ReactOS Fundraising Campaign 2012
 
€ 11,198 / € 30,000

Information | Donate

Home | Info | Community | Development | myReactOS | Contact Us

  1. Home
  2. Community
  3. Development
  4. myReactOS
  5. Fundraiser 2012

  1. Main Page
  2. Alphabetical List
  3. Data Structures
  4. Directories
  5. File List
  6. Data Fields
  7. Globals
  8. Related Pages

ReactOS Development > Doxygen

ntifs.h
Go to the documentation of this file.
00001 /*
00002  * ntifs.h
00003  *
00004  * Windows NT Filesystem Driver Developer Kit
00005  *
00006  * This file is part of the ReactOS DDK package.
00007  *
00008  * Contributors:
00009  *   Amine Khaldi
00010  *   Timo Kreuzer (timo.kreuzer@reactos.org)
00011  *
00012  * THIS SOFTWARE IS NOT COPYRIGHTED
00013  *
00014  * This source code is offered for use in the public domain. You may
00015  * use, modify or distribute it freely.
00016  *
00017  * This code is distributed in the hope that it will be useful but
00018  * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
00019  * DISCLAIMED. This includes but is not limited to warranties of
00020  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
00021  *
00022  */
00023 
00024 #pragma once
00025 
00026 #define _NTIFS_INCLUDED_
00027 #define _GNU_NTIFS_
00028 
00029 #ifdef __cplusplus
00030 extern "C" {
00031 #endif
00032 
00033 /* Dependencies */
00034 #include <ntddk.h>
00035 #include <excpt.h>
00036 #include <ntdef.h>
00037 #include <ntnls.h>
00038 #include <ntstatus.h>
00039 #include <bugcodes.h>
00040 #include <ntiologc.h>
00041 
00042 
00043 #ifndef FlagOn
00044 #define FlagOn(_F,_SF)        ((_F) & (_SF))
00045 #endif
00046 
00047 #ifndef BooleanFlagOn
00048 #define BooleanFlagOn(F,SF)   ((BOOLEAN)(((F) & (SF)) != 0))
00049 #endif
00050 
00051 #ifndef SetFlag
00052 #define SetFlag(_F,_SF)       ((_F) |= (_SF))
00053 #endif
00054 
00055 #ifndef ClearFlag
00056 #define ClearFlag(_F,_SF)     ((_F) &= ~(_SF))
00057 #endif
00058 
00059 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
00060 typedef STRING LSA_STRING, *PLSA_STRING;
00061 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
00062 
00063 /******************************************************************************
00064  *                            Security Manager Types                          *
00065  ******************************************************************************/
00066 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
00067 #define SID_IDENTIFIER_AUTHORITY_DEFINED
00068 typedef struct _SID_IDENTIFIER_AUTHORITY {
00069   UCHAR Value[6];
00070 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
00071 #endif
00072 
00073 #ifndef SID_DEFINED
00074 #define SID_DEFINED
00075 typedef struct _SID {
00076   UCHAR Revision;
00077   UCHAR SubAuthorityCount;
00078   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
00079 #ifdef MIDL_PASS
00080   [size_is(SubAuthorityCount)] ULONG SubAuthority[*];
00081 #else
00082   ULONG SubAuthority[ANYSIZE_ARRAY];
00083 #endif
00084 } SID, *PISID;
00085 #endif
00086 
00087 #define SID_REVISION                    1
00088 #define SID_MAX_SUB_AUTHORITIES         15
00089 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
00090 
00091 #ifndef MIDL_PASS
00092 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
00093 #endif
00094 
00095 typedef enum _SID_NAME_USE {
00096   SidTypeUser = 1,
00097   SidTypeGroup,
00098   SidTypeDomain,
00099   SidTypeAlias,
00100   SidTypeWellKnownGroup,
00101   SidTypeDeletedAccount,
00102   SidTypeInvalid,
00103   SidTypeUnknown,
00104   SidTypeComputer,
00105   SidTypeLabel
00106 } SID_NAME_USE, *PSID_NAME_USE;
00107 
00108 typedef struct _SID_AND_ATTRIBUTES {
00109 #ifdef MIDL_PASS
00110   PISID Sid;
00111 #else
00112   PSID Sid;
00113 #endif
00114   ULONG Attributes;
00115 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
00116 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
00117 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
00118 
00119 #define SID_HASH_SIZE 32
00120 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
00121 
00122 typedef struct _SID_AND_ATTRIBUTES_HASH {
00123   ULONG SidCount;
00124   PSID_AND_ATTRIBUTES SidAttr;
00125   SID_HASH_ENTRY Hash[SID_HASH_SIZE];
00126 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
00127 
00128 /* Universal well-known SIDs */
00129 
00130 #define SECURITY_NULL_SID_AUTHORITY         {0,0,0,0,0,0}
00131 #define SECURITY_WORLD_SID_AUTHORITY        {0,0,0,0,0,1}
00132 #define SECURITY_LOCAL_SID_AUTHORITY        {0,0,0,0,0,2}
00133 #define SECURITY_CREATOR_SID_AUTHORITY      {0,0,0,0,0,3}
00134 #define SECURITY_NON_UNIQUE_AUTHORITY       {0,0,0,0,0,4}
00135 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
00136 
00137 #define SECURITY_NULL_RID                 (0x00000000L)
00138 #define SECURITY_WORLD_RID                (0x00000000L)
00139 #define SECURITY_LOCAL_RID                (0x00000000L)
00140 #define SECURITY_LOCAL_LOGON_RID          (0x00000001L)
00141 
00142 #define SECURITY_CREATOR_OWNER_RID        (0x00000000L)
00143 #define SECURITY_CREATOR_GROUP_RID        (0x00000001L)
00144 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
00145 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
00146 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
00147 
00148 /* NT well-known SIDs */
00149 
00150 #define SECURITY_NT_AUTHORITY           {0,0,0,0,0,5}
00151 
00152 #define SECURITY_DIALUP_RID             (0x00000001L)
00153 #define SECURITY_NETWORK_RID            (0x00000002L)
00154 #define SECURITY_BATCH_RID              (0x00000003L)
00155 #define SECURITY_INTERACTIVE_RID        (0x00000004L)
00156 #define SECURITY_LOGON_IDS_RID          (0x00000005L)
00157 #define SECURITY_LOGON_IDS_RID_COUNT    (3L)
00158 #define SECURITY_SERVICE_RID            (0x00000006L)
00159 #define SECURITY_ANONYMOUS_LOGON_RID    (0x00000007L)
00160 #define SECURITY_PROXY_RID              (0x00000008L)
00161 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
00162 #define SECURITY_SERVER_LOGON_RID       SECURITY_ENTERPRISE_CONTROLLERS_RID
00163 #define SECURITY_PRINCIPAL_SELF_RID     (0x0000000AL)
00164 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
00165 #define SECURITY_RESTRICTED_CODE_RID    (0x0000000CL)
00166 #define SECURITY_TERMINAL_SERVER_RID    (0x0000000DL)
00167 #define SECURITY_REMOTE_LOGON_RID       (0x0000000EL)
00168 #define SECURITY_THIS_ORGANIZATION_RID  (0x0000000FL)
00169 #define SECURITY_IUSER_RID              (0x00000011L)
00170 #define SECURITY_LOCAL_SYSTEM_RID       (0x00000012L)
00171 #define SECURITY_LOCAL_SERVICE_RID      (0x00000013L)
00172 #define SECURITY_NETWORK_SERVICE_RID    (0x00000014L)
00173 #define SECURITY_NT_NON_UNIQUE          (0x00000015L)
00174 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT  (3L)
00175 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
00176 
00177 #define SECURITY_BUILTIN_DOMAIN_RID     (0x00000020L)
00178 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
00179 
00180 
00181 #define SECURITY_PACKAGE_BASE_RID       (0x00000040L)
00182 #define SECURITY_PACKAGE_RID_COUNT      (2L)
00183 #define SECURITY_PACKAGE_NTLM_RID       (0x0000000AL)
00184 #define SECURITY_PACKAGE_SCHANNEL_RID   (0x0000000EL)
00185 #define SECURITY_PACKAGE_DIGEST_RID     (0x00000015L)
00186 
00187 #define SECURITY_CRED_TYPE_BASE_RID             (0x00000041L)
00188 #define SECURITY_CRED_TYPE_RID_COUNT            (2L)
00189 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID    (0x00000001L)
00190 
00191 #define SECURITY_MIN_BASE_RID       (0x00000050L)
00192 #define SECURITY_SERVICE_ID_BASE_RID    (0x00000050L)
00193 #define SECURITY_SERVICE_ID_RID_COUNT   (6L)
00194 #define SECURITY_RESERVED_ID_BASE_RID   (0x00000051L)
00195 #define SECURITY_APPPOOL_ID_BASE_RID    (0x00000052L)
00196 #define SECURITY_APPPOOL_ID_RID_COUNT   (6L)
00197 #define SECURITY_VIRTUALSERVER_ID_BASE_RID    (0x00000053L)
00198 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT   (6L)
00199 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID  (0x00000054L)
00200 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
00201 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID  (0x00000055L)
00202 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
00203 #define SECURITY_WMIHOST_ID_BASE_RID  (0x00000056L)
00204 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
00205 #define SECURITY_TASK_ID_BASE_RID                 (0x00000057L)
00206 #define SECURITY_NFS_ID_BASE_RID        (0x00000058L)
00207 #define SECURITY_COM_ID_BASE_RID        (0x00000059L)
00208 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT   (6L)
00209 
00210 #define SECURITY_MAX_BASE_RID       (0x0000006FL)
00211 
00212 #define SECURITY_MAX_ALWAYS_FILTERED    (0x000003E7L)
00213 #define SECURITY_MIN_NEVER_FILTERED     (0x000003E8L)
00214 
00215 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
00216 
00217 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
00218 
00219 /* Well-known domain relative sub-authority values (RIDs) */
00220 
00221 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
00222 
00223 #define FOREST_USER_RID_MAX            (0x000001F3L)
00224 
00225 /* Well-known users */
00226 
00227 #define DOMAIN_USER_RID_ADMIN          (0x000001F4L)
00228 #define DOMAIN_USER_RID_GUEST          (0x000001F5L)
00229 #define DOMAIN_USER_RID_KRBTGT         (0x000001F6L)
00230 
00231 #define DOMAIN_USER_RID_MAX            (0x000003E7L)
00232 
00233 /* Well-known groups */
00234 
00235 #define DOMAIN_GROUP_RID_ADMINS               (0x00000200L)
00236 #define DOMAIN_GROUP_RID_USERS                (0x00000201L)
00237 #define DOMAIN_GROUP_RID_GUESTS               (0x00000202L)
00238 #define DOMAIN_GROUP_RID_COMPUTERS            (0x00000203L)
00239 #define DOMAIN_GROUP_RID_CONTROLLERS          (0x00000204L)
00240 #define DOMAIN_GROUP_RID_CERT_ADMINS          (0x00000205L)
00241 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS        (0x00000206L)
00242 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS    (0x00000207L)
00243 #define DOMAIN_GROUP_RID_POLICY_ADMINS        (0x00000208L)
00244 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
00245 
00246 /* Well-known aliases */
00247 
00248 #define DOMAIN_ALIAS_RID_ADMINS                         (0x00000220L)
00249 #define DOMAIN_ALIAS_RID_USERS                          (0x00000221L)
00250 #define DOMAIN_ALIAS_RID_GUESTS                         (0x00000222L)
00251 #define DOMAIN_ALIAS_RID_POWER_USERS                    (0x00000223L)
00252 
00253 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS                    (0x00000224L)
00254 #define DOMAIN_ALIAS_RID_SYSTEM_OPS                     (0x00000225L)
00255 #define DOMAIN_ALIAS_RID_PRINT_OPS                      (0x00000226L)
00256 #define DOMAIN_ALIAS_RID_BACKUP_OPS                     (0x00000227L)
00257 
00258 #define DOMAIN_ALIAS_RID_REPLICATOR                     (0x00000228L)
00259 #define DOMAIN_ALIAS_RID_RAS_SERVERS                    (0x00000229L)
00260 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS               (0x0000022AL)
00261 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS           (0x0000022BL)
00262 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS      (0x0000022CL)
00263 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
00264 
00265 #define DOMAIN_ALIAS_RID_MONITORING_USERS               (0x0000022EL)
00266 #define DOMAIN_ALIAS_RID_LOGGING_USERS                  (0x0000022FL)
00267 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS            (0x00000230L)
00268 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS             (0x00000231L)
00269 #define DOMAIN_ALIAS_RID_DCOM_USERS                     (0x00000232L)
00270 #define DOMAIN_ALIAS_RID_IUSERS                         (0x00000238L)
00271 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS               (0x00000239L)
00272 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP     (0x0000023BL)
00273 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
00274 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP        (0x0000023DL)
00275 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP      (0x0000023EL)
00276 
00277 #define SECURITY_MANDATORY_LABEL_AUTHORITY          {0,0,0,0,0,16}
00278 #define SECURITY_MANDATORY_UNTRUSTED_RID            (0x00000000L)
00279 #define SECURITY_MANDATORY_LOW_RID                  (0x00001000L)
00280 #define SECURITY_MANDATORY_MEDIUM_RID               (0x00002000L)
00281 #define SECURITY_MANDATORY_HIGH_RID                 (0x00003000L)
00282 #define SECURITY_MANDATORY_SYSTEM_RID               (0x00004000L)
00283 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID    (0x00005000L)
00284 
00285 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
00286    can be set by a usermode caller.*/
00287 
00288 #define SECURITY_MANDATORY_MAXIMUM_USER_RID   SECURITY_MANDATORY_SYSTEM_RID
00289 
00290 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
00291 
00292 /* Allocate the System Luid.  The first 1000 LUIDs are reserved.
00293    Use #999 here (0x3e7 = 999) */
00294 
00295 #define SYSTEM_LUID                     {0x3e7, 0x0}
00296 #define ANONYMOUS_LOGON_LUID            {0x3e6, 0x0}
00297 #define LOCALSERVICE_LUID               {0x3e5, 0x0}
00298 #define NETWORKSERVICE_LUID             {0x3e4, 0x0}
00299 #define IUSER_LUID                      {0x3e3, 0x0}
00300 
00301 typedef struct _ACE_HEADER {
00302   UCHAR AceType;
00303   UCHAR AceFlags;
00304   USHORT AceSize;
00305 } ACE_HEADER, *PACE_HEADER;
00306 
00307 /* also in winnt.h */
00308 #define ACCESS_MIN_MS_ACE_TYPE                  (0x0)
00309 #define ACCESS_ALLOWED_ACE_TYPE                 (0x0)
00310 #define ACCESS_DENIED_ACE_TYPE                  (0x1)
00311 #define SYSTEM_AUDIT_ACE_TYPE                   (0x2)
00312 #define SYSTEM_ALARM_ACE_TYPE                   (0x3)
00313 #define ACCESS_MAX_MS_V2_ACE_TYPE               (0x3)
00314 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE        (0x4)
00315 #define ACCESS_MAX_MS_V3_ACE_TYPE               (0x4)
00316 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE           (0x5)
00317 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE          (0x5)
00318 #define ACCESS_DENIED_OBJECT_ACE_TYPE           (0x6)
00319 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE            (0x7)
00320 #define SYSTEM_ALARM_OBJECT_ACE_TYPE            (0x8)
00321 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE           (0x8)
00322 #define ACCESS_MAX_MS_V4_ACE_TYPE               (0x8)
00323 #define ACCESS_MAX_MS_ACE_TYPE                  (0x8)
00324 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE        (0x9)
00325 #define ACCESS_DENIED_CALLBACK_ACE_TYPE         (0xA)
00326 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
00327 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE  (0xC)
00328 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE          (0xD)
00329 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE          (0xE)
00330 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE   (0xF)
00331 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE   (0x10)
00332 #define ACCESS_MAX_MS_V5_ACE_TYPE               (0x11)
00333 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE         (0x11)
00334 
00335 /* The following are the inherit flags that go into the AceFlags field
00336    of an Ace header. */
00337 
00338 #define OBJECT_INHERIT_ACE                (0x1)
00339 #define CONTAINER_INHERIT_ACE             (0x2)
00340 #define NO_PROPAGATE_INHERIT_ACE          (0x4)
00341 #define INHERIT_ONLY_ACE                  (0x8)
00342 #define INHERITED_ACE                     (0x10)
00343 #define VALID_INHERIT_FLAGS               (0x1F)
00344 
00345 #define SUCCESSFUL_ACCESS_ACE_FLAG        (0x40)
00346 #define FAILED_ACCESS_ACE_FLAG            (0x80)
00347 
00348 typedef struct _ACCESS_ALLOWED_ACE {
00349   ACE_HEADER Header;
00350   ACCESS_MASK Mask;
00351   ULONG SidStart;
00352 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
00353 
00354 typedef struct _ACCESS_DENIED_ACE {
00355   ACE_HEADER Header;
00356   ACCESS_MASK Mask;
00357   ULONG SidStart;
00358 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
00359 
00360 typedef struct _SYSTEM_AUDIT_ACE {
00361   ACE_HEADER Header;
00362   ACCESS_MASK Mask;
00363   ULONG SidStart;
00364 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
00365 
00366 typedef struct _SYSTEM_ALARM_ACE {
00367   ACE_HEADER Header;
00368   ACCESS_MASK Mask;
00369   ULONG SidStart;
00370 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
00371 
00372 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
00373   ACE_HEADER Header;
00374   ACCESS_MASK Mask;
00375   ULONG SidStart;
00376 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
00377 
00378 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP         0x1
00379 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP          0x2
00380 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP       0x4
00381 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP   | \
00382                                            SYSTEM_MANDATORY_LABEL_NO_READ_UP    | \
00383                                            SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
00384 
00385 #define SECURITY_DESCRIPTOR_MIN_LENGTH   (sizeof(SECURITY_DESCRIPTOR))
00386 
00387 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
00388 
00389 #define SE_OWNER_DEFAULTED              0x0001
00390 #define SE_GROUP_DEFAULTED              0x0002
00391 #define SE_DACL_PRESENT                 0x0004
00392 #define SE_DACL_DEFAULTED               0x0008
00393 #define SE_SACL_PRESENT                 0x0010
00394 #define SE_SACL_DEFAULTED               0x0020
00395 #define SE_DACL_UNTRUSTED               0x0040
00396 #define SE_SERVER_SECURITY              0x0080
00397 #define SE_DACL_AUTO_INHERIT_REQ        0x0100
00398 #define SE_SACL_AUTO_INHERIT_REQ        0x0200
00399 #define SE_DACL_AUTO_INHERITED          0x0400
00400 #define SE_SACL_AUTO_INHERITED          0x0800
00401 #define SE_DACL_PROTECTED               0x1000
00402 #define SE_SACL_PROTECTED               0x2000
00403 #define SE_RM_CONTROL_VALID             0x4000
00404 #define SE_SELF_RELATIVE                0x8000
00405 
00406 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
00407   UCHAR Revision;
00408   UCHAR Sbz1;
00409   SECURITY_DESCRIPTOR_CONTROL Control;
00410   ULONG Owner;
00411   ULONG Group;
00412   ULONG Sacl;
00413   ULONG Dacl;
00414 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
00415 
00416 typedef struct _SECURITY_DESCRIPTOR {
00417   UCHAR Revision;
00418   UCHAR Sbz1;
00419   SECURITY_DESCRIPTOR_CONTROL Control;
00420   PSID Owner;
00421   PSID Group;
00422   PACL Sacl;
00423   PACL Dacl;
00424 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
00425 
00426 typedef struct _OBJECT_TYPE_LIST {
00427   USHORT Level;
00428   USHORT Sbz;
00429   GUID *ObjectType;
00430 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
00431 
00432 #define ACCESS_OBJECT_GUID       0
00433 #define ACCESS_PROPERTY_SET_GUID 1
00434 #define ACCESS_PROPERTY_GUID     2
00435 #define ACCESS_MAX_LEVEL         4
00436 
00437 typedef enum _AUDIT_EVENT_TYPE {
00438   AuditEventObjectAccess,
00439   AuditEventDirectoryServiceAccess
00440 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
00441 
00442 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
00443 
00444 #define ACCESS_DS_SOURCE_A "DS"
00445 #define ACCESS_DS_SOURCE_W L"DS"
00446 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
00447 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
00448 
00449 #define ACCESS_REASON_TYPE_MASK 0xffff0000
00450 #define ACCESS_REASON_DATA_MASK 0x0000ffff
00451 
00452 typedef enum _ACCESS_REASON_TYPE {
00453   AccessReasonNone = 0x00000000,
00454   AccessReasonAllowedAce = 0x00010000,
00455   AccessReasonDeniedAce = 0x00020000,
00456   AccessReasonAllowedParentAce = 0x00030000,
00457   AccessReasonDeniedParentAce = 0x00040000,
00458   AccessReasonMissingPrivilege = 0x00100000,
00459   AccessReasonFromPrivilege = 0x00200000,
00460   AccessReasonIntegrityLevel = 0x00300000,
00461   AccessReasonOwnership = 0x00400000,
00462   AccessReasonNullDacl = 0x00500000,
00463   AccessReasonEmptyDacl = 0x00600000,
00464   AccessReasonNoSD = 0x00700000,
00465   AccessReasonNoGrant = 0x00800000
00466 } ACCESS_REASON_TYPE;
00467 
00468 typedef ULONG ACCESS_REASON;
00469 
00470 typedef struct _ACCESS_REASONS {
00471   ACCESS_REASON Data[32];
00472 } ACCESS_REASONS, *PACCESS_REASONS;
00473 
00474 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE    0x00000001
00475 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE    0x00000002
00476 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS          0x00000003
00477 
00478 typedef struct _SE_SECURITY_DESCRIPTOR {
00479   ULONG Size;
00480   ULONG Flags;
00481   PSECURITY_DESCRIPTOR SecurityDescriptor;
00482 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
00483 
00484 typedef struct _SE_ACCESS_REQUEST {
00485   ULONG Size;
00486   PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
00487   ACCESS_MASK DesiredAccess;
00488   ACCESS_MASK PreviouslyGrantedAccess;
