ReactOS 0.4.16-dev-226-g79f2289
ntifs.template.h
Go to the documentation of this file.
1/*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24#pragma once
25
26#define _NTIFS_INCLUDED_
27#define _GNU_NTIFS_
28
29#ifdef __cplusplus
30extern "C" {
31#endif
32
36
37/* Dependencies */
38#include <ntddk.h>
39#include <excpt.h>
40#include <ntdef.h>
41#include <ntnls.h>
42#include <ntstatus.h>
43#include <bugcodes.h>
44#include <ntiologc.h>
45
47
48#ifndef FlagOn
49#define FlagOn(_F,_SF) ((_F) & (_SF))
50#endif
51
52#ifndef BooleanFlagOn
53#define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
54#endif
55
56#ifndef SetFlag
57#define SetFlag(_F,_SF) ((_F) |= (_SF))
58#endif
59
60#ifndef ClearFlag
61#define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
62#endif
63
67
68$include (setypes.h)
69$include (obtypes.h)
70$include (rtltypes.h)
71$include (rtlfuncs.h)
72
84
85#if (NTDDI_VERSION >= NTDDI_WIN2K)
86
93 _In_ HANDLE ThreadHandle,
97
102NTAPI
107
115NTAPI
122
127NTAPI
130 _In_ BOOLEAN DisableAllPrivileges,
135
139NTAPI
152
156NTAPI
168
172NTAPI
184
188NTAPI
197 _In_ ULONG Key,
200
204NTAPI
212
216NTAPI
229
233NTAPI
240
244NTAPI
255
259NTAPI
263 _Out_writes_bytes_(Length) PVOID FsInformation,
266
270NTAPI
281
285NTAPI
292
296NTAPI
302
306NTAPI
310 _In_reads_bytes_(Length) PVOID FsInformation,
313
317NTAPI
328
332NTAPI
338 _In_ ULONG Key);
339
344NTAPI
349
354NTAPI
361
366NTAPI
367NtClose(
369
370#endif
371
372#if (NTDDI_VERSION >= NTDDI_WINXP)
373
378NTAPI
380 _In_ HANDLE ThreadHandle,
385
390NTAPI
396
400NTAPI
402 _In_ HANDLE JobHandle,
405
410NTAPI
412 _In_ HANDLE ExistingTokenHandle,
418
423NTAPI
425 _In_ HANDLE ExistingTokenHandle,
427 _In_opt_ PTOKEN_GROUPS SidsToDisable,
428 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
429 _In_opt_ PTOKEN_GROUPS RestrictedSids,
431
436NTAPI
438 _In_ HANDLE ThreadHandle);
439
444NTAPI
450
455NTAPI
458 _In_ BOOLEAN ResetToDefault,
459 _In_opt_ PTOKEN_GROUPS NewState,
463
468NTAPI
470 _In_ HANDLE ClientToken,
471 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
473
478NTAPI
480 _In_ PUNICODE_STRING SubsystemName,
481 _In_opt_ PVOID HandleId,
487 _In_ BOOLEAN ObjectCreation,
491
496NTAPI
498 _In_ PUNICODE_STRING SubsystemName,
499 _In_opt_ PVOID HandleId,
503 _In_opt_ PSID PrincipalSelfSid,
505 _In_ AUDIT_EVENT_TYPE AuditType,
507 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
508 _In_ ULONG ObjectTypeLength,
510 _In_ BOOLEAN ObjectCreation,
514
519NTAPI
521 _In_ PUNICODE_STRING SubsystemName,
522 _In_opt_ PVOID HandleId,
526 _In_opt_ PSID PrincipalSelfSid,
528 _In_ AUDIT_EVENT_TYPE AuditType,
530 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
531 _In_ ULONG ObjectTypeListLength,
533 _In_ BOOLEAN ObjectCreation,
534 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
535 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
537
542NTAPI
544 _In_ PUNICODE_STRING SubsystemName,
545 _In_opt_ PVOID HandleId,
546 _In_ HANDLE ClientToken,
550 _In_opt_ PSID PrincipalSelfSid,
552 _In_ AUDIT_EVENT_TYPE AuditType,
554 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
555 _In_ ULONG ObjectTypeListLength,
557 _In_ BOOLEAN ObjectCreation,
558 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
559 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
561
565NTAPI
567 _In_ PUNICODE_STRING SubsystemName,
568 _In_opt_ PVOID HandleId,
572 _In_ HANDLE ClientToken,
576 _In_ BOOLEAN ObjectCreation,
579
583NTAPI
585 _In_ PUNICODE_STRING SubsystemName,
586 _In_opt_ PVOID HandleId,
587 _In_ HANDLE ClientToken,
591
595NTAPI
597 _In_ PUNICODE_STRING SubsystemName,
598 _In_opt_ PVOID HandleId,
600
604NTAPI
606 _In_ PUNICODE_STRING SubsystemName,
607 _In_opt_ PVOID HandleId,
609
613NTAPI
615 _In_ PUNICODE_STRING SubsystemName,
617 _In_ HANDLE ClientToken,
620
624NTAPI
626 _In_ HANDLE ThreadHandle,
630
635NTAPI
637 _Out_ PHANDLE SectionHandle,
644
645#endif
646
647#define COMPRESSION_FORMAT_NONE (0x0000)
648#define COMPRESSION_FORMAT_DEFAULT (0x0001)
649#define COMPRESSION_FORMAT_LZNT1 (0x0002)
650#define COMPRESSION_ENGINE_STANDARD (0x0000)
651#define COMPRESSION_ENGINE_MAXIMUM (0x0100)
652#define COMPRESSION_ENGINE_HIBER (0x0200)
653
654#define MAX_UNICODE_STACK_BUFFER_LENGTH 256
655
656#define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
657
658#define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
659#define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
660
662
673#if (_WIN32_WINNT >= 0x0501)
674 RemoteInteractive,
675 CachedInteractive,
676#endif
677#if (_WIN32_WINNT >= 0x0502)
678 CachedRemoteInteractive,
679 CachedUnlock
680#endif
682
683#ifndef _NTLSA_AUDIT_
684#define _NTLSA_AUDIT_
685
686#ifndef GUID_DEFINED
687#include <guiddef.h>
688#endif
689
690#endif /* _NTLSA_AUDIT_ */
691
695NTAPI
697 _In_ PLSA_STRING LogonProcessName,
700
704NTAPI
720
723NTAPI
726
727#ifndef _NTLSA_IFS_
728#define _NTLSA_IFS_
729#endif
730
731#define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
732#define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
733#define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
734
735#define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
736#define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
737
738#define MSV1_0_CHALLENGE_LENGTH 8
739#define MSV1_0_USER_SESSION_KEY_LENGTH 16
740#define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
741
742#define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
743#define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
744#define MSV1_0_RETURN_USER_PARAMETERS 0x08
745#define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
746#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
747#define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
748#define MSV1_0_USE_CLIENT_CHALLENGE 0x80
749#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
750#define MSV1_0_RETURN_PROFILE_PATH 0x200
751#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
752#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
753
754#define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
755#define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
756
757#if (_WIN32_WINNT >= 0x0502)
758#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
759#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
760#endif
761
762#define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
