1{%MainUnit ndk.pas}
2{
3    Native Development Kit for Native NT
4
5    This file is part of the Free Pascal run time library.
6    This units contains PEB and TEB structures used by NT
7    Copyright (c) 2010 by Sven Barth
8
9    See the file COPYING.FPC, included in this distribution,
10    for details about the copyright.
11
12    This program is distributed in the hope that it will be useful,
13    but WITHOUT ANY WARRANTY; without even the implied warranty of
14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
15
16 **********************************************************************}
17
18const
19  GDI_HANDLE_BUFFER_SIZE_32 = 34;
20  GDI_HANDLE_BUFFER_SIZE_64 = 60;
21{$ifdef cpu64}
22  GDI_HANDLE_BUFFER_SIZE = GDI_HANDLE_BUFFER_SIZE_64;
23{$else}
24  GDI_HANDLE_BUFFER_SIZE = GDI_HANDLE_BUFFER_SIZE_32;
25{$endif}
26
27{ TODO : add bitness specific records }
28{ TODO : add OS version specific records }
29{ TODO : define remaining types }
30
31type
32  { The PEB comes in three flavors: the platform dependant one, the 32 bit one
33    and the 64 bit one. Only the first one should be used by natve processes.
34    The others are needed if one e.g. wants to examine the PEB of a 32 bit
35    process on a 64 bit system.
36  }
37
38  _PEB = packed record
39      InheritedAddressSpace: NT_BOOLEAN;
40      ReadImageFileExecOptions: NT_BOOLEAN;
41      BeingDebugged: NT_BOOLEAN;
42(*  #if (NTDDI_VERSION >= NTDDI_WS03)
43      union
44      {
45          BOOLEAN BitField;
46          struct
47          {
48              BOOLEAN ImageUsesLargePages:1;
49  #if (NTDDI_VERSION >= NTDDI_LONGHORN)
50              BOOLEAN IsProtectedProcess:1;
51              BOOLEAN IsLegacyProcess:1;
52              BOOLEAN IsImageDynamicallyRelocated:1;
53              BOOLEAN SkipPatchingUser32Forwarders:1;
54              BOOLEAN SpareBits:3;
55  #else
56              BOOLEAN SpareBits:7;
57  #endif
58          };
59      };
60  #else*)
61      SpareBool: NT_BOOLEAN;
62//  #endif
63      Mutant: PHANDLE;
64      ImageBaseAddress: PVOID;
65      Ldr: Pointer;//PPEB_LDR_DATA;
66      ProcessParameters: PRTL_USER_PROCESS_PARAMETERS;
67      SubSystemData: PVOID;
68      ProcessHeap: PVOID;
69      FastPebLock: Pointer; //PRTL_CRITICAL_SECTION;
70(*  #if (NTDDI_VERSION >= NTDDI_LONGHORN)
71      PTR(PVOID) AltThunkSListPtr;
72      PTR(PVOID) IFEOKey;
73      union
74      {
75          ULONG CrossProcessFlags;
76          struct
77          {
78              ULONG ProcessInJob:1;
79              ULONG ProcessInitializing:1;
80              ULONG ProcessUsingVEH:1;
81              ULONG ProcessUsingVCH:1;
82              ULONG ReservedBits0:28;
83          };
84      };
85      union
86      {
87          PTR(PVOID) KernelCallbackTable;
88          PTR(PVOID) UserSharedInfoPtr;
89      };
90  #elif (NTDDI_VERSION >= NTDDI_WS03)
91      PTR(PVOID) AltThunkSListPtr;
92      PTR(PVOID) SparePtr2;
93      ULONG EnvironmentUpdateCount;
