1 #[allow(deprecated)] //fixme
2 use core::mem::uninitialized;
3 use core::ptr::read_volatile;
4 #[cfg(target_arch = "x86")]
5 use core::sync::atomic::spin_loop_hint;
6 use crate::ntapi_base::{CLIENT_ID, KPRIORITY, KSYSTEM_TIME, PRTL_ATOM, RTL_ATOM};
7 use crate::ntioapi::{BUS_DATA_TYPE, FILE_IO_COMPLETION_INFORMATION, INTERFACE_TYPE};
8 use crate::ntkeapi::{KPROFILE_SOURCE, KTHREAD_STATE, KWAIT_REASON};
9 use crate::ntldr::RTL_PROCESS_MODULE_INFORMATION_EX;
10 use crate::ntpebteb::PTEB;
11 use crate::ntpoapi::COUNTED_REASON_CONTEXT;
12 use winapi::shared::basetsd::{KAFFINITY, PULONG64, PULONG_PTR, SIZE_T, ULONG64, ULONG_PTR};
13 use winapi::shared::evntrace::PROFILE_SOURCE_INFO;
14 use winapi::shared::guiddef::{GUID, LPGUID};
15 use winapi::shared::ntdef::{
16 BOOLEAN, CCHAR, EVENT_TYPE, HANDLE, LANGID, LARGE_INTEGER, LCID, LOGICAL, LONG, LONGLONG,
17 NTSTATUS, NT_PRODUCT_TYPE, PBOOLEAN, PCHAR, PCWNF_STATE_NAME, PGROUP_AFFINITY, PHANDLE,
18 PHYSICAL_ADDRESS, PLARGE_INTEGER, PLCID, PLONG, PLUID, POBJECT_ATTRIBUTES, PUCHAR,
19 PULARGE_INTEGER, PULONG, PUNICODE_STRING, PUSHORT, PVOID, PWNF_STATE_NAME, PWSTR, TIMER_TYPE,
20 UCHAR, ULARGE_INTEGER, ULONG, ULONGLONG, UNICODE_STRING, USHORT, VOID, WCHAR, WNF_STATE_NAME,
21 };
22 use winapi::um::winnt::{
23 ACCESS_MASK, ANYSIZE_ARRAY, FIRMWARE_TYPE, GENERIC_MAPPING, PSECURITY_DESCRIPTOR,
24 STANDARD_RIGHTS_REQUIRED, SYNCHRONIZE, XSTATE_CONFIGURATION,
25 };
26 use crate::winapi_local::um::winnt::UInt32x32To64;
27 EXTERN!{extern "system" {
28 fn NtDelayExecution(
29 Alertable: BOOLEAN,
30 DelayInterval: PLARGE_INTEGER,
31 ) -> NTSTATUS;
32 fn NtQuerySystemEnvironmentValue(
33 VariableName: PUNICODE_STRING,
34 VariableValue: PWSTR,
35 ValueLength: USHORT,
36 ReturnLength: PUSHORT,
37 ) -> NTSTATUS;
38 fn NtSetSystemEnvironmentValue(
39 VariableName: PUNICODE_STRING,
40 VariableValue: PUNICODE_STRING,
41 ) -> NTSTATUS;
42 fn NtQuerySystemEnvironmentValueEx(
43 VariableName: PUNICODE_STRING,
44 VendorGuid: LPGUID,
45 Value: PVOID,
46 ValueLength: PULONG,
47 Attributes: PULONG,
48 ) -> NTSTATUS;
49 fn NtSetSystemEnvironmentValueEx(
50 VariableName: PUNICODE_STRING,
51 VendorGuid: LPGUID,
52 Value: PVOID,
53 ValueLength: ULONG,
54 Attributes: ULONG,
55 ) -> NTSTATUS;
56 fn NtEnumerateSystemEnvironmentValuesEx(
57 InformationClass: ULONG,
58 Buffer: PVOID,
59 BufferLength: PULONG,
60 ) -> NTSTATUS;
61 }}
62 STRUCT!{struct BOOT_ENTRY {
63 Version: ULONG,
64 Length: ULONG,
65 Id: ULONG,
66 Attributes: ULONG,
67 FriendlyNameOffset: ULONG,
68 BootFilePathOffset: ULONG,
69 OsOptionsLength: ULONG,
70 OsOptions: [UCHAR; 1],
71 }}
72 pub type PBOOT_ENTRY = *mut BOOT_ENTRY;
73 STRUCT!{struct BOOT_ENTRY_LIST {
74 NextEntryOffset: ULONG,
75 BootEntry: BOOT_ENTRY,
76 }}
77 pub type PBOOT_ENTRY_LIST = *mut BOOT_ENTRY_LIST;
78 STRUCT!{struct BOOT_OPTIONS {
79 Version: ULONG,
80 Length: ULONG,
81 Timeout: ULONG,
82 CurrentBootEntryId: ULONG,
83 NextBootEntryId: ULONG,
84 HeadlessRedirection: [WCHAR; 1],
85 }}
86 pub type PBOOT_OPTIONS = *mut BOOT_OPTIONS;
87 STRUCT!{struct FILE_PATH {
88 Version: ULONG,
89 Length: ULONG,
90 Type: ULONG,
91 FilePath: [UCHAR; 1],
92 }}
93 pub type PFILE_PATH = *mut FILE_PATH;
94 STRUCT!{struct EFI_DRIVER_ENTRY {
95 Version: ULONG,
96 Length: ULONG,
97 Id: ULONG,
98 FriendlyNameOffset: ULONG,
99 DriverFilePathOffset: ULONG,
100 }}
101 pub type PEFI_DRIVER_ENTRY = *mut EFI_DRIVER_ENTRY;
102 STRUCT!{struct EFI_DRIVER_ENTRY_LIST {
103 NextEntryOffset: ULONG,
104 DriverEntry: EFI_DRIVER_ENTRY,
105 }}
106 pub type PEFI_DRIVER_ENTRY_LIST = *mut EFI_DRIVER_ENTRY_LIST;
107 EXTERN!{extern "system" {
108 fn NtAddBootEntry(
109 BootEntry: PBOOT_ENTRY,
110 Id: PULONG,
111 ) -> NTSTATUS;
112 fn NtDeleteBootEntry(
113 Id: ULONG,
114 ) -> NTSTATUS;
115 fn NtModifyBootEntry(
116 BootEntry: PBOOT_ENTRY,
117 ) -> NTSTATUS;
118 fn NtEnumerateBootEntries(
119 Buffer: PVOID,
120 BufferLength: PULONG,
121 ) -> NTSTATUS;
122 fn NtQueryBootEntryOrder(
123 Ids: PULONG,
124 Count: PULONG,
125 ) -> NTSTATUS;
126 fn NtSetBootEntryOrder(
127 Ids: PULONG,
128 Count: ULONG,
129 ) -> NTSTATUS;
130 fn NtQueryBootOptions(
131 BootOptions: PBOOT_OPTIONS,
132 BootOptionsLength: PULONG,
133 ) -> NTSTATUS;
134 fn NtSetBootOptions(
135 BootOptions: PBOOT_OPTIONS,
136 FieldsToChange: ULONG,
137 ) -> NTSTATUS;
138 fn NtTranslateFilePath(
139 InputFilePath: PFILE_PATH,
140 OutputType: ULONG,
141 OutputFilePath: PFILE_PATH,
142 OutputFilePathLength: PULONG,
143 ) -> NTSTATUS;
144 fn NtAddDriverEntry(
145 DriverEntry: PEFI_DRIVER_ENTRY,
146 Id: PULONG,
147 ) -> NTSTATUS;
148 fn NtDeleteDriverEntry(
149 Id: ULONG,
150 ) -> NTSTATUS;
151 fn NtModifyDriverEntry(
152 DriverEntry: PEFI_DRIVER_ENTRY,
153 ) -> NTSTATUS;
154 fn NtEnumerateDriverEntries(
155 Buffer: PVOID,
156 BufferLength: PULONG,
157 ) -> NTSTATUS;
158 fn NtQueryDriverEntryOrder(
159 Ids: PULONG,
160 Count: PULONG,
161 ) -> NTSTATUS;
162 fn NtSetDriverEntryOrder(
163 Ids: PULONG,
164 Count: ULONG,
165 ) -> NTSTATUS;
166 }}
167 ENUM!{enum FILTER_BOOT_OPTION_OPERATION {
168 FilterBootOptionOperationOpenSystemStore = 0,
169 FilterBootOptionOperationSetElement = 1,
170 FilterBootOptionOperationDeleteElement = 2,
171 FilterBootOptionOperationMax = 3,
172 }}
173 EXTERN!{extern "system" {
174 fn NtFilterBootOption(
175 FilterOperation: FILTER_BOOT_OPTION_OPERATION,
176 ObjectType: ULONG,
177 ElementType: ULONG,
178 Data: PVOID,
179 DataSize: ULONG,
180 ) -> NTSTATUS;
181 }}
182 pub const EVENT_QUERY_STATE: u32 = 0x0001;
183 ENUM!{enum EVENT_INFORMATION_CLASS {
184 EventBasicInformation = 0,
185 }}
186 STRUCT!{struct EVENT_BASIC_INFORMATION {
187 EventType: EVENT_TYPE,
188 EventState: LONG,
189 }}
190 pub type PEVENT_BASIC_INFORMATION = *mut EVENT_BASIC_INFORMATION;
191 EXTERN!{extern "system" {
192 fn NtCreateEvent(
193 EventHandle: PHANDLE,
194 DesiredAccess: ACCESS_MASK,
195 ObjectAttributes: POBJECT_ATTRIBUTES,
196 EventType: EVENT_TYPE,
197 InitialState: BOOLEAN,
198 ) -> NTSTATUS;
199 fn NtOpenEvent(
200 EventHandle: PHANDLE,
201 DesiredAccess: ACCESS_MASK,
202 ObjectAttributes: POBJECT_ATTRIBUTES,
203 ) -> NTSTATUS;
204 fn NtSetEvent(
205 EventHandle: HANDLE,
206 PreviousState: PLONG,
207 ) -> NTSTATUS;
208 fn NtSetEventBoostPriority(
209 EventHandle: HANDLE,
210 ) -> NTSTATUS;
211 fn NtClearEvent(
212 EventHandle: HANDLE,
213 ) -> NTSTATUS;
214 fn NtResetEvent(
215 EventHandle: HANDLE,
216 PreviousState: PLONG,
217 ) -> NTSTATUS;
218 fn NtPulseEvent(
219 EventHandle: HANDLE,
220 PreviousState: PLONG,
221 ) -> NTSTATUS;
222 fn NtQueryEvent(
223 EventHandle: HANDLE,
224 EventInformationClass: EVENT_INFORMATION_CLASS,
225 EventInformation: PVOID,
226 EventInformationLength: ULONG,
227 ReturnLength: PULONG,
228 ) -> NTSTATUS;
229 }}
230 pub const EVENT_PAIR_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE;
231 EXTERN!{extern "system" {
232 fn NtCreateEventPair(
233 EventPairHandle: PHANDLE,
234 DesiredAccess: ACCESS_MASK,
235 ObjectAttributes: POBJECT_ATTRIBUTES,
236 ) -> NTSTATUS;
237 fn NtOpenEventPair(
238 EventPairHandle: PHANDLE,
239 DesiredAccess: ACCESS_MASK,
240 ObjectAttributes: POBJECT_ATTRIBUTES,
241 ) -> NTSTATUS;
242 fn NtSetLowEventPair(
243 EventPairHandle: HANDLE,
244 ) -> NTSTATUS;
245 fn NtSetHighEventPair(
246 EventPairHandle: HANDLE,
247 ) -> NTSTATUS;
248 fn NtWaitLowEventPair(
249 EventPairHandle: HANDLE,
250 ) -> NTSTATUS;
251 fn NtWaitHighEventPair(
252 EventPairHandle: HANDLE,
253 ) -> NTSTATUS;
254 fn NtSetLowWaitHighEventPair(
255 EventPairHandle: HANDLE,
256 ) -> NTSTATUS;
257 fn NtSetHighWaitLowEventPair(
258 EventPairHandle: HANDLE,
259 ) -> NTSTATUS;
260 }}
261 ENUM!{enum MUTANT_INFORMATION_CLASS {
262 MutantBasicInformation = 0,
263 MutantOwnerInformation = 1,
264 }}
265 STRUCT!{struct MUTANT_BASIC_INFORMATION {
266 CurrentCount: LONG,
267 OwnedByCaller: BOOLEAN,
268 AbandonedState: BOOLEAN,
269 }}
270 pub type PMUTANT_BASIC_INFORMATION = *mut MUTANT_BASIC_INFORMATION;
271 STRUCT!{struct MUTANT_OWNER_INFORMATION {
272 ClientId: CLIENT_ID,
273 }}
274 pub type PMUTANT_OWNER_INFORMATION = *mut MUTANT_OWNER_INFORMATION;
275 EXTERN!{extern "system" {
276 fn NtCreateMutant(
277 MutantHandle: PHANDLE,
278 DesiredAccess: ACCESS_MASK,
279 ObjectAttributes: POBJECT_ATTRIBUTES,
280 InitialOwner: BOOLEAN,
281 ) -> NTSTATUS;
282 fn NtOpenMutant(
283 MutantHandle: PHANDLE,
284 DesiredAccess: ACCESS_MASK,
285 ObjectAttributes: POBJECT_ATTRIBUTES,
286 ) -> NTSTATUS;
287 fn NtReleaseMutant(
288 MutantHandle: HANDLE,
289 PreviousCount: PLONG,
290 ) -> NTSTATUS;
291 fn NtQueryMutant(
292 MutantHandle: HANDLE,
293 MutantInformationClass: MUTANT_INFORMATION_CLASS,
294 MutantInformation: PVOID,
295 MutantInformationLength: ULONG,
296 ReturnLength: PULONG,
297 ) -> NTSTATUS;
298 }}
299 pub const SEMAPHORE_QUERY_STATE: u32 = 0x0001;
300 ENUM!{enum SEMAPHORE_INFORMATION_CLASS {
301 SemaphoreBasicInformation = 0,
302 }}
303 STRUCT!{struct SEMAPHORE_BASIC_INFORMATION {
304 CurrentCount: LONG,
305 MaximumCount: LONG,
306 }}
307 pub type PSEMAPHORE_BASIC_INFORMATION = *mut SEMAPHORE_BASIC_INFORMATION;
308 EXTERN!{extern "system" {
309 fn NtCreateSemaphore(
310 SemaphoreHandle: PHANDLE,
311 DesiredAccess: ACCESS_MASK,
312 ObjectAttributes: POBJECT_ATTRIBUTES,
313 InitialCount: LONG,
314 MaximumCount: LONG,
315 ) -> NTSTATUS;
316 fn NtOpenSemaphore(
317 SemaphoreHandle: PHANDLE,
318 DesiredAccess: ACCESS_MASK,
319 ObjectAttributes: POBJECT_ATTRIBUTES,
320 ) -> NTSTATUS;
321 fn NtReleaseSemaphore(
322 SemaphoreHandle: HANDLE,
323 ReleaseCount: LONG,
324 PreviousCount: PLONG,
325 ) -> NTSTATUS;
326 fn NtQuerySemaphore(
327 SemaphoreHandle: HANDLE,
328 SemaphoreInformationClass: SEMAPHORE_INFORMATION_CLASS,
329 SemaphoreInformation: PVOID,
330 SemaphoreInformationLength: ULONG,
331 ReturnLength: PULONG,
332 ) -> NTSTATUS;
333 }}
334 ENUM!{enum TIMER_INFORMATION_CLASS {
335 TimerBasicInformation = 0,
336 }}
337 STRUCT!{struct TIMER_BASIC_INFORMATION {
338 RemainingTime: LARGE_INTEGER,
339 TimerState: BOOLEAN,
340 }}
341 pub type PTIMER_BASIC_INFORMATION = *mut TIMER_BASIC_INFORMATION;
342 FN!{stdcall PTIMER_APC_ROUTINE(
343 TimerContext: PVOID,
344 TimerLowValue: ULONG,
345 TimerHighValue: LONG,
346 ) -> ()}
347 ENUM!{enum TIMER_SET_INFORMATION_CLASS {
348 TimerSetCoalescableTimer = 0,
349 MaxTimerInfoClass = 1,
350 }}
351 STRUCT!{struct TIMER_SET_COALESCABLE_TIMER_INFO {
352 DueTime: LARGE_INTEGER,
353 TimerApcRoutine: PTIMER_APC_ROUTINE,
354 TimerContext: PVOID,
355 WakeContext: *mut COUNTED_REASON_CONTEXT,
356 Period: ULONG,
357 TolerableDelay: ULONG,
358 PreviousState: PBOOLEAN,
359 }}
360 pub type PTIMER_SET_COALESCABLE_TIMER_INFO = *mut TIMER_SET_COALESCABLE_TIMER_INFO;
361 EXTERN!{extern "system" {
362 fn NtCreateTimer(
363 TimerHandle: PHANDLE,
364 DesiredAccess: ACCESS_MASK,
365 ObjectAttributes: POBJECT_ATTRIBUTES,
366 TimerType: TIMER_TYPE,
367 ) -> NTSTATUS;
368 fn NtOpenTimer(
369 TimerHandle: PHANDLE,
370 DesiredAccess: ACCESS_MASK,
371 ObjectAttributes: POBJECT_ATTRIBUTES,
372 ) -> NTSTATUS;
373 fn NtSetTimer(
374 TimerHandle: HANDLE,
375 DueTime: PLARGE_INTEGER,
376 TimerApcRoutine: PTIMER_APC_ROUTINE,
377 TimerContext: PVOID,
378 ResumeTimer: BOOLEAN,
379 Period: LONG,
380 PreviousState: PBOOLEAN,
381 ) -> NTSTATUS;
382 fn NtSetTimerEx(
383 TimerHandle: HANDLE,
384 TimerSetInformationClass: TIMER_SET_INFORMATION_CLASS,
385 TimerSetInformation: PVOID,
386 TimerSetInformationLength: ULONG,
387 ) -> NTSTATUS;
388 fn NtCancelTimer(
389 TimerHandle: HANDLE,
390 CurrentState: PBOOLEAN,
391 ) -> NTSTATUS;
392 fn NtQueryTimer(
393 TimerHandle: HANDLE,
394 TimerInformationClass: TIMER_INFORMATION_CLASS,
395 TimerInformation: PVOID,
396 TimerInformationLength: ULONG,
397 ReturnLength: PULONG,
398 ) -> NTSTATUS;
399 fn NtCreateIRTimer(
400 TimerHandle: PHANDLE,
401 DesiredAccess: ACCESS_MASK,
402 ) -> NTSTATUS;
403 fn NtSetIRTimer(
404 TimerHandle: HANDLE,
405 DueTime: PLARGE_INTEGER,
406 ) -> NTSTATUS;
407 }}
408 STRUCT!{struct T2_SET_PARAMETERS {
409 Version: ULONG,
410 Reserved: ULONG,
411 NoWakeTolerance: LONGLONG,
412 }}
413 pub type PT2_SET_PARAMETERS = *mut T2_SET_PARAMETERS;
414 pub type PT2_CANCEL_PARAMETERS = PVOID;
415 EXTERN!{extern "system" {
416 fn NtCreateTimer2(
417 TimerHandle: PHANDLE,
418 Reserved1: PVOID,
419 Reserved2: PVOID,
420 Attributes: ULONG,
421 DesiredAccess: ACCESS_MASK,
422 ) -> NTSTATUS;
423 fn NtSetTimer2(
424 TimerHandle: HANDLE,
425 DueTime: PLARGE_INTEGER,
426 Period: PLARGE_INTEGER,
427 Parameters: PT2_SET_PARAMETERS,
428 ) -> NTSTATUS;
429 fn NtCancelTimer2(
430 TimerHandle: HANDLE,
431 Parameters: PT2_CANCEL_PARAMETERS,
432 ) -> NTSTATUS;
433 }}
434 pub const PROFILE_CONTROL: u32 = 0x0001;
435 pub const PROFILE_ALL_ACCESS: u32 = STANDARD_RIGHTS_REQUIRED | PROFILE_CONTROL;
436 EXTERN!{extern "system" {
437 fn NtCreateProfile(
438 ProfileHandle: PHANDLE,
439 Process: HANDLE,
440 ProfileBase: PVOID,
441 ProfileSize: SIZE_T,
442 BucketSize: ULONG,
443 Buffer: PULONG,
444 BufferSize: ULONG,
445 ProfileSource: KPROFILE_SOURCE,
446 Affinity: KAFFINITY,
447 ) -> NTSTATUS;
448 fn NtCreateProfileEx(
449 ProfileHandle: PHANDLE,
450 Process: HANDLE,
451 ProfileBase: PVOID,
452 ProfileSize: SIZE_T,
453 BucketSize: ULONG,
454 Buffer: PULONG,
455 BufferSize: ULONG,
456 ProfileSource: KPROFILE_SOURCE,
457 GroupCount: USHORT,
458 GroupAffinity: PGROUP_AFFINITY,
459 ) -> NTSTATUS;
460 fn NtStartProfile(
461 ProfileHandle: HANDLE,
462 ) -> NTSTATUS;
463 fn NtStopProfile(
464 ProfileHandle: HANDLE,
465 ) -> NTSTATUS;
466 fn NtQueryIntervalProfile(
467 ProfileSource: KPROFILE_SOURCE,
468 Interval: PULONG,
469 ) -> NTSTATUS;
470 fn NtSetIntervalProfile(
471 Interval: ULONG,
472 Source: KPROFILE_SOURCE,