00489   PSID PrincipalSelfSid;
00490   PGENERIC_MAPPING GenericMapping;
00491   ULONG ObjectTypeListCount;
00492   POBJECT_TYPE_LIST ObjectTypeList;
00493 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
00494 
00495 typedef struct _SE_ACCESS_REPLY {
00496   ULONG Size;
00497   ULONG ResultListCount;
00498   PACCESS_MASK GrantedAccess;
00499   PNTSTATUS AccessStatus;
00500   PACCESS_REASONS AccessReason;
00501   PPRIVILEGE_SET* Privileges;
00502 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
00503 
00504 typedef enum _SE_AUDIT_OPERATION {
00505   AuditPrivilegeObject,
00506   AuditPrivilegeService,
00507   AuditAccessCheck,
00508   AuditOpenObject,
00509   AuditOpenObjectWithTransaction,
00510   AuditCloseObject,
00511   AuditDeleteObject,
00512   AuditOpenObjectForDelete,
00513   AuditOpenObjectForDeleteWithTransaction,
00514   AuditCloseNonObject,
00515   AuditOpenNonObject,
00516   AuditObjectReference,
00517   AuditHandleCreation,
00518 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
00519 
00520 typedef struct _SE_AUDIT_INFO {
00521   ULONG Size;
00522   AUDIT_EVENT_TYPE AuditType;
00523   SE_AUDIT_OPERATION AuditOperation;
00524   ULONG AuditFlags;
00525   UNICODE_STRING SubsystemName;
00526   UNICODE_STRING ObjectTypeName;
00527   UNICODE_STRING ObjectName;
00528   PVOID HandleId;
00529   GUID* TransactionId;
00530   LUID* OperationId;
00531   BOOLEAN ObjectCreation;
00532   BOOLEAN GenerateOnClose;
00533 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
00534 
00535 #define TOKEN_ASSIGN_PRIMARY            (0x0001)
00536 #define TOKEN_DUPLICATE                 (0x0002)
00537 #define TOKEN_IMPERSONATE               (0x0004)
00538 #define TOKEN_QUERY                     (0x0008)
00539 #define TOKEN_QUERY_SOURCE              (0x0010)
00540 #define TOKEN_ADJUST_PRIVILEGES         (0x0020)
00541 #define TOKEN_ADJUST_GROUPS             (0x0040)
00542 #define TOKEN_ADJUST_DEFAULT            (0x0080)
00543 #define TOKEN_ADJUST_SESSIONID          (0x0100)
00544 
00545 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED  |\
00546                             TOKEN_ASSIGN_PRIMARY      |\
00547                             TOKEN_DUPLICATE           |\
00548                             TOKEN_IMPERSONATE         |\
00549                             TOKEN_QUERY               |\
00550                             TOKEN_QUERY_SOURCE        |\
00551                             TOKEN_ADJUST_PRIVILEGES   |\
00552                             TOKEN_ADJUST_GROUPS       |\
00553                             TOKEN_ADJUST_DEFAULT )
00554 
00555 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
00556 #define TOKEN_ALL_ACCESS  (TOKEN_ALL_ACCESS_P |\
00557                            TOKEN_ADJUST_SESSIONID )
00558 #else
00559 #define TOKEN_ALL_ACCESS  (TOKEN_ALL_ACCESS_P)
00560 #endif
00561 
00562 #define TOKEN_READ       (STANDARD_RIGHTS_READ     |\
00563                           TOKEN_QUERY)
00564 
00565 #define TOKEN_WRITE      (STANDARD_RIGHTS_WRITE    |\
00566                           TOKEN_ADJUST_PRIVILEGES  |\
00567                           TOKEN_ADJUST_GROUPS      |\
00568                           TOKEN_ADJUST_DEFAULT)
00569 
00570 #define TOKEN_EXECUTE    (STANDARD_RIGHTS_EXECUTE)
00571 
00572 typedef enum _TOKEN_TYPE {
00573   TokenPrimary = 1,
00574   TokenImpersonation
00575 } TOKEN_TYPE,*PTOKEN_TYPE;
00576 
00577 typedef enum _TOKEN_INFORMATION_CLASS {
00578   TokenUser = 1,
00579   TokenGroups,
00580   TokenPrivileges,
00581   TokenOwner,
00582   TokenPrimaryGroup,
00583   TokenDefaultDacl,
00584   TokenSource,
00585   TokenType,
00586   TokenImpersonationLevel,
00587   TokenStatistics,
00588   TokenRestrictedSids,
00589   TokenSessionId,
00590   TokenGroupsAndPrivileges,
00591   TokenSessionReference,
00592   TokenSandBoxInert,
00593   TokenAuditPolicy,
00594   TokenOrigin,
00595   TokenElevationType,
00596   TokenLinkedToken,
00597   TokenElevation,
00598   TokenHasRestrictions,
00599   TokenAccessInformation,
00600   TokenVirtualizationAllowed,
00601   TokenVirtualizationEnabled,
00602   TokenIntegrityLevel,
00603   TokenUIAccess,
00604   TokenMandatoryPolicy,
00605   TokenLogonSid,
00606   MaxTokenInfoClass
00607 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
00608 
00609 typedef struct _TOKEN_USER {
00610   SID_AND_ATTRIBUTES User;
00611 } TOKEN_USER, *PTOKEN_USER;
00612 
00613 typedef struct _TOKEN_GROUPS {
00614   ULONG GroupCount;
00615 #ifdef MIDL_PASS
00616   [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
00617 #else
00618   SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
00619 #endif
00620 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
00621 
00622 typedef struct _TOKEN_PRIVILEGES {
00623   ULONG PrivilegeCount;
00624   LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
00625 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
00626 
00627 typedef struct _TOKEN_OWNER {
00628   PSID Owner;
00629 } TOKEN_OWNER,*PTOKEN_OWNER;
00630 
00631 typedef struct _TOKEN_PRIMARY_GROUP {
00632   PSID PrimaryGroup;
00633 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
00634 
00635 typedef struct _TOKEN_DEFAULT_DACL {
00636   PACL DefaultDacl;
00637 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
00638 
00639 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
00640   ULONG SidCount;
00641   ULONG SidLength;
00642   PSID_AND_ATTRIBUTES Sids;
00643   ULONG RestrictedSidCount;
00644   ULONG RestrictedSidLength;
00645   PSID_AND_ATTRIBUTES RestrictedSids;
00646   ULONG PrivilegeCount;
00647   ULONG PrivilegeLength;
00648   PLUID_AND_ATTRIBUTES Privileges;
00649   LUID AuthenticationId;
00650 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
00651 
00652 typedef struct _TOKEN_LINKED_TOKEN {
00653   HANDLE LinkedToken;
00654 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
00655 
00656 typedef struct _TOKEN_ELEVATION {
00657   ULONG TokenIsElevated;
00658 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
00659 
00660 typedef struct _TOKEN_MANDATORY_LABEL {
00661   SID_AND_ATTRIBUTES Label;
00662 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
00663 
00664 #define TOKEN_MANDATORY_POLICY_OFF             0x0
00665 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP     0x1
00666 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
00667 
00668 #define TOKEN_MANDATORY_POLICY_VALID_MASK    (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
00669                                               TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
00670 
00671 typedef struct _TOKEN_MANDATORY_POLICY {
00672   ULONG Policy;
00673 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
00674 
00675 typedef struct _TOKEN_ACCESS_INFORMATION {
00676   PSID_AND_ATTRIBUTES_HASH SidHash;
00677   PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
00678   PTOKEN_PRIVILEGES Privileges;
00679   LUID AuthenticationId;
00680   TOKEN_TYPE TokenType;
00681   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
00682   TOKEN_MANDATORY_POLICY MandatoryPolicy;
00683   ULONG Flags;
00684 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
00685 
00686 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
00687 
00688 typedef struct _TOKEN_AUDIT_POLICY {
00689   UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
00690 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
00691 
00692 #define TOKEN_SOURCE_LENGTH 8
00693 
00694 typedef struct _TOKEN_SOURCE {
00695   CHAR SourceName[TOKEN_SOURCE_LENGTH];
00696   LUID SourceIdentifier;
00697 } TOKEN_SOURCE,*PTOKEN_SOURCE;
00698 
00699 typedef struct _TOKEN_STATISTICS {
00700   LUID TokenId;
00701   LUID AuthenticationId;
00702   LARGE_INTEGER ExpirationTime;
00703   TOKEN_TYPE TokenType;
00704   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
00705   ULONG DynamicCharged;
00706   ULONG DynamicAvailable;
00707   ULONG GroupCount;
00708   ULONG PrivilegeCount;
00709   LUID ModifiedId;
00710 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
00711 
00712 typedef struct _TOKEN_CONTROL {
00713   LUID TokenId;
00714   LUID AuthenticationId;
00715   LUID ModifiedId;
00716   TOKEN_SOURCE TokenSource;
00717 } TOKEN_CONTROL,*PTOKEN_CONTROL;
00718 
00719 typedef struct _TOKEN_ORIGIN {
00720   LUID OriginatingLogonSession;
00721 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
00722 
00723 typedef enum _MANDATORY_LEVEL {
00724   MandatoryLevelUntrusted = 0,
00725   MandatoryLevelLow,
00726   MandatoryLevelMedium,
00727   MandatoryLevelHigh,
00728   MandatoryLevelSystem,
00729   MandatoryLevelSecureProcess,
00730   MandatoryLevelCount
00731 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
00732 
00733 #define TOKEN_HAS_TRAVERSE_PRIVILEGE    0x0001
00734 #define TOKEN_HAS_BACKUP_PRIVILEGE      0x0002
00735 #define TOKEN_HAS_RESTORE_PRIVILEGE     0x0004
00736 #define TOKEN_WRITE_RESTRICTED          0x0008
00737 #define TOKEN_IS_RESTRICTED             0x0010
00738 #define TOKEN_SESSION_NOT_REFERENCED    0x0020
00739 #define TOKEN_SANDBOX_INERT             0x0040
00740 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
00741 #define SE_BACKUP_PRIVILEGES_CHECKED    0x0100
00742 #define TOKEN_VIRTUALIZE_ALLOWED        0x0200
00743 #define TOKEN_VIRTUALIZE_ENABLED        0x0400
00744 #define TOKEN_IS_FILTERED               0x0800
00745 #define TOKEN_UIACCESS                  0x1000
00746 #define TOKEN_NOT_LOW                   0x2000
00747 
00748 typedef struct _SE_EXPORTS {
00749   LUID SeCreateTokenPrivilege;
00750   LUID SeAssignPrimaryTokenPrivilege;
00751   LUID SeLockMemoryPrivilege;
00752   LUID SeIncreaseQuotaPrivilege;
00753   LUID SeUnsolicitedInputPrivilege;
00754   LUID SeTcbPrivilege;
00755   LUID SeSecurityPrivilege;
00756   LUID SeTakeOwnershipPrivilege;
00757   LUID SeLoadDriverPrivilege;
00758   LUID SeCreatePagefilePrivilege;
00759   LUID SeIncreaseBasePriorityPrivilege;
00760   LUID SeSystemProfilePrivilege;
00761   LUID SeSystemtimePrivilege;
00762   LUID SeProfileSingleProcessPrivilege;
00763   LUID SeCreatePermanentPrivilege;
00764   LUID SeBackupPrivilege;
00765   LUID SeRestorePrivilege;
00766   LUID SeShutdownPrivilege;
00767   LUID SeDebugPrivilege;
00768   LUID SeAuditPrivilege;
00769   LUID SeSystemEnvironmentPrivilege;
00770   LUID SeChangeNotifyPrivilege;
00771   LUID SeRemoteShutdownPrivilege;
00772   PSID SeNullSid;
00773   PSID SeWorldSid;
00774   PSID SeLocalSid;
00775   PSID SeCreatorOwnerSid;
00776   PSID SeCreatorGroupSid;
00777   PSID SeNtAuthoritySid;
00778   PSID SeDialupSid;
00779   PSID SeNetworkSid;
00780   PSID SeBatchSid;
00781   PSID SeInteractiveSid;
00782   PSID SeLocalSystemSid;
00783   PSID SeAliasAdminsSid;
00784   PSID SeAliasUsersSid;
00785   PSID SeAliasGuestsSid;
00786   PSID SeAliasPowerUsersSid;
00787   PSID SeAliasAccountOpsSid;
00788   PSID SeAliasSystemOpsSid;
00789   PSID SeAliasPrintOpsSid;
00790   PSID SeAliasBackupOpsSid;
00791   PSID SeAuthenticatedUsersSid;
00792   PSID SeRestrictedSid;
00793   PSID SeAnonymousLogonSid;
00794   LUID SeUndockPrivilege;
00795   LUID SeSyncAgentPrivilege;
00796   LUID SeEnableDelegationPrivilege;
00797   PSID SeLocalServiceSid;
00798   PSID SeNetworkServiceSid;
00799   LUID SeManageVolumePrivilege;
00800   LUID SeImpersonatePrivilege;
00801   LUID SeCreateGlobalPrivilege;
00802   LUID SeTrustedCredManAccessPrivilege;
00803   LUID SeRelabelPrivilege;
00804   LUID SeIncreaseWorkingSetPrivilege;
00805   LUID SeTimeZonePrivilege;
00806   LUID SeCreateSymbolicLinkPrivilege;
00807   PSID SeIUserSid;
00808   PSID SeUntrustedMandatorySid;
00809   PSID SeLowMandatorySid;
00810   PSID SeMediumMandatorySid;
00811   PSID SeHighMandatorySid;
00812   PSID SeSystemMandatorySid;
00813   PSID SeOwnerRightsSid;
00814 } SE_EXPORTS, *PSE_EXPORTS;
00815 
00816 typedef NTSTATUS
00817 (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
00818   IN PLUID LogonId);
00819 
00820 typedef struct _SECURITY_CLIENT_CONTEXT {
00821   SECURITY_QUALITY_OF_SERVICE SecurityQos;
00822   PACCESS_TOKEN ClientToken;
00823   BOOLEAN DirectlyAccessClientToken;
00824   BOOLEAN DirectAccessEffectiveOnly;
00825   BOOLEAN ServerIsRemote;
00826   TOKEN_CONTROL ClientTokenControl;
00827 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
00828 
00829 /******************************************************************************
00830  *                            Object Manager Types                            *
00831  ******************************************************************************/
00832 
00833 typedef enum _OBJECT_INFORMATION_CLASS {
00834   ObjectBasicInformation = 0,
00835   ObjectTypeInformation = 2,
00836   /* Not for public use */
00837   ObjectNameInformation = 1,
00838   ObjectTypesInformation = 3,
00839   ObjectHandleFlagInformation = 4,
00840   ObjectSessionInformation = 5,
00841   MaxObjectInfoClass
00842 } OBJECT_INFORMATION_CLASS;
00843 
00844 
00845 /******************************************************************************
00846  *                           Runtime Library Types                            *
00847  ******************************************************************************/
00848 
00849 
00850 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER    L"System Volume Information"
00851 
00852 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE)
00853 _IRQL_requires_max_(PASSIVE_LEVEL)
00854 __drv_allocatesMem(Mem)
00855 typedef PVOID
00856 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
00857   _In_ SIZE_T NumberOfBytes);
00858 
00859 #if _WIN32_WINNT >= 0x0600
00860 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE)
00861 _IRQL_requires_max_(PASSIVE_LEVEL)
00862 __drv_allocatesMem(Mem)
00863 typedef PVOID
00864 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
00865   _In_ SIZE_T NumberOfBytes,
00866   IN PVOID Buffer);
00867 #endif
00868 
00869 typedef VOID
00870 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
00871   _In_ __drv_freesMem(Mem) _Post_invalid_ PVOID Buffer);
00872 
00873 extern const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
00874 extern const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
00875 
00876 #if _WIN32_WINNT >= 0x0600
00877 extern const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
00878 #endif
00879 
00880 _Function_class_(RTL_HEAP_COMMIT_ROUTINE)
00881 _IRQL_requires_same_
00882 typedef NTSTATUS
00883 (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (
00884   _In_ PVOID Base,
00885   _Inout_ PVOID *CommitAddress,
00886   _Inout_ PSIZE_T CommitSize);
00887 
00888 typedef struct _RTL_HEAP_PARAMETERS {
00889   ULONG Length;
00890   SIZE_T SegmentReserve;
00891   SIZE_T SegmentCommit;
00892   SIZE_T DeCommitFreeBlockThreshold;
00893   SIZE_T DeCommitTotalFreeThreshold;
00894   SIZE_T MaximumAllocationSize;
00895   SIZE_T VirtualMemoryThreshold;
00896   SIZE_T InitialCommit;
00897   SIZE_T InitialReserve;
00898   PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
00899   SIZE_T Reserved[2];
00900 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
00901 
00902 #if (NTDDI_VERSION >= NTDDI_WIN2K)
00903 
00904 typedef struct _GENERATE_NAME_CONTEXT {
00905   USHORT Checksum;
00906   BOOLEAN CheckSumInserted;
00907   _Field_range_(<=, 8) UCHAR NameLength;
00908   WCHAR NameBuffer[8];
00909   _Field_range_(<=, 4) ULONG ExtensionLength;
00910   WCHAR ExtensionBuffer[4];
00911   ULONG LastIndexValue;
00912 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
00913 
00914 typedef struct _PREFIX_TABLE_ENTRY {
00915   CSHORT NodeTypeCode;
00916   CSHORT NameLength;
00917   struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
00918   RTL_SPLAY_LINKS Links;
00919   PSTRING Prefix;
00920 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
00921 
00922 typedef struct _PREFIX_TABLE {
00923   CSHORT NodeTypeCode;
00924   CSHORT NameLength;
00925   PPREFIX_TABLE_ENTRY NextPrefixTree;
00926 } PREFIX_TABLE, *PPREFIX_TABLE;
00927 
00928 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
00929   CSHORT NodeTypeCode;
00930   CSHORT NameLength;
00931   struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
00932   struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
00933   RTL_SPLAY_LINKS Links;
00934   PUNICODE_STRING Prefix;
00935 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
00936 
00937 typedef struct _UNICODE_PREFIX_TABLE {
00938   CSHORT NodeTypeCode;
00939   CSHORT NameLength;
00940   PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
00941   PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
00942 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
00943 
00944 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
00945 
00946 #if (NTDDI_VERSION >= NTDDI_WINXP)
00947 typedef struct _COMPRESSED_DATA_INFO {
00948   USHORT CompressionFormatAndEngine;
00949   UCHAR CompressionUnitShift;
00950   UCHAR ChunkShift;
00951   UCHAR ClusterShift;
00952   UCHAR Reserved;
00953   USHORT NumberOfChunks;
00954   ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
00955 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
00956 #endif
00957 /******************************************************************************
00958  *                         Runtime Library Functions                          *
00959  ******************************************************************************/
00960 
00961 
00962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
00963 
00964 
00965 _Must_inspect_result_
00966 _Ret_maybenull_
00967 _Post_writable_byte_size_(Size)
00968 NTSYSAPI
00969 PVOID
00970 NTAPI
00971 RtlAllocateHeap(
00972   _In_ HANDLE HeapHandle,
00973   _In_opt_ ULONG Flags,
00974   _In_ SIZE_T Size);
00975 
00976 _Success_(return != 0)
00977 NTSYSAPI
00978 BOOLEAN
00979 NTAPI
00980 RtlFreeHeap(
00981   _In_ PVOID HeapHandle,
00982   _In_opt_ ULONG Flags,
00983   _In_ _Post_invalid_ PVOID BaseAddress);
00984 
00985 NTSYSAPI
00986 VOID
00987 NTAPI
00988 RtlCaptureContext(
00989   _Out_ PCONTEXT ContextRecord);
00990 
00991 _Ret_range_(<, MAXLONG)
00992 NTSYSAPI
00993 ULONG
00994 NTAPI
00995 RtlRandom(
00996   _Inout_ PULONG Seed);
00997 
00998 _IRQL_requires_max_(APC_LEVEL)
00999 _Success_(return != 0)
01000 _Must_inspect_result_
01001 NTSYSAPI
01002 BOOLEAN
01003 NTAPI
01004 RtlCreateUnicodeString(
01005   _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem))
01006     PUNICODE_STRING DestinationString,
01007   _In_z_ PCWSTR SourceString);
01008 
01009 _IRQL_requires_max_(APC_LEVEL)
01010 NTSYSAPI
01011 NTSTATUS
01012 NTAPI
01013 RtlAppendStringToString(
01014   _Inout_ PSTRING Destination,
01015   _In_ const STRING *Source);
01016 
01017 _IRQL_requires_max_(PASSIVE_LEVEL)
01018 _Must_inspect_result_
01019 NTSYSAPI
01020 NTSTATUS
01021 NTAPI
01022 RtlOemStringToUnicodeString(
01023   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01024   _When_(!AllocateDestinationString, _Inout_)
01025     PUNICODE_STRING DestinationString,
01026   _In_ PCOEM_STRING SourceString,
01027   _In_ BOOLEAN AllocateDestinationString);
01028 
01029 _IRQL_requires_max_(PASSIVE_LEVEL)
01030 _Must_inspect_result_
01031 NTSYSAPI
01032 NTSTATUS
01033 NTAPI
01034 RtlUnicodeStringToOemString(
01035   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01036   _When_(!AllocateDestinationString, _Inout_)
01037     POEM_STRING DestinationString,
01038   _In_ PCUNICODE_STRING SourceString,
01039   _In_ BOOLEAN AllocateDestinationString);
01040 
01041 _IRQL_requires_max_(PASSIVE_LEVEL)
01042 _Must_inspect_result_
01043 NTSYSAPI
01044 NTSTATUS
01045 NTAPI
01046 RtlUpcaseUnicodeStringToOemString(
01047   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01048   _When_(!AllocateDestinationString, _Inout_)
01049     POEM_STRING DestinationString,
01050   _In_ PCUNICODE_STRING SourceString,
01051   _In_ BOOLEAN AllocateDestinationString);
01052 
01053 _IRQL_requires_max_(PASSIVE_LEVEL)
01054 _Must_inspect_result_
01055 NTSYSAPI
01056 NTSTATUS
01057 NTAPI
01058 RtlOemStringToCountedUnicodeString(
01059   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01060   _When_(!AllocateDestinationString, _Inout_)
01061     PUNICODE_STRING DestinationString,
01062   _In_ PCOEM_STRING SourceString,
01063   _In_ BOOLEAN AllocateDestinationString);
01064 
01065 _IRQL_requires_max_(PASSIVE_LEVEL)
01066 _Must_inspect_result_
01067 NTSYSAPI
01068 NTSTATUS
01069 NTAPI
01070 RtlUnicodeStringToCountedOemString(
01071   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01072   _When_(!AllocateDestinationString, _Inout_)
01073     POEM_STRING DestinationString,
01074   _In_ PCUNICODE_STRING SourceString,
01075   _In_ BOOLEAN AllocateDestinationString);
01076 
01077 _IRQL_requires_max_(PASSIVE_LEVEL)
01078 _Must_inspect_result_
01079 NTSYSAPI
01080 NTSTATUS
01081 NTAPI
01082 RtlUpcaseUnicodeStringToCountedOemString(
01083   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01084   _When_(!AllocateDestinationString, _Inout_)
01085     POEM_STRING DestinationString,
01086   _In_ PCUNICODE_STRING SourceString,
01087   _In_ BOOLEAN AllocateDestinationString);
01088 
01089 _IRQL_requires_max_(PASSIVE_LEVEL)
01090 _When_(AllocateDestinationString, _Must_inspect_result_)
01091 NTSYSAPI
01092 NTSTATUS
01093 NTAPI
01094 RtlDowncaseUnicodeString(
01095   _When_(AllocateDestinationString, _Out_ _At_(UniDest->Buffer, __drv_allocatesMem(Mem)))
