NTOSAPI
2719 NTSTATUS
2720 NTAPI
2721 NtReplyWaitReceivePortEx(
2722 /*IN*/ HANDLE PortHandle,
2723 /*OUT*/ PULONG PortIdentifier /*OPTIONAL*/,
2724 /*IN*/ PLPC_MESSAGE ReplyMessage /*OPTIONAL*/,
2725 /*OUT*/ PLPC_MESSAGE Message,
2726 /*IN*/ PLARGE_INTEGER Timeout);
2727
2728 NTOSAPI
2729 NTSTATUS
2730 NTAPI
2731 ZwReplyWaitReceivePortEx(
2732 /*IN*/ HANDLE PortHandle,
2733 /*OUT*/ PULONG PortIdentifier /*OPTIONAL*/,
2734 /*IN*/ PLPC_MESSAGE ReplyMessage /*OPTIONAL*/,
2735 /*OUT*/ PLPC_MESSAGE Message,
2736 /*IN*/ PLARGE_INTEGER Timeout);
2737
2738 NTOSAPI
2739 NTSTATUS
2740 NTAPI
2741 NtReadRequestData(
2742 /*IN*/ HANDLE PortHandle,
2743 /*IN*/ PLPC_MESSAGE Message,
2744 /*IN*/ ULONG Index,
2745 /*OUT*/ PVOID Buffer,
2746 /*IN*/ ULONG BufferLength,
2747 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2748
2749 NTOSAPI
2750 NTSTATUS
2751 NTAPI
2752 ZwReadRequestData(
2753 /*IN*/ HANDLE PortHandle,
2754 /*IN*/ PLPC_MESSAGE Message,
2755 /*IN*/ ULONG Index,
2756 /*OUT*/ PVOID Buffer,
2757 /*IN*/ ULONG BufferLength,
2758 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2759
2760 NTOSAPI
2761 NTSTATUS
2762 NTAPI
2763 NtWriteRequestData(
2764 /*IN*/ HANDLE PortHandle,
2765 /*IN*/ PLPC_MESSAGE Message,
2766 /*IN*/ ULONG Index,
2767 /*IN*/ PVOID Buffer,
2768 /*IN*/ ULONG BufferLength,
2769 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2770
2771 NTOSAPI
2772 NTSTATUS
2773 NTAPI
2774 ZwWriteRequestData(
2775 /*IN*/ HANDLE PortHandle,
2776 /*IN*/ PLPC_MESSAGE Message,
2777 /*IN*/ ULONG Index,
2778 /*IN*/ PVOID Buffer,
2779 /*IN*/ ULONG BufferLength,
2780 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2781
2782 typedef enum _PORT_INFORMATION_CLASS {
2783 PortBasicInformation
2784 } PORT_INFORMATION_CLASS;
2785
2786 NTOSAPI
2787 NTSTATUS
2788 NTAPI
2789 NtQueryInformationPort(
2790 /*IN*/ HANDLE PortHandle,
2791 /*IN*/ PORT_INFORMATION_CLASS PortInformationClass,
2792 /*OUT*/ PVOID PortInformation,
2793 /*IN*/ ULONG PortInformationLength,
2794 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2795
2796 NTOSAPI
2797 NTSTATUS
2798 NTAPI
2799 ZwQueryInformationPort(
2800 /*IN*/ HANDLE PortHandle,
2801 /*IN*/ PORT_INFORMATION_CLASS PortInformationClass,
2802 /*OUT*/ PVOID PortInformation,
2803 /*IN*/ ULONG PortInformationLength,
2804 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
2805
2806 NTOSAPI
2807 NTSTATUS
2808 NTAPI
2809 NtImpersonateClientOfPort(
2810 /*IN*/ HANDLE PortHandle,
2811 /*IN*/ PLPC_MESSAGE Message);
2812
2813 NTOSAPI
2814 NTSTATUS
2815 NTAPI
2816 ZwImpersonateClientOfPort(
2817 /*IN*/ HANDLE PortHandle,
2818 /*IN*/ PLPC_MESSAGE Message);
2819
2820
2821
2822
2823 /* Files */
2824
2825 NTOSAPI
2826 NTSTATUS
2827 NTAPI
2828 NtDeleteFile(
2829 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2830
2831 NTOSAPI
2832 NTSTATUS
2833 NTAPI
2834 ZwDeleteFile(
2835 /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes);
2836
2837 NTOSAPI
2838 NTSTATUS
2839 NTAPI
2840 NtFlushBuffersFile(
2841 /*IN*/ HANDLE FileHandle,
2842 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
2843
2844 NTOSAPI
2845 NTSTATUS
2846 NTAPI
2847 ZwFlushBuffersFile(
2848 /*IN*/ HANDLE FileHandle,
2849 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
2850
2851 NTOSAPI
2852 NTSTATUS
2853 NTAPI
2854 NtCancelIoFile(
2855 /*IN*/ HANDLE FileHandle,
2856 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
2857
2858 NTOSAPI
2859 NTSTATUS
2860 NTAPI
2861 ZwCancelIoFile(
2862 /*IN*/ HANDLE FileHandle,
2863 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock);
2864
2865 NTOSAPI
2866 NTSTATUS
2867 NTAPI
2868 NtReadFileScatter(
2869 /*IN*/ HANDLE FileHandle,
2870 /*IN*/ HANDLE Event /*OPTIONAL*/,
2871 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
2872 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
2873 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
2874 /*IN*/ PFILE_SEGMENT_ELEMENT Buffer,
2875 /*IN*/ ULONG Length,
2876 /*IN*/ PLARGE_INTEGER ByteOffset /*OPTIONAL*/,
2877 /*IN*/ PULONG Key /*OPTIONAL*/);
2878
2879 NTOSAPI
2880 NTSTATUS
2881 NTAPI
2882 ZwReadFileScatter(
2883 /*IN*/ HANDLE FileHandle,
2884 /*IN*/ HANDLE Event /*OPTIONAL*/,
2885 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
2886 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
2887 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