473 ) -> NTSTATUS;
474 }}
475 pub const KEYEDEVENT_WAIT: ULONG = 0x0001;
476 pub const KEYEDEVENT_WAKE: ULONG = 0x0002;
477 pub const KEYEDEVENT_ALL_ACCESS: ACCESS_MASK =
478 STANDARD_RIGHTS_REQUIRED | KEYEDEVENT_WAIT | KEYEDEVENT_WAKE;
479 EXTERN!{extern "system" {
480 fn NtCreateKeyedEvent(
481 KeyedEventHandle: PHANDLE,
482 DesiredAccess: ACCESS_MASK,
483 ObjectAttributes: POBJECT_ATTRIBUTES,
484 Flags: ULONG,
485 ) -> NTSTATUS;
486 fn NtOpenKeyedEvent(
487 KeyedEventHandle: PHANDLE,
488 DesiredAccess: ACCESS_MASK,
489 ObjectAttributes: POBJECT_ATTRIBUTES,
490 ) -> NTSTATUS;
491 fn NtReleaseKeyedEvent(
492 KeyedEventHandle: HANDLE,
493 KeyValue: PVOID,
494 Alertable: BOOLEAN,
495 Timeout: PLARGE_INTEGER,
496 ) -> NTSTATUS;
497 fn NtWaitForKeyedEvent(
498 KeyedEventHandle: HANDLE,
499 KeyValue: PVOID,
500 Alertable: BOOLEAN,
501 Timeout: PLARGE_INTEGER,
502 ) -> NTSTATUS;
503 fn NtUmsThreadYield(
504 SchedulerParam: PVOID,
505 ) -> NTSTATUS;
506 }}
507 ENUM!{enum WNF_STATE_NAME_LIFETIME {
508 WnfWellKnownStateName = 0,
509 WnfPermanentStateName = 1,
510 WnfPersistentStateName = 2,
511 WnfTemporaryStateName = 3,
512 }}
513 ENUM!{enum WNF_STATE_NAME_INFORMATION {
514 WnfInfoStateNameExist = 0,
515 WnfInfoSubscribersPresent = 1,
516 WnfInfoIsQuiescent = 2,
517 }}
518 ENUM!{enum WNF_DATA_SCOPE {
519 WnfDataScopeSystem = 0,
520 WnfDataScopeSession = 1,
521 WnfDataScopeUser = 2,
522 WnfDataScopeProcess = 3,
523 WnfDataScopeMachine = 4,
524 }}
525 STRUCT!{struct WNF_TYPE_ID {
526 TypeId: GUID,
527 }}
528 pub type PWNF_TYPE_ID = *mut WNF_TYPE_ID;
529 pub type PCWNF_TYPE_ID = *const WNF_TYPE_ID;
530 pub type PWNF_CHANGE_STAMP = *mut ULONG;
531 pub type WNF_CHANGE_STAMP = ULONG;
532 STRUCT!{struct WNF_DELIVERY_DESCRIPTOR {
533 SubscriptionId: ULONGLONG,
534 StateName: WNF_STATE_NAME,
535 ChangeStamp: WNF_CHANGE_STAMP,
536 StateDataSize: ULONG,
537 EventMask: ULONG,
538 TypeId: WNF_TYPE_ID,
539 StateDataOffset: ULONG,
540 }}
541 pub type PWNF_DELIVERY_DESCRIPTOR = *mut WNF_DELIVERY_DESCRIPTOR;
542 EXTERN!{extern "system" {
543 fn NtCreateWnfStateName(
544 StateName: PWNF_STATE_NAME,
545 NameLifetime: WNF_STATE_NAME_LIFETIME,
546 DataScope: WNF_DATA_SCOPE,
547 PersistData: BOOLEAN,
548 TypeId: PCWNF_TYPE_ID,
549 MaximumStateSize: ULONG,
550 SecurityDescriptor: PSECURITY_DESCRIPTOR,
551 ) -> NTSTATUS;
552 fn NtDeleteWnfStateName(
553 StateName: PCWNF_STATE_NAME,
554 ) -> NTSTATUS;
555 fn NtUpdateWnfStateData(
556 StateName: PCWNF_STATE_NAME,
557 Buffer: *const VOID,
558 Length: ULONG,
559 TypeId: PCWNF_TYPE_ID,
560 ExplicitScope: *const VOID,
561 MatchingChangeStamp: WNF_CHANGE_STAMP,
562 CheckStamp: LOGICAL,
563 ) -> NTSTATUS;
564 fn NtDeleteWnfStateData(
565 StateName: PCWNF_STATE_NAME,
566 ExplicitScope: *const VOID,
567 ) -> NTSTATUS;
568 fn NtQueryWnfStateData(
569 StateName: PCWNF_STATE_NAME,
570 TypeId: PCWNF_TYPE_ID,
571 ExplicitScope: *const VOID,
572 ChangeStamp: PWNF_CHANGE_STAMP,
573 Buffer: PVOID,
574 BufferSize: PULONG,
575 ) -> NTSTATUS;
576 fn NtQueryWnfStateNameInformation(
577 StateName: PCWNF_STATE_NAME,
578 NameInfoClass: WNF_STATE_NAME_INFORMATION,
579 ExplicitScope: *const VOID,
580 InfoBuffer: PVOID,
581 InfoBufferSize: ULONG,
582 ) -> NTSTATUS;
583 fn NtSubscribeWnfStateChange(
584 StateName: PCWNF_STATE_NAME,
585 ChangeStamp: WNF_CHANGE_STAMP,
586 EventMask: ULONG,
587 SubscriptionId: PULONG64,
588 ) -> NTSTATUS;
589 fn NtUnsubscribeWnfStateChange(
590 StateName: PCWNF_STATE_NAME,
591 ) -> NTSTATUS;
592 fn NtGetCompleteWnfStateSubscription(
593 OldDescriptorStateName: PWNF_STATE_NAME,
594 OldSubscriptionId: *mut ULONG64,
595 OldDescriptorEventMask: ULONG,
596 OldDescriptorStatus: ULONG,
597 NewDeliveryDescriptor: PWNF_DELIVERY_DESCRIPTOR,
598 DescriptorSize: ULONG,
599 ) -> NTSTATUS;
600 fn NtSetWnfProcessNotificationEvent(
601 NotificationEvent: HANDLE,
602 ) -> NTSTATUS;
603 }}
604 pub const WORKER_FACTORY_RELEASE_WORKER: u32 = 0x0001;
605 pub const WORKER_FACTORY_WAIT: u32 = 0x0002;
606 pub const WORKER_FACTORY_SET_INFORMATION: u32 = 0x0004;
607 pub const WORKER_FACTORY_QUERY_INFORMATION: u32 = 0x0008;
608 pub const WORKER_FACTORY_READY_WORKER: u32 = 0x0010;
609 pub const WORKER_FACTORY_SHUTDOWN: u32 = 0x0020;
610 pub const WORKER_FACTORY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
611 | WORKER_FACTORY_RELEASE_WORKER | WORKER_FACTORY_WAIT | WORKER_FACTORY_SET_INFORMATION
612 | WORKER_FACTORY_QUERY_INFORMATION | WORKER_FACTORY_READY_WORKER | WORKER_FACTORY_SHUTDOWN;
613 ENUM!{enum WORKERFACTORYINFOCLASS {
614 WorkerFactoryTimeout = 0,
615 WorkerFactoryRetryTimeout = 1,
616 WorkerFactoryIdleTimeout = 2,
617 WorkerFactoryBindingCount = 3,
618 WorkerFactoryThreadMinimum = 4,
619 WorkerFactoryThreadMaximum = 5,
620 WorkerFactoryPaused = 6,
621 WorkerFactoryBasicInformation = 7,
622 WorkerFactoryAdjustThreadGoal = 8,
623 WorkerFactoryCallbackType = 9,
624 WorkerFactoryStackInformation = 10,
625 WorkerFactoryThreadBasePriority = 11,
626 WorkerFactoryTimeoutWaiters = 12,
627 WorkerFactoryFlags = 13,
628 WorkerFactoryThreadSoftMaximum = 14,
629 MaxWorkerFactoryInfoClass = 15,
630 }}
631 pub type PWORKERFACTORYINFOCLASS = *mut WORKERFACTORYINFOCLASS;
632 STRUCT!{struct WORKER_FACTORY_BASIC_INFORMATION {
633 Timeout: LARGE_INTEGER,
634 RetryTimeout: LARGE_INTEGER,
635 IdleTimeout: LARGE_INTEGER,
636 Paused: BOOLEAN,
637 TimerSet: BOOLEAN,
638 QueuedToExWorker: BOOLEAN,
639 MayCreate: BOOLEAN,
640 CreateInProgress: BOOLEAN,
641 InsertedIntoQueue: BOOLEAN,
642 Shutdown: BOOLEAN,
643 BindingCount: ULONG,
644 ThreadMinimum: ULONG,
645 ThreadMaximum: ULONG,
646 PendingWorkerCount: ULONG,
647 WaitingWorkerCount: ULONG,
648 TotalWorkerCount: ULONG,
649 ReleaseCount: ULONG,
650 InfiniteWaitGoal: LONGLONG,
651 StartRoutine: PVOID,
652 StartParameter: PVOID,
653 ProcessId: HANDLE,
654 StackReserve: SIZE_T,
655 StackCommit: SIZE_T,
656 LastThreadCreationStatus: NTSTATUS,
657 }}
658 pub type PWORKER_FACTORY_BASIC_INFORMATION = *mut WORKER_FACTORY_BASIC_INFORMATION;
659 EXTERN!{extern "system" {
660 fn NtCreateWorkerFactory(
661 WorkerFactoryHandleReturn: PHANDLE,
662 DesiredAccess: ACCESS_MASK,
663 ObjectAttributes: POBJECT_ATTRIBUTES,
664 CompletionPortHandle: HANDLE,
665 WorkerProcessHandle: HANDLE,
666 StartRoutine: PVOID,
667 StartParameter: PVOID,
668 MaxThreadCount: ULONG,
669 StackReserve: SIZE_T,
670 StackCommit: SIZE_T,
671 ) -> NTSTATUS;
672 fn NtQueryInformationWorkerFactory(
673 WorkerFactoryHandle: HANDLE,
674 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
675 WorkerFactoryInformation: PVOID,
676 WorkerFactoryInformationLength: ULONG,
677 ReturnLength: PULONG,
678 ) -> NTSTATUS;
679 fn NtSetInformationWorkerFactory(
680 WorkerFactoryHandle: HANDLE,
681 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
682 WorkerFactoryInformation: PVOID,
683 WorkerFactoryInformationLength: ULONG,
684 ) -> NTSTATUS;
685 fn NtShutdownWorkerFactory(
686 WorkerFactoryHandle: HANDLE,
687 PendingWorkerCount: *mut LONG,
688 ) -> NTSTATUS;
689 fn NtReleaseWorkerFactoryWorker(
690 WorkerFactoryHandle: HANDLE,
691 ) -> NTSTATUS;
692 fn NtWorkerFactoryWorkerReady(
693 WorkerFactoryHandle: HANDLE,
694 ) -> NTSTATUS;
695 fn NtWaitForWorkViaWorkerFactory(
696 WorkerFactoryHandle: HANDLE,
697 MiniPacket: *mut FILE_IO_COMPLETION_INFORMATION,
698 ) -> NTSTATUS;
699 fn NtQuerySystemTime(
700 SystemTime: PLARGE_INTEGER,
701 ) -> NTSTATUS;
702 fn NtSetSystemTime(
703 SystemTime: PLARGE_INTEGER,
704 PreviousTime: PLARGE_INTEGER,
705 ) -> NTSTATUS;
706 fn NtQueryTimerResolution(
707 MaximumTime: PULONG,
708 MinimumTime: PULONG,
709 CurrentTime: PULONG,
710 ) -> NTSTATUS;
711 fn NtSetTimerResolution(
712 DesiredTime: ULONG,
713 SetResolution: BOOLEAN,
714 ActualTime: PULONG,
715 ) -> NTSTATUS;
716 fn NtQueryPerformanceCounter(
717 PerformanceCounter: PLARGE_INTEGER,
718 PerformanceFrequency: PLARGE_INTEGER,
719 ) -> NTSTATUS;
720 fn NtAllocateLocallyUniqueId(
721 Luid: PLUID,
722 ) -> NTSTATUS;
723 fn NtSetUuidSeed(
724 Seed: PCHAR,
725 ) -> NTSTATUS;
726 fn NtAllocateUuids(
727 Time: PULARGE_INTEGER,
728 Range: PULONG,
729 Sequence: PULONG,
730 Seed: PCHAR,
731 ) -> NTSTATUS;
732 }}
733 ENUM!{enum SYSTEM_INFORMATION_CLASS {
734 SystemBasicInformation = 0,
735 SystemProcessorInformation = 1,
736 SystemPerformanceInformation = 2,
737 SystemTimeOfDayInformation = 3,
738 SystemPathInformation = 4,
739 SystemProcessInformation = 5,
740 SystemCallCountInformation = 6,
741 SystemDeviceInformation = 7,
742 SystemProcessorPerformanceInformation = 8,
743 SystemFlagsInformation = 9,
744 SystemCallTimeInformation = 10,
745 SystemModuleInformation = 11,
746 SystemLocksInformation = 12,
747 SystemStackTraceInformation = 13,
748 SystemPagedPoolInformation = 14,
749 SystemNonPagedPoolInformation = 15,
750 SystemHandleInformation = 16,
751 SystemObjectInformation = 17,
752 SystemPageFileInformation = 18,
753 SystemVdmInstemulInformation = 19,
754 SystemVdmBopInformation = 20,
755 SystemFileCacheInformation = 21,
756 SystemPoolTagInformation = 22,
757 SystemInterruptInformation = 23,
758 SystemDpcBehaviorInformation = 24,
759 SystemFullMemoryInformation = 25,
760 SystemLoadGdiDriverInformation = 26,
761 SystemUnloadGdiDriverInformation = 27,
762 SystemTimeAdjustmentInformation = 28,
763 SystemSummaryMemoryInformation = 29,
764 SystemMirrorMemoryInformation = 30,
765 SystemPerformanceTraceInformation = 31,
766 SystemObsolete0 = 32,
767 SystemExceptionInformation = 33,
768 SystemCrashDumpStateInformation = 34,
769 SystemKernelDebuggerInformation = 35,
770 SystemContextSwitchInformation = 36,
771 SystemRegistryQuotaInformation = 37,
772 SystemExtendServiceTableInformation = 38,
773 SystemPrioritySeperation = 39,
774 SystemVerifierAddDriverInformation = 40,
775 SystemVerifierRemoveDriverInformation = 41,
776 SystemProcessorIdleInformation = 42,
777 SystemLegacyDriverInformation = 43,
778 SystemCurrentTimeZoneInformation = 44,
779 SystemLookasideInformation = 45,
780 SystemTimeSlipNotification = 46,
781 SystemSessionCreate = 47,
782 SystemSessionDetach = 48,
783 SystemSessionInformation = 49,
784 SystemRangeStartInformation = 50,
785 SystemVerifierInformation = 51,
786 SystemVerifierThunkExtend = 52,
787 SystemSessionProcessInformation = 53,
788 SystemLoadGdiDriverInSystemSpace = 54,
789 SystemNumaProcessorMap = 55,
790 SystemPrefetcherInformation = 56,
791 SystemExtendedProcessInformation = 57,
792 SystemRecommendedSharedDataAlignment = 58,
793 SystemComPlusPackage = 59,
794 SystemNumaAvailableMemory = 60,
795 SystemProcessorPowerInformation = 61,
796 SystemEmulationBasicInformation = 62,
797 SystemEmulationProcessorInformation = 63,
798 SystemExtendedHandleInformation = 64,
799 SystemLostDelayedWriteInformation = 65,
800 SystemBigPoolInformation = 66,
801 SystemSessionPoolTagInformation = 67,
802 SystemSessionMappedViewInformation = 68,
803 SystemHotpatchInformation = 69,
804 SystemObjectSecurityMode = 70,
805 SystemWatchdogTimerHandler = 71,
806 SystemWatchdogTimerInformation = 72,
807 SystemLogicalProcessorInformation = 73,
808 SystemWow64SharedInformationObsolete = 74,
809 SystemRegisterFirmwareTableInformationHandler = 75,
810 SystemFirmwareTableInformation = 76,
811 SystemModuleInformationEx = 77,
812 SystemVerifierTriageInformation = 78,
813 SystemSuperfetchInformation = 79,
814 SystemMemoryListInformation = 80,
815 SystemFileCacheInformationEx = 81,
816 SystemThreadPriorityClientIdInformation = 82,
817 SystemProcessorIdleCycleTimeInformation = 83,
818 SystemVerifierCancellationInformation = 84,
819 SystemProcessorPowerInformationEx = 85,
820 SystemRefTraceInformation = 86,
821 SystemSpecialPoolInformation = 87,
822 SystemProcessIdInformation = 88,
823 SystemErrorPortInformation = 89,
824 SystemBootEnvironmentInformation = 90,
825 SystemHypervisorInformation = 91,
826 SystemVerifierInformationEx = 92,
827 SystemTimeZoneInformation = 93,
828 SystemImageFileExecutionOptionsInformation = 94,
829 SystemCoverageInformation = 95,
830 SystemPrefetchPatchInformation = 96,
831 SystemVerifierFaultsInformation = 97,
832 SystemSystemPartitionInformation = 98,
833 SystemSystemDiskInformation = 99,
834 SystemProcessorPerformanceDistribution = 100,
835 SystemNumaProximityNodeInformation = 101,
836 SystemDynamicTimeZoneInformation = 102,
837 SystemCodeIntegrityInformation = 103,
838 SystemProcessorMicrocodeUpdateInformation = 104,
839 SystemProcessorBrandString = 105,
840 SystemVirtualAddressInformation = 106,
841 SystemLogicalProcessorAndGroupInformation = 107,
842 SystemProcessorCycleTimeInformation = 108,
843 SystemStoreInformation = 109,
844 SystemRegistryAppendString = 110,
845 SystemAitSamplingValue = 111,
846 SystemVhdBootInformation = 112,
847 SystemCpuQuotaInformation = 113,
848 SystemNativeBasicInformation = 114,
849 SystemSpare1 = 115,
850 SystemLowPriorityIoInformation = 116,
851 SystemTpmBootEntropyInformation = 117,
852 SystemVerifierCountersInformation = 118,
853 SystemPagedPoolInformationEx = 119,
854 SystemSystemPtesInformationEx = 120,
855 SystemNodeDistanceInformation = 121,
856 SystemAcpiAuditInformation = 122,
857 SystemBasicPerformanceInformation = 123,
858 SystemQueryPerformanceCounterInformation = 124,
859 SystemSessionBigPoolInformation = 125,
860 SystemBootGraphicsInformation = 126,
861 SystemScrubPhysicalMemoryInformation = 127,
862 SystemBadPageInformation = 128,
863 SystemProcessorProfileControlArea = 129,
864 SystemCombinePhysicalMemoryInformation = 130,
865 SystemEntropyInterruptTimingCallback = 131,
866 SystemConsoleInformation = 132,
867 SystemPlatformBinaryInformation = 133,
868 SystemThrottleNotificationInformation = 134,
869 SystemHypervisorProcessorCountInformation = 135,
870 SystemDeviceDataInformation = 136,