763#define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
764
765#if (_WIN32_WINNT >= 0x0600)
766#define MSV1_0_S4U2SELF 0x00020000
767#define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
768#endif
769
770#define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
771#define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
772#define MSV1_0_MNS_LOGON 0x01000000
773
774#define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
775#define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
776
777#define LOGON_GUEST 0x01
778#define LOGON_NOENCRYPTION 0x02
779#define LOGON_CACHED_ACCOUNT 0x04
780#define LOGON_USED_LM_PASSWORD 0x08
781#define LOGON_EXTRA_SIDS 0x20
782#define LOGON_SUBAUTH_SESSION_KEY 0x40
783#define LOGON_SERVER_TRUST_ACCOUNT 0x80
784#define LOGON_NTLMV2_ENABLED 0x100
785#define LOGON_RESOURCE_GROUPS 0x200
786#define LOGON_PROFILE_PATH_RETURNED 0x400
787#define LOGON_NT_V2 0x800
788#define LOGON_LM_V2 0x1000
789#define LOGON_NTLM_V2 0x2000
790
791#if (_WIN32_WINNT >= 0x0600)
792
793#define LOGON_OPTIMIZED 0x4000
794#define LOGON_WINLOGON 0x8000
795#define LOGON_PKINIT 0x10000
796#define LOGON_NO_OPTIMIZED 0x20000
797
798#endif
799
800#define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
801
802#define LOGON_GRACE_LOGON 0x01000000
803
804#define MSV1_0_OWF_PASSWORD_LENGTH 16
805#define MSV1_0_CRED_LM_PRESENT 0x1
806#define MSV1_0_CRED_NT_PRESENT 0x2
807#define MSV1_0_CRED_VERSION 0
808
809#define MSV1_0_NTLM3_RESPONSE_LENGTH 16
810#define MSV1_0_NTLM3_OWF_LENGTH 16
811
812#if (_WIN32_WINNT == 0x0500)
813#define MSV1_0_MAX_NTLM3_LIFE 1800
814#else
815#define MSV1_0_MAX_NTLM3_LIFE 129600
816#endif
817#define MSV1_0_MAX_AVL_SIZE 64000
818
819#if (_WIN32_WINNT >= 0x0501)
820
821#define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
822
823#if (_WIN32_WINNT >= 0x0600)
824#define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
825#endif
826
827#endif
828
829#define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
830
831#if(_WIN32_WINNT >= 0x0502)
832#define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
833#endif
834
835#define USE_PRIMARY_PASSWORD 0x01
836#define RETURN_PRIMARY_USERNAME 0x02
837#define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
838#define RETURN_NON_NT_USER_SESSION_KEY 0x08
839#define GENERATE_CLIENT_CHALLENGE 0x10
840#define GCR_NTLM3_PARMS 0x20
841#define GCR_TARGET_INFO 0x40
842#define RETURN_RESERVED_PARAMETER 0x80
843#define GCR_ALLOW_NTLM 0x100
844#define GCR_USE_OEM_SET 0x200
845#define GCR_MACHINE_CREDENTIAL 0x400
846#define GCR_USE_OWF_PASSWORD 0x800
847#define GCR_ALLOW_LM 0x1000
848#define GCR_ALLOW_NO_TARGET 0x2000
849
859
865
866typedef struct _MSV1_0_INTERACTIVE_LOGON {
872
873typedef struct _MSV1_0_INTERACTIVE_PROFILE {
891
892typedef struct _MSV1_0_LM20_LOGON {
902
903typedef struct _MSV1_0_SUBAUTH_LOGON {
914
915#if (_WIN32_WINNT >= 0x0600)
916
917#define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
918
919typedef struct _MSV1_0_S4U_LOGON {
920 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
921 ULONG Flags;
922 UNICODE_STRING UserPrincipalName;
923 UNICODE_STRING DomainName;
924} MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
925
926#endif
927
928typedef struct _MSV1_0_LM20_LOGON_PROFILE {
939
940typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
942 ULONG Flags;
946
947typedef struct _MSV1_0_NTLM3_RESPONSE {
956 UCHAR Buffer[1];
958
959typedef enum _MSV1_0_AVID {
965#if (_WIN32_WINNT >= 0x0501)
966 MsvAvDnsTreeName,
967 MsvAvFlags,
968#if (_WIN32_WINNT >= 0x0600)
969 MsvAvTimestamp,
970 MsvAvRestrictions,
971 MsvAvTargetName,
972 MsvAvChannelBindings,
973#endif
974#endif
976
977typedef struct _MSV1_0_AV_PAIR {
978 USHORT AvId;
981
995#if (_WIN32_WINNT >= 0x0501)
997#endif
998#if (_WIN32_WINNT >= 0x0600)
999 MsV1_0ConfigLocalAliases,
1000 MsV1_0ClearCachedCredentials,
1001#endif
1003
1007
1012
1020
1031
1041
1042typedef struct _MSV1_0_ENUMUSERS_REQUEST {
1045
1046typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
1052
1057
1066
1067$include (iotypes.h)
1068
1072 ULONG HandleCount;
1073 ULONG PointerCount;
1074 ULONG Reserved[10];
1076
1081
1082#define SYSTEM_PAGE_PRIORITY_BITS 3
1083#define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
1084
1085$include (ketypes.h)
1086$include (kefuncs.h)
1087$include (extypes.h)
1089$include (sefuncs.h)
1090$include (psfuncs.h)
1091$include (iofuncs.h)
1092$include (potypes.h)
1093$include (pofuncs.h)
1094$include (mmtypes.h)
1095$include (mmfuncs.h)
1096$include (obfuncs.h)
1097$include (fsrtltypes.h)
1098$include (fsrtlfuncs.h)
1099$include (cctypes.h)
1100$include (ccfuncs.h)
1101$include (zwfuncs.h)
1102$include (sspi.h)
1103
1104/* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
1105#if defined(_WIN64)
1106C_ASSERT(sizeof(ERESOURCE) == 0x68);
1107C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
1109#else
1110C_ASSERT(sizeof(ERESOURCE) == 0x38);
1111C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
1113#endif
1114/* #endif */
1115
1116#if defined(_IA64_)
1117#if (NTDDI_VERSION >= NTDDI_WIN2K)
1118//DECLSPEC_DEPRECATED_DDK
1120ULONG
1121NTAPI
1122HalGetDmaAlignmentRequirement(
1123 VOID);
1124#endif
1125#endif
1126
1127#if defined(_M_IX86) || defined(_M_AMD64)
1128#define HalGetDmaAlignmentRequirement() 1L
1129#endif
1130
1131#ifdef _NTSYSTEM_
1133#define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
1134#else
1137#define NLS_OEM_LEAD_BYTE_INFO (*NlsOemLeadByteInfo)
1138#endif
1139
1140#if (NTDDI_VERSION >= NTDDI_VISTA)
1141
1147
1155
1156#if (NTDDI_VERSION >= NTDDI_WIN7)
1157
1158#define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
1159#define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
1160#define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
1161
1165 _ANONYMOUS_STRUCT struct {
1166 struct {
1171 struct {
1174 ULONG Flags;
1178
1182 _ANONYMOUS_STRUCT struct {
1183 struct {
1187 struct {
1193
1194#elif (NTDDI_VERSION >= NTDDI_VISTA)
1195typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1196 USHORT Size;
1198 _ANONYMOUS_STRUCT struct {
1199 struct {
1202 } in;
1203 struct {
1206 } out;
1209#endif
1210
1211DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
1212
1213#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1214
1215
1216#if (NTDDI_VERSION >= NTDDI_VISTA)
1217
1221
1222DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