2888 /*IN*/ PFILE_SEGMENT_ELEMENT Buffer,
2889 /*IN*/ ULONG Length,
2890 /*IN*/ PLARGE_INTEGER ByteOffset /*OPTIONAL*/,
2891 /*IN*/ PULONG Key /*OPTIONAL*/);
2892
2893 NTOSAPI
2894 NTSTATUS
2895 NTAPI
2896 NtWriteFileGather(
2897 /*IN*/ HANDLE FileHandle,
2898 /*IN*/ HANDLE Event /*OPTIONAL*/,
2899 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
2900 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
2901 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
2902 /*IN*/ PFILE_SEGMENT_ELEMENT Buffer,
2903 /*IN*/ ULONG Length,
2904 /*IN*/ PLARGE_INTEGER ByteOffset /*OPTIONAL*/,
2905 /*IN*/ PULONG Key /*OPTIONAL*/);
2906
2907 NTOSAPI
2908 NTSTATUS
2909 NTAPI
2910 ZwWriteFileGather(
2911 /*IN*/ HANDLE FileHandle,
2912 /*IN*/ HANDLE Event /*OPTIONAL*/,
2913 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
2914 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
2915 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
2916 /*IN*/ PFILE_SEGMENT_ELEMENT Buffer,
2917 /*IN*/ ULONG Length,
2918 /*IN*/ PLARGE_INTEGER ByteOffset /*OPTIONAL*/,
2919 /*IN*/ PULONG Key /*OPTIONAL*/);
2920
2921
2922
2923
2924 /* Registry keys */
2925
2926 NTOSAPI
2927 NTSTATUS
2928 NTAPI
2929 NtSaveKey(
2930 /*IN*/ HANDLE KeyHandle,
2931 /*IN*/ HANDLE FileHandle);
2932
2933 NTOSAPI
2934 NTSTATUS
2935 NTAPI
2936 ZwSaveKey(
2937 /*IN*/ HANDLE KeyHandle,
2938 /*IN*/ HANDLE FileHandle);
2939
2940 NTOSAPI
2941 NTSTATUS
2942 NTAPI
2943 NtSaveMergedKeys(
2944 /*IN*/ HANDLE KeyHandle1,
2945 /*IN*/ HANDLE KeyHandle2,
2946 /*IN*/ HANDLE FileHandle);
2947
2948 NTOSAPI
2949 NTSTATUS
2950 NTAPI
2951 ZwSaveMergedKeys(
2952 /*IN*/ HANDLE KeyHandle1,
2953 /*IN*/ HANDLE KeyHandle2,
2954 /*IN*/ HANDLE FileHandle);
2955
2956 NTOSAPI
2957 NTSTATUS
2958 NTAPI
2959 NtRestoreKey(
2960 /*IN*/ HANDLE KeyHandle,
2961 /*IN*/ HANDLE FileHandle,
2962 /*IN*/ ULONG Flags);
2963
2964 NTOSAPI
2965 NTSTATUS
2966 NTAPI
2967 ZwRestoreKey(
2968 /*IN*/ HANDLE KeyHandle,
2969 /*IN*/ HANDLE FileHandle,
2970 /*IN*/ ULONG Flags);
2971
2972 NTOSAPI
2973 NTSTATUS
2974 NTAPI
2975 NtLoadKey(
2976 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
2977 /*IN*/ POBJECT_ATTRIBUTES FileObjectAttributes);
2978
2979 NTOSAPI
2980 NTSTATUS
2981 NTAPI
2982 ZwLoadKey(
2983 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
2984 /*IN*/ POBJECT_ATTRIBUTES FileObjectAttributes);
2985
2986 NTOSAPI
2987 NTSTATUS
2988 NTAPI
2989 NtLoadKey2(
2990 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
2991 /*IN*/ POBJECT_ATTRIBUTES FileObjectAttributes,
2992 /*IN*/ ULONG Flags);
2993
2994 NTOSAPI
2995 NTSTATUS
2996 NTAPI
2997 ZwLoadKey2(
2998 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
2999 /*IN*/ POBJECT_ATTRIBUTES FileObjectAttributes,
3000 /*IN*/ ULONG Flags);
3001
3002 NTOSAPI
3003 NTSTATUS
3004 NTAPI
3005 NtUnloadKey(
3006 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes);
3007
3008 NTOSAPI
3009 NTSTATUS
3010 NTAPI
3011 ZwUnloadKey(
3012 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes);
3013
3014 NTOSAPI
3015 NTSTATUS
3016 NTAPI
3017 NtQueryOpenSubKeys(
3018 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
3019 /*OUT*/ PULONG NumberOfKeys);
3020
3021 NTOSAPI
3022 NTSTATUS
3023 NTAPI
3024 ZwQueryOpenSubKeys(
3025 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
3026 /*OUT*/ PULONG NumberOfKeys);
3027
3028 NTOSAPI
3029 NTSTATUS
3030 NTAPI
3031 NtReplaceKey(
3032 /*IN*/ POBJECT_ATTRIBUTES NewFileObjectAttributes,
3033 /*IN*/ HANDLE KeyHandle,
3034 /*IN*/ POBJECT_ATTRIBUTES OldFileObjectAttributes);
3035
3036 NTOSAPI
3037 NTSTATUS
3038 NTAPI
3039 ZwReplaceKey(
3040 /*IN*/ POBJECT_ATTRIBUTES NewFileObjectAttributes,
3041 /*IN*/ HANDLE KeyHandle,
3042 /*IN*/ POBJECT_ATTRIBUTES OldFileObjectAttributes);
3043
3044 typedef enum _KEY_SET_INFORMATION_CLASS {
3045 KeyLastWriteTimeInformation
3046 } KEY_SET_INFORMATION_CLASS;
3047
3048 NTOSAPI
3049 NTSTATUS
3050 NTAPI
3051 NtSetInformationKey(
3052 /*IN*/ HANDLE KeyHandle,
3053 /*IN*/ KEY_SET_INFORMATION_CLASS KeyInformationClass,
3054 /*IN*/ PVOID KeyInformation,
3055 /*IN*/ ULONG KeyInformationLength);
3056
3057 NTOSAPI
3058 NTSTATUS
3059 NTAPI
3060 ZwSetInformationKey(
3061 /*IN*/ HANDLE KeyHandle,
3062 /*IN*/ KEY_SET_INFORMATION_CLASS KeyInformationClass,
3063 /*IN*/ PVOID KeyInformation,
3064 /*IN*/ ULONG KeyInformationLength);
