Doxygen

ntifs.h
Go to the documentation of this file.
00001 /*
00002  * ntifs.h
00003  *
00004  * Windows NT Filesystem Driver Developer Kit
00005  *
00006  * This file is part of the ReactOS DDK package.
00007  *
00008  * Contributors:
00009  *   Amine Khaldi
00010  *   Timo Kreuzer (timo.kreuzer@reactos.org)
00011  *
00012  * THIS SOFTWARE IS NOT COPYRIGHTED
00013  *
00014  * This source code is offered for use in the public domain. You may
00015  * use, modify or distribute it freely.
00016  *
00017  * This code is distributed in the hope that it will be useful but
00018  * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
00019  * DISCLAIMED. This includes but is not limited to warranties of
00020  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
00021  *
00022  */
00023 
00024 #pragma once
00025 
00026 #define _NTIFS_INCLUDED_
00027 #define _GNU_NTIFS_
00028 
00029 #ifdef __cplusplus
00030 extern "C" {
00031 #endif
00032 
00033 /* Dependencies */
00034 #include <ntddk.h>
00035 #include <excpt.h>
00036 #include <ntdef.h>
00037 #include <ntnls.h>
00038 #include <ntstatus.h>
00039 #include <bugcodes.h>
00040 #include <ntiologc.h>
00041 
00042 
00043 #ifndef FlagOn
00044 #define FlagOn(_F,_SF)        ((_F) & (_SF))
00045 #endif
00046 
00047 #ifndef BooleanFlagOn
00048 #define BooleanFlagOn(F,SF)   ((BOOLEAN)(((F) & (SF)) != 0))
00049 #endif
00050 
00051 #ifndef SetFlag
00052 #define SetFlag(_F,_SF)       ((_F) |= (_SF))
00053 #endif
00054 
00055 #ifndef ClearFlag
00056 #define ClearFlag(_F,_SF)     ((_F) &= ~(_SF))
00057 #endif
00058 
00059 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
00060 typedef STRING LSA_STRING, *PLSA_STRING;
00061 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
00062 
00063 /******************************************************************************
00064  *                            Security Manager Types                          *
00065  ******************************************************************************/
00066 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
00067 #define SID_IDENTIFIER_AUTHORITY_DEFINED
00068 typedef struct _SID_IDENTIFIER_AUTHORITY {
00069   UCHAR Value[6];
00070 } SID_IDENTIFIER_AUTHORITY,*PSID_IDENTIFIER_AUTHORITY,*LPSID_IDENTIFIER_AUTHORITY;
00071 #endif
00072 
00073 #ifndef SID_DEFINED
00074 #define SID_DEFINED
00075 typedef struct _SID {
00076   UCHAR Revision;
00077   UCHAR SubAuthorityCount;
00078   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
00079 #ifdef MIDL_PASS
00080   [size_is(SubAuthorityCount)] ULONG SubAuthority[*];
00081 #else
00082   ULONG SubAuthority[ANYSIZE_ARRAY];
00083 #endif
00084 } SID, *PISID;
00085 #endif
00086 
00087 #define SID_REVISION                    1
00088 #define SID_MAX_SUB_AUTHORITIES         15
00089 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
00090 
00091 #ifndef MIDL_PASS
00092 #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof(ULONG)))
00093 #endif
00094 
00095 typedef enum _SID_NAME_USE {
00096   SidTypeUser = 1,
00097   SidTypeGroup,
00098   SidTypeDomain,
00099   SidTypeAlias,
00100   SidTypeWellKnownGroup,
00101   SidTypeDeletedAccount,
00102   SidTypeInvalid,
00103   SidTypeUnknown,
00104   SidTypeComputer,
00105   SidTypeLabel
00106 } SID_NAME_USE, *PSID_NAME_USE;
00107 
00108 typedef struct _SID_AND_ATTRIBUTES {
00109 #ifdef MIDL_PASS
00110   PISID Sid;
00111 #else
00112   PSID Sid;
00113 #endif
00114   ULONG Attributes;
00115 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
00116 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
00117 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
00118 
00119 #define SID_HASH_SIZE 32
00120 typedef ULONG_PTR SID_HASH_ENTRY, *PSID_HASH_ENTRY;
00121 
00122 typedef struct _SID_AND_ATTRIBUTES_HASH {
00123   ULONG SidCount;
00124   PSID_AND_ATTRIBUTES SidAttr;
00125   SID_HASH_ENTRY Hash[SID_HASH_SIZE];
00126 } SID_AND_ATTRIBUTES_HASH, *PSID_AND_ATTRIBUTES_HASH;
00127 
00128 /* Universal well-known SIDs */
00129 
00130 #define SECURITY_NULL_SID_AUTHORITY         {0,0,0,0,0,0}
00131 #define SECURITY_WORLD_SID_AUTHORITY        {0,0,0,0,0,1}
00132 #define SECURITY_LOCAL_SID_AUTHORITY        {0,0,0,0,0,2}
00133 #define SECURITY_CREATOR_SID_AUTHORITY      {0,0,0,0,0,3}
00134 #define SECURITY_NON_UNIQUE_AUTHORITY       {0,0,0,0,0,4}
00135 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
00136 
00137 #define SECURITY_NULL_RID                 (0x00000000L)
00138 #define SECURITY_WORLD_RID                (0x00000000L)
00139 #define SECURITY_LOCAL_RID                (0x00000000L)
00140 #define SECURITY_LOCAL_LOGON_RID          (0x00000001L)
00141 
00142 #define SECURITY_CREATOR_OWNER_RID        (0x00000000L)
00143 #define SECURITY_CREATOR_GROUP_RID        (0x00000001L)
00144 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
00145 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
00146 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
00147 
00148 /* NT well-known SIDs */
00149 
00150 #define SECURITY_NT_AUTHORITY           {0,0,0,0,0,5}
00151 
00152 #define SECURITY_DIALUP_RID             (0x00000001L)
00153 #define SECURITY_NETWORK_RID            (0x00000002L)
00154 #define SECURITY_BATCH_RID              (0x00000003L)
00155 #define SECURITY_INTERACTIVE_RID        (0x00000004L)
00156 #define SECURITY_LOGON_IDS_RID          (0x00000005L)
00157 #define SECURITY_LOGON_IDS_RID_COUNT    (3L)
00158 #define SECURITY_SERVICE_RID            (0x00000006L)
00159 #define SECURITY_ANONYMOUS_LOGON_RID    (0x00000007L)
00160 #define SECURITY_PROXY_RID              (0x00000008L)
00161 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
00162 #define SECURITY_SERVER_LOGON_RID       SECURITY_ENTERPRISE_CONTROLLERS_RID
00163 #define SECURITY_PRINCIPAL_SELF_RID     (0x0000000AL)
00164 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
00165 #define SECURITY_RESTRICTED_CODE_RID    (0x0000000CL)
00166 #define SECURITY_TERMINAL_SERVER_RID    (0x0000000DL)
00167 #define SECURITY_REMOTE_LOGON_RID       (0x0000000EL)
00168 #define SECURITY_THIS_ORGANIZATION_RID  (0x0000000FL)
00169 #define SECURITY_IUSER_RID              (0x00000011L)
00170 #define SECURITY_LOCAL_SYSTEM_RID       (0x00000012L)
00171 #define SECURITY_LOCAL_SERVICE_RID      (0x00000013L)
00172 #define SECURITY_NETWORK_SERVICE_RID    (0x00000014L)
00173 #define SECURITY_NT_NON_UNIQUE          (0x00000015L)
00174 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT  (3L)
00175 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
00176 
00177 #define SECURITY_BUILTIN_DOMAIN_RID     (0x00000020L)
00178 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
00179 
00180 
00181 #define SECURITY_PACKAGE_BASE_RID       (0x00000040L)
00182 #define SECURITY_PACKAGE_RID_COUNT      (2L)
00183 #define SECURITY_PACKAGE_NTLM_RID       (0x0000000AL)
00184 #define SECURITY_PACKAGE_SCHANNEL_RID   (0x0000000EL)
00185 #define SECURITY_PACKAGE_DIGEST_RID     (0x00000015L)
00186 
00187 #define SECURITY_CRED_TYPE_BASE_RID             (0x00000041L)
00188 #define SECURITY_CRED_TYPE_RID_COUNT            (2L)
00189 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID    (0x00000001L)
00190 
00191 #define SECURITY_MIN_BASE_RID       (0x00000050L)
00192 #define SECURITY_SERVICE_ID_BASE_RID    (0x00000050L)
00193 #define SECURITY_SERVICE_ID_RID_COUNT   (6L)
00194 #define SECURITY_RESERVED_ID_BASE_RID   (0x00000051L)
00195 #define SECURITY_APPPOOL_ID_BASE_RID    (0x00000052L)
00196 #define SECURITY_APPPOOL_ID_RID_COUNT   (6L)
00197 #define SECURITY_VIRTUALSERVER_ID_BASE_RID    (0x00000053L)
00198 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT   (6L)
00199 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID  (0x00000054L)
00200 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
00201 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID  (0x00000055L)
00202 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
00203 #define SECURITY_WMIHOST_ID_BASE_RID  (0x00000056L)
00204 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
00205 #define SECURITY_TASK_ID_BASE_RID                 (0x00000057L)
00206 #define SECURITY_NFS_ID_BASE_RID        (0x00000058L)
00207 #define SECURITY_COM_ID_BASE_RID        (0x00000059L)
00208 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT   (6L)
00209 
00210 #define SECURITY_MAX_BASE_RID       (0x0000006FL)
00211 
00212 #define SECURITY_MAX_ALWAYS_FILTERED    (0x000003E7L)
00213 #define SECURITY_MIN_NEVER_FILTERED     (0x000003E8L)
00214 
00215 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
00216 
00217 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
00218 
00219 /* Well-known domain relative sub-authority values (RIDs) */
00220 
00221 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
00222 
00223 #define FOREST_USER_RID_MAX            (0x000001F3L)
00224 
00225 /* Well-known users */
00226 
00227 #define DOMAIN_USER_RID_ADMIN          (0x000001F4L)
00228 #define DOMAIN_USER_RID_GUEST          (0x000001F5L)
00229 #define DOMAIN_USER_RID_KRBTGT         (0x000001F6L)
00230 
00231 #define DOMAIN_USER_RID_MAX            (0x000003E7L)
00232 
00233 /* Well-known groups */
00234 
00235 #define DOMAIN_GROUP_RID_ADMINS               (0x00000200L)
00236 #define DOMAIN_GROUP_RID_USERS                (0x00000201L)
00237 #define DOMAIN_GROUP_RID_GUESTS               (0x00000202L)
00238 #define DOMAIN_GROUP_RID_COMPUTERS            (0x00000203L)
00239 #define DOMAIN_GROUP_RID_CONTROLLERS          (0x00000204L)
00240 #define DOMAIN_GROUP_RID_CERT_ADMINS          (0x00000205L)
00241 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS        (0x00000206L)
00242 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS    (0x00000207L)
00243 #define DOMAIN_GROUP_RID_POLICY_ADMINS        (0x00000208L)
00244 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
00245 
00246 /* Well-known aliases */
00247 
00248 #define DOMAIN_ALIAS_RID_ADMINS                         (0x00000220L)
00249 #define DOMAIN_ALIAS_RID_USERS                          (0x00000221L)
00250 #define DOMAIN_ALIAS_RID_GUESTS                         (0x00000222L)
00251 #define DOMAIN_ALIAS_RID_POWER_USERS                    (0x00000223L)
00252 
00253 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS                    (0x00000224L)
00254 #define DOMAIN_ALIAS_RID_SYSTEM_OPS                     (0x00000225L)
00255 #define DOMAIN_ALIAS_RID_PRINT_OPS                      (0x00000226L)
00256 #define DOMAIN_ALIAS_RID_BACKUP_OPS                     (0x00000227L)
00257 
00258 #define DOMAIN_ALIAS_RID_REPLICATOR                     (0x00000228L)
00259 #define DOMAIN_ALIAS_RID_RAS_SERVERS                    (0x00000229L)
00260 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS               (0x0000022AL)
00261 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS           (0x0000022BL)
00262 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS      (0x0000022CL)
00263 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
00264 
00265 #define DOMAIN_ALIAS_RID_MONITORING_USERS               (0x0000022EL)
00266 #define DOMAIN_ALIAS_RID_LOGGING_USERS                  (0x0000022FL)
00267 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS            (0x00000230L)
00268 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS             (0x00000231L)
00269 #define DOMAIN_ALIAS_RID_DCOM_USERS                     (0x00000232L)
00270 #define DOMAIN_ALIAS_RID_IUSERS                         (0x00000238L)
00271 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS               (0x00000239L)
00272 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP     (0x0000023BL)
00273 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
00274 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP        (0x0000023DL)
00275 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP      (0x0000023EL)
00276 
00277 #define SECURITY_MANDATORY_LABEL_AUTHORITY          {0,0,0,0,0,16}
00278 #define SECURITY_MANDATORY_UNTRUSTED_RID            (0x00000000L)
00279 #define SECURITY_MANDATORY_LOW_RID                  (0x00001000L)
00280 #define SECURITY_MANDATORY_MEDIUM_RID               (0x00002000L)
00281 #define SECURITY_MANDATORY_HIGH_RID                 (0x00003000L)
00282 #define SECURITY_MANDATORY_SYSTEM_RID               (0x00004000L)
00283 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID    (0x00005000L)
00284 
00285 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
00286    can be set by a usermode caller.*/
00287 
00288 #define SECURITY_MANDATORY_MAXIMUM_USER_RID   SECURITY_MANDATORY_SYSTEM_RID
00289 
00290 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
00291 
00292 /* Allocate the System Luid.  The first 1000 LUIDs are reserved.
00293    Use #999 here (0x3e7 = 999) */
00294 
00295 #define SYSTEM_LUID                     {0x3e7, 0x0}
00296 #define ANONYMOUS_LOGON_LUID            {0x3e6, 0x0}
00297 #define LOCALSERVICE_LUID               {0x3e5, 0x0}
00298 #define NETWORKSERVICE_LUID             {0x3e4, 0x0}
00299 #define IUSER_LUID                      {0x3e3, 0x0}
00300 
00301 typedef struct _ACE_HEADER {
00302   UCHAR AceType;
00303   UCHAR AceFlags;
00304   USHORT AceSize;
00305 } ACE_HEADER, *PACE_HEADER;
00306 
00307 /* also in winnt.h */
00308 #define ACCESS_MIN_MS_ACE_TYPE                  (0x0)
00309 #define ACCESS_ALLOWED_ACE_TYPE                 (0x0)
00310 #define ACCESS_DENIED_ACE_TYPE                  (0x1)
00311 #define SYSTEM_AUDIT_ACE_TYPE                   (0x2)
00312 #define SYSTEM_ALARM_ACE_TYPE                   (0x3)
00313 #define ACCESS_MAX_MS_V2_ACE_TYPE               (0x3)
00314 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE        (0x4)
00315 #define ACCESS_MAX_MS_V3_ACE_TYPE               (0x4)
00316 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE           (0x5)
00317 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE          (0x5)
00318 #define ACCESS_DENIED_OBJECT_ACE_TYPE           (0x6)
00319 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE            (0x7)
00320 #define SYSTEM_ALARM_OBJECT_ACE_TYPE            (0x8)
00321 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE           (0x8)
00322 #define ACCESS_MAX_MS_V4_ACE_TYPE               (0x8)
00323 #define ACCESS_MAX_MS_ACE_TYPE                  (0x8)
00324 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE        (0x9)
00325 #define ACCESS_DENIED_CALLBACK_ACE_TYPE         (0xA)
00326 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
00327 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE  (0xC)
00328 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE          (0xD)
00329 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE          (0xE)
00330 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE   (0xF)
00331 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE   (0x10)
00332 #define ACCESS_MAX_MS_V5_ACE_TYPE               (0x11)
00333 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE         (0x11)
00334 
00335 /* The following are the inherit flags that go into the AceFlags field
00336    of an Ace header. */
00337 
00338 #define OBJECT_INHERIT_ACE                (0x1)
00339 #define CONTAINER_INHERIT_ACE             (0x2)
00340 #define NO_PROPAGATE_INHERIT_ACE          (0x4)
00341 #define INHERIT_ONLY_ACE                  (0x8)
00342 #define INHERITED_ACE                     (0x10)
00343 #define VALID_INHERIT_FLAGS               (0x1F)
00344 
00345 #define SUCCESSFUL_ACCESS_ACE_FLAG        (0x40)
00346 #define FAILED_ACCESS_ACE_FLAG            (0x80)
00347 
00348 typedef struct _ACCESS_ALLOWED_ACE {
00349   ACE_HEADER Header;
00350   ACCESS_MASK Mask;
00351   ULONG SidStart;
00352 } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
00353 
00354 typedef struct _ACCESS_DENIED_ACE {
00355   ACE_HEADER Header;
00356   ACCESS_MASK Mask;
00357   ULONG SidStart;
00358 } ACCESS_DENIED_ACE, *PACCESS_DENIED_ACE;
00359 
00360 typedef struct _SYSTEM_AUDIT_ACE {
00361   ACE_HEADER Header;
00362   ACCESS_MASK Mask;
00363   ULONG SidStart;
00364 } SYSTEM_AUDIT_ACE, *PSYSTEM_AUDIT_ACE;
00365 
00366 typedef struct _SYSTEM_ALARM_ACE {
00367   ACE_HEADER Header;
00368   ACCESS_MASK Mask;
00369   ULONG SidStart;
00370 } SYSTEM_ALARM_ACE, *PSYSTEM_ALARM_ACE;
00371 
00372 typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
00373   ACE_HEADER Header;
00374   ACCESS_MASK Mask;
00375   ULONG SidStart;
00376 } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE;
00377 
00378 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP         0x1
00379 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP          0x2
00380 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP       0x4
00381 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP   | \
00382                                            SYSTEM_MANDATORY_LABEL_NO_READ_UP    | \
00383                                            SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
00384 
00385 #define SECURITY_DESCRIPTOR_MIN_LENGTH   (sizeof(SECURITY_DESCRIPTOR))
00386 
00387 typedef USHORT SECURITY_DESCRIPTOR_CONTROL,*PSECURITY_DESCRIPTOR_CONTROL;
00388 
00389 #define SE_OWNER_DEFAULTED              0x0001
00390 #define SE_GROUP_DEFAULTED              0x0002
00391 #define SE_DACL_PRESENT                 0x0004
00392 #define SE_DACL_DEFAULTED               0x0008
00393 #define SE_SACL_PRESENT                 0x0010
00394 #define SE_SACL_DEFAULTED               0x0020
00395 #define SE_DACL_UNTRUSTED               0x0040
00396 #define SE_SERVER_SECURITY              0x0080
00397 #define SE_DACL_AUTO_INHERIT_REQ        0x0100
00398 #define SE_SACL_AUTO_INHERIT_REQ        0x0200
00399 #define SE_DACL_AUTO_INHERITED          0x0400
00400 #define SE_SACL_AUTO_INHERITED          0x0800
00401 #define SE_DACL_PROTECTED               0x1000
00402 #define SE_SACL_PROTECTED               0x2000
00403 #define SE_RM_CONTROL_VALID             0x4000
00404 #define SE_SELF_RELATIVE                0x8000
00405 
00406 typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
00407   UCHAR Revision;
00408   UCHAR Sbz1;
00409   SECURITY_DESCRIPTOR_CONTROL Control;
00410   ULONG Owner;
00411   ULONG Group;
00412   ULONG Sacl;
00413   ULONG Dacl;
00414 } SECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
00415 
00416 typedef struct _SECURITY_DESCRIPTOR {
00417   UCHAR Revision;
00418   UCHAR Sbz1;
00419   SECURITY_DESCRIPTOR_CONTROL Control;
00420   PSID Owner;
00421   PSID Group;
00422   PACL Sacl;
00423   PACL Dacl;
00424 } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
00425 
00426 typedef struct _OBJECT_TYPE_LIST {
00427   USHORT Level;
00428   USHORT Sbz;
00429   GUID *ObjectType;
00430 } OBJECT_TYPE_LIST, *POBJECT_TYPE_LIST;
00431 
00432 #define ACCESS_OBJECT_GUID       0
00433 #define ACCESS_PROPERTY_SET_GUID 1
00434 #define ACCESS_PROPERTY_GUID     2
00435 #define ACCESS_MAX_LEVEL         4
00436 
00437 typedef enum _AUDIT_EVENT_TYPE {
00438   AuditEventObjectAccess,
00439   AuditEventDirectoryServiceAccess
00440 } AUDIT_EVENT_TYPE, *PAUDIT_EVENT_TYPE;
00441 
00442 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
00443 
00444 #define ACCESS_DS_SOURCE_A "DS"
00445 #define ACCESS_DS_SOURCE_W L"DS"
00446 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
00447 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
00448 
00449 #define ACCESS_REASON_TYPE_MASK 0xffff0000
00450 #define ACCESS_REASON_DATA_MASK 0x0000ffff
00451 
00452 typedef enum _ACCESS_REASON_TYPE {
00453   AccessReasonNone = 0x00000000,
00454   AccessReasonAllowedAce = 0x00010000,
00455   AccessReasonDeniedAce = 0x00020000,
00456   AccessReasonAllowedParentAce = 0x00030000,
00457   AccessReasonDeniedParentAce = 0x00040000,
00458   AccessReasonMissingPrivilege = 0x00100000,
00459   AccessReasonFromPrivilege = 0x00200000,
00460   AccessReasonIntegrityLevel = 0x00300000,
00461   AccessReasonOwnership = 0x00400000,
00462   AccessReasonNullDacl = 0x00500000,
00463   AccessReasonEmptyDacl = 0x00600000,
00464   AccessReasonNoSD = 0x00700000,
00465   AccessReasonNoGrant = 0x00800000
00466 } ACCESS_REASON_TYPE;
00467 
00468 typedef ULONG ACCESS_REASON;
00469 
00470 typedef struct _ACCESS_REASONS {
00471   ACCESS_REASON Data[32];
00472 } ACCESS_REASONS, *PACCESS_REASONS;
00473 
00474 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE    0x00000001
00475 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE    0x00000002
00476 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS          0x00000003
00477 
00478 typedef struct _SE_SECURITY_DESCRIPTOR {
00479   ULONG Size;
00480   ULONG Flags;
00481   PSECURITY_DESCRIPTOR SecurityDescriptor;
00482 } SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
00483 
00484 typedef struct _SE_ACCESS_REQUEST {
00485   ULONG Size;
00486   PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
00487   ACCESS_MASK DesiredAccess;
00488   ACCESS_MASK PreviouslyGrantedAccess;
00489   PSID PrincipalSelfSid;
00490   PGENERIC_MAPPING GenericMapping;
00491   ULONG ObjectTypeListCount;
00492   POBJECT_TYPE_LIST ObjectTypeList;
00493 } SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
00494 
00495 typedef struct _SE_ACCESS_REPLY {
00496   ULONG Size;
00497   ULONG ResultListCount;
00498   PACCESS_MASK GrantedAccess;
00499   PNTSTATUS AccessStatus;
00500   PACCESS_REASONS AccessReason;
00501   PPRIVILEGE_SET* Privileges;
00502 } SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
00503 
00504 typedef enum _SE_AUDIT_OPERATION {
00505   AuditPrivilegeObject,
00506   AuditPrivilegeService,
00507   AuditAccessCheck,
00508   AuditOpenObject,
00509   AuditOpenObjectWithTransaction,
00510   AuditCloseObject,
00511   AuditDeleteObject,
00512   AuditOpenObjectForDelete,
00513   AuditOpenObjectForDeleteWithTransaction,
00514   AuditCloseNonObject,
00515   AuditOpenNonObject,
00516   AuditObjectReference,
00517   AuditHandleCreation,
00518 } SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
00519 