871 SystemDeviceDataEnumerationInformation = 137,
872 SystemMemoryTopologyInformation = 138,
873 SystemMemoryChannelInformation = 139,
874 SystemBootLogoInformation = 140,
875 SystemProcessorPerformanceInformationEx = 141,
876 SystemSpare0 = 142,
877 SystemSecureBootPolicyInformation = 143,
878 SystemPageFileInformationEx = 144,
879 SystemSecureBootInformation = 145,
880 SystemEntropyInterruptTimingRawInformation = 146,
881 SystemPortableWorkspaceEfiLauncherInformation = 147,
882 SystemFullProcessInformation = 148,
883 SystemKernelDebuggerInformationEx = 149,
884 SystemBootMetadataInformation = 150,
885 SystemSoftRebootInformation = 151,
886 SystemElamCertificateInformation = 152,
887 SystemOfflineDumpConfigInformation = 153,
888 SystemProcessorFeaturesInformation = 154,
889 SystemRegistryReconciliationInformation = 155,
890 SystemEdidInformation = 156,
891 SystemManufacturingInformation = 157,
892 SystemEnergyEstimationConfigInformation = 158,
893 SystemHypervisorDetailInformation = 159,
894 SystemProcessorCycleStatsInformation = 160,
895 SystemVmGenerationCountInformation = 161,
896 SystemTrustedPlatformModuleInformation = 162,
897 SystemKernelDebuggerFlags = 163,
898 SystemCodeIntegrityPolicyInformation = 164,
899 SystemIsolatedUserModeInformation = 165,
900 SystemHardwareSecurityTestInterfaceResultsInformation = 166,
901 SystemSingleModuleInformation = 167,
902 SystemAllowedCpuSetsInformation = 168,
903 SystemVsmProtectionInformation = 169,
904 SystemInterruptCpuSetsInformation = 170,
905 SystemSecureBootPolicyFullInformation = 171,
906 SystemCodeIntegrityPolicyFullInformation = 172,
907 SystemAffinitizedInterruptProcessorInformation = 173,
908 SystemRootSiloInformation = 174,
909 SystemCpuSetInformation = 175,
910 SystemCpuSetTagInformation = 176,
911 SystemWin32WerStartCallout = 177,
912 SystemSecureKernelProfileInformation = 178,
913 SystemCodeIntegrityPlatformManifestInformation = 179,
914 SystemInterruptSteeringInformation = 180,
915 SystemSupportedProcessorArchitectures = 181,
916 SystemMemoryUsageInformation = 182,
917 SystemCodeIntegrityCertificateInformation = 183,
918 SystemPhysicalMemoryInformation = 184,
919 SystemControlFlowTransition = 185,
920 SystemKernelDebuggingAllowed = 186,
921 SystemActivityModerationExeState = 187,
922 SystemActivityModerationUserSettings = 188,
923 SystemCodeIntegrityPoliciesFullInformation = 189,
924 SystemCodeIntegrityUnlockInformation = 190,
925 SystemIntegrityQuotaInformation = 191,
926 SystemFlushInformation = 192,
927 SystemProcessorIdleMaskInformation = 193,
928 SystemSecureDumpEncryptionInformation = 194,
929 SystemWriteConstraintInformation = 195,
930 SystemKernelVaShadowInformation = 196,
931 SystemHypervisorSharedPageInformation = 197,
932 SystemFirmwareBootPerformanceInformation = 198,
933 SystemCodeIntegrityVerificationInformation = 199,
934 SystemFirmwarePartitionInformation = 200,
935 SystemSpeculationControlInformation = 201,
936 SystemDmaGuardPolicyInformation = 202,
937 SystemEnclaveLaunchControlInformation = 203,
938 SystemWorkloadAllowedCpuSetsInformation = 204,
939 SystemCodeIntegrityUnlockModeInformation = 205,
940 SystemLeapSecondInformation = 206,
941 SystemFlags2Information = 207,
942 MaxSystemInfoClass = 208,
943 }}
944 STRUCT!{struct SYSTEM_BASIC_INFORMATION {
945 Reserved: ULONG,
946 TimerResolution: ULONG,
947 PageSize: ULONG,
948 NumberOfPhysicalPages: ULONG,
949 LowestPhysicalPageNumber: ULONG,
950 HighestPhysicalPageNumber: ULONG,
951 AllocationGranularity: ULONG,
952 MinimumUserModeAddress: ULONG_PTR,
953 MaximumUserModeAddress: ULONG_PTR,
954 ActiveProcessorsAffinityMask: ULONG_PTR,
955 NumberOfProcessors: CCHAR,
956 }}
957 pub type PSYSTEM_BASIC_INFORMATION = *mut SYSTEM_BASIC_INFORMATION;
958 STRUCT!{struct SYSTEM_PROCESSOR_INFORMATION {
959 ProcessorArchitecture: USHORT,
960 ProcessorLevel: USHORT,
961 ProcessorRevision: USHORT,
962 MaximumProcessors: USHORT,
963 ProcessorFeatureBits: ULONG,
964 }}
965 pub type PSYSTEM_PROCESSOR_INFORMATION = *mut SYSTEM_PROCESSOR_INFORMATION;
966 STRUCT!{struct SYSTEM_PERFORMANCE_INFORMATION {
967 IdleProcessTime: LARGE_INTEGER,
968 IoReadTransferCount: LARGE_INTEGER,
969 IoWriteTransferCount: LARGE_INTEGER,
970 IoOtherTransferCount: LARGE_INTEGER,
971 IoReadOperationCount: ULONG,
972 IoWriteOperationCount: ULONG,
973 IoOtherOperationCount: ULONG,
974 AvailablePages: ULONG,
975 CommittedPages: ULONG,
976 CommitLimit: ULONG,
977 PeakCommitment: ULONG,
978 PageFaultCount: ULONG,
979 CopyOnWriteCount: ULONG,
980 TransitionCount: ULONG,
981 CacheTransitionCount: ULONG,
982 DemandZeroCount: ULONG,
983 PageReadCount: ULONG,
984 PageReadIoCount: ULONG,
985 CacheReadCount: ULONG,
986 CacheIoCount: ULONG,
987 DirtyPagesWriteCount: ULONG,
988 DirtyWriteIoCount: ULONG,
989 MappedPagesWriteCount: ULONG,
990 MappedWriteIoCount: ULONG,
991 PagedPoolPages: ULONG,
992 NonPagedPoolPages: ULONG,
993 PagedPoolAllocs: ULONG,
994 PagedPoolFrees: ULONG,
995 NonPagedPoolAllocs: ULONG,
996 NonPagedPoolFrees: ULONG,
997 FreeSystemPtes: ULONG,
998 ResidentSystemCodePage: ULONG,
999 TotalSystemDriverPages: ULONG,
1000 TotalSystemCodePages: ULONG,
1001 NonPagedPoolLookasideHits: ULONG,
1002 PagedPoolLookasideHits: ULONG,
1003 AvailablePagedPoolPages: ULONG,
1004 ResidentSystemCachePage: ULONG,
1005 ResidentPagedPoolPage: ULONG,
1006 ResidentSystemDriverPage: ULONG,
1007 CcFastReadNoWait: ULONG,
1008 CcFastReadWait: ULONG,
1009 CcFastReadResourceMiss: ULONG,
1010 CcFastReadNotPossible: ULONG,
1011 CcFastMdlReadNoWait: ULONG,
1012 CcFastMdlReadWait: ULONG,
1013 CcFastMdlReadResourceMiss: ULONG,
1014 CcFastMdlReadNotPossible: ULONG,
1015 CcMapDataNoWait: ULONG,
1016 CcMapDataWait: ULONG,
1017 CcMapDataNoWaitMiss: ULONG,
1018 CcMapDataWaitMiss: ULONG,
1019 CcPinMappedDataCount: ULONG,
1020 CcPinReadNoWait: ULONG,
1021 CcPinReadWait: ULONG,
1022 CcPinReadNoWaitMiss: ULONG,
1023 CcPinReadWaitMiss: ULONG,
1024 CcCopyReadNoWait: ULONG,
1025 CcCopyReadWait: ULONG,
1026 CcCopyReadNoWaitMiss: ULONG,
1027 CcCopyReadWaitMiss: ULONG,
1028 CcMdlReadNoWait: ULONG,
1029 CcMdlReadWait: ULONG,
1030 CcMdlReadNoWaitMiss: ULONG,
1031 CcMdlReadWaitMiss: ULONG,
1032 CcReadAheadIos: ULONG,
1033 CcLazyWriteIos: ULONG,
1034 CcLazyWritePages: ULONG,
1035 CcDataFlushes: ULONG,
1036 CcDataPages: ULONG,
1037 ContextSwitches: ULONG,
1038 FirstLevelTbFills: ULONG,
1039 SecondLevelTbFills: ULONG,
1040 SystemCalls: ULONG,
1041 CcTotalDirtyPages: ULONGLONG,
1042 CcDirtyPageThreshold: ULONGLONG,
1043 ResidentAvailablePages: LONGLONG,
1044 SharedCommittedPages: ULONGLONG,
1045 }}
1046 pub type PSYSTEM_PERFORMANCE_INFORMATION = *mut SYSTEM_PERFORMANCE_INFORMATION;
1047 STRUCT!{struct SYSTEM_TIMEOFDAY_INFORMATION {
1048 BootTime: LARGE_INTEGER,
1049 CurrentTime: LARGE_INTEGER,
1050 TimeZoneBias: LARGE_INTEGER,
1051 TimeZoneId: ULONG,
1052 Reserved: ULONG,
1053 BootTimeBias: ULONGLONG,
1054 SleepTimeBias: ULONGLONG,
1055 }}
1056 pub type PSYSTEM_TIMEOFDAY_INFORMATION = *mut SYSTEM_TIMEOFDAY_INFORMATION;
1057 STRUCT!{struct SYSTEM_THREAD_INFORMATION {
1058 KernelTime: LARGE_INTEGER,
1059 UserTime: LARGE_INTEGER,
1060 CreateTime: LARGE_INTEGER,
1061 WaitTime: ULONG,
1062 StartAddress: PVOID,
1063 ClientId: CLIENT_ID,
1064 Priority: KPRIORITY,
1065 BasePriority: LONG,
1066 ContextSwitches: ULONG,
1067 ThreadState: KTHREAD_STATE,
1068 WaitReason: KWAIT_REASON,
1069 }}
1070 pub type PSYSTEM_THREAD_INFORMATION = *mut SYSTEM_THREAD_INFORMATION;
1071 STRUCT!{struct SYSTEM_EXTENDED_THREAD_INFORMATION {
1072 ThreadInfo: SYSTEM_THREAD_INFORMATION,
1073 StackBase: PVOID,
1074 StackLimit: PVOID,
1075 Win32StartAddress: PVOID,
1076 TebBase: PTEB,
1077 Reserved2: ULONG_PTR,
1078 Reserved3: ULONG_PTR,
1079 Reserved4: ULONG_PTR,
1080 }}
1081 pub type PSYSTEM_EXTENDED_THREAD_INFORMATION = *mut SYSTEM_EXTENDED_THREAD_INFORMATION;
1082 STRUCT!{struct SYSTEM_PROCESS_INFORMATION {
1083 NextEntryOffset: ULONG,
1084 NumberOfThreads: ULONG,
1085 WorkingSetPrivateSize: LARGE_INTEGER,
1086 HardFaultCount: ULONG,
1087 NumberOfThreadsHighWatermark: ULONG,
1088 CycleTime: ULONGLONG,
1089 CreateTime: LARGE_INTEGER,
1090 UserTime: LARGE_INTEGER,
1091 KernelTime: LARGE_INTEGER,
1092 ImageName: UNICODE_STRING,
1093 BasePriority: KPRIORITY,
1094 UniqueProcessId: HANDLE,
1095 InheritedFromUniqueProcessId: HANDLE,
1096 HandleCount: ULONG,
1097 SessionId: ULONG,
1098 UniqueProcessKey: ULONG_PTR,
1099 PeakVirtualSize: SIZE_T,
1100 VirtualSize: SIZE_T,
1101 PageFaultCount: ULONG,
1102 PeakWorkingSetSize: SIZE_T,
1103 WorkingSetSize: SIZE_T,
1104 QuotaPeakPagedPoolUsage: SIZE_T,
1105 QuotaPagedPoolUsage: SIZE_T,
1106 QuotaPeakNonPagedPoolUsage: SIZE_T,
1107 QuotaNonPagedPoolUsage: SIZE_T,
1108 PagefileUsage: SIZE_T,
1109 PeakPagefileUsage: SIZE_T,
1110 PrivatePageCount: SIZE_T,
1111 ReadOperationCount: LARGE_INTEGER,
1112 WriteOperationCount: LARGE_INTEGER,
1113 OtherOperationCount: LARGE_INTEGER,
1114 ReadTransferCount: LARGE_INTEGER,
1115 WriteTransferCount: LARGE_INTEGER,
1116 OtherTransferCount: LARGE_INTEGER,
1117 Threads: [SYSTEM_THREAD_INFORMATION; 1],
1118 }}
1119 pub type PSYSTEM_PROCESS_INFORMATION = *mut SYSTEM_PROCESS_INFORMATION;
1120 STRUCT!{struct SYSTEM_CALL_COUNT_INFORMATION {
1121 Length: ULONG,
1122 NumberOfTables: ULONG,
1123 }}
1124 pub type PSYSTEM_CALL_COUNT_INFORMATION = *mut SYSTEM_CALL_COUNT_INFORMATION;
1125 STRUCT!{struct SYSTEM_DEVICE_INFORMATION {
1126 NumberOfDisks: ULONG,
1127 NumberOfFloppies: ULONG,
1128 NumberOfCdRoms: ULONG,
1129 NumberOfTapes: ULONG,
1130 NumberOfSerialPorts: ULONG,
1131 NumberOfParallelPorts: ULONG,
1132 }}
1133 pub type PSYSTEM_DEVICE_INFORMATION = *mut SYSTEM_DEVICE_INFORMATION;
1134 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION {
1135 IdleTime: LARGE_INTEGER,
1136 KernelTime: LARGE_INTEGER,
1137 UserTime: LARGE_INTEGER,
1138 DpcTime: LARGE_INTEGER,
1139 InterruptTime: LARGE_INTEGER,
1140 InterruptCount: ULONG,
1141 }}
1142 pub type PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION = *mut SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION;
1143 STRUCT!{struct SYSTEM_FLAGS_INFORMATION {
1144 Flags: ULONG,
1145 }}
1146 pub type PSYSTEM_FLAGS_INFORMATION = *mut SYSTEM_FLAGS_INFORMATION;
1147 STRUCT!{struct SYSTEM_CALL_TIME_INFORMATION {
1148 Length: ULONG,
1149 TotalCalls: ULONG,
1150 TimeOfCalls: [LARGE_INTEGER; 1],
1151 }}
1152 pub type PSYSTEM_CALL_TIME_INFORMATION = *mut SYSTEM_CALL_TIME_INFORMATION;
1153 STRUCT!{struct RTL_PROCESS_LOCK_INFORMATION {
1154 Address: PVOID,
1155 Type: USHORT,
1156 CreatorBackTraceIndex: USHORT,
1157 OwningThread: HANDLE,
1158 LockCount: LONG,
1159 ContentionCount: ULONG,
1160 EntryCount: ULONG,
1161 RecursionCount: LONG,
1162 NumberOfWaitingShared: ULONG,
1163 NumberOfWaitingExclusive: ULONG,
1164 }}
1165 pub type PRTL_PROCESS_LOCK_INFORMATION = *mut RTL_PROCESS_LOCK_INFORMATION;
1166 STRUCT!{struct RTL_PROCESS_LOCKS {
1167 NumberOfLocks: ULONG,
1168 Locks: [RTL_PROCESS_LOCK_INFORMATION; 1],
1169 }}
1170 pub type PRTL_PROCESS_LOCKS = *mut RTL_PROCESS_LOCKS;
1171 STRUCT!{struct RTL_PROCESS_BACKTRACE_INFORMATION {
1172 SymbolicBackTrace: PCHAR,
1173 TraceCount: ULONG,
1174 Index: USHORT,
1175 Depth: USHORT,
1176 BackTrace: [PVOID; 32],
1177 }}
1178 pub type PRTL_PROCESS_BACKTRACE_INFORMATION = *mut RTL_PROCESS_BACKTRACE_INFORMATION;
1179 STRUCT!{struct RTL_PROCESS_BACKTRACES {
1180 CommittedMemory: ULONG,
1181 ReservedMemory: ULONG,
1182 NumberOfBackTraceLookups: ULONG,
1183 NumberOfBackTraces: ULONG,
1184 BackTraces: [RTL_PROCESS_BACKTRACE_INFORMATION; 1],
1185 }}
1186 pub type PRTL_PROCESS_BACKTRACES = *mut RTL_PROCESS_BACKTRACES;
1187 STRUCT!{struct SYSTEM_HANDLE_TABLE_ENTRY_INFO {
1188 UniqueProcessId: USHORT,
1189 CreatorBackTraceIndex: USHORT,
1190 ObjectTypeIndex: UCHAR,
1191 HandleAttributes: UCHAR,
1192 HandleValue: USHORT,
1193 Object: PVOID,
1194 GrantedAccess: ULONG,
1195 }}
1196 pub type PSYSTEM_HANDLE_TABLE_ENTRY_INFO = *mut SYSTEM_HANDLE_TABLE_ENTRY_INFO;
1197 STRUCT!{struct SYSTEM_HANDLE_INFORMATION {
1198 NumberOfHandles: ULONG,
1199 Handles: [SYSTEM_HANDLE_TABLE_ENTRY_INFO; 1],
1200 }}
1201 pub type PSYSTEM_HANDLE_INFORMATION = *mut SYSTEM_HANDLE_INFORMATION;
1202 STRUCT!{struct SYSTEM_OBJECTTYPE_INFORMATION {
1203 NextEntryOffset: ULONG,
1204 NumberOfObjects: ULONG,
1205 NumberOfHandles: ULONG,
1206 TypeIndex: ULONG,
1207 InvalidAttributes: ULONG,
1208 GenericMapping: GENERIC_MAPPING,
1209 ValidAccessMask: ULONG,
1210 PoolType: ULONG,
1211 SecurityRequired: BOOLEAN,
1212 WaitableObject: BOOLEAN,
1213 TypeName: UNICODE_STRING,
1214 }}
1215 pub type PSYSTEM_OBJECTTYPE_INFORMATION = *mut SYSTEM_OBJECTTYPE_INFORMATION;
1216 STRUCT!{struct SYSTEM_OBJECT_INFORMATION {
1217 NextEntryOffset: ULONG,
1218 Object: PVOID,
1219 CreatorUniqueProcess: HANDLE,
1220 CreatorBackTraceIndex: USHORT,
1221 Flags: USHORT,
1222 PointerCount: LONG,
1223 HandleCount: LONG,
1224 PagedPoolCharge: ULONG,
1225 NonPagedPoolCharge: ULONG,
1226 ExclusiveProcessId: HANDLE,
1227 SecurityDescriptor: PVOID,
1228 NameInfo: UNICODE_STRING,
1229 }}
1230 pub type PSYSTEM_OBJECT_INFORMATION = *mut SYSTEM_OBJECT_INFORMATION;
1231 STRUCT!{struct SYSTEM_PAGEFILE_INFORMATION {
1232 NextEntryOffset: ULONG,
1233 TotalSize: ULONG,
1234 TotalInUse: ULONG,
1235 PeakUsage: ULONG,
1236 PageFileName: UNICODE_STRING,
1237 }}
1238 pub type PSYSTEM_PAGEFILE_INFORMATION = *mut SYSTEM_PAGEFILE_INFORMATION;
1239 pub const MM_WORKING_SET_MAX_HARD_ENABLE: ULONG = 0x1;
1240 pub const MM_WORKING_SET_MAX_HARD_DISABLE: ULONG = 0x2;
1241 pub const MM_WORKING_SET_MIN_HARD_ENABLE: ULONG = 0x4;
1242 pub const MM_WORKING_SET_MIN_HARD_DISABLE: ULONG = 0x8;
1243 STRUCT!{struct SYSTEM_FILECACHE_INFORMATION {
1244 CurrentSize: SIZE_T,