3065
3066 typedef struct _KEY_LAST_WRITE_TIME_INFORMATION {
3067 LARGE_INTEGER LastWriteTime;
3068 } KEY_LAST_WRITE_TIME_INFORMATION, *PKEY_LAST_WRITE_TIME_INFORMATION;
3069
3070 typedef struct _KEY_NAME_INFORMATION {
3071 ULONG NameLength;
3072 WCHAR Name[1];
3073 } KEY_NAME_INFORMATION, *PKEY_NAME_INFORMATION;
3074
3075 NTOSAPI
3076 NTSTATUS
3077 NTAPI
3078 NtNotifyChangeKey(
3079 /*IN*/ HANDLE KeyHandle,
3080 /*IN*/ HANDLE EventHandle /*OPTIONAL*/,
3081 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
3082 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
3083 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
3084 /*IN*/ ULONG NotifyFilter,
3085 /*IN*/ BOOLEAN WatchSubtree,
3086 /*IN*/ PVOID Buffer,
3087 /*IN*/ ULONG BufferLength,
3088 /*IN*/ BOOLEAN Asynchronous);
3089
3090 NTOSAPI
3091 NTSTATUS
3092 NTAPI
3093 ZwNotifyChangeKey(
3094 /*IN*/ HANDLE KeyHandle,
3095 /*IN*/ HANDLE EventHandle /*OPTIONAL*/,
3096 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
3097 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
3098 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
3099 /*IN*/ ULONG NotifyFilter,
3100 /*IN*/ BOOLEAN WatchSubtree,
3101 /*IN*/ PVOID Buffer,
3102 /*IN*/ ULONG BufferLength,
3103 /*IN*/ BOOLEAN Asynchronous);
3104
3105 /* ZwNotifyChangeMultipleKeys.Flags constants */
3106 #define REG_MONITOR_SINGLE_KEY 0x00
3107 #define REG_MONITOR_SECOND_KEY 0x01
3108
3109 NTOSAPI
3110 NTSTATUS
3111 NTAPI
3112 NtNotifyChangeMultipleKeys(
3113 /*IN*/ HANDLE KeyHandle,
3114 /*IN*/ ULONG Flags,
3115 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
3116 /*IN*/ HANDLE EventHandle /*OPTIONAL*/,
3117 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
3118 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
3119 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
3120 /*IN*/ ULONG NotifyFilter,
3121 /*IN*/ BOOLEAN WatchSubtree,
3122 /*IN*/ PVOID Buffer,
3123 /*IN*/ ULONG BufferLength,
3124 /*IN*/ BOOLEAN Asynchronous);
3125
3126 NTOSAPI
3127 NTSTATUS
3128 NTAPI
3129 ZwNotifyChangeMultipleKeys(
3130 /*IN*/ HANDLE KeyHandle,
3131 /*IN*/ ULONG Flags,
3132 /*IN*/ POBJECT_ATTRIBUTES KeyObjectAttributes,
3133 /*IN*/ HANDLE EventHandle /*OPTIONAL*/,
3134 /*IN*/ PIO_APC_ROUTINE ApcRoutine /*OPTIONAL*/,
3135 /*IN*/ PVOID ApcContext /*OPTIONAL*/,
3136 /*OUT*/ PIO_STATUS_BLOCK IoStatusBlock,
3137 /*IN*/ ULONG NotifyFilter,
3138 /*IN*/ BOOLEAN WatchSubtree,
3139 /*IN*/ PVOID Buffer,
3140 /*IN*/ ULONG BufferLength,
3141 /*IN*/ BOOLEAN Asynchronous);
3142
3143 NTOSAPI
3144 NTSTATUS
3145 NTAPI
3146 NtQueryMultipleValueKey(
3147 /*IN*/ HANDLE KeyHandle,
3148 /*IN OUT*/ PKEY_VALUE_ENTRY ValueList,
3149 /*IN*/ ULONG NumberOfValues,
3150 /*OUT*/ PVOID Buffer,
3151 /*IN OUT*/ PULONG Length,
3152 /*OUT*/ PULONG ReturnLength);
3153
3154 NTOSAPI
3155 NTSTATUS
3156 NTAPI
3157 ZwQueryMultipleValueKey(
3158 /*IN*/ HANDLE KeyHandle,
3159 /*IN OUT*/ PKEY_VALUE_ENTRY ValueList,
3160 /*IN*/ ULONG NumberOfValues,
3161 /*OUT*/ PVOID Buffer,
3162 /*IN OUT*/ PULONG Length,
3163 /*OUT*/ PULONG ReturnLength);
3164
3165 NTOSAPI
3166 NTSTATUS
3167 NTAPI
3168 NtInitializeRegistry(
3169 /*IN*/ BOOLEAN Setup);
3170
3171 NTOSAPI
3172 NTSTATUS
3173 NTAPI
3174 ZwInitializeRegistry(
3175 /*IN*/ BOOLEAN Setup);
3176
3177
3178
3179
3180 /* Security and auditing */
3181
3182 NTOSAPI
3183 NTSTATUS
3184 NTAPI
3185 NtPrivilegeCheck(
3186 /*IN*/ HANDLE TokenHandle,
3187 /*IN*/ PPRIVILEGE_SET RequiredPrivileges,
3188 /*OUT*/ PBOOLEAN Result);
3189
3190 NTOSAPI
3191 NTSTATUS
3192 NTAPI
3193 ZwPrivilegeCheck(
3194 /*IN*/ HANDLE TokenHandle,
3195 /*IN*/ PPRIVILEGE_SET RequiredPrivileges,
3196 /*OUT*/ PBOOLEAN Result);
3197
3198 NTOSAPI
3199 NTSTATUS
3200 NTAPI
3201 NtPrivilegeObjectAuditAlarm(
3202 /*IN*/ PUNICODE_STRING SubsystemName,
3203 /*IN*/ PVOID HandleId,
3204 /*IN*/ HANDLE TokenHandle,
3205 /*IN*/ ACCESS_MASK DesiredAccess,
3206 /*IN*/ PPRIVILEGE_SET Privileges,
3207 /*IN*/ BOOLEAN AccessGranted);
3208
3209 NTOSAPI
3210 NTSTATUS
3211 NTAPI
3212 ZwPrivilegeObjectAuditAlarm(
3213 /*IN*/ PUNICODE_STRING SubsystemName,
3214 /*IN*/ PVOID HandleId,
3215 /*IN*/ HANDLE TokenHandle,
3216 /*IN*/ ACCESS_MASK DesiredAccess,
3217 /*IN*/ PPRIVILEGE_SET Privileges,
3218 /*IN*/ BOOLEAN AccessGranted);
3219
3220 NTOSAPI
3221 NTSTATUS
3222 NTAPI
