1c2c66affSColin Finck /* 2c2c66affSColin Finck * winternl.h 3c2c66affSColin Finck * 4c2c66affSColin Finck * Windows NT internal data structures and functions 5c2c66affSColin Finck * 6c2c66affSColin Finck * Note: This header exists only for compatibility with the native SDK. 7c2c66affSColin Finck * It's definitions are incomplete and potentially unsuitable. 8c2c66affSColin Finck * ReactOS modules should not make use of it! 9c2c66affSColin Finck * 10c2c66affSColin Finck * USE NDK INSTEAD! 11c2c66affSColin Finck * 12c2c66affSColin Finck * This file is part of the ReactOS PSDK package. 13c2c66affSColin Finck * 14c2c66affSColin Finck * Contributors: 15c2c66affSColin Finck * Timo Kreuzer (timo.kreuzer@reactos.org) 16c2c66affSColin Finck * 17c2c66affSColin Finck * THIS SOFTWARE IS NOT COPYRIGHTED 18c2c66affSColin Finck * 19c2c66affSColin Finck * This source code is offered for use in the public domain. You may 20c2c66affSColin Finck * use, modify or distribute it freely. 21c2c66affSColin Finck * 22c2c66affSColin Finck * This code is distributed in the hope that it will be useful but 23c2c66affSColin Finck * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY 24c2c66affSColin Finck * DISCLAIMED. This includes but is not limited to warranties of 25c2c66affSColin Finck * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 26c2c66affSColin Finck * 27c2c66affSColin Finck */ 28c2c66affSColin Finck #pragma once 29c2c66affSColin Finck 30c2c66affSColin Finck #ifdef __REACTOS__ 31c2c66affSColin Finck #error "Do not use this header, use NDK!" 32c2c66affSColin Finck #endif 33c2c66affSColin Finck 34c2c66affSColin Finck #ifndef _WINTERNL_ 35c2c66affSColin Finck #define _WINTERNL_ 36c2c66affSColin Finck 37c2c66affSColin Finck //#include <winapifamily.h> 38c2c66affSColin Finck #include <windef.h> 39c2c66affSColin Finck 40c2c66affSColin Finck #ifdef __cplusplus 41c2c66affSColin Finck extern "C" { 42c2c66affSColin Finck #endif 43c2c66affSColin Finck 44c2c66affSColin Finck typedef _Return_type_success_(return >= 0) LONG NTSTATUS; 45c2c66affSColin Finck 46c2c66affSColin Finck #ifndef NT_SUCCESS 47c2c66affSColin Finck #define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0) 48c2c66affSColin Finck #endif 49c2c66affSColin Finck 50c2c66affSColin Finck #ifndef NT_INFORMATION 51c2c66affSColin Finck #define NT_INFORMATION(Status) ((((ULONG)(Status)) >> 30) == 1) 52c2c66affSColin Finck #endif 53c2c66affSColin Finck 54c2c66affSColin Finck #ifndef NT_WARNING 55c2c66affSColin Finck #define NT_WARNING(Status) ((((ULONG)(Status)) >> 30) == 2) 56c2c66affSColin Finck #endif 57c2c66affSColin Finck 58c2c66affSColin Finck #ifndef NT_ERROR 59c2c66affSColin Finck #define NT_ERROR(Status) ((((ULONG)(Status)) >> 30) == 3) 60c2c66affSColin Finck #endif 61c2c66affSColin Finck 62c2c66affSColin Finck typedef CONST char *PCSZ; 63c2c66affSColin Finck 64c2c66affSColin Finck typedef struct _STRING 65c2c66affSColin Finck { 66c2c66affSColin Finck USHORT Length; 67c2c66affSColin Finck USHORT MaximumLength; 68c2c66affSColin Finck PCHAR Buffer; 69c2c66affSColin Finck } STRING, *PSTRING; 70c2c66affSColin Finck typedef STRING ANSI_STRING; 71c2c66affSColin Finck typedef PSTRING PANSI_STRING; 72c2c66affSColin Finck typedef PSTRING PCANSI_STRING; // yes, thats the definition from MS! 73c2c66affSColin Finck typedef STRING OEM_STRING; 74c2c66affSColin Finck typedef PSTRING POEM_STRING; 75c2c66affSColin Finck typedef const STRING *PCOEM_STRING; 76c2c66affSColin Finck 77c2c66affSColin Finck typedef struct _UNICODE_STRING 78c2c66affSColin Finck { 79c2c66affSColin Finck USHORT Length; 80c2c66affSColin Finck USHORT MaximumLength; 81c2c66affSColin Finck PWSTR Buffer; 82c2c66affSColin Finck } UNICODE_STRING, *PUNICODE_STRING; 83c2c66affSColin Finck typedef const UNICODE_STRING *PCUNICODE_STRING; 84c2c66affSColin Finck 85c2c66affSColin Finck typedef struct _RTL_USER_PROCESS_PARAMETERS 86c2c66affSColin Finck { 87c2c66affSColin Finck BYTE Reserved1[16]; 88c2c66affSColin Finck PVOID Reserved2[10]; 89c2c66affSColin Finck UNICODE_STRING ImagePathName; 90c2c66affSColin Finck UNICODE_STRING CommandLine; 91c2c66affSColin Finck } RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS; 92c2c66affSColin Finck 93c2c66affSColin Finck typedef struct _PEB_LDR_DATA 94c2c66affSColin Finck { 95c2c66affSColin Finck BYTE Reserved1[8]; 96c2c66affSColin Finck PVOID Reserved2[3]; 97c2c66affSColin Finck LIST_ENTRY InMemoryOrderModuleList; 98c2c66affSColin Finck } PEB_LDR_DATA, *PPEB_LDR_DATA; 99c2c66affSColin Finck 100c2c66affSColin Finck typedef struct _LDR_DATA_TABLE_ENTRY 101c2c66affSColin Finck { 102c2c66affSColin Finck PVOID Reserved1[2]; 103c2c66affSColin Finck LIST_ENTRY InMemoryOrderLinks; 104c2c66affSColin Finck PVOID Reserved2[2]; 105c2c66affSColin Finck PVOID DllBase; 106c2c66affSColin Finck PVOID Reserved3[2]; 107c2c66affSColin Finck UNICODE_STRING FullDllName; 108c2c66affSColin Finck BYTE Reserved4[8]; 109c2c66affSColin Finck PVOID Reserved5[3]; 110c2c66affSColin Finck union { 111c2c66affSColin Finck ULONG CheckSum; 112c2c66affSColin Finck PVOID Reserved6; 113c2c66affSColin Finck } DUMMYUNIONNAME; 114c2c66affSColin Finck ULONG TimeDateStamp; 115c2c66affSColin Finck } LDR_DATA_TABLE_ENTRY, *PLDR_DATA_TABLE_ENTRY; 116c2c66affSColin Finck 117c2c66affSColin Finck typedef 118c2c66affSColin Finck VOID 119c2c66affSColin Finck (NTAPI *PPS_POST_PROCESS_INIT_ROUTINE)( 120c2c66affSColin Finck VOID); 121c2c66affSColin Finck 122c2c66affSColin Finck typedef struct _PEB 123c2c66affSColin Finck { 124c2c66affSColin Finck BYTE Reserved1[2]; 125c2c66affSColin Finck BYTE BeingDebugged; 126c2c66affSColin Finck BYTE Reserved2[1]; 127c2c66affSColin Finck PVOID Reserved3[2]; 128c2c66affSColin Finck PPEB_LDR_DATA Ldr; 129c2c66affSColin Finck PRTL_USER_PROCESS_PARAMETERS ProcessParameters; 130c2c66affSColin Finck PVOID Reserved4[3]; 131c2c66affSColin Finck PVOID AtlThunkSListPtr; 132c2c66affSColin Finck PVOID Reserved5; 133c2c66affSColin Finck ULONG Reserved6; 134c2c66affSColin Finck PVOID Reserved7; 135c2c66affSColin Finck ULONG Reserved8; 136c2c66affSColin Finck ULONG AtlThunkSListPtr32; 137c2c66affSColin Finck PVOID Reserved9[45]; 138c2c66affSColin Finck BYTE Reserved10[96]; 139c2c66affSColin Finck PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine; 140c2c66affSColin Finck BYTE Reserved11[128]; 141c2c66affSColin Finck PVOID Reserved12[1]; 142c2c66affSColin Finck ULONG SessionId; 143c2c66affSColin Finck } PEB, *PPEB; 144c2c66affSColin Finck 145c2c66affSColin Finck typedef struct _TEB 146c2c66affSColin Finck { 147c2c66affSColin Finck PVOID Reserved1[12]; 148c2c66affSColin Finck PPEB ProcessEnvironmentBlock; 149c2c66affSColin Finck PVOID Reserved2[399]; 150c2c66affSColin Finck BYTE Reserved3[1952]; 151c2c66affSColin Finck PVOID TlsSlots[64]; 152c2c66affSColin Finck BYTE Reserved4[8]; 153c2c66affSColin Finck PVOID Reserved5[26]; 154c2c66affSColin Finck PVOID ReservedForOle; 155c2c66affSColin Finck PVOID Reserved6[4]; 156c2c66affSColin Finck PVOID TlsExpansionSlots; 157c2c66affSColin Finck } TEB, *PTEB; 158c2c66affSColin Finck 159c2c66affSColin Finck typedef enum _FILE_INFORMATION_CLASS 160c2c66affSColin Finck { 161c2c66affSColin Finck FileDirectoryInformation = 1 162c2c66affSColin Finck } FILE_INFORMATION_CLASS; 163c2c66affSColin Finck 164c2c66affSColin Finck #define INTERNAL_TS_ACTIVE_CONSOLE_ID (*((volatile ULONG*)0x7ffe02d8)) 165c2c66affSColin Finck #define LOGONID_CURRENT ((ULONG)-1) 166c2c66affSColin Finck #define SERVERNAME_CURRENT ((HANDLE)NULL) 167c2c66affSColin Finck 168c2c66affSColin Finck /* Flags for NtCreateFile and NtOpenFile */ 169c2c66affSColin Finck #define FILE_DIRECTORY_FILE 0x00000001 170c2c66affSColin Finck #define FILE_WRITE_THROUGH 0x00000002 171c2c66affSColin Finck #define FILE_SEQUENTIAL_ONLY 0x00000004 172c2c66affSColin Finck #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008 173c2c66affSColin Finck #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010 174c2c66affSColin Finck #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020 175c2c66affSColin Finck #define FILE_NON_DIRECTORY_FILE 0x00000040 176c2c66affSColin Finck #define FILE_CREATE_TREE_CONNECTION 0x00000080 177c2c66affSColin Finck #define FILE_COMPLETE_IF_OPLOCKED 0x00000100 178c2c66affSColin Finck #define FILE_NO_EA_KNOWLEDGE 0x00000200 