00520 typedef struct _SE_AUDIT_INFO {
00521   ULONG Size;
00522   AUDIT_EVENT_TYPE AuditType;
00523   SE_AUDIT_OPERATION AuditOperation;
00524   ULONG AuditFlags;
00525   UNICODE_STRING SubsystemName;
00526   UNICODE_STRING ObjectTypeName;
00527   UNICODE_STRING ObjectName;
00528   PVOID HandleId;
00529   GUID* TransactionId;
00530   LUID* OperationId;
00531   BOOLEAN ObjectCreation;
00532   BOOLEAN GenerateOnClose;
00533 } SE_AUDIT_INFO, *PSE_AUDIT_INFO;
00534 
00535 #define TOKEN_ASSIGN_PRIMARY            (0x0001)
00536 #define TOKEN_DUPLICATE                 (0x0002)
00537 #define TOKEN_IMPERSONATE               (0x0004)
00538 #define TOKEN_QUERY                     (0x0008)
00539 #define TOKEN_QUERY_SOURCE              (0x0010)
00540 #define TOKEN_ADJUST_PRIVILEGES         (0x0020)
00541 #define TOKEN_ADJUST_GROUPS             (0x0040)
00542 #define TOKEN_ADJUST_DEFAULT            (0x0080)
00543 #define TOKEN_ADJUST_SESSIONID          (0x0100)
00544 
00545 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED  |\
00546                             TOKEN_ASSIGN_PRIMARY      |\
00547                             TOKEN_DUPLICATE           |\
00548                             TOKEN_IMPERSONATE         |\
00549                             TOKEN_QUERY               |\
00550                             TOKEN_QUERY_SOURCE        |\
00551                             TOKEN_ADJUST_PRIVILEGES   |\
00552                             TOKEN_ADJUST_GROUPS       |\
00553                             TOKEN_ADJUST_DEFAULT )
00554 
00555 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
00556 #define TOKEN_ALL_ACCESS  (TOKEN_ALL_ACCESS_P |\
00557                            TOKEN_ADJUST_SESSIONID )
00558 #else
00559 #define TOKEN_ALL_ACCESS  (TOKEN_ALL_ACCESS_P)
00560 #endif
00561 
00562 #define TOKEN_READ       (STANDARD_RIGHTS_READ     |\
00563                           TOKEN_QUERY)
00564 
00565 #define TOKEN_WRITE      (STANDARD_RIGHTS_WRITE    |\
00566                           TOKEN_ADJUST_PRIVILEGES  |\
00567                           TOKEN_ADJUST_GROUPS      |\
00568                           TOKEN_ADJUST_DEFAULT)
00569 
00570 #define TOKEN_EXECUTE    (STANDARD_RIGHTS_EXECUTE)
00571 
00572 typedef enum _TOKEN_TYPE {
00573   TokenPrimary = 1,
00574   TokenImpersonation
00575 } TOKEN_TYPE,*PTOKEN_TYPE;
00576 
00577 typedef enum _TOKEN_INFORMATION_CLASS {
00578   TokenUser = 1,
00579   TokenGroups,
00580   TokenPrivileges,
00581   TokenOwner,
00582   TokenPrimaryGroup,
00583   TokenDefaultDacl,
00584   TokenSource,
00585   TokenType,
00586   TokenImpersonationLevel,
00587   TokenStatistics,
00588   TokenRestrictedSids,
00589   TokenSessionId,
00590   TokenGroupsAndPrivileges,
00591   TokenSessionReference,
00592   TokenSandBoxInert,
00593   TokenAuditPolicy,
00594   TokenOrigin,
00595   TokenElevationType,
00596   TokenLinkedToken,
00597   TokenElevation,
00598   TokenHasRestrictions,
00599   TokenAccessInformation,
00600   TokenVirtualizationAllowed,
00601   TokenVirtualizationEnabled,
00602   TokenIntegrityLevel,
00603   TokenUIAccess,
00604   TokenMandatoryPolicy,
00605   TokenLogonSid,
00606   MaxTokenInfoClass
00607 } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
00608 
00609 typedef struct _TOKEN_USER {
00610   SID_AND_ATTRIBUTES User;
00611 } TOKEN_USER, *PTOKEN_USER;
00612 
00613 typedef struct _TOKEN_GROUPS {
00614   ULONG GroupCount;
00615 #ifdef MIDL_PASS
00616   [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
00617 #else
00618   SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
00619 #endif
00620 } TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
00621 
00622 typedef struct _TOKEN_PRIVILEGES {
00623   ULONG PrivilegeCount;
00624   LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
00625 } TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
00626 
00627 typedef struct _TOKEN_OWNER {
00628   PSID Owner;
00629 } TOKEN_OWNER,*PTOKEN_OWNER;
00630 
00631 typedef struct _TOKEN_PRIMARY_GROUP {
00632   PSID PrimaryGroup;
00633 } TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
00634 
00635 typedef struct _TOKEN_DEFAULT_DACL {
00636   PACL DefaultDacl;
00637 } TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
00638 
00639 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
00640   ULONG SidCount;
00641   ULONG SidLength;
00642   PSID_AND_ATTRIBUTES Sids;
00643   ULONG RestrictedSidCount;
00644   ULONG RestrictedSidLength;
00645   PSID_AND_ATTRIBUTES RestrictedSids;
00646   ULONG PrivilegeCount;
00647   ULONG PrivilegeLength;
00648   PLUID_AND_ATTRIBUTES Privileges;
00649   LUID AuthenticationId;
00650 } TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
00651 
00652 typedef struct _TOKEN_LINKED_TOKEN {
00653   HANDLE LinkedToken;
00654 } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
00655 
00656 typedef struct _TOKEN_ELEVATION {
00657   ULONG TokenIsElevated;
00658 } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
00659 
00660 typedef struct _TOKEN_MANDATORY_LABEL {
00661   SID_AND_ATTRIBUTES Label;
00662 } TOKEN_MANDATORY_LABEL, *PTOKEN_MANDATORY_LABEL;
00663 
00664 #define TOKEN_MANDATORY_POLICY_OFF             0x0
00665 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP     0x1
00666 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
00667 
00668 #define TOKEN_MANDATORY_POLICY_VALID_MASK    (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
00669                                               TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
00670 
00671 typedef struct _TOKEN_MANDATORY_POLICY {
00672   ULONG Policy;
00673 } TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
00674 
00675 typedef struct _TOKEN_ACCESS_INFORMATION {
00676   PSID_AND_ATTRIBUTES_HASH SidHash;
00677   PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
00678   PTOKEN_PRIVILEGES Privileges;
00679   LUID AuthenticationId;
00680   TOKEN_TYPE TokenType;
00681   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
00682   TOKEN_MANDATORY_POLICY MandatoryPolicy;
00683   ULONG Flags;
00684 } TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
00685 
00686 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
00687 
00688 typedef struct _TOKEN_AUDIT_POLICY {
00689   UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
00690 } TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
00691 
00692 #define TOKEN_SOURCE_LENGTH 8
00693 
00694 typedef struct _TOKEN_SOURCE {
00695   CHAR SourceName[TOKEN_SOURCE_LENGTH];
00696   LUID SourceIdentifier;
00697 } TOKEN_SOURCE,*PTOKEN_SOURCE;
00698 
00699 typedef struct _TOKEN_STATISTICS {
00700   LUID TokenId;
00701   LUID AuthenticationId;
00702   LARGE_INTEGER ExpirationTime;
00703   TOKEN_TYPE TokenType;
00704   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
00705   ULONG DynamicCharged;
00706   ULONG DynamicAvailable;
00707   ULONG GroupCount;
00708   ULONG PrivilegeCount;
00709   LUID ModifiedId;
00710 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
00711 
00712 typedef struct _TOKEN_CONTROL {
00713   LUID TokenId;
00714   LUID AuthenticationId;
00715   LUID ModifiedId;
00716   TOKEN_SOURCE TokenSource;
00717 } TOKEN_CONTROL,*PTOKEN_CONTROL;
00718 
00719 typedef struct _TOKEN_ORIGIN {
00720   LUID OriginatingLogonSession;
00721 } TOKEN_ORIGIN, *PTOKEN_ORIGIN;
00722 
00723 typedef enum _MANDATORY_LEVEL {
00724   MandatoryLevelUntrusted = 0,
00725   MandatoryLevelLow,
00726   MandatoryLevelMedium,
00727   MandatoryLevelHigh,
00728   MandatoryLevelSystem,
00729   MandatoryLevelSecureProcess,
00730   MandatoryLevelCount
00731 } MANDATORY_LEVEL, *PMANDATORY_LEVEL;
00732 
00733 #define TOKEN_HAS_TRAVERSE_PRIVILEGE    0x0001
00734 #define TOKEN_HAS_BACKUP_PRIVILEGE      0x0002
00735 #define TOKEN_HAS_RESTORE_PRIVILEGE     0x0004
00736 #define TOKEN_WRITE_RESTRICTED          0x0008
00737 #define TOKEN_IS_RESTRICTED             0x0010
00738 #define TOKEN_SESSION_NOT_REFERENCED    0x0020
00739 #define TOKEN_SANDBOX_INERT             0x0040
00740 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
00741 #define SE_BACKUP_PRIVILEGES_CHECKED    0x0100
00742 #define TOKEN_VIRTUALIZE_ALLOWED        0x0200
00743 #define TOKEN_VIRTUALIZE_ENABLED        0x0400
00744 #define TOKEN_IS_FILTERED               0x0800
00745 #define TOKEN_UIACCESS                  0x1000
00746 #define TOKEN_NOT_LOW                   0x2000
00747 
00748 typedef struct _SE_EXPORTS {
00749   LUID SeCreateTokenPrivilege;
00750   LUID SeAssignPrimaryTokenPrivilege;
00751   LUID SeLockMemoryPrivilege;
00752   LUID SeIncreaseQuotaPrivilege;
00753   LUID SeUnsolicitedInputPrivilege;
00754   LUID SeTcbPrivilege;
00755   LUID SeSecurityPrivilege;
00756   LUID SeTakeOwnershipPrivilege;
00757   LUID SeLoadDriverPrivilege;
00758   LUID SeCreatePagefilePrivilege;
00759   LUID SeIncreaseBasePriorityPrivilege;
00760   LUID SeSystemProfilePrivilege;
00761   LUID SeSystemtimePrivilege;
00762   LUID SeProfileSingleProcessPrivilege;
00763   LUID SeCreatePermanentPrivilege;
00764   LUID SeBackupPrivilege;
00765   LUID SeRestorePrivilege;
00766   LUID SeShutdownPrivilege;
00767   LUID SeDebugPrivilege;
00768   LUID SeAuditPrivilege;
00769   LUID SeSystemEnvironmentPrivilege;
00770   LUID SeChangeNotifyPrivilege;
00771   LUID SeRemoteShutdownPrivilege;
00772   PSID SeNullSid;
00773   PSID SeWorldSid;
00774   PSID SeLocalSid;
00775   PSID SeCreatorOwnerSid;
00776   PSID SeCreatorGroupSid;
00777   PSID SeNtAuthoritySid;
00778   PSID SeDialupSid;
00779   PSID SeNetworkSid;
00780   PSID SeBatchSid;
00781   PSID SeInteractiveSid;
00782   PSID SeLocalSystemSid;
00783   PSID SeAliasAdminsSid;
00784   PSID SeAliasUsersSid;
00785   PSID SeAliasGuestsSid;
00786   PSID SeAliasPowerUsersSid;
00787   PSID SeAliasAccountOpsSid;
00788   PSID SeAliasSystemOpsSid;
00789   PSID SeAliasPrintOpsSid;
00790   PSID SeAliasBackupOpsSid;
00791   PSID SeAuthenticatedUsersSid;
00792   PSID SeRestrictedSid;
00793   PSID SeAnonymousLogonSid;
00794   LUID SeUndockPrivilege;
00795   LUID SeSyncAgentPrivilege;
00796   LUID SeEnableDelegationPrivilege;
00797   PSID SeLocalServiceSid;
00798   PSID SeNetworkServiceSid;
00799   LUID SeManageVolumePrivilege;
00800   LUID SeImpersonatePrivilege;
00801   LUID SeCreateGlobalPrivilege;
00802   LUID SeTrustedCredManAccessPrivilege;
00803   LUID SeRelabelPrivilege;
00804   LUID SeIncreaseWorkingSetPrivilege;
00805   LUID SeTimeZonePrivilege;
00806   LUID SeCreateSymbolicLinkPrivilege;
00807   PSID SeIUserSid;
00808   PSID SeUntrustedMandatorySid;
00809   PSID SeLowMandatorySid;
00810   PSID SeMediumMandatorySid;
00811   PSID SeHighMandatorySid;
00812   PSID SeSystemMandatorySid;
00813   PSID SeOwnerRightsSid;
00814 } SE_EXPORTS, *PSE_EXPORTS;
00815 
00816 typedef NTSTATUS
00817 (NTAPI *PSE_LOGON_SESSION_TERMINATED_ROUTINE)(
00818   IN PLUID LogonId);
00819 
00820 typedef struct _SECURITY_CLIENT_CONTEXT {
00821   SECURITY_QUALITY_OF_SERVICE SecurityQos;
00822   PACCESS_TOKEN ClientToken;
00823   BOOLEAN DirectlyAccessClientToken;
00824   BOOLEAN DirectAccessEffectiveOnly;
00825   BOOLEAN ServerIsRemote;
00826   TOKEN_CONTROL ClientTokenControl;
00827 } SECURITY_CLIENT_CONTEXT, *PSECURITY_CLIENT_CONTEXT;
00828 
00829 /******************************************************************************
00830  *                            Object Manager Types                            *
00831  ******************************************************************************/
00832 
00833 typedef enum _OBJECT_INFORMATION_CLASS {
00834   ObjectBasicInformation = 0,
00835   ObjectTypeInformation = 2,
00836   /* Not for public use */
00837   ObjectNameInformation = 1,
00838   ObjectTypesInformation = 3,
00839   ObjectHandleFlagInformation = 4,
00840   ObjectSessionInformation = 5,
00841   MaxObjectInfoClass
00842 } OBJECT_INFORMATION_CLASS;
00843 
00844 
00845 /******************************************************************************
00846  *                           Runtime Library Types                            *
00847  ******************************************************************************/
00848 
00849 
00850 #define RTL_SYSTEM_VOLUME_INFORMATION_FOLDER    L"System Volume Information"
00851 
00852 _Function_class_(RTL_ALLOCATE_STRING_ROUTINE)
00853 _IRQL_requires_max_(PASSIVE_LEVEL)
00854 __drv_allocatesMem(Mem)
00855 typedef PVOID
00856 (NTAPI *PRTL_ALLOCATE_STRING_ROUTINE)(
00857   _In_ SIZE_T NumberOfBytes);
00858 
00859 #if _WIN32_WINNT >= 0x0600
00860 _Function_class_(RTL_REALLOCATE_STRING_ROUTINE)
00861 _IRQL_requires_max_(PASSIVE_LEVEL)
00862 __drv_allocatesMem(Mem)
00863 typedef PVOID
00864 (NTAPI *PRTL_REALLOCATE_STRING_ROUTINE)(
00865   _In_ SIZE_T NumberOfBytes,
00866   IN PVOID Buffer);
00867 #endif
00868 
00869 typedef VOID
00870 (NTAPI *PRTL_FREE_STRING_ROUTINE)(
00871   _In_ __drv_freesMem(Mem) _Post_invalid_ PVOID Buffer);
00872 
00873 extern NTKERNELAPI const PRTL_ALLOCATE_STRING_ROUTINE RtlAllocateStringRoutine;
00874 extern NTKERNELAPI const PRTL_FREE_STRING_ROUTINE RtlFreeStringRoutine;
00875 
00876 #if _WIN32_WINNT >= 0x0600
00877 extern NTKERNELAPI const PRTL_REALLOCATE_STRING_ROUTINE RtlReallocateStringRoutine;
00878 #endif
00879 
00880 _Function_class_(RTL_HEAP_COMMIT_ROUTINE)
00881 _IRQL_requires_same_
00882 typedef NTSTATUS
00883 (NTAPI *PRTL_HEAP_COMMIT_ROUTINE) (
00884   _In_ PVOID Base,
00885   _Inout_ PVOID *CommitAddress,
00886   _Inout_ PSIZE_T CommitSize);
00887 
00888 typedef struct _RTL_HEAP_PARAMETERS {
00889   ULONG Length;
00890   SIZE_T SegmentReserve;
00891   SIZE_T SegmentCommit;
00892   SIZE_T DeCommitFreeBlockThreshold;
00893   SIZE_T DeCommitTotalFreeThreshold;
00894   SIZE_T MaximumAllocationSize;
00895   SIZE_T VirtualMemoryThreshold;
00896   SIZE_T InitialCommit;
00897   SIZE_T InitialReserve;
00898   PRTL_HEAP_COMMIT_ROUTINE CommitRoutine;
00899   SIZE_T Reserved[2];
00900 } RTL_HEAP_PARAMETERS, *PRTL_HEAP_PARAMETERS;
00901 
00902 #if (NTDDI_VERSION >= NTDDI_WIN2K)
00903 
00904 typedef struct _GENERATE_NAME_CONTEXT {
00905   USHORT Checksum;
00906   BOOLEAN CheckSumInserted;
00907   _Field_range_(<=, 8) UCHAR NameLength;
00908   WCHAR NameBuffer[8];
00909   _Field_range_(<=, 4) ULONG ExtensionLength;
00910   WCHAR ExtensionBuffer[4];
00911   ULONG LastIndexValue;
00912 } GENERATE_NAME_CONTEXT, *PGENERATE_NAME_CONTEXT;
00913 
00914 typedef struct _PREFIX_TABLE_ENTRY {
00915   CSHORT NodeTypeCode;
00916   CSHORT NameLength;
00917   struct _PREFIX_TABLE_ENTRY *NextPrefixTree;
00918   RTL_SPLAY_LINKS Links;
00919   PSTRING Prefix;
00920 } PREFIX_TABLE_ENTRY, *PPREFIX_TABLE_ENTRY;
00921 
00922 typedef struct _PREFIX_TABLE {
00923   CSHORT NodeTypeCode;
00924   CSHORT NameLength;
00925   PPREFIX_TABLE_ENTRY NextPrefixTree;
00926 } PREFIX_TABLE, *PPREFIX_TABLE;
00927 
00928 typedef struct _UNICODE_PREFIX_TABLE_ENTRY {
00929   CSHORT NodeTypeCode;
00930   CSHORT NameLength;
00931   struct _UNICODE_PREFIX_TABLE_ENTRY *NextPrefixTree;
00932   struct _UNICODE_PREFIX_TABLE_ENTRY *CaseMatch;
00933   RTL_SPLAY_LINKS Links;
00934   PUNICODE_STRING Prefix;
00935 } UNICODE_PREFIX_TABLE_ENTRY, *PUNICODE_PREFIX_TABLE_ENTRY;
00936 
00937 typedef struct _UNICODE_PREFIX_TABLE {
00938   CSHORT NodeTypeCode;
00939   CSHORT NameLength;
00940   PUNICODE_PREFIX_TABLE_ENTRY NextPrefixTree;
00941   PUNICODE_PREFIX_TABLE_ENTRY LastNextEntry;
00942 } UNICODE_PREFIX_TABLE, *PUNICODE_PREFIX_TABLE;
00943 
00944 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
00945 
00946 #if (NTDDI_VERSION >= NTDDI_WINXP)
00947 typedef struct _COMPRESSED_DATA_INFO {
00948   USHORT CompressionFormatAndEngine;
00949   UCHAR CompressionUnitShift;
00950   UCHAR ChunkShift;
00951   UCHAR ClusterShift;
00952   UCHAR Reserved;
00953   USHORT NumberOfChunks;
00954   ULONG CompressedChunkSizes[ANYSIZE_ARRAY];
00955 } COMPRESSED_DATA_INFO, *PCOMPRESSED_DATA_INFO;
00956 #endif
00957 /******************************************************************************
00958  *                         Runtime Library Functions                          *
00959  ******************************************************************************/
00960 
00961 
00962 #if (NTDDI_VERSION >= NTDDI_WIN2K)
00963 
00964 
00965 _Must_inspect_result_
00966 _Ret_maybenull_
00967 _Post_writable_byte_size_(Size)
00968 NTSYSAPI
00969 PVOID
00970 NTAPI
00971 RtlAllocateHeap(
00972   _In_ HANDLE HeapHandle,
00973   _In_opt_ ULONG Flags,
00974   _In_ SIZE_T Size);
00975 
00976 _Success_(return != 0)
00977 NTSYSAPI
00978 BOOLEAN
00979 NTAPI
00980 RtlFreeHeap(
00981   _In_ PVOID HeapHandle,
00982   _In_opt_ ULONG Flags,
00983   _In_ _Post_invalid_ PVOID BaseAddress);
00984 
00985 NTSYSAPI
00986 VOID
00987 NTAPI
00988 RtlCaptureContext(
00989   _Out_ PCONTEXT ContextRecord);
00990 
00991 _Ret_range_(<, MAXLONG)
00992 NTSYSAPI
00993 ULONG
00994 NTAPI
00995 RtlRandom(
00996   _Inout_ PULONG Seed);
00997 
00998 _IRQL_requires_max_(APC_LEVEL)
00999 _Success_(return != 0)
01000 _Must_inspect_result_
01001 NTSYSAPI
01002 BOOLEAN
01003 NTAPI
01004 RtlCreateUnicodeString(
01005   _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem))
01006     PUNICODE_STRING DestinationString,
01007   _In_z_ PCWSTR SourceString);
01008 
01009 _IRQL_requires_max_(PASSIVE_LEVEL)
01010 _Must_inspect_result_
01011 NTSYSAPI
01012 BOOLEAN
01013 NTAPI
01014 RtlPrefixString(
01015   _In_ const STRING *String1,
01016   _In_ const STRING *String2,
01017   _In_ BOOLEAN CaseInsensitive);
01018 
01019 _IRQL_requires_max_(APC_LEVEL)
01020 NTSYSAPI
01021 NTSTATUS
01022 NTAPI
01023 RtlAppendStringToString(
01024   _Inout_ PSTRING Destination,
01025   _In_ const STRING *Source);
01026 
01027 _IRQL_requires_max_(PASSIVE_LEVEL)
01028 _Must_inspect_result_
01029 NTSYSAPI
01030 NTSTATUS
01031 NTAPI
01032 RtlOemStringToUnicodeString(
01033   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01034   _When_(!AllocateDestinationString, _Inout_)
01035     PUNICODE_STRING DestinationString,
01036   _In_ PCOEM_STRING SourceString,
01037   _In_ BOOLEAN AllocateDestinationString);
01038 
01039 _IRQL_requires_max_(PASSIVE_LEVEL)
01040 _Must_inspect_result_
01041 NTSYSAPI
01042 NTSTATUS
01043 NTAPI
01044 RtlUnicodeStringToOemString(
01045   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01046   _When_(!AllocateDestinationString, _Inout_)
01047     POEM_STRING DestinationString,
01048   _In_ PCUNICODE_STRING SourceString,
01049   _In_ BOOLEAN AllocateDestinationString);
01050 
01051 _IRQL_requires_max_(PASSIVE_LEVEL)
01052 _Must_inspect_result_
01053 NTSYSAPI
01054 NTSTATUS
01055 NTAPI
01056 RtlUpcaseUnicodeStringToOemString(
01057   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01058   _When_(!AllocateDestinationString, _Inout_)
01059     POEM_STRING DestinationString,
01060   _In_ PCUNICODE_STRING SourceString,
01061   _In_ BOOLEAN AllocateDestinationString);
01062 
01063 _IRQL_requires_max_(PASSIVE_LEVEL)
01064 _Must_inspect_result_
01065 NTSYSAPI
01066 NTSTATUS
01067 NTAPI
01068 RtlOemStringToCountedUnicodeString(
01069   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01070   _When_(!AllocateDestinationString, _Inout_)
01071     PUNICODE_STRING DestinationString,
01072   _In_ PCOEM_STRING SourceString,
01073   _In_ BOOLEAN AllocateDestinationString);
01074 
01075 _IRQL_requires_max_(PASSIVE_LEVEL)
01076 _Must_inspect_result_
01077 NTSYSAPI
01078 NTSTATUS
01079 NTAPI
01080 RtlUnicodeStringToCountedOemString(
01081   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01082   _When_(!AllocateDestinationString, _Inout_)
01083     POEM_STRING DestinationString,
01084   _In_ PCUNICODE_STRING SourceString,
01085   _In_ BOOLEAN AllocateDestinationString);
01086 
01087 _IRQL_requires_max_(PASSIVE_LEVEL)
01088 _Must_inspect_result_
01089 NTSYSAPI
01090 NTSTATUS
01091 NTAPI
01092 RtlUpcaseUnicodeStringToCountedOemString(
01093   _When_(AllocateDestinationString, _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)))
01094   _When_(!AllocateDestinationString, _Inout_)
01095     POEM_STRING DestinationString,
01096   _In_ PCUNICODE_STRING SourceString,
01097   _In_ BOOLEAN AllocateDestinationString);
01098 
01099 _IRQL_requires_max_(PASSIVE_LEVEL)
01100 _When_(AllocateDestinationString, _Must_inspect_result_)
01101 NTSYSAPI
01102 NTSTATUS
01103 NTAPI
01104 RtlDowncaseUnicodeString(
01105   _When_(AllocateDestinationString, _Out_ _At_(UniDest->Buffer, __drv_allocatesMem(Mem)))
01106   _When_(!AllocateDestinationString, _Inout_)
01107     PUNICODE_STRING UniDest,
01108   _In_ PCUNICODE_STRING UniSource,
01109   _In_ BOOLEAN AllocateDestinationString);
01110 
01111 _IRQL_requires_max_(PASSIVE_LEVEL)
01112 NTSYSAPI
01113 VOID
01114 NTAPI
01115 RtlFreeOemString(
01116   _Inout_ _At_(OemString->Buffer, __drv_freesMem(Mem)) POEM_STRING OemString);
01117 
01118 _IRQL_requires_max_(PASSIVE_LEVEL)
01119 NTSYSAPI
01120 ULONG
01121 NTAPI
01122 RtlxUnicodeStringToOemSize(
01123   _In_ PCUNICODE_STRING UnicodeString);
01124 
01125 _IRQL_requires_max_(PASSIVE_LEVEL)
01126 NTSYSAPI
01127 ULONG
01128 NTAPI
01129 RtlxOemStringToUnicodeSize(
01130   _In_ PCOEM_STRING OemString);
01131 
01132 _IRQL_requires_max_(PASSIVE_LEVEL)
01133 NTSYSAPI
01134 NTSTATUS
01135 NTAPI
01136 RtlMultiByteToUnicodeN(
01137   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
01138   _In_ ULONG MaxBytesInUnicodeString,
01139   _Out_opt_ PULONG BytesInUnicodeString,
01140   _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
01141   _In_ ULONG BytesInMultiByteString);
01142 
01143 _IRQL_requires_max_(PASSIVE_LEVEL)
01144 NTSYSAPI
01145 NTSTATUS
01146 NTAPI
01147 RtlMultiByteToUnicodeSize(
01148   _Out_ PULONG BytesInUnicodeString,
01149   _In_reads_bytes_(BytesInMultiByteString) const CHAR *MultiByteString,
01150   _In_ ULONG BytesInMultiByteString);
01151 
01152 _IRQL_requires_max_(PASSIVE_LEVEL)
01153 NTSYSAPI
01154 NTSTATUS
01155 NTAPI
01156 RtlUnicodeToMultiByteSize(
01157   _Out_ PULONG BytesInMultiByteString,
01158   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01159   _In_ ULONG BytesInUnicodeString);