3223 NtAccessCheck(
3224 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3225 /*IN*/ HANDLE TokenHandle,
3226 /*IN*/ ACCESS_MASK DesiredAccess,
3227 /*IN*/ PGENERIC_MAPPING GenericMapping,
3228 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3229 /*IN*/ PULONG PrivilegeSetLength,
3230 /*OUT*/ PACCESS_MASK GrantedAccess,
3231 /*OUT*/ PBOOLEAN AccessStatus);
3232
3233 NTOSAPI
3234 NTSTATUS
3235 NTAPI
3236 ZwAccessCheck(
3237 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3238 /*IN*/ HANDLE TokenHandle,
3239 /*IN*/ ACCESS_MASK DesiredAccess,
3240 /*IN*/ PGENERIC_MAPPING GenericMapping,
3241 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3242 /*IN*/ PULONG PrivilegeSetLength,
3243 /*OUT*/ PACCESS_MASK GrantedAccess,
3244 /*OUT*/ PBOOLEAN AccessStatus);
3245
3246 NTOSAPI
3247 NTSTATUS
3248 NTAPI
3249 NtAccessCheckAndAuditAlarm(
3250 /*IN*/ PUNICODE_STRING SubsystemName,
3251 /*IN*/ PVOID HandleId,
3252 /*IN*/ PUNICODE_STRING ObjectTypeName,
3253 /*IN*/ PUNICODE_STRING ObjectName,
3254 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3255 /*IN*/ ACCESS_MASK DesiredAccess,
3256 /*IN*/ PGENERIC_MAPPING GenericMapping,
3257 /*IN*/ BOOLEAN ObjectCreation,
3258 /*OUT*/ PACCESS_MASK GrantedAccess,
3259 /*OUT*/ PBOOLEAN AccessStatus,
3260 /*OUT*/ PBOOLEAN GenerateOnClose);
3261
3262 NTOSAPI
3263 NTSTATUS
3264 NTAPI
3265 ZwAccessCheckAndAuditAlarm(
3266 /*IN*/ PUNICODE_STRING SubsystemName,
3267 /*IN*/ PVOID HandleId,
3268 /*IN*/ PUNICODE_STRING ObjectTypeName,
3269 /*IN*/ PUNICODE_STRING ObjectName,
3270 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3271 /*IN*/ ACCESS_MASK DesiredAccess,
3272 /*IN*/ PGENERIC_MAPPING GenericMapping,
3273 /*IN*/ BOOLEAN ObjectCreation,
3274 /*OUT*/ PACCESS_MASK GrantedAccess,
3275 /*OUT*/ PBOOLEAN AccessStatus,
3276 /*OUT*/ PBOOLEAN GenerateOnClose);
3277
3278 NTOSAPI
3279 NTSTATUS
3280 NTAPI
3281 NtAccessCheckByType(
3282 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3283 /*IN*/ PSID PrincipalSelfSid,
3284 /*IN*/ HANDLE TokenHandle,
3285 /*IN*/ ULONG DesiredAccess,
3286 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3287 /*IN*/ ULONG ObjectTypeListLength,
3288 /*IN*/ PGENERIC_MAPPING GenericMapping,
3289 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3290 /*IN*/ PULONG PrivilegeSetLength,
3291 /*OUT*/ PACCESS_MASK GrantedAccess,
3292 /*OUT*/ PULONG AccessStatus);
3293
3294 NTOSAPI
3295 NTSTATUS
3296 NTAPI
3297 ZwAccessCheckByType(
3298 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3299 /*IN*/ PSID PrincipalSelfSid,
3300 /*IN*/ HANDLE TokenHandle,
3301 /*IN*/ ULONG DesiredAccess,
3302 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3303 /*IN*/ ULONG ObjectTypeListLength,
3304 /*IN*/ PGENERIC_MAPPING GenericMapping,
3305 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3306 /*IN*/ PULONG PrivilegeSetLength,
3307 /*OUT*/ PACCESS_MASK GrantedAccess,
3308 /*OUT*/ PULONG AccessStatus);
3309
3310 typedef enum _AUDIT_EVENT_TYPE {
3311 AuditEventObjectAccess,
3312 AuditEventDirectoryServiceAccess
3313 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
3314
3315 NTOSAPI
3316 NTSTATUS
3317 NTAPI
3318 NtAccessCheckByTypeAndAuditAlarm(
3319 /*IN*/ PUNICODE_STRING SubsystemName,
3320 /*IN*/ PVOID HandleId,
3321 /*IN*/ PUNICODE_STRING ObjectTypeName,
3322 /*IN*/ PUNICODE_STRING ObjectName,
3323 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3324 /*IN*/ PSID PrincipalSelfSid,
3325 /*IN*/ ACCESS_MASK DesiredAccess,
3326 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3327 /*IN*/ ULONG Flags,
3328 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3329 /*IN*/ ULONG ObjectTypeListLength,
3330 /*IN*/ PGENERIC_MAPPING GenericMapping,
3331 /*IN*/ BOOLEAN ObjectCreation,
3332 /*OUT*/ PACCESS_MASK GrantedAccess,
3333 /*OUT*/ PULONG AccessStatus,
3334 /*OUT*/ PBOOLEAN GenerateOnClose);
3335
3336 NTOSAPI
3337 NTSTATUS
3338 NTAPI
3339 ZwAccessCheckByTypeAndAuditAlarm(
3340 /*IN*/ PUNICODE_STRING SubsystemName,
3341 /*IN*/ PVOID HandleId,
3342 /*IN*/ PUNICODE_STRING ObjectTypeName,
3343 /*IN*/ PUNICODE_STRING ObjectName,
3344 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3345 /*IN*/ PSID PrincipalSelfSid,
3346 /*IN*/ ACCESS_MASK DesiredAccess,
3347 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3348 /*IN*/ ULONG Flags,