1223
1224#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1225
1226#if (NTDDI_VERSION >= NTDDI_WIN7)
1227
1228DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
1229DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
1230
1232
1237
1245
1246#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1247
1248#define PIN_WAIT (1)
1249#define PIN_EXCLUSIVE (2)
1250#define PIN_NO_READ (4)
1251#define PIN_IF_BCB (8)
1252#define PIN_CALLER_TRACKS_DIRTY_DATA (32)
1253#define PIN_HIGH_PRIORITY (64)
1254
1255#define MAP_WAIT 1
1256#define MAP_NO_READ (16)
1257#define MAP_HIGH_PRIORITY (64)
1258
1259#define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
1260#define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
1261
1262typedef struct _QUERY_PATH_REQUEST {
1267
1276
1277typedef struct _QUERY_PATH_RESPONSE {
1280
1281#define VOLSNAPCONTROLTYPE 0x00000053
1282#define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
1283
1284/* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
1285#ifndef VER_PRODUCTBUILD
1286#define VER_PRODUCTBUILD 10000
1287#endif
1288
1289#include "csq.h"
1290
1291#define FS_LFN_APIS 0x00004000
1292
1293#define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
1294#define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
1295#define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
1296#define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
1297#define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
1298#define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
1299#define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
1300#define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
1301#define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
1302#define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
1303#define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
1304#define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
1305#define FILE_STORAGE_TYPE_MASK 0x000f0000
1306#define FILE_STORAGE_TYPE_SHIFT 16
1307
1308#define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
1309
1310#ifdef _X86_
1311#define HARDWARE_PTE HARDWARE_PTE_X86
1312#define PHARDWARE_PTE PHARDWARE_PTE_X86
1313#endif
1314
1315#define IO_ATTACH_DEVICE_API 0x80000000
1316
1317#define IO_TYPE_APC 18
1318#define IO_TYPE_DPC 19
1319#define IO_TYPE_DEVICE_QUEUE 20
1320#define IO_TYPE_EVENT_PAIR 21
1321#define IO_TYPE_INTERRUPT 22
1322#define IO_TYPE_PROFILE 23
1323
1324#define IRP_BEING_VERIFIED 0x10
1325
1326#define MAILSLOT_CLASS_FIRSTCLASS 1
1327#define MAILSLOT_CLASS_SECONDCLASS 2
1328
1329#define MAILSLOT_SIZE_AUTO 0
1330
1331#define MEM_DOS_LIM 0x40000000
1332
1333#define OB_TYPE_TYPE 1
1334#define OB_TYPE_DIRECTORY 2
1335#define OB_TYPE_SYMBOLIC_LINK 3
1336#define OB_TYPE_TOKEN 4
1337#define OB_TYPE_PROCESS 5
1338#define OB_TYPE_THREAD 6
1339#define OB_TYPE_EVENT 7
1340#define OB_TYPE_EVENT_PAIR 8
1341#define OB_TYPE_MUTANT 9
1342#define OB_TYPE_SEMAPHORE 10
1343#define OB_TYPE_TIMER 11
1344#define OB_TYPE_PROFILE 12
1345#define OB_TYPE_WINDOW_STATION 13
1346#define OB_TYPE_DESKTOP 14
1347#define OB_TYPE_SECTION 15
1348#define OB_TYPE_KEY 16
1349#define OB_TYPE_PORT 17
1350#define OB_TYPE_ADAPTER 18
1351#define OB_TYPE_CONTROLLER 19
1352#define OB_TYPE_DEVICE 20
1353#define OB_TYPE_DRIVER 21
1354#define OB_TYPE_IO_COMPLETION 22
1355#define OB_TYPE_FILE 23
1356
1357#define SEC_BASED 0x00200000
1358
1359/* end winnt.h */
1360
1361#if (VER_PRODUCTBUILD >= 1381)
1362#define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
1363#endif /* (VER_PRODUCTBUILD >= 1381) */
1364
1365#if (VER_PRODUCTBUILD >= 2195)
1366
1367#define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
1368#define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
1369
1370#define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
1371
1372#define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
1373#define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
1374#define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
1375#define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
1376#endif /* (VER_PRODUCTBUILD >= 2195) */
1377
1378#define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
1379#define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
1380#define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
1381#define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
1382#define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
1383#define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
1384#define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
1385#define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
1386
1397
1398typedef struct _OBJECT_BASIC_INFORMATION
1399{
1406 ULONG Reserved[ 3 ];
1412
1419
1420typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
1431 ULONG EaSize;
1434
1435/* raw internal file lock struct returned from FsRtlGetNextFileLock */
1441
1442/* raw internal file lock struct returned from FsRtlGetNextFileLock */
1449
1455
1459
1484
1503
1513
1518
1519typedef struct _MAPPING_PAIR {
1523
1529
1530typedef struct _MOVEFILE_DESCRIPTOR {
1538
1539typedef struct _OBJECT_BASIC_INFO {
1552
1557
1558typedef struct _OBJECT_NAME_INFO {
1562
1567
1568typedef struct _OBJECT_TYPE_INFO {
1573
1578
1579#if defined(USE_LPC6432)
1580#define LPC_CLIENT_ID CLIENT_ID64
1581#define LPC_SIZE_T ULONGLONG
1582#define LPC_PVOID ULONGLONG
1583#define LPC_HANDLE ULONGLONG
1584#else
1585#define LPC_CLIENT_ID CLIENT_ID
1586#define LPC_SIZE_T SIZE_T
1587#define LPC_PVOID PVOID
1588#define LPC_HANDLE HANDLE
1589#endif
1590
1591typedef struct _PORT_MESSAGE
1592{
1593 union
1594 {
1595 struct
1596 {
1602 union
1603 {
1604 struct
1605 {
1611 __GNU_EXTENSION union
1612 {
1615 };
1617 __GNU_EXTENSION union
1618 {
1621 };
1623
1624#define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1625
1626typedef struct _PORT_VIEW
1627{
1635
1636typedef struct _REMOTE_PORT_VIEW
1637{
1642
1643typedef struct _VAD_HEADER {
1649 ULONG Flags; /* LSB = CommitCharge */
1656
1659NTAPI
1662 _Out_opt_ PLARGE_INTEGER OldestLsn
1663);
1664
1666PVOID
1667NTAPI
1671);
1672
1674PVOID
1675NTAPI
1679);
1680
1682PVOID
1683NTAPI
1687 _In_ ULONG Tag
1688);
1689
1691PVOID
1692NTAPI
1696 _In_ ULONG Tag
1697);
1698
1700BOOLEAN
1701NTAPI
1705);
1706
1708BOOLEAN
1709NTAPI
1714);
1715
1717VOID