179c2c66affSColin Finck #define FILE_OPEN_REMOTE_INSTANCE 0x00000400 180c2c66affSColin Finck #define FILE_RANDOM_ACCESS 0x00000800 181c2c66affSColin Finck #define FILE_DELETE_ON_CLOSE 0x00001000 182c2c66affSColin Finck #define FILE_OPEN_BY_FILE_ID 0x00002000 183c2c66affSColin Finck #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000 184c2c66affSColin Finck #define FILE_NO_COMPRESSION 0x00008000 185c2c66affSColin Finck #if (_WIN32_WINNT >= _WIN32_WINNT_WIN7) 186c2c66affSColin Finck #define FILE_OPEN_REQUIRING_OPLOCK 0x00010000 187c2c66affSColin Finck #endif 188c2c66affSColin Finck #define FILE_RESERVE_OPFILTER 0x00100000 189c2c66affSColin Finck #define FILE_OPEN_REPARSE_POINT 0x00200000 190c2c66affSColin Finck #define FILE_OPEN_NO_RECALL 0x00400000 191c2c66affSColin Finck #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000 192c2c66affSColin Finck 193c2c66affSColin Finck /* Status for NtCreateFile or NtOpenFile */ 194c2c66affSColin Finck #define FILE_SUPERSEDED 0x00000000 195c2c66affSColin Finck #define FILE_OPENED 0x00000001 196c2c66affSColin Finck #define FILE_CREATED 0x00000002 197c2c66affSColin Finck #define FILE_OVERWRITTEN 0x00000003 198c2c66affSColin Finck #define FILE_EXISTS 0x00000004 199c2c66affSColin Finck #define FILE_DOES_NOT_EXIST 0x00000005 200c2c66affSColin Finck 201c2c66affSColin Finck #define FILE_VALID_OPTION_FLAGS 0x00ffffff 202c2c66affSColin Finck #define FILE_VALID_PIPE_OPTION_FLAGS 0x00000032 203c2c66affSColin Finck #define FILE_VALID_MAILSLOT_OPTION_FLAGS 0x00000032 204c2c66affSColin Finck #define FILE_VALID_SET_FLAGS 0x00000036 205c2c66affSColin Finck 206c2c66affSColin Finck /* Disposition for NtCreateFile */ 207c2c66affSColin Finck #define FILE_SUPERSEDE 0x00000000 208c2c66affSColin Finck #define FILE_OPEN 0x00000001 209c2c66affSColin Finck #define FILE_CREATE 0x00000002 210c2c66affSColin Finck #define FILE_OPEN_IF 0x00000003 211c2c66affSColin Finck #define FILE_OVERWRITE 0x00000004 212c2c66affSColin Finck #define FILE_OVERWRITE_IF 0x00000005 213c2c66affSColin Finck #define FILE_MAXIMUM_DISPOSITION 0x00000005 214c2c66affSColin Finck 215c2c66affSColin Finck typedef struct _OBJECT_ATTRIBUTES 216c2c66affSColin Finck { 217c2c66affSColin Finck ULONG Length; 218c2c66affSColin Finck HANDLE RootDirectory; 219c2c66affSColin Finck PUNICODE_STRING ObjectName; 220c2c66affSColin Finck ULONG Attributes; 221c2c66affSColin Finck PVOID SecurityDescriptor; 222c2c66affSColin Finck PVOID SecurityQualityOfService; 223c2c66affSColin Finck } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES; 224c2c66affSColin Finck 225c2c66affSColin Finck #define OBJ_INHERIT 0x00000002L 226c2c66affSColin Finck #define OBJ_PERMANENT 0x00000010L 227c2c66affSColin Finck #define OBJ_EXCLUSIVE 0x00000020L 228c2c66affSColin Finck #define OBJ_CASE_INSENSITIVE 0x00000040L 229c2c66affSColin Finck #define OBJ_OPENIF 0x00000080L 230c2c66affSColin Finck #define OBJ_OPENLINK 0x00000100L 231c2c66affSColin Finck #define OBJ_KERNEL_HANDLE 0x00000200L 232c2c66affSColin Finck #define OBJ_FORCE_ACCESS_CHECK 0x00000400L 233c2c66affSColin Finck #define OBJ_VALID_ATTRIBUTES 0x000007F2L 234c2c66affSColin Finck 235c2c66affSColin Finck #ifndef InitializeObjectAttributes 236c2c66affSColin Finck #define InitializeObjectAttributes(p, n, a, r, s) \ 237c2c66affSColin Finck { \ 238c2c66affSColin Finck (p)->Length = sizeof(OBJECT_ATTRIBUTES); \ 239c2c66affSColin Finck (p)->RootDirectory = r; \ 240c2c66affSColin Finck (p)->Attributes = a; \ 241c2c66affSColin Finck (p)->ObjectName = n; \ 242c2c66affSColin Finck (p)->SecurityDescriptor = s; \ 243c2c66affSColin Finck (p)->SecurityQualityOfService = NULL; \ 244c2c66affSColin Finck } 245c2c66affSColin Finck #endif 246c2c66affSColin Finck 247c2c66affSColin Finck typedef struct _IO_STATUS_BLOCK { 248c2c66affSColin Finck union { 249c2c66affSColin Finck NTSTATUS Status; 250c2c66affSColin Finck PVOID Pointer; 251c2c66affSColin Finck } DUMMYUNIONNAME; 252c2c66affSColin Finck 253c2c66affSColin Finck ULONG_PTR Information; 254c2c66affSColin Finck } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK; 255c2c66affSColin Finck 256c2c66affSColin Finck __kernel_entry 