01096   _When_(!AllocateDestinationString, _Inout_)
01097     PUNICODE_STRING UniDest,
01098   _In_ PCUNICODE_STRING UniSource,
01099   _In_ BOOLEAN AllocateDestinationString);
01100 
01101 _IRQL_requires_max_(PASSIVE_LEVEL)
01102 NTSYSAPI
01103 VOID
01104 NTAPI
01105 RtlFreeOemString(
01106   _Inout_ _At_(OemString->Buffer, __drv_freesMem(Mem)) POEM_STRING OemString);
01107 
01108 _IRQL_requires_max_(PASSIVE_LEVEL)
01109 NTSYSAPI
01110 ULONG
01111 NTAPI
01112 RtlxUnicodeStringToOemSize(
01113   _In_ PCUNICODE_STRING UnicodeString);
01114 
01115 _IRQL_requires_max_(PASSIVE_LEVEL)
01116 NTSYSAPI
01117 ULONG
01118 NTAPI
01119 RtlxOemStringToUnicodeSize(
01120   _In_ PCOEM_STRING OemString);
01121 
01122 _IRQL_requires_max_(PASSIVE_LEVEL)
01123 NTSYSAPI
01124 NTSTATUS
01125 NTAPI
01126 RtlMultiByteToUnicodeN(
01127   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
01128   _In_ ULONG MaxBytesInUnicodeString,
01129   _Out_opt_ PULONG BytesInUnicodeString,
01130   _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
01131   _In_ ULONG BytesInMultiByteString);
01132 
01133 _IRQL_requires_max_(PASSIVE_LEVEL)
01134 NTSYSAPI
01135 NTSTATUS
01136 NTAPI
01137 RtlMultiByteToUnicodeSize(
01138   _Out_ PULONG BytesInUnicodeString,
01139   _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
01140   _In_ ULONG BytesInMultiByteString);
01141 
01142 _IRQL_requires_max_(PASSIVE_LEVEL)
01143 NTSYSAPI
01144 NTSTATUS
01145 NTAPI
01146 RtlUnicodeToMultiByteSize(
01147   _Out_ PULONG BytesInMultiByteString,
01148   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01149   _In_ ULONG BytesInUnicodeString);
01150 
01151 _IRQL_requires_max_(PASSIVE_LEVEL)
01152 NTSYSAPI
01153 NTSTATUS
01154 NTAPI
01155 RtlUnicodeToMultiByteN(
01156   _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
01157   _In_ ULONG MaxBytesInMultiByteString,
01158   _Out_opt_ PULONG BytesInMultiByteString,
01159   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01160   _In_ ULONG BytesInUnicodeString);
01161 
01162 _IRQL_requires_max_(PASSIVE_LEVEL)
01163 NTSYSAPI
01164 NTSTATUS
01165 NTAPI
01166 RtlUpcaseUnicodeToMultiByteN(
01167   _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
01168   _In_ ULONG MaxBytesInMultiByteString,
01169   _Out_opt_ PULONG BytesInMultiByteString,
01170   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01171   _In_ ULONG BytesInUnicodeString);
01172 
01173 _IRQL_requires_max_(PASSIVE_LEVEL)
01174 NTSYSAPI
01175 NTSTATUS
01176 NTAPI
01177 RtlOemToUnicodeN(
01178   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWSTR UnicodeString,
01179   _In_ ULONG MaxBytesInUnicodeString,
01180   _Out_opt_ PULONG BytesInUnicodeString,
01181   _In_reads_bytes_(BytesInOemString) PCCH OemString,
01182   _In_ ULONG BytesInOemString);
01183 
01184 _IRQL_requires_max_(PASSIVE_LEVEL)
01185 NTSYSAPI
01186 NTSTATUS
01187 NTAPI
01188 RtlUnicodeToOemN(
01189   _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
01190   _In_ ULONG MaxBytesInOemString,
01191   _Out_opt_ PULONG BytesInOemString,
01192   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01193   _In_ ULONG BytesInUnicodeString);
01194 
01195 _IRQL_requires_max_(PASSIVE_LEVEL)
01196 NTSYSAPI
01197 NTSTATUS
01198 NTAPI
01199 RtlUpcaseUnicodeToOemN(
01200   _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
01201   _In_ ULONG MaxBytesInOemString,
01202   _Out_opt_ PULONG BytesInOemString,
01203   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01204   _In_ ULONG BytesInUnicodeString);
01205 
01206 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
01207 _IRQL_requires_max_(PASSIVE_LEVEL)
01208 NTSYSAPI
01209 NTSTATUS
01210 NTAPI
01211 RtlGenerate8dot3Name(
01212   _In_ PCUNICODE_STRING Name,
01213   _In_ BOOLEAN AllowExtendedCharacters,
01214   _Inout_ PGENERATE_NAME_CONTEXT Context,
01215   _Inout_ PUNICODE_STRING Name8dot3);
01216 #else
01217 _IRQL_requires_max_(PASSIVE_LEVEL)
01218 NTSYSAPI
01219 VOID
01220 NTAPI
01221 RtlGenerate8dot3Name(
01222   _In_ PCUNICODE_STRING Name,
01223   _In_ BOOLEAN AllowExtendedCharacters,
01224   _Inout_ PGENERATE_NAME_CONTEXT Context,
01225   _Inout_ PUNICODE_STRING Name8dot3);
01226 #endif
01227 
01228 _IRQL_requires_max_(PASSIVE_LEVEL)
01229 _Must_inspect_result_
01230 NTSYSAPI
01231 BOOLEAN
01232 NTAPI
01233 RtlIsNameLegalDOS8Dot3(
01234   _In_ PCUNICODE_STRING Name,
01235   _Inout_opt_ POEM_STRING OemName,
01236   _Out_opt_ PBOOLEAN NameContainsSpaces);
01237 
01238 _IRQL_requires_max_(PASSIVE_LEVEL)
01239 _Must_inspect_result_
01240 NTSYSAPI
01241 BOOLEAN
01242 NTAPI
01243 RtlIsValidOemCharacter(
01244   _Inout_ PWCHAR Char);
01245 
01246 _IRQL_requires_max_(PASSIVE_LEVEL)
01247 NTSYSAPI
01248 VOID
01249 NTAPI
01250 PfxInitialize(
01251   _Out_ PPREFIX_TABLE PrefixTable);
01252 
01253 _IRQL_requires_max_(PASSIVE_LEVEL)
01254 NTSYSAPI
01255 BOOLEAN
01256 NTAPI
01257 PfxInsertPrefix(
01258   _In_ PPREFIX_TABLE PrefixTable,
01259   _In_ __drv_aliasesMem PSTRING Prefix,
01260   _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
01261 
01262 _IRQL_requires_max_(PASSIVE_LEVEL)
01263 NTSYSAPI
01264 VOID
01265 NTAPI
01266 PfxRemovePrefix(
01267   _In_ PPREFIX_TABLE PrefixTable,
01268   _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
01269 
01270 _IRQL_requires_max_(PASSIVE_LEVEL)
01271 _Must_inspect_result_
01272 NTSYSAPI
01273 PPREFIX_TABLE_ENTRY
01274 NTAPI
01275 PfxFindPrefix(
01276   _In_ PPREFIX_TABLE PrefixTable,
01277   _In_ PSTRING FullName);
01278 
01279 _IRQL_requires_max_(PASSIVE_LEVEL)
01280 NTSYSAPI
01281 VOID
01282 NTAPI
01283 RtlInitializeUnicodePrefix(
01284   _Out_ PUNICODE_PREFIX_TABLE PrefixTable);
01285 
01286 _IRQL_requires_max_(PASSIVE_LEVEL)
01287 NTSYSAPI
01288 BOOLEAN
01289 NTAPI
01290 RtlInsertUnicodePrefix(
01291   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01292   _In_ __drv_aliasesMem PUNICODE_STRING Prefix,
01293   _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
01294 
01295 _IRQL_requires_max_(PASSIVE_LEVEL)
01296 NTSYSAPI
01297 VOID
01298 NTAPI
01299 RtlRemoveUnicodePrefix(
01300   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01301   _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
01302 
01303 _IRQL_requires_max_(PASSIVE_LEVEL)
01304 _Must_inspect_result_
01305 NTSYSAPI
01306 PUNICODE_PREFIX_TABLE_ENTRY
01307 NTAPI
01308 RtlFindUnicodePrefix(
01309   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01310   _In_ PUNICODE_STRING FullName,
01311   _In_ ULONG CaseInsensitiveIndex);
01312 
01313 _IRQL_requires_max_(PASSIVE_LEVEL)
01314 _Must_inspect_result_
01315 NTSYSAPI
01316 PUNICODE_PREFIX_TABLE_ENTRY
01317 NTAPI
01318 RtlNextUnicodePrefix(
01319   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01320   _In_ BOOLEAN Restart);
01321 
01322 _Must_inspect_result_
01323 NTSYSAPI
01324 SIZE_T
01325 NTAPI
01326 RtlCompareMemoryUlong(
01327   _In_reads_bytes_(Length) PVOID Source,
01328   _In_ SIZE_T Length,
01329   _In_ ULONG Pattern);
01330 
01331 _Success_(return != 0)
01332 NTSYSAPI
01333 BOOLEAN
01334 NTAPI
01335 RtlTimeToSecondsSince1980(
01336   _In_ PLARGE_INTEGER Time,
01337   _Out_ PULONG ElapsedSeconds);
01338 
01339 NTSYSAPI
01340 VOID
01341 NTAPI
01342 RtlSecondsSince1980ToTime(
01343   _In_ ULONG ElapsedSeconds,
01344   _Out_ PLARGE_INTEGER Time);
01345 
01346 _Success_(return != 0)
01347 NTSYSAPI
01348 BOOLEAN
01349 NTAPI
01350 RtlTimeToSecondsSince1970(
01351   _In_ PLARGE_INTEGER Time,
01352   _Out_ PULONG ElapsedSeconds);
01353 
01354 NTSYSAPI
01355 VOID
01356 NTAPI
01357 RtlSecondsSince1970ToTime(
01358   _In_ ULONG ElapsedSeconds,
01359   _Out_ PLARGE_INTEGER Time);
01360 
01361 _IRQL_requires_max_(APC_LEVEL)
01362 _Must_inspect_result_
01363 NTSYSAPI
01364 BOOLEAN
01365 NTAPI
01366 RtlValidSid(
01367   _In_ PSID Sid);
01368 
01369 _Must_inspect_result_
01370 NTSYSAPI
01371 BOOLEAN
01372 NTAPI
01373 RtlEqualSid(
01374   _In_ PSID Sid1,
01375   _In_ PSID Sid2);
01376 
01377 _IRQL_requires_max_(APC_LEVEL)
01378 _Must_inspect_result_
01379 NTSYSAPI
01380 BOOLEAN
01381 NTAPI
01382 RtlEqualPrefixSid(
01383   _In_ PSID Sid1,
01384   _In_ PSID Sid2);
01385 
01386 _IRQL_requires_max_(APC_LEVEL)
01387 NTSYSAPI
01388 ULONG
01389 NTAPI
01390 RtlLengthRequiredSid(
01391   _In_ ULONG SubAuthorityCount);
01392 
01393 NTSYSAPI
01394 PVOID
01395 NTAPI
01396 RtlFreeSid(
01397   _In_ _Post_invalid_ PSID Sid);
01398 
01399 _Must_inspect_result_
01400 NTSYSAPI
01401 NTSTATUS
01402 NTAPI
01403 RtlAllocateAndInitializeSid(
01404   _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
01405   _In_ UCHAR SubAuthorityCount,
01406   _In_ ULONG SubAuthority0,
01407   _In_ ULONG SubAuthority1,
01408   _In_ ULONG SubAuthority2,
01409   _In_ ULONG SubAuthority3,
01410   _In_ ULONG SubAuthority4,
01411   _In_ ULONG SubAuthority5,
01412   _In_ ULONG SubAuthority6,
01413   _In_ ULONG SubAuthority7,
01414   _Outptr_ PSID *Sid);
01415 
01416 _IRQL_requires_max_(APC_LEVEL)
01417 NTSYSAPI
01418 NTSTATUS
01419 NTAPI
01420 RtlInitializeSid(
01421   _Out_ PSID Sid,
01422   _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
01423   _In_ UCHAR SubAuthorityCount);
01424 
01425 NTSYSAPI
01426 PULONG
01427 NTAPI
01428 RtlSubAuthoritySid(
01429   _In_ PSID Sid,
01430   _In_ ULONG SubAuthority);
01431 
01432 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
01433 NTSYSAPI
01434 ULONG
01435 NTAPI
01436 RtlLengthSid(
01437   _In_ PSID Sid);
01438 
01439 _IRQL_requires_max_(APC_LEVEL)
01440 NTSYSAPI
01441 NTSTATUS
01442 NTAPI
01443 RtlCopySid(
01444   _In_ ULONG Length,
01445   _Out_writes_bytes_(Length) PSID Destination,
01446   _In_ PSID Source);
01447 
01448 _IRQL_requires_max_(APC_LEVEL)
01449 NTSYSAPI
01450 NTSTATUS
01451 NTAPI
01452 RtlConvertSidToUnicodeString(
01453   _Inout_ PUNICODE_STRING UnicodeString,
01454   _In_ PSID Sid,
01455   _In_ BOOLEAN AllocateDestinationString);
01456 
01457 _IRQL_requires_max_(APC_LEVEL)
01458 NTSYSAPI
01459 VOID
01460 NTAPI
01461 RtlCopyLuid(
01462   _Out_ PLUID DestinationLuid,
01463   _In_ PLUID SourceLuid);
01464 
01465 _IRQL_requires_max_(APC_LEVEL)
01466 NTSYSAPI
01467 NTSTATUS
01468 NTAPI
01469 RtlCreateAcl(
01470   _Out_writes_bytes_(AclLength) PACL Acl,
01471   _In_ ULONG AclLength,
01472   _In_ ULONG AclRevision);
01473 
01474 _IRQL_requires_max_(APC_LEVEL)
01475 NTSYSAPI
01476 NTSTATUS
01477 NTAPI
01478 RtlAddAce(
01479   _Inout_ PACL Acl,
01480   _In_ ULONG AceRevision,
01481   _In_ ULONG StartingAceIndex,
01482   _In_reads_bytes_(AceListLength) PVOID AceList,
01483   _In_ ULONG AceListLength);
01484 
01485 _IRQL_requires_max_(APC_LEVEL)
01486 NTSYSAPI
01487 NTSTATUS
01488 NTAPI
01489 RtlDeleteAce(
01490   _Inout_ PACL Acl,
01491   _In_ ULONG AceIndex);
01492 
01493 NTSYSAPI
01494 NTSTATUS
01495 NTAPI
01496 RtlGetAce(
01497   _In_ PACL Acl,
01498   _In_ ULONG AceIndex,
01499   _Outptr_ PVOID *Ace);
01500 
01501 _IRQL_requires_max_(APC_LEVEL)
01502 NTSYSAPI
01503 NTSTATUS
01504 NTAPI
01505 RtlAddAccessAllowedAce(
01506   _Inout_ PACL Acl,
01507   _In_ ULONG AceRevision,
01508   _In_ ACCESS_MASK AccessMask,
01509   _In_ PSID Sid);
01510 
01511 _IRQL_requires_max_(APC_LEVEL)
01512 NTSYSAPI
01513 NTSTATUS
01514 NTAPI
01515 RtlAddAccessAllowedAceEx(
01516   _Inout_ PACL Acl,
01517   _In_ ULONG AceRevision,
01518   _In_ ULONG AceFlags,
01519   _In_ ACCESS_MASK AccessMask,
01520   _In_ PSID Sid);
01521 
01522 _IRQL_requires_max_(APC_LEVEL)
01523 NTSYSAPI
01524 NTSTATUS
01525 NTAPI
01526 RtlCreateSecurityDescriptorRelative(
01527   _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
01528   _In_ ULONG Revision);
01529 
01530 NTSYSAPI
01531 NTSTATUS
01532 NTAPI
01533 RtlGetDaclSecurityDescriptor(
01534   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01535   _Out_ PBOOLEAN DaclPresent,
01536   _Out_ PACL *Dacl,
01537   _Out_ PBOOLEAN DaclDefaulted);
01538 
01539 _IRQL_requires_max_(APC_LEVEL)
01540 NTSYSAPI
01541 NTSTATUS
01542 NTAPI
01543 RtlSetOwnerSecurityDescriptor(
01544   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01545   _In_opt_ PSID Owner,
01546   _In_opt_ BOOLEAN OwnerDefaulted);
01547 
01548 _IRQL_requires_max_(APC_LEVEL)
01549 NTSYSAPI
01550 NTSTATUS
01551 NTAPI
01552 RtlGetOwnerSecurityDescriptor(
01553   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01554   _Out_ PSID *Owner,
01555   _Out_ PBOOLEAN OwnerDefaulted);
01556 
01557 _IRQL_requires_max_(APC_LEVEL)
01558 _When_(Status < 0, _Out_range_(>, 0))
01559 _When_(Status >= 0, _Out_range_(==, 0))
01560 NTSYSAPI
01561 ULONG
01562 NTAPI
01563 RtlNtStatusToDosError(
01564   _In_ NTSTATUS Status);
01565 
01566 _IRQL_requires_max_(PASSIVE_LEVEL)
01567 NTSYSAPI
01568 NTSTATUS
01569 NTAPI
01570 RtlCustomCPToUnicodeN(
01571   _In_ PCPTABLEINFO CustomCP,
01572   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
01573   _In_ ULONG MaxBytesInUnicodeString,
01574   _Out_opt_ PULONG BytesInUnicodeString,
01575   _In_reads_bytes_(BytesInCustomCPString) PCH CustomCPString,
01576   _In_ ULONG BytesInCustomCPString);
01577 
01578 _IRQL_requires_max_(PASSIVE_LEVEL)
01579 NTSYSAPI
01580 NTSTATUS
01581 NTAPI
01582 RtlUnicodeToCustomCPN(
01583   _In_ PCPTABLEINFO CustomCP,
01584   _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
01585   _In_ ULONG MaxBytesInCustomCPString,
01586   _Out_opt_ PULONG BytesInCustomCPString,
01587   _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
01588   _In_ ULONG BytesInUnicodeString);
01589 
01590 _IRQL_requires_max_(PASSIVE_LEVEL)
01591 NTSYSAPI
01592 NTSTATUS
01593 NTAPI
01594 RtlUpcaseUnicodeToCustomCPN(
01595   _In_ PCPTABLEINFO CustomCP,
01596   _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
01597   _In_ ULONG MaxBytesInCustomCPString,
01598   _Out_opt_ PULONG BytesInCustomCPString,
01599   _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
01600   _In_ ULONG BytesInUnicodeString);
01601 
01602 _IRQL_requires_max_(PASSIVE_LEVEL)
01603 NTSYSAPI
01604 VOID
01605 NTAPI
01606 RtlInitCodePageTable(
01607   _In_ PUSHORT TableBase,
01608   _Inout_ PCPTABLEINFO CodePageTable);
01609 
01610 
01611 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
01612 
01613 
01614 #if (NTDDI_VERSION >= NTDDI_WINXP)
01615 
01616 
01617 
01618 _Must_inspect_result_
01619 NTSYSAPI
01620 PVOID
01621 NTAPI
01622 RtlCreateHeap(
01623   _In_ ULONG Flags,
01624   _In_opt_ PVOID HeapBase,
01625   _In_opt_ SIZE_T ReserveSize,
01626   _In_opt_ SIZE_T CommitSize,
01627   _In_opt_ PVOID Lock,
01628   _In_opt_ PRTL_HEAP_PARAMETERS Parameters);
01629 
01630 NTSYSAPI
01631 PVOID
01632 NTAPI
01633 RtlDestroyHeap(
01634   _In_ _Post_invalid_ PVOID HeapHandle);
01635 
01636 NTSYSAPI
01637 USHORT
01638 NTAPI
01639 RtlCaptureStackBackTrace(
01640   _In_ ULONG FramesToSkip,
01641   _In_ ULONG FramesToCapture,
01642   _Out_writes_to_(FramesToCapture, return) PVOID *BackTrace,
01643   _Out_opt_ PULONG BackTraceHash);
01644 
01645 _Ret_range_(<, MAXLONG)
01646 NTSYSAPI
01647 ULONG
01648 NTAPI
01649 RtlRandomEx(
01650   _Inout_ PULONG Seed);
01651 
01652 _IRQL_requires_max_(DISPATCH_LEVEL)
01653 NTSYSAPI
01654 NTSTATUS
01655 NTAPI
01656 RtlInitUnicodeStringEx(
01657   _Out_ PUNICODE_STRING DestinationString,
01658   _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
01659 
01660 _Must_inspect_result_
01661 NTSYSAPI
01662 NTSTATUS
01663 NTAPI
01664 RtlValidateUnicodeString(
01665   _In_ ULONG Flags,
01666   _In_ PCUNICODE_STRING String);
01667 
01668 _IRQL_requires_max_(PASSIVE_LEVEL)
01669 _Must_inspect_result_
01670 NTSYSAPI
01671 NTSTATUS
01672 NTAPI
01673 RtlDuplicateUnicodeString(
01674   _In_ ULONG Flags,
01675   _In_ PCUNICODE_STRING SourceString,
01676   _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)) PUNICODE_STRING DestinationString);
01677 
01678 NTSYSAPI
01679 NTSTATUS
01680 NTAPI
01681 RtlGetCompressionWorkSpaceSize(
01682   _In_ USHORT CompressionFormatAndEngine,
01683   _Out_ PULONG CompressBufferWorkSpaceSize,
01684   _Out_ PULONG CompressFragmentWorkSpaceSize);
01685 
01686 NTSYSAPI
01687 NTSTATUS
01688 NTAPI
01689 RtlCompressBuffer(
01690   _In_ USHORT CompressionFormatAndEngine,
01691   _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01692   _In_ ULONG UncompressedBufferSize,
01693   _Out_writes_bytes_to_(CompressedBufferSize, *FinalCompressedSize) PUCHAR CompressedBuffer,
01694   _In_ ULONG CompressedBufferSize,
01695   _In_ ULONG UncompressedChunkSize,
01696   _Out_ PULONG FinalCompressedSize,
01697   _In_ PVOID WorkSpace);
01698 
01699 _IRQL_requires_max_(APC_LEVEL)
01700 NTSYSAPI
01701 NTSTATUS
01702 NTAPI
01703 RtlDecompressBuffer(
01704   _In_ USHORT CompressionFormat,
01705   _Out_writes_bytes_to_(UncompressedBufferSize, *FinalUncompressedSize) PUCHAR UncompressedBuffer,
01706   _In_ ULONG UncompressedBufferSize,
01707   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01708   _In_ ULONG CompressedBufferSize,
01709   _Out_ PULONG FinalUncompressedSize);
01710 
01711 _IRQL_requires_max_(APC_LEVEL)
01712 NTSYSAPI
01713 NTSTATUS
01714 NTAPI
01715 RtlDecompressFragment(
01716   _In_ USHORT CompressionFormat,
01717   _Out_writes_bytes_to_(UncompressedFragmentSize, *FinalUncompressedSize) PUCHAR UncompressedFragment,
01718   _In_ ULONG UncompressedFragmentSize,
01719   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01720   _In_ ULONG CompressedBufferSize,
01721   _In_range_(<, CompressedBufferSize) ULONG FragmentOffset,
01722   _Out_ PULONG FinalUncompressedSize,
01723   _In_ PVOID WorkSpace);
01724 
01725 _IRQL_requires_max_(APC_LEVEL)
01726 NTSYSAPI
01727 NTSTATUS
01728 NTAPI
01729 RtlDescribeChunk(
01730   _In_ USHORT CompressionFormat,
01731   _Inout_ PUCHAR *CompressedBuffer,
01732   _In_ PUCHAR EndOfCompressedBufferPlus1,
01733   _Out_ PUCHAR *ChunkBuffer,
01734   _Out_ PULONG ChunkSize);
01735 
01736 _IRQL_requires_max_(APC_LEVEL)
01737 NTSYSAPI
01738 NTSTATUS
01739 NTAPI
01740 RtlReserveChunk(
01741   _In_ USHORT CompressionFormat,
01742   _Inout_ PUCHAR *CompressedBuffer,
01743   _In_ PUCHAR EndOfCompressedBufferPlus1,
01744   _Out_ PUCHAR *ChunkBuffer,
01745   _In_ ULONG ChunkSize);
01746 
01747 _IRQL_requires_max_(APC_LEVEL)
01748 NTSYSAPI
01749 NTSTATUS
01750 NTAPI
01751 RtlDecompressChunks(
01752   _Out_writes_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01753   _In_ ULONG UncompressedBufferSize,
01754   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01755   _In_ ULONG CompressedBufferSize,
01756   _In_reads_bytes_(CompressedTailSize) PUCHAR CompressedTail,
01757   _In_ ULONG CompressedTailSize,
01758   _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo);
01759 
01760 _IRQL_requires_max_(APC_LEVEL)
01761 NTSYSAPI
01762 NTSTATUS
01763 NTAPI
01764 RtlCompressChunks(
01765   _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01766   _In_ ULONG UncompressedBufferSize,
01767   _Out_writes_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01768   _In_range_(>=, (UncompressedBufferSize - (UncompressedBufferSize / 16))) ULONG CompressedBufferSize,
01769   _Inout_updates_bytes_(CompressedDataInfoLength) PCOMPRESSED_DATA_INFO CompressedDataInfo,
01770   _In_range_(>, sizeof(COMPRESSED_DATA_INFO)) ULONG CompressedDataInfoLength,
01771   _In_ PVOID WorkSpace);
01772 
01773 _IRQL_requires_max_(APC_LEVEL)
01774 NTSYSAPI
01775 PSID_IDENTIFIER_AUTHORITY
01776 NTAPI
01777 RtlIdentifierAuthoritySid(
01778   _In_ PSID Sid);
01779 
01780 NTSYSAPI
01781 PUCHAR
01782 NTAPI
01783 RtlSubAuthorityCountSid(
01784   _In_ PSID Sid);
01785 
01786 _When_(Status < 0, _Out_range_(>, 0))
01787 _When_(Status >= 0, _Out_range_(==, 0))
01788 NTSYSAPI
01789 ULONG
01790 NTAPI
01791 RtlNtStatusToDosErrorNoTeb(
01792   _In_ NTSTATUS Status);
01793 
01794 _IRQL_requires_max_(PASSIVE_LEVEL)
01795 NTSYSAPI
01796 NTSTATUS
01797 NTAPI
01798 RtlCreateSystemVolumeInformationFolder(
01799   _In_ PCUNICODE_STRING VolumeRootPath);
01800 
01801 #if defined(_M_AMD64)
01802 
01803 FORCEINLINE
01804 VOID
01805 RtlFillMemoryUlong(
01806   _Out_writes_bytes_all_(Length) PVOID Destination,
01807   _In_ SIZE_T Length,
01808   _In_ ULONG Pattern)
01809 {
01810   PULONG Address = (PULONG)Destination;
01811   if ((Length /= 4) != 0) {
01812     if (((ULONG64)Address & 4) != 0) {
01813       *Address = Pattern;
01814       if ((Length -= 1) == 0) {
01815         return;
01816       }
01817       Address += 1;
01818     }
01819     __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
01820     if ((Length & 1) != 0) Address[Length - 1] = Pattern;
01821   }
01822   return;
01823 }
01824 
01825 #define RtlFillMemoryUlonglong(Destination, Length, Pattern)                \
01826     __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
01827 
01828 #else
01829 
01830 NTSYSAPI
01831 VOID
01832 NTAPI
01833 RtlFillMemoryUlong(
01834   OUT PVOID Destination,
01835   IN SIZE_T Length,
01836   IN ULONG Pattern);
01837 
01838 NTSYSAPI
01839 VOID
01840 NTAPI
01841 RtlFillMemoryUlonglong(
01842   _Out_writes_bytes_all_(Length) PVOID Destination,
01843   _In_ SIZE_T Length,
01844   _In_ ULONGLONG Pattern);
01845 
01846 #endif /* defined(_M_AMD64) */
01847 
01848 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
01849 
01850 #if (NTDDI_VERSION >= NTDDI_WS03)
01851 _IRQL_requires_max_(DISPATCH_LEVEL)
01852 NTSYSAPI
01853 NTSTATUS
01854 NTAPI
01855 RtlInitAnsiStringEx(
01856   _Out_ PANSI_STRING DestinationString,
01857   _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