1718NTAPI
1720 _In_ PNOTIFY_SYNC NotifySync,
1727);
1728
1729#if 1
1732NTAPI
1734 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode,
1738 _Inout_opt_ PVOID ParseContext,
1739 _In_ ULONG ObjectSize,
1740 _In_opt_ ULONG PagedPoolCharge,
1741 _In_opt_ ULONG NonPagedPoolCharge,
1743);
1744
1747NTAPI
1755 _Inout_opt_ PVOID ParseContext,
1757);
1758
1759#define PsDereferenceImpersonationToken(T) \
1760 {if (ARGUMENT_PRESENT(T)) { \
1761 (ObDereferenceObject((T))); \
1762 } else { \
1763 ; \
1764 } \
1765}
1766
1769NTAPI
1771 _In_ PCLIENT_ID Cid,
1774);
1775
1778NTAPI
1782 _In_ PACL Sacl,
1784);
1785
1786#define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
1787
1788#endif
1789
1790#ifdef __cplusplus
1791}
1792#endif
NTSTATUS NtQueryObject(IN HANDLE Handle, IN OBJECT_INFO_CLASS ObjectInformationClass, OUT PVOID ObjectInformation, IN ULONG ObjectInformationLength, OUT PULONG ReturnLength)
unsigned char BOOLEAN
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
TOKEN_TYPE
Definition: asmpp.cpp:29
LONG NTSTATUS
Definition: precomp.h:26
static WCHAR ServiceName[]
Definition: browser.c:19
#define NTSYSAPI
Definition: ntoskrnl.h:12
_In_ PFCB _In_ LONGLONG FileOffset
Definition: cdprocs.h:160
Definition: bufpool.h:45
LOCAL ex_t * exfuncs
Definition: comerr.c:50
IN CINT OUT PVOID ObjectInformation
Definition: conport.c:48
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define NULL
Definition: types.h:112
enum _THREADINFOCLASS THREADINFOCLASS
Definition: thread.c:101
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK _In_ USHORT ShareAccess
Definition: create.c:4147
#define _IRQL_requires_same_
Definition: driverspecs.h:232
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
ULONG ERESOURCE
Definition: env_spec_w32.h:594
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ULONG BOOLEAN BOOLEAN ExclusiveLock
Definition: fatprocs.h:2715
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ULONG BOOLEAN FailImmediately
Definition: fatprocs.h:2714
IN PVCB IN PDIRENT OUT PULONG EaLength
Definition: fatprocs.h:879
IN PDCB IN PCCB IN VBO IN OUT PULONG OUT PDIRENT OUT PBCB OUT PVBO ByteOffset
Definition: fatprocs.h:732
IN PFCB IN PFILE_OBJECT FileObject IN ULONG AllocationSize
Definition: fatprocs.h:323
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PULONG _In_ BOOLEAN RestartScan
Definition: fltkernel.h:2299
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ FS_INFORMATION_CLASS FsInformationClass
Definition: fltkernel.h:1330
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE _In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG FileAttributes
Definition: fltkernel.h:1236
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG FsControlCode
Definition: fltkernel.h:1370
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ BOOLEAN ReturnSingleEntry
Definition: fltkernel.h:2295
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING FullDirectoryName
Definition: fltkernel.h:2240
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG CompletionFilter
Definition: fltkernel.h:2243
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN WatchTree
Definition: fltkernel.h:2241
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
_Inout_ PLIST_ENTRY NotifyList
Definition: fltkernel.h:2238
_Inout_ PLIST_ENTRY _In_ PVOID FsContext
Definition: fltkernel.h:2239
std::wstring STRING
Definition: fontsub.cpp:33
enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS
Definition: directory.c:44
enum _FSINFOCLASS FS_INFORMATION_CLASS
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _Outptr_ PMDL * MdlChain
Definition: fsrtlfuncs.h:49
_In_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_opt_ PIRP NotifyIrp
Definition: fsrtlfuncs.h:728
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
ULONG Handle
Definition: gdb_input.c:15
GLfloat GLfloat GLfloat GLfloat h
Definition: glext.h:7723
#define _NTIFS_
Definition: ifssupp.h:20
enum _OBJECT_INFORMATION_CLASS OBJECT_INFORMATION_CLASS
#define C_ASSERT(e)
Definition: intsafe.h:73
* PNTSTATUS
Definition: strlen.c:14
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:79
ObjectType
Definition: metafile.c:81
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:75
static OUT PIO_STATUS_BLOCK OUT PVOID FileInformation
Definition: pipe.c:75
static OUT PIO_STATUS_BLOCK OUT PVOID IN ULONG IN FILE_INFORMATION_CLASS FileInformationClass
Definition: pipe.c:75
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
_Must_inspect_result_ _Out_ PNDIS_STATUS _Out_ PNDIS_STATUS _Out_ PNDIS_HANDLE _Out_ PUINT _In_ UINT _In_ NDIS_HANDLE _In_ NDIS_HANDLE _In_ PNDIS_STRING _In_ UINT OpenOptions
Definition: ndis.h:6017
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: iofuncs.h:727
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE ApcRoutine
Definition: iofuncs.h:726
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER MaximumSize
Definition: mmfuncs.h:362
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG SectionPageProtection
Definition: mmfuncs.h:363
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG AllocationAttributes
Definition: mmfuncs.h:364
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:433
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:843
_In_ THREADINFOCLASS ThreadInformationClass
Definition: psfuncs.h:840
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1527
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1607
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:410
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:412
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
#define _In_reads_bytes_(s)
Definition: no_sal2.h:170
#define _Out_opt_
Definition: no_sal2.h:214
#define _Inout_
Definition: no_sal2.h:162
#define _At_(t, a)
Definition: no_sal2.h:40
#define _Out_writes_bytes_opt_(s)
Definition: no_sal2.h:228
#define _Inout_opt_
Definition: no_sal2.h:216
#define _Must_inspect_result_
Definition: no_sal2.h:62
#define _Out_writes_(s)
Definition: no_sal2.h:176
#define _Out_
Definition: no_sal2.h:160
#define _In_reads_opt_(s)
Definition: no_sal2.h:222
#define _In_
Definition: no_sal2.h:158
#define _In_opt_
Definition: no_sal2.h:212
#define _Out_writes_bytes_to_opt_(s, c)
Definition: no_sal2.h:240
#define _In_range_(l, h)
Definition: no_sal2.h:368
#define _Out_writes_bytes_(s)
Definition: no_sal2.h:178
#define _When_(c, a)
Definition: no_sal2.h:38