01160 
01161 _IRQL_requires_max_(PASSIVE_LEVEL)
01162 NTSYSAPI
01163 NTSTATUS
01164 NTAPI
01165 RtlUnicodeToMultiByteN(
01166   _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
01167   _In_ ULONG MaxBytesInMultiByteString,
01168   _Out_opt_ PULONG BytesInMultiByteString,
01169   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01170   _In_ ULONG BytesInUnicodeString);
01171 
01172 _IRQL_requires_max_(PASSIVE_LEVEL)
01173 NTSYSAPI
01174 NTSTATUS
01175 NTAPI
01176 RtlUpcaseUnicodeToMultiByteN(
01177   _Out_writes_bytes_to_(MaxBytesInMultiByteString, *BytesInMultiByteString) PCHAR MultiByteString,
01178   _In_ ULONG MaxBytesInMultiByteString,
01179   _Out_opt_ PULONG BytesInMultiByteString,
01180   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01181   _In_ ULONG BytesInUnicodeString);
01182 
01183 _IRQL_requires_max_(PASSIVE_LEVEL)
01184 NTSYSAPI
01185 NTSTATUS
01186 NTAPI
01187 RtlOemToUnicodeN(
01188   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWSTR UnicodeString,
01189   _In_ ULONG MaxBytesInUnicodeString,
01190   _Out_opt_ PULONG BytesInUnicodeString,
01191   _In_reads_bytes_(BytesInOemString) PCCH OemString,
01192   _In_ ULONG BytesInOemString);
01193 
01194 _IRQL_requires_max_(PASSIVE_LEVEL)
01195 NTSYSAPI
01196 NTSTATUS
01197 NTAPI
01198 RtlUnicodeToOemN(
01199   _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
01200   _In_ ULONG MaxBytesInOemString,
01201   _Out_opt_ PULONG BytesInOemString,
01202   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01203   _In_ ULONG BytesInUnicodeString);
01204 
01205 _IRQL_requires_max_(PASSIVE_LEVEL)
01206 NTSYSAPI
01207 NTSTATUS
01208 NTAPI
01209 RtlUpcaseUnicodeToOemN(
01210   _Out_writes_bytes_to_(MaxBytesInOemString, *BytesInOemString) PCHAR OemString,
01211   _In_ ULONG MaxBytesInOemString,
01212   _Out_opt_ PULONG BytesInOemString,
01213   _In_reads_bytes_(BytesInUnicodeString) PCWCH UnicodeString,
01214   _In_ ULONG BytesInUnicodeString);
01215 
01216 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
01217 _IRQL_requires_max_(PASSIVE_LEVEL)
01218 NTSYSAPI
01219 NTSTATUS
01220 NTAPI
01221 RtlGenerate8dot3Name(
01222   _In_ PCUNICODE_STRING Name,
01223   _In_ BOOLEAN AllowExtendedCharacters,
01224   _Inout_ PGENERATE_NAME_CONTEXT Context,
01225   _Inout_ PUNICODE_STRING Name8dot3);
01226 #else
01227 _IRQL_requires_max_(PASSIVE_LEVEL)
01228 NTSYSAPI
01229 VOID
01230 NTAPI
01231 RtlGenerate8dot3Name(
01232   _In_ PCUNICODE_STRING Name,
01233   _In_ BOOLEAN AllowExtendedCharacters,
01234   _Inout_ PGENERATE_NAME_CONTEXT Context,
01235   _Inout_ PUNICODE_STRING Name8dot3);
01236 #endif
01237 
01238 _IRQL_requires_max_(PASSIVE_LEVEL)
01239 _Must_inspect_result_
01240 NTSYSAPI
01241 BOOLEAN
01242 NTAPI
01243 RtlIsNameLegalDOS8Dot3(
01244   _In_ PCUNICODE_STRING Name,
01245   _Inout_opt_ POEM_STRING OemName,
01246   _Out_opt_ PBOOLEAN NameContainsSpaces);
01247 
01248 _IRQL_requires_max_(PASSIVE_LEVEL)
01249 _Must_inspect_result_
01250 NTSYSAPI
01251 BOOLEAN
01252 NTAPI
01253 RtlIsValidOemCharacter(
01254   _Inout_ PWCHAR Char);
01255 
01256 _IRQL_requires_max_(PASSIVE_LEVEL)
01257 NTSYSAPI
01258 VOID
01259 NTAPI
01260 PfxInitialize(
01261   _Out_ PPREFIX_TABLE PrefixTable);
01262 
01263 _IRQL_requires_max_(PASSIVE_LEVEL)
01264 NTSYSAPI
01265 BOOLEAN
01266 NTAPI
01267 PfxInsertPrefix(
01268   _In_ PPREFIX_TABLE PrefixTable,
01269   _In_ __drv_aliasesMem PSTRING Prefix,
01270   _Out_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
01271 
01272 _IRQL_requires_max_(PASSIVE_LEVEL)
01273 NTSYSAPI
01274 VOID
01275 NTAPI
01276 PfxRemovePrefix(
01277   _In_ PPREFIX_TABLE PrefixTable,
01278   _In_ PPREFIX_TABLE_ENTRY PrefixTableEntry);
01279 
01280 _IRQL_requires_max_(PASSIVE_LEVEL)
01281 _Must_inspect_result_
01282 NTSYSAPI
01283 PPREFIX_TABLE_ENTRY
01284 NTAPI
01285 PfxFindPrefix(
01286   _In_ PPREFIX_TABLE PrefixTable,
01287   _In_ PSTRING FullName);
01288 
01289 _IRQL_requires_max_(PASSIVE_LEVEL)
01290 NTSYSAPI
01291 VOID
01292 NTAPI
01293 RtlInitializeUnicodePrefix(
01294   _Out_ PUNICODE_PREFIX_TABLE PrefixTable);
01295 
01296 _IRQL_requires_max_(PASSIVE_LEVEL)
01297 NTSYSAPI
01298 BOOLEAN
01299 NTAPI
01300 RtlInsertUnicodePrefix(
01301   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01302   _In_ __drv_aliasesMem PUNICODE_STRING Prefix,
01303   _Out_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
01304 
01305 _IRQL_requires_max_(PASSIVE_LEVEL)
01306 NTSYSAPI
01307 VOID
01308 NTAPI
01309 RtlRemoveUnicodePrefix(
01310   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01311   _In_ PUNICODE_PREFIX_TABLE_ENTRY PrefixTableEntry);
01312 
01313 _IRQL_requires_max_(PASSIVE_LEVEL)
01314 _Must_inspect_result_
01315 NTSYSAPI
01316 PUNICODE_PREFIX_TABLE_ENTRY
01317 NTAPI
01318 RtlFindUnicodePrefix(
01319   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01320   _In_ PUNICODE_STRING FullName,
01321   _In_ ULONG CaseInsensitiveIndex);
01322 
01323 _IRQL_requires_max_(PASSIVE_LEVEL)
01324 _Must_inspect_result_
01325 NTSYSAPI
01326 PUNICODE_PREFIX_TABLE_ENTRY
01327 NTAPI
01328 RtlNextUnicodePrefix(
01329   _In_ PUNICODE_PREFIX_TABLE PrefixTable,
01330   _In_ BOOLEAN Restart);
01331 
01332 _Must_inspect_result_
01333 NTSYSAPI
01334 SIZE_T
01335 NTAPI
01336 RtlCompareMemoryUlong(
01337   _In_reads_bytes_(Length) PVOID Source,
01338   _In_ SIZE_T Length,
01339   _In_ ULONG Pattern);
01340 
01341 _Success_(return != 0)
01342 NTSYSAPI
01343 BOOLEAN
01344 NTAPI
01345 RtlTimeToSecondsSince1980(
01346   _In_ PLARGE_INTEGER Time,
01347   _Out_ PULONG ElapsedSeconds);
01348 
01349 NTSYSAPI
01350 VOID
01351 NTAPI
01352 RtlSecondsSince1980ToTime(
01353   _In_ ULONG ElapsedSeconds,
01354   _Out_ PLARGE_INTEGER Time);
01355 
01356 _Success_(return != 0)
01357 _Must_inspect_result_
01358 NTSYSAPI
01359 BOOLEAN
01360 NTAPI
01361 RtlTimeToSecondsSince1970(
01362     _In_ PLARGE_INTEGER Time,
01363     _Out_ PULONG ElapsedSeconds);
01364 
01365 NTSYSAPI
01366 VOID
01367 NTAPI
01368 RtlSecondsSince1970ToTime(
01369   _In_ ULONG ElapsedSeconds,
01370   _Out_ PLARGE_INTEGER Time);
01371 
01372 _IRQL_requires_max_(APC_LEVEL)
01373 _Must_inspect_result_
01374 NTSYSAPI
01375 BOOLEAN
01376 NTAPI
01377 RtlValidSid(
01378   _In_ PSID Sid);
01379 
01380 _Must_inspect_result_
01381 NTSYSAPI
01382 BOOLEAN
01383 NTAPI
01384 RtlEqualSid(
01385   _In_ PSID Sid1,
01386   _In_ PSID Sid2);
01387 
01388 _IRQL_requires_max_(APC_LEVEL)
01389 _Must_inspect_result_
01390 NTSYSAPI
01391 BOOLEAN
01392 NTAPI
01393 RtlEqualPrefixSid(
01394   _In_ PSID Sid1,
01395   _In_ PSID Sid2);
01396 
01397 _IRQL_requires_max_(APC_LEVEL)
01398 NTSYSAPI
01399 ULONG
01400 NTAPI
01401 RtlLengthRequiredSid(
01402   _In_ ULONG SubAuthorityCount);
01403 
01404 NTSYSAPI
01405 PVOID
01406 NTAPI
01407 RtlFreeSid(
01408   _In_ _Post_invalid_ PSID Sid);
01409 
01410 _Must_inspect_result_
01411 NTSYSAPI
01412 NTSTATUS
01413 NTAPI
01414 RtlAllocateAndInitializeSid(
01415   _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
01416   _In_ UCHAR SubAuthorityCount,
01417   _In_ ULONG SubAuthority0,
01418   _In_ ULONG SubAuthority1,
01419   _In_ ULONG SubAuthority2,
01420   _In_ ULONG SubAuthority3,
01421   _In_ ULONG SubAuthority4,
01422   _In_ ULONG SubAuthority5,
01423   _In_ ULONG SubAuthority6,
01424   _In_ ULONG SubAuthority7,
01425   _Outptr_ PSID *Sid);
01426 
01427 _IRQL_requires_max_(APC_LEVEL)
01428 NTSYSAPI
01429 NTSTATUS
01430 NTAPI
01431 RtlInitializeSid(
01432   _Out_ PSID Sid,
01433   _In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
01434   _In_ UCHAR SubAuthorityCount);
01435 
01436 NTSYSAPI
01437 PULONG
01438 NTAPI
01439 RtlSubAuthoritySid(
01440   _In_ PSID Sid,
01441   _In_ ULONG SubAuthority);
01442 
01443 _Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
01444 NTSYSAPI
01445 ULONG
01446 NTAPI
01447 RtlLengthSid(
01448   _In_ PSID Sid);
01449 
01450 _IRQL_requires_max_(APC_LEVEL)
01451 NTSYSAPI
01452 NTSTATUS
01453 NTAPI
01454 RtlCopySid(
01455   _In_ ULONG DestinationSidLength,
01456   _Out_writes_bytes_(DestinationSidLength) PSID DestinationSid,
01457   _In_ PSID SourceSid);
01458 
01459 _IRQL_requires_max_(APC_LEVEL)
01460 NTSYSAPI
01461 NTSTATUS
01462 NTAPI
01463 RtlConvertSidToUnicodeString(
01464   _Inout_ PUNICODE_STRING UnicodeString,
01465   _In_ PSID Sid,
01466   _In_ BOOLEAN AllocateDestinationString);
01467 
01468 _IRQL_requires_max_(APC_LEVEL)
01469 NTSYSAPI
01470 VOID
01471 NTAPI
01472 RtlCopyLuid(
01473   _Out_ PLUID DestinationLuid,
01474   _In_ PLUID SourceLuid);
01475 
01476 _IRQL_requires_max_(APC_LEVEL)
01477 NTSYSAPI
01478 NTSTATUS
01479 NTAPI
01480 RtlCreateAcl(
01481   _Out_writes_bytes_(AclLength) PACL Acl,
01482   _In_ ULONG AclLength,
01483   _In_ ULONG AclRevision);
01484 
01485 _IRQL_requires_max_(APC_LEVEL)
01486 NTSYSAPI
01487 NTSTATUS
01488 NTAPI
01489 RtlAddAce(
01490   _Inout_ PACL Acl,
01491   _In_ ULONG AceRevision,
01492   _In_ ULONG StartingAceIndex,
01493   _In_reads_bytes_(AceListLength) PVOID AceList,
01494   _In_ ULONG AceListLength);
01495 
01496 _IRQL_requires_max_(APC_LEVEL)
01497 NTSYSAPI
01498 NTSTATUS
01499 NTAPI
01500 RtlDeleteAce(
01501   _Inout_ PACL Acl,
01502   _In_ ULONG AceIndex);
01503 
01504 NTSYSAPI
01505 NTSTATUS
01506 NTAPI
01507 RtlGetAce(
01508   _In_ PACL Acl,
01509   _In_ ULONG AceIndex,
01510   _Outptr_ PVOID *Ace);
01511 
01512 _IRQL_requires_max_(APC_LEVEL)
01513 NTSYSAPI
01514 NTSTATUS
01515 NTAPI
01516 RtlAddAccessAllowedAce(
01517   _Inout_ PACL Acl,
01518   _In_ ULONG AceRevision,
01519   _In_ ACCESS_MASK AccessMask,
01520   _In_ PSID Sid);
01521 
01522 _IRQL_requires_max_(APC_LEVEL)
01523 NTSYSAPI
01524 NTSTATUS
01525 NTAPI
01526 RtlAddAccessAllowedAceEx(
01527   _Inout_ PACL Acl,
01528   _In_ ULONG AceRevision,
01529   _In_ ULONG AceFlags,
01530   _In_ ACCESS_MASK AccessMask,
01531   _In_ PSID Sid);
01532 
01533 _IRQL_requires_max_(APC_LEVEL)
01534 NTSYSAPI
01535 NTSTATUS
01536 NTAPI
01537 RtlCreateSecurityDescriptorRelative(
01538   _Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
01539   _In_ ULONG Revision);
01540 
01541 NTSYSAPI
01542 NTSTATUS
01543 NTAPI
01544 RtlGetDaclSecurityDescriptor(
01545   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01546   _Out_ PBOOLEAN DaclPresent,
01547   _Out_ PACL *Dacl,
01548   _Out_ PBOOLEAN DaclDefaulted);
01549 
01550 _IRQL_requires_max_(APC_LEVEL)
01551 NTSYSAPI
01552 NTSTATUS
01553 NTAPI
01554 RtlSetOwnerSecurityDescriptor(
01555   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01556   _In_opt_ PSID Owner,
01557   _In_opt_ BOOLEAN OwnerDefaulted);
01558 
01559 _IRQL_requires_max_(APC_LEVEL)
01560 NTSYSAPI
01561 NTSTATUS
01562 NTAPI
01563 RtlGetOwnerSecurityDescriptor(
01564   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01565   _Out_ PSID *Owner,
01566   _Out_ PBOOLEAN OwnerDefaulted);
01567 
01568 _IRQL_requires_max_(APC_LEVEL)
01569 _When_(Status < 0, _Out_range_(>, 0))
01570 _When_(Status >= 0, _Out_range_(==, 0))
01571 NTSYSAPI
01572 ULONG
01573 NTAPI
01574 RtlNtStatusToDosError(
01575   _In_ NTSTATUS Status);
01576 
01577 _IRQL_requires_max_(PASSIVE_LEVEL)
01578 NTSYSAPI
01579 NTSTATUS
01580 NTAPI
01581 RtlCustomCPToUnicodeN(
01582   _In_ PCPTABLEINFO CustomCP,
01583   _Out_writes_bytes_to_(MaxBytesInUnicodeString, *BytesInUnicodeString) PWCH UnicodeString,
01584   _In_ ULONG MaxBytesInUnicodeString,
01585   _Out_opt_ PULONG BytesInUnicodeString,
01586   _In_reads_bytes_(BytesInCustomCPString) PCH CustomCPString,
01587   _In_ ULONG BytesInCustomCPString);
01588 
01589 _IRQL_requires_max_(PASSIVE_LEVEL)
01590 NTSYSAPI
01591 NTSTATUS
01592 NTAPI
01593 RtlUnicodeToCustomCPN(
01594   _In_ PCPTABLEINFO CustomCP,
01595   _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
01596   _In_ ULONG MaxBytesInCustomCPString,
01597   _Out_opt_ PULONG BytesInCustomCPString,
01598   _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
01599   _In_ ULONG BytesInUnicodeString);
01600 
01601 _IRQL_requires_max_(PASSIVE_LEVEL)
01602 NTSYSAPI
01603 NTSTATUS
01604 NTAPI
01605 RtlUpcaseUnicodeToCustomCPN(
01606   _In_ PCPTABLEINFO CustomCP,
01607   _Out_writes_bytes_to_(MaxBytesInCustomCPString, *BytesInCustomCPString) PCH CustomCPString,
01608   _In_ ULONG MaxBytesInCustomCPString,
01609   _Out_opt_ PULONG BytesInCustomCPString,
01610   _In_reads_bytes_(BytesInUnicodeString) PWCH UnicodeString,
01611   _In_ ULONG BytesInUnicodeString);
01612 
01613 _IRQL_requires_max_(PASSIVE_LEVEL)
01614 NTSYSAPI
01615 VOID
01616 NTAPI
01617 RtlInitCodePageTable(
01618   _In_ PUSHORT TableBase,
01619   _Out_ PCPTABLEINFO CodePageTable);
01620 
01621 
01622 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
01623 
01624 
01625 #if (NTDDI_VERSION >= NTDDI_WINXP)
01626 
01627 
01628 
01629 _Must_inspect_result_
01630 NTSYSAPI
01631 PVOID
01632 NTAPI
01633 RtlCreateHeap(
01634   _In_ ULONG Flags,
01635   _In_opt_ PVOID HeapBase,
01636   _In_opt_ SIZE_T ReserveSize,
01637   _In_opt_ SIZE_T CommitSize,
01638   _In_opt_ PVOID Lock,
01639   _In_opt_ PRTL_HEAP_PARAMETERS Parameters);
01640 
01641 NTSYSAPI
01642 PVOID
01643 NTAPI
01644 RtlDestroyHeap(
01645   _In_ _Post_invalid_ PVOID HeapHandle);
01646 
01647 NTSYSAPI
01648 USHORT
01649 NTAPI
01650 RtlCaptureStackBackTrace(
01651   _In_ ULONG FramesToSkip,
01652   _In_ ULONG FramesToCapture,
01653   _Out_writes_to_(FramesToCapture, return) PVOID *BackTrace,
01654   _Out_opt_ PULONG BackTraceHash);
01655 
01656 _Ret_range_(<, MAXLONG)
01657 NTSYSAPI
01658 ULONG
01659 NTAPI
01660 RtlRandomEx(
01661   _Inout_ PULONG Seed);
01662 
01663 _IRQL_requires_max_(DISPATCH_LEVEL)
01664 NTSYSAPI
01665 NTSTATUS
01666 NTAPI
01667 RtlInitUnicodeStringEx(
01668   _Out_ PUNICODE_STRING DestinationString,
01669   _In_opt_z_ __drv_aliasesMem PCWSTR SourceString);
01670 
01671 _Must_inspect_result_
01672 NTSYSAPI
01673 NTSTATUS
01674 NTAPI
01675 RtlValidateUnicodeString(
01676   _In_ ULONG Flags,
01677   _In_ PCUNICODE_STRING String);
01678 
01679 _IRQL_requires_max_(PASSIVE_LEVEL)
01680 _Must_inspect_result_
01681 NTSYSAPI
01682 NTSTATUS
01683 NTAPI
01684 RtlDuplicateUnicodeString(
01685   _In_ ULONG Flags,
01686   _In_ PCUNICODE_STRING SourceString,
01687   _Out_ _At_(DestinationString->Buffer, __drv_allocatesMem(Mem)) PUNICODE_STRING DestinationString);
01688 
01689 NTSYSAPI
01690 NTSTATUS
01691 NTAPI
01692 RtlGetCompressionWorkSpaceSize(
01693   _In_ USHORT CompressionFormatAndEngine,
01694   _Out_ PULONG CompressBufferWorkSpaceSize,
01695   _Out_ PULONG CompressFragmentWorkSpaceSize);
01696 
01697 NTSYSAPI
01698 NTSTATUS
01699 NTAPI
01700 RtlCompressBuffer(
01701   _In_ USHORT CompressionFormatAndEngine,
01702   _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01703   _In_ ULONG UncompressedBufferSize,
01704   _Out_writes_bytes_to_(CompressedBufferSize, *FinalCompressedSize) PUCHAR CompressedBuffer,
01705   _In_ ULONG CompressedBufferSize,
01706   _In_ ULONG UncompressedChunkSize,
01707   _Out_ PULONG FinalCompressedSize,
01708   _In_ PVOID WorkSpace);
01709 
01710 _IRQL_requires_max_(APC_LEVEL)
01711 NTSYSAPI
01712 NTSTATUS
01713 NTAPI
01714 RtlDecompressBuffer(
01715   _In_ USHORT CompressionFormat,
01716   _Out_writes_bytes_to_(UncompressedBufferSize, *FinalUncompressedSize) PUCHAR UncompressedBuffer,
01717   _In_ ULONG UncompressedBufferSize,
01718   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01719   _In_ ULONG CompressedBufferSize,
01720   _Out_ PULONG FinalUncompressedSize);
01721 
01722 _IRQL_requires_max_(APC_LEVEL)
01723 NTSYSAPI
01724 NTSTATUS
01725 NTAPI
01726 RtlDecompressFragment(
01727   _In_ USHORT CompressionFormat,
01728   _Out_writes_bytes_to_(UncompressedFragmentSize, *FinalUncompressedSize) PUCHAR UncompressedFragment,
01729   _In_ ULONG UncompressedFragmentSize,
01730   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01731   _In_ ULONG CompressedBufferSize,
01732   _In_range_(<, CompressedBufferSize) ULONG FragmentOffset,
01733   _Out_ PULONG FinalUncompressedSize,
01734   _In_ PVOID WorkSpace);
01735 
01736 _IRQL_requires_max_(APC_LEVEL)
01737 NTSYSAPI
01738 NTSTATUS
01739 NTAPI
01740 RtlDescribeChunk(
01741   _In_ USHORT CompressionFormat,
01742   _Inout_ PUCHAR *CompressedBuffer,
01743   _In_ PUCHAR EndOfCompressedBufferPlus1,
01744   _Out_ PUCHAR *ChunkBuffer,
01745   _Out_ PULONG ChunkSize);
01746 
01747 _IRQL_requires_max_(APC_LEVEL)
01748 NTSYSAPI
01749 NTSTATUS
01750 NTAPI
01751 RtlReserveChunk(
01752   _In_ USHORT CompressionFormat,
01753   _Inout_ PUCHAR *CompressedBuffer,
01754   _In_ PUCHAR EndOfCompressedBufferPlus1,
01755   _Out_ PUCHAR *ChunkBuffer,
01756   _In_ ULONG ChunkSize);
01757 
01758 _IRQL_requires_max_(APC_LEVEL)
01759 NTSYSAPI
01760 NTSTATUS
01761 NTAPI
01762 RtlDecompressChunks(
01763   _Out_writes_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01764   _In_ ULONG UncompressedBufferSize,
01765   _In_reads_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01766   _In_ ULONG CompressedBufferSize,
01767   _In_reads_bytes_(CompressedTailSize) PUCHAR CompressedTail,
01768   _In_ ULONG CompressedTailSize,
01769   _In_ PCOMPRESSED_DATA_INFO CompressedDataInfo);
01770 
01771 _IRQL_requires_max_(APC_LEVEL)
01772 NTSYSAPI
01773 NTSTATUS
01774 NTAPI
01775 RtlCompressChunks(
01776   _In_reads_bytes_(UncompressedBufferSize) PUCHAR UncompressedBuffer,
01777   _In_ ULONG UncompressedBufferSize,
01778   _Out_writes_bytes_(CompressedBufferSize) PUCHAR CompressedBuffer,
01779   _In_range_(>=, (UncompressedBufferSize - (UncompressedBufferSize / 16))) ULONG CompressedBufferSize,
01780   _Inout_updates_bytes_(CompressedDataInfoLength) PCOMPRESSED_DATA_INFO CompressedDataInfo,
01781   _In_range_(>, sizeof(COMPRESSED_DATA_INFO)) ULONG CompressedDataInfoLength,
01782   _In_ PVOID WorkSpace);
01783 
01784 _IRQL_requires_max_(APC_LEVEL)
01785 NTSYSAPI
01786 PSID_IDENTIFIER_AUTHORITY
01787 NTAPI
01788 RtlIdentifierAuthoritySid(
01789   _In_ PSID Sid);
01790 
01791 NTSYSAPI
01792 PUCHAR
01793 NTAPI
01794 RtlSubAuthorityCountSid(
01795   _In_ PSID Sid);
01796 
01797 _When_(Status < 0, _Out_range_(>, 0))
01798 _When_(Status >= 0, _Out_range_(==, 0))
01799 NTSYSAPI
01800 ULONG
01801 NTAPI
01802 RtlNtStatusToDosErrorNoTeb(
01803   _In_ NTSTATUS Status);
01804 
01805 _IRQL_requires_max_(PASSIVE_LEVEL)
01806 NTSYSAPI
01807 NTSTATUS
01808 NTAPI
01809 RtlCreateSystemVolumeInformationFolder(
01810   _In_ PCUNICODE_STRING VolumeRootPath);
01811 
01812 #if defined(_M_AMD64)
01813 
01814 FORCEINLINE
01815 VOID
01816 RtlFillMemoryUlong(
01817   _Out_writes_bytes_all_(Length) PVOID Destination,
01818   _In_ SIZE_T Length,
01819   _In_ ULONG Pattern)
01820 {
01821   PULONG Address = (PULONG)Destination;
01822   if ((Length /= 4) != 0) {
01823     if (((ULONG64)Address & 4) != 0) {
01824       *Address = Pattern;
01825       if ((Length -= 1) == 0) {
01826         return;
01827       }
01828       Address += 1;
01829     }
01830     __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2);
01831     if ((Length & 1) != 0) Address[Length - 1] = Pattern;
01832   }
01833   return;
01834 }
01835 
01836 #define RtlFillMemoryUlonglong(Destination, Length, Pattern)                \
01837     __stosq((PULONG64)(Destination), Pattern, (Length) / 8)
01838 
01839 #else
01840 
01841 NTSYSAPI
01842 VOID
01843 NTAPI
01844 RtlFillMemoryUlong(
01845   OUT PVOID Destination,
01846   IN SIZE_T Length,
01847   IN ULONG Pattern);
01848 
01849 NTSYSAPI
01850 VOID
01851 NTAPI
01852 RtlFillMemoryUlonglong(
01853   _Out_writes_bytes_all_(Length) PVOID Destination,
01854   _In_ SIZE_T Length,
01855   _In_ ULONGLONG Pattern);
01856 
01857 #endif /* defined(_M_AMD64) */
01858 
01859 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
01860 
01861 #if (NTDDI_VERSION >= NTDDI_WS03)
01862 _IRQL_requires_max_(DISPATCH_LEVEL)
01863 NTSYSAPI
01864 NTSTATUS
01865 NTAPI
01866 RtlInitAnsiStringEx(
01867   _Out_ PANSI_STRING DestinationString,
01868   _In_opt_z_ __drv_aliasesMem PCSZ SourceString);
01869 #endif
01870 
01871 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
01872 
01873 _IRQL_requires_max_(APC_LEVEL)
01874 NTSYSAPI
01875 NTSTATUS
01876 NTAPI
01877 RtlGetSaclSecurityDescriptor(
01878   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01879   _Out_ PBOOLEAN SaclPresent,
01880   _Out_ PACL *Sacl,
01881   _Out_ PBOOLEAN SaclDefaulted);
01882 
01883 _IRQL_requires_max_(APC_LEVEL)
01884 NTSYSAPI
01885 NTSTATUS
01886 NTAPI
01887 RtlSetGroupSecurityDescriptor(
01888   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01889   _In_opt_ PSID Group,
01890   _In_opt_ BOOLEAN GroupDefaulted);
01891 
01892 _IRQL_requires_max_(APC_LEVEL)
01893 NTSYSAPI
01894 NTSTATUS
01895 NTAPI
01896 RtlGetGroupSecurityDescriptor(
01897   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
01898   _Out_ PSID *Group,
01899   _Out_ PBOOLEAN GroupDefaulted);
01900 
01901 _IRQL_requires_max_(APC_LEVEL)
01902 NTSYSAPI
01903 NTSTATUS
01904 NTAPI
01905 RtlAbsoluteToSelfRelativeSD(
01906   _In_ PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
01907   _Out_writes_bytes_to_opt_(*BufferLength, *BufferLength) PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
01908   _Inout_ PULONG BufferLength);
01909 
01910 _IRQL_requires_max_(APC_LEVEL)
01911 NTSYSAPI
01912 NTSTATUS
01913 NTAPI
01914 RtlSelfRelativeToAbsoluteSD(
01915   _In_ PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
01916   _Out_writes_bytes_to_opt_(*AbsoluteSecurityDescriptorSize, *AbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor,
01917   _Inout_ PULONG AbsoluteSecurityDescriptorSize,
01918   _Out_writes_bytes_to_opt_(*DaclSize, *DaclSize) PACL Dacl,
01919   _Inout_ PULONG DaclSize,
01920   _Out_writes_bytes_to_opt_(*SaclSize, *SaclSize) PACL Sacl,
01921   _Inout_ PULONG SaclSize,
01922   _Out_writes_bytes_to_opt_(*OwnerSize, *OwnerSize) PSID Owner,
01923   _Inout_ PULONG OwnerSize,
01924   _Out_writes_bytes_to_opt_(*PrimaryGroupSize, *PrimaryGroupSize) PSID PrimaryGroup,
01925   _Inout_ PULONG PrimaryGroupSize);
01926 