01858 #endif
01859 
01860 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
01861 
01862 _IRQL_requires_max_(APC_LEVEL)
01863 NTSYSAPI
01864 NTSTATUS
01865 NTAPI
01866 RtlGetSaclSecurityDescriptor(
01867   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01868   _Out_ PBOOLEAN SaclPresent,
01869   _Out_ PACL *Sacl,
01870   _Out_ PBOOLEAN SaclDefaulted);
01871 
01872 _IRQL_requires_max_(APC_LEVEL)
01873 NTSYSAPI
01874 NTSTATUS
01875 NTAPI
01876 RtlSetGroupSecurityDescriptor(
01877   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01878   _In_opt_ PSID Group,
01879   _In_opt_ BOOLEAN GroupDefaulted);
01880 
01881 _IRQL_requires_max_(APC_LEVEL)
01882 NTSYSAPI
01883 NTSTATUS
01884 NTAPI
01885 RtlGetGroupSecurityDescriptor(
01886   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01887   _Out_ PSID *Group,
01888   _Out_ PBOOLEAN GroupDefaulted);
01889 
01890 _IRQL_requires_max_(APC_LEVEL)
01891 NTSYSAPI
01892 NTSTATUS
01893 NTAPI
01894 RtlAbsoluteToSelfRelativeSD(
01895   _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
01896   _Out_writes_bytes_to_opt_(*BufferLength, *BufferLength) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
01897   _Inout_ PULONG BufferLength);
01898 
01899 _IRQL_requires_max_(APC_LEVEL)
01900 NTSYSAPI
01901 NTSTATUS
01902 NTAPI
01903 RtlSelfRelativeToAbsoluteSD(
01904   _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
01905   _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize, *AbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
01906   _Inout_ PULONG AbsoluteSecurityDescriptorSize,
01907   _Out_writes_bytes_to_opt_(*DaclSize, *DaclSize) PACL Dacl,
01908   _Inout_ PULONG DaclSize,
01909   _Out_writes_bytes_to_opt_(*SaclSize, *SaclSize) PACL Sacl,
01910   _Inout_ PULONG SaclSize,
01911   _Out_writes_bytes_to_opt_(*OwnerSize, *OwnerSize) PSID Owner,
01912   _Inout_ PULONG OwnerSize,
01913   _Out_writes_bytes_to_opt_(*PrimaryGroupSize, *PrimaryGroupSize) PSID PrimaryGroup,
01914   _Inout_ PULONG PrimaryGroupSize);
01915 
01916 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
01917 
01918 #if (NTDDI_VERSION >= NTDDI_VISTA)
01919 
01920 NTSYSAPI
01921 NTSTATUS
01922 NTAPI
01923 RtlNormalizeString(
01924   _In_ ULONG NormForm,
01925   _In_ PCWSTR SourceString,
01926   _In_ LONG SourceStringLength,
01927   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01928   _Inout_ PLONG DestinationStringLength);
01929 
01930 NTSYSAPI
01931 NTSTATUS
01932 NTAPI
01933 RtlIsNormalizedString(
01934   _In_ ULONG NormForm,
01935   _In_ PCWSTR SourceString,
01936   _In_ LONG SourceStringLength,
01937   _Out_ PBOOLEAN Normalized);
01938 
01939 NTSYSAPI
01940 NTSTATUS
01941 NTAPI
01942 RtlIdnToAscii(
01943   _In_ ULONG Flags,
01944   _In_ PCWSTR SourceString,
01945   _In_ LONG SourceStringLength,
01946   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01947   _Inout_ PLONG DestinationStringLength);
01948 
01949 NTSYSAPI
01950 NTSTATUS
01951 NTAPI
01952 RtlIdnToUnicode(
01953   IN ULONG Flags,
01954   IN PCWSTR SourceString,
01955   IN LONG SourceStringLength,
01956   OUT PWSTR DestinationString,
01957   IN OUT PLONG DestinationStringLength);
01958 
01959 NTSYSAPI
01960 NTSTATUS
01961 NTAPI
01962 RtlIdnToNameprepUnicode(
01963   _In_ ULONG Flags,
01964   _In_ PCWSTR SourceString,
01965   _In_ LONG SourceStringLength,
01966   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01967   _Inout_ PLONG DestinationStringLength);
01968 
01969 NTSYSAPI
01970 NTSTATUS
01971 NTAPI
01972 RtlCreateServiceSid(
01973   _In_ PUNICODE_STRING ServiceName,
01974   _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
01975   _Inout_ PULONG ServiceSidLength);
01976 
01977 NTSYSAPI
01978 LONG
01979 NTAPI
01980 RtlCompareAltitudes(
01981   _In_ PCUNICODE_STRING Altitude1,
01982   _In_ PCUNICODE_STRING Altitude2);
01983 
01984 
01985 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
01986 
01987 #if (NTDDI_VERSION >= NTDDI_WIN7)
01988 
01989 _IRQL_requires_max_(PASSIVE_LEVEL)
01990 _Must_inspect_result_
01991 NTSYSAPI
01992 NTSTATUS
01993 NTAPI
01994 RtlUnicodeToUTF8N(
01995   _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount) PCHAR UTF8StringDestination,
01996   _In_ ULONG UTF8StringMaxByteCount,
01997   _Out_ PULONG UTF8StringActualByteCount,
01998   _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
01999   _In_ ULONG UnicodeStringByteCount);
02000 
02001 _IRQL_requires_max_(PASSIVE_LEVEL)
02002 _Must_inspect_result_
02003 NTSYSAPI
02004 NTSTATUS
02005 NTAPI
02006 RtlUTF8ToUnicodeN(
02007   _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount) PWSTR UnicodeStringDestination,
02008   _In_ ULONG UnicodeStringMaxByteCount,
02009   _Out_ PULONG UnicodeStringActualByteCount,
02010   _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
02011   _In_ ULONG UTF8StringByteCount);
02012 
02013 _IRQL_requires_max_(APC_LEVEL)
02014 NTSYSAPI
02015 NTSTATUS
02016 NTAPI
02017 RtlReplaceSidInSd(
02018   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02019   _In_ PSID OldSid,
02020   _In_ PSID NewSid,
02021   _Out_ ULONG *NumChanges);
02022 
02023 NTSYSAPI
02024 NTSTATUS
02025 NTAPI
02026 RtlCreateVirtualAccountSid(
02027   _In_ PCUNICODE_STRING Name,
02028   _In_ ULONG BaseSubAuthority,
02029   _Out_writes_bytes_(*SidLength) PSID Sid,
02030   _Inout_ PULONG SidLength);
02031 
02032 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
02033 
02034 
02035 #if defined(_AMD64_) || defined(_IA64_)
02036 
02037 
02038 
02039 #endif /* defined(_AMD64_) || defined(_IA64_) */
02040 
02041 
02042 
02043 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
02044 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
02045 
02046 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ?                                \
02047                                            RtlxUnicodeStringToOemSize(STRING) :                      \
02048                                            ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
02049 )
02050 
02051 #define RtlOemStringToUnicodeSize(STRING) (                 \
02052     NLS_MB_OEM_CODE_PAGE_TAG ?                              \
02053     RtlxOemStringToUnicodeSize(STRING) :                    \
02054     ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR)  \
02055 )
02056 
02057 #define RtlOemStringToCountedUnicodeSize(STRING) (                    \
02058     (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
02059 )
02060 
02061 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
02062 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
02063 
02064 _IRQL_requires_max_(PASSIVE_LEVEL)
02065 __kernel_entry
02066 NTSYSCALLAPI
02067 NTSTATUS
02068 NTAPI
02069 NtQueryObject(
02070   _In_opt_ HANDLE Handle,
02071   _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
02072   _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
02073   _In_ ULONG ObjectInformationLength,
02074   _Out_opt_ PULONG ReturnLength);
02075 
02076 #if (NTDDI_VERSION >= NTDDI_WIN2K)
02077 
02078 _Must_inspect_result_
02079 __kernel_entry
02080 NTSYSCALLAPI
02081 NTSTATUS
02082 NTAPI
02083 NtOpenThreadToken(
02084   _In_ HANDLE ThreadHandle,
02085   _In_ ACCESS_MASK DesiredAccess,
02086   _In_ BOOLEAN OpenAsSelf,
02087   _Out_ PHANDLE TokenHandle);
02088 
02089 _Must_inspect_result_
02090 __kernel_entry
02091 NTSYSCALLAPI
02092 NTSTATUS
02093 NTAPI
02094 NtOpenProcessToken(
02095   _In_ HANDLE ProcessHandle,
02096   _In_ ACCESS_MASK DesiredAccess,
02097   _Out_ PHANDLE TokenHandle);
02098 
02099 _When_(TokenInformationClass == TokenAccessInformation,
02100   _At_(TokenInformationLength,
02101        _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
02102 _Must_inspect_result_
02103 __kernel_entry
02104 NTSYSCALLAPI
02105 NTSTATUS
02106 NTAPI
02107 NtQueryInformationToken(
02108   _In_ HANDLE TokenHandle,
02109   _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
02110   _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
02111   _In_ ULONG TokenInformationLength,
02112   _Out_ PULONG ReturnLength);
02113 
02114 _Must_inspect_result_
02115 __kernel_entry
02116 NTSYSCALLAPI
02117 NTSTATUS
02118 NTAPI
02119 NtAdjustPrivilegesToken(
02120   _In_ HANDLE TokenHandle,
02121   _In_ BOOLEAN DisableAllPrivileges,
02122   _In_opt_ PTOKEN_PRIVILEGES NewState,
02123   _In_ ULONG BufferLength,
02124   _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
02125   _Out_ _When_(PreviousState == NULL, _Out_opt_) PULONG ReturnLength);
02126 
02127 __kernel_entry
02128 NTSYSCALLAPI
02129 NTSTATUS
02130 NTAPI
02131 NtCreateFile(
02132   _Out_ PHANDLE FileHandle,
02133   _In_ ACCESS_MASK DesiredAccess,
02134   _In_ POBJECT_ATTRIBUTES ObjectAttributes,
02135   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02136   _In_opt_ PLARGE_INTEGER AllocationSize,
02137   _In_ ULONG FileAttributes,
02138   _In_ ULONG ShareAccess,
02139   _In_ ULONG CreateDisposition,
02140   _In_ ULONG CreateOptions,
02141   _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
02142   _In_ ULONG EaLength);
02143 
02144 __kernel_entry
02145 NTSYSCALLAPI
02146 NTSTATUS
02147 NTAPI
02148 NtDeviceIoControlFile(
02149   _In_ HANDLE FileHandle,
02150   _In_opt_ HANDLE Event,
02151   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02152   _In_opt_ PVOID ApcContext,
02153   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02154   _In_ ULONG IoControlCode,
02155   _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
02156   _In_ ULONG InputBufferLength,
02157   _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
02158   _In_ ULONG OutputBufferLength);
02159 
02160 __kernel_entry
02161 NTSYSCALLAPI
02162 NTSTATUS
02163 NTAPI
02164 NtFsControlFile(
02165   _In_ HANDLE FileHandle,
02166   _In_opt_ HANDLE Event,
02167   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02168   _In_opt_ PVOID ApcContext,
02169   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02170   _In_ ULONG FsControlCode,
02171   _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
02172   _In_ ULONG InputBufferLength,
02173   _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
02174   _In_ ULONG OutputBufferLength);
02175 
02176 __kernel_entry
02177 NTSYSCALLAPI
02178 NTSTATUS
02179 NTAPI
02180 NtLockFile(
02181   _In_ HANDLE FileHandle,
02182   _In_opt_ HANDLE Event,
02183   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02184   _In_opt_ PVOID ApcContext,
02185   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02186   _In_ PLARGE_INTEGER ByteOffset,
02187   _In_ PLARGE_INTEGER Length,
02188   _In_ ULONG Key,
02189   _In_ BOOLEAN FailImmediately,
02190   _In_ BOOLEAN ExclusiveLock);
02191 
02192 __kernel_entry
02193 NTSYSCALLAPI
02194 NTSTATUS
02195 NTAPI
02196 NtOpenFile(
02197   _Out_ PHANDLE FileHandle,
02198   _In_ ACCESS_MASK DesiredAccess,
02199   _In_ POBJECT_ATTRIBUTES ObjectAttributes,
02200   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02201   _In_ ULONG ShareAccess,
02202   _In_ ULONG OpenOptions);
02203 
02204 __kernel_entry
02205 NTSYSCALLAPI
02206 NTSTATUS
02207 NTAPI
02208 NtQueryDirectoryFile(
02209   _In_ HANDLE FileHandle,
02210   _In_opt_ HANDLE Event,
02211   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02212   _In_opt_ PVOID ApcContext,
02213   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02214   _Out_writes_bytes_(Length) PVOID FileInformation,
02215   _In_ ULONG Length,
02216   _In_ FILE_INFORMATION_CLASS FileInformationClass,
02217   _In_ BOOLEAN ReturnSingleEntry,
02218   _In_opt_ PUNICODE_STRING FileName,
02219   _In_ BOOLEAN RestartScan);
02220 
02221 __kernel_entry
02222 NTSYSCALLAPI
02223 NTSTATUS
02224 NTAPI
02225 NtQueryInformationFile(
02226   _In_ HANDLE FileHandle,
02227   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02228   _Out_writes_bytes_(Length) PVOID FileInformation,
02229   _In_ ULONG Length,
02230   _In_ FILE_INFORMATION_CLASS FileInformationClass);
02231 
02232 __kernel_entry
02233 NTSYSCALLAPI
02234 NTSTATUS
02235 NTAPI
02236 NtQueryQuotaInformationFile(
02237   _In_ HANDLE FileHandle,
02238   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02239   _Out_writes_bytes_(Length) PVOID Buffer,
02240   _In_ ULONG Length,
02241   _In_ BOOLEAN ReturnSingleEntry,
02242   _In_reads_bytes_opt_(SidListLength) PVOID SidList,
02243   _In_ ULONG SidListLength,
02244   _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
02245   _In_ BOOLEAN RestartScan);
02246 
02247 __kernel_entry
02248 NTSYSCALLAPI
02249 NTSTATUS
02250 NTAPI
02251 NtQueryVolumeInformationFile(
02252   _In_ HANDLE FileHandle,
02253   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02254   _Out_writes_bytes_(Length) PVOID FsInformation,
02255   _In_ ULONG Length,
02256   _In_ FS_INFORMATION_CLASS FsInformationClass);
02257 
02258 __kernel_entry
02259 NTSYSCALLAPI
02260 NTSTATUS
02261 NTAPI
02262 NtReadFile(
02263   _In_ HANDLE FileHandle,
02264   _In_opt_ HANDLE Event,
02265   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02266   _In_opt_ PVOID ApcContext,
02267   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02268   _Out_writes_bytes_(Length) PVOID Buffer,
02269   _In_ ULONG Length,
02270   _In_opt_ PLARGE_INTEGER ByteOffset,
02271   _In_opt_ PULONG Key);
02272 
02273 __kernel_entry
02274 NTSYSCALLAPI
02275 NTSTATUS
02276 NTAPI
02277 NtSetInformationFile(
02278   _In_ HANDLE FileHandle,
02279   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02280   _In_reads_bytes_(Length) PVOID FileInformation,
02281   _In_ ULONG Length,
02282   _In_ FILE_INFORMATION_CLASS FileInformationClass);
02283 
02284 __kernel_entry
02285 NTSYSCALLAPI
02286 NTSTATUS
02287 NTAPI
02288 NtSetQuotaInformationFile(
02289   _In_ HANDLE FileHandle,
02290   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02291   _In_reads_bytes_(Length) PVOID Buffer,
02292   _In_ ULONG Length);
02293 
02294 __kernel_entry
02295 NTSYSCALLAPI
02296 NTSTATUS
02297 NTAPI
02298 NtSetVolumeInformationFile(
02299   _In_ HANDLE FileHandle,
02300   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02301   _In_reads_bytes_(Length) PVOID FsInformation,
02302   _In_ ULONG Length,
02303   _In_ FS_INFORMATION_CLASS FsInformationClass);
02304 
02305 __kernel_entry
02306 NTSYSCALLAPI
02307 NTSTATUS
02308 NTAPI
02309 NtWriteFile(
02310   _In_ HANDLE FileHandle,
02311   _In_opt_ HANDLE Event,
02312   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02313   _In_opt_ PVOID ApcContext,
02314   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02315   _In_reads_bytes_(Length) PVOID Buffer,
02316   _In_ ULONG Length,
02317   _In_opt_ PLARGE_INTEGER ByteOffset,
02318   _In_opt_ PULONG Key);
02319 
02320 __kernel_entry
02321 NTSYSCALLAPI
02322 NTSTATUS
02323 NTAPI
02324 NtUnlockFile(
02325   _In_ HANDLE FileHandle,
02326   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02327   _In_ PLARGE_INTEGER ByteOffset,
02328   _In_ PLARGE_INTEGER Length,
02329   _In_ ULONG Key);
02330 
02331 _IRQL_requires_max_(PASSIVE_LEVEL)
02332 __kernel_entry
02333 NTSYSCALLAPI
02334 NTSTATUS
02335 NTAPI
02336 NtSetSecurityObject(
02337   _In_ HANDLE Handle,
02338   _In_ SECURITY_INFORMATION SecurityInformation,
02339   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
02340 
02341 _IRQL_requires_max_(PASSIVE_LEVEL)
02342 __kernel_entry
02343 NTSYSCALLAPI
02344 NTSTATUS
02345 NTAPI
02346 NtQuerySecurityObject(
02347   _In_ HANDLE Handle,
02348   _In_ SECURITY_INFORMATION SecurityInformation,
02349   _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
02350   _In_ ULONG Length,
02351   _Out_ PULONG LengthNeeded);
02352 
02353 _IRQL_requires_max_(PASSIVE_LEVEL)
02354 __kernel_entry
02355 NTSYSCALLAPI
02356 NTSTATUS
02357 NTAPI
02358 NtClose(
02359   _In_ HANDLE Handle);
02360 
02361 _Must_inspect_result_
02362 __drv_allocatesMem(Mem)
02363 __kernel_entry
02364 NTSYSCALLAPI
02365 NTSTATUS
02366 NTAPI
02367 NtAllocateVirtualMemory(
02368   _In_ HANDLE ProcessHandle,
02369   _Outptr_result_bytebuffer_(*RegionSize) PVOID *BaseAddress,
02370   _In_ ULONG_PTR ZeroBits,
02371   _Inout_ PSIZE_T RegionSize,
02372   _In_ ULONG AllocationType,
02373   _In_ ULONG Protect);
02374 
02375 __kernel_entry
02376 NTSYSCALLAPI
02377 NTSTATUS
02378 NTAPI
02379 NtFreeVirtualMemory(
02380   _In_ HANDLE ProcessHandle,
02381   _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
02382   _Inout_ PSIZE_T RegionSize,
02383   _In_ ULONG FreeType);
02384 
02385 #endif
02386 
02387 #if (NTDDI_VERSION >= NTDDI_WINXP)
02388 
02389 _Must_inspect_result_
02390 __kernel_entry
02391 NTSYSCALLAPI
02392 NTSTATUS
02393 NTAPI
02394 NtOpenThreadTokenEx(
02395   _In_ HANDLE ThreadHandle,
02396   _In_ ACCESS_MASK DesiredAccess,
02397   _In_ BOOLEAN OpenAsSelf,
02398   _In_ ULONG HandleAttributes,
02399   _Out_ PHANDLE TokenHandle);
02400 
02401 _Must_inspect_result_
02402 __kernel_entry
02403 NTSYSCALLAPI
02404 NTSTATUS
02405 NTAPI
02406 NtOpenProcessTokenEx(
02407   _In_ HANDLE ProcessHandle,
02408   _In_ ACCESS_MASK DesiredAccess,
02409   _In_ ULONG HandleAttributes,
02410   _Out_ PHANDLE TokenHandle);
02411 
02412 _Must_inspect_result_
02413 NTSYSAPI
02414 NTSTATUS
02415 NTAPI
02416 NtOpenJobObjectToken(
02417   _In_ HANDLE JobHandle,
02418   _In_ ACCESS_MASK DesiredAccess,
02419   _Out_ PHANDLE TokenHandle);
02420 
02421 _Must_inspect_result_
02422 __kernel_entry
02423 NTSYSCALLAPI
02424 NTSTATUS
02425 NTAPI
02426 NtDuplicateToken(
02427   _In_ HANDLE ExistingTokenHandle,
02428   _In_ ACCESS_MASK DesiredAccess,
02429   _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
02430   _In_ BOOLEAN EffectiveOnly,
02431   _In_ TOKEN_TYPE TokenType,
02432   _Out_ PHANDLE NewTokenHandle);
02433 
02434 _Must_inspect_result_
02435 __kernel_entry
02436 NTSYSCALLAPI
02437 NTSTATUS
02438 NTAPI
02439 NtFilterToken(
02440   _In_ HANDLE ExistingTokenHandle,
02441   _In_ ULONG Flags,
02442   _In_opt_ PTOKEN_GROUPS SidsToDisable,
02443   _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
02444   _In_opt_ PTOKEN_GROUPS RestrictedSids,
02445   _Out_ PHANDLE NewTokenHandle);
02446 
02447 _Must_inspect_result_
02448 __kernel_entry
02449 NTSYSCALLAPI
02450 NTSTATUS
02451 NTAPI
02452 NtImpersonateAnonymousToken(
02453   _In_ HANDLE ThreadHandle);
02454 
02455 _Must_inspect_result_
02456 __kernel_entry
02457 NTSYSCALLAPI
02458 NTSTATUS
02459 NTAPI
02460 NtSetInformationToken(
02461   _In_ HANDLE TokenHandle,
02462   _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
02463   _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
02464   _In_ ULONG TokenInformationLength);
02465 
02466 _Must_inspect_result_
02467 __kernel_entry
02468 NTSYSCALLAPI
02469 NTSTATUS
02470 NTAPI
02471 NtAdjustGroupsToken(
02472   _In_ HANDLE TokenHandle,
02473   _In_ BOOLEAN ResetToDefault,
02474   _In_opt_ PTOKEN_GROUPS NewState,
02475   _In_opt_ ULONG BufferLength,
02476   _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
02477   _Out_ PULONG ReturnLength);
02478 
02479 _Must_inspect_result_
02480 __kernel_entry
02481 NTSYSCALLAPI
02482 NTSTATUS
02483 NTAPI
02484 NtPrivilegeCheck(
02485   _In_ HANDLE ClientToken,
02486   _Inout_ PPRIVILEGE_SET RequiredPrivileges,
02487   _Out_ PBOOLEAN Result);
02488 
02489 _Must_inspect_result_
02490 __kernel_entry
02491 NTSYSCALLAPI
02492 NTSTATUS
02493 NTAPI
02494 NtAccessCheckAndAuditAlarm(
02495   _In_ PUNICODE_STRING SubsystemName,
02496   _In_opt_ PVOID HandleId,
02497   _In_ PUNICODE_STRING ObjectTypeName,
02498   _In_ PUNICODE_STRING ObjectName,
02499   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02500   _In_ ACCESS_MASK DesiredAccess,
02501   _In_ PGENERIC_MAPPING GenericMapping,
02502   _In_ BOOLEAN ObjectCreation,
02503   _Out_ PACCESS_MASK GrantedAccess,
02504   _Out_ PNTSTATUS AccessStatus,
02505   _Out_ PBOOLEAN GenerateOnClose);
02506 
02507 _Must_inspect_result_
02508 __kernel_entry
02509 NTSYSCALLAPI
02510 NTSTATUS
02511 NTAPI
02512 NtAccessCheckByTypeAndAuditAlarm(
02513   _In_ PUNICODE_STRING SubsystemName,
02514   _In_opt_ PVOID HandleId,
02515   _In_ PUNICODE_STRING ObjectTypeName,
02516   _In_ PUNICODE_STRING ObjectName,
02517   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02518   _In_opt_ PSID PrincipalSelfSid,
02519   _In_ ACCESS_MASK DesiredAccess,
02520   _In_ AUDIT_EVENT_TYPE AuditType,
02521   _In_ ULONG Flags,
02522   _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
02523   _In_ ULONG ObjectTypeLength,
02524   _In_ PGENERIC_MAPPING GenericMapping,
02525   _In_ BOOLEAN ObjectCreation,
02526   _Out_ PACCESS_MASK GrantedAccess,
02527   _Out_ PNTSTATUS AccessStatus,
02528   _Out_ PBOOLEAN GenerateOnClose);
02529 
02530 _Must_inspect_result_
02531 __kernel_entry
02532 NTSYSCALLAPI
02533 NTSTATUS
02534 NTAPI
02535 NtAccessCheckByTypeResultListAndAuditAlarm(
02536   _In_ PUNICODE_STRING SubsystemName,
02537   _In_opt_ PVOID HandleId,
02538   _In_ PUNICODE_STRING ObjectTypeName,
02539   _In_ PUNICODE_STRING ObjectName,
02540   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02541   _In_opt_ PSID PrincipalSelfSid,
02542   _In_ ACCESS_MASK DesiredAccess,
02543   _In_ AUDIT_EVENT_TYPE AuditType,
02544   _In_ ULONG Flags,
02545   _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
02546   _In_ ULONG ObjectTypeListLength,
02547   _In_ PGENERIC_MAPPING GenericMapping,
02548   _In_ BOOLEAN ObjectCreation,
02549   _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