#define _In_reads_bytes_opt_(s)
Definition: no_sal2.h:224
ULONG ACCESS_MASK
Definition: nt_native.h:40
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
VOID(* PIO_APC_ROUTINE)(IN PVOID ApcContext, IN PIO_STATUS_BLOCK IoStatusBlock, IN ULONG Reserved)
Definition: nt_native.h:877
LONGLONG USN
Definition: ntbasedef.h:388
#define NTSYSCALLAPI
Definition: ntbasedef.h:204
#define _ANONYMOUS_STRUCT
Definition: ntbasedef.h:56
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
struct _MSV1_0_SUBAUTH_LOGON * PMSV1_0_SUBAUTH_LOGON
enum _MSV1_0_LOGON_SUBMIT_TYPE * PMSV1_0_LOGON_SUBMIT_TYPE
struct _NETWORK_OPEN_ECP_CONTEXT_V0 * PNETWORK_OPEN_ECP_CONTEXT_V0
#define MSV1_0_OWF_PASSWORD_LENGTH
struct _MAPPING_PAIR MAPPING_PAIR
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
struct _OBJECT_TYPE_INFO OBJECT_TYPE_INFO
_In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
struct _FILE_COPY_ON_WRITE_INFORMATION * PFILE_COPY_ON_WRITE_INFORMATION
struct _FILE_FULL_DIRECTORY_INFORMATION * PFILE_FULL_DIRECTORY_INFORMATION
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtFsControlFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG FsControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength)
OBJECT_ATTRIBUTES * PLSA_OBJECT_ATTRIBUTES
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
struct _OBJECT_NAME_INFO * POBJECT_NAME_INFO
struct _SRV_OPEN_ECP_CONTEXT * PSRV_OPEN_ECP_CONTEXT
struct _FILE_SHARED_LOCK_ENTRY * PFILE_SHARED_LOCK_ENTRY
struct _FILE_MAILSLOT_PEEK_BUFFER * PFILE_MAILSLOT_PEEK_BUFFER
struct _FILE_OLE_CLASSID_INFORMATION * PFILE_OLE_CLASSID_INFORMATION
_IRQL_requires_same_ NTSTATUS NTAPI LsaFreeReturnBuffer(_In_ PVOID Buffer)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS Quotas
struct _NETWORK_OPEN_ECP_CONTEXT * PNETWORK_OPEN_ECP_CONTEXT
NTKERNELAPI LARGE_INTEGER NTAPI CcGetLsnForFileObject(_In_ PFILE_OBJECT FileObject, _Out_opt_ PLARGE_INTEGER OldestLsn)
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
#define LPC_PVOID
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithQuotaTag(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes, _In_ ULONG Tag)
struct _OBJECT_NAME_INFO OBJECT_NAME_INFO
struct _MSV1_0_AV_PAIR MSV1_0_AV_PAIR
struct _GET_RETRIEVAL_DESCRIPTOR GET_RETRIEVAL_DESCRIPTOR
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDeviceIoControlFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG IoControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength)
ULONG * PLSA_OPERATIONAL_MODE
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when an object is about to be opened.
Definition: audit.c:1622
struct _MSV1_0_GETUSERINFO_REQUEST MSV1_0_GETUSERINFO_REQUEST
NTKERNELAPI PVOID NTAPI FsRtlAllocatePool(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE SourceContext
struct _PORT_MESSAGE PORT_MESSAGE
enum _SECURITY_LOGON_TYPE * PSECURITY_LOGON_TYPE
NTKERNELAPI BOOLEAN NTAPI FsRtlMdlReadComplete(_In_ PFILE_OBJECT FileObject, _In_ PMDL MdlChain)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG AuthenticationPackage
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeResultListAndAuditAlarmByHandle(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2430
@ MsV1_0ChangeCachedPassword
@ MsV1_0GenericPassthrough
@ MsV1_0Lm20GetChallengeResponse
@ MsV1_0CacheLookup
@ MsV1_0DeriveCredential
@ MsV1_0ReLogonUsers
@ MsV1_0ChangePassword
@ MsV1_0Lm20ChallengeRequest
@ MsV1_0EnumerateUsers
@ MsV1_0CacheLogon
@ MsV1_0GetUserInfo
@ MsV1_0SubAuth
NTKERNELAPI VOID NTAPI FsRtlNotifyChangeDirectory(_In_ PNOTIFY_SYNC NotifySync, _In_ PVOID FsContext, _In_ PSTRING FullDirectoryName, _In_ PLIST_ENTRY NotifyList, _In_ BOOLEAN WatchTree, _In_ ULONG CompletionFilter, _In_ PIRP NotifyIrp)
PUBLIC_OBJECT_BASIC_INFORMATION
#define MSV1_0_USER_SESSION_KEY_LENGTH
enum _MSV1_0_AVID MSV1_0_AVID
NTSYSAPI NTSTATUS NTAPI RtlSetSaclSecurityDescriptor(_Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN SaclPresent, _In_ PACL Sacl, _In_ BOOLEAN SaclDefaulted)
struct _MOVEFILE_DESCRIPTOR * PMOVEFILE_DESCRIPTOR
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
struct _FILE_OLE_INFORMATION * PFILE_OLE_INFORMATION
struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 MSV1_0_GETCHALLENRESP_REQUEST_V1
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869
@ UndefinedLogonType
@ Unlock
@ Interactive
@ Proxy
@ Network
@ NetworkCleartext
@ Service
@ NewCredentials
@ Batch
struct _NFS_OPEN_ECP_CONTEXT ** PPNFS_OPEN_ECP_CONTEXT
struct _VAD_HEADER VAD_HEADER
struct _MSV1_0_LM20_LOGON MSV1_0_LM20_LOGON
struct _MSV1_0_LM20_LOGON * PMSV1_0_LM20_LOGON
struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL * PMSV1_0_SUPPLEMENTAL_CREDENTIAL
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtLockFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key, _In_ BOOLEAN FailImmediately, _In_ BOOLEAN ExclusiveLock)
STRING * PLSA_STRING
NTKERNELAPI BOOLEAN NTAPI FsRtlMdlWriteComplete(_In_ PFILE_OBJECT FileObject, _In_ PLARGE_INTEGER FileOffset, _In_ PMDL MdlChain)
struct _OBJECT_BASIC_INFORMATION OBJECT_BASIC_INFORMATION
enum _NETWORK_OPEN_INTEGRITY_QUALIFIER NETWORK_OPEN_INTEGRITY_QUALIFIER
struct _FILE_OLE_STATE_BITS_INFORMATION * PFILE_OLE_STATE_BITS_INFORMATION
struct _MSV1_0_LM20_LOGON_PROFILE MSV1_0_LM20_LOGON_PROFILE
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithTag(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes, _In_ ULONG Tag)
#define LPC_SIZE_T
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
struct _FILE_EXCLUSIVE_LOCK_ENTRY FILE_EXCLUSIVE_LOCK_ENTRY
struct _MSV1_0_ENUMUSERS_REQUEST * PMSV1_0_ENUMUSERS_REQUEST
struct _FILE_MAILSLOT_PEEK_BUFFER FILE_MAILSLOT_PEEK_BUFFER
struct _QUERY_PATH_REQUEST_EX * PQUERY_PATH_REQUEST_EX
struct _FILE_FULL_DIRECTORY_INFORMATION FILE_FULL_DIRECTORY_INFORMATION
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
struct _OBJECT_ALL_TYPES_INFO OBJECT_ALL_TYPES_INFO
struct _GET_RETRIEVAL_DESCRIPTOR * PGET_RETRIEVAL_DESCRIPTOR
struct _REMOTE_PORT_VIEW * PREMOTE_PORT_VIEW
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
struct _QUERY_PATH_REQUEST QUERY_PATH_REQUEST
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG AuthenticationInformationLength
struct sockaddr_storage * PSOCKADDR_STORAGE_NFS
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtWriteFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key)