3349 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3350 /*IN*/ ULONG ObjectTypeListLength,
3351 /*IN*/ PGENERIC_MAPPING GenericMapping,
3352 /*IN*/ BOOLEAN ObjectCreation,
3353 /*OUT*/ PACCESS_MASK GrantedAccess,
3354 /*OUT*/ PULONG AccessStatus,
3355 /*OUT*/ PBOOLEAN GenerateOnClose);
3356
3357 NTOSAPI
3358 NTSTATUS
3359 NTAPI
3360 NtAccessCheckByTypeResultList(
3361 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3362 /*IN*/ PSID PrincipalSelfSid,
3363 /*IN*/ HANDLE TokenHandle,
3364 /*IN*/ ACCESS_MASK DesiredAccess,
3365 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3366 /*IN*/ ULONG ObjectTypeListLength,
3367 /*IN*/ PGENERIC_MAPPING GenericMapping,
3368 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3369 /*IN*/ PULONG PrivilegeSetLength,
3370 /*OUT*/ PACCESS_MASK GrantedAccessList,
3371 /*OUT*/ PULONG AccessStatusList);
3372
3373 NTOSAPI
3374 NTSTATUS
3375 NTAPI
3376 ZwAccessCheckByTypeResultList(
3377 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3378 /*IN*/ PSID PrincipalSelfSid,
3379 /*IN*/ HANDLE TokenHandle,
3380 /*IN*/ ACCESS_MASK DesiredAccess,
3381 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3382 /*IN*/ ULONG ObjectTypeListLength,
3383 /*IN*/ PGENERIC_MAPPING GenericMapping,
3384 /*IN*/ PPRIVILEGE_SET PrivilegeSet,
3385 /*IN*/ PULONG PrivilegeSetLength,
3386 /*OUT*/ PACCESS_MASK GrantedAccessList,
3387 /*OUT*/ PULONG AccessStatusList);
3388
3389 NTOSAPI
3390 NTSTATUS
3391 NTAPI
3392 NtAccessCheckByTypeResultListAndAuditAlarm(
3393 /*IN*/ PUNICODE_STRING SubsystemName,
3394 /*IN*/ PVOID HandleId,
3395 /*IN*/ PUNICODE_STRING ObjectTypeName,
3396 /*IN*/ PUNICODE_STRING ObjectName,
3397 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3398 /*IN*/ PSID PrincipalSelfSid,
3399 /*IN*/ ACCESS_MASK DesiredAccess,
3400 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3401 /*IN*/ ULONG Flags,
3402 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3403 /*IN*/ ULONG ObjectTypeListLength,
3404 /*IN*/ PGENERIC_MAPPING GenericMapping,
3405 /*IN*/ BOOLEAN ObjectCreation,
3406 /*OUT*/ PACCESS_MASK GrantedAccessList,
3407 /*OUT*/ PULONG AccessStatusList,
3408 /*OUT*/ PULONG GenerateOnClose);
3409
3410 NTOSAPI
3411 NTSTATUS
3412 NTAPI
3413 ZwAccessCheckByTypeResultListAndAuditAlarm(
3414 /*IN*/ PUNICODE_STRING SubsystemName,
3415 /*IN*/ PVOID HandleId,
3416 /*IN*/ PUNICODE_STRING ObjectTypeName,
3417 /*IN*/ PUNICODE_STRING ObjectName,
3418 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3419 /*IN*/ PSID PrincipalSelfSid,
3420 /*IN*/ ACCESS_MASK DesiredAccess,
3421 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3422 /*IN*/ ULONG Flags,
3423 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3424 /*IN*/ ULONG ObjectTypeListLength,
3425 /*IN*/ PGENERIC_MAPPING GenericMapping,
3426 /*IN*/ BOOLEAN ObjectCreation,
3427 /*OUT*/ PACCESS_MASK GrantedAccessList,
3428 /*OUT*/ PULONG AccessStatusList,
3429 /*OUT*/ PULONG GenerateOnClose);
3430
3431 NTOSAPI
3432 NTSTATUS
3433 NTAPI
3434 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
3435 /*IN*/ PUNICODE_STRING SubsystemName,
3436 /*IN*/ PVOID HandleId,
3437 /*IN*/ HANDLE TokenHandle,
3438 /*IN*/ PUNICODE_STRING ObjectTypeName,
3439 /*IN*/ PUNICODE_STRING ObjectName,
3440 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3441 /*IN*/ PSID PrincipalSelfSid,
3442 /*IN*/ ACCESS_MASK DesiredAccess,
3443 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3444 /*IN*/ ULONG Flags,
3445 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3446 /*IN*/ ULONG ObjectTypeListLength,
3447 /*IN*/ PGENERIC_MAPPING GenericMapping,
3448 /*IN*/ BOOLEAN ObjectCreation,
3449 /*OUT*/ PACCESS_MASK GrantedAccessList,
3450 /*OUT*/ PULONG AccessStatusList,
3451 /*OUT*/ PULONG GenerateOnClose);
3452
3453 NTOSAPI
3454 NTSTATUS
3455 NTAPI
3456 ZwAccessCheckByTypeResultListAndAuditAlarmByHandle(
3457 /*IN*/ PUNICODE_STRING SubsystemName,
3458 /*IN*/ PVOID HandleId,
3459 /*IN*/ HANDLE TokenHandle,
3460 /*IN*/ PUNICODE_STRING ObjectTypeName,
3461 /*IN*/ PUNICODE_STRING ObjectName,
3462 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3463 /*IN*/ PSID PrincipalSelfSid,
3464 /*IN*/ ACCESS_MASK DesiredAccess,
3465 /*IN*/ AUDIT_EVENT_TYPE AuditType,
3466 /*IN*/ ULONG Flags,
3467 /*IN*/ POBJECT_TYPE_LIST ObjectTypeList,
3468 /*IN*/ ULONG ObjectTypeListLength,
3469 /*IN*/ PGENERIC_MAPPING GenericMapping,