01927 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
01928 
01929 #if (NTDDI_VERSION >= NTDDI_VISTA)
01930 
01931 NTSYSAPI
01932 NTSTATUS
01933 NTAPI
01934 RtlNormalizeString(
01935   _In_ ULONG NormForm,
01936   _In_ PCWSTR SourceString,
01937   _In_ LONG SourceStringLength,
01938   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01939   _Inout_ PLONG DestinationStringLength);
01940 
01941 NTSYSAPI
01942 NTSTATUS
01943 NTAPI
01944 RtlIsNormalizedString(
01945   _In_ ULONG NormForm,
01946   _In_ PCWSTR SourceString,
01947   _In_ LONG SourceStringLength,
01948   _Out_ PBOOLEAN Normalized);
01949 
01950 NTSYSAPI
01951 NTSTATUS
01952 NTAPI
01953 RtlIdnToAscii(
01954   _In_ ULONG Flags,
01955   _In_ PCWSTR SourceString,
01956   _In_ LONG SourceStringLength,
01957   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01958   _Inout_ PLONG DestinationStringLength);
01959 
01960 NTSYSAPI
01961 NTSTATUS
01962 NTAPI
01963 RtlIdnToUnicode(
01964   IN ULONG Flags,
01965   IN PCWSTR SourceString,
01966   IN LONG SourceStringLength,
01967   OUT PWSTR DestinationString,
01968   IN OUT PLONG DestinationStringLength);
01969 
01970 NTSYSAPI
01971 NTSTATUS
01972 NTAPI
01973 RtlIdnToNameprepUnicode(
01974   _In_ ULONG Flags,
01975   _In_ PCWSTR SourceString,
01976   _In_ LONG SourceStringLength,
01977   _Out_writes_to_(*DestinationStringLength, *DestinationStringLength) PWSTR DestinationString,
01978   _Inout_ PLONG DestinationStringLength);
01979 
01980 NTSYSAPI
01981 NTSTATUS
01982 NTAPI
01983 RtlCreateServiceSid(
01984   _In_ PUNICODE_STRING ServiceName,
01985   _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
01986   _Inout_ PULONG ServiceSidLength);
01987 
01988 NTSYSAPI
01989 LONG
01990 NTAPI
01991 RtlCompareAltitudes(
01992   _In_ PCUNICODE_STRING Altitude1,
01993   _In_ PCUNICODE_STRING Altitude2);
01994 
01995 
01996 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
01997 
01998 #if (NTDDI_VERSION >= NTDDI_WIN7)
01999 
02000 _IRQL_requires_max_(PASSIVE_LEVEL)
02001 _Must_inspect_result_
02002 NTSYSAPI
02003 NTSTATUS
02004 NTAPI
02005 RtlUnicodeToUTF8N(
02006   _Out_writes_bytes_to_(UTF8StringMaxByteCount, *UTF8StringActualByteCount) PCHAR UTF8StringDestination,
02007   _In_ ULONG UTF8StringMaxByteCount,
02008   _Out_ PULONG UTF8StringActualByteCount,
02009   _In_reads_bytes_(UnicodeStringByteCount) PCWCH UnicodeStringSource,
02010   _In_ ULONG UnicodeStringByteCount);
02011 
02012 _IRQL_requires_max_(PASSIVE_LEVEL)
02013 _Must_inspect_result_
02014 NTSYSAPI
02015 NTSTATUS
02016 NTAPI
02017 RtlUTF8ToUnicodeN(
02018   _Out_writes_bytes_to_(UnicodeStringMaxByteCount, *UnicodeStringActualByteCount) PWSTR UnicodeStringDestination,
02019   _In_ ULONG UnicodeStringMaxByteCount,
02020   _Out_ PULONG UnicodeStringActualByteCount,
02021   _In_reads_bytes_(UTF8StringByteCount) PCCH UTF8StringSource,
02022   _In_ ULONG UTF8StringByteCount);
02023 
02024 _IRQL_requires_max_(APC_LEVEL)
02025 NTSYSAPI
02026 NTSTATUS
02027 NTAPI
02028 RtlReplaceSidInSd(
02029   _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02030   _In_ PSID OldSid,
02031   _In_ PSID NewSid,
02032   _Out_ ULONG *NumChanges);
02033 
02034 NTSYSAPI
02035 NTSTATUS
02036 NTAPI
02037 RtlCreateVirtualAccountSid(
02038   _In_ PCUNICODE_STRING Name,
02039   _In_ ULONG BaseSubAuthority,
02040   _Out_writes_bytes_(*SidLength) PSID Sid,
02041   _Inout_ PULONG SidLength);
02042 
02043 #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
02044 
02045 
02046 #if defined(_AMD64_) || defined(_IA64_)
02047 
02048 
02049 
02050 #endif /* defined(_AMD64_) || defined(_IA64_) */
02051 
02052 
02053 
02054 #define RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE 1
02055 #define RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING 2
02056 
02057 #define RtlUnicodeStringToOemSize(STRING) (NLS_MB_OEM_CODE_PAGE_TAG ?                                \
02058                                            RtlxUnicodeStringToOemSize(STRING) :                      \
02059                                            ((STRING)->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR) \
02060 )
02061 
02062 #define RtlOemStringToUnicodeSize(STRING) (                 \
02063     NLS_MB_OEM_CODE_PAGE_TAG ?                              \
02064     RtlxOemStringToUnicodeSize(STRING) :                    \
02065     ((STRING)->Length + sizeof(ANSI_NULL)) * sizeof(WCHAR)  \
02066 )
02067 
02068 #define RtlOemStringToCountedUnicodeSize(STRING) (                    \
02069     (ULONG)(RtlOemStringToUnicodeSize(STRING) - sizeof(UNICODE_NULL)) \
02070 )
02071 
02072 #define RtlOffsetToPointer(B,O) ((PCHAR)(((PCHAR)(B)) + ((ULONG_PTR)(O))))
02073 #define RtlPointerToOffset(B,P) ((ULONG)(((PCHAR)(P)) - ((PCHAR)(B))))
02074 
02075 _IRQL_requires_max_(PASSIVE_LEVEL)
02076 __kernel_entry
02077 NTSYSCALLAPI
02078 NTSTATUS
02079 NTAPI
02080 NtQueryObject(
02081   _In_opt_ HANDLE Handle,
02082   _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
02083   _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
02084   _In_ ULONG ObjectInformationLength,
02085   _Out_opt_ PULONG ReturnLength);
02086 
02087 #if (NTDDI_VERSION >= NTDDI_WIN2K)
02088 
02089 _Must_inspect_result_
02090 __kernel_entry
02091 NTSYSCALLAPI
02092 NTSTATUS
02093 NTAPI
02094 NtOpenThreadToken(
02095   _In_ HANDLE ThreadHandle,
02096   _In_ ACCESS_MASK DesiredAccess,
02097   _In_ BOOLEAN OpenAsSelf,
02098   _Out_ PHANDLE TokenHandle);
02099 
02100 _Must_inspect_result_
02101 __kernel_entry
02102 NTSYSCALLAPI
02103 NTSTATUS
02104 NTAPI
02105 NtOpenProcessToken(
02106   _In_ HANDLE ProcessHandle,
02107   _In_ ACCESS_MASK DesiredAccess,
02108   _Out_ PHANDLE TokenHandle);
02109 
02110 _When_(TokenInformationClass == TokenAccessInformation,
02111   _At_(TokenInformationLength,
02112        _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
02113 _Must_inspect_result_
02114 __kernel_entry
02115 NTSYSCALLAPI
02116 NTSTATUS
02117 NTAPI
02118 NtQueryInformationToken(
02119   _In_ HANDLE TokenHandle,
02120   _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
02121   _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
02122   _In_ ULONG TokenInformationLength,
02123   _Out_ PULONG ReturnLength);
02124 
02125 _Must_inspect_result_
02126 __kernel_entry
02127 NTSYSCALLAPI
02128 NTSTATUS
02129 NTAPI
02130 NtAdjustPrivilegesToken(
02131     _In_ HANDLE TokenHandle,
02132     _In_ BOOLEAN DisableAllPrivileges,
02133     _In_opt_ PTOKEN_PRIVILEGES NewState,
02134     _In_ ULONG BufferLength,
02135     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
02136     _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
02137 
02138 __kernel_entry
02139 NTSYSCALLAPI
02140 NTSTATUS
02141 NTAPI
02142 NtCreateFile(
02143   _Out_ PHANDLE FileHandle,
02144   _In_ ACCESS_MASK DesiredAccess,
02145   _In_ POBJECT_ATTRIBUTES ObjectAttributes,
02146   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02147   _In_opt_ PLARGE_INTEGER AllocationSize,
02148   _In_ ULONG FileAttributes,
02149   _In_ ULONG ShareAccess,
02150   _In_ ULONG CreateDisposition,
02151   _In_ ULONG CreateOptions,
02152   _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
02153   _In_ ULONG EaLength);
02154 
02155 __kernel_entry
02156 NTSYSCALLAPI
02157 NTSTATUS
02158 NTAPI
02159 NtDeviceIoControlFile(
02160   _In_ HANDLE FileHandle,
02161   _In_opt_ HANDLE Event,
02162   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02163   _In_opt_ PVOID ApcContext,
02164   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02165   _In_ ULONG IoControlCode,
02166   _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
02167   _In_ ULONG InputBufferLength,
02168   _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
02169   _In_ ULONG OutputBufferLength);
02170 
02171 __kernel_entry
02172 NTSYSCALLAPI
02173 NTSTATUS
02174 NTAPI
02175 NtFsControlFile(
02176   _In_ HANDLE FileHandle,
02177   _In_opt_ HANDLE Event,
02178   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02179   _In_opt_ PVOID ApcContext,
02180   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02181   _In_ ULONG FsControlCode,
02182   _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
02183   _In_ ULONG InputBufferLength,
02184   _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
02185   _In_ ULONG OutputBufferLength);
02186 
02187 __kernel_entry
02188 NTSYSCALLAPI
02189 NTSTATUS
02190 NTAPI
02191 NtLockFile(
02192   _In_ HANDLE FileHandle,
02193   _In_opt_ HANDLE Event,
02194   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02195   _In_opt_ PVOID ApcContext,
02196   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02197   _In_ PLARGE_INTEGER ByteOffset,
02198   _In_ PLARGE_INTEGER Length,
02199   _In_ ULONG Key,
02200   _In_ BOOLEAN FailImmediately,
02201   _In_ BOOLEAN ExclusiveLock);
02202 
02203 __kernel_entry
02204 NTSYSCALLAPI
02205 NTSTATUS
02206 NTAPI
02207 NtOpenFile(
02208   _Out_ PHANDLE FileHandle,
02209   _In_ ACCESS_MASK DesiredAccess,
02210   _In_ POBJECT_ATTRIBUTES ObjectAttributes,
02211   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02212   _In_ ULONG ShareAccess,
02213   _In_ ULONG OpenOptions);
02214 
02215 __kernel_entry
02216 NTSYSCALLAPI
02217 NTSTATUS
02218 NTAPI
02219 NtQueryDirectoryFile(
02220   _In_ HANDLE FileHandle,
02221   _In_opt_ HANDLE Event,
02222   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02223   _In_opt_ PVOID ApcContext,
02224   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02225   _Out_writes_bytes_(Length) PVOID FileInformation,
02226   _In_ ULONG Length,
02227   _In_ FILE_INFORMATION_CLASS FileInformationClass,
02228   _In_ BOOLEAN ReturnSingleEntry,
02229   _In_opt_ PUNICODE_STRING FileName,
02230   _In_ BOOLEAN RestartScan);
02231 
02232 __kernel_entry
02233 NTSYSCALLAPI
02234 NTSTATUS
02235 NTAPI
02236 NtQueryInformationFile(
02237   _In_ HANDLE FileHandle,
02238   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02239   _Out_writes_bytes_(Length) PVOID FileInformation,
02240   _In_ ULONG Length,
02241   _In_ FILE_INFORMATION_CLASS FileInformationClass);
02242 
02243 __kernel_entry
02244 NTSYSCALLAPI
02245 NTSTATUS
02246 NTAPI
02247 NtQueryQuotaInformationFile(
02248   _In_ HANDLE FileHandle,
02249   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02250   _Out_writes_bytes_(Length) PVOID Buffer,
02251   _In_ ULONG Length,
02252   _In_ BOOLEAN ReturnSingleEntry,
02253   _In_reads_bytes_opt_(SidListLength) PVOID SidList,
02254   _In_ ULONG SidListLength,
02255   _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
02256   _In_ BOOLEAN RestartScan);
02257 
02258 __kernel_entry
02259 NTSYSCALLAPI
02260 NTSTATUS
02261 NTAPI
02262 NtQueryVolumeInformationFile(
02263   _In_ HANDLE FileHandle,
02264   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02265   _Out_writes_bytes_(Length) PVOID FsInformation,
02266   _In_ ULONG Length,
02267   _In_ FS_INFORMATION_CLASS FsInformationClass);
02268 
02269 __kernel_entry
02270 NTSYSCALLAPI
02271 NTSTATUS
02272 NTAPI
02273 NtReadFile(
02274   _In_ HANDLE FileHandle,
02275   _In_opt_ HANDLE Event,
02276   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02277   _In_opt_ PVOID ApcContext,
02278   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02279   _Out_writes_bytes_(Length) PVOID Buffer,
02280   _In_ ULONG Length,
02281   _In_opt_ PLARGE_INTEGER ByteOffset,
02282   _In_opt_ PULONG Key);
02283 
02284 __kernel_entry
02285 NTSYSCALLAPI
02286 NTSTATUS
02287 NTAPI
02288 NtSetInformationFile(
02289   _In_ HANDLE FileHandle,
02290   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02291   _In_reads_bytes_(Length) PVOID FileInformation,
02292   _In_ ULONG Length,
02293   _In_ FILE_INFORMATION_CLASS FileInformationClass);
02294 
02295 __kernel_entry
02296 NTSYSCALLAPI
02297 NTSTATUS
02298 NTAPI
02299 NtSetQuotaInformationFile(
02300   _In_ HANDLE FileHandle,
02301   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02302   _In_reads_bytes_(Length) PVOID Buffer,
02303   _In_ ULONG Length);
02304 
02305 __kernel_entry
02306 NTSYSCALLAPI
02307 NTSTATUS
02308 NTAPI
02309 NtSetVolumeInformationFile(
02310   _In_ HANDLE FileHandle,
02311   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02312   _In_reads_bytes_(Length) PVOID FsInformation,
02313   _In_ ULONG Length,
02314   _In_ FS_INFORMATION_CLASS FsInformationClass);
02315 
02316 __kernel_entry
02317 NTSYSCALLAPI
02318 NTSTATUS
02319 NTAPI
02320 NtWriteFile(
02321   _In_ HANDLE FileHandle,
02322   _In_opt_ HANDLE Event,
02323   _In_opt_ PIO_APC_ROUTINE ApcRoutine,
02324   _In_opt_ PVOID ApcContext,
02325   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02326   _In_reads_bytes_(Length) PVOID Buffer,
02327   _In_ ULONG Length,
02328   _In_opt_ PLARGE_INTEGER ByteOffset,
02329   _In_opt_ PULONG Key);
02330 
02331 __kernel_entry
02332 NTSYSCALLAPI
02333 NTSTATUS
02334 NTAPI
02335 NtUnlockFile(
02336   _In_ HANDLE FileHandle,
02337   _Out_ PIO_STATUS_BLOCK IoStatusBlock,
02338   _In_ PLARGE_INTEGER ByteOffset,
02339   _In_ PLARGE_INTEGER Length,
02340   _In_ ULONG Key);
02341 
02342 _IRQL_requires_max_(PASSIVE_LEVEL)
02343 __kernel_entry
02344 NTSYSCALLAPI
02345 NTSTATUS
02346 NTAPI
02347 NtSetSecurityObject(
02348   _In_ HANDLE Handle,
02349   _In_ SECURITY_INFORMATION SecurityInformation,
02350   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
02351 
02352 _IRQL_requires_max_(PASSIVE_LEVEL)
02353 __kernel_entry
02354 NTSYSCALLAPI
02355 NTSTATUS
02356 NTAPI
02357 NtQuerySecurityObject(
02358   _In_ HANDLE Handle,
02359   _In_ SECURITY_INFORMATION SecurityInformation,
02360   _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
02361   _In_ ULONG Length,
02362   _Out_ PULONG LengthNeeded);
02363 
02364 _IRQL_requires_max_(PASSIVE_LEVEL)
02365 __kernel_entry
02366 NTSYSCALLAPI
02367 NTSTATUS
02368 NTAPI
02369 NtClose(
02370   _In_ HANDLE Handle);
02371 
02372 #endif
02373 
02374 #if (NTDDI_VERSION >= NTDDI_WINXP)
02375 
02376 _Must_inspect_result_
02377 __kernel_entry
02378 NTSYSCALLAPI
02379 NTSTATUS
02380 NTAPI
02381 NtOpenThreadTokenEx(
02382   _In_ HANDLE ThreadHandle,
02383   _In_ ACCESS_MASK DesiredAccess,
02384   _In_ BOOLEAN OpenAsSelf,
02385   _In_ ULONG HandleAttributes,
02386   _Out_ PHANDLE TokenHandle);
02387 
02388 _Must_inspect_result_
02389 __kernel_entry
02390 NTSYSCALLAPI
02391 NTSTATUS
02392 NTAPI
02393 NtOpenProcessTokenEx(
02394   _In_ HANDLE ProcessHandle,
02395   _In_ ACCESS_MASK DesiredAccess,
02396   _In_ ULONG HandleAttributes,
02397   _Out_ PHANDLE TokenHandle);
02398 
02399 _Must_inspect_result_
02400 NTSYSAPI
02401 NTSTATUS
02402 NTAPI
02403 NtOpenJobObjectToken(
02404   _In_ HANDLE JobHandle,
02405   _In_ ACCESS_MASK DesiredAccess,
02406   _Out_ PHANDLE TokenHandle);
02407 
02408 _Must_inspect_result_
02409 __kernel_entry
02410 NTSYSCALLAPI
02411 NTSTATUS
02412 NTAPI
02413 NtDuplicateToken(
02414   _In_ HANDLE ExistingTokenHandle,
02415   _In_ ACCESS_MASK DesiredAccess,
02416   _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
02417   _In_ BOOLEAN EffectiveOnly,
02418   _In_ TOKEN_TYPE TokenType,
02419   _Out_ PHANDLE NewTokenHandle);
02420 
02421 _Must_inspect_result_
02422 __kernel_entry
02423 NTSYSCALLAPI
02424 NTSTATUS
02425 NTAPI
02426 NtFilterToken(
02427   _In_ HANDLE ExistingTokenHandle,
02428   _In_ ULONG Flags,
02429   _In_opt_ PTOKEN_GROUPS SidsToDisable,
02430   _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
02431   _In_opt_ PTOKEN_GROUPS RestrictedSids,
02432   _Out_ PHANDLE NewTokenHandle);
02433 
02434 _Must_inspect_result_
02435 __kernel_entry
02436 NTSYSCALLAPI
02437 NTSTATUS
02438 NTAPI
02439 NtImpersonateAnonymousToken(
02440   _In_ HANDLE ThreadHandle);
02441 
02442 _Must_inspect_result_
02443 __kernel_entry
02444 NTSYSCALLAPI
02445 NTSTATUS
02446 NTAPI
02447 NtSetInformationToken(
02448   _In_ HANDLE TokenHandle,
02449   _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
02450   _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
02451   _In_ ULONG TokenInformationLength);
02452 
02453 _Must_inspect_result_
02454 __kernel_entry
02455 NTSYSCALLAPI
02456 NTSTATUS
02457 NTAPI
02458 NtAdjustGroupsToken(
02459   _In_ HANDLE TokenHandle,
02460   _In_ BOOLEAN ResetToDefault,
02461   _In_opt_ PTOKEN_GROUPS NewState,
02462   _In_opt_ ULONG BufferLength,
02463   _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
02464   _Out_ PULONG ReturnLength);
02465 
02466 _Must_inspect_result_
02467 __kernel_entry
02468 NTSYSCALLAPI
02469 NTSTATUS
02470 NTAPI
02471 NtPrivilegeCheck(
02472   _In_ HANDLE ClientToken,
02473   _Inout_ PPRIVILEGE_SET RequiredPrivileges,
02474   _Out_ PBOOLEAN Result);
02475 
02476 _Must_inspect_result_
02477 __kernel_entry
02478 NTSYSCALLAPI
02479 NTSTATUS
02480 NTAPI
02481 NtAccessCheckAndAuditAlarm(
02482   _In_ PUNICODE_STRING SubsystemName,
02483   _In_opt_ PVOID HandleId,
02484   _In_ PUNICODE_STRING ObjectTypeName,
02485   _In_ PUNICODE_STRING ObjectName,
02486   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02487   _In_ ACCESS_MASK DesiredAccess,
02488   _In_ PGENERIC_MAPPING GenericMapping,
02489   _In_ BOOLEAN ObjectCreation,
02490   _Out_ PACCESS_MASK GrantedAccess,
02491   _Out_ PNTSTATUS AccessStatus,
02492   _Out_ PBOOLEAN GenerateOnClose);
02493 
02494 _Must_inspect_result_
02495 __kernel_entry
02496 NTSYSCALLAPI
02497 NTSTATUS
02498 NTAPI
02499 NtAccessCheckByTypeAndAuditAlarm(
02500   _In_ PUNICODE_STRING SubsystemName,
02501   _In_opt_ PVOID HandleId,
02502   _In_ PUNICODE_STRING ObjectTypeName,
02503   _In_ PUNICODE_STRING ObjectName,
02504   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02505   _In_opt_ PSID PrincipalSelfSid,
02506   _In_ ACCESS_MASK DesiredAccess,
02507   _In_ AUDIT_EVENT_TYPE AuditType,
02508   _In_ ULONG Flags,
02509   _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
02510   _In_ ULONG ObjectTypeLength,
02511   _In_ PGENERIC_MAPPING GenericMapping,
02512   _In_ BOOLEAN ObjectCreation,
02513   _Out_ PACCESS_MASK GrantedAccess,
02514   _Out_ PNTSTATUS AccessStatus,
02515   _Out_ PBOOLEAN GenerateOnClose);
02516 
02517 _Must_inspect_result_
02518 __kernel_entry
02519 NTSYSCALLAPI
02520 NTSTATUS
02521 NTAPI
02522 NtAccessCheckByTypeResultListAndAuditAlarm(
02523   _In_ PUNICODE_STRING SubsystemName,
02524   _In_opt_ PVOID HandleId,
02525   _In_ PUNICODE_STRING ObjectTypeName,
02526   _In_ PUNICODE_STRING ObjectName,
02527   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02528   _In_opt_ PSID PrincipalSelfSid,
02529   _In_ ACCESS_MASK DesiredAccess,
02530   _In_ AUDIT_EVENT_TYPE AuditType,
02531   _In_ ULONG Flags,
02532   _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
02533   _In_ ULONG ObjectTypeListLength,
02534   _In_ PGENERIC_MAPPING GenericMapping,
02535   _In_ BOOLEAN ObjectCreation,
02536   _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
02537   _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
02538   _Out_ PBOOLEAN GenerateOnClose);
02539 
02540 _Must_inspect_result_
02541 __kernel_entry
02542 NTSYSCALLAPI
02543 NTSTATUS
02544 NTAPI
02545 NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
02546   _In_ PUNICODE_STRING SubsystemName,
02547   _In_opt_ PVOID HandleId,
02548   _In_ HANDLE ClientToken,
02549   _In_ PUNICODE_STRING ObjectTypeName,
02550   _In_ PUNICODE_STRING ObjectName,
02551   _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02552   _In_opt_ PSID PrincipalSelfSid,
02553   _In_ ACCESS_MASK DesiredAccess,
02554   _In_ AUDIT_EVENT_TYPE AuditType,
02555   _In_ ULONG Flags,
02556   _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
02557   _In_ ULONG ObjectTypeListLength,
02558   _In_ PGENERIC_MAPPING GenericMapping,
02559   _In_ BOOLEAN ObjectCreation,
02560   _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
02561   _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
02562   _Out_ PBOOLEAN GenerateOnClose);
02563 
02564 __kernel_entry
02565 NTSYSCALLAPI
02566 NTSTATUS
02567 NTAPI
02568 NtOpenObjectAuditAlarm(
02569   _In_ PUNICODE_STRING SubsystemName,
02570   _In_opt_ PVOID HandleId,
02571   _In_ PUNICODE_STRING ObjectTypeName,
02572   _In_ PUNICODE_STRING ObjectName,
02573   _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
02574   _In_ HANDLE ClientToken,
02575   _In_ ACCESS_MASK DesiredAccess,
02576   _In_ ACCESS_MASK GrantedAccess,
02577   _In_opt_ PPRIVILEGE_SET Privileges,
02578   _In_ BOOLEAN ObjectCreation,
02579   _In_ BOOLEAN AccessGranted,
02580   _Out_ PBOOLEAN GenerateOnClose);
02581 
02582 __kernel_entry
02583 NTSYSCALLAPI
02584 NTSTATUS
02585 NTAPI
02586 NtPrivilegeObjectAuditAlarm(
02587   _In_ PUNICODE_STRING SubsystemName,
02588   _In_opt_ PVOID HandleId,
02589   _In_ HANDLE ClientToken,
02590   _In_ ACCESS_MASK DesiredAccess,
02591   _In_ PPRIVILEGE_SET Privileges,
02592   _In_ BOOLEAN AccessGranted);
02593 
02594 __kernel_entry
02595 NTSYSCALLAPI
02596 NTSTATUS
02597 NTAPI
02598 NtCloseObjectAuditAlarm(
02599   _In_ PUNICODE_STRING SubsystemName,
02600   _In_opt_ PVOID HandleId,
02601   _In_ BOOLEAN GenerateOnClose);
02602 
02603 __kernel_entry
02604 NTSYSCALLAPI
02605 NTSTATUS
02606 NTAPI
02607 NtDeleteObjectAuditAlarm(
02608   _In_ PUNICODE_STRING SubsystemName,
02609   _In_opt_ PVOID HandleId,
02610   _In_ BOOLEAN GenerateOnClose);
02611 
02612 __kernel_entry
02613 NTSYSCALLAPI
02614 NTSTATUS
02615 NTAPI
02616 NtPrivilegedServiceAuditAlarm(
02617   _In_ PUNICODE_STRING SubsystemName,
02618   _In_ PUNICODE_STRING ServiceName,
02619   _In_ HANDLE ClientToken,
02620   _In_ PPRIVILEGE_SET Privileges,
02621   _In_ BOOLEAN AccessGranted);
02622 
02623 __kernel_entry
02624 NTSYSCALLAPI
02625 NTSTATUS
02626 NTAPI
02627 NtSetInformationThread(
02628   _In_ HANDLE ThreadHandle,
02629   _In_ THREADINFOCLASS ThreadInformationClass,
02630   _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
02631   _In_ ULONG ThreadInformationLength);
02632 
02633 _Must_inspect_result_
02634 __kernel_entry
02635 NTSYSCALLAPI
02636 NTSTATUS
02637 NTAPI
02638 NtCreateSection(