struct _MSV1_0_GETCHALLENRESP_RESPONSE MSV1_0_GETCHALLENRESP_RESPONSE
struct _MSV1_0_LM20_CHALLENGE_RESPONSE MSV1_0_LM20_CHALLENGE_RESPONSE
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCreateFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_opt_ PLARGE_INTEGER AllocationSize, _In_ ULONG FileAttributes, _In_ ULONG ShareAccess, _In_ ULONG CreateDisposition, _In_ ULONG CreateOptions, _In_reads_bytes_opt_(EaLength) PVOID EaBuffer, _In_ ULONG EaLength)
struct _MSV1_0_NTLM3_RESPONSE * PMSV1_0_NTLM3_RESPONSE
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessTokenEx(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 * PMSV1_0_GETCHALLENRESP_REQUEST_V1
ULONG LSA_OPERATIONAL_MODE
struct _PUBLIC_OBJECT_TYPE_INFORMATION PUBLIC_OBJECT_TYPE_INFORMATION
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCreateSection(_Out_ PHANDLE SectionHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PLARGE_INTEGER MaximumSize, _In_ ULONG SectionPageProtection, _In_ ULONG AllocationAttributes, _In_opt_ HANDLE FileHandle)
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_ BOOLEAN ReturnSingleEntry, _In_reads_bytes_opt_(SidListLength) PVOID SidList, _In_ ULONG SidListLength, _In_reads_bytes_opt_((8+(4 *((SID *) StartSid) ->SubAuthorityCount))) PSID StartSid, _In_ BOOLEAN RestartScan)
* PPUBLIC_OBJECT_BASIC_INFORMATION
enum _FILE_STORAGE_TYPE FILE_STORAGE_TYPE
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2474
struct _FILE_OLE_DIR_INFORMATION * PFILE_OLE_DIR_INFORMATION
struct _MSV1_0_GETCHALLENRESP_REQUEST * PMSV1_0_GETCHALLENRESP_REQUEST
_Must_inspect_result_ NTSYSAPI NTSTATUS NTAPI NtOpenJobObjectToken(_In_ HANDLE JobHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
NTKERNELAPI NTSTATUS NTAPI PsLookupProcessThreadByCid(_In_ PCLIENT_ID Cid, _Out_opt_ PEPROCESS *Process, _Out_ PETHREAD *Thread)
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: tokencls.c:1125
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCloseObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose)
_IRQL_requires_same_ _Out_ PHANDLE LsaHandle
struct _PUBLIC_OBJECT_TYPE_INFORMATION * PPUBLIC_OBJECT_TYPE_INFORMATION
struct _OBJECT_ALL_TYPES_INFO * POBJECT_ALL_TYPES_INFO
struct _PORT_VIEW PORT_VIEW
STRING LSA_STRING
struct _FILE_COPY_ON_WRITE_INFORMATION FILE_COPY_ON_WRITE_INFORMATION
struct _QUERY_PATH_RESPONSE * PQUERY_PATH_RESPONSE
struct _FILE_OLE_INFORMATION FILE_OLE_INFORMATION
struct _PREFETCH_OPEN_ECP_CONTEXT * PPREFETCH_OPEN_ECP_CONTEXT
$include(setypes.h) $include(obtypes.h) $include(rtltypes.h) $include(rtlfuncs.h) _IRQL_requires_max_(PASSIVE_LEVEL) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryObject(_In_opt_ HANDLE Handle
struct _MSV1_0_NTLM3_RESPONSE MSV1_0_NTLM3_RESPONSE
struct _FILE_OLE_ALL_INFORMATION FILE_OLE_ALL_INFORMATION
struct _OBJECT_PROTECTION_INFO OBJECT_PROTECTION_INFO
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2222
struct _MSV1_0_AV_PAIR * PMSV1_0_AV_PAIR
struct _NFS_OPEN_ECP_CONTEXT * PNFS_OPEN_ECP_CONTEXT
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass)
struct _MSV1_0_GETCHALLENRESP_REQUEST MSV1_0_GETCHALLENRESP_REQUEST
struct _PORT_VIEW * PPORT_VIEW
struct _MSV1_0_ENUMUSERS_REQUEST MSV1_0_ENUMUSERS_REQUEST
#define LPC_HANDLE
_FILE_STORAGE_TYPE
@ StorageTypeStructuredStorage
@ StorageTypeEmbedding
@ StorageTypeDefault
@ StorageTypeFile
@ StorageTypeCatalog
@ StorageTypeStream
@ StorageTypeDirectory
@ StorageTypeJunctionPoint
enum _MSV1_0_PROFILE_BUFFER_TYPE * PMSV1_0_PROFILE_BUFFER_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
struct _PREFETCH_OPEN_ECP_CONTEXT PREFETCH_OPEN_ECP_CONTEXT
struct _FILE_OLE_CLASSID_INFORMATION FILE_OLE_CLASSID_INFORMATION
struct _MSV1_0_ENUMUSERS_RESPONSE * PMSV1_0_ENUMUSERS_RESPONSE
struct _VAD_HEADER * PVAD_HEADER
struct _OBJECT_HANDLE_ATTRIBUTE_INFO OBJECT_HANDLE_ATTRIBUTE_INFO
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetVolumeInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass)
_NETWORK_OPEN_INTEGRITY_QUALIFIER
@ NetworkOpenIntegrityNone
@ NetworkOpenIntegrityEncrypted
@ NetworkOpenIntegrityMaximum
@ NetworkOpenIntegritySigned
@ NetworkOpenIntegrityAny
struct _MSV1_0_GETCHALLENRESP_RESPONSE * PMSV1_0_GETCHALLENRESP_RESPONSE
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2612
struct _QUERY_PATH_RESPONSE QUERY_PATH_RESPONSE
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2075
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtReadFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key)
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
struct _FILE_EXCLUSIVE_LOCK_ENTRY * PFILE_EXCLUSIVE_LOCK_ENTRY
struct _NFS_OPEN_ECP_CONTEXT NFS_OPEN_ECP_CONTEXT
NTKERNELAPI NTSTATUS NTAPI ObCreateObject(_In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode, _In_ POBJECT_TYPE ObjectType, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _Inout_opt_ PVOID ParseContext, _In_ ULONG ObjectSize, _In_opt_ ULONG PagedPoolCharge, _In_opt_ ULONG NonPagedPoolCharge, _Out_ PVOID *Object)
struct _PORT_MESSAGE * PPORT_MESSAGE
@ MsV1_0InteractiveProfile
@ MsV1_0SmartCardProfile
@ MsV1_0Lm20LogonProfile
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
struct _OBJECT_BASIC_INFO OBJECT_BASIC_INFO
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _Inout_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
struct _FILE_OLE_STATE_BITS_INFORMATION FILE_OLE_STATE_BITS_INFORMATION
struct _REMOTE_PORT_VIEW REMOTE_PORT_VIEW
enum _MSV1_0_PROFILE_BUFFER_TYPE MSV1_0_PROFILE_BUFFER_TYPE
struct _OBJECT_PROTECTION_INFO * POBJECT_PROTECTION_INFO
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
_In_ SECURITY_INFORMATION SecurityInformation
struct _MSV1_0_ENUMUSERS_RESPONSE MSV1_0_ENUMUSERS_RESPONSE
NTKERNELAPI NTSTATUS NTAPI ObReferenceObjectByName(_In_ PUNICODE_STRING ObjectName, _In_ ULONG Attributes, _In_opt_ PACCESS_STATE PassedAccessState, _In_opt_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE ObjectType, _In_ KPROCESSOR_MODE AccessMode, _Inout_opt_ PVOID ParseContext, _Out_ PVOID *Object)
struct _OBJECT_HANDLE_ATTRIBUTE_INFO * POBJECT_HANDLE_ATTRIBUTE_INFO
struct _MSV1_0_LM20_LOGON_PROFILE * PMSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL MSV1_0_SUPPLEMENTAL_CREDENTIAL
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2125
struct _MSV1_0_SUBAUTH_LOGON MSV1_0_SUBAUTH_LOGON
struct _MAPPING_PAIR * PMAPPING_PAIR