1245 PeakSize: SIZE_T,
1246 PageFaultCount: ULONG,
1247 MinimumWorkingSet: SIZE_T,
1248 MaximumWorkingSet: SIZE_T,
1249 CurrentSizeIncludingTransitionInPages: SIZE_T,
1250 PeakSizeIncludingTransitionInPages: SIZE_T,
1251 TransitionRePurposeCount: ULONG,
1252 Flags: ULONG,
1253 }}
1254 pub type PSYSTEM_FILECACHE_INFORMATION = *mut SYSTEM_FILECACHE_INFORMATION;
1255 STRUCT!{struct SYSTEM_BASIC_WORKING_SET_INFORMATION {
1256 CurrentSize: SIZE_T,
1257 PeakSize: SIZE_T,
1258 PageFaultCount: ULONG,
1259 }}
1260 pub type PSYSTEM_BASIC_WORKING_SET_INFORMATION = *mut SYSTEM_BASIC_WORKING_SET_INFORMATION;
1261 UNION!{union SYSTEM_POOLTAG_u {
1262 Tag: [UCHAR; 4],
1263 TagUlong: ULONG,
1264 }}
1265 STRUCT!{struct SYSTEM_POOLTAG {
1266 u: SYSTEM_POOLTAG_u,
1267 PagedAllocs: ULONG,
1268 PagedFrees: ULONG,
1269 PagedUsed: SIZE_T,
1270 NonPagedAllocs: ULONG,
1271 NonPagedFrees: ULONG,
1272 NonPagedUsed: SIZE_T,
1273 }}
1274 pub type PSYSTEM_POOLTAG = *mut SYSTEM_POOLTAG;
1275 STRUCT!{struct SYSTEM_POOLTAG_INFORMATION {
1276 Count: ULONG,
1277 TagInfo: [SYSTEM_POOLTAG; 1],
1278 }}
1279 pub type PSYSTEM_POOLTAG_INFORMATION = *mut SYSTEM_POOLTAG_INFORMATION;
1280 STRUCT!{struct SYSTEM_INTERRUPT_INFORMATION {
1281 ContextSwitches: ULONG,
1282 DpcCount: ULONG,
1283 DpcRate: ULONG,
1284 TimeIncrement: ULONG,
1285 DpcBypassCount: ULONG,
1286 ApcBypassCount: ULONG,
1287 }}
1288 pub type PSYSTEM_INTERRUPT_INFORMATION = *mut SYSTEM_INTERRUPT_INFORMATION;
1289 STRUCT!{struct SYSTEM_DPC_BEHAVIOR_INFORMATION {
1290 Spare: ULONG,
1291 DpcQueueDepth: ULONG,
1292 MinimumDpcRate: ULONG,
1293 AdjustDpcThreshold: ULONG,
1294 IdealDpcRate: ULONG,
1295 }}
1296 pub type PSYSTEM_DPC_BEHAVIOR_INFORMATION = *mut SYSTEM_DPC_BEHAVIOR_INFORMATION;
1297 STRUCT!{struct SYSTEM_QUERY_TIME_ADJUST_INFORMATION {
1298 TimeAdjustment: ULONG,
1299 TimeIncrement: ULONG,
1300 Enable: BOOLEAN,
1301 }}
1302 pub type PSYSTEM_QUERY_TIME_ADJUST_INFORMATION = *mut SYSTEM_QUERY_TIME_ADJUST_INFORMATION;
1303 STRUCT!{struct SYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE {
1304 TimeAdjustment: ULONGLONG,
1305 TimeIncrement: ULONGLONG,
1306 Enable: BOOLEAN,
1307 }}
1308 pub type PSYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE =
1309 *mut SYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE;
1310 STRUCT!{struct SYSTEM_SET_TIME_ADJUST_INFORMATION {
1311 TimeAdjustment: ULONG,
1312 Enable: BOOLEAN,
1313 }}
1314 pub type PSYSTEM_SET_TIME_ADJUST_INFORMATION = *mut SYSTEM_SET_TIME_ADJUST_INFORMATION;
1315 STRUCT!{struct SYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE {
1316 TimeAdjustment: ULONGLONG,
1317 Enable: BOOLEAN,
1318 }}
1319 pub type PSYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE =
1320 *mut SYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE;
1321 ENUM!{enum EVENT_TRACE_INFORMATION_CLASS {
1322 EventTraceKernelVersionInformation = 0,
1323 EventTraceGroupMaskInformation = 1,
1324 EventTracePerformanceInformation = 2,
1325 EventTraceTimeProfileInformation = 3,
1326 EventTraceSessionSecurityInformation = 4,
1327 EventTraceSpinlockInformation = 5,
1328 EventTraceStackTracingInformation = 6,
1329 EventTraceExecutiveResourceInformation = 7,
1330 EventTraceHeapTracingInformation = 8,
1331 EventTraceHeapSummaryTracingInformation = 9,
1332 EventTracePoolTagFilterInformation = 10,
1333 EventTracePebsTracingInformation = 11,
1334 EventTraceProfileConfigInformation = 12,
1335 EventTraceProfileSourceListInformation = 13,
1336 EventTraceProfileEventListInformation = 14,
1337 EventTraceProfileCounterListInformation = 15,
1338 EventTraceStackCachingInformation = 16,
1339 EventTraceObjectTypeFilterInformation = 17,
1340 EventTraceSoftRestartInformation = 18,
1341 EventTraceLastBranchConfigurationInformation = 19,
1342 EventTraceLastBranchEventListInformation = 20,
1343 EventTraceProfileSourceAddInformation = 21,
1344 EventTraceProfileSourceRemoveInformation = 22,
1345 EventTraceProcessorTraceConfigurationInformation = 23,
1346 EventTraceProcessorTraceEventListInformation = 24,
1347 EventTraceCoverageSamplerInformation = 25,
1348 MaxEventTraceInfoClass = 26,
1349 }}
1350 STRUCT!{struct EVENT_TRACE_VERSION_INFORMATION {
1351 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1352 EventTraceKernelVersion: ULONG,
1353 }}
1354 pub type PEVENT_TRACE_VERSION_INFORMATION = *mut EVENT_TRACE_VERSION_INFORMATION;
1355 STRUCT!{struct PERFINFO_GROUPMASK {
1356 Masks: [ULONG; 8],
1357 }}
1358 pub type PPERFINFO_GROUPMASK = *mut PERFINFO_GROUPMASK;
1359 STRUCT!{struct EVENT_TRACE_GROUPMASK_INFORMATION {
1360 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1361 TraceHandle: HANDLE,
1362 EventTraceGroupMasks: PERFINFO_GROUPMASK,
1363 }}
1364 pub type PEVENT_TRACE_GROUPMASK_INFORMATION = *mut EVENT_TRACE_GROUPMASK_INFORMATION;
1365 STRUCT!{struct EVENT_TRACE_PERFORMANCE_INFORMATION {
1366 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1367 LogfileBytesWritten: LARGE_INTEGER,
1368 }}
1369 pub type PEVENT_TRACE_PERFORMANCE_INFORMATION = *mut EVENT_TRACE_PERFORMANCE_INFORMATION;
1370 STRUCT!{struct EVENT_TRACE_TIME_PROFILE_INFORMATION {
1371 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1372 ProfileInterval: ULONG,
1373 }}
1374 pub type PEVENT_TRACE_TIME_PROFILE_INFORMATION = *mut EVENT_TRACE_TIME_PROFILE_INFORMATION;
1375 STRUCT!{struct EVENT_TRACE_SESSION_SECURITY_INFORMATION {
1376 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1377 SecurityInformation: ULONG,
1378 TraceHandle: HANDLE,
1379 SecurityDescriptor: [UCHAR; 1],
1380 }}
1381 pub type PEVENT_TRACE_SESSION_SECURITY_INFORMATION = *mut EVENT_TRACE_SESSION_SECURITY_INFORMATION;
1382 STRUCT!{struct EVENT_TRACE_SPINLOCK_INFORMATION {
1383 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1384 SpinLockSpinThreshold: ULONG,
1385 SpinLockAcquireSampleRate: ULONG,
1386 SpinLockContentionSampleRate: ULONG,
1387 SpinLockHoldThreshold: ULONG,
1388 }}
1389 pub type PEVENT_TRACE_SPINLOCK_INFORMATION = *mut EVENT_TRACE_SPINLOCK_INFORMATION;
1390 STRUCT!{struct EVENT_TRACE_SYSTEM_EVENT_INFORMATION {
1391 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1392 TraceHandle: HANDLE,
1393 HookId: [ULONG; 1],
1394 }}
1395 pub type PEVENT_TRACE_SYSTEM_EVENT_INFORMATION = *mut EVENT_TRACE_SYSTEM_EVENT_INFORMATION;
1396 STRUCT!{struct EVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION {
1397 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1398 ReleaseSamplingRate: ULONG,
1399 ContentionSamplingRate: ULONG,
1400 NumberOfExcessiveTimeouts: ULONG,
1401 }}
1402 pub type PEVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION =
1403 *mut EVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION;
1404 STRUCT!{struct EVENT_TRACE_HEAP_TRACING_INFORMATION {
1405 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1406 ProcessId: ULONG,
1407 }}
1408 pub type PEVENT_TRACE_HEAP_TRACING_INFORMATION = *mut EVENT_TRACE_HEAP_TRACING_INFORMATION;
1409 STRUCT!{struct EVENT_TRACE_TAG_FILTER_INFORMATION {
1410 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1411 TraceHandle: HANDLE,
1412 Filter: [ULONG; 1],
1413 }}
1414 pub type PEVENT_TRACE_TAG_FILTER_INFORMATION = *mut EVENT_TRACE_TAG_FILTER_INFORMATION;
1415 STRUCT!{struct EVENT_TRACE_PROFILE_COUNTER_INFORMATION {
1416 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1417 TraceHandle: HANDLE,
1418 ProfileSource: [ULONG; 1],
1419 }}
1420 pub type PEVENT_TRACE_PROFILE_COUNTER_INFORMATION = *mut EVENT_TRACE_PROFILE_COUNTER_INFORMATION;
1421 STRUCT!{struct EVENT_TRACE_PROFILE_LIST_INFORMATION {
1422 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1423 Spare: ULONG,
1424 Profile: [*mut PROFILE_SOURCE_INFO; 1],
1425 }}
1426 pub type PEVENT_TRACE_PROFILE_LIST_INFORMATION = *mut EVENT_TRACE_PROFILE_LIST_INFORMATION;
1427 STRUCT!{struct EVENT_TRACE_STACK_CACHING_INFORMATION {
1428 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1429 TraceHandle: HANDLE,
1430 Enabled: BOOLEAN,
1431 Reserved: [UCHAR; 3],
1432 CacheSize: ULONG,
1433 BucketCount: ULONG,
1434 }}
1435 pub type PEVENT_TRACE_STACK_CACHING_INFORMATION = *mut EVENT_TRACE_STACK_CACHING_INFORMATION;
1436 STRUCT!{struct EVENT_TRACE_SOFT_RESTART_INFORMATION {
1437 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1438 TraceHandle: HANDLE,
1439 PersistTraceBuffers: BOOLEAN,
1440 FileName: [WCHAR; 1],
1441 }}
1442 pub type PEVENT_TRACE_SOFT_RESTART_INFORMATION = *mut EVENT_TRACE_SOFT_RESTART_INFORMATION;
1443 STRUCT!{struct EVENT_TRACE_PROFILE_ADD_INFORMATION {
1444 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1445 PerfEvtEventSelect: BOOLEAN,
1446 PerfEvtUnitSelect: BOOLEAN,
1447 PerfEvtType: ULONG,
1448 CpuInfoHierarchy: [ULONG; 3],
1449 InitialInterval: ULONG,
1450 AllowsHalt: BOOLEAN,
1451 Persist: BOOLEAN,
1452 ProfileSourceDescription: [WCHAR; 1],
1453 }}
1454 pub type PEVENT_TRACE_PROFILE_ADD_INFORMATION = *mut EVENT_TRACE_PROFILE_ADD_INFORMATION;
1455 STRUCT!{struct EVENT_TRACE_PROFILE_REMOVE_INFORMATION {
1456 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1457 ProfileSource: KPROFILE_SOURCE,
1458 CpuInfoHierarchy: [ULONG; 3],
1459 }}
1460 pub type PEVENT_TRACE_PROFILE_REMOVE_INFORMATION = *mut EVENT_TRACE_PROFILE_REMOVE_INFORMATION;
1461 STRUCT!{struct EVENT_TRACE_COVERAGE_SAMPLER_INFORMATION {
1462 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1463 CoverageSamplerInformationClass: BOOLEAN,
1464 MajorVersion: UCHAR,
1465 MinorVersion: UCHAR,
1466 Reserved: UCHAR,
1467 SamplerHandle: HANDLE,
1468 }}
1469 pub type PEVENT_TRACE_COVERAGE_SAMPLER_INFORMATION = *mut EVENT_TRACE_COVERAGE_SAMPLER_INFORMATION;
1470 STRUCT!{struct SYSTEM_EXCEPTION_INFORMATION {
1471 AlignmentFixupCount: ULONG,
1472 ExceptionDispatchCount: ULONG,
1473 FloatingEmulationCount: ULONG,
1474 ByteWordEmulationCount: ULONG,
1475 }}
1476 pub type PSYSTEM_EXCEPTION_INFORMATION = *mut SYSTEM_EXCEPTION_INFORMATION;
1477 STRUCT!{struct SYSTEM_KERNEL_DEBUGGER_INFORMATION {
1478 KernelDebuggerEnabled: BOOLEAN,
1479 KernelDebuggerNotPresent: BOOLEAN,
1480 }}
1481 pub type PSYSTEM_KERNEL_DEBUGGER_INFORMATION = *mut SYSTEM_KERNEL_DEBUGGER_INFORMATION;
1482 STRUCT!{struct SYSTEM_CONTEXT_SWITCH_INFORMATION {
1483 ContextSwitches: ULONG,
1484 FindAny: ULONG,
1485 FindLast: ULONG,
1486 FindIdeal: ULONG,
1487 IdleAny: ULONG,
1488 IdleCurrent: ULONG,
1489 IdleLast: ULONG,
1490 IdleIdeal: ULONG,
1491 PreemptAny: ULONG,
1492 PreemptCurrent: ULONG,
1493 PreemptLast: ULONG,
1494 SwitchToIdle: ULONG,
1495 }}
1496 pub type PSYSTEM_CONTEXT_SWITCH_INFORMATION = *mut SYSTEM_CONTEXT_SWITCH_INFORMATION;
1497 STRUCT!{struct SYSTEM_REGISTRY_QUOTA_INFORMATION {
1498 RegistryQuotaAllowed: ULONG,
1499 RegistryQuotaUsed: ULONG,
1500 PagedPoolSize: SIZE_T,
1501 }}
1502 pub type PSYSTEM_REGISTRY_QUOTA_INFORMATION = *mut SYSTEM_REGISTRY_QUOTA_INFORMATION;
1503 STRUCT!{struct SYSTEM_PROCESSOR_IDLE_INFORMATION {
1504 IdleTime: ULONGLONG,
1505 C1Time: ULONGLONG,
1506 C2Time: ULONGLONG,
1507 C3Time: ULONGLONG,
1508 C1Transitions: ULONG,
1509 C2Transitions: ULONG,
1510 C3Transitions: ULONG,
1511 Padding: ULONG,
1512 }}
1513 pub type PSYSTEM_PROCESSOR_IDLE_INFORMATION = *mut SYSTEM_PROCESSOR_IDLE_INFORMATION;
1514 STRUCT!{struct SYSTEM_LEGACY_DRIVER_INFORMATION {
1515 VetoType: ULONG,
1516 VetoList: UNICODE_STRING,
1517 }}
1518 pub type PSYSTEM_LEGACY_DRIVER_INFORMATION = *mut SYSTEM_LEGACY_DRIVER_INFORMATION;
1519 STRUCT!{struct SYSTEM_LOOKASIDE_INFORMATION {
1520 CurrentDepth: USHORT,
1521 MaximumDepth: USHORT,
1522 TotalAllocates: ULONG,
1523 AllocateMisses: ULONG,
1524 TotalFrees: ULONG,
1525 FreeMisses: ULONG,
1526 Type: ULONG,
1527 Tag: ULONG,
1528 Size: ULONG,
1529 }}
1530 pub type PSYSTEM_LOOKASIDE_INFORMATION = *mut SYSTEM_LOOKASIDE_INFORMATION;
1531 STRUCT!{struct SYSTEM_RANGE_START_INFORMATION {
1532 SystemRangeStart: PVOID,
1533 }}
1534 pub type PSYSTEM_RANGE_START_INFORMATION = *mut SYSTEM_RANGE_START_INFORMATION;
1535 STRUCT!{struct SYSTEM_VERIFIER_INFORMATION {
1536 NextEntryOffset: ULONG,
1537 Level: ULONG,
1538 DriverName: UNICODE_STRING,
1539 RaiseIrqls: ULONG,
1540 AcquireSpinLocks: ULONG,
1541 SynchronizeExecutions: ULONG,
1542 AllocationsAttempted: ULONG,
1543 AllocationsSucceeded: ULONG,
1544 AllocationsSucceededSpecialPool: ULONG,
1545 AllocationsWithNoTag: ULONG,
1546 TrimRequests: ULONG,
1547 Trims: ULONG,
1548 AllocationsFailed: ULONG,
1549 AllocationsFailedDeliberately: ULONG,
1550 Loads: ULONG,
1551 Unloads: ULONG,
1552 UnTrackedPool: ULONG,
1553 CurrentPagedPoolAllocations: ULONG,
1554 CurrentNonPagedPoolAllocations: ULONG,
1555 PeakPagedPoolAllocations: ULONG,
1556 PeakNonPagedPoolAllocations: ULONG,
1557 PagedPoolUsageInBytes: SIZE_T,
1558 NonPagedPoolUsageInBytes: SIZE_T,
1559 PeakPagedPoolUsageInBytes: SIZE_T,
1560 PeakNonPagedPoolUsageInBytes: SIZE_T,
1561 }}
1562 pub type PSYSTEM_VERIFIER_INFORMATION = *mut SYSTEM_VERIFIER_INFORMATION;
1563 STRUCT!{struct SYSTEM_SESSION_PROCESS_INFORMATION {
1564 SessionId: ULONG,
1565 SizeOfBuf: ULONG,
1566 Buffer: PVOID,
1567 }}
1568 pub type PSYSTEM_SESSION_PROCESS_INFORMATION = *mut SYSTEM_SESSION_PROCESS_INFORMATION;
1569 STRUCT!{struct SYSTEM_PROCESSOR_POWER_INFORMATION {
1570 CurrentFrequency: UCHAR,
1571 ThermalLimitFrequency: UCHAR,
1572 ConstantThrottleFrequency: UCHAR,
1573 DegradedThrottleFrequency: UCHAR,
1574 LastBusyFrequency: UCHAR,
1575 LastC3Frequency: UCHAR,
1576 LastAdjustedBusyFrequency: UCHAR,
1577 ProcessorMinThrottle: UCHAR,
1578 ProcessorMaxThrottle: UCHAR,
1579 NumberOfFrequencies: ULONG,
1580 PromotionCount: ULONG,
1581 DemotionCount: ULONG,
1582 ErrorCount: ULONG,
1583 RetryCount: ULONG,
1584 CurrentFrequencyTime: ULONGLONG,
1585 CurrentProcessorTime: ULONGLONG,
1586 CurrentProcessorIdleTime: ULONGLONG,