02639   _Out_ PHANDLE SectionHandle,
02640   _In_ ACCESS_MASK DesiredAccess,
02641   _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
02642   _In_opt_ PLARGE_INTEGER MaximumSize,
02643   _In_ ULONG SectionPageProtection,
02644   _In_ ULONG AllocationAttributes,
02645   _In_opt_ HANDLE FileHandle);
02646 
02647 #endif
02648 
02649 #define COMPRESSION_FORMAT_NONE         (0x0000)
02650 #define COMPRESSION_FORMAT_DEFAULT      (0x0001)
02651 #define COMPRESSION_FORMAT_LZNT1        (0x0002)
02652 #define COMPRESSION_ENGINE_STANDARD     (0x0000)
02653 #define COMPRESSION_ENGINE_MAXIMUM      (0x0100)
02654 #define COMPRESSION_ENGINE_HIBER        (0x0200)
02655 
02656 #define MAX_UNICODE_STACK_BUFFER_LENGTH 256
02657 
02658 #define METHOD_FROM_CTL_CODE(ctrlCode)  ((ULONG)(ctrlCode & 3))
02659 
02660 #define METHOD_DIRECT_TO_HARDWARE       METHOD_IN_DIRECT
02661 #define METHOD_DIRECT_FROM_HARDWARE     METHOD_OUT_DIRECT
02662 
02663 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
02664 
02665 typedef enum _SECURITY_LOGON_TYPE {
02666   UndefinedLogonType = 0,
02667   Interactive = 2,
02668   Network,
02669   Batch,
02670   Service,
02671   Proxy,
02672   Unlock,
02673   NetworkCleartext,
02674   NewCredentials,
02675 #if (_WIN32_WINNT >= 0x0501)
02676   RemoteInteractive,
02677   CachedInteractive,
02678 #endif
02679 #if (_WIN32_WINNT >= 0x0502)
02680   CachedRemoteInteractive,
02681   CachedUnlock
02682 #endif
02683 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
02684 
02685 #ifndef _NTLSA_AUDIT_
02686 #define _NTLSA_AUDIT_
02687 
02688 #ifndef GUID_DEFINED
02689 #include <guiddef.h>
02690 #endif
02691 
02692 #endif /* _NTLSA_AUDIT_ */
02693 
02694 _IRQL_requires_same_
02695 _IRQL_requires_max_(PASSIVE_LEVEL)
02696 NTSTATUS
02697 NTAPI
02698 LsaRegisterLogonProcess(
02699   _In_ PLSA_STRING LogonProcessName,
02700   _Out_ PHANDLE LsaHandle,
02701   _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
02702 
02703 _IRQL_requires_same_
02704 _IRQL_requires_max_(PASSIVE_LEVEL)
02705 NTSTATUS
02706 NTAPI
02707 LsaLogonUser(
02708   _In_ HANDLE LsaHandle,
02709   _In_ PLSA_STRING OriginName,
02710   _In_ SECURITY_LOGON_TYPE LogonType,
02711   _In_ ULONG AuthenticationPackage,
02712   _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
02713   _In_ ULONG AuthenticationInformationLength,
02714   _In_opt_ PTOKEN_GROUPS LocalGroups,
02715   _In_ PTOKEN_SOURCE SourceContext,
02716   _Out_ PVOID *ProfileBuffer,
02717   _Out_ PULONG ProfileBufferLength,
02718   _Inout_ PLUID LogonId,
02719   _Out_ PHANDLE Token,
02720   _Out_ PQUOTA_LIMITS Quotas,
02721   _Out_ PNTSTATUS SubStatus);
02722 
02723 _IRQL_requires_same_
02724 NTSTATUS
02725 NTAPI
02726 LsaFreeReturnBuffer(
02727   _In_ PVOID Buffer);
02728 
02729 #ifndef _NTLSA_IFS_
02730 #define _NTLSA_IFS_
02731 #endif
02732 
02733 #define MSV1_0_PACKAGE_NAME     "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
02734 #define MSV1_0_PACKAGE_NAMEW    L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
02735 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
02736 
02737 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
02738 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
02739 
02740 #define MSV1_0_CHALLENGE_LENGTH                8
02741 #define MSV1_0_USER_SESSION_KEY_LENGTH         16
02742 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH       8
02743 
02744 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED      0x02
02745 #define MSV1_0_UPDATE_LOGON_STATISTICS         0x04
02746 #define MSV1_0_RETURN_USER_PARAMETERS          0x08
02747 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT          0x10
02748 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT      0x20
02749 #define MSV1_0_RETURN_PASSWORD_EXPIRY          0x40
02750 #define MSV1_0_USE_CLIENT_CHALLENGE            0x80
02751 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY          0x100
02752 #define MSV1_0_RETURN_PROFILE_PATH             0x200
02753 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY       0x400
02754 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
02755 
02756 #define MSV1_0_DISABLE_PERSONAL_FALLBACK     0x00001000
02757 #define MSV1_0_ALLOW_FORCE_GUEST             0x00002000
02758 
02759 #if (_WIN32_WINNT >= 0x0502)
02760 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED   0x00004000
02761 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY   0x00008000
02762 #endif
02763 
02764 #define MSV1_0_SUBAUTHENTICATION_DLL_EX      0x00100000
02765 #define MSV1_0_ALLOW_MSVCHAPV2               0x00010000
02766 
02767 #if (_WIN32_WINNT >= 0x0600)
02768 #define MSV1_0_S4U2SELF                      0x00020000
02769 #define MSV1_0_CHECK_LOGONHOURS_FOR_S4U      0x00040000
02770 #endif
02771 
02772 #define MSV1_0_SUBAUTHENTICATION_DLL         0xFF000000
02773 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT   24
02774 #define MSV1_0_MNS_LOGON                     0x01000000
02775 
02776 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS     2
02777 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS     132
02778 
02779 #define LOGON_GUEST                 0x01
02780 #define LOGON_NOENCRYPTION          0x02
02781 #define LOGON_CACHED_ACCOUNT        0x04
02782 #define LOGON_USED_LM_PASSWORD      0x08
02783 #define LOGON_EXTRA_SIDS            0x20
02784 #define LOGON_SUBAUTH_SESSION_KEY   0x40
02785 #define LOGON_SERVER_TRUST_ACCOUNT  0x80
02786 #define LOGON_NTLMV2_ENABLED        0x100
02787 #define LOGON_RESOURCE_GROUPS       0x200
02788 #define LOGON_PROFILE_PATH_RETURNED 0x400
02789 #define LOGON_NT_V2                 0x800
02790 #define LOGON_LM_V2                 0x1000
02791 #define LOGON_NTLM_V2               0x2000
02792 
02793 #if (_WIN32_WINNT >= 0x0600)
02794 
02795 #define LOGON_OPTIMIZED             0x4000
02796 #define LOGON_WINLOGON              0x8000
02797 #define LOGON_PKINIT               0x10000
02798 #define LOGON_NO_OPTIMIZED         0x20000
02799 
02800 #endif
02801 
02802 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
02803 
02804 #define LOGON_GRACE_LOGON              0x01000000
02805 
02806 #define MSV1_0_OWF_PASSWORD_LENGTH 16
02807 #define MSV1_0_CRED_LM_PRESENT 0x1
02808 #define MSV1_0_CRED_NT_PRESENT 0x2
02809 #define MSV1_0_CRED_VERSION 0
02810 
02811 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
02812 #define MSV1_0_NTLM3_OWF_LENGTH 16
02813 
02814 #if (_WIN32_WINNT == 0x0500)
02815 #define MSV1_0_MAX_NTLM3_LIFE 1800
02816 #else
02817 #define MSV1_0_MAX_NTLM3_LIFE 129600
02818 #endif
02819 #define MSV1_0_MAX_AVL_SIZE 64000
02820 
02821 #if (_WIN32_WINNT >= 0x0501)
02822 
02823 #define MSV1_0_AV_FLAG_FORCE_GUEST                  0x00000001
02824 
02825 #if (_WIN32_WINNT >= 0x0600)
02826 #define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES       0x00000002
02827 #endif
02828 
02829 #endif
02830 
02831 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
02832 
02833 #if(_WIN32_WINNT >= 0x0502)
02834 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
02835 #endif
02836 
02837 #define USE_PRIMARY_PASSWORD            0x01
02838 #define RETURN_PRIMARY_USERNAME         0x02
02839 #define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
02840 #define RETURN_NON_NT_USER_SESSION_KEY  0x08
02841 #define GENERATE_CLIENT_CHALLENGE       0x10
02842 #define GCR_NTLM3_PARMS                 0x20
02843 #define GCR_TARGET_INFO                 0x40
02844 #define RETURN_RESERVED_PARAMETER       0x80
02845 #define GCR_ALLOW_NTLM                 0x100
02846 #define GCR_USE_OEM_SET                0x200
02847 #define GCR_MACHINE_CREDENTIAL         0x400
02848 #define GCR_USE_OWF_PASSWORD           0x800
02849 #define GCR_ALLOW_LM                  0x1000
02850 #define GCR_ALLOW_NO_TARGET           0x2000
02851 
02852 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
02853   MsV1_0InteractiveLogon = 2,
02854   MsV1_0Lm20Logon,
02855   MsV1_0NetworkLogon,
02856   MsV1_0SubAuthLogon,
02857   MsV1_0WorkstationUnlockLogon = 7,
02858   MsV1_0S4ULogon = 12,
02859   MsV1_0VirtualLogon = 82
02860 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
02861 
02862 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
02863   MsV1_0InteractiveProfile = 2,
02864   MsV1_0Lm20LogonProfile,
02865   MsV1_0SmartCardProfile
02866 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
02867 
02868 typedef struct _MSV1_0_INTERACTIVE_LOGON {
02869   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02870   UNICODE_STRING LogonDomainName;
02871   UNICODE_STRING UserName;
02872   UNICODE_STRING Password;
02873 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
02874 
02875 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
02876   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
02877   USHORT LogonCount;
02878   USHORT BadPasswordCount;
02879   LARGE_INTEGER LogonTime;
02880   LARGE_INTEGER LogoffTime;
02881   LARGE_INTEGER KickOffTime;
02882   LARGE_INTEGER PasswordLastSet;
02883   LARGE_INTEGER PasswordCanChange;
02884   LARGE_INTEGER PasswordMustChange;
02885   UNICODE_STRING LogonScript;
02886   UNICODE_STRING HomeDirectory;
02887   UNICODE_STRING FullName;
02888   UNICODE_STRING ProfilePath;
02889   UNICODE_STRING HomeDirectoryDrive;
02890   UNICODE_STRING LogonServer;
02891   ULONG UserFlags;
02892 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
02893 
02894 typedef struct _MSV1_0_LM20_LOGON {
02895   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02896   UNICODE_STRING LogonDomainName;
02897   UNICODE_STRING UserName;
02898   UNICODE_STRING Workstation;
02899   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
02900   STRING CaseSensitiveChallengeResponse;
02901   STRING CaseInsensitiveChallengeResponse;
02902   ULONG ParameterControl;
02903 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
02904 
02905 typedef struct _MSV1_0_SUBAUTH_LOGON {
02906   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02907   UNICODE_STRING LogonDomainName;
02908   UNICODE_STRING UserName;
02909   UNICODE_STRING Workstation;
02910   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
02911   STRING AuthenticationInfo1;
02912   STRING AuthenticationInfo2;
02913   ULONG ParameterControl;
02914   ULONG SubAuthPackageId;
02915 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
02916 
02917 #if (_WIN32_WINNT >= 0x0600)
02918 
02919 #define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
02920 
02921 typedef struct _MSV1_0_S4U_LOGON {
02922   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
02923   ULONG Flags;
02924   UNICODE_STRING UserPrincipalName;
02925   UNICODE_STRING DomainName;
02926 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
02927 
02928 #endif
02929 
02930 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
02931   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
02932   LARGE_INTEGER KickOffTime;
02933   LARGE_INTEGER LogoffTime;
02934   ULONG UserFlags;
02935   UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
02936   UNICODE_STRING LogonDomainName;
02937   UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
02938   UNICODE_STRING LogonServer;
02939   UNICODE_STRING UserParameters;
02940 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
02941 
02942 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
02943   ULONG Version;
02944   ULONG Flags;
02945   UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
02946   UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
02947 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
02948 
02949 typedef struct _MSV1_0_NTLM3_RESPONSE {
02950   UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
02951   UCHAR RespType;
02952   UCHAR HiRespType;
02953   USHORT Flags;
02954   ULONG MsgWord;
02955   ULONGLONG TimeStamp;
02956   UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
02957   ULONG AvPairsOff;
02958   UCHAR Buffer[1];
02959 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
02960 
02961 typedef enum _MSV1_0_AVID {
02962   MsvAvEOL,
02963   MsvAvNbComputerName,
02964   MsvAvNbDomainName,
02965   MsvAvDnsComputerName,
02966   MsvAvDnsDomainName,
02967 #if (_WIN32_WINNT >= 0x0501)
02968   MsvAvDnsTreeName,
02969   MsvAvFlags,
02970 #if (_WIN32_WINNT >= 0x0600)
02971   MsvAvTimestamp,
02972   MsvAvRestrictions,
02973   MsvAvTargetName,
02974   MsvAvChannelBindings,
02975 #endif
02976 #endif
02977 } MSV1_0_AVID;
02978 
02979 typedef struct _MSV1_0_AV_PAIR {
02980   USHORT AvId;
02981   USHORT AvLen;
02982 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
02983 
02984 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
02985   MsV1_0Lm20ChallengeRequest = 0,
02986   MsV1_0Lm20GetChallengeResponse,
02987   MsV1_0EnumerateUsers,
02988   MsV1_0GetUserInfo,
02989   MsV1_0ReLogonUsers,
02990   MsV1_0ChangePassword,
02991   MsV1_0ChangeCachedPassword,
02992   MsV1_0GenericPassthrough,
02993   MsV1_0CacheLogon,
02994   MsV1_0SubAuth,
02995   MsV1_0DeriveCredential,
02996   MsV1_0CacheLookup,
02997 #if (_WIN32_WINNT >= 0x0501)
02998   MsV1_0SetProcessOption,
02999 #endif
03000 #if (_WIN32_WINNT >= 0x0600)
03001   MsV1_0ConfigLocalAliases,
03002   MsV1_0ClearCachedCredentials,
03003 #endif
03004 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
03005 
03006 typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
03007   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03008 } MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
03009 
03010 typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
03011   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03012   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03013 } MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
03014 
03015 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
03016   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03017   ULONG ParameterControl;
03018   LUID LogonId;
03019   UNICODE_STRING Password;
03020   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03021 } MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
03022 
03023 typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
03024   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03025   ULONG ParameterControl;
03026   LUID LogonId;
03027   UNICODE_STRING Password;
03028   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
03029   UNICODE_STRING UserName;
03030   UNICODE_STRING LogonDomainName;
03031   UNICODE_STRING ServerName;
03032 } MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
03033 
03034 typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
03035   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03036   STRING CaseSensitiveChallengeResponse;
03037   STRING CaseInsensitiveChallengeResponse;
03038   UNICODE_STRING UserName;
03039   UNICODE_STRING LogonDomainName;
03040   UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
03041   UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
03042 } MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
03043 
03044 typedef struct _MSV1_0_ENUMUSERS_REQUEST {
03045   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03046 } MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
03047 
03048 typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
03049   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03050   ULONG NumberOfLoggedOnUsers;
03051   PLUID LogonIds;
03052   PULONG EnumHandles;
03053 } MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
03054 
03055 typedef struct _MSV1_0_GETUSERINFO_REQUEST {
03056   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03057   LUID LogonId;
03058 } MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
03059 
03060 typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
03061   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
03062   PSID UserSid;
03063   UNICODE_STRING UserName;
03064   UNICODE_STRING LogonDomainName;
03065   UNICODE_STRING LogonServer;
03066   SECURITY_LOGON_TYPE LogonType;
03067 } MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
03068 
03069 
03070 
03071 #define FILE_OPLOCK_BROKEN_TO_LEVEL_2   0x00000007
03072 #define FILE_OPLOCK_BROKEN_TO_NONE      0x00000008
03073 #define FILE_OPBATCH_BREAK_UNDERWAY     0x00000009
03074 
03075 /* also in winnt.h */
03076 #define FILE_NOTIFY_CHANGE_FILE_NAME    0x00000001
03077 #define FILE_NOTIFY_CHANGE_DIR_NAME     0x00000002
03078 #define FILE_NOTIFY_CHANGE_NAME         0x00000003
03079 #define FILE_NOTIFY_CHANGE_ATTRIBUTES   0x00000004
03080 #define FILE_NOTIFY_CHANGE_SIZE         0x00000008
03081 #define FILE_NOTIFY_CHANGE_LAST_WRITE   0x00000010
03082 #define FILE_NOTIFY_CHANGE_LAST_ACCESS  0x00000020
03083 #define FILE_NOTIFY_CHANGE_CREATION     0x00000040
03084 #define FILE_NOTIFY_CHANGE_EA           0x00000080
03085 #define FILE_NOTIFY_CHANGE_SECURITY     0x00000100
03086 #define FILE_NOTIFY_CHANGE_STREAM_NAME  0x00000200
03087 #define FILE_NOTIFY_CHANGE_STREAM_SIZE  0x00000400
03088 #define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
03089 #define FILE_NOTIFY_VALID_MASK          0x00000fff
03090 
03091 #define FILE_ACTION_ADDED                   0x00000001
03092 #define FILE_ACTION_REMOVED                 0x00000002
03093 #define FILE_ACTION_MODIFIED                0x00000003
03094 #define FILE_ACTION_RENAMED_OLD_NAME        0x00000004
03095 #define FILE_ACTION_RENAMED_NEW_NAME        0x00000005
03096 #define FILE_ACTION_ADDED_STREAM            0x00000006
03097 #define FILE_ACTION_REMOVED_STREAM          0x00000007
03098 #define FILE_ACTION_MODIFIED_STREAM         0x00000008
03099 #define FILE_ACTION_REMOVED_BY_DELETE       0x00000009
03100 #define FILE_ACTION_ID_NOT_TUNNELLED        0x0000000A
03101 #define FILE_ACTION_TUNNELLED_ID_COLLISION  0x0000000B
03102 /* end  winnt.h */
03103 
03104 #define FILE_PIPE_BYTE_STREAM_TYPE          0x00000000
03105 #define FILE_PIPE_MESSAGE_TYPE              0x00000001
03106 
03107 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS     0x00000000
03108 #define FILE_PIPE_REJECT_REMOTE_CLIENTS     0x00000002
03109 
03110 #define FILE_PIPE_ACCEPT_REMOTE_CLIENTS     0x00000000
03111 #define FILE_PIPE_REJECT_REMOTE_CLIENTS     0x00000002
03112 #define FILE_PIPE_TYPE_VALID_MASK           0x00000003
03113 
03114 #define FILE_PIPE_BYTE_STREAM_MODE          0x00000000
03115 #define FILE_PIPE_MESSAGE_MODE              0x00000001
03116 
03117 #define FILE_PIPE_QUEUE_OPERATION           0x00000000
03118 #define FILE_PIPE_COMPLETE_OPERATION        0x00000001
03119 
03120 #define FILE_PIPE_INBOUND                   0x00000000
03121 #define FILE_PIPE_OUTBOUND                  0x00000001
03122 #define FILE_PIPE_FULL_DUPLEX               0x00000002
03123 
03124 #define FILE_PIPE_DISCONNECTED_STATE        0x00000001
03125 #define FILE_PIPE_LISTENING_STATE           0x00000002
03126 #define FILE_PIPE_CONNECTED_STATE           0x00000003
03127 #define FILE_PIPE_CLOSING_STATE             0x00000004
03128 
03129 #define FILE_PIPE_CLIENT_END                0x00000000
03130 #define FILE_PIPE_SERVER_END                0x00000001
03131 
03132 #define FILE_CASE_SENSITIVE_SEARCH          0x00000001
03133 #define FILE_CASE_PRESERVED_NAMES           0x00000002
03134 #define FILE_UNICODE_ON_DISK                0x00000004
03135 #define FILE_PERSISTENT_ACLS                0x00000008
03136 #define FILE_FILE_COMPRESSION               0x00000010
03137 #define FILE_VOLUME_QUOTAS                  0x00000020
03138 #define FILE_SUPPORTS_SPARSE_FILES          0x00000040
03139 #define FILE_SUPPORTS_REPARSE_POINTS        0x00000080
03140 #define FILE_SUPPORTS_REMOTE_STORAGE        0x00000100
03141 #define FILE_VOLUME_IS_COMPRESSED           0x00008000
03142 #define FILE_SUPPORTS_OBJECT_IDS            0x00010000
03143 #define FILE_SUPPORTS_ENCRYPTION            0x00020000
03144 #define FILE_NAMED_STREAMS                  0x00040000
03145 #define FILE_READ_ONLY_VOLUME               0x00080000
03146 #define FILE_SEQUENTIAL_WRITE_ONCE          0x00100000
03147 #define FILE_SUPPORTS_TRANSACTIONS          0x00200000
03148 #define FILE_SUPPORTS_HARD_LINKS            0x00400000
03149 #define FILE_SUPPORTS_EXTENDED_ATTRIBUTES   0x00800000
03150 #define FILE_SUPPORTS_OPEN_BY_FILE_ID       0x01000000
03151 #define FILE_SUPPORTS_USN_JOURNAL           0x02000000
03152 
03153 #define FILE_NEED_EA                    0x00000080
03154 
03155 #define FILE_EA_TYPE_BINARY             0xfffe
03156 #define FILE_EA_TYPE_ASCII              0xfffd
03157 #define FILE_EA_TYPE_BITMAP             0xfffb
03158 #define FILE_EA_TYPE_METAFILE           0xfffa
03159 #define FILE_EA_TYPE_ICON               0xfff9
03160 #define FILE_EA_TYPE_EA                 0xffee
03161 #define FILE_EA_TYPE_MVMT               0xffdf
03162 #define FILE_EA_TYPE_MVST               0xffde
03163 #define FILE_EA_TYPE_ASN1               0xffdd
03164 #define FILE_EA_TYPE_FAMILY_IDS         0xff01
03165 
03166 typedef struct _FILE_NOTIFY_INFORMATION {
03167   ULONG NextEntryOffset;
03168   ULONG Action;
03169   ULONG FileNameLength;
03170   WCHAR FileName[1];
03171 } FILE_NOTIFY_INFORMATION, *PFILE_NOTIFY_INFORMATION;
03172 
03173 typedef struct _FILE_DIRECTORY_INFORMATION {
03174   ULONG NextEntryOffset;
03175   ULONG FileIndex;
03176   LARGE_INTEGER CreationTime;
03177   LARGE_INTEGER LastAccessTime;
03178   LARGE_INTEGER LastWriteTime;
03179   LARGE_INTEGER ChangeTime;
03180   LARGE_INTEGER EndOfFile;
03181   LARGE_INTEGER AllocationSize;
03182   ULONG FileAttributes;
03183   ULONG FileNameLength;
03184   WCHAR FileName[1];
03185 } FILE_DIRECTORY_INFORMATION, *PFILE_DIRECTORY_INFORMATION;
03186 
03187 typedef struct _FILE_FULL_DIR_INFORMATION {
03188   ULONG NextEntryOffset;
03189   ULONG FileIndex;
03190   LARGE_INTEGER CreationTime;
03191   LARGE_INTEGER LastAccessTime;
03192   LARGE_INTEGER LastWriteTime;
03193   LARGE_INTEGER ChangeTime;
03194   LARGE_INTEGER EndOfFile;
03195   LARGE_INTEGER AllocationSize;
03196   ULONG FileAttributes;
03197   ULONG FileNameLength;