02550   _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
02551   _Out_ PBOOLEAN GenerateOnClose);
02552 
02553 _Must_inspect_result_
02554 __kernel_entry
02555 NTSYSCALLAPI
02556 NTSTATUS
02557 NTAPI
02558 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
02559   _In_ PUNICODE_STRING SubsystemName,
02560   _In_opt_ PVOID HandleId,
02561   _In_ HANDLE ClientToken,
02562   _In_ PUNICODE_STRING ObjectTypeName,
02563   _In_ PUNICODE_STRING ObjectName,
02564   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02565   _In_opt_ PSID PrincipalSelfSid,
02566   _In_ ACCESS_MASK DesiredAccess,
02567   _In_ AUDIT_EVENT_TYPE AuditType,
02568   _In_ ULONG Flags,
02569   _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
02570   _In_ ULONG ObjectTypeListLength,
02571   _In_ PGENERIC_MAPPING GenericMapping,
02572   _In_ BOOLEAN ObjectCreation,
02573   _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
02574   _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
02575   _Out_ PBOOLEAN GenerateOnClose);
02576 
02577 __kernel_entry
02578 NTSYSCALLAPI
02579 NTSTATUS
02580 NTAPI
02581 NtOpenObjectAuditAlarm(
02582   _In_ PUNICODE_STRING SubsystemName,
02583   _In_opt_ PVOID HandleId,
02584   _In_ PUNICODE_STRING ObjectTypeName,
02585   _In_ PUNICODE_STRING ObjectName,
02586   _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02587   _In_ HANDLE ClientToken,
02588   _In_ ACCESS_MASK DesiredAccess,
02589   _In_ ACCESS_MASK GrantedAccess,
02590   _In_opt_ PPRIVILEGE_SET Privileges,
02591   _In_ BOOLEAN ObjectCreation,
02592   _In_ BOOLEAN AccessGranted,
02593   _Out_ PBOOLEAN GenerateOnClose);
02594 
02595 __kernel_entry
02596 NTSYSCALLAPI
02597 NTSTATUS
02598 NTAPI
02599 NtPrivilegeObjectAuditAlarm(
02600   _In_ PUNICODE_STRING SubsystemName,
02601   _In_opt_ PVOID HandleId,
02602   _In_ HANDLE ClientToken,
02603   _In_ ACCESS_MASK DesiredAccess,
02604   _In_ PPRIVILEGE_SET Privileges,
02605   _In_ BOOLEAN AccessGranted);
02606 
02607 __kernel_entry
02608 NTSYSCALLAPI
02609 NTSTATUS
02610 NTAPI
02611 NtCloseObjectAuditAlarm(
02612   _In_ PUNICODE_STRING SubsystemName,
02613   _In_opt_ PVOID HandleId,
02614   _In_ BOOLEAN GenerateOnClose);
02615 
02616 __kernel_entry
02617 NTSYSCALLAPI
02618 NTSTATUS
02619 NTAPI
02620 NtDeleteObjectAuditAlarm(
02621   _In_ PUNICODE_STRING SubsystemName,
02622   _In_opt_ PVOID HandleId,
02623   _In_ BOOLEAN GenerateOnClose);
02624 
02625 __kernel_entry
02626 NTSYSCALLAPI
02627 NTSTATUS
02628 NTAPI
02629 NtPrivilegedServiceAuditAlarm(
02630   _In_ PUNICODE_STRING SubsystemName,
02631   _In_ PUNICODE_STRING ServiceName,
02632   _In_ HANDLE ClientToken,
02633   _In_ PPRIVILEGE_SET Privileges,
02634   _In_ BOOLEAN AccessGranted);
02635 
02636 __kernel_entry
02637 NTSYSCALLAPI
02638 NTSTATUS
02639 NTAPI
02640 NtSetInformationThread(
02641   _In_ HANDLE ThreadHandle,
02642   _In_ THREADINFOCLASS ThreadInformationClass,
02643   _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
02644   _In_ ULONG ThreadInformationLength);
02645 
02646 _Must_inspect_result_
02647 __kernel_entry
02648 NTSYSCALLAPI
02649 NTSTATUS
02650 NTAPI
02651 NtCreateSection(
02652   _Out_ PHANDLE SectionHandle,
02653   _In_ ACCESS_MASK DesiredAccess,
02654   _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
02655   _In_opt_ PLARGE_INTEGER MaximumSize,
02656   _In_ ULONG SectionPageProtection,
02657   _In_ ULONG AllocationAttributes,
02658   _In_opt_ HANDLE FileHandle);
02659 
02660 #endif
02661 
02662 #define COMPRESSION_FORMAT_NONE         (0x0000)
02663 #define COMPRESSION_FORMAT_DEFAULT      (0x0001)
02664 #define COMPRESSION_FORMAT_LZNT1        (0x0002)
02665 #define COMPRESSION_ENGINE_STANDARD     (0x0000)
02666 #define COMPRESSION_ENGINE_MAXIMUM      (0x0100)
02667 #define COMPRESSION_ENGINE_HIBER        (0x0200)
02668 
02669 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
02670 
02671 #define METHOD_FROM_CTL_CODE(ctrlCode)  ((ULONG)(ctrlCode & 3))
02672 
02673 #define METHOD_DIRECT_TO_HARDWARE       METHOD_IN_DIRECT
02674 #define METHOD_DIRECT_FROM_HARDWARE     METHOD_OUT_DIRECT
02675 
02676 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
02677 
02678 typedef enum _SECURITY_LOGON_TYPE {
02679   UndefinedLogonType = 0,
02680   Interactive = 2,
02681   Network,
02682   Batch,
02683   Service,
02684   Proxy,
02685   Unlock,
02686   NetworkCleartext,
02687   NewCredentials,
02688 #if (_WIN32_WINNT >= 0x0501)
02689   RemoteInteractive,
02690   CachedInteractive,
02691 #endif
02692 #if (_WIN32_WINNT >= 0x0502)
02693   CachedRemoteInteractive,
02694   CachedUnlock
02695 #endif
02696 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
02697 
02698 #ifndef _NTLSA_AUDIT_
02699 #define _NTLSA_AUDIT_
02700 
02701 #ifndef GUID_DEFINED
02702 #include <guiddef.h>
02703 #endif
02704 
02705 #endif /* _NTLSA_AUDIT_ */
02706 
02707 _IRQL_requires_same_
02708 _IRQL_requires_max_(PASSIVE_LEVEL)
02709 NTSTATUS
02710 NTAPI
02711 LsaRegisterLogonProcess(
02712   _In_ PLSA_STRING LogonProcessName,
02713   _Out_ PHANDLE LsaHandle,
02714   _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
02715 
02716 _IRQL_requires_same_
02717 _IRQL_requires_max_(PASSIVE_LEVEL)
02718 NTSTATUS
02719 NTAPI
02720 LsaLogonUser(
02721   _In_ HANDLE LsaHandle,
02722   _In_ PLSA_STRING OriginName,
02723   _In_ SECURITY_LOGON_TYPE LogonType,
02724   _In_ ULONG AuthenticationPackage,
02725   _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
02726   _In_ ULONG AuthenticationInformationLength,
02727   _In_opt_ PTOKEN_GROUPS LocalGroups,
02728   _In_ PTOKEN_SOURCE SourceContext,
02729   _Out_ PVOID *ProfileBuffer,
02730   _Out_ PULONG ProfileBufferLength,
02731   _Inout_ PLUID LogonId,
02732   _Out_ PHANDLE Token,
02733   _Out_ PQUOTA_LIMITS Quotas,
02734   _Out_ PNTSTATUS SubStatus);
02735 
02736 _IRQL_requires_same_
02737 NTSTATUS
02738 NTAPI
02739 LsaFreeReturnBuffer(
02740   _In_ PVOID Buffer);
02741 
02742 #ifndef _NTLSA_IFS_
02743 #define _NTLSA_IFS_
02744 #endif
02745 
02746 #define MSV1_0_PACKAGE_NAME     "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
02747 #define MSV1_0_PACKAGE_NAMEW    L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
02748 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
02749 
02750 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
02751 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
02752 
02753 #define MSV1_0_CHALLENGE_LENGTH                8
02754 #define MSV1_0_USER_SESSION_KEY_LENGTH         16
02755 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH       8
02756 
02757 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED      0x02
02758 #define MSV1_0_UPDATE_LOGON_STATISTICS         0x04
02759 #define MSV1_0_RETURN_USER_PARAMETERS          0x08
02760 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT          0x10
02761 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT      0x20
02762 #define MSV1_0_RETURN_PASSWORD_EXPIRY          0x40
02763 #define MSV1_0_USE_CLIENT_CHALLENGE            0x80
02764 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY          0x100
02765 #define MSV1_0_RETURN_PROFILE_PATH             0x200
02766 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY       0x400
02767 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
02768 
02769 #define MSV1_0_DISABLE_PERSONAL_FALLBACK     0x00001000
02770 #define MSV1_0_ALLOW_FORCE_GUEST             0x00002000
02771 
02772 #if (_WIN32_WINNT >= 0x0502)
02773 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED   0x00004000
02774 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY   0x00008000
02775 #endif
02776 
02777 #define MSV1_0_SUBAUTHENTICATION_DLL_EX      0x00100000
02778 #define MSV1_0_ALLOW_MSVCHAPV2               0x00010000
02779 
02780 #if (_WIN32_WINNT >= 0x0600)
02781 #define MSV1_0_S4U2SELF                      0x00020000
02782 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U      0x00040000
02783 #endif
02784 
02785 #define MSV1_0_SUBAUTHENTICATION_DLL         0xFF000000
02786 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT   24
02787 #define MSV1_0_MNS_LOGON                     0x01000000
02788 
02789 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS     2
02790 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS     132
02791 
02792 #define LOGON_GUEST                 0x01
02793 #define LOGON_NOENCRYPTION          0x02
02794 #define LOGON_CACHED_ACCOUNT        0x04
02795 #define LOGON_USED_LM_PASSWORD      0x08
02796 #define LOGON_EXTRA_SIDS            0x20
02797 #define LOGON_SUBAUTH_SESSION_KEY   0x40
02798 #define LOGON_SERVER_TRUST_ACCOUNT  0x80
02799 #define LOGON_NTLMV2_ENABLED        0x100
02800 #define LOGON_RESOURCE_GROUPS       0x200
02801 #define LOGON_PROFILE_PATH_RETURNED 0x400
02802 #define LOGON_NT_V2                 0x800
02803 #define LOGON_LM_V2                 0x1000
02804 #define LOGON_NTLM_V2               0x2000
02805 
02806 #if (_WIN32_WINNT >= 0x0600)
02807 
02808 #define LOGON_OPTIMIZED             0x4000
02809 #define LOGON_WINLOGON              0x8000
02810 #define LOGON_PKINIT               0x10000
02811 #define LOGON_NO_OPTIMIZED         0x20000
02812 
02813 #endif
02814 
02815 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
02816 
02817 #define LOGON_GRACE_LOGON              0x01000000
02818 
02819 #define MSV1_0_OWF_PASSWORD_LENGTH 16
02820 #define MSV1_0_CRED_LM_PRESENT 0x1
02821 #define MSV1_0_CRED_NT_PRESENT 0x2
02822 #define MSV1_0_CRED_VERSION 0
02823 
02824 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
02825 #define MSV1_0_NTLM3_OWF_LENGTH 16
02826 
02827 #if (_WIN32_WINNT == 0x0500)
02828 #define MSV1_0_MAX_NTLM3_LIFE 1800
02829 #else
02830 #define MSV1_0_MAX_NTLM3_LIFE 129600
02831 #endif
02832 #define MSV1_0_MAX_AVL_SIZE 64000
02833 
02834 #if (_WIN32_WINNT >= 0x0501)
02835 
02836 #define MSV1_0_AV_FLAG_FORCE_GUEST                  0x00000001
02837 
02838 #if (_WIN32_WINNT >= 0x0600)
02839 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES       0x00000002
02840 #endif
02841 
02842 #endif
02843 
02844 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
02845 
02846 #if(_WIN32_WINNT >= 0x0502)
02847 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
02848 #endif
02849 
02850 #define USE_PRIMARY_PASSWORD            0x01
02851 #define RETURN_PRIMARY_USERNAME         0x02
02852 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
02853 #define RETURN_NON_NT_USER_SESSION_KEY  0x08
02854 #define GENERATE_CLIENT_CHALLENGE       0x10
02855 #define GCR_NTLM3_PARMS                 0x20
02856 #define GCR_TARGET_INFO                 0x40
02857 #define RETURN_RESERVED_PARAMETER       0x80
02858 #define GCR_ALLOW_NTLM                 0x100
02859 #define GCR_USE_OEM_SET                0x200
02860 #define GCR_MACHINE_CREDENTIAL         0x400
02861 #define GCR_USE_OWF_PASSWORD           0x800
02862 #define GCR_ALLOW_LM                  0x1000
02863 #define GCR_ALLOW_NO_TARGET           0x2000
02864 
02865 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
02866   MsV1_0InteractiveLogon = 2,
02867   MsV1_0Lm20Logon,
02868   MsV1_0NetworkLogon,
02869   MsV1_0SubAuthLogon,
02870   MsV1_0WorkstationUnlockLogon = 7,
02871   MsV1_0S4ULogon = 12,
02872   MsV1_0VirtualLogon = 82
02873 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
02874 
02875 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
02876   MsV1_0InteractiveProfile = 2,
02877   MsV1_0Lm20LogonProfile,
02878   MsV1_0SmartCardProfile
02879 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
02880 
02881 typedef struct _MSV1_0_INTERACTIVE_LOGON {
02882   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02883   UNICODE_STRING LogonDomainName;
02884   UNICODE_STRING UserName;
02885   UNICODE_STRING Password;
02886 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
02887 
02888 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
02889   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
02890   USHORT LogonCount;
02891   USHORT BadPasswordCount;
02892   LARGE_INTEGER LogonTime;
02893   LARGE_INTEGER LogoffTime;
02894   LARGE_INTEGER KickOffTime;
02895   LARGE_INTEGER PasswordLastSet;
02896   LARGE_INTEGER PasswordCanChange;
02897   LARGE_INTEGER PasswordMustChange;
02898   UNICODE_STRING LogonScript;
02899   UNICODE_STRING HomeDirectory;
02900   UNICODE_STRING FullName;
02901   UNICODE_STRING ProfilePath;
02902   UNICODE_STRING HomeDirectoryDrive;
02903   UNICODE_STRING LogonServer;
02904   ULONG UserFlags;
02905 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
02906 
02907 typedef struct _MSV1_0_LM20_LOGON {
02908   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02909   UNICODE_STRING LogonDomainName;
02910   UNICODE_STRING UserName;
02911   UNICODE_STRING Workstation;
02912   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
02913   STRING CaseSensitiveChallengeResponse;
02914   STRING CaseInsensitiveChallengeResponse;
02915   ULONG ParameterControl;
02916 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
02917 
02918 typedef struct _MSV1_0_SUBAUTH_LOGON {
02919   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02920   UNICODE_STRING LogonDomainName;
02921   UNICODE_STRING UserName;
02922   UNICODE_STRING Workstation;
02923   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
02924   STRING AuthenticationInfo1;
02925   STRING AuthenticationInfo2;
02926   ULONG ParameterControl;
02927   ULONG SubAuthPackageId;
02928 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
02929 
02930 #if (_WIN32_WINNT >= 0x0600)
02931 
02932 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
02933 
02934 typedef struct _MSV1_0_S4U_LOGON {
02935   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02936   ULONG Flags;
02937   UNICODE_STRING UserPrincipalName;
02938   UNICODE_STRING DomainName;
02939 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
02940 
02941 #endif
02942 
02943 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
02944   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
02945   LARGE_INTEGER KickOffTime;
02946   LARGE_INTEGER LogoffTime;
02947   ULONG UserFlags;
02948   UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
02949   UNICODE_STRING LogonDomainName;
02950   UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
02951   UNICODE_STRING LogonServer;
02952   UNICODE_STRING UserParameters;
02953 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
02954 
02955 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
02956   ULONG Version;
02957   ULONG Flags;
02958   UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
02959   UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
02960 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
02961 
02962 typedef struct _MSV1_0_NTLM3_RESPONSE {
02963   UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
02964   UCHAR RespType;
02965   UCHAR HiRespType;
02966   USHORT Flags;
02967   ULONG MsgWord;
02968   ULONGLONG TimeStamp;
02969   UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
02970   ULONG AvPairsOff;
02971   UCHAR Buffer[1];
02972 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
02973 
02974 typedef enum _MSV1_0_AVID {
02975   MsvAvEOL,
02976   MsvAvNbComputerName,
02977   MsvAvNbDomainName,
02978   MsvAvDnsComputerName,
02979   MsvAvDnsDomainName,
02980 #if (_WIN32_WINNT >= 0x0501)
02981   MsvAvDnsTreeName,
02982   MsvAvFlags,
02983 #if (_WIN32_WINNT >= 0x0600)
02984   MsvAvTimestamp,
02985   MsvAvRestrictions,
02986   MsvAvTargetName,
02987   MsvAvChannelBindings,
02988 #endif
02989 #endif
02990 } MSV1_0_AVID;
02991 
02992 typedef struct _MSV1_0_AV_PAIR {
02993   USHORT AvId;
02994   USHORT AvLen;
02995 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
02996 
02997 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
02998   MsV1_0Lm20ChallengeRequest = 0,
02999   MsV1_0Lm20GetChallengeResponse,
03000   MsV1_0EnumerateUsers,
03001   MsV1_0GetUserInfo,
03002   MsV1_0ReLogonUsers,
03003   MsV1_0ChangePassword,
03004   MsV1_0ChangeCachedPassword,
03005   MsV1_0GenericPassthrough,
03006   MsV1_0CacheLogon,
03007   MsV1_0SubAuth,
03008   MsV1_0DeriveCredential,
03009   MsV1_0CacheLookup,
03010 #if (_WIN32_WINNT >= 0x0501)
03011   MsV1_0SetProcessOption,
03012 #endif
03013 #if (_WIN32_WINNT >= 0x0600)
03014   MsV1_0ConfigLocalAliases,
03015   MsV1_0ClearCachedCredentials,
03016 #endif
03017 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
03018 
03019 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
03020   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03021 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
03022 
03023 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
03024   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03025   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03026 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
03027 
03028 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
03029   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03030   ULONG ParameterControl;
03031   LUID LogonId;
03032   UNICODE_STRING Password;
03033   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03034 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
03035 
03036 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
03037   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03038   ULONG ParameterControl;
03039   LUID LogonId;
03040   UNICODE_STRING Password;
03041   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03042   UNICODE_STRING UserName;
03043   UNICODE_STRING LogonDomainName;
03044   UNICODE_STRING ServerName;
03045 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
03046 
03047 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
03048   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03049   STRING CaseSensitiveChallengeResponse;
03050   STRING CaseInsensitiveChallengeResponse;
03051   UNICODE_STRING UserName;
03052   UNICODE_STRING LogonDomainName;
03053   UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
03054   UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
03055 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
03056 
03057 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
03058   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03059 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
03060 
03061 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
03062   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03063   ULONG NumberOfLoggedOnUsers;
03064   PLUID LogonIds;
03065   PULONG EnumHandles;
03066 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
03067 
03068 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
03069   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03070   LUID LogonId;
03071 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
03072 
03073 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
03074   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03075   PSID UserSid;
03076   UNICODE_STRING UserName;
03077   UNICODE_STRING LogonDomainName;
03078   UNICODE_STRING LogonServer;
03079   SECURITY_LOGON_TYPE LogonType;
03080 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
03081 
03082 
03083 
03084 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2   0x00000007
03085 #define FILE_OPLOCK_BROKEN_TO_NONE      0x00000008
03086 #define FILE_OPBATCH_BREAK_UNDERWAY     0x00000009
03087 
03088 /* also in winnt.h */
03089 #define FILE_NOTIFY_CHANGE_FILE_NAME    0x00000001
03090 #define FILE_NOTIFY_CHANGE_DIR_NAME     0x00000002
03091 #define FILE_NOTIFY_CHANGE_NAME         0x00000003
03092 #define FILE_NOTIFY_CHANGE_ATTRIBUTES   0x00000004
03093 #define FILE_NOTIFY_CHANGE_SIZE         0x00000008
03094 #define FILE_NOTIFY_CHANGE_LAST_WRITE   0x00000010
03095 #define FILE_NOTIFY_CHANGE_LAST_ACCESS  0x00000020
03096 #define FILE_NOTIFY_CHANGE_CREATION     0x00000040
03097 #define FILE_NOTIFY_CHANGE_EA           0x00000080
03098 #define FILE_NOTIFY_CHANGE_SECURITY     0x00000100
03099 #define FILE_NOTIFY_CHANGE_STREAM_NAME  0x00000200
03100 #define FILE_NOTIFY_CHANGE_STREAM_SIZE  0x00000400
03101 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
03102 #define FILE_NOTIFY_VALID_MASK          0x00000fff
03103 
03104 #define FILE_ACTION_ADDED                   0x00000001
03105 #define FILE_ACTION_REMOVED                 0x00000002
03106 #define FILE_ACTION_MODIFIED                0x00000003
03107 #define FILE_ACTION_RENAMED_OLD_NAME        0x00000004
03108 #define FILE_ACTION_RENAMED_NEW_NAME        0x00000005
03109 #define FILE_ACTION_ADDED_STREAM            0x00000006
03110 #define FILE_ACTION_REMOVED_STREAM          0x00000007
03111 #define FILE_ACTION_MODIFIED_STREAM         0x00000008
03112 #define FILE_ACTION_REMOVED_BY_DELETE       0x00000009
03113 #define FILE_ACTION_ID_NOT_TUNNELLED        0x0000000A
03114 #define FILE_ACTION_TUNNELLED_ID_COLLISION  0x0000000B
03115 /* end  winnt.h */
03116 
03117 #define FILE_PIPE_BYTE_STREAM_TYPE          0x00000000
03118 #define FILE_PIPE_MESSAGE_TYPE              0x00000001
03119 
03120 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS     0x00000000
03121 #define FILE_PIPE_REJECT_REMOTE_CLIENTS     0x00000002
03122 
03123 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS     0x00000000
03124 #define FILE_PIPE_REJECT_REMOTE_CLIENTS     0x00000002