94      PTR(PVOID) KernelCallbackTable;
95  #else*)
96      FastPebLockRoutine: Pointer; //PPEBLOCKROUTINE;
97      FastPebUnlockRoutine: Pointer; //PPEBLOCKROUTINE;
98      EnvironmentUpdateCount: ULONG;
99      KernelCallbackTable: PVOID;
100//  #endif
101      SystemReserved: array[0..0] of ULONG;
102      SpareUlong: ULONG; // AtlThunkSListPtr32
103      FreeList: Pointer; //PPEB_FREE_BLOCK;
104      TlsExpansionCounter: ULONG;
105      TlsBitmap: PVOID;
106      TlsBitmapBits: array[0..1] of ULONG;
107      ReadOnlySharedMemoryBase: PVOID;
108(*  #if (NTDDI_VERSION >= NTDDI_LONGHORN)
109      PTR(PVOID) HotpatchInformation;
110  #else*)
111      ReadOnlySharedMemoryHeap: PVOID;
112//  #endif
113      ReadOnlyStaticServerData: PPVOID;
114      AnsiCodePageData: PVOID;
115      OemCodePageData: PVOID;
116      UnicodeCaseTableData: PVOID;
117      NumberOfProcessors: ULONG;
118      NtGlobalFlag: ULONG;
119      CriticalSectionTimeout: LARGE_INTEGER;
120      HeapSegmentReserve: ULONG_PTR;
121      HeapSegmentCommit: ULONG_PTR;
122      HeapDeCommitTotalFreeThreshold: ULONG_PTR;
123      HeapDeCommitFreeBlockThreshold: ULONG_PTR;
124      NumberOfHeaps: ULONG;
125      MaximumNumberOfHeaps: ULONG;
126      ProcessHeaps: PPVOID;
127      GdiSharedHandleTable: PVOID;
128      ProcessStarterHelper: PVOID;
129      GdiDCAttributeList: ULONG;
130      LoaderLock: Pointer; //PRTL_CRITICAL_SECTION;
131      OSMajorVersion: ULONG;
132      OSMinorVersion: ULONG;
133      OSBuildNumber: USHORT;
134      OSCSDVersion: USHORT;
135      OSPlatformId: ULONG;
136      ImageSubsystem: ULONG;
137      ImageSubsystemMajorVersion: ULONG;
138      ImageSubsystemMinorVersion: ULONG;
139      ImageProcessAffinityMask: ULONG_PTR;
140      GdiHandleBuffer: array[0..GDI_HANDLE_BUFFER_SIZE-1] of ULONG;
141      PostProcessInitRoutine: Pointer; //PPOST_PROCESS_INIT_ROUTINE;
142      TlsExpansionBitmap: PVOID;
143      TlsExpansionBitmapBits: array[0..31] of ULONG;
144      SessionId: ULONG;
145{  #if (NTDDI_VERSION >= NTDDI_WINXP)
146      ULARGE_INTEGER AppCompatFlags;
147      ULARGE_INTEGER AppCompatFlagsUser;
148      PTR(PVOID) pShimData;
149      PTR(PVOID) AppCompatInfo;
150      STRUCT(UNICODE_STRING) CSDVersion;
151      PTR(struct _ACTIVATION_CONTEXT_DATA*) ActivationContextData;
152      PTR(struct _ASSEMBLY_STORAGE_MAP*) ProcessAssemblyStorageMap;
153      PTR(struct _ACTIVATION_CONTEXT_DATA*) SystemDefaultActivationContextData;
154      PTR(struct _ASSEMBLY_STORAGE_MAP*) SystemAssemblyStorageMap;
155      PTR(ULONG_PTR) MinimumStackCommit;
156  #endif
157  #if (NTDDI_VERSION >= NTDDI_WS03)
158      PTR(PVOID*) FlsCallback;
159      STRUCT(LIST_ENTRY) FlsListHead;
160      PTR(PVOID) FlsBitmap;
161      ULONG FlsBitmapBits[4];
162      ULONG FlsHighIndex;
163  #endif
164  #if (NTDDI_VERSION >= NTDDI_LONGHORN)
165      PTR(PVOID) WerRegistrationData;
166      PTR(PVOID) WerShipAssertPtr;
167  #endif}
168  end;
169  PEB = _PEB;
170  PPEB = ^PEB;
171
172