03198   ULONG EaSize;
03199   WCHAR FileName[1];
03200 } FILE_FULL_DIR_INFORMATION, *PFILE_FULL_DIR_INFORMATION;
03201 
03202 typedef struct _FILE_ID_FULL_DIR_INFORMATION {
03203   ULONG NextEntryOffset;
03204   ULONG FileIndex;
03205   LARGE_INTEGER CreationTime;
03206   LARGE_INTEGER LastAccessTime;
03207   LARGE_INTEGER LastWriteTime;
03208   LARGE_INTEGER ChangeTime;
03209   LARGE_INTEGER EndOfFile;
03210   LARGE_INTEGER AllocationSize;
03211   ULONG FileAttributes;
03212   ULONG FileNameLength;
03213   ULONG EaSize;
03214   LARGE_INTEGER FileId;
03215   WCHAR FileName[1];
03216 } FILE_ID_FULL_DIR_INFORMATION, *PFILE_ID_FULL_DIR_INFORMATION;
03217 
03218 typedef struct _FILE_BOTH_DIR_INFORMATION {
03219   ULONG NextEntryOffset;
03220   ULONG FileIndex;
03221   LARGE_INTEGER CreationTime;
03222   LARGE_INTEGER LastAccessTime;
03223   LARGE_INTEGER LastWriteTime;
03224   LARGE_INTEGER ChangeTime;
03225   LARGE_INTEGER EndOfFile;
03226   LARGE_INTEGER AllocationSize;
03227   ULONG FileAttributes;
03228   ULONG FileNameLength;
03229   ULONG EaSize;
03230   CCHAR ShortNameLength;
03231   WCHAR ShortName[12];
03232   WCHAR FileName[1];
03233 } FILE_BOTH_DIR_INFORMATION, *PFILE_BOTH_DIR_INFORMATION;
03234 
03235 typedef struct _FILE_ID_BOTH_DIR_INFORMATION {
03236   ULONG NextEntryOffset;
03237   ULONG FileIndex;
03238   LARGE_INTEGER CreationTime;
03239   LARGE_INTEGER LastAccessTime;
03240   LARGE_INTEGER LastWriteTime;
03241   LARGE_INTEGER ChangeTime;
03242   LARGE_INTEGER EndOfFile;
03243   LARGE_INTEGER AllocationSize;
03244   ULONG FileAttributes;
03245   ULONG FileNameLength;
03246   ULONG EaSize;
03247   CCHAR ShortNameLength;
03248   WCHAR ShortName[12];
03249   LARGE_INTEGER FileId;
03250   WCHAR FileName[1];
03251 } FILE_ID_BOTH_DIR_INFORMATION, *PFILE_ID_BOTH_DIR_INFORMATION;
03252 
03253 typedef struct _FILE_NAMES_INFORMATION {
03254   ULONG NextEntryOffset;
03255   ULONG FileIndex;
03256   ULONG FileNameLength;
03257   WCHAR FileName[1];
03258 } FILE_NAMES_INFORMATION, *PFILE_NAMES_INFORMATION;
03259 
03260 typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION {
03261   ULONG NextEntryOffset;
03262   ULONG FileIndex;
03263   LARGE_INTEGER CreationTime;
03264   LARGE_INTEGER LastAccessTime;
03265   LARGE_INTEGER LastWriteTime;
03266   LARGE_INTEGER ChangeTime;
03267   LARGE_INTEGER EndOfFile;
03268   LARGE_INTEGER AllocationSize;
03269   ULONG FileAttributes;
03270   ULONG FileNameLength;
03271   LARGE_INTEGER FileId;
03272   GUID LockingTransactionId;
03273   ULONG TxInfoFlags;
03274   WCHAR FileName[1];
03275 } FILE_ID_GLOBAL_TX_DIR_INFORMATION, *PFILE_ID_GLOBAL_TX_DIR_INFORMATION;
03276 
03277 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_WRITELOCKED         0x00000001
03278 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_TO_TX       0x00000002
03279 #define FILE_ID_GLOBAL_TX_DIR_INFO_FLAG_VISIBLE_OUTSIDE_TX  0x00000004
03280 
03281 typedef struct _FILE_OBJECTID_INFORMATION {
03282   LONGLONG FileReference;
03283   UCHAR ObjectId[16];
03284   _ANONYMOUS_UNION union {
03285     _ANONYMOUS_STRUCT struct {
03286       UCHAR BirthVolumeId[16];
03287       UCHAR BirthObjectId[16];
03288       UCHAR DomainId[16];
03289     } DUMMYSTRUCTNAME;
03290     UCHAR ExtendedInfo[48];
03291   } DUMMYUNIONNAME;
03292 } FILE_OBJECTID_INFORMATION, *PFILE_OBJECTID_INFORMATION;
03293 
03294 #define ANSI_DOS_STAR                   ('<')
03295 #define ANSI_DOS_QM                     ('>')
03296 #define ANSI_DOS_DOT                    ('"')
03297 
03298 #define DOS_STAR                        (L'<')
03299 #define DOS_QM                          (L'>')
03300 #define DOS_DOT                         (L'"')
03301 
03302 typedef struct _FILE_INTERNAL_INFORMATION {
03303   LARGE_INTEGER IndexNumber;
03304 } FILE_INTERNAL_INFORMATION, *PFILE_INTERNAL_INFORMATION;
03305 
03306 typedef struct _FILE_EA_INFORMATION {
03307   ULONG EaSize;
03308 } FILE_EA_INFORMATION, *PFILE_EA_INFORMATION;
03309 
03310 typedef struct _FILE_ACCESS_INFORMATION {
03311   ACCESS_MASK AccessFlags;
03312 } FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
03313 
03314 typedef struct _FILE_MODE_INFORMATION {
03315   ULONG Mode;
03316 } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION;
03317 
03318 typedef struct _FILE_ALL_INFORMATION {
03319   FILE_BASIC_INFORMATION BasicInformation;
03320   FILE_STANDARD_INFORMATION StandardInformation;
03321   FILE_INTERNAL_INFORMATION InternalInformation;
03322   FILE_EA_INFORMATION EaInformation;
03323   FILE_ACCESS_INFORMATION AccessInformation;
03324   FILE_POSITION_INFORMATION PositionInformation;
03325   FILE_MODE_INFORMATION ModeInformation;
03326   FILE_ALIGNMENT_INFORMATION AlignmentInformation;
03327   FILE_NAME_INFORMATION NameInformation;
03328 } FILE_ALL_INFORMATION, *PFILE_ALL_INFORMATION;
03329 
03330 typedef struct _FILE_ALLOCATION_INFORMATION {
03331   LARGE_INTEGER AllocationSize;
03332 } FILE_ALLOCATION_INFORMATION, *PFILE_ALLOCATION_INFORMATION;
03333 
03334 typedef struct _FILE_COMPRESSION_INFORMATION {
03335   LARGE_INTEGER CompressedFileSize;
03336   USHORT CompressionFormat;
03337   UCHAR CompressionUnitShift;
03338   UCHAR ChunkShift;
03339   UCHAR ClusterShift;
03340   UCHAR Reserved[3];
03341 } FILE_COMPRESSION_INFORMATION, *PFILE_COMPRESSION_INFORMATION;
03342 
03343 typedef struct _FILE_LINK_INFORMATION {
03344   BOOLEAN ReplaceIfExists;
03345   HANDLE RootDirectory;
03346   ULONG FileNameLength;
03347   WCHAR FileName[1];
03348 } FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
03349 
03350 typedef struct _FILE_MOVE_CLUSTER_INFORMATION {
03351   ULONG ClusterCount;
03352   HANDLE RootDirectory;
03353   ULONG FileNameLength;
03354   WCHAR FileName[1];
03355 } FILE_MOVE_CLUSTER_INFORMATION, *PFILE_MOVE_CLUSTER_INFORMATION;
03356 
03357 typedef struct _FILE_RENAME_INFORMATION {
03358   BOOLEAN ReplaceIfExists;
03359   HANDLE RootDirectory;
03360   ULONG FileNameLength;
03361   WCHAR FileName[1];
03362 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
03363 
03364 typedef struct _FILE_STREAM_INFORMATION {
03365   ULONG NextEntryOffset;
03366   ULONG StreamNameLength;
03367   LARGE_INTEGER StreamSize;
03368   LARGE_INTEGER StreamAllocationSize;
03369   WCHAR StreamName[1];
03370 } FILE_STREAM_INFORMATION, *PFILE_STREAM_INFORMATION;
03371 
03372 typedef struct _FILE_TRACKING_INFORMATION {
03373   HANDLE DestinationFile;
03374   ULONG ObjectInformationLength;
03375   CHAR ObjectInformation[1];
03376 } FILE_TRACKING_INFORMATION, *PFILE_TRACKING_INFORMATION;
03377 
03378 typedef struct _FILE_COMPLETION_INFORMATION {
03379   HANDLE Port;
03380   PVOID Key;
03381 } FILE_COMPLETION_INFORMATION, *PFILE_COMPLETION_INFORMATION;
03382 
03383 typedef struct _FILE_PIPE_INFORMATION {
03384   ULONG ReadMode;
03385   ULONG CompletionMode;
03386 } FILE_PIPE_INFORMATION, *PFILE_PIPE_INFORMATION;
03387 
03388 typedef struct _FILE_PIPE_LOCAL_INFORMATION {
03389   ULONG NamedPipeType;
03390   ULONG NamedPipeConfiguration;
03391   ULONG MaximumInstances;
03392   ULONG CurrentInstances;
03393   ULONG InboundQuota;
03394   ULONG ReadDataAvailable;
03395   ULONG OutboundQuota;
03396   ULONG WriteQuotaAvailable;
03397   ULONG NamedPipeState;
03398   ULONG NamedPipeEnd;
03399 } FILE_PIPE_LOCAL_INFORMATION, *PFILE_PIPE_LOCAL_INFORMATION;
03400 
03401 typedef struct _FILE_PIPE_REMOTE_INFORMATION {
03402   LARGE_INTEGER CollectDataTime;
03403   ULONG MaximumCollectionCount;
03404 } FILE_PIPE_REMOTE_INFORMATION, *PFILE_PIPE_REMOTE_INFORMATION;
03405 
03406 typedef struct _FILE_MAILSLOT_QUERY_INFORMATION {
03407   ULONG MaximumMessageSize;
03408   ULONG MailslotQuota;
03409   ULONG NextMessageSize;
03410   ULONG MessagesAvailable;
03411   LARGE_INTEGER ReadTimeout;
03412 } FILE_MAILSLOT_QUERY_INFORMATION, *PFILE_MAILSLOT_QUERY_INFORMATION;
03413 
03414 typedef struct _FILE_MAILSLOT_SET_INFORMATION {
03415   PLARGE_INTEGER ReadTimeout;
03416 } FILE_MAILSLOT_SET_INFORMATION, *PFILE_MAILSLOT_SET_INFORMATION;
03417 
03418 typedef struct _FILE_REPARSE_POINT_INFORMATION {
03419   LONGLONG FileReference;
03420   ULONG Tag;
03421 } FILE_REPARSE_POINT_INFORMATION, *PFILE_REPARSE_POINT_INFORMATION;
03422 
03423 typedef struct _FILE_LINK_ENTRY_INFORMATION {
03424   ULONG NextEntryOffset;
03425   LONGLONG ParentFileId;
03426   ULONG FileNameLength;
03427   WCHAR FileName[1];
03428 } FILE_LINK_ENTRY_INFORMATION, *PFILE_LINK_ENTRY_INFORMATION;
03429 
03430 typedef struct _FILE_LINKS_INFORMATION {
03431   ULONG BytesNeeded;
03432   ULONG EntriesReturned;
03433   FILE_LINK_ENTRY_INFORMATION Entry;
03434 } FILE_LINKS_INFORMATION, *PFILE_LINKS_INFORMATION;
03435 
03436 typedef struct _FILE_NETWORK_PHYSICAL_NAME_INFORMATION {
03437   ULONG FileNameLength;
03438   WCHAR FileName[1];
03439 } FILE_NETWORK_PHYSICAL_NAME_INFORMATION, *PFILE_NETWORK_PHYSICAL_NAME_INFORMATION;
03440 
03441 typedef struct _FILE_STANDARD_LINK_INFORMATION {
03442   ULONG NumberOfAccessibleLinks;
03443   ULONG TotalNumberOfLinks;
03444   BOOLEAN DeletePending;
03445   BOOLEAN Directory;
03446 } FILE_STANDARD_LINK_INFORMATION, *PFILE_STANDARD_LINK_INFORMATION;
03447 
03448 typedef struct _FILE_GET_EA_INFORMATION {
03449   ULONG NextEntryOffset;
03450   UCHAR EaNameLength;
03451   CHAR  EaName[1];
03452 } FILE_GET_EA_INFORMATION, *PFILE_GET_EA_INFORMATION;
03453 
03454 #define REMOTE_PROTOCOL_FLAG_LOOPBACK       0x00000001
03455 #define REMOTE_PROTOCOL_FLAG_OFFLINE        0x00000002
03456 
03457 typedef struct _FILE_REMOTE_PROTOCOL_INFORMATION {
03458   USHORT StructureVersion;
03459   USHORT StructureSize;
03460   ULONG  Protocol;
03461   USHORT ProtocolMajorVersion;
03462   USHORT ProtocolMinorVersion;
03463   USHORT ProtocolRevision;
03464   USHORT Reserved;
03465   ULONG  Flags;
03466   struct {
03467     ULONG Reserved[8];
03468   } GenericReserved;
03469   struct {
03470     ULONG Reserved[16];
03471   } ProtocolSpecificReserved;
03472 } FILE_REMOTE_PROTOCOL_INFORMATION, *PFILE_REMOTE_PROTOCOL_INFORMATION;
03473 
03474 typedef struct _FILE_GET_QUOTA_INFORMATION {
03475   ULONG NextEntryOffset;
03476   ULONG SidLength;
03477   SID Sid;
03478 } FILE_GET_QUOTA_INFORMATION, *PFILE_GET_QUOTA_INFORMATION;
03479 
03480 typedef struct _FILE_QUOTA_INFORMATION {
03481   ULONG NextEntryOffset;
03482   ULONG SidLength;
03483   LARGE_INTEGER ChangeTime;
03484   LARGE_INTEGER QuotaUsed;
03485   LARGE_INTEGER QuotaThreshold;
03486   LARGE_INTEGER QuotaLimit;
03487   SID Sid;
03488 } FILE_QUOTA_INFORMATION, *PFILE_QUOTA_INFORMATION;
03489 
03490 typedef struct _FILE_FS_ATTRIBUTE_INFORMATION {
03491   ULONG FileSystemAttributes;
03492   ULONG MaximumComponentNameLength;
03493   ULONG FileSystemNameLength;
03494   WCHAR FileSystemName[1];
03495 } FILE_FS_ATTRIBUTE_INFORMATION, *PFILE_FS_ATTRIBUTE_INFORMATION;
03496 
03497 typedef struct _FILE_FS_DRIVER_PATH_INFORMATION {
03498   BOOLEAN DriverInPath;
03499   ULONG DriverNameLength;
03500   WCHAR DriverName[1];
03501 } FILE_FS_DRIVER_PATH_INFORMATION, *PFILE_FS_DRIVER_PATH_INFORMATION;
03502 
03503 typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION {
03504   ULONG Flags;
03505 } FILE_FS_VOLUME_FLAGS_INFORMATION, *PFILE_FS_VOLUME_FLAGS_INFORMATION;
03506 
03507 #define FILE_VC_QUOTA_NONE              0x00000000
03508 #define FILE_VC_QUOTA_TRACK             0x00000001
03509 #define FILE_VC_QUOTA_ENFORCE           0x00000002
03510 #define FILE_VC_QUOTA_MASK              0x00000003
03511 #define FILE_VC_CONTENT_INDEX_DISABLED  0x00000008
03512 #define FILE_VC_LOG_QUOTA_THRESHOLD     0x00000010
03513 #define FILE_VC_LOG_QUOTA_LIMIT         0x00000020
03514 #define FILE_VC_LOG_VOLUME_THRESHOLD    0x00000040
03515 #define FILE_VC_LOG_VOLUME_LIMIT        0x00000080
03516 #define FILE_VC_QUOTAS_INCOMPLETE       0x00000100
03517 #define FILE_VC_QUOTAS_REBUILDING       0x00000200
03518 #define FILE_VC_VALID_MASK              0x000003ff
03519 
03520 typedef struct _FILE_FS_CONTROL_INFORMATION {
03521   LARGE_INTEGER FreeSpaceStartFiltering;
03522   LARGE_INTEGER FreeSpaceThreshold;
03523   LARGE_INTEGER FreeSpaceStopFiltering;
03524   LARGE_INTEGER DefaultQuotaThreshold;
03525   LARGE_INTEGER DefaultQuotaLimit;
03526   ULONG FileSystemControlFlags;
03527 } FILE_FS_CONTROL_INFORMATION, *PFILE_FS_CONTROL_INFORMATION;
03528 
03529 #ifndef _FILESYSTEMFSCTL_
03530 #define _FILESYSTEMFSCTL_
03531 
03532 #define FSCTL_REQUEST_OPLOCK_LEVEL_1    CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  0, METHOD_BUFFERED, FILE_ANY_ACCESS)
03533 #define FSCTL_REQUEST_OPLOCK_LEVEL_2    CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  1, METHOD_BUFFERED, FILE_ANY_ACCESS)
03534 #define FSCTL_REQUEST_BATCH_OPLOCK      CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  2, METHOD_BUFFERED, FILE_ANY_ACCESS)
03535 #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE  CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  3, METHOD_BUFFERED, FILE_ANY_ACCESS)
03536 #define FSCTL_OPBATCH_ACK_CLOSE_PENDING CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  4, METHOD_BUFFERED, FILE_ANY_ACCESS)
03537 #define FSCTL_OPLOCK_BREAK_NOTIFY       CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  5, METHOD_BUFFERED, FILE_ANY_ACCESS)
03538 #define FSCTL_LOCK_VOLUME               CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  6, METHOD_BUFFERED, FILE_ANY_ACCESS)
03539 #define FSCTL_UNLOCK_VOLUME             CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  7, METHOD_BUFFERED, FILE_ANY_ACCESS)
03540 #define FSCTL_DISMOUNT_VOLUME           CTL_CODE(FILE_DEVICE_FILE_SYSTEM,  8, METHOD_BUFFERED, FILE_ANY_ACCESS)
03541 #define FSCTL_IS_VOLUME_MOUNTED         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, FILE_ANY_ACCESS)
03542 #define FSCTL_IS_PATHNAME_VALID         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, FILE_ANY_ACCESS)
03543 #define FSCTL_MARK_VOLUME_DIRTY         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHOD_BUFFERED, FILE_ANY_ACCESS)
03544 #define FSCTL_QUERY_RETRIEVAL_POINTERS  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD_NEITHER,  FILE_ANY_ACCESS)
03545 #define FSCTL_GET_COMPRESSION           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, FILE_ANY_ACCESS)
03546 #define FSCTL_SET_COMPRESSION           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03547 #define FSCTL_SET_BOOTLOADER_ACCESSED   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD_NEITHER,  FILE_ANY_ACCESS)
03548 
03549 #define FSCTL_OPLOCK_BREAK_ACK_NO_2     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, FILE_ANY_ACCESS)
03550 #define FSCTL_INVALIDATE_VOLUMES        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, FILE_ANY_ACCESS)
03551 #define FSCTL_QUERY_FAT_BPB             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, FILE_ANY_ACCESS)
03552 #define FSCTL_REQUEST_FILTER_OPLOCK     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, FILE_ANY_ACCESS)
03553 #define FSCTL_FILESYSTEM_GET_STATISTICS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD_BUFFERED, FILE_ANY_ACCESS)
03554 
03555 #if (_WIN32_WINNT >= 0x0400)
03556 
03557 #define FSCTL_GET_NTFS_VOLUME_DATA      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, FILE_ANY_ACCESS)
03558 #define FSCTL_GET_NTFS_FILE_RECORD      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, FILE_ANY_ACCESS)
03559 #define FSCTL_GET_VOLUME_BITMAP         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_NEITHER,  FILE_ANY_ACCESS)
03560 #define FSCTL_GET_RETRIEVAL_POINTERS    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_NEITHER,  FILE_ANY_ACCESS)
03561 #define FSCTL_MOVE_FILE                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03562 #define FSCTL_IS_VOLUME_DIRTY           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, FILE_ANY_ACCESS)
03563 #define FSCTL_ALLOW_EXTENDED_DASD_IO    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_NEITHER,  FILE_ANY_ACCESS)
03564 
03565 #endif
03566 
03567 #if (_WIN32_WINNT >= 0x0500)
03568 
03569 #define FSCTL_FIND_FILES_BY_SID         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD_NEITHER,  FILE_ANY_ACCESS)
03570 #define FSCTL_SET_OBJECT_ID             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03571 #define FSCTL_GET_OBJECT_ID             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, FILE_ANY_ACCESS)
03572 #define FSCTL_DELETE_OBJECT_ID          CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03573 #define FSCTL_SET_REPARSE_POINT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03574 #define FSCTL_GET_REPARSE_POINT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD_BUFFERED, FILE_ANY_ACCESS)
03575 #define FSCTL_DELETE_REPARSE_POINT      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03576 #define FSCTL_ENUM_USN_DATA             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_NEITHER,  FILE_ANY_ACCESS)
03577 #define FSCTL_SECURITY_ID_CHECK         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHOD_NEITHER,  FILE_READ_DATA)
03578 #define FSCTL_READ_USN_JOURNAL          CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHOD_NEITHER,  FILE_ANY_ACCESS)
03579 #define FSCTL_SET_OBJECT_ID_EXTENDED    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03580 #define FSCTL_CREATE_OR_GET_OBJECT_ID   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, FILE_ANY_ACCESS)
03581 #define FSCTL_SET_SPARSE                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03582 #define FSCTL_SET_ZERO_DATA             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, FILE_WRITE_DATA)
03583 #define FSCTL_QUERY_ALLOCATED_RANGES    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD_NEITHER,  FILE_READ_DATA)
03584 #define FSCTL_ENABLE_UPGRADE            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, FILE_WRITE_DATA)
03585 #define FSCTL_SET_ENCRYPTION            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_NEITHER,  FILE_ANY_ACCESS)
03586 #define FSCTL_ENCRYPTION_FSCTL_IO       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_NEITHER,  FILE_ANY_ACCESS)
03587 #define FSCTL_WRITE_RAW_ENCRYPTED       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER,  FILE_SPECIAL_ACCESS)
03588 #define FSCTL_READ_RAW_ENCRYPTED        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_NEITHER,  FILE_SPECIAL_ACCESS)
03589 #define FSCTL_CREATE_USN_JOURNAL        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD_NEITHER,  FILE_ANY_ACCESS)
03590 #define FSCTL_READ_FILE_USN_DATA        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_NEITHER,  FILE_ANY_ACCESS)
03591 #define FSCTL_WRITE_USN_CLOSE_RECORD    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_NEITHER,  FILE_ANY_ACCESS)
03592 #define FSCTL_EXTEND_VOLUME             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHOD_BUFFERED, FILE_ANY_ACCESS)
03593 #define FSCTL_QUERY_USN_JOURNAL         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, FILE_ANY_ACCESS)
03594 #define FSCTL_DELETE_USN_JOURNAL        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, FILE_ANY_ACCESS)
03595 #define FSCTL_MARK_HANDLE               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, FILE_ANY_ACCESS)
03596 #define FSCTL_SIS_COPYFILE              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, FILE_ANY_ACCESS)
03597 #define FSCTL_SIS_LINK_FILES            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03598 #define FSCTL_RECALL_FILE               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHOD_NEITHER, FILE_ANY_ACCESS)
03599 #define FSCTL_READ_FROM_PLEX            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 71, METHOD_OUT_DIRECT, FILE_READ_DATA)
03600 #define FSCTL_FILE_PREFETCH             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 72, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03601 
03602 #endif
03603 
03604 #if (_WIN32_WINNT >= 0x0600)
03605 
03606 #define FSCTL_MAKE_MEDIA_COMPATIBLE         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 76, METHOD_BUFFERED, FILE_WRITE_DATA)
03607 #define FSCTL_SET_DEFECT_MANAGEMENT         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 77, METHOD_BUFFERED, FILE_WRITE_DATA)
03608 #define FSCTL_QUERY_SPARING_INFO            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 78, METHOD_BUFFERED, FILE_ANY_ACCESS)
03609 #define FSCTL_QUERY_ON_DISK_VOLUME_INFO     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 79, METHOD_BUFFERED, FILE_ANY_ACCESS)
03610 #define FSCTL_SET_VOLUME_COMPRESSION_STATE  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 80, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03611 #define FSCTL_TXFS_MODIFY_RM                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 81, METHOD_BUFFERED, FILE_WRITE_DATA)
03612 #define FSCTL_TXFS_QUERY_RM_INFORMATION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 82, METHOD_BUFFERED, FILE_READ_DATA)
03613 #define FSCTL_TXFS_ROLLFORWARD_REDO         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 84, METHOD_BUFFERED, FILE_WRITE_DATA)
03614 #define FSCTL_TXFS_ROLLFORWARD_UNDO         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 85, METHOD_BUFFERED, FILE_WRITE_DATA)
03615 #define FSCTL_TXFS_START_RM                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 86, METHOD_BUFFERED, FILE_WRITE_DATA)
03616 #define FSCTL_TXFS_SHUTDOWN_RM              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 87, METHOD_BUFFERED, FILE_WRITE_DATA)
03617 #define FSCTL_TXFS_READ_BACKUP_INFORMATION  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 88, METHOD_BUFFERED, FILE_READ_DATA)
03618 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 89, METHOD_BUFFERED, FILE_WRITE_DATA)
03619 #define FSCTL_TXFS_CREATE_SECONDARY_RM      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 90, METHOD_BUFFERED, FILE_WRITE_DATA)
03620 #define FSCTL_TXFS_GET_METADATA_INFO        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 91, METHOD_BUFFERED, FILE_READ_DATA)