03125 #define FILE_PIPE_TYPE_VALID_MASK           0x00000003
03126 
03127 #define FILE_PIPE_BYTE_STREAM_MODE          0x00000000
03128 #define FILE_PIPE_MESSAGE_MODE              0x00000001
03129 
03130 #define FILE_PIPE_QUEUE_OPERATION           0x00000000
03131 #define FILE_PIPE_COMPLETE_OPERATION        0x00000001
03132 
03133 #define FILE_PIPE_INBOUND                   0x00000000
03134 #define FILE_PIPE_OUTBOUND                  0x00000001
03135 #define FILE_PIPE_FULL_DUPLEX               0x00000002
03136 
03137 #define FILE_PIPE_DISCONNECTED_STATE        0x00000001
03138 #define FILE_PIPE_LISTENING_STATE           0x00000002
03139 #define FILE_PIPE_CONNECTED_STATE           0x00000003
03140 #define FILE_PIPE_CLOSING_STATE             0x00000004
03141 
03142 #define FILE_PIPE_CLIENT_END                0x00000000
03143 #define FILE_PIPE_SERVER_END                0x00000001
03144 
03145 #define FILE_CASE_SENSITIVE_SEARCH          0x00000001
03146 #define FILE_CASE_PRESERVED_NAMES           0x00000002
03147 #define FILE_UNICODE_ON_DISK                0x00000004
03148 #define FILE_PERSISTENT_ACLS                0x00000008
03149 #define FILE_FILE_COMPRESSION               0x00000010
03150 #define FILE_VOLUME_QUOTAS                  0x00000020
03151 #define FILE_SUPPORTS_SPARSE_FILES          0x00000040
03152 #define FILE_SUPPORTS_REPARSE_POINTS        0x00000080
03153 #define FILE_SUPPORTS_REMOTE_STORAGE        0x00000100
03154 #define FILE_VOLUME_IS_COMPRESSED           0x00008000
03155 #define FILE_SUPPORTS_OBJECT_IDS            0x00010000
03156 #define FILE_SUPPORTS_ENCRYPTION            0x00020000
03157 #define FILE_NAMED_STREAMS                  0x00040000
03158 #define FILE_READ_ONLY_VOLUME               0x00080000
03159 #define FILE_SEQUENTIAL_WRITE_ONCE          0x00100000
03160 #define FILE_SUPPORTS_TRANSACTIONS          0x00200000
03161 #define FILE_SUPPORTS_HARD_LINKS            0x00400000
03162 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES   0x00800000
03163 #define FILE_SUPPORTS_OPEN_BY_FILE_ID       0x01000000
03164 #define FILE_SUPPORTS_USN_JOURNAL           0x02000000
03165 
03166 #define FILE_NEED_EA                    0x00000080
03167 
03168 #define FILE_EA_TYPE_BINARY             0xfffe
03169 #define FILE_EA_TYPE_ASCII              0xfffd
03170 #define FILE_EA_TYPE_BITMAP             0xfffb
03171 #define FILE_EA_TYPE_METAFILE           0xfffa
03172 #define FILE_EA_TYPE_ICON               0xfff9
03173 #define FILE_EA_TYPE_EA                 0xffee
03174 #define FILE_EA_TYPE_MVMT               0xffdf
03175 #define FILE_EA_TYPE_MVST               0xffde
03176 #define FILE_EA_TYPE_ASN1               0xffdd
03177 #define FILE_EA_TYPE_FAMILY_IDS         0xff01
03178 
03179 typedef struct _FILE_NOTIFY_INFORMATION {
03180   ULONG NextEntryOffset;
03181   ULONG Action;
03182   ULONG FileNameLength;
03183   WCHAR FileName[1];
03184 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
03185 
03186 typedef struct _FILE_DIRECTORY_INFORMATION {
03187   ULONG NextEntryOffset;
03188   ULONG FileIndex;
03189   LARGE_INTEGER CreationTime;
03190   LARGE_INTEGER LastAccessTime;
03191   LARGE_INTEGER LastWriteTime;
03192   LARGE_INTEGER ChangeTime;
03193   LARGE_INTEGER EndOfFile;
03194   LARGE_INTEGER AllocationSize;
03195   ULONG FileAttributes;
03196   ULONG FileNameLength;
03197   WCHAR FileName[1];
03198 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
03199 
03200 typedef struct _FILE_FULL_DIR_INFORMATION {
03201   ULONG NextEntryOffset;
03202   ULONG FileIndex;
03203   LARGE_INTEGER CreationTime;
03204   LARGE_INTEGER LastAccessTime;
03205   LARGE_INTEGER LastWriteTime;
03206   LARGE_INTEGER ChangeTime;
03207   LARGE_INTEGER EndOfFile;
03208   LARGE_INTEGER AllocationSize;
03209   ULONG FileAttributes;
03210   ULONG FileNameLength;
03211   ULONG EaSize;
03212   WCHAR FileName[1];
03213 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
03214 
03215 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
03216   ULONG NextEntryOffset;
03217   ULONG FileIndex;
03218   LARGE_INTEGER CreationTime;
03219   LARGE_INTEGER LastAccessTime;
03220   LARGE_INTEGER LastWriteTime;
03221   LARGE_INTEGER ChangeTime;
03222   LARGE_INTEGER EndOfFile;
03223   LARGE_INTEGER AllocationSize;
03224   ULONG FileAttributes;
03225   ULONG FileNameLength;
03226   ULONG EaSize;
03227   LARGE_INTEGER FileId;
03228   WCHAR FileName[1];
03229 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
03230 
03231 typedef struct _FILE_BOTH_DIR_INFORMATION {
03232   ULONG NextEntryOffset;
03233   ULONG FileIndex;
03234   LARGE_INTEGER CreationTime;
03235   LARGE_INTEGER LastAccessTime;
03236   LARGE_INTEGER LastWriteTime;
03237   LARGE_INTEGER ChangeTime;
03238   LARGE_INTEGER EndOfFile;
03239   LARGE_INTEGER AllocationSize;
03240   ULONG FileAttributes;
03241   ULONG FileNameLength;
03242   ULONG EaSize;
03243   CCHAR ShortNameLength;
03244   WCHAR ShortName[12];
03245   WCHAR FileName[1];
03246 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
03247 
03248 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
03249   ULONG NextEntryOffset;
03250   ULONG FileIndex;
03251   LARGE_INTEGER CreationTime;
03252   LARGE_INTEGER LastAccessTime;
03253   LARGE_INTEGER LastWriteTime;
03254   LARGE_INTEGER ChangeTime;
03255   LARGE_INTEGER EndOfFile;
03256   LARGE_INTEGER AllocationSize;
03257   ULONG FileAttributes;
03258   ULONG FileNameLength;
03259   ULONG EaSize;
03260   CCHAR ShortNameLength;
03261   WCHAR ShortName[12];
03262   LARGE_INTEGER FileId;
03263   WCHAR FileName[1];
03264 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
03265 
03266 typedef struct _FILE_NAMES_INFORMATION {
03267   ULONG NextEntryOffset;
03268   ULONG FileIndex;
03269   ULONG FileNameLength;
03270   WCHAR FileName[1];
03271 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
03272 
03273 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
03274   ULONG NextEntryOffset;
03275   ULONG FileIndex;
03276   LARGE_INTEGER CreationTime;
03277   LARGE_INTEGER LastAccessTime;
03278   LARGE_INTEGER LastWriteTime;
03279   LARGE_INTEGER ChangeTime;
03280   LARGE_INTEGER EndOfFile;
03281   LARGE_INTEGER AllocationSize;
03282   ULONG FileAttributes;
03283   ULONG FileNameLength;
03284   LARGE_INTEGER FileId;
03285   GUID LockingTransactionId;
03286   ULONG TxInfoFlags;
03287   WCHAR FileName[1];
03288 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
03289 
03290 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED         0x00000001
03291 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX       0x00000002
03292 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX  0x00000004
03293 
03294 typedef struct _FILE_OBJECTID_INFORMATION {
03295   LONGLONG FileReference;
03296   UCHAR ObjectId[16];
03297   _ANONYMOUS_UNION union {
03298     _ANONYMOUS_STRUCT struct {
03299       UCHAR BirthVolumeId[16];
03300       UCHAR BirthObjectId[16];
03301       UCHAR DomainId[16];
03302     } DUMMYSTRUCTNAME;
03303     UCHAR ExtendedInfo[48];
03304   } DUMMYUNIONNAME;
03305 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
03306 
03307 #define ANSI_DOS_STAR                   ('<')
03308 #define ANSI_DOS_QM                     ('>')
03309 #define ANSI_DOS_DOT                    ('"')
03310 
03311 #define DOS_STAR                        (L'<')
03312 #define DOS_QM                          (L'>')
03313 #define DOS_DOT                         (L'"')
03314 
03315 typedef struct _FILE_INTERNAL_INFORMATION {
03316   LARGE_INTEGER IndexNumber;
03317 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
03318 
03319 typedef struct _FILE_EA_INFORMATION {
03320   ULONG EaSize;
03321 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
03322 
03323 typedef struct _FILE_ACCESS_INFORMATION {
03324   ACCESS_MASK AccessFlags;
03325 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
03326 
03327 typedef struct _FILE_MODE_INFORMATION {
03328   ULONG Mode;
03329 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
03330 
03331 typedef struct _FILE_ALL_INFORMATION {
03332   FILE_BASIC_INFORMATION BasicInformation;
03333   FILE_STANDARD_INFORMATION StandardInformation;
03334   FILE_INTERNAL_INFORMATION InternalInformation;
03335   FILE_EA_INFORMATION EaInformation;
03336   FILE_ACCESS_INFORMATION AccessInformation;
03337   FILE_POSITION_INFORMATION PositionInformation;
03338   FILE_MODE_INFORMATION ModeInformation;
03339   FILE_ALIGNMENT_INFORMATION AlignmentInformation;
03340   FILE_NAME_INFORMATION NameInformation;
03341 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
03342 
03343 typedef struct _FILE_ALLOCATION_INFORMATION {
03344   LARGE_INTEGER AllocationSize;
03345 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
03346 
03347 typedef struct _FILE_COMPRESSION_INFORMATION {
03348   LARGE_INTEGER CompressedFileSize;
03349   USHORT CompressionFormat;
03350   UCHAR CompressionUnitShift;
03351   UCHAR ChunkShift;
03352   UCHAR ClusterShift;
03353   UCHAR Reserved[3];
03354 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
03355 
03356 typedef struct _FILE_LINK_INFORMATION {
03357   BOOLEAN ReplaceIfExists;
03358   HANDLE RootDirectory;
03359   ULONG FileNameLength;
03360   WCHAR FileName[1];
03361 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
03362 
03363 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
03364   ULONG ClusterCount;
03365   HANDLE RootDirectory;
03366   ULONG FileNameLength;
03367   WCHAR FileName[1];
03368 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
03369 
03370 typedef struct _FILE_RENAME_INFORMATION {
03371   BOOLEAN ReplaceIfExists;
03372   HANDLE RootDirectory;
03373   ULONG FileNameLength;
03374   WCHAR FileName[1];
03375 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
03376 
03377 typedef struct _FILE_STREAM_INFORMATION {
03378   ULONG NextEntryOffset;
03379   ULONG StreamNameLength;
03380   LARGE_INTEGER StreamSize;
03381   LARGE_INTEGER StreamAllocationSize;
03382   WCHAR StreamName[1];
03383 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
03384 
03385 typedef struct _FILE_TRACKING_INFORMATION {
03386   HANDLE DestinationFile;
03387   ULONG ObjectInformationLength;
03388   CHAR ObjectInformation[1];
03389 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
03390 
03391 typedef struct _FILE_COMPLETION_INFORMATION {
03392   HANDLE Port;
03393   PVOID Key;
03394 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
03395 
03396 typedef struct _FILE_PIPE_INFORMATION {
03397   ULONG ReadMode;
03398   ULONG CompletionMode;
03399 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
03400 
03401 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
03402   ULONG NamedPipeType;
03403   ULONG NamedPipeConfiguration;
03404   ULONG MaximumInstances;
03405   ULONG CurrentInstances;
03406   ULONG InboundQuota;
03407   ULONG ReadDataAvailable;
03408   ULONG OutboundQuota;
03409   ULONG WriteQuotaAvailable;
03410   ULONG NamedPipeState;
03411   ULONG NamedPipeEnd;
03412 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
03413 
03414 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
03415   LARGE_INTEGER CollectDataTime;
03416   ULONG MaximumCollectionCount;
03417 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
03418 
03419 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
03420   ULONG MaximumMessageSize;
03421   ULONG MailslotQuota;
03422   ULONG NextMessageSize;
03423   ULONG MessagesAvailable;
03424   LARGE_INTEGER ReadTimeout;
03425 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
03426 
03427 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
03428   PLARGE_INTEGER ReadTimeout;
03429 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
03430 
03431 typedef struct _FILE_REPARSE_POINT_INFORMATION {
03432   LONGLONG FileReference;
03433   ULONG Tag;
03434 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
03435 
03436 typedef struct _FILE_LINK_ENTRY_INFORMATION {
03437   ULONG NextEntryOffset;
03438   LONGLONG ParentFileId;
03439   ULONG FileNameLength;
03440   WCHAR FileName[1];
03441 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
03442 
03443 typedef struct _FILE_LINKS_INFORMATION {
03444   ULONG BytesNeeded;
03445   ULONG EntriesReturned;
03446   FILE_LINK_ENTRY_INFORMATION Entry;
03447 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
03448 
03449 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
03450   ULONG FileNameLength;
03451   WCHAR FileName[1];
03452 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
03453 
03454 typedef struct _FILE_STANDARD_LINK_INFORMATION {
03455   ULONG NumberOfAccessibleLinks;
03456   ULONG TotalNumberOfLinks;
03457   BOOLEAN DeletePending;
03458   BOOLEAN Directory;
03459 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
03460 
03461 typedef struct _FILE_GET_EA_INFORMATION {
03462   ULONG NextEntryOffset;
03463   UCHAR EaNameLength;
03464   CHAR  EaName[1];
03465 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
03466 
03467 #define REMOTE_PROTOCOL_FLAG_LOOPBACK       0x00000001
03468 #define REMOTE_PROTOCOL_FLAG_OFFLINE        0x00000002
03469 
03470 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
03471   USHORT StructureVersion;
03472   USHORT StructureSize;
03473   ULONG  Protocol;
03474   USHORT ProtocolMajorVersion;
03475   USHORT ProtocolMinorVersion;
03476   USHORT ProtocolRevision;
03477   USHORT Reserved;
03478   ULONG  Flags;
03479   struct {
03480     ULONG Reserved[8];
03481   } GenericReserved;
03482   struct {
03483     ULONG Reserved[16];
03484   } ProtocolSpecificReserved;
03485 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
03486 
03487 typedef struct _FILE_GET_QUOTA_INFORMATION {
03488   ULONG NextEntryOffset;
03489   ULONG SidLength;
03490   SID Sid;
03491 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
03492 
03493 typedef struct _FILE_QUOTA_INFORMATION {
03494   ULONG NextEntryOffset;
03495   ULONG SidLength;
03496   LARGE_INTEGER ChangeTime;
03497   LARGE_INTEGER QuotaUsed;
03498   LARGE_INTEGER QuotaThreshold;
03499   LARGE_INTEGER QuotaLimit;
03500   SID Sid;
03501 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
03502 
03503 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
03504   ULONG FileSystemAttributes;
03505   ULONG MaximumComponentNameLength;
03506   ULONG FileSystemNameLength;
03507   WCHAR FileSystemName[1];
03508 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
03509 
03510 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
03511   BOOLEAN DriverInPath;
03512   ULONG DriverNameLength;
03513   WCHAR DriverName[1];
03514 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
03515 
03516 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
03517   ULONG Flags;
03518 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
03519 
03520 #define FILE_VC_QUOTA_NONE              0x00000000
03521 #define FILE_VC_QUOTA_TRACK             0x00000001
03522 #define FILE_VC_QUOTA_ENFORCE           0x00000002
03523 #define FILE_VC_QUOTA_MASK              0x00000003
03524 #define FILE_VC_CONTENT_INDEX_DISABLED  0x00000008
03525 #define FILE_VC_LOG_QUOTA_THRESHOLD     0x00000010
03526 #define FILE_VC_LOG_QUOTA_LIMIT         0x00000020
03527 #define FILE_VC_LOG_VOLUME_THRESHOLD    0x00000040
03528 #define FILE_VC_LOG_VOLUME_LIMIT        0x00000080
03529 #define FILE_VC_QUOTAS_INCOMPLETE       0x00000100
03530 #define FILE_VC_QUOTAS_REBUILDING       0x00000200
03531 #define FILE_VC_VALID_MASK              0x000003ff
03532 
03533 typedef struct _FILE_FS_CONTROL_INFORMATION {
03534   LARGE_INTEGER FreeSpaceStartFiltering;
03535   LARGE_INTEGER FreeSpaceThreshold;
03536   LARGE_INTEGER FreeSpaceStopFiltering;
03537   LARGE_INTEGER DefaultQuotaThreshold;
03538   LARGE_INTEGER DefaultQuotaLimit;
03539   ULONG FileSystemControlFlags;
03540 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
03541 
03542 #ifndef _FILESYSTEMFSCTL_
03543 #define _FILESYSTEMFSCTL_
03544 
03545 #define FSCTL_REQUEST_OPLOCK_LEVEL_1    CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  0, METHOD_BUFFERED, FILE_ANY_ACCESS)
03546 #define FSCTL_REQUEST_OPLOCK_LEVEL_2    CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  1, METHOD_BUFFERED, FILE_ANY_ACCESS)
03547 #define FSCTL_REQUEST_BATCH_OPLOCK      CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  2, METHOD_BUFFERED, FILE_ANY_ACCESS)
03548 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE  CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  3, METHOD_BUFFERED, FILE_ANY_ACCESS)
03549 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  4, METHOD_BUFFERED, FILE_ANY_ACCESS)
03550 #define FSCTL_OPLOCK_BREAK_NOTIFY       CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  5, METHOD_BUFFERED, FILE_ANY_ACCESS)
03551 #define FSCTL_LOCK_VOLUME               CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  6, METHOD_BUFFERED, FILE_ANY_ACCESS)
03552 #define FSCTL_UNLOCK_VOLUME             CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  7, METHOD_BUFFERED, FILE_ANY_ACCESS)
03553 #define FSCTL_DISMOUNT_VOLUME           CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  8, METHOD_BUFFERED, FILE_ANY_ACCESS)
03554 #define FSCTL_IS_VOLUME_MOUNTED         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
03555 #define FSCTL_IS_PATHNAME_VALID         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
03556 #define FSCTL_MARK_VOLUME_DIRTY         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
03557 #define FSCTL_QUERY_RETRIEVAL_POINTERS  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER,  FILE_ANY_ACCESS)
03558 #define FSCTL_GET_COMPRESSION           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
03559 #define FSCTL_SET_COMPRESSION           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03560 #define FSCTL_SET_BOOTLOADER_ACCESSED   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER,  FILE_ANY_ACCESS)
03561 
03562 #define FSCTL_OPLOCK_BREAK_ACK_NO_2     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
03563 #define FSCTL_INVALIDATE_VOLUMES        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
03564 #define FSCTL_QUERY_FAT_BPB             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
03565 #define FSCTL_REQUEST_FILTER_OPLOCK     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
03566 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
03567 
03568 #if (_WIN32_WINNT >= 0x0400)
03569 
03570 #define FSCTL_GET_NTFS_VOLUME_DATA      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
03571 #define FSCTL_GET_NTFS_FILE_RECORD      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
03572 #define FSCTL_GET_VOLUME_BITMAP         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER,  FILE_ANY_ACCESS)
03573 #define FSCTL_GET_RETRIEVAL_POINTERS    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER,  FILE_ANY_ACCESS)
03574 #define FSCTL_MOVE_FILE                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_ANY_ACCESS)
03575 #define FSCTL_IS_VOLUME_DIRTY           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
03576 #define FSCTL_ALLOW_EXTENDED_DASD_IO    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER,  FILE_ANY_ACCESS)
03577 
03578 #endif
03579 
03580 #if (_WIN32_WINNT >= 0x0500)
03581 
03582 #define FSCTL_FIND_FILES_BY_SID         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER,  FILE_ANY_ACCESS)
03583 #define FSCTL_SET_OBJECT_ID             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_WRITE_DATA)
03584 #define FSCTL_GET_OBJECT_ID             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
03585 #define FSCTL_DELETE_OBJECT_ID          CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_WRITE_DATA)
03586 #define FSCTL_SET_REPARSE_POINT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_WRITE_DATA)
03587 #define FSCTL_GET_REPARSE_POINT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
03588 #define FSCTL_DELETE_REPARSE_POINT      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_WRITE_DATA)
03589 #define FSCTL_ENUM_USN_DATA             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER,  FILE_READ_DATA)
03590 #define FSCTL_SECURITY_ID_CHECK         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER,  FILE_READ_DATA)
03591 #define FSCTL_READ_USN_JOURNAL          CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER,  FILE_READ_DATA)
03592 #define FSCTL_SET_OBJECT_ID_EXTENDED    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_WRITE_DATA)
03593 #define FSCTL_CREATE_OR_GET_OBJECT_ID   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
03594 #define FSCTL_SET_SPARSE                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_WRITE_DATA)
03595 #define FSCTL_SET_ZERO_DATA             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
03596 #define FSCTL_QUERY_ALLOCATED_RANGES    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER,  FILE_READ_DATA)
03597 #define FSCTL_ENABLE_UPGRADE            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
03598 #define FSCTL_SET_ENCRYPTION            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_BUFFERED, FILE_ANY_ACCESS)
03599 #define FSCTL_ENCRYPTION_FSCTL_IO       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER,  FILE_ANY_ACCESS)