3470 /*IN*/ BOOLEAN ObjectCreation,
3471 /*OUT*/ PACCESS_MASK GrantedAccessList,
3472 /*OUT*/ PULONG AccessStatusList,
3473 /*OUT*/ PULONG GenerateOnClose);
3474
3475 NTOSAPI
3476 NTSTATUS
3477 NTAPI
3478 NtOpenObjectAuditAlarm(
3479 /*IN*/ PUNICODE_STRING SubsystemName,
3480 /*IN*/ PVOID *HandleId,
3481 /*IN*/ PUNICODE_STRING ObjectTypeName,
3482 /*IN*/ PUNICODE_STRING ObjectName,
3483 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3484 /*IN*/ HANDLE TokenHandle,
3485 /*IN*/ ACCESS_MASK DesiredAccess,
3486 /*IN*/ ACCESS_MASK GrantedAccess,
3487 /*IN*/ PPRIVILEGE_SET Privileges /*OPTIONAL*/,
3488 /*IN*/ BOOLEAN ObjectCreation,
3489 /*IN*/ BOOLEAN AccessGranted,
3490 /*OUT*/ PBOOLEAN GenerateOnClose);
3491
3492 NTOSAPI
3493 NTSTATUS
3494 NTAPI
3495 ZwOpenObjectAuditAlarm(
3496 /*IN*/ PUNICODE_STRING SubsystemName,
3497 /*IN*/ PVOID *HandleId,
3498 /*IN*/ PUNICODE_STRING ObjectTypeName,
3499 /*IN*/ PUNICODE_STRING ObjectName,
3500 /*IN*/ PSECURITY_DESCRIPTOR SecurityDescriptor,
3501 /*IN*/ HANDLE TokenHandle,
3502 /*IN*/ ACCESS_MASK DesiredAccess,
3503 /*IN*/ ACCESS_MASK GrantedAccess,
3504 /*IN*/ PPRIVILEGE_SET Privileges /*OPTIONAL*/,
3505 /*IN*/ BOOLEAN ObjectCreation,
3506 /*IN*/ BOOLEAN AccessGranted,
3507 /*OUT*/ PBOOLEAN GenerateOnClose);
3508
3509 NTOSAPI
3510 NTSTATUS
3511 NTAPI
3512 NtCloseObjectAuditAlarm(
3513 /*IN*/ PUNICODE_STRING SubsystemName,
3514 /*IN*/ PVOID HandleId,
3515 /*IN*/ BOOLEAN GenerateOnClose);
3516
3517 NTOSAPI
3518 NTSTATUS
3519 NTAPI
3520 ZwCloseObjectAuditAlarm(
3521 /*IN*/ PUNICODE_STRING SubsystemName,
3522 /*IN*/ PVOID HandleId,
3523 /*IN*/ BOOLEAN GenerateOnClose);
3524
3525 NTOSAPI
3526 NTSTATUS
3527 NTAPI
3528 NtDeleteObjectAuditAlarm(
3529 /*IN*/ PUNICODE_STRING SubsystemName,
3530 /*IN*/ PVOID HandleId,
3531 /*IN*/ BOOLEAN GenerateOnClose);
3532
3533 NTOSAPI
3534 NTSTATUS
3535 NTAPI
3536 ZwDeleteObjectAuditAlarm(
3537 /*IN*/ PUNICODE_STRING SubsystemName,
3538 /*IN*/ PVOID HandleId,
3539 /*IN*/ BOOLEAN GenerateOnClose);
3540
3541
3542
3543
3544 /* Plug and play and power management */
3545
3546 NTOSAPI
3547 NTSTATUS
3548 NTAPI
3549 ZwRequestWakeupLatency(
3550 /*IN*/ LATENCY_TIME Latency);
3551
3552 NTOSAPI
3553 NTSTATUS
3554 NTAPI
3555 ZwRequestDeviceWakeup(
3556 /*IN*/ HANDLE DeviceHandle);
3557
3558 NTOSAPI
3559 NTSTATUS
3560 NTAPI
3561 ZwCancelDeviceWakeupRequest(
3562 /*IN*/ HANDLE DeviceHandle);
3563
3564 NTOSAPI
3565 BOOLEAN
3566 NTAPI
3567 ZwIsSystemResumeAutomatic(
3568 VOID);
3569
3570 NTOSAPI
3571 NTSTATUS
3572 NTAPI
3573 ZwSetThreadExecutionState(
3574 /*IN*/ EXECUTION_STATE ExecutionState,
3575 /*OUT*/ PEXECUTION_STATE PreviousExecutionState);
3576
3577 NTOSAPI
3578 NTSTATUS
3579 NTAPI
3580 ZwGetDevicePowerState(
3581 /*IN*/ HANDLE DeviceHandle,
3582 /*OUT*/ PDEVICE_POWER_STATE DevicePowerState);
3583
3584 NTOSAPI
3585 NTSTATUS
3586 NTAPI
3587 ZwSetSystemPowerState(
3588 /*IN*/ POWER_ACTION SystemAction,
3589 /*IN*/ SYSTEM_POWER_STATE MinSystemState,
3590 /*IN*/ ULONG Flags);
3591
3592 NTOSAPI
3593 NTSTATUS
3594 NTAPI
3595 ZwInitiatePowerAction(
3596 /*IN*/ POWER_ACTION SystemAction,
3597 /*IN*/ SYSTEM_POWER_STATE MinSystemState,
3598 /*IN*/ ULONG Flags,
3599 /*IN*/ BOOLEAN Asynchronous);
3600
3601 NTOSAPI
3602 NTSTATUS
3603 NTAPI
3604 ZwPowerInformation(
3605 /*IN*/ POWER_INFORMATION_LEVEL PowerInformationLevel,
3606 /*IN*/ PVOID InputBuffer /*OPTIONAL*/,
3607 /*IN*/ ULONG InputBufferLength,
3608 /*OUT*/ PVOID OutputBuffer /*OPTIONAL*/,
3609 /*IN*/ ULONG OutputBufferLength);
3610
3611 NTOSAPI
3612 NTSTATUS
3613 NTAPI
3614 NtPlugPlayControl(
3615 /*IN*/ ULONG ControlCode,
3616 /*IN OUT*/ PVOID Buffer,
3617 /*IN*/ ULONG BufferLength);
3618
3619 NTOSAPI
3620 NTSTATUS
3621 NTAPI
3622 ZwPlugPlayControl(
3623 /*IN*/ ULONG ControlCode,
3624 /*IN OUT*/ PVOID Buffer,
3625 /*IN*/ ULONG BufferLength);
3626
3627 NTOSAPI
3628 NTSTATUS
3629 NTAPI
3630 NtGetPlugPlayEvent(
3631 /*IN*/ ULONG Reserved1,
3632 /*IN*/ ULONG Reserved2,
3633 /*OUT*/ PVOID Buffer,
3634 /*IN*/ ULONG BufferLength);
3635
3636 NTOSAPI
3637 NTSTATUS
3638 NTAPI
3639 ZwGetPlugPlayEvent(
3640 /*IN*/ ULONG Reserved1,
3641 /*IN*/ ULONG Reserved2,
3642 /*OUT*/ PVOID Buffer,
3643 /*IN*/ ULONG BufferLength);
3644
3645
3646
3647
3648 /* Miscellany */
3649
3650 NTOSAPI
3651 NTSTATUS
3652 NTAPI
3653 NtRaiseException(