1587 LastProcessorTime: ULONGLONG,
1588 LastProcessorIdleTime: ULONGLONG,
1589 Energy: ULONGLONG,
1590 }}
1591 pub type PSYSTEM_PROCESSOR_POWER_INFORMATION = *mut SYSTEM_PROCESSOR_POWER_INFORMATION;
1592 STRUCT!{struct SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX {
1593 Object: PVOID,
1594 UniqueProcessId: ULONG_PTR,
1595 HandleValue: ULONG_PTR,
1596 GrantedAccess: ULONG,
1597 CreatorBackTraceIndex: USHORT,
1598 ObjectTypeIndex: USHORT,
1599 HandleAttributes: ULONG,
1600 Reserved: ULONG,
1601 }}
1602 pub type PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX = *mut SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX;
1603 STRUCT!{struct SYSTEM_HANDLE_INFORMATION_EX {
1604 NumberOfHandles: ULONG_PTR,
1605 Reserved: ULONG_PTR,
1606 Handles: [SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX; 1],
1607 }}
1608 pub type PSYSTEM_HANDLE_INFORMATION_EX = *mut SYSTEM_HANDLE_INFORMATION_EX;
1609 UNION!{union SYSTEM_BIGPOOL_ENTRY_u1 {
1610 VirtualAddress: PVOID,
1611 Bitfields: ULONG_PTR,
1612 }}
1613 UNION!{union SYSTEM_BIGPOOL_ENTRY_u2 {
1614 Tag: [UCHAR; 4],
1615 TagUlong: ULONG,
1616 }}
1617 BITFIELD!{unsafe SYSTEM_BIGPOOL_ENTRY_u1 Bitfields: ULONG_PTR [
1618 NonPaged set_NonPaged[0..1],
1619 ]}
1620 STRUCT!{struct SYSTEM_BIGPOOL_ENTRY {
1621 u1: SYSTEM_BIGPOOL_ENTRY_u1,
1622 SizeInBytes: SIZE_T,
1623 u2: SYSTEM_BIGPOOL_ENTRY_u2,
1624 }}
1625 pub type PSYSTEM_BIGPOOL_ENTRY = *mut SYSTEM_BIGPOOL_ENTRY;
1626 STRUCT!{struct SYSTEM_BIGPOOL_INFORMATION {
1627 Count: ULONG,
1628 AllocatedInfo: [SYSTEM_BIGPOOL_ENTRY; 1],
1629 }}
1630 pub type PSYSTEM_BIGPOOL_INFORMATION = *mut SYSTEM_BIGPOOL_INFORMATION;
1631 UNION!{union SYSTEM_POOL_ENTRY_u {
1632 Tag: [UCHAR; 4],
1633 TagUlong: ULONG,
1634 ProcessChargedQuota: PVOID,
1635 }}
1636 STRUCT!{struct SYSTEM_POOL_ENTRY {
1637 Allocated: BOOLEAN,
1638 Spare0: BOOLEAN,
1639 AllocatorBackTraceIndex: USHORT,
1640 Size: ULONG,
1641 u: SYSTEM_POOL_ENTRY_u,
1642 }}
1643 pub type PSYSTEM_POOL_ENTRY = *mut SYSTEM_POOL_ENTRY;
1644 STRUCT!{struct SYSTEM_POOL_INFORMATION {
1645 TotalSize: SIZE_T,
1646 FirstEntry: PVOID,
1647 EntryOverhead: USHORT,
1648 PoolTagPresent: BOOLEAN,
1649 Spare0: BOOLEAN,
1650 NumberOfEntries: ULONG,
1651 Entries: [SYSTEM_POOL_ENTRY; 1],
1652 }}
1653 pub type PSYSTEM_POOL_INFORMATION = *mut SYSTEM_POOL_INFORMATION;
1654 STRUCT!{struct SYSTEM_SESSION_POOLTAG_INFORMATION {
1655 NextEntryOffset: SIZE_T,
1656 SessionId: ULONG,
1657 Count: ULONG,
1658 TagInfo: [SYSTEM_POOLTAG; 1],
1659 }}
1660 pub type PSYSTEM_SESSION_POOLTAG_INFORMATION = *mut SYSTEM_SESSION_POOLTAG_INFORMATION;
1661 STRUCT!{struct SYSTEM_SESSION_MAPPED_VIEW_INFORMATION {
1662 NextEntryOffset: SIZE_T,
1663 SessionId: ULONG,
1664 ViewFailures: ULONG,
1665 NumberOfBytesAvailable: SIZE_T,
1666 NumberOfBytesAvailableContiguous: SIZE_T,
1667 }}
1668 pub type PSYSTEM_SESSION_MAPPED_VIEW_INFORMATION = *mut SYSTEM_SESSION_MAPPED_VIEW_INFORMATION;
1669 ENUM!{enum SYSTEM_FIRMWARE_TABLE_ACTION {
1670 SystemFirmwareTableEnumerate = 0,
1671 SystemFirmwareTableGet = 1,
1672 SystemFirmwareTableMax = 2,
1673 }}
1674 STRUCT!{struct SYSTEM_FIRMWARE_TABLE_INFORMATION {
1675 ProviderSignature: ULONG,
1676 Action: SYSTEM_FIRMWARE_TABLE_ACTION,
1677 TableID: ULONG,
1678 TableBufferLength: ULONG,
1679 TableBuffer: [UCHAR; 1],
1680 }}
1681 pub type PSYSTEM_FIRMWARE_TABLE_INFORMATION = *mut SYSTEM_FIRMWARE_TABLE_INFORMATION;
1682 STRUCT!{struct SYSTEM_MEMORY_LIST_INFORMATION {
1683 ZeroPageCount: ULONG_PTR,
1684 FreePageCount: ULONG_PTR,
1685 ModifiedPageCount: ULONG_PTR,
1686 ModifiedNoWritePageCount: ULONG_PTR,
1687 BadPageCount: ULONG_PTR,
1688 PageCountByPriority: [ULONG_PTR; 8],
1689 RepurposedPagesByPriority: [ULONG_PTR; 8],
1690 ModifiedPageCountPageFile: ULONG_PTR,
1691 }}
1692 pub type PSYSTEM_MEMORY_LIST_INFORMATION = *mut SYSTEM_MEMORY_LIST_INFORMATION;
1693 ENUM!{enum SYSTEM_MEMORY_LIST_COMMAND {
1694 MemoryCaptureAccessedBits = 0,
1695 MemoryCaptureAndResetAccessedBits = 1,
1696 MemoryEmptyWorkingSets = 2,
1697 MemoryFlushModifiedList = 3,
1698 MemoryPurgeStandbyList = 4,
1699 MemoryPurgeLowPriorityStandbyList = 5,
1700 MemoryCommandMax = 6,
1701 }}
1702 STRUCT!{struct SYSTEM_THREAD_CID_PRIORITY_INFORMATION {
1703 ClientId: CLIENT_ID,
1704 Priority: KPRIORITY,
1705 }}
1706 pub type PSYSTEM_THREAD_CID_PRIORITY_INFORMATION = *mut SYSTEM_THREAD_CID_PRIORITY_INFORMATION;
1707 STRUCT!{struct SYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION {
1708 CycleTime: ULONGLONG,
1709 }}
1710 pub type PSYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION =
1711 *mut SYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION;
1712 STRUCT!{struct SYSTEM_REF_TRACE_INFORMATION {
1713 TraceEnable: BOOLEAN,
1714 TracePermanent: BOOLEAN,
1715 TraceProcessName: UNICODE_STRING,
1716 TracePoolTags: UNICODE_STRING,
1717 }}
1718 pub type PSYSTEM_REF_TRACE_INFORMATION = *mut SYSTEM_REF_TRACE_INFORMATION;
1719 STRUCT!{struct SYSTEM_PROCESS_ID_INFORMATION {
1720 ProcessId: HANDLE,
1721 ImageName: UNICODE_STRING,
1722 }}
1723 pub type PSYSTEM_PROCESS_ID_INFORMATION = *mut SYSTEM_PROCESS_ID_INFORMATION;
1724 STRUCT!{struct SYSTEM_BOOT_ENVIRONMENT_INFORMATION {
1725 BootIdentifier: GUID,
1726 FirmwareType: FIRMWARE_TYPE,
1727 BootFlags: ULONGLONG,
1728 }}
1729 BITFIELD!{SYSTEM_BOOT_ENVIRONMENT_INFORMATION BootFlags: ULONGLONG [
1730 DbgMenuOsSelection set_DbgMenuOsSelection[0..1],
1731 DbgHiberBoot set_DbgHiberBoot[1..2],
1732 DbgSoftBoot set_DbgSoftBoot[2..3],
1733 DbgMeasuredLaunch set_DbgMeasuredLaunch[3..4],
1734 ]}
1735 pub type PSYSTEM_BOOT_ENVIRONMENT_INFORMATION = *mut SYSTEM_BOOT_ENVIRONMENT_INFORMATION;
1736 STRUCT!{struct SYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION {
1737 FlagsToEnable: ULONG,
1738 FlagsToDisable: ULONG,
1739 }}
1740 pub type PSYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION =
1741 *mut SYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION;
1742 #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
1743 STRUCT!{struct SYSTEM_VERIFIER_INFORMATION_EX {
1744 VerifyMode: ULONG,
1745 OptionChanges: ULONG,
1746 PreviousBucketName: UNICODE_STRING,
1747 IrpCancelTimeoutMsec: ULONG,
1748 VerifierExtensionEnabled: ULONG,
1749 Reserved: [ULONG; 1],
1750 }}
1751 #[cfg(target_arch = "x86")]
1752 STRUCT!{struct SYSTEM_VERIFIER_INFORMATION_EX {
1753 VerifyMode: ULONG,
1754 OptionChanges: ULONG,
1755 PreviousBucketName: UNICODE_STRING,
1756 IrpCancelTimeoutMsec: ULONG,
1757 VerifierExtensionEnabled: ULONG,
1758 Reserved: [ULONG; 3],
1759 }}
1760 pub type PSYSTEM_VERIFIER_INFORMATION_EX = *mut SYSTEM_VERIFIER_INFORMATION_EX;
1761 STRUCT!{struct SYSTEM_SYSTEM_PARTITION_INFORMATION {
1762 SystemPartition: UNICODE_STRING,
1763 }}
1764 pub type PSYSTEM_SYSTEM_PARTITION_INFORMATION = *mut SYSTEM_SYSTEM_PARTITION_INFORMATION;
1765 STRUCT!{struct SYSTEM_SYSTEM_DISK_INFORMATION {
1766 SystemDisk: UNICODE_STRING,
1767 }}
1768 pub type PSYSTEM_SYSTEM_DISK_INFORMATION = *mut SYSTEM_SYSTEM_DISK_INFORMATION;
1769 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT {
1770 Hits: ULONGLONG,
1771 PercentFrequency: UCHAR,
1772 }}
1773 pub type PSYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT = *mut SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT;
1774 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8 {
1775 Hits: ULONG,
1776 PercentFrequency: UCHAR,
1777 }}
1778 pub type PSYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8 =
1779 *mut SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8;
1780 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION {
1781 ProcessorNumber: ULONG,
1782 StateCount: ULONG,
1783 States: [SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT; 1],
1784 }}
1785 pub type PSYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION =
1786 *mut SYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION;
1787 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION {
1788 ProcessorCount: ULONG,
1789 Offsets: [ULONG; 1],
1790 }}
1791 pub type PSYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION =
1792 *mut SYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION;
1793 STRUCT!{struct SYSTEM_CODEINTEGRITY_INFORMATION {
1794 Length: ULONG,
1795 CodeIntegrityOptions: ULONG,
1796 }}
1797 pub type PSYSTEM_CODEINTEGRITY_INFORMATION = *mut SYSTEM_CODEINTEGRITY_INFORMATION;
1798 ENUM!{enum SYSTEM_VA_TYPE {
1799 SystemVaTypeAll = 0,
1800 SystemVaTypeNonPagedPool = 1,
1801 SystemVaTypePagedPool = 2,
1802 SystemVaTypeSystemCache = 3,
1803 SystemVaTypeSystemPtes = 4,
1804 SystemVaTypeSessionSpace = 5,
1805 SystemVaTypeMax = 6,
1806 }}
1807 pub type PSYSTEM_VA_TYPE = *mut SYSTEM_VA_TYPE;
1808 STRUCT!{struct SYSTEM_VA_LIST_INFORMATION {
1809 VirtualSize: SIZE_T,
1810 VirtualPeak: SIZE_T,
1811 VirtualLimit: SIZE_T,
1812 AllocationFailures: SIZE_T,
1813 }}
1814 pub type PSYSTEM_VA_LIST_INFORMATION = *mut SYSTEM_VA_LIST_INFORMATION;
1815 STRUCT!{struct SYSTEM_REGISTRY_APPEND_STRING_PARAMETERS {
1816 KeyHandle: HANDLE,
1817 ValueNamePointer: PUNICODE_STRING,
1818 RequiredLengthPointer: PULONG,
1819 Buffer: PUCHAR,
1820 BufferLength: ULONG,
1821 Type: ULONG,
1822 AppendBuffer: PUCHAR,
1823 AppendBufferLength: ULONG,
1824 CreateIfDoesntExist: BOOLEAN,
1825 TruncateExistingValue: BOOLEAN,
1826 }}
1827 pub type PSYSTEM_REGISTRY_APPEND_STRING_PARAMETERS = *mut SYSTEM_REGISTRY_APPEND_STRING_PARAMETERS;
1828 STRUCT!{struct SYSTEM_VHD_BOOT_INFORMATION {
1829 OsDiskIsVhd: BOOLEAN,
1830 OsVhdFilePathOffset: ULONG,
1831 OsVhdParentVolume: [WCHAR; ANYSIZE_ARRAY],
1832 }}
1833 pub type PSYSTEM_VHD_BOOT_INFORMATION = *mut SYSTEM_VHD_BOOT_INFORMATION;
1834 STRUCT!{struct SYSTEM_LOW_PRIORITY_IO_INFORMATION {
1835 LowPriReadOperations: ULONG,
1836 LowPriWriteOperations: ULONG,
1837 KernelBumpedToNormalOperations: ULONG,
1838 LowPriPagingReadOperations: ULONG,
1839 KernelPagingReadsBumpedToNormal: ULONG,
1840 LowPriPagingWriteOperations: ULONG,
1841 KernelPagingWritesBumpedToNormal: ULONG,
1842 BoostedIrpCount: ULONG,
1843 BoostedPagingIrpCount: ULONG,
1844 BlanketBoostCount: ULONG,
1845 }}
1846 pub type PSYSTEM_LOW_PRIORITY_IO_INFORMATION = *mut SYSTEM_LOW_PRIORITY_IO_INFORMATION;
1847 ENUM!{enum TPM_BOOT_ENTROPY_RESULT_CODE {
1848 TpmBootEntropyStructureUninitialized = 0,
1849 TpmBootEntropyDisabledByPolicy = 1,
1850 TpmBootEntropyNoTpmFound = 2,
1851 TpmBootEntropyTpmError = 3,
1852 TpmBootEntropySuccess = 4,
1853 }}
1854 STRUCT!{struct TPM_BOOT_ENTROPY_NT_RESULT {
1855 Policy: ULONGLONG,
1856 ResultCode: TPM_BOOT_ENTROPY_RESULT_CODE,
1857 ResultStatus: NTSTATUS,
1858 Time: ULONGLONG,
1859 EntropyLength: ULONG,
1860 EntropyData: [UCHAR; 40],
1861 }}
1862 pub type PTPM_BOOT_ENTROPY_NT_RESULT = *mut TPM_BOOT_ENTROPY_NT_RESULT;
1863 STRUCT!{struct SYSTEM_VERIFIER_COUNTERS_INFORMATION {
1864 Legacy: SYSTEM_VERIFIER_INFORMATION,
1865 RaiseIrqls: ULONG,
1866 AcquireSpinLocks: ULONG,
1867 SynchronizeExecutions: ULONG,
1868 AllocationsWithNoTag: ULONG,
1869 AllocationsFailed: ULONG,
1870 AllocationsFailedDeliberately: ULONG,
1871 LockedBytes: SIZE_T,
1872 PeakLockedBytes: SIZE_T,
1873 MappedLockedBytes: SIZE_T,
1874 PeakMappedLockedBytes: SIZE_T,
1875 MappedIoSpaceBytes: SIZE_T,
1876 PeakMappedIoSpaceBytes: SIZE_T,
1877 PagesForMdlBytes: SIZE_T,
1878 PeakPagesForMdlBytes: SIZE_T,
1879 ContiguousMemoryBytes: SIZE_T,
1880 PeakContiguousMemoryBytes: SIZE_T,
1881 ExecutePoolTypes: ULONG,
1882 ExecutePageProtections: ULONG,
1883 ExecutePageMappings: ULONG,
1884 ExecuteWriteSections: ULONG,
1885 SectionAlignmentFailures: ULONG,
1886 UnsupportedRelocs: ULONG,
1887 IATInExecutableSection: ULONG,
1888 }}
1889 pub type PSYSTEM_VERIFIER_COUNTERS_INFORMATION = *mut SYSTEM_VERIFIER_COUNTERS_INFORMATION;
1890 STRUCT!{struct SYSTEM_ACPI_AUDIT_INFORMATION {
1891 RsdpCount: ULONG,
1892 Bitfields: ULONG,
1893 }}
1894 BITFIELD!{SYSTEM_ACPI_AUDIT_INFORMATION Bitfields: ULONG [
1895 SameRsdt set_SameRsdt[0..1],
1896 SlicPresent set_SlicPresent[1..2],
1897 SlicDifferent set_SlicDifferent[2..3],
1898 ]}
1899 pub type PSYSTEM_ACPI_AUDIT_INFORMATION = *mut SYSTEM_ACPI_AUDIT_INFORMATION;
1900 STRUCT!{struct SYSTEM_BASIC_PERFORMANCE_INFORMATION {
1901 AvailablePages: SIZE_T,
1902 CommittedPages: SIZE_T,
1903 CommitLimit: SIZE_T,
1904 PeakCommitment: SIZE_T,
1905 }}
1906 pub type PSYSTEM_BASIC_PERFORMANCE_INFORMATION = *mut SYSTEM_BASIC_PERFORMANCE_INFORMATION;
1907 STRUCT!{struct QUERY_PERFORMANCE_COUNTER_FLAGS {
1908 ul: ULONG,
1909 }}
1910 BITFIELD!{QUERY_PERFORMANCE_COUNTER_FLAGS ul: ULONG [
1911 KernelTransition set_KernelTransition[0..1],
1912 Reserved set_Reserved[1..32],
1913 ]}
1914 STRUCT!{struct SYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION {
1915 Version: ULONG,
1916 Flags: QUERY_PERFORMANCE_COUNTER_FLAGS,
1917 ValidFlags: QUERY_PERFORMANCE_COUNTER_FLAGS,
1918 }}
1919 pub type PSYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION =
1920 *mut SYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION;
1921 ENUM!{enum SYSTEM_PIXEL_FORMAT {
1922 SystemPixelFormatUnknown = 0,
1923 SystemPixelFormatR8G8B8 = 1,
1924 SystemPixelFormatR8G8B8X8 = 2,
1925 SystemPixelFormatB8G8R8 = 3,
1926 SystemPixelFormatB8G8R8X8 = 4,
1927 }}
1928 STRUCT!{struct SYSTEM_BOOT_GRAPHICS_INFORMATION {
1929 FrameBuffer: LARGE_INTEGER,
1930 Width: ULONG,
1931 Height: ULONG,
1932 PixelStride: ULONG,
1933 Flags: ULONG,
1934 Format: SYSTEM_PIXEL_FORMAT,
1935 DisplayRotation: ULONG,
1936 }}
1937 pub type PSYSTEM_BOOT_GRAPHICS_INFORMATION = *mut SYSTEM_BOOT_GRAPHICS_INFORMATION;
1938 STRUCT!{struct MEMORY_SCRUB_INFORMATION {
1939 Handle: HANDLE,
1940 PagesScrubbed: ULONG,
1941 }}
1942 pub type PMEMORY_SCRUB_INFORMATION = *mut MEMORY_SCRUB_INFORMATION;
1943 STRUCT!{struct PEBS_DS_SAVE_AREA {