257c2c66affSColin Finck NTSYSCALLAPI 258c2c66affSColin Finck NTSTATUS 259c2c66affSColin Finck NTAPI 260c2c66affSColin Finck NtCreateFile( 261c2c66affSColin Finck _Out_ PHANDLE FileHandle, 262c2c66affSColin Finck _In_ ACCESS_MASK DesiredAccess, 263c2c66affSColin Finck _In_ POBJECT_ATTRIBUTES ObjectAttributes, 264c2c66affSColin Finck _Out_ PIO_STATUS_BLOCK IoStatusBlock, 265c2c66affSColin Finck _In_opt_ PLARGE_INTEGER AllocationSize, 266c2c66affSColin Finck _In_ ULONG FileAttributes, 267c2c66affSColin Finck _In_ ULONG ShareAccess, 268c2c66affSColin Finck _In_ ULONG CreateDisposition, 269c2c66affSColin Finck _In_ ULONG CreateOptions, 270c2c66affSColin Finck _In_reads_bytes_opt_(EaLength) PVOID EaBuffer, 271c2c66affSColin Finck _In_ ULONG EaLength); 272c2c66affSColin Finck 273c2c66affSColin Finck __kernel_entry 274c2c66affSColin Finck NTSYSCALLAPI 275c2c66affSColin Finck NTSTATUS 276c2c66affSColin Finck NTAPI 277c2c66affSColin Finck NtOpenFile( 278c2c66affSColin Finck _Out_ PHANDLE FileHandle, 279c2c66affSColin Finck _In_ ACCESS_MASK DesiredAccess, 280c2c66affSColin Finck _In_ POBJECT_ATTRIBUTES ObjectAttributes, 281c2c66affSColin Finck _Out_ PIO_STATUS_BLOCK IoStatusBlock, 282c2c66affSColin Finck _In_ ULONG ShareAccess, 283c2c66affSColin Finck _In_ ULONG OpenOptions); 284c2c66affSColin Finck 285c2c66affSColin Finck __kernel_entry 286c2c66affSColin Finck NTSYSCALLAPI 287c2c66affSColin Finck NTSTATUS 288c2c66affSColin Finck NTAPI 289c2c66affSColin Finck NtClose( 290c2c66affSColin Finck _In_ HANDLE Handle); 291c2c66affSColin Finck 292c2c66affSColin Finck typedef 293c2c66affSColin Finck VOID 294c2c66affSColin Finck (NTAPI *PIO_APC_ROUTINE)( 295c2c66affSColin Finck _In_ PVOID ApcContext, 296c2c66affSColin Finck _In_ PIO_STATUS_BLOCK IoStatusBlock, 297c2c66affSColin Finck _In_ ULONG Reserved); 298c2c66affSColin Finck 299c2c66affSColin Finck __kernel_entry 300c2c66affSColin Finck NTSYSCALLAPI 301c2c66affSColin Finck NTSTATUS 302c2c66affSColin Finck NTAPI 303c2c66affSColin Finck NtDeviceIoControlFile( 304c2c66affSColin Finck _In_ HANDLE FileHandle, 305c2c66affSColin Finck _In_opt_ HANDLE Event, 306c2c66affSColin Finck _In_opt_ PIO_APC_ROUTINE ApcRoutine, 307c2c66affSColin Finck _In_opt_ PVOID ApcContext, 308c2c66affSColin Finck _Out_ PIO_STATUS_BLOCK IoStatusBlock, 309c2c66affSColin Finck _In_ ULONG IoControlCode, 310c2c66affSColin Finck _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, 311c2c66affSColin Finck _In_ ULONG InputBufferLength, 312c2c66affSColin Finck _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, 313c2c66affSColin Finck _In_ ULONG OutputBufferLength); 314c2c66affSColin Finck 315c2c66affSColin Finck __kernel_entry 316c2c66affSColin Finck NTSYSCALLAPI 317c2c66affSColin Finck NTSTATUS 318c2c66affSColin Finck NTAPI 319c2c66affSColin Finck NtWaitForSingleObject( 320c2c66affSColin Finck _In_ HANDLE Object, 321c2c66affSColin Finck _In_ BOOLEAN Alertable, 322c2c66affSColin Finck _In_opt_ PLARGE_INTEGER Timeout); 323c2c66affSColin Finck 324c2c66affSColin Finck __kernel_entry 325c2c66affSColin Finck NTSYSCALLAPI 326c2c66affSColin Finck NTSTATUS 327c2c66affSColin Finck NTAPI 328c2c66affSColin Finck NtRenameKey( 329c2c66affSColin Finck _In_ HANDLE KeyHandle, 330c2c66affSColin Finck _In_ PUNICODE_STRING NewName); 331c2c66affSColin Finck 332c2c66affSColin Finck __kernel_entry 333c2c66affSColin Finck NTSYSCALLAPI 334c2c66affSColin Finck NTSTATUS 335c2c66affSColin Finck NTAPI 336c2c66affSColin Finck NtNotifyChangeMultipleKeys( 337c2c66affSColin Finck _In_ HANDLE MasterKeyHandle, 338c2c66affSColin Finck _In_opt_ ULONG Count, 339c2c66affSColin Finck _In_reads_opt_(Count) OBJECT_ATTRIBUTES SubordinateObjects[], 340c2c66affSColin Finck _In_opt_ HANDLE Event, 341c2c66affSColin Finck _In_opt_ PIO_APC_ROUTINE ApcRoutine, 342c2c66affSColin Finck _In_opt_ PVOID ApcContext, 343c2c66affSColin Finck _Out_ PIO_STATUS_BLOCK IoStatusBlock, 344c2c66affSColin Finck _In_ ULONG CompletionFilter, 345c2c66affSColin Finck _In_ BOOLEAN WatchTree, 346c2c66affSColin Finck _Out_writes_bytes_opt_(BufferSize) PVOID Buffer, 347c2c66affSColin Finck _In_ ULONG BufferSize, 348c2c66affSColin Finck _In_ BOOLEAN