03600 #define FSCTL_WRITE_RAW_ENCRYPTED       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER,  FILE_ANY_ACCESS)
03601 #define FSCTL_READ_RAW_ENCRYPTED        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER,  FILE_ANY_ACCESS)
03602 #define FSCTL_CREATE_USN_JOURNAL        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER,  FILE_READ_DATA)
03603 #define FSCTL_READ_FILE_USN_DATA        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER,  FILE_READ_DATA)
03604 #define FSCTL_WRITE_USN_CLOSE_RECORD    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER,  FILE_READ_DATA)
03605 #define FSCTL_EXTEND_VOLUME             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
03606 #define FSCTL_QUERY_USN_JOURNAL         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
03607 #define FSCTL_DELETE_USN_JOURNAL        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
03608 #define FSCTL_MARK_HANDLE               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
03609 #define FSCTL_SIS_COPYFILE              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
03610 #define FSCTL_SIS_LINK_FILES            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03611 #define FSCTL_RECALL_FILE               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
03612 #define FSCTL_READ_FROM_PLEX            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
03613 #define FSCTL_FILE_PREFETCH             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03614 
03615 #endif
03616 
03617 #if (_WIN32_WINNT >= 0x0600)
03618 
03619 #define FSCTL_MAKE_MEDIA_COMPATIBLE         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
03620 #define FSCTL_SET_DEFECT_MANAGEMENT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
03621 #define FSCTL_QUERY_SPARING_INFO            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
03622 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
03623 #define FSCTL_SET_VOLUME_COMPRESSION_STATE  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03624 #define FSCTL_TXFS_MODIFY_RM                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
03625 #define FSCTL_TXFS_QUERY_RM_INFORMATION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
03626 #define FSCTL_TXFS_ROLLFORWARD_REDO         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
03627 #define FSCTL_TXFS_ROLLFORWARD_UNDO         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
03628 #define FSCTL_TXFS_START_RM                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
03629 #define FSCTL_TXFS_SHUTDOWN_RM              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
03630 #define FSCTL_TXFS_READ_BACKUP_INFORMATION  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
03631 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
03632 #define FSCTL_TXFS_CREATE_SECONDARY_RM      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
03633 #define FSCTL_TXFS_GET_METADATA_INFO        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
03634 #define FSCTL_TXFS_GET_TRANSACTED_VERSION   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
03635 #define FSCTL_TXFS_SAVEPOINT_INFORMATION    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
03636 #define FSCTL_TXFS_CREATE_MINIVERSION       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
03637 #define FSCTL_TXFS_TRANSACTION_ACTIVE       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
03638 #define FSCTL_SET_ZERO_ON_DEALLOCATION      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03639 #define FSCTL_SET_REPAIR                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
03640 #define FSCTL_GET_REPAIR                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
03641 #define FSCTL_WAIT_FOR_REPAIR               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
03642 #define FSCTL_INITIATE_REPAIR               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
03643 #define FSCTL_CSC_INTERNAL                  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER,  FILE_ANY_ACCESS)
03644 #define FSCTL_SHRINK_VOLUME                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03645 #define FSCTL_SET_SHORT_NAME_BEHAVIOR       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
03646 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
03647 
03648 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
03649                                             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
03650 #define FSCTL_TXFS_LIST_TRANSACTIONS        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
03651 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
03652 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
03653 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
03654 
03655 #endif
03656 
03657 #if (_WIN32_WINNT >= 0x0601)
03658 
03659 #define FSCTL_QUERY_DEPENDENT_VOLUME        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
03660 #define FSCTL_SD_GLOBAL_CHANGE              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
03661 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
03662 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
03663 #define FSCTL_FILE_TYPE_NOTIFICATION        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
03664 #define FSCTL_GET_BOOT_AREA_INFO            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
03665 #define FSCTL_GET_RETRIEVAL_POINTER_BASE    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
03666 #define FSCTL_SET_PERSISTENT_VOLUME_STATE   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
03667 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
03668 
03669 #define FSCTL_REQUEST_OPLOCK                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
03670 
03671 #define FSCTL_CSV_TUNNEL_REQUEST            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
03672 #define FSCTL_IS_CSV_FILE                   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
03673 
03674 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
03675 #define FSCTL_CSV_GET_VOLUME_PATH_NAME      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
03676 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
03677 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150,  METHOD_BUFFERED, FILE_ANY_ACCESS)
03678 #define FSCTL_IS_FILE_ON_CSV_VOLUME         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151,  METHOD_BUFFERED, FILE_ANY_ACCESS)
03679 
03680 typedef struct _CSV_NAMESPACE_INFO {
03681   ULONG Version;
03682   ULONG DeviceNumber;
03683   LARGE_INTEGER StartingOffset;
03684   ULONG SectorSize;
03685 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
03686 
03687 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
03688 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
03689 
03690 #endif
03691 
03692 #define FSCTL_MARK_AS_SYSTEM_HIVE           FSCTL_SET_BOOTLOADER_ACCESSED
03693 
03694 typedef struct _PATHNAME_BUFFER {
03695   ULONG PathNameLength;
03696   WCHAR Name[1];
03697 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
03698 
03699 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
03700   UCHAR First0x24BytesOfBootSector[0x24];
03701 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
03702 
03703 #if (_WIN32_WINNT >= 0x0400)
03704 
03705 typedef struct _NTFS_VOLUME_DATA_BUFFER {
03706   LARGE_INTEGER VolumeSerialNumber;
03707   LARGE_INTEGER NumberSectors;
03708   LARGE_INTEGER TotalClusters;
03709   LARGE_INTEGER FreeClusters;
03710   LARGE_INTEGER TotalReserved;
03711   ULONG BytesPerSector;
03712   ULONG BytesPerCluster;
03713   ULONG BytesPerFileRecordSegment;
03714   ULONG ClustersPerFileRecordSegment;
03715   LARGE_INTEGER MftValidDataLength;
03716   LARGE_INTEGER MftStartLcn;
03717   LARGE_INTEGER Mft2StartLcn;
03718   LARGE_INTEGER MftZoneStart;
03719   LARGE_INTEGER MftZoneEnd;
03720 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
03721 
03722 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
03723   ULONG ByteCount;
03724   USHORT MajorVersion;
03725   USHORT MinorVersion;
03726 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
03727 
03728 typedef struct _STARTING_LCN_INPUT_BUFFER {
03729   LARGE_INTEGER StartingLcn;
03730 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
03731 
03732 typedef struct _VOLUME_BITMAP_BUFFER {
03733   LARGE_INTEGER StartingLcn;
03734   LARGE_INTEGER BitmapSize;
03735   UCHAR Buffer[1];
03736 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
03737 
03738 typedef struct _STARTING_VCN_INPUT_BUFFER {
03739   LARGE_INTEGER StartingVcn;
03740 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
03741 
03742 typedef struct _RETRIEVAL_POINTERS_BUFFER {
03743   ULONG ExtentCount;
03744   LARGE_INTEGER StartingVcn;
03745   struct {
03746     LARGE_INTEGER NextVcn;
03747     LARGE_INTEGER Lcn;
03748   } Extents[1];
03749 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
03750 
03751 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
03752   LARGE_INTEGER FileReferenceNumber;
03753 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
03754 
03755 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
03756   LARGE_INTEGER FileReferenceNumber;
03757   ULONG FileRecordLength;
03758   UCHAR FileRecordBuffer[1];
03759 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
03760 
03761 typedef struct _MOVE_FILE_DATA {
03762   HANDLE FileHandle;
03763   LARGE_INTEGER StartingVcn;
03764   LARGE_INTEGER StartingLcn;
03765   ULONG ClusterCount;
03766 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
03767 
03768 typedef struct _MOVE_FILE_RECORD_DATA {
03769   HANDLE FileHandle;
03770   LARGE_INTEGER SourceFileRecord;
03771   LARGE_INTEGER TargetFileRecord;
03772 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
03773 
03774 #if defined(_WIN64)
03775 typedef struct _MOVE_FILE_DATA32 {
03776   UINT32 FileHandle;
03777   LARGE_INTEGER StartingVcn;
03778   LARGE_INTEGER StartingLcn;
03779   ULONG ClusterCount;
03780 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
03781 #endif
03782 
03783 #endif /* (_WIN32_WINNT >= 0x0400) */
03784 
03785 #if (_WIN32_WINNT >= 0x0500)
03786 
03787 typedef struct _FIND_BY_SID_DATA {
03788   ULONG Restart;
03789   SID Sid;
03790 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
03791 
03792 typedef struct _FIND_BY_SID_OUTPUT {
03793   ULONG NextEntryOffset;
03794   ULONG FileIndex;
03795   ULONG FileNameLength;
03796   WCHAR FileName[1];
03797 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
03798 
03799 typedef struct _MFT_ENUM_DATA {
03800   ULONGLONG StartFileReferenceNumber;
03801   USN LowUsn;
03802   USN HighUsn;
03803 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
03804 
03805 typedef struct _CREATE_USN_JOURNAL_DATA {
03806   ULONGLONG MaximumSize;
03807   ULONGLONG AllocationDelta;
03808 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
03809 
03810 typedef struct _READ_USN_JOURNAL_DATA {
03811   USN StartUsn;
03812   ULONG ReasonMask;
03813   ULONG ReturnOnlyOnClose;
03814   ULONGLONG Timeout;
03815   ULONGLONG BytesToWaitFor;
03816   ULONGLONG UsnJournalID;
03817 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
03818 
03819 typedef struct _USN_RECORD {
03820   ULONG RecordLength;
03821   USHORT MajorVersion;
03822   USHORT MinorVersion;
03823   ULONGLONG FileReferenceNumber;
03824   ULONGLONG ParentFileReferenceNumber;
03825   USN Usn;
03826   LARGE_INTEGER TimeStamp;
03827   ULONG Reason;
03828   ULONG SourceInfo;
03829   ULONG SecurityId;
03830   ULONG FileAttributes;
03831   USHORT FileNameLength;
03832   USHORT FileNameOffset;
03833   WCHAR FileName[1];
03834 } USN_RECORD, *PUSN_RECORD;
03835 
03836 #define USN_PAGE_SIZE                    (0x1000)
03837 
03838 #define USN_REASON_DATA_OVERWRITE        (0x00000001)
03839 #define USN_REASON_DATA_EXTEND           (0x00000002)
03840 #define USN_REASON_DATA_TRUNCATION       (0x00000004)
03841 #define USN_REASON_NAMED_DATA_OVERWRITE  (0x00000010)
03842 #define USN_REASON_NAMED_DATA_EXTEND     (0x00000020)
03843 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
03844 #define USN_REASON_FILE_CREATE           (0x00000100)
03845 #define USN_REASON_FILE_DELETE           (0x00000200)
03846 #define USN_REASON_EA_CHANGE             (0x00000400)
03847 #define USN_REASON_SECURITY_CHANGE       (0x00000800)
03848 #define USN_REASON_RENAME_OLD_NAME       (0x00001000)
03849 #define USN_REASON_RENAME_NEW_NAME       (0x00002000)
03850 #define USN_REASON_INDEXABLE_CHANGE      (0x00004000)
03851 #define USN_REASON_BASIC_INFO_CHANGE     (0x00008000)
03852 #define USN_REASON_HARD_LINK_CHANGE      (0x00010000)
03853 #define USN_REASON_COMPRESSION_CHANGE    (0x00020000)
03854 #define USN_REASON_ENCRYPTION_CHANGE     (0x00040000)
03855 #define USN_REASON_OBJECT_ID_CHANGE      (0x00080000)
03856 #define USN_REASON_REPARSE_POINT_CHANGE  (0x00100000)
03857 #define USN_REASON_STREAM_CHANGE         (0x00200000)
03858 #define USN_REASON_TRANSACTED_CHANGE     (0x00400000)
03859 #define USN_REASON_CLOSE                 (0x80000000)
03860 
03861 typedef struct _USN_JOURNAL_DATA {
03862   ULONGLONG UsnJournalID;
03863   USN FirstUsn;
03864   USN NextUsn;
03865   USN LowestValidUsn;
03866   USN MaxUsn;
03867   ULONGLONG MaximumSize;
03868   ULONGLONG AllocationDelta;
03869 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
03870 
03871 typedef struct _DELETE_USN_JOURNAL_DATA {
03872   ULONGLONG UsnJournalID;
03873   ULONG DeleteFlags;
03874 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
03875 
03876 #define USN_DELETE_FLAG_DELETE              (0x00000001)
03877 #define USN_DELETE_FLAG_NOTIFY              (0x00000002)
03878 #define USN_DELETE_VALID_FLAGS              (0x00000003)
03879 
03880 typedef struct _MARK_HANDLE_INFO {
03881   ULONG UsnSourceInfo;
03882   HANDLE VolumeHandle;
03883   ULONG HandleInfo;
03884 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
03885 
03886 #if defined(_WIN64)
03887 typedef struct _MARK_HANDLE_INFO32 {
03888   ULONG UsnSourceInfo;
03889   UINT32 VolumeHandle;
03890   ULONG HandleInfo;
03891 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
03892 #endif
03893 
03894 #define USN_SOURCE_DATA_MANAGEMENT          (0x00000001)
03895 #define USN_SOURCE_AUXILIARY_DATA           (0x00000002)
03896 #define USN_SOURCE_REPLICATION_MANAGEMENT   (0x00000004)
03897 
03898 #define MARK_HANDLE_PROTECT_CLUSTERS        (0x00000001)
03899 #define MARK_HANDLE_TXF_SYSTEM_LOG          (0x00000004)
03900 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG      (0x00000008)
03901 
03902 typedef struct _BULK_SECURITY_TEST_DATA {
03903   ACCESS_MASK DesiredAccess;
03904   ULONG SecurityIds[1];
03905 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
03906 
03907 #define VOLUME_IS_DIRTY                  (0x00000001)
03908 #define VOLUME_UPGRADE_SCHEDULED         (0x00000002)
03909 #define VOLUME_SESSION_OPEN              (0x00000004)
03910 
03911 typedef struct _FILE_PREFETCH {
03912   ULONG Type;
03913   ULONG Count;
03914   ULONGLONG Prefetch[1];
03915 } FILE_PREFETCH, *PFILE_PREFETCH;
03916 
03917 typedef struct _FILE_PREFETCH_EX {
03918   ULONG Type;
03919   ULONG Count;
03920   PVOID Context;
03921   ULONGLONG Prefetch[1];
03922 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
03923 
03924 #define FILE_PREFETCH_TYPE_FOR_CREATE       0x1
03925 #define FILE_PREFETCH_TYPE_FOR_DIRENUM      0x2
03926 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX    0x3
03927 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX   0x4
03928 
03929 #define FILE_PREFETCH_TYPE_MAX              0x4
03930 
03931 typedef struct _FILE_OBJECTID_BUFFER {
03932   UCHAR ObjectId[16];
03933   _ANONYMOUS_UNION union {
03934     _ANONYMOUS_STRUCT struct {
03935       UCHAR BirthVolumeId[16];
03936       UCHAR BirthObjectId[16];
03937       UCHAR DomainId[16];
03938     } DUMMYSTRUCTNAME;
03939     UCHAR ExtendedInfo[48];
03940   } DUMMYUNIONNAME;
03941 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
03942 
03943 typedef struct _FILE_SET_SPARSE_BUFFER {
03944   BOOLEAN SetSparse;
03945 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
03946 
03947 typedef struct _FILE_ZERO_DATA_INFORMATION {
03948   LARGE_INTEGER FileOffset;
03949   LARGE_INTEGER BeyondFinalZero;
03950 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
03951 
03952 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
03953   LARGE_INTEGER FileOffset;
03954   LARGE_INTEGER Length;
03955 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
03956 
03957 typedef struct _ENCRYPTION_BUFFER {
03958   ULONG EncryptionOperation;
03959   UCHAR Private[1];
03960 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
03961 
03962 #define FILE_SET_ENCRYPTION         0x00000001
03963 #define FILE_CLEAR_ENCRYPTION       0x00000002
03964 #define STREAM_SET_ENCRYPTION       0x00000003
03965 #define STREAM_CLEAR_ENCRYPTION     0x00000004
03966 
03967 #define MAXIMUM_ENCRYPTION_VALUE    0x00000004
03968 
03969 typedef struct _DECRYPTION_STATUS_BUFFER {
03970   BOOLEAN NoEncryptedStreams;
03971 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
03972 
03973 #define ENCRYPTION_FORMAT_DEFAULT        (0x01)
03974 
03975 #define COMPRESSION_FORMAT_SPARSE        (0x4000)
03976 
03977 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
03978   LONGLONG FileOffset;
03979   ULONG Length;
03980 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
03981 
03982 typedef struct _ENCRYPTED_DATA_INFO {
03983   ULONGLONG StartingFileOffset;
03984   ULONG OutputBufferOffset;
03985   ULONG BytesWithinFileSize;
03986   ULONG BytesWithinValidDataLength;
03987   USHORT CompressionFormat;
03988   UCHAR DataUnitShift;
03989   UCHAR ChunkShift;
03990   UCHAR ClusterShift;
03991   UCHAR EncryptionFormat;
03992   USHORT NumberOfDataBlocks;
03993   ULONG DataBlockSize[ANYSIZE_ARRAY];
03994 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
03995 
03996 typedef struct _PLEX_READ_DATA_REQUEST {
03997   LARGE_INTEGER ByteOffset;
03998   ULONG ByteLength;
03999   ULONG PlexNumber;
04000 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
04001 
04002 typedef struct _SI_COPYFILE {
04003   ULONG SourceFileNameLength;
04004   ULONG DestinationFileNameLength;
04005   ULONG Flags;
04006   WCHAR FileNameBuffer[1];
04007 } SI_COPYFILE, *PSI_COPYFILE;
04008 
04009 #define COPYFILE_SIS_LINK       0x0001
04010 #define COPYFILE_SIS_REPLACE    0x0002
04011 #define COPYFILE_SIS_FLAGS      0x0003
04012 
04013 #endif /* (_WIN32_WINNT >= 0x0500) */
04014 
04015 #if (_WIN32_WINNT >= 0x0600)
04016 
04017 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER {
04018   BOOLEAN CloseDisc;
04019 } FILE_MAKE_COMPATIBLE_BUFFER, *PFILE_MAKE_COMPATIBLE_BUFFER;
04020 
04021 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER {
04022   BOOLEAN Disable;
04023 } FILE_SET_DEFECT_MGMT_BUFFER, *PFILE_SET_DEFECT_MGMT_BUFFER;
04024 
04025 typedef struct _FILE_QUERY_SPARING_BUFFER {
04026   ULONG SparingUnitBytes;
04027   BOOLEAN SoftwareSparing;
04028   ULONG TotalSpareBlocks;
04029   ULONG FreeSpareBlocks;
04030 } FILE_QUERY_SPARING_BUFFER, *PFILE_QUERY_SPARING_BUFFER;
04031 
04032 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER {
04033   LARGE_INTEGER DirectoryCount;
04034   LARGE_INTEGER FileCount;
04035   USHORT FsFormatMajVersion;
04036   USHORT FsFormatMinVersion;
04037   WCHAR FsFormatName[12];
04038   LARGE_INTEGER FormatTime;
04039   LARGE_INTEGER LastUpdateTime;
04040   WCHAR CopyrightInfo[34];
04041   WCHAR AbstractInfo[34];
04042   WCHAR FormattingImplementationInfo[34];
04043   WCHAR LastModifyingImplementationInfo[34];
04044 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER;
04045 
04046 #define SET_REPAIR_ENABLED                                      (0x00000001)
04047 #define SET_REPAIR_VOLUME_BITMAP_SCAN                           (0x00000002)
04048 #define SET_REPAIR_DELETE_CROSSLINK                             (0x00000004)
04049 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS                         (0x00000008)
04050 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT             (0x00000010)
04051 #define SET_REPAIR_VALID_MASK                                   (0x0000001F)
04052 
04053 typedef enum _SHRINK_VOLUME_REQUEST_TYPES {
04054   ShrinkPrepare = 1,
04055   ShrinkCommit,
04056   ShrinkAbort
04057 } SHRINK_VOLUME_REQUEST_TYPES, *PSHRINK_VOLUME_REQUEST_TYPES;
04058 
04059 typedef struct _SHRINK_VOLUME_INFORMATION {
04060   SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType;
04061   ULONGLONG Flags;
04062   LONGLONG NewNumberOfSectors;
04063 } SHRINK_VOLUME_INFORMATION, *PSHRINK_VOLUME_INFORMATION;
04064 
04065 #define TXFS_RM_FLAG_LOGGING_MODE                           0x00000001
04066 #define TXFS_RM_FLAG_RENAME_RM                              0x00000002
04067 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX                0x00000004
04068 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN                0x00000008
04069 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS    0x00000010
04070 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT           0x00000020
04071 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE             0x00000040
04072 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX             0x00000080