1944 BtsBufferBase: ULONGLONG,
1945 BtsIndex: ULONGLONG,
1946 BtsAbsoluteMaximum: ULONGLONG,
1947 BtsInterruptThreshold: ULONGLONG,
1948 PebsBufferBase: ULONGLONG,
1949 PebsIndex: ULONGLONG,
1950 PebsAbsoluteMaximum: ULONGLONG,
1951 PebsInterruptThreshold: ULONGLONG,
1952 PebsCounterReset0: ULONGLONG,
1953 PebsCounterReset1: ULONGLONG,
1954 PebsCounterReset2: ULONGLONG,
1955 PebsCounterReset3: ULONGLONG,
1956 }}
1957 pub type PPEBS_DS_SAVE_AREA = *mut PEBS_DS_SAVE_AREA;
1958 STRUCT!{struct PROCESSOR_PROFILE_CONTROL_AREA {
1959 PebsDsSaveArea: PEBS_DS_SAVE_AREA,
1960 }}
1961 pub type PPROCESSOR_PROFILE_CONTROL_AREA = *mut PROCESSOR_PROFILE_CONTROL_AREA;
1962 STRUCT!{struct SYSTEM_PROCESSOR_PROFILE_CONTROL_AREA {
1963 ProcessorProfileControlArea: PROCESSOR_PROFILE_CONTROL_AREA,
1964 Allocate: BOOLEAN,
1965 }}
1966 pub type PSYSTEM_PROCESSOR_PROFILE_CONTROL_AREA = *mut SYSTEM_PROCESSOR_PROFILE_CONTROL_AREA;
1967 STRUCT!{struct MEMORY_COMBINE_INFORMATION {
1968 Handle: HANDLE,
1969 PagesCombined: ULONG_PTR,
1970 }}
1971 pub type PMEMORY_COMBINE_INFORMATION = *mut MEMORY_COMBINE_INFORMATION;
1972 pub const MEMORY_COMBINE_FLAGS_COMMON_PAGES_ONLY: ULONG = 0x4;
1973 STRUCT!{struct MEMORY_COMBINE_INFORMATION_EX {
1974 Handle: HANDLE,
1975 PagesCombined: ULONG_PTR,
1976 Flags: ULONG,
1977 }}
1978 pub type PMEMORY_COMBINE_INFORMATION_EX = *mut MEMORY_COMBINE_INFORMATION_EX;
1979 STRUCT!{struct MEMORY_COMBINE_INFORMATION_EX2 {
1980 Handle: HANDLE,
1981 PagesCombined: ULONG_PTR,
1982 Flags: ULONG,
1983 ProcessHandle: HANDLE,
1984 }}
1985 pub type PMEMORY_COMBINE_INFORMATION_EX2 = *mut MEMORY_COMBINE_INFORMATION_EX2;
1986 STRUCT!{struct SYSTEM_CONSOLE_INFORMATION {
1987 Bitfields: ULONG,
1988 }}
1989 BITFIELD!{SYSTEM_CONSOLE_INFORMATION Bitfields: ULONG [
1990 DriverLoaded set_DriverLoaded[0..1],
1991 Spare set_Spare[1..32],
1992 ]}
1993 pub type PSYSTEM_CONSOLE_INFORMATION = *mut SYSTEM_CONSOLE_INFORMATION;
1994 STRUCT!{struct SYSTEM_PLATFORM_BINARY_INFORMATION {
1995 PhysicalAddress: ULONG64,
1996 HandoffBuffer: PVOID,
1997 CommandLineBuffer: PVOID,
1998 HandoffBufferSize: ULONG,
1999 CommandLineBufferSize: ULONG,
2000 }}
2001 pub type PSYSTEM_PLATFORM_BINARY_INFORMATION = *mut SYSTEM_PLATFORM_BINARY_INFORMATION;
2002 STRUCT!{struct SYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION {
2003 NumberOfLogicalProcessors: ULONG,
2004 NumberOfCores: ULONG,
2005 }}
2006 pub type PSYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION =
2007 *mut SYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION;
2008 STRUCT!{struct SYSTEM_DEVICE_DATA_INFORMATION {
2009 DeviceId: UNICODE_STRING,
2010 DataName: UNICODE_STRING,
2011 DataType: ULONG,
2012 DataBufferLength: ULONG,
2013 DataBuffer: PVOID,
2014 }}
2015 pub type PSYSTEM_DEVICE_DATA_INFORMATION = *mut SYSTEM_DEVICE_DATA_INFORMATION;
2016 STRUCT!{struct PHYSICAL_CHANNEL_RUN {
2017 NodeNumber: ULONG,
2018 ChannelNumber: ULONG,
2019 BasePage: ULONGLONG,
2020 PageCount: ULONGLONG,
2021 Flags: ULONG,
2022 }}
2023 pub type PPHYSICAL_CHANNEL_RUN = *mut PHYSICAL_CHANNEL_RUN;
2024 STRUCT!{struct SYSTEM_MEMORY_TOPOLOGY_INFORMATION {
2025 NumberOfRuns: ULONGLONG,
2026 NumberOfNodes: ULONG,
2027 NumberOfChannels: ULONG,
2028 Run: [PHYSICAL_CHANNEL_RUN; 1],
2029 }}
2030 pub type PSYSTEM_MEMORY_TOPOLOGY_INFORMATION = *mut SYSTEM_MEMORY_TOPOLOGY_INFORMATION;
2031 STRUCT!{struct SYSTEM_MEMORY_CHANNEL_INFORMATION {
2032 ChannelNumber: ULONG,
2033 ChannelHeatIndex: ULONG,
2034 TotalPageCount: ULONGLONG,
2035 ZeroPageCount: ULONGLONG,
2036 FreePageCount: ULONGLONG,
2037 StandbyPageCount: ULONGLONG,
2038 }}
2039 pub type PSYSTEM_MEMORY_CHANNEL_INFORMATION = *mut SYSTEM_MEMORY_CHANNEL_INFORMATION;
2040 STRUCT!{struct SYSTEM_BOOT_LOGO_INFORMATION {
2041 Flags: ULONG,
2042 BitmapOffset: ULONG,
2043 }}
2044 pub type PSYSTEM_BOOT_LOGO_INFORMATION = *mut SYSTEM_BOOT_LOGO_INFORMATION;
2045 STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX {
2046 IdleTime: LARGE_INTEGER,
2047 KernelTime: LARGE_INTEGER,
2048 UserTime: LARGE_INTEGER,
2049 DpcTime: LARGE_INTEGER,
2050 InterruptTime: LARGE_INTEGER,
2051 InterruptCount: ULONG,
2052 Spare0: ULONG,
2053 AvailableTime: LARGE_INTEGER,
2054 Spare1: LARGE_INTEGER,
2055 Spare2: LARGE_INTEGER,
2056 }}
2057 pub type PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX =
2058 *mut SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX;
2059 STRUCT!{struct SYSTEM_SECUREBOOT_POLICY_INFORMATION {
2060 PolicyPublisher: GUID,
2061 PolicyVersion: ULONG,
2062 PolicyOptions: ULONG,
2063 }}
2064 pub type PSYSTEM_SECUREBOOT_POLICY_INFORMATION = *mut SYSTEM_SECUREBOOT_POLICY_INFORMATION;
2065 STRUCT!{struct SYSTEM_PAGEFILE_INFORMATION_EX {
2066 Info: SYSTEM_PAGEFILE_INFORMATION,
2067 MinimumSize: ULONG,
2068 MaximumSize: ULONG,
2069 }}
2070 pub type PSYSTEM_PAGEFILE_INFORMATION_EX = *mut SYSTEM_PAGEFILE_INFORMATION_EX;
2071 STRUCT!{struct SYSTEM_SECUREBOOT_INFORMATION {
2072 SecureBootEnabled: BOOLEAN,
2073 SecureBootCapable: BOOLEAN,
2074 }}
2075 pub type PSYSTEM_SECUREBOOT_INFORMATION = *mut SYSTEM_SECUREBOOT_INFORMATION;
2076 STRUCT!{struct PROCESS_DISK_COUNTERS {
2077 BytesRead: ULONGLONG,
2078 BytesWritten: ULONGLONG,
2079 ReadOperationCount: ULONGLONG,
2080 WriteOperationCount: ULONGLONG,
2081 FlushOperationCount: ULONGLONG,
2082 }}
2083 pub type PPROCESS_DISK_COUNTERS = *mut PROCESS_DISK_COUNTERS;
2084 UNION!{union ENERGY_STATE_DURATION_u {
2085 Value: ULONGLONG,
2086 LastChangeTime: ULONG,
2087 }}
2088 UNION!{union ENERGY_STATE_DURATION {
2089 u: ENERGY_STATE_DURATION_u,
2090 BitFields: ULONG,
2091 }}
2092 pub type PENERGY_STATE_DURATION = *mut ENERGY_STATE_DURATION;
2093 BITFIELD!{unsafe ENERGY_STATE_DURATION BitFields: ULONG [
2094 Duration set_Duration[0..31],
2095 IsInState set_IsInState[31..32],
2096 ]}
2097 STRUCT!{struct PROCESS_ENERGY_VALUES {
2098 Cycles: [[ULONGLONG; 4]; 2],
2099 DiskEnergy: ULONGLONG,
2100 NetworkTailEnergy: ULONGLONG,
2101 MBBTailEnergy: ULONGLONG,
2102 NetworkTxRxBytes: ULONGLONG,
2103 MBBTxRxBytes: ULONGLONG,
2104 ForegroundDuration: ENERGY_STATE_DURATION,
2105 DesktopVisibleDuration: ENERGY_STATE_DURATION,
2106 PSMForegroundDuration: ENERGY_STATE_DURATION,
2107 CompositionRendered: ULONG,
2108 CompositionDirtyGenerated: ULONG,
2109 CompositionDirtyPropagated: ULONG,
2110 Reserved1: ULONG,
2111 AttributedCycles: [[ULONGLONG; 2]; 4],
2112 WorkOnBehalfCycles: [[ULONGLONG; 2]; 4],
2113 }}
2114 pub type PPROCESS_ENERGY_VALUES = *mut PROCESS_ENERGY_VALUES;
2115 STRUCT!{struct TIMELINE_BITMAP {
2116 Value: ULONGLONG,
2117 EndTime: ULONG,
2118 Bitmap: ULONG,
2119 }}
2120 pub type PTIMELINE_BITMAP = *mut TIMELINE_BITMAP;
2121 STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION_Timelines {
2122 CpuTimeline: TIMELINE_BITMAP,
2123 DiskTimeline: TIMELINE_BITMAP,
2124 NetworkTimeline: TIMELINE_BITMAP,
2125 MBBTimeline: TIMELINE_BITMAP,
2126 ForegroundTimeline: TIMELINE_BITMAP,
2127 DesktopVisibleTimeline: TIMELINE_BITMAP,
2128 CompositionRenderedTimeline: TIMELINE_BITMAP,
2129 CompositionDirtyGeneratedTimeline: TIMELINE_BITMAP,
2130 CompositionDirtyPropagatedTimeline: TIMELINE_BITMAP,
2131 InputTimeline: TIMELINE_BITMAP,
2132 AudioInTimeline: TIMELINE_BITMAP,
2133 AudioOutTimeline: TIMELINE_BITMAP,
2134 DisplayRequiredTimeline: TIMELINE_BITMAP,
2135 KeyboardInputTimeline: TIMELINE_BITMAP,
2136 }}
2137 STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION_Durations {
2138 InputDuration: ENERGY_STATE_DURATION,
2139 AudioInDuration: ENERGY_STATE_DURATION,
2140 AudioOutDuration: ENERGY_STATE_DURATION,
2141 DisplayRequiredDuration: ENERGY_STATE_DURATION,
2142 PSMBackgroundDuration: ENERGY_STATE_DURATION,
2143 }}
2144 STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION {
2145 Timelines: PROCESS_ENERGY_VALUES_EXTENSION_Timelines,
2146 Durations: PROCESS_ENERGY_VALUES_EXTENSION_Durations,
2147 KeyboardInput: ULONG,
2148 MouseInput: ULONG,
2149 }}
2150 pub type PPROCESS_ENERGY_VALUES_EXTENSION = *mut PROCESS_ENERGY_VALUES_EXTENSION;
2151 STRUCT!{struct PROCESS_EXTENDED_ENERGY_VALUES {
2152 Base: PROCESS_ENERGY_VALUES,
2153 Extension: PROCESS_ENERGY_VALUES_EXTENSION,
2154 }}
2155 pub type PPROCESS_EXTENDED_ENERGY_VALUES = *mut PROCESS_EXTENDED_ENERGY_VALUES;
2156 ENUM!{enum SYSTEM_PROCESS_CLASSIFICATION {
2157 SystemProcessClassificationNormal = 0,
2158 SystemProcessClassificationSystem = 1,
2159 SystemProcessClassificationSecureSystem = 2,
2160 SystemProcessClassificationMemCompression = 3,
2161 SystemProcessClassificationRegistry = 4,
2162 SystemProcessClassificationMaximum = 5,
2163 }}
2164 STRUCT!{struct SYSTEM_PROCESS_INFORMATION_EXTENSION {
2165 DiskCounters: PROCESS_DISK_COUNTERS,
2166 ContextSwitches: ULONGLONG,
2167 Flags: ULONG,
2168 UserSidOffset: ULONG,
2169 PackageFullNameOffset: ULONG,
2170 EnergyValues: PROCESS_ENERGY_VALUES,
2171 AppIdOffset: ULONG,
2172 SharedCommitCharge: SIZE_T,
2173 JobObjectId: ULONG,
2174 SpareUlong: ULONG,
2175 ProcessSequenceNumber: ULONGLONG,
2176 }}
2177 BITFIELD!{SYSTEM_PROCESS_INFORMATION_EXTENSION Flags: ULONG [
2178 HasStrongId set_HasStrongId[0..1],
2179 Classification set_Classification[1..5],
2180 BackgroundActivityModerated set_BackgroundActivityModerated[5..6],
2181 Spare set_Spare[6..32],
2182 ]}
2183 pub type PSYSTEM_PROCESS_INFORMATION_EXTENSION = *mut SYSTEM_PROCESS_INFORMATION_EXTENSION;
2184 STRUCT!{struct SYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION {
2185 EfiLauncherEnabled: BOOLEAN,
2186 }}
2187 pub type PSYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION =
2188 *mut SYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION;
2189 STRUCT!{struct SYSTEM_KERNEL_DEBUGGER_INFORMATION_EX {
2190 DebuggerAllowed: BOOLEAN,
2191 DebuggerEnabled: BOOLEAN,
2192 DebuggerPresent: BOOLEAN,
2193 }}
2194 pub type PSYSTEM_KERNEL_DEBUGGER_INFORMATION_EX = *mut SYSTEM_KERNEL_DEBUGGER_INFORMATION_EX;
2195 STRUCT!{struct SYSTEM_ELAM_CERTIFICATE_INFORMATION {
2196 ElamDriverFile: HANDLE,
2197 }}
2198 pub type PSYSTEM_ELAM_CERTIFICATE_INFORMATION = *mut SYSTEM_ELAM_CERTIFICATE_INFORMATION;
2199 STRUCT!{struct SYSTEM_PROCESSOR_FEATURES_INFORMATION {
2200 ProcessorFeatureBits: ULONGLONG,
2201 Reserved: [ULONGLONG; 3],
2202 }}
2203 pub type PSYSTEM_PROCESSOR_FEATURES_INFORMATION = *mut SYSTEM_PROCESSOR_FEATURES_INFORMATION;
2204 STRUCT!{struct SYSTEM_MANUFACTURING_INFORMATION {
2205 Options: ULONG,
2206 ProfileName: UNICODE_STRING,
2207 }}
2208 pub type PSYSTEM_MANUFACTURING_INFORMATION = *mut SYSTEM_MANUFACTURING_INFORMATION;
2209 STRUCT!{struct SYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION {
2210 Enabled: BOOLEAN,
2211 }}
2212 pub type PSYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION =
2213 *mut SYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION;
2214 STRUCT!{struct HV_DETAILS {
2215 Data: [ULONG; 4],
2216 }}
2217 pub type PHV_DETAILS = *mut HV_DETAILS;
2218 STRUCT!{struct SYSTEM_HYPERVISOR_DETAIL_INFORMATION {
2219 HvVendorAndMaxFunction: HV_DETAILS,
2220 HypervisorInterface: HV_DETAILS,
2221 HypervisorVersion: HV_DETAILS,
2222 HvFeatures: HV_DETAILS,
2223 HwFeatures: HV_DETAILS,
2224 EnlightenmentInfo: HV_DETAILS,
2225 ImplementationLimits: HV_DETAILS,
2226 }}
2227 pub type PSYSTEM_HYPERVISOR_DETAIL_INFORMATION = *mut SYSTEM_HYPERVISOR_DETAIL_INFORMATION;
2228 STRUCT!{struct SYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION {
2229 Cycles: [[ULONGLONG; 4]; 2],
2230 }}
2231 pub type PSYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION = *mut SYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION;
2232 STRUCT!{struct SYSTEM_TPM_INFORMATION {
2233 Flags: ULONG,
2234 }}
2235 pub type PSYSTEM_TPM_INFORMATION = *mut SYSTEM_TPM_INFORMATION;
2236 STRUCT!{struct SYSTEM_VSM_PROTECTION_INFORMATION {
2237 DmaProtectionsAvailable: BOOLEAN,
2238 DmaProtectionsInUse: BOOLEAN,
2239 HardwareMbecAvailable: BOOLEAN,
2240 }}
2241 pub type PSYSTEM_VSM_PROTECTION_INFORMATION = *mut SYSTEM_VSM_PROTECTION_INFORMATION;
2242 STRUCT!{struct SYSTEM_CODEINTEGRITYPOLICY_INFORMATION {
2243 Options: ULONG,
2244 HVCIOptions: ULONG,
2245 Version: ULONGLONG,
2246 PolicyGuid: GUID,
2247 }}
2248 pub type PSYSTEM_CODEINTEGRITYPOLICY_INFORMATION = *mut SYSTEM_CODEINTEGRITYPOLICY_INFORMATION;
2249 STRUCT!{struct SYSTEM_ISOLATED_USER_MODE_INFORMATION {
2250 Bitfields1: BOOLEAN,
2251 Bitfields2: BOOLEAN,
2252 Spare0: [BOOLEAN; 6],
2253 Spare1: ULONGLONG,
2254 }}
2255 BITFIELD!{SYSTEM_ISOLATED_USER_MODE_INFORMATION Bitfields1: BOOLEAN [
2256 SecureKernelRunning set_SecureKernelRunning[0..1],
2257 HvciEnabled set_HvciEnabled[1..2],
2258 HvciStrictMode set_HvciStrictMode[2..3],
2259 DebugEnabled set_DebugEnabled[3..4],
2260 FirmwarePageProtection set_FirmwarePageProtection[4..5],
2261 EncryptionKeyAvailable set_EncryptionKeyAvailable[5..6],
2262 SpareFlags set_SpareFlags[6..7],
2263 TrustletRunning set_TrustletRunning[7..8],
2264 ]}
2265 BITFIELD!{SYSTEM_ISOLATED_USER_MODE_INFORMATION Bitfields2: BOOLEAN [
2266 SpareFlags2 set_SpareFlags2[0..1],
2267 ]}
2268 pub type PSYSTEM_ISOLATED_USER_MODE_INFORMATION = *mut SYSTEM_ISOLATED_USER_MODE_INFORMATION;
2269 STRUCT!{struct SYSTEM_SINGLE_MODULE_INFORMATION {
2270 TargetModuleAddress: PVOID,
2271 ExInfo: RTL_PROCESS_MODULE_INFORMATION_EX,
2272 }}
2273 pub type PSYSTEM_SINGLE_MODULE_INFORMATION = *mut SYSTEM_SINGLE_MODULE_INFORMATION;
2274 STRUCT!{struct SYSTEM_INTERRUPT_CPU_SET_INFORMATION {
2275 Gsiv: ULONG,
2276 Group: USHORT,
2277 CpuSets: ULONGLONG,
2278 }}
2279 pub type PSYSTEM_INTERRUPT_CPU_SET_INFORMATION = *mut SYSTEM_INTERRUPT_CPU_SET_INFORMATION;
2280 STRUCT!{struct SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION {
2281 PolicyInformation: SYSTEM_SECUREBOOT_POLICY_INFORMATION,
2282 PolicySize: ULONG,