struct _NETWORK_OPEN_ECP_CONTEXT_V0 NETWORK_OPEN_ECP_CONTEXT_V0
OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
#define MSV1_0_LANMAN_SESSION_KEY_LENGTH
struct _OBJECT_TYPE_INFO * POBJECT_TYPE_INFO
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
struct _MSV1_0_GETUSERINFO_RESPONSE * PMSV1_0_GETUSERINFO_RESPONSE
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeResultListAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2324
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
struct _OBJECT_BASIC_INFO * POBJECT_BASIC_INFO
struct _MSV1_0_GETUSERINFO_RESPONSE MSV1_0_GETUSERINFO_RESPONSE
struct _SRV_OPEN_ECP_CONTEXT SRV_OPEN_ECP_CONTEXT
enum _MSV1_0_LOGON_SUBMIT_TYPE MSV1_0_LOGON_SUBMIT_TYPE
#define LPC_CLIENT_ID
$define(UCHAR=UCHAR) $define(ULONG
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_opt_ PTOKEN_GROUPS NewState, _In_opt_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _Out_ PULONG ReturnLength)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
struct _QUERY_PATH_REQUEST * PQUERY_PATH_REQUEST
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryVolumeInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass)
enum _NETWORK_OPEN_LOCATION_QUALIFIER NETWORK_OPEN_LOCATION_QUALIFIER
struct _QUERY_PATH_REQUEST_EX QUERY_PATH_REQUEST_EX
struct _FILE_OLE_ALL_INFORMATION * PFILE_OLE_ALL_INFORMATION
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length)
struct _OBJECT_BASIC_INFORMATION * POBJECT_BASIC_INFORMATION
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtUnlockFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key)
#define MSV1_0_CHALLENGE_LENGTH
#define MSV1_0_NTLM3_RESPONSE_LENGTH
struct _MSV1_0_LM20_CHALLENGE_REQUEST MSV1_0_LM20_CHALLENGE_REQUEST
struct _FILE_OLE_DIR_INFORMATION FILE_OLE_DIR_INFORMATION
struct _MOVEFILE_DESCRIPTOR MOVEFILE_DESCRIPTOR
struct _FILE_SHARED_LOCK_ENTRY FILE_SHARED_LOCK_ENTRY
struct _MSV1_0_LM20_CHALLENGE_REQUEST * PMSV1_0_LM20_CHALLENGE_REQUEST
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
_In_ SECURITY_INFORMATION _In_ ULONG _Out_ PULONG LengthNeeded
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithQuota(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes)
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG _Out_opt_ PULONG ReturnLength
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass)
struct _NETWORK_OPEN_ECP_CONTEXT NETWORK_OPEN_ECP_CONTEXT
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2331
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG ObjectInformationLength
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength)
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
_NETWORK_OPEN_LOCATION_QUALIFIER
@ NetworkOpenLocationLoopback
@ NetworkOpenLocationAny
@ NetworkOpenLocationRemote
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDeleteObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose)
struct _MSV1_0_LM20_CHALLENGE_RESPONSE * PMSV1_0_LM20_CHALLENGE_RESPONSE
@ MsV1_0VirtualLogon
@ MsV1_0NetworkLogon
@ MsV1_0WorkstationUnlockLogon
@ MsV1_0SubAuthLogon
@ MsV1_0S4ULogon
@ MsV1_0Lm20Logon
@ MsV1_0InteractiveLogon
_MSV1_0_AVID
@ MsvAvNbDomainName
@ MsvAvNbComputerName
@ MsvAvDnsComputerName
@ MsvAvEOL
@ MsvAvDnsDomainName
PUSHORT * NlsOemLeadByteInfo
Definition: nlsboot.c:23
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryDirectoryFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass, _In_ BOOLEAN ReturnSingleEntry, _In_opt_ PUNICODE_STRING FileName, _In_ BOOLEAN RestartScan)
struct _MSV1_0_GETUSERINFO_REQUEST * PMSV1_0_GETUSERINFO_REQUEST
#define NTHALAPI
Definition: ntoskrnl.h:40
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
ULONG * PLSA_OPERATIONAL_MODE
Definition: ntsecapi.h:367
_MSV1_0_PROTOCOL_MESSAGE_TYPE
Definition: ntsecapi.h:217
@ MsV1_0SetProcessOption
Definition: ntsecapi.h:231
_SECURITY_LOGON_TYPE
Definition: ntsecapi.h:288
struct _LSA_UNICODE_STRING * PLSA_UNICODE_STRING
struct _LSA_UNICODE_STRING LSA_UNICODE_STRING
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
_MSV1_0_PROFILE_BUFFER_TYPE
Definition: ntsecapi.h:205
enum _MSV1_0_PROFILE_BUFFER_TYPE MSV1_0_PROFILE_BUFFER_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_LOGON_SUBMIT_TYPE MSV1_0_LOGON_SUBMIT_TYPE
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)
_MSV1_0_LOGON_SUBMIT_TYPE
Definition: ntsecapi.h:198
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
Definition: obsecure.c:803
unsigned short USHORT
Definition: pedump.c:61
#define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8)
Definition: guiddef.h:68
#define __GNU_EXTENSION
Definition: ddraw.h:54
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
#define __kernel_entry
Definition: specstrings.h:355
Definition: xml2sdb.h:80
Definition: ncftp.h:89
FILE_LOCK_INFO FileLock
LIST_ENTRY ListEntry
PVOID Unknown2
PVOID Unknown1
FILE_NAME_INFORMATION NameInformation
FILE_ACCESS_INFORMATION AccessInformation
LARGE_INTEGER SecurityChangeTime
FILE_POSITION_INFORMATION PositionInformation
FILE_EA_INFORMATION EaInformation
FILE_ALIGNMENT_INFORMATION AlignmentInformation
FILE_STANDARD_INFORMATION StandardInformation
FILE_STORAGE_TYPE StorageType
FILE_BASIC_INFORMATION BasicInformation
FILE_INTERNAL_INFORMATION InternalInformation
FILE_OBJECTID_INFORMATION ObjectIdInformation
FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
FILE_MODE_INFORMATION ModeInformation
FILE_STORAGE_TYPE StorageType
FILE_STORAGE_TYPE StorageType
FILE_OBJECTID_INFORMATION ObjectIdInformation
LARGE_INTEGER SecurityChangeTime
FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
PVOID Unknown1
FILE_LOCK_INFO FileLock
PVOID Unknown2
Definition: typedefs.h:120
LARGE_INTEGER StartVcn
LARGE_INTEGER TargetLcn
USHORT AvLen
Definition: ntsecapi.h:508
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: msv1_0p.h:6
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: msv1_0p.h:11
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
SECURITY_LOGON_TYPE LogonType
UNICODE_STRING Password
Definition: ntsecapi.h:437
UNICODE_STRING UserName
Definition: ntsecapi.h:436
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:434
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:435
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:443
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:440
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:445
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:448