Asynchronous); 349c2c66affSColin Finck 350c2c66affSColin Finck typedef struct _KEY_VALUE_ENTRY 351c2c66affSColin Finck { 352c2c66affSColin Finck PUNICODE_STRING ValueName; 353c2c66affSColin Finck ULONG DataLength; 354c2c66affSColin Finck ULONG DataOffset; 355c2c66affSColin Finck ULONG Type; 356c2c66affSColin Finck } KEY_VALUE_ENTRY, *PKEY_VALUE_ENTRY; 357c2c66affSColin Finck 358c2c66affSColin Finck __kernel_entry 359c2c66affSColin Finck NTSYSCALLAPI 360c2c66affSColin Finck NTSTATUS 361c2c66affSColin Finck NTAPI 362c2c66affSColin Finck NtQueryMultipleValueKey( 363c2c66affSColin Finck _In_ HANDLE KeyHandle, 364c2c66affSColin Finck _Inout_updates_(EntryCount) PKEY_VALUE_ENTRY ValueEntries, 365c2c66affSColin Finck _In_ ULONG EntryCount, 366c2c66affSColin Finck _Out_writes_bytes_(*BufferLength) PVOID ValueBuffer, 367c2c66affSColin Finck _Inout_ PULONG BufferLength, 368c2c66affSColin Finck _Out_opt_ PULONG RequiredBufferLength); 369c2c66affSColin Finck 370c2c66affSColin Finck typedef enum _KEY_SET_INFORMATION_CLASS 371c2c66affSColin Finck { 372c2c66affSColin Finck KeyWriteTimeInformation, 373c2c66affSColin Finck KeyWow64FlagsInformation, 374c2c66affSColin Finck KeyControlFlagsInformation, 375c2c66affSColin Finck KeySetVirtualizationInformation, 376c2c66affSColin Finck KeySetDebugInformation, 377c2c66affSColin Finck KeySetHandleTagsInformation, 378c2c66affSColin Finck MaxKeySetInfoClass 379c2c66affSColin Finck } KEY_SET_INFORMATION_CLASS; 380c2c66affSColin Finck 381c2c66affSColin Finck __kernel_entry 382c2c66affSColin Finck NTSYSCALLAPI 383c2c66affSColin Finck NTSTATUS 384c2c66affSColin Finck NTAPI 385c2c66affSColin Finck NtSetInformationKey( 386c2c66affSColin Finck _In_ HANDLE KeyHandle, 387c2c66affSColin Finck _In_ _Strict_type_match_ 388c2c66affSColin Finck KEY_SET_INFORMATION_CLASS KeySetInformationClass, 389c2c66affSColin Finck _In_reads_bytes_(KeySetInformationLength) PVOID KeySetInformation, 390c2c66affSColin Finck _In_ ULONG KeySetInformationLength); 391c2c66affSColin Finck 392c2c66affSColin Finck typedef enum _PROCESSINFOCLASS 393c2c66affSColin Finck { 394c2c66affSColin Finck ProcessBasicInformation = 0, 395c2c66affSColin Finck ProcessDebugPort = 7, 396c2c66affSColin Finck ProcessWow64Information = 26, 397c2c66affSColin Finck ProcessImageFileName = 27, 398c2c66affSColin Finck ProcessBreakOnTermination = 29 399c2c66affSColin Finck } PROCESSINFOCLASS; 400c2c66affSColin Finck 401c2c66affSColin Finck typedef struct _PROCESS_BASIC_INFORMATION 402c2c66affSColin Finck { 403c2c66affSColin Finck PVOID Reserved1; 404c2c66affSColin Finck PPEB PebBaseAddress; 405c2c66affSColin Finck PVOID Reserved2[2]; 406c2c66affSColin Finck ULONG_PTR UniqueProcessId; 407c2c66affSColin Finck PVOID Reserved3; 408c2c66affSColin Finck } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION; 409c2c66affSColin Finck 410c2c66affSColin Finck __kernel_entry 411c2c66affSColin Finck NTSYSCALLAPI 412c2c66affSColin Finck NTSTATUS 413c2c66affSColin Finck NTAPI 414c2c66affSColin Finck NtQueryInformationProcess( 415c2c66affSColin Finck _In_ HANDLE ProcessHandle, 416c2c66affSColin Finck _In_ PROCESSINFOCLASS ProcessInformationClass, 417c2c66affSColin Finck _Out_ PVOID ProcessInformation, 418c2c66affSColin Finck _In_ ULONG ProcessInformationLength, 419c2c66affSColin Finck _Out_opt_ PULONG ReturnLength); 420c2c66affSColin Finck 421c2c66affSColin Finck typedef enum _THREADINFOCLASS 422c2c66affSColin Finck { 423c2c66affSColin Finck ThreadIsIoPending = 16 424c2c66affSColin Finck } THREADINFOCLASS; 425c2c66affSColin Finck 426c2c66affSColin Finck __kernel_entry 427c2c66affSColin Finck NTSYSCALLAPI 428c2c66affSColin Finck NTSTATUS 429c2c66affSColin Finck NTAPI 430c2c66affSColin Finck NtQueryInformationThread( 431c2c66affSColin Finck _In_ HANDLE ThreadHandle, 432c2c66affSColin Finck _In_ THREADINFOCLASS ThreadInformationClass, 433c2c66affSColin Finck _Out_ PVOID ThreadInformation, 434c2c66affSColin Finck _In_ ULONG ThreadInformationLength, 435c2c66affSColin Finck _Out_opt_ PULONG ReturnLength); 436c2c66affSColin Finck 437c2c66affSColin Finck typedef enum _OBJECT_INFORMATION_CLASS 438c2c66affSColin Finck { 439c2c66affSColin