2283 Policy: [UCHAR; 1],
2284 }}
2285 pub type PSYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION =
2286 *mut SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION;
2287 STRUCT!{struct SYSTEM_ROOT_SILO_INFORMATION {
2288 NumberOfSilos: ULONG,
2289 SiloIdList: [ULONG; 1],
2290 }}
2291 pub type PSYSTEM_ROOT_SILO_INFORMATION = *mut SYSTEM_ROOT_SILO_INFORMATION;
2292 STRUCT!{struct SYSTEM_CPU_SET_TAG_INFORMATION {
2293 Tag: ULONGLONG,
2294 CpuSets: [ULONGLONG; 1],
2295 }}
2296 pub type PSYSTEM_CPU_SET_TAG_INFORMATION = *mut SYSTEM_CPU_SET_TAG_INFORMATION;
2297 STRUCT!{struct SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION {
2298 ExtentCount: ULONG,
2299 ValidStructureSize: ULONG,
2300 NextExtentIndex: ULONG,
2301 ExtentRestart: ULONG,
2302 CycleCount: ULONG,
2303 TimeoutCount: ULONG,
2304 CycleTime: ULONGLONG,
2305 CycleTimeMax: ULONGLONG,
2306 ExtentTime: ULONGLONG,
2307 ExtentTimeIndex: ULONG,
2308 ExtentTimeMaxIndex: ULONG,
2309 ExtentTimeMax: ULONGLONG,
2310 HyperFlushTimeMax: ULONGLONG,
2311 TranslateVaTimeMax: ULONGLONG,
2312 DebugExemptionCount: ULONGLONG,
2313 TbHitCount: ULONGLONG,
2314 TbMissCount: ULONGLONG,
2315 VinaPendingYield: ULONGLONG,
2316 HashCycles: ULONGLONG,
2317 HistogramOffset: ULONG,
2318 HistogramBuckets: ULONG,
2319 HistogramShift: ULONG,
2320 Reserved1: ULONG,
2321 PageNotPresentCount: ULONGLONG,
2322 }}
2323 pub type PSYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION =
2324 *mut SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION;
2325 STRUCT!{struct SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION {
2326 PlatformManifestSize: ULONG,
2327 PlatformManifest: [UCHAR; 1],
2328 }}
2329 pub type PSYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION =
2330 *mut SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION;
2331 STRUCT!{struct SYSTEM_MEMORY_USAGE_INFORMATION {
2332 TotalPhysicalBytes: ULONGLONG,
2333 AvailableBytes: ULONGLONG,
2334 ResidentAvailableBytes: LONGLONG,
2335 CommittedBytes: ULONGLONG,
2336 SharedCommittedBytes: ULONGLONG,
2337 CommitLimitBytes: ULONGLONG,
2338 PeakCommitmentBytes: ULONGLONG,
2339 }}
2340 pub type PSYSTEM_MEMORY_USAGE_INFORMATION = *mut SYSTEM_MEMORY_USAGE_INFORMATION;
2341 STRUCT!{struct SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION {
2342 ImageFile: HANDLE,
2343 Type: ULONG,
2344 }}
2345 pub type PSYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION =
2346 *mut SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION;
2347 STRUCT!{struct SYSTEM_PHYSICAL_MEMORY_INFORMATION {
2348 TotalPhysicalBytes: ULONGLONG,
2349 LowestPhysicalAddress: ULONGLONG,
2350 HighestPhysicalAddress: ULONGLONG,
2351 }}
2352 pub type PSYSTEM_PHYSICAL_MEMORY_INFORMATION = *mut SYSTEM_PHYSICAL_MEMORY_INFORMATION;
2353 ENUM!{enum SYSTEM_ACTIVITY_MODERATION_STATE {
2354 SystemActivityModerationStateSystemManaged = 0,
2355 SystemActivityModerationStateUserManagedAllowThrottling = 1,
2356 SystemActivityModerationStateUserManagedDisableThrottling = 2,
2357 MaxSystemActivityModerationState = 3,
2358 }}
2359 ENUM!{enum SYSTEM_ACTIVITY_MODERATION_APP_TYPE {
2360 SystemActivityModerationAppTypeClassic = 0,
2361 SystemActivityModerationAppTypePackaged = 1,
2362 MaxSystemActivityModerationAppType = 2,
2363 }}
2364 STRUCT!{struct SYSTEM_ACTIVITY_MODERATION_INFO {
2365 Identifier: UNICODE_STRING,
2366 ModerationState: SYSTEM_ACTIVITY_MODERATION_STATE,
2367 AppType: SYSTEM_ACTIVITY_MODERATION_APP_TYPE,
2368 }}
2369 pub type PSYSTEM_ACTIVITY_MODERATION_INFO = *mut SYSTEM_ACTIVITY_MODERATION_INFO;
2370 STRUCT!{struct SYSTEM_ACTIVITY_MODERATION_USER_SETTINGS {
2371 UserKeyHandle: HANDLE,
2372 }}
2373 pub type PSYSTEM_ACTIVITY_MODERATION_USER_SETTINGS = *mut SYSTEM_ACTIVITY_MODERATION_USER_SETTINGS;
2374 STRUCT!{struct SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION {
2375 Flags: ULONG,
2376 UnlockId: [UCHAR; 32],
2377 }}
2378 BITFIELD!{SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION Flags: ULONG [
2379 Locked set_Locked[0..1],
2380 Unlockable set_Unlockable[1..2],
2381 UnlockApplied set_UnlockApplied[2..3],
2382 UnlockIdValid set_UnlockIdValid[3..4],
2383 Reserved set_Reserved[4..32],
2384 ]}
2385 pub type PSYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION = *mut SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION;
2386 STRUCT!{struct SYSTEM_FLUSH_INFORMATION {
2387 SupportedFlushMethods: ULONG,
2388 ProcessorCacheFlushSize: ULONG,
2389 SystemFlushCapabilities: ULONGLONG,
2390 Reserved: [ULONGLONG; 2],
2391 }}
2392 pub type PSYSTEM_FLUSH_INFORMATION = *mut SYSTEM_FLUSH_INFORMATION;
2393 STRUCT!{struct SYSTEM_WRITE_CONSTRAINT_INFORMATION {
2394 WriteConstraintPolicy: ULONG,
2395 Reserved: ULONG,
2396 }}
2397 pub type PSYSTEM_WRITE_CONSTRAINT_INFORMATION = *mut SYSTEM_WRITE_CONSTRAINT_INFORMATION;
2398 STRUCT!{struct SYSTEM_KERNEL_VA_SHADOW_INFORMATION {
2399 Flags: ULONG,
2400 }}
2401 BITFIELD!{SYSTEM_KERNEL_VA_SHADOW_INFORMATION Flags: ULONG [
2402 KvaShadowEnabled set_KvaShadowEnabled[0..1],
2403 KvaShadowUserGlobal set_KvaShadowUserGlobal[1..2],
2404 KvaShadowPcid set_KvaShadowPcid[2..3],
2405 KvaShadowInvpcid set_KvaShadowInvpcid[3..4],
2406 KvaShadowRequired set_KvaShadowRequired[4..5],
2407 KvaShadowRequiredAvailable set_KvaShadowRequiredAvailable[5..6],
2408 InvalidPteBit set_InvalidPteBit[6..12],
2409 L1DataCacheFlushSupported set_L1DataCacheFlushSupported[12..13],
2410 L1TerminalFaultMitigationPresent set_L1TerminalFaultMitigationPresent[13..14],
2411 Reserved set_Reserved[14..32],
2412 ]}
2413 pub type PSYSTEM_KERNEL_VA_SHADOW_INFORMATION = *mut SYSTEM_KERNEL_VA_SHADOW_INFORMATION;
2414 STRUCT!{struct SYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION {
2415 FileHandle: HANDLE,
2416 ImageSize: ULONG,
2417 Image: PVOID,
2418 }}
2419 pub type PSYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION =
2420 *mut SYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION;
2421 STRUCT!{struct SYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION {
2422 HypervisorSharedUserVa: PVOID,
2423 }}
2424 pub type PSYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION =
2425 *mut SYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION;
2426 STRUCT!{struct SYSTEM_SPECULATION_CONTROL_INFORMATION {
2427 Flags: ULONG,
2428 }}
2429 BITFIELD!{SYSTEM_SPECULATION_CONTROL_INFORMATION Flags: ULONG [
2430 BpbEnabled set_BpbEnabled[0..1],
2431 BpbDisabledSystemPolicy set_BpbDisabledSystemPolicy[1..2],
2432 BpbDisabledNoHardwareSupport set_BpbDisabledNoHardwareSupport[2..3],
2433 SpecCtrlEnumerated set_SpecCtrlEnumerated[3..4],
2434 SpecCmdEnumerated set_SpecCmdEnumerated[4..5],
2435 IbrsPresent set_IbrsPresent[5..6],
2436 StibpPresent set_StibpPresent[6..7],
2437 SmepPresent set_SmepPresent[7..8],
2438 SpeculativeStoreBypassDisableAvailable set_SpeculativeStoreBypassDisableAvailable[8..9],
2439 SpeculativeStoreBypassDisableSupported set_SpeculativeStoreBypassDisableSupported[9..10],
2440 SpeculativeStoreBypassDisabledSystemWide set_SpeculativeStoreBypassDisabledSystemWide[10..11],
2441 SpeculativeStoreBypassDisabledKernel set_SpeculativeStoreBypassDisabledKernel[11..12],
2442 SpeculativeStoreBypassDisableRequired set_SpeculativeStoreBypassDisableRequired[12..13],
2443 BpbDisabledKernelToUser set_BpbDisabledKernelToUser[13..14],
2444 SpecCtrlRetpolineEnabled set_SpecCtrlRetpolineEnabled[14..15],
2445 SpecCtrlImportOptimizationEnabled set_SpecCtrlImportOptimizationEnabled[15..16],
2446 Reserved set_Reserved[16..32],
2447 ]}
2448 pub type PSYSTEM_SPECULATION_CONTROL_INFORMATION = *mut SYSTEM_SPECULATION_CONTROL_INFORMATION;
2449 STRUCT!{struct SYSTEM_DMA_GUARD_POLICY_INFORMATION {
2450 DmaGuardPolicyEnabled: BOOLEAN,
2451 }}
2452 pub type PSYSTEM_DMA_GUARD_POLICY_INFORMATION = *mut SYSTEM_DMA_GUARD_POLICY_INFORMATION;
2453 STRUCT!{struct SYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION {
2454 EnclaveLaunchSigner: [UCHAR; 32],
2455 }}
2456 pub type PSYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION =
2457 *mut SYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION;
2458 STRUCT!{struct SYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION {
2459 WorkloadClass: ULONGLONG,
2460 CpuSets: [ULONGLONG; 1],
2461 }}
2462 pub type PSYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION =
2463 *mut SYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION;
2464 EXTERN!{extern "system" {
2465 fn NtQuerySystemInformation(
2466 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2467 SystemInformation: PVOID,
2468 SystemInformationLength: ULONG,
2469 ReturnLength: PULONG,
2470 ) -> NTSTATUS;
2471 fn NtQuerySystemInformationEx(
2472 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2473 InputBuffer: PVOID,
2474 InputBufferLength: ULONG,
2475 SystemInformation: PVOID,
2476 SystemInformationLength: ULONG,
2477 ReturnLength: PULONG,
2478 ) -> NTSTATUS;
2479 fn NtSetSystemInformation(
2480 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2481 SystemInformation: PVOID,
2482 SystemInformationLength: ULONG,
2483 ) -> NTSTATUS;
2484 }}
2485 ENUM!{enum SYSDBG_COMMAND {
2486 SysDbgQueryModuleInformation = 0,
2487 SysDbgQueryTraceInformation = 1,
2488 SysDbgSetTracepoint = 2,
2489 SysDbgSetSpecialCall = 3,
2490 SysDbgClearSpecialCalls = 4,
2491 SysDbgQuerySpecialCalls = 5,
2492 SysDbgBreakPoint = 6,
2493 SysDbgQueryVersion = 7,
2494 SysDbgReadVirtual = 8,
2495 SysDbgWriteVirtual = 9,
2496 SysDbgReadPhysical = 10,
2497 SysDbgWritePhysical = 11,
2498 SysDbgReadControlSpace = 12,
2499 SysDbgWriteControlSpace = 13,
2500 SysDbgReadIoSpace = 14,
2501 SysDbgWriteIoSpace = 15,
2502 SysDbgReadMsr = 16,
2503 SysDbgWriteMsr = 17,
2504 SysDbgReadBusData = 18,
2505 SysDbgWriteBusData = 19,
2506 SysDbgCheckLowMemory = 20,
2507 SysDbgEnableKernelDebugger = 21,
2508 SysDbgDisableKernelDebugger = 22,
2509 SysDbgGetAutoKdEnable = 23,
2510 SysDbgSetAutoKdEnable = 24,
2511 SysDbgGetPrintBufferSize = 25,
2512 SysDbgSetPrintBufferSize = 26,
2513 SysDbgGetKdUmExceptionEnable = 27,
2514 SysDbgSetKdUmExceptionEnable = 28,
2515 SysDbgGetTriageDump = 29,
2516 SysDbgGetKdBlockEnable = 30,
2517 SysDbgSetKdBlockEnable = 31,
2518 SysDbgRegisterForUmBreakInfo = 32,
2519 SysDbgGetUmBreakPid = 33,
2520 SysDbgClearUmBreakPid = 34,
2521 SysDbgGetUmAttachPid = 35,
2522 SysDbgClearUmAttachPid = 36,
2523 SysDbgGetLiveKernelDump = 37,
2524 }}
2525 pub type PSYSDBG_COMMAND = *mut SYSDBG_COMMAND;
2526 STRUCT!{struct SYSDBG_VIRTUAL {
2527 Address: PVOID,
2528 Buffer: PVOID,
2529 Request: ULONG,
2530 }}
2531 pub type PSYSDBG_VIRTUAL = *mut SYSDBG_VIRTUAL;
2532 STRUCT!{struct SYSDBG_PHYSICAL {
2533 Address: PHYSICAL_ADDRESS,
2534 Buffer: PVOID,
2535 Request: ULONG,
2536 }}
2537 pub type PSYSDBG_PHYSICAL = *mut SYSDBG_PHYSICAL;
2538 STRUCT!{struct SYSDBG_CONTROL_SPACE {
2539 Address: ULONG64,
2540 Buffer: PVOID,
2541 Request: ULONG,
2542 Processor: ULONG,
2543 }}
2544 pub type PSYSDBG_CONTROL_SPACE = *mut SYSDBG_CONTROL_SPACE;
2545 STRUCT!{struct SYSDBG_IO_SPACE {
2546 Address: ULONG64,
2547 Buffer: PVOID,
2548 Request: ULONG,
2549 InterfaceType: INTERFACE_TYPE,
2550 BusNumber: ULONG,
2551 AddressSpace: ULONG,
2552 }}
2553 pub type PSYSDBG_IO_SPACE = *mut SYSDBG_IO_SPACE;
2554 STRUCT!{struct SYSDBG_MSR {
2555 Msr: ULONG,
2556 Data: ULONG64,
2557 }}
2558 pub type PSYSDBG_MSR = *mut SYSDBG_MSR;
2559 STRUCT!{struct SYSDBG_BUS_DATA {
2560 Address: ULONG,
2561 Buffer: PVOID,
2562 Request: ULONG,
2563 BusDataType: BUS_DATA_TYPE,
2564 BusNumber: ULONG,
2565 SlotNumber: ULONG,
2566 }}
2567 pub type PSYSDBG_BUS_DATA = *mut SYSDBG_BUS_DATA;
2568 STRUCT!{struct SYSDBG_TRIAGE_DUMP {
2569 Flags: ULONG,
2570 BugCheckCode: ULONG,
2571 BugCheckParam1: ULONG_PTR,
2572 BugCheckParam2: ULONG_PTR,
2573 BugCheckParam3: ULONG_PTR,
2574 BugCheckParam4: ULONG_PTR,
2575 ProcessHandles: ULONG,
2576 ThreadHandles: ULONG,
2577 Handles: PHANDLE,
2578 }}
2579 pub type PSYSDBG_TRIAGE_DUMP = *mut SYSDBG_TRIAGE_DUMP;
2580 STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL_FLAGS {
2581 AsUlong: ULONG,
2582 }}
2583 BITFIELD!{SYSDBG_LIVEDUMP_CONTROL_FLAGS AsUlong: ULONG [
2584 UseDumpStorageStack set_UseDumpStorageStack[0..1],
2585 CompressMemoryPagesData set_CompressMemoryPagesData[1..2],
2586 IncludeUserSpaceMemoryPages set_IncludeUserSpaceMemoryPages[2..3],
2587 AbortIfMemoryPressure set_AbortIfMemoryPressure[3..4],
2588 Reserved set_Reserved[4..32],
2589 ]}
2590 pub type PSYSDBG_LIVEDUMP_CONTROL_FLAGS = *mut SYSDBG_LIVEDUMP_CONTROL_FLAGS;
2591 STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL_ADDPAGES {
2592 AsUlong: ULONG,
2593 }}
2594 BITFIELD!{SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AsUlong: ULONG [
2595 HypervisorPages set_HypervisorPages[0..1],
2596 Reserved set_Reserved[1..32],
2597 ]}
2598 pub type PSYSDBG_LIVEDUMP_CONTROL_ADDPAGES = *mut SYSDBG_LIVEDUMP_CONTROL_ADDPAGES;
2599 pub const SYSDBG_LIVEDUMP_CONTROL_VERSION: ULONG = 1;
2600 STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL {
2601 Version: ULONG,
2602 BugCheckCode: ULONG,
2603 BugCheckParam1: ULONG_PTR,
2604 BugCheckParam2: ULONG_PTR,
2605 BugCheckParam3: ULONG_PTR,
2606 BugCheckParam4: ULONG_PTR,
2607 DumpFileHandle: HANDLE,
2608 CancelEventHandle: HANDLE,
2609 Flags: SYSDBG_LIVEDUMP_CONTROL_FLAGS,
2610 AddPagesControl: SYSDBG_LIVEDUMP_CONTROL_ADDPAGES,
2611 }}
2612 pub type PSYSDBG_LIVEDUMP_CONTROL = *mut SYSDBG_LIVEDUMP_CONTROL;
2613 EXTERN!{extern "system" {
2614 fn NtSystemDebugControl(
2615 Command: SYSDBG_COMMAND,
2616 InputBuffer: PVOID,
2617 InputBufferLength: ULONG,
2618 OutputBuffer: PVOID,
2619 OutputBufferLength: ULONG,
2620 ReturnLength: PULONG,
2621 ) -> NTSTATUS;
2622 }}
2623 ENUM!{enum HARDERROR_RESPONSE_OPTION {