3654 /*IN*/ PEXCEPTION_RECORD ExceptionRecord,
3655 /*IN*/ PCONTEXT Context,
3656 /*IN*/ BOOLEAN SearchFrames);
3657
3658 NTOSAPI
3659 NTSTATUS
3660 NTAPI
3661 ZwRaiseException(
3662 /*IN*/ PEXCEPTION_RECORD ExceptionRecord,
3663 /*IN*/ PCONTEXT Context,
3664 /*IN*/ BOOLEAN SearchFrames);
3665
3666 NTOSAPI
3667 NTSTATUS
3668 NTAPI
3669 NtContinue(
3670 /*IN*/ PCONTEXT Context,
3671 /*IN*/ BOOLEAN TestAlert);
3672
3673 NTOSAPI
3674 NTSTATUS
3675 NTAPI
3676 ZwContinue(
3677 /*IN*/ PCONTEXT Context,
3678 /*IN*/ BOOLEAN TestAlert);
3679
3680 NTOSAPI
3681 NTSTATUS
3682 NTAPI
3683 ZwW32Call(
3684 /*IN*/ ULONG RoutineIndex,
3685 /*IN*/ PVOID Argument,
3686 /*IN*/ ULONG ArgumentLength,
3687 /*OUT*/ PVOID *Result /*OPTIONAL*/,
3688 /*OUT*/ PULONG ResultLength /*OPTIONAL*/);
3689
3690 NTOSAPI
3691 NTSTATUS
3692 NTAPI
3693 NtSetLowWaitHighThread(
3694 VOID);
3695
3696 NTOSAPI
3697 NTSTATUS
3698 NTAPI
3699 ZwSetLowWaitHighThread(
3700 VOID);
3701
3702 NTOSAPI
3703 NTSTATUS
3704 NTAPI
3705 NtSetHighWaitLowThread(
3706 VOID);
3707
3708 NTOSAPI
3709 NTSTATUS
3710 NTAPI
3711 ZwSetHighWaitLowThread(
3712 VOID);
3713
3714 NTOSAPI
3715 NTSTATUS
3716 NTAPI
3717 NtLoadDriver(
3718 /*IN*/ PUNICODE_STRING DriverServiceName);
3719
3720 NTOSAPI
3721 NTSTATUS
3722 NTAPI
3723 ZwLoadDriver(
3724 /*IN*/ PUNICODE_STRING DriverServiceName);
3725
3726 NTOSAPI
3727 NTSTATUS
3728 NTAPI
3729 NtUnloadDriver(
3730 /*IN*/ PUNICODE_STRING DriverServiceName);
3731
3732 NTOSAPI
3733 NTSTATUS
3734 NTAPI
3735 ZwUnloadDriver(
3736 /*IN*/ PUNICODE_STRING DriverServiceName);
3737
3738 NTOSAPI
3739 NTSTATUS
3740 NTAPI
3741 NtFlushInstructionCache(
3742 /*IN*/ HANDLE ProcessHandle,
3743 /*IN*/ PVOID BaseAddress /*OPTIONAL*/,
3744 /*IN*/ ULONG FlushSize);
3745
3746 NTOSAPI
3747 NTSTATUS
3748 NTAPI
3749 ZwFlushInstructionCache(
3750 /*IN*/ HANDLE ProcessHandle,
3751 /*IN*/ PVOID BaseAddress /*OPTIONAL*/,
3752 /*IN*/ ULONG FlushSize);
3753
3754 NTOSAPI
3755 NTSTATUS
3756 NTAPI
3757 NtFlushWriteBuffer(
3758 VOID);
3759
3760 NTOSAPI
3761 NTSTATUS
3762 NTAPI
3763 ZwFlushWriteBuffer(
3764 VOID);
3765
3766 NTOSAPI
3767 NTSTATUS
3768 NTAPI
3769 NtQueryDefaultLocale(
3770 /*IN*/ BOOLEAN ThreadOrSystem,
3771 /*OUT*/ PLCID Locale);
3772
3773 NTOSAPI
3774 NTSTATUS
3775 NTAPI
3776 ZwQueryDefaultLocale(
3777 /*IN*/ BOOLEAN ThreadOrSystem,
3778 /*OUT*/ PLCID Locale);
3779
3780 NTOSAPI
3781 NTSTATUS
3782 NTAPI
3783 NtSetDefaultLocale(
3784 /*IN*/ BOOLEAN ThreadOrSystem,
3785 /*IN*/ LCID Locale);
3786
3787 NTOSAPI
3788 NTSTATUS
3789 NTAPI
3790 ZwSetDefaultLocale(
3791 /*IN*/ BOOLEAN ThreadOrSystem,
3792 /*IN*/ LCID Locale);
3793
3794 NTOSAPI
3795 NTSTATUS
3796 NTAPI
3797 NtQueryDefaultUILanguage(
3798 /*OUT*/ PLANGID LanguageId);
3799
3800 NTOSAPI
3801 NTSTATUS
3802 NTAPI
3803 ZwQueryDefaultUILanguage(
3804 /*OUT*/ PLANGID LanguageId);
3805
3806 NTOSAPI
3807 NTSTATUS
3808 NTAPI
3809 NtSetDefaultUILanguage(
3810 /*IN*/ LANGID LanguageId);
3811
3812 NTOSAPI
3813 NTSTATUS
3814 NTAPI
3815 ZwSetDefaultUILanguage(
3816 /*IN*/ LANGID LanguageId);
3817
3818 NTOSAPI
3819 NTSTATUS
3820 NTAPI
3821 NtQueryInstallUILanguage(
3822 /*OUT*/ PLANGID LanguageId);
3823
3824 NTOSAPI
3825 NTSTATUS
3826 NTAPI
3827 ZwQueryInstallUILanguage(
3828 /*OUT*/ PLANGID LanguageId);
3829
3830 NTOSAPI
3831 NTSTATUS
3832 NTAPI
3833 NtAllocateLocallyUniqueId(
3834 /*OUT*/ PLUID Luid);
3835
3836 NTOSAPI
3837 NTSTATUS
3838 NTAPI
3839 NtAllocateUuids(
3840 /*OUT*/ PLARGE_INTEGER UuidLastTimeAllocated,
3841 /*OUT*/ PULONG UuidDeltaTime,
3842 /*OUT*/ PULONG UuidSequenceNumber,
3843 /*OUT*/ PUCHAR UuidSeed);
3844
3845 NTOSAPI
3846 NTSTATUS
3847 NTAPI
3848 ZwAllocateUuids(
3849 /*OUT*/ PLARGE_INTEGER UuidLastTimeAllocated,
3850 /*OUT*/ PULONG UuidDeltaTime,
3851 /*OUT*/ PULONG UuidSequenceNumber,
3852 /*OUT*/ PUCHAR UuidSeed);
3853
3854 NTOSAPI
3855 NTSTATUS
3856 NTAPI
3857 NtSetUuidSeed(
3858 /*IN*/ PUCHAR UuidSeed);
3859
3860 NTOSAPI
3861 NTSTATUS
3862 NTAPI
3863 ZwSetUuidSeed(
3864 /*IN*/ PUCHAR UuidSeed);
3865
3866 typedef enum _HARDERROR_RESPONSE_OPTION {
3867 OptionAbortRetryIgnore,
3868 OptionOk,
3869 OptionOkCancel,
3870 OptionRetryCancel,
3871 OptionYesNo,
3872 OptionYesNoCancel,
3873 OptionShutdownSystem
3874 } HARDERROR_RESPONSE_OPTION, *PHARDERROR_RESPONSE_OPTION;
3875
3876 typedef enum _HARDERROR_RESPONSE {