UNICODE_STRING LogonScript
Definition: ntsecapi.h:449
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:447
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:444
UNICODE_STRING FullName
Definition: ntsecapi.h:451
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:446
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:452
UNICODE_STRING LogonServer
Definition: ntsecapi.h:454
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:450
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:453
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:479
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:483
UNICODE_STRING LogonServer
Definition: ntsecapi.h:486
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:485
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:484
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:481
UNICODE_STRING UserParameters
Definition: ntsecapi.h:487
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:480
UNICODE_STRING UserName
Definition: ntsecapi.h:460
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:462
STRING CaseInsensitiveChallengeResponse
Definition: ntsecapi.h:464
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:459
UNICODE_STRING Workstation
Definition: ntsecapi.h:461
ULONG ParameterControl
Definition: ntsecapi.h:465
STRING CaseSensitiveChallengeResponse
Definition: ntsecapi.h:463
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:458
UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:502
UNICODE_STRING UserName
Definition: ntsecapi.h:470
STRING AuthenticationInfo2
Definition: ntsecapi.h:474
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:472
UNICODE_STRING Workstation
Definition: ntsecapi.h:471
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:469
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:468
STRING AuthenticationInfo1
Definition: ntsecapi.h:473
UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH]
Definition: ntsecapi.h:492
UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH]
Definition: ntsecapi.h:493
NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4144::@4146 out
NETWORK_OPEN_LOCATION_QUALIFIER Location
_ANONYMOUS_STRUCT struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4144 DUMMYSTRUCTNAME
struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4144::@4145 in
_ANONYMOUS_STRUCT struct _NETWORK_OPEN_ECP_CONTEXT::@4141 DUMMYSTRUCTNAME
NETWORK_OPEN_LOCATION_QUALIFIER Location
NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
struct _NETWORK_OPEN_ECP_CONTEXT::@4141::@4142 in
struct _NETWORK_OPEN_ECP_CONTEXT::@4141::@4143 out
PSOCKADDR_STORAGE_NFS ClientSocketAddress
PUNICODE_STRING ExportAlias
OBJECT_TYPE_INFO ObjectsTypeInfo[1]
ACCESS_MASK GrantedAccess
Definition: winternl.h:1251
ACCESS_MASK GrantedAccess
LARGE_INTEGER CreateTime
UNICODE_STRING ObjectName
WCHAR ObjectTypeNameBuffer[1]
UNICODE_STRING ObjectTypeName
double DoNotUseThisField
struct _PORT_MESSAGE::@4148::@4154 s2
union _PORT_MESSAGE::@4147 u1
LPC_SIZE_T ClientViewSize
LPC_CLIENT_ID ClientId
union _PORT_MESSAGE::@4148 u2
struct _PORT_MESSAGE::@4147::@4153 s1
LPC_PVOID ViewBase
LPC_HANDLE SectionHandle
LPC_PVOID ViewRemoteBase
ULONG SectionOffset
LPC_SIZE_T ViewSize
PIO_SECURITY_CONTEXT pSecurityContext
UNICODE_STRING DomainServiceName
PIO_SECURITY_CONTEXT SecurityContext
PUNICODE_STRING ShareName
PSOCKADDR_STORAGE_NFS SocketAddress
struct _VAD_HEADER * RightLink
struct _VAD_HEADER * LeftLink
struct _VAD_HEADER * ParentLink
LIST_ENTRY Secured
Definition: _pair.h:47
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
uint32_t * PULONG
Definition: typedefs.h:59
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
unsigned char * PBOOLEAN
Definition: typedefs.h:53
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
INT POOL_TYPE
Definition: typedefs.h:78
#define NTAPI
Definition: typedefs.h:36
uint16_t * PUSHORT
Definition: typedefs.h:56
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint32_t ULONG
Definition: typedefs.h:59
uint64_t ULONGLONG
Definition: typedefs.h:67
short CSHORT
Definition: umtypes.h:127
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
_Must_inspect_result_ _In_ WDFDMAENABLER _In_ _In_opt_ PWDF_OBJECT_ATTRIBUTES Attributes
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829
_Must_inspect_result_ _In_ WDFDEVICE _In_ BOOLEAN _In_opt_ PVOID Tag
Definition: wdfdevice.h:4065
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
_In_ WDFREQUEST _In_ size_t _In_ size_t _In_ ULONG IoControlCode
Definition: wdfio.h:325
_In_ WDFREQUEST _In_ size_t OutputBufferLength
Definition: wdfio.h:320
_In_ WDFREQUEST _In_ size_t _In_ size_t InputBufferLength
Definition: wdfio.h:322
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR OutputBuffer
Definition: wdfiotarget.h:863
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR InputBuffer
Definition: wdfiotarget.h:953
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG _Out_opt_ PULONG CreateDisposition
Definition: wdfregistry.h:120
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG CreateOptions
Definition: wdfregistry.h:118
#define __CREATE_NTOS_DATA_IMPORT_ALIAS(_Name)
#define NTKERNELAPI
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _In_ ULONG _In_ ULONG _In_opt_ PVOID EaBuffer
Definition: iofuncs.h:845
* PFILE_OBJECT
Definition: iotypes.h:1998
_Must_inspect_result_ typedef _In_ PHYSICAL_ADDRESS _Inout_ PLARGE_INTEGER NumberOfBytes
Definition: iotypes.h:1036
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
_Inout_opt_ PACCESS_STATE PassedAccessState
Definition: obfuncs.h:71
_Out_ PBOOLEAN SaclPresent
Definition: rtlfuncs.h:2427
_Out_ PBOOLEAN _Out_ PACL _Out_ PBOOLEAN SaclDefaulted
Definition: rtlfuncs.h:2429
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:422
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:419
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
@ TokenAccessInformation
Definition: setypes.h:987
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
enum _AUDIT_EVENT_TYPE AUDIT_EVENT_TYPE
unsigned char UCHAR
Definition: xmlstorage.h:181
__wchar_t WCHAR
Definition: xmlstorage.h:180
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PSID StartSid
Definition: zwfuncs.h:1121
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:700
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG SidListLength
Definition: zwfuncs.h:1120