2624 OptionAbortRetryIgnore = 0,
2625 OptionOk = 1,
2626 OptionOkCancel = 2,
2627 OptionRetryCancel = 3,
2628 OptionYesNo = 4,
2629 OptionYesNoCancel = 5,
2630 OptionShutdownSystem = 6,
2631 OptionOkNoWait = 7,
2632 OptionCancelTryContinue = 8,
2633 }}
2634 ENUM!{enum HARDERROR_RESPONSE {
2635 ResponseReturnToCaller = 0,
2636 ResponseNotHandled = 1,
2637 ResponseAbort = 2,
2638 ResponseCancel = 3,
2639 ResponseIgnore = 4,
2640 ResponseNo = 5,
2641 ResponseOk = 6,
2642 ResponseRetry = 7,
2643 ResponseYes = 8,
2644 ResponseTryAgain = 9,
2645 ResponseContinue = 10,
2646 }}
2647 pub const HARDERROR_OVERRIDE_ERRORMODE: ULONG = 0x10000000;
2648 EXTERN!{extern "system" {
2649 fn NtRaiseHardError(
2650 ErrorStatus: NTSTATUS,
2651 NumberOfParameters: ULONG,
2652 UnicodeStringParameterMask: ULONG,
2653 Parameters: PULONG_PTR,
2654 ValidResponseOptions: ULONG,
2655 Response: PULONG,
2656 ) -> NTSTATUS;
2657 }}
2658 ENUM!{enum ALTERNATIVE_ARCHITECTURE_TYPE {
2659 StandardDesign = 0,
2660 NEC98x86 = 1,
2661 EndAlternatives = 2,
2662 }}
2663 pub const PROCESSOR_FEATURE_MAX: usize = 64;
2664 pub const MAX_WOW64_SHARED_ENTRIES: u32 = 16;
2665 pub const NX_SUPPORT_POLICY_ALWAYSOFF: u32 = 0;
2666 pub const NX_SUPPORT_POLICY_ALWAYSON: u32 = 1;
2667 pub const NX_SUPPORT_POLICY_OPTIN: u32 = 2;
2668 pub const NX_SUPPORT_POLICY_OPTOUT: u32 = 3;
2669 UNION!{union KUSER_SHARED_DATA_u {
2670 TickCount: KSYSTEM_TIME,
2671 TickCountQuad: ULONG64,
2672 ReservedTickCountOverlay: [ULONG; 3],
2673 }}
2674 STRUCT!{#[repr(packed(4))] struct KUSER_SHARED_DATA {
2675 TickCountLowDeprecated: ULONG,
2676 TickCountMultiplier: ULONG,
2677 InterruptTime: KSYSTEM_TIME,
2678 SystemTime: KSYSTEM_TIME,
2679 TimeZoneBias: KSYSTEM_TIME,
2680 ImageNumberLow: USHORT,
2681 ImageNumberHigh: USHORT,
2682 NtSystemRoot: [WCHAR; 260],
2683 MaxStackTraceDepth: ULONG,
2684 CryptoExponent: ULONG,
2685 TimeZoneId: ULONG,
2686 LargePageMinimum: ULONG,
2687 AitSamplingValue: ULONG,
2688 AppCompatFlag: ULONG,
2689 RNGSeedVersion: ULONGLONG,
2690 GlobalValidationRunlevel: ULONG,
2691 TimeZoneBiasStamp: LONG,
2692 NtBuildNumber: ULONG,
2693 NtProductType: NT_PRODUCT_TYPE,
2694 ProductTypeIsValid: BOOLEAN,
2695 Reserved0: [UCHAR; 1],
2696 NativeProcessorArchitecture: USHORT,
2697 NtMajorVersion: ULONG,
2698 NtMinorVersion: ULONG,
2699 ProcessorFeatures: [BOOLEAN; PROCESSOR_FEATURE_MAX],
2700 Reserved1: ULONG,
2701 Reserved3: ULONG,
2702 TimeSlip: ULONG,
2703 AlternativeArchitecture: ALTERNATIVE_ARCHITECTURE_TYPE,
2704 BootId: ULONG,
2705 SystemExpirationDate: LARGE_INTEGER,
2706 SuiteMask: ULONG,
2707 KdDebuggerEnabled: BOOLEAN,
2708 MitigationPolicies: UCHAR,
2709 Reserved6: [UCHAR; 2],
2710 ActiveConsoleId: ULONG,
2711 DismountCount: ULONG,
2712 ComPlusPackage: ULONG,
2713 LastSystemRITEventTickCount: ULONG,
2714 NumberOfPhysicalPages: ULONG,
2715 SafeBootMode: BOOLEAN,
2716 VirtualizationFlags: UCHAR,
2717 Reserved12: [UCHAR; 2],
2718 SharedDataFlags: ULONG,
2719 DataFlagsPad: [ULONG; 1],
2720 TestRetInstruction: ULONGLONG,
2721 QpcFrequency: LONGLONG,
2722 SystemCall: ULONG,
2723 SystemCallPad0: ULONG,
2724 SystemCallPad: [ULONGLONG; 2],
2725 u: KUSER_SHARED_DATA_u,
2726 //TickCountPad: [ULONG; 1],
2727 Cookie: ULONG,
2728 CookiePad: [ULONG; 1],
2729 ConsoleSessionForegroundProcessId: LONGLONG,
2730 TimeUpdateLock: ULONGLONG,
2731 BaselineSystemTimeQpc: ULONGLONG,
2732 BaselineInterruptTimeQpc: ULONGLONG,
2733 QpcSystemTimeIncrement: ULONGLONG,
2734 QpcInterruptTimeIncrement: ULONGLONG,
2735 QpcSystemTimeIncrementShift: UCHAR,
2736 QpcInterruptTimeIncrementShift: UCHAR,
2737 UnparkedProcessorCount: USHORT,
2738 EnclaveFeatureMask: [ULONG; 4],
2739 TelemetryCoverageRound: ULONG,
2740 UserModeGlobalLogger: [USHORT; 16],
2741 ImageFileExecutionOptions: ULONG,
2742 LangGenerationCount: ULONG,
2743 Reserved4: ULONGLONG,
2744 InterruptTimeBias: ULONG64,
2745 QpcBias: ULONG64,
2746 ActiveProcessorCount: ULONG,
2747 ActiveGroupCount: UCHAR,
2748 Reserved9: UCHAR,
2749 QpcData: UCHAR,
2750 TimeZoneBiasEffectiveStart: LARGE_INTEGER,
2751 TimeZoneBiasEffectiveEnd: LARGE_INTEGER,
2752 XState: XSTATE_CONFIGURATION,
2753 }}
2754 BITFIELD!{KUSER_SHARED_DATA MitigationPolicies: UCHAR [
2755 NXSupportPolicy set_NXSupportPolicy[0..2],
2756 SEHValidationPolicy set_SEHValidationPolicy[2..4],
2757 CurDirDevicesSkippedForDlls set_CurDirDevicesSkippedForDlls[4..6],
2758 Reserved set_Reserved[6..8],
2759 ]}
2760 BITFIELD!{KUSER_SHARED_DATA SharedDataFlags: ULONG [
2761 DbgErrorPortPresent set_DbgErrorPortPresent[0..1],
2762 DbgElevationEnabled set_DbgElevationEnabled[1..2],
2763 DbgVirtEnabled set_DbgVirtEnabled[2..3],
2764 DbgInstallerDetectEnabled set_DbgInstallerDetectEnabled[3..4],
2765 DbgLkgEnabled set_DbgLkgEnabled[4..5],
2766 DbgDynProcessorEnabled set_DbgDynProcessorEnabled[5..6],
2767 DbgConsoleBrokerEnabled set_DbgConsoleBrokerEnabled[6..7],
2768 DbgSecureBootEnabled set_DbgSecureBootEnabled[7..8],
2769 DbgMultiSessionSku set_DbgMultiSessionSku[8..9],
2770 DbgMultiUsersInSessionSku set_DbgMultiUsersInSessionSku[9..10],
2771 DbgStateSeparationEnabled set_DbgStateSeparationEnabled[10..11],
2772 SpareBits set_SpareBits[11..32],
2773 ]}
2774 BITFIELD!{KUSER_SHARED_DATA QpcData: UCHAR [
2775 QpcBypassEnabled set_QpcBypassEnabled[0..1],
2776 QpcShift set_QpcShift[1..2],
2777 ]}
2778 pub type PKUSER_SHARED_DATA = *mut KUSER_SHARED_DATA;
2779 pub const USER_SHARED_DATA: *const KUSER_SHARED_DATA = 0x7ffe0000 as *const _;
2780 #[inline]
NtGetTickCount64() -> ULONGLONG2781 pub unsafe fn NtGetTickCount64() -> ULONGLONG {
2782 #[allow(deprecated)] //fixme
2783 let mut tick_count: ULARGE_INTEGER = uninitialized();
2784 #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))] {
2785 *tick_count.QuadPart_mut() = read_volatile(&(*USER_SHARED_DATA).u.TickCountQuad);
2786 }
2787 #[cfg(target_arch = "x86")] {
2788 loop {
2789 tick_count.s_mut().HighPart =
2790 read_volatile(&(*USER_SHARED_DATA).u.TickCount.High1Time) as u32;
2791 tick_count.s_mut().LowPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.LowPart);
2792 if tick_count.s().HighPart == read_volatile(&(*USER_SHARED_DATA).u.TickCount.High2Time)
2793 as u32
2794 {
2795 break;
2796 }
2797 spin_loop_hint();
2798 }
2799 }
2800 (UInt32x32To64(tick_count.s().LowPart, (*USER_SHARED_DATA).TickCountMultiplier) >> 24)
2801 + (UInt32x32To64(
2802 tick_count.s().HighPart as u32,
2803 (*USER_SHARED_DATA).TickCountMultiplier,
2804 ) << 8)
2805 }
2806 #[inline]
NtGetTickCount() -> ULONG2807 pub unsafe fn NtGetTickCount() -> ULONG {
2808 #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))] {
2809 ((read_volatile(&(*USER_SHARED_DATA).u.TickCountQuad)
2810 * (*USER_SHARED_DATA).TickCountMultiplier as u64) >> 24) as u32
2811 }
2812 #[cfg(target_arch = "x86")] {
2813 #[allow(deprecated)] //fixme
2814 let mut tick_count: ULARGE_INTEGER = uninitialized();
2815 loop {
2816 tick_count.s_mut().HighPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.High1Time)
2817 as u32;
2818 tick_count.s_mut().LowPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.LowPart);
2819 if tick_count.s().HighPart == read_volatile(&(*USER_SHARED_DATA).u.TickCount.High2Time)
2820 as u32
2821 {
2822 break;
2823 }
2824 spin_loop_hint();
2825 }
2826 ((UInt32x32To64(tick_count.s().LowPart, (*USER_SHARED_DATA).TickCountMultiplier) >> 24)
2827 + UInt32x32To64(
2828 (tick_count.s().HighPart as u32) << 8,
2829 (*USER_SHARED_DATA).TickCountMultiplier,
2830 )) as u32
2831 }
2832 }
2833 EXTERN!{extern "system" {
2834 fn NtQueryDefaultLocale(
2835 UserProfile: BOOLEAN,
2836 DefaultLocaleId: PLCID,
2837 ) -> NTSTATUS;
2838 fn NtSetDefaultLocale(
2839 UserProfile: BOOLEAN,
2840 DefaultLocaleId: LCID,
2841 ) -> NTSTATUS;
2842 fn NtQueryInstallUILanguage(
2843 InstallUILanguageId: *mut LANGID,
2844 ) -> NTSTATUS;
2845 fn NtFlushInstallUILanguage(
2846 InstallUILanguage: LANGID,
2847 SetComittedFlag: ULONG,
2848 ) -> NTSTATUS;
2849 fn NtQueryDefaultUILanguage(
2850 DefaultUILanguageId: *mut LANGID,
2851 ) -> NTSTATUS;
2852 fn NtSetDefaultUILanguage(
2853 DefaultUILanguageId: LANGID,
2854 ) -> NTSTATUS;
2855 fn NtIsUILanguageComitted() -> NTSTATUS;
2856 fn NtInitializeNlsFiles(
2857 BaseAddress: *mut PVOID,
2858 DefaultLocaleId: PLCID,
2859 DefaultCasingTableSize: PLARGE_INTEGER,
2860 ) -> NTSTATUS;
2861 fn NtGetNlsSectionPtr(
2862 SectionType: ULONG,
2863 SectionData: ULONG,
2864 ContextData: PVOID,
2865 SectionPointer: *mut PVOID,
2866 SectionSize: PULONG,
2867 ) -> NTSTATUS;
2868 fn NtMapCMFModule(
2869 What: ULONG,
2870 Index: ULONG,
2871 CacheIndexOut: PULONG,
2872 CacheFlagsOut: PULONG,
2873 ViewSizeOut: PULONG,
2874 BaseAddress: *mut PVOID,
2875 ) -> NTSTATUS;
2876 fn NtGetMUIRegistryInfo(
2877 Flags: ULONG,
2878 DataSize: PULONG,
2879 Data: PVOID,
2880 ) -> NTSTATUS;
2881 fn NtAddAtom(
2882 AtomName: PWSTR,
2883 Length: ULONG,
2884 Atom: PRTL_ATOM,
2885 ) -> NTSTATUS;
2886 }}
2887 pub const ATOM_FLAG_GLOBAL: ULONG = 0x2;
2888 EXTERN!{extern "system" {
2889 fn NtAddAtomEx(
2890 AtomName: PWSTR,
2891 Length: ULONG,
2892 Atom: PRTL_ATOM,
2893 Flags: ULONG,
2894 ) -> NTSTATUS;
2895 fn NtFindAtom(
2896 AtomName: PWSTR,
2897 Length: ULONG,
2898 Atom: PRTL_ATOM,
2899 ) -> NTSTATUS;
2900 fn NtDeleteAtom(
2901 Atom: RTL_ATOM,
2902 ) -> NTSTATUS;
2903 }}
2904 ENUM!{enum ATOM_INFORMATION_CLASS {
2905 AtomBasicInformation = 0,
2906 AtomTableInformation = 1,
2907 }}
2908 STRUCT!{struct ATOM_BASIC_INFORMATION {
2909 UsageCount: USHORT,
2910 Flags: USHORT,
2911 NameLength: USHORT,
2912 Name: [WCHAR; 1],
2913 }}
2914 pub type PATOM_BASIC_INFORMATION = *mut ATOM_BASIC_INFORMATION;
2915 STRUCT!{struct ATOM_TABLE_INFORMATION {
2916 NumberOfAtoms: ULONG,
2917 Atoms: [RTL_ATOM; 1],
2918 }}
2919 pub type PATOM_TABLE_INFORMATION = *mut ATOM_TABLE_INFORMATION;
2920 EXTERN!{extern "system" {
2921 fn NtQueryInformationAtom(
2922 Atom: RTL_ATOM,
2923 AtomInformationClass: ATOM_INFORMATION_CLASS,
2924 AtomInformation: PVOID,
2925 AtomInformationLength: ULONG,
2926 ReturnLength: PULONG,
2927 ) -> NTSTATUS;
2928 }}
2929 pub const FLG_STOP_ON_EXCEPTION: u32 = 0x00000001;
2930 pub const FLG_SHOW_LDR_SNAPS: u32 = 0x00000002;
2931 pub const FLG_DEBUG_INITIAL_COMMAND: u32 = 0x00000004;
2932 pub const FLG_STOP_ON_HUNG_GUI: u32 = 0x00000008;
2933 pub const FLG_HEAP_ENABLE_TAIL_CHECK: u32 = 0x00000010;
2934 pub const FLG_HEAP_ENABLE_FREE_CHECK: u32 = 0x00000020;
2935 pub const FLG_HEAP_VALIDATE_PARAMETERS: u32 = 0x00000040;
2936 pub const FLG_HEAP_VALIDATE_ALL: u32 = 0x00000080;
2937 pub const FLG_APPLICATION_VERIFIER: u32 = 0x00000100;
2938 pub const FLG_POOL_ENABLE_TAGGING: u32 = 0x00000400;
2939 pub const FLG_HEAP_ENABLE_TAGGING: u32 = 0x00000800;
2940 pub const FLG_USER_STACK_TRACE_DB: u32 = 0x00001000;
2941 pub const FLG_KERNEL_STACK_TRACE_DB: u32 = 0x00002000;
2942 pub const FLG_MAINTAIN_OBJECT_TYPELIST: u32 = 0x00004000;
2943 pub const FLG_HEAP_ENABLE_TAG_BY_DLL: u32 = 0x00008000;
2944 pub const FLG_DISABLE_STACK_EXTENSION: u32 = 0x00010000;
2945 pub const FLG_ENABLE_CSRDEBUG: u32 = 0x00020000;
2946 pub const FLG_ENABLE_KDEBUG_SYMBOL_LOAD: u32 = 0x00040000;
2947 pub const FLG_DISABLE_PAGE_KERNEL_STACKS: u32 = 0x00080000;
2948 pub const FLG_ENABLE_SYSTEM_CRIT_BREAKS: u32 = 0x00100000;
2949 pub const FLG_HEAP_DISABLE_COALESCING: u32 = 0x00200000;
2950 pub const FLG_ENABLE_CLOSE_EXCEPTIONS: u32 = 0x00400000;
2951 pub const FLG_ENABLE_EXCEPTION_LOGGING: u32 = 0x00800000;
2952 pub const FLG_ENABLE_HANDLE_TYPE_TAGGING: u32 = 0x01000000;
2953 pub const FLG_HEAP_PAGE_ALLOCS: u32 = 0x02000000;
2954 pub const FLG_DEBUG_INITIAL_COMMAND_EX: u32 = 0x04000000;
2955 pub const FLG_DISABLE_DBGPRINT: u32 = 0x08000000;
2956 pub const FLG_CRITSEC_EVENT_CREATION: u32 = 0x10000000;
2957 pub const FLG_LDR_TOP_DOWN: u32 = 0x20000000;
2958 pub const FLG_ENABLE_HANDLE_EXCEPTIONS: u32 = 0x40000000;
2959 pub const FLG_DISABLE_PROTDLLS: u32 = 0x80000000;
2960 pub const FLG_VALID_BITS: u32 = 0xfffffdff;
2961 pub const FLG_USERMODE_VALID_BITS: u32 = FLG_STOP_ON_EXCEPTION | FLG_SHOW_LDR_SNAPS
2962 | FLG_HEAP_ENABLE_TAIL_CHECK | FLG_HEAP_ENABLE_FREE_CHECK | FLG_HEAP_VALIDATE_PARAMETERS
2963 | FLG_HEAP_VALIDATE_ALL | FLG_APPLICATION_VERIFIER | FLG_HEAP_ENABLE_TAGGING
2964 | FLG_USER_STACK_TRACE_DB | FLG_HEAP_ENABLE_TAG_BY_DLL | FLG_DISABLE_STACK_EXTENSION
2965 | FLG_ENABLE_SYSTEM_CRIT_BREAKS | FLG_HEAP_DISABLE_COALESCING | FLG_DISABLE_PROTDLLS
2966 | FLG_HEAP_PAGE_ALLOCS | FLG_CRITSEC_EVENT_CREATION | FLG_LDR_TOP_DOWN;
2967 pub const FLG_BOOTONLY_VALID_BITS: u32 = FLG_KERNEL_STACK_TRACE_DB | FLG_MAINTAIN_OBJECT_TYPELIST
2968 | FLG_ENABLE_CSRDEBUG | FLG_DEBUG_INITIAL_COMMAND | FLG_DEBUG_INITIAL_COMMAND_EX
2969 | FLG_DISABLE_PAGE_KERNEL_STACKS;
2970 pub const FLG_KERNELMODE_VALID_BITS: u32 = FLG_STOP_ON_EXCEPTION | FLG_SHOW_LDR_SNAPS
2971 | FLG_STOP_ON_HUNG_GUI | FLG_POOL_ENABLE_TAGGING | FLG_ENABLE_KDEBUG_SYMBOL_LOAD
2972 | FLG_ENABLE_CLOSE_EXCEPTIONS | FLG_ENABLE_EXCEPTION_LOGGING | FLG_ENABLE_HANDLE_TYPE_TAGGING
2973 | FLG_DISABLE_DBGPRINT | FLG_ENABLE_HANDLE_EXCEPTIONS;
2974 EXTERN!{extern "system" {
2975 fn NtQueryLicenseValue(
2976 ValueName: PUNICODE_STRING,
2977 Type: PULONG,
2978 Data: PVOID,
2979 DataSize: ULONG,
2980 ResultDataSize: PULONG,
2981 ) -> NTSTATUS;
2982 fn NtSetDefaultHardErrorPort(
2983 DefaultHardErrorPort: HANDLE,
2984 ) -> NTSTATUS;
2985 }}
2986 ENUM!{enum SHUTDOWN_ACTION {
2987 ShutdownNoReboot = 0,
2988 ShutdownReboot = 1,
2989 ShutdownPowerOff = 2,
2990 }}
2991 EXTERN!{extern "system" {
2992 fn NtShutdownSystem(
2993 Action: SHUTDOWN_ACTION,
2994 ) -> NTSTATUS;
2995 fn NtDisplayString(
2996 String: PUNICODE_STRING,
2997 ) -> NTSTATUS;
2998 fn NtDrawText(
2999 Text: PUNICODE_STRING,
3000 ) -> NTSTATUS;
3001 }}
3002