Finck ObjectBasicInformation = 0, 440c2c66affSColin Finck ObjectTypeInformation = 2 441c2c66affSColin Finck } OBJECT_INFORMATION_CLASS; 442c2c66affSColin Finck 443c2c66affSColin Finck typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION 444c2c66affSColin Finck { 445c2c66affSColin Finck ULONG Attributes; 446c2c66affSColin Finck ACCESS_MASK GrantedAccess; 447c2c66affSColin Finck ULONG HandleCount; 448c2c66affSColin Finck ULONG PointerCount; 449c2c66affSColin Finck ULONG Reserved[10]; 450c2c66affSColin Finck } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION; 451c2c66affSColin Finck 452c2c66affSColin Finck typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION 453c2c66affSColin Finck { 454c2c66affSColin Finck UNICODE_STRING TypeName; 455c2c66affSColin Finck ULONG Reserved [22]; 456c2c66affSColin Finck } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION; 457c2c66affSColin Finck 458c2c66affSColin Finck _IRQL_requires_max_(PASSIVE_LEVEL) 459c2c66affSColin Finck __kernel_entry 460c2c66affSColin Finck NTSYSCALLAPI 461c2c66affSColin Finck NTSTATUS 462c2c66affSColin Finck NTAPI 463c2c66affSColin Finck NtQueryObject( 464c2c66affSColin Finck _In_opt_ HANDLE Handle, 465c2c66affSColin Finck _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass, 466c2c66affSColin Finck _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation, 467c2c66affSColin Finck _In_ ULONG ObjectInformationLength, 468c2c66affSColin Finck _Out_opt_ PULONG ReturnLength); 469c2c66affSColin Finck 470c2c66affSColin Finck typedef enum _SYSTEM_INFORMATION_CLASS 471c2c66affSColin Finck { 472c2c66affSColin Finck SystemBasicInformation = 0, 473c2c66affSColin Finck SystemPerformanceInformation = 2, 474c2c66affSColin Finck SystemTimeOfDayInformation = 3, 475c2c66affSColin Finck SystemProcessInformation = 5, 476c2c66affSColin Finck SystemProcessorPerformanceInformation = 8, 477c2c66affSColin Finck SystemInterruptInformation = 23, 478c2c66affSColin Finck SystemExceptionInformation = 33, 479c2c66affSColin Finck SystemRegistryQuotaInformation = 37, 480c2c66affSColin Finck SystemLookasideInformation = 45, 481c2c66affSColin Finck SystemPolicyInformation = 134, 482c2c66affSColin Finck } SYSTEM_INFORMATION_CLASS; 483c2c66affSColin Finck 484c2c66affSColin Finck typedef struct _SYSTEM_BASIC_INFORMATION 485c2c66affSColin Finck { 486c2c66affSColin Finck BYTE Reserved1[24]; 487c2c66affSColin Finck PVOID Reserved2[4]; 488c2c66affSColin Finck CCHAR NumberOfProcessors; 489c2c66affSColin Finck } SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION; 490c2c66affSColin Finck 491c2c66affSColin Finck typedef struct _SYSTEM_PERFORMANCE_INFORMATION 492c2c66affSColin Finck { 493*3bdc062fSHermès Bélusca-Maïto #if (_WIN32_WINNT >= _WIN32_WINNT_WIN8) 494*3bdc062fSHermès Bélusca-Maïto BYTE Reserved1[344]; 495*3bdc062fSHermès Bélusca-Maïto #elif (_WIN32_WINNT >= _WIN32_WINNT_WIN7) 496*3bdc062fSHermès Bélusca-Maïto BYTE Reserved1[328]; 497*3bdc062fSHermès Bélusca-Maïto #else 498c2c66affSColin Finck BYTE Reserved1[312]; 499*3bdc062fSHermès Bélusca-Maïto #endif 500c2c66affSColin Finck } SYSTEM_PERFORMANCE_INFORMATION, *PSYSTEM_PERFORMANCE_INFORMATION; 501c2c66affSColin Finck 502c2c66affSColin Finck typedef struct _SYSTEM_TIMEOFDAY_INFORMATION 503c2c66affSColin Finck { 504c2c66affSColin Finck BYTE Reserved1[48]; 505c2c66affSColin Finck } SYSTEM_TIMEOFDAY_INFORMATION, *PSYSTEM_TIMEOFDAY_INFORMATION; 506c2c66affSColin Finck 507c2c66affSColin Finck typedef struct _SYSTEM_PROCESS_INFORMATION 508c2c66affSColin Finck { 509c2c66affSColin Finck ULONG NextEntryOffset; 510c2c66affSColin Finck BYTE Reserved1[52]; 511c2c66affSColin Finck PVOID Reserved2[3]; 512c2c66affSColin Finck HANDLE UniqueProcessId; 513c2c66affSColin Finck PVOID Reserved3; 514c2c66affSColin Finck ULONG HandleCount; 515c2c66affSColin Finck BYTE Reserved4[4]; 516c2c66affSColin Finck PVOID Reserved5[11]; 517c2c66affSColin Finck SIZE_T PeakPagefileUsage; 518c2c66affSColin Finck SIZE_T PrivatePageCount; 519c2c66affSColin Finck LARGE_INTEGER Reserved6[6]; 520c2c66affSColin Finck } SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION; 521c2c66affSColin Finck 