3877 ResponseReturnToCaller,
3878 ResponseNotHandled,
3879 ResponseAbort,
3880 ResponseCancel,
3881 ResponseIgnore,
3882 ResponseNo,
3883 ResponseOk,
3884 ResponseRetry,
3885 ResponseYes
3886 } HARDERROR_RESPONSE, *PHARDERROR_RESPONSE;
3887
3888 NTOSAPI
3889 NTSTATUS
3890 NTAPI
3891 NtRaiseHardError(
3892 /*IN*/ NTSTATUS Status,
3893 /*IN*/ ULONG NumberOfArguments,
3894 /*IN*/ ULONG StringArgumentsMask,
3895 /*IN*/ PULONG Arguments,
3896 /*IN*/ HARDERROR_RESPONSE_OPTION ResponseOption,
3897 /*OUT*/ PHARDERROR_RESPONSE Response);
3898
3899 NTOSAPI
3900 NTSTATUS
3901 NTAPI
3902 ZwRaiseHardError(
3903 /*IN*/ NTSTATUS Status,
3904 /*IN*/ ULONG NumberOfArguments,
3905 /*IN*/ ULONG StringArgumentsMask,
3906 /*IN*/ PULONG Arguments,
3907 /*IN*/ HARDERROR_RESPONSE_OPTION ResponseOption,
3908 /*OUT*/ PHARDERROR_RESPONSE Response);
3909
3910 NTOSAPI
3911 NTSTATUS
3912 NTAPI
3913 NtSetDefaultHardErrorPort(
3914 /*IN*/ HANDLE PortHandle);
3915
3916 NTOSAPI
3917 NTSTATUS
3918 NTAPI
3919 ZwSetDefaultHardErrorPort(
3920 /*IN*/ HANDLE PortHandle);
3921
3922 NTOSAPI
3923 NTSTATUS
3924 NTAPI
3925 NtDisplayString(
3926 /*IN*/ PUNICODE_STRING String);
3927
3928 NTOSAPI
3929 NTSTATUS
3930 NTAPI
3931 ZwDisplayString(
3932 /*IN*/ PUNICODE_STRING String);
3933
3934 NTOSAPI
3935 NTSTATUS
3936 NTAPI
3937 NtCreatePagingFile(
3938 /*IN*/ PUNICODE_STRING FileName,
3939 /*IN*/ PULARGE_INTEGER InitialSize,
3940 /*IN*/ PULARGE_INTEGER MaximumSize,
3941 /*IN*/ ULONG Reserved);
3942
3943 NTOSAPI
3944 NTSTATUS
3945 NTAPI
3946 ZwCreatePagingFile(
3947 /*IN*/ PUNICODE_STRING FileName,
3948 /*IN*/ PULARGE_INTEGER InitialSize,
3949 /*IN*/ PULARGE_INTEGER MaximumSize,
3950 /*IN*/ ULONG Reserved);
3951
3952 typedef USHORT RTL_ATOM, *PRTL_ATOM;
3953
3954 NTOSAPI
3955 NTSTATUS
3956 NTAPI
3957 NtAddAtom(
3958 /*IN*/ PWSTR AtomName,
3959 /*IN*/ ULONG AtomNameLength,
3960 /*OUT*/ PRTL_ATOM Atom);
3961
3962 NTOSAPI
3963 NTSTATUS
3964 NTAPI
3965 ZwAddAtom(
3966 /*IN*/ PWSTR AtomName,
3967 /*IN*/ ULONG AtomNameLength,
3968 /*OUT*/ PRTL_ATOM Atom);
3969
3970 NTOSAPI
3971 NTSTATUS
3972 NTAPI
3973 NtFindAtom(
3974 /*IN*/ PWSTR AtomName,
3975 /*IN*/ ULONG AtomNameLength,
3976 /*OUT*/ PRTL_ATOM Atom);
3977
3978 NTOSAPI
3979 NTSTATUS
3980 NTAPI
3981 ZwFindAtom(
3982 /*IN*/ PWSTR AtomName,
3983 /*IN*/ ULONG AtomNameLength,
3984 /*OUT*/ PRTL_ATOM Atom);
3985
3986 NTOSAPI
3987 NTSTATUS
3988 NTAPI
3989 NtDeleteAtom(
3990 /*IN*/ RTL_ATOM Atom);
3991
3992 NTOSAPI
3993 NTSTATUS
3994 NTAPI
3995 ZwDeleteAtom(
3996 /*IN*/ RTL_ATOM Atom);
3997
3998 typedef enum _ATOM_INFORMATION_CLASS {
3999 AtomBasicInformation,
4000 AtomListInformation
4001 } ATOM_INFORMATION_CLASS;
4002
4003 NTOSAPI
4004 NTSTATUS
4005 NTAPI
4006 NtQueryInformationAtom(
4007 /*IN*/ RTL_ATOM Atom,
4008 /*IN*/ ATOM_INFORMATION_CLASS AtomInformationClass,
4009 /*OUT*/ PVOID AtomInformation,
4010 /*IN*/ ULONG AtomInformationLength,
4011 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
4012
4013 NTOSAPI
4014 NTSTATUS
4015 NTAPI
4016 ZwQueryInformationAtom(
4017 /*IN*/ RTL_ATOM Atom,
4018 /*IN*/ ATOM_INFORMATION_CLASS AtomInformationClass,
4019 /*OUT*/ PVOID AtomInformation,
4020 /*IN*/ ULONG AtomInformationLength,
4021 /*OUT*/ PULONG ReturnLength /*OPTIONAL*/);
4022
4023 typedef struct _ATOM_BASIC_INFORMATION {
4024 USHORT ReferenceCount;
4025 USHORT Pinned;
4026 USHORT NameLength;
4027 WCHAR Name[1];
4028 } ATOM_BASIC_INFORMATION, *PATOM_BASIC_INFORMATION;
4029
4030 typedef struct _ATOM_LIST_INFORMATION {
4031 ULONG NumberOfAtoms;
4032 ATOM Atoms[1];
4033 } ATOM_LIST_INFORMATION, *PATOM_LIST_INFORMATION;
4034
4035 NTOSAPI
4036 NTSTATUS
4037 NTAPI
4038 NtSetLdtEntries(
4039 /*IN*/ ULONG Selector1,
4040 /*IN*/ LDT_ENTRY LdtEntry1,
4041 /*IN*/ ULONG Selector2,
4042 /*IN*/ LDT_ENTRY LdtEntry2);
4043
4044 NTOSAPI
4045 NTSTATUS
4046 NTAPI
4047 ZwSetLdtEntries(
4048 /*IN*/ ULONG Selector1,
4049 /*IN*/ LDT_ENTRY LdtEntry1,
4050 /*IN*/ ULONG Selector2,
4051 /*IN*/ LDT_ENTRY LdtEntry2);
4052
4053 NTOSAPI
4054 NTSTATUS
4055 NTAPI
4056 NtVdmControl(
4057 /*IN*/ ULONG ControlCode,
4058 /*IN*/ PVOID ControlData);
4059
4060 NTOSAPI
4061 NTSTATUS
4062 NTAPI
4063 ZwVdmControl(
4064 /*IN*/ ULONG ControlCode,
4065 /*IN*/ PVOID ControlData);
4066
4067 #pragma pack(pop)
4068
4069 #ifdef __cplusplus
4070 }
4071 #endif
4072
4073 #endif /* __NTAPI_H */