04073 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN             0x00000100
04074 #define TXFS_RM_FLAG_GROW_LOG                               0x00000400
04075 #define TXFS_RM_FLAG_SHRINK_LOG                             0x00000800
04076 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE                   0x00001000
04077 #define TXFS_RM_FLAG_PRESERVE_CHANGES                       0x00002000
04078 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START                 0x00004000
04079 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START          0x00008000
04080 #define TXFS_RM_FLAG_PREFER_CONSISTENCY                     0x00010000
04081 #define TXFS_RM_FLAG_PREFER_AVAILABILITY                    0x00020000
04082 
04083 #define TXFS_LOGGING_MODE_SIMPLE        (0x0001)
04084 #define TXFS_LOGGING_MODE_FULL          (0x0002)
04085 
04086 #define TXFS_TRANSACTION_STATE_NONE         0x00
04087 #define TXFS_TRANSACTION_STATE_ACTIVE       0x01
04088 #define TXFS_TRANSACTION_STATE_PREPARED     0x02
04089 #define TXFS_TRANSACTION_STATE_NOTACTIVE    0x03
04090 
04091 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE                        | \
04092                                     TXFS_RM_FLAG_RENAME_RM                           | \
04093                                     TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX             | \
04094                                     TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN             | \
04095                                     TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
04096                                     TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT        | \
04097                                     TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE          | \
04098                                     TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX          | \
04099                                     TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN          | \
04100                                     TXFS_RM_FLAG_SHRINK_LOG                          | \
04101                                     TXFS_RM_FLAG_GROW_LOG                            | \
04102                                     TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE                | \
04103                                     TXFS_RM_FLAG_PRESERVE_CHANGES                    | \
04104                                     TXFS_RM_FLAG_RESET_RM_AT_NEXT_START              | \
04105                                     TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START       | \
04106                                     TXFS_RM_FLAG_PREFER_CONSISTENCY                  | \
04107                                     TXFS_RM_FLAG_PREFER_AVAILABILITY)
04108 
04109 typedef struct _TXFS_MODIFY_RM {
04110   ULONG Flags;
04111   ULONG LogContainerCountMax;
04112   ULONG LogContainerCountMin;
04113   ULONG LogContainerCount;
04114   ULONG LogGrowthIncrement;
04115   ULONG LogAutoShrinkPercentage;
04116   ULONGLONG Reserved;
04117   USHORT LoggingMode;
04118 } TXFS_MODIFY_RM, *PTXFS_MODIFY_RM;
04119 
04120 #define TXFS_RM_STATE_NOT_STARTED       0
04121 #define TXFS_RM_STATE_STARTING          1
04122 #define TXFS_RM_STATE_ACTIVE            2
04123 #define TXFS_RM_STATE_SHUTTING_DOWN     3
04124 
04125 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS                           \
04126                 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS   |   \
04127                  TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT          |   \
04128                  TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX            |   \
04129                  TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN            |   \
04130                  TXFS_RM_FLAG_RESET_RM_AT_NEXT_START                |   \
04131                  TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START         |   \
04132                  TXFS_RM_FLAG_PREFER_CONSISTENCY                    |   \
04133                  TXFS_RM_FLAG_PREFER_AVAILABILITY)
04134 
04135 typedef struct _TXFS_QUERY_RM_INFORMATION {
04136   ULONG BytesRequired;
04137   ULONGLONG TailLsn;
04138   ULONGLONG CurrentLsn;
04139   ULONGLONG ArchiveTailLsn;
04140   ULONGLONG LogContainerSize;
04141   LARGE_INTEGER HighestVirtualClock;
04142   ULONG LogContainerCount;
04143   ULONG LogContainerCountMax;
04144   ULONG LogContainerCountMin;
04145   ULONG LogGrowthIncrement;
04146   ULONG LogAutoShrinkPercentage;
04147   ULONG Flags;
04148   USHORT LoggingMode;
04149   USHORT Reserved;
04150   ULONG RmState;
04151   ULONGLONG LogCapacity;
04152   ULONGLONG LogFree;
04153   ULONGLONG TopsSize;
04154   ULONGLONG TopsUsed;
04155   ULONGLONG TransactionCount;
04156   ULONGLONG OnePCCount;
04157   ULONGLONG TwoPCCount;
04158   ULONGLONG NumberLogFileFull;
04159   ULONGLONG OldestTransactionAge;
04160   GUID RMName;
04161   ULONG TmLogPathOffset;
04162 } TXFS_QUERY_RM_INFORMATION, *PTXFS_QUERY_RM_INFORMATION;
04163 
04164 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN        0x01
04165 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK   0x02
04166 
04167 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS                               \
04168                 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN |         \
04169                  TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
04170 
04171 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION {
04172   LARGE_INTEGER LastVirtualClock;
04173   ULONGLONG LastRedoLsn;
04174   ULONGLONG HighestRecoveryLsn;
04175   ULONG Flags;
04176 } TXFS_ROLLFORWARD_REDO_INFORMATION, *PTXFS_ROLLFORWARD_REDO_INFORMATION;
04177 
04178 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX              0x00000001
04179 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN              0x00000002
04180 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE                   0x00000004
04181 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS  0x00000008
04182 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT         0x00000010
04183 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE           0x00000020
04184 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX           0x00000040
04185 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN           0x00000080
04186 
04187 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT                  0x00000200
04188 #define TXFS_START_RM_FLAG_LOGGING_MODE                         0x00000400
04189 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES                     0x00000800
04190 
04191 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY                   0x00001000
04192 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY                  0x00002000
04193 
04194 #define TXFS_START_RM_VALID_FLAGS                                           \
04195                 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX             |   \
04196                  TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN             |   \
04197                  TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE                  |   \
04198                  TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS |   \
04199                  TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT        |   \
04200                  TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE          |   \
04201                  TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT                 |   \
04202                  TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX          |   \
04203                  TXFS_START_RM_FLAG_LOGGING_MODE                        |   \
04204                  TXFS_START_RM_FLAG_PRESERVE_CHANGES                    |   \
04205                  TXFS_START_RM_FLAG_PREFER_CONSISTENCY                  |   \
04206                  TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
04207 
04208 typedef struct _TXFS_START_RM_INFORMATION {
04209   ULONG Flags;
04210   ULONGLONG LogContainerSize;
04211   ULONG LogContainerCountMin;
04212   ULONG LogContainerCountMax;
04213   ULONG LogGrowthIncrement;
04214   ULONG LogAutoShrinkPercentage;
04215   ULONG TmLogPathOffset;
04216   USHORT TmLogPathLength;
04217   USHORT LoggingMode;
04218   USHORT LogPathLength;
04219   USHORT Reserved;
04220   WCHAR LogPath[1];
04221 } TXFS_START_RM_INFORMATION, *PTXFS_START_RM_INFORMATION;
04222 
04223 typedef struct _TXFS_GET_METADATA_INFO_OUT {
04224   struct {
04225     LONGLONG LowPart;
04226     LONGLONG HighPart;
04227   } TxfFileId;
04228   GUID LockingTransaction;
04229   ULONGLONG LastLsn;
04230   ULONG TransactionState;
04231 } TXFS_GET_METADATA_INFO_OUT, *PTXFS_GET_METADATA_INFO_OUT;
04232 
04233 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED   0x00000001
04234 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED   0x00000002
04235 
04236 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY {
04237   ULONGLONG Offset;
04238   ULONG NameFlags;
04239   LONGLONG FileId;
04240   ULONG Reserved1;
04241   ULONG Reserved2;
04242   LONGLONG Reserved3;
04243   WCHAR FileName[1];
04244 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY;
04245 
04246 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES {
04247   GUID KtmTransaction;
04248   ULONGLONG NumberOfFiles;
04249   ULONGLONG BufferSizeRequired;
04250   ULONGLONG Offset;
04251 } TXFS_LIST_TRANSACTION_LOCKED_FILES, *PTXFS_LIST_TRANSACTION_LOCKED_FILES;
04252 
04253 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY {
04254   GUID TransactionId;
04255   ULONG TransactionState;
04256   ULONG Reserved1;
04257   ULONG Reserved2;
04258   LONGLONG Reserved3;
04259 } TXFS_LIST_TRANSACTIONS_ENTRY, *PTXFS_LIST_TRANSACTIONS_ENTRY;
04260 
04261 typedef struct _TXFS_LIST_TRANSACTIONS {
04262   ULONGLONG NumberOfTransactions;
04263   ULONGLONG BufferSizeRequired;
04264 } TXFS_LIST_TRANSACTIONS, *PTXFS_LIST_TRANSACTIONS;
04265 
04266 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT {
04267   _ANONYMOUS_UNION union {
04268     ULONG BufferLength;
04269     UCHAR Buffer[1];
04270   } DUMMYUNIONNAME;
04271 } TXFS_READ_BACKUP_INFORMATION_OUT, *PTXFS_READ_BACKUP_INFORMATION_OUT;
04272 
04273 typedef struct _TXFS_WRITE_BACKUP_INFORMATION {
04274   UCHAR Buffer[1];
04275 } TXFS_WRITE_BACKUP_INFORMATION, *PTXFS_WRITE_BACKUP_INFORMATION;
04276 
04277 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED   0xFFFFFFFE
04278 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED     0xFFFFFFFF
04279 
04280 typedef struct _TXFS_GET_TRANSACTED_VERSION {
04281   ULONG ThisBaseVersion;
04282   ULONG LatestVersion;
04283   USHORT ThisMiniVersion;
04284   USHORT FirstMiniVersion;
04285   USHORT LatestMiniVersion;
04286 } TXFS_GET_TRANSACTED_VERSION, *PTXFS_GET_TRANSACTED_VERSION;
04287 
04288 #define TXFS_SAVEPOINT_SET                      0x00000001
04289 #define TXFS_SAVEPOINT_ROLLBACK                 0x00000002
04290 #define TXFS_SAVEPOINT_CLEAR                    0x00000004
04291 #define TXFS_SAVEPOINT_CLEAR_ALL                0x00000010
04292 
04293 typedef struct _TXFS_SAVEPOINT_INFORMATION {
04294   HANDLE KtmTransaction;
04295   ULONG ActionCode;
04296   ULONG SavepointId;
04297 } TXFS_SAVEPOINT_INFORMATION, *PTXFS_SAVEPOINT_INFORMATION;
04298 
04299 typedef struct _TXFS_CREATE_MINIVERSION_INFO {
04300   USHORT StructureVersion;
04301   USHORT StructureLength;
04302   ULONG BaseVersion;
04303   USHORT MiniVersion;
04304 } TXFS_CREATE_MINIVERSION_INFO, *PTXFS_CREATE_MINIVERSION_INFO;
04305 
04306 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO {
04307   BOOLEAN TransactionsActiveAtSnapshot;
04308 } TXFS_TRANSACTION_ACTIVE_INFO, *PTXFS_TRANSACTION_ACTIVE_INFO;
04309 
04310 #endif /* (_WIN32_WINNT >= 0x0600) */
04311 
04312 #if (_WIN32_WINNT >= 0x0601)
04313 
04314 #define MARK_HANDLE_REALTIME                (0x00000020)
04315 #define MARK_HANDLE_NOT_REALTIME            (0x00000040)
04316 
04317 #define NO_8DOT3_NAME_PRESENT               (0x00000001)
04318 #define REMOVED_8DOT3_NAME                  (0x00000002)
04319 
04320 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED        (0x00000001)
04321 
04322 typedef struct _BOOT_AREA_INFO {
04323   ULONG BootSectorCount;
04324   struct {
04325     LARGE_INTEGER Offset;
04326   } BootSectors[2];
04327 } BOOT_AREA_INFO, *PBOOT_AREA_INFO;
04328 
04329 typedef struct _RETRIEVAL_POINTER_BASE {
04330   LARGE_INTEGER FileAreaOffset;
04331 } RETRIEVAL_POINTER_BASE, *PRETRIEVAL_POINTER_BASE;
04332 
04333 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION {
04334   ULONG VolumeFlags;
04335   ULONG FlagMask;
04336   ULONG Version;
04337   ULONG Reserved;
04338 } FILE_FS_PERSISTENT_VOLUME_INFORMATION, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION;
04339 
04340 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION {
04341   CHAR FileSystem[9];
04342 } FILE_SYSTEM_RECOGNITION_INFORMATION, *PFILE_SYSTEM_RECOGNITION_INFORMATION;
04343 
04344 #define OPLOCK_LEVEL_CACHE_READ         (0x00000001)
04345 #define OPLOCK_LEVEL_CACHE_HANDLE       (0x00000002)
04346 #define OPLOCK_LEVEL_CACHE_WRITE        (0x00000004)
04347 
04348 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST               (0x00000001)
04349 #define REQUEST_OPLOCK_INPUT_FLAG_ACK                   (0x00000002)
04350 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
04351 
04352 #define REQUEST_OPLOCK_CURRENT_VERSION          1
04353 
04354 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
04355   USHORT StructureVersion;
04356   USHORT StructureLength;
04357   ULONG RequestedOplockLevel;
04358   ULONG Flags;
04359 } REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;
04360 
04361 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED     (0x00000001)
04362 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED   (0x00000002)
04363 
04364 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
04365   USHORT StructureVersion;
04366   USHORT StructureLength;
04367   ULONG OriginalOplockLevel;
04368   ULONG NewOplockLevel;
04369   ULONG Flags;
04370   ACCESS_MASK AccessMode;
04371   USHORT ShareMode;
04372 } REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;
04373 
04374 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID   1
04375 
04376 typedef struct _SD_CHANGE_MACHINE_SID_INPUT {
04377   USHORT CurrentMachineSIDOffset;
04378   USHORT CurrentMachineSIDLength;
04379   USHORT NewMachineSIDOffset;
04380   USHORT NewMachineSIDLength;
04381 } SD_CHANGE_MACHINE_SID_INPUT, *PSD_CHANGE_MACHINE_SID_INPUT;
04382 
04383 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT {
04384   ULONGLONG NumSDChangedSuccess;
04385   ULONGLONG NumSDChangedFail;
04386   ULONGLONG NumSDUnused;
04387   ULONGLONG NumSDTotal;
04388   ULONGLONG NumMftSDChangedSuccess;
04389   ULONGLONG NumMftSDChangedFail;
04390   ULONGLONG NumMftSDTotal;
04391 } SD_CHANGE_MACHINE_SID_OUTPUT, *PSD_CHANGE_MACHINE_SID_OUTPUT;
04392 
04393 typedef struct _SD_GLOBAL_CHANGE_INPUT {
04394   ULONG Flags;
04395   ULONG ChangeType;
04396   _ANONYMOUS_UNION union {
04397     SD_CHANGE_MACHINE_SID_INPUT SdChange;
04398   } DUMMYUNIONNAME;
04399 } SD_GLOBAL_CHANGE_INPUT, *PSD_GLOBAL_CHANGE_INPUT;
04400 
04401 typedef struct _SD_GLOBAL_CHANGE_OUTPUT {
04402   ULONG Flags;
04403   ULONG ChangeType;
04404   _ANONYMOUS_UNION union {
04405     SD_CHANGE_MACHINE_SID_OUTPUT SdChange;
04406   } DUMMYUNIONNAME;
04407 } SD_GLOBAL_CHANGE_OUTPUT, *PSD_GLOBAL_CHANGE_OUTPUT;
04408 
04409 #define ENCRYPTED_DATA_INFO_SPARSE_FILE    1
04410 
04411 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO {
04412   ULONG ExtendedCode;
04413   ULONG Length;
04414   ULONG Flags;
04415   ULONG Reserved;
04416 } EXTENDED_ENCRYPTED_DATA_INFO, *PEXTENDED_ENCRYPTED_DATA_INFO;
04417 
04418 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT {
04419   ULONG Flags;
04420   ULONG NumberOfClusters;
04421   LARGE_INTEGER Cluster[1];
04422 } LOOKUP_STREAM_FROM_CLUSTER_INPUT, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT;
04423 
04424 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT {
04425   ULONG Offset;
04426   ULONG NumberOfMatches;
04427   ULONG BufferSizeRequired;
04428 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT;
04429 
04430 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE          0x00000001
04431 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET    0x00000002
04432 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE     0x00000004
04433 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE    0x00000008
04434 
04435 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK          0xff000000
04436 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA          0x01000000
04437 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX         0x02000000
04438 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM        0x03000000
04439 
04440 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY {
04441   ULONG OffsetToNext;
04442   ULONG Flags;
04443   LARGE_INTEGER Reserved;
04444   LARGE_INTEGER Cluster;
04445   WCHAR FileName[1];
04446 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY;
04447 
04448 typedef struct _FILE_TYPE_NOTIFICATION_INPUT {
04449   ULONG Flags;
04450   ULONG NumFileTypeIDs;
04451   GUID FileTypeID[1];
04452 } FILE_TYPE_NOTIFICATION_INPUT, *PFILE_TYPE_NOTIFICATION_INPUT;
04453 
04454 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN     0x00000001
04455 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END       0x00000002
04456 
04457 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE,         0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
04458 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE,  0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
04459 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE,    0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
04460 
04461 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
04462 #define _VIRTUAL_STORAGE_TYPE_DEFINED
04463 typedef struct _VIRTUAL_STORAGE_TYPE {
04464   ULONG DeviceId;
04465   GUID VendorId;
04466 } VIRTUAL_STORAGE_TYPE, *PVIRTUAL_STORAGE_TYPE;
04467 #endif
04468 
04469 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST {
04470   ULONG RequestLevel;
04471   ULONG RequestFlags;
04472 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST;
04473 
04474 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES    0x1
04475 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES   0x2
04476 
04477 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY {
04478   ULONG EntryLength;
04479   ULONG DependencyTypeFlags;
04480   ULONG ProviderSpecificFlags;
04481   VIRTUAL_STORAGE_TYPE VirtualStorageType;
04482 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY;
04483 
04484 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY {
04485   ULONG EntryLength;
04486   ULONG DependencyTypeFlags;
04487   ULONG ProviderSpecificFlags;
04488   VIRTUAL_STORAGE_TYPE VirtualStorageType;
04489   ULONG AncestorLevel;
04490   ULONG HostVolumeNameOffset;
04491   ULONG HostVolumeNameSize;
04492   ULONG DependentVolumeNameOffset;
04493   ULONG DependentVolumeNameSize;
04494   ULONG RelativePathOffset;
04495   ULONG RelativePathSize;
04496   ULONG DependentDeviceNameOffset;
04497   ULONG DependentDeviceNameSize;
04498 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY;
04499 
04500 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE {
04501   ULONG ResponseLevel;
04502   ULONG NumberEntries;
04503   _ANONYMOUS_UNION union {
04504     STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends[0];
04505     STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends[0];
04506   } DUMMYUNIONNAME;
04507 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE;
04508 
04509 #endif /* (_WIN32_WINNT >= 0x0601) */
04510 
04511 typedef struct _FILESYSTEM_STATISTICS {
04512   USHORT FileSystemType;
04513   USHORT Version;
04514   ULONG SizeOfCompleteStructure;
04515   ULONG UserFileReads;
04516   ULONG UserFileReadBytes;
04517   ULONG UserDiskReads;
04518   ULONG UserFileWrites;
04519   ULONG UserFileWriteBytes;
04520   ULONG UserDiskWrites;
04521   ULONG MetaDataReads;
04522   ULONG MetaDataReadBytes;
04523   ULONG MetaDataDiskReads;
04524   ULONG MetaDataWrites;
04525   ULONG MetaDataWriteBytes;
04526   ULONG MetaDataDiskWrites;
04527 } FILESYSTEM_STATISTICS, *PFILESYSTEM_STATISTICS;
04528 
04529 #define FILESYSTEM_STATISTICS_TYPE_NTFS     1
04530 #define FILESYSTEM_STATISTICS_TYPE_FAT      2
04531 #define FILESYSTEM_STATISTICS_TYPE_EXFAT    3
04532 
04533 typedef struct _FAT_STATISTICS {
04534   ULONG CreateHits;
04535   ULONG SuccessfulCreates;
04536   ULONG FailedCreates;
04537   ULONG NonCachedReads;
04538   ULONG NonCachedReadBytes;
04539   ULONG NonCachedWrites;
04540   ULONG NonCachedWriteBytes;
04541   ULONG NonCachedDiskReads;
04542   ULONG NonCachedDiskWrites;
04543 } FAT_STATISTICS, *PFAT_STATISTICS;
04544 
04545 typedef struct _EXFAT_STATISTICS {
04546   ULONG CreateHits;
04547   ULONG SuccessfulCreates;
04548   ULONG FailedCreates;
04549   ULONG NonCachedReads;
04550   ULONG NonCachedReadBytes;