522c2c66affSColin Finck typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION 523c2c66affSColin Finck { 524c2c66affSColin Finck LARGE_INTEGER IdleTime; 525c2c66affSColin Finck LARGE_INTEGER KernelTime; 526c2c66affSColin Finck LARGE_INTEGER UserTime; 527c2c66affSColin Finck LARGE_INTEGER Reserved1[2]; 528c2c66affSColin Finck ULONG Reserved2; 529c2c66affSColin Finck } SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION, *PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION; 530c2c66affSColin Finck 531c2c66affSColin Finck typedef struct _SYSTEM_INTERRUPT_INFORMATION 532c2c66affSColin Finck { 533c2c66affSColin Finck BYTE Reserved1[24]; 534c2c66affSColin Finck } SYSTEM_INTERRUPT_INFORMATION, *PSYSTEM_INTERRUPT_INFORMATION; 535c2c66affSColin Finck 536c2c66affSColin Finck typedef struct _SYSTEM_EXCEPTION_INFORMATION 537c2c66affSColin Finck { 538c2c66affSColin Finck BYTE Reserved1[16]; 539c2c66affSColin Finck } SYSTEM_EXCEPTION_INFORMATION, *PSYSTEM_EXCEPTION_INFORMATION; 540c2c66affSColin Finck 541c2c66affSColin Finck typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION 542c2c66affSColin Finck { 543c2c66affSColin Finck ULONG RegistryQuotaAllowed; 544c2c66affSColin Finck ULONG RegistryQuotaUsed; 545c2c66affSColin Finck PVOID Reserved1; 546c2c66affSColin Finck } SYSTEM_REGISTRY_QUOTA_INFORMATION, *PSYSTEM_REGISTRY_QUOTA_INFORMATION; 547c2c66affSColin Finck 548c2c66affSColin Finck typedef struct _SYSTEM_LOOKASIDE_INFORMATION 549c2c66affSColin Finck { 550c2c66affSColin Finck BYTE Reserved1[32]; 551c2c66affSColin Finck } SYSTEM_LOOKASIDE_INFORMATION, *PSYSTEM_LOOKASIDE_INFORMATION; 552c2c66affSColin Finck 553c2c66affSColin Finck typedef struct _SYSTEM_POLICY_INFORMATION 554c2c66affSColin Finck { 555c2c66affSColin Finck PVOID Reserved1[2]; 556c2c66affSColin Finck ULONG Reserved2[3]; 557c2c66affSColin Finck } SYSTEM_POLICY_INFORMATION, *PSYSTEM_POLICY_INFORMATION; 558c2c66affSColin Finck 559c2c66affSColin Finck __kernel_entry 560c2c66affSColin Finck NTSYSCALLAPI 561c2c66affSColin Finck NTSTATUS 562c2c66affSColin Finck NTAPI 563c2c66affSColin Finck NtQuerySystemInformation( 564c2c66affSColin Finck _In_ SYSTEM_INFORMATION_CLASS SystemInformationClass, 565c2c66affSColin Finck _Out_ PVOID SystemInformation, 566c2c66affSColin Finck _In_ ULONG InformationLength, 567c2c66affSColin Finck _Out_opt_ PULONG ResultLength); 568c2c66affSColin Finck 569c2c66affSColin Finck typedef enum _WINSTATIONINFOCLASS 570c2c66affSColin Finck { 571c2c66affSColin Finck WinStationInformation = 8 572c2c66affSColin Finck } WINSTATIONINFOCLASS; 573c2c66affSColin Finck 574c2c66affSColin Finck typedef struct _WINSTATIONINFORMATIONW 575c2c66affSColin Finck { 576c2c66affSColin Finck BYTE Reserved2[70]; 577c2c66affSColin Finck ULONG LogonId; 578c2c66affSColin Finck BYTE Reserved3[1140]; 579c2c66affSColin Finck } WINSTATIONINFORMATIONW, * PWINSTATIONINFORMATIONW; 580c2c66affSColin Finck 581c2c66affSColin Finck typedef 582c2c66affSColin Finck BOOLEAN 583c2c66affSColin Finck (WINAPI * PWINSTATIONQUERYINFORMATIONW)( 584c2c66affSColin Finck HANDLE, 585c2c66affSColin Finck ULONG, 586c2c66affSColin Finck WINSTATIONINFOCLASS, 587c2c66affSColin Finck PVOID, 588c2c66affSColin Finck ULONG, 589c2c66affSColin Finck PULONG); 590c2c66affSColin Finck 591c2c66affSColin Finck __kernel_entry 592c2c66affSColin Finck NTSYSCALLAPI 593c2c66affSColin Finck NTSTATUS 594c2c66affSColin Finck NTAPI 595c2c66affSColin Finck NtQuerySystemTime( 596c2c66affSColin Finck _Out_ PLARGE_INTEGER SystemTime); 597c2c66affSColin Finck 598c2c66affSColin Finck #define RtlMoveMemory(Dest,Source,Length) memmove((Dest),(Source),(Length)) 599c2c66affSColin Finck #define RtlFillMemory(Dest,Length,Fill) memset((Dest),(Fill),(Length)) 600c2c66affSColin Finck #define RtlZeroMemory(Dest,Length) RtlFillMemory((Dest),(Length),0) 601c2c66affSColin Finck 602c2c66affSColin Finck VOID 603c2c66affSColin Finck NTAPI 604c2c66affSColin Finck RtlInitString( 605c2c66affSColin Finck PSTRING DestinationString, 606c2c66affSColin Finck PCSZ SourceString); 607c2c66affSColin Finck 608c2c66affSColin Finck VOID 609c2c66affSColin Finck NTAPI 610c2c66affSColin Finck RtlInitAnsiString( 