03621 #define FSCTL_TXFS_GET_TRANSACTED_VERSION   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 92, METHOD_BUFFERED, FILE_READ_DATA)
03622 #define FSCTL_TXFS_SAVEPOINT_INFORMATION    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 94, METHOD_BUFFERED, FILE_WRITE_DATA)
03623 #define FSCTL_TXFS_CREATE_MINIVERSION       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 95, METHOD_BUFFERED, FILE_WRITE_DATA)
03624 #define FSCTL_TXFS_TRANSACTION_ACTIVE       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 99, METHOD_BUFFERED, FILE_READ_DATA)
03625 #define FSCTL_SET_ZERO_ON_DEALLOCATION      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 101, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03626 #define FSCTL_SET_REPAIR                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 102, METHOD_BUFFERED, FILE_ANY_ACCESS)
03627 #define FSCTL_GET_REPAIR                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 103, METHOD_BUFFERED, FILE_ANY_ACCESS)
03628 #define FSCTL_WAIT_FOR_REPAIR               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 104, METHOD_BUFFERED, FILE_ANY_ACCESS)
03629 #define FSCTL_INITIATE_REPAIR               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 106, METHOD_BUFFERED, FILE_ANY_ACCESS)
03630 #define FSCTL_CSC_INTERNAL                  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 107, METHOD_NEITHER,  FILE_ANY_ACCESS)
03631 #define FSCTL_SHRINK_VOLUME                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 108, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)
03632 #define FSCTL_SET_SHORT_NAME_BEHAVIOR       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 109, METHOD_BUFFERED, FILE_ANY_ACCESS)
03633 #define FSCTL_DFSR_SET_GHOST_HANDLE_STATE   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 110, METHOD_BUFFERED, FILE_ANY_ACCESS)
03634 #define FSCTL_TXFS_LIST_TRANSACTION_LOCKED_FILES \
03635                                             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_READ_DATA)
03636 #define FSCTL_TXFS_LIST_TRANSACTIONS        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 121, METHOD_BUFFERED, FILE_READ_DATA)
03637 #define FSCTL_QUERY_PAGEFILE_ENCRYPTION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 122, METHOD_BUFFERED, FILE_ANY_ACCESS)
03638 #define FSCTL_RESET_VOLUME_ALLOCATION_HINTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 123, METHOD_BUFFERED, FILE_ANY_ACCESS)
03639 #define FSCTL_TXFS_READ_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 126, METHOD_BUFFERED, FILE_ANY_ACCESS)
03640 
03641 #endif
03642 
03643 #if (_WIN32_WINNT >= 0x0601)
03644 
03645 #define FSCTL_QUERY_DEPENDENT_VOLUME        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 124, METHOD_BUFFERED, FILE_ANY_ACCESS)
03646 #define FSCTL_SD_GLOBAL_CHANGE              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 125, METHOD_BUFFERED, FILE_ANY_ACCESS)
03647 #define FSCTL_LOOKUP_STREAM_FROM_CLUSTER    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 127, METHOD_BUFFERED, FILE_ANY_ACCESS)
03648 #define FSCTL_TXFS_WRITE_BACKUP_INFORMATION2 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 128, METHOD_BUFFERED, FILE_ANY_ACCESS)
03649 #define FSCTL_FILE_TYPE_NOTIFICATION        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 129, METHOD_BUFFERED, FILE_ANY_ACCESS)
03650 #define FSCTL_GET_BOOT_AREA_INFO            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 140, METHOD_BUFFERED, FILE_ANY_ACCESS)
03651 #define FSCTL_GET_RETRIEVAL_POINTER_BASE    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 141, METHOD_BUFFERED, FILE_ANY_ACCESS)
03652 #define FSCTL_SET_PERSISTENT_VOLUME_STATE   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 142, METHOD_BUFFERED, FILE_ANY_ACCESS)
03653 #define FSCTL_QUERY_PERSISTENT_VOLUME_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 143, METHOD_BUFFERED, FILE_ANY_ACCESS)
03654 #define FSCTL_REQUEST_OPLOCK                CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
03655 #define FSCTL_CSV_TUNNEL_REQUEST            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 145, METHOD_BUFFERED, FILE_ANY_ACCESS)
03656 #define FSCTL_IS_CSV_FILE                   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 146, METHOD_BUFFERED, FILE_ANY_ACCESS)
03657 #define FSCTL_QUERY_FILE_SYSTEM_RECOGNITION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 147, METHOD_BUFFERED, FILE_ANY_ACCESS)
03658 #define FSCTL_CSV_GET_VOLUME_PATH_NAME      CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 148, METHOD_BUFFERED, FILE_ANY_ACCESS)
03659 #define FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 149, METHOD_BUFFERED, FILE_ANY_ACCESS)
03660 #define FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 150,  METHOD_BUFFERED, FILE_ANY_ACCESS)
03661 #define FSCTL_IS_FILE_ON_CSV_VOLUME         CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 151,  METHOD_BUFFERED, FILE_ANY_ACCESS)
03662 #define FSCTL_CSV_INTERNAL                  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 155,  METHOD_BUFFERED, FILE_ANY_ACCESS)
03663 
03664 typedef struct _CSV_NAMESPACE_INFO {
03665   ULONG Version;
03666   ULONG DeviceNumber;
03667   LARGE_INTEGER StartingOffset;
03668   ULONG SectorSize;
03669 } CSV_NAMESPACE_INFO, *PCSV_NAMESPACE_INFO;
03670 
03671 #define CSV_NAMESPACE_INFO_V1 (sizeof(CSV_NAMESPACE_INFO))
03672 #define CSV_INVALID_DEVICE_NUMBER 0xFFFFFFFF
03673 
03674 #endif
03675 
03676 #if (_WIN32_WINNT >= 0x0602)
03677 
03678 #define FSCTL_FILE_LEVEL_TRIM               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 130, METHOD_BUFFERED, FILE_WRITE_DATA)
03679 #define FSCTL_CORRUPTION_HANDLING           CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 152, METHOD_BUFFERED, FILE_ANY_ACCESS)
03680 #define FSCTL_OFFLOAD_READ                  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 153, METHOD_BUFFERED, FILE_READ_ACCESS)
03681 #define FSCTL_OFFLOAD_WRITE                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 154, METHOD_BUFFERED, FILE_WRITE_ACCESS)
03682 #define FSCTL_SET_PURGE_FAILURE_MODE        CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 156, METHOD_BUFFERED, FILE_ANY_ACCESS)
03683 #define FSCTL_QUERY_FILE_LAYOUT             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 157, METHOD_NEITHER,  FILE_ANY_ACCESS)
03684 #define FSCTL_IS_VOLUME_OWNED_BYCSVFS       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 158, METHOD_BUFFERED, FILE_ANY_ACCESS)
03685 #define FSCTL_GET_INTEGRITY_INFORMATION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 159, METHOD_BUFFERED, FILE_ANY_ACCESS)
03686 #define FSCTL_SET_INTEGRITY_INFORMATION     CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 160, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03687 #define FSCTL_QUERY_FILE_REGIONS            CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 161, METHOD_BUFFERED, FILE_ANY_ACCESS)
03688 #define FSCTL_DEDUP_FILE                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 165, METHOD_BUFFERED, FILE_ANY_ACCESS)
03689 #define FSCTL_DEDUP_QUERY_FILE_HASHES       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 166, METHOD_NEITHER,  FILE_READ_DATA)
03690 #define FSCTL_RKF_INTERNAL                  CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 171, METHOD_NEITHER,  FILE_ANY_ACCESS)
03691 #define FSCTL_SCRUB_DATA                    CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 172, METHOD_BUFFERED, FILE_ANY_ACCESS)
03692 #define FSCTL_REPAIR_COPIES                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 173, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
03693 #define FSCTL_DISABLE_LOCAL_BUFFERING       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 174, METHOD_BUFFERED, FILE_ANY_ACCESS)
03694 #define FSCTL_CSV_MGMT_LOCK                 CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 175, METHOD_BUFFERED, FILE_ANY_ACCESS)
03695 #define FSCTL_CSV_QUERY_DOWN_LEVEL_FILE_SYSTEM_CHARACTERISTICS \
03696                                             CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 176, METHOD_BUFFERED, FILE_ANY_ACCESS)
03697 #define FSCTL_ADVANCE_FILE_ID               CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 177, METHOD_BUFFERED, FILE_ANY_ACCESS)
03698 #define FSCTL_CSV_SYNC_TUNNEL_REQUEST       CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 178, METHOD_BUFFERED, FILE_ANY_ACCESS)
03699 #define FSCTL_CSV_QUERY_VETO_FILE_DIRECT_IO CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 179, METHOD_BUFFERED, FILE_ANY_ACCESS)
03700 #define FSCTL_WRITE_USN_REASON              CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 180, METHOD_BUFFERED, FILE_ANY_ACCESS)
03701 #define FSCTL_CSV_CONTROL                   CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 181, METHOD_BUFFERED, FILE_ANY_ACCESS)
03702 #define FSCTL_GET_REFS_VOLUME_DATA          CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 182, METHOD_BUFFERED, FILE_ANY_ACCESS)
03703 
03704 #endif
03705 
03706 #define FSCTL_MARK_AS_SYSTEM_HIVE           FSCTL_SET_BOOTLOADER_ACCESSED
03707 
03708 typedef struct _PATHNAME_BUFFER {
03709   ULONG PathNameLength;
03710   WCHAR Name[1];
03711 } PATHNAME_BUFFER, *PPATHNAME_BUFFER;
03712 
03713 typedef struct _FSCTL_QUERY_FAT_BPB_BUFFER {
03714   UCHAR First0x24BytesOfBootSector[0x24];
03715 } FSCTL_QUERY_FAT_BPB_BUFFER, *PFSCTL_QUERY_FAT_BPB_BUFFER;
03716 
03717 #if (_WIN32_WINNT >= 0x0400)
03718 
03719 typedef struct _NTFS_VOLUME_DATA_BUFFER {
03720   LARGE_INTEGER VolumeSerialNumber;
03721   LARGE_INTEGER NumberSectors;
03722   LARGE_INTEGER TotalClusters;
03723   LARGE_INTEGER FreeClusters;
03724   LARGE_INTEGER TotalReserved;
03725   ULONG BytesPerSector;
03726   ULONG BytesPerCluster;
03727   ULONG BytesPerFileRecordSegment;
03728   ULONG ClustersPerFileRecordSegment;
03729   LARGE_INTEGER MftValidDataLength;
03730   LARGE_INTEGER MftStartLcn;
03731   LARGE_INTEGER Mft2StartLcn;
03732   LARGE_INTEGER MftZoneStart;
03733   LARGE_INTEGER MftZoneEnd;
03734 } NTFS_VOLUME_DATA_BUFFER, *PNTFS_VOLUME_DATA_BUFFER;
03735 
03736 typedef struct _NTFS_EXTENDED_VOLUME_DATA {
03737   ULONG ByteCount;
03738   USHORT MajorVersion;
03739   USHORT MinorVersion;
03740 } NTFS_EXTENDED_VOLUME_DATA, *PNTFS_EXTENDED_VOLUME_DATA;
03741 
03742 typedef struct _STARTING_LCN_INPUT_BUFFER {
03743   LARGE_INTEGER StartingLcn;
03744 } STARTING_LCN_INPUT_BUFFER, *PSTARTING_LCN_INPUT_BUFFER;
03745 
03746 typedef struct _VOLUME_BITMAP_BUFFER {
03747   LARGE_INTEGER StartingLcn;
03748   LARGE_INTEGER BitmapSize;
03749   UCHAR Buffer[1];
03750 } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER;
03751 
03752 typedef struct _STARTING_VCN_INPUT_BUFFER {
03753   LARGE_INTEGER StartingVcn;
03754 } STARTING_VCN_INPUT_BUFFER, *PSTARTING_VCN_INPUT_BUFFER;
03755 
03756 typedef struct _RETRIEVAL_POINTERS_BUFFER {
03757   ULONG ExtentCount;
03758   LARGE_INTEGER StartingVcn;
03759   struct {
03760     LARGE_INTEGER NextVcn;
03761     LARGE_INTEGER Lcn;
03762   } Extents[1];
03763 } RETRIEVAL_POINTERS_BUFFER, *PRETRIEVAL_POINTERS_BUFFER;
03764 
03765 typedef struct _NTFS_FILE_RECORD_INPUT_BUFFER {
03766   LARGE_INTEGER FileReferenceNumber;
03767 } NTFS_FILE_RECORD_INPUT_BUFFER, *PNTFS_FILE_RECORD_INPUT_BUFFER;
03768 
03769 typedef struct _NTFS_FILE_RECORD_OUTPUT_BUFFER {
03770   LARGE_INTEGER FileReferenceNumber;
03771   ULONG FileRecordLength;
03772   UCHAR FileRecordBuffer[1];
03773 } NTFS_FILE_RECORD_OUTPUT_BUFFER, *PNTFS_FILE_RECORD_OUTPUT_BUFFER;
03774 
03775 typedef struct _MOVE_FILE_DATA {
03776   HANDLE FileHandle;
03777   LARGE_INTEGER StartingVcn;
03778   LARGE_INTEGER StartingLcn;
03779   ULONG ClusterCount;
03780 } MOVE_FILE_DATA, *PMOVE_FILE_DATA;
03781 
03782 typedef struct _MOVE_FILE_RECORD_DATA {
03783   HANDLE FileHandle;
03784   LARGE_INTEGER SourceFileRecord;
03785   LARGE_INTEGER TargetFileRecord;
03786 } MOVE_FILE_RECORD_DATA, *PMOVE_FILE_RECORD_DATA;
03787 
03788 #if defined(_WIN64)
03789 typedef struct _MOVE_FILE_DATA32 {
03790   UINT32 FileHandle;
03791   LARGE_INTEGER StartingVcn;
03792   LARGE_INTEGER StartingLcn;
03793   ULONG ClusterCount;
03794 } MOVE_FILE_DATA32, *PMOVE_FILE_DATA32;
03795 #endif
03796 
03797 #endif /* (_WIN32_WINNT >= 0x0400) */
03798 
03799 #if (_WIN32_WINNT >= 0x0500)
03800 
03801 typedef struct _FIND_BY_SID_DATA {
03802   ULONG Restart;
03803   SID Sid;
03804 } FIND_BY_SID_DATA, *PFIND_BY_SID_DATA;
03805 
03806 typedef struct _FIND_BY_SID_OUTPUT {
03807   ULONG NextEntryOffset;
03808   ULONG FileIndex;
03809   ULONG FileNameLength;
03810   WCHAR FileName[1];
03811 } FIND_BY_SID_OUTPUT, *PFIND_BY_SID_OUTPUT;
03812 
03813 typedef struct _MFT_ENUM_DATA {
03814   ULONGLONG StartFileReferenceNumber;
03815   USN LowUsn;
03816   USN HighUsn;
03817 } MFT_ENUM_DATA, *PMFT_ENUM_DATA;
03818 
03819 typedef struct _CREATE_USN_JOURNAL_DATA {
03820   ULONGLONG MaximumSize;
03821   ULONGLONG AllocationDelta;
03822 } CREATE_USN_JOURNAL_DATA, *PCREATE_USN_JOURNAL_DATA;
03823 
03824 typedef struct _READ_USN_JOURNAL_DATA {
03825   USN StartUsn;
03826   ULONG ReasonMask;
03827   ULONG ReturnOnlyOnClose;
03828   ULONGLONG Timeout;
03829   ULONGLONG BytesToWaitFor;
03830   ULONGLONG UsnJournalID;
03831 } READ_USN_JOURNAL_DATA, *PREAD_USN_JOURNAL_DATA;
03832 
03833 typedef struct _USN_RECORD {
03834   ULONG RecordLength;
03835   USHORT MajorVersion;
03836   USHORT MinorVersion;
03837   ULONGLONG FileReferenceNumber;
03838   ULONGLONG ParentFileReferenceNumber;
03839   USN Usn;
03840   LARGE_INTEGER TimeStamp;
03841   ULONG Reason;
03842   ULONG SourceInfo;
03843   ULONG SecurityId;
03844   ULONG FileAttributes;
03845   USHORT FileNameLength;
03846   USHORT FileNameOffset;
03847   WCHAR FileName[1];
03848 } USN_RECORD, *PUSN_RECORD;
03849 
03850 #define USN_PAGE_SIZE                    (0x1000)
03851 
03852 #define USN_REASON_DATA_OVERWRITE        (0x00000001)
03853 #define USN_REASON_DATA_EXTEND           (0x00000002)
03854 #define USN_REASON_DATA_TRUNCATION       (0x00000004)
03855 #define USN_REASON_NAMED_DATA_OVERWRITE  (0x00000010)
03856 #define USN_REASON_NAMED_DATA_EXTEND     (0x00000020)
03857 #define USN_REASON_NAMED_DATA_TRUNCATION (0x00000040)
03858 #define USN_REASON_FILE_CREATE           (0x00000100)
03859 #define USN_REASON_FILE_DELETE           (0x00000200)
03860 #define USN_REASON_EA_CHANGE             (0x00000400)
03861 #define USN_REASON_SECURITY_CHANGE       (0x00000800)
03862 #define USN_REASON_RENAME_OLD_NAME       (0x00001000)
03863 #define USN_REASON_RENAME_NEW_NAME       (0x00002000)
03864 #define USN_REASON_INDEXABLE_CHANGE      (0x00004000)
03865 #define USN_REASON_BASIC_INFO_CHANGE     (0x00008000)
03866 #define USN_REASON_HARD_LINK_CHANGE      (0x00010000)
03867 #define USN_REASON_COMPRESSION_CHANGE    (0x00020000)
03868 #define USN_REASON_ENCRYPTION_CHANGE     (0x00040000)
03869 #define USN_REASON_OBJECT_ID_CHANGE      (0x00080000)
03870 #define USN_REASON_REPARSE_POINT_CHANGE  (0x00100000)
03871 #define USN_REASON_STREAM_CHANGE         (0x00200000)
03872 #define USN_REASON_TRANSACTED_CHANGE     (0x00400000)
03873 #define USN_REASON_CLOSE                 (0x80000000)
03874 
03875 typedef struct _USN_JOURNAL_DATA {
03876   ULONGLONG UsnJournalID;
03877   USN FirstUsn;
03878   USN NextUsn;
03879   USN LowestValidUsn;
03880   USN MaxUsn;
03881   ULONGLONG MaximumSize;
03882   ULONGLONG AllocationDelta;
03883 } USN_JOURNAL_DATA, *PUSN_JOURNAL_DATA;
03884 
03885 typedef struct _DELETE_USN_JOURNAL_DATA {
03886   ULONGLONG UsnJournalID;
03887   ULONG DeleteFlags;
03888 } DELETE_USN_JOURNAL_DATA, *PDELETE_USN_JOURNAL_DATA;
03889 
03890 #define USN_DELETE_FLAG_DELETE              (0x00000001)
03891 #define USN_DELETE_FLAG_NOTIFY              (0x00000002)
03892 #define USN_DELETE_VALID_FLAGS              (0x00000003)
03893 
03894 typedef struct _MARK_HANDLE_INFO {
03895   ULONG UsnSourceInfo;
03896   HANDLE VolumeHandle;
03897   ULONG HandleInfo;
03898 } MARK_HANDLE_INFO, *PMARK_HANDLE_INFO;
03899 
03900 #if defined(_WIN64)
03901 typedef struct _MARK_HANDLE_INFO32 {
03902   ULONG UsnSourceInfo;
03903   UINT32 VolumeHandle;
03904   ULONG HandleInfo;
03905 } MARK_HANDLE_INFO32, *PMARK_HANDLE_INFO32;
03906 #endif
03907 
03908 #define USN_SOURCE_DATA_MANAGEMENT          (0x00000001)
03909 #define USN_SOURCE_AUXILIARY_DATA           (0x00000002)
03910 #define USN_SOURCE_REPLICATION_MANAGEMENT   (0x00000004)
03911 
03912 #define MARK_HANDLE_PROTECT_CLUSTERS        (0x00000001)
03913 #define MARK_HANDLE_TXF_SYSTEM_LOG          (0x00000004)
03914 #define MARK_HANDLE_NOT_TXF_SYSTEM_LOG      (0x00000008)
03915 
03916 typedef struct _BULK_SECURITY_TEST_DATA {
03917   ACCESS_MASK DesiredAccess;
03918   ULONG SecurityIds[1];
03919 } BULK_SECURITY_TEST_DATA, *PBULK_SECURITY_TEST_DATA;
03920 
03921 #define VOLUME_IS_DIRTY                  (0x00000001)
03922 #define VOLUME_UPGRADE_SCHEDULED         (0x00000002)
03923 #define VOLUME_SESSION_OPEN              (0x00000004)
03924 
03925 typedef struct _FILE_PREFETCH {
03926   ULONG Type;
03927   ULONG Count;
03928   ULONGLONG Prefetch[1];
03929 } FILE_PREFETCH, *PFILE_PREFETCH;
03930 
03931 typedef struct _FILE_PREFETCH_EX {
03932   ULONG Type;
03933   ULONG Count;
03934   PVOID Context;
03935   ULONGLONG Prefetch[1];
03936 } FILE_PREFETCH_EX, *PFILE_PREFETCH_EX;
03937 
03938 #define FILE_PREFETCH_TYPE_FOR_CREATE       0x1
03939 #define FILE_PREFETCH_TYPE_FOR_DIRENUM      0x2
03940 #define FILE_PREFETCH_TYPE_FOR_CREATE_EX    0x3
03941 #define FILE_PREFETCH_TYPE_FOR_DIRENUM_EX   0x4
03942 
03943 #define FILE_PREFETCH_TYPE_MAX              0x4
03944 
03945 typedef struct _FILE_OBJECTID_BUFFER {
03946   UCHAR ObjectId[16];
03947   _ANONYMOUS_UNION union {
03948     _ANONYMOUS_STRUCT struct {
03949       UCHAR BirthVolumeId[16];
03950       UCHAR BirthObjectId[16];
03951       UCHAR DomainId[16];
03952     } DUMMYSTRUCTNAME;
03953     UCHAR ExtendedInfo[48];
03954   } DUMMYUNIONNAME;
03955 } FILE_OBJECTID_BUFFER, *PFILE_OBJECTID_BUFFER;
03956 
03957 typedef struct _FILE_SET_SPARSE_BUFFER {
03958   BOOLEAN SetSparse;
03959 } FILE_SET_SPARSE_BUFFER, *PFILE_SET_SPARSE_BUFFER;
03960 
03961 typedef struct _FILE_ZERO_DATA_INFORMATION {
03962   LARGE_INTEGER FileOffset;
03963   LARGE_INTEGER BeyondFinalZero;
03964 } FILE_ZERO_DATA_INFORMATION, *PFILE_ZERO_DATA_INFORMATION;
03965 
03966 typedef struct _FILE_ALLOCATED_RANGE_BUFFER {
03967   LARGE_INTEGER FileOffset;
03968   LARGE_INTEGER Length;
03969 } FILE_ALLOCATED_RANGE_BUFFER, *PFILE_ALLOCATED_RANGE_BUFFER;
03970 
03971 typedef struct _ENCRYPTION_BUFFER {
03972   ULONG EncryptionOperation;
03973   UCHAR Private[1];
03974 } ENCRYPTION_BUFFER, *PENCRYPTION_BUFFER;
03975 
03976 #define FILE_SET_ENCRYPTION         0x00000001
03977 #define FILE_CLEAR_ENCRYPTION       0x00000002
03978 #define STREAM_SET_ENCRYPTION       0x00000003
03979 #define STREAM_CLEAR_ENCRYPTION     0x00000004
03980 
03981 #define MAXIMUM_ENCRYPTION_VALUE    0x00000004
03982 
03983 typedef struct _DECRYPTION_STATUS_BUFFER {
03984   BOOLEAN NoEncryptedStreams;
03985 } DECRYPTION_STATUS_BUFFER, *PDECRYPTION_STATUS_BUFFER;
03986 
03987 #define ENCRYPTION_FORMAT_DEFAULT        (0x01)
03988 
03989 #define COMPRESSION_FORMAT_SPARSE        (0x4000)
03990 
03991 typedef struct _REQUEST_RAW_ENCRYPTED_DATA {
03992   LONGLONG FileOffset;
03993   ULONG Length;
03994 } REQUEST_RAW_ENCRYPTED_DATA, *PREQUEST_RAW_ENCRYPTED_DATA;
03995 
03996 typedef struct _ENCRYPTED_DATA_INFO {
03997   ULONGLONG StartingFileOffset;
03998   ULONG OutputBufferOffset;
03999   ULONG BytesWithinFileSize;
04000   ULONG BytesWithinValidDataLength;
04001   USHORT CompressionFormat;
04002   UCHAR DataUnitShift;
04003   UCHAR ChunkShift;
04004   UCHAR ClusterShift;
04005   UCHAR EncryptionFormat;
04006   USHORT NumberOfDataBlocks;
04007   ULONG DataBlockSize[ANYSIZE_ARRAY];
04008 } ENCRYPTED_DATA_INFO, *PENCRYPTED_DATA_INFO;
04009 
04010 typedef struct _PLEX_READ_DATA_REQUEST {
04011   LARGE_INTEGER ByteOffset;
04012   ULONG ByteLength;
04013   ULONG PlexNumber;
04014 } PLEX_READ_DATA_REQUEST, *PPLEX_READ_DATA_REQUEST;
04015 
04016 typedef struct _SI_COPYFILE {
04017   ULONG SourceFileNameLength;
04018   ULONG DestinationFileNameLength;
04019   ULONG Flags;
04020   WCHAR FileNameBuffer[1];
04021 } SI_COPYFILE, *PSI_COPYFILE;
04022 
04023 #define COPYFILE_SIS_LINK       0x0001
04024 #define COPYFILE_SIS_REPLACE    0x0002
04025 #define COPYFILE_SIS_FLAGS      0x0003
04026 
04027 #endif /* (_WIN32_WINNT >= 0x0500) */
04028 
04029 #if (_WIN32_WINNT >= 0x0600)
04030 
04031 typedef struct _FILE_MAKE_COMPATIBLE_BUFFER {
04032   BOOLEAN CloseDisc;
04033 } FILE_MAKE_COMPATIBLE_BUFFER, *PFILE_MAKE_COMPATIBLE_BUFFER;
04034 
04035 typedef struct _FILE_SET_DEFECT_MGMT_BUFFER {
04036   BOOLEAN Disable;
04037 } FILE_SET_DEFECT_MGMT_BUFFER, *PFILE_SET_DEFECT_MGMT_BUFFER;
04038 
04039 typedef struct _FILE_QUERY_SPARING_BUFFER {
04040   ULONG SparingUnitBytes;
04041   BOOLEAN SoftwareSparing;
04042   ULONG TotalSpareBlocks;
04043   ULONG FreeSpareBlocks;
04044 } FILE_QUERY_SPARING_BUFFER, *PFILE_QUERY_SPARING_BUFFER;
04045 
04046 typedef struct _FILE_QUERY_ON_DISK_VOL_INFO_BUFFER {
04047   LARGE_INTEGER DirectoryCount;
04048   LARGE_INTEGER FileCount;
04049   USHORT FsFormatMajVersion;
04050   USHORT FsFormatMinVersion;
04051   WCHAR FsFormatName[12];
04052   LARGE_INTEGER FormatTime;
04053   LARGE_INTEGER LastUpdateTime;
04054   WCHAR CopyrightInfo[34];
04055   WCHAR AbstractInfo[34];
04056   WCHAR FormattingImplementationInfo[34];
04057   WCHAR LastModifyingImplementationInfo[34];
04058 } FILE_QUERY_ON_DISK_VOL_INFO_BUFFER, *PFILE_QUERY_ON_DISK_VOL_INFO_BUFFER;
04059 
04060 #define SET_REPAIR_ENABLED                                      (0x00000001)
04061 #define SET_REPAIR_VOLUME_BITMAP_SCAN                           (0x00000002)
04062 #define SET_REPAIR_DELETE_CROSSLINK                             (0x00000004)
04063 #define SET_REPAIR_WARN_ABOUT_DATA_LOSS                         (0x00000008)
04064 #define SET_REPAIR_DISABLED_AND_BUGCHECK_ON_CORRUPT             (0x00000010)
04065 #define SET_REPAIR_VALID_MASK                                   (0x0000001F)
04066 
04067 typedef enum _SHRINK_VOLUME_REQUEST_TYPES {
04068   ShrinkPrepare = 1,
04069   ShrinkCommit,
04070   ShrinkAbort
04071 } SHRINK_VOLUME_REQUEST_TYPES, *PSHRINK_VOLUME_REQUEST_TYPES;
04072 
04073 typedef struct _SHRINK_VOLUME_INFORMATION {
04074   SHRINK_VOLUME_REQUEST_TYPES ShrinkRequestType;
04075   ULONGLONG Flags;
04076   LONGLONG NewNumberOfSectors;
04077 } SHRINK_VOLUME_INFORMATION, *PSHRINK_VOLUME_INFORMATION;
04078 
04079 #define TXFS_RM_FLAG_LOGGING_MODE                           0x00000001
04080 #define TXFS_RM_FLAG_RENAME_RM                              0x00000002
04081 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX                0x00000004
04082 #define TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN                0x00000008
04083 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS    0x00000010
04084 #define TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT           0x00000020
04085 #define TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE             0x00000040
04086 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX             0x00000080
04087 #define TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN             0x00000100
04088 #define TXFS_RM_FLAG_GROW_LOG                               0x00000400
04089 #define TXFS_RM_FLAG_SHRINK_LOG                             0x00000800
04090 #define TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE                   0x00001000
04091 #define TXFS_RM_FLAG_PRESERVE_CHANGES                       0x00002000
04092 #define TXFS_RM_FLAG_RESET_RM_AT_NEXT_START                 0x00004000
04093 #define TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START          0x00008000
04094 #define TXFS_RM_FLAG_PREFER_CONSISTENCY                     0x00010000
04095 #define TXFS_RM_FLAG_PREFER_AVAILABILITY                    0x00020000
04096 
04097 #define TXFS_LOGGING_MODE_SIMPLE        (0x0001)
04098 #define TXFS_LOGGING_MODE_FULL          (0x0002)
04099 
04100 #define TXFS_TRANSACTION_STATE_NONE         0x00
04101 #define TXFS_TRANSACTION_STATE_ACTIVE       0x01
04102 #define TXFS_TRANSACTION_STATE_PREPARED     0x02
04103 #define TXFS_TRANSACTION_STATE_NOTACTIVE    0x03
04104 
04105 #define TXFS_MODIFY_RM_VALID_FLAGS (TXFS_RM_FLAG_LOGGING_MODE                        | \
04106                                     TXFS_RM_FLAG_RENAME_RM                           | \
04107                                     TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MAX             | \
04108                                     TXFS_RM_FLAG_LOG_CONTAINER_COUNT_MIN             | \
04109                                     TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS | \
04110                                     TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT        | \
04111                                     TXFS_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE          | \
04112                                     TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX          | \
04113                                     TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN          | \
04114                                     TXFS_RM_FLAG_SHRINK_LOG                          | \
04115                                     TXFS_RM_FLAG_GROW_LOG                            | \
04116                                     TXFS_RM_FLAG_ENFORCE_MINIMUM_SIZE                | \
04117                                     TXFS_RM_FLAG_PRESERVE_CHANGES                    | \
04118                                     TXFS_RM_FLAG_RESET_RM_AT_NEXT_START              | \
04119                                     TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START       | \
04120                                     TXFS_RM_FLAG_PREFER_CONSISTENCY                  | \
04121                                     TXFS_RM_FLAG_PREFER_AVAILABILITY)
04122 
04123 typedef struct _TXFS_MODIFY_RM {
04124   ULONG Flags;
04125   ULONG LogContainerCountMax;
04126   ULONG LogContainerCountMin;
04127   ULONG LogContainerCount;
04128   ULONG LogGrowthIncrement;
04129   ULONG LogAutoShrinkPercentage;
04130   ULONGLONG Reserved;
04131   USHORT LoggingMode;
04132 } TXFS_MODIFY_RM, *PTXFS_MODIFY_RM;
04133 
04134 #define TXFS_RM_STATE_NOT_STARTED       0
04135 #define TXFS_RM_STATE_STARTING          1
04136 #define TXFS_RM_STATE_ACTIVE            2
04137 #define TXFS_RM_STATE_SHUTTING_DOWN     3
04138 
04139 #define TXFS_QUERY_RM_INFORMATION_VALID_FLAGS                           \
04140                 (TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS   |   \
04141                  TXFS_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT          |   \
04142                  TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX            |   \
04143                  TXFS_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN            |   \
04144                  TXFS_RM_FLAG_RESET_RM_AT_NEXT_START                |   \
04145                  TXFS_RM_FLAG_DO_NOT_RESET_RM_AT_NEXT_START         |   \
04146                  TXFS_RM_FLAG_PREFER_CONSISTENCY                    |   \
04147                  TXFS_RM_FLAG_PREFER_AVAILABILITY)
04148 
04149 typedef struct _TXFS_QUERY_RM_INFORMATION {
04150   ULONG BytesRequired;
04151   ULONGLONG TailLsn;
04152   ULONGLONG CurrentLsn;
04153   ULONGLONG ArchiveTailLsn;
04154   ULONGLONG LogContainerSize;
04155   LARGE_INTEGER HighestVirtualClock;
04156   ULONG LogContainerCount;
04157   ULONG LogContainerCountMax;
04158   ULONG LogContainerCountMin;
04159   ULONG LogGrowthIncrement;
04160   ULONG LogAutoShrinkPercentage;
04161   ULONG Flags;
04162   USHORT LoggingMode;
04163   USHORT Reserved;
04164   ULONG RmState;
04165   ULONGLONG LogCapacity;
04166   ULONGLONG LogFree;
04167   ULONGLONG TopsSize;
04168   ULONGLONG TopsUsed;
04169   ULONGLONG TransactionCount;
04170   ULONGLONG OnePCCount;
04171   ULONGLONG TwoPCCount;
04172   ULONGLONG NumberLogFileFull;
04173   ULONGLONG OldestTransactionAge;
04174   GUID RMName;
04175   ULONG TmLogPathOffset;
04176 } TXFS_QUERY_RM_INFORMATION, *PTXFS_QUERY_RM_INFORMATION;
04177 
04178 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN        0x01
04179 #define TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK   0x02
04180 
04181 #define TXFS_ROLLFORWARD_REDO_VALID_FLAGS                               \
04182                 (TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_REDO_LSN |         \
04183                  TXFS_ROLLFORWARD_REDO_FLAG_USE_LAST_VIRTUAL_CLOCK)
04184 
04185 typedef struct _TXFS_ROLLFORWARD_REDO_INFORMATION {
04186   LARGE_INTEGER LastVirtualClock;
04187   ULONGLONG LastRedoLsn;
04188   ULONGLONG HighestRecoveryLsn;
04189   ULONG Flags;
04190 } TXFS_ROLLFORWARD_REDO_INFORMATION, *PTXFS_ROLLFORWARD_REDO_INFORMATION;
04191 
04192 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX              0x00000001
04193 #define TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN              0x00000002
04194 #define TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE                   0x00000004
04195 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS  0x00000008
04196 #define TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT         0x00000010
04197 #define TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE           0x00000020
04198 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX           0x00000040
04199 #define TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MIN           0x00000080
04200 
04201 #define TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT                  0x00000200
04202 #define TXFS_START_RM_FLAG_LOGGING_MODE                         0x00000400
04203 #define TXFS_START_RM_FLAG_PRESERVE_CHANGES                     0x00000800
04204 
04205 #define TXFS_START_RM_FLAG_PREFER_CONSISTENCY                   0x00001000
04206 #define TXFS_START_RM_FLAG_PREFER_AVAILABILITY                  0x00002000
04207 
04208 #define TXFS_START_RM_VALID_FLAGS                                           \
04209                 (TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MAX             |   \
04210                  TXFS_START_RM_FLAG_LOG_CONTAINER_COUNT_MIN             |   \
04211                  TXFS_START_RM_FLAG_LOG_CONTAINER_SIZE                  |   \
04212                  TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_NUM_CONTAINERS |   \
04213                  TXFS_START_RM_FLAG_LOG_GROWTH_INCREMENT_PERCENT        |   \
04214                  TXFS_START_RM_FLAG_LOG_AUTO_SHRINK_PERCENTAGE          |   \
04215                  TXFS_START_RM_FLAG_RECOVER_BEST_EFFORT                 |   \
04216                  TXFS_START_RM_FLAG_LOG_NO_CONTAINER_COUNT_MAX          |   \
04217                  TXFS_START_RM_FLAG_LOGGING_MODE                        |   \
04218                  TXFS_START_RM_FLAG_PRESERVE_CHANGES                    |   \
04219                  TXFS_START_RM_FLAG_PREFER_CONSISTENCY                  |   \
04220                  TXFS_START_RM_FLAG_PREFER_AVAILABILITY)
04221 
04222 typedef struct _TXFS_START_RM_INFORMATION {
04223   ULONG Flags;
04224   ULONGLONG LogContainerSize;
04225   ULONG LogContainerCountMin;
04226   ULONG LogContainerCountMax;
04227   ULONG LogGrowthIncrement;
04228   ULONG LogAutoShrinkPercentage;
04229   ULONG TmLogPathOffset;
04230   USHORT TmLogPathLength;
04231   USHORT LoggingMode;
04232   USHORT LogPathLength;
04233   USHORT Reserved;
04234   WCHAR LogPath[1];
04235 } TXFS_START_RM_INFORMATION, *PTXFS_START_RM_INFORMATION;
04236 
04237 typedef struct _TXFS_GET_METADATA_INFO_OUT {
04238   struct {
04239     LONGLONG LowPart;
04240     LONGLONG HighPart;
04241   } TxfFileId;
04242   GUID LockingTransaction;
04243   ULONGLONG LastLsn;
04244   ULONG TransactionState;
04245 } TXFS_GET_METADATA_INFO_OUT, *PTXFS_GET_METADATA_INFO_OUT;
04246 
04247 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_CREATED   0x00000001
04248 #define TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY_FLAG_DELETED   0x00000002
04249 
04250 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY {
04251   ULONGLONG Offset;
04252   ULONG NameFlags;
04253   LONGLONG FileId;
04254   ULONG Reserved1;
04255   ULONG Reserved2;
04256   LONGLONG Reserved3;
04257   WCHAR FileName[1];
04258 } TXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY, *PTXFS_LIST_TRANSACTION_LOCKED_FILES_ENTRY;
04259 
04260 typedef struct _TXFS_LIST_TRANSACTION_LOCKED_FILES {
04261   GUID KtmTransaction;
04262   ULONGLONG NumberOfFiles;
04263   ULONGLONG BufferSizeRequired;
04264   ULONGLONG Offset;
04265 } TXFS_LIST_TRANSACTION_LOCKED_FILES, *PTXFS_LIST_TRANSACTION_LOCKED_FILES;
04266 
04267 typedef struct _TXFS_LIST_TRANSACTIONS_ENTRY {
04268   GUID TransactionId;
04269   ULONG TransactionState;
04270   ULONG Reserved1;
04271   ULONG Reserved2;
04272   LONGLONG Reserved3;
04273 } TXFS_LIST_TRANSACTIONS_ENTRY, *PTXFS_LIST_TRANSACTIONS_ENTRY;
04274 
04275 typedef struct _TXFS_LIST_TRANSACTIONS {
04276   ULONGLONG NumberOfTransactions;
04277   ULONGLONG BufferSizeRequired;
04278 } TXFS_LIST_TRANSACTIONS, *PTXFS_LIST_TRANSACTIONS;
04279 
04280 typedef struct _TXFS_READ_BACKUP_INFORMATION_OUT {
04281   _ANONYMOUS_UNION union {
04282     ULONG BufferLength;
04283     UCHAR Buffer[1];
04284   } DUMMYUNIONNAME;
04285 } TXFS_READ_BACKUP_INFORMATION_OUT, *PTXFS_READ_BACKUP_INFORMATION_OUT;
04286 
04287 typedef struct _TXFS_WRITE_BACKUP_INFORMATION {
04288   UCHAR Buffer[1];
04289 } TXFS_WRITE_BACKUP_INFORMATION, *PTXFS_WRITE_BACKUP_INFORMATION;
04290 
04291 #define TXFS_TRANSACTED_VERSION_NONTRANSACTED   0xFFFFFFFE
04292 #define TXFS_TRANSACTED_VERSION_UNCOMMITTED     0xFFFFFFFF
04293 
04294 typedef struct _TXFS_GET_TRANSACTED_VERSION {
04295   ULONG ThisBaseVersion;
04296   ULONG LatestVersion;
04297   USHORT ThisMiniVersion;
04298   USHORT FirstMiniVersion;
04299   USHORT LatestMiniVersion;
04300 } TXFS_GET_TRANSACTED_VERSION, *PTXFS_GET_TRANSACTED_VERSION;
04301 
04302 #define TXFS_SAVEPOINT_SET                      0x00000001
04303 #define TXFS_SAVEPOINT_ROLLBACK                 0x00000002
04304 #define TXFS_SAVEPOINT_CLEAR                    0x00000004
04305 #define TXFS_SAVEPOINT_CLEAR_ALL                0x00000010
04306 
04307 typedef struct _TXFS_SAVEPOINT_INFORMATION {
04308   HANDLE KtmTransaction;
04309   ULONG ActionCode;
04310   ULONG SavepointId;
04311 } TXFS_SAVEPOINT_INFORMATION, *PTXFS_SAVEPOINT_INFORMATION;
04312 
04313 typedef struct _TXFS_CREATE_MINIVERSION_INFO {
04314   USHORT StructureVersion;
04315   USHORT StructureLength;
04316   ULONG BaseVersion;
04317   USHORT MiniVersion;
04318 } TXFS_CREATE_MINIVERSION_INFO, *PTXFS_CREATE_MINIVERSION_INFO;
04319 
04320 typedef struct _TXFS_TRANSACTION_ACTIVE_INFO {
04321   BOOLEAN TransactionsActiveAtSnapshot;
04322 } TXFS_TRANSACTION_ACTIVE_INFO, *PTXFS_TRANSACTION_ACTIVE_INFO;
04323 
04324 #endif /* (_WIN32_WINNT >= 0x0600) */
04325 
04326 #if (_WIN32_WINNT >= 0x0601)
04327 
04328 #define MARK_HANDLE_REALTIME                (0x00000020)
04329 #define MARK_HANDLE_NOT_REALTIME            (0x00000040)
04330 
04331 #define NO_8DOT3_NAME_PRESENT               (0x00000001)
04332 #define REMOVED_8DOT3_NAME                  (0x00000002)
04333 
04334 #define PERSISTENT_VOLUME_STATE_SHORT_NAME_CREATION_DISABLED        (0x00000001)
04335 
04336 typedef struct _BOOT_AREA_INFO {
04337   ULONG BootSectorCount;
04338   struct {
04339     LARGE_INTEGER Offset;
04340   } BootSectors[2];
04341 } BOOT_AREA_INFO, *PBOOT_AREA_INFO;
04342 
04343 typedef struct _RETRIEVAL_POINTER_BASE {
04344   LARGE_INTEGER FileAreaOffset;
04345 } RETRIEVAL_POINTER_BASE, *PRETRIEVAL_POINTER_BASE;
04346 
04347 typedef struct _FILE_FS_PERSISTENT_VOLUME_INFORMATION {
04348   ULONG VolumeFlags;
04349   ULONG FlagMask;
04350   ULONG Version;
04351   ULONG Reserved;
04352 } FILE_FS_PERSISTENT_VOLUME_INFORMATION, *PFILE_FS_PERSISTENT_VOLUME_INFORMATION;
04353 
04354 typedef struct _FILE_SYSTEM_RECOGNITION_INFORMATION {
04355   CHAR FileSystem[9];
04356 } FILE_SYSTEM_RECOGNITION_INFORMATION, *PFILE_SYSTEM_RECOGNITION_INFORMATION;
04357 
04358 #define OPLOCK_LEVEL_CACHE_READ         (0x00000001)
04359 #define OPLOCK_LEVEL_CACHE_HANDLE       (0x00000002)
04360 #define OPLOCK_LEVEL_CACHE_WRITE        (0x00000004)
04361 
04362 #define REQUEST_OPLOCK_INPUT_FLAG_REQUEST               (0x00000001)
04363 #define REQUEST_OPLOCK_INPUT_FLAG_ACK                   (0x00000002)
04364 #define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
04365 
04366 #define REQUEST_OPLOCK_CURRENT_VERSION          1
04367 
04368 typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
04369   USHORT StructureVersion;
04370   USHORT StructureLength;
04371   ULONG RequestedOplockLevel;
04372   ULONG Flags;
04373 } REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;
04374 
04375 #define REQUEST_OPLOCK_OUTPUT_FLAG_ACK_REQUIRED     (0x00000001)
04376 #define REQUEST_OPLOCK_OUTPUT_FLAG_MODES_PROVIDED   (0x00000002)
04377 
04378 typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
04379   USHORT StructureVersion;
04380   USHORT StructureLength;
04381   ULONG OriginalOplockLevel;
04382   ULONG NewOplockLevel;
04383   ULONG Flags;
04384   ACCESS_MASK AccessMode;
04385   USHORT ShareMode;
04386 } REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;
04387 
04388 #define SD_GLOBAL_CHANGE_TYPE_MACHINE_SID   1
04389 
04390 typedef struct _SD_CHANGE_MACHINE_SID_INPUT {
04391   USHORT CurrentMachineSIDOffset;
04392   USHORT CurrentMachineSIDLength;
04393   USHORT NewMachineSIDOffset;
04394   USHORT NewMachineSIDLength;
04395 } SD_CHANGE_MACHINE_SID_INPUT, *PSD_CHANGE_MACHINE_SID_INPUT;
04396 
04397 typedef struct _SD_CHANGE_MACHINE_SID_OUTPUT {
04398   ULONGLONG NumSDChangedSuccess;
04399   ULONGLONG NumSDChangedFail;
04400   ULONGLONG NumSDUnused;
04401   ULONGLONG NumSDTotal;
04402   ULONGLONG NumMftSDChangedSuccess;
04403   ULONGLONG NumMftSDChangedFail;
04404   ULONGLONG NumMftSDTotal;
04405 } SD_CHANGE_MACHINE_SID_OUTPUT, *PSD_CHANGE_MACHINE_SID_OUTPUT;
04406 
04407 typedef struct _SD_GLOBAL_CHANGE_INPUT {
04408   ULONG Flags;
04409   ULONG ChangeType;
04410   _ANONYMOUS_UNION union {
04411     SD_CHANGE_MACHINE_SID_INPUT SdChange;
04412   } DUMMYUNIONNAME;
04413 } SD_GLOBAL_CHANGE_INPUT, *PSD_GLOBAL_CHANGE_INPUT;
04414 
04415 typedef struct _SD_GLOBAL_CHANGE_OUTPUT {
04416   ULONG Flags;
04417   ULONG ChangeType;
04418   _ANONYMOUS_UNION union {
04419     SD_CHANGE_MACHINE_SID_OUTPUT SdChange;
04420   } DUMMYUNIONNAME;
04421 } SD_GLOBAL_CHANGE_OUTPUT, *PSD_GLOBAL_CHANGE_OUTPUT;
04422 
04423 #define ENCRYPTED_DATA_INFO_SPARSE_FILE    1
04424 
04425 typedef struct _EXTENDED_ENCRYPTED_DATA_INFO {
04426   ULONG ExtendedCode;
04427   ULONG Length;
04428   ULONG Flags;
04429   ULONG Reserved;
04430 } EXTENDED_ENCRYPTED_DATA_INFO, *PEXTENDED_ENCRYPTED_DATA_INFO;
04431 
04432 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_INPUT {
04433   ULONG Flags;
04434   ULONG NumberOfClusters;
04435   LARGE_INTEGER Cluster[1];
04436 } LOOKUP_STREAM_FROM_CLUSTER_INPUT, *PLOOKUP_STREAM_FROM_CLUSTER_INPUT;
04437 
04438 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_OUTPUT {
04439   ULONG Offset;
04440   ULONG NumberOfMatches;
04441   ULONG BufferSizeRequired;
04442 } LOOKUP_STREAM_FROM_CLUSTER_OUTPUT, *PLOOKUP_STREAM_FROM_CLUSTER_OUTPUT;
04443 
04444 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_PAGE_FILE          0x00000001
04445 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_DENY_DEFRAG_SET    0x00000002
04446 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_FS_SYSTEM_FILE     0x00000004
04447 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_FLAG_TXF_SYSTEM_FILE    0x00000008
04448 
04449 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_MASK          0xff000000
04450 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_DATA          0x01000000
04451 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_INDEX         0x02000000
04452 #define LOOKUP_STREAM_FROM_CLUSTER_ENTRY_ATTRIBUTE_SYSTEM        0x03000000
04453 
04454 typedef struct _LOOKUP_STREAM_FROM_CLUSTER_ENTRY {
04455   ULONG OffsetToNext;
04456   ULONG Flags;
04457   LARGE_INTEGER Reserved;
04458   LARGE_INTEGER Cluster;
04459   WCHAR FileName[1];
04460 } LOOKUP_STREAM_FROM_CLUSTER_ENTRY, *PLOOKUP_STREAM_FROM_CLUSTER_ENTRY;
04461 
04462 typedef struct _FILE_TYPE_NOTIFICATION_INPUT {
04463   ULONG Flags;
04464   ULONG NumFileTypeIDs;
04465   GUID FileTypeID[1];
04466 } FILE_TYPE_NOTIFICATION_INPUT, *PFILE_TYPE_NOTIFICATION_INPUT;
04467 
04468 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_BEGIN     0x00000001
04469 #define FILE_TYPE_NOTIFICATION_FLAG_USAGE_END       0x00000002
04470 
04471 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_PAGE_FILE,         0x0d0a64a1, 0x38fc, 0x4db8, 0x9f, 0xe7, 0x3f, 0x43, 0x52, 0xcd, 0x7c, 0x5c);
04472 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_HIBERNATION_FILE,  0xb7624d64, 0xb9a3, 0x4cf8, 0x80, 0x11, 0x5b, 0x86, 0xc9, 0x40, 0xe7, 0xb7);
04473 DEFINE_GUID(FILE_TYPE_NOTIFICATION_GUID_CRASHDUMP_FILE,    0x9d453eb7, 0xd2a6, 0x4dbd, 0xa2, 0xe3, 0xfb, 0xd0, 0xed, 0x91, 0x09, 0xa9);
04474 
04475 #ifndef _VIRTUAL_STORAGE_TYPE_DEFINED
04476 #define _VIRTUAL_STORAGE_TYPE_DEFINED
04477 typedef struct _VIRTUAL_STORAGE_TYPE {
04478   ULONG DeviceId;
04479   GUID VendorId;
04480 } VIRTUAL_STORAGE_TYPE, *PVIRTUAL_STORAGE_TYPE;
04481 #endif
04482 
04483 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST {
04484   ULONG RequestLevel;
04485   ULONG RequestFlags;
04486 } STORAGE_QUERY_DEPENDENT_VOLUME_REQUEST, *PSTORAGE_QUERY_DEPENDENT_VOLUME_REQUEST;
04487 
04488 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_HOST_VOLUMES    0x1
04489 #define QUERY_DEPENDENT_VOLUME_REQUEST_FLAG_GUEST_VOLUMES   0x2
04490 
04491 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY {
04492   ULONG EntryLength;
04493   ULONG DependencyTypeFlags;
04494   ULONG ProviderSpecificFlags;
04495   VIRTUAL_STORAGE_TYPE VirtualStorageType;
04496 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY;
04497 
04498 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY {
04499   ULONG EntryLength;
04500   ULONG DependencyTypeFlags;
04501   ULONG ProviderSpecificFlags;
04502   VIRTUAL_STORAGE_TYPE VirtualStorageType;
04503   ULONG AncestorLevel;
04504   ULONG HostVolumeNameOffset;
04505   ULONG HostVolumeNameSize;
04506   ULONG DependentVolumeNameOffset;
04507   ULONG DependentVolumeNameSize;
04508   ULONG RelativePathOffset;
04509   ULONG RelativePathSize;
04510   ULONG DependentDeviceNameOffset;
04511   ULONG DependentDeviceNameSize;
04512 } STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY, *PSTORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY;
04513 
04514 typedef struct _STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE {
04515   ULONG ResponseLevel;
04516   ULONG NumberEntries;
04517   _ANONYMOUS_UNION union {
04518     STORAGE_QUERY_DEPENDENT_VOLUME_LEV1_ENTRY Lev1Depends[0];
04519     STORAGE_QUERY_DEPENDENT_VOLUME_LEV2_ENTRY Lev2Depends[0];
04520   } DUMMYUNIONNAME;
04521 } STORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE, *PSTORAGE_QUERY_DEPENDENT_VOLUME_RESPONSE;
04522 
04523 #endif /* (_WIN32_WINNT >= 0x0601) */
04524 
04525 typedef struct _FILESYSTEM_STATISTICS {
04526   USHORT FileSystemType;
04527   USHORT Version;
04528   ULONG SizeOfCompleteStructure;
04529   ULONG UserFileReads;
04530   ULONG UserFileReadBytes;
04531   ULONG UserDiskReads;
04532   ULONG UserFileWrites;
04533