611c2c66affSColin Finck PANSI_STRING DestinationString, 612c2c66affSColin Finck PCSZ SourceString); 613c2c66affSColin Finck 614c2c66affSColin Finck VOID 615c2c66affSColin Finck NTAPI 616c2c66affSColin Finck RtlInitUnicodeString( 617c2c66affSColin Finck PUNICODE_STRING DestinationString, 618c2c66affSColin Finck PCWSTR SourceString); 619c2c66affSColin Finck 620c2c66affSColin Finck VOID 621c2c66affSColin Finck NTAPI 622c2c66affSColin Finck RtlFreeAnsiString( 623c2c66affSColin Finck PANSI_STRING AnsiString); 624c2c66affSColin Finck 625c2c66affSColin Finck VOID 626c2c66affSColin Finck NTAPI 627c2c66affSColin Finck RtlFreeOemString( 628c2c66affSColin Finck POEM_STRING OemString); 629c2c66affSColin Finck 630c2c66affSColin Finck VOID 631c2c66affSColin Finck NTAPI 632c2c66affSColin Finck RtlFreeUnicodeString( 633c2c66affSColin Finck PUNICODE_STRING UnicodeString); 634c2c66affSColin Finck 635c2c66affSColin Finck NTSTATUS 636c2c66affSColin Finck NTAPI 637c2c66affSColin Finck RtlAnsiStringToUnicodeString( 638c2c66affSColin Finck PUNICODE_STRING DestinationString, 639c2c66affSColin Finck PCANSI_STRING SourceString, 640c2c66affSColin Finck BOOLEAN AllocateDestinationString); 641c2c66affSColin Finck 642c2c66affSColin Finck NTSTATUS 643c2c66affSColin Finck NTAPI 644c2c66affSColin Finck RtlUnicodeStringToAnsiString( 645c2c66affSColin Finck PANSI_STRING DestinationString, 646c2c66affSColin Finck PCUNICODE_STRING SourceString, 647c2c66affSColin Finck BOOLEAN AllocateDestinationString); 648c2c66affSColin Finck 649c2c66affSColin Finck NTSTATUS 650c2c66affSColin Finck NTAPI 651c2c66affSColin Finck RtlUnicodeStringToOemString( 652c2c66affSColin Finck POEM_STRING DestinationString, 653c2c66affSColin Finck PCUNICODE_STRING SourceString, 654c2c66affSColin Finck BOOLEAN AllocateDestinationString); 655c2c66affSColin Finck 656c2c66affSColin Finck NTSTATUS 657c2c66affSColin Finck NTAPI 658c2c66affSColin Finck RtlUnicodeToMultiByteSize( 659c2c66affSColin Finck _Out_ PULONG BytesInMultiByteString, 660c2c66affSColin Finck _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString, 661c2c66affSColin Finck _In_ ULONG BytesInUnicodeString); 662c2c66affSColin Finck 663c2c66affSColin Finck NTSTATUS 664c2c66affSColin Finck NTAPI 665c2c66affSColin Finck RtlCharToInteger( 666c2c66affSColin Finck PCSZ String, 667c2c66affSColin Finck ULONG Base, 668c2c66affSColin Finck PULONG Value); 669c2c66affSColin Finck 670c2c66affSColin Finck BOOLEAN 671c2c66affSColin Finck NTAPI 672c2c66affSColin Finck RtlIsNameLegalDOS8Dot3( 673c2c66affSColin Finck _In_ PUNICODE_STRING Name, 674c2c66affSColin Finck _Inout_opt_ POEM_STRING OemName, 675c2c66affSColin Finck _Inout_opt_ PBOOLEAN NameContainsSpaces); 676c2c66affSColin Finck 677c2c66affSColin Finck NTSTATUS 678c2c66affSColin Finck NTAPI 679c2c66affSColin Finck RtlLocalTimeToSystemTime( 680c2c66affSColin Finck IN PLARGE_INTEGER LocalTime, 681c2c66affSColin Finck _Out_ PLARGE_INTEGER SystemTime); 682c2c66affSColin Finck 683c2c66affSColin Finck BOOLEAN 684c2c66affSColin Finck NTAPI 685c2c66affSColin Finck RtlTimeToSecondsSince1970( 686c2c66affSColin Finck PLARGE_INTEGER Time, 687c2c66affSColin Finck PULONG ElapsedSeconds); 688c2c66affSColin Finck 689c2c66affSColin Finck _When_(Status < 0, _Out_range_(>, 0)) 690c2c66affSColin Finck _When_(Status >= 0, _Out_range_(==, 0)) 691c2c66affSColin Finck ULONG 692c2c66affSColin Finck NTAPI 693c2c66affSColin Finck RtlNtStatusToDosError( 694c2c66affSColin Finck _In_ NTSTATUS Status); 695c2c66affSColin Finck 696c2c66affSColin Finck NTSTATUS 697c2c66affSColin Finck NTAPI 698c2c66affSColin Finck RtlConvertSidToUnicodeString( 699c2c66affSColin Finck PUNICODE_STRING UnicodeString, 700c2c66affSColin Finck PSID Sid, 701c2c66affSColin Finck BOOLEAN AllocateDestinationString); 702c2c66affSColin Finck 703c2c66affSColin Finck ULONG 704c2c66affSColin Finck NTAPI 705c2c66affSColin Finck RtlUniform( 706c2c66affSColin Finck PULONG Seed); 707c2c66affSColin Finck 708c2c66affSColin Finck 709c2c66affSColin Finck #ifdef __cplusplus 710c2c66affSColin Finck } 711c2c66affSColin Finck #endif 712c2c66affSColin Finck 713c2c66affSColin Finck #endif /* _